firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

XSS 취약점 수정

Browse Source
This commit is contained in:
thisgun
2018-08-22 14:02:14 +09:00
parent ac5d6a4be7
commit b1fc952c76
12 changed files with 26 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
adm/sms_admin/num_book_update.php
View File

@ -21,6 +21,8 @@ if ($w=='u') // 업데이트
if (!strlen(trim($bk_name)))
alert('이름을 입력해주세요');
$bk_name = strip_tags($bk_name);
if ($bk_hp == '')
alert('휴대폰번호만 입력 가능합니다.');
/*

4
adm/sms_admin/num_book_write.php
View File

@ -30,7 +30,7 @@ if ($w == 'u' && is_numeric($bk_no)) {
$g5['title'] .= '수정';
}
else {
$write['bg_no'] = $bg_no;
$write = array('bg_no' => (int) $bg_no);
$g5['title'] .= '추가';
}
@ -74,7 +74,7 @@ include_once(G5_ADMIN_PATH."/admin.head.php");
</tr>
<tr>
<th scope="row"><label for="bk_name">이름<strong class="sound_only"> 필수</strong></label></th>
<td><input type="text" name="bk_name" id="bk_name" maxlength="50" value="<?php echo $write['bk_name']?>" required class="frm_input required"></td>
<td><input type="text" name="bk_name" id="bk_name" maxlength="50" value="<?php echo get_sanitize_input($write['bk_name']); ?>" required class="frm_input required"></td>
</tr>
<tr>
<th scope="row"><label for="bk_hp">휴대폰번호<strong class="sound_only"> 필수</strong></label></th>