From f2025bb4595f05b6c3022c7f5b493dd4aff43264 Mon Sep 17 00:00:00 2001 From: qfdong-github Date: Thu, 20 Aug 2020 08:25:56 +0800 Subject: [PATCH] =?UTF-8?q?member=E6=96=87=E4=BB=B6=E5=A4=B9bug=E4=BF=AE?= =?UTF-8?q?=E5=A4=8D?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit member文件夹bug修复 --- src/member/album_add.php | 5 +++-- src/member/article_add.php | 4 ++-- src/member/soft_add.php | 6 ++---- 3 files changed, 7 insertions(+), 8 deletions(-) diff --git a/src/member/album_add.php b/src/member/album_add.php index 34526460..5ca3e71e 100755 --- a/src/member/album_add.php +++ b/src/member/album_add.php @@ -4,7 +4,7 @@ * * @version $Id: album_add.php 1 13:52 2010年7月9日Z tianya $ * @package DedeCMS.Member - * @copyright Copyright (c) 2007 - 2020, DesDev, Inc. + * @copyright Copyright (c) 2007 - 2010, DesDev, Inc. * @license http://help.dedecms.com/usersguide/license.html * @link http://www.dedecms.com */ @@ -217,7 +217,8 @@ else if($dopost=='save') ShowMsg("无法获得主键,因此无法进行后续操作!","-1"); exit(); } - $description = HtmlReplace($description, -1); + $description = HtmlReplace($description, -1);//2011.06.30 增加html过滤 (by:织梦的鱼) + $mtypesid = intval($mtypesid); //对输入参数mtypesid未进行int整型转义,导致SQL注入的发生。 //保存到主表 $inQuery = "INSERT INTO `#@__archives`(id,typeid,sortrank,flag,ismake,channel,arcrank,click,money,title,shorttitle, color,writer,source,litpic,pubdate,senddate,mid,description,keywords,mtype) diff --git a/src/member/article_add.php b/src/member/article_add.php index 72f23362..5229a6fe 100755 --- a/src/member/article_add.php +++ b/src/member/article_add.php @@ -4,7 +4,7 @@ * * @version $Id: article_add.php 1 8:38 2010年7月9日Z tianya $ * @package DedeCMS.Member - * @copyright Copyright (c) 2007 - 2020, DesDev, Inc. + * @copyright Copyright (c) 2007 - 2010, DesDev, Inc. * @license http://help.dedecms.com/usersguide/license.html * @link http://www.dedecms.com */ @@ -80,7 +80,7 @@ else if($dopost=='save') } } - if (empty($dede_fieldshash) || $dede_fieldshash != md5($dede_addonfields.$cfg_cookie_encode)) + if (empty($dede_fieldshash) || ( $dede_fieldshash != md5($dede_addonfields . $cfg_cookie_encode) && $dede_fieldshash != md5($dede_addonfields . 'anythingelse' . $cfg_cookie_encode)) ) { showMsg('数据校验不对,程序返回', '-1'); exit(); diff --git a/src/member/soft_add.php b/src/member/soft_add.php index 8926aa8d..924974ce 100755 --- a/src/member/soft_add.php +++ b/src/member/soft_add.php @@ -148,11 +148,10 @@ VALUES ('$arcID','$typeid','$sortrank','$flag','$ismake','$channelid','$arcrank' //软件链接列表 $softurl1 = stripslashes($softurl1); $softurl1 = str_replace(array("{dede:","{/dede:","}"), "#", $softurl1); - $servermsg1 = str_replace(array("{dede:","{/dede:","}"), "#", $servermsg1); $urls = ''; if($softurl1!='') { - $urls .= "{dede:link islocal='1' text='{$servermsg1}'} $softurl1 {/dede:link}\r\n"; + if (preg_match("#}(.*?){/dede:link}{dede:#sim", $servermsg1) != 1) { $urls .= "{dede:link islocal='1' text='{$servermsg1}'} $softurl1 {/dede:link}\r\n"; } } for($i=2; $i<=12; $i++) { @@ -161,7 +160,6 @@ VALUES ('$arcID','$typeid','$sortrank','$flag','$ismake','$channelid','$arcrank' $servermsg = str_replace("'","",stripslashes(${'servermsg'.$i})); $softurl = stripslashes(${'softurl'.$i}); $softurl = str_replace(array("{dede:","{/dede:","}"), "#", $softurl); - $servermsg = str_replace(array("{dede:","{/dede:","}"), "#", $servermsg); if($servermsg=='') { $servermsg = '下载地址'.$i; @@ -198,7 +196,7 @@ VALUES ('$arcID','$typeid','$sortrank','$flag','$ismake','$channelid','$arcrank' $dsql->ExecuteNoneQuery("DELETE FROM `#@__arctiny` WHERE id='$arcID'"); echo $inQuery; exit(); - ShowMsg("把数据保存到数据库附加表 `{$addtable}` 时出错,请把相关信息提交给DedeCMS官方。".str_replace('"','',$gerr),"javascript:;"); + ShowMsg("把数据保存到数据库附加表 `{$addtable}` 时出错,请把相关信息提交给DedeCms官方。".str_replace('"','',$gerr),"javascript:;"); exit(); }