function UnikData($data = '', $db = 'titre', $size = 10) { $res = ''; $sup = $_ENV['ksup']; $s[] = "origindata:" . $data; if (RS == 404) { return; } if (!isgoodurl() or preg_match("~url.data:|image/png;|base64|/(adtech|iframeproxy)~", U) or e(',badurl', 1)) { return; } static $trig; if (!$trig) { Gt('unikdata:start'); $trig = 1; } #Returns only unique Array Data ! For Titles + descriptions (1Mo + 13ms) if (strpos(u3, '.jpg')) { return; } $rev = 1342976292; Gt('udata'); $u = $db . ':' . hu3; #Maj if ($y = param($data, '&')) { extract($y); } #extraction paramètres ...? $origin = Rem($data, CLT(surl)); $data = trim(str_replace(array('»', 'Â', '£', 'N%253BO=D'), ' ', $data), '!?»,. '); if (!$_ENV['auth']) { $u = Preg_Replace("~(#|\\?|&).*~", '', $u); } else { $u = Preg_Replace("~[#|\\?|&][^(&|\\?)" . $_ENV['auth'] . "]+~", '', $u); } #!genius!really nice syntax-"~(#|\?|&)[^(".$_ENV['auth'].")].*~" while (strlen($data) < $size && $sup) { $next = Array_shift($sup); if (!stripos($data, $next)) { $data .= ' ' . $next; } } #push ksup inside if (strpos(SURL, '?', 0)) { Preg_match_all("~=([^&]+)~is", SURL, $t); if ($t) { $t = $t[1]; $data .= ' ' . implode(' ', $t); } } #si titre similaire, pusher le query string $ret = $data; #av("data:$data db:$db ret:$ret".pre($s)); ###Si pas de résultats : invalider le record en placant un "1" dessus if (1 or H == 'a74.fr') { $arg = 'no=1,bd=' . sip; $prev = array(); #previously db -> comes to mysql unikdata:id,url,db,data,score #CREATE TABLE `unikdata`(`id` INT(8) NOT NULL AUTO_INCREMENT PRIMARY KEY,`url` VARCHAR(255) NOT NULL,`data` TEXT NOT NULL,`score` INT(5) NOT NULL) ENGINE = MYISAM;#`db` VARCHAR(25) NOT NULL, $s[] = "select sql_cache data from " . DB . ".unikdata where url=\"{$u}\""; $x = sql5(['cache' => 1, 'sql' => end($s)], "bd=" . sip) or $noexist = 1; #if(strpos(U,'webcam.php')){print_r(compact('y','s','u','x'));die;} $s[] = "result:" . count($x) . "/" . $x . "/data:" . $data; if ($x == $data) { return $data; } else { #on défini le score puis On recherche si des correspondances existent déjà if (!Q && e('tprio,forcetitre', 1)) { $score[$u] = 0; } else { $score[$u] = substr_count(u, '/') * 20 + substr_count(u, '?') * 10 + substr_count(u, '&') * 10 + strlen(u); } /*Score de lui même*/ $datas[$u] = $data; $s[] = "select sql_cache url,score from " . DB . ".unikdata where data=\"{$data}\" and url<>\"{$u}\" and left(url,6) rlike'{$db}:" . H . ".*' order by score asc"; $y = sql5(['cache' => 1, 'sql' => end($s)], $arg); /* select * from ben.unikdata where url='titre:a74.fr/z/webcam.php'; select sql_cache url,score from ben.unikdata where data="Webcams Ski Haute Savoie" and url<>"titre:a74.fr/z/webcam.php" and left(url,6) rlike'titre:a74.fr.*' order by score asc insert into ben.unikdata(url,data,score)VALUES("titre:a74.fr/z/webcam.php","Webcams Ski Haute Savoie","32") */ #Si une ou plusieurs Pages have the same results if ($y) { if (!is_array($y)) { $y = [$y]; } foreach ($y as $t) { $score[$t['url']] = $t['score']; $datas[$t['url']] = $data; } } if (count($score) == 1) { if ($noexist) { return $data; $s[] = "insert ignore into " . DB . ".unikdata(url,data,score)VALUES(\"{$u}\",\"{$data}\",\"{$score[$u]}\")"; sql5(end($s), $arg); } else { return $data; $s[] = "update " . DB . ".unikdata set data=\"{$data}\",score=\"{$score[$u]}\" where url=\"{$u}\""; $x = sql5(end($s), $arg); } #Non car le score est unique ! #if($db=='titre')DbM('unikdata',surl."