!C99Shell v.2.1 [PHP 7 Update] [1.12.2019]!

Software: Apache/2.2.8 (Ubuntu) PHP/5.2.4-2ubuntu5.12 with Suhosin-Patch mod_ssl/2.2.8 OpenSSL/0.9.8g. PHP/5.2.4-2ubuntu5.12 

uname -a: Linux forum.circlefusion.com 2.6.24-19-server #1 SMP Wed Jun 18 15:18:00 UTC 2008 i686 

uid=33(www-data) gid=33(www-data) groups=33(www-data) 

Safe-mode: OFF (not secure)

/home/doku/axrepos/axess/old/restricted/   drwxrwxr-x
Free 11.19 GB of 97.11 GB (11.53%)
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     table5.inc (5.43 KB)      -rw-rw-r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<?php
function disp_table($conn$table)
{
    global 
$PHP_SELF$HTTP_GET_VARS;

    
$query "select oid,topic,name,subject,date,text,ipaddr from msgboard_messages where toreview='t'";
    if (
$HTTP_GET_VARS[topic]) {
        
$query.=" and topic=".$HTTP_GET_VARS[topic];
    }
    
$query.= " order by date desc, topic;";
    
$result pg_Exec($conn$query);

    
$rows=pg_numrows($result);

    echo 
"<FORM method=post>";
    echo 
"<TABLE border=1>\n";
    echo 
"<CAPTION>".$query."<br>result: ".$rows." row(s)</CAPTION>\n";
    echo 
"<TR><TH><input type=submit name=action value=new>"// "<input type=submit name=action value=preferences>";
    
echo "<input type=submit name=action value=\"edit\">";
    echo 
"<br>\n";
    echo 
"<input type=submit name=action value=\"approve\">";
    echo 
"<input type=submit name=action value=\"disapprove\">";
    echo 
"<br>\n";
    echo 
"<input type=text name=newtopic size=2>";
    echo 
"<input type=submit name=action value=\"reparent\">";

    for(
$field=1;$field<pg_numfields($result);$field++) {
        
$fieldname=pg_fieldname($result,$field);
        echo 
"<TH><A HREF=\"".$PHP_SELF."?order_by=";

        
$orders="";
        
$orders[]=$fieldname;
        
$a=strtok($HTTP_GET_VARS["order_by"],",");
        while(
$a) {
            if (
$a!=$fieldname)
                
$orders[]=$a;
            
$a=strtok(",");
        }

        echo 
urlencode(implode($orders,",")),
            
'">',$fieldname,"</A>\n";
    }

    for(
$row=0;$row<$rows;$row++) {
        echo 
"<TR><TD>";
        
$obj=pg_Fetch_Row($result,$row);
        echo 
"<input type=checkbox name=oid[] value=".$obj[0].">";
        echo 
implode($obj"<TD>");
        echo 
"</TR>\n";
    }

/*
    echo '<FORM method=post>';

    echo "\n<TR>";

    for($field=0;$field<pg_numfields($result);$field++) {
        $fieldname=pg_fieldname($result,$field);
        echo "<TD><input type=text name=\"",$fieldname,"\" value=\"",$HTTP_POST_VARS[$fieldname],"\">\n";
    }
*/
    
echo("</TABLE>");
    echo(
"</FORM>");
}

function 
edit_dialog($result,$oid) {
    
$obj=pg_fetch_row($result,0);
    echo 
"<form method=post>\n";
    echo 
"<input type=hidden name=oid[] value=".$oid.">\n";
    echo 
"<table border cellpadding=0 cellspacing=0>\n";
    for(
$field=0;$field<pg_numfields($result);$field++) {
        echo 
"<tr><th align=right>".pg_fieldname($result,$field).":";
        echo 
"<td>";
        if (
strchr($obj[$field],"\n") || strchr($obj[$field],"\r")) {
            echo 
"<textarea name=\"fields[".pg_fieldname($result,$field)."]\" rows=10 cols=80>\n";
            echo 
htmlentities($obj[$field]);
            echo 
"</textarea>";
        } else {
            echo 
"<input type=text size=".strlen($obj[$field])." name=\"fields[".pg_fieldname($result,$field)."]\"";
            echo 
" value=\"".htmlentities($obj[$field])."\">";
        }
        echo 
"</tr>\n";
    }
    echo 
"<tr><td><th><input type=submit name=action value=update> <input type=submit name=action value=cancel>";
    echo 
"</table>\n";
    echo 
"</form>\n";
}

