box("用户名已被占用!","back","error");
}else{
mysqli_query($conn,"insert into SL_member(M_login,M_pwd,M_email,M_fen,M_pic,M_regtime,M_from,M_need) values('".$M_login."','".strtoupper(md5($M_pwd))."','".$M_email."',0,'member.jpg','".date('Y-m-d H:i:s')."',".$_COOKIE["uid"].",'".$M_need."')");
`
we can see the parameter was validated by the function of IsValidStr,so we can not use some special characters.but when database meets %c2,it will be identified as a invalid character and also fit the ruler of the function IsValidStr.
thus.We can register another test
finally,register other account test%c2|123456
The text was updated successfully, but these errors were encountered:
smcs 2.x arbitrarily account register via member/member_reg.php

firstly,register an account test|test
then,let's see the issue code
`if($_POST["M_code"]!=$_SESSION["CmsCode"]){
box(lang("验证码错误!/l/Verification code error"),"back","error");
}else{
$M_login=$_POST["M_login"];
$M_pwd=$_POST["M_pwd"];
$M_pwd2=$_POST["M_pwd2"];
$M_email=$_POST["M_email"];
$M_need=$_POST["M_need"];
if(!IsValidStr($M_login) || !IsValidStr($M_pwd) || !IsValidStr($M_pwd2) || !IsValidStr($M_email) || !IsValidStr($M_need)){
box("输入内容包含敏感字符,请重新输入!","back","error");
}
if($M_pwd!=$M_pwd2){
box("两次输入密码不一致!","back","error");
}
if($M_need=="x"){
box("请选择一个业务需求!","back","error");
}
if($M_login!="" && $M_pwd!="" && $M_email!=""){
if(strpos($M_email,"@")===false){
box("请输入一个可用的邮箱!","back","error");
}else{
$sql="Select * from SL_member Where M_login='".$M_login."'";
box("用户名已被占用!","back","error");

}else{
mysqli_query($conn,"insert into SL_member(M_login,M_pwd,M_email,M_fen,M_pic,M_regtime,M_from,M_need) values('".$M_login."','".strtoupper(md5($M_pwd))."','".$M_email."',0,'member.jpg','".date('Y-m-d H:i:s')."',".$_COOKIE["uid"].",'".$M_need."')");
`
we can see the parameter was validated by the function of IsValidStr,so we can not use some special characters.but when database meets %c2,it will be identified as a invalid character and also fit the ruler of the function IsValidStr.
thus.We can register another test
finally,register other account test%c2|123456
The text was updated successfully, but these errors were encountered: