微擎漏洞修复微擎漏洞汇总

微擎微赞系统BUG漏洞解决方法汇总,弄了微擎系统来玩玩,发觉这个系统BUG还不少,阿里云的提醒都一大堆,主要是没有针对SQL注入做预防,处理的办法基本都是用转义函数。

1、

微擎任意文件下载
漏洞文件路径:/framework/function/global.func.php
解决方法:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
修复方法:
打开/framework/function/global.func.php文件
搜索
if (strexists($t, 'http://')
复制代码
找到
if (strexists($t, 'http://') || strexists($t, 'https://') || substr($t, 0, 2) == '//') {
return $src;
}
复制代码
替换为
if((substr($t, 0, 7) == 'http://')||(substr($t, 0, 8) == 'https://')||(substr($t, 0, 2) == '//')){ return $src; }
复制代码
搞定
保存文件,上传到服务器,去安骑士上验证一下就过了。

 

2、

微擎SQL注入漏洞
微擎的/web/source/mc/fans.ctrl.php中,对$_GPC[‘nickname’]未进行SQL转义就带入数据库查询中,导致SQL注入的发生。
解决方法:
1
2
3
4
5
6
7
8
9
漏洞在web/source/mc/fans.ctrl.php,修复方法(代码在148行左右)
搜索
$nickname = trim($_GPC['nickname']);
修改为
$nickname = addslashes(trim($_GPC['nickname']));

 

3、

微擎文件编辑SQL注入
微擎的/web/source/site/article.ctrl.php中对$_GPC[‘template’]、$_GPC[‘title’]、$_GPC[‘description’]、$_GPC[‘source’]、$_GPC[‘author’]参数未进行正确转义过滤,导致SQL注入的产生。
解决方法:

搜索代码 message(‘标题不能为空,请输入标题!‘); 如下图:

微擎漏洞修复微擎漏洞汇总

在 82 行 前添加代码

  1. mysql_set_charset(“gbk”);
  2. $_GPC[‘template‘] = mysql_real_escape_string($_GPC[‘template‘]);
  3. $_GPC[‘title‘] = mysql_real_escape_string($_GPC[‘title‘]);
  4. $_GPC[‘description‘] = mysql_real_escape_string($_GPC[‘description‘]);
  5. $_GPC[‘source‘] = mysql_real_escape_string($_GPC[‘source‘]);
  6. $_GPC[‘author‘] = mysql_real_escape_string($_GPC[‘author‘]);

