国内流行的内容管理系统(CMS)多端全媒体解决方案 https://www.dedebiz.com
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

sys_safetest.htm 3.1KB

2 jaren geleden
1 jaar geleden
1 jaar geleden
1 jaar geleden
1 jaar geleden
1 jaar geleden
1 jaar geleden
1 jaar geleden
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081
  1. <!DOCTYPE html>
  2. <html>
  3. <head>
  4. <meta charset="utf-8">
  5. <meta http-equiv="X-UA-Compatible" content="IE=Edge,chrome=1">
  6. <title>文件扫描工具</title>
  7. <link rel="stylesheet" href="../static/web/font/css/font-awesome.min.css">
  8. <link rel="stylesheet" href="../static/web/css/bootstrap.min.css">
  9. <link rel="stylesheet" href="../static/web/css/admin.css">
  10. <script src="../static/web/js/jquery.min.js"></script>
  11. <script src="../static/web/js/webajax.js"></script>
  12. <script src="js/main.js"></script>
  13. </head>
  14. <body>
  15. <table align="center" class="table maintable my-3">
  16. <tr>
  17. <td bgcolor="#f5f5f5">文件扫描工具</td>
  18. </tr>
  19. <tr>
  20. <td>
  21. <?php echo $alter;?>
  22. <div class="alert alert-info mb-0">
  23. <ul>
  24. <li>检测结果:结果仅供参考,请务必查看源码后才删除非法文件</li>
  25. <li>安全建议:1、有条件的会员把data、system、theme修改为不可对外浏览,static、a目录设置为不允许执行脚本,其它目录禁止写入,系统更安全;2、本检测程以开发模式为标准,如果您的网站目录包含其它系统,此检测程序会产生错误判断;3、检测程序会跳过对模板缓存目录的检测,为了安全起见,检测完成后建议清空模板缓存</li>
  26. </ul>
  27. </div>
  28. </td>
  29. </tr>
  30. <tr>
  31. <td>
  32. <span>文件类型:<input type="text" name="filetype" id="filetype" value="php|inc" class="admin-input-lg"></span>
  33. <span>代码特征:<input type="text" name="info" id="info" value="eval|cmd|system|exec|_GET|_POST|_REQUEST|base64_decode" class="admin-input-lg"></span>
  34. </td>
  35. </tr>
  36. <tr>
  37. <td align="center" bgcolor="#e9ecef">
  38. <button type="button" name="bt1" class="btn btn-success btn-sm" onclick="LoadCtTest();">开始检测</button>
  39. <button type="button" name="bt2" class="btn btn-outline-success btn-sm" onclick="LoadCtClear();">清空模板缓存</button>
  40. </td>
  41. </tr>
  42. <tr>
  43. <td id="messagetd">
  44. <div id="loaddiv" class="text-center" style="display:none"><img src="../static/web/img/loadinglit.gif"></div>
  45. </td>
  46. </tr>
  47. </table>
  48. <script>
  49. function LoadCtTest() {
  50. var filetype = $Obj('filetype').value;
  51. var info = $Obj('info').value;
  52. $Obj('loaddiv').style.display = 'block';
  53. fetch('sys_safetest.php?action=test&filetype=' + filetype + "&info=" + info).then(resp => {
  54. if (resp.ok) {
  55. return resp.text()
  56. }
  57. throw new Error('系统错误,无法获取数据');
  58. }).then((d) => {
  59. $DE('messagetd').innerHTML = d;
  60. $Obj('loaddiv').style.display = 'none';
  61. }).catch((error) => {
  62. console.log(error);
  63. });
  64. }
  65. function LoadCtClear() {
  66. $Obj('loaddiv').style.display = 'block';
  67. fetch('sys_safetest.php?action=clear').then(resp => {
  68. if (resp.ok) {
  69. return resp.text()
  70. }
  71. throw new Error('系统错误,无法获取数据');
  72. }).then((d) => {
  73. $DE('messagetd').innerHTML = d;
  74. $Obj('loaddiv').style.display = 'none';
  75. }).catch((error) => {
  76. $DE('messagetd').innerHTML = errMsg;
  77. });
  78. }
  79. </script>
  80. </body>
  81. </html>