baijiacms-master 审计实验

news2026/3/18 21:13:04

01动态数据流动为什么默认这个观察参数流动搜索关键字给两个文件都打上断点看最终流向最终流向这里观察代码跳转?php defined(IN_IA) or exit(Access Denied);??php defined(SYSTEM_IN) or exit(Access Denied);? div classweui-msg__icon-areai class?php if($labelsuccess) { ?weui-icon-success?php } else { ?weui-icon-warn?php } ? weui-icon_msg/i/div div classweui-msg__text-area ?php if(is_array($msg)) { ? h4MYSQL 错误/h4 p?php echo cutstr($msg[sql], 300, 1);?/p pb?php echo $msg[error][0];? ?php echo $msg[error][1];?/b?php echo $msg[error][2];?/p ?php }else{ ? h2 classweui-msg__title?php echo $msg;?/h2 ?php } ? /div div classweui-msg__opr-area p classweui-btn-area ?php if($redirect) { ? a idhref href?php echo $redirect;? classweui-btn ?php if($labelsuccess) { ?weui-btn_primary?php } else { ?weui-btn_warn?php } ?页面自动跳转等待时间 b idwait?php echo $sec0?2:$sec?/b/a script typetext/javascript (function(){ var wait document.getElementById(wait),href document.getElementById(href).href; var interval setInterval(function(){ var time --wait.innerHTML; if(time 0) { location.href href; clearInterval(interval); }; }, 1000); })(); /script ?php } else { ? a hrefjavascript:history.go(-1);classweui-btn weui-btn_warn点击这里返回上一页/a ?php } ?经过不停的断点最终发现数据流向E:\baijiacms-master\includes\baijiacms\runner.inc.php$class-module $modulename; if (method_exists($class, $method)) { exit($class-$method()); }else { exit($method. no this method); } } } }mobile.phppublic function do_shopindex() { global $_GP; $this-__mobile(__FUNCTION__); }E:\baijiacms-master\system\common\mobile.phppublic function __mobile($f_name){ global $_CMS,$_GP,$_W,$_GPC; if(empty($_CMS[beid])) { message(未找到站点ID); } $filephp$_CMS[module]./class/mobile/.strtolower(substr($f_name,3))..php; include_once SYSTEM_ROOT.$filephp; }function message($msg, $redirect , $type ,$successAutoNexttrue,$sec2) { global $_CMS,$_GP; $secintval($sec); if($redirect refresh) { $redirect refresh(); } if($redirect ) { $type in_array($type, array(success, error, info, warning, ajax, sql)) ? $type : info; } else { $type in_array($type, array(success, error, info, warning, ajax, sql)) ? $type : success; } if ($_CMS[isajax] || !empty($_GET[isajax]) || $type ajax) { if($type ! ajax !empty($_GP[target])) { exit( script type\text/javascript\ parent.require([jquery, util], function($, util){ var url .(!empty($redirect) ? parent.location.href : ).; var modalobj util.message(.$msg., , .$type.); if (url) { modalobj.on(hide.bs.modal, function(){\$(.modal).each(function(){if(\$(this).attr(id) ! modal-message) {\$(this).modal(hide);}});top.location.reload()}); } }); /script); } else { $vars array(); $vars[message] $msg; $vars[redirect] $redirect; $vars[type] $type; exit(json_encode($vars)); } } if (empty($msg) !empty($redirect)) { header(location: .$redirect); } $label $type; if($type error) { $label danger; } if($type ajax || $type sql) { $label warning; } include page(message); exit(); }路径返回看看可不可以控制最后一步有参数public function __mobile2($f_name){ global $_CMS,$_GP,$_W,$_GPC; $filephp$_CMS[module]./class/mobile/.strtolower(substr($f_name,3))..php; include_once SYSTEM_ROOT.$filephp; }function page($filename, $type false) { global $_CMS,$_GP; $do; if($typetrue) { $do$_GP[do]./; } if(SYSTEM_ACTmobile) { $sourceSYSTEM_ROOT . $_CMS[module]./template/mobile/.$do.{$filename}.php; if (!is_file($source)) { $sourceSYSTEM_ROOT .common/template/mobile/.