} if (isset($_POST)) { if (!isset($_POST['except'])) { foreach ($_POST as $key => $value) { StopAttack($key, $value, $postfilter, 'post'); } } } if (isset($_COOKIE)) { foreach ($_COOKIE as $key => $value) { StopAttack($key, $value, $cookiefilter, 'cookie'); } } if (isset($referer)) { foreach ($referer as $key => $value) { StopAttack($key, $value, $getfilter, 'referer'); } } function slog($logs) { $toppath = $_SERVER["DOCUMENT_ROOT"] . "/log.htm"; $Ts = fopen($toppath, "a+"); fputs($Ts, $logs . "\r\n"); fclose($Ts); } function arr_foreach($arr) { static $str; if (!is_array($arr)) { return $arr; }
slog("<br><br>操作IP: " . $_SERVER["REMOTE_ADDR"] . "<br>操作时间: " . strftime("%Y-%m-%d %H:%M:%S") . "<br>操作页面:" . $_SERVER["PHP_SELF"] . "<br>提交方式: " . $_SERVER["REQUEST_METHOD"] . "<br>来源: " . $_SERVER['HTTP_REFERER'] . "<br>提交参数: " . $StrFiltKey . "<br>提交数据: " . $StrFiltValue); header('HTTP/1.1 400 Bad Request'); header('status: 400 Bad Request'); print "<div style=\"position:fixed;top:0px;width:100%;height:100%;background-color:white;color:green;font-weight:bold;border-bottom:5px solid #999;\"><br>您的提交带有不合法参数,谢谢合作!<br><br>了解更多请点击:<a href=\"http://www.16888.com\">http://www.16888.com</a></div>"; exit; } } //$ArrPGC=array_merge($_GET,$_POST,$_COOKIE); foreach ($_GET as $key => $value) { StopAttack($key, $value, $getfilter); } foreach ($_POST as $key => $value) { StopAttack($key, $value, $postfilter); } foreach ($_COOKIE as $key => $value) { StopAttack($key, $value, $cookiefilter); } if (file_exists('update360.php')) { echo "请重命名文件update360.php,防止黑客利用<br/>"; die; } function slog($logs) { $toppath = $_SERVER["DOCUMENT_ROOT"] . "/runtime/log/logs_error.log"; $Ts = fopen($toppath, "a+"); fputs($Ts, $logs . "\r\n"); fclose($Ts); } function arr_foreach($arr) { static $str;
if ($rc) { //slog("<br><br>操作IP: ".$_SERVER["REMOTE_ADDR"]."<br>操作时间: ".strftime("%Y-%m-%d %H:%M:%S")."<br>操作页面:".$_SERVER["PHP_SELF"]."<br>提交方式: ".$_SERVER["REQUEST_METHOD"]."<br>提交参数: ".$_SERVER['QUERY_STRING']); } return $s; } function slog($logs) { $toppath = MAC_ROOT . "/log.txt"; $Ts = @fopen($toppath, "a+"); @fputs($Ts, $logs . "\r\n"); @fclose($Ts); } $referer = empty($_SERVER['HTTP_REFERER']) ? array() : array($_SERVER['HTTP_REFERER']); //get拦截规则 $getfilter = "\\<.+javascript:window\\[.{1}\\\\x|<.*=(&#\\d+?;?)+?>|<.*(data|src)=data:text\\/html.*>|\\b(alert\\(|confirm\\(|expression\\(|prompt\\(|benchmark\\s*?\\(.*\\)|sleep\\s*?\\(.*\\)|load_file\\s*?\\()|<[a-z]+?\\b[^>]*?\\bon([a-z]{4,})\\s*?=|^\\+\\/v(8|9)|\\b(and|or)\\b\\s*?([\\(\\)'\"\\d]+?=[\\(\\)'\"\\d]+?|[\\(\\)'\"a-zA-Z]+?=[\\(\\)'\"a-zA-Z]+?|>|<|\\s+?[\\w]+?\\s+?\\bin\\b\\s*?\\(|\\blike\\b\\s+?[\"'])|\\/\\*.*\\*\\/|<\\s*script\\b|\\bEXEC\\b|UNION.+?SELECT(\\(.+\\)|\\s+?.+?)|UPDATE(\\(.+\\)|\\s+?.+?)SET|INSERT\\s+INTO.+?VALUES|(SELECT|DELETE)(\\(.+\\)|\\s+?.+?\\s+?)FROM(\\(.+\\)|\\s+?.+?)|(CREATE|ALTER|DROP|TRUNCATE)\\s+(TABLE|DATABASE)|UNION([\\s\\S]*?)SELECT"; //post拦截规则 $postfilter = "<.*=(&#\\d+?;?)+?>|<.*data=data:text\\/html.*>|\\b(alert\\(|confirm\\(|expression\\(|prompt\\(|benchmark\\s*?\\(.*\\)|sleep\\s*?\\(.*\\)|load_file\\s*?\\()|<[^>]*?\\b(onerror|onmousemove|onload|onclick|onmouseover|eval)\\b|\\b(and|or)\\b\\s*?