firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

그누보드 AND 검색을 이용한 취약점 수정 (17-455)

Browse Source
This commit is contained in:
thisgun
2017-06-23 12:26:34 +09:00
parent 367a210996
commit b7edd3fa26
1 changed files with 10 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
bbs/search.php
View File

@ -54,15 +54,19 @@ if ($stx) {
$g5_search['read_level'][] = $row['bo_read_level']; $g5_search['read_level'][] = $row['bo_read_level'];
} }
$search_query = 'sfl='.urlencode($sfl).'&stx='.urlencode($stx).'&sop='.$sop;
$text_stx = get_text(stripslashes($stx));
$op1 = ''; $op1 = '';
// 검색어를 구분자로 나눈다. 여기서는 공백 // 검색어를 구분자로 나눈다. 여기서는 공백
$s = explode(' ', strip_tags($stx)); $s = explode(' ', strip_tags($stx));
if( count($s) > 1 ){
$s = array_slice($s, 0, 2);
$stx = implode(' ', $s);
}
$text_stx = get_text(stripslashes($stx));
$search_query = 'sfl='.urlencode($sfl).'&stx='.urlencode($stx).'&sop='.$sop;
// 검색필드를 구분자로 나눈다. 여기서는 + // 검색필드를 구분자로 나눈다. 여기서는 +
$field = explode('||', trim($sfl)); $field = explode('||', trim($sfl));
@ -233,4 +237,4 @@ if (!$sop) $sop = 'or';
include_once($search_skin_path.'/search.skin.php'); include_once($search_skin_path.'/search.skin.php');
include_once('./_tail.php'); include_once('./_tail.php');
?> ?>