├── robots.txt ├── .gitignore ├── xsser.crx ├── admin ├── style │ └── images │ │ ├── bg.png │ │ ├── Thumbs.db │ │ └── logo.gif ├── templates │ ├── admin_footer.html │ ├── admin_menu.html │ ├── admin_header.html │ ├── admin_index.html │ └── admin_module.html ├── index.php └── source │ ├── admin_index.php │ └── admin_module.php ├── source ├── js │ └── boxy │ │ ├── boxy-ne.png │ │ ├── boxy-nw.png │ │ ├── boxy-se.png │ │ ├── boxy-sw.png │ │ └── boxy.css ├── index.php ├── common.php ├── do.php ├── keepsession.php ├── login.php ├── global.func.php ├── code.php └── class │ └── Captcha.class.php ├── themes └── default │ ├── fonts │ ├── glyphicons-halflings-regular.eot │ ├── glyphicons-halflings-regular.ttf │ └── glyphicons-halflings-regular.woff │ ├── css │ ├── css.css │ └── style │ │ ├── style.css │ │ ├── print.css │ │ └── ie.css │ ├── style │ ├── style.css │ ├── print.css │ └── ie.css │ └── templates │ ├── notice.html │ ├── menus.html │ ├── module.html │ ├── index.html │ ├── user_invite.html │ ├── project_create.html │ ├── login.html │ ├── project_viewcode.html │ ├── header.html │ └── user_seting.html ├── install ├── common.php └── step2.php ├── captcha.php ├── auto_install.json ├── libs ├── sysplugins │ ├── smartyexception.php │ ├── smarty_internal_compile_continue.php │ ├── smarty_internal_compile_block_child.php │ ├── smarty_internal_compile_parent.php │ ├── smarty_undefined_variable.php │ ├── smarty_internal_compile_block_parent.php │ ├── smarty_internal_method_getdebugtemplate.php │ ├── smarty_internal_method_getdefaultmodifiers.php │ ├── smarty_internal_method_clearallassign.php │ ├── smartycompilerexception.php │ ├── smarty_internal_parsetree_text.php │ ├── smarty_internal_compile_rdelim.php │ ├── smarty_internal_parsetree_code.php │ ├── smarty_internal_method_getconfigvariable.php │ ├── smarty_variable.php │ ├── smarty_internal_parsetree_dqcontent.php │ ├── smarty_internal_parsetree.php │ ├── smarty_internal_method_compileallconfig.php │ ├── smarty_internal_method_clearconfig.php │ ├── smarty_internal_method_clearallcache.php │ ├── smarty_internal_method_setdefaultmodifiers.php │ ├── smarty_internal_method_unregistercacheresource.php │ ├── smarty_internal_method_setdebugtemplate.php │ ├── smarty_internal_compile_ldelim.php │ ├── smarty_internal_method_unregisterresource.php │ ├── smarty_internal_method_unregisterobject.php │ ├── smarty_internal_compile_debug.php │ ├── smarty_internal_method_clearassign.php │ ├── smarty_internal_method_getglobal.php │ ├── smarty_internal_method_unregisterplugin.php │ ├── smarty_internal_method_adddefaultmodifiers.php │ ├── smarty_internal_method_assignbyref.php │ ├── smarty_internal_method_registerdefaultconfighandler.php │ ├── smarty_internal_method_registercacheresource.php │ ├── smarty_internal_method_registerdefaultpluginhandler.php │ ├── smarty_internal_method_getstreamvariable.php │ ├── smarty_internal_method_clearcache.php │ ├── smarty_internal_method_getautoloadfilters.php │ ├── smarty_internal_method_createdata.php │ ├── smarty_internal_method_getregisteredobject.php │ ├── smarty_internal_compile_private_object_block_function.php │ ├── smarty_internal_method_assignglobal.php │ ├── smarty_internal_method_unloadfilter.php │ ├── smarty_resource_uncompiled.php │ ├── smarty_internal_method_registerclass.php │ ├── smarty_internal_method_unregisterfilter.php │ ├── smarty_internal_method_getconfigvars.php │ ├── smarty_internal_compile_make_nocache.php │ ├── smarty_internal_nocache_insert.php │ ├── smarty_data.php │ ├── smarty_internal_method_mustcompile.php │ ├── smarty_internal_undefined.php │ ├── smarty_internal_compile_append.php │ ├── smarty_internal_method_appendbyref.php │ ├── smarty_internal_compile_shared_inheritance.php │ ├── smarty_internal_block.php │ ├── smarty_internal_method_registerresource.php │ ├── smarty_internal_parsetree_tag.php │ ├── smarty_internal_compile_eval.php │ ├── smarty_internal_method_registerplugin.php │ ├── smarty_internal_runtime_make_nocache.php │ ├── smarty_internal_method_gettags.php │ ├── smarty_internal_method_addautoloadfilters.php │ ├── smarty_internal_compile_nocache.php │ ├── smarty_internal_compile_setfilter.php │ ├── smarty_internal_method_loadfilter.php │ ├── smarty_internal_method_setautoloadfilters.php │ ├── smarty_internal_resource_stream.php │ ├── smarty_internal_runtime_cachemodify.php │ ├── smarty_internal_compile_child.php │ └── smarty_resource_recompiled.php ├── plugins │ ├── modifiercompiler.noprint.php │ ├── variablefilter.htmlspecialchars.php │ ├── modifiercompiler.string_format.php │ ├── modifiercompiler.cat.php │ ├── modifiercompiler.count_paragraphs.php │ ├── modifiercompiler.upper.php │ ├── modifiercompiler.indent.php │ ├── modifiercompiler.strip_tags.php │ ├── modifiercompiler.lower.php │ ├── modifier.spacify.php │ ├── modifiercompiler.count_sentences.php │ ├── modifiercompiler.to_charset.php │ ├── modifiercompiler.from_charset.php │ ├── modifiercompiler.default.php │ ├── modifiercompiler.strip.php │ ├── modifiercompiler.count_characters.php │ ├── modifiercompiler.count_words.php │ ├── shared.escape_special_chars.php │ ├── modifier.replace.php │ ├── shared.literal_compiler_param.php │ ├── modifiercompiler.wordwrap.php │ ├── modifiercompiler.unescape.php │ ├── shared.make_timestamp.php │ ├── shared.mb_unicode.php │ ├── modifier.regex_replace.php │ ├── shared.mb_str_replace.php │ ├── function.counter.php │ ├── modifier.truncate.php │ └── modifier.mb_wordwrap.php └── bootstrap.php ├── index.php ├── scripts └── keepsession.php ├── authtest.php ├── 安装说明.txt ├── config.php ├── config.php.default └── init.php /robots.txt: -------------------------------------------------------------------------------- 1 | User-agent: * 2 | Disallow: / -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | temp 2 | admin/templates_c 3 | .idea 4 | -------------------------------------------------------------------------------- /xsser.crx: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/78778443/xssplatform/HEAD/xsser.crx -------------------------------------------------------------------------------- /admin/style/images/bg.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/78778443/xssplatform/HEAD/admin/style/images/bg.png -------------------------------------------------------------------------------- /source/js/boxy/boxy-ne.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/78778443/xssplatform/HEAD/source/js/boxy/boxy-ne.png -------------------------------------------------------------------------------- /source/js/boxy/boxy-nw.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/78778443/xssplatform/HEAD/source/js/boxy/boxy-nw.png -------------------------------------------------------------------------------- /source/js/boxy/boxy-se.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/78778443/xssplatform/HEAD/source/js/boxy/boxy-se.png -------------------------------------------------------------------------------- /source/js/boxy/boxy-sw.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/78778443/xssplatform/HEAD/source/js/boxy/boxy-sw.png -------------------------------------------------------------------------------- /admin/style/images/Thumbs.db: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/78778443/xssplatform/HEAD/admin/style/images/Thumbs.db -------------------------------------------------------------------------------- /admin/style/images/logo.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/78778443/xssplatform/HEAD/admin/style/images/logo.gif -------------------------------------------------------------------------------- /themes/default/fonts/glyphicons-halflings-regular.eot: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/78778443/xssplatform/HEAD/themes/default/fonts/glyphicons-halflings-regular.eot -------------------------------------------------------------------------------- /themes/default/fonts/glyphicons-halflings-regular.ttf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/78778443/xssplatform/HEAD/themes/default/fonts/glyphicons-halflings-regular.ttf -------------------------------------------------------------------------------- /themes/default/fonts/glyphicons-halflings-regular.woff: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/78778443/xssplatform/HEAD/themes/default/fonts/glyphicons-halflings-regular.woff -------------------------------------------------------------------------------- /install/common.php: -------------------------------------------------------------------------------- 1 | 2 | 帮助中心 | 关于 3 | Copyright © 2011 - 2018 {$show.sitename} All Rights Reserved. 4 | -------------------------------------------------------------------------------- /admin/templates/admin_menu.html: -------------------------------------------------------------------------------- 1 |
2 |

