XSS 및 SQL Injection 보안 취약점 수정

2014-07-31 17:01:06 +09:00
parent 0742c5f81b
commit 79d7a690f4
8 changed files with 26 additions and 8 deletions
--- a/lib/common.lib.php
+++ b/lib/common.lib.php
@ -2688,4 +2688,13 @@ function get_email_address($email)

    return $matches[0];
 }
+
+// 파일명에서 특수문자 제거
+function get_safe_filename($name)
+{
+    $pattern = '/["\'<>=#&!%\\\\(\)\*\+\?]/';
+    $name = preg_replace($pattern, '', $name);
+
+    return $name;
+}
 ?>