AGENT를 이용한 XSS 취약점 수정

2015-05-18 14:37:02 +09:00
parent 08f7c21fc2
commit d701f840db
3 changed files with 5 additions and 5 deletions
--- a/adm/visit_list.php
+++ b/adm/visit_list.php
@ -75,8 +75,8 @@ $result = sql_query($sql);
        else
            $ip = preg_replace("/([0-9]+).([0-9]+).([0-9]+).([0-9]+)/", G5_IP_DISPLAY, $row['vi_ip']);

-        if ($brow == '기타') { $brow = '<span title="'.$row['vi_agent'].'">'.$brow.'</span>'; }
-        if ($os == '기타') { $os = '<span title="'.$row['vi_agent'].'">'.$os.'</span>'; }
+        if ($brow == '기타') { $brow = '<span title="'.get_text($row['vi_agent']).'">'.$brow.'</span>'; }
+        if ($os == '기타') { $os = '<span title="'.get_text($row['vi_agent']).'">'.$os.'</span>'; }

        $bg = 'bg'.($i%2);
    ?>