htmlentities -> htmlspecialchars

This commit is contained in:
2024-12-06 15:35:38 +08:00
parent daa005f029
commit d9b2d13caa
184 changed files with 410 additions and 405 deletions

View File

@@ -84,9 +84,9 @@ if (strlen($_POST['npassword']) == 0)
$password = pwGen($_POST['opassword']);
else
$password = pwGen($_POST['npassword']);
$nick = htmlentities($nick, ENT_QUOTES, "UTF-8");
$school = (htmlentities($school, ENT_QUOTES, "UTF-8"));
$email = (htmlentities($email, ENT_QUOTES, "UTF-8"));
$nick = htmlspecialchars($nick, ENT_QUOTES, "UTF-8");
$school = (htmlspecialchars($school, ENT_QUOTES, "UTF-8"));
$email = (htmlspecialchars($email, ENT_QUOTES, "UTF-8"));
$sql = "UPDATE `users` SET"
. "`password`=?,"
// . "`nick`=?," //删除此行和81行含的,$nick禁用昵称修改