'; print_r($paths); echo ''; $path = $_GET['path']; } $currentpath = $ROOT . '/' . $path; $ACTION = $_POST['action']; if($_GET['action'] != '') $ACTION = $_GET['action']; $what = ''; if($ACTION == 'phpinfo') { phpinfo(); exit; }elseif($ACTION == 'shell' && $_POST['command'] != '') { if(RESTRICT_SHELL) { $SHELL_RET = '255'; $SHELL_OUTPUT[0] = 'Shell has been desactivated for security purpose !'; }else{ $line = exec($_POST['command'],$SHELL_OUTPUT,$SHELL_RET); } }elseif($ACTION == 'delete') { $file = $_POST['file']; if($_GET['file'] != '') $file = $_GET['file']; $what = $currentpath . '/' . $file; if(is_file($what)) $ACTION = 'file_delete'; if(is_dir($what)) $ACTION = 'folder_delete'; }elseif($ACTION == 'rename') { if($_POST['newname'] != $_POST['oldname']) { $ret = @rename($currentpath . '/' . $_POST['oldname'], $currentpath . '/' . $_POST['newname']); if(!$ret) { $tmp = error_get_last(); $DIRFILE_GET->err = $tmp['message']; } } }elseif($ACTION == 'chmod') { if($_POST['newchmod'] != $_POST['oldchmod']) { $ret = @chmod($currentpath . '/' . $_POST['name'], octdec($_POST['newchmod'])); if(!$ret) { $tmp = error_get_last(); $DIRFILE_GET->err = $tmp['message']; } } }elseif($ACTION == 'extract') { //print_r($_POST); //var_dump(class_exists('ZipArchive')); $zip = new ZipArchive(); $cmd = ''; if(substr($_POST['name'],-4) == '.zip') { if($_POST['where'] == 'extracthere') { $cmd = 'unzip -d ' . $currentpath . ' ' . $currentpath . '/' . $_POST['name']; }elseif($_POST['where'] == 'extracttoname') { $where = $currentpath . '/' . substr($_POST['name'], 0,strlen($_POST['name']) - 4); $cmd = 'unzip -d ' . $where . ' ' . $currentpath . '/' . $_POST['name']; } }elseif(substr($_POST['name'],-7) == '.tar.gz') { if($_POST['where'] == 'extracthere') { $cmd = 'tar -C ' . $currentpath . ' -xzf ' . $currentpath . '/' . $_POST['name']; }elseif($_POST['where'] == 'extracttoname') { $where = $currentpath . '/' . substr($_POST['name'], 0,strlen($_POST['name']) - 7); @mkdir($where); $cmd = 'tar -C ' . $where . ' -xzf ' . $currentpath . '/' . $_POST['name']; } }elseif(substr($_POST['name'],-4) == '.tgz') { if($_POST['where'] == 'extracthere') { $cmd = 'tar -C ' . $currentpath . ' -xzf ' . $currentpath . '/' . $_POST['name']; }elseif($_POST['where'] == 'extracttoname') { $where = $currentpath . '/' . substr($_POST['name'], 0,strlen($_POST['name']) - 4); @mkdir($where); $cmd = 'tar -C ' . $where . ' -xzf ' . $currentpath . '/' . $_POST['name']; } }elseif(substr($_POST['name'],-4) == '.tar') { if($_POST['where'] == 'extracthere') { $cmd = 'tar -C ' . $currentpath . ' -xf ' . $currentpath . '/' . $_POST['name']; }elseif($_POST['where'] == 'extracttoname') { $where = $currentpath . '/' . substr($_POST['name'], 0,strlen($_POST['name']) - 7); @mkdir($where); $cmd = 'tar -C ' . $where . ' -xf ' . $currentpath . '/' . $_POST['name']; } }elseif(substr($_POST['name'],-4) == '.bz2') { if($_POST['where'] == 'extracthere') { $cmd = 'tar -C ' . $currentpath . ' -xjf ' . $currentpath . '/' . $_POST['name']; }elseif($_POST['where'] == 