firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

안전하지 않는 변수에 필터링 추가

Browse Source
This commit is contained in:
thisgun
2022-06-17 12:23:21 +09:00
parent e061ad852b
commit d4f4612b22
7 changed files with 10 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
shop/orderaddressupdate.php
View File

@ -20,7 +20,7 @@ if ($is_member && $count) {
$ad_subject = isset($_POST['ad_subject'][$k]) ? clean_xss_tags($_POST['ad_subject'][$k]) : '';
$sql = " update {$g5['g5_shop_order_address_table']}
set ad_subject = '$ad_subject' ";
set ad_subject = '".sql_real_escape_string($ad_subject)."' ";
if(!empty($_POST['ad_default']) && $ad_id === $_POST['ad_default']) {
sql_query(" update {$g5['g5_shop_order_address_table']} set ad_default = '0' where mb_id = '{$member['mb_id']}' ");