Update search.php
This commit is contained in:
grt1st
327
search.php
327
search.php
@@ -1,180 +1,245 @@
|
|||||||
<!DOCTYPE html>
|
<!DOCTYPE html>
|
||||||
<html>
|
<html>
|
||||||
<head>
|
<head>
|
||||||
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
|
<meta http-equiv="content-type" content="text/html;charset=utf-8">
|
||||||
<meta charset="utf-8">
|
|
||||||
<title>乌云搜索|搜索结果</title>
|
<title>乌云搜索|搜索结果</title>
|
||||||
<link href="./bootstrap/css/bootstrap.min.css" rel="stylesheet" type="text/css">
|
<link href="//lib.baomitu.com/twitter-bootstrap/3.3.7/css/bootstrap.min.css" rel="stylesheet" type="text/css">
|
||||||
<script type="text/javascript" src="./bootstrap/js/jquery-3.1.0.min.js"></script>
|
<script type="text/javascript" src="//lib.baomitu.com/jquery/3.1.0/jquery.min.js"></script>
|
||||||
<script type="text/javascript" src="./bootstrap/js/bootstrap.min.js"></script>
|
<script type="text/javascript" src="//lib.baomitu.com/twitter-bootstrap/3.3.7/js/bootstrap.min.js"></script>
|
||||||
<link rel="stylesheet" type="text/css" href="./bootstrap/search.css">
|
<style type="text/css">
|
||||||
|
.container{
|
||||||
|
width: auto;
|
||||||
|
max-width: 1500px;
|
||||||
|
margin: 0 auto;
|
||||||
|
position: relative;
|
||||||
|
top: 50px;
|
||||||
|
padding-bottom: 50px;
|
||||||
|
}
|
||||||
|
</style>
|
||||||
</head>
|
</head>
|
||||||
<body>
|
<body>
|
||||||
<div id="my-container">
|
|
||||||
<div id="my-header">
|
<nav class="navbar navbar-inverse navbar-fixed-top" role="navigation">
|
||||||
<strong class="my-words">search from wooyun.org</strong>
|
<div class="navbar-left">
|
||||||
<ul class="my-menu">
|
<a class="navbar-brand" href="#">search from wooyun.org</a>
|
||||||
<li class="my-item"><a class="lia" href="#">about</a></li>
|
</div>
|
||||||
<li class="my-item"><a class="lia" href="index.html">home</a></li>
|
<div class="navbar-right">
|
||||||
</ul>
|
<ul class="nav navbar-nav">
|
||||||
</div>
|
<li><a href="./index.html">home</a></li>
|
||||||
<div id="my-mainbody">
|
<li><a href="#">about</a></li>
|
||||||
|
<li><a href=""></a></li>
|
||||||
|
</ul>
|
||||||
|
</div>
|
||||||
|
</nav>
|
||||||
|
|
||||||
|
<div class="container">
|
||||||
|
|
||||||
<?php
|
<?php
|
||||||
|
|
||||||
|
require './config.php';
|
||||||
|
|
||||||
#接受参数
|
#接受参数
|
||||||
if(!isset($_GET['keywords'])){
|
if (!isset($_GET['keywords']))
|
||||||
|
{
|
||||||
header("Location: index.html");
|
header("Location: index.html");
|
||||||
exit;
|
exit;
|
||||||
}
|
}
|
||||||
else{
|
else
|
||||||
$keywords=preg_replace("/[^a-zA-Z0-9\x{4e00}-\x{9fff}]+/u","",$_GET['keywords']);
|
{
|
||||||
}
|
$keywords = preg_replace("/[^a-zA-Z0-9\x{4e00}-\x{9fff}]+/u", "", $_GET['keywords']);
|
||||||
if(!isset($_GET['page'])){
|
|
||||||
$page=1;
|
|
||||||
}else{
|
|
||||||
$page=intval($_GET['page']);
|
|
||||||
}
|
}
|
||||||
if(!isset($_GET['kind'])){
|
|
||||||
$kind='bugs';
|
if (!isset($_GET['page']))
|
||||||
|
{
|
||||||
|
$page = 1;
|
||||||
}
|
}
|
||||||
else{
|
else
|
||||||
if($_GET['kind']==='bugs'||$_GET['kind']==='drops'||$_GET['kind']==='author'){
|
{
|
||||||
$kind=$_GET['kind'];
|
$page = intval($_GET['page']);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!isset($_GET['kind']))
|
||||||
|
{
|
||||||
|
$kind = 'bugs';
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
if ($_GET['kind'] === 'bugs' || $_GET['kind'] === 'drops' || $_GET['kind'] === 'author')
|
||||||
|
{
|
||||||
|
$kind = $_GET['kind'];
