Skip to content

Commit

Permalink
批量修复因 input 导致的 xss 问题
Browse files Browse the repository at this point in the history
  • Loading branch information
@zoujingli
zoujingli committed Sep 14, 2021
1 parent 26e92b8 commit 2963808
Show file tree
Hide file tree
Showing 28 changed files with 106 additions and 106 deletions.
6 changes: 3 additions & 3 deletions app/admin/view/auth/index_search.html
View file
Expand Up @@ -5,14 +5,14 @@
<div class="layui-form-item layui-inline">
<label class="layui-form-label">权限名称</label>
<div class="layui-input-inline">
<input name="title" value="{:input('get.title')}" placeholder="请输入权限名称" class="layui-input">
<input name="title" value="{$get.title|default=''}" placeholder="请输入权限名称" class="layui-input">
</div>
</div>

<div class="layui-form-item layui-inline">
<label class="layui-form-label">权限描述</label>
<div class="layui-input-inline">
<input name="desc" value="{:input('get.desc')}" placeholder="请输入权限描述" class="layui-input">
<input name="desc" value="{$get.desc|default=''}" placeholder="请输入权限描述" class="layui-input">
</div>
</div>

Expand All @@ -34,7 +34,7 @@
<div class="layui-form-item layui-inline">
<label class="layui-form-label">创建时间</label>
<div class="layui-input-inline">
<input data-date-range name="create_at" value="{:input('get.create_at')}" placeholder="请选择创建时间" class="layui-input">
<input data-date-range name="create_at" value="{$get.create_at|default=''}" placeholder="请选择创建时间" class="layui-input">
</div>
</div>

Expand Down
6 changes: 3 additions & 3 deletions app/admin/view/base/index_search.html
View file
Expand Up @@ -5,14 +5,14 @@
<div class="layui-form-item layui-inline">
<label class="layui-form-label">数据编码</label>
<div class="layui-input-inline">
<input name="code" value="{:input('get.code')}" placeholder="请输入数据编码" class="layui-input">
<input name="code" value="{$get.code|default=''}" placeholder="请输入数据编码" class="layui-input">
</div>
</div>

<div class="layui-form-item layui-inline">
<label class="layui-form-label">数据名称</label>
<div class="layui-input-inline">
<input name="name" value="{:input('get.name')}" placeholder="请输入数据名称" class="layui-input">
<input name="name" value="{$get.name|default=''}" placeholder="请输入数据名称" class="layui-input">
</div>
</div>

Expand All @@ -34,7 +34,7 @@
<div class="layui-form-item layui-inline">
<label class="layui-form-label">创建时间</label>
<div class="layui-input-inline">
<input data-date-range name="create_at" value="{:input('get.create_at')}" placeholder="请选择创建时间" class="layui-input">
<input data-date-range name="create_at" value="{$get.create_at|default=''}" placeholder="请选择创建时间" class="layui-input">
</div>
</div>

