/** $a[0] = $_SERVER['REQUEST_URI']; //$a[1] = '<script>alert(12313)</script>'; //$a[2] = '<script>alert(12313)</script>'; //$a[3] = '<script>alert(12313)</script>'; echo "<pre>"; echo $a[0]; print_r(DetectXSS($a)); echo "</pre>"; **/ function DetectXSS($val) { if (!is_array($val)) { if (RemoveXSS($val) != $val) { log(htmlspecialchars($val)); die('warning:found xss attack !'); } } else { foreach ($val as $k => $v) { DetectXSS($v); } } }
function cevapOy($deger, $userID, $cevapID) { global $yol1, $currentFile; if (!empty($userID) && !empty($cevapID)) { if (cevapOyVar($userID, $cevapID)) { $sql2 = "UPDATE eo_askanswerrate \r\n\t\t\t\t\tSET degeri='{$deger}'\r\n\t\t\t\t\tWHERE userID='{$userID}' and cevapID='{$cevapID}'\t\t\t\t\t\r\n\t\t\t\t\t"; } else { $sql2 = "INSERT INTO eo_askanswerrate \r\n\t\t\t\t\t(degeri,userID,cevapID)\r\n\t\t\t \t\tVALUES\r\n\t\t\t\t\t('{$deger}','{$userID}', '{$cevapID}')\r\n\t\t\t\t\t"; } $result2 = mysql_query($sql2, $yol1); if ($result2) { echo "Oy verdiniz."; trackUser($currentFile, "success,QuesVote", RemoveXSS($_SESSION["usern"])); } else { echo "Oy verilemedi!"; trackUser($currentFile, "fail,QuesVote", RemoveXSS($_SESSION["usern"])); } } else { echo "Oy verilemedi!"; } }
Demo Site: http://yunus.sourceforge.net/eogr Source Track: http://eogr.googlecode.com Support: http://www.ohloh.net/p/eogr This project is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 3 of the License, or any later version. See the GNU Lesser General Public License for more details. */ @session_start(); header("Content-Type: text/html; charset=iso-8859-9"); require "conf.php"; checkLoginLang(true, true, "askForFriendship2.php"); $kisi = RemoveXSS($_POST["kisi"]); $kabul = RemoveXSS($_POST["kabul"]); /* baglan2: parametresiz, veritabaný baðlantýsý */ function baglan2() { global $_host; global $_username; global $_password; return @mysql_connect($_host, $_username, $_password); } if (!baglan2()) { die("<font id='hata'> Lüften, 'veritabanı' <a href=install.php>kurulumunu (installation)</a> yapınız!</font>"); } $yol1 = baglan2();
} else { @unlink((string) $MW->getConfig->generic->avatar_path . $user['id'] . '.' . $ext); } } } } } elseif ($_POST['deleteavatar'] == 1 && preg_match("/\\d+\\.\\w+/i", $_POST['avatarfile'])) { if (@unlink((string) $MW->getConfig->generic->avatar_path . $_POST['avatarfile'])) { $DB->query("UPDATE account_extend SET avatar=NULL WHERE account_id=?d LIMIT 1", $user['id']); } } if (isset($_POST['profile']['g_id'])) { unset($_POST['profile']['g_id']); } $_POST['profile']['signature'] = htmlspecialchars($_POST['profile']['signature']); $DB->query("UPDATE account_extend SET ?a WHERE account_id=?d LIMIT 1", RemoveXSS($_POST['profile']), $user['id']); redirect('index.php?n=account&sub=manage', 1); } elseif ($_GET['action'] == 'changesecretq') { if (check_for_symbols($_POST['secreta1']) == FALSE && check_for_symbols($_POST['secreta2']) == FALSE && $_POST[secretq1] != '0' && $_POST[secretq2] != '0' && isset($_POST[secreta1]) && isset($_POST[secreta2]) && strlen($_POST[secreta1]) > 4 && strlen($_POST[secreta2]) > 4 && $_POST['secreta1'] != $_POST['secreta2'] && $_POST['secretq1'] != $_POST['secretq2']) { $DB->query("UPDATE account_extend SET secretq1=?,secretq2=?,secreta1=?,secreta2=? WHERE account_id=?d", strip_if_magic_quotes($_POST['secretq1']), strip_if_magic_quotes($_POST['secretq2']), strip_if_magic_quotes($_POST['secreta1']), strip_if_magic_quotes($_POST['secreta2']), $user['id']); output_message('notice', '<b>' . $lang['changed_secretq'] . '</b><meta http-equiv=refresh content="4;url=index.php?n=account&sub=manage">'); } else { output_message('alert', '<b>' . $lang['fail_change_secretq'] . '</b><meta http-equiv=refresh content="3;url=index.php?n=account&sub=manage">'); } } elseif ($_GET['action'] == 'resetsecretq') { if ($_POST['reset_secretq']) { $DB->query("UPDATE account_extend SET secretq1='0',secretq2='0',secreta1='0',secreta2='0' WHERE account_id=?d", $user['id']); output_message('notice', '<b>' . $lang['reset_succ_secretq'] . '</b><meta http-equiv=refresh content="4;url=index.php?n=account&sub=manage">'); } } elseif ($_GET['action'] == 'change_gameplay') { if ($_POST['switch_wow_type'] == 'wotlk') {
