firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

XSS 대응 코드 추가

Browse Source
This commit is contained in:
chicpro
2014-10-17 14:04:51 +09:00
parent 31bdd584e4
commit c3390ef902
8 changed files with 8 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
shop/itemqaformupdate.php
View File

@ -12,7 +12,7 @@ $iq_answer = trim($_POST['iq_answer']);
$hash = trim($_REQUEST['hash']);
if ($w == "" || $w == "u") {
$iq_name = $member['mb_name'];
$iq_name = addslashes($member['mb_name']);
$iq_password = $member['mb_password'];
if (!$iq_subject) alert("제목을 입력하여 주십시오.");

2
shop/itemrecommendmail.php
View File

@ -36,7 +36,7 @@ if (!$it['it_id'])
$subject = stripslashes($subject);
$content = nl2br(stripslashes($content));
$from_name = $member['mb_name'];
$from_name = get_text($member['mb_name']);
$from_email = $member['mb_email'];
$it_id = $it['it_id'];
$it_name = $it['it_name'];

2
shop/itemuseformupdate.php
View File

@ -16,7 +16,7 @@ $is_score = (int)$_POST['is_score'] > 5 ? 0 : (int)$_POST['is_score'];
check_itemuse_write($it_id, $member['mb_id']);
if ($w == "" || $w == "u") {
$is_name = $member['mb_name'];
$is_name = addslashes($member['mb_name']);
$is_password = $member['mb_password'];
if (!$is_subject) alert("제목을 입력하여 주십시오.");