Version 2.2

增加登录界面与登录校验
2015-10-29 00:57:57 +08:00
parent d811fbbe67
commit 795980ca02
15 changed files with 2728 additions and 841 deletions
--- a/README.md
+++ b/README.md
@@ -1,27 +1,30 @@
 # XSS数据接收平台（无SQL版）
 ## 使用说明
-无需数据库，无需其他组件支持，可直接在php虚拟空间使用，使用步骤：
+本平台设计理念，基本无需配置即可使用，故设计为无需数据库，无需其他组件支持，可直接在php虚拟空间使用，使用步骤：
 * 上传所有文件至空间根目录
 * 修改config.php，指定数据存放目录，数据是否启用AES加密及加密密码
 ```php
 define('PASS', '2a05218c7aa0a6dbd370985d984627b8');
 define('DATA_PATH', 'data');
 define('ENABLE_ENCRYPT', true);
 define('ENCRYPT_PASS', "bluelotus");
 ```
 可用php -r "$salt='!KTMdg#^^I6Z!deIVR#SgpAI6qTN7oVl';$key='你的密码';$key=md5($salt.$key.$salt);$key=md5($salt.$key.$salt);$key=md5($salt.$key.$salt);echo $key;"生成密码hash
 * 赋予`DATA_PATH`目录写权限
 * 当有请求访问/index.php?a=xxx&b=xxxx，所有携带数据包括get，post，cookie，httpheaders，客户端信息都会记录
-* 可访问admin.php查看记录的数据
+* 可访问login.php登录查看记录的数据
 ## 目前支持功能
 * 自动判断携带数据是否base64编码，可自动解码
 * 记录所有可记录的数据，并可根据ip判断位置，根据useragent判断操作系统与浏览器
 * 新消息提醒，仿QQ邮箱新消息提醒框，可实时获得数据
 * 支持简单的查找功能
 * 除了style允许unsafe-inline外启用CSP
 * 挑战应答式的登录校验，session绑定ip与useragent
 ## TODO
 * keepsession
 * 认证
 * 完全启用CSP
 * 我的js
 * js模板
--- a/admin.php
+++ b/admin.php
@@ -8,6 +8,7 @@ require("auth.php");
 <head>
 <meta charset="utf-8" />
 	<title>控制面板</title>
 	<link rel="stylesheet" href="static/css/bootstrap.min.css" type="text/css" />
    <link rel="stylesheet" href="static/css/Site.css" type="text/css" />
 	<link rel="stylesheet" href="static/css/notification.css" type="text/css" />
--- a/auth.php
+++ b/auth.php
@@ -2,6 +2,20 @@
 if(!defined('IN_XSS_PLATFORM')) {
 	exit('Access Denied');
 }
 ini_set("session.cookie_httponly", 1); 
 session_start();
 if(!(isset($_SESSION['isLogin']) && $_SESSION['isLogin']===true && isset($_SESSION['user_IP']) &&$_SESSION['user_IP']!="" &&$_SESSION['user_IP']=== $_SERVER['REMOTE_ADDR'] &&isset($_SESSION['user_agent']) &&$_SESSION['user_agent']!="" &&$_SESSION['user_agent']=== $_SERVER['HTTP_USER_AGENT'] ))
 {
 	$_SESSION['isLogin']=false;
 	$_SESSION['user_IP']="";
 	$_SESSION['user_agent']="";
 	session_unset();
 	session_destroy();
 	header("Location: login.php");
 	exit();
 }
 header("Content-Security-Policy: default-src 'self'; object-src 'none'; style-src 'self' 'unsafe-inline'; frame-src 'none'");
 header("X-Content-Security-Policy: default-src 'self'; object-src 'none'; style-src 'self' 'unsafe-inline'; frame-src 'none'");
 header("X-WebKit-CSP: default-src 'self'; object-src 'none'; style-src 'self' 'unsafe-inline'; frame-src 'none'");
--- a/config.php
+++ b/config.php
@@ -3,7 +3,7 @@ if(!defined('IN_XSS_PLATFORM')) {
 	exit('Access Denied');
 }
-define('PASS', 'bluelotus');
+define('PASS', '2a05218c7aa0a6dbd370985d984627b8');//bluelotus
 define('DATA_PATH', 'data');
 define('ENABLE_ENCRYPT', true);
 define('ENCRYPT_PASS', "bluelotus");
--- a/data/forbiddenIPList.dat
+++ b/data/forbiddenIPList.dat
--- a/keepsession.php
+++ b/keepsession.php
@@ -1,9 +1,6 @@
 <?php
 define("IN_XSS_PLATFORM",true);
 if(!defined('IN_XSS_PLATFORM')) {
 	exit('Access Denied');
 }
 require_once("config.php");
 require_once("functions.php");
 require_once("dio.php");
--- a/login.php
+++ b/login.php
@@ -0,0 +1,141 @@
 <?php
 define("IN_XSS_PLATFORM",true);
 //CSP开启
 header("Content-Security-Policy: default-src 'self'; object-src 'none'; frame-src 'none'");
 header("X-Content-Security-Policy: default-src 'self'; object-src 'none'; frame-src 'none'");
 header("X-WebKit-CSP: default-src 'self'; object-src 'none'; frame-src 'none'");
 ini_set("session.cookie_httponly", 1); 
 session_start();
 require_once("config.php");
 require_once("functions.php");
 if(isset($_SESSION['isLogin']) && $_SESSION['isLogin']===true)
 {
 	header("Location: admin.php");
 	exit();
 }
 $forbiddenIPList=loadForbiddenIPList();
 $ip=$_SERVER['REMOTE_ADDR'];
 if(!isset($forbiddenIPList[$ip]) || $forbiddenIPList[$ip]<3)
 {
 	if(isset($_POST['password']) && $_POST['password']!='' )
 	{
 		if(checkPassword($_POST['password']))
 		{
 			$_SESSION['isLogin']=true;
 			$_SESSION['user_IP']=$ip;
 			$_SESSION['user_agent']=$_SERVER['HTTP_USER_AGENT'];
 			if(isset($forbiddenIPList[$ip]))
 			{
 				unset($forbiddenIPList[$ip]);
 				saveForbiddenIPList($forbiddenIPList);
 			}
 			header("Location: admin.php");
 			exit();
 		}
 		else
 		{
 			if(isset($forbiddenIPList[$ip]))
 				$forbiddenIPList[$ip]++;
 			else
 				$forbiddenIPList[$ip]=1;
 			saveForbiddenIPList($forbiddenIPList);
 		}
 	}
 }
 function loadForbiddenIPList()
 {
 	$logfile = DATA_PATH . '/forbiddenIPList.dat';
 	!file_exists( $logfile ) && @touch( $logfile );
 	$str = file_get_contents( $logfile );
 	$str =decrypt($str,ENCRYPT_PASS);
 	if($str!='')
 	{
 		$result=json_decode($str,true);
 		if($result!=null)
 			return $result;
 		else
 			return array();
 	}
 	else
 		return array();
 }
 function saveForbiddenIPList($forbiddenIPList)
 {
 	$logfile = DATA_PATH . '/forbiddenIPList.dat';
 	!file_exists( $logfile ) && @touch( $logfile );
 	@file_put_contents($logfile, encrypt(json_encode($forbiddenIPList),ENCRYPT_PASS));
 }
 /*
 生成密码
 php -r "$salt='!KTMdg#^^I6Z!deIVR#SgpAI6qTN7oVl';$key='bluelotus';$key=md5($salt.$key.$salt);$key=md5($salt.$key.$salt);$key=md5($salt.$key.$salt);echo $key;"
 */
 function checkPassword($p)
 {
 	if(isset($_SESSION['firesunCheck'])&&isset($_POST['firesunCheck'])&&$_SESSION['firesunCheck']!=""&&$_POST['firesunCheck']===$_SESSION['firesunCheck'])
 	{
 		$salt="!KTMdg#^^I6Z!deIVR#SgpAI6qTN7oVl";
 		$key=PASS;
 		$key=md5($salt.$key.$_SESSION['firesunCheck'].$salt);
 		$key=md5($salt.$key.$_SESSION['firesunCheck'].$salt);
 		$key=md5($salt.$key.$_SESSION['firesunCheck'].$salt);
 		return $key===$p;
 	}	
 	return false;
 }
 function generate_password( $length = 32 ) {
 	$chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";  
 	$password = "";  
 	for ( $i = 0; $i < $length; $i++ )
 		$password .= $chars[ mt_rand(0, strlen($chars) - 1) ];
 	return $password;  
 } 
 ?>
 <html>
    <head>
        <meta charset="utf-8" />
 		<title>登录</title>
 		<link rel="stylesheet" href='static/css/font-awesome.css' type="text/css" >
 		<link rel="stylesheet" href="static/css/login.css" type="text/css" />
        <script type="text/javascript" src="static/js/jquery.min.js" ></script>
        <script type="text/javascript" src="static/js/login.js" ></script>
    </head>
    <body>
        <div id="loginform">
 			<div id="logo"></div>
            <div id="mainlogin">
                <h1>
                    登录控制面板
                </h1>
                <form action="" method="post">
                    <input type="password" placeholder="password" id="password" name="password" required="required">
 					<input id="firesunCheck" type="hidden" name="firesunCheck" value=<?php $firesunCheck=generate_password(32); $_SESSION['firesunCheck']=$firesunCheck;echo json_encode($_SESSION['firesunCheck']);?> />
                    <button type="submit" id="submit">
                        <i class="fa fa-arrow-right">
                        </i>
                    </button>
                </form>
                <div id="note">
                    <a href="#">
                        忘记密码?
                    </a>
                </div>
            </div>
        </div>
    </body>
 </html>
--- a/static/css/font-awesome.css
+++ b/static/css/font-awesome.css
--- a/static/css/login.css
+++ b/static/css/login.css
@@ -0,0 +1,174 @@
 * {
 	margin: 0px;
 	padding: 0px;
 }
 body {
 	background: #222526;
 	position: relative;
 	font-family: 'Microsoft YaHei',verdana;
 }
 #loginform {
 	position: relative;
 	width: 300px;
 	left: 50%;
 	margin-left: -150px;
 	top: 45%;
 	height: 190px;
 	margin-top: -190px;
 }
 input {
 	display: block;
 	margin: 21px auto 15px;
 	border-radius: 5px;
 	background: #333333;
 	width: 85%;
 	padding: 12px 20px 12px 10px;
 	border: none;
 	color: #929999;
 	box-shadow: inset 0px 1px 5px #272727;
 	font-size: 0.8em;
 	-webkit-transition: 0.5s ease;
 	-moz-transition: 0.5s ease;
 	-o-transition: 0.5s ease;
 	-ms-transition: 0.5s ease;
 	transition: 0.5s ease;
 }
 input:focus {
 	-webkit-transition: 0.5s ease;
 	-moz-transition: 0.5s ease;
 	-o-transition: 0.5s ease;
 	-ms-transition: 0.5s ease;
 	transition: 0.5s ease;
 	box-shadow: 0px 0px 5px 1px #161718;
 }
 button {
 	background: #ff5f32;
 	border-radius: 50%;
 	border: 10px solid #222526;
 	font-size: 0.9em;
 	color: #fff;
 	font-weight: bold;
 	cursor: pointer;
 	width: 85px;
 	height: 85px;
 	position: absolute;
 	right: -42px;
 	top: 54px;
 	text-align: center;
 	-webkit-transition: 0.5s ease;
 	-moz-transition: 0.5s ease;
 	-o-transition: 0.5s ease;
 	-ms-transition: 0.5s ease;
 	transition: 0.5s ease;
 }
 button:hover {
 	background: #222526;
 	border-color: #ff5f32;
 	-webkit-transition: 0.5s ease;
 	-moz-transition: 0.5s ease;
 	-o-transition: 0.5s ease;
 	-ms-transition: 0.5s ease;
 	transition: 0.5s ease;
 }
 button i {
 	font-size: 20px;
 	-webkit-transition: 0.5s ease;
 	-moz-transition: 0.5s ease;
 	-o-transition: 0.5s ease;
 	-ms-transition: 0.5s ease;
 	transition: 0.5s ease;
 }
 button:hover i {
 	color: #ff5f32;
 	-webkit-transition: 0.5s ease;
 	-moz-transition: 0.5s ease;
 	-o-transition: 0.5s ease;
 	-ms-transition: 0.5s ease;
 	transition: 0.5s ease;
 }
 *:focus {
 	outline: none;
 }
 ::-webkit-input-placeholder {
 	color: #929999;
 }
 :-moz-placeholder {
 /* Firefox 18- */
 	color: #929999;
 }
 ::-moz-placeholder {
  /* Firefox 19+ */
 	color: #929999;
 }
 :-ms-input-placeholder {
 	color: #929999;
 }
 h1 {
 	text-align: center;
 	color: #fff;
 	font-size: 16px;
 	padding: 12px 0px;
 }
 #note {
 	color: #88887a;
 	font-size: 0.8em;
 	text-align: left;
 	padding-left: 5px;
 }
 a {
 	color: #88887a;
 	text-decoration: none;
 	-webkit-transition: 0.5s ease;
 	-moz-transition: 0.5s ease;
 	-o-transition: 0.5s ease;
 	-ms-transition: 0.5s ease;
 	transition: 0.5s ease;
 }
 a:hover {
 	color: #fff;
 	margin-left: 5px;
 	-webkit-transition: 0.5s ease;
 	-moz-transition: 0.5s ease;
 	-o-transition: 0.5s ease;
 	-ms-transition: 0.5s ease;
 	transition: 0.5s ease;
 }
 #mainlogin {
 	float: left;
 	width: 250px;
 	height: 170px;
 	padding: 10px 15px;
 	position: relative;
 	background: #555555;
 	border-radius: 3px;
 	-moz-box-shadow: 0px 0px 10px rgba(0,0,0,0.5);
 	-webkit-box-shadow: 0px 0px 10px rgba(0,0,0,0.5);
 	box-shadow: 0px 0px 10px rgba(0, 0, 0, 0.5);
 }
 #logo {
 	background: url(../images/logo.png);
 	height: 180px;
 	width: 300px;
 	margin-left: 17px;
 	margin-bottom: 10px;
 	background-repeat: no-repeat;
 }
--- a/static/fonts/fontawesome-webfont.ttf
+++ b/static/fonts/fontawesome-webfont.ttf
--- a/static/fonts/fontawesome-webfont.woff
+++ b/static/fonts/fontawesome-webfont.woff
--- a/static/images/logo.png
+++ b/static/images/logo.png
--- a/static/js/loadgrid.js
+++ b/static/js/loadgrid.js
@@ -4,35 +4,71 @@
 var setIntervalID = null; //定时器ID，用于网络自适应，调节timeout
 var interval = 1000; //向服务器获取记录的时间间隔，同时也是ajax timeout时间
 $(document).ready(function() {
    var self = this;
-			
+    var source = {
 			var source =
            {
        datatype: "json",
-                datafields: [
+        datafields: [{
-                    { name: 'user_IP' },
+            name: 'user_IP'
-                    { name: 'location'},
+        },
-					{ name: 'data_type'},
+        {
-					{ name: 'keepsession' },
+            name: 'location'
-					{ name: 'user_port'},
+        },
-					{ name: 'protocol'},
+        {
-					{ name: 'request_method' },
+            name: 'data_type'
-					{ name: 'request_URI' },
+        },
-					{ name: 'request_time' },
+        {
-					{ name: 'headers_data' },
+            name: 'keepsession'
-					{ name: 'get_data' },
+        },
-					{ name: 'post_data' },
+        {
-					{ name: 'cookie_data' },
+            name: 'user_port'
-					{ name: 'decoded_get_data' },
+        },
-					{ name: 'decoded_post_data' },
+        {
-					{ name: 'decoded_cookie_data' },	
+            name: 'protocol'
-					{ name: 'request_date_string' },
+        },
-					{ name: 'request_time_string' },
+        {
-					{ name: 'request_date_and_time_string' },
+            name: 'request_method'
-					{ name: 'client' },
+        },
        {
            name: 'request_URI'
        },
        {
            name: 'request_time'
        },
        {
            name: 'headers_data'
        },
        {
            name: 'get_data'
        },
        {
            name: 'post_data'
        },
        {
            name: 'cookie_data'
        },
        {
            name: 'decoded_get_data'
        },
        {
            name: 'decoded_post_data'
        },
        {
            name: 'decoded_cookie_data'
        },
        {
            name: 'request_date_string'
        },
        {
            name: 'request_time_string'
        },
        {
            name: 'request_date_and_time_string'
        },
        {
            name: 'client'
        },
        ],
        id: 'request_time',
@@ -42,28 +78,23 @@
    var dataAdapter = new $.jqx.dataAdapter(source, {
        downloadComplete: function(data, status, xhr) {
-					if(status=="success")
+            if (status == "success") {
 					{
                var i = data.length;
                while (i--) {
-							var date=new Date(data[i].request_time*1000)
+                    var date = new Date(data[i].request_time * 1000);
                    data[i].request_date_string = date.getFullYear() + "年" + (date.getMonth() + 1) + "月" + date.getDate() + "日";
                    data[i].request_time_string = date.getHours() + ":" + date.getMinutes() + ":" + date.getSeconds();
