From 114a250fb7ba467655afbe61c93a84c864000478 Mon Sep 17 00:00:00 2001
From: thisgun <thisgun@naver.com>
Date: Tue, 13 Mar 2018 16:44:33 +0900
Subject: [PATCH] =?UTF-8?q?=EC=98=81=EC=B9=B4=ED=8A=B85=5F=EB=B8=94?=
 =?UTF-8?q?=EB=9D=BC=EC=9D=B8=EB=93=9C=5FSQL=5FInjection(2018-0103)=20?=
 =?UTF-8?q?=EC=88=98=EC=A0=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 adm/shop_admin/itemstocklist.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/adm/shop_admin/itemstocklist.php b/adm/shop_admin/itemstocklist.php
index 049687fe0..206430e2a 100644
--- a/adm/shop_admin/itemstocklist.php
+++ b/adm/shop_admin/itemstocklist.php
@@ -5,7 +5,7 @@ include_once('./_common.php');
 auth_check($auth[$sub_menu], "r");
 
 $doc = strip_tags($doc);
-$sort1 = strip_tags($sort1);
+$sort1 = in_array($sort1, array('it_id', 'it_name', 'it_stock_qty', 'it_use', 'it_soldout', 'it_stock_sms')) ? $sort1 : '';
 $sort2 = in_array($sort2, array('desc', 'asc')) ? $sort2 : 'desc';
 $sel_ca_id = get_search_string($sel_ca_id);
 $sel_field = get_search_string($sel_field);