见
http://php.net/manual/en/regexp.reference.escape.php:
\xhh – character with hex code hh
基本上它只是使用转义码看起来花式/ cyptic.
解码:
include "mysql-connect.php";
${"GLOBALS"}["lqwwikddv"] = "reschkbill";
${"GLOBALS"}["pvekrqh"] = "admin";
${"GLOBALS"}["skbdfmn"] = "respetty";
${"GLOBALS"}["rvrawqhtig"] = "date";
${"GLOBALS"}["mnvjrlxp"] = "sqlpetty";
include "session.php";
${${"GLOBALS"}["rvrawqhtig"]} = date("Y-m-d");
echo "\n";
${"GLOBALS"}["mddoqspgh"] = "countpetty";
if (${${"GLOBALS"}["pvekrqh"]} == 1) {
header("location:logout.php");
} else {
$bbnimsb = "countchk";
$silucxpqku = "reschkbill";
${"GLOBALS"}["zjxlmesrg"] = "countchk";
$wkozfoxln = "sqlchkbill";
${$wkozfoxln} = "select * from masterout where storeid='$storeid' and date='$date' and (kot=0 or kot=1 or kot=2)";
${"GLOBALS"}["qmnicsblict"] = "sqlchkbill";
${$silucxpqku} = mysql_query(${${"GLOBALS"}["qmnicsblict"]});
${${"GLOBALS"}["zjxlmesrg"]} = mysql_num_rows(${${"GLOBALS"}["lqwwikddv"]});
if (${$bbnimsb} > 0) {
header("location:error.php?err=1");
} else {
${"GLOBALS"}["zvquclvfqii"] = "sqlpetty";
${${"GLOBALS"}["zvquclvfqii"]} = "select * from dayclose where storeid='$storeid' and dayclose='$date'";
${${"GLOBALS"}["skbdfmn"]} = mysql_query(${${"GLOBALS"}["mnvjrlxp"]});
${${"GLOBALS"}["mddoqspgh"]} = mysql_num_rows(${${"GLOBALS"}["skbdfmn"]});
if (${${"GLOBALS"}["mddoqspgh"]} == 0) {
header("location:error.php?err=2");
} else {
header("location:logout.php");
}
}
}
我只是用javascript将它翻译成了理智的东西.
var source = '...';
var decoded = source.replace(/\\x([a-f0-9][a-f0-9])/g, function(a,b) {
return String.fromCharCode(parseInt(b, 16));
});
然后,如果你想变得疯狂,你可以把它煮沸(手工):
include "mysql-connect.php";
include "session.php";
$date = date("Y-m-d");
echo "\n";
if ($admin) {
header("location:logout.php");
} else {
$sql = "select * from masterout where storeid='$storeid' and date='$date' and (kot=0 or kot=1 or kot=2)";
$count = mysql_num_rows(mysql_query($sql));
if ($count > 0) {
header("location:error.php?err=1");
} else {
$sql = "select * from dayclose where storeid='$storeid' and dayclose='$date'";
$count = mysql_num_rows(mysql_query($sql));
if ($count == 0) {
header("location:error.php?err=2");
} else {
header("location:logout.php");
}
}
}
附:这是非常可怕的代码:/为什么他们没有使用COUNT(*)而不是获取所有结果超出了我.