I don’t know enough, so I got a source code, but I found that there is a webshell backdoor. As for what code it is, I can’t identify it. Could someone please give me some advice?
<?php function a($where) { $where['pagesize']=1; $article=alist($where); if(isset($article['list'][0])) { Return $article['list'][0]; }else { Return false; } } function u($cid='') { if(empty($cid)) { Return gethomeurl(); } Return getchannelurl($cid); } function z($strname,$return=1) { Return str($strname,0,$return); } function s($strname,$cid='',$return=1) { Return str($strname,$cid,$return); } function n($where=0) { Return nav($where); } function c($kind=0,$num=9999,$fid=0,$shownav=0) { $channel=getchannelscache(); $newchannel=array(); $count=0; if(isset($GLOBALS['nav'][$fid])) { if(is_array($GLOBALS['nav'][$fid])) { $diychannel=$GLOBALS['nav'][$fid]; }elseif(function_exists($GLOBALS['nav'][$fid])) { $diychannel=$GLOBALS['nav'][$fid]($fid); } if(isset($diychannel)) { foreach($diychannel as $val) { if($shownav==0 || !isset($val['ifshownav']) ||($shownav>0 && @$val['ifshownav'])) { $newchannel[]=$val; $count ; } if($count==$num) { Return $newchannel; } } Return $newchannel; } } foreach($channel as $val) { if($fid==$val['fid']) { if($shownav==0 || ($shownav>0 && $val['ifshownav'])) { if($kind==0) { $newchannel[]=$val; $count ; $newchannel[count($newchannel)-1]['key']=$count; }elseif($val['ckind']==$kind) { $newchannel[]=$val; $count ; $newchannel[count($newchannel)-1]['key']=$count; } } } if($count==$num) { break; } } $fidarray=@cnav(cid,1); foreach($newchannel as $key=>$val) { $newchannel[$key]['onstyle']=''; foreach($fidarray as $fidkey=>$fidval) { if($val['cid']==$fidval['cid']) { $newchannel[$key]['onstyle']='on'; break; } } } Return $newchannel; } function b($cid='',$return=false,$linktag=' > ',$homepage=SystemDir) { Return cnav($cid,$return,$linktag,$homepage); } function i($kind='',$cid=0) { if($cid===0) { if(!defined('cid')) {Return false;} $cid=cid; } $channel=getchannelcache($cid); if(!$channel) { Return false; } if(empty($kind)) { Return $channel; }elseif($kind=='name' && isset($channel['cname'])) { Return $channel['cname']; }elseif($kind=='topfid') { $breadcrumb=b($channel['cid'],1); if(isset($breadcrumb[0]['cid'])) { Return $breadcrumb[0]['cid']; } }elseif($kind=='url') { Return u($channel['cid']); }elseif($kind=='domain') { Return @$channel['csetting']['channel_domain']; }else { if(isset($channel[$kind])) { Return $channel[$kind]; } } Return false; } function uri($uri) { $uri=ltrim($uri,'/'); if(UrlRewrite) { Return SystemDir.$uri; }else { Return SystemDir.IndexFile.'/'.$uri; } } function f($file) { require(SystemRoot.TemplateDir.DIRECTORY_SEPARATOR.$file); } function t($file='',$echo=1) { if($echo==1) { echo(SystemDir.TemplateDir.'/'.$file); } Return SystemDir.TemplateDir.'/'.$file; } function alist($where='') { if(isset($where['page']) && !is_numeric($where['page'])) { if(isset($_GET[$where['page']]) && $_GET[$where['page']]>0) { $where['page']=intval($_GET[$where['page']]); }else { $where['page']=1; } } $nullarticle=array('list'=>array(),'pagecount'=>0,'pagesize'=>1,'page'=>1,); if(!isset($where['cid']) && !defined('cid') && !isset($where['tablename']) && !isset($where['cids'])) {Return $nullarticle;} if(!isset($where['tablename']) && !isset($where['cid']) && !isset($where['cids']) && defined('cid')) {$where['cid']=cid;} if(!isset($where['cid'])) {$where['cid']=0;} if(is_numeric($where['cid'])) {$where['cid']=intval($where['cid']);} if(SiteCache && isset($where['cache']) && $where['cache']>0) { $cachewhere=$where; $cachehash=md5(json_encode($where)); $res =cacheget($cachehash,$where['cache'],'alist'); if ($res) {return json_decode($res,1);} } $sql=''; if($where['cid']!==0) { $thischannelcache=getchannelcache($where['cid']); if(!$thischannelcache) {Return $nullarticle;} $where['cid']=$thischannelcache['cid']; } if(!isset($where['tablename'])) {$where['tablename']='';} if(!isset($where['all']) || $where['all']==1) { if(!isset($where['cids'])) {$where['cids']='';} $clistsetting=alist_getson($where['cid'],$where['tablename'],$where['cids']); if(!isset($clistsetting['sql'])) {Return $nullarticle;}$where['cidsql']=$clistsetting['sql']; $where['tablename']=$clistsetting['tablename']; $defaultsetting=getchannelcache($clistsetting['default']); if(!isset($where['pageurl']) && !isset($clistsetting['pageurl'])) { unset($defaultsetting['csetting']['channel_pageurl']); } }else { if(!isset($where['cidsql'])) { $where['cidsql']=" and (cid='".