--- fenglin/bbs/reg_user_service.php 2025/03/31 14:13:22 1.1 +++ fenglin/bbs/reg_user_service.php 2025/04/09 06:00:54 1.4 @@ -10,18 +10,18 @@ $data = json_decode(file_get_contents("php://input"), true); - $username = (isset($data["username"]) ? $data["username"] : ""); - $nickname = (isset($data["nickname"]) ? $data["nickname"] : ""); + $username = (isset($data["username"]) ? trim($data["username"]) : ""); + $nickname = (isset($data["nickname"]) ? trim($data["nickname"]) : ""); $realname = (isset($data["realname"]) ? trim($data["realname"]) : ""); $gender = (isset($data["gender"]) ? $data["gender"] : ""); $gender_public = (isset($data["gender_public"]) && $data["gender_public"] == "1" ? 1 : 0); - $email = (isset($data["email"]) ? $data["email"] : ""); + $email = (isset($data["email"]) ? trim($data["email"]) : ""); $year = (isset($data["year"]) ? intval($data["year"]) : 0); $month = (isset($data["month"]) ? intval($data["month"]) : 0); $day = (isset($data["day"]) ? intval($data["day"]) : 0); - $qq = (isset($data["qq"]) ? $data["qq"] : ""); + $qq = (isset($data["qq"]) ? trim($data["qq"]) : ""); $agreement = (isset($data["agreement"]) && $data["agreement"] == "1"); - $vn_str = (isset($data["vn_str"]) ? $data["vn_str"] : ""); + $vn_str = (isset($data["vn_str"]) ? trim($data["vn_str"]) : ""); $result_set = array( "return" => array( @@ -145,6 +145,10 @@ exit(json_encode($result_set)); } + // Secure SQL statement + $nickname = mysqli_real_escape_string($db_conn, $nickname); + $realname = mysqli_real_escape_string($db_conn, $realname); + // Begin transaction $rs = mysqli_query($db_conn, "SET autocommit=0"); if ($rs == false) @@ -167,8 +171,7 @@ } // Check availability of username and nickname - $sql = "SELECT UID FROM user_list WHERE username = '" . - mysqli_real_escape_string($db_conn, $username) . "'"; + $sql = "SELECT UID FROM user_list WHERE username = '$username'"; $rs = mysqli_query($db_conn, $sql); if ($rs == false) @@ -190,8 +193,7 @@ } mysqli_free_result($rs); - $sql = "SELECT UID FROM user_nickname WHERE nickname = '" . - mysqli_real_escape_string($db_conn, $nickname) . "'"; + $sql = "SELECT UID FROM user_nickname WHERE nickname = '$nickname'"; $rs = mysqli_query($db_conn, $sql); if ($rs == false) @@ -213,8 +215,7 @@ } mysqli_free_result($rs); - $sql = "SELECT UID FROM user_pubinfo WHERE email = '" . - mysqli_real_escape_string($db_conn, $email) . "'"; + $sql = "SELECT UID FROM user_pubinfo WHERE email = '$email'"; $rs = mysqli_query($db_conn, $sql); if ($rs == false) @@ -259,8 +260,8 @@ $uid = mysqli_insert_id($db_conn); - $sql = "INSERT INTO user_reginfo(UID, name, birthday, signup_dt, signup_ip) VALUES($uid, '" . - mysqli_real_escape_string($db_conn, $realname) . "', '$year-$month-$day', NOW(), '". + $sql = "INSERT INTO user_reginfo(UID, name, birthday, signup_dt, signup_ip) + VALUES($uid, '$realname', '$year-$month-$day', NOW(), '". client_addr() . "')"; $rs = mysqli_query($db_conn, $sql); @@ -273,8 +274,8 @@ exit(json_encode($result_set)); } - $sql = "INSERT INTO user_pubinfo(UID, nickname, email, gender, gender_pub, qq, last_login_dt) VALUES($uid, '" . - mysqli_real_escape_string($db_conn, $nickname) . "', '$email', '$gender', $gender_public, '$qq', NOW())"; + $sql = "INSERT INTO user_pubinfo(UID, nickname, email, gender, gender_pub, qq, last_login_dt) + VALUES($uid, '$nickname', '$email', '$gender', $gender_public, '$qq', NOW())"; $rs = mysqli_query($db_conn, $sql); if ($rs == false) @@ -286,8 +287,8 @@ exit(json_encode($result_set)); } - $sql = "INSERT INTO user_nickname(UID, nickname, begin_dt, begin_reason) VALUES($uid, '" . - mysqli_real_escape_string($db_conn, $nickname) . "', NOW(), 'R')"; + $sql = "INSERT INTO user_nickname(UID, nickname, begin_dt, begin_reason) + VALUES($uid, '$nickname', NOW(), 'R')"; $rs = mysqli_query($db_conn, $sql); if ($rs == false) @@ -333,7 +334,7 @@ exit(json_encode($result_set)); } - $_SESSION["BBS_reg_vn_str"] == ""; + $_SESSION["BBS_reg_vn_str"] = ""; mysqli_close($db_conn); exit(json_encode($result_set));