新增默认过滤函数处理

application/common/controller/Api.php

@@ -93,7 +93,7 @@ class Api
     protected function _initialize()
     {
         //移除HTML标签
-        $this->request->filter('strip_tags');
+        $this->request->filter('trim,strip_tags,htmlspecialchars');
 
         $this->auth = Auth::instance();
 

application/common/controller/Frontend.php

@@ -42,7 +42,7 @@ class Frontend extends Controller
     public function _initialize()
     {
         //移除HTML标签
-        $this->request->filter('strip_tags');
+        $this->request->filter('trim,strip_tags,htmlspecialchars');
         $modulename = $this->request->module();
         $controllername = Loader::parseName($this->request->controller());
         $actionname = strtolower($this->request->action());