|
||||||
}
|
}
|
||||||
else{
|
else
|
||||||
$kind='bugs';
|
{
|
||||||
|
$kind = 'bugs';
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
echo "<h3 style=\"display:inline-block;\">关键词【".$keywords."】的搜索结果:</h3>";
|
echo "<h3 style=\"display:inline-block;\">关键词<strong>【{$keywords}】</strong>的搜索结果:</h3>";
|
||||||
#$sql="select * from bugs where title like ";
|
|
||||||
#$res=$pdo->query($sql);
|
|
||||||
#SELECT count(*) FROM `bugs` WHERE `title` LIKE \'%腾讯%\'
|
|
||||||
#SELECT* FROM `bugs` WHERE `title` LIKE '%腾讯%' LIMIT 0,4
|
|
||||||
#title,datas,author,doc,type
|
|
||||||
|
|
||||||
//mysql建立连接
|
//pdo连接mysql
|
||||||
$db=new mysqli('localhost','root','','wooyun');
|
try
|
||||||
//sql对象错误检查
|
{
|
||||||
if(mysqli_connect_errno()){
|
$conn = new PDO("mysql:host={$config['host']};dbname={$config['database']};port={$config['port']};charset=utf8", $config['user'], $config['passwd']);
|
||||||
echo '<br>Error:Please try again later.';
|
//echo "mysql:host={$config['host']};dbname={$config['database']}";
|
||||||
exit();
|
|
||||||
}
|
}
|
||||||
// 建立查询
|
catch (PDOException $pe)
|
||||||
$db->set_charset("utf8");
|
{
|
||||||
#drops
|
die("Could not connect to the database $dbname :" . $pe->getMessage());
|
||||||
//分页处理
|
|
||||||
if($kind==='author'){
|
|
||||||
$query0="SELECT count(*) FROM `bugs` WHERE author LIKE '%".$keywords."%'";
|
|
||||||
$query1="SELECT count(*) FROM `drops` WHERE author LIKE '%".$keywords."%'";
|
|
||||||
}
|
|
||||||
else{
|
|
||||||
$query0="SELECT count(*) FROM `".$kind."` WHERE `title` LIKE '%".$keywords."%'";
|
|
||||||
}
|
}
|
||||||
|
|
||||||
$num=$db->query($query0);
|
//查询数目
|
||||||
$row=$num->fetch_row();
|
if ($kind === 'author')
|
||||||
if($kind==="author"){
|
{
|
||||||
$num1=$db->query($query1);
|
$query0 = "SELECT count(*) FROM `bugs` WHERE author LIKE '%{$keywords}%'";
|
||||||
$rows=$num1->fetch_row();
|
$query1 = "SELECT count(*) FROM `drops` WHERE author LIKE '%{$keywords}%'";
|
||||||
$row[0]+=$rows[0];
|
$res0 = $conn->query($query0);
|
||||||
|
$res1 = $conn->query($query1);
|
||||||
|
$row = $res0->fetch(PDO::FETCH_NUM)[0] + $res1->fetch(PDO::FETCH_NUM)[0];
|
||||||
}
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
$query0="SELECT count(*) FROM `{$kind}` WHERE `title` LIKE '%{$keywords}%'";
|
||||||
|
$res0 = $conn->query($query0);
|
||||||
|
$row = $res0->fetch(PDO::FETCH_NUM)[0];
|
||||||
|
}
|
||||||
|
|
||||||
//得到总页数 $p
|
//得到总页数 $p
|
||||||
if($row[0]%15!=0){
|
if ($row % 15 != 0)
|
||||||
$p=intval($row[0]/15)+1;
|
{
|
||||||
|
$p = intval($row / 15) + 1;
|
||||||
}
|
}
|
||||||
else{
|
else
|
||||||
$p=$row[0]/15;
|
{
|
||||||
|
$p = $row / 15;
|
||||||
}
|
}
|
||||||
if($row[0]==0) $p=1;
|
if ($row == 0) $p = 1;
|
||||||
if($page>$p || $page<1){
|
if ($page > $p || $page <1 ) $page = 1;
|
||||||
$page=1;
|
|
||||||
|
echo "<h4 style=\"display:inline-block;\">共 {$row} 条记录</h4>";
|
||||||
|
|
||||||
|
$start = ($page - 1) * 15;
|
||||||
|
|
||||||
|
if ($kind === 'author')
|
||||||
|
{
|
||||||
|
$query = "(SELECT doc,dates,title,type,author FROM `bugs` WHERE `author` LIKE '%{$keywords}%') UNION ALL (SELECT doc,dates,title,type,author FROM `drops` WHERE `author` LIKE '%{$keywords}%')ORDER BY dates DESC LIMIT {$start},15";
|
||||||
}
|
}
|
||||||
echo "<h4 style=\"display:inline-block;\">共 ".$row[0]." 条记录</h4>";
|
else
|
||||||
$start=($page-1)*15;
|
{
|
||||||
if($kind==='author'){
|
