sql注入

crmeb/app/api/controller/store/StoreProductController.php

@@ -29,15 +29,15 @@ class StoreProductController
     public function lst(Request $request)
     {
         $data = UtilService::getMore([
-            ['sid', 0],
-            ['cid', 0],
+            [['sid', 'd'], 0],
+            [['cid', 'd'], 0],
             ['keyword', ''],
             ['priceOrder', ''],
             ['salesOrder', ''],
-            ['news', 0],
-            ['page', 0],
-            ['limit', 0],
-            ['type', 0]
+            [['news', 'd'], 0],
+            [['page', 'd'], 0],
+            [['limit', 'd'], 0],
+            [['type', 'd'], 0]
         ], $request);
         return app('json')->successful(StoreProduct::getProductList($data, $request->uid()));
     }
@@ -165,8 +165,8 @@ class StoreProductController
     public function product_hot(Request $request)
     {
         list($page, $limit) = UtilService::getMore([
-            ['page', 0],
-            ['limit', 0]
+            [['page', 'd'], 0],
+            [['limit', 'd'], 0]
         ], $request, true);
         if (!$limit) return app('json')->successful([]);
         $productHot = StoreProduct::getHotProductLoading('id,image,store_name,cate_id,price,unit_name,ot_price', (int)$page, (int)$limit);
@@ -223,7 +223,9 @@ class StoreProductController
     public function reply_list(Request $request, $id)
     {
         list($page, $limit, $type) = UtilService::getMore([
-            ['page', 0], ['limit', 0], ['type', 0]
+            [['page', 'd'], 0],
+            [['limit', 'd'], 0],
+            [['type', 'd'], 0]
         ], $request, true);
         if (!$id || !is_numeric($id)) return app('json')->fail('参数错误!');
         $list = StoreProductReply::getProductReplyList($id, (int)$type, $page, $limit);

crmeb/app/http/middleware/AllowOriginMiddleware.php

@@ -21,10 +21,10 @@ class AllowOriginMiddleware implements MiddlewareInterface
      * @var array
      */
     protected $header = [
-        'Access-Control-Allow-Origin'   => '*',
-        'Access-Control-Allow-Headers'  => 'Authori-zation,Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-Requested-With',
-        'Access-Control-Allow-Methods'  => 'GET,POST,PATCH,PUT,DELETE,OPTIONS,DELETE',
-        'Access-Control-Max-Age'        =>  '1728000'
+        'Access-Control-Allow-Origin' => '*',
+        'Access-Control-Allow-Headers' => 'Authori-zation,Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-Requested-With',
+        'Access-Control-Allow-Methods' => 'GET,POST,PATCH,PUT,DELETE,OPTIONS,DELETE',
+        'Access-Control-Max-Age' => '1728000'
     ];
 
     /**
@@ -52,7 +52,7 @@ class AllowOriginMiddleware implements MiddlewareInterface
         } else {
             $response = $next($request)->header($header);
         }
-
+        $request->filter(['htmlspecialchars', 'strip_tags', 'addslashes', 'trim']);
         return $response;
     }
 }

crmeb/crmeb/services/UtilService.php

@@ -35,8 +35,14 @@ class UtilService
             } else {
                 if (!isset($param[1])) $param[1] = null;
                 if (!isset($param[2])) $param[2] = '';
-                $name = is_array($param[1]) ? $param[0] . '/a' : $param[0];
-                $p[$suffix == true ? $i++ : (isset($param[3]) ? $param[3] : $param[0])] = $request->param($name, $param[1], $param[2]);
+                if (is_array($param[0])) {
+                    $name = is_array($param[1]) ? $param[0][0] . '/a' : $param[0][0] . '/' . $param[0][1];
+                    $keyName = $param[0][0];
+                } else {
+                    $name = is_array($param[1]) ? $param[0] . '/a' : $param[0];
+                    $keyName = $param[0];
+                }
+                $p[$suffix == true ? $i++ : (isset($param[3]) ? $param[3] : $keyName)] = $request->param($name, $param[1], $param[2]);
             }
         }
         return $p;
@@ -60,8 +66,14 @@ class UtilService
             } else {
                 if (!isset($param[1])) $param[1] = null;
                 if (!isset($param[2])) $param[2] = '';
-                $name = is_array($param[1]) ? $param[0] . '/a' : $param[0];
-                $p[$suffix == true ? $i++ : (isset($param[3]) ? $param[3] : $param[0])] = $request->param($name, $param[1], $param[2]);
+                if (is_array($param[0])) {
+                    $name = is_array($param[1]) ? $param[0][0] . '/a' : $param[0][0] . '/' . $param[0][1];
+                    $keyName = $param[0][0];
+                } else {
+                    $name = is_array($param[1]) ? $param[0] . '/a' : $param[0];
+                    $keyName = $param[0];
+                }
+                $p[$suffix == true ? $i++ : (isset($param[3]) ? $param[3] : $keyName)] = $request->param($name, $param[1], $param[2]);
             }
         }
         return $p;