firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

관리자 따옴표 수정

Browse Source
This commit is contained in:
chicpro
2012-11-05 11:55:58 +09:00
parent 41b1e2d8db
commit 1e974943c9
16 changed files with 480 additions and 480 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
adm/member_delete.php
View File

@ -1,29 +1,29 @@
<?
$sub_menu = "200100";
include_once("./_common.php");
include_once('./_common.php');
check_demo();
auth_check($auth[$sub_menu], "d");
auth_check($auth[$sub_menu], 'd');
$mb = get_member($_POST['mb_id']);
if (!$mb[mb_id])
alert("회원자료가 존재하지 않습니다.");
else if ($member[mb_id] == $mb[mb_id])
alert("로그인 중인 관리자는 삭제 할 수 없습니다.");
else if (is_admin($mb[mb_id]) == "super")
alert("최고 관리자는 삭제할 수 없습니다.");
else if ($mb[mb_level] >= $member[mb_level])
alert("자신보다 권한이 높거나 같은 회원은 삭제할 수 없습니다.");
if (!$mb['mb_id'])
alert('회원자료가 존재하지 않습니다.');
else if ($member['mb_id'] == $mb['mb_id'])
alert('로그인 중인 관리자는 삭제 할 수 없습니다.');
else if (is_admin($mb['mb_id']) == 'super')
alert('최고 관리자는 삭제할 수 없습니다.');
else if ($mb['mb_level'] >= $member['mb_level'])
alert('자신보다 권한이 높거나 같은 회원은 삭제할 수 없습니다.');
check_token();
// 회원자료 삭제
member_delete($mb[mb_id]);
member_delete($mb['mb_id']);
if ($url)
goto_url("{$url}?$qstr&w=u&mb_id=$mb_id");
goto_url($url.'?'.$qstr'&w=u&mb_id='.$mb_id);
else
goto_url("./member_list.php?$qstr");
goto_url('./member_list.php?'.$qstr);
?>