后台管理

3 | 7 |
-------------------------------------------------------------------------------- /captcha.php: -------------------------------------------------------------------------------- 1 | 13 | -------------------------------------------------------------------------------- /auto_install.json: -------------------------------------------------------------------------------- 1 | { 2 | "php_ext":"opcache,ioncube", 3 | "chmod":[ 4 | {"mode":777,"path":"/"} 5 | ], 6 | "success_url":"/index.php", 7 | "php_versions":"53,54,55,56,70,71,72,73,74", 8 | "db_config":"config.php", 9 | "admin_username":"admin", 10 | "admin_password":"admin", 11 | "run_path":"/", 12 | "remove_file":[], 13 | "enable_functions":["system","exec"] 14 | } -------------------------------------------------------------------------------- /libs/sysplugins/smartyexception.php: -------------------------------------------------------------------------------- 1 | Smarty: ' . (self::$escape ? htmlentities($this->message) : $this->message) . ' <-- '; 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /libs/plugins/modifiercompiler.noprint.php: -------------------------------------------------------------------------------- 1 | 6 | * 7 | * For the full copyright and license information, please view the LICENSE 8 | * file that was distributed with this source code. 9 | */ 10 | /** 11 | * Load and register Smarty Autoloader 12 | */ 13 | if (!class_exists('Smarty_Autoloader')) { 14 | include dirname(__FILE__) . '/Autoloader.php'; 15 | } 16 | Smarty_Autoloader::register(true); 17 | -------------------------------------------------------------------------------- /themes/default/css/css.css: -------------------------------------------------------------------------------- 1 | body{font-family:"Helvetica Neue",Helvetica,"Hiragino Sans GB","Segoe UI","Microsoft Yahei",Tahoma,Arial,STHeiti,sans-serif;font-size:14px;line-height:1.428571429;color:#333;background-color:#fff;} 2 | html body{background:#fbfbfb;overflow-x:hidden;padding-top: 60px;} 3 | .form-signin { 4 | max-width: 330px; 5 | margin: 0 auto; 6 | } 7 | .form-register { 8 | max-width: 600px; 9 | margin: 0 auto; 10 | } 11 | a { 12 | padding-left: 1px; 13 | } 14 | a, a:hover { 15 | color: #77CCDD; 16 | text-decoration: none; 17 | } -------------------------------------------------------------------------------- /index.php: -------------------------------------------------------------------------------- 1 | 20 | -------------------------------------------------------------------------------- /libs/plugins/variablefilter.htmlspecialchars.php: -------------------------------------------------------------------------------- 1 | userId<=0) { $user->ToLogin(); 10 | } 11 | 12 | require 'common.php'; 13 | 14 | $smarty=InitSmarty(); 15 | $smarty->assign('do', $do); 16 | $smarty->assign('show', $show); 17 | $smarty->assign('url', $url); 18 | $smarty->assign('projects', $projects); 19 | $smarty->assign('modules', $modules); 20 | $smarty->display('index.html'); 21 | ?> 22 | -------------------------------------------------------------------------------- /libs/sysplugins/smarty_internal_compile_continue.php: -------------------------------------------------------------------------------- 1 | 2 |
3 | 6 |
7 | {if $show.user.userId>0} 8 | {$show.user.userName} 9 | 社区首页 10 | | 11 | 退出 12 | {else} 13 | 登录 14 | | 15 | 注册 16 | {/if} 17 |
18 |
19 | -------------------------------------------------------------------------------- /admin/index.php: -------------------------------------------------------------------------------- 1 | adminLevel <= 0) { 9 | die('Access Denied'); 10 | } 11 | 12 | define('ADMIN_PATH', dirname(__FILE__)); 13 | !defined('TEMPLATE_PATH') && define('TEMPLATE_PATH', dirname(__FILE__)); 14 | $do = Val('do', 'GET', 0); 15 | $dos = array('admin_index', 'admin_module'); 16 | 17 | if (!in_array($do, $dos)) { 18 | $do = 'admin_index'; 19 | } 20 | require ADMIN_PATH . '/source/' . $do . '.php'; 21 | ?> 22 | -------------------------------------------------------------------------------- /scripts/keepsession.php: -------------------------------------------------------------------------------- 1 | Dataset("SELECT * FROM ".Tb('keepsession')); 10 | 11 | $f=new SaeFetchurl(); 12 | 13 | foreach($rows as $row){ 14 | if(time()>$row['updateTime']+300) { 15 | $f->setHeader("Cookie", urldecode($row['cookie'])); 16 | $con=$f->fetch($row['url']); 17 | $db->Execute("UPDATE ".Tb('keepsession')." SET updateTime='".time()."' WHERE id='{$row['id']}'"); 18 | } 19 | } 20 | ?> 21 | -------------------------------------------------------------------------------- /libs/sysplugins/smarty_internal_compile_block_child.php: -------------------------------------------------------------------------------- 1 | 15 | */ 16 | class Smarty_Internal_Compile_Block_Child extends Smarty_Internal_Compile_Child 17 | { 18 | /** 19 | * Tag name 20 | * 21 | * @var string 22 | */ 23 | public $tag = 'block_child'; 24 | } 25 | -------------------------------------------------------------------------------- /libs/plugins/modifiercompiler.string_format.php: -------------------------------------------------------------------------------- 1 | 15 | */ 16 | class Smarty_Internal_Compile_Parent extends Smarty_Internal_Compile_Child 17 | { 18 | /** 19 | * Tag name 20 | * 21 | * @var string 22 | */ 23 | public $tag = 'parent'; 24 | 25 | /** 26 | * Block type 27 | * 28 | * @var string 29 | */ 30 | public $blockType = 'Parent'; 31 | } 32 | -------------------------------------------------------------------------------- /libs/sysplugins/smarty_undefined_variable.php: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /libs/plugins/modifiercompiler.cat.php: -------------------------------------------------------------------------------- 1 | 15 | */ 16 | class Smarty_Internal_Compile_Block_Parent extends Smarty_Internal_Compile_Child 17 | { 18 | /** 19 | * Tag name 20 | * 21 | * @var string 22 | */ 23 | public $tag = 'block_parent'; 24 | 25 | /** 26 | * Block type 27 | * 28 | * @var string 29 | */ 30 | public $blockType = 'Parent'; 31 | } 32 | -------------------------------------------------------------------------------- /source/common.php: -------------------------------------------------------------------------------- 1 | Dataset("SELECT * FROM " . Tb('project') . " WHERE userId='" . $user->userId . "' ORDER BY id dESC"); 16 | 17 | foreach ($projects as $k => $v) { 18 | $projects[$k]['contentNum'] = $db->FirstValue("SELECT COUNT(*) FROM " . Tb('project_content') . " WHERE projectId='{$v['id']}'"); 19 | } 20 | //模块 21 | $modules = $db->Dataset("SELECT * FROM " . Tb('module') . " WHERE userId='" . $user->userId . "' OR (isOpen=1 AND isAudit=1) ORDER BY id dESC"); 22 | ?> 23 | -------------------------------------------------------------------------------- /libs/plugins/modifiercompiler.count_paragraphs.php: -------------------------------------------------------------------------------- 1 | ]*?>!', ' ', {$params[0]})"; 25 | } else { 26 | return 'strip_tags(' . $params[ 0 ] . ')'; 27 | } 28 | } 29 | -------------------------------------------------------------------------------- /libs/plugins/modifiercompiler.lower.php: -------------------------------------------------------------------------------- 1 | 16 | * @author Uwe Tews 17 | * 18 | * @param array $params parameters 19 | * 20 | * @return string with compiled code 21 | */ 22 | function smarty_modifiercompiler_lower($params) 23 | { 24 | if (Smarty::$_MBSTRING) { 25 | return 'mb_strtolower(' . $params[ 0 ] . ', \'' . addslashes(Smarty::$_CHARSET) . '\')'; 26 | } 27 | // no MBString fallback 28 | return 'strtolower(' . $params[ 0 ] . ')'; 29 | } 30 | -------------------------------------------------------------------------------- /libs/plugins/modifier.spacify.php: -------------------------------------------------------------------------------- 1 | 16 | * 17 | * @param string $string input string 18 | * @param string $spacify_char string to insert between characters. 19 | * 20 | * @return string 21 | */ 22 | function smarty_modifier_spacify($string, $spacify_char = ' ') 23 | { 24 | // well… what about charsets besides latin and UTF-8? 25 | return implode($spacify_char, preg_split('//' . Smarty::$_UTF8_MODIFIER, $string, -1, PREG_SPLIT_NO_EMPTY)); 26 | } 27 | -------------------------------------------------------------------------------- /libs/plugins/modifiercompiler.count_sentences.php: -------------------------------------------------------------------------------- 1 | _getSmartyObj(); 33 | return $smarty->debug_tpl; 34 | } 35 | } 36 | -------------------------------------------------------------------------------- /libs/plugins/modifiercompiler.from_charset.php: -------------------------------------------------------------------------------- 1 | _getSmartyObj(); 33 | return $smarty->default_modifiers; 34 | } 35 | } 36 | -------------------------------------------------------------------------------- /libs/plugins/modifiercompiler.strip.php: -------------------------------------------------------------------------------- 1 | tpl_vars = array(); 34 | return $data; 35 | } 36 | } 37 | -------------------------------------------------------------------------------- /libs/sysplugins/smartycompilerexception.php: -------------------------------------------------------------------------------- 1 | Smarty Compiler: ' . $this->message . ' <-- '; 16 | } 17 | 18 | /** 19 | * The line number of the template error 20 | * 21 | * @type int|null 22 | */ 23 | public $line = null; 24 | 25 | /** 26 | * The template source snippet relating to the error 27 | * 28 | * @type string|null 29 | */ 30 | public $source = null; 31 | 32 | /** 33 | * The raw text of the error message 34 | * 35 | * @type string|null 36 | */ 37 | public $desc = null; 38 | 39 | /** 40 | * The resource identifier or template name 41 | * 42 | * @type string|null 43 | */ 44 | public $template = null; 45 | } 46 | -------------------------------------------------------------------------------- /themes/default/templates/notice.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | {$notice.str} 6 | 7 | 8 | 9 | 10 | 13 | 14 | 15 |
16 |
{$notice.str} {$notice.urltitle}
17 |
18 | 19 | -------------------------------------------------------------------------------- /libs/sysplugins/smarty_internal_parsetree_text.php: -------------------------------------------------------------------------------- 1 | data = $data; 27 | } 28 | 29 | /** 30 | * Return buffer content 31 | * 32 | * @param \Smarty_Internal_Templateparser $parser 33 | * 34 | * @return string text 35 | */ 36 | public function to_smarty_php(Smarty_Internal_Templateparser $parser) 37 | { 38 | return $this->data; 39 | } 40 | } 41 | -------------------------------------------------------------------------------- /libs/sysplugins/smarty_internal_compile_rdelim.php: -------------------------------------------------------------------------------- 1 | smarty->right_delimiter; 33 | } 34 | } 35 | -------------------------------------------------------------------------------- /libs/plugins/modifiercompiler.count_characters.php: -------------------------------------------------------------------------------- 1 | FirstRow("SELECT * FROM ".Tb('project')." WHERE authCode='{$auth}'"); 13 | if(empty($project)) { exit('Auth Err.'); 14 | } 15 | 16 | switch($act){ 17 | case 'content': 18 | default: 19 | $domain=Val('domain', 'GET'); 20 | $where=''; 21 | if(!empty($domain)) { $where.=" AND domain='{$domain}'"; 22 | } 23 | $contents=$db->FirstColumn("SELECT content FROM ".Tb('project_content')." WHERE projectId='{$project['id']}' {$where} ORDER BY id DESC"); 24 | $data=array(); 25 | foreach($contents as $k=>$v){ 26 | $row=array(); 27 | $v=(array)json_decode($v); 28 | $row['url']=$v['opener']?$v['opener']: $v['toplocation']; 29 | $row['cookie']=$v['cookie']; 30 | $data[]=$row; 31 | } 32 | echo JsonEncode($data); 33 | break; 34 | } 35 | ?> 36 | -------------------------------------------------------------------------------- /libs/sysplugins/smarty_internal_parsetree_code.php: -------------------------------------------------------------------------------- 1 | data = $data; 29 | } 30 | 31 | /** 32 | * Return buffer content in parentheses 33 | * 34 | * @param \Smarty_Internal_Templateparser $parser 35 | * 36 | * @return string content 37 | */ 38 | public function to_smarty_php(Smarty_Internal_Templateparser $parser) 39 | { 40 | return sprintf('(%s)', $this->data); 41 | } 42 | } 43 | -------------------------------------------------------------------------------- /libs/sysplugins/smarty_internal_method_getconfigvariable.php: -------------------------------------------------------------------------------- 1 | ext->configLoad->_getConfigVariable($data, $varName, $errorEnable); 33 | } 34 | } 35 | -------------------------------------------------------------------------------- /libs/plugins/modifiercompiler.count_words.php: -------------------------------------------------------------------------------- 1 | 15 | * 16 | * @param string $string text that should by escaped 17 | * 18 | * @return string 19 | */ 20 | function smarty_function_escape_special_chars($string) 21 | { 22 | if (!is_array($string)) { 23 | if (version_compare(PHP_VERSION, '5.2.3', '>=')) { 24 | $string = htmlspecialchars($string, ENT_COMPAT, Smarty::$_CHARSET, false); 25 | } else { 26 | $string = preg_replace('!&(#?\w+);!', '%%%SMARTY_START%%%\\1%%%SMARTY_END%%%', $string); 27 | $string = htmlspecialchars($string); 28 | $string = str_replace(array('%%%SMARTY_START%%%', '%%%SMARTY_END%%%'), array('&', ';'), $string); 29 | } 30 | } 31 | return $string; 32 | } 33 | -------------------------------------------------------------------------------- /libs/sysplugins/smarty_variable.php: -------------------------------------------------------------------------------- 1 | value = $value; 35 | $this->nocache = $nocache; 36 | } 37 | 38 | /** 39 | * <> String conversion 40 | * 41 | * @return string 42 | */ 43 | public function __toString() 44 | { 45 | return (string)$this->value; 46 | } 47 | } 48 | -------------------------------------------------------------------------------- /libs/sysplugins/smarty_internal_parsetree_dqcontent.php: -------------------------------------------------------------------------------- 1 | data = $data; 29 | } 30 | 31 | /** 32 | * Return content as double quoted string 33 | * 34 | * @param \Smarty_Internal_Templateparser $parser 35 | * 36 | * @return string doubled quoted string 37 | */ 38 | public function to_smarty_php(Smarty_Internal_Templateparser $parser) 39 | { 40 | return '"' . $this->data . '"'; 41 | } 42 | } 43 | -------------------------------------------------------------------------------- /libs/sysplugins/smarty_internal_parsetree.php: -------------------------------------------------------------------------------- 1 | data = null; 48 | $this->subtrees = null; 49 | } 50 | } 51 | -------------------------------------------------------------------------------- /libs/sysplugins/smarty_internal_method_compileallconfig.php: -------------------------------------------------------------------------------- 1 | compileAll($smarty, $extension, $force_compile, $time_limit, $max_errors, true); 35 | } 36 | } 37 | -------------------------------------------------------------------------------- /libs/plugins/modifier.replace.php: -------------------------------------------------------------------------------- 1 | 16 | * @author Uwe Tews 17 | * 18 | * @param string $string input string 19 | * @param string $search text to search for 20 | * @param string $replace replacement text 21 | * 22 | * @return string 23 | */ 24 | function smarty_modifier_replace($string, $search, $replace) 25 | { 26 | static $is_loaded = false; 27 | if (Smarty::$_MBSTRING) { 28 | if (!$is_loaded) { 29 | if (!is_callable('smarty_mb_str_replace')) { 30 | include_once SMARTY_PLUGINS_DIR . 'shared.mb_str_replace.php'; 31 | } 32 | $is_loaded = true; 33 | } 34 | return smarty_mb_str_replace($search, $replace, $string); 35 | } 36 | return str_replace($search, $replace, $string); 37 | } 38 | -------------------------------------------------------------------------------- /libs/sysplugins/smarty_internal_method_clearconfig.php: -------------------------------------------------------------------------------- 1 | config_vars[ $name ]); 36 | } else { 37 | $data->config_vars = array(); 38 | } 39 | return $data; 40 | } 41 | } 42 | -------------------------------------------------------------------------------- /libs/sysplugins/smarty_internal_method_clearallcache.php: -------------------------------------------------------------------------------- 1 | _clearTemplateCache(); 37 | // load cache resource and call clearAll 38 | $_cache_resource = Smarty_CacheResource::load($smarty, $type); 39 | return $_cache_resource->clearAll($smarty, $exp_time); 40 | } 41 | } 42 | -------------------------------------------------------------------------------- /libs/sysplugins/smarty_internal_method_setdefaultmodifiers.php: -------------------------------------------------------------------------------- 1 | _getSmartyObj(); 35 | $smarty->default_modifiers = (array)$modifiers; 36 | return $obj; 37 | } 38 | } 39 | -------------------------------------------------------------------------------- /libs/plugins/shared.literal_compiler_param.php: -------------------------------------------------------------------------------- 1 | 11 | 12 | 13 | <?php echo $project ?> 14 | 15 | 16 | 17 |
