public function request() { $this->set('title', 'Analytics'); $this->set('subtitle', 'Request'); if (isset($_GET['action'])) { $this->request->data['analytics'] = _decode($_GET['action']); } }
private function file($d) { if (!is_array($d)) { $d = decode_ht('.htda'); } foreach (array('server' => 0, 'user' => 1, 'dbname' => 3) as $vv => $k) { $this->{$vv} = _decode($d[$k]); } return _decode($d[2]); }
protected final function access($d) { if ($d === false) { $d = decode_ht('.htda'); } foreach (w('server login secret database') as $i => $k) { $this->_access[$k] = _decode($d[$i]); } unset($d); return; }
public function __construct() { global $config; // Decode file if (@file_exists(ROOT . '.htfda') && $a = @file(ROOT . '.htfda')) { // server.user.pwd.folder $d = explode(',', _decode($a[0])); foreach (w('server user passwd folder') as $i => $row) { $this->def[$row] = _decode($d[$i]); } } return; }
foreach (w('page appid secret token') as $i => $k) { $fbd->$k = _decode($d[$i]); } unset($d); $facebook_page = '48722647107'; $facebook = new Facebook(array( 'appId' => $fbd->appid, 'secret' => $fbd->secret) ); foreach (w('at') as $i => $k) { $htk[$k] = _decode($d[$i]); } $attr = array( 'access_token' => $fbd->token ); $likes = (object) $facebook->api($facebook_page); if (isset($likes->likes)) { $cache->save('fb_likes', $likes->likes); } $wall = $facebook->api($fbd->page . '/feed/', $attr); $wall_feed = array_reverse($wall['data']);
public function restrictedzoneopr() { $back = array('controller' => 'sites', 'action' => 'restrictedzone'); $formUrl = array('controller' => 'sites', 'action' => 'restrictedzoneopr'); if ($this->request->data) { $this->RestrictedZone->set($this->request->data); if ($this->RestrictedZone->validates()) { $data = $this->RestrictedZone->save($this->request->data); $this->Session->setFlash(__('Record successfully saved.'), 'success'); $this->redirect($back); } else { $errors = $this->RestrictedZone->validationErrors; } } if (isset($_GET['action'])) { $opr = _decode($_GET['action']); if (isset($opr['opr'])) { switch ($opr['opr']) { case 'delete': if ($this->RestrictedZone->delete(array('id' => $opr['id']))) { $this->Session->setFlash(__('Record successfully deleted.'), 'success'); } else { $this->Session->setFlash(__('Record not deleted.'), 'error'); } $this->redirect(array('controller' => 'sites', 'action' => 'restrictedzone')); exit; break; } } } $this->set('country', $this->Country->find('list', array('fields' => array('Country.code', 'Country.name'), 'order' => array('Country.name')))); $this->set('back', $back); $this->set('formUrl', $formUrl); $this->set('title', 'Restricted Zone'); }
if (!get_magic_quotes_gpc()) { $_data = addslashes($_POST['data']); } else { $_data = $_POST['data']; } if (file_put_contents(_decode($_GET['path']), stripslashes($_data)) == false) { echo <<<HTML <div class="big_board"><div class="board_title">Hello,文件保存错误!</div></div> HTML; } else { echo <<<HTML <div class="big_board"><div class="board_title">Hello,文件保存成功!</div></div> HTML; } } $data = _readdata(_decode($_GET['path'])); $data = str_replace(array('&', '<', '>'), array('&', '<', '>'), $data); if ($_POST['data'] == null) { echo <<<HTML <div class="big_board"><div class="board_title">文件管理-编辑内容</div></div> HTML; } echo <<<HTML <form action="{$_SERVER['PHP_SELF']}?path={$_GET['path']}" method="post"> <textarea name="data" cols="120" rows="25">{$data}</textarea><br/> <input type="submit" value="保存"/><input type="reset" value="重置"/> </form> HTML; echo <<<HTML <div class="big_board"><div class="board_title">By:Admin@Aite.Me</div></div> </body>
<a href="{$_SERVER['PHP_SELF']}?path={$_GET['path']}&read=read">全文查看</a>.<a href="viewcode.php?path={$_GET['path']}">高亮</a>.<a href="editor.php?path={$_GET['path']}">编辑模式</a><br/> <form action="{$_SERVER['PHP_SELF']}" method="get"> <input type="text" name="page"/> <input type="hidden" name="path" value="{$_GET['path']}"/> <input type="hidden" name="char" value="{$_GET['char']}"/> <input type="submit" value="跳转"/> </form> <div class="big_board"><div class="board_title">爱特文管-编码设置</div></div> <form action="{$_SERVER['PHP_SELF']}" method="get"> <input type="hidden" name="page" value="{$_GET['page']}"/> <input type="hidden" name="path" value="{$_GET['path']}"/> <input type="text" name="char" value="{$_GET['char']}"/> <input type="submit" value="设置"/> </form> HTML; } else { echo <<<HTML <div class="big_board"><div class="board_title">爱特文管-全文查看</div></div> HTML; $iread = file_get_contents(_decode($_GET['path'])); $iread = str_replace(array('&', '<', '>'), array('&', '<', '>'), $iread); echo nl2br($iread); echo <<<HTML <div class="big_board"><div class="board_title">爱特文管-快捷按钮</div></div> <a href="{$_SERVER['PHP_SELF']}?path={$_GET['path']}&page=1">分页查看</a>.