whoami7 - Manager
:
/
home
/
bleuhbh
/
www
/
root
/
public
/
skyfall
/
Upload File:
files >> /home/bleuhbh/www/root/public/skyfall/index.php
<?php // Le dossier racine à afficher $baseDir = '../../../Skyfall'; // Changez ce chemin selon vos besoins // Le chemin relatif demandé via l'URL $relPath = isset($_GET['path']) ? $_GET['path'] : ''; $relPath = trim($relPath, '/'); // Calcul du chemin absolu sécurisé $currentPath = realpath($baseDir . '/' . $relPath); // Protection : ne pas sortir du dossier de base TODO: pas du tout safe // if ($currentPath === false || strpos($currentPath, $baseDir) !== 0) { if ($currentPath === false) { die('Accès interdit'); } // Télécharger un fichier si demandé if (isset($_GET['download'])) { $fileToDownload = realpath($baseDir . '/' . urldecode($_GET['download'])); // echo "{$fileToDownload}\n"; // output: /home/bleuhbh/www/Skyfall/Casa de papel - Saison 3/La.Casa.De.Papel.S03E02.FRENCH.720p.NF.WEB-DL.DD5.1.x264-Wawacity.cc.mkv if ($fileToDownload !== false && is_file($fileToDownload)) { // Clear any previous output if (ob_get_level()) { ob_end_clean(); } // Force download headers header('Content-Description: File Transfer'); header('Content-Type: application/octet-stream'); header('Content-Disposition: attachment; filename="' . basename($fileToDownload) . '"'); header('Content-Transfer-Encoding: binary'); header('Expires: 0'); header('Cache-Control: must-revalidate'); header('Pragma: public'); header('Content-Length: ' . filesize($fileToDownload)); // Disable compression if server uses it (e.g., mod_deflate) if (function_exists('apache_setenv')) { apache_setenv('no-gzip', '1'); } // Send file readfile($fileToDownload); exit; } else { header('Content-Type: text/plain; charset=utf-8'); echo "Erreur : fichier invalide\n"; echo "Chemin demandé : {$_GET['download']}\n"; echo "Chemin réel : {$fileToDownload}\n"; echo "Fichier valide ? " . (is_file($fileToDownload) ? "Oui" : "Non") . "\n"; echo "Dans le dossier autorisé ? " . (strpos($fileToDownload, realpath($baseDir)) === 0 ? "Oui" : "Non") . "\n"; exit; } } // Lire les fichiers et dossiers $items = scandir($currentPath); ?> <!DOCTYPE html> <html> <head> <meta charset="UTF-8"> <title>Explorateur de fichiers</title> <style> body { font-family: sans-serif; padding: 20px; } a { text-decoration: none; color: #0066cc; } ul { list-style-type: none; padding-left: 0; } </style> </head> <body> <?php if ($relPath !== '.'): ?> <h2><?= htmlspecialchars(substr($relPath, 2)) ?></h2> <?php endif; ?> <ul> <?php if ($currentPath !== $baseDir): ?> <li><a href="?path=<?= urlencode(dirname($relPath)) ?>">⬅️ Revenir</a></li> <?php endif; ?> <?php foreach ($items as $item): ?> <?php if ($item === '.' || $item === '..') continue; $itemPath = $currentPath . '/' . $item; $itemRelPath = ltrim($relPath . '/' . $item, '/'); ?> <li> <?php if (is_dir($itemPath)): ?> 📁 <a href="?path=<?= urlencode($itemRelPath) ?>"><?= htmlspecialchars($item) ?></a> <?php elseif (is_file($itemPath)): ?> <!-- 📄 <a href="?path=<?= urlencode($relPath) ?>&download=<?= urlencode($item) ?>"><?= htmlspecialchars($item) ?></a> --> <!-- 📄 <a href="?path=<?= urlencode($itemRelPath) ?>&download=<?= urlencode($item) ?>"><?= htmlspecialchars($item) ?></a> --> 📄 <a href="?path=<?= urlencode($relPath) ?>&download=<?= urlencode($itemRelPath) ?>"><?= htmlspecialchars($item) ?></a> <?php endif; ?> </li> <?php endforeach; ?> </ul> </body> </html>
Copyright ©2021 || Defacer Indonesia