18 |
19 | 数据库地址:
20 | 数据库用户名:
21 | 数据库密码:
22 | 数据库名称:
23 | 24 |
25 | 管理员:
26 | 管理员密码:
27 | 28 | 29 |
30 |
31 | 32 | -------------------------------------------------------------------------------- /libs/sysplugins/smarty_internal_method_unregistercacheresource.php: -------------------------------------------------------------------------------- 1 | _getSmartyObj(); 35 | if (isset($smarty->registered_cache_resources[ $name ])) { 36 | unset($smarty->registered_cache_resources[ $name ]); 37 | } 38 | return $obj; 39 | } 40 | } 41 | -------------------------------------------------------------------------------- /libs/sysplugins/smarty_internal_method_setdebugtemplate.php: -------------------------------------------------------------------------------- 1 | _getSmartyObj(); 35 | if (!is_readable($tpl_name)) { 36 | throw new SmartyException("Unknown file '{$tpl_name}'"); 37 | } 38 | $smarty->debug_tpl = $tpl_name; 39 | return $obj; 40 | } 41 | } 42 | -------------------------------------------------------------------------------- /source/keepsession.php: -------------------------------------------------------------------------------- 1 | FirstRow("SELECT * FROM ".Tb('project')." WHERE urlKey='{$urlKey}'"); 16 | 17 | if(!empty($project) && !empty($url) && !empty($cookie)) { 18 | $hash=md5($url.$cookie); 19 | $existed=$db->FirstValue("SELECT COUNT(*) FROM ".Tb('keepsession')." WHERE hash='{$hash}'"); 20 | if($existed<=0) { 21 | //判断用户key session的请求数量 22 | $sum=$db->FirstValue("SELECT COUNT(*) FROM ".Tb('keepsession')." WHERE userId='{$project[userId]}'"); 23 | if($sum<10) { 24 | $sqlValues=array( 25 | 'projectId'=>$project['id'], 26 | 'userId'=>$project['userId'], 27 | 'url'=>$url, 28 | 'cookie'=>$cookie, 29 | 'hash'=>$hash, 30 | 'addTime'=>time(), 31 | 'updateTime'=>time() 32 | ); 33 | $db->AutoExecute(Tb('keepsession'), $sqlValues); 34 | } 35 | } 36 | } 37 | ?> 38 | -------------------------------------------------------------------------------- /安装说明.txt: -------------------------------------------------------------------------------- 1 | ## 路由重写范例 2 | ### .htaccess方式 3 | 4 | 文件写入以下代码: 5 | RewriteEngine On 6 | RewriteRule ^([0-9a-zA-Z]{6})$ /xss/index.php?do=code&urlKey=$1 [L] 7 | RewriteRule ^do/auth/(\w+?)(/domain/([\w\.]+?))?$ /xss/index.php?do=do&auth=$1&domain=$3 [L] 8 | RewriteRule ^register/(.*?)$ /xss/index.php?do=register&key=$1 [L] 9 | RewriteRule ^register-validate/(.*?)$ /xss/index.php?do=register&act=validate&key=$1 [L] 10 | RewriteRule ^login$ /xss/index.php?do=login [L] 11 | 12 | 13 | 14 | 15 | ### apache方式 16 | 17 | RewriteEngine On 18 | RewriteBase / 19 | RewriteRule ^([0-9a-zA-Z]{6})$ /index.php?do=code&urlKey=$1 [L] 20 | RewriteRule ^do/auth/(\w+?)(/domain/([\w\.]+?))?$ /index.php?do=do&auth=$1&domain=$3 [L] 21 | RewriteRule ^register/(.*?)$ /index.php?do=register&key=$1 [L] 22 | RewriteRule ^register-validate/(.*?)$ /index.php?do=register&act=validate&key=$1 [L] 23 | 24 | 25 | 26 | #### nginx方式 27 | rewrite "^/([0-9a-zA-Z]{6})$" /index.php?do=code&urlKey=$1 last; 28 | rewrite "^/do/auth/(\w+?)(/domain/([\w\.]+?))?$" /index.php?do=do&auth=$1&domain=$3 last; 29 | rewrite "^/register/(.*?)$" /index.php?do=register&key=$1 last; 30 | rewrite "^/register-validate/(.*?)$" /index.php?do=register&act=validate&key=$1 last; 31 | -------------------------------------------------------------------------------- /libs/sysplugins/smarty_internal_compile_ldelim.php: -------------------------------------------------------------------------------- 1 | getAttributes($compiler, $args); 32 | if ($_attr[ 'nocache' ] === true) { 33 | $compiler->trigger_template_error('nocache option not allowed', null, true); 34 | } 35 | return $compiler->smarty->left_delimiter; 36 | } 37 | } 38 | -------------------------------------------------------------------------------- /libs/sysplugins/smarty_internal_method_unregisterresource.php: -------------------------------------------------------------------------------- 1 | _getSmartyObj(); 35 | if (isset($smarty->registered_resources[ $type ])) { 36 | unset($smarty->registered_resources[ $type ]); 37 | } 38 | return $obj; 39 | } 40 | } 41 | -------------------------------------------------------------------------------- /libs/sysplugins/smarty_internal_method_unregisterobject.php: -------------------------------------------------------------------------------- 1 | _getSmartyObj(); 35 | if (isset($smarty->registered_objects[ $object_name ])) { 36 | unset($smarty->registered_objects[ $object_name ]); 37 | } 38 | return $obj; 39 | } 40 | } 41 | -------------------------------------------------------------------------------- /libs/sysplugins/smarty_internal_compile_debug.php: -------------------------------------------------------------------------------- 1 | getAttributes($compiler, $args); 32 | // compile always as nocache 33 | $compiler->tag_nocache = true; 34 | // display debug template 35 | $_output = 36 | "display_debug(\$_smarty_tpl);\n"; 37 | $_output .= "unset(\$_smarty_debug);\n?>"; 38 | return $_output; 39 | } 40 | } 41 | -------------------------------------------------------------------------------- /libs/sysplugins/smarty_internal_method_clearassign.php: -------------------------------------------------------------------------------- 1 | tpl_vars[ $curr_var ]); 37 | } 38 | } else { 39 | unset($data->tpl_vars[ $tpl_var ]); 40 | } 41 | return $data; 42 | } 43 | } 44 | -------------------------------------------------------------------------------- /libs/plugins/modifiercompiler.wordwrap.php: -------------------------------------------------------------------------------- 1 | getPlugin('mb_wordwrap', 'modifier'); 37 | } 38 | return $function . '(' . $params[ 0 ] . ',' . $params[ 1 ] . ',' . $params[ 2 ] . ',' . $params[ 3 ] . ')'; 39 | } 40 | -------------------------------------------------------------------------------- /libs/sysplugins/smarty_internal_method_getglobal.php: -------------------------------------------------------------------------------- 1 | value; 36 | } else { 37 | return ''; 38 | } 39 | } else { 40 | $_result = array(); 41 | foreach (Smarty::$global_tpl_vars as $key => $var) { 42 | $_result[ $key ] = $var->value; 43 | } 44 | return $_result; 45 | } 46 | } 47 | } 48 | -------------------------------------------------------------------------------- /libs/plugins/modifiercompiler.unescape.php: -------------------------------------------------------------------------------- 1 | _getSmartyObj(); 36 | if (isset($smarty->registered_plugins[ $type ][ $name ])) { 37 | unset($smarty->registered_plugins[ $type ][ $name ]); 38 | } 39 | return $obj; 40 | } 41 | } 42 | -------------------------------------------------------------------------------- /libs/sysplugins/smarty_internal_method_adddefaultmodifiers.php: -------------------------------------------------------------------------------- 1 | _getSmartyObj(); 35 | if (is_array($modifiers)) { 36 | $smarty->default_modifiers = array_merge($smarty->default_modifiers, $modifiers); 37 | } else { 38 | $smarty->default_modifiers[] = $modifiers; 39 | } 40 | return $obj; 41 | } 42 | } 43 | -------------------------------------------------------------------------------- /libs/sysplugins/smarty_internal_method_assignbyref.php: -------------------------------------------------------------------------------- 1 | tpl_vars[ $tpl_var ] = new Smarty_Variable(null, $nocache); 29 | $data->tpl_vars[ $tpl_var ]->value = &$value; 30 | if ($data->_isTplObj() && $data->scope) { 31 | $data->ext->_updateScope->_updateScope($data, $tpl_var); 32 | } 33 | } 34 | return $data; 35 | } 36 | } 37 | -------------------------------------------------------------------------------- /libs/sysplugins/smarty_internal_method_registerdefaultconfighandler.php: -------------------------------------------------------------------------------- 1 | _getSmartyObj(); 35 | if (is_callable($callback)) { 36 | $smarty->default_config_handler_func = $callback; 37 | } else { 38 | throw new SmartyException('Default config handler not callable'); 39 | } 40 | return $obj; 41 | } 42 | } 43 | -------------------------------------------------------------------------------- /themes/default/style/print.css: -------------------------------------------------------------------------------- 1 | /* ----------------------------------------------------------------------- 2 | 3 | 4 | Blueprint CSS Framework 1.0.1 5 | http://blueprintcss.org 6 | 7 | * Copyright (c) 2007-Present. See LICENSE for more info. 8 | * See README for instructions on how to use Blueprint. 9 | * For credits and origins, see AUTHORS. 10 | * This is a compressed file. See the sources in the 'src' directory. 11 | 12 | ----------------------------------------------------------------------- */ 13 | 14 | /* print.css */ 15 | body {line-height:1.5;font-family:"Helvetica Neue", Arial, Helvetica, sans-serif;color:#000;background:none;font-size:10pt;} 16 | .container {background:none;} 17 | hr {background:#ccc;color:#ccc;width:100%;height:2px;margin:2em 0;padding:0;border:none;} 18 | hr.space {background:#fff;color:#fff;visibility:hidden;} 19 | h1, h2, h3, h4, h5, h6 {font-family:"Helvetica Neue", Arial, "Lucida Grande", sans-serif;} 20 | code {font:.9em "Courier New", Monaco, Courier, monospace;} 21 | a img {border:none;} 22 | p img.top {margin-top:0;} 23 | blockquote {margin:1.5em;padding:1em;font-style:italic;font-size:.9em;} 24 | .small {font-size:.9em;} 25 | .large {font-size:1.1em;} 26 | .quiet {color:#999;} 27 | .hide {display:none;} 28 | a:link, a:visited {background:transparent;font-weight:700;text-decoration:underline;} 29 | /*a:link:after, a:visited:after {content:" (" attr(href) ")";font-size:90%;}*/ -------------------------------------------------------------------------------- /libs/sysplugins/smarty_internal_method_registercacheresource.php: -------------------------------------------------------------------------------- 1 | _getSmartyObj(); 39 | $smarty->registered_cache_resources[ $name ] = $resource_handler; 40 | return $obj; 41 | } 42 | } 43 | -------------------------------------------------------------------------------- /themes/default/css/style/print.css: -------------------------------------------------------------------------------- 1 | /* ----------------------------------------------------------------------- 2 | 3 | 4 | Blueprint CSS Framework 1.0.1 5 | http://blueprintcss.org 6 | 7 | * Copyright (c) 2007-Present. See LICENSE for more info. 8 | * See README for instructions on how to use Blueprint. 9 | * For credits and origins, see AUTHORS. 10 | * This is a compressed file. See the sources in the 'src' directory. 11 | 12 | ----------------------------------------------------------------------- */ 13 | 14 | /* print.css */ 15 | body {line-height:1.5;font-family:"Helvetica Neue", Arial, Helvetica, sans-serif;color:#000;background:none;font-size:10pt;} 16 | .container {background:none;} 17 | hr {background:#ccc;color:#ccc;width:100%;height:2px;margin:2em 0;padding:0;border:none;} 18 | hr.space {background:#fff;color:#fff;visibility:hidden;} 19 | h1, h2, h3, h4, h5, h6 {font-family:"Helvetica Neue", Arial, "Lucida Grande", sans-serif;} 20 | code {font:.9em "Courier New", Monaco, Courier, monospace;} 21 | a img {border:none;} 22 | p img.top {margin-top:0;} 23 | blockquote {margin:1.5em;padding:1em;font-style:italic;font-size:.9em;} 24 | .small {font-size:.9em;} 25 | .large {font-size:1.1em;} 26 | .quiet {color:#999;} 27 | .hide {display:none;} 28 | a:link, a:visited {background:transparent;font-weight:700;text-decoration:underline;} 29 | /*a:link:after, a:visited:after {content:" (" attr(href) ")";font-size:90%;}*/ -------------------------------------------------------------------------------- /config.php: -------------------------------------------------------------------------------- 1 | '127.0.0.1', 4 | 'dbUser' => 'root', 5 | 'dbPwd' => '123456', 6 | 'database' => 'xssplatform', 7 | 'charset' => 'utf8', 8 | 'tbPrefix' => 'oc_', 9 | 'dbType' => 'mysql', 10 | 'register' => 'normal', 11 | 'mailauth' => false, 12 | 'urlroot' => 'http://lyj.xssplatform.net', 13 | 'urlrewrite' => false, 14 | 'filepath' => 'D:/phpstudy_pro/WWW/xssplatform/upload', 15 | 'fileprefix' => 'http://lyj.xssplatform.net/upload', 16 | 'theme' => 'default', 17 | 'template' => 'default', 18 | 'show' => 19 | array( 20 | 'sitename' => 'XSS平台', 21 | 'sitedesc' => '', 22 | 'keywords' => '技术交流,程序员,设计,项目,创业,技术,网络安全,技术文章,1.2', 23 | 'description' => '', 24 | 'adminmail' => '', 25 | ), 26 | 'point' => 27 | array( 28 | 'award' => 29 | array( 30 | 'publish' => 2, 31 | 'comment' => 2, 32 | 'invitereg' => 10, 33 | ), 34 | ), 35 | 'timezone' => 'Asia/Shanghai', 36 | 'expires' => 3600, 37 | 'debug' => true, 38 | // 邮件配置 39 | 'email'=>[ 40 | 'host'=>'', // 服务器地址 如:smtp.qq.com 41 | 'username'=>'', // 用户名 42 | 'password'=>'', // 授权码 43 | ], 44 | // 钉钉配置 45 | 'dingding'=>[ 46 | 'keyword'=>'最新消息' 47 | ] 48 | ); -------------------------------------------------------------------------------- /libs/sysplugins/smarty_internal_method_registerdefaultpluginhandler.php: -------------------------------------------------------------------------------- 1 | _getSmartyObj(); 36 | if (is_callable($callback)) { 37 | $smarty->default_plugin_handler_func = $callback; 38 | } else { 39 | throw new SmartyException("Default plugin handler '$callback' not callable"); 40 | } 41 | return $obj; 42 | } 43 | } 44 | -------------------------------------------------------------------------------- /source/login.php: -------------------------------------------------------------------------------- 1 | userId<=0) { 28 | if($user->Login($username, $userpwd, $auto)) { 29 | ShowSuccess('登录成功'); 30 | }else{ 31 | ShowError('登录失败,请检查用户/邮箱或密码', $url['login']); 32 | } 33 | } 34 | break; 35 | case 'logout': 36 | if($user->Logout()) { 37 | ShowSuccess('成功退出'); 38 | } 39 | break; 40 | default: 41 | if($user->userId>0) { 42 | ShowError('已经登录'); 43 | } 44 | $smarty=InitSmarty(); 45 | $smarty->assign('do', $do); 46 | $smarty->assign('show', $show); 47 | $smarty->assign('url', $url); 48 | 49 | $smarty->display('login.html'); 50 | break; 51 | } 52 | ?