firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

XSS 취약점 수정

Browse Source
This commit is contained in:
thisgun
2019-09-16 10:36:10 +09:00
parent b4604fca67
commit 8182cac90d
2 changed files with 18 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
plugin/sms5/ajax.sms_emoticon.php
View File

@ -18,6 +18,8 @@ if (is_numeric($fg_no))
else
$sql_group = "";
$sv = isset($sv) ? get_search_string($sv) : '';
if ($st == 'all') {
$sql_search = "and (fo_name like '%{$sv}%' or fo_content like '%{$sv}%')";
} else if ($st == 'name') {
@ -61,10 +63,13 @@ for($k=0;$res = sql_fetch_array($qry);$k++)
$list_text[$k]['fo_name'] = cut_str($res['fo_name'],20);
}
$arr_ajax_msg['error'] = "";
$arr_ajax_msg['list_text'] = $list_text;
$arr_ajax_msg['page'] = $page;
$arr_ajax_msg['total_count'] = $total_count;
$arr_ajax_msg['total_page'] = $total_page;
$arr_ajax_msg = array(
'error'=>'',
'list_text'=>$list_text,
'page'=>$page,
'total_count'=>$total_count,
'total_page'=>$total_page
);
die( json_encode($arr_ajax_msg) );
?>