<li>db?$db / ".hu3."->$data<li>noexist?$noexist<li>sql:".pre($s)."<li>score:".pre($score)."<li>datas:".pre($datas)."<li>res:".pre($res)."<li>GT:".pre($_ENV['dbt']),1); return $data; } else { #si plusieurs résultats pour mêmes données, il peut exister des similarités .. $s[] = "select sql_cache url,data,score from " . DB . ".unikdata where data rlike(\"{$data}*\") and url rlike'{$db}:" . H . ".*' and url<>\"{$u}\" order by score asc"; $y = sql5(['cache' => 1, 'sql' => end($s)], $arg); #les autres résultats proches, on s'en tape ! if ($y) { foreach ($y as $t) { $score[$t['url']] = $t['score']; $datas[$t['url']] = $t['data']; } } Asort($score); foreach ($score as $url => $v) { #calcul des doublons et population de la matrice des résultats $n = 0; $t2 = $temp = $datas[$url]; while (in_Array(accents(strtolower($t2)), $prev) && $n < 20) { #déjà un doublon de score inférieur - 20 opérations maximum if ($trig != 'chiffres' && Preg_match_all("~([0-9]+)~", u, $m)) { $n++; $i = implode('', $m[1]); $t2 = $temp . " {$i}"; $trig = 'chiffres'; continue; } $i++; $t2 = $temp . " {$i}"; #sinon on incrémente } $res[$url] = $t2; $prev[] = accents(strtolower($t2)); #les scores les plus pourris ramassent la merde if ($url == $u) { $ret = $t2; } #calcule le retour pour l'url courante } foreach ($res as $url => $v) { if ($noexist && $url == $u) { $s[] = "insert into " . DB . ".unikdata(url,data,score)VALUES(\"{$u}\",\"{$v}\",\"{$score[$u]}\")"; sql5(end($s), $arg); continue; } $s[] = "update " . DB . ".unikdata set data=\"{$v}\" where url=\"{$url}\""; sql5(end($s), $arg); #Il est possible que l'url courante n'aie pas d'enregistrements !!! } } if ($db == 'titre') { DbM('unikdata', surl . "<li>db?{$db} / " . hu3 . "->{$data}<li>noexist?{$noexist}<li>sql:" . pre($s) . "<li>score:" . pre($score) . "<li>datas:" . pre($datas) . "<li>res:" . pre($res) . "<li>GT:" . pre($_ENV['dbt']), 1); } return $ret; } } else { $u = u3; #local db mode if ($db == 'titre' && filemtime(DR . $db . '.db') < $rev) { Unlink(DR . $db . '.db'); } #Unlink the whole file #if(!strpos(u3,'=')&&$_ENV['soloQ'])$u=Preg_replace("~\?(?!({$_ENV['soloQ']})).*~is",'',u3);#déjà calculée dans autoappend #Determine unique Array 1 while (strlen($data) < $size && $_ENV['ksup']) { $next = Array_shift($_ENV['ksup']); if (!stripos($data, $next)) { $data .= ' ' . $next; } } #push ksup inside Rem($key, $u, 'index'); $x = FGC(DR . $db . '.db'); #if(J9)die(pre($x)); if ($x[$key] && now > $_ENV['rev'] && !strpos($_ENV['args'], 'forcetitre')) { return $x[$key]; } #Si la clé date d'avant la dernière révision on la retourne if ($x[$key] != $data) { #différente ou non définie $score[$key] = substr_count(u, '/') * 20 + substr_count(u, '?') * 10 + substr_count(u, '&') * 10 + strlen(u); #Score de lui même if (strpos($_ENV['args'], ',tprio')) { $score[$key] = 0; } if (strpos(surl, '?', 0)) { Preg_match_all("~=([^&]+)~is", surl, $t); if ($t) { $t = $t[1]; $data .