firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

Checked PSR-1 / PHP 8.1 Undefiend Varialbe, Type error

Browse Source
This commit is contained in:
kjh
2022-05-31 05:53:49 +00:00
parent 993e689800
commit 1fb9b5051c
13 changed files with 1011 additions and 967 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
adm/phpinfo.php
View File

@ -1,9 +1,9 @@
<?php <?php
$sub_menu = "100500"; $sub_menu = "100500";
include_once('./_common.php'); require_once './_common.php';
check_demo(); check_demo();
auth_check_menu($auth, $sub_menu, 'r'); auth_check_menu($auth, $sub_menu, 'r');
phpinfo(); phpinfo();

300
adm/point_list.php
View File

@ -1,20 +1,20 @@
<?php <?php
$sub_menu = "200200"; $sub_menu = "200200";
include_once('./_common.php'); require_once './_common.php';
auth_check_menu($auth, $sub_menu, 'r'); auth_check_menu($auth, $sub_menu, 'r');
$sql_common = " from {$g5['point_table']} "; $sql_common = " from {$g5['point_table']} po";
$sql_search = " where (1) "; $sql_search = " where (1) ";
if ($stx) { if ($stx) {
$sql_search .= " and ( "; $sql_search .= " and ( ";
switch ($sfl) { switch ($sfl) {
case 'mb_id' : case 'mb_id':
$sql_search .= " ({$sfl} = '{$stx}') "; $sql_search .= " (po.{$sfl} = '{$stx}') ";
break; break;
default : default:
$sql_search .= " ({$sfl} like '%{$stx}%') "; $sql_search .= " ({$sfl} like '%{$stx}%') ";
break; break;
} }
@ -36,36 +36,41 @@ $total_count = $row['cnt'];
$rows = $config['cf_page_rows']; $rows = $config['cf_page_rows'];
$total_page = ceil($total_count / $rows); // 전체 페이지 계산 $total_page = ceil($total_count / $rows); // 전체 페이지 계산
if ($page < 1) $page = 1; // 페이지가 없으면 첫 페이지 (1 페이지) if ($page < 1) {
$page = 1; // 페이지가 없으면 첫 페이지 (1 페이지)
}
$from_record = ($page - 1) * $rows; // 시작 열을 구함 $from_record = ($page - 1) * $rows; // 시작 열을 구함
$sql = " select * $sql = " select po.*, mb.mb_name, mb.mb_nick, mb.mb_email, mb.mb_homepage, mb.mb_point
{$sql_common} {$sql_common}
LEFT JOIN {$g5['member_table']} mb ON po.mb_id = mb.mb_id
{$sql_search} {$sql_search}
{$sql_order} {$sql_order}
limit {$from_record}, {$rows} "; limit {$from_record}, {$rows} ";
$result = sql_query($sql); $result = sql_query($sql);
$listall = '<a href="'.$_SERVER['SCRIPT_NAME'].'" class="ov_listall">전체목록</a>'; $listall = '<a href="' . $_SERVER['SCRIPT_NAME'] . '" class="ov_listall">전체목록</a>';
$mb = array(); $mb = array();
if ($sfl == 'mb_id' && $stx) if ($sfl == 'mb_id' && $stx) {
$mb = get_member($stx); $mb = get_member($stx);
}
$g5['title'] = '포인트관리'; $g5['title'] = '포인트관리';
include_once ('./admin.head.php'); require_once './admin.head.php';
$colspan = 9; $colspan = 9;
$po_expire_term = ''; $po_expire_term = '';
if($config['cf_point_term'] > 0) { if ($config['cf_point_term'] > 0) {
$po_expire_term = $config['cf_point_term']; $po_expire_term = $config['cf_point_term'];
} }
if (strstr($sfl, "mb_id")) if (strstr($sfl, "mb_id")) {
$mb_id = $stx; $mb_id = $stx;
else } else {
$mb_id = ""; $mb_id = "";
}
?> ?>
<div class="local_ov01 local_ov"> <div class="local_ov01 local_ov">
@ -73,109 +78,111 @@ else
<span class="btn_ov01"><span class="ov_txt">전체 </span><span class="ov_num"> <?php echo number_format($total_count) ?> 건 </span></span> <span class="btn_ov01"><span class="ov_txt">전체 </span><span class="ov_num"> <?php echo number_format($total_count) ?> 건 </span></span>
<?php <?php
if (isset($mb['mb_id']) && $mb['mb_id']) { if (isset($mb['mb_id']) && $mb['mb_id']) {
echo '&nbsp;<span class="btn_ov01"><span class="ov_txt">' . $mb['mb_id'] .' 님 포인트 합계 </span><span class="ov_num"> ' . number_format($mb['mb_point']) . '점</span></span>'; echo '&nbsp;<span class="btn_ov01"><span class="ov_txt">' . $mb['mb_id'] . ' 님 포인트 합계 </span><span class="ov_num"> ' . number_format($mb['mb_point']) . '점</span></span>';
} else { } else {
$row2 = sql_fetch(" select sum(po_point) as sum_point from {$g5['point_table']} "); $row2 = sql_fetch(" select sum(po_point) as sum_point from {$g5['point_table']} ");
echo '&nbsp;<span class="btn_ov01"><span class="ov_txt">전체 합계</span><span class="ov_num">'.number_format($row2['sum_point']).'점 </span></span>'; echo '&nbsp;<span class="btn_ov01"><span class="ov_txt">전체 합계</span><span class="ov_num">' . number_format($row2['sum_point']) . '점 </span></span>';
} }
?> ?>
</div> </div>
<form name="fsearch" id="fsearch" class="local_sch01 local_sch" method="get"> <form name="fsearch" id="fsearch" class="local_sch01 local_sch" method="get">
<label for="sfl" class="sound_only">검색대상</label> <label for="sfl" class="sound_only">검색대상</label>
<select name="sfl" id="sfl"> <select name="sfl" id="sfl">
<option value="mb_id"<?php echo get_selected($sfl, "mb_id"); ?>>회원아이디</option> <option value="mb_id" <?php echo get_selected($sfl, "mb_id"); ?>>회원아이디</option>
<option value="po_content"<?php echo get_selected($sfl, "po_content"); ?>>내용</option> <option value="po_content" <?php echo get_selected($sfl, "po_content"); ?>>내용</option>
</select> </select>
<label for="stx" class="sound_only">검색어<strong class="sound_only"> 필수</strong></label> <label for="stx" class="sound_only">검색어<strong class="sound_only"> 필수</strong></label>
<input type="text" name="stx" value="<?php echo $stx ?>" id="stx" required class="required frm_input"> <input type="text" name="stx" value="<?php echo $stx ?>" id="stx" required class="required frm_input">
<input type="submit" class="btn_submit" value="검색"> <input type="submit" class="btn_submit" value="검색">
</form> </form>
<form name="fpointlist" id="fpointlist" method="post" action="./point_list_delete.php" onsubmit="return fpointlist_submit(this);"> <form name="fpointlist" id="fpointlist" method="post" action="./point_list_delete.php" onsubmit="return fpointlist_submit(this);">
<input type="hidden" name="sst" value="<?php echo $sst ?>"> <input type="hidden" name="sst" value="<?php echo $sst ?>">
<input type="hidden" name="sod" value="<?php echo $sod ?>"> <input type="hidden" name="sod" value="<?php echo $sod ?>">
<input type="hidden" name="sfl" value="<?php echo $sfl ?>"> <input type="hidden" name="sfl" value="<?php echo $sfl ?>">
<input type="hidden" name="stx" value="<?php echo $stx ?>"> <input type="hidden" name="stx" value="<?php echo $stx ?>">
<input type="hidden" name="page" value="<?php echo $page ?>"> <input type="hidden" name="page" value="<?php echo $page ?>">
<input type="hidden" name="token" value=""> <input type="hidden" name="token" value="">
<div class="tbl_head01 tbl_wrap"> <div class="tbl_head01 tbl_wrap">
<table> <table>
<caption><?php echo $g5['title']; ?> 목록</caption> <caption><?php echo $g5['title']; ?> 목록</caption>
<thead> <thead>
<tr> <tr>
<th scope="col"> <th scope="col">
<label for="chkall" class="sound_only">포인트 내역 전체</label> <label for="chkall" class="sound_only">포인트 내역 전체</label>
<input type="checkbox" name="chkall" value="1" id="chkall" onclick="check_all(this.form)"> <input type="checkbox" name="chkall" value="1" id="chkall" onclick="check_all(this.form)">
</th> </th>
<th scope="col"><?php echo subject_sort_link('mb_id') ?>회원아이디</a></th> <th scope="col"><?php echo subject_sort_link('mb_id') ?>회원아이디</a></th>
<th scope="col">이름</th> <th scope="col">이름</th>
<th scope="col">닉네임</th> <th scope="col">닉네임</th>
<th scope="col"><?php echo subject_sort_link('po_content') ?>포인트 내용</a></th> <th scope="col"><?php echo subject_sort_link('po_content') ?>포인트 내용</a></th>
<th scope="col"><?php echo subject_sort_link('po_point') ?>포인트</a></th> <th scope="col"><?php echo subject_sort_link('po_point') ?>포인트</a></th>
<th scope="col"><?php echo subject_sort_link('po_datetime') ?>일시</a></th> <th scope="col"><?php echo subject_sort_link('po_datetime') ?>일시</a></th>
<th scope="col">만료일</th> <th scope="col">만료일</th>
<th scope="col">포인트합</th> <th scope="col">포인트합</th>
</tr> </tr>
</thead> </thead>
<tbody> <tbody>
<?php <?php
for ($i=0; $row=sql_fetch_array($result); $i++) { for ($i = 0; $row = sql_fetch_array($result); $i++) {
if ($i==0 || ($row2['mb_id'] != $row['mb_id'])) {
$sql2 = " select mb_id, mb_name, mb_nick, mb_email, mb_homepage, mb_point from {$g5['member_table']} where mb_id = '{$row['mb_id']}' ";
$row2 = sql_fetch($sql2);
}
$mb_nick = get_sideview($row['mb_id'], $row2['mb_nick'], $row2['mb_email'], $row2['mb_homepage']); $mb_nick = get_sideview($row['mb_id'], $row['mb_nick'], $row['mb_email'], $row['mb_homepage']);
$link1 = $link2 = ''; $link1 = $link2 = '';
if (!preg_match("/^\@/", $row['po_rel_table']) && $row['po_rel_table']) { if (!preg_match("/^\@/", $row['po_rel_table']) && $row['po_rel_table']) {
$link1 = '<a href="'.get_pretty_url($row['po_rel_table'], $row['po_rel_id']).'" target="_blank">'; $link1 = '<a href="' . get_pretty_url($row['po_rel_table'], $row['po_rel_id']) . '" target="_blank">';
$link2 = '</a>'; $link2 = '</a>';
} }
$expr = ''; $expr = '';
if($row['po_expired'] == 1) if ($row['po_expired'] == 1) {
$expr = ' txt_expired'; $expr = ' txt_expired';
}
$bg = 'bg'.($i%2); $bg = 'bg' . ($i % 2);
?> ?>
<tr class="<?php echo $bg; ?>"> <tr class="<?php echo $bg; ?>">
<td class="td_chk"> <td class="td_chk">
<input type="hidden" name="mb_id[<?php echo $i ?>]" value="<?php echo $row['mb_id'] ?>" id="mb_id_<?php echo $i ?>"> <input type="hidden" name="mb_id[<?php echo $i ?>]" value="<?php echo $row['mb_id'] ?>" id="mb_id_<?php echo $i ?>">
<input type="hidden" name="po_id[<?php echo $i ?>]" value="<?php echo $row['po_id'] ?>" id="po_id_<?php echo $i ?>"> <input type="hidden" name="po_id[<?php echo $i ?>]" value="<?php echo $row['po_id'] ?>" id="po_id_<?php echo $i ?>">
<label for="chk_<?php echo $i; ?>" class="sound_only"><?php echo $row['po_content'] ?> 내역</label> <label for="chk_<?php echo $i; ?>" class="sound_only"><?php echo $row['po_content'] ?> 내역</label>
<input type="checkbox" name="chk[]" value="<?php echo $i ?>" id="chk_<?php echo $i ?>"> <input type="checkbox" name="chk[]" value="<?php echo $i ?>" id="chk_<?php echo $i ?>">
</td> </td>
<td class="td_left"><a href="?sfl=mb_id&amp;stx=<?php echo $row['mb_id'] ?>"><?php echo $row['mb_id'] ?></a></td> <td class="td_left"><a href="?sfl=mb_id&amp;stx=<?php echo $row['mb_id'] ?>"><?php echo $row['mb_id'] ?></a></td>
<td class="td_left"><?php echo get_text($row2['mb_name']); ?></td> <td class="td_left"><?php echo get_text($row['mb_name']); ?></td>
<td class="td_left sv_use"><div><?php echo $mb_nick ?></div></td> <td class="td_left sv_use">
<td class="td_left"><?php echo $link1 ?><?php echo $row['po_content'] ?><?php echo $link2 ?></td> <div><?php echo $mb_nick ?></div>
<td class="td_num td_pt"><?php echo number_format($row['po_point']) ?></td> </td>
<td class="td_datetime"><?php echo $row['po_datetime'] ?></td> <td class="td_left"><?php echo $link1 ?><?php echo $row['po_content'] ?><?php echo $link2 ?></td>
<td class="td_datetime2<?php echo $expr; ?>"> <td class="td_num td_pt"><?php echo number_format($row['po_point']) ?></td>
<?php if ($row['po_expired'] == 1) { ?> <td class="td_datetime"><?php echo $row['po_datetime'] ?></td>
만료<?php echo substr(str_replace('-', '', $row['po_expire_date']), 2); ?> <td class="td_datetime2<?php echo $expr; ?>">
<?php } else echo $row['po_expire_date'] == '9999-12-31' ? '&nbsp;' : $row['po_expire_date']; ?> <?php if ($row['po_expired'] == 1) { ?>
</td> 만료<?php echo substr(str_replace('-', '', $row['po_expire_date']), 2); ?>
<td class="td_num td_pt"><?php echo number_format($row['po_mb_point']) ?></td> <?php } else {
</tr> echo $row['po_expire_date'] == '9999-12-31' ? '&nbsp;' : $row['po_expire_date'];
} ?>
</td>
<td class="td_num td_pt"><?php echo number_format($row['po_mb_point']) ?></td>
</tr>
<?php <?php
} }
if ($i == 0) if ($i == 0) {
echo '<tr><td colspan="'.$colspan.'" class="empty_table">자료가 없습니다.</td></tr>'; echo '<tr><td colspan="' . $colspan . '" class="empty_table">자료가 없습니다.</td></tr>';
?> }
</tbody> ?>
</table> </tbody>
</div> </table>
</div>
<div class="btn_fixed_top"> <div class="btn_fixed_top">
<input type="submit" name="act_button" value="선택삭제" onclick="document.pressed=this.value" class="btn btn_02"> <input type="submit" name="act_button" value="선택삭제" onclick="document.pressed=this.value" class="btn btn_02">
</div> </div>
</form> </form>
@ -185,67 +192,66 @@ else
<h2 class="h2_frm">개별회원 포인트 증감 설정</h2> <h2 class="h2_frm">개별회원 포인트 증감 설정</h2>
<form name="fpointlist2" method="post" id="fpointlist2" action="./point_update.php" autocomplete="off"> <form name="fpointlist2" method="post" id="fpointlist2" action="./point_update.php" autocomplete="off">
<input type="hidden" name="sfl" value="<?php echo $sfl ?>"> <input type="hidden" name="sfl" value="<?php echo $sfl ?>">
<input type="hidden" name="stx" value="<?php echo $stx ?>"> <input type="hidden" name="stx" value="<?php echo $stx ?>">
<input type="hidden" name="sst" value="<?php echo $sst ?>"> <input type="hidden" name="sst" value="<?php echo $sst ?>">
<input type="hidden" name="sod" value="<?php echo $sod ?>"> <input type="hidden" name="sod" value="<?php echo $sod ?>">
<input type="hidden" name="page" value="<?php echo $page ?>"> <input type="hidden" name="page" value="<?php echo $page ?>">
<input type="hidden" name="token" value="<?php echo isset($token) ? $token : ''; ?>"> <input type="hidden" name="token" value="<?php echo isset($token) ? $token : ''; ?>">
<div class="tbl_frm01 tbl_wrap"> <div class="tbl_frm01 tbl_wrap">
<table> <table>
<colgroup> <colgroup>
<col class="grid_4"> <col class="grid_4">
<col> <col>
</colgroup> </colgroup>
<tbody> <tbody>
<tr> <tr>
<th scope="row"><label for="mb_id">회원아이디<strong class="sound_only">필수</strong></label></th> <th scope="row"><label for="mb_id">회원아이디<strong class="sound_only">필수</strong></label></th>
<td><input type="text" name="mb_id" value="<?php echo $mb_id ?>" id="mb_id" class="required frm_input" required></td> <td><input type="text" name="mb_id" value="<?php echo $mb_id ?>" id="mb_id" class="required frm_input" required></td>
</tr> </tr>
<tr> <tr>
<th scope="row"><label for="po_content">포인트 내용<strong class="sound_only">필수</strong></label></th> <th scope="row"><label for="po_content">포인트 내용<strong class="sound_only">필수</strong></label></th>
<td><input type="text" name="po_content" id="po_content" required class="required frm_input" size="80"></td> <td><input type="text" name="po_content" id="po_content" required class="required frm_input" size="80"></td>
</tr> </tr>
<tr> <tr>
<th scope="row"><label for="po_point">포인트<strong class="sound_only">필수</strong></label></th> <th scope="row"><label for="po_point">포인트<strong class="sound_only">필수</strong></label></th>
<td><input type="text" name="po_point" id="po_point" required class="required frm_input"></td> <td><input type="text" name="po_point" id="po_point" required class="required frm_input"></td>
</tr> </tr>
<?php if($config['cf_point_term'] > 0) { ?> <?php if ($config['cf_point_term'] > 0) { ?>
<tr> <tr>
<th scope="row"><label for="po_expire_term">포인트 유효기간</label></th> <th scope="row"><label for="po_expire_term">포인트 유효기간</label></th>
<td><input type="text" name="po_expire_term" value="<?php echo $po_expire_term; ?>" id="po_expire_term" class="frm_input" size="5"> 일</td> <td><input type="text" name="po_expire_term" value="<?php echo $po_expire_term; ?>" id="po_expire_term" class="frm_input" size="5"> 일</td>
</tr> </tr>
<?php } ?> <?php } ?>
</tbody> </tbody>
</table> </table>
</div> </div>
<div class="btn_confirm01 btn_confirm"> <div class="btn_confirm01 btn_confirm">
<input type="submit" value="확인" class="btn_submit btn"> <input type="submit" value="확인" class="btn_submit btn">
</div> </div>
</form> </form>
</section> </section>
<script> <script>
function fpointlist_submit(f) function fpointlist_submit(f) {
{ if (!is_checked("chk[]")) {
if (!is_checked("chk[]")) { alert(document.pressed + " 하실 항목을 하나 이상 선택하세요.");
alert(document.pressed+" 하실 항목을 하나 이상 선택하세요.");
return false;
}
if(document.pressed == "선택삭제") {
if(!confirm("선택한 자료를 정말 삭제하시겠습니까?")) {
return false; return false;
} }
}
return true; if (document.pressed == "선택삭제") {
} if (!confirm("선택한 자료를 정말 삭제하시겠습니까?")) {
return false;
}
}
return true;
}
</script> </script>
<?php <?php
include_once ('./admin.tail.php'); require_once './admin.tail.php';

26
adm/point_list_delete.php
View File

@ -1,6 +1,6 @@
<?php <?php
$sub_menu = '200200'; $sub_menu = '200200';
include_once('./_common.php'); require_once './_common.php';
check_demo(); check_demo();
@ -9,11 +9,11 @@ auth_check_menu($auth, $sub_menu, 'd');
check_admin_token(); check_admin_token();
$count = (isset($_POST['chk']) && is_array($_POST['chk'])) ? count($_POST['chk']) : 0; $count = (isset($_POST['chk']) && is_array($_POST['chk'])) ? count($_POST['chk']) : 0;
if(!$count) if (!$count) {
alert($_POST['act_button'].' 하실 항목을 하나 이상 체크하세요.'); alert($_POST['act_button'] . ' 하실 항목을 하나 이상 체크하세요.');
}
for ($i=0; $i<$count; $i++) for ($i = 0; $i < $count; $i++) {
{
// 실제 번호를 넘김 // 실제 번호를 넘김
$k = $_POST['chk'][$i]; $k = $_POST['chk'][$i];
$po_id = (int) $_POST['po_id'][$k]; $po_id = (int) $_POST['po_id'][$k];
@ -23,19 +23,21 @@ for ($i=0; $i<$count; $i++)
$sql = " select * from {$g5['point_table']} where po_id = '{$po_id}' "; $sql = " select * from {$g5['point_table']} where po_id = '{$po_id}' ";
$row = sql_fetch($sql); $row = sql_fetch($sql);
if(!$row['po_id']) if (!$row['po_id']) {
continue; continue;
}
if($row['po_point'] < 0) { if ($row['po_point'] < 0) {
$mb_id = $row['mb_id']; $mb_id = $row['mb_id'];
$po_point = abs($row['po_point']); $po_point = abs($row['po_point']);
if($row['po_rel_table'] == '@expire') if ($row['po_rel_table'] == '@expire') {
delete_expire_point($mb_id, $po_point); delete_expire_point($mb_id, $po_point);
else } else {
delete_use_point($mb_id, $po_point); delete_use_point($mb_id, $po_point);
}
} else { } else {
if($row['po_use_point'] > 0) { if ($row['po_use_point'] > 0) {
insert_use_point($row['mb_id'], $row['po_use_point'], $row['po_id']); insert_use_point($row['mb_id'], $row['po_use_point'], $row['po_id']);
} }
} }
@ -53,8 +55,8 @@ for ($i=0; $i<$count; $i++)
// 포인트 UPDATE // 포인트 UPDATE
$sum_point = get_point_sum($_POST['mb_id'][$k]); $sum_point = get_point_sum($_POST['mb_id'][$k]);
$sql= " update {$g5['member_table']} set mb_point = '$sum_point' where mb_id = '{$str_mb_id}' "; $sql = " update {$g5['member_table']} set mb_point = '$sum_point' where mb_id = '{$str_mb_id}' ";
sql_query($sql); sql_query($sql);
} }
goto_url('./point_list.php?'.$qstr); goto_url('./point_list.php?' . $qstr);

18
adm/point_update.php
View File

@ -1,24 +1,26 @@
<?php <?php
$sub_menu = "200200"; $sub_menu = "200200";
include_once('./_common.php'); require_once './_common.php';
auth_check_menu($auth, $sub_menu, 'w'); auth_check_menu($auth, $sub_menu, 'w');
check_admin_token(); check_admin_token();
$mb_id = isset($_POST['mb_id']) ? strip_tags(clean_xss_attributes($_POST['mb_id'])) : ''; $mb_id = isset($_POST['mb_id']) ? strip_tags(clean_xss_attributes($_POST['mb_id'])) : '';
$po_point = isset($_POST['po_point']) ? strip_tags(clean_xss_attributes($_POST['po_point'])) : 0; $po_point = isset($_POST['po_point']) ? (int)strip_tags(clean_xss_attributes($_POST['po_point'])) : 0;
$po_content = isset($_POST['po_content']) ? strip_tags(clean_xss_attributes($_POST['po_content'])) : ''; $po_content = isset($_POST['po_content']) ? strip_tags(clean_xss_attributes($_POST['po_content'])) : '';
$expire = isset($_POST['po_expire_term']) ? preg_replace('/[^0-9]/', '', $_POST['po_expire_term']) : ''; $expire = isset($_POST['po_expire_term']) ? preg_replace('/[^0-9]/', '', $_POST['po_expire_term']) : '';
$mb = get_member($mb_id); $mb = get_member($mb_id);
if (!$mb['mb_id']) if (!$mb['mb_id']) {
alert('존재하는 회원아이디가 아닙니다.', './point_list.php?'.$qstr); alert('존재하는 회원아이디가 아닙니다.', './point_list.php?' . $qstr);
}
if (($po_point < 0) && ($po_point * (-1) > $mb['mb_point'])) if (($po_point < 0) && ($po_point * (-1) > $mb['mb_point'])) {
alert('포인트를 깎는 경우 현재 포인트보다 작으면 안됩니다.', './point_list.php?'.$qstr); alert('포인트를 깎는 경우 현재 포인트보다 작으면 안됩니다.', './point_list.php?' . $qstr);
}
insert_point($mb_id, $po_point, $po_content, '@passive', $mb_id, $member['mb_id'].'-'.uniqid(''), $expire); insert_point($mb_id, $po_point, $po_content, '@passive', $mb_id, $member['mb_id'] . '-' . uniqid(''), $expire);
goto_url('./point_list.php?'.$qstr); goto_url('./point_list.php?' . $qstr);

9
adm/poll_delete.php
View File

@ -1,6 +1,6 @@
<?php <?php
$sub_menu = "200900"; $sub_menu = "200900";
include_once('./_common.php'); require_once './_common.php';
check_demo(); check_demo();
@ -10,10 +10,11 @@ check_admin_token();
$count = (isset($_POST['chk']) && is_array($_POST['chk'])) ? count($_POST['chk']) : 0; $count = (isset($_POST['chk']) && is_array($_POST['chk'])) ? count($_POST['chk']) : 0;
if(!$count) if (!$count) {
alert('삭제할 투표목록을 1개이상 선택해 주세요.'); alert('삭제할 투표목록을 1개이상 선택해 주세요.');
}
for($i=0; $i<$count; $i++) { for ($i = 0; $i < $count; $i++) {
$po_id = isset($_POST['chk'][$i]) ? (int) $_POST['chk'][$i] : 0; $po_id = isset($_POST['chk'][$i]) ? (int) $_POST['chk'][$i] : 0;
$sql = " delete from {$g5['poll_table']} where po_id = '$po_id' "; $sql = " delete from {$g5['poll_table']} where po_id = '$po_id' ";
@ -23,4 +24,4 @@ for($i=0; $i<$count; $i++) {
sql_query($sql); sql_query($sql);
} }
goto_url('./poll_list.php?'.$qstr); goto_url('./poll_list.php?' . $qstr);

