From 3bee8746a1516c417fa4f89cbdbf5152f17638ff Mon Sep 17 00:00:00 2001
From: chicpro <chicpro@gmail.com>
Date: Mon, 13 May 2013 18:04:01 +0900
Subject: [PATCH 1/4] =?UTF-8?q?=EC=83=81=ED=92=88=EB=B3=B5=EC=82=AC?=
 =?UTF-8?q?=EC=97=90=EC=84=9C=20form=20=ED=83=9C=EA=B7=B8=20=EC=B6=94?=
 =?UTF-8?q?=EA=B0=80?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 adm/shop_admin/item_copy.php | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/adm/shop_admin/item_copy.php b/adm/shop_admin/item_copy.php
index 9e22b4467..ce3f9b93a 100644
--- a/adm/shop_admin/item_copy.php
+++ b/adm/shop_admin/item_copy.php
@@ -8,6 +8,7 @@ $g4['title'] = '상품 복사';
 include_once(G4_PATH.'/head.sub.php');
 ?>
 
+<form name="fitemcopy">
 <div class="cbox">
     <h1>상품 복사</h1>
 
@@ -15,7 +16,7 @@ include_once(G4_PATH.'/head.sub.php');
     <tbody>
     <tr>
         <th scope="row"><label for="new_it_id">상품코드</label></th>
-        <td><input type="text" value="<?php echo time(); ?>" id="new_it_id" class="frm_input"></td>
+        <td><input type="text" name="new_it_id" value="<?php echo time(); ?>" id="new_it_id" class="frm_input"></td>
     </tr>
     </tbody>
     </table>
@@ -29,12 +30,14 @@ include_once(G4_PATH.'/head.sub.php');
 </form>
 
 <script>
+// <![CDATA[
 function _copy(link)
 {
     var new_it_id = document.getElementById('new_it_id').value;
-    opener.parent.location.href = encodeURI(link+'&amp;new_it_id='+new_it_id);
+    opener.parent.location.href = encodeURI(link+'&new_it_id='+new_it_id);
     self.close();
 }
+// ]]>
 </script>
 
 <?php

From aa1ed0378488c5c85dd25514d47170b982bfbe53 Mon Sep 17 00:00:00 2001
From: chicpro <chicpro@gmail.com>
Date: Mon, 13 May 2013 18:04:53 +0900
Subject: [PATCH 2/4] =?UTF-8?q?goto=5Furl=20=EA=B2=BD=EB=A1=9C=EC=97=90?=
 =?UTF-8?q?=EC=84=9C=20$ca=5Fid=EB=A5=BC=20ca=5Fid=EB=A1=9C=20=EC=88=98?=
 =?UTF-8?q?=EC=A0=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 adm/shop_admin/item_copy_update.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/adm/shop_admin/item_copy_update.php b/adm/shop_admin/item_copy_update.php
index 05cfabc14..260177d71 100644
--- a/adm/shop_admin/item_copy_update.php
+++ b/adm/shop_admin/item_copy_update.php
@@ -60,7 +60,7 @@ for ($i=0; $row=sql_fetch_array($result); $i++) {
     sql_query($sql);
 }
 
-$qstr = "$ca_id=$ca_id&amp;sfl=$sfl&amp;sca=$sca&amp;page=$page&amp;stx=".urlencode($stx)."&amp;save_stx=".urlencode($save_stx);
+$qstr = "ca_id=$ca_id&amp;sfl=$sfl&amp;sca=$sca&amp;page=$page&amp;stx=".urlencode($stx)."&amp;save_stx=".urlencode($save_stx);
 
