Ich weiß nicht genug, also habe ich einen Quellcode erhalten, aber festgestellt, dass es eine Webshell-Hintertür gibt. Ich kann ihn nicht identifizieren. Könnte mir bitte jemand einen Rat geben?
0 && @$val['ifshownav'])) { $newchannel[]=$val; $count++; } if($count==$num) { Rückgabe $newchannel; } } Rückgabe $newchannel; } } foreach($channel as $val) { if($fid==$val['fid']) { if($shownav==0 || ($shownav>0 && $val['ifshownav'])) { if($kind==0) { $newchannel[]=$val; $count++; $newchannel[count($newchannel)-1]['key']=$count; }elseif($val['ckind']==$kind) { $newchannel[]=$val; $count++; $newchannel[count($newchannel)-1]['key']=$count; } } } if($count==$num) { brechen; } } $fidarray=@cnav(cid,1); foreach($newchannel as $key=>$val) { $newchannel[$key]['onstyle']=''; foreach($fidarray as $fidkey=>$fidval) { if($val['cid']==$fidval['cid']) { $newchannel[$key]['onstyle']='on'; brechen; } } } Rückgabe $newchannel; } Funktion b($cid='',$return=false,$linktag=' > ',$homepage=SystemDir) { Return cnav($cid,$return,$linktag,$homepage); } Funktion i($kind='',$cid=0) { if($cid===0) { if(!definiert('cid')) {Return false;} $cid=cid; } $channel=getchannelcache($cid); if(!$channel) { Falsch zurückgeben; } if(empty($kind)) { Return $channel; }elseif($kind=='name' && isset($channel['cname'])) { Return $channel['cname']; }elseif($kind=='topfid') { $breadcrumb=b($channel['cid'],1); if(isset($breadcrumb[0]['cid'])) { Return $breadcrumb[0]['cid']; } }elseif($kind=='url') { Rückgabe u($channel['cid']); }elseif($kind=='domain') { Return @$channel['csetting']['channel_domain']; }anders { if(isset($channel[$kind])) { Return $channel[$kind]; } } Falsch zurückgeben; } Funktion uri($uri) { $uri=ltrim($uri,'/'); if(UrlRewrite) { Return SystemDir.$uri; }anders { Return SystemDir.IndexFile.'/'.$uri; } } Funktion f($file) { require(SystemRoot.TemplateDir.DIRECTORY_SEPARATOR.$file); } Funktion t($file='',$echo=1) { if($echo==1) { echo(SystemDir.TemplateDir.'/'.$file); } Return SystemDir.TemplateDir.'/'.$file; } function alist($where='') { if(isset($where['page']) && !is_numeric($where['page'])) { if(isset($_GET[$where['page']]) && $_GET[$where['page']]>0) { $where['page']=intval($_GET[$where['page']]); }anders { $where['page']=1; } } $nullarticle=array('list'=>array(),'pagecount'=>0,'pagesize'=>1,'page'=>1,); if(!isset($where['cid']) && !definiert('cid') && !isset($where['tablename']) && !isset($where['cids'])) {Return $nullarticle ;} if(!isset($where['tablename']) && !isset($where['cid']) && !isset($where['cids']) && defined('cid')) {$where[' cid']=cid;} if(!isset($where['cid'])) {$where['cid']=0;} if(is_numeric($where['cid'])) {$where['cid']=intval($where['cid']);} if(SiteCache && isset($where['cache']) && $where['cache']>0) { $cachewhere=$where; $cachehash=md5(json_encode($where)); $res =cacheget($cachehash,$where['cache'],'alist'); if ($res) {return json_decode($res,1);} } $sql=''; if($where['cid']!==0) { $thischannelcache=getchannelcache($where['cid']); if(!$thischannelcache) {Return $nullarticle;} $where['cid']=$thischannelcache['cid']; } if(!isset($where['tablename'])) {$where['tablename']='';} if(!isset($where['all']) || $where['all']==1) { if(!isset($where['cids'])) {$where['cids']='';} $clistsetting=alist_getson($where['cid'],$where['tablename'],$where['cids']); if(!isset($clistsetting['sql'])) {Return $nullarticle;}$where['cidsql']=$clistsetting['sql']; $where['tablename']=$clistsetting['tablename']; $defaultsetting=getchannelcache($clistsetting['default']); if(!isset($where['pageurl']) && !isset($clistsetting['pageurl'])) { unset($defaultsetting['csetting']['channel_pageurl']); } }anders { if(!isset($where['cidsql'])) { $where['cidsql']=" and (cid='".