From ecc38d65306adae6a2309a90d1a308b5a7c9df65 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E5=86=8D=E9=81=87=E9=9B=8C=E9=B9=BF?= <1937635949@qq.com>
Date: Thu, 23 Feb 2023 11:52:29 +0000
Subject: [PATCH 1/8] =?UTF-8?q?update=20includes/common.php.=20=E5=A2=9E?=
=?UTF-8?q?=E5=8A=A0=E9=98=B2=E6=8A=A4=E6=9C=BA=E5=88=B6=EF=BC=8C=E4=BF=AE?=
=?UTF-8?q?=E5=A4=8D=E4=BA=86=E5=A4=9A=E5=A4=84SQL=E6=B3=A8=E5=85=A5?=
=?UTF-8?q?=E6=BC=8F=E6=B4=9E?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
---
includes/common.php | 12 ++++++++++++
1 file changed, 12 insertions(+)
diff --git a/includes/common.php b/includes/common.php
index 5d60fad..a56e32b 100644
--- a/includes/common.php
+++ b/includes/common.php
@@ -4,6 +4,18 @@ define('SYSTEM_ROOT', dirname(__FILE__).'/');
define('ROOT', dirname(SYSTEM_ROOT).'/');
include_once(SYSTEM_ROOT."function.php");
include_once(SYSTEM_ROOT."version.php");
+function addslashes_deep($value)
+{
+ if (empty($value))
+ return $value;
+ else
+ return is_array($value) ? array_map('addslashes_deep', $value) : addslashes(trim($value));
+}
+
+$_GET = addslashes_deep($_GET);
+$_POST = addslashes_deep($_POST);
+$_COOKIE = addslashes_deep($_COOKIE);
+$_REQUEST = addslashes_deep($_REQUEST);
session_start();
$install=$_GET['install'];
if(file_exists(ROOT.'config.php')){
--
Gitee
From 271751297ef46a2083462f5c57b51d7e649da6c1 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E5=86=8D=E9=81=87=E9=9B=8C=E9=B9=BF?= <1937635949@qq.com>
Date: Thu, 23 Feb 2023 11:53:17 +0000
Subject: [PATCH 2/8] update msg.php.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Signed-off-by: 再遇雌鹿 <1937635949@qq.com>
---
msg.php | 1 +
1 file changed, 1 insertion(+)
diff --git a/msg.php b/msg.php
index f48025a..671ce5e 100644
--- a/msg.php
+++ b/msg.php
@@ -2,6 +2,7 @@
include './includes/common.php';
if($_SESSION['islogin']==1){}else exit("");
$ltsid=$_GET['ltsid'];
+$ltsid=intval($ltsid);
$pwd=$_GET['pwd'];
$sql="select * from Chat where id = ".$ltsid;
$result = mysqli_query($conn,$sql);
--
Gitee
From a297bfa167b6e57750c0f960fba81f3c0e23b210 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E5=86=8D=E9=81=87=E9=9B=8C=E9=B9=BF?= <1937635949@qq.com>
Date: Thu, 23 Feb 2023 11:53:50 +0000
Subject: [PATCH 3/8] =?UTF-8?q?update=20pwd.php.=20=E5=A2=9E=E5=8A=A0?=
=?UTF-8?q?=E9=98=B2=E6=8A=A4=E6=9C=BA=E5=88=B6=EF=BC=8C=E4=BF=AE=E5=A4=8D?=
=?UTF-8?q?=E4=BA=86SQL=E6=B3=A8=E5=85=A5=E6=BC=8F=E6=B4=9E?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
---
pwd.php | 1 +
1 file changed, 1 insertion(+)
diff --git a/pwd.php b/pwd.php
index 0ed53d8..a758a08 100644
--- a/pwd.php
+++ b/pwd.php
@@ -2,6 +2,7 @@
include './includes/common.php';
if($_SESSION['islogin']==1){}else exit("");
$ltsid=$_GET['ltsid'];
+$ltsid=intval($ltsid);
$sql="select * from Chat where id = ".$ltsid;
$result = mysqli_query($conn,$sql);
$row = mysqli_fetch_assoc($result);
--
Gitee
From 87afd583e8010bdfc8d44169e08ec43b04bad4ff Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E5=86=8D=E9=81=87=E9=9B=8C=E9=B9=BF?= <1937635949@qq.com>
Date: Thu, 23 Feb 2023 11:54:14 +0000
Subject: [PATCH 4/8] =?UTF-8?q?update=20chat.php.=20=E5=A2=9E=E5=8A=A0?=
=?UTF-8?q?=E9=98=B2=E6=8A=A4=E6=9C=BA=E5=88=B6=EF=BC=8C=E4=BF=AE=E5=A4=8D?=
=?UTF-8?q?=E4=BA=86SQL=E6=B3=A8=E5=85=A5=E6=BC=8F=E6=B4=9E?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Signed-off-by: 再遇雌鹿 <1937635949@qq.com>
---
chat.php | 1 +
1 file changed, 1 insertion(+)
diff --git a/chat.php b/chat.php
index 796adce..02d47cd 100644
--- a/chat.php
+++ b/chat.php
@@ -2,6 +2,7 @@
include './includes/common.php';
if($_SESSION['islogin']==1){}else exit("");
$ltsid=$_GET['ltsid'];
+$ltsid=intval($ltsid);
$sql="select * from Chat where id = ".$ltsid;
$result = mysqli_query($conn,$sql);