176
adm/poll_form.php
View File

@ -1,121 +1,123 @@
<?php <?php
$sub_menu = "200900"; $sub_menu = "200900";
include_once('./_common.php'); require_once './_common.php';
auth_check_menu($auth, $sub_menu, 'w'); auth_check_menu($auth, $sub_menu, 'w');
$po_id = isset($po_id) ? (int) $po_id : 0; $po_id = isset($po_id) ? (int) $po_id : 0;
$po = array( $po = array(
'po_subject'=>'', 'po_subject' => '',
'po_etc'=>'', 'po_etc' => '',
'po_level'=>'', 'po_level' => '',
'po_point'=>'', 'po_point' => '',
); );
$html_title = '투표'; $html_title = '투표';
if ($w == '') if ($w == '') {
$html_title .= ' 생성'; $html_title .= ' 생성';
else if ($w == 'u') { } elseif ($w == 'u') {
$html_title .= ' 수정'; $html_title .= ' 수정';
$sql = " select * from {$g5['poll_table']} where po_id = '{$po_id}' "; $sql = " select * from {$g5['poll_table']} where po_id = '{$po_id}' ";
$po = sql_fetch($sql); $po = sql_fetch($sql);
} else } else {
alert('w 값이 제대로 넘어오지 않았습니다.'); alert('w 값이 제대로 넘어오지 않았습니다.');
}
$g5['title'] = $html_title; $g5['title'] = $html_title;
include_once('./admin.head.php'); require_once './admin.head.php';
?> ?>
<form name="fpoll" id="fpoll" action="./poll_form_update.php" method="post" enctype="multipart/form-data"> <form name="fpoll" id="fpoll" action="./poll_form_update.php" method="post" enctype="multipart/form-data">
<input type="hidden" name="po_id" value="<?php echo $po_id ?>"> <input type="hidden" name="po_id" value="<?php echo $po_id ?>">
<input type="hidden" name="w" value="<?php echo $w ?>"> <input type="hidden" name="w" value="<?php echo $w ?>">
<input type="hidden" name="sfl" value="<?php echo $sfl ?>"> <input type="hidden" name="sfl" value="<?php echo $sfl ?>">
<input type="hidden" name="stx" value="<?php echo $stx ?>"> <input type="hidden" name="stx" value="<?php echo $stx ?>">
<input type="hidden" name="sst" value="<?php echo $sst ?>"> <input type="hidden" name="sst" value="<?php echo $sst ?>">
<input type="hidden" name="sod" value="<?php echo $sod ?>"> <input type="hidden" name="sod" value="<?php echo $sod ?>">
<input type="hidden" name="page" value="<?php echo $page ?>"> <input type="hidden" name="page" value="<?php echo $page ?>">
<input type="hidden" name="token" value=""> <input type="hidden" name="token" value="">
<div class="tbl_frm01 tbl_wrap"> <div class="tbl_frm01 tbl_wrap">
<table> <table>
<caption><?php echo $g5['title']; ?></caption> <caption><?php echo $g5['title']; ?></caption>
<tbody> <tbody>
<tr> <tr>
<th scope="row"><label for="po_subject">투표 제목<strong class="sound_only">필수</strong></label></th> <th scope="row"><label for="po_subject">투표 제목<strong class="sound_only">필수</strong></label></th>
<td><input type="text" name="po_subject" value="<?php echo get_sanitize_input($po['po_subject']); ?>" id="po_subject" required class="required frm_input" size="80" maxlength="125"></td> <td><input type="text" name="po_subject" value="<?php echo get_sanitize_input($po['po_subject']); ?>" id="po_subject" required class="required frm_input" size="80" maxlength="125"></td>
</tr> </tr>
<?php <?php
for ($i=1; $i<=9; $i++) { for ($i = 1; $i <= 9; $i++) {
$required = ''; $required = '';
if ($i==1 || $i==2) { $sound_only = '';
$required = 'required'; if ($i == 1 || $i == 2) {
$sound_only = '<strong class="sound_only">필수</strong>'; $required = 'required';
} $sound_only = '<strong class="sound_only">필수</strong>';
}
$po_poll = isset($po['po_poll'.$i]) ? get_text($po['po_poll'.$i]) : ''; $po_poll = isset($po['po_poll' . $i]) ? get_text($po['po_poll' . $i]) : '';
$po_cnt = isset($po['po_cnt'.$i]) ? get_text($po['po_cnt'.$i]) : 0; $po_cnt = isset($po['po_cnt' . $i]) ? get_text($po['po_cnt' . $i]) : 0;
?> ?>
<tr> <tr>
<th scope="row"><label for="po_poll<?php echo $i ?>">항목 <?php echo $i ?><?php echo $sound_only ?></label></th> <th scope="row"><label for="po_poll<?php echo $i ?>">항목 <?php echo $i ?><?php echo $sound_only ?></label></th>
<td> <td>
<input type="text" name="po_poll<?php echo $i ?>" value="<?php echo $po_poll ?>" id="po_poll<?php echo $i ?>" <?php echo $required ?> class="frm_input <?php echo $required ?>" maxlength="125"> <input type="text" name="po_poll<?php echo $i ?>" value="<?php echo $po_poll ?>" id="po_poll<?php echo $i ?>" <?php echo $required ?> class="frm_input <?php echo $required ?>" maxlength="125">
<label for="po_cnt<?php echo $i ?>">항목 <?php echo $i ?> 투표수</label> <label for="po_cnt<?php echo $i ?>">항목 <?php echo $i ?> 투표수</label>
<input type="text" name="po_cnt<?php echo $i ?>" value="<?php echo $po_cnt; ?>" id="po_cnt<?php echo $i ?>" class="frm_input" size="3"> <input type="text" name="po_cnt<?php echo $i ?>" value="<?php echo $po_cnt; ?>" id="po_cnt<?php echo $i ?>" class="frm_input" size="3">
</td> </td>
</tr> </tr>
<?php } ?> <?php } ?>
<tr> <tr>
<th scope="row"><label for="po_etc">기타의견</label></th> <th scope="row"><label for="po_etc">기타의견</label></th>
<td> <td>
<?php echo help('기타 의견을 남길 수 있도록 하려면, 간단한 질문을 입력하세요.') ?> <?php echo help('기타 의견을 남길 수 있도록 하려면, 간단한 질문을 입력하세요.') ?>
<input type="text" name="po_etc" value="<?php echo get_text($po['po_etc']) ?>" id="po_etc" class="frm_input" size="80" maxlength="125"> <input type="text" name="po_etc" value="<?php echo get_text($po['po_etc']) ?>" id="po_etc" class="frm_input" size="80" maxlength="125">
</td> </td>
</tr> </tr>
<tr> <tr>
<th scope="row"><label for="po_level">투표가능 회원레벨</label></th> <th scope="row"><label for="po_level">투표가능 회원레벨</label></th>
<td> <td>
<?php echo help("레벨을 1로 설정하면 손님도 투표할 수 있습니다.") ?> <?php echo help("레벨을 1로 설정하면 손님도 투표할 수 있습니다.") ?>
<?php echo get_member_level_select('po_level', 1, 10, $po['po_level']) ?> 이상 투표할 수 있음 <?php echo get_member_level_select('po_level', 1, 10, $po['po_level']) ?> 이상 투표할 수 있음
</td> </td>
</tr> </tr>
<tr> <tr>
<th scope="row"><label for="po_point">포인트</label></th> <th scope="row"><label for="po_point">포인트</label></th>
<td> <td>
<?php echo help('투표에 참여한 회원에게 포인트를 부여합니다.') ?> <?php echo help('투표에 참여한 회원에게 포인트를 부여합니다.') ?>
<input type="text" name="po_point" value="<?php echo $po['po_point'] ?>" id="po_point" class="frm_input"> 점 <input type="text" name="po_point" value="<?php echo $po['po_point'] ?>" id="po_point" class="frm_input"> 점
</td> </td>
</tr> </tr>
<?php if ($w == 'u') { ?> <?php if ($w == 'u') { ?>
<tr> <tr>
<th scope="row">투표등록일</th> <th scope="row">투표등록일</th>
<td><?php echo $po['po_date']; ?></td> <td><?php echo $po['po_date']; ?></td>
</tr> </tr>
<tr> <tr>
<th scope="row"><label for="po_ips">투표참가 IP</label></th> <th scope="row"><label for="po_ips">투표참가 IP</label></th>
<td><textarea name="po_ips" id="po_ips" readonly rows="10"><?php echo preg_replace("/\n/", " / ", $po['po_ips']) ?></textarea></td> <td><textarea name="po_ips" id="po_ips" readonly rows="10"><?php echo preg_replace("/\n/", " / ", $po['po_ips']) ?></textarea></td>
</tr> </tr>
<tr> <tr>
<th scope="row"><label for="mb_ids">투표참가 회원</label></th> <th scope="row"><label for="mb_ids">투표참가 회원</label></th>
<td><textarea name="mb_ids" id="mb_ids" readonly rows="10"><?php echo preg_replace("/\n/", " / ", $po['mb_ids']) ?></textarea></td> <td><textarea name="mb_ids" id="mb_ids" readonly rows="10"><?php echo preg_replace("/\n/", " / ", $po['mb_ids']) ?></textarea></td>
</tr> </tr>
<?php } ?> <?php } ?>
</tbody> </tbody>
</table> </table>
</div> </div>
<div class="btn_fixed_top "> <div class="btn_fixed_top ">
<a href="./poll_list.php?<?php echo $qstr ?>" class="btn_02 btn">목록</a> <a href="./poll_list.php?<?php echo $qstr ?>" class="btn_02 btn">목록</a>
<input type="submit" value="확인" class="btn_submit btn" accesskey="s"> <input type="submit" value="확인" class="btn_submit btn" accesskey="s">
</div> </div>
</form> </form>
<?php <?php
include_once('./admin.tail.php'); require_once './admin.tail.php';

83
adm/poll_form_update.php
View File

@ -1,60 +1,62 @@
<?php <?php
$sub_menu = "200900"; $sub_menu = "200900";
include_once('./_common.php'); require_once './_common.php';
$w = $_POST['w']; $w = $_POST['w'];
if ($w == 'u' || $w == 'd') if ($w == 'u' || $w == 'd') {
check_demo(); check_demo();
}
auth_check_menu($auth, $sub_menu, 'w'); auth_check_menu($auth, $sub_menu, 'w');
check_admin_token(); check_admin_token();
$check_keys = array( $check_keys = array(
'po_subject', 'po_subject',
'po_poll1', 'po_poll1',
'po_poll2', 'po_poll2',
'po_poll3', 'po_poll3',
'po_poll4', 'po_poll4',
'po_poll5', 'po_poll5',
'po_poll6', 'po_poll6',
'po_poll7', 'po_poll7',
'po_poll8', 'po_poll8',
'po_poll9', 'po_poll9',
'po_cnt1', 'po_cnt1',
'po_cnt2', 'po_cnt2',
'po_cnt3', 'po_cnt3',
'po_cnt4', 'po_cnt4',
'po_cnt5', 'po_cnt5',
'po_cnt6', 'po_cnt6',
'po_cnt7', 'po_cnt7',
'po_cnt8', 'po_cnt8',
'po_cnt9', 'po_cnt9',
'po_etc', 'po_etc',
'po_level', 'po_level',
'po_point', 'po_point',
'po_id' 'po_id'
); );
foreach( $_POST as $key=>$value ){ foreach ($_POST as $key => $value) {
if( empty($value) ) continue; if (empty($value)) {
continue;
}
if( in_array($key, $check_keys) ) { if (in_array($key, $check_keys)) {
$_POST[$key] = strip_tags(clean_xss_attributes($value)); $_POST[$key] = strip_tags(clean_xss_attributes($value));
} }
} }
if ($w == '') $po_id = isset($_POST['po_id']) ? $_POST['po_id'] : '';
{
if ($w == '') {
$sql = " insert {$g5['poll_table']} $sql = " insert {$g5['poll_table']}
( po_subject, po_poll1, po_poll2, po_poll3, po_poll4, po_poll5, po_poll6, po_poll7, po_poll8, po_poll9, po_cnt1, po_cnt2, po_cnt3, po_cnt4, po_cnt5, po_cnt6, po_cnt7, po_cnt8, po_cnt9, po_etc, po_level, po_point, po_date ) ( po_subject, po_poll1, po_poll2, po_poll3, po_poll4, po_poll5, po_poll6, po_poll7, po_poll8, po_poll9, po_cnt1, po_cnt2, po_cnt3, po_cnt4, po_cnt5, po_cnt6, po_cnt7, po_cnt8, po_cnt9, po_etc, po_level, po_point, po_date )
values ( '{$_POST['po_subject']}', '{$_POST['po_poll1']}', '{$_POST['po_poll2']}', '{$_POST['po_poll3']}', '{$_POST['po_poll4']}', '{$_POST['po_poll5']}', '{$_POST['po_poll6']}', '{$_POST['po_poll7']}', '{$_POST['po_poll8']}', '{$_POST['po_poll9']}', '{$_POST['po_cnt1']}', '{$_POST['po_cnt2']}', '{$_POST['po_cnt3']}', '{$_POST['po_cnt4']}', '{$_POST['po_cnt5']}', '{$_POST['po_cnt6']}', '{$_POST['po_cnt7']}', '{$_POST['po_cnt8']}', '{$_POST['po_cnt9']}', '{$_POST['po_etc']}', '{$_POST['po_level']}', '{$_POST['po_point']}', '".G5_TIME_YMD."' ) "; values ( '{$_POST['po_subject']}', '{$_POST['po_poll1']}', '{$_POST['po_poll2']}', '{$_POST['po_poll3']}', '{$_POST['po_poll4']}', '{$_POST['po_poll5']}', '{$_POST['po_poll6']}', '{$_POST['po_poll7']}', '{$_POST['po_poll8']}', '{$_POST['po_poll9']}', '{$_POST['po_cnt1']}', '{$_POST['po_cnt2']}', '{$_POST['po_cnt3']}', '{$_POST['po_cnt4']}', '{$_POST['po_cnt5']}', '{$_POST['po_cnt6']}', '{$_POST['po_cnt7']}', '{$_POST['po_cnt8']}', '{$_POST['po_cnt9']}', '{$_POST['po_etc']}', '{$_POST['po_level']}', '{$_POST['po_point']}', '" . G5_TIME_YMD . "' ) ";
sql_query($sql); sql_query($sql);
$po_id = sql_insert_id(); $po_id = sql_insert_id();
} } elseif ($w == 'u') {
else if ($w == 'u')
{
$sql = " update {$g5['poll_table']} $sql = " update {$g5['poll_table']}
set po_subject = '{$_POST['po_subject']}', set po_subject = '{$_POST['po_subject']}',
po_poll1 = '{$_POST['po_poll1']}', po_poll1 = '{$_POST['po_poll1']}',
@ -80,9 +82,7 @@ else if ($w == 'u')
po_point = '{$_POST['po_point']}' po_point = '{$_POST['po_point']}'
where po_id = '{$_POST['po_id']}' "; where po_id = '{$_POST['po_id']}' ";
sql_query($sql); sql_query($sql);
} } elseif ($w == 'd') {
else if ($w == 'd')
{
$sql = " delete from {$g5['poll_table']} where po_id = '{$_POST['po_id']}' "; $sql = " delete from {$g5['poll_table']} where po_id = '{$_POST['po_id']}' ";
sql_query($sql); sql_query($sql);
@ -96,7 +96,8 @@ else if ($w == 'd')
$row = sql_fetch(" select max(po_id) as max_po_id from {$g5['poll_table']} "); $row = sql_fetch(" select max(po_id) as max_po_id from {$g5['poll_table']} ");
sql_query(" update {$g5['config_table']} set cf_max_po_id = '{$row['max_po_id']}' "); sql_query(" update {$g5['config_table']} set cf_max_po_id = '{$row['max_po_id']}' ");
if ($w == 'd') if ($w == 'd') {
goto_url('./poll_list.php?'.$qstr); goto_url('./poll_list.php?' . $qstr);
else } else {
goto_url('./poll_form.php?w=u&po_id='.$po_id.'&amp;'.$qstr); goto_url('./poll_form.php?w=u&po_id=' . $po_id . '&amp;' . $qstr);
}

