firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

post 등에 mysql_real_escape_string 적용하는 코드 수정

Browse Source
This commit is contained in:
chicpro
2014-02-20 11:37:26 +09:00
parent 330d1d97d9
commit ebddad121e
14 changed files with 53 additions and 53 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
mobile/shop/item.php
View File

@ -2,7 +2,7 @@
include_once('./_common.php');
include_once(G5_LIB_PATH.'/iteminfo.lib.php');
$it_id = escape_trim($_GET['it_id']);
$it_id = trim($_GET['it_id']);
// 분류사용, 상품사용하는 상품의 정보를 얻음
$sql = " select a.*,

6
mobile/shop/itemqaform.php
View File

@ -6,9 +6,9 @@ if (!$is_member) {
alert_close("상품문의는 회원만 작성 가능합니다.");
}
$w = escape_trim($_REQUEST['w']);
$it_id = escape_trim($_REQUEST['it_id']);
$iq_id = escape_trim($_REQUEST['iq_id']);
$w = trim($_REQUEST['w']);
$it_id = trim($_REQUEST['it_id']);
$iq_id = trim($_REQUEST['iq_id']);
$chk_secret = '';

4
mobile/shop/itemqalist.php
View File

@ -2,8 +2,8 @@
include_once('./_common.php');
include_once(G5_LIB_PATH.'/thumb.lib.php');
$sfl = escape_trim($_REQUEST['sfl']);
$stx = escape_trim($_REQUEST['stx']);
$sfl = trim($_REQUEST['sfl']);
$stx = trim($_REQUEST['stx']);
$g5['title'] = '상품문의';
include_once(G5_MSHOP_PATH.'/_head.php');

6
mobile/shop/itemuseform.php
View File

@ -6,9 +6,9 @@ if (!$is_member) {
alert_close("사용후기는 회원만 작성 가능합니다.");
}
$w = escape_trim($_REQUEST['w']);
$it_id = escape_trim($_REQUEST['it_id']);
$is_id = escape_trim($_REQUEST['is_id']);
$w = trim($_REQUEST['w']);
$it_id = trim($_REQUEST['it_id']);
$is_id = trim($_REQUEST['is_id']);
// 사용후기 작성 설정에 따른 체크
check_itemuse_write();

4
mobile/shop/itemuselist.php
View File

@ -2,8 +2,8 @@
include_once('./_common.php');
include_once(G5_LIB_PATH.'/thumb.lib.php');
$sfl = escape_trim($_REQUEST['sfl']);
$stx = escape_trim($_REQUEST['stx']);
$sfl = trim($_REQUEST['sfl']);
$stx = trim($_REQUEST['stx']);
$g5['title'] = '사용후기';
include_once(G5_MSHOP_PATH.'/_head.php');

16
mobile/shop/search.php
View File

@ -4,14 +4,14 @@ include_once('./_common.php');
$g5['title'] = "상품 검색 결과";
include_once(G5_MSHOP_PATH.'/_head.php');
$q = utf8_strcut(escape_trim($_GET['q']), 30, "");
$qname = escape_trim($_GET['qname']);
$qexplan = escape_trim($_GET['qexplan']);
$qid = escape_trim($_GET['qid']);
$qcaid = escape_trim($_GET['qcaid']);
$qfrom = escape_trim($_GET['qfrom']);
$qto = escape_trim($_GET['qto']);
$qsort = escape_trim($_GET['qsort']);
$q = utf8_strcut(trim($_GET['q']), 30, "");
$qname = trim($_GET['qname']);
$qexplan = trim($_GET['qexplan']);
$qid = trim($_GET['qid']);
$qcaid = trim($_GET['qcaid']);
$qfrom = trim($_GET['qfrom']);
$qto = trim($_GET['qto']);
$qsort = trim($_GET['qsort']);
// QUERY 문에 공통적으로 들어가는 내용
// 상품명에 검색어가 포한된것과 상품판매가능인것만

2
shop/item.php
View File

@ -6,7 +6,7 @@ if (G5_IS_MOBILE) {
return;
}
$it_id = escape_trim($_GET['it_id']);
$it_id = trim($_GET['it_id']);
include_once(G5_LIB_PATH.'/iteminfo.lib.php');

6
shop/itemqaform.php
View File

@ -12,9 +12,9 @@ if (!$is_member) {
alert_close("상품문의는 회원만 작성 가능합니다.");
}
$w = escape_trim($_REQUEST['w']);
$it_id = escape_trim($_REQUEST['it_id']);
$iq_id = escape_trim($_REQUEST['iq_id']);
$w = trim($_REQUEST['w']);
$it_id = trim($_REQUEST['it_id']);
$iq_id = trim($_REQUEST['iq_id']);
$chk_secret = '';