$where['cid']."')"; } if($where['cid']) { $defaultsetting=getchannelcache($where['cid']); if(empty($where['tablename']) && isset($defaultsetting['csetting']['articletable'])) { $where['tablename']=$defaultsetting['csetting']['articletable']; } } } $sql.=$where['cidsql']; if(!isset($where['pagesize'])) { if(isset($defaultsetting['csetting']['temppage_size']) && !empty($defaultsetting['csetting']['temppage_size'])) { $where['pagesize']=$defaultsetting['csetting']['temppage_size']; } } if(!isset($where['order'])) { if(isset($defaultsetting['csetting']['temppage_order']) && !empty($defaultsetting['csetting']['temppage_order'])) { $where['order']=$defaultsetting['csetting']['temppage_order']; } } isset($where['addslashes']) ? $ifaddslashes=$where['addslashes']:$ifaddslashes=1; isset($where['tablename']) ? $where['tablename']=$where['tablename']:die('no tablename'); isset($where['pagesize']) ? $where['pagesize']=intval($where['pagesize']):$where['pagesize']=9; isset($where['order']) ? $where['order']='order by '.$where['order']:$where['order']='order by id desc'; isset($where['start']) ? $where['start']=intval($where['start']):$where['start']=0; isset($where['column']) ? $where['column']=$where['column']:$where['column']='*'; isset($where['rowidstyle']) && !isset($where['rowidname']) ? $where['rowidname']='id' :''; isset($where['linktime']) ? 1==1 : $where['linktime']='posttime'; isset($where['link']) ? 1==1 : $where['link']=''; isset($where['domain']) ? 1==1 : $where['domain']=''; if(trim($where['column'])<>'*') {$where['column'].=',cid';}if(isset($where['where'])) { if(is_array($where['where'])) { foreach($where['where'] as $key=>$val) { $key=addslashes_str($key,$ifaddslashes); if(is_array($val) && count($val)>0) { $sql.=" and ("; foreach($val as $value) { $sql.=$key."='".addslashes_str($value,$ifaddslashes)."' or "; } $sql=substr($sql,0,strlen($sql)-4); $sql.=")"; }else { $sql.=" and ".$key."='".addslashes_str($val,$ifaddslashes)."'"; } } }else { $sql.=" and ".$where['where']; } } if(isset($where['inwhere'])) { foreach($where['inwhere'] as $key=>$val) { if(!is_array($val)) { $val=array(); $val[]=$where['inwhere'][$key]; } $key=addslashes_str($key,$ifaddslashes); foreach($val as $val1) { if(is_numeric($val1) && $val1>0) { $sql.=" and (".$key."='[".$val1."]' or ".$key." like '%,".$val1.",%' or ".$key." like '[".$val1.",%' or ".$key." like '%,".$val1."]')"; }else { unset($where['inwhere'][$key]); } } } } if(isset($where['nowhere'])) { foreach($where['nowhere'] as $key=>$val) { $key=addslashes_str($key,$ifaddslashes); if(is_array($val) && count($val)>0) { foreach($val as $value) { $sql.=" and ".$key."<>'".addslashes_str($value,$ifaddslashes).'\''; } }else { $sql.=" and ".$key."<>'".addslashes_str($val,$ifaddslashes)."'"; } } } if(isset($where['other']) && !empty($where['other'])) { $sql.=" and ".$where['other']; } if(isset($where['keyword']) && !empty($where['keyword'])) { if(!isset($where['searchcolumn'])) {$where['searchcolumn']='title';} if(!is_array($where['searchcolumn'])) {$where['searchcolumn']=explode(',',$where['searchcolumn']);} if(!is_array($where['keyword'])) {$where['keyword']=explode('|',$where['keyword']);} $sql.=" and ("; foreach($where['searchcolumn'] as $key=>$searchcolumn) { foreach($where['keyword'] as $keywordkey=>$keywordval) { if($key==0 && $keywordkey==0) { $sql.="$searchcolumn like '%".addslashes_str($keywordval,$ifaddslashes)."%'"; }else { $sql.=" or $searchcolumn like '%".addslashes_str($keywordval,$ifaddslashes)."%'"; } } } $sql.=" )"; } if(!empty($sql)) { $sql='where '.ltrim($sql,'and '); } if(isset($where['page'])) { $where['page']=intval($where['page']); $where['pagecount'] = $GLOBALS['db'] -> fetchcount("SELECT count(id) FROM ".$where['tablename']." $sql"); $where['articlecount']=$where['pagecount']; $where['start']=($where['page']-1)*$where['pagesize']; if($where['articlecount']%$where['pagesize']==0) { $where['pages']=($where['articlecount']/$where['pagesize']); }else { $where['pages']=intval($where['articlecount']/$where['pagesize']) 1; } if(isset($defaultsetting['csetting']['channel_pageurl']) && !empty($defaultsetting['csetting']['channel_pageurl']) && !isset($where['pageurl'])) { $allpageurl=explode(';',$defaultsetting['csetting']['channel_pageurl']); if(UrlRewrite) { $where['pageurl']=$allpageurl[0]; }else { $where['pageurl']=SystemDir.IndexFile.$allpageurl[0]; } } } if(!isset($where['sql'])) { $where['sql_id']='SELECT id FROM '.$where['tablename'].' '.$sql.' '.$where['order'].' limit '.$where['start'].','.