186
adm/member_form.php
View File

@ -1,66 +1,66 @@
<?
$sub_menu = "200100";
include_once("./_common.php");
include_once('./_common.php');
auth_check($auth[$sub_menu], "w");
auth_check($auth[$sub_menu], 'w');
$token = get_token();
if ($w == "")
if ($w == '')
{
$required_mb_id = "required minlength=3 alphanumericunderline itemname='회원아이디'";
$required_mb_password = "required itemname='패스워드'";
$required_mb_id = 'required minlength=3 alphanumericunderline itemname="회원아이디"';
$required_mb_password = 'required itemname="패스워드"';
$mb[mb_mailling] = 1;
$mb[mb_open] = 1;
$mb[mb_level] = $config[cf_register_level];
$html_title = "등록";
$mb['mb_mailling'] = 1;
$mb['mb_open'] = 1;
$mb['mb_level'] = $config['cf_register_level'];
$html_title = '등록';
}
else if ($w == "u")
else if ($w == 'u')
{
$mb = get_member($mb_id);
if (!$mb[mb_id])
alert("존재하지 않는 회원자료입니다.");
if (!$mb['mb_id'])
alert('존재하지 않는 회원자료입니다.');
if ($is_admin != 'super' && $mb[mb_level] >= $member[mb_level])
alert("자신보다 권한이 높거나 같은 회원은 수정할 수 없습니다.");
if ($is_admin != 'super' && $mb['mb_level'] >= $member['mb_level'])
alert('자신보다 권한이 높거나 같은 회원은 수정할 수 없습니다.');
$required_mb_id = "readonly style='background-color:#dddddd;'";
$required_mb_password = "";
$html_title = "수정";
$required_mb_id = 'readonly style="background-color:#dddddd;"';
$required_mb_password = '';
$html_title = '수정';
$mb[mb_email] = get_text($mb[mb_email]);
$mb[mb_homepage] = get_text($mb[mb_homepage]);
$mb[mb_password_q] = get_text($mb[mb_password_q]);
$mb[mb_password_a] = get_text($mb[mb_password_a]);
$mb[mb_birth] = get_text($mb[mb_birth]);
$mb[mb_tel] = get_text($mb[mb_tel]);
$mb[mb_hp] = get_text($mb[mb_hp]);
$mb[mb_addr1] = get_text($mb[mb_addr1]);
$mb[mb_addr2] = get_text($mb[mb_addr2]);
$mb[mb_signature] = get_text($mb[mb_signature]);
$mb[mb_recommend] = get_text($mb[mb_recommend]);
$mb[mb_profile] = get_text($mb[mb_profile]);
$mb[mb_1] = get_text($mb[mb_1]);
$mb[mb_2] = get_text($mb[mb_2]);
$mb[mb_3] = get_text($mb[mb_3]);
$mb[mb_4] = get_text($mb[mb_4]);
$mb[mb_5] = get_text($mb[mb_5]);
$mb[mb_6] = get_text($mb[mb_6]);
$mb[mb_7] = get_text($mb[mb_7]);
$mb[mb_8] = get_text($mb[mb_8]);
$mb[mb_9] = get_text($mb[mb_9]);
$mb[mb_10] = get_text($mb[mb_10]);
}
else
alert("제대로 된 값이 넘어오지 않았습니다.");
$mb['mb_email'] = get_text($mb['mb_email']);
$mb['mb_homepage'] = get_text($mb['mb_homepage']);
$mb['mb_password_q'] = get_text($mb['mb_password_q']);
$mb['mb_password_a'] = get_text($mb['mb_password_a']);
$mb['mb_birth'] = get_text($mb['mb_birth']);
$mb['mb_tel'] = get_text($mb['mb_tel']);
$mb['mb_hp'] = get_text($mb['mb_hp']);
$mb['mb_addr1'] = get_text($mb['mb_addr1']);
$mb['mb_addr2'] = get_text($mb['mb_addr2']);
$mb['mb_signature'] = get_text($mb['mb_signature']);
$mb['mb_recommend'] = get_text($mb['mb_recommend']);
$mb['mb_profile'] = get_text($mb['mb_profile']);
$mb['mb_1'] = get_text($mb['mb_1']);
$mb['mb_2'] = get_text($mb['mb_2']);
$mb['mb_3'] = get_text($mb['mb_3']);
$mb['mb_4'] = get_text($mb['mb_4']);
$mb['mb_5'] = get_text($mb['mb_5']);
$mb['mb_6'] = get_text($mb['mb_6']);
$mb['mb_7'] = get_text($mb['mb_7']);
$mb['mb_8'] = get_text($mb['mb_8']);
$mb['mb_9'] = get_text($mb['mb_9']);
$mb['mb_10'] = get_text($mb['mb_10']);
}
else
alert('제대로 된 값이 넘어오지 않았습니다.');
if ($mb[mb_mailling]) $mailling_checked = "checked"; // 메일 수신
if ($mb[mb_sms]) $sms_checked = "checked"; // SMS 수신
if ($mb[mb_open]) $open_checked = "checked"; // 정보 공개
if ($mb['mb_mailling']) $mailling_checked = 'checked'; // 메일 수신
if ($mb['mb_sms']) $sms_checked = 'checked'; // SMS 수신
if ($mb['mb_open']) $open_checked = 'checked'; // 정보 공개
$g4[title] = "회원정보 " . $html_title;
include_once("./admin.head.php");
$g4['title'] = '회원정보 ' . $html_title;
include_once('./admin.head.php');
?>
<table width=100% align=center cellpadding=0 cellspacing=0>
@ -77,70 +77,70 @@ include_once("./admin.head.php");
<colgroup width=20% class='col1 pad1 bold right'>
<colgroup width=30% class='col2 pad2'>
<tr>
<td colspan=4 class=title align=left><img src='<?=$g4[admin_path]?>/img/icon_title.gif'> <?=$g4[title]?></td>
<td colspan=4 class=title align=left><img src='<?=$g4['admin_path']?>/img/icon_title.gif'> <?=$g4['title']?></td>
</tr>
<tr><td colspan=4 class=line1></td></tr>
<tr class='ht'>
<td>아이디</td>
<td>
<input type=text class=ed name='mb_id' size=20 maxlength=20 minlength=2 <?=$required_mb_id?> itemname='아이디' value='<? echo $mb[mb_id] ?>'>
<?if ($w=="u"){?><a href='./boardgroupmember_form.php?mb_id=<?=$mb[mb_id]?>'>접근가능그룹보기</a><?}?>
<input type=text class=ed name='mb_id' size=20 maxlength=20 minlength=2 <?=$required_mb_id?> itemname='아이디' value='<? echo $mb['mb_id'] ?>'>
<?if ($w=='u'){?><a href='./boardgroupmember_form.php?mb_id=<?=$mb['mb_id']?>'>접근가능그룹보기</a><?}?>
</td>
<td>패스워드</td>
<td><input type=password class=ed name='mb_password' size=20 maxlength=20 <?=$required_mb_password?> itemname='암호'></td>
</tr>
<tr class='ht'>
<td>이름(실명)</td>
<td><input type=text class=ed name='mb_name' maxlength=20 minlength=2 required itemname='이름(실명)' value='<? echo $mb[mb_name] ?>'></td>
<td><input type=text class=ed name='mb_name' maxlength=20 minlength=2 required itemname='이름(실명)' value='<? echo $mb['mb_name'] ?>'></td>
<td>별명</td>
<td><input type=text class=ed name='mb_nick' maxlength=20 minlength=2 required itemname='별명' value='<? echo $mb[mb_nick] ?>'></td>
<td><input type=text class=ed name='mb_nick' maxlength=20 minlength=2 required itemname='별명' value='<? echo $mb['mb_nick'] ?>'></td>
</tr>
<tr class='ht'>
<td>회원 권한</td>
<td><?=get_member_level_select("mb_level", 1, $member[mb_level], $mb[mb_level])?></td>
<td><?=get_member_level_select('mb_level', 1, $member['mb_level'], $mb['mb_level'])?></td>
<td>포인트</td>
<td><a href='./point_list.php?sfl=mb_id&stx=<?=$mb[mb_id]?>' class='bold'><?=number_format($mb[mb_point])?></a> 점</td>
<td><a href='./point_list.php?sfl=mb_id&stx=<?=$mb['mb_id']?>' class='bold'><?=number_format($mb['mb_point'])?></a> 점</td>
</tr>
<tr class='ht'>
<td>E-mail</td>
<td><input type=text class=ed name='mb_email' size=40 maxlength=100 required email itemname='e-mail' value='<? echo $mb[mb_email] ?>'></td>
<td><input type=text class=ed name='mb_email' size=40 maxlength=100 required email itemname='e-mail' value='<? echo $mb['mb_email'] ?>'></td>
<td>홈페이지</td>
<td><input type=text class=ed name='mb_homepage' size=40 maxlength=255 itemname='홈페이지' value='<? echo $mb[mb_homepage] ?>'></td>
<td><input type=text class=ed name='mb_homepage' size=40 maxlength=255 itemname='홈페이지' value='<? echo $mb['mb_homepage'] ?>'></td>
</tr>
<tr class='ht'>
<td>전화번호</td>
<td><input type=text class=ed name='mb_tel' maxlength=20 itemname='전화번호' value='<? echo $mb[mb_tel] ?>'></td>
<td><input type=text class=ed name='mb_tel' maxlength=20 itemname='전화번호' value='<? echo $mb['mb_tel'] ?>'></td>
<td>핸드폰번호</td>
<td><input type=text class=ed name='mb_hp' maxlength=20 itemname='핸드폰번호' value='<? echo $mb[mb_hp] ?>'></td>
<td><input type=text class=ed name='mb_hp' maxlength=20 itemname='핸드폰번호' value='<? echo $mb['mb_hp'] ?>'></td>
</tr>
<tr class='ht'>
<td>주소</td>
<td>
<input type=text class=ed name='mb_zip1' size=4 maxlength=3 readonly itemname='우편번호 앞자리' value='<? echo $mb[mb_zip1] ?>'> -
<input type=text class=ed name='mb_zip2' size=4 maxlength=3 readonly itemname='우편번호 뒷자리' value='<? echo $mb[mb_zip2] ?>'>
<a href="javascript:;" onclick="win_zip('fmember', 'mb_zip1', 'mb_zip2', 'mb_addr1', 'mb_addr2');"><img src='<?=$g4[bbs_img_path]?>/btn_zip.gif' align=absmiddle border=0></a>
<br><input type=text class=ed name='mb_addr1' size=40 readonly value='<? echo $mb[mb_addr1] ?>'>
<br><input type=text class=ed name='mb_addr2' size=25 itemname='상세주소' value='<? echo $mb[mb_addr2] ?>'> 상세주소 입력</td>
<input type=text class=ed name='mb_zip1' size=4 maxlength=3 readonly itemname='우편번호 앞자리' value='<? echo $mb['mb_zip1'] ?>'> -
<input type=text class=ed name='mb_zip2' size=4 maxlength=3 readonly itemname='우편번호 뒷자리' value='<? echo $mb['mb_zip2'] ?>'>
<a href="javascript:;" onclick="win_zip('fmember', 'mb_zip1', 'mb_zip2', 'mb_addr1', 'mb_addr2');"><img src='<?=$g4['bbs_img_path']?>/btn_zip.gif' align=absmiddle border=0></a>
<br><input type=text class=ed name='mb_addr1' size=40 readonly value='<? echo $mb['mb_addr1'] ?>'>
<br><input type=text class=ed name='mb_addr2' size=25 itemname='상세주소' value='<? echo $mb['mb_addr2'] ?>'> 상세주소 입력</td>
<td>회원아이콘</td>
<td colspan=3>
<input type=file name='mb_icon' class=ed><br>이미지 크기는 <?=$config[cf_member_icon_width]?>x<?=$config[cf_member_icon_height]?>으로 해주세요.
<input type=file name='mb_icon' class=ed><br>이미지 크기는 <?=$config['cf_member_icon_width']?>x<?=$config['cf_member_icon_height']?>으로 해주세요.
<?
$mb_dir = substr($mb[mb_id],0,2);
$icon_file = "$g4[path]/data/member/$mb_dir/$mb[mb_id].gif";
$mb_dir = substr($mb['mb_id'],0,2);
$icon_file = $g4['path'].'/data/member/'.$mb_dir.'/'.$mb['mb_id'].'.gif';
if (file_exists($icon_file)) {
echo "<br><img src='$icon_file' align=absmiddle>";
echo " <input type=checkbox name='del_mb_icon' value='1' class='csscheck'>삭제";
}
echo '<br><img src="'.$icon_file.'" align=absmiddle>';
echo ' <input type=checkbox name="del_mb_icon" value="1" class="csscheck">삭제';
}
?>
</td>
</tr>
<tr class='ht'>
<td>생년월일</td>
<td><input type=text class=ed name=mb_birth size=9 maxlength=8 value='<? echo $mb[mb_birth] ?>'></td>
<td><input type=text class=ed name=mb_birth size=9 maxlength=8 value='<? echo $mb['mb_birth'] ?>'></td>
<td>남녀</td>
<td>
<select name=mb_sex><option value=''>----<option value='F'>여자<option value='M'>남자</select>
<script type="text/javascript"> document.fmember.mb_sex.value = "<?=$mb[mb_sex]?>"; </script></td>
<script type="text/javascript"> document.fmember.mb_sex.value = "<?=$mb['mb_sex']?>"; </script></td>
</tr>
<tr class='ht'>
<td>메일 수신</td>
@ -154,30 +154,30 @@ include_once("./admin.head.php");
</tr>
<tr class='ht'>
<td>서명</td>
<td><textarea class=ed name=mb_signature rows=5 style='width:99%; word-break:break-all;'><? echo $mb[mb_signature] ?></textarea></td>
<td><textarea class=ed name=mb_signature rows=5 style='width:99%; word-break:break-all;'><? echo $mb['mb_signature'] ?></textarea></td>
<td>자기 소개</td>
<td><textarea class=ed name=mb_profile rows=5 style='width:99%; word-break:break-all;'><? echo $mb[mb_profile] ?></textarea></td>
<td><textarea class=ed name=mb_profile rows=5 style='width:99%; word-break:break-all;'><? echo $mb['mb_profile'] ?></textarea></td>
</tr>
<tr class='ht'>
<td>메모</td>
<td colspan=3><textarea class=ed name=mb_memo rows=5 style='width:99%; word-break:break-all;'><? echo $mb[mb_memo] ?></textarea></td>
<td colspan=3><textarea class=ed name=mb_memo rows=5 style='width:99%; word-break:break-all;'><? echo $mb['mb_memo'] ?></textarea></td>
</tr>
<? if ($w == "u") { ?>
<? if ($w == 'u') { ?>
<tr class='ht'>
<td>회원가입일</td>
<td><?=$mb[mb_datetime]?></td>
<td><?=$mb['mb_datetime']?></td>
<td>최근접속일</td>
<td><?=$mb[mb_today_login]?></td>
<td><?=$mb['mb_today_login']?></td>
</tr>
<tr class='ht'>
<td>IP</td>
<td><?=$mb[mb_ip]?></td>
<? if ($config[cf_use_email_certify]) { ?>
<td><?=$mb['mb_ip']?></td>
<? if ($config['cf_use_email_certify']) { ?>
<td>인증일시</td>
<td><?=$mb[mb_email_certify]?>
<? if ($mb[mb_email_certify] == "0000-00-00 00:00:00") { echo "<input type=checkbox name=passive_certify>수동인증"; } ?></td>
<td><?=$mb['mb_email_certify']?>
<? if ($mb['mb_email_certify'] == '0000-00-00 00:00:00') { echo '<input type=checkbox name=passive_certify>수동인증'; } ?></td>
<? } else { ?>
<td></td>
<td></td>
@ -186,18 +186,18 @@ include_once("./admin.head.php");
</tr>
<? } ?>
<? if ($config[cf_use_recommend]) { // 추천인 사용 ?>
<? if ($config['cf_use_recommend']) { // 추천인 사용 ?>
<tr class='ht'>
<td>추천인</td>
<td colspan=3><?=($mb[mb_recommend] ? get_text($mb[mb_recommend]) : "없음"); // 081022 : CSRF 보안 결함으로 인한 코드 수정 ?></td>
<td colspan=3><?=($mb['mb_recommend'] ? get_text($mb['mb_recommend']) : '없음'); // 081022 : CSRF 보안 결함으로 인한 코드 수정 ?></td>
</tr>
<? } ?>
<tr class='ht'>
<td>탈퇴일자</td>
<td><input type=text class=ed name=mb_leave_date size=9 maxlength=8 value='<? echo $mb[mb_leave_date] ?>'></td>
<td><input type=text class=ed name=mb_leave_date size=9 maxlength=8 value='<? echo $mb['mb_leave_date'] ?>'></td>
<td>접근차단일자</td>
<td><input type=text class=ed name=mb_intercept_date size=9 maxlength=8 value='<? echo $mb[mb_intercept_date] ?>'> <input type=checkbox value='<? echo date("Ymd"); ?>' onclick='if (this.form.mb_intercept_date.value==this.form.mb_intercept_date.defaultValue) { this.form.mb_intercept_date.value=this.value; } else { this.form.mb_intercept_date.value=this.form.mb_intercept_date.defaultValue; } '>오늘</td>
<td><input type=text class=ed name=mb_intercept_date size=9 maxlength=8 value='<? echo $mb['mb_intercept_date'] ?>'> <input type=checkbox value='<? echo date("Ymd"); ?>' onclick='if (this.form.mb_intercept_date.value==this.form.mb_intercept_date.defaultValue) { this.form.mb_intercept_date.value=this.value; } else { this.form.mb_intercept_date.value=this.form.mb_intercept_date.defaultValue; } '>오늘</td>
</tr>
<? for ($i=1; $i<=10; $i=$i+2) { $k=$i+1; ?>
@ -211,7 +211,7 @@ include_once("./admin.head.php");
<tr class='ht'>
<td colspan=4 align=left>
<?=subtitle("XSS / CSRF 방지")?>
<?//=subtitle("XSS / CSRF 방지")?>
</td>
</tr>
<tr><td colspan=4 class=line1></td></tr>
@ -221,7 +221,7 @@ include_once("./admin.head.php");
</td>
<td colspan=3>
<input class='ed' type='password' name='admin_password' itemname="관리자 패스워드" required>
<?=help("관리자 권한을 빼앗길 것에 대비하여 로그인한 관리자의 패스워드를 한번 더 묻는것 입니다.");?>
<?=help('관리자 권한을 빼앗길 것에 대비하여 로그인한 관리자의 패스워드를 한번 더 묻는것 입니다.');?>
</td>
</tr>
<tr><td colspan=4 class=line2></td></tr>
@ -230,9 +230,9 @@ include_once("./admin.head.php");
<p align=center>
<input type=submit class=btn1 accesskey='s' value=' 확 인 '>&nbsp;
<input type=button class=btn1 value=' 목 록 ' onclick="document.location.href='./member_list.php?<?=$qstr?>';">&nbsp;
<? if ($w != '') { ?>
<input type=button class=btn1 value=' 삭 제 ' onclick="del('./member_delete.php?<?=$qstr?>&w=d&mb_id=<?=$mb[mb_id]?>&url=<?=$_SERVER[PHP_SELF]?>');">&nbsp;
<input type=button class=btn1 value=' 삭 제 ' onclick="del('./member_delete.php?<?=$qstr?>&w=d&mb_id=<?=$mb['mb_id']?>&url=<?=$_SERVER['PHP_SELF']?>');">&nbsp;
<? } ?>
</form>
@ -242,8 +242,8 @@ if (document.fmember.w.value == "")
else if (document.fmember.w.value == "u")
document.fmember.mb_password.focus();
if (typeof(document.fmember.mb_level) != "undefined")
document.fmember.mb_level.value = "<?=$mb[mb_level]?>";
if (typeof(document.fmember.mb_level) != "undefined")
document.fmember.mb_level.value = "<?=$mb['mb_level']?>";
function fmember_submit(f)
{
@ -258,5 +258,5 @@ function fmember_submit(f)
</script>
<?
include_once("./admin.tail.php");
include_once('./admin.tail.php');
?>

