firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

경로 수정 작업 중

Browse Source
This commit is contained in:
chicpro
2013-03-14 17:56:20 +09:00
parent 8ba59fe9b0
commit 1a60978568
1212 changed files with 39023 additions and 33180 deletions
Download Patch File Download Diff File Expand all files Collapse all files

347
adm/auth_list.php
View File

@ -1,20 +1,20 @@
<?
$sub_menu = "100200";
include_once("./_common.php");
include_once('./_common.php');
if ($is_admin != "super")
alert("최고관리자만 접근 가능합니다.");
if ($is_admin != 'super')
alert('최고관리자만 접근 가능합니다.');
$token = get_token();
$sql_common = " from $g4[auth_table] a left join $g4[member_table] b on (a.mb_id=b.mb_id) ";
$sql_common = " from {$g4['auth_table']} a left join {$g4['member_table']} b on (a.mb_id=b.mb_id) ";
$sql_search = " where (1) ";
if ($stx) {
$sql_search .= " and ( ";
switch ($sfl) {
default :
$sql_search .= " ($sfl like '%$stx%') ";
default :
$sql_search .= " ({$sfl} like '%{$stx}%') ";
break;
}
$sql_search .= " ) ";
@ -27,196 +27,209 @@ if (!$sst) {
$sql_order = " order by $sst $sod ";
$sql = " select count(*) as cnt
$sql_common
$sql_search
$sql_order ";
{$sql_common}
{$sql_search}
{$sql_order} ";
$row = sql_fetch($sql);
$total_count = $row[cnt];
$total_count = $row['cnt'];
$rows = $config[cf_page_rows];
$rows = $config['cf_page_rows'];
$total_page = ceil($total_count / $rows); // 전체 페이지 계산
if ($page == "") $page = 1; // 페이지가 없으면 첫 페이지 (1 페이지)
$from_record = ($page - 1) * $rows; // 시작 열을 구함
$sql = " select *
$sql_common
$sql_search
$sql_order
limit $from_record, $rows ";
$sql = " select *
{$sql_common}
{$sql_search}
{$sql_order}
limit {$from_record}, {$rows} ";
$result = sql_query($sql);
$listall = "<a href='$_SERVER[PHP_SELF]' class=tt>처음</a>";
$listall = '';
if ($sfl || $stx) // 검색렬일 때만 처음 버튼을 보여줌 : 지운아빠 2012-10-31
$listall = '<a href="'.$_SERVER['PHP_SELF'].'">전체목록</a>';
$g4[title] = "관리권한설정";
include_once("./admin.head.php");
$g4['title'] = "관리권한설정";
include_once('./admin.head.php');
$colspan = 5;
?>
<script type="text/javascript" src="<?=$g4[path]?>/js/sideview.js"></script>
<script type="text/javascript">
var list_update_php = "";
var list_delete_php = "auth_list_delete.php";
</script>
<table width=100%>
<form name=fsearch method=get>
<tr>
<td width=50% align=left>
<?=$listall?> (건수 : <?=number_format($total_count)?>)
</td>
<td width=50% align=right>
<select name=sfl class=cssfl>
<option value='a.mb_id'>회원아이디</option>
</select>
<input type=text name=stx class=ed required itemname='검색어' value='<?=$stx?>'>
<input type=image src='<?=$g4[admin_path]?>/img/btn_search.gif' align=absmiddle></td>
</tr>
<form name="fsearch" id="fsearch" method="get">
<input type="hidden" name="sfl" value="a.mb_id" id="sfl">
<fieldset>
<legend>관리권한 검색</legend>
<span>
<?=$listall?>
설정된 관리권한 <?=number_format($total_count)?>건
</span>
<strong id="msg_stx" class="msg_sound_only"></strong>
<input type="text" name="stx" value="<?=$stx?>" id="stx" title="회원아이디(필수)" required class="required frm_input">
