Software: Apache. PHP/5.5.15 uname -a: Windows NT SVR-DMZ 6.1 build 7600 (Windows Server 2008 R2 Enterprise Edition) i586 SYSTEM Safe-mode: OFF (not secure) C:\AmbienteBogota\comments\admin\ drwxrwxrwx |
Viewing file: Select action/file-type: <?php /** * Copyright 2008 Grestul Group * Powered by Grestul * admin panel creator: Imad **/ ?> <?php session_start(); define('GRESTUL_ROOT', dirname(dirname(__FILE__))."/"); require "inc/config.php"; require GRESTUL_ROOT.'/inc/settings.php'; if(!isset($_SESSION['loggedin'])) { header('Location: index.php?error=1'); exit(); } if (isset($_POST['sub'])) { header("Location: $domain/admin/management.php"); } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="content-type" content="text/html; charset=iso-8859-1" /> <title><?php echo "$webad"; ?></title> <link href="inc/admin.css" rel="stylesheet" type="text/css" /> <link href="inc/general.css" rel="stylesheet" type="text/css" /> </head> <body> <img src="inc/images/logo.png" class="logo" /> <div class="logout"><a href="close.php">Logout</a></div> <div class="navi"> <a href="home.php"><img src="inc/images/homeoff.png" class="navihoff" /></a> <a href="management.php"><img src="inc/images/manageon.png" class="navion" /></a> <a href="stylehome.php"><img src="inc/images/styleoff.png" class="navioff" /></a> </div> <div class="contentrep"> <div class="infobar"> <div class="infotext"> Here, you can modify the general configuration such as, site name, comments per page, make backups, and allot more. </div> </div> <div class="btite"> Grestul System - General configuration </div> <div class="smalltite"> Do not touch fields that do not require changing. </div> <div class="bodycontent"> <fieldset> <legend>General Configurations</legend><div id="ggc" /> <form method="post" action="<?php echo htmlspecialchars($_SERVER['PHP_SELF']); ?>"> <?php echo '<td>'; echo '<td>Website Name:</td><br />'; echo '<input type="text" name="webname" id="webname" size="20"'; echo 'value="'; echo "$webname"; echo '"'; echo " /><br /><br />"; echo '</td>'; echo '</tr>'; echo '<td>Comments Per page:<br /></td>'; echo '<td>'; echo '<input type="text" name="per_page" id="per_page" size="20" maxlength="2"'; echo 'value="'; echo "$per_page"; echo '"'; echo " />"; echo '</td>'; echo '</tr>'; ?> </fieldset> <div class="next"><input type="submit" name="sub" class="submit" value="Update" /></div><br style="clear: both;" /> </form> <br /> <?php // Database backup system if (isset($_POST['mbackup'])) { $settime = date(_mdys); $namer = "$dbname$settime.txt"; $backupdoc = ("inc/backup/$namer"); $query = "SELECT * INTO OUTFILE '$backupdoc' FROM comments"; if (mysql_query($query)) { echo '<div class="pass">'; echo "The Backup created successfully!"; echo '</div>'; exit; } else { echo '<div class="fail">'; echo "<strong>The backup couldn't be created! — You must create it manually.</strong> "; echo '</div>'; } } ?> <fieldset> <legend>Database Backups</legend><div id="gdf" /> <?php if (isset($_POST['show'])) { $dir = 'inc/backup/'; $count = 0; $d = dir($dir); while ($f = $d->read()) { if(($f!= ".") && ($f!= "..")) { if(!is_dir($f)) $count++; } } echo "Their are total of <strong>$count</strong> backups on record. <br /><br />"; $sub = ($_GET['dir']); $path = 'inc/backup'; $path = $path . "$sub"; $dh = opendir($path); $i=1; while (($file = readdir($dh)) !== false) { if($file != "." && $file != "..") { if (substr($file, -4, -3) =="."){ echo "\n\n $i ) <i>$file $size</i><br /><br />"; }else{ echo "$i ) <a href='?dir=$sub/$file#ggc' class='credits'>$file<br /></a><br />"; } $i++; } } closedir($dh); } elseif (isset($_POST['hide'])) { $dir = 'inc/backup/'; $count = 0; $d = dir($dir); while ($f = $d->read()) { if(($f!= ".") && ($f!= "..")) { if(!is_dir($f)) $count++; } } echo "Their are total of <strong>$count</strong> backups on record."; } else { $dir = 'inc/backup/'; $count = 0; $d = dir($dir); while ($f = $d->read()) { if(($f!= ".") && ($f!= "..")) { if(!is_dir($f)) $count++; } } echo "Their are total of <strong>$count</strong> backups on record."; } ?> </fieldset> <form method="post" action="<?php echo htmlspecialchars($_SERVER['PHP_SELF']); ?>"> <div class="next"><input type="submit" name="mbackup" class="submit" value="Create Backup" /> <input type="submit" name="show" class="submit" value="Show Backups" /> <input align="right" type="submit" name="hide" class="submit" value="Hide Backups" /> </div><br style="clear: both;" /> </form> <br /> <?php // General config if (isset($_POST['sub'])) { // update the settings file $str = "<?php /** * Copyright 2008 Grestul Group * Powered by Grestul **/\n // Please use the visual Installer to install this software // If Grestul is already installed please use the admin panel to modify this information\n"; foreach ($_POST as $k=>$v) { if ($k != 'sub') // ignore submit button { $str .= "\$$k='$v';\n"; // add line to config file text } } $str .= "?>"; $file_open = fopen(GRESTUL_ROOT.'inc/settings.php', "w+"); fwrite($file_open, $str); $fclose($file_open); } ?> </div> </div> <div class="footer"> <!-- DO NOT CHANGE, REMOVE, OR HINDER WITH THE COPYRIGHT OR POWERED BY LINES BELOW --> <!-- YOU AGREED TO THE AGREEMENT WHEN YOU DOWNLOADED AND INSTALLED OUR SOFTWARE --> <!-- REMOVING THE LINES BELOW WILL FORCE US TO TAKE LEGAL ACTION --> <!-- BE FAIR AND KEEP THE POWERED BY AND COPYRIGHT LINES. --> Powered By: <a href="http://grestul.com" target="_blank">Grestul,</a> Copyright © 2008 <a href="http://grestul.com" target="_blank">Grestul Group.</a> </div> </body> </html> |
:: Command execute :: | |
--[ c99shell v. 1.0 pre-release build #13 powered by Captain Crunch Security Team | http://ccteam.ru | Generation time: 0.0156 ]-- |