function 
new_dialog($result) {
    echo 
"<form method=post>\n";
    echo 
"<table border>\n";
    for(
$field=0;$field<pg_numfields($result);$field++) {
        echo 
"<tr><th align=right>".pg_fieldname($result,$field).":";
        echo 
"<td><input type=text size=40 name=\"fields[".pg_fieldname($result,$field)."]\"></tr>\n";
    }
    echo 
"<tr><td><th><input type=submit name=action value=insert> <input type=submit name=action value=cancel>";
    echo 
"</table>\n";
    echo 
"</form>\n";
}

function 
handle_table($conn,$table) {
    global 
$HTTP_POST_VARS;

    if (isset(
$HTTP_POST_VARS[action])) {

        if (
$p=strpos($HTTP_POST_VARS[action]," ")) {
            
$HTTP_POST_VARS[oid][]=substr($HTTP_POST_VARS[action],$p+1);
            
$HTTP_POST_VARS[action]=substr($HTTP_POST_VARS[action],0,$p);
        }

        switch (
$HTTP_POST_VARS[action]) {
            case 
"delete":
                if(
pg_exec($conn,"delete from ".$table." where oid in (".join($HTTP_POST_VARS[oid],", ").");"))
                    
disp_table($conn,$table);
                break;
            case 
"approve":
                if(
pg_exec($conn,"update ".$table." set expired='f',toreview='f',date='now' where oid in (".join($HTTP_POST_VARS[oid],", ").");"))
                    
disp_table($conn,$table);
                break;
            case 
"disapprove":
                if(
pg_exec($conn,"update ".$table." set expired='t',toreview='f' where oid in (".join($HTTP_POST_VARS[oid],", ").");"))
                    
disp_table($conn,$table);
                break;
            case 
"reparent":
                if(
pg_exec($conn,"update ".$table." set topic=".$HTTP_POST_VARS[newtopic]." where oid in (".join($HTTP_POST_VARS[oid],", ").");"))
                    
disp_table($conn,$table);
                break;
            case 
"edit":
                if (
$result=pg_exec($conn,"select * from ".$table." where oid=".current($HTTP_POST_VARS[oid]).";"))
                    
edit_dialog($result,current($HTTP_POST_VARS[oid]));
                break;
            case 
"new":
                
$result=pg_exec($conn,"select * from ".$table." where oid=1;");
                
new_dialog($result);
                break;
            case 
"insert":
                unset(
$k);
                unset(
$v);
                while (
$a=each($HTTP_POST_VARS[fields])) {
                    if (
$a[value]!="") {
                        
$k[]=$a[key];
                        
$v[]="'".addslashes($a[value])."'";
                    }
                }
                if (
sizeof($k)==0) {
                    echo 
"Empty form - not inserting.";
                    exit();
                }
                if (
pg_exec($conn,"insert into ".$table." (".join($k,", ").") VALUES (".join($v,", ").");")) {
                    
// $result=pg_exec($conn,"select * from ".$table." where oid=1;");
                    // new_dialog($result);
                    
disp_table($conn,$table);
                }
                break;
            case 
"update":
                unset(
$q);
                while (list(
$key$value)=each($HTTP_POST_VARS[fields])) {
                    if (
$value=="")
                        
$q[]="\"".$key."\" = null";
                    else
                        
$q[]="\"".$key."\" = '".addslashes($value)."'";
                }
                if (
pg_exec($conn,"update ".$table." set ".join($q,", ")." where oid=".current($HTTP_POST_VARS[oid]).";"))
                    
disp_table($conn,$table);
                break;
            case 
"order":
                break;
            default:
                
disp_table($conn,$table);
        }
        
    } else
                
disp_table($conn,$table);
}
?>

:: Command execute ::

Enter:
 
Select:
 

:: Search ::
  - regexp 

:: Upload ::
 
[ Read-Only ]

:: Make Dir ::
 
[ Read-Only ]
:: Make File ::
 
[ Read-Only ]

:: Go Dir ::
 
:: Go File ::
 

--[ c99shell v.2.1 [PHP 7 Update] [1.12.2019] maintained by KaizenLouie and updated by cermmik | C99Shell Github (MySQL update) | Generation time: 0.0062 ]--