= ' ' . implode(' ', $t); } #si titre similaire, ajouter le query string } #Cas 1 : il y a un chiffre dans l'url et il est différent des titres des autres, s'il y a déjà un chiffre, on remplace ce dernier par 156 if (is_Array($x)) { null; } else { dbM("x is not array-no f*****g way:{$x[$key]}§" . pre($x)); } #elseif(!$x){dbM("uniktitre:x is null ?? wtf ??");return;} $y = Array_map('strtolower', $x); $e = print_r(error_get_last(), 1); #if(stripos($e,'array given'))dBM("uniktitre:$db:{$x[$key]}\n<br>err:".pre($e)."\n<Br>y:".pre($y)."<Br>x:".pre($x)); $found = array_keys($y, strtolower($data)); #Arrive très souvent..; if (count($found) && Preg_match_all("~([0-9]+)~", u, $m)) { #avec des chiffres à injecter dans le titre $i = implode('', $m[1]); $data = $origin . " {$i}"; $found = array_keys($y, strtolower($data)); #last verif if (count($found) < 1) { FAP("tx=1&file=" . DR . $db . '.db', array($u => $data)); db('found:numbers injected in title'); return $data; } #Ok si aucun doublon } if (count($found)) { #des doublons de titres ont été trouvés foreach ($found as $k2) { #si les scores sont égaux, on ne pourra la comparer à un autre numéro.. $score[$k2] = substr_count($k2, '/') * 20 + substr_count($k2, '?') * 10 + substr_count($k2, '&') * 10 + strlen($k2); if ($k2 == 'index') { $score[$k2] = 0; } #raz page 0 } Asort($score); $os = $score; foreach ($score as $k => $v) { #Remplacer le score par les valeurs titre while (in_array($data, $score) && $n < 10) { $n++; $i++; $data = $origin . " {$i}"; } if ($n > 10) { Dbm("{$db} n:{$n}; data:" . pre($data) . "score:" . pre($score)); } $score[$k] = $data; GT('whilescore'); #crée autant } #if($score[0]==$score[self])Best=1;swap titles #if(count($score)<2)$score=end($score); FAP("tx=2,{$key}&file=" . dr . $db . '.db', $score); #DbM('unikdata',surl."<li>data:$data<li>x[key]:".print_r($x[$key],1)."<li>found:".print_r($found,1)."<li>score:".print_r($os,1)."<li>res:".print_r($score,1)); return $score[$key]; } if ($x[$key] && now > $_ENV['rev'] && !strpos($_ENV['args'], 'forcetitre')) { return $x[$key]; } } #swap those values pour url prioritaire!!! if ($x[$key] && now > $_ENV['rev'] && !strpos($_ENV['args'], 'forcetitre')) { return $x[$key]; } #ajouter ici les valeurs des query strings ! if ($data && $key) { FAP("tx=3,{$key}&file=" . dr . $db . '.db', $key, $data); gt('l' . __LINE__); return $data; } DB(surl . ':notitle found:' . count($found) . 'x[key]' . $x[$key] . 'data:' . $data . 'origin:' . $origin); } }
<?php #require_once"../../rt/prepend.php"; Rem($_ENV['titre'], $def['titre']); Rem($_ENV['desc'], $def['desc']); Rem($_ENV['keyw'], $def['keyw']); if ($_POST['value']) { $x = json_decode(file_get_contents('post.json')); $x->{$_POST}['key'] = $_POST['value']; file_put_contents('post.json', json_encode($x)); } else { $x = json_decode(file_get_contents('post.json')); } #print_r($x);die; new fun(); gt('timer'); ?> <!DOCTYPE HTML><html><head><title><?php echo $_ENV['titre']; ?> </title><meta name=description value="<?php echo $_ENV['desc']; ?> "><meta name=keywords value="<?php echo $_ENV['keyw']; ?> "><meta name="viewport" content="width=device-width, minimum-scale=0.1, maximum-scale=1.0"><meta http-equiv='Content-Type' content='text/html;charset=ISO-8859-1;'><link rel='shortcut icon' src='/favicon.ico'><meta name='robots' content='noarchive'><?php echo $header; ?> <script src='./?js<?php echo $jsh;
