!C99Shell v. 1.0 pre-release build #16!

Software: Apache/2.0.54 (Fedora). PHP/5.0.4 

uname -a: Linux mina-info.me 2.6.17-1.2142_FC4smp #1 SMP Tue Jul 11 22:57:02 EDT 2006 i686 

uid=48(apache) gid=48(apache) groups=48(apache)
context=system_u:system_r:httpd_sys_script_t 

Safe-mode: OFF (not secure)

/home/mnnews/public_html/phpads/admin/   drwxr-xr-x
Free 3.96 GB of 27.03 GB (14.65%)
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     banner-modify.php (5.45 KB)      -rwxr-xr-x
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<?php // $Revision: 1.11 $

/************************************************************************/
/* phpAdsNew 2                                                          */
/* ===========                                                          */
/*                                                                      */
/* Copyright (c) 2001 by the phpAdsNew developers                       */
/* http://sourceforge.net/projects/phpadsnew                            */
/*                                                                      */
/* This program is free software. You can redistribute it and/or modify */
/* it under the terms of the GNU General Public License as published by */
/* the Free Software Foundation; either version 2 of the License.       */
/************************************************************************/



// Include required files
require ("config.php");
require ("lib-storage.inc.php");
require ("lib-zones.inc.php");
require ("lib-statistics.inc.php");
require ("../lib-priority.inc.php");


// Security check
phpAds_checkAccess(phpAds_Admin);



/*********************************************************/
/* Main code                                             */
/*********************************************************/

if (isset($bannerid) && $bannerid != '')
{
    if (isset($moveto_x) && $moveto != '')
    {
        // Move the banner
        $res = phpAds_dbQuery("UPDATE ".$phpAds_config['tbl_banners']." SET clientid = '".$moveto."' WHERE bannerid = '".$bannerid."'") or phpAds_sqlDie();
        
        // Rebuild priorities
        phpAds_PriorityCalculate ();
        
        // Rebuild zone cache
        if ($phpAds_config['zone_cache'])
            phpAds_RebuildZoneCache ();
        
        // Get new clientid
        $clientid = phpAds_getParentID ($moveto);
        
        Header ("Location: ".$returnurl."?clientid=".$clientid."&campaignid=".$moveto."&bannerid=".$bannerid);
    }
    elseif (isset($applyto_x) && $applyto != '')
    {
        // Apply display limitation to
        
        // Delete old limitations
           $res = phpAds_dbQuery("
            DELETE FROM
                ".$phpAds_config['tbl_acls']."
            WHERE
                bannerid = ".$applyto."
        ") or phpAds_sqlDie();
        
        // Load source limitation
        $res = phpAds_dbQuery("
           SELECT
                 *
              FROM
                 ".$phpAds_config['tbl_acls']."
              WHERE
                 bannerid = ".$bannerid."
           ") or phpAds_sqlDie();
        
           while ($row = phpAds_dbFetchArray($res))
           {
               $values_fields = '';
               $values = '';
               
            $row['bannerid'] = $applyto;
               
            while (list($name, $value) = each($row))
            {
                $values_fields .= "$name, ";
                $values .= "'".addslashes($value)."', ";
            }
            
            $values_fields = ereg_replace(", $", "", $values_fields);
            $values = ereg_replace(", $", "", $values);
            
            phpAds_dbQuery("
                INSERT INTO
                    ".$phpAds_config['tbl_acls']."
                    ($values_fields)
                VALUES
                    ($values)
            ") or phpAds_sqlDie();
        }
        
        Header ("Location: ".$returnurl."?clientid=".$clientid."&campaignid=".$campaignid."&bannerid=".$applyto);
    }
    elseif (isset($duplicate) && $duplicate == 'true')
    {
        // Duplicate the banner
        
        $res = phpAds_dbQuery("
            SELECT
                   *
            FROM
                ".$phpAds_config['tbl_banners']."
            WHERE
                bannerid = ".$bannerid."
        ") or phpAds_sqlDie();
        
        if ($row = phpAds_dbFetchArray($res))
        {
            // Remove bannerid
            unset($row['bannerid']);
            
            
            // Duplicate stored banner
            if ($row['storagetype'] == 'web' || $row['storagetype'] == 'sql')
                $row['filename'] = phpAds_ImageDuplicate ($row['storagetype'], $row['filename']);
            
            
            // Clone banner
               $values_fields = '';
               $values = '';
            
            while (list($name, $value) = each($row))
            {
                $values_fields .= "$name, ";
                $values .= "'".addslashes($value)."', ";
            }
            
            $values_fields = ereg_replace(", $", "", $values_fields);
            $values = ereg_replace(", $", "", $values);
            
               $res = phpAds_dbQuery("
                   INSERT INTO
                       ".$phpAds_config['tbl_banners']."
                       ($values_fields)
                   VALUES
                       ($values)
               ") or phpAds_sqlDie();
            
            $new_bannerid = phpAds_dbInsertID();
            
               
            if ($phpAds_config['acl'])
            {
                // Clone display limitations
                   $res = phpAds_dbQuery("
                      SELECT
                         *
                      FROM
                         ".$phpAds_config['tbl_acls']."
                      WHERE
                         bannerid = ".$bannerid."
                   ") or phpAds_sqlDie();
                
                   while ($row = phpAds_dbFetchArray($res))
                   {
                       $values_fields = '';
                       $values = '';
                       
                    $row['bannerid'] = $new_bannerid;
                       
                    while (list($name, $value) = each($row))
                    {
                        $values_fields .= "$name, ";
                        $values .= "'".addslashes($value)."', ";
                    }
                    
                       $values_fields = ereg_replace(", $", "", $values_fields);
                    $values = ereg_replace(", $", "", $values);
                    
                    phpAds_dbQuery("
                        INSERT INTO
                            ".$phpAds_config['tbl_acls']."
                            ($values_fields)
                        VALUES
                            ($values)
                    ") or phpAds_sqlDie();
                }
            }
        }
        
        // Rebuild priorities
        phpAds_PriorityCalculate ();
        
        // Rebuild zone cache
        if ($phpAds_config['zone_cache'])
            phpAds_RebuildZoneCache ();
        
        Header ("Location: ".$returnurl."?clientid=".$clientid."&campaignid=".$campaignid."&bannerid=".$new_bannerid);
    }
    else
    {
        Header ("Location: ".$returnurl."?clientid=".$clientid."&campaignid=".$campaignid."&bannerid=".$bannerid);
    }
}

?>

:: Command execute ::

Enter:
 
Select:
 

:: Search ::
  - regexp 
:: Upload ::
 
[ Read-Only ]

:: Make Dir ::
 
[ Read-Only ]
:: Make File ::
 
[ Read-Only ]

:: Go Dir ::
 
:: Go File ::
 

--[ c99shell v. 1.0 pre-release build #16 powered by Captain Crunch Security Team | http://ccteam.ru | Generation time: 0.0038 ]--