├── LICENSE
├── README.md
└── index.php


/LICENSE:
--------------------------------------------------------------------------------
 1 | MIT License
 2 | 
 3 | Copyright (c) 2025 danmed
 4 | 
 5 | Permission is hereby granted, free of charge, to any person obtaining a copy
 6 | of this software and associated documentation files (the "Software"), to deal
 7 | in the Software without restriction, including without limitation the rights
 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 | 
12 | The above copyright notice and this permission notice shall be included in all
13 | copies or substantial portions of the Software.
14 | 
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21 | SOFTWARE.
22 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | # PHPIndex
 2 | 
 3 | **Version:** 1.6  
 4 | **License:** MIT
 5 | 
 6 | PHPIndex is a single-file, zero-dependency script that provides a clean and modern interface for browsing a directory on your web server. It's designed for developers who need a quick and easy way to access files, generate download/execution commands, and perform basic file management.
 7 | 
 8 | 
 9 | 
10 | ## Features
11 | 
12 | - **Single-File Deployment:** Just drop `PHPIndex.php` into any directory.
13 | - **Sub-folder Navigation:** Browse through subdirectories with clickable breadcrumb navigation.
14 | - **Command Generation:** Instantly generate download or execution commands for `Wget`, `Curl`, and `PowerShell`.
15 | - **Live File Filtering:** Filter the file list in real-time with wildcard support (`*.sh`, `script*`, etc.).
16 | - **File Content Preview:** View the contents of any file with syntax highlighting.
17 | - **Dark Mode:** Includes a sleek dark mode with automatic theme detection and a manual toggle.
18 | - **Secure File Management (Login Protected):**
19 |     - Create new files.
20 |     - Edit existing files.
21 |     - Delete files.
22 | - **Secure by Default:** Features built-in protection against directory traversal, XSS, and CSRF attacks.
23 | 
24 | ---
25 | 
26 | ## Setup
27 | 
28 | 1.  **Download:** Get the `PHPIndex.php` file.
29 | 2.  **Upload:** Place the file in the directory you want to browse on your web server.
30 | 3.  **(Recommended) Set Your Password:**
31 |     - Open `PHPIndex.php` in a text editor.
32 |     - **To set/reset the password:** Find the line that starts with `$passwordHash = ` and change it to look exactly like this: `$passwordHash = '';` (the hash must be empty).
33 |     - Next, find the line `$plainTextPassword = 'your_password_here';` and change `'your_password_here'` to your new secure password.
34 |     - Save and upload the file. The script will automatically generate a new secure hash from your plain text password the first time you log in.
35 | 
36 | That's it! You can now access the directory through your browser.
37 | 
38 | ---
39 | 
40 | ## Troubleshooting & Usage
41 | 
42 | ### How do I edit or delete existing files?
43 | 
44 | The edit and delete functions require you to be logged in. If you have not set a password, these features will not be available.
45 | 
46 | If you are logged in but still can't edit or delete a file that you uploaded via FTP/SSH, it is almost certainly a **file permissions** issue.
47 | 
48 | The web server runs as a specific user (e.g., `www-data` or `apache`), and that user needs permission to modify files owned by your FTP/SSH user.
49 | 
50 | #### Quick Fix (Recommended)
51 | 
52 | The easiest solution is to change the "owner" of the project files to the web server user.
53 | 
54 | 1.  **Find your web server's user:** This is commonly `www-data` on Debian/Ubuntu systems or `apache` on CentOS/RHEL systems.
55 | 2.  **Connect to your server via SSH.**
56 | 3.  **Run the `chown` (change owner) command:**
57 |     - Navigate to the parent directory of where you placed `PHPIndex.php`.
58 |     - Run the following command, replacing `www-data:www-data` if your server user is different and `/path/to/your/project` with the correct directory path.
59 | 
60 |     ```bash
61 |     sudo chown -R www-data:www-data /path/to/your/project
62 |     ```
63 |     The `-R` flag makes the change recursive, applying it to all files and folders inside.
64 | 
65 | #### Alternative Fix (If you can't change ownership)
66 | 
67 | If you must keep the files owned by your personal user, you can grant "group" write permissions instead.
68 | 
69 | 1.  **Find the web server's group name** (usually the same as the user, e.g., `www-data`).
70 | 2.  **Add your user to the web server's group:**
71 | 
72 |     ```bash
73 |     sudo usermod -a -G www-data your_username
74 |     ```
75 |     You will need to log out and log back in for this change to take effect.
76 | 3.  **Grant write permissions to the group** for your project directory:
77 |     ```bash
78 |     sudo chmod -R g+w /path/to/your/project
79 |     ```
80 | 
81 | After applying either of these fixes, the edit and delete functions in PHPIndex should work as expected.
82 | 


--------------------------------------------------------------------------------
/index.php:
--------------------------------------------------------------------------------
  1 | <?php
  2 | // --- PHP SCRIPT START ---
  3 | session_start();
  4 | 
  5 | // Version 1.6
  6 | 
  7 | // --- CONFIGURATION ---
  8 | // To disable write protection, set this to false.
  9 | define('WRITE_PROTECTION_ENABLED', true);
 10 | // IMPORTANT: Change this password. The script will automatically hash it.
 11 | // To generate a new hash, delete the $passwordHash line and set a new plain text password here.
