From fcf518353c61cd3ce8e394ccec7ff99777202694 Mon Sep 17 00:00:00 2001
From: chicpro <chicpro@gmail.com>
Date: Tue, 28 Oct 2014 10:15:44 +0900
Subject: [PATCH 1/2] =?UTF-8?q?wr=5Flink=EB=A5=BC=20=EC=9D=B4=EC=9A=A9?=
 =?UTF-8?q?=ED=95=9C=20sql=20injection=20=EB=8C=80=EC=9D=91=20=EC=BD=94?=
 =?UTF-8?q?=EB=93=9C=20=EC=B6=94=EA=B0=80?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 bbs/write_update.php | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/bbs/write_update.php b/bbs/write_update.php
index 11a8d185b..fcc33c999 100644
--- a/bbs/write_update.php
+++ b/bbs/write_update.php
@@ -28,11 +28,15 @@ if ($wr_content == '') {
 $wr_link1 = '';
 if (isset($_POST['wr_link1'])) {
     $wr_link1 = substr($_POST['wr_link1'],0,1000);
+    $wr_link1 = trim(strip_tags($wr_link1));
+    $wr_link1 = preg_replace("#[\\\]+$#", "", $wr_link1);
 }
 
 $wr_link2 = '';
 if (isset($_POST['wr_link2'])) {
     $wr_link2 = substr($_POST['wr_link2'],0,1000);
+    $wr_link2 = trim(strip_tags($wr_link2));
+    $wr_link2 = preg_replace("#[\\\]+$#", "", $wr_link2);
 }
 
 $msg = implode('<br>', $msg);
@@ -52,10 +56,6 @@ if (empty($_POST)) {
     alert("파일 또는 글내용의 크기가 서버에서 설정한 값을 넘어 오류가 발생하였습니다.\\npost_max_size=".ini_get('post_max_size')." , upload_max_filesize=".$upload_max_filesize."\\n게시판관리자 또는 서버관리자에게 문의 바랍니다.");
 }
 
-$w = $_POST['w'];
-$wr_link1 = trim(strip_tags($wr_link1));
-$wr_link2 = trim(strip_tags($wr_link2));
-
 $notice_array = explode(",", $board['bo_notice']);
 
 if ($w == 'u' || $w == 'r') {

From 4c8349fbb50d3aaf91f3ef11f356076a344a8e2b Mon Sep 17 00:00:00 2001
From: chicpro <chicpro@gmail.com>
Date: Tue, 28 Oct 2014 10:16:34 +0900
Subject: [PATCH 2/2] =?UTF-8?q?=EC=98=A4=ED=83=80=20=EC=88=98=EC=A0=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 adm/admin.head.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/adm/admin.head.php b/adm/admin.head.php
index c175f62f3..c8253f8ac 100644
--- a/adm/admin.head.php
+++ b/adm/admin.head.php
@@ -95,7 +95,7 @@ function imageview(id, w, h)
                     continue;
                 }
                 $current_class = "";
-                if (isset($sub_menu) && (substr($sub_menu, 0, 2) == substr($menu['menu'.$key][0][0], 0, 2)))
+                if (isset($sub_menu) && (substr($sub_menu, 0, 3) == substr($menu['menu'.$key][0][0], 0, 3)))
                     $current_class = " gnb_1dli_air";
                 $gnb_str .= '<li class="gnb_1dli'.$current_class.'">'.PHP_EOL;
                 $gnb_str .=  $href1 . $menu['menu'.$key][0][1] . $href2;