> 53 | -------------------------------------------------------------------------------- /admin/source/admin_index.php: -------------------------------------------------------------------------------- 1 | tbPrefix.'user'; 12 | $tbSession=$db->tbPrefix.'session'; 13 | $tbContent=$db->tbPrefix.'content'; 14 | $tbComment=$db->tbPrefix.'comment'; 15 | //社区概况 16 | $situation=array(); 17 | $situation['userCount']=$db->FirstValue("SELECT COUNT(*) FROM {$tbUser}"); //注册用户总数 18 | $tbSession=$db->tbPrefix.'session'; 19 | $situation['onlineCount']=$db->FirstValue("SELECT COUNT(DISTINCT userId) FROM {$tbSession} WHERE updateTime>".(time()-EXPIRES)); //在线用户总数 20 | $situation['onlineUsers']=$db->Dataset("SELECT DISTINCT u.id,u.userName FROM {$tbSession} s INNER JOIN {$tbUser} u ON u.id=s.userId WHERE updateTime>".(time()-EXPIRES)); //在线用户 21 | 22 | //系统环境 23 | $sysInfo=array(); 24 | $sysInfo['sys_version']='IT121 1.0'; 25 | $sysInfo['serverOS']=PHP_OS; 26 | $sysInfo['serverSoftware']=$_SERVER['SERVER_SOFTWARE']; 27 | $sysInfo['phpVersion']='PHP v'.PHP_VERSION; 28 | $sysInfo['mysqlVersion']='MySQL '.$db->FirstValue('SELECT VERSION()'); 29 | 30 | require ROOT_PATH.'/source/common.php'; 31 | $smarty=InitSmarty(1); 32 | 33 | $smarty->assign('situation', $situation); 34 | $smarty->assign('sysInfo', $sysInfo); 35 | $smarty->assign('do', $do); 36 | $smarty->assign('show', $show); 37 | $smarty->assign('url', $url); 38 | $smarty->display('admin_index.html'); 39 | ?> 40 | -------------------------------------------------------------------------------- /libs/sysplugins/smarty_internal_method_getstreamvariable.php: -------------------------------------------------------------------------------- 1 | smarty) ? $data->smarty : $data; 44 | if ($smarty->error_unassigned) { 45 | throw new SmartyException('Undefined stream variable "' . $variable . '"'); 46 | } else { 47 | return null; 48 | } 49 | } 50 | } 51 | -------------------------------------------------------------------------------- /libs/sysplugins/smarty_internal_method_clearcache.php: -------------------------------------------------------------------------------- 1 | _clearTemplateCache(); 46 | // load cache resource and call clear 47 | $_cache_resource = Smarty_CacheResource::load($smarty, $type); 48 | return $_cache_resource->clear($smarty, $template_name, $cache_id, $compile_id, $exp_time); 49 | } 50 | } 51 | -------------------------------------------------------------------------------- /libs/sysplugins/smarty_internal_method_getautoloadfilters.php: -------------------------------------------------------------------------------- 1 | array( 'filter1', 'filter2', … ) ) or array( 'filter1', 'filter2', …) if $type 25 | * was specified 26 | * @throws \SmartyException 27 | */ 28 | public function getAutoloadFilters(Smarty_Internal_TemplateBase $obj, $type = null) 29 | { 30 | $smarty = $obj->_getSmartyObj(); 31 | if ($type !== null) { 32 | $this->_checkFilterType($type); 33 | return isset($smarty->autoload_filters[ $type ]) ? $smarty->autoload_filters[ $type ] : array(); 34 | } 35 | return $smarty->autoload_filters; 36 | } 37 | } 38 | -------------------------------------------------------------------------------- /themes/default/templates/menus.html: -------------------------------------------------------------------------------- 1 |
2 |
3 |
我的项目创建
4 |
5 |
    6 | {foreach from=$projects item=v} 7 |
  • {$v.title}
    • 8 | {/foreach} 9 |
10 |
11 |
12 | 13 |
14 |
我的模块创建
15 |
16 |
    17 | {foreach from=$modules item=v} 18 | {if $v.isOpen==0 || ($v.isOpen==1 && $v.isAudit==0)} 19 |
  • {$v.title}
    • 20 | {/if} 21 | {/foreach} 22 |
23 |
24 |
25 | 26 |
27 |
公共模块
28 |
29 |
    30 | {foreach from=$modules item=v} 31 | {if $v.isOpen==1 && $v.isAudit==1} 32 |
  • {$v.title}
    • 33 | {/if} 34 | {/foreach} 35 |
36 |
37 |
38 |
-------------------------------------------------------------------------------- /source/global.func.php: -------------------------------------------------------------------------------- 1 | 'text', 'text' => array('content' => "{$config['dingding']['keyword']}:".$message)); 31 | $post_string = json_encode($data); 32 | 33 | $ch = curl_init(); 34 | curl_setopt($ch, CURLOPT_URL, $remote_server); 35 | curl_setopt($ch, CURLOPT_POST, 1); 36 | curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5); 37 | curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: application/json;charset=utf-8')); 38 | curl_setopt($ch, CURLOPT_POSTFIELDS, $post_string); 39 | //curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); 40 | curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); //不验证证书 41 | $data = curl_exec($ch); 42 | if(curl_error($ch)){ 43 | return curl_error($ch); 44 | } 45 | curl_close($ch); 46 | 47 | return $data; 48 | } -------------------------------------------------------------------------------- /libs/sysplugins/smarty_internal_method_createdata.php: -------------------------------------------------------------------------------- 1 | _getSmartyObj(); 38 | $dataObj = new Smarty_Data($parent, $smarty, $name); 39 | if ($smarty->debugging) { 40 | Smarty_Internal_Debug::register_data($dataObj); 41 | } 42 | return $dataObj; 43 | } 44 | } 45 | -------------------------------------------------------------------------------- /libs/sysplugins/smarty_internal_method_getregisteredobject.php: -------------------------------------------------------------------------------- 1 | _getSmartyObj(); 36 | if (!isset($smarty->registered_objects[ $object_name ])) { 37 | throw new SmartyException("'$object_name' is not a registered object"); 38 | } 39 | if (!is_object($smarty->registered_objects[ $object_name ][ 0 ])) { 40 | throw new SmartyException("registered '$object_name' is not an object"); 41 | } 42 | return $smarty->registered_objects[ $object_name ][ 0 ]; 43 | } 44 | } 45 | -------------------------------------------------------------------------------- /libs/sysplugins/smarty_internal_compile_private_object_block_function.php: -------------------------------------------------------------------------------- 1 | $_value) { 33 | if (is_int($_key)) { 34 | $_paramsArray[] = "$_key=>$_value"; 35 | } else { 36 | $_paramsArray[] = "'$_key'=>$_value"; 37 | } 38 | } 39 | $callback = array("\$_smarty_tpl->smarty->registered_objects['{$tag}'][0]", "->{$method}"); 40 | return array($callback, $_paramsArray, "array(\$_block_plugin{$this->nesting}, '{$method}')"); 41 | } 42 | } 43 | -------------------------------------------------------------------------------- /libs/sysplugins/smarty_internal_method_assignglobal.php: -------------------------------------------------------------------------------- 1 | _isTplObj()) { 38 | $ptr->tpl_vars[ $varName ] = clone Smarty::$global_tpl_vars[ $varName ]; 39 | $ptr = $ptr->parent; 40 | } 41 | } 42 | return $data; 43 | } 44 | } 45 | -------------------------------------------------------------------------------- /libs/sysplugins/smarty_internal_method_unloadfilter.php: -------------------------------------------------------------------------------- 1 | _getSmartyObj(); 31 | $this->_checkFilterType($type); 32 | if (isset($smarty->registered_filters[ $type ])) { 33 | $_filter_name = "smarty_{$type}filter_{$name}"; 34 | if (isset($smarty->registered_filters[ $type ][ $_filter_name ])) { 35 | unset($smarty->registered_filters[ $type ][ $_filter_name ]); 36 | if (empty($smarty->registered_filters[ $type ])) { 37 | unset($smarty->registered_filters[ $type ]); 38 | } 39 | } 40 | } 41 | return $obj; 42 | } 43 | } 44 | -------------------------------------------------------------------------------- /libs/sysplugins/smarty_resource_uncompiled.php: -------------------------------------------------------------------------------- 1 | filepath = $_template->source->filepath; 42 | $compiled->timestamp = $_template->source->timestamp; 43 | $compiled->exists = $_template->source->exists; 44 | if ($_template->smarty->merge_compiled_includes || $_template->source->handler->checkTimestamps()) { 45 | $compiled->file_dependency[ $_template->source->uid ] = 46 | array($compiled->filepath, $compiled->timestamp, $_template->source->type,); 47 | } 48 | } 49 | } 50 | -------------------------------------------------------------------------------- /libs/sysplugins/smarty_internal_method_registerclass.php: -------------------------------------------------------------------------------- 1 | _getSmartyObj(); 38 | // test if exists 39 | if (!class_exists($class_impl)) { 40 | throw new SmartyException("Undefined class '$class_impl' in register template class"); 41 | } 42 | // register the class 43 | $smarty->registered_classes[ $class_name ] = $class_impl; 44 | return $obj; 45 | } 46 | } 47 | -------------------------------------------------------------------------------- /admin/source/admin_module.php: -------------------------------------------------------------------------------- 1 | tbPrefix.'module'; 19 | $db->Execute("UPDATE {$tbModule} SET isAudit='{$isAudit}',managerId='".$user->userId."',managerName='".$user->userName."' WHERE id='{$id}'"); 20 | ShowSuccess('操作成功', URL_ROOT.'/admin/index.php?do=admin_module'); 21 | break; 22 | default: 23 | $db=DBConnect(); 24 | $tbModule=$db->tbPrefix.'module'; 25 | $tbUser=$db->tbPrefix.'user'; 26 | $where=" AND isOpen=1"; 27 | include ROOT_PATH.'/source/class/Pager.class.php'; 28 | $countSql="SELECT COUNT(*) FROM {$tbModule} WHERE 1=1 {$where} ORDER BY id DESC"; 29 | $sql="SELECT m.*,u.userName AS userName FROM {$tbModule} m INNER JOIN {$tbUser} u ON u.id=m.userId WHERE 1=1 {$where} ORDER BY id DESC"; 30 | $href='./index.php?do=admin_module'; 31 | if(!empty($act)) { $href.='&act='.$act; 32 | } 33 | $pager=new Pager($countSql, $sql, $href, 20, 5, Val('pNO', 'GET', 1)); 34 | $modules=$pager->data; 35 | $smarty=InitSmarty(1); 36 | $smarty->assign('modules', $modules); 37 | $smarty->assign('nav', $pager->nav); 38 | $smarty->assign('do', $do); 39 | $smarty->assign('show', $show); 40 | $smarty->assign('url', $url); 41 | $smarty->display('admin_module.html'); 42 | break; 43 | } 44 | ?> 45 | -------------------------------------------------------------------------------- /libs/sysplugins/smarty_internal_method_unregisterfilter.php: -------------------------------------------------------------------------------- 1 | _getSmartyObj(); 31 | $this->_checkFilterType($type); 32 | if (isset($smarty->registered_filters[ $type ])) { 33 | $name = is_string($callback) ? $callback : $this->_getFilterName($callback); 34 | if (isset($smarty->registered_filters[ $type ][ $name ])) { 35 | unset($smarty->registered_filters[ $type ][ $name ]); 36 | if (empty($smarty->registered_filters[ $type ])) { 37 | unset($smarty->registered_filters[ $type ]); 38 | } 39 | } 40 | } 41 | return $obj; 42 | } 43 | } 44 | -------------------------------------------------------------------------------- /themes/default/templates/module.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | XSS Platform 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | {include file="header.html"} 15 |
16 | {include file="menus.html"} 17 |
18 |
19 |
我的模块创建模块
20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | {foreach from=$modules item=v} 31 | 32 | 33 | 34 | 35 | 39 | 40 | {/foreach} 41 | 42 |
模块名称模块描述创建时间操作
{$v.title}{$v.description}{$v.addTime|date_format:'%Y-%m-%d'} 36 | 配置   37 | 删除 38 |
43 |
44 |
45 |
46 | 47 | -------------------------------------------------------------------------------- /libs/plugins/shared.make_timestamp.php: -------------------------------------------------------------------------------- 1 | 13 | * 14 | * @param DateTime|int|string $string date object, timestamp or string that can be converted using strtotime() 15 | * 16 | * @return int 17 | */ 18 | function smarty_make_timestamp($string) 19 | { 20 | if (empty($string)) { 21 | // use "now": 22 | return time(); 23 | } elseif ($string instanceof DateTime 24 | || (interface_exists('DateTimeInterface', false) && $string instanceof DateTimeInterface) 25 | ) { 26 | return (int)$string->format('U'); // PHP 5.2 BC 27 | } elseif (strlen($string) === 14 && ctype_digit($string)) { 28 | // it is mysql timestamp format of YYYYMMDDHHMMSS? 29 | return mktime( 30 | substr($string, 8, 2), 31 | substr($string, 10, 2), 32 | substr($string, 12, 2), 33 | substr($string, 4, 2), 34 | substr($string, 6, 2), 35 | substr($string, 0, 4) 36 | ); 37 | } elseif (is_numeric($string)) { 38 | // it is a numeric string, we handle it as timestamp 39 | return (int)$string; 40 | } else { 41 | // strtotime should handle it 42 | $time = strtotime($string); 43 | if ($time === -1 || $time === false) { 44 | // strtotime() was not able to parse $string, use "now": 45 | return time(); 46 | } 47 | return $time; 48 | } 49 | } 50 | -------------------------------------------------------------------------------- /source/code.php: -------------------------------------------------------------------------------- 1 | FirstRow("SELECT * FROM ".Tb('project')." WHERE id='{$id}' OR urlKey='{$urlKey}'"); 18 | if(empty($project)) { exit(); 19 | } 20 | $moduleSetKeys=json_decode($project['moduleSetKeys'], true); 21 | /* 模块 begin */ 22 | $moduleIds=array(); 23 | if(!empty($project['modules'])) { $moduleIds=json_decode($project['modules']); 24 | } 25 | if(!empty($moduleIds)) { 26 | $modulesStr=implode(',', $moduleIds); 27 | $modules=$db->Dataset("SELECT * FROM ".Tb('module')." WHERE id IN ($modulesStr)"); 28 | if(!empty($modules)) { 29 | foreach($modules as $module){ 30 | $module['code']=str_replace('{projectId}', $project['urlKey'], $module['code']); 31 | //module里是否有配置的参数 32 | if(!empty($module['setkeys'])) { 33 | $setkeys=json_decode($module['setkeys'], true); 34 | foreach($setkeys as $setkey){ 35 | $module['code']=str_replace('{set.'.$setkey.'}', $moduleSetKeys["setkey_{$module['id']}_{$setkey}"] ?? '', $module['code']); 36 | } 37 | } 38 | echo htmlspecialchars_decode($module['code'], ENT_QUOTES); 39 | } 40 | } 41 | } 42 | /* 模块 end */ 43 | /* 项目自定义代码 */ 44 | echo htmlspecialchars_decode($project['code'], ENT_QUOTES); 45 | ?> 46 | -------------------------------------------------------------------------------- /themes/default/templates/index.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | XSS Platform 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | {include file="header.html"} 15 |
16 | {include file="menus.html"} 17 |
18 |
19 |
我的项目创建项目
20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | {foreach from=$projects item=v} 32 | 33 | 34 | 35 | 36 | 37 | 40 | 41 | {/foreach} 42 | 43 |
项目名称项目描述内容数创建时间操作
{$v.title}{$v.description}{$v.contentNum}{$v.addTime|date_format:'%Y-%m-%d'} 38 | 删除 39 |
44 |
45 | 46 |
47 |
48 | 49 | -------------------------------------------------------------------------------- /libs/plugins/shared.mb_unicode.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 后台管理 - {$show.sitename} - {$show.sitedesc} 6 | 7 | 8 | 9 | 10 | 11 | 12 | {include file="admin_header.html"} 13 |
14 |
15 | {include file="admin_menu.html"} 16 |
17 |

