// Allowed extensions (empty = all) $allowed_extensions = array( 'jpg','jpeg','png','gif','pdf','txt','doc','docx','xls','xlsx', 'zip','tar','gz','mp3','mp4','php','html','css','js' );
// Helper functions function get_size($bytes) if ($bytes >= 1073741824) return number_format($bytes / 1073741824, 2) . ' GB'; if ($bytes >= 1048576) return number_format($bytes / 1048576, 2) . ' MB'; if ($bytes >= 1024) return number_format($bytes / 1024, 2) . ' KB'; return $bytes . ' B';
<?php // TinyFileManager 2.4.3 // https://github.com/prasathmani/tinyfilemanager // Released under MIT License session_name('filemanager'); session_start();
$listing = list_directory($full_path, $show_hidden_files); ?> <!DOCTYPE html> <html> <head> <meta charset="UTF-8"> <title>TinyFileManager 2.4.3</title> <style> body font-family: sans-serif; margin: 20px; background: #f4f4f4; .container max-width: 1200px; margin: auto; background: white; padding: 20px; border-radius: 8px; h1 margin-top: 0; table width: 100%; border-collapse: collapse; th, td text-align: left; padding: 8px; border-bottom: 1px solid #ddd; th background: #eee; .btn display: inline-block; padding: 6px 12px; background: #007bff; color: white; text-decoration: none; border-radius: 4px; .btn-danger background: #dc3545; .form-inline display: inline; input, button padding: 6px; margin: 2px; .breadcrumb margin-bottom: 20px; .upload-area margin-bottom: 20px; background: #e9ecef; padding: 10px; border-radius: 4px; footer margin-top: 20px; text-align: center; font-size: 12px; color: gray; </style> </head> <body> <div class="container"> <h1>📁 TinyFileManager 2.4.3</h1> <div class="breadcrumb"> <a href="?path=">Root</a> <?php $parts = explode('/', trim($current_path, '/')); $build = ''; foreach ($parts as $part) if ($part === '') continue; $build .= '/' . $part; echo ' / <a href="?path=' . urlencode(ltrim($build, '/')) . '">' . htmlspecialchars($part) . '</a>'; tinyfilemanager 2.4.3
// Main logic $current_path = isset($_GET['path']) ? $_GET['path'] : ''; $full_path = $root_path . '/' . ltrim($current_path, '/'); $full_path = realpath($full_path);
// Read-only users $read_only_users = array('user');
// Simple auth check function auth($users, $read_only_users = array()) if (!isset($_SESSION['loggedin'])) if (isset($_SERVER['PHP_AUTH_USER']) && isset($users[$_SERVER['PHP_AUTH_USER']])) $pass = $_SERVER['PHP_AUTH_PW']; $hash = $users[$_SERVER['PHP_AUTH_USER']]; if (password_verify($pass, $hash)) $_SESSION['loggedin'] = $_SERVER['PHP_AUTH_USER']; $_SESSION['readonly'] = in_array($_SERVER['PHP_AUTH_USER'], $read_only_users); return true; // Allowed extensions (empty = all) $allowed_extensions =
if ($action === 'rename' && isset($_POST['old'], $_POST['new'])) $old = $full_path . '/' . basename($_POST['old']); $new = $full_path . '/' . basename($_POST['new']); if (file_exists($old)) rename($old, $new);
if ($full_path === false || strpos($full_path, $root_path) !== 0) $full_path = $root_path; $current_path = '';
// Actions $action = isset($_POST['action']) ? $_POST['action'] : (isset($_GET['action']) ? $_GET['action'] : ''); ' KB'; return $bytes
exit;
// ============================================= // CONFIGURATION // ============================================= $auth_users = array( 'admin' => '$2y$10$YourHashHere', // password: admin (generate with password_hash()) 'user' => '$2y$10$AnotherHash' );
if ($action === 'delete' && isset($_POST['file'])) $target = $full_path . '/' . basename($_POST['file']); if (is_file($target)) unlink($target); if (is_dir($target)) array_map('unlink', glob($target . '/*')) && rmdir($target);
// Root path for file manager $root_path = $_SERVER['DOCUMENT_ROOT'];
if (!$readonly) if ($action === 'mkdir' && isset($_POST['name'])) $newdir = $full_path . '/' . basename($_POST['name']); if (!file_exists($newdir)) mkdir($newdir, 0755);