'extracttoname') { $where = $currentpath . '/' . substr($_POST['name'], 0,strlen($_POST['name']) - 4); @mkdir($where); $cmd = 'tar -C ' . $where . ' -xjf ' . $currentpath . '/' . $_POST['name']; } }elseif(substr($_POST['name'],-3) == '.xz') { if($_POST['where'] == 'extracthere') { $cmd = 'tar -C ' . $currentpath . ' -xJf ' . $currentpath . '/' . $_POST['name']; }elseif($_POST['where'] == 'extracttoname') { $where = $currentpath . '/' . substr($_POST['name'], 0,strlen($_POST['name']) - 3); @mkdir($where); $cmd = 'tar -C ' . $where . ' -xJf ' . $currentpath . '/' . $_POST['name']; } } if($cmd != '') $line = exec($cmd,$ARRAY,$ret); //if($ret != 0) { $DIRFILE_GET->err = $ret . ': ' . $line . '
' . $cmd . ''; } if($ret != 0) { $DIRFILE_GET->err = $ret . ': ' . $line; } }elseif($ACTION == 'batch_chmod') { $BATCH['do'] = true; if($_POST['from'] != 'current' && $_POST['from'] != 'currentandchilds') $BATCH['do'] = false; if($_POST['what'] != 'file' && $_POST['what'] != 'dir' && $_POST['what'] != 'dirfile') $BATCH['do'] = false; if($_POST['chmod'] == '') $BATCH['do'] = false; if(strlen($_POST['chmod']) == 3) $_POST['chmod'] = '0' . $_POST['chmod']; if($BATCH['do']) { $BATCH['currentpath'] = $currentpath; $BATCH['post'] = $_POST; }else{ $DIRFILE_GET->err = 'Erreur dans le formulaire !'; } } function batch($path) { global $BATCH; $Rep = @opendir($path); while ($Item = readdir($Rep)) { if ($Item == '.' || $Item == '..') continue; if(is_dir($path.'/'.$Item)) { if($BATCH['post']['action'] == 'batch_chmod' && ($BATCH['post']['what'] == 'dir' || $BATCH['post']['what'] == 'dirfile')) @chmod($path.'/'.$Item, octdec($BATCH['post']['chmod'])); if($BATCH['post']['from'] == 'currentandchilds') batch($path . '/' . $Item); }else{ if($BATCH['post']['action'] == 'batch_chmod' && ($BATCH['post']['what'] == 'file' || $BATCH['post']['what'] == 'dirfile')) @chmod($path.'/'.$Item, octdec($BATCH['post']['chmod'])); } } closedir($Rep); } if($BATCH['do']) { //print_r($BATCH); batch($BATCH['currentpath']); } if($ACTION == 'folder_create') { $_POST['folder_name'] = trim($_POST['folder_name']); if(preg_match('/^[a-zA-Z1-9\.\s]+$/', $_POST['folder_name'])) { $ret = @mkdir($currentpath . '/' . $_POST['folder_name']); if($ret) { $_POST['folder_name'] = ''; }else{ $tmp = error_get_last(); $DIRFILE_GET->err = $tmp['message']; } }else{ $DIRFILE_GET->err = 'Caractere non autorise.'; } }elseif($ACTION == 'folder_delete') { if($what == '') $what = $currentpath; $ret = @rmdir($what); if(!$ret) { $tmp = error_get_last(); $DIRFILE_GET->err = $tmp['message']; } }elseif($ACTION == 'file_delete') { $ret = @unlink($what); if(!