修复 排行页面XSS漏洞
This commit is contained in:
parent
864c819506
commit
2b5b748b63
|
@ -170,7 +170,7 @@ function getranklist_members($offset = 0, $limit = 20) {
|
|||
$topusers = C::t('home_show')->fetch_all_by_unitprice($offset, $limit, true);
|
||||
foreach($topusers as $member) {
|
||||
$member['avatar'] = avatar($member['uid'], 'small');
|
||||
$member['note'] = dhtmlspecialchars($member['note']);
|
||||
$member['note'] = dhtmlspecialchars(dhtmlspecialchars($member['note']));
|
||||
$members[] = $member;
|
||||
}
|
||||
return $members;
|
||||
|
|
Loading…
Reference in New Issue