diff --git a/adm/board_form_update.php b/adm/board_form_update.php index c668136a5..8ddb1840c 100644 --- a/adm/board_form_update.php +++ b/adm/board_form_update.php @@ -80,8 +80,8 @@ $bo_category_list = isset($_POST['bo_category_list']) ? str_replace($src_char, $ //https://github.com/gnuboard/gnuboard5/commit/f5f4925d4eb28ba1af728e1065fc2bdd9ce1da58 에 따른 조치 $str_bo_category_list = preg_replace("/[\<\>\'\"\\\'\\\"\%\=\(\)\/\^\*]/", "", $bo_category_list); -$_POST['bo_subject'] = strip_tags($_POST['bo_subject']); -$_POST['bo_mobile_subject'] = strip_tags($_POST['bo_mobile_subject']); +$_POST['bo_subject'] = strip_tags(clean_xss_attributes($_POST['bo_subject'])); +$_POST['bo_mobile_subject'] = strip_tags(clean_xss_attributes($_POST['bo_mobile_subject'])); $sql_common = " gr_id = '{$gr_id}', bo_subject = '{$_POST['bo_subject']}', diff --git a/adm/board_list_update.php b/adm/board_list_update.php index 8a5ba44ec..552f60d99 100644 --- a/adm/board_list_update.php +++ b/adm/board_list_update.php @@ -33,7 +33,7 @@ if ($_POST['act_button'] == "선택수정") { alert('최고관리자가 아닌 경우 다른 관리자의 게시판('.$board_table[$k].')은 수정이 불가합니다.'); } - $p_bo_subject = is_array($_POST['bo_subject']) ? strip_tags($_POST['bo_subject'][$k]) : ''; + $p_bo_subject = is_array($_POST['bo_subject']) ? strip_tags(clean_xss_attributes($_POST['bo_subject'][$k])) : ''; $sql = " update {$g5['board_table']} set gr_id = '".sql_real_escape_string(strip_tags($_POST['gr_id'][$k]))."', diff --git a/adm/boardgroup_form_update.php b/adm/boardgroup_form_update.php index 7ce694a8e..b7e5cb4f2 100644 --- a/adm/boardgroup_form_update.php +++ b/adm/boardgroup_form_update.php @@ -16,7 +16,7 @@ if (!preg_match("/^([A-Za-z0-9_]{1,10})$/", $_POST['gr_id'])) if (!$gr_subject) alert('그룹 제목을 입력하세요.'); -$gr_subject = isset($_POST['gr_subject']) ? strip_tags($_POST['gr_subject']) : ''; +$gr_subject = isset($_POST['gr_subject']) ? strip_tags(clean_xss_attributes($_POST['gr_subject'])) : ''; $sql_common = " gr_subject = '{$gr_subject}', gr_device = '{$_POST['gr_device']}', diff --git a/adm/boardgroup_list.php b/adm/boardgroup_list.php index a688e650d..08cd18382 100644 --- a/adm/boardgroup_list.php +++ b/adm/boardgroup_list.php @@ -124,7 +124,7 @@ $colspan = 10; - + @@ -135,9 +135,9 @@ $colspan = 10; - + - + diff --git a/adm/boardgroup_list_update.php b/adm/boardgroup_list_update.php index e6abcb6b7..ee8971c2d 100644 --- a/adm/boardgroup_list_update.php +++ b/adm/boardgroup_list_update.php @@ -19,8 +19,8 @@ for ($i=0; $i<$count; $i++) { $k = $_POST['chk'][$i]; $gr_id = preg_replace('/[^a-z0-9_]/i', '', $_POST['group_id'][$k]); - $gr_subject = is_array($_POST['gr_subject']) ? strip_tags($_POST['gr_subject'][$k]) : ''; - $gr_admin = is_array($_POST['gr_admin']) ? strip_tags($_POST['gr_admin'][$k]) : ''; + $gr_subject = is_array($_POST['gr_subject']) ? strip_tags(clean_xss_attributes($_POST['gr_subject'][$k])) : ''; + $gr_admin = is_array($_POST['gr_admin']) ? strip_tags(clean_xss_attributes($_POST['gr_admin'][$k])) : ''; if($_POST['act_button'] == '선택수정') { $sql = " update {$g5['group_table']} diff --git a/adm/config_form.php b/adm/config_form.php index 286626896..5bc7bccea 100644 --- a/adm/config_form.php +++ b/adm/config_form.php @@ -321,7 +321,7 @@ if ($config['cf_sms_use'] && $config['cf_icode_id'] && $config['cf_icode_pw']) { - + diff --git a/adm/config_form_update.php b/adm/config_form_update.php index 50a6bbf32..731b664c5 100644 --- a/adm/config_form_update.php +++ b/adm/config_form_update.php @@ -26,7 +26,7 @@ if(!$_POST['cf_cert_use']) { $cf_social_servicelist = !empty($_POST['cf_social_servicelist']) ? implode(',', $_POST['cf_social_servicelist']) : ''; -$_POST['cf_title'] = strip_tags($_POST['cf_title']); +$_POST['cf_title'] = strip_tags(clean_xss_attributes($_POST['cf_title'])); $check_keys = array('cf_lg_mid', 'cf_lg_mert_key', 'cf_cert_kcb_cd', 'cf_cert_kcp_cd', 'cf_editor', 'cf_recaptcha_site_key', 'cf_recaptcha_secret_key', 'cf_naver_clientid', 'cf_naver_secret', 'cf_facebook_appid', 'cf_facebook_secret', 'cf_twitter_key', 'cf_twitter_secret', 'cf_google_clientid', 'cf_google_secret', 'cf_googl_shorturl_apikey', 'cf_kakao_rest_key', 'cf_kakao_client_secret', 'cf_kakao_js_apikey', 'cf_payco_clientid', 'cf_payco_secret'); diff --git a/adm/contentformupdate.php b/adm/contentformupdate.php index 41170884b..58437acda 100644 --- a/adm/contentformupdate.php +++ b/adm/contentformupdate.php @@ -21,7 +21,7 @@ if ($w == "" || $w == "u") } $co_id = preg_replace('/[^a-z0-9_]/i', '', $co_id); -$co_subject = strip_tags($co_subject); +$co_subject = strip_tags(clean_xss_attributes($co_subject)); $co_include_head = preg_replace(array("#[\\\]+$#", "#(<\?php|<\?)#i"), "", substr($co_include_head, 0, 255)); $co_include_tail = preg_replace(array("#[\\\]+$#", "#(<\?php|<\?)#i"), "", substr($co_include_tail, 0, 255)); $co_tag_filter_use = isset($_POST['co_tag_filter_use']) ? (int) $_POST['co_tag_filter_use'] : 1; diff --git a/adm/faqmasterformupdate.php b/adm/faqmasterformupdate.php index f753683e3..609e805b3 100644 --- a/adm/faqmasterformupdate.php +++ b/adm/faqmasterformupdate.php @@ -18,7 +18,7 @@ check_admin_token(); if ($fm_himg_del) @unlink(G5_DATA_PATH."/faq/{$fm_id}_h"); if ($fm_timg_del) @unlink(G5_DATA_PATH."/faq/{$fm_id}_t"); -$fm_subject = strip_tags($fm_subject); +$fm_subject = strip_tags(clean_xss_attributes($fm_subject)); $sql_common = " set fm_subject = '$fm_subject', fm_head_html = '$fm_head_html', diff --git a/adm/mail_form.php b/adm/mail_form.php index a95035be2..6ee6fb95b 100644 --- a/adm/mail_form.php +++ b/adm/mail_form.php @@ -42,7 +42,7 @@ include_once('./admin.head.php'); - + diff --git a/adm/mail_update.php b/adm/mail_update.php index 68c85ae71..04d04ac92 100644 --- a/adm/mail_update.php +++ b/adm/mail_update.php @@ -10,7 +10,7 @@ auth_check($auth[$sub_menu], 'w'); check_admin_token(); $ma_id = isset($_POST['ma_id']) ? (int) $_POST['ma_id'] : 0; -$ma_subject = isset($_POST['ma_subject']) ? strip_tags($_POST['ma_subject']) : ''; +$ma_subject = isset($_POST['ma_subject']) ? strip_tags(clean_xss_attributes($_POST['ma_subject'])) : ''; if ($w == '') { diff --git a/adm/menu_list_update.php b/adm/menu_list_update.php index f7f4cf882..160c578a7 100644 --- a/adm/menu_list_update.php +++ b/adm/menu_list_update.php @@ -21,11 +21,11 @@ for ($i=0; $i<$count; $i++) { $_POST = array_map_deep('trim', $_POST); - $_POST['me_link'][$i] = is_array($_POST['me_link']) ? clean_xss_tags($_POST['me_link'][$i], 1) : ''; + $_POST['me_link'][$i] = is_array($_POST['me_link']) ? clean_xss_tags(clean_xss_attributes($_POST['me_link'][$i], 1)) : ''; $code = is_array($_POST['code']) ? strip_tags($_POST['code'][$i]) : ''; $me_name = is_array($_POST['me_name']) ? strip_tags($_POST['me_name'][$i]) : ''; - $me_link = (preg_match('/^javascript/i', $_POST['me_link'][$i]) || preg_match('/script:/i', $_POST['me_link'][$i])) ? G5_URL : strip_tags($_POST['me_link'][$i]); + $me_link = (preg_match('/^javascript/i', $_POST['me_link'][$i]) || preg_match('/script:/i', $_POST['me_link'][$i])) ? G5_URL : strip_tags(clean_xss_attributes($_POST['me_link'][$i])); if(!$code || !$me_name || !$me_link) continue; diff --git a/adm/newwinformupdate.php b/adm/newwinformupdate.php index 1441ac820..f03701166 100644 --- a/adm/newwinformupdate.php +++ b/adm/newwinformupdate.php @@ -12,7 +12,7 @@ else check_admin_token(); -$nw_subject = isset($_POST['nw_subject']) ? strip_tags($_POST['nw_subject']) : ''; +$nw_subject = isset($_POST['nw_subject']) ? strip_tags(clean_xss_attributes($_POST['nw_subject'])) : ''; $sql_common = " nw_device = '{$_POST['nw_device']}', nw_begin_time = '{$_POST['nw_begin_time']}', diff --git a/adm/point_update.php b/adm/point_update.php index 571a1dfa6..ac1a70411 100644 --- a/adm/point_update.php +++ b/adm/point_update.php @@ -6,9 +6,9 @@ auth_check($auth[$sub_menu], 'w'); check_admin_token(); -$mb_id = strip_tags($_POST['mb_id']); -$po_point = strip_tags($_POST['po_point']); -$po_content = strip_tags($_POST['po_content']); +$mb_id = strip_tags(clean_xss_attributes($_POST['mb_id'])); +$po_point = strip_tags(clean_xss_attributes($_POST['po_point'])); +$po_content = strip_tags(clean_xss_attributes($_POST['po_content'])); $expire = preg_replace('/[^0-9]/', '', $_POST['po_expire_term']); $mb = get_member($mb_id); diff --git a/adm/poll_form.php b/adm/poll_form.php index 0f5ed4dd4..3de75ddbe 100644 --- a/adm/poll_form.php +++ b/adm/poll_form.php @@ -37,7 +37,7 @@ include_once('./admin.head.php'); - + $value ){ if( empty($value) ) continue; if( in_array($key, $check_keys) ) { - $_POST[$key] = strip_tags($value); + $_POST[$key] = strip_tags(clean_xss_attributes($value)); } } diff --git a/adm/qa_config.php b/adm/qa_config.php index b73062251..c06a0a059 100644 --- a/adm/qa_config.php +++ b/adm/qa_config.php @@ -133,7 +133,7 @@ if(!isset($qaconfig['qa_include_head'])) { - + 1:1문의 바로가기 @@ -141,7 +141,7 @@ if(!isset($qaconfig['qa_include_head'])) { - + @@ -184,21 +184,21 @@ if(!isset($qaconfig['qa_include_head'])) { - + SMS 알림을 사용하지 않으시면 알림이 전송되지 않습니다.'); ?