****************************add_keywords.php*****************************************
<?php
include_once("../include/other_func_inc.php");
if($_POST['pwd']=='123'){
$get_keywords = $_POST['keywords_cut'];
$keydesc = $_POST['keydesc_cut'];
$dealkeywords = insert_keywords("keywords.txt",$get_keywords);
$dealkeydescs = insert_keywords("keydesc.txt",$keydesc);
}
function insert_keywords($url,$val){
$getcon = file_get_contents($url);
$array_con = explode("\r\n", $getcon);
$array_val = explode("\r\n", $val);
$f = fopen($url,'a+');
for($i=0;$i<count($array_val);$i++){
$array_val[$i] = replaceHtmlAndJs(safe_replace(drop_sql($array_val[$i])));
if(!in_array($array_val[$i],$array_con)){
if(!empty($array_val[$i])){
fwrite($f,"\r\n".$array_val[$i]);
}
}
}
fclose($f);
return true;
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>扩充关键词描述词库</title>
</style>
</head>
<body>
<?php
$content = file_get_contents('keywords.txt');
$cutkeywords = explode("\r\n", $content);
$count = count($cutkeywords);
$content_desc = file_get_contents('keydesc.txt');
$cutkey_desc = explode("\r\n",$content_desc);
$count_desc = count($cutkey_desc);
?>
<h3>词库已有<font color=red><?php echo $count?></font>个过关键词</h3>
<div style="width:500px;height:200px;overflow:auto;border:1px solid #dedede;padding:5px;">
<?php
foreach($cutkeywords as $val){
echo $val."</br>";
}
?>
</div>
<h3>词库已有<font color=red><?php echo $count_desc?></font>个过短描述</h3>
<div style="width:500px;height:200px;overflow:auto;border:1px solid #dedede;padding:5px;">
<?php
foreach($cutkey_desc as $val){
echo $val."</br>";
}
?>
</div>
<h3>词库添加</h3>
<form action="?" method="post">
<table>
<tr>
<td>输入密码:</td>
<td><input type="password" name="pwd" style="width:120px;" value="<?php echo $_POST['pwd']?>" /></td>
</tr>
<tr>
<td>关键词:</td>
<td><textarea name="keywords_cut" style="width:200px;height:100px;"></textarea></td>
</tr>
<tr>
<td>网页描述:</td>
<td><textarea name="keydesc_cut" style="width:200px;height:100px;"></textarea></td>
</tr>
<tr>
<td colspan='2' align="center"><input type="submit" name="sum" value="添加" /></td>
</tr>
</table>
</form>
</body>
</html>
****************************keywords_conf.php【关键词和网页描述随机获取】*****************************************
<?php
$array_keywords = "keywords.txt";
$array_desc = "keydesc.txt";
function get_kwords_desc($keyword){
global $array_keywords;
global $array_desc;
$rand_kwords = getarrayForeach($array_keywords,3);
$rand_kdesc = getarrayForeach($array_desc,2);
return $array = array(
'keywords' => $keyword.'_'.implode("_",$rand_kwords),
'kdesc' => $keyword.'_'.implode("_",$rand_kdesc),
);
}
/*
*获取随机数数组值
*TXT文件;获取数组长度;
*/
function getarrayForeach($txtfile,$arrlength=1){
$txtfile = file_get_contents($txtfile);
$array_all = explode("\r\n",$txtfile);
if((is_array($array_all))&&(count($array_all)>0)){
$rand_arr = array_rand($array_all,$arrlength);
$result = array();
for($i=0;$i<count($rand_arr);$i++){
$result[] = $array_all[$rand_arr[$i]];
}
}else{
$result = false;
}
return $result;
}
?>
****************************other_func_inc.php【网页内容过滤】*****************************************
<?php
function replaceHtmlAndJs($document) {
$document=trim($document);
if (strlen($document) <=0) { return$document; }
$search = array (
"'<script[^>]*?>.*?</script>'si",
"'<[\/\!]*?[^<>]*?>'si",
"'([\r\n])[\s]+'",
"'&(quot|#34);'i",
"'&(amp|#38);'i",
"'&(lt|#60);'i",
"'&(gt|#62);'i",
"'&(nbsp|#160);'i"
);
$replace= array (
"",
"",
"\\1",
"\"",
"&",
"<",
">",
" "
);
return @preg_replace($search,$replace,$document);
}
function drop_sql($str)
{
$str = str_replace("and","",$str);
$str = str_replace("execute","",$str);
$str = str_replace("update","",$str);
$str = str_replace("count","",$str);
$str = str_replace("chr","",$str);
$str = str_replace("mid","",$str);
$str = str_replace("master","",$str);
