From 8182cac90d2ee2f9da06469ecba759170e782ee3 Mon Sep 17 00:00:00 2001
From: thisgun <thisgun@naver.com>
Date: Mon, 16 Sep 2019 10:36:10 +0900
Subject: [PATCH] =?UTF-8?q?XSS=20=EC=B7=A8=EC=95=BD=EC=A0=90=20=EC=88=98?=
 =?UTF-8?q?=EC=A0=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 adm/sms_admin/ajax.sms_write_form.php | 13 ++++++++-----
 plugin/sms5/ajax.sms_emoticon.php     | 15 ++++++++++-----
 2 files changed, 18 insertions(+), 10 deletions(-)

diff --git a/adm/sms_admin/ajax.sms_write_form.php b/adm/sms_admin/ajax.sms_write_form.php
index e82a01cef..82a02b22a 100644
--- a/adm/sms_admin/ajax.sms_write_form.php
+++ b/adm/sms_admin/ajax.sms_write_form.php
@@ -74,10 +74,13 @@ while($res = sql_fetch_array($qry))
     ";
 }
 
-$arr_ajax_msg['error'] = "";
-$arr_ajax_msg['list_text'] = $list_text;
-$arr_ajax_msg['page'] = $page;
-$arr_ajax_msg['total_count'] = $total_count;
-$arr_ajax_msg['total_page'] = $total_page;
+$arr_ajax_msg = array(
+'error'=>'',
+'list_text'=>$list_text,
+'page'=>$page,
+'total_count'=>$total_count,
+'total_page'=>$total_page
+);
+
 die( json_encode($arr_ajax_msg) );
 ?>
\ No newline at end of file
diff --git a/plugin/sms5/ajax.sms_emoticon.php b/plugin/sms5/ajax.sms_emoticon.php
index 7299bc157..12d6431e8 100644
--- a/plugin/sms5/ajax.sms_emoticon.php
+++ b/plugin/sms5/ajax.sms_emoticon.php
@@ -18,6 +18,8 @@ if (is_numeric($fg_no))
 else
     $sql_group = "";
 
+$sv = isset($sv) ? get_search_string($sv) : '';
+
 if ($st == 'all') {
     $sql_search = "and (fo_name like '%{$sv}%' or fo_content like '%{$sv}%')";
 } else if ($st == 'name') {
@@ -61,10 +63,13 @@ for($k=0;$res = sql_fetch_array($qry);$k++)
     $list_text[$k]['fo_name'] = cut_str($res['fo_name'],20);
 }
 
-$arr_ajax_msg['error'] = "";
-$arr_ajax_msg['list_text'] = $list_text;
-$arr_ajax_msg['page'] = $page;
-$arr_ajax_msg['total_count'] = $total_count;
-$arr_ajax_msg['total_page'] = $total_page;
+$arr_ajax_msg = array(
+'error'=>'',
+'list_text'=>$list_text,
+'page'=>$page,
+'total_count'=>$total_count,
+'total_page'=>$total_page
+);
+
 die( json_encode($arr_ajax_msg) );
 ?>
\ No newline at end of file