安全更新
重要度:高!
更新文件涉及 private.php; functions_codeprase.php; functions_post.php
文件修正:
1. 打开 private.php 文件
查找 467 行:
$pm['message'] = $forums->func->unhtmlspecialchars($pm['message']);
删除本行。
2. 打开functions_post.php 文件:
查找 99 行:
$_POST['post'] = $this->parser->convert( array( 'text' => $forums->func->stripslashes_uni($_POST['post']),
'allowsmilies' => $_INPUT['allowsmile'],
'allowcode' => $this->forum['allowbbcode'],
'allowhtml' => $this->forum['allowhtml']
) );
替换为:
$_POST['post'] = $this->parser->convert( array( 'text' => $forums->func->stripslashes_uni($_POST['post']),
'allowsmilies' => $_INPUT['allowsmile'],
'allowcode' => $this->forum['allowbbcode'],
'allowhtml' => $this->forum['allowhtml'],
'usewysiwyg' => $bbuserinfo['usewysiwyg']
) );
查找 232 行:
'pagetext' => $this->parser->convert( array( 'text' => $forums->func->stripslashes_uni($post),
'allowsmilies' => $_INPUT['allowsmile'],
'allowcode' => $this->forum['allowbbcode'],
'allowhtml' => $this->forum['allowhtml']
) ),
替换为:
'pagetext' => $this->parser->convert( array( 'text' => $forums->func->stripslashes_uni($post),
'allowsmilies' => $_INPUT['allowsmile'],
'allowcode' => $this->forum['allowbbcode'],
'allowhtml' => $this->forum['allowhtml'],
'usewysiwyg' => $bbuserinfo['usewysiwyg']
) ),
2. 打开functions_codeparse.php 文件:
查找 75 行:
function convert($in=array( 'text' => "", 'allowsmilies' => 0, 'allowcode' => 0, 'allowhtml' => 0))
替换为:
function convert($in=array( 'text' => "", 'allowsmilies' => 0, 'allowcode' => 0, 'allowhtml' => 0, 'usewysiwyg' => 0))
查找 80 行:
if ($bbuserinfo['usewysiwyg'] AND !$forums->changeeditor) {
替换为:
if ($in['usewysiwyg'] AND !$forums->changeeditor) {
最新文件包已同步更新