Table of Contents
回复讨论(解决方案)
Home Backend Development PHP Tutorial 网站出问题了,有漏洞,今天来这里请csdn的兄弟帮忙解决

网站出问题了,有漏洞,今天来这里请csdn的兄弟帮忙解决

Jun 23, 2016 pm 01:54 PM
website solve

我做了个保健品站 http://www.bjp51.net 这两天有点问题,用360一扫,高危,只有49分,报告如下:



第一个是很严重的问题,今天想把第一个问题解决了。
看下360给出的意见


我不知道怎么改,希望大家帮忙解决下。



回复讨论(解决方案)

这是contrast.php的文件源码

<body><?php$id='';if(!empty($_POST['id'])){    for($i=0; $i<count($_POST['id']);$i++){    $id=$id.($_POST['id'][$i].',');    }	$id=substr($id,0,strlen($id)-1);//去除最后面的","}if ($id==''){echo "<script lanage='javascript'>alert('操作失败!至少要选中一条信息。');window.opener=null;window.open('','_self');window.close()</script>";exit;} $tdwidth=floor(90/$i);//取整,左边占10%$sql="select * from zzcms_main where id in ($id)" ;$rs=mysql_query($sql);?><table width="100%" height="218" border="0" align="center" cellpadding="5" cellspacing="1" class="bgcolor3">  <tr>     <td width="10%" align="center" bgcolor="#FFFFFF">【产品图片】 </td>	 <?php while ($row=mysql_fetch_array($rs)){?>    <td bgcolor="#FFFFFF" style="font-weight:bold" width="<?php echo $tdwidth ?>%"><a href="<?php echo $row["img"]?>" target="_blank"><img  <?php echo getsmallimg($row["img"],"")? alt="网站出问题了,有漏洞,今天来这里请csdn的兄弟帮忙解决" > alt="<?php echo $row["proname"]?>"  border="0" ></a></td>    <?php	}	?>  </tr>  <tr class="bgcolor1">     <td width="100" align="center">【产品名称】 </td>    <?php 	 mysql_data_seek($rs,0);	while ($row=mysql_fetch_array($rs)){?>    <td   style="max-width:90%"><?php echo $row["proname"]?></td>    <?php	}	?>     </tr>  <tr>     <td width="100" align="center" bgcolor="#FFFFFF">【主要功能】</td>       <?php 	 mysql_data_seek($rs,0);	while ($row=mysql_fetch_array($rs)){?>    <td valign="top" bgcolor="#FFFFFF" ><?php echo $row["prouse"]?></td>   <?php   }   ?>  </tr>  <tr class="bgcolor1">     <td width="100" align="center">【规格包装】</td>       <?php 	 mysql_data_seek($rs,0);	while ($row=mysql_fetch_array($rs)){?>    <td><?php echo $row["gg"]?></td>   <?php   }   ?>  </tr>  <tr  class="bgcolor1">     <td width="100" align="center"><strong>招商区域</strong></td>        <?php 	 mysql_data_seek($rs,0);	while ($row=mysql_fetch_array($rs)){?>    <td><?php echo $row["city"]?></td>    <?php	}	?>  </tr>  <tr>     <td width="100" align="center" bgcolor="#FFFFFF"><strong>产品说明</strong></td>        <?php 	 mysql_data_seek($rs,0);	while ($row=mysql_fetch_array($rs)){?>    <td valign="top" bgcolor="#FFFFFF"><?php echo nl2br($row["sm"])?></td>   <?php   }   ?>  </tr>  <tr class="bgcolor1">     <td width="100" align="center"><strong>可提供的支持</strong></td>        <?php 	 mysql_data_seek($rs,0);	while ($row=mysql_fetch_array($rs)){?>    <td valign="top"><?php echo nl2br($row["zc"])?></td>    <?php	}	?>  </tr>  <tr>     <td width="100" align="center" bgcolor="#FFFFFF"><strong>对代理商的要求</strong></td>       <?php 	 mysql_data_seek($rs,0);	while ($row=mysql_fetch_array($rs)){?>    <td valign="top" bgcolor="#FFFFFF"><?php echo nl2br($row["yq"])?></td>   <?php   }   ?>  </tr>  <tr class="bgcolor1">     <td width="100" align="center"><strong>备注</strong></td>        <?php 	 mysql_data_seek($rs,0);	while ($row=mysql_fetch_array($rs)){?>    <td><?php echo nl2br($row["other"])?></td>   <?php   }   ?>  </tr></table><table width="100%"  style="max-width:90%" border="0" cellpadding="0" cellspacing="0">  <tr>    <td align="center"><input type="button" name="Submit" value="关闭本窗口" onClick="javascript:window.close()"></td>  </tr></table><?phpmysql_close($conn);?></body>
Copy after login

$id='';
if(!empty($_POST['id'])){
for($i=0; $i $id=$id.($_POST[' id'][$i].',');
}
$id=substr($id,0,strlen($id)-1);//去除最后面的","
}
$sql="select * from zzcms_main where id in ( $id)"

他认为你未经检查就在 sql 指令中使用了传入的数据

$id='';
if(!empty($_POST['id'])){
for($i=0; $i $id=$id.($_POST[' id'][$i].',');
}
$id=substr($id,0,strlen($id)-1);//去除最后面的","
}
$sql="select * from zzcms_main where id in ( $id)"

他认为你未经检查就在 sql 指令中使用了传入的数据



我是php小白,请问我应该怎么验证,怎么检查好呢?