if (!empty($_GET['siraYap']) and $_GET["yonU"] != "dur" && $_GET['siraYap'] == "OK") { $siraYonu = $_SESSION["siraYonu2"] == "desc" ? "asc" : "desc"; $_SESSION["siraYonu2"] = $siraYonu; } else { $siraYonu = $_SESSION["siraYonu2"]; } } $sirAlan = temizle(isset($_GET['order']) ? $_GET['order'] : ""); if ($sirAlan != "") { $query_eoUsers = "SELECT eo_comments.id as id, eo_comments.konuID as konuID, eo_users.id as userID, eo_comments.active, eo_comments.comment, eo_comments.commentDate,eo_users.userName as userName, eo_4konu.konuAdi as konuAdi FROM eo_comments {$filtr2} ORDER BY {$sirAlan} {$siraYonu}"; } else { $query_eoUsers = "SELECT eo_comments.id as id, eo_comments.konuID as konuID, eo_users.id as userID, eo_comments.active,eo_comments.comment, eo_comments.commentDate, eo_users.userName as userName, eo_4konu.konuAdi as konuAdi FROM eo_comments {$filtr2} ORDER BY eo_comments.commentDate DESC"; $sirAlan = "commentDate"; } if (!empty($_GET["upd"]) and $_GET["upd"] == "1") { $query_limit_eoUsers = "SELECT eo_comments.id as id, eo_comments.comment FROM eo_comments where id='" . RemoveXSS($_GET["id"]) . "'"; } else { $query_limit_eoUsers = sprintf("%s LIMIT %d, %d", $query_eoUsers, $startRow_eoUsers, $maxRows_eoUsers); } $eoUsers = mysql_query($query_limit_eoUsers, $yol); if (!$eoUsers) { echo mysql_error(); } $row_eoUsers = @mysql_fetch_assoc($eoUsers); $totalRows_eoUsers = @mysql_num_rows($eoUsers); if (isset($_GET['totalRows_eoUsers'])) { $totalRows_eoUsers = $_GET['totalRows_eoUsers']; } else { $all_eoUsers = mysql_query($query_eoUsers); $totalRows_eoUsers = @mysql_num_rows($all_eoUsers); }
if (!$userid){ write_log("Someone is hacking shoutbox. - IP : ".getip(),'mod'); die($lang_shoutbox['text_no_permission_to_shoutbox']); } if ($_GET["toguest"]){ $type ='hb'; }else{ if(strpos($text,"@游客") > 0) $type = 'hb'; else $type = 'sb'; } } $date=sqlesc(time()); sql_query("INSERT INTO shoutbox (userid, date, text, type, ip) VALUES (" . sqlesc($userid) . ", $date, " . sqlesc(RemoveXSS($text)) . ", ".sqlesc($type).", ".sqlesc(getip()).")") or sqlerr(__FILE__, __LINE__); file_put_contents("shoutbox_new.html",mysql_insert_id()); if ($memcache->get('robotname') == ''){ $robotname = sql_query("SELECT username from users where id=11") or sqlerr(__FILE__,__LINE__); $robotname = mysql_fetch_array($robotname); $memcache->set('robotname',$robotname[0],false,3600*24*7); } else $robot = $memcache->get('robotname'); if (!$memcache->get('app_shoutbox_shoutup')) { if(preg_match( "/\[\@$robot\](.*?)(开奖|中奖|彩票)/",$text)) sendshoutbox("[@$CURUSER[username]]:最近一期的彩票是第".($memcache->get('drawid'))."期,中奖号码。。忘记了。。。[url=/lottery.php?action=drawlog]here,here~[/url]","","",$date+5); elseif(preg_match( "/\[\@$robot\](.*?)(不|别|没|无|非)/",$text)) //sendshoutbox("[@$CURUSER[username]]:我不认识否定词哎,不明白你说的啥意思,不过我的意思是你说的话的意思可能不是本来的意思。要是一直没人喂我的话我就要自己去偷麦粒了(。·`ω´·)[url=steal.php]你偷过麦粒么[/url] ","","",$date+5);
begin_main_frame(); insert_compose_frame($postid, 'edit'); end_main_frame(); stdfoot(); die; } //-------- Action: Post if ($action == "post") { if ($CURUSER["forumpost"] == 'no') { stderr($lang_forums['std_sorry'], $lang_forums['std_unauthorized_to_post'], false); die; } $id = $_POST["id"]; $type = $_POST["type"]; $subject = RemoveXSS($_POST["subject"]); $body = RemoveXSS(trim($_POST["body"])); $onlyauthor = $_POST["onlyauthor"] + 0; $hassubject = false; switch ($type) { case 'new': check_whether_exist($id, 'forum'); $forumid = $id; $hassubject = true; break; case 'reply': check_whether_exist($id, 'topic'); $topicid = $id; $forumid = get_single_value("topics", "forumid", "WHERE id=" . sqlesc($topicid)); break; case 'quote': check_whether_exist($id, 'topic');