169
adm/poll_list.php
View File

@ -1,6 +1,6 @@
<?php <?php
$sub_menu = "200900"; $sub_menu = "200900";
include_once('./_common.php'); require_once './_common.php';
auth_check_menu($auth, $sub_menu, 'r'); auth_check_menu($auth, $sub_menu, 'r');
@ -10,7 +10,7 @@ $sql_search = " where (1) ";
if ($stx) { if ($stx) {
$sql_search .= " and ( "; $sql_search .= " and ( ";
switch ($sfl) { switch ($sfl) {
default : default:
$sql_search .= " ({$sfl} like '%{$stx}%') "; $sql_search .= " ({$sfl} like '%{$stx}%') ";
break; break;
} }
@ -18,7 +18,7 @@ if ($stx) {
} }
if (!$sst) { if (!$sst) {
$sst = "po_id"; $sst = "po_id";
$sod = "desc"; $sod = "desc";
} }
$sql_order = " order by {$sst} {$sod} "; $sql_order = " order by {$sst} {$sod} ";
@ -32,7 +32,9 @@ $total_count = $row['cnt'];
$rows = $config['cf_page_rows']; $rows = $config['cf_page_rows'];
$total_page = ceil($total_count / $rows); // 전체 페이지 계산 $total_page = ceil($total_count / $rows); // 전체 페이지 계산
if ($page < 1) $page = 1; // 페이지가 없으면 첫 페이지 (1 페이지) if ($page < 1) {
$page = 1; // 페이지가 없으면 첫 페이지 (1 페이지)
}
$from_record = ($page - 1) * $rows; // 시작 열을 구함 $from_record = ($page - 1) * $rows; // 시작 열을 구함
$sql = " select * $sql = " select *
@ -42,10 +44,10 @@ $sql = " select *
limit {$from_record}, {$rows} "; limit {$from_record}, {$rows} ";
$result = sql_query($sql); $result = sql_query($sql);
$listall = '<a href="'.$_SERVER['SCRIPT_NAME'].'" class="ov_listall">전체목록</a>'; $listall = '<a href="' . $_SERVER['SCRIPT_NAME'] . '" class="ov_listall">전체목록</a>';
$g5['title'] = '투표관리'; $g5['title'] = '투표관리';
include_once('./admin.head.php'); require_once './admin.head.php';
$colspan = 7; $colspan = 7;
?> ?>
@ -56,102 +58,103 @@ $colspan = 7;
</div> </div>
<form name="fsearch" id="fsearch" class="local_sch01 local_sch" method="get"> <form name="fsearch" id="fsearch" class="local_sch01 local_sch" method="get">
<div class="sch_last"> <div class="sch_last">
<label for="sfl" class="sound_only">검색대상</label> <label for="sfl" class="sound_only">검색대상</label>
<select name="sfl" id="sfl"> <select name="sfl" id="sfl">
<option value="po_subject"<?php echo get_selected($sfl, "po_subject"); ?>>제목</option> <option value="po_subject" <?php echo get_selected($sfl, "po_subject"); ?>>제목</option>
</select> </select>
<label for="stx" class="sound_only">검색어<strong class="sound_only"> 필수</strong></label> <label for="stx" class="sound_only">검색어<strong class="sound_only"> 필수</strong></label>
<input type="text" name="stx" value="<?php echo $stx ?>" id="stx" required class="required frm_input"> <input type="text" name="stx" value="<?php echo $stx ?>" id="stx" required class="required frm_input">
<input type="submit" class="btn_submit" value="검색"> <input type="submit" class="btn_submit" value="검색">
</div> </div>
</form> </form>
<form name="fpolllist" id="fpolllist" action="./poll_delete.php" method="post"> <form name="fpolllist" id="fpolllist" action="./poll_delete.php" method="post">
<input type="hidden" name="sst" value="<?php echo $sst ?>"> <input type="hidden" name="sst" value="<?php echo $sst ?>">
<input type="hidden" name="sod" value="<?php echo $sod ?>"> <input type="hidden" name="sod" value="<?php echo $sod ?>">
<input type="hidden" name="sfl" value="<?php echo $sfl ?>"> <input type="hidden" name="sfl" value="<?php echo $sfl ?>">
<input type="hidden" name="stx" value="<?php echo $stx ?>"> <input type="hidden" name="stx" value="<?php echo $stx ?>">
<input type="hidden" name="page" value="<?php echo $page ?>"> <input type="hidden" name="page" value="<?php echo $page ?>">
<input type="hidden" name="token" value=""> <input type="hidden" name="token" value="">
<div class="tbl_head01 tbl_wrap"> <div class="tbl_head01 tbl_wrap">
<table> <table>
<caption><?php echo $g5['title']; ?> 목록</caption> <caption><?php echo $g5['title']; ?> 목록</caption>
<thead> <thead>
<tr> <tr>
<th scope="col"> <th scope="col">
<label for="chkall" class="sound_only">현재 페이지 투표 전체</label> <label for="chkall" class="sound_only">현재 페이지 투표 전체</label>
<input type="checkbox" name="chkall" value="1" id="chkall" onclick="check_all(this.form)"> <input type="checkbox" name="chkall" value="1" id="chkall" onclick="check_all(this.form)">
</th> </th>
<th scope="col">번호</th> <th scope="col">번호</th>
<th scope="col">제목</th> <th scope="col">제목</th>
<th scope="col">투표권한</th> <th scope="col">투표권한</th>
<th scope="col">투표수</th> <th scope="col">투표수</th>
<th scope="col">기타의견</th> <th scope="col">기타의견</th>
<th scope="col">관리</th> <th scope="col">관리</th>
</tr> </tr>
</thead> </thead>
<tbody> <tbody>
<?php <?php
for ($i=0; $row=sql_fetch_array($result); $i++) { for ($i = 0; $row = sql_fetch_array($result); $i++) {
$sql2 = " select sum(po_cnt1+po_cnt2+po_cnt3+po_cnt4+po_cnt5+po_cnt6+po_cnt7+po_cnt8+po_cnt9) as sum_po_cnt from {$g5['poll_table']} where po_id = '{$row['po_id']}' "; $sql2 = " select sum(po_cnt1+po_cnt2+po_cnt3+po_cnt4+po_cnt5+po_cnt6+po_cnt7+po_cnt8+po_cnt9) as sum_po_cnt from {$g5['poll_table']} where po_id = '{$row['po_id']}' ";
$row2 = sql_fetch($sql2); $row2 = sql_fetch($sql2);
$po_etc = ($row['po_etc']) ? "사용" : "미사용"; $po_etc = ($row['po_etc']) ? "사용" : "미사용";
$s_mod = '<a href="./poll_form.php?'.$qstr.'&amp;w=u&amp;po_id='.$row['po_id'].'" class="btn btn_03">수정</a>'; $s_mod = '<a href="./poll_form.php?' . $qstr . '&amp;w=u&amp;po_id=' . $row['po_id'] . '" class="btn btn_03">수정</a>';
$bg = 'bg'.($i%2); $bg = 'bg' . ($i % 2);
?> ?>
<tr class="<?php echo $bg; ?>"> <tr class="<?php echo $bg; ?>">
<td class="td_chk"> <td class="td_chk">
<label for="chk_<?php echo $i; ?>" class="sound_only"><?php echo cut_str(get_text($row['po_subject']),70) ?> 투표</label> <label for="chk_<?php echo $i; ?>" class="sound_only"><?php echo cut_str(get_text($row['po_subject']), 70) ?> 투표</label>
<input type="checkbox" name="chk[]" value="<?php echo $row['po_id'] ?>" id="chk_<?php echo $i ?>"> <input type="checkbox" name="chk[]" value="<?php echo $row['po_id'] ?>" id="chk_<?php echo $i ?>">
</td> </td>
<td class="td_num"><?php echo $row['po_id'] ?></td> <td class="td_num"><?php echo $row['po_id'] ?></td>
<td class="td_left"><?php echo cut_str(get_text($row['po_subject']),70) ?></td> <td class="td_left"><?php echo cut_str(get_text($row['po_subject']), 70) ?></td>
<td class="td_num"><?php echo $row['po_level'] ?></td> <td class="td_num"><?php echo $row['po_level'] ?></td>
<td class="td_num"><?php echo $row2['sum_po_cnt'] ?></td> <td class="td_num"><?php echo $row2['sum_po_cnt'] ?></td>
<td class="td_etc"><?php echo $po_etc ?></td> <td class="td_etc"><?php echo $po_etc ?></td>
<td class="td_mng td_mng_s"><?php echo $s_mod ?></td> <td class="td_mng td_mng_s"><?php echo $s_mod ?></td>
</tr> </tr>
<?php <?php
} }
if ($i==0) if ($i == 0) {
echo '<tr><td colspan="'.$colspan.'" class="empty_table">자료가 없습니다.</td></tr>'; echo '<tr><td colspan="' . $colspan . '" class="empty_table">자료가 없습니다.</td></tr>';
?> }
</tbody> ?>
</table> </tbody>
</div> </table>
</div>
<div class="btn_fixed_top"> <div class="btn_fixed_top">
<input type="submit" value="선택삭제" class="btn btn_02"> <input type="submit" value="선택삭제" class="btn btn_02">
<a href="./poll_form.php" id="poll_add" class="btn btn_01">투표 추가</a> <a href="./poll_form.php" id="poll_add" class="btn btn_01">투표 추가</a>
</div> </div>
</form> </form>
<?php echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, "{$_SERVER['SCRIPT_NAME']}?$qstr&amp;page="); ?> <?php echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, "{$_SERVER['SCRIPT_NAME']}?$qstr&amp;page="); ?>
<script> <script>
$(function() { $(function() {
$('#fpolllist').submit(function() { $('#fpolllist').submit(function() {
if(confirm("한번 삭제한 자료는 복구할 방법이 없습니다.\n\n정말 삭제하시겠습니까?")) { if (confirm("한번 삭제한 자료는 복구할 방법이 없습니다.\n\n정말 삭제하시겠습니까?")) {
if (!is_checked("chk[]")) { if (!is_checked("chk[]")) {
alert("선택삭제 하실 항목을 하나 이상 선택하세요."); alert("선택삭제 하실 항목을 하나 이상 선택하세요.");
return false;
}
return true;
} else {
return false; return false;
} }
});
return true;
} else {
return false;
}
}); });
});
</script> </script>
<?php <?php
include_once ('./admin.tail.php'); require_once './admin.tail.php';

