diff --git a/adm/board_form_update.php b/adm/board_form_update.php index 78e7d8773..70c679b16 100644 --- a/adm/board_form_update.php +++ b/adm/board_form_update.php @@ -35,6 +35,14 @@ if ($file = $_POST['bo_include_tail']) { $_POST['bo_include_tail'] = $file; } +if(!is_include_path_check($_POST['bo_include_head'])) { + alert('/data/file/ 또는 /data/editor/ 포함된 문자를 상단 파일 경로에 포함시킬수 없습니다.'); +} + +if(!is_include_path_check($_POST['bo_include_tail'])) { + alert('/data/file/ 또는 /data/editor/ 포함된 문자를 하단 파일 경로에 포함시킬수 없습니다.'); +} + $board_path = G5_DATA_PATH.'/file/'.$bo_table; // 게시판 디렉토리 생성 diff --git a/adm/board_list.php b/adm/board_list.php index ade37535c..27ee9ce08 100644 --- a/adm/board_list.php +++ b/adm/board_list.php @@ -63,7 +63,7 @@ $colspan = 15; diff --git a/adm/contentformupdate.php b/adm/contentformupdate.php index 4212eedba..53ddecc96 100644 --- a/adm/contentformupdate.php +++ b/adm/contentformupdate.php @@ -18,6 +18,18 @@ check_admin_token(); if ($co_himg_del) @unlink(G5_DATA_PATH."/content/{$co_id}_h"); if ($co_timg_del) @unlink(G5_DATA_PATH."/content/{$co_id}_t"); +$error_msg = ''; + +if( $co_include_head && ! is_include_path_check($co_include_head) ){ + $co_include_head = ''; + $error_msg = '/data/file/ 또는 /data/editor/ 포함된 문자를 상단 파일 경로에 포함시킬수 없습니다.'; +} + +if( $co_include_tail && ! is_include_path_check($co_include_tail) ){ + $co_include_tail = ''; + $error_msg = '/data/file/ 또는 /data/editor/ 포함된 문자를 하단 파일 경로에 포함시킬수 없습니다.'; +} + $sql_common = " co_include_head = '$co_include_head', co_include_tail = '$co_include_tail', co_html = '$co_html', @@ -74,7 +86,11 @@ if ($w == "" || $w == "u") @chmod($dest_path, G5_FILE_PERMISSION); } - goto_url("./contentform.php?w=u&co_id=$co_id"); + if( $error_msg ){ + alert($error_msg, "./contentform.php?w=u&co_id=$co_id"); + } else { + goto_url("./contentform.php?w=u&co_id=$co_id"); + } } else { diff --git a/adm/qa_config_update.php b/adm/qa_config_update.php index c83311192..6ebcbed85 100644 --- a/adm/qa_config_update.php +++ b/adm/qa_config_update.php @@ -8,6 +8,18 @@ auth_check($auth[$sub_menu], 'w'); check_admin_token(); +$error_msg = ''; + +if( $qa_include_head && ! is_include_path_check($qa_include_head) ){ + $qa_include_head = ''; + $error_msg = '/data/file/ 또는 /data/editor/ 포함된 문자를 상단 파일 경로에 포함시킬수 없습니다.'; +} + +if( $qa_include_tail && ! is_include_path_check($qa_include_tail) ){ + $qa_include_tail = ''; + $error_msg = '/data/file/ 또는 /data/editor/ 포함된 문자를 하단 파일 경로에 포함시킬수 없습니다.'; +} + $sql = " update {$g5['qa_config_table']} set qa_title = '{$_POST['qa_title']}', qa_category = '{$_POST['qa_category']}', @@ -29,8 +41,8 @@ $sql = " update {$g5['qa_config_table']} qa_image_width = '{$_POST['qa_image_width']}', qa_upload_size = '{$_POST['qa_upload_size']}', qa_insert_content = '{$_POST['qa_insert_content']}', - qa_include_head = '{$_POST['qa_include_head']}', - qa_include_tail = '{$_POST['qa_include_tail']}', + qa_include_head = '{$qa_include_head}', + qa_include_tail = '{$qa_include_tail}', qa_content_head = '{$_POST['qa_content_head']}', qa_content_tail = '{$_POST['qa_content_tail']}', qa_mobile_content_head = '{$_POST['qa_mobile_content_head']}', @@ -47,5 +59,9 @@ $sql = " update {$g5['qa_config_table']} qa_5 = '{$_POST['qa_5']}' "; sql_query($sql); -goto_url('./qa_config.php'); +if($error_msg){ + alert($error_msg, './qa_config.php'); +} else { + goto_url('./qa_config.php'); +} ?> \ No newline at end of file diff --git a/adm/sms_admin/_common.php b/adm/sms_admin/_common.php index 50def26fd..7cf17b2b7 100644 --- a/adm/sms_admin/_common.php +++ b/adm/sms_admin/_common.php @@ -12,5 +12,7 @@ if (!strstr($_SERVER['SCRIPT_NAME'], 'install.php')) { //$sms5 = sql_fetch("select * from ".$g5['sms5_config_table'] ); } +$sv = isset($_REQUEST['sv']) ? get_search_string($_REQUEST['sv']) : ''; + add_stylesheet('', 0); ?> \ No newline at end of file diff --git a/adm/visit_date.php b/adm/visit_date.php index 1b3a5bf4a..29aab179e 100644 --- a/adm/visit_date.php +++ b/adm/visit_date.php @@ -71,6 +71,7 @@ for ($i=0; $row=sql_fetch_array($result); $i++) { 자료가 없습니다.'; diff --git a/adm/visit_month.php b/adm/visit_month.php index 4e5b95d41..911e56964 100644 --- a/adm/visit_month.php +++ b/adm/visit_month.php @@ -72,6 +72,7 @@ for ($i=0; $row=sql_fetch_array($result); $i++) { 처음'; //페이지 처 \ No newline at end of file diff --git a/bbs/board_tail.php b/bbs/board_tail.php index c97af5d88..57b81b46e 100644 --- a/bbs/board_tail.php +++ b/bbs/board_tail.php @@ -8,6 +8,10 @@ if (G5_IS_MOBILE) { include_once(G5_BBS_PATH.'/_tail.php'); } else { echo stripslashes($board['bo_content_tail']); - @include ($board['bo_include_tail']); + if(is_include_path_check($board['bo_include_tail'])) { //파일경로 체크 + @include ($board['bo_include_tail']); + } else { //파일경로가 올바르지 않으면 기본파일을 가져옴 + include_once(G5_BBS_PATH.'/_tail.php'); + } } ?> \ No newline at end of file diff --git a/bbs/content.php b/bbs/content.php index 52b538843..8aa2f36af 100644 --- a/bbs/content.php +++ b/bbs/content.php @@ -19,7 +19,7 @@ if (!$co['co_id']) $g5['title'] = $co['co_subject']; -if ($co['co_include_head']) +if (is_include_path_check($co['co_include_head'])) @include_once($co['co_include_head']); else include_once('./_head.php'); @@ -85,7 +85,7 @@ if(is_file($skin_file)) { echo '

'.str_replace(G5_PATH.'/', '', $skin_file).'이 존재하지 않습니다.

