{"id":31949,"date":"2024-11-25T09:11:58","date_gmt":"2024-11-25T01:11:58","guid":{"rendered":"https:\/\/fwq.ai\/blog\/31949\/"},"modified":"2024-11-25T09:11:58","modified_gmt":"2024-11-25T01:11:58","slug":"%e4%bf%ae%e5%a4%8d%e6%95%b4%e7%90%86ecshop%e6%bc%8f%e6%b4%9e","status":"publish","type":"post","link":"https:\/\/fwq.ai\/blog\/31949\/","title":{"rendered":"\u4fee\u590d\u6574\u7406ecshop\u6f0f\u6d1e"},"content":{"rendered":"

\"\u4fee\u590d\u6574\u7406ecshop\u6f0f\u6d1e\u63d2\u56fe\"<\/p>\n

1\u3001<\/strong>ECShop\u5b58\u5728\u4e00\u4e2a\u76f2\u6ce8\u6f0f\u6d1e\uff0c\u95ee\u9898\u5b58\u5728\u4e8e\/api\/client\/api.php\u6587\u4ef6\u4e2d\uff0c\u63d0\u4ea4\u7279\u5236\u7684\u6076\u610fPOST\u8bf7\u6c42\u53ef\u8fdb\u884cSQL\u6ce8\u5165\u653b\u51fb\uff0c\u53ef\u83b7\u5f97\u654f\u611f\u4fe1\u606f\u6216\u64cd\u4f5c\u6570\u636e\u5e93\u3002
\u8def\u5f84\uff1a\/api\/client\/includes\/lib_api.php
\u53c2\u7167\u4ee5\u4e0b\u4fee\u6539\uff1a<\/p>\n

\u63a8\u8350\uff08\u514d\u8d39\uff09\uff1a<\/strong><\/p>\n

function API_UserLogin($post)\n{\n    \/* SQL\u6ce8\u5165\u8fc7\u6ee4 *\/\n    if (get_magic_quotes_gpc()) \n    {     \n        $post['UserId'] = $post['UserId'];\n    } \n    else \n    {     \n        $post['UserId'] = addslashes($post['UserId']);     \n    }\n    \/* end *\/\n    $post['username'] = isset($post['UserId']) ? trim($post['UserId']) : '';<\/pre>\n
 \u767b\u5f55\u540e\u590d\u5236 <\/p>\n
2\u3001<\/strong>ecshop\u7684\u540e\u53f0\u7f16\u8f91\u6587\u4ef6\/admin\/shopinfo.php\u4e2d\uff0c\u5bf9\u8f93\u5165\u53c2\u6570id\u672a\u8fdb\u884c\u6b63\u786e\u7c7b\u578b\u8f6c\u4e49\uff0c\u5bfc\u81f4\u6574\u578b\u6ce8\u5165\u7684\u53d1\u751f\u3002
 \u8def\u5f84\uff1a \/admin\/shopinfo.php
 \u53c2\u7167\u4ee5\u4e0b\u4fee\u6539\uff0853-71-105-123\u884c\uff09\uff1a<\/p>\n
\u6e90\u4ee3\u7801\uff1a\nadmin_priv('shopinfo_manage');\n\u6539\u4e3a\uff1a\nadmin_priv('shopinfo_manage');\n$_REQUEST['id'] = intval($_REQUEST['id']);<\/pre>\n
 \u767b\u5f55\u540e\u590d\u5236 <\/p>\n
3\u3001<\/strong>\u6587\u4ef6\/admin\/affiliate_ck.php\u4e2d\uff0c\u5bf9\u8f93\u5165\u53c2\u6570auid\u672a\u8fdb\u884c\u6b63\u786e\u7c7b\u578b\u8f6c\u4e49\uff0c\u5bfc\u81f4\u6574\u578b\u6ce8\u5165\u7684\u53d1\u751f\u3002
 \u53c2\u7167\u4ee5\u4e0b\u4fee\u6539\uff0831\u884c\u548c51\u884c\uff09\uff1a<\/p>\n
\u6e90\u4ee3\u7801\uff1a\n$logdb = get_affiliate_ck();\n\u6539\u6210\uff1a\n$_GET['auid'] = intval($_GET['auid']);\n$logdb = get_affiliate_ck();<\/pre>\n
 \u767b\u5f55\u540e\u590d\u5236 <\/p>\n
