mirror of
https://github.com/typecho/typecho.git
synced 2025-03-18 08:59:40 +01:00
修正用户注册没有过滤用户名,导致的xss存储型漏洞
This commit is contained in:
parent
5dc5cfb906
commit
98d2433620
@ -37,6 +37,7 @@ class Widget_Login extends Widget_Abstract_Users implements Widget_Interface_Do
|
||||
/** 初始化验证类 */
|
||||
$validator = new Typecho_Validate();
|
||||
$validator->addRule('name', 'required', _t('请输入用户名'));
|
||||
$validator->addRule('name', 'xssCheck', _t('请不要使用特殊字符'));
|
||||
$validator->addRule('password', 'required', _t('请输入密码'));
|
||||
|
||||
/** 截获验证异常 */
|
||||
|
Loading…
x
Reference in New Issue
Block a user