Last active
December 28, 2015 20:59
-
-
Save wotupset/7561094 to your computer and use it in GitHub Desktop.
pic/index.php
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| //***************** | |
| header('Content-type: text/html; charset=utf-8'); | |
| extract($_POST,EXTR_SKIP); | |
| $phpself=basename($_SERVER["SCRIPT_FILENAME"]);//被執行的文件檔名 | |
| date_default_timezone_set("Asia/Taipei");//時區設定 | |
| $time = time();//UNIX時間時區設定 | |
| $query_string=$_SERVER['QUERY_STRING']; | |
| //$query_string=$GLOBALS['query_string']; | |
| //***************** | |
| $htmlhead=<<<EOT | |
| <html><head> | |
| <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> | |
| <title>gzip</title> | |
| <style> | |
| body {font-family:'細明體','MingLiU';} | |
| </style> | |
| <script> | |
| var query = location.href.split('#'); | |
| document.cookies = 'hashtag=' + query[1]; | |
| <script> | |
| </head><body> | |
| EOT; | |
| //************** | |
| $htmlend=<<<EOT | |
| </body></html> | |
| EOT; | |
| //************** | |
| //檢查x資料夾在不在 | |
| $handle=opendir("./"); $dir_in=""; | |
| $cc=0; | |
| while(($file = readdir($handle))!==false) { | |
| if(is_dir($file)){//只針對資料夾 | |
| if($file=="."||$file == ".."){ | |
| //什麼事都不做 | |
| }else{ | |
| if(preg_match('/^x.+$/', $file)){ | |
| $dir_in=$file;$cc=$cc+1; | |
| }else{} //檢驗$query_string格式 | |
| } | |
| } | |
| } | |
| if($cc){}else{die("dir miss");} | |
| if($cc>1){die("dir multi");} | |
| closedir($handle); | |
| //************** | |
| /* | |
| $dir_mth="./".date("ym", $time)."/";//年月 | |
| if(!is_writeable(realpath("./"))){ die("根目錄沒有寫入權限,請修改權限"); } | |
| mkdir($dir_mth, 0777); //建立資料夾 權限0777 | |
| chmod($dir_mth, 0777); //權限0777 | |
| if(!is_dir(realpath($dir_mth))){die("子資料夾不存在");} | |
| if(!is_writeable(realpath($dir_mth))){die("子資料夾無法寫入");} | |
| if(!is_readable(realpath($dir_mth))){die("子資料夾無法讀取");} | |
| //檢查子資料夾是否存在 | |
| if(is_dir($dir_mth)){//子資料夾存在 | |
| if(is_file("inde.php")){//如果根目錄有inde.php檔案 | |
| if(!is_file($dir_mth."index.php")){//如果該月目錄沒有index檔案 | |
| $chk=@copy("inde.php", $dir_mth."index.php");//複製檔案到該月目錄 | |
| if(!$chk){die('複製檔案失敗');} | |
| } | |
| }else{//根目錄有index檔案 | |
| die('index檔案遺失'); | |
| } | |
| }else{//子資料夾不存在 | |
| die("子資料夾不存在"); | |
| } | |
| */ | |
| //允許的副檔名 | |
| $mimetypes = array( | |
| 'jpg' => 'image/jpeg', | |
| 'png' => 'image/png', | |
| 'gif' => 'image/gif', | |
| 'pdf' => 'application/pdf' | |
| ); | |
| //************** | |
| rec(''); | |
| //************** | |
| $file_name="./".$dir_in."/".$query_string;//要呼叫的檔案 | |
| if(is_file($file_name)){ //檔案存在 | |
| $tmp_size=filesize($file_name);//檔案大小 | |
| $tmp_f_ext=substr($file_name,-3); //副檔名 | |
| foreach($mimetypes as $k => $v){ | |
| if($tmp_f_ext == $k){ //符合的副檔名 | |
| ob_start(); | |
| header("Content-type: $v;"); | |
| //header('Content-type:application/force-download'); | |
| header("Content-Transfer-Encoding: Binary"); //編碼方式 | |
| header("Cache-Control: cache, must-revalidate"); | |
| header('Content-Length:'.$tmp_size); | |
| //$tmp_fn_out=$tmp.'_'.substr(md5_file($file_name),0,5);//輸出的檔名 | |
| //$tmp="Content-Disposition: attachment; filename=\"build-$tmp_fn_out.$k\""; | |
| //header($tmp); | |
| readfile($file_name); //讀取圖片 | |
| ob_flush(); | |
| exit; | |
| } | |
| } | |
| }else{ | |
| $htmlbody=''; | |
| $string="臣亮言:先帝創業未半,而中道崩殂。 | |
| 今天下三分,益州疲弊,此誠危急之秋也。 | |
| 然侍衛之臣,不懈於內﹔忠志之士,忘身於外者,蓋追先帝之殊遇,欲報之於陛下也。 | |
| 誠宜開張聖聽,以光先帝遺德,恢弘志士之氣; | |
| 不宜妄自菲薄,引喻失義,以塞忠諫之路也。"; | |
| //mb_internal_encoding("UTF-8"); | |
| $htmlbody.= mb_substr($string,0,13,"utf-8")."<br/>\n"; | |
| $tmp_s=$_SERVER['REMOTE_ADDR']; | |
| $htmlbody.= "$tmp_s<br/>\n"; | |
| $tmp_s=gethostbyaddr($_SERVER["REMOTE_ADDR"]); | |
| $htmlbody.= "$tmp_s<br/>\n"; | |
| $tmp_s=$_SERVER['HTTP_REFERER']; | |
| $htmlbody.= "$tmp_s<br/>\n"; | |
| $tmp_s=$_COOKIE['hashtag']; | |
| $htmlbody.= "$tmp_s<br/>\n"; | |
| $htmlbody.= "<a href='../'>../</a>"."<br/>\n"; | |
| } | |
| //************** | |
| echo $htmlhead; | |
| echo $htmlbody; | |
| echo $htmlend; | |
| function rec($x){ | |
| $logfile="./log.log"; | |
| $tmp_f_ct=0; | |
| if(is_file($logfile)){//檔案存在就載入紀錄 | |
| $tmp_f_cnt=file_get_contents($logfile); | |
| $tmp_f_cnt=trim($tmp_f_cnt); | |
| $tmp_f_cnt_arr=explode("\n",$tmp_f_cnt); | |
| //$tmp_f_ct=count($tmp_f_cnt_arr); | |
| //$tmp_f_ext=substr($logfile,-3); //副檔名 | |
| }else{ | |
| // | |
| } | |
| $input_data=''; | |
| $tmp_s=gethostbyaddr($_SERVER["REMOTE_ADDR"]); | |
| $user_ip=$_SERVER['REMOTE_ADDR']."<>".$tmp_s; | |
| if(isset($_SERVER['HTTP_REFERER'])){ | |
| $user_from=$_SERVER['HTTP_REFERER']; | |
| }else{ | |
| $user_from="不明"; | |
| } | |
| $tmp_f_ct=$tmp_f_ct+1; | |
| $input_data.="$user_ip,$user_from\n$tmp_f_cnt"; | |
| $cp = fopen($logfile, "a+") or die('');// 讀寫模式, 指標於最後, 找不到會嘗試建立檔案 | |
| //rewind($cp); //從頭讀取 | |
| //$buf=fread($cp,1000000); //讀取至暫存 | |
| ftruncate($cp, 0); //砍資料至0 | |
| fputs($cp, $input_data); | |
| fclose($cp);//關閉檔案要求 | |
| //************** | |
| return $x; | |
| } | |
| ?> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment