firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

post 등에 mysql_real_escape_string 적용하는 코드 수정

Browse Source
This commit is contained in:
chicpro
2014-02-20 11:37:26 +09:00
parent 330d1d97d9
commit ebddad121e
14 changed files with 53 additions and 53 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
mobile/shop/item.php
View File

@ -2,7 +2,7 @@
include_once('./_common.php');
include_once(G5_LIB_PATH.'/iteminfo.lib.php');
$it_id = escape_trim($_GET['it_id']);
$it_id = trim($_GET['it_id']);
// 분류사용, 상품사용하는 상품의 정보를 얻음
$sql = " select a.*,

6
mobile/shop/itemqaform.php
View File

@ -6,9 +6,9 @@ if (!$is_member) {
alert_close("상품문의는 회원만 작성 가능합니다.");
}
$w = escape_trim($_REQUEST['w']);
$it_id = escape_trim($_REQUEST['it_id']);
$iq_id = escape_trim($_REQUEST['iq_id']);
$w = trim($_REQUEST['w']);
$it_id = trim($_REQUEST['it_id']);
$iq_id = trim($_REQUEST['iq_id']);
$chk_secret = '';

4
mobile/shop/itemqalist.php
View File

@ -2,8 +2,8 @@
include_once('./_common.php');
include_once(G5_LIB_PATH.'/thumb.lib.php');
$sfl = escape_trim($_REQUEST['sfl']);
$stx = escape_trim($_REQUEST['stx']);
$sfl = trim($_REQUEST['sfl']);
$stx = trim($_REQUEST['stx']);
$g5['title'] = '상품문의';
include_once(G5_MSHOP_PATH.'/_head.php');

6
mobile/shop/itemuseform.php
View File

@ -6,9 +6,9 @@ if (!$is_member) {
alert_close("사용후기는 회원만 작성 가능합니다.");
}
$w = escape_trim($_REQUEST['w']);
$it_id = escape_trim($_REQUEST['it_id']);
$is_id = escape_trim($_REQUEST['is_id']);
$w = trim($_REQUEST['w']);
$it_id = trim($_REQUEST['it_id']);
$is_id = trim($_REQUEST['is_id']);
// 사용후기 작성 설정에 따른 체크
check_itemuse_write();

4
mobile/shop/itemuselist.php
View File

@ -2,8 +2,8 @@
include_once('./_common.php');
include_once(G5_LIB_PATH.'/thumb.lib.php');
$sfl = escape_trim($_REQUEST['sfl']);
$stx = escape_trim($_REQUEST['stx']);
$sfl = trim($_REQUEST['sfl']);
$stx = trim($_REQUEST['stx']);
$g5['title'] = '사용후기';
include_once(G5_MSHOP_PATH.'/_head.php');

16
mobile/shop/search.php
View File

@ -4,14 +4,14 @@ include_once('./_common.php');
$g5['title'] = "상품 검색 결과";
include_once(G5_MSHOP_PATH.'/_head.php');
$q = utf8_strcut(escape_trim($_GET['q']), 30, "");
$qname = escape_trim($_GET['qname']);
$qexplan = escape_trim($_GET['qexplan']);
$qid = escape_trim($_GET['qid']);
$qcaid = escape_trim($_GET['qcaid']);
$qfrom = escape_trim($_GET['qfrom']);
$qto = escape_trim($_GET['qto']);
$qsort = escape_trim($_GET['qsort']);
$q = utf8_strcut(trim($_GET['q']), 30, "");
$qname = trim($_GET['qname']);
$qexplan = trim($_GET['qexplan']);
$qid = trim($_GET['qid']);
$qcaid = trim($_GET['qcaid']);
$qfrom = trim($_GET['qfrom']);
$qto = trim($_GET['qto']);
$qsort = trim($_GET['qsort']);
// QUERY 문에 공통적으로 들어가는 내용
// 상품명에 검색어가 포한된것과 상품판매가능인것만