一段可以替代eval的代码

789 主题	1158 帖子	4197 积分

��Ա

Rank: 9 Rank: 9 Rank: 9

积分: 4197

发消息

电梯直达

¥��

发表于 2019-11-22 19:28:44 | 只看该作者回帖奖励

|倒序浏览 |阅读模式

原有的代码依赖eval实现
容易被黑客利用
$str  = "<tr id='catid_{\$id}'>
                                    <td align='center'><input name='listorders[{\$id}]' type='text' size='3' value='{\$listorder}' class='input-text-c'></td>
                                    <td align='center'>{\$id}</td>
                                    <td >{\$spacer}{\$catname}{\$display_icon}{\$display_rec}</td>
                                    <td>{\$typename}</td>
                                    <td>{\$modelname}</td>
                                    <td align='center'>{\$items}</td>
                                    <td align='center'>{\$url}</td>
                                    <td align='center' >{\$str_manage}</td>
                              </tr>";

$values_arr = array('id'=>1,'listorder'=>2,'spacer'=>3,'catname'=>4,'display_icon'=>5,
'display_rec'=>6,'typename'=>7,'modelname'=>8,'items'=>9,'url'=>10,'str_manage'=>"#",);

$search_arr  = array();
foreach(array_keys($values_arr)  as $v){

$search_arr[] = '{$'.$v."}";

}

$replace_arr = array_values($values_arr);


      $nstr = str_replace($search_arr,$replace_arr,$str);

      echo $nstr;

