Merge branch 'master' of github.com:gnuboard/g5

2018-12-17 18:49:03 +09:00
parent da963964a9 c028d34f78
commit 7ae3d6b00d
5 changed files with 29 additions and 4 deletions
--- a/adm/admin.lib.php
+++ b/adm/admin.lib.php
@ -436,7 +436,7 @@ function admin_check_xss_params($params){

        if( is_array($value) ){
            admin_check_xss_params($params);
-        } else if ( preg_match('/<\s?[^\>]*\/?\s?>/i', $value) && preg_match('/script.*?\/script/ius', $value) ){
+        } else if ( preg_match('/<\s?[^\>]*\/?\s?>/i', $value) && (preg_match('/script.*?\/script/ius', $value) || preg_match('/onload=.*/ius', $value)) ){
            alert('요청 쿼리에 잘못된 스크립트문장이 있습니다.\\nXSS 공격일수도 있습니다.');
            die();
        }
--- a/bbs/alert.php
+++ b/bbs/alert.php
@ -67,13 +67,17 @@ history.back();
    <form method="post" action="<?php echo $url ?>">
    <?php
    foreach($_POST as $key => $value) {
+        
+        $key = clean_xss_tags($url);
+        $value = clean_xss_tags($value);
+
        if(strlen($value) < 1)
            continue;

        if(preg_match("/pass|pwd|capt|url/", $key))
            continue;
    ?>
-    <input type="hidden" name="<?php echo $key ?>" value="<?php echo $value ?>">
+    <input type="hidden" name="<?php echo htmlspecialchars($key); ?>" value="<?php echo htmlspecialchars($value); ?>">
    <?php
    }
    ?>
--- a/bbs/member_confirm.php
+++ b/bbs/member_confirm.php
@ -14,7 +14,7 @@ else
 $url = clean_xss_tags($_GET['url']);

 //소셜 로그인 한 경우
-if( function_exists('social_member_comfirm_redirect') && (! $url || $url === 'register_form.php') ){    
+if( function_exists('social_member_comfirm_redirect') && (! $url || $url === 'register_form.php' || (function_exists('social_is_edit_page') && social_is_edit_page($url) ) ) ){    
    social_member_comfirm_redirect();
 }

--- a/config.php
+++ b/config.php
@ -5,7 +5,7 @@
 ********************/

 define('G5_VERSION', '그누보드5');
-define('G5_GNUBOARD_VER', '5.3.2.1');
+define('G5_GNUBOARD_VER', '5.3.2.2');

 // 이 상수가 정의되지 않으면 각각의 개별 페이지는 별도로 실행될 수 없음
 define('_GNUBOARD_', true);
--- a/plugin/social/includes/functions.php
+++ b/plugin/social/includes/functions.php
@ -52,6 +52,10 @@ function get_social_callbackurl($provider, $no_domain=false){
        $base_url = '/'.ltrim(parse_url($base_url, PHP_URL_PATH), '/');
    }

+    if ( $provider === 'twitter' ){
+        return $base_url;
+    }
+
    $base_url = $base_url . ( strpos($base_url, '?') ? '&' : '?' ).G5_SOCIAL_LOGIN_DONE_PARAM.'='.$provider;

    return $base_url;
@ -764,6 +768,23 @@ function social_member_comfirm_redirect(){
    }
 }

+function social_is_edit_page($url=''){
+    global $is_member;
+
+    if( !$is_member ) return false;
+
+    if($url){
+        $p = @parse_url($url);
+        $host = preg_replace('/:[0-9]+$/', '', $_SERVER['HTTP_HOST']);
+
+        if ( isset($p['host']) && ($p['host'] === $host) && preg_match('/register_form\.php$/i', $url) ){
+            return true;
+        }
+    }
+
+    return false;
+}
+
 function social_is_login_password_check($mb_id){
    global $g5;