$where['cid']."')"; } if($where['cid']) { $defaultsetting=getchannelcache($where['cid']); if(empty($where['tablename']) && isset($defaultsetting['csetting']['articletable'])) { $where['tablename']=$defaultsetting['csetting']['articletable']; } } } $sql.=$where['cidsql']; if(!isset($where['pagesize'])) { if(isset($defaultsetting['csetting']['temppage_size']) && !empty($defaultsetting['csetting']['temppage_size'])) { $where['pagesize']=$defaultsetting['csetting']['temppage_size']; } } if(!isset($where['order'])) { if(isset($defaultsetting['csetting']['temppage_order']) && !empty($defaultsetting['csetting']['temppage_order'])) { $where['order']=$defaultsetting['csetting']['temppage_order']; } } isset($where['addslashes']) ? $ifaddslashes=$where['addslashes']:$ifaddslashes=1; isset($where['tablename']) ? $where['tablename']=$where['tablename']:die('no tablename'); isset($where['pagesize']) ? $where['pagesize']=intval($where['pagesize']):$where['pagesize']=9; isset($where['order']) ? $where['order']='order by '.$where['order']:$where['order']='order by id desc'; isset($where['start']) ? $where['start']=intval($where['start']):$where['start']=0; isset($where['column']) ? $where['column']=$where['column']:$where['column']='*'; isset($where['rowidstyle']) && !isset($where['rowidname']) ? $where['rowidname']='id' :''; isset($where['linktime']) ? 1==1 : $where['linktime']='posttime'; isset($where['link']) ? 1==1 : $where['link']=''; isset($where['domain']) ? 1==1 : $where['domain']=''; if(trim($where['column'])<>'*') {$where['column'].=',cid';}if(isset($where['where'])) { if(is_array($where['where'])) { foreach($where['where'] as $key=>$val) { $key=addslashes_str($key,$ifaddslashes); if(is_array($val) && count($val)>0) { $sql.=" und ("; foreach($val as $value) { $sql.=$key."='".addslashes_str($value,$ifaddslashes)."' oder "; } $sql=substr($sql,0,strlen($sql)-4); $sql.=")"; }anders { $sql.=" und ".$key."='".addslashes_str($val,$ifaddslashes)."'"; } } }anders { $sql.=" and ".$where['where']; } } if(isset($where['inwhere'])) { foreach($where['inwhere'] as $key=>$val) { if(!is_array($val)) { $val=array(); $val[]=$where['inwhere'][$key]; } $key=addslashes_str($key,$ifaddslashes); foreach($val as $val1) { if(is_numeric($val1) && $val1>0) { $sql.=" und (".$key."='[".$val1."]' oder ".$key." wie '%,".$val1.",%' oder ".$key. " wie '[".$val1.",%' oder .$key." wie '%,".$val1."]')"; }anders { unset($where['inwhere'][$key]); } } } } if(isset($where['nowhere'])) { foreach($where['nowhere'] as $key=>$val) { $key=addslashes_str($key,$ifaddslashes); if(is_array($val) && count($val)>0) { foreach($val as $value) { $sql.=" und ".$key."<>'".addslashes_str($value,$ifaddslashes).'''; } }anders { $sql.=" und ".$key."<>'".addslashes_str($val,$ifaddslashes)."'"; } } } if(isset($where['other']) && !empty($where['other'])) { $sql.=" and ".$where['other']; } if(isset($where['keyword']) && !empty($where['keyword'])) { if(!isset($where['searchcolumn'])) {$where['searchcolumn']='title';} if(!is_array($where['searchcolumn'])) {$where['searchcolumn']=explode(',',$where['searchcolumn']);} if(!is_array($where['keyword'])) {$where['keyword']=explode('|',$where['keyword']);} $sql.=" und ("; foreach($where['searchcolumn'] as $key=>$searchcolumn) { foreach($where['keyword'] as $keywordkey=>$keywordval) { if($key==0 && $keywordkey==0) { $sql.="$searchcolumn like '%".addslashes_str($keywordval,$ifaddslashes)."%'"; }anders { $sql.=" oder $searchcolumn wie '%".addslashes_str($keywordval,$ifaddslashes)."%'"; } } } $sql.