diff --git a/core/function.php b/core/function.php
index 3dc0671..4935464 100644
--- a/core/function.php
+++ b/core/function.php
@@ -2,7 +2,7 @@
/* 获取主题当前版本号 */
function _getVersion()
{
- return "6.0.5";
+ return "6.0.6";
};
/* 判断是否是手机 */
diff --git a/core/parse.php b/core/parse.php
index ab7665d..8566401 100644
--- a/core/parse.php
+++ b/core/parse.php
@@ -3,15 +3,34 @@
/* 过滤短代码 */
require_once('short.php');
+function _checkXSS($text)
+{
+ $isXss = false;
+ $list = array(
+ '([\x00-\x08,\x0b-\x0c,\x0e-\x19])', 'script', 'javascript', 'vbscript', 'expression', 'applet', 'meta', 'xml', 'blink', 'link', 'style', 'embed', 'object', 'frame', 'layer', 'title', 'bgsound', 'onload', 'onunload', 'onchange', 'onsubmit', 'onreset', 'onselect', 'onblur', 'onfocus',
+ 'onabort', 'onkeydown', 'onkeypress', 'onkeyup', 'onclick', 'ondblclick', 'onmousedown', 'onmousemove', 'onmouseout', 'onmouseover', 'onmouseup', 'onunload'
+ );
+ if (strip_tags($text)) {
+ for ($i = 0; $i < count($list); $i++) {
+ if (strpos($text, $list[$i]) !== false) {
+ $isXss = true;
+ break;
+ }
+ }
+ } else {
+ $isXss = true;
+ };
+ return $isXss;
+}
+
/* 过滤评论回复 */
function _parseCommentReply($text)
{
- if (strip_tags($text)) {
- $text = _parseReply($text);
- $text = preg_replace('/\{!{(.*?)\}!}/', '', $text);
- echo $text;
- } else {
+ if (_checkXSS($text)) {
echo "该回复疑似异常,已被系统拦截!";
+ } else {
+ $text = _parseReply($text);
+ echo preg_replace('/\{!{(.*?)\}!}/', '', $text);
}
}
@@ -38,26 +57,25 @@ function _parseReply($text)
/* 格式化留言回复 */
function _parseLeavingReply($text)
{
- if (strip_tags($text)) {
+ if (_checkXSS($text)) {
+ echo "该回复疑似异常,已被系统拦截!";
+ } else {
$text = strip_tags($text);
$text = _parseReply($text);
- $text = preg_replace('/\{!\{(.*?)\}!\}/', '', $text);
- echo $text;
- } else {
- echo "该回复疑似异常,已被系统拦截!";
+ echo preg_replace('/\{!\{(.*?)\}!\}/', '', $text);
}
}
/* 格式化侧边栏回复 */
function _parseAsideReply($text, $type = true)
{
- if (strip_tags($text)) {
+ if (_checkXSS($text)) {
+ echo "该回复疑似异常,已被系统拦截!";
+ } else {
$text = strip_tags($text);
$text = preg_replace('~{!{.*~', '# 图片回复', $text);
if ($type) echo _parseReply($text);
else echo $text;
- } else {
- echo "该回复疑似异常,已被系统拦截!";
}
}
diff --git a/package.json b/package.json
index 9fa772a..e312870 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
{
"name": "typecho-joe-next",
- "version": "6.0.5",
+ "version": "6.0.6",
"description": "A Theme Of Typecho",
"main": "index.php",
"keywords": [