From a22b75805b9dfe8243d154606eeaa3733a4831d3 Mon Sep 17 00:00:00 2001
From: sinothk <admin@sinothk.ltd>
Date: Sat, 23 Mar 2024 19:07:01 +0800
Subject: [PATCH 1/3] =?UTF-8?q?=E5=AE=89=E5=85=A8=E4=BF=AE=E5=A4=8D:=20?=
 =?UTF-8?q?=E5=A2=9E=E5=8A=A0=E8=BF=87=E6=BB=A4=E5=8F=82=E6=95=B0=EF=BC=8C?=
 =?UTF-8?q?=E5=9C=A8=E5=BE=88=E5=A4=A7=E7=A8=8B=E5=BA=A6=E4=B8=8A=E9=98=B2?=
 =?UTF-8?q?=E6=AD=A2xss=E6=94=BB=E5=87=BB?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 app/common.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/common.php b/app/common.php
index 0bf5898..b23e4d1 100644
--- a/app/common.php
+++ b/app/common.php
@@ -127,7 +127,7 @@ function is_super($uid = 0)
 //获取url参数
 function get_params($key = "")
 {
-    return Request::instance()->param($key);
+    return Request::instance()->param($key,'','strip_tags');
 }
 
 //生成一个不会重复的字符串
-- 
Gitee


From b879966c6174b335537d4c1e91398c5860aef082 Mon Sep 17 00:00:00 2001
From: sinothk <admin@sinothk.ltd>
Date: Sat, 23 Mar 2024 19:09:01 +0800
Subject: [PATCH 2/3] =?UTF-8?q?=E9=97=AE=E9=A2=98=E4=BF=AE=E5=A4=8D:=20?=
 =?UTF-8?q?=E4=BF=AE=E5=A4=8D=E5=9C=A8=E4=BA=A7=E5=93=81=E6=9F=A5=E7=9C=8B?=
 =?UTF-8?q?=E9=A1=B5=E9=9D=A2=EF=BC=8C=E5=85=B3=E8=81=94=E9=93=BE=E6=8E=A5?=
 =?UTF-8?q?=E7=BC=96=E8=BE=91=E6=97=B6=E9=BB=98=E8=AE=A4Undefined=E7=9A=84?=
 =?UTF-8?q?=E9=97=AE=E9=A2=98?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 app/product/view/index/view.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/product/view/index/view.html b/app/product/view/index/view.html
index 25b99cf..4f34831 100644
--- a/app/product/view/index/view.html
+++ b/app/product/view/index/view.html
@@ -118,7 +118,7 @@
 									<td style="text-align: center;">{$vo.admin_name}</td>
 									<td style="text-align: center;">
 										<div class="layui-btn-group"><span class="layui-btn layui-btn-xs link-edit"
-												data-id="{$vo.id}" data-href="{$vo.url}" data-desc="{$vo.desc}">编辑</span>
+												data-id="{$vo.id}" data-url="{$vo.url}" data-desc="{$vo.desc}">编辑</span>
 											<span class="layui-btn layui-btn-xs layui-btn-danger link-delete"
 												data-uid="{$vo.admin_id}" data-id="{$vo.id}">删除</span>
 										</div>
-- 
Gitee


From 0b28e805c3f0365abd45c7c23f9255f9d93d967b Mon Sep 17 00:00:00 2001
From: sinothk <admin@sinothk.ltd>
Date: Sat, 23 Mar 2024 19:11:23 +0800
Subject: [PATCH 3/3] =?UTF-8?q?=E9=97=AE=E9=A2=98=E4=BF=AE=E5=A4=8D:=20?=
 =?UTF-8?q?=E4=BF=AE=E5=A4=8D=E5=9C=A8=E6=B6=88=E6=81=AF=E9=80=9A=E7=9F=A5?=
 =?UTF-8?q?=E9=A1=B5=E9=9D=A2=EF=BC=88=E6=94=B6=E4=BB=B6/=E5=8F=91?=
 =?UTF-8?q?=E4=BB=B6/=E5=9E=83=E5=9C=BE/=E8=8D=89=E7=A8=BF=EF=BC=89?=
 =?UTF-8?q?=E7=AE=B1=E6=96=B0=E5=BB=BA=E8=AE=B0=E5=BD=95=E6=97=B6=E4=BC=9A?=
 =?UTF-8?q?=E5=87=BA=E7=8E=B0=E6=8A=A5=E9=94=99=E4=B8=94=E6=97=A0=E6=B3=95?=
 =?UTF-8?q?=E5=85=B3=E9=97=AD=E7=9A=84=E9=97=AE=E9=A2=98?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 app/home/view/message/draft.html   | 2 +-
 app/home/view/message/inbox.html   | 2 +-
 app/home/view/message/rubbish.html | 2 +-
 app/home/view/message/sendbox.html | 2 +-
 4 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/app/home/view/message/draft.html b/app/home/view/message/draft.html
index 0f61061..37ab587 100644
--- a/app/home/view/message/draft.html
+++ b/app/home/view/message/draft.html
@@ -47,7 +47,7 @@
 <!-- 脚本 -->
 {block name="script"}
 <script>
-	const moduleInit = ['tool','employeepicker','dtree'];
+	const moduleInit = ['tool','employeepicker','dtree','gouguEdit'];
 	function gouguInit() {
 		var table = layui.table,form = layui.form,tool = layui.tool;
 
diff --git a/app/home/view/message/inbox.html b/app/home/view/message/inbox.html
index fb1678c..5f20a27 100644
--- a/app/home/view/message/inbox.html
+++ b/app/home/view/message/inbox.html
@@ -60,7 +60,7 @@
 <!-- 脚本 -->
 {block name="script"}
 <script>
-	const moduleInit = ['tool','employeepicker','dtree'];
+	const moduleInit = ['tool','employeepicker','dtree','gouguEdit'];
 	function gouguInit() {
 		var table = layui.table,form = layui.form,tool = layui.tool;
 
diff --git a/app/home/view/message/rubbish.html b/app/home/view/message/rubbish.html
index 35a3957..297c4c6 100644
--- a/app/home/view/message/rubbish.html
+++ b/app/home/view/message/rubbish.html
@@ -48,7 +48,7 @@
 <!-- 脚本 -->
 {block name="script"}
 <script>
-	const moduleInit = ['tool','employeepicker','dtree'];
+	const moduleInit = ['tool','employeepicker','dtree','gouguEdit'];
 	function gouguInit() {
 		var table = layui.table,form = layui.form,tool = layui.tool;
 
diff --git a/app/home/view/message/sendbox.html b/app/home/view/message/sendbox.html
index b619f9e..d1e2385 100644
--- a/app/home/view/message/sendbox.html
+++ b/app/home/view/message/sendbox.html
@@ -47,7 +47,7 @@
 <!-- 脚本 -->
 {block name="script"}
 <script>
-	const moduleInit = ['tool','employeepicker','dtree'];
+	const moduleInit = ['tool','employeepicker','dtree','gouguEdit'];
 	function gouguInit() {
 		var table = layui.table,form = layui.form,tool = layui.tool;
 
-- 
Gitee