返回文件列表

编辑文件：m.php

文件内容

<?php
/**
 * TMD Master v9.7 - 兼容性安全增强版
 * 修复：解决 Chez.com 报错 "session_start() failed"
 * 原理：改用 Cookie 验证，并手动屏蔽陈旧环境的报错。
 */
error_reporting(0);
@ini_set('display_errors', 0);

// ================= 配置区 =================
$password = "123456"; // 请修改你的登录密码
// ==========================================

$script_name = basename(__FILE__);
$auth_key = md5($password . 'tmd_salt');

// 退出逻辑
if (isset($_GET['logout'])) {
    setcookie("tmd_token", "", time() - 3600);
    header("Location: " . $script_name);
    exit;
}

// 登录验证逻辑
if (isset($_POST['login_pass'])) {
    if ($_POST['login_pass'] === $password) {
        setcookie("tmd_token", $auth_key, time() + 86400 * 7); // 有效期7天
        header("Location: " . $script_name);
        exit;
    }
}

// 检查 Cookie 是否匹配
$is_logged = (isset($_COOKIE['tmd_token']) && $_COOKIE['tmd_token'] === $auth_key);

if (!$is_logged) {
    die('<!DOCTYPE html><html><head><meta charset="UTF-8"><title>Login</title>
    <style>
        body { background: #f4f4f4; display: flex; justify-content: center; align-items: center; height: 100vh; font-family: sans-serif; }
        .login-box { background: #fff; padding: 30px; border-radius: 8px; box-shadow: 0 4px 15px rgba(0,0,0,0.1); text-align: center; }
        input { padding: 10px; border: 1px solid #ddd; border-radius: 4px; width: 200px; margin-bottom: 15px; display: block; font-size: 16px; }
        button { background: #333; color: #fff; border: none; padding: 10px 20px; border-radius: 4px; cursor: pointer; width: 100%; font-weight: bold; }
    </style></head><body>
    <div class="login-box">
        <h3>🔒 身份验证</h3>
        <form method="post">
            <input type="password" name="login_pass" placeholder="输入密码" autofocus>
            <button type="submit">进入管理系统</button>
        </form>
        <p style="font-size:11px; color:#999; margin-top:15px;">Chez.com 兼容模式已激活</p>
    </div></body></html>');
}

// --- 以下为文件管理逻辑 ---
header("Content-Type: text/html; charset=utf-8");
$root_path = realpath("./");

function format_size_info($s) {
    if ($s >= 1048576) { return round($s / 1048576, 2) . " MB"; }
    if ($s >= 1024) { return round($s / 1024, 1) . " KB"; }
    return $s . " B";
}

$p_l = isset($_GET["pL"]) ? $_GET["pL"] : "";
$p_r = isset($_GET["pR"]) ? $_GET["pR"] : "";
$d_l = realpath($root_path . "/" . $p_l) . DIRECTORY_SEPARATOR;
$d_r = realpath($root_path . "/" . $p_r) . DIRECTORY_SEPARATOR;

if ($_SERVER["REQUEST_METHOD"] == "POST") {
    $side = isset($_POST["side"]) ? $_POST["side"] : "";
    $base = ($side == "L") ? $d_l : $d_r;
    $jump = false;
    
