firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

XSS 취약점 수정

Browse Source
This commit is contained in:
thisgun
2019-06-12 15:17:43 +09:00
parent 9e14e803e5
commit e6a3270936
6 changed files with 16 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
adm/board_form.php
View File

@ -869,7 +869,7 @@ $pg_anchor = '<ul class="anchor">
<tr>
<th scope="row"><label for="bo_content_head">상단 내용</label></th>
<td>
<?php echo editor_html("bo_content_head", get_text($board['bo_content_head'], 0)); ?>
<?php echo editor_html("bo_content_head", get_text(html_purifier($board['bo_content_head']), 0)); ?>
</td>
<td class="td_grpset">
<input type="checkbox" name="chk_grp_content_head" value="1" id="chk_grp_content_head">
@ -881,7 +881,7 @@ $pg_anchor = '<ul class="anchor">
<tr>
<th scope="row"><label for="bo_content_tail">하단 내용</label></th>
<td>
<?php echo editor_html("bo_content_tail", get_text($board['bo_content_tail'], 0)); ?>
<?php echo editor_html("bo_content_tail", get_text(html_purifier($board['bo_content_tail']), 0)); ?>
</td>
<td class="td_grpset">
<input type="checkbox" name="chk_grp_content_tail" value="1" id="chk_grp_content_tail">
@ -893,7 +893,7 @@ $pg_anchor = '<ul class="anchor">
<tr>
<th scope="row"><label for="bo_mobile_content_head">모바일 상단 내용</label></th>
<td>
<?php echo editor_html("bo_mobile_content_head", get_text($board['bo_mobile_content_head'], 0)); ?>
<?php echo editor_html("bo_mobile_content_head", get_text(html_purifier($board['bo_mobile_content_head']), 0)); ?>
</td>
<td class="td_grpset">
<input type="checkbox" name="chk_grp_mobile_content_head" value="1" id="chk_grp_mobile_content_head">
@ -905,7 +905,7 @@ $pg_anchor = '<ul class="anchor">
<tr>
<th scope="row"><label for="bo_mobile_content_tail">모바일 하단 내용</label></th>
<td>
<?php echo editor_html("bo_mobile_content_tail", get_text($board['bo_mobile_content_tail'], 0)); ?>
<?php echo editor_html("bo_mobile_content_tail", get_text(html_purifier($board['bo_mobile_content_tail']), 0)); ?>
</td>
<td class="td_grpset">
<input type="checkbox" name="chk_grp_mobile_content_tail" value="1" id="chk_grp_mobile_content_tail">

4
adm/faqform.php
View File

@ -54,11 +54,11 @@ include_once (G5_ADMIN_PATH.'/admin.head.php');
</tr>
<tr>
<th scope="row">질문</th>
<td><?php echo editor_html('fa_subject', get_text($fa['fa_subject'], 0)); ?></td>
<td><?php echo editor_html('fa_subject', get_text(html_purifier($fa['fa_subject']), 0)); ?></td>
</tr>
<tr>
<th scope="row">답변</th>
<td><?php echo editor_html('fa_content', get_text($fa['fa_content'], 0)); ?></td>
<td><?php echo editor_html('fa_content', get_text(html_purifier($fa['fa_content']), 0)); ?></td>
</tr>
</tbody>
</table>

8
adm/faqmasterform.php
View File

@ -117,25 +117,25 @@ include_once (G5_ADMIN_PATH.'/admin.head.php');
<tr>
<th scope="row">상단 내용</th>
<td>
<?php echo editor_html('fm_head_html', get_text($fm['fm_head_html'], 0)); ?>
<?php echo editor_html('fm_head_html', get_text(html_purifier($fm['fm_head_html']), 0)); ?>
</td>
</tr>
<tr>
<th scope="row">하단 내용</th>
<td>
<?php echo editor_html('fm_tail_html', get_text($fm['fm_tail_html'], 0)); ?>
<?php echo editor_html('fm_tail_html', get_text(html_purifier($fm['fm_tail_html']), 0)); ?>
</td>
</tr>
<tr>
<th scope="row">모바일상단 내용</th>
<td>
<?php echo editor_html('fm_mobile_head_html', get_text($fm['fm_mobile_head_html'], 0)); ?>
<?php echo editor_html('fm_mobile_head_html', get_text(html_purifier($fm['fm_mobile_head_html']), 0)); ?>
</td>
</tr>
<tr>
<th scope="row">모바일하단 내용</th>
<td>
<?php echo editor_html('fm_mobile_tail_html', get_text($fm['fm_mobile_tail_html'], 0)); ?>
<?php echo editor_html('fm_mobile_tail_html', get_text(html_purifier($fm['fm_mobile_tail_html']), 0)); ?>
</td>
</tr>
</tbody>

2
adm/mail_form.php
View File

@ -44,7 +44,7 @@ include_once('./admin.head.php');
</tr>
<tr>
<th scope="row"><label for="ma_content">메일 내용<strong class="sound_only">필수</strong></label></th>
<td><?php echo editor_html("ma_content", get_text($ma['ma_content'], 0)); ?></td>
<td><?php echo editor_html("ma_content", get_text(html_purifier($ma['ma_content']), 0)); ?></td>
</tr>
</tbody>
</table>

2
adm/newwinform.php
View File

@ -114,7 +114,7 @@ include_once (G5_ADMIN_PATH.'/admin.head.php');
</tr>
<tr>
<th scope="row"><label for="nw_content">내용</label></th>
<td><?php echo editor_html('nw_content', get_text($nw['nw_content'], 0)); ?></td>
<td><?php echo editor_html('nw_content', get_text(html_purifier($nw['nw_content']), 0)); ?></td>
</tr>
</tbody>
</table>

8
adm/qa_config.php
View File

@ -282,25 +282,25 @@ if(!isset($qaconfig['qa_include_head'])) {
<tr>
<th scope="row"><label for="qa_content_head">상단 내용</label></th>
<td>
<?php echo editor_html("qa_content_head", get_text($qaconfig['qa_content_head'], 0)); ?>
<?php echo editor_html("qa_content_head", get_text(html_purifier($qaconfig['qa_content_head']), 0)); ?>
</td>
</tr>
<tr>
<th scope="row"><label for="qa_content_tail">하단 내용</label></th>
<td>
<?php echo editor_html("qa_content_tail", get_text($qaconfig['qa_content_tail'], 0)); ?>
<?php echo editor_html("qa_content_tail", get_text(html_purifier($qaconfig['qa_content_tail']), 0)); ?>
</td>
</tr>
<tr>
<th scope="row"><label for="qa_mobile_content_head">모바일 상단 내용</label></th>
<td>
<?php echo editor_html("qa_mobile_content_head", get_text($qaconfig['qa_mobile_content_head'], 0)); ?>
<?php echo editor_html("qa_mobile_content_head", get_text(html_purifier($qaconfig['qa_mobile_content_head']), 0)); ?>
</td>
</tr>
<tr>
<th scope="row"><label for="qa_mobile_content_tail">모바일 하단 내용</label></th>
<td>
<?php echo editor_html("qa_mobile_content_tail", get_text($qaconfig['qa_mobile_content_tail'], 0)); ?>
<?php echo editor_html("qa_mobile_content_tail", get_text(html_purifier($qaconfig['qa_mobile_content_tail']), 0)); ?>
</td>
</tr>
<tr>