From 037a7bcbcde4955c1abcc6f03149f23a3d2e2459 Mon Sep 17 00:00:00 2001
From: leandre <nly92@foxmail.com>
Date: Mon, 2 Mar 2015 16:29:37 +0800
Subject: [PATCH] =?UTF-8?q?=E9=80=92=E5=BD=92=E4=B8=8D=E8=BF=87script?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

防止 ononerror ononerrorerror 这样的输入
---
 initphp/core/controller/filter.init.php | 24 +++++++++++++++++++-----
 1 file changed, 19 insertions(+), 5 deletions(-)

diff --git a/initphp/core/controller/filter.init.php b/initphp/core/controller/filter.init.php
index bbeb6fd..eb782c0 100644
--- a/initphp/core/controller/filter.init.php
+++ b/initphp/core/controller/filter.init.php
@@ -100,11 +100,25 @@ public static function filter_slashes(&$value) {
 	 * @return string
 	 */
 	public function filter_script($value) {
-		$value = preg_replace("/(javascript:)?on(click|load|key|mouse|error|abort|move|unload|change|dblclick|move|reset|resize|submit)/i","&111n\\2",$value);
-		$value = preg_replace("/<script(.*?)>(.*?)<\/script>/si","",$value);
-		$value = preg_replace("/<iframe(.*?)>(.*?)<\/iframe>/si","",$value);
-		$value = preg_replace ("/<object.+<\/object>/iesU", '', $value);
-		return $value;
+		if (is_array($value)) {
+            foreach ($value as $k => $v) {
+                $value[$k] = self::filter_script($v);
+            }
+            return $value;
+        } else {
+            $parten = array(
+                "/(javascript:)?on(click|load|key|mouse|error|abort|move|unload|change|dblclick|move|reset|resize|submit)/i",
+                "/<script(.*?)>(.*?)<\/script>/si",
+                "/<iframe(.*?)>(.*?)<\/iframe>/si",
+                "/<object.+<\/object>/isU"
+            );
+            $replace = array("\\2", "", "", "");
+            $value = preg_replace($parten, $replace, $value, -1, $count);
+            if ($count > 0) {
+                $value = self::filter_script($value);
+            }
+            return $value;
+        }
 	}
 	
 	/**