baoshuo/S2OJ
baoshuo/S2OJ
1
1
Fork 0
mirror of https://github.com/renbaoshuo/S2OJ.git synced 2025-02-17 02:26:42 +00:00
Code Issues Actions Packages Releases Activity

refactor(web/user/info): drop DOMPurify

Browse Source
This commit is contained in:
Baoshuo Ren 2022-10-08 19:38:50 +08:00
parent 1383580a8b
commit 8b97bdf55e
Signed by: baoshuo
GPG Key ID: 00CB9680AB29F51A
2 changed files with 4 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
web/app/controllers/user_info.php
View File

@ -59,11 +59,7 @@
</div> </div>
<div class="list-group-item"> <div class="list-group-item">
<h4 class="list-group-item-heading"><?= UOJLocale::get('motto') ?></h4> <h4 class="list-group-item-heading"><?= UOJLocale::get('motto') ?></h4>
<?php $motto_id = uniqid("motto-{$user['username']}-"); ?> <div class="list-group-item-text"><?= HTML::pruifier()->purify($user['motto']) ?></div>
<p class="list-group-item-text" id="<?= $motto_id ?>"></p>
<script type="text/javascript">
$(function() { $('#<?= $motto_id ?>').html(DOMPurify.sanitize('<?= addslashes($user['motto']) ?>', <?= DOM_SANITIZE_CONFIG ?>)); });
</script>
</div> </div>
<?php if (isSuperUser($myUser)): ?> <?php if (isSuperUser($myUser)): ?>

8
web/app/views/user-info.php
View File

@ -81,11 +81,9 @@ function fTime($time, $gran = -1) {
<?php endif ?> <?php endif ?>
</span> </span>
</h3> </h3>
<?php $motto_id = uniqid("motto-{$user['username']}-"); ?> <div class="card-text">
<div class="card-text" id="<?= $motto_id ?>"></div> <?= HTML::pruifier()->purify($user['motto']) ?>
<script type="text/javascript"> </div>
$(function() { $('#<?= $motto_id ?>').html(DOMPurify.sanitize(decodeURIComponent("<?= rawurlencode($user['motto']) ?>"), <?= DOM_SANITIZE_CONFIG ?>)); });
</script>
</div> </div>
<ul class="list-group list-group-flush"> <ul class="list-group list-group-flush">
<?php if ($user['realname']): ?> <?php if ($user['realname']): ?>