复制代码

修改后如图:
微擎漏洞修复微擎漏洞汇总

4、
微擎SQL注入漏洞
微擎CMS的/web/source/paycenter/wxmicro.ctrl.php中,对$post[‘member’][‘uid’]输入参数未进行严格类型转义,导致SQL注入的发生
解决方法:
红色部分为新增和修改的
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
<?php
/**
* [WeEngine System] Copyright (c) 2014 WE7.CC
* WeEngine is NOT a free software, it under the license terms, visited http://www.we7.cc/ for more details.
*/
defined('IN_IA') or exit('Access Denied');
uni_user_permission_check('paycenter_wxmicro_pay');
$_W['page']['title'] = '刷卡支付-微信收款';
$dos = array('pay', 'query', 'checkpay');
$do = in_array($do, $dos) ? $do : 'pay';
load()->model('paycenter');
if($do == 'pay') {
if($_W['isajax']) {
$post = $_GPC['__input'];
$fee = trim($post['fee']) ? trim($post['fee']) : message(error(-1, '订单金额不能为空'), '', 'ajax');
$body = trim($post['body']) ? trim($post['body']) : message(error(-1, '商品名称不能为空'), '', 'ajax');
$code = trim($post['code']);
$uid = intval($post['member']['uid']);
if($post['cash'] > 0 && empty($post['code'])) {
message(error(-1, '授权码不能为空'), '', 'ajax');
}
$total = $money = floatval($post['fee']);
if(!$total) {
message(error(-1, '消费金额不能为空'), '', 'ajax');
}
$log = "系统日志:会员消费【{$total}】元";
if($uid > 0) {
$user = pdo_get('mc_members', array('uniacid' => $_W['uniacid'], 'uid' => $uid));
if(empty($user)) {
message(error(-1, '用户不存在'), '', 'ajax');
}
$user['groupname'] = $_W['account']['groups'][$user['groupid']]['title'];
load()->model('card');
$card = card_setting();
load()->model('card');
$member = pdo_get('mc_card_members', array('uniacid' => $_W['uniacid'], 'uid' => $user['uid']));
if(!empty($card) && $card['status'] == 1 && !empty($member)) {
$user['discount'] = $card['discount'][$user['groupid']];
if(!empty($user['discount']) && !empty($user['discount']['discount'])) {
if($total >= $user['discount']['condition']) {
$log .= ",所在会员组【{$user['groupname']}】,可享受满【{$user['discount']['condition']}】元";
if($card['discount_type'] == 1) {
$log .= "减【{$user['discount']['discount']}】元";
$money = $total - $user['discount']['discount'];
} else {
$discount = $user['discount']['discount'] * 10;
$log .= "打【{$discount}】折";
$money = $total * $user['discount']['discount'];
}
if($money < 0) {
$money = 0;
}
$log .= ",实收金额【{$money}】元";
}
}
$post_money = strval($post['fact_fee']);
if($post_money != $money) {
message(error(-1, '实收金额错误'), '', 'ajax');
}
$post_credit1 = intval($post['credit1']);
if($post_credit1 > 0) {
if($post_credit1 > $user['credit1']) {
message(error(-1, '超过会员账户可用积分'), '', 'ajax');
}
}
$post_offset_money = trim($post['offset_money']);
$offset_money = 0;
if($post_credit1 && $card['offset_rate'] > 0 && $card['offset_max'] >= 0) {
if ($card['offset_max'] == '0') {
$offset_money = $post_credit1/$card['offset_rate'];
} else {
$offset_money = min($card['offset_max'], $post_credit1/$card['offset_rate']);
}
if($offset_money != $post_offset_money) {
message(error(-1, '积分抵消金额错误'), '', 'ajax');
}
$credit1 = $post_credit1;
$log .= ",使用【{$post_credit1}】积分抵消【{$offset_money}】元";
}
}
$credit2 = floatval($post['credit2']);
if($credit2 > 0) {
if($credit2 > $user['credit2']) {
message(error(-1, '超过会员账户可用余额'), '', 'ajax');
}
$log .= ",使用余额支付【{$credit2}】元";
}
} else {
$post['cash'] = $post['fee'];
}
$cash = floatval($post['cash']);
$sum = strval($credit2 + $cash + $offset_money);
$money = strval($money);
if($sum != $money) {
message(error(-1, '支付金额不等于实收金额'), '', 'ajax');
}
$realname = $post['member']['realname'] ? $post['member']['realname'] :$post['member']['realname'];
if($cash <= 0) {
$data = array(
'uniacid' => $_W['uniacid'],
'uid' => $member['uid'],
'status' => 0,
'type' => 'wechat',
'trade_type' => 'micropay',
'fee' => $total,
'final_fee' => $money,
'credit1' => $post_credit1,
'credit1_fee' => $offset_money,
'credit2' => $credit2,
'cash' => $cash,
'body' => $body,
'nickname' => $realname,
'remark' => $log,
'clerk_id' => $_W['user']['clerk_id'],
'store_id' => $_W['user']['store_id'],
'clerk_type' => $_W['user']['clerk_type'],
'createtime' => TIMESTAMP,
'status' => 1,
'paytime' => TIMESTAMP,
'credit_status' => 1,
);
pdo_insert('paycenter_order', $data);
load()->model('mc');
if($post_credit1 > 0) {
$status = mc_credit_update($member['uid'], 'credit1', -$post_credit1, array(0, "会员刷卡消费,使用积分抵现,扣除{$post_credit1积分}", 'system', $_W['user']['clerk_id'], $_W['user']['store_id'], $_W['user']['clerk_type']));
}
if($credit2 > 0) {
$status = mc_credit_update($member['uid'], 'credit2', -$credit2, array(0, "会员刷卡消费,使用余额支付,扣除{$credit2}余额", 'system', $_W['user']['clerk_id'], $_W['user']['store_id'], $_W['user']['clerk_type']));