 12 | $plainTextPassword = 'your_password_here'; 
 13 | $passwordHash = '$2y$10$If..He1.Q2ustcR0A3EgDuYVL5k/s3o5Jd293.KM8kaYCSa3yv65m'; // Default: 'your_password_here'
 14 | 
 15 | // --- Automatically create hash if not present ---
 16 | if (isset($plainTextPassword) && $passwordHash === '') {
 17 |     $passwordHash = password_hash($plainTextPassword, PASSWORD_DEFAULT);
 18 | }
 19 | 
 20 | $excludeList = [
 21 |     'index.php',
 22 |     'PHPIndex.php',
 23 |     '.DS_Store',
 24 |     '.git',
 25 | ];
 26 | $powershellExtensions = ['ps1', 'psm1', 'psd1'];
 27 | 
 28 | // --- AUTHENTICATION & ACTION HANDLING ---
 29 | $isLoggedIn = (isset($_SESSION['loggedin']) && $_SESSION['loggedin'] === true);
 30 | $feedbackMessage = '';
 31 | $feedbackType = ''; // 'success' or 'error'
 32 | 
 33 | // Handle Logout
 34 | if (isset($_GET['logout'])) {
 35 |     session_destroy();
 36 |     header('Location: ' . strtok($_SERVER['REQUEST_URI'], '?'));
 37 |     exit;
 38 | }
 39 | 
 40 | // Handle Login
 41 | if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['login'])) {
 42 |     if (isset($_POST['password']) && password_verify($_POST['password'], $passwordHash)) {
 43 |         $_SESSION['loggedin'] = true;
 44 |         $_SESSION['csrf_token'] = bin2hex(random_bytes(32)); // Generate CSRF token on login
 45 |         $isLoggedIn = true;
 46 |     } else {
 47 |         $feedbackMessage = 'Invalid password.';
 48 |         $feedbackType = 'error';
 49 |     }
 50 | }
 51 | 
 52 | // --- PATH HANDLING & SECURITY ---
 53 | $baseDir = __DIR__;
 54 | $relativePath = isset($_GET['path']) ? trim($_GET['path'], '/') : '.';
 55 | $requestedPath = $baseDir . DIRECTORY_SEPARATOR . $relativePath;
 56 | $realPath = realpath($requestedPath);
 57 | 
 58 | if ($realPath === false || strpos($realPath, $baseDir) !== 0 || !is_dir($realPath)) {
 59 |     $realPath = $baseDir;
 60 |     $relativePath = '.';
 61 | } else {
 62 |     $relativePath = trim(substr($realPath, strlen($baseDir)), DIRECTORY_SEPARATOR);
 63 |     if ($relativePath === '') $relativePath = '.';
 64 | }
 65 | 
 66 | // --- FILE ACTION HANDLING (with CSRF protection) ---
 67 | if ($_SERVER['REQUEST_METHOD'] === 'POST' && !isset($_POST['login'])) {
 68 |     if (!$isLoggedIn || !WRITE_PROTECTION_ENABLED) {
 69 |         $feedbackMessage = 'Error: You must be logged in to perform actions.';
 70 |         $feedbackType = 'error';
 71 |     } elseif (!isset($_POST['csrf_token']) || !hash_equals($_SESSION['csrf_token'] ?? '', $_POST['csrf_token'])) {
 72 |         $feedbackMessage = 'CSRF token validation failed. Please try again.';
 73 |         $feedbackType = 'error';
 74 |     } else {
 75 |         // CSRF is valid, now process the specific action
 76 |         
 77 |         // --- FILE CREATION HANDLING ---
 78 |         if (isset($_POST['create_file'])) {
 79 |             $filename = $_POST['filename'] ?? '';
 80 |             $content = $_POST['file_content'] ?? '';
 81 |             $safeFilename = basename($filename);
 82 | 
 83 |             if (!empty($safeFilename)) {
 84 |                 $newFilePath = $realPath . DIRECTORY_SEPARATOR . $safeFilename;
 85 |                 if (file_exists($newFilePath)) {
 86 |                     $feedbackMessage = 'Error: A file with that name already exists.';
 87 |                     $feedbackType = 'error';
 88 |                 } elseif (!is_writable($realPath)) {
 89 |                      $feedbackMessage = 'Error: The directory is not writable. Check permissions.';
 90 |                      $feedbackType = 'error';
 91 |                 } else {
 92 |                     if (file_put_contents($newFilePath, $content) !== false) {
 93 |                         $feedbackMessage = 'File "' . htmlspecialchars($safeFilename) . '" created successfully.';
 94 |                         $feedbackType = 'success';
 95 |                     } else {
 96 |                         $feedbackMessage = 'Error: Could not write to file. Check permissions.';
 97 |                         $feedbackType = 'error';
 98 |                     }
 99 |                 }
100 |             } else {
101 |                 $feedbackMessage = 'Error: Filename cannot be empty.';
102 |                 $feedbackType = 'error';
103 |             }
104 |         }
105 |         
106 |         // --- FILE EDITING HANDLING ---
107 |         if (isset($_POST['edit_file'])) {
108 |             $filename = $_POST['filename'] ?? '';
109 |             $content = $_POST['file_content'] ?? '';
110 |             $safeFilename = basename($filename);
111 |             $filePath = $realPath . DIRECTORY_SEPARATOR . $safeFilename;
112 | 
113 |             if (!file_exists($filePath)) {
114 |                 $feedbackMessage = 'Error: File not found.';
115 |                 $feedbackType = 'error';
116 |             } elseif (!is_writable($filePath)) {
117 |                 $feedbackMessage = 'Error: File is not writable. Please check file permissions on your server.';
118 |                 $feedbackType = 'error';
119 |             } else {
120 |                 file_put_contents($filePath, $content);
121 |                 $feedbackMessage = 'File "' . htmlspecialchars($safeFilename) . '" updated successfully.';
122 |                 $feedbackType = 'success';
123 |             }
124 |         }
125 |         
126 |         // --- FILE DELETION HANDLING ---
127 |         if (isset($_POST['delete_file'])) {
128 |             $filename = $_POST['filename'] ?? '';
129 |             $safeFilename = basename($filename);
130 |             $filePath = $realPath . DIRECTORY_SEPARATOR . $safeFilename;
131 | 
