403Webshell
Server IP : 103.118.17.23  /  Your IP : 216.73.216.168
Web Server : Microsoft-IIS/10.0
System : Windows NT RESELLERPLESK22 10.0 build 20348 (Windows Server 2016) AMD64
User : IWAM_plesk(default) ( 0)
PHP Version : 7.4.33
Disable Function : NONE
MySQL : OFF  |  cURL : ON  |  WGET : OFF  |  Perl : OFF  |  Python : OFF  |  Sudo : OFF  |  Pkexec : OFF
Directory :  E:/Inetpub/vhosts/mesa.org.in/httpdocs/assets/_core/php/examples/basic_qform/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : E:/Inetpub/vhosts/mesa.org.in/httpdocs/assets/_core/php/examples/basic_qform/xss.php
<?php
require_once('../qcubed.inc.php');

// Define the Qform with all our Qcontrols
class ExamplesForm extends QForm {

	/** @var QTextbox */
	protected $txtTextbox1;

	/** @var QLabel */
	protected $lblLabel1;

	/** @var QButton */
	protected $btnButton1;

	/** @var QTextbox */
	protected $txtTextbox2;

	/** @var QLabel */
	protected $lblLabel2;

	/** @var QButton */
	protected $btnButton2;

	/** @var QTextbox */
	protected $txtTextbox3;

	/** @var QLabel */
	protected $lblLabel3;

	/** @var QButton */
	protected $btnButton3;

	/** @var QTextbox */
	protected $txtTextbox4;

	/** @var QLabel */
	protected $lblLabel4;

	/** @var QButton */
	protected $btnButton4;

	/** @var QTextbox */
	protected $txtTextbox5;

	/** @var QLabel */
	protected $lblLabel5;

	/** @var QButton */
	protected $btnButton5;

	// Initialize our Controls during the Form Creation process
	protected function Form_Create() {
		// default legacy protection, will throw an exception
		$this->txtTextbox1 = new QTextbox($this);
		$this->txtTextbox1->Text = 'Hello!';
		$this->txtTextbox1->Width = 500;

		$this->lblLabel1 = new QLabel($this);
		$this->lblLabel1->HtmlEntities = false;
		$this->lblLabel1->Text = "";

		$this->btnButton1 = new QButton($this);
		$this->btnButton1->Text = "Parse and Display";
		$this->btnButton1->AddAction(new QClickEvent(), new QAjaxAction('btnButton1_Click'));

		// htmlentities mode
		$this->txtTextbox2 = new QTextbox($this);
		$this->txtTextbox2->CrossScripting = QCrossScripting::HtmlEntities;
		$this->txtTextbox2->Text = 'Hello! <script>alert("I am an evil attacker.")</script>';
		$this->txtTextbox2->Width = 500;

		$this->lblLabel2 = new QLabel($this);
		$this->lblLabel2->Text = "";

		$this->btnButton2 = new QButton($this);
		$this->btnButton2->Text = "Parse and Display";
		$this->btnButton2->AddAction(new QClickEvent(), new QAjaxAction('btnButton2_Click'));

		// full protection with the HTMLPurifier defaults
		$this->txtTextbox3 = new QTextbox($this);
		$this->txtTextbox3->CrossScripting = QCrossScripting::HTMLPurifier;
		$this->txtTextbox3->Text = 'Hello! <script>alert("I am an evil attacker.")</script>';
		$this->txtTextbox3->Width = 500;

		$this->lblLabel3 = new QLabel($this);
		$this->lblLabel3->Text = "";

		$this->btnButton3 = new QButton($this);
		$this->btnButton3->Text = "Parse and Display";
		$this->btnButton3->AddAction(new QClickEvent(), new QAjaxAction('btnButton3_Click'));

		// full protection with an allowed list of tags
		$this->txtTextbox4 = new QTextbox($this);
		$this->txtTextbox4->CrossScripting = QCrossScripting::HTMLPurifier;
		$this->txtTextbox4->SetPurifierConfig("HTML.Allowed", "b,strong,i,em,img[src]");
		$this->txtTextbox4->Text = 'Hello! <script>alert("I am an evil attacker.")</script><b>Hello</b> <i>again</i>!';
		$this->txtTextbox4->Width = 500;

		$this->lblLabel4 = new QLabel($this);
		$this->lblLabel4->HtmlEntities = false;
		$this->lblLabel4->Text = "";

		$this->btnButton4 = new QButton($this);
		$this->btnButton4->Text = "Parse and Display";
		$this->btnButton4->AddAction(new QClickEvent(), new QAjaxAction('btnButton4_Click'));

		// the textbox won't have the XSS protection!
		$this->txtTextbox5 = new QTextbox($this);
		$this->txtTextbox5->CrossScripting = QCrossScripting::Allow;
		$this->txtTextbox5->Text = 'Hello! <script>alert("I am an evil attacker.")</script><b>Hello</b> again!';
		$this->txtTextbox5->Width = 500;

		$this->lblLabel5 = new QLabel($this);
		$this->lblLabel5->HtmlEntities = false;
		$this->lblLabel5->Text = "";

		$this->btnButton5 = new QButton($this);
		$this->btnButton5->Text = "Parse and Display";
		$this->btnButton5->AddAction(new QClickEvent(), new QAjaxAction('btnButton5_Click'));
	}

	protected function btnButton1_Click($strFormId, $strControlId, $strParameter) {
		$this->lblLabel1->Text = $this->txtTextbox1->Text;
	}

	protected function btnButton2_Click($strFormId, $strControlId, $strParameter) {
		$this->lblLabel2->Text = $this->txtTextbox2->Text;
	}

	protected function btnButton3_Click($strFormId, $strControlId, $strParameter) {
		$this->lblLabel3->Text = $this->txtTextbox3->Text;
	}

	protected function btnButton4_Click($strFormId, $strControlId, $strParameter) {
		$this->lblLabel4->Text = $this->txtTextbox4->Text;
	}

	protected function btnButton5_Click($strFormId, $strControlId, $strParameter) {
		$this->lblLabel5->Text = $this->txtTextbox5->Text;
	}
}

// Run the Form we have defined
ExamplesForm::Run('ExamplesForm');
?>

Youez - 2016 - github.com/yon3zu
LinuXploit