Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/phpMyAdmin/libraries/ drwxr-xr-x |
Viewing file: url_generating.lib.php (6.04 KB) -rw-r--r-- Select action/file-type: (+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) | <?php /* $Id: url_generating.lib.php,v 2.10.2.1 2006/05/12 15:26:16 nijel Exp $ */ // vim: expandtab sw=4 ts=4 sts=4: /** * URL/hidden inputs generating. */ /** * Generates text with hidden inputs. * * @see PMA_generate_common_url() * @param string optional database name * @param string optional table name * @param int indenting level * * @return string string with input fields * * @global string the current language * @global string the current conversion charset * @global string the current connection collation * @global string the current server * @global array the configuration array * @global boolean whether recoding is allowed or not * * @access public * * @author nijel */ function PMA_generate_common_hidden_inputs($db = '', $table = '', $indent = 0, $skip = array()) { if (is_array($db)) { $params =& $db; $_indent = empty($table) ? $indent : $table; $_skip = empty($indent) ? $skip : $indent; $indent =& $_indent; $skip =& $_skip; } else { $params = array(); if (isset($db) && strlen($db)) { $params['db'] = $db; } if (isset($table) && strlen($table)) { $params['table'] = $table; } } if (! empty($GLOBALS['server']) && $GLOBALS['server'] != $GLOBALS['cfg']['ServerDefault']) { $params['server'] = $GLOBALS['server']; } if (empty($_COOKIE['pma_lang']) && ! empty($GLOBALS['lang'])) { $params['lang'] = $GLOBALS['lang']; } if (empty($_COOKIE['pma_charset']) && ! empty($GLOBALS['convcharset'])) { $params['convcharset'] = $GLOBALS['convcharset']; } if (empty($_COOKIE['pma_collation_connection']) && ! empty($GLOBALS['collation_connection'])) { $params['collation_connection'] = $GLOBALS['collation_connection']; } $params['token'] = $_SESSION['PMA_token']; if (! is_array($skip)) { if (isset($params[$skip])) { unset($params[$skip]); } } else { foreach ($skip as $skipping) { if (isset($params[$skipping])) { unset($params[$skipping]); } } } $spaces = str_repeat(' ', $indent); $return = ''; foreach ($params as $key => $val) { $return .= $spaces . '<input type="hidden" name="' . htmlspecialchars($key) . '" value="' . htmlspecialchars($val) . '" />' . "\n"; } return $return; } /** * Generates text with URL parameters. * * <code> * // note the ? * echo 'script.php?' . PMA_generate_common_url('mysql', 'rights'); * // produces with cookies enabled: * // script.php?db=mysql&table=rights * // with cookies disabled: * // script.php?server=1&lang=en-utf-8&db=mysql&table=rights * * $params['myparam'] = 'myvalue'; * $params['db'] = 'mysql'; * $params['table'] = 'rights'; * // note the missing ? * echo 'script.php' . PMA_generate_common_url($params); * // produces with cookies enabled: * // script.php?myparam=myvalue&db=mysql&table=rights * // with cookies disabled: * // script.php?server=1&lang=en-utf-8&myparam=myvalue&db=mysql&table=rights * * // note the missing ? * echo 'script.php' . PMA_generate_common_url(); * // produces with cookies enabled: * // script.php * // with cookies disabled: * // script.php?server=1&lang=en-utf-8 * </code> * * @param mixed assoc. array with url params or optional string with database name * if first param is an array there is also an ? prefixed to the url * @param string optional table name only if first param is array * @param string character to use instead of '&' for deviding * multiple URL parameters from each other * * @return string string with URL parameters * * @global string the current language * @global string the current conversion charset * @global string the current connection collation * @global string the current server * @global array the configuration array * @global boolean whether recoding is allowed or not * * @access public * * @author nijel */ function PMA_generate_common_url ($db = '', $table = '', $delim = '&') { if (is_array($db)) { $params =& $db; $delim = empty($table) ? $delim : $table; $questionmark = '?'; } else { $params = array(); if (isset($db) && strlen($db)) { $params['db'] = $db; } if (isset($table) && strlen($table)) { $params['table'] = $table; } $questionmark = ''; } // use seperators defined by php, but prefer ';' // as recommended by W3C $php_arg_separator_input = ini_get('arg_separator.input'); if (strpos($php_arg_separator_input, ';') !== false) { $separator = ';'; } elseif (strlen($php_arg_separator_input) > 0) { $separator = $php_arg_separator_input{0}; } else { $separator = '&'; } // check wether to htmlentity the separator or not if ($delim === '&') { $delim = htmlentities($separator); } else { $delim = $separator; } if (isset($GLOBALS['server']) && $GLOBALS['server'] != $GLOBALS['cfg']['ServerDefault']) { $params['server'] = $GLOBALS['server']; } if (empty($_COOKIE['pma_lang']) && ! empty($GLOBALS['lang'])) { $params['lang'] = $GLOBALS['lang']; } if (empty($_COOKIE['pma_charset']) && ! empty($GLOBALS['convcharset'])) { $params['convcharset'] = $GLOBALS['convcharset']; } if (empty($_COOKIE['pma_collation_connection']) && ! empty($GLOBALS['collation_connection'])) { $params['collation_connection'] = $GLOBALS['collation_connection']; } $params['token'] = $_SESSION['PMA_token']; $param_strings = array(); foreach ($params as $key => $val) { $param_strings[] = urlencode($key) . '=' . urlencode($val); } if (empty($param_strings)) { return ''; } return $questionmark . implode($delim, $param_strings); } ?> |
:: Command execute :: | |
:: Shadow's tricks :D :: | |
Useful Commands
|
:: Preddy's tricks :D :: | |
Php Safe-Mode Bypass (Read Files)
|
--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0062 ]-- |