132 |             if (!file_exists($filePath)) {
133 |                 $feedbackMessage = 'Error: File not found.';
134 |                 $feedbackType = 'error';
135 |             } elseif (!is_writable($filePath)) {
136 |                 $feedbackMessage = 'Error: File is not deletable. Please check file permissions on your server.';
137 |                 $feedbackType = 'error';
138 |             } else {
139 |                 unlink($filePath);
140 |                 $feedbackMessage = 'File "' . htmlspecialchars($safeFilename) . '" deleted successfully.';
141 |                 $feedbackType = 'success';
142 |             }
143 |         }
144 |     }
145 | }
146 | 
147 | // --- AJAX: FETCH FILE CONTENT (for editing) ---
148 | if ($isLoggedIn && isset($_GET['fetch_content']) && isset($_GET['file'])) {
149 |     header('Content-Type: text/plain');
150 |     $filename = basename($_GET['file']);
151 |     $filePath = $realPath . DIRECTORY_SEPARATOR . $filename;
152 |     if (file_exists($filePath) && is_readable($filePath)) {
153 |         echo file_get_contents($filePath);
154 |     } else {
155 |         echo 'Error: File not found or not readable.';
156 |     }
157 |     exit;
158 | }
159 | ?>
160 | <!DOCTYPE html>
161 | <html lang="en">
162 | <head>
163 |     <meta charset="UTF-8">
164 |     <meta name="viewport" content="width=device-width, initial-scale=1.0">
165 |     <title>PHPIndex - File Lister</title>
166 |     <!-- Tailwind CSS for styling -->
167 |     <script src="https://cdn.tailwindcss.com"></script>
168 |     <!-- Prism.js CSS for Syntax Highlighting -->
169 |     <link href="https://cdnjs.cloudflare.com/ajax/libs/prism/1.29.0/themes/prism-tomorrow.min.css" rel="stylesheet" />
170 |     <!-- Configuration for class-based dark mode -->
171 |     <script>
172 |         tailwind.config = {
173 |             darkMode: 'class',
174 |         }
175 |     </script>
176 |     <style>
177 |         .copy-button.copied { background-color: #28a745; color: white; }
178 |         details > summary { list-style: none; }
179 |         details > summary::-webkit-details-marker { display: none; }
180 |         details > summary::before { content: '►'; margin-right: 0.5rem; font-size: 0.8em; transition: transform 0.2s ease-in-out; }
181 |         details[open] > summary::before { transform: rotate(90deg); }
182 |         .line-numbers .line-numbers-rows { user-select: none; }
183 |         .modal-overlay { transition: opacity 0.3s ease; }
184 |     </style>
185 | </head>
186 | <body class="bg-gray-100 dark:bg-gray-900 font-sans">
187 | 
188 |     <div class="container mx-auto p-4 sm:p-6 lg:p-8">
189 |         <div class="bg-white dark:bg-gray-800 rounded-lg shadow-lg p-6">
190 |             <div class="flex justify-between items-center mb-4 border-b dark:border-gray-700 pb-4">
191 |                 <h1 class="text-2xl sm:text-3xl font-bold text-gray-800 dark:text-gray-200">PHPIndex</h1>
192 |                 <div class="flex items-center gap-2">
193 |                     <?php if (WRITE_PROTECTION_ENABLED): ?>
194 |                         <?php if($isLoggedIn): ?>
195 |                             <a href="?logout=true" class="bg-red-500 hover:bg-red-600 text-white font-bold py-2 px-4 rounded-md text-sm">Logout</a>
196 |                         <?php else: ?>
197 |                             <button onclick="toggleLoginModal(true)" class="bg-blue-500 hover:bg-blue-600 text-white font-bold py-2 px-4 rounded-md text-sm">Login</button>
198 |                         <?php endif; ?>
199 |                     <?php endif; ?>
200 |                     <button id="theme-toggle" type="button" class="text-gray-500 dark:text-gray-400 hover:bg-gray-100 dark:hover:bg-gray-700 focus:outline-none focus:ring-4 focus:ring-gray-200 dark:focus:ring-gray-700 rounded-lg text-sm p-2.5">
201 |                         <svg id="theme-toggle-dark-icon" class="hidden w-5 h-5" fill="currentColor" viewBox="0 0 20 20" xmlns="http://www.w3.org/2000/svg"><path d="M17.293 13.293A8 8 0 016.707 2.707a8.001 8.001 0 1010.586 10.586z"></path></svg>
202 |                         <svg id="theme-toggle-light-icon" class="hidden w-5 h-5" fill="currentColor" viewBox="0 0 20 20" xmlns="http://www.w3.org/2000/svg"><path d="M10 2a1 1 0 011 1v1a1 1 0 11-2 0V3a1 1 0 011-1zm4 8a4 4 0 11-8 0 4 4 0 018 0zm-.464 4.95l.707.707a1 1 0 001.414-1.414l-.707-.707a1 1 0 00-1.414 1.414zm2.12-10.607a1 1 0 010 1.414l-.706.707a1 1 0 11-1.414-1.414l.707-.707a1 1 0 011.414 0zM17 11a1 1 0 100-2h-1a1 1 0 100 2h1zm-7 4a1 1 0 011 1v1a1 1 0 11-2 0v-1a1 1 0 011-1zM5.05 6.464A1 1 0 106.465 5.05l-.708-.707a1 1 0 00-1.414 1.414l.707.707zm-.707 7.072l.707-.707a1 1 0 10-1.414-1.414l-.707.707a1 1 0 101.414 1.414zM3 11a1 1 0 100 2h1a1 1 0 100-2H3z" fill-rule="evenodd" clip-rule="evenodd"></path></svg>
203 |                     </button>
204 |                 </div>
205 |             </div>
206 | 
207 |             <?php if (!empty($feedbackMessage)): ?>
208 |                 <div class="mb-4 p-4 rounded-md <?= $feedbackType === 'success' ? 'bg-green-100 text-green-800 dark:bg-green-900 dark:text-green-200' : 'bg-red-100 text-red-800 dark:bg-red-900 dark:text-red-200' ?>">
209 |                     <?= $feedbackMessage ?>
210 |                 </div>
211 |             <?php endif; ?>
212 |             
213 |             <p class="text-gray-600 dark:text-gray-400 mb-6">This page lists files in the current directory. You can view content, get download/execute commands for Wget, Curl, or PowerShell, or filter the list using wildcards (e.g., `*.sh`).</p>
214 |             
215 |             <div class="flex flex-col sm:flex-row gap-4 mb-6">
