firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

Merge branch 'gnuboard:master' into master

Browse Source
This commit is contained in:
Hailey Kim
2022-06-21 18:06:23 +09:00
committed by GitHub
parent 958b9342b5 2366e8ebfb
commit 444c6d88c2
186 changed files with 8382 additions and 8125 deletions
Download Patch File Download Diff File Expand all files Collapse all files

0
README.md Normal file
View File

30
adm/_common.php
View File

@ -1,32 +1,10 @@
<?php
define('G5_IS_ADMIN', true);
include_once ('../common.php');
include_once(G5_ADMIN_PATH.'/admin.lib.php');
require_once '../common.php';
require_once G5_ADMIN_PATH . '/admin.lib.php';
if( isset($token) ){
if (isset($token)) {
$token = @htmlspecialchars(strip_tags($token), ENT_QUOTES);
}
if( ! function_exists('check_data_htaccess_file') ) {
function check_data_htaccess_file() {
$save_path = G5_DATA_PATH.'/.htaccess';
if( file_exists($save_path) && is_writable($save_path) ) {
$code = file_get_contents($save_path);
$add_code = 'RedirectMatch 403 /session/.*';
if( strpos($code, $add_code) === false ){
$fp = fopen($save_path, "ab");
flock( $fp, LOCK_EX );
fwrite( $fp, "\n\n" );
fwrite( $fp, $add_code );
fwrite( $fp, "\n\n" );
flock( $fp, LOCK_UN );
fclose($fp);
}
}
}
check_data_htaccess_file();
}
run_event('admin_common');
run_event('admin_common');

92
adm/_rewrite_config_form.php
View File

@ -1,5 +1,7 @@
<?php
if (!defined('_GNUBOARD_')) exit;
if (!defined('_GNUBOARD_')) {
exit;
}
$is_use_apache = (stripos($_SERVER['SERVER_SOFTWARE'], 'apache') !== false);
@ -11,29 +13,29 @@ $is_write_file = false;
$is_apache_need_rules = false;
$is_apache_rewrite = false;
if( !($is_use_apache || $is_use_nginx || $is_use_iis) ){ // 셋다 아니면 다 출력시킨다.
if (!($is_use_apache || $is_use_nginx || $is_use_iis)) { // 셋다 아니면 다 출력시킨다.
$is_use_apache = true;
$is_use_nginx = true;
}
if ( $is_use_nginx ){
if ($is_use_nginx) {
$is_write_file = false;
}
if ( $is_use_apache ){
$is_write_file = (is_writable(G5_PATH) || (file_exists(G5_PATH.'/.htaccess') && is_writable(G5_PATH.'/.htaccess'))) ? true : false;
if ($is_use_apache) {
$is_write_file = (is_writable(G5_PATH) || (file_exists(G5_PATH . '/.htaccess') && is_writable(G5_PATH . '/.htaccess'))) ? true : false;
$is_apache_need_rules = check_need_rewrite_rules();
$is_apache_rewrite = function_exists('apache_get_modules') && in_array('mod_rewrite', apache_get_modules());
}
$get_path_url = parse_url( G5_URL );
$get_path_url = parse_url(G5_URL);
$base_path = isset($get_path_url['path']) ? $get_path_url['path'].'/' : '/';
$base_path = isset($get_path_url['path']) ? $get_path_url['path'] . '/' : '/';
// add_stylesheet('css 구문', 출력순서); 숫자가 작을 수록 먼저 출력됨
add_stylesheet('<link rel="stylesheet" href="'.G5_JS_URL.'/remodal/remodal.css">', 11);
add_stylesheet('<link rel="stylesheet" href="'.G5_JS_URL.'/remodal/remodal-default-theme.css">', 12);
add_javascript('<script src="'.G5_JS_URL.'/remodal/remodal.js"></script>', 10);
add_stylesheet('<link rel="stylesheet" href="' . G5_JS_URL . '/remodal/remodal.css">', 11);
add_stylesheet('<link rel="stylesheet" href="' . G5_JS_URL . '/remodal/remodal-default-theme.css">', 12);
add_javascript('<script src="' . G5_JS_URL . '/remodal/remodal.js"></script>', 10);
?>
<section id="anc_cf_url">
<h2 class="h2_frm">짧은 주소 설정</h2>
@ -41,48 +43,48 @@ add_javascript('<script src="'.G5_JS_URL.'/remodal/remodal.js"></script>', 10);
<div class="local_desc02 local_desc">
<p>
게시판과 컨텐츠 페이지에 짧은 URL 을 사용합니다. <a href="https://sir.kr/manual/g5/286" class="btn btn_03" target="_blank" style="margin-left:10px">설정 관련 메뉴얼 보기</a>
<?php if( $is_use_apache && ! $is_use_nginx ){ ?>
<?php if( ! $is_apache_rewrite ){ ?>
<br><strong>Apache 서버인 경우 rewrite_module 이 비활성화 되어 있으면 짧은 주소를 사용할수 없습니다.</strong>
<?php } else if( ! $is_write_file && $is_apache_need_rules ) { // apache인 경우 ?>
<br><strong>짧은 주소 사용시 아래 Apache 설정 코드를 참고하여 설정해 주세요.</strong>
<?php if ($is_use_apache && !$is_use_nginx) { ?>
<?php if (!$is_apache_rewrite) { ?>
<br><strong>Apache 서버인 경우 rewrite_module 이 비활성화 되어 있으면 짧은 주소를 사용할수 없습니다.</strong>
<?php } elseif (!$is_write_file && $is_apache_need_rules) { // apache인 경우 ?>
<br><strong>짧은 주소 사용시 아래 Apache 설정 코드를 참고하여 설정해 주세요.</strong>
<?php } ?>
<?php } ?>
</p>
</div>
<div class="server_config_views">
<?php if ( $is_use_apache ){ ?>
<?php if ($is_use_apache) { ?>
<button type="button" data-remodal-target="modal_apache" class="btn btn_03">Apache 설정 코드 보기</button>
<?php } ?>
<?php if ( $is_use_nginx ) { ?>
<?php if ($is_use_nginx) { ?>
<button type="button" data-remodal-target="modal_nginx" class="btn btn_03">Nginx 설정 코드 보기</button>
<?php } ?>
</div>
<div class="tbl_frm01 tbl_wrap">
<table>
<caption>짧은주소 설정</caption>
<colgroup>
<col class="grid_4">
<col>
</colgroup>
<tbody>
<?php
$short_url_arrs = array(
'0'=>array('label'=>'사용안함', 'url'=>G5_URL.'/board.php?bo_table=free&wr_id=123'),
'1'=>array('label'=>'숫자', 'url'=>G5_URL.'/free/123'),
'2'=>array('label'=>'글 이름', 'url'=>G5_URL.'/free/안녕하세요/'),
);
foreach($short_url_arrs as $k=>$v){
$checked = ((int) $config['cf_bbs_rewrite'] === (int) $k) ? 'checked' : '';
?>
<tr>
<td><input name="cf_bbs_rewrite" id="cf_bbs_rewrite_<?php echo $k; ?>" type="radio" value="<?php echo $k; ?>" <?php echo $checked;?> ><label for="cf_bbs_rewrite_<?php echo $k; ?>" class="rules_label"><?php echo $v['label']; ?></label></td>
<td><?php echo $v['url']; ?></td>
</tr>
<?php } //end foreach ?>
</tbody>
<caption>짧은주소 설정</caption>
<colgroup>
<col class="grid_4">
<col>
</colgroup>
<tbody>
<?php
$short_url_arrs = array(
'0' => array('label' => '사용안함', 'url' => G5_URL . '/board.php?bo_table=free&wr_id=123'),
'1' => array('label' => '숫자', 'url' => G5_URL . '/free/123'),
'2' => array('label' => '글 이름', 'url' => G5_URL . '/free/안녕하세요/'),
);
foreach ($short_url_arrs as $k => $v) {
$checked = ((int) $config['cf_bbs_rewrite'] === (int) $k) ? 'checked' : '';
?>
<tr>
<td><input name="cf_bbs_rewrite" id="cf_bbs_rewrite_<?php echo $k; ?>" type="radio" value="<?php echo $k; ?>" <?php echo $checked; ?>><label for="cf_bbs_rewrite_<?php echo $k; ?>" class="rules_label"><?php echo $v['label']; ?></label></td>
<td><?php echo $v['url']; ?></td>
</tr>
<?php } //end foreach ?>
</tbody>
</table>
</div>
@ -95,13 +97,13 @@ add_javascript('<script src="'.G5_JS_URL.'/remodal/remodal.js"></script>', 10);
</button>
<h4 class="copy_title">.htaccess 파일에 적용할 코드입니다.
<?php if( ! $is_apache_rewrite ) { ?>
<br><span class="info-warning">Apache 서버인 경우 rewrite_module 이 비활성화 되어 있으면 짧은 주소를 사용할수 없습니다.</span>
<?php } else if ( ! $is_write_file && $is_apache_need_rules ) { ?>
<br><span class="info-warning">자동으로 .htaccess 파일을 수정 할수 있는 권한이 없습니다.<br>.htaccess 파일이 없다면 생성 후에, 아래 코드가 없으면 코드를 복사하여 붙여넣기 해 주세요.</span>
<?php } else if ( ! $is_apache_need_rules ){ ?>
<br><span class="info-success">정상적으로 적용된 상태입니다.</span>
<?php } ?>
<?php if (!$is_apache_rewrite) { ?>
<br><span class="info-warning">Apache 서버인 경우 rewrite_module 이 비활성화 되어 있으면 짧은 주소를 사용할수 없습니다.</span>
<?php } elseif (!$is_write_file && $is_apache_need_rules) { ?>
<br><span class="info-warning">자동으로 .htaccess 파일을 수정 할수 있는 권한이 없습니다.<br>.htaccess 파일이 없다면 생성 후에, 아래 코드가 없으면 코드를 복사하여 붙여넣기 해 주세요.</span>
<?php } elseif (!$is_apache_need_rules) { ?>
<br><span class="info-success">정상적으로 적용된 상태입니다.</span>
<?php } ?>
</h4>
<textarea readonly="readonly" rows="10"><?php echo get_mod_rewrite_rules(true); ?></textarea>
</div>