管理首页

18 |
19 |

社区概况

20 | 21 | 22 | 23 | 24 |
注册用户数{$situation.userCount}
25 |

在线会员 ({$situation.onlineCount})

26 |
    27 | {foreach from=$situation.onlineUsers item=value} 28 |
  • {$value.userName}
    • 29 | {/foreach} 30 |
31 |

系统环境

32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 |
程序版本XF 轻量级社区系统 1.0
操作系统{$sysInfo.serverOS}
服务器软件{$sysInfo.serverSoftware}
PHP版本{$sysInfo.phpVersion}
数据库版本{$sysInfo.mysqlVersion}
41 |
42 |
43 |
44 |
45 | {include file="admin_footer.html"} 46 | 47 | -------------------------------------------------------------------------------- /themes/default/templates/user_invite.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | XSS Platform 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | {include file="header.html"} 15 |
16 |
17 |
18 |
邀请码生成
19 |
20 |

未使用的邀请码

21 | 22 | 乌云币奖品邀请码 ({$codesWooyun|@count}) 23 | 生成奖品邀请码 24 | 25 | 26 | 27 | 28 | 29 | 30 | {foreach from=$codesWooyun item=v} 31 | 32 | 33 | 34 | {/foreach} 35 | 36 |
邀请码 (生成时间倒序排列)
{$v.code}
37 | 38 | 39 | 其它邀请码 ({$codesOther|@count})生成其它邀请码 40 | 41 | 42 | 43 | 44 | 45 | 46 | {foreach from=$codesOther item=v} 47 | 48 | 49 | 50 | {/foreach} 51 | 52 |
邀请码 (生成时间倒序排列)
{$v.code}
53 |
54 |
55 |
56 |
57 | 58 | -------------------------------------------------------------------------------- /libs/plugins/modifier.regex_replace.php: -------------------------------------------------------------------------------- 1 | 17 | * 18 | * @param string $string input string 19 | * @param string|array $search regular expression(s) to search for 20 | * @param string|array $replace string(s) that should be replaced 21 | * @param int $limit the maximum number of replacements 22 | * 23 | * @return string 24 | */ 25 | function smarty_modifier_regex_replace($string, $search, $replace, $limit = -1) 26 | { 27 | if (is_array($search)) { 28 | foreach ($search as $idx => $s) { 29 | $search[ $idx ] = _smarty_regex_replace_check($s); 30 | } 31 | } else { 32 | $search = _smarty_regex_replace_check($search); 33 | } 34 | return preg_replace($search, $replace, $string, $limit); 35 | } 36 | 37 | /** 38 | * @param string $search string(s) that should be replaced 39 | * 40 | * @return string 41 | * @ignore 42 | */ 43 | function _smarty_regex_replace_check($search) 44 | { 45 | // null-byte injection detection 46 | // anything behind the first null-byte is ignored 47 | if (($pos = strpos($search, "\0")) !== false) { 48 | $search = substr($search, 0, $pos); 49 | } 50 | // remove eval-modifier from $search 51 | if (preg_match('!([a-zA-Z\s]+)$!s', $search, $match) && (strpos($match[ 1 ], 'e') !== false)) { 52 | $search = substr($search, 0, -strlen($match[ 1 ])) . preg_replace('![e\s]+!', '', $match[ 1 ]); 53 | } 54 | return $search; 55 | } 56 | -------------------------------------------------------------------------------- /libs/sysplugins/smarty_internal_method_getconfigvars.php: -------------------------------------------------------------------------------- 1 | config_vars[ $varname ])) { 40 | return $_ptr->config_vars[ $varname ]; 41 | } 42 | } else { 43 | $var_array = array_merge($_ptr->config_vars, $var_array); 44 | } 45 | // not found, try at parent 46 | if ($search_parents) { 47 | $_ptr = $_ptr->parent; 48 | } else { 49 | $_ptr = null; 50 | } 51 | } 52 | if (isset($varname)) { 53 | return ''; 54 | } else { 55 | return $var_array; 56 | } 57 | } 58 | } 59 | -------------------------------------------------------------------------------- /libs/sysplugins/smarty_internal_compile_make_nocache.php: -------------------------------------------------------------------------------- 1 | getAttributes($compiler, $args); 53 | if ($compiler->template->caching) { 54 | $output = "smarty->ext->_make_nocache->save(\$_smarty_tpl, {$_attr[ 'var' ]});\n?>\n"; 55 | $compiler->template->compiled->has_nocache_code = true; 56 | $compiler->suppressNocacheProcessing = true; 57 | return $output; 58 | } else { 59 | return true; 60 | } 61 | } 62 | } 63 | -------------------------------------------------------------------------------- /libs/sysplugins/smarty_internal_nocache_insert.php: -------------------------------------------------------------------------------- 1 | assign('{$_assign}' , {$_function} (" . var_export($_attr, true) . 41 | ',\$_smarty_tpl), true);?>'; 42 | } else { 43 | $_output .= "echo {$_function}(" . var_export($_attr, true) . ',$_smarty_tpl);?>'; 44 | } 45 | $_tpl = $_template; 46 | while ($_tpl->_isSubTpl()) { 47 | $_tpl = $_tpl->parent; 48 | } 49 | return "/*%%SmartyNocache:{$_tpl->compiled->nocache_hash}%%*/{$_output}/*/%%SmartyNocache:{$_tpl->compiled->nocache_hash}%%*/"; 50 | } 51 | } 52 | -------------------------------------------------------------------------------- /libs/sysplugins/smarty_data.php: -------------------------------------------------------------------------------- 1 | dataObjectName = 'Data_object ' . (isset($name) ? "'{$name}'" : self::$count); 55 | $this->smarty = $smarty; 56 | if (is_object($_parent)) { 57 | // when object set up back pointer 58 | $this->parent = $_parent; 59 | } elseif (is_array($_parent)) { 60 | // set up variable values 61 | foreach ($_parent as $_key => $_val) { 62 | $this->tpl_vars[ $_key ] = new Smarty_Variable($_val); 63 | } 64 | } elseif ($_parent !== null) { 65 | throw new SmartyException('Wrong type for template variables'); 66 | } 67 | } 68 | } 69 | -------------------------------------------------------------------------------- /source/class/Captcha.class.php: -------------------------------------------------------------------------------- 1 | source->exists) { 34 | if ($_template->_isSubTpl()) { 35 | $parent_resource = " in '$_template->parent->template_resource}'"; 36 | } else { 37 | $parent_resource = ''; 38 | } 39 | throw new SmartyException("Unable to load template {$_template->source->type} '{$_template->source->name}'{$parent_resource}"); 40 | } 41 | if ($_template->mustCompile === null) { 42 | $_template->mustCompile = (!$_template->source->handler->uncompiled && 43 | ($_template->smarty->force_compile || $_template->source->handler->recompiled || 44 | !$_template->compiled->exists || ($_template->compile_check && 45 | $_template->compiled->getTimeStamp() < 46 | $_template->source->getTimeStamp()))); 47 | } 48 | return $_template->mustCompile; 49 | } 50 | } 51 | -------------------------------------------------------------------------------- /libs/sysplugins/smarty_internal_undefined.php: -------------------------------------------------------------------------------- 1 | class = $class; 29 | } 30 | 31 | /** 32 | * Wrapper for obsolete class Smarty_Internal_Runtime_ValidateCompiled 33 | * 34 | * @param \Smarty_Internal_Template $tpl 35 | * @param array $properties special template properties 36 | * @param bool $cache flag if called from cache file 37 | * 38 | * @return bool false 39 | */ 40 | public function decodeProperties(Smarty_Internal_Template $tpl, $properties, $cache = false) 41 | { 42 | if ($cache) { 43 | $tpl->cached->valid = false; 44 | } else { 45 | $tpl->mustCompile = true; 46 | } 47 | return false; 48 | } 49 | 50 | /** 51 | * Call error handler for undefined method 52 | * 53 | * @param string $name unknown method-name 54 | * @param array $args argument array 55 | * 56 | * @return mixed 57 | * @throws SmartyException 58 | */ 59 | public function __call($name, $args) 60 | { 61 | if (isset($this->class)) { 62 | throw new SmartyException("undefined extension class '{$this->class}'"); 63 | } else { 64 | throw new SmartyException(get_class($args[ 0 ]) . "->{$name}() undefined method"); 65 | } 66 | } 67 | } 68 | -------------------------------------------------------------------------------- /libs/plugins/shared.mb_str_replace.php: -------------------------------------------------------------------------------- 1 | required_attributes = array('var', 'value'); 33 | $this->shorttag_order = array('var', 'value'); 34 | $this->optional_attributes = array('scope', 'index'); 35 | $this->mapCache = array(); 36 | // check and get attributes 37 | $_attr = $this->getAttributes($compiler, $args); 38 | // map to compile assign attributes 39 | if (isset($_attr[ 'index' ])) { 40 | $_params[ 'smarty_internal_index' ] = '[' . $_attr[ 'index' ] . ']'; 41 | unset($_attr[ 'index' ]); 42 | } else { 43 | $_params[ 'smarty_internal_index' ] = '[]'; 44 | } 45 | $_new_attr = array(); 46 | foreach ($_attr as $key => $value) { 47 | $_new_attr[] = array($key => $value); 48 | } 49 | // call compile assign 50 | return parent::compile($_new_attr, $compiler, $_params); 51 | } 52 | } 53 | -------------------------------------------------------------------------------- /libs/sysplugins/smarty_internal_method_appendbyref.php: -------------------------------------------------------------------------------- 1 | tpl_vars[ $tpl_var ])) { 31 | $data->tpl_vars[ $tpl_var ] = new Smarty_Variable(); 32 | } 33 | if (!is_array($data->tpl_vars[ $tpl_var ]->value)) { 34 | settype($data->tpl_vars[ $tpl_var ]->value, 'array'); 35 | } 36 | if ($merge && is_array($value)) { 37 | foreach ($value as $_key => $_val) { 38 | $data->tpl_vars[ $tpl_var ]->value[ $_key ] = &$value[ $_key ]; 39 | } 40 | } else { 41 | $data->tpl_vars[ $tpl_var ]->value[] = &$value; 42 | } 43 | if ($data->_isTplObj() && $data->scope) { 44 | $data->ext->_updateScope->_updateScope($data, $tpl_var); 45 | } 46 | } 47 | return $data; 48 | } 49 | } 50 | -------------------------------------------------------------------------------- /libs/sysplugins/smarty_internal_compile_shared_inheritance.php: -------------------------------------------------------------------------------- 1 | prefixCompiledCode .= "_loadInheritance();\n\$_smarty_tpl->inheritance->init(\$_smarty_tpl, " . 28 | var_export($initChildSequence, true) . ");\n?>\n"; 29 | } 30 | 31 | /** 32 | * Register post compile callback to compile inheritance initialization code 33 | * 34 | * @param \Smarty_Internal_TemplateCompilerBase $compiler 35 | * @param bool|false $initChildSequence if true force child template 36 | */ 37 | public function registerInit(Smarty_Internal_TemplateCompilerBase $compiler, $initChildSequence = false) 38 | { 39 | if ($initChildSequence || !isset($compiler->_cache[ 'inheritanceInit' ])) { 40 | $compiler->registerPostCompileCallback( 41 | array('Smarty_Internal_Compile_Shared_Inheritance', 'postCompile'), 42 | array($initChildSequence), 43 | 'inheritanceInit', 44 | $initChildSequence 45 | ); 46 | $compiler->_cache[ 'inheritanceInit' ] = true; 47 | } 48 | } 49 | } 50 | -------------------------------------------------------------------------------- /libs/sysplugins/smarty_internal_block.php: -------------------------------------------------------------------------------- 1 | name = $name; 79 | $this->tplIndex = $tplIndex; 80 | } 81 | 82 | /** 83 | * Compiled block code overloaded by {block} class 84 | * 85 | * @param \Smarty_Internal_Template $tpl 86 | */ 87 | public function callBlock(Smarty_Internal_Template $tpl) 88 | { 89 | } 90 | } 91 | -------------------------------------------------------------------------------- /themes/default/style/ie.css: -------------------------------------------------------------------------------- 1 | /* ----------------------------------------------------------------------- 2 | 3 | 4 | Blueprint CSS Framework 1.0.1 5 | http://blueprintcss.org 6 | 7 | * Copyright (c) 2007-Present. See LICENSE for more info. 8 | * See README for instructions on how to use Blueprint. 9 | * For credits and origins, see AUTHORS. 10 | * This is a compressed file. See the sources in the 'src' directory. 11 | 12 | ----------------------------------------------------------------------- */ 13 | 14 | /* ie.css */ 15 | body {text-align:center;} 16 | .container {text-align:left;} 17 | * html .column, * html .span-1, * html .span-2, * html .span-3, * html .span-4, * html .span-5, * html .span-6, * html .span-7, * html .span-8, * html .span-9, * html .span-10, * html .span-11, * html .span-12, * html .span-13, * html .span-14, * html .span-15, * html .span-16, * html .span-17, * html .span-18, * html .span-19, * html .span-20, * html .span-21, * html .span-22, * html .span-23, * html .span-24 {display:inline;overflow-x:hidden;} 18 | * html legend {margin:0px -8px 16px 0;padding:0;} 19 | sup {vertical-align:text-top;} 20 | sub {vertical-align:text-bottom;} 21 | html>body p code {*white-space:normal;} 22 | hr {margin:-8px auto 11px;} 23 | img {-ms-interpolation-mode:bicubic;} 24 | .clearfix, .container {display:inline-block;} 25 | * html .clearfix, * html .container {height:1%;} 26 | fieldset {padding-top:0;} 27 | legend {margin-top:-0.2em;margin-bottom:1em;margin-left:-0.5em;} 28 | textarea {overflow:auto;} 29 | label {vertical-align:middle;position:relative;top:-0.25em;} 30 | input.text, input.title, textarea {background-color:#fff;border:1px solid #bbb;} 31 | input.text:focus, input.title:focus {border-color:#666;} 32 | input.text, input.title, textarea, select {margin:0.5em 0;} 33 | input.checkbox, input.radio {position:relative;top:.25em;} 34 | form.inline div, form.inline p {vertical-align:middle;} 35 | form.inline input.checkbox, form.inline input.radio, form.inline input.button, form.inline button {margin:0.5em 0;} 36 | button, input.button {position:relative;top:0.25em;} -------------------------------------------------------------------------------- /themes/default/css/style/ie.css: -------------------------------------------------------------------------------- 1 | /* ----------------------------------------------------------------------- 2 | 3 | 4 | Blueprint CSS Framework 1.0.1 5 | http://blueprintcss.org 6 | 7 | * Copyright (c) 2007-Present. See LICENSE for more info. 8 | * See README for instructions on how to use Blueprint. 9 | * For credits and origins, see AUTHORS. 10 | * This is a compressed file. See the sources in the 'src' directory. 11 | 12 | ----------------------------------------------------------------------- */ 13 | 14 | /* ie.css */ 15 | body {text-align:center;} 16 | .container {text-align:left;} 17 | * html .column, * html .span-1, * html .span-2, * html .span-3, * html .span-4, * html .span-5, * html .span-6, * html .span-7, * html .span-8, * html .span-9, * html .span-10, * html .span-11, * html .span-12, * html .span-13, * html .span-14, * html .span-15, * html .span-16, * html .span-17, * html .span-18, * html .span-19, * html .span-20, * html .span-21, * html .span-22, * html .span-23, * html .span-24 {display:inline;overflow-x:hidden;} 18 | * html legend {margin:0px -8px 16px 0;padding:0;} 19 | sup {vertical-align:text-top;} 20 | sub {vertical-align:text-bottom;} 21 | html>body p code {*white-space:normal;} 22 | hr {margin:-8px auto 11px;} 23 | img {-ms-interpolation-mode:bicubic;} 24 | .clearfix, .container {display:inline-block;} 25 | * html .clearfix, * html .container {height:1%;} 26 | fieldset {padding-top:0;} 27 | legend {margin-top:-0.2em;margin-bottom:1em;margin-left:-0.5em;} 28 | textarea {overflow:auto;} 29 | label {vertical-align:middle;position:relative;top:-0.25em;} 30 | input.text, input.title, textarea {background-color:#fff;border:1px solid #bbb;} 31 | input.text:focus, input.title:focus {border-color:#666;} 32 | input.text, input.title, textarea, select {margin:0.5em 0;} 33 | input.checkbox, input.radio {position:relative;top:.25em;} 34 | form.inline div, form.inline p {vertical-align:middle;} 35 | form.inline input.checkbox, form.inline input.radio, form.inline input.button, form.inline button {margin:0.5em 0;} 36 | button, input.button {position:relative;top:0.25em;} -------------------------------------------------------------------------------- /libs/sysplugins/smarty_internal_method_registerresource.php: -------------------------------------------------------------------------------- 1 | _getSmartyObj(); 42 | $smarty->registered_resources[ $name ] = 43 | $resource_handler instanceof Smarty_Resource ? $resource_handler : array($resource_handler, false); 44 | return $obj; 45 | } 46 | } 47 | -------------------------------------------------------------------------------- /libs/sysplugins/smarty_internal_parsetree_tag.php: -------------------------------------------------------------------------------- 1 | data = $data; 37 | $this->saved_block_nesting = $parser->block_nesting_level; 38 | } 39 | 40 | /** 41 | * Return buffer content 42 | * 43 | * @param \Smarty_Internal_Templateparser $parser 44 | * 45 | * @return string content 46 | */ 47 | public function to_smarty_php(Smarty_Internal_Templateparser $parser) 48 | { 49 | return $this->data; 50 | } 51 | 52 | /** 53 | * Return complied code that loads the evaluated output of buffer content into a temporary variable 54 | * 55 | * @param \Smarty_Internal_Templateparser $parser 56 | * 57 | * @return string template code 58 | */ 59 | public function assign_to_var(Smarty_Internal_Templateparser $parser) 60 | { 61 | $var = $parser->compiler->getNewPrefixVariable(); 62 | $tmp = $parser->compiler->appendCode('', $this->data); 63 | $tmp = $parser->compiler->appendCode($tmp, ""); 64 | $parser->compiler->prefix_code[] = sprintf('%s', $tmp); 65 | return $var; 66 | } 67 | } 68 | -------------------------------------------------------------------------------- /libs/plugins/function.counter.php: -------------------------------------------------------------------------------- 1 | 15 | * @link http://www.smarty.net/manual/en/language.function.counter.php {counter} 16 | * (Smarty online manual) 17 | * 18 | * @param array $params parameters 19 | * @param Smarty_Internal_Template $template template object 20 | * 21 | * @return string|null 22 | */ 23 | function smarty_function_counter($params, $template) 24 | { 25 | static $counters = array(); 26 | $name = (isset($params[ 'name' ])) ? $params[ 'name' ] : 'default'; 27 | if (!isset($counters[ $name ])) { 28 | $counters[ $name ] = array('start' => 1, 'skip' => 1, 'direction' => 'up', 'count' => 1); 29 | } 30 | $counter =& $counters[ $name ]; 31 | if (isset($params[ 'start' ])) { 32 | $counter[ 'start' ] = $counter[ 'count' ] = (int)$params[ 'start' ]; 33 | } 34 | if (!empty($params[ 'assign' ])) { 35 | $counter[ 'assign' ] = $params[ 'assign' ]; 36 | } 37 | if (isset($counter[ 'assign' ])) { 38 | $template->assign($counter[ 'assign' ], $counter[ 'count' ]); 39 | } 40 | if (isset($params[ 'print' ])) { 41 | $print = (bool)$params[ 'print' ]; 42 | } else { 43 | $print = empty($counter[ 'assign' ]); 44 | } 45 | if ($print) { 46 | $retval = $counter[ 'count' ]; 47 | } else { 48 | $retval = null; 49 | } 50 | if (isset($params[ 'skip' ])) { 51 | $counter[ 'skip' ] = $params[ 'skip' ]; 52 | } 53 | if (isset($params[ 'direction' ])) { 54 | $counter[ 'direction' ] = $params[ 'direction' ]; 55 | } 56 | if ($counter[ 'direction' ] === 'down') { 57 | $counter[ 'count' ] -= $counter[ 'skip' ]; 58 | } else { 59 | $counter[ 'count' ] += $counter[ 'skip' ]; 60 | } 61 | return $retval; 62 | } 63 | -------------------------------------------------------------------------------- /config.php.default: -------------------------------------------------------------------------------- 1 | 'XSS平台', //网站名 36 | 'sitedesc' => '', //一句话简介 37 | 'keywords' => '技术交流,程序员,设计,项目,创业,技术,网络安全,技术文章,1.2', //keywords 38 | 'description' => '', //description 39 | 'adminmail' => '' //管理员邮箱 40 | ); 41 | 42 | /* 积分等级设置 */ 43 | $config['point'] = array( 44 | 'award' => array( 45 | 'publish' => 2, 46 | 'comment' => 2, 47 | 'invitereg' => 10 //邀请注册奖励 48 | ) 49 | ); 50 | 51 | /* 其它设置 */ 52 | $config['timezone'] = 'Asia/Shanghai'; //时区,如UTC 53 | $config['expires'] = 3600; //过期时长(秒) 54 | $config['debug'] = true; //调试模式(是否显示程序、数据库等错误) 55 | ?> 56 | -------------------------------------------------------------------------------- /themes/default/templates/project_create.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | XSS Platform 6 | 7 | 8 | 9 | 10 | 11 | 12 | {literal} 13 | 26 | {/literal} 27 | 28 | 29 | {include file="header.html"} 30 |
31 | {include file="menus.html"} 32 |
33 |
34 |
创建项目
35 |
36 | 37 |
38 |
39 |
40 | 41 | 42 |
43 | 44 |

