fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-05-08 11:33:55 +09:00
Code Issues Projects Releases Packages Wiki Activity

Merge pull request #1019 from stellar12/develop

Browse source 
Vid parameter 이용한 취약점 발생 가능성 방지
This commit is contained in:
bnu 2014-10-20 19:06:41 +09:00
commit 3ecf7be593
1 changed files with 5 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

6
classes/context/Context.class.php
View file

@ -1289,10 +1289,14 @@ class Context
{
$result[$k] = !preg_match('/^[0-9,]+$/', $v) ? (int) $v : $v;
}
elseif($key === 'mid' || $key === 'vid' || $key === 'search_keyword')
elseif($key === 'mid' || $key === 'search_keyword')
{
$result[$k] = htmlspecialchars($v, ENT_COMPAT | ENT_HTML401, 'UTF-8', FALSE);
}
elseif($key === 'vid')
{
$result[$k] = urlencode($v);
}
else
{
$result[$k] = $v;