 goto_url("itemlist.php?$qstr");
 ?>
\ No newline at end of file

From f3a87afdf1848ce7c7caf4a65ca6e51b0d5c00b2 Mon Sep 17 00:00:00 2001
From: chicpro <chicpro@gmail.com>
Date: Mon, 13 May 2013 18:11:55 +0900
Subject: [PATCH 3/4] =?UTF-8?q?it=5Fid=20=ED=83=80=EC=9E=85=20varchr(20)?=
 =?UTF-8?q?=EC=9C=BC=EB=A1=9C=20=EB=B3=80=EA=B2=BD?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 install/shop.sql | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/install/shop.sql b/install/shop.sql
index aef0a8d08..07a1b9853 100644
--- a/install/shop.sql
+++ b/install/shop.sql
@@ -56,7 +56,7 @@ DROP TABLE IF EXISTS `shop_cart`;
 CREATE TABLE IF NOT EXISTS `shop_cart` (
   `ct_id` int(11) NOT NULL AUTO_INCREMENT,
   `uq_id` bigint(20) unsigned NOT NULL,
-  `it_id` varchar(10) NOT NULL DEFAULT '0',
+  `it_id` varchar(20) NOT NULL DEFAULT '',
   `it_opt1` varchar(255) NOT NULL DEFAULT '',
   `it_opt2` varchar(255) NOT NULL DEFAULT '',
   `it_opt3` varchar(255) NOT NULL DEFAULT '',
@@ -317,7 +317,7 @@ CREATE TABLE IF NOT EXISTS `shop_event` (
 DROP TABLE IF EXISTS `shop_event_item`;
 CREATE TABLE IF NOT EXISTS `shop_event_item` (
   `ev_id` int(11) NOT NULL DEFAULT '0',
-  `it_id` varchar(10) NOT NULL DEFAULT '',
+  `it_id` varchar(20) NOT NULL DEFAULT '',
   PRIMARY KEY (`ev_id`,`it_id`),
   KEY `it_id` (`it_id`)
 ) ENGINE=MyISAM DEFAULT CHARSET=utf8;
@@ -363,7 +363,7 @@ CREATE TABLE IF NOT EXISTS `shop_faq_master` (
 
 DROP TABLE IF EXISTS `shop_item`;
 CREATE TABLE IF NOT EXISTS `shop_item` (
-  `it_id` varchar(10) NOT NULL DEFAULT '',
+  `it_id` varchar(20) NOT NULL DEFAULT '',
   `ca_id` varchar(10) NOT NULL DEFAULT '0',
   `ca_id2` varchar(255) NOT NULL DEFAULT '',
   `ca_id3` varchar(255) NOT NULL DEFAULT '',
@@ -424,7 +424,7 @@ CREATE TABLE IF NOT EXISTS `shop_item` (
 DROP TABLE IF EXISTS `shop_item_info`;
 CREATE TABLE IF NOT EXISTS `shop_item_info` (
   `ii_id` int(11) NOT NULL AUTO_INCREMENT,
-  `it_id` varchar(10) NOT NULL,
+  `it_id` varchar(20) NOT NULL,
   `ii_gubun` varchar(50) NOT NULL,
   `ii_article` varchar(50) NOT NULL,
   `ii_title` varchar(255) NOT NULL,
@@ -442,7 +442,7 @@ CREATE TABLE IF NOT EXISTS `shop_item_info` (
 DROP TABLE IF EXISTS `shop_item_ps`;
 CREATE TABLE IF NOT EXISTS `shop_item_ps` (
   `is_id` int(11) NOT NULL AUTO_INCREMENT,
-  `it_id` varchar(10) NOT NULL DEFAULT '0',
+  `it_id` varchar(20) NOT NULL DEFAULT '0',
   `mb_id` varchar(20) NOT NULL DEFAULT '',
   `is_name` varchar(255) NOT NULL DEFAULT '',
   `is_password` varchar(255) NOT NULL DEFAULT '',
@@ -465,7 +465,7 @@ CREATE TABLE IF NOT EXISTS `shop_item_ps` (
 DROP TABLE IF EXISTS `shop_item_qa`;
 CREATE TABLE IF NOT EXISTS `shop_item_qa` (
   `iq_id` int(11) NOT NULL AUTO_INCREMENT,
-  `it_id` varchar(10) NOT NULL DEFAULT '',
+  `it_id` varchar(20) NOT NULL DEFAULT '',
   `mb_id` varchar(20) NOT NULL DEFAULT '',
   `iq_name` varchar(255) NOT NULL DEFAULT '',
   `iq_password` varchar(255) NOT NULL DEFAULT '',
@@ -485,7 +485,7 @@ CREATE TABLE IF NOT EXISTS `shop_item_qa` (
 
