This is a early version of a filesystem editor we wrote for our developers kit. It allows you do view a directory, create files, erase files, edit files, create directories, remove directories, and upload files from your browser directly into the directory.

By : bleach

<? session_register("GlimpseDir");
if(!$GlimpseDir) $GlimpseDir="/";

/* This software was written 2000 by Derek Young at GSData Design */
/* Please Use some type of auth system for this file, if it got in the
wrong hands, you could be seriously messed with. You can put it in
a protected directory via .htaccess, or use your own auth system in
php, either way, be carefull, I take no responsibility for any
damages that this file causes. */

/* Set this directory to the physical location on your filesystem for
the document root. */

$basedir="/usr/httpd/html/glimpse";

function reloadnow() {
global $PHP_SELF;
global $addons;
header("Status: 302 Moved");
header("Location: $PHP_SELF".$addons);
exit(); }

if($cancel) $action="";
if($action=="root") $GlimpseDir="/";
if($action=="chdr") $GlimpseDir=$file."/";
if($action=="dele" && $confirm==1) { unlink($basedir.$file); $action="";}
if($action=="move" && $confirm && $newfile) {
rename($basedir.$file,$basedir.$newfile); $action=""; }
if($action=="rmdr") rmdir($basedir.$file);
if($action=="edit" && $confirm && $file) {
$fp=fopen($basedir.$file,"w");
fputs($fp,stripslashes($code));
fclose($fp);
$addons="?action=edit&file=".rawurlencode($file);
reloadnow(); }
if($upload) { copy($userfile,$basedir.$GlimpseDir.$userfile_name);
reloadnow(); }
if($touch) { touch($basedir.$GlimpseDir.$touchfile); reloadnow(); }
if($mkdir) { mkdir($basedir.$GlimpseDir.$mkdirfile,0700); reloadnow(); }
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"
"http://www.w3c.org/TR/REC-html40/loose.dtd">
<HTML>
<HEAD>
<TITLE>Filesystem Browser-Current Directory="<?=$GlimpseDir;?>"</TITLE>
</HEAD>
<BODY> <?

if ($action=="dele") {
echo "Are you sure you want to delete $file ?<BR>";
echo "<A HREF=\"$PHP_SELF?action=dele&file=" . rawurlencode($file) . "&confirm=1\">YES</A><BR>";
echo "<A HREF=\"$PHP_SELF\">NO</A><BR>";
echo "</BODY></HTML>";
exit(); }

if ($action=="move") {
echo "Current Filename is: ".$file . "<BR>\n";
echo "<FORM METHOD=\"POST\" ACTION=\"$PHP_SELF\">\n";
echo "<INPUT TYPE=\"TEXT\" NAME=\"newfile\">Newfile Name<BR>\n";
echo "<INPUT TYPE=\"SUBMIT\" NAME=\"confirm\" VALUE=\"Change\">\n";
echo "<INPUT TYPE=\"SUBMIT\" NAME=\"cancel\" VALUE=\"Cancel\">\n";
echo "<INPUT TYPE=\"HIDDEN\" NAME=\"action\" VALUE=\"move\">\n";
echo "<INPUT TYPE=\"HIDDEN\" NAME=\"file\" VALUE=\"$file\">\n";
echo "</FORM></BODY></HTML>";
exit(); }

if ($action=="edit") {
echo "<FORM METHOD=\"POST\" ACTION=\"$PHP_SELF\">\n";
echo "Current Filename is: ".$file ." ";
echo "<INPUT TYPE=\"HIDDEN\" NAME=\"file\" VALUE=\"$file\">\n";
echo "<INPUT TYPE=\"HIDDEN\" NAME=\"action\" VALUE=\"edit\">\n";
echo "<INPUT TYPE=\"SUBMIT\" NAME=\"confirm\" VALUE=\"Save\">\n";
echo "<INPUT TYPE=\"SUBMIT\" NAME=\"cancel\" VALUE=\"Exit\"><BR>\n";
$fp=fopen($basedir.$file,"r");
$contents=fread($fp,filesize($basedir.$file));
echo "<TEXTAREA NAME=\"code\" rows=\"20\" cols=\"80\">\n";
echo htmlspecialchars($contents);
echo "</TEXTAREA><BR>\n";

echo "</FORM></BODY></HTML>";
exit(); }

?>
<A HREF="<?=$PHP_SELF;?>?action=root">Back to root</A><BR>

<TABLE BORDER="1">
<TR><TD>Filename</TD><TD>Type</TD><TD>Size</TD><TD>Action</TD></TR>
<? $handle=opendir($basedir . $GlimpseDir);
while($file = readdir($handle)) {
if ($file != "." && $file != "..") {
$filename=$basedir.$GlimpseDir.$file;
$fileurl=rawurlencode($GlimpseDir.$file);
echo "<TR>";
echo "<TD>" . htmlspecialchars($file) . "</TD>\n";
echo "<TD>" . filetype($filename) . "</TD>\n";
echo "<TD>" . filesize($filename) . "</TD>\n";
echo "<TD>";
if(filetype($filename)=="file") {
echo "<A HREF=\"$GlimpseDir$file\">View</A> ";
echo "<A HREF=\"$PHP_SELF?action=edit&file=$fileurl\">Edit</A> ";
echo "<A HREF=\"$PHP_SELF?action=dele&file=$fileurl\">Dele</A> ";
echo "<A HREF=\"$PHP_SELF?action=move&file=$fileurl\">Move</A> ";
} if(filetype($filename)=="dir") {
echo "<A HREF=\"$PHP_SELF?action=chdr&file=$fileurl\">ChDr</A> ";
echo "<A HREF=\"$PHP_SELF?action=rmdr&file=$fileurl\">RmDr</A> ";
}
echo "</TD>";
echo "</TR>\n";
}
}
closedir($handle);
?>
</TABLE>

<BR>
<FORM ENCTYPE="multipart/form-data" METHOD="POST" ACTION="<?=$PHP_SELF;?>">
<INPUT NAME="userfile" TYPE="file">
<INPUT TYPE="SUBMIT" NAME="upload" VALUE="Upload"><BR>
<INPUT TYPE="TEXT" NAME="touchfile">
<INPUT TYPE="SUBMIT" NAME="touch" VALUE="Touch"><BR>
<INPUT TYPE="TEXT" NAME="mkdirfile">
<INPUT TYPE="SUBMIT" NAME="mkdir" VALUE="Mkdir"><BR>
</FORM>

</BODY>
</HTML>

DISCLAIMER: The content provided in this article is not warranted or guaranteed by Developer Shed, Inc. The content provided is intended for entertainment and/or educational purposes in order to introduce to the reader key ideas, concepts, and/or product reviews. As such it is incumbent upon the reader to employ real-world tactics for security and implementation of best practices. We are not liable for any negative consequences that may result from implementing any information covered in our articles or tutorials. If this is a hardware review, it is not recommended to open and/or modify your hardware.

More File Manipulation Code Articles
More By Codewalkers

blog comments powered by Disqus