From 27d603a8049f29ece055df4f8e4b9d87f84aa65d Mon Sep 17 00:00:00 2001 From: thisgun Date: Thu, 5 Jan 2017 12:29:20 +0900 Subject: [PATCH] =?UTF-8?q?XSS=20=EC=B7=A8=EC=95=BD=EC=A0=90(16-995,=20100?= =?UTF-8?q?3)=20=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- shop/itemqaform.php | 4 ++-- shop/itemqaformupdate.php | 2 +- shop/itemuseform.php | 4 ++-- shop/itemuseformupdate.php | 2 +- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/shop/itemqaform.php b/shop/itemqaform.php index a1e2eb384..b488f590a 100644 --- a/shop/itemqaform.php +++ b/shop/itemqaform.php @@ -13,8 +13,8 @@ if (!$is_member) { } $w = trim($_REQUEST['w']); -$it_id = trim($_REQUEST['it_id']); -$iq_id = trim($_REQUEST['iq_id']); +$it_id = get_search_string(trim($_REQUEST['it_id'])); +$iq_id = preg_replace('/[^0-9]/', '', trim($_REQUEST['iq_id'])); // 상품정보체크 $sql = " select it_id from {$g5['g5_shop_item_table']} where it_id = '$it_id' "; diff --git a/shop/itemqaformupdate.php b/shop/itemqaformupdate.php index 71c313050..b1764ed4d 100644 --- a/shop/itemqaformupdate.php +++ b/shop/itemqaformupdate.php @@ -12,7 +12,7 @@ $iq_answer = trim($_POST['iq_answer']); $hash = trim($_REQUEST['hash']); if ($w == "" || $w == "u") { - $iq_name = addslashes($member['mb_name']); + $iq_name = addslashes(strip_tags($member['mb_name'])); $iq_password = $member['mb_password']; if (!$iq_subject) alert("제목을 입력하여 주십시오."); diff --git a/shop/itemuseform.php b/shop/itemuseform.php index eb9fcf5e4..f97d19529 100644 --- a/shop/itemuseform.php +++ b/shop/itemuseform.php @@ -13,8 +13,8 @@ if (!$is_member) { } $w = trim($_REQUEST['w']); -$it_id = trim($_REQUEST['it_id']); -$is_id = trim($_REQUEST['is_id']); +$it_id = get_search_string(trim($_REQUEST['it_id'])); +$is_id = preg_replace('/[^0-9]/', '', trim($_REQUEST['is_id'])); // 상품정보체크 $sql = " select it_id from {$g5['g5_shop_item_table']} where it_id = '$it_id' "; diff --git a/shop/itemuseformupdate.php b/shop/itemuseformupdate.php index 45ddb11c2..6d3537282 100644 --- a/shop/itemuseformupdate.php +++ b/shop/itemuseformupdate.php @@ -16,7 +16,7 @@ $is_score = (int)$_POST['is_score'] > 5 ? 0 : (int)$_POST['is_score']; check_itemuse_write($it_id, $member['mb_id']); if ($w == "" || $w == "u") { - $is_name = addslashes($member['mb_name']); + $is_name = addslashes(strip_tags($member['mb_name'])); $is_password = $member['mb_password']; if (!$is_subject) alert("제목을 입력하여 주십시오.");