                    data[i].request_date_and_time_string = data[i].request_date_string + " " + data[i].request_time_string;
                    data[i].keepsession = (data[i].keepsession == true) ? "是": "否";
                    data[i].client = data[i].headers_data["User-Agent"] ? get_client_info(data[i].headers_data["User-Agent"]) : "未知";
                    var data_type = new Object();
                    var get_keys = Object.keys(data[i].get_data);
                    var post_keys = Object.keys(data[i].post_data);
                    var cookie_keys = Object.keys(data[i].cookie_data);
-							if(get_keys.length>0)
+                    if (get_keys.length > 0) data_type.GET = get_keys;
-								data_type.GET=get_keys;
+                    if (post_keys.length > 0) data_type.POST = post_keys;
-							if(post_keys.length>0)
+                    if (cookie_keys.length > 0) data_type.COOKIE = cookie_keys;
 								data_type.POST=post_keys;
 							if(cookie_keys.length>0)
 								data_type.COOKIE=cookie_keys;
                    data[i].data_type = JSON.stringify(data_type);
@@ -73,7 +104,6 @@
        },
    });
    var initrowdetails = function(index, parentElement, gridElement, datarecord) {
        var tabsdiv = null;
        var information = null;
@@ -90,33 +120,40 @@
            cookie_grid = tabsdiv.find('.cookie_grid');
            headers_grid = tabsdiv.find('.headers_grid');
            //datarecord.client=datarecord.headers_data["User-Agent"]?get_client_info(datarecord.headers_data["User-Agent"]):"未知";
            var get_data = new Array();
            for (key in datarecord.get_data) {
                var get_data_item = new Array();
                get_data_item.push(key);
                get_data_item.push(datarecord.get_data[key]);
                var decoded_value = "";
-						if(datarecord.decoded_get_data)
+                if (datarecord.decoded_get_data) decoded_value = datarecord.decoded_get_data[key];
 							decoded_value=datarecord.decoded_get_data[key];
                get_data_item.push(decoded_value);
                get_data.push(get_data_item);
            }
-					var get_source =
+            var get_source = {
 					{
                localdata: get_data,
-						datafields: [
+                datafields: [{
-							{ name: 'key', type: 'string', map: '0'},
+                    name: 'key',
-							{ name: 'value', type: 'string', map: '1' },
+                    type: 'string',
-							{ name: 'decoded_value', type: 'string', map: '2' },
+                    map: '0'
                },
                {
                    name: 'value',
                    type: 'string',
                    map: '1'
                },
                {
                    name: 'decoded_value',
                    type: 'string',
                    map: '2'
                },
                ],
                datatype: "array"
            };
            var get_source_dataAdapter = new $.jqx.dataAdapter(get_source);
-					get_grid.jqxGrid(
+            get_grid.jqxGrid({
 					{
                autorowheight: true,
                autorowheight: true,
                columnsautoresize: true,
@@ -130,17 +167,29 @@
                width: '100%',
                source: get_source_dataAdapter,
                ready: function() {
-							if(get_source.localdata.length&&get_source.localdata.length>0)
+                    if (get_source.localdata.length && get_source.localdata.length > 0) get_grid.jqxGrid('autoresizecolumn', 'key');
-								get_grid.jqxGrid('autoresizecolumn', 'key');  
+                },
                columns: datarecord.decoded_get_data ? [{
                    text: '键',
                    datafield: 'key'
                },
                {
                    text: '值',
                    datafield: 'value'
                },
                {
                    text: '解码',
                    datafield: 'decoded_value'
                },
 						columns: datarecord.decoded_get_data?[
 						  { text: '键', datafield: 'key' },
 						  { text: '值', datafield: 'value' },
 						  { text: '解码', datafield: 'decoded_value'},
-						]:[
+                ] : [{
-						  { text: '键', datafield: 'key' },
+                    text: '键',
-						  { text: '值', datafield: 'value'},
+                    datafield: 'key'
                },
                {
                    text: '值',
                    datafield: 'value'
                },
                ]
            });
@@ -151,31 +200,38 @@
                post_data_item.push(datarecord.post_data[key]);
                var decoded_value = "";
-						if(datarecord.decoded_post_data)
+                if (datarecord.decoded_post_data) decoded_value = datarecord.decoded_post_data[key];
 							decoded_value=datarecord.decoded_post_data[key];
                post_data_item.push(decoded_value);
                post_data.push(post_data_item);
            }
-					var post_source =
+            var post_source = {
 					{
                localdata: post_data,
-						datafields: [
+                datafields: [{
-							{ name: 'key', type: 'string', map: '0'},
+                    name: 'key',
-							{ name: 'value', type: 'string', map: '1' },
+                    type: 'string',
-							{ name: 'decoded_value', type: 'string', map: '2' },
+                    map: '0'
                },
                {
                    name: 'value',
                    type: 'string',
                    map: '1'
                },
                {
                    name: 'decoded_value',
                    type: 'string',
                    map: '2'
                },
                ],
                datatype: "array"
            };
            var post_source_dataAdapter = new $.jqx.dataAdapter(post_source);
-					post_grid.jqxGrid(
+            post_grid.jqxGrid({
 					{
                ready: function() {
-							if(post_source.localdata.length&&post_source.localdata.length>0)
+                    if (post_source.localdata.length && post_source.localdata.length > 0) post_grid.jqxGrid('autoresizecolumn', 'key');
 								post_grid.jqxGrid('autoresizecolumn', 'key');  
                },
                autorowheight: true,
                pageable: true,
@@ -189,14 +245,27 @@
                height: 176,
                width: '100%',
                source: post_source_dataAdapter,
-						columns: datarecord.decoded_post_data?[
+                columns: datarecord.decoded_post_data ? [{
-						  { text: '键', datafield: 'key' },
+                    text: '键',
-						  { text: '值', datafield: 'value' },
+                    datafield: 'key'
-						  { text: '解码', datafield: 'decoded_value'},
+                },
                {
                    text: '值',
