firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

KVE-2019-0991 영카트Purchase Bypass

Browse Source
This commit is contained in:
thisgun
2019-06-14 09:34:55 +09:00
parent cc19d95955
commit 8797c8cd96
4 changed files with 10 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
adm/shop_admin/couponformupdate.php
View File

@ -55,6 +55,10 @@ if(!$_POST['cp_price']) {
alert('할인금액을 입력해 주십시오.');
}
if( (int) $_POST['cp_price'] < 0 ){
alert('할인금액 또는 할인비율은 음수를 입력할수 없습니다.');
}
if($_POST['cp_type'] && ($_POST['cp_price'] < 1 || $_POST['cp_price'] > 99))
alert('할인비율을은 1과 99사이 값으로 입력해 주십시오.');

4
adm/shop_admin/couponzoneformupdate.php
View File

@ -73,6 +73,10 @@ if(!$_POST['cp_price']) {
alert('할인금액을 입력해 주십시오.');
}
if( (int) $_POST['cp_price'] < 0 ){
alert('할인금액 또는 할인비율은 음수를 입력할수 없습니다.');
}
if($_POST['cp_type'] && ($_POST['cp_price'] < 1 || $_POST['cp_price'] > 99))
alert('할인비율을은 1과 99사이 값으로 입력해 주십시오.');

2
mobile/shop/orderformupdate.php
View File

@ -78,7 +78,7 @@ if ($error != "")
$i_price = (int)$_POST['od_price'];
$i_send_cost = (int)$_POST['od_send_cost'];
$i_send_cost2 = (int)$_POST['od_send_cost2'];
$i_send_coupon = (int)$_POST['od_send_coupon'];
$i_send_coupon = abs((int)$_POST['od_send_coupon']);
$i_temp_point = (int)$_POST['od_temp_point'];

2
shop/orderformupdate.php
View File

@ -56,7 +56,7 @@ if ($error != "")
$i_price = (int)$_POST['od_price'];
$i_send_cost = (int)$_POST['od_send_cost'];
$i_send_cost2 = (int)$_POST['od_send_cost2'];
$i_send_coupon = (int)$_POST['od_send_coupon'];
$i_send_coupon = abs((int)$_POST['od_send_coupon']);
$i_temp_point = (int)$_POST['od_temp_point'];