| Server IP : 43.241.58.20 / Your IP : 216.73.216.25 Web Server : Apache/2 System : Linux ns1-1556229.dragonhispeed.com 3.16.0 #1 SMP Fri Mar 29 22:50:14 MSK 2024 x86_64 User : ratsitne ( 1130) PHP Version : 5.6.40 Disable Function : exec,system,passthru,shell_exec,proc_close,proc_open,dl,popen,show_source,posix_kill,posix_mkfifo,posix_getpwuid,posix_setpgid,posix_setsid,posix_setuid,posix_setgid,posix_seteuid,posix_setegid,posix_uname MySQL : ON | cURL : ON | WGET : OFF | Perl : OFF | Python : OFF | Sudo : OFF | Pkexec : OFF Directory : /home/ratsitne/domains/tessabalpatiu.go.th/public_html/cdn/filemanager/ |
Upload File : |
<?php
include('config/config.php');
if($_SESSION["verify"] != "RESPONSIVEfilemanager") die('forbiden');
include('include/utils.php');
$thumb_pos=strpos($_POST['path_thumb'],$thumbs_base_path);
if($thumb_pos !=0
|| strpos($_POST['path_thumb'],'../',strlen($thumbs_base_path)+$thumb_pos)!==FALSE
|| strpos($_POST['path'],'/')===0
|| strpos($_POST['path'],'../')!==FALSE
|| strpos($_POST['path'],'./')===0)
die('wrong path');
$language_file = 'lang/en_EN.php';
if (isset($_GET['lang']) && $_GET['lang'] != 'undefined' && $_GET['lang']!='') {
$path_parts = pathinfo($_GET['lang']);
if(is_readable('lang/' .$path_parts['basename']. '.php')){
$language_file = 'lang/' .$path_parts['basename']. '.php';
}
}
require_once $language_file;
$base=$current_path;
$path=$current_path.$_POST['path'];
$cycle=true;
$max_cycles=50;
$i=0;
while($cycle && $i<$max_cycles){
$i++;
if($path==$base) $cycle=false;
if(file_exists($path."config.php")){
require_once($path."config.php");
$cycle=false;
}
$path=fix_dirname($path)."/";
$cycle=false;
}
$path=$current_path.$_POST['path'];
$path_thumb=$_POST['path_thumb'];
if(isset($_POST['name'])){
$name=$_POST['name'];
if(strpos($name,'../')!==FALSE) die('wrong name');
}
$info=pathinfo($path);
if(isset($info['extension']) && !in_array(strtolower($info['extension']), $ext)){
die('wrong extension');
}
if(isset($_GET['action'])){
switch($_GET['action']){
case 'delete_file':
if($delete_files){
unlink($path);
if(file_exists($path_thumb))
unlink($path_thumb);
$info=pathinfo($path);
if($relative_image_creation){
foreach($relative_path_from_current_pos as $k=>$path){
if($path!="" && $path[strlen($path)-1]!="/") $path.="/";
if(file_exists($info['dirname']."/".$path.$relative_image_creation_name_to_prepend[$k].$info['filename'].$relative_image_creation_name_to_append[$k].".".$info['extension'])){
unlink($info['dirname']."/".$path.$relative_image_creation_name_to_prepend[$k].$info['filename'].$relative_image_creation_name_to_append[$k].".".$info['extension']);
}
}
}
if($fixed_image_creation){
foreach($fixed_path_from_filemanager as $k=>$path){
if($path!="" && $path[strlen($path)-1]!="/") $path.="/";
$base_dir=$path.substr_replace($info['dirname']."/", '', 0, strlen($current_path));
if(file_exists($base_dir.$fixed_image_creation_name_to_prepend[$k].$info['filename'].$fixed_image_creation_to_append[$k].".".$info['extension'])){
unlink($base_dir.$fixed_image_creation_name_to_prepend[$k].$info['filename'].$fixed_image_creation_to_append[$k].".".$info['extension']);
}
}
}
}
break;
case 'delete_folder':
if($delete_folders){
if(is_dir($path_thumb))
deleteDir($path_thumb);
if(is_dir($path)){
deleteDir($path);
if($fixed_image_creation){
foreach($fixed_path_from_filemanager as $k=>$paths){
if($paths!="" && $paths[strlen($paths)-1]!="/") $paths.="/";
$base_dir=$paths.substr_replace($path, '', 0, strlen($current_path));
if(is_dir($base_dir))
deleteDir($base_dir);
}
}
}
}
break;
case 'create_folder':
if($create_folders){
create_folder(fix_path($path),fix_path($path_thumb));
}
break;
case 'rename_folder':
if($rename_folders){
$name=fix_filename($name);
$name=str_replace('.','',$name);
if(!empty($name)){
if(!rename_folder($path,$name))
die(lang_Rename_existing_folder);
rename_folder($path_thumb,$name);
if($fixed_image_creation){
foreach($fixed_path_from_filemanager as $k=>$paths){
if($paths!="" && $paths[strlen($paths)-1]!="/") $paths.="/";
$base_dir=$paths.substr_replace($path, '', 0, strlen($current_path));
rename_folder($base_dir,$name);
}
}
}else{
die(lang_Empty_name);
}
}
break;
case 'rename_file':
if($rename_files){
$name=fix_filename($name);
if(!empty($name)){
if(!rename_file($path,$name))
die(lang_Rename_existing_file);
rename_file($path_thumb,$name);
if($fixed_image_creation){
$info=pathinfo($path);
foreach($fixed_path_from_filemanager as $k=>$paths){
if($paths!="" && $paths[strlen($paths)-1]!="/") $paths.="/";
$base_dir=$paths.substr_replace($info['dirname']."/", '', 0, strlen($current_path));
if(file_exists($base_dir.$fixed_image_creation_name_to_prepend[$k].$info['filename'].$fixed_image_creation_to_append[$k].".".$info['extension'])){
rename_file($base_dir.$fixed_image_creation_name_to_prepend[$k].$info['filename'].$fixed_image_creation_to_append[$k].".".$info['extension'],$fixed_image_creation_name_to_prepend[$k].$name.$fixed_image_creation_to_append[$k]);
}
}
}
}else{
die(lang_Empty_name);
}
}
break;
default:
die('wrong action');
break;
}
}
?>