//Vars require_once '../include/functions.inc.php'; require_once '../include/globalvar.inc.php'; require_once '../include/dbinfo.inc.php'; require_once '../include/loginstate.inc.php'; $tid = $_POST['TopicID']; //send comment if (isset($name)) { $content = $_POST['content']; if (get_magic_quotes_gpc()) { $name = stripslashes($name); $tid = stripslashes($tid); $content = stripslashes($content); } //$content= SafeHTML(UBB2HTML($content)); $content = RemoveXSS(UBB2HTML(strip_tags($content))); $name = $pdo->quote($name); $tid = $pdo->quote($tid); $content = $pdo->quote($content); $sql = $pdo->prepare("insert into tb_reply(TopicID,Name,content,Time,ip)\n\t\t\t\t\t\tvalues({$tid},{$name},{$content},now(),'127.0.0.1')"); if (!$sql->execute()) { $pmstate = "0"; } else { $sql = $pdo->prepare("UPDATE `{$DB_NAME}`.`tb_topic` SET `Lastreply_Time` = now(), `Lastreply_Name`= {$name}, `ReplyCount` = `ReplyCount`+1 WHERE `tb_topic`.`TopicID` = {$tid}"); $sql->execute(); $pmstate = "1"; } } echo $pmstate; if ($hadLogin) { echo "<script language='javascript'>\n";
/** * 执行发布帖子 */ public function doPost() { //检测用户是否被禁言 if ($isDisabled = model('DisableUser')->isDisableUser($this->mid, 'post')) { return array('status' => 0, 'msg' => '您已经被禁言了'); } if ($_GET['post_type'] == 'index') { $type = false; } else { $type = true; } $weibaid = intval($_POST['weiba_id']); if (!CheckPermission('weiba_normal', 'weiba_post')) { $this->error('对不起,您没有权限进行该操作!', $type); } $is_lock = M('weiba_blacklist')->where('weiba_id=' . $weibaid . ' and uid=' . $this->mid)->find(); if ($is_lock) { $this->error('您是黑名单用户没有发帖权限', $type); } $weibaid = intval($_POST['weiba_id']); if (!$weibaid) { $this->error('请选择微吧,等待返回选择微吧', $type); } $weiba = D('weiba')->where('weiba_id=' . $weibaid)->find(); //黑名单功能添加 if (!CheckPermission('core_admin', 'admin_login')) { switch ($weiba['who_can_post']) { case 1: $map['weiba_id'] = $weibaid; $map['follower_uid'] = $this->mid; $res = D('weiba_follow')->where($map)->find(); if (!$res && !CheckPermission('core_admin', 'admin_login')) { $this->error('对不起,您没有发帖权限,请关注该微吧!', $type); } break; case 2: $map['weiba_id'] = $weibaid; $map['level'] = array('in', '2,3'); $weiba_admin = D('weiba_follow')->where($map)->order('level desc')->field('follower_uid')->findAll(); if (!in_array($this->mid, getSubByKey($weiba_admin, 'follower_uid')) && !CheckPermission('core_admin', 'admin_login')) { $this->error('对不起,您没有发帖权限,仅限该吧管理员发帖!', $type); } break; case 3: $map['weiba_id'] = $weibaid; $map['level'] = 3; $weiba_admin = D('weiba_follow')->where($map)->order('level desc')->field('follower_uid')->find(); if ($this->mid != $weiba_admin['follower_uid'] && !CheckPermission('core_admin', 'admin_login')) { $this->error('对不起,您没有发帖权限,仅限该吧吧主发帖!', $type); } break; } } $checkContent = str_replace(' ', '', $_POST['content']); $checkContent = str_replace('<br />', '', $checkContent); $checkContent = str_replace('<p>', '', $checkContent); $checkContent = str_replace('</p>', '', $checkContent); $checkContents = preg_replace('/<img(.*?)src=/i', 'img', $checkContent); $checkContents = preg_replace('/<embed(.*?)src=/i', 'img', $checkContents); $checkContents = RemoveXSS($checkContents); if (strlen(t($_POST['title'])) == 0) { $this->error('帖子标题不能为空,等待返回添加标题', $type); } if (strlen(t($checkContents)) == 0) { $this->error('帖子内容不能为空,等待返回添加内容', $type); } preg_match_all('/./us', t($_POST['title']), $match); if (count($match[0]) > 25) { //汉字和字母都为一个字 $this->error('帖子标题不能超过25个字,等待返回修改标题', $type); } /* # 帖子内容 */ $content = h($_POST['content']); if (get_str_length($content) >= 20000) { $this->error('帖子内容过长!无法发布!'); } unset($content); if ($_POST['attach_ids']) { $attach = explode('|', $_POST['attach_ids']); foreach ($attach as $k => $a) { if (!$a) { unset($attach[$k]); } } $attach = array_map('intval', $attach); $data['attach'] = serialize($attach); } $data['weiba_id'] = $weibaid; $data['title'] = t($_POST['title']); $data['content'] = h($_POST['content']); $data['post_uid'] = $this->mid; $data['post_time'] = time(); $data['last_reply_uid'] = $this->mid; $data['last_reply_time'] = $data['post_time']; $data['feed_id'] = 0; /* # 格式化emoji */ $data['title'] = formatEmoji(true, $data['title']); $data['content'] = formatEmoji(true, $data['content']); $filterTitleStatus = filter_words($data['title']); if (!$filterTitleStatus['status']) { $this->error($filterTitleStatus['data'], $type); } $data['title'] = $filterTitleStatus['data']; $filterContentStatus = filter_words($data['content']); if (!