Add files via upload

2016-09-15 19:21:41 +08:00
parent 8f36844852
commit f0489baa4f
3 changed files with 245 additions and 0 deletions
--- a/app.py
+++ b/app.py
@@ -0,0 +1,61 @@
 #coding=utf-8
 import os
 import re
 import sys
 import MySQLdb
 from bs4 import BeautifulSoup
 path='bugs'
 #预编译
 pattern0=re.compile(r'<h3.*?class=\'wybug_title\'>.*?漏洞标题：(.*)<img.*?src="/images/credit.png"')
 pattern1=re.compile(r'<h3.*?class=\'wybug_date\'>提交时间：(.*)</h3>')
 pattern2=re.compile(r'>(.*)</a>')
 pattern3=re.compile(r'>(.*)</a>')
 pattern4=re.compile(r'：(.*)</h3>')
 pattern5=re.compile(r'漏洞标题：(.*)')
 for docs in os.listdir(path):
 	#打开文件，提取内容
 	if os.path.isdir('bugs/'+docs):
 		print "目录跳过"
 		continue
 	doc=open('bugs/'+docs,'r')
 	html=doc.read()
 	doc.close()
 	#提取信息
 	soup=BeautifulSoup(html,"html.parser")
 	corps=soup.find_all('h3',class_='wybug_corp')
 	corps=corps[0].find_all('a')
 	corp=corps[0]
 	corp=str(corp).replace('	','').replace('\n','')
 	authors=soup.find_all('h3',class_='wybug_author')
 	authors=authors[0].find_all('a')
 	author=authors[0]
 	author=str(author).replace('	','')
 	types=soup.find_all('h3',class_='wybug_type')
 	type0=str(types[0]).replace('	','')
 	title=re.findall(pattern0,html)
 	if title:
 		title1=title[0].replace('	','').replace(' ','')
 	else:
 		title=soup.find_all('h3',class_='wybug_title')
 		title0=title[0].text.encode('utf-8')
 		title0=re.findall(pattern5,title0)
 		title1=title0[0].replace('\n','').replace(' ','').replace('	','')
 	date=re.findall(pattern1,html)
 	date1=date[0].replace('	','')
 	corp1=re.findall(pattern2,corp)
 	author1=re.findall(pattern3,author)
 	type1=re.findall(pattern4,type0)
 	print title1,date1,author1[0],type1[0],corp1[0]
 	#连接数据库
 	try:
 		conn=MySQLdb.connect(host='localhost',port=3306,user='root',passwd='',db='wooyun',charset='utf8')
 		cur=conn.cursor()
 		reload(sys)
 		sys.setdefaultencoding('utf-8')
 		tmp=(title1,date1,author1[0],type1[0],corp1[0],docs)
 		cur.execute("INSERT INTO `bugs`(`title`,`dates`,`author`,`type`,`corp`,`doc`) VALUES(%s,%s,%s,%s,%s,%s)",tmp)
 		conn.commit()
 		cur.close()
 		conn.close()
 	except MySQLdb.Error,e:
 	     print "Mysql Error %d: %s" % (e.args[0], e.args[1])
--- a/app1.py
+++ b/app1.py
@@ -0,0 +1,50 @@
 #coding:utf-8
 import os
 import re
 import sys
 import MySQLdb
 from bs4 import BeautifulSoup
 path='drops'
 pattern0=re.compile(r'>(.*)</h1>')
 pattern1=re.compile(r'>\s*(.*)</a>')
 pattern2=re.compile(r'>(.*)</')
 pattern3=re.compile(r'(.*)(?=-)')
 for docs in os.listdir(path):
 	if os.path.isdir('drops/'+docs):
 		print "目录跳过"
 		continue
 	#打开文件，提取内容
 	doc=open('drops/'+docs,'r')
 	html=doc.read()
 	doc.close()
 	#提取信息
 	soup=BeautifulSoup(html,"html.parser")
 	title=soup.find_all('h1',class_='entry-title ng-binding')
 	if title:
 		title=re.findall(pattern0,str(title[0]))
 	#title[0]
 	else:
 		continue
 	author=soup.find_all('a',class_='author name ng-binding')
 	author=re.findall(pattern1,str(author[0]))
 	#author[0]
 	time=soup.find_all('time',class_='published ng-binding ng-isolate-scope')
 	time=re.findall(pattern2,str(time[0]))
 	time1=time[0].replace('/','-')
 	doc=re.findall(pattern3,docs)
 	#doc0
 	print title[0],author[0],time1,doc[0],docs
 	try:
 		conn=MySQLdb.connect(host='localhost',port=3306,user='root',passwd='',db='wooyun',charset='utf8')
 		cur=conn.cursor()
 		reload(sys)
 		sys.setdefaultencoding('utf-8')
 		tmp=(title[0],time1,author[0],doc[0],docs)
 		cur.execute("INSERT INTO `drops`(`title`,`dates`,`author`,`type`,`doc`) VALUES(%s,%s,%s,%s,%s)",tmp)
 		conn.commit()
 		cur.close()
 		conn.close()
 	except MySQLdb.Error,e:
 	     print "Mysql Error %d: %s" % (e.args[0], e.args[1])
--- a/search.php
+++ b/search.php
@@ -0,0 +1,134 @@
 <!DOCTYPE html>
 <html>
 <head>
 	<meta http-equiv="content-type" content="text/html; charset=UTF-8">