Expand Down
12 changes: 6 additions & 6 deletions app/admin/view/module/index_search.html
View file
Expand Up @@ -4,19 +4,19 @@
<div class="layui-form-item layui-inline">
<label class="layui-form-label">任务编号</label>
<div class="layui-input-inline">
<input name="code" value="{:input('get.code')}" placeholder="请输入任务编号" class="layui-input">
<input name="code" value="{$get.code|default=''}" placeholder="请输入任务编号" class="layui-input">
</div>
</div>
<div class="layui-form-item layui-inline">
<label class="layui-form-label">任务名称</label>
<div class="layui-input-inline">
<input name="title" value="{:input('get.title')}" placeholder="请输入任务名称" class="layui-input">
<input name="title" value="{$get.title|default=''}" placeholder="请输入任务名称" class="layui-input">
</div>
</div>
<div class="layui-form-item layui-inline">
<label class="layui-form-label">任务指令</label>
<div class="layui-input-inline">
<input name="command" value="{:input('get.command')}" placeholder="请输入任务指令" class="layui-input">
<input name="command" value="{$get.command|default=''}" placeholder="请输入任务指令" class="layui-input">
</div>
</div>
<div class="layui-form-item layui-inline">
Expand All @@ -36,19 +36,19 @@
<div class="layui-form-item layui-inline">
<label class="layui-form-label">计划时间</label>
<div class="layui-input-inline">
<input data-date-range name="exec_time" value="{:input('get.exec_time')}" placeholder="请选择计划时间" class="layui-input">
<input data-date-range name="exec_time" value="{$get.exec_time|default=''}" placeholder="请选择计划时间" class="layui-input">
</div>
</div>
<div class="layui-form-item layui-inline">
<label class="layui-form-label">执行时间</label>
<div class="layui-input-inline">
<input data-date-range name="enter_time" value="{:input('get.enter_time')}" placeholder="请选择执行时间" class="layui-input">
<input data-date-range name="enter_time" value="{$get.enter_time|default=''}" placeholder="请选择执行时间" class="layui-input">
</div>
</div>
<div class="layui-form-item layui-inline">
<label class="layui-form-label">创建时间</label>
<div class="layui-input-inline">
<input data-date-range name="create_at" value="{:input('get.create_at')}" placeholder="请选择创建时间" class="layui-input">
<input data-date-range name="create_at" value="{$get.create_at|default=''}" placeholder="请选择创建时间" class="layui-input">
</div>
</div>
<div class="layui-form-item layui-inline">
Expand Down
8 changes: 4 additions & 4 deletions app/admin/view/oplog/index_search.html
View file
Expand Up @@ -17,7 +17,7 @@
<div class="layui-form-item layui-inline">
<label class="layui-form-label">操作节点</label>
<label class="layui-input-inline">
<input name="node" value="{:input('get.node')}" placeholder="请输入操作内容" class="layui-input">
<input name="node" value="{$get.node|default=''}" placeholder="请输入操作内容" class="layui-input">
</label>
</div>
<div class="layui-form-item layui-inline">
Expand All @@ -36,19 +36,19 @@
<div class="layui-form-item layui-inline">
<label class="layui-form-label">操作描述</label>
<label class="layui-input-inline">
<input name="content" value="{:input('get.content')}" placeholder="请输入操作内容" class="layui-input">
<input name="content" value="{$get.content|default=''}" placeholder="请输入操作内容" class="layui-input">
</label>
</div>
<div class="layui-form-item layui-inline">
<label class="layui-form-label">访问地址</label>
<label class="layui-input-inline">
<input name="geoip" value="{:input('get.geoip')}" placeholder="请输入访问地址" class="layui-input">
<input name="geoip" value="{$get.geoip|default=''}" placeholder="请输入访问地址" class="layui-input">
</label>
</div>
<div class="layui-form-item layui-inline">
<label class="layui-form-label">操作时间</label>
<label class="layui-input-inline">
<input data-date-range name="create_at" value="{:input('get.create_at')}" placeholder="请选择操作时间" class="layui-input">
<input data-date-range name="create_at" value="{$get.create_at|default=''}" placeholder="请选择操作时间" class="layui-input">
</label>
</div>
<div class="layui-form-item layui-inline">
Expand Down
12 changes: 6 additions & 6 deletions app/admin/view/queue/index_search.html
View file
Expand Up @@ -17,21 +17,21 @@ <h4 class="color-desc margin-top-10 notselect">配置定时任务来检查并启
<div class="layui-form-item layui-inline">
<label class="layui-form-label">任务编号</label>
<label class="layui-input-inline">
<input name="code" value="{:input('get.code')}" placeholder="请输入任务编号" class="layui-input">
<input name="code" value="{$get.code|default=''}" placeholder="请输入任务编号" class="layui-input">
</label>
</div>

<div class="layui-form-item layui-inline">
<label class="layui-form-label">任务名称</label>
<label class="layui-input-inline">
<input name="title" value="{:input('get.title')}" placeholder="请输入任务名称" class="layui-input">
<input name="title" value="{$get.title|default=''}" placeholder="请输入任务名称" class="layui-input">
</label>
</div>

<div class="layui-form-item layui-inline">
<label class="layui-form-label">任务指令</label>
<label class="layui-input-inline">
<input name="command" value="{:input('get.command')}" placeholder="请输入任务指令" class="layui-input">
<input name="command" value="{$get.command|default=''}" placeholder="请输入任务指令" class="layui-input">
</label>
</div>