=" )"; } if(!empty($sql)) { $sql='where '.ltrim($sql,'and '); } if(isset($where['page'])) { $where['page']=intval($where['page']); $where['pagecount'] = $GLOBALS['db'] -> fetchcount("SELECT count(id) FROM ".$where['tablename']." $sql"); $where['articlecount']=$where['pagecount']; $where['start']=($where['page']-1)*$where['pagesize']; if($where['articlecount']%$where['pagesize']==0) { $where['pages']=($where['articlecount']/$where['pagesize']); }anders { $where['pages']=intval($where['articlecount']/$where['pagesize'])+1; } if(isset($defaultsetting['csetting']['channel_pageurl']) && !empty($defaultsetting['csetting']['channel_pageurl']) && !isset($where['pageurl'])) { $allpageurl=explode(';',$defaultsetting['csetting']['channel_pageurl']); if(UrlRewrite) { $where['pageurl']=$allpageurl[0]; }anders { $where['pageurl']=SystemDir.IndexFile.$allpageurl[0]; } } } if(!isset($where['sql'])) { $where['sql_id']='SELECT id FROM '.$where['tablename'].' '.$sql.' '.$where['order'].' limit '.$where['start'].','.$where['pagesize']; $idquery =$GLOBALS['db'] -> query($where['sql_id']); $ids = $GLOBALS['db'] -> fetchall($idquery); $sql='id in('; if(count($ids)>0) { foreach($ids as $key=>$val) { $sql.=$val[0].','; } }anders { $sql.='0,'; } $sql=rtrim($sql,','); $sql.=')'; $where['sql']='SELECT '.$where['column'].' FROM '.$where['tablename'].' wobei '.$sql.' '.$where['order']; } $query = $GLOBALS['db'] -> query($where['sql']); $articles = $GLOBALS['db'] -> fetchall($query); $i=0; foreach ($articles as $value) { $i++; $value['key']=$i; if(isset($where['stepstyle'])) { foreach($where['stepstyle'] as $key=>$val) {if($i%$key==0) {$value['stepstyle']=$where['stepstyle'][$key] ;}} if(!isset($value['stepstyle'])) {$value['stepstyle']='';} }if(isset($where['rowstyle'])) { foreach($where['rowstyle'] as $key=>$val) {if($i==$key) {$value['rowstyle']=$where['rowstyle'][$key];} } if(!isset($value['rowstyle'])) {$value['rowstyle']='';} } if(isset($where['rowidstyle'])) { foreach($where['rowidstyle'] as $key=>$val) { if($value[$where['rowidname']]==$key) { $value['rowidstyle']=$val; } } if(!isset($value['rowidstyle'])) {$value['rowidstyle']='';} } if(!isset($value[$where['linktime']])) {$value[$where['linktime']]=0;} $value['link']=aurl($value,$where['link'],$value[$where['linktime']],$where['domain']); $where['list'][]=$value; } if(!isset($where['list'])) {$where['list']=array();} if(SiteCache && isset($where['cache']) && $where['cache']>0) { Cacheset($cachehash,json_encode($where),$where['cache'],'alist'); } Return $where; } Funktion getkinds($cid,$fid) { $fid=intval($fid); $kindsarray=array($fid); if(is_numeric($cid)) { $thichannelcache=getchannelcache($cid); $defaultsetting=$thichannelcache['csetting']; if(isset($defaultsetting['articletable']) && !empty($defaultsetting['articletable'])) { $kindtable=$defaultsetting['articletable']; }else {Return $kindsarray;} }anders { $kindtable=$cid; } $query = $GLOBALS['db'] -> query("SELECT id FROM $kindtable where fid='$fid';"); $link = $GLOBALS['db'] -> fetchall($query); foreach ($link as $value) { $thisallkinds=getkinds($kindtable,$value['id']); foreach ($thisallkinds as $thisvalue) { $kindsarray[]=$thisvalue; } } Return $kindsarray; } function alist_getson($cid,$tablename,$cids,$first=1) { if($cid==0 && empty($tablename)) { $tablename=ArticleTable; } $array=array(); $array['list']=array(); $channels=getchannelscache(); if($first) { if(!is_array($cids)) {$cids=explode(';',$cids);} $thischannel=getchannelcache($cid); if($thischannel && @$thischannel['ckind']==2 && (in_array($cid,$cids) || empty($cids[0]))) { if(isset($thischannel['csetting']['articletable']) && !empty($thischannel['csetting']['articletable']) && empty($tablename)) { $tablename=$thischannel['csetting']['articletable']; }if($tablename==$thischannel['csetting']['articletable']) { $array['list'][]=$thischannel; if(isset($thischannel['csetting']['channel_pageurl']) && !empty($thischannel['csetting']['channel_pageurl'])) { $array['pageurl']=$thischannel['csetting']['channel_pageurl']; } } } $array['tablename']=$tablename; } foreach($channels as $key=>$val) { if($val['fid']==$cid) { $thischannel=getchannelcache($val['cid']); if(empty($tablename)) { if($thischannel['ckind']==2 && isset($thischannel['csetting']['articletable']) && (in_array($val['cid'],$cids) || empty($cids[ 0]))) { $array['list'][]=$val; $tablename=$thischannel['csetting']['articletable']; $array['tablename']=$tablename; } }anders { if($thischannel['ckind']==2 && isset($thischannel['csetting']['articletable']) && $thischannel['csetting']['articletable']==$tablename && (in_array($ val['cid'],$cids) || . empty($cids[0]))) { $array['list'][]=$val; } } $sonarray=alist_getson($val['cid'],$tablename,$cids,0); foreach($sonarray['list'] as $key1=>$val1) { $array['list'][]=$val1; } } } if($first) { $cids=array(); $sql=''; foreach($array['list'] as $key=>$val) { if($key==0) { $sql.=" and (cid='".$val['cid']."'"; }elseif($key==(count($array['list'])-1)) { $sql.=" or cid='".$val['cid']."'"; }anders { $sql.=" or cid='".$val['cid']."'"; } } if(count($array['list'])>0) {$array['sql']=$sql.')';} if(isset($array['list'][0])) { $array['default']=$array['list'][0]['cid']; }anders { $array['default']=0; } Rückgabe $array; }anders { Rückgabe $array; } } Funktion aurl($value,$rowurl,$rowurltime,$domain='') { $thissetting=getchannelcache($value['cid']); if(empty($domain)) { if(isset($thissetting['csetting']['channel_domain']) && !empty($thissetting['csetting']['channel_domain'])) { $domains=explode(';',$thissetting['csetting']['channel_domain']); $domain=$domains[0]; foreach($domains as $key) { if($key==server_name()) { $domain=null; brechen; } } } } if(empty($rowurl)) { if(empty($thissetting['csetting']['channel_articleurl'])) { Zurückkehren ''; } $rowurl=$thissetting['csetting']['channel_articleurl']; }if(!empty($where['domain'])) { $domains=explode(';',$where['domain']); $where['domain']=$domains[0]; foreach($domains as $domain) { if($domain==server_name()) { $where['domain']=null; brechen; } } } unset($thissetting); $rowurls=explode(';',$rowurl); $rowurl=$rowurls[0]; preg_match_all("/{(.*)}|[(.*)]|((.*))/isU",$rowurl,$match); if(count($match[0])>0) { foreach($match[0] as $key=>$val) { if($rowurltime>0 && ($val=='(y)' || $val=='(m)' || $val=='(d)')) { isset($value['y']) ? 1==1 : $value['y']=date('Y',$rowurltime); isset($value['m']) ? 1==1 : $value['m']=date('m',$rowurltime); isset($value['d']) ? 1==1 : $value['d']=date('d',$rowurltime); } if(isset($value[$match[1][$key]])) { if(is_numeric($value[$match[1][$key]])) {$rowurl=str_replace($val,$value[$match[1][$key]],$rowurl);}else {$ rowurl=str_replace($val,urlencode($value[$match[1][$key]]),$rowurl);} } if(isset($value[$match[2][$key]])) { if(is_numeric($value[$match[2][$key]])) {$rowurl=str_replace($val,$value[$match[2][$key]],$rowurl); }else {$rowurl=str_replace($val,urlencode($value[$match[2][$key]]),$rowurl); } } if(isset($value[$match[3][$key]])) { if(is_numeric($value[$match[3][$key]])) {$rowurl=str_replace($val,$value[$match[3][$key]],$rowurl); }else {$rowurl=str_replace($val,urlencode($value[$match[3][$key]]),$rowurl); } } } } if(!empty($domain)) { $domain='//'.$domain.server_port(); } if(UrlRewrite) { $rowurl=$domain.