对输入进行转义；修复dirname函数的拼写错误

Signed-off-by: hancong03 <hancong03@baidu.com>

对输入进行转义；修复dirname函数的拼写错误
Signed-off-by: hancong03 <hancong03@baidu.com>
9dd1a09e · hancong03 · adf5189f · 9dd1a09e · 9dd1a09e
Commit 9dd1a09e authored Oct 20, 2014 by hancong03
Show whitespace changes
Inline Side-by-side

Showing with 3 additions and 3 deletions

Parser.class.php native-support/archive/src/Parser.class.php +2 -2

Parser.xmind.class.php native-support/archive/src/Parser.xmind.class.php +1 -1

No files found.
--- a/native-support/archive/src/Parser.class.php
+++ b/native-support/archive/src/Parser.class.php
@@ -6,11 +6,11 @@ require_once "Parser.freemind.class.php";
 class Parser {

    public static function toXMind ( $source, $previewImage = null ) {
-        return XMindParser::parse( $source, $previewImage );
+        return XMindParser::parse( htmlspecialchars( $source, ENT_NOQUOTES ), $previewImage );
    }

    public static function toFreeMind ( $source ) {
-        return FreeMindParser::parse( $source );
+        return FreeMindParser::parse( htmlspecialchars( $source, ENT_NOQUOTES ) );
    }

 }
\ No newline at end of file
--- a/native-support/archive/src/Parser.xmind.class.php
+++ b/native-support/archive/src/Parser.xmind.class.php
@@ -198,7 +198,7 @@ class XMindParser {

    private static function move ( $meta, $path ) {

-        $config = require( diranme( __FILE__ ) . '/../config.php' );
+        $config = require( dirname( __FILE__ ) . '/../config.php' );
        $savepath = $config[ 'savepath' ];

        if ( !file_exists( $savepath ) ) {