From 38f1e838a59369d8ac5b068a370960db52e20fff Mon Sep 17 00:00:00 2001
From: thisgun <thisgun@naver.com>
Date: Fri, 29 Sep 2017 10:36:32 +0900
Subject: [PATCH] =?UTF-8?q?=EA=B7=B8=EB=88=84=EB=B3=B4=EB=93=9C,=20?=
 =?UTF-8?q?=EC=98=81=EC=B9=B4=ED=8A=B8=20=EA=B4=80=EB=A6=AC=EC=9E=90?=
 =?UTF-8?q?=ED=8E=98=EC=9D=B4=EC=A7=80=20=ED=8C=8C=EC=9D=BC=20=EC=82=AD?=
 =?UTF-8?q?=EC=A0=9C=20=EC=B7=A8=EC=95=BD=EC=A0=90=20(17-664)=20=EC=88=98?=
 =?UTF-8?q?=EC=A0=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 adm/board_list_update.php | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/adm/board_list_update.php b/adm/board_list_update.php
index 20bba640a..a26e521d6 100644
--- a/adm/board_list_update.php
+++ b/adm/board_list_update.php
@@ -62,7 +62,10 @@ if ($_POST['act_button'] == "선택수정") {
 
         // include 전에 $bo_table 값을 반드시 넘겨야 함
         $tmp_bo_table = trim($_POST['board_table'][$k]);
-        include ('./board_delete.inc.php');
+
+        if( preg_match("/^[A-Za-z0-9_]+$/", $tmp_bo_table) ){
+            include ('./board_delete.inc.php');
+        }
     }