firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

[KVE-2019-1571,1573,1578,1580]그누보드 XSS 취약점 수정

Browse Source
This commit is contained in:
thisgun
2020-02-13 13:48:37 +09:00
parent 992d3d93f4
commit 120d8cf564
10 changed files with 17 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
adm/qa_config_update.php
View File

@ -15,7 +15,7 @@ $qaconfig = get_qa_config();
$check_keys = array('qa_title', 'qa_category', 'qa_skin', 'qa_mobile_skin', 'qa_use_email', 'qa_req_email', 'qa_use_hp', 'qa_req_hp', 'qa_use_sms', 'qa_send_number', 'qa_admin_hp', 'qa_admin_email', 'qa_subject_len', 'qa_mobile_subject_len', 'qa_page_rows', 'qa_mobile_page_rows', 'qa_image_width', 'qa_upload_size');
foreach($check_keys as $key){
$$key = $_POST[$key] = isset($_POST[$key]) ? strip_tags($_POST[$key]) : '';
$$key = $_POST[$key] = isset($_POST[$key]) ? strip_tags(clean_xss_attributes($_POST[$key])) : '';
}
$qa_include_head = preg_replace(array("#[\\\]+$#", "#(<\?php|<\?)#i"), "", substr($qa_include_head, 0, 255));