From 36e6d53374dc0dacb314d1bb42503bd547c32716 Mon Sep 17 00:00:00 2001
From: chicpro <chicpro@gmail.com>
Date: Thu, 23 Oct 2014 09:21:59 +0900
Subject: [PATCH] =?UTF-8?q?=ED=9A=8C=EC=9B=90=20=ED=99=88=ED=8E=98?=
 =?UTF-8?q?=EC=9D=B4=EC=A7=80=EB=A5=BC=20=EC=9D=B4=EC=9A=A9=ED=95=9C=20SQL?=
 =?UTF-8?q?=20Injection=20=EC=98=A4=EB=A5=98=20=EC=88=98=EC=A0=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 bbs/scrap_popin_update.php   | 6 +++---
 bbs/write_comment_update.php | 8 ++++----
 bbs/write_update.php         | 6 +++---
 3 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/bbs/scrap_popin_update.php b/bbs/scrap_popin_update.php
index 49fe298ad..ffb6e8137 100644
--- a/bbs/scrap_popin_update.php
+++ b/bbs/scrap_popin_update.php
@@ -40,10 +40,10 @@ if ($wr_content && ($member['mb_level'] >= $board['bo_comment_level']))
     if ($wr['wr_id'])
     {
         $mb_id = $member['mb_id'];
-        $wr_name = $member['mb_nick'];
+        $wr_name = addslashes(clean_xss_tags($board['bo_use_name'] ? $member['mb_name'] : $member['mb_nick']));
         $wr_password = $member['mb_password'];
-        $wr_email = $member['mb_email'];
-        $wr_homepage = $member['mb_homepage'];
+        $wr_email = addslashes($member['mb_email']);
+        $wr_homepage = addslashes(clean_xss_tags($member['mb_homepage']));
 
         $sql = " select max(wr_comment) as max_comment from $write_table
                     where wr_parent = '$wr_id' and wr_is_comment = '1' ";
diff --git a/bbs/write_comment_update.php b/bbs/write_comment_update.php
index 667e5131e..ceb54a5ee 100644
--- a/bbs/write_comment_update.php
+++ b/bbs/write_comment_update.php
@@ -15,7 +15,7 @@ $w = $_POST["w"];
 $wr_name  = trim($_POST['wr_name']);
 $wr_email = '';
 if (!empty($_POST['wr_email']))
-    $wr_email = trim($_POST['wr_email']);
+    $wr_email = get_email_address(trim($_POST['wr_email']));
 
 // 비회원의 경우 이름이 누락되는 경우가 있음
 if ($is_guest) {
@@ -52,10 +52,10 @@ if ($is_member)
 {
     $mb_id = $member['mb_id'];
     // 4.00.13 - 실명 사용일때 댓글에 닉네임으로 입력되던 오류를 수정
-    $wr_name = $board['bo_use_name'] ? $member['mb_name'] : $member['mb_nick'];
+    $wr_name = addslashes(clean_xss_tags($board['bo_use_name'] ? $member['mb_name'] : $member['mb_nick']));
     $wr_password = $member['mb_password'];
-    $wr_email = $member['mb_email'];
-    $wr_homepage = $member['mb_homepage'];
+    $wr_email = addslashes($member['mb_email']);
+    $wr_homepage = addslashes(clean_xss_tags($member['mb_homepage']));
 }
 else
 {
diff --git a/bbs/write_update.php b/bbs/write_update.php
index 1124b849c..857889f90 100644
--- a/bbs/write_update.php
+++ b/bbs/write_update.php
@@ -407,9 +407,9 @@ if ($w == '' || $w == 'r') {
         // 자신의 글이라면
         if ($member['mb_id'] == $wr['mb_id']) {
             $mb_id = $member['mb_id'];
-            $wr_name = $board['bo_use_name'] ? $member['mb_name'] : $member['mb_nick'];
-            $wr_email = $member['mb_email'];
-            $wr_homepage = $member['mb_homepage'];
+            $wr_name = addslashes(clean_xss_tags($board['bo_use_name'] ? $member['mb_name'] : $member['mb_nick']));
+            $wr_email = addslashes($member['mb_email']);
+            $wr_homepage = addslashes(clean_xss_tags($member['mb_homepage']));
         } else {
             $mb_id = $wr['mb_id'];
             $wr_name = $wr['wr_name'];