                    datafield: 'value'
                },
                {
                    text: '解码',
                    datafield: 'decoded_value'
                },
-						]:[
+                ] : [{
-						  { text: '键', datafield: 'key' },
+                    text: '键',
-						  { text: '值', datafield: 'value' },
+                    datafield: 'key'
                },
                {
                    text: '值',
                    datafield: 'value'
                },
                ]
            });
@@ -207,28 +276,35 @@
                cookie_data_item.push(datarecord.cookie_data[key]);
                var decoded_value = "";
-						if(datarecord.decoded_cookie_data)
+                if (datarecord.decoded_cookie_data) decoded_value = datarecord.decoded_cookie_data[key];
 							decoded_value=datarecord.decoded_cookie_data[key];
                cookie_data_item.push(decoded_value);
                cookie_data.push(cookie_data_item);
            }
-					var cookie_source =
+            var cookie_source = {
 					{
                localdata: cookie_data,
-						datafields: [
+                datafields: [{
-							{ name: 'key', type:'string', map:'0'},
+                    name: 'key',
-							{ name: 'value', type:'string', map:'1'},
+                    type: 'string',
-							{ name: 'decoded_value', type:'string', map:'2'},
+                    map: '0'
                },
                {
                    name: 'value',
                    type: 'string',
                    map: '1'
                },
                {
                    name: 'decoded_value',
                    type: 'string',
                    map: '2'
                },
                ],
                datatype: "array"
            };
            var cookie_source_dataAdapter = new $.jqx.dataAdapter(cookie_source);
-					cookie_grid.jqxGrid(
+            cookie_grid.jqxGrid({
 					{
                ready: function() {
-							if(cookie_source.localdata.length&&cookie_source.localdata.length>0)
+                    if (cookie_source.localdata.length && cookie_source.localdata.length > 0) cookie_grid.jqxGrid('autoresizecolumn', 'key');
 								cookie_grid.jqxGrid('autoresizecolumn', 'key');  
                },
                columnsautoresize: true,
                autorowheight: true,
@@ -242,13 +318,26 @@
                height: 176,
                width: '100%',
                source: cookie_source_dataAdapter,
-						columns: datarecord.decoded_cookie_data?[
+                columns: datarecord.decoded_cookie_data ? [{
-						  { text: '键', datafield: 'key' },
+                    text: '键',
-						  { text: '值', datafield: 'value' },
+                    datafield: 'key'
-						  { text: '解码', datafield: 'decoded_value'},
+                },
-						]:[
+                {
-						  { text: '键', datafield: 'key' },
+                    text: '值',
-						  { text: '值', datafield: 'value' },
+                    datafield: 'value'
                },
                {
                    text: '解码',
                    datafield: 'decoded_value'
                },
                ] : [{
                    text: '键',
                    datafield: 'key'
                },
                {
                    text: '值',
                    datafield: 'value'
                },
                ]
            });
@@ -259,22 +348,26 @@
                headers_data_item.push(datarecord.headers_data[key]);
                headers_data.push(headers_data_item);
            }
-					var headers_source =
+            var headers_source = {
 					{
                localdata: headers_data,
-						datafields: [
+                datafields: [{
-							{ name: 'key', type: 'string', map: '0'},
+                    name: 'key',
-							{ name: 'value', type: 'string', map: '1' },
+                    type: 'string',
                    map: '0'
                },
                {
                    name: 'value',
                    type: 'string',
                    map: '1'
                },
                ],
                datatype: "array"
            };
            var headers_source_dataAdapter = new $.jqx.dataAdapter(headers_source);
-					headers_grid.jqxGrid(
+            headers_grid.jqxGrid({
 					{
                ready: function() {
-							if(headers_source.localdata.length&&headers_source.localdata.length>0)
+                    if (headers_source.localdata.length && headers_source.localdata.length > 0) headers_grid.jqxGrid('autoresizecolumn', 'key');
 								headers_grid.jqxGrid('autoresizecolumn', 'key');  
                },
                columnsautoresize: true,
                autorowheight: true,
@@ -289,15 +382,18 @@
                height: 176,
                source: headers_source_dataAdapter,
-						
+                columns: [{
-						columns: [
+                    text: '键',
-						  { text: '键', datafield: 'key' },
+                    datafield: 'key'
-						  { text: '值', datafield: 'value'},
+                },
                {
                    text: '值',
                    datafield: 'value'
                },
                ]
            });
-                    var container = $('<div style="margin: 25px;"></div>')
+            var container = $('<div style="margin: 25px;"></div>');
 			container.appendTo($(information));
            var leftcolumn = $('<div style="float: left; width: 45%;"></div>');
            var rightcolumn = $('<div style="float: left; width: 40%;"></div>');
@@ -324,21 +420,19 @@
            $(rightcolumn).append(client_item);
            $(tabsdiv).jqxTabs({
-						width:'95%', height: '100%'
+                width: '95%',
                height: '100%'
            });
        }
    }
-	
+    $("#panelGrid").jqxGrid({
            $("#panelGrid").jqxGrid(
            {
        pageable: true,
        ready: function() {
            //$('#panelGrid').jqxGrid('autoresizecolumn', 'request_date_and_time_string'); 
            //$('#panelGrid').jqxGrid('autoresizecolumn', 'data_type'); 
            //$('#panelGrid').jqxGrid('autoresizecolumn', 'user_IP');
        },
        pagerrenderer: function() {
@@ -350,16 +444,24 @@
            container.append(clearButton);
            container.append(searchButton);
-					deleteButton.jqxButton({width: 65,height: 20});
+            deleteButton.jqxButton({
-					clearButton.jqxButton({width: 65,height: 20});
+                width: 65,
-					searchButton.jqxButton({width: 65,height: 20});
+                height: 20
            });
            clearButton.jqxButton({
                width: 65,
                height: 20
            });
            searchButton.jqxButton({
                width: 65,
                height: 20
            });
            // delete selected row.
