当用户在重播时引用某些其他用户的重播时,将删除引用的重播格式。我搜索了互联网,发现它可能是一个XSS过滤器问题。因为它取代了定义的符号。
这里是我在编辑器类文件中的一些代码:
function divFormat($topicMessage)
{
global $DataBase, $DBMemberFormat, $QuickReply, $QuickReplyMsg;
// serach filtre name
$topicMessage = strip_filtername(5, $topicMessage);
// send the format where quick
$FormatMember = !$QuickReply && !$QuickReplyMsg ? $this->EditorElements[format] : $DBMemberFormat;
// strip the bouteme
$Format = preg_replace("#PADDING-LEFT:(.*?)FONT-FAMILY#si", "FONT-FAMILY", $FormatMember);
// strip len
$topicMessage = ($QuickReply || $QuickReplyMsg ? strip_scriptXSS($topicMessage) : $topicMessage);
// insert the format div
$topicMessage = '<DIV style=\"' . $Format . '\">' . $topicMessage . '</DIV>';
if (isset($_POST['q_reply'] ) and $_POST['q_reply'] == 'quickreply'){
$topicMessage = html_entity_decode($topicMessage);
$topicMessage = " ".$topicMessage;
$topicMessage = eregi_replace('(((f|ht){1}tp://)[-a-zA-Z0-9@:%_\+.~#?&//=]+)',
'<a target="_blank" href="\\1">\\1</a>', $topicMessage);
$topicMessage = eregi_replace('(((f|ht){1}tps://)[-a-zA-Z0-9@:%_\+.~#?&//=]+)',
'<a target="_blank" href="\\1">\\1</a>', $topicMessage);
$topicMessage = eregi_replace('([[:space:]()[{}])(www.[-a-zA-Z0-9@:%_\+.~#?&//=]+)',
'\\1 <a target="_blank" href="http://\\2">\\2</a> ', $topicMessage);
}
// return the value true
return addslashes($topicMessage);
}