firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

회원 홈페이지를 이용한 SQL Injection 오류 수정

Browse Source
This commit is contained in:
chicpro
2014-10-23 09:25:33 +09:00
parent 352deb6133
commit ad78efcdaa
3 changed files with 10 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
bbs/scrap_popin_update.php
View File

@ -40,10 +40,10 @@ if ($wr_content && ($member['mb_level'] >= $board['bo_comment_level']))
if ($wr['wr_id']) if ($wr['wr_id'])
{ {
$mb_id = $member['mb_id']; $mb_id = $member['mb_id'];
$wr_name = $member['mb_nick']; $wr_name = addslashes(clean_xss_tags($board['bo_use_name'] ? $member['mb_name'] : $member['mb_nick']));
$wr_password = $member['mb_password']; $wr_password = $member['mb_password'];
$wr_email = $member['mb_email']; $wr_email = addslashes($member['mb_email']);
$wr_homepage = $member['mb_homepage']; $wr_homepage = addslashes(clean_xss_tags($member['mb_homepage']));
$sql = " select max(wr_comment) as max_comment from $write_table $sql = " select max(wr_comment) as max_comment from $write_table
where wr_parent = '$wr_id' and wr_is_comment = '1' "; where wr_parent = '$wr_id' and wr_is_comment = '1' ";

8
bbs/write_comment_update.php
View File

@ -15,7 +15,7 @@ $w = $_POST["w"];
$wr_name = trim($_POST['wr_name']); $wr_name = trim($_POST['wr_name']);
$wr_email = ''; $wr_email = '';
if (!empty($_POST['wr_email'])) if (!empty($_POST['wr_email']))
$wr_email = trim($_POST['wr_email']); $wr_email = get_email_address(trim($_POST['wr_email']));
// 비회원의 경우 이름이 누락되는 경우가 있음 // 비회원의 경우 이름이 누락되는 경우가 있음
if ($is_guest) { if ($is_guest) {
@ -52,10 +52,10 @@ if ($is_member)
{ {
$mb_id = $member['mb_id']; $mb_id = $member['mb_id'];
// 4.00.13 - 실명 사용일때 댓글에 닉네임으로 입력되던 오류를 수정 // 4.00.13 - 실명 사용일때 댓글에 닉네임으로 입력되던 오류를 수정
$wr_name = $board['bo_use_name'] ? $member['mb_name'] : $member['mb_nick']; $wr_name = addslashes(clean_xss_tags($board['bo_use_name'] ? $member['mb_name'] : $member['mb_nick']));
$wr_password = $member['mb_password']; $wr_password = $member['mb_password'];
$wr_email = $member['mb_email']; $wr_email = addslashes($member['mb_email']);
$wr_homepage = $member['mb_homepage']; $wr_homepage = addslashes(clean_xss_tags($member['mb_homepage']));
} }
else else
{ {

6
bbs/write_update.php
View File

@ -407,9 +407,9 @@ if ($w == '' || $w == 'r') {
// 자신의 글이라면 // 자신의 글이라면
if ($member['mb_id'] == $wr['mb_id']) { if ($member['mb_id'] == $wr['mb_id']) {
$mb_id = $member['mb_id']; $mb_id = $member['mb_id'];
$wr_name = $board['bo_use_name'] ? $member['mb_name'] : $member['mb_nick']; $wr_name = addslashes(clean_xss_tags($board['bo_use_name'] ? $member['mb_name'] : $member['mb_nick']));
$wr_email = $member['mb_email']; $wr_email = addslashes($member['mb_email']);
$wr_homepage = $member['mb_homepage']; $wr_homepage = addslashes(clean_xss_tags($member['mb_homepage']));
} else { } else {
$mb_id = $wr['mb_id']; $mb_id = $wr['mb_id'];
$wr_name = $wr['wr_name']; $wr_name = $wr['wr_name'];