            deleteButton.click(function(event) {
                var selectedrowindex = $("#panelGrid").jqxGrid('getselectedrowindex');
-						if(selectedrowindex>=0)
+                if (selectedrowindex >= 0) {
 						{
                    $('#deleteConfirmWindow').jqxWindow('open');
                    $("#deleteConfirmWindow").addClass('animated');
                }
@@ -434,39 +536,74 @@
        enablebrowserselection: true,
        columnsresize: true,
        rowdetails: true,
-                rowdetailstemplate: { rowdetails: $("#xss-detail-template").html(), rowdetailsheight: 222 },
+        rowdetailstemplate: {
            rowdetails: $("#xss-detail-template").html(),
            rowdetailsheight: 222
        },
        initrowdetails: initrowdetails,
-                columns: [
+        columns: [{
-                      { text: '时间', datafield: 'request_date_and_time_string',width:160 },
+            text: '时间',
-                      { text: 'IP', datafield: 'user_IP'},
+            datafield: 'request_date_and_time_string',
-                      { text: '来源', datafield: 'location' },
+            width: 160
-					  { text: '客户端', datafield: 'client' },
+        },
-                      { text: '请求', datafield: 'request_method' ,width:60},
+        {
-                      { text: '携带数据', datafield: 'data_type'},
+            text: 'IP',
-                      { text: '保持连接', datafield: 'keepsession',width:60,cellsalign: 'center'}
+            datafield: 'user_IP'
-                ]
+        },
        {
            text: '来源',
            datafield: 'location'
        },
        {
            text: '客户端',
            datafield: 'client'
        },
        {
            text: '请求',
            datafield: 'request_method',
            width: 60
        },
        {
            text: '携带数据',
            datafield: 'data_type'
        },
        {
            text: '保持连接',
            datafield: 'keepsession',
            width: 60,
            cellsalign: 'center'
        }]
    });
-			$("#panelGrid").on('pagechanged', function () {
+    $("#panelGrid").on('pagechanged',
    function() {
        var datainfo = $("#panelGrid").jqxGrid('getdatainformation');
        var paginginfo = datainfo.paginginformation;
        self.label.text(1 + paginginfo.pagenum * paginginfo.pagesize + "-" + Math.min(datainfo.rowscount, (paginginfo.pagenum + 1) * paginginfo.pagesize) + ' of ' + datainfo.rowscount);
    });
    /*所有窗口初始化*/
    //删除记录确认窗口
    $('#deleteConfirmWindow').jqxWindow({
-				height: 100, width: 270,
+        height: 100,
-				resizable: false, isModal: true, modalOpacity: 0.3,
+        width: 270,
-				okButton: $('#deleteConfirm_ok'), cancelButton: $('#deleteConfirm_cancel'),
+        resizable: false,
        isModal: true,
        modalOpacity: 0.3,
        okButton: $('#deleteConfirm_ok'),
        cancelButton: $('#deleteConfirm_cancel'),
        autoOpen: false,
    });
-			$('#deleteConfirm_ok').jqxButton({ width: '65px' });
+    $('#deleteConfirm_ok').jqxButton({
-			$('#deleteConfirm_cancel').jqxButton({ width: '65px' });
+        width: '65px'
    });
    $('#deleteConfirm_cancel').jqxButton({
        width: '65px'
    });
-			$('#deleteConfirmWindow').on('close', function (event) {
+    $('#deleteConfirmWindow').on('close',
    function(event) {
        if (event.args.dialogResult.OK) {
            var selectedrowindex = $("#panelGrid").jqxGrid('getselectedrowindex');
            var id = $("#panelGrid").jqxGrid('getrowid', selectedrowindex);
@@ -475,24 +612,20 @@
                url: urlbase + "?cmd=del&id=" + id,
                dataType: "json",
                timeout: interval,
-						success: function(data)
+                success: function(data) {
-						{
+                    if (data == true) $("#panelGrid").jqxGrid('deleterow', id);
-							if(data==true)
+                    else {
 								$("#panelGrid").jqxGrid('deleterow', id);
 							else
 							{
                        $('#failedWindow').jqxWindow('open');
                        $("#failedWindow").addClass('animated');
                    }
                },
-						complete : function(XMLHttpRequest,status){
+                complete: function(XMLHttpRequest, status) {　　　　
-					　　　　if(status=='timeout')
+                    if (status == 'timeout')　　　 {
 					 　　　	{
                        $('#failedWindow').jqxWindow('open');
                        $("#failedWindow").addClass('animated');
                    } else if (status == "parsererror") window.location.href = "login.php";　　
                }
 					　　}
            });
        }
@@ -500,63 +633,84 @@
    //清空记录确认窗口
    $('#clearConfirmWindow').jqxWindow({
-				height: 100, width: 270,
+        height: 100,
-				resizable: false, isModal: true, modalOpacity: 0.3,
+        width: 270,
-				okButton: $('#clearConfirm_ok'), cancelButton: $('#clearConfirm_cancel'),
+        resizable: false,
        isModal: true,
        modalOpacity: 0.3,
        okButton: $('#clearConfirm_ok'),
        cancelButton: $('#clearConfirm_cancel'),
        autoOpen: false,
    });
-			$('#clearConfirm_ok').jqxButton({ width: '65px' });
+    $('#clearConfirm_ok').jqxButton({
-			$('#clearConfirm_cancel').jqxButton({ width: '65px' });
+        width: '65px'
    });
    $('#clearConfirm_cancel').jqxButton({
        width: '65px'
    });
-			$('#clearConfirmWindow').on('close', function (event) {
+    $('#clearConfirmWindow').on('close',
    function(event) {
        if (event.args.dialogResult.OK) {
            $.ajax({
                url: urlbase + "?cmd=clear",
                dataType: "json",
                timeout: interval,
-						success: function(data)
+                success: function(data) {
-						{
+                    if (data == true) $('#panelGrid').jqxGrid('clear');
-							if(data==true)
+                    else {
 								$('#panelGrid').jqxGrid('clear');
 							else
 							{
                        $('#failedWindow').jqxWindow('open');
                        $("#failedWindow").addClass('animated');
                    }
                },
-						complete : function(XMLHttpRequest,status){
+                complete: function(XMLHttpRequest, status) {　　　　
-					　　　　if(status=='timeout')
+                    if (status == 'timeout')　　　 {
 					 　　　	{
                        $('#failedWindow').jqxWindow('open');
                        $("#failedWindow").addClass('animated');
                    } else if (status == "parsererror") window.location.href = "login.php";　　
                }
 					　　}
            });
        }
    });
    $('#failedWindow').jqxWindow({
-				height: 100, width: 270,
+        height: 100,
-				resizable: false, isModal: true, modalOpacity: 0.3,
+        width: 270,
        resizable: false,
        isModal: true,
        modalOpacity: 0.3,
        okButton: $('#failed_ok'),
        autoOpen: false,
    });
-			$('#failed_ok').jqxButton({ width: '65px' });
+    $('#failed_ok').jqxButton({
        width: '65px'
    });
    //查询窗口
-            $("#searchWindow").jqxWindow({ resizable: false,  autoOpen: false, width: 210, height: 180 });
+    $("#searchWindow").jqxWindow({
        resizable: false,
        autoOpen: false,
        width: 210,
        height: 180
    });
    // create find and clear buttons.
