thinkphp icon indicating copy to clipboard operation
thinkphp copied to clipboard
verified publisher icon top-think

模型验证里的confirm有错误漏洞

Open Jack-YanTC opened this issue 8 years ago • 1 comments

问题出在密码与确认密码的confirm: array('repassword','password','确认密码与密码不一致',self::EXISTS_VALIDATE ,'confirm'), array('password', '6,20', '请输入6到20位密码', self::EXISTS_VALIDATE, 'length'), 框架里的confirm判断是: case 'confirm': // 验证两个字段是否相同 return $data[$val[0]] == $data[$val[1]]; 这里如果password=“000000”而repassword=“000”,仍会返回true。

Jack-YanTC avatar Jun 03 '17 08:06 Jack-YanTC

框架里如果写成恒等,则能避免这个问题 case 'confirm': // 验证两个字段是否相同 return $data[$val[0]] === $data[$val[1]];

Jack-YanTC avatar Jun 03 '17 08:06 Jack-YanTC