Файл: ftp/inst.php
Строк: 133
<?php
error_reporting(0);
$k=trim($_GET['k']); include("key.php");
$d=rawurldecode(trim($_GET['d'])); $n=rawurldecode(trim($_GET['n']));
if ($d==NULL) {$d="";} if ($n==NULL) {$n=preg_replace("~.*/([^/]*)~m","\1",$d);
$d=preg_replace("~(.*)/[^/]*~m","\1",$d);}
$rd=rawurlencode($d); $rn=rawurlencode($n);
$d=str_replace(".|htaccess",".htaccess",$d); $n=str_replace(".|htaccess",".htaccess",$n);
$nm=trim($_POST['nm']); $csr=trim($_POST['csr']); $cus=trim($_POST['cus']);
$cps=trim($_POST['cps']); $cbd=trim($_POST['cbd']); $dp=trim($_POST['dp']);
$cr=trim($_POST['cr']); $in=trim($_POST['in']);
if ($nm<>NULL) {
$repl=array("\"=>"","/"=>"",":"=>"","*"=>"","?"=>"","""=>"","<"=>"",">"=>"",
"|"=>"","`"=>""," "=>"_");
$nm=trim(strtr($nm,$repl));
include("repl.php"); $nm=u2t($nm);
if (($nm==".")||($nm=="..")) {$nm="";}
}
require_once '../api_core/apicms_system.php';
require_once '../api_core/head.php';
if (($nm==NULL)||(($dp==NULL)&&($cr==NULL)&&($in==NULL))) {
$num=@file_get_contents("allnumbd.dat");
$num++; if ($num>9999999) {$num=0;}
$f=@fopen("allnumbd.dat","w"); @fwrite($f,$num); @fclose($f);
$d=str_replace('$','$$',$d); $n=str_replace('$','$$',$n);
@ftp_put($ftp,"$d/$nm","data/$k.txt",FTP_BINARY);
if(empty($_POST['mode']))
{
echo '<form action="" method="post">
<div class="subhead">
<input type="hidden" name="mode" value="do"/><br/>
<div class="subhead">Хост:</div>
<input type="text" name="host" value="localhost"/><br/>
<br/>
<div class="subhead">Имя базы:</div>
<input type="text" name="db" value="db_name"/><br/>
<div class="subhead">Имя пользователя:</div>
<input type="text" name="user" value="db_user"/><br/>
<div class="subhead">Пароль:</div>
<input type="text" name="password" value="pass"/><br/>
<input type="hidden" name="address" value="'.$_SERVER['DOCUMENT_ROOT'].'/ftp/data/'.$k.'.ed"/>
<input type="submit" value="Продолжить">
</div></form>';
}
else
{
echo '<div class="subhead">
';
$query=file_get_contents($_POST['address']) or die('Не читает '.$_POST['address'].'!<br/></div>'.$end);
$queryes=preg_split("#(SELECT|CREATE|DROP|UPDATE|INSERT|SHOW|REVOKE|MATCH|LIKE|GRANT|DESCRIBE|OPTIMIZE|COUNT|ALTER|AGAINST|)[-a-z0-9_.:@&?=+,!/~*'%$"sn]*;#i", $query);
$count=count($queryes)-1;
$connect=mysql_connect($_POST['host'], $_POST['user'], $_POST['password']) or die('Не соединяет с сервером MySQL, потому что '.mysql_error().'<br/></div>'.$end);
mysql_select_db($_POST['db']) or die('Не просматриваются данные базы потому что '.mysql_error().'<br/></div>'.$end);
echo 'Запросов: '.$count.'<br/>';
for($i=0;$i<$count;$i++)
{
if (($i+1)%2==0)
{
echo '<div class="subhead">';
}
else
{
echo '<div class="subhead">';
}
