来源:自学PHP网 时间:2015-04-15 15:00 作者: 阅读:次
[导读] 详细说明:置信经典OriTop管理系统sql注入以及任意文件下载这是一个小的cms,主要是用于医院网站如:http: xtmc oritop com shixi admin http: www xtzyyy com admin http: www xtguke com admin http: www...
置信经典OriTop管理系统sql注入以及任意文件下载
<?php if(!isset($_GET['id']) && !isset($_GET['Id'])) { echo "<script language=javascript>top.location.replace('./');</script>"; exit; } $id = isset($_GET['id']) ? $_GET['id'] : $_GET['Id']; include "Include/global.php"; include "Include/config.php"; $DataBase = new DataBase; $DataBase->OpenDataBase(); $qid = mysql_query("SELECT * FROM about WHERE id='$id'"); if(mysql_num_rows($qid) > 0) { $row = mysql_fetch_row($qid); } else { header("location: ./"); exit; } include "Template/Header.tpl"; include "Template/About.tpl"; include "Template/Footer.tpl"; ?>
<?php include "Include/global.php"; include "Include/config.php"; if(isset($_GET['id']) && $_GET['id'] != "") { $file_name = $_GET['id']; $file_root_name = "$upfile_root_path/$file_name"; if (!file_exists($file_root_name)) { echo "文件不存在"; exit; } $file_postfix = pathinfo($file_name); $file_postfix = strtolower($file_postfix["extension"]); if($file_postfix != "jpg" && $file_postfix != "gif") { $file = fopen($file_root_name,"r"); // 打开文件 // 输入文件标签 Header("Content-type: application/octet-stream"); Header("Accept-Ranges: bytes"); Header("Accept-Length: ".filesize($file_root_name)); Header("Content-Disposition: attachment; filename=" . $file_name); // 输出文件内容 echo fread($file,filesize($file_root_name)); fclose($file); exit; } else { // Content type header('Content-type: image/gif'); if($file_postfix != "gif") { $image = imagecreatefromjpeg($file_root_name); imagejpeg($image); } else { $image = imagecreatefromgif($file_root_name); imagegif($image); } // Output ImageDestroy($image); } } ?>
|
自学PHP网专注网站建设学习,PHP程序学习,平面设计学习,以及操作系统学习
京ICP备14009008号-1@版权所有www.zixuephp.com
网站声明:本站所有视频,教程都由网友上传,站长收集和分享给大家学习使用,如由牵扯版权问题请联系站长邮箱904561283@qq.com