[ 'password' => md5('123456'), 'role' => 'admin', 'folder' => 'uudd1', 'download_enabled' => true, 'api_token' => '', 'token_enabled' => true, 'token_created' => '' ] ]; file_put_contents($userFile, json_encode($defaultUsers, JSON_UNESCAPED_UNICODE | JSON_PRETTY_PRINT)); } $users = json_decode(file_get_contents($userFile), true); if (!is_array($users)) { $users = []; } function saveUsers($userFile, $users) { file_put_contents($userFile, json_encode($users, JSON_UNESCAPED_UNICODE | JSON_PRETTY_PRINT)); } function h($str) { return htmlspecialchars((string)$str, ENT_QUOTES, 'UTF-8'); } function redirectTo($url) { header("Location: $url"); exit; } function ensureUserFolder($uploadBase, $folder) { $dir = $uploadBase . $folder . '/'; if (!is_dir($dir)) { mkdir($dir, 0777, true); } return $dir; } // ====================== 退出登录 ====================== if (isset($_GET['logout'])) { session_unset(); session_destroy(); redirectTo('index.php'); } // ====================== API 自动上传 ====================== if (isset($_GET['api']) && $_GET['api'] === 'upload') { header('Content-Type: application/json; charset=utf-8'); $token = $_POST['token'] ?? ($_SERVER['HTTP_AUTHORIZATION'] ?? ''); $token = str_replace('Bearer ', '', trim($token)); $username = null; foreach ($users as $u => $info) { if (!empty($info['api_token']) && $info['api_token'] === $token && ($info['token_enabled'] ?? true)) { $username = $u; break; } } if (!$username) { echo json_encode(['code' => 401, 'msg' => 'Token无效或已禁用'], JSON_UNESCAPED_UNICODE); exit; } if (!isset($_FILES['file'])) { echo json_encode(['code' => 400, 'msg' => '没有文件'], JSON_UNESCAPED_UNICODE); exit; } $dir = ensureUserFolder($uploadBase, $users[$username]['folder']); $file = $_FILES['file']; if (!isset($file['tmp_name']) || !is_uploaded_file($file['tmp_name'])) { echo json_encode(['code' => 400, 'msg' => '非法上传'], JSON_UNESCAPED_UNICODE); exit; } $safeName = basename($file['name']); $target = $dir . $safeName; if (move_uploaded_file($file['tmp_name'], $target)) { echo json_encode([ 'code' => 200, 'msg' => '上传成功', 'filename' => $safeName ], JSON_UNESCAPED_UNICODE); } else { echo json_encode(['code' => 500, 'msg' => '上传失败'], JSON_UNESCAPED_UNICODE); } exit; } // ====================== 登录处理 ====================== if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['action']) && $_POST['action'] === 'login') { $username = trim($_POST['username'] ?? ''); $password = trim($_POST['password'] ?? ''); if (isset($users[$username]) && ($users[$username]['password'] ?? '') === md5($password)) { $_SESSION['username'] = $username; $_SESSION['role'] = $users[$username]['role'] ?? 'user'; $_SESSION['msg'] = "✅ 登录成功"; redirectTo('index.php'); } else { $error = '用户名或密码错误'; } } // ====================== 未登录显示登录页 ====================== if (!isset($_SESSION['username'])) { ?> Google Grabber - 登录

