From 51ac32547f3818886b36b4b750354cbc1e4493ec Mon Sep 17 00:00:00 2001 From: whitedot Date: Tue, 18 Mar 2014 13:07:41 +0900 Subject: [PATCH 1/2] =?UTF-8?q?=EC=82=AC=EC=9A=A9=EC=9E=90:=20gnb=20?= =?UTF-8?q?=EB=A9=94=EB=89=B4=20=EC=97=86=EC=9D=84=20=EB=95=8C=20=EC=95=88?= =?UTF-8?q?=EB=82=B4=EB=AC=B8=EA=B5=AC=20=EC=88=98=EC=A0=95,=20=EC=82=AC?= =?UTF-8?q?=EB=85=B8=EB=9D=BC=EA=B0=80=EB=85=B8=EB=9D=BC(ogogago)=EB=8B=98?= =?UTF-8?q?=20=EA=B1=B4=EC=9D=98?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- head.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/head.php b/head.php index f15ff9d6b..25ead4274 100644 --- a/head.php +++ b/head.php @@ -148,7 +148,7 @@ if (G5_IS_MOBILE) {
  • 생성된 메뉴가 없습니다.
  • 메뉴 준비 중입니다. (관리자모드 > 환경설정 > 메뉴설정에서 설정하실 수 있습니다.)
    • From 4ddd09df85d588d996b282f8bba6c6744c75f1f6 Mon Sep 17 00:00:00 2001 From: chicpro Date: Tue, 18 Mar 2014 15:35:21 +0900 Subject: [PATCH 2/2] =?UTF-8?q?Blind=20SQL=20Injection=20=EB=8C=80?= =?UTF-8?q?=EC=9D=91=20=EC=BD=94=EB=93=9C=20=EC=B6=94=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- common.php | 20 ++++++++++---------- lib/common.lib.php | 12 ++++++++++++ 2 files changed, 22 insertions(+), 10 deletions(-) diff --git a/common.php b/common.php index e28288fe8..abd7fc1d5 100644 --- a/common.php +++ b/common.php @@ -69,21 +69,21 @@ if (file_exists($dbconfig_file)) { if (defined(G5_TIMEZONE)) @mysql_query(" set time_zone = '".G5_TIMEZONE."'"); //============================================================================== - // SQL Injection 등으로 부터 보호를 위해 mysql_real_escape_string() 적용 + // SQL Injection 등으로 부터 보호를 위해 sql_escape_string() 적용 //------------------------------------------------------------------------------ // magic_quotes_gpc 에 의한 backslashes 제거 if (get_magic_quotes_gpc()) { - $_POST = array_map_deep('stripslashes', $_POST); - $_GET = array_map_deep('stripslashes', $_GET); - $_COOKIE = array_map_deep('stripslashes', $_COOKIE); - $_REQUEST = array_map_deep('stripslashes', $_REQUEST); + $_POST = array_map_deep('stripslashes', $_POST); + $_GET = array_map_deep('stripslashes', $_GET); + $_COOKIE = array_map_deep('stripslashes', $_COOKIE); + $_REQUEST = array_map_deep('stripslashes', $_REQUEST); } - // mysql_real_escape_string 적용 - $_POST = array_map_deep(G5_ESCAPE_FUNCTION, $_POST); - $_GET = array_map_deep(G5_ESCAPE_FUNCTION, $_GET); - $_COOKIE = array_map_deep(G5_ESCAPE_FUNCTION, $_COOKIE); - $_REQUEST = array_map_deep(G5_ESCAPE_FUNCTION, $_REQUEST); + // sql_escape_string 적용 + $_POST = array_map_deep('sql_escape_string', $_POST); + $_GET = array_map_deep('sql_escape_string', $_GET); + $_COOKIE = array_map_deep('sql_escape_string', $_COOKIE); + $_REQUEST = array_map_deep('sql_escape_string', $_REQUEST); //============================================================================== // PHP 4.1.0 부터 지원됨 diff --git a/lib/common.lib.php b/lib/common.lib.php index 978f38e09..1d8ff1d3d 100644 --- a/lib/common.lib.php +++ b/lib/common.lib.php @@ -25,6 +25,18 @@ function array_map_deep($fn, $array) return $array; } +// SQL Injection 대응 문자열 필터링 +function sql_escape_string($str) +{ + $pattern = '/(and|or).*(union|select|insert|update|delete|from|where|limit|create|drop).*/i'; + $replace = ''; + + $str = preg_replace($pattern, $replace, $str); + $str = call_user_func(G5_ESCAPE_FUNCTION, $str); + + return $str; +} + // 마이크로 타임을 얻어 계산 형식으로 만듦 function get_microtime() {