2011-07-31: 细节已通知厂商并且等待厂商处理中 2011-08-05: 厂商已经主动忽略漏洞,细节向公众公开
17173分站由于配置不当,导致源码泄露,包括数据库账号密码
<?php include_once("../include/config.php"); include_once("../include/db.php"); include_once("inc.php"); ?> <?php //读取指定数据 $str = filter($_REQUEST["str"]); $classStr = filter($_REQUEST["classStr"]); if(!empty($classStr)){ $classStr = substr($classStr,0,-1); $classStr = split(",",$classStr); } if (!is_array($classStr)) { $classStr = array(1, 2, 3, 4, 5, 6, 7, 8, 9, 10); } $conn = new MyAdodb($DbHost,$DbName,$DbUser,$DbPwd); $conn->OpenDB(); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=gb2312" /> <title>17173·天龙八部数据库</title> <link href="css/master.css" rel="stylesheet" type="text/css" /> <SCRIPT LANGUAGE="JavaScript" src="js/ajax.js"></SCRIPT> <SCRIPT LANGUAGE="JavaScript" src="js/tkl_pagelist.js"></SCRIPT> <script type="text/javascript"> function addBookmark(title,url) { if( document.all ) { window.external.AddFavorite( url, title); } else if (window.sidebar) { window.sidebar.addPanel(title, url,""); } else if( window.opera && window.print ) { return true; } } function setValue(){ Obj = getObject("a"); var i = 0; var strValue = ""; for(var j = 0;j < Obj.length; j++){ //alert(j+"|"+Obj[j].value+"|"+Obj[j].checked); if(true == Obj[j].checked ){ i++; strValue += Obj[j].value+","; } } if (i < 1) { alert("请选择搜索分类!"); return false; } document.form1.classStr.value = strValue; //alert(Obj.length+"|"+strValue); } /**检查表单**/ function checkForm(){ setValue(); Obj = document.form1; if (Obj.str.value.length < 2){ alert("请输入2位以上的关键字!"); Obj.str.focus(); return false; } } //设置指定id的选项 function SetCheckBox(str){ var tempStr,reg; var ObjectField_1 = getObject("a"); var i=0,len; len = ObjectField_1.length; if (len == null) { len=1; } if (len == 1){ reg = eval("/,"+ObjectField_1.value+",/g"); tempStr = str.replace(reg,""); if (tempStr.length < str.length) { ObjectField_1.checked = true; } }else{ for ( j = 0; j < len; j++){ reg = eval("/,"+ObjectField_1[j].value+",/g"); tempStr = str.replace(reg,""); if (tempStr.length < str.length) { ObjectField_1[j].checked = true; } } } } //读取对像 function getObject(objectId) { if (document.all && document.all(objectId)) { return document.all(objectId); }else if(document.getElementById && document.getElementById(objectId)) { return document.getElementById(objectId); }else if(document.getElementsByName && document.getElementsByName(objectId)) { return document.getElementsByName(objectId); }else { return false; } } </script> </head> <body> <div id="wrapper"> <div id="wrapperLeft"> <div id="innerWrapperLeft"> <div id="panelSearch"> <div id="panelSearchTop"><?php include("header.html"); ?