 	<meta charset="utf-8">
 	<title>乌云搜索|搜索结果</title>
 	<link href="../bootstrap/css/bootstrap.min.css" rel="stylesheet" type="text/css">
 	<script type="text/javascript" src="../bootstrap/js/jquery-3.1.0.min.js"></script>
 	<script type="text/javascript" src="../bootstrap/js/bootstrap.min.js"></script>
 	<link rel="stylesheet" type="text/css" href="search.css">
 </head>
 <body>
 <div id="my-container">
 <div id="my-header">
 	<strong class="my-words">search from wooyun.org</strong>
 	<ul class="my-menu">
 		<li class="my-item"><a class="lia" href="#">about</a></li>
 		<li class="my-item"><a class="lia" href="/pdf">drops</a></li>
 		<li class="my-item"><a class="lia" href="index.html">home</a></li>
 	</ul>
 </div>
 <div id="my-mainbody">
 <?php
 #接受参数
 if(!isset($_GET['keywords'])){
 	header("Location: index.html"); 
 	exit;
 }
 else{
 	$keywords=preg_replace("/[^a-zA-Z0-9\x{4e00}-\x{9fff}]+/u","",$_GET['keywords']);
 	}
 if(!isset($_GET['page'])){
 	$page=1;
 }else{
 	if(is_numeric($_GET['page'])&&is_int($_GET['page']+0)){
 		$page=$_GET['page'];
 	}
 	else{
 		$page=1;
 	}
 }
 if(!isset($_GET['kind'])){
 	$kind='bugs';
 }
 else{
 	if($_GET['kind']==='bugs'||$_GET['kind']==='drops'){
 	$kind=$_GET['kind'];
 	}
 	else{
 	$kind='bugs';
 	}
 }
 echo "<h3 style=\"display:inline-block;\">关键词【".$keywords."】的搜索结果：</h3>";
 //mysql建立连接 
 $db=new mysqli('localhost','root','','wooyun'); //localhost:3307
 //sql对象错误检查 
 if(mysqli_connect_errno()){ 
 	echo '<br>Error:Please try again later.'; 
 	exit(); 
 }
 // 建立查询 
 $db->set_charset("utf8");
 //分页处理
 $query0="SELECT count(*) FROM `".$kind."` WHERE `title` LIKE '%".$keywords."%'";
 $num=$db->query($query0);
 $row=$num->fetch_row();
 $rows=$row[0]/10;
 if($page>$rows){
 	$page=1;
 }
 echo "<h4 style=\"display:inline-block;\">共 ".$row[0]." 条记录</h4>";
 $start=($page-1)*15;
 $query="SELECT * FROM `".$kind."` WHERE `title` LIKE '%".$keywords."%' ORDER BY dates DESC LIMIT ".$start.",15";
 //执行查询 
 $result=$db->query($query); 
 //逐行分解result 
 echo "<table class=\"table table-striped table-hover\">";
 echo "<tr><td>提交时间</td><td>标题</td><td>漏洞类型</td><td>提交者</td><tr>";
 for($i=0;$i<$result->num_rows;$i++){ 
 	$row_result=$result->fetch_object(); 
 	echo "<tr onclick=\"window.open('/wooyun/".$kind."/".$row_result->doc."');\" style=\"cursor:pointer;\">";
 	$time0=str_split($row_result->dates,10);
 	echo '<td>'.$time0[0].'</td>';
 	echo '<td style="color:#01a8ff;">'.$row_result->title.'</td>'; 
 	echo '<td style="color:#01a8ff;">'.$row_result->type.'</td>';
 	echo '<td>'.$row_result->author.'</td>';
 	echo '</tr>'; 
 }
 // 显示result 
 // 释放连接,关闭sql. 
 $result->free(); 
 $db->close();
 //分页
 echo "<div class=\"pagination pagination-large my-page\">";
 echo "<ul>";
 $total=($row[0]-$row[0]%15)/15;
 $i=0;
 if($page==1){
 		echo "<li class=\"disabled\"><a href=\"#\">&laquo;</a></li>";
 	}
 	else{
 		echo "<li><a href=\"search.php?kind=".$kind."&keywords=".$keywords."&page=".($page-1)."\">&laquo;</a></li>";
 	}
 if($total>20&&$page<=9){
 	$total=17;
 }
 if($total>20&&$page>=9&&$page+8<=$total){
 	$i=$page-9;
 	$total=$page+8;
 }
 if($total>20&&$page>=9&&$page+8>$total){
 	$i=$total-17;
 }
 for(;$i<=$total;$i++){ 
 	if($page==$i+1){
 		echo "<li class=\"disabled\"><a href=\"search.php?kind=".$kind."&keywords=".$keywords."&page=".($i+1)."\">".($i+1)."</a></li>";	
 	}
 	else{
 		echo "<li><a href=\"search.php?kind=".$kind."&keywords=".$keywords."&page=".($i+1)."\">".($i+1)."</a></li>";	
 	}
 }
 if($page==$total+1){
 		echo "<li class=\"disabled\"><a href=\"#\">&raquo;</a></li>";
 	}
 	else{
 		echo "<li><a href=\"search.php?kind=".$kind."&keywords=".$keywords."&page=".($page+1)."\">&raquo;</a></li>";
 	}
 echo "</ul></div>";
 ?>
 <h5>数据来源于wooyun.org</h5>
 </div>
 </div>
 </body>
 </html>