firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

MySQLi 지원 추가 및 SMS5 수정

Browse Source
This commit is contained in:
chicpro
2015-10-16 10:12:06 +09:00
parent 0803de998b
commit 1fe4684537
44 changed files with 236 additions and 1415 deletions
Download Patch File Download Diff File Expand all files Collapse all files

188
lib/common.lib.php
View File

@ -1260,10 +1260,6 @@ function get_sideview($mb_id, $name='', $email='', $homepage='')
}
if($mb_id)
$str2 .= "<a href=\"".G5_BBS_URL."/new.php?mb_id=".$mb_id."\">전체게시물</a>\n";
if($g5['sms5_use_sideview']){
$mb = get_member($mb_id, " mb_open, mb_sms , mb_hp ");
if( $mb['mb_open'] && $mb['mb_sms'] && $mb['mb_hp'] ) $str2 .= "<a href=\"".G5_SMS5_URL."/?mb_id=".$mb_id."\" class=\"win_sms5\" target=\"_blank\">문자보내기</a>\n";
}
if($is_admin == "super" && $mb_id) {
$str2 .= "<a href=\"".G5_ADMIN_URL."/member_form.php?w=u&amp;mb_id=".$mb_id."\" target=\"_blank\">회원정보변경</a>\n";
$str2 .= "<a href=\"".G5_ADMIN_URL."/point_list.php?sfl=mb_id&amp;stx=".$mb_id."\" target=\"_blank\">포인트내역</a>\n";
@ -1416,11 +1412,22 @@ function html_symbol($str)
*************************************************************************/
// DB 연결
function sql_connect($host, $user, $pass)
function sql_connect($host, $user, $pass, $db=G5_MYSQL_DB)
{
global $g5;
return @mysql_connect($host, $user, $pass);
if(function_exists('mysqli_connect') && G5_MYSQLI_USE) {
$link = mysqli_connect($host, $user, $pass, $db);
// 연결 오류 발생 시 스크립트 종료
if (mysqli_connect_errno()) {
die('Connect Error: '.mysqli_connect_error());
}
} else {
$link = mysql_connect($host, $user, $pass);
}
return $link;
}
@ -1429,16 +1436,36 @@ function sql_select_db($db, $connect)
{
global $g5;
return @mysql_select_db($db, $connect);
if(function_exists('mysqli_select_db') && G5_MYSQLI_USE)
return @mysqli_select_db($connect, $db);
else
return @mysql_select_db($db, $connect);
}
// mysql_query 와 mysql_error 를 한꺼번에 처리
// mysql connect resource 지정 - 명랑폐인님 제안
function sql_query($sql, $error=G5_DISPLAY_SQL_ERROR)
function sql_set_charset($charset, $link=null)
{
global $g5;
if(!$link)
$link = $g5['connect_db'];
if(function_exists('mysqli_set_charset') && G5_MYSQLI_USE)
mysqli_set_charset($link, $charset);
else
sql_query(" set names {$charset} ");
}
// mysqli_query 와 mysqli_error 를 한꺼번에 처리
// mysql connect resource 지정 - 명랑폐인님 제안
function sql_query($sql, $error=G5_DISPLAY_SQL_ERROR, $link=null)
{
global $g5;
if(!$link)
$link = $g5['connect_db'];
// Blind SQL Injection 취약점 해결
$sql = trim($sql);
// union의 사용을 허락하지 않습니다.
@ -1447,20 +1474,34 @@ function sql_query($sql, $error=G5_DISPLAY_SQL_ERROR)
// `information_schema` DB로의 접근을 허락하지 않습니다.
$sql = preg_replace("#^select.*from.*where.*`?information_schema`?.*#i", "select 1", $sql);
if ($error)
$result = @mysql_query($sql, $g5['connect_db']) or die("<p>$sql<p>" . mysql_errno() . " : " . mysql_error() . "<p>error file : {$_SERVER['SCRIPT_NAME']}");
else
$result = @mysql_query($sql, $g5['connect_db']);
if(function_exists('mysqli_query') && G5_MYSQLI_USE) {
if ($error) {
$result = @mysqli_query($link, $sql) or die("<p>$sql<p>" . mysqli_errno($link) . " : " . mysqli_error($link) . "<p>error file : {$_SERVER['SCRIPT_NAME']}");
} else {
$result = @mysqli_query($link, $sql);
}
} else {
if ($error) {
$result = @mysql_query($sql, $link) or die("<p>$sql<p>" . mysql_errno() . " : " . mysql_error() . "<p>error file : {$_SERVER['SCRIPT_NAME']}");
} else {
$result = @mysql_query($sql, $link);
}
}
return $result;
}
// 쿼리를 실행한 후 결과값에서 한행을 얻는다.
function sql_fetch($sql, $error=G5_DISPLAY_SQL_ERROR)
function sql_fetch($sql, $error=G5_DISPLAY_SQL_ERROR, $link=null)
{
$result = sql_query($sql, $error);
