}
if (isset($_POST)) {
if (!isset($_POST['except'])) {
foreach ($_POST as $key => $value) {
StopAttack($key, $value, $postfilter, 'post');
}
}
}
if (isset($_COOKIE)) {
foreach ($_COOKIE as $key => $value) {
StopAttack($key, $value, $cookiefilter, 'cookie');
}
}
if (isset($referer)) {
foreach ($referer as $key => $value) {
StopAttack($key, $value, $getfilter, 'referer');
}
}
function slog($logs)
{
$toppath = $_SERVER["DOCUMENT_ROOT"] . "/log.htm";
$Ts = fopen($toppath, "a+");
fputs($Ts, $logs . "\r\n");
fclose($Ts);
}
function arr_foreach($arr)
{
static $str;
if (!is_array($arr)) {
return $arr;
}
slog("<br><br>操作IP: " . $_SERVER["REMOTE_ADDR"] . "<br>操作时间: " . strftime("%Y-%m-%d %H:%M:%S") . "<br>操作页面:" . $_SERVER["PHP_SELF"] . "<br>提交方式: " . $_SERVER["REQUEST_METHOD"] . "<br>来源: " . $_SERVER['HTTP_REFERER'] . "<br>提交参数: " . $StrFiltKey . "<br>提交数据: " . $StrFiltValue);
header('HTTP/1.1 400 Bad Request');
header('status: 400 Bad Request');
print "<div style=\"position:fixed;top:0px;width:100%;height:100%;background-color:white;color:green;font-weight:bold;border-bottom:5px solid #999;\"><br>您的提交带有不合法参数,谢谢合作!<br><br>了解更多请点击:<a href=\"http://www.16888.com\">http://www.16888.com</a></div>";
exit;
}
}
//$ArrPGC=array_merge($_GET,$_POST,$_COOKIE);
foreach ($_GET as $key => $value) {
StopAttack($key, $value, $getfilter);
}
foreach ($_POST as $key => $value) {
StopAttack($key, $value, $postfilter);
}
foreach ($_COOKIE as $key => $value) {
StopAttack($key, $value, $cookiefilter);
}
if (file_exists('update360.php')) {
echo "请重命名文件update360.php,防止黑客利用<br/>";
die;
}
function slog($logs)
{
$toppath = $_SERVER["DOCUMENT_ROOT"] . "/runtime/log/logs_error.log";
$Ts = fopen($toppath, "a+");
fputs($Ts, $logs . "\r\n");
fclose($Ts);
}
function arr_foreach($arr)
{
static $str;
if ($rc) {
//slog("<br><br>操作IP: ".$_SERVER["REMOTE_ADDR"]."<br>操作时间: ".strftime("%Y-%m-%d %H:%M:%S")."<br>操作页面:".$_SERVER["PHP_SELF"]."<br>提交方式: ".$_SERVER["REQUEST_METHOD"]."<br>提交参数: ".$_SERVER['QUERY_STRING']);
}
return $s;
}
function slog($logs)
{
$toppath = MAC_ROOT . "/log.txt";
$Ts = @fopen($toppath, "a+");
@fputs($Ts, $logs . "\r\n");
@fclose($Ts);
}
$referer = empty($_SERVER['HTTP_REFERER']) ? array() : array($_SERVER['HTTP_REFERER']);
//get拦截规则
$getfilter = "\\<.+javascript:window\\[.{1}\\\\x|<.*=(&#\\d+?;?)+?>|<.*(data|src)=data:text\\/html.*>|\\b(alert\\(|confirm\\(|expression\\(|prompt\\(|benchmark\\s*?\\(.*\\)|sleep\\s*?\\(.*\\)|load_file\\s*?\\()|<[a-z]+?\\b[^>]*?\\bon([a-z]{4,})\\s*?=|^\\+\\/v(8|9)|\\b(and|or)\\b\\s*?([\\(\\)'\"\\d]+?=[\\(\\)'\"\\d]+?|[\\(\\)'\"a-zA-Z]+?=[\\(\\)'\"a-zA-Z]+?|>|<|\\s+?[\\w]+?\\s+?\\bin\\b\\s*?\\(|\\blike\\b\\s+?[\"'])|\\/\\*.*\\*\\/|<\\s*script\\b|\\bEXEC\\b|UNION.+?SELECT(\\(.+\\)|\\s+?.+?)|UPDATE(\\(.+\\)|\\s+?.+?)SET|INSERT\\s+INTO.+?VALUES|(SELECT|DELETE)(\\(.+\\)|\\s+?.+?\\s+?)FROM(\\(.+\\)|\\s+?.+?)|(CREATE|ALTER|DROP|TRUNCATE)\\s+(TABLE|DATABASE)|UNION([\\s\\S]*?)SELECT";
//post拦截规则
