$SqlUserName1 = rtrim(htmlspecialchars(insql($_POST['SqlUserName1'])), '\\');
    if (strlen($_POST['SqlPassword1']) > 5) {
        $SqlPassword1 = rtrim(htmlspecialchars(insql($_POST['SqlPassword1'])), '\\');
    } else {
        $SqlPassword1 = $SqlPassword;
    }
    $SqlDataBase1 = rtrim(htmlspecialchars(insql($_POST['SqlDataBase1'])), '\\');
    $Pre1 = rtrim(htmlspecialchars(insql($_POST['Pre1'])), '\\');
    $amsurl1 = rtrim(htmlspecialchars(insql($_POST['amsurl1'])), '\\');
    if ($amsurl1 && strrchr($amsurl1, '/') != '/') {
        $amsurl1 .= '/';
    }
    $thread1 = rtrim(htmlspecialchars(insql($_POST['thread1'])), '\\');
    $clthread1 = rtrim(htmlspecialchars(insql($_POST['clthread1'])), '\\');
    $ggwthread1 = rtrim(htmlspecialchars(insql($_POST['ggwthread1'])), '\\');
    $timezone1 = rtrim(htmlspecialchars(insql($_POST['timezone1'])), '\\');
    $configdata = "<?php\ndefined('IN_NIUXAMS') or exit('Access Denied.');\n\$adname = '{$adname1}';\n\$adpassword = '******';\n\$SqlServer = '{$SqlServer1}';\n\$SqlUserName = '******';\n\$SqlPassword = '******';\n\$SqlDataBase = '{$SqlDataBase1}';\n\$Pre = '{$Pre1}';\n\$amsurl = '{$amsurl1}';\n\$thread = '{$thread1}';\n\$clthread = '{$clthread1}';\n\$ggwthread = '{$ggwthread1}';\n\$timezone = '{$timezone1}';\n";
    file_put_contents('config.php', $configdata) or errwin('出错啦!config.php无法修改!请将程序目录和文件的文件权限设置属性0755或0777。');
    $conn = new mysql();
    $conn->inoplog('修改基本参数', 'cssz', 1, getname());
    okwin('恭喜你,修改参数成功了!');
    exit;
}
///////////////////////////
$title = '基本参数设置';
require 'mo.head.php';
?>
<style>
.cssz{
	border-width:1px 0px 0px 1px;
}
<?php

define('NIUXAMS_ACCESS', 'addgg');
require 'common.php';
$menu = $_REQUEST['menu'];
///////////////////////////
if ($menu == 'addgg') {
    $ggtitle = insql($_POST['ggtitle']);
    $ggdm = insql($_POST['ggdm']);
    $ggclass = insql($_POST['ggclass']);
    $ggwidth = insql($_POST['ggwidth']);
    $ggheight = insql($_POST['ggheight']);
    $gglei = insql($_POST['gglei']);
    $ggzu = insql($_POST['ggzu']);
    $ggtj = insql($_POST['ggtj']);
    $ggjfclass = insql($_POST['ggjfclass']);
    $ontid = date("YmdHis", time());
    $path = $datadir . '/' . $thread . '-' . $ontid . '.js';
    $path1 = $datadir . '/' . $thread . '-' . $ontid . '.php';
    $path2 = $datadir . '/gglist.php';
    if ($ggtj) {
        $ggcon = 'document.write(unescape("' . $ggdm . '"));' . "\r\n" . 'document.write(amsurl+\'counter.js?gid=' . $thread . '-' . $ontid . '&atyh=\'+atyh+\'"></script>\');';
    } else {
        $ggcon = 'document.write(unescape("' . $ggdm . '"));';
    }
    $ggcon1 = '<?php exit();?>' . "\r\n" . $ggtitle . "\r\n" . $ggdm . "\r\n" . $ggclass . "\r\n" . $ggwidth . "\r\n" . $ggheight . "\r\n" . gnt() . "\r\n" . $ggzu . "\r\n" . $ggtj . "\r\n" . $ggjfclass . "\r\n" . $gglei;
    file_put_contents($path, $ggcon) or die('出错啦!无法创建.js文件!请将程序目录和所有文件的文件权限设置属性0755或0777。');
    file_put_contents($path1, $ggcon1) or die('出错啦!无法创建.php文件!请将程序目录和所有文件的文件权限设置属性0755或0777。');
    $gglist = file($path2);
    if (!is_array($gglist)) {
        $gglist[] = '';
            }
        }
        file_put_contents($datadir . '/ggclzulist.php', $zulist) or die($datadir . '/ggclzulist.php 禁止写入!');
        $content = file_get_contents($datadir . '/ggcllist.php');
        $array = explode("\r\n", $content);
