DedeBIZ
/
DedeV6
Watch 2
Star 0
Fork 0
Code Pull Requests 0 Releases 25 Activity
国内流行的内容管理系统(CMS)多端全媒体解决方案 https://www.dedebiz.com
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2426 Commits
3 Branches
3.8GB
Branch: master
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'master'
${ noResults }
DedeV6/src/admin/templets/sys_safetest.htm

75 lines
2.7KB
Raw Permalink Blame History 

  1. <!DOCTYPE html>

  2. <html>

  3. 	<head>

  4. 		<meta charset="utf-8">

  5. 		<meta name="viewport" content="width=device-width,initial-scale=1,shrink-to-fit=no">

  6. 		<title>文件扫描工具</title>

  7. 		<link rel="stylesheet" href="/static/web/css/font-awesome.min.css">

  8. 		<link rel="stylesheet" href="/static/web/css/bootstrap.min.css">

  9. 		<link rel="stylesheet" href="/static/web/css/admin.css">

  10. 		<script src="/static/web/js/jquery.min.js"></script>

  11. 		<script src="/static/web/js/webajax.js"></script>

  12. 		<script src="/static/web/js/admin.main.js"></script>

  13. 	</head>

  14. 	<body>

  15. 		<table class="table shadow-sm my-3">

  16. 			<tr>

  17. 				<td>文件扫描工具</td>

  18. 			</tr>

  19. 			<tr>

  20. 				<td>

  21. 					<?php echo $alter;?>

  22. 					<div class="alert alert-info mb-0">

  23. 						<ul>

  24. 							<li>检测结果:结果仅供参考,请务必查看源码后才删除非法文件</li>

  25. 							<li>安全建议:1、有条件的会员把data、system、theme修改为不可对外浏览,static、a目录设置为不允许执行脚本,其它目录禁止写入,系统更安全;2、本检测程以开发模式为标准,如果网站目录包含其它系统,此检测程序会产生错误判断;3、检测程序会跳过对模板缓存目录的检测,为了安全起见,检测完成后建议清空模板缓存</li>

  26. 						</ul>

  27. 					</div>

  28. 				</td>

  29. 			</tr>

  30. 			<tr>

  31. 				<td>

  32. 					<label>文件类型:<input type="text" name="filetype" id="filetype" value="php|inc" class="admin-input-lg"></label>

  33. 					<label>代码特征:<input type="text" name="info" id="info" value="eval|cmd|system|exec|_GET|_POST|_REQUEST|base64_decode" class="admin-input-lg"></label>

  34. 				</td>

  35. 			</tr>

  36. 			<tr>

  37. 				<td align="center">

  38. 					<button type="button" name="bt1" class="btn btn-success btn-sm" onclick="LoadCtTest();">开始检测</button>

  39. 					<button type="button" name="bt2" class="btn btn-outline-success btn-sm" onclick="LoadCtClear();">清空模板缓存</button>

  40. 				</td>

  41. 			</tr>

  42. 			<tr>

  43. 				<td id="messagetd"></td>

  44. 			</tr>

  45. 		</table>

  46. 		<script>

  47. 			function LoadCtTest() {

  48. 				var filetype = $Obj('filetype').value;

  49. 				var info = $Obj('info').value;

  50. 				fetch('sys_safetest.php?action=test&filetype=' + filetype + "&info=" + info).then(resp => {

  51. 					if (resp.ok) {

  52. 					   return resp.text()

  53. 					}

  54. 					throw new Error('系统错误,无法获取数据');

  55. 				}).then((d) => {

  56. 					$DE('messagetd').innerHTML = d;

  57. 				}).catch((error) => {

  58. 					console.log(error);

  59. 				});

  60. 			}

  61. 			function LoadCtClear() {

  62. 				fetch('sys_safetest.php?action=clear').then(resp => {

  63. 					if (resp.ok) {

  64. 						return resp.text()

  65. 					}

  66. 					throw new Error('系统错误,无法获取数据');

  67. 				}).then((d) => {

  68. 					$DE('messagetd').innerHTML = d;

  69. 				}).catch((error) => {

  70. 					$DE('messagetd').innerHTML = errMsg;

  71. 				});

  72. 			}

  73. 		</script>

  74. 	</body>

  75. </html>