 DROP TABLE IF EXISTS `shop_item_relation`;
 CREATE TABLE IF NOT EXISTS `shop_item_relation` (
-  `it_id` varchar(10) NOT NULL DEFAULT '',
+  `it_id` varchar(20) NOT NULL DEFAULT '',
   `it_id2` varchar(10) NOT NULL DEFAULT '',
   PRIMARY KEY (`it_id`,`it_id2`)
 ) ENGINE=MyISAM DEFAULT CHARSET=utf8;
@@ -607,7 +607,7 @@ DROP TABLE IF EXISTS `shop_wish`;
 CREATE TABLE IF NOT EXISTS `shop_wish` (
   `wi_id` int(11) NOT NULL AUTO_INCREMENT,
   `mb_id` varchar(20) NOT NULL DEFAULT '',
-  `it_id` varchar(10) NOT NULL DEFAULT '0',
+  `it_id` varchar(20) NOT NULL DEFAULT '0',
   `wi_time` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
   `wi_ip` varchar(25) NOT NULL DEFAULT '',
   PRIMARY KEY (`wi_id`),

From cd0bfe4431f078fe16e4770d4c0159f2ee7578a8 Mon Sep 17 00:00:00 2001
From: chicpro <chicpro@gmail.com>
Date: Mon, 13 May 2013 18:12:23 +0900
Subject: [PATCH 4/4] =?UTF-8?q?it=5Fid=20=ED=83=80=EC=9E=85=20=EB=B3=80?=
 =?UTF-8?q?=EA=B2=BD=20=EB=B0=8F=20=EC=83=81=ED=92=88=EC=BD=94=EB=93=9C=20?=
 =?UTF-8?q?=EC=B2=B4=ED=81=AC=20=EC=BD=94=EB=93=9C=20=EC=B6=94=EA=B0=80?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 adm/shop_admin/item_copy.php        |  7 +++++-
 adm/shop_admin/item_copy_update.php |  4 ++++
 adm/shop_admin/itemform.php         | 24 +++++++++++++++++--
 adm/shop_admin/itemformupdate.php   |  8 ++++++-
 adm/shop_admin/itemlist.php         | 37 +++++++----------------------
 5 files changed, 47 insertions(+), 33 deletions(-)

diff --git a/adm/shop_admin/item_copy.php b/adm/shop_admin/item_copy.php
index ce3f9b93a..072dcc7bf 100644
--- a/adm/shop_admin/item_copy.php
+++ b/adm/shop_admin/item_copy.php
@@ -16,7 +16,7 @@ include_once(G4_PATH.'/head.sub.php');
     <tbody>
     <tr>
         <th scope="row"><label for="new_it_id">상품코드</label></th>
-        <td><input type="text" name="new_it_id" value="<?php echo time(); ?>" id="new_it_id" class="frm_input"></td>
+        <td><input type="text" name="new_it_id" value="<?php echo time(); ?>" id="new_it_id" class="frm_input" maxlength="20"></td>
     </tr>
     </tbody>
     </table>
@@ -34,6 +34,11 @@ include_once(G4_PATH.'/head.sub.php');
 function _copy(link)
 {
     var new_it_id = document.getElementById('new_it_id').value;
+    var t_it_id = new_it_id.replace(/[A-Za-z0-9\-]/g, "");
+    if(t_it_id.length > 0) {
+        alert("상품코드는 영문자, 숫자, - 만 사용할 수 있습니다.");
+        return false;
+    }
     opener.parent.location.href = encodeURI(link+'&new_it_id='+new_it_id);
     self.close();
 }
diff --git a/adm/shop_admin/item_copy_update.php b/adm/shop_admin/item_copy_update.php
index 260177d71..d6abf7a49 100644
--- a/adm/shop_admin/item_copy_update.php
+++ b/adm/shop_admin/item_copy_update.php
@@ -10,6 +10,10 @@ if ($is_admin != "super")
 if (!trim($it_id))
 	alert("복사할 상품코드가 없습니다.");
 
+$t_it_id = preg_replace("/[A-Za-z0-9\-]/", "", $new_it_id);
+if($t_it_id)
+    alert("상품코드는 영문자, 숫자, - 만 사용할 수 있습니다.");
+
 $row = sql_fetch(" select count(*) as cnt from {$g4['shop_item_table']} where it_id = '$new_it_id' ");
 if ($row['cnt'])
     alert('이미 존재하는 상품코드 입니다.');
diff --git a/adm/shop_admin/itemform.php b/adm/shop_admin/itemform.php
index 6a350dc9a..74985ed52 100644
--- a/adm/shop_admin/itemform.php
+++ b/adm/shop_admin/itemform.php
@@ -6,6 +6,20 @@ include_once(G4_LIB_PATH.'/iteminfo.lib.php');
 
 auth_check($auth[$sub_menu], "w");
 