Expand All @@ -53,21 +53,21 @@ <h4 class="color-desc margin-top-10 notselect">配置定时任务来检查并启
<div class="layui-form-item layui-inline">
<label class="layui-form-label">计划时间</label>
<label class="layui-input-inline">
<input data-date-range name="exec_time" value="{:input('get.exec_time')}" placeholder="请选择计划时间" class="layui-input">
<input data-date-range name="exec_time" value="{$get.exec_time|default=''}" placeholder="请选择计划时间" class="layui-input">
</label>
</div>

<div class="layui-form-item layui-inline">
<label class="layui-form-label">执行时间</label>
<label class="layui-input-inline">
<input data-date-range name="enter_time" value="{:input('get.enter_time')}" placeholder="请选择执行时间" class="layui-input">
<input data-date-range name="enter_time" value="{$get.enter_time|default=''}" placeholder="请选择执行时间" class="layui-input">
</label>
</div>

<div class="layui-form-item layui-inline">
<label class="layui-form-label">创建时间</label>
<label class="layui-input-inline">
<input data-date-range name="create_at" value="{:input('get.create_at')}" placeholder="请选择创建时间" class="layui-input">
<input data-date-range name="create_at" value="{$get.create_at|default=''}" placeholder="请选择创建时间" class="layui-input">
</label>
</div>

Expand Down
12 changes: 6 additions & 6 deletions app/admin/view/user/index_search.html
View file
Expand Up @@ -5,14 +5,14 @@
<div class="layui-form-item layui-inline">
<label class="layui-form-label">用户名称</label>
<label class="layui-input-inline">
<input name="nickname" value="{:input('get.nickname')}" placeholder="请输入用户名称" class="layui-input">
<input name="nickname" value="{$get.nickname|default=''}" placeholder="请输入用户名称" class="layui-input">
</label>
</div>

<div class="layui-form-item layui-inline">
<label class="layui-form-label">登录账号</label>
<label class="layui-input-inline">
<input name="username" value="{:input('get.username')}" placeholder="请输入登录账号" class="layui-input">
<input name="username" value="{$get.username|default=''}" placeholder="请输入登录账号" class="layui-input">
</label>
</div>

Expand All @@ -35,28 +35,28 @@
<div class="layui-form-item layui-inline layui-hide">
<label class="layui-form-label">联系手机</label>
<label class="layui-input-inline">
<input name="phone" value="{:input('get.phone')}" placeholder="请输入联系手机" class="layui-input">
<input name="phone" value="{$get.phone|default=''}" placeholder="请输入联系手机" class="layui-input">
</label>
</div>

<div class="layui-form-item layui-inline layui-hide">
<label class="layui-form-label">联系邮箱</label>
<label class="layui-input-inline">
<input name="mail" value="{:input('get.mail')}" placeholder="请输入联系邮箱" class="layui-input">
<input name="mail" value="{$get.mail|default=''}" placeholder="请输入联系邮箱" class="layui-input">
</label>
</div>

<div class="layui-form-item layui-inline">
<label class="layui-form-label">最后登录</label>
<div class="layui-input-inline">
<input data-date-range name="login_at" value="{:input('get.login_at')}" placeholder="请选择登录时间" class="layui-input">
<input data-date-range name="login_at" value="{$get.login_at|default=''}" placeholder="请选择登录时间" class="layui-input">
</div>
</div>

<div class="layui-form-item layui-inline">
<label class="layui-form-label">创建时间</label>
<div class="layui-input-inline">
<input data-date-range name="create_at" value="{:input('get.create_at')}" placeholder="请选择创建时间" class="layui-input">
<input data-date-range name="create_at" value="{$get.create_at|default=''}" placeholder="请选择创建时间" class="layui-input">
</div>
</div>

Expand Down
4 changes: 2 additions & 2 deletions app/data/view/base/message/index_search.html
View file
Expand Up @@ -4,7 +4,7 @@
<div class="layui-form-item layui-inline">
<label class="layui-form-label">通知标题</label>
<label class="layui-input-inline">
<input class="layui-input" name="name" placeholder="请输入通知标题" value="{:input('name','')}">
<input class="layui-input" name="name" placeholder="请输入通知标题" value="{$get.name|default=''}">
</label>
</div>

