fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-01-05 09:41:40 +09:00
Code Issues Projects Releases Packages Wiki Activity

Clean up HTML filtering and emoji encoding #2631

Browse source
This commit is contained in:
Kijin Sung 2025-12-17 17:53:39 +09:00
parent 307661b57b
commit cc17bbe05a
4 changed files with 46 additions and 28 deletions
Download patch file Download diff file Expand all files Collapse all files

22
modules/comment/comment.controller.php
View file

@ -677,23 +677,26 @@ class CommentController extends Comment
}
// if use editor of nohtml, Remove HTML tags from the contents.
if(!$manual_inserted || isset($obj->allow_html) || isset($obj->use_html))
if (!$manual_inserted || isset($obj->allow_html) || isset($obj->use_html))
{
$obj->content = EditorModel::converter($obj, 'comment');
}
// remove iframe and script if not a top administrator on the session.
if($logged_info->is_admin != 'Y')
if ($logged_info->is_admin !== 'Y')
{
$obj->content = removeHackTag($obj->content);
$obj->content = Rhymix\Framework\Filters\HTMLFilter::clean((string)$obj->content);
}
if (config('db.master.charset') !== 'utf8mb4')
{
$obj->content = utf8_mbencode($obj->content);
}
$obj->content = utf8_mbencode($obj->content);
// Set other flags.
if (isset($obj->notify_message) && $obj->notify_message !== 'Y')
{
$obj->notify_message = 'N';
}
if (isset($obj->is_secret) && $obj->is_secret !== 'Y')
{
$obj->is_secret = 'N';
@ -1042,11 +1045,14 @@ class CommentController extends Comment
// remove iframe and script if not a top administrator on the session
$logged_info = Context::get('logged_info');
if($logged_info->is_admin != 'Y')
if ($logged_info->is_admin !== 'Y')
{
$obj->content = removeHackTag($obj->content);
$obj->content = Rhymix\Framework\Filters\HTMLFilter::clean((string)$obj->content);
}
if (config('db.master.charset') !== 'utf8mb4')
{
$obj->content = utf8_mbencode($obj->content);
}
$obj->content = utf8_mbencode($obj->content);
// begin transaction
$oDB = DB::getInstance();