From c95dd4f629901e0ec456861575093e8c66e6e8de Mon Sep 17 00:00:00 2001
From: tianya <yanghuxiao@vip.qq.com>
Date: Thu, 24 Nov 2022 21:27:51 +0800
Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E5=A4=8D=E6=98=BE=E7=A4=BA=E9=94=99?=
 =?UTF-8?q?=E8=AF=AF?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 src/admin/article_edit.php            | 2 +-
 src/system/archive/archives.class.php | 2 +-
 src/system/filter.inc.php             | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/admin/article_edit.php b/src/admin/article_edit.php
index 8c6d3ad3..0c10e14d 100644
--- a/src/admin/article_edit.php
+++ b/src/admin/article_edit.php
@@ -135,7 +135,7 @@ else if ($dopost == 'save') {
     //跳转网址的文档强制为动态
     if (preg_match("#j#", $flag)) $ismake = -1;
     //更新数据库的SQL语句
-    $query = "UPDATE `#@__archives` SET typeid='$typeid',typeid2='$typeid2',sortrank='$sortrank',flag='$flag',click='$click',ismake='$ismake',arcrank='$arcrank',money='$money',title='$title',color='$color',writer='$writer',source='$source',litpic='$litpic',pubdate='$pubdate',notpost='$notpost',description='$description',keywords='$keywords',shorttitle='$shorttitle',filename='$filename',dutyadmin='$adminid',weight='$weight'WHERE id='$id'; ";
+    $query = "UPDATE `#@__archives` SET typeid='$typeid',typeid2='$typeid2',sortrank='$sortrank',flag='$flag',click='$click',ismake='$ismake',arcrank='$arcrank',money='$money',title='$title',color='$color',writer='$writer',source='$source',litpic='$litpic',pubdate='$pubdate',notpost='$notpost',description='$description',keywords='$keywords',shorttitle='$shorttitle',filename='$filename',dutyadmin='$adminid',weight='$weight' WHERE id='$id'; ";
     if (!$dsql->ExecuteNoneQuery($query)) {
         ShowMsg('数据保存到数据库主表`#@__archives`时出错，请检查数据库字段', -1);
         exit();
diff --git a/src/system/archive/archives.class.php b/src/system/archive/archives.class.php
index ffd018f4..b293baf1 100755
--- a/src/system/archive/archives.class.php
+++ b/src/system/archive/archives.class.php
@@ -149,7 +149,7 @@ class Archives
                 $this->Fields['filename'] = '';
             }
             if (is_array($row)) {
-                foreach ($row as $k => $v) $row[strtolower($k)] = $v;
+                foreach ($row as $k => $v) $row[strtolower($k)] = stripcslashes($v);
             }
             if (is_array($this->ChannelUnit->ChannelFields) && !empty($this->ChannelUnit->ChannelFields)) {
                 foreach ($this->ChannelUnit->ChannelFields as $k => $arr) {
diff --git a/src/system/filter.inc.php b/src/system/filter.inc.php
index 51f24851..884ae31a 100755
--- a/src/system/filter.inc.php
+++ b/src/system/filter.inc.php
@@ -33,7 +33,7 @@ function _FilterAll($fk, &$svar)
             $svar = preg_replace('/'.$cfg_replacestr.'/i', "***", $svar);
         }
     }
-    return addslashes($svar);
+    return $svar;
 }
 /* 对_GET,_POST,_COOKIE进行过滤 */
 foreach (array('_GET', '_POST', '_COOKIE') as $_request) {