XSS 취약점(16-1007) 수정

2017-01-05 17:56:22 +09:00
parent 27d603a804
commit 340fd32449
10 changed files with 54 additions and 4 deletions
--- a/adm/shop_admin/optionstocklist.php
+++ b/adm/shop_admin/optionstocklist.php
@ -4,6 +4,13 @@ include_once('./_common.php');

 auth_check($auth[$sub_menu], "r");

+$doc = strip_tags($doc);
+$sort1 = strip_tags($sort1);
+$sort2 = in_array($sort2, array('desc', 'asc')) ? $sort2 : 'desc';
+$sel_ca_id = get_search_string($sel_ca_id);
+$sel_field = get_search_string($sel_field);
+$search = get_search_string($search);
+
 $g5['title'] = '상품옵션재고관리';
 include_once (G5_ADMIN_PATH.'/admin.head.php');