firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

그누보드 다중 취약점 (17-0295, 334, 355) 수정

Browse Source
This commit is contained in:
thisgun
2017-09-28 20:23:28 +09:00
parent 5970f2a577
commit 0f4ec77ac0
6 changed files with 93 additions and 42 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
adm/admin.lib.php
View File

@ -382,15 +382,24 @@ function admin_referer_check($return=false)
}
$p = @parse_url($referer);
$host = preg_replace('/:[0-9]+$/', '', $_SERVER['HTTP_HOST']);
$msg = '';
if($host != $p['host']) {
$msg = '올바른 방법으로 이용해 주십시오.';
}
if($return)
if( $p['path'] && ! preg_match( '/\/'.preg_quote(G5_ADMIN_DIR).'\//i', $p['path'] ) ){
$msg = '올바른 방법으로 이용해 주십시오';
}
if( $msg ){
if($return) {
return $msg;
else
} else {
alert($msg, G5_URL);
}
}
}