170
adm/admin.head.php
View File

@ -1,25 +1,29 @@
<?php
if (!defined('_GNUBOARD_')) exit;
if (!defined('_GNUBOARD_')) {
exit;
}
$g5_debug['php']['begin_time'] = $begin_time = get_microtime();
$files = glob(G5_ADMIN_PATH.'/css/admin_extend_*');
$files = glob(G5_ADMIN_PATH . '/css/admin_extend_*');
if (is_array($files)) {
foreach ((array) $files as $k=>$css_file) {
foreach ((array) $files as $k => $css_file) {
$fileinfo = pathinfo($css_file);
$ext = $fileinfo['extension'];
if( $ext !== 'css' ) continue;
if ($ext !== 'css') {
continue;
}
$css_file = str_replace(G5_ADMIN_PATH, G5_ADMIN_URL, $css_file);
add_stylesheet('<link rel="stylesheet" href="'.$css_file.'">', $k);
add_stylesheet('<link rel="stylesheet" href="' . $css_file . '">', $k);
}
}
include_once(G5_PATH.'/head.sub.php');
require_once G5_PATH . '/head.sub.php';
function print_menu1($key, $no='')
function print_menu1($key, $no = '')
{
global $menu;
@ -28,35 +32,39 @@ function print_menu1($key, $no='')
return $str;
}
function print_menu2($key, $no='')
function print_menu2($key, $no = '')
{
global $menu, $auth_menu, $is_admin, $auth, $g5, $sub_menu;
$str = "<ul>";
for($i=1; $i<count($menu[$key]); $i++)
{
if( ! isset($menu[$key][$i]) ){
for ($i = 1; $i < count($menu[$key]); $i++) {
if (!isset($menu[$key][$i])) {
continue;
}
if ($is_admin != 'super' && (!array_key_exists($menu[$key][$i][0],$auth) || !strstr($auth[$menu[$key][$i][0]], 'r')))
if ($is_admin != 'super' && (!array_key_exists($menu[$key][$i][0], $auth) || !strstr($auth[$menu[$key][$i][0]], 'r'))) {
continue;
}
$gnb_grp_div = $gnb_grp_style = '';
if (isset($menu[$key][$i][4])){
if (($menu[$key][$i][4] == 1 && $gnb_grp_style == false) || ($menu[$key][$i][4] != 1 && $gnb_grp_style == true)) $gnb_grp_div = 'gnb_grp_div';
if (isset($menu[$key][$i][4])) {
if (($menu[$key][$i][4] == 1 && $gnb_grp_style == false) || ($menu[$key][$i][4] != 1 && $gnb_grp_style == true)) {
$gnb_grp_div = 'gnb_grp_div';
}
if ($menu[$key][$i][4] == 1) $gnb_grp_style = 'gnb_grp_style';
if ($menu[$key][$i][4] == 1) {
$gnb_grp_style = 'gnb_grp_style';
}
}
$current_class = '';
if ($menu[$key][$i][0] == $sub_menu){
if ($menu[$key][$i][0] == $sub_menu) {
$current_class = ' on';
}
$str .= '<li data-menu="'.$menu[$key][$i][0].'"><a href="'.$menu[$key][$i][2].'" class="gnb_2da '.$gnb_grp_style.' '.$gnb_grp_div.$current_class.'">'.$menu[$key][$i][1].'</a></li>';
$str .= '<li data-menu="' . $menu[$key][$i][0] . '"><a href="' . $menu[$key][$i][2] . '" class="gnb_2da ' . $gnb_grp_style . ' ' . $gnb_grp_div . $current_class . '">' . $menu[$key][$i][1] . '</a></li>';
$auth_menu[$menu[$key][$i][0]] = $menu[$key][$i][1];
}
@ -66,12 +74,12 @@ function print_menu2($key, $no='')
}
$adm_menu_cookie = array(
'container' => '',
'gnb' => '',
'btn_gnb' => '',
'container' => '',
'gnb' => '',
'btn_gnb' => '',
);
if( ! empty($_COOKIE['g5_admin_btn_gnb']) ){
if (!empty($_COOKIE['g5_admin_btn_gnb'])) {
$adm_menu_cookie['container'] = 'container-small';
$adm_menu_cookie['gnb'] = 'gnb_small';
$adm_menu_cookie['btn_gnb'] = 'btn_gnb_open';
@ -79,26 +87,25 @@ if( ! empty($_COOKIE['g5_admin_btn_gnb']) ){
?>
<script>
var tempX = 0;
var tempY = 0;
var tempX = 0;
var tempY = 0;
function imageview(id, w, h)
{
function imageview(id, w, h) {
menu(id);
menu(id);
var el_id = document.getElementById(id);
var el_id = document.getElementById(id);
//submenu = eval(name+".style");
submenu = el_id.style;
submenu.left = tempX - ( w + 11 );
submenu.top = tempY - ( h / 2 );
//submenu = eval(name+".style");
submenu = el_id.style;
submenu.left = tempX - (w + 11);
submenu.top = tempY - (h / 2);
selectBoxVisible();
selectBoxVisible();
if (el_id.style.display != 'none')
selectBoxHidden(id);
}
if (el_id.style.display != 'none')
selectBoxHidden(id);
}
</script>
<div id="to_content"><a href="#container">본문 바로가기</a></div>
@ -106,13 +113,13 @@ function imageview(id, w, h)
<header id="hd">
<h1><?php echo $config['cf_title'] ?></h1>
<div id="hd_top">
<button type="button" id="btn_gnb" class="btn_gnb_close <?php echo $adm_menu_cookie['btn_gnb'];?>">메뉴</button>
<div id="logo"><a href="<?php echo correct_goto_url(G5_ADMIN_URL); ?>"><img src="<?php echo G5_ADMIN_URL ?>/img/logo.png" alt="<?php echo get_text($config['cf_title']); ?> 관리자"></a></div>
<button type="button" id="btn_gnb" class="btn_gnb_close <?php echo $adm_menu_cookie['btn_gnb']; ?>">메뉴</button>
<div id="logo"><a href="<?php echo correct_goto_url(G5_ADMIN_URL); ?>"><img src="<?php echo G5_ADMIN_URL ?>/img/logo.png" alt="<?php echo get_text($config['cf_title']); ?> 관리자"></a></div>
<div id="tnb">
<ul>
<?php if (defined('G5_USE_SHOP') && G5_USE_SHOP) { ?>
<li class="tnb_li"><a href="<?php echo G5_SHOP_URL ?>/" class="tnb_shop" target="_blank" title="쇼핑몰 바로가기">쇼핑몰 바로가기</a></li>
<li class="tnb_li"><a href="<?php echo G5_SHOP_URL ?>/" class="tnb_shop" target="_blank" title="쇼핑몰 바로가기">쇼핑몰 바로가기</a></li>
<?php } ?>
<li class="tnb_li"><a href="<?php echo G5_URL ?>/" class="tnb_community" target="_blank" title="커뮤니티 바로가기">커뮤니티 바로가기</a></li>
<li class="tnb_li"><a href="<?php echo G5_ADMIN_URL ?>/service.php" class="tnb_service">부가서비스</a></li>
@ -130,33 +137,34 @@ function imageview(id, w, h)
<ul class="gnb_ul">
<?php
$jj = 1;
foreach($amenu as $key=>$value) {
foreach ($amenu as $key => $value) {
$href1 = $href2 = '';
if (isset($menu['menu'.$key][0][2]) && $menu['menu'.$key][0][2]) {
$href1 = '<a href="'.$menu['menu'.$key][0][2].'" class="gnb_1da">';
if (isset($menu['menu' . $key][0][2]) && $menu['menu' . $key][0][2]) {
$href1 = '<a href="' . $menu['menu' . $key][0][2] . '" class="gnb_1da">';
$href2 = '</a>';
} else {
continue;
}
$current_class = "";
if (isset($sub_menu) && (substr($sub_menu, 0, 3) == substr($menu['menu'.$key][0][0], 0, 3)))
if (isset($sub_menu) && (substr($sub_menu, 0, 3) == substr($menu['menu' . $key][0][0], 0, 3))) {
$current_class = " on";
}
$button_title = $menu['menu'.$key][0][1];
$button_title = $menu['menu' . $key][0][1];
?>
<li class="gnb_li<?php echo $current_class;?>">
<button type="button" class="btn_op menu-<?php echo $key; ?> menu-order-<?php echo $jj; ?>" title="<?php echo $button_title; ?>"><?php echo $button_title;?></button>
<div class="gnb_oparea_wr">
<div class="gnb_oparea">
<h3><?php echo $menu['menu'.$key][0][1];?></h3>
<?php echo print_menu1('menu'.$key, 1); ?>
<li class="gnb_li<?php echo $current_class; ?>">
<button type="button" class="btn_op menu-<?php echo $key; ?> menu-order-<?php echo $jj; ?>" title="<?php echo $button_title; ?>"><?php echo $button_title; ?></button>
<div class="gnb_oparea_wr">
<div class="gnb_oparea">
<h3><?php echo $menu['menu' . $key][0][1]; ?></h3>
<?php echo print_menu1('menu' . $key, 1); ?>
</div>
</div>
</div>
</li>
</li>
<?php
$jj++;
$jj++;
} //end foreach
?>
</ul>
@ -164,39 +172,37 @@ function imageview(id, w, h)
</header>
<script>
jQuery(function($){
jQuery(function($) {
var menu_cookie_key = 'g5_admin_btn_gnb';
var menu_cookie_key = 'g5_admin_btn_gnb';
$(".tnb_mb_btn").click(function(){
$(".tnb_mb_area").toggle();
});
$(".tnb_mb_btn").click(function() {
$(".tnb_mb_area").toggle();
});
$("#btn_gnb").click(function(){
var $this = $(this);
$("#btn_gnb").click(function() {
try {
if( ! $this.hasClass("btn_gnb_open") ){
set_cookie(menu_cookie_key, 1, 60*60*24*365);
} else {
delete_cookie(menu_cookie_key);
}
}
catch(err) {
}
var $this = $(this);
$("#container").toggleClass("container-small");
$("#gnb").toggleClass("gnb_small");
$this.toggleClass("btn_gnb_open");
try {
if (!$this.hasClass("btn_gnb_open")) {
set_cookie(menu_cookie_key, 1, 60 * 60 * 24 * 365);
} else {
delete_cookie(menu_cookie_key);
}
} catch (err) {}
$("#container").toggleClass("container-small");
$("#gnb").toggleClass("gnb_small");
$this.toggleClass("btn_gnb_open");
});
$(".gnb_ul li .btn_op").click(function() {
$(this).parent().addClass("on").siblings().removeClass("on");
});
});
$(".gnb_ul li .btn_op" ).click(function() {
$(this).parent().addClass("on").siblings().removeClass("on");
});
});
</script>

425
adm/admin.lib.php
View File

@ -1,5 +1,7 @@
<?php
if (!defined('_GNUBOARD_')) exit;
if (!defined('_GNUBOARD_')) {
exit;
}
/*
// 081022 : CSRF 방지를 위해 코드를 작성했으나 효과가 없어 주석처리 함
@ -10,17 +12,17 @@ if (!get_session('ss_admin')) {
*/
// 스킨디렉토리를 SELECT 형식으로 얻음
function get_skin_select($skin_gubun, $id, $name, $selected='', $event='')
function get_skin_select($skin_gubun, $id, $name, $selected = '', $event = '')
{
global $config;
$skins = array();
if(defined('G5_THEME_PATH') && $config['cf_theme']) {
$dirs = get_skin_dir($skin_gubun, G5_THEME_PATH.'/'.G5_SKIN_DIR);
if(!empty($dirs)) {
foreach($dirs as $dir) {
$skins[] = 'theme/'.$dir;
if (defined('G5_THEME_PATH') && $config['cf_theme']) {
$dirs = get_skin_dir($skin_gubun, G5_THEME_PATH . '/' . G5_SKIN_DIR);
if (!empty($dirs)) {
foreach ($dirs as $dir) {
$skins[] = 'theme/' . $dir;
}
}
}
@ -28,12 +30,15 @@ function get_skin_select($skin_gubun, $id, $name, $selected='', $event='')
$skins = array_merge($skins, get_skin_dir($skin_gubun));
$str = "<select id=\"$id\" name=\"$name\" $event>\n";
for ($i=0; $i<count($skins); $i++) {
if ($i == 0) $str .= "<option value=\"\">선택</option>";
if(preg_match('#^theme/(.+)$#', $skins[$i], $match))
$text = '(테마) '.$match[1];
else
for ($i = 0; $i < count($skins); $i++) {
if ($i == 0) {
$str .= "<option value=\"\">선택</option>";
}
if (preg_match('#^theme/(.+)$#', $skins[$i], $match)) {
$text = '(테마) ' . $match[1];
} else {
$text = $skins[$i];
}
$str .= option_selected($skins[$i], $selected, $text);
}
@ -42,30 +47,33 @@ function get_skin_select($skin_gubun, $id, $name, $selected='', $event='')
}
// 모바일 스킨디렉토리를 SELECT 형식으로 얻음
function get_mobile_skin_select($skin_gubun, $id, $name, $selected='', $event='')
function get_mobile_skin_select($skin_gubun, $id, $name, $selected = '', $event = '')
{
global $config;
$skins = array();
if(defined('G5_THEME_PATH') && $config['cf_theme']) {
$dirs = get_skin_dir($skin_gubun, G5_THEME_MOBILE_PATH.'/'.G5_SKIN_DIR);
if(!empty($dirs)) {
foreach($dirs as $dir) {
$skins[] = 'theme/'.$dir;
if (defined('G5_THEME_PATH') && $config['cf_theme']) {
$dirs = get_skin_dir($skin_gubun, G5_THEME_MOBILE_PATH . '/' . G5_SKIN_DIR);
if (!empty($dirs)) {
foreach ($dirs as $dir) {
$skins[] = 'theme/' . $dir;
}
}
}
$skins = array_merge($skins, get_skin_dir($skin_gubun, G5_MOBILE_PATH.'/'.G5_SKIN_DIR));
$skins = array_merge($skins, get_skin_dir($skin_gubun, G5_MOBILE_PATH . '/' . G5_SKIN_DIR));
$str = "<select id=\"$id\" name=\"$name\" $event>\n";
for ($i=0; $i<count($skins); $i++) {
if ($i == 0) $str .= "<option value=\"\">선택</option>";
if(preg_match('#^theme/(.+)$#', $skins[$i], $match))
$text = '(테마) '.$match[1];
else
for ($i = 0; $i < count($skins); $i++) {
if ($i == 0) {
$str .= "<option value=\"\">선택</option>";
}
if (preg_match('#^theme/(.+)$#', $skins[$i], $match)) {
$text = '(테마) ' . $match[1];
} else {
$text = $skins[$i];
}
$str .= option_selected($skins[$i], $selected, $text);
}
@ -75,21 +83,26 @@ function get_mobile_skin_select($skin_gubun, $id, $name, $selected='', $event=''
// 스킨경로를 얻는다
function get_skin_dir($skin, $skin_path=G5_SKIN_PATH)
function get_skin_dir($skin, $skin_path = G5_SKIN_PATH)
{
global $g5;
$result_array = array();
$dirname = $skin_path.'/'.$skin.'/';
if(!is_dir($dirname))
$dirname = $skin_path . '/' . $skin . '/';
if (!is_dir($dirname)) {
return array();
}
$handle = opendir($dirname);
while ($file = readdir($handle)) {
if($file == '.'||$file == '..') continue;
if ($file == '.' || $file == '..') {
continue;
}
if (is_dir($dirname.$file)) $result_array[] = $file;
if (is_dir($dirname . $file)) {
$result_array[] = $file;
}
}
closedir($handle);
sort($result_array);
@ -103,15 +116,18 @@ function get_theme_dir()
{
$result_array = array();
$dirname = G5_PATH.'/'.G5_THEME_DIR.'/';
$dirname = G5_PATH . '/' . G5_THEME_DIR . '/';
$handle = opendir($dirname);
while ($file = readdir($handle)) {
if($file == '.'||$file == '..') continue;
if ($file == '.' || $file == '..') {
continue;
}
if (is_dir($dirname.$file)) {
$theme_path = $dirname.$file;
if(is_file($theme_path.'/index.php') && is_file($theme_path.'/head.php') && is_file($theme_path.'/tail.php'))
if (is_dir($dirname . $file)) {
$theme_path = $dirname . $file;
if (is_file($theme_path . '/index.php') && is_file($theme_path . '/head.php') && is_file($theme_path . '/tail.php')) {
$result_array[] = $file;
}
}
}
closedir($handle);
@ -125,21 +141,23 @@ function get_theme_dir()
function get_theme_info($dir)
{
$info = array();
$path = G5_PATH.'/'.G5_THEME_DIR.'/'.$dir;
$path = G5_PATH . '/' . G5_THEME_DIR . '/' . $dir;
if(is_dir($path)) {
$screenshot = $path.'/screenshot.png';
if(is_file($screenshot)) {
if (is_dir($path)) {
$screenshot = $path . '/screenshot.png';
$screenshot_url = '';
if (is_file($screenshot)) {
$size = @getimagesize($screenshot);
if($size[2] == 3)
if ($size[2] == 3) {
$screenshot_url = str_replace(G5_PATH, G5_URL, $screenshot);
}
}
$info['screenshot'] = $screenshot_url;
$text = $path.'/readme.txt';
if(is_file($text)) {
$text = $path . '/readme.txt';
if (is_file($text)) {
$content = file($text, false);
$content = array_map('trim', $content);
@ -162,8 +180,9 @@ function get_theme_info($dir)
$info['license_uri'] = trim($m7[1]);
}
if(!$info['theme_name'])
if (!$info['theme_name']) {
$info['theme_name'] = $dir;
}
}
return $info;
@ -171,19 +190,19 @@ function get_theme_info($dir)
// 테마설정 정보
function get_theme_config_value($dir, $key='*')
function get_theme_config_value($dir, $key = '*')
{
$tconfig = array();
$theme_config_file = G5_PATH.'/'.G5_THEME_DIR.'/'.$dir.'/theme.config.php';
if(is_file($theme_config_file)) {
include($theme_config_file);
if($key == '*') {
$theme_config_file = G5_PATH . '/' . G5_THEME_DIR . '/' . $dir . '/theme.config.php';
if (is_file($theme_config_file)) {
include $theme_config_file;
// 22.05.26 Undefined Variable $theme_config;
if ($key == '*') {
$tconfig = $theme_config;
} else {
$keys = array_map('trim', explode(',', $key));
foreach($keys as $v) {
foreach ($keys as $v) {
$tconfig[$v] = isset($theme_config[$v]) ? trim($theme_config[$v]) : '';
}
}
@ -194,17 +213,20 @@ function get_theme_config_value($dir, $key='*')
// 회원권한을 SELECT 형식으로 얻음
function get_member_level_select($name, $start_id=0, $end_id=10, $selected="", $event="")
function get_member_level_select($name, $start_id = 0, $end_id = 10, $selected = "", $event = "")
{
global $g5;
$str = "\n<select id=\"{$name}\" name=\"{$name}\"";
if ($event) $str .= " $event";
if ($event) {
$str .= " $event";
}
$str .= ">\n";
for ($i=$start_id; $i<=$end_id; $i++) {
$str .= '<option value="'.$i.'"';
if ($i == $selected)
for ($i = $start_id; $i <= $end_id; $i++) {
$str .= '<option value="' . $i . '"';
if ($i == $selected) {
$str .= ' selected="selected"';
}
$str .= ">{$i}</option>\n";
}
$str .= "</select>\n";
@ -213,44 +235,48 @@ function get_member_level_select($name, $start_id=0, $end_id=10, $selected="", $
// 회원아이디를 SELECT 형식으로 얻음
function get_member_id_select($name, $level, $selected="", $event="")
function get_member_id_select($name, $level, $selected = "", $event = "")
{
global $g5;
$sql = " select mb_id from {$g5['member_table']} where mb_level >= '{$level}' ";
$result = sql_query($sql);
$str = '<select id="'.$name.'" name="'.$name.'" '.$event.'><option value="">선택안함</option>';
for ($i=0; $row=sql_fetch_array($result); $i++)
{
$str .= '<option value="'.$row['mb_id'].'"';
if ($row['mb_id'] == $selected) $str .= ' selected';
$str .= '>'.$row['mb_id'].'</option>';
$str = '<select id="' . $name . '" name="' . $name . '" ' . $event . '><option value="">선택안함</option>';
for ($i = 0; $row = sql_fetch_array($result); $i++) {
$str .= '<option value="' . $row['mb_id'] . '"';
if ($row['mb_id'] == $selected) {
$str .= ' selected';
}
$str .= '>' . $row['mb_id'] . '</option>';
}
$str .= '</select>';
return $str;
}
// php8 버전 호환 권한 검사 함수
function auth_check_menu($auth, $sub_menu, $attr, $return=false) {
function auth_check_menu($auth, $sub_menu, $attr, $return = false)
{
$check_auth = isset($auth[$sub_menu]) ? $auth[$sub_menu] : '';
return auth_check($check_auth, $attr, $return);
}
// 권한 검사
function auth_check($auth, $attr, $return=false)
function auth_check($auth, $attr, $return = false)
{
global $is_admin;
if ($is_admin == 'super') return;
if ($is_admin == 'super') {
return;
}
if (!trim($auth)) {
$msg = '이 메뉴에는 접근 권한이 없습니다.\\n\\n접근 권한은 최고관리자만 부여할 수 있습니다.';
if($return)
if ($return) {
return $msg;
else
} else {
alert($msg);
}
}
$attr = strtolower($attr);
@ -258,44 +284,49 @@ function auth_check($auth, $attr, $return=false)
if (!strstr($auth, $attr)) {
if ($attr == 'r') {
$msg = '읽을 권한이 없습니다.';
if($return)
if ($return) {
return $msg;
else
} else {
alert($msg);
}
} else if ($attr == 'w') {
$msg = '입력, 추가, 생성, 수정 권한이 없습니다.';
if($return)
if ($return) {
return $msg;
else
} else {
alert($msg);
}
} else if ($attr == 'd') {
$msg = '삭제 권한이 없습니다.';
if($return)
if ($return) {
return $msg;
else
} else {
alert($msg);
}
} else {
$msg = '속성이 잘못 되었습니다.';
if($return)
if ($return) {
return $msg;
else
} else {
alert($msg);
}
}
}
}
// 작업아이콘 출력
function icon($act, $link='', $target='_parent')
function icon($act, $link = '', $target = '_parent')
{
global $g5;
$img = array('입력'=>'insert', '추가'=>'insert', '생성'=>'insert', '수정'=>'modify', '삭제'=>'delete', '이동'=>'move', '그룹'=>'move', '보기'=>'view', '미리보기'=>'view', '복사'=>'copy');
$icon = '<img src="'.G5_ADMIN_PATH.'/img/icon_'.$img[$act].'.gif" title="'.$act.'">';
if ($link)
$s = '<a href="'.$link.'">'.$icon.'</a>';
else
$img = array('입력' => 'insert', '추가' => 'insert', '생성' => 'insert', '수정' => 'modify', '삭제' => 'delete', '이동' => 'move', '그룹' => 'move', '보기' => 'view', '미리보기' => 'view', '복사' => 'copy');
$icon = '<img src="' . G5_ADMIN_PATH . '/img/icon_' . $img[$act] . '.gif" title="' . $act . '">';
if ($link) {
$s = '<a href="' . $link . '">' . $icon . '</a>';
} else {
$s = $icon;
}
return $s;
}
@ -307,9 +338,10 @@ function rm_rf($file)
if (file_exists($file)) {
if (is_dir($file)) {
$handle = opendir($file);
while($filename = readdir($handle)) {
if ($filename != '.' && $filename != '..')
