PHP在线文件管理源码

一个简单的php版文件管理源码(可限制管理目录,防止访问未授权的页面;支持上传、删除、下载)

源码改编自网络,修复了文件大小显示bug,增加限制访问路径为php文件所在目录的上一级目录。源码简单可定制化程度高

<?php
error_reporting(0);
$filemanage_dir=dirname(dirname(__FILE__));// $filemanage_dir 设置限制目录,最多管理到本文件位置的上一级目录,防止管理到c盘或其他位置!
/* 上传文件 */
function upfile($file_var,$tofile,$filepath){
  /* 参数说明:	
  */
  if(!is_writable($filepath)){
    echo"$filepath 目录不存在或不可写";
    return false;
    exit;
  }
  //echo $_FILES["$file_var"]['name'];
  $Filetype=substr(strrchr($_FILES["$file_var"]['name'],"."),1); 
  ($tofile==='')?($uploadfile = $_FILES["$file_var"]['name']):($uploadfile = $tofile.".".$Filetype);//文件名
     $Array[tofile] = $tofile.'.'.$Filetype;
   $Array[oldfile]= $_FILES["$file_var"]['name'];
  if(!($uploadfile==='')){
    if (!is_uploaded_file($_FILES["$file_var"]['tmp_name'])){
             echo $_FILES["$file_var"]['tmp_name']." 上传失败.";
       return false;
             exit;
    }

    if(file_exists($filepath.'/'.$uploadfile) ) {
    echo"<script>alert(\"文件已存在,上传失败!\")</script>";	
    return false;
             exit;
  }	
      if (!move_uploaded_file($_FILES["$file_var"]['tmp_name'],$filepath.'/'.$uploadfile)){
             echo "上传失败。错误信息:\n";
             print_r($_FILES);
             exit;
       }else{
       return $Array;
       }
  }else{
    return false;
  echo"无法上传";
  }
}
/* 获取文件大小 */
function getSize(&$fs)
{
  if($fs<1024)
    return $fs."Byte";
  elseif($fs>=1024&&$fs<1024*1024)
    return @number_format($fs/1024, 3)." KB";
  elseif($fs>=1024*1024 && $fs<1024*1024*1024)
    return @number_format($fs/(1024*1024), 3)." M";
  elseif($fs>=1024*1024*1024)
    return @number_format($fs/(1024*1024*1024), 3)." G";
}
// 下载文件
if ($_GET['downfile']) {
  $downfile=$_GET['downfile'];
  if (!@is_file($downfile)) {
    echo "<script>alert(\"你要下的文件不存在\")</script>";
  }
  $filename = basename($downfile);
  $filename_info = explode('.', $filename);
  $fileext = $filename_info[count($filename_info)-1];
  header('Content-type: application/x-'.$fileext);
  header('Content-Disposition: attachment; filename='.$filename);
  header('Content-Description: PHP3 Generated Data');
  readfile($downfile);
  exit;
}

// 删除文件
if(@$_GET['delfile']!="") {
  
  $delfile=$_GET['delfile'];
  if(file_exists($delfile)) {
    @unlink($delfile);	
  } else {
    $exists="1";
    echo "<script>alert(\"文件已不存在\")</script>";
  }
  if(!file_exists($delfile)&&$exists!="1") {
    echo"<script>alert(\"删除成功\")</script>";
  } else {
    echo"<script>alert(\"删除失败\")</script>";
  }
  
}
/* 检测当前目录值 */   //需要再次做限制,防止访问到web目录外面
$CurrentPath	= $_POST['path']?$_POST['path']:($_GET['path']?$_GET['path']:false);
if($CurrentPath===false)
{
  $CurrentPath	= dirname(__FILE__);
}
$CurrentPath	= realpath(str_replace('\\','/',$CurrentPath));

/*
echo '<br> 被分割路径'.$CurrentPath;

echo '<br> 分割标准'.dirname(dirname(__FILE__));
*/
$iden_dir=explode($filemanage_dir,$CurrentPath);// 利用权限路径分割
$CurrentPath==$iden_dir[0]?($CurrentPath = $filemanage_dir):'';

if(strlen($filemanage_dir)>strlen($CurrentPath)){//长度不能防止访问别的分区!
  $CurrentPath	= $filemanage_dir;// 设置限制,最多管理到本文件位置的上一级目录
  