128
adm/member_form_update.php
View File

@ -1,103 +1,103 @@
<?
$sub_menu = "200100";
include_once("./_common.php");
include_once('./_common.php');
if ($w == 'u')
check_demo();
auth_check($auth[$sub_menu], "w");
auth_check($auth[$sub_menu], 'w');
check_token();
if ($member[mb_password] != sql_password($_POST['admin_password'])) {
alert("패스워드가 다릅니다.");
if ($member['mb_password'] != sql_password($_POST['admin_password'])) {
alert('패스워드가 다릅니다.');
}
$mb_id = mysql_real_escape_string(trim($_POST['mb_id']));
$sql_common = " mb_name = '$_POST[mb_name]',
mb_nick = '$_POST[mb_nick]',
mb_email = '$_POST[mb_email]',
mb_homepage = '$_POST[mb_homepage]',
mb_tel = '$_POST[mb_tel]',
mb_hp = '$_POST[mb_hp]',
mb_zip1 = '$_POST[mb_zip1]',
mb_zip2 = '$_POST[mb_zip2]',
mb_addr1 = '$_POST[mb_addr1]',
mb_addr2 = '$_POST[mb_addr2]',
mb_birth = '$_POST[mb_birth]',
mb_sex = '$_POST[mb_sex]',
mb_signature = '$_POST[mb_signature]',
mb_leave_date = '$_POST[mb_leave_date]',
mb_intercept_date='$_POST[mb_intercept_date]',
mb_memo = '$_POST[mb_memo]',
mb_mailling = '$_POST[mb_mailling]',
mb_sms = '$_POST[mb_sms]',
mb_open = '$_POST[mb_open]',
mb_profile = '$_POST[mb_profile]',
mb_level = '$_POST[mb_level]',
mb_1 = '$_POST[mb_1]',
mb_2 = '$_POST[mb_2]',
mb_3 = '$_POST[mb_3]',
mb_4 = '$_POST[mb_4]',
mb_5 = '$_POST[mb_5]',
mb_6 = '$_POST[mb_6]',
mb_7 = '$_POST[mb_7]',
mb_8 = '$_POST[mb_8]',
mb_9 = '$_POST[mb_9]',
mb_10 = '$_POST[mb_10]' ";
$sql_common = " mb_name = '{$_POST['mb_name']}',
mb_nick = '{$_POST['mb_nick']}',
mb_email = '{$_POST['mb_email']}',
mb_homepage = '{$_POST['mb_homepage']}',
mb_tel = '{$_POST['mb_tel']}',
mb_hp = '{$_POST['mb_hp']}',
mb_zip1 = '{$_POST['mb_zip1']}',
mb_zip2 = '{$_POST['mb_zip2']}',
mb_addr1 = '{$_POST['mb_addr1']}',
mb_addr2 = '{$_POST['mb_addr2']}',
mb_birth = '{$_POST['mb_birth']}',
mb_sex = '{$_POST['mb_sex']}',
mb_signature = '{$_POST['mb_signature']}',
mb_leave_date = '{$_POST['mb_leave_date']}',
mb_intercept_date='{$_POST['mb_intercept_date']}',
mb_memo = '{$_POST['mb_memo']}',
mb_mailling = '{$_POST['mb_mailling']}',
mb_sms = '{$_POST['mb_sms']}',
mb_open = '{$_POST['mb_open']}',
mb_profile = '{$_POST['mb_profile']}',
mb_level = '{$_POST['mb_level']}',
mb_1 = '{$_POST['mb_1']}',
mb_2 = '{$_POST['mb_2']}',
mb_3 = '{$_POST['mb_3']}',
mb_4 = '{$_POST['mb_4']}',
mb_5 = '{$_POST['mb_5']}',
mb_6 = '{$_POST['mb_6']}',
mb_7 = '{$_POST['mb_7']}',
mb_8 = '{$_POST['mb_8']}',
mb_9 = '{$_POST['mb_9']}',
mb_10 = '{$_POST['mb_10']}' ";
if ($w == "")
if ($w == '')
{
$mb = get_member($mb_id);
if ($mb[mb_id])
alert("이미 존재하는 회원입니다.\\n\\n : $mb[mb_id]\\n\\n이름 : $mb[mb_name]\\n\\n별명 : $mb[mb_nick]\\n\\n메일 : $mb[mb_email]");
if ($mb['mb_id'])
alert('이미 존재하는 회원입니다.\\n\\n : '.$mb['mb_id'].'\\n\\n이름 : '.$mb['mb_name']'.\\n\\n별명 : '.$mb['mb_nick'].'\\n\\n메일 : '.$mb['mb_email']);
if ($mb[mb_nick] == $mb_nick)
alert("이미 존재하는 별명입니다.\\n\\n : $mb[mb_id]\\n\\n이름 : $mb[mb_name]\\n\\n별명 : $mb[mb_nick]\\n\\n메일 : $mb[mb_email]");
if ($mb['mb_nick'] == $mb_nick)
alert('이미 존재하는 별명입니다.\\n\\n : '.$mb['mb_id']'.\\n\\n이름 : '.$mb['mb_name'].'\\n\\n별명 : '.$mb['mb_nick'].'\\n\\n메일 : '.$mb['mb_email']);
if ($mb[mb_email] == $mb_email)
alert("이미 존재하는 E-mail 입니다.\\n\\n : $mb[mb_id]\\n\\n이름 : $mb[mb_name]\\n\\n별명 : $mb[mb_nick]\\n\\n메일 : $mb[mb_email]");
if ($mb['mb_email'] == $mb_email)
alert('이미 존재하는 E-mail 입니다.\\n\\n : '.$mb['mb_id'].'\\n\\n이름 : '.$mb['mb_name'].'\\n\\n별명 : '.$mb['mb_nick'].'\\n\\n메일 : '.$mb['mb_email']);
sql_query(" insert into $g4[member_table] set mb_id = '$mb_id', mb_password = '".sql_password($mb_password)."', mb_datetime = '$g4[time_ymdhis]', mb_ip = '$_SERVER[REMOTE_ADDR]', mb_email_certify = '$g4[time_ymdhis]', $sql_common ");
sql_query(" insert into {$g4['member_table']} set mb_id = '$mb_id', mb_password = '".sql_password($mb_password)."', mb_datetime = '{$g4['time_ymdhis']}', mb_ip = '{$_SERVER['REMOTE_ADDR']}', mb_email_certify = '{$g4['time_ymdhis']}', $sql_common ");
}
else if ($w == "u")
else if ($w == 'u')
{
$mb = get_member($mb_id);
if (!$mb[mb_id])
alert("존재하지 않는 회원자료입니다.");
if (!$mb['mb_id'])
alert('존재하지 않는 회원자료입니다.');
if ($is_admin != "super" && $mb[mb_level] >= $member[mb_level])
alert("자신보다 권한이 높거나 같은 회원은 수정할 수 없습니다.");
if ($is_admin != 'super' && $mb['mb_level'] >= $member['mb_level'])
alert('자신보다 권한이 높거나 같은 회원은 수정할 수 없습니다.');
if ($_POST[mb_id] == $member[mb_id] && $_POST[mb_level] != $mb[mb_level])
alert("$mb[mb_id] : 로그인 중인 관리자 레벨은 수정 할 수 없습니다.");
if ($_POST['mb_id'] == $member['mb_id'] && $_POST['mb_level'] != $mb['mb_level'])
alert($mb['mb_id'].' : 로그인 중인 관리자 레벨은 수정 할 수 없습니다.');
$mb_dir = substr($mb_id,0,2);
// 회원 아이콘 삭제
if ($del_mb_icon)
@unlink("$g4[path]/data/member/$mb_dir/$mb_id.gif");
@unlink($g4['path'].'/data/member/'.$mb_dir.'/'.$mb_id.'.gif');
// 아이콘 업로드
if (is_uploaded_file($_FILES[mb_icon][tmp_name])) {
if (!preg_match("/(\.gif)$/i", $_FILES[mb_icon][name])) {
alert($_FILES[mb_icon][name] . '은(는) gif 파일이 아닙니다.');
if (is_uploaded_file($_FILES['mb_icon']['tmp_name'])) {
if (!preg_match("/(\.gif)$/i", $_FILES['mb_icon']['name'])) {
alert($_FILES['mb_icon']['name'] . '은(는) gif 파일이 아닙니다.');
}
if (preg_match("/(\.gif)$/i", $_FILES[mb_icon][name])) {
@mkdir("$g4[path]/data/member/$mb_dir", 0707);
@chmod("$g4[path]/data/member/$mb_dir", 0707);
if (preg_match("/(\.gif)$/i", $_FILES['mb_icon']['name'])) {
@mkdir($g4['path'].'/data/member/'.$mb_dir, 0707);
@chmod($g4['path'].'/data/member/'.$mb_dir, 0707);
$dest_path = "$g4[path]/data/member/$mb_dir/$mb_id.gif";
$dest_path = $g4['path'].'/data/member/'.$mb_dir.'/'.$mb_id.'.gif';
move_uploaded_file($_FILES[mb_icon][tmp_name], $dest_path);
move_uploaded_file($_FILES['mb_icon']['tmp_name'], $dest_path);
chmod($dest_path, 0606);
if (file_exists($dest_path)) {
$size = getimagesize($dest_path);
// 아이콘의 폭 또는 높이가 설정값 보다 크다면 이미 업로드 된 아이콘 삭제
if ($size[0] > $config[cf_member_icon_width] || $size[1] > $config[cf_member_icon_height]) {
if ($size[0] > $config['cf_member_icon_width'] || $size[1] > $config['cf_member_icon_height']) {
@unlink($dest_path);
}
}
@ -110,11 +110,11 @@ else if ($w == "u")
$sql_password = "";
if ($passive_certify)
$sql_certify = " , mb_email_certify = '$g4[time_ymdhis]' ";
$sql_certify = " , mb_email_certify = '{$g4['time_ymdhis']}' ";
else
$sql_certify = "";
$sql = " update $g4[member_table]
$sql = " update {$g4['member_table']}
set $sql_common
$sql_password
$sql_certify
@ -122,7 +122,7 @@ else if ($w == "u")
sql_query($sql);
}
else
alert("제대로 된 값이 넘어오지 않았습니다.");
alert('제대로 된 값이 넘어오지 않았습니다.');
goto_url("./member_form.php?$qstr&w=u&mb_id=$mb_id", false);
goto_url('./member_form.php?'.$qstr.'&w=u&mb_id='.$mb_id, false);
?>

