From 52a1d1c41a008dc21a011c06846cda22b8acfc58 Mon Sep 17 00:00:00 2001
From: Comsenz <10433182@qq.com>
Date: Fri, 12 Oct 2018 15:13:27 +0800
Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E5=A4=8D=20=E6=8E=92=E8=A1=8C?=
 =?UTF-8?q?=E9=A1=B5=E9=9D=A2XSS=E6=BC=8F=E6=B4=9E?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 upload/source/module/misc/misc_ranklist.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/upload/source/module/misc/misc_ranklist.php b/upload/source/module/misc/misc_ranklist.php
index ec415f1..47a6aaa 100644
--- a/upload/source/module/misc/misc_ranklist.php
+++ b/upload/source/module/misc/misc_ranklist.php
@@ -170,7 +170,7 @@ function getranklist_members($offset = 0, $limit = 20) {
 	$topusers = C::t('home_show')->fetch_all_by_unitprice($offset, $limit, true);
 	foreach($topusers as $member) {
 		$member['avatar'] = avatar($member['uid'], 'small');
-		$member['note'] = dhtmlspecialchars(dhtmlspecialchars($member['note']));
+		$member['note'] = htmlspecialchars(dhtmlspecialchars($member['note']));
 		$members[] = $member;
 	}
 	return $members;