<input type="submit" value="검색" id="fsearch_submit" class="btn_submit">
</fieldset>
</form>
</table>
<form name=fauthlist method=post>
<input type=hidden name=sst value='<?=$sst?>'>
<input type=hidden name=sod value='<?=$sod?>'>
<input type=hidden name=sfl value='<?=$sfl?>'>
<input type=hidden name=stx value='<?=$stx?>'>
<input type=hidden name=page value='<?=$page?>'>
<input type=hidden name=token value='<?=$token?>'>
<section class="cbox">
<h2>설정된 관리권한 내역</h2>
<p>권한 <strong>r</strong>은 읽기권한, <strong>w</strong>는 쓰기권한, <strong>d</strong>는 삭제권한입니다.</p>
<table width=100% cellpadding=0 cellspacing=0>
<colgroup width=30>
<colgroup width=120>
<colgroup width=150>
<colgroup width=''>
<colgroup width=100>
<tr><td colspan='<?=$colspan?>' class='line1'></td></tr>
<tr class='bgcol1 bold col1 ht center'>
<td><input type=checkbox name=chkall value='1' onclick='check_all(this.form)'></td>
<td><?=subject_sort_link('a.mb_id')?>회원아이디</a></td>
<td><?=subject_sort_link('mb_nick')?>별명</a></td>
<td>메뉴</td>
<td>권한</td>
</tr>
<tr><td colspan='<?=$colspan?>' class='line2'></td></tr>
<?
for ($i=0; $row=sql_fetch_array($result); $i++)
{
$mb_nick = get_sideview($row[mb_id], $row[mb_nick], $row[mb_email], $row[mb_homepage]);
// 메뉴번호가 바뀌는 경우에 현재 없는 저장된 메뉴는 삭제함
if (!isset($auth_menu[$row[au_menu]]))
<form name="fauthlist" id="fauthlist" method="post" action="./auth_list_delete.php">
<input type="hidden" name="sst" value="<?=$sst?>">
<input type="hidden" name="sod" value="<?=$sod?>">
<input type="hidden" name="sfl" value="<?=$sfl?>">
<input type="hidden" name="stx" value="<?=$stx?>">
<input type="hidden" name="page" value="<?=$page?>">
<input type="hidden" name="token" value="<?=$token?>">
<table>
<thead>
<tr>
<th scope="col"><input type="checkbox" name="chkall" value="1" id="chkall" title="현재 페이지 권한설정 내역 전체선택" onclick="check_all(this.form)"></th>
<th scope="col"><?=subject_sort_link('a.mb_id')?>회원아이디</a></th>
<th scope="col"><?=subject_sort_link('mb_nick')?>별명</a></th>
<th scope="col">메뉴</th>
<th scope="col">권한</th>
</tr>
</thead>
<tbody>
<?
for ($i=0; $row=sql_fetch_array($result); $i++)
{
sql_query(" delete from $g4[auth_table] where au_menu = '$row[au_menu]' ");
continue;
$mb_nick = get_sideview($row['mb_id'], $row['mb_nick'], $row['mb_email'], $row['mb_homepage']);
// 메뉴번호가 바뀌는 경우에 현재 없는 저장된 메뉴는 삭제함
if (!isset($auth_menu[$row['au_menu']]))
{
sql_query(" delete from {$g4['auth_table']} where au_menu = '{$row['au_menu']}' ");
continue;
}
$list = $i%2;
?>
<tr>
<td class="td_chk">
<input type="hidden" name="au_menu[<?=$i?>]" value="<?=$row['au_menu']?>">
<input type="hidden" name="mb_id[<?=$i?>]" value="<?=$row['mb_id']?>">
<input type="checkbox" name="chk[]" value="<?=$i?>" id="chk_<?=$i?>" title="<?=$row['mb_nick']?>님의 권한체크">
</td>
<td class="td_mbid"><a href="?sfl=a.mb_id&amp;stx=<?=$row['mb_id']?>"><?=$row['mb_id']?></a></td>
<td class="td_auth_mbnick"><?=$mb_nick?></td>
<td class="td_menu">
<?=$row['au_menu']?>
<?=$auth_menu[$row['au_menu']]?>
</td>
<td class="td_auth"><?=$row['au_auth']?></td>
</tr>
<?
