Software: Apache. PHP/5.5.15 uname -a: Windows NT SVR-DMZ 6.1 build 7600 (Windows Server 2008 R2 Enterprise Edition) i586 SYSTEM Safe-mode: OFF (not secure) C:\AmbienteBogota\comments\admin\ drwxrwxrwx | |
| Viewing file: Select action/file-type: <?php
/**
* Copyright 2008 Grestul Group
* Powered by Grestul
* admin panel creator: Imad
**/
?>
<?php session_start();
define('GRESTUL_ROOT', dirname(dirname(__FILE__))."/");
require "inc/config.php";
require GRESTUL_ROOT.'/inc/settings.php';
if(!isset($_SESSION['loggedin'])) {
header('Location: index.php?error=1');
exit();
}
if (isset($_POST['sub'])) {
header("Location: $domain/admin/management.php");
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-type" content="text/html; charset=iso-8859-1" />
<title><?php echo "$webad"; ?></title>
<link href="inc/admin.css" rel="stylesheet" type="text/css" />
<link href="inc/general.css" rel="stylesheet" type="text/css" />
</head>
<body>
<img src="inc/images/logo.png" class="logo" />
<div class="logout"><a href="close.php">Logout</a></div>
<div class="navi">
<a href="home.php"><img src="inc/images/homeoff.png" class="navihoff" /></a>
<a href="management.php"><img src="inc/images/manageon.png" class="navion" /></a>
<a href="stylehome.php"><img src="inc/images/styleoff.png" class="navioff" /></a>
</div>
<div class="contentrep">
<div class="infobar">
<div class="infotext">
Here, you can modify the general configuration such as, site name, comments per page, make backups, and allot more.
</div>
</div>
<div class="btite">
Grestul System - General configuration
</div>
<div class="smalltite">
Do not touch fields that do not require changing.
</div>
<div class="bodycontent">
<fieldset>
<legend>General Configurations</legend><div id="ggc" />
<form method="post" action="<?php echo htmlspecialchars($_SERVER['PHP_SELF']); ?>">
<?php
echo '<td>';
echo '<td>Website Name:</td><br />';
echo '<input type="text" name="webname" id="webname" size="20"';
echo 'value="';
echo "$webname";
echo '"';
echo " /><br /><br />";
echo '</td>';
echo '</tr>';
echo '<td>Comments Per page:<br /></td>';
echo '<td>';
echo '<input type="text" name="per_page" id="per_page" size="20" maxlength="2"';
echo 'value="';
echo "$per_page";
echo '"';
echo " />";
echo '</td>';
echo '</tr>';
?>
</fieldset>
<div class="next"><input type="submit" name="sub" class="submit" value="Update" /></div><br style="clear: both;" />
</form>
<br />
<?php
// Database backup system
if (isset($_POST['mbackup'])) {
$settime = date(_mdys);
$namer = "$dbname$settime.txt";
$backupdoc = ("inc/backup/$namer");
$query = "SELECT * INTO OUTFILE '$backupdoc' FROM comments";
if (mysql_query($query)) {
echo '<div class="pass">';
echo "The Backup created successfully!";
echo '</div>';
exit;
}
else {
echo '<div class="fail">';
echo "<strong>The backup couldn't be created! — You must create it manually.</strong> ";
echo '</div>';
}
}
?>
<fieldset>
<legend>Database Backups</legend><div id="gdf" />
<?php
if (isset($_POST['show'])) {
$dir = 'inc/backup/';
$count = 0;
$d = dir($dir);
while ($f = $d->read()) {
if(($f!= ".") && ($f!= "..")) {
if(!is_dir($f)) $count++;
}
}
echo "Their are total of <strong>$count</strong> backups on record. <br /><br />";
$sub = ($_GET['dir']);
$path = 'inc/backup';
$path = $path . "$sub";
$dh = opendir($path);
$i=1;
while (($file = readdir($dh)) !== false) {
if($file != "." && $file != "..") {
if (substr($file, -4, -3) =="."){
echo "\n\n $i ) <i>$file $size</i><br /><br />";
}else{
echo "$i ) <a href='?dir=$sub/$file#ggc' class='credits'>$file<br /></a><br />";
}
$i++;
}
}
closedir($dh);
}
elseif (isset($_POST['hide'])) {
$dir = 'inc/backup/';
$count = 0;
$d = dir($dir);
while ($f = $d->read()) {
if(($f!= ".") && ($f!= "..")) {
if(!is_dir($f)) $count++;
}
}
echo "Their are total of <strong>$count</strong> backups on record.";
}
else {
$dir = 'inc/backup/';
$count = 0;
$d = dir($dir);
while ($f = $d->read()) {
if(($f!= ".") && ($f!= "..")) {
if(!is_dir($f)) $count++;
}
}
echo "Their are total of <strong>$count</strong> backups on record.";
}
?>
</fieldset>
<form method="post" action="<?php echo htmlspecialchars($_SERVER['PHP_SELF']); ?>">
<div class="next"><input type="submit" name="mbackup" class="submit" value="Create Backup" />
<input type="submit" name="show" class="submit" value="Show Backups" />
<input align="right" type="submit" name="hide" class="submit" value="Hide Backups" />
</div><br style="clear: both;" />
</form>
<br />
<?php
// General config
if (isset($_POST['sub'])) {
// update the settings file
$str = "<?php
/**
* Copyright 2008 Grestul Group
* Powered by Grestul
**/\n
// Please use the visual Installer to install this software
// If Grestul is already installed please use the admin panel to modify this information\n";
foreach ($_POST as $k=>$v)
{
if ($k != 'sub') // ignore submit button
{
$str .= "\$$k='$v';\n"; // add line to config file text
}
}
$str .= "?>";
$file_open = fopen(GRESTUL_ROOT.'inc/settings.php', "w+");
fwrite($file_open, $str);
$fclose($file_open);
}
?>
</div>
</div>
<div class="footer">
<!-- DO NOT CHANGE, REMOVE, OR HINDER WITH THE COPYRIGHT OR POWERED BY LINES BELOW -->
<!-- YOU AGREED TO THE AGREEMENT WHEN YOU DOWNLOADED AND INSTALLED OUR SOFTWARE -->
<!-- REMOVING THE LINES BELOW WILL FORCE US TO TAKE LEGAL ACTION -->
<!-- BE FAIR AND KEEP THE POWERED BY AND COPYRIGHT LINES. -->
Powered By: <a href="http://grestul.com" target="_blank">Grestul,</a> Copyright © 2008 <a href="http://grestul.com" target="_blank">Grestul Group.</a>
</div>
</body>
</html>
|
:: Command execute :: | |
--[ c99shell v. 1.0 pre-release build #13 powered by Captain Crunch Security Team | http://ccteam.ru | Generation time: 0.0156 ]-- |