Esempio n. 1
0
File: search.php Progetto: hxer/ctf
<?php 
include 'common.php';
header('Content-type:text/html;charset=utf');
mysql_conn();
?>

<p>

    为什么会有这认证码呢,是因为上次小明的老板来巡视的时候,发现这个系统储存了很多重要的信息,所以他希望这个系统变得更安全,然后他就啪啪啪的写了几行代码,<br>
    然后就让自己的qq号变成了认证码了.<br>
    虽然这让系统变得更安全,但是就苦了我们的小明了. 因为老板的qq号是个垃圾号, 十分的难记. 每次登陆系统的时候,小明就必须去翻一下本地的记录,找到qq号.<br>
但是时间长了,小明实在觉得很烦, 就决定把老板的qq号记录进数据库,然后每次就进去这个界面,用某种不为人知的方法来得到qq号.<br>
</p>

<center><form action="search.php" method="POST">
<input type="text" name="search">
<input type="submit" value="Search"></center>
<br>

<?php 
if (!empty($search)) {
    $result = mysql_fetch_array(mysql_query("select qq from qq where qq like '{$search}'"));
    mysql_close();
    if ($result) {
        echo "<center style=\"font-size:36px; color:red\">{$result['qq']}</center>";
    } else {
        echo "<center style=\"font-size:36px; color:red\">无此记录</center>";
    }
}
?>
<center><a href="login.php?act=login">再次尝试登录。</a></center>
Esempio n. 2
0
<?php

$conn = mysql_connect(localhost, sairam, sairam);
if (!$conn) {
    die('Could not connect: ' . mysql_error());
}
$sql = 'INSERT INTO mentee ' . '(Name,Marks) ' . 'VALUES (uname,marks)';
mysql_conn($conn);
Esempio n. 3
0
function text_analyser()
{
    try {
        $brstr = "<br />";
        mysql_conn();
        $id = -1;
        if (isset($_GET['id']) && $_GET['id'] != "") {
            $id = (int) $_GET['id'];
        }
        if ($id < 1) {
            break;
        }
        $query = "SELECT raw ";
        $query .= "FROM texts WHERE id={$id};";
        $result = mysql_query($query);
        if (!$result) {
            die(json_encode('Invalid query: ' . mysql_error()));
        } else {
            // analyse
            $text = mysql_fetch_assoc($result)['raw'];
            $offset = 0;
            $text_count = 1;
            $i = true;
            $insert_result = true;
            while (!($i === false)) {
                $i = strpos($text, $brstr, $offset);
                if ($i === false) {
                    $str = mysql_real_escape_string(substr($text, $offset));
                } else {
                    $str = mysql_real_escape_string(substr($text, $offset, $i - $offset));
                }
                $query = "INSERT INTO sentences (text,sequence,raw) VALUES ";
                $query .= " ( {$id}, {$text_count}, \"{$str}\" );";
                $result = mysql_query($query);
                if (!$result) {
                    $insert_result = false;
                }
                $offset = $i + strlen($brstr);
                $text_count++;
            }
            if ($insert_result) {
                $query = "UPDATE texts SET processed=1 WHERE id={$id};";
                $insert_result = mysql_query($query);
            }
            $return["msg"] = $insert_result;
        }
    } catch (Exception $e) {
        if (isset($query)) {
            $return['query'] = $query;
        }
        $return["error"] = $e->getMessage();
    }
    return $return;
}
Esempio n. 4
0
<?php

// MySQL settings
$c['mysql_address'] = 'localhost';
$c['mysql_port'] = '3306';
$c['mysql_username'] = '******';
$c['mysql_password'] = '';
$c['mysql_db'] = 'releases';
$c['mysql_conn'] = mysql_conn($c['mysql_address'], $c['mysql_username'], $c['mysql_password'], $c['mysql_db']);
$sql = "SELECT nfo FROM nfos WHERE releaseid = '" . mysql_escape($_GET['id']) . "' AND timeout >= " . time() . "";
$nfo = sql_single($sql);
if ($nfo == null) {
    die;
}
print_nfo(base64_decode($nfo));
function mysql_conn($host, $user, $pass, $db)
{
    $conn = mysql_connect($host, $user, $pass);
    if (!$conn) {
        die('Unable to connect mysql server: ' . mysql_error());
    }
    if (!mysql_select_db($db, $conn)) {
        die('Unable to select database: ' . mysql_error());
    }
    return $conn;
}
function sql_single($sql)
{
    $results = mysql_query($sql);
    $x = 0;
    while ($row = mysql_fetch_array($results)) {
Esempio n. 5
0
<?php

$dbHost = "localhost";
$dbUsername = "******";
$dbPassword = "******";
$dbName = "mks_data";
function mysql_conn($dbhost, $dbusername, $dbpassword, $dbname)
{
    global $conn;
    $conn = new mysqli($dbhost, $dbusername, $dbpassword, $dbname);
    if ($conn->connect_error) {
        die("Connection Aborted : " . $conn->connect_error);
    }
}
mysql_conn($dbHost, $dbUsername, $dbPassword, $dbName);