></div> <div id="panelSearchContent"> <table width="95%" border="0" align="center" cellpadding="0" cellspacing="0"> <form name="form1" method="get" action="search.php" onsubmit="return checkForm();"> <tr> <td align="center"> 综合搜索: <input name="str" type="text" id="str" style="width:200px;" value=""/> <input type="hidden" value="" name="classStr"> <input type="image" name="imageField" id="imageField"src="http://ue1.17173.itc.cn/tldb/sousuo.jpg" style="width:49px; height:20px; border:none;"/> </td> </tr> <tr> <td style="padding-bottom:10px; text-align:center;"> <input type="checkbox" name="a" value="1" checked style="width: 20px;"/> 装备 <input type="checkbox" name="a" value="2" checked style="width: 20px;"/> 套装 <input type="checkbox" name="a" value="3" checked style="width: 20px;"/> 珍兽 <input type="checkbox" name="a" value="4" checked style="width: 20px;"/> 技能 <input type="checkbox" name="a" value="5" checked style="width: 20px;"/> 元宝 <input type="checkbox" name="a" value="6" checked style="width: 20px;"/> 任务 <input type="checkbox" name="a" value="7" checked style="width: 20px;"/> 地图 <input type="checkbox" name="a" value="8" checked style="width: 20px;"/> 怪物 <input type="checkbox" name="a" value="9" checked style="width: 20px;"/> NPC <input type="checkbox" name="a" value="10" checked style="width: 20px;"/> 物品 </td> </tr> </form> </table> </div> <div class="clear"></div> </div> <?php if(!empty($classStr)){?> <div id="dh"> <?php for ($j = 0; $j < count($classStr); $j++){ $a = $classStr[$j]; switch($a){ case 1: $ItemClass = " 装备 "; break; case 2: $ItemClass = " 套装 "; break; case 3: $ItemClass = " 珍兽 "; break; case 4: $ItemClass = " 技能 "; break; case 5: $ItemClass = " 元宝 "; break; case 6: $ItemClass = " 任务 "; break; case 7: $ItemClass = " 地图 "; break; case 8: $ItemClass = " 怪物 "; break; case 9: $ItemClass = " NPC "; break; case 10: $ItemClass = " 物品 "; break; } ?> <div id="content<?=$j+1?>"><?=$ItemClass?></div> <?php } ?> </div> <?php for ($j = 0; $j < count($classStr); $j++){ $a = $classStr[$j]; switch($a){ case 1: $table = "tl_eqiupment"; $sqlWhere = " where ItemName like BINARY '%".$str."%' group by ItemName"; break; case 2: $table = "tl_taozhuang"; $sqlWhere = " where ItemName like BINARY '%".$str."%'"; break; case 3: $table = "tl_bb"; $sqlWhere = " where ItemName like BINARY '%".$str."%'"; break; case 4: $table = "tl_skill"; $sqlWhere = " where ItemName like BINARY '%".$str."%'"; break; case 5: $table = "tl_yuanbao"; $sqlWhere = " where ItemName like BINARY '%".$str."%'"; break; case 6: $table = "tl_questinfo"; $sqlWhere = " where ItemName like BINARY '%".$str."%' group by ItemName"; break; case 7: $table = "tl_map"; $sqlWhere = " where ItemName like BINARY '%".$str."%'"; break; case 8: $table = "tl_monster"; $sqlWhere = " where ItemName like BINARY '%".$str."%'"; break; case 9: $table = "tl_npc"; $sqlWhere = " where ItemName like BINARY '%".$str."%'"; break; case 10: $table = "tl_things"; $sqlWhere = " where ItemName like BINARY '%".$str."%'"; break; default: $table = ""; } $sqlStr = "select * from ".$table.$sqlWhere." limit 0,20"; $rs = $conn->ReadDB($sqlStr); ?> <div id="ccontent<?=$j+1?>"> <div class="panelRevelation"> <div id="panelRevelationTop"> <div class="p12 cWhite current">显示前 <?=count($rs)?> 条记录</div> <div class="p12 cWhite pagination"></div> </div> <div id="panelRevelationList"> <div id="innerPanelRevelationList"> <?php if($a == 1){ ?