rm_rf($file.'/'.$filename);
while ($filename = readdir($handle)) {
if ($filename != '.' && $filename != '..') {
rm_rf($file . '/' . $filename);
}
}
closedir($handle);
@ -323,21 +355,21 @@ function rm_rf($file)
}
// 입력 폼 안내문
function help($help="")
function help($help = "")
{
global $g5;
$str = '<span class="frm_info">'.str_replace("\n", "<br>", $help).'</span>';
$str = '<span class="frm_info">' . str_replace("\n", "<br>", $help) . '</span>';
return $str;
}
// 출력순서
function order_select($fld, $sel='')
function order_select($fld, $sel = '')
{
$s = '<select name="'.$fld.'" id="'.$fld.'">';
for ($i=1; $i<=100; $i++) {
$s .= '<option value="'.$i.'" ';
$s = '<select name="' . $fld . '" id="' . $fld . '">';
for ($i = 1; $i <= 100; $i++) {
$s .= '<option value="' . $i . '" ';
if ($sel) {
if ($i == $sel) {
$s .= 'selected';
@ -347,7 +379,7 @@ function order_select($fld, $sel='')
$s .= 'selected';
}
}
$s .= '>'.$i.'</option>';
$s .= '>' . $i . '</option>';
}
$s .= '</select>';
@ -364,11 +396,12 @@ function get_admin_token()
}
// 관리자가 자동등록방지를 사용해야 할 경우
function get_admin_captcha_by($type='get'){
function get_admin_captcha_by($type = 'get')
{
$captcha_name = 'ss_admin_use_captcha';
if($type === 'remove'){
if ($type === 'remove') {
set_session($captcha_name, '');
}
@ -376,9 +409,10 @@ function get_admin_captcha_by($type='get'){
}
//input value 에서 xss 공격 filter 역할을 함 ( 반드시 input value='' 타입에만 사용할것 )
function get_sanitize_input($s, $is_html=false){
function get_sanitize_input($s, $is_html = false)
{
if(!$is_html){
if (!$is_html) {
$s = strip_tags($s);
}
@ -387,50 +421,51 @@ function get_sanitize_input($s, $is_html=false){
return $s;
}
function check_log_folder($log_path, $is_delete=true){
function check_log_folder($log_path, $is_delete = true)
{
if( is_writable($log_path) ){
if (is_writable($log_path)) {
// 아파치 서버인 경우 웹에서 해당 폴더 접근 막기
$htaccess_file = $log_path.'/.htaccess';
if ( !file_exists( $htaccess_file ) ) {
if ( $handle = @fopen( $htaccess_file, 'w' ) ) {
fwrite( $handle, 'Order deny,allow' . "\n" );
fwrite( $handle, 'Deny from all' . "\n" );
fclose( $handle );
$htaccess_file = $log_path . '/.htaccess';
if (!file_exists($htaccess_file)) {
if ($handle = @fopen($htaccess_file, 'w')) {
fwrite($handle, 'Order deny,allow' . "\n");
fwrite($handle, 'Deny from all' . "\n");
fclose($handle);
}
}
// 아파치 서버인 경우 해당 디렉토리 파일 목록 안보이게 하기
$index_file = $log_path . '/index.php';
if ( !file_exists( $index_file ) ) {
if ( $handle = @fopen( $index_file, 'w' ) ) {
fwrite( $handle, '' );
fclose( $handle );
if (!file_exists($index_file)) {
if ($handle = @fopen($index_file, 'w')) {
fwrite($handle, '');
fclose($handle);
}
}
}
if( $is_delete ) {
try {
// txt 파일과 log 파일을 조회하여 30일이 지난 파일은 삭제합니다.
$txt_files = glob($log_path.'/*.txt');
$log_files = glob($log_path.'/*.log');
$del_files = array_merge($txt_files, $log_files);
if( $del_files && is_array($del_files) ){
foreach ($del_files as $del_file) {
$filetime = filemtime($del_file);
// 30일이 지난 파일을 삭제
if($filetime && $filetime < (G5_SERVER_TIME - 2592000)) {
@unlink($del_file);
}
}
}
} catch(Exception $e) {
}
}
if ($is_delete) {
try {
// txt 파일과 log 파일을 조회하여 30일이 지난 파일은 삭제합니다.
$txt_files = glob($log_path . '/*.txt');
$log_files = glob($log_path . '/*.log');
$del_files = array_merge($txt_files, $log_files);
if ($del_files && is_array($del_files)) {
foreach ($del_files as $del_file) {
$filetime = filemtime($del_file);
// 30일이 지난 파일을 삭제
if ($filetime && $filetime < (G5_SERVER_TIME - 2592000)) {
@unlink($del_file);
}
}
}
} catch (Exception $e) {
}
}
}
// POST로 넘어온 토큰과 세션에 저장된 토큰 비교
@ -439,23 +474,25 @@ function check_admin_token()
$token = get_session('ss_admin_token');
set_session('ss_admin_token', '');
if(!$token || !$_REQUEST['token'] || $token != $_REQUEST['token'])
if (!$token || !$_REQUEST['token'] || $token != $_REQUEST['token']) {
alert('올바른 방법으로 이용해 주십시오.', G5_URL);
}
return true;
}
// 관리자 페이지 referer 체크
function admin_referer_check($return=false)
function admin_referer_check($return = false)
{
$referer = isset($_SERVER['HTTP_REFERER']) ? trim($_SERVER['HTTP_REFERER']) : '';
if(!$referer) {
if (!$referer) {
$msg = '정보가 올바르지 않습니다.';
if($return)
if ($return) {
return $msg;
else
} else {
alert($msg, G5_URL);
}
}
$p = @parse_url($referer);
@ -463,16 +500,16 @@ function admin_referer_check($return=false)
$host = preg_replace('/:[0-9]+$/', '', $_SERVER['HTTP_HOST']);
$msg = '';
if($host != $p['host']) {
if ($host != $p['host']) {
$msg = '올바른 방법으로 이용해 주십시오.';
}
if( $p['path'] && ! preg_match( '/\/'.preg_quote(G5_ADMIN_DIR).'\//i', $p['path'] ) ){
if ($p['path'] && !preg_match('/\/' . preg_quote(G5_ADMIN_DIR) . '\//i', $p['path'])) {
$msg = '올바른 방법으로 이용해 주십시오';
}
if( $msg ){
if($return) {
if ($msg) {
if ($return) {
return $msg;
} else {
alert($msg, G5_URL);
@ -480,17 +517,22 @@ function admin_referer_check($return=false)
}
}
function admin_check_xss_params($params){
function admin_check_xss_params($params)
{
if( ! $params ) return;
if (!$params) {
return;
}
foreach( $params as $key=>$value ){
foreach ($params as $key => $value) {
if ( empty($value) ) continue;
if (empty($value)) {
continue;
}
if( is_array($value) ){
if (is_array($value)) {
admin_check_xss_params($value);
} else if ( (preg_match('/<\s?[^\>]*\/?\s?>/i', $value) && (preg_match('/script.*?\/script/ius', $value) || preg_match('/[onload|onerror]=.*/ius', $value))) || preg_match('/^(?=.*token\()(?=.*xmlhttprequest\()(?=.*send\().*$/im', $value) || (preg_match('/[onload|onerror|focus]=.*/ius', $value) && preg_match('/(eval|expression|exec|prompt)(\s*)\((.*)\)/ius', $value)) ){
} else if ((preg_match('/<\s?[^\>]*\/?\s?>/i', $value) && (preg_match('/script.*?\/script/ius', $value) || preg_match('/[onload|onerror]=.*/ius', $value))) || preg_match('/^(?=.*token\()(?=.*xmlhttprequest\()(?=.*send\().*$/im', $value) || (preg_match('/[onload|onerror|focus]=.*/ius', $value) && preg_match('/(eval|expression|exec|prompt)(\s*)\((.*)\)/ius', $value))) {
alert('요청 쿼리에 잘못된 스크립트문장이 있습니다.\\nXSS 공격일수도 있습니다.', G5_URL);
die();
}
@ -499,31 +541,38 @@ function admin_check_xss_params($params){
return;
}
function admin_menu_find_by($call, $search_key){
function admin_menu_find_by($call, $search_key)
{
global $menu;
static $cache_menu = array();
if( empty($cache_menu) ){
foreach( $menu as $k1=>$arr1 ){
if (empty($arr1) ) continue;
foreach( $arr1 as $k2=>$arr2 ){
if (empty($arr2) ) continue;
static $cache_menu = array();
if (empty($cache_menu)) {
foreach ($menu as $k1 => $arr1) {
if (empty($arr1)) {
continue;
}
foreach ($arr1 as $k2 => $arr2) {
if (empty($arr2)) {
continue;
}
$menu_key = isset($arr2[3]) ? $arr2[3] : '';
if (empty($menu_key) ) continue;
if (empty($menu_key)) {
continue;
}
$cache_menu[$menu_key] = array(
'sub_menu'=>$arr2[0],
'title'=>$arr2[1],
'link'=>$arr2[2],
);
'sub_menu' => $arr2[0],
'title' => $arr2[1],
'link' => $arr2[2],
);
}
}
}
if( isset($cache_menu[$call]) && isset($cache_menu[$call][$search_key]) ){
if (isset($cache_menu[$call]) && isset($cache_menu[$call][$search_key])) {
return $cache_menu[$call][$search_key];
}
@ -531,22 +580,17 @@ function admin_menu_find_by($call, $search_key){
}
// 접근 권한 검사
if (!$member['mb_id'])
{
alert('로그인 하십시오.', G5_BBS_URL.'/login.php?url=' . urlencode(correct_goto_url(G5_ADMIN_URL)));
}
else if ($is_admin != 'super')
{
if (!$member['mb_id']) {
alert('로그인 하십시오.', G5_BBS_URL . '/login.php?url=' . urlencode(correct_goto_url(G5_ADMIN_URL)));
} else if ($is_admin != 'super') {
$auth = array();
$sql = " select au_menu, au_auth from {$g5['auth_table']} where mb_id = '{$member['mb_id']}' ";
$result = sql_query($sql);
for($i=0; $row=sql_fetch_array($result); $i++)
{
for ($i = 0; $row = sql_fetch_array($result); $i++) {
$auth[$row['au_menu']] = $row['au_auth'];
}
if (!$i)
{
if (!$i) {
alert('최고관리자 또는 관리권한이 있는 회원만 접근 가능합니다.', G5_URL);
}
}
@ -557,14 +601,14 @@ if (get_session('ss_mb_key') !== $admin_key) {
session_destroy();
include_once(G5_LIB_PATH.'/mailer.lib.php');
include_once G5_LIB_PATH . '/mailer.lib.php';
// 메일 알림
mailer($member['mb_nick'], $member['mb_email'], $member['mb_email'], 'XSS 공격 알림', $_SERVER['REMOTE_ADDR'].' 아이피로 XSS 공격이 있었습니다.<br><br>관리자 권한을 탈취하려는 접근이므로 주의하시기 바랍니다.<br><br>해당 아이피는 차단하시고 의심되는 게시물이 있는지 확인하시기 바랍니다.'.G5_URL, 0);
mailer($member['mb_nick'], $member['mb_email'], $member['mb_email'], 'XSS 공격 알림', $_SERVER['REMOTE_ADDR'] . ' 아이피로 XSS 공격이 있었습니다.<br><br>관리자 권한을 탈취하려는 접근이므로 주의하시기 바랍니다.<br><br>해당 아이피는 차단하시고 의심되는 게시물이 있는지 확인하시기 바랍니다.' . G5_URL, 0);
alert_close('정상적으로 로그인하여 접근하시기 바랍니다.');
}
if(isset($auth) && is_array($auth)) {
if (isset($auth) && is_array($auth)) {
@ksort($auth);
} else {
$auth = array();
@ -577,33 +621,44 @@ unset($amenu);
$tmp = dir(G5_ADMIN_PATH);
$menu_files = array();
while ($entry = $tmp->read()) {
if (!preg_match('/^admin.menu([0-9]{3}).*\.php$/', $entry, $m))
if (!preg_match('/^admin.menu([0-9]{3}).*\.php$/', $entry, $m)) {
continue; // 파일명이 menu 으로 시작하지 않으면 무시한다.
}
$amenu[$m[1]] = $entry;
$menu_files[] = G5_ADMIN_PATH.'/'.$entry;
$menu_files[] = G5_ADMIN_PATH . '/' . $entry;
}
@asort($menu_files);
foreach($menu_files as $file){
include_once($file);
foreach ($menu_files as $file) {
include_once $file;
}
@ksort($amenu);
$amenu = run_replace('admin_amenu', $amenu);
if( isset($menu) && $menu ){
$menu = run_replace('admin_menu', $menu);
if (isset($menu) && $menu) {
$menu = run_replace('admin_menu', $menu);
}
$arr_query = array();
if (isset($sst)) $arr_query[] = 'sst='.$sst;
if (isset($sod)) $arr_query[] = 'sod='.$sod;
if (isset($sfl)) $arr_query[] = 'sfl='.$sfl;
if (isset($stx)) $arr_query[] = 'stx='.$stx;
if (isset($page)) $arr_query[] = 'page='.$page;
if (isset($sst)) {
$arr_query[] = 'sst=' . $sst;
}
if (isset($sod)) {
$arr_query[] = 'sod=' . $sod;
}
if (isset($sfl)) {
$arr_query[] = 'sfl=' . $sfl;
}
if (isset($stx)) {
$arr_query[] = 'stx=' . $stx;
}
if (isset($page)) {
$arr_query[] = 'page=' . $page;
}
$qstr = implode("&amp;", $arr_query);
if ( isset($_REQUEST) && $_REQUEST ){
if( admin_referer_check(true) ){
if (isset($_REQUEST) && $_REQUEST) {
if (admin_referer_check(true)) {
admin_check_xss_params($_REQUEST);
}
}

