diff --git a/src/user/config.php b/src/user/config.php index 1a47e625..ccd5425b 100755 --- a/src/user/config.php +++ b/src/user/config.php @@ -21,56 +21,15 @@ function XSSClean($val) } return $val; } - $val = preg_replace('/([\x00-\x08,\x0b-\x0c,\x0e-\x19])/','', $val); - $search = 'abcdefghijklmnopqrstuvwxyz'; - $search .= 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'; - $search .= '1234567890!@#$%^&*()'; - $search .= '~`";:?+/={}[]-_|\'\\'; - for ($i = 0; $i < strlen($search); $i++) { - $val = preg_replace('/(&#[xX]0{0,8}'.dechex(ord($search[$i])).';?)/i', $search[$i], $val); //with a ; - $val = preg_replace('/(�{0,8}'.ord($search[$i]).';?)/', $search[$i], $val); //with a ; - } - $val = str_replace("`", "‘", $val); - $val = str_replace("'", "‘", $val); - $val = str_replace("\"", "“", $val); - $val = str_replace(",", ",", $val); - $val = str_replace("(", "(", $val); - $val = str_replace(")", ")", $val); - $ra1 = array('javascript','vbscript','expression','applet','meta','xml','blink','link','style','script','embed','object','iframe','frame','frameset','ilayer','layer','bgsound','title','base'); - $ra2 = array('onabort','onactivate','onafterprint','onafterupdate','onbeforeactivate','onbeforecopy','onbeforecut','onbeforedeactivate','onbeforeeditfocus','onbeforepaste','onbeforeprint','onbeforeunload','onbeforeupdate','onblur','onbounce','oncellchange','onchange','onclick','oncontrolselect','oncopy','oncut','ondataavailable','ondatasetchanged','ondatasetcomplete','ondblclick','ondeactivate','ondrag','ondragend','ondragenter','ondragleave','ondragover','ondragstart','ondrop','onerror','onerrorupdate','onfilterchange','onfinish','onfocus','onfocusin','onfocusout','onhelp','onkeydown','onkeypress','onkeyup','onlayoutcomplete','onload','onlosecapture','onmousedown','onmouseenter','onmouseleave','onmousemove','onmouseout','onmouseover','onmouseup','onmousewheel','onmove','onmoveend','onmovestart','onpaste','onpropertychange','onreadystatechange','onreset','onresize','onresizeend','onresizestart','onrowenter','onrowexit','onrowsdelete','onrowsinserted','onscroll','onselect','onselectionchange','onselectstart','onstart','onstop','onsubmit','onunload'); - $ra = array_merge($ra1, $ra2); - $found = true; - while ($found == true) { - $val_before = $val; - for ($i = 0; $i < sizeof($ra); $i++) { - $pattern = '/'; - for ($j = 0; $j < strlen($ra[$i]); $j++) { - if ($j > 0) { - $pattern .= '('; - $pattern .= '(&#[xX]0{0,8}([9ab]);)'; - $pattern .= '|'; - $pattern .= '|(�{0,8}([9|10|13]);)'; - $pattern .= ')*'; - } - $pattern .= $ra[$i][$j]; - } - $pattern .= '/i'; - $replacement = substr($ra[$i], 0, 2).''.substr($ra[$i], 2); - $val = preg_replace($pattern, $replacement, $val); - if ($val_before == $val) { - $found = false; - } - } - } if ($cfg_soft_lang == 'gb2312') utf82gb($val); - return $val; + return RemoveXss($val); } $_GET = XSSClean($_GET); $_POST = XSSClean($_POST); $_REQUEST = XSSClean($_REQUEST); $_COOKIE = XSSClean($_COOKIE); require_once(dirname(__FILE__).'/../system/common.inc.php'); -//require_once(DEDEINC.'/filter.inc.php'); +require_once(DEDEINC.'/filter.inc.php'); require_once(DEDEINC.'/memberlogin.class.php'); require_once(DEDEINC.'/dedetemplate.class.php'); //检查CSRF