그누보드 5.0.38 수정내역 적용 및 CSRF 취약점 수정

2015-06-29 10:36:44 +09:00
parent 6e90622328
commit 8821583e8f
37 changed files with 128 additions and 123 deletions
--- a/adm/sms_admin/ajax.sms_write_person.php
+++ b/adm/sms_admin/ajax.sms_write_person.php
@ -131,7 +131,7 @@ while ($res = sql_fetch_array($qry)) array_push($group, $res);
    <span class="pg" id="person_pg"></span>
 </nav>

-<form name="search_form" id="sms_person_form" method="get" action="<?php echo $_SERVER['PHP_SELF']?>">
+<form name="search_form" id="sms_person_form" method="get" action="<?php echo $_SERVER['SCRIPT_NAME']?>">
 <input type="hidden" name="total_pg" value="<?php echo $total_page?>">
 <input type="hidden" name="page" value="<?php echo $page?>">