36
adm/admin.menu100.php
View File

@ -1,23 +1,23 @@
<?php
$menu['menu100'] = array (
array('100000', '환경설정', G5_ADMIN_URL.'/config_form.php', 'config'),
array('100100', '기본환경설정', G5_ADMIN_URL.'/config_form.php', 'cf_basic'),
array('100200', '관리권한설정', G5_ADMIN_URL.'/auth_list.php', 'cf_auth'),
array('100280', '테마설정', G5_ADMIN_URL.'/theme.php', 'cf_theme', 1),
array('100290', '메뉴설정', G5_ADMIN_URL.'/menu_list.php', 'cf_menu', 1),
array('100300', '메일 테스트', G5_ADMIN_URL.'/sendmail_test.php', 'cf_mailtest'),
array('100310', '팝업레이어관리', G5_ADMIN_URL.'/newwinlist.php', 'scf_poplayer'),
array('100800', '세션파일 일괄삭제',G5_ADMIN_URL.'/session_file_delete.php', 'cf_session', 1),
array('100900', '캐시파일 일괄삭제',G5_ADMIN_URL.'/cache_file_delete.php', 'cf_cache', 1),
array('100910', '캡챠파일 일괄삭제',G5_ADMIN_URL.'/captcha_file_delete.php', 'cf_captcha', 1),
array('100920', '썸네일파일 일괄삭제',G5_ADMIN_URL.'/thumbnail_file_delete.php', 'cf_thumbnail', 1),
array('100500', 'phpinfo()', G5_ADMIN_URL.'/phpinfo.php', 'cf_phpinfo')
$menu['menu100'] = array(
array('100000', '환경설정', G5_ADMIN_URL . '/config_form.php', 'config'),
array('100100', '기본환경설정', G5_ADMIN_URL . '/config_form.php', 'cf_basic'),
array('100200', '관리권한설정', G5_ADMIN_URL . '/auth_list.php', 'cf_auth'),
array('100280', '테마설정', G5_ADMIN_URL . '/theme.php', 'cf_theme', 1),
array('100290', '메뉴설정', G5_ADMIN_URL . '/menu_list.php', 'cf_menu', 1),
array('100300', '메일 테스트', G5_ADMIN_URL . '/sendmail_test.php', 'cf_mailtest'),
array('100310', '팝업레이어관리', G5_ADMIN_URL . '/newwinlist.php', 'scf_poplayer'),
array('100800', '세션파일 일괄삭제', G5_ADMIN_URL . '/session_file_delete.php', 'cf_session', 1),
array('100900', '캐시파일 일괄삭제', G5_ADMIN_URL . '/cache_file_delete.php', 'cf_cache', 1),
array('100910', '캡챠파일 일괄삭제', G5_ADMIN_URL . '/captcha_file_delete.php', 'cf_captcha', 1),
array('100920', '썸네일파일 일괄삭제', G5_ADMIN_URL . '/thumbnail_file_delete.php', 'cf_thumbnail', 1),
array('100500', 'phpinfo()', G5_ADMIN_URL . '/phpinfo.php', 'cf_phpinfo')
);
if(version_compare(phpversion(), '5.3.0', '>=') && defined('G5_BROWSCAP_USE') && G5_BROWSCAP_USE) {
$menu['menu100'][] = array('100510', 'Browscap 업데이트', G5_ADMIN_URL.'/browscap.php', 'cf_browscap');
$menu['menu100'][] = array('100520', '접속로그 변환', G5_ADMIN_URL.'/browscap_convert.php', 'cf_visit_cnvrt');
if (version_compare(phpversion(), '5.3.0', '>=') && defined('G5_BROWSCAP_USE') && G5_BROWSCAP_USE) {
$menu['menu100'][] = array('100510', 'Browscap 업데이트', G5_ADMIN_URL . '/browscap.php', 'cf_browscap');
$menu['menu100'][] = array('100520', '접속로그 변환', G5_ADMIN_URL . '/browscap_convert.php', 'cf_visit_cnvrt');
}
$menu['menu100'][] = array('100410', 'DB업그레이드', G5_ADMIN_URL.'/dbupgrade.php', 'db_upgrade');
$menu['menu100'][] = array('100400', '부가서비스', G5_ADMIN_URL.'/service.php', 'cf_service');
$menu['menu100'][] = array('100410', 'DB업그레이드', G5_ADMIN_URL . '/dbupgrade.php', 'db_upgrade');
$menu['menu100'][] = array('100400', '부가서비스', G5_ADMIN_URL . '/service.php', 'cf_service');

20
adm/admin.menu200.php
View File

@ -1,11 +1,11 @@
<?php
$menu['menu200'] = array (
array('200000', '회원관리', G5_ADMIN_URL.'/member_list.php', 'member'),
array('200100', '회원관리', G5_ADMIN_URL.'/member_list.php', 'mb_list'),
array('200300', '회원메일발송', G5_ADMIN_URL.'/mail_list.php', 'mb_mail'),
array('200800', '접속자집계', G5_ADMIN_URL.'/visit_list.php', 'mb_visit', 1),
array('200810', '접속자검색', G5_ADMIN_URL.'/visit_search.php', 'mb_search', 1),
array('200820', '접속자로그삭제', G5_ADMIN_URL.'/visit_delete.php', 'mb_delete', 1),
array('200200', '포인트관리', G5_ADMIN_URL.'/point_list.php', 'mb_point'),
array('200900', '투표관리', G5_ADMIN_URL.'/poll_list.php', 'mb_poll')
);
$menu['menu200'] = array(
array('200000', '회원관리', G5_ADMIN_URL . '/member_list.php', 'member'),
array('200100', '회원관리', G5_ADMIN_URL . '/member_list.php', 'mb_list'),
array('200300', '회원메일발송', G5_ADMIN_URL . '/mail_list.php', 'mb_mail'),
array('200800', '접속자집계', G5_ADMIN_URL . '/visit_list.php', 'mb_visit', 1),
array('200810', '접속자검색', G5_ADMIN_URL . '/visit_search.php', 'mb_search', 1),
array('200820', '접속자로그삭제', G5_ADMIN_URL . '/visit_delete.php', 'mb_delete', 1),
array('200200', '포인트관리', G5_ADMIN_URL . '/point_list.php', 'mb_point'),
array('200900', '투표관리', G5_ADMIN_URL . '/poll_list.php', 'mb_poll')
);

