remove get_magic_quotes_gpc

2024-09-30 18:36:48 +09:00 · 2024-09-30 18:36:48 +09:00 · ecf7751bcf
commit ecf7751bcf
parent 1d086f7706
3 changed files with 57 additions and 34 deletions
--- a/AvocadoEdition_Light/bbs/write_update.php
+++ b/AvocadoEdition_Light/bbs/write_update.php
@ -596,9 +596,7 @@ if ($upload_count != 0) {
 // 나중에 테이블에 저장하는 이유는 $wr_id 값을 저장해야 하기 때문입니다.
 for ($i = 0; $i < count($upload); $i++) {
-  if (!get_magic_quotes_gpc()) {
+  $upload[$i]['source'] = handle_magic_quotes($upload[$i]['source']);
    $upload[$i]['source'] = addslashes($upload[$i]['source']);
  }
  $row = sql_fetch("SELECT count(*) as cnt FROM {$g5['board_file_table']} where bo_table = '{$bo_table}' and wr_id = '{$wr_id}' and bf_no = '{$i}' ");
  if ($row['cnt']) {
--- a/AvocadoEdition_Light/bbs/write_update_file.php
+++ b/AvocadoEdition_Light/bbs/write_update_file.php
@ -582,9 +582,7 @@ for ($i = 0; $i < count($_FILES['bf_file']['name']); $i++) {
 // 나중에 테이블에 저장하는 이유는 $wr_id 값을 저장해야 하기 때문입니다.
 for ($i = 0; $i < count($upload); $i++) {
-  if (!get_magic_quotes_gpc()) {
+  $upload[$i]['source'] = handle_magic_quotes($upload[$i]['source']);
    $upload[$i]['source'] = addslashes($upload[$i]['source']);
  }
  $row = sql_fetch("SELECT count(*) as cnt FROM {$g5['board_file_table']} where bo_table = '{$bo_table}' and wr_id = '{$wr_id}' and bf_no = '{$i}' ");
  if ($row['cnt']) {
--- a/AvocadoEdition_Light/common.php
+++ b/AvocadoEdition_Light/common.php
@ -158,6 +158,25 @@ function array_map_deep($fn, $array)
  return $array;
 }
 /**
 * Magic Quotes와 호환되는 방식으로 문자열을 처리합니다.
 * PHP 5.6부터 PHP 8.3까지 호환됩니다.
 *
 * @param string $value 처리할 문자열
 * @return string 처리된 문자열
 */
 function handle_magic_quotes($value)
 {
  if (version_compare(PHP_VERSION, '7.4.0', '>=')) {
    return addslashes($value);
  } else {
    if (!get_magic_quotes_gpc()) {
      return addslashes($value);
    }
  }
  return $value;
 }
 // SQL Injection 대응 문자열 필터링
 function sql_escape_string($str)
 {
@ -377,11 +396,13 @@ if (file_exists($dbconfig_file)) {
 } else {
  ?><!doctype html>
  <html lang="ko">
  <head>
    <meta charset="utf-8">
    <title>오류! <?php echo G5_VERSION ?> 설치하기</title>
    <link rel="stylesheet" href="install/install.css">
  </head>
  <body>
    <div id="ins_bar">
      <span id="bar_img">AVOCADO EDITION</span>
@ -403,7 +424,8 @@ if (file_exists($dbconfig_file)) {
      <p>GPL! OPEN SOURCE GNUBOARD</p>
    </div>
  </body>
-</html><?php
+
  </html><?php
  exit;
 }
@ -417,13 +439,16 @@ if (strstr($url, 'adm')) {
 if (!defined('G5_IS_ADMIN')) {
  $cssconfig_file = G5_DATA_PATH . '/css/_design.config.css';
  if (!file_exists($cssconfig_file)) {
-    ?><!doctype html>
+    ?>
    <!doctype html>
    <html lang="ko">
    <head>
      <meta charset="utf-8">
      <title>오류! <?php echo G5_VERSION ?> 설치하기</title>
      <link rel="stylesheet" href="<?= G5_URL ?>/install/install.css">
    </head>
    <body>
      <div id="ins_bar">
        <span id="bar_img">AVOCADO EDITION</span>
@ -444,7 +469,9 @@ if (!defined('G5_IS_ADMIN')) {
        <p>GPL! OPEN SOURCE GNUBOARD</p>
      </div>
    </body>
-</html><?php exit;
+
    </html>
    <?php exit;
  }
 }