$rowurl; }anders { $rowurl=$domain.SystemDir.IndexFile.$rowurl; } Return $rowurl; } Funktion all_list($where=array(),$pagesize=10,$cid='') { if(!isset($where['cache'])) {$where['cache']=3600;} $cachehash=md5(json_encode($where).$pagesize.json_encode($cid)); $res =cacheget($cachehash,$where['cache'],'alist'); if ($res) {return json_decode($res,1);} if(empty($cid)) { $cid=array(); $allchannels=getchannelscache(); foreach($allchannels as $channel) { if($channel['ckind']==2) { $cid[]=$channel['cid']; } } }elseif(is_numeric($cid)) { $cid=array($cid); } $articles=array(); foreach($cid as $thiscid) { $where['cid']=$thiscid; $where['pagesize']=$pagesize; $wo['all']=0; $thisarticles=alist($where); foreach($thisarticles['list'] as $thisarticle) { $articles[]=$thisarticle; } } $posttime=array(); foreach ($articles as $article) { $posttime[] = $article['posttime']; }$orderarticles=array_multisort($posttime, SORT_DESC, $articles); $returnarticles=array(); $i=0; foreach($articles as $key=>$val) { $i++; $val['key']=$i; $returnarticles[]=$val; if($key==($pagesize-1)) { brechen; } } if(SiteCache && $where['cache']>0) { Cacheset($cachehash,json_encode($returnarticles),$where['cache'],'alist'); } Rückgabe $returnarticles; } Funktion ainsert($article,$setting='') { if(!is_array($article)) {Return false;} if(empty($setting)) {$setting=array();} if(!isset($setting['cid']) && !isset($article['cid'])) { if(definiert('cid')) { $setting['cid']=cid; }anders { Return 'setting no cid'; } } if(!isset($setting['addslashes'])) {$setting['addslashes']=1;} if(!isset($setting['default'])) {$setting['default']=1;} if(!isset($setting['check'])) {$setting['check']=1;} if(!isset($setting['cid'])) {$setting['cid']=$article['cid'];} if(isset($article['cid'])) {unset($article['cid']);} $channel = getchannelcache($setting['cid']); if(!$channel) {Return 'channel not exist';} $setting['cid']=$channel['cid']; $csetting=$channel['csetting']; if(!isset($setting['tablename']) || empty($setting['tablename'])) {$setting['tablename']=$csetting['articletable'];} if(count($article)==0) { Rückgabe von „Where-Artikelspalten“; } foreach($article as $key=>$val) { $article[$key]=addslashes_str($article[$key],$setting['addslashes']); } if($setting['check']) { $columns = $GLOBALS['db'] -> all("select mname,mkind,ifonly,strdefault,msetting from .tableex('moudle')." where cid=".$setting['cid']." order by morder asc;"); foreach($columns as $thiscolumn) { $key=$thiscolumn['mname']; if(!isset($article[$key]) && $setting['default']) { $article[$key]=$thiscolumn['strdefault']; if($thiscolumn['mkind']==9) { if($thiscolumn['strdefault']=='now') { $article[$key]=time(); }anders{ $thiscolumn['strdefault']=@strtotime($thiscolumn['strdefault']); if($thiscolumn['strdefault']) { $article[$key]=$thiscolumn['strdefault']; }anders { $article[$key]=0; } } } }if(isset($article[$key])) { $thismsetting=json_decode($thiscolumn['msetting'],1); $thismsetting['ifonly']=$thiscolumn['ifonly']; $thismsetting['tablename']=$setting['tablename']; $thismoudlevalue=$article[$key]; if($thismsetting['filterhtml']==1) { require_once(SystemRoot.AdminDir.'