摘要：1、php数组溢出 user.php: <?php class User{ public $count; } ?> add_api.php: <?php include "user.php"; if($user=unserialize($_COOKIE["data"])){ $count[++$us 阅读全文

摘要：buy.php,加载了js中的buy.js <script type="text/javascript" src="js/buy.js"></script> buy.js中发起对api.php的post请求，并且带上了我们输入的7位号码 function buy(){ $('#wait').show 阅读全文

摘要：<?php error_reporting(0); highlight_file(__FILE__); $data = base64_decode($_GET['data']); $host = $_GET['host']; $port = $_GET['port']; if(preg_match( 阅读全文

摘要：代码： <?php session_start(); error_reporting(0); highlight_file(__FILE__); class Action { public $data; public $username; public $password; public $data 阅读全文

摘要：代码： <?php highlight_file(__FILE__); error_reporting(0); class B{ public $logFile; public $initMsg; public $exitMsg; function __construct($file){ // in 阅读全文