112
adm/member_list.php
View File

@ -1,12 +1,12 @@
<?
$sub_menu = "200100";
include_once("./_common.php");
include_once('./_common.php');
auth_check($auth[$sub_menu], "r");
auth_check($auth[$sub_menu], 'r');
$token = get_token();
$sql_common = " from $g4[member_table] ";
$sql_common = " from {$g4['member_table']} ";
$sql_search = " where (1) ";
if ($stx) {
@ -30,8 +30,8 @@ if ($stx) {
}
//if ($is_admin == 'group') $sql_search .= " and mb_level = '$member[mb_level]' ";
if ($is_admin != 'super')
$sql_search .= " and mb_level <= '$member[mb_level]' ";
if ($is_admin != 'super')
$sql_search .= " and mb_level <= '{$member['mb_level']}' ";
if (!$sst) {
$sst = "mb_datetime";
@ -45,9 +45,9 @@ $sql = " select count(*) as cnt
$sql_search
$sql_order ";
$row = sql_fetch($sql);
$total_count = $row[cnt];
$total_count = $row['cnt'];
$rows = $config[cf_page_rows];
$rows = $config['cf_page_rows'];
$total_page = ceil($total_count / $rows); // 전체 페이지 계산
if (!$page) $page = 1; // 페이지가 없으면 첫 페이지 (1 페이지)
$from_record = ($page - 1) * $rows; // 시작 열을 구함
@ -59,7 +59,7 @@ $sql = " select count(*) as cnt
and mb_leave_date <> ''
$sql_order ";
$row = sql_fetch($sql);
$leave_count = $row[cnt];
$leave_count = $row['cnt'];
// 차단회원수
$sql = " select count(*) as cnt
@ -68,12 +68,12 @@ $sql = " select count(*) as cnt
and mb_intercept_date <> ''
$sql_order ";
$row = sql_fetch($sql);
$intercept_count = $row[cnt];
$intercept_count = $row['cnt'];
$listall = "<a href='$_SERVER[PHP_SELF]' class=tt>처음</a>";
$listall = '<a href="'.$_SERVER['PHP_SELF'].'" class=tt>처음</a>';
$g4[title] = "회원관리";
include_once("./admin.head.php");
$g4['title'] = '회원관리';
include_once('./admin.head.php');
$sql = " select *
$sql_common
@ -85,18 +85,18 @@ $result = sql_query($sql);
$colspan = 15;
?>
<script type="text/javascript" src="<?=$g4[path]?>/js/sideview.js"></script>
<script type="text/javascript" src="<?=$g4['path']?>/js/sideview.js"></script>
<script type="text/javascript">
var list_update_php = "member_list_update.php";
var list_delete_php = "member_list_delete.php";
var list_update_php = 'member_list_update.php';
var list_delete_php = 'member_list_delete.php';
</script>
<table width=100%>
<form name=fsearch method=get>
<tr>
<td width=50% align=left><?=$listall?>
(총회원수 : <?=number_format($total_count)?>,
<a href='?sst=mb_intercept_date&sod=desc&sfl=<?=$sfl?>&stx=<?=$stx?>' title='차단된 회원부터 출력'><font color=orange>차단 : <?=number_format($intercept_count)?></font></a>,
<td width=50% align=left><?=$listall?>
(총회원수 : <?=number_format($total_count)?>,
<a href='?sst=mb_intercept_date&sod=desc&sfl=<?=$sfl?>&stx=<?=$stx?>' title='차단된 회원부터 출력'><font color=orange>차단 : <?=number_format($intercept_count)?></font></a>,
<a href='?sst=mb_leave_date&sod=desc&sfl=<?=$sfl?>&stx=<?=$stx?>' title='탈퇴한 회원부터 출력'><font color=crimson>탈퇴 : <?=number_format($leave_count)?></font></a>)
</td>
<td width=50% align=right>
@ -114,7 +114,7 @@ var list_delete_php = "member_list_delete.php";
<option value='mb_recommend'>추천인</option>
</select>
<input type=text name=stx class=ed required itemname='검색어' value='<? echo $stx ?>'>
<input type=image src='<?=$g4[admin_path]?>/img/btn_search.gif' align=absmiddle></td>
<input type=image src='<?=$g4['admin_path']?>/img/btn_search.gif' align=absmiddle></td>
</tr>
</form>
</table>
@ -156,59 +156,59 @@ var list_delete_php = "member_list_delete.php";
<td><?=subject_sort_link('mb_email_certify', '', 'desc')?>인증</a></td>
<td><?=subject_sort_link('mb_intercept_date', '', 'desc')?>차단</a></td>
<td title='접근가능한 그룹수'>그룹</td>
<td><a href="./member_form.php"><img src='<?=$g4[admin_path]?>/img/icon_insert.gif' border=0 title='추가'></a></td>
<td><a href="./member_form.php"><img src='<?=$g4['admin_path']?>/img/icon_insert.gif' border=0 title='추가'></a></td>
</tr>
<tr><td colspan='<?=$colspan?>' class='line2'></td></tr>
<?
for ($i=0; $row=sql_fetch_array($result); $i++) {
// 접근가능한 그룹수
$sql2 = " select count(*) as cnt from $g4[group_member_table] where mb_id = '$row[mb_id]' ";
$sql2 = " select count(*) as cnt from {$g4['group_member_table']} where mb_id = '{$row['mb_id']}' ";
$row2 = sql_fetch($sql2);
$group = "";
if ($row2[cnt])
$group = "<a href='./boardgroupmember_form.php?mb_id=$row[mb_id]'>$row2[cnt]</a>";
$group = '';
if ($row2['cnt'])
$group = '<a href="./boardgroupmember_form.php?mb_id='.$row['mb_id'].'">'.$row2['cnt'].'</a>';
if ($is_admin == 'group')
if ($is_admin == 'group')
{
$s_mod = "";
$s_del = "";
}
else
{
$s_mod = "<a href=\"./member_form.php?$qstr&w=u&mb_id=$row[mb_id]\"><img src='img/icon_modify.gif' border=0 title='수정'></a>";
//$s_del = "<a href=\"javascript:del('./member_delete.php?$qstr&w=d&mb_id=$row[mb_id]');\"><img src='img/icon_delete.gif' border=0 title='삭제'></a>";
$s_del = "<a href=\"javascript:post_delete('member_delete.php', '$row[mb_id]');\"><img src='img/icon_delete.gif' border=0 title='삭제'></a>";
$s_mod = '';
$s_del = '';
}
$s_grp = "<a href='./boardgroupmember_form.php?mb_id=$row[mb_id]'><img src='img/icon_group.gif' border=0 title='그룹'></a>";
else
{
$s_mod = '<a href="./member_form.php?'.$qstr.'&amp;w=u&mb_id='.$row['mb_id'].'"><img src="img/icon_modify.gif" border=0 title="수정"></a>';
//$s_del = "<a href=\"javascript:del('./member_delete.php?$qstr&w=d&mb_id=$row[mb_id]');\"><img src='img/icon_delete.gif' border=0 title='삭제'></a>";
$s_del = '<a href="javascript:post_delete(\"member_delete.php\", \"'.$row['mb_id'].'\");"><img src="img/icon_delete.gif" border=0 title="삭제"></a>';
}
$s_grp = '<a href="./boardgroupmember_form.php?mb_id='.$row['mb_id'].'"><img src="img/icon_group.gif" border=0 title="그룹"></a>';
$leave_date = $row[mb_leave_date] ? $row[mb_leave_date] : date("Ymd", $g4[server_time]);
$intercept_date = $row[mb_intercept_date] ? $row[mb_intercept_date] : date("Ymd", $g4[server_time]);
$leave_date = $row['mb_leave_date'] ? $row['mb_leave_date'] : date("Ymd", $g4['server_time']);
$intercept_date = $row['mb_intercept_date'] ? $row['mb_intercept_date'] : date("Ymd", $g4['server_time']);
$mb_nick = get_sideview($row[mb_id], $row[mb_nick], $row[mb_email], $row[mb_homepage]);
$mb_nick = get_sideview($row['mb_id'], $row['mb_nick'], $row['mb_email'], $row['mb_homepage']);
$mb_id = $row[mb_id];
if ($row[mb_leave_date])
$mb_id = "<font color=crimson>$mb_id</font>";
else if ($row[mb_intercept_date])
$mb_id = "<font color=orange>$mb_id</font>";
$mb_id = $row['mb_id'];
if ($row['mb_leave_date'])
$mb_id = '<font color=crimson>'.$mb_id.'</font>';
else if ($row['mb_intercept_date'])
$mb_id = '<font color=orange>'.$mb_id.'</font>';
$list = $i%2;
echo "
<input type=hidden name=mb_id[$i] value='$row[mb_id]'>
<input type=hidden name=mb_id[$i] value='{$row['mb_id']}'>
<tr class='list$list col1 ht center'>
<td><input type=checkbox name=chk[] value='$i'></td>
<td title='$row[mb_id]'><nobr style='display:block; overflow:hidden; width:90;'>&nbsp;$mb_id</nobr></td>
<td><nobr style='display:block; overflow:hidden; width:90px;'>$row[mb_name]</nobr></td>
<td title='{$row['mb_id']}'><nobr style='display:block; overflow:hidden; width:90;'>&nbsp;$mb_id</nobr></td>
<td><nobr style='display:block; overflow:hidden; width:90px;'>{$row['mb_name']}</nobr></td>
<td><nobr style='display:block; overflow:hidden; width:90px;'><u>$mb_nick</u></nobr></td>
<td>".get_member_level_select("mb_level[$i]", 1, $member[mb_level], $row[mb_level])."</td>
<td align=right><a href='point_list.php?sfl=mb_id&stx=$row[mb_id]' class=tt>".number_format($row[mb_point])."</a>&nbsp;</td>
<td>".substr($row[mb_today_login],2,8)."</td>
<td>".($row[mb_mailling]?'&radic;':'&nbsp;')."</td>
<td>".($row[mb_open]?'&radic;':'&nbsp;')."</td>
<!-- <td title='$row[mb_leave_date]'>".($row[mb_leave_date]?'&radic;':'&nbsp;')."</td> -->
<td title='$row[mb_email_certify]'>".(preg_match('/[1-9]/', $row[mb_email_certify])?'&radic;':'&nbsp;')."</td>
<td title='$row[mb_intercept_date]'><input type=checkbox name=mb_intercept_date[$i] ".($row[mb_intercept_date]?'checked':'')." value='$intercept_date'></td>
<td>$group</td>
<td>".get_member_level_select("mb_level[$i]", 1, $member['mb_level'], $row['mb_level'])."</td>
<td align=right><a href='point_list.php?sfl=mb_id&stx={$row['mb_id']}' class=tt>".number_format($row['mb_point'])."</a>&nbsp;</td>
<td>".substr($row['mb_today_login'],2,8)."</td>
<td>".($row['mb_mailling']?'&radic;':'&nbsp;')."</td>
<td>".($row['mb_open']?'&radic;':'&nbsp;')."</td>
<!-- <td title='{$row['mb_leave_date']}'>".($row['mb_leave_date']?'&radic;':'&nbsp;')."</td> -->
<td title='{$row['mb_email_certify']}'>".(preg_match('/[1-9]/', $row['mb_email_certify'])?'&radic;':'&nbsp;')."</td>
<td title='{$row['mb_intercept_date']}'><input type=checkbox name=mb_intercept_date[$i] ".($row['mb_intercept_date']?'checked':'')." value='$intercept_date'></td>
<td>$group</td>
<td>$s_mod $s_del $s_grp</td>
</tr>";
}
@ -219,7 +219,7 @@ if ($i == 0)
echo "<tr><td colspan='$colspan' class='line2'></td></tr>";
echo "</table>";
$pagelist = get_paging($config[cf_write_pages], $page, $total_page, "?$qstr&page=");
$pagelist = get_paging($config['cf_write_pages'], $page, $total_page, '?'.$qstr.'&amp;page=');
echo "<table width=100% cellpadding=3 cellspacing=1>";
echo "<tr><td width=50%>";
echo "<input type=button class='btn1' value='선택수정' onclick=\"btn_check(this.form, 'update')\">&nbsp;";
@ -259,5 +259,5 @@ function post_delete(action_url, val)
</form>
<?
include_once ("./admin.tail.php");
include_once ('./admin.tail.php');
?>

32
adm/member_list_delete.php
View File

@ -1,37 +1,37 @@
<?
$sub_menu = "200100";
include_once("./_common.php");
include_once('./_common.php');
check_demo();
auth_check($auth[$sub_menu], "d");
auth_check($auth[$sub_menu], 'd');
check_token();
$msg = "";
for ($i=0; $i<count($chk); $i++)
$msg = '';
for ($i=0; $i<count($chk); $i++)
{
// 실제 번호를 넘김
$k = $_POST['chk'][$i];
$mb = get_member($_POST['mb_id'][$k]);
if (!$mb[mb_id]) {
$msg .= "$mb[mb_id] : 회원자료가 존재하지 않습니다.\\n";
} else if ($member[mb_id] == $mb[mb_id]) {
$msg .= "$mb[mb_id] : 로그인 중인 관리자는 삭제 할 수 없습니다.\\n";
} else if (is_admin($mb[mb_id]) == "super") {
$msg .= "$mb[mb_id] : 최고 관리자는 삭제할 수 없습니다.\\n";
} else if ($is_admin != "super" && $mb[mb_level] >= $member[mb_level]) {
$msg .= "$mb[mb_id] : 자신보다 권한이 높거나 같은 회원은 삭제할 수 없습니다.\\n";
if (!$mb['mb_id']) {
$msg .= $mb['mb_id'].' : 회원자료가 존재하지 않습니다.\\n';
} else if ($member['mb_id'] == $mb['mb_id']) {
$msg .= $mb['mb_id'].' : 로그인 중인 관리자는 삭제 할 수 없습니다.\\n';
} else if (is_admin($mb['mb_id']) == 'super') {
$msg .= $mb['mb_id'].' : 최고 관리자는 삭제할 수 없습니다.\\n';
} else if ($is_admin != 'super' && $mb['mb_level'] >= $member['mb_level']) {
$msg .= $mb['mb_id'].' : 자신보다 권한이 높거나 같은 회원은 삭제할 수 없습니다.\\n';
} else {
// 회원자료 삭제
member_delete($mb[mb_id]);
// 회원자료 삭제
member_delete($mb['mb_id']);
}
}
if ($msg)
echo "<script type='text/javascript'> alert('$msg'); </script>";
echo '<script type="text/javascript"> alert("'.$msg.'"); </script>';
goto_url("./member_list.php?$qstr");
goto_url('./member_list.php?'.$qstr);
?>

