Jump to content
php.lv forumi

Vienas Lapas Statistika


K|NG

Recommended Posts

Kādu laiciņu būs te:

http://www.acidus.lv/statistika/

http://www.acidus.lv/statistika/source.php

paroli cerams atradīsiet :) (user,parole)

index.php

<code><font color="#000000">
<font color="#0000CC"><?php
</font><font color="#FF9900"># Statistika "Mazais Spiegs:)"
# www.acidus.lv/statistika/
# Vajadzīgie faili un direktorijas:
# index.php - lapa, kurai vajadzīga statistika
# spiegs.php - fails ar kuru skatīt statistiku
# stats/ - direktorija, kurā glabāsies statistika
# stats/dati - fails kur glabāsies dati.  jābūt - Permission 777
# stats/.htaccess - direktorijas aizsardzības fails. failā ierakstīts - deny from all


</font><font color="#006600">if (</font><font color="#0000CC">[url=http://lv.php.net/getenv]getenv[/url]</font><font color="#006600">(</font><font color="#CC0000">"HTTP_X_FORWARDED_FOR"</font><font color="#006600">))
{
</font><font color="#0000CC">$ip</font><font color="#006600">=</font><font color="#0000CC">[url=http://lv.php.net/getenv]getenv[/url]</font><font color="#006600">(</font><font color="#CC0000">"HTTP_X_FORWARD_FOR"</font><font color="#006600">);
</font><font color="#0000CC">$host</font><font color="#006600">=</font><font color="#0000CC">[url=http://lv.php.net/gethostbyaddr]gethostbyaddr[/url]</font><font color="#006600">(</font><font color="#0000CC">$ip</font><font color="#006600">);
} else {
</font><font color="#0000CC">$ip</font><font color="#006600">=</font><font color="#0000CC">[url=http://lv.php.net/getenv]getenv[/url]</font><font color="#006600">(</font><font color="#CC0000">"REMOTE_ADDR"</font><font color="#006600">);
</font><font color="#0000CC">$host</font><font color="#006600">=</font><font color="#0000CC">[url=http://lv.php.net/gethostbyaddr]gethostbyaddr[/url]</font><font color="#006600">(</font><font color="#0000CC">$ip</font><font color="#006600">);
}
</font><font color="#0000CC">$metode</font><font color="#006600">=</font><font color="#0000CC">[url=http://lv.php.net/getenv]getenv[/url]</font><font color="#006600">(</font><font color="#CC0000">"REQUEST_METHOD"</font><font color="#006600">);
</font><font color="#0000CC">$refers</font><font color="#006600">=</font><font color="#0000CC">[url=http://lv.php.net/getenv]getenv[/url]</font><font color="#006600">(</font><font color="#CC0000">"HTTP_REFERER"</font><font color="#006600">);
</font><font color="#0000CC">$agents</font><font color="#006600">=</font><font color="#0000CC">[url=http://lv.php.net/getenv]getenv[/url]</font><font color="#006600">(</font><font color="#CC0000">"HTTP_USER_AGENT"</font><font color="#006600">);
</font><font color="#0000CC">$prasit</font><font color="#006600">=</font><font color="#0000CC">[url=http://lv.php.net/getenv]getenv[/url]</font><font color="#006600">(</font><font color="#CC0000">"REQUEST_URI"</font><font color="#006600">);
</font><font color="#0000CC">$laiks</font><font color="#006600">=</font><font color="#0000CC">[url=http://lv.php.net/date]date[/url]</font><font color="#006600">(</font><font color="#CC0000">"d-m-Y, H:i:s"</font><font color="#006600">);

