Dedecms appears safe alert: Request error Step 1! Or safe alert: Request error Step 2! Solution
This is because the SQL statement anti-injection function is used in the new version as a security warning. The following name is used in the custom model:
Union | sleep | benchmark | load_file | one of outfiles
This warning will be triggered. In addition, if the collected content has a syntax like 'Union, this warning will also appear,
At present, there are no 100% perfect solutions, which can enhance security and prevent injection.
You can modify the DB base class of dedecms to disable the security check.
Open dedesql. Class. php under include to find the constructor.
1 2 3 4 5 6 7 8 9 |
Function _ construct ($ pconnect = false, $ nconnect = true) { $ This-> isclose = false; $ This-> safecheck = true; If ($ nconnect) { $ This-> Init ($ pconnect ); } } |
Change $ this-> safecheck = true; to $ this-> safecheck = false;
However, for most websites, it is recommended that you do not modify
Errors caused by this file will generate an md5_safe.txt file in the data file for reference.