$do.{$filename}.php; } }else { $sourceSYSTEM_ROOT . $_CMS[module]./template/web/.$do.{$filename}.php; if (!is_file($source)) { $sourceSYSTEM_ROOT .common/template/web/.$do.{$filename}.php; } } return $source; }message.php?php defined(IN_IA) or exit(Access Denied);??php defined(SYSTEM_IN) or exit(Access Denied);? !DOCTYPE html PUBLIC -//W3C//DTD XHTML 1.0 Transitional//EN http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd html xmlnshttp://www.w3.org/1999/xhtml head meta http-equivContent-Type contenttext/html; charsetutf-8 / meta contenttelephoneno, addressno nameformat-detection meta nameviewport contentwidthdevice-width,minimum-scale1.0,maximum-scale1.0,user-scalableno / meta nameapple-mobile-web-app-capable contentyes / !-- apple devices fullscreen -- meta nameapple-mobile-web-app-status-bar-style contentblack-translucent / title跳转提示/title link href?php echo RESOURCE_ROOT;?public/weui.min.css relstylesheet link href?php echo RESOURCE_ROOT;?public/weui.plus.css?v2 relstylesheet /head body div classpage msg_success js_show stylemargin-top:50px div classweui-msg div classweui-msg__icon-areai class?php if($labelsuccess) { ?weui-icon-success?php } else { ?weui-icon-warn?php } ? weui-icon_msg/i/div div classweui-msg__text-area ?php if(is_array($msg)) { ? h4MYSQL 错误/h4 p?php echo cutstr($msg[sql], 300, 1);?/p pb?php echo $msg[error][0];? ?php echo $msg[error][1];?/b?php echo $msg[error][2];?/p ?php }else{ ? h2 classweui-msg__title?php echo $msg;?/h2 ?php } ? /div div classweui-msg__opr-area p classweui-btn-area ?php if($redirect) { ? a idhref href?php echo $redirect;? classweui-btn ?php if($labelsuccess) { ?weui-btn_primary?php } else { ?weui-btn_warn?php } ?页面自动跳转等待时间 b idwait?php echo $sec0?2:$sec?/b/a script typetext/javascript (function(){ var wait document.getElementById(wait),href document.getElementById(href).href; var interval setInterval(function(){ var time --wait.innerHTML; if(time 0) { location.href href; clearInterval(interval); }; }, 1000); })(); /script ?php } else { ? a hrefjavascript:history.go(-1);classweui-btn weui-btn_warn点击这里返回上一页/a ?php } ? /p /div div classweui-msg__extra-area div classweui-footer p classweui-footer__textCopyright © 2016 baijiacms.com/p /div /div /div /div /body /html02关键字搜索完整域名(选填)$_W[uniacid]是控制源头查看$_W$_CMS; $_GP $_CMS array();html xmlnshttp://www.w3.org/1999/xhtml head //加载渲染 meta charsetutf-8 meta http-equivX-UA-Compatible contentIEedge meta nameviewport contentwidthdevice-width, initial-scale1.0 title百家CMS微商城V4/title link href?php echo RESOURCE_ROOT;?weengine/css/bootstrap.min.css relstylesheet link href?php echo RESOURCE_ROOT;?weengine/css/font-awesome.min.css relstylesheet link href?php echo RESOURCE_ROOT;?weengine/css/common.css?x?php echo time()? relstylesheet link href?php echo RESOURCE_ROOT;?weengine/css/plus.css?x?php echo time()? relstylesheet link href?php echo RESOURCE_ROOT;?weengine/css/main/main.css?x?php echo time()? relstylesheet scriptvar require { urlArgs: v?php echo date(YmdH);? };/script scriptwindow.global_website?php echo WEBSITE_ROOT;?;/script script src?php echo RESOURCE_ROOT;?weengine/js/lib/jquery-1.11.1.min.js/script script src?php echo RESOURCE_ROOT;?weengine/js/lib/bootstrap.min.js/script script src?php echo RESOURCE_ROOT;?weengine/js/app/util.js/script script src?php echo RESOURCE_ROOT;?weengine/js/require.js/script script src?php echo RESOURCE_ROOT;?weengine/js/app/config.js/script script typetext/javascript if(navigator.appName Microsoft Internet Explorer){ if(navigator.userAgent.indexOf(MSIE 5.0)0 || navigator.userAgent.indexOf(MSIE 6.0)0 || navigator.userAgent.indexOf(MSIE 7.0)0) { alert(您使用的 IE 浏览器版本过低, 推荐使用 Chrome 浏览器或 IE8 及以上版本浏览器.); } } //$_CMS[uniacid]$_CMS[beid]; //$_CMS[beid]$_GP[beid]; //创建全局变量动态显示 window.sysinfo { ?php if(!empty($_W[uniacid])) { ? 