From 5aacc7edb2bc9cc0babee5a9c9018e86b4783101 Mon Sep 17 00:00:00 2001
From: Li Jianxuan <la5c@qq.com>
Date: Wed, 23 Nov 2011 08:12:29 +0000
Subject: [PATCH] =?UTF-8?q?=E5=9C=A8=E8=AF=84=E8=AE=BA=E4=B8=AD=E5=A2=9E?=
 =?UTF-8?q?=E5=8A=A0=E4=BA=86=E9=98=B2=E6=AD=A2=E6=8F=92=E5=85=A5script?=
 =?UTF-8?q?=E7=9A=84=E8=BF=87=E6=BB=A4=EF=BC=8C=E5=A2=9E=E5=8A=A0=E4=BA=86?=
 =?UTF-8?q?=E7=94=A8=E6=88=B7=E5=A7=93=E5=90=8D=E5=92=8CEMAIL=E7=9A=84?=
 =?UTF-8?q?=E8=B0=83=E7=94=A8?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../default/controllers/DataController.php    | 16 +++++++++++++---
 .../default/views/scripts/data/view.phtml     | 19 ++++++++++++++++---
 2 files changed, 29 insertions(+), 6 deletions(-)

diff --git a/application/default/controllers/DataController.php b/application/default/controllers/DataController.php
index e5134e4e..bcaa20db 100755
--- a/application/default/controllers/DataController.php
+++ b/application/default/controllers/DataController.php
@@ -655,9 +655,19 @@ class DataController extends Zend_Controller_Action
 			echo "Email格式不正确";
 			exit();
 		}
+
+		if(preg_match("/script/i",$url))
+		{
+			$url = preg_replace("/script/i","ｓｃｒｉｐｔ",$url);
+		}
 		
 		if(strlen($content)<5) exit("评论长度不得少于3个汉字 :)");
 		
+		if(preg_match("/script/i",$content))
+		{
+			$content = preg_replace("/script/i","ｓｃｒｉｐｔ",$content);
+		}
+		
 		$uuid = trim($this->_request->getParam('uuid'));
 		
 		if(!preg_match("/^[0-9A-Za-z]{8}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{12}$/",$uuid))
@@ -1145,8 +1155,8 @@ class DataController extends Zend_Controller_Action
 							$pdf = new ApplicantPDF();
 							$pdf->template=$this->view->config->offline->template;
 							$pdf->data = $formData;
-							$pdf->drawWestdc();
-							$pdf->addRef($rows);
+							$pdf->drawWestdc();
+							$pdf->addRef($rows);
 							$pdf->addSecurity($this->view->config->offline->security);
 							header("Content-Disposition: inline; filename=westdc-data-apply.pdf");
 							header("Content-Type:application/pdf");
@@ -1161,7 +1171,7 @@ class DataController extends Zend_Controller_Action
 							$pdf->template=$this->view->config->offline->template;
 							$pdf->data = $formData;
 							$pdf->drawWestdc();
-							$pdf->addRef($rows);
+							$pdf->addRef($rows);
 							$pdf->addSecurity($this->view->config->offline->security);
 							$fn=$formData['realname'].date('YmdHis').".pdf";
 							$pdf->Output($this->view->config->offline->savepath."/".$fn, 'F');
diff --git a/application/default/views/scripts/data/view.phtml b/application/default/views/scripts/data/view.phtml
index 79d04ef9..57d8a68b 100755
--- a/application/default/views/scripts/data/view.phtml
+++ b/application/default/views/scripts/data/view.phtml
@@ -257,18 +257,31 @@ echo '</li>';
 <div id="allcomments">
 <div id="loading"><img src="/images/loading.gif" />评论加载中</div>
 </div>
+<?php
+$auth = Zend_Auth::getInstance();
+if($auth->hasIdentity())
+{
+	$user = $auth->getIdentity();
+	$name = $user->realname;
+	$email = $user->email;
+}else
+{
+	$name = "";
+	$email = "";
+}
+?>
 <form id="postcommentform">
 	<p>
 	<label class="required" style="background:none;">姓名</label>
-    <input type="text" name="author" />
+    <input type="text" name="author" value="<?php echo $name;?>" />
     </p>
     <p>
     <label class="required" style="background:none;">EMAIL</label>
-    <input type="text" name="email" />
+    <input type="text" name="email" value="<?php echo $email;?>" />
     </p>
     <p>
     <label>WEBSITE</label>
-    <input type="text" name="url" />
+    <input type="text" name="url" value="" /> <small>e.g. http://westdc.westgis.ac.cn/</small>
     </p>
     <p>
     <label class="required" style="background:none;">内容</label>