function traversal($jkdir, $suffix = '[A-Za-z]*', $jump = null)
{
global $filenamearray;
//$hand=@dir($jkdir);
$hand = opendir($jkdir);
//while ($file=$hand->read())
while ($file = readdir($hand)) {
$filename = $jkdir . '/' . $file;
if (@is_dir($filename) && $file != '.' && $file != '..' && $file != './..') {
if ($jump != null) {
$filefrist = str_replace('../', '', $filename);
$filefrist = explode('/', $filefrist);
if (preg_match_all("/^({$jump})\$/", $filefrist[0], $out)) {
continue;
}
}
traversal($filename, $suffix, $jump);
} else {
if ($file != '.' && $file != '..' && $file != './..' && preg_match_all("/\\.({$suffix})/i", $filename, $out)) {
$str = file_get_contents($filename);
$str = str_replace(array("\n", "\r", "\t", " "), '', $str);
$filesize = strlen($str);
//$filename=str_replace('../','',$filename);
$info = pathinfo($filename);
if (stristr(PHP_OS, "WIN")) {
$filename = iconv("gbk", "utf-8", $filename);
}
$filenamearray[$filename]['source'] = 1;
$filenamearray[$filename]['filesize'] = $filesize;
}
}
}
}
public function dogetfile()
{
global $_M;
$filearray = traversal(PATH_WEB . '/upload/', 'jpg|png|gif|jpeg|bmp', '((\\/upload\\/[0-9]{6}\\/thumb)|(\\/upload\\/[0-9]{6}\\/thumb_dis)|(\\/upload\\/[0-9]{6}\\/watermark)|(\\/upload\\/thumb_src)|(\\/upload\\/files)|(\\/upload\\/images)|(\\/upload\\/_thumb))');
//_thumbs
foreach ($filearray as $val) {
$img_info = getimagesize(PATH_WEB . $val);
$img_name = pathinfo(PATH_WEB . $val);
$info['name'] = $img_name['basename'];
$info['path'] = $val;
$info['value'] = '..' . $val;
$info['x'] = $img_info[0];
$info['y'] = $img_info[1];
$info['time'] = filemtime(PATH_WEB . $val);
$array[] = $info;
}
$arrays = arr_sort($array, 'time', SORT_DESC);
echo jsonencode($arrays);
}
function traversal($module, $defModules, $basePath, $type, &$arrFiles)
{
$moduleDef = $defModules->{$module};
if (isset($moduleDef->{$type})) {
//js
$arrDepFiles = array_reverse($moduleDef->{$type});
foreach ($arrDepFiles as $idx => $defFile) {
if (!in_array($defFile, $arrFiles)) {
array_unshift($arrFiles, $basePath . $defFile);
}
}
}
if (isset($moduleDef->dependencies)) {
$arrDependencies = $moduleDef->dependencies;
if (is_array($arrDependencies)) {
foreach ($arrDependencies as $idx => $dep) {
traversal($dep, $defModules, $basePath, $type, $arrFiles);
}
}
}
}
function traversal($jkdir)
{
global $allfileunm, $filenamearray;
$hand = opendir($jkdir);
if (!isset($allfileunm)) {
$allfileunm = 0;
}
while ($file = readdir($hand)) {
$filename = $jkdir . '/' . $file;
if (@is_dir($filename) && $file != '.' && $file != '..' && $file != './..') {
$allfileunm++;
traversal($filename, $cache, 0);
} else {
if ($file != '.' && $file != '..' && $file != './..') {
$allfileunm++;
$filenamearray[] = $filename;
}
}
}
return $allfileunm;
}
function dangerfun($jkdir, $danger, $suffix, $trust)
{
global $filenamearray, $physical_function, $db, $met_column, $url_array;
@unlink('../../../install/phpinfo.php');
$physical_function = "";
$adminfile = $url_array[count($url_array) - 2];
deltree(ROOTPATH . '/cache');
deltree(ROOTPATH . "/{$adminfile}/update");