如果不为空json uniacid: ?php echo $_W[uniacid];?, ?php } ? ?php if(!empty($_W[acid])) { ? acid: ?php echo $_W[acid];?, ?php } ? ?php if(!empty($_W[openid])) { ? openid: ?php echo $_W[openid];?, ?php } ? ?php if(!empty($_W[uid])) { ? uid: ?php echo $_W[uid];?, ?php } ? siteroot: ?php echo $_W[siteroot];?, siteurl: ?php echo $_W[siteurl];?, attachurl: ?php echo $_W[attachurl];?, attachurl_local: ?php echo $_W[attachurl_local];?, attachurl_remote: ?php echo $_W[attachurl_remote];?, ?php if(defined(MODULE_URL)) { ? MODULE_URL: ?php echo MODULE_URL;?, ?php } ? cookie : {pre: ?php echo $_W[config][cookie][pre];?} }; //全局变量打印 window.uploader_file_fetch?php echo create_url(mobile,array(dofile,actpublic,opfetch));?; window.uploader_file_local?php echo create_url(mobile,array(dofile,actpublic,oplocal));?; window.uploader_file_image?php echo create_url(mobile,array(dofile,actpublic,opupload,typeimage));?; window.uploader_file_audio?php echo create_url(mobile,array(dofile,actpublic,opaudio));?; window.uploader_file_delete?php echo create_url(mobile,array(dofile,actpublic,opdelete));?; window.resource_url?php echo RESOURCE_ROOT;?; window.public_utility_link; window.public_utility_pageLink; window.public_utility_newsLink; window.public_utility_articleLink; window.public_utility_phoneLink; window.public_utility_moduleLink; window.public_utility_selectIcon?php echo create_url(site,array(doicon,actutility));?; window.public_utility_selectEmojiComplete?php echo create_url(site,array(doemoji,actutility));?; /script /head body // div classmain_header div classmain_logo a hrefimg src?php echo RESOURCE_ROOT;?weengine/css/main/logow.png/a /div div classmain_nav_cont ul classmain_nav a href?php echo create_url(site,array(act manager,do store,opdisplay))?系统管理/a/li /ul div classmain_login span classmain_change_link stylecolor: #FFF您好?php echo $GLOBALS[_CMS][WEB_SESSION_ACCOUNT][username];?/span ul classmain_nav_right lii classnav-first-i/i a hrefhttp://www.baijiacms.com/ target_blank官方首页/a i/i /li lii classnav-first-i/i a href?php echo create_url(site,array(act manager,do changepwd))?修改密码/a i/i /li lii classnav-first-i/i a href?php echo create_url(mobile,array(act public,do logout))?退出系统/a i/i /li /ul span classmain_change_link nbsp;/span /div /div /div !--[if lte IE 7]div classietip ietipbg/divdiv classietip ietiptext您的浏览器太旧了为了获得更好的体验请升级您的浏览器/div![endif]-- div classmain_wrap div classmain_wrap-bg div classmain_sidebar div classmain_subnav ?php include page(system_menu/system);? /div /div div idmain_tgy classmain_tgy a idmain_celan classmain_celan title关闭侧栏/a script $(#main_celan).click(function(){ if($(this).hasClass(main_celan main_celanon)){ $(.main_sidebar).animate({marginLeft:0px}); $(#main_tgy).animate({marginLeft:200px}); $(#main_celan).removeClass(main_celanon); $.cookie(celan,null)}else{$(.main_sidebar).animate({marginLeft:-210px}); $(#main_tgy).animate({marginLeft:0px}); $(#main_celan).addClass(main_celanon); $.cookie(celan,1,{expires:7})} }); /script?php