1:1문의 이메일 입력 XSS 취약점 수정

bbs/qaview.php

@@ -30,7 +30,7 @@ if(is_file($skin_file)) {
     $view['content'] = conv_content($view['qa_content'], $view['qa_html']);
     $view['name'] = get_text($view['qa_name']);
     $view['datetime'] = $view['qa_datetime'];
-    $view['email'] = $view['qa_email'];
+    $view['email'] = get_text(strip_tags2($view['qa_email']));
     $view['hp'] = $view['qa_hp'];
 
     if (trim($stx))

bbs/qawrite_update.php

@@ -10,8 +10,21 @@ $w == u : 수정
 if($is_guest)
     alert('회원이시라면 로그인 후 이용해 보십시오.', './login.php?url='.urlencode(G5_BBS_URL.'/qalist.php'));
 
+$qaconfig = get_qa_config();
+
 $msg = array();
 
+// e-mail 체크
+if(isset($_POST['qa_email']) && $qa_email) {
+    $qa_email = strip_tags2(trim($_POST['qa_email']));
+
+    if($qaconfig['qa_req_email'] && !$qa_email)
+        $msg[] = '이메일을 입력하세요.';
+
+    if (!preg_match("/([0-9a-zA-Z_-]+)@([0-9a-zA-Z_-]+)\.([0-9a-zA-Z_-]+)/", $qa_email))
+        $msg[] = '이메일 주소가 형식에 맞지 않습니다.';
+}
+
 $qa_subject = '';
 if (isset($_POST['qa_subject'])) {
     $qa_subject = substr(trim($_POST['qa_subject']),0,255);

lib/common.lib.php

@@ -2710,4 +2710,13 @@ function member_delete($mb_id)
     $sql = " update {$g5['member_table']} set mb_password = '', mb_level = 1, mb_email = '', mb_homepage = '', mb_tel = '', mb_hp = '', mb_zip1 = '', mb_zip2 = '', mb_addr1 = '', mb_addr2 = '', mb_birth = '', mb_sex = '', mb_signature = '', mb_memo = '".date('Ymd', G5_SERVER_TIME)." 삭제함\n{$mb['mb_memo']}', mb_leave_date = '".date('Ymd', G5_SERVER_TIME)."' where mb_id = '{$mb_id}' ";
     sql_query($sql);
 }
+
+// strip_tags 변형
+function strip_tags2($str)
+{
+    if(!$str)
+        return '';
+
+    return strip_tags(preg_replace("#<script[^<]*</script[^>]*>#i", "", $str));
+}
 ?>