#####################
# func.php #########
####################
require("config.inc.php");
##### 检查用户是否存在 #####
function is_user_exits($name) {
$name=trim($name);
$name=ereg_replace("'","‘",$name);
$name=htmlspecialchars($name);
$SQL="SELECT name FROM user WHERE name='$name'";
$result=mysql_query($SQL) or die(mysql_error());
$row=mysql_fetch_Array($result);
$name=$row[name];
return $name;
}
##### 检查版面是否存在 #####
function is_board_exits($baord){
$sql="select name from boardinfo where name='$baord'";
$result=mysql_query($sql) or die("出现错误");
$row=mysql_fetch_array($result);
$name=$row[name];
return $name;
}
##### 添加新用户 Function #####
function adduser(){
global $name,$sex,$realname,$password,$address,$oicq,$homepage,$phone,$email,$qm,$regtime;
$name=trim($name);
$name=ereg_replace("'","‘",$name);
$password=trim($password);
$name=htmlspecialchars($name);
$realname=htmlspecialchars($realname);
$address=htmlspecialchars($address);
$oicq=htmlspecialchars($oicq);
$homepage=htmlspecialchars($homepage);
$phone=htmlspecialchars($phone);
$email=htmlspecialchars($email);
$qm=htmlencode2($qm);
$regtime=date("Y-m-d H:i:s");
$sql="insert into user (name,sex,realname,password,address,oicq,homepage,score,phone,email,qm,regtime,slaveboard) values('$name','$sex','$realname','$password','$address','$oicq','$homepage','0','$phone','$email','$qm','$regtime','')";
mysql_query($sql) or die(mysql_error());
}
##### URL 重定向 ######
function redirect2($url){
header("Location:$url");
}
##### 创建版面 ######
function create_board_table($name,$chinesename){
$name=trim("$name");
$sql="CREATE TABLE $name(id int(11) NOT NULL AUTO_INCREMENT,title varchar(50) NOT NULL,writer varchar(50) NOT NULL,cont longtext, size int,writetime varchar(20) NOT NULL,hits int(4) DEFAULT '0',good varchar(1),renum int(4) DEFAULT '0',slaveid int(11) DEFAULT '0',fromip varchar(15),PRIMARY KEY (id))";
mysql_query($sql);
$sql="insert into boardinfo (name,chinesename) values('$name','$chinesename')";
mysql_query($sql);
}
###### 删除版面 ######
function drop_board_table($name){
$sql="drop table $name";
mysql_query($sql);
$sql="delete from boardinfo where name='$name'";
mysql_query($sql);
}
######## 修改版面 ###
function update_board($name,$chinesename) {
$sql="update boardinfo set name='$name',chinesename='$chinesename' where name='$name'";
mysql_query($sql);
}
##### 添加文章 ######
function add_doc($board){
global $title,$name,$cont,$writer,$fromip,$writetime,$qm,$new_topic_score;
$title=trim($title);
$title=substr($title,0,49);
$size=strlen($cont);
$cont=htmlencode2($cont);
$cont=$cont."
"."-------
".$qm;
$writetime=date("Y-m-d H:i:s");
$fromip=getenv("remote_addr");
$name=htmlspecialchars($name);
$writer=$name;
$sql="insert into $board (title,writer,cont,size,writetime,fromip) values('$title','$name','$cont','$size','$writetime','$fromip')";
mysql_query($sql);
add_score($writer,$new_topic_score);
}
##### 回复文章 #####
function re_doc($board,$slaveid){
global $title,$name,$cont,$writer,$fromip,$writetime,$qm,$re_topic_score;
$title=trim($title);
$title=substr($title,0,49);
$size=strlen($cont);
$cont=htmlencode2($cont);
$cont=$cont."
"."-------
".$qm;
$writetime=date("Y-m-d H:i:s");
$name=htmlspecialchars($name);
$writer=$name;
$fromip=getenv("remote_addr");
$sql="insert into $board (title,writer,cont,size,writetime,slaveid,fromip) values('$title','$writer','$cont','$size','$writetime','$slaveid','$fromip')";
mysql_query($sql);
$sql="update $board set renum=renum+1 where id=$slaveid";
mysql_query($sql);
add_score($writer,$re_topic_score);
}
##### 删除文章 ####
function del_doc($board,$id){
global $remove_score;
$sql="select * from $board where id=$id";
$sql_result=mysql_query($sql);
$sql_row=mysql_fetch_array($sql_result);
$writer=$sql_row[writer];
remove_score($writer,$remove_score);
$slaveid=$sql_row[slaveid];
$sql="select * from $board where id=$slaveid";
$sql_result=mysql_query($sql);
$sql_row=mysql_fetch_array($sql_result);
if ($sql_row[renum]>0){
$sql="update $board set renum=renum-1 where id=$slaveid";
mysql_query($sql);
}
$sql="delete from $board where id=$id";
mysql_query($sql);
$sql="delete from $board where slaveid=$id";
mysql_query($sql);
}
#### 转换 html 特殊字符和
#####
function htmlencode2($str){
$str=htmlspecialchars($str);
$str=nl2br($str);
return $str;
}
##### 增加一个 hit ####
function add_one_hit($board,$id){
