XSS 및 SQL Injection 취약점 수정

2014-07-31 15:48:34 +09:00
parent 3100f342c3
commit 4d115fd895
7 changed files with 22 additions and 5 deletions
--- a/lib/common.lib.php
+++ b/lib/common.lib.php
@ -2688,4 +2688,13 @@ function get_email_address($email)

    return $matches[0];
 }
+
+// 파일명에서 특수문자 제거
+function get_safe_filename($name)
+{
+    $pattern = '/["\'<>=#&!%\\\\(\)\*\+\?]/';
+    $name = preg_replace($pattern, '', $name);
+
+    return $name;
+}
 ?>