From 4d9e6be3944ec352a936fa703a6418291ca0f5ba Mon Sep 17 00:00:00 2001 From: chicpro Date: Thu, 18 Jun 2015 17:33:21 +0900 Subject: [PATCH] =?UTF-8?q?XSS=20=EC=B7=A8=EC=95=BD=EC=A0=90=20=EC=88=98?= =?UTF-8?q?=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- bbs/current_connect.php | 1 + head.sub.php | 4 ++-- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/bbs/current_connect.php b/bbs/current_connect.php index 686522564..5ad0e2a4e 100644 --- a/bbs/current_connect.php +++ b/bbs/current_connect.php @@ -12,6 +12,7 @@ $sql = " select a.mb_id, b.mb_nick, b.mb_name, b.mb_email, b.mb_homepage, b.mb_o order by a.lo_datetime desc "; $result = sql_query($sql); for ($i=0; $row=sql_fetch_array($result); $i++) { + $row['lo_url'] = get_text($row['lo_url']); $list[$i] = $row; if ($row['mb_id']) { diff --git a/head.sub.php b/head.sub.php index bcfb4b9c2..96a8d8d27 100644 --- a/head.sub.php +++ b/head.sub.php @@ -23,8 +23,8 @@ else { // 게시판 제목에 ' 포함되면 오류 발생 $g5['lo_location'] = addslashes($g5['title']); if (!$g5['lo_location']) - $g5['lo_location'] = addslashes($_SERVER['REQUEST_URI']); -$g5['lo_url'] = addslashes($_SERVER['REQUEST_URI']); + $g5['lo_location'] = addslashes(clean_xss_tags($_SERVER['REQUEST_URI'])); +$g5['lo_url'] = addslashes(clean_xss_tags($_SERVER['REQUEST_URI'])); if (strstr($g5['lo_url'], '/'.G5_ADMIN_DIR.'/') || $is_admin == 'super') $g5['lo_url'] = ''; /*