discuzx2.5任务系统刷分漏洞详细修复教程,虽然网上已有相关解决方法,不过对于用工具无限制刷分的问题还是没法完全解决,官方也没有出具体方案,魔客吧在这里给大家整理出一套完整的修复方案,如下:
文件路径
source/module/home/home_task.php
source/class/class_task.php
将
home_task.php 中的
$result = $tasklib->delete($id);
showmessage('task_deleted', 'home.php?mod=task&item=doing');
替换成
if(!$_G['uid']) {
showmessage('not_loggedin', NULL, array(), array('login' => 1));
}
$task = C::t('common_task')->fetch($id);
if($task['available'] != 2) {
showmessage('task_nonexistence');
} elseif(($task['starttime'] && $task['starttime'] > TIMESTAMP) || ($task['endtime'] && $task['endtime'] <= TIMESTAMP)) {
showmessage('task_offline');
}elseif($task['tasklimits'] && $task['achievers'] >= $task['tasklimits']) {
showmessage('task_full');
}
$mytask = DB::fetch_first("SELECT *, dateline AS applytime FROM %t where uid=%d AND taskid=".$id,
array( 'common_mytask', $_G['uid']));
if(!$mytask || $mytask['status']!=0){
showmessage('task_not_underway');
}else{
$task['applytime'] = $mytask['applytime'];
}
require_once libfile('task/'.$task['scriptname'], 'class');
$taskclassname = 'task_'.$task['scriptname'];
$task_class = new $taskclassname;
if(method_exists($task_class, 'csc')) {
$result = $task_class->csc($task);
} else {
showmessage('task_not_found', '', array('taskclassname' => $taskclassname));
}
if($result === TRUE || $result['csc']) {
showmessage('task_doing', 'home.php?mod=task&do=view&id='.$id);
} else {
$result = $tasklib->delete($id);
showmessage('task_deleted', 'home.php?mod=task&item=doing');
}
class_task.php中
343行
} elseif($this->task['status'] != 0 ) {
替换成
} elseif($this->task['status'] != 0 || !$this->task['dateline']) {
此文由 网站目录_网站网址收录与提交入口 编辑,未经允许不得转载!: