插件下载┊垃圾引用防御补丁(每小时自动换KEY,支持静态页面)
程序员文章站
2023-12-05 22:58:10
发 布 人: 向导 补 丁 名: 垃圾引用防御补丁 &n...
发 布 人: 向导
补 丁 名: 垃圾引用防御补丁
发布时间: 2007-1-4
版 本 号: 第3版
适用版本: pjblog 2.6
原 作 者: 向导
演示地址:
下载地址:
插件简介: 能有效防止垃圾引用。加密递交地址,第2版增加key验证,并每小时自动更换一次key。
本版本不修改数据库,只修改了4个文件,并支持静态页模式!
效果
引用通告地址: trackback.asp?tbid=jnkrqof8&key=joknpnkoqpmppmc0
具体安装方法如下:
===========================================================
文件trackback.asp
查找
tbid = checkstr(request.querystring("tbid"))
替换成
tbid = decrypt(checkstr(request.querystring("tbid")))
查找
if not (isinteger(request.querystring("tbid")) and isinteger(request.querystring("logid"))) then
替换成
if not isinteger(decrypt(request.querystring("tbid"))) and isinteger(request.querystring("logid")) then
查找
where blog_id="&logid&" and tb_id="&checkstr(request.querystring("tbid"))
替换成
where blog_id="&logid&" and tb_id="&decrypt(checkstr(request.querystring("tbid")))
**有2处
查找
'==================================
' 引用通告处理页面
' 更新时间: 2006-6-1
'==================================
在下面加入
dim keys,keys1
keys=request.querystring("key")
keys1=encrypt((year(now))&(month(now))&(day(now))&hour(now()))
if keys<>keys1 then
response.c
response.write "<?xml version=""1.0"" encoding=""utf-8""?><?xml-stylesheet type=""text/xsl"" href=""tb.xsl""?>"
%>
<response><error>1</error><message>您递交的信息已过期.请检查...</message></response>
<%
else
dim strget
strget=trim(request.querystring("tbid"))
if len(strget) > 8 then
response.c
response.write "<?xml version=""1.0"" encoding=""utf-8""?><?xml-stylesheet type=""text/xsl"" href=""tb.xsl""?>"
%>
<response><error>1</error><message>您递交的信息有错误.请检查...</message></response>
<%
else
dim tbids
tbids = decrypt(checkstr(request.querystring("tbid")))
if tbids < 1 then
response.c
response.write "<?xml version=""1.0"" encoding=""utf-8""?><?xml-stylesheet type=""text/xsl"" href=""tb.xsl""?>"
%>
<response><error>1</error><message>您递交的信息有错误.请检查...</message></response>
<%
else
查找
'trackback response function上面加入
end if
end if
end if
********可以不换***********
查找
response.redirect("search.asp?searchtype=trackback")
替换成
response.c
response.write "<?xml version=""1.0"" encoding=""utf-8""?><?xml-stylesheet type=""text/xsl"" href=""tb.xsl""?>"
%>
<response><error>1</error><message>日志id错误.请检查......</message></response>
<%
查找
<response><error>1</error><message>日志没有被引用.</message></response>
替换成
<response><error>1</error><message>日志(id=<% response.write tbid %>)没有被引用.</message></response>
********可以不换***********
===========================================================
文件class\cls_article.asp
查找
引用通告地址:<a href="<%=(siteurl&"trackback.asp?tbid="&id)%>" target="_blank"><%=(siteurl&"trackback.asp?tbid="&id)%></a>
替换成
引用通告地址:<a href="<%=(siteurl&"trackback.asp?tbid="&encrypt(id)&"&key="&encrypt((year(now))&(month(now))&(day(now))&hour(now())))%>" target="_blank"><%=(siteurl&"trackback.asp?tbid="&encrypt(id)&"&key="&encrypt((year(now))&(month(now))&(day(now))&hour(now())))%></a>
查找
sub showcomm(logid,comdesc,discomment)
在下面添加
dim k1
k1=encrypt((year(now))&(month(now))&(day(now))&hour(now()))
查找
href=""trackback.asp?action=deltb&tbid="&commarr(6,pcount)&"&logid="&logid&"""
替换成
href=""trackback.asp?action=deltb&tbid="&encrypt(commarr(6,pcount))&"&logid="&logid&"&key="&k1&"""
查找
temparticle=replace(temparticle,"<"&"%st(a)%"&">","")
替换成
dim k1
k1=encrypt((year(now))&(month(now))&(day(now))&hour(now()))
