잘못된 코드 수정

2019-06-13 16:33:02 +09:00
parent a6d851e174
commit 17238808b5
5 changed files with 11 additions and 8 deletions
--- a/adm/board_list_update.php
+++ b/adm/board_list_update.php
@ -29,9 +29,11 @@ if ($_POST['act_button'] == "선택수정") {
                alert('최고관리자가 아닌 경우 다른 관리자의 게시판('.$board_table[$k].')은 수정이 불가합니다.');
        }

+        $p_bo_subject = is_array($_POST['bo_subject']) ? strip_tags($_POST['bo_subject'][$k]) : '';
+
        $sql = " update {$g5['board_table']}
                    set gr_id               = '".sql_real_escape_string(strip_tags($_POST['gr_id'][$k]))."',
-                        bo_subject          = '".sql_real_escape_string(strip_tags($_POST['bo_subject'][$k]))."',
+                        bo_subject          = '".$p_bo_subject."',
                        bo_device           = '".sql_real_escape_string(strip_tags($_POST['bo_device'][$k]))."',
                        bo_skin             = '".sql_real_escape_string(strip_tags($_POST['bo_skin'][$k]))."',
                        bo_mobile_skin      = '".sql_real_escape_string(strip_tags($_POST['bo_mobile_skin'][$k]))."',
--- a/adm/boardgroup_list_update.php
+++ b/adm/boardgroup_list_update.php
@ -19,7 +19,8 @@ for ($i=0; $i<$count; $i++)
 {
    $k     = $_POST['chk'][$i];
    $gr_id = preg_replace('/[^a-z0-9_]/i', '', $_POST['group_id'][$k]);
-    $gr_subject = sql_real_escape_string(strip_tags($_POST['gr_subject'][$k]));
+    $gr_subject = is_array($_POST['gr_subject']) ? strip_tags($_POST['gr_subject'][$k]) : '';
+    $gr_admin = is_array($_POST['gr_admin']) ? strip_tags($_POST['gr_admin'][$k]) : '';

    if($_POST['act_button'] == '선택수정') {
        $sql = " update {$g5['group_table']}
@ -30,7 +31,7 @@ for ($i=0; $i<$count; $i++)
                        gr_order      = '".sql_real_escape_string($_POST['gr_order'][$k])."'
                  where gr_id         = '{$gr_id}' ";
        if ($is_admin != 'super')
-            $sql .= " and gr_admin    = '{$_POST['gr_admin'][$k]}' ";
+            $sql .= " and gr_admin    = '{$gr_admin}' ";
        sql_query($sql);
    } else if($_POST['act_button'] == '선택삭제') {
        $row = sql_fetch(" select count(*) as cnt from {$g5['board_table']} where gr_id = '$gr_id' ");
--- a/head.sub.php
+++ b/head.sub.php
@ -19,8 +19,8 @@ else {
    $g5_head_title .= " | ".$config['cf_title'];
 }

-$g5['title'] = strip_tags(get_text($g5['title']));
-$g5_head_title = strip_tags(get_text($g5_head_title));
+$g5['title'] = strip_tags($g5['title']);
+$g5_head_title = strip_tags($g5_head_title);

 // 현재 접속자
 // 게시판 제목에 ' 포함되면 오류 발생
--- a/lib/common.lib.php
+++ b/lib/common.lib.php
@ -3425,7 +3425,7 @@ function get_head_title($title){
    global $g5;

    if( isset($g5['board_title']) && $g5['board_title'] ){
-        $title = strip_tags(get_text($g5['board_title']));
+        $title = strip_tags($g5['board_title']);
    }

    return $title;
--- a/theme/basic/head.sub.php
+++ b/theme/basic/head.sub.php
@ -13,8 +13,8 @@ else {
    $g5_head_title .= " | ".$config['cf_title'];
 }

-$g5['title'] = strip_tags(get_text($g5['title']));
-$g5_head_title = strip_tags(get_text($g5_head_title));
+$g5['title'] = strip_tags($g5['title']);
+$g5_head_title = strip_tags($g5_head_title);

 // 현재 접속자
 // 게시판 제목에 ' 포함되면 오류 발생