firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

옵션정보를 이용한 SQL Injection 취약점(16-682) 수정

Browse Source
This commit is contained in:
chicpro
2016-09-06 14:46:36 +09:00
parent 78a11a5230
commit 73bb020487
5 changed files with 19 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
shop.config.php
View File

@ -65,6 +65,9 @@ if(!defined('_THEME_PREVIEW_')) {
}
}
// 옵션 ID 특수문자 필터링 패턴
define('G5_OPTION_ID_FILTER', '/[\'\"\\\'\\\"]/');
/*
// 주문상태 상수
define('G5_OD_STATUS_ORDER' , '입금확인중');