1./Lib/Core/App.class.php Line:58
if(C('VAR_FILTERS')) {
$filters = explode(',',C('VAR_FILTERS'));
foreach($filters as $filter){
// 全局参数过滤
$_POST = array_map($filter,$_POST);
$_GET = array_map($filter,$_GET);
}
}
这里array_map 函数调用htmlspecialchars函数过滤时会将数组过滤掉
应该用array_walk_recursive函数,如果参数变量还是个数组,它会递归调用函数,故能解决此问题。
if(C('VAR_FILTERS')) {
$filters = explode(',',C('VAR_FILTERS'));
foreach($filters as $filter){
// 全局参数过滤
array_walk_recursive($_POST, $filter);
array_walk_recursive($_GET, $filter);
}
}