45 |
46 | 47 |

48 |

49 |    50 | 51 |

52 |
53 |
54 |
55 |
56 |
57 | 58 | 59 | -------------------------------------------------------------------------------- /themes/default/templates/login.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | XSS Platform 6 | 7 | 8 | 9 | 10 | 11 | 12 | {literal} 13 | 29 | {/literal} 30 | 31 | 32 | {include file="header.html"} 33 | 34 |
35 | 57 |
58 | 59 | -------------------------------------------------------------------------------- /libs/sysplugins/smarty_internal_compile_eval.php: -------------------------------------------------------------------------------- 1 | getAttributes($compiler, $args); 55 | if (isset($_attr[ 'assign' ])) { 56 | // output will be stored in a smarty variable instead of being displayed 57 | $_assign = $_attr[ 'assign' ]; 58 | } 59 | // create template object 60 | $_output = 61 | "\$_template = new {$compiler->smarty->template_class}('eval:'.{$_attr[ 'var' ]}, \$_smarty_tpl->smarty, \$_smarty_tpl);"; 62 | //was there an assign attribute? 63 | if (isset($_assign)) { 64 | $_output .= "\$_smarty_tpl->assign($_assign,\$_template->fetch());"; 65 | } else { 66 | $_output .= 'echo $_template->fetch();'; 67 | } 68 | return ""; 69 | } 70 | } 71 | -------------------------------------------------------------------------------- /themes/default/templates/project_viewcode.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | XSS Platform 6 | 7 | 8 | 9 | 10 | 11 | 12 | {literal} 13 | 16 | {/literal} 17 | 18 | 19 | {include file="header.html"} 20 |
21 | {include file="menus.html"} 22 |
23 |
24 |
项目代码
25 |
26 |

项目名称: {$project.title}

27 |

28 | 29 | 

30 | {$code}
31 |
32 |

33 | 34 |

将如下代码植入怀疑出现xss的地方(注意'的转义),即可在 项目内容 观看XSS效果。

35 | 
36 | {$scriptShow1}
37 |
38 |

39 |

40 | 或者 41 |

42 |

43 | 

44 | {$scriptShow2}
45 |
46 |

47 | 48 |

49 | 50 | 再或者以你任何想要的方式插入 51 | 52 |

53 | 54 |

55 | 

56 | {$codeurl}
57 |
58 |

59 |

60 | *************************************************网址缩短************************************************* 61 |