</font><font color="#0000CC">$a</font><font color="#006600">=</font><font color="#CC0000">"$host:|:$ip:|:$laiks:|:$refers:|:$agents:|:$prasit:|:$PHP_SELF:|:$metoden"</font><font color="#006600">;
</font><font color="#0000CC">$fileb</font><font color="#006600">=</font><font color="#0000CC">[url=http://lv.php.net/join]join[/url]</font><font color="#006600">(</font><font color="#CC0000">""</font><font color="#006600">,</font><font color="#0000CC">[url=http://lv.php.net/file]file[/url]</font><font color="#006600">(</font><font color="#CC0000">"stats/dati"</font><font color="#006600">));
</font><font color="#0000CC">$fp</font><font color="#006600">=</font><font color="#0000CC">[url=http://lv.php.net/fopen]fopen[/url]</font><font color="#006600">(</font><font color="#CC0000">"stats/dati"</font><font color="#006600">,</font><font color="#CC0000">"w"</font><font color="#006600">);
</font><font color="#0000CC">[url=http://lv.php.net/fputs]fputs[/url]</font><font color="#006600">(</font><font color="#0000CC">$fp</font><font color="#006600">,</font><font color="#0000CC">$a</font><font color="#006600">);
</font><font color="#0000CC">[url=http://lv.php.net/fputs]fputs[/url]</font><font color="#006600">(</font><font color="#0000CC">$fp</font><font color="#006600">, </font><font color="#0000CC">$fileb</font><font color="#006600">);
</font><font color="#0000CC">[url=http://lv.php.net/fclose]fclose[/url]</font><font color="#006600">(</font><font color="#0000CC">$fp</font><font color="#006600">);
</font><font color="#0000CC">?>
</font><html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1257">
<title>Mazais Spiegs</title>
</head>
<body>
"Mazais Spiegs"<hr>lapas publiskais saturs:

Čau, manam kaķim iet labi! :)<hr>
nepubliskais:

<a href="spiegs.php">Apskaties statistiku!</a>

<a href="source.php">Apskaties sources!</a>

reālajā lapā šiem te linkiem nevajadzētu te atrasties :)
</body>
</html></font>
</code>

spiegs.php

<code><font color="#000000">
<font color="#0000CC"><?php </font><font color="#006600">if ( ( !isset( </font><font color="#0000CC">$PHP_AUTH_USER </font><font color="#006600">)) || (!isset(</font><font color="#0000CC">$PHP_AUTH_PW</font><font color="#006600">))
|| ( </font><font color="#0000CC">$PHP_AUTH_USER </font><font color="#006600">!= </font><font color="#CC0000">'user' </font><font color="#006600">) || ( </font><font color="#0000CC">$PHP_AUTH_PW </font><font color="#006600">!= </font><font color="#CC0000">'parole' </font><font color="#006600">) ) {
</font><font color="#0000CC">[url=http://lv.php.net/header]header[/url]</font><font color="#006600">( </font><font color="#CC0000">'WWW-Authenticate: Basic realm="Private"' </font><font color="#006600">);
</font><font color="#0000CC">[url=http://lv.php.net/header]header[/url]</font><font color="#006600">( </font><font color="#CC0000">'HTTP/1.0 401 Unauthorized' </font><font color="#006600">);
echo </font><font color="#CC0000">'Authorization Required.'</font><font color="#006600">;
exit;
} else {
</font><font color="#0000CC">?>
</font><html>
<head>
<title>spiegs</title>
<style type="text/css">
td {
font-family: Verdana, Arial, Helvetica, sans-serif;
font-size: 10px;
text-align: center;
}
</style>
</head>
<body>
<table border="1" cellpadding="0" cellspacing="0" width="100%">
<tr><td>Host:</td><td>IP:</td><td>Laiks:</td><td>Referer:</td><td>Browser:</td><td>String:</td><td>Scrip Name:</td><td>Request method:</td>
</tr>
<font color="#0000CC"><?php
</font><font color="#006600">function </font><font color="#0000CC">atvert</font><font color="#006600">(){global </font><font color="#0000CC">$log</font><font color="#006600">;</font><font color="#0000CC">$fd</font><font color="#006600">=</font><font color="#0000CC">[url=http://lv.php.net/fopen]fopen[/url]</font><font color="#006600">(</font><font color="#0000CC">$log</font><font color="#006600">,</font><font color="#CC0000">"r"</font><font color="#006600">) or die(</font><font color="#CC0000">'...'</font><font color="#006600">);</font><font color="#0000CC">$fs</font><font color="#006600">=</font><font color="#0000CC">[url=http://lv.php.net/fread]fread[/url]</font><font color="#006600">(</font><font color="#0000CC">$fd</font><font color="#006600">,</font><font color="#0000CC">[url=http://lv.php.net/filesize]filesize[/url]</font><font color="#006600">(</font><font color="#0000CC">$log</font><font color="#006600">));</font><font color="#0000CC">[url=http://lv.php.net/fclose]fclose[/url]</font><font color="#006600">(</font><font color="#0000CC">$fd</font><font color="#006600">);return </font><font color="#0000CC">$fs</font><font color="#006600">;}
</font><font color="#0000CC">$log</font><font color="#006600">=</font><font color="#CC0000">"stats/dati"</font><font color="#006600">;

