Merge remote-tracking branch '그누보드/master'

# Conflicts:
#	adm/shop_admin/orderform.php
#	bbs/register_form_update.php
#	lib/common.lib.php
#	mobile/shop/personalpayform.sub.php
#	plugin/htmlpurifier/extend.video.php
#	plugin/kcaptcha/kcaptcha.lib.php
#	shop/orderformupdate.php
#	skin/social/social_register_member.skin.php
#	version.php

bbs/db_table.optimize.php

@@ -14,7 +14,9 @@ if($config['cf_visit_del'] > 0) {
     $tmp_before_date = date("Y-m-d", G5_SERVER_TIME - ($config['cf_visit_del'] * 86400));
     $sql = " delete from {$g5['visit_table']} where vi_date < '$tmp_before_date' ";
     sql_query($sql);
-    sql_query(" OPTIMIZE TABLE `{$g5['visit_table']}`, `{$g5['visit_sum_table']}` ");
+    if (defined('G5_USE_OPTIMIZE_DBTABLE') && G5_USE_OPTIMIZE_DBTABLE) {
+        sql_query(" OPTIMIZE TABLE `{$g5['visit_table']}`, `{$g5['visit_sum_table']}` ");
+    }
 }
 
 // 설정일이 지난 인기검색어 삭제
@@ -22,7 +24,9 @@ if($config['cf_popular_del'] > 0) {
     $tmp_before_date = date("Y-m-d", G5_SERVER_TIME - ($config['cf_popular_del'] * 86400));
     $sql = " delete from {$g5['popular_table']} where pp_date < '$tmp_before_date' ";
     sql_query($sql);
-    sql_query(" OPTIMIZE TABLE `{$g5['popular_table']}` ");
+    if (defined('G5_USE_OPTIMIZE_DBTABLE') && G5_USE_OPTIMIZE_DBTABLE) {
+        sql_query(" OPTIMIZE TABLE `{$g5['popular_table']}` ");
+    }
 }
 
 // 설정일이 지난 최근게시물 삭제
@@ -36,7 +40,9 @@ if($config['cf_new_del'] > 0) {
 if($config['cf_memo_del'] > 0) {
     $sql = " delete from {$g5['memo_table']} where (TO_DAYS('".G5_TIME_YMDHIS."') - TO_DAYS(me_send_datetime)) > '{$config['cf_memo_del']}' ";
     sql_query($sql);
-    sql_query(" OPTIMIZE TABLE `{$g5['memo_table']}` ");
+    if (defined('G5_USE_OPTIMIZE_DBTABLE') && G5_USE_OPTIMIZE_DBTABLE) {
+        sql_query(" OPTIMIZE TABLE `{$g5['memo_table']}` ");
+    }
 }
 
 // 탈퇴회원 자동 삭제
@@ -65,4 +71,8 @@ if($captcha_mp3 && is_array($captcha_mp3)) {
 // 실행일 기록
 if(isset($config['cf_optimize_date'])) {
     sql_query(" update {$g5['config_table']} set cf_optimize_date = '".G5_TIME_YMD."' ");
-}
+    
+    run_event('cf_optimize_date_update', $config);
+}
+
+run_event('db_table_optimize_end', $config);

bbs/memo_form.php

@@ -20,7 +20,7 @@ $me_id           = isset($_REQUEST['me_id']) ? clean_xss_tags($_REQUEST['me_id']
 if ($me_recv_mb_id)
 {
     $mb = get_member($me_recv_mb_id);
-    if (!$mb['mb_id'])
+    if (!(isset($mb['mb_id']) && $mb['mb_id']))
         alert_close('회원정보가 존재하지 않습니다.\\n\\n탈퇴하였을 수 있습니다.');
 
     if (!$mb['mb_open'] && $is_admin != 'super')

bbs/qawrite_update.php

@@ -86,6 +86,7 @@ $qa_related = 0;
 $qa_email_recv = (isset($_POST['qa_email_recv']) && $_POST['qa_email_recv']) ? 1 : 0;
 $qa_sms_recv = (isset($_POST['qa_sms_recv']) && $_POST['qa_sms_recv']) ? 1 : 0;
 $qa_status = 0;
+$qa_html = (isset($_POST['qa_html']) && $_POST['qa_html']) ? (int) $_POST['qa_html'] : 0;
 $answer_id = null;
 
