©汾:

֯(DEDE)CMS V5.3
©:

֯ݹϵͳ,ǿĿԴCMSվĿ,ʹPHP+MySQLܹ

ļinclude/common.inc.phpУ
1.foreach($_REQUEST as $_k=>$_v)   //102.{3.	if( strlen($_k)>0 && eregi('^(_|cfg_|GLOBALS)',$_k) && !isset($_COOKIE[$_k]) )4.	{5.		exit('Request var not allow!');6.	}7.}8.//cfg_ͷıcookieʽύͿͨ9.if($_FILES)   //15410.{11.	require_once(DEDEINC.'/uploadsafe.inc.php');12.}

ļuploadsafe.inc.phpҪ룺
1.$keyarr = array('name','type','tmp_name','size');    //152. 3.foreach($_FILES as $_key=>$_value)4.{5.	foreach($keyarr as $k)6.	{7.		if(!isset($_FILES[$_key][$k]))8.		{9.			exit('Request Error!');10.		}11.	}12.	$$_key = $_FILES[$_key]['tmp_name'] = str_replace("\\\\","\\",$_FILES[$_key]['tmp_name']); 13.//ͨcookieύĸǱͿԸı

ļplus/ flink_add.php£
require_once(dirname(__FILE__)."/../include/common.inc.php");
//ʾģ(PHPļ)
include_once($cfg_basedir.$cfg_templets_dir."/plus/flink-add.htm");
ǵ$cfg_basedirͿԶ̰
<* ο
s1@sebug.net 

http://sebug.net/appdir/֯(DedeCms)
 *>
Է:

@Sebug.net   dis
վṩ()ܴй,ȫоѧ֮,Ը!1.CookieύʵıȻplus/flink_add.phpͿԶ̰