firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

XSS 취약점(16-1007) 수정

Browse Source
This commit is contained in:
thisgun
2017-01-05 17:56:22 +09:00
parent 27d603a804
commit 340fd32449
10 changed files with 54 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
adm/shop_admin/wishlist.php
View File

@ -10,8 +10,15 @@ include_once(G5_PLUGIN_PATH.'/jquery-ui/datepicker.php');
if (!$to_date) $to_date = date("Ymd", time());
$doc = strip_tags($doc);
$sort1 = strip_tags($sort1);
$sel_ca_id = get_search_string($sel_ca_id);
if( preg_match("/[^0-9]/", $fr_date) ) $fr_date = '';
if( preg_match("/[^0-9]/", $to_date) ) $to_date = '';
if ($sort1 == "") $sort1 = "it_id_cnt";
if ($sort2 == "") $sort2 = "desc";
if ($sort2 == "" || $sort2 != "asc") $sort2 = "desc";
$sql = " select a.it_id,
b.it_name,