由于教务系统的沙雕设计,评教十分费劲,每两个按钮点击间隔需要大于1.5s,于是突发奇想搞了这个js脚本一键评教。

由于该脚本是运行在你自己浏览器里的,而且代码完全公开,所以不会对你的账号造成任何风险

简要使用说明

打开某一科老师的评教页面,按F12打开控制台,然后切换到Console标签,把以下代码复制进去按下回车,再把最下面的同学姓名填上就完事了。

代码如下

var t=["11","12","14","15","21","22","23","31","32","33","41","42","43","51","52"];var o=["prob13","sat6","mulsel71","prob73","prob41"];var e=["N","A","K","Y","B"];function n(t){console.log(t);$("input[name='prob"+t+"'][value='A']").click()}function a(){var t=c+Math.floor((Math.random()*1.5+1.5)*1e3);c=t;return t}function r(){for(var t=0;t<o.length;t++){$("input[name='"+o[t]+"'][value='"+e[t]+"']").click();l[o[t]]=a()}}ntms.widget._AutoLabel.prototype._static.setInterval(0);var c=(new Date).getTime()-6e4;var l={_boot_:c};t.forEach(function(t){n(t);l["prob"+t]=a()});r();ntms.widget._AutoLabel.prototype._static.clicks=l;function s(t,o){dojo.xhrPost({url:"/ntms/service/res.do",handleAs:"json-comment-optional",headers:[],contentType:"application/json",load:function(t){o(t)},sync:true,postData:dojo.toJson(t)})}function u(t){v=t.userId;var o={tag:"student@stu_infor_table",params:{studId:v}};s(o,d)}function d(t){var o={tag:"student_sch_dept",branch:"default",params:{schId:t.value.school.schId,deptId:t.value.department.deptId,egrade:t.value.egrade,adcId:t.value.adminClass.adcId}};s(o,i)}function i(t){t.value.forEach(function(t){p.push(t.name)});console.log(p);var o=$("#puzzle_1").innerHTML;var e=$("#puzzle_2").innerHTML;var n="^"+o+"(.)"+e+"$";var a=new RegExp(n);p.forEach(function(t){var o=a.exec(t);if(o!=null){console.log(o);document.getElementById("dijit_form_TextBox_0").value=o[1]}})}var p=[];var v;dojo.xhrPost({url:"/ntms/action/getCurrentUserInfo.do",handleAs:"json-comment-optional",load:function(t){u(t)},sync:true});

技术说明

该代码主要patch了ntms.widget._AutoLabel模块。先使用setInterval函数将允许的点击间隔设为0,然后用jquery的选择器选好答案。但是后面发现提交的数据里还记录了点击间隔等数据,直接提交比较危险,于是我们编造了每个按钮的点击数据,然后写入 _AutoLabel模块里,覆盖掉原本的click结果,构造出完美的请求包。

自动填写同学姓名方面,先请求 /ntms/action/getCurrentUserInfo.do 获取自己的UID,然后请求res.do,获取自己所在学院班级信息,然后通过 student_sch_dept 查询所有同班同学的名字,正则匹配 puzzle_1 和 puzzle_2 给的两半姓名,填写进去就完成了。

未压缩的源码如下:

var list = ["11","12","14","15","21","22","23","31","32","33","41","42","43","51","52"];
var extraList = ["prob13", "sat6", "mulsel71", "prob73", "prob41"];
var extraAnswer = ["N", "A", "K", "Y", "B"];
function tick(i){
	console.log(i);
	$("input[name='prob" + i + "'][value='A']").click();
}
function genNewTime(){
	var newTime = lastTime + Math.floor((Math.random() * 1.5 + 1.5) * 1000);
	lastTime = newTime;
	return newTime;
}
function tickRest(){
	for(var i=0; i < extraList.length; i++){
		$("input[name='" + extraList[i] + "'][value='" + extraAnswer[i] + "']").click();
		clicks[extraList[i]] = genNewTime();
	}
}

ntms.widget._AutoLabel.prototype._static.setInterval(0);
var lastTime = new Date().getTime() - 60000;
var clicks = {"_boot_": lastTime};
list.forEach(function (i){
	tick(i);
	clicks["prob" + i] = genNewTime();
})
tickRest();

ntms.widget._AutoLabel.prototype._static.clicks = clicks;

//找同学
function xhrWrapper(payload, cb){
	dojo.xhrPost({
		url: "/ntms/service/res.do",
		handleAs: "json-comment-optional",
		headers: [],
		contentType: "application/json",
		load: function(data){cb(data)},
		sync: true,
		postData: dojo.toJson(payload),
	});
}
function setUID(result){
	uid = result.userId
	var payload = {
		tag: "student@stu_infor_table",
		params: {
			studId: uid
		}
	};
	xhrWrapper(payload, getClassmates);
}
function getClassmates(result){
	var payload = {
		"tag":"student_sch_dept",
		"branch":"default",
		"params":{
			"schId": result.value.school.schId,
			"deptId": result.value.department.deptId,
			"egrade": result.value.egrade,
			"adcId": result.value.adminClass.adcId
		}
	};
	xhrWrapper(payload, searchName);
}
function searchName(result){
	result.value.forEach(function (i){
		nameList.push(i.name)
	})
	console.log(nameList);
	var pattern1 = $("#puzzle_1").innerHTML;
	var pattern2 = $("#puzzle_2").innerHTML;
	var pattern = "^" + pattern1 + "(.)" + pattern2 + "$";
	var regex = new RegExp(pattern);
	nameList.forEach(function (i){
		var res = regex.exec(i)
		if(res != null){
			console.log(res);
			document.getElementById("dijit_form_TextBox_0").value = res[1];
		}
	})
}
var nameList = [];
var uid;
dojo.xhrPost({
	url: "/ntms/action/getCurrentUserInfo.do",
	handleAs: "json-comment-optional",
	load: function(data){setUID(data)},
	sync: true
});

分类: 未分类

4 条评论

西木野羰姬 · 2019年6月10日 下午11:29

tql, wsl

fkstein · 2019年6月10日 下午11:47

tql,wsl

star · 2019年6月11日 下午2:22

现在提示错误,非人工输入
object Error]: {description: “非人工输入”, errno: -3, message: “非人工输入”, stack: “Error: 非人工输入 at _exceptionFilter (eval code:1:963) at _a6 (https://uims.jlu.edu.cn/ntms/js/dojo/dojo.js:14:21056) at _exceptionFilter (eval code:1:2043) at Anonymous function (https://uims.jlu.edu.cn/ntms/js/dojo/dojo.js:14:15222) at Anonymous function (https://uims.jlu.edu.cn/ntms/js/dojo/dojo.js:14:80905) at _102 (https://uims.jlu.edu.cn/ntms/js/dojo/dojo.js:14:27153) at _100 (https://uims.jlu.edu.cn/ntms/js/dojo/dojo.js:14:26979) at callback (https://uims.jlu.edu.cn/ntms/js/dojo/dojo.js:14:27631) at _102 (https://uims.jlu.edu.cn/ntms/js/dojo/dojo.js:14:27379) at _100 (https://uims.jlu.edu.cn/ntms/js/dojo/dojo.js:14:26979)”, status: -3}

    双草酸酯 · 2019年6月11日 下午6:41

    建议使用非EDGE浏览器(

发表评论

电子邮件地址不会被公开。 必填项已用*标注