!C99Shell v.2.1 [PHP 7 Update] [1.12.2019]!

Software: Apache/2.2.8 (Ubuntu) PHP/5.2.4-2ubuntu5.12 with Suhosin-Patch mod_ssl/2.2.8 OpenSSL/0.9.8g. PHP/5.2.4-2ubuntu5.12 

uname -a: Linux forum.circlefusion.com 2.6.24-19-server #1 SMP Wed Jun 18 15:18:00 UTC 2008 i686 

uid=33(www-data) gid=33(www-data) groups=33(www-data) 

Safe-mode: OFF (not secure)

/home/doku/axrepos/axess/old/restricted/   drwxrwxr-x
Free 11.55 GB of 97.11 GB (11.9%)
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     table4.inc (6.62 KB)      -rw-rw-r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<?php
function disp_table($conn$table)
{
    global $PHP_SELF$HTTP_GET_VARS;

    $offset=$HTTP_GET_VARS['offset']+0;

    $query "select oid,* from msgboard_topics ";

    if ($_REQUEST['topicgroup']) {
        $cond[]= " topicgroup='".addslashes($_REQUEST['topicgroup'])."' ";
    }
    
switch ($HTTP_GET_VARS[mode]) {
        case 4:
            $cond[]=" id = '".trim($HTTP_GET_VARS[topicid])."'";
            $order[]=" modified desc offset ".$offset." limit 76";
            break;
        case 3:
            $cond[]=" text ~* '".trim($HTTP_GET_VARS[searchname])."'";
            $order[]=" modified desc offset ".$offset." limit 76";
            break;
        case 2:
            $cond[]=" creator ~* '".trim($HTTP_GET_VARS[searchname])."'";
            $order[]=" modified desc offset ".$offset." limit 76";
            break;
        case 1:
            $cond[]=" creator = '".trim($HTTP_GET_VARS[searchname])."'";
            $order[]=" modified desc offset ".$offset." limit 76";
            break;
        default:
            $order[]=" modified desc offset ".$offset." limit 76";
            break;
    }

    if (count($cond)) $query.=" where ".join(' and ',$cond);
    if (count($order)) $query.=" order by ".join('',$order);

    $result pg_Exec($conn$query.";");
    if (!$result) {
        echo $query;
        echo pg_result_error($result);
    }

    $rows=pg_numrows($result);

    echo "<table width=100%>";
    echo "<tr>";
    echo "<td align=left>";
    if ($offset>0) {
        $_GET['offset']-=75;
        echo "<a href=\"".htmlentities($PHP_SELF."?".join('&',array_map(create_function('$a,$b','return urlencode($a)."=".urlencode($b);'),array_keys($_GET),array_values($_GET))))."\">Previous 75</a>";
    }
    echo "<td align=right>";
    if ($rows>75) {
        $_GET['offset']+=75;
        echo "<a href=\"".htmlentities($PHP_SELF."?".join('&',array_map(create_function('$a,$b','return urlencode($a)."=".urlencode($b);'),array_keys($_GET),array_values($_GET))))."\">Next 75</a>";
        $rows=75;
    }
    echo "</table>";

    echo "<FORM method=post>";
    echo "<TABLE width=\"100%\" border=1>\n";
    echo "<CAPTION>".$query."<br>result: ".$rows." row(s)</CAPTION>\n";
    echo "<TR><TH><input type=submit name=action value=new>"// "<input type=submit name=action value=preferences>";
    echo "<input type=submit name=action value=\"expire\">";
    echo "<input type=submit name=action value=\"edit\">";
    echo "<br>\n";

    for($field=1;$field<pg_numfields($result);$field++) {
        $fieldname=pg_fieldname($result,$field);
        echo "<TH>$fieldname";
    }

    for($row=0;$row<$rows;$row++) {
        echo "<TR><TD>";
        $obj=pg_Fetch_Row($result,$row);
        echo "<input type=checkbox name=oid[] value=".$obj[0].">";
        $obj[1]="<a href=\"msgboard2?topic=".$obj[2]."\">".$obj[1]."</a>";
        echo implode($obj"<TD>");
        echo "</TR>\n";
    }

