@yao978318542 你不知道 取余是什么意思吗?

下面为 PHP 代码,你可以自己运行一下,

<?php

$uid = 13922;

$url = 'http://api.expoon.com/XmlKrpano/getCrptyXml/uid/' . $uid;

$data = file_get_contents($url);

$data = substr($data, 2, -2); //去掉不需要的内容

$key = $uid % 10; //得到 key

$data = str_replace('$', $key, $data); //进行替换

$data = base64_decode($data); // base64 解码

var_dump($data);//输出内容

@yao978318542 找到了.
还原的方法为: 将收到的字符串里的 $ 符号替换为 你那个 uid%10 (即 uid 取余 10) 之后的内容, 然后 Base64 解码就可以了.

还原代码来自于: http://s.expoon.com/image/z/krpano/js/expoon.api.js?time=201612141434 这个文件

var thiskey = user_id % 10;
var a = 'PD94bWwgdmVyc$lvbj0iMS4wIiBlbmNvZGluZz0id.................'
var c = a.replace(/\$/g, thiskey);
var b = new Base64();
c = b.decode(c);

@yao978318542 这个是输出这段数据的地方, 那使用的呢? 是你是在哪个页面上发现有代码调用这个接口的.

@yao978318542 代码哪来的? 既然是返回给前端用的, 那肯定有还原的代码. 上 URL 或者上代码..

@eabet 不是 JSON 数据的问题, 而是你的源数据串太长.
就像 4 楼 @zhouheyang0919 说的那样, 不能加密太长的数据.
附完整的测试代码:

```
<?php

$public_key = '
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC6BzEdnKKNifTOGk33p8+Sp4En
OEsprSqbsTZgVRDmg2aLP5XhhSBlu4PPurMEz2W0tj1TyhkfJvdtkHuA629/760g
HExMOaNHzJdwvkTJW7ZlBi4+KoI0F/48Y4i71kuXY6V6niIZjzypnEfMPyo2+CCE
d1VeXOFqnjYmOHsG0wIDAQAB
-----END PUBLIC KEY-----
';

$private_key = '
-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQC6BzEdnKKNifTOGk33p8+Sp4EnOEsprSqbsTZgVRDmg2aLP5Xh
hSBlu4PPurMEz2W0tj1TyhkfJvdtkHuA629/760gHExMOaNHzJdwvkTJW7ZlBi4+
KoI0F/48Y4i71kuXY6V6niIZjzypnEfMPyo2+CCEd1VeXOFqnjYmOHsG0wIDAQAB
AoGALhD7265fHpesFKG07wASSenK9NBe5IoqQ/XFVmOaVMrzSMZNMlSKKkceJAHC
tQ06zV5Xn3krcWhv2yTtQIaMzH/LAqNvisGrS8W5S/i9rGECXINNmmym0yYzHyvW
TrTuFvABiO9jAPe7a26hY2SibJ7/rbRykxmm69EvimuKoakCQQD2JpR8dcgEmqNk
q+m4RifXDFet5grvjX/6Ow9Cb+ZnUDKu1jEmqtebBorVFka3adCfcmyaeVQvol4D
4pDVne3dAkEAwXjAfhgSNBYjUzkgLMHuBztPDMDQbqjtZGEeKQIUJetCKMI2CLdH
luqfRjHSKUBC/Vu5j/i1axCubdJeBHA0bwJAOrVi7vhsl2SGmglCulfJQspH00st
yor2Pil97zufOX7wR7EAkhdnSytZS49/mFldj9oLuyA7Cw1v3P9Zyglb5QJAZG1s
5kdSc60mKxYVKIaGK0TTFNilmTug9qEfCcRldwV2szeU2tNgmusxQDuuTvFnlKJf
YWeFrIzdLm6rlPw1iwJBAKM33BIVC1QSRHrpC1kUHGPFSC7R2ISaT8Mjfh/shRn9
Lmsv3CzXRPZRfxxt4fyYp8rIllo97Gd/xWWNAMlnXBQ=
-----END RSA PRIVATE KEY-----
';

$pi_key = openssl_pkey_get_private($private_key);
$pu_key = openssl_pkey_get_public($public_key);


$terId = 1111111111;
$businessOrdid = 222222222;
$orderName = '$orderName 带空格,带汉字,带，全半角内容';
$Gold = 100;
$selfParam = '234lkajsdfasdf';
$syncURL = 'http://test.com/sync';
$asynURL = 'http://test.com/async';
$payType = 'test';



$encrypted = '';
$json = array();
$json['terId'] = $terId;
$json['businessOrdid'] = $businessOrdid;
$json['orderName'] = $orderName;

/*
$json['tradeMoney'] = $Gold;
$json['selfParam'] = $selfParam;
$json['syncURL'] = $syncURL;
$json['asynURL'] = $asynURL;
$json['payType'] = $payType;
$json['appSence'] = '1001';
*/

$data = json_encode($json, JSON_UNESCAPED_UNICODE);


$r = openssl_public_encrypt($data, $encrypted, $pu_key);//公钥加密

if($r === FALSE){
echo "加密失败!";
die();
}


$encrypted = base64_encode($encrypted);
echo $encrypted,"\n";

echo "private key decrypt:\n";
openssl_private_decrypt(base64_decode($encrypted),$decrypted,$pi_key);//私钥解密
echo $decrypted,"\n";
```