        array_shift($array);
        array_pop($array);
        foreach ($array as $gid) {
            $ggcld = insou1(file($datadir . '/' . $gid . '.php'));
            if ($ggcld[31] == $yggclzu . "\r\n") {
                $ggcld[31] = $xggclzu . "\r\n";
                file_put_contents($datadir . '/' . $gid . '.php', $ggcld);
            }
        }
    }
    $conn = new mysql();
    $conn->inoplog('修改广告策略类/组', ($xggcllei ? $yggcllei . ':' . $xggcllei . '|' : '') . ($xggclzu ? $yggclzu . ':' . $xggclzu : ''), 1, getname());
    die('1');
}
//////////////////////
if ($menu == 'editdelleizu') {
    $leiv = insql($_REQUEST['leiv']);
    $zuv = insql($_REQUEST['zuv']);
    $newggclleiv = '<?php exit();?>' . "\r\n" . $leiv;
    file_put_contents($datadir . '/ggclleilist.php', $newggclleiv) or die($datadir . '/ggclleilist.php 禁止写入!');
    $newggclzu = '<?php exit();?>' . "\r\n" . $zuv;
    file_put_contents($datadir . '/ggclzulist.php', $newggclzu) or die($datadir . '/ggclzulist.php 禁止写入!');
    $conn = new mysql();
    $conn->inoplog('排列/删除广告策略类/组', $leiv . '|' . $zuv, 1, getname());
    die('1');
}
$content = file_get_contents($datadir . '/ggcllist.php');
$array = explode("\r\n", $content);
array_shift($array);
array_pop($array);
if ($desc) {
    rsort($array);
} else {
    sort($array);
}
$size = count($array);
if ($page > ceil($size / $limit)) {
    $page = ceil($size / $limit);
}
///////////////////////////
if ($menu == 'ajax') {
    $ggwlx = (int) insql($_REQUEST['ggwlx']);
    $j = 0;
    $gglist = '';
    for ($i = 0; $i < $size; $i++) {
        $gid = $array[$i];
        if ($gid) {
            $Serialnumber = $desc ? $size - $i : $i + 1;
            $ggd = file_get_contents($datadir . '/' . $gid . '.php');
            $arrayd = array();
            $arrayd = explode("\r\n", $ggd);
            array_shift($arrayd);
            if ($ggwlx == 0 && $arrayd[3] || $ggwlx && $arrayd[3] == 2) {
                if ($search == '' || $search && (strpos(unescape($arrayd[1]), unescape($search)) !== false || strpos($gid, unescape($search)) !== false)) {
                    if ($arrayd[31] == $ggcllei || $ggcllei == -1) {
                        if ($arrayd[30] == $ggclzu || $ggclzu == -1) {
                            $j++;
/* ---------------------------------------------------- */
/* 程序名称: 牛叉广告管理优化大师(NiuXams)
/* 程序功能: 快速低成本建立自己网站的广告管理、智能投放系统!
/* 程序开发: 牛叉软件(NiuXSoft.Com)
/* 版权所有: [NiuXams] (C)2013-2099 NiuXSoft.Com
/* 官方网站: niuxsoft.com  Email: niuxsoft@163.com
/* ---------------------------------------------------- */
/* 使用条款:
/* 1.该软件个人非商业用途免费使用.
/* 2.免费使用禁止修改版权信息和官方推广链接.
/* 3.禁止任何衍生版本.
/* ---------------------------------------------------- */
define('NIUXAMS_ACCESS', 'delggw');
require 'common.php';
$gids = insql($_POST['gids']);
$menu = $_POST['menu'];
$conn = new mysql();
///////////////////////////
if ($menu == 'delggw') {
    if (!$gids) {
        die('出错啦!gids为空!你让我删谁?');
    }
    $arraygid = explode(' ', $gids);
    $file = $datadir . '/ggwlist.php';
    $content = file_get_contents($file);
    $file1 = $datadir . '/ggwrecyclelist.php';
    $content1 = file_get_contents($file1);
    if (strlen($content1) < 15) {
        $content1 = '<?php exit();?>' . "\r\n";
    }
/* 官方网站: niuxsoft.com  Email: niuxsoft@163.com
/* ---------------------------------------------------- */
/* 使用条款:
/* 1.该软件个人非商业用途免费使用.
