基于Discuz security.inc.php代码的深入分析
程序员文章站
2022-05-14 08:35:46
代码如下所示:复制代码 代码如下:
<?php
/*
[discuz!] (c)2001-2009 comsenz inc.
this is not a freeware, use is subject to license terms
$id: security.inc.php 16688 2008-11-14 06:41:07z cnteacher $
*/
//如果没有设定 in_discuz ,则访问出错
if(!defined('in_discuz')) {
exit('access denied');
}
// 使用位移 $attackevasive 来设定 论坛防御级别 ,如果是 1 或者是 4 的话, 1=cookie 刷新限制 , 4=二次请求
// 读取上次时间到当前存放cookies数组,并将现在时间放置cookies
// 将$_dcookie['lastrequest'] 不断加密 存放last访问时间到 lastrequest_cookies
if($attackevasive & 1 || $attackevasive & 4) {
$_dcookie['lastrequest'] = authcode($_dcookie['lastrequest'], 'decode');
dsetcookie('lastrequest', authcode($timestamp, 'encode'), $timestamp + 816400, 1, true);
}
//如果确认被攻击,则展示提示语 1
if($attackevasive & 1) {
if($timestamp - $_dcookie['lastrequest'] < 1) {
securitymessage('attachsave_1_subject', 'attachsave_1_message');
}
}
//如检查到 http_x_forwarded_for 有以下 参数 ,将提示 使用代理
if(($attackevasive & 2) && ($_server['http_x_forwarded_for'] ||
$_server['http_via'] || $_server['http_proxy_connection'] ||
$_server['http_user_agent_via'] || $_server['http_cache_info'] ||
$_server['http_proxy_connection'])) {
securitymessage('attachsave_2_subject', 'attachsave_2_message', false);
}
//如果在限定的时间内访问多次,将判断为二次请求
if($attackevasive & 4) {
if(empty($_dcookie['lastrequest']) || $timestamp - $_dcookie['lastrequest'] > 300) {
securitymessage('attachsave_4_subject', 'attachsave_4_message');
}
}
//如果需要回答问题,则判断为8
if($attackevasive & 8) {
list($questionkey, $questionanswer, $questiontime) = explode('|', authcode($_dcookie['secqcode'], 'decode'));
include_once discuz_root.'./forumdata/cache/cache_secqaa.php';
if(!$questionanswer || !$questiontime || $_dcache['secqaa'][$questionkey]['answer'] != $questionanswer) {
if(empty($_post['secqsubmit']) || (!empty($_post['secqsubmit']) && $_dcache['secqaa'][$questionkey]['answer'] != md5($_post['answer']))) {
$questionkey = array_rand($_dcache['secqaa']);
dsetcookie('secqcode', authcode($questionkey.'||'.$timestamp, 'encode'), $timestamp + 816400, 1, true);
securitymessage($_dcache['secqaa'][$questionkey]['question'], '<input type="text" name="answer" size="8" maxlength="150" /><input class="button" type="submit" name="secqsubmit" value=" submit " />', false, true);
} else {
dsetcookie('secqcode', authcode($questionkey.'|'.$_dcache['secqaa'][$questionkey]['answer'].'|'.$timestamp, 'encode'), $timestamp + 816400, 1, true);
}
}
}
/**
* 输出被攻击提示语言,如果是ajax,展示一個错误層, 如果是請求, 則展示错误頁面
* @param $subject
* @param $message
* @param $reload
* @param $form
* @return unknown_type
*/
function securitymessage($subject, $message, $reload = true, $form = false) {
$scuritylang = array(
'attachsave_1_subject' => '频繁刷新限制',
'attachsave_1_message' => '您访问本站速度过快或者刷新间隔时间小于两秒!请等待页面自动跳转 ...',
'attachsave_2_subject' => '代理服务器访问限制',
'attachsave_2_message' => '本站现在限制使用代理服务器访问,请去除您的代理设置,直接访问本站。',
'attachsave_4_subject' => '页面重载开启',
'attachsave_4_message' => '欢迎光临本站,页面正在重新载入,请稍候 ...'
);
$subject = $scuritylang[$subject] ? $scuritylang[$subject] : $subject;
$message = $scuritylang[$message] ? $scuritylang[$message] : $message;
if($_get['inajax']) {
ajaxshowheader();
echo '<div id="attackevasive_1" class="popupmenu_option"><b style="font-size: 16px">'.$subject.'</b><br /><br />'.$message.'</div>';
ajaxshowfooter();
} else {
echo '<html>';
echo '<head>';
echo '<title>'.$subject.'</title>';
echo '</head>';
echo '<body bgcolor="#ffffff">';
if($reload) {
echo '<script language="javascript">';
echo 'function reload() {';
echo ' document.location.reload();';
echo '}';
echo 'settimeout("reload()", 1001);';
echo '</script>';
}
if($form) {
echo '<form action="'.$_server['php_self'].'" method="post">';
}
echo '<table cellpadding="0" cellspacing="0" border="0" width="700" align="center" height="85%">';
echo ' <tr align="center" valign="middle">';
echo ' <td>';
echo ' <table cellpadding="10" cellspacing="0" border="0" width="80%" align="center" style="font-family: verdana, tahoma; color: #666666; font-size: 11px">';
echo ' <tr>';
echo ' <td valign="middle" align="center" bgcolor="#ebebeb">';
echo ' <br /><br /> <b style="font-size: 16px">'.$subject.'</b> <br /><br />';
echo $message;
echo ' <br /><br />';
echo ' </td>';
echo ' </tr>';
echo ' </table>';
echo ' </td>';
echo ' </tr>';
echo '</table>';
if($form) {
echo '</form>';
}
echo '</body>';
echo '</html>';
}
exit();
}
function ajaxshowheader() {
global $charset, $inajax;
ob_end_clean();
@header("expires: -1");
@header("cache-control: no-store, private, post-check=0, pre-check=0, max-age=0", false);
@header("pragma: no-cache");
header("content-type: application/xml");
echo "<?xml version=/"1.0/" encoding=/"$charset/"?>/n<root><![cdata[";
}
function ajaxshowfooter() {
echo ']]></root>';
}
?>
代码如下所示:
复制代码 代码如下:
<?php
/*
[discuz!] (c)2001-2009 comsenz inc.
this is not a freeware, use is subject to license terms
$id: security.inc.php 16688 2008-11-14 06:41:07z cnteacher $
*/
//如果没有设定 in_discuz ,则访问出错
if(!defined('in_discuz')) {
exit('access denied');
}
// 使用位移 $attackevasive 来设定 论坛防御级别 ,如果是 1 或者是 4 的话, 1=cookie 刷新限制 , 4=二次请求
// 读取上次时间到当前存放cookies数组,并将现在时间放置cookies
// 将$_dcookie['lastrequest'] 不断加密 存放last访问时间到 lastrequest_cookies
if($attackevasive & 1 || $attackevasive & 4) {
$_dcookie['lastrequest'] = authcode($_dcookie['lastrequest'], 'decode');
dsetcookie('lastrequest', authcode($timestamp, 'encode'), $timestamp + 816400, 1, true);
}
//如果确认被攻击,则展示提示语 1
if($attackevasive & 1) {
if($timestamp - $_dcookie['lastrequest'] < 1) {
securitymessage('attachsave_1_subject', 'attachsave_1_message');
}
}
//如检查到 http_x_forwarded_for 有以下 参数 ,将提示 使用代理
if(($attackevasive & 2) && ($_server['http_x_forwarded_for'] ||
$_server['http_via'] || $_server['http_proxy_connection'] ||
$_server['http_user_agent_via'] || $_server['http_cache_info'] ||
$_server['http_proxy_connection'])) {
securitymessage('attachsave_2_subject', 'attachsave_2_message', false);
}
//如果在限定的时间内访问多次,将判断为二次请求
if($attackevasive & 4) {
if(empty($_dcookie['lastrequest']) || $timestamp - $_dcookie['lastrequest'] > 300) {
securitymessage('attachsave_4_subject', 'attachsave_4_message');
}
}
//如果需要回答问题,则判断为8
if($attackevasive & 8) {
list($questionkey, $questionanswer, $questiontime) = explode('|', authcode($_dcookie['secqcode'], 'decode'));
include_once discuz_root.'./forumdata/cache/cache_secqaa.php';
if(!$questionanswer || !$questiontime || $_dcache['secqaa'][$questionkey]['answer'] != $questionanswer) {
if(empty($_post['secqsubmit']) || (!empty($_post['secqsubmit']) && $_dcache['secqaa'][$questionkey]['answer'] != md5($_post['answer']))) {
$questionkey = array_rand($_dcache['secqaa']);
dsetcookie('secqcode', authcode($questionkey.'||'.$timestamp, 'encode'), $timestamp + 816400, 1, true);
securitymessage($_dcache['secqaa'][$questionkey]['question'], '<input type="text" name="answer" size="8" maxlength="150" /><input class="button" type="submit" name="secqsubmit" value=" submit " />', false, true);
} else {
dsetcookie('secqcode', authcode($questionkey.'|'.$_dcache['secqaa'][$questionkey]['answer'].'|'.$timestamp, 'encode'), $timestamp + 816400, 1, true);
}
}
}
/**
* 输出被攻击提示语言,如果是ajax,展示一個错误層, 如果是請求, 則展示错误頁面
* @param $subject
* @param $message
* @param $reload
* @param $form
* @return unknown_type
*/
function securitymessage($subject, $message, $reload = true, $form = false) {
$scuritylang = array(
'attachsave_1_subject' => '频繁刷新限制',
'attachsave_1_message' => '您访问本站速度过快或者刷新间隔时间小于两秒!请等待页面自动跳转 ...',
'attachsave_2_subject' => '代理服务器访问限制',
'attachsave_2_message' => '本站现在限制使用代理服务器访问,请去除您的代理设置,直接访问本站。',
'attachsave_4_subject' => '页面重载开启',
'attachsave_4_message' => '欢迎光临本站,页面正在重新载入,请稍候 ...'
);
$subject = $scuritylang[$subject] ? $scuritylang[$subject] : $subject;
$message = $scuritylang[$message] ? $scuritylang[$message] : $message;
if($_get['inajax']) {
ajaxshowheader();
echo '<div id="attackevasive_1" class="popupmenu_option"><b style="font-size: 16px">'.$subject.'</b><br /><br />'.$message.'</div>';
ajaxshowfooter();
} else {
echo '<html>';
echo '<head>';
echo '<title>'.$subject.'</title>';
echo '</head>';
echo '<body bgcolor="#ffffff">';
if($reload) {
echo '<script language="javascript">';
echo 'function reload() {';
echo ' document.location.reload();';
echo '}';
echo 'settimeout("reload()", 1001);';
echo '</script>';
}
if($form) {
echo '<form action="'.$_server['php_self'].'" method="post">';
}
echo '<table cellpadding="0" cellspacing="0" border="0" width="700" align="center" height="85%">';
echo ' <tr align="center" valign="middle">';
echo ' <td>';
echo ' <table cellpadding="10" cellspacing="0" border="0" width="80%" align="center" style="font-family: verdana, tahoma; color: #666666; font-size: 11px">';
echo ' <tr>';
echo ' <td valign="middle" align="center" bgcolor="#ebebeb">';
echo ' <br /><br /> <b style="font-size: 16px">'.$subject.'</b> <br /><br />';
echo $message;
echo ' <br /><br />';
echo ' </td>';
echo ' </tr>';
echo ' </table>';
echo ' </td>';
echo ' </tr>';
echo '</table>';
if($form) {
echo '</form>';
}
echo '</body>';
echo '</html>';
}
exit();
}
function ajaxshowheader() {
global $charset, $inajax;
ob_end_clean();
@header("expires: -1");
@header("cache-control: no-store, private, post-check=0, pre-check=0, max-age=0", false);
@header("pragma: no-cache");
header("content-type: application/xml");
echo "<?xml version=/"1.0/" encoding=/"$charset/"?>/n<root><![cdata[";
}
function ajaxshowfooter() {
echo ']]></root>';
}
?>
上一篇: php数组去重的函数代码
下一篇: 汽车巨头的下一个战场:车载AI技术