把上面代码里注释的那部分数据打开, 你就会发现它会加密失败.

@zhangfanfan 好机智.
把要说的话变成图片, 当不想让其他人看到的时候, 删除这些图片, 消息也就自然而然的不见了.

@Livid @Kai @GordianZ @sparanoid 官方考虑一下这种问题怎么解决? 还是说 允许这么玩?

@sparanoid 感谢管理员, 这么快就加了一个 id 上去.

不知道可以不可以提一个小 feature.

比如 COOKIE 里有 disable_node_custom_css 且值为 1 的时候, 可否不输出这段样式?

目前用 js 移除,因为是在页面加载好之后执行的,所以会看到先是黑色的(有样式),然后变正常.

如果后端可以根据 COOKIE 决定直接不输出这个样式, 展示上会更好, 而且也不需要再用到 js 脚本了.

代码的改动上, 应该只是多一个 条件判断一下, 应该不存在安全性或者改动量比较大小的问题.



> 以上只是一个小意见, 无视也是可以的 :)

如果用的是 chrome 的话, 将下面的代码保存为 xxx.user.js, 然后做为插件(chrome://extensions/)安装一下,就可以了.

```
// ==UserScript==
// @name v2ex_style_normal
// @description v2ex_style_normal
// @include https://v2ex.com/*
// @include http://v2ex.com/*
// @include https://www.v2ex.com/*
// @include http://www.v2ex.com/*
// @version 1.0
// ==/UserScript==


Array.prototype.forEach.call(document.getElementsByTagName('style'), function (style) {
if (/#Wrapper/.test(style.innerHTML)) {
style.parentNode.removeChild(style);
}
});
```

曾经和楼主有过一样的想法(不喜欢 nodejs 节点下的全黑的背景).

楼主可尝试以下脚本, 在控制台运行之后, 页面直接恢复为默认状态.
```
Array.prototype.forEach.call(document.getElementsByTagName('style'), function (style) {
if (/#Wrapper/.test(style.innerHTML)) {
style.parentNode.removeChild(style);
}
});
```

可以用浏览器插件, 让它在 V2EX 的站点下自动运行.

除了用 浏览器, 还可以用 NodeJS, 或者 WScript 或者 CScript 来运行这段代码.

