From bc786236b1be63a096dcc80b1f43a4ecda0ecb3a Mon Sep 17 00:00:00 2001
From: bnu <bnufactory@gmail.com>
Date: Tue, 23 Sep 2014 12:17:23 +0900
Subject: [PATCH 1/4] =?UTF-8?q?fix=20#980=20=EC=B5=9C=EA=B3=A0=EA=B4=80?=
 =?UTF-8?q?=EB=A6=AC=EC=9E=90=EC=9D=98=20=EB=A1=9C=EA=B7=B8=EC=9D=B8=20?=
 =?UTF-8?q?=EC=9C=A0=EC=A7=80=20=EB=B0=8F=20`session=5Fregenerate=5Fid(tru?=
 =?UTF-8?q?e)`=EB=A1=9C=20=EC=9D=B8=ED=95=9C=20=EC=84=B8=EC=85=98=20?=
 =?UTF-8?q?=EB=8D=B0=EC=9D=B4=ED=84=B0=EA=B0=80=20=EC=9C=A0=EC=A7=80?=
 =?UTF-8?q?=EB=90=98=EC=A7=80=20=EC=95=8A=EC=9D=84=20=EC=88=98=20=EC=9E=88?=
 =?UTF-8?q?=EB=8A=94=20=EB=AC=B8=EC=A0=9C=20=EA=B3=A0=EC=B9=A8?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 modules/member/member.controller.php | 14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

diff --git a/modules/member/member.controller.php b/modules/member/member.controller.php
index 471022202..769944157 100644
--- a/modules/member/member.controller.php
+++ b/modules/member/member.controller.php
@@ -1873,8 +1873,7 @@ class memberController extends member
 	function validateSession()
 	{
 		$destory_session = false;
-
-		if($_SESSION['ipaddress'] != $_SERVER['REMOTE_ADDR']) $destory_session =  true;
+		if($_SESSION['destroyed'] === true) $destory_session = true;
 
 		if($destory_session)
 		{
@@ -1887,9 +1886,16 @@ class memberController extends member
 
 	function regenerateSession()
 	{
-		if(!$_SESSION['session_checkup'] || time() - $_SESSION['session_checkup'] > 30)
+		if(!$_SESSION['session_checkup'])
 		{
-			session_regenerate_id(true);
+			$_SESSION['session_checkup'] = time();
+		}
+
+		if(time() - $_SESSION['session_checkup'] >= 1)
+		{
+			$_SESSION['destroyed'] = true;
+			session_regenerate_id();
+			$_SESSION['destroyed'] = false;
 			$_SESSION['session_checkup'] = time();
 		}
 	}

From 6c0196c917ed872438f19f2e6fac10d6767c0acd Mon Sep 17 00:00:00 2001
From: bnu <bnufactory@gmail.com>
Date: Tue, 23 Sep 2014 12:18:44 +0900
Subject: [PATCH 2/4] =?UTF-8?q?SECISSUE=20fix=20#989=20parameter=EB=A5=BC?=
 =?UTF-8?q?=20=EC=9D=B4=EC=9A=A9=ED=95=9C=20XSS=20=EA=B3=B5=EA=B2=A9=20?=
 =?UTF-8?q?=EA=B0=80=EB=8A=A5=EC=84=B1=20=EB=B0=A9=EC=96=B4?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 classes/context/Context.class.php | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/classes/context/Context.class.php b/classes/context/Context.class.php
index c23563452..23208af4c 100644
--- a/classes/context/Context.class.php
+++ b/classes/context/Context.class.php
@@ -1267,15 +1267,17 @@ class Context
 			$val = array($val);
 		}
 
+		$result = array();
 		foreach($val as $k => $v)
 		{
+			$k = htmlentities($k);
 			if($key === 'page' || $key === 'cpage' || substr_compare($key, 'srl', -3) === 0)
 			{
-				$val[$k] = !preg_match('/^[0-9,]+$/', $v) ? (int) $v : $v;
+				$result[$k] = !preg_match('/^[0-9,]+$/', $v) ? (int) $v : $v;
 			}
 			elseif($key === 'mid' || $key === 'vid' || $key === 'search_keyword')
 			{
-				$val[$k] = htmlspecialchars($v, ENT_COMPAT | ENT_HTML401, 'UTF-8', FALSE);
+				$result[$k] = htmlspecialchars($v, ENT_COMPAT | ENT_HTML401, 'UTF-8', FALSE);
 			}
 			else
 			{
@@ -1286,12 +1288,12 @@ class Context
 
 				if(!is_array($v))
 				{
-					$val[$k] = trim($v);
+					$result[$k] = trim($v);
 				}
 			}
 		}
 
-		return $isArray ? $val : $val[0];
+		return $isArray ? $result : $result[0];
 	}
 
 	/**

From c9c5a00e4ad70cedc7b713bf9375d96ec692d952 Mon Sep 17 00:00:00 2001
From: bnu <bnufactory@gmail.com>
Date: Tue, 23 Sep 2014 13:18:58 +0900
Subject: [PATCH 3/4] version up to 1.7.7

---
 config/config.inc.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/config/config.inc.php b/config/config.inc.php
index 8076a91a7..e436273cc 100644
--- a/config/config.inc.php
+++ b/config/config.inc.php
@@ -29,7 +29,7 @@ define('__ZBXE__', __XE__);
 /**
  * Display XE's full version.
  */
-define('__XE_VERSION__', '1.7.6');
+define('__XE_VERSION__', '1.7.7');
 define('__XE_VERSION_ALPHA__', (stripos(__XE_VERSION__, 'alpha') !== false));
 define('__XE_VERSION_BETA__', (stripos(__XE_VERSION__, 'beta') !== false));
 define('__XE_VERSION_RC__', (stripos(__XE_VERSION__, 'rc') !== false));

From 40bc4c12c5c494b2e2731725f0f96544a3f1e68e Mon Sep 17 00:00:00 2001
From: bnu <bnufactory@gmail.com>
Date: Tue, 23 Sep 2014 13:52:05 +0900
Subject: [PATCH 4/4] =?UTF-8?q?fix=20#961=20=EA=B3=84=EC=A0=95=20=EC=B0=BE?=
 =?UTF-8?q?=EA=B8=B0=20=ED=8E=98=EC=9D=B4=EC=A7=80=EC=97=90=EC=84=9C=20?=
 =?UTF-8?q?=ED=8F=BC=20=EC=A0=84=EC=86=A1=20=EC=8B=9C=20SSL=20=EC=A0=81?=
 =?UTF-8?q?=EC=9A=A9=20=EB=AC=B8=EC=A0=9C=20=EA=B3=A0=EC=B9=A8?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 modules/member/skins/default/find_member_account.html | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/modules/member/skins/default/find_member_account.html b/modules/member/skins/default/find_member_account.html
index 1b7cf67e2..bba843e46 100644
--- a/modules/member/skins/default/find_member_account.html
+++ b/modules/member/skins/default/find_member_account.html
@@ -6,7 +6,7 @@
 	<div cond="$XE_VALIDATOR_MESSAGE && $XE_VALIDATOR_ID == 'modules/member/skin/default/find_member_account/1'" class="message {$XE_VALIDATOR_MESSAGE_TYPE}">
 		<p>{$XE_VALIDATOR_MESSAGE}</p>
 	</div>
-	<form action="{getUrl('')}" method="get" ruleset="findAccount">
+	<form action="{getUrl('', 'act', 'procMemberFindAccount')}" method="get" ruleset="findAccount">
 		<input type="hidden" name="mid" value="{$mid}" />
 		<input type="hidden" name="act" value="procMemberFindAccount" />
 		<input type="hidden" name="document_srl" value="{$document_srl}" />
@@ -25,7 +25,7 @@
 	<div cond="$XE_VALIDATOR_MESSAGE && $XE_VALIDATOR_ID == 'modules/member/skin/default/find_member_account/2'" class="message {$XE_VALIDATOR_MESSAGE_TYPE}">
 		<p>{$XE_VALIDATOR_MESSAGE}</p>
 	</div>
-	<form action="./" method="get" ruleset="@find_member_account_by_question">
+	<form action="{getUrl('', 'act', 'procMemberFindAccountByQuestion')}" method="get" ruleset="@find_member_account_by_question">
 		<input type="hidden" name="module" value="member" />
 		<input type="hidden" name="mid" value="{$mid}" />
 		<input type="hidden" name="document_srl" value="{$document_srl}" />	
@@ -59,7 +59,7 @@
 	<div cond="$XE_VALIDATOR_MESSAGE && $XE_VALIDATOR_ID == 'modules/member/skin/default/find_member_account/3'" class="message {$XE_VALIDATOR_MESSAGE_TYPE}">
 		<p>{$XE_VALIDATOR_MESSAGE}</p>
 	</div>
-	<form ruleset="resendAuthMail" action="./" method="post">
+	<form ruleset="resendAuthMail" action="{getUrl('', 'act', 'procMemberResendAuthMail')}" method="post">
 		<input type="hidden" name="module" value="member" />
 		<input type="hidden" name="act" value="procMemberResendAuthMail" />
 		<input type="hidden" name="success_return_url" value="{getUrl(act, $act)}" />