DedeBIZ
/
DedeV6

<!DOCTYPE html>
<html>
	<head>
		<meta charset="utf-8">
		<meta name="viewport" content="width=device-width,initial-scale=1,shrink-to-fit=no">
		<title>文件扫描工具</title>
		<link rel="stylesheet" href="/static/web/css/font-awesome.min.css">
		<link rel="stylesheet" href="/static/web/css/bootstrap.min.css">
		<link rel="stylesheet" href="/static/web/css/admin.css">
		<script src="/static/web/js/jquery.min.js"></script>
		<script src="/static/web/js/webajax.js"></script>
		<script src="/static/web/js/admin.main.js"></script>
	</head>
	<body>
		<?php echo $alter;?>
		<div class="container-fluid">
			<ol class="breadcrumb">
				<li class="breadcrumb-item"><a href="index_body.php">后台面板</a></li>
				<li class="breadcrumb-item active">文件扫描工具</li>
			</ol>
			<div class="card shadow-sm mb-3">
				<div class="card-header">文件扫描工具</div>
				<div class="card-body">
					<div class="alert alert-info">
						<ul>
							<li>检测结果：结果仅供参考，请务必查看源码后才删除非法文件</li>
							<li>安全建议：1、有条件的会员把data、system、theme修改为不可对外浏览，static、a目录设置为不允许执行脚本，其它目录禁止写入，系统更安全；2、本检测程以开发模式为标准，如果网站目录包含其它系统，此检测程序会产生错误判断；3、检测程序会跳过对模板缓存目录的检测，为了安全起见，检测完成后建议清空模板缓存</li>
						</ul>
					</div>
					<div class="table-responsive">
						<table class="table table-borderless">
							<tbody>
								<tr>
									<td>
										<label>文件类型：<input type="text" name="filetype" id="filetype" value="php|inc" class="admin-input-lg"></label>
										<label>代码特征：<input type="text" name="info" id="info" value="eval|cmd|system|exec|_GET|_POST|_REQUEST|base64_decode" class="admin-input-lg"></label>
									</td>
								</tr>
								<tr>
									<td align="center">
										<a href="javascript:LoadCtTest();" class="btn btn-success btn-sm">开始执行</a>
										<a href="javascript:LoadCtClear();" class="btn btn-success btn-sm">清空模板缓存</a>
									</td>
								</tr>
								<tr>
									<td id="messagetd"></td>
								</tr>
							</tbody>
						</table>
					</div>
				</div>
			</div>
		</div>
		<script>
			function LoadCtTest() {
				var filetype = $Obj('filetype').value;
				var info = $Obj('info').value;
				fetch('sys_safetest.php?action=test&filetype=' + filetype + "&info=" + info).then(resp => {
					if (resp.ok) {
					   return resp.text()
					}
					throw new Error('系统错误，无法获取数据');
				}).then((d) => {
					$DE('messagetd').innerHTML = d;
				}).catch((error) => {
					console.log(error);
				});
			}
			function LoadCtClear() {
				fetch('sys_safetest.php?action=clear').then(resp => {
					if (resp.ok) {
						return resp.text()
					}
					throw new Error('系统错误，无法获取数据');
				}).then((d) => {
					$DE('messagetd').innerHTML = d;
				}).catch((error) => {
					$DE('messagetd').innerHTML = errMsg;
				});
			}
		</script>
	</body>
</html>