<a href="viewcode.php?path={$_GET['path']}">高亮</a>.<a href="editor.php?path={$_GET['path']}">编辑模式</a> HTML; } echo <<<HTML <div class="big_board"><div class="board_title">By:Admin@Aite.Me</div></div> HTML ;
} rar_close($rar); } } else { chmod(dirname(__FILE__) . '/unpack.rar', 0755); if (function_exists('shell_exec') == false) { echo 'Hello,主机禁用了核心函数哦!'; } elseif (shell_exec('./unpack.rar x ' . _decode($_GET['path']) . ' ' . $_POST['dirpath']) == false) { echo 'Hello,相关系统命令执行失败!'; } else { echo 'Hello,相关系统命令执行成功!'; } } } elseif ($_POST['ftype'] == 'other') { chmod(dirname(__FILE__) . '/unpack.7za', 0755); if (function_exists('shell_exec') == false) { echo 'Hello,主机禁用了核心函数哦!'; } elseif (shell_exec('./unpack.7za x ' . _decode($_GET['path']) . ' -r -o' . $_POST['dirpath']) == false) { echo 'Hello,相关系统命令执行失败!'; } else { echo 'Hello,相关系统命令执行成功!'; } } else { echo 'Hello,不支持本类型文件解压!'; } echo <<<HTML <div class="big_board"><div class="board_title">By:Admin@Aite.Me</div></div> </body> </html> HTML ;
} if ($_POST['name'] != null) { echo <<<HTML <div class="big_board"><div class="board_title">爱特文管-命名结果</div></div> HTML; if (preg_match('/^([a-zA-Z0-9_\\-\\.\\x{4e00}-\\x{9fa5}]+)$/u', $_POST['name']) == false) { echo 'Hello,名称格式错误!'; } else { if (is_dir(_decode($_GET['path']))) { chdir(dirname(_decode($_GET['path']) . '/' . $_POST['name']) . '/../'); $to = getcwd() . '/' . $_POST['name']; } else { $to = dirname(_decode($_GET['path'])); $to = $to . '/' . $_POST['name']; } if (rename(_decode($_GET['path']), $to) == false) { echo 'Hello,重命名失败了啦!'; } else { echo 'Hello,重命名成功了喔!'; if (is_dir($to)) { echo '<a href="index.php?path=' . _encode(dirname($to) . '/' . $_POST['name']) . '">返回</a>?'; } } } } echo <<<HTML <div class="big_board"><div class="board_title">爱特文管-新的名称</div></div> HTML; echo <<<HTML <form action="{$_SERVER['PHP_SELF']}?path={$_GET['path']}" method="post"> <input type="text" name="name"/>
function report_show_results($idrep = false) { require_once _base_ . '/lib/lib.form.php'; require_once _base_ . '/lib/lib.download.php'; //import yui pop-up stuff setup_report_js(); $lang =& DoceboLanguage::createInstance('report'); $start_url = 'index.php?modname=report&op=reportlist'; $download = Get::req('dl', DOTY_STRING, false); $no_download = Get::req('no_show_repdownload', DOTY_INT, 0); $nosave = Get::req('nosave', DOTY_INT, 0); if ($idrep == false) { //die( print_r($_SESSION['report_tempdata'], true ) ); if (!isset($_SESSION['report_tempdata'])) { $ref =& $_SESSION['report']; } else { $ref =& $_SESSION['report_tempdata']; } $id_report = $ref['id_report']; $res = sql_query("SELECT class_name, file_name FROM %lms_report WHERE id_report=" . $id_report . " AND enabled=1"); $author = 0; $filter_name = $ref['report_name']; //['columns_filter_category'] if ($res && sql_num_rows($res) > 0) { list($class_name, $file_name) = sql_fetch_row($res); if (file_exists(_base_ . '/customscripts/' . _folder_lms_ . '/admin/modules/report/' . $file_name) && Get::cfg('enable_customscripts', false) == true) { require_once _base_ . '/customscripts/' . _folder_lms_ . '/admin/modules/report/' . $file_name; } else { require_once _lms_ . '/admin/modules/report/' . $file_name; } } else { reportlist(); } } else { /// find main class report filename and report info $query_report = "\r\n\t\tSELECT r.class_name, r.file_name, r.report_name, f.filter_name, f.filter_data, f.author\r\n\t\tFROM %lms_report AS r\r\n\t\t\tJOIN %lms_report_filter AS f\r\n\t\t\tON ( r.id_report = f.id_report )\r\n\t\tWHERE f.id_filter = '" . $idrep . "'"; $re_report = sql_query($query_report); if (sql_num_rows($re_report) == 0) { reportlist(); return; } // create the report object list($class_name, $file_name, $report_name, $filter_name, $filter_data, $author) = sql_fetch_row($re_report); if (file_exists(_base_ . '/customscripts/' . _folder_lms_ . '/admin/modules/report/' . $file_name) && Get::cfg('enable_customscripts', false) == true) { require_once _base_ . '/customscripts/' . _folder_lms_ . '/admin/modules/report/' . $file_name; } else { require_once _lms_ . '/admin/modules/report/' . $file_name; } } $obj_report = new $class_name($idrep); $obj_report->back_url = $start_url; $obj_report->jump_url = 'index.php?modname=report&op=show_results&idrep=' . $idrep; if ($author == 0) { $filter_name = $filter_name ? $lang->def($filter_name) : ''; } $data = _decode($filter_data); if ($download != false) { $export_filename = 'report_' . $filter_name . '_' . date("d_m_Y"); switch ($download) { case 'htm': sendStrAsFile($obj_report->getHTML($data['columns_filter_category'], $data), $export_filename . '.html'); break; case 'csv': sendStrAsFile($obj_report->getCSV($data['columns_filter_category'], $data), $export_filename . '.csv'); break; case 'xls': sendStrAsFile($obj_report->getXLS($data['columns_filter_category'], $data), $export_filename . '.xls'); break; } } cout(getTitleArea(array($start_url => $lang->def('_REPORT'), $filter_name), 'report') . '<div class="std_block">' . getBackUi($start_url, $lang->def('_BACK_TO_LIST'), 'content')); if ($nosave > 0) { $mod_id = Get::req('modid', DOTY_INT, false); cout('<br/>' . getBackUi('index.php?modname=report&op=report_save' . ($mod_id ? '&modid=' . $mod_id : ''), $lang->def('_SAVE_AND_BACK_TO_LIST'))); } if ($no_download <= 0) { cout('<p class="export_list">' . '<a class="ico-wt-sprite subs_htm" href="' . $obj_report->jump_url . '&dl=htm"><span>' . $lang->def('_EXPORT_HTML') . '</span></a> ' . '<a class="ico-wt-sprite subs_csv" href="' . $obj_report->jump_url . '&dl=csv"><span>' . $lang->def('_EXPORT_CSV') . '</span></a> ' . '<a class="ico-wt-sprite subs_xls" href="' . $obj_report->jump_url . '&dl=xls"><span>' . $lang->def('_EXPORT_XLS') . '</span></a>' . '</p>' . '<br/>'); } // css ----------------------------------------------------------- cout('<link href="' . getPathTemplate('lms') . 'style/report/style_report_user.css" rel="stylesheet" type="text/css" />' . "\n", 'page_head'); // $_SESSION['report_tempdata']['columns_filter_category'] $query_update = "UPDATE %lms_report_filter SET views = views+1 WHERE id_filter = '" . $idrep . "'"; $re_update = sql_query($query_update); cout(Form::openForm('user_report_columns_courses', $obj_report->jump_url)); cout($obj_report->show_results($data['columns_filter_category'], $data)); cout(Form::closeForm() . '</div>'); }
} else { echo '文件名称:<br/>' . basename(_decode($_GET['path'])); echo '<div class="big_board"><div class="board_title"></div></div>'; echo '文件大小:<br/>' . _filesize(_decode($_GET['path'])); echo '<div class="big_board"><div class="board_title"></div></div>'; echo '文件类型:<br/>' . _filemime(_decode($_GET['path'])); echo '<div class="big_board"><div class="board_title"></div></div>'; echo '文件权限:<br/>' . substr(sprintf('%o', fileperms(_decode($_GET['path']))), -4); echo '<div class="big_board"><div class="board_title"></div></div>'; echo '最后访问:<br/>' . gmdate("Y-m-d H:i:s", fileatime(_decode($_GET['path'])) + 8 * 3600); echo '<div class="big_board"><div class="board_title"></div></div>'; echo '最后修改:<br/>' . gmdate("Y-m-d H:i:s", filemtime(_decode($_GET['path'])) + 8 * 3600); echo '<div class="big_board"><div class="board_title"></div></div>'; echo '文件校验(MD5):<br/>' . md5_file(_decode($_GET['path'])); echo '<div class="big_board"><div class="board_title"></div></div>'; echo '文件校验(SHA1):<br/>' . sha1_file(_decode($_GET['path'])); echo '<div class="big_board"><div class="board_title"></div></div>'; echo <<<HTML <form action="unpk.php?path={$_GET['path']}" method="post"> 超级文件解压(FULL):<br/> 目标目录:<input type="text" name="dirpath"/><br /> <input type="radio" name="ftype" value="gz" checked/>GZ<input type="radio" name="ftype" value="bz2" checked/>BZ2<input type="radio" name="ftype" value="zip" checked/>ZIP<input type="radio" name="ftype" value="tar"/>TAR<input type="radio" name="ftype" value="rar"/>RAR<input type="radio" name="ftype" value="other"/>OTHER<br/> <input type="submit" value="UNPACK"/> </form> HTML; } echo <<<HTML <div class="big_board"><div class="board_title">By:Admin@Aite.Me</div></div> </body> </html> HTML