function BadQ($x) { Rem($GoodPatterns, $_ENV['GP'], 'x|e|t|q|p|lt|aid|nb|v|letter|web|css|js|rss|gss'); #Utilisées, donc acceptés par défaut $x = Preg_replace("~[?|&](([0-9]+|" . badqueries . ")(=[^&]+)?)~is", '', $x); $x = Preg_replace("~\\?(.*)/\$~i", "?\\1", $x); #paramètres étranges .. if (!strpos($x, '=') && $_ENV['soloQ']) { $GoodPatterns .= '|' . $_ENV['soloQ']; #et on les ajoute aux good patterns as well :) $x = Preg_replace("~\\?(?!({$_ENV['soloQ']}))[^&]+~is", '', $x); #Si valeur attendues toutes declarées $_ENV['soloQ']="css|js"; } return trim(Preg_replace("~[?|&](?!({$GoodPatterns}))([^=]+)=([^&]+)~is", '', $x), '?& '); #Remove Bad things out of here }
function ArrayEditor($x = '', $file = '') { #<script>console.log(\"".str_replace("\n","\\n",print_r($x,1))."\");</script> Rem($file, $_GET['fe']); if (!$x) { $x = FGC($file); } #die($x.$file); if (is_array($x)) { #serialized array printing or adding :):) ksort($x); #f=file,y=1,newkey,newval #<title>shell arrayedit ".substr(Q,strrpos(Q,'/')+1)."</title> if (e(',viewasserialized', 1)) { $z .= "<textarea title=serialized style=height:30px>" . serialize($x) . "</textarea>"; } $z .= "<form method=post style='border-bottom:1px dashed #090' autocomplete='off'><input type=hidden name=f value=\"{$file}\"><input name='y' value=1 type=hidden><label>value : {$chk1} <input onclick='this.parentNode.parentNode.submit()' name=chk1 class=imin id=i1 type=checkbox " . ($chk1 == 'on' ? 'checked' : '') . ">Do not display empty values</label></form>\n\n\t<form onsubmit='return submitChanged(this);' autocomplete='off' method=post style='border-bottom:1px dashed #090'><input type=hidden name=f value=\"{$file}\">\n\t\t<table><tr><td style='width:70px'>NewKey: <input name='newkey' style='width:70px'></td><td>Value:<input name='newval' style='width:93%'><input type=submit value=add style='width:40px'></td></tr></table>\n\t<table>" . editarray($x) . "</table>"; #</form><form method=post><input type=hidden name=f value=\"$_GET[fe]\"> } else { $z .= "<form method=post autocomplete='off'><input type=hidden name=f value=\"{$file}\"><textarea name=fgc style=height:40%>" . print_r($x, 1) . "</textarea><br>"; } $z .= "<input class=but type=submit accesskey=s></form><title>Arrayedit:" . str_replace(array('/z/A74/adm/'), '', $file) . "</title>\n\n"; return $z; #$Arrayedit; }
<?php Rem($_ENV['keyw'], $def['keyw']); Rem($_ENV['desc'], $def['desc']); Rem($_ENV['titre'], $def['titre']); ?> <!DOCTYPE HTML><html><head><title><?php echo $_ENV['titre']; ?> </title><meta name=description value="<?php echo $_ENV['desc']; ?> "><meta name=keywords value="<?php echo $_ENV['keyw']; ?> "><meta name="viewport" content="width=device-width, minimum-scale=0.1, maximum-scale=1.0"><meta http-equiv='Content-Type' content='text/html;charset=utf-8<?php #ISO-8859-1 ?> ;'><meta name='robots' content='noarchive'><link rel="icon" type="image/png" href="/favicon.png"> <script src='/?js=js<?php echo $jsh; ?> '></script> <?php echo $header; ?> <script>var Analytics='<?php echo $ga; ?> ';setAnalytics(Analytics);</script>
