Skip to content
Permalink
Browse files

XSS 취약점 수정

  • Loading branch information...
thisgun committed Oct 30, 2018
1 parent c82c937 commit a45241f4bc46aee1ab2cc0749f6444b043681edf
@@ -72,6 +72,9 @@
//https://github.com/gnuboard/gnuboard5/commit/f5f4925d4eb28ba1af728e1065fc2bdd9ce1da58 에 따른 조치
$str_bo_category_list = isset($_POST['bo_category_list']) ? preg_replace("/[\<\>\'\"\\\'\\\"\%\=\(\)\/\^\*]/", "", $_POST['bo_category_list']) : '';
$_POST['bo_subject'] = strip_tags($_POST['bo_subject']);
$_POST['bo_mobile_subject'] = strip_tags($_POST['bo_mobile_subject']);
$sql_common = " gr_id = '{$_POST['gr_id']}',
bo_subject = '{$_POST['bo_subject']}',
bo_mobile_subject = '{$_POST['bo_mobile_subject']}',
@@ -117,7 +117,7 @@
<label for="gr_<?php echo $i ?>_subj">여분필드 <?php echo $i ?> 제목</label>
<input type="text" name="gr_<?php echo $i ?>_subj" value="<?php echo get_text($group['gr_'.$i.'_subj']) ?>" id="gr_<?php echo $i ?>_subj" class="frm_input">
<label for="gr_<?php echo $i ?>">여분필드 <?php echo $i ?> 내용</label>
<input type="text" name="gr_<?php echo $i ?>" value="<?php echo $gr['gr_'.$i] ?>" id="gr_<?php echo $i ?>" class="frm_input">
<input type="text" name="gr_<?php echo $i ?>" value="<?php echo get_sanitize_input($gr['gr_'.$i]); ?>" id="gr_<?php echo $i ?>" class="frm_input">
</td>
</tr>
<?php } ?>
@@ -1317,7 +1317,7 @@
<label for="cf_<?php echo $i ?>_subj">여분필드<?php echo $i ?> 제목</label>
<input type="text" name="cf_<?php echo $i ?>_subj" value="<?php echo get_text($config['cf_'.$i.'_subj']) ?>" id="cf_<?php echo $i ?>_subj" class="frm_input" size="30">
<label for="cf_<?php echo $i ?>">여분필드<?php echo $i ?> 값</label>
<input type="text" name="cf_<?php echo $i ?>" value="<?php echo $config['cf_'.$i] ?>" id="cf_<?php echo $i ?>" class="frm_input" size="30">
<input type="text" name="cf_<?php echo $i ?>" value="<?php echo get_sanitize_input($config['cf_'.$i]); ?>" id="cf_<?php echo $i ?>" class="frm_input" size="30">
</td>
</tr>
<?php } ?>
@@ -26,6 +26,8 @@
$cf_social_servicelist = !empty($_POST['cf_social_servicelist']) ? implode(',', $_POST['cf_social_servicelist']) : '';
$_POST['cf_title'] = strip_tags($_POST['cf_title']);
$sql = " update {$g5['config_table']}
set cf_title = '{$_POST['cf_title']}',
cf_admin = '{$_POST['cf_admin']}',
@@ -196,6 +196,20 @@ function base_convert(number, frombase, tobase) {
function fmenulist_submit(f)
{
var me_links = document.getElementsByName('me_link[]');
var reg = /^javascript/;
for (i=0; i<me_links.length; i++){
if( reg.test(me_links[i].value) ){
alert('링크에 자바스크립트문을 입력할수 없습니다.');
me_links[i].focus();
return false;
}
}
return true;
}
</script>
@@ -23,8 +23,8 @@
$code = $_POST['code'][$i];
$me_name = $_POST['me_name'][$i];
$me_link = $_POST['me_link'][$i];
$me_link = preg_match('/^javascript/', $_POST['me_link'][$i]) ? G5_URL : strip_tags($_POST['me_link'][$i]);
if(!$code || !$me_name || !$me_link)
continue;
@@ -5,13 +5,13 @@
if (G5_IS_MOBILE) {
// 모바일의 경우 설정을 따르지 않는다.
include_once(G5_BBS_PATH.'/_head.php');
echo stripslashes($board['bo_mobile_content_head']);
echo html_purifier(stripslashes($board['bo_mobile_content_head']));
} else {
if(is_include_path_check($board['bo_include_head'])) { //파일경로 체크
@include ($board['bo_include_head']);
} else { //파일경로가 올바르지 않으면 기본파일을 가져옴
include_once(G5_BBS_PATH.'/_head.php');
}
echo stripslashes($board['bo_content_head']);
echo html_purifier(stripslashes($board['bo_content_head']));
}
?>
@@ -3,11 +3,11 @@
// 게시판 관리의 하단 파일 경로
if (G5_IS_MOBILE) {
echo stripslashes($board['bo_mobile_content_tail']);
echo html_purifier(stripslashes($board['bo_mobile_content_tail']));
// 모바일의 경우 설정을 따르지 않는다.
include_once(G5_BBS_PATH.'/_tail.php');
} else {
echo stripslashes($board['bo_content_tail']);
echo html_purifier(stripslashes($board['bo_content_tail']));
if(is_include_path_check($board['bo_include_tail'])) { //파일경로 체크
@include ($board['bo_include_tail']);
} else { //파일경로가 올바르지 않으면 기본파일을 가져옴
@@ -43,8 +43,8 @@
include_once(G5_PATH.'/head.sub.php');
//if ($board['bo_include_head']) { @include ($board['bo_include_head']); }
//if ($board['bo_content_head']) { echo stripslashes($board['bo_content_head']); }
//if ($board['bo_include_head'] && is_include_path_check($board['bo_content_head'])) { @include ($board['bo_include_head']); }
//if ($board['bo_content_head']) { echo html_purifier(stripslashes($board['bo_content_head'])); }
/* 비밀글의 제목을 가져옴 지운아빠 2013-01-29 */
$sql = " select wr_subject from {$write_table}
@@ -57,8 +57,8 @@
include_once($member_skin_path.'/password.skin.php');
//if ($board['bo_content_tail']) { echo stripslashes($board['bo_content_tail']); }
//if ($board['bo_include_tail']) { @include ($board['bo_include_tail']); }
//if ($board['bo_content_tail']) { echo html_purifier(stripslashes($board['bo_content_tail'])); }
//if ($board['bo_include_tail'] && is_include_path_check($board['bo_content_tail'])) { @include ($board['bo_include_tail']); }
include_once(G5_PATH.'/tail.sub.php');
?>

0 comments on commit a45241f

Please sign in to comment.
You can’t perform that action at this time.