fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-01-09 03:32:00 +09:00
Code Issues Projects Releases Packages Wiki Activity

#1713 첨부한 파일명을 이용해 임의 코드를 실행할 수 있는 문제 고침

Browse source
This commit is contained in:
bnu 2015-08-18 14:07:33 +09:00
parent 74a74f9256
commit 633da1b13c
2 changed files with 7 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

1
modules/file/file.model.php
View file

@ -220,6 +220,7 @@ class fileModel extends file
{
$file = $file_list[$i];
$file->source_filename = stripslashes($file->source_filename);
$file->source_filename = htmlspecialchars($file->source_filename);
$file->download_url = $this->getDownloadUrl($file->file_srl, $file->sid, $file->module_srl);
$file_list[$i] = $file;
}