From a1936063ffce5c96200d876719781f0419d3fcc6 Mon Sep 17 00:00:00 2001
From: t510599 <t510599@gmail.com>
Date: Sun, 2 Feb 2020 23:33:56 +0800
Subject: [PATCH] fixed #12: notification XSS vulnerability

---
 post.php | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/post.php b/post.php
index 6ae00d5..5918249 100644
--- a/post.php
+++ b/post.php
@@ -49,7 +49,8 @@ if ($user->islogin && isset($_POST['pid']) && isset($_POST['title']) && isset($_
         $username_list = parse_user_tag($_POST['content']);
         foreach ($username_list as $key => $id) {
             if ($id == $user->username) continue;
-            cavern_notify_user($id, "{{$user->name}}@{$user->username} 在 [{$_POST['title']}] 中提到了你", "post.php?pid=$pid");
+            $_title = htmlspecialchars($_POST['title']);
+            cavern_notify_user($id, "{{$user->name}}@{$user->username} 在 [$_title] 中提到了你", "post.php?pid=$pid");
         }
 
         http_response_code(201); // 201 Created