$ret) { $tmp = error_get_last(); $DIRFILE_GET->err = $tmp['message']; } }elseif($ACTION == 'file_upload_url' && $_POST['url'] != '') { $parse = parse_url($_POST['url']); //print_r($parse); var_dump(basename($parse['path'])); if($parse['scheme'] == 'http' || $parse['scheme'] == 'https') { $name = basename($parse['path']); $CONTENT = file_get_contents($_POST['url']); file_put_contents($currentpath . '/' . $name, $CONTENT); }else{ $DIRFILE_GET->err = 'Erreur !'; } }elseif(is_array($_FILES['FILE'])) { if($_FILES['FILE']['name'] == '') { $DIRFILE_GET->err = 'empty filename'; }elseif($_FILES['FILE']['error'] != 0) { $DIRFILE_GET->err = 'error code : ' . $_FILES['FILE']['error']; }else{ $ret = @move_uploaded_file($_FILES['FILE']['tmp_name'],$currentpath . '/' . $_FILES['FILE']['name']); if(!$ret) { $tmp = error_get_last(); $DIRFILE_GET->err = $tmp['message']; } } }elseif($ACTION == 'download') { $file = $_POST['file']; if($_GET['file'] != '') $file = $_GET['file']; if(substr($file, -4) == '.png') header("Content-type: image/png"); if(substr($file, -4) == '.jpg') header("Content-type: image/jpeg"); if(substr($file, -4) == '.gif') header("Content-type: image/gif"); if(substr($file, -4) == '.pdf') header("Content-type: application/pdf"); header("Content-Disposition: attachment; filename=".$file); readfile($currentpath . '/' . $file); exit; }elseif($ACTION == 'downloadinline') { $file = $_POST['file']; if($_GET['file'] != '') $file = $_GET['file']; if(substr($file, -4) == '.png') header("Content-type: image/png"); if(substr($file, -4) == '.jpg') header("Content-type: image/jpeg"); if(substr($file, -4) == '.gif') header("Content-type: image/gif"); if(substr($file, -4) == '.pdf') header("Content-type: application/pdf"); if(substr($file, -4) == '.php') header("Content-type: text/html"); if(substr($file, -4) == '.zip') header("Content-type: application/zip"); if(substr($file, -7) == '.tar.gz') header("Content-type: application/x-gzip"); header("Content-Disposition: inline; filename=".$file); $CONTENT = file_get_contents($currentpath . '/' . $file); if(substr($file, -4) == '.php') $CONTENT = highlight_string($CONTENT); echo $CONTENT; exit; } if(DEBUG) { echo '[debug] SERVER_NAME (VHOST) : ' . $_SERVER['SERVER_NAME'] . '
'; echo '[debug] DOCUMENT_ROOT (ROOT): ' . $_SERVER['DOCUMENT_ROOT'] . '
'; echo '[debug] SCRIPT_NAME: ' . $_SERVER['SCRIPT_NAME'] . '
'; echo '[debug] dir(FILE): ' . dirname(__FILE__) . '
'; echo '[debug] GET[path] : ' . $_GET['path'] . '
'; if(count($_GET) > 0) { echo 'GET
'; print_r($_GET); echo '
'; } if(count($_POST) > 0) { echo 'POST
'; print_r($_POST); echo '
'; } if(count($_FILES) > 0) { echo 'FILES
'; print_r($_FILES); echo '
'; } echo '[debug] ROOT : ' . $ROOT . '
'; echo '[debug] path : ' . $path . '
'; echo '[debug] currentpath : ' . $currentpath . '
'; } function alt_stat($file) { clearstatcache(); $ss = @stat($file); if(!$ss) return false; $ts=array( 0140000=>'ssocket', 0120000=>'llink', 0100000=>'-file', 0060000=>'bblock', 0040000=>'ddir', 0020000=>'cchar', 0010000=>'pfifo' ); $p=$ss['mode']; $t=decoct($ss['mode'] & 0170000); // File Encoding Bit $str =(array_key_exists(octdec($t),$ts))?$ts[octdec($t)]{0}:'u'; $str.=(($p&0x0100)?'r':'-').(($p&0x0080)?'w':'-'); $str.=(($p&0x0040)?(($p&0x0800)?'s':'x'):(($p&0x0800)?'S':'-')); $str.=(($p&0x0020)?'r':'-').(($p&0x0010)?'w':'-'); $str.=(($p&0x0008)?(($p&0x0400)?'s':'x'):(($p&0x0400)?'S':'-')); $str.