!C99Shell v.2.1 [PHP 7 Update] [1.12.2019]!

Software: Apache/2.2.8 (Ubuntu) PHP/5.2.4-2ubuntu5.12 with Suhosin-Patch mod_ssl/2.2.8 OpenSSL/0.9.8g. PHP/5.2.4-2ubuntu5.12 

uname -a: Linux forum.circlefusion.com 2.6.24-19-server #1 SMP Wed Jun 18 15:18:00 UTC 2008 i686 

uid=33(www-data) gid=33(www-data) groups=33(www-data) 

Safe-mode: OFF (not secure)

/home/doku/axrepos/axess/   drwxrwxr-x
Free 11.59 GB of 97.11 GB (11.94%)
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     posts.inc (7.45 KB)      -rw-r--r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<?php
function disp_table($conn$table)
{
    global $PHP_SELF$HTTP_GET_VARS;
    
    $offset=$HTTP_GET_VARS['offset']+0;

    $query "select oid,id,topic,name,date,ipaddr,expired from msgboard_messages where true ";

    if ($HTTP_GET_VARS[topic]) 
        $query.=" and topic=".$HTTP_GET_VARS[topic];

    switch ($HTTP_GET_VARS[mode]) {
        case 5:
            $query.=" and topic='".trim($HTTP_GET_VARS[topic])."'  order by date, topic offset ".$offset." limit 76";
            break;
        case 4:
            $query.=" and ipaddr='".trim($HTTP_GET_VARS[ipaddress])."'  order by date desc, topic offset ".$offset." limit 76";
            break;
        case 3:
            $query.=" and topic='".trim($HTTP_GET_VARS[searchtopic])."'  order by date, topic offset ".$offset." limit 76";
            break;
        case 2:
            $query.=" and name~* '".trim($HTTP_GET_VARS[searchname])."'  order by date desc, topic offset ".$offset." limit 76";
            break;
        case 1:
            $query.=" and name='".trim($HTTP_GET_VARS[searchname])."'  order by date desc, topic offset ".$offset." limit 76";
            break;
        default:
            $query.= " order by date desc, topic offset ".$offset." limit 76";
            break;
    }
                
    $result pg_Exec($conn$query.";");

    $rows=pg_numrows($result);

    echo "<div id=\"queryView\"><b>SQL:</b> ".$query."</div>\n";
    echo "<div id=\"queryDetails\"><b>Results:</b> ".$rows." row(s)</div>\n";
    echo "<div class=\"pagination\">\n";
    if ($offset>0) {
        $_GET['offset'] = $offset 75;
        echo "  <a href=\"".htmlentities($PHP_SELF."?".join('&',array_map(create_function('$a,$b','return urlencode($a)."=".urlencode($b);'),array_keys($_GET),array_values($_GET))))."\">Previous 75</a>";
    }
    if ($rows>75) {
        $_GET['offset'] = $offset 75;
        echo "  <a href=\"".htmlentities($PHP_SELF."?".join('&',array_map(create_function('$a,$b','return urlencode($a)."=".urlencode($b);'),array_keys($_GET),array_values($_GET))))."\">Next 75</a>";
    }
    echo "</div>\n";
    
    echo "<form method=\"post\">\n";
    echo "  <div id=\"userActions\">\n";
    echo "      <input id=\"newButton\" type=\"submit\" name=\"action\" value=\"new\" />\n"// "<input type=submit name=action value=preferences>";
    echo "      <input id=\"editButton\" type=\"submit\" name=\"action\" value=\"edit\" />\n";
    echo "      <input id=\"expireButton\" type=\"submit\" name=\"action\" value=\"expire\" />\n";
    echo "      <input id=\"reparentButton\" type=\"submit\" name=\"action\" value=\"reparent\" />\n";
    echo "      <input type=\"text\" name=\"newtopic\" id=\"reparentNewTopic\" size=\"5\" />\n";
    echo "  </div>\n";
    echo "  <table id=\"topicsTable\" cellspacing=\"0\" cellpadding=\"0\">\n";
    echo "      <tr>\n";

    
    echo "          <th>Select</th>\n";
    for($field=1;$field<pg_numfields($result);$field++) {
        $fieldname=pg_fieldname($result,$field);
        echo "          <th>".$fieldname."</th>\n";
    }
    echo "      </tr>\n";
    
    for($row=0;$row<$rows;$row++) {
        $obj=pg_Fetch_Row($result,$row);
        echo "      <tr>\n";
        echo "          <td class=\"col1\">\n";
        //echo "              <input type=\"checkbox\" name=\"oid[]\" value=\"".$obj[0]."\" /> ".$obj[0]."\n";
        echo "              <input type=\"checkbox\" name=\"oid[]\" value=\"".$obj[0]."\" />\n";
        echo "          </td>\n";
        foreach($obj as $key=>$val$obj[$key]=nl2br(htmlspecialchars($val));
        
        foreach($obj as $key=>$val) {
            if ($key 0) {
                echo "          <td class=\"col".($key 1)."\">\n";
                if ($key == 4) {
                    echo "              ".substr($obj[$key],0,16)."\n";
                } else {
                    echo "              ".$obj[$key]."\n";
                }
                echo "          </td>\n";
            }
        }
        echo "      </tr>\n";
    }
    echo("   </table>");
    echo("</form>");
}

