mirror of
https://github.com/renbaoshuo/S2OJ.git
synced 2024-12-24 05:41:52 +00:00
feat: html tags in user motto
This commit is contained in:
parent
bbe8110120
commit
5348d056f7
@ -14,7 +14,7 @@
|
||||
<?php if (validateUsername($username) && ($user = queryUser($username))): ?>
|
||||
<?php echoUOJPageHeader($user['username'] . ' - ' . UOJLocale::get('user profile')) ?>
|
||||
<?php
|
||||
$esc_email = HTML::escape($user['email']);
|
||||
$esc_email = HTML::escape($user['email']);
|
||||
$esc_qq = HTML::escape($user['qq'] != 0 ? $user['qq'] : 'Unfilled');
|
||||
$esc_sex = HTML::escape($user['sex']);
|
||||
$col_sex="color:blue";
|
||||
@ -28,7 +28,7 @@
|
||||
$esc_sex="";
|
||||
$col_sex="color:black";
|
||||
}
|
||||
$esc_motto = HTML::escape($user['motto']);
|
||||
$motto = addslashes($user['motto']);
|
||||
?>
|
||||
<div class="card border-info">
|
||||
<h5 class="card-header bg-info"><?= UOJLocale::get('user profile') ?></h5>
|
||||
@ -49,9 +49,16 @@
|
||||
<p class="list-group-item-text"><?= $esc_qq ?></p>
|
||||
</div>
|
||||
<div class="list-group-item">
|
||||
<h4 class="list-group-item-heading"><?= UOJLocale::get('motto') ?></h4>
|
||||
<p class="list-group-item-text"><?= $esc_motto ?></p>
|
||||
<h4 class="list-group-item-heading"><?= UOJLocale::get('motto') ?></h4><?php
|
||||
$motto_id = uniqid("motto-{$user['username']}-");
|
||||
$dom_sanitize_config = DOM_SANITIZE_CONFIG;
|
||||
?>
|
||||
<p class="list-group-item-text" id="<?= $motto_id ?>"></p>
|
||||
<script type="text/javascript">
|
||||
$(function() { $('#<?= $motto_id ?>').html(DOMPurify.sanitize('<?= $motto ?>', <?= $dom_sanitize_config ?>)); });
|
||||
</script>
|
||||
</div>
|
||||
|
||||
<?php if (isSuperUser($myUser)): ?>
|
||||
<div class="list-group-item">
|
||||
<h4 class="list-group-item-heading">register time</h4>
|
||||
|
@ -1,5 +1,7 @@
|
||||
<?php
|
||||
|
||||
define('DOM_SANITIZE_CONFIG', "{ALLOWED_TAGS: ['a', 'b', 'i', 'u', 'em', 'strong', 'sub', 'sup', 'small', 'del'], ALLOWED_ATTR: ['href']}");
|
||||
|
||||
function uojHandleAtSign($str, $uri) {
|
||||
$referrers = array();
|
||||
$res = preg_replace_callback('/@(@|[a-zA-Z0-9_]{1,20})/', function($matches) use (&$referrers) {
|
||||
@ -990,7 +992,13 @@ function echoRanklist($config = array()) {
|
||||
echo '<tr>';
|
||||
echo '<td>' . $user['rank'] . '</td>';
|
||||
echo '<td>' . getUserLink($user['username']) . '</td>';
|
||||
echo '<td>' . HTML::escape($user['motto']) . '</td>';
|
||||
$motto_id = uniqid("motto-{$user['username']}-");
|
||||
echo "<td id=\"$motto_id\"></td>";
|
||||
$motto = addslashes($user['motto']);
|
||||
$dom_sanitize_config = DOM_SANITIZE_CONFIG;
|
||||
echo '<script type="text/javascript">';
|
||||
echo "$(function() { $('#$motto_id').html(DOMPurify.sanitize('{$motto}', $dom_sanitize_config)); });";
|
||||
echo '</script>';
|
||||
echo '<td>' . $user['ac_num'] . '</td>';
|
||||
echo '</tr>';
|
||||
|
||||
|
@ -17,7 +17,7 @@ function validateQQ($QQ) {
|
||||
}
|
||||
|
||||
function validateMotto($motto) {
|
||||
return is_string($motto) && ($len = mb_strlen($motto, 'UTF-8')) !== false && $len <= 50;
|
||||
return is_string($motto) && ($len = mb_strlen($motto, 'UTF-8')) !== false && $len <= 1024;
|
||||
}
|
||||
|
||||
function validateUInt($x) { // [0, 1000000000)
|
||||
|
@ -78,6 +78,9 @@
|
||||
<!-- Color converter -->
|
||||
<?= HTML::js_src('/js/color-converter.min.js') ?>
|
||||
|
||||
<!-- DOM Santizer -->
|
||||
<?= HTML::js_src('/js/purify.min.js') ?>
|
||||
|
||||
<!-- uoj -->
|
||||
<?= HTML::js_src('/js/uoj.js?v=2017.01.01') ?>
|
||||
|
||||
|
2
web/js/purify.min.js
vendored
Normal file
2
web/js/purify.min.js
vendored
Normal file
File diff suppressed because one or more lines are too long
@ -232,8 +232,8 @@ function validateQQ(str) {
|
||||
}
|
||||
}
|
||||
function validateMotto(str) {
|
||||
if (str.length > 50) {
|
||||
return '不能超过50字';
|
||||
if (str.length > 1024) {
|
||||
return '不能超过 1024 个字符。';
|
||||
} else {
|
||||
return '';
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user