function handleScanUrlList($httpurl, $urlList)
{
$splstr = '';
$url = '';
$c = '';
$lCaseUrl = '';
$splstr = aspSplit($urlList, vbCrlf());
foreach ($splstr as $key => $url) {
$url = PHPTrim($url);
$lCaseUrl = lCase($url);
if ($url != '' && left($url, 10) != 'tencent://' && left($url, 11) != 'javascript:' && left($url, 1) != '#') {
$url = fullHttpUrl($httpurl, $url);
if (inStr(vbCrlf() . $c . vbCrlf(), vbCrlf() . $url . vbCrlf()) == false) {
$c = $c . $url . vbCrlf();
}
}
}
$handleScanUrlList = $c;
return @$handleScanUrlList;
}
function getSqlInUrl($httpurl, $content, $sType)
{
$splStr = '';
$i = '';
$s = '';
$s2 = '';
$s3 = '';
$c = '';
$url = '';
$TempUrl = '';
$ArrUrl = aspArray(99);
$UrlList = '';
$pageUrl = '';
$nLen = '';
$splxx = '';
$content = getAURL($content);
$splStr = aspSplit($content, vbCrlf());
foreach ($splStr as $key => $url) {
if ($url != '') {
$TempUrl = $url;
if (inStr($url, '?') > 0) {
$c = $c . $url . vbCrlf();
$url = handlSqlInUrl($url);
$nLen = inStr(vbCrlf() . $UrlList, vbCrlf() . $url . '【】');
if ($nLen > 0) {
$s = mid($UrlList, $nLen, -1);
$s = mid($s, 1, inStr($s, vbCrlf()) - 1);
$splxx = aspSplit($s, '【】');
$s2 = $splxx[0];
$s3 = $splxx[1] + 1;
$UrlList = replace($UrlList, $s, $s2 . '【】' . $s3 . '【】' . $splxx[2]);
$pageUrl = $url;
} else {
$UrlList = $UrlList . $url . '【】0【】' . fullHttpUrl($httpurl, $TempUrl) . vbCrlf();
}
}
}
}
$splStr = aspSplit($UrlList, vbCrlf());
foreach ($splStr as $key => $s) {
if (inStr($s, '【】') > 0) {
$splxx = aspSplit($s, '【】');
if ($s3 > 0) {
if ($sType == '注入') {
$ArrUrl[$splxx[1]] = $splxx[2];
} else {
$ArrUrl[$splxx[1]] = $splxx[0] . ' | ' . $splxx[2];
}
}
}
}
$c = '';
for ($i = 99; $i >= 0; $i--) {
if ($ArrUrl[$i] != '') {
if ($sType == '注入') {
$c = $c . $ArrUrl[$i] . vbCrlf();
} else {
$c = $c . $ArrUrl[$i] . ', 出现[' . $i . ']次<br>';
}
}
}
$getSqlInUrl = $c;
return @$getSqlInUrl;
}