Expand All @@ -26,7 +26,7 @@
<div class="layui-form-item layui-inline">
<label class="layui-form-label">创建时间</label>
<label class="layui-input-inline">
<input class="layui-input" data-date-range name="create_at" placeholder="请选择创建时间" value="{:input('create_at','')}">
<input class="layui-input" data-date-range name="create_at" placeholder="请选择创建时间" value="{$get.create_at|default=''}">
</label>
</div>

Expand Down
6 changes: 3 additions & 3 deletions app/data/view/base/payment/index_search.html
View file
Expand Up @@ -4,14 +4,14 @@
<div class="layui-form-item layui-inline">
<label class="layui-form-label">支付名称</label>
<label class="layui-input-inline">
<input class="layui-input" name="name" placeholder="请输入支付名称" value="{:input('name','')}">
<input class="layui-input" name="name" placeholder="请输入支付名称" value="{$get.name|default=''}">
</label>
</div>

<div class="layui-form-item layui-inline">
<label class="layui-form-label">支付编号</label>
<label class="layui-input-inline">
<input class="layui-input" name="code" placeholder="请输入支付编号" value="{:input('code','')}">
<input class="layui-input" name="code" placeholder="请输入支付编号" value="{$get.code|default=''}">
</label>
</div>

Expand Down Expand Up @@ -47,7 +47,7 @@
<div class="layui-form-item layui-inline">
<label class="layui-form-label">创建时间</label>
<label class="layui-input-inline">
<input class="layui-input" data-date-range name="create_at" placeholder="请选择创建时间" value="{:input('create_at','')}">
<input class="layui-input" data-date-range name="create_at" placeholder="请选择创建时间" value="{$get.create_at|default=''}">
</label>
</div>

Expand Down
6 changes: 3 additions & 3 deletions app/data/view/base/postage/company/index_search.html
View file
Expand Up @@ -4,21 +4,21 @@
<div class="layui-form-item layui-inline">
<label class="layui-form-label">快递名称</label>
<label class="layui-input-inline">
<input class="layui-input" name="name" placeholder="请输入快递名称" value="{:input('name','')}">
<input class="layui-input" name="name" placeholder="请输入快递名称" value="{$get.name|default=''}">
</label>
</div>

<div class="layui-form-item layui-inline">
<label class="layui-form-label">快递编码</label>
<label class="layui-input-inline">
<input class="layui-input" name="code" placeholder="请输入快递编码" value="{:input('code','')}">
<input class="layui-input" name="code" placeholder="请输入快递编码" value="{$get.code|default=''}">
</label>
</div>

<div class="layui-form-item layui-inline">
<label class="layui-form-label">添加时间</label>
<label class="layui-input-inline">
<input class="layui-input" data-date-range name="create_at" placeholder="请选择添加时间" value="{:input('create_at','')}">
<input class="layui-input" data-date-range name="create_at" placeholder="请选择添加时间" value="{$get.create_at|default=''}">
</label>
</div>

Expand Down
6 changes: 3 additions & 3 deletions app/data/view/base/postage/template/index_search.html
View file
Expand Up @@ -4,14 +4,14 @@
<div class="layui-form-item layui-inline">
<label class="layui-form-label">模板编号</label>
<label class="layui-input-inline">
<input class="layui-input" name="code" placeholder="请输入模板编号" value="{:input('code','')}">
<input class="layui-input" name="code" placeholder="请输入模板编号" value="{$get.code|default=''}">
</label>
</div>

<div class="layui-form-item layui-inline">
<label class="layui-form-label">模板名称</label>
<label class="layui-input-inline">
<input class="layui-input" name="name" placeholder="请输入模板名称" value="{:input('name','')}">
<input class="layui-input" name="name" placeholder="请输入模板名称" value="{$get.name|default=''}">
</label>
</div>

Expand All @@ -33,7 +33,7 @@
<div class="layui-form-item layui-inline">
<label class="layui-form-label">添加时间</label>
<label class="layui-input-inline">
<input class="layui-input" data-date-range name="create_at" placeholder="请选择添加时间" value="{:input('create_at','')}">
<input class="layui-input" data-date-range name="create_at" placeholder="请选择添加时间" value="{$get.create_at|default=''}">
</label>
</div>

Expand Down

0 comments on commit 2963808

Please sign in to comment.