temparticle=replace(temparticle,"<"&"%st(a)%"&">","")
temparticle=replace(temparticle,"<"&"%st(key)%"&">",k1)===========================================================
文件class\cls_logaction.asp
查找
temp1=replace(temp1,"<$trackback$>",siteurl&"trackback.asp?tbid="&logid)
替换成
temp1=replace(temp1,"<$trackback$>",siteurl&"trackback.asp?tbid="&encrypt(logid)&"&key="&"<"&"%st(key)%"&">")===========================================================
文件common\function.asp
在文件最后,%>的上面添加
function encrypt(thenumber)
on error resume next
dim n, szenc, t, hin, lon, i
n = cdbl((thenumber + 1570) ^ 2 - 7 * (thenumber + 1570) - 450)
if n < 0 then szenc = "r" else szenc = "j"
n = cstr(abs(n))
for i = 1 to len(n) step 2
t = mid(n, i, 2)
if len(t) = 1 then
szenc = szenc & t
exit for
end if
hin = (cint(t) and 240) / 16
lon = cint(t) and 15
szenc = szenc & chr(asc("m") + hin) & chr(asc("c") + lon)
next
encrypt = szenc
end function
function decrypt(thenumber)
on error resume next
dim e, n, sign, t, hin, lon, newn, i
e = thenumber
if left(e, 1) = "r" then sign = -1 else sign = 1
e = mid(e, 2)
newn = ""
for i = 1 to len(e) step 2
t = mid(e, i, 2)
if asc(t) >= asc("0") and asc(t) <= asc("9") then
newn = newn & t
exit for
end if
hin = mid(t, 1, 1)
lon = mid(t, 2, 1)
hin = (asc(hin) - asc("m")) * 16
lon = asc(lon) - asc("c")
t = cstr(hin or lon)
if len(t) = 1 then t = "0" & t
newn = newn & t
next
e = cdbl(newn) * sign
decrypt = clng((7 + sqr(49 - 4 * (-450 - e))) / 2 - 1570)
end function
================================================
演示到我的blog看。我网络很慢。请您忍耐。
没有修改过这4个文件的用户可以下载下面的覆盖即可。
================================================
使用静态页的需要到后台从新建立所有日记。
不知道还有那不对的。希望大家踊跃测试,拍砖。
补 丁 名: 垃圾引用防御补丁
发布时间: 2007-1-4
版 本 号: 第3版
适用版本: pjblog 2.6
原 作 者: 向导
演示地址:
下载地址:
插件简介: 能有效防止垃圾引用。加密递交地址,第2版增加key验证,并每小时自动更换一次key。
本版本不修改数据库,只修改了4个文件,并支持静态页模式!
效果
引用通告地址: trackback.asp?tbid=jnkrqof8&key=joknpnkoqpmppmc0
具体安装方法如下:
===========================================================
文件trackback.asp
查找
tbid = checkstr(request.querystring("tbid"))
替换成
tbid = decrypt(checkstr(request.querystring("tbid")))
查找
if not (isinteger(request.querystring("tbid")) and isinteger(request.querystring("logid"))) then
替换成
if not isinteger(decrypt(request.querystring("tbid"))) and isinteger(request.querystring("logid")) then
查找
where blog_id="&logid&" and tb_id="&checkstr(request.querystring("tbid"))
替换成
where blog_id="&logid&" and tb_id="&decrypt(checkstr(request.querystring("tbid")))
**有2处
查找
'==================================
' 引用通告处理页面
' 更新时间: 2006-6-1
'==================================
在下面加入
dim keys,keys1
keys=request.querystring("key")
keys1=encrypt((year(now))&(month(now))&(day(now))&hour(now()))
if keys<>keys1 then
response.c
response.write "<?xml version=""1.0"" encoding=""utf-8""?><?xml-stylesheet type=""text/xsl"" href=""tb.xsl""?>"
%>
<response><error>1</error><message>您递交的信息已过期.请检查...</message></response>
<%
else
dim strget
strget=trim(request.querystring("tbid"))
if len(strget) > 8 then
response.c
response.write "<?xml version=""1.0"" encoding=""utf-8""?><?xml-stylesheet type=""text/xsl"" href=""tb.xsl""?>"
%>
<response><error>1</error><message>您递交的信息有错误.请检查...</message></response>
<%
else
dim tbids
tbids = decrypt(checkstr(request.querystring("tbid")))
if tbids < 1 then
response.c
