Software: Apache. PHP/5.5.15 uname -a: Windows NT SVR-DMZ 6.1 build 7600 (Windows Server 2008 R2 Enterprise Edition) i586 SYSTEM Safe-mode: OFF (not secure) C:\phpMyAdmin1\ drwxrwxrwx |
Viewing file: Select action/file-type: disable(); require_once 'libraries/pmd_common.php'; $table = $_POST['T']; $display_field = $_POST['F']; if ($cfgRelation['displaywork']) { $disp = PMA_getDisplayField($db, $table); if ($disp) { if ($display_field != $disp) { $upd_query = 'UPDATE ' . PMA_Util::backquote($GLOBALS['cfgRelation']['db']) . '.' . PMA_Util::backquote($cfgRelation['table_info']) . ' SET display_field = \'' . PMA_Util::sqlAddSlashes($display_field) . '\'' . ' WHERE db_name = \'' . PMA_Util::sqlAddSlashes($db) . '\'' . ' AND table_name = \'' . PMA_Util::sqlAddSlashes($table) . '\''; } else { $upd_query = 'DELETE FROM ' . PMA_Util::backquote($GLOBALS['cfgRelation']['db']) . '.' . PMA_Util::backquote($cfgRelation['table_info']) . ' WHERE db_name = \'' . PMA_Util::sqlAddSlashes($db) . '\'' . ' AND table_name = \'' . PMA_Util::sqlAddSlashes($table) . '\''; } } elseif ($display_field != '') { $upd_query = 'INSERT INTO ' . PMA_Util::backquote($GLOBALS['cfgRelation']['db']) . '.' . PMA_Util::backquote($cfgRelation['table_info']) . '(db_name, table_name, display_field) ' . ' VALUES(' . '\'' . PMA_Util::sqlAddSlashes($db) . '\',' . '\'' . PMA_Util::sqlAddSlashes($table) . '\',' . '\'' . PMA_Util::sqlAddSlashes($display_field) . '\')'; } if (isset($upd_query)) { $upd_rs = PMA_queryAsControlUser($upd_query); } } // end if header("Content-Type: text/xml; charset=utf-8"); header("Cache-Control: no-cache"); die(" |
:: Command execute :: | |
--[ c99shell v. 1.0 pre-release build #13 powered by Captain Crunch Security Team | http://ccteam.ru | Generation time: 0.0312 ]-- |