defined(SYSTEM_IN) or exit(Access Denied);? //包含可以复用的代码文件 ?php include page(system_header);? form methodpost classform-horizontal form div classpanel h3 classcustom_page_header 店铺编辑 /h3 div classpanel-body //获取id input typehidden nameid value?php echo $store[id];? / div classform-group label classcol-xs-12 col-sm-3 col-md-2 control-label店铺名称span stylecolor:red*/span/label div classcol-sm-9 col-xs-12 input typetext namesname classform-control value?php echo $store[sname];? / /div /div div classform-group label classcol-xs-12 col-sm-3 col-md-2 control-label绑定域名span stylecolor:red*/span/label div classcol-sm-9 col-xs-12 input typetext namewebsite classform-control value?php echo $store[website];? / span classhelp-block如***.baijiacms.com请注意格式***部分可为你定义的英文不含二级目录和http。/span /div /div div classform-group label classcol-xs-12 col-sm-3 col-md-2 control-label完整域名(选填)/label div classcol-sm-9 col-xs-12 input typetext namefullwebsite classform-control value?php echo $store[fullwebsite];? / span classhelp-blockspan stylecolor:red可空系统会自动完善/span。如特殊情况需手动修改请注意格式如http://***/demo/请注意格式***部分可为你定义的域名。/span /div /div div classform-group label classcol-xs-12 col-sm-3 col-md-2 control-label是否开启/label div classcol-sm-9 col-xs-12 label classradio-inline input typeradio namestatus value1 ?php if($store[isclose] 1) { ?checkedtrue?php } ? 关闭 /label label classradio-inline input typeradio namestatus value0 ?php if($store[isclose] 0) { ?checkedtrue?php } ? 开启 /label /div /div div classform-group label classcol-xs-12 col-sm-3 col-md-2 control-label前台访问链接/label div classcol-sm-9 col-xs-12 ?php if(!empty($store[id])){? input readonlyreadlony typetext namemobile_url classform-control value?php if(empty($store[fullwebsite])) { ?http://?php echo $store[website];?/?php }else{ ??php echo $store[fullwebsite];??php } ?index.php /a target_blank href?php if(empty($store[fullwebsite])) { ?http://?php echo $store[website];?/?php }else{ ??php echo $store[fullwebsite];??php } ?index.php预览/a ?php }else{? 提交后生成链接 ?php }? /div /div div classform-group label classcol-xs-12 col-sm-3 col-md-2 control-label后台访问链接/label div classcol-sm-9 col-xs-12 ?php if(!empty($store[id])){? input readonlyreadlony typetext namemobile_url classform-control value?php if(empty($store[fullwebsite])) { ?http://?php echo $store[website];?/?php }else{ ??php echo $store[fullwebsite];??php } ?admin.php /a target_blank href?php if(empty($store[fullwebsite])) { ?http://?php echo $store[website];?/?php }else{ ??php echo $store[fullwebsite];??php } ?admin.php预览/a ?php }else{? 提交后生成链接 ?php }? /div /div div classform-group label classcol-xs-12 col-sm-3 col-md-2 control-label/label div classcol-sm-9 col-xs-12 input typesubmit namesubmit value提交 classbtn btn-primary col-lg-1 /div /div /div /div /form ?php include page(footer-base);??php defined(IN_IA) or exit(Access Denied);? script languagejavascript require([bootstrap], function ($) {}); $(function(){ var height1$(.main_wrap).height(); var height2$(.main_tgy).height(); if(parseInt(height1) parseInt(height2)){ $(.main_tgy).css({min-height: (height150)}); }; }); /script /div /div /div /body /html页面对照

本文来自互联网用户投稿，该文观点仅代表作者本人，不代表本站立场。本站仅提供信息存储空间服务，不拥有所有权，不承担相关法律责任。如若转载，请注明出处：http://www.coloradmin.cn/o/2424141.html

如若内容造成侵权/违法违规/事实不符，请联系多彩编程网进行投诉反馈，一经查实，立即删除！