$where['pagesize']; $idquery =$GLOBALS['db'] -> query($where['sql_id']); $ids = $GLOBALS['db'] -> fetchall($idquery); $sql='id in('; if(count($ids)>0) { foreach($ids as $key=>$val) { $sql.=$val[0].','; } }else { $sql.='0,'; } $sql=rtrim($sql,','); $sql.=')'; $where['sql']='SELECT '.$where['column'].' FROM '.$where['tablename'].' where '.$sql.' '.$where['order']; } $query = $GLOBALS['db'] -> query($where['sql']); $articles = $GLOBALS['db'] -> fetchall($query); $i=0; foreach ($articles as $value) { $i ; $value['key']=$i; if(isset($where['stepstyle'])) { foreach($where['stepstyle'] as $key=>$val) {if($i%$key==0) {$value['stepstyle']=$where['stepstyle'][$key];}} if(!isset($value['stepstyle'])) {$value['stepstyle']='';} }if(isset($where['rowstyle'])) { foreach($where['rowstyle'] as $key=>$val) {if($i==$key) {$value['rowstyle']=$where['rowstyle'][$key];}} if(!isset($value['rowstyle'])) {$value['rowstyle']='';} } if(isset($where['rowidstyle'])) { foreach($where['rowidstyle'] as $key=>$val) { if($value[$where['rowidname']]==$key) { $value['rowidstyle']=$val; } } if(!isset($value['rowidstyle'])) {$value['rowidstyle']='';} } if(!isset($value[$where['linktime']])) {$value[$where['linktime']]=0;} $value['link']=aurl($value,$where['link'],$value[$where['linktime']],$where['domain']); $where['list'][]=$value; } if(!isset($where['list'])) {$where['list']=array();} if(SiteCache && isset($where['cache']) && $where['cache']>0) { cacheset($cachehash,json_encode($where),$where['cache'],'alist'); } Return $where; } function getkinds($cid,$fid) { $fid=intval($fid); $kindsarray=array($fid); if(is_numeric($cid)) { $thichannelcache=getchannelcache($cid); $defaultsetting=$thichannelcache['csetting']; if(isset($defaultsetting['articletable']) && !empty($defaultsetting['articletable'])) { $kindtable=$defaultsetting['articletable']; }else {Return $kindsarray;} }else { $kindtable=$cid; } $query = $GLOBALS['db'] -> query("SELECT id FROM $kindtable where fid='$fid';"); $link = $GLOBALS['db'] -> fetchall($query); foreach ($link as $value) { $thisallkinds=getkinds($kindtable,$value['id']); foreach ($thisallkinds as $thisvalue) { $kindsarray[]=$thisvalue; } } Return $kindsarray; } function alist_getson($cid,$tablename,$cids,$first=1) { if($cid==0 && empty($tablename)) { $tablename=ArticleTable; } $array=array(); $array['list']=array(); $channels=getchannelscache(); if($first) { if(!is_array($cids)) {$cids=explode(';',$cids);} $thischannel=getchannelcache($cid); if($thischannel && @$thischannel['ckind']==2 && (in_array($cid,$cids) || empty($cids[0]))) { if(isset($thischannel['csetting']['articletable']) && !empty($thischannel['csetting']['articletable']) && empty($tablename)) { $tablename=$thischannel['csetting']['articletable']; }if($tablename==$thischannel['csetting']['articletable']) { $array['list'][]=$thischannel; if(isset($thischannel['csetting']['channel_pageurl']) && !empty($thischannel['csetting']['channel_pageurl'])) { $array['pageurl']=$thischannel['csetting']['channel_pageurl']; } } } $array['tablename']=$tablename; } foreach($channels as $key=>$val) { if($val['fid']==$cid) { $thischannel=getchannelcache($val['cid']); if(empty($tablename)) { if($thischannel['ckind']==2 && isset($thischannel['csetting']['articletable']) && (in_array($val['cid'],$cids) || empty($cids[0]))) { $array['list'][]=$val; $tablename=$thischannel['csetting']['articletable']; $array['tablename']=$tablename; } }else { if($thischannel['ckind']==2 && isset($thischannel['csetting']['articletable']) && $thischannel['csetting']['articletable']==$tablename && (in_array($val['cid'],$cids) || empty($cids[0]))) { $array['list'][]=$val; } } $sonarray=alist_getson($val['cid'],$tablename,$cids,0); foreach($sonarray['list'] as $key1=>$val1) { $array['list'][]=$val1; } } } if($first) { $cids=array(); $sql=''; foreach($array['list'] as $key=>$val) { if($key==0) { $sql.=" and (cid='".$val['cid']."'"; }elseif($key==(count($array['list'])-1)) { $sql.=" or cid='".$val['cid']."'"; }else { $sql.=" or cid='".$val['cid']."'"; } } if(count($array['list'])>0) {$array['sql']=$sql.')';} if(isset($array['list'][0])) { $array['default']=$array['list'][0]['cid']; }else { $array['default']=0; } Return $array; }else { Return $array; } } function aurl($value,$rowurl,$rowurltime,$domain='') { $thissetting=getchannelcache($value['cid']); if(empty($domain)) { if(isset($thissetting['csetting']['channel_domain']) && !empty($thissetting['csetting']['channel_domain'])) { $domains=explode(';',$thissetting['csetting']['channel_domain']); $domain=$domains[0]; foreach($domains as $key) { if($key==server_name()) { $domain=null; break; } } } } if(empty($rowurl)) { if(empty($thissetting['csetting']['channel_articleurl'])) { Return ''; } $rowurl=$thissetting['csetting']['channel_articleurl']; }if(!empty($where['domain'])) { $domains=explode(';',$where['domain']); $where['domain']=$domains[0]; foreach($domains as $domain) { if($domain==server_name()) { $where['domain']=null; break; } } } unset($thissetting); $rowurls=explode(';',$rowurl); $rowurl=$rowurls[0]; preg_match_all("/{(.*)}|\[(.*)\]|\((.*)\)/isU",$rowurl,$match); if(count($match[0])>0) { foreach($match[0] as $key=>$val) { if($rowurltime>0 && ($val=='(y)' || $val=='(m)' || $val=='(d)')) { isset($value['y']) ? 1==1 : $value['y']=date('Y',$rowurltime); isset($value['m']) ? 1==1 : $value['m']=date('m',$rowurltime); isset($value['d']) ? 1==1 : $value['d']=date('d',$rowurltime); } if(isset($value[$match[1][$key]])) { if(is_numeric($value[$match[1][$key]])) {$rowurl=str_replace($val,$value[$match[1][$key]],$rowurl);}else {$rowurl=str_replace($val,urlencode($value[$match[1][$key]]),$rowurl);} } if(isset($value[$match[2][$key]])) { if(is_numeric($value[$match[2][$key]])) {$rowurl=str_replace($val,$value[$match[2][$key]],$rowurl); }else {$rowurl=str_replace($val,urlencode($value[$match[2][$key]]),$rowurl); } } if(isset($value[$match[3][$key]])) { if(is_numeric($value[$match[3][$key]])) {$rowurl=str_replace($val,$value[$match[3][$key]],$rowurl); }else {$rowurl=str_replace($val,urlencode($value[$match[3][$key]]),$rowurl); } } } } if(!empty($domain)) { $domain='//'.$domain.server_port(); } if(UrlRewrite) { $rowurl=$domain.$rowurl; }else { $rowurl=$domain.SystemDir.IndexFile.$rowurl; } Return $rowurl; } function all_list($where=array(),$pagesize=10,$cid='') { if(!isset($where['cache'])) {$where['cache']=3600;} $cachehash=md5(json_encode($where).$pagesize.json_encode($cid)); $res =cacheget($cachehash,$where['cache'],'alist'); if ($res) {return json_decode($res,1);} if(empty($cid)) { $cid=array(); $allchannels=getchannelscache(); foreach($allchannels as $channel) { if($channel['ckind']==2) { $cid[]=$channel['cid']; } } }elseif(is_numeric($cid)) { $cid=array($cid); } $articles=array(); foreach($cid as $thiscid) { $where['cid']=$thiscid; $where['pagesize']=$pagesize; $where['all']=0; $thisarticles=alist($where); foreach($thisarticles['list'] as $thisarticle) { $articles[]=$thisarticle; } } $posttime=array(); foreach ($articles as $article) { $posttime[] = $article['posttime']; }$orderarticles=array_multisort($posttime, SORT_DESC, $articles); $returnarticles=array(); $i=0; foreach($articles as $key=>$val) { $i ; $val['key']=$i; $returnarticles[]=$val; if($key==($pagesize-1)) { break; } } if(SiteCache && $where['cache']>0) { cacheset($cachehash,json_encode($returnarticles),$where['cache'],'alist'); } Return $returnarticles; } function ainsert($article,$setting='') { if(!is_array($article)) {Return false;} if(empty($setting)) {$setting=array();} if(!isset($setting['cid']) && !isset($article['cid'])) { if(defined('cid')) { $setting['cid']=cid; }else { Return 'setting no cid'; } } if(!isset($setting['addslashes'])) {$setting['addslashes']=1;} if(!isset($setting['default'])) {$setting['default']=1;} if(!isset($setting['check'])) {$setting['check']=1;} if(!isset($setting['cid'])) {$setting['cid']=$article['cid'];} if(isset($article['cid'])) {unset($article['cid']);} $channel = getchannelcache($setting['cid']); if(!$channel) {Return 'channel not exist';} $setting['cid']=$channel['cid']; $csetting=$channel['csetting']; if(!isset($setting['tablename']) || empty($setting['tablename'])) {$setting['tablename']=$csetting['articletable'];} if(count($article)==0) { Return 'where article columns'; } foreach($article as $key=>$val) { $article[$key]=addslashes_str($article[$key],$setting['addslashes']); } if($setting['check']) { $columns = $GLOBALS['db'] -> all("select mname,mkind,ifonly,strdefault,msetting from ".tableex('moudle')." where cid=".$setting['cid']." order by morder asc;"); foreach($columns as $thiscolumn) { $key=$thiscolumn['mname']; if(!isset($article[$key]) && $setting['default']) { $article[$key]=$thiscolumn['strdefault']; if($thiscolumn['mkind']==9) { if($thiscolumn['strdefault']=='now') { $article[$key]=time(); }else{ $thiscolumn['strdefault']=@strtotime($thiscolumn['strdefault']); if($thiscolumn['strdefault']) { $article[$key]=$thiscolumn['strdefault']; }else { $article[$key]=0; } } } }if(isset($article[$key])) { $thismsetting=json_decode($thiscolumn['msetting'],1); $thismsetting['ifonly']=$thiscolumn['ifonly']; $thismsetting['tablename']=$setting['tablename']; $thismoudlevalue=$article[$key]; if($thismsetting['filterhtml']==1) { require_once(SystemRoot.AdminDir.'