Dream Weaving dedecms Bug repair Encyclopedia Injection vulnerability

Dream Dedecms Bug Repair Encyclopedia contains any file upload vulnerabilities and injection vulnerabilities (5.7)

Many people say dedecms bad, because the use of many people, to find loopholes, so if we can repair, these are not the problem, today Leqing website Construction Zhao Teacher for you to explain how to fix any file upload vulnerabilities and injection vulnerabilities. Any file Upload vulnerability fix contains a file/include/dialog/select_soft_post.php;sql injection vulnerability contains 5 files/include/filter.inc.php/member/mtypes.php/ member/pm.php/plus/guestbook/edit.inc.php/plus/search.php.

OK, let's fix it one at a. The Fix method is to download the file in the directory, then replace or add part of the code, save upload after the cover (remember to backup), the advantage is to prevent the use of lazy people after the package upload because UTF8 and GBK different generated garbled, or modify these several files, and then directly modify the part was replaced, then the white changed, It's also very troublesome to find. If you can't search, look at the number of rows, look for a similar one, and then copy the red part of my tag to the corresponding position.

Any File Upload vulnerability repair

First,/include/dialog/select_soft_post.php file, search (about 72 lines)
$fullfilename = $cfg _basedir. $activepath. ' /'. $filename;
Amended to
if (Preg_match (' #\. php|pl|cgi|asp|aspx|jsp|php5|php4|php3|shtm|shtml) [^a-za-z0-9]+$ #i ', Trim ($filename))) {showmsg ("The filename you specified is prohibited by the system.) ", ' javascript:; '); Exit (); $fullfilename = $cfg _basedir. $activepath. ' /'. $filename;;

(SQL) Injection Vulnerability Repair

First,/include/filter.inc.php file, search (about 46 lines)
return $svar;
Amended to
Return addslashes ($svar);

Second,/member/mtypes.php file, search (about 71 lines)
$query = "UPDATE ' dede_mtypes ' SET mtypename= ' $name ' WHERE mtypeid= ' $id ' and mid= ' $cfg _ml->m_id '";
Amended to
$id = Intval ($id); $query = "UPDATE ' dede_mtypes ' SET mtypename= ' $name ' WHERE mtypeid= ' $id ' and mid= ' $cfg _ml->m_id '";

Third,/member/pm.php file, search (about 65 lines)
$row = $dsql->getone ("select * from ' Dede_member_pms ' WHERE id= ' $id ' and (fromid= ' {$cfg _ml->m_id} ' OR toid= ' {$cfg _m L->M_ID} '));
Amended to
$id = Intval ($id); $row = $dsql->getone ("select * from ' Dede_member_pms ' WHERE id= ' $id ' and (fromid= ' {$cfg _ml->m_id} ' OR toid= ' {$cfg _m L->M_ID} '));

Iv./plus/guestbook/edit.inc.php file, search (approximately 55 lines)
$dsql->executenonequery ("UPDATE ' Dede_guestbook ' SET ' msg ' = ' $msg '), ' posttime ' = '". Time (). "' WHERE id= ' $id ');
Amended to
$msg = Addslashes ($msg); $dsql->executenonequery ("UPDATE ' Dede_guestbook ' SET ' msg ' = ' $msg '), ' posttime ' = '". Time (). "' WHERE id= ' $id ');;

V./plus/search.php files, search (about 109 lines)
$keyword = Addslashes (Cn_substr ($keyword, 30));
Amended to
$typeid = Intval ($typeid); $keyword = Addslashes (Cn_substr ($keyword, 30));

So far, Dedecms bug Repair encyclopedia contains any file upload vulnerabilities and injection vulnerabilities (5.7) on the modified, if there are any loopholes, please leave a message to the teacher, the teacher to repair.

2016.7.21 Update DEDECMS Session variable overlay causes SQL injection Vulnerability Repair include/common.inc.php repair
2016.7.27 Update dedecms background file arbitrary upload vulnerability dede/media_add.php repair
2016.8.1 update dedecms Template SQL injection Vulnerability member/soft_add.php fix
2016.8.9 update dedecms Upload Vulnerability include/uploadsafe.inc.php Repair
2016.8.30 Update cookies leak causes SQL Vulnerability member/article_add.php fix
2016.9.4 Update cookies leak causes SQL Vulnerability member/inc/inc_archives_functions.php fix
2016.11.7 Update Payment Module Injection Vulnerability include/payment/alipay.php Repair
2016.11.7 update variable for initialization causes local variable injection include/dedesql.class.php repair