firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

글제목 문자열 자르기 오류를 이용한 sql injection 방지

Browse Source
This commit is contained in:
chicpro
2014-07-18 09:36:57 +09:00
parent 9d8a776bd9
commit 414b954b92
1 changed files with 1 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
bbs/write_update.php
View File

@ -10,6 +10,7 @@ $msg = array();
$wr_subject = ''; $wr_subject = '';
if (isset($_POST['wr_subject'])) { if (isset($_POST['wr_subject'])) {
$wr_subject = substr(trim($_POST['wr_subject']),0,255); $wr_subject = substr(trim($_POST['wr_subject']),0,255);
$wr_subject = preg_replace("#[\\\]+$#", "", $wr_subject);
} }
if ($wr_subject == '') { if ($wr_subject == '') {
$msg[] = '<strong>제목</strong>을 입력하세요.'; $msg[] = '<strong>제목</strong>을 입력하세요.';