216 |                 <div class="flex-grow">
217 |                     <label for="filterInput" class="block text-sm font-medium text-gray-700 dark:text-gray-300 mb-1">Filter files:</label>
218 |                     <input type="text" id="filterInput" onkeyup="filterFiles()" placeholder="e.g., my_script or *.sh" class="w-full p-2 border border-gray-300 dark:border-gray-600 bg-white dark:bg-gray-700 text-gray-900 dark:text-white rounded-md shadow-sm focus:ring-blue-500 focus:border-blue-500 dark:placeholder-gray-400">
219 |                 </div>
220 |                 <?php if ($isLoggedIn && WRITE_PROTECTION_ENABLED): ?>
221 |                     <div class="flex-shrink-0 self-end">
222 |                         <button onclick="toggleCreateModal(true)" class="w-full sm:w-auto bg-green-500 hover:bg-green-600 text-white font-bold py-2 px-4 rounded-md">Create New File</button>
223 |                     </div>
224 |                 <?php endif; ?>
225 |             </div>
226 | 
227 |             <?php
228 |                 // --- BREADCRUMB NAVIGATION ---
229 |                 echo '<nav class="flex items-center text-sm text-gray-500 dark:text-gray-400 mb-4 p-2 bg-gray-50 dark:bg-gray-700 rounded-md" aria-label="Breadcrumb">';
230 |                 echo '<ol class="inline-flex items-center space-x-1 md:space-x-2 rtl:space-x-reverse">';
231 |                 echo '<li class="inline-flex items-center">';
232 |                 echo '<a href="?path=." class="inline-flex items-center font-medium hover:text-blue-600 dark:hover:text-blue-400">PHPIndex</a>';
233 |                 echo '</li>';
234 |                 $pathParts = ($relativePath !== '.' && $relativePath !== '') ? explode('/', $relativePath) : [];
235 |                 $currentPath = '';
236 |                 foreach ($pathParts as $part) {
237 |                     $currentPath .= $part . '/';
238 |                     echo '<li><div class="flex items-center"><span class="mx-2">/</span>';
239 |                     echo '<a href="?path=' . urlencode(rtrim($currentPath, '/')) . '" class="font-medium hover:text-blue-600 dark:hover:text-blue-400">' . htmlspecialchars($part) . '</a>';
240 |                     echo '</div></li>';
241 |                 }
242 |                 echo '</ol></nav>';
243 |             ?>
244 |             
245 |             <div id="file-list" class="space-y-4">
246 |                 <?php
247 |                 // --- URL & DIRECTORY SCANNING ---
248 |                 $protocol = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') ? "https" : "http";
249 |                 $host = $_SERVER['HTTP_HOST'];
250 |                 $scriptDir = rtrim(dirname($_SERVER['PHP_SELF']), '/\\');
251 |                 $currentSubDir = ($relativePath === '.' || $relativePath === '') ? '' : '/' . str_replace('\\', '/', $relativePath);
252 |                 $fullPathUrl = "{$protocol}://{$host}{$scriptDir}{$currentSubDir}";
253 | 
254 |                 $items = scandir($realPath);
255 |                 $directories = [];
256 |                 $files = [];
257 | 
258 |                 if ($items !== false) {
259 |                     foreach ($items as $item) {
260 |                         if ($item === '.' || $item === '..' || in_array($item, $excludeList)) {
261 |                             continue;
262 |                         }
263 |                         $itemPath = $realPath . DIRECTORY_SEPARATOR . $item;
264 |                         if (is_dir($itemPath)) {
265 |                             $directories[] = $item;
266 |                         } else {
267 |                              $extension = strtolower(pathinfo($item, PATHINFO_EXTENSION));
268 |                              $extensionWithDot = !empty($extension) ? '.' . $extension : '';
269 |                              if (!is_file($itemPath) || ($extensionWithDot && in_array($extensionWithDot, $excludeList))) {
270 |                                 continue;
271 |                              }
272 |                              $files[] = $item;
273 |                         }
274 |                     }
275 |                 }
276 |                 
277 |                 // --- DISPLAY DIRECTORIES ---
278 |                 foreach ($directories as $dir) {
279 |                     $safeDir = htmlspecialchars($dir, ENT_QUOTES, 'UTF-8');
280 |                     $dirPath = ltrim(rtrim($relativePath, '/') . '/' . $dir, './');
281 |                 ?>
282 |                     <a href="?path=<?= urlencode($dirPath) ?>" class="file-entry-card block border border-gray-200 dark:border-gray-700 rounded-lg p-4 transition hover:bg-gray-50 dark:hover:bg-gray-700" data-filename="<?= $safeDir ?>">
283 |                         <div class="font-mono text-gray-700 dark:text-gray-300 break-all">
284 |                             <svg xmlns="http://www.w3.org/2000/svg" class="h-5 w-5 inline-block mr-2 text-yellow-500" viewBox="0 0 20 20" fill="currentColor"><path d="M2 6a2 2 0 012-2h5l2 2h5a2 2 0 012 2v6a2 2 0 01-2 2H4a2 2 0 01-2-2V6z" /></svg>
285 |                             <?= $safeDir ?>
286 |                         </div>
287 |                     </a>
288 |                 <?php
289 |                 }
290 | 
291 |                 // --- DISPLAY FILES ---
292 |                 $fileCount = 0;
293 |                 foreach ($files as $file) {
294 |                     $fileCount++;
295 |                     $safeFile = htmlspecialchars($file, ENT_QUOTES, 'UTF-8');
296 |                     $fullUrl = rtrim($fullPathUrl, '/') . '/' . rawurlencode($file);
297 |                     $fileExtension = strtolower(pathinfo($file, PATHINFO_EXTENSION));