24
adm/member_list_update.php
View File

@ -1,28 +1,28 @@
<?
$sub_menu = "200100";
include_once("./_common.php");
include_once('./_common.php');
check_demo();
auth_check($auth[$sub_menu], "w");
auth_check($auth[$sub_menu], 'w');
check_token();
for ($i=0; $i<count($chk); $i++)
for ($i=0; $i<count($chk); $i++)
{
// 실제 번호를 넘김
$k = $_POST['chk'][$i];
$mb = get_member($_POST['mb_id'][$k]);
if (!$mb[mb_id]) {
$msg .= "$mb[mb_id] : 회원자료가 존재하지 않습니다.\\n";
} else if ($is_admin != "super" && $mb[mb_level] >= $member[mb_level]) {
$msg .= "$mb[mb_id] : 자신보다 권한이 높거나 같은 회원은 수정할 수 없습니다.\\n";
} else if ($member[mb_id] == $mb[mb_id]) {
$msg .= "$mb[mb_id] : 로그인 중인 관리자는 수정 할 수 없습니다.\\n";
if (!$mb['mb_id']) {
$msg .= $mb['mb_id']'. : 회원자료가 존재하지 않습니다.\\n';
} else if ($is_admin != 'super' && $mb['mb_level'] >= $member['mb_level']) {
$msg .= $mb['mb_id'].' : 자신보다 권한이 높거나 같은 회원은 수정할 수 없습니다.\\n';
} else if ($member['mb_id'] == $mb['mb_id']) {
$msg .= $mb['mb_id'].' : 로그인 중인 관리자는 수정 할 수 없습니다.\\n';
} else {
$sql = " update $g4[member_table]
$sql = " update {$g4['member_table']}
set mb_level = '{$_POST['mb_level'][$k]}',
mb_intercept_date = '{$_POST['mb_intercept_date'][$k]}'
where mb_id = '{$_POST['mb_id'][$k]}' ";
@ -31,7 +31,7 @@ for ($i=0; $i<count($chk); $i++)
}
if ($msg)
echo "<script type='text/javascript'> alert('$msg'); </script>";
echo '<script type="text/javascript"> alert("'.$msg.'"); </script>';
goto_url("./member_list.php?$qstr");
goto_url('./member_list.php?'.$qstr);
?>

4
adm/phpinfo.php
View File

@ -1,10 +1,10 @@
<?
$sub_menu = "100500";
include_once("./_common.php");
include_once('./_common.php');
check_demo();
auth_check($auth[$sub_menu], "r");
auth_check($auth[$sub_menu], 'r');
phpinfo();
?>

38
adm/point_clear.php
View File

@ -1,57 +1,57 @@
<?
$sub_menu = "200200";
include_once("./_common.php");
include_once('./_common.php');
check_demo();
if (!$ok)
alert();
if ($is_admin != "super")
alert("포인트 정리는 최고관리자만 가능합니다.");
if ($is_admin != 'super')
alert('포인트 정리는 최고관리자만 가능합니다.');
$g4[title] = "포인트 정리";
include_once("./admin.head.php");
echo "<span id='ct'></span>";
include_once("./admin.tail.php");
$g4['title'] = '포인트 정리';
include_once('./admin.head.php');
echo '<span id="ct"></span>';
include_once('./admin.tail.php');
flush();
echo "<script>document.getElementById('ct').innerHTML += '<p>포인트 정리중...';</script>\n";
echo '<script>document.getElementById("ct").innerHTML += "<p>포인트 정리중...";</script>\n';
flush();
$max_count = 50;
// 테이블 락을 걸고
$sql = " LOCK TABLES $g4[member_table] WRITE, $g4[point_table] WRITE ";
$sql = " LOCK TABLES {$g4['member_table']} WRITE, {$g4['point_table']} WRITE ";
sql_query($sql);
$sql = " select mb_id, count(po_point) as cnt
from $g4[point_table]
from {$g4['point_table']}
group by mb_id
having cnt > {$max_count}+1
order by cnt ";
$result = sql_query($sql);
for ($i=0; $row=sql_fetch_array($result); $i++)
for ($i=0; $row=sql_fetch_array($result); $i++)
{
$count = 0;
$total = 0;
$sql2 = " select po_id, po_point
from $g4[point_table]
where mb_id = '$row[mb_id]'
order by po_id desc
limit $max_count, $row[cnt] ";
from {$g4['point_table']}
where mb_id = '{$row['mb_id']}'
order by po_id desc
limit $max_count, {$row['cnt']} ";
$result2 = sql_query($sql2);
for ($k=0; $row2=sql_fetch_array($result2); $k++)
{
$count++;
$total += $row2[po_point];
$total += $row2['po_point'];
sql_query(" delete from $g4[point_table] where po_id = '$row2[po_id]' ");
sql_query(" delete from {$g4['point_table']} where po_id = '{$row2['po_id']}' ");
}
insert_point($row[mb_id], $total, "포인트 {$count}건 정리", "@clear", $row[mb_id], $g4[time_ymd]."-".uniqid(""));
insert_point($row['mb_id'], $total, "포인트 {$count}건 정리", "@clear", $row['mb_id'], $g4['time_ymd']."-".uniqid(""));
$str = $row[mb_id]."님 포인트 내역 ".number_format($count)."".number_format($total)."점 정리<br>";
$str = $row['mb_id']."님 포인트 내역 ".number_format($count)."".number_format($total)."점 정리<br>";
echo "<script>document.getElementById('ct').innerHTML += '$str';</script>\n";
flush();
}

84
adm/point_list.php
View File

@ -1,12 +1,12 @@
<?
$sub_menu = "200200";
include_once("./_common.php");
include_once('./_common.php');
auth_check($auth[$sub_menu], "r");
auth_check($auth[$sub_menu], 'r');
$token = get_token();
$sql_common = " from $g4[point_table] ";
$sql_common = " from {$g4['point_table']} ";
$sql_search = " where (1) ";
if ($stx) {
@ -15,7 +15,7 @@ if ($stx) {
case "mb_id" :
$sql_search .= " ($sfl = '$stx') ";
break;
default :
default :
$sql_search .= " ($sfl like '%$stx%') ";
break;
}
@ -29,13 +29,13 @@ if (!$sst) {
$sql_order = " order by $sst $sod ";
$sql = " select count(*) as cnt
$sql_common
$sql_search
$sql_common
$sql_search
$sql_order ";
$row = sql_fetch($sql);
$total_count = $row[cnt];
$total_count = $row['cnt'];
$rows = $config[cf_page_rows];
$rows = $config['cf_page_rows'];
$total_page = ceil($total_count / $rows); // 전체 페이지 계산
if ($page == "") $page = 1; // 페이지가 없으면 첫 페이지 (1 페이지)
$from_record = ($page - 1) * $rows; // 시작 열을 구함
@ -47,27 +47,27 @@ $sql = " select *
limit $from_record, $rows ";
$result = sql_query($sql);
$listall = "<a href='$_SERVER[PHP_SELF]'>처음</a>";
$listall = '<a href="'.$_SERVER['PHP_SELF'].'">처음</a>';
if ($sfl == "mb_id" && $stx)
if ($sfl == 'mb_id' && $stx)
$mb = get_member($stx);
$g4[title] = "포인트관리";
include_once ("./admin.head.php");
$g4['title'] = '포인트관리';
include_once ('./admin.head.php');
$colspan = 8;
?>
<script type="text/javascript" src="<?=$g4[path]?>/js/sideview.js"></script>
<script type="text/javascript" src="<?=$g4['path']?>/js/sideview.js"></script>
<script type="text/javascript">
var list_update_php = "";
var list_delete_php = "point_list_delete.php";
var list_update_php = '';
var list_delete_php = 'point_list_delete.php';
</script>
<script type="text/javascript">
function point_clear()
{
if (confirm("포인트 정리를 하시면 최근 50건 이전의 포인트 부여 내역을 삭제하므로\n\n포인트 부여 내역을 필요로 할때 찾지 못할 수도 있습니다.\n\n\n그래도 진행하시겠습니까?"))
if (confirm('포인트 정리를 하시면 최근 50건 이전의 포인트 부여 내역을 삭제하므로\n\n포인트 부여 내역을 필요로 할때 찾지 못할 수도 있습니다.\n\n\n그래도 진행하시겠습니까?'))
{
document.location.href = "./point_clear.php?ok=1";
}
@ -79,15 +79,15 @@ function point_clear()
<tr>
<td width=50% align=left>
<?=$listall?> (건수 : <?=number_format($total_count)?>)
<?
if ($mb[mb_id])
echo "&nbsp;(" . $mb[mb_id] ." 님 포인트 합계 : " . number_format($mb[mb_point]) . "점)";
<?
if ($mb['mb_id'])
echo '&nbsp;(' . $mb['mb_id'] .' 님 포인트 합계 : ' . number_format($mb['mb_point']) . '점)';
else {
$row2 = sql_fetch(" select sum(po_point) as sum_point from $g4[point_table] ");
echo "&nbsp;(전체 포인트 합계 : " . number_format($row2[sum_point]) . "점)";
$row2 = sql_fetch(" select sum(po_point) as sum_point from {$g4['point_table']} ");
echo '&nbsp;(전체 포인트 합계 : ' . number_format($row2['sum_point']) . '점)';
}
?>
<? if ($is_admin == "super") { ?><!-- <a href="javascript:point_clear();">포인트정리</a> --><? } ?>
<? if ($is_admin == 'super') { ?><!-- <a href="javascript:point_clear();">포인트정리</a> --><? } ?>
</td>
<td width=50% align=right>
<select name=sfl class=cssfl>
@ -95,7 +95,7 @@ function point_clear()
<option value='po_content'>내용</option>
</select>
<input type=text name=stx class=ed required itemname='검색어' value='<?=$stx?>'>
<input type=image src='<?=$g4[admin_path]?>/img/btn_search.gif' align=absmiddle></td>
<input type=image src='<?=$g4['admin_path']?>/img/btn_search.gif' align=absmiddle></td>
</tr>
</form>
</table>
@ -130,38 +130,38 @@ function point_clear()
</tr>
<tr><td colspan='<?=$colspan?>' class='line2'></td></tr>
<?
for ($i=0; $row=sql_fetch_array($result); $i++)
for ($i=0; $row=sql_fetch_array($result); $i++)
{
if ($row2[mb_id] != $row[mb_id])
if ($row2['mb_id'] != $row['mb_id'])
{
$sql2 = " select mb_id, mb_name, mb_nick, mb_email, mb_homepage, mb_point from $g4[member_table] where mb_id = '$row[mb_id]' ";
$sql2 = " select mb_id, mb_name, mb_nick, mb_email, mb_homepage, mb_point from {$g4['member_table']} where mb_id = '{$row['mb_id']}' ";
$row2 = sql_fetch($sql2);
}
$mb_nick = get_sideview($row[mb_id], $row2[mb_nick], $row2[mb_email], $row2[mb_homepage]);
$mb_nick = get_sideview($row['mb_id'], $row2['mb_nick'], $row2['mb_email'], $row2['mb_homepage']);
$link1 = $link2 = "";
if (!preg_match("/^\@/", $row[po_rel_table]) && $row[po_rel_table])
if (!preg_match("/^\@/", $row['po_rel_table']) && $row['po_rel_table'])
{
$link1 = "<a href='$g4[bbs_path]/board.php?bo_table={$row[po_rel_table]}&wr_id={$row[po_rel_id]}' target=_blank>";
$link1 = "<a href='{$g4['bbs_path']}/board.php?bo_table={$row['po_rel_table']}&wr_id={$row['po_rel_id']}' target=_blank>";
$link2 = "</a>";
}
$list = $i%2;
echo "
<input type=hidden name=po_id[$i] value='$row[po_id]'>
<input type=hidden name=mb_id[$i] value='$row[mb_id]'>
<input type=hidden name=po_id[$i] value='{$row['po_id']}'>
<input type=hidden name=mb_id[$i] value='{$row['mb_id']}'>
<tr class='list$list col1 ht center'>
<td><input type=checkbox name=chk[] value='$i'></td>
<td><a href='?sfl=mb_id&stx=$row[mb_id]'>$row[mb_id]</a></td>
<td>$row2[mb_name]</td>
<td><a href='?sfl=mb_id&stx={$row['mb_id']}'>{$row['mb_id']}</a></td>
<td>{$row2['mb_name']}</td>
<td>$mb_nick</td>
<td>$row[po_datetime]</td>
<td align=left>&nbsp;{$link1}$row[po_content]{$link2}</td>
<td align=right>".number_format($row[po_point])."&nbsp;</td>
<td align=right>".number_format($row2[mb_point])."&nbsp;</td>
<td>{$row['po_datetime']}</td>
<td align=left>&nbsp;{$link1}{$row['po_content']}{$link2}</td>
<td align=right>".number_format($row['po_point'])."&nbsp;</td>
<td align=right>".number_format($row2['mb_point'])."&nbsp;</td>
</tr> ";
}
}
if ($i == 0)
echo "<tr><td colspan='$colspan' align=center height=100 bgcolor=#ffffff>자료가 없습니다.</td></tr>";
@ -169,7 +169,7 @@ if ($i == 0)
echo "<tr><td colspan='$colspan' class='line2'></td></tr>";
echo "</table>";
$pagelist = get_paging($config[cf_write_pages], $page, $total_page, "$_SERVER[PHP_SELF]?$qstr&page=");
$pagelist = get_paging($config['cf_write_pages'], $page, $total_page, "$_SERVER[PHP_SELF]?$qstr&page=");
echo "<table width=100% cellpadding=3 cellspacing=1>";
echo "<tr><td width=50%>";
echo "<input type=button class='btn1' value='선택삭제' onclick=\"btn_check(this.form, 'delete')\">";
@ -179,10 +179,10 @@ echo "<td width=50% align=right>$pagelist</td></tr></table>\n";
if ($stx)
echo "<script type='text/javascript'>document.fsearch.sfl.value = '$sfl';</script>\n";
if (strstr($sfl, "mb_id"))
if (strstr($sfl, 'mb_id'))
$mb_id = $stx;
else
$mb_id = "";
$mb_id = '';
?>
</form>
@ -232,5 +232,5 @@ function fpointlist2_submit(f)
</script>
<?
include_once ("./admin.tail.php");
include_once ('./admin.tail.php');
?>

