From 447c4cd13aa829a1c65f9e2cc4deed3b9355d7a1 Mon Sep 17 00:00:00 2001 From: whitedot Date: Tue, 29 Jan 2013 17:18:34 +0900 Subject: [PATCH 1/6] =?UTF-8?q?=EA=B4=80=EB=A6=AC=EC=9E=90:=20#118=20?= =?UTF-8?q?=EC=97=90=20=EB=94=B0=EB=A5=B8=20=EC=98=A8=EB=9D=BC=EC=9D=B8=20?= =?UTF-8?q?=EC=84=9C=EC=8B=9D=20=EC=B2=98=EB=A6=AC?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- adm/auth_list.php | 2 +- adm/board_copy.php | 4 ++-- adm/board_form.php | 36 ++++++++++++++++++------------------ adm/board_list.php | 8 ++++---- adm/boardgroup_form.php | 2 +- adm/config_form.php | 36 +++++++++++++++--------------------- adm/mail_form.php | 2 +- adm/member_form.php | 20 ++++++++++---------- adm/sendmail_test.php | 2 +- 9 files changed, 53 insertions(+), 59 deletions(-) diff --git a/adm/auth_list.php b/adm/auth_list.php index 30150b3f1..35e51580c 100644 --- a/adm/auth_list.php +++ b/adm/auth_list.php @@ -188,7 +188,7 @@ else

관리자 권한을 탈취당하는 경우를 대비하여 패스워드를 다시 한번 확인합니다.

- + diff --git a/adm/board_copy.php b/adm/board_copy.php index 8b96afec0..a2d2efa27 100644 --- a/adm/board_copy.php +++ b/adm/board_copy.php @@ -23,11 +23,11 @@ include_once($g4['path'].'/head.sub.php'); - 영문자, 숫자, _ 만 가능 (공백없이) + 영문자, 숫자, _ 만 가능 (공백없이) - + 복사 유형 diff --git a/adm/board_form.php b/adm/board_form.php index 8ddc646fa..21784e14e 100644 --- a/adm/board_form.php +++ b/adm/board_form.php @@ -107,7 +107,7 @@ include_once ('./admin.head.php'); - + @@ -265,7 +265,7 @@ include_once ('./admin.head.php'); - 댓글 개 이상 달리면 수정불가 + 댓글 개 이상 달리면 수정불가 @@ -275,7 +275,7 @@ include_once ('./admin.head.php'); - 댓글 개 이상 달리면 삭제불가 + 댓글 개 이상 달리면 삭제불가 @@ -433,7 +433,7 @@ include_once ('./admin.head.php'); - + @@ -450,7 +450,7 @@ if (!preg_match("/([m|M])$/", $upload_max_filesize)) { - 업로드 파일 한개당 bytes 이하 + 업로드 파일 한개당 bytes 이하 @@ -593,7 +593,7 @@ if (!preg_match("/([m|M])$/", $upload_max_filesize)) { - + @@ -603,7 +603,7 @@ if (!preg_match("/([m|M])$/", $upload_max_filesize)) { - + @@ -614,7 +614,7 @@ if (!preg_match("/([m|M])$/", $upload_max_filesize)) { - + @@ -625,7 +625,7 @@ if (!preg_match("/([m|M])$/", $upload_max_filesize)) { - + @@ -636,7 +636,7 @@ if (!preg_match("/([m|M])$/", $upload_max_filesize)) { - 픽셀 + 픽셀 @@ -647,7 +647,7 @@ if (!preg_match("/([m|M])$/", $upload_max_filesize)) { - + @@ -658,7 +658,7 @@ if (!preg_match("/([m|M])$/", $upload_max_filesize)) { - + @@ -718,13 +718,13 @@ if (!preg_match("/([m|M])$/", $upload_max_filesize)) { - + - + @@ -734,7 +734,7 @@ if (!preg_match("/([m|M])$/", $upload_max_filesize)) { - + @@ -744,7 +744,7 @@ if (!preg_match("/([m|M])$/", $upload_max_filesize)) { - + @@ -754,7 +754,7 @@ if (!preg_match("/([m|M])$/", $upload_max_filesize)) { - + @@ -789,7 +789,7 @@ if (!preg_match("/([m|M])$/", $upload_max_filesize)) { XSS 혹은 CSRF 방지

관리자 권한을 탈취당하는 경우를 대비하여 패스워드를 다시 한번 확인합니다.

