Exemplo n.º 1
0
function handleScanUrlList($httpurl, $urlList)
{
    $splstr = '';
    $url = '';
    $c = '';
    $lCaseUrl = '';
    $splstr = aspSplit($urlList, vbCrlf());
    foreach ($splstr as $key => $url) {
        $url = PHPTrim($url);
        $lCaseUrl = lCase($url);
        if ($url != '' && left($url, 10) != 'tencent://' && left($url, 11) != 'javascript:' && left($url, 1) != '#') {
            $url = fullHttpUrl($httpurl, $url);
            if (inStr(vbCrlf() . $c . vbCrlf(), vbCrlf() . $url . vbCrlf()) == false) {
                $c = $c . $url . vbCrlf();
            }
        }
    }
    $handleScanUrlList = $c;
    return @$handleScanUrlList;
}
Exemplo n.º 2
0
function getSqlInUrl($httpurl, $content, $sType)
{
    $splStr = '';
    $i = '';
    $s = '';
    $s2 = '';
    $s3 = '';
    $c = '';
    $url = '';
    $TempUrl = '';
    $ArrUrl = aspArray(99);
    $UrlList = '';
    $pageUrl = '';
    $nLen = '';
    $splxx = '';
    $content = getAURL($content);
    $splStr = aspSplit($content, vbCrlf());
    foreach ($splStr as $key => $url) {
        if ($url != '') {
            $TempUrl = $url;
            if (inStr($url, '?') > 0) {
                $c = $c . $url . vbCrlf();
                $url = handlSqlInUrl($url);
                $nLen = inStr(vbCrlf() . $UrlList, vbCrlf() . $url . '【】');
                if ($nLen > 0) {
                    $s = mid($UrlList, $nLen, -1);
                    $s = mid($s, 1, inStr($s, vbCrlf()) - 1);
                    $splxx = aspSplit($s, '【】');
                    $s2 = $splxx[0];
                    $s3 = $splxx[1] + 1;
                    $UrlList = replace($UrlList, $s, $s2 . '【】' . $s3 . '【】' . $splxx[2]);
                    $pageUrl = $url;
                } else {
                    $UrlList = $UrlList . $url . '【】0【】' . fullHttpUrl($httpurl, $TempUrl) . vbCrlf();
                }
            }
        }
    }
    $splStr = aspSplit($UrlList, vbCrlf());
    foreach ($splStr as $key => $s) {
        if (inStr($s, '【】') > 0) {
            $splxx = aspSplit($s, '【】');
            if ($s3 > 0) {
                if ($sType == '注入') {
                    $ArrUrl[$splxx[1]] = $splxx[2];
                } else {
                    $ArrUrl[$splxx[1]] = $splxx[0] . '    |   ' . $splxx[2];
                }
            }
        }
    }
    $c = '';
    for ($i = 99; $i >= 0; $i--) {
        if ($ArrUrl[$i] != '') {
            if ($sType == '注入') {
                $c = $c . $ArrUrl[$i] . vbCrlf();
            } else {
                $c = $c . $ArrUrl[$i] . ',   出现[' . $i . ']次<br>';
            }
        }
    }
    $getSqlInUrl = $c;
    return @$getSqlInUrl;
}