62 |

63 | 64 | 再或者以你任何想要的方式插入 65 | 66 |

67 | 68 |

69 | 

70 | {$shortShow1}
71 |
72 |

73 |

74 | 75 | 76 | 再或者以你任何想要的方式插入 77 | 78 |

79 | 80 |

81 | 

82 | {$shortShow3}
83 |
84 |

85 | 86 |

87 | {if $ty=='create'} 88 | 89 | {else} 90 | 91 | {/if} 92 |

93 |
94 |
95 |
96 |
97 | 98 | -------------------------------------------------------------------------------- /libs/sysplugins/smarty_internal_method_registerplugin.php: -------------------------------------------------------------------------------- 1 | _getSmartyObj(); 47 | if (isset($smarty->registered_plugins[ $type ][ $name ])) { 48 | throw new SmartyException("Plugin tag '{$name}' already registered"); 49 | } elseif (!is_callable($callback)) { 50 | throw new SmartyException("Plugin '{$name}' not callable"); 51 | } else { 52 | $smarty->registered_plugins[ $type ][ $name ] = array($callback, (bool)$cacheable, (array)$cache_attr); 53 | } 54 | return $obj; 55 | } 56 | } 57 | -------------------------------------------------------------------------------- /libs/sysplugins/smarty_internal_runtime_make_nocache.php: -------------------------------------------------------------------------------- 1 | tpl_vars[ $var ])) { 24 | $export = 25 | preg_replace('/^Smarty_Variable::__set_state[(]|[)]$/', '', var_export($tpl->tpl_vars[ $var ], true)); 26 | if (preg_match('/(\w+)::__set_state/', $export, $match)) { 27 | throw new SmartyException("{make_nocache \${$var}} in template '{$tpl->source->name}': variable does contain object '{$match[1]}' not implementing method '__set_state'"); 28 | } 29 | echo "/*%%SmartyNocache:{$tpl->compiled->nocache_hash}%%*/smarty->ext->_make_nocache->store(\$_smarty_tpl, '{$var}', ", '\\') . 31 | $export . ");?>\n/*/%%SmartyNocache:{$tpl->compiled->nocache_hash}%%*/"; 32 | } 33 | } 34 | 35 | /** 36 | * Store variable value saved while rendering compiled template in cached template context 37 | * 38 | * @param \Smarty_Internal_Template $tpl 39 | * @param string $var variable name 40 | * @param array $properties 41 | */ 42 | public function store(Smarty_Internal_Template $tpl, $var, $properties) 43 | { 44 | // do not overwrite existing nocache variables 45 | if (!isset($tpl->tpl_vars[ $var ]) || !$tpl->tpl_vars[ $var ]->nocache) { 46 | $newVar = new Smarty_Variable(); 47 | unset($properties[ 'nocache' ]); 48 | foreach ($properties as $k => $v) { 49 | $newVar->$k = $v; 50 | } 51 | $tpl->tpl_vars[ $var ] = $newVar; 52 | } 53 | } 54 | } 55 | -------------------------------------------------------------------------------- /libs/sysplugins/smarty_internal_method_gettags.php: -------------------------------------------------------------------------------- 1 | _getSmartyObj(); 38 | if ($obj->_isTplObj() && !isset($template)) { 39 | $tpl = clone $obj; 40 | } elseif (isset($template) && $template->_isTplObj()) { 41 | $tpl = clone $template; 42 | } elseif (isset($template) && is_string($template)) { 43 | /* @var Smarty_Internal_Template $tpl */ 44 | $tpl = new $smarty->template_class($template, $smarty); 45 | // checks if template exists 46 | if (!$tpl->source->exists) { 47 | throw new SmartyException("Unable to load template {$tpl->source->type} '{$tpl->source->name}'"); 48 | } 49 | } 50 | if (isset($tpl)) { 51 | $tpl->smarty = clone $tpl->smarty; 52 | $tpl->smarty->_cache[ 'get_used_tags' ] = true; 53 | $tpl->_cache[ 'used_tags' ] = array(); 54 | $tpl->smarty->merge_compiled_includes = false; 55 | $tpl->smarty->disableSecurity(); 56 | $tpl->caching = Smarty::CACHING_OFF; 57 | $tpl->loadCompiler(); 58 | $tpl->compiler->compileTemplate($tpl); 59 | return $tpl->_cache[ 'used_tags' ]; 60 | } 61 | throw new SmartyException('Missing template specification'); 62 | } 63 | } 64 | -------------------------------------------------------------------------------- /init.php: -------------------------------------------------------------------------------- 1 | userId>0) { 65 | $show['user']=array( 66 | 'userId' =>$user->userId, 67 | 'userName' =>$user->userName, 68 | 'adminLevel' =>$user->adminLevel, 69 | 'token' =>$user->token, 70 | 'avatarImg' =>$user->avatarImg, 71 | 'avatarImg_s' =>$user->avatarImg_s, 72 | 'signature' =>$user->signature 73 | ); 74 | } 75 | 76 | unset($config); //清理config 77 | ?> 78 | -------------------------------------------------------------------------------- /libs/sysplugins/smarty_internal_method_addautoloadfilters.php: -------------------------------------------------------------------------------- 1 | _getSmartyObj(); 33 | if ($type !== null) { 34 | $this->_checkFilterType($type); 35 | if (!empty($smarty->autoload_filters[ $type ])) { 36 | $smarty->autoload_filters[ $type ] = array_merge($smarty->autoload_filters[ $type ], (array)$filters); 37 | } else { 38 | $smarty->autoload_filters[ $type ] = (array)$filters; 39 | } 40 | } else { 41 | foreach ((array)$filters as $type => $value) { 42 | $this->_checkFilterType($type); 43 | if (!empty($smarty->autoload_filters[ $type ])) { 44 | $smarty->autoload_filters[ $type ] = 45 | array_merge($smarty->autoload_filters[ $type ], (array)$value); 46 | } else { 47 | $smarty->autoload_filters[ $type ] = (array)$value; 48 | } 49 | } 50 | } 51 | return $obj; 52 | } 53 | } 54 | -------------------------------------------------------------------------------- /libs/sysplugins/smarty_internal_compile_nocache.php: -------------------------------------------------------------------------------- 1 | getAttributes($compiler, $args); 38 | $this->openTag($compiler, 'nocache', array($compiler->nocache)); 39 | // enter nocache mode 40 | $compiler->nocache = true; 41 | // this tag does not return compiled code 42 | $compiler->has_code = false; 43 | return true; 44 | } 45 | } 46 | 47 | /** 48 | * Smarty Internal Plugin Compile Nocacheclose Class 49 | * 50 | * @package Smarty 51 | * @subpackage Compiler 52 | */ 53 | class Smarty_Internal_Compile_Nocacheclose extends Smarty_Internal_CompileBase 54 | { 55 | /** 56 | * Compiles code for the {/nocache} tag 57 | * This tag does not generate compiled output. It only sets a compiler flag. 58 | * 59 | * @param array $args array with attributes from parser 60 | * @param \Smarty_Internal_TemplateCompilerBase $compiler compiler object 61 | * 62 | * @return bool 63 | */ 64 | public function compile($args, Smarty_Internal_TemplateCompilerBase $compiler) 65 | { 66 | $_attr = $this->getAttributes($compiler, $args); 67 | // leave nocache mode 68 | list($compiler->nocache) = $this->closeTag($compiler, array('nocache')); 69 | // this tag does not return compiled code 70 | $compiler->has_code = false; 71 | return true; 72 | } 73 | } 74 | -------------------------------------------------------------------------------- /libs/plugins/modifier.truncate.php: -------------------------------------------------------------------------------- 1 | 18 | * 19 | * @param string $string input string 20 | * @param integer $length length of truncated text 21 | * @param string $etc end string 22 | * @param boolean $break_words truncate at word boundary 23 | * @param boolean $middle truncate in the middle of text 24 | * 25 | * @return string truncated string 26 | */ 27 | function smarty_modifier_truncate($string, $length = 80, $etc = '...', $break_words = false, $middle = false) 28 | { 29 | if ($length === 0) { 30 | return ''; 31 | } 32 | if (Smarty::$_MBSTRING) { 33 | if (mb_strlen($string, Smarty::$_CHARSET) > $length) { 34 | $length -= min($length, mb_strlen($etc, Smarty::$_CHARSET)); 35 | if (!$break_words && !$middle) { 36 | $string = preg_replace( 37 | '/\s+?(\S+)?$/' . Smarty::$_UTF8_MODIFIER, 38 | '', 39 | mb_substr($string, 0, $length + 1, Smarty::$_CHARSET) 40 | ); 41 | } 42 | if (!$middle) { 43 | return mb_substr($string, 0, $length, Smarty::$_CHARSET) . $etc; 44 | } 45 | return mb_substr($string, 0, $length / 2, Smarty::$_CHARSET) . $etc . 46 | mb_substr($string, -$length / 2, $length, Smarty::$_CHARSET); 47 | } 48 | return $string; 49 | } 50 | // no MBString fallback 51 | if (isset($string[ $length ])) { 52 | $length -= min($length, strlen($etc)); 53 | if (!$break_words && !$middle) { 54 | $string = preg_replace('/\s+?(\S+)?$/', '', substr($string, 0, $length + 1)); 55 | } 56 | if (!$middle) { 57 | return substr($string, 0, $length) . $etc; 58 | } 59 | return substr($string, 0, $length / 2) . $etc . substr($string, -$length / 2); 60 | } 61 | return $string; 62 | } 63 | -------------------------------------------------------------------------------- /libs/sysplugins/smarty_internal_compile_setfilter.php: -------------------------------------------------------------------------------- 1 | variable_filter_stack[] = $compiler->variable_filters; 31 | $compiler->variable_filters = $parameter[ 'modifier_list' ]; 32 | // this tag does not return compiled code 33 | $compiler->has_code = false; 34 | return true; 35 | } 36 | } 37 | 38 | /** 39 | * Smarty Internal Plugin Compile Setfilterclose Class 40 | * 41 | * @package Smarty 42 | * @subpackage Compiler 43 | */ 44 | class Smarty_Internal_Compile_Setfilterclose extends Smarty_Internal_CompileBase 45 | { 46 | /** 47 | * Compiles code for the {/setfilter} tag 48 | * This tag does not generate compiled output. It resets variable filter. 49 | * 50 | * @param array $args array with attributes from parser 51 | * @param \Smarty_Internal_TemplateCompilerBase $compiler compiler object 52 | * 53 | * @return string compiled code 54 | */ 55 | public function compile($args, Smarty_Internal_TemplateCompilerBase $compiler) 56 | { 57 | $_attr = $this->getAttributes($compiler, $args); 58 | // reset variable filter to previous state 59 | if (count($compiler->variable_filter_stack)) { 60 | $compiler->variable_filters = array_pop($compiler->variable_filter_stack); 61 | } else { 62 | $compiler->variable_filters = array(); 63 | } 64 | // this tag does not return compiled code 65 | $compiler->has_code = false; 66 | return true; 67 | } 68 | } 69 | -------------------------------------------------------------------------------- /themes/default/templates/header.html: -------------------------------------------------------------------------------- 1 |
2 |
3 |
4 | 9 | Xss平台 10 |
11 |
12 | 19 | {if empty($show.user) || $show.user.userId<1} 20 | 29 | {/if} 30 | {if isset($show.user) && $show.user.userId>0} 31 | 47 | {/if} 48 |
49 |
50 |
-------------------------------------------------------------------------------- /libs/sysplugins/smarty_internal_method_loadfilter.php: -------------------------------------------------------------------------------- 1 | true, 'post' => true, 'output' => true, 'variable' => true); 27 | 28 | /** 29 | * load a filter of specified type and name 30 | * 31 | * @api Smarty::loadFilter() 32 | * 33 | * @link http://www.smarty.net/docs/en/api.load.filter.tpl 34 | * 35 | * @param \Smarty_Internal_TemplateBase|\Smarty_Internal_Template|\Smarty $obj 36 | * @param string $type filter type 37 | * @param string $name filter name 38 | * 39 | * @return bool 40 | * @throws SmartyException if filter could not be loaded 41 | */ 42 | public function loadFilter(Smarty_Internal_TemplateBase $obj, $type, $name) 43 | { 44 | $smarty = $obj->_getSmartyObj(); 45 | $this->_checkFilterType($type); 46 | $_plugin = "smarty_{$type}filter_{$name}"; 47 | $_filter_name = $_plugin; 48 | if (is_callable($_plugin)) { 49 | $smarty->registered_filters[ $type ][ $_filter_name ] = $_plugin; 50 | return true; 51 | } 52 | if ($smarty->loadPlugin($_plugin)) { 53 | if (class_exists($_plugin, false)) { 54 | $_plugin = array($_plugin, 'execute'); 55 | } 56 | if (is_callable($_plugin)) { 57 | $smarty->registered_filters[ $type ][ $_filter_name ] = $_plugin; 58 | return true; 59 | } 60 | } 61 | throw new SmartyException("{$type}filter '{$name}' not found or callable"); 62 | } 63 | 64 | /** 65 | * Check if filter type is valid 66 | * 67 | * @param string $type 68 | * 69 | * @throws \SmartyException 70 | */ 71 | public function _checkFilterType($type) 72 | { 73 | if (!isset($this->filterTypes[ $type ])) { 74 | throw new SmartyException("Illegal filter type '{$type}'"); 75 | } 76 | } 77 | } 78 | -------------------------------------------------------------------------------- /libs/sysplugins/smarty_internal_method_setautoloadfilters.php: -------------------------------------------------------------------------------- 1 | true, 'post' => true, 'output' => true, 'variable' => true); 27 | 28 | /** 29 | * Set autoload filters 30 | * 31 | * @api Smarty::setAutoloadFilters() 32 | * 33 | * @param \Smarty_Internal_TemplateBase|\Smarty_Internal_Template|\Smarty $obj 34 | * @param array $filters filters to load automatically 35 | * @param string $type "pre", "output", … specify 36 | * the filter type to set. 37 | * Defaults to none treating 38 | * $filters' keys as the 39 | * appropriate types 40 | * 41 | * @return \Smarty|\Smarty_Internal_Template 42 | * @throws \SmartyException 43 | */ 44 | public function setAutoloadFilters(Smarty_Internal_TemplateBase $obj, $filters, $type = null) 45 | { 46 | $smarty = $obj->_getSmartyObj(); 47 | if ($type !== null) { 48 | $this->_checkFilterType($type); 49 | $smarty->autoload_filters[ $type ] = (array)$filters; 50 | } else { 51 | foreach ((array)$filters as $type => $value) { 52 | $this->_checkFilterType($type); 53 | } 54 | $smarty->autoload_filters = (array)$filters; 55 | } 56 | return $obj; 57 | } 58 | 59 | /** 60 | * Check if filter type is valid 61 | * 62 | * @param string $type 63 | * 64 | * @throws \SmartyException 65 | */ 66 | public function _checkFilterType($type) 67 | { 68 | if (!isset($this->filterTypes[ $type ])) { 69 | throw new SmartyException("Illegal filter type '{$type}'"); 70 | } 71 | } 72 | } 73 | -------------------------------------------------------------------------------- /libs/plugins/modifier.mb_wordwrap.php: -------------------------------------------------------------------------------- 1 | $width) { 36 | if ($cut) { 37 | $_tokens = preg_split( 38 | '!(.{' . $width . '})!S' . Smarty::$_UTF8_MODIFIER, 39 | $_token, 40 | -1, 41 | PREG_SPLIT_NO_EMPTY + PREG_SPLIT_DELIM_CAPTURE 42 | ); 43 | } 44 | } 45 | foreach ($_tokens as $token) { 46 | $_space = !!preg_match('!^\s$!S' . Smarty::$_UTF8_MODIFIER, $token); 47 | $token_length = mb_strlen($token, Smarty::$_CHARSET); 48 | $length += $token_length; 49 | if ($length > $width) { 50 | // remove space before inserted break 51 | if ($_previous) { 52 | $t = mb_substr($t, 0, -1, Smarty::$_CHARSET); 53 | } 54 | if (!$_space) { 55 | // add the break before the token 56 | if (!empty($t)) { 57 | $t .= $break; 58 | } 59 | $length = $token_length; 60 | } 61 | } elseif ($token === "\n") { 62 | // hard break must reset counters 63 | $length = 0; 64 | } 65 | $_previous = $_space; 66 | // add the token 67 | $t .= $token; 68 | } 69 | } 70 | return $t; 71 | } 72 | -------------------------------------------------------------------------------- /source/js/boxy/boxy.css: -------------------------------------------------------------------------------- 1 | .boxy-wrapper { position: absolute; } 2 | .boxy-wrapper.fixed { position: fixed; } 3 | 4 | /* Modal */ 5 | 6 | .boxy-modal-blackout { position: absolute; background-color: black; left: 0; top: 0; } 7 | 8 | /* Border */ 9 | 10 | .boxy-wrapper { empty-cells: show; } 11 | .boxy-wrapper .top-left, 12 | .boxy-wrapper .top-right, 13 | .boxy-wrapper .bottom-right, 14 | .boxy-wrapper .bottom-left { width: 10px; height: 10px; padding: 0 } 15 | 16 | .boxy-wrapper .top-left { background: url('boxy-nw.png'); } 17 | .boxy-wrapper .top-right { background: url('boxy-ne.png'); } 18 | .boxy-wrapper .bottom-right { background: url('boxy-se.png'); } 19 | .boxy-wrapper .bottom-left { background: url('boxy-sw.png'); } 20 | 21 | /* IE6+7 hacks for the border. IE7 should support this natively but fails in conjuction with modal blackout bg. */ 22 | /* NB: these must be absolute paths or URLs to your images */ 23 | .boxy-wrapper .top-left { #background: none; #filter:progid:DXImageTransform.Microsoft.AlphaImageLoader(src='source/js/boxy/boxy-nw.png'); } 24 | .boxy-wrapper .top-right { #background: none; #filter:progid:DXImageTransform.Microsoft.AlphaImageLoader(src='source/js/boxy/boxy-ne.png'); } 25 | .boxy-wrapper .bottom-right { #background: none; #filter:progid:DXImageTransform.Microsoft.AlphaImageLoader(src='source/js/boxy/boxy-se.png'); } 26 | .boxy-wrapper .bottom-left { #background: none; #filter:progid:DXImageTransform.Microsoft.AlphaImageLoader(src='source/js/boxy/boxy-sw.png'); } 27 | 28 | .boxy-wrapper .top, 29 | .boxy-wrapper .bottom { height: 10px; background-color: black; opacity: 0.6; filter: alpha(opacity=60); padding: 0 } 30 | 31 | .boxy-wrapper .left, 32 | .boxy-wrapper .right { width: 10px; background-color: black; opacity: 0.6; filter: alpha(opacity=60); padding: 0 } 33 | 34 | /* Title bar */ 35 | 36 | .boxy-wrapper .title-bar { background-color: black; padding: 6px; position: relative; } 37 | .boxy-wrapper .title-bar.dragging { cursor: move; } 38 | .boxy-wrapper .title-bar h2 { font-size: 12px; color: white; line-height: 1; margin: 0; padding: 0; font-weight: normal; } 39 | .boxy-wrapper .title-bar .close { color: white; position: absolute; top: 6px; right: 6px; font-size: 90%; line-height: 1; } 40 | 41 | /* Content Region */ 42 | 43 | .boxy-inner { background-color: white; padding: 0 } 44 | .boxy-content { padding: 15px; } 45 | 46 | /* Question Boxes */ 47 | 48 | .boxy-wrapper .question { width: 350px; min-height: 80px; } 49 | .boxy-wrapper .answers { text-align: right; } 50 | 51 | -------------------------------------------------------------------------------- /libs/sysplugins/smarty_internal_resource_stream.php: -------------------------------------------------------------------------------- 1 | resource, '://') !== false) { 33 | $source->filepath = $source->resource; 34 | } else { 35 | $source->filepath = str_replace(':', '://', $source->resource); 36 | } 37 | $source->uid = false; 38 | $source->content = $this->getContent($source); 39 | $source->timestamp = $source->exists = !!$source->content; 40 | } 41 | 42 | /** 43 | * Load template's source from stream into current template object 44 | * 45 | * @param Smarty_Template_Source $source source object 46 | * 47 | * @return string template source 48 | */ 49 | public function getContent(Smarty_Template_Source $source) 50 | { 51 | $t = ''; 52 | // the availability of the stream has already been checked in Smarty_Resource::fetch() 53 | $fp = fopen($source->filepath, 'r+'); 54 | if ($fp) { 55 | while (!feof($fp) && ($current_line = fgets($fp)) !== false) { 56 | $t .= $current_line; 57 | } 58 | fclose($fp); 59 | return $t; 60 | } else { 61 | return false; 62 | } 63 | } 64 | 65 | /** 66 | * modify resource_name according to resource handlers specifications 67 | * 68 | * @param Smarty $smarty Smarty instance 69 | * @param string $resource_name resource_name to make unique 70 | * @param boolean $isConfig flag for config resource 71 | * 72 | * @return string unique resource name 73 | */ 74 | public function buildUniqueResourceName(Smarty $smarty, $resource_name, $isConfig = false) 75 | { 76 | return get_class($this) . '#' . $resource_name; 77 | } 78 | } 79 | -------------------------------------------------------------------------------- /libs/sysplugins/smarty_internal_runtime_cachemodify.php: -------------------------------------------------------------------------------- 1 | isCached() && !$_template->compiled->has_nocache_code; 25 | $_last_modified_date = 26 | @substr($_SERVER[ 'HTTP_IF_MODIFIED_SINCE' ], 0, strpos($_SERVER[ 'HTTP_IF_MODIFIED_SINCE' ], 'GMT') + 3); 27 | if ($_isCached && $cached->timestamp <= strtotime($_last_modified_date)) { 28 | switch (PHP_SAPI) { 29 | case 'cgi': // php-cgi < 5.3 30 | case 'cgi-fcgi': // php-cgi >= 5.3 31 | case 'fpm-fcgi': // php-fpm >= 5.3.3 32 | header('Status: 304 Not Modified'); 33 | break; 34 | case 'cli': 35 | if (/* ^phpunit */ 36 | !empty($_SERVER[ 'SMARTY_PHPUNIT_DISABLE_HEADERS' ]) /* phpunit$ */ 37 | ) { 38 | $_SERVER[ 'SMARTY_PHPUNIT_HEADERS' ][] = '304 Not Modified'; 39 | } 40 | break; 41 | default: 42 | if (/* ^phpunit */ 43 | !empty($_SERVER[ 'SMARTY_PHPUNIT_DISABLE_HEADERS' ]) /* phpunit$ */ 44 | ) { 45 | $_SERVER[ 'SMARTY_PHPUNIT_HEADERS' ][] = '304 Not Modified'; 46 | } else { 47 | header($_SERVER[ 'SERVER_PROTOCOL' ] . ' 304 Not Modified'); 48 | } 49 | break; 50 | } 51 | } else { 52 | switch (PHP_SAPI) { 53 | case 'cli': 54 | if (/* ^phpunit */ 55 | !empty($_SERVER[ 'SMARTY_PHPUNIT_DISABLE_HEADERS' ]) /* phpunit$ */ 56 | ) { 57 | $_SERVER[ 'SMARTY_PHPUNIT_HEADERS' ][] = 58 | 'Last-Modified: ' . gmdate('D, d M Y H:i:s', $cached->timestamp) . ' GMT'; 59 | } 60 | break; 61 | default: 62 | header('Last-Modified: ' . gmdate('D, d M Y H:i:s', $cached->timestamp) . ' GMT'); 63 | break; 64 | } 65 | echo $content; 66 | } 67 | } 68 | } 69 | -------------------------------------------------------------------------------- /libs/sysplugins/smarty_internal_compile_child.php: -------------------------------------------------------------------------------- 1 | 15 | */ 16 | class Smarty_Internal_Compile_Child extends Smarty_Internal_CompileBase 17 | { 18 | /** 19 | * Attribute definition: Overwrites base class. 20 | * 21 | * @var array 22 | * @see Smarty_Internal_CompileBase 23 | */ 24 | public $optional_attributes = array('assign'); 25 | 26 | /** 27 | * Tag name 28 | * 29 | * @var string 30 | */ 31 | public $tag = 'child'; 32 | 33 | /** 34 | * Block type 35 | * 36 | * @var string 37 | */ 38 | public $blockType = 'Child'; 39 | 40 | /** 41 | * Compiles code for the {child} tag 42 | * 43 | * @param array $args array with attributes from parser 44 | * @param \Smarty_Internal_TemplateCompilerBase $compiler compiler object 45 | * @param array $parameter array with compilation parameter 46 | * 47 | * @return string compiled code 48 | * @throws \SmartyCompilerException 49 | */ 50 | public function compile($args, Smarty_Internal_TemplateCompilerBase $compiler, $parameter) 51 | { 52 | // check and get attributes 53 | $_attr = $this->getAttributes($compiler, $args); 54 | $tag = isset($parameter[ 0 ]) ? "'{$parameter[0]}'" : "'{{$this->tag}}'"; 55 | if (!isset($compiler->_cache[ 'blockNesting' ])) { 56 | $compiler->trigger_template_error( 57 | "{$tag} used outside {block} tags ", 58 | $compiler->parser->lex->taglineno 59 | ); 60 | } 61 | $compiler->has_code = true; 62 | $compiler->suppressNocacheProcessing = true; 63 | if ($this->blockType === 'Child') { 64 | $compiler->_cache[ 'blockParams' ][ $compiler->_cache[ 'blockNesting' ] ][ 'callsChild' ] = 'true'; 65 | } 66 | $_assign = isset($_attr[ 'assign' ]) ? $_attr[ 'assign' ] : null; 67 | $output = "inheritance->call' . $this->blockType . '($_smarty_tpl, $this' . 72 | ($this->blockType === 'Child' ? '' : ", {$tag}") . ");\n"; 73 | if (isset($_assign)) { 74 | $output .= "\$_smarty_tpl->assign({$_assign}, ob_get_clean());\n"; 75 | } 76 | $output .= "?>\n"; 77 | return $output; 78 | } 79 | } 80 | -------------------------------------------------------------------------------- /libs/sysplugins/smarty_resource_recompiled.php: -------------------------------------------------------------------------------- 1 | compiled; 43 | $compiled->file_dependency = array(); 44 | $compiled->includes = array(); 45 | $compiled->nocache_hash = null; 46 | $compiled->unifunc = null; 47 | $level = ob_get_level(); 48 | ob_start(); 49 | $_smarty_tpl->loadCompiler(); 50 | // call compiler 51 | try { 52 | eval('?>' . $_smarty_tpl->compiler->compileTemplate($_smarty_tpl)); 53 | } catch (Exception $e) { 54 | unset($_smarty_tpl->compiler); 55 | while (ob_get_level() > $level) { 56 | ob_end_clean(); 57 | } 58 | throw $e; 59 | } 60 | // release compiler object to free memory 61 | unset($_smarty_tpl->compiler); 62 | ob_get_clean(); 63 | $compiled->timestamp = time(); 64 | $compiled->exists = true; 65 | } 66 | 67 | /** 68 | * populate Compiled Object with compiled filepath 69 | * 70 | * @param Smarty_Template_Compiled $compiled compiled object 71 | * @param Smarty_Internal_Template $_template template object 72 | * 73 | * @return void 74 | */ 75 | public function populateCompiledFilepath(Smarty_Template_Compiled $compiled, Smarty_Internal_Template $_template) 76 | { 77 | $compiled->filepath = false; 78 | $compiled->timestamp = false; 79 | $compiled->exists = false; 80 | } 81 | 82 | /* 83 | * Disable timestamp checks for recompiled resource. 84 | * 85 | * @return bool 86 | */ 87 | /** 88 | * @return bool 89 | */ 90 | public function checkTimestamps() 91 | { 92 | return false; 93 | } 94 | } 95 | -------------------------------------------------------------------------------- /admin/templates/admin_module.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 公共模块审核 - {$show.sitename} - {$show.sitedesc} 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 18 | 19 | 20 | {include file="admin_header.html"} 21 |
22 |
23 | {include file="admin_menu.html"} 24 |
25 |

