From 2e3f53ed8a2f8ccd3adc1cea8b856d524676550a Mon Sep 17 00:00:00 2001 From: thisgun Date: Tue, 27 Oct 2020 16:34:39 +0900 Subject: [PATCH] =?UTF-8?q?=EC=9D=BC=EB=B6=80=20=EC=BD=94=EB=93=9C=20?= =?UTF-8?q?=ED=83=AD=20=EA=B0=84=EA=B2=A9=20=EC=A1=B0=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- common.php | 42 +++++++++++------------ lib/uri.lib.php | 90 ++++++++++++++++++++++++------------------------- 2 files changed, 66 insertions(+), 66 deletions(-) diff --git a/common.php b/common.php index 8100e85ca..fc22fb036 100644 --- a/common.php +++ b/common.php @@ -225,36 +225,36 @@ $config = get_config(true); // 본인인증 또는 쇼핑몰 사용시에만 secure; SameSite=None 로 설정합니다. if( $config['cf_cert_use'] || (defined('G5_YOUNGCART_VER') && G5_YOUNGCART_VER) ) { - // Chrome 80 버전부터 아래 이슈 대응 - // https://developers-kr.googleblog.com/2020/01/developers-get-ready-for-new.html?fbclid=IwAR0wnJFGd6Fg9_WIbQPK3_FxSSpFLqDCr9bjicXdzy--CCLJhJgC9pJe5ss - if(!function_exists('session_start_samesite')) { - function session_start_samesite($options = array()) - { + // Chrome 80 버전부터 아래 이슈 대응 + // https://developers-kr.googleblog.com/2020/01/developers-get-ready-for-new.html?fbclid=IwAR0wnJFGd6Fg9_WIbQPK3_FxSSpFLqDCr9bjicXdzy--CCLJhJgC9pJe5ss + if(!function_exists('session_start_samesite')) { + function session_start_samesite($options = array()) + { global $g5; - - $res = @session_start($options); - + + $res = @session_start($options); + // IE 브라우저 또는 엣지브라우저 또는 IOS 모바일과 http환경에서는 secure; SameSite=None을 설정하지 않습니다. if( preg_match('/Edge/i', $_SERVER['HTTP_USER_AGENT']) || preg_match('/(iPhone|iPod|iPad).*AppleWebKit.*Safari/i', $_SERVER['HTTP_USER_AGENT']) || preg_match('~MSIE|Internet Explorer~i', $_SERVER['HTTP_USER_AGENT']) || preg_match('~Trident/7.0(; Touch)?; rv:11.0~',$_SERVER['HTTP_USER_AGENT']) || ! (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS']=='on') ){ return $res; } - $headers = headers_list(); - krsort($headers); - foreach ($headers as $header) { - if (!preg_match('~^Set-Cookie: PHPSESSID=~', $header)) continue; - $header = preg_replace('~; secure(; HttpOnly)?$~', '', $header) . '; secure; SameSite=None'; - header($header, false); + $headers = headers_list(); + krsort($headers); + foreach ($headers as $header) { + if (!preg_match('~^Set-Cookie: PHPSESSID=~', $header)) continue; + $header = preg_replace('~; secure(; HttpOnly)?$~', '', $header) . '; secure; SameSite=None'; + header($header, false); $g5['session_cookie_samesite'] = 'none'; - break; - } - return $res; - } - } + break; + } + return $res; + } + } - session_start_samesite(); + session_start_samesite(); } else { - @session_start(); + @session_start(); } //============================================================================== diff --git a/lib/uri.lib.php b/lib/uri.lib.php index 6221fc865..ed889d711 100644 --- a/lib/uri.lib.php +++ b/lib/uri.lib.php @@ -16,13 +16,13 @@ function get_pretty_url($folder, $no='', $query_string='', $action='') return $url; } - // use shortten url - if($config['cf_bbs_rewrite']) { - + // use shortten url + if($config['cf_bbs_rewrite']) { + $segments[0] = G5_URL; if( $folder === 'content' && $no ){ // 내용관리 - + $segments[1] = $folder; if( $config['cf_bbs_rewrite'] > 1 ){ @@ -36,32 +36,32 @@ function get_pretty_url($folder, $no='', $query_string='', $action='') } else if(in_array($folder, $boards)) { // 게시판 - $segments[1] = $folder; + $segments[1] = $folder; - if($no) { + if($no) { if( $config['cf_bbs_rewrite'] > 1 ){ - $get_write = get_write( $g5['write_prefix'].$folder, $no , true); - - $segments[2] = $get_write['wr_seo_title'] ? urlencode($get_write['wr_seo_title']).'/' : urlencode($no); + $get_write = get_write( $g5['write_prefix'].