最近服务器被人破了,网站好像有问题,我用Acunetix Web Vulnerability Scanner 8 检测好多危险等级高的问题,有些看不明白情高手指教!
PHP服务器Web安全

解决方案 »

  1.   

    这里面10个问题 我全贴出来!
    <?php
    include("./include/mysql.class.php");
    include("./include/config.php");
    include("./class/product.class.php");
    include("./class/sc.class.php");$bid=cint( isset($_REQUEST['bid']) ? $_REQUEST['bid'] : '0');
    $sid=cint( isset($_REQUEST['sid']) ? $_REQUEST['sid'] : '0');
    $cid=cint(isset($_REQUEST['cid']) ? $_REQUEST['cid'] : '0');
    $ccid=cint(isset($_REQUEST['cid']) ? $_REQUEST['ccid'] : '0');
    $products=new Product();
    $sc= new SCClass();
    $productclass=new ProductClass();
    $webtitle="";
    $webkey=$configs['web_keywords'];
    $keywords=  isset($_REQUEST['keywords']) ? $_REQUEST['keywords'] : '';
    $key= isset($_REQUEST['key']) ? $_REQUEST['key'] : '';$webdes=$configs['web_des'];$webtitles="";
    if($bid!=0)
    {
    $model=$productclass->GetClassModel($bid);
    $webtitle=$model->ClassName."_";
    $webkey=$model->KeyWord;
    $webdes=$model->Des;
    }if($sid!=0)
    {
    $models=$productclass->GetClassModel($sid);
    $webtitles=$models->ClassName."_";
    $webkey=$models->KeyWord;
    $webdes=$models->Des;
    }
     
    ?>
    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
    <html xmlns="http://www.w3.org/1999/xhtml">
    <head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
    <meta http-equiv="X-UA-Compatible"content="IE=7">
    <link rel="stylesheet" href="css/style.css" type="text/css" />
    <link rel="stylesheet" href="css/lianxi.css" type="text/css" />
    <link rel="stylesheet" href="css/dongtai.css" type="text/css" />
    <script language="javascript" src="js/fun.js"></script>
    <title><?=$webtitles?><?=$webtitle?>产品_<?=$configs['web_title']?></title>
    <META content="<?=$webdes?>" name="description">
    <META content="<?=$webkey?>" name="keywords">
    <META name="AUTHOR" content="<?=$configs['web_author']?>">
    <style>
    .keywords,keywords2{ float:left; height:22px; line-height:22px; padding:0 8px;   margin:3px;}
    .keywords a{ color:#0066CC;} .keywords2 a{background:#0066FF;  float:left; height:22px; line-height:22px;   margin:3px; padding:0 8px; color:#fff;}
    .STYLE1 {font-weight: bold}
    </style>
     <?
    include("runjs.html");
     ?>
    </head><script language="JavaScript" src='js/cookie.js'></script>
    <script language="JavaScript" src='js/fj.js'></script>
    <body onload="TransFor()">
    <div class="cont">
      <?
    include("top.html");
    include("./include/page.class.php"); ?>
     
    <!--导航-->
     <a name="top"></a><div class="neirong">
    <? include("proleft.php");?>
    <div class="right fl">
    <? include("search_bar.php");?>

    <iframe frameborder="0" scrolling="no" width="807" height="145" src="banner.php?types=力康产品" marginheight="0" marginwidth="0"></iframe>
      
    <div>
    <div id="neirong">
    <table width="807">
    <tr><td height="45" colspan="2"><span>筛选</span></td></tr>
    <tr><td colspan="2" style="background:url(images/chanpin_fgx.jpg) no-repeat;">&nbsp;</td></tr>
    <tr><td width="60" align="center"><img src="images/chanpin_icosousuo.jpg" width="38" height="37" /></td><td valign="top">
    <?
    $ck1=$keywords==""?"2":"";
    ?>
    <div class="keywords<?=$ck1?>"><a href="product.php?bid=<?=$bid?>&sid=<?=$sid?>">所有</a></div>
    <?
    $listkey=$products->GetPageListKey("",0,100);
    foreach($listkey as $lrs)
    {
    $ck=$keywords==$lrs["keyword"]?"2":"";
    ?>
    <div class="keywords<?=$ck?>"><a href="product.php?bid=<?=$bid?>&sid=<?=$sid?>&cid=<?=$cid?>&ccid=<?=$ccid?>&keywords=<?=$lrs["keyword"]?>"><?=$lrs["keyword"]?></a></div>
    <?
    }
    ?>
    </td>
    </tr>
    <tr><td height="45" colspan="2"><span>产品展示</span></td></tr>
    <tr><td colspan="2" style="background:url(images/chanpin_fgx.jpg) no-repeat;">&nbsp;</td></tr>
    </table>
    <!--系列产品-->
    <? if($bid==0 && $sid==0 &&  $keywords=="" &&    $key=="" && $cid==0 &&   $ccid==0)
    {
      foreach($list as $rs)
    {
    $c=$bid==$rs[0]?"class='current'":"";

    ?><table width="805" style="background:url(images/chanpin_menubg.jpg) repeat-x; margin-top:12px;">
    <tr height="25">
      <td>&nbsp; <span class="span1" style="color:#404040"><strong><?=$rs[1]?></strong></span></td>
    </tr>
      </table>
      
      <?
    $list2=$productclass->GetClassList($rs['ClassId']);
    foreach($list2 as $rs2)
    {
    $cc=$sid==$rs2[0]?"style='color:#FF9900'":"";
    ?>
     

    <table width="100%" border="0" cellspacing="0" cellpadding="0">
                          <tr>
                            <td height="23"><span class="span1" style="color:#0084C5">&nbsp;&nbsp; <strong><?=$rs2[1]?></strong></span></td>
                          </tr>
                          <tr>
      
                            <td height="23">
    <?
    $plist=$products->GetPageList(" and a.bid=".$rs[0]." and  a.sid=".$rs2[0]."  and shows='yes' ",0,4);
    foreach($plist as $rss)
    {
    ?>
    <div style="float:left; width:200px; height: 290px; margin-bottom:15px;">
    <table height="269" id="tu">
      <tr align="center">
    <td width="200"   valign="middle"><a href="proshow.php?id=<?=$rss["id"]?>" title="<?=$rss["title"]?>"><img src="<?=$rss["pic"]?>" alt="<?=$rss["title"]?>" width="175" height="150" onload="imgs(this,175,175);" /></a></td>
      </tr>
      <tr align="center">
    <td width="200" height="61" valign="top"><a href="proshow.php?id=<?=$rss["id"]?>" title="<?=$rss["title"]?>"><?=sub_str($rss["title"],86)?></a></td>
      </tr>
      </table>
    </div>
    <?
    }
    ?>
    </td>
                          </tr>
                        </table> <? }?>
    <?
    }
     
    }
    else
    {  
    ?>
    <?
    if ($sid==0 )
    {
    ?>
     <table width="100%" height="67" border="0" cellpadding="0" cellspacing="3" style="margin:10px 0px; border:1px solid #ccc; display:none;">
                                <tr>
                                  <td width="17%" style=" padding:5px;"><img src="<?=$productclass->GetClassPic($bid)?>" onload="imgs(this,120,120);" id="simg" width="118" height="118" /></td>
                                  <td width="83%" valign="top"  style=" padding:5px;">
                                    <span class="STYLE1">
                                    <?=$productclass->GetClassName($bid)?>
                                    </span>                              <br />
                                  <br />                                
                                  <?=$productclass->GetClassContent($bid)?></td>
                                </tr>
                      </table>
     
    <?
    }
    else
    {
    ?> 
      
     <table width="100%" height="67" border="0" cellpadding="0" cellspacing="3" style="margin:10px 0px; border:1px solid #ccc; display:none;">
                                <tr>
                                  <td width="17%"  style=" padding:5px;"><img src="<?=$productclass->GetClassPic($sid)?>" onload="imgs(this,120,120);" id="simg" width="118" height="118" /></td>
                                  <td width="83%" valign="top"  style=" padding:5px;">
                                    <?=$productclass->GetClassName($sid)?>
                                  <br />
                                  <br />                                
                                  <?=$productclass->GetClassContent($sid)?></td>
                                </tr>
                      </table>
     
    <?
    }
    ?>   
        <?php
    $s='';
    if($bid!="0")
    {
    $s.=" and a.bid=$bid ";
    }

    if($sid!="0")
    {
    $s.=" and a.sid=$sid ";
    }

    if($cid!="0")
    {
    $s.=" and a.cid=$cid ";
    }

    if($ccid!="0")
    {
    $s.=" and a.ccid=$ccid ";
    }


    if($keywords!='')
    {
    $s.=" and likewords like '%$keywords%' ";
    }
    if($key!='')
    {
    $s.=" and title like '%$key%' or scontent like '%$key%' or a.content like '%$key%' ";
    }
    $s.=" and shows='yes' ";
    $count=$products->GetCount($s); $options = array(
    'total_rows' => $count, //总行数
    'list_rows'  => '20',  //每页显示量
    );
     

     //判断当前页码
     $page= isset($_REQUEST['p']) ? $_REQUEST['p'] : '1';
     $page=cint($page);
     $offset=$options['list_rows']*($page-1);

    $list2=$products->GetPageList($s, $offset,$options['list_rows']);
    if($list2==NULL)
    {
    if($key!="")
    {
    echo "抱歉,找不到与 ". $_REQUEST['key'] ." 相符的内容   <a href='product.php' style='margin-left:10px;'>点击查看所有产品</a>";
    }
    else
    {
    echo "抱歉,找不到   相符的内容";
    }
    }
    foreach($list2 as $rss)

     
     ?>
    <div style="float:left; width:200px; height: 290px; margin-bottom:15px;">
    <table height="269" id="tu">
      <tr align="center">
    <td width="200" height="200" valign="middle"><a href="proshow.php?id=<?=$rss["id"]?>" title="<?=$rss["title"]?>"><img src="<?=$rss["pic"]?>" alt="<?=$rss["title"]?>" onload="imgs(this,175,175);" width="175" height="200" /></a></td>
      </tr>
      <tr align="center">
    <td height="61" valign="top"><a href="proshow.php?id=<?=$rss["id"]?>" title="<?=$rss["title"]?>"><?=sub_str($rss["title"],86)?></a></td>
      </tr>
    </table>
      </div>
     
              <?php
    }
    ?>   
    <table id="table" width="100%" >
    <tr align="right"><td height="31">
       <div class="pages" style="height:35px; margin-top:20px;">

       </div>
     
     
    </td></tr>
      </table>


    <?
    }
    ?>
    <table id="table" width="100%" >
    <tr align="right"><td height="31"> <a href="#top" style="border:1px #0066CC solid; background:#fff; color:#003399; display:block; text-align:center; width:80px; height:20px; line-height:20px;">返回顶部</a> </td></tr>
      </table>
    </div>
    </div>
    </div>
    </div>

    <? include("foot.html")?>

    </div>
    </body>
    </html>
      

  2.   

     检测好多危险等级高的问题...内容呢?
    看了看代码 大体就是上面说的过滤了,过滤掉一些非法字符拒绝非法注入.可以搜索一下PHP 过滤非法字符...