lkddi/nexusphp
1
0
Fork 0
mirror of https://github.com/lkddi/nexusphp.git synced 2026-04-14 12:30:49 +08:00
Code Issues Packages Projects Releases Wiki Activity
439 Commits 1 Branch 0 Tags
7b8b7ed5102b68ef7f6f53b339d115f846f6cc31
Commit Graph

439 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
xiaomlove
e4f26eee9f test encrypt 2021-06-01 20:55:47 +08:00
xiaomlove
5c31c5ef44 Merge branch 'promotion' into php8 2021-06-01 20:55:04 +08:00
xiaomlove
87817de415 make request_id more unique 2021-06-01 17:51:38 +08:00
xiaomlove
4091341ca8 Merge branch 'promotion' into php8 2021-06-01 17:01:50 +08:00
xiaomlove
c73c5f9ab1 rquest_id length 32 2021-06-01 16:56:22 +08:00
xiaomlove
4a3cfebadd prefix sub 2021-06-01 16:48:40 +08:00
xiaomlove
c2446aa1e7 request_id prefix think about SCRIPT_NAME 2021-06-01 16:40:53 +08:00
xiaomlove
0b839c5970 request_id, add cli args for prefix 2021-06-01 15:50:17 +08:00
xiaomlove
ec7104e5e8 make request_id more unique 2021-06-01 14:30:25 +08:00
xiaomlove
f3d8c62170 Merge branch 'promotion' into php8 2021-06-01 12:45:09 +08:00
xiaomlove
eacbe51932 change request_id definition 2021-06-01 12:41:13 +08:00
xiaomlove
c8ecdd926f Merge remote-tracking branch 'refs/remotes/origin/php8' into php8 2021-06-01 01:29:05 +08:00
xiaomlove
5760adc0c4 change torrent pos_state to varchar, support more sticky level 2021-06-01 01:28:46 +08:00
xiaomlove
2b65030a38 Merge branch 'promotion' into php8 2021-05-31 21:05:04 +08:00
xiaomlove
a6f2419c5e cleanup in cli 2021-05-31 21:04:49 +08:00
xiaomlove
f61992e377 Merge branch 'promotion' into php8 2021-05-31 13:39:56 +08:00
xiaomlove
f79c0a22bc remove exam, remove exam_user and exam_progress 2021-05-31 13:39:35 +08:00
xiaomlove
8e35dc0886 update init category icon_id 2021-05-29 21:48:50 +08:00
xiaomlove
3a54de8be7 add special section 2021-05-29 18:26:04 +08:00
xiaomlove
48259ab387 Merge branch 'promotion' into php8 2021-05-28 16:59:28 +08:00
xiaomlove
4e85c48c70 userdetails show vip until 2021-05-28 16:50:17 +08:00
xiaomlove
685a427c13 render searchbox relate icon css 2021-05-28 02:25:08 +08:00
xiaomlove
4cde957edb Merge branch 'promotion' into php8 2021-05-28 00:53:12 +08:00
xiaomlove
f45196c556 fix: cleanup 2021-05-27 14:11:44 +08:00
xiaomlove
5c4c1ddb92 Merge branch 'promotion' into php8 2021-05-27 00:23:49 +08:00
xiaomlove
d7690b45fd fix staff.php undefined constant 2021-05-27 00:21:14 +08:00
xiaomlove
a840633ff2 Merge branch 'promotion' into php8 2021-05-26 21:46:01 +08:00
xiaomlove
a4c9a40cdd increase main width to 1200 2021-05-26 21:38:39 +08:00
xiaomlove
f0e5ad5b6c add promotion 2021-05-26 20:56:03 +08:00
xiaomlove
67ab1dcb18 ignore-imdb-dir 2021-05-26 18:08:55 +08:00
xiaomlove
576658cd2c SearchBoxRepository 2021-05-20 23:30:34 +08:00
xiaomlove
51b3582090 searchbox model 2021-05-20 17:14:38 +08:00
xiaomlove
13097fa711 remove qq in english readme 2021-05-20 14:40:43 +08:00
xiaomlove
a6a87281e7 add qq group on readme 2021-05-20 14:38:11 +08:00
xiaomlove
74f38938a4 README-EN.md 2021-05-20 14:13:59 +08:00
xiaomlove
f8c745e4b4 fix english readme link 2021-05-20 14:12:18 +08:00
xiaomlove
99a3b057ee improve-readme 2021-05-20 14:06:56 +08:00
xiaomlove
88207b9975 add-trans 2021-05-19 19:45:41 +08:00
CZ
ce05680219 修复3个安全漏洞 (#15) 
* 修复趣味盒未授权访问漏洞

趣味盒页面未做鉴权游客可以任意查看或发送内容

* 修复sql注入漏洞

* 修复sql注入 详见描述

代码第19行		if (!is_valid_id($class) && $class != 0)
如果class 为"sleep(5)" 虽然过不了is_valid_id校验 但是由于php 弱类型 非数字开头的字符串 最终会判断为 $class = 0 绕过了校验
另外建议is_valid_id 改为更直接的intval 将用户输入的的数据强制转换成int 防止sql注入
 2021-05-19 13:49:41 +08:00
xiaomlove
0c136b7743 api add page_title 2021-05-18 02:37:39 +08:00
xiaomlove
e5a9dc3273 dashboard latest user gender 2021-05-17 21:17:30 +08:00
xiaomlove
6e4c168cd5 dashboard latest torrent limit 5 2021-05-17 21:15:18 +08:00
xiaomlove
7edc385cdc build dashboard 2021-05-17 21:09:02 +08:00
xiaomlove
d651762c1b Dashboard 2021-05-17 21:07:50 +08:00
xiaomlove
fa4f9a29c5 snatch list paginate 2021-05-17 00:56:23 +08:00
xiaomlove
d598c57891 snatch speed 2021-05-17 00:44:35 +08:00
xiaomlove
b2067c9424 snatch only get finished 2021-05-17 00:38:42 +08:00
xiaomlove
cd46d8ef38 api snatch controller 2021-05-17 00:11:42 +08:00
xiaomlove
6789e7e5ea api snatches 2021-05-17 00:10:15 +08:00
xiaomlove
3d7ab7a7dc cast peer finishedat datetime 2021-05-16 15:03:02 +08:00