php简单的查找当前目录下的非法文件

<?php
	/**
	*只遍历当前目录下的文档
	*@return bool
	*/
	$new = microtime();
	 function read_all_file($path)
	{
		if(empty($path))
		{
			return false;
		}
		$path = rtrim($path,'/');
		static $file_arr = array();
		if(! is_readable($path))
		{
			
			echo $path.'无权限读取文件或文件夹不存在';
			return false;
		}
		//$oldtime = strtotime('2014-12-12');
		$new_path = '';$x = '';$ext = '';$content = '';
	    if($handler = opendir($path))
		{ 
			while (($sub = readdir($handler)) !== FALSE) 
			{ 
				if ($sub != "." && $sub != ".." && $sub != "Thumb.db" && $sub != "Thumbs.db") 
				{ 	$new_path = $path."/".$sub;
					if(is_file($path."/".$sub)) 
					{ 
						$x = explode('.', $new_path);
						$ext = strtolower(end($x));
						
						if($ext == 'php' || $ext == 'asp')
						{
							$content = file_get_contents($new_path);
							$time    = filemtime($new_path);
							//记录非法文件位置
							if(preg_match('/eval|cmd|system|exec|fopen|file_put_contents/i',$content)){
							file_put_contents('gua.txt',$new_path.PHP_EOL, FILE_APPEND);
							}
							/*if($time>$oldtime){
							file_put_contents('gua-date.txt',$new_path.PHP_EOL, FILE_APPEND);
							}*/
							unset($content);
						}
						else
						{
							continue;
						}
						
						
					}
					/*else //如果是文件夹输出文件名称继续
					{
						//read_all_file($path."/".$sub);
					}*/
					
				}
             } 
        } 
        closedir($handler);
    }
read_all_file(dirname(__FILE__).'/phpcms');
echo microtime() - $new;
?>

 

posted on 2014-12-16 14:57  木子牛  阅读(197)  评论(0编辑  收藏  举报

导航