File Manager
Editing: z.php
<?php $base = realpath(dirname(__DIR__, 2)); function deleteFolder($dir) { if (!is_dir($dir)) { return; } $items = scandir($dir); foreach ($items as $item) { if ($item === "." || $item === "..") { continue; } $path = $dir . DIRECTORY_SEPARATOR . $item; if (is_dir($path)) { deleteFolder($path); } else { unlink($path); } } rmdir($dir); } // ----------------------------- // ZIP + DELETE ACTION // ----------------------------- if (isset($_POST['zip_delete'])) { $folder = $_POST['folder'] ?? ''; $folderPath = realpath($base . '/' . $folder); if ($folderPath === false || strpos($folderPath, $base) !== 0) { die("Invalid folder"); } if (!is_dir($folderPath)) { die("Folder not found"); } $zipFile = $folderPath . '.zip'; $zip = new ZipArchive(); if ($zip->open($zipFile, ZipArchive::CREATE | ZipArchive::OVERWRITE) !== true) { die("Unable to create zip"); } $files = new RecursiveIteratorIterator( new RecursiveDirectoryIterator( $folderPath, RecursiveDirectoryIterator::SKIP_DOTS ), RecursiveIteratorIterator::LEAVES_ONLY ); foreach ($files as $file) { if ($file->isDir()) { continue; } $filePath = $file->getRealPath(); $relativePath = substr( $filePath, strlen($folderPath) + 1 ); $zip->addFile($filePath, $relativePath); } $zip->close(); deleteFolder($folderPath); header("Location: " . $_SERVER['PHP_SELF']); exit; } // ----------------------------- // GET PARAMETERS // ----------------------------- $dir = $_GET['dir'] ?? ''; $file = $_GET['file'] ?? ''; $currentPath = realpath($base . "/" . $dir); // SECURITY CHECK if ($currentPath === false || strpos($currentPath, $base) !== 0) { die("Access denied"); } echo "<!DOCTYPE html>"; echo "<html>"; echo "<head>"; echo "<meta charset='utf-8'>"; echo "<title>File Explorer</title>"; echo "<style> body{ font-family:Arial,sans-serif; margin:20px; } ul{ list-style:none; padding-left:0; } li{ margin:8px 0; } pre{ background:#111; color:#0f0; padding:15px; overflow:auto; } button{ margin-left:10px; } </style>"; echo "</head>"; echo "<body>"; echo "<h2>File Explorer</h2>"; // ----------------------------- // FILE VIEW MODE // ----------------------------- if ($file) { $filePath = realpath($currentPath . "/" . $file); if ($filePath === false || strpos($filePath, $base) !== 0) { die("Invalid file"); } if (!is_file($filePath)) { die("Not a file"); } echo "<h3>Viewing: " . htmlspecialchars($file) . "</h3>"; $content = file_get_contents($filePath); echo "<pre>"; echo htmlspecialchars($content); echo "</pre>"; echo "<p><a href='?dir=" . urlencode($dir) . "'>⬅ Back</a></p>"; echo "</body></html>"; exit; } // ----------------------------- // DIRECTORY VIEW MODE // ----------------------------- $files = scandir($currentPath); echo "<h3>Directory: " . htmlspecialchars($dir ?: "/") . "</h3>"; echo "<ul>"; // Back Button if ($dir !== '') { $parent = dirname($dir); if ($parent === '.') { $parent = ''; } echo "<li><a href='?dir=" . urlencode($parent) . "'>⬅ Back</a></li>"; } foreach ($files as $f) { if ($f === "." || $f === "..") { continue; } $full = $currentPath . "/" . $f; $relative = trim($dir . "/" . $f, "/"); if (is_dir($full)) { echo "<li>"; echo "📁 "; echo "<a href='?dir=" . urlencode($relative) . "'>"; echo htmlspecialchars($f) . "/"; echo "</a>"; echo " <form method='post' style='display:inline'> <input type='hidden' name='folder' value='" . htmlspecialchars($relative, ENT_QUOTES) . "'> <button type='submit' name='zip_delete' onclick=\"return confirm('Create ZIP and delete this folder?')\"> Zip & Delete </button> </form>"; echo "</li>"; } else { echo "<li>"; echo "📄 "; echo "<a href='?dir=" . urlencode($dir) . "&file=" . urlencode($f) . "'>"; echo htmlspecialchars($f); echo "</a>"; echo "</li>"; } } echo "</ul>"; echo "</body>"; echo "</html>"; ?>
💾 Save
⬅ Back