Stcms sql injection and fix-vulnerability warning-the black bar safety net
Any sql statement is executed case 'list': $totalNum = $mysql-numTable"member", $where; $pageNum = 2 0; $totalPage = intval$totalNum/$pageNum == $totalNum/$pageNum ? $totalNum/$pageNum : intval$totalNum/$pageNum+1; $page = $page ? $page : 1; $page = $page$totalPage ? $totalPage : $page; $page =...