> - + - + diff --git a/adm/qa_config_update.php b/adm/qa_config_update.php index 97fd16d7e..38b3eaddd 100644 --- a/adm/qa_config_update.php +++ b/adm/qa_config_update.php @@ -15,7 +15,7 @@ $qaconfig = get_qa_config(); $check_keys = array('qa_title', 'qa_category', 'qa_skin', 'qa_mobile_skin', 'qa_use_email', 'qa_req_email', 'qa_use_hp', 'qa_req_hp', 'qa_use_sms', 'qa_send_number', 'qa_admin_hp', 'qa_admin_email', 'qa_subject_len', 'qa_mobile_subject_len', 'qa_page_rows', 'qa_mobile_page_rows', 'qa_image_width', 'qa_upload_size'); foreach($check_keys as $key){ - $$key = $_POST[$key] = isset($_POST[$key]) ? strip_tags($_POST[$key]) : ''; + $$key = $_POST[$key] = isset($_POST[$key]) ? strip_tags(clean_xss_attributes($_POST[$key])) : ''; } $qa_include_head = preg_replace(array("#[\\\]+$#", "#(<\?php|<\?)#i"), "", substr($qa_include_head, 0, 255)); diff --git a/adm/sms_admin/form_update.php b/adm/sms_admin/form_update.php index 080656e94..1eb78101a 100644 --- a/adm/sms_admin/form_update.php +++ b/adm/sms_admin/form_update.php @@ -4,8 +4,8 @@ include_once("./_common.php"); auth_check($auth[$sub_menu], "w"); -$fo_name = isset($fo_name) ? strip_tags($fo_name) : ''; -$fo_content = isset($fo_content) ? strip_tags($fo_content) : ''; +$fo_name = isset($fo_name) ? strip_tags(clean_xss_attributes($fo_name)) : ''; +$fo_content = isset($fo_content) ? strip_tags(clean_xss_attributes($fo_content)) : ''; $g5['title'] = "이모티콘 업데이트"; diff --git a/adm/sms_admin/form_write.php b/adm/sms_admin/form_write.php index a8a8816cd..b8e4913f7 100644 --- a/adm/sms_admin/form_write.php +++ b/adm/sms_admin/form_write.php @@ -6,6 +6,8 @@ auth_check($auth[$sub_menu], "w"); $g5['title'] = "이모티콘 "; +$fg_no = isset($fg_no) ? (int) $fg_no : ''; + if ($w == 'u' && is_numeric($fo_no)) { $write = sql_fetch("select * from {$g5['sms5_form_table']} where fo_no='$fo_no'"); $g5['title'] .= '수정'; @@ -48,7 +50,7 @@ include_once(G5_ADMIN_PATH.'/admin.head.php'); - + 메세지 diff --git a/adm/sms_admin/install.php b/adm/sms_admin/install.php index c7a13441d..025ecda8e 100644 --- a/adm/sms_admin/install.php +++ b/adm/sms_admin/install.php @@ -53,6 +53,7 @@ eval("\$file = \"$file\";"); $f = explode(";", $file); for ($i=0; $i그룹명 onclick="no_hp_click(this.checked)"> diff --git a/adm/sms_admin/num_group.php b/adm/sms_admin/num_group.php index c71483ca7..2da088f9c 100644 --- a/adm/sms_admin/num_group.php +++ b/adm/sms_admin/num_group.php @@ -129,7 +129,7 @@ function num_group_submit(f) @@ -150,7 +150,7 @@ function num_group_submit(f) - + diff --git a/adm/sms_admin/num_group_update.php