收藏0

使用道具举报

返回列表

基本文件错误 SQL 调试

1:/home/minxuanbm4ipnyxlu3ann/wwwroot/bbs/forum.php ( 2.22 KB )
2:/home/minxuanbm4ipnyxlu3ann/wwwroot/bbs/source/class/class_core.php ( 6.25 KB )
3:/home/minxuanbm4ipnyxlu3ann/wwwroot/bbs/source/class/debug/debug.class.php ( 5.35 KB )
4:/home/minxuanbm4ipnyxlu3ann/wwwroot/bbs/source/class/discuz/discuz_application.php ( 30.54 KB )
5:/home/minxuanbm4ipnyxlu3ann/wwwroot/bbs/source/class/discuz/discuz_base.php ( 1.43 KB )
6:/home/minxuanbm4ipnyxlu3ann/wwwroot/bbs/source/function/function_core.php ( 69.19 KB )
7:/home/minxuanbm4ipnyxlu3ann/wwwroot/bbs/config/config_global.php ( 4.68 KB )
8:/home/minxuanbm4ipnyxlu3ann/wwwroot/bbs/source/class/discuz/discuz_database.php ( 11.87 KB )
9:/home/minxuanbm4ipnyxlu3ann/wwwroot/bbs/source/function/function_forum.php ( 40.31 KB )
10:/home/minxuanbm4ipnyxlu3ann/wwwroot/bbs/source/class/db/db_driver_mysqli.php ( 6.09 KB )
11:/home/minxuanbm4ipnyxlu3ann/wwwroot/bbs/source/class/table/table_common_syscache.php ( 3.52 KB )
12:/home/minxuanbm4ipnyxlu3ann/wwwroot/bbs/source/class/discuz/discuz_table.php ( 6.87 KB )
13:/home/minxuanbm4ipnyxlu3ann/wwwroot/bbs/source/class/discuz/discuz_memory.php ( 4.13 KB )
14:/home/minxuanbm4ipnyxlu3ann/wwwroot/bbs/source/class/discuz/discuz_session.php ( 6.76 KB )
15:/home/minxuanbm4ipnyxlu3ann/wwwroot/bbs/source/class/table/table_common_session.php ( 4.82 KB )
16:/home/minxuanbm4ipnyxlu3ann/wwwroot/bbs/source/language/lang_core.php ( 7.70 KB )
17:/home/minxuanbm4ipnyxlu3ann/wwwroot/bbs/source/class/table/table_forum_thread.php ( 50.36 KB )
18:/home/minxuanbm4ipnyxlu3ann/wwwroot/bbs/source/class/table/table_forum_forum.php ( 16.35 KB )
19:/home/minxuanbm4ipnyxlu3ann/wwwroot/bbs/source/plugin/wechat/wechat.class.php ( 19.42 KB )
20:/home/minxuanbm4ipnyxlu3ann/wwwroot/bbs/source/plugin/mobile/mobile.class.php ( 16.55 KB )
21:/home/minxuanbm4ipnyxlu3ann/wwwroot/bbs/data/template/1_wechat_module.tpl.php ( 5.16 KB )
22:/home/minxuanbm4ipnyxlu3ann/wwwroot/bbs/source/module/forum/forum_viewthread.php ( 71.67 KB )
23:/home/minxuanbm4ipnyxlu3ann/wwwroot/bbs/source/function/function_forumlist.php ( 14.90 KB )
24:/home/minxuanbm4ipnyxlu3ann/wwwroot/bbs/source/function/function_discuzcode.php ( 37.61 KB )
25:/home/minxuanbm4ipnyxlu3ann/wwwroot/bbs/data/template/1_1_forum_discuzcode.tpl.php ( 21.08 KB )
26:/home/minxuanbm4ipnyxlu3ann/wwwroot/bbs/source/function/function_post.php ( 23.43 KB )
27:/home/minxuanbm4ipnyxlu3ann/wwwroot/bbs/source/class/helper/helper_seccheck.php ( 9.94 KB )
28:/home/minxuanbm4ipnyxlu3ann/wwwroot/bbs/source/class/table/table_forum_threaddisablepos.php ( 0.64 KB )
29:/home/minxuanbm4ipnyxlu3ann/wwwroot/bbs/source/class/table/table_forum_post.php ( 38.17 KB )
30:/home/minxuanbm4ipnyxlu3ann/wwwroot/bbs/source/language/forum/lang_misc.php ( 14.14 KB )
31:/home/minxuanbm4ipnyxlu3ann/wwwroot/bbs/source/class/helper/helper_seo.php ( 4.87 KB )
32:/home/minxuanbm4ipnyxlu3ann/wwwroot/bbs/source/class/table/table_common_member_count.php ( 4.10 KB )
33:/home/minxuanbm4ipnyxlu3ann/wwwroot/bbs/source/class/discuz/discuz_table_archive.php ( 5.01 KB )
34:/home/minxuanbm4ipnyxlu3ann/wwwroot/bbs/source/class/table/table_common_member_status.php ( 3.29 KB )
35:/home/minxuanbm4ipnyxlu3ann/wwwroot/bbs/source/class/table/table_common_member_field_forum.php ( 0.55 KB )
36:/home/minxuanbm4ipnyxlu3ann/wwwroot/bbs/source/class/table/table_common_member_profile.php ( 3.89 KB )
37:/home/minxuanbm4ipnyxlu3ann/wwwroot/bbs/source/class/table/table_common_member_field_home.php ( 1.06 KB )
38:/home/minxuanbm4ipnyxlu3ann/wwwroot/bbs/source/class/table/table_common_member.php ( 19.03 KB )
39:/home/minxuanbm4ipnyxlu3ann/wwwroot/bbs/source/class/helper/helper_access.php ( 0.68 KB )
40:/home/minxuanbm4ipnyxlu3ann/wwwroot/bbs/source/language/lang_space.php ( 14.74 KB )
41:/home/minxuanbm4ipnyxlu3ann/wwwroot/bbs/source/function/function_upload.php ( 3.82 KB )
42:/home/minxuanbm4ipnyxlu3ann/wwwroot/bbs/source/class/table/table_forum_grouplevel.php ( 0.93 KB )
43:/home/minxuanbm4ipnyxlu3ann/wwwroot/bbs/data/template/1_diy_forum_viewthread.tpl.php ( 105.56 KB )
44:/home/minxuanbm4ipnyxlu3ann/wwwroot/bbs/data/template/1_1_common_header_forum_viewthread.tpl.php ( 22.00 KB )
45:/home/minxuanbm4ipnyxlu3ann/wwwroot/bbs/data/template/1_1_common_header_userstatus.tpl.php ( 5.07 KB )
46:/home/minxuanbm4ipnyxlu3ann/wwwroot/bbs/data/template/1_1_member_login_simple.tpl.php ( 3.00 KB )
47:/home/minxuanbm4ipnyxlu3ann/wwwroot/bbs/data/template/1_1_forum_viewthread_profile_node.tpl.php ( 3.39 KB )
48:/home/minxuanbm4ipnyxlu3ann/wwwroot/bbs/source/function/function_profile.php ( 19.66 KB )
49:/home/minxuanbm4ipnyxlu3ann/wwwroot/bbs/data/template/1_1_common_footer.tpl.php ( 10.33 KB )
50:/home/minxuanbm4ipnyxlu3ann/wwwroot/bbs/source/function/function_debug.php ( 0.02 KB )
51:/home/minxuanbm4ipnyxlu3ann/wwwroot/bbs/template/default/trace.php ( 0.31 KB )

