### 简要描述:
### 详细说明:
```
<?php
/**
* [Discuz!] (C)2001-2099 Comsenz Inc.
* This is NOT a freeware, use is subject to license terms
*
* $Id: function_connect.php 24725 2011-10-09 14:48:51Z yangli $
*/
//这里没有加IN_DISCUZ常量判断
//直接包函了文件
require_once libfile('function/cloud');
function connect_output_javascript($jsurl) {
return '<script type="text/javascript">_attachEvent(window, \'load\', function () { appendscript(\''.$jsurl.'\', \'\', 1, \'utf-8\') }, document);</script>';
}
function connect_output_php($url, $postData = '') {
global $_G;
$response = dfsockopen($url, 0, $postData, '', false, $_G['setting']['cloud_api_ip']);
$result = (array) unserialize($response);
return $result;
}
```
所以直接访问这个文件是会报错的
### 漏洞证明:
TestUrl:http://www.test.com/source/function/function_connect.php
京公网安备 11010502034610号
暂无评论