Commit b74f259b by Kim Gyeongeun

#58990 #1. SQL インジェクションの影響を受ける可能性がある

#58991 #2. XSS(反射型)の影響を受ける可能性がある
parent f6ca2aaf
...@@ -9,6 +9,7 @@ import javax.mail.MessagingException; ...@@ -9,6 +9,7 @@ import javax.mail.MessagingException;
import org.apache.commons.collections.CollectionUtils; import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.lang.RandomStringUtils; import org.apache.commons.lang.RandomStringUtils;
import org.seasar.extension.jdbc.AutoSelect; import org.seasar.extension.jdbc.AutoSelect;
import org.seasar.extension.jdbc.where.ComplexWhere;
import org.seasar.extension.jdbc.where.SimpleWhere; import org.seasar.extension.jdbc.where.SimpleWhere;
import org.seasar.framework.beans.util.BeanMap; import org.seasar.framework.beans.util.BeanMap;
import org.seasar.framework.beans.util.Beans; import org.seasar.framework.beans.util.Beans;
...@@ -93,10 +94,15 @@ public class MemberService extends AbstractService<Member> { ...@@ -93,10 +94,15 @@ public class MemberService extends AbstractService<Member> {
*/ */
public List<Member> findByEmail(String email) { public List<Member> findByEmail(String email) {
//入力されたemailでsub_pc_email,main_pc_emailともに検索する。 //入力されたemailでsub_pc_email,main_pc_emailともに検索する。
return jdbcManager.from(Member.class).where(" '"+email+"' in (sub_pc_email,main_pc_email) and del_flg = ? and valid_flg = ? " // return jdbcManager.from(Member.class).where(" '"+email+"' in (sub_pc_email,main_pc_email) and del_flg = ? and valid_flg = ? "
,Integer.parseInt(SinaburoConstant.DelFlg.NOT_DEL) // ,Integer.parseInt(SinaburoConstant.DelFlg.NOT_DEL)
,SinaburoConstant.ValidFlg.VALID // ,SinaburoConstant.ValidFlg.VALID
).getResultList(); // ).getResultList();
// 脆弱性対応
return select().where(new SimpleWhere().eq("delFlg", SinaburoConstant.DelFlg.NOT_DEL).eq("validFlg", SinaburoConstant.ValidFlg.VALID),
new ComplexWhere().eq("mainPcEmail", email)
.or()
.eq("subPcEmail", email)).getResultList();
} }
......
...@@ -111,8 +111,9 @@ ...@@ -111,8 +111,9 @@
<tr> <tr>
<td>生年月日</td> <td>生年月日</td>
<td> <td>
#if($!memberEditForm.birthdayY+$!memberEditForm.birthdayM+$!memberEditForm.birthdayD.length() != 0) #set($yyyymmdd = $!memberEditForm.birthdayY + $!memberEditForm.birthdayM + $!memberEditForm.birthdayD)
$!memberEditForm.birthdayY年$!memberEditForm.birthdayM月$!memberEditForm.birthdayD日 #if($yyyymmdd.length() != 0)
#he($!memberEditForm.birthdayY)年#he($!memberEditForm.birthdayM)月#he($!memberEditForm.birthdayD)日
#else 未選択 #else 未選択
#end #end
</td> </td>
...@@ -123,12 +124,12 @@ ...@@ -123,12 +124,12 @@
</tr> </tr>
<tr> <tr>
<td>ポイント</td> <td>ポイント</td>
<td>$!escape.html($!memberEditForm.point) <td>#he($!memberEditForm.point)
</td> </td>
</tr> </tr>
<tr style="vertical-align:top"> <tr style="vertical-align:top">
<td style="vertical-align:top" >メモ</td> <td style="vertical-align:top" >メモ</td>
<td>$!escape.html($!memberEditForm.memo) <td>#he($!memberEditForm.memo)
</td> </td>
</tr> </tr>
...@@ -140,9 +141,9 @@ ...@@ -140,9 +141,9 @@
</div> </div>
##</div> ##</div>
#makeToken() #makeToken()
<input type="hidden" name="loginIdBefore" value="$!memberEditForm.loginIdBefore"> <input type="hidden" name="loginIdBefore" value='#he("$!{memberEditForm.loginIdBefore}")'>
<input type="hidden" name="mainPcEmailBefore" value="$!memberEditForm.mainPcEmailBefore"> <input type="hidden" name="mainPcEmailBefore" value='#he("$!{memberEditForm.mainPcEmailBefore}")'>
<input type="hidden" name="subPcEmailBefore" value="$!memberEditForm.subPcEmailBefore"> <input type="hidden" name="subPcEmailBefore" value='#he("$!{memberEditForm.subPcEmailBefore}")'>
</form> </form>
</div> </div>
</div> </div>
......
