File Manager

Hackfut Security File Manager

Current Path: /mnt/ceph/services/websiteos/phpmyadmin/phpMyAdmin-4.0.6-all-languages

mnt / ceph / services / websiteos / phpmyadmin / phpMyAdmin-4.0.6-all-languages /

📄 !TASK.php(753 B)
📁 ..
📄 .htaccess(0 B)
📄 ChangeLog(15.49 KB)
📄 LICENSE(17.59 KB)
📄 README(2.04 KB)
📄 RELEASE-DATE-4.0.6(29 B)
📄 browse_foreigners.php(11.23 KB)
📄 changelog.php(4.69 KB)
📄 chk_rel.php(308 B)
📄 composer.json(777 B)
📄 config.inc.php(317 B)
📄 config.sample.inc.php(3.8 KB)
📁 config_template
📄 db_create.php(4.16 KB)
📄 db_datadict.php(8.74 KB)
📄 db_events.php(401 B)
📄 db_export.php(2.63 KB)
📄 db_import.php(493 B)
📄 db_operations.php(9 KB)
📄 db_printview.php(6.94 KB)
📄 db_qbe.php(1.56 KB)
📄 db_routines.php(454 B)
📄 db_search.php(1.6 KB)
📄 db_sql.php(1.3 KB)
📄 db_structure.php(9.78 KB)
📄 db_tracking.php(7.98 KB)
📄 db_triggers.php(364 B)
📁 doc
📁 examples
📄 export.php(33.23 KB)
📄 favicon.ico(18.46 KB)
📄 file_echo.php(2.09 KB)
📄 gis_data_editor.php(15.17 KB)
📄 htaccess.php(3.08 KB)
📄 import.php(20.25 KB)
📄 import_status.php(2.82 KB)
📄 index.php(18.39 KB)
📁 js
📁 libraries
📄 license.php(728 B)
📁 locale
📄 navigation.php(696 B)
📁 nbproject
📄 phpinfo.php(389 B)
📄 phpmyadmin.css.php(746 B)
📄 phpunit.xml.nocoverage(1.62 KB)
📄 pmd_display_field.php(2.1 KB)
📄 pmd_general.php(36.01 KB)
📄 pmd_pdf.php(4.83 KB)
📄 pmd_relation_new.php(4.22 KB)
📄 pmd_relation_upd.php(2.3 KB)
📄 pmd_save_pos.php(2.39 KB)
📄 prefs_forms.php(2.5 KB)
📄 prefs_manage.php(13.99 KB)
📄 print.css(1.18 KB)
📄 querywindow.php(6.08 KB)
📄 robots.txt(26 B)
📄 schema_edit.php(3.87 KB)
📄 schema_export.php(1.67 KB)
📄 server_binlog.php(6.06 KB)
📄 server_collations.php(2.25 KB)
📄 server_databases.php(11.15 KB)
📄 server_engines.php(3.96 KB)
📄 server_export.php(2.21 KB)
📄 server_import.php(431 B)
📄 server_plugins.php(6.44 KB)
📄 server_privileges.php(15.55 KB)
📄 server_replication.php(14.35 KB)
📄 server_sql.php(524 B)
📄 server_status.php(16.33 KB)
📄 server_status_advisor.php(2.14 KB)
📄 server_status_monitor.php(28.93 KB)
📄 server_status_queries.php(5.59 KB)
📄 server_status_variables.php(29.34 KB)
📄 server_variables.php(7.66 KB)
📁 setup
📄 show_config_errors.php(1.01 KB)
📄 sql.php(58.48 KB)
📄 tbl_addfield.php(8.46 KB)
📄 tbl_change.php(13.37 KB)
📄 tbl_chart.php(9.25 KB)
📄 tbl_create.php(15.5 KB)
📄 tbl_export.php(2.79 KB)
📄 tbl_get_field.php(1.42 KB)
📄 tbl_gis_visualization.php(7.14 KB)
📄 tbl_import.php(574 B)
📄 tbl_indexes.php(10.57 KB)
📄 tbl_move_copy.php(2.73 KB)
📄 tbl_operations.php(11.2 KB)
📄 tbl_printview.php(15.58 KB)
📄 tbl_relation.php(26.75 KB)
📄 tbl_replace.php(13.03 KB)
📄 tbl_row_action.php(3.91 KB)
📄 tbl_select.php(1.92 KB)
📄 tbl_sql.php(928 B)
📄 tbl_structure.php(13.27 KB)
📄 tbl_tracking.php(30.85 KB)
📄 tbl_triggers.php(144 B)
📄 tbl_zoom_select.php(5.84 KB)
📁 themes
📄 themes.php(835 B)
📄 transformation_overview.php(1.28 KB)
📄 transformation_wrapper.php(3.68 KB)
📄 url.php(471 B)
📄 user_password.php(6.6 KB)
📄 version_check.php(1.42 KB)
📄 view_create.php(6.9 KB)
📄 view_operations.php(2.61 KB)
📄 webapp.php(1.1 KB)

Editing: pmd_pdf.php

<?php
/* vim: set expandtab sw=4 ts=4 sts=4: */
/**
 *
 * @package PhpMyAdmin-Designer
 */

require_once './libraries/common.inc.php';
require_once 'libraries/pmd_common.php';

/**
 * Validate vulnerable POST parameters
 */
if (isset($_POST['scale']) && ! PMA_isValid($_POST['scale'], 'numeric')) {
    die('Attack stopped');
}

/**
  * Sets globals from $_POST
  */
$post_params = array(
    'db',
    'mode',
    'newpage',
    'pdf_page_number',
    'scale'
);

foreach ($post_params as $one_post_param) {
    if (isset($_POST[$one_post_param])) {
        $GLOBALS[$one_post_param] = $_POST[$one_post_param];
    }
}

/**
 * If called directly from the designer, first save the positions
 */
if (! isset($scale)) {
    $no_die_save_pos = 1;
    include_once 'pmd_save_pos.php';
}

if (isset($mode)) {
    if ('create_export' != $mode && empty($pdf_page_number)) {
        die("<script>alert('Pages not found!');history.go(-2);</script>");
    }

$pmd_table = PMA_Util::backquote($GLOBALS['cfgRelation']['db']) . '.'
        . PMA_Util::backquote($GLOBALS['cfgRelation']['designer_coords']);
    $pma_table = PMA_Util::backquote($GLOBALS['cfgRelation']['db']) . '.'
        . PMA_Util::backquote($cfgRelation['table_coords']);
    $scale_q = PMA_Util::sqlAddSlashes($scale);

if ('create_export' == $mode) {
        $pdf_page_number = PMA_REL_createPage($newpage, $cfgRelation, $db);
        if ($pdf_page_number > 0) {
            $message = PMA_Message::success(__('Page has been created'));
            $mode = 'export';
        } else {
            $message = PMA_Message::error(__('Page creation failed'));
        }
    }

$pdf_page_number_q = PMA_Util::sqlAddSlashes($pdf_page_number);

if ('export' == $mode) {
        $sql = "REPLACE INTO " . $pma_table
            . " (db_name, table_name, pdf_page_number, x, y)"
            . " SELECT db_name, table_name, " . $pdf_page_number_q . ","
            . " ROUND(x/" . $scale_q . ") , ROUND(y/" . $scale_q . ") y"
            . " FROM " . $pmd_table
            . " WHERE db_name = '" . PMA_Util::sqlAddSlashes($db) . "'";

PMA_queryAsControlUser($sql, true, PMA_DBI_QUERY_STORE);
    }

if ('import' == $mode) {
        PMA_queryAsControlUser(
            'UPDATE ' . $pma_table . ',' . $pmd_table .
            ' SET ' . $pmd_table . '.`x`= ' . $pma_table . '.`x` * '. $scale_q . ',
            ' . $pmd_table . '.`y`= ' . $pma_table . '.`y` * '. $scale_q .'
            WHERE
            ' . $pmd_table . '.`db_name`=' . $pma_table . '.`db_name`
            AND
            ' . $pmd_table . '.`table_name` = ' . $pma_table . '.`table_name`
            AND
            ' . $pmd_table . '.`db_name`=\''. PMA_Util::sqlAddSlashes($db) . '\'
            AND pdf_page_number = ' . $pdf_page_number_q . ';',
            true, PMA_DBI_QUERY_STORE
        );
    }
}

$response = PMA_Response::getInstance();
$response->getFooter()->setMinimal();

?>
<br/>
<div>
<?php
if (! empty($message)) {
    $message->display();
}
?>
  <form name="form1" method="post" action="pmd_pdf.php">
<?php
echo PMA_generate_common_hidden_inputs($db);
echo '<div>';
echo '<fieldset><legend>' . __('Import/Export coordinates for PDF schema') . '</legend>';

$choices = array();

$table_info_result = PMA_queryAsControlUser(
    'SELECT * FROM ' . PMA_Util::backquote($GLOBALS['cfgRelation']['db'])
    . '.' . PMA_Util::backquote($cfgRelation['pdf_pages'])
    . ' WHERE db_name = \'' . PMA_Util::sqlAddSlashes($db) . '\''
);

if (PMA_DBI_num_rows($table_info_result) > 0) {
    echo '<p>' . __('Page') . ':';
    echo '<select name="pdf_page_number">';

while ($page = PMA_DBI_fetch_assoc($table_info_result)) {
        echo '<option value="' . $page['page_nr'] . '">';
        echo htmlspecialchars($page['page_descr']);
        echo '</option>';
    }
    echo '</select>';
    echo '</p>';
    $choices['import'] = __('Import from selected page');
    $choices['export'] = __('Export to selected page');
}
$choices['create_export'] = __('Create a page and export to it');

if (1 == count($choices)) {
    echo $choices['create_export'];
    echo '<input type="hidden" name="mode" value="create_export" />';
} else {
    echo PMA_Util::getRadioFields(
        'mode', $choices, $checked_choice = '', $line_break = true,
        $escape_label = false, $class = ''
    );
}
echo '<br />';
echo '<label for="newpage">' . __('New page name: ') . '</label>';
echo '<input id="newpage" type="text" name="newpage" />';

echo '<p>' . __('Export/Import to scale') . ':';
?>
      <select name="scale">
        <option value="1">1:1</option>
        <option value="2">1:2</option>
        <option value="3" selected="selected">1:3 (<?php echo __('recommended'); ?>)</option>
        <option value="4">1:4</option>
        <option value="5">1:5</option>
      </select>
      </p>
      <input type="submit" value="<?php echo __('Go'); ?>"/>
    </fieldset>
    </div>
  </form>
</div>

Hackfut Security File Manager

Editing: pmd_pdf.php

Upload File

Create Folder