Merge branch 'release/0704' of git.yoho.cn:fe/yohobuywap-node into release/0704
Showing
2 changed files
with
25 additions
and
2 deletions
| @@ -5,6 +5,7 @@ const semver = require('semver'); | @@ -5,6 +5,7 @@ const semver = require('semver'); | ||
| 5 | const questionModel = require('../models/question'); | 5 | const questionModel = require('../models/question'); |
| 6 | const headerModel = require('../../../doraemon/models/header'); // 头部model | 6 | const headerModel = require('../../../doraemon/models/header'); // 头部model |
| 7 | const geetest = require('../../passport/controllers/geetest'); | 7 | const geetest = require('../../passport/controllers/geetest'); |
| 8 | +const cleanHtml = require('../../../utils/cleanHtml'); | ||
| 8 | 9 | ||
| 9 | exports.list = (req, res, next) => { | 10 | exports.list = (req, res, next) => { |
| 10 | let canShare = false; | 11 | let canShare = false; |
| @@ -92,6 +93,15 @@ exports.submit = (req, res, next) => { | @@ -92,6 +93,15 @@ exports.submit = (req, res, next) => { | ||
| 92 | params.sourceType = 'PC'; | 93 | params.sourceType = 'PC'; |
| 93 | } | 94 | } |
| 94 | 95 | ||
| 96 | + let frontAnswers = JSON.parse(params.frontAnswers || '[]') || []; | ||
| 97 | + | ||
| 98 | + _.each(frontAnswers, item => { | ||
| 99 | + if (item.addon) { | ||
| 100 | + item.addon = cleanHtml.htmlEncode(item.addon); | ||
| 101 | + } | ||
| 102 | + }); | ||
| 103 | + | ||
| 104 | + params.frontAnswers = JSON.stringify(frontAnswers); | ||
| 95 | req.ctx(questionModel).submitQuestion(params).then(result => { | 105 | req.ctx(questionModel).submitQuestion(params).then(result => { |
| 96 | res.send(result); | 106 | res.send(result); |
| 97 | }).catch(next); | 107 | }).catch(next); |
| @@ -110,11 +110,24 @@ let question = { | @@ -110,11 +110,24 @@ let question = { | ||
| 110 | } | 110 | } |
| 111 | $wrap.slideDown(); | 111 | $wrap.slideDown(); |
| 112 | }, | 112 | }, |
| 113 | + _validationPartten: function(val) { | ||
| 114 | + let validationPartten = /['"<>&\|]|--/g, | ||
| 115 | + matchChars, | ||
| 116 | + errText; | ||
| 117 | + | ||
| 118 | + if (validationPartten.test(val)) { | ||
| 119 | + matchChars = val.match(validationPartten).join(' '); | ||
| 120 | + errText = '不可以输入 ' + matchChars + ' 哦!'; | ||
| 121 | + } | ||
| 122 | + | ||
| 123 | + return errText; | ||
| 124 | + }, | ||
| 113 | packAnswersInfo: function() { | 125 | packAnswersInfo: function() { |
| 114 | let that = this; | 126 | let that = this; |
| 115 | let answer = []; | 127 | let answer = []; |
| 116 | let $errDom; | 128 | let $errDom; |
| 117 | 129 | ||
| 130 | + | ||
| 118 | this.$item.each(function() { | 131 | this.$item.each(function() { |
| 119 | let $this = $(this); | 132 | let $this = $(this); |
| 120 | 133 | ||
| @@ -136,13 +149,12 @@ let question = { | @@ -136,13 +149,12 @@ let question = { | ||
| 136 | answerIndex: ans.length, | 149 | answerIndex: ans.length, |
| 137 | addon: val | 150 | addon: val |
| 138 | }); | 151 | }); |
| 152 | + errText = that._validationPartten(val); | ||
| 139 | } | 153 | } |
| 140 | 154 | ||
| 141 | if (val.length > 400) { | 155 | if (val.length > 400) { |
| 142 | errText = '输入内容过长'; | 156 | errText = '输入内容过长'; |
| 143 | } | 157 | } |
| 144 | - | ||
| 145 | - | ||
| 146 | }); | 158 | }); |
| 147 | } else { | 159 | } else { |
| 148 | $this.find('.on').each(function() { | 160 | $this.find('.on').each(function() { |
| @@ -155,6 +167,7 @@ let question = { | @@ -155,6 +167,7 @@ let question = { | ||
| 155 | 167 | ||
| 156 | if ($input && $input.length) { | 168 | if ($input && $input.length) { |
| 157 | a.addon = $input.val(); | 169 | a.addon = $input.val(); |
| 170 | + errText = that._validationPartten(a.addon); | ||
| 158 | } | 171 | } |
| 159 | 172 | ||
| 160 | ans.push(a); | 173 | ans.push(a); |
-
Please register or login to post a comment