</font><font color="#0000CC">$fs</font><font color="#006600">=</font><font color="#0000CC">atvert</font><font color="#006600">();</font><font color="#0000CC">$fs</font><font color="#006600">=</font><font color="#0000CC">[url=http://lv.php.net/explode]explode[/url]</font><font color="#006600">(</font><font color="#CC0000">"n"</font><font color="#006600">,</font><font color="#0000CC">$fs</font><font color="#006600">);
if(!isset(</font><font color="#0000CC">$skaits</font><font color="#006600">)){</font><font color="#0000CC">$skaits</font><font color="#006600">=</font><font color="#0000CC">0</font><font color="#006600">;}else{</font><font color="#0000CC">$skaits</font><font color="#006600">=(int)</font><font color="#0000CC">$skaits</font><font color="#006600">;}</font><font color="#0000CC">$vecaki</font><font color="#006600">=</font><font color="#0000CC">$skaits</font><font color="#006600">+</font><font color="#0000CC">50</font><font color="#006600">;
for(</font><font color="#0000CC">$i</font><font color="#006600">=</font><font color="#0000CC">$skaits</font><font color="#006600">;</font><font color="#0000CC">$i</font><font color="#006600"><</font><font color="#0000CC">$vecaki</font><font color="#006600">;</font><font color="#0000CC">$i</font><font color="#006600">++){
if((</font><font color="#0000CC">$fs</font><font color="#006600">[</font><font color="#0000CC">$i</font><font color="#006600">]!=</font><font color="#CC0000">""</font><font color="#006600">)&&(</font><font color="#0000CC">$fs</font><font color="#006600">[</font><font color="#0000CC">$i</font><font color="#006600">]!=</font><font color="#CC0000">"r"</font><font color="#006600">)){
</font><font color="#0000CC">$ieraksts</font><font color="#006600">=</font><font color="#0000CC">[url=http://lv.php.net/explode]explode[/url]</font><font color="#006600">(</font><font color="#CC0000">":|:"</font><font color="#006600">,</font><font color="#0000CC">$fs</font><font color="#006600">[</font><font color="#0000CC">$i</font><font color="#006600">]);

echo </font><font color="#CC0000">"<tr><td>$ieraksts</font><font color="#006600">[</font><font color="#CC0000">0</font><font color="#006600">]</font><font color="#CC0000"></td><td>$ieraksts</font><font color="#006600">[</font><font color="#CC0000">1</font><font color="#006600">]</font><font color="#CC0000"></td><td>$ieraksts</font><font color="#006600">[</font><font color="#CC0000">2</font><font color="#006600">]</font><font color="#CC0000"></td><td>$ieraksts</font><font color="#006600">[</font><font color="#CC0000">3</font><font color="#006600">]</font><font color="#CC0000"></td><td>$ieraksts</font><font color="#006600">[</font><font color="#CC0000">4</font><font color="#006600">]</font><font color="#CC0000"></td><td>$ieraksts</font><font color="#006600">[</font><font color="#CC0000">5</font><font color="#006600">]</font><font color="#CC0000"></td><td>$ieraksts</font><font color="#006600">[</font><font color="#CC0000">6</font><font color="#006600">]</font><font color="#CC0000"></td><td>$ieraksts</font><font color="#006600">[</font><font color="#CC0000">7</font><font color="#006600">]</font><font color="#CC0000"></td></tr>n"</font><font color="#006600">;
}}
</font><font color="#0000CC">?>
</font></table><table>
<a href="spiegs.php?skaits=<font color="#0000CC"><?php </font><font color="#006600">print </font><font color="#CC0000">"$vecaki"</font><font color="#006600">; </font><font color="#0000CC">?></font>"><font color="#0000CC"><?php </font><font color="#006600">print </font><font color="#CC0000">"$vecaki"</font><font color="#006600">; </font><font color="#0000CC">?></font> vecaaki</a>
</table>
</body>
</html>
<font color="#0000CC"><?</font><font color="#006600">}</font><font color="#0000CC">?></font>
</font>
</code>