-            $("#findButton").jqxButton({ width: 70});
+    $("#findButton").jqxButton({
-            $("#clearButton").jqxButton({ width: 70});
+        width: 70
    });
    $("#clearButton").jqxButton({
        width: 70
    });
    // find records that match a criteria.
-			$("#dropdownlist").jqxDropDownList({ autoDropDownHeight: true, selectedIndex: 0, width: 200, height: 23, 
+    $("#dropdownlist").jqxDropDownList({
-                source: [
+        autoDropDownHeight: true,
-                    '时间', 'IP', '来源', '客户端','请求', '携带数据', '保持连接'
+        selectedIndex: 0,
-                ]
+        width: 200,
        height: 23,
        source: ['时间', 'IP', '来源', '客户端', '请求', '携带数据', '保持连接']
    });
    $("#findButton").click(function() {
@@ -604,10 +758,11 @@
        $("#panelGrid").jqxGrid('clearfilters');
    });
    //主面板大小自适应
    $(window).resize(function() {
-				$('#panelGrid').jqxGrid({ height: $("#nav-section").height()-$("#dash-logo").outerHeight(true)-3 }); 
+        $('#panelGrid').jqxGrid({
            height: $("#nav-section").height() - $("#dash-logo").outerHeight(true) - 3
        });
        //$('#panelGrid').jqxGrid('autoresizecolumn', 'request_date_and_time_string'); 
        //$('#panelGrid').jqxGrid('autoresizecolumn', 'data_type'); 
        //$('#panelGrid').jqxGrid('autoresizecolumn', 'user_IP');
@@ -625,37 +780,30 @@
        url: urlbase + "?cmd=simplelist",
        dataType: "json",
        timeout: interval,
-				success: function(data)
+        success: function(data) {
-				{
+            if (messageList) {
 					if(messageList)
 					{
                var sum = 0;
                var lastedID = null;
                for (var id in data) {
-							if(messageList.indexOf(data[id])<0)
+                    if (messageList.indexOf(data[id]) < 0) {
 							{
                        sum++;
                        lastedID = data[id];
                    }
                }
-						if(sum>0)
+                if (sum > 0) showNotification(sum, lastedID, interval);
 							showNotification(sum,lastedID,interval);
            }
            messageList = data;
        },
-				complete : function(XMLHttpRequest,status){
+        complete: function(XMLHttpRequest, status) {　　　　
-			　　　　if(status=='timeout'){
+            if (status == 'timeout') {　　　　　interval *= 2;
-			 　　　　　 interval*=2;
+                if (setIntervalID) {
 						if(setIntervalID)
 						{
                    clearInterval(setIntervalID);
-							if(interval<10000)
+                    if (interval < 10000) setIntervalID = setInterval(checkNewMessages, interval);
-								setIntervalID=setInterval(checkNewMessages, interval);
+                }　　　　
            } else if (status == "parsererror") window.location.href = "login.php";　　
        }
 			　　　　}
 			　　}
    });
 }
@@ -697,62 +845,34 @@
    browser_version = browser_version.match(/^[0-9\.]+$/) ? browser_version: "未知";
    $os = '未知操作系统';
-			if (agent.match(/win/i) && (agent.indexOf("95") > 0))  
+    if (agent.match(/win/i) && (agent.indexOf("95") > 0)) $os = 'Windows 95';
-				$os = 'Windows 95';
+    else if (agent.match(/win 9x/i) && (agent.indexOf("4.90") > 0)) $os = 'Windows ME';
-			else if (agent.match(/win 9x/i) && (agent.indexOf("4.90") > 0))
+    else if (agent.match(/win/i) && agent.match(/98/i)) $os = 'Windows 98';
-				$os = 'Windows ME';
+    else if (agent.match(/win/i) && agent.match(/nt 6.0/i)) $os = 'Windows Vista';
-			else if (agent.match(/win/i) && agent.match(/98/i))
+    else if (agent.match(/win/i) && agent.match(/nt 6.1/i)) $os = 'Windows 7';
-				$os = 'Windows 98';
+    else if (agent.match(/win/i) && agent.match(/nt 6.2/i)) $os = 'Windows 8';
-			else if (agent.match(/win/i) && agent.match(/nt 6.0/i))
+    else if (agent.match(/win/i) && agent.match(/nt 10.0/i)) $os = 'Windows 10';
-				$os = 'Windows Vista';
+    else if (agent.match(/win/i) && agent.match(/nt 5.1/i)) $os = 'Windows XP';
-			else if (agent.match(/win/i) && agent.match(/nt 6.1/i))
+    else if (agent.match(/win/i) && agent.match(/nt 5/i)) $os = 'Windows 2000';
-				$os = 'Windows 7';
+    else if (agent.match(/win/i) && agent.match(/nt/i)) $os = 'Windows NT';
-			else if (agent.match(/win/i) && agent.match(/nt 6.2/i))
+    else if (agent.match(/win/i) && agent.match(/32/i)) $os = 'Windows 32';
-				$os = 'Windows 8';
+    else if (agent.match(/linux/i)) $os = 'Linux';
-			else if(agent.match(/win/i) && agent.match(/nt 10.0/i))
+    else if (agent.match(/unix/i)) $os = 'Unix';
-				$os = 'Windows 10';
+    else if (agent.match(/sun/i) && agent.match(/os/i)) $os = 'SunOS';
-			else if (agent.match(/win/i) && agent.match(/nt 5.1/i))
+    else if (agent.match(/ibm/i) && agent.match(/os/i)) $os = 'IBM OS/2';
-				$os = 'Windows XP';
+    else if (agent.match(/Mac/i) && agent.match(/PC/i)) $os = 'Macintosh';
-			else if (agent.match(/win/i) && agent.match(/nt 5/i))
+    else if (agent.match(/PowerPC/i)) $os = 'PowerPC';
-				$os = 'Windows 2000';