echo '<b>'.($i+1).'.</b> ';
if(mysql_query($queryes[$i]))
{
echo htmlspecialchars($queryes[$i]).'<br/>
<span style="color:#0fdd0f">Запрос выполнен!<br/></span>';
}
else
{
echo htmlspecialchars($queryes[$i]).'<br/>
<span style="color:#dd0011">Запрос не выполнен!<br/></span>';
}
echo '</div>';
}
echo '</div>';
mysql_close();
}
} else {
if (($ftp=ftp_connect($sr))&&(ftp_login($ftp,$lg,$ps))) {
@ftp_pasv($ftp,true); $sz=@ftp_size($ftp,"$d/$n");
if (($sz<1)||($sz>204800)) {header("Location: $dftp/ftp.php?k=$k&d=$rd"); exit;}
@ftp_get($ftp,"data/$k.txt","$d/$n",FTP_BINARY);
$drop=1; $create=1; $insert=1;
if ($dp<>1) {$drop=0;} if ($cr<>1) {$create=0;} if ($in<>1) {$insert=0;}
$sql=file_get_contents("data/$k.txt");
$sql=str_replace("rn","n",$sql); $sql=str_replace("n","r",$sql);
$sql=preg_replace("~(--|##)[^r]*r~","r",$sql);
$sql=preg_replace("~rs*r~","r",$sql);
$fd='';
if ($drop==1) {$fd.='DROP';}
if ($create==1) {if ($drop==1) {$fd.='|';} $fd.='CREATE';}
if ($insert==1) {if (($create==1)||($drop==1)) {$fd.='|';} $fd.='INSERT';}
preg_match_all("~(".$fd.").*(r[)][^()]*)?;~iU",$sql,$ar);
$cnt=count($ar[0]); if ($cnt>999) {$cnt=999;}
$f=@fopen("data/$k.txt","w");
@fwrite($f,'<?php'."rn".'echo("<html><head></head><meta forua="true" http-equiv="Cache-Control" content="no-cache,no-store,must-revalidate"/></head><card title="Install"><p><small>rn");'."rn".'$ms=mysql_connect("'.$csr.'","'.$cus.'","'.$cps.'") or exit("Connect Failed");'."rn".'mysql_select_db("'.$cbd.'") or exit("Database Not Select");'."rn".'echo("--BEGIN--<br/><br/>rn");'."rn");
for ($i=0;$i<$cnt;$i++) {
if (strtolower(trim($ar[1][$i]))=='drop') {
@fwrite($f,'$query="'.trim(str_replace('"','"',str_replace("r","",$ar[0][$i]))).'";'."rn".'mysql_query($query);'."rn");
} elseif (strtolower(trim($ar[1][$i]))=='create') {
@fwrite($f,'$query="'.trim(str_replace('"','"',str_replace("r","",$ar[0][$i]))).'";'."rn".'$r=mysql_query($query);'."rn".'if (!$r) {echo("Error!! CREATE TABLE "'.preg_replace("~s*CREATE TABLE[^(;`]*[`]?([^s(`]*)[`]?s*[(].*~i","\1",str_replace("r","",$ar[0][$i]),1).'"<br/>rn");}'."rn");
} elseif (strtolower(trim($ar[1][$i]))=='insert') {
@fwrite($f,'$query="'.trim(str_replace('"','"',str_replace("r","",$ar[0][$i]))).'";'."rn".'mysql_query($query);'."rn");
}
}
@fwrite($f,'mysql_close($ms);'."rn".'echo("<br/>--AND--rn</small></p></card></wml>");'."rn".'?>');
@fclose($f);
@ftp_put($ftp,"$d/$nm","data/$k.txt",FTP_BINARY);
@ftp_close($ftp); @unlink("data/$k.txt");
header("Location: $dftp/ftp.php?k=$k&d=$rd"); exit;
} else {
echo '<div class="box_1">
Нет соединения с сервером</div>
<div class="title_page"><a href="index.php">Главная</a></div>';
}
}
apicms_foot();
?>