!C99Shell v.2.1 [PHP 7 Update] [1.12.2019]!

Software: Apache/2.2.8 (Ubuntu) PHP/5.2.4-2ubuntu5.12 with Suhosin-Patch mod_ssl/2.2.8 OpenSSL/0.9.8g. PHP/5.2.4-2ubuntu5.12 

uname -a: Linux forum.circlefusion.com 2.6.24-19-server #1 SMP Wed Jun 18 15:18:00 UTC 2008 i686 

uid=33(www-data) gid=33(www-data) groups=33(www-data) 

Safe-mode: OFF (not secure)

/home/doku/axrepos/axess/old/restricted/   drwxrwxr-x
Free 11.55 GB of 97.11 GB (11.9%)
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     users.inc.bak (6.43 KB)      -rw-rw-r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<?php
function disp_table($conn, $table)
{
	global $PHP_SELF, $HTTP_GET_VARS;

	$query = "select * from users ";
	if ($HTTP_GET_VARS[mode]==1) {
		$query.="order by ip,enabled,date desc";
	} else {
		$query.= "order by registered, enabled, date desc";
	};
	$result = pg_Exec($conn, $query.";");

	$rows=pg_numrows($result);

	echo "<FORM method=post>";
	echo "<TABLE border=1>\n";
	echo "<CAPTION>".$query."<br>result: ".$rows." row(s)</CAPTION>\n";
	echo "<TR><TH><input type=submit name=action value=new>"; // "<input type=submit name=action value=preferences>";
	echo "<input type=submit name=action value=\"edit\">";
	echo "<input type=submit name=action value=\"delete\">";
	echo "<br>\n";
	echo "<input type=submit name=action value=\"approve\">";
	echo "<input type=submit name=action value=\"disapprove\">";
	echo "<br>\n";
	echo "<input type=submit name=action value=\"enable\">";
	echo "<input type=submit name=action value=\"disable\">";
	echo "<br>\n";

	for($field=1;$field<pg_numfields($result);$field++) {
		$fieldname=pg_fieldname($result,$field);

		echo "<TH>".$fieldname."\n";
	}

	for($row=0;$row<$rows;$row++) {
		echo "<TR><TD>";
		$obj=pg_Fetch_Row($result,$row);
		echo "<input type=checkbox name=name[] value=\"".addslashes($obj[0])."\">";
		echo implode($obj, "<TD nowrap>");
		echo "</TR>\n";
	}

/*
	echo '<FORM method=post>';

	echo "\n<TR>";

	for($field=0;$field<pg_numfields($result);$field++) {
		$fieldname=pg_fieldname($result,$field);
		echo "<TD><input type=text name=\"",$fieldname,"\" value=\"",$HTTP_POST_VARS[$fieldname],"\">\n";
	}
*/
	echo("</TABLE>");
	echo("</FORM>");
}

function edit_dialog($result,$name) {
	$obj=pg_fetch_row($result,0);
	echo "<form method=post>\n";
	echo "<input type=hidden name=name[] value=\"".$name."\">\n";
	echo "<table border cellpadding=0 cellspacing=0>\n";
	for($field=0;$field<pg_numfields($result);$field++) {
		echo "<tr><th align=right>".pg_fieldname($result,$field).":";
		echo "<td>";
		if (strchr($obj[$field],"\n") || strchr($obj[$field],"\r")) {
			echo "<textarea name=\"fields[".pg_fieldname($result,$field)."]\" rows=10 cols=80>\n";
			echo htmlentities($obj[$field]);
			echo "</textarea>";
		} else {
			echo "<input type=text size=".strlen($obj[$field])." name=\"fields[".pg_fieldname($result,$field)."]\"";
			echo " value=\"".htmlentities($obj[$field])."\">";
		}
		echo "</tr>\n";
	}
	echo "<tr><td><th><input type=submit name=action value=update> <input type=submit name=action value=cancel>";
	echo "</table>\n";
	echo "</form>\n";
}

function new_dialog($result) {
	echo "<form method=post>\n";
	echo "<table border>\n";
	for($field=0;$field<pg_numfields($result);$field++) {
		echo "<tr><th align=right>".pg_fieldname($result,$field).":";
		echo "<td><input type=text size=40 name=\"fields[".pg_fieldname($result,$field)."]\"></tr>\n";
	}
	echo "<tr><td><th><input type=submit name=action value=insert> <input type=submit name=action value=cancel>";
	echo "</table>\n";
	echo "</form>\n";
}

function email_account_status($conn)
{
	global $HTTP_POST_VARS;