}

/* 检查完毕 */
/* 新建 目录 */
//if($_POST['dirname'])
  if($_GET['dirname'])
{
  //$newdir	= $CurrentPath."/".$_POST['dirname'];
  $newdir	= $_GET['dirname'];//目录限制	
  $iden_dir0=explode($filemanage_dir,$newdir);// 利用权限路径分割
$newdir==$iden_dir0[0]?($newdir = $filemanage_dir):'';

  if(is_dir($newdir))
  {
    echo"<script>alert(\"此目录名已经存在! 或目录非法!\")</script>";
    //exit;
  }else {
    if(mkdir($newdir,0700))
    {
      echo"<script>alert(\"创建成功!\")</script>";
    }else {
      echo "<script>alert(\"创建失败!\")</script>";
    }
  }
}
/* 上传文件 */
if($_POST['upload'])
{
  //if(!(upfile("upfiles",$_POST['fname'],$CurrentPath)))// 上传并重命名
    if(!(upfile("upfiles",'',$CurrentPath)))
  {
    echo"<script>alert(\"上传失败!\")</script>";
  }else {
    echo "<script>alert(\"上传成功!\")</script>";
  }
}
?>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<title>FileContral</title>
<style type="text/css">
<!--
body {
  font-family: "宋体";
  font-size: 12px;
  margin-left: 0px;
  margin-top: 0px;
}
table {
  font-family: "宋体";
  font-size: 12px;
  text-decoration: none;
}
.bold_blue {
  color: #003399;
  font-weight: bold;
}
input {
  border-right-width: 0.1mm;
  border-bottom-width: 0.1mm;
  border-top-style: none;
  border-right-style: solid;
  border-bottom-style: solid;
  border-left-style: none;
  border-right-color: #CCCCCC;
  border-bottom-color: #CCCCCC;
} 
li{
  float:left;
  padding:3px;
  width:98%;
  font-size:14px;
  list-style:none;
}
li .div-a1{ float:left;width:46%;text-algin:center;} 
li .div-a2{ float:left;width:22%;} 
li .div-a3{ float:left;width:14%;} 
li .div-a4{ float:left;width:14%;} 
-->
</style>
</head>
<body>
<table width="770" border="0" align="center" cellpadding="5" cellspacing="0">
<tr> <td align="center" bgcolor="#00BFF5"><font color="White" size="5">网站文件管理</font> </td></tr>
  <tr><td bgcolor="#DDDDDD">
  <table width="100%" height="100%" border="0" cellpadding="5" cellspacing="2" bgcolor="#F5F5F5">
      <tr><form name="form1" method="post" action="">
        <td><span class="bold_blue"><strong>目录</strong>:</span>  <input style="width:450px" name="path" type="text" id="path" value="<?php echo $CurrentPath;?>">
          <input type="submit" name="Submit" value="跳 转">&nbsp; <input type="button" name="button" onclick="create_dir()" value="新建目录"></td></form>
      </tr>
    </table>
    </td></tr>
  
 <tr><td bgcolor="#00BFF5">
<form name="form3" method="post" action="" enctype="multipart/form-data">
<span class="bold_blue"><strong>上传文件</strong>:</span> 
<input name="upfiles" type="file" id="upfiles">  
 <input type="submit" name="upload" value="上 传"></form>
</td></tr>

<tr><td bgcolor="#DDDDDD"><ul>
<?php
$fso=@opendir($CurrentPath);
while ($file=@readdir($fso)) {
  $fullpath	= "$CurrentPath/$file";
  $is_dir		= @is_dir($fullpath);
  if($is_dir=="1"){
  if($file!=".."&&$file!=".")	{
    echo "<li><a href=\"?path=".urlencode($CurrentPath)."/".urlencode($file)."\"><img src='../images/timg.png' width='16px'>$file</a></li>";
  } else {
    if($file=="..")
    {
      echo "<li><a href=\"?path=".urlencode($CurrentPath)."/".urlencode($file)."\">返回上级目录</a></li>";
    }
  }
  }
}
@closedir($fso); 
?>
<li ><div class="div-a1">文件名</div><div class="div-a2">修改日期</div><div class="div-a3">文件大小</div><div class="div-a4">操作</div></li>
<?php
$fso=@opendir($CurrentPath);
while ($file=@readdir($fso)) {
  $fullpath	= "$CurrentPath/$file";
  $is_dir		= @is_dir($fullpath);
  if($is_dir=="0"){
  $size=@filesize("$CurrentPath/$file");
  $size=@getSize($size);
  $lastsave=@date("Y-n-d H:i:s",filemtime("$CurrentPath/$file"));
    echo "<li>";
    echo "<div class=\"div-a1\">◇ $file</div>";
  echo "<div class=\"div-a2\">$lastsave</div>";
    echo " <div class=\"div-a3\">$size</div>";
  echo " <div class=\"div-a4\"><a href=\"?downfile=".urlencode($CurrentPath)."/".urlencode($file)."\">下载</a> | <a href=\"?path=".urlencode($CurrentPath)."&delfile=".urlencode($CurrentPath)."/".urlencode($file)."\">删除</a></div>";
  echo "</li>";
  }
}
@closedir($fso); 
?>
</ul></td></tr></table>
 <script>
function create_dir() {
  path=document.getElementById('path').value; 
document.location="?dirname="+path;
} 
 </script>
</body>
</html>

?

基于互联网精神,在注明出处的前提下本站文章可自由转载!

本文链接:https://ranjuan.cn/php在线文件管理源码/

赞赏

微信赞赏支付宝赞赏

宝塔docker-compose安装mindoc
php压缩文件之pclzip(全站备份)
路由器与交换机的区别