$folder, $no , true); + + $segments[2] = $get_write['wr_seo_title'] ? urlencode($get_write['wr_seo_title']).'/' : urlencode($no); } else { $segments[2] = urlencode($no); } - } else if($action) { + } else if($action) { $segments[2] = urlencode($action); } - } else { + } else { $segments[1] = $folder; - if($no) { - $no_array = explode("=", $no); - $no_value = end($no_array); + if($no) { + $no_array = explode("=", $no); + $no_value = end($no_array); $segments[2] = urlencode($no_value); - } - } + } + } if($query_string) { // If the first character of the query string is '&', replace it with '?'. @@ -72,33 +72,33 @@ function get_pretty_url($folder, $no='', $query_string='', $action='') } } - } else { // don't use shortten url - if(in_array($folder, $boards)) { - $url = G5_BBS_URL. '/board.php?bo_table='. $folder; - if($no) { - $url .= '&wr_id='. $no; - } - if($query_string) { + } else { // don't use shortten url + if(in_array($folder, $boards)) { + $url = G5_BBS_URL. '/board.php?bo_table='. $folder; + if($no) { + $url .= '&wr_id='. $no; + } + if($query_string) { if(substr($query_string, 0, 1) !== '&') { $url .= '&'; } - $url .= $query_string; - } - } else { - $url = G5_BBS_URL. '/'.$folder.'.php'; + $url .= $query_string; + } + } else { + $url = G5_BBS_URL. '/'.$folder.'.php'; if($no) { - $url .= ($folder === 'content') ? '?co_id='. $no : '?'. $no; - } + $url .= ($folder === 'content') ? '?co_id='. $no : '?'. $no; + } if($query_string) { $url .= ($no ? '?' : '&'). $query_string; - } - } + } + } $segments[0] = $url; - } + } - return implode('/', $segments).$add_query; + return implode('/', $segments).$add_query; } function short_url_clean($string_url, $add_qry=''){ @@ -110,7 +110,7 @@ function short_url_clean($string_url, $add_qry=''){ $string_url = str_replace('&', '&', $string_url); $url=parse_url($string_url); $page_name = basename($url['path'],".php"); - + $array_page_names = run_replace('url_clean_page_names', array('board', 'write', 'content')); if( stripos(preg_replace('/^https?:/i', '', $string_url), preg_replace('/^https?:/i', '', G5_BBS_URL)) === false || ! in_array($page_name, $array_page_names) ){ //게시판이 아니면 리턴 @@ -119,19 +119,19 @@ function short_url_clean($string_url, $add_qry=''){ $return_url = ''; parse_str($url['query'], $vars); - - /* + + /* // 예) Array ( [scheme] => http [host] => sir.kr [path] => /bbs/board.php [query] => wr_id=1110870&bo_table=cm_free&cpage=1 [fragment] => c_1110946 ) - foreach($vars as $k => $v) { $page_name .= "/".$v; } - */ - + foreach($vars as $k => $v) { $page_name .= "/".$v; } + */ + if( $page_name === 'write' ){ $vars['action'] = 'write'; $allow_param_keys = array('bo_table'=>'', 'action'=>''); } else if( $page_name === 'content' ){ - $vars['action'] = 'content'; - $allow_param_keys = array('action'=>'', 'co_id'=>''); - } else { + $vars['action'] = 'content'; + $allow_param_keys = array('action'=>'', 'co_id'=>''); + } else { $allow_param_keys = array('bo_table'=>'', 'wr_id'=>''); } @@ -145,7 +145,7 @@ function short_url_clean($string_url, $add_qry=''){ if( $config['cf_bbs_rewrite'] > 1 && $page_name === 'board' && (isset($s['wr_id']) && $s['wr_id']) && (isset($s['bo_table']) && $s['bo_table']) ){ $get_write = get_write( get_write_table_name($s['bo_table']), $s['wr_id'], true); - + if( $get_write['wr_seo_title'] ){ unset($s['wr_id']); $s['wr_seo_title'] = urlencode($get_write['wr_seo_title']).'/'; @@ -175,8 +175,8 @@ function short_url_clean($string_url, $add_qry=''){ if( $add_qry ){ $add_param .= $add_param ? '&'.$add_qry : '?'.$add_qry; } - - foreach($s as $k => $v) { $return_url .= '/'.$v; } + + foreach($s as $k => $v) { $return_url .= '/'.$v; } return $host.$return_url.$add_param.$fragment; }