firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

Reflected XSS 취약점 수정

Browse Source
This commit is contained in:
chicpro
2015-06-10 13:54:53 +09:00
parent ab30d5981d
commit 1a2f4251ed
9 changed files with 93 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
skin/board/basic/view_comment.skin.php
View File

@ -56,7 +56,7 @@ var char_max = parseInt(<?php echo $comment_max ?>); // 최대
<textarea id="save_comment_<?php echo $comment_id ?>" style="display:none"><?php echo get_text($list[$i]['content1'], 0) ?></textarea>
<?php if($list[$i]['is_reply'] || $list[$i]['is_edit'] || $list[$i]['is_del']) {
$query_string = str_replace("&", "&amp;", $_SERVER['QUERY_STRING']);
$query_string = clean_query_string($_SERVER['QUERY_STRING']);
if($w == 'cu') {
$sql = " select wr_id, wr_content from $write_table where wr_id = '$c_id' and wr_is_comment = '1' ";