firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

KVE-2019-0082 원격취약점 수정

Browse Source
This commit is contained in:
thisgun
2019-03-13 15:20:13 +09:00
parent bf75dc1d97
commit e1bd6082b2
10 changed files with 52 additions and 36 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
adm/shop_admin/itemstocksmsupdate.php
View File

@ -20,10 +20,11 @@ if ($_POST['act_button'] == "선택SMS전송") {
// 실제 번호를 넘김
$k = $_POST['chk'][$i];
$sss_id = (int) $_POST['ss_id'][$k];
$sql = " select a.ss_id, a.ss_hp, a.ss_send, b.it_id, b.it_name
from {$g5['g5_shop_item_stocksms_table']} a left join {$g5['g5_shop_item_table']} b on ( a.it_id = b.it_id )
where a.ss_id = '{$_POST['ss_id'][$k]}' ";
where a.ss_id = '$sss_id' ";
$row = sql_fetch($sql);
if(!$row['ss_id'] || !$row['it_id'] || $row['ss_send'])
@ -43,7 +44,7 @@ if ($_POST['act_button'] == "선택SMS전송") {
$sql = " update {$g5['g5_shop_item_stocksms_table']}
set ss_send = '1',
ss_send_time = '".G5_TIME_YMDHIS."'
where ss_id = '{$_POST['ss_id'][$k]}' ";
where ss_id = '{$sss_id}' ";
sql_query($sql);
}
@ -105,8 +106,9 @@ if ($_POST['act_button'] == "선택SMS전송") {
for ($i=0; $i<count($_POST['chk']); $i++) {
// 실제 번호를 넘김
$k = $_POST['chk'][$i];
$sss_id = (int) $_POST['ss_id'][$k];
$sql = " delete from {$g5['g5_shop_item_stocksms_table']} where ss_id = '{$_POST['ss_id'][$k]}' ";
$sql = " delete from {$g5['g5_shop_item_stocksms_table']} where ss_id = '{$sss_id}' ";
sql_query($sql);
}
}