公共模块审核

26 |
27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | {foreach from=$modules key=k item=v} 40 | 41 | 42 | 43 | 44 | 45 | 60 | 61 | 62 | {/foreach} 63 | 64 |
模块名称模块描述创建人创建时间审核审核人
{$v.title}{$v.description}{$v.userName}{$v.addTime|@date_format:"%Y-%m-%d"} 46 | {if $v.isAudit==1} 47 | 已通过 48 | 不通过 49 | {else} 50 | {if $v.isAudit==0} 51 | 未审核 52 | 通过 53 | 不通过 54 | {else} 55 | 未通过 56 | 通过 57 | {/if} 58 | {/if} 59 | {$v.managerName}
65 |
66 | {$nav} 67 |
68 |
69 |
70 |
71 |
72 | {include file="admin_footer.html"} 73 | 74 | -------------------------------------------------------------------------------- /themes/default/templates/user_seting.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | XSS Platform 6 | 7 | 8 | 9 | 10 | 11 | 12 | {literal} 13 | 22 | {/literal} 23 | 24 | 25 | {include file="header.html"} 26 |
27 | {include file="menus.html"} 28 |
29 |
30 |
个人设置
31 |
33 |
34 | 邮箱:{$email} 35 |
36 | 40 |
41 |
42 |
43 | 手机: 44 |

45 |

46 | 50 |
51 |
52 |
53 | 钉钉机器人Key: 54 |

55 |

56 | 60 |
61 |
62 |

63 | 64 |

65 |
66 |
67 |
68 | 69 | --------------------------------------------------------------------------------