> <div class="dl"> <div class=" p14 cBlack backgroundGray dt">【图标】</div> <div class=" p14 cBlack backgroundGray dd col13">【装备名称】</div> <div class=" p14 cBlack backgroundGray dd col16">【装备种类】</div> <div class=" p14 cBlack backgroundGray dd colTwo">【装备类型】</div> <div class=" p14 cBlack backgroundGray dd col15">【等级】</div> <div class=" p14 cBlack backgroundGray dd col15">【外功】</div> <div class=" p14 cBlack backgroundGray dd col15">【内功】</div> <div class=" p14 cBlack backgroundGray dd col15">【外防】</div> <div class=" p14 cBlack backgroundGray dd col15">【内防】</div> <div class=" p14 cBlack backgroundGray dd col15">【命中】</div> <div class=" p14 cBlack backgroundGray dd col15">【闪避】</div> </div> <?php for($i=0;$i<count($rs);$i++){ ?> <div class="dl" onmouseover="currentcolor=this.style.backgroundColor;this.style.backgroundColor='#E5F0EA'" onmouseout="this.style.backgroundColor=currentcolor"> <div class="p14 dt"><a href="arm.php?id=<?=$rs[$i]['ClassID']?>" target="_blank"><img src="http://ue1.17173.itc.cn/tldb/images/<?=$rs[$i]['FileName']?>.jpg" width="41" height="42" border="0" onMouseOver="Face_MouseOver(event,1,<?=$rs[$i]['ClassID']?>)" onMouseOut="Face_MouseOut()"/></a></div> <div class=" p14 cBlack dd col13"><span onMouseOver="Face_MouseOver(event,1,<?=$rs[$i]['ClassID']?>)" onMouseOut="Face_MouseOut()"><a href="arm.php?id=<?=$rs[$i]['ClassID']?>" target="_blank"><?=$rs[$i]['ItemName']?></a></span></div> <div class=" p14 cBlack dd col16"><a href="arms.php?ClassType=<?=$rs[$i]['ClassType']?>"><?=$rs[$i]['ClassType']?></a></div> <div class=" p14 cBlack dd colTwo"><a href="arms.php?ItemClass=<?=$rs[$i]['ItemClass']?>"><?=$rs[$i]['ItemClass']?></a></div> <div class=" p14 cBlack dd col15"><a href="arms.php?MinLv=<?=$rs[$i]['Lv']?>&MaxLv=<?=$rs[$i]['Lv']?>"><?=$rs[$i]['Lv']?></a></div> <div class=" p14 cBlack dd col15"><?=$rs[$i]['OATK']>0?$rs[$i]['OATK']:0?></div> <div class=" p14 cBlack dd col15"><?=$rs[$i]['IATK']>0?$rs[$i]['IATK']:0?></div> <div class=" p14 cBlack dd col15"><?=$rs[$i]['ODEF']>0?$rs[$i]['ODEF']:0?></div> <div class=" p14 cBlack dd col15"><?=$rs[$i]['IDEF']>0?$rs[$i]['IDEF']:0?></div> <div class=" p14 cBlack dd col15"><?=$rs[$i]['Hit']>0?$rs[$i]['Hit']:0?></div> <div class=" p14 cBlack dd col15"><?=$RS[$i]['Avoid']>0?$RS[$i]['Avoid']:0?></div> </div> <?php } ?> <?php }else if($a == 2){ ?> <div class="dl"> <div class=" p14 cBlack backgroundGray dd colTwo">【套装名称】</div> <div class=" p14 cBlack backgroundGray dd colTwo">【套装类型】</div> <div class=" p14 cBlack backgroundGray dd colFour">【等级】</div> <div class=" p14 cBlack backgroundGray dd colFour">【件数】</div> <div class=" p14 cBlack backgroundGray dd colEleven">【附加属性】</div> </div> <?php for($i=0;$i<count($rs);$i++){ ?> <div class="dl" onmouseover="currentcolor=this.style.backgroundColor;this.style.backgroundColor='#E5F0EA'" onmouseout="this.style.backgroundColor=currentcolor"> <div class=" p14 cBlack dd colTwo"><span onMouseOver="Face_MouseOver(event,2,<?=$rs[$i]['ClassID']?>)" onMouseOut="Face_MouseOut()"><a href="suit.php?id=<?=$rs[$i]['ClassID']?>" target="_blank"><?=$rs[$i]['ItemName']?></a></span></div> <div class=" p14 cBlack dd colTwo"><a href="suits.php?ItemClass=<?=$rs[$i]['ItemClass']?>"><?=$rs[$i]['ItemClass']?></a></div> <div class=" p14 cBlack dd colFour"><a href="suits.php?MinLv=<?=$rs[$i]['Lv']?>&MaxLv=<?=$rs[$i]['Lv']?>"><?=$rs[$i]['Lv']?></a></div> <div class=" p14 cBlack dd colFour"><a href="suits.php?Nums=<?=$rs[$i]['Nums']?>"><?=$rs[$i]['Nums']?></a></div> <div class=" p14 cBlack dd colEleven"><?=$rs[$i]['AdditionalEffects']?></div> </div> <?php } ?> <?php }else if($a == 3){ ?> <div class="dl"> <div class=" p14 cBlack backgroundGray dt">【图标】</div> <div class=" p14 cBlack backgroundGray dd colTwo">【珍兽名称】</div> <div class=" p14 cBlack backgroundGray dd colTwo">【战斗类型】</div> <div class=" p14 cBlack backgroundGray dd colThree">【等级】</div> <div class=" p14 cBlack backgroundGray dd colTwo">【食物类别】</div> <div class=" p14 cBlack backgroundGray dd colTwo">【标准寿命】</div> <div class=" p14 cBlack backgroundGray dd colSix">【自带技能】</div> </div> <?php for($i=0;$i<count($rs);$i++){ ?> <div class="dl" onmouseover="currentcolor=this.style.backgroundColor;this.style.backgroundColor='#E5F0EA'" onmouseout="this.style.backgroundColor=currentcolor"> <div class="p14 dt"><a href="baby.php?id=<?=$rs[$i]['ClassID']?>" target="_blank"><img src="http://ue1.17173.itc.cn/tldb/images/<?=getImage($rs[$i]['FileName'])?>.jpg" width="41" height="42" border="0" onMouseOver="Face_MouseOver(event,3,<?=$rs[$i]['ClassID']?>)" onMouseOut="Face_MouseOut()"/></a></div> <div class=" p14 cBlack dd colTwo"><span onMouseOver="Face_MouseOver(event,3,<?=$rs[$i]['ClassID']?>)" onMouseOut="Face_MouseOut()"><a href="baby.php?id=<?=$rs[$i]['ClassID']?>" target="_blank"><?=$rs[$i]['ItemName']?></a></span></div> <div class=" p14 cBlack dd colTwo"><a href="babys.php?Fight=<?=$rs[$i]['Fight']?>"><?=$rs[$i]['Fight']?></a></div> <div class=" p14 cBlack dd colThree"><a href="babys.php?Lv=<?=$rs[$i]['Lv']?>"><?=$rs[$i]['Lv']?></a></div> <div class=" p14 cBlack dd colTwo"><a href="babys.php?Food=<?=$rs[$i]['Food']?>"><?=$rs[$i]['Food']?></a></div> <div class=" p14 cBlack dd colTwo"><a href="babys.php?Age=<?=$rs[$i]['Age']?>"><?=$rs[$i]['Age']?></a></div> <div class=" p14 cBlack dd colSix"><?=getSkillNameById($rs[$i]['SkillID1'])?><?=getSkillNameById($rs[$i]['SkillID2'])?><?=getSkillNameById($rs[$i]['SkillID3'])?><?=getSkillNameById($rs[$i]['SkillID4'])?><?=getSkillNameById($rs[$i]['SkillID5'])?></div> </div> <?php } ?> <?php }else if($a == 4){ ?> <div class="dl"> <div class=" p14 cBlack backgroundGray dt">【图标】</div> <div class=" p14 cBlack backgroundGray dd colTwo">【技能名称】</div> <div class=" p14 cBlack backgroundGray dd colTwo">【技能分类】</div> <div class=" p14 cBlack backgroundGray dd colTwo">【技能类型】</div> <div class=" p14 cBlack backgroundGray dd colTen">【学习要求】</div> <div class=" p14 cBlack backgroundGray dd col14">【冷却时间】</div> </div> <?php for($i=0;$i<count($rs);$i++){ ?> <div class="dl" onmouseover="currentcolor=this.style.backgroundColor;this.style.backgroundColor='#E5F0EA'" onmouseout="this.style.backgroundColor=currentcolor"> <div class="p14 dt"><a href="skill.php?id=<?