WindyMadman/dzzoffice
1
0
Fork 0
mirror of https://github.com/zyx0814/dzzoffice.git synced 2025-01-08 11:57:57 +08:00
Code Issues Packages Projects Releases Wiki Activity

过滤输入参数,防止XSS攻击

Browse Source
This commit is contained in:
zyx0814 2024-10-24 11:45:12 +08:00
parent 17f416005c
commit 5404f19431
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
dzz/system/orgtree.php
View File

@ -14,7 +14,7 @@ Hook::listen('check_login');
include_once libfile('function/organization'); include_once libfile('function/organization');
$ismobile=helper_browser::ismobile(); $ismobile=helper_browser::ismobile();
$uid =isset($_GET['uid'])?intval($_GET['uid']):$_G['uid']; $uid =isset($_GET['uid'])?intval($_GET['uid']):$_G['uid'];
$zero=$_GET['zero']?urldecode($_GET['zero']):lang('no_institution_users'); $zero=$_GET['zero']?htmlspecialchars($_GET['zero']):lang('no_institution_users');
$limit=1000; $limit=1000;
if($_GET['do']=='orgtree'){ if($_GET['do']=='orgtree'){