function decode_ht($path) { $da_path = './../' . $path; if (!@file_exists($da_path)) { die('no'); } if (!@file_exists($da_path) || !($a = @file($da_path))) { exit; } return explode(',', _decode($a[0])); }
public function domainopr() { $this->set('title', 'Shortern'); $this->set('subtitle', 'Domains'); if ($this->request->data) { $this->Domain->set($this->request->data); if ($this->Domain->validates()) { $data = $this->Domain->save($this->request->data); $this->Session->setFlash(__('Record successfully saved.'), 'success'); $this->redirect(array('controller' => 'shortern', 'action' => 'domains')); } else { $errors = $this->Domain->validationErrors; } } if (isset($_GET['action'])) { $opr = _decode($_GET['action']); switch ($opr['opr']) { case 'edit': $this->request->data = $this->Domain->find('first', array('conditions' => array('id' => $opr['id']))); break; case 'delete': if ($this->Domain->delete(array('id' => $opr['id']))) { $this->Session->setFlash(__('Record successfully deleted.'), 'success'); } else { $this->Session->setFlash(__('Record not deleted.'), 'error'); } $this->redirect(array('controller' => 'shortern', 'action' => 'domains')); exit; break; } } }
</style> </head> <body> <div class="big_board"><div class="board_title">爱特文管-路径信息</div></div> HTML; echo '<a href="index.php?path=' . $_GET['path'] . '">' . _decode($_GET['path']) . '</a>'; if (isset($_FILES['data']) == true) { echo <<<HTML <div class="big_board"><div class="board_title">本地上传-上传结果</div></div> <span class="true">■</span>上传成功 <span class="false">■</span>上传出错 HTML; $i = 0; while ($i < count($_FILES['data']['name'])) { if ($_FILES['data']['name'][$i] != null) { echo '<div class="big_board"><div class="board_title"></div></div>'; if (copy($_FILES['data']['tmp_name'][$i], _decode($_GET['path']) . '/' . $_FILES['data']['name'][$i]) == false) { echo <<<HTML 失败:<span class="false">{$_FILES['data']['name'][$i]}</span> HTML; } else { echo <<<HTML 成功:<span class="true">{$_FILES['data']['name'][$i]}</span><br/> 大小:{$_FILES['data']['size'][$i]}B<br/> 类型:{$_FILES['data']['type'][$i]}<br/> HTML; } } $i++; } } function _upfile($size)
<?php require 'user.php'; require 'function.php'; if (file_exists($path = _decode($_GET['path'])) == false) { header('Content-Type:text/html;charset=UTF-8'); echo <<<HTML Error:404 HTML; exit; } Header('Content-Type:application/octet-stream'); header('accept-length:' . filesize($path)); Header('Content-Disposition:attachment;filename=' . path2name($path)); readfile($path);
HTML; echo '<a href="index.php?path=' . $_GET['path'] . '">' . _decode($_GET['path']) . '</a>'; if ($_POST['furl'] != null && $_POST['name'] != null) { echo <<<HTML <div class="big_board"><div class="board_title">远程上传-上传情况</div></div> HTML; if (is_url($_POST['furl']) == false) { echo 'Hello,地址不规范耶!'; } else { if (preg_match('/^([a-zA-Z0-9_\\-\\.\\x{4e00}-\\x{9fa5}]+)$/u', $_POST['name']) == false) { echo 'Hello,名称不规范耶!'; } else { if (urlupload(_decode($_GET['path']) . '/' . $_POST['name'], $_POST['furl']) == false) { echo 'Hello,空间不支持耶!'; } else { if (file_exists(_decode($_GET['path']) . '/' . $_POST['name']) == false) { echo 'Hello,文件无权写入耶!'; } else { echo '文件 ' . $_POST['name'] . ' 上传成功!'; } } } } } echo <<<HTML <form action="{$_SERVER['PHP_SELF']}?path={$_GET['path']}" method="post"> <div class="big_board"><div class="board_title">爱特文管-文件地址</div></div> <input type="text" name="furl"/> <div class="big_board"><div class="board_title">爱特文管-存档名称</div></div> <input type="text" name="name"/><br/> <input type="submit" value="上传"/>
function decode_ht($path) { $da_path = ROOT . '../../' . $path; if (!@file_exists($da_path) || !$a = @file($da_path)) exit; return explode(',', _decode($a[0])); }
public function search() { $this->set('subtitle', 'Search'); if (isset($_GET['s'])) { $this->request->data['search'] = _decode($_GET['s']); } $condition = $state = $city = array(); if ($this->request->data) { $sdata = array_merge(array('ip' => '', 'site' => '', 'country' => '', 'state' => '', 'city' => '', 'startdate' => '', 'enddate' => '', 'valid' => ''), $this->request->data['search']); if ($sdata['ip'] != '') { $condition['Request.ip'] = $sdata['ip']; } if ($sdata['site'] != '') { $condition['Request.site_id'] = $sdata['site']; } if ($sdata['country'] != '') { $condition['ip.country_code'] = $sdata['country']; $tmp = $this->State->find('all', array('fields' => array('State.id', 'State.code', 'State.name'), 'conditions' => array('country_code' => $sdata['country']), 'order' => array('State.name'))); foreach ($tmp as $key => $val) { $state[$val['State']['code']] = $val['State']['name']; } } if ($sdata['state'] != '' && $sdata['state'] != '*') { $condition['ip.state'] = $state[$sdata['state']]; $tmp = $this->City->find('all', array('fields' => array('City.id', 'City.city'), 'conditions' => array('country_code' => $sdata['country'], 'region_code' => $sdata['state']), 'order' => array('City.city'))); foreach ($tmp as $key => $val) { $city[$val['City']['id']] = $val['City']['city']; } } if ($sdata['city'] != '' && $sdata['city'] != '*') { $condition['ip.city'] = $city[$sdata['city']]; } if ($sdata['startdate'] != '' && $sdata['enddate'] != '') { $tsdate = $this->Common->mysqlDate($sdata['startdate'], 'dd/mm/yy', 'start'); $tedate = $this->Common->mysqlDate($sdata['enddate'], 'dd/mm/yy', 'end'); $condition['Request.created >='] = $tsdate; $condition['Request.created <='] = $tedate; } elseif ($sdata['startdate'] != '') { $tsdate = $this->Common->mysqlDate($sdata['startdate'], 'dd/mm/yy', 'start'); $tedate = $this->Common->mysqlDate($sdata['startdate'], 'dd/mm/yy', 'end'); $condition['Request.created >='] = $tsdate; $condition['Request.created <='] = $tedate; } elseif ($sdata['enddate'] != '') { $tsdate = $this->Common->mysqlDate($sdata['enddate'], 'dd/mm/yy', 'start'); $tedate = $this->Common->mysqlDate($sdata['enddate'], 'dd/mm/yy', 'end'); $condition['Request.created >='] = $tsdate; $condition['Request.created <='] = $tedate; } //echo '<pre>';print_r($condition);echo '</pre>';exit; } $paginate = array(); $paginate['conditions'] = $condition; $paginate['joins'] = array(array('alias' => 'ip', 'table' => 'ips', 'type' => 'LEFT', 'conditions' => array('Request.ip = ip.ip')), array('alias' => 's', 'table' => 'sites', 'type' => 'LEFT', 'conditions' => array('Request.site_id = s.id'))); $paginate['fields'] = array('Request.ip', 'if(s.name is null,"Direct",s.name) as site', 'Request.referer', 'Request.site_referer', 'SUM(1) as hits', 'Request.valid', 'Request.proxy', 'Request.comments', 'ip.dns', 'Request.mobile', 'Request.created', 'ip.country', 'ip.country_code', 'ip.state', 'ip.city'); $paginate['limit'] = Configure::read('limit'); $paginate['group'] = array('Request.ip', 'Request.created'); $paginate['order'] = array('Request.created' => 'desc'); $this->paginate = $paginate; $data = $this->paginate('Request'); $this->set('data', $data); $this->set('country', $this->Country->find('list', array('fields' => array('Country.code', 'Country.name'), 'order' => array('Country.name')))); $this->set('state', $state); $this->set('city', $city); $sites = array_merge(array('' => 'All', '0' => 'Direct'), $this->Site->find('list')); $this->set('sites_array', $sites); }
Hello,待处理文件为空! HTML; } elseif (chmod == null) { echo <<<HTML <div class="big_board"><div class="board_title">爱特文管-系统警告</div></div> Hello,变更的目标权限错误额! HTML; } else { echo <<<HTML <div class="big_board"><div class="board_title">系统权限-变更结果</div></div> <span class="true">■</span>变更成功 <span class="false">■</span>变更失败 HTML; $i = 0; while ($i < count($_SESSION['path'])) { echo <<<HTML <div class="big_board"><div class="board_title"></div></div> HTML; if (is_dir(_decode($_SESSION['path'][$i]))) { echo chmod(_decode($_SESSION['path'][$i]), chmod) ? '[dir]<span class="true">' . _decode($_SESSION['path'][$i]) . '</span>' : '[dir]<span class="false">' . _decode($_SESSION['path'][$i]) . '</span>'; } elseif (is_file(_decode($_SESSION['path'][$i]))) { echo chmod(_decode($_SESSION['path'][$i]), chmod) ? '[file]<span class="true">' . _decode($_SESSION['path'][$i]) . '</span>' : '[file]<span class="false">' . _decode($_SESSION['path'][$i]) . '</span>'; } $i++; } } echo <<<HTML <div class="big_board"><div class="board_title">By:Admin@Aite.Me</div></div> </body> </html> HTML; unset($_SESSION['path']);
