function load_xss_record($filename)
{
if (strpos($filename, "..") === false && strpos($filename, "/") === false && strpos($filename, "\\") === false) {
$logFile = dirname(__FILE__) . '/' . DATA_PATH . '/' . $filename . '.php';
if (!file_exists($logFile)) {
return false;
}
$info = @file_get_contents($logFile);
if ($info === false) {
return false;
}
if (strncmp($info, '<?php exit();?>', 15) != 0) {
return false;
}
$info = substr($info, 15);
$info = decrypt($info);
//只会出现在加密密码错误的时候
if (!preg_match('/^[A-Za-z0-9\\x00-\\x80~!@#$%&_+-=:";\'<>,\\/"\\[\\]\\\\^\\.\\|\\?\\*\\+\\(\\)\\{\\}\\s]+$/', $info)) {
return false;
}
$info = json_decode($info, true);
//只会出现在加密密码错误的时候
if ($info === false) {
return false;
}
$isChange = false;
if (!isset($info['location'])) {
$info['location'] = stripStr(convertip($info['user_IP'], IPDATA_PATH));
$isChange = true;
}
//只会出现在加密密码错误的时候
if (!isset($info['request_time'])) {
return false;
}
if ($isChange) {
save_xss_record(json_encode($info), $filename);
}
return $info;
} else {
return false;
}
}
function xss_record_detail_list()
{
$list = array();
$files = glob(DATA_PATH . '/*.php');
arsort($files);
foreach ($files as $file) {
$filename = basename($file, ".php");
if (preg_match(ID_REGEX, $filename)) {
$info = load_xss_record($filename);
if ($info === false) {
continue;
}
$isChange = false;
//如果没有设置location,就查询qqwry.dat判断location
if (!isset($info['location'])) {
$info['location'] = stripStr(convertip($info['user_IP'], IPDATA_PATH));
$isChange = true;
}
if ($isChange) {
save_xss_record(json_encode($info), $filename);
}
$list[] = $info;
}
}
return $list;
}
$decoded_post_data = tryBase64Decode($_POST);
$cookie_data = $_COOKIE;
$decoded_cookie_data = tryBase64Decode($_COOKIE);
//防xss过滤,对array要同时处理key与value
$info['user_IP'] = stripStr($user_IP);
$info['user_port'] = stripStr($user_port);
$info['protocol'] = stripStr($protocol);
$info['request_method'] = stripStr($request_method);
$info['request_URI'] = stripStr($request_URI);
$info['request_time'] = stripStr($request_time);
$info['headers_data'] = stripArr($headers_data);
$info['get_data'] = stripArr($get_data);
if ($decoded_get_data) {
$info['decoded_get_data'] = stripArr($decoded_get_data);
}
$info['post_data'] = stripArr($post_data);
if ($decoded_post_data) {
$info['decoded_post_data'] = stripArr($decoded_post_data);
}
$info['cookie_data'] = stripArr($cookie_data);
if ($decoded_cookie_data) {
$info['decoded_cookie_data'] = stripArr($decoded_cookie_data);
}
//判断是否keepsession(判断标准:get或者post或者cookie包含keepsession=1)
$info['keepsession'] = isKeepSession($info) ? true : false;
save_xss_record(json_encode($info), $request_time);
//发送邮件通知
if (MAIL_ENABLE) {
require_once "mail.php";
@send_mail($info);
}