$query = "SELECT * FROM `{$kind}` WHERE `title` LIKE '%{$keywords}%' ORDER BY dates DESC LIMIT {$start},15";
|
||||||
$query="(SELECT doc,dates,title,type,author FROM `bugs` WHERE `author` LIKE '%".$keywords."%') UNION ALL (SELECT doc,dates,title,type,author FROM `drops` WHERE `author` LIKE '%".$keywords."%')ORDER BY dates DESC LIMIT ".$start.",15";
|
|
||||||
}
|
}
|
||||||
else{
|
|
||||||
$query="SELECT * FROM `".$kind."` WHERE `title` LIKE '%".$keywords."%' ORDER BY dates DESC LIMIT ".$start.",15";
|
$res = $conn->query($query);
|
||||||
|
$resulte = $res->fetchAll(PDO::FETCH_ASSOC);
|
||||||
|
//var_dump($resulte);
|
||||||
|
|
||||||
|
//输出结果
|
||||||
|
echo '<div><table class="table table-striped table-hover">';
|
||||||
|
echo '<tr><td>提交时间</td><td>标题</td><td>漏洞类型</td><td>提交者</td><tr>';
|
||||||
|
|
||||||
|
foreach ($resulte as $rrr){
|
||||||
|
if ($kind != "author")
|
||||||
|
{
|
||||||
|
echo "<tr onclick=\"window.open('./{$kind}/{$rrr['doc']}');\" style=\"cursor:pointer;\">";
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
if (array_key_exists($rrr['type'], $drops))
|
||||||
|
{
|
||||||
|
echo "<tr onclick=\"window.open('./drops/{$rrr['doc']}');\" style=\"cursor:pointer;\">";
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
echo "<tr onclick=\"window.open('./bugs/{$rrr['doc']}');\" style=\"cursor:pointer;\">";
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
$time0 = str_split($rrr['dates'], 10);
|
||||||
|
echo "<td>{$time0[0]}</td>";
|
||||||
|
echo "<td style=\"color:#01a8ff;\">{$rrr['title']}</td>";
|
||||||
|
if (array_key_exists($rrr['type'], $drops))
|
||||||
|
{
|
||||||
|
echo "<td style=\"color:#01a8ff;\">{$drops[$rrr['type']]}</td>";
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
echo "<td style=\"color:#01a8ff;\">{$rrr['type']}</td>";
|
||||||
|
}
|
||||||
|
echo "<td>{$rrr['author']}</td>";
|
||||||
|
echo "</tr>";
|
||||||
}
|
}
|
||||||
//执行查询
|
|
||||||
$result=$db->query($query);
|
|
||||||
//逐行分解result
|
|
||||||
#echo "<div>";
|
|
||||||
echo "<div><table class=\"table table-striped table-hover\">";
|
|
||||||
echo "<tr><td>提交时间</td><td>标题</td><td>漏洞类型</td><td>提交者</td><tr>";
|
|
||||||
for($i=0;$i<$result->num_rows;$i++){
|
|
||||||
$row_result=$result->fetch_object();
|
|
||||||
if($kind!="author"){
|
|
||||||
echo "<tr onclick=\"window.open('./".$kind."/".$row_result->doc."');\" style=\"cursor:pointer;\">";
|
|
||||||
}
|
|
||||||
else{
|
|
||||||
if($row_result->type=="binary" || $row_result->type=="mobile" || $row_result->type=="mobiledev" || $row_result->type=="database" || $row_result->type=="news" || $row_result->type=="papers" || $row_result->type=="pentesting" || $row_result->type=="tips" || $row_result->type=="tools" || $row_result->type=="web" || $row_result->type=="wireless" || $row_result->type=="safe"){
|
|
||||||
echo "<tr onclick=\"window.open('./drops/".$row_result->doc."');\" style=\"cursor:pointer;\">";
|
|
||||||
}
|
|
||||||
else{
|
|
||||||
echo "<tr onclick=\"window.open('./bugs/".$row_result->doc."');\" style=\"cursor:pointer;\">";
|
|
||||||
}
|
|
||||||
}
|
|
||||||
$time0=str_split($row_result->dates,10);
|
|
||||||
echo '<td>'.$time0[0].'</td>';
|
|
||||||
echo '<td style="color:#01a8ff;">'.$row_result->title.'</td>';
|
|
||||||
echo '<td style="color:#01a8ff;">'.$row_result->type.'</td>';
|
|
||||||
echo '<td>'.$row_result->author.'</td>';
|
|
||||||
echo '</tr>';
|
|
||||||
}
|
|
||||||
echo "</table></div>";
|
echo "</table></div>";
|
||||||
// 显示result
|
|
||||||
// 释放连接,关闭sql.