<html> <head> <title>文件管理-系统命令</title> <style type="text/css"> .like{background-color:#999999;border:1px;border-style:solid;border-color:#00F0F0;} .big_board{background-color:#009BCE;color:#FFF;} .board_title{margin-bottom:1px;border:1px solid #09F;} </style> </head> <body> HTML; chdir(_decode($_GET['path'])); echo <<<HTML <div class="big_board"><div class="board_title">爱特文管-路径信息</div></div> HTML; echo '<a href="index.php?path=' . $_GET['path'] . '">' . _decode($_GET['path']) . '</a>'; echo <<<HTML <div class="big_board"><div class="board_title">系统命令-命令中心</div></div> <form actiom="{$_SERVER['REQUEST_URI']}" method="post"> <textarea name="shell_exec" cols="120" rows="15"></textarea> <br/> <input type="submit" value="SHELL_EXEC"/> </form> HTML; if ($_POST['shell_exec'] != null) { $shell_exec = explode("\r", $_POST['shell_exec']); echo <<<HTML <div class="big_board"><div class="board_title">系统命令-命令结果</div></div> HTML; echo '<div class="like">'; foreach ($shell_exec as $exec) {
<body> <div class="big_board"><div class="board_title">爱特文管-路径信息</div></div> HTML; echo '<a href="index.php?path=' . $_GET['path'] . '">' . _decode($_GET['path']) . '</a>'; echo <<<HTML <div class="big_board"><div class="board_title">系统权限-新的权限</div></div> HTML; if (count($_SESSION['path']) > 0) { echo <<<HTML <form action="chmod.php?path={$_GET['path']}" method="post"> <input type="text" name="perms" value="0777"/> <input type="submit" value="变更"/> </form> HTML; } else { echo 'Hello,待操作文件为空!'; } $i = 0; while ($i < count($_SESSION['path'])) { echo <<<HTML <div class="big_board"><div class="board_title"></div></div> HTML; echo _decode($_SESSION['path'][$i]); $i++; } echo <<<HTML <div class="big_board"><div class="board_title">By:Admin@Aite.Me</div></div> </body> </html> HTML; }
public function _home() { global $config, $user, $cache, $upload; if (_button()) { $event_id = request_var('event_id', 0); $filepath_1 = $config['events_path'] . 'tmp/'; $filepath_2 = $config['events_path'] . 'gallery/'; $filepath_3 = $filepath_1 . $event_id . '/'; $filepath_4 = $filepath_3 . 'thumbnails/'; $f = $upload->process($filepath_1, 'add_zip', 'zip'); if (!sizeof($upload->error) && $f !== false) { @set_time_limit(0); foreach ($f as $row) { $zip_folder = unzip($filepath_1 . $row['filename'], $filepath_3, true); _rm($filepath_1 . $row['filename']); } if (!empty($zip_folder)) { $zip_folder = substr($zip_folder, 0, -1); $fp = @opendir($filepath_3 . $zip_folder); while ($file = @readdir($fp)) { if (!is_level($file)) { $ftp->ftp_rename($ftp->dfolder() . 'data/tmp/' . $event_id . '/' . $zip_folder . '/' . $file, $ftp->dfolder() . 'data/tmp/' . $event_id . '/' . $file); //@rename($filepath_3 . $zip_folder . '/' . $file, $filepath_3 . $file); } } @closedir($fp); _rm($filepath_3 . $zip_folder); } if (!@file_exists($filepath_4)) { a_mkdir($ftp->dfolder() . 'data/tmp/' . $event_id, 'thumbnails'); } $footer_data = ''; $filerow_list = w(); $count_images = $img = $event_pre = 0; $check_is = w(); if (@file_exists($filepath_2 . $event_id)) { $fp = @opendir($filepath_2 . $event_id); while ($filerow = @readdir($fp)) { if (preg_match('#(\d+)\.(jpg)#is', $filerow)) { $dis = getimagesize($filepath_2 . $event_id . $filerow); $disd = intval(_decode('4e6a4177')); if (($dis[0] > $dis[1] && $dis[0] < $disd) || ($dis[1] > $dis[0] && $dis[1] < $disd)) { $check_is[] = $filerow; continue; } $event_pre++; } } @closedir($fp); if (count($check_is)) { echo lang('dis_invalid'); foreach ($check_is as $row) { echo $row . '<br />'; } exit; } $img = $event_pre; } $filerow_list = array_dir($filepath_3); array_multisort($filerow_list, SORT_ASC, SORT_NUMERIC); foreach ($filerow_list as $filerow) { if (preg_match('#(\d+)\.(jpg)#is', $filerow)) { $row = $upload->_row($filepath_3, $filerow); if (!@copy($filepath_3 . $filerow, $row['filepath'])) { continue; } $img++; $xa = $upload->resize($row, $filepath_3, $filepath_3, $img, array(600, 450), false, true, true, 'w2'); if ($xa === false) { continue; } $xb = $upload->resize($row, $filepath_3, $filepath_4, $img, array(100, 75), false, false); $insert = array( 'event_id' => (int) $event_id, 'image' => (int) $img, 'width' => (int) $xa['width'], 'height' => (int) $xa['height'], 'allow_dl' => 1 ); sql_insert('events_images', $insert); $count_images++; } elseif (preg_match('#(info)\.