	$result=pg_exec($conn,"select * from users where name in ('".join($HTTP_POST_VARS[name],"', '")."');");
	$rows=pg_numrows($result);
	for ($row=0;$row<$rows;$row++) {
		$obj=pg_fetch_array($result,$row);
		mail($obj[email],"Your account on the AX discussion board","Welcome ".$obj[name].",\n\nYour login name is: '".$obj[name]."'\nYour password for the ax message board is: ".$obj[password]."\nYour registration has ".($obj[registered]=='t'?"":"not yet ")."been approved.\nYour account is currently ".($obj[enabled]=='t'?"enabled":"disabled").".\n\nYou can reach the board at http://ax.simplenet.com/kick/message/\n\nThank you,\nThe AX Team");
	}
}

function handle_table($conn,$table) {
	global $HTTP_POST_VARS;

	if (isset($HTTP_POST_VARS[action])) {

		if ($p=strpos($HTTP_POST_VARS[action]," ")) {
			$HTTP_POST_VARS[name][]=substr($HTTP_POST_VARS[action],$p+1);
			$HTTP_POST_VARS[action]=substr($HTTP_POST_VARS[action],0,$p);
		}

		switch ($HTTP_POST_VARS[action]) {
			case "delete":
				if(pg_exec($conn,"delete from ".$table." where name in ('".join($HTTP_POST_VARS[name],"', '")."');"))
					disp_table($conn,$table);
				break;
			case "enable":
				if(pg_exec($conn,"update ".$table." set enabled='t' where name in ('".join($HTTP_POST_VARS[name],"', '")."');")) {
					email_account_status($conn);
					disp_table($conn,$table);
				}
				break;
			case "disable":
				if(pg_exec($conn,"update ".$table." set enabled='f' where name in ('".join($HTTP_POST_VARS[name],"', '")."');")) {
					email_account_status($conn);
					disp_table($conn,$table);
				}
				break;
			case "approve":
				if(pg_exec($conn,"update ".$table." set registered='t',enabled='t',date='now' where name in ('".join($HTTP_POST_VARS[name],"', '")."');")) {
					email_account_status($conn);
					disp_table($conn,$table);
				}
				break;
			case "disapprove":
				if(pg_exec($conn,"update ".$table." set registered='f',enabled='f',date='now' where name in ('".join($HTTP_POST_VARS[name],"', '")."');")) {
					email_account_status($conn);
					disp_table($conn,$table);
				}
				break;
			case "edit":
				if ($result=pg_exec($conn,"select * from ".$table." where name='".current($HTTP_POST_VARS[name])."';"))
					edit_dialog($result,current($HTTP_POST_VARS[name]));
				break;
			case "new":
				$result=pg_exec($conn,"select * from ".$table." where name='';");
				new_dialog($result);
				break;
			case "insert":
				unset($k);
				unset($v);
				while ($a=each($HTTP_POST_VARS[fields])) {
					if ($a[value]!="") {
						$k[]=$a[key];
						$v[]="'".addslashes($a[value])."'";
					}
				}
				if (sizeof($k)==0) {
					echo "Empty form - not inserting.";
					exit();
				}
				if (pg_exec($conn,"insert into ".$table." (".join($k,", ").") VALUES (".join($v,", ").");")) {
					// $result=pg_exec($conn,"select * from ".$table." where name=1;");
					// new_dialog($result);
					disp_table($conn,$table);
				}
				break;
			case "update":
				unset($q);
				while (list($key, $value)=each($HTTP_POST_VARS[fields])) {
					if ($value=="")
						$q[]="\"".$key."\" = null";
					else
						$q[]="\"".$key."\" = '".addslashes($value)."'";
				}
				if (pg_exec($conn,"update ".$table." set ".join($q,", ")." where name='".current($HTTP_POST_VARS[name])."';")) {
					email_account_status($conn);
					disp_table($conn,$table);
					echo "update ".$table." set ".join($q,", ")." where name='".current($HTTP_POST_VARS[name])."';";
				}
				break;
			default:
				disp_table($conn,$table);
		}
		
	} else
				disp_table($conn,$table);
}
?>

:: Command execute ::

Enter:
 
Select:
 

:: Search ::
  - regexp 
:: Upload ::
 
[ Read-Only ]

:: Make Dir ::
 
[ Read-Only ]
:: Make File ::
 
[ Read-Only ]

:: Go Dir ::
 
:: Go File ::
 

--[ c99shell v.2.1 [PHP 7 Update] [1.12.2019] maintained by KaizenLouie and updated by cermmik | C99Shell Github (MySQL update) | Generation time: 0.0296 ]--