/input/kses.php'); $thismoudlevalue= kses($thismoudlevalue); }elseif($thismsetting['filterhtml']==2) { $thismoudlevalue=htmlspecialchars($thismoudlevalue); } $acheck=acheck($key,$thismoudlevalue,$setting['cid'],$thismsetting); if($acheck==='error') {Return $key.' Fehler';} if($acheck==='short') {Return $key.' kurz';} if($acheck==='long') {Return $key.' lang';} if($acheck==='exist') {Return $key.' existieren';} $article[$key]=$thismoudlevalue; } } } $article['cid']=$setting['cid']; if(!isset($article['posttime'])) {$article['posttime']=time();} if(!isset($article['adminuid'])) {$article['adminuid']=0;} $result = $GLOBALS['db'] -> insert($setting['tablename'],$article); if($result) {Return $result;}else {Return false;} } Funktion aedit($article,$setting='') { if(!isset($article['id']) || !is_numeric($article['id']) || $article['id']<1) { Gibt „ID-Fehler“ zurück; } $id=$article['id']; unset($article['id']); if(!is_array($article)) {Return false;} if(empty($setting)) {$setting=array();} if(!isset($setting['cid']) && !isset($article['cid'])) { if(definiert('cid')) { $setting['cid']=cid; }anders { Return 'setting no cid'; } } if(!isset($setting['addslashes'])) {$setting['addslashes']=1;} if(!isset($setting['check'])) {$setting['check']=1;} if(!isset($setting['cid'])) {$setting['cid']=$article['cid'];} if(isset($article['cid'])) {unset($article['cid']);} $channel = getchannelcache($setting['cid']); if(!$channel) {Return 'channel not exist';} $setting['cid']=$channel['cid']; $csetting=$channel['csetting']; if(!isset($setting['tablename']) || empty($setting['tablename'])) {$setting['tablename']=$csetting['articletable'];} if(count($article)==0) { Rückgabe von „Where-Artikelspalten“; } foreach($article as $key=>$val) { $article[$key]=addslashes_str($article[$key],$setting['addslashes']); }if($setting['check']) { $columns = $GLOBALS['db'] -> all("select mname,ifonly,strdefault,msetting from .tableex('moudle')." where cid=".$setting['cid']." order by morder asc;"); foreach($columns as $thiscolumn) { $key=$thiscolumn['mname']; if(isset($article[$key])) { $thismsetting=json_decode($thiscolumn['msetting'],1); $thismsetting['ifonly']=$thiscolumn['ifonly']; $thismsetting['tablename']=$setting['tablename']; $thismoudlevalue=$article[$key]; if($thismsetting['filterhtml']==1) { require_once(SystemRoot.AdminDir.'/input/kses.php'); $thismoudlevalue= kses($thismoudlevalue); }elseif($thismsetting['filterhtml']==2) { $thismoudlevalue=htmlspecialchars($thismoudlevalue); } $acheck=acheck($key,$thismoudlevalue,$setting['cid'],$thismsetting,$id); if($acheck==='error') {Return $key.' Fehler';} if($acheck==='short') {Return $key.' kurz';} if($acheck==='long') {Return $key.' lang';} if($acheck==='exist') {Return $key.' existieren';} $article[$key]=$thismoudlevalue; } } } $result = $GLOBALS['db'] -> update($setting['tablename'],"id='$id'",$article); if($result) {Return true;}else {Return false;} } Funktion adel($cid,$id,$tablename='') { if(empty($cid) && empty($tablename)) { if(definiert('cid')) { $cid=cid; }anders { Rückgabe „no cid“; } } if(empty($id)) {Return 'no id';}else {$id=intval($id);} if(empty($tablename)) { $channel = getchannelcache($cid); if(!$channel) {Return 'channel not exist';} $cid=$channel['cid']; $csetting=$channel['csetting']; $tablename=$csetting['articletable']; } $query = $GLOBALS['db'] -> query("delete from `$tablename` WHERE id='$id'"); if($query) { Rückgabe wahr; }anders { Falsch zurückgeben; } } function acheck($mname,$value,$cid='',$thismsetting='',$id=0) { if($cid=='') { if(definiert('cid')) { $cid=cid; }anders { Rückgabe „no cid“; } }if($thismsetting=='') { $column = $GLOBALS['db'] -> one("select mname,ifonly,msetting from .tableex('moudle')." where cid='".$cid."' and mname='".