去掉代码中的 <script> 标签, 然后把 eval 去掉, 前面改成 赋值语句, 最终输出这个变量的值就可以了.

nodejs 可以用 console.log 来输出, WScript/CScript 用 WScript.Echo 来输出.
运行结果如下:

http://ww3.sinaimg.cn/large/0060lm7Tgw1f9silc1j73j30q50itds4.jpg
http://ww4.sinaimg.cn/large/0060lm7Tgw1f9simzk236j30mi0h7qcg.jpg
http://ww3.sinaimg.cn/large/0060lm7Tgw1f9sin51ag0j30ib0fadln.jpg


还原后的代码:
var player = jwplayer('videoContainer');
var playerSetup = {
base: "html\/jwplayer-7.8.0-beta.1\/",
primary: "html5",
skin: {
url: "html\/jwplayer-7.8.0-beta.1\/skins\/tube\/tube.css",
name: "tube",
active: "red",
inactive: "white"
},
width: "100%",
height: "100%",
playlist: [{
errors: [],
image: "https:\/\/lh4.googleusercontent.com\/g05HOe8CBdBal504UtHa31cCkMgEZh7Y7FEZp8ga9OQLGd5hMfzGPg=w480-h270-n",
title: "",
description: "",
sources: [{
file: "https:\/\/redirector.googlevideo.com\/videoplayback?requiressl=yes&id=0a097f01cd0af432&itag=18&source=webdrive&ttl=transient&app=explorer&ip=2a01:4f8:191:9296:e4c5:2ba3:901d:3260&ipbits=32&expire=1479146443&sparams=requiressl%2Cid%2Citag%2Csource%2Cttl%2Cip%2Cipbits%2Cexpire&signature=23246FCF7B69C19A2FC274735E6B93ECB024A4B0.37745BE9C44506855F943C636AF025BF3A79926C&key=ck2&mm=31&mn=sn-4g5edned&ms=au&mt=1479131762&mv=m&nh=IgpwcjAxLmZyYTE2KgkxMjcuMC4wLjE&pl=40",
type: "video\/mp4",
label: "360P"
}, {
file: "https:\/\/redirector.googlevideo.com\/videoplayback?requiressl=yes&id=0a097f01cd0af432&itag=59&source=webdrive&ttl=transient&app=explorer&ip=2a01:4f8:191:9296:e4c5:2ba3:901d:3260&ipbits=32&expire=1479146443&sparams=requiressl%2Cid%2Citag%2Csource%2Cttl%2Cip%2Cipbits%2Cexpire&signature=3D5191AF292C75ABD4D3E67C72DC4B618237C7B9.E1EAED74F17ED865A2153B325C71DDDA61C9806&key=ck2&mm=31&mn=sn-4g5edned&ms=au&mt=1479131762&mv=m&nh=IgpwcjAxLmZyYTE2KgkxMjcuMC4wLjE&pl=40",
type: "video\/mp4",
label: "480P"
}, {
file: "https:\/\/redirector.googlevideo.com\/videoplayback?requiressl=yes&id=0a097f01cd0af432&itag=22&source=webdrive&ttl=transient&app=explorer&ip=2a01:4f8:191:9296:e4c5:2ba3:901d:3260&ipbits=32&expire=1479146443&sparams=requiressl%2Cid%2Citag%2Csource%2Cttl%2Cip%2Cipbits%2Cexpire&signature=58B1CAE817DEB7491E9494A84D07CB294A263A91.4835BEE3B36690DF37CD67654201DC7C3E59FDE7&key=ck2&mm=31&mn=sn-4g5edned&ms=au&mt=1479131762&mv=m&nh=IgpwcjAxLmZyYTE2KgkxMjcuMC4wLjE&pl=40",
type: "video\/mp4",
label: "720P",
"default": true
}],
tracks: [],
cid: "zCM-UxJPJDwUmeq4PZBPqftGuqxWz9FS6ya3AG49IgvD186nhaSeVylzut71LncV"
}],
key: "hC2s+HuwAiea+Hzuxp4mZeVBC2rc5MFn5mZYgRltEnU=",
captions: {
backgroundOpacity: 0,
edgeStyle: "raised",
fontFamily: "SimHei, Arial, Sans-serif"
},
logo: {
hide: true,
file: "\/\/2d-gate.org\/custom\/img\/site-thumb_48.png",
position: "top-left",
link: "http:\/\/2d-gate.org"
},
plugins: {
"\/\/embed.2d-gate.org\/html\/jwplayer-7.8.0-beta.1\/plugins\/routine.js": [],
"\/\/embed.2d-gate.org\/html\/jwplayer-7.8.0-beta.1\/plugins\/new_window.js": {
url: "http:\/\/embed.2d-gate.org\/embed\/29UWuADrtnKCqsxM4FJUkbchGi5mbBzNFn2a_nmMhOk_HVALgPiUaXE7LLNSkjM1javqNOMs3owMT0EXLM4QeCCjvldokL0CngZW8tGv8AiuW8xEApaSZUu3FEAf6enxXvTmava2IB8Bp4DGbe6r7c-FKfZ-qkRPmLMugbtB2IosTbO6Pnb14f0eXKSeHTT7m3Qjr8k53FhsSWKE-NUwLcnQHR0JIDY77zQTPLlv2_NXT1l_eixDqjG55SubQCylAU5sVGXNrsIou9I3F0Lw9ZS4kLfihSw7kLOytsCubk10jejMQwbeIeQI5bnUmfXglNG1WJjs_fqBuz3niikeMfVJyCj2sV82AGjeuORZ9mUyxA9c0WZJ82QqF335kt2r\/"
},
"\/\/embed.2d-gate.org\/html\/jwplayer-7.8.0-beta.1\/plugins\/speed.js": [],
"\/\/embed.2d-gate.org\/html\/jwplayer-7.8.0-beta.1\/plugins\/danmu.js": {
defaultEnable: 1,
dataPackMethod: "Msgpack",
socketAddr: "danmu.2d-gate.org:80",
socketSsl: false,
maxLength: 50,
globalScale: 1.75,
scrollScale: 1,
minPostInterval: 5000,
maxPausePeriod: 300000,
pingInterval: 60000
}
}
};
for (var idx in playerSetup.playlist) {
var episode = playerSetup.playlist[idx];
if (episode.image === '') {
episode.image = "html/jwplayer-7.8.0-beta.1/jwplayer_poster.png"
}
}
player.setup(playerSetup);
player.on('setupError', function() {
var messages = [];
var playlist = playerSetup.playlist;
playlist.forEach(function(episode) {
if (episode.errors.length > 0) {
messages.push(episode.errors.join(' '))
}
});
messages.push(document.querySelector('.jw-title-primary').innerHTML);
document.querySelector('.jw-title-primary').innerHTML = messages.join('; ')
});

QQ 登陆的时候是解析的 sz*.tencent.com 的域名 =,=
手机 QQ 是用的特定的 IP.

https://github.com/ruanyf/es6tutorial/pulls?utf8=%E2%9C%93&q=is%3Apr%20author%3Axcatliu%20

看了楼主对 `es6tutorial` 中的贡献, 19 个 pull request, 其中 13+ 是代码风格调整(空格, 缩进, 尾部加 ; 号).
而且基本是改一个文件, 提交一个 pull reuqest, 这是在刷数量吗?

28 1024 放说 8 和某个字母好像, 然后再加在一起, 感觉这个群号,好有意义...

`man ssh_config` 即可得到如下帮助信息:

SSH_CONFIG(5) BSD File Formats Manual SSH_CONFIG(5)

NAME
ssh_config — OpenSSH SSH client configuration files

SYNOPSIS
~/.ssh/config
/etc/ssh/ssh_config

DESCRIPTION
ssh(1) obtains configuration data from the following sources in the fol ‐
lowing order:

1. command-line options
2. user's configuration file (~/.ssh/config)
3. system-wide configuration file (/etc/ssh/ssh_config)