$row = mysqli_fetch_assoc($result);
--
Gitee
From 80c2e79b7274b9fea254466ec2dad65e192512cb Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E5=86=8D=E9=81=87=E9=9B=8C=E9=B9=BF?= <1937635949@qq.com>
Date: Thu, 23 Feb 2023 11:54:43 +0000
Subject: [PATCH 5/8] =?UTF-8?q?update=20chatadmin.php.=20=E5=A2=9E?=
=?UTF-8?q?=E5=8A=A0=E9=98=B2=E6=8A=A4=E6=9C=BA=E5=88=B6=EF=BC=8C=E4=BF=AE?=
=?UTF-8?q?=E5=A4=8D=E4=BA=86SQL=E6=B3=A8=E5=85=A5=E6=BC=8F=E6=B4=9E?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Signed-off-by: 再遇雌鹿 <1937635949@qq.com>
---
chatadmin.php | 1 +
1 file changed, 1 insertion(+)
diff --git a/chatadmin.php b/chatadmin.php
index ca2cf8f..ff43e4a 100644
--- a/chatadmin.php
+++ b/chatadmin.php
@@ -2,6 +2,7 @@
include './includes/common.php';
if($_SESSION['islogin']==1){}else exit("");
$ltsid=$_GET['ltsid'];
+$ltsid=intval($ltsid);
$sql="select * from Chat where id = ".$ltsid;
$result = mysqli_query($conn,$sql);
$row = mysqli_fetch_assoc($result);
--
Gitee
From 696efa1577c7366f6b223666d0a8574013575dbd Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E5=86=8D=E9=81=87=E9=9B=8C=E9=B9=BF?= <1937635949@qq.com>
Date: Thu, 23 Feb 2023 11:55:30 +0000
Subject: [PATCH 6/8] =?UTF-8?q?update=20api/chat.php.=20=E5=A2=9E=E5=8A=A0?=
=?UTF-8?q?=E9=98=B2=E6=8A=A4=E6=9C=BA=E5=88=B6=EF=BC=8C=E4=BF=AE=E5=A4=8D?=
=?UTF-8?q?=E4=BA=86SQL=E6=B3=A8=E5=85=A5=E6=BC=8F=E6=B4=9E?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Signed-off-by: 再遇雌鹿 <1937635949@qq.com>
---
api/chat.php | 1 +
1 file changed, 1 insertion(+)
diff --git a/api/chat.php b/api/chat.php
index cbdb4dc..6178bcd 100644
--- a/api/chat.php
+++ b/api/chat.php
@@ -3,6 +3,7 @@ include '../includes/common.php';
$mod=$_GET['mod'];
if($_SESSION['islogin']==1){}else exit("");
$ltsid=$_GET['ltsid'];
+$ltsid=intval($ltsid);
$sql="select * from Chat where id = ".$ltsid;
$result = mysqli_query($conn,$sql);
$row = mysqli_fetch_assoc($result);
--
Gitee
From 0486cc67f8139e7da0af8334f7c98d0177ec9ea4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E5=86=8D=E9=81=87=E9=9B=8C=E9=B9=BF?= <1937635949@qq.com>
Date: Thu, 23 Feb 2023 11:56:01 +0000
Subject: [PATCH 7/8] =?UTF-8?q?update=20api/pwd.php.=20=E5=A2=9E=E5=8A=A0?=
=?UTF-8?q?=E4=BA=86=E9=98=B2=E5=BE=A1=E6=9C=BA=E5=88=B6=EF=BC=8C=E4=BF=AE?=
=?UTF-8?q?=E5=A4=8D=E4=BA=86SQL=E6=B3=A8=E5=85=A5=E6=BC=8F=E6=B4=9E?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Signed-off-by: 再遇雌鹿 <1937635949@qq.com>
---
api/pwd.php | 1 +
1 file changed, 1 insertion(+)
diff --git a/api/pwd.php b/api/pwd.php
index f54e1cf..394e35a 100644
--- a/api/pwd.php
+++ b/api/pwd.php
@@ -2,6 +2,7 @@
include '../includes/common.php';
if($_SESSION['islogin']==1){}else exit("");
$ltsid=$_GET['ltsid'];
+$ltsid=intval($ltsid);
$pwd=$_POST['pwd'];
$sql="select * from Chat where id = ".$ltsid;
$result = mysqli_query($conn,$sql);
--
Gitee
From 38a1b7f95b6ac2e635e6fc1432796a8f60233127 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E5=86=8D=E9=81=87=E9=9B=8C=E9=B9=BF?= <1937635949@qq.com>
Date: Thu, 23 Feb 2023 11:57:00 +0000
Subject: [PATCH 8/8] =?UTF-8?q?update=20api/chatadmin.php.=20=E5=A2=9E?=
=?UTF-8?q?=E5=8A=A0=E4=BA=86=E9=98=B2=E6=8A=A4=E6=9C=BA=E5=88=B6=EF=BC=8C?=
=?UTF-8?q?=E4=BF=AE=E5=A4=8D=E4=BA=86SQL=E6=B3=A8=E5=85=A5=E6=BC=8F?=
=?UTF-8?q?=E6=B4=9E?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
---
api/chatadmin.php | 1 +
1 file changed, 1 insertion(+)
diff --git a/api/chatadmin.php b/api/chatadmin.php
index 5c33b14..0284747 100644
--- a/api/chatadmin.php
+++ b/api/chatadmin.php
@@ -3,6 +3,7 @@ include '../includes/common.php';
$mod=$_GET['mod'];
if($_SESSION['islogin']==1){}else exit("");
$ltsid=$_GET['ltsid'];
+$ltsid=intval($ltsid);
$id=$_GET['id'];
$id1=$_GET['id1'];
$id2=$_GET['id2'];
--
Gitee