ecshop商城安全优化_ECSHOP防止ECSHOP注入,屏蔽SQL提示

ECSHOP教程 来源: ECSHOP教程网www.ecshop119.com 时间:2020-12-18 ECSHOP教程分类:其他ECSHOP教程

ECSHOP教程ECSHOP商城安全优化_ECSHOP防止ECSHOP注入,屏蔽SQL提示教程

即把所有的错误输出屏蔽 这样很方便的就解决了注入问题。增加ECSHOP商城的安全系数!

我们常说的注入就是利用了 ecshop的sql错误提示显示出了MD5的密码
ECSHOP商城来说是非常危险的!要解决这个问题,最好的方法当然就屏蔽ecshop的sql错误,这样,无论如何的注入都束手无策!
直接看代码: 
找到 \includes\cls_mysql.php


    function close()
    {
        return mysqli_close($this->link_id);
    }
    function ErrorMsg($message = '', $sql = '')
    {
        if ($message)
        {
            echo "<b>ECSHOP info</b>: $message\n\n<br /><br />";
            //print('<a href="http://faq.comsenz.com/?type=mysql&dberrno=2003&dberror=Can%27t%20connect%20to%20MySQL%20server%20on" target="_blank">http://faq.comsenz.com/</a>');
        }
        else
        {
            echo "<b>MySQL server error report:";
            print_r($this->error_message);
            //echo "<br /><br /><a href='http://faq.comsenz.com/?type=mysql&dberrno=" . $this->error_message[3]['errno'] . "&dberror=" . urlencode($this->error_message[2]['error']) . "' target='_blank'>http://faq.comsenz.com/</a>";
        }
        exit;
    }

修改变成:

function ErrorMsg($message = '', $sql = '') 
{ 
if ($message) 
{ 
//echo "<b>ECSHOP info</b>: $message\n\n<br /><br />"; 
//print('<a href="http://faq.comsenz.com/?type=mysql&dberrno=2003&dberror=Can%27t%20connect%20to%20MySQL%20server%20on" target="_blank">http://faq.comsenz.com/</a>'); 
} 
else 
{ 
//echo "<b>MySQL server error report:"; 
//print_r($this->error_message); 
//echo "<br /><br /><a href='http://faq.comsenz.com/?type=mysql&dberrno=" . $this->error_message[3]['errno'] . "&dberror=" . urlencode($this->error_message[2]['error']) . "' 
target='_blank'>http://faq.comsenz.com/</a>"; 
} 
 
exit; 
} exit; 
}


本文模板屋原创地址: https://www.ecshop119.com/ecshopjc-1078.html
模板屋版权所有 © 转载时必须以链接形式注明出处!

微信联系我们
7x24小时服务
在线咨询
qqcodeback_top
温馨提示

确定取消
温馨提示

关闭