\u6ce8\uff1a\u597d\u50cf\u6309\u4e0a\u9762\u6539\u4e86\u963f\u91cc\u4e91\u8fd8\u662f\u4f1a\u63d0\u793a\u8fd9\u4e2a\u6f0f\u6d1e\uff0c\u7136\u540e\u6211\u5728\u6587\u4ef6\u9876\u90e8\u5904\u6dfb\u52a0\u4ee5\u4e0b\u4ee3\u7801\u5c31\u53ef\u4ee5\u4e86\uff1a<\/p>\n
$_GET['auid'] = intval($_GET['auid']);<\/pre>\n
 \u767b\u5f55\u540e\u590d\u5236 <\/p>\n
4\u3001<\/strong>ecshop\u7684\/admin\/comment_manage.php\u4e2d\uff0c\u5bf9\u8f93\u5165\u53c2\u6570sort_by\u3001sort_order\u672a\u8fdb\u884c\u4e25\u683c\u8fc7\u6ee4\uff0c\u5bfc\u81f4SQL\u6ce8\u5165\u3002
 \u53c2\u7167\u4ee5\u4e0b\u4fee\u6539\uff1a<\/p>\n
$filter['sort_by']      = empty($_REQUEST['sort_by']) ? 'add_time' : trim(htmlspecialchars($_REQUEST['sort_by']));  \n$filter['sort_order']   = empty($_REQUEST['sort_order']) ? 'DESC' : trim(htmlspecialchars($_REQUEST['sort_order']));<\/pre>\n
 \u767b\u5f55\u540e\u590d\u5236 <\/p>\n
5\u3001<\/strong>ecshop\u6ca1\u6709\u5bf9\u4f1a\u5458\u6ce8\u518c\u5904\u7684username\u8fc7\u6ee4,\u4fdd\u5b58\u91cd\u7684\u7528\u6237\u4fe1\u606f\u65f6,\u53ef\u4ee5\u76f4\u63a5\u5199\u5165shell\u3002
 \u8def\u5f84\uff1a\/admin\/integrate.php
 \u5927\u6982109\u884c\uff0c\u53c2\u7167\u4ee5\u4e0b\u4fee\u6539\uff1a<\/p>\n
$code = empty($_GET['code']) ? '' : trim(addslashes($_GET['code']));<\/pre>\n
 \u767b\u5f55\u540e\u590d\u5236 <\/p>\n
\u5927\u6982601\u884c\uff0c\u53c2\u7167\u4ee5\u4e0b\u4fee\u6539\uff1a<\/p>\n
\u6e90\u4ee3\u7801\uff1a\n@file_put_contents(ROOT_PATH . 'data\/repeat_user.php', $json->encode($repeat_user));\n\u4fee\u6539\u6210\uff1a\n@file_put_contents(ROOT_PATH.'data\/repeat_user.php','<?php die();?>'.$json->encode($repeat_user));<\/pre>\n
 \u767b\u5f55\u540e\u590d\u5236 <\/p>\n
\u6ce8\uff1a\u597d\u50cf\u6309\u4e0a\u9762\u6539\u4e86\u963f\u91cc\u4e91\u8fd8\u662f\u4f1a\u63d0\u793a\u8fd9\u4e2a\u6f0f\u6d1e\uff0c\u7136\u540e\u6211\u5728\u6587\u4ef6\u9876\u90e8\u5904\u6dfb\u52a0\u4ee5\u4e0b\u4ee3\u7801\u5c31\u53ef\u4ee5\u4e86\uff1a<\/p>\n
$_GET['code'] = empty($_GET['code']) ? '' : trim(addslashes($_GET['code']));<\/pre>\n
 \u767b\u5f55\u540e\u590d\u5236 <\/p>\n
6\u3001<\/strong>ecshop\u540e\u53f0\u6a21\u7248\u7f16\u8bd1\u5bfc\u81f4\u9ed1\u5ba2\u53ef\u63d2\u5165\u4efb\u610f\u6076\u610f\u4ee3\u7801\u3002
 \u8def\u5f84\uff1a\/admin\/edit_languages.php
 \u5927\u6982\u5728\u7b2c120\u884c<\/p>\n
$dst_items[$i] = $_POST['item_id'][$i] .' = '. '\"' .$_POST['item_content'][$i]. '\";';<\/pre>\n
 \u767b\u5f55\u540e\u590d\u5236 <\/p>\n
\u4fee\u6539\u4e3a<\/p>\n
$dst_items[$i] = $_POST['item_id'][$i] .' = '. ''' .$_POST['item_content'][$i]. '';';<\/pre>\n
 \u767b\u5f55\u540e\u590d\u5236 <\/p>\n
7\u3001<\/strong>ecshop\u8fc7\u6ee4\u4e0d\u4e25\u5bfc\u81f4SQL\u6ce8\u5165\u6f0f\u6d1e\u3002
 \u8def\u5f84\uff1a\/category.php \u3001 \/ecsapi\/category.php
