sql injection 보안패치 및 스마트에디터2 추가

2014-07-18 17:10:25 +09:00
parent 2658dde159
commit 2579323ddf
92 changed files with 46187 additions and 7 deletions
--- a/bbs/write_update.php
+++ b/bbs/write_update.php
@ -10,6 +10,7 @@ $msg = array();
 $wr_subject = '';
 if (isset($_POST['wr_subject'])) {
    $wr_subject = substr(trim($_POST['wr_subject']),0,255);
+    $wr_subject = preg_replace("#[\\\]+$#", "", $wr_subject);
 }
 if ($wr_subject == '') {
    $msg[] = '<strong>제목</strong>을 입력하세요.';