phpFileManager

phpFileManager is a complete filesystem management tool on a single file.

This is a tool meant for rapid file access, and also to verify the server php configuration and security.
The script can be renamed and deployed on an unique known url, and offers password protection.

Features:

. directory tree, with ajax loading
. copy/move/delete/create/rename/edit/view/chmod files and folders
. symlink/hardlink support, directly integrated on the interface
. tar/zip/bzip/gzip compression formats, with quick ZIP download button
. code editor with syntax highlight, using Ace and Monokai theme
. shell terminal emulator
. portscan using PHP sockets
. server info
. multiple uploads
. password protection
. works on linux/mac/windows
. compatible with all PHP versions
. translations included for english/portuguese/spanish/catalan/chinese
/dutch/french/german/italian/korean/russian/polish/turkish/ukrainian

Official Releases:

https://sourceforge.net/projects/phpfm
https://github.com/dulldusk/phpfm

Online Demo:

http://phpfm-demo.dulldusk.com
Feel free to mess around! This is a public demo installation, and will reset itself every hour.

If you want to learn how i created this demo, here is the code!

phpFileManager online demo gather statistics using revolvermaps.com and shows that people all over the world like it!

License:

phpFileManager is free software; you can redistribute it and/or modify it
under the terms of any of the following licenses at your choice:

. GNU General Public License Version 2 or later (the “GPL”);
. GNU Lesser General Public License Version 2.1 or later (the “LGPL”);
. Mozilla Public License Version 1.1 or later (the “MPL”).

Give Your Rating!

This is a free, open souce project!
If you liked, please access the sourceforge page and give your rating!

Is it secure?

Short answer. YES! phpFileManager is secure, but you must set a password on it.

The script can be renamed and deployed on an unique known url, that helps you keep it hidden.
But you have to set a password! Obviously!
If you do not, this script will allow any person to access it, that is the default setting.

And that is why i provide this script, with the following disclaimer.

DISCLAIMER

BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING, THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM “AS IS” WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION.

Donation!!

If you like this script, please consider making a donation.
Any amount is well received, and will help me continue giving support and adding new features.

Leave a Reply to dulldusk Cancel reply

Your email address will not be published.

  1. Hello, how are you, would you be able to connect another server remotely and list a certain folder, for example /home/public_html/pasta-desejada
    It would be external access.

      1. Yes, I’m interested.
        What would the value be?
        What would only require what I mentioned, connecting to another server’s folder remotely via sftp.
        I have a system and needed to integrate this function into my system.
        So you don’t have to give the server password to the client.
        But would it be safe to prevent the client from accessing other folders?
        The intention is to specify just one access folder where he can control.

        If possible, I can arrange this extra service with you.

  2. Bonjour,
    Comment éviter à un utilisateur de pouvoir monter dans l’arborescence au dessus d’un répertoire de travail dédié à phpfm (pas obligatoirement celui où est installé phpfm)?
    Cordialement.

    1. C’est une question très commune. Vous devez définir la variable open_basedir sur la configuration PHP de votre serveur Web. Il existe essentiellement 3 façons de procéder. Directement sur php.ini, ou sur le fichier de configuration apache/ngnix, ou en utilisant un fichier .htaccess.

    1. Este año el proyecto cumplirá 20 años. Nadie hace nunca ninguna donación… todo el mundo simplemente informa problemas y solicita nuevas funciones. ¡Pero estoy trabajando en mi tiempo libre y lanzaré una versión conmemorativa 2.0! Actualizado para funcionar con versiones de PHP más nuevas y con algunas características nuevas que siempre quise incluir.

    1. Este año el proyecto cumplirá 20 años. Nadie hace nunca ninguna donación… todo el mundo simplemente informa problemas y solicita nuevas funciones. ¡Pero estoy trabajando en mi tiempo libre y lanzaré una versión conmemorativa 2.0! Actualizado para funcionar con versiones de PHP más nuevas y con algunas características nuevas que siempre quise incluir.

  3. Bonjour,

    J’ai installé le script sur mon serveur LWS , il me retourne la phrase suivante :

    Fatal error: Uncaught Error: Call to undefined function disk_total_space() in /htdocs/manager.php:3164 Stack trace: #0 /htdocs/manager.php(5542): dir_list_form() #1 /htdocs/manager.php(641): frame3() #2 {main} thrown in /htdocs/manager.php on line 3164

    J’ajoute que je l’ai installé sur un autre serveur et il fonctionne super.

    Pouvez-vous je vous m’aider svp?

    Best regards

    WB

  4. Hi there, Love this PHP script. It makes a huge impact on my personal server. I have a question, I can’t upload more then 10MB on a single file. Is there any way to increase it, I’m totally new in scripting, I can’t find any strings that represents upload limit.