=$rs[$i]['ClassID']?>" target="_blank"><img src="http://ue1.17173.itc.cn/tldb/images/<?=$rs[$i]['FileName']?>.jpg" width="41" height="42" border="0" onMouseOver="Face_MouseOver(event,4,<?=$rs[$i]['ClassID']?>)" onMouseOut="Face_MouseOut()"/></a></div> <div class=" p14 cBlack dd colTwo"><span onMouseOver="Face_MouseOver(event,4,<?=$rs[$i]['ClassID']?>)" onMouseOut="Face_MouseOut()"><a href="skill.php?id=<?=$rs[$i]['ClassID']?>" target="_blank"><?=$rs[$i]['ItemName']?></a></span></div> <div class=" p14 cBlack dd colTwo"><a href="skills.php?ClassType=<?=$rs[$i]['ClassType']?>"><?=$rs[$i]['ClassType']?></a></div> <div class=" p14 cBlack dd colTwo"><a href="skills.php?ItemClass=<?=$rs[$i]['ItemClass']?>"><?=$rs[$i]['ItemClass']?></a></div> <div class=" p14 cBlack dd colTen"><?=$rs[$i]['Condition']?$rs[$i]['Condition']:" "?></div> <div class=" p14 cBlack dd col14"> <?php if($rs[$i]['ClassType']=='门派战斗技能'){ echo $rs[$i]['CoolTime']?$rs[$i]['CoolTime']."秒":"瞬发"; echo strpos($rs[$i]['CoolTime'],'-')?"(随心法等级提高而减少)":""; } else echo " "; ?> </div> </div> <?php } ?> <?php }else if($a == 5){ ?> <div class="dl"> <div class=" p14 cBlack backgroundGray dt">【图标】</div> <div class=" p14 cBlack backgroundGray dd colEight">【物品名称】</div> <div class=" p14 cBlack backgroundGray dd colTwo">【物品类别】</div> <div class=" p14 cBlack backgroundGray dd colFour">【等级】</div> <div class=" p14 cBlack backgroundGray dd colTwo">【使用等级】</div> <div class=" p14 cBlack backgroundGray dd colTwo">【使用期限】</div> <div class=" p14 cBlack backgroundGray dd colTwo">【元宝价格】</div> <div class=" p14 cBlack backgroundGray dd colTen">【功能属性】</div> </div> <?php for($i=0;$i<count($rs);$i++){ ?> <div class="dl" onmouseover="currentcolor=this.style.backgroundColor;this.style.backgroundColor='#E5F0EA'" onmouseout="this.style.backgroundColor=currentcolor"> <div class="p14 dt"><a href="gold.php?id=<?=$rs[$i]['ClassID']?>" target="_blank"><img src="http://ue1.17173.itc.cn/tldb/<?=$rs[$i]['FileName']?>" width="41" height="42" border="0" onMouseOver="Face_MouseOver(event,5,<?=$rs[$i]['ClassID']?>)" onMouseOut="Face_MouseOut()"/></a></div> <div class=" p14 cBlack dd colEight"><span onMouseOver="Face_MouseOver(event,5,<?=$rs[$i]['ClassID']?>)" onMouseOut="Face_MouseOut()"><a href="gold.php?id=<?=$rs[$i]['ClassID']?>" target="_blank"><?=$rs[$i]['ItemName']?></a></span></div> <div class=" p14 cBlack dd colTwo"><a href="golds.php?ItemClass=<?=$rs[$i]['ItemClass']?>"><?=$rs[$i]['ItemClass']?></a></div> <div class=" p14 cBlack dd colFour"><a href="golds.php?MinLv=<?=$rs[$i]['Lv']?>&MaxLv=<?=$rs[$i]['Lv']?>"><?=$rs[$i]['Lv']?></a></div> <div class=" p14 cBlack dd colTwo"><?=$rs[$i]['UseLv']?></div> <div class=" p14 cBlack dd colTwo"><?=$rs[$i]['DeadLine']?></div> <div class=" p14 cBlack dd colTwo"><?=$rs[$i]['Cost']?></div> <div class=" p14 cBlack dd colTen"><a href="golds.php?Property=<?=$rs[$i]['Property']?>"><?=$rs[$i]['Property']?></a></div> </div> <?php } ?> <?php }else if($a == 6){ ?