/* 2.免费使用禁止修改版权信息和官方推广链接.
/* 3.禁止任何衍生版本.
/* ---------------------------------------------------- */
define('NIUXAMS_ACCESS', 'ggrecycle');
require 'common.php';
///////////////////////////
$desc = insql($_REQUEST['desc']);
$limit = insql($_REQUEST['limit']);
$page = insql($_REQUEST['page']);
$gglei = insql($_GET['gglei'] ? $_GET['gglei'] : ($_POST['gglei'] ? $_POST['gglei'] : unescape($_COOKIE['gglei'])));
$ggzu = insql($_GET['ggzu'] ? $_GET['ggzu'] : ($_POST['ggzu'] ? $_POST['ggzu'] : unescape($_COOKIE['ggzu'])));
$search = insql($_REQUEST['search']);
$desc = $desc ? '' : 'DESC';
$limit = is_numeric($limit) && $limit > 1 ? $limit : 20;
$page = is_numeric($page) && $page > 1 ? $page : 1;
$gglei = $gglei == '' ? -1 : $gglei;
$ggleil = file_get_contents($datadir . '/ggleilist.php');
$ggll = explode("\r\n", $ggleil);
array_shift($ggll);
array_pop($ggll);
$ggzu = $ggzu == '' ? -1 : $ggzu;
$ggzul = file_get_contents($datadir . '/ggzulist.php');
$ggz = explode("\r\n", $ggzul);
array_shift($ggz);
array_pop($ggz);
$content = file_get_contents($datadir . '/ggrecyclelist.php');
$array = explode("\r\n", $content);
$gid = $_REQUEST['gid'];
$ggwd = file_get_contents($datadir . '/' . $gid . '.php') or errwin('出错啦!打开文件出错,请输入正确的gid!');
$arrayd = explode("\r\n", $ggwd);
array_shift($arrayd);
///////////////////////////
if ($menu == 'editggw') {
    $ggwtitle = insql($_POST['ggwtitle']);
    $ggwclass = insql($_POST['ggwclass']);
    $ggwwidth = insql($_POST['ggwwidth']);
    $ggwheight = insql($_POST['ggwheight']);
    $xzggcl = insql($_POST['xzggcl']);
    $bjgg = insql($_POST['bjgg']);
    $ggwlei = insql($_POST['ggwlei']);
    $ggwzu = insql($_POST['ggwzu']);
    $gid = insql($_POST['gid']);
    $gtime = insql($_POST['gtime']);
    if (!$ggwtitle) {
        die('标题不能为空!');
    }
    require 'func.gg.php';
    $path = $datadir . '/' . $gid . '.js';
    $path1 = $datadir . '/' . $gid . '.php';
    $ggwcon = ggwtojs($gid, $xzggcl, $ggwwidth, $ggwheight, $bjgg, $ggwclass);
    $ggwcon1 = '<?php exit();?>' . "\r\n" . $gtime . "\r\n" . $ggwtitle . "\r\n" . $ggwclass . "\r\n" . $ggwwidth . "\r\n" . $ggwheight . "\r\n" . $xzggcl . "\r\n" . $bjgg . "\r\n" . $ggwzu . "\r\n" . $ggwlei;
    file_put_contents($path, $ggwcon) or die('出错啦!无法创建.js文件!请将程序目录和所有文件的文件权限设置属性0755或0777。');
    file_put_contents($path1, $ggwcon1) or die('出错啦!无法创建.php文件!请将程序目录和所有文件的文件权限设置属性0755或0777。');
    $conn = new mysql();
    $conn->inoplog('修改广告位', $gid, 1, getname());
    die('1');
}
///////////////////////////
function acquery()
{
    global $Pre;
    $gid = substr(insql($_GET['gid']), -14, 14);
    $sorc = insql($_GET['sorc']);
    $conn = new mysql();
    if ($sorc == '1' && is_numeric($gid)) {
        $sql = "SELECT COUNT(*) AS NumberOfShows FROM {$Pre}niux_ams_counter where ac=1 and gid='{$gid}' and DATE(time)=CURDATE()";
        echo $conn->getFieldsVal($sql, 'NumberOfShows');
    } elseif ($sorc == '2' && is_numeric($gid)) {
        $sql = "SELECT COUNT(*) AS NumberOfClicks FROM {$Pre}niux_ams_counter where ac=2 and gid='{$gid}' and DATE(time)=CURDATE()";
        echo $conn->getFieldsVal($sql, 'NumberOfClicks');
    }
}
<?php

define('NIUXAMS_ACCESS', 'oplog');