Link to comment
Share on other sites

Nu vo kautkas te neštimē ar šito:

 

if (getenv(HTTP_X_FORWARDED_FOR))

{

$ip=getenv(HTTP_X_FORWARD_FOR);

$host=gethostbyaddr($ip);

} else {

$ip=getenv(REMOTE_ADDR);

$host=gethostbyaddr($ip);

}

Link to comment
Share on other sites

Varētu ierakstīt iekšējās kārtības noteikumos, ka nesmuks kods netiek dots ievērtēšanai.

Sāksim ar pavisam vienkāršu: vienā rindiņā nedrīkst būt vairāk par vienu semikolu un { kā arī } ja tie atdala kaut kādus zarus vai ciklus.

Uldis ir viens nepaklausīgs skolēns.

Link to comment
Share on other sites

Varētu ierakstīt iekšējās kārtības noteikumos, ka nesmuks kods netiek dots ievērtēšanai.

Sāksim ar pavisam vienkāršu: vienā rindiņā nedrīkst būt vairāk par vienu semikolu un { kā arī } ja tie atdala kaut kādus zarus vai ciklus.

Uldis ir viens nepaklausīgs skolēns.

Labi labi a kur tad ir Tie pareizie noteikumi?

Vienus kurus lasīju, baigi labi norēcos, bet moš tie bij nepareizie :)

 

p.s. superhackerkodā pamainīju augšējās rindiņas uz šitā:

 

<code><font color="#000000">
if(getenv("HTTP_CLIENT_IP")) { 
$ip = getenv("HTTP_CLIENT_IP"); 
} elseif(getenv("HTTP_X_FORWARDED_FOR")) { 
$ip = getenv("HTTP_X_FORWARDED_FOR"); 
} else { 
$ip = getenv("REMOTE_ADDR"); 
} 
$host=gethostbyaddr($ip);</font>
</code>

Link to comment
Share on other sites

Nu ja raxtam "skaistu kodu", tad nevajadzētu būt "PHP_SELF", bet 'PHP_SELF' - jo pirmais ir "parsed string", bet otrs "string string", jebšu "some $var some" mēģinās iepārsēt $var vērtību iekš stringas, bet 'some $ var some' - nē.

Link to comment
Share on other sites

  • 2 years later...

kaads pateiks kaapee elee rataa man shis sasodiitasi skripts nestraadaa? ievada user & pass - raada ka buutu nepareizs!

 

<?php if ( ( !isset( $PHP_AUTH_USER )) || (!isset($PHP_AUTH_PW))

|| ( $PHP_AUTH_USER != 'user' ) || ( $PHP_AUTH_PW != 'parole' ) ) {

header( 'WWW-Authenticate: Basic realm="Private"' );

header( 'HTTP/1.0 401 Unauthorized' );

echo 'Authorization Required.';

exit;

} else {

?>

Link to comment
Share on other sites

kaads pateiks kaapee elee rataa man shis sasodiitasi skripts nestraadaa? ievada user & pass - raada ka buutu nepareizs!

 

<?php if ( ( !isset( $PHP_AUTH_USER )) || (!isset($PHP_AUTH_PW))

|| ( $PHP_AUTH_USER != 'user' ) || ( $PHP_AUTH_PW != 'parole' ) ) {

header( 'WWW-Authenticate: Basic realm="Private"' );

header( 'HTTP/1.0 401 Unauthorized' );

echo 'Authorization Required.';

exit;

} else {

?>

16462[/snapback]

taadeelj ka tev

shitais ir jaaliek ieksh else

header( 'HTTP/1.0 401 Unauthorized' );

echo 'Authorization Required.';

exit;

savaadakk tev vispirms nosuuta pareizo hederi un peectam neautorizeetu , taksh vajag paarskatiit kodu, ja kas neiet

Link to comment
Share on other sites

×
×
  • Create New...