DedeBIZ
/
DedeV6
Watch 2
Star 0
Fork 0
Code Pull Requests 0 Releases 26 Activity
Browse Source

修复bug 

修复bug
tags/6.0.0
qfdong-github GitHub 4 years ago
parent
0cfdafce6a
commit
24b4c9468e
No known key found for this signature in database GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 5 additions and 1 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +5
    -1
      src/plus/guestbook/edit.inc.php

+ 5
- 1
src/plus/guestbook/edit.inc.php View File

@@ -2,7 +2,7 @@
/**
* @version $Id: edit.inc.php 1 10:06 2010-11-10 tianya $
* @package DedeCMS.Site
* @copyright Copyright (c) 2007 - 2020, DesDev, Inc.
* @copyright Copyright (c) 2007 - 2010, DesDev, Inc.
* @license http://help.dedecms.com/usersguide/license.html
* @link http://www.dedecms.com
*/
@@ -52,6 +52,10 @@ else if($job=='editok')
}
}
$msg = HtmlReplace($msg, -1);
/*
漏洞描述:dedecms留言板注入漏洞。
*/
$msg = addslashes($msg);
$dsql->ExecuteNoneQuery("UPDATE `#@__guestbook` SET `msg`='$msg', `posttime`='".time()."' WHERE id='$id' ");
ShowMsg("成功更改或回复一条留言!", $GUEST_BOOK_POS);
exit();


Write Preview
Loading…
Cancel
Save