> <div class="dl"> <div class=" p14 cBlack backgroundGray dd colSix">【任务名称】</div> <div class=" p14 cBlack backgroundGray dd colNine">【任务类别】</div> <div class=" p14 cBlack backgroundGray dd colTwo">【等级】</div> <div class=" p14 cBlack backgroundGray dd colTwo">【所在地图】</div> <div class=" p14 cBlack backgroundGray dd colTwo">【金钱奖励】</div> <div class=" p14 cBlack backgroundGray dd colEight">【经验奖励】</div> </div> <?php for($i=0;$i<count($rs);$i++){ ?> <div class="dl" onmouseover="currentcolor=this.style.backgroundColor;this.style.backgroundColor='#E5F0EA'" onmouseout="this.style.backgroundColor=currentcolor"> <div class=" p14 cBlack dd colSix"><a href="questinfo.php?id=<?=$rs[$i]['ClassID']?>" target="_blank"><?=$rs[$i]['ItemName']?></a></div> <div class=" p14 cBlack dd colNine"><a href="questinfos.php?ItemClass=<?=$rs[$i]['ItemClass']?>"><?=$rs[$i]['ItemClass']?></a></div> <div class=" p14 cBlack dd colTwo"><a href="questinfos.php?MinLv=<?=$rs[$i]['Lv']?>&MaxLv=<?=$rs[$i]['Lv']?>"><?=$rs[$i]['Lv']?></a></div> <div class=" p14 cBlack dd colTwo"><?=getMapById($rs[$i]['StartMap'])?></div> <div class=" p14 cBlack dd colTwo"><?=$rs[$i]['Money']?></div> <div class=" p14 cBlack dd colEight"><?=$rs[$i]['Experience']?></div> </div> <?php } ?> <?php }else if($a == 7){ ?> <div class="dl"> <div class=" p14 cBlack backgroundGray dd colTwo">【地图名称】</div> <div class=" p14 cBlack backgroundGray dd colTwo">【地图类型】</div> <div class=" p14 cBlack backgroundGray dd colFive">【地图说明】</div> </div> <?php for($i=0;$i<count($rs);$i++){ ?> <div class="dl" onmouseover="currentcolor=this.style.backgroundColor;this.style.backgroundColor='#E5F0EA'" onmouseout="this.style.backgroundColor=currentcolor"> <div class=" p14 cBlack dd colTwo"><a href="map.php?id=<?=$rs[$i]['ClassID']?>" target="_blank"><?=$rs[$i]['ItemName']?></a></div> <div class=" p14 cBlack dd colTwo"><a href="maps.php?ItemClass=<?=$rs[$i]['ItemClass']?>"><?=$rs[$i]['ItemClass']?></a></div> <div class=" p14 cBlack dd colFive" title="<?=str_replace("#r"," ",$rs[$i]['DescItem'])?>"><?=substr_cut(str_replace("#r"," ",$rs[$i]['DescItem']),88)?></div> </div> <?php } ?> <?php }else if($a == 8){ ?> <div class="dl"> <div class=" p14 cBlack backgroundGray dt">【图标】</div> <div class=" p14 cBlack backgroundGray dd colEight">【怪物名称】</div> <div class=" p14 cBlack backgroundGray dd colNine">【等级】</div> <div class=" p14 cBlack backgroundGray dd colNine">【经验】</div> <div class=" p14 cBlack backgroundGray dd colSeven">【所在地图】</div> <div class=" p14 cBlack backgroundGray dd col13">【坐标】</div> </div> <?php for($i=0;$i<count($rs);$i++){ ?> <div class="dl" onmouseover="currentcolor=this.style.backgroundColor;this.style.backgroundColor='#E5F0EA'" onmouseout="this.style.backgroundColor=currentcolor"> <div class="p14 dt"><a href="monster.php?id=<?=$rs[$i]['ClassID']?>" target="_blank"><img src="http://ue1.17173.itc.cn/tldb/images/<?=getImage($rs[$i]['FileName'])?>.jpg" width="41" height="42" border="0" onMouseOver="Face_MouseOver(event,7,<?=$rs[$i]['ClassID']?>)" onMouseOut="Face_MouseOut()"/></a></div> <div class=" p14 cBlack dd colEight"><span onMouseOver="Face_MouseOver(event,7,<?