fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-05-01 16:22:41 +09:00
Code Issues Projects Releases Packages Wiki Activity

#66 install php version check

Browse source 
#16 install rewrite module usable check
#48 htmlspecialchars function params add
This commit is contained in:
akasima 2013-11-18 16:54:17 +09:00 committed by bnu
parent 51b6b21cf2
commit 736f382b27
93 changed files with 240 additions and 215 deletions
Download patch file Download diff file Expand all files Collapse all files

2
modules/comment/comment.controller.php
View file

@ -307,7 +307,7 @@ class commentController extends comment
{
if($obj->use_html != 'Y')
{
$obj->content = htmlspecialchars($obj->content);
$obj->content = htmlspecialchars($obj->content, ENT_COMPAT | ENT_HTML401, 'UTF-8', false);
}
$obj->content = nl2br($obj->content);
}

10
modules/comment/comment.item.php
View file

@ -255,7 +255,7 @@ class commentItem extends Object
$url = "http://" . $url;
}
return htmlspecialchars($url);
return htmlspecialchars($url, ENT_COMPAT | ENT_HTML401, 'UTF-8', false);
}
function getMemberSrl()
@ -265,17 +265,17 @@ class commentItem extends Object
function getUserID()
{
return htmlspecialchars($this->get('user_id'));
return htmlspecialchars($this->get('user_id'), ENT_COMPAT | ENT_HTML401, 'UTF-8', false);
}
function getUserName()
{
return htmlspecialchars($this->get('user_name'));
return htmlspecialchars($this->get('user_name'), ENT_COMPAT | ENT_HTML401, 'UTF-8', false);
}
function getNickName()
{
return htmlspecialchars($this->get('nick_name'));
return htmlspecialchars($this->get('nick_name'), ENT_COMPAT | ENT_HTML401, 'UTF-8', false);
}
/**
@ -296,7 +296,7 @@ class commentItem extends Object
return cut_str(strip_tags($content), $strlen, '...');
}
return htmlspecialchars($content);
return htmlspecialchars($content, ENT_COMPAT | ENT_HTML401, 'UTF-8', false);
}
/**

2
modules/comment/tpl/comment_list.html
View file

@ -120,7 +120,7 @@ xe.lang.msg_empty_search_keyword = '{$lang->msg_empty_search_keyword}';
<option value="{$key}" <!--@if($search_target==$key)-->selected="selected"<!--@end-->>{$val}</option>
<!--@end-->
</select>
<input type="search" name="search_keyword" value="{htmlspecialchars($search_keyword)}" />
<input type="search" name="search_keyword" value="{htmlspecialchars($search_keyword, ENT_COMPAT | ENT_HTML401, 'UTF-8', false)}" />
<button type="submit" class="x_btn x_btn-inverse">{$lang->cmd_search}</button>
<a href="{getUrl('','module',$module,'act',$act)}" class="x_btn">{$lang->cmd_cancel}</a>
</form>