把SQL报错提示全部屏蔽了,这有个好处,可以防止注入!让SQL报错不显示,是优化 不得不做的方法!
找到 程序
找到 includescls_mysql.php
function ErrorMsg($message = '', $sql = '')
{
if ($message)
{
echo "<b>ECSHOP info</b>: $messagenn<br /><br />";
//print('<a href="https://www.ecshop.co/uncategorized/a-li-yun-tui-yu-ming-jiao-wang-ping-tai/2003&dberror=Can%27t%20connect%20to%20MySQL%20server%20on"https://www.ecshop.co/uncategorized/tou-zi-ren-tou-zhun-10-de-xiang-mu-jiu-gou-dan-ti-yu-jia/>https://www.ecshop.co/uncategorized/song-ju-xiang-cun-kuan-yi-wan-wu-ci-ke-que-qu-bu-chu-lai/;');
}
else
{
echo "<b>MySQL server error report:";
print_r($this->error_message);
//echo "<br /><br /><a href='https://www.ecshop.co/uncategorized/a-li-yun-tui-yu-ming-jiao-wang-ping-tai/" . $this->error_message[3]['errno'] . "&dberror=" . urlencode($this->error_message[2]['error']) . "'
target='_blank'>https://www.ecshop.co/uncategorized/song-ju-xiang-cun-kuan-yi-wan-wu-ci-ke-que-qu-bu-chu-lai/;";
}
修改为
function ErrorMsg($message = '', $sql = '')
{
if ($message)
{
//echo "<b>ECSHOP info</b>: $messagenn<br /><br />";
//print('<a href="https://www.ecshop.co/uncategorized/a-li-yun-tui-yu-ming-jiao-wang-ping-tai/2003&dberror=Can%27t%20connect%20to%20MySQL%20server%20on"https://www.ecshop.co/uncategorized/tou-zi-ren-tou-zhun-10-de-xiang-mu-jiu-gou-dan-ti-yu-jia/>https://www.ecshop.co/uncategorized/song-ju-xiang-cun-kuan-yi-wan-wu-ci-ke-que-qu-bu-chu-lai/;');
}
else
{
//echo "<b>MySQL server error report:";
//print_r($this->error_message);
//echo "<br /><br /><a href='https://www.ecshop.co/uncategorized/a-li-yun-tui-yu-ming-jiao-wang-ping-tai/" . $this->error_message[3]['errno'] . "&dberror=" . urlencode($this->error_message[2]['error']) . "'
target='_blank'>https://www.ecshop.co/uncategorized/song-ju-xiang-cun-kuan-yi-wan-wu-ci-ke-que-qu-bu-chu-lai/;";
}
exit;
} exit;
}
即把所有的错误输出屏蔽 这样很方便的就解决了注入问题。增加网店的安全系数!