错误警告 [文件 /home/minxuanbm4ipnyxlu3ann/wwwroot/bbs/source/class/table/table_forum_post.php 中,第 0 行] ：Declaration of table_forum_post::update($tableid, $pid, $data, $unbuffered = false, $low_priority = false, $first = NULL, $invisible = NULL, $fid = NULL, $status = NULL) should be compatible with discuz_table::update($val, $data, $unbuffered = false, $low_priority = false)
错误警告 [文件 /home/minxuanbm4ipnyxlu3ann/wwwroot/bbs/source/class/table/table_forum_post.php 中,第 0 行] ：Declaration of table_forum_post::delete($tableid, $pid, $unbuffered = false) should be compatible with discuz_table::delete($val, $unbuffered = false)
错误警告 [文件 /home/minxuanbm4ipnyxlu3ann/wwwroot/bbs/source/class/table/table_forum_post.php 中,第 0 行] ：Declaration of table_forum_post::insert($tableid, $data, $return_insert_id = false, $replace = false, $silent = false) should be compatible with discuz_table::insert($data, $return_insert_id = false, $replace = false, $silent = false)
错误警告 [文件 /home/minxuanbm4ipnyxlu3ann/wwwroot/bbs/source/class/table/table_forum_post.php 中,第 0 行] ：Declaration of table_forum_post::fetch($tableid, $pid, $outmsg = true) should be compatible with discuz_table::fetch($id, $force_from_db = false)
错误警告 [文件 /home/minxuanbm4ipnyxlu3ann/wwwroot/bbs/source/class/table/table_forum_post.php 中,第 0 行] ：Declaration of table_forum_post::fetch_all($tableid, $pids, $outmsg = true) should be compatible with discuz_table::fetch_all($ids, $force_from_db = false)
错误警告 [文件 /home/minxuanbm4ipnyxlu3ann/wwwroot/bbs/source/class/table/table_forum_post.php 中,第 0 行] ：Declaration of table_forum_post::update_cache($tableid, $id, $idtype, $data, $condition = Array, $glue = 'merge') should be compatible with discuz_table::update_cache($id, $data, $cache_ttl = NULL, $pre_cache_key = NULL)
错误警告 [文件 /home/minxuanbm4ipnyxlu3ann/wwwroot/bbs/source/function/function_upload.php 中,第 73 行] ：Use of undefined constant upload_max_filesize - assumed 'upload_max_filesize' (this will throw an Error in a future version of PHP)
错误警告 [文件 /home/minxuanbm4ipnyxlu3ann/wwwroot/bbs/source/class/table/table_common_session.php 中,第 72 行] ：Use of undefined constant sid - assumed 'sid' (this will throw an Error in a future version of PHP)

SELECT * FROM pre_common_syscache WHERE `cname` IN('smilies','smileytypes','forums','usergroups','stamps','bbcodes','custominfo','groupicon','threadtableids','threadtable_info','posttable_info','diytemplatenameforum','plugin','pluginlanguage_system','setting','style_default','cronnextrun');
SELECT * FROM pre_common_syscache WHERE `cname` IN('usergroup_7');
SELECT * FROM pre_common_session WHERE `sid`='f2E96b';
SELECT * FROM pre_common_syscache WHERE `cname` IN('ipbanned');
SELECT * FROM pre_forum_thread WHERE tid=780;
SELECT ff.*, f.* FROM pre_forum_forum f LEFT JOIN pre_forum_forumfield ff ON ff.fid=f.fid WHERE f.fid=45;
UPDATE LOW_PRIORITY pre_forum_thread SET `views`=`views`+'1' WHERE tid IN ('780');
SELECT * FROM pre_forum_threaddisablepos WHERE `tid`='780';
SELECT * FROM pre_forum_post WHERE tid=780 AND position>=1 AND position<11 ORDER BY position;
SELECT * FROM pre_common_syscache WHERE `cname` IN('bbcodes_display','smileycodes','domainwhitelist');
SELECT * FROM pre_common_member_count WHERE `uid` IN('1');
SELECT * FROM pre_common_member_status WHERE `uid` IN('1');
SELECT * FROM pre_common_member_field_forum WHERE `uid` IN('1');
SELECT uid,realname,gender,birthyear,birthmonth,birthday,constellation,zodiac,telephone,mobile,idcardtype,idcard,address,zipcode,nationality,birthprovince,birthcity,birthdist,birthcommunity,resideprovince,residecity,residedist,residecommunity,residesuite,graduateschool,education,company,occupation,position,revenue,affectivestatus,lookingfor,bloodtype,height,weight,alipay,icq,qq,yahoo,msn,taobao,site,bio,interest,field1,field2,field3,field4,field5,field6,field7,field8 FROM pre_common_member_profile WHERE `uid` IN('1');
SELECT * FROM pre_common_member_field_home WHERE `uid` IN('1');
SELECT * FROM pre_common_member WHERE `uid` IN('1');
SELECT * FROM pre_common_syscache WHERE `cname` IN('relatedlink');
SELECT * FROM pre_common_syscache WHERE `cname` IN('attachtype');
DELETE FROM pre_common_session WHERE sid='QnYC6I' OR lastactivity<1777662295 OR (uid='0' AND ip1='216' AND ip2='73' AND ip3='217' AND ip4='4' AND lastactivity>1777663135) ;
INSERT INTO pre_common_session SET `sid`='QnYC6I' , `ip1`='216' , `ip2`='73' , `ip3`='217' , `ip4`='4' , `uid`='0' , `username`='' , `groupid`='7' , `invisible`='' , `action`='2' , `lastactivity`='1777663195' , `fid`='45' , `tid`='780' , `lastolupdate`='0';

		自动登录	找回密码
密码			��ע��