XSS 취약점 수정

2019-06-12 15:17:43 +09:00
parent 9e14e803e5
commit e6a3270936
6 changed files with 16 additions and 16 deletions
--- a/adm/mail_form.php
+++ b/adm/mail_form.php
@ -44,7 +44,7 @@ include_once('./admin.head.php');
    </tr>
    <tr>
        <th scope="row"><label for="ma_content">메일 내용<strong class="sound_only">필수</strong></label></th>
-        <td><?php echo editor_html("ma_content", get_text($ma['ma_content'], 0)); ?></td>
+        <td><?php echo editor_html("ma_content", get_text(html_purifier($ma['ma_content']), 0)); ?></td>
    </tr>
    </tbody>
    </table>