$str = str_replace("truncate","",$str);
$str = str_replace("char","",$str);
$str = str_replace("declare","",$str);
$str = str_replace("select","",$str);
$str = str_replace("create","",$str);
$str = str_replace("delete","",$str);
$str = str_replace("insert","",$str);
$str = str_replace("'","",$str);
$str = str_replace(" ","",$str);
$str = str_replace("or","",$str);
$str = str_replace("=","",$str);
$str = str_replace("%20","",$str);
return $str;
}
function safe_replace($string)
{
$string = str_replace('%20','',$string);
$string = str_replace('%27','',$string);
$string = str_replace('*','',$string);
$string = str_replace('"','"',$string);
$string = str_replace("'",'',$string);
$string = str_replace("\"",'',$string);
$string = str_replace('//','',$string);
$string = str_replace(';','',$string);
$string = str_replace('<','<',$string);
$string = str_replace('>','>',$string);
$string = str_replace('(','',$string);
$string = str_replace(')','',$string);
$string = str_replace("{",'',$string);
$string = str_replace('}','',$string);
return $string;
}
//过滤接收的变量
function clear_str($str){
$str = strip_tags($str);
$str = addslashes($str);
return $str;
}
//获取IP地址函数
function GetRealIP(){
/*if (getenv("HTTP_CLIENT_IP") && strcasecmp(getenv("HTTP_CLIENT_IP"), "unknown"))
$ip = getenv("HTTP_CLIENT_IP");
else if (getenv("HTTP_X_FORWARDED_FOR") && strcasecmp(getenv("HTTP_X_FORWARDED_FOR"), "unknown"))
$ip = getenv("HTTP_X_FORWARDED_FOR");
else if (getenv("REMOTE_ADDR") && strcasecmp(getenv("REMOTE_ADDR"), "unknown"))
$ip = getenv("REMOTE_ADDR");
else if (isset($_SERVER['REMOTE_ADDR']) && $_SERVER['REMOTE_ADDR'] && strcasecmp($_SERVER['REMOTE_ADDR'], "unknown"))
$ip = $_SERVER['REMOTE_ADDR'];
else
$ip = "unknown";*/
static $realip = NULL;
if ($realip !== NULL)
{
return $realip;
}
if (isset($_SERVER))
{
if (isset($_SERVER['HTTP_X_FORWARDED_FOR']))
{
$arr = explode(',', $_SERVER['HTTP_X_FORWARDED_FOR']);
/* 取X-Forwarded-For中第一个非unknown的有效IP字符串 */
foreach ($arr AS $ip)
{
$ip = trim($ip);
if ($ip != 'unknown')
{
$realip = $ip;
break;
}
}
}
elseif (isset($_SERVER['HTTP_CLIENT_IP']))
{
$realip = $_SERVER['HTTP_CLIENT_IP'];
}
else
{
if (isset($_SERVER['REMOTE_ADDR']))
{
$realip = $_SERVER['REMOTE_ADDR'];
}
else
{
$realip = '0.0.0.0';
}
}
}
else
{
if (getenv('HTTP_X_FORWARDED_FOR'))
{
$realip = getenv('HTTP_X_FORWARDED_FOR');
}
elseif (getenv('HTTP_CLIENT_IP'))
{
$realip = getenv('HTTP_CLIENT_IP');
}
else
{
$realip = getenv('REMOTE_ADDR');
}
}
preg_match("/[\d\.]{7,15}/", $realip, $onlineip);
$realip = !empty($onlineip[0]) ? $onlineip[0] : '0.0.0.0';
return($realip);
}
//-------------文件操作方法------------
function pd_file($file,$con){
if(file_exists($file)){
add_write($file,$con);
}else{
null_write($file,$con);
}
}
//建立一个文件并写入输入
function null_write($file,$con){
$f=fopen($file,"w");
flock($f,LOCK_EX);
fputs($f,$con);
fclose($f);
}
// 添加数据记录到文件末端
function add_write($file,$con) {
$f=fopen($file,"a");
flock($f,LOCK_EX);
fputs($f,"\n");
fputs($f,$con);
fclose($f);
}
//-------------文件操作方法------------
/**********************************
* 截取字符串(UTF-8)
*
* @param string $str 原始字符串
* @param $position 开始截取位置
* @param $length 需要截取的偏移量
* @return string 截取的字符串
* $type=1 等于1时末尾加'...'不然不加
*********************************/
function substrs($str,$length,$type='Y'){
$position = 0;
$startPos = strlen($str);
$startByte = 0;
$endPos = strlen($str);
$count = 0;
for($i=0; $i<strlen($str); $i++){
if($count>=$position && $startPos>$i){
$startPos = $i;
$startByte = $count;
}
if(($count-$startByte) >= $length) {
$endPos = $i;
break;
}
$value = ord($str[$i]);
if($value > 127){
$count++;
if($value>=192 && $value<=223) $i++;
elseif($value>=224 && $value<=239) $i = $i + 2;
elseif($value>=240 && $value<=247) $i = $i + 3;
else return self::raiseError("\"$str\" Not a UTF-8 compatible string", 0, __CLASS__, __METHOD__, __FILE__, __LINE__);
