From 6518b228548843a95d1c13566399fe020d5427e4 Mon Sep 17 00:00:00 2001
From: chicpro <chicpro@gmail.com>
Date: Wed, 11 Jun 2014 15:30:55 +0900
Subject: [PATCH] =?UTF-8?q?1:1=EB=AC=B8=EC=9D=98=20XSS=20=EC=B7=A8?=
 =?UTF-8?q?=EC=95=BD=EC=A0=90=20=EC=88=98=EC=A0=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 bbs/qaview.php         |  2 +-
 bbs/qawrite_update.php | 13 +++++++++++++
 lib/common.lib.php     |  8 ++++++++
 3 files changed, 22 insertions(+), 1 deletion(-)

diff --git a/bbs/qaview.php b/bbs/qaview.php
index a3b0ad393..f6b294468 100644
--- a/bbs/qaview.php
+++ b/bbs/qaview.php
@@ -30,7 +30,7 @@ if(is_file($skin_file)) {
     $view['content'] = conv_content($view['qa_content'], $view['qa_html']);
     $view['name'] = get_text($view['qa_name']);
     $view['datetime'] = $view['qa_datetime'];
-    $view['email'] = $view['qa_email'];
+    $view['email'] = get_text(get_email_address($view['qa_email']));
     $view['hp'] = $view['qa_hp'];
 
     if (trim($stx))
diff --git a/bbs/qawrite_update.php b/bbs/qawrite_update.php
index d384659f6..b4ec7d3d5 100644
--- a/bbs/qawrite_update.php
+++ b/bbs/qawrite_update.php
@@ -10,8 +10,21 @@ $w == u : 수정
 if($is_guest)
     alert('회원이시라면 로그인 후 이용해 보십시오.', './login.php?url='.urlencode(G5_BBS_URL.'/qalist.php'));
 
+$qaconfig = get_qa_config();
+
 $msg = array();
 
+// e-mail 체크
+if(isset($_POST['qa_email']) && $qa_email) {
+    $qa_email = get_email_address(trim($_POST['qa_email']));
+
+    if($qaconfig['qa_req_email'] && !$qa_email)
+        $msg[] = '이메일을 입력하세요.';
+
+    if (!preg_match("/([0-9a-zA-Z_-]+)@([0-9a-zA-Z_-]+)\.([0-9a-zA-Z_-]+)/", $qa_email))
+        $msg[] = '이메일 주소가 형식에 맞지 않습니다.';
+}
+
 $qa_subject = '';
 if (isset($_POST['qa_subject'])) {
     $qa_subject = substr(trim($_POST['qa_subject']),0,255);
diff --git a/lib/common.lib.php b/lib/common.lib.php
index d0077577f..5fa08880e 100644
--- a/lib/common.lib.php
+++ b/lib/common.lib.php
@@ -2710,4 +2710,12 @@ function member_delete($mb_id)
     $sql = " update {$g5['member_table']} set mb_password = '', mb_level = 1, mb_email = '', mb_homepage = '', mb_tel = '', mb_hp = '', mb_zip1 = '', mb_zip2 = '', mb_addr1 = '', mb_addr2 = '', mb_birth = '', mb_sex = '', mb_signature = '', mb_memo = '".date('Ymd', G5_SERVER_TIME)." 삭제함\n{$mb['mb_memo']}', mb_leave_date = '".date('Ymd', G5_SERVER_TIME)."' where mb_id = '{$mb_id}' ";
     sql_query($sql);
 }
+
+// 이메일 주소 추출
+function get_email_address($email)
+{
+    preg_match("/[0-9a-z._-]+@[a-z0-9._-]{4,}/i", $email, $matches);
+
+    return $matches[0];
+}
 ?>
\ No newline at end of file