我正在运行针对我的PHP代码的漏洞软件,并且它对此页面非常着迷,这是一个更新购物车页面。它相当直接,只是检查优惠券代码,我认为相当封锁,但它声称它是一个XSS永久跨站点脚本漏洞。
任何人都可以告知它是否存在,我已经看了很久了,改变了一些没有成功的事情,我现在已经失去了代码,看不出我是否错过了任何东西
干杯
<?php
include_once ('db_access.php');
require_once ('htmlpurifier.standalone.php');
$config = HTMLPurifier_Config::createDefault();
$config->set('Cache.DefinitionImpl', null); // Disable caching of HTML Purifier
$purifier = new HTMLPurifier($config);
$coupon_data = get_coupon(); // Get Coupon details
session_start();
unset ($_SESSION['coupon']);
if (isset($_SESSION['cart'])) {
foreach($_SESSION['cart'] as $id => $qty)
{
$clean_id = $purifier->purify($_POST[$id]); // id passed from form
if($clean_id <= '0') // Down to Quantity zero so remove from cart
{
unset($_SESSION['cart'][$id]); // Clear Cart
unset($_SESSION['coupon']); // Clear Coupon
unset($_SESSION['msg_'.$id]); // Clear Custom Message
} else {
if (is_numeric($clean_id)) {
$coupon = $purifier->purify($_POST['coupon']); // Coupon code as entered
$_SESSION['cart'][$id] = $clean_id; // Quantity
$coupon = strtoupper($coupon); // Coupon Code from form
$known_disc_coupon = strtoupper($coupon_data['0']['coupon_name']); // Discount coupon
$known_del_coupon = strtoupper($coupon_data['1']['coupon_name']); // Delivery coupon
if (( $coupon_data['0']['enabled'] == '1') && ($coupon == $known_disc_coupon)) { ## Coupon for discount is enabled
$_SESSION['coupon'] = 'DISCOUNT';
}
if (( $coupon_data['1']['enabled'] == '1') && ($coupon == $known_del_coupon)) { ## Coupon for delivery is enabled
$_SESSION['coupon'] = 'DELIVERY';
}
}
}
}
}
if (!empty($_SERVER['HTTP_REFERER'])) {
$mysource = $_SERVER['HTTP_REFERER'];
header('Location:' . $mysource);
exit;
} else {
header('Location:index.php');
exit;
}
?>