}
$count++;
}
if($type==1 && ($endPos-6)>$length){
return substr($str, $startPos, $endPos-$startPos)."...";
}else{
return substr($str, $startPos, $endPos-$startPos);
}
}
/**
* utf8字符串整齐化
*
* @param string $str
* @return string
*/
function utf8_trim($str) {
$hex = '';
$len = strlen($str) - 1;
for ($i = $len; $i >= 0; $i -= 1) {
$ch = ord($str[$i]);
$hex .= " $ch";
if (($ch & 128) == 0 || ($ch & 192) == 192) {return substr($str, 0, $i);}
}
return $str . $hex;
}
//Remove the exploer'bug XSS
function RemoveXSS($val) {
// remove all non-printable characters. CR(0a) and LF(0b) and TAB(9) are allowed
// this prevents some character re-spacing such as <java\0script>
// note that you have to handle splits with \n, \r, and \t later since they *are* allowed in some inputs
$val = preg_replace('/([\x00-\x08,\x0b-\x0c,\x0e-\x19])/', '', $val);
// straight replacements, the user should never need these since they're normal characters
// this prevents like <IMG SRC=@avascript:alert('XSS')>
$search = 'abcdefghijklmnopqrstuvwxyz';
$search .= 'ABCDEFGHIJKLMNOPQRSTUVWXYZ';
$search .= '1234567890!@#$%^&*()';
$search .= '~`";:?+/={}[]-_|\'\\';
for ($i = 0; $i < strlen($search); $i++) {
// ;? matches the ;, which is optional
// 0{0,7} matches any padded zeros, which are optional and go up to 8 chars
// @ @ search for the hex values
$val = preg_replace('/(&#[xX]0{0,8}'.dechex(ord($search[$i])).';?)/i', $search[$i], $val); // with a ;
// @ @ 0{0,7} matches '0' zero to seven times
$val = preg_replace('/(�{0,8}'.ord($search[$i]).';?)/', $search[$i], $val); // with a ;
}
// now the only remaining whitespace attacks are \t, \n, and \r
$ra1 = array('javascript', 'vbscript', 'expression', 'applet', 'meta', 'xml', 'blink', 'link', 'style', 'script', 'embed', 'object', 'iframe', 'frame', 'frameset', 'ilayer', 'layer', 'bgsound', 'title', 'base');
$ra2 = array('onabort', 'onactivate', 'onafterprint', 'onafterupdate', 'onbeforeactivate', 'onbeforecopy', 'onbeforecut', 'onbeforedeactivate', 'onbeforeeditfocus', 'onbeforepaste', 'onbeforeprint', 'onbeforeunload', 'onbeforeupdate', 'onblur', 'onbounce', 'oncellchange', 'onchange', 'onclick', 'oncontextmenu', 'oncontrolselect', 'oncopy', 'oncut', 'ondataavailable', 'ondatasetchanged', 'ondatasetcomplete', 'ondblclick', 'ondeactivate', 'ondrag', 'ondragend', 'ondragenter', 'ondragleave', 'ondragover', 'ondragstart', 'ondrop', 'onerror', 'onerrorupdate', 'onfilterchange', 'onfinish', 'onfocus', 'onfocusin', 'onfocusout', 'onhelp', 'onkeydown', 'onkeypress', 'onkeyup', 'onlayoutcomplete', 'onload', 'onlosecapture', 'onmousedown', 'onmouseenter', 'onmouseleave', 'onmousemove', 'onmouseout', 'onmouseover', 'onmouseup', 'onmousewheel', 'onmove', 'onmoveend', 'onmovestart', 'onpaste', 'onpropertychange', 'onreadystatechange', 'onreset', 'onresize', 'onresizeend', 'onresizestart', 'onrowenter', 'onrowexit', 'onrowsdelete', 'onrowsinserted', 'onscroll', 'onselect', 'onselectionchange', 'onselectstart', 'onstart', 'onstop', 'onsubmit', 'onunload');
$ra = array_merge($ra1, $ra2);
$found = true; // keep replacing as long as the previous round replaced something
while ($found == true) {
$val_before = $val;
for ($i = 0; $i < sizeof($ra); $i++) {
$pattern = '/';
for ($j = 0; $j < strlen($ra[$i]); $j++) {
if ($j > 0) {
$pattern .= '(';
$pattern .= '(&#[xX]0{0,8}([9ab]);)';
$pattern .= '|';
$pattern .= '|(�{0,8}([9|10|13]);)';
$pattern .= ')*';
}
$pattern .= $ra[$i][$j];
}
$pattern .= '/i';
$replacement = substr($ra[$i], 0, 2).'<x>'.substr($ra[$i], 2); // add in <> to nerf the tag
$val = preg_replace($pattern, $replacement, $val); // filter out the hex tags
if ($val_before == $val) {
// no replacements were made, so exit the loop
$found = false;
}
}
}
return $val;
}
?>
下一篇:THINKPHP 任意执行漏洞以及跨站脚本攻击