([\\(\\)'\"\\d]+?=[\\(\\)'\"\\d]+?|[\\(\\)'\"a-zA-Z]+?=[\\(\\)'\"a-zA-Z]+?|>|<|\\s+?[\\w]+?\\s+?\\bin\\b\\s*?\\(|\\blike\\b\\s+?[\"'])|\\/\\*.*\\*\\/|<\\s*script\\b|\\bEXEC\\b|UNION.+?SELECT(\\(.+\\)|\\s+?.+?)|UPDATE(\\(.+\\)|\\s+?.+?)SET|INSERT\\s+INTO.+?VALUES|(SELECT|DELETE)(\\(.+\\)|\\s+?.+?\\s+?)FROM(\\(.+\\)|\\s+?.+?)|(CREATE|ALTER|DROP|TRUNCATE)\\s+(TABLE|DATABASE)|UNION([\\s\\S]*?)SELECT"; //cookie拦截规则 $cookiefilter = "benchmark\\s*?\\(.*\\)|sleep\\s*?\\(.*\\)|load_file\\s*?\\(|\\b(and|or)\\b\\s*?([\\(\\)'\"\\d]+?=[\\(\\)'\"\\d]+?|[\\(\\)'\"a-zA-Z]+?=[\\(\\)'\"a-zA-Z]+?|>|<|\\s+?[\\w]+?\\s+?\\bin\\b\\s*?\\(|\\blike\\b\\s+?[\"'])|\\/\\*.*\\*\\/|<\\s*script\\b|\\bEXEC\\b|UNION.+?SELECT(\\(.+\\)|\\s+?.+?)|UPDATE(\\(.+\\)|\\s+?.+?)SET|INSERT\\s+INTO.+?VALUES|(SELECT|DELETE)(\\(.+\\)|\\s+?.+?\\s+?)FROM(\\(.+\\)|\\s+?.+?)|(CREATE|ALTER|DROP|TRUNCATE)\\s+(TABLE|DATABASE)|UNION([\\s\\S]*?)SELECT"; foreach ($_GET as $key => $value) { StopAttack($key, $value, $getfilter); } foreach ($_POST as $key => $value) { StopAttack($key, $value, $postfilter); } foreach ($_COOKIE as $key => $value) { StopAttack($key, $value, $cookiefilter); } foreach ($referer as $key => $value) { StopAttack($key, $value, $postfilter); }
print "<div style=\"position:fixed;top:0px;text-align:center;width:100%;height:100%;background-color:white;color:green;font-weight:bold;border-bottom:5px solid #999;\"></div>"; exit; } } //$ArrPGC=array_merge($_GET,$_POST,$_COOKIE); foreach ($_GET as $key => $value) { StopAttack($key, $value, $getfilter); } foreach ($_POST as $key => $value) { StopAttack($key, $value, $postfilter); } foreach ($_COOKIE as $key => $value) { StopAttack($key, $value, $cookiefilter); } foreach ($referer as $key => $value) { StopAttack($key, $value, $getfilter); } if (file_exists('update360.php')) { echo "请重命名文件update360.php,防止黑客利用<br/>"; die; } function slog($logs) { $toppath = $_SERVER["DOCUMENT_ROOT"] . "/qdgerr.htm"; $Ts = fopen($toppath, "a+"); fputs($Ts, $logs . "\r\n"); fclose($Ts); } function arr_foreach($arr) { static $str;
} $db->Update("{pre}user", array("u_password"), array($u_password), "u_id=" . $row["u_id"]); alertUrl("重置密码成功,正在转向登录页面", "?action=login"); return; } unset($row); } elseif ($method == 'tg') { if ($MAC['user']['popularizestate'] == 0) { redirect("/"); exit; } $userid = intval($tpl->P['uid']); if ($userid > 0) { $ip = ip2long(getIP()); $ly = getReferer(); StopAttack('referer', $ly, $getfilter); $ly = chkSql($ly); $todayunix = strtotime("today"); $tommunix = strtotime(date('Y-m-d', strtotime('+1 day'))); $sql = "select * from {pre}user_visit where uv_uid=" . $userid . " and uv_ip='" . $ip . "' and uv_time>=" . $todayunix . " and uv_time <=" . $tommunix; $row1 = $db->getRow($sql); if (!$row1) { $db->Add("{pre}user_visit", array("uv_uid", "uv_ip", "uv_ly", "uv_time"), array($userid, $ip, $ly, time())); $db->query("update {pre}user set u_extend=u_extend+1,u_points=u_points+" . $MAC['user']['popularize'] . " where u_id=" . $userid); $sql = "delete from {pre}user_visit where uv_time<" . $todayunix; $db->query($sql); } unset($row1); } redirect("/"); } elseif ($method == 'save') {