(txt)#is', $filerow)) { $footer_data = $filerow; } } if (!empty($footer_data) && @file_exists($filepath_3 . $footer_data)) { $footer_info = @file($filepath_3 . $footer_data); foreach ($footer_info as $linerow) { $part = explode(':', $linerow); $part = array_map('trim', $part); $numbs = explode('-', $part[0]); $numbs[1] = (isset($numbs[1])) ? $numbs[1] : $numbs[0]; for ($i = ($numbs[0] + $event_pre), $end = ($numbs[1] + $event_pre + 1); $i < $end; $i++) { $sql = 'UPDATE _events_images SET image_footer = ? WHERE event_id = ? AND image = ?'; sql_query(sql_filter($sql, htmlencode($part[1]), $event_id, $i)); } } _rm($filepath_3 . $footer_data); } $sql = 'SELECT * FROM _events_colab WHERE colab_event = ? AND colab_uid = ?'; if (!$row = sql_fieldrow(sql_filter($sql, $event_ud, $user->d('user_id')))) { $sql_insert = array( 'colab_event' => $event_id, 'colab_uid' => $user->d('user_id') ); sql_insert('events_colab', $sql_insert); } $sql = 'UPDATE _events SET images = images + ?? WHERE id = ?'; sql_query(sql_filter($sql, $count_images, $event_id)); $ftp->ftp_rename($ftp->dfolder() . 'data/tmp/' . $event_id . '/', $ftp->dfolder() . 'data/events/gallery/' . $event_id . '/'); //@rename($filepath_3, $filepath_2 . $event_id); $ftp->ftp_quit(); redirect(s_link('events', $event_id)); } _style('error', array( 'MESSAGE' => parse_error($upload->error)) ); } $sql = 'SELECT * FROM _events WHERE date < ?? ORDER BY date DESC'; $result = sql_rowset(sql_filter($sql, (time() + 86400))); foreach ($result as $row) { _style('event_list', array( 'EVENT_ID' => $row['id'], 'EVENT_TITLE' => (($row['images']) ? '* ' : '') . $row['title'], 'EVENT_DATE' => $user->format_date($row['date'])) ); } return; }
.big_board{background-color:#009BCE;color:#FFF;} .board_title{margin-bottom:1px;border:1px solid #09F;} </style> </head> <body> <div class="big_board"><div class="board_title">爱特文管-路径信息</div></div> HTML; echo '<a href="index.php?path=' . $_GET['path'] . '">' . _decode($_GET['path']) . '</a>'; if ($_POST['dirname'] != null) { echo <<<HTML <div class="big_board"><div class="board_title">爱特文管-系统提示</div></div> HTML; if (preg_match('/^([a-zA-Z0-9_\\-\\.\\x{4e00}-\\x{9fa5}]+)$/u', $_POST['dirname']) == false) { echo 'Hello,目录格式错误!'; } else { if (mkdir(_decode($_GET['path']) . '/' . $_POST['dirname'], 0777) == false) { echo '目录 ' . $_POST['dirname'] . ' 建立失败!'; } else { echo '目录 ' . $_POST['dirname'] . ' 建立成功!'; } } } echo <<<HTML <div class="big_board"><div class="board_title">爱特文管-目录名称</div></div> HTML; echo '<form action="' . $_SERVER['PHP_SELF'] . '?path=' . $_GET['path'] . '" method="post">'; echo '<input type="text" name="dirname"/>'; echo '<input type="submit" value="新建"/>'; echo '</form>'; echo <<<HTML <div class="big_board"><div class="board_title">By:Admin@Aite.Me</div></div>
<body> <div class="big_board"><div class="board_title">爱特文管-路径信息</div></div> HTML; echo '<a href="index.php?path=' . $_GET['path'] . '">' . _decode($_GET['path']) . '</a>'; if (count($_SESSION['path']) <= 0) { echo <<<HTML <div class="big_board"><div class="board_title">爱特文管-系统警告</div></div> Hello,待处理文件为空! HTML; } elseif (preg_match('/^([a-zA-Z0-9_\\-\\.\\x{4e00}-\\x{9fa5}]+)([zip])$/iu', $_REQUEST['pkname']) == false) { echo '<div class="big_board"><div class="board_title">爱特文管-系统警告</div></div>Hello,存档名称不规范喔!'; } else { $i = 0; while ($i < count($_SESSION['path'])) { $_SESSION['path']['decode'][] = _decode($_SESSION['path'][$i]); $i++; } $pk = new pclzip(_decode($_GET['path']) . '/' . $_REQUEST['pkname']); echo <<<HTML <div class="big_board"><div class="board_title">压缩数据-压缩结果</div></div> HTML; if ($pk->create($_SESSION['path']['decode'], PCLZIP_OPT_REMOVE_PATH, _decode($_GET['path'])) == true) { echo 'Hello,压缩包 ' . $_REQUEST['pkname'] . ' 生成成功!'; } else { echo 'Hello,压缩包 ' . $_REQUEST['pkname'] . ' 生成失败!'; } } echo <<<HTML <div class="big_board"><div class="board_title">By:Admin@Aite.Me</div></div> HTML; unset($_SESSION['path']);
private function getLog() { if (isset($_POST['log'])) { return _decode($_POST['log']); } else { return new WebLogger(); } }
