gty毕设代码

sh.sh

#!/bin/sh

# rocedu (http://www.cnblogs.com/rocedu)
# Wechat Public Number: rocedu

clear
echo "//=====Today:====================================="
echo "code summary information:"
find . \( -name "*.py" -o -name "*.html" -o -name "*.php" \) -mtime 0 | xargs cat | grep -v ^$ | wc -l 
echo "documents summary information:"
find . -name "*.md" -mtime 0 | xargs cat | grep -v ^$ | wc -l 
echo ""

echo "//=====This Week:================================="
echo "code summary information:"
find . \( -name "*.py" -o -name "*.html" -o -name "*.php" \) -mtime -7 | xargs cat | grep -v ^$ | wc -l 
echo "documents summary information:"
find . -name "*.md" -mtime -7 | xargs cat | grep -v ^$ | wc -l 
git log --pretty=format:"%h - %an,%ci: %s " | grep `date +%F --date="-0 days"`
git log --pretty=format:"%h - %an,%ci: %s " | grep `date +%F --date="-1 days"`
git log --pretty=format:"%h - %an,%ci: %s " | grep `date +%F --date="-2 days"`
git log --pretty=format:"%h - %an,%ci: %s " | grep `date +%F --date="-3 days"`
git log --pretty=format:"%h - %an,%ci: %s " | grep `date +%F --date="-4 days"`
git log --pretty=format:"%h - %an,%ci: %s " | grep `date +%F --date="-5 days"`
git log --pretty=format:"%h - %an,%ci: %s " | grep `date +%F --date="-6 days"`
echo ""
echo ""

echo "//=====This Semester:=============================="
echo "code summary information:"
find . \( -name "*.py" -o -name "*.html" -o -name "*.php" \) | xargs cat | grep -v ^$ | wc -l 
echo "documents summary information:"
find . -name "*.md" | xargs cat | grep -v ^$ | wc -l 
echo "commit history:"
git log --pretty=format:"%h - %an,%ci: %s "

app.py

import streamlit as st
# streamlit是一个高效的可视化模块展示库
# 调用css,HTML的库
from htmlTemplates import css, bot_template
# 读取文件的库
from docx import Document
# 正则表达式规范上传文件
import re
# 调用openai库
import openai
# 导入时间性能测试
import time

# Openai地址,可代理

openai.api_base = "https://api.gpts.vin/v1"

# 使用chatGPT的API密钥

openai.api_key = "sk-HMGAfRVg1gGixBb28a8f8a89FfB74b5fB3E789Bc7eF6E34b"


# 设置提示模板


prompts = [
    "安全漏洞",
    "sql漏洞检测",
    "缓冲区溢出漏洞检测",
    "XSS漏洞检测",
    "csrf漏洞检测",
    "ssrf漏洞检测"
]


# 选择不同风格
prompts1 = [
    "严肃庄重",
    "和蔼可亲",
    "幽默风趣"
]


# 选择几种方案
prompts2 = [
    "1",
    "2"
]


# 文本读取
# 经典初始化


def get_docx_text(docx_docs):

    # 初始化
    # 读取文本
    text = ""
    for docx in docx_docs:
        doc = Document(docx)
        for para in doc.paragraphs:
            text += para.text + "\n"
    return text


def handle_userinput(prompt, prompt1, prompt2, prompt3, prompt4, raw_text):

    # Clean and normalize the input
    # 将输入清理和正常化

    cleaned_prompt = re.sub(r'[^\w\s]', '', prompt)
    cleaned_prompt1 = re.sub(r'[^\w\s]', '', prompt1)
    cleaned_prompt2 = re.sub(r'[^\w\s]', '', prompt2)
    cleaned_prompt3 = re.sub(r'[^\w\s]', '', prompt3)
    cleaned_prompt4 = re.sub(r'[^\w\s]', '', prompt4)
    cleaned_text = re.sub(r'[^\w\s\n]', '', raw_text)

    # 发送给大语言模型的问题
    # 包括了前面的提示词
    # 不仅可以有多重选项,还可以输入提示

    combined_input = (f"请检查下面代码中具体在哪行存在{cleaned_prompt}和不足"
                      f"{cleaned_prompt3}。"
                      f"请你用{cleaned_prompt1}的风格指出,并进行改进。"
                      f"请给出{cleaned_prompt2}种方案。"
                      f"{cleaned_prompt4}。"
                      f"\n代码如下:\n{cleaned_text}")

    # 获取系统运行时间和CPU时间

    start_time = time.time()
    start_cpu_time = time.process_time()

    # Replace 'st.session_state.conversation' with the proper OpenAI API call
    # 模型类别为gpt-3.5
    # 先将它定义为代码漏洞分析师
    # 再将上面的问题调进来。user就是发送用户的问题
    # 这些都是提示词的作用

    response = openai.ChatCompletion.create(
        model="gpt-3.5-turbo",
        messages=[{"role": "system",
                   "content": "你是一个非常优秀、老练的代码漏洞分析师!"},
                  {"role": "user",
                   "content": combined_input}]
    )