340
adm/popular_list.php
View File

@ -1,170 +1,170 @@
<?php <?php
$sub_menu = "300300"; $sub_menu = "300300";
include_once('./_common.php'); require_once './_common.php';
auth_check_menu($auth, $sub_menu, 'r'); auth_check_menu($auth, $sub_menu, 'r');
// 체크된 자료 삭제 // 체크된 자료 삭제
if (isset($_POST['chk']) && is_array($_POST['chk'])) { if (isset($_POST['chk']) && is_array($_POST['chk'])) {
for ($i=0; $i<count($_POST['chk']); $i++) { for ($i = 0; $i < count($_POST['chk']); $i++) {
$pp_id = (int) $_POST['chk'][$i]; $pp_id = (int) $_POST['chk'][$i];
sql_query(" delete from {$g5['popular_table']} where pp_id = '$pp_id' ", true); sql_query(" delete from {$g5['popular_table']} where pp_id = '$pp_id' ", true);
} }
} }
$sql_common = " from {$g5['popular_table']} a "; $sql_common = " from {$g5['popular_table']} a ";
$sql_search = " where (1) "; $sql_search = " where (1) ";
if ($stx) { if ($stx) {
$sql_search .= " and ( "; $sql_search .= " and ( ";
switch ($sfl) { switch ($sfl) {
case "pp_word" : case "pp_word":
$sql_search .= " ({$sfl} like '{$stx}%') "; $sql_search .= " ({$sfl} like '{$stx}%') ";
break; break;
case "pp_date" : case "pp_date":
$sql_search .= " ({$sfl} = '{$stx}') "; $sql_search .= " ({$sfl} = '{$stx}') ";
break; break;
default : default:
$sql_search .= " ({$sfl} like '%{$stx}%') "; $sql_search .= " ({$sfl} like '%{$stx}%') ";
break; break;
} }
$sql_search .= " ) "; $sql_search .= " ) ";
} }
if (!$sst) { if (!$sst) {
$sst = "pp_id"; $sst = "pp_id";
$sod = "desc"; $sod = "desc";
} }
$sql_order = " order by {$sst} {$sod} "; $sql_order = " order by {$sst} {$sod} ";
$sql = " select count(*) as cnt $sql = " select count(*) as cnt
{$sql_common} {$sql_common}
{$sql_search} {$sql_search}
{$sql_order} "; {$sql_order} ";
$row = sql_fetch($sql); $row = sql_fetch($sql);
$total_count = $row['cnt']; $total_count = $row['cnt'];
$rows = $config['cf_page_rows']; $rows = $config['cf_page_rows'];
$total_page = ceil($total_count / $rows); // 전체 페이지 계산 $total_page = ceil($total_count / $rows); // 전체 페이지 계산
if ($page < 1) { $page = 1; } // 페이지가 없으면 첫 페이지 (1 페이지) if ($page < 1) {
$from_record = ($page - 1) * $rows; // 시작 열을 구함 $page = 1;
} // 페이지가 없으면 첫 페이지 (1 페이지)
$sql = " select * $from_record = ($page - 1) * $rows; // 시작 열을 구함
{$sql_common}
{$sql_search} $sql = " select *
{$sql_order} {$sql_common}
limit {$from_record}, {$rows} "; {$sql_search}
$result = sql_query($sql); {$sql_order}
limit {$from_record}, {$rows} ";
$listall = '<a href="'.$_SERVER['SCRIPT_NAME'].'" class="ov_listall">전체목록</a>'; $result = sql_query($sql);
$g5['title'] = '인기검색어관리'; $listall = '<a href="' . $_SERVER['SCRIPT_NAME'] . '" class="ov_listall">전체목록</a>';
include_once('./admin.head.php');
$g5['title'] = '인기검색어관리';
$colspan = 4; require_once './admin.head.php';
?>
$colspan = 4;
<script> ?>
var list_update_php = '';
var list_delete_php = 'popular_list.php'; <script>
</script> var list_update_php = '';
var list_delete_php = 'popular_list.php';
<div class="local_ov01 local_ov"> </script>
<?php echo $listall ?>
<span class="btn_ov01"><span class="ov_txt">건수</span><span class="ov_num"> <?php echo number_format($total_count) ?>개</span></span> <div class="local_ov01 local_ov">
</div> <?php echo $listall ?>
<span class="btn_ov01"><span class="ov_txt">건수</span><span class="ov_num"> <?php echo number_format($total_count) ?>개</span></span>
<form name="fsearch" id="fsearch" class="local_sch01 local_sch" method="get"> </div>
<div class="sch_last">
<label for="sfl" class="sound_only">검색대상</label> <form name="fsearch" id="fsearch" class="local_sch01 local_sch" method="get">
<select name="sfl" id="sfl"> <div class="sch_last">
<option value="pp_word"<?php echo get_selected($sfl, "pp_word"); ?>>검색어</option> <label for="sfl" class="sound_only">검색대상</label>
<option value="pp_date"<?php echo get_selected($sfl, "pp_date"); ?>>등록일</option> <select name="sfl" id="sfl">
</select> <option value="pp_word" <?php echo get_selected($sfl, "pp_word"); ?>>검색어</option>
<label for="stx" class="sound_only">검색어<strong class="sound_only"> 필수</strong></label> <option value="pp_date" <?php echo get_selected($sfl, "pp_date"); ?>>등록일</option>
<input type="text" name="stx" value="<?php echo $stx ?>" id="stx" required class="required frm_input"> </select>
<input type="submit" value="검색" class="btn_submit"> <label for="stx" class="sound_only">검색어<strong class="sound_only"> 필수</strong></label>
</div> <input type="text" name="stx" value="<?php echo $stx ?>" id="stx" required class="required frm_input">
</form> <input type="submit" value="검색" class="btn_submit">
</div>
<form name="fpopularlist" id="fpopularlist" method="post"> </form>
<input type="hidden" name="sst" value="<?php echo $sst ?>">
<input type="hidden" name="sod" value="<?php echo $sod ?>"> <form name="fpopularlist" id="fpopularlist" method="post">
<input type="hidden" name="sfl" value="<?php echo $sfl ?>"> <input type="hidden" name="sst" value="<?php echo $sst ?>">
<input type="hidden" name="stx" value="<?php echo $stx ?>"> <input type="hidden" name="sod" value="<?php echo $sod ?>">
<input type="hidden" name="page" value="<?php echo $page ?>"> <input type="hidden" name="sfl" value="<?php echo $sfl ?>">
<input type="hidden" name="token" value="<?php echo isset($token) ? $token : ''; ?>"> <input type="hidden" name="stx" value="<?php echo $stx ?>">
<input type="hidden" name="page" value="<?php echo $page ?>">
<div class="tbl_head01 tbl_wrap"> <input type="hidden" name="token" value="<?php echo isset($token) ? $token : ''; ?>">
<table>
<caption><?php echo $g5['title']; ?> 목록</caption> <div class="tbl_head01 tbl_wrap">
<thead> <table>
<tr> <caption><?php echo $g5['title']; ?> 목록</caption>
<th scope="col"> <thead>
<label for="chkall" class="sound_only">현재 페이지 인기검색어 전체</label> <tr>
<input type="checkbox" name="chkall" value="1" id="chkall" onclick="check_all(this.form)"> <th scope="col">
</th> <label for="chkall" class="sound_only">현재 페이지 인기검색어 전체</label>
<th scope="col"><?php echo subject_sort_link('pp_word') ?>검색어</a></th> <input type="checkbox" name="chkall" value="1" id="chkall" onclick="check_all(this.form)">
<th scope="col">등록일</th> </th>
<th scope="col">등록IP</th> <th scope="col"><?php echo subject_sort_link('pp_word') ?>검색어</a></th>
</tr> <th scope="col">등록일</th>
</thead> <th scope="col">등록IP</th>
<tbody> </tr>
<?php </thead>
for ($i=0; $row=sql_fetch_array($result); $i++) { <tbody>
<?php
$word = get_text($row['pp_word']); for ($i = 0; $row = sql_fetch_array($result); $i++) {
$bg = 'bg'.($i%2); $word = get_text($row['pp_word']);
?> $bg = 'bg' . ($i % 2);
?>
<tr class="<?php echo $bg; ?>"> <tr class="<?php echo $bg; ?>">
<td class="td_chk"> <td class="td_chk">
<label for="chk_<?php echo $i; ?>" class="sound_only"><?php echo $word ?></label> <label for="chk_<?php echo $i; ?>" class="sound_only"><?php echo $word ?></label>
<input type="checkbox" name="chk[]" value="<?php echo $row['pp_id'] ?>" id="chk_<?php echo $i ?>"> <input type="checkbox" name="chk[]" value="<?php echo $row['pp_id'] ?>" id="chk_<?php echo $i ?>">
</td> </td>
<td class="td_left"><a href="<?php echo $_SERVER['SCRIPT_NAME'] ?>?sfl=pp_word&amp;stx=<?php echo $word ?>"><?php echo $word ?></a></td> <td class="td_left"><a href="<?php echo $_SERVER['SCRIPT_NAME'] ?>?sfl=pp_word&amp;stx=<?php echo $word ?>"><?php echo $word ?></a></td>
<td><?php echo $row['pp_date'] ?></td> <td><?php echo $row['pp_date'] ?></td>
<td><?php echo $row['pp_ip'] ?></td> <td><?php echo $row['pp_ip'] ?></td>
</tr> </tr>
<?php
<?php }
}
if ($i == 0) {
if ($i == 0) echo '<tr><td colspan="' . $colspan . '" class="empty_table">자료가 없습니다.</td></tr>';
echo '<tr><td colspan="'.$colspan.'" class="empty_table">자료가 없습니다.</td></tr>'; }
?> ?>
</tbody> </tbody>
</table> </table>
</div> </div>
<?php if ($is_admin == 'super'){ ?> <?php if ($is_admin == 'super') { ?>
<div class=" btn_fixed_top"> <div class=" btn_fixed_top">
<button type="submit" class="btn btn_02">선택삭제</button> <button type="submit" class="btn btn_02">선택삭제</button>
</div> </div>
<?php } ?> <?php } ?>
</form> </form>
<?php echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, "{$_SERVER['SCRIPT_NAME']}?$qstr&amp;page="); ?> <?php echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, "{$_SERVER['SCRIPT_NAME']}?$qstr&amp;page="); ?>
<script> <script>
$(function() { $(function() {
$('#fpopularlist').submit(function() { $('#fpopularlist').submit(function() {
if(confirm("한번 삭제한 자료는 복구할 방법이 없습니다.\n\n정말 삭제하시겠습니까?")) { if (confirm("한번 삭제한 자료는 복구할 방법이 없습니다.\n\n정말 삭제하시겠습니까?")) {
if (!is_checked("chk[]")) { if (!is_checked("chk[]")) {
alert("선택삭제 하실 항목을 하나 이상 선택하세요."); alert("선택삭제 하실 항목을 하나 이상 선택하세요.");
return false; return false;
} }
return true; return true;
} else { } else {
return false; return false;
} }
}); });
}); });
</script> </script>
<?php <?php
include_once('./admin.tail.php'); require_once './admin.tail.php';

234
adm/popular_rank.php
View File

@ -1,112 +1,122 @@
<?php <?php
$sub_menu = "300400"; $sub_menu = "300400";
include_once('./_common.php'); require_once './_common.php';
auth_check_menu($auth, $sub_menu, 'r'); auth_check_menu($auth, $sub_menu, 'r');
$fr_date = isset($_REQUEST['fr_date']) ? $_REQUEST['fr_date'] : ''; $fr_date = isset($_REQUEST['fr_date']) ? $_REQUEST['fr_date'] : '';
$to_date = isset($_REQUEST['to_date']) ? $_REQUEST['to_date'] : ''; $to_date = isset($_REQUEST['to_date']) ? $_REQUEST['to_date'] : '';
if (empty($fr_date) || ! preg_match("/^[0-9]{4}-(0[1-9]|1[0-2])-(0[1-9]|[1-2][0-9]|3[0-1])$/", $fr_date) ) $fr_date = G5_TIME_YMD; if (empty($fr_date) || !preg_match("/^[0-9]{4}-(0[1-9]|1[0-2])-(0[1-9]|[1-2][0-9]|3[0-1])$/", $fr_date)) {
if (empty($to_date) || ! preg_match("/^[0-9]{4}-(0[1-9]|1[0-2])-(0[1-9]|[1-2][0-9]|3[0-1])$/", $to_date) ) $to_date = G5_TIME_YMD; $fr_date = G5_TIME_YMD;
}
$qstr = "fr_date={$fr_date}&amp;to_date={$to_date}"; if (empty($to_date) || !preg_match("/^[0-9]{4}-(0[1-9]|1[0-2])-(0[1-9]|[1-2][0-9]|3[0-1])$/", $to_date)) {
$to_date = G5_TIME_YMD;
$sql_common = " from {$g5['popular_table']} a "; }
$sql_search = " where trim(pp_word) <> '' and pp_date between '{$fr_date}' and '{$to_date}' ";
$sql_group = " group by pp_word "; $qstr = "fr_date={$fr_date}&amp;to_date={$to_date}";
$sql_order = " order by cnt desc ";
$sql_common = " from {$g5['popular_table']} a ";
$sql = " select pp_word {$sql_common} {$sql_search} {$sql_group} "; $sql_search = " where trim(pp_word) <> '' and pp_date between '{$fr_date}' and '{$to_date}' ";
$result = sql_query($sql); $sql_group = " group by pp_word ";
$total_count = sql_num_rows($result); $sql_order = " order by cnt desc ";
$rows = $config['cf_page_rows']; $sql = " select pp_word {$sql_common} {$sql_search} {$sql_group} ";
$total_page = ceil($total_count / $rows); // 전체 페이지 계산 $result = sql_query($sql);
if ($page < 1) { $page = 1; } // 페이지가 없으면 첫 페이지 (1 페이지) $total_count = sql_num_rows($result);
$from_record = ($page - 1) * $rows; // 시작 열을 구함
$rows = $config['cf_page_rows'];
$sql = " select pp_word, count(*) as cnt {$sql_common} {$sql_search} {$sql_group} {$sql_order} limit {$from_record}, {$rows} "; $total_page = ceil($total_count / $rows); // 전체 페이지 계산
$result = sql_query($sql); if ($page < 1) {
$page = 1;
$listall = '<a href="'.$_SERVER['SCRIPT_NAME'].'" class="ov_listall">전체목록</a>'; } // 페이지가 없으면 첫 페이지 (1 페이지)
$from_record = ($page - 1) * $rows; // 시작 열을 구함
$g5['title'] = '인기검색어순위';
include_once('./admin.head.php'); $sql = " select pp_word, count(*) as cnt {$sql_common} {$sql_search} {$sql_group} {$sql_order} limit {$from_record}, {$rows} ";
include_once(G5_PLUGIN_PATH.'/jquery-ui/datepicker.php'); $result = sql_query($sql);
$colspan = 3; $listall = '<a href="' . $_SERVER['SCRIPT_NAME'] . '" class="ov_listall">전체목록</a>';
?>
$g5['title'] = '인기검색어순위';
<script> require_once './admin.head.php';
$(function(){ require_once G5_PLUGIN_PATH . '/jquery-ui/datepicker.php';
$("#fr_date, #to_date").datepicker({ changeMonth: true, changeYear: true, dateFormat: "yy-mm-dd", showButtonPanel: true, yearRange: "c-99:c+99", maxDate: "+0d" });
}); $colspan = 3;
</script> ?>
<div class="local_ov01 local_ov"> <script>
<?php echo $listall ?> $(function() {
<span class="btn_ov01"><span class="ov_txt">건수</span><span class="ov_num"> <?php echo number_format($total_count) ?>개</span></span> $("#fr_date, #to_date").datepicker({
</div> changeMonth: true,
changeYear: true,
<form name="fsearch" id="fsearch" class="local_sch02 local_sch" method="get"> dateFormat: "yy-mm-dd",
<div class="sch_last"> showButtonPanel: true,
<strong>기간별검색</strong> yearRange: "c-99:c+99",
<input type="text" name="fr_date" value="<?php echo $fr_date ?>" id="fr_date" class="frm_input" size="11" maxlength="10"> maxDate: "+0d"
<label for="fr_date" class="sound_only">시작일</label> });
~ });
<input type="text" name="to_date" value="<?php echo $to_date ?>" id="to_date" class="frm_input" size="11" maxlength="10"> </script>
<label for="to_date" class="sound_only">종료일</label>
<input type="submit" class="btn_sch2" value="검색"> <div class="local_ov01 local_ov">
</div> <?php echo $listall ?>
</form> <span class="btn_ov01"><span class="ov_txt">건수</span><span class="ov_num"> <?php echo number_format($total_count) ?>개</span></span>
</div>
<form name="fpopularrank" id="fpopularrank" method="post">
<input type="hidden" name="sst" value="<?php echo $sst ?>"> <form name="fsearch" id="fsearch" class="local_sch02 local_sch" method="get">
<input type="hidden" name="sod" value="<?php echo $sod ?>"> <div class="sch_last">
<input type="hidden" name="sfl" value="<?php echo $sfl ?>"> <strong>기간별검색</strong>
<input type="hidden" name="stx" value="<?php echo $stx ?>"> <input type="text" name="fr_date" value="<?php echo $fr_date ?>" id="fr_date" class="frm_input" size="11" maxlength="10">
<input type="hidden" name="page" value="<?php echo $page ?>"> <label for="fr_date" class="sound_only">시작일</label>
<input type="hidden" name="token" value="<?php echo isset($token) ? $token : ''; ?>"> ~
<input type="text" name="to_date" value="<?php echo $to_date ?>" id="to_date" class="frm_input" size="11" maxlength="10">
<div class="tbl_head01 tbl_wrap"> <label for="to_date" class="sound_only">종료일</label>
<table> <input type="submit" class="btn_sch2" value="검색">
<caption><?php echo $g5['title']; ?> 목록</caption> </div>
<thead> </form>
<tr>
<th scope="col">순위</th> <form name="fpopularrank" id="fpopularrank" method="post">
<th scope="col">검색어</th> <input type="hidden" name="sst" value="<?php echo $sst ?>">
<th scope="col">검색회수</th> <input type="hidden" name="sod" value="<?php echo $sod ?>">
</tr> <input type="hidden" name="sfl" value="<?php echo $sfl ?>">
</thead> <input type="hidden" name="stx" value="<?php echo $stx ?>">
<tbody> <input type="hidden" name="page" value="<?php echo $page ?>">
<?php <input type="hidden" name="token" value="<?php echo isset($token) ? $token : ''; ?>">
for ($i=0; $row=sql_fetch_array($result); $i++) {
<div class="tbl_head01 tbl_wrap">
$word = get_text($row['pp_word']); <table>
$rank = ($i + 1 + ($rows * ($page - 1))); <caption><?php echo $g5['title']; ?> 목록</caption>
<thead>
?> <tr>
<th scope="col">순위</th>
<tr> <th scope="col">검색어</th>
<td class="td_num"><?php echo $rank ?></td> <th scope="col">검색회수</th>
<td class="td_left"><?php echo $word ?></td> </tr>
<td class="td_num"><?php echo $row['cnt'] ?></td> </thead>
</tr> <tbody>
<?php
<?php for ($i = 0; $row = sql_fetch_array($result); $i++) {
} $word = get_text($row['pp_word']);
$rank = ($i + 1 + ($rows * ($page - 1)));
if ($i == 0) ?>
echo '<tr><td colspan="'.$colspan.'" class="empty_table">자료가 없습니다.</td></tr>'; <tr>
?> <td class="td_num"><?php echo $rank ?></td>
</tbody> <td class="td_left"><?php echo $word ?></td>
</table> <td class="td_num"><?php echo $row['cnt'] ?></td>
</div> </tr>
<?php
</form> }
<?php if ($i == 0) {
echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, "{$_SERVER['SCRIPT_NAME']}?$qstr&amp;page="); echo '<tr><td colspan="' . $colspan . '" class="empty_table">자료가 없습니다.</td></tr>';
}
include_once('./admin.tail.php'); ?>
</tbody>
</table>
</div>
</form>
<?php
echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, "{$_SERVER['SCRIPT_NAME']}?$qstr&amp;page=");
require_once './admin.tail.php';

565
adm/qa_config.php
View File

@ -1,16 +1,17 @@
<?php <?php
$sub_menu = "300500"; $sub_menu = "300500";
include_once('./_common.php'); require_once './_common.php';
include_once(G5_EDITOR_LIB); require_once G5_EDITOR_LIB;
auth_check_menu($auth, $sub_menu, 'r'); auth_check_menu($auth, $sub_menu, 'r');
$g5['title'] = '1:1문의 설정'; $g5['title'] = '1:1문의 설정';
include_once ('./admin.head.php'); require_once './admin.head.php';
// DB 테이블 생성 // DB 테이블 생성
if(!sql_query(" DESCRIBE `{$g5['qa_config_table']}` ", false)) { if (!sql_query(" DESCRIBE `{$g5['qa_config_table']}` ", false)) {
sql_query(" CREATE TABLE IF NOT EXISTS `{$g5['qa_config_table']}` ( sql_query(
" CREATE TABLE IF NOT EXISTS `{$g5['qa_config_table']}` (
`qa_title` varchar(255) NOT NULL DEFAULT'', `qa_title` varchar(255) NOT NULL DEFAULT'',
`qa_category` varchar(255) NOT NULL DEFAULT'', `qa_category` varchar(255) NOT NULL DEFAULT'',
`qa_skin` varchar(255) NOT NULL DEFAULT '', `qa_skin` varchar(255) NOT NULL DEFAULT '',
@ -46,8 +47,11 @@ if(!sql_query(" DESCRIBE `{$g5['qa_config_table']}` ", false)) {
`qa_3` varchar(255) NOT NULL DEFAULT '', `qa_3` varchar(255) NOT NULL DEFAULT '',
`qa_4` varchar(255) NOT NULL DEFAULT '', `qa_4` varchar(255) NOT NULL DEFAULT '',
`qa_5` varchar(255) NOT NULL DEFAULT '' `qa_5` varchar(255) NOT NULL DEFAULT ''
)", true); )",
sql_query(" CREATE TABLE IF NOT EXISTS `{$g5['qa_content_table']}` ( true
);
sql_query(
" CREATE TABLE IF NOT EXISTS `{$g5['qa_content_table']}` (
`qa_id` int(11) NOT NULL AUTO_INCREMENT, `qa_id` int(11) NOT NULL AUTO_INCREMENT,
`qa_num` int(11) NOT NULL DEFAULT '0', `qa_num` int(11) NOT NULL DEFAULT '0',
`qa_parent` int(11) NOT NULL DEFAULT '0', `qa_parent` int(11) NOT NULL DEFAULT '0',
@ -77,18 +81,20 @@ if(!sql_query(" DESCRIBE `{$g5['qa_config_table']}` ", false)) {
`qa_5` varchar(255) NOT NULL DEFAULT '', `qa_5` varchar(255) NOT NULL DEFAULT '',
PRIMARY KEY (`qa_id`), PRIMARY KEY (`qa_id`),
KEY `qa_num_parent` (`qa_num`,`qa_parent`) KEY `qa_num_parent` (`qa_num`,`qa_parent`)
)", true); )",
true
);
} }
$sql = " SHOW COLUMNS FROM `{$g5['qa_content_table']}` LIKE 'qa_content' "; $sql = " SHOW COLUMNS FROM `{$g5['qa_content_table']}` LIKE 'qa_content' ";
$row = sql_fetch($sql); $row = sql_fetch($sql);
if(strpos($row['Type'], 'text') === false) { if (strpos($row['Type'], 'text') === false) {
sql_query(" ALTER TABLE `{$g5['qa_content_table']}` CHANGE `qa_content` `qa_content` text NOT NULL ", true); sql_query(" ALTER TABLE `{$g5['qa_content_table']}` CHANGE `qa_content` `qa_content` text NOT NULL ", true);
} }
$qaconfig = get_qa_config(); $qaconfig = get_qa_config();
if(empty($qaconfig)) { if (empty($qaconfig)) {
$sql = " insert into `{$g5['qa_config_table']}` $sql = " insert into `{$g5['qa_config_table']}`
( qa_title, qa_category, qa_skin, qa_mobile_skin, qa_use_email, qa_req_email, qa_use_hp, qa_req_hp, qa_use_editor, qa_subject_len, qa_mobile_subject_len, qa_page_rows, qa_mobile_page_rows, qa_image_width, qa_upload_size, qa_insert_content ) ( qa_title, qa_category, qa_skin, qa_mobile_skin, qa_use_email, qa_req_email, qa_use_hp, qa_req_hp, qa_use_editor, qa_subject_len, qa_mobile_subject_len, qa_page_rows, qa_mobile_page_rows, qa_image_width, qa_upload_size, qa_insert_content )
values values
@ -99,301 +105,306 @@ if(empty($qaconfig)) {
} }
// 관리자 이메일필드 추가 // 관리자 이메일필드 추가
if(!isset($qaconfig['qa_admin_email'])) { if (!isset($qaconfig['qa_admin_email'])) {
sql_query(" ALTER TABLE `{$g5['qa_config_table']}` sql_query(
ADD `qa_admin_email` varchar(255) NOT NULL DEFAULT '' AFTER `qa_admin_hp` ", true); " ALTER TABLE `{$g5['qa_config_table']}`
ADD `qa_admin_email` varchar(255) NOT NULL DEFAULT '' AFTER `qa_admin_hp` ",
true
);
} }
// 상단 하단 설정 필드 추가 // 상단 하단 설정 필드 추가
if(!isset($qaconfig['qa_include_head'])) { if (!isset($qaconfig['qa_include_head'])) {
sql_query(" ALTER TABLE `{$g5['qa_config_table']}` sql_query(
" ALTER TABLE `{$g5['qa_config_table']}`
ADD `qa_include_head` varchar(255) NOT NULL DEFAULT '' AFTER `qa_insert_content`, ADD `qa_include_head` varchar(255) NOT NULL DEFAULT '' AFTER `qa_insert_content`,
ADD `qa_include_tail` varchar(255) NOT NULL DEFAULT '' AFTER `qa_include_head`, ADD `qa_include_tail` varchar(255) NOT NULL DEFAULT '' AFTER `qa_include_head`,
ADD `qa_content_head` text NOT NULL AFTER `qa_include_tail`, ADD `qa_content_head` text NOT NULL AFTER `qa_include_tail`,
ADD `qa_content_tail` text NOT NULL AFTER `qa_content_head`, ADD `qa_content_tail` text NOT NULL AFTER `qa_content_head`,
ADD `qa_mobile_content_head` text NOT NULL AFTER `qa_content_tail`, ADD `qa_mobile_content_head` text NOT NULL AFTER `qa_content_tail`,
ADD `qa_mobile_content_tail` text NOT NULL AFTER `qa_mobile_content_head` ", true); ADD `qa_mobile_content_tail` text NOT NULL AFTER `qa_mobile_content_head` ",
true
);
} }
?> ?>
<form name="fqaconfigform" id="fqaconfigform" method="post" onsubmit="return fqaconfigform_submit(this);" autocomplete="off"> <form name="fqaconfigform" id="fqaconfigform" method="post" onsubmit="return fqaconfigform_submit(this);" autocomplete="off">
<input type="hidden" name="token" value="" id="token"> <input type="hidden" name="token" value="" id="token">
<section id="anc_cf_qa_config"> <section id="anc_cf_qa_config">
<h2 class="h2_frm">1:1문의 설정</h2> <h2 class="h2_frm">1:1문의 설정</h2>
<div class="tbl_frm01 tbl_wrap"> <div class="tbl_frm01 tbl_wrap">
<table> <table>
<caption>1:1문의 설정</caption> <caption>1:1문의 설정</caption>
<colgroup> <colgroup>
<col class="grid_4"> <col class="grid_4">
<col> <col>
</colgroup> </colgroup>
<tbody> <tbody>
<tr> <tr>
<th scope="row"><label for="qa_title">타이틀<strong class="sound_only">필수</strong></label></th> <th scope="row"><label for="qa_title">타이틀<strong class="sound_only">필수</strong></label></th>
<td> <td>
<input type="text" name="qa_title" value="<?php echo get_sanitize_input($qaconfig['qa_title']); ?>" id="qa_title" required class="required frm_input" size="40"> <input type="text" name="qa_title" value="<?php echo get_sanitize_input($qaconfig['qa_title']); ?>" id="qa_title" required class="required frm_input" size="40">
<a href="<?php echo G5_BBS_URL; ?>/qalist.php" class="btn_frmline">1:1문의 바로가기</a> <a href="<?php echo G5_BBS_URL; ?>/qalist.php" class="btn_frmline">1:1문의 바로가기</a>
</td> </td>
</tr> </tr>
<tr> <tr>
<th scope="row"><label for="qa_category">분류<strong class="sound_only">필수</strong></label></th> <th scope="row"><label for="qa_category">분류<strong class="sound_only">필수</strong></label></th>
<td> <td>
<?php echo help('분류와 분류 사이는 | 로 구분하세요. (예: 질문|답변) 첫자로 #은 입력하지 마세요. (예: #질문|#답변 [X])') ?> <?php echo help('분류와 분류 사이는 | 로 구분하세요. (예: 질문|답변) 첫자로 #은 입력하지 마세요. (예: #질문|#답변 [X])') ?>
<input type="text" name="qa_category" value="<?php echo get_sanitize_input($qaconfig['qa_category']); ?>" id="qa_category" required class="required frm_input" size="70"> <input type="text" name="qa_category" value="<?php echo get_sanitize_input($qaconfig['qa_category']); ?>" id="qa_category" required class="required frm_input" size="70">
</td> </td>
</tr> </tr>
<tr> <tr>
<th scope="row"><label for="qa_skin">스킨 디렉토리<strong class="sound_only">필수</strong></label></th> <th scope="row"><label for="qa_skin">스킨 디렉토리<strong class="sound_only">필수</strong></label></th>
<td> <td>
<?php echo get_skin_select('qa', 'qa_skin', 'qa_skin', $qaconfig['qa_skin'], 'required'); ?> <?php echo get_skin_select('qa', 'qa_skin', 'qa_skin', $qaconfig['qa_skin'], 'required'); ?>
</td> </td>
</tr> </tr>
<tr> <tr>
<th scope="row"><label for="qa_mobile_skin">모바일 스킨 디렉토리<strong class="sound_only">필수</strong></label></th> <th scope="row"><label for="qa_mobile_skin">모바일 스킨 디렉토리<strong class="sound_only">필수</strong></label></th>
<td> <td>
<?php echo get_mobile_skin_select('qa', 'qa_mobile_skin', 'qa_mobile_skin', $qaconfig['qa_mobile_skin'], 'required'); ?> <?php echo get_mobile_skin_select('qa', 'qa_mobile_skin', 'qa_mobile_skin', $qaconfig['qa_mobile_skin'], 'required'); ?>
</td> </td>
</tr> </tr>
<tr> <tr>
<th scope="row">이메일 입력</th> <th scope="row">이메일 입력</th>
<td> <td>
<input type="checkbox" name="qa_use_email" value="1" id="qa_use_email" <?php echo $qaconfig['qa_use_email']?'checked':''; ?>> <label for="qa_use_email">보이기</label> <input type="checkbox" name="qa_use_email" value="1" id="qa_use_email" <?php echo $qaconfig['qa_use_email'] ? 'checked' : ''; ?>> <label for="qa_use_email">보이기</label>
<input type="checkbox" name="qa_req_email" value="1" id="qa_req_email" <?php echo $qaconfig['qa_req_email']?'checked':''; ?>> <label for="qa_req_email">필수입력</label> <input type="checkbox" name="qa_req_email" value="1" id="qa_req_email" <?php echo $qaconfig['qa_req_email'] ? 'checked' : ''; ?>> <label for="qa_req_email">필수입력</label>
</td> </td>
</tr> </tr>
<tr> <tr>
<th scope="row">휴대폰 입력</th> <th scope="row">휴대폰 입력</th>
<td> <td>
<input type="checkbox" name="qa_use_hp" value="1" id="qa_use_hp" <?php echo $qaconfig['qa_use_hp']?'checked':''; ?>> <label for="qa_use_hp">보이기</label> <input type="checkbox" name="qa_use_hp" value="1" id="qa_use_hp" <?php echo $qaconfig['qa_use_hp'] ? 'checked' : ''; ?>> <label for="qa_use_hp">보이기</label>
<input type="checkbox" name="qa_req_hp" value="1" id="qa_req_hp" <?php echo $qaconfig['qa_req_hp']?'checked':''; ?>> <label for="qa_req_hp">필수입력</label> <input type="checkbox" name="qa_req_hp" value="1" id="qa_req_hp" <?php echo $qaconfig['qa_req_hp'] ? 'checked' : ''; ?>> <label for="qa_req_hp">필수입력</label>
</td> </td>
</tr> </tr>
<tr> <tr>
<th scope="row"><label for="qa_use_sms">SMS 알림</label></th> <th scope="row"><label for="qa_use_sms">SMS 알림</label></th>
<td> <td>
<?php echo help('휴대폰 입력을 사용하실 경우 문의글 등록시 등록자가 답변등록시 SMS 알림 수신을 선택할 수 있도록 합니다.<br>SMS 알림을 사용하기 위해서는 기본환경설정 > <a href="'.G5_ADMIN_URL.'/config_form.php#anc_cf_sms">SMS 설정</a>을 하셔야 합니다.') ?> <?php echo help('휴대폰 입력을 사용하실 경우 문의글 등록시 등록자가 답변등록시 SMS 알림 수신을 선택할 수 있도록 합니다.<br>SMS 알림을 사용하기 위해서는 기본환경설정 > <a href="' . G5_ADMIN_URL . '/config_form.php#anc_cf_sms">SMS 설정</a>을 하셔야 합니다.') ?>
<select name="qa_use_sms" id="qa_use_sms"> <select name="qa_use_sms" id="qa_use_sms">
<?php echo option_selected(0, $qaconfig['qa_use_sms'], '사용안함'); ?> <?php echo option_selected(0, $qaconfig['qa_use_sms'], '사용안함'); ?>
<?php echo option_selected(1, $qaconfig['qa_use_sms'], '사용함'); ?> <?php echo option_selected(1, $qaconfig['qa_use_sms'], '사용함'); ?>
</select> </select>
</td> </td>
</tr> </tr>
<tr> <tr>
<th scope="row"><label for="qa_send_number">SMS 발신번호</label></th> <th scope="row"><label for="qa_send_number">SMS 발신번호</label></th>
<td> <td>
<?php echo help('SMS 알림 전송시 발신번호로 사용됩니다.'); ?> <?php echo help('SMS 알림 전송시 발신번호로 사용됩니다.'); ?>
<input type="text" name="qa_send_number" value="<?php echo get_sanitize_input($qaconfig['qa_send_number']); ?>" id="qa_send_number" class="frm_input" size="30"> <input type="text" name="qa_send_number" value="<?php echo get_sanitize_input($qaconfig['qa_send_number']); ?>" id="qa_send_number" class="frm_input" size="30">
</td> </td>
</tr> </tr>
<tr> <tr>
<th scope="row"><label for="qa_admin_hp">관리자 휴대폰번호</label></th> <th scope="row"><label for="qa_admin_hp">관리자 휴대폰번호</label></th>
<td> <td>
<?php echo help('관리자 휴대폰번호를 입력하시면 문의글 등록시 등록하신 번호로 SMS 알림이 전송됩니다.<br>SMS 알림을 사용하지 않으시면 알림이 전송되지 않습니다.'); ?> <?php echo help('관리자 휴대폰번호를 입력하시면 문의글 등록시 등록하신 번호로 SMS 알림이 전송됩니다.<br>SMS 알림을 사용하지 않으시면 알림이 전송되지 않습니다.'); ?>
<input type="text" name="qa_admin_hp" value="<?php echo get_sanitize_input($qaconfig['qa_admin_hp']); ?>" id="qa_admin_hp" class="frm_input" size="30"> <input type="text" name="qa_admin_hp" value="<?php echo get_sanitize_input($qaconfig['qa_admin_hp']); ?>" id="qa_admin_hp" class="frm_input" size="30">
</td> </td>
</tr> </tr>
<tr> <tr>
<th scope="row"><label for="qa_admin_email">관리자 이메일</label></th> <th scope="row"><label for="qa_admin_email">관리자 이메일</label></th>
<td> <td>
<?php echo help('관리자 이메일을 입력하시면 문의글 등록시 등록하신 이메일로 알림이 전송됩니다.'); ?> <?php echo help('관리자 이메일을 입력하시면 문의글 등록시 등록하신 이메일로 알림이 전송됩니다.'); ?>
<input type="text" name="qa_admin_email" value="<?php echo get_sanitize_input($qaconfig['qa_admin_email']); ?>" id="qa_admin_email" class="frm_input" size="50"> <input type="text" name="qa_admin_email" value="<?php echo get_sanitize_input($qaconfig['qa_admin_email']); ?>" id="qa_admin_email" class="frm_input" size="50">
</td> </td>
</tr> </tr>
<tr> <tr>
<th scope="row"><label for="qa_use_editor">DHTML 에디터 사용</label></th> <th scope="row"><label for="qa_use_editor">DHTML 에디터 사용</label></th>
<td> <td>
<?php echo help('글작성시 내용을 DHTML 에디터 기능으로 사용할 것인지 설정합니다. 스킨에 따라 적용되지 않을 수 있습니다.'); ?> <?php echo help('글작성시 내용을 DHTML 에디터 기능으로 사용할 것인지 설정합니다. 스킨에 따라 적용되지 않을 수 있습니다.'); ?>
<select name="qa_use_editor" id="qa_use_editor"> <select name="qa_use_editor" id="qa_use_editor">
<?php echo option_selected(0, $qaconfig['qa_use_editor'], '사용안함'); ?> <?php echo option_selected(0, $qaconfig['qa_use_editor'], '사용안함'); ?>
<?php echo option_selected(1, $qaconfig['qa_use_editor'], '사용함'); ?> <?php echo option_selected(1, $qaconfig['qa_use_editor'], '사용함'); ?>
</select> </select>
</td> </td>
</tr> </tr>
<tr> <tr>
<th scope="row"><label for="qa_subject_len">제목 길이<strong class="sound_only"> 필수</strong></label></th> <th scope="row"><label for="qa_subject_len">제목 길이<strong class="sound_only"> 필수</strong></label></th>
<td> <td>
<?php echo help('목록에서의 제목 글자수') ?> <?php echo help('목록에서의 제목 글자수') ?>
<input type="text" name="qa_subject_len" value="<?php echo $qaconfig['qa_subject_len'] ?>" id="qa_subject_len" required class="required numeric frm_input" size="4"> <input type="text" name="qa_subject_len" value="<?php echo $qaconfig['qa_subject_len'] ?>" id="qa_subject_len" required class="required numeric frm_input" size="4">
</td> </td>
</tr> </tr>
<tr> <tr>
<th scope="row"><label for="qa_mobile_subject_len">모바일 제목 길이<strong class="sound_only"> 필수</strong></label></th> <th scope="row"><label for="qa_mobile_subject_len">모바일 제목 길이<strong class="sound_only"> 필수</strong></label></th>
<td> <td>
<?php echo help('목록에서의 제목 글자수') ?> <?php echo help('목록에서의 제목 글자수') ?>
<input type="text" name="qa_mobile_subject_len" value="<?php echo $qaconfig['qa_mobile_subject_len'] ?>" id="qa_mobile_subject_len" required class="required numeric frm_input" size="4"> <input type="text" name="qa_mobile_subject_len" value="<?php echo $qaconfig['qa_mobile_subject_len'] ?>" id="qa_mobile_subject_len" required class="required numeric frm_input" size="4">
</td> </td>
</tr> </tr>
<tr> <tr>
<th scope="row"><label for="qa_page_rows">페이지당 목록 수<strong class="sound_only"> 필수</strong></label></th> <th scope="row"><label for="qa_page_rows">페이지당 목록 수<strong class="sound_only"> 필수</strong></label></th>
<td> <td>
<input type="text" name="qa_page_rows" value="<?php echo $qaconfig['qa_page_rows'] ?>" id="qa_page_rows" required class="required numeric frm_input" size="4"> <input type="text" name="qa_page_rows" value="<?php echo $qaconfig['qa_page_rows'] ?>" id="qa_page_rows" required class="required numeric frm_input" size="4">
</td> </td>
</tr> </tr>
<tr> <tr>
<th scope="row"><label for="qa_mobile_page_rows">모바일 페이지당 목록 수<strong class="sound_only"> 필수</strong></label></th> <th scope="row"><label for="qa_mobile_page_rows">모바일 페이지당 목록 수<strong class="sound_only"> 필수</strong></label></th>
<td> <td>
<input type="text" name="qa_mobile_page_rows" value="<?php echo $qaconfig['qa_mobile_page_rows'] ?>" id="qa_mobile_page_rows" required class="required numeric frm_input" size="4"> <input type="text" name="qa_mobile_page_rows" value="<?php echo $qaconfig['qa_mobile_page_rows'] ?>" id="qa_mobile_page_rows" required class="required numeric frm_input" size="4">
</td> </td>
</tr> </tr>
<tr> <tr>
<th scope="row"><label for="qa_image_width">이미지 폭 크기<strong class="sound_only"> 필수</strong></label></th> <th scope="row"><label for="qa_image_width">이미지 폭 크기<strong class="sound_only"> 필수</strong></label></th>
<td> <td>
<?php echo help('게시판에서 출력되는 이미지의 폭 크기') ?> <?php echo help('게시판에서 출력되는 이미지의 폭 크기') ?>
<input type="text" name="qa_image_width" value="<?php echo $qaconfig['qa_image_width'] ?>" id="qa_image_width" required class="required numeric frm_input" size="4"> 픽셀 <input type="text" name="qa_image_width" value="<?php echo $qaconfig['qa_image_width'] ?>" id="qa_image_width" required class="required numeric frm_input" size="4"> 픽셀
</td> </td>
</tr> </tr>
<tr> <tr>
<th scope="row"><label for="qa_upload_size">파일 업로드 용량<strong class="sound_only"> 필수</strong></label></th> <th scope="row"><label for="qa_upload_size">파일 업로드 용량<strong class="sound_only"> 필수</strong></label></th>
<td> <td>
<?php echo help('최대 '.ini_get("upload_max_filesize").' 이하 업로드 가능, 1 MB = 1,048,576 bytes') ?> <?php echo help('최대 ' . ini_get("upload_max_filesize") . ' 이하 업로드 가능, 1 MB = 1,048,576 bytes') ?>
업로드 파일 한개당 <input type="text" name="qa_upload_size" value="<?php echo $qaconfig['qa_upload_size'] ?>" id="qa_upload_size" required class="required numeric frm_input" size="10"> bytes 이하 업로드 파일 한개당 <input type="text" name="qa_upload_size" value="<?php echo $qaconfig['qa_upload_size'] ?>" id="qa_upload_size" required class="required numeric frm_input" size="10"> bytes 이하
</td> </td>
</tr> </tr>
<tr> <tr>
<th scope="row"><label for="qa_include_head">상단 파일 경로</label></th> <th scope="row"><label for="qa_include_head">상단 파일 경로</label></th>
<td> <td>
<input type="text" name="qa_include_head" value="<?php echo $qaconfig['qa_include_head'] ?>" id="qa_include_head" class="frm_input" size="50"> <input type="text" name="qa_include_head" value="<?php echo $qaconfig['qa_include_head'] ?>" id="qa_include_head" class="frm_input" size="50">
</td> </td>
</tr> </tr>
<tr> <tr>
<th scope="row"><label for="qa_include_tail">하단 파일 경로</label></th> <th scope="row"><label for="qa_include_tail">하단 파일 경로</label></th>
<td> <td>
<input type="text" name="qa_include_tail" value="<?php echo $qaconfig['qa_include_tail'] ?>" id="qa_include_tail" class="frm_input" size="50"> <input type="text" name="qa_include_tail" value="<?php echo $qaconfig['qa_include_tail'] ?>" id="qa_include_tail" class="frm_input" size="50">
</td> </td>
</tr> </tr>
<tr id="admin_captcha_box" style="display:none;"> <tr id="admin_captcha_box" style="display:none;">
<th scope="row">자동등록방지</th> <th scope="row">자동등록방지</th>
<td> <td>
<?php <?php
echo help("파일 경로를 입력 또는 수정시 캡챠를 반드시 입력해야 합니다."); echo help("파일 경로를 입력 또는 수정시 캡챠를 반드시 입력해야 합니다.");
include_once(G5_CAPTCHA_PATH.'/captcha.lib.php'); require_once G5_CAPTCHA_PATH . '/captcha.lib.php';
$captcha_html = captcha_html(); $captcha_html = captcha_html();
$captcha_js = chk_captcha_js(); $captcha_js = chk_captcha_js();
echo $captcha_html; echo $captcha_html;
?> ?>
<script> <script>
jQuery("#captcha_key").removeAttr("required").removeClass("required"); jQuery("#captcha_key").removeAttr("required").removeClass("required");
</script> </script>
</td> </td>
</tr> </tr>
<tr> <tr>
<th scope="row"><label for="qa_content_head">상단 내용</label></th> <th scope="row"><label for="qa_content_head">상단 내용</label></th>
<td> <td>
<?php echo editor_html("qa_content_head", get_text(html_purifier($qaconfig['qa_content_head']), 0)); ?> <?php echo editor_html("qa_content_head", get_text(html_purifier($qaconfig['qa_content_head']), 0)); ?>
</td> </td>
</tr> </tr>
<tr> <tr>
<th scope="row"><label for="qa_content_tail">하단 내용</label></th> <th scope="row"><label for="qa_content_tail">하단 내용</label></th>
<td> <td>
<?php echo editor_html("qa_content_tail", get_text(html_purifier($qaconfig['qa_content_tail']), 0)); ?> <?php echo editor_html("qa_content_tail", get_text(html_purifier($qaconfig['qa_content_tail']), 0)); ?>
</td> </td>
</tr> </tr>
<tr> <tr>
<th scope="row"><label for="qa_mobile_content_head">모바일 상단 내용</label></th> <th scope="row"><label for="qa_mobile_content_head">모바일 상단 내용</label></th>
<td> <td>
<?php echo editor_html("qa_mobile_content_head", get_text(html_purifier($qaconfig['qa_mobile_content_head']), 0)); ?> <?php echo editor_html("qa_mobile_content_head", get_text(html_purifier($qaconfig['qa_mobile_content_head']), 0)); ?>
</td> </td>
</tr> </tr>
<tr> <tr>
<th scope="row"><label for="qa_mobile_content_tail">모바일 하단 내용</label></th> <th scope="row"><label for="qa_mobile_content_tail">모바일 하단 내용</label></th>
<td> <td>
<?php echo editor_html("qa_mobile_content_tail", get_text(html_purifier($qaconfig['qa_mobile_content_tail']), 0)); ?> <?php echo editor_html("qa_mobile_content_tail", get_text(html_purifier($qaconfig['qa_mobile_content_tail']), 0)); ?>
</td> </td>
</tr> </tr>
<tr> <tr>
<th scope="row"><label for="qa_insert_content">글쓰기 기본 내용</label></th> <th scope="row"><label for="qa_insert_content">글쓰기 기본 내용</label></th>
<td> <td>
<textarea id="qa_insert_content" name="qa_insert_content" rows="5"><?php echo html_purifier($qaconfig['qa_insert_content']); ?></textarea> <textarea id="qa_insert_content" name="qa_insert_content" rows="5"><?php echo html_purifier($qaconfig['qa_insert_content']); ?></textarea>
</td> </td>
</tr> </tr>
<?php for ($i=1; $i<=5; $i++) { ?> <?php for ($i = 1; $i <= 5; $i++) { ?>
<tr> <tr>
<th scope="row">여분필드<?php echo $i ?></th> <th scope="row">여분필드<?php echo $i ?></th>
<td class="td_extra"> <td class="td_extra">
<label for="qa_<?php echo $i ?>_subj">여분필드 <?php echo $i ?> 제목</label> <label for="qa_<?php echo $i ?>_subj">여분필드 <?php echo $i ?> 제목</label>
<input type="text" name="qa_<?php echo $i ?>_subj" id="qa_<?php echo $i ?>_subj" value="<?php echo get_text($qaconfig['qa_'.$i.'_subj']) ?>" class="frm_input"> <input type="text" name="qa_<?php echo $i ?>_subj" id="qa_<?php echo $i ?>_subj" value="<?php echo get_text($qaconfig['qa_' . $i . '_subj']) ?>" class="frm_input">
<label for="qa_<?php echo $i ?>">여분필드 <?php echo $i ?> 값</label> <label for="qa_<?php echo $i ?>">여분필드 <?php echo $i ?> 값</label>
<input type="text" name="qa_<?php echo $i ?>" value="<?php echo get_text($qaconfig['qa_'.$i]) ?>" id="qa_<?php echo $i ?>" class="frm_input"> <input type="text" name="qa_<?php echo $i ?>" value="<?php echo get_text($qaconfig['qa_' . $i]) ?>" id="qa_<?php echo $i ?>" class="frm_input">
</td> </td>
</tr> </tr>
<?php } ?> <?php } ?>
</tbody> </tbody>
</table> </table>
</div>
</section>
<div class="btn_fixed_top">
<input type="submit" value="확인" class="btn_submit btn" accesskey="s">
</div> </div>
</section>
<div class="btn_fixed_top">
<input type="submit" value="확인" class="btn_submit btn" accesskey="s">
</div>
</form> </form>
<script> <script>
var captcha_chk = false;
var captcha_chk = false; function use_captcha_check() {
$.ajax({
type: "POST",
url: g5_admin_url + "/ajax.use_captcha.php",
data: {
admin_use_captcha: "1"
},
cache: false,
async: false,
dataType: "json",
success: function(data) {}
});
}
function use_captcha_check(){ function frm_check_file() {
$.ajax({ var qa_include_head = "<?php echo $qaconfig['qa_include_head']; ?>";
type: "POST", var qa_include_tail = "<?php echo $qaconfig['qa_include_tail']; ?>";
url: g5_admin_url+"/ajax.use_captcha.php", var head = jQuery.trim(jQuery("#qa_include_head").val());
data: { admin_use_captcha: "1" }, var tail = jQuery.trim(jQuery("#qa_include_tail").val());
cache: false,
async: false, if (qa_include_head !== head || qa_include_tail !== tail) {
dataType: "json", // 캡챠를 사용합니다.
success: function(data) { jQuery("#admin_captcha_box").show();
captcha_chk = true;
use_captcha_check();
return false;
} else {
jQuery("#admin_captcha_box").hide();
}
return true;
}
jQuery(function($) {
if (window.self !== window.top) { // frame 또는 iframe을 사용할 경우 체크
$("#qa_include_head, #qa_include_tail").on("change paste keyup", function(e) {
frm_check_file();
});
use_captcha_check();
} }
}); });
}
function frm_check_file(){ function fqaconfigform_submit(f) {
var qa_include_head = "<?php echo $qaconfig['qa_include_head']; ?>"; <?php echo get_editor_js("qa_content_head"); ?>
var qa_include_tail = "<?php echo $qaconfig['qa_include_tail']; ?>"; <?php echo get_editor_js("qa_content_tail"); ?>
var head = jQuery.trim(jQuery("#qa_include_head").val()); <?php echo get_editor_js("qa_mobile_content_head"); ?>
var tail = jQuery.trim(jQuery("#qa_include_tail").val()); <?php echo get_editor_js("qa_mobile_content_tail"); ?>
if(qa_include_head !== head || qa_include_tail !== tail){ if (captcha_chk) {
// 캡챠 사용합니다. <?php echo isset($captcha_js) ? $captcha_js : ''; // 캡챠 사용시 자바스크립트에서 입력된 캡챠를 검사함 ?>
jQuery("#admin_captcha_box").show(); }
captcha_chk = true;
use_captcha_check(); f.action = "./qa_config_update.php";
return true;
return false;
} else {
jQuery("#admin_captcha_box").hide();
} }
return true;
}
jQuery(function($){
if( window.self !== window.top ){ // frame 또는 iframe을 사용할 경우 체크
$("#qa_include_head, #qa_include_tail").on("change paste keyup", function(e) {
frm_check_file();
});
use_captcha_check();
}
});
function fqaconfigform_submit(f)
{
<?php echo get_editor_js("qa_content_head"); ?>
<?php echo get_editor_js("qa_content_tail"); ?>
<?php echo get_editor_js("qa_mobile_content_head"); ?>
<?php echo get_editor_js("qa_mobile_content_tail"); ?>
if( captcha_chk ) {
<?php echo isset($captcha_js) ? $captcha_js : ''; // 캡챠 사용시 자바스크립트에서 입력된 캡챠를 검사함 ?>
}
f.action = "./qa_config_update.php";
return true;
}
</script> </script>
<?php <?php
include_once ('./admin.tail.php'); require_once './admin.tail.php';