/input/kses.php'); $thismoudlevalue= kses($thismoudlevalue); }elseif($thismsetting['filterhtml']==2) { $thismoudlevalue=htmlspecialchars($thismoudlevalue); } $acheck=acheck($key,$thismoudlevalue,$setting['cid'],$thismsetting); if($acheck==='error') {Return $key.' error';} if($acheck==='short') {Return $key.' short';} if($acheck==='long') {Return $key.' long';} if($acheck==='exist') {Return $key.' exist';} $article[$key]=$thismoudlevalue; } } } $article['cid']=$setting['cid']; if(!isset($article['posttime'])) {$article['posttime']=time();} if(!isset($article['adminuid'])) {$article['adminuid']=0;} $result = $GLOBALS['db'] -> insert($setting['tablename'],$article); if($result) {Return $result;}else {Return false;} } function aedit($article,$setting='') { if(!isset($article['id']) || !is_numeric($article['id']) || $article['id']<1) { Return 'id error'; } $id=$article['id']; unset($article['id']); if(!is_array($article)) {Return false;} if(empty($setting)) {$setting=array();} if(!isset($setting['cid']) && !isset($article['cid'])) { if(defined('cid')) { $setting['cid']=cid; }else { Return 'setting no cid'; } } if(!isset($setting['addslashes'])) {$setting['addslashes']=1;} if(!isset($setting['check'])) {$setting['check']=1;} if(!isset($setting['cid'])) {$setting['cid']=$article['cid'];} if(isset($article['cid'])) {unset($article['cid']);} $channel = getchannelcache($setting['cid']); if(!$channel) {Return 'channel not exist';} $setting['cid']=$channel['cid']; $csetting=$channel['csetting']; if(!isset($setting['tablename']) || empty($setting['tablename'])) {$setting['tablename']=$csetting['articletable'];} if(count($article)==0) { Return 'where article columns'; } foreach($article as $key=>$val) { $article[$key]=addslashes_str($article[$key],$setting['addslashes']); }if($setting['check']) { $columns = $GLOBALS['db'] -> all("select mname,ifonly,strdefault,msetting from ".tableex('moudle')." where cid=".$setting['cid']." order by morder asc;"); foreach($columns as $thiscolumn) { $key=$thiscolumn['mname']; if(isset($article[$key])) { $thismsetting=json_decode($thiscolumn['msetting'],1); $thismsetting['ifonly']=$thiscolumn['ifonly']; $thismsetting['tablename']=$setting['tablename']; $thismoudlevalue=$article[$key]; if($thismsetting['filterhtml']==1) { require_once(SystemRoot.AdminDir.'/input/kses.php'); $thismoudlevalue= kses($thismoudlevalue); }elseif($thismsetting['filterhtml']==2) { $thismoudlevalue=htmlspecialchars($thismoudlevalue); } $acheck=acheck($key,$thismoudlevalue,$setting['cid'],$thismsetting,$id); if($acheck==='error') {Return $key.' error';} if($acheck==='short') {Return $key.' short';} if($acheck==='long') {Return $key.' long';} if($acheck==='exist') {Return $key.' exist';} $article[$key]=$thismoudlevalue; } } } $result = $GLOBALS['db'] -> update($setting['tablename'],"id='$id'",$article); if($result) {Return true;}else {Return false;} } function adel($cid,$id,$tablename='') { if(empty($cid) && empty($tablename)) { if(defined('cid')) { $cid=cid; }else { Return 'no cid'; } } if(empty($id)) {Return 'no id';}else {$id=intval($id);} if(empty($tablename)) { $channel = getchannelcache($cid); if(!$channel) {Return 'channel not exist';} $cid=$channel['cid']; $csetting=$channel['csetting']; $tablename=$csetting['articletable']; } $query = $GLOBALS['db'] -> query("delete from `$tablename` WHERE id='$id'"); if($query) { Return true; }else { Return false; } } function acheck($mname,$value,$cid='',$thismsetting='',$id=0) { if($cid=='') { if(defined('cid')) { $cid=cid; }else { Return 'no cid'; } }if($thismsetting=='') { $column = $GLOBALS['db'] -> one("select mname,ifonly,msetting from ".tableex('moudle')." where cid='".$cid."' and mname='".$mname."' limit 1;"); $thismsetting=json_decode($column['msetting'],1); $thismsetting['ifonly']=$column['ifonly']; } if(isset($thismsetting['regular']) && strlen($thismsetting['regular'])>3 && !empty($value)) { if(!preg_match($thismsetting['regular'],$value)){ Return 'error'; } } if(isset($thismsetting['lenmin']) && is_numeric($thismsetting['lenmin']) && $thismsetting['lenmin']>0) { if(strlen($value)<$thismsetting['lenmin']) { Return 'short'; } } if(isset($thismsetting['lenmax']) && is_numeric($thismsetting['lenmax']) && $thismsetting['lenmax']>0) { if(strlen($value)>$thismsetting['lenmax']) { Return 'long'; } } if($thismsetting['ifonly']==1) { if(!isset($thismsetting['tablename'])) { $channel = getchannelcache($cid); $thismsetting['tablename']=$channel['csetting']['articletable']; } if($id>0) { $pagecount = $GLOBALS['db'] -> fetchcount("SELECT id FROM ".