b/adm/sms_admin/num_group_update.php index f23f31bea..dffeab6ee 100644 --- a/adm/sms_admin/num_group_update.php +++ b/adm/sms_admin/num_group_update.php @@ -11,7 +11,7 @@ if ($w == 'u') // 업데이트 // 실제 번호를 넘김 $k = $_POST['chk'][$i]; $bg_no = (int) $_POST['bg_no'][$k]; - $bg_name = strip_tags($_POST['bg_name'][$k]); + $bg_name = strip_tags(clean_xss_attributes($_POST['bg_name'][$k])); if (!is_numeric($bg_no)) alert('그룹 고유번호가 없습니다.'); @@ -23,11 +23,11 @@ if ($w == 'u') // 업데이트 if (!strlen(trim($bg_name))) alert('그룹명을 입력해주세요'); - $res = sql_fetch("select bg_name from {$g5['sms5_book_group_table']} where bg_no<>'$bg_no' and bg_name='$bg_name'"); + $res = sql_fetch("select bg_name from {$g5['sms5_book_group_table']} where bg_no<>'$bg_no' and bg_name='".sql_real_escape_string($bg_name)."'"); if ($res) alert('같은 그룹명이 존재합니다.'); - sql_query("update {$g5['sms5_book_group_table']} set bg_name='".addslashes($bg_name)."' where bg_no='$bg_no'"); + sql_query("update {$g5['sms5_book_group_table']} set bg_name='".sql_real_escape_string($bg_name)."' where bg_no='$bg_no'"); } } else if ($w == 'de') // 그룹삭제 @@ -63,7 +63,7 @@ else if ($w == 'em') // 비우기 } else // 등록 { - $bg_name = strip_tags($bg_name); + $bg_name = strip_tags(clean_xss_attributes($bg_name)); if (!strlen(trim($bg_name))) alert('그룹명을 입력해주세요'); @@ -72,7 +72,7 @@ else // 등록 if ($res) alert('같은 그룹명이 존재합니다.'); - sql_query("insert into {$g5['sms5_book_group_table']} set bg_name='".addslashes($bg_name)."'"); + sql_query("insert into {$g5['sms5_book_group_table']} set bg_name='$bg_name'"); } goto_url('./num_group.php'); diff --git a/adm/sms_admin/sms_write_form.php b/adm/sms_admin/sms_write_form.php index fdbf64c91..103535b5e 100644 --- a/adm/sms_admin/sms_write_form.php +++ b/adm/sms_admin/sms_write_form.php @@ -7,6 +7,8 @@ while ($res = sql_fetch_array($qry)) array_push($group, $res); $res = sql_fetch("select count(*) as cnt from `{$g5['sms5_form_table']}` where fg_no=0"); $no_count = $res['cnt']; + +$fg_no = isset($fg_no) ? (int) $fg_no : ''; ?>
diff --git a/bbs/memo_view.php b/bbs/memo_view.php index 144e98f43..be6bebc4f 100644 --- a/bbs/memo_view.php +++ b/bbs/memo_view.php @@ -31,14 +31,17 @@ else alert($kind.' 값을 넘겨주세요.'); } -$g5['title'] = $t.' 쪽지 보기'; -include_once(G5_PATH.'/head.sub.php'); - $sql = " select * from {$g5['memo_table']} where me_id = '$me_id' and me_{$kind}_mb_id = '{$member['mb_id']}' "; $memo = sql_fetch($sql); +set_session('ss_memo_delete_token', $token = uniqid(time())); +$del_link = 'memo_delete.php?me_id='.$memo['me_id'].'&token='.$token.'&kind='.$kind; + +$g5['title'] = $t.' 쪽지 보기'; +include_once(G5_PATH.'/head.sub.php'); + // 이전 쪽지 $sql = " select me.