    echo("</TABLE>");
    echo("</FORM>");
}

function edit_dialog($result,$oid) {
    $obj=pg_fetch_row($result,0);
    echo "<form method=post>\n";
    echo "<input type=hidden name=oid[] value=".$oid.">\n";
    echo "<table border cellpadding=0 cellspacing=0>\n";
    for($field=0;$field<pg_numfields($result);$field++) {
        echo "<tr><th align=right>".pg_fieldname($result,$field).":";
        echo "<td>";
        switch (pg_fieldname($result,$field)) {
        case 'type':
            echo '<select name="fields['.htmlspecialchars(pg_fieldname($result,$field)).']">';
            foreach(array(0=>'normal'1=>'sticky'2=>'news') as $id=>$name) {
                echo '<option value="'.htmlspecialchars($id).'"'.($obj[$field]==$id?" selected":"").'>'.htmlspecialchars($name).'</option>';
            }
            echo "</select>";
            break;
        case 'topicgroup':
            echo '<select name="fields['.htmlspecialchars(pg_fieldname($result,$field)).']">';
            foreach(pg_fetch_all(pg_query("select * from msgboard_topicgroups;")) as $topicgroup) {
                echo '<option value="'.htmlspecialchars($topicgroup['id']).'"'.($obj[$field]==$topicgroup['id']?" selected":"").'>'.htmlspecialchars($topicgroup['name']).'</option>';
            }
            echo "</select>";
            break;
        default:
            if (strchr($obj[$field],"\n") || strchr($obj[$field],"\r")) {
                echo "<textarea name=\"fields[".pg_fieldname($result,$field)."]\" rows=10 cols=80>\n";
                echo htmlentities($obj[$field]);
                echo "</textarea>";
            } else {
                echo "<input type=text size=".strlen($obj[$field])." name=\"fields[".pg_fieldname($result,$field)."]\"";
                echo " value=\"".htmlentities($obj[$field])."\">";
            }
        }
        echo "</tr>\n";
    }
    echo "<tr><td><th><input type=submit name=action value=update> <input type=submit name=action value=cancel>";
    echo "</table>\n";
    echo "</form>\n";
}

function new_dialog($result) {
    echo "<form method=post>\n";
    echo "<table border>\n";
    for($field=0;$field<pg_numfields($result);$field++) {
        echo "<tr><th align=right>".pg_fieldname($result,$field).":";
        echo "<td><input type=text size=40 name=\"fields[".pg_fieldname($result,$field)."]\"></tr>\n";
    }
    echo "<tr><td><th><input type=submit name=action value=insert> <input type=submit name=action value=cancel>";
    echo "</table>\n";
    echo "</form>\n";
}

function handle_table($conn,$table) {
    global $HTTP_POST_VARS;

    if (isset($HTTP_POST_VARS[action])) {

        if ($p=strpos($HTTP_POST_VARS[action]," ")) {
            $HTTP_POST_VARS[oid][]=substr($HTTP_POST_VARS[action],$p+1);
            $HTTP_POST_VARS[action]=substr($HTTP_POST_VARS[action],0,$p);
        }

        switch ($HTTP_POST_VARS[action]) {
            case "delete":
                if(pg_exec($conn,"delete from ".$table." where oid in (".join($HTTP_POST_VARS[oid],", ").");"))
                    disp_table($conn,$table);
                break;
            case "expire":
                if(pg_exec($conn,"update ".$table." set expired='t' where oid in (".join($HTTP_POST_VARS[oid],", ").");"))
                    disp_table($conn,$table);
                break;
            case "edit":
                if ($result=pg_exec($conn,"select * from ".$table." where oid=".current($HTTP_POST_VARS[oid]).";"))
                    edit_dialog($result,current($HTTP_POST_VARS[oid]));
                break;
            case "new":
                $result=pg_exec($conn,"select * from ".$table." where oid=1;");
                new_dialog($result);
                break;
            case "insert":
                unset($k);
                unset($v);
                while ($a=each($HTTP_POST_VARS[fields])) {
                    if ($a[value]!="") {
                        $k[]=$a[key];
                        $v[]="'".addslashes($a[value])."'";
                    }
                }
                if (sizeof($k)==0) {
                    echo "Empty form - not inserting.";
                    exit();
                }
                if (pg_exec($conn,"insert into ".$table." (".join($k,", ").") VALUES (".join($v,", ").");")) {
                    // $result=pg_exec($conn,"select * from ".$table." where oid=1;");
                    // new_dialog($result);
                    disp_table($conn,$table);
                }
                break;
            case "update":
                unset($q);
                while (list($key$value)=each($HTTP_POST_VARS[fields])) {
                    if ($value=="")
                        $q[]="\"".$key."\" = null";
                    else
                        $q[]="\"".$key."\" = '".addslashes($value)."'";
                }
                if (pg_exec($conn,"update ".$table." set ".join($q,", ")." where oid=".current($HTTP_POST_VARS[oid]).";"))
                    disp_table($conn,$table);
                break;
            case "order":
                break;
            default:
                disp_table($conn,$table);
        }
        
    } else
                disp_table($conn,$table);
}
?>

:: Command execute ::

Enter:
 
Select:
 

:: Search ::
  - regexp 
:: Upload ::
 
[ Read-Only ]

:: Make Dir ::
 
[ Read-Only ]
:: Make File ::
 
[ Read-Only ]

:: Go Dir ::
 
:: Go File ::
 

--[ c99shell v.2.1 [PHP 7 Update] [1.12.2019] maintained by KaizenLouie and updated by cermmik | C99Shell Github (MySQL update) | Generation time: 0.0058 ]--