$thismsetting['tablename']." where $mname='$value' and cid='".$cid."' and id<>'$id' limit 1;"); }else { $pagecount = $GLOBALS['db'] -> fetchcount("SELECT id FROM ".$thismsetting['tablename']." where $mname='$value' and cid='".$cid."' limit 1;"); } if($pagecount) { Return 'exist'; } } Return true; } function addslashes_str($val,$addslashes) { if($addslashes) { Return dbstr($val); }else { Return $val; } } function pagelist($alist,$url='',$returnarray=0) { if(!isset($alist['pagecount']) || !isset($alist['page'])) { Return false; } $recordcount=$alist['pagecount']; $pagesize=$alist['pagesize']; $curpage=$alist['page']; $pages=isset($alist['showpages']) ? $alist['showpages'] :3 ; if(empty($url) && isset($alist['pageurl']) && !empty($alist['pageurl'])) { $url=$alist['pageurl']; if(isset($alist['cid'])) { $url=str_replace('(cid)',$alist['cid'],$url); } }else { if ( UrlRewrite ) { $url=$_SERVER['REQUEST_URI']; }else { $url=$_SERVER['SCRIPT_NAME'].$_SERVER['REQUEST_URI']; } } if(stripes($url,'page=')===false) { if(stripes($url,'?')===false) { $url=$url."?page=(page)"; }else { $url=$url."&page=(page)"; } } } } $url = preg_replace("/page=([0-9] )/is", "page=(page)", $url); } } if($pagesize<1) { $pagesize=1; } } $pagearray=array(); $totalpage = max(ceil($recordcount/$pagesize),1); if($curpage<0 || $curpage>$totalpage) $curpage=1; $outhtml = ""; $pageno = $curpage; if($page<0 || $page>$totalpage) $page=1; if($pageno==1) { $pagearray[]=array('url'=>str_replace('(page)','1',$url),'title'=>'<<','class'=>'disabled '); }else { $pagearray[]=array('url'=>str_replace('(page)','1',$url),'title'=>'<<','class'=>' ); } } if($pages>$totalpage){ $ startpage = 1 ; $endpage=min($startpage $pages,$totalpage); }else{ $startpage=max($totalpage-$pages,1); $startpage=min($startpage,$curpage); $endpage=min($startpage $pages,$totalpage); } } if($page>1){ $pagearray[]=array('url'=>str_replace('(page)',$pageno-1,$url),'title'=>'<','class'=>'') ; }else{ $pagearray[]=array('url'=>str_replace('(page)',1,$url),'title'=>'<','class'=>'disabled'); } } for($i=$startpage;$i<=$endpage;$i) { if($curpage==$i){ $pagearray[]=array('url'=>str_replace('(page)',$i,$url),'title'=>$i,'class'=>'on'); }else{ $pagearray[]=array('url'=>str_replace('(page)',$i,$url),'title'=>$i,'class'=>''); } } } } if($pageno<$totalpage){ $pagearray[]=array('url'=>str_replace('(page)',$pageno1,$url),'title'=>'>','class'=>''); }else{ $pagearray[]=array('url'=>str_replace('(page)',$totalpage,$url),'title'=>'>','class'=>'disabled'); } } if($page==$totalpage) { $pagearray[]=array('url'=>str_replace('(page)',$totalpage,$url),'title'=>'>>','class'=>'disabled' ); }else { $pagearray[]=array('url'=>str_replace('(page)',$totalpages,$url),'title'=>'>>','class'=>'') ; } } if($returnray) { Return $ pagearray ; } }else { $outhtml=''; foreach($pagesarray as $val) { if(!empty($val['class'])) { $val['class']=' class="'.$val['class'].'"'; } $outhtml.='<li'.$val['class'].'><a href="'.$val['url'].'">'.$val['title'].'</a></li>'; } } echo $outhtml; } function nav($where=0) { $channelarray=array(); if(!is_array($where)) { $thiscid=$where; $where=array(); $where['cid']=$thiscid; } if(!isset($where['cid'])) { $where['cid']=0; } $cid=$where['cid']; if(!isset($where['oncid'])) { if(defined('cid')) { $where['oncid']=cid; }else { $where['oncid']=0; } //取出on的所有id } if(!isset($where['onstyle'])) { $where['onstyle']=' class="on"'; } if(!isset($where['bro'])) {$where['bro']=1;} if(!isset($where['papa'])) {$where['papa']=1;} if($where['cid']==0) { if(!isset($where['homepage'])) { $where['homepage']['name']='首页'; $where['homepage']['url']=gethomeurl(); $where['homepage']['target']=''; }else { if(is_array($where['homepage'])) { if(!isset($where['homepage']['name'])) { $where['homepage']['name']='首页'; } if(!isset($where['homepage']['url'])) { $where['homepage']['url']=gethomeurl(); } if(!isset($where['homepage']['target'])) { $where['homepage']['target']=''; } } } if(is_array($where['homepage'])) { $channelarray[]=array('cid'=>'0','fid'=>'0','name'=>$where['homepage']['name'],'url'=>$where['homepage']['url'],'target'=>$where['homepage']['target']); } } $allchannels=getchannelscache(); $channels=array(); foreach($allchannels as $val) { if($val['ifshownav']==1) { $channels[]=$val; } } $count=0; $myfid=0; $papaid=0; foreach($channels