From 7dc5b9cc10072c0aa82738de749ba6a998e7c832 Mon Sep 17 00:00:00 2001 From: tianya Date: Thu, 29 Jun 2023 23:31:17 +0800 Subject: [PATCH] =?UTF-8?q?=E8=B4=A6=E5=8F=B7=E8=A7=84=E5=88=99=E8=B0=83?= =?UTF-8?q?=E6=95=B4?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/admin/sys_admin_user_add.php | 2 +- src/admin/sys_admin_user_edit.php | 4 ++++ 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/src/admin/sys_admin_user_add.php b/src/admin/sys_admin_user_add.php index 15221b6f..ec94bc9e 100644 --- a/src/admin/sys_admin_user_add.php +++ b/src/admin/sys_admin_user_add.php @@ -15,7 +15,7 @@ if (empty($dopost)) $dopost = ''; if ($dopost == 'add') { CheckCSRF(); if (preg_match("#[^0-9a-zA-Z_@!\.-]#", $pwd) || preg_match("#[^0-9a-zA-Z_@!\.-]#", $userid)) { - ShowMsg('密码或或账号不合法,使用[0-9a-zA-Z_@!.-]范围以内字符', '-1', 0, 3000); + ShowMsg('密码或账号不合法,使用[0-9a-zA-Z_@!.-]范围以内字符', '-1', 0, 3000); exit(); } $safecodeok = substr(md5($cfg_cookie_encode.$randcode), 0, 24); diff --git a/src/admin/sys_admin_user_edit.php b/src/admin/sys_admin_user_edit.php index 873e7faa..5519ca29 100644 --- a/src/admin/sys_admin_user_edit.php +++ b/src/admin/sys_admin_user_edit.php @@ -20,6 +20,10 @@ if ($dopost == 'saveedit') { ShowMsg('密码不合法,使用[0-9a-zA-Z_@!.-]范围以内字符', '-1', 0, 3000); exit(); } + if (preg_match("#[^0-9a-zA-Z_@!\.-]#", $userid)) { + ShowMsg('账号不合法,使用[0-9a-zA-Z_@!.-]范围以内字符', '-1', 0, 3000); + exit(); + } $safecodeok = substr(md5($cfg_cookie_encode.$randcode), 0, 24); if ($safecodeok != $safecode) { ShowMsg("请填写正确的验证安全码", "sys_admin_user_edit.php?id={$id}&dopost=edit");