firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

[KVE-2020-0785, 0788] 타 아이디가 에디터 업로드 된 이미지 삭제 가능 취약점 수정

Browse Source
This commit is contained in:
thisgun
2020-11-20 16:51:02 +09:00
parent 02b085b4be
commit afc8adf737
2 changed files with 18 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
plugin/editor/cheditor5/imageUpload/config.php
View File

@ -30,8 +30,14 @@ define("SAVE_DIR", $data_dir);
define("SAVE_URL", $data_url);
function che_get_user_id() {
@session_start();
return session_id();
global $member;
if(session_id() == '') {
@session_start();
}
$add_str = (isset($member['mb_id']) && $member['mb_id']) ? $member['mb_id'] : '';
return session_id().$add_str;
}
function che_get_file_passname(){

14
plugin/editor/smarteditor2/photo_uploader/popup/php/UploadHandler.php
View File

@ -215,14 +215,20 @@ class UploadHandler
substr($_SERVER['SCRIPT_NAME'],0, strrpos($_SERVER['SCRIPT_NAME'], '/'));
}
protected function get_user_id() {
@session_start();
return session_id();
protected function get_user_id($is_add=true) {
global $member;
if(session_id() == '') {
@session_start();
}
$add_str = ($is_add && isset($member['mb_id']) && $member['mb_id']) ? $member['mb_id'] : '';
return session_id().$add_str;
}
protected function get_user_path() {
if ($this->options['user_dirs']) {
return $this->get_user_id().'/';
return $this->get_user_id(false).'/';
}
return '';
}