6 年之前 · e14008ca02
--- a/application/admin/controller/Ajax.php
+++ b/application/admin/controller/Ajax.php
@@ -9,6 +9,7 @@ use think\Cache;
 
				 use think\Config;
			
 
				 use think\Db;
			
 
				 use think\Lang;
			
 
				+use think\Validate;
			
 
				 
			
 
				 /**
			
 
				  * Ajax异步请求接口
			
@@ -155,6 +156,9 @@ class Ajax extends Backend
 
				         $field = $this->request->post("field");
			
 
				         //操作的数据表
			
 
				         $table = $this->request->post("table");
			
 
				+        if (!Validate::is($table, "alphaDash")) {
			
 
				+            $this->error();
			
 
				+        }
			
 
				         //主键
			
 
				         $pk = $this->request->post("pk");
			
 
				         //排序的方式
			
@@ -214,16 +218,19 @@ class Ajax extends Backend
 
				             case 'content':
			
 
				                 rmdirs(CACHE_PATH, false);
			
 
				                 Cache::clear();
			
 
				-                if ($type == 'content')
			
 
				+                if ($type == 'content') {
			
 
				                     break;
			
 
				+                }
			
 
				             case 'template':
			
 
				                 rmdirs(TEMP_PATH, false);
			
 
				-                if ($type == 'template')
			
 
				+                if ($type == 'template') {
			
 
				                     break;
			
 
				+                }
			
 
				             case 'addons':
			
 
				                 Service::refresh();
			
 
				-                if ($type == 'addons')
			
 
				+                if ($type == 'addons') {
			
 
				                     break;
			
 
				+                }
			
 
				         }
			
 
				 
			
 
				         \think\Hook::listen("wipecache_after");
			
--- a/application/common/controller/Backend.php
+++ b/application/common/controller/Backend.php
@@ -451,6 +451,7 @@ class Backend extends Controller
 
				         //如果有primaryvalue,说明当前是初始化传值
			
 
				         if ($primaryvalue !== null) {
			
 
				             $where = [$primarykey => ['in', $primaryvalue]];
			
 
				+            $pagesize = null;
			
 
				         } else {
			
 
				             $where = function ($query) use ($word, $andor, $field, $searchfield, $custom) {
			
 
				                 $logic = $andor == 'AND' ? '&' : '|';
			
--- a/application/index/controller/User.php
+++ b/application/index/controller/User.php
@@ -119,7 +119,7 @@ class User extends Frontend
 
				                 if ($captchaType == 'mobile') {
			
 
				                     $captchaResult = Sms::check($mobile, $captcha, 'register');
			
 
				                 } elseif ($captchaType == 'email') {
			
 
				-                    $captchaResult = Ems::check($mobile, $captcha, 'register');
			
 
				+                    $captchaResult = Ems::check($email, $captcha, 'register');
			
 
				                 } elseif ($captchaType == 'wechat') {
			
 
				                     $captchaResult = WechatCaptcha::check($captcha, 'register');
			
 
				                 } elseif ($captchaType == 'text') {