!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6 

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686
 

uid=48(apache) gid=48(apache) groups=48(apache) 

Safe-mode: OFF (not secure)

/var/www/html/manage/editor/   drwxr-xr-x
Free 51 GB of 127.8 GB (39.9%)
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     quickB.js (23.38 KB)      -rw-r--r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
var fID; //*** IFRAME ID
var TXTOBJ; //*** TEXT Obj
var format = new Array();
var viewm = new Array();


/**************************************/
document.onmousedown=doMousedown
document.onmouseup=doMouseup


function changetoIframeEditor(el)
{
   var wi= '', hi= '';
   if(el.style.height) hi= " height=" + el.style.height
   else if(el.rows) hi= " height=" + (14*el.rows+28)
   if(el.style.width) wi= " width=" + el.style.width
   else if(el.cols) wi= " width=" + (6*el.cols +25)
   	   
   var parent= el.parentElement
   while(parent.tagName != 'FORM') parent= parent.parentElement
   var oform= parent
   var fidx=0; while(document.forms[fidx] != oform) fidx++ ; // form index

   var val=''
   if(el.tagName=='TEXTAREA'){ fID= fidx+'VDevID'+el.name; val= el.innerText }
   else fID= fidx+'VDevID'+el.id

   var strx = createEditor(fID,wi,hi);
   el.outerHTML= strx
   
   iEditor(fID)

   if(el.tagName!='TEXTAREA') return
   	   
   var reg= eval("/<br>/i") ;
   if( reg.test(val) ) val= val.replace(/\n/g, "");
   else val= val.replace(/\n/g, "<br>");

   val= val.replace(/\r/g, "");
   val= val.replace(/\t/g, "");

   val= val.replace(/\\/g, "&#92");
   val= val.replace(/\'/g, "&#39;");

   setTimeout("document.frames['"+fID+"'].document.body.innerHTML='"+val+"'",200)
   oform[fID.split('VDevID')[1]].value= val

}


function iEditor(idF)
{
  var obj=document.frames[idF]
  obj.document.designMode="On"
  obj.document.onmousedown= function(){  TXTOBJ=null; fID=idF; FMousedown();}
  
  format[idF]='HTML'
  viewm[idF]=1;
}


function formatDialogF()
{
  var y = screen.height - parseInt('30em')*14 - 30 
  var feature = "font-family:Tahoma; font-size:10pt; dialogWidth:30em; dialogHeight:27em; dialogTop:"+y
      feature+= ";edge:sunken; help:no; status:no"

  var dialog= QBPATH+'/dialog.html'
  var arr= showModalDialog(dialog, "visual", feature);
  if(arr==null) return ; 

  doFormatF(arr)
  	  
}


function FMousedown()
{
  var objF=document.frames[fID];
 // if(objF && objF.event && objF.event.button==2) formatDialogF();

  var el = objF.event.srcElement 
  doClick(el)
}


// init all found TEXTAREA in document
function changeAllTextareaToEditors()
{
  var i=0;
  while(document.all.tags('textarea')[i])
   { 
    changetoIframeEditor(document.all.tags('textarea')[i])
	if(++i>0 && !document.all.tags('textarea')[i] ) i=0;
   }

}


// init all found IFRAME in document to Editable
function changeAllIframeToEditors()
{
  var i=0;
  while(document.all.tags('iframe')[i])
  { 
	changetoIframeEditor(document.all.tags('iframe')[i])
	i++
  }

}


// init only IFRAMEs that have "id=argument of initEditors"
// e.g. changeIframeToEditor('id1','id2',...)
function changeIframeToEditor()
{
  for(var j=0;j<arguments.length;j++)
   {
     var i=0;
	 while(document.all.tags('iframe')[i])
	  { 
		if(document.all.tags('iframe')[i].id == arguments[j])
		  { changetoIframeEditor(document.all.tags('iframe')[i]); break; }
	    i++
	  }
   }
}



/////////////////////////////////////////////////////////////////
function  controlRows()
{
  iurl= QBPATH + '/imgedit'

  str = "<TR bgColor=#EAEAEA align=left valign=middle >\
<STYLE>IMG {cursor:hand}</STYLE>\
<TD nowrap>\
<SELECT name='QBCNTRL1' onchange='doFormatF(\"FontName,\"+this.value)' style='height:22; width:165; background:#EAEAEA; color:#000000; font-size:12px'>\
<OPTION value='MS Sans Serif'>Select Font\
<OPTION value='MS Sans Serif'>Font='MS Sans Serif'\
<OPTION value='Tahoma'>Font='Tahoma'\
<OPTION value='Microsoft Sans Serif'>Font='Microsoft Sans Serif'\
<OPTION value='AngsanaUPC'>Font='AngsanaUPC'\
<OPTION value='Arial'>Font='Arial'\
<OPTION value='Times New Roman'>Font='Times New Roman'\
<OPTION value='Courier New'>Font='Courier New'\
</SELECT>\
<SELECT name='QBCNTRL3' onchange='doFormatF(\"FontSize,\"+this.value)' style='height:22; width:115; background:#EAEAEA; color:#000000; font-size:12px'>\
<OPTION value=2>Font Size\
<OPTION value=7>Size=7\
<OPTION value=6>Size=6\
<OPTION value=5>Size=5\
<OPTION value=4>Size=4\
<OPTION value=3>Size=3\
<OPTION value=2>Size=2\
<OPTION value=1>Size=1\
</OPTION>\
</SELECT>\
<img src='IURL/left.gif' border=0 alt='ชิดซ้าย' width=23 height=22 onclick='doFormatF(\"JustifyLeft\")'>\
<img src='IURL/center.gif' border=0 alt='จัดกึ่งกลาง' width=23 height=22 onclick='doFormatF(\"JustifyCenter\")'>\
<img src='IURL/right.gif' border=0 alt='ชิดขวา' width=23 height=22 onclick='doFormatF(\"JustifyRight\")'>\
<img src='IURL/bold.gif' border=0 alt='ตัวหนา' width=23 height=22 onclick='doFormatF(\"Bold\")'>\
<img src='IURL/italic.gif' border=0 alt='ตัวเอียง' width=23 height=22 onclick='doFormatF(\"Italic\")'>\
<img src='IURL/under.gif' border=0 alt='ขีดเส้นใต้' width=23 height=22 onclick='doFormatF(\"Underline\")'>\
<img src='IURL/strike.gif' border=0 alt='ตัวขีด' width=23 height=22 onclick='doFormatF(\"StrikeThrough\")'>\
<img src='IURL/bgcolor.gif' border=0 alt='สีพื้นตัวอักษร' width=23 height=22 onclick='selectBgColor()'>\
<img src='IURL/fgcolor.gif' border=0 alt='สีตัวอักษร' width=23 height=22 onclick='selectFgColor()'>\
<img src='IURL/link.gif' border=0 alt='สร้างลิงค์ URL' width=23 height=22 onclick='doFormatF(\"CreateLink\")'>\
<img src='IURL/unlink.gif' border=0 alt='ลบลิงค์ URL' width=23 height=22 onclick='doFormatF(\"UnLink\")'>\
<img src='IURL/cut.gif' border=0 alt='ตัด' width=23 height=22 onclick='doFormatF(\"Cut\")'>\
<img src='IURL/copy.gif' border=0 alt='คัดลอก' width=23 height=22 onclick='doFormatF(\"Copy\")'>\
<img src='IURL/paste.gif' border=0 alt='วาง' width=23 height=22 onclick='doFormatF(\"Paste\")'>\
<img src='IURL/yourimg.gif' border=0 alt='แทรกภาพ' width=23 height=22 onclick='doUploadFile()' name='QBCNTRL7'>\
<br><INPUT name='QBCNTRL5' value='เปลี่ยนโหมด HTML/VIEW' onclick='swapMode()' type=button style='height:22; width:150; background:#CCCCCC; border-color:#EAEAEA; color:#000000; font-size:12px'>\
<img src='IURL/instable.gif' border=0 alt='สร้างตาราง' width=23 height=22 onclick='insertTable()'>\
<img src='IURL/tabprop.gif' border=0 alt='จัดรูปแบบตาราง' width=23 height=22 onclick='tableProp()'>\
<img src='IURL/cellprop.gif' border=0 alt='จัดรูปแบบช่องตาราง' width=23 height=22 onclick='cellProp()'>\
<img src='IURL/inscell.gif' border=0 alt='เพิ่มช่อง' width=23 height=22 onclick='insertCell()'>\
<img src='IURL/delcell.gif' border=0 alt='ลบช่อง' width=23 height=22 onclick='deleteCell()'>\
<img src='IURL/insrow.gif' border=0 alt='เพิ่มแถวแนวนอน' width=23 height=22 onclick='insertRow()'>\
<img src='IURL/delrow.gif' border=0 alt='ลบแถวแนวนอน' width=23 height=22 onclick='deleteRow()'>\
<img src='IURL/inscol.gif' border=0 alt='เพิ่มแถวแนวตั้ง' width=23 height=22 onclick='insertCol()'>\
<img src='IURL/delcol.gif' border=0 alt='ลบแถวแนวตั้งl' width=23 height=22 onclick='deleteCol()'>\
<img src='IURL/mrgcell.gif' border=0 alt='รวมคอลัม' width=23 height=22 onclick='morecolSpan()'>\
<img src='IURL/spltcell.gif' border=0 alt='แยกคอลัม' width=23 height=22 onclick='lesscolSpan()'>\
<img src='IURL/mrgrow.gif' border=0 alt='รวมแถว' width=23 height=22 onclick='morerowSpan()'>\
<img src='IURL/spltrow.gif' border=0 alt='แยกแถว' width=23 height=22 onclick='lessrowSpan()'>\
</TD></TR>"