|
$conn = null;
|
||||||
$result->free();
|
|
||||||
$db->close();
|
|
||||||
//分页
|
//分页
|
||||||
echo "<div class=\"pagination pagination-large my-page\">";
|
echo '<ul class="pagination pagination-lg">';
|
||||||
echo "<ul>";
|
|
||||||
//首
|
//首
|
||||||
if($page==1){
|
if ($page==1)
|
||||||
echo "<li class=\"disabled\"><a href=\"#\">«</a></li>";
|
{
|
||||||
|
echo '<li class="disabled"><a href="#">«</a></li>';
|
||||||
}
|
}
|
||||||
else{
|
else
|
||||||
echo "<li><a href=\"search.php?kind=".$kind."&keywords=".$keywords."&page=".($page-1)."\">«</a></li>";
|
{
|
||||||
|
echo "<li><a href=\"search.php?kind={$kind}&keywords={$keywords}&page={($page-1)}\">«</a></li>";
|
||||||
}
|
}
|
||||||
//中间处理
|
//中间处理
|
||||||
if($p>17){
|
if ($p > 17)
|
||||||
if($page<9){
|
{
|
||||||
|
if ($page < 9)
|
||||||
|
{
|
||||||
$i=1;
|
$i=1;
|
||||||
}
|
}
|
||||||
elseif($page>=9 && $page+8<$p){
|
elseif ($page >= 9 && $page + 8 < $p)
|
||||||
$i=$page-8;
|
{
|
||||||
|
$i = $page-8;
|
||||||
}
|
}
|
||||||
elseif($page+8>=$p){
|
elseif ($page + 8 >= $p)
|
||||||
$i=$p-8;
|
{
|
||||||
|
$i = $p-8;
|
||||||
}
|
}
|
||||||
$j=$i+17;
|
$j = $i + 17;
|
||||||
}
|
}
|
||||||
else{
|
else
|
||||||
$i=1;
|
{
|
||||||
$j=$p;
|
$i = 1;
|
||||||
|
$j = $p;
|
||||||
}
|
}
|
||||||
//echo $p;
|
//echo $p;
|
||||||
for(;$i<=$j;$i++){
|
for (;$i <= $j;$i++)
|
||||||
if($page==$i){
|
{
|
||||||
echo "<li class=\"disabled\"><a href=\"search.php?kind=".$kind."&keywords=".$keywords."&page=".$i."\">".$i."</a></li>";
|
if ($page == $i)
|
||||||
|
{
|
||||||
|
echo "<li class=\"disabled\"><a href=\"search.php?kind={$kind}&keywords={$keywords}&page={$i}\">{$i}</a></li>";
|
||||||
}
|
}
|
||||||
else{
|
else
|
||||||
echo "<li><a href=\"search.php?kind=".$kind."&keywords=".$keywords."&page=".$i."\">".$i."</a></li>";
|
{
|
||||||
|
echo "<li><a href=\"search.php?kind={$kind}&keywords={$keywords}&page={$i}\">{$i}</a></li>";
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
//尾
|
//尾
|
||||||
if($page==$p || $p==0){
|
if ($page == $p || $p ==0)
|
||||||
echo "<li class=\"disabled\"><a href=\"#\">»</a></li>";
|
{
|
||||||
}
|
echo '<li class="disabled"><a href="#">»</a></li>';
|
||||||
else{
|
}
|
||||||
echo "<li><a href=\"search.php?kind=".$kind."&keywords=".$keywords."&page=".($page+1)."\">»</a></li>";
|
else
|
||||||
}
|
{
|
||||||
echo "</ul></div>";
|
echo "<li><a href=\"search.php?kind={$kind}&keywords={$keywords}&page={($page+1)}\">»</a></li>";
|
||||||
|
}
|
||||||
|
echo "</ul>";
|
||||||
|
|
||||||
|
|
||||||
?>
|
?>
|
||||||
<div><h5>数据来源于wooyun.org</h5></div>
|
|
||||||
</div>
|
|
||||||
|
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
|
|
||||||
|
<nav class="navbar navbar-default navbar-fixed-bottom" role="navigation">
|
||||||
|
<p class="navbar-text navbar-left">公开漏洞、知识库等数据来自于wooyun.org</p>
|
||||||
|
<!--<p class="navbar-text navbar-right">written by grt1st</p> -->
|
||||||
|
</nav>
|
||||||
|
|
||||||
</body>
|
</body>
|
||||||
</html>
|
</html>
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user