- +
diff --git a/adm/board_list.php b/adm/board_list.php index b1a3f03a2..3c877d1c6 100644 --- a/adm/board_list.php +++ b/adm/board_list.php @@ -150,10 +150,10 @@ for ($i=0; $row=sql_fetch_array($result); $i++) { - - - - + + + + value="1" title="검색사용"> diff --git a/adm/boardgroup_form.php b/adm/boardgroup_form.php index a4b666ead..2580a5c6f 100644 --- a/adm/boardgroup_form.php +++ b/adm/boardgroup_form.php @@ -41,7 +41,7 @@ include_once('./admin.head.php'); - + '; diff --git a/adm/config_form.php b/adm/config_form.php index 7b72e6c54..a46e0921d 100644 --- a/adm/config_form.php +++ b/adm/config_form.php @@ -46,7 +46,7 @@ include_once ('./admin.head.php'); - + @@ -58,12 +58,12 @@ include_once ('./admin.head.php'); - 점 + - 점 + 점 @@ -117,7 +117,7 @@ include_once ('./admin.head.php'); - - - - 점 + - 점 + - 점 + - 점 + @@ -210,17 +210,11 @@ include_once ('./admin.head.php'); 건 단위로 검색 - - - - - - - 초 지난후 가능 + 초 지난후 가능 - 페이지씩 표시 + 페이지씩 표시 @@ -262,7 +256,7 @@ include_once ('./admin.head.php'); - - + @@ -505,7 +499,7 @@ include_once ('./admin.head.php'); XSS 혹은 CSRF 방지

관리자 권한을 탈취당하는 경우를 대비하여 패스워드를 다시 한번 확인합니다.

- +
diff --git a/adm/mail_form.php b/adm/mail_form.php index 7782781bb..290f08ea8 100644 --- a/adm/mail_form.php +++ b/adm/mail_form.php @@ -34,7 +34,7 @@ include_once('./admin.head.php'); - + diff --git a/adm/member_form.php b/adm/member_form.php index 5b6aa54ff..19acabab7 100644 --- a/adm/member_form.php +++ b/adm/member_form.php @@ -99,17 +99,17 @@ include_once('./admin.head.php'); - value="" size="15" title="아이디"> + value="" size="15"> 접근가능그룹보기 - size="15" title="패스워드"> + size="15"> - + - + @@ -119,7 +119,7 @@ include_once('./admin.head.php'); - + @@ -226,14 +226,14 @@ include_once('./admin.head.php'); - + 탈퇴일자 - + " onclick="if (this.form.mb_leave_date.value==this.form.mb_leave_date.defaultValue) { this.form.mb_leave_date.value=this.value; } else { this.form.mb_leave_date.value=this.form.mb_leave_date.defaultValue; }" title="탈퇴일을 오늘로 지정"> 오늘 - + 접근차단일자 - + " onclick="if (this.form.mb_intercept_date.value==this.form.mb_intercept_date.defaultValue) { this.form.mb_intercept_date.value=this.value; } else { this.form.mb_intercept_date.value=this.form.mb_intercept_date.defaultValue; }" title="접근차단일을 오늘로 지정"> 오늘 @@ -252,7 +252,7 @@ include_once('./admin.head.php'); XSS 혹은 CSRF 방지

관리자 권한을 탈취 당하는 경우를 대비하여 관리자의 패스워드를 다시 한번 확인합니다.

- +
diff --git a/adm/sendmail_test.php b/adm/sendmail_test.php index 80d8f0e3c..304c4313d 100644 --- a/adm/sendmail_test.php +++ b/adm/sendmail_test.php @@ -45,7 +45,7 @@ if (isset($_POST['mail'])) {
테스트메일 발송 - +
From 1fcec6cc57a80691429877a9040f70fb5e767f4f Mon Sep 17 00:00:00 2001 From: chicpro Date: Tue, 29 Jan 2013 18:02:03 +0900 Subject: [PATCH 2/6] =?UTF-8?q?display=5Ftype=20=ED=95=A8=EC=88=98?= =?UTF-8?q?=EB=82=B4=20=EA=B2=BD=EB=A1=9C=20=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- lib/shop.lib.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/shop.lib.php b/lib/shop.lib.php index 68dd1ba72..e5f494dea 100644 --- a/lib/shop.lib.php +++ b/lib/shop.lib.php @@ -371,7 +371,7 @@ function display_type($type, $skin_file, $list_mod, $list_row, $img_width, $img_ return false; } - $file = "$g4[shop_path]/$skin_file"; + $file = G4_SHOP_PATH."/$skin_file"; if (!file_exists($file)) { echo "{$file} 파일을 찾을 수 없습니다."; } else { From ec0323fd7c594c3706e3fb5775afc6ca5b3fad4c Mon Sep 17 00:00:00 2001 From: chicpro Date: Tue, 29 Jan 2013 18:02:20 +0900 Subject: [PATCH 3/6] =?UTF-8?q?=EC=87=BC=ED=95=91=EB=AA=B0=20=EB=A9=94?= =?UTF-8?q?=EC=9D=B8=20=ED=8E=98=EC=9D=B4=EC=A7=80=20=EA=B2=BD=EB=A1=9C=20?= =?UTF-8?q?=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- shop.php | 34 +++++++++++++++++----------------- 1 file changed, 17 insertions(+), 17 deletions(-) diff --git a/shop.php b/shop.php index 965930638..5805608bf 100644 --- a/shop.php +++ b/shop.php @@ -1,28 +1,28 @@ - +
-

