firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

XSS 취약점, 새 우편번호, 기타 오류 수정

Browse Source
This commit is contained in:
chicpro
2015-07-20 11:40:09 +09:00
parent 2ccc407397
commit a52858fc6d
25 changed files with 73 additions and 60 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
mobile/newwin.inc.php
View File

@ -13,14 +13,11 @@ $result = sql_query($sql, false);
<h2>팝업레이어 알림</h2>
<?php
for ($i=0; $row_nw=sql_fetch_array($result); $i++)
for ($i=0; $nw=sql_fetch_array($result); $i++)
{
// 이미 체크 되었다면 Continue
if ($_COOKIE["hd_pops_{$row_nw['nw_id']}"])
if ($_COOKIE["hd_pops_{$nw['nw_id']}"])
continue;
$sql = " select * from {$g5['new_win_table']} where nw_id = '{$row_nw['nw_id']}' ";
$nw = sql_fetch($sql);
?>
<div id="hd_pops_<?php echo $nw['nw_id'] ?>" class="hd_pops" style="top:<?php echo $nw['nw_top']?>px;left:<?php echo $nw['nw_left']?>px;">

4
mobile/skin/board/basic/view.skin.php
View File

@ -65,8 +65,8 @@ add_stylesheet('<link rel="stylesheet" href="'.$board_skin_url.'/style.css">', 0
<?php } ?>
<?php
if (implode('', $view['link'])) {
?>
if ($view['link']) {
?>
<section id="bo_v_link">
<h2>관련링크</h2>
<ul>

2
mobile/skin/board/gallery/list.skin.php
View File

@ -180,7 +180,7 @@ $(window).on("load", function() {
<option value="wr_name,1"<?php echo get_selected($sfl, "wr_name,1"); ?>>글쓴이</option>
<option value="wr_name,0"<?php echo get_selected($sfl, "wr_name,0"); ?>>글쓴이(코)</option>
</select>
<input name="stx" value="<?php echo stripslashes($stx) ?>" placeholder="검색어(필수)" required id="stx" class="required" size="15" maxlength="20">
<input name="stx" value="<?php echo stripslashes($stx) ?>" placeholder="검색어(필수)" required id="stx" class="required frm_input" size="15" maxlength="20">
<input type="submit" value="검색">
</form>
</fieldset>

4
mobile/skin/board/gallery/view.skin.php
View File

@ -65,8 +65,8 @@ add_stylesheet('<link rel="stylesheet" href="'.$board_skin_url.'/style.css">', 0
<?php } ?>
<?php
if (implode('', $view['link'])) {
?>
if ($view['link']) {
?>
<section id="bo_v_link">
<h2>관련링크</h2>
<ul>

9
mobile/skin/member/basic/register_form.skin.php
View File

@ -141,12 +141,9 @@ add_stylesheet('<link rel="stylesheet" href="'.$member_skin_url.'/style.css">',
<?php if ($config['cf_req_addr']) { ?><strong class="sound_only">필수</strong><?php } ?>
</th>
<td>
<label for="reg_mb_zip1" class="sound_only">우편번호 앞자리<?php echo $config['cf_req_addr']?'<strong class="sound_only"> 필수</strong>':''; ?></label>
<input type="text" name="mb_zip1" value="<?php echo $member['mb_zip1'] ?>" id="reg_mb_zip1" <?php echo $config['cf_req_addr']?"required":""; ?> class="frm_input <?php echo $config['cf_req_addr']?"required":""; ?>" size="3" maxlength="3">
-
<label for="reg_mb_zip2" class="sound_only">우편번호 뒷자리<?php echo $config['cf_req_addr']?'<strong class="sound_only"> 필수</strong>':''; ?></label>
<input type="text" name="mb_zip2" value="<?php echo $member['mb_zip2'] ?>" id="reg_mb_zip2" <?php echo $config['cf_req_addr']?"required":""; ?> class="frm_input <?php echo $config['cf_req_addr']?"required":""; ?>" size="3" maxlength="3">
<button type="button" class="btn_frmline" onclick="win_zip('fregisterform', 'mb_zip1', 'mb_zip2', 'mb_addr1', 'mb_addr2', 'mb_addr3', 'mb_addr_jibeon');">주소 검색</button><br>
<label for="reg_mb_zip" class="sound_only">우편번호<?php echo $config['cf_req_addr']?'<strong class="sound_only"> 필수</strong>':''; ?></label>
<input type="text" name="mb_zip" value="<?php echo $member['mb_zip1'].$member['mb_zip2']; ?>" id="reg_mb_zip" <?php echo $config['cf_req_addr']?"required":""; ?> class="frm_input <?php echo $config['cf_req_addr']?"required":""; ?>" size="5" maxlength="6">
<button type="button" class="btn_frmline" onclick="win_zip('fregisterform', 'mb_zip', 'mb_addr1', 'mb_addr2', 'mb_addr3', 'mb_addr_jibeon');">주소 검색</button><br>
<label for="reg_mb_addr1" class="sound_only">주소<?php echo $config['cf_req_addr']?'<strong class="sound_only"> 필수</strong>':''; ?></label>
<input type="text" name="mb_addr1" value="<?php echo $member['mb_addr1'] ?>" id="reg_mb_addr1" <?php echo $config['cf_req_addr']?"required":""; ?> class="frm_input frm_address <?php echo $config['cf_req_addr']?"required":""; ?>" size="50"><br>
<label for="reg_mb_addr2" class="sound_only">상세주소</label>