还有我不检查,是不是很容易被注入呢?

 $id = $id . (intval($_POST['id'][$i]) . ',');
Copy after login

SQL注入的原理是,从地址栏或者表单中注入


如果你从地址栏得到一个$_GET["a"],不经过过滤就直接使用到程序中,就会造成威胁。比如:

如果$_GET["a"]=1;那么:
$sql = "SELECT * FROM AA WHERE id =$_GET["a"]";就是$sql = "SELECT * FROM AA WHERE id =1";
但如果别人通过地址栏自行修改,把$_GET["a"]的值改为1 or (and) XXX各类代码,那这个查询语句就变成

$sql = "SELECT * FROM AA WHERE id =1 or(and) xxx";


于是就中招了。

所以地址栏和表单得到的参数,一定要格式化,过滤好,指定是什么类型,多长,限制哪些字符……

$sql="select * from zzcms_main where id in ($id)" ;
$id?有?行??,用??入什?都可以,?然被注入了。

因?id只能是?字,所以可以用intval?成?字,如果非?字???0,??就注入不到了。

安全级别:高危
安全等级打败了全国46%的网站!

$id=$id.(intval($_POST['id'][$i]).',');

传入的数据把单引号替换为两个连续的单引号 , sql语句用传入的参数时加上单引号。
$id = str_replace("'","''",$_POST['id']);
$sql = " select * from tb_user wher id='$id' ";
这样就不怕注入了。



谢谢 您们的回答 我目前是把$id=$id.($_POST['id'][$i].','); 替换成 $id = $id . (intval($_POST['id'][$i]) . ','

就对了

上面的不对,我改成这样了
if(!empty($_POST['id'])){
for($i=0; $i //$id=$id.($_POST['id'][$i].',');
$id = $id.(intval($_POST['id'][$i]).',');
}
$id=substr($id,0,strlen($id)-1);//去除最后面的","
}

这样是不是对了

if(!empty($_POST['id'])) {  $id = join(',', array_map('intval', $_POST['id']));}
Copy after login
Copy after login
最好把 $id 换个名字

if(!empty($_POST['id'])) {  $id = join(',', array_map('intval', $_POST['id']));}
Copy after login
Copy after login
最好把 $id 换个名字


我对php不熟,我就用这段代码,不用找变量了
感谢版主无私的精神。
我才发现,另一个问题也是您在为我解决,再次感谢!
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

Hot AI Tools

Undresser.AI Undress

Undresser.AI Undress

AI-powered app for creating realistic nude photos

AI Clothes Remover

AI Clothes Remover

Online AI tool for removing clothes from photos.

Undress AI Tool

Undress AI Tool

Undress images for free

Clothoff.io

Clothoff.io

AI clothes remover

AI Hentai Generator

AI Hentai Generator

Generate AI Hentai for free.

Hot Article

R.E.P.O. Energy Crystals Explained and What They Do (Yellow Crystal)
2 weeks ago By 尊渡假赌尊渡假赌尊渡假赌
Repo: How To Revive Teammates
4 weeks ago By 尊渡假赌尊渡假赌尊渡假赌
Hello Kitty Island Adventure: How To Get Giant Seeds
4 weeks ago By 尊渡假赌尊渡假赌尊渡假赌

Hot Tools

Notepad++7.3.1

Notepad++7.3.1

Easy-to-use and free code editor

SublimeText3 Chinese version

SublimeText3 Chinese version

Chinese version, very easy to use

Zend Studio 13.0.1

Zend Studio 13.0.1

Powerful PHP integrated development environment

Dreamweaver CS6

Dreamweaver CS6

Visual web development tools

SublimeText3 Mac version

SublimeText3 Mac version

God-level code editing software (SublimeText3)

Solution to the problem that Win11 system cannot install Chinese language pack Solution to the problem that Win11 system cannot install Chinese language pack Mar 09, 2024 am 09:48 AM

Solution to the problem that Win11 system cannot install Chinese language pack With the launch of Windows 11 system, many users began to upgrade their operating system to experience new functions and interfaces. However, some users found that they were unable to install the Chinese language pack after upgrading, which troubled their experience. In this article, we will discuss the reasons why Win11 system cannot install the Chinese language pack and provide some solutions to help users solve this problem. Cause Analysis First, let us analyze the inability of Win11 system to

Five tips to teach you how to solve the problem of Black Shark phone not turning on! Five tips to teach you how to solve the problem of Black Shark phone not turning on! Mar 24, 2024 pm 12:27 PM

