From 9691405fd43dad6d70d3570f34500ffb1f9c6365 Mon Sep 17 00:00:00 2001
From: chicpro <chicpro@gmail.com>
Date: Fri, 17 Oct 2014 13:22:26 +0900
Subject: [PATCH] =?UTF-8?q?=EA=B4=80=EB=A6=AC=EC=9E=90=20XSS=20=EB=8C=80?=
 =?UTF-8?q?=EC=9D=91=20=EC=BD=94=EB=93=9C=20=EC=B6=94=EA=B0=80?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 adm/boardgroupmember_form.php | 2 +-
 adm/boardgroupmember_list.php | 2 +-
 adm/index.php                 | 4 ++--
 adm/mail_select_list.php      | 4 ++--
 adm/mail_test.php             | 2 +-
 adm/member_list.php           | 4 ++--
 adm/point_list.php            | 2 +-
 lib/common.lib.php            | 2 +-
 8 files changed, 11 insertions(+), 11 deletions(-)

diff --git a/adm/boardgroupmember_form.php b/adm/boardgroupmember_form.php
index 01df7dcfa..70d014c82 100644
--- a/adm/boardgroupmember_form.php
+++ b/adm/boardgroupmember_form.php
@@ -20,7 +20,7 @@ $colspan = 4;
 <input type="hidden" name="mb_id" value="<?php echo $mb['mb_id'] ?>" id="mb_id">
 <input type="hidden" name="token" value="<?php echo $token ?>" id="token">
 <div class="local_cmd01 local_cmd">
-    <p>아이디 <b><?php echo $mb['mb_id'] ?></b>, 이름 <b><?php echo $mb['mb_name'] ?></b>, 닉네임 <b><?php echo $mb['mb_nick'] ?></b></p>
+    <p>아이디 <b><?php echo $mb['mb_id'] ?></b>, 이름 <b><?php echo get_text($mb['mb_name']); ?></b>, 닉네임 <b><?php echo $mb['mb_nick'] ?></b></p>
     <label for="gr_id">그룹지정</label>
     <select name="gr_id" id="gr_id">
         <option value="">접근가능 그룹을 선택하세요.</option>
diff --git a/adm/boardgroupmember_list.php b/adm/boardgroupmember_list.php
index 9c3852ccf..e6eaf01fe 100644
--- a/adm/boardgroupmember_list.php
+++ b/adm/boardgroupmember_list.php
@@ -117,7 +117,7 @@ $colspan = 7;
         </td>
         <td class="td_grid"><?php echo $group ?></td>
         <td class="td_mbid"><?php echo $row['mb_id'] ?></td>
-        <td class="td_mbname"><?php echo $row['mb_name'] ?></td>
+        <td class="td_mbname"><?php echo get_text($row['mb_name']); ?></td>
         <td class="td_name sv_use"><?php echo $mb_nick ?></td>
         <td class="td_datetime"><?php echo substr($row['mb_today_login'],2,8) ?></td>
         <td class="td_datetime"><?php echo $row['gm_datetime'] ?></td>
diff --git a/adm/index.php b/adm/index.php
index da3d7d8a6..f5a1b2f79 100644
--- a/adm/index.php
+++ b/adm/index.php
@@ -102,7 +102,7 @@ $colspan = 12;
         ?>
         <tr>
             <td class="td_mbid"><?php echo $mb_id ?></td>
-            <td class="td_mbname"><?php echo $row['mb_name'] ?></td>
+            <td class="td_mbname"><?php echo get_text($row['mb_name']); ?></td>
             <td class="td_mbname sv_use"><div><?php echo $mb_nick ?></div></td>
             <td class="td_num"><?php echo $row['mb_level'] ?></td>
             <td><a href="./point_list.php?sfl=mb_id&amp;stx=<?php echo $row['mb_id'] ?>"><?php echo number_format($row['mb_point']) ?></a></td>
@@ -284,7 +284,7 @@ $colspan = 7;
 
         <tr>
             <td class="td_mbid"><a href="./point_list.php?sfl=mb_id&amp;stx=<?php echo $row['mb_id'] ?>"><?php echo $row['mb_id'] ?></a></td>
-            <td class="td_mbname"><?php echo $row2['mb_name'] ?></td>
+            <td class="td_mbname"><?php echo get_text($row2['mb_name']); ?></td>
             <td class="td_name sv_use"><div><?php echo $mb_nick ?></div></td>
             <td class="td_datetime"><?php echo $row['po_datetime'] ?></td>
             <td><?php echo $link1.$row['po_content'].$link2 ?></td>
diff --git a/adm/mail_select_list.php b/adm/mail_select_list.php
index db05cca50..c05622971 100644
--- a/adm/mail_select_list.php
+++ b/adm/mail_select_list.php
@@ -93,7 +93,7 @@ include_once('./admin.head.php');
     $cr = "";
     while ($row=sql_fetch_array($result)) {
         $i++;
-        $ma_list .= $cr . $row['mb_email'] . "||" . $row['mb_id'] . "||" . $row['mb_name'] . "||" . $row['mb_nick'] . "||" . $row['mb_datetime'];
+        $ma_list .= $cr . $row['mb_email'] . "||" . $row['mb_id'] . "||" . get_text($row['mb_name']) . "||" . $row['mb_nick'] . "||" . $row['mb_datetime'];
         $cr = "\n";
 