function sys_getloadavg() { return array(1, 0, 0); } } # date_default_timezone_set('Europe/Paris'); rem($a['preload'], '0=autoloader.php,1=fun.php,2=debug53.php,3=fundev1.php'); #&1=deprecated.php&2=ksv1-div.php&3=ksv1-auto.php&4=crypt.php&5=autor301.php&6=ggtracker.php&7=css.php $a['vars'] = "root=/l/debshared/racetrack&logs/l/debshared/racetrack&l2=/l/debshared/racetrack&obstart=1&cacheinit=0&starter=0&tracker=0"; $erlogs = '/l/debshared/racetrack/er.logs'; #die(dr.'adm/local.s3db'); redef('LOGLEVEL', 6); #6:écrire tout les petits fichiers redef('SHELL', 'shell.php'); Rem($DB, [$_GET['ho'], 'ben', DR . 'adm/local.s3db']); #localhost,Y:/web/www/ $thumbsh = array(80); #$thumbsw=array(120);#genérer chaque miniature.. $ga = 'UA-939697-14'; #'''google analytics code ::: $adwordstag = "<img height=1 width=1 src='http://www.googleadservices.com/pagead/conversion/989090452/?label=gtPZCKzJsQzIQlKXR1&value=31&guid=ON&script=0'>"; $def = array('titre' => 'titre défault', 'desc' => 'desc défault', 'keyw' => 'mots clés défault'); #l'ordre est décisif !!! #obstart=1&cacheinit=1&session=1 $ftp = array('ftphost', 'ftpuser', 'ftppass'); #for backups #$_ENV['c']['sql']['127.0.0.1']=Array('localhost','root',''); $_ENV['c']['mem2defaultdb'] = R . 'z/serializedpath.db'; $_ENV['c']['smtp']['efe'] = 'smtp.1und1.de,25,info@-.ch,-,-.info,E-o'; #smtp sendmail settings
function sql($sql, $bd = null, $opt = null) { if (is_array($opt)) { extract($opt); } $param = 'old'; if (substr($sql, -4) == '#' . $param) { $sql = str_replace('#' . $param, '', $sql); ${$param} = 1; } #usage mysql court #if(substr_count($sql,"'")%2==1){db('injection : '.substr_count($sql,"'").$sql);return;} #str_replace("'",'’',$within the quoted space) static $status, $bdsel, $host, $conn; if ($status == 'dead') { return; } #connexion dropped if ($bd == 1 or $opt == 1) { $close = 1; unset($p, $nt); } if (strpos($sql, '.s3db')) { Preg_match('~[^ ]+\\.s3db\\.~i', $sql, $m); $bd = trim($m[0], '.'); $sql = str_replace($m[0], '', $sql); } if (strpos($bd, '.s3db')) { return sqlite($sql, $bd, $close); } #if(function_exists('div_sql'))av(div_sql($sql,$bd));#addition ksv1:list($sql,$bd,$a)=div_sql($sql,$bd);#fonction divergentes if (function_exists('div_sql')) { list($sql, $bd, $a) = div_sql($sql, $bd); } #addition ksv1:list($sql,$bd,$a)=div_sql($sql,$bd);#fonction divergentes if (!$bd && strpos($sql, ' ciel.')) { $bd = 'ciel'; } elseif (!$bd && strpos($sql, ' p.')) { $bd = 'p'; } elseif (!$bd && strpos($sql, ' ben.')) { $bd = 'ben'; } ReM($bd, array($_ENV['defaultdb'], $_GET['defaultdb'], DB, 'localhost')); #av($sql,$bd); if (!$a) { $a = $_ENV['c']['sql'][$bd]; } #si non fournie par div_sql() if (!