 \u4fee\u6539\u65b9\u6cd5\uff1ahttps:\/\/www.cnblogs.com\/LittleHann\/p\/4524161.html<\/p>\n
8\u3001<\/strong>ecshop\u7684\/includes\/lib_insert.php\u6587\u4ef6\u4e2d\uff0c\u5bf9\u8f93\u5165\u53c2\u6570\u672a\u8fdb\u884c\u6b63\u786e\u7c7b\u578b\u8f6c\u4e49\uff0c\u5bfc\u81f4\u6574\u578b\u6ce8\u5165\u7684\u53d1\u751f\u3002
 \u6709$arr[‘num’] \u3001$arr[‘id’]\u3001$arr[‘type’]\u8fd9\u4e9b\u53c2\u6570\u7684\uff0c\u5728\u51fd\u6570\u5f00\u5934\u52a0\u4e0a\uff1a<\/p>\n
\u5927\u6982289\u884c\u52a0\u4e0a\uff1a\n$arr['num'] = intval($arr['num']);\n$arr['id'] = intval($arr['id']);\n\u5927\u6982454\u884c\u52a0\u4e0a\uff1a\n$arr['id'] = intval($arr['id']);\n$arr['type'] = addslashes($arr['type']);\n\u5927\u6982495\u884c\u52a0\u4e0a\uff1a\n$arr['id'] = intval($arr['id']);<\/pre>\n
 \u767b\u5f55\u540e\u590d\u5236 <\/p>\n
9\u3001<\/strong>ECSHOP\u652f\u4ed8\u63d2\u4ef6\u5b58\u5728SQL\u6ce8\u5165\u6f0f\u6d1e\uff0c\u6b64\u6f0f\u6d1e\u5b58\u5728\u4e8e\/includes\/modules\/payment\/alipay.php\u6587\u4ef6\u4e2d\uff0c\u8be5\u6587\u4ef6\u662fECshop\u7684\u652f\u4ed8\u5b9d\u63d2\u4ef6\u3002\u7531\u4e8eECShop\u4f7f\u7528\u4e86str_replace\u51fd\u6570\u505a\u5b57\u7b26\u4e32\u66ff\u6362\uff0c\u9ed1\u5ba2\u53ef\u7ed5\u8fc7\u5355\u5f15\u53f7\u9650\u5236\u6784\u9020SQL\u6ce8\u5165\u8bed\u53e5\u3002\u53ea\u8981\u5f00\u542f\u652f\u4ed8\u5b9d\u652f\u4ed8\u63d2\u4ef6\u5c31\u80fd\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u7f51\u7ad9\u6570\u636e\uff0c\u4e14\u4e0d\u9700\u8981\u6ce8\u518c\u767b\u5165\u3002<\/p>\n
\u641c\u7d22\u4ee3\u7801\uff1a\n\n$order_sn = str_replace($_GET['subject'], '', $_GET['out_trade_no']);\n\n\u5c06\u4e0b\u9762\u4e00\u53e5\u6539\u4e3a\uff1a\n\n$order_sn = trim(addslashes($order_sn));<\/pre>\n
 \u767b\u5f55\u540e\u590d\u5236 <\/p>\n
Ecshop\u540e\u53f0\u6a21\u7248\u7f16\u8f91\u6f0f\u6d1e<\/strong>
 \u8be6\u60c5\u63cf\u8ff0\u53c2\u8003\uff1ahttps:\/\/www.cnblogs.com\/LittleHann\/p\/4272255.html<\/p>\n
\u6f0f\u6d1e\u6587\u4ef6\uff1a\/admin\/mail_template.php \u548c \/includes\/cls_template.php
 \/admin\/mail_template.php\u6587\u4ef6\u6dfb\u52a0\u4ee5\u4e0b\u4ee3\u7801\uff08\u8fc7\u6ee4\u4e86\u90e8\u5206php\u5173\u952e\u8bcd\uff09<\/p>\n
\/*------------------------------------------------------ *\/\n\/\/-- \u4fdd\u5b58\u6a21\u677f\u5185\u5bb9\n\/*------------------------------------------------------ *\/\n\nelseif ($_REQUEST['act'] == 'save_template')\n{ \n    if (empty($_POST['subject']))\n    {\n       sys_msg($_LANG['subject_empty'], 1, array(), false);\n    }\n    else\n    {\n        $subject = trim($_POST['subject']);\n    }\n\n    if (empty($_POST['content']))\n    {\n       sys_msg($_LANG['content_empty'], 1, array(), false);\n    }\n    else\n    {\n        $content = trim($_POST['content']);\n    }\n\n    $type   = intval($_POST['is_html']);\n    $tpl_id = intval($_POST['tpl']);\n\n    \/*\u8fc7\u6ee4\u4e86\u90e8\u5206php\u5173\u952e\u8bcd*\/    \n    $temp_check = preg_replace(\"\/([^a-zA-Z0-9_]{1,1})+(extract|parse_str|str_replace|unserialize|ob_start|require|include|array_map|preg_replace|copy|fputs|fopen|file_put_contents|file_get_contents|fwrite|eval|phpinfo|assert|base64_decode|create_function|call_user_func)+( |()\/is\", \"\", $content);\n    $temp_check = preg_replace(\"\/<?[^><]+(?>){0,1}|<%[^><]+(%>){0,1}|<%=[^><]+(%>){0,1}|<script[^>]+language[^>]*=[^>]*php[^>]*>[^><]*(<\/scripts*>){0,1}\/iU\", \"\", $temp_check); \n    $content = $temp_check;\n    \/*\u8fc7\u6ee4\u4e86\u90e8\u5206php\u5173\u952e\u8bcd*\/\n\n    $sql = \"UPDATE \" .$ecs->table('mail_templates'). \" SET \".\n                \"template_subject = '\" .str_replace('\\'\\'', '\\'', $subject). \"', \".\n                \"template_content = '\" .str_replace('\\'\\'', '\\'', $content).  \"', \".\n                \"is_html = '$type', \".\n                \"last_modify = '\" .gmtime(). \"' \".\n            \"WHERE template_id='$tpl_id'\";\n\n    if ($db->query($sql, \"SILENT\"))\n    {\n        $link[0]=array('href' => 'mail_template.php?act=list', 'text' => $_LANG['update_success']);\n        sys_msg($_LANG['update_success'], 0, $link);\n    }\n    else\n    {\n         sys_msg($_LANG['update_failed'], 1, array(), false);\n    }\n}<\/pre>\n
 \u767b\u5f55\u540e\u590d\u5236 <\/p>\n
\/includes\/cls_template.php\u6587\u4ef6\u66ff\u6362\u51fd\u6570\uff08fetch_str()\uff09\uff1a<\/p>\n
function fetch_str($source)\n    { \n        if (!defined('ECS_ADMIN'))\n        {\n            $source = $this->smarty_prefilter_preCompile($source);\n        }\n        $source=preg_replace(\"\/([^a-zA-Z0-9_]{1,1})+(copy|fputs|fopen|file_put_contents|fwrite|eval|phpinfo)+( |()\/is\", \"\", $source);\n        $source=preg_replace(\"\/<?[^><]+?>|<%[^><]+%>|<script[^>]+language[^>]*=[^>]*php[^>]*>[^><]*<\/scripts*>\/iU\", \"\", $source);\n        return preg_replace(\"\/{([^}{\n]*)}\/e\", \"$this->select('\\1');\", $source);\n        \/\/return preg_replace_callback(\"\/{([^}{\n]*)}\/\", function($r) { return $this->select($r[1]); }, $source);\/\/\u4fee\u9970\u7b26 \/e \u5728 PHP5.5.x \u4e2d\u5df2\u7ecf\u88ab\u5f03\u7528\u4e86\n    }<\/pre>\n
 \u767b\u5f55\u540e\u590d\u5236 <\/p>\n
               <\/p>\n
