firesunCN/BlueLotus_XSSReceiver
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
c246503ca8ac4e1932e294ac1e8016b214b31f25
BlueLotus_XSSReceiver/api.php
Firesun e63a14d32a Version 3.4.0 
1. 增加了ADMIN_IP_CHECK_ENABLE与XFF_ENABLE两个选项,在有反代或负载均衡的情况下可开启XFF_ENABLE,关闭ADMIN_IP_CHECK_ENABLE
2. 修复一系列bug
2016-12-27 21:49:19 +08:00

208 lines
7.4 KiB
PHP
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<?php
error_reporting(0);
define("IN_XSS_PLATFORM", true);
require_once('auth.php');
require_once("dio.php");
header('Content-Type: application/json');
//与xss记录相关api
if ( isset( $_GET['cmd'] ) ) {
switch ( $_GET['cmd'] ) {
//获取所有记录包括详细信息
case 'list':
echo json_encode( list_xss_record_detail() );
break;
//只获取时间戳索引id
case 'id_list':
echo json_encode( list_xss_record_id() );
break;
//根据时间戳索引id获得单条信息
case 'get':
if ( isset( $_GET['id'] ) )
echo json_encode( load_xss_record( $_GET['id'] ) );
else
echo json_encode( false );
break;
//根据时间戳索引id删除单条信息
case 'del':
if ( isset( $_GET['id'] ) )
echo json_encode( delete_xss_record( $_GET['id'] ) );
else
echo json_encode( false );
break;
//清空记录
case 'clear':
echo json_encode( clear_xss_record() );
break;
default:
echo json_encode( false );
}
}
//与js模板相关api
else if ( isset( $_GET['js_template_cmd'] ) ) {
switch ( $_GET['js_template_cmd'] ) {
//获取所有js模板的名字与描述
case 'list':
echo json_encode( list_js_name_and_desc( JS_TEMPLATE_PATH ) );
break;
//添加js模板
case 'add':
if ( isset( $_POST['name'] ) && isset( $_POST['desc'] ) && isset( $_POST['content'] ) ) {
if (get_magic_quotes_gpc()) {
$_POST['name'] = stripslashes($_POST['name']);
$_POST['desc'] = stripslashes($_POST['desc']);
$_POST['content'] = stripslashes($_POST['content']);
}
$result = save_js_desc( JS_TEMPLATE_PATH, $_POST['desc'], $_POST['name'] )
&& save_js_content( JS_TEMPLATE_PATH, $_POST['content'], $_POST['name'] );
echo json_encode( $result );
}
else
echo json_encode( false );
break;
//修改js模板
case 'modify':
if ( isset( $_POST['old_name'] ) && isset( $_POST['name'] ) && isset( $_POST['desc'] ) && isset( $_POST['content'] ) ) {
if (get_magic_quotes_gpc()) {
$_POST['old_name'] = stripslashes($_POST['old_name']);
$_POST['name'] = stripslashes($_POST['name']);
$_POST['desc'] = stripslashes($_POST['desc']);
$_POST['content'] = stripslashes($_POST['content']);
}
$result = true;
if ( $_POST['old_name'] != $_POST['name'] )
$result = delete_js( JS_TEMPLATE_PATH, $_POST['old_name'] );
if( $result ) {
$result = save_js_desc( JS_TEMPLATE_PATH, $_POST['desc'], $_POST['name'] )
&& save_js_content( JS_TEMPLATE_PATH, $_POST['content'], $_POST['name'] );
}
echo json_encode( $result );
}
else
echo json_encode( false );
break;
//获取某一js模板的内容
case 'get':
if ( isset( $_GET['name'] ) ) {
if (get_magic_quotes_gpc())
$_POST['name'] = stripslashes($_POST['name']);
echo json_encode( load_js_content( JS_TEMPLATE_PATH, $_GET['name'] ) );
}
else
echo json_encode( false );
break;
//删除js模板
case 'del':
if ( isset( $_GET['name'] ) ) {
if (get_magic_quotes_gpc())
$_POST['name'] = stripslashes($_POST['name']);
echo json_encode( delete_js( JS_TEMPLATE_PATH, $_GET['name'] ) );
}
else
echo json_encode( false );
break;
//清空js模板
case 'clear':
echo json_encode( clear_js( JS_TEMPLATE_PATH ) );
break;
default:
echo json_encode( false );
}
}
//与我的js相关api
else if ( isset( $_GET['my_js_cmd'] ) ) {
switch ( $_GET['my_js_cmd'] ) {
//获取所有我的js的名字与描述
case 'list':
echo json_encode( list_js_name_and_desc( MY_JS_PATH ) );
break;
//添加js模板
case 'add':
if ( isset( $_POST['name'] ) && isset( $_POST['desc'] ) && isset( $_POST['content'] ) ) {
if (get_magic_quotes_gpc()) {
$_POST['name'] = stripslashes($_POST['name']);
$_POST['desc'] = stripslashes($_POST['desc']);
$_POST['content'] = stripslashes($_POST['content']);
}
$result = save_js_desc( MY_JS_PATH, $_POST['desc'], $_POST['name'] )
&& save_js_content( MY_JS_PATH, $_POST['content'], $_POST['name'] );
echo json_encode( $result );
}
else
echo json_encode( false );
break;
//修改js模板
case 'modify':
if ( isset( $_POST['old_name'] ) && isset( $_POST['name'] ) && isset( $_POST['desc'] ) && isset( $_POST['content'] ) ) {
if (get_magic_quotes_gpc()) {
$_POST['old_name'] = stripslashes($_POST['old_name']);
$_POST['name'] = stripslashes($_POST['name']);
$_POST['desc'] = stripslashes($_POST['desc']);
$_POST['content'] = stripslashes($_POST['content']);
}
$result = true;
if ( $_POST['old_name'] != $_POST['name'] )
$result = delete_js( MY_JS_PATH, $_POST['old_name'] );
if( $result ) {
$result = save_js_desc( MY_JS_PATH, $_POST['desc'], $_POST['name'] )
&& save_js_content( MY_JS_PATH, $_POST['content'], $_POST['name'] );
}
echo json_encode( $result );
}
else
echo json_encode( false );
break;
//获取某一js模板的内容
case 'get':
if ( isset( $_GET['name'] ) ) {
if (get_magic_quotes_gpc())
$_POST['name'] = stripslashes($_POST['name']);
echo json_encode( load_js_content( MY_JS_PATH, $_GET['name'] ) );
}
else
echo json_encode( false );
break;
//删除js模板
case 'del':
if ( isset( $_GET['name'] ) ) {
if (get_magic_quotes_gpc())
$_POST['name'] = stripslashes($_POST['name']);
echo json_encode( delete_js( MY_JS_PATH, $_GET['name'] ) );
}
else
echo json_encode( false );
break;
//清空js模板
case 'clear':
echo json_encode( clear_js( MY_JS_PATH ) );
break;
default:
echo json_encode( false );
}
}
else
echo json_encode( false );
Reference in New Issue View Git Blame Copy Permalink