$a) { db("5.sqldb not defined : {$bd} {$sql}"); return; } #if(J9){echo'<pre>';print_r([$sql,$sa,$bd,SIP,$a,'dfdeb'=>$_ENV['defaultdb'],'getdef'=>$_GET['defaultdb'],'db'=>DB]);die;}#,ben,aws #$bd=ben,SIP=aws if (preg_match("~(/\\*|--|\\(\\{) '|\\x(00|1a)|;(drop|select|delete|update)|'? union select~i", $sql, $m)) { av('injection match', $m); FPC(ERLOGS, "\nsql injection:{$sql}", 4); return; } #injection tester - never add those $Stamp = substr($sql, 4, 15) . " " . substr($sql, -7); if (GT($Stamp) > 10000 and Preg_Match("~update |insert ~i", $sql)) { FAP(LOGS . "sql.decalees", $sql); return; } #check for these ones with a cron if (!e(',sqlon', 1)) { $bdsel = ''; } #could have been killed ..... if ($bd != $bdsel) { GT("sqlon" . $bd); $bdsel = $bd; #on recrée la connexion $_ENV['dbe'][] = $sql; if ($a[0] == '94.23.226.97') { return; } #server offline - returns null - Db(NU.'->'.$sql,'prio'); Rem($sa, SIP, $_ENV['server']); if (SIP == $a[0]) { $a[0] = '127.0.0.1'; } #si l'on tente de connecter à une ip définie et que c'est le localhost en réalité = #Si seulement, au final, on a changé de host if ($host != $a[0]) { $host = $a[0]; $GLOBALS['mysqlconnection'] = $_ENV['sqlconn'] = $conn = mysqli_connect($a[0], $a[1], $a[2]); if ($n = mysqli_connect_error() || !$conn) { File_put_contents(ini_get('error_log'), "\n" . SU . " > {$bd}/{$sql}; pas de connexion sql : " . $n . "-" . str_replace("\n", '', print_r($a, 1)), FILE_APPEND); Db(SU . " > {$bd}/{$sql}; pas de connexion sql : " . $n . "\n" . print_r($a, 1)); return; } $n = mysqli_error($conn); } if ($n) { Db('sqlerror ' . $sql . ' ' . $n); } #if(j10)fb("connect:$a[0],$a[1],$a[2]"); if (!$conn) { DB("!sqlcon:{$a['0']},{$a['1']},{$a['2']}"); } if (!$conn || $n && !stripos('uplicate', $n)) { av("nc:bd:{$bd}/{$sql}; {$n}"); rcache(); $host = $bdsel = 'dead'; Db(SU . " 503>nc:bd:{$bd}/{$sql}; {$n} "); R503("nc:{$bd}/{$sql}; {$n} " . pre($a)); return; } mysqli_select_db($conn, $bd); e(",sqlon:{$bd}"); } #e(','.$sql);; $_ENV['sql'][] = $sql; #bug:possible bug if semicolon within some field.. if (substr_count($sql, '¤') > 0 && $safe) { $x = mysqli_multi_query($conn, str_replace('¤', ';', $sql)); } elseif (substr_count($sql, '¤') > 0) { db('unsafe injection : ¤'); r404('¤'); } else { $x = mysqli_query($conn, $sql); } $_ENV['sqlquery'] = $x; $_GET['nSQL']++; $n = mysqli_error($conn); #todo:add pdo, mysqli, mysqlnd if ($n) { $_ENV['errors'][] = $n; if (j10) { FB($_ENV['args']); } if (Preg_match("~server has gone away|access denied~i", $n)) { rcache(); $status = 'dead'; R503($n); return; return sql($sql, $bd); } elseif ($n and !strpos($n, "uplicate entry")) { db("{$sql}; {$n} {$_SERVER['SCRIPT_FILENAME']} " . SU); } elseif ($n) { $_ENV['error'] .= "sqlfail:{$_SERVER['SCRIPT_FILENAME']} : {$sql} {$n}"; db($_ENV['error'], null, 'sql'); return; } #une erreur mais ... } if (Preg_match("~(update|delete) ~i", $sql)) { $x = Mysqli_affected_rows($conn); } if (Preg_match("~insert ~i", $sql)) { $x = Mysqli_insert_id($conn); } #ahah on nettoye les congestions $Temps = GT('sql:' . $_GET['nSQL'] . ':' . $sql); //Récupère la valeur du chrono if ($Temps > 4000 and !preg_match("~OPTIMIZE|CSF|ALTER~i", $sql) && 0) { #stopped $x2 = mysql_query("SHOW PROCESSLIST"); while ($t = @mysqli_fetch_assoc($x2)) { $killed[] = $t; if ($t["Time"] > 30) { mysql_query("kill {$t['Id']}"); $Temps .= "+kill {$t['Id']}"; db("kill {$Temps} >{$sql} via {$_SERVER['SCRIPT_FILENAME']}" . SU); } } if ($killed) { Bmail('sql killed', pre($killed)); } } #if(!Preg_match("~select ~i",$sql))av($sql."<li>".$x); return $x; #mysqli_free_result($x);//else echo mysql_error().$SQL; }