\u4ee5\u4e0a\u5c31\u662f\u4fee\u590d\u6574\u7406ecshop\u6f0f\u6d1e\u7684\u8be6\u7ec6\u5185\u5bb9\uff0c\u66f4\u591a\u8bf7\u5173\u6ce8\u7c73\u4e91\u5176\u5b83\u76f8\u5173\u6587\u7ae0\uff01<\/p>\n","protected":false},"excerpt":{"rendered":"
1\u3001ECShop\u5b58\u5728\u4e00\u4e2a\u76f2\u6ce8\u6f0f\u6d1e\uff0c\u95ee\u9898\u5b58\u5728\u4e8e\/api\/client\/api.php\u6587\u4ef6\u4e2d\uff0c\u63d0\u4ea4\u7279\u5236\u7684\u6076\u610fPOST\u8bf7\u6c42\u53ef\u8fdb\u884cSQL\u6ce8\u5165\u653b\u51fb\uff0c\u53ef\u83b7\u5f97\u654f\u611f\u4fe1\u606f\u6216\u64cd\u4f5c\u6570\u636e\u5e93\u3002 \u8def\u5f84\uff1a\/api\/client\/includes\/lib_api.php \u53c2\u7167\u4ee5\u4e0b\u4fee\u6539\uff1a \u63a8\u8350\uff08\u514d\u8d39\uff09\uff1a function API_UserLogin($post) { \/* SQL\u6ce8\u5165\u8fc7\u6ee4 *\/ if (get_magic_quotes_gpc()) { $post[‘UserId’] = $post[‘UserId’]; } else { $post[‘UserId’] = addslashes($post[‘UserId’]); } \/* end *\/ $post[‘username’] = isset($post[‘UserId’]) ? trim($post[‘UserId’]) : ”; \u767b\u5f55\u540e\u590d\u5236 2\u3001ecshop\u7684\u540e\u53f0\u7f16\u8f91\u6587\u4ef6\/admin\/shopinfo.php\u4e2d\uff0c\u5bf9\u8f93\u5165\u53c2\u6570id\u672a\u8fdb\u884c\u6b63\u786e\u7c7b\u578b\u8f6c\u4e49\uff0c\u5bfc\u81f4\u6574\u578b\u6ce8\u5165\u7684\u53d1\u751f\u3002 \u8def\u5f84\uff1a \/admin\/shopinfo.php \u53c2\u7167\u4ee5\u4e0b\u4fee\u6539\uff0853-71-105-123\u884c\uff09\uff1a \u6e90\u4ee3\u7801\uff1a admin_priv(‘shopinfo_manage’); \u6539\u4e3a\uff1a admin_priv(‘shopinfo_manage’); $_REQUEST[‘id’] = intval($_REQUEST[‘id’]); \u767b\u5f55\u540e\u590d\u5236 3\u3001\u6587\u4ef6\/admin\/affiliate_ck.php\u4e2d\uff0c\u5bf9\u8f93\u5165\u53c2\u6570auid\u672a\u8fdb\u884c\u6b63\u786e\u7c7b\u578b\u8f6c\u4e49\uff0c\u5bfc\u81f4\u6574\u578b\u6ce8\u5165\u7684\u53d1\u751f\u3002 \u53c2\u7167\u4ee5\u4e0b\u4fee\u6539\uff0831\u884c\u548c51\u884c\uff09\uff1a \u6e90\u4ee3\u7801\uff1a $logdb = get_affiliate_ck(); \u6539\u6210\uff1a $_GET[‘auid’] = […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[18],"tags":[],"class_list":["post-31949","post","type-post","status-publish","format-standard","hentry","category-cms"],"_links":{"self":[{"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/posts\/31949","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/comments?post=31949"}],"version-history":[{"count":0,"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/posts\/31949\/revisions"}],"wp:attachment":[{"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/media?parent=31949"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/categories?post=31949"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/tags?post=31949"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}