// ================================
// SIMPLE FILE MANAGER (SAFE MODE)
// ================================

// Folder dasar (root) dibatasi di lokasi file ini
$baseDir = realpath(__DIR__);

// Fungsi helper untuk mencegah directory traversal
function safePath(string $baseDir, string $target): string {
$baseDir = realpath($baseDir);
$targetPath = realpath($target);

// Jika path tidak valid, kembalikan baseDir
if ($targetPath === false) {
return $baseDir;
}

// Pastikan target masih di dalam baseDir
if (strpos($targetPath, $baseDir) !== 0) {
return $baseDir;
}

return $targetPath;
}

// Tentukan direktori aktif
$currentDir = $baseDir;

// Param "dir" (relatif dari baseDir)
if (isset($_GET['dir']) && $_GET['dir'] !== '') {
$requested = $baseDir . DIRECTORY_SEPARATOR . $_GET['dir'];
$currentDir = safePath($baseDir, $requested);
}

// Tangani upload file
$uploadMessage = '';
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_FILES['files'])) {
$files = $_FILES['files'];

// Bisa multiple upload
$total = count($files['name']);
for ($i = 0; $i < $total; $i++) {
if ($files['error'][$i] === UPLOAD_ERR_OK) {
$name = basename($files['name'][$i]);
$tmp = $files['tmp_name'][$i];
$dest = $currentDir . DIRECTORY_SEPARATOR . $name;

if (move_uploaded_file($tmp, $dest)) {
$uploadMessage .= "Berhasil upload: " . htmlspecialchars($name) . "
";
} else {
$uploadMessage .= "Gagal upload: " . htmlspecialchars($name) . "
";
}
}
}
}

// Hitung path relatif untuk tampilan breadcrumb
$relativePath = ltrim(str_replace($baseDir, '', $currentDir), DIRECTORY_SEPARATOR);
$relativePathDisplay = $relativePath === '' ? '.' : $relativePath;

// Ambil list file & folder
$items = @scandir($currentDir);
if ($items === false) {
$items = [];
}

<!DOCTYPE html>
<html lang="id">

<meta charset="UTF-8">
Simple File Manager <title>Simple File Manager</title>
<style>
body {
font-family: Arial, sans-serif;
font-size: 14px;
background: #f4f4f4;
margin: 0;
padding: 0;
}
.wrapper {
max-width: 960px;
margin: 20px auto;
background: #fff;
padding: 20px;
border-radius: 6px;
box-shadow: 0 2px 6px rgba(0,0,0,0.1);
}
h1 {
margin-top: 0;
}
.breadcrumb {
padding: 8px 12px;
background: #f0f0f0;
border-radius: 4px;
margin-bottom: 15px;
}
.breadcrumb strong {
font-weight: bold;
}
table {
width: 100%;
border-collapse: collapse;
margin-top: 15px;
}
th, td {
padding: 6px 8px;
border-bottom: 1px solid #eee;
}
th {
text-align: left;
background: #fafafa;
}
tr:nth-child(even) {
background: #fafafa;
}
.type-folder {
font-weight: bold;
}
.message {
margin-top: 10px;
padding: 10px;
background: #e7f7e7;
border: 1px solid #b5e0b5;
border-radius: 4px;
}
.error {
background: #fbeaea;
border-color: #f1b5b5;
}
.upload-box {
margin-top: 15px;
padding: 10px;
border-radius: 4px;
border: 1px solid #ddd;
background: #fafafa;
}
input[type="file"] {
display: block;
margin-bottom: 8px;
}
input[type="submit"] {
padding: 6px 12px;
cursor: pointer;
}
.up-link {
margin-top: 10px;
display: inline-block;
}
</style>


<div class="wrapper">

Simple File Manager



<div class="breadcrumb">
Lokasi saat ini: <strong> echo htmlspecialchars($relativePathDisplay); </strong>
</div>

if ($uploadMessage !== ''):
<div class="message">
echo $uploadMessage;
</div>
endif;

<!-- Form Upload -->
<div class="upload-box">

<label>Upload file ke folder ini:</label>




</div>

<!-- Link naik satu folder -->

if ($currentDir !== $baseDir) {
$parent = dirname($currentDir);
$parentRelative = ltrim(str_replace($baseDir, '', $parent), DIRECTORY_SEPARATOR);
$parentParam = $parentRelative === '' ? '' : '?dir=' . urlencode($parentRelative);
echo '<a class="up-link" href="filemanager.php' . ($parentParam ? $parentParam : '') . '">⬅ Naik satu folder</a>';
}


<!-- List File & Folder -->


<th>Nama</th>
<th>Jenis</th>
<th>Ukuran</th>
<th>Modifikasi</th>

foreach ($items as $item):

if ($item === '.' || $item === '..') continue;

$fullPath = $currentDir . DIRECTORY_SEPARATOR . $item;
$isDir = is_dir($fullPath);

// path relatif untuk link
$itemRelative = trim($relativePath === '' ? $item : $relativePath . DIRECTORY_SEPARATOR . $item, DIRECTORY_SEPARATOR);








endforeach;

if ($isDir):
<a class="type-folder" href="?dir= echo urlencode($itemRelative); ">
[DIR] echo htmlspecialchars($item);
</a>
else:
echo htmlspecialchars($item);
endif;
echo $isDir ? 'Folder' : 'File';

if ($isDir) {
echo '-';
} else {
$size = filesize($fullPath);
if ($size === false) {
echo '?';
} else {
if ($size > 1024 * 1024) {
echo round($size / (1024 * 1024), 2) . ' MB';
} elseif ($size > 1024) {
echo round($size / 1024, 2) . ' KB';
} else {
echo $size . ' B';
}
}
}

$mtime = filemtime($fullPath);
echo $mtime ? date('Y-m-d H:i:s', $mtime) : '-';

</div>