firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

따옴표 관련 오류 수정

Browse Source
This commit is contained in:
chicpro
2015-10-02 17:57:46 +09:00
parent 94cc7639a9
commit 273983c87c
10 changed files with 22 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
bbs/formmail.php
View File

@ -30,6 +30,8 @@ include_once(G5_PATH.'/head.sub.php');
if (!$name) if (!$name)
$name = base64_decode($email); $name = base64_decode($email);
else
$name = get_text(stripslashes($name), true);
if (!isset($type)) if (!isset($type))
$type = 0; $type = 0;

2
bbs/point.php
View File

@ -4,7 +4,7 @@ include_once('./_common.php');
if ($is_guest) if ($is_guest)
alert_close('회원만 조회하실 수 있습니다.'); alert_close('회원만 조회하실 수 있습니다.');
$g5['title'] = $member['mb_nick'].' 님의 포인트 내역'; $g5['title'] = get_text($member['mb_nick']).' 님의 포인트 내역';
include_once(G5_PATH.'/head.sub.php'); include_once(G5_PATH.'/head.sub.php');
$list = array(); $list = array();

2
bbs/profile.php
View File

@ -24,7 +24,7 @@ $sql = " select (TO_DAYS('".G5_TIME_YMDHIS."') - TO_DAYS('{$mb['mb_datetime']}')
$row = sql_fetch($sql); $row = sql_fetch($sql);
$mb_reg_after = $row['days']; $mb_reg_after = $row['days'];
$mb_homepage = set_http(clean_xss_tags($mb['mb_homepage'])); $mb_homepage = set_http(get_text(clean_xss_tags($mb['mb_homepage'])));
$mb_profile = $mb['mb_profile'] ? conv_content($mb['mb_profile'],0) : '소개 내용이 없습니다.'; $mb_profile = $mb['mb_profile'] ? conv_content($mb['mb_profile'],0) : '소개 내용이 없습니다.';
include_once($member_skin_path.'/profile.skin.php'); include_once($member_skin_path.'/profile.skin.php');

2
bbs/qawrite_update.php
View File

@ -217,7 +217,7 @@ if($w == '' || $w == 'a' || $w == 'r') {
$sql = " insert into {$g5['qa_content_table']} $sql = " insert into {$g5['qa_content_table']}
set qa_num = '$qa_num', set qa_num = '$qa_num',
mb_id = '{$member['mb_id']}', mb_id = '{$member['mb_id']}',
qa_name = '{$member['mb_nick']}', qa_name = '".addslashes($member['mb_nick'])."',
qa_email = '$qa_email', qa_email = '$qa_email',
qa_hp = '$qa_hp', qa_hp = '$qa_hp',
qa_type = '$qa_type', qa_type = '$qa_type',

2
bbs/scrap.php
View File

@ -4,7 +4,7 @@ include_once('./_common.php');
if (!$is_member) if (!$is_member)
alert_close('회원만 조회하실 수 있습니다.'); alert_close('회원만 조회하실 수 있습니다.');
$g5['title'] = $member['mb_nick'].'님의 스크랩'; $g5['title'] = get_text($member['mb_nick']).'님의 스크랩';
include_once(G5_PATH.'/head.sub.php'); include_once(G5_PATH.'/head.sub.php');
$sql_common = " from {$g5['scrap_table']} where mb_id = '{$member['mb_id']}' "; $sql_common = " from {$g5['scrap_table']} where mb_id = '{$member['mb_id']}' ";