    # 结束运行时间和CPU时间
    end_time = time.time()
    end_cpu_time = time.process_time()

    # 结束运行时间和CPU时间
    run_time = end_time - start_time
    cpu_time = end_cpu_time - start_cpu_time

    # Process and display the responses
    if 'choices' in response and len(response['choices']) > 0 and 'message' in response['choices'][0]:

        # 大语言模型的回复
        bot_response = response['choices'][0]['message']['content']

        # 显示系统运行时间和CPU时间
        st.write(f"系统运行时间: {run_time:.2f} 秒, CPU时间: {cpu_time:.2f} 秒")

        # 显示大语言模型的回答
        # 更新占位符
        st.write(bot_template.replace("{{MSG}}", bot_response),
                 unsafe_allow_html=True)


def main():

    # 导航栏
    st.set_page_config(page_title="漏洞检测机器人",
                       page_icon=":books:")

    # 调用htmlTemplates.py中的功能显示格式
    st.write(css, unsafe_allow_html=True)

    # 初始化对话
    if "conversation" not in st.session_state:
        st.session_state.conversation = None

    # 界面标题
    st.header("DOCX文件代码漏洞检测:books:")

    # 创建左侧栏和右侧栏
    # 左侧栏和右侧栏长度比为一比三
    left_col, right_col = st.columns([1, 3])

    # 选择即将检测的漏洞类型
    with left_col:
        st.subheader("选择功能模板")

        # 四个提示词选项
        # 前三个可以选
        # 第四个可以输入其他提示选项
        selected_prompt = st.selectbox("请选择一种待检测漏洞", prompts)
        selected_prompt1 = st.selectbox("请选择一种系统输出风格", prompts1)
        selected_prompt2 = st.selectbox("你想让系统提供几种方案", prompts2)

    with right_col:
        # 功能补充输入

        st.subheader("补充输入框")
        input_prompt3 = st.text_input("如果代码能继续详细分类,请指出,没有就空着", "")
        input_prompt4 = st.text_input("请输入其他需要强调的信息,没有就空着", "")

    # 上传文件区域
    st.subheader("上传文件")

    # 既可以点击上传,又可以拖入上传
    docx_docs = st.file_uploader("在此上传你的DOCX文件并点击'检测'",
                                 accept_multiple_files=True)

    # 检测按钮
    if st.button("检测"):

        # 点击按钮后执行
        # 类似于执行的时候等待
        with st.spinner("检测中"):

            # 获取docx文本
            # 调用读取文本函数
            raw_text = get_docx_text(docx_docs)

            # 调用handle_userinput函数
            # 包括了性能检测、交互模块
            # 综合选项提示词和输入提示词
            handle_userinput(selected_prompt,
                             selected_prompt1,
                             selected_prompt2,
                             input_prompt3,
                             input_prompt4,
                             raw_text)


if __name__ == '__main__':
    main()

htmlTemplates.py

css = '''
<style>
.chat-message {
    padding: 1.5rem;
     border-radius: 0.5rem;
      margin-bottom: 1rem; 
      display: flex
}


.chat-message.user {
    background-color: #2b313e
}


.chat-message.bot {
    background-color: #475063
}


.chat-message .avatar {
  width: 20%;
}


.chat-message .avatar img {
  max-width: 78px;
  max-height: 78px;
  border-radius: 50%;
  object-fit: cover;
}


.chat-message .message {
  width: 80%;
  padding: 0 1.5rem;
  color: #fff;
}
'''

# .chat-message: 这是一个基础样式,应用于所有的聊天消息气泡,
# 设置了内边距、圆角、外边距以及使用Flex布局来方便排列内部元素。
# .chat-message.bot: 特定于机器人的聊天气泡,背景颜色稍浅(#475063)。
# .chat-message .avatar: 每个消息气泡内的头像容器


# .chat-message .avatar img:
# 对头像图片的具体样式设定,限制最大宽高为78px,
# 确保圆形显示(通过border-radius: 50%),
# 并使用object-fit: cover来保持图片的原始比例并填充容器。


# .chat-message .message: 消息文本部分的样式,占80%的宽度,有内边距,
# 并将文字颜色设置为白色,以确保在不同背景色下都清晰可读。

bot_template = '''
<div class="chat-message bot">
    <div class="avatar">
        <img src="https://i.ibb.co/cN0nmSj/Screenshot-2023-05-28-at-02-37-21.png" 
        style="max-height: 78px;
         max-width: 78px; 
         border-radius: 50%; 
         object-fit: cover;">
    </div>
    <div class="message">{{MSG}}</div>
</div>
'''

