firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

XSS 취약점 수정

Browse Source
This commit is contained in:
thisgun
2023-04-17 14:41:38 +09:00
parent 8ecc5ba241
commit fe03163cce
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
bbs/search.php
View File

@ -25,7 +25,7 @@ if ($stx) {
$sql = " select gr_id, bo_table, bo_read_level from {$g5['board_table']} where bo_use_search = 1 and bo_list_level <= '{$member['mb_level']}' ";
if ($gr_id)
$sql .= " and gr_id = '{$gr_id}' ";
$onetable = isset($onetable) ? $onetable : "";
$onetable = isset($onetable) ? preg_replace('/[^a-z0-9_]/i', '', $onetable) : '';
if ($onetable) // 하나의 게시판만 검색한다면
$sql .= " and bo_table = '{$onetable}' ";
$sql .= " order by bo_order, gr_id, bo_table ";