//$row = @sql_fetch_array($result) or die("<p>$sql<p>" . mysql_errno() . " : " . mysql_error() . "<p>error file : $_SERVER['SCRIPT_NAME']");
global $g5;
if(!$link)
$link = $g5['connect_db'];
$result = sql_query($sql, $error, $link);
//$row = @sql_fetch_array($result) or die("<p>$sql<p>" . mysqli_errno() . " : " . mysqli_error() . "<p>error file : $_SERVER['SCRIPT_NAME']");
$row = sql_fetch_array($result);
return $row;
}
@ -1469,7 +1510,11 @@ function sql_fetch($sql, $error=G5_DISPLAY_SQL_ERROR)
// 결과값에서 한행 연관배열(이름으로)로 얻는다.
function sql_fetch_array($result)
{
$row = @mysql_fetch_assoc($result);
if(function_exists('mysqli_fetch_assoc') && G5_MYSQLI_USE)
$row = @mysqli_fetch_assoc($result);
else
$row = @mysql_fetch_assoc($result);
return $row;
}
@ -1479,7 +1524,10 @@ function sql_fetch_array($result)
// 단, 결과 값은 스크립트(script) 실행부가 종료되면서 메모리에서 자동적으로 지워진다.
function sql_free_result($result)
{
return mysql_free_result($result);
if(function_exists('mysqli_free_result') && G5_MYSQLI_USE)
return mysqli_free_result($result);
else
return mysql_free_result($result);
}
@ -1493,6 +1541,74 @@ function sql_password($value)
}
function sql_insert_id($link=null)
{
global $g5;
if(!$link)
$link = $g5['connect_db'];
if(function_exists('mysqli_insert_id') && G5_MYSQLI_USE)
return mysqli_insert_id($link);
else
return mysql_insert_id($link);
}
function sql_num_rows($result)
{
if(function_exists('mysqli_num_rows') && G5_MYSQLI_USE)
return mysqli_num_rows($result);
else
return mysql_num_rows($result);
}
function sql_field_names($table, $link=null)
{
global $g5;
if(!$link)
$link = $g5['connect_db'];
$columns = array();
$sql = " select * from `$table` limit 1 ";
$result = sql_query($sql, $link);
if(function_exists('mysqli_fetch_field') && G5_MYSQLI_USE) {
while($field = mysqli_fetch_field($result)) {
$columns[] = $field->name;
}
} else {
$i = 0;
$cnt = mysql_num_fields($result);
while($i < $cnt) {
$field = mysql_fetch_field($result, $i);
$columns[] = $field->name;
$i++;
}
}
return $columns;
}
function sql_error_info($link=null)
{
global $g5;
if(!$link)
$link = $g5['connect_db'];
if(function_exists('mysqli_error') && G5_MYSQLI_USE) {
return mysqli_errno($link) . ' : ' . mysqli_error($link);
} else {
return mysql_errno($link) . ' : ' . mysql_error($link);
}
}
// PHPMyAdmin 참고
function get_table_define($table, $crlf="\n")
{
@ -1893,12 +2009,15 @@ function convert_charset($from_charset, $to_charset, $str)
}
// mysql_real_escape_string 의 alias 기능을 한다.
function sql_real_escape_string($field)
// mysqli_real_escape_string 의 alias 기능을 한다.
function sql_real_escape_string($str, $link=null)
{
global $g5;
return mysql_real_escape_string($field, $g5['connect_db']);
if(!$link)
$link = $g5['connect_db'];
return mysqli_real_escape_string($link, $str);
}
function escape_trim($field)
@ -3017,4 +3136,29 @@ function get_skin_url($dir, $skin)
return str_replace(G5_PATH, G5_URL, $skin_path);
}
// 발신번호 유효성 체크
function check_vaild_callback($callback){
$_callback = preg_replace('/[^0-9]/','', $callback);
/**
* 1588 로시작하면 총8자리인데 7자리라 차단
* 02 로시작하면 총9자리 또는 10자리인데 11자리라차단
* 1366은 그자체가 원번호이기에 다른게 붙으면 차단
* 030으로 시작하면 총10자리 또는 11자리인데 9자리라차단
*/
if( substr($_callback,0,4) == '1588') if( strlen($_callback) != 8) return false;
if( substr($_callback,0,2) == '02') if( strlen($_callback) != 9 && strlen($_callback) != 10 ) return false;
if( substr($_callback,0,3) == '030') if( strlen($_callback) != 10 && strlen($_callback) != 11 ) return false;
if( !preg_match("/^(02|0[3-6]\d|01(0|1|3|5|6|7|8|9)|070|080|007)\-?\d{3,4}\-?\d{4,5}$/",$_callback) &&
!preg_match("/^(15|16|18)\d{2}\-?\d{4,5}$/",$_callback) ){
return false;
} else if( preg_match("/^(02|0[3-6]\d|01(0|1|3|5|6|7|8|9)|070|080)\-?0{3,4}\-?\d{4}$/",$_callback )) {
return false;
} else {
return true;
}
}
?>