}
$list = $i%2;
echo "
<input type=hidden name=mb_id[$i] value='$row[mb_id]'>
<input type=hidden name=au_menu[$i] value='$row[au_menu]'>
<tr class='list$list col1 ht center'>
<td><input type=checkbox name=chk[] value='$i'></td>
<td><a href='?sfl=a.mb_id&stx=$row[mb_id]'>$row[mb_id]</a></td>
<td>$mb_nick</td>
<td align=left>&nbsp; [$row[au_menu]] {$auth_menu[$row[au_menu]]}</td>
<td>$row[au_auth]</td>
</tr>";
}
if ($i==0)
echo '<tr><td colspan="'.$colspan.'" class="empty_table">자료가 없습니다.</td></tr>';
?>
</tbody>
</table>
if ($i==0)
echo "<tr><td colspan='$colspan' height=100 align=center bgcolor='#FFFFFF'>자료가 없습니다.</td></tr>";
<div class="btn_list">
<button onclick="btn_check(this.form, 'delete')">선택삭제</button>
</div>
echo "<tr><td colspan='$colspan' class='line2'></td></tr>";
echo "</table>";
<?
$pagelist = get_paging(G4_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, $_SERVER['PHP_SELF'].'?'.$qstr.'&amp;page=');
echo $pagelist;
?>
$pagelist = get_paging($config[cf_write_pages], $page, $total_page, "$_SERVER[PHP_SELF]?$qstr&page=");
echo "<table width=100% cellpadding=3 cellspacing=1>";
echo "<tr><td width=50%>";
echo "<input type=button class='btn1' value='선택삭제' onclick=\"btn_check(this.form, 'delete')\">";
echo "</td>";
echo "<td width=50% align=right>$pagelist</td></tr></table>\n";
<?
//if (isset($stx))
// echo '<script>document.fsearch.sfl.value = "'.$sfl.'";</script>'."\n";
if ($stx)
echo "<script type='text/javascript'>document.fsearch.sfl.value = '$sfl';</script>\n";
if (strstr($sfl, 'mb_id'))
$mb_id = $stx;
else
$mb_id = '';
?>
</form>
</section>
<form name="fauthlist2" id="fauthlist2" action="./auth_update.php" method="post" autocomplete="off">
<input type="hidden" name="sfl" value="<?=$sfl?>">
<input type="hidden" name="stx" value="<?=$stx?>">
<input type="hidden" name="sst" value="<?=$sst?>">
<input type="hidden" name="sod" value="<?=$sod?>">
<input type="hidden" name="page" value="<?=$page?>">
<input type="hidden" name="token" value="<?=$token?>">
<section id="add_admin" class="cbox">
<h2>관리권한 추가</h2>
<p>다음 양식에서 회원에게 관리권한을 부여하실 수 있습니다.</p>
<table class="frm_tbl">
<colgroup>
<col class="grid_3">
<col>
</colgroup>
<tbody>
<tr>
<th scope="row"><label for="mb_id">회원아이디<strong class="sound_only">필수</strong></label></th>
<td>
<strong id="msg_mb_id" class="msg_sound_only"></strong>
<input type="text" name="mb_id" value="<?=$mb_id?>" id="mb_id" title="회원아이디" required class="required frm_input">
</td>
</tr>
<tr>
<th scope="row"><label for="au_menu">접근가능메뉴<strong class="sound_only">필수</strong></label></th>
<td>
<select id="au_menu" name="au_menu" required class="required" title="접근가능메뉴">
<option value=''>선택하세요</option>
<?
