firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

KVE-2018-0684 영카트 XSS 취약점 수정

Browse Source
This commit is contained in:
thisgun
2018-09-06 10:44:31 +09:00
parent ddbb2dd4e5
commit d21010276a
11 changed files with 11 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
theme/basic/mobile/skin/shop/basic/boxbanner.skin.php
View File

@ -27,7 +27,7 @@ for ($i=0; $row=sql_fetch_array($result); $i++)
else if ($row['bn_url'] && $row['bn_url'] != 'http://') {
$banner .= '<a href="'.G5_SHOP_URL.'/bannerhit.php?bn_id='.$row['bn_id'].'&amp;url='.urlencode($row['bn_url']).'"'.$bn_new_win.'>';
}
echo $banner.'<img src="'.G5_DATA_URL.'/banner/'.$row['bn_id'].'" alt="'.$row['bn_alt'].'" width="'.$size[0].'" height="'.$size[1].'"'.$bn_border.'>';
echo $banner.'<img src="'.G5_DATA_URL.'/banner/'.$row['bn_id'].'" alt="'.get_text($row['bn_alt']).'" width="'.$size[0].'" height="'.$size[1].'"'.$bn_border.'>';
if($banner)
echo '</a>'.PHP_EOL;
echo '</li>'.PHP_EOL;

2
theme/basic/mobile/skin/shop/basic/mainbanner.10.skin.php
View File

@ -42,7 +42,7 @@ for ($i=0; $row=sql_fetch_array($result); $i++)
else if ($row['bn_url'] && $row['bn_url'] != 'http://') {
$banner .= '<a href="'.G5_SHOP_URL.'/bannerhit.php?bn_id='.$row['bn_id'].'"'.$bn_new_win.'>';
}
echo $banner.'<img src="'.G5_DATA_URL.'/banner/'.$row['bn_id'].'" width="'.$size[0].'" alt="'.$row['bn_alt'].'"'.$bn_border.'>';
echo $banner.'<img src="'.G5_DATA_URL.'/banner/'.$row['bn_id'].'" width="'.$size[0].'" alt="'.get_text($row['bn_alt']).'"'.$bn_border.'>';
if($banner)
echo '</a>'.PHP_EOL;
echo '</div>'.PHP_EOL;

2
theme/basic/skin/shop/basic/boxbanner.skin.php
View File

@ -28,7 +28,7 @@ for ($i=0; $row=sql_fetch_array($result); $i++)
else if ($row['bn_url'] && $row['bn_url'] != 'http://') {
$banner .= '<a href="'.G5_SHOP_URL.'/bannerhit.php?bn_id='.$row['bn_id'].'"'.$bn_new_win.'>';
}
echo $banner.'<img src="'.G5_DATA_URL.'/banner/'.$row['bn_id'].'" alt="'.$row['bn_alt'].'" width="'.$size[0].'" height="'.$size[1].'"'.$bn_border.'>';
echo $banner.'<img src="'.G5_DATA_URL.'/banner/'.$row['bn_id'].'" alt="'.get_text($row['bn_alt']).'" width="'.$size[0].'" height="'.$size[1].'"'.$bn_border.'>';
if($banner)
echo '</a>'.PHP_EOL;
echo '</li>'.PHP_EOL;

2
theme/basic/skin/shop/basic/mainbanner.10.skin.php
View File

@ -46,7 +46,7 @@ for ($i=0; $row=sql_fetch_array($result); $i++)
else if ($row['bn_url'] && $row['bn_url'] != 'http://') {
$banner .= '<a href="'.G5_SHOP_URL.'/bannerhit.php?bn_id='.$row['bn_id'].'"'.$bn_new_win.'>';
}
echo $banner.'<img src="'.G5_DATA_URL.'/banner/'.$row['bn_id'].'" width="'.$size[0].'" alt="'.$row['bn_alt'].'"'.$bn_border.'>';
echo $banner.'<img src="'.G5_DATA_URL.'/banner/'.$row['bn_id'].'" width="'.$size[0].'" alt="'.get_text($row['bn_alt']).'"'.$bn_border.'>';
if($banner)
echo '</a>'.PHP_EOL;
echo '</li>'.PHP_EOL;