From 1b773bfa612a849ce4e5b88bdab89b4fb10d083c Mon Sep 17 00:00:00 2001
From: thisgun <thisgun@naver.com>
Date: Mon, 27 May 2019 14:41:35 +0900
Subject: [PATCH] =?UTF-8?q?KVE-2019-0724=20=EC=98=81=EC=B9=B4=ED=8A=B8=20?=
 =?UTF-8?q?=EB=8B=A4=EC=A4=91=20=EC=B7=A8=EC=95=BD=EC=A0=90=20=EC=88=98?=
 =?UTF-8?q?=EC=A0=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 adm/shop_admin/categoryformupdate.php | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/adm/shop_admin/categoryformupdate.php b/adm/shop_admin/categoryformupdate.php
index 7fc4ff873..86f1f795c 100644
--- a/adm/shop_admin/categoryformupdate.php
+++ b/adm/shop_admin/categoryformupdate.php
@@ -40,6 +40,14 @@ if(!is_include_path_check($_POST['ca_include_tail'], 1)) {
     alert('하단 파일 경로에 포함시킬수 없는 문자열이 있습니다.');
 }
 
+$check_keys = array('ca_skin_dir', 'ca_mobile_skin_dir', 'ca_skin', 'ca_mobile_skin'); 
+
+foreach( $check_keys as $key ){
+    if( isset($$key) && preg_match('#\.+(\/|\\\)#', $$key) ){
+        alert('스킨명 또는 경로에 포함시킬수 없는 문자열이 있습니다.');
+    }
+}
+
 if ($w == "u" || $w == "d")
     check_demo();