disucz非法字符设置
source/class/discuz/discuz_application.php350 private function _xss_check() {
351
352 static $check = array('"', '>', '<', '\'', '(', ')', 'CONTENT-TRANSFER-ENCODING');
353
354 if(isset($_GET['formhash']) && $_GET['formhash'] !== formhash()) {
355 system_error('request_tainting');
356 }
页:
[1]