From 2553e6464bf35bd64c3631e93bbc520099c912e1 Mon Sep 17 00:00:00 2001 From: thisgun Date: Fri, 19 May 2017 16:03:40 +0900 Subject: [PATCH] =?UTF-8?q?=EA=B2=8C=EC=8B=9C=ED=8C=90=20=EA=B2=80?= =?UTF-8?q?=EC=83=89=EC=8B=9C=20=ED=95=84=EB=93=9C=20=EC=86=8C=EB=AC=B8?= =?UTF-8?q?=EC=9E=90=EB=A1=9C=20=EB=B3=80=EA=B2=BD?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- lib/common.lib.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/common.lib.php b/lib/common.lib.php index 65fd95d66..40023f690 100644 --- a/lib/common.lib.php +++ b/lib/common.lib.php @@ -628,7 +628,7 @@ function get_sql_search($search_ca_name, $search_field, $search_text, $search_op // SQL Injection 방지 // 필드값에 a-z A-Z 0-9 _ , | 이외의 값이 있다면 검색필드를 wr_subject 로 설정한다. - $field[$k] = preg_match("/^[\w\,\|]+$/", $field[$k]) ? $field[$k] : "wr_subject"; + $field[$k] = preg_match("/^[\w\,\|]+$/", $field[$k]) ? strtolower($field[$k]) : "wr_subject"; $str .= $op2; switch ($field[$k]) {