fix: title escape

This commit is contained in:
Baoshuo Ren 2023-02-14 18:52:31 +08:00
parent 1c2ac53a62
commit 45af08923c
Signed by: baoshuo
GPG Key ID: 00CB9680AB29F51A
5 changed files with 150 additions and 163 deletions

View File

@ -5,9 +5,7 @@ Auth::check() || redirectToLogin();
UOJContest::userCanCreateContest(Auth::user()) || UOJResponse::page403();
$time_form = new UOJForm('time');
$time_form->addInput(
'name',
[
$time_form->addInput('name', [
'label' => UOJLocale::get('contests::contest name'),
'default_value' => 'New Contest',
'validator_php' => function ($name, &$vdata) {
@ -20,7 +18,6 @@ $time_form->addInput(
}
$name = HTML::escape($name);
if ($name === '') {
return '无效编码';
}
@ -29,11 +26,8 @@ $time_form->addInput(
return '';
},
]
);
$time_form->addInput(
'start_time',
[
]);
$time_form->addInput('start_time', [
'div_class' => 'mt-2',
'label' => UOJLocale::get('contests::start time'),
'default_value' => UOJTime::$time_now_str,
@ -46,11 +40,8 @@ $time_form->addInput(
return '';
},
]
);
$time_form->addInput(
'last_min',
[
]);
$time_form->addInput('last_min', [
'div_class' => 'mt-2',
'label' => UOJLocale::get('contests::duration'),
'default_value' => '180',
@ -64,8 +55,7 @@ $time_form->addInput(
return '';
},
]
);
]);
$time_form->handle = function (&$vdata) {
$start_time_str = $vdata['start_time']->format('Y-m-d H:i:s');

View File

@ -37,11 +37,9 @@ if (!isset($tabs_info[$cur_tab])) {
if ($cur_tab == 'profile') {
$profile_form = new UOJForm('time');
$profile_form->addInput(
'name',
[
$profile_form->addInput('name', [
'label' => '比赛标题',
'default_value' => UOJContest::info('name'),
'default_value' => HTML::unescape(UOJContest::info('name')),
'validator_php' => function ($name, &$vdata) {
if ($name == '') {
return '标题不能为空';
@ -61,11 +59,8 @@ if ($cur_tab == 'profile') {
return '';
},
],
);
$profile_form->addInput(
'start_time',
[
]);
$profile_form->addInput('start_time', [
'div_class' => 'mt-3',
'label' => '开始时间',
'default_value' => UOJContest::info('start_time_str'),
@ -77,11 +72,8 @@ if ($cur_tab == 'profile') {
}
return '';
},
]
);
$profile_form->addInput(
'last_min',
[
]);
$profile_form->addInput('last_min', [
'div_class' => 'mt-3',
'label' => '时长',
'help' => '单位为分钟。',
@ -93,8 +85,7 @@ if ($cur_tab == 'profile') {
$vdata['last_min'] = $last_min;
return '';
},
]
);
]);
$profile_form->handle = function (&$vdata) {
DB::update([
"update contests",
@ -163,9 +154,7 @@ EOD);
}
$add_problem_form = new UOJForm('add_problem');
$add_problem_form->addInput(
'problem_id',
[
$add_problem_form->addInput('problem_id', [
'label' => '题目 ID',
'validator_php' => function ($problem_id, &$vdata) {
$problem = UOJProblem::query($problem_id);
@ -185,8 +174,7 @@ EOD);
return '';
},
]
);
]);
$add_problem_form->addSelect('judge_config', [
'div_class' => 'mt-3',
'label' => '评测设置',

View File

@ -32,7 +32,7 @@ if ($cur_tab == 'profile') {
$update_profile_form = new UOJForm('update_profile');
$update_profile_form->addInput('name', [
'label' => '名称',
'default_value' => UOJGroup::info('title'),
'default_value' => HTML::unescape(UOJGroup::info('title')),
'validator_php' => function ($title, &$vdata) {
if ($title == '') {
return '名称不能为空';

View File

@ -26,7 +26,7 @@ if ($cur_tab == 'profile') {
$update_profile_form = new UOJForm('update_profile');
$update_profile_form->addInput('name', [
'label' => '标题',
'default_value' => UOJList::info('title'),
'default_value' => HTML::unescape(UOJList::info('title')),
'validator_php' => function ($title, &$vdata) {
if ($title == '') {
return '标题不能为空';

View File

@ -11,6 +11,15 @@ class HTML {
return htmlspecialchars($str);
}
}
public static function unescape(?string $str) {
if ($str === null) {
return '';
} else {
return htmlspecialchars_decode($str);
}
}
public static function stripTags($str) {
return strip_tags($str);
}