37
adm/qa_config_update.php
View File

@ -1,6 +1,6 @@
<?php <?php
$sub_menu = "300500"; $sub_menu = "300500";
include_once('./_common.php'); require_once './_common.php';
check_demo(); check_demo();
@ -14,49 +14,49 @@ $qaconfig = get_qa_config();
$check_keys = array('qa_title', 'qa_category', 'qa_skin', 'qa_mobile_skin', 'qa_use_email', 'qa_req_email', 'qa_use_hp', 'qa_req_hp', 'qa_use_sms', 'qa_send_number', 'qa_admin_hp', 'qa_admin_email', 'qa_subject_len', 'qa_mobile_subject_len', 'qa_page_rows', 'qa_mobile_page_rows', 'qa_image_width', 'qa_upload_size'); $check_keys = array('qa_title', 'qa_category', 'qa_skin', 'qa_mobile_skin', 'qa_use_email', 'qa_req_email', 'qa_use_hp', 'qa_req_hp', 'qa_use_sms', 'qa_send_number', 'qa_admin_hp', 'qa_admin_email', 'qa_subject_len', 'qa_mobile_subject_len', 'qa_page_rows', 'qa_mobile_page_rows', 'qa_image_width', 'qa_upload_size');
foreach($check_keys as $key){ foreach ($check_keys as $key) {
$$key = $_POST[$key] = isset($_POST[$key]) ? strip_tags(clean_xss_attributes($_POST[$key])) : ''; $$key = $_POST[$key] = isset($_POST[$key]) ? strip_tags(clean_xss_attributes($_POST[$key])) : '';
} }
$qa_include_head = preg_replace(array("#[\\\]+$#", "#(<\?php|<\?)#i"), "", substr($qa_include_head, 0, 255)); $qa_include_head = isset($qa_include_head) ? preg_replace(array("#[\\\]+$#", "#(<\?php|<\?)#i"), "", substr($qa_include_head, 0, 255)) : '';
$qa_include_tail = preg_replace(array("#[\\\]+$#", "#(<\?php|<\?)#i"), "", substr($qa_include_tail, 0, 255)); $qa_include_tail = isset($qa_include_tail) ? preg_replace(array("#[\\\]+$#", "#(<\?php|<\?)#i"), "", substr($qa_include_tail, 0, 255)) : '';
// 관리자가 자동등록방지를 사용해야 할 경우 // 관리자가 자동등록방지를 사용해야 할 경우
if ($board && ($qaconfig['qa_include_head'] !== $qa_include_head || $qaconfig['qa_include_tail'] !== $qa_include_tail) && function_exists('get_admin_captcha_by') && get_admin_captcha_by()){ if ($board && ($qaconfig['qa_include_head'] !== $qa_include_head || $qaconfig['qa_include_tail'] !== $qa_include_tail) && function_exists('get_admin_captcha_by') && get_admin_captcha_by()) {
include_once(G5_CAPTCHA_PATH.'/captcha.lib.php'); include_once G5_CAPTCHA_PATH . '/captcha.lib.php';
if (!chk_captcha()) { if (!chk_captcha()) {
alert('자동등록방지 숫자가 틀렸습니다.'); alert('자동등록방지 숫자가 틀렸습니다.');
} }
} }
if( $qa_include_head ){ if ($qa_include_head) {
$file_ext = pathinfo($qa_include_head, PATHINFO_EXTENSION); $file_ext = pathinfo($qa_include_head, PATHINFO_EXTENSION);
if( ! $file_ext || ! in_array($file_ext, array('php', 'htm', 'html')) || ! preg_match('/^.*\.(php|htm|html)$/i', $qa_include_head) ) { if (!$file_ext || !in_array($file_ext, array('php', 'htm', 'html')) || !preg_match('/^.*\.(php|htm|html)$/i', $qa_include_head)) {
alert('상단 파일 경로의 확장자는 php, htm, html 만 허용합니다.'); alert('상단 파일 경로의 확장자는 php, htm, html 만 허용합니다.');
} }
} }
if( $qa_include_tail ){ if ($qa_include_tail) {
$file_ext = pathinfo($qa_include_tail, PATHINFO_EXTENSION); $file_ext = pathinfo($qa_include_tail, PATHINFO_EXTENSION);
if( ! $file_ext || ! in_array($file_ext, array('php', 'htm', 'html')) || ! preg_match('/^.*\.(php|htm|html)$/i', $qa_include_tail) ) { if (!$file_ext || !in_array($file_ext, array('php', 'htm', 'html')) || !preg_match('/^.*\.(php|htm|html)$/i', $qa_include_tail)) {
alert('하단 파일 경로의 확장자는 php, htm, html 만 허용합니다.'); alert('하단 파일 경로의 확장자는 php, htm, html 만 허용합니다.');
} }
} }
if( $qa_include_head && ! is_include_path_check($qa_include_head, 1) ){ if ($qa_include_head && !is_include_path_check($qa_include_head, 1)) {
$qa_include_head = ''; $qa_include_head = '';
$error_msg = '/data/file/ 또는 /data/editor/ 포함된 문자를 상단 파일 경로에 포함시킬수 없습니다.'; $error_msg = '/data/file/ 또는 /data/editor/ 포함된 문자를 상단 파일 경로에 포함시킬수 없습니다.';
} }
if( $qa_include_tail && ! is_include_path_check($qa_include_tail, 1) ){ if ($qa_include_tail && !is_include_path_check($qa_include_tail, 1)) {
$qa_include_tail = ''; $qa_include_tail = '';
$error_msg = '/data/file/ 또는 /data/editor/ 포함된 문자를 하단 파일 경로에 포함시킬수 없습니다.'; $error_msg = '/data/file/ 또는 /data/editor/ 포함된 문자를 하단 파일 경로에 포함시킬수 없습니다.';
} }
if( function_exists('filter_input_include_path') ){ if (function_exists('filter_input_include_path')) {
$qa_include_head = filter_input_include_path($qa_include_head); $qa_include_head = filter_input_include_path($qa_include_head);
$qa_include_tail = filter_input_include_path($qa_include_tail); $qa_include_tail = filter_input_include_path($qa_include_tail);
} }
@ -67,7 +67,7 @@ $dst_char = array('', '〓');
$qa_category = str_replace($src_char, $dst_char, $_POST['qa_category']); $qa_category = str_replace($src_char, $dst_char, $_POST['qa_category']);
//https://github.com/gnuboard/gnuboard5/commit/f5f4925d4eb28ba1af728e1065fc2bdd9ce1da58 에 따른 조치 //https://github.com/gnuboard/gnuboard5/commit/f5f4925d4eb28ba1af728e1065fc2bdd9ce1da58 에 따른 조치
$qa_category = preg_replace("/[\<\>\'\"\\\'\\\"\%\=\(\)\/\^\*]/", "", $qa_category); $qa_category = preg_replace("/[\<\>\'\"\\\'\\\"\%\=\(\)\/\^\*]/", "", (string)$qa_category);
$sql = " update {$g5['qa_config_table']} $sql = " update {$g5['qa_config_table']}
set qa_title = '{$_POST['qa_title']}', set qa_title = '{$_POST['qa_title']}',
@ -108,11 +108,12 @@ $sql = " update {$g5['qa_config_table']}
qa_5 = '{$_POST['qa_5']}' "; qa_5 = '{$_POST['qa_5']}' ";
sql_query($sql); sql_query($sql);
if(function_exists('get_admin_captcha_by')) if (function_exists('get_admin_captcha_by')) {
get_admin_captcha_by('remove'); get_admin_captcha_by('remove');
}
if($error_msg){ if ($error_msg) {
alert($error_msg, './qa_config.php'); alert($error_msg, './qa_config.php');
} else { } else {
goto_url('./qa_config.php'); goto_url('./qa_config.php');
} }

17
adm/safe_check.php
View File

@ -1,16 +1,21 @@
<?php <?php
if (!defined('_GNUBOARD_')) exit; // 개별 페이지 접근 불가 if (!defined('_GNUBOARD_')) {
exit; // 개별 페이지 접근 불가
}
function social_log_file_delete($second=0){ function social_log_file_delete($second = 0)
$files = glob(G5_DATA_PATH.'/tmp/social_*'); {
$files = glob(G5_DATA_PATH . '/tmp/social_*');
if (is_array($files)) { if (is_array($files)) {
$before_time = $second ? G5_SERVER_TIME - $second : 0; $before_time = $second ? G5_SERVER_TIME - $second : 0;
foreach ($files as $social_log_file) { foreach ($files as $social_log_file) {
$modification_time = filemtime($log_file); // 파일접근시간 $modification_time = filemtime($social_log_file); // 파일접근시간
if ($before_time && $modification_time > $before_time) continue; if ($before_time && $modification_time > $before_time) {
continue;
}
unlink($social_log_file); unlink($social_log_file);
} }
} }
} }