1:1문의 이메일 입력 XSS 취약점 재수정

2014-06-11 15:12:57 +09:00
parent 2adccca817
commit 9a16993762
3 changed files with 6 additions and 7 deletions
--- a/bbs/qaview.php
+++ b/bbs/qaview.php
@ -30,7 +30,7 @@ if(is_file($skin_file)) {
    $view['content'] = conv_content($view['qa_content'], $view['qa_html']);
    $view['name'] = get_text($view['qa_name']);
    $view['datetime'] = $view['qa_datetime'];
-    $view['email'] = get_text(strip_tags2($view['qa_email']));
+    $view['email'] = get_text(get_email_address($view['qa_email']));
    $view['hp'] = $view['qa_hp'];

    if (trim($stx))