本帖最后由 和山论坛 于 2009-1-8 13:18 编辑
补丁出来了~~~~~~~~~~~~~~~
-
-
- <?php
- define('IN_DISCUZ', TRUE);
- define('DISCUZ_ROOT', './');
- $PHP_SELF = htmlspecialchars($_SERVER['PHP_SELF'] ? $_SERVER['PHP_SELF'] : $_SERVER['SCRIPT_NAME']);
- $boardurl = htmlspecialchars('http://'.$_SERVER['HTTP_HOST'].preg_replace("/\/+(api|archiver|wap)?\/*$/i", '', substr($PHP_SELF, 0, strrpos($PHP_SELF, '/'))).'/');
- require_once DISCUZ_ROOT.'./config.inc.php';
- require_once DISCUZ_ROOT.'./include/db_mysql.class.php';
- $db = new dbstuff;
- $db->connect($dbhost, $dbuser, $dbpw, $dbname, $pconnect, true, $dbcharset);
- $db->query("UPDATE {$tablepre}settings SET value='' WHERE variable='seohead'");
- dir_clear('./forumdata/cache');
- function dir_clear($dir) {
- if($directory = dir($dir)) {
- while($entry = $directory->read()) {
- $filename = $dir.'/'.$entry;
- if(is_file($filename)) {
- @unlink($filename);
- }
- }
- @touch($dir.'/index.htm');
- $directory->close();
- }
- }
- header('location: '.$boardurl);
-
复制代码
猴子啊
这个治标不治本呢。。。。。
漏洞在哪里呢? |