function edit_dialog($result,$oid) {
    $obj=pg_fetch_row($result,0);
    echo "<form method=\"post\">\n";
    echo "<input type=\"hidden\" name=\"oid[]\" value=".$oid." />\n";
    echo "<table cellpadding=\"0\" cellspacing=\"0\">\n";
    for($field=0;$field<pg_numfields($result);$field++) {
        echo "<tr><td align=\"right\">".pg_fieldname($result,$field).":</td>";
        echo "<td>";
        if (strchr($obj[$field],"\n") || strchr($obj[$field],"\r")) {
            echo "<textarea name=\"fields[".pg_fieldname($result,$field)."]\" rows=\"10\" cols=\"80\">\n";
            echo htmlentities($obj[$field]);
            echo "</textarea>";
        } else {
            echo "<input type=\"text\" size=".strlen($obj[$field])." name=\"fields[".pg_fieldname($result,$field)."]\"";
            echo " value=\"".htmlentities($obj[$field])."\">";
        }
        echo "</td></tr>\n";
    }
    echo "<tr><td><input type=\"submit\" name=\"action\" value=\"update\" /> <input type=\"submit\" name=\"action\" value=\"cancel\" /></td></tr>";
    echo "</table>\n";
    echo "</form>\n";
}

function new_dialog($result) {
    echo "<form method=\"post\">\n";
    echo "<table border>\n";
    for($field=0;$field<pg_numfields($result);$field++) {
        echo "<tr><td align=\"right\">".pg_fieldname($result,$field).":</td>";
        echo "<td><input type=\"text\" size=\"40\" name=\"fields[".pg_fieldname($result,$field)."]\"></td></tr>\n";
    }
    echo "<tr><td><input type=\"submit\" name=\"action\" value=\"insert\" /> <input type=\"submit\" name=\"action\" value=\"cancel\" /></td></tr>";
    echo "</table>\n";
    echo "</form>\n";
}

function handle_table($conn,$table) {
    global $HTTP_POST_VARS;

    if (isset($HTTP_POST_VARS[action])) {

        if ($p=strpos($HTTP_POST_VARS[action]," ")) {
            $HTTP_POST_VARS[oid][]=substr($HTTP_POST_VARS[action],$p+1);
            $HTTP_POST_VARS[action]=substr($HTTP_POST_VARS[action],0,$p);
        }

        switch ($HTTP_POST_VARS[action]) {
            case "delete":
                if(pg_exec($conn,"delete from ".$table." where oid in (".join($HTTP_POST_VARS[oid],", ").");"))
                    disp_table($conn,$table);
                break;
            case "expire":
                if(pg_exec($conn,"update ".$table." set expired='t' where oid in (".join($HTTP_POST_VARS[oid],", ").");")) {
                    disp_table($conn,$table);
                }
                break;
            case "reparent":
                if(pg_exec($conn,"update ".$table." set topic=".$HTTP_POST_VARS[newtopic]." where oid in (".join($HTTP_POST_VARS[oid],", ").");"))
                    disp_table($conn,$table);
                break;
            case "edit":
                if ($result=pg_exec($conn,"select * from ".$table." where oid=".current($HTTP_POST_VARS[oid]).";"))
                    edit_dialog($result,current($HTTP_POST_VARS[oid]));
                break;
            case "new":
                $result=pg_exec($conn,"select * from ".$table." where oid=1;");
                new_dialog($result);
                break;
            case "insert":
                unset($k);
                unset($v);
                while ($a=each($HTTP_POST_VARS[fields])) {
                    if ($a[value]!="") {
                        $k[]=$a[key];
                        $v[]="'".$a[value]."'";
                    }
                }
                if (sizeof($k)==0) {
                    echo "Empty form - not inserting.";
                    exit();
                }
                if (pg_exec($conn,"insert into ".$table." (".join($k,", ").") VALUES (".join($v,", ").");")) {
                    // $result=pg_exec($conn,"select * from ".$table." where oid=1;");
                    // new_dialog($result);
                    disp_table($conn,$table);
                }
                break;
            case "update":
                unset($q);
                while (list($key$value)=each($HTTP_POST_VARS[fields])) {
                    if ($value=="")
                        $q[]="\"".$key."\" = null";
                    else
                        $q[]="\"".$key."\" = '".addslashes($value)."'";
                }
                if (pg_exec($conn,"update ".$table." set ".join($q,", ")." where oid=".current($HTTP_POST_VARS[oid]).";"))
                    disp_table($conn,$table);
                break;
            case "order":
                break;
            default:
                disp_table($conn,$table);
        }
        
    } else
                disp_table($conn,$table);
}


?>

:: Command execute ::

Enter:
 
Select:
 

:: Search ::
  - regexp 
:: Upload ::
 
[ Read-Only ]

:: Make Dir ::
 
[ Read-Only ]
:: Make File ::
 
[ Read-Only ]

:: Go Dir ::
 
:: Go File ::
 

--[ c99shell v.2.1 [PHP 7 Update] [1.12.2019] maintained by KaizenLouie and updated by cermmik | C99Shell Github (MySQL update) | Generation time: 0.0066 ]--