...@@ -242,14 +242,14 @@ ...@@ -242,14 +242,14 @@
</tr> </tr>
<tr> <tr>
<td>ポイント<font class="listpoint">*</font></td> <td>ポイント<font class="listpoint">*</font></td>
<td><input name="point" type="text" / class="w250" value="$!escape.html($!memberEditForm.point)"> <td><input name="point" type="text" / class="w250" value='#he("$!{memberEditForm.point}")'>
<BR>$!tools.getMsg("point") <BR>$!tools.getMsg("point")
</td> </td>
</tr> </tr>
<tr> <tr>
<td style="vertical-align:top" >メモ</td> <td style="vertical-align:top" >メモ</td>
<td> <td>
<textarea name="memo" cols="35" rows="5" class="w180 mgt5">$!memberEditForm.memo</textarea> <textarea name="memo" cols="35" rows="5" class="w180 mgt5">#he($!memberEditForm.memo)</textarea>
<BR>$!tools.getMsg("memo") <BR>$!tools.getMsg("memo")
</td> </td>
</tr> </tr>
...@@ -267,11 +267,11 @@ ...@@ -267,11 +267,11 @@
</div> </div>
##</div> ##</div>
#makeToken() #makeToken()
<input type="hidden" name="loginIdBefore" value="$!memberEditForm.loginIdBefore"> <input type="hidden" name="loginIdBefore" value='#he("$!{memberEditForm.loginIdBefore}")'>
<input type="hidden" name="mainPcEmailBefore" value="$!memberEditForm.mainPcEmailBefore"> <input type="hidden" name="mainPcEmailBefore" value='#he("$!{memberEditForm.mainPcEmailBefore}")'>
<input type="hidden" name="subPcEmailBefore" value="$!memberEditForm.subPcEmailBefore"> <input type="hidden" name="subPcEmailBefore" value='#he("$!{memberEditForm.subPcEmailBefore}")'>
<input type="hidden" name="memberId" value="$!memberEditForm.memberId"> <input type="hidden" name="memberId" value='#he("$!{memberEditForm.memberId}")'>
<input type="hidden" name="withDrawFlgBefore" value="$!memberEditForm.withDrawFlgBefore"> <input type="hidden" name="withDrawFlgBefore" value='#he("$!{memberEditForm.withDrawFlgBefore}")'>
</form> </form>
</div> </div>
......
...@@ -220,14 +220,14 @@ ...@@ -220,14 +220,14 @@
## </tr> ## </tr>
<tr> <tr>
<td>ポイント<font class="listpoint">*</font></td> <td>ポイント<font class="listpoint">*</font></td>
<td><input name="point" type="text" / class="w250" value="$!escape.html($!memberEditForm.point)"> <td><input name="point" type="text" / class="w250" value='#he("$!{memberEditForm.point}")'>
<BR>$!tools.getMsg("point") <BR>$!tools.getMsg("point")
</td> </td>
</tr> </tr>
<tr> <tr>
<td style="vertical-align:top" >メモ</td> <td style="vertical-align:top" >メモ</td>
<td> <td>
<textarea name="memo" cols="35" rows="5" class="w180 mgt5">$!memberEditForm.memo</textarea> <textarea name="memo" cols="35" rows="5" class="w180 mgt5">#he($!memberEditForm.memo)</textarea>
<BR>$!tools.getMsg("memo") <BR>$!tools.getMsg("memo")
</td> </td>
</tr> </tr>
...@@ -242,10 +242,10 @@ ...@@ -242,10 +242,10 @@
<button class="button" onclick="send_check(); return false;">入力情報確認</button> <button class="button" onclick="send_check(); return false;">入力情報確認</button>
</div> </div>
##</div> ##</div>
<input type="hidden" name="loginIdBefore" value="$!memberEditForm.loginIdBefore"> <input type="hidden" name="loginIdBefore" value='#he("$!{memberEditForm.loginIdBefore}")'>
<input type="hidden" name="mainPcEmailBefore" value="$!memberEditForm.mainPcEmailBefore"> <input type="hidden" name="mainPcEmailBefore" value='#he("$!{memberEditForm.mainPcEmailBefore}")'>
<input type="hidden" name="subPcEmailBefore" value="$!memberEditForm.subPcEmailBefore"> <input type="hidden" name="subPcEmailBefore" value='#he("$!{memberEditForm.subPcEmailBefore}")'>
<input type="hidden" name="memberId" value="$!memberEditForm.memberId"> <input type="hidden" name="memberId" value='#he("$!{memberEditForm.memberId}")'>
</form> </form>
</div> </div>
......
