Файл: explorer.mhos.tk/inst.php
Строк: 145
<?php
error_reporting(0);
$k=trim($_GET['k']); include("key.php");
$d=rawurldecode(trim($_GET['d'])); $n=rawurldecode(trim($_GET['n']));
if ($d==NULL) {$d="";} if ($n==NULL) {$n=preg_replace("~.*/([^/]*)~m","\1",$d);
$d=preg_replace("~(.*)/[^/]*~m","\1",$d);}
$rd=rawurlencode($d); $rn=rawurlencode($n);
$d=str_replace(".|htaccess",".htaccess",$d); $n=str_replace(".|htaccess",".htaccess",$n);
$nm=trim($_POST['nm']); $csr=trim($_POST['csr']); $cus=trim($_POST['cus']);
$cps=trim($_POST['cps']); $cbd=trim($_POST['cbd']); $dp=trim($_POST['dp']);
$cr=trim($_POST['cr']); $in=trim($_POST['in']);
if ($nm<>NULL) {
$repl=array("\"=>"","/"=>"",":"=>"","*"=>"","?"=>"","""=>"","<"=>"",">"=>"",
"|"=>"","`"=>""," "=>"_");
$nm=trim(strtr($nm,$repl));
include("repl.php"); $nm=u2t($nm);
if (($nm==".")||($nm=="..")) {$nm="";}
}
include "includes/header.php";
if (($nm==NULL)||(($dp==NULL)&&($cr==NULL)&&($in==NULL))) {
$num=@file_get_contents("allnumbd.dat");
$num++; if ($num>9999999) {$num=0;}
$f=@fopen("allnumbd.dat","w"); @fwrite($f,$num); @fclose($f);
$d=str_replace('$','$$',$d); $n=str_replace('$','$$',$n);
echo '
<div class="box_2">
Путь: <b><a href="ftp.php?k='.$k.'&d='.$rd.'">'.$d.'/</a><a href="file.php?k='.$k.'&d='.$rd.'&n='.$rn.'">'.$n.'</a></b><br/>
</div>
<div class="box_1">
<form action="inst.php?k='.$k.'&d='.$rd.'&n='.$rn.'" method="post">
Имя:<br/>
<input name="nm" type="text" value="install.php" maxlength="150"/><br/>
Сервер:<br/>
<input name="csr" type="text" value="localhost" maxlength="150"/><br/>
Пользователь:<br/>
<input name="cus" type="text" value="" maxlength="150"/><br/>
Пароль:<br/>
<input name="cps" type="text" value="" maxlength="150"/><br/>
БД:<br/>
<input name="cbd" type="text" value="" maxlength="150"/><br/>
<input type="checkbox" name="dp" value="1" '.($dp==1?" checked='checked'":null).'/>DROP<br/>
<input type="checkbox" name="cr" value="1" '.($cr==1?" checked='checked'":null).'/>CREATE<br/>
<input type="checkbox" name="in" value="1" '.($in==1?" checked='checked'":null).'/>INSERT<br/>
<input type="submit" value="Создать"><br/>
</form>
</div>';
} else {
if (($ftp=ftp_connect($sr))&&(ftp_login($ftp,$lg,$ps))) {
@ftp_pasv($ftp,true); $sz=@ftp_size($ftp,"$d/$n");
if (($sz<1)||($sz>204800)) {header("Location: $dftp/ftp.php?k=$k&d=$rd"); exit;}
@ftp_get($ftp,"data/$k.txt","$d/$n",FTP_BINARY);
$drop=1; $create=1; $insert=1;
if ($dp<>1) {$drop=0;} if ($cr<>1) {$create=0;} if ($in<>1) {$insert=0;}
$sql=file_get_contents("data/$k.txt");
$sql=str_replace("rn","n",$sql); $sql=str_replace("n","r",$sql);
$sql=preg_replace("~(--|##)[^r]*r~","r",$sql);
$sql=preg_replace("~rs*r~","r",$sql);
$fd='';
if ($drop==1) {$fd.='DROP';}
if ($create==1) {if ($drop==1) {$fd.='|';} $fd.='CREATE';}
if ($insert==1) {if (($create==1)||($drop==1)) {$fd.='|';} $fd.='INSERT';}
preg_match_all("~(".$fd.").*(r[)][^()]*)?;~iU",$sql,$ar);
$cnt=count($ar[0]); if ($cnt>999) {$cnt=999;}
$f=@fopen("data/$k.txt","w");
@fwrite($f,'<?php'."rn/*ivonline.ru - FTP (http://ftp.uz.ua)*/rn".'header("Content-Type: text/vnd.wap.wml; charset=utf-8");'."rn".'echo("<?xml version="1.0" encoding="utf-8"?><!DOCTYPE wml PUBLIC "-//WAPFORUM//DTD WML 1.2//EN" "http://www.wapforum.org/DTD/wml_1.2.xml"><wml><head><meta forua="true" http-equiv="Cache-Control" content="no-cache,no-store,must-revalidate"/></head><card title="Install"><p><small>rn");'."rn".'$ms=mysql_connect("'.$csr.'","'.$cus.'","'.$cps.'") or exit("Connect Failed");'."rn".'mysql_select_db("'.$cbd.'") or exit("Database Not Select");'."rn".'echo("--BEGIN--<br/><br/>rn");'."rn");
for ($i=0;$i<$cnt;$i++) {
if (strtolower(trim($ar[1][$i]))=='drop') {
@fwrite($f,'$query="'.trim(str_replace('"','"',str_replace("r","",$ar[0][$i]))).'";'."rn".'mysql_query($query);'."rn");
} elseif (strtolower(trim($ar[1][$i]))=='create') {
@fwrite($f,'$query="'.trim(str_replace('"','"',str_replace("r","",$ar[0][$i]))).'";'."rn".'$r=mysql_query($query);'."rn".'if (!$r) {echo("Error!! CREATE TABLE "'.preg_replace("~s*CREATE TABLE[^(;`]*[`]?([^s(`]*)[`]?s*[(].*~i","\1",str_replace("r","",$ar[0][$i]),1).'"<br/>rn");}'."rn");
} elseif (strtolower(trim($ar[1][$i]))=='insert') {
@fwrite($f,'$query="'.trim(str_replace('"','"',str_replace("r","",$ar[0][$i]))).'";'."rn".'mysql_query($query);'."rn");
}
}
@fwrite($f,'mysql_close($ms);'."rn".'echo("<br/>--AND--rn</small></p></card></wml>");'."rn".'?>');
@fclose($f);
@ftp_put($ftp,"$d/$nm","data/$k.txt",FTP_BINARY);
@ftp_close($ftp); @unlink("data/$k.txt");
header("Location: $dftp/ftp.php?k=$k&d=$rd"); exit;
} else {
echo '<div class="box_1">
Нет соединения с сервером</div>
<div class="title_page"><a href="index.php">Главная</a></div>';
}
}
include "includes/footer.php";
?>