 str = str.replace(/IURL/g, iurl);
 return str ; 
}


function createEditor(id,wi,hi)
{
  var strx = "<iframe id="+id+ hi +" width=100%></iframe>"

  var idA= id.split('VDevID')

  strx += "<input name="+idA[1]+" type=hidden></input>"
 
  var str="<TABLE border=0 cellspacing=0 cellpadding=1" + wi + "><tr><td>"
  str += strx + "</td></tr>"
  
  str += controlRows();

  str += "</TABLE>" ;

  return str ;

}
/////////////////////////////////////////////////////////////////


function doFormatF(arr)
{
  var objF=document.frames[fID];
  if(!objF){alert('Please click to select the editor');return}
  objF.focus()

  var cmd = new Array();
  cmd = arr.split(',')

  if(cmd[0]=='SelectAll') selectAll();
  else if(cmd[0]=='Swap[Text/HTML]') swapMode(); 
  else if(cmd[0]=='Swap[Uni/View]') swapView();
  else if(cmd[0]=='InsertTable') insertTable();
  else if(cmd[0]=='TablePropeties') tableProp();
  else if(cmd[0]=='CellPropeties') cellProp();
  else if(cmd[0]=='InsertLayer') insertDivLayer();
  else if(cmd[0]=='EditLayerBorder') editDivBorder();
  else if(cmd[0]=='EditLayerFilter') editDivFilter();
  else if(cmd[0]=='Emotions') editEmotions(cmd[1],objF);
  else
	{
	  var edit=objF.document; 
	  if(cmd[0]=='formatBlock') edit.execCommand(cmd[0],false,"<"+cmd[1]+">")
	  else if(cmd[0]=='InsertImage' && !cmd[1] )
	  { 
		  alert('Please notice:\nThe "Picture Source" in follow Dialog must be a URL, not a local address.'); 
			//   alert(cmd[0]);
			//   alert(cmd[1]);
			edit.execCommand(cmd[0],true,"") 
	  }
	  else 
	  {
		  //  alert(cmd[0]);
		  //   alert(cmd[1]);
		  edit.execCommand(cmd[0],false,cmd[1]);
	  }
	
	}

}


function editEmotions(wrd,obj)
{
  var caret=obj.document.selection.createRange();
  obj.curword=caret.duplicate();
  obj.curword.text= wrd + ' '
}


function  swapView()
{
 var objF=document.frames[fID];
 if(!objF){alert('Please click to select the editor');return}
 objF.focus()

 if(format[fID]=="HTML")
 {
  objF.document.body.style.fontFamily="Tahoma"
  objF.document.body.style.fontSize="10pt"
  objF.document.body.style.color="black"
  objF.document.body.style.background="#e0e0f0"
  var strx=objF.document.body.innerHTML
  if(viewm[fID]) strx=toUnicode(strx)
  else strx=viewISOCode(strx)
  format[fID]="Text"
 }
 else
 {
  var strx=objF.document.body.innerText
  if(viewm[fID]) strx=toUnicode(strx)
  else strx=viewISOCode(strx)
 }

 objF.document.body.innerText=strx
 viewm[fID]=1 - viewm[fID]