require 'common.php';
$desc = insql($_REQUEST['desc']);
$limit = insql($_REQUEST['limit']);
$page = insql($_REQUEST['page']);
$orderby = insql($_REQUEST['orderby']);
$desc = $desc ? '' : 'DESC';
$limit = is_numeric($limit) && $limit > 1 ? $limit : 30;
$page = is_numeric($page) && $page > 1 ? $page : 1;
$orderby = strlen($orderby) > 1 && strlen($orderby) < 12 ? $orderby : 'id';
$conn = new mysql();
$sql = "SELECT COUNT(*) FROM {$Pre}niux_ams_oplog";
$total = $conn->getFieldsVal($sql, 0);
if ($page > ceil($total / $limit)) {
    $page = ceil($total / $limit);
}
$kashi = $page * $limit - $limit;
$sql = "SELECT * FROM {$Pre}niux_ams_oplog ORDER BY {$orderby} {$desc} LIMIT {$kashi},{$limit}";
$result = $conn->query($sql);
$list = '';
while ($row = mysql_fetch_array($result)) {
    $list .= '<tr class="list">';
    $list .= '<td class="ui-widget-content uitd ct">' . $row['id'] . '</td>';
    $list .= '<td class="ui-widget-content uitd ct"><span title="' . htmlspecialchars($row['username']) . '">' . cutstr($row['username'], 6) . '</span></td>';
    $list .= '<td class="ui-widget-content uitd ct"><span title="' . htmlspecialchars($row['caozuo']) . '">' . cutstr($row['caozuo'], 6) . '</span></td>';
    $list .= '<td class="ui-widget-content uitd ct">' . ($row['state'] ? '成功' : '失败') . '</td>';
    $list .= '<td class="ui-widget-content uitd ct"><span title="' . htmlspecialchars($row['caozuofile']) . '">' . cutstr($row['caozuofile'], 8) . '</span></td>';
    $list .= '<td class="ui-widget-content uitd ct">' . $row['time'] . '</td>';
    $list .= '<td class="ui-widget-content uitd ct">' . $row['ip'] . '</td>';
    $path = $datadir . '/' . $selectggmb . '.php';
    if (!$selectggmb && !file_exists($path)) {
        die('无法删除选择的广告模板!');
    }
    unlink($path) or die($selectggmb . '.php删除错误!');
    $path1 = $datadir . '/ggtemplist.php';
    $ggtl = file_get_contents($path1);
    $ggtl = str_replace($selectggmb . "\r\n", '', $ggtl);
    file_put_contents($path1, $ggtl) or die('出错啦!无法修改.php文件!请将程序目录和所有文件的文件权限设置属性0755或0777。');
    $conn = new mysql();
    $conn->inoplog('删除广告模板', $selectggmb, 1, getname());
    die('1');
    /////////////////////
} elseif ($_REQUEST['menu'] == 'renewitem') {
    /////////////////////
    $itemlist = htmlspecialchars(insql($_REQUEST['itemlist']));
    $path1 = $datadir . '/ggtemplist.php';
    $ggtl = '<?php exit();?>' . "\r\n" . $itemlist;
    file_put_contents($path1, $ggtl) or die('出错啦!无法修改.php文件!请将程序目录和所有文件的文件权限设置属性0755或0777。');
    $conn = new mysql();
    $conn->inoplog('排序广告模板', $itemlist, 1, getname());
    die('1');
    /////////////////////
} else {
    /////////////////////
    $ggtl = file_get_contents($datadir . '/ggtemplist.php');
    $ggtla = explode("\r\n", $ggtl);
    array_shift($ggtla);
    array_pop($ggtla);
    $ggtemp_list = '';
    $ggtemp_sortable = '';
 $fbleorne = insql($_POST['fbleorne']);
 $fbl = insql($_POST['fbl']);
 $llqeorne = insql($_POST['llqeorne']);
 $llq = insql($_POST['llq']);
 $yuyeorne = insql($_POST['yuyeorne']);
 $yuy = insql($_POST['yuy']);
 $lyeorne = insql($_POST['lyeorne']);
 $vly = insql($_POST['vly']);
 $urleorne = insql($_POST['urleorne']);
