在ecshop最新版本后台SQL查询除运行SQL语句出现报错提示:this sql May contain UPDATE,DELETE,TRUNCATE,ALTER,DROP,FLUSH,INSERT,REPLACE,SET,CREATE,CONCAT
注意:
修改后可以了
========================================
下面再来说一说解决方法: if(!empty($_POST['sql'])) { preg_match_all("/(SELECT)/i", $_POST['sql'],$matches); if(isset($matches[1]) && count($matches[1])>1) { sys_msg("this sql more than one SELECT "); } if(preg_match("/(UPDATE|DELETE|TRUNCATE|ALTER|DROP|FLUSH|INSERT|REPLACE|SET|CREATE|CONCAT)/i", $_POST['sql'])) { sys_msg("this sql May contain UPDATE,DELETE,TRUNCATE,ALTER,DROP,FLUSH,INSERT,REPLACE,SET,CREATE,CONCAT "); } }(责任编辑:最模板) |