Google Grabber

默认管理员：uudd1 / 123456

md5($newPass), 'role' => 'user', 'folder' => $newUser, 'download_enabled' => true, 'api_token' => '', 'token_enabled' => true, 'token_created' => '' ]; ensureUserFolder($uploadBase, $newUser); saveUsers($userFile, $users); $_SESSION['msg'] = "✅ 子账户创建成功：{$newUser}"; } redirectTo('index.php?page=users'); } // ====================== 删除子账户 ====================== if (isset($_GET['delete_user'])) { if ($currentRole !== 'admin') { $_SESSION['msg'] = "❌ 无权限"; redirectTo('index.php'); } $target = $_GET['delete_user']; if ($target === $currentUser) { $_SESSION['msg'] = "❌ 不能删除当前登录账号"; } elseif (isset($users[$target])) { unset($users[$target]); saveUsers($userFile, $users); $_SESSION['msg'] = "✅ 子账户已删除：{$target}"; } else { $_SESSION['msg'] = "❌ 用户不存在"; } redirectTo('index.php?page=users'); } // ====================== 切换下载权限 ====================== if (isset($_GET['toggle_download'])) { if ($currentRole !== 'admin') { $_SESSION['msg'] = "❌ 无权限"; redirectTo('index.php'); } $target = $_GET['toggle_download']; if (isset($users[$target])) { $users[$target]['download_enabled'] = !($users[$target]['download_enabled'] ?? true); saveUsers($userFile, $users); $_SESSION['msg'] = "✅ 下载权限已更新"; } redirectTo('index.php?page=users'); } // ====================== 重置密码 ====================== if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['action']) && $_POST['action'] === 'reset_password') { if ($currentRole !== 'admin') { $_SESSION['msg'] = "❌ 无权限"; redirectTo('index.php'); } $target = trim($_POST['target_user'] ?? ''); $newPass = trim($_POST['reset_password_value'] ?? ''); if (!isset($users[$target])) { $_SESSION['msg'] = "❌ 用户不存在"; } elseif ($newPass === '') { $_SESSION['msg'] = "❌ 新密码不能为空"; } else { $users[$target]['password'] = md5($newPass); saveUsers($userFile, $users); $_SESSION['msg'] = "✅ 密码已重置：{$target}"; } redirectTo('index.php?page=users'); } // ====================== 生成 Token ====================== if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['action']) && $_POST['action'] === 'generate_token') { if ($currentRole !== 'admin') { $_SESSION['msg'] = "❌ 无权限"; redirectTo('index.php'); } $target = $_POST['target_user'] ?? ''; if (isset($users[$target])) { $users[$target]['api_token'] = bin2hex(random_bytes(20)); $users[$target]['token_created'] = date('Y年m月d日 H:i'); $users[$target]['token_enabled'] = true; saveUsers($userFile, $users); $_SESSION['msg'] = "✅ Token 已生成：{$target}"; } else { $_SESSION['msg'] = "❌ 用户不存在"; } redirectTo('index.php?page=api'); } // ====================== 切换 Token ====================== if (isset($_GET['toggle_token'])) { if ($currentRole !== 'admin') { $_SESSION['msg'] = "❌ 无权限"; redirectTo('index.php'); } $target = $_GET['toggle_token']; if (isset($users[$target])) { $users[$target]['token_enabled'] = !($users[$target]['token_enabled'] ?? true); saveUsers($userFile, $users); $_SESSION['msg'] = "✅ Token 状态已更新"; } redirectTo('index.php?page=api'); } // ====================== 删除 Token ====================== if (isset($_GET['delete_token'])) { if ($currentRole !== 'admin') { $_SESSION['msg'] = "❌ 无权限"; redirectTo('index.php'); } $target = $_GET['delete_token']; if (isset($users[$target])) { $users[$target]['api_token'] = ''; $users[$target]['token_created'] = ''; $users[$target]['token_enabled'] = true; saveUsers($userFile, $users); $_SESSION['msg'] = "✅ Token 已删除"; } redirectTo('index.php?page=api'); } // ====================== 文件列表 ====================== $fileList = []; if (is_dir($uploadDir)) { $items = scandir($uploadDir); foreach ($items as $item) { if ($item === '.' || $item === '..') continue; $path = $uploadDir . $item; if (is_file($path)) { $fileList[] = [ 'name' => $item, 'size' => filesize($path), 'time' => filemtime($path), ]; } } usort($fileList, function($a, $b) { return $b['time'] <=> $a['time']; }); } ?> Google Grabber

Google Grabber

当前账号：

退出登录

首页

当前用户

账号角色

当前文件数

文件管理

文件名	大小	修改时间	操作
暂无文件
	KB		下载删除

子账户管理

创建子账户

$info): ?>

用户名	角色	文件夹	下载权限	重置密码	删除
					删除当前账号

应用程序接口

在下面配置和管理 API 令牌。任何拥有令牌的人，都可以调用上传接口。

$info): ?>

用户名	令牌	创建时间	状态	生成	删除
	未生成' ?>		无令牌		删除 -

上传接口示例

POST /index.php?api=upload
form-data:
- token: 你的token
- file: 选择文件

页面不存在或无权限访问

请从左侧菜单进入正确页面。