$filterContentStatus['status']) { $this->error($filterContentStatus['data'], $type); } $data['content'] = addslashes($filterContentStatus['data']); $res = D('weiba_post')->add($data); if ($res) { D('Weiba')->setNewcount($weibaid); D('weiba')->where('weiba_id=' . $data['weiba_id'])->setInc('thread_count'); //同步到分享 // $feed_id = D('weibaPost')->syncToFeed($res,$data['title'],t($checkContent),$this->mid); $feed_id = model('Feed')->syncToFeed('weiba', $this->mid, $res); D('weiba_post')->where('post_id=' . $res)->setField('feed_id', $feed_id); //$this->assign('jumpUrl', U('weiba/Index/postDetail',array('post_id'=>$res))); //$this->success('发布成功'); $result['id'] = $res; $result['feed_id'] = $feed_id; //添加积分 model('Credit')->setUserCredit($this->mid, 'publish_topic'); //更新发帖数 D('UserData')->updateKey('weiba_topic_count', 1); if ($_GET['post_type'] == 'index') { $this->success('发布成功'); } else { return $this->ajaxReturn($result, '发布成功', 1); } } else { $this->error('发布失败,等待返回修改发布', $type); } }
<td align="right" nowrap="nowrap"><?php echo $metin[26]; ?> :</td> <td><?php echo $row_eoUsers['id']; ?> </td> </tr> <tr valign="baseline"> <td align="right" nowrap="nowrap"><label for="wall"> <?php echo $metin[597]; ?> :</label></td> <td bgcolor="#CCFFFF"><textarea name="wall" id="wall" cols="60" rows="8"><?php echo RemoveXSS($row_eoUsers['duvarYazisi']); ?> </textarea></td> </tr> <tr valign="baseline"> <td colspan="2" align="center" bgcolor="#CCFFFF" class="tabloAlt"><input type="submit" value="<?php echo $metin[25]; ?> " /> <input name="geri" type="button" id="geri" onclick="location.href = "dataFriendActions.php";" value="<?php echo $metin[28]; ?> " /></td> </tr> </table> <input type="hidden" name="MM_update" value="form3" />
} foreach ($_GET as $key => $value) { $_GET[$key] = RemoveXSS($value); } foreach ($_POST as $key => $value) { $_POST[$key] = RemoveXSS($value); } $typeid = 5; //景点栏目 require_once SLINEINC . "/listview.class.php"; if (isset($pageno)) { $pageno = intval(preg_replace("/[^\\d]/", '', $pageno)); } //当前页 ///没有设置,则默认为全部 $dest_id = RemoveXSS($dest_id); //防止跨站攻击 $attrid = $attrid ? $attrid : 0; //防止跨站攻击 $priceid = $priceid ? $priceid : 0; $sorttype = $sorttype ? $sorttype : 0; //这里增加子站判断 if ($GLOBALS['sys_child_webid'] != 0 && empty($dest_id)) { $dest_id = $GLOBALS['sys_child_webid']; } if (!is_numeric($dest_id)) { if ($dest_id != 'all') { $d_id = Helper_Archive::getDestIdByPinYin($dest_id); $dest_id = !empty($d_id) ? $d_id : $dest_id; } else { $dest_id = 0;
$siraYonu = $_SESSION["siraYonu2"] == "desc" ? "asc" : "desc"; $_SESSION["siraYonu2"] = $siraYonu; } else { $siraYonu = $_SESSION["siraYonu2"]; } } $sirAlan = temizle(isset($_GET['order']) ? $_GET['order'] : ""); if ($sirAlan != "") { $query_eoUsers = "SELECT * FROM eo_shoutbox {$filtr2} ORDER BY {$sirAlan} {$siraYonu}"; } else { $query_eoUsers = "SELECT * FROM eo_shoutbox {$filtr2} ORDER BY date DESC"; $sirAlan = "date"; } //echo $query_eoUsers ; if (!empty($_GET["upd"]) and $_GET["upd"] == "1") { $query_limit_eoUsers = "SELECT * FROM eo_shoutbox where messageid='" . RemoveXSS($_GET["messageid"]) . "'"; } else { $query_limit_eoUsers = sprintf("%s LIMIT %d, %d", $query_eoUsers, $startRow_eoUsers, $maxRows_eoUsers); } $eoUsers = mysql_query($query_limit_eoUsers, $yol) or die(mysql_error()); $row_eoUsers = mysql_fetch_assoc($eoUsers); $totalRows_eoUsers = mysql_num_rows($eoUsers); if (isset($_GET['totalRows_eoUsers'])) { $totalRows_eoUsers = $_GET['totalRows_eoUsers']; } else { $all_eoUsers = mysql_query($query_eoUsers); $totalRows_eoUsers = mysql_num_rows($all_eoUsers); } $totalPages_eoUsers = ceil($totalRows_eoUsers / $maxRows_eoUsers) - 1; $queryString_eoUsers = ""; if (!empty($_SERVER['QUERY_STRING'])) {
</div> <form name='register' id='register' method='get' action='contact_us_exe.php' class='form' style='margin-left:50px;'> <?if (strlen($_GET["missing_info"]) > 0) {?> <p><font color=#FF0000>Required information is missing</font></p> <div align="left"> <?}?> <?if (strlen($_GET["email_problem"]) > 0) {?> </div> <p align="left"><font color=#FF0000>The email address entered appears to be invalid</font></p> <p> <?}?> </p> <textarea name='comments' rows='8' cols='50'><?php echo RemoveXSS($_GET["comments"]); ?> </textarea> <p align="left"> </p> <div align="left"> <table width="370" border="0" align="left" cellpadding="2"> <tr> <td width="77" align="left" class="labelset"><div align="left"><span class="asterix">*</span>Name:</div></td> <td width="279"><input type='text' name='fullname' value="<?php echo formFieldSafe($_GET["fullname"]); ?> " class='field' style='width:250px;'></td> </tr> <tr> <td align="left" class="labelset"><div align="left"><span class="asterix">*</span>Email:</div></td>
