discuzx2.5任务系统刷分漏洞详细修复教程

discuzx2.5任务系统刷分漏洞详细修复教程，虽然网上已有相关解决方法，不过对于用工具无限制刷分的问题还是没法完全解决，官方也没有出具体方案，魔客吧在这里给大家整理出一套完整的修复方案，如下：

文件路径

source/module/home/home_task.php

source/class/class_task.php

将

home_task.php 中的

$result = $tasklib->delete($id);

showmessage('task_deleted', 'home.php?mod=task&item=doing');

替换成

if(!$_G['uid']) {

showmessage('not_loggedin', NULL, array(), array('login' => 1));

}

$task = C::t('common_task')->fetch($id);

if($task['available'] != 2) {

showmessage('task_nonexistence');

} elseif(($task['starttime'] && $task['starttime'] > TIMESTAMP) || ($task['endtime'] && $task['endtime'] <= TIMESTAMP)) {

showmessage('task_offline');

}elseif($task['tasklimits'] && $task['achievers'] >= $task['tasklimits']) {

showmessage('task_full');

}

$mytask = DB::fetch_first("SELECT *, dateline AS applytime FROM %t where uid=%d AND taskid=".$id,

array( 'common_mytask', $_G['uid']));

if(!$mytask || $mytask['status']!=0){

showmessage('task_not_underway');

}else{

$task['applytime'] = $mytask['applytime'];

}

require_once libfile('task/'.$task['scriptname'], 'class');

$taskclassname = 'task_'.$task['scriptname'];

$task_class = new $taskclassname;

if(method_exists($task_class, 'csc')) {

$result = $task_class->csc($task);

} else {

showmessage('task_not_found', '', array('taskclassname' => $taskclassname));

}

if($result === TRUE || $result['csc']) {

showmessage('task_doing', 'home.php?mod=task&do=view&id='.$id);

} else {

$result = $tasklib->delete($id);

showmessage('task_deleted', 'home.php?mod=task&item=doing');

}

class_task.php中

343行

} elseif($this->task['status'] != 0 ) {

替换成

} elseif($this->task['status'] != 0 || !$this->task['dateline']) {