From 17238808b56bda573b47bd743af67fe3ef8391cc Mon Sep 17 00:00:00 2001 From: thisgun Date: Thu, 13 Jun 2019 16:33:02 +0900 Subject: [PATCH] =?UTF-8?q?=EC=9E=98=EB=AA=BB=EB=90=9C=20=EC=BD=94?= =?UTF-8?q?=EB=93=9C=20=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- adm/board_list_update.php | 4 +++- adm/boardgroup_list_update.php | 5 +++-- head.sub.php | 4 ++-- lib/common.lib.php | 2 +- theme/basic/head.sub.php | 4 ++-- 5 files changed, 11 insertions(+), 8 deletions(-) diff --git a/adm/board_list_update.php b/adm/board_list_update.php index a7f358c1f1..c3faae7d96 100644 --- a/adm/board_list_update.php +++ b/adm/board_list_update.php @@ -29,9 +29,11 @@ alert('최고관리자가 아닌 경우 다른 관리자의 게시판('.$board_table[$k].')은 수정이 불가합니다.'); } + $p_bo_subject = is_array($_POST['bo_subject']) ? strip_tags($_POST['bo_subject'][$k]) : ''; + $sql = " update {$g5['board_table']} set gr_id = '".sql_real_escape_string(strip_tags($_POST['gr_id'][$k]))."', - bo_subject = '".sql_real_escape_string(strip_tags($_POST['bo_subject'][$k]))."', + bo_subject = '".$p_bo_subject."', bo_device = '".sql_real_escape_string(strip_tags($_POST['bo_device'][$k]))."', bo_skin = '".sql_real_escape_string(strip_tags($_POST['bo_skin'][$k]))."', bo_mobile_skin = '".sql_real_escape_string(strip_tags($_POST['bo_mobile_skin'][$k]))."', diff --git a/adm/boardgroup_list_update.php b/adm/boardgroup_list_update.php index 53d66c8e96..e6abcb6b70 100644 --- a/adm/boardgroup_list_update.php +++ b/adm/boardgroup_list_update.php @@ -19,7 +19,8 @@ { $k = $_POST['chk'][$i]; $gr_id = preg_replace('/[^a-z0-9_]/i', '', $_POST['group_id'][$k]); - $gr_subject = sql_real_escape_string(strip_tags($_POST['gr_subject'][$k])); + $gr_subject = is_array($_POST['gr_subject']) ? strip_tags($_POST['gr_subject'][$k]) : ''; + $gr_admin = is_array($_POST['gr_admin']) ? strip_tags($_POST['gr_admin'][$k]) : ''; if($_POST['act_button'] == '선택수정') { $sql = " update {$g5['group_table']} @@ -30,7 +31,7 @@ gr_order = '".sql_real_escape_string($_POST['gr_order'][$k])."' where gr_id = '{$gr_id}' "; if ($is_admin != 'super') - $sql .= " and gr_admin = '{$_POST['gr_admin'][$k]}' "; + $sql .= " and gr_admin = '{$gr_admin}' "; sql_query($sql); } else if($_POST['act_button'] == '선택삭제') { $row = sql_fetch(" select count(*) as cnt from {$g5['board_table']} where gr_id = '$gr_id' "); diff --git a/head.sub.php b/head.sub.php index 991d517278..8bd57e0e3e 100644 --- a/head.sub.php +++ b/head.sub.php @@ -19,8 +19,8 @@ $g5_head_title .= " | ".$config['cf_title']; } -$g5['title'] = strip_tags(get_text($g5['title'])); -$g5_head_title = strip_tags(get_text($g5_head_title)); +$g5['title'] = strip_tags($g5['title']); +$g5_head_title = strip_tags($g5_head_title); // 현재 접속자 // 게시판 제목에 ' 포함되면 오류 발생 diff --git a/lib/common.lib.php b/lib/common.lib.php index c1928dca20..ab0569188c 100644 --- a/lib/common.lib.php +++ b/lib/common.lib.php @@ -3425,7 +3425,7 @@ function get_head_title($title){ global $g5; if( isset($g5['board_title']) && $g5['board_title'] ){ - $title = strip_tags(get_text($g5['board_title'])); + $title = strip_tags($g5['board_title']); } return $title; diff --git a/theme/basic/head.sub.php b/theme/basic/head.sub.php index 5bb31aa9cc..c519a0db7e 100644 --- a/theme/basic/head.sub.php +++ b/theme/basic/head.sub.php @@ -13,8 +13,8 @@ $g5_head_title .= " | ".$config['cf_title']; } -$g5['title'] = strip_tags(get_text($g5['title'])); -$g5_head_title = strip_tags(get_text($g5_head_title)); +$g5['title'] = strip_tags($g5['title']); +$g5_head_title = strip_tags($g5_head_title); // 현재 접속자 // 게시판 제목에 ' 포함되면 오류 발생