下载评论块。填入
$protects = array('_REQUEST', '_GET', '_POST', '_COOKIE', '_FILES', '_SERVER', '_ENV', 'GLOBALS', '_SESSION');
foreach ($protects as $protect) {
if ( in_array($protect , array_keys($_REQUEST)) ||
in_array($protect , array_keys($_GET)) ||
in_array($protect , array_keys($_POST)) ||
in_array($protect , array_keys($_COOKIE)) ||
in_array($protect , array_keys($_FILES))) {
die("Invalid Request."
;
}
}
则出现白页。
<script> alert('You have an error in your SQL syntax. Check the manual that corresponds to your
MySQL server version for the right syntax to use near \'2005-11-28\')\' at line 1 SQL=INSERT INTO mos_downloads_comments (id, comment, userid, time) VALUES (158, \'$protects = array(\\\'_REQUEST\\\', \\\'_GET\\\', \\\'_POST\\\', \\\'_COOKIE\\\', \\\'_FILES\\\', \\', 2748, \'2005-11-28\')'); window.history.go(-1); </script>
呵呵。
http://www.
mambochina.net/option,com_remository/func,fileinfo/filecatid_158.html?sid=83882f4751bf175fd128272952ad7af3