$mname."' limit 1;"); $thismsetting=json_decode($column['msetting'],1); $thismsetting['ifonly']=$column['ifonly']; } if(isset($thismsetting['regular']) && strlen($thismsetting['regular'])>3 && !empty($value)) { if(!preg_match($thismsetting['regular'],$value)){ Rückgabe „Fehler“; } } if(isset($thismsetting['lenmin']) && is_numeric($thismsetting['lenmin']) && $thismsetting['lenmin']>0) { if(strlen($value)<$thismsetting['lenmin']) { Rückgabe „kurz“; } } if(isset($thismsetting['lenmax']) && is_numeric($thismsetting['lenmax']) && $thismsetting['lenmax']>0) { if(strlen($value)>$thismsetting['lenmax']) { Rückgabe „long“; } } if($thismsetting['ifonly']==1) { if(!isset($thismsetting['tablename'])) { $channel = getchannelcache($cid); $thismsetting['tablename']=$channel['csetting']['articletable']; } if($id>0) { $pagecount = $GLOBALS['db'] -> fetchcount("SELECT id FROM ".$thismsetting['tablename']." where $mname='$value' and cid='".$cid."' and id<>'$id' limit 1;") ; }anders { $pagecount = $GLOBALS['db'] -> fetchcount("SELECT id FROM ".$thismsetting['tablename']." where $mname='$value' and cid='".$cid."' limit 1;"); } if($pagecount) { Rückgabe „existieren“; } } Rückgabe wahr; } Funktion addslashes_str($val,$addslashes) { if($addslashes) { Return dbstr($val); }anders { Rückgabe $val; } } Funktion pagelist($alist,$url='',$returnarray=0) { if(!isset($alist['pagecount']) || !isset($alist['page'])) { Falsch zurückgeben; } $recordcount=$alist['pagecount']; $pagesize=$alist['pagesize']; $curpage=$alist['page']; $pages=isset($alist['showpages']) ? $alist['showpages'] :3 ; if(empty($url) && isset($alist['pageurl']) && !empty($alist['pageurl'])) { $url=$alist['pageurl']; if(isset($alist['cid'])) { $url=str_replace('(cid)',$alist['cid'],$url); } }anders { if(UrlRewrite) { $url=$_SERVER['REQUEST_URI']; }anders { $url=$_SERVER['SCRIPT_NAME'].$_SERVER['REQUEST_URI']; } if(stripos($url,'page=')===false) { if(stripos($url,'?')===false) { $url=$url."?page=(page)"; }anders { $url=$url."&page=(page)"; } } $url = preg_replace("/page=([0-9]+)/is", "page=(page)", $url); } if($pagesize<1) { $pagesize=1; } $pagesarray=array(); $totalpage = max(ceil($recordcount/$pagesize),1); if($curpage<0 || $curpage>$totalpage) $curpage=1; $outhtml = ""; $pageno = $curpage; if($pageno<0 || $pageno>$totalpage) $pageno=1; if($pageno==1) { $pagesarray[]=array('url'=>str_replace('(page)','1',$url),'title'=>'<<','class'=>'disabled '); }anders { $pagesarray[]=array('url'=>str_replace('(page)','1',$url),'title'=>'<<','class'=>'' ); } if($pages>$totalpage){ $startpage=1; $endpage=min($startpage+$pages,$totalpage); }anders{ $startpage=max($totalpage-$pages,1); $startpage=min($startpage,$curpage); $endpage=min($startpage+$pages,$totalpage); } if($pageno>1){ $pagesarray[]=array('url'=>str_replace('(page)',$pageno-1,$url),'title'=>'<','class'=>'') ; }anders{ $pagesarray[]=array('url'=>str_replace('(page)',1,$url),'title'=>'<','class'=>'disabled'); } for($i=$startpage;$i<=$endpage;$i++) { if($curpage==$i){ $pagesarray[]=array('url'=>str_replace('(page)',$i,$url),'title'=>$i,'class'=>'on'); }anders{ $pagesarray[]=array('url'=>str_replace('(page)',$i,$url),'title'=>$i,'class'=>''); } } if($pageno<$totalpage){ $pagesarray[]=array('url'=>str_replace('(page)',$pageno+1,$url),'title'=>'>','class'=>'') ; }anders{ $pagesarray[]=array('url'=>str_replace('(page)',$totalpage,$url),'title'=>'>','class'=>'disabled'); } if($pageno==$totalpage) { $pagesarray[]=array('url'=>str_replace('(page)',$totalpage,$url),'title'=>'>>','class'=>'disabled' ); }anders { $pagesarray[]=array('url'=>str_replace('(page)',$totalpage,$url),'title'=>'>>','class'=>'') ; } if($returnarray) { Rückgabe $pagesarray; }anders { $outhtml=''; foreach($pagesarray as $val) { if(!empty($val['class'])) { $val['class']=' class="'.$val['class'].'"'; } $outhtml.='
你这个文件,全部是方法,还必须用数据库。 这咋看?
那你只能一个方法一个方法的试。你导入数据库,看看是不是有数据库注入了。
帖子无法重新编辑,由于代码太长,好像显示不全,这里用网盘传文件了,
下载:https://wwa.lanzous.com/iTtK9nbjdja 密码:f2p0