16
adm/point_list_delete.php
View File

@ -1,28 +1,28 @@
<?
$sub_menu = "200200";
include_once("./_common.php");
include_once('./_common.php');
check_demo();
auth_check($auth[$sub_menu], "d");
auth_check($auth[$sub_menu], 'd');
check_token();
for ($i=0; $i<count($chk); $i++)
for ($i=0; $i<count($chk); $i++)
{
// 실제 번호를 넘김
$k = $_POST['chk'][$i];
$sql = " delete from $g4[point_table] where po_id = '{$_POST['po_id'][$k]}' ";
$sql = " delete from {$g4['point_table']} where po_id = '{$_POST['po_id'][$k]}' ";
sql_query($sql);
$sql = " select sum(po_point) as sum_po_point from $g4[point_table] where mb_id = '{$_POST['mb_id'][$k]}' ";
$sql = " select sum(po_point) as sum_po_point from {$g4['point_table']} where mb_id = '{$_POST['mb_id'][$k]}' ";
$row = sql_fetch($sql);
$sum_point = $row[sum_po_point];
$sum_point = $row['sum_po_point'];
$sql= " update $g4[member_table] set mb_point = '$sum_point' where mb_id = '{$_POST['mb_id'][$k]}' ";
$sql= " update {$g4['member_table']} set mb_point = '$sum_point' where mb_id = '{$_POST['mb_id'][$k]}' ";
sql_query($sql);
}
goto_url("./point_list.php?$qstr");
goto_url('./point_list.php?'.$qstr);
?>

20
adm/point_update.php
View File

@ -1,13 +1,13 @@
<?
$sub_menu = "200200";
include_once("./_common.php");
include_once('./_common.php');
auth_check($auth[$sub_menu], "w");
auth_check($auth[$sub_menu], 'w');
check_token();
if ($member[mb_password] != sql_password($_POST['admin_password'])) {
alert("패스워드가 다릅니다.");
if ($member['mb_password'] != sql_password($_POST['admin_password'])) {
alert('패스워드가 다릅니다.');
}
$mb_id = $_POST['mb_id'];
@ -16,13 +16,13 @@ $po_content = $_POST['po_content'];
$mb = get_member($mb_id);
if (!$mb[mb_id])
alert("존재하는 회원아이디가 아닙니다.", "./point_list.php?$qstr");
if (!$mb['mb_id'])
alert('존재하는 회원아이디가 아닙니다.', './point_list.php?'.$qstr);
if (($po_point < 0) && ($po_point * (-1) > $mb[mb_point]))
alert("포인트를 깎는 경우 현재 포인트보다 작으면 안됩니다.", "./point_list.php?$qstr");
if (($po_point < 0) && ($po_point * (-1) > $mb['mb_point']))
alert('포인트를 깎는 경우 현재 포인트보다 작으면 안됩니다.', './point_list.php?'.$qstr);
insert_point($mb_id, $po_point, $po_content, '@passive', $mb_id, $member[mb_id]."-".uniqid(""));
insert_point($mb_id, $po_point, $po_content, '@passive', $mb_id, $member['mb_id']."-".uniqid(""));
goto_url("./point_list.php?$qstr");
goto_url('./point_list.php?'.$qstr);
?>

58
adm/poll_form.php
View File

@ -1,23 +1,23 @@
<?
$sub_menu = "200900";
include_once("./_common.php");
include_once('./_common.php');
auth_check($auth[$sub_menu], "w");
auth_check($auth[$sub_menu], 'w');
$token = get_token();
$html_title = "투표";
if ($w == "")
$html_title .= " 생성";
else if ($w == "u") {
$html_title .= " 수정";
$sql = " select * from $g4[poll_table] where po_id = '$po_id' ";
$html_title = '투표';
if ($w == '')
$html_title .= ' 생성';
else if ($w == 'u') {
$html_title .= ' 수정';
$sql = " select * from {$g4['poll_table']} where po_id = '$po_id' ";
$po = sql_fetch($sql);
} else
alert("w 값이 제대로 넘어오지 않았습니다.");
} else
alert('w 값이 제대로 넘어오지 않았습니다.');
$g4[title] = $html_title;
include_once("./admin.head.php");
$g4['title'] = $html_title;
include_once('./admin.head.php');
?>
<form name=fpoll method=post onsubmit="return fpoll_check(this);" enctype="multipart/form-data">
@ -35,67 +35,67 @@ include_once("./admin.head.php");
<colgroup width=20% class='col1 pad1 bold right'>
<colgroup width=30% class='col2 pad2'>
<tr>
<td colspan=4 class=title align=left><img src='<?=$g4[admin_path]?>/img/icon_title.gif'> <?=$html_title?></td>
<td colspan=4 class=title align=left><img src='<?=$g4['admin_path']?>/img/icon_title.gif'> <?=$html_title?></td>
</tr>
<tr><td colspan=4 class='line1'></td></tr>
<tr class='ht'>
<td>투표 제목</td>
<td colspan=3><input type='text' class=ed name='po_subject' style='width:99%;' required itemname='투표 제목' value='<?=$po[po_subject]?>' maxlength="125"></td>
<td colspan=3><input type='text' class=ed name='po_subject' style='width:99%;' required itemname='투표 제목' value='<?=$po['po_subject']?>' maxlength="125"></td>
</tr>
<?
<?
for ($i=1; $i<=9; $i++) {
$required = "";
$itemname = "";
if ($i==1 || $i==2) {
$required = "required";
$itemname = "itemname='항목$i'";
$required = 'required';
$itemname = 'itemname="항목'.$i.'"';
}
$po_poll = get_text($po["po_poll".$i]);
$po_poll = get_text($po['po_poll'.$i]);
echo <<<HEREDOC
<tr class='ht'>
<td>항목{$i}</td>
<td><input type="text" class=ed name="po_poll{$i}" {$required} {$itemname} value="{$po_poll}" style="width:99%;" maxlength="125"></td>
<td>투표수</td>
<td><input type="text" class=ed name="po_cnt{$i}" size=5 value="{$po["po_cnt".$i]}"></td>
<td><input type="text" class=ed name="po_cnt{$i}" size=5 value="{$po['po_cnt'.$i]}"></td>
</tr>
HEREDOC;
}
}
?>
<tr class='ht'>
<td>기타의견</td>
<td colspan=3><input type='text' class=ed name='po_etc' style='width:99%;' value='<?=get_text($po[po_etc])?>' maxlength="125"></td>
<td colspan=3><input type='text' class=ed name='po_etc' style='width:99%;' value='<?=get_text($po['po_etc'])?>' maxlength="125"></td>
</tr>
<tr class='ht'>
<td>투표권한</td>
<td colspan=3><?=get_member_level_select("po_level", 1, 10, $po[po_level])?>이상 투표할 수 있음</td>
<td colspan=3><?=get_member_level_select('po_level', 1, 10, $po['po_level'])?>이상 투표할 수 있음</td>
</tr>
<tr class='ht'>
<td>포인트</td>
<td colspan=3><input type='text' class=ed name='po_point' size='10' value='<?=$po[po_point]?>'> 점 (투표한 회원에게 부여함)</td>
<td colspan=3><input type='text' class=ed name='po_point' size='10' value='<?=$po['po_point']?>'> 점 (투표한 회원에게 부여함)</td>
</tr>
<? if ($w == "u") { ?>
<? if ($w == 'u') { ?>
<tr class='ht'>
<td>투표시작일</td>
<td colspan=3><input type="text" class=ed name="po_date" size=10 maxlength=10 value="<?=$po[po_date]?>"></td>
<td colspan=3><input type="text" class=ed name="po_date" size=10 maxlength=10 value="<?=$po['po_date']?>"></td>
</tr>
<tr class='ht'>
<td>투표참가 IP</td>
<td colspan=3><textarea class=ed name="po_ips" rows=10 style='width:99%;' readonly><?=preg_replace("/\n/", " / ", $po[po_ips])?></textarea></td>
<td colspan=3><textarea class=ed name="po_ips" rows=10 style='width:99%;' readonly><?=preg_replace("/\n/", " / ", $po['po_ips'])?></textarea></td>
</tr>
<tr class='ht'>
<td>투표참가 회원</td>
<td colspan=3><textarea class=ed name="mb_ids" rows=10 style='width:99%;' readonly><?=preg_replace("/\n/", " / ", $po[mb_ids])?></textarea></td>
<td colspan=3><textarea class=ed name="mb_ids" rows=10 style='width:99%;' readonly><?=preg_replace("/\n/", " / ", $po['mb_ids'])?></textarea></td>
</tr>
<? } ?>
@ -117,5 +117,5 @@ function fpoll_check(f)
</script>
<?
include_once("./admin.tail.php");
include_once('./admin.tail.php');
?>