}
message(error(0, '支付成功'), url('paycenter/wxmicro'), 'ajax');
} else {
$log .= ",使用刷卡支付【{$cash}】元";
if(!empty($_GPC['remark'])) {
$note = "店员备注:{$_GPC['remark']}";
}
$log = $note.$log;
$isexist = pdo_get('paycenter_order', array('uniacid' => $_W['uniacid'], 'auth_code' => $code));
if($isexist) {
message(error(-1, '每个二维码仅限使用一次,请刷新再试'), '', 'ajax');
}
$data = array(
'uniacid' => $_W['uniacid'],
'uid' => $member['uid'],
'status' => 0,
'type' => 'wechat',
'trade_type' => 'micropay',
'fee' => $total,
'final_fee' => $money,
'credit1' => $post_credit1,
'credit1_fee' => $offset_money,
'credit2' => $credit2,
'cash' => $cash,
'remark' => $log,
'body' => $body,
'nickname' => $realname,
'auth_code' => $code,
'clerk_id' => $_W['user']['clerk_id'],
'store_id' => $_W['user']['store_id'],
'clerk_type' => $_W['user']['clerk_type'],
'createtime' => TIMESTAMP,
);
pdo_insert('paycenter_order', $data);
$id = pdo_insertid();
load()->classs('pay');
$pay = Pay::create();
$params = array(
'tid' => $id,
'module' => 'paycenter',
'type' => 'wechat',
'fee' => $cash,
'body' => $body,
'auth_code' => $code,
);
$pid = $pay->buildPayLog($params);
if(is_error($pid)) {
message($pid, '', 'ajax');
}
$log = pdo_get('core_paylog', array('plid' => $pid));
pdo_update('paycenter_order', array('pid' => $pid, 'uniontid' => $log['uniontid']), array('id' => $id));
$data = array(
'out_trade_no' => $log['uniontid'],
'body' => $body,
'total_fee' => $log['fee'] * 100,
'auth_code' => $code,
'uniontid' => $log['uniontid']
);
$result = $pay->buildMicroOrder($data);
if ($result['result_code'] == 'SUCCESS') {
if(is_error($result)) {
message($result, '', 'ajax');
} else {
$status = $pay->NoticeMicroSuccessOrder($result);
if(is_error($status)) {
message($status, '', 'ajax');
}
message(error(0, '支付成功'), url('paycenter/wxmicro'), 'ajax');
}
} else {
message($result, '', 'ajax');
}
}
exit();
}
$paycenter_records = pdo_fetchall("SELECT * FROM " .tablename('paycenter_order') . " WHERE uniacid = :uniacid AND clerk_id = :clerk_id ORDER BY id DESC LIMIT 0,10", array(':uniacid' => $_W['uniacid'], ':clerk_id' => $_W['user']['clerk_id']));
$today_credit_total = pdo_fetchall("SELECT credit2 FROM " . tablename('paycenter_order') . " WHERE uniacid = :uniacid AND clerk_id = :clerk_id AND paytime > :starttime AND paytime < :endtime AND credit2 <> ''", array(':uniacid' => $_W['uniacid'], ':clerk_id' => trim($_W['user']['clerk_id']), ':starttime' => strtotime(date('Ymd')), ':endtime' => time()));
$today_wechat_total = pdo_fetchall("SELECT cash FROM " . tablename('paycenter_order') . " WHERE uniacid = :uniacid AND clerk_id = :clerk_id AND paytime > :starttime AND paytime < :endtime AND cash <> ''", array(':uniacid' => $_W['uniacid'], ':clerk_id' => trim($_W['user']['clerk_id']), ':starttime' => strtotime(date('Ymd')), ':endtime' => time()));
foreach ($today_wechat_total as $val) {
$wechat_total += $val['cash'];
}
foreach ($today_credit_total as $val) {
$credit_total += $val['credit2'];
}
$wechat_total = $wechat_total ? $wechat_total : '0';
$credit_total = $credit_total ? $credit_total : '0';
load()->model('card');
$card_set = card_setting();
$card_params = json_decode($card_set['params'], true);
$grant_rate = $card_set['grant_rate'];
unset($card_set['params'], $card_set['nums'], $card_set['times'], $card_set['business'], $card_set['html'], $card_set['description'], $card_set['card_id']);
$card_set_str = json_encode($card_set);
}
if($do == 'query') {
if($_W['isajax']) {
$post = $_GPC['__input'];
$uniontid = trim($post['uniontid']);
load()->classs('pay');
$pay = Pay::create();
$result = $pay->queryOrder($uniontid, 2);
if(is_error($result)) {
message($result, '', 'ajax');
}
if($result['trade_state'] == 'SUCCESS') {
$status = $pay->NoticeMicroSuccessOrder($result);
if(is_error($status)) {
message($status, '', 'ajax');
}
message(error(0, '支付成功'), '', 'ajax');
}
message(error(-1, '支付失败,当前订单状态:' . $result['trade_state']), '', 'ajax');
}
}
if ($do == 'checkpay') {
if($_W['isajax']) {
$post = $_GPC['__input'];
$uniontid = trim($post['uniontid']);
load()->classs('pay');
$pay = Pay::create();
$result = $pay->queryOrder($uniontid, 2);
if(is_error($result)) {
message($result, '', 'ajax');
}
if($result['trade_state'] == 'SUCCESS') {
$status = $pay->NoticeMicroSuccessOrder($result);
if(is_error($status)) {
message($status, '', 'ajax');
}
message($result, '', 'ajax');
}
message($result, '', 'ajax');
}
}
template('paycenter/wxmicro');