response.write "<?xml version=""1.0"" encoding=""utf-8""?><?xml-stylesheet type=""text/xsl"" href=""tb.xsl""?>"
%>
<response><error>1</error><message>您递交的信息有错误.请检查...</message></response>
<%
else
查找
'trackback response function上面加入
end if
end if
end if
********可以不换***********
查找
response.redirect("search.asp?searchtype=trackback")
替换成
response.c
response.write "<?xml version=""1.0"" encoding=""utf-8""?><?xml-stylesheet type=""text/xsl"" href=""tb.xsl""?>"
%>
<response><error>1</error><message>日志id错误.请检查......</message></response>
<%
查找
<response><error>1</error><message>日志没有被引用.</message></response>
替换成
<response><error>1</error><message>日志(id=<% response.write tbid %>)没有被引用.</message></response>
********可以不换***********
===========================================================
文件class\cls_article.asp
查找
引用通告地址:<a href="<%=(siteurl&"trackback.asp?tbid="&id)%>" target="_blank"><%=(siteurl&"trackback.asp?tbid="&id)%></a>
替换成
引用通告地址:<a href="<%=(siteurl&"trackback.asp?tbid="&encrypt(id)&"&key="&encrypt((year(now))&(month(now))&(day(now))&hour(now())))%>" target="_blank"><%=(siteurl&"trackback.asp?tbid="&encrypt(id)&"&key="&encrypt((year(now))&(month(now))&(day(now))&hour(now())))%></a>
查找
sub showcomm(logid,comdesc,discomment)
在下面添加
dim k1
k1=encrypt((year(now))&(month(now))&(day(now))&hour(now()))
查找
href=""trackback.asp?action=deltb&tbid="&commarr(6,pcount)&"&logid="&logid&"""
替换成
href=""trackback.asp?action=deltb&tbid="&encrypt(commarr(6,pcount))&"&logid="&logid&"&key="&k1&"""
查找
temparticle=replace(temparticle,"<"&"%st(a)%"&">","")
替换成
dim k1
k1=encrypt((year(now))&(month(now))&(day(now))&hour(now()))
temparticle=replace(temparticle,"<"&"%st(a)%"&">","")
temparticle=replace(temparticle,"<"&"%st(key)%"&">",k1)===========================================================
文件class\cls_logaction.asp
查找
temp1=replace(temp1,"<$trackback$>",siteurl&"trackback.asp?tbid="&logid)
替换成
temp1=replace(temp1,"<$trackback$>",siteurl&"trackback.asp?tbid="&encrypt(logid)&"&key="&"<"&"%st(key)%"&">")===========================================================
文件common\function.asp
在文件最后,%>的上面添加
function encrypt(thenumber)
on error resume next
dim n, szenc, t, hin, lon, i
n = cdbl((thenumber + 1570) ^ 2 - 7 * (thenumber + 1570) - 450)
if n < 0 then szenc = "r" else szenc = "j"
n = cstr(abs(n))
for i = 1 to len(n) step 2
t = mid(n, i, 2)
if len(t) = 1 then
szenc = szenc & t
exit for
end if
hin = (cint(t) and 240) / 16
lon = cint(t) and 15
szenc = szenc & chr(asc("m") + hin) & chr(asc("c") + lon)
next
encrypt = szenc
end function
function decrypt(thenumber)
on error resume next
dim e, n, sign, t, hin, lon, newn, i
e = thenumber
if left(e, 1) = "r" then sign = -1 else sign = 1
e = mid(e, 2)
newn = ""
for i = 1 to len(e) step 2
t = mid(e, i, 2)
if asc(t) >= asc("0") and asc(t) <= asc("9") then
newn = newn & t
exit for
end if
hin = mid(t, 1, 1)
lon = mid(t, 2, 1)
hin = (asc(hin) - asc("m")) * 16
lon = asc(lon) - asc("c")
t = cstr(hin or lon)
if len(t) = 1 then t = "0" & t
newn = newn & t
next
e = cdbl(newn) * sign
decrypt = clng((7 + sqr(49 - 4 * (-450 - e))) / 2 - 1570)
end function
================================================
演示到我的blog看。我网络很慢。请您忍耐。
没有修改过这4个文件的用户可以下载下面的覆盖即可。
================================================
使用静态页的需要到后台从新建立所有日记。
不知道还有那不对的。希望大家踊跃测试,拍砖。
上一篇: AOP切面编程之Aspect框架