diff --git a/adm/board_list_update.php b/adm/board_list_update.php
index 90a1c5d33..a7f358c1f 100644
--- a/adm/board_list_update.php
+++ b/adm/board_list_update.php
@@ -30,18 +30,18 @@ if ($_POST['act_button'] == "선택수정") {
}
$sql = " update {$g5['board_table']}
- set gr_id = '".sql_real_escape_string($_POST['gr_id'][$k])."',
- bo_subject = '".sql_real_escape_string($_POST['bo_subject'][$k])."',
- bo_device = '".sql_real_escape_string($_POST['bo_device'][$k])."',
- bo_skin = '".sql_real_escape_string($_POST['bo_skin'][$k])."',
- bo_mobile_skin = '".sql_real_escape_string($_POST['bo_mobile_skin'][$k])."',
- bo_read_point = '".sql_real_escape_string($_POST['bo_read_point'][$k])."',
- bo_write_point = '".sql_real_escape_string($_POST['bo_write_point'][$k])."',
- bo_comment_point = '".sql_real_escape_string($_POST['bo_comment_point'][$k])."',
- bo_download_point = '".sql_real_escape_string($_POST['bo_download_point'][$k])."',
- bo_use_search = '".sql_real_escape_string($_POST['bo_use_search'][$k])."',
- bo_use_sns = '".sql_real_escape_string($_POST['bo_use_sns'][$k])."',
- bo_order = '".sql_real_escape_string($_POST['bo_order'][$k])."'
+ set gr_id = '".sql_real_escape_string(strip_tags($_POST['gr_id'][$k]))."',
+ bo_subject = '".sql_real_escape_string(strip_tags($_POST['bo_subject'][$k]))."',
+ bo_device = '".sql_real_escape_string(strip_tags($_POST['bo_device'][$k]))."',
+ bo_skin = '".sql_real_escape_string(strip_tags($_POST['bo_skin'][$k]))."',
+ bo_mobile_skin = '".sql_real_escape_string(strip_tags($_POST['bo_mobile_skin'][$k]))."',
+ bo_read_point = '".sql_real_escape_string(strip_tags($_POST['bo_read_point'][$k]))."',
+ bo_write_point = '".sql_real_escape_string(strip_tags($_POST['bo_write_point'][$k]))."',
+ bo_comment_point = '".sql_real_escape_string(strip_tags($_POST['bo_comment_point'][$k]))."',
+ bo_download_point = '".sql_real_escape_string(strip_tags($_POST['bo_download_point'][$k]))."',
+ bo_use_search = '".sql_real_escape_string(strip_tags($_POST['bo_use_search'][$k]))."',
+ bo_use_sns = '".sql_real_escape_string(strip_tags($_POST['bo_use_sns'][$k]))."',
+ bo_order = '".sql_real_escape_string(strip_tags($_POST['bo_order'][$k]))."'
where bo_table = '".sql_real_escape_string($_POST['board_table'][$k])."' ";
sql_query($sql);
diff --git a/adm/contentform.php b/adm/contentform.php
index 6217e4603..133f36e2e 100644
--- a/adm/contentform.php
+++ b/adm/contentform.php
@@ -86,11 +86,11 @@ include_once (G5_ADMIN_PATH.'/admin.head.php');
| 내용 |
- |
+ |
| 모바일 내용 |
- |
+ |
|
diff --git a/head.sub.php b/head.sub.php
index 020900ea2..991d51727 100644
--- a/head.sub.php
+++ b/head.sub.php
@@ -19,6 +19,9 @@ else {
$g5_head_title .= " | ".$config['cf_title'];
}
+$g5['title'] = strip_tags(get_text($g5['title']));
+$g5_head_title = strip_tags(get_text($g5_head_title));
+
// 현재 접속자
// 게시판 제목에 ' 포함되면 오류 발생
$g5['lo_location'] = addslashes($g5['title']);
diff --git a/lib/common.lib.php b/lib/common.lib.php
index d4197e468..a1abcb54b 100644
--- a/lib/common.lib.php
+++ b/lib/common.lib.php
@@ -3416,7 +3416,7 @@ function get_head_title($title){
global $g5;
if( isset($g5['board_title']) && $g5['board_title'] ){
- $title = $g5['board_title'];
+ $title = strip_tags(get_text($g5['board_title']));
}
return $title;
@@ -3547,7 +3547,7 @@ function is_include_path_check($path='', $is_input='')
if( preg_match('/\/data\/(file|editor|qa|cache|member|member_image|session|tmp)\/[A-Za-z0-9_]{1,20}\//i', $replace_path) ){
return false;
}
- if( preg_match('/\.\.\//i', $replace_path) && preg_match('/plugin\//i', $replace_path) && preg_match('/okname\//i', $replace_path) ){
+ if( (preg_match('/\.\.\//i', $replace_path) || preg_match('/^\/.*/i', $replace_path)) && preg_match('/plugin\//i', $replace_path) && preg_match('/okname\//i', $replace_path) ){
return false;
}
}
diff --git a/plugin/okname/hpcert1.php b/plugin/okname/hpcert1.php
index 45c64bd8f..d81aaeb73 100644
--- a/plugin/okname/hpcert1.php
+++ b/plugin/okname/hpcert1.php
@@ -1,8 +1,14 @@