firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

KVE-2019-0082 원격취약점 수정

Browse Source
This commit is contained in:
thisgun
2019-03-13 15:20:13 +09:00
parent bf75dc1d97
commit e1bd6082b2
10 changed files with 52 additions and 36 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
adm/shop_admin/itemstocklistupdate.php
View File

@ -12,12 +12,12 @@ check_admin_token();
for ($i=0; $i<count($_POST['it_id']); $i++)
{
$sql = "update {$g5['g5_shop_item_table']}
set it_stock_qty = '{$_POST['it_stock_qty'][$i]}',
it_noti_qty = '{$_POST['it_noti_qty'][$i]}',
it_use = '{$_POST['it_use'][$i]}',
it_soldout = '{$_POST['it_soldout'][$i]}',
it_stock_sms = '{$_POST['it_stock_sms'][$i]}'
where it_id = '{$_POST['it_id'][$i]}' ";
set it_stock_qty = '".sql_real_escape_string($_POST['it_stock_qty'][$i])."',
it_noti_qty = '".sql_real_escape_string($_POST['it_noti_qty'][$i])."',
it_use = '".sql_real_escape_string($_POST['it_use'][$i])."',
it_soldout = '".sql_real_escape_string($_POST['it_soldout'][$i])."',
it_stock_sms = '".sql_real_escape_string($_POST['it_stock_sms'][$i])."'
where it_id = '".sql_real_escape_string($_POST['it_id'][$i])."' ";
sql_query($sql);
}