echo $metin[478] . "<p class='ozetBilgi'>" . $bilg_6 . "</p>"; } $bilg_7 = sonBilgileriGetir("soru", $geceliKullID); if (!empty($bilg_7)) { echo $metin[644] . "<p class='ozetBilgi'>" . $bilg_7 . "</p>"; } if (empty($bilg_1) and empty($bilg_2) and empty($bilg_3) and empty($bilg_4) and empty($bilg_6) and empty($bilg_7)) { echo "<font id='uyari'>{$metin['586']}</font>"; } ?> </div> <div id="tab3" class="tabContent"> <?php //ARKADAS if (isset($_SESSION["seciliArkadas"])) { $seciliKisi = RemoveXSS($_SESSION["seciliArkadas"]); } else { $seciliKisi = ""; } if ($seciliKisi != "" and getUserName($seciliKisi) != "-") { echo "<p>{$metin['584']} : <strong><a href='profil.php?kim=" . $seciliKisi . "' rel='facebox'>" . getUserName($seciliKisi) . "</a></strong></p>"; $bil_1 = sonBilgileriGetir("sohbet", $seciliKisi); if (!empty($bil_1)) { echo $metin[474] . "<p class='ozetBilgi'>" . $bil_1 . "</p>"; } $bil_2 = sonBilgileriGetir("yorum", $seciliKisi); if (!empty($bil_2)) { echo $metin[475] . "<p class='ozetBilgi'>" . $bil_2 . "</p>"; } $bil_3 = sonBilgileriGetir("oy", $seciliKisi); if (!empty($bil_3)) {
function cevapSil($cevapID, $userID) { global $yol1, $tur, $currentFile; if (!empty($userID) && !empty($cevapID)) { if ($tur == "2" or cevapSahibi($cevapID) == $userID) { $sql2 = "DELETE FROM eo_askanswerrate \r\n\t\t\t\t\t WHERE cevapID = {$cevapID}"; $result2 = mysql_query($sql2, $yol1); $sql2 = "DELETE FROM eo_askanswer \r\n\t\t\t\t\t WHERE id = {$cevapID}"; $result2 = mysql_query($sql2, $yol1); if ($result2) { echo "Cevap ve oylar silindi."; trackUser($currentFile, "success,DelAnsw", RemoveXSS($_SESSION["usern"])); } else { echo "Cevap ve oylar silinemedi!"; trackUser($currentFile, "fail,DelAnsw", RemoveXSS($_SESSION["usern"])); } } } else { echo "Cevap ve oylar silinemiyor!"; } }
$_GET = XSSClean($_GET); $_POST = XSSClean($_POST); $_REQUEST = XSSClean($_REQUEST); $_COOKIE = XSSClean($_COOKIE); require_once dirname(__FILE__) . '/../include/common.inc.php'; require_once DEDEINC . '/filter.inc.php'; require_once DEDEINC . '/memberlogin.class.php'; require_once DEDEINC . '/dedetemplate.class.php'; //获得当前脚本名称,如果你的系统被禁用了$_SERVER变量,请自行更改这个选项 $dedeNowurl = $s_scriptName = ''; $dedeNowurl = GetCurUrl(); $dedeNowurls = explode('?', $dedeNowurl); $s_scriptName = $dedeNowurls[0]; $menutype = ''; $menutype_son = ''; $gourl = empty($gourl) ? "" : RemoveXSS($gourl); //检查是否开放会员功能 if ($cfg_mb_open == 'N') { ShowMsg("系统关闭了会员功能,因此你无法访问此页面!", "javascript:;"); exit; } $keeptime = isset($keeptime) && is_numeric($keeptime) ? $keeptime : -1; $cfg_ml = new MemberLogin($keeptime); //判断用户是否登录 $myurl = ''; if ($cfg_ml->IsLogin()) { $myurl = $cfg_memberurl . "/index.php?uid=" . urlencode($cfg_ml->M_LoginID); if (!preg_match("#^http:#i", $myurl)) { $myurl = $cfg_basehost . $myurl; } }
$sql = "update `mail` set new_mail=0 WHERE `mail_id`=" . $vid; mysql_query($sql); } //send mail page //send mail if (isset($_POST['to_user'])) { $to_user = $_POST['to_user']; $title = $_POST['title']; $content = $_POST['content']; $from_user = $_SESSION['user_id']; if (get_magic_quotes_gpc()) { $to_user = stripslashes($to_user); $title = stripslashes($title); $content = stripslashes($content); } $title = RemoveXSS($title); $to_user = mysql_real_escape_string($to_user); $title = mysql_real_escape_string($title); $content = mysql_real_escape_string($content); $from_user = mysql_real_escape_string($from_user); $sql = "select 1 from users where user_id='{$to_user}' "; $res = mysql_query($sql); if ($res && mysql_num_rows($res) < 1) { mysql_free_result($res); $view_title = "No Such User!"; } else { if ($res) { mysql_free_result($res); } $sql = "insert into mail(to_user,from_user,title,content,in_date)\n\t\t\t\t\t\tvalues('{$to_user}','{$from_user}','{$title}','{$content}',now())"; if (!mysql_query($sql)) {
