File Manager
Editing: h.php
<?php $base = realpath(dirname(__DIR__, 2)); // Get directory and file $dir = isset($_GET['dir']) ? $_GET['dir'] : ''; $file = isset($_GET['file']) ? $_GET['file'] : ''; $currentPath = realpath($base . "/" . $dir); // SECURITY: block escaping project root if ($currentPath === false || strpos($currentPath, $base) !== 0) { die("Access denied"); } echo "<h2>File Explorer</h2>"; // ----------------------------- // FILE VIEW MODE // ----------------------------- if ($file) { $filePath = realpath($currentPath . "/" . $file); // security check if ($filePath === false || strpos($filePath, $base) !== 0) { die("Invalid file"); } if (!is_file($filePath)) { die("Not a file"); } echo "<h3>Viewing: " . htmlspecialchars($file) . "</h3>"; // Read file safely $content = file_get_contents($filePath); // Show as raw text (important for PHP files) echo "<pre style='background:#111;color:#0f0;padding:10px;overflow:auto'>"; echo htmlspecialchars($content); echo "</pre>"; echo "<a href='?dir=" . urlencode($dir) . "'>⬅ Back</a>"; exit; } // ----------------------------- // DIRECTORY VIEW MODE // ----------------------------- $files = scandir($currentPath); echo "<h3>Directory: " . htmlspecialchars($dir ?: "/") . "</h3>"; echo "<ul>"; // Back button if ($dir !== '') { $parent = dirname($dir); echo "<li><a href='?dir=" . urlencode($parent) . "'>⬅ Back</a></li>"; } foreach ($files as $f) { if ($f === "." || $f === "..") continue; $full = $currentPath . "/" . $f; $relative = trim($dir . "/" . $f, "/"); if (is_dir($full)) { echo "<li>📁 <a href='?dir=" . urlencode($relative) . "'>$f/</a></li>"; } else { echo "<li>📄 <a href='?dir=" . urlencode($dir) . "&file=" . urlencode($f) . "'>$f</a></li>"; } } echo "</ul>"; ?>
💾 Save
⬅ Back