fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-05-04 17:44:38 +09:00
Code Issues Projects Releases Packages Wiki Activity

prevent xss

Browse source
This commit is contained in:
conory 2017-04-11 14:42:56 +09:00
parent 4e157c9ec0
commit 9026f9df8a
1 changed files with 11 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

14
modules/document/document.view.php
View file

@ -56,11 +56,19 @@ class documentView extends document
*/ */
function dispDocumentPreview() function dispDocumentPreview()
{ {
Context::set('layout','none'); if(Context::getRequestMethod() == 'GET')
{
$content = Context::get('content'); return new Object(-1, 'msg_invalid_request');
}
if(Context::get('logged_info')->is_admin != 'Y')
{
Context::set('content', removeHackTag(Context::get('content')));
}
$this->setTemplatePath($this->module_path.'tpl'); $this->setTemplatePath($this->module_path.'tpl');
$this->setTemplateFile('preview_page'); $this->setTemplateFile('preview_page');
Context::set('layout', 'none');
} }
/** /**