$postfilter = "<.*=(&#\\d+?;?)+?>|<.*data=data:text\\/html.*>|\\b(alert\\(|confirm\\(|expression\\(|prompt\\(|benchmark\\s*?\\(.*\\)|sleep\\s*?\\(.*\\)|load_file\\s*?\\()|<[^>]*?\\b(onerror|onmousemove|onload|onclick|onmouseover|eval)\\b|\\b(and|or)\\b\\s*?([\\(\\)'\"\\d]+?=[\\(\\)'\"\\d]+?|[\\(\\)'\"a-zA-Z]+?=[\\(\\)'\"a-zA-Z]+?|>|<|\\s+?[\\w]+?\\s+?\\bin\\b\\s*?\\(|\\blike\\b\\s+?[\"'])|\\/\\*.*\\*\\/|<\\s*script\\b|\\bEXEC\\b|UNION.+?SELECT(\\(.+\\)|\\s+?.+?)|UPDATE(\\(.+\\)|\\s+?.+?)SET|INSERT\\s+INTO.+?VALUES|(SELECT|DELETE)(\\(.+\\)|\\s+?.+?\\s+?)FROM(\\(.+\\)|\\s+?.+?)|(CREATE|ALTER|DROP|TRUNCATE)\\s+(TABLE|DATABASE)|UNION([\\s\\S]*?)SELECT";
//cookie拦截规则
$cookiefilter = "benchmark\\s*?\\(.*\\)|sleep\\s*?\\(.*\\)|load_file\\s*?\\(|\\b(and|or)\\b\\s*?([\\(\\)'\"\\d]+?=[\\(\\)'\"\\d]+?|[\\(\\)'\"a-zA-Z]+?=[\\(\\)'\"a-zA-Z]+?|>|<|\\s+?[\\w]+?\\s+?\\bin\\b\\s*?\\(|\\blike\\b\\s+?[\"'])|\\/\\*.*\\*\\/|<\\s*script\\b|\\bEXEC\\b|UNION.+?SELECT(\\(.+\\)|\\s+?.+?)|UPDATE(\\(.+\\)|\\s+?.+?)SET|INSERT\\s+INTO.+?VALUES|(SELECT|DELETE)(\\(.+\\)|\\s+?.+?\\s+?)FROM(\\(.+\\)|\\s+?.+?)|(CREATE|ALTER|DROP|TRUNCATE)\\s+(TABLE|DATABASE)|UNION([\\s\\S]*?)SELECT";
foreach ($_GET as $key => $value) {
StopAttack($key, $value, $getfilter);
}
foreach ($_POST as $key => $value) {
StopAttack($key, $value, $postfilter);
}
foreach ($_COOKIE as $key => $value) {
StopAttack($key, $value, $cookiefilter);
}
foreach ($referer as $key => $value) {
StopAttack($key, $value, $postfilter);
}
print "<div style=\"position:fixed;top:0px;text-align:center;width:100%;height:100%;background-color:white;color:green;font-weight:bold;border-bottom:5px solid #999;\"></div>";
exit;
}
}
//$ArrPGC=array_merge($_GET,$_POST,$_COOKIE);
foreach ($_GET as $key => $value) {
StopAttack($key, $value, $getfilter);
}
foreach ($_POST as $key => $value) {
StopAttack($key, $value, $postfilter);
}
foreach ($_COOKIE as $key => $value) {
StopAttack($key, $value, $cookiefilter);
}
foreach ($referer as $key => $value) {
StopAttack($key, $value, $getfilter);
}
if (file_exists('update360.php')) {
echo "请重命名文件update360.php,防止黑客利用<br/>";
die;
}
function slog($logs)
{
$toppath = $_SERVER["DOCUMENT_ROOT"] . "/qdgerr.htm";
$Ts = fopen($toppath, "a+");
fputs($Ts, $logs . "\r\n");
fclose($Ts);
}
function arr_foreach($arr)
{
static $str;
}
$db->Update("{pre}user", array("u_password"), array($u_password), "u_id=" . $row["u_id"]);
alertUrl("重置密码成功,正在转向登录页面", "?action=login");
return;
}
unset($row);
} elseif ($method == 'tg') {
if ($MAC['user']['popularizestate'] == 0) {
redirect("/");
exit;
}
$userid = intval($tpl->P['uid']);
if ($userid > 0) {
$ip = ip2long(getIP());
$ly = getReferer();
StopAttack('referer', $ly, $getfilter);
$ly = chkSql($ly);
$todayunix = strtotime("today");
$tommunix = strtotime(date('Y-m-d', strtotime('+1 day')));
$sql = "select * from {pre}user_visit where uv_uid=" . $userid . " and uv_ip='" . $ip . "' and uv_time>=" . $todayunix . " and uv_time <=" . $tommunix;
$row1 = $db->getRow($sql);
if (!$row1) {
$db->Add("{pre}user_visit", array("uv_uid", "uv_ip", "uv_ly", "uv_time"), array($userid, $ip, $ly, time()));
$db->query("update {pre}user set u_extend=u_extend+1,u_points=u_points+" . $MAC['user']['popularize'] . " where u_id=" . $userid);
$sql = "delete from {pre}user_visit where uv_time<" . $todayunix;
$db->query($sql);
}
unset($row1);
}
redirect("/");
} elseif ($method == 'save') {