         $bg = 'bg'.($i%2);
@@ -101,7 +101,7 @@ include_once('./admin.head.php');
     <tr class="<?php echo $bg; ?>">
         <td class="td_num"><?php echo $i ?></td>
         <td class="td_mbid"><?php echo $row['mb_id'] ?></td>
-        <td class="td_mbname"><?php echo $row['mb_name'] ?></td>
+        <td class="td_mbname"><?php echo get_text($row['mb_name']); ?></td>
         <td class="td_mbname"><?php echo $row['mb_nick'] ?></td>
         <td><?php echo $row['mb_email'] ?></td>
     </tr>
diff --git a/adm/mail_test.php b/adm/mail_test.php
index 61b3aee56..bc321f545 100644
--- a/adm/mail_test.php
+++ b/adm/mail_test.php
@@ -13,7 +13,7 @@ check_demo();
 
 $g5['title'] = '회원메일 테스트';
 
-$name = $member['mb_name'];
+$name = get_text($member['mb_name']);
 $nick = $member['mb_nick'];
 $mb_id = $member['mb_id'];
 $email = $member['mb_email'];
diff --git a/adm/member_list.php b/adm/member_list.php
index 9e23e76c1..5b94d03b5 100644
--- a/adm/member_list.php
+++ b/adm/member_list.php
@@ -213,11 +213,11 @@ $colspan = 16;
     <tr class="<?php echo $bg; ?>">
         <td headers="mb_list_chk" class="td_chk" rowspan="2">
             <input type="hidden" name="mb_id[<?php echo $i ?>]" value="<?php echo $row['mb_id'] ?>" id="mb_id_<?php echo $i ?>">
-            <label for="chk_<?php echo $i; ?>" class="sound_only"><?php echo $row['mb_name']; ?> <?php echo $row['mb_nick']; ?>님</label>
+            <label for="chk_<?php echo $i; ?>" class="sound_only"><?php echo get_text($row['mb_name']); ?> <?php echo $row['mb_nick']; ?>님</label>
             <input type="checkbox" name="chk[]" value="<?php echo $i ?>" id="chk_<?php echo $i ?>">
         </td>
         <td headers="mb_list_id" rowspan="2" class="td_name sv_use"><?php echo $mb_id ?></td>
-        <td headers="mb_list_name" class="td_mbname"><?php echo $row['mb_name']; ?></td>
+        <td headers="mb_list_name" class="td_mbname"><?php echo get_text($row['mb_name']); ?></td>
         <td headers="mb_list_cert" colspan="6" class="td_mbcert">
             <input type="radio" name="mb_certify[<?php echo $i; ?>]" value="ipin" id="mb_certify_ipin_<?php echo $i; ?>" <?php echo $row['mb_certify']=='ipin'?'checked':''; ?>>
             <label for="mb_certify_ipin_<?php echo $i; ?>">아이핀</label>
diff --git a/adm/point_list.php b/adm/point_list.php
index 8d127e1aa..08f44d5b1 100644
--- a/adm/point_list.php
+++ b/adm/point_list.php
@@ -163,7 +163,7 @@ function point_clear()
             <input type="checkbox" name="chk[]" value="<?php echo $i ?>" id="chk_<?php echo $i ?>">
         </td>
         <td class="td_mbid"><a href="?sfl=mb_id&amp;stx=<?php echo $row['mb_id'] ?>"><?php echo $row['mb_id'] ?></a></td>
-        <td class="td_mbname"><?php echo $row2['mb_name'] ?></td>
+        <td class="td_mbname"><?php echo get_text($row2['mb_name']); ?></td>
         <td class="td_name sv_use"><div><?php echo $mb_nick ?></div></td>
         <td class="td_pt_log"><?php echo $link1 ?><?php echo $row['po_content'] ?><?php echo $link2 ?></td>
         <td class="td_num td_pt"><?php echo number_format($row['po_point']) ?></td>
diff --git a/lib/common.lib.php b/lib/common.lib.php
index f14f81dae..4d9660b77 100644
--- a/lib/common.lib.php
+++ b/lib/common.lib.php
@@ -1199,7 +1199,7 @@ function get_sideview($mb_id, $name='', $email='', $homepage='')
     global $bo_table, $sca, $is_admin, $member;
 
     $email = base64_encode($email);
-    $homepage = set_http($homepage);
+    $homepage = set_http(clean_xss_tags($homepage));
 
     $name = preg_replace("/\&#039;/", "", $name);
     $name = preg_replace("/\'/", "", $name);