10
shop/itemqaformupdate.php
View File

@ -5,11 +5,11 @@ if (!$is_member) {
alert_close("상품문의는 회원만 작성이 가능합니다.");
}
$iq_id = escape_trim($_REQUEST['iq_id']);
$iq_subject = escape_trim($_POST['iq_subject']);
$iq_question = escape_trim(stripslashes($_POST['iq_question']));
$iq_answer = escape_trim(stripslashes($_POST['iq_answer']));
$hash = escape_trim($_REQUEST['hash']);
$iq_id = trim($_REQUEST['iq_id']);
$iq_subject = trim($_POST['iq_subject']);
$iq_question = trim(stripslashes($_POST['iq_question']));
$iq_answer = trim(stripslashes($_POST['iq_answer']));
$hash = trim($_REQUEST['hash']);
if ($w == "" || $w == "u") {
$iq_name = $member['mb_name'];

4
shop/itemqalist.php
View File

@ -8,8 +8,8 @@ if (G5_IS_MOBILE) {
include_once(G5_LIB_PATH.'/thumb.lib.php');
$sfl = escape_trim($_REQUEST['sfl']);
$stx = escape_trim($_REQUEST['stx']);
$sfl = trim($_REQUEST['sfl']);
$stx = trim($_REQUEST['stx']);
$g5['title'] = '상품문의';
include_once('./_head.php');

6
shop/itemuseform.php
View File

@ -12,9 +12,9 @@ if (!$is_member) {
alert_close("사용후기는 회원만 작성 가능합니다.");
}
$w = escape_trim($_REQUEST['w']);
$it_id = escape_trim($_REQUEST['it_id']);
$is_id = escape_trim($_REQUEST['is_id']);
$w = trim($_REQUEST['w']);
$it_id = trim($_REQUEST['it_id']);
$is_id = trim($_REQUEST['is_id']);
// 사용후기 작성 설정에 따른 체크
check_itemuse_write();

10
shop/itemuseformupdate.php
View File

@ -8,11 +8,11 @@ if (!$is_member) {
// 사용후기 작성 설정에 따른 체크
check_itemuse_write();
$it_id = escape_trim($_REQUEST['it_id']);
$is_subject = escape_trim($_POST['is_subject']);
$is_content = escape_trim($_POST['is_content']);
$is_name = escape_trim($_POST['is_name']);
$is_password = escape_trim($_POST['is_password']);
$it_id = trim($_REQUEST['it_id']);
$is_subject = trim($_POST['is_subject']);
$is_content = trim($_POST['is_content']);
$is_name = trim($_POST['is_name']);
$is_password = trim($_POST['is_password']);
$is_score = (int)$_POST['is_score'] > 5 ? 0 : (int)$_POST['is_score'];
if ($w == "" || $w == "u") {

4
shop/itemuselist.php
View File

@ -8,8 +8,8 @@ if (G5_IS_MOBILE) {
include_once(G5_LIB_PATH.'/thumb.lib.php');
$sfl = escape_trim($_REQUEST['sfl']);
$stx = escape_trim($_REQUEST['stx']);
$sfl = trim($_REQUEST['sfl']);
$stx = trim($_REQUEST['stx']);
$g5['title'] = '사용후기';
include_once('./_head.php');

16
shop/search.php
View File

@ -9,14 +9,14 @@ if (G5_IS_MOBILE) {
$g5['title'] = "상품 검색 결과";
include_once('./_head.php');
$q = utf8_strcut(escape_trim($_GET['q']), 30, "");
$qname = escape_trim($_GET['qname']);
$qexplan = escape_trim($_GET['qexplan']);
$qid = escape_trim($_GET['qid']);
$qcaid = escape_trim($_GET['qcaid']);
$qfrom = escape_trim($_GET['qfrom']);
$qto = escape_trim($_GET['qto']);
$qsort = escape_trim($_GET['qsort']);
$q = utf8_strcut(trim($_GET['q']), 30, "");
$qname = trim($_GET['qname']);
$qexplan = trim($_GET['qexplan']);
$qid = trim($_GET['qid']);
$qcaid = trim($_GET['qcaid']);
$qfrom = trim($_GET['qfrom']);
$qto = trim($_GET['qto']);
$qsort = trim($_GET['qsort']);
// QUERY 문에 공통적으로 들어가는 내용
// 상품명에 검색어가 포한된것과 상품판매가능인것만