298 |                     $isPowershellFile = in_array($fileExtension, $powershellExtensions);
299 |                     $wgetDownloadCommand = "wget '" . $fullUrl . "'";
300 |                     $wgetExecCommand = "wget -O - '" . $fullUrl . "' | bash";
301 |                     $curlDownloadCommand = "curl -o '" . $safeFile . "' -L '" . $fullUrl . "'";
302 |                     $curlExecCommand = "curl -sL '" . $fullUrl . "' | bash";
303 |                     $psDownloadCommand = "Invoke-WebRequest -Uri '" . $fullUrl . "' -OutFile '" . $safeFile . "'";
304 |                     $psExecCommand = "Invoke-RestMethod -Uri '" . $fullUrl . "' | Invoke-Expression";
305 |                     $initialCommand = $isPowershellFile ? $psDownloadCommand : $wgetDownloadCommand;
306 |                     $langMap = ['sh' => 'bash', 'js' => 'javascript', 'py' => 'python', 'md' => 'markdown'];
307 |                     $languageClass = isset($langMap[$fileExtension]) ? $langMap[$fileExtension] : $fileExtension;
308 |                 ?>
309 |                     <div class="file-entry-card border border-gray-200 dark:border-gray-700 rounded-lg p-4" data-filename="<?= $safeFile ?>">
310 |                          <div class="flex flex-col lg:flex-row lg:items-center justify-between gap-4">
311 |                             <div class="font-mono text-gray-700 dark:text-gray-300 break-all lg:w-1/4">
312 |                                 <svg xmlns="http://www.w3.org/2000/svg" class="h-5 w-5 inline-block mr-2 text-gray-400 dark:text-gray-500" viewBox="0 0 20 20" fill="currentColor"><path fill-rule="evenodd" d="M4 4a2 2 0 012-2h4.586A2 2 0 0112 2.586L15.414 6A2 2 0 0116 7.414V16a2 2 0 01-2 2H6a2 2 0 01-2-2V4zm2 6a1 1 0 011-1h6a1 1 0 110 2H7a1 1 0 01-1-1zm1 3a1 1 0 100 2h6a1 1 0 100-2H7z" clip-rule="evenodd" /></svg>
313 |                                 <?= $safeFile ?>
314 |                             </div>
315 |                             <div class="flex flex-col sm:flex-row sm:items-center gap-2 w-full lg:w-3/4" id="command-ui-<?= $fileCount ?>">
316 |                                 <div class="flex-shrink-0 flex items-center gap-2">
317 |                                     <select class="tool-select p-2 border border-gray-300 dark:border-gray-600 bg-white dark:bg-gray-700 text-gray-900 dark:text-white rounded-md shadow-sm focus:ring-blue-500 focus:border-blue-500" onchange="updateCommand(this)">
318 |                                         <option value="wget" <?= !$isPowershellFile ? 'selected' : '' ?>>Wget</option>
319 |                                         <option value="curl">Curl</option>
320 |                                         <option value="ps" <?= $isPowershellFile ? 'selected' : '' ?>>PowerShell</option>
321 |                                     </select>
322 |                                     <select class="action-select p-2 border border-gray-300 dark:border-gray-600 bg-white dark:bg-gray-700 text-gray-900 dark:text-white rounded-md shadow-sm focus:ring-blue-500 focus:border-blue-500" onchange="updateCommand(this)">
323 |                                         <option value="download" selected>Download</option>
324 |                                         <option value="execute">Execute</option>
325 |                                     </select>
326 |                                 </div>
327 |                                 <div class="flex items-center gap-2 w-full command-display"
328 |                                      data-wget-download="<?= htmlspecialchars($wgetDownloadCommand) ?>" data-wget-execute="<?= htmlspecialchars($wgetExecCommand) ?>"
329 |                                      data-curl-download="<?= htmlspecialchars($curlDownloadCommand) ?>" data-curl-execute="<?= htmlspecialchars($curlExecCommand) ?>"
330 |                                      data-ps-download="<?= htmlspecialchars($psDownloadCommand) ?>" data-ps-execute="<?= htmlspecialchars($psExecCommand) ?>">
331 |                                     <pre class="bg-gray-800 dark:bg-gray-900 text-white text-sm p-2 rounded-md overflow-x-auto w-full"><code class="command-code"><?= htmlspecialchars($initialCommand) ?></code></pre>
332 |                                     <button class="copy-button bg-green-500 hover:bg-green-600 text-white font-bold py-2 px-3 rounded-md transition-all duration-200 flex-shrink-0" onclick="copyCommand(this)" title="Copy to clipboard">Copy</button>
333 |                                 </div>
334 |                             </div>
335 |                         </div>
336 |                         <div class="mt-4 flex flex-wrap gap-2 items-center">
337 |                             <details class="w-full">
338 |                                 <summary class="cursor-pointer text-blue-600 dark:text-blue-400 hover:underline select-none inline-block">View Content</summary>
339 |                                 <div class="mt-2 border dark:border-gray-600 rounded-md">
340 |                                     <pre class="text-sm overflow-auto" style="max-height: 400px;"><code class="language-<?= $languageClass ?>"><?= htmlspecialchars(file_get_contents($realPath . DIRECTORY_SEPARATOR . $file)); ?></code></pre>
341 |                                 </div>
342 |                             </details>
343 |                              <?php if ($isLoggedIn && WRITE_PROTECTION_ENABLED): ?>
344 |                                 <div class="ml-auto flex gap-2">
345 |                                     <button onclick="openEditModal('<?= $safeFile ?>')" class="text-sm bg-yellow-500 hover:bg-yellow-600 text-white font-bold py-1 px-3 rounded-md">Edit</button>
