- <?php
- function base64url_encode($data) {
- return rtrim(strtr(base64_encode($data), '+/', '-_'), '=');
- }
- function base64url_decode($data) {
- return base64_decode(str_pad(strtr($data, '-_', '+/'), strlen($data) % 4, '=', STR_PAD_RIGHT));
- }
- function array_verify($var)
- {
- return isset($var)&&is_array($var) && count($var)>0;
- }
- function format_file_size($var)
- {
- if($var<1024) return $var.' B';
- if($var<1048576) return ($var/1024.0).' K';
- if($var<1073741824) return ($var/1048576.0).' M';
- return ($var/1073741824.0).' G';
- }
- $dir="F:";//不以/结尾
- $path="";
- if(array_verify($_GET)&&isset($_GET["path"]))
- {
- $path=base64url_decode($_GET["path"]);
- preg_match("#^[^/].*$|^.*\\.$|^\\..*$|\\./\\.|/\\.|\\./#",$path,$temp);
- if(array_verify($temp))
- {
- echo
- '<html>
- <head>
- <meta http-equiv="content-type" content="text/html;charset=gb2312" />
- <body>';
- echo "警告 index.php?path=".$_GET["path"]." 非法url<br/></body></html>";
- exit;
- }
- $path=preg_replace("#[/\\/]{2,}#","/",$path);
- }
- if(is_dir($dir.$path))
- {
- echo '<html>
- <head>
- <meta http-equiv="content-type" content="text/html;charset=gb2312" />
- <body>';
- echo "目录 <b>".$path."</b><br/><br/>";
- $dir_res=opendir($dir.$path);
- while($filen=readdir($dir_res))
- {
- if($filen!='.'&&$filen!='..')
- {
- if(is_file($dir.$path.'/'.$filen))
- {
- echo '<a href="index.php?path='.base64url_encode($path.'/'.$filen).'" >'.$filen.'</a> ('.format_file_size(filesize($dir.$path.'/'.$filen)).")<br/>\\n";
- }else
- {
- echo '<a href="index.php?path='.base64url_encode($path.'/'.$filen).'" >'.$filen."</a><br/>\\n";
- }
- }else if($filen=='..')
- {
- preg_match("#([^/]+/{1})*[^/]+(?=/)#",$path,$parent);
- if(array_verify($parent))
- {
- echo '<a href="index.php?path='.base64url_encode('/'.$parent[0]).'" >'.$filen."</a><br/>\\n";
- }else
- {
- echo '<a href="index.php?path='.base64url_encode('/').'" >'.$filen."</a><br/>\\n";
- }
- }
- }
- echo '</body>
- </html>';
- }
- else if(is_file($dir.$path))
- {
- $file_size = filesize($dir.$path);
- header("Content-type: application/octet-stream");
- header("Accept-Ranges: bytes");
- header("Accept-Length: ".$file_size);
- Header("Content-Disposition: attachment; filename=".basename($dir.$path));
- readfile($dir.$path);//大文件请选择其他方式
- }else
- echo "警告:非法访问!";
- ?>
- //该片段来自于http://www.codesnippet.cn/detail/290420149395.html
来源: http://www.codesnippet.cn/detail/290420149395.html