    1. Thanks! To increase the upload limit you just have the configuration on your php.ini, search for “max_”, and you will find the upload_max_filesize and post_max_size configurations.

  5. For a project “Test” two subdirectories are defined:
    o UPload
    o DATA
    Does phpfm allow for one defined user, full write access for UPload but read-only access for DATA?
    If so, how can this be done?

    1. Hi Michael, phpfm will always have the access of the running user, you must use linux permitions to limit the writting on the DATA folder. I will contact you by e-mail.

  6. Hallo,
    ist es mit phpfm möglich, für einen User Rechte zu definieren: Für ein Verzeichnis
    Projekt A
    sollen zwei Unterverzeichnisse definiert werden:
    UPload: in dem der User Dateien schreiben und löschen kann;
    DATA: in dem der User Dateien nur lesen kann?
    Wenn ja, wie muss man das definieren?

  7. Quando eu tento usar este script em um servidor com o Certificado SSL HTTPS grátis da Cloudflare (https://www.cloudflare.com) no modo “Flexível” por algum motivo a opção de visualizar as imagens não funciona, as imagens simplesmente não carregam, fica tudo branco.

    1. Oi Sandro! Use F12 no Firefox para ver o console, e verifique o erro. O phpfm sempre faz o seguinte, se a imagem está no doc_root, acessível via http ou https, ele exibe um iframe e exibe ela dentro, usando o link direto. Se a imagem está fora do doc_root, dai ele abre no iframe um link pra ele mesmo, que le o arquivo e exibe no iframe. Isso acontece na function view_form() linha 3682. E acho que ja sei o problema, o Content-Type que ele passa não deve ser de imagem, e dai servidor está bloqueando. Coisa simples de resolver. Fica o desafio para você, ache o bug e poste a solução no GIT do projeto!

  8. Olá dulldusk, eu estou pensando em usar o PhpFileManager em um servidor compartilhado, o nome dele é Profreehost (https://www.profreehost.com) esse serviço de hospedagem oferece hospedagem grátis e ilimitada com suporte a PHP, Mysql etc…O problema é que eu não sei se ele vai funcionar perfeitamente neste servidor por causa da hospedagem compartilhada, por que geralmente esses serviços limitam algumas funções do PHP, Mysql e outras coisas por causa da segurança, alem disso tem a questão da Largura de banda e do limite de upload do PHP, que nesse caso não pode passar de 10 MB, o que você acha?

    1. Oi Lucas. Boa indicação esse servidor grátis da (https://www.profreehost.com). Criei uma conta lá. Tem bastante propaganda internamente no painel, mas não colocam nenhuma propaganda no seu site, uma boa troca. Testei o phpFileManager, funciona perfeitamente. Eu inclusive migrei o demo do script para lá. (http://phpfm-demo.dulldusk.com) O limite de upload de 10Mb é ótimo para um servidor grátis, eu estava usando a (https://www.freehostia.com), que tem limite de apenas 500Kb. E claro, eles bloqueiam algumas funções do php, mas isso é normal por questão de segurança.

  9. Olá dulldusk, eu gostaria de avisar que a opção “Visualizar” não funciona quando o site está com Certificado SSL HTTPS ativado, quando eu tento usar esta opção fica tudo branco e não carrega nada, por favor verifique este erro.

    1. Oi Roberto! A opção “Visualizar” funciona sim quando em HTTPS. Deve ser um caso específico, que acontece no seu servidor (uma variavel de servidor diferente), ou no seu navegador (um bloqueio de plugin). Se quiser me ajudar, podemos descobrir exatamente o que causou esse comportamento, e dai se for possivel eu ajusto o código para resolver ele. Em resumo, o botão visualizar, abre um iframe, que carrega dentro a URL do arquivo. Se o arquivo que voce clicou “visualizar” fica dentro do docroot do site, ele abre a URL do arquivo direto, para ver pelo HTTPD. Se for um arquivo fora do docroot, como por exemplo, /etc/passwd, dai ele abre uma url que chama o phpFileManager, para ler e exibir o arquivo. Usando o F12 do navegador, voce pode ver na aba “network”, exatamente o que ele está tentando carregar. Se quiser ir ao fundo da questão, basta me chamar no e-mail ou Telegram. Abs!

  10. Uma pergunta simples, na fila de opções do sistema existe um botão com o nome “Resolver IDs”, eu clico nele e aparentemente não acontece nada, qual a utilidade desta função exatamente? Agradeço a resposta.