346 |                                     <button onclick="openDeleteModal('<?= $safeFile ?>')" class="text-sm bg-red-500 hover:bg-red-600 text-white font-bold py-1 px-3 rounded-md">Delete</button>
347 |                                 </div>
348 |                             <?php endif; ?>
349 |                         </div>
350 |                     </div>
351 |                 <?php
352 |                 }
353 | 
354 |                 echo '<div id="no-results" class="text-center text-gray-500 dark:text-gray-400 p-8 bg-gray-50 dark:bg-gray-700 rounded-lg" style="display: none;"><p>No items found that match your filter.</p></div>';
355 | 
356 |                 if (count($directories) === 0 && count($files) === 0) {
357 |                     echo '<div class="text-center text-gray-500 dark:text-gray-400 p-8 bg-gray-50 dark:bg-gray-700 rounded-lg"><p>This directory is empty.</p></div>';
358 |                 }
359 |                 ?>
360 |             </div>
361 |             
362 |             <footer class="text-center text-sm text-gray-500 dark:text-gray-400 mt-8 pt-6 border-t dark:border-gray-700">
363 |                 <div class="flex items-center justify-center gap-4">
364 |                     <a href="https://github.com/danmed/PHPIndex" target="_blank" rel="noopener noreferrer" class="flex items-center gap-2 hover:text-blue-500 dark:hover:text-blue-400 transition">
365 |                         <svg class="w-5 h-5" fill="currentColor" viewBox="0 0 24 24" xmlns="http://www.w3.org/2000/svg" aria-hidden="true"><path fill-rule="evenodd" d="M12 2C6.477 2 2 6.477 2 12c0 4.418 2.865 8.168 6.839 9.492.5.092.682-.217.682-.482 0-.237-.009-.868-.014-1.703-2.782.605-3.369-1.343-3.369-1.343-.454-1.158-1.11-1.466-1.11-1.466-.908-.62.069-.608.069-.608 1.003.07 1.531 1.032 1.531 1.032.892 1.53 2.341 1.088 2.91.832.092-.647.35-1.088.636-1.338-2.22-.253-4.555-1.113-4.555-4.951 0-1.093.39-1.988 1.031-2.688-.103-.253-.446-1.272.098-2.65 0 0 .84-.27 2.75 1.026A9.564 9.564 0 0112 6.844c.85.004 1.705.115 2.504.337 1.909-1.296 2.747-1.027 2.747-1.027.546 1.379.203 2.398.1 2.651.64.7 1.03 1.595 1.03 2.688 0 3.848-2.338 4.695-4.566 4.943.359.309.678.92.678 1.855 0 1.338-.012 2.419-.012 2.747 0 .268.18.58.688.482A10.001 10.001 0 0022 12c0-5.523-4.477-10-10-10z" clip-rule="evenodd" /></svg>
366 |                         PHPIndex v1.6
367 |                     </a>
368 |                 </div>
369 |                 <p class="mt-2">Released under the MIT License.</p>
370 |             </footer>
371 | 
372 |         </div>
373 |     </div>
374 | 
375 |     <?php if (WRITE_PROTECTION_ENABLED): ?>
376 |     <!-- Login Modal -->
377 |     <div id="login-modal" class="modal-overlay fixed inset-0 bg-black bg-opacity-50 z-50 flex items-center justify-center p-4 hidden opacity-0">
378 |         <div class="bg-white dark:bg-gray-800 rounded-lg shadow-xl p-6 w-full max-w-sm">
379 |             <h2 class="text-xl font-bold text-gray-800 dark:text-gray-200 mb-4">Admin Login</h2>
380 |             <form method="POST" action="">
381 |                 <input type="hidden" name="login" value="1">
382 |                 <div class="mb-4">
383 |                     <label for="password" class="block text-sm font-medium text-gray-700 dark:text-gray-300">Password</label>
384 |                     <input type="password" name="password" id="password" required class="mt-1 w-full p-2 border border-gray-300 dark:border-gray-600 bg-white dark:bg-gray-700 text-gray-900 dark:text-white rounded-md shadow-sm focus:ring-blue-500 focus:border-blue-500">
385 |                 </div>
386 |                 <div class="flex justify-end gap-3">
387 |                     <button type="button" onclick="toggleLoginModal(false)" class="bg-gray-300 hover:bg-gray-400 text-gray-800 font-bold py-2 px-4 rounded-md">Cancel</button>
388 |                     <button type="submit" class="bg-blue-500 hover:bg-blue-600 text-white font-bold py-2 px-4 rounded-md">Login</button>
389 |                 </div>
390 |             </form>
391 |         </div>
392 |     </div>
393 | 
394 |     <!-- Create/Edit Modals -->
395 |     <div id="create-modal" class="modal-overlay fixed inset-0 bg-black bg-opacity-50 z-50 flex items-center justify-center p-4 hidden opacity-0">
396 |         <div class="bg-white dark:bg-gray-800 rounded-lg shadow-xl p-6 w-full max-w-2xl">
397 |             <h2 class="text-xl font-bold text-gray-800 dark:text-gray-200 mb-4">Create New File</h2>
398 |             <form method="POST" action="?path=<?= urlencode($relativePath) ?>">
399 |                 <input type="hidden" name="create_file" value="1">
400 |                 <input type="hidden" name="csrf_token" value="<?= $_SESSION['csrf_token'] ?? '' ?>">
401 |                 <div class="mb-4">
402 |                     <label for="create-filename" class="block text-sm font-medium text-gray-700 dark:text-gray-300">Filename</label>
403 |                     <input type="text" name="filename" id="create-filename" required placeholder="e.g., new_script.sh" class="mt-1 w-full p-2 border border-gray-300 dark:border-gray-600 bg-white dark:bg-gray-700 text-gray-900 dark:text-white rounded-md shadow-sm focus:ring-blue-500 focus:border-blue-500">
404 |                 </div>
405 |                 <div class="mb-4">
406 |                     <label for="create-file_content" class="block text-sm font-medium text-gray-700 dark:text-gray-300">Content</label>
