From 1ceece32d7390d7c1ec881041ec22b6df9226ac2 Mon Sep 17 00:00:00 2001
From: Karson <karsonzhang@163.com>
Date: Thu, 31 Aug 2017 22:39:50 +0800
Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E5=A4=8D=E6=90=9C=E7=B4=A2=E6=97=B6op?=
 =?UTF-8?q?=E5=8F=82=E6=95=B0=E8=A2=AB=E8=BF=87=E6=BB=A4=E7=9A=84BUG?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 application/admin/controller/general/Attachment.php | 2 ++
 application/admin/controller/general/Profile.php    | 2 ++
 application/common/controller/Backend.php           | 2 +-
 3 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/application/admin/controller/general/Attachment.php b/application/admin/controller/general/Attachment.php
index 6f5a1696..b242bf59 100644
--- a/application/admin/controller/general/Attachment.php
+++ b/application/admin/controller/general/Attachment.php
@@ -26,6 +26,8 @@ class Attachment extends Backend
      */
     public function index()
     {
+        //设置过滤方法
+        $this->request->filter(['strip_tags']);
         if ($this->request->isAjax())
         {
             list($where, $sort, $order, $offset, $limit) = $this->buildparams();
diff --git a/application/admin/controller/general/Profile.php b/application/admin/controller/general/Profile.php
index 3189d7c8..bf450add 100644
--- a/application/admin/controller/general/Profile.php
+++ b/application/admin/controller/general/Profile.php
@@ -20,6 +20,8 @@ class Profile extends Backend
      */
     public function index()
     {
+        //设置过滤方法
+        $this->request->filter(['strip_tags']);
         if ($this->request->isAjax())
         {
             $model = model('AdminLog');
diff --git a/application/common/controller/Backend.php b/application/common/controller/Backend.php
index 7c5b56d9..29f7f03f 100644
--- a/application/common/controller/Backend.php
+++ b/application/common/controller/Backend.php
@@ -202,7 +202,7 @@ class Backend extends Controller
         $relationSearch = is_null($relationSearch) ? $this->relationSearch : $relationSearch;
         $search = $this->request->get("search", '');
         $filter = $this->request->get("filter", '');
-        $op = $this->request->get("op", '');
+        $op = $this->request->get("op", '', 'trim');
         $sort = $this->request->get("sort", "id");
         $order = $this->request->get("order", "DESC");
         $offset = $this->request->get("offset", 0);