 

5、

微擎SQL注入
微擎/web/source/extension/menu.ctrl.php文件中,对输入参数id未进行严格过滤,导致SQL注入的发生
解决方法:
红色部分为新增的地方
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
<?php
defined('IN_IA') or exit('Access Denied');
$dos = array('display', 'del', 'ajax', 'module', 'view', 'switch', 'del_bind', 'edit-bind');
$do = in_array($do, $dos) ? $do : 'display';
load()->model('frame');
if($do == 'display') {
$menus = frame_lists();
if(checksubmit('submit')) {
foreach($_GPC['id'] as $k => $v) {
$v = intval($v);
$update = array();
$menuid = intval($v);
$k=intval($k);
$title = trim($_GPC['title'][$k]);
$is_system = intval($_GPC['is_system'][$k]);
if($menuid && $title) {
$update = array(
'title' => $title,
'displayorder' => intval($_GPC['displayorder'][$k]),
);
if(!$is_system) {
$update['url'] = trim($_GPC['url'][$k]);
$update['append_title'] = trim($_GPC['append_title'][$k]);
$update['append_url'] = trim($_GPC['append_url'][$k]);
}
pdo_update('core_menu', $update, array('id' => $menuid));
}
}
if(!empty($_GPC['add_parent_name'])) {
$exist_names = array();
foreach($_GPC['add_parent_name'] as $k1 => $v1) {
$insert = array();
$add_parent_title = trim($_GPC['add_parent_title'][$k1]);
$add_parent_name = trim($_GPC['add_parent_name'][$k1]);
$name_exist = pdo_get('core_menu', array('name' => $add_parent_name, 'pid' => 0));
if (!empty($name_exist)) {
$exist_names[] = $add_parent_name;
continue;
}
if($add_parent_title && $add_parent_name) {
$insert = array(
'pid' => 0,
'title' => $add_parent_title,
'name' => $add_parent_name,
'append_title' => trim($_GPC['add_parent_append_title'][$k1]),
'displayorder' => intval($_GPC['add_parent_displayorder'][$k1]),
'is_system' => 0
);
pdo_insert('core_menu', $insert);
}
}
}
if(!empty($_GPC['add_pid'])) {
foreach($_GPC['add_pid'] as $k1 => $v1) {
$insert = array();
$v1 = intval($v1);
$add_title = trim($_GPC['add_title'][$k1]);
$add_name = trim($_GPC['add_name'][$k1]);
if($v1 && $add_title && $add_name) {
$insert = array(
'pid' => $v1,
'title' => $add_title,
'name' => $add_name,
'displayorder' => intval($_GPC['add_displayorder'][$k1]),
'is_system' => 0
);
pdo_insert('core_menu', $insert);
}
}
}
if(!empty($_GPC['add_child_pid'])) {
foreach($_GPC['add_child_pid'] as $k2 => $v2) {
$insert = array();
$v2 = intval($v2);
$add_child_title = trim($_GPC['add_child_title'][$k2]);
$add_child_name = trim($_GPC['add_child_name'][$k2]);
$add_child_url = trim($_GPC['add_child_url'][$k2]);
if($v2 && $add_child_title && $add_child_name && $add_child_url) {
$insert = array(
'pid' => $v2,
'title' => $add_child_title,
'name' => $add_child_name,
'url' => $add_child_url,
'type' => 'url',
'displayorder' => intval($_GPC['add_child_displayorder'][$k2]),
'is_system' => 0,
'permission_name' => trim($_GPC['add_child_permission'][$k2]),
);
$add_child_append_title = trim($_GPC['add_child_append_title'][$k2]);
$add_child_append_url = trim($_GPC['add_child_append_url'][$k2]);
if($add_child_append_title && $add_child_append_url) {
$insert['append_title'] = $add_child_append_title;
$insert['append_url'] = $add_child_append_url;
}
pdo_insert('core_menu', $insert);
}
}
}
if(!empty($_GPC['add_permission_pid'])) {
foreach($_GPC['add_permission_pid'] as $k1 => $v1) {
$insert = array();
$v1 = intval($v1);
$add_permission_title = trim($_GPC['add_permission_title'][$k1]);
$add_permission_name = trim($_GPC['add_permission_name'][$k1]);
$add_permission_flag = trim($_GPC['add_permission_flag'][$k1]);