86
adm/poll_form_update.php
View File

@ -1,70 +1,70 @@
<?
$sub_menu = "200900";
include_once("./_common.php");
include_once('./_common.php');
$w = $_POST['w'];
if ($w == 'u' || $w == 'd')
check_demo();
auth_check($auth[$sub_menu], "w");
auth_check($auth[$sub_menu], 'w');
check_token();
if ($w == "")
if ($w == '')
{
$sql = " insert $g4[poll_table]
$sql = " insert {$g4['poll_table']}
( po_subject, po_poll1, po_poll2, po_poll3, po_poll4, po_poll5, po_poll6, po_poll7, po_poll8, po_poll9, po_cnt1, po_cnt2, po_cnt3, po_cnt4, po_cnt5, po_cnt6, po_cnt7, po_cnt8, po_cnt9, po_etc, po_level, po_point, po_date )
values ( '$_POST[po_subject]', '$_POST[po_poll1]', '$_POST[po_poll2]', '$_POST[po_poll3]', '$_POST[po_poll4]', '$_POST[po_poll5]', '$_POST[po_poll6]', '$_POST[po_poll7]', '$_POST[po_poll8]', '$_POST[po_poll9]', '$_POST[po_cnt1]', '$_POST[po_cnt2]', '$_POST[po_cnt3]', '$_POST[po_cnt4]', '$_POST[po_cnt5]', '$_POST[po_cnt6]', '$_POST[po_cnt7]', '$_POST[po_cnt8]', '$_POST[po_cnt9]', '$_POST[po_etc]', '$_POST[po_level]', '$_POST[po_point]', '$g4[time_ymdhis]' ) ";
values ( '{$_POST['po_subject']}', '{$_POST['po_poll1']}', '{$_POST['po_poll2']}', '{$_POST['po_poll3']}', '{$_POST['po_poll4']}', '{$_POST['po_poll5']}', '{$_POST['po_poll6']}', '{$_POST['po_poll7']}', '{$_POST['po_poll8']}', '{$_POST['po_poll9']}', '{$_POST['po_cnt1']}', '{$_POST['po_cnt2']}', '{$_POST['po_cnt3']}', '{$_POST['po_cnt4']}', '{$_POST['po_cnt5']}', '{$_POST['po_cnt6']}', '{$_POST['po_cnt7']}', '{$_POST['po_cnt8']}', '{$_POST['po_cnt9']}', '{$_POST['po_etc']}', '{$_POST['po_level']}', '{$_POST['po_point']}', '{$g4['time_ymdhis']}' ) ";
sql_query($sql);
$po_id = mysql_insert_id();
}
else if ($w == "u")
}
else if ($w == 'u')
{
$sql = " update $g4[poll_table]
set po_subject = '$_POST[po_subject]',
po_poll1 = '$_POST[po_poll1]',
po_poll2 = '$_POST[po_poll2]',
po_poll3 = '$_POST[po_poll3]',
po_poll4 = '$_POST[po_poll4]',
po_poll5 = '$_POST[po_poll5]',
po_poll6 = '$_POST[po_poll6]',
po_poll7 = '$_POST[po_poll7]',
po_poll8 = '$_POST[po_poll8]',
po_poll9 = '$_POST[po_poll9]',
po_cnt1 = '$_POST[po_cnt1]',
po_cnt2 = '$_POST[po_cnt2]',
po_cnt3 = '$_POST[po_cnt3]',
po_cnt4 = '$_POST[po_cnt4]',
po_cnt5 = '$_POST[po_cnt5]',
po_cnt6 = '$_POST[po_cnt6]',
po_cnt7 = '$_POST[po_cnt7]',
po_cnt8 = '$_POST[po_cnt8]',
po_cnt9 = '$_POST[po_cnt9]',
po_etc = '$_POST[po_etc]',
po_level = '$_POST[po_level]',
po_point = '$_POST[po_point]',
po_date = '$_POST[po_date]'
where po_id = '$_POST[po_id]' ";
$sql = " update {$g4['poll_table']}
set po_subject = '{$_POST['po_subject']}',
po_poll1 = '{$_POST['po_poll1']}',
po_poll2 = '{$_POST['po_poll2']}',
po_poll3 = '{$_POST['po_poll3']}',
po_poll4 = '{$_POST['po_poll4']}',
po_poll5 = '{$_POST['po_poll5']}',
po_poll6 = '{$_POST['po_poll6']}',
po_poll7 = '{$_POST['po_poll7']}',
po_poll8 = '{$_POST['po_poll8']}',
po_poll9 = '{$_POST['po_poll9']}',
po_cnt1 = '{$_POST['po_cnt1']}',
po_cnt2 = '{$_POST['po_cnt2']}',
po_cnt3 = '{$_POST['po_cnt3']}',
po_cnt4 = '{$_POST['po_cnt4']}',
po_cnt5 = '{$_POST['po_cnt5']}',
po_cnt6 = '{$_POST['po_cnt6']}',
po_cnt7 = '{$_POST['po_cnt7']}',
po_cnt8 = '{$_POST['po_cnt8']}',
po_cnt9 = '{$_POST['po_cnt9']}',
po_etc = '{$_POST['po_etc']}',
po_level = '{$_POST['po_level']}',
po_point = '{$_POST['po_point']}',
po_date = '{$_POST['po_date']}'
where po_id = '{$_POST['po_id']}' ";
sql_query($sql);
}
else if ($w == "d")
}
else if ($w == 'd')
{
$sql = " delete from $g4[poll_table] where po_id = '$_POST[po_id]' ";
$sql = " delete from {$g4['poll_table']} where po_id = '{$_POST['po_id']}' ";
sql_query($sql);
$sql = " delete from $g4[poll_etc_table] where po_id = '$_POST[po_id]' ";
$sql = " delete from {$g4['poll_etc_table']} where po_id = '{$_POST['po_id']}' ";
sql_query($sql);
}
// 가장 큰 투표번호를 기본환경설정에 저장하여
// 투표번호를 넘겨주지 않았을 경우
// 가장 큰 투표번호를 기본환경설정에 저장하여
// 투표번호를 넘겨주지 않았을 경우
// 가장 큰 투표번호를 구해야 하는 쿼리를 대체한다
$row = sql_fetch(" select max(po_id) as max_po_id from $g4[poll_table] ");
sql_query(" update $g4[config_table] set cf_max_po_id = '$row[max_po_id]' ");
$row = sql_fetch(" select max(po_id) as max_po_id from {$g4['poll_table']} ");
sql_query(" update {$g4['config_table']} set cf_max_po_id = '{$row['max_po_id']}' ");
if ($w == "d")
goto_url("./poll_list.php?$qstr");
if ($w == 'd')
goto_url('./poll_list.php?'.$qstr);
else
goto_url("./poll_form.php?w=u&po_id=$po_id&$qstr");
goto_url('./poll_form.php?w=u&po_id='.$po_id.'&amp;'.$qstr);
?>

52
adm/poll_list.php
View File

@ -1,18 +1,18 @@
<?
$sub_menu = "200900";
include_once("./_common.php");
include_once('./_common.php');
auth_check($auth[$sub_menu], "r");
auth_check($auth[$sub_menu], 'r');
$token = get_token();
$sql_common = " from $g4[poll_table] ";
$sql_common = " from {$g4['poll_table']} ";
$sql_search = " where (1) ";
if ($stx) {
$sql_search .= " and ( ";
switch ($sfl) {
default :
default :
$sql_search .= " ($sfl like '%$stx%') ";
break;
}
@ -26,28 +26,28 @@ if (!$sst) {
$sql_order = " order by $sst $sod ";
$sql = " select count(*) as cnt
$sql_common
$sql_search
$sql_common
$sql_search
$sql_order ";
$row = sql_fetch($sql);
$total_count = $row[cnt];
$total_count = $row['cnt'];
$rows = $config[cf_page_rows];
$rows = $config['cf_page_rows'];
$total_page = ceil($total_count / $rows); // 전체 페이지 계산
if ($page == "") $page = 1; // 페이지가 없으면 첫 페이지 (1 페이지)
if ($page == '') $page = 1; // 페이지가 없으면 첫 페이지 (1 페이지)
$from_record = ($page - 1) * $rows; // 시작 열을 구함
$sql = " select *
$sql = " select *
$sql_common
$sql_search
$sql_order
limit $from_record, $rows ";
$result = sql_query($sql);
$listall = "<a href='$_SERVER[PHP_SELF]' class=tt>처음</a>";
$listall = '<a href="'.$_SERVER['PHP_SELF'].'" class=tt>처음</a>';
$g4[title] = "투표관리";
include_once("./admin.head.php");
$g4['title'] = '투표관리';
include_once('./admin.head.php');
$colspan = 6;
?>
@ -61,7 +61,7 @@ $colspan = 6;
<option value='po_subject'>제목</option>
</select>
<input type=text name=stx class=ed required itemname='검색어' value='<?=$stx?>'>
<input type=image src='<?=$g4[admin_path]?>/img/btn_search.gif' align=absmiddle></td>
<input type=image src='<?=$g4['admin_path']?>/img/btn_search.gif' align=absmiddle></td>
</tr>
</form>
</table>
@ -80,39 +80,39 @@ $colspan = 6;
<td>투표권한</td>
<td>투표수</td>
<td>기타의견</td>
<td><a href="./poll_form.php"><img src='<?=$g4[admin_path]?>/img/icon_insert.gif' border=0 title='생성'></a></td>
<td><a href="./poll_form.php"><img src='<?=$g4['admin_path']?>/img/icon_insert.gif' border=0 title='생성'></a></td>
</tr>
<tr><td colspan='<?=$colspan?>' class='line2'></td></tr>
<?
for ($i=0; $row=sql_fetch_array($result); $i++) {
$sql2 = " select sum(po_cnt1+po_cnt2+po_cnt3+po_cnt4+po_cnt5+po_cnt6+po_cnt7+po_cnt8+po_cnt9) as sum_po_cnt from $g4[poll_table] where po_id = '$row[po_id]' ";
$sql2 = " select sum(po_cnt1+po_cnt2+po_cnt3+po_cnt4+po_cnt5+po_cnt6+po_cnt7+po_cnt8+po_cnt9) as sum_po_cnt from {$g4['poll_table']} where po_id = '{$row['po_id']}' ";
$row2 = sql_fetch($sql2);
$po_etc = ($row[po_etc]) ? "사용" : "미사용";
$po_etc = ($row['po_etc']) ? "사용" : "미사용";
$s_mod = "<a href='./poll_form.php?$qstr&w=u&po_id=$row[po_id]'><img src='img/icon_modify.gif' border=0 title='수정'></a>";
$s_mod = '<a href="./poll_form.php?'.$qstr.'&amp;w=u&po_id='.$row['po_id'].'"><img src="img/icon_modify.gif" border=0 title="수정"></a>';
//$s_del = "<a href=\"javascript:del('./poll_form_update.php?$qstr&w=d&po_id=$row[po_id]');\"><img src='img/icon_delete.gif' border=0 title='삭제'></a>";
$s_del = "<a href=\"javascript:post_delete('poll_form_update.php', '$row[po_id]');\"><img src='img/icon_delete.gif' border=0 title='삭제'></a>";
$s_del = '<a href="javascript:post_delete(\"poll_form_update.php\", \"'.$row['po_id'].'\");"><img src="img/icon_delete.gif" border=0 title="삭제"></a>';
$list = $i%2;
echo "
<tr class='list$list col1 ht center'>
<td>$row[po_id]</td>
<td align=left>&nbsp;".cut_str(get_text($row[po_subject]),70)."</td>
<td>$row[po_level]</td>
<td>$row2[sum_po_cnt]</td>
<td>{$row['po_id']}</td>
<td align=left>&nbsp;".cut_str(get_text($row['po_subject']),70)."</td>
<td>{$row['po_level']}</td>
<td>{$row2['sum_po_cnt']}</td>
<td>$po_etc</td>
<td>$s_mod $s_del</td>
</tr>";
}
if ($i==0)
if ($i==0)
echo "<tr><td colspan='$colspan' height=100 align=center bgcolor='#FFFFFF'>자료가 없습니다.</td></tr>";
echo "<tr><td colspan='$colspan' class='line2'></td></tr>";
echo "</table>";
$pagelist = get_paging($config[cf_write_pages], $page, $total_page, "$_SERVER[PHP_SELF]?$qstr&page=");
$pagelist = get_paging($config['cf_write_pages'], $page, $total_page, "$_SERVER[PHP_SELF]?$qstr&page=");
if ($pagelist)
echo "<table width=100% cellpadding=3 cellspacing=1><tr><td align=right>$pagelist</td></tr></table>\n";
@ -150,5 +150,5 @@ function post_delete(action_url, val)
</form>
<?
include_once ("./admin.tail.php");
include_once ('./admin.tail.php');
?>

