refactor(web/user/info): drop DOMPurify

2024-11-09 23:48:41 +00:00 · 2022-10-08 19:38:50 +08:00 · 2022-10-08 19:38:50 +08:00 · 8b97bdf55e
commit 8b97bdf55e
parent 1383580a8b
2 changed files with 4 additions and 10 deletions
--- a/web/app/controllers/user_info.php
+++ b/web/app/controllers/user_info.php
@ -59,11 +59,7 @@
 					</div>
 					<div class="list-group-item">
 						<h4 class="list-group-item-heading"><?= UOJLocale::get('motto') ?></h4>
-						<?php $motto_id = uniqid("motto-{$user['username']}-"); ?>
-						<p class="list-group-item-text" id="<?= $motto_id ?>"></p>
-						<script type="text/javascript">
-							$(function() { $('#<?= $motto_id ?>').html(DOMPurify.sanitize('<?= addslashes($user['motto']) ?>', <?= DOM_SANITIZE_CONFIG ?>)); });
-						</script>
+						<div class="list-group-item-text"><?= HTML::pruifier()->purify($user['motto']) ?></div>
 					</div>
 					
 					<?php if (isSuperUser($myUser)): ?>
--- a/web/app/views/user-info.php
+++ b/web/app/views/user-info.php
@ -81,11 +81,9 @@ function fTime($time, $gran = -1) {
 					<?php endif ?>
 					</span>
 				</h3>
-				<?php $motto_id = uniqid("motto-{$user['username']}-"); ?>
-				<div class="card-text" id="<?= $motto_id ?>"></div>
-				<script type="text/javascript">
-					$(function() { $('#<?= $motto_id ?>').html(DOMPurify.sanitize(decodeURIComponent("<?= rawurlencode($user['motto']) ?>"), <?= DOM_SANITIZE_CONFIG ?>)); });
-				</script>
+				<div class="card-text">
+					<?= HTML::pruifier()->purify($user['motto']) ?>
+				</div>
 			</div>
 			<ul class="list-group list-group-flush">
 				<?php if ($user['realname']): ?>