firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

XSS 및 SQL Injection 오류 수정

Browse Source
This commit is contained in:
chicpro
2014-10-17 11:15:36 +09:00
parent be8c7e3ee5
commit 12f9a05106
3 changed files with 9 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
bbs/profile.php
View File

@ -24,7 +24,7 @@ $sql = " select (TO_DAYS('".G5_TIME_YMDHIS."') - TO_DAYS('{$mb['mb_datetime']}')
$row = sql_fetch($sql);
$mb_reg_after = $row['days'];
$mb_homepage = set_http($mb['mb_homepage']);
$mb_homepage = set_http(clean_xss_tags($mb['mb_homepage']));
$mb_profile = $mb['mb_profile'] ? conv_content($mb['mb_profile'],0) : '소개 내용이 없습니다.';
include_once($member_skin_path.'/profile.skin.php');