=(($p&0x0004)?'r':'-').(($p&0x0002)?'w':'-'); $str.=(($p&0x0001)?(($p&0x0200)?'t':'x'):(($p&0x0200)?'T':'-')); $s=array( 'stat' => $ss, 'perms'=>array( 'umask'=>sprintf("%04o",@umask()), 'human'=>$str, 'octal1'=>sprintf("%o", ($ss['mode'] & 000777)), 'octal2'=>sprintf("0%o", 0777 & $p), 'decimal'=>sprintf("%04o", $p), 'fileperms'=>@fileperms($file), 'mode1'=>$p, 'mode2'=>$ss['mode']), 'owner'=>array( 'fileowner'=>$ss['uid'], 'filegroup'=>$ss['gid'], 'owner'=>(function_exists('posix_getpwuid'))?@posix_getpwuid($ss['uid']):'', 'group'=>(function_exists('posix_getgrgid'))?@posix_getgrgid($ss['gid']):''), 'file'=>array( 'filename'=>$file, 'realpath'=>(@realpath($file) != $file) ? @realpath($file) : $file, 'dirname'=>@dirname($file), 'basename'=>@basename($file)), 'filetype'=>array( 'type'=>substr($ts[octdec($t)],1), 'type_octal'=>sprintf("%07o", octdec($t)), 'is_file'=>@is_file($file), 'is_dir'=>@is_dir($file), 'is_link'=>@is_link($file), 'is_readable'=> @is_readable($file), 'is_writable'=> @is_writable($file)), 'device'=>array( 'device'=>$ss['dev'], //Device 'device_number'=>$ss['rdev'], //Device number, if device. 'inode'=>$ss['ino'], //File serial number 'link_count'=>$ss['nlink'], //link count 'link_to'=>($s['type']=='link') ? @readlink($file) : ''), 'size'=>array( 'size'=>$ss['size'], //Size of file, in bytes. 'blocks'=>$ss['blocks'], //Number 512-byte blocks allocated 'block_size'=> $ss['blksize'] //Optimal block size for I/O. ), 'time'=>array( 'mtime'=>$ss['mtime'], //Time of last modification 'atime'=>$ss['atime'], //Time of last access. 'ctime'=>$ss['ctime'], //Time of last status change 'accessed'=>@strftime('%e %b %Y %H:%M',$ss['atime']), 'modified'=>@strftime('%Y-%m-%d %H:%M',$ss['mtime']), 'created'=>@strftime('%e %b %Y %H:%M',$ss['ctime'])), ); if($ss['size'] > 1073741824) { $s['size']['hsize'] = round($ss['size'] / 1073741824,0) . ' Go'; }elseif($ss['size'] > 1048576) { $s['size']['hsize'] = round($ss['size'] / 1048576,0) . ' Mo'; }elseif($ss['size'] > 1024) { $s['size']['hsize'] = round($ss['size'] / 1024,0) . ' Ko'; }else{ $s['size']['hsize'] = $ss['size'] . ' o'; } if(substr($file,-4) == '.tar' || substr($file,-3) == '.gz' || substr($file,-4) == '.zip' || substr($file,-7) == '.tar.gz') $s['extra']['is_extractable'] = true; if(substr($file,-4) == '.bz2' || substr($file,-3) == '.xz' || substr($file,-4) == '.tgz') $s['extra']['is_extractable'] = true; clearstatcache(); return $s; } function cmp($ab, $bb) { $a = $ab->Name; $b = $bb->Name; if ($a == $b) { return 0; } return ($a < $b) ? -1 : 1; } if($_GET['popup'] == 'yes') { ?> 1FilePhpExplorer <?php echo VERSION; ?>
Renommer le fichier / dossier
Nom actuel :
Nouveau nom:
CHMOD
Droits actuels :
Nouveau droit:
Actions habituelles (peut ne pas fonctionner selon votre configuration) :
[Fichiers créés par le serveur web devant être en écriture pour un compte FTP]
[Répertoires créés par le serveur web devant être en écriture pour un compte FTP]
DECOMPRESSION / EXTRACTION
<< retour
<< retour
<< retour
Sorry, not yet supported !