*, a.rownum from `{$g5['memo_table']}` as me inner join ( select me_id , (@rownum:=@rownum+1) as rownum from `{$g5['memo_table']}` as memo, (select @rownum:=0) tmp where me_{$kind}_mb_id = '{$member['mb_id']}' and memo.me_type = '$kind' order by me_id desc ) as a on a.me_id = me.me_id where me.me_id < '$me_id' and me.me_{$kind}_mb_id = '{$member['mb_id']}' and me.me_type = '$kind' order by me.me_id desc limit 1 "; diff --git a/common.php b/common.php index f7f42bd2a..ba97a952c 100644 --- a/common.php +++ b/common.php @@ -230,12 +230,14 @@ if( $config['cf_cert_use'] || (defined('G5_YOUNGCART_VER') && G5_YOUNGCART_VER) if(!function_exists('session_start_samesite')) { function session_start_samesite($options = array()) { + global $g5; + $res = @session_start($options); - // IE 브라우저 또는 엣지브라우저 일때는 secure; SameSite=None 을 설정하지 않습니다. - if( preg_match('/Edge/i', $_SERVER['HTTP_USER_AGENT']) || preg_match('~MSIE|Internet Explorer~i', $_SERVER['HTTP_USER_AGENT']) || preg_match('~Trident/7.0(; Touch)?; rv:11.0~',$_SERVER['HTTP_USER_AGENT']) ){ - return $res; - } + // IE 브라우저 또는 엣지브라우저 일때는 secure; SameSite=None, http 환경에서는 설정하지 않습니다. + if( preg_match('/Edge/i', $_SERVER['HTTP_USER_AGENT']) || preg_match('~MSIE|Internet Explorer~i', $_SERVER['HTTP_USER_AGENT']) || preg_match('~Trident/7.0(; Touch)?; rv:11.0~',$_SERVER['HTTP_USER_AGENT']) || ! (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS']=='on') ){ + return $res; + } $headers = headers_list(); krsort($headers); @@ -243,6 +245,7 @@ if( $config['cf_cert_use'] || (defined('G5_YOUNGCART_VER') && G5_YOUNGCART_VER) if (!preg_match('~^Set-Cookie: PHPSESSID=~', $header)) continue; $header = preg_replace('~; secure(; HttpOnly)?$~', '', $header) . '; secure; SameSite=None'; header($header, false); + $g5['session_cookie_samesite'] = 'none'; break; } return $res; diff --git a/config.php b/config.php index bd813f657..389614add 100644 --- a/config.php +++ b/config.php @@ -5,7 +5,7 @@ ********************/ define('G5_VERSION', '그누보드5'); -define('G5_GNUBOARD_VER', '5.4.1.9'); +define('G5_GNUBOARD_VER', '5.4.2'); // 이 상수가 정의되지 않으면 각각의 개별 페이지는 별도로 실행될 수 없음 define('_GNUBOARD_', true); diff --git a/lib/common.lib.php b/lib/common.lib.php index 1e14e6afc..432514a24 100644 --- a/lib/common.lib.php +++ b/lib/common.lib.php @@ -116,11 +116,13 @@ function goto_url($url) // 세션변수 생성 function set_session($session_name, $value) { + global $g5; + static $check_cookie = null; if( $check_cookie === null ){ $cookie_session_name = session_name(); - if( ! ($cookie_session_name && isset($_COOKIE[$cookie_session_name]) && $_COOKIE[$cookie_session_name]) && ! headers_sent() ){ + if( ! isset($g5['session_cookie_samesite']) && ! ($cookie_session_name && isset($_COOKIE[$cookie_session_name]) && $_COOKIE[$cookie_session_name]) && ! headers_sent() ){ @session_regenerate_id(false); } @@ -3559,7 +3561,7 @@ function get_member_profile_img($mb_id='', $width='', $height='', $alt='profile_ // 프로필 이미지가 없을때 기본 이미지 $no_profile_img = (defined('G5_THEME_NO_PROFILE_IMG') && G5_THEME_NO_PROFILE_IMG) ? G5_THEME_NO_PROFILE_IMG : G5_NO_PROFILE_IMG; $tmp = array(); - preg_match( '/src="([^"]*)"/i', $foo, $tmp ); + preg_match( '/src="([^"]*)"/i', $no_profile_img, $tmp ); $no_profile_cache = $src = isset($tmp[1]) ? $tmp[1] : G5_IMG_URL.'