관리자 회원메일발송 페이지 xss 취약점 수정

2019-07-19 19:58:12 +09:00
parent cbde9c91d7
commit f675c38441
2 changed files with 9 additions and 5 deletions
--- a/adm/mail_update.php
+++ b/adm/mail_update.php
@ -9,11 +9,13 @@ auth_check($auth[$sub_menu], 'w');

 check_admin_token();

+$ma_id = isset($_POST['ma_id']) ? (int) $_POST['ma_id'] : 0;
+$ma_subject = isset($_POST['ma_subject']) ? strip_tags($_POST['ma_subject']) : '';
+
 if ($w == '')
 {
    $sql = " insert {$g5['mail_table']}
-                set ma_id = '{$_POST['ma_id']}',
-                     ma_subject = '{$_POST['ma_subject']}',
+                set ma_subject = '{$ma_subject}',
                     ma_content = '{$_POST['ma_content']}',
                     ma_time = '".G5_TIME_YMDHIS."',
                     ma_ip = '{$_SERVER['REMOTE_ADDR']}' ";
@ -22,16 +24,16 @@ if ($w == '')
 else if ($w == 'u')
 {
    $sql = " update {$g5['mail_table']}
-                set ma_subject = '{$_POST['ma_subject']}',
+                set ma_subject = '{$ma_subject}',
                     ma_content = '{$_POST['ma_content']}',
                     ma_time = '".G5_TIME_YMDHIS."',
                     ma_ip = '{$_SERVER['REMOTE_ADDR']}'
-                where ma_id = '{$_POST['ma_id']}' ";
+                where ma_id = '{$ma_id}' ";
    sql_query($sql);
 }
 else if ($w == 'd')
 {
-	$sql = " delete from {$g5['mail_table']} where ma_id = '{$_POST['ma_id']}' ";
+	$sql = " delete from {$g5['mail_table']} where ma_id = '{$ma_id}' ";
    sql_query($sql);
 }