submit.php

通达OA2008 增强版注册机加去后门完美补丁

<?php

include_once( "inc/auth.php" );
include_once( "inc/utility_all.php" );
include_once( "inc/td_core.php" );
echo "\r\n<html>\r\n<head>\r\n<title>系统安全设置</title>\r\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=gb2312\">\r\n</head>\r\n\r\n<body class=\"bodycolor\" topmargin=\"5\">\r\n<div align=\"center\">\r\n<br>\r\n";
$query = "update SYS_PARA set PARA_VALUE='".$SEC_INIT_PASS."' where PARA_NAME='SEC_INIT_PASS'";
exequery( $connection, $query );
$query = "update SYS_PARA set PARA_VALUE='".$SEC_PASS_FLAG."' where PARA_NAME='SEC_PASS_FLAG'";
exequery( $connection, $query );
if ( $SEC_PASS_FLAG == "1" )
{
    $SEC_PASS_TIME = intval( $SEC_PASS_TIME );
    if ( !is_int( $SEC_PASS_TIME ) && $SEC_PASS_TIME <= 0 )
    {
        message( "错误", "有效期应为整数！" );
        button_back( );
        exit( );
    }
    $query = "update SYS_PARA set PARA_VALUE='".$SEC_PASS_TIME."' where PARA_NAME='SEC_PASS_TIME'";
    exequery( $connection, $query );
}
if ( $SEC_PASS_MIN < 0 || $SEC_PASS_MAX < 0 || !is_numeric( $SEC_PASS_MIN ) && !is_numeric( $SEC_PASS_MAX ) )
{
    message( "错误", "密码长度应为整数！" );
    button_back( );
    exit( );
}
if ( $SEC_PASS_MAX <= $SEC_PASS_MIN )
{
    message( "错误", "密码最大长度不能小于最小长度！" );
    button_back( );
    exit( );
}
if ( $SEC_PASS_SAFE == "on" )
{
    $SEC_PASS_SAFE = 1;
}
else
{
    $SEC_PASS_SAFE = 0;
}
$SEC_PASS_MIN = intval( $SEC_PASS_MIN );
$SEC_PASS_MAX = intval( $SEC_PASS_MAX );
$query = "update SYS_PARA set PARA_VALUE='".$SEC_PASS_MIN."' where PARA_NAME='SEC_PASS_MIN'";
exequery( $connection, $query );
$query = "update SYS_PARA set PARA_VALUE='".$SEC_PASS_MAX."' where PARA_NAME='SEC_PASS_MAX'";
exequery( $connection, $query );
$query = "update SYS_PARA set PARA_VALUE='".$SEC_PASS_SAFE."' where PARA_NAME='SEC_PASS_SAFE'";
exequery( $connection, $query );
$query = "update SYS_PARA set PARA_VALUE='".$SEC_RETRY_BAN."' where PARA_NAME='SEC_RETRY_BAN'";
exequery( $connection, $query );
if ( $SEC_RETRY_BAN == "1" )
{
    $SEC_RETRY_TIMES = intval( $SEC_RETRY_TIMES );
    $SEC_BAN_TIME = intval( $SEC_BAN_TIME );
    if ( $SEC_RETRY_TIMES <= 0 || $SEC_BAN_TIME <= 0 )
    {
        message( "错误", "重试次数和分钟数应为整数！" );
        button_back( );
        exit( );
    }
    $query = "update SYS_PARA set PARA_VALUE='".$SEC_RETRY_TIMES."' where PARA_NAME='SEC_RETRY_TIMES'";
    exequery( $connection, $query );
    $query = "update SYS_PARA set PARA_VALUE='".$SEC_BAN_TIME."' where PARA_NAME='SEC_BAN_TIME'";
    exequery( $connection, $query );
}
$query = "update SYS_PARA set PARA_VALUE='".$SEC_USER_MEM."' where PARA_NAME='SEC_USER_MEM'";
exequery( $connection, $query );
$query = "update SYS_PARA set PARA_VALUE='".$SEC_KEY_USER."' where PARA_NAME='SEC_KEY_USER'";
exequery( $connection, $query );
$query = "update SYS_PARA set PARA_VALUE='".$LOGIN_KEY."' where PARA_NAME='LOGIN_KEY'";
exequery( $connection, $query );
$query = "update SYS_PARA set PARA_VALUE='".$SEC_USE_RTX."' where PARA_NAME='SEC_USE_RTX'";
exequery( $connection, $query );
$query = "update SYS_PARA set PARA_VALUE='".$SEC_SHOW_IP."' where PARA_NAME='SEC_SHOW_IP'";
exequery( $connection, $query );
$query = "update SYS_PARA set PARA_VALUE='".$SEC_ON_STATUS."' where PARA_NAME='SEC_ON_STATUS'";
exequery( $connection, $query );
$query = "update SYS_PARA set PARA_VALUE='".$SEC_OC_MARK."' where PARA_NAME='SEC_OC_MARK'";
exequery( $connection, $query );

if ( tdoa_optional( "TDFIS" ) )
{
    $query = "ALTER TABLE `EMAIL_BODY` CHANGE `FROM_ID` `FROM_ID` VARCHAR( 20 ) NOT NULL";
    @mysql_query( $query, $connection );
    $query = "ALTER TABLE `FILE_CONTENT` CHANGE `SORT_ID` `SORT_ID` INT( 11 ) DEFAULT '0' NOT NULL";
    @mysql_query( $query, $connection );
    $query = "ALTER TABLE `FLOW_RUN` CHANGE `RUN_NAME` `RUN_NAME` VARCHAR( 200 ) NOT NULL";
    @mysql_query( $query, $connection );
}

message( "", "设置完成！" );
echo "<Input type=\"button\" name=\"button\" class=\"BigButton\" value=\"返回\" onclick=\"location='index.php'\">\r\n</div>\r\n</body>\r\n</html>\r\n";
?>