as $channel) { if(is_numeric($cid)) { if($channel['cid']==$cid) { $myfid=$channel['fid']; if($cid>0 && $where['papa']==1) { $channelarray['papa']=$myfid;//显示父栏目 $papaid=$myfid; } } if($channel['fid']==$cid) { $count=1; $channelarray[]=$channel; } }elseif(is_array($cid)) { if(in_array($channel['cid'],$cid)) { $count=1; $channelarray[]=$channel; } } }if($count>0 && is_numeric($cid) && $cid>0 && $where['papa']==1) { $channelarray['papa']=$cid; } if($count==0) { $noonpapaid=$myfid; }else { $noonpapaid=false; } if(isset($channelarray['papa']) && $channelarray['papa']>0) { foreach($channels as $channel) { if($channel['cid']==$channelarray['papa']) { $channelarray['papa']=$channel; } } }else { unset($channelarray['papa']); } if(isset($where['bro']) && $where['bro']==1 && $count==0 && is_numeric($cid)) { //显示兄弟栏目 if(isset($myfid) && $myfid>0) { foreach($channels as $key=>$channel) { if($channel['fid']==$myfid) {$channelarray[]=$channel;} } }elseif(isset($myfid) && $myfid==0) { foreach($channels as $key=>$channel) { if($channel['cid']==$cid) {$channelarray[]=$channel;} } } } $onarray=array(); if(defined('cid')) { $thiscid=cid; while(1<2) { $ifin=false; foreach($channels as $channel) { if($channel['cid']==$thiscid && $channel['cid']!=$noonpapaid) { $onarray[]=$channel['cid']; $thiscid=$channel['fid']; $ifin=true; break; } } if($ifin===false || $thiscid==0) { break; } } } $returnarray=array(); $returnstr=''; if(!isset($where['html'])) { $where['html']='<li{onstyle}><a href="{url}"{target}>{name}</a></li>'; } if(isset($GLOBALS['nav'][$cid])) { if(is_array($GLOBALS['nav'][$cid])) { $channelarray=$GLOBALS['nav'][$cid]; }elseif(function_exists($GLOBALS['nav'][$cid])){ $channelarray=$GLOBALS['nav'][$cid]($cid); } } foreach($channelarray as $key=>$channel) { $thisstr=$where['html']; if(!isset($channel['onstyle']) || empty($channel['onstyle'])) { if(in_array($channel['cid'],$onarray)) { $channel['onstyle']=$where['onstyle']; }else { $channel['onstyle']=''; } } if(defined('cid') && cid==0 && $channel['cid']==0) {//homepage $channel['onstyle']=$where['onstyle']; } $returnarray[]=$channel; if(!isset($where['returnarray']) || $where['returnarray']==0) { $thisstr=str_replace('{url}',@$channel['url'],$thisstr); $thisstr=str_replace('{target}',@$channel['target'],$thisstr); $thisstr=str_replace('{name}',@$channel['name'],$thisstr); $thisstr=str_replace('{onstyle}',@$channel['onstyle'],$thisstr); $returnstr.=$thisstr."\r\n"; } } if(!isset($where['returnarray']) || $where['returnarray']==0) { Return $returnstr; }else{ Return $returnarray; } } function cnav($cid='',$returnarray=false,$linktag=' > ',$homepage=SystemDir) { if(empty($cid)) { if(defined('cid')){ $cid=cid; }else { $cid=0; } } $channels=getchannelscache(); $breadcrumb=''; $breadcrumbarray=array(); while(1<2) { $thischannel=false; foreach($channels as $channel) { if($channel['cid']==$cid) { $thischannel=$channel; } } if($thischannel==false) { if($breadcrumb=='') { $breadcrumb='<a href="'.gethomeurl().'">首页</a>'; }else { $breadcrumb='<a href="'.gethomeurl().'">首页</a>'.$linktag.$breadcrumb; } if($returnarray) { Return array_reverse($breadcrumbarray); }else { Return $breadcrumb; } }else { if($breadcrumb=='') { $breadcrumb='<a href="'.$thischannel['url'].'">'.$thischannel['name'].'</a>'; }else { $breadcrumb='<a href="'.$thischannel['url'].'">'.$thischannel['name'].'</a>'.$linktag.$breadcrumb; } $breadcrumbarray[]=$thischannel; $cid=$thischannel['fid']; } } } function getallchannelscache() { if(isset($GLOBALS['allchannelscache'])) { Return $GLOBALS['allchannelscache']; } $channelcachekeyname='allchannelscache'; $channelcache=cacheget($channelcachekeyname,604800,'channel'); if($channelcache) { $channels=json_decode($channelcache,1); }else { $channelslist=$GLOBALS['db']->all("SELECT cid,fid,ifshownav,cname,ckind,cvalue,newwindow,csetting FROM ".tableex('channel')." where ckind<>'4' order by corder asc"); if($channelslist) { $channels=array(); foreach($channelslist as $val) { unset($thischannel); $thischannel=array(); $thischannel['cid']=$val['cid']; $thischannel['fid']=$val['fid']; $thischannel['ckind']=$val['ckind']; $thischannel['ifshownav']=$val['ifshownav']; $thischannel['name']=$val['cname']; if($val['newwindow']==1) { $thischannel['target']=' target="_blank" '; }else { $thischannel['target']=''; } $thischannel['url']=getchannelurl($val); if(empty($thischannel['url'])) { $thischannel['url']='#'; $thischannel['target']=''; }$channels[]=$thischannel; } cacheset($channelcachekeyname,json_encode($channels),604800,'channel'); }else { Return array(); } } $GLOBALS['allchannelscache']=$channels; Return $channels; } function getchannelscache() { if(isset($GLOBALS['channelscache'])) { Return $GLOBALS['channelscache']; } $channelcachekeyname='channelscache'; $channelcache=cacheget($channelcachekeyname,604800,'channel'); if($channelcache) { $channels=json_decode($channelcache,1); }else { $channelslist=$GLOBALS['db']->all("SELECT cid,fid,ifshownav,cname,ckind,cvalue,newwindow,csetting FROM ".tableex('channel')." where ckind<>'4' and ifshow=1 order by corder asc"); if($channelslist) { $channels=array(); foreach($channelslist as $val) { unset($thischannel); $thischannel=array(); $thischannel['cid']=$val['cid']; $thischannel['fid']=$val['fid']; $thischannel['ckind']=$val['ckind']; $thischannel['ifshownav']=$val['ifshownav']; $thischannel['name']=$val['cname']; if($val['newwindow']==1) { $thischannel['target']=' target="_blank" '; }else { $thischannel['target']=''; } $thischannel['url']=getchannelurl($val); if(empty($thischannel['url'])) { $thischannel['url']='#'; $thischannel['target']=''; } $channels[]=$thischannel; } cacheset($channelcachekeyname,json_encode($channels),604800,'channel'); }else { Return array(); } } $GLOBALS['channelscache']=$channels; Return $channels; } function getchannelcache($cid) { if(isset($GLOBALS['channelcache'][$cid])) { Return $GLOBALS['channelcache'][$cid]; } $channelcachekeyname='channelcache_'.$cid; $channelcache=cacheget($channelcachekeyname,604800,'channel'); if($channelcache) { $channelcache=json_decode($channelcache,1); }else { if(is_numeric($cid)) { $channelcache=$GLOBALS['db']->one("SELECT * FROM ".tableex('channel')." where cid='$cid' limit 1"); }else { $channelcache=$GLOBALS['db']->one("SELECT * FROM ".tableex('channel')." where cname='$cid' limit 1"); } if($channelcache) { $channelcache['csetting']=json_decode($channelcache['csetting'],1); cacheset($channelcachekeyname,json_encode($channelcache),604800,'channel'); }else { Return false; } } $GLOBALS['channelcache'][$cid]=$channelcache; Return $channelcache; }function getchannelurl($cid) { if(!is_array($cid)) { $cid=getchannelcache($cid); if(!$cid) {Return false;} $csetting=$cid['csetting']; }else { $csetting=json_decode($cid['csetting'],1); } $channel=$cid; if($channel['ckind']==3 || $channel['ckind']==4 || $channel['ckind']==5) { Return $channel['cvalue']; }elseif($channel['ckind']==1 || $channel['ckind']==2) { if(isset($csetting['template']) && empty($csetting['template'])) { Return ''; } } if(!isset($csetting['channel_url'])) {Return '';} $channelurls=explode(';',$csetting['channel_url']); $channelurl=str_replace("(cid)",$cid['cid'],$channelurls[0]); if(empty($channelurl)) { Return ''; } if(!isset($csetting['channel_domain']) || empty($csetting['channel_domain'])) { $csetting['channel_domain']=SystemDomain; } if(isset($csetting['channel_domain']) && $csetting['channel_domain']<>'') { $channel_domains=explode(';',$csetting['channel_domain']); $csetting['channel_domain']=$channel_domains[0]; foreach($channel_domains as $channel_domain) { if(stripos($channel_domain,'*')===false) { $csetting['channel_domain']=$channel_domain; break; } } foreach($channel_domains as $channel_domain) { if(server_name()==$channel_domain) { $csetting['channel_domain']=''; break; } } } if(UrlRewrite) { if(empty($csetting['channel_domain'])) { $thisurl=$channelurl; }else { $thisurl='//'.$csetting['channel_domain'].server_port().$channelurl; } }else { if(empty($csetting['channel_domain'])) { $thisurl=SystemDir.IndexFile.$channelurl; }else { $thisurl='//'.$csetting['channel_domain'].server_port().SystemDir.IndexFile.$channelurl; } } Return $thisurl; } function gethomeurl() { if(isset($GLOBALS['homeurl'])) { Return $GLOBALS['homeurl']; } if(!UrlRewrite) { $indexfile=IndexFile; }else { $indexfile=''; } $domains=explode(';',SystemDomain); foreach($domains as $domain) { $domain=trim($domain); if($domain==server_name()) { $GLOBALS['homeurl']=SystemDir.$indexfile; Return $GLOBALS['homeurl']; } } if(SystemDomain=='') {$GLOBALS['homeurl']=SystemDir.$indexfile;Return&
查无此人2021-03-26 15:49:56
Your file is all methods, and you must use a database. What do you think?
Then you can only try one method at a time. You import the database and see if there is a database injected.
七字铺2021-03-26 11:14:39
The post cannot be re-edited. Because the code is too long, it seems that the display is incomplete. Here I use the network disk to upload the file.
Download: https://wwa.lanzous.com/iTtK9nbjdja Password: f2p0