sql注入

2025-12-11 18:32:50 +00:00 · 2020-04-13 14:51:51 +08:00 · 2020-04-13 14:51:51 +08:00 · 5ce23ffdd2
commit 5ce23ffdd2
parent ea7a7761b4
3 changed files with 32 additions and 18 deletions
--- a/crmeb/app/api/controller/store/StoreProductController.php
+++ b/crmeb/app/api/controller/store/StoreProductController.php
@ -29,15 +29,15 @@ class StoreProductController
    public function lst(Request $request)
    {
        $data = UtilService::getMore([
-            ['sid', 0],
-            ['cid', 0],
+            [['sid', 'd'], 0],
+            [['cid', 'd'], 0],
            ['keyword', ''],
            ['priceOrder', ''],
            ['salesOrder', ''],
-            ['news', 0],
-            ['page', 0],
-            ['limit', 0],
-            ['type', 0]
+            [['news', 'd'], 0],
+            [['page', 'd'], 0],
+            [['limit', 'd'], 0],
+            [['type', 'd'], 0]
        ], $request);
        return app('json')->successful(StoreProduct::getProductList($data, $request->uid()));
    }
@ -165,8 +165,8 @@ class StoreProductController
    public function product_hot(Request $request)
    {
        list($page, $limit) = UtilService::getMore([
-            ['page', 0],
-            ['limit', 0]
+            [['page', 'd'], 0],
+            [['limit', 'd'], 0]
        ], $request, true);
        if (!$limit) return app('json')->successful([]);
        $productHot = StoreProduct::getHotProductLoading('id,image,store_name,cate_id,price,unit_name,ot_price', (int)$page, (int)$limit);
@ -223,7 +223,9 @@ class StoreProductController
    public function reply_list(Request $request, $id)
    {
        list($page, $limit, $type) = UtilService::getMore([
-            ['page', 0], ['limit', 0], ['type', 0]
+            [['page', 'd'], 0],
+            [['limit', 'd'], 0],
+            [['type', 'd'], 0]
        ], $request, true);
        if (!$id || !is_numeric($id)) return app('json')->fail('参数错误!');
        $list = StoreProductReply::getProductReplyList($id, (int)$type, $page, $limit);
--- a/crmeb/app/http/middleware/AllowOriginMiddleware.php
+++ b/crmeb/app/http/middleware/AllowOriginMiddleware.php
@ -21,10 +21,10 @@ class AllowOriginMiddleware implements MiddlewareInterface
     * @var array
     */
    protected $header = [
-        'Access-Control-Allow-Origin'   => '*',
-        'Access-Control-Allow-Headers'  => 'Authori-zation,Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-Requested-With',
-        'Access-Control-Allow-Methods'  => 'GET,POST,PATCH,PUT,DELETE,OPTIONS,DELETE',
-        'Access-Control-Max-Age'        =>  '1728000'
+        'Access-Control-Allow-Origin' => '*',
+        'Access-Control-Allow-Headers' => 'Authori-zation,Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-Requested-With',
+        'Access-Control-Allow-Methods' => 'GET,POST,PATCH,PUT,DELETE,OPTIONS,DELETE',
+        'Access-Control-Max-Age' => '1728000'
    ];

    /**
@ -52,7 +52,7 @@ class AllowOriginMiddleware implements MiddlewareInterface
        } else {
            $response = $next($request)->header($header);
        }
-
+        $request->filter(['htmlspecialchars', 'strip_tags', 'addslashes', 'trim']);
        return $response;
    }
 }
--- a/crmeb/crmeb/services/UtilService.php
+++ b/crmeb/crmeb/services/UtilService.php
@ -35,8 +35,14 @@ class UtilService
            } else {
                if (!isset($param[1])) $param[1] = null;
                if (!isset($param[2])) $param[2] = '';
-                $name = is_array($param[1]) ? $param[0] . '/a' : $param[0];
-                $p[$suffix == true ? $i++ : (isset($param[3]) ? $param[3] : $param[0])] = $request->param($name, $param[1], $param[2]);
+                if (is_array($param[0])) {
+                    $name = is_array($param[1]) ? $param[0][0] . '/a' : $param[0][0] . '/' . $param[0][1];
+                    $keyName = $param[0][0];
+                } else {
+                    $name = is_array($param[1]) ? $param[0] . '/a' : $param[0];
+                    $keyName = $param[0];
+                }
+                $p[$suffix == true ? $i++ : (isset($param[3]) ? $param[3] : $keyName)] = $request->param($name, $param[1], $param[2]);
            }
        }
        return $p;
@ -60,8 +66,14 @@ class UtilService
            } else {
                if (!isset($param[1])) $param[1] = null;
                if (!isset($param[2])) $param[2] = '';
-                $name = is_array($param[1]) ? $param[0] . '/a' : $param[0];
-                $p[$suffix == true ? $i++ : (isset($param[3]) ? $param[3] : $param[0])] = $request->param($name, $param[1], $param[2]);
+                if (is_array($param[0])) {
+                    $name = is_array($param[1]) ? $param[0][0] . '/a' : $param[0][0] . '/' . $param[0][1];
+                    $keyName = $param[0][0];
+                } else {
+                    $name = is_array($param[1]) ? $param[0] . '/a' : $param[0];
+                    $keyName = $param[0];
+                }
+                $p[$suffix == true ? $i++ : (isset($param[3]) ? $param[3] : $keyName)] = $request->param($name, $param[1], $param[2]);
            }
        }
        return $p;