'; } -if ($co['co_include_tail']) +if (is_include_path_check($co['co_include_tail'])) @include_once($co['co_include_tail']); else include_once('./_tail.php'); diff --git a/bbs/qahead.php b/bbs/qahead.php index ec332be6d..d4aaa4d6e 100644 --- a/bbs/qahead.php +++ b/bbs/qahead.php @@ -9,7 +9,7 @@ if (G5_IS_MOBILE) { include_once('./_head.php'); echo conv_content($qaconfig['qa_mobile_content_head'], 1); } else { - if($qaconfig['qa_include_head']) + if(is_include_path_check($qaconfig['qa_include_head'])) @include ($qaconfig['qa_include_head']); else include ('./_head.php'); diff --git a/bbs/qatail.php b/bbs/qatail.php index 4ab23b30d..8cc00e1a3 100644 --- a/bbs/qatail.php +++ b/bbs/qatail.php @@ -7,7 +7,7 @@ if (G5_IS_MOBILE) { include_once('./_tail.php'); } else { echo conv_content($qaconfig['qa_content_tail'], 1); - if($qaconfig['qa_include_tail']) + if(is_include_path_check($qaconfig['qa_include_tail'])) @include ($qaconfig['qa_include_tail']); else include ('./_tail.php'); diff --git a/config.php b/config.php index 2518df4b3..1015b03ed 100644 --- a/config.php +++ b/config.php @@ -5,8 +5,8 @@ ********************/ define('G5_VERSION', '그누보드5'); -define('G5_GNUBOARD_VER', '5.2.6'); -define('G5_YOUNGCART_VER', '5.2.6'); +define('G5_GNUBOARD_VER', '5.2.7'); +define('G5_YOUNGCART_VER', '5.2.7'); // 이 상수가 정의되지 않으면 각각의 개별 페이지는 별도로 실행될 수 없음 define('_GNUBOARD_', true); diff --git a/head.sub.php b/head.sub.php index d218f8d04..159f03ffa 100644 --- a/head.sub.php +++ b/head.sub.php @@ -45,7 +45,7 @@ if (G5_IS_MOBILE) { echo ''.PHP_EOL; } else { echo ''.PHP_EOL; - echo ''.PHP_EOL; + echo ''.PHP_EOL; } if($config['cf_add_meta']) diff --git a/lib/common.lib.php b/lib/common.lib.php index 274ce5117..8ac84112d 100644 --- a/lib/common.lib.php +++ b/lib/common.lib.php @@ -3274,4 +3274,13 @@ function check_write_token($bo_table) return true; } + +// include 하는 경로에 data file 경로가 포함되어 있는지 체크합니다. +function is_include_path_check($path='') +{ + if( !$path || preg_match('/\/data\/(file|editor)\/[A-Za-z0-9_]{1,20}\//', $path) ){ + return false; + } + return true; +} ?> \ No newline at end of file diff --git a/lib/thumbnail.lib.php b/lib/thumbnail.lib.php index c3dac55a2..15ff52513 100644 --- a/lib/thumbnail.lib.php +++ b/lib/thumbnail.lib.php @@ -4,7 +4,7 @@ if (!defined('_GNUBOARD_')) exit; @ini_set('memory_limit', '-1'); // 게시글리스트 썸네일 생성 -function get_list_thumbnail($bo_table, $wr_id, $thumb_width, $thumb_height, $is_create=false, $is_crop=true, $crop_mode='center', $is_sharpen=false, $um_value='80/0.5/3') +function get_list_thumbnail($bo_table, $wr_id, $thumb_width, $thumb_height, $is_create=false, $is_crop=false, $crop_mode='center', $is_sharpen=false, $um_value='80/0.5/3') { global $g5, $config; $filename = $alt = ""; @@ -238,10 +238,10 @@ function thumbnail($filename, $source_path, $target_path, $thumb_width, $thumb_h $degree = 0; if ($size[2] == 1) { - $src = imagecreatefromgif($source_file); - $src_transparency = imagecolortransparent($src); + $src = @imagecreatefromgif($source_file); + $src_transparency = @imagecolortransparent($src); } else if ($size[2] == 2) { - $src = imagecreatefromjpeg($source_file); + $src = @imagecreatefromjpeg($source_file); if(function_exists('exif_read_data')) { // exif 정보를 기준으로 회전각도 구함 @@ -273,8 +273,8 @@ function thumbnail($filename, $source_path, $target_path, $thumb_width, $thumb_h } } } else if ($size[2] == 3) { - $src = imagecreatefrompng($source_file); - imagealphablending($src, true); + $src = @imagecreatefrompng($source_file); + @imagealphablending($src, true); } else { return; } @@ -330,20 +330,52 @@ function thumbnail($filename, $source_path, $target_path, $thumb_width, $thumb_h } break; } - } - $dst = imagecreatetruecolor($dst_w, $dst_h); + $dst = imagecreatetruecolor($dst_w, $dst_h); - if($size[2] == 3) { - imagealphablending($dst, false); - imagesavealpha($dst, true); - } else if($size[2] == 1) { - $palletsize = imagecolorstotal($src); - if($src_transparency >= 0 && $src_transparency < $palletsize) { - $transparent_color = imagecolorsforindex($src, $src_transparency); - $current_transparent = imagecolorallocate($dst, $transparent_color['red'], $transparent_color['green'], $transparent_color['blue']); - imagefill($dst, 0, 0, $current_transparent); - imagecolortransparent($dst, $current_transparent); + if($size[2] == 3) { + imagealphablending($dst, false); + imagesavealpha($dst, true); + } else if($size[2] == 1) { + $palletsize = imagecolorstotal($src); + if($src_transparency >= 0 && $src_transparency < $palletsize) { + $transparent_color = imagecolorsforindex($src, $src_transparency); + $current_transparent = imagecolorallocate($dst, $transparent_color['red'], $transparent_color['green'], $transparent_color['blue']); + imagefill($dst, 0, 0, $current_transparent); + imagecolortransparent($dst, $current_transparent); + } + } + } else { // 비율에 맞게 생성 + $dst = imagecreatetruecolor($dst_w, $dst_h); + $bgcolor = imagecolorallocate($dst, 255, 255, 255); // 배경색 + + if($src_w > $src_h) { + $tmp_h = round(($dst_w * $src_h) / $src_w); + $dst_y = round(($dst_h - $tmp_h) / 2); + $dst_h = $tmp_h; + } else { + $tmp_w = round(($dst_h * $src_w) / $src_h); + $dst_x = round(($dst_w - $tmp_w) / 2); + $dst_w = $tmp_w; + } + + if($size[2] == 3) { + $bgcolor = imagecolorallocatealpha($dst, 0, 0, 0, 127); + imagefill($dst, 0, 0, $bgcolor); + imagealphablending($dst, false); + imagesavealpha($dst, true); + } else if($size[2] == 1) { + $palletsize = imagecolorstotal($src); + if($src_transparency >= 0 && $src_transparency < $palletsize) { + $transparent_color = imagecolorsforindex($src, $src_transparency); + $current_transparent = imagecolorallocate($dst, $transparent_color['red'], $transparent_color['green'], $transparent_color['blue']); + imagefill($dst, 0, 0, $current_transparent); + imagecolortransparent($dst, $current_transparent); + } else { + imagefill($dst, 0, 0, $bgcolor); + } + } else { + imagefill($dst, 0, 0, $bgcolor); } } } else { diff --git a/plugin/editor/cheditor5/popup/js/image.html5.js b/plugin/editor/cheditor5/popup/js/image.html5.js index b4ed00b0e..fc97d6cd0 100644 --- a/plugin/editor/cheditor5/popup/js/image.html5.js +++ b/plugin/editor/cheditor5/popup/js/image.html5.js @@ -1064,7 +1064,11 @@ DoUpload.prototype = { if (evt.target.readyState === FileReader.DONE) { blob = new self.MyBlob(self.NewBlob(evt.target.result, filetype)); - orientation = self.getOrientation(evt.target.result.slice(0, 64 * 1024)); + try { + orientation = self.getOrientation(evt.target.result.slice(0, 64 * 1024)); + } catch(err) { + + } image = new Image(); image.onload = function () { diff --git a/plugin/htmlpurifier/safeiframe.txt b/plugin/htmlpurifier/safeiframe.txt index 6484f4ccf..b87696a76 100644 --- a/plugin/htmlpurifier/safeiframe.txt +++ b/plugin/htmlpurifier/safeiframe.txt @@ -4,3 +4,9 @@ www.youtube(?:-nocookie)?.com/ serviceapi.rmcnmv.naver.com/ videofarm.daum.net/ player.vimeo.com/ +maps.google.com/ +play.afreeca.com/ +v.nate.com/ +www.microsoft.com/showcase/video.aspx/ +w.soundcloud.com/ +www.facebook.com/ \ No newline at end of file