...@@ -106,8 +106,9 @@ ...@@ -106,8 +106,9 @@
<tr> <tr>
<td style="vertical-align:top">生年月日</td> <td style="vertical-align:top">生年月日</td>
<td> <td>
#if($!memberEditForm.birthdayY+$!memberEditForm.birthdayM+$!memberEditForm.birthdayD.length() != 0) #set($yyyymmdd = $!memberEditForm.birthdayY + $!memberEditForm.birthdayM + $!memberEditForm.birthdayD)
$!memberEditForm.birthdayY年$!memberEditForm.birthdayM月$!memberEditForm.birthdayD日 #if($yyyymmdd.length() != 0)
#he($!memberEditForm.birthdayY)年#he($!memberEditForm.birthdayM)月#he($!memberEditForm.birthdayD)日
#else 未選択 #else 未選択
#end #end
</td> </td>
...@@ -119,12 +120,12 @@ ...@@ -119,12 +120,12 @@
## </tr> ## </tr>
<tr> <tr>
<td>ポイント</td> <td>ポイント</td>
<td>$!escape.html($!memberEditForm.point) <td>#he($!memberEditForm.point)
</td> </td>
</tr> </tr>
<tr> <tr>
<td style="vertical-align:top" >メモ</td> <td style="vertical-align:top" >メモ</td>
<td>$!escape.html($!memberEditForm.memo) <td>#he($!memberEditForm.memo)
</td> </td>
</tr> </tr>
...@@ -136,9 +137,9 @@ ...@@ -136,9 +137,9 @@
</div> </div>
##</div> ##</div>
#makeToken() #makeToken()
<input type="hidden" name="loginIdBefore" value="$!memberEditForm.loginIdBefore"> <input type="hidden" name="loginIdBefore" value='#he("$!{memberEditForm.loginIdBefore}")'>
<input type="hidden" name="mainPcEmailBefore" value="$!memberEditForm.mainPcEmailBefore"> <input type="hidden" name="mainPcEmailBefore" value='#he("$!{memberEditForm.mainPcEmailBefore}")'>
<input type="hidden" name="subPcEmailBefore" value="$!memberEditForm.subPcEmailBefore"> <input type="hidden" name="subPcEmailBefore" value='#he("$!{memberEditForm.subPcEmailBefore}")'>
</form> </form>
</div> </div>
</div> </div>
......
...@@ -88,7 +88,7 @@ function formClear(form_obj){ ...@@ -88,7 +88,7 @@ function formClear(form_obj){
<tr> <tr>
<td class="w100">電話</td> <td class="w100">電話</td>
<td><input name="telNo" type="text" class="w180 mgl10" value="$!escape.html($!memberSearchForm.telNo)">&nbsp;を含む</td> <td><input name="telNo" type="text" class="w180 mgl10" value="$!escape.html($!memberSearchForm.telNo)">&nbsp;を含む</td>
<td class="w100">性別$!memberSearchForm.genderCd</td> <td class="w100">性別#he($!memberSearchForm.genderCd)</td>
<td> <td>
<select name="genderCd" id="genderCd" class="w100 mgl10"> <select name="genderCd" id="genderCd" class="w100 mgl10">
<option value=""></option> <option value=""></option>
......
