Discuz! System Error---您當前的訪問請求當中含有非法字符，已經被系統拒絕 - 52AV手機A片王|52AV.ONE

private function _xss_check() {
6 j' y' [" {4 h: D. @7 L
9 P" J* P6 t7 {( q+ f2 q$ Z$ r
static $check = array('"', '>', '<', '\'', '(', ')', 'CONTENT-TRANSFER-ENCODING');
# y. D7 O& H) j1 h
" Z1 V) `' |9 [ a( N
if(isset($_GET['formhash']) && $_GET['formhash'] !== formhash()) {8 O! x# h% B+ A' v# R
system_error('request_tainting');: M& x$ A- P% `1 x4 D# b1 w
}
v L8 }6 ]1 N* X$ L1 u
" V" Q( ~- O' ]! q! p: ?
if($_SERVER['REQUEST_METHOD'] == 'GET' ) {' T6 X# k7 o' X) o8 C- Y) z
$temp = $_SERVER['REQUEST_URI'];% X% }* q5 v$ X. E$ Y
} elseif(empty ($_GET['formhash'])) {: B% r+ [/ Z" t t1 Z! r C
$temp = $_SERVER['REQUEST_URI'].file_get_contents('php://input');/ K$ I' [, P# d7 Q/ P1 g
} else {
, y; g, j d, n$ D
$temp = '';/ P J0 i7 o" t& k
}
! ^$ c- V% L+ M. p. `) c" X
4 i, ?7 e0 }+ X2 `
if(!empty($temp)) {
+ R' m4 Q8 I' ?$ g7 [& w* H
$temp = strtoupper(urldecode(urldecode($temp)));
& M4 \" e% f7 x& w$ C8 Z! [) e g
foreach ($check as $str) {
: U7 C5 _$ P. q: d, h
if(strpos($temp, $str) !== false) {: F7 m* B, O6 X
system_error('request_tainting');* ~6 I1 u" K- c) _ S3 A
}
: A J0 N7 n( B' B
}0 H" s" y c6 `6 V; _, t, `
}
' k! A3 T! W7 L0 W- o; @0 A
. G# h; f, ^! |/ A& m
return true;

複製代碼