+


"; + echo "
"; display_type($type, $default["de_type{$type}_list_skin"], $default["de_type{$type}_list_mod"], $default["de_type{$type}_list_row"], $default["de_type{$type}_img_width"], $default["de_type{$type}_img_height"]); } ?> @@ -34,9 +34,9 @@ include_once("$g4[path]/head.php");
"; + echo "
"; display_type($type, $default["de_type{$type}_list_skin"], $default["de_type{$type}_list_mod"], $default["de_type{$type}_list_row"], $default["de_type{$type}_img_width"], $default["de_type{$type}_img_height"]); } ?> @@ -48,9 +48,9 @@ include_once("$g4[path]/head.php");
"; + echo "
"; display_type($type, $default["de_type{$type}_list_skin"], $default["de_type{$type}_list_mod"], $default["de_type{$type}_list_row"], $default["de_type{$type}_img_width"], $default["de_type{$type}_img_height"]); } ?> @@ -62,9 +62,9 @@ include_once("$g4[path]/head.php");
"; + echo "
"; display_type($type, $default["de_type{$type}_list_skin"], $default["de_type{$type}_list_mod"], $default["de_type{$type}_list_row"], $default["de_type{$type}_img_width"], $default["de_type{$type}_img_height"]); } ?> @@ -77,9 +77,9 @@ include_once("$g4[path]/head.php");
"; + echo "
"; display_type($type, $default["de_type{$type}_list_skin"], $default["de_type{$type}_list_mod"], $default["de_type{$type}_list_row"], $default["de_type{$type}_img_width"], $default["de_type{$type}_img_height"]); } ?>

@@ -98,7 +98,7 @@ include_once("$g4[path]/head.php");