    1. Olá Josivaldo. Esse botão faz o phpFileManager exibir na lista de arquivos, a permissão deles como texto ao invés de numero octal, e o nome do usuário e o nome do grupo, ao invés dos numeros deles no sistema. A permissão é simples converter de numero para texto, mas o nome de usuário e nome de grupo, o phpFileManager tenta ler o /etc/passwd e /etc/group para descobrir. Se para voce não acontece “nada”, é porque seu servidor está configurado para não permitir acesso via PHP a esses arquivos, que é legal para segurança, principalmente em servidores compartilhados, assim ninguém pode saber os nomes de todos os usuários. E nesse caso, ele dai tenta usar ainda as funções posix_getpwuid() e posix_getgrgid() para resolver os nomes, mas elas também devem estar desabilitadas no seu servidor.

  11. Hi,

    Is it possible to automatically rename existing files rather than overwrite them when uploading?

    Thank you.

    1. Oi Marcos! Se o script não rodou no seu servidor, pode ser porque o seu servidor tem configurações de segurança que impedem ele de rodar, e isso é bom! Se você me disser qual HTTPD e PHP esta usando, posso dar uma dica. Mas verifique os logs de erro do PHP e do HTTPD, você vai achar o erro que esta acontecendo.

  12. Olá dulldusk, eu gosto muito do seu sistema de gerenciamento de arquivos em PHP, é muito bem feito, parabéns, continue desenvolvendo, você está indo muito bem 🙂

  13. BITTE VORHERIGEN BEITRAG LÖSCHEN !

    Hallo,

    Ich nutze seit einiger Zeit den Dateimanager auf einem privaten Server. In den Versionen (0.9.3 und 1.6) hatte ich das Problem, dass einige Dateien beim Bearbeiten ein leeres Fenster öffneten. Das passierte nur bei einigen Dateien und ich konnte damit leben.

    Wenn ich in der neuen Version (1.7.8) auf Bearbeiten gehe, bekomme ich immer nach Fehler:

    Schwerwiegender Fehler: Nicht erfasster Fehler: Aufruf der undefinierten Funktion mime_content_type () in /usr/vdv2/filemanager.php:2169 Stapelverfolgung: # 0 / usr / vdv2 / filemanager .php (3819): is_binary (‘/ usr / vdv2 /… ‘) # 1 / usr / vdv2 / filemanager .php (700): edit_file_form () # 2 {main} in /usr/vdv2/filemanager.php in Zeile 2169

    1. Hallo Swen. Ihr Problem ist, dass Sie das PHP-Modul fileinfo nicht aktiviert haben und daher mime_content_type () nicht vorhanden ist. Ich werde in der nächsten Version eine Fallback-Funktion hinzufügen. Wie so ..

      if(!function_exists('mime_content_type')){
          function mime_content_type($path){
              return 'application/octet-stream'; // fallback if mod_fileinfo is not available
          }
      }
      
  14. There’re some hieroglyphs when I open txt, json files for editing,
    1.7.3 didn’t had such problem.

    1. Hi JayJay, please make a ZIP with a file that creates this problem, and send me on my e-mail. I will test it, and if i can reproduce the issue, i am sure i can fix it. As this script is meant to work on multiple languages and charsets, sometimes when we fix something for someone, we endup breaking something for another. I will wait for your reply, thanks for the feedback.

  15. Hi Fabricio,
    another issue I encountered is that for some reason I cannot “Decompress” a zip file in a directory. Although the permissions I have against that dir are 777.
    To prove it even further I can tell you that in the same session and using the phpFileManager I can create a file inside the dir and I can create a directory inside the same dir. The only thing I can’t do is “Decompress” a zip file. I assume by “Decompressing” you mean Unziping the file. I can do it using other file manager or using the console but not with phpFM.
    My question is, do I need to configure or enable something in particular for this to be possible? I’m asking because I like your program and I hate jumping to other tool for decompressing files.
    Please advise.
    Thank you,
    Virgil

    1. Do you have the ZIP php module enabled on your webserver?
      https://www.php.net/manual/en/zip.installation.php

      phpFileManager uses and old custom class that works “fine” for bzip, gzip and tar files, and does not depend on any module.
      But for zip files it uses the ZipArchive class, from the ZIP module, because it works better on all systems.
      line 5413: case 72: // decompress arq …

      This is not a recent issue. Many people have noticed some problems along the years, but is always isolated cases.
      The second item on my “New Features” page is exactly to revise the functions for compression and decompression.
      https://www.dulldusk.com/phpfm/new-features/

      The problem is that nobody makes donations for the project, to help me do it,
      and nobody takes the time to fix it and share the solution with us on GitHub.

      I will release a version 2.0 until next year, and i will do all this fixes, even if no one helps me.

    2. Hola Virgil.
      En uno de mis servidores, (pero solo en uno, en los demás funciona muy bien) me paso lo mismo, no podía descomprimir, ni guardar los cambios de la configuración. Y despues de revisar la configuración observe que por un descuido mio, no tenia el usuario y el grupo correcto: www-data:www-data.

