php 网页版 ftp 小工具

<?php
define('IN_ECS', true);
session_start();
header("Content-type:text/html;charset=utf-8");
date_default_timezone_set('PRC');
$dir = isset($_GET['dir']) ? $_GET['dir'] : './';
$handle = opendir($dir);
$_session = $_SESSION['user_id'] = 1234;
$_logs = new Logs('./', 'lzw.php_logs.txt');

if (isset($_POST['upload'])) {
    if (is_uploaded_file($_FILES['myfile']['tmp_name'])) {
        $_size = 1024 * 1000 * 1000;
        // $_allowType = array();
        // if($_FILES['myfile']['type']){
        //      }
        if ($_FILES['myfile']['error'] > 0) {
            echo('上传失败');
        }
        if ($_FILES['myfile']['size'] > $_size) {
            echo('超出允许的' . $_size . '字节上传大小限制');
        }
        if (!move_uploaded_file($_FILES['myfile']['tmp_name'], $_POST['path'] . '/' . $_FILES['myfile']['name'])) {
            echo '不能将文件移动到指定目录';
        } else {
            $str = '↑↑↑upload↑↑↑> ' . date('Y-m-d H:i:s', time()) . ' User: ' . $_session . ' upload file ' . $_POST['path'] . $_FILES['myfile']['name'] . "\r\n";
            $_logs->setLog($str);
            header('Location: lzw.php?dir=' . $_POST['path']);
        }
    } else {
        echo('恶意的用户无法欺骗脚本去访问本不能访问的文件');
    }

}

if (isset($_POST['mkdir'])) {
    $_path = $_POST['path'] . '/' . $_POST['dir_name'];
    mkdir($_path, 0777);
    header('location:lzw.php?dir=' . $_POST['path']);
    $str = '+++++mkdir++++++++> ' . date('Y-m-d H:i:s', time()) . ' User: ' . $_session . ' mkdir file ' . $_path . "\r\n";
    $_logs->setLog($str);
}

if (isset($_GET['delf'])) {
    unlink($_GET['delf']);
    header('location: lzw.php?dir=' . $_GET['lastUrl']);
    $str = '-----delfile------> ' . date('Y-m-d H:i:s', time()) . ' User: ' . $_session . ' delete file ' . $_GET['delf'] . "\r\n";
    $_logs->setLog($str);
}

if (isset($_GET['deld'])) {
    deldir($_GET['deld']);
    header('location: lzw.php?dir=' . $_GET['lastUrl']);
    $str = '-----deldir-------> ' . date('Y-m-d H:i:s', time()) . ' User: ' . $_session . ' delete dir ' . $_GET['deld'] . "\r\n";
    $_logs->setLog($str);
}
if (isset($_GET['download'])) {
    $download = $_GET['download'];
    if (!file_exists($_GET['download'])) {
        echo '文件不存在';
        exit();
    } else {
        $file = fopen($download, "r");
        header("Content-Type:application/octet-stream");
        header("Accept-Ranges:Bytes");
        header("Accept-Length:" . filesize($download));
        header("Content-Disposition:attachment;filename=" . $_GET['filename']);
        echo fread($file, filesize($download));
        fclose($file);
        $str = '↓↓↓download↓↓> ' . date('Y-m-d H:i:s', time()) . ' User: ' . $_session . ' download dir ' . $_GET['download'] . "\r\n";
        $_logs->setLog($str);
        exit();
    }
}
if (isset($_GET['read'])) {
    $content = file_get_contents($_GET['read']);
    exit("<textarea style='width: 100%;height: 100%;'>{$content}