\ No newline at end of file From 2f99243735b0ab8d2cc0c709fafef6db2096b6e1 Mon Sep 17 00:00:00 2001 From: chicpro Date: Tue, 29 Jan 2013 18:06:06 +0900 Subject: [PATCH 4/6] =?UTF-8?q?=EB=A1=9C=EA=B7=B8=EC=9D=B8=20=EA=B2=BD?= =?UTF-8?q?=EB=A1=9C=20=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- adm/admin.lib.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/adm/admin.lib.php b/adm/admin.lib.php index 2c0f86c01..da8dca504 100644 --- a/adm/admin.lib.php +++ b/adm/admin.lib.php @@ -213,7 +213,7 @@ function order_select($fld, $sel='') if (!$member['mb_id']) { //alert('로그인 하십시오.', '$g4['bbs_path']/login.php?url=' . urlencode('$_SERVER['PHP_SELF']?w=$w&mb_id=$mb_id')); - alert('로그인 하십시오.', $g4['bbs_path'].'/login.php?url=' . urlencode($_SERVER['PHP_SELF'].'?'.$_SERVER['QUERY_STRING'])); + alert('로그인 하십시오.', G4_BBS_URL.'/login.php?url=' . urlencode($_SERVER['PHP_SELF'].'?'.$_SERVER['QUERY_STRING'])); } else if ($is_admin != 'super') { From 427f79d49088e0e87f4b939f73abb7e3e56e9b4f Mon Sep 17 00:00:00 2001 From: chicpro Date: Tue, 29 Jan 2013 18:10:02 +0900 Subject: [PATCH 5/6] =?UTF-8?q?maintype=20=EC=8A=A4=ED=82=A8=20=EA=B2=BD?= =?UTF-8?q?=EB=A1=9C=20=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- adm/shop_admin/configform.php | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/adm/shop_admin/configform.php b/adm/shop_admin/configform.php index a245d490e..83f5121ad 100644 --- a/adm/shop_admin/configform.php +++ b/adm/shop_admin/configform.php @@ -159,7 +159,7 @@ include_once (G4_ADMIN_PATH."/admin.head.php"); 		히트상품출력 출력 : > - , 스킨 : + , 스킨 : , 1라인이미지수 : , 라인 : , 폭 : @@ -171,7 +171,7 @@ include_once (G4_ADMIN_PATH."/admin.head.php"); 추천상품출력 출력 : > - , 스킨 : + , 스킨 : , 1라인이미지수 : , 라인 : , 폭 : @@ -182,7 +182,7 @@ include_once (G4_ADMIN_PATH."/admin.head.php"); 최신상품출력 출력 : > - , 스킨 : + , 스킨 : , 1라인이미지수 : , 라인 : , 폭 : @@ -193,7 +193,7 @@ include_once (G4_ADMIN_PATH."/admin.head.php"); 인기상품출력 출력 : > - , 스킨 : + , 스킨 : , 1라인이미지수 : , 라인 : , 폭 : @@ -204,7 +204,7 @@ include_once (G4_ADMIN_PATH."/admin.head.php"); 할인상품출력 출력 : > - , 스킨 : + , 스킨 : , 1라인이미지수 : , 라인 : , 폭 : From fd6a62c218de2fd583dc05404eb95fa06171651a Mon Sep 17 00:00:00 2001 From: whitedot Date: Tue, 29 Jan 2013 18:10:38 +0900 Subject: [PATCH 6/6] =?UTF-8?q?=EC=82=AC=EC=9A=A9=EC=9E=90:=20#215=20?= =?UTF-8?q?=EC=95=84=EC=9B=83=EB=A1=9C=EA=B7=B8=EC=9D=B8=20=ED=9A=8C?= =?UTF-8?q?=EC=9B=90=EC=95=84=EC=9D=B4=EB=94=94,=20=ED=8C=A8=EC=8A=A4?= =?UTF-8?q?=EC=9B=8C=EB=93=9C=20=EC=9E=85=EB=A0=A5=EC=B0=BD=20=EC=97=AC?= =?UTF-8?q?=EB=B0=B1=20=EC=84=A4=EC=A0=95=20=EC=B2=98=EB=A6=AC?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- css/default.css | 4 ++-- skin/outlogin/neo/outlogin.skin.1.php | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/css/default.css b/css/default.css index 7a43a20f7..3ad3b00d3 100644 --- a/css/default.css +++ b/css/default.css @@ -175,9 +175,9 @@ fieldset button {padding:0 15px;height:24px;border:0;background:#494949;color:#f .ol a {color:#000;text-decoration:none} #ol_before fieldset {position:relative} -#ol_id {display:block;margin:0 0 5px !important;margin:0 0 3px;width:188px;height:22px;border:1px solid #d1d1d1;background:#fff;line-height:1.6em} +#ol_id {display:block;margin:0 0 5px !important;margin:0 0 3px;padding:0 5px;width:178px;height:22px;border:1px solid #d1d1d1;background:#fff;line-height:1.6em} .ol_idlabel {position:absolute;top:6px;left:5px;color:#696969;font-size:0.9em} -#ol_pw {display:block;margin:0 0 5px !important;margin:0 0 3px;width:188px;height:22px;border:1px solid #d1d1d1;background:#fff;vertical-align:top;line-height:1.6em} +#ol_pw {display:block;margin:0 0 5px !important;margin:0 0 3px;padding:0 5px;width:178px;height:22px;border:1px solid #d1d1d1;background:#fff;vertical-align:top;line-height:1.6em} .ol_pwlabel {position:absolute;top:35px;left:5px;color:#696969;font-size:0.9em} #auto_login {} #auto_login_label {letter-spacing:-0.1em} diff --git a/skin/outlogin/neo/outlogin.skin.1.php b/skin/outlogin/neo/outlogin.skin.1.php index 81e43286b..bc93df792 100644 --- a/skin/outlogin/neo/outlogin.skin.1.php +++ b/skin/outlogin/neo/outlogin.skin.1.php @@ -27,7 +27,7 @@ if (!defined("_GNUBOARD_")) exit; // 개별 페이지 접근 불가 $omi = $('#ol_id'); $omp = $('#ol_pw'); $omp.css('display','inline-block'); -$omp.css('width',124); +$omp.css('width',114); $omi_label = $('#ol_idlabel'); $omp_label = $('#ol_pwlabel'); $omi_label.addClass('ol_idlabel');