foreach($auth_menu as $key=>$value)
{
if (!(substr($key, -3) == '000' || $key == '-' || !$key))
echo '<option value="'.$key.'">'.$key.' '.$value.'</option>';
}
?>
</select>
</td>
</tr>
<tr>
<th scope="row">권한지정</th>
<td>
<input type="checkbox" name="r" value="r" id="r" checked>
<label for="r">r (읽기)</label>
<input type="checkbox" name="w" value="w" id="w">
<label for="w">w (쓰기)</label>
<input type="checkbox" name="d" value="d" id="d">
<label for="d">d (삭제)</label>
</td>
</tr>
</tbody>
</table>
<fieldset id="admin_confirm">
<legend>XSS 혹은 CSRF 방지</legend>
<p>관리자 권한을 탈취당하는 경우를 대비하여 패스워드를 다시 한번 확인합니다.</p>
<label for="admin_password">관리자 패스워드</label>
<input type="password" name="admin_password" id="admin_password" required class="required frm_input">
</fieldset>
<div class="btn_confirm">
<input type="submit" value="완료" class="btn_submit">
</div>
</section>
if (strstr($sfl, "mb_id"))
$mb_id = $stx;
else
$mb_id = "";
?>
</form>
<script type='text/javascript'> document.fsearch.stx.focus(); </script>
<?$colspan=5?>
<p>
<form name=fauthlist2 method=post onsubmit="return fauthlist2_submit(this);" autocomplete="off">
<input type=hidden name=sfl value='<?=$sfl?>'>
<input type=hidden name=stx value='<?=$stx?>'>
<input type=hidden name=sst value='<?=$sst?>'>
<input type=hidden name=sod value='<?=$sod?>'>
<input type=hidden name=page value='<?=$page?>'>
<input type=hidden name=token value='<?=$token?>'>
<table width='100%' cellpadding=0 cellspacing=0>
<colgroup width=150>
<colgroup width=''>
<colgroup width=150>
<colgroup width=120>
<colgroup width=100>
<tr><td colspan='<?=$colspan?>' class='line1'></td></tr>
<tr class='bgcol1 bold col1 ht center'>
<td>회원아이디</td>
<td>접근가능메뉴</td>
<td>권한</td>
<td>관리자패스워드</td>
<td>입력</td>
</tr>
<tr><td colspan='<?=$colspan?>' class='line2'></td></tr>
<tr class='ht center'>
<td><input type=text class=ed name=mb_id required itemname='회원아이디' value='<?=$mb_id?>'></td>
<td>
<select name=au_menu required itemname='접근가능메뉴'>
<option value=''>-- 선택하세요
<?
foreach($auth_menu as $key=>$value)
{
if (!(substr($key, -3) == "000" || $key == "-" || !$key))
echo "<option value='$key'>[$key] $value";
<script>
$(function() {
$('#fauthlist').submit(function() {
if (!is_checked("chk[]")) {
alert("선택삭제 하실 항목을 하나 이상 선택하세요.");
return false;
}
?>
</select>
</td>
<td>
<table width=210 align=center>
<tr align=center>
<td width=33%><input type=checkbox name='r' value='r' checked></td>
<td width=33%><input type=checkbox name='w' value='w'></td>
<td width=33%><input type=checkbox name='d' value='d'></td>
</tr>
<tr align=center>
<td>r<br>(읽기)</td>
<td>w<br>(입력,수정)</td>
<td>d<br>(삭제)</td>
</tr>
</table></td>
<td><input type=password class=ed name=admin_password required itemname='관리자 패스워드'></td>
<td><input type=submit class=btn1 value=' 확 인 '></td>
</tr>
<tr><td colspan='<?=$colspan?>' class='line2'></td></tr>
</table>
</form>
<script type="text/javascript">
function fauthlist2_submit(f)
{
f.action = "./auth_update.php";
return true;
}
return true;
});
});
</script>
<?
include_once ("./admin.tail.php");
include_once ('./admin.tail.php');
?>