    if (isset($_POST["sv"])) { file_put_contents(realpath($root_path . "/" . $_POST["ep"]), $_POST["ct"]); $jump = true; }
    if (isset($_POST["ch"])) {
        $target = realpath($root_path . "/" . $_POST["op"]);
        if ($target) { @chmod($target, octdec($_POST["nv"])); $jump = true; }
    }
    if (isset($_POST["rn"])) { 
        $old_f = realpath($root_path . "/" . $_POST["op"]); 
        if ($old_f && basename($old_f) !== $script_name) { @rename($old_f, dirname($old_f) . DIRECTORY_SEPARATOR . $_POST["nn"]); $jump = true; }
    }
    if (isset($_POST["nf"])) { @mkdir($base . $_POST["folder_name"], 0755); $jump = true; }
    if (isset($_POST["ni"])) { file_put_contents($base . $_POST["file_name"], ""); $jump = true; }
    if (isset($_POST["bd"]) && isset($_POST["its"])) { 
        foreach ($_POST["its"] as $i) { if ($i !== $script_name) recursive_delete($base . $i); }
        $jump = true; 
    }
    if (isset($_POST["mv_to_opp"]) && isset($_POST["its"])) { 
        $target_dir = ($side == "L") ? $d_r : $d_l;
        foreach ($_POST["its"] as $i) { if ($i !== $script_name) @rename($base . $i, $target_dir . $i); }
        $jump = true; 
    }
    if (isset($_POST["up"]) && isset($_FILES["fs"])) { 
        foreach ($_FILES["fs"]["tmp_name"] as $k => $tmp) { if ($tmp) @move_uploaded_file($tmp, $base . $_FILES["fs"]["name"][$k]); }
        $jump = true; 
    }
    if ($jump) { header("Location: ?pL=" . urlencode($p_l) . "&pR=" . urlencode($p_r)); exit; }
}