 for ($i=1; $i<=5; $i++) {

bbs/register_form_update.php

@@ -50,8 +50,8 @@ $mb_addr_jibeon = isset($_POST['mb_addr_jibeon'])   ? trim($_POST['mb_addr_jibeo
 $mb_signature   = isset($_POST['mb_signature'])     ? trim($_POST['mb_signature'])   : "";
 $mb_profile     = isset($_POST['mb_profile'])       ? trim($_POST['mb_profile'])     : "";
 $mb_recommend   = isset($_POST['mb_recommend'])     ? trim($_POST['mb_recommend'])   : "";
-$mb_mailling    = isset($_POST['mb_mailling'])      ? trim($_POST['mb_mailling'])    : "";
-$mb_sms         = isset($_POST['mb_sms'])           ? trim($_POST['mb_sms'])         : "";
+$mb_mailling    = isset($_POST['mb_mailling'])      ? trim($_POST['mb_mailling'])    : "0";
+$mb_sms         = isset($_POST['mb_sms'])           ? trim($_POST['mb_sms'])         : "0";
 $mb_open        = isset($_POST['mb_open'])          ? trim($_POST['mb_open'])        : "0";
 $mb_1           = isset($_POST['mb_1'])             ? trim($_POST['mb_1'])           : "";
 $mb_2           = isset($_POST['mb_2'])             ? trim($_POST['mb_2'])           : "";
@@ -63,8 +63,7 @@ $mb_7           = isset($_POST['mb_7'])             ? trim($_POST['mb_7'])
 $mb_8           = isset($_POST['mb_8'])             ? trim($_POST['mb_8'])           : "";
 $mb_9           = isset($_POST['mb_9'])             ? trim($_POST['mb_9'])           : "";
 $mb_10          = isset($_POST['mb_10'])            ? trim($_POST['mb_10'])          : "";
-
-$mb_name        = clean_xss_tags($mb_name);
+$mb_name        = clean_xss_tags($mb_name, 1, 1);
 $mb_email       = get_email_address($mb_email);
 $mb_homepage    = clean_xss_tags($mb_homepage);
 $mb_tel         = clean_xss_tags($mb_tel);
@@ -75,6 +74,9 @@ $mb_addr2       = clean_xss_tags($mb_addr2);
 $mb_addr3       = clean_xss_tags($mb_addr3);
 $mb_addr_jibeon = preg_match("/^(N|R)$/", $mb_addr_jibeon) ? $mb_addr_jibeon : '';
 
+$mb_marketing_agree     = isset($_POST['mb_marketing_agree'])   ? trim($_POST['mb_marketing_agree'])    : "0";
+$mb_thirdparty_agree    = isset($_POST['mb_thirdparty_agree'])  ? trim($_POST['mb_thirdparty_agree'])   : "0";
+
 run_event('register_form_update_before', $mb_id, $w);
 
 if ($w == '' || $w == 'u') {
@@ -250,12 +252,46 @@ if ($w == '') {
                      mb_7 = '{$mb_7}',
                      mb_8 = '{$mb_8}',
                      mb_9 = '{$mb_9}',
-                     mb_10 = '{$mb_10}'
+                     mb_10 = '{$mb_10}',
+                     mb_marketing_agree = '{$mb_marketing_agree}',
+                     mb_thirdparty_agree = '{$mb_thirdparty_agree}'
                      {$sql_certify} ";
 
     // 이메일 인증을 사용하지 않는다면 이메일 인증시간을 바로 넣는다
     if (!$config['cf_use_email_certify'])
         $sql .= " , mb_email_certify = '".G5_TIME_YMDHIS."' ";
+
+    $agree_items = [];
+    // 마케팅 목적의 개인정보 수집 및 이용
+    if ($mb_marketing_agree == 1) {
+        $sql .=  " , mb_marketing_date = '".G5_TIME_YMDHIS."' ";
+        $agree_items[] = "마케팅 목적의 개인정보 수집 및 이용(동의)";
+    }
+
+    // 광고성 이메일 수신
+    if ($mb_mailling == 1) {
+        $sql .=  " , mb_mailling_date = '".G5_TIME_YMDHIS."' ";
+        $agree_items[] = "광고성 이메일 수신(동의)";
+    }
+
+    // 광고성 SMS/카카오톡 수신
+    if ($mb_sms == 1) {
+        $sql .=  " , mb_sms_date = '".G5_TIME_YMDHIS."' ";
+        $agree_items[] = "광고성 SMS/카카오톡 수신(동의)";
+    }
+
+    // 개인정보 제3자 제공
+    if ($mb_thirdparty_agree == 1) {
+        $sql .=  " , mb_thirdparty_date = '".G5_TIME_YMDHIS."' ";
+        $agree_items[] = "개인정보 제3자 제공(동의)";
+    }
+
+    // 동의 로그 추가
+    if (!empty($agree_items)) {
+        $agree_log = "[".G5_TIME_YMDHIS.", 회원가입] " . implode(' | ', $agree_items) . "\n";
+        $sql .= " , mb_agree_log = CONCAT('{$agree_log}', IFNULL(mb_agree_log, ''))";
+    }
+
     sql_query($sql);
 
