From ae8110153c4bfcb72853562e2442e53c84604aa7 Mon Sep 17 00:00:00 2001
From: gnuboard <kagla@naver.com>
Date: Tue, 16 Apr 2013 15:42:26 +0900
Subject: [PATCH] =?UTF-8?q?write=5Fupate.head.skin.php=20=ED=98=B8?=
 =?UTF-8?q?=EC=B6=9C=20=EC=9C=84=EC=B9=98=20=EB=B3=80=EA=B2=BD?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 bbs/write_update.php | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/bbs/write_update.php b/bbs/write_update.php
index 91b5792dc..bfd47aa2a 100644
--- a/bbs/write_update.php
+++ b/bbs/write_update.php
@@ -33,8 +33,6 @@ if (substr_count($wr_content, '&#') > 50) {
     exit;
 }
 
-@include_once($board_skin_path.'/write_update.head.skin.php');
-
 $upload_max_filesize = ini_get('upload_max_filesize');
 
 if (empty($_POST)) {
@@ -83,10 +81,12 @@ for ($i=1; $i<=10; $i++) {
     $var = "wr_$i";
     $$var = "";
     if (isset($_POST['wr_'.$i]) && $_POST['wr_'.$i]) {
-        $$var = $_POST['wr_'.$i];
+        $$var = escape_trim($_POST['wr_'.$i]);
     }
 }
 
+@include_once($board_skin_path.'/write_update.head.skin.php');
+
 if ($w == '' || $w == 'u') {
 
     // 김선용 1.00 : 글쓰기 권한과 수정은 별도로 처리되어야 함