firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

XSS 취약점 및 특수문자 치환오류 수정

Browse Source
This commit is contained in:
chicpro
2015-09-18 16:25:01 +09:00
parent b456c0feae
commit 688bc53da9
17 changed files with 40 additions and 53 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
bbs/move.php
View File

@ -55,7 +55,7 @@ for ($i=0; $row=sql_fetch_array($result); $i++)
<input type="hidden" name="sod" value="<?php echo $sod ?>">
<input type="hidden" name="page" value="<?php echo $page ?>">
<input type="hidden" name="act" value="<?php echo $act ?>">
<input type="hidden" name="url" value="<?php echo clean_xss_tags($_SERVER['HTTP_REFERER']); ?>">
<input type="hidden" name="url" value="<?php echo get_text(clean_xss_tags($_SERVER['HTTP_REFERER'])); ?>">
<div class="tbl_head01 tbl_wrap">
<table>

2
bbs/profile.php
View File

@ -17,7 +17,7 @@ if (!$mb['mb_open'] && $is_admin != 'super' && $member['mb_id'] != $mb_id)
$g5['title'] = $mb['mb_nick'].'님의 자기소개';
include_once(G5_PATH.'/head.sub.php');
$mb_nick = get_sideview($mb['mb_id'], $mb['mb_nick'], $mb['mb_email'], $mb['mb_homepage'], $mb['mb_open']);
$mb_nick = get_sideview($mb['mb_id'], get_text($mb['mb_nick']), $mb['mb_email'], $mb['mb_homepage'], $mb['mb_open']);
// 회원가입후 몇일째인지? + 1 은 당일을 포함한다는 뜻
$sql = " select (TO_DAYS('".G5_TIME_YMDHIS."') - TO_DAYS('{$mb['mb_datetime']}') + 1) as days ";

24
bbs/write_update.php
View File

@ -181,19 +181,19 @@ if ($w == '' || $w == 'r') {
if ($member['mb_id']) {
$mb_id = $member['mb_id'];
$wr_name = addslashes(clean_xss_tags($board['bo_use_name'] ? $member['mb_name'] : $member['mb_nick']));
$wr_name = addslashes($board['bo_use_name'] ? $member['mb_name'] : $member['mb_nick']);
$wr_password = $member['mb_password'];
$wr_email = addslashes($member['mb_email']);
$wr_homepage = addslashes(clean_xss_tags($member['mb_homepage']));
$wr_homepage = addslashes($member['mb_homepage']);
} else {
$mb_id = '';
// 비회원의 경우 이름이 누락되는 경우가 있음
$wr_name = clean_xss_tags(trim($_POST['wr_name']));
$wr_name = trim($_POST['wr_name']);
if (!$wr_name)
alert('이름은 필히 입력하셔야 합니다.');
$wr_password = get_encrypt_string($wr_password);
$wr_email = get_email_address(trim($_POST['wr_email']));
$wr_homepage = clean_xss_tags($wr_homepage);
$wr_homepage = $_POST['wr_homepage'];
}
if ($w == 'r') {
@ -301,29 +301,29 @@ if ($w == '' || $w == 'r') {
// 자신의 글이라면
if ($member['mb_id'] == $wr['mb_id']) {
$mb_id = $member['mb_id'];
$wr_name = addslashes(clean_xss_tags($board['bo_use_name'] ? $member['mb_name'] : $member['mb_nick']));
$wr_name = addslashes($board['bo_use_name'] ? $member['mb_name'] : $member['mb_nick']);
$wr_email = addslashes($member['mb_email']);
$wr_homepage = addslashes(clean_xss_tags($member['mb_homepage']));
$wr_homepage = addslashes($member['mb_homepage']);
} else {
$mb_id = $wr['mb_id'];
if(isset($_POST['wr_name']) && $_POST['wr_name'])
$wr_name = clean_xss_tags(trim($_POST['wr_name']));
$wr_name = trim($_POST['wr_name']);
else
$wr_name = addslashes(clean_xss_tags($wr['wr_name']));
$wr_name = addslashes($wr['wr_name']);
if(isset($_POST['wr_email']) && $_POST['wr_email'])
$wr_email = get_email_address(trim($_POST['wr_email']));
else
$wr_email = addslashes($wr['wr_email']);
if(isset($_POST['wr_homepage']) && $_POST['wr_homepage'])
$wr_homepage = addslashes(clean_xss_tags($_POST['wr_homepage']));
$wr_homepage = addslashes($_POST['wr_homepage']);
else
$wr_homepage = addslashes(clean_xss_tags($wr['wr_homepage']));
$wr_homepage = addslashes($wr['wr_homepage']);
}
} else {
$mb_id = "";
// 비회원의 경우 이름이 누락되는 경우가 있음
if (!trim($wr_name)) alert("이름은 필히 입력하셔야 합니다.");
$wr_name = clean_xss_tags(trim($_POST['wr_name']));
$wr_name = trim($_POST['wr_name']);
if (!$wr_name) alert('이름은 필히 입력하셔야 합니다.');
$wr_email = get_email_address(trim($_POST['wr_email']));
}