+    else if (agent.match(/AIX/i)) $os = 'AIX';
-			else if (agent.match(/win/i) && agent.match(/nt/i))
+    else if (agent.match(/HPUX/i)) $os = 'HPUX';
-				$os = 'Windows NT';
+    else if (agent.match(/NetBSD/i)) $os = 'NetBSD';
-			else if (agent.match(/win/i) && agent.match(/32/i))
+    else if (agent.match(/BSD/i)) $os = 'BSD';
-				$os = 'Windows 32';
+    else if (agent.match(/OSF1/i)) $os = 'OSF1';
-			else if (agent.match(/linux/i))
+    else if (agent.match(/IRIX/i)) $os = 'IRIX';
-				$os = 'Linux';
+    else if (agent.match(/FreeBSD/i)) $os = 'FreeBSD';
-			else if (agent.match(/unix/i))
+    else if (agent.match(/teleport/i)) $os = 'teleport';
-				$os = 'Unix';
+    else if (agent.match(/flashget/i)) $os = 'flashget';
-			else if (agent.match(/sun/i) && agent.match(/os/i))
+    else if (agent.match(/webzip/i)) $os = 'webzip';
-				$os = 'SunOS';
+    else if (agent.match(/offline/i)) $os = 'offline';
 			else if (agent.match(/ibm/i) && agent.match(/os/i))
 				$os = 'IBM OS/2';
 			else if (agent.match(/Mac/i) && agent.match(/PC/i))
 				$os = 'Macintosh';
 			else if (agent.match(/PowerPC/i))
 				$os = 'PowerPC';
 			else if (agent.match(/AIX/i))
 				$os = 'AIX';
 			else if (agent.match(/HPUX/i))
 				$os = 'HPUX';
 			else if (agent.match(/NetBSD/i))
 				$os = 'NetBSD';
 			else if (agent.match(/BSD/i))
 				$os = 'BSD';
 			else if (agent.match(/OSF1/i))
 				$os = 'OSF1';
 			else if (agent.match(/IRIX/i))
 				$os = 'IRIX';
 			else if (agent.match(/FreeBSD/i))
 				$os = 'FreeBSD';
 			else if (agent.match(/teleport/i))
 				$os = 'teleport';
 			else if (agent.match(/flashget/i))
 				$os = 'flashget';
 			else if (agent.match(/webzip/i))
 				$os = 'webzip';
 			else if (agent.match(/offline/i))
 				$os = 'offline';
    return $os + ' ' + browser + '(' + browser_version + ')';
 }
--- a/static/js/login.js
+++ b/static/js/login.js
@@ -0,0 +1,188 @@
 $(document).ready(function() {
 	$("#submit").click(function(event) {
 		if($("#password").val()=="")
 			return true;
 		var salt="!KTMdg#^^I6Z!deIVR#SgpAI6qTN7oVl";
        $("#password").val(md5(salt + $("#password").val() + salt));
 		$("#password").val(md5(salt + $("#password").val() + salt));
 		$("#password").val(md5(salt + $("#password").val() + salt));
 		$("#password").val(md5(salt + $("#password").val() + $("#firesunCheck").val() + salt));
 		$("#password").val(md5(salt + $("#password").val() + $("#firesunCheck").val() + salt));
 		$("#password").val(md5(salt + $("#password").val() + $("#firesunCheck").val() + salt));
 	});
 	$("#note").click(function(event) {
        alert("神仙难救");
 	});
 });
 //md5
 function md5cycle(x, k) {
    var a = x[0],
    b = x[1],
    c = x[2],
    d = x[3];
    a = ff(a, b, c, d, k[0], 7, -680876936);
    d = ff(d, a, b, c, k[1], 12, -389564586);
    c = ff(c, d, a, b, k[2], 17, 606105819);
    b = ff(b, c, d, a, k[3], 22, -1044525330);
    a = ff(a, b, c, d, k[4], 7, -176418897);
    d = ff(d, a, b, c, k[5], 12, 1200080426);
    c = ff(c, d, a, b, k[6], 17, -1473231341);
    b = ff(b, c, d, a, k[7], 22, -45705983);
    a = ff(a, b, c, d, k[8], 7, 1770035416);
    d = ff(d, a, b, c, k[9], 12, -1958414417);
    c = ff(c, d, a, b, k[10], 17, -42063);
    b = ff(b, c, d, a, k[11], 22, -1990404162);
    a = ff(a, b, c, d, k[12], 7, 1804603682);
    d = ff(d, a, b, c, k[13], 12, -40341101);
    c = ff(c, d, a, b, k[14], 17, -1502002290);
    b = ff(b, c, d, a, k[15], 22, 1236535329);
    a = gg(a, b, c, d, k[1], 5, -165796510);
    d = gg(d, a, b, c, k[6], 9, -1069501632);
    c = gg(c, d, a, b, k[11], 14, 643717713);
    b = gg(b, c, d, a, k[0], 20, -373897302);
    a = gg(a, b, c, d, k[5], 5, -701558691);
    d = gg(d, a, b, c, k[10], 9, 38016083);
    c = gg(c, d, a, b, k[15], 14, -660478335);
    b = gg(b, c, d, a, k[4], 20, -405537848);
    a = gg(a, b, c, d, k[9], 5, 568446438);
    d = gg(d, a, b, c, k[14], 9, -1019803690);
    c = gg(c, d, a, b, k[3], 14, -187363961);
    b = gg(b, c, d, a, k[8], 20, 1163531501);
    a = gg(a, b, c, d, k[13], 5, -1444681467);
    d = gg(d, a, b, c, k[2], 9, -51403784);
    c = gg(c, d, a, b, k[7], 14, 1735328473);
    b = gg(b, c, d, a, k[12], 20, -1926607734);
    a = hh(a, b, c, d, k[5], 4, -378558);
    d = hh(d, a, b, c, k[8], 11, -2022574463);
    c = hh(c, d, a, b, k[11], 16, 1839030562);
    b = hh(b, c, d, a, k[14], 23, -35309556);
    a = hh(a, b, c, d, k[1], 4, -1530992060);
    d = hh(d, a, b, c, k[4], 11, 1272893353);
    c = hh(c, d, a, b, k[7], 16, -155497632);
    b = hh(b, c, d, a, k[10], 23, -1094730640);
    a = hh(a, b, c, d, k[13], 4, 681279174);
    d = hh(d, a, b, c, k[0], 11, -358537222);
    c = hh(c, d, a, b, k[3], 16, -722521979);
    b = hh(b, c, d, a, k[6], 23, 76029189);
    a = hh(a, b, c, d, k[9], 4, -640364487);
    d = hh(d, a, b, c, k[12], 11, -421815835);
    c = hh(c, d, a, b, k[15], 16, 530742520);
    b = hh(b, c, d, a, k[2], 23, -995338651);
    a = ii(a, b, c, d, k[0], 6, -198630844);