$column = $db->get_all("select * from {$met_column} where classtype=1 or releclass!=0");
$columnfile = array('about', $adminfile, 'cache', 'config', 'download', 'feedback', 'img', 'include', 'job', 'lang', 'link', 'member', 'message', 'news', 'product', 'public', 'search', 'sitemap', 'templates', 'upload', 'wap', 'install', 'update', 'webscan360');
foreach ($column as $key => $val) {
array_push($columnfile, $val['foldername']);
}
$columnfile = array_unique($columnfile);
$hand = @dir($jkdir);
while ($file = $hand->read()) {
if (is_dir('../../../' . $file) && $file != '.' && $file != '..') {
$fileroot[] = $file;
}
}
$diff = array_diff($fileroot, $columnfile);
foreach ($diff as $key => $val) {
$physical_function .= "3|{$val}|,";
}
$diff = implode('|', $diff);
$filenamearray = array();
$trust = parse_ini_file($trust, 1);
traversal($jkdir, $suffix, $diff);
$filenow = $filenamearray;
$danger = explode('|', $danger);
foreach ($filenow as $key => $val) {
if (preg_match_all("/\\.(php)/i", $key, $out)) {
$str = '';
$handle = @fopen('../../../' . $key, "rb");
$str = @fread($handle, @filesize('../../../' . $key));
@fclose($handle);
foreach ($danger as $key1 => $val1) {
if (preg_match_all("/([^A-Za-z0-9_]{$val1})[\r\n\t]{0,}([\\[\\(])/i", $str, $out)) {
$dir = readmin($key, $adminfile, 1);
if ($trust[$val1][$dir] != 1) {
$physical_function .= "1|{$key}|{$val1},";
}
}
}
if (preg_match_all("/[A-Za-z0-9+\\/]{100}/i", $str, $out)) {
$dir = readmin($key, $adminfile, 1);
if ($trust['encryption'][$dir] != 1 && !preg_match_all("/authtemp/i", $str, $out)) {
$physical_function .= "1|{$key},";
}
}
if ($val[filesize] < 100 && $val[filesize] > 0) {
$dir = readmin($key, $adminfile, 1);
if (substr($key, 0, 6) == 'cache/') {
unlink('../../../' . $key);
} else {
if ($trust['size'][$dir] != 1) {
$physical_function .= "1|{$key},";
}
}
}
} else {
$physical_function .= "2|{$key}|,";
}
}
if (file_exists('../../../install')) {
file_put_contents('../../../install/phpinfo.php', '<?php phpinfo(); ?>');
}
$physical_function = trim($physical_function, ',');
$physical_function = $physical_function == null ? "1" : $physical_function;
}
/**
* 遍历文件夹下所有文件
* @param string $jkdir 遍历文件夹,可以是绝对路径,也可以是相对网站根目录的相对路径
* @param string $suffix 遍历文件的后缀,不填写为全部文件。支持正则。
* @param string $jump 跳过不需要遍历的文件夹。要填写网站根目录路径,不要含有../,实质是"/^({$jump})/"中正则参数。
* @return string 返回提取的文件数组。文件路径都是绝对路径。
*/
function traversal($jkdir, $suffix = '[A-Za-z]*', $jump = null, &$filenamearray = array())
{
if ($jkdir == '.' || $jkdir == './') {
$jkdir = '';
}
$jkdir = path_absolute($jkdir);
$hand = opendir($jkdir);
while ($file = readdir($hand)) {
$filename = $jkdir . $file;
if (@is_dir($filename) && $file != '.' && $file != '..' && $file != './..') {
if ($jump != null) {
if (preg_match_all("/^({$jump})/", str_replace(PATH_WEB, '', $filename), $out)) {
continue;
}
}
traversal($filename, $suffix, $jump, $filenamearray);
} else {
if ($file != '.' && $file != '..' && $file != './..' && preg_match_all("/\\.({$suffix})/i", $filename, $out)) {
if (stristr(PHP_OS, "WIN")) {
$filename = iconv("gbk", "utf-8", $filename);
}
$filenamearray[] = str_replace(PATH_WEB, '', $filename);
}
}
}
return $filenamearray;
}