$sql="update $board set hits=hits+1 where id=$id";
mysql_query($sql);
}
##### 检查用户密码 ####
function check_user_password($name,$password){
$name=trim($name);
$name=ereg_replace("'","‘",$name);
$name=htmlspecialchars($name);
$password=trim($password);
$sql="select password from user where name='$name'";
$sql_result=mysql_query($sql);
$sql_row=mysql_fetch_array($sql_result);
if($password$sql_row[password]){
$result=0;
}
else{
$result=1;
setcookie ("jl_forum[name]",$name);
setcookie ("jl_forum[password]",$password);
}
return $result;
}
##### 检查管理员密码 ####
function check_admin_password(){
$sql="select * from user where name='$jl_forum[name]'";
$sql_result=mysql_query($sql);
$sql_row=mysql_fetch_array($sql_result);
if ($jl_forum[password]==$sql_row[password]){
$result=1;
}
else {
$result=0;
}
if ($sql_row[slaveboard]==$jl_forum[board]){
$result=1;
}
else {
$result=0;
}
return $result;
}
##### 修改个人资料 ####
function change_profile($name){
global $sex,$realname,$password,$address,$oicq,$homepage,$phone,$email,$qm;
$name=trim($name);
$name=htmlspecialchars($name);
$realname=htmlspecialchars($realname);
$address=htmlspecialchars($address);
$oicq=htmlspecialchars($oicq);
$homepage=htmlspecialchars($homepage);
$phone=htmlspecialchars($phone);
$email=htmlspecialchars($email);
$qm=htmlencode2($qm);
$sql="update user set sex='$sex',realname='$realname',password='$password',address='$address',oicq='$oicq',homepage='$homepage',phone='$phone',email='$email',qm='$qm' where name='$name'";
mysql_query($sql);
}
##### 显示错误 ####
function show_error($id){
redirect2("wrong.php?id=$id");
}
##### 增加版主 ####
function add_admin($board,$name){
$name=trim($name);
$sql="update user set slaveboard='$board' where name='$name'";
mysql_query($sql);
}
##### 删除版主 #####
function del_admin($name){
$name=trim($name);
$name=htmlspecialchars($name);
$sql="update user set slaveboard='' where name='$name'";
mysql_query($sql);
}
##### 贴子转精华 ####
function set_good($board,$id){
$sql="update $board set good='y' where id=$id";
mysql_query($sql);
}
##### 转出精华 ###
function set_no_good($board,$id){
$sql="update $board set good='' where id=$id";
mysql_query($sql);
}
##### 导出签名 #####
function expl_qm($name){
$name=htmlspecialchars($name);
$sql="select qm from user where name='$name'";
$sql_result=mysql_query($sql);
$sql_row=mysql_fetch_array($sql_result);
$qm=$sql_row[qm];
return $qm;
}
##### 管理员 #####
function adminok() {
if ($jl_admin[name]==$admin_name and $jl_admin[password]==$admin_password) {
return 1;
}
else {
return 0;
}
}
##### 增加积分 #####
function add_score($name,$num) {
$name=htmlspecialchars($name);
$sql="update user set score=score+$num where name='$name'";
mysql_query($sql);
}
##### 减少积分 ####
function remove_score($name,$num) {
$name=htmlspecialchars($name);
$sql="update user set score=score-$num where name='$name'";
mysql_query($sql);
}
#### 发送留言 ####
function sendmsg() {
global $fromname,$name,$cont;
$name=htmlspecialchars($name);
$fromname=htmlspecialchars($fromname);
$cont=htmlencode2($cont);
$wt=date("Y-m-d H:i:s");
$sql="insert into message (name,fromname,cont,writetime) values ('$name','$fromname','$cont','$wt')";
mysql_query($sql);
}
#### 删除留言 ####
function delmsg($id) {
$sql="delete from message where id=$id";
mysql_query($sql);
}
### 留言是否属于这个人 #####
function is_this_user($id) {
$sql="select name from message where id=$id";
$sql_result=mysql_query($sql);
$sql_row=mysql_fetch_row($sql_result);
if ($sql_row[name]==$jl_forum[name]) {
return 1;
}
else {
return 0;
}
}
?>
##########################
# good.php ##########
########################
require("func.php");
$sql="select * from boardinfo";
$sql_result=mysql_query($sql);
?>
| 璁哄
|
핫 AI 도구
Undresser.AI Undress
사실적인 누드 사진을 만들기 위한 AI 기반 앱
AI Clothes Remover
사진에서 옷을 제거하는 온라인 AI 도구입니다.
Undress AI Tool
무료로 이미지를 벗다
Clothoff.io
AI 옷 제거제
AI Hentai Generator
AI Hentai를 무료로 생성하십시오.
인기 기사
뜨거운 도구
VSCode Windows 64비트 다운로드
Microsoft에서 출시한 강력한 무료 IDE 편집기
에디트플러스 중국어 크랙 버전
작은 크기, 구문 강조, 코드 프롬프트 기능을 지원하지 않음
SublimeText3 Linux 새 버전
SublimeText3 Linux 최신 버전
드림위버 CS6
시각적 웹 개발 도구
DVWA
DVWA(Damn Vulnerable Web App)는 매우 취약한 PHP/MySQL 웹 애플리케이션입니다. 주요 목표는 보안 전문가가 법적 환경에서 자신의 기술과 도구를 테스트하고, 웹 개발자가 웹 응용 프로그램 보안 프로세스를 더 잘 이해할 수 있도록 돕고, 교사/학생이 교실 환경 웹 응용 프로그램에서 가르치고 배울 수 있도록 돕는 것입니다. 보안. DVWA의 목표는 다양한 난이도의 간단하고 간단한 인터페이스를 통해 가장 일반적인 웹 취약점 중 일부를 연습하는 것입니다. 이 소프트웨어는