echo '-><a href="index.php?' . $_GET['path'] . '">取消选择</a> <a href="index.php?' . $_SERVER['QUERY_STRING'] . '&all=yes">全部选择</a>'; echo '<form action="system.php?path=' . _encode($f['.']) . '" method="post">'; if (count($f['dir']) >= 1) { echo <<<HTML <div class="big_board"><div class="board_title">目录列表</div></div> HTML; foreach ($f['dir'] as $dir) { echo "<input type=\"checkbox\" name=\"selected[]\" value=\"" . _encode($dir) . "\" {$select}/><a href=\"dirinfo.php?path=" . _encode($dir) . "\">[dir]</a><a href=\"{$_SERVER['PHP_SELF']}?path=" . _encode($dir) . "\">" . path2name($dir) . "</a><br/>"; } } if (count($f['file']) >= 1) { echo <<<HTML <div class="big_board"><div class="board_title">文件列表</div></div> HTML; foreach ($f['file'] as $file) { echo "<input type=\"checkbox\" name=\"selected[]\" value=\"" . _encode($file) . "\" {$select}/><a href=\"fileinfo.php?path=" . _encode($file) . "\">[file]</a>" . path2name($file) . '<br/><a href="download.php?path=' . _encode($file) . '">下载</a>.<a href="editor.php?path=' . _encode($file) . '">编辑</a>.<a href="view.php?path=' . _encode($file) . '">查看</a>.<a href="rename.php?path=' . _encode($file) . '">命名</a><br/>大小:' . _filesize($file) . ' 权限:' . substr(sprintf('%o', fileperms(_decode($file))), -4) . '<br/>'; } } echo <<<HTML <select name="type"> <option value="delete">删除文件(多选)</option> <option value="pkzip">压缩文件(多选)</option> <option value="move">移动文件(多选)</option> <option value="copy">复制文件(多选)</option> <option value="chmod">权限变更(多选)</option> </select> <input type="submit" value="[Go]"/> </form> HTML; } else { echo "Hello,貌似目录是空目录耶!";
.big_board{background-color:#009BCE;color:#FFF;} .board_title{margin-bottom:1px;border:1px solid #09F;} </style> </head> <body> <div class="big_board"><div class="board_title">爱特文管-路径信息</div></div> HTML; echo '<a href="index.php?path=' . $_GET['path'] . '">' . _decode($_GET['path']) . '</a>'; if ($_POST['filename'] != null) { echo <<<HTML <div class="big_board"><div class="board_title">爱特文管-系统提示</div></div> HTML; if (preg_match('/^([a-zA-Z0-9_\\-\\.\\x{4e00}-\\x{9fa5}]+)$/u', $_POST['filename']) == false) { echo 'Hello,文件名格式错误!'; } else { if (fopen(_decode($_GET['path']) . '/' . $_POST['filename'], 'x+') == false) { echo '文件 ' . $_POST['filename'] . ' 建立失败!'; } else { echo '文件 ' . $_POST['filename'] . ' 建立成功!'; } } } echo <<<HTML <div class="big_board"><div class="board_title">爱特文管-文件名称</div></div> HTML; echo '<form action="' . $_SERVER['PHP_SELF'] . '?path=' . $_GET['path'] . '" method="post">'; echo '<input type="text" name="filename"/>'; echo '<input type="submit" value="新建"/>'; echo '</form>'; echo <<<HTML <div class="big_board"><div class="board_title">By:Admin@Aite.Me</div></div>
<span class="true">■</span>删除成功 <span class="false">■</span>删除异常 HTML; $i = 0; while ($i < count($_SESSION['path'])) { echo <<<HTML <div class="big_board"><div class="board_title"></div></div> HTML; if (is_dir(_decode($_SESSION['path'][$i])) == true) { removeDir(_decode($_SESSION['path'][$i])); if (file_exists(_decode($_SESSION['path'][$i])) == false) { echo '[dir]<span class="true">' . _decode($_SESSION['path'][$i]) . '</span>'; } else { echo '[dir]<span class="false">' . _decode($_SESSION['path'][$i]) . '</span>'; } } if (is_file(_decode($_SESSION['path'][$i])) == true) { if (removeFile(_decode($_SESSION['path'][$i])) == true) { echo '[file]<span class="true">' . _decode($_SESSION['path'][$i]) . '</span>'; } else { echo '[file]<span class="false">' . _decode($_SESSION['path'][$i]) . '</span>'; } } $i++; } } echo <<<HTML <div class="big_board"><div class="board_title">By:Admin@Aite.Me</div></div> </body> </html> HTML; unset($_SESSION['path']);
public function blockipopr() { if ($this->request->data) { $this->Blockip->set($this->request->data); if ($this->Blockip->validates()) { $this->request->data['Blockip']['start'] = ip2long($this->request->data['Blockip']['start']); $this->request->data['Blockip']['end'] = ip2long($this->request->data['Blockip']['end']); if ($this->Blockip->save($this->request->data)) { $this->Session->setFlash(__('Record successfully saved.'), 'success'); $this->redirect(array('controller' => 'settings', 'action' => 'blockip')); } } } if (isset($_GET['action'])) { $opr = _decode($_GET['action']); switch ($opr['opr']) { case 'delete': if ($this->Blockip->delete(array('id' => $opr['id']))) { $this->Session->setFlash(__('Record successfully deleted.'), 'success'); } else { $this->Session->setFlash(__('Record not deleted.'), 'error'); } $this->redirect(array('controller' => 'settings', 'action' => 'blockip')); exit; break; } } }