=$rs[$i]['ClassID']?>)" onMouseOut="Face_MouseOut()"><a href="monster.php?id=<?=$rs[$i]['ClassID']?>" target="_blank"><?=$rs[$i]['ItemName']?><? if($rs[$i]['ItemClass']=='BOSS怪物') echo "<font color=red>[boss]</font>";?></a></span> </div> <div class=" p14 cBlack dd colNine"><?=$rs[$i]['Lv']?></div> <div class=" p14 cBlack dd colNine"><?=$rs[$i]['Experience']?$rs[$i]['Experience']:" "?></div> <div class=" p14 cBlack dd colSeven"><?=getMapByName($rs[$i]['Map'])?></div> <div class=" p14 cBlack dd col13"> <? if($rs[$i]['ItemClass']!='首领头目'){ ?><?=$rs[$i]['Points']?"(".str_replace("&",",",$rs[$i]['Points']).")":" "?><? }else echo "多处"; ?></div> </div> <?php } ?> <?php }else if($a == 9){ ?> <div class="dl"> <div class=" p14 cBlack backgroundGray dt">【图标】</div> <div class=" p14 cBlack backgroundGray dd colTwo">【NPC名称】</div> <div class=" p14 cBlack backgroundGray dd colFour">【类别】</div> <div class=" p14 cBlack backgroundGray dd colEight">【称号】</div> <div class=" p14 cBlack backgroundGray dd colTwo">【所在地图】</div> <div class=" p14 cBlack backgroundGray dd colEight">【位置】</div> <div class=" p14 cBlack backgroundGray dd col12">【职能】</div> </div> <?php for($i=0;$i<count($rs);$i++){ ?> <div class="dl" onmouseover="currentcolor=this.style.backgroundColor;this.style.backgroundColor='#E5F0EA'" onmouseout="this.style.backgroundColor=currentcolor"> <div class="p14 dt"><? if(strlen($rs[$i]['FileName'])){ ?><a href="npc.php?id=<?=$rs[$i]['ClassID']?>" target="_blank"><img src="http://ue1.17173.itc.cn/tldb/images/<?=getImage($rs[$i]['FileName'])?>.jpg" width="37" height="38" border="0" onMouseOver="Face_MouseOver(event,6,<?=$rs[$i]['ClassID']?>)" onMouseOut="Face_MouseOut()"/></a> <?php }else echo " "; ?></div> <div class=" p14 cBlack dd colTwo"><span onMouseOver="Face_MouseOver(event,6,<?=$rs[$i]['ClassID']?>)" onMouseOut="Face_MouseOut()"><a href="npc.php?id=<?=$rs[$i]['ClassID']?>" target="_blank"><?=$rs[$i]['ItemName']?></a></span></div> <div class=" p14 cBlack dd colFour"><a href="npcs.php?ItemClass=<?=$rs[$i]['ItemClass']?>"><?=$rs[$i]['ItemClass']?></a></div> <div class=" p14 cBlack dd colEight"><?=$rs[$i]['Title']?$rs[$i]['Title']:" "?></div> <div class=" p14 cBlack dd colTwo"><?=getMapByName($rs[$i]['Map'])?></div> <div class=" p14 cBlack dd colEight"><?=$rs[$i]['Place']?></div> <div class=" p14 cBlack dd col12"><a href="npcs.php?Duty=<?=$rs[$i]['Duty']?>"><?=$rs[$i]['Duty']?$rs[$i]['Duty']:" "?></a></div> </div> <?php } ?> <?php }else if($a == 10){ ?> <div class="dl"> <div class=" p14 cBlack backgroundGray dt">【图标】</div> <div class=" p14 cBlack backgroundGray dd col13">【装备名称】</div> <div class=" p14 cBlack backgroundGray dd col16">【物品分类】</div> <div class=" p14 cBlack backgroundGray dd colTwo">【物品类型】</div> <div class=" p14 cBlack backgroundGray dd col15">【等级】</div> <div class=" p14 cBlack backgroundGray dd colNine">【物品用途】</div> <div class=" p14 cBlack backgroundGray dd col18">【获取路径】</div> </div> <?php for($i=0;$i<count($rs);$i++){ ?