<< retour
/** 1FilePhpExplorer : A single PHP file to browse
* @link https://sourceforge.net/projects/one1filephpexplorer/
* @author Yves Reveillon, http://www.eurower.fr/
* @copyright 2015 Yves Reveillon
* @license http://www.apache.org/licenses/LICENSE-2.0 Apache License, Version 2.0
* @license http://www.gnu.org/licenses/gpl-2.0.html GNU General Public License, version 2 (one or other)
* @version 0.1.1
*/

Cette application est un explorateur de fichiers.
Elle permet de parcourir l'arborescence d'un site internet à la façon d'un navigateur web (avec les mêmes droits).
Les fichiers non accessibles par cette application ne le seront pas, sous certaines conditions, par un navigateur web.

A UTILISER AVEC PRUDENCE : CETTE APPLICATION PERMET D'AFFICHER LE CODE SOURCE DE VOS FICHIERS PHP ET DE TOUT AUTRES SCRIPTS !
$DIRFILEMAX) { $DIRFILEMAXREACHED = true; break; } $DIRFILECOUNT++; if(is_dir($currentpath.'/'.$Item)) { $Index = count($DIR); $DIR[$Index]->FileType = @filetype($currentpath.'/'.$Item); $DIR[$Index]->Name = $Item; $DIR[$Index]->Stat = alt_stat($currentpath.'/'.$Item); }else{ $Index = count($FILE); $FILE[$Index]->FileType = @filetype($currentpath.'/'.$Item); $FILE[$Index]->Name = $Item; $FILE[$Index]->Stat = alt_stat($currentpath.'/'.$Item); } } closedir($Rep); }else{ $DIRFILE_GET->err = 'Unable to open directory : insufficient permission.'; } uasort($DIR, 'cmp'); uasort($FILE, 'cmp'); $DIRFILE = array_merge($DIR, $FILE); //echo '
'; print_r($DIRFILE); echo '
'; $me = (function_exists('posix_getpwuid'))?@posix_getpwuid(posix_getuid()):posix_getuid(); $meg = (function_exists('posix_getgrgid'))?@posix_getgrgid(posix_getgrgid()):posix_getgid(); if(DEBUG) { echo '[debug] me :
'; print_r($me); echo '

'; echo '[debug] meg:
'; print_r($meg); echo '

'; } ?> 1FilePhpExplorer <?php echo VERSION; ?>
Fermer

Contenu de

/!\ Cette application, en accès public, permet de visualiser le code source PHP /!\
$val) { //if(DEBUG) { echo '[debug] Add to breadcrumb : ' . $val; } $_tmp2 .= '/' . $val; ?> / 
Vous naviguer actuellement en tant que /
/>
Depuis un fichier local
/>
Depuis une URL
/>
Suppression en lot (à partir de ce répertoire)
n/a
Seuls les fichiers et répertoires dont les permissions le permettent seront impactés par cette opération
Pour , modifier les avec la permission
Actions habituelles (peut ne pas fonctionner selon votre configuration) :
[Fichiers créés par le serveur web devant être en écriture pour un compte FTP]     [Répertoires créés par le serveur web devant être en écriture pour un compte FTP]
Les commandes shell sont envoyées telles quelles au serveur. Attention à bien savoir ce que vous faites !
