From e14008ca029d644e2486873fa22629a1d62a7380 Mon Sep 17 00:00:00 2001
From: Karson <karsonzhang@163.com>
Date: Fri, 27 Dec 2019 12:09:20 +0800
Subject: [PATCH] 修复邮箱验证码错误 修复排序表名安全检测 修复Selectpage编辑时分页大小错误

---
 application/admin/controller/Ajax.php     | 13 ++++++++++---
 application/common/controller/Backend.php |  1 +
 application/index/controller/User.php     |  2 +-
 3 files changed, 12 insertions(+), 4 deletions(-)

diff --git a/application/admin/controller/Ajax.php b/application/admin/controller/Ajax.php
index 3ec4a12..5b9ac59 100644
--- a/application/admin/controller/Ajax.php
+++ b/application/admin/controller/Ajax.php
@@ -9,6 +9,7 @@ use think\Cache;
 use think\Config;
 use think\Db;
 use think\Lang;
+use think\Validate;
 
 /**
  * Ajax异步请求接口
@@ -155,6 +156,9 @@ class Ajax extends Backend
         $field = $this->request->post("field");
         //操作的数据表
         $table = $this->request->post("table");
+        if (!Validate::is($table, "alphaDash")) {
+            $this->error();
+        }
         //主键
         $pk = $this->request->post("pk");
         //排序的方式
@@ -214,16 +218,19 @@ class Ajax extends Backend
             case 'content':
                 rmdirs(CACHE_PATH, false);
                 Cache::clear();
-                if ($type == 'content')
+                if ($type == 'content') {
                     break;
+                }
             case 'template':
                 rmdirs(TEMP_PATH, false);
-                if ($type == 'template')
+                if ($type == 'template') {
                     break;
+                }
             case 'addons':
                 Service::refresh();
-                if ($type == 'addons')
+                if ($type == 'addons') {
                     break;
+                }
         }
 
         \think\Hook::listen("wipecache_after");
diff --git a/application/common/controller/Backend.php b/application/common/controller/Backend.php
index 8e3474b..896e0ae 100644
--- a/application/common/controller/Backend.php
+++ b/application/common/controller/Backend.php
@@ -451,6 +451,7 @@ class Backend extends Controller
         //如果有primaryvalue,说明当前是初始化传值
         if ($primaryvalue !== null) {
             $where = [$primarykey => ['in', $primaryvalue]];
+            $pagesize = null;
         } else {
             $where = function ($query) use ($word, $andor, $field, $searchfield, $custom) {
                 $logic = $andor == 'AND' ? '&' : '|';
diff --git a/application/index/controller/User.php b/application/index/controller/User.php
index 46bc2c6..2f1dc83 100644
--- a/application/index/controller/User.php
+++ b/application/index/controller/User.php
@@ -119,7 +119,7 @@ class User extends Frontend
                 if ($captchaType == 'mobile') {
                     $captchaResult = Sms::check($mobile, $captcha, 'register');
                 } elseif ($captchaType == 'email') {
-                    $captchaResult = Ems::check($mobile, $captcha, 'register');
+                    $captchaResult = Ems::check($email, $captcha, 'register');
                 } elseif ($captchaType == 'wechat') {
                     $captchaResult = WechatCaptcha::check($captcha, 'register');
                 } elseif ($captchaType == 'text') {
--
libgit2 0.24.0