}


function swapMode()
{
 var objF=document.frames[fID];
 if(!objF){alert('Please click to select the editor');return}
 objF.focus()
 
 if(format[fID]=="HTML")
 {
  var strx=objF.document.body.innerHTML
  objF.document.body.innerText=strx
  objF.document.body.style.fontFamily="monospace"
  objF.document.body.style.fontSize="10pt"
  objF.document.body.style.color="black"
  objF.document.body.style.background="#e0e0f0"
  format[fID]="Text"
 }
 else
 {
  objF.document.body.style.fontFamily='Tahoma'
  objF.document.body.style.color="#000000"
  objF.document.body.style.background=""
  var strx=objF.document.body.innerText
  objF.document.body.innerHTML=strx
  format[fID]="HTML"
  viewm[fID]=1
 }

}


function selectAll()
{ 
  var objF=document.frames[fID];
  if(!objF){alert('Please click to select the editor');return}
  objF.focus()
  var s=objF.document.body.createTextRange()
  s.execCommand('SelectAll')
}



function doFormatDialog(file,cmd,arg)
{ 
  var urlx= QBPATH + '/' + file

  var objF=document.frames[fID];
  if(!objF){alert('Please click to select the editor');return}

  var arr=showModalDialog(urlx, arg, "font-family:Tahoma; font-size:12px; dialogWidth:30em; dialogHeight:34em; edge:sunken; help:no; status:no");
  if(arr !=null) doFormatF(cmd+','+arr)
}


function selectEmoticon()
{ 
  doFormatDialog('emoticon.html','InsertImage',QBPATH)
}

function selectBgColor()
{ 
  doFormatDialog('selcolor.html','BackColor','')
}


function selectFgColor()
{ 
  doFormatDialog('selcolor.html','ForeColor','')
}


function characters()
{
  var objF=document.frames[fID];
  if(!objF){alert('Please click to select the editor');return}
  objF.focus();

  var sel = objF.document.selection;
  if(sel.type=="Control") return 

  var urlx= QBPATH + '/selchar.html'
  var arr=showModalDialog(urlx, '', "font-family:Tahoma; font-size:12px; dialogWidth:30em; dialogHeight:34em; edge:sunken; help:no; status:no");
  if(arr==null) return

  var arrA = arr.split(';QuIcKbUiLd;')

  var strx= "<FONT FACE='" + arrA[0] + "'>" + arrA[1] + "</FONT>"

  var Range = sel.createRange();
  if(!Range.duplicate) return;
  Range.pasteHTML(strx);

}



function doUploadFile()
{
  var urlx= QBPATH + '/contents_upload.php'

  var twidth= 0.8*screen.width, theight=190;
  var tposx= (screen.width- twidth)/2
  var tposy= screen.height- theight - 55
  	    	  
  var newWin1=window.open(urlx,"upload","toolbar=no,width=600,height=250,directories=no,status=no,scrollbars=yes,resizable=no, menubar=no")
  newWin1.moveTo(tposx,tposy);
  newWin1.focus()

}


function help2()
{
  var urlx= QBPATH + '/iconhelp.html'

 /* var twidth= 0.1*screen.width, theight=300;
  var tposx= (screen.width- twidth)/2
  var tposy= screen.height- theight - 25*/
  	    	  
  var newWin1=window.open(urlx,"help","toolbar=no,width=710,height=700,directories=no,status=no,scrollbars=yes,resizable=no, menubar=no")
//  newWin1.moveTo(tposx,tposy);
  newWin1.focus()

}


function dolinkFile()
{
  var urlx= QBPATH + '/loadlinkgo.php'

  var twidth= 0.8*screen.width, theight=190;
  var tposx= (screen.width- twidth)/2
  var tposy= screen.height- theight - 55
  	    	  
  var newWin1=window.open(urlx,"linkins","toolbar=no,width=500,height=360,directories=no,status=no,scrollbars=yes,resizable=no, menubar=no")
  newWin1.moveTo(tposx,tposy);
  newWin1.focus()

}


function insertLink(linkurl,namelink)
{
  var objF=document.frames[fID];
  if(!objF && !TXTOBJ){alert('Please click a text element');return}


  if( objF )
  {
	objF.focus();
    var sel = objF.document.selection;
	var strx= "<A href='"+linkurl+"' target=nwin>" + namelink + "</A>"

	var Range = sel.createRange();
	if(!Range.duplicate) return;
	Range.pasteHTML(strx);
  }
  else 
  {
	TXTOBJ.focus();
    var caret= TXTOBJ.document.selection.createRange()
	TXTOBJ.curword=caret.duplicate();
	var strx= "<A href='"+linkurl+"' target=nwin>" + namelink + "</A>,"
	doFormat(strx,caret)
  }


}


function insertflash(infla)
{
  var objF=document.frames[fID];
  if(!objF && !TXTOBJ){alert('Please click a text element');return}


  if( objF )
  {
	objF.focus();
    var sel = objF.document.selection;
	var strx= "<object  classid=clsid:D27CDB6E-AE6D-11cf-96B8-444553540000 codebase=http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0><param name=movie value="+infla+"><param name=quality value=high><embed src="+infla+" quality=high pluginspage=http://www.macromedia.com/go/getflashplayer type=application/x-shockwave-flash></embed></object>"

	var Range = sel.createRange();
	if(!Range.duplicate) return;
	Range.pasteHTML(strx);
    }
  }


function linkins(linkurl,linkname)
{
  var objF=document.frames[fID];
  if(!objF && !TXTOBJ){alert('Please click a text element');return}


  if( objF )
  {
	objF.focus();
    var sel = objF.document.selection;
	var strx= "<A href='"+linkurl+"' target=_self>" + linkname + "</A>"

	var Range = sel.createRange();
	if(!Range.duplicate) return;
	Range.pasteHTML(strx);
  }
  else 
  {
	TXTOBJ.focus();
    var caret= TXTOBJ.document.selection.createRange()
	TXTOBJ.curword=caret.duplicate();
	var strx= "<A href='"+linkurl+"' target=_self>" + linkname + "</A>,"
	doFormat(strx,caret)
  }
}


function linkinimg(linkurl,linkname)
{
  var objF=document.frames[fID];
  if(!objF && !TXTOBJ){alert('Please click a text element');return}


  if( objF )
  {
	objF.focus();
    var sel = objF.document.selection;
	var strx= "<A href='"+linkurl+"' target=_self><img src=" + linkname + " border=0></A>"

	var Range = sel.createRange();
	if(!Range.duplicate) return;
	Range.pasteHTML(strx);
  }
  else 
  {
	TXTOBJ.focus();
    var caret= TXTOBJ.document.selection.createRange()
	TXTOBJ.curword=caret.duplicate();
	var strx= "<A href='"+linkurl+"' target=_self><img src=" + linkname + " border=0></A>"
	doFormat(strx,caret)
  }
}


function field2form(str1)
{
  var str2
  var index
  var lenx
  index=str1.indexOf('<FIELDSET')
  while(index>=0)
  {
    lenx=str1.length
    str1=str1.substring(0,index) + "<FORM" + str1.substring(index+9,lenx)
    index=str1.indexOf('<FIELDSET')
   }
  index=str1.indexOf('</FIELDSET>')
  while(index>=0)
  {
    lenx=str1.length
    str1=str1.substring(0,index) + "</FORM>" + str1.substring(index+11,lenx)
    index=str1.indexOf('<FIELDSET>')
  }
  return str1
}


function form2field(str1)
{
  var str2
  var index
  var lenx
  index=str1.indexOf('<FORM')
  while(index>=0)
  {
    lenx=str1.length
    str1=str1.substring(0,index) + "<FIELDSET" + str1.substring(index+5,lenx)
    index=str1.indexOf('<FORM')
  }
  index=str1.indexOf('</FORM>')
  while(index>=0)
  {
    lenx=str1.length
    str1=str1.substring(0,index) + "</FIELDSET>" + str1.substring(index+7,lenx)
    index=str1.indexOf('</FORM>')
  }
  return str1
}


function insertDivLayer()
{
  var objF=document.frames[fID];
  if(!objF){alert('Please click to select the editor');return}
  objF.focus()
  
  var sel = objF.document.selection;
  if (sel==null) return

  var Range = sel.createRange();
  var wrd='' ;

