firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

[KVE-2019-1571,1573,1578,1580]그누보드 XSS 취약점 수정

Browse Source
This commit is contained in:
thisgun
2020-02-13 13:48:37 +09:00
parent 992d3d93f4
commit 120d8cf564
10 changed files with 17 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
adm/qa_config.php
View File

@ -133,7 +133,7 @@ if(!isset($qaconfig['qa_include_head'])) {
<tr>
<th scope="row"><label for="qa_title">타이틀<strong class="sound_only">필수</strong></label></th>
<td>
<input type="text" name="qa_title" value="<?php echo $qaconfig['qa_title'] ?>" id="qa_title" required class="required frm_input" size="40">
<input type="text" name="qa_title" value="<?php echo get_sanitize_input($qaconfig['qa_title']); ?>" id="qa_title" required class="required frm_input" size="40">
<a href="<?php echo G5_BBS_URL; ?>/qalist.php" class="btn_frmline">1:1문의 바로가기</a>
</td>
</tr>
@ -141,7 +141,7 @@ if(!isset($qaconfig['qa_include_head'])) {
<th scope="row"><label for="qa_category">분류<strong class="sound_only">필수</strong></label></th>
<td>
<?php echo help('분류와 분류 사이는 | 로 구분하세요. (예: 질문|답변) 첫자로 #은 입력하지 마세요. (예: #질문|#답변 [X])') ?>
<input type="text" name="qa_category" value="<?php echo $qaconfig['qa_category'] ?>" id="qa_category" required class="required frm_input" size="70">
<input type="text" name="qa_category" value="<?php echo get_sanitize_input($qaconfig['qa_category']); ?>" id="qa_category" required class="required frm_input" size="70">
</td>
</tr>
<tr>
@ -184,21 +184,21 @@ if(!isset($qaconfig['qa_include_head'])) {
<th scope="row"><label for="qa_send_number">SMS 발신번호</label></th>
<td>
<?php echo help('SMS 알림 전송시 발신번호로 사용됩니다.'); ?>
<input type="text" name="qa_send_number" value="<?php echo $qaconfig['qa_send_number'] ?>" id="qa_send_number" class="frm_input" size="30">
<input type="text" name="qa_send_number" value="<?php echo get_sanitize_input($qaconfig['qa_send_number']); ?>" id="qa_send_number" class="frm_input" size="30">
</td>
</tr>
<tr>
<th scope="row"><label for="qa_admin_hp">관리자 휴대폰번호</label></th>
<td>
<?php echo help('관리자 휴대폰번호를 입력하시면 문의글 등록시 등록하신 번호로 SMS 알림이 전송됩니다.<br>SMS 알림을 사용하지 않으시면 알림이 전송되지 않습니다.'); ?>
<input type="text" name="qa_admin_hp" value="<?php echo $qaconfig['qa_admin_hp'] ?>" id="qa_admin_hp" class="frm_input" size="30">
<input type="text" name="qa_admin_hp" value="<?php echo get_sanitize_input($qaconfig['qa_admin_hp']); ?>" id="qa_admin_hp" class="frm_input" size="30">
</td>
</tr>
<tr>
<th scope="row"><label for="qa_admin_email">관리자 이메일</label></th>
<td>
<?php echo help('관리자 이메일을 입력하시면 문의글 등록시 등록하신 이메일로 알림이 전송됩니다.'); ?>
<input type="text" name="qa_admin_email" value="<?php echo $qaconfig['qa_admin_email'] ?>" id="qa_admin_email" class="frm_input" size="50">
<input type="text" name="qa_admin_email" value="<?php echo get_sanitize_input($qaconfig['qa_admin_email']); ?>" id="qa_admin_email" class="frm_input" size="50">
</td>
</tr>
<tr>