      Este es el comando que use:
      chown -R www-data:www-data /var/www/html/phpfilemanager

      y problema resuelto.

      Saludos.

      Fabricio muchísimas gracias por PHP File Manager

  16. Hi Fabricio,
    First of all, I want to thank you for this tool. It is slim and versatile. And is only one file, w/o any dbase involvement makes it very easy.
    I want to emphasize I’m not a php knowledgeable person. Unfortunately. But I’m trying.
    I have php File Manager v 1.7.9
    What I’m using on my server is nginx 1.16 and php-fpm 7.0.33. For some reason, AWS doesn’t allow me to upgrade the php for now. And, I don’t think I would do it yet because I don’t want to break other stuff.
    Anyway, what I discovered is what they say on the php manual at https://www.php.net/manual/en/function.apache-request-headers.php
    It says:
    **************************************************
    apache_request_headers
    (PHP 4 >= 4.3.0, PHP 5, PHP 7)

    apache_request_headers — Fetch all HTTP request headers

    Description ¶
    apache_request_headers ( void ) : array
    Fetches all HTTP request headers from the current request.

    Return Values ¶
    An associative array of all the HTTP headers in the current request, or FALSE on failure.

    Changelog ¶
    Version Description
    7.3.0 This function became available in the FPM SAPI.
    5.5.7 This function became available in the CLI server.
    5.4.0 This function became available under FastCGI. Previously, it was supported when PHP was installed as an Apache module or by the NSAPI server module in Netscape/iPlanet/SunONE webservers.
    *****************************************
    That means the function will not work until 7.3

    And, yes I have line 8102 if(!function_exists(‘apache_request_headers’)), but I still have the error.

    However, the only solution I was able to find is that I commented out the line 8159 $headers = @apache_request_headers();
    … and now it works. I have no idea what it means but it works. I would appreciate your feedback. Thank you again.

    Virgil

    1. Thanks for the information! I will analyse this problem (in due time) and give a proper reply. We will figure this out, and if we don´t, i am sure somebody will. That´s what GPL is all about. Anyone can submit a solution on GitHub, and i will gladly merge it with the next release. Since the first release, phpFileManager was not mine alone anymore, it was ours.

  17. I actually figured out I have this error:
    PHP message: PHP Fatal error: Uncaught Error: Call to undefined function apache_request_headers()
    I’m using nginx and PHP 7.0.33
    Any advice?

    1. Hi Virgil, sorry for the delay on my reply. apache_request_headers() is a function that does not exist on ngnix, but phpFileManager has a fallback for it. If the function does not exist, it should declare it. Check if you are using the latest version. If so, and the problem persists, please let me know. Inform me the ngnix version you are using and if the system is linux/mac or windows. If it is a bug, i will fix it. Thanks!
      line: 8102 if(!function_exists(‘apache_request_headers’))…
      And important to let you know, this fallback function was a contribution from a user, just like you. If you find why it is not working anymore, please share the code, i will test it and your name will be forever on phpFileManager changelog too.

  18. Hi,
    Great tool and thank you. However, I have a problem. I’m trying to set a password and it doesn’t allow me to write anything in the field. What can be the problem?

  19. This script is great to make your lessons on a free shared server independent from the provider interface. One thing puzzle me!
    Am I dull or there is no way to click on a php / htm file and be redirected to it in the browser?

    1. Hi Twingsister! The “View” option on the file line will always open the file on a modal window, as it is rendered by the webserver, be it PHP or HTML.
      Once in the modal window, you can copy the full url and paste on a new window.
      This surely can be inproved. I got what your searching for.
      As it is, allows to render pages even not on the document root.
      I will check this out again, and make it better.

  20. Hi Fabricio,

    I am so impressive with your File manager. Just one suggestion that those tools buttons disappeared when I scroll vertically if the folder has many files.

    I am thinking of how to split into three parts.

    Regards,
    David

    1. Hi David!

      All that part is one big table. To do that you would have to break it in three parts.
      On the top one you use css position fixed, on the middle one css overflow auto and define a max-height, to show a scrollbar, and the bottom one position relative.
      The big problem, is that the cols titles will not align automatically with the content anymore, because they will be on different tables.
      Maybe the best way is to use some special plugin to do the job. Like this one.. http://maslianok.github.io/stickyRows/

        1. Glad to see you liked the tool. Your problem surely resides on a webserver or php configuration. The icons come directly from the script, when called as index.php?action=99&filename=file_sprite.png Check the return of this URL. Most likely you dont have mb_string PHP module enabled, or base64() function is disabled, or has a problem with PHP output buffer, or mime type limitations by the virtualserver for the header shown using PHP. Normally it just works! But many systems ship with diferrent default configurations.