firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

영카트5 SQL INJECTION 취약점( 17-480 ) 수정

Browse Source
This commit is contained in:
thisgun
2017-08-10 10:12:58 +09:00
parent 18c8ecfa6a
commit f80ddf1468
1 changed files with 13 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
mobile/shop/_common.php
View File

@ -1,6 +1,19 @@
<?php <?php
include_once('../../common.php'); include_once('../../common.php');
if (isset($_REQUEST['sort'])) {
$sort = trim($_REQUEST['sort']);
$sort = preg_replace("/[\<\>\'\"\\\'\\\"\%\=\(\)\s]/", "", $sort);
} else {
$sort = '';
}
if (isset($_REQUEST['sortodr'])) {
$sortodr = preg_match("/^(asc|desc)$/i", $sortodr) ? $sortodr : '';
} else {
$sortodr = '';
}
if (!defined('G5_USE_SHOP') || !G5_USE_SHOP) if (!defined('G5_USE_SHOP') || !G5_USE_SHOP)
die('<p>쇼핑몰 설치 후 이용해 주십시오.</p>'); die('<p>쇼핑몰 설치 후 이용해 주십시오.</p>');
define('_SHOP_', true); define('_SHOP_', true);