$isexist = pdo_fetchcolumn('SELECT id FROM ' . tablename('core_menu') . ' WHERE permission_name = :permission_name', array(':permission_name' => $add_permission_name));
if(!empty($isexist)) {
continue;
}
if($v1 && $add_permission_title && $add_permission_name && $add_permission_flag) {
$insert = array(
'pid' => $v1,
'title' => $add_permission_title,
'name' => $add_permission_flag,
'permission_name' => $add_permission_name,
'type' => 'permission',
'displayorder' => intval($_GPC['add_permission_displayorder'][$k1]),
'is_system' => 0,
'is_display' => 0,
);
pdo_insert('core_menu', $insert);
}
}
}
cache_build_frame_menu();
if (!empty($exist_names)) {
$exist_names = implode(',', $exist_names);
message($exist_names."标识已存在", referer(), 'info');
}
message('更新菜单成功', referer(), 'success');
}
template('extension/menu');
}
if($do == 'del') {
$id = intval($_GPC['id']);
$menu= pdo_fetch('SELECT * FROM ' . tablename('core_menu') . ' WHERE id = :id', array(':id' => $id));
if($menu['is_system']) {
message('系统分类不能删除', referer(), 'error');
}
$ids = pdo_fetchall('SELECT id FROM ' . tablename('core_menu') . ' WHERE pid = :id', array(':id' => $id), 'id');
if(!empty($ids)) {
$ids_str = implode(',', array_keys($ids));
pdo_query('DELETE FROM ' . tablename('core_menu') . " WHERE pid IN ({$ids_str})");
pdo_query('DELETE FROM ' . tablename('core_menu') . " WHERE id IN ({$ids_str})");
}
pdo_query('DELETE FROM ' . tablename('core_menu') . " WHERE id = {$id}");
cache_build_frame_menu();
message('删除分类成功', referer(), 'success');
}
if($do == 'ajax') {
$id = intval($_GPC['id']);
$value = intval($_GPC['value']) ? 0 : 1;
pdo_update('core_menu', array('is_display' => $value), array('id' => $id));
cache_build_frame_menu();
exit();
}
if($do == 'module') {
load()->model('module');
if(checksubmit('submit')) {
if(!empty($_GPC['eid'])) {
foreach($_GPC['eid'] as $k => $v) {
$update = array();
$entry = trim($_GPC['entry'][$k]);
if($entry == 'mine') {
$update['url'] = trim($_GPC['url'][$k]);
}
$update['icon'] = empty($_GPC['icon'][$k]) ? 'fa fa-puzzle-piece' : $_GPC['icon'][$k];
$update['displayorder'] = intval($_GPC['displayorder'][$k]);
pdo_update('modules_bindings', $update, array('eid' => intval($v)));
}
}
if(!empty($_GPC['add_title'])) {
foreach($_GPC['add_title'] as $k => $v) {
$title = trim($v);
$url = trim($_GPC['add_url'][$k]);
$m = trim($_GPC['add_module'][$k]);
if(strexists($url, 'http://') || strexists($url, 'https://')) {
if(strexists($url, $_W['siteroot'])) {
$url = './index.php?' . str_replace($_W['siteroot'].'web/index.php?', '', $url);
}
}
$icon = empty($_GPC['add_icon'][$k]) ? 'fa fa-puzzle-piece' : trim($_GPC['add_icon'][$k]);
if($title && $url && $m) {
$data = array();
$data['do'] = '';
$data['module'] = $m;
$data['entry'] = 'mine';
$data['title'] = $title;
$data['url'] = $url;
$data['icon'] = $icon;
$data['displayorder'] = intval($_GPC['add_displayorder'][$k]);
pdo_insert('modules_bindings', $data);
} else {
continue;
}
}
}
message('更新模块菜单成功', 'refresh', 'success');
}
$modules = pdo_fetchall('SELECT mid, name, title FROM ' . tablename('modules') . ' WHERE issystem = 0');
foreach($modules as &$li) {
$li['entry'] = module_entries($li['name'], array('mine', 'menu'));
}
template('extension/module-permission');
}
if($do == 'del_bind') {
$eid = intval($_GPC['eid']);
$permission = intval($_GPC['permission']);
pdo_delete('modules_bindings', array('eid' => $eid, 'entry' => 'mine'));
exit();
}