+// it_id type 수정
+$sql = " SHOW COLUMNS FROM `{$g4['shop_item_table']}` WHERE field = 'it_id' ";
+$row = sql_fetch($sql);
+if(intval(preg_replace("/[^0-9]/", "", $row['Type'])) != 20) {
+    sql_query(" ALTER TABLE `{$g4['shop_item_table']}` MODIFY COLUMN it_id VARCHAR(20) NOT NULL DEFAULT '' ", false);
+    sql_query(" ALTER TABLE `{$g4['shop_cart_table']}` MODIFY COLUMN it_id VARCHAR(20) NOT NULL DEFAULT '' ", false);
+    sql_query(" ALTER TABLE `{$g4['shop_item_qa_table']}` MODIFY COLUMN it_id VARCHAR(20) NOT NULL DEFAULT '' ", false);
+    sql_query(" ALTER TABLE `{$g4['shop_item_ps_table']}` MODIFY COLUMN it_id VARCHAR(20) NOT NULL DEFAULT '' ", false);
+    sql_query(" ALTER TABLE `{$g4['shop_item_relation_table']}` MODIFY COLUMN it_id VARCHAR(20) NOT NULL DEFAULT '' ", false);
+    sql_query(" ALTER TABLE `{$g4['shop_item_relation_table']}` MODIFY COLUMN it_id2 VARCHAR(20) NOT NULL DEFAULT '' ", false);
+    sql_query(" ALTER TABLE `{$g4['shop_event_item_table']}` MODIFY COLUMN it_id VARCHAR(20) NOT NULL DEFAULT '' ", false);
+    sql_query(" ALTER TABLE `{$g4['shop_wish_table']}` MODIFY COLUMN it_id VARCHAR(20) NOT NULL DEFAULT '' ", false);
+}
+
 $html_title = "상품 ";
 
 if ($w == "")
@@ -204,8 +218,8 @@ $pg_anchor ='<ul class="anchor">
             <?php if ($w == '') { // 추가 ?>
                 <!-- 최근에 입력한 코드(자동 생성시)가 목록의 상단에 출력되게 하려면 아래의 코드로 대체하십시오. -->
                 <!-- <input type=text class=required name=it_id value="<?php echo 10000000000-time()?>" size=12 maxlength=10 required> <a href='javascript:;' onclick="codedupcheck(document.all.it_id.value)"><img src='./img/btn_code.gif' border=0 align=absmiddle></a> -->
-                <?php echo help("상품의 코드는 10자리 숫자로 자동생성합니다. <b>직접 상품코드를 입력할 수도 있습니다.</b>\n상품코드는 영문자와 숫자만 입력 가능합니다."); ?>
-                <input type="text" name="it_id" value="<?php echo time(); ?>" id="it_id" required class="frm_input required" size="12" maxlength="10">
+                <?php echo help("상품의 코드는 10자리 숫자로 자동생성합니다. <b>직접 상품코드를 입력할 수도 있습니다.</b>\n상품코드는 영문자, 숫자, - 만 입력 가능합니다."); ?>
+                <input type="text" name="it_id" value="<?php echo time(); ?>" id="it_id" required class="frm_input required" size="20" maxlength="20">
                 <?php if ($default['de_code_dup_use']) { ?><a href='javascript:;' onclick="codedupcheck(document.all.it_id.value)"><img src="<?php echo G4_ADMIN_URL; ?>/img/btn_code.gif"></a><?php } ?>
             <?php } else { ?>
                 <input type="hidden" name="it_id" value="<?php echo $it['it_id']; ?>">
@@ -972,6 +986,12 @@ function codedupcheck(id)
         return;
     }
 
+    var it_id = id.replace(/[A-Za-z0-9\-]/g, "");
+    if(it_id.length > 0) {
+        alert("상품코드는 영문자, 숫자, - 만 사용할 수 있습니다.");
+        return false;
+    }
+
     $.post(
         "./codedupcheck.php",
         { it_id: id },
diff --git a/adm/shop_admin/itemformupdate.php b/adm/shop_admin/itemformupdate.php
index 7dcaedcca..9d5843267 100644
--- a/adm/shop_admin/itemformupdate.php
+++ b/adm/shop_admin/itemformupdate.php
@@ -283,10 +283,16 @@ $sql_common = " ca_id               = '$ca_id',
 
 if ($w == "")
 {
+    $it_id = $_POST['it_id'];
+
     if (!trim($it_id)) {
-        alert("상품 코드가 없으므로 상품을 추가하실 수 없습니다.");
+        alert('상품 코드가 없으므로 상품을 추가하실 수 없습니다.');
     }
 
