RED MUG
سه شنبه 05 فروردین 1393, 03:28 صبح
سلام
ایا این کد آخرین ارسالات باگ امنیتی داره؟
ممنون میشم لطف کنید بگید
<script language="Javascript">var URL = "Show-Last-Post.php"var speed = 150000
function reload() {location = URL}
setTimeout("reload()", speed);
</script><style>body { font-family: tahoma; font-color: #666; direction: rtl;}.LastPost {font: 13px Byekan,b yekan,yekan !important;color: #5A5A5A !important;border: 1px solid #CFCFCF;padding: 5px;}.LastPost a {font: 13px Byekan,b yekan,yekan !important;color: #5A5A5A !important;border: none !important;text-decoration: none;}.LastPost a:hover {color: #A2A2A2 !important;}.LastPost td {background: #F5F5F5;border: 1px solid #FFF;font: 13px Byekan,b yekan,yekan !important;color: #8A8A8A;text-shadow: 0 1px #FFF;padding: 5px 2px;}.Tab-LastPost td {background: #FAFAFA;border: 1px solid #FFF;text-align: center;font: 13px Byekan,b yekan,yekan !important;color: #8A8A8A;text-shadow: 0 1px #FFF;}</style><?phpecho"<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">";require_once('includes/config.php');require_once('includes/functions.php');
$forum_path = ".";$lastpost_limit = "15"; // تعداد پست ها$title_limit = "130"; // تعداد کاراکتر عنوان پست ها
// کانکت به دیتابیس (برای نمایش در خود ویبولتین کاملا اتوماتیک است) لزومی به ادیت نیست
$server = $config['MasterServer']['servername'];$databaseuser = $config['MasterServer']['username'];$databasepass = $config['MasterServer']['password'];$databasename = $config['Database']['dbname'];$table_prefix = $config['Database']['tableprefix'];
$db = mysql_connect("$server", "$databaseuser", "$databasepass") or die ('database error');mysql_select_db("$databasename", $db) or die ('database error');
function UsernameColor($username) { list($usergroupid) = mysql_fetch_array(mysql_query("SELECT usergroupid FROM `user` WHERE username = '$username'")); list($opentag, $closetag) = mysql_fetch_array(mysql_query("SELECT opentag,closetag FROM usergroup WHERE usergroupid = $usergroupid")); $username = $opentag.$username.$closetag; return $username;}echo"<div class=\"LastPost\"><table style=\"width: 100%;\"><thead class=\"Tab-LastPost\"> <tr> <td> عنوان پست </td> <td> شروع کننده تاپیک </td> <td> آخرین ارسال کننده </td> <td> انجمن ارسال شده </td> <td> پاسخ </td> <td> بازدید </td> </tr></thead>
<tbody>";
$result = mysql_query("SELECT threadid,title,lastpost,lastposter,forumid,postuse rname,lastpostid,replycount,views FROM " . $table_prefix . " thread WHERE visible=1 AND open=1 ORDER BY lastpost DESC LIMIT ".$lastpost_limit." ");while($row = mysql_fetch_array($result)){ $lastpost = $row['lastpost']; $lastposter = UsernameColor($row['lastposter']); $threadid = $row['threadid']; $forumid = $row['forumid']; $postusername = UsernameColor($row['postusername']); $lastpostid = $row['lastpostid']; $title = $row['title']; $title = substr($title,0,$title_limit); $replycount = $row['replycount']; $views = $row['views']; $ftitle = mysql_query("SELECT title FROM " . $table_prefix . "forum WHERE forumid=$forumid"); $ftitle = mysql_fetch_array($ftitle); $ftitle = $ftitle['title']; $lpost = mysql_query("SELECT title,postid FROM " . $table_prefix . "post WHERE postid=$lastpostid"); $lpost = mysql_fetch_array($lpost); $lastposterid = $lpost['postid']; $lastposttitle = $lpost['title']; if (empty($lastposttitle)) { $lastposttitle = ($title); } $lastposttitle = substr($lastposttitle,0,$title_limit); echo " <tr> <td><a href=\"$forum_path/showthread.php?p=$lastposterid#post$lastposterid\" target=\"_blank\" class=\"LastPost\"> » $title</a></td> <td style=\"text-align: center;\">$postusername</td> <td style=\"text-align: center;\">$lastposter</td> <td style=\"text-align: center;\">$ftitle</td> <td style=\"text-align: center;\">$replycount</td> <td style=\"text-align: center;\">$views</td> </tr>";}echo"</div>";
?>
فراخونیش
<iframe align="center" src="Show-Last-Post.php?" width="100%" height="560" frameborder="0"></iframe>
ایا این کد آخرین ارسالات باگ امنیتی داره؟
ممنون میشم لطف کنید بگید
<script language="Javascript">var URL = "Show-Last-Post.php"var speed = 150000
function reload() {location = URL}
setTimeout("reload()", speed);
</script><style>body { font-family: tahoma; font-color: #666; direction: rtl;}.LastPost {font: 13px Byekan,b yekan,yekan !important;color: #5A5A5A !important;border: 1px solid #CFCFCF;padding: 5px;}.LastPost a {font: 13px Byekan,b yekan,yekan !important;color: #5A5A5A !important;border: none !important;text-decoration: none;}.LastPost a:hover {color: #A2A2A2 !important;}.LastPost td {background: #F5F5F5;border: 1px solid #FFF;font: 13px Byekan,b yekan,yekan !important;color: #8A8A8A;text-shadow: 0 1px #FFF;padding: 5px 2px;}.Tab-LastPost td {background: #FAFAFA;border: 1px solid #FFF;text-align: center;font: 13px Byekan,b yekan,yekan !important;color: #8A8A8A;text-shadow: 0 1px #FFF;}</style><?phpecho"<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">";require_once('includes/config.php');require_once('includes/functions.php');
$forum_path = ".";$lastpost_limit = "15"; // تعداد پست ها$title_limit = "130"; // تعداد کاراکتر عنوان پست ها
// کانکت به دیتابیس (برای نمایش در خود ویبولتین کاملا اتوماتیک است) لزومی به ادیت نیست
$server = $config['MasterServer']['servername'];$databaseuser = $config['MasterServer']['username'];$databasepass = $config['MasterServer']['password'];$databasename = $config['Database']['dbname'];$table_prefix = $config['Database']['tableprefix'];
$db = mysql_connect("$server", "$databaseuser", "$databasepass") or die ('database error');mysql_select_db("$databasename", $db) or die ('database error');
function UsernameColor($username) { list($usergroupid) = mysql_fetch_array(mysql_query("SELECT usergroupid FROM `user` WHERE username = '$username'")); list($opentag, $closetag) = mysql_fetch_array(mysql_query("SELECT opentag,closetag FROM usergroup WHERE usergroupid = $usergroupid")); $username = $opentag.$username.$closetag; return $username;}echo"<div class=\"LastPost\"><table style=\"width: 100%;\"><thead class=\"Tab-LastPost\"> <tr> <td> عنوان پست </td> <td> شروع کننده تاپیک </td> <td> آخرین ارسال کننده </td> <td> انجمن ارسال شده </td> <td> پاسخ </td> <td> بازدید </td> </tr></thead>
<tbody>";
$result = mysql_query("SELECT threadid,title,lastpost,lastposter,forumid,postuse rname,lastpostid,replycount,views FROM " . $table_prefix . " thread WHERE visible=1 AND open=1 ORDER BY lastpost DESC LIMIT ".$lastpost_limit." ");while($row = mysql_fetch_array($result)){ $lastpost = $row['lastpost']; $lastposter = UsernameColor($row['lastposter']); $threadid = $row['threadid']; $forumid = $row['forumid']; $postusername = UsernameColor($row['postusername']); $lastpostid = $row['lastpostid']; $title = $row['title']; $title = substr($title,0,$title_limit); $replycount = $row['replycount']; $views = $row['views']; $ftitle = mysql_query("SELECT title FROM " . $table_prefix . "forum WHERE forumid=$forumid"); $ftitle = mysql_fetch_array($ftitle); $ftitle = $ftitle['title']; $lpost = mysql_query("SELECT title,postid FROM " . $table_prefix . "post WHERE postid=$lastpostid"); $lpost = mysql_fetch_array($lpost); $lastposterid = $lpost['postid']; $lastposttitle = $lpost['title']; if (empty($lastposttitle)) { $lastposttitle = ($title); } $lastposttitle = substr($lastposttitle,0,$title_limit); echo " <tr> <td><a href=\"$forum_path/showthread.php?p=$lastposterid#post$lastposterid\" target=\"_blank\" class=\"LastPost\"> » $title</a></td> <td style=\"text-align: center;\">$postusername</td> <td style=\"text-align: center;\">$lastposter</td> <td style=\"text-align: center;\">$ftitle</td> <td style=\"text-align: center;\">$replycount</td> <td style=\"text-align: center;\">$views</td> </tr>";}echo"</div>";
?>
فراخونیش
<iframe align="center" src="Show-Last-Post.php?" width="100%" height="560" frameborder="0"></iframe>