    d = ii(d, a, b, c, k[7], 10, 1126891415);
    c = ii(c, d, a, b, k[14], 15, -1416354905);
    b = ii(b, c, d, a, k[5], 21, -57434055);
    a = ii(a, b, c, d, k[12], 6, 1700485571);
    d = ii(d, a, b, c, k[3], 10, -1894986606);
    c = ii(c, d, a, b, k[10], 15, -1051523);
    b = ii(b, c, d, a, k[1], 21, -2054922799);
    a = ii(a, b, c, d, k[8], 6, 1873313359);
    d = ii(d, a, b, c, k[15], 10, -30611744);
    c = ii(c, d, a, b, k[6], 15, -1560198380);
    b = ii(b, c, d, a, k[13], 21, 1309151649);
    a = ii(a, b, c, d, k[4], 6, -145523070);
    d = ii(d, a, b, c, k[11], 10, -1120210379);
    c = ii(c, d, a, b, k[2], 15, 718787259);
    b = ii(b, c, d, a, k[9], 21, -343485551);
    x[0] = add32(a, x[0]);
    x[1] = add32(b, x[1]);
    x[2] = add32(c, x[2]);
    x[3] = add32(d, x[3]);
 }
 function cmn(q, a, b, x, s, t) {
    a = add32(add32(a, q), add32(x, t));
    return add32((a << s) | (a >>> (32 - s)), b);
 }
 function ff(a, b, c, d, x, s, t) {
    return cmn((b & c) | ((~b) & d), a, b, x, s, t);
 }
 function gg(a, b, c, d, x, s, t) {
    return cmn((b & d) | (c & (~d)), a, b, x, s, t);
 }
 function hh(a, b, c, d, x, s, t) {
    return cmn(b ^ c ^ d, a, b, x, s, t);
 }
 function ii(a, b, c, d, x, s, t) {
    return cmn(c ^ (b | (~d)), a, b, x, s, t);
 }
 function md51(s) {
    txt = "";
    var n = s.length,
    state = [1732584193, -271733879, -1732584194, 271733878],
    i;
    for (i = 64; i <= s.length; i += 64) {
        md5cycle(state, md5blk(s.substring(i - 64, i)));
    }
    s = s.substring(i - 64);
    var tail = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0];
    for (i = 0; i < s.length; i++) tail[i >> 2] |= s.charCodeAt(i) << ((i % 4) << 3);
    tail[i >> 2] |= 0x80 << ((i % 4) << 3);
    if (i > 55) {
        md5cycle(state, tail);
        for (i = 0; i < 16; i++) tail[i] = 0;
    }
    tail[14] = n * 8;
    md5cycle(state, tail);
    return state;
 }
 function md5blk(s) {
    /* I figured global was faster.   */
    var md5blks = [],
    i;
    /* Andy King said do it this way. */
    for (i = 0; i < 64; i += 4) {
        md5blks[i >> 2] = s.charCodeAt(i) + (s.charCodeAt(i + 1) << 8) + (s.charCodeAt(i + 2) << 16) + (s.charCodeAt(i + 3) << 24);
    }
    return md5blks;
 }
 var hex_chr = "0123456789abcdef".split("");
 function rhex(n) {
    var s = "",
    j = 0;
    for (; j < 4; j++) s += hex_chr[(n >> (j * 8 + 4)) & 0x0F] + hex_chr[(n >> (j * 8)) & 0x0F];
    return s;
 }
 function hex(x) {
    for (var i = 0; i < x.length; i++) x[i] = rhex(x[i]);
    return x.join("");
 }
 function md5(s) {
    return hex(md51(s));
 }
 /* this function is much faster,
 			so if possible we use it. Some IEs
 			are the only ones I know of that
 			need the idiotic second function,
 			generated by an if clause.  */
 function add32(a, b) {
    return (a + b) & 0xFFFFFFFF;
 }
 if (md5("hello") != "5d41402abc4b2a76b9719d911017c592") {
    function add32(x, y) {
        var lsw = (x & 0xFFFF) + (y & 0xFFFF),
        msw = (x >> 16) + (y >> 16) + (lsw >> 16);
        return (msw << 16) | (lsw & 0xFFFF);
    }
 }
--- a/util.php
+++ b/util.php
@@ -1,89 +0,0 @@
 <?php
 require_once("aes.php");
 function getIP()
 {
 	if(isset($_SERVER['HTTP_CLIENT_IP'])) {
 		$ip = $_SERVER['HTTP_CLIENT_IP'];
 	}
 	elseif(isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
 		$ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
 	}
 	elseif(isset($_SERVER['HTTP_X_FORWARDED'])) {
 		$ip = $_SERVER['HTTP_X_FORWARDED'];
 	}
 	elseif(isset($_SERVER['HTTP_FORWARDED_FOR'])) {
 		$ip = $_SERVER['HTTP_FORWARDED_FOR'];
 	}
 	elseif(isset($_SERVER['HTTP_FORWARDED'])) {
 		$ip = $_SERVER['HTTP_FORWARDED']; 
 	}
 	else {
 		$ip = isset($_SERVER['REMOTE_ADDR'])?$_SERVER['REMOTE_ADDR']:"unknown";
 	}
 	return $ip;
 }
 if (!function_exists('getallheaders')) {
    function getallheaders() {
        foreach ($_SERVER as $name => $value) {
            if (substr($name, 0, 5) == 'HTTP_') {
                $headers[str_replace(' ', '-', ucwords(strtolower(str_replace('_', ' ', substr($name, 5)))))] = $value;
            }
        }
        return $headers;
    }
 }
 function tryBase64Decode($arr) 
 {
 	if(isset($arr)&&count($arr)>0)
 	{
 		$isChanged=0;
 		$new_arr = array();
 		foreach($arr as $k => $v) 
 		{
 			if(isBase64Formatted($v))
 			{
 				$v=base64_decode($v);
 				$isChanged=1;
 			}
 			$new_arr[$k]=$v;
 		}
 		if($isChanged)
 			return $new_arr;
 		else
 			return false;
 	}
 	else
 		return false;
 }
 function isBase64Formatted($str)
 {
 	if(preg_match('/^[A-Za-z0-9+\/=]+$/',$str))
 	{
 		$decoded_str=base64_decode($str);
 		if ($str == base64_encode($decoded_str)) 
 		{
 			if(preg_match('/^[A-Za-z0-9\x00-\x80~!@#$%&_+-=:";\'<>,\/"\[\]\\\^\.\|\?\*\+\(\)\{\}\s]+$/',$decoded_str))
 			{
 				return true;
 			}
 		}
 	}
    return false;
 }
 function encrypt($info,$encryptPass) 
 {
 	return AESEncryptCtr($info,$encryptPass);
 }
 function decrypt($info,$encryptPass) 
 {
 	return AESDecryptCtr($info,$encryptPass);
 }
 ?>