<?php if ( (!isset($_SERVER['PHP_AUTH_USER'])) && (!isset($_SERVER['PHP_AUTH

1. <?php
2.  
3. if ( (!isset($_SERVER['PHP_AUTH_USER'])) && (!isset($_SERVER['PHP_AUTH_PW'])) ) {
4. header('WWW-Authenticate: basic realm="Login"');
5. header('HTTP/1.0 401 Unauthorized');
6. echo 'Please login to continue.';
7. exit();
8. }
9. else {
10. $user=$_SERVER['PHP_AUTH_USER'];
11. $pass=$_SERVER['PHP_AUTH_PW'];
12. if ($user == 'Happy' && $pass == '****') { $loggedin=1; }
13. }
14.  
15. if (!$loggedin) {
16. die('invalid login');
17. }
18.  
19.  
20. $path='/home/holzbit/srcds/orangebox/cstrike/';
21. $uri=$_SERVER['REQUEST_URI'];
22.  
23. if ($_GET['edit']) {
24. $_dir=$_GET['edit'];
25. if (preg_match('/(.+)\/.+$/',$_dir,$match)) {
26. $_GET['dir']=urlencode($match[1]);
27. $_dir=$_GET['dir'];
28. }
29.  
30. $edit1=urldecode($_GET['edit']);
31. $edit2=$path.$edit1;
32. $file=file_get_contents($edit2);
33. echo '<form action="/index.php?dir='.$_dir.'" method="POST">';
34. echo '<textarea style="width:100%;height:90%;" name="content">';
35. echo $file;
36. echo '</textarea>';
37. echo '<input type="hidden" name="file" value="'.$edit1.'">';
38. echo '<div align="center"><input type="submit" value="Save" name="save"></div>';
39. echo '</form>';
40.  
41. }
42. if ($_GET['remove']) {
43. $remove=urldecode($_GET['remove']);
44. $file=$path.$remove;
45. if (preg_match('/(.+)\/.+$/',$remove,$match)) {
46. $_GET['dir']=urlencode($match[1]);
47. }
48. unlink($file);
49. echo '<center><p>File Deleted</p></center>';
50.  
51. }
52. if ($_GET['rename']) {
53. $remove=urldecode($_GET['rename']);
54. $file=$path.$remove;
55. if (preg_match('/(.+)\/.+$/',$remove,$match)) {
56. $_GET['dir']=urlencode($match[1]);
57. }
58. }
59. if ($_POST['dorename']) {
60. $_GET['dir']=$_POST['dir'];
61. $file=urldecode($_POST['file']);
62. $dir=urldecode($_POST['dir']);
63. $new=$_POST['rename'];
64. rename($path.$file,$path.$dir.'/'.$new);
65. echo '<center>File Renamed</center><br>';
66. }
67. if ($_POST['upload']) {
68. $uploads_dir=$path.urldecode($_POST['dir']);
69. foreach ($_FILES as $key => $val) {
70. $name=$val['name']; $tmp_name=$val['tmp_name']; $size=$val['size'];
71. if ($size) {
72. move_uploaded_file($tmp_name, "$uploads_dir/$name");
73. }
74. }
75. echo "<Center>Upload Complete</center>";
76. }
77. if ($_POST['save']) {
78. $edit=$path.urldecode($_POST['file']);
79. $content=$_POST['content'];
80. if (is_file($edit)) {
81. file_put_contents($edit, $content);
82. echo "<center>File Saved</center>";
83. }
84. }
85. if ($_GET['download']) {
86. $file = $path.$_GET['download'];
87. $fsize = filesize($file);
88. if (!is_file($file)) {
89. // File doesn't exist, output error
90. die('file not found');
91. }
92. else {
93. // Set headers
94. header("Content-Type: binary/octet-stream");
95. header("Content-Length: $fsize");
96. header('Content-Disposition: attachment; filename='.$file);
97. // Read the file from disk
98. readfile($file);
99. exit();
100. }
101. }
102. if (!$_GET['dir']) { $read_dir=$path; }
103. else {
104. $dir=urldecode($_GET['dir']);
105. if (strstr($dir,"..")) { $dir='/'; }
106. if ($dir == '/') { $read_dir=$path; }
107. else { $read_dir=$path.$dir; }
108. }
109. $handle = opendir($read_dir);
110. $files=array();
111. while ($file = readdir($handle)) {
112. $file=strtolower($file);
113. if ($file != '.' && $file != '..') {
114. if ($dir) {
115. $files[$file]=$path.$dir.'/'.$file;
116. }
117. else {
118. $files[$file]=$path.$file;
119. }
120. }
121. }
122. if (preg_match('/(.+)\/.+$/',$dir,$match)) {
123. $up=urlencode($match[1]);
124. echo '<a href="/index.php?dir='.$up.'">.</a><br>';
125. }
126. echo '<a href="/index.php">..</a><br>';
127.  
128. asort($files);
129. foreach ($files as $file => $_path) {
130. if (is_dir($_path)) {
131. if ($dir) { $_dir=urlencode($dir.'/'.$file); }
132. else { $_dir=$file; }
133. echo '<a href="/index.php?dir='.$_dir.'"><b>'.$file.'</b></a><br>';
134. }
135. else {
136. if ($dir) { $_file=urlencode($dir.'/'.$file); }
137. else { $_file=$file; }
138. echo '<a href="/index.php?download='.$_file.'">'.$file.'</a>';
139. echo '&nbsp;&nbsp;<a href="/index.php?edit='.$_file.'">[Edit]</a>';
140. echo '&nbsp;&nbsp;<a href="/index.php?remove='.$_file.'">[Remove]</a>';
141. echo '&nbsp;&nbsp;<a href="/index.php?rename='.$_file.'">[Rename]</a><br>';
142. }
143. }
144. if ($_GET['rename']) {
145. $rename=urldecode($_GET['rename']);
146. $file=$path.$rename;
147. if (preg_match('/(.+)\/.+$/',$rename,$match)) {
148. $_GET['dir']=urlencode($match[1]);
149. }
150.  
151. echo '<form action="'.$uri.'" method="POST">
152. <center>
153. New file:
154. <input type="text" name="rename"><br>
155. <input type="submit" name="dorename" value="Rename">
156. <input type="hidden" name="file" value="'.$_GET['rename'].'">
157. <input type="hidden" name="dir" value="'.$_GET['dir'].'">
158. </center>
159. </form>
160. ';
161. exit();
162. }
163.  
164. $dir=$_GET['dir'];
165. echo '
166. <center>
167. <form action="index.php?dir='.$dir.'" method="post" enctype="multipart/form-data">
168. Upload these files:<br />
169. <input name="file1" type="file" /><br />
170. <input name="file2" type="file" /><br />
171. <input name="file3" type="file" /><br />
172. <input name="file4" type="file" /><br />
173. <input name="file5" type="file" /><br />
174. <input type="hidden" name="dir" value="'.$dir.'">
175. <input type="submit" value="Send files" name="upload"/>
176. </form>
177. </center>
178. ';
179.  
180. ?>