회원 홈페이지를 이용한 SQL Injection 오류 수정

2014-10-23 09:25:33 +09:00
parent 352deb6133
commit ad78efcdaa
3 changed files with 10 additions and 10 deletions
--- a/bbs/scrap_popin_update.php
+++ b/bbs/scrap_popin_update.php
@ -40,10 +40,10 @@ if ($wr_content && ($member['mb_level'] >= $board['bo_comment_level']))
    if ($wr['wr_id'])
    {
        $mb_id = $member['mb_id'];
-        $wr_name = $member['mb_nick'];
+        $wr_name = addslashes(clean_xss_tags($board['bo_use_name'] ? $member['mb_name'] : $member['mb_nick']));
        $wr_password = $member['mb_password'];
-        $wr_email = $member['mb_email'];
-        $wr_homepage = $member['mb_homepage'];
+        $wr_email = addslashes($member['mb_email']);
+        $wr_homepage = addslashes(clean_xss_tags($member['mb_homepage']));

        $sql = " select max(wr_comment) as max_comment from $write_table
                    where wr_parent = '$wr_id' and wr_is_comment = '1' ";
--- a/bbs/write_comment_update.php
+++ b/bbs/write_comment_update.php
@ -15,7 +15,7 @@ $w = $_POST["w"];
 $wr_name  = trim($_POST['wr_name']);
 $wr_email = '';
 if (!empty($_POST['wr_email']))
-    $wr_email = trim($_POST['wr_email']);
+    $wr_email = get_email_address(trim($_POST['wr_email']));

 // 비회원의 경우 이름이 누락되는 경우가 있음
 if ($is_guest) {
@ -52,10 +52,10 @@ if ($is_member)
 {
    $mb_id = $member['mb_id'];
    // 4.00.13 - 실명 사용일때 댓글에 닉네임으로 입력되던 오류를 수정
-    $wr_name = $board['bo_use_name'] ? $member['mb_name'] : $member['mb_nick'];
+    $wr_name = addslashes(clean_xss_tags($board['bo_use_name'] ? $member['mb_name'] : $member['mb_nick']));
    $wr_password = $member['mb_password'];
-    $wr_email = $member['mb_email'];
-    $wr_homepage = $member['mb_homepage'];
+    $wr_email = addslashes($member['mb_email']);
+    $wr_homepage = addslashes(clean_xss_tags($member['mb_homepage']));
 }
 else
 {
--- a/bbs/write_update.php
+++ b/bbs/write_update.php
@ -407,9 +407,9 @@ if ($w == '' || $w == 'r') {
        // 자신의 글이라면
        if ($member['mb_id'] == $wr['mb_id']) {
            $mb_id = $member['mb_id'];
-            $wr_name = $board['bo_use_name'] ? $member['mb_name'] : $member['mb_nick'];
-            $wr_email = $member['mb_email'];
-            $wr_homepage = $member['mb_homepage'];
+            $wr_name = addslashes(clean_xss_tags($board['bo_use_name'] ? $member['mb_name'] : $member['mb_nick']));
+            $wr_email = addslashes($member['mb_email']);
+            $wr_homepage = addslashes(clean_xss_tags($member['mb_homepage']));
        } else {
            $mb_id = $wr['mb_id'];
            $wr_name = $wr['wr_name'];