48
adm/popular_list.php
View File

@ -1,8 +1,8 @@
<?
$sub_menu = "300300";
include_once("./_common.php");
include_once('./_common.php');
auth_check($auth[$sub_menu], "r");
auth_check($auth[$sub_menu], 'r');
// 체크된 자료 삭제
if (is_array($_POST['chk'])) {
@ -10,11 +10,11 @@ if (is_array($_POST['chk'])) {
// 실제 번호를 넘김
$k = $chk[$i];
sql_query(" delete from $g4[popular_table] where pp_id = '{$_POST['pp_id'][$k]}' ", true);
sql_query(" delete from {$g4['popular_table']} where pp_id = '{$_POST['pp_id'][$k]}' ", true);
}
}
$sql_common = " from $g4[popular_table] a ";
$sql_common = " from {$g4['popular_table']} a ";
$sql_search = " where (1) ";
if ($stx) {
@ -26,7 +26,7 @@ if ($stx) {
case "pp_date" :
$sql_search .= " ($sfl = '$stx') ";
break;
default :
default :
$sql_search .= " ($sfl like '%$stx%') ";
break;
}
@ -44,24 +44,24 @@ $sql = " select count(*) as cnt
$sql_search
$sql_order ";
$row = sql_fetch($sql);
$total_count = $row[cnt];
$total_count = $row['cnt'];
$rows = $config[cf_page_rows];
$rows = $config['cf_page_rows'];
$total_page = ceil($total_count / $rows); // 전체 페이지 계산
if ($page == "") { $page = 1; } // 페이지가 없으면 첫 페이지 (1 페이지)
if ($page == '') { $page = 1; } // 페이지가 없으면 첫 페이지 (1 페이지)
$from_record = ($page - 1) * $rows; // 시작 열을 구함
$sql = " select *
$sql = " select *
$sql_common
$sql_search
$sql_order
limit $from_record, $rows ";
$result = sql_query($sql);
$listall = "<a href='$_SERVER[PHP_SELF]'>처음</a>";
$listall = '<a href="'.$_SERVER['PHP_SELF'].'">처음</a>';
$g4[title] = "인기검색어관리";
include_once("./admin.head.php");
$g4['title'] = '인기검색어관리';
include_once('./admin.head.php');
$colspan = 4;
?>
@ -81,7 +81,7 @@ var list_delete_php = 'popular_list.php';
<option value='pp_date'>등록일</option>
</select>
<input type=text name=stx class=ed required itemname='검색어' value='<?=$stx?>'>
<input type=image src='<?=$g4[admin_path]?>/img/btn_search.gif' align=absmiddle></td>
<input type=image src='<?=$g4['admin_path']?>/img/btn_search.gif' align=absmiddle></td>
</tr>
</form>
</table>
@ -101,7 +101,7 @@ var list_delete_php = 'popular_list.php';
<tr><td colspan='<?=$colspan?>' class='line1'></td></tr>
<tr class='bgcol1 bold col1 ht center'>
<td><input type=checkbox name=chkall value="1" onclick="check_all(this.form)"></td>
<td><?=subject_sort_link("pp_word")?>검색어</a></td>
<td><?=subject_sort_link('pp_word')?>검색어</a></td>
<td>등록일</td>
<td>등록IP</td>
</tr>
@ -109,31 +109,31 @@ var list_delete_php = 'popular_list.php';
<?
for ($i=0; $row=sql_fetch_array($result); $i++) {
$word = get_text($row[pp_word]);
$word = get_text($row['pp_word']);
$list = $i % 2;
echo "<input type=hidden name=pp_id[$i] value='$row[pp_id]'>";
echo "<input type=hidden name=pp_id[$i] value='{$row['pp_id']}'>";
echo "<tr class='list$list col1 ht center'>";
echo "<td height=25><input type=checkbox name=chk[] value='$i'></td>";
echo "<td align='left'>&nbsp; <a href='$_SERVER[PHP_SELF]?sfl=pp_word&stx=$word'>$word</a></td>";
echo "<td>$row[pp_date]</td>";
echo "<td>$row[pp_ip]</td>";
echo "<td align='left'>&nbsp; <a href='{$_SERVER['PHP_SELF']}?sfl=pp_word&stx=$word'>$word</a></td>";
echo "<td>{$row['pp_date']}</td>";
echo "<td>{$row['pp_ip']}</td>";
echo "</tr>";
echo "<tr class='list$list col1 ht center'>";
echo "</tr>\n";
}
}
if ($i == 0)
echo "<tr><td colspan='$colspan' align=center height=100 bgcolor=#ffffff>자료가 없습니다.</td></tr>";
echo "<tr><td colspan='$colspan' align=center height=100 bgcolor=#ffffff>자료가 없습니다.</td></tr>";
echo "<tr><td colspan='$colspan' class='line2'></td></tr>";
echo "</table>";
$pagelist = get_paging($config[cf_write_pages], $page, $total_page, "$_SERVER[PHP_SELF]?$qstr&page=");
$pagelist = get_paging($config['cf_write_pages'], $page, $total_page, "$_SERVER[PHP_SELF]?$qstr&page=");
echo "<table width=100% cellpadding=3 cellspacing=1>";
echo "<tr><td width=50%>";
if ($is_admin == "super")
if ($is_admin == 'super')
echo "<input type=button class='btn1' value='선택삭제' onclick=\"btn_check(this.form, 'delete')\">";
echo "</td>";
@ -145,5 +145,5 @@ if ($stx)
</form>
<?
include_once("./admin.tail.php");
include_once('./admin.tail.php');
?>

46
adm/popular_rank.php
View File

@ -1,15 +1,15 @@
<?
$sub_menu = "300400";
include_once("./_common.php");
include_once('./_common.php');
auth_check($auth[$sub_menu], "r");
auth_check($auth[$sub_menu], 'r');
if (empty($fr_date)) $fr_date = $g4[time_ymd];
if (empty($to_date)) $to_date = $g4[time_ymd];
if (empty($fr_date)) $fr_date = $g4['time_ymd'];
if (empty($to_date)) $to_date = $g4['time_ymd'];
$qstr = "fr_date=$fr_date&to_date=$to_date";
$sql_common = " from $g4[popular_table] a ";
$sql_common = " from {$g4['popular_table']} a ";
$sql_search = " where trim(pp_word) <> '' and pp_date between '$fr_date' and '$to_date' ";
$sql_group = " group by pp_word ";
$sql_order = " order by cnt desc ";
@ -21,12 +21,12 @@ $sql = " select pp_word
$result = sql_query($sql);
$total_count = mysql_num_rows($result);
$rows = $config[cf_page_rows];
$rows = $config['cf_page_rows'];
$total_page = ceil($total_count / $rows); // 전체 페이지 계산
if ($page == "") { $page = 1; } // 페이지가 없으면 첫 페이지 (1 페이지)
if ($page == '') { $page = 1; } // 페이지가 없으면 첫 페이지 (1 페이지)
$from_record = ($page - 1) * $rows; // 시작 열을 구함
$sql = " select pp_word, count(*) as cnt
$sql = " select pp_word, count(*) as cnt
$sql_common
$sql_search
$sql_group
@ -34,10 +34,10 @@ $sql = " select pp_word, count(*) as cnt
limit $from_record, $rows ";
$result = sql_query($sql);
$listall = "<a href='$_SERVER[PHP_SELF]'>처음</a>";
$listall = '<a href="'.$_SERVER['PHP_SELF'].'">처음</a>';
$g4[title] = "인기검색어순위";
include_once("./admin.head.php");
$g4['title'] = '인기검색어순위';
include_once('./admin.head.php');
$colspan = 3;
?>
@ -57,7 +57,7 @@ $colspan = 3;
<style type="text/css">
<!--
.ui-datepicker { font:12px dotum; }
.ui-datepicker select.ui-datepicker-month,
.ui-datepicker select.ui-datepicker-month,
.ui-datepicker select.ui-datepicker-year { width: 70px;}
.ui-datepicker-trigger { margin:0 0 -5px 2px; }
-->
@ -89,7 +89,7 @@ jQuery(function($){
$('#fr_date, #to_date').datepicker({
showOn: 'button',
buttonImage: '<?=$g4[path]?>/img/calendar.gif',
buttonImage: "<?=$g4['path']?>/img/calendar.gif",
buttonImageOnly: true,
buttonText: "달력",
changeMonth: true,
@ -97,7 +97,7 @@ jQuery(function($){
showButtonPanel: true,
yearRange: 'c-99:c+99',
maxDate: '+0d'
});
});
});
</script>
<?
@ -109,11 +109,11 @@ jQuery(function($){
<tr>
<td width=50% align=left><?=$listall?> (건수 : <?=number_format($total_count)?>개)</td>
<td width=50% align=right>
기간 :
기간 :
<input type='text' id='fr_date' name='fr_date' size=11 maxlength=10 value='<?=$fr_date?>' class=ed>
-
<input type='text' id='to_date' name='to_date' size=11 maxlength=10 value='<?=$to_date?>' class=ed>
<input type=image src='<?=$g4[admin_path]?>/img/btn_search.gif' align=absmiddle></td>
<input type=image src='<?=$g4['admin_path']?>/img/btn_search.gif' align=absmiddle></td>
</tr>
</form>
</table>
@ -139,30 +139,30 @@ jQuery(function($){
<?
for ($i=0; $row=sql_fetch_array($result); $i++) {
$word = get_text($row[pp_word]);
$word = get_text($row['pp_word']);
$rank = ($i + 1 + ($rows * ($page - 1)));
$list = $i % 2;
echo "<tr class='list$list col1 ht center'>";
echo "<td align='left'>&nbsp; $word</td>";
echo "<td>$row[cnt]</td>";
echo "<td>{$row['cnt']}</td>";
echo "<td>$rank</td>";
echo "</tr>";
echo "<tr class='list$list col1 ht center'>";
echo "</tr>\n";
}
}
if ($i == 0)
echo "<tr><td colspan='$colspan' align=center height=100 bgcolor=#ffffff>자료가 없습니다.</td></tr>";
echo "<tr><td colspan='$colspan' align=center height=100 bgcolor=#ffffff>자료가 없습니다.</td></tr>";
echo "<tr><td colspan='$colspan' class='line2'></td></tr>";
echo "</table>";
$pagelist = get_paging($config[cf_write_pages], $page, $total_page, "$_SERVER[PHP_SELF]?$qstr&page=");
$pagelist = get_paging($config['cf_write_pages'], $page, $total_page, "$_SERVER[PHP_SELF]?$qstr&page=");
echo "<table width=100% cellpadding=3 cellspacing=1>";
echo "<tr><td width=50%>";
if ($is_admin == "super")
if ($is_admin == 'super')
echo "<input type=button class='btn1' value='선택삭제' onclick=\"btn_check(this.form, 'delete')\">";
echo "</td>";
@ -174,5 +174,5 @@ if ($stx)
</form>
<?
include_once("./admin.tail.php");
include_once('./admin.tail.php');
?>