咨询热线:4006-75-4006
售前:9:00-23:30 备案:9:00-18:00 技术:7*24h
咨询热线:4006-75-4006
售前:9:00-23:30 备案:9:00-18:00 技术:7*24h
需要修改漏洞的三个文件路径,网站更目录下的includes/modules/payment/alipay.php,api/client/includes/lib_api.php,admin/edit_languages.php
1.includes/modules/payment/alipay.php修复方法(大概在第180行)
$order_sn = trim($order_sn);
修改为
$order_sn = trim(addslashes($order_sn));
2.api/client/includes/lib_api.php修复方法(大概在第247行)
function API_UserLogin($post)
{
修改为
function API_UserLogin($post)
{ if (get_magic_quotes_gpc()) { $post['UserId'] = $post['UserId'] } else { $post['UserId'] = addslashes($post['UserId']); }
3.admin/edit_languages.php修复方法(大概在第120行)
$dst_items[$i] = $_POST['item_id'][$i] .' = '. '"' .$_POST['item_content'][$i]. '";';
修改为
$dst_items[$i] = $_POST['item_id'][$i] .' = '. ''' .$_POST['item_content'][$i]. '';';
