XSS 취약점, 새 우편번호, 기타 오류 수정

2015-07-20 11:40:09 +09:00
parent 2ccc407397
commit a52858fc6d
25 changed files with 73 additions and 60 deletions
--- a/bbs/new.php
+++ b/bbs/new.php
@ -17,6 +17,8 @@ if ($view == "w")
    $sql_common .= " and a.wr_id = a.wr_parent ";
 else if ($view == "c")
    $sql_common .= " and a.wr_id <> a.wr_parent ";
+else
+    $view = '';

 $mb_id = isset($_GET['mb_id']) ? ($_GET['mb_id']) : '';
 $mb_id = substr(preg_replace('#[^a-z0-9_]#i', '', $mb_id), 0, 20);