firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

안전하지 않는 변수에 필터링 추가

Browse Source
This commit is contained in:
thisgun
2022-06-17 12:23:21 +09:00
parent e061ad852b
commit d4f4612b22
7 changed files with 10 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
adm/shop_admin/itemsupply.php
View File

@ -103,7 +103,7 @@ if($ps_run) {
$sql = " select io_price, io_stock_qty, io_noti_qty, io_use
from {$g5['g5_shop_item_option_table']}
where it_id = '{$post_it_id}'
and io_id = '$spl_id'
and io_id = '".sql_real_escape_string($spl_id)."'
and io_type = '1' ";
$row = sql_fetch($sql);
@ -117,11 +117,11 @@ if($ps_run) {
?>
<tr>
<td class="td_chk">
<input type="hidden" name="spl_id[]" value="<?php echo $spl_id; ?>">
<label for="spl_chk_<?php echo $i; ?>" class="sound_only"><?php echo $spl_subject.' '.$spl; ?></label>
<input type="hidden" name="spl_id[]" value="<?php echo get_text($spl_id); ?>">
<label for="spl_chk_<?php echo $i; ?>" class="sound_only"><?php echo get_text($spl_subject.' '.$spl); ?></label>
<input type="checkbox" name="spl_chk[]" id="spl_chk_<?php echo $i; ?>" value="1">
</td>
<td class="spl-subject-cell"><?php echo $spl_subject; ?></td>
<td class="spl-subject-cell"><?php echo get_text($spl_subject); ?></td>
<td class="spl-cell"><?php echo $spl; ?></td>
<td class="td_numsmall">
<label for="spl_price_<?php echo $i; ?>" class="sound_only">상품금액</label>

2
adm/sms_admin/number_move_update.php
View File

@ -21,7 +21,7 @@ for ($kk=0;$row = sql_fetch_array($result);$kk++)
$bk_no = $row['bk_no'];
for ($i=0; $i<count($post_chk_bg_no); $i++)
{
$bg_no = $post_chk_bg_no[$i];
$bg_no = (int) $post_chk_bg_no[$i];
if( !$bg_no ) continue;
$sql = " insert into {$g5['sms5_book_table']}

2
mobile/skin/member/basic/password_reset.skin.php
View File

@ -13,7 +13,7 @@ add_stylesheet('<link rel="stylesheet" href="' . $member_skin_url . '/style.css"
<p>새로운 비밀번호를 입력해주세요.</p>
<label for="mb_id" class="sound_only">아이디</label>
<br>
<b>회원 아이디 : <?php echo $_POST['mb_id']; ?></b>
<b>회원 아이디 : <?php echo get_text($_POST['mb_id']); ?></b>
<label for="mb_pw" class="sound_only">새 비밀번호<strong class="sound_only">필수</strong></label>
<input type="password" name="mb_password" id="mb_pw" required class="required frm_input full_input" size="30" placeholder="새 비밀번호">
<label for="mb_pw2" class="sound_only">새 비밀번호 확인<strong class="sound_only">필수</strong></label>

2
shop/orderaddressupdate.php
View File

@ -20,7 +20,7 @@ if ($is_member && $count) {
$ad_subject = isset($_POST['ad_subject'][$k]) ? clean_xss_tags($_POST['ad_subject'][$k]) : '';
$sql = " update {$g5['g5_shop_order_address_table']}
set ad_subject = '$ad_subject' ";
set ad_subject = '".sql_real_escape_string($ad_subject)."' ";
if(!empty($_POST['ad_default']) && $ad_id === $_POST['ad_default']) {
sql_query(" update {$g5['g5_shop_order_address_table']} set ad_default = '0' where mb_id = '{$member['mb_id']}' ");

2
skin/member/basic/password_reset.skin.php
View File

@ -13,7 +13,7 @@ add_stylesheet('<link rel="stylesheet" href="' . $member_skin_url . '/style.css"
<p>새로운 비밀번호를 입력해주세요.</p>
<label for="mb_id" class="sound_only">아이디</label>
<br>
<b>회원 아이디 : <?php echo $_POST['mb_id']; ?></b>
<b>회원 아이디 : <?php echo get_text($_POST['mb_id']); ?></b>
<label for="mb_pw" class="sound_only">새 비밀번호<strong class="sound_only">필수</strong></label>
<input type="password" name="mb_password" id="mb_pw" required class="required frm_input full_input" size="30" placeholder="새 비밀번호">
<label for="mb_pw2" class="sound_only">새 비밀번호 확인<strong class="sound_only">필수</strong></label>

2
theme/basic/mobile/skin/member/basic/password_reset.skin.php
View File

@ -13,7 +13,7 @@ add_stylesheet('<link rel="stylesheet" href="' . $member_skin_url . '/style.css"
<p>새로운 비밀번호를 입력해주세요.</p>
<label for="mb_id" class="sound_only">아이디</label>
<br>
<b>회원 아이디 : <?php echo $_POST['mb_id']; ?></b>
<b>회원 아이디 : <?php echo get_text($_POST['mb_id']); ?></b>
<label for="mb_pw" class="sound_only">새 비밀번호<strong class="sound_only">필수</strong></label>
<input type="password" name="mb_password" id="mb_pw" required class="required frm_input full_input" size="30" placeholder="새 비밀번호">
<label for="mb_pw2" class="sound_only">새 비밀번호 확인<strong class="sound_only">필수</strong></label>

2
theme/basic/skin/member/basic/password_reset.skin.php
View File

@ -13,7 +13,7 @@ add_stylesheet('<link rel="stylesheet" href="' . $member_skin_url . '/style.css"
<p>새로운 비밀번호를 입력해주세요.</p>
<label for="mb_id" class="sound_only">아이디</label>
<br>
<b>회원 아이디 : <?php echo $_POST['mb_id']; ?></b>
<b>회원 아이디 : <?php echo get_text($_POST['mb_id']); ?></b>
<label for="mb_pw" class="sound_only">새 비밀번호<strong class="sound_only">필수</strong></label>
<input type="password" name="mb_password" id="mb_pw" required class="required frm_input full_input" size="30" placeholder="새 비밀번호">
<label for="mb_pw2" class="sound_only">새 비밀번호 확인<strong class="sound_only">필수</strong></label>