htmlentities -> htmlspecialchars
This commit is contained in:
@@ -84,9 +84,9 @@ if (strlen($_POST['npassword']) == 0)
|
||||
$password = pwGen($_POST['opassword']);
|
||||
else
|
||||
$password = pwGen($_POST['npassword']);
|
||||
$nick = htmlentities($nick, ENT_QUOTES, "UTF-8");
|
||||
$school = (htmlentities($school, ENT_QUOTES, "UTF-8"));
|
||||
$email = (htmlentities($email, ENT_QUOTES, "UTF-8"));
|
||||
$nick = htmlspecialchars($nick, ENT_QUOTES, "UTF-8");
|
||||
$school = (htmlspecialchars($school, ENT_QUOTES, "UTF-8"));
|
||||
$email = (htmlspecialchars($email, ENT_QUOTES, "UTF-8"));
|
||||
$sql = "UPDATE `users` SET"
|
||||
. "`password`=?,"
|
||||
// . "`nick`=?," //删除此行和81行含的,$nick禁用昵称修改
|
||||
|
||||
Reference in New Issue
Block a user