print "</table>"; stdfoot(); die; break; case "forum": if ($enabletooltip_tweak == 'yes') { $showtooltipsetting = true; } else { $showtooltipsetting = false; } if ($type == 'save') { $updateset = array(); $avatars = $_POST["avatars"] != "" ? "yes" : "no"; $ttlastpost = $_POST["ttlastpost"] != "" ? "yes" : "no"; $signatures = $_POST["signatures"] != "" ? "yes" : "no"; $signature = htmlspecialchars(RemoveXSS(trim($_POST["signature"]))); $updateset[] = "topicsperpage = " . min(100, 0 + $_POST["topicsperpage"]); $updateset[] = "postsperpage = " . min(100, 0 + $_POST["postsperpage"]); $updateset[] = "avatars = " . sqlesc($avatars); if ($showtooltipsetting) { $updateset[] = "showlastpost = " . sqlesc($ttlastpost); } $updateset[] = "signatures = " . sqlesc($signatures); $clicktopic = $_POST["clicktopic"]; $updateset[] = "clicktopic = " . sqlesc($clicktopic); $updateset[] = "signature = " . sqlesc($signature); $query = "UPDATE users SET " . implode(",", $updateset) . " WHERE id =" . sqlesc($CURUSER["id"]); $result = sql_query($query); if (!$result) { sqlerr(__FILE__, __LINE__); } else {
<?php require_once dirname(__FILE__) . "/../include/common.inc.php"; require_once SLINEROOT . '/jieban/func.php'; require_once dirname(__FILE__) . '/config.php'; require_once SLINEINC . "/view.class.php"; $pv = new View($typeid); if (!isset($id)) { exit('Wrong Id'); } $id = RemoveXSS($id); //防止跨站攻击 $row = JieBan::getProductInfo($id); if (empty($row['id'])) { head404(); } if (is_array($row)) { JieBan::updateVisit($row['id']); $memberinfo = Helper_Archive::getMemberInfo($row['memberid']); $row['title'] = JieBan::getJiebanTitle($row); $row['kindnamelist'] = JieBan::getKindnameList($row, '-'); $row['membername'] = $memberinfo['nickname']; $row['memberlitpic'] = $memberinfo['litpic'] ? $memberinfo['litpic'] : $GLOBALS['cfg_templets_skin'] . '/images/member_default.gif'; $row['url'] = $GLOBALS['cfg_cmsurl'] . '/jieban/show_' . $row['id'] . '.html'; $row['attrlist'] = JieBan::getAttrList($row['attrid']); $row['joinnum'] = JieBan::getJoinNumber($row['id']); $row['memo'] = $row['memo'] == 'null' ? '' : $row['memo']; $row['vartime'] = empty($row['vartime']) ? 0 : $row['vartime']; $row['pkname'] = get_par_value($row['kindlist'], $typeid); $row['destid'] = array_remove_value($row['kindlist']); $row['pinyin'] = Helper_Archive::getDestPinyin($row['destid']);
<?php /** * @version $Id: index.php 1 8:24 2014年2月17日 netman $ * @package Smore.User */ require_once dirname(__FILE__) . "/config.php"; if (!$User->isLogin()) { header("Location: " . $cfg_cmsurl . "/member/login.php"); exit; } $uid = empty($uid) ? "" : RemoveXSS($uid); $pv = new View(0); //会员中心首页 if (!isset($dopost)) { Helper_Archive::loadModule('common'); $_model = new CommonModule('#@__member_order'); $pv->Fields['unpinlun'] = $_model->getCount("memberid='{$uid}' and ispinlun=0 and status=2 and pid=0"); //未评论订单数量 $pv->Fields['unpay'] = $_model->getCount("memberid='{$uid}' and ispay=0 and pid=0"); //未付款 $pv->Fields['complete'] = $_model->getCount("memberid='{$uid}' and status=2 and pid=0"); //已完成 $userinfo = $User->getInfoByMid($uid); foreach ($userinfo as $key => $value) { $pv->Fields[$key] = $value; } $pv->Fields['litpic'] = empty($pv->Fields['litpic']) ? $GLOBALS['cfg_templets_skin'] . '/images/member_default.gif' : $pv->Fields['litpic']; $pv->SetTemplet(MEMBERTEMPLET . "index.htm"); $pv->Display(); exit;
yorumGonder: kullanýcý adý,konu no ve yorum kullanýcý adý ile belli bir konuya yorum eklenir */ function yorumGonder($userID, $konuID, $yorum) { global $yol1; $datem = date("Y-n-j H:i:s"); if (!empty($yorum) && !empty($konuID) && !empty($userID)) { $yorum = iconv("UTF-8", "ISO-8859-9", $yorum); $uyeTur = getUserType($_SESSION["usern"]); //üye öðretmen veya yönetici ise onay ver if ($uyeTur >= 1) { $sql2 = "insert into eo_comments VALUES (NULL , '{$userID}', '{$konuID}' , '{$yorum}', '{$datem}' , 1)"; } else { $sql2 = "insert into eo_comments VALUES (NULL , '{$userID}', '{$konuID}' , '{$yorum}', '{$datem}' , 0)"; } $result2 = mysql_query($sql2, $yol1); return $result2; } return false; } $yorumGel = str_replace("'", "`", $_POST['yorum']); if (isset($_POST['yorum']) && !empty($_POST['yorum']) && getUserIDcomment($_SESSION["usern"], $_SESSION["userp"]) != "") { if (yorumGonder(getUserIDcomment($_SESSION["usern"], $_SESSION["userp"]), temizle($_POST['konu']), RemoveXSS($yorumGel))) { echo iconv("ISO-8859-9", "UTF-8", $metin[293]); } else { echo "Error!"; } } else { echo ""; }
header("Content-Type: image/gif"); } elseif (file_ext($dosya) == "jpeg") { header("Content-Type: image/jpeg"); } echo $content; downloadSayac(RemoveXSS($_GET["id"])); die(''); } else { header('Content-Type: application/octet-stream'); //header('Content-type: application/force-download'); header('Content-Disposition: attachment; filename="' . $dosya . '"'); header('Content-Length: ' . (string) filesize($physicalFileName)); header('Cache-Control: no-store, no-cache, must-revalidate'); header('Pragma: no-cache'); header('Expires: 0'); downloadSayac(RemoveXSS($_GET["id"])); //readfile($physicalFileName); flush(); $download_rate = 1; // set the download rate limit (=> 1024 kb/s) $file = fopen($physicalFileName, "r"); while (!feof($file)) { print fread($file, round($download_rate * 1024)); //flush(); //sleep(1); } flush(); // close file stream fclose($file); die(""); }
} } //会员的默认金币 $dfscores = 0; $dfmoney = 0; $dfrank = $dsql->GetOne("SELECT money,scores FROM `#@__arcrank` WHERE rank='10' "); if (is_array($dfrank)) { $dfmoney = $dfrank['money']; $dfscores = $dfrank['scores']; } $jointime = time(); $logintime = time(); $joinip = GetIP(); $loginip = GetIP(); $pwd = md5($userpwd); $mtype = RemoveXSS(HtmlReplace($mtype, 1)); $safeanswer = HtmlReplace($safeanswer); $safequestion = HtmlReplace($safequestion); $spaceSta = $cfg_mb_spacesta < 0 ? $cfg_mb_spacesta : 0; $inQuery = "INSERT INTO `#@__member` (`mtype` ,`userid` ,`pwd` ,`uname` ,`sex` ,`rank` ,`money` ,`email` ,`scores` ,\n `matt`, `spacesta` ,`face`,`safequestion`,`safeanswer` ,`jointime` ,`joinip` ,`logintime` ,`loginip` )\n VALUES ('{$mtype}','{$userid}','{$pwd}','{$uname}','{$sex}','10','{$dfmoney}','{$email}','{$dfscores}',\n '0','{$spaceSta}','','{$safequestion}','{$safeanswer}','{$jointime}','{$joinip}','{$logintime}','{$loginip}'); "; if ($dsql->ExecuteNoneQuery($inQuery)) { $mid = $dsql->GetLastID(); //写入默认会员详细资料 if ($mtype == '个人') { $space = 'person'; } else { if ($mtype == '企业') { $space = 'company'; } else { $space = 'person'; }
$content['subject'] = ''; $content['sender'] = ''; if ($_POST['owner'] && $_POST['title'] && $_POST['message']) { $title = trim($_POST['title']); $message = my_preview($_POST['message']); $sender_id = $user['id']; $sender_ip = $user['ip']; $owner_id = $auth->getid($_POST['owner']); if ($owner_id > 0) { $DB->query("INSERT INTO `pms` (`owner_id`,`subject`,`message`,`sender_id`,`posted`,`sender_ip`)\r\n VALUES (?d,?,?,?d,?d,?)", $owner_id, $title, $message, $sender_id, time(), $sender_ip); redirect('index.php?n=account&sub=pms', 1); } else { output_message('alert', $lang['no_such_addr']); } } if ($_GET['reply']) { $content = $DB->selectRow("SELECT pms.*, account.username AS sender FROM pms LEFT JOIN account ON pms.sender_id=account.id WHERE owner_id=?d AND pms.id=?d", $user['id'], $_GET['reply']); $content['message'] = '[blockquote="' . $content['sender'] . ' | ' . date('d-m-Y, H:i:s', $content['posted']) . '"] ' . my_previewreverse($content['message']) . '[/blockquote]'; $pathway_info[] = array('title' => $lang['post_reply_to'] . '"' . $content['subject'] . '"', 'link' => ''); $content['subject'] = '[re:] ' . $content['subject']; } else { $pathway_info[] = array('title' => $lang['newmessage'], 'link' => ''); if ($_GETVARS['to']) { $content['sender'] = RemoveXSS($_GETVARS['to']); } if ($_GETVARS['topic']) { $content['subject'] = RemoveXSS($_GETVARS['topic']); } } } }