 $url = insql($_POST['url']);
 $diyueorne = insql($_POST['diyueorne']);
 $diyu = insql($_POST['diyu']);
 $jreorne = insql($_POST['jreorne']);
 $jr = insql($_POST['jr']);
 $ggcllei = insql($_POST['ggcllei']);
 $ggclzu = insql($_POST['ggclzu']);
 $ontid = date("YmdHis", time());
 $gid = $clthread . '-' . $ontid;
 if (!$cltitle) {
     die('标题不能为空!');
 }
 if (!$wllx) {
     die('广告类型不能为空!');
 }
 if (!$xzgg) {
     die('广告不能为空!');
 }
 require 'func.gg.php';
 $path = $datadir . '/' . $clthread . '-' . $ontid . '.js';
 $path1 = $datadir . '/' . $clthread . '-' . $ontid . '.php';
 $path2 = $datadir . '/' . 'ggcllist.php';
    $focontent = file($fofile);
    array_shift($focontent);
    $focontent[] = $foname . ' ' . $fourl . "\r\n";
    array_unshift($focontent, '<?php exit();?>' . "\r\n");
    file_put_contents($fofile, $focontent) or die($fofile . ' 禁止写入!');
    die('1');
} elseif ($menu == 'editfo') {
    $oldfo = insql($_REQUEST['oldfo']);
    $newfoname = insql($_REQUEST['newfoname']);
    $newfourl = insql($_REQUEST['newfourl']);
    $fofile = $datadir . '/fo.' . md5(getname()) . '.php';
    $focontent = file($fofile);
    array_shift($focontent);
    $folist = '<?php exit();?>' . "\r\n";
    foreach ($focontent as $value) {
        $foarray = explode(' ', $value);
        if ($foarray[0] == $oldfo) {
            $folist .= $newfoname . ' ' . $newfourl . "\r\n";
        } else {
            $folist .= $value;
        }
    }
    file_put_contents($fofile, $folist) or die($fofile . ' 禁止写入!');
    die('1');
} elseif ($menu == 'delfo') {
    $fov = insql($_REQUEST['fov']);
    $fofile = $datadir . '/fo.' . md5(getname()) . '.php';
    $folist = '<?php exit();?>' . "\r\n" . $fov;
    file_put_contents($fofile, $folist) or die($fofile . ' 禁止写入!');
    die('1');
}
    $rank = htmlspecialchars(insql($_REQUEST['rank']));
    $yhzname = htmlspecialchars(insql($_REQUEST['yhzname']));
    $funcselect = rtrim(htmlspecialchars(insql($_REQUEST['funcselect'])), '|');
    $rankfile = $datadir . '/access/' . $rank . '.access.php';
    if (!is_file($rankfile)) {
        die('用户组序号不存在,无法修改!');
    }
    $yhznr = '<?php exit();?>' . "\r\n" . $yhzname . "\r\n" . $funcselect;
    file_put_contents($rankfile, $yhznr) or die('出错啦!' . $rankfile . ' 无法修改!请将程序目录和文件的文件权限设置属性0755或0777。');
    $conn = new mysql();
    $conn->inoplog('修改用户组', $rank, 1, getname());
    die('1');
    /////////////////////
} elseif ($_REQUEST['menu'] == 'delyhz') {
    /////////////////////
    $rank = htmlspecialchars(insql($_REQUEST['rank']));
    $rankfile = $datadir . '/access/' . $rank . '.access.php';
    if (!is_file($rankfile)) {
        die('用户组 ' . $rank . ' 不存在,删除失败!');
    }
    unlink($rankfile) or die('出错啦!' . $rankfile . ' 无法删除!请将程序目录和文件的文件权限设置属性0755或0777。');
    $conn = new mysql();
    $conn->inoplog('删除用户组', $rank, 1, getname());
    die('1');
    /////////////////////
} else {
    /////////////////////
    $subadminlist = '';
    foreach ($subadmin as $key => $value) {
        $accessdata = file($datadir . '/access/' . $value[1] . '.access.php');
        array_shift($accessdata);
/* 2.免费使用禁止修改版权信息和官方推广链接.
/* 3.禁止任何衍生版本.
