그누보드 5.0.37 수정내역 적용 및 XSS 취약점 수정
This commit is contained in:
chicpro
@ -2881,7 +2881,7 @@ function clean_query_string($query, $amp=true)
|
||||
$q = array();
|
||||
|
||||
foreach($out as $key=>$val) {
|
||||
$key = trim($key);
|
||||
$key = strip_tags(trim($key));
|
||||
$val = trim($val);
|
||||
|
||||
switch($key) {
|
||||
@ -2953,4 +2953,38 @@ function clean_query_string($query, $amp=true)
|
||||
|
||||
return $str;
|
||||
}
|
||||
|
||||
function get_device_change_url()
|
||||
{
|
||||
$p = parse_url(G5_URL);
|
||||
$href = $p['scheme'].'://'.$p['host'];
|
||||
if(isset($p['port']) && $p['port'])
|
||||
$href .= ':'.$p['port'];
|
||||
$href .= $_SERVER['SCRIPT_NAME'];
|
||||
|
||||
$q = array();
|
||||
$device = 'device='.(G5_IS_MOBILE ? 'pc' : 'mobile');
|
||||
|
||||
if($_SERVER['QUERY_STRING']) {
|
||||
foreach($_GET as $key=>$val) {
|
||||
if($key == 'device')
|
||||
continue;
|
||||
|
||||
$key = strip_tags($key);
|
||||
$val = strip_tags($val);
|
||||
|
||||
if($key && $val)
|
||||
$q[$key] = $val;
|
||||
}
|
||||
}
|
||||
|
||||
if(!empty($q)) {
|
||||
$query = http_build_query($q, '', '&');
|
||||
$href .= '?'.$query.'&'.$device;
|
||||
} else {
|
||||
$href .= '?'.$device;
|
||||
}
|
||||
|
||||
return $href;
|
||||
}
|
||||
?>
|
||||
Reference in New Issue
Block a user