22
lib/common.lib.php
View File

@ -383,8 +383,9 @@ function get_list($write_row, $board, $skin_url, $subject_len=40)
$list['wr_homepage'] = get_text($list['wr_homepage']); $list['wr_homepage'] = get_text($list['wr_homepage']);
$tmp_name = get_text(cut_str($list['wr_name'], $config['cf_cut_name'])); // 설정된 자리수 만큼만 이름 출력 $tmp_name = get_text(cut_str($list['wr_name'], $config['cf_cut_name'])); // 설정된 자리수 만큼만 이름 출력
$tmp_name2 = cut_str($list['wr_name'], $config['cf_cut_name']); // 설정된 자리수 만큼만 이름 출력
if ($board['bo_use_sideview']) if ($board['bo_use_sideview'])
$list['name'] = get_sideview($list['mb_id'], $tmp_name, $list['wr_email'], $list['wr_homepage']); $list['name'] = get_sideview($list['mb_id'], $tmp_name2, $list['wr_email'], $list['wr_homepage']);
else else
$list['name'] = '<span class="'.($list['mb_id']?'sv_member':'sv_guest').'">'.$tmp_name.'</span>'; $list['name'] = '<span class="'.($list['mb_id']?'sv_member':'sv_guest').'">'.$tmp_name.'</span>';
@ -1201,6 +1202,10 @@ function get_sideview($mb_id, $name='', $email='', $homepage='')
$email = base64_encode($email); $email = base64_encode($email);
$homepage = set_http(clean_xss_tags($homepage)); $homepage = set_http(clean_xss_tags($homepage));
$name = get_text($name, 0, true);
$email = get_text($email);
$homepage = get_text($homepage);
$tmp_name = ""; $tmp_name = "";
if ($mb_id) { if ($mb_id) {
//$tmp_name = "<a href=\"".G5_BBS_URL."/profile.php?mb_id=".$mb_id."\" class=\"sv_member\" title=\"$name 자기소개\" target=\"_blank\" onclick=\"return false;\">$name</a>"; //$tmp_name = "<a href=\"".G5_BBS_URL."/profile.php?mb_id=".$mb_id."\" class=\"sv_member\" title=\"$name 자기소개\" target=\"_blank\" onclick=\"return false;\">$name</a>";
@ -1235,10 +1240,6 @@ function get_sideview($mb_id, $name='', $email='', $homepage='')
$title_mb_id = '[비회원]'; $title_mb_id = '[비회원]';
} }
$name = get_text($name);
$email = get_text($email);
$homepage = get_text($homepage);
$str = "<span class=\"sv_wrap\">\n"; $str = "<span class=\"sv_wrap\">\n";
$str .= $tmp_name."\n"; $str .= $tmp_name."\n";
@ -1360,7 +1361,7 @@ function cut_str($str, $len, $suffix="…")
// TEXT 형식으로 변환 // TEXT 형식으로 변환
function get_text($str, $html=0) function get_text($str, $html=0, $restore=false)
{ {
$source[] = "<"; $source[] = "<";
$target[] = "&lt;"; $target[] = "&lt;";
@ -1371,7 +1372,8 @@ function get_text($str, $html=0)
$source[] = "\'"; $source[] = "\'";
$target[] = "&#039;"; $target[] = "&#039;";
$str = str_replace($target, $source, $str); if($restore)
$str = str_replace($target, $source, $str);
// 3.31 // 3.31
// TEXT 출력일 경우 &amp; &nbsp; 등의 코드를 정상으로 출력해 주기 위함 // TEXT 출력일 경우 &amp; &nbsp; 등의 코드를 정상으로 출력해 주기 위함
@ -2635,9 +2637,9 @@ function module_exec_check($exe, $type)
// 주소출력 // 주소출력
function print_address($addr1, $addr2, $addr3, $addr4) function print_address($addr1, $addr2, $addr3, $addr4)
{ {
$address = trim($addr1); $address = get_text(trim($addr1));
$addr2 = trim($addr2); $addr2 = get_text(trim($addr2));
$addr3 = trim($addr3); $addr3 = get_text(trim($addr3));
if($addr4 == 'N') { if($addr4 == 'N') {
if($addr2) if($addr2)