/* ---------------------------------------------------- */
define('NIUXAMS_ACCESS', 'addggw');
require 'common.php';
$menu = $_POST['menu'];
///////////////////////////
if ($menu == 'addggw') {
    $ggwtitle = insql($_POST['ggwtitle']);
    $ggwclass = insql($_POST['ggwclass']);
    $ggwwidth = insql($_POST['ggwwidth']);
    $ggwheight = insql($_POST['ggwheight']);
    $xzggcl = insql($_POST['xzggcl']);
    $bjgg = insql($_POST['bjgg']);
    $ggwlei = insql($_POST['ggwlei']);
    $ggwzu = insql($_POST['ggwzu']);
    $ontid = date("YmdHis", time());
    $gid = $ggwthread . '-' . $ontid;
    if (!$ggwtitle) {
        die('标题不能为空!');
    }
    require 'func.gg.php';
    $path = $datadir . '/' . $ggwthread . '-' . $ontid . '.js';
    $path1 = $datadir . '/' . $ggwthread . '-' . $ontid . '.php';
    $path2 = $datadir . '/ggwlist.php';
    $ggwcon = ggwtojs($gid, $xzggcl, $ggwwidth, $ggwheight, $bjgg, $ggwclass);
    $ggwcon1 = '<?php exit();?>' . "\r\n" . gnt() . "\r\n" . $ggwtitle . "\r\n" . $ggwclass . "\r\n" . $ggwwidth . "\r\n" . $ggwheight . "\r\n" . $xzggcl . "\r\n" . $bjgg . "\r\n" . $ggwzu . "\r\n" . $ggwlei;
    file_put_contents($path, $ggwcon) or die('出错啦!无法创建.js文件!请将程序目录和所有文件的文件权限设置属性0755或0777。');
    file_put_contents($path1, $ggwcon1) or die('出错啦!无法创建.php文件!请将程序目录和所有文件的文件权限设置属性0755或0777。');
    $ggwlist = file($path2);
    if (!is_array($ggwlist)) {
$content = file_get_contents($datadir . '/gglist.php');
$array = explode("\r\n", $content);
array_shift($array);
array_pop($array);
if ($desc) {
    rsort($array);
} else {
    sort($array);
}
$size = count($array);
if ($page > ceil($size / $limit)) {
    $page = ceil($size / $limit);
}
///////////////////////////
if ($menu == 'ajax') {
    $wllx = (int) insql($_REQUEST['wllx']);
    $j = 0;
    $gglist = '';
    for ($i = 0; $i < $size; $i++) {
        $gid = $array[$i];
        if ($gid) {
            $Serialnumber = $desc ? $size - $i : $i + 1;
            $ggd = file_get_contents($datadir . '/' . $gid . '.php');
            $arrayd = array();
            $arrayd = explode("\r\n", $ggd);
            array_shift($arrayd);
            if ($wllx == 0 && $arrayd[2] == 0 || $wllx && $arrayd[2]) {
                if ($search == '' || $search && (strpos(unescape($arrayd[0]), unescape($search)) !== false || strpos($gid, unescape($search)) !== false)) {
                    if ($arrayd[9] == $gglei || $gglei == -1) {
                        if ($arrayd[6] == $ggzu || $ggzu == -1) {
                            $j++;
    $dir = $datadir . '/updata/';
    $arrayfid = explode(' ', $fids);
    foreach ($arrayfid as $fid) {
        $fidclass = explode('.', $fid);
        if (is_numeric($fidclass[0]) && strlen($fidclass[0]) == 14) {
            unlink($dir . $fid) or die($fid . "删除错误!请确认属性是否设置正确!");
        }
    }
    $conn = new mysql();
    $conn->inoplog('删除上传广告文件', $fids, 1, getname());
    die('1');
}
////////////////////////////
$desc = insql($_REQUEST['desc']);
$limit = insql($_REQUEST['limit']);
$page = insql($_REQUEST['page']);
$desc = $desc ? '' : 'DESC';
$limit = is_numeric($limit) && $limit > 1 ? $limit : 30;
$page = is_numeric($page) && $page > 1 ? $page : 1;
$upath = $datadir . '/updata';
$upurl = $amsurl . $upath;
$files = getfiles($upath);
if ($desc) {
    rsort($files);
} else {
    sort($files);
}
$total = count($files);
if ($page > ceil($total / $limit)) {
    $page = ceil($total / $limit);
}