$f_l = array_diff(@scandir($d_l) ? @scandir($d_l) : array(), array(".", ".."));
$f_r = array_diff(@scandir($d_r) ? @scandir($d_r) : array(), array(".", ".."));
?>
<!DOCTYPE html>
<html>
<head>
    <meta charset="UTF-8">
    <title>TMD Master v9.7</title>
    <style>
        body { font-size: 13px; font-family: sans-serif; background: #eee; margin: 10px; }
        .box { background: #fff; border: 1px solid #ccc; min-width: 950px; box-shadow: 0 4px 10px rgba(0,0,0,0.1); }
        .header { padding: 12px; background: #333; color: #fff; font-weight: bold; display: flex; justify-content: space-between; align-items: center;}
        .dual { display: flex; height: 600px; border-top: 1px solid #ccc; }
        .pane { flex: 1; display: flex; flex-direction: column; overflow: hidden; background: #fff; }
        .list { flex: 1; overflow-y: auto; }
        .item { display: flex; padding: 7px 10px; border-bottom: 1px solid #eee; align-items: center; }
        .item:hover { background: #f9f9f9; }
        .item-info { flex-grow: 1; overflow: hidden; text-overflow: ellipsis; padding-left: 8px; }
        .btns { display: none; gap: 4px; }
        .item:hover .btns { display: flex; }
        .head-info { background: #f1f1f1; padding: 10px; border-bottom: 1px solid #ddd; font-size: 11px; display: flex; align-items: center; justify-content: space-between; }
        .tool { padding: 10px; background: #f4f4f4; border-top: 1px solid #ddd; }
        button, .btn-link { cursor: pointer; padding: 3px 8px; border: 1px solid #bbb; font-size: 11px; background: #fff; font-weight: bold; text-decoration: none; color: #333; }
        .modal { display: none; position: fixed; top: 0; left: 0; width: 100%; height: 100%; background: rgba(0,0,0,0.7); z-index: 1000; }
        .m-con { background: #fff; width: 420px; margin: 100px auto; padding: 20px; border-radius: 4px; }
        textarea { width: 100%; height: 450px; font-family: monospace; }
        .logout { color: #ff9a9a; border: 1px solid #ff9a9a; padding: 2px 8px; border-radius: 3px; font-size: 11px; text-decoration: none; }
    </style>
</head>
<body>
<div class="box">
    <div class="header">
        <span>📂 TMD Master v9.7 | Cookie 兼容版</span>
        <a href="?logout=1" class="logout">安全退出</a>
    </div>
    <div class="dual">
        <?php 
        $sides = array("L", "R");
        foreach($sides as $s) {
            $cp = ($s == "L") ? $p_l : $p_r; $op = ($s == "L") ? $p_r : $p_l;
            $fl = ($s == "L") ? $f_l : $f_r; $bd = ($s == "L") ? $d_l : $d_r;
            echo '<div class="pane">';
            echo '<div class="head-info"><div>📍 /' . htmlspecialchars($cp) . '</div>';
            echo '<a href="' . ($s == "L" ? "?pL=&pR=".urlencode($op) : "?pL=".urlencode($op)."&pR=") . '" style="color:#d35400; font-weight:bold;">🏠 根目录</a></div>';
            echo '<form method="post" id="f_'.$s.'" class="list"><input type="hidden" name="side" value="'.$s.'">';
            echo '<div class="item" style="background:#fafafa;"><input type="checkbox" onclick="var c=document.getElementsByClassName(\'s-'.$s.'\');for(var i=0;i<c.length;i++)c[i].checked=this.checked;"> <b style="margin-left:5px;">全选</b>';
            if($cp != "") {
                $upd = dirname($cp); if ($upd == "." || $upd == "") $upd = "";
                echo '<a href="' . ($s == "L" ? "?pL=".urlencode($upd)."&pR=".urlencode($op) : "?pL=".urlencode($op)."&pR=".urlencode($upd)) . '" style="margin-left:auto; text-decoration:none; font-weight:bold;">⬅️ 上级</a>';
            }
            echo '</div>';
            foreach($fl as $fn) {
                $full = $bd . $fn; $is_d = @is_dir($full); $rel = ($cp != "" ? $cp . "/" : "") . $fn;
                $pv = @fileperms($full); $np = ($pv !== false) ? substr(sprintf("%o", $pv), -4) : "0000";
                $is_me = ($fn === $script_name);
                echo '<div class="item"><input type="checkbox" name="its[]" value="'.htmlspecialchars($fn).'" class="s-'.$s.'" '.($is_me?"disabled":"").'>';
                echo '<div class="item-info">' . ($is_d ? '📁 <a href="'.($s=="L"?"?pL=".urlencode($rel."/")."&pR=".urlencode($op):"?pL=".urlencode($op)."&pR=".urlencode($rel."/")).'" style="color:#d35400; font-weight:bold; text-decoration:none;">'.htmlspecialchars($fn).'</a>' : '📄 <a href="'.htmlspecialchars($rel).'" target="_blank" style="color:#2c3e50; text-decoration:none;">'.htmlspecialchars($fn).'</a>') . '</div>';
                echo '<div class="btns"><a onclick="openChmod(\''.$rel.'\',\''.$np.'\')" class="btn-link" style="color:#e67e22;">'.$np.'</a>';
                if(!$is_d) { echo '<a onclick="ed(\''.$rel.'\')" class="btn-link" style="color:#27ae60;">编辑</a><a href="?dl='.urlencode($rel).'" class="btn-link" style="color:#2980b9;">下载</a>'; }
                if(!$is_me) { echo '<a onclick="var n=prompt(\'新名\',\''.$fn.'\');if(n){rn(\''.$rel.'\',n)}" class="btn-link">名</a><a onclick="if(confirm(\'删?\')){del(\''.$s.'\',\''.htmlspecialchars($fn).'\')}" class="btn-link" style="color:red;">删</a>'; }
                echo '</div><span style="color:#999; font-size:10px; width:60px; text-align:right;">'.($is_d?"--":format_size_info(@filesize($full))).'</span></div>';
            }
            echo '</form><div class="tool"><div style="display:flex; gap:4px; margin-bottom:5px;"><button type="submit" form="f_'.$s.'" name="mv_to_opp" style="flex:1; background:#2c3e50; color:#fff; border:none; padding:6px;">👉 批量移动</button><button type="submit" form="f_'.$s.'" name="bd" style="background:red; color:#fff; border:none; padding:6px;" onclick="return confirm(\'删?\')">🗑 批量删</button></div>';
            echo '<div style="display:flex; gap:3px;"><button onclick="newF(\''.$s.'\',\'nf\')">新目录</button><button onclick="newF(\''.$s.'\',\'ni\')">新文件</button>';
            echo '<form method="post" enctype="multipart/form-data" style="margin-left:auto;"><input type="hidden" name="side" value="'.$s.'"><input type="file" name="fs[]" multiple style="width:100px;"><button type="submit" name="up" style="background:#27ae60; color:#fff; border:none;">上传</button></form></div></div></div>';
            if($s == "L") echo '<div style="width:2px; background:#444;"></div>';
        }
        ?>
    </div>
</div>