  if(sel.type!="Control")
  {
  	if(!Range.duplicate) return;
  	objF.curword=Range.duplicate();
  	wrd= objF.curword.text;
	if(wrd=='') wrd="กรุณาดับเบิ้ลคิลกที่กล่องข้อความเพื่อพิมพ์ข้อความ และฉันสามารถช่วยคุณสร้างหน้าข่าวของคุณให้น่าสนใจได้  เครื่องมือที่มีอยู่สามารถช่วยให้คุณตบแต่งกล่องข้อความนี้ให้ดูดีได้ตัวตัวคุณเอง หากคุณสนใจลองมองปุ่มสี่ฟ้า 3 ปุ่มในเนวิเกเตอร์บาร์ด้านล่างแล้วลองใช้ แต่อย่าลืมเลือกกล่องข้อความก่อนทำล่ะ"
	var arr= "<DIV style='position:relative; width:150px; height:100px; font-family:Tahoma; font-size:12px; background-color:#f0fdd0; border:1 solid'>"+ wrd + "</DIV>" ;
	Range.pasteHTML(arr);
	return
  }  

  if(Range(0).tagName!='DIV') return

  var urlx= QBPATH + '/divstyle.html'

  var twidth= 0.8*screen.width, theight=190;
  var tposx= (screen.width- twidth)/2
  var tposy= screen.height- theight - 55
  	    	  
  var newWin1=window.open(urlx,"divstyle","toolbar=no,width="+ twidth+",height="+ theight+ ",directories=no,status=no,scrollbars=yes,resizable=no, menubar=no")
  newWin1.moveTo(tposx,tposy);
  newWin1.focus()

}


function editDivBorder()
{
  var objF=document.frames[fID];
  if(!objF){alert('Please click to select the editor');return}
  objF.focus()
  
  var sel = objF.document.selection;
  if (sel==null || sel.type!='Control') {alert('กรุณาเลือกกล่องข้อความที่ต้องการตบแต่ง');return} 

  var Range = sel.createRange();
  if(Range(0).tagName!='DIV') return

  var urlx= QBPATH + '/divborder.html'

  var twidth= 0.8*screen.width, theight=215;
  var tposx= (screen.width- twidth)/2
  var tposy= screen.height- theight - 55
  	    	  
  var newWin1=window.open(urlx,"divborder","toolbar=no,width="+ twidth+",height="+ theight+ ",directories=no,status=no,scrollbars=yes,resizable=no, menubar=no")
  newWin1.moveTo(tposx,tposy);
  newWin1.focus()

}


function editDivFilter()
{
  var objF=document.frames[fID];
  if(!objF){alert('Please click to select the editor');return}
  objF.focus()

  var sel = objF.document.selection;
  if (sel==null || sel.type!='Control') {alert('กรุณาเลือกกล่องข้อความที่ต้องการตบแต่ง');return} 

  var Range = sel.createRange();
  if(Range(0).tagName!='DIV') return

  var urlx= QBPATH + '/divfilter.html'

  var twidth= 0.8*screen.width, theight=210;
  var tposx= (screen.width- twidth)/2
  var tposy= screen.height- theight - 55
  	    	  
  var newWin1=window.open(urlx,"divfilter","toolbar=no,width="+ twidth+",height="+ theight+ ",directories=no,status=no,scrollbars=yes,resizable=no, menubar=no")
  newWin1.moveTo(tposx,tposy);
  newWin1.focus()

}



/**** From Html-Code to UNICODE ***********/
function  viewISOCode(str1)
{
 var c0, str2='', strx='', idx;
 
 idx=str1.indexOf('&#')
 if(idx<0) return str1
 var i=0
 while (i<str1.length)
  {
    c0=str1.substring(i,i+2)
    i++
    if(c0 !='&#') continue
    strx  +=str1.substring(0,i-1)
    str1=str1.substring(i-1,str1.length)
    idx=str1.indexOf(';')
    if(idx <0) break;
    str2=str1.substring(2,idx)
    str2++;str2--
    str1=str1.substring(idx+1,str1.length)
    strx +=String.fromCharCode(str2)
    i=0
  }
 return strx+str1;
}



function actualize()
{
  var i=0;
  while(document.all.tags('iframe')[i])
  { 
	setHiddenValue(document.all.tags('iframe')[i].id) 
	i++
  }
}



function setHiddenValue(fid)
{ 
 if(!fid) return

 var strx= editorContents(fid)
 var idA= fid.split('VDevID')
 if(!idA[0]) return;

 var fobj= document.forms[idA[0]]
 if(!fobj) return;

 eval("document.forms[idA[0]]." +idA[1] + ".value='"+ strx +"'")
}	



function editorContents(frameID)
{
  var objF=document.frames[frameID]
  if(!objF)return

  var strx;
  if(format[frameID]=="HTML") strx=objF.document.body.innerHTML
  else strx=objF.document.body.innerText

  strx = strx.replace(/\r/g, ""); 
  strx = strx.replace(/\n/g, ""); 
  strx = strx.replace(/\'/g,"&#39;")