22
adm/admin.menu300.php
View File

@ -1,12 +1,12 @@
<?php
$menu['menu300'] = array (
array('300000', '게시판관리', ''.G5_ADMIN_URL.'/board_list.php', 'board'),
array('300100', '게시판관리', ''.G5_ADMIN_URL.'/board_list.php', 'bbs_board'),
array('300200', '게시판그룹관리', ''.G5_ADMIN_URL.'/boardgroup_list.php', 'bbs_group'),
array('300300', '인기검색어관리', ''.G5_ADMIN_URL.'/popular_list.php', 'bbs_poplist', 1),
array('300400', '인기검색어순위', ''.G5_ADMIN_URL.'/popular_rank.php', 'bbs_poprank', 1),
array('300500', '1:1문의설정', ''.G5_ADMIN_URL.'/qa_config.php', 'qa'),
array('300600', '내용관리', G5_ADMIN_URL.'/contentlist.php', 'scf_contents', 1),
array('300700', 'FAQ관리', G5_ADMIN_URL.'/faqmasterlist.php', 'scf_faq', 1),
array('300820', '글,댓글 현황', G5_ADMIN_URL.'/write_count.php', 'scf_write_count'),
);
$menu['menu300'] = array(
array('300000', '게시판관리', '' . G5_ADMIN_URL . '/board_list.php', 'board'),
array('300100', '게시판관리', '' . G5_ADMIN_URL . '/board_list.php', 'bbs_board'),
array('300200', '게시판그룹관리', '' . G5_ADMIN_URL . '/boardgroup_list.php', 'bbs_group'),
array('300300', '인기검색어관리', '' . G5_ADMIN_URL . '/popular_list.php', 'bbs_poplist', 1),
array('300400', '인기검색어순위', '' . G5_ADMIN_URL . '/popular_rank.php', 'bbs_poprank', 1),
array('300500', '1:1문의설정', '' . G5_ADMIN_URL . '/qa_config.php', 'qa'),
array('300600', '내용관리', G5_ADMIN_URL . '/contentlist.php', 'scf_contents', 1),
array('300700', 'FAQ관리', G5_ADMIN_URL . '/faqmasterlist.php', 'scf_faq', 1),
array('300820', '글,댓글 현황', G5_ADMIN_URL . '/write_count.php', 'scf_write_count'),
);

40
adm/admin.menu400.shop_1of2.php
View File

@ -1,21 +1,23 @@
<?php
if (!defined('G5_USE_SHOP') || !G5_USE_SHOP) return;
if (!defined('G5_USE_SHOP') || !G5_USE_SHOP) {
return;
}
$menu['menu400'] = array (
array('400000', '쇼핑몰관리', G5_ADMIN_URL.'/shop_admin/', 'shop_config'),
array('400010', '쇼핑몰현황', G5_ADMIN_URL.'/shop_admin/', 'shop_index'),
array('400100', '쇼핑몰설정', G5_ADMIN_URL.'/shop_admin/configform.php', 'scf_config'),
array('400400', '주문내역', G5_ADMIN_URL.'/shop_admin/orderlist.php', 'scf_order', 1),
array('400440', '개인결제관리', G5_ADMIN_URL.'/shop_admin/personalpaylist.php', 'scf_personalpay', 1),
array('400200', '분류관리', G5_ADMIN_URL.'/shop_admin/categorylist.php', 'scf_cate'),
array('400300', '상품관리', G5_ADMIN_URL.'/shop_admin/itemlist.php', 'scf_item'),
array('400660', '상품문의', G5_ADMIN_URL.'/shop_admin/itemqalist.php', 'scf_item_qna'),
array('400650', '사용후기', G5_ADMIN_URL.'/shop_admin/itemuselist.php', 'scf_ps'),
array('400620', '상품재고관리', G5_ADMIN_URL.'/shop_admin/itemstocklist.php', 'scf_item_stock'),
array('400610', '상품유형관리', G5_ADMIN_URL.'/shop_admin/itemtypelist.php', 'scf_item_type'),
array('400500', '상품옵션재고관리', G5_ADMIN_URL.'/shop_admin/optionstocklist.php', 'scf_item_option'),
array('400800', '쿠폰관리', G5_ADMIN_URL.'/shop_admin/couponlist.php', 'scf_coupon'),
array('400810', '쿠폰존관리', G5_ADMIN_URL.'/shop_admin/couponzonelist.php', 'scf_coupon_zone'),
array('400750', '추가배송비관리', G5_ADMIN_URL.'/shop_admin/sendcostlist.php', 'scf_sendcost', 1),
array('400410', '미완료주문', G5_ADMIN_URL.'/shop_admin/inorderlist.php', 'scf_inorder', 1),
);
$menu['menu400'] = array(
array('400000', '쇼핑몰관리', G5_ADMIN_URL . '/shop_admin/', 'shop_config'),
array('400010', '쇼핑몰현황', G5_ADMIN_URL . '/shop_admin/', 'shop_index'),
array('400100', '쇼핑몰설정', G5_ADMIN_URL . '/shop_admin/configform.php', 'scf_config'),
array('400400', '주문내역', G5_ADMIN_URL . '/shop_admin/orderlist.php', 'scf_order', 1),
array('400440', '개인결제관리', G5_ADMIN_URL . '/shop_admin/personalpaylist.php', 'scf_personalpay', 1),
array('400200', '분류관리', G5_ADMIN_URL . '/shop_admin/categorylist.php', 'scf_cate'),
array('400300', '상품관리', G5_ADMIN_URL . '/shop_admin/itemlist.php', 'scf_item'),
array('400660', '상품문의', G5_ADMIN_URL . '/shop_admin/itemqalist.php', 'scf_item_qna'),
array('400650', '사용후기', G5_ADMIN_URL . '/shop_admin/itemuselist.php', 'scf_ps'),
array('400620', '상품재고관리', G5_ADMIN_URL . '/shop_admin/itemstocklist.php', 'scf_item_stock'),
array('400610', '상품유형관리', G5_ADMIN_URL . '/shop_admin/itemtypelist.php', 'scf_item_type'),
array('400500', '상품옵션재고관리', G5_ADMIN_URL . '/shop_admin/optionstocklist.php', 'scf_item_option'),
array('400800', '쿠폰관리', G5_ADMIN_URL . '/shop_admin/couponlist.php', 'scf_coupon'),
array('400810', '쿠폰존관리', G5_ADMIN_URL . '/shop_admin/couponzonelist.php', 'scf_coupon_zone'),
array('400750', '추가배송비관리', G5_ADMIN_URL . '/shop_admin/sendcostlist.php', 'scf_sendcost', 1),
array('400410', '미완료주문', G5_ADMIN_URL . '/shop_admin/inorderlist.php', 'scf_inorder', 1),
);

28
adm/admin.menu500.shop_2of2.php
View File

@ -1,15 +1,17 @@
<?php
if (!defined('G5_USE_SHOP') || !G5_USE_SHOP) return;
if (!defined('G5_USE_SHOP') || !G5_USE_SHOP) {
return;
}
$menu['menu500'] = array (
array('500000', '쇼핑몰현황/기타', G5_ADMIN_URL.'/shop_admin/itemsellrank.php', 'shop_stats'),
array('500110', '매출현황', G5_ADMIN_URL.'/shop_admin/sale1.php', 'sst_order_stats'),
array('500100', '상품판매순위', G5_ADMIN_URL.'/shop_admin/itemsellrank.php', 'sst_rank'),
array('500120', '주문내역출력', G5_ADMIN_URL.'/shop_admin/orderprint.php', 'sst_print_order', 1),
array('500400', '재입고SMS알림', G5_ADMIN_URL.'/shop_admin/itemstocksms.php', 'sst_stock_sms', 1),
array('500300', '이벤트관리', G5_ADMIN_URL.'/shop_admin/itemevent.php', 'scf_event'),
array('500310', '이벤트일괄처리', G5_ADMIN_URL.'/shop_admin/itemeventlist.php', 'scf_event_mng'),
array('500500', '배너관리', G5_ADMIN_URL.'/shop_admin/bannerlist.php', 'scf_banner', 1),
array('500140', '보관함현황', G5_ADMIN_URL.'/shop_admin/wishlist.php', 'sst_wish'),
array('500210', '가격비교사이트', G5_ADMIN_URL.'/shop_admin/price.php', 'sst_compare', 1)
);
$menu['menu500'] = array(
array('500000', '쇼핑몰현황/기타', G5_ADMIN_URL . '/shop_admin/itemsellrank.php', 'shop_stats'),
array('500110', '매출현황', G5_ADMIN_URL . '/shop_admin/sale1.php', 'sst_order_stats'),
array('500100', '상품판매순위', G5_ADMIN_URL . '/shop_admin/itemsellrank.php', 'sst_rank'),
array('500120', '주문내역출력', G5_ADMIN_URL . '/shop_admin/orderprint.php', 'sst_print_order', 1),
array('500400', '재입고SMS알림', G5_ADMIN_URL . '/shop_admin/itemstocksms.php', 'sst_stock_sms', 1),
array('500300', '이벤트관리', G5_ADMIN_URL . '/shop_admin/itemevent.php', 'scf_event'),
array('500310', '이벤트일괄처리', G5_ADMIN_URL . '/shop_admin/itemeventlist.php', 'scf_event_mng'),
array('500500', '배너관리', G5_ADMIN_URL . '/shop_admin/bannerlist.php', 'scf_banner', 1),
array('500140', '보관함현황', G5_ADMIN_URL . '/shop_admin/wishlist.php', 'sst_wish'),
array('500210', '가격비교사이트', G5_ADMIN_URL . '/shop_admin/price.php', 'sst_compare', 1)
);

28
adm/admin.menu900.php
View File

@ -1,14 +1,14 @@
<?php
$menu["menu900"] = array (
array('900000', 'SMS 관리', ''.G5_SMS5_ADMIN_URL.'/config.php', 'sms5'),
array('900100', 'SMS 기본설정', ''.G5_SMS5_ADMIN_URL.'/config.php', 'sms5_config'),
array('900200', '회원정보업데이트', ''.G5_SMS5_ADMIN_URL.'/member_update.php', 'sms5_mb_update'),
array('900300', '문자 보내기', ''.G5_SMS5_ADMIN_URL.'/sms_write.php', 'sms_write'),
array('900400', '전송내역-건별', ''.G5_SMS5_ADMIN_URL.'/history_list.php', 'sms_history' , 1),
array('900410', '전송내역-번호별', ''.G5_SMS5_ADMIN_URL.'/history_num.php', 'sms_history_num' , 1),
array('900500', '이모티콘 그룹', ''.G5_SMS5_ADMIN_URL.'/form_group.php' , 'emoticon_group'),
array('900600', '이모티콘 관리', ''.G5_SMS5_ADMIN_URL.'/form_list.php', 'emoticon_list'),
array('900700', '휴대폰번호 그룹', ''.G5_SMS5_ADMIN_URL.'/num_group.php' , 'hp_group', 1),
array('900800', '휴대폰번호 관리', ''.G5_SMS5_ADMIN_URL.'/num_book.php', 'hp_manage', 1),
array('900900', '휴대폰번호 파일', ''.G5_SMS5_ADMIN_URL.'/num_book_file.php' , 'hp_file', 1)
);
<?php
$menu["menu900"] = array(
array('900000', 'SMS 관리', '' . G5_SMS5_ADMIN_URL . '/config.php', 'sms5'),
array('900100', 'SMS 기본설정', '' . G5_SMS5_ADMIN_URL . '/config.php', 'sms5_config'),
array('900200', '회원정보업데이트', '' . G5_SMS5_ADMIN_URL . '/member_update.php', 'sms5_mb_update'),
array('900300', '문자 보내기', '' . G5_SMS5_ADMIN_URL . '/sms_write.php', 'sms_write'),
array('900400', '전송내역-건별', '' . G5_SMS5_ADMIN_URL . '/history_list.php', 'sms_history', 1),
array('900410', '전송내역-번호별', '' . G5_SMS5_ADMIN_URL . '/history_num.php', 'sms_history_num', 1),
array('900500', '이모티콘 그룹', '' . G5_SMS5_ADMIN_URL . '/form_group.php', 'emoticon_group'),
array('900600', '이모티콘 관리', '' . G5_SMS5_ADMIN_URL . '/form_list.php', 'emoticon_list'),
array('900700', '휴대폰번호 그룹', '' . G5_SMS5_ADMIN_URL . '/num_group.php', 'hp_group', 1),
array('900800', '휴대폰번호 관리', '' . G5_SMS5_ADMIN_URL . '/num_book.php', 'hp_manage', 1),
array('900900', '휴대폰번호 파일', '' . G5_SMS5_ADMIN_URL . '/num_book_file.php', 'hp_file', 1)
);

220
adm/admin.tail.php
View File

@ -1,33 +1,37 @@
<?php
if (!defined('_GNUBOARD_')) exit;
if (!defined('_GNUBOARD_')) {
exit;
}
// 그누보드5.4.5.5 버전과 영카트5.4.5.5.1 버전이 통합됨에 따라 그누보드 버전만 표시
// $print_version = defined('G5_YOUNGCART_VER') ? 'YoungCart Version '.G5_YOUNGCART_VER : 'Version '.G5_GNUBOARD_VER;
$print_version = 'Version '.G5_GNUBOARD_VER;
$print_version = 'Version ' . G5_GNUBOARD_VER;
?>
<noscript>
<p>
귀하께서 사용하시는 브라우저는 현재 <strong>자바스크립트를 사용하지 않음</strong>으로 설정되어 있습니다.<br>
<strong>자바스크립트를 사용하지 않음</strong>으로 설정하신 경우는 수정이나 삭제시 별도의 경고창이 나오지 않으므로 이점 주의하시기 바랍니다.
</p>
</noscript>
<noscript>
<p>
귀하께서 사용하시는 브라우저는 현재 <strong>자바스크립트를 사용하지 않음</strong>으로 설정되어 있습니다.<br>
<strong>자바스크립트를 사용하지 않음</strong>으로 설정하신 경우는 수정이나 삭제시 별도의 경고창이 나오지 않으므로 이점 주의하시기 바랍니다.
</p>
</noscript>
</div>
<footer id="ft">
<p>
Copyright &copy; <?php echo $_SERVER['HTTP_HOST']; ?>. All rights reserved. <?php echo $print_version; ?><br>
<button type="button" class="scroll_top"><span class="top_img"></span><span class="top_txt">TOP</span></button>
</p>
</footer>
</div>
</div>
<footer id="ft">
<p>
Copyright &copy; <?php echo $_SERVER['HTTP_HOST']; ?>. All rights reserved. <?php echo $print_version; ?><br>
<button type="button" class="scroll_top"><span class="top_img"></span><span class="top_txt">TOP</span></button>
</p>
</footer>
</div>
</div>
<script>
$(".scroll_top").click(function(){
$("body,html").animate({scrollTop:0},400);
})
$(".scroll_top").click(function() {
$("body,html").animate({
scrollTop: 0
}, 400);
})
</script>
<!-- <p>실행시간 : <?php echo get_microtime() - $begin_time; ?> -->
@ -35,121 +39,119 @@ $(".scroll_top").click(function(){
<script src="<?php echo G5_ADMIN_URL ?>/admin.js?ver=<?php echo G5_JS_VER; ?>"></script>
<script src="<?php echo G5_JS_URL ?>/jquery.anchorScroll.js?ver=<?php echo G5_JS_VER; ?>"></script>
<script>
$(function(){
$(function() {
var admin_head_height = $("#hd_top").height() + $("#container_title").height() + 5;
var admin_head_height = $("#hd_top").height() + $("#container_title").height() + 5;
$("a[href^='#']").anchorScroll({
scrollSpeed: 0, // scroll speed
offsetTop: admin_head_height, // offset for fixed top bars (defaults to 0)
onScroll: function () {
// callback on scroll start
},
scrollEnd: function () {
// callback on scroll end
}
});
$("a[href^='#']").anchorScroll({
scrollSpeed: 0, // scroll speed
offsetTop: admin_head_height, // offset for fixed top bars (defaults to 0)
onScroll: function() {
// callback on scroll start
},
scrollEnd: function() {
// callback on scroll end
}
});
var hide_menu = false;
var mouse_event = false;
var oldX = oldY = 0;
var hide_menu = false;
var mouse_event = false;
var oldX = oldY = 0;
$(document).mousemove(function(e) {
if(oldX == 0) {
oldX = e.pageX;
oldY = e.pageY;
}
$(document).mousemove(function(e) {
if (oldX == 0) {
oldX = e.pageX;
oldY = e.pageY;
}
if(oldX != e.pageX || oldY != e.pageY) {
mouse_event = true;
}
});
if (oldX != e.pageX || oldY != e.pageY) {
mouse_event = true;
}
});
// 주메뉴
var $gnb = $(".gnb_1dli > a");
$gnb.mouseover(function() {
if(mouse_event) {
// 주메뉴
var $gnb = $(".gnb_1dli > a");
$gnb.mouseover(function() {
if (mouse_event) {
$(".gnb_1dli").removeClass("gnb_1dli_over gnb_1dli_over2 gnb_1dli_on");
$(this).parent().addClass("gnb_1dli_over gnb_1dli_on");
menu_rearrange($(this).parent());
hide_menu = false;
}
});
$gnb.mouseout(function() {
hide_menu = true;
});
$(".gnb_2dli").mouseover(function() {
hide_menu = false;
});
$(".gnb_2dli").mouseout(function() {
hide_menu = true;
});
$gnb.focusin(function() {
$(".gnb_1dli").removeClass("gnb_1dli_over gnb_1dli_over2 gnb_1dli_on");
$(this).parent().addClass("gnb_1dli_over gnb_1dli_on");
menu_rearrange($(this).parent());
hide_menu = false;
}
});
});
$gnb.mouseout(function() {
hide_menu = true;
});
$gnb.focusout(function() {
hide_menu = true;
});
$(".gnb_2dli").mouseover(function() {
hide_menu = false;
});
$(".gnb_2da").focusin(function() {
$(".gnb_1dli").removeClass("gnb_1dli_over gnb_1dli_over2 gnb_1dli_on");
var $gnb_li = $(this).closest(".gnb_1dli").addClass("gnb_1dli_over gnb_1dli_on");
menu_rearrange($(this).closest(".gnb_1dli"));
hide_menu = false;
});
$(".gnb_2dli").mouseout(function() {
hide_menu = true;
});
$(".gnb_2da").focusout(function() {
hide_menu = true;
});
$gnb.focusin(function() {
$(".gnb_1dli").removeClass("gnb_1dli_over gnb_1dli_over2 gnb_1dli_on");
$(this).parent().addClass("gnb_1dli_over gnb_1dli_on");
menu_rearrange($(this).parent());
hide_menu = false;
});
$gnb.focusout(function() {
hide_menu = true;
});
$(".gnb_2da").focusin(function() {
$(".gnb_1dli").removeClass("gnb_1dli_over gnb_1dli_over2 gnb_1dli_on");
var $gnb_li = $(this).closest(".gnb_1dli").addClass("gnb_1dli_over gnb_1dli_on");
menu_rearrange($(this).closest(".gnb_1dli"));
hide_menu = false;
});
$(".gnb_2da").focusout(function() {
hide_menu = true;
});
$('#gnb_1dul>li').bind('mouseleave',function(){
submenu_hide();
});
$(document).bind('click focusin',function(){
if(hide_menu) {
$('#gnb_1dul>li').bind('mouseleave', function() {
submenu_hide();
});
$(document).bind('click focusin', function() {
if (hide_menu) {
submenu_hide();
}
});
// 폰트 리사이즈 쿠키있으면 실행
var font_resize_act = get_cookie("ck_font_resize_act");
if (font_resize_act != "") {
font_resize("container", font_resize_act);
}
});
// 폰트 리사이즈 쿠키있으면 실행
var font_resize_act = get_cookie("ck_font_resize_act");
if(font_resize_act != "") {
font_resize("container", font_resize_act);
function submenu_hide() {
$(".gnb_1dli").removeClass("gnb_1dli_over gnb_1dli_over2 gnb_1dli_on");
}
});
function submenu_hide() {
$(".gnb_1dli").removeClass("gnb_1dli_over gnb_1dli_over2 gnb_1dli_on");
}
function menu_rearrange(el) {
var width = $("#gnb_1dul").width();
var left = w1 = w2 = 0;
var idx = $(".gnb_1dli").index(el);
function menu_rearrange(el)
{
var width = $("#gnb_1dul").width();
var left = w1 = w2 = 0;
var idx = $(".gnb_1dli").index(el);
for (i = 0; i <= idx; i++) {
w1 = $(".gnb_1dli:eq(" + i + ")").outerWidth();
w2 = $(".gnb_2dli > a:eq(" + i + ")").outerWidth(true);
for(i=0; i<=idx; i++) {
w1 = $(".gnb_1dli:eq("+i+")").outerWidth();
w2 = $(".gnb_2dli > a:eq("+i+")").outerWidth(true);
if ((left + w2) > width) {
el.removeClass("gnb_1dli_over").addClass("gnb_1dli_over2");
}
if((left + w2) > width) {
el.removeClass("gnb_1dli_over").addClass("gnb_1dli_over2");
left += w1;
}
left += w1;
}
}
</script>
<?php
include_once(G5_PATH.'/tail.sub.php');
require_once G5_PATH . '/tail.sub.php';

