DedeBIZ
/
DedeV6
Watch 2
Star 0
Fork 0
Code Pull Requests 0 Releases 25 Activity
国内流行的内容管理系统(CMS)多端全媒体解决方案 https://www.dedebiz.com
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1929 Commits
3 Branches
110MB
Tree: 4641dbfceb
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '4641dbfceb'
${ noResults }
DedeV6/src/admin/templets/sys_safetest.htm

81 lines
3.1KB
Raw Blame History 

  1. <!DOCTYPE html>

  2. <html>

  3. 	<head>

  4. 		<meta charset="utf-8">

  5. 		<meta http-equiv="X-UA-Compatible" content="IE=Edge,chrome=1">

  6. 		<title>文件扫描工具</title>

  7. 		<link rel="stylesheet" href="../static/web/font/css/font-awesome.min.css">

  8. 		<link rel="stylesheet" href="../static/web/css/bootstrap.min.css">

  9. 		<link rel="stylesheet" href="../static/web/css/admin.css">

  10. 		<script src="../static/web/js/jquery.min.js"></script>

  11. 		<script src="../static/web/js/webajax.js"></script>

  12. 		<script src="js/main.js"></script>

  13. 	</head>

  14. 	<body>

  15. 		<table align="center" class="table maintable my-3">

  16. 			<tr>

  17. 				<td bgcolor="#f5f5f5">文件扫描工具</td>

  18. 			</tr>

  19. 			<tr>

  20. 				<td>

  21. 					<?php echo $alter;?>

  22. 					<div class="alert alert-info mb-0">

  23. 						<ul>

  24. 							<li>检测结果:结果仅供参考,请务必查看源码后才删除非法文件</li>

  25. 							<li>安全建议:1、有条件的会员把data、system、theme修改为不可对外浏览,static、a目录设置为不允许执行脚本,其它目录禁止写入,系统更安全;2、本检测程以开发模式为标准,如果您的网站目录包含其它系统,此检测程序会产生错误判断;3、检测程序会跳过对模板缓存目录的检测,为了安全起见,检测完成后建议清空模板缓存</li>

  26. 						</ul>

  27. 					</div>

  28. 				</td>

  29. 			</tr>

  30. 			<tr>

  31. 				<td>

  32. 					<label>文件类型:<input type="text" name="filetype" id="filetype" value="php|inc" class="admin-input-lg"></label>

  33. 					<label>代码特征:<input type="text" name="info" id="info" value="eval|cmd|system|exec|_GET|_POST|_REQUEST|base64_decode" class="admin-input-lg"></label>

  34. 				</td>

  35. 			</tr>

  36. 			<tr>

  37. 				<td align="center" bgcolor="#e9ecef">

  38. 					<button type="button" name="bt1" class="btn btn-success btn-sm" onclick="LoadCtTest();">开始检测</button>

  39. 					<button type="button" name="bt2" class="btn btn-outline-success btn-sm" onclick="LoadCtClear();">清空模板缓存</button>

  40. 				</td>

  41. 			</tr>

  42. 			<tr>

  43. 				<td id="messagetd">

  44. 					<div id="loaddiv" class="text-center" style="display:none"><img src="../static/web/img/loadinglit.gif"></div>

  45. 				</td>

  46. 			</tr>

  47. 		</table>

  48. 		<script>

  49. 			function LoadCtTest() {

  50. 				var filetype = $Obj('filetype').value;

  51. 				var info = $Obj('info').value;

  52. 				$Obj('loaddiv').style.display = 'block';

  53. 				fetch('sys_safetest.php?action=test&filetype=' + filetype + "&info=" + info).then(resp => {

  54. 					if (resp.ok) {

  55. 					   return resp.text()

  56. 					}

  57. 					throw new Error('系统错误,无法获取数据');

  58. 				}).then((d) => {

  59. 					$DE('messagetd').innerHTML = d;

  60. 					$Obj('loaddiv').style.display = 'none';

  61. 				}).catch((error) => {

  62. 					console.log(error);

  63. 				});

  64. 			}

  65. 			function LoadCtClear() {

  66. 				$Obj('loaddiv').style.display = 'block';

  67. 				fetch('sys_safetest.php?action=clear').then(resp => {

  68. 					if (resp.ok) {

  69. 						return resp.text()

  70. 					}

  71. 					throw new Error('系统错误,无法获取数据');

  72. 				}).then((d) => {

  73. 					$DE('messagetd').innerHTML = d;

  74. 					$Obj('loaddiv').style.display = 'none';

  75. 				}).catch((error) => {

  76. 					$DE('messagetd').innerHTML = errMsg;

  77. 				});

  78. 			}

  79. 		</script>

  80. 	</body>

  81. </html>