$ ' . $_POST['command'] . '
'; foreach($SHELL_OUTPUT as $key => $val) echo '
' . htmlentities($val) . '
'; echo '
Code retour : ' . $SHELL_RET . '
'; } ?>
Affichage maximum :
Ce paramètre permet de limiter le nombre d'éléments par page. Ceci peut être utile pour des dossiers contenant plusieurs milliers de fichiers.
Dans ce cas, l'affichage est limité aux éléments trouvés dans l'ordre d'apparence dans le système de fichiers.
Voir le PHPInfo
err)) { ?>
  Nom du fichier / dossier Actions Taille Propriétaire Groupe Permissions Modification
Max file () reached !
For stability reason, no more file or dir can be displayed for this directory.
Note that items are stats in filesystem order.
err; ?>
Stat['filetype']['is_dir']) { $path2go = (($path == '') ? '' : $path . '/') . $DirFile->Name; if($DirFile->Name == '.') $path2go = $path; if($DirFile->Name == '..') { $_tmp = explode('/',$path2go); //echo '
'; print_r($_tmp); echo '
'; $_tmp = array_slice($_tmp,0,count($_tmp)-2); //echo '
'; print_r($_tmp); echo '
'; $path2go = implode('/',$_tmp); } ?> Stat['file']['realpath'] == $_SERVER['SCRIPT_FILENAME']) { ?>
Name?> (I am this script :-D)
Name,-4) == '.php') { ?>
Name?>
Name,-4) == '.jpg') { ?>
Name?>
Name,-4) == '.gif') { ?>
Name?>
Name,-4) == '.png') { ?>
Name?>
Name,-4) == '.bmp') { ?>
Name?>
Name,-4) == '.exe') { ?>
Name?>
Name,-4) == '.bat') { ?>
Name?>
Name,-4) == '.css') { ?>
Name?>
Name,-4) == '.pdf') { ?>
Name?>
Name,-4) == '.zip') { ?>
Name?>
Name,-3) == '.gz') { ?>
Name?>
Name,-4) == '.tar') { ?>
Name?>
Name,-4) == '.txt') { ?>
Name?>
Name,-4) == '.log') { ?>
Name?>
Name,-5) == '.html') { ?>
Name?>
Name,-4) == '.htm') { ?>
Name?>
Name,-3) == '.js') { ?>
Name?>
Name?>
Name != '.' && $DirFile->Name != '..') { ?> FileType == 'file' && $DirFile->Stat['filetype']['is_readable'])) echo 'style="visibility:hidden;"' ?>>   FileType == 'file' && $DirFile->Stat['filetype']['is_readable'])) echo 'style="visibility:hidden;"' ?>>     Stat['filetype']['is_writable']) echo 'style="visibility:hidden;"' ?>>   Stat['extra']['is_extractable']) echo 'style="visibility:hidden;"' ?>>   Stat['filetype']['is_writable']) echo 'style="visibility:hidden;"' ?>>   Stat['filetype']['is_dir']) echo display($DirFile->Stat['size']['hsize'],'? o'); ?>  Stat['owner']['owner']['name']); ?> Stat['owner']['owner']['uid']); ?> Stat['owner']['group']['name']); ?> Stat['owner']['group']['gid']); ?> Stat['perms']['human'],'?',7); ?> Stat['perms']['octal1']; ?>    
Stat['filetype']['is_writable']) echo 'style="visibility:hidden;"' ?>>  Stat['filetype']['is_readable']) echo 'style="visibility:hidden;"' ?>>   Stat['filetype']['is_readable']) echo 'style="visibility:hidden;"' ?>>
Stat['time']['modified'],'0000-00-00 00:00'); ?>
| Yves Réveillon - eurower.fr | Project on 1FilePhpExplorer | Project on Sourceforge | A propos
'; print_r($DIRFILE); echo ''; ?>