From b49ce58840bb4a073f4b7fb2d46ca75c8937c132 Mon Sep 17 00:00:00 2001
From: thisgun <thisgun@naver.com>
Date: Fri, 13 Mar 2020 11:05:37 +0900
Subject: [PATCH] =?UTF-8?q?[KVE-2020-0164]=EC=98=81=EC=B9=B4=ED=8A=B8=20SQ?=
 =?UTF-8?q?L=20Injection=20=EC=B7=A8=EC=95=BD=EC=A0=90=20=EC=88=98?=
 =?UTF-8?q?=EC=A0=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 mobile/shop/inicis/settle_common.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/mobile/shop/inicis/settle_common.php b/mobile/shop/inicis/settle_common.php
index d4beaaeea..8e6b1774b 100644
--- a/mobile/shop/inicis/settle_common.php
+++ b/mobile/shop/inicis/settle_common.php
@@ -42,7 +42,7 @@ if($PGIP == "211.219.96.165" || $PGIP == "118.129.210.25" || $PGIP == "183.109.7
     $P_AUTH_DT  = $_POST['P_AUTH_DT'];
     $P_STATUS   = $_POST['P_STATUS'];
     $P_TYPE     = $_POST['P_TYPE'];
-    $P_OID      = $_POST['P_OID'];
+    $P_OID      = preg_replace("/[ #\&\+%@=\/\\\:;,\.'\"\^`~|\!\?\*$#<>()\[\]\{\}]/i", "", $_POST['P_OID']);
     $P_FN_CD1   = $_POST['P_FN_CD1'];
     $P_FN_CD2   = $_POST['P_FN_CD2'];
     $P_FN_NM    = $_POST['P_FN_NM'];
@@ -96,7 +96,7 @@ if($PGIP == "211.219.96.165" || $PGIP == "118.129.210.25" || $PGIP == "183.109.7
         if( !$exist_order['cnt'] ){
             //주문정보를 insert 합니다.
             
-            $sql = " select * from {$g5['g5_shop_order_data_table']} where od_id = $P_OID ";
+            $sql = " select * from {$g5['g5_shop_order_data_table']} where od_id = '$P_OID' ";
             $od = sql_fetch($sql);
             $data = unserialize(base64_decode($od['dt_data']));