From 495020b7b0c16de40f20b08f2ab3be0a2b816b96 Mon Sep 17 00:00:00 2001 From: thinkphp Date: Tue, 5 Sep 2017 14:16:54 +0800 Subject: [PATCH] =?UTF-8?q?=E6=94=B9=E8=BF=9BRequest=E7=B1=BBfilterExp?= =?UTF-8?q?=E6=96=B9=E6=B3=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- library/think/Request.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/think/Request.php b/library/think/Request.php index 36b2ac2d..5f05b916 100644 --- a/library/think/Request.php +++ b/library/think/Request.php @@ -1093,7 +1093,7 @@ class Request public function filterExp(&$value) { // 过滤查询特殊字符 - if (is_string($value) && preg_match('/^(EXP|NEQ|GT|EGT|LT|ELT|OR|XOR|LIKE|NOTLIKE|NOT BETWEEN|NOTBETWEEN|BETWEEN|NOTIN|NOT IN|IN)$/i', $value)) { + if (is_string($value) && preg_match('/^(EXP|NEQ|GT|EGT|LT|ELT|OR|XOR|LIKE|NOTLIKE|NOT LIKE|NOT BETWEEN|NOTBETWEEN|BETWEEN|NOTIN|NOT IN|IN)$/i', $value)) { $value .= ' '; } // TODO 其他安全过滤