# 定义了机器人消息的HTML结构,
# 包含一个头像(图片链接指向一个截图图像)
# 和一个用于显示消息文本的容器
# 文本由{{MSG}}占位符表示。
# 开发者会动态替换模板中的{{MSG}}占位符为实际的聊天内容,
# 有时候网太卡了连接头像连接不上
# https://i.ibb.co/cN0nmSj/Screenshot-2023-05-28-at-02-37-21.png

login.php

<?php

header("content-type:text/html;charset=utf-8");
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "test";



// 创建连接
$conn = new mysqli($servername, $username, $password, $dbname);
$conn->set_charset('utf8'); // 设置客户端字符集为utf8


// 检查连接
if ($conn->connect_error) {
    die("连接失败: " . $conn->connect_error);
} else {
    //echo "连接成功";

    // 获取前端传来的所有用户输入数据
    $name = $_POST['name'];
    $pw = $_POST['pw'];
    $tele = $_POST['tele'];
    $email = $_POST['email'];
    $idCard = $_POST['shenfen'];


    $query = "SELECT * FROM users WHERE username = '$name' LIMIT 1";
    $result = $conn->query($query);
    $row = $result->fetch_assoc();


    if($row['id']!=null){
        if ($pw==$row['password_ha']&&$tele==$row['telephone']&&$email==$row['email']&&$idCard==$row['shenfen']){
            header('Location:  http://192.168.0.156:8501');
        }else{
            echo '登录失败,用户名、密码、电话、邮箱或身份证号码不匹配!';
        }
    }else{
        echo '登录失败,用户不存在!';
    }

// 执行查询

}

exit();
?>

loudongjiance.html

<!DOCTYPE html>
<html lang="en">
<!-- https://codepen.io/danielkvist/pen/LYNVyPL -->
<head>
  <meta charset="UTF-8">
  <meta name="viewport" content="width=device-width, initial-scale=1.0">
  <title>Document</title>


  <script type="text/javascript" src='js/jquery.js'></script>

  <style>
    :root {
      /* COLORS */
      --white: #e9e9e9;
      --gray: #333;
      --blue: #0367a6;
      --lightblue: #008997;

      /* RADII */
      --button-radius: 0.7rem;

      /* SIZES */
      --max-width: 758px;
      --max-height: 500px;

      font-size: 16px;
      font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, Oxygen,
        Ubuntu, Cantarell, "Open Sans", "Helvetica Neue", sans-serif;
    }

    body {
      align-items: center;
      background-color: var(--white);
      background: url("https://res.cloudinary.com/dbhnlktrv/image/upload/v1599997626/background_oeuhe7.jpg");
      /* 决定背景图像的位置是在视口内固定,或者随着包含它的区块滚动。 */
      /* https://developer.mozilla.org/zh-CN/docs/Web/CSS/background-attachment */
      background-attachment: fixed;
      background-position: center;
      background-repeat: no-repeat;
      background-size: cover;
      display: grid;
      height: 100vh;
      place-items: center;
    }

    .form__title {
      font-weight: 300;
      margin: 0;
      margin-bottom: 1.25rem;
    }

    .link {
      color: var(--gray);
      font-size: 0.9rem;
      margin: 1.5rem 0;
      text-decoration: none;
    }

    .container {
      background-color: var(--white);
      border-radius: var(--button-radius);
      box-shadow: 0 0.9rem 1.7rem rgba(0, 0, 0, 0.25),
        0 0.7rem 0.7rem rgba(0, 0, 0, 0.22);
      height: var(--max-height);
      max-width: var(--max-width);
      overflow: hidden;
      position: relative;
      width: 100%;
    }

    .container__form {
      height: 100%;
      position: absolute;
      top: 0;
      transition: all 0.6s ease-in-out;
    }

    .container--signin {
      left: 0;
      width: 50%;
      z-index: 2;
    }

    .container.right-panel-active .container--signin {
      transform: translateX(100%);
    }

    .container--signup {
      left: 0;
      opacity: 0;
      width: 50%;
      z-index: 1;
    }

    .container.right-panel-active .container--signup {
      animation: show 0.6s;
      opacity: 1;
      transform: translateX(100%);
      z-index: 5;
    }

    .container__overlay {
      height: 100%;
      left: 50%;
      overflow: hidden;
      position: absolute;
      top: 0;
      transition: transform 0.6s ease-in-out;
      width: 50%;
      z-index: 100;
    }



    .container.right-panel-active .container__overlay {
      transform: translateX(-100%);
    }


    .overlay {
      background-color: var(--lightblue);
      background: url("https://cdn.pixabay.com/photo/2018/08/14/13/23/ocean-3605547_1280.jpg");
      background-attachment: fixed;
      background-position: center;
      background-repeat: no-repeat;
      background-size: cover;
      height: 100%;
      left: -100%;
      position: relative;
      transform: translateX(0);
      transition: transform 0.6s ease-in-out;
      width: 200%;
    }


    .container.right-panel-active .overlay {
      transform: translateX(50%);
    }


    .overlay__panel {
      align-items: center;
      display: flex;
      flex-direction: column;
      height: 100%;
      justify-content: center;
      position: absolute;
      text-align: center;
      top: 0;
      transform: translateX(0);
      transition: transform 0.6s ease-in-out;
      width: 50%;
    }



    .overlay--left {
      transform: translateX(-20%);
    }



    .container.right-panel-active .overlay--left {
      transform: translateX(0);
    }


    .overlay--right {
      right: 0;
      transform: translateX(0);
    }


    .container.right-panel-active .overlay--right {
      transform: translateX(20%);
    }


    .btn {
      background-color: var(--blue);
      background-image: linear-gradient(90deg, var(--blue) 0%, var(--lightblue) 74%);
      border-radius: 20px;
      border: 1px solid var(--blue);
      color: var(--white);
      cursor: pointer;
      font-size: 0.8rem;
      font-weight: bold;
      letter-spacing: 0.1rem;
      padding: 0.9rem 4rem;
      text-transform: uppercase;
      transition: transform 80ms ease-in;
    }


    .form>.btn {
      margin-top: 1.5rem;
    }


    .btn:active {
      transform: scale(0.95);
    }


    .btn:focus {
      outline: none;
    }


    .form {
      background-color: var(--white);
      display: flex;
      align-items: center;
      justify-content: center;
      flex-direction: column;
      padding: 0 3rem;
      height: 100%;
      text-align: center;
    }


    .input {
      background-color: #fff;
      border: none;
      padding: 0.9rem 0.9rem;
      margin: 0.5rem 0;
      width: 100%;
    }


    @keyframes show {

      0%,
      49.99% {
        opacity: 0;
        z-index: 1;
      }

      50%,
      100% {
        opacity: 1;
        z-index: 5;
      }
    }
  </style>
</head>


<h1> 您好!欢迎使用自动化漏洞检测系统!</h1>
<body>
  <div class="container right-panel-active">
    <!-- 简介 -->
    <div class="container__form container--signup">
      <form action="#" class="form" id="form1">


        <div id="jieshao">
				<div>
					<h4>系统简介:</h4>
					<p class="p1">
						本系统可以辅助检测源代码中的缓冲区溢出漏洞、SQL注入漏洞、XSS漏洞、CSRF漏洞和SSRF漏洞!
					</p>
					<p class="p1">
                        你可以在使用界面选择你要检测的漏洞,然后点击上传文件,或者直接把文件拖到待检测区域。
                        注意,一定要把代码放到docx文件中哦!
                        另外,请注意使用次数,不要过多使用,更不要让未经允许的第三方使用哦!
                        这是要花钱的!每和大语言模型对一次话都要花钱哟!

						</p>

				</div>
			</div>


      </form>
    </div>

    <!-- 登录 -->
    <div class="container__form container--signin">
      <form action="login.php" class="form" method="post" >
        <h2 class="form__title">登录</h2>

        <div class="input_box">
      <input type="text" placeholder="请输入用户名" class="input" id="name">
       </div>



		<div class="input_box">
      <input type="password" placeholder="请输入密码" class="input" id="pw">
       </div>

          <div class="input_box">
      <input type="text" placeholder="请输入电话号码" class="input" id="tele">
       </div>


          <div class="input_box">
      <input type="text" placeholder="请输入邮箱" class="input" id="email">
       </div>

          <div id="input_box">
      <input type="text" placeholder="请输入身份证号码"  class="input" id="shenfen">
       </div>

        <button class="btn">登录</button>
      </form>
    </div>

    <!-- Overlay -->
    <div class="container__overlay">
      <div class="overlay">
        <div class="overlay__panel overlay--left">
          <button class="btn" id="signIn">返回登录界面</button>
        </div>
        <div class="overlay__panel overlay--right">
          <button class="btn" id="signUp">系统简介</button>
        </div>
      </div>
    </div>
  </div>

  <script>
    const signInBtn = document.getElementById("signIn");
    const signUpBtn = document.getElementById("signUp");
    const fistForm = document.getElementById("form1");
    const secondForm = document.getElementById("form2");
    const container = document.querySelector(".container");

    signInBtn.addEventListener("click", () => {
      container.classList.remove("right-panel-active");
    });

    signUpBtn.addEventListener("click", () => {
      container.classList.add("right-panel-active");
    });

    fistForm.addEventListener("submit", (e) => e.preventDefault());
    secondForm.addEventListener("submit", (e) => e.preventDefault());

  </script>
</body>

</html>
posted @ 2024-05-26 10:40  20201319吴向林  阅读(28)  评论(0编辑  收藏  举报