Skip to content
Permalink
Browse files Browse the repository at this point in the history
XSS 취약점 수정
  • Loading branch information
thisgun committed Aug 22, 2018
1 parent ac5d6a4 commit b1fc952
Show file tree
Hide file tree
Showing 12 changed files with 26 additions and 13 deletions.
2 changes: 1 addition & 1 deletion adm/boardgroup_form.php
Expand Up @@ -12,7 +12,7 @@
if ($w == '') {
$gr_id_attr = 'required';
$sound_only = '<strong class="sound_only"> 필수</strong>';
$gr['gr_use_access'] = 0;
$gr = array('gr_use_access' => 0);
$html_title .= ' 생성';
} else if ($w == 'u') {
$gr_id_attr = 'readonly';
Expand Down
4 changes: 3 additions & 1 deletion adm/boardgroup_form_update.php
Expand Up @@ -16,7 +16,9 @@

if (!$gr_subject) alert('그룹 제목을 입력하세요.');

$sql_common = " gr_subject = '{$_POST['gr_subject']}',
$gr_subject = isset($_POST['gr_subject']) ? strip_tags($_POST['gr_subject']) : '';

$sql_common = " gr_subject = '{$gr_subject}',
gr_device = '{$_POST['gr_device']}',
gr_admin = '{$_POST['gr_admin']}',
gr_1_subj = '{$_POST['gr_1_subj']}',
Expand Down
3 changes: 2 additions & 1 deletion adm/boardgroup_list_update.php
Expand Up @@ -19,10 +19,11 @@
{
$k = $_POST['chk'][$i];
$gr_id = $_POST['group_id'][$k];
$gr_subject = strip_tags($_POST['gr_subject'][$k]);

if($_POST['act_button'] == '선택수정') {
$sql = " update {$g5['group_table']}
set gr_subject = '{$_POST['gr_subject'][$k]}',
set gr_subject = '{$gr_subject}',
gr_device = '{$_POST['gr_device'][$k]}',
gr_admin = '{$_POST['gr_admin'][$k]}',
gr_use_access = '{$_POST['gr_use_access'][$k]}',
Expand Down
8 changes: 5 additions & 3 deletions adm/contentform.php
Expand Up @@ -49,9 +49,11 @@
else
{
$html_title .= ' 입력';
$co['co_html'] = 2;
$co['co_skin'] = 'basic';
$co['co_mobile_skin'] = 'basic';
$co = array(
'co_html' => 2,
'co_skin' => 'basic',
'co_mobile_skin' => 'basic'
);
}

include_once (G5_ADMIN_PATH.'/admin.head.php');
Expand Down
1 change: 1 addition & 0 deletions adm/contentformupdate.php
Expand Up @@ -20,6 +20,7 @@
$co_row = sql_fetch($sql);
}

$co_subject = strip_tags($co_subject);
$co_include_head = preg_replace(array("#[\\\]+$#", "#(<\?php|<\?)#i"), "", substr($co_include_head, 0, 255));
$co_include_tail = preg_replace(array("#[\\\]+$#", "#(<\?php|<\?)#i"), "", substr($co_include_tail, 0, 255));

Expand Down
1 change: 1 addition & 0 deletions adm/faqmasterform.php
Expand Up @@ -21,6 +21,7 @@
else
{
$html_title .= ' 입력';
$fm = array();
}

$g5['title'] = $html_title.' 관리';
Expand Down
2 changes: 2 additions & 0 deletions adm/faqmasterformupdate.php
Expand Up @@ -18,6 +18,8 @@
if ($fm_himg_del) @unlink(G5_DATA_PATH."/faq/{$fm_id}_h");
if ($fm_timg_del) @unlink(G5_DATA_PATH."/faq/{$fm_id}_t");

$fm_subject = strip_tags($fm_subject);

$sql_common = " set fm_subject = '$fm_subject',
fm_head_html = '$fm_head_html',
fm_tail_html = '$fm_tail_html',
Expand Down
2 changes: 1 addition & 1 deletion adm/newwinform.php
Expand Up @@ -109,7 +109,7 @@
<tr>
<th scope="row"><label for="nw_subject">팝업 제목<strong class="sound_only"> 필수</strong></label></th>
<td>
<input type="text" name="nw_subject" value="<?php echo stripslashes($nw['nw_subject']) ?>" id="nw_subject" required class="frm_input required" size="80">
<input type="text" name="nw_subject" value="<?php echo get_sanitize_input($nw['nw_subject']); ?>" id="nw_subject" required class="frm_input required" size="80">
</td>
</tr>
<tr>
Expand Down
4 changes: 3 additions & 1 deletion adm/newwinformupdate.php
Expand Up @@ -12,6 +12,8 @@

check_admin_token();

$nw_subject = isset($_POST['nw_subject']) ? strip_tags($_POST['nw_subject']) : '';

$sql_common = " nw_device = '{$_POST['nw_device']}',
nw_begin_time = '{$_POST['nw_begin_time']}',
nw_end_time = '{$_POST['nw_end_time']}',
Expand All @@ -20,7 +22,7 @@
nw_top = '{$_POST['nw_top']}',
nw_height = '{$_POST['nw_height']}',
nw_width = '{$_POST['nw_width']}',
nw_subject = '{$_POST['nw_subject']}',
nw_subject = '{$nw_subject}',
nw_content = '{$_POST['nw_content']}',
nw_content_html = '{$_POST['nw_content_html']}' ";

Expand Down
6 changes: 3 additions & 3 deletions adm/point_update.php
Expand Up @@ -6,9 +6,9 @@

check_admin_token();

$mb_id = $_POST['mb_id'];
$po_point = $_POST['po_point'];
$po_content = $_POST['po_content'];
$mb_id = strip_tags($_POST['mb_id']);
$po_point = strip_tags($_POST['po_point']);
$po_content = strip_tags($_POST['po_content']);
$expire = preg_replace('/[^0-9]/', '', $_POST['po_expire_term']);

$mb = get_member($mb_id);
Expand Down
2 changes: 2 additions & 0 deletions adm/sms_admin/num_book_update.php
Expand Up @@ -21,6 +21,8 @@
if (!strlen(trim($bk_name)))
alert('이름을 입력해주세요');

$bk_name = strip_tags($bk_name);

if ($bk_hp == '')
alert('휴대폰번호만 입력 가능합니다.');
/*
Expand Down
4 changes: 2 additions & 2 deletions adm/sms_admin/num_book_write.php
Expand Up @@ -30,7 +30,7 @@
$g5['title'] .= '수정';
}
else {
$write['bg_no'] = $bg_no;
$write = array('bg_no' => (int) $bg_no);
$g5['title'] .= '추가';
}

Expand Down Expand Up @@ -74,7 +74,7 @@
</tr>
<tr>
<th scope="row"><label for="bk_name">이름<strong class="sound_only"> 필수</strong></label></th>
<td><input type="text" name="bk_name" id="bk_name" maxlength="50" value="<?php echo $write['bk_name']?>" required class="frm_input required"></td>
<td><input type="text" name="bk_name" id="bk_name" maxlength="50" value="<?php echo get_sanitize_input($write['bk_name']); ?>" required class="frm_input required"></td>
</tr>
<tr>
<th scope="row"><label for="bk_hp">휴대폰번호<strong class="sound_only"> 필수</strong></label></th>
Expand Down

0 comments on commit b1fc952

Please sign in to comment.