firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

KVE-2019-0082 원격취약점 수정

Browse Source
This commit is contained in:
thisgun
2019-03-13 15:20:13 +09:00
parent bf75dc1d97
commit e1bd6082b2
10 changed files with 52 additions and 36 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
adm/shop_admin/itemeventlistupdate.php
View File

@ -8,16 +8,18 @@ auth_check($auth[$sub_menu], "w");
for ($i=0; $i<count($_POST['it_id']); $i++)
{
$iit_id = preg_replace('/[^a-z0-9_\-]/i', '', $_POST['it_id'][$i]);
$sql = " delete from {$g5['g5_shop_event_item_table']}
where ev_id = '$ev_id'
and it_id = '{$_POST['it_id'][$i]}' ";
and it_id = '{$iit_id}' ";
sql_query($sql);
if ($_POST['ev_chk'][$i])
if (isset($_POST['ev_chk'][$i]) && $_POST['ev_chk'][$i])
{
$sql = "insert into {$g5['g5_shop_event_item_table']}
set ev_id = '$ev_id',
it_id = '{$_POST['it_id'][$i]}' ";
it_id = '{$iit_id}' ";
sql_query($sql);
}