As smartphone technology continues to develop, mobile phones play an increasingly important role in our daily lives. As a flagship phone focusing on gaming performance, the Black Shark phone is highly favored by players. However, sometimes we also face the situation that the Black Shark phone cannot be turned on. At this time, we need to take some measures to solve this problem. Next, let us share five tips to teach you how to solve the problem of Black Shark phone not turning on: Step 1: Check the battery power. First, make sure your Black Shark phone has enough power. It may be because the phone battery is exhausted

How to solve the problem of automatically saving pictures when publishing on Xiaohongshu? Where is the automatically saved image when posting? How to solve the problem of automatically saving pictures when publishing on Xiaohongshu? Where is the automatically saved image when posting? Mar 22, 2024 am 08:06 AM

With the continuous development of social media, Xiaohongshu has become a platform for more and more young people to share their lives and discover beautiful things. Many users are troubled by auto-save issues when posting images. So, how to solve this problem? 1. How to solve the problem of automatically saving pictures when publishing on Xiaohongshu? 1. Clear the cache First, we can try to clear the cache data of Xiaohongshu. The steps are as follows: (1) Open Xiaohongshu and click the &quot;My&quot; button in the lower right corner; (2) On the personal center page, find &quot;Settings&quot; and click it; (3) Scroll down and find the &quot;Clear Cache&quot; option. Click OK. After clearing the cache, re-enter Xiaohongshu and try to post pictures to see if the automatic saving problem is solved. 2. Update the Xiaohongshu version to ensure that your Xiaohongshu

The driver cannot be loaded on this device. How to solve it? (Personally tested and valid) The driver cannot be loaded on this device. How to solve it? (Personally tested and valid) Mar 14, 2024 pm 09:00 PM

Everyone knows that if the computer cannot load the driver, the device may not work properly or interact with the computer correctly. So how do we solve the problem when a prompt box pops up on the computer that the driver cannot be loaded on this device? The editor below will teach you two ways to easily solve the problem. Unable to load the driver on this device Solution 1. Search for "Kernel Isolation" in the Start menu. 2. Turn off Memory Integrity, and it will prompt "Memory Integrity has been turned off. Your device may be vulnerable." Click behind to ignore it, and it will not affect the use. 3. The problem can be solved after restarting the machine.

Share the method to solve the problem that PyCharm cannot be opened Share the method to solve the problem that PyCharm cannot be opened Feb 22, 2024 am 09:03 AM

Title: How to solve the problem that PyCharm cannot be opened. PyCharm is a powerful Python integrated development environment, but sometimes we may encounter the problem that PyCharm cannot be opened. In this article, we'll share some common workarounds and provide specific code examples. Hope this helps those who encounter this problem. Method 1: Clear the cache Sometimes PyCharm’s cache files may cause the program to fail to open normally. We can try clearing the cache to solve this problem. Tool

How to solve the problem of default gateway automatically disappearing How to solve the problem of default gateway automatically disappearing Feb 24, 2024 pm 04:18 PM

How to solve the problem that the default gateway disappears automatically. In modern society, the Internet has become an indispensable part of people's lives. Whether for work or entertainment, we all need stable network connections to complete various tasks. The default gateway is one of the key elements connecting the local network to the external Internet. However, sometimes we may encounter the problem that the default gateway disappears automatically, resulting in the inability to access the Internet. So, how should we solve this problem when the default gateway disappears? First, we should clarify the concept of default gateway. The default gateway is a network route

How to solve the problem that Huawei browser has stopped accessing this webpage How to solve the problem that Huawei browser has stopped accessing this webpage Feb 26, 2024 pm 01:28 PM

How to solve the problem that Huawei browser has stopped accessing this webpage? When using Huawei mobile browser to access certain websites, a prompt indicating that access is prohibited may appear, preventing users from browsing related content normally. This is very inconvenient for users. So, what should we do when we encounter a situation where access to the Huawei mobile browser website is prohibited? The editor below will provide you with solutions to the problem of prohibiting access to Huawei browser websites. I hope it will be helpful to you. Solution to the prohibition of access to the Huawei Browser website 1. After opening the Huawei mobile browser, click the three-dot icon below, and then click Settings. 2. After entering the settings, click [Security and Privacy] 3. Turn off the switch on the right side of [Safe Browsing] to remove website access restrictions. The above is the solution to the ban on Huawei browser website access.

How to solve the problem of low sound on Apple mobile phones How to solve the problem of low sound on Apple mobile phones Mar 08, 2024 pm 01:40 PM

The problem of low sound on Apple phones may be caused by many reasons. Users can try to solve the problem by adjusting the volume settings, checking the silent mode, clearing the speakers and earpieces, restarting the phone, checking the headphone jack, etc. How to solve the problem of low sound on Apple mobile phone 1. Adjust the volume setting First, make sure the volume setting of your mobile phone is correct. You can increase the volume by pressing the volume button (usually located on the side of the phone). In addition, you can also adjust the volume in "Sounds & Haptics" or "Sounds & Haptic Feedback" in settings. 2. Check the silent mode to make sure your phone is not in silent mode. You can look for the mute switch next to the volume buttons on the side. If the mute switch is on, the sound will be turned off. 3. Clean the speakers and earpieces. Sometimes the speakers and earpieces may be covered with dust.

See all articles