비밀 댓글 노출 취약점(16-067) 수정

2016-01-27 14:59:49 +09:00
parent 9a870506ab
commit 6b43e67c40
8 changed files with 24 additions and 8 deletions
--- a/theme/basic/mobile/skin/board/basic/view_comment.skin.php
+++ b/theme/basic/mobile/skin/board/basic/view_comment.skin.php
@ -53,8 +53,10 @@ var char_max = parseInt(<?php echo $comment_max ?>); // 최대
            $query_string = clean_query_string($_SERVER['QUERY_STRING']);

            if($w == 'cu') {
-                $sql = " select wr_id, wr_content from $write_table where wr_id = '$c_id' and wr_is_comment = '1' ";
+                $sql = " select wr_id, wr_content, mb_id from $write_table where wr_id = '$c_id' and wr_is_comment = '1' ";
                $cmt = sql_fetch($sql);
+                if (!($is_admin || ($member['mb_id'] == $cmt['mb_id'] && $cmt['mb_id'])))
+                    $cmt['wr_content'] = '';
                $c_wr_content = $cmt['wr_content'];
            }

--- a/theme/basic/mobile/skin/board/gallery/view_comment.skin.php
+++ b/theme/basic/mobile/skin/board/gallery/view_comment.skin.php
@ -53,8 +53,10 @@ var char_max = parseInt(<?php echo $comment_max ?>); // 최대
            $query_string = clean_query_string($_SERVER['QUERY_STRING']);

            if($w == 'cu') {
-                $sql = " select wr_id, wr_content from $write_table where wr_id = '$c_id' and wr_is_comment = '1' ";
+                $sql = " select wr_id, wr_content, mb_id from $write_table where wr_id = '$c_id' and wr_is_comment = '1' ";
                $cmt = sql_fetch($sql);
+                if (!($is_admin || ($member['mb_id'] == $cmt['mb_id'] && $cmt['mb_id'])))
+                    $cmt['wr_content'] = '';
                $c_wr_content = $cmt['wr_content'];
            }

--- a/theme/basic/skin/board/basic/view_comment.skin.php
+++ b/theme/basic/skin/board/basic/view_comment.skin.php
@ -59,8 +59,10 @@ var char_max = parseInt(<?php echo $comment_max ?>); // 최대
            $query_string = clean_query_string($_SERVER['QUERY_STRING']);

            if($w == 'cu') {
-                $sql = " select wr_id, wr_content from $write_table where wr_id = '$c_id' and wr_is_comment = '1' ";
+                $sql = " select wr_id, wr_content, mb_id from $write_table where wr_id = '$c_id' and wr_is_comment = '1' ";
                $cmt = sql_fetch($sql);
+                if (!($is_admin || ($member['mb_id'] == $cmt['mb_id'] && $cmt['mb_id'])))
+                    $cmt['wr_content'] = '';
                $c_wr_content = $cmt['wr_content'];
            }

--- a/theme/basic/skin/board/gallery/view_comment.skin.php
+++ b/theme/basic/skin/board/gallery/view_comment.skin.php
@ -59,8 +59,10 @@ var char_max = parseInt(<?php echo $comment_max ?>); // 최대
            $query_string = clean_query_string($_SERVER['QUERY_STRING']);

            if($w == 'cu') {
-                $sql = " select wr_id, wr_content from $write_table where wr_id = '$c_id' and wr_is_comment = '1' ";
+                $sql = " select wr_id, wr_content, mb_id from $write_table where wr_id = '$c_id' and wr_is_comment = '1' ";
                $cmt = sql_fetch($sql);
+                if (!($is_admin || ($member['mb_id'] == $cmt['mb_id'] && $cmt['mb_id'])))
+                    $cmt['wr_content'] = '';
                $c_wr_content = $cmt['wr_content'];
            }