...@@ -38,19 +38,19 @@ ...@@ -38,19 +38,19 @@
#end #end
<h3 class="table_title">管理者情報 </h3> <h3 class="table_title">管理者情報 </h3>
<form method="POST" action="#q('/admin/setting/adminRegist/confirm/')" > <form method="POST" action="#q('/admin/setting/adminRegist/confirm/')" >
<input type="hidden" name="clickedLoginId" id="clickedLoginId" value="$!clickedLoginId"/> <input type="hidden" name="clickedLoginId" id="clickedLoginId" value='#he("$!{clickedLoginId}")'/>
#if($adminUserIndex) #if($adminUserIndex)
#set($adminUser = $adminRegistForm.adminUserList.get($adminUserIndex)) #set($adminUser = $adminRegistForm.adminUserList.get($adminUserIndex))
#end #end
<input type="hidden" name="updateFlag" id="updateFlag" value="$!adminRegistForm.updateFlag"/> <input type="hidden" name="updateFlag" id="updateFlag" value='#he("$!{adminRegistForm.updateFlag}")'/>
<input type="hidden" name="pageNo" id="pageNo" value="${pageNo}"/> <input type="hidden" name="pageNo" id="pageNo" value='#he("$!{pageNo}")'/>
<table border="0" cellpadding="0" cellspacing="0" class="stripe2 mgb10 w840"> <table border="0" cellpadding="0" cellspacing="0" class="stripe2 mgb10 w840">
<tr> <tr>
<td class="w240 t_center">ログインID<font class="listpoint">*</font></td> <td class="w240 t_center">ログインID<font class="listpoint">*</font></td>
<td class="w600 t_left" colspan="2"><input name="loginId" type="text" class="w230" value="$!escape.html($!{adminRegistForm.loginId})"/><BR>$tools.getMsg("loginId") $tools.getMsg("repetLoginId") <td class="w600 t_left" colspan="2"><input name="loginId" type="text" class="w230" value="$!escape.html($!{adminRegistForm.loginId})"/><BR>$tools.getMsg("loginId") $tools.getMsg("repetLoginId")
<input name="adminUserId" type="hidden" value="$!{adminUserId}"/> <input name="adminUserId" type="hidden" value='#he("$!{adminUserId}")'/>
<input name="delFlg" type="hidden" value="$!{delFlg}"/> <input name="delFlg" type="hidden" value='#he("$!{delFlg}")'/>
</td> </td>
</tr> </tr>
<tr> <tr>
......
...@@ -39,10 +39,10 @@ ...@@ -39,10 +39,10 @@
<div id="right_contents"> <div id="right_contents">
<h3 class="table_title">管理者#if($!adminRegistForm.updateFlag=="update")編集#else登録#end確認</h3> <h3 class="table_title">管理者#if($!adminRegistForm.updateFlag=="update")編集#else登録#end確認</h3>
<form method="POST" action="#q('/admin/setting/adminRegist/regist/')" > <form method="POST" action="#q('/admin/setting/adminRegist/regist/')" >
<input type="hidden" name="loginIdFromList" id="loginIdFromList" value="$!loginIdFromList"/> <input type="hidden" name="loginIdFromList" id="loginIdFromList" value='#he("$!{loginIdFromList}")'/>
<input type="hidden" name="clickedLoginId" id="clickedLoginId" value="$!clickedLoginId"/> <input type="hidden" name="clickedLoginId" id="clickedLoginId" value='#he("$!{clickedLoginId}")'/>
<input type="hidden" name="updateFlag" id="updateFlag" value="$!adminRegistForm.updateFlag"/> <input type="hidden" name="updateFlag" id="updateFlag" value='#he("$!{adminRegistForm.updateFlag}")'/>
<input type="hidden" name="pageNo" id="pageNo" value="${pageNo}"/> <input type="hidden" name="pageNo" id="pageNo" value='#he("$!{pageNo}")'/>
<table border="0" cellpadding="0" cellspacing="0" class="stripe2 mgb30 w850"> <table border="0" cellpadding="0" cellspacing="0" class="stripe2 mgb30 w850">
...@@ -65,12 +65,12 @@ ...@@ -65,12 +65,12 @@
</tr> </tr>
##<tr> ##<tr>
##<td class="w840 t_center" colspan="2"> ##<td class="w840 t_center" colspan="2">
## <input type="hidden" name="adminUserId" value="$!{adminRegistForm.adminUserId}"/> ## <input type="hidden" name="adminUserId" value='#he("$!{adminUserId}")'/>
## <input type="hidden" name="loginId" value="$!{adminRegistForm.loginId}"/> ## <input type="hidden" name="loginId" value='#he("$!{adminRegistForm.loginId}")'/>
## <input type="hidden" name="password" value="$!{adminRegistForm.password}"/> ## <input type="hidden" name="password" value='#he("$!{adminRegistForm.password}")'/>
## <input type="hidden" name="adminUserName" value="$!{adminRegistForm.adminUserName}"/> ## <input type="hidden" name="adminUserName" value='#he("$!{adminRegistForm.adminUserName}")'/>
## <input type="hidden" name="email" value="$!{adminRegistForm.email}"/> ## <input type="hidden" name="email" value='#he("$!{adminRegistForm.email}")'/>
<input type="hidden" name="delFlg" value="$!{adminRegistForm.delFlg}"/> <input type="hidden" name="delFlg" value='#he("$!{adminRegistForm.delFlg}")'/>
##<input type="button" class="button" onclick="back();" value="戻る"/>&nbsp;&nbsp;<input type="submit" class="button" value="登録"/> ##<input type="button" class="button" onclick="back();" value="戻る"/>&nbsp;&nbsp;<input type="submit" class="button" value="登録"/>
##</td> ##</td>
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment