+++
// +----------------------------------------------------------------------
// 应用入口文件
exit('ok');
// 检测PHP环境
if(version_compare(PHP_VERSION,'5.3.0','<')) die('require PHP > 5.3.0 !');
// 开启调试模式 建议开发阶段开启 部署阶段注释或者设为false
define('APP_DEBUG',true);
// 定义应用目录
define('APP_PATH','./Application/');
//安全性代码2019by 孙阳
$referer=empty($_SERVER['HTTP_REFERER']) ? array() : array($_SERVER['HTTP_REFERER']);
function customError($errno, $errstr, $errfile, $errline)
{
echo "Error number: [$errno],error on line $errline in $errfile
";
die();
}
set_error_handler("customError",E_ERROR);
$getfilter="'|<[^>]*?>|^\\+\/v(8|9)|\\b(and|or)\\b.+?(>|<|=|\\bin\\b|\\blike\\b)|\\/\\*.+?\\*\\/|\\bEXEC\\b|UNION.+?SELECT|UPDATE.+?SET|INSERT\\s+INTO.+?VALUES|(SELECT|DELETE).+?FROM|(CREATE|ALTER|DROP|TRUNCATE)\\s+(TABLE|DATABASE)";
$postfilter="^\\+\/v(8|9)|\\b(and|or)\\b.{1,6}?(=|>|<|\\bin\\b|\\blike\\b)|\\/\\*.+?\\*\\/|\\bEXEC\\b|UNION.+?SELECT|UPDATE.+?SET|INSERT\\s+INTO.+?VALUES|(SELECT|DELETE).+?FROM|(CREATE|ALTER|DROP|TRUNCATE)\\s+(TABLE|DATABASE)";
$cookiefilter="\\b(and|or)\\b.{1,6}?(=|>|<|\\bin\\b|\\blike\\b)|\\/\\*.+?\\*\\/|\\bEXEC\\b|UNION.+?SELECT|UPDATE.+?SET|INSERT\\s+INTO.+?VALUES|(SELECT|DELETE).+?FROM|(CREATE|ALTER|DROP|TRUNCATE)\\s+(TABLE|DATABASE)";
function StopAttack($StrFiltKey,$StrFiltValue,$ArrFiltReq){
$StrFiltValue=arr_foreach($StrFiltValue);
if (preg_match("/".$ArrFiltReq."/is",$StrFiltValue)==1){
//slog("
²Ù×÷IP: ".$_SERVER["REMOTE_ADDR"]."
²Ù×÷ʱ¼ä: ".strftime("%Y-%m-%d %H:%M:%S")."
²Ù×÷Ò³Ãæ:".$_SERVER["PHP_SELF"]."
Ìá½»·½Ê½: ".$_SERVER["REQUEST_METHOD"]."
Ìá½»²ÎÊý: ".$StrFiltKey."
Ìá½»Êý¾Ý: ".$StrFiltValue);
print "";
exit();
}
if (preg_match("/".$ArrFiltReq."/is",$StrFiltKey)==1){
//slog("
²Ù×÷IP: ".$_SERVER["REMOTE_ADDR"]."
²Ù×÷ʱ¼ä: ".strftime("%Y-%m-%d %H:%M:%S")."
²Ù×÷Ò³Ãæ:".$_SERVER["PHP_SELF"]."
Ìá½»·½Ê½: ".$_SERVER["REQUEST_METHOD"]."
Ìá½»²ÎÊý: ".$StrFiltKey."
Ìá½»Êý¾Ý: ".$StrFiltValue);
print "";
exit();
}
}
//$ArrPGC=array_merge($_GET,$_POST,$_COOKIE);
foreach($_GET as $key=>$value){
StopAttack($key,$value,$getfilter);
}
foreach($_POST as $key=>$value){
StopAttack($key,$value,$postfilter);
}
foreach($_COOKIE as $key=>$value){
StopAttack($key,$value,$cookiefilter);
}
foreach($referer as $key=>$value){
StopAttack($key,$value,$getfilter);
}
function slog($logs)
{
$toppath=$_SERVER["DOCUMENT_ROOT"]."/log.htm";
$Ts=fopen($toppath,"a+");
fputs($Ts,$logs."\r\n");
fclose($Ts);
}
function arr_foreach($arr) {
static $str;
if (!is_array($arr)) {
return $arr;
}
foreach ($arr as $key => $val ) {
if (is_array($val)) {
arr_foreach($val);
} else {
$str[] = $val;
}
}
return implode($str);
}
//安全性代码2019by 孙阳
// 引入ThinkPHP入口文件
require './ThinkPHP/ThinkPHP.php';
// 亲^_^ 后面不需要任何代码了