2
mobile/skin/poll/basic/poll_result.skin.php
View File

@ -57,7 +57,7 @@ add_stylesheet('<link rel="stylesheet" href="'.$poll_skin_url.'/style.css">', 0)
<input type="hidden" name="po_id" value="<?php echo $po_id ?>"> <input type="hidden" name="po_id" value="<?php echo $po_id ?>">
<input type="hidden" name="w" value=""> <input type="hidden" name="w" value="">
<input type="hidden" name="skin_dir" value="<?php echo $skin_dir ?>"> <input type="hidden" name="skin_dir" value="<?php echo $skin_dir ?>">
<?php if ($is_member) { ?><input type="hidden" name="pc_name" value="<?php echo cut_str($member['mb_nick'],255) ?>"><?php } ?> <?php if ($is_member) { ?><input type="hidden" name="pc_name" value="<?php echo get_text(cut_str($member['mb_nick'],255)); ?>"><?php } ?>
<h3><?php echo $po_etc ?></h3> <h3><?php echo $po_etc ?></h3>
<div class="tbl_frm01 tbl_wrap"> <div class="tbl_frm01 tbl_wrap">

2
skin/poll/basic/poll_result.skin.php
View File

@ -61,7 +61,7 @@ add_stylesheet('<link rel="stylesheet" href="'.$poll_skin_url.'/style.css">', 0)
<input type="hidden" name="po_id" value="<?php echo $po_id ?>"> <input type="hidden" name="po_id" value="<?php echo $po_id ?>">
<input type="hidden" name="w" value=""> <input type="hidden" name="w" value="">
<input type="hidden" name="skin_dir" value="<?php echo $skin_dir ?>"> <input type="hidden" name="skin_dir" value="<?php echo $skin_dir ?>">
<?php if ($is_member) { ?><input type="hidden" name="pc_name" value="<?php echo cut_str($member['mb_nick'],255) ?>"><?php } ?> <?php if ($is_member) { ?><input type="hidden" name="pc_name" value="<?php echo get_text(cut_str($member['mb_nick'],255)); ?>"><?php } ?>
<h3><?php echo $po_etc ?></h3> <h3><?php echo $po_etc ?></h3>
<div class="tbl_frm01 tbl_wrap"> <div class="tbl_frm01 tbl_wrap">

2
theme/basic/mobile/skin/poll/basic/poll_result.skin.php
View File

@ -57,7 +57,7 @@ add_stylesheet('<link rel="stylesheet" href="'.$poll_skin_url.'/style.css">', 0)
<input type="hidden" name="po_id" value="<?php echo $po_id ?>"> <input type="hidden" name="po_id" value="<?php echo $po_id ?>">
<input type="hidden" name="w" value=""> <input type="hidden" name="w" value="">
<input type="hidden" name="skin_dir" value="<?php echo urlencode($skin_dir); ?>"> <input type="hidden" name="skin_dir" value="<?php echo urlencode($skin_dir); ?>">
<?php if ($is_member) { ?><input type="hidden" name="pc_name" value="<?php echo cut_str($member['mb_nick'],255) ?>"><?php } ?> <?php if ($is_member) { ?><input type="hidden" name="pc_name" value="<?php echo get_text(cut_str($member['mb_nick'],255)); ?>"><?php } ?>
<h3><?php echo $po_etc ?></h3> <h3><?php echo $po_etc ?></h3>
<div class="tbl_frm01 tbl_wrap"> <div class="tbl_frm01 tbl_wrap">

2
theme/basic/skin/poll/basic/poll_result.skin.php
View File

@ -61,7 +61,7 @@ add_stylesheet('<link rel="stylesheet" href="'.$poll_skin_url.'/style.css">', 0)
<input type="hidden" name="po_id" value="<?php echo $po_id ?>"> <input type="hidden" name="po_id" value="<?php echo $po_id ?>">
<input type="hidden" name="w" value=""> <input type="hidden" name="w" value="">
<input type="hidden" name="skin_dir" value="<?php echo urlencode($skin_dir); ?>"> <input type="hidden" name="skin_dir" value="<?php echo urlencode($skin_dir); ?>">
<?php if ($is_member) { ?><input type="hidden" name="pc_name" value="<?php echo cut_str($member['mb_nick'],255) ?>"><?php } ?> <?php if ($is_member) { ?><input type="hidden" name="pc_name" value="<?php echo get_text(cut_str($member['mb_nick'],255)) ?>"><?php } ?>
<h3><?php echo $po_etc ?></h3> <h3><?php echo $po_etc ?></h3>
<div class="tbl_frm01 tbl_wrap"> <div class="tbl_frm01 tbl_wrap">