4 năm trước cách đây · e76cf0999e
--- a/src/Grid/Column.php
+++ b/src/Grid/Column.php
@@ -5,6 +5,7 @@ namespace Dcat\Admin\Grid;
 
				 use Closure;
			
 
				 use Dcat\Admin\Grid;
			
 
				 use Dcat\Admin\Grid\Displayers\AbstractDisplayer;
			
 
				+use Dcat\Admin\Support\Helper;
			
 
				 use Dcat\Admin\Traits\HasBuilderEvents;
			
 
				 use Dcat\Admin\Traits\HasDefinitions;
			
 
				 use Illuminate\Contracts\Support\Arrayable;
			
@@ -635,15 +636,7 @@ class Column
 
				      */
			
 
				     protected function htmlEntityEncode($item)
			
 
				     {
			
 
				-        if (is_array($item)) {
			
 
				-            array_walk_recursive($item, function (&$value) {
			
 
				-                $value = htmlentities($value);
			
 
				-            });
			
 
				-        } else {
			
 
				-            $item = htmlentities($item);
			
 
				-        }
			
 
				-
			
 
				-        return $item;
			
 
				+        return Helper::htmlEntityEncode($item);
			
 
				     }
			
 
				 
			
 
				     /**
			
--- a/src/Grid/Displayers/Copyable.php
+++ b/src/Grid/Displayers/Copyable.php
@@ -3,6 +3,7 @@
 
				 namespace Dcat\Admin\Grid\Displayers;
			
 
				 
			
 
				 use Dcat\Admin\Admin;
			
 
				+use Dcat\Admin\Support\Helper;
			
 
				 
			
 
				 /**
			
 
				  * Class Copyable.
			
@@ -35,6 +36,8 @@ JS;
 
				     {
			
 
				         $this->addScript();
			
 
				 
			
 
				+        $this->value = Helper::htmlEntityEncode($this->value);
			
 
				+
			
 
				         $html = <<<HTML
			
 
				 <a href="javascript:void(0);" class="grid-column-copyable text-muted" data-content="{$this->value}" title="Copied!" data-placement="bottom">
			
 
				     <i class="fa fa-copy"></i>
			
--- a/src/Grid/Displayers/Editable.php
+++ b/src/Grid/Displayers/Editable.php
@@ -3,6 +3,7 @@
 
				 namespace Dcat\Admin\Grid\Displayers;
			
 
				 
			
 
				 use Dcat\Admin\Admin;
			
 
				+use Dcat\Admin\Support\Helper;
			
 
				 
			
 
				 class Editable extends AbstractDisplayer
			
 
				 {
			
@@ -13,11 +14,13 @@ class Editable extends AbstractDisplayer
 
				         $this->addScript();
			
 
				         $this->addStyle();
			
 
				 
			
 
				+        $value = Helper::render($this->value);
			
 
				+
			
 
				         $label = __('admin.save');
			
 
				 
			
 
				         return <<<HTML
			
 
				 <div class="d-inline">
			
 
				-    <span class="{$this->selector}" contenteditable="true">{$this->value}</span>
			
 
				+    <span class="{$this->selector}" contenteditable="true">{$value}</span>
			
 
				     <span class="save hidden" 
			
 
				         data-value="{$this->value}" 
			
 
				         data-name="{$this->column->getName()}" 
			
--- a/src/Grid/Displayers/Limit.php
+++ b/src/Grid/Displayers/Limit.php
@@ -20,6 +20,8 @@ JS;
 
				 
			
 
				     public function display($limit = 100, $end = '...')
			
 
				     {
			
 
				+        $this->value = Helper::htmlEntityEncode($this->value);
			
 
				+
			
 
				         // 数组
			
 
				         if ($this->value !== null && ! is_scalar($this->value)) {
			
 
				             $value = Helper::array($this->value);
			
--- a/src/Support/Helper.php
+++ b/src/Support/Helper.php
@@ -799,4 +799,24 @@ class Helper
 
				             $relation->$query(...$params);
			
 
				         });
			
 
				     }
			
 
				+
			
 
				+    /**
			
 
				+     * Html转义.
			
 
				+     *
			
 
				+     * @param array|string $item
			
 
				+     *
			
 
				+     * @return mixed
			
 
				+     */
			
 
				+    public static function htmlEntityEncode($item)
			
 
				+    {
			
 
				+        if (is_array($item)) {
			
 
				+            array_walk_recursive($item, function (&$value) {
			
 
				+                $value = htmlentities($value);
			
 
				+            });
			
 
				+        } else {
			
 
				+            $item = htmlentities($item);
			
 
				+        }
			
 
				+
			
 
				+        return $item;
			
 
				+    }
			
 
				 }