Current Path: $currentPath";
// 确保路径是合法的(避免路径遍历攻击)
$basePath = realpath($basePath); // 确保 basePath 是绝对路径
// 在 Windows 上路径分隔符是 \,我们使用 DIRECTORY_SEPARATOR 统一
if (strpos($currentPath, $basePath) === 0) {
// 列出当前目录下的文件
if (isset($_GET['list'])) {
$files = scandir($currentPath);
echo "Files in '$currentPath'
";
echo "";
foreach ($files as $file) {
if ($file != "." && $file != "..") {
$filePath = $currentPath . DIRECTORY_SEPARATOR . $file;
echo "- ";
if (is_dir($filePath)) {
echo "[DIR] $file";
} else {
echo "$file";
}
echo "
";
}
}
echo "
";
}
// 查看文件内容
if (isset($_GET['view'])) {
$filePath = $_GET['path'];
if (file_exists($filePath)) {
echo "Content of '$filePath'
";
echo "" . htmlspecialchars(file_get_contents($filePath)) . "
";
} else {
echo "File does not exist.";
}
}
// 新建文件
if (isset($_POST['create'])) {
$newFileName = $_POST['filename'];
$filePath = $currentPath . DIRECTORY_SEPARATOR . $newFileName;
if (file_put_contents($filePath, "") !== false) {
echo "File '$newFileName' created successfully.";
} else {
echo "Failed to create file.";
}
}
} else {
die("Invalid directory.");
}
?>
Create a new file