407 |                     <textarea name="file_content" id="create-file_content" rows="10" class="mt-1 w-full p-2 border border-gray-300 dark:border-gray-600 bg-white dark:bg-gray-700 text-gray-900 dark:text-white rounded-md shadow-sm focus:ring-blue-500 focus:border-blue-500 font-mono text-sm"></textarea>
408 |                 </div>
409 |                 <div class="flex justify-end gap-3">
410 |                     <button type="button" onclick="toggleCreateModal(false)" class="bg-gray-300 hover:bg-gray-400 text-gray-800 font-bold py-2 px-4 rounded-md">Cancel</button>
411 |                     <button type="submit" class="bg-green-500 hover:bg-green-600 text-white font-bold py-2 px-4 rounded-md">Create File</button>
412 |                 </div>
413 |             </form>
414 |         </div>
415 |     </div>
416 | 
417 |      <div id="edit-modal" class="modal-overlay fixed inset-0 bg-black bg-opacity-50 z-50 flex items-center justify-center p-4 hidden opacity-0">
418 |         <div class="bg-white dark:bg-gray-800 rounded-lg shadow-xl p-6 w-full max-w-2xl">
419 |             <h2 class="text-xl font-bold text-gray-800 dark:text-gray-200 mb-4">Edit File: <span id="edit-filename-display" class="font-mono"></span></h2>
420 |             <form method="POST" action="?path=<?= urlencode($relativePath) ?>">
421 |                 <input type="hidden" name="edit_file" value="1">
422 |                 <input type="hidden" name="filename" id="edit-filename-input">
423 |                 <input type="hidden" name="csrf_token" value="<?= $_SESSION['csrf_token'] ?? '' ?>">
424 |                 <div class="mb-4">
425 |                     <label for="edit-file-content" class="block text-sm font-medium text-gray-700 dark:text-gray-300">Content</label>
426 |                     <textarea name="file_content" id="edit-file-content" rows="15" class="mt-1 w-full p-2 border border-gray-300 dark:border-gray-600 bg-white dark:bg-gray-700 text-gray-900 dark:text-white rounded-md shadow-sm focus:ring-blue-500 focus:border-blue-500 font-mono text-sm"></textarea>
427 |                 </div>
428 |                 <div class="flex justify-end gap-3">
429 |                     <button type="button" onclick="toggleEditModal(false)" class="bg-gray-300 hover:bg-gray-400 text-gray-800 font-bold py-2 px-4 rounded-md">Cancel</button>
430 |                     <button type="submit" class="bg-yellow-500 hover:bg-yellow-600 text-white font-bold py-2 px-4 rounded-md">Save Changes</button>
431 |                 </div>
432 |             </form>
433 |         </div>
434 |     </div>
435 |     
436 |     <div id="delete-modal" class="modal-overlay fixed inset-0 bg-black bg-opacity-50 z-50 flex items-center justify-center p-4 hidden opacity-0">
437 |         <div class="bg-white dark:bg-gray-800 rounded-lg shadow-xl p-6 w-full max-w-md">
438 |             <h2 class="text-xl font-bold text-gray-800 dark:text-gray-200 mb-4">Confirm Deletion</h2>
439 |             <p class="text-gray-600 dark:text-gray-400 mb-6">Are you sure you want to delete the file <strong id="delete-filename-display" class="font-mono"></strong>? This action cannot be undone.</p>
440 |             <form method="POST" action="?path=<?= urlencode($relativePath) ?>">
441 |                 <input type="hidden" name="delete_file" value="1">
442 |                 <input type="hidden" name="filename" id="delete-filename-input">
443 |                 <input type="hidden" name="csrf_token" value="<?= $_SESSION['csrf_token'] ?? '' ?>">
444 |                 <div class="flex justify-end gap-3">
445 |                     <button type="button" onclick="toggleDeleteModal(false)" class="bg-gray-300 hover:bg-gray-400 text-gray-800 font-bold py-2 px-4 rounded-md">Cancel</button>
446 |                     <button type="submit" class="bg-red-500 hover:bg-red-600 text-white font-bold py-2 px-4 rounded-md">Delete File</button>
447 |                 </div>
448 |             </form>
449 |         </div>
450 |     </div>
451 |     <?php endif; ?>
452 | 
453 |     <!-- Prism.js for Syntax Highlighting -->
454 |     <script src="https://cdnjs.cloudflare.com/ajax/libs/prism/1.29.0/components/prism-core.min.js"></script>
455 |     <script src="https://cdnjs.cloudflare.com/ajax/libs/prism/1.29.0/plugins/autoloader/prism-autoloader.min.js"></script>
456 | 
457 |     <script>
458 |         function filterFiles() {
459 |             const filterValue = document.getElementById('filterInput').value;
460 |             const entries = document.querySelectorAll('.file-entry-card');
461 |             const noResultsMessage = document.getElementById('no-results');
462 |             let visibleCount = 0;
463 |             const regex = new RegExp(filterValue.replace(/\*/g, '.*'), 'i');
464 | 
465 |             entries.forEach(card => {
466 |                 const filename = card.dataset.filename;
467 |                 if (regex.test(filename)) {
468 |                     card.style.display = 'block';
469 |                     visibleCount++;
470 |                 } else {
471 |                     card.style.display = 'none';
472 |                 }
473 |             });
474 |             noResultsMessage.style.display = visibleCount === 0 ? 'block' : 'none';
475 |         }
476 | 
477 |         function updateCommand(selectEl) {
478 |             const commandUiContainer = selectEl.closest('[id^="command-ui-"]');
479 |             if (!commandUiContainer) { console.error("Could not find command UI container."); return; }
480 |             const activeTool = commandUiContainer.querySelector('.tool-select').value;
481 |             const activeAction = commandUiContainer.querySelector('.action-select').value;
482 |             const commandDisplayContainer = commandUiContainer.querySelector('.command-display');
