修改responsive_lovestu模板，去掉viewquestionanswer.php文件中可能对问题详情页面造成xss攻击得代码

9648880a · huangxuan258 · 9efe5189 · 9648880a
隐藏空白更改
内联并排

Showing with 2 addition and 2 deletion

application/views/responsive_lovestu/viewquestionanswer.php application/views/responsive_lovestu/viewquestionanswer.php +2 -2

未找到文件。
--- a/application/views/responsive_lovestu/viewquestionanswer.php
+++ b/application/views/responsive_lovestu/viewquestionanswer.php
@@ -79,7 +79,7 @@
        </div>
        <div class="detail-body photos">
         {template question_content_header}
-         {eval echo clearlinkref(htmlspecialchars_decode($question['description']));}
+         {eval echo $question['description'];}
         {template question_content_footer}
        </div>
      </div>
@@ -128,7 +128,7 @@

            </div>
            <div class="detail-body jieda-body photos">
-              <p>          {eval    echo clearlinkref(htmlspecialchars_decode(replacewords($useranswer['content'])));    }</p>
+              <p>          {eval    echo replacewords($useranswer['content']);    }</p>
             <div class="appendcontent">
                                <!--{loop $useranswer['appends'] $append}-->
                                <div class="appendbox">