> <div class="dl" onmouseover="currentcolor=this.style.backgroundColor;this.style.backgroundColor='#E5F0EA'" onmouseout="this.style.backgroundColor=currentcolor"> <div class="p14 dt"><a href="thing.php?id=<?=$rs[$i]['ClassID']?>" target="_blank"><img src="http://ue1.17173.itc.cn/tldb/images/<?=$rs[$i]['FileName']?>.jpg" width="41" height="42" border="0" onMouseOver="Face_MouseOver(event,8,<?=$rs[$i]['ClassID']?>)" onMouseOut="Face_MouseOut()"/></a></div> <div class=" p14 cBlack dd col13"><span onMouseOver="Face_MouseOver(event,8,<?=$rs[$i]['ClassID']?>)" onMouseOut="Face_MouseOut()"><a href="thing.php?id=<?=$rs[$i]['ClassID']?>" target="_blank"><?=$rs[$i]['ItemName']?></a></span></div> <div class=" p14 cBlack dd col16"><a href="things.php?ClassType=<?=$rs[$i]['ClassType']?>"><?=$rs[$i]['ClassType']?></a></div> <div class=" p14 cBlack dd colTwo"><a href="things.php?ItemClass=<?=$rs[$i]['ItemClass']?>"><?=$rs[$i]['ItemClass']?></a></div> <div class=" p14 cBlack dd col15"><a href="things.php?MinLv=<?=$rs[$i]['Lv']?>&MaxLv=<?=$rs[$i]['Lv']?>"><?=$rs[$i]['Lv']?></a></div> <div class=" p14 cBlack dd colNine"><?=$rs[$i]['Uses']?$rs[$i]['Uses']:" "?></div> <div class=" p14 cBlack dd col18" title="<?=filters($rs[$i]['GetWay'])?>"><?=filters(getMapByName(substr_cut($rs[$i]['GetWay'],32)))?></div> </div> <?php }?> <?php }?><div class="clear"></div> </div> <div class="clear"></div> </div> <div id="panelRevelationBottom"> <div class="p12 cWhite current"></div> <div class="p12 cWhite pagination"></div> </div> <div class="clear"></div> </div> </div> <?php } ?> <SCRIPT> <!-- var tab_config = {"label" :["content1","content2","content3","content4","content5","content6","content7","content8","content9","content10"], "content":["ccontent1","ccontent2","ccontent3","ccontent4","ccontent5","ccontent6","ccontent7","ccontent8","ccontent9","ccontent10"], "current":"quhuan", "normal" :"quhuan1", "current_label":"content1" } var tab2 = new tab_effect(tab_config); tab2.init("滑过"); //--> </SCRIPT> <?php } ?> </div> </div> <?php include("sidebar.html"); ?> <div class="clear"></div> </div> <?php include("footer.html"); ?> </body> </html>
<? /* 系统配置文件 */ $DbHost="10.59.96.114:3307"; $DbName="wowdb"; $DbUser="wowdb"; $DbPwd ="@!#$%$#$@@@@"; $DbHost1="10.59.96.114:3307"; $DbName1="wow_interface"; $DbUser1="wow_interface"; $DbPwd1 ="@!#$%$#$@@@@"; $sys_config = array( "list_ip"=>"218.66.59.108|10.5.21.49|127.0.0.1", "comment_url"=>"http://comment.news.17173.com/makecomment.php", "comment_identy"=>"newgame@!sc90ke2!cn3gh+*)" ); $manager_type = array ( 1 => "一般管理员", 9 => "系统管理员" ); $popedom_type = array ( 1 => "一级", 2 => "二级", 3 => "三级", 4 => "四级", 5 => "五级" ); $geKey = "1qwerfdsa"; //装备表名 $itemTableArr = array("ge_item_weapon", "ge_item_safe", "ge_item_adorn", "ge_item_other"); //NPC性别 $npcSexArr = array("Both"=>"男/女", "Female"=>"女", "Male"=>"男"); $htmlDir = "/html/"; ?>
配置啊 低级问题啊
危害等级:无影响厂商忽略
忽略时间:2011-08-05 21:00
漏洞Rank:3 (WooYun评价)
暂无
对本漏洞信息进行评价,以更好的反馈信息的价值,包括信息客观性,内容是否完整以及是否具备学习价值
这个给力啊!
太给力了啊 被脱裤?
这个玩大了啊~~
持续关注中。。。
登录后才能发表评论,请先 登录 。