 

6、
微擎最新版SQL注入
htmlspecialchars_decode 函数对全局过滤gpc产生的 \’ 进行转义,将可控的参数$html的污染值插入数据库后,产生SQL注入漏洞
位置:/web/source/site/editor.ctrl.php
解决方法:
打开“/web/source/site/editor.ctrl.php”文件,从第127行找到“if (!empty($nav)) {”然后在下面加上“$nav[‘id’] = intval($nav[‘id’]);”保存文件去验证一下就OK了。
【小程序源码网资源版权风险说明】:
本站为避免不必要的纷争,分享的所有资源中一切可能有版权风险的资源将全部转载自第三方网站或平台,站长只为大家提供相关资源的介绍和跳转引导。 因可能有疏忽大意,所以如有遗漏资源侵犯了您的合法权利,请联系站长删除。
【小程序源码网资源下载使用说明】:
本站所分享的一切QQ小程序源码,thinkphp整站源码,微信小程序源码,图文教程等资源仅供用户学习参考使用,任何人不得作其他用途,违者自行承担所有责任。
【小程序源码网毫无人看的介绍】:
本站又称Z站,原名贼娘网,开站于2018年,换过三任站长,目前站长是第四任站长,本站是一个主要分享免费开源小程序源码/网站源码/免费素材/教程资源的网站,主要小程序资源有用于学习的小程序源码,也有正版原创可商用的小程序源码,是一个公益博客型网站。
【小程序源码网原创源码版权申明】:
未经小程序源码网许可,任何人不得擅自使用本站原创首发源码进行商业行为(除本站VIP用户在期限内,版权无使用限制),否则将依法承担相应赔偿责任。
【小程序源码网转载文章版权申明】:
本站所转载的QQ小程序或微信小程序源码与其他资源仅供学习,任何人不得作其他用途,违者自行承担所有责任。
【小程序源码网站长最后的屁话】:
如有您认为本站有任何侵犯您合法权益的文章,或者您有什么疑问需求,欢迎联系站长QQ,站长24小时在线,备注公司名称和源码版权问题或者需要小程序定制开发等站长业务类型可急速处理,如果您只是交流小程序的一些开发问题或源码问题可以加入QQ群讨论,就不用加站长啦,对于白嫖党,QQ群才是处理问题的天堂,当然站长也欢迎大家骚扰~
小程序源码网 » 微擎漏洞修复微擎漏洞汇总

发表评论

嘿,投喂下嘛!