[phpBB Debug] PHP Warning: in file [ROOT]/includes/crs/crs_misc_functions.php on line 37: mime_content_type(): Empty filename or path
[phpBB Debug] PHP Warning: in file [ROOT]/includes/crs/crs_misc_functions.php on line 37: mime_content_type(): Empty filename or path
Zen Cart 源代码 security_patch_v138_20080919.php
立即注册PayPal并开始接受信用卡付款。
分享到:

Zen Cart 源代码 security_patch_v138_20080919.php




下载文件

文件名: security_patch_v138_20080919.php
文件类型: PHP文件
文件大小: 1.97 KiB
MD5: ab2f36d4c279110407afe32940a62b66

security_patch_v138_20080919.php - 关闭高亮
  1. <?php
  2. /**
  3.  * Security Patch v1.3.8 20080919
  4.  *
  5.  * @package initSystem
  6.  * @copyright Copyright 2003-2010 Zen Cart Development Team
  7.  * @license http://www.zen-cart.com/license/2_0.txt GNU Public License V2.0
  8.  * @version $Id: security_patch_v138_20080919.php 15882 2010-04-11 16:37:54Z wilt $
  9.  */
  10. /**
  11.  * Security Patch
  12.  *
  13.  * Multiple Vulnerabilities
  14.  *
  15.  * SQL Injection - $_POST['products_id']
  16.  * SQL Injection - $_POST['id']
  17.  *
  18.  * Please Note : This file should be placed in includes/extra_configures and will automatically load.
  19.  *  
  20.  */
  21. if (isset($_POST['id']) && is_array($_POST['id']) && count($_POST['id']) > 0)
  22. {
  23.   $_POST['id'] = securityPatchSanitizePostVariableId($_POST['id']);
  24. }
  25. if (isset($_POST['products_id']) && is_array($_POST['products_id']) && count($_POST['products_id']) > 0)
  26. {
  27.   $_POST['products_id'] = securityPatchSanitizePostVariableProductsId($_POST['products_id']);
  28. }
  29. if (isset($_POST['notify']) && is_array($_POST['notify']) && count($_POST['notify']) > 0)
  30. {
  31.   $_POST['notify'] = securityPatchSanitizePostVariableProductsId($_POST['notify']);
  32. }
  33. function securityPatchSanitizePostVariableId ($arrayToSanitize)
  34. {
  35.   foreach ($arrayToSanitize as $key => $variableToSanitize)
  36.   {
  37.     {
  38.       if (is_integer($key))
  39.       {
  40.         if (is_array($arrayToSanitize[$key]))
  41.         {
  42.           $arrayToSanitize[$key] = securityPatchSanitizePostVariableId($arrayToSanitize[$key]);
  43.         }
  44.         else
  45.         {
  46.           $arrayToSanitize[$key] = (int) $variableToSanitize;
  47.         }
  48.       }
  49.     }
  50.     if (preg_replace('/[0-9a-zA-z:_]/', '', $key) != '')
  51.       unset($arrayToSanitize[$key]);
  52.   }
  53.   return $arrayToSanitize;
  54. }
  55. function securityPatchSanitizePostVariableProductsId ($arrayToSanitize)
  56. {
  57.   foreach ($arrayToSanitize as $key => $variableToSanitize)
  58.   {
  59.     {
  60.       $arrayToSanitize[$key] = preg_replace('/[^0-9a-fA-F:.]/', '', $variableToSanitize);
  61.     }
  62.     if (preg_replace('/[0-9a-zA-z_:.]/', '', $key) != '')
  63.       unset($arrayToSanitize[$key]);
  64.   }
  65.   return $arrayToSanitize;
  66. }
  67.  


  • News News
  • Site map Site map
  • SitemapIndex SitemapIndex
  • RSS Feed RSS Feed
  • Channel list Channel list
版权所有 © Zen Cart 中文论坛 - 网站维护