483 |             const codeEl = commandDisplayContainer.querySelector('.command-code');
484 |             const commandKey = `data-${activeTool}-${activeAction}`;
485 |             const newCommand = commandDisplayContainer.getAttribute(commandKey);
486 |             if (codeEl && newCommand) { codeEl.innerText = newCommand; }
487 |         }
488 | 
489 |         function copyCommand(copyButtonEl) {
490 |             const textarea = document.createElement('textarea');
491 |             const codeElement = copyButtonEl.previousElementSibling.querySelector('code');
492 |             if (!codeElement) { console.error('Command code element not found.'); return; }
493 |             textarea.value = codeElement.innerText;
494 |             document.body.appendChild(textarea);
495 |             textarea.select();
496 |             try {
497 |                 document.execCommand('copy');
498 |                 copyButtonEl.innerText = 'Copied!';
499 |                 copyButtonEl.classList.add('copied');
500 |                 setTimeout(() => {
501 |                     copyButtonEl.innerText = 'Copy';
502 |                     copyButtonEl.classList.remove('copied');
503 |                 }, 2000);
504 |             } catch (err) {
505 |                 console.error('Failed to copy text: ', err);
506 |                 alert('Oops, unable to copy');
507 |             } finally {
508 |                 document.body.removeChild(textarea);
509 |             }
510 |         }
511 | 
512 |         const loginModal = document.getElementById('login-modal');
513 |         const createModal = document.getElementById('create-modal');
514 |         const editModal = document.getElementById('edit-modal');
515 |         const deleteModal = document.getElementById('delete-modal');
516 | 
517 |         function toggleModal(modal, show) {
518 |             if (!modal) return;
519 |             if (show) {
520 |                 modal.classList.remove('hidden');
521 |                 setTimeout(() => modal.classList.remove('opacity-0'), 10);
522 |             } else {
523 |                 modal.classList.add('opacity-0');
524 |                 setTimeout(() => modal.classList.add('hidden'), 300);
525 |             }
526 |         }
527 | 
528 |         function toggleLoginModal(show) { toggleModal(loginModal, show); }
529 |         function toggleCreateModal(show) { toggleModal(createModal, show); }
530 |         function toggleEditModal(show) { toggleModal(editModal, show); }
531 |         function toggleDeleteModal(show) { toggleModal(deleteModal, show); }
532 | 
533 |         async function openEditModal(filename) {
534 |             const contentTextarea = document.getElementById('edit-file-content');
535 |             contentTextarea.value = 'Loading...';
536 |             document.getElementById('edit-filename-display').innerText = filename;
537 |             document.getElementById('edit-filename-input').value = filename;
538 |             toggleEditModal(true);
539 | 
540 |             try {
541 |                 const response = await fetch(`?fetch_content=true&path=<?= urlencode($relativePath) ?>&file=${encodeURIComponent(filename)}`);
542 |                 if(response.ok) {
543 |                     const text = await response.text();
544 |                     contentTextarea.value = text;
545 |                 } else {
546 |                     contentTextarea.value = 'Error loading file content.';
547 |                 }
548 |             } catch (error) {
549 |                 console.error('Fetch error:', error);
550 |                 contentTextarea.value = 'Error loading file content.';
551 |             }
552 |         }
553 | 
554 |         function openDeleteModal(filename) {
555 |             document.getElementById('delete-filename-display').innerText = filename;
556 |             document.getElementById('delete-filename-input').value = filename;
557 |             toggleDeleteModal(true);
558 |         }
559 |         
560 |         const themeToggleBtn = document.getElementById('theme-toggle');
561 |         const themeToggleDarkIcon = document.getElementById('theme-toggle-dark-icon');
562 |         const themeToggleLightIcon = document.getElementById('theme-toggle-light-icon');
563 | 
564 |         function initializeTheme() {
565 |             if (localStorage.getItem('color-theme') === 'dark' || (!('color-theme' in localStorage) && window.matchMedia('(prefers-color-scheme: dark)').matches)) {
566 |                 document.documentElement.classList.add('dark');
567 |                 themeToggleLightIcon.classList.remove('hidden');
568 |             } else {
569 |                 document.documentElement.classList.remove('dark');
570 |                 themeToggleDarkIcon.classList.remove('hidden');
571 |             }
572 |         }
573 |         
574 |         themeToggleBtn.addEventListener('click', function() {
575 |             themeToggleDarkIcon.classList.toggle('hidden');
576 |             themeToggleLightIcon.classList.toggle('hidden');
577 |             if (document.documentElement.classList.contains('dark')) {
578 |                 document.documentElement.classList.remove('dark');
579 |                 localStorage.setItem('color-theme', 'light');
580 |             } else {
581 |                 document.documentElement.classList.add('dark');
582 |                 localStorage.setItem('color-theme', 'dark');
583 |             }
584 |         });
585 | 
586 |         initializeTheme();
587 |     </script>
588 | </body>
589 | </html>
590 | 
591 | 


--------------------------------------------------------------------------------