|
程序默认是把script过滤掉了,script非常危险,但如果不想过滤,可以这么改 pw8.5 lib/forum/post.class.php 找到 - array("/<script.*>.*<\/script>/is","/<(([^\"']|\"[^\"]*\"|'[^']*')*?)>/eis","/javascript/i"),
- array("","\$this->jscv('\\1')","java script"),
改成 - array("/<(([^\"']|\"[^\"]*\"|'[^']*')*?)>/eis","/javascript/i"),
- array("\$this->jscv('\\1')","java script"),
如果需要某些版块支持,这样改 找到 - $this->data['content'] = preg_replace(
- array("/<script.*>.*<\/script>/is","/<(([^\"']|\"[^\"]*\"|'[^']*')*?)>/eis","/javascript/i"),
- array("","\$this->jscv('\\1')","java script"),
- str_replace('.','.',$this->data['content'])
- );
改成 - global $fid;
- if(!in_array($fid,array(2,3,4))){
- $this->data['content'] = preg_replace(
- array("/<script.*>.*<\/script>/is","/<(([^\"']|\"[^\"]*\"|'[^']*')*?)>/eis","/javascript/i"),
- array("","\$this->jscv('\\1')","java script"),
- str_replace('.','.',$this->data['content'])
- );
- }else{
- $this->data['content'] = preg_replace(
- array("/<(([^\"']|\"[^\"]*\"|'[^']*')*?)>/eis","/javascript/i"),
- array("\$this->jscv('\\1')","java script"),
- str_replace('.','.',$this->data['content'])
- );
- }
|