} } else { if ($fmdo == 'moodmsg') { //用户登录 if ($dopost == "sendmsg") { if (!empty($content)) { $ip = GetIP(); $dtime = time(); $ischeck = $cfg_mb_msgischeck == 'Y' ? 0 : 1; if ($cfg_soft_lang == 'gb2312') { $content = utf82gb(nl2br($content)); } $content = cn_substrR(HtmlReplace($content, 1), 360); //对表情进行解析 $content = addslashes(preg_replace("/\\[face:(\\d{1,2})\\]/is", "<img src='" . $cfg_memberurl . "/templets/images/smiley/\\1.gif' style='cursor: pointer; position: relative;'>", $content)); $content = RemoveXSS($content); $inquery = "INSERT INTO `#@__member_msg`(`mid`,`userid`,`ip`,`ischeck`,`dtime`, `msg`)\n VALUES ('{$cfg_ml->M_ID}','{$cfg_ml->M_LoginID}','{$ip}','{$ischeck}','{$dtime}', '{$content}'); "; $rs = $dsql->ExecuteNoneQuery($inquery); if (!$rs) { $output['type'] = 'error'; $output['data'] = '更新失败,请重试.'; exit; } $output['type'] = 'success'; if ($cfg_soft_lang == 'gb2312') { $content = utf82gb(nl2br($content)); } $output['data'] = stripslashes($content); exit(json_encode($output)); } }
function getprofile($acct_id = false) { $res = $this->DB->selectRow("\r\n SELECT * FROM account\r\n LEFT JOIN account_extend ON account.id=account_extend.account_id\r\n LEFT JOIN account_groups ON account_extend.g_id=account_groups.g_id\r\n WHERE id=?d", $acct_id); return RemoveXSS($res); }
$tag = RemoveXSS($tag); //防止跨站攻击 $sql = "select tagname from #@__tmptag where id='{$tag}' and webid='0'"; $row = $dsql->GetOne($sql); $tagword = $row['tagname']; $alllist['tag'] = $tag; if ($tagword != "") { $alllist['seotitle'] = $tagword . "相关信息"; $alllist['tagname'] = $tagword . "相关信息"; } else { $alllist['seotitle'] = "查询不到相关内容"; $alllist['tagname'] = "<span style='color:red;'>查找不出相关的tag信息</span>"; } //listid为栏目typeid if (isset($listid) && $listid != 0) { $listid = RemoveXSS($listid); //防止跨站攻击 $pv = new View($typeid); require_once SLINEINC . "/listview.class.php"; $sql = "select shortname from #@__nav where typeid={$listid} and webid=0"; $row = $dsql->GetOne($sql); $alllist['seotitle'] = $tagword . "-" . $row['shortname'] . "相关信息"; if ($listid == 10) { $listid = 7; } $article = ""; if (!$tagword == "") { $where = " where webid=0 and tagword like '%{$tagword}%'"; $listid = $listid != '10' ? $listid : 7; $sql = "select {$name[$listid]} as name,aid from #@__{$lanmu[$listid]} {$where} order by aid desc"; $dsql->SetQuery($sql);
function make_clean(&$var, $gpc = false) { if (is_array($var)) { foreach ($var as $key => $val) { make_clean($var[$key], $gpc); } } else { if ($gpc) { $var = stripslashes($var); } if (!isset($_SERVER['SCRIPT_FILENAME']) || basename($_SERVER['SCRIPT_FILENAME']) != 'tiki-admin.php') { $var = RemoveXSS($var); } } }
<?php require_once dirname(__FILE__) . "/../include/common.inc.php"; require_once dirname(__FILE__) . "/linecontent.php"; $typeid = 1; //线路栏目 require_once SLINEINC . "/view.class.php"; $pv = new View($typeid); if (!isset($aid)) { exit('Wrong Id'); } $aid = RemoveXSS($aid); //防止跨站攻击 $sql = "select * from #@__line where webid=0 and aid={$aid}"; $row = $dsql->GetOne($sql); if (empty($row[id])) { head404(); } if (is_array($row)) { if (!empty($row['storeprice']) || $row['storeprice'] > $row['price']) { $row['cheap'] = $row['storeprice'] - $row['price']; } else { $row['cheap'] = 0; } $row['price'] = !empty($row['price']) ? "<span class=\"rmb_1\">¥</span>" . $row['price'] . "</span>" : "电询</span>"; $row['storeprice'] = !empty($row['storeprice']) ? $row['storeprice'] . "</span>" : "无</span>"; $row['litpic'] = empty($row['litpic']) ? getDefaultImage() : $row['litpic']; $row['description'] = !empty($row['description']) ? "<meta name=\"description\" content=\"" . $row['description'] . "\"/>" : ""; $row['keywords'] = !empty($row['keyword']) ? "<meta name=\"keywords\" content=\"" . $row['keyword'] . "\"/>" : ""; $row['subname'] = $row['title']; $row['id'] = strlen($row['id']) == 1 ? "0" . $row['id'] : $row['id'];
* @link http://www.dedecms.com */ if (!defined('DEDEMEMBER')) { exit('dedecms'); } //检查是否开放会员功能 if ($cfg_mb_open == 'N') { ShowMsg("系统关闭了会员功能,因此你无法访问此页面!", "javascript:;"); exit; } //对uid进行过滤 if (preg_match("/'/", $uid)) { ShowMsg("您的用户名中含有非法字符!", "-1"); exit; } else { $uid = RemoveXSS($uid); } $_vars = GetUserSpaceInfos(); $_vars['bloglinks'] = $_vars['curtitle'] = ''; //--------------------------- //用户权限检查 //被禁言用户 if ($_vars['spacesta'] == -2) { ShowMsg("用户:{$_vars['userid']} 被禁言,因此个人空间禁止访问!", "-1"); exit; } //未审核用户 if ($_vars['spacesta'] < 0) { ShowMsg("用户:{$_vars['userid']} 的资料尚未通过审核,因此空间禁止访问!", "-1"); exit; }