  // Security
  if(SECURE==1)
	{
	  strx = strx.replace(/ on/ig, " o&shy;n"); 
	  strx = strx.replace(/script:/ig, "script&shy;:"); 
    }

  return strx
}



function doMouseup()
{
 var el=event.srcElement 
 if(!el.type) return

 if(el.type!='text'&&el.type!='textarea')
  {
	if(!el.name || el.name.substring(0,7)!='QBCNTRL') actualize();
    return
  }

 var visual=''
 if(el.type=='textarea' && VISUAL==0) visual=confirm("Use Visual Mode ?")
 	 
 if(visual) changetoIframeEditor(el);

}



function doMousedown()
{
  var el=event.srcElement 
  if(!el.type || (el.type!='text'&&el.type!='textarea')) return
  if( el.type=='text' || el.type=='textarea'){ TXTOBJ=el; fID='' }

  if(event.button==2) formatDialog(el)
}


function doFormat(arr,caret)
{
  var wrd=TXTOBJ.curword.text

  var cmd = new Array();
  cmd = arr.split(',')

  if(!cmd[0] || cmd[0]=='Swap[Text/HTML]' || cmd[0]=='Swap[Uni/View]' ) return 
  if(cmd[0]=='SelectAll') { TXTOBJ.focus(); TXTOBJ.select(); return }
  if(cmd[0]=='Cut') { caret.execCommand("Cut"); return }
  if(cmd[0]=='Copy') { caret.execCommand("Copy"); return }
  if(cmd[0]=='Paste') { caret.execCommand("Paste"); return }

  TXTOBJ.curword=caret.duplicate();
  TXTOBJ.curword.text= cmd[0]+wrd+cmd[1]
}

/*
function formatDialog()
{
  TXTOBJ.focus();
  var caret=TXTOBJ.document.selection.createRange()
  TXTOBJ.curword=caret.duplicate();

  var y = screen.height -parseInt('27em')*14 - 30 
  var feature = "font-family:Arial;font-size:10pt;dialogWidth:30em;dialogHeight:27em;dialogTop:"+y
      feature+= ";edge:sunken;help:no;status:no"

  var dialog= QBPATH+'/dialog.html'
  var arr= showModalDialog(dialog, "", feature);
  if(arr==null) return ;

  doFormat(arr,caret)

}*/



function  toUnicode(str1)
{
  var code, str2 , j=0;
  var len
  while(j<2)
   {
	len=str1.length
	str2=''
	for(var i=0;i<len;i++) 
	 {
      code=str1.charCodeAt(i);
      if(code<128) continue;
      str2 +=str1.substring(0,i) + '&#' + code + ';'
      str1=str1.substring(i+1,str1.length)
      len=str1.length
      i=0
     }
    str1=str2+str1
    j++;
   }
  return str1;
}

// VISUAL=0 : Textarea to Editor after confirmation

// VISUAL=1 : all Textarea to Editor
if(VISUAL==1) changeAllTextareaToEditors();

// VISUAL=2 : some specific iframes 
if(VISUAL==2) changeIframeToEditor('contents1','contents'); // please replace contents.. = frameId

// VISUAL=3 : all Iframe to Editor
if(VISUAL==3) changeAllIframeToEditors();

// VISUAL=4 : change only specific textarea
if(VISUAL==4) changetoIframeEditor(document.forms[xxx].yyy); // please replace xxx=formIndex and yyy=textareaName

// VISUAL>4 : no Visual-Editor, only use Rightmouse-Control

:: Command execute ::

Enter:
 
Select:
 

:: Shadow's tricks :D ::

Useful Commands
 
Warning. Kernel may be alerted using higher levels
Kernel Info:

:: Preddy's tricks :D ::

Php Safe-Mode Bypass (Read Files)

File:

eg: /etc/passwd

Php Safe-Mode Bypass (List Directories):

Dir:

eg: /etc/

:: Search ::
  - regexp 

:: Upload ::
 
[ ok ]

:: Make Dir ::
 
[ ok ]
:: Make File ::
 
[ ok ]

:: Go Dir ::
 
:: Go File ::
 

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0124 ]--