+    $t_it_id = preg_replace("/[A-Za-z0-9\-]/", "", $it_id);
+    if($t_it_id)
+        alert('상품 코드는 영문자, 숫자, - 만 사용할 수 있습니다.');
+
     $sql = " insert {$g4['shop_item_table']}
                 set it_id = '$it_id',
 					$sql_common	";
diff --git a/adm/shop_admin/itemlist.php b/adm/shop_admin/itemlist.php
index 4c9ee9fb2..7e1e70dc1 100644
--- a/adm/shop_admin/itemlist.php
+++ b/adm/shop_admin/itemlist.php
@@ -191,7 +191,7 @@ if ($sfl || $stx) // 검색렬일 때만 처음 버튼을 보여줌
         <td rowspan="2"><?php echo $row['it_hit']; ?></td>
         <td rowspan="2" class="td_mng">
             <a href="<?php echo $href; ?>"><img src="./img/icon_view.jpg" alt="<?php echo htmlspecialchars2(cut_str($row['it_name'],250, "")); ?> 보기"></a>
-            <a href="javascript:_copy('<?php echo $row['it_id']; ?>', '<?php echo $row['ca_id']; ?>');"><img src="./img/icon_copy.jpg" alt="<?php echo htmlspecialchars2(cut_str($row['it_name'],250, "")); ?> 복사"></a>
+            <a href="./item_copy.php?it_id=<?php echo $row['it_id']; ?>&amp;ca_id=<?php echo $row['ca_id']; ?>" class="item_copy" target="_blank"><img src="./img/icon_copy.jpg" alt="<?php echo htmlspecialchars2(cut_str($row['it_name'],250, "")); ?> 복사"></a>
             <a href="./itemform.php?w=u&amp;it_id=<?php echo $row['it_id']; ?>&amp;ca_id=<?php echo $row['ca_id']; ?>&amp;<?php echo $qstr; ?>"><img src="./img/icon_mod.jpg" alt="<?php echo htmlspecialchars2(cut_str($row['it_name'],250, "")); ?> 수정"></a>
             <a href="./itemformupdate.php?w=d&amp;it_id=<?php echo $row['it_id']; ?>&amp;ca_id=<?php echo $row['ca_id']; ?>&amp;<?php echo $qstr; ?>" onclick="return delete_confirm();"><img src="./img/icon_del.jpg" alt="<?php echo htmlspecialchars2(cut_str($row['it_name'],250, "")); ?> 삭제"></a>
         </td>
@@ -219,34 +219,13 @@ if ($sfl || $stx) // 검색렬일 때만 처음 버튼을 보여줌
 <?php echo get_paging($config['cf_write_pages'], $page, $total_page, "{$_SERVER['PHP_SELF']}?$qstr&amp;page="); ?>
 
 <script>
-function _trim(str)
-{
-    var pattern = /(^\s*)|(\s*$)/g; // \s 공백 문자
-    return str.replace(pattern, "");
-}
-
-/*
-function _copy(it_name, link)
-{
-    var now = new Date();
-    var time = now.getTime() + '';
-    var new_it_id = prompt("'"+it_name+"' 상품을 복사하시겠습니까? 상품코드를 입력하세요.", time.substring(3,13));
-    if (!new_it_id) {
-        alert('상품코드를 입력하세요.');
-        return;
-    }
-
-    if (g4_charset.toUpperCase() == 'EUC-KR')
-        location.href = link+'&amp;new_it_id='+new_it_id;
-    else
-        location.href = encodeURI(link+'&amp;new_it_id='+new_it_id);
-}
-*/
-
-function _copy(it_id, ca_id)
-{
-    window.open('./item_copy.php?it_id='+it_id+'&amp;ca_id='+ca_id, 'copywin', 'left=100, top=100, width=300, height=200, scrollbars=0');
-}
+$(function() {
+    $(".item_copy").click(function() {
+        var href = $(this).attr("href");
+        window.open(href, "copywin", "left=100, top=100, width=300, height=200, scrollbars=0");
+        return false;
+    });
+});
 </script>
 
 <?php