미가입 계정 세션 획득 취약점 (18-0013) 수정

2018-03-15 15:41:20 +09:00
parent b79a46b857
commit b95db6a4a7
1 changed files with 15 additions and 13 deletions
--- a/common.php
+++ b/common.php
@ -369,6 +369,7 @@ if ($_SESSION['ss_mb_id']) { // 로그인중이라면
        if (strtolower($tmp_mb_id) != strtolower($config['cf_admin'])) {
            $sql = " select mb_password, mb_intercept_date, mb_leave_date, mb_email_certify from {$g5['member_table']} where mb_id = '{$tmp_mb_id}' ";
            $row = sql_fetch($sql);
+            if($row['mb_password']){
                $key = md5($_SERVER['SERVER_ADDR'] . $_SERVER['REMOTE_ADDR'] . $_SERVER['HTTP_USER_AGENT'] . $row['mb_password']);
                // 쿠키에 저장된 키와 같다면
                $tmp_key = get_cookie('ck_auto');
@ -385,6 +386,7 @@ if ($_SESSION['ss_mb_id']) { // 로그인중이라면
                        exit;
                    }
                }
+            }
            // $row 배열변수 해제
            unset($row);
        }