/no_profile.gif'; } } diff --git a/lib/get_data.lib.php b/lib/get_data.lib.php index 16f91d4fa..cfa53a81f 100644 --- a/lib/get_data.lib.php +++ b/lib/get_data.lib.php @@ -329,7 +329,7 @@ function get_db_create_replace($sql_str){ function get_class_encrypt(){ static $cache; - if( $cache && is_object($obj) ){ + if( $cache && is_object($cache) ){ return $cache; } diff --git a/lib/uri.lib.php b/lib/uri.lib.php index 792c9ee3f..6221fc865 100644 --- a/lib/uri.lib.php +++ b/lib/uri.lib.php @@ -229,7 +229,8 @@ function exist_seo_url($type, $seo_title, $write_table, $sql_id=0){ global $g5; $exists_title = ''; - $sql_id = preg_replace('/[^a-z0-9_]/i', '', $sql_id); + $sql_id = preg_replace('/[^a-z0-9_\-]/i', '', $sql_id); + // 영카트 상품코드의 경우 - 하이픈이 들어가야 함 if( $type === 'bbs' ){ $sql = "select wr_seo_title FROM {$write_table} WHERE wr_seo_title = '".sql_real_escape_string($seo_title)."' AND wr_id <> '$sql_id' limit 1"; diff --git a/mobile/skin/member/basic/memo_view.skin.php b/mobile/skin/member/basic/memo_view.skin.php index e555125a9..17fee28de 100644 --- a/mobile/skin/member/basic/memo_view.skin.php +++ b/mobile/skin/member/basic/memo_view.skin.php @@ -39,7 +39,7 @@ add_stylesheet('',
  • 시간
  • 목록
    • -
  • 삭제
    • +
  • 삭제
    • diff --git a/plugin/social/Hybrid/Providers/Kakao.php b/plugin/social/Hybrid/Providers/Kakao.php index 1b1130768..24effe868 100644 --- a/plugin/social/Hybrid/Providers/Kakao.php +++ b/plugin/social/Hybrid/Providers/Kakao.php @@ -26,7 +26,7 @@ class Hybrid_Providers_Kakao extends Hybrid_Provider_Model_OAuth2 parent::initialize(); // Provider API end-points - $this->api->api_base_url = "https://kapi.kakao.com/v1/"; + $this->api->api_base_url = "https://kapi.kakao.com/v2/"; $this->api->authorize_url = "https://kauth.kakao.com/oauth/authorize"; $this->api->token_url = "https://kauth.kakao.com/oauth/token"; @@ -72,7 +72,8 @@ class Hybrid_Providers_Kakao extends Hybrid_Provider_Model_OAuth2 */ function getUserProfile() { - $params = array('property_keys'=>'kaccount_email'); + //$params = array('property_keys'=>'kaccount_email'); // v1 parameter + $params = array('property_keys'=>array('kakao_account.email')); // v2 parameter $this->api->decode_json = false; $this->api->curl_header = array( 'Authorization: Bearer ' . $this->api->access_token ); @@ -86,7 +87,9 @@ class Hybrid_Providers_Kakao extends Hybrid_Provider_Model_OAuth2 $this->user->profile->identifier = @ $data->id; $this->user->profile->displayName = @ $data->properties->nickname; $this->user->profile->photoURL = @ $data->properties->thumbnail_image; - $email = @ $data->kaccount_email; + //$email = @ $data->properties->kaccount_email; // v1 version + + $email = @ $data->kakao_account->email; // v2 version if( $email ){ $this->user->profile->email = $email; diff --git a/skin/member/basic/memo_view.skin.php b/skin/member/basic/memo_view.skin.php index e555125a9..17fee28de 100644 --- a/skin/member/basic/memo_view.skin.php +++ b/skin/member/basic/memo_view.skin.php @@ -39,7 +39,7 @@ add_stylesheet('',
  • 시간
  • 목록
    • -
  • 삭제
    • +
  • 삭제
    • diff --git a/skin/outlogin/basic/style.css b/skin/outlogin/basic/style.css index fed39d8da..f233abd23 100644 --- a/skin/outlogin/basic/style.css +++ b/skin/outlogin/basic/style.css @@ -8,6 +8,7 @@ .ol form {padding:20px} .ol a.btn_admin {display:inline-block;padding:0 10px;height:25px;text-decoration:none;line-height:25px;vertical-align:middle} /* 관리자 전용 버튼 */ .ol a.btn_admin:focus, .ol a.btn_admin:hover {text-decoration:none} +.ol .login-sns{padding-bottom:0px} #ol_before {} #ol_before:after {display:block;visibility:hidden;clear:both;content:""} diff --git a/skin/social/style.css b/skin/social/style.css index 155b5b532..d984ac9b9 100644 --- a/skin/social/style.css +++ b/skin/social/style.css @@ -7,7 +7,7 @@ .bg-warning3 {background:#fff8dc;border:1px solid #f1e4b2} /* SNS LOGIN */ -.login-sns {margin-top:5px;border:1px solid #dde7e9;border-bottom:1px solid #dde7e9;clear:both;background:#fff} +.login-sns {padding-bottom:10px;margin-top:5px;border:1px solid #dde7e9;border-bottom:1px solid #dde7e9;clear:both;background:#fff} .login-sns h3 {padding-top:10px;text-align:center;color:#777;font-weight:normal} .sns-wrap {margin:10px 0 0;text-align:center} .sns-icon {display:inline-block;vertical-align:middle;text-decoration:none} diff --git a/theme/basic/mobile/skin/member/basic/memo_view.skin.php b/theme/basic/mobile/skin/member/basic/memo_view.skin.php index e555125a9..17fee28de 100644 --- a/theme/basic/mobile/skin/member/basic/memo_view.skin.php +++ b/theme/basic/mobile/skin/member/basic/memo_view.skin.php @@ -39,7 +39,7 @@ add_stylesheet('',
  • 시간
  • 목록
    • -
  • 삭제
    • +
  • 삭제
    • diff --git a/theme/basic/skin/member/basic/memo_view.skin.php b/theme/basic/skin/member/basic/memo_view.skin.php index e555125a9..17fee28de 100644 --- a/theme/basic/skin/member/basic/memo_view.skin.php +++ b/theme/basic/skin/member/basic/memo_view.skin.php @@ -39,7 +39,7 @@ add_stylesheet('',
  • 시간
  • 목록
    • -
  • 삭제
    • +
  • 삭제
    • diff --git a/theme/basic/skin/outlogin/basic/style.css b/theme/basic/skin/outlogin/basic/style.css index fed39d8da..f233abd23 100644 --- a/theme/basic/skin/outlogin/basic/style.css +++ b/theme/basic/skin/outlogin/basic/style.css @@ -8,6 +8,7 @@ .ol form {padding:20px} .ol a.btn_admin {display:inline-block;padding:0 10px;height:25px;text-decoration:none;line-height:25px;vertical-align:middle} /* 관리자 전용 버튼 */ .ol a.btn_admin:focus, .ol a.btn_admin:hover {text-decoration:none} +.ol .login-sns{padding-bottom:0px} #ol_before {} #ol_before:after {display:block;visibility:hidden;clear:both;content:""}