     // 회원가입 포인트 부여
@@ -346,6 +382,43 @@ if ($w == '') {
     if ($old_email != $mb_email && $config['cf_use_email_certify'])
         $sql_email_certify = " , mb_email_certify = '' ";
 
+    $agree_items = [];
+    
+    // 마케팅 목적의 개인정보 수집 및 이용
+    $sql_marketing_date = "";
+    if ($mb_marketing_agree_default !== $mb_marketing_agree) {
+        $sql_marketing_date .= " , mb_marketing_date = '".G5_TIME_YMDHIS."' ";
+        $agree_items[] = "마케팅 목적의 개인정보 수집 및 이용(" . ($mb_marketing_agree == 1 ? "동의" : "철회") . ")";
+    }
+
+    // 광고성 이메일 수신
+    $sql_mailling_date = "";
+    if ($mb_mailling_default !== $mb_mailling) {
+        $sql_mailling_date .= " , mb_mailling_date = '".G5_TIME_YMDHIS."' ";
+        $agree_items[] = "광고성 이메일 수신(" . ($mb_mailling == 1 ? "동의" : "철회") . ")";
+    }
+    
+    // 광고성 SMS/카카오톡 수신
+    $sql_sms_date = "";
+    if ($mb_sms_default !== $mb_sms) {
+        $sql_sms_date .= " , mb_sms_date = '".G5_TIME_YMDHIS."' ";
+        $agree_items[] = "광고성 SMS/카카오톡 수신(" . ($mb_sms == 1 ? "동의" : "철회") . ")";
+    }
+    
+    // 개인정보 제3자 제공
+    $sql_thirdparty_date = "";
+    if ($mb_thirdparty_agree_default !== $mb_thirdparty_agree) {
+        $sql_thirdparty_date .= " , mb_thirdparty_date = '".G5_TIME_YMDHIS."' ";
+        $agree_items[] = "개인정보 제3자 제공(" . ($mb_thirdparty_agree == 1 ? "동의" : "철회") . ")";
+    }
+    
+    // 동의 로그 추가
+    $sql_agree_log = "";
+    if (!empty($agree_items)) {
+        $agree_log = "[".G5_TIME_YMDHIS.", 회원 정보 수정] " . implode(' | ', $agree_items) . "\n";
+        $sql_agree_log .= " , mb_agree_log = CONCAT('{$agree_log}', IFNULL(mb_agree_log, ''))";
+    }
+
     $sql = " update {$g5['member_table']}
                 set mb_nick = '{$mb_nick}',
                     mb_mailling = '{$mb_mailling}',
@@ -371,12 +444,19 @@ if ($w == '') {
                     mb_7 = '{$mb_7}',
                     mb_8 = '{$mb_8}',
                     mb_9 = '{$mb_9}',
-                    mb_10 = '{$mb_10}'
+                    mb_10 = '{$mb_10}',
+                    mb_marketing_agree = '{$mb_marketing_agree}',
+                    mb_thirdparty_agree = '{$mb_thirdparty_agree}'
                     {$sql_password}
                     {$sql_nick_date}
                     {$sql_open_date}
                     {$sql_email_certify}
                     {$sql_certify}
+                    {$sql_mailling_date}
+                    {$sql_sms_date}
+                    {$sql_marketing_date}
+                    {$sql_thirdparty_date}
+                    {$sql_agree_log}
               where mb_id = '$mb_id' ";
     sql_query($sql);
 

bbs/view_comment.php

@@ -7,7 +7,7 @@ if ($is_guest && $board['bo_comment_level'] < 2) {
     $captcha_html = captcha_html('_comment');
 }
 
-$c_id = isset($_GET['c_id']) ? clean_xss_tags($_GET['c_id'], 1, 1) : '';
+$c_id = isset($_GET['c_id']) ? preg_replace('/[\'",]/', '', clean_xss_tags($_GET['c_id'], 1, 1)) : '';
 $c_wr_content = '';
 
 @include_once($board_skin_path.'/view_comment.head.skin.php');