修复菜单无法通过命令行删除的BUG

修复语言标识可能导致的XSS的BUG
修复路由未对admin模块失效的BUG

application/admin/command/Menu.php

@@ -31,7 +31,6 @@ class Menu extends Command
     {
         $this->model = new AuthRule();
         $adminPath = dirname(__DIR__) . DS;
-        $moduleName = 'admin';
         //控制器名
         $controller = $input->getOption('controller') ?: '';
         if (!$controller)
@@ -47,7 +46,7 @@ class Menu extends Command
                 throw new Exception("could not delete all menu");
             }
             $ids = [];
-            $list = $this->model->where('name', 'like', "/{$moduleName}/" . strtolower($controller) . "%")->select();
+            $list = $this->model->where('name', 'like', strtolower($controller) . "%")->select();
             foreach ($list as $k => $v)
             {
                 $output->warning($v->name);

application/common/controller/Backend.php

@@ -135,7 +135,7 @@ class Backend extends Controller
         }
 
         // 语言检测
-        $lang = Lang::detect();
+        $lang = strip_tags(Lang::detect());
 
         $site = Config::get("site");
 

application/common/controller/Frontend.php

@@ -30,7 +30,7 @@ class Frontend extends Controller
         }
 
         // 语言检测
-        $lang = Lang::detect();
+        $lang = strip_tags(Lang::detect());
 
         $site = Config::get("site");
 

application/route.php

@@ -11,7 +11,7 @@
 // +----------------------------------------------------------------------
 
 //如果有定义绑定后台模块则禁用路由规则 
-if (defined('BIND_MODULE') && BIND_MODULE == 'admin')
+if (\think\Route::getBind('module') == 'admin')
     return [];
 
 return [