10
adm/ajax.token.php
View File

@ -1,13 +1,13 @@
<?php
include_once('./_common.php');
include_once(G5_LIB_PATH.'/json.lib.php');
require_once './_common.php';
set_session('ss_admin_token', '');
$error = admin_referer_check(true);
if($error)
die(json_encode(array('error'=>$error, 'url'=>G5_URL)));
if ($error) {
die(json_encode(array('error' => $error, 'url' => G5_URL)));
}
$token = get_admin_token();
die(json_encode(array('error'=>'', 'token'=>$token, 'url'=>'')));
die(json_encode(array('error' => '', 'token' => $token, 'url' => '')));

6
adm/ajax.use_captcha.php
View File

@ -1,6 +1,6 @@
<?php
include_once('./_common.php');
require_once './_common.php';
if( isset($_POST['admin_use_captcha']) ){
if (isset($_POST['admin_use_captcha'])) {
set_session('ss_admin_use_captcha', true);
}
}

365
adm/auth_list.php
View File

@ -1,9 +1,10 @@
<?php
$sub_menu = "100200";
include_once('./_common.php');
require_once './_common.php';
if ($is_admin != 'super')
if ($is_admin != 'super') {
alert('최고관리자만 접근 가능합니다.');
}
$sql_common = " from {$g5['auth_table']} a left join {$g5['member_table']} b on (a.mb_id=b.mb_id) ";
@ -11,7 +12,7 @@ $sql_search = " where (1) ";
if ($stx) {
$sql_search .= " and ( ";
switch ($sfl) {
default :
default:
$sql_search .= " ({$sfl} like '%{$stx}%') ";
break;
}
@ -33,7 +34,9 @@ $total_count = $row['cnt'];
$rows = $config['cf_page_rows'];
$total_page = ceil($total_count / $rows); // 전체 페이지 계산
if ($page < 1) $page = 1; // 페이지가 없으면 첫 페이지 (1 페이지)
if ($page < 1) {
$page = 1; // 페이지가 없으면 첫 페이지 (1 페이지)
}
$from_record = ($page - 1) * $rows; // 시작 열을 구함
$sql = " select *
@ -43,10 +46,10 @@ $sql = " select *
limit {$from_record}, {$rows} ";
$result = sql_query($sql);
$listall = '<a href="'.$_SERVER['SCRIPT_NAME'].'" class="ov_listall btn_ov02">전체목록</a>';
$listall = '<a href="' . $_SERVER['SCRIPT_NAME'] . '" class="ov_listall btn_ov02">전체목록</a>';
$g5['title'] = "관리권한설정";
include_once('./admin.head.php');
require_once './admin.head.php';
$colspan = 5;
?>
@ -57,213 +60,213 @@ $colspan = 5;
</div>
<form name="fsearch" id="fsearch" class="local_sch01 local_sch" method="get">
<input type="hidden" name="sfl" value="a.mb_id" id="sfl">
<input type="hidden" name="sfl" value="a.mb_id" id="sfl">
<label for="stx" class="sound_only">회원아이디<strong class="sound_only"> 필수</strong></label>
<input type="text" name="stx" value="<?php echo $stx ?>" id="stx" required class="required frm_input">
<input type="submit" value="검색" id="fsearch_submit" class="btn_submit">
<label for="stx" class="sound_only">회원아이디<strong class="sound_only"> 필수</strong></label>
<input type="text" name="stx" value="<?php echo $stx ?>" id="stx" required class="required frm_input">
<input type="submit" value="검색" id="fsearch_submit" class="btn_submit">
</form>
<form name="fauthlist" id="fauthlist" method="post" action="./auth_list_delete.php" onsubmit="return fauthlist_submit(this);">
<input type="hidden" name="sst" value="<?php echo $sst ?>">
<input type="hidden" name="sod" value="<?php echo $sod ?>">
<input type="hidden" name="sfl" value="<?php echo $sfl ?>">
<input type="hidden" name="stx" value="<?php echo $stx ?>">
<input type="hidden" name="page" value="<?php echo $page ?>">
<input type="hidden" name="token" value="">
<input type="hidden" name="sst" value="<?php echo $sst ?>">
<input type="hidden" name="sod" value="<?php echo $sod ?>">
<input type="hidden" name="sfl" value="<?php echo $sfl ?>">
<input type="hidden" name="stx" value="<?php echo $stx ?>">
<input type="hidden" name="page" value="<?php echo $page ?>">
<input type="hidden" name="token" value="">
<div class="tbl_head01 tbl_wrap">
<table>
<caption><?php echo $g5['title']; ?> 목록</caption>
<thead>
<tr>
<th scope="col">
<label for="chkall" class="sound_only">현재 페이지 회원 전체</label>
<input type="checkbox" name="chkall" value="1" id="chkall" onclick="check_all(this.form)">
</th>
<th scope="col"><?php echo subject_sort_link('a.mb_id') ?>회원아이디</a></th>
<th scope="col"><?php echo subject_sort_link('mb_nick') ?>닉네임</a></th>
<th scope="col">메뉴</th>
<th scope="col">권한</th>
</tr>
</thead>
<tbody>
<?php
$count = 0;
for ($i = 0; $row = sql_fetch_array($result); $i++) {
$is_continue = false;
// 회원아이디가 없는 메뉴는 삭제함
if ($row['mb_id'] == '' && $row['mb_nick'] == '') {
sql_query(" delete from {$g5['auth_table']} where au_menu = '{$row['au_menu']}' ");
$is_continue = true;
}
// 메뉴번호가 바뀌는 경우에 현재 없는 저장된 메뉴는 삭제함
if (!isset($auth_menu[$row['au_menu']])) {
sql_query(" delete from {$g5['auth_table']} where au_menu = '{$row['au_menu']}' ");
$is_continue = true;
}
if ($is_continue) {
continue;
}
$mb_nick = get_sideview($row['mb_id'], $row['mb_nick'], $row['mb_email'], $row['mb_homepage']);
$bg = 'bg' . ($i % 2);
?>
<tr class="<?php echo $bg; ?>">
<td class="td_chk">
<input type="hidden" name="au_menu[<?php echo $i ?>]" value="<?php echo $row['au_menu'] ?>">
<input type="hidden" name="mb_id[<?php echo $i ?>]" value="<?php echo $row['mb_id'] ?>">
<label for="chk_<?php echo $i; ?>" class="sound_only"><?php echo $row['mb_nick'] ?>님 권한</label>
<input type="checkbox" name="chk[]" value="<?php echo $i ?>" id="chk_<?php echo $i ?>">
</td>
<td class="td_mbid"><a href="?sfl=a.mb_id&amp;stx=<?php echo $row['mb_id'] ?>"><?php echo $row['mb_id'] ?></a></td>
<td class="td_auth_mbnick"><?php echo $mb_nick ?></td>
<td class="td_menu">
<?php echo $row['au_menu'] ?>
<?php echo $auth_menu[$row['au_menu']] ?>
</td>
<td class="td_auth"><?php echo $row['au_auth'] ?></td>
</tr>
<?php
$count++;
}
if ($count == 0) {
echo '<tr><td colspan="' . $colspan . '" class="empty_table">자료가 없습니다.</td></tr>';
}
?>
</tbody>
</table>
</div>
<div class="btn_list01 btn_list">
<input type="submit" name="act_button" value="선택삭제" onclick="document.pressed=this.value" class="btn btn_02">
</div>
<div class="tbl_head01 tbl_wrap">
<table>
<caption><?php echo $g5['title']; ?> 목록</caption>
<thead>
<tr>
<th scope="col">
<label for="chkall" class="sound_only">현재 페이지 회원 전체</label>
<input type="checkbox" name="chkall" value="1" id="chkall" onclick="check_all(this.form)">
</th>
<th scope="col"><?php echo subject_sort_link('a.mb_id') ?>회원아이디</a></th>
<th scope="col"><?php echo subject_sort_link('mb_nick') ?>닉네임</a></th>
<th scope="col">메뉴</th>
<th scope="col">권한</th>
</tr>
</thead>
<tbody>
<?php
$count = 0;
for ($i=0; $row=sql_fetch_array($result); $i++)
{
$is_continue = false;
// 회원아이디가 없는 메뉴는 삭제함
if($row['mb_id'] == '' && $row['mb_nick'] == '') {
sql_query(" delete from {$g5['auth_table']} where au_menu = '{$row['au_menu']}' ");
$is_continue = true;
}
//if (isset($stx))
// echo '<script>document.fsearch.sfl.value = "'.$sfl.'";</script>'."\n";
// 메뉴번호가 바뀌는 경우에 현재 없는 저장된 메뉴는 삭제함
if (!isset($auth_menu[$row['au_menu']]))
{
sql_query(" delete from {$g5['auth_table']} where au_menu = '{$row['au_menu']}' ");
$is_continue = true;
}
if($is_continue)
continue;
$mb_nick = get_sideview($row['mb_id'], $row['mb_nick'], $row['mb_email'], $row['mb_homepage']);
$bg = 'bg'.($i%2);
?>
<tr class="<?php echo $bg; ?>">
<td class="td_chk">
<input type="hidden" name="au_menu[<?php echo $i ?>]" value="<?php echo $row['au_menu'] ?>">
<input type="hidden" name="mb_id[<?php echo $i ?>]" value="<?php echo $row['mb_id'] ?>">
<label for="chk_<?php echo $i; ?>" class="sound_only"><?php echo $row['mb_nick'] ?>님 권한</label>
<input type="checkbox" name="chk[]" value="<?php echo $i ?>" id="chk_<?php echo $i ?>">
</td>
<td class="td_mbid"><a href="?sfl=a.mb_id&amp;stx=<?php echo $row['mb_id'] ?>"><?php echo $row['mb_id'] ?></a></td>
<td class="td_auth_mbnick"><?php echo $mb_nick ?></td>
<td class="td_menu">
<?php echo $row['au_menu'] ?>
<?php echo $auth_menu[$row['au_menu']] ?>
</td>
<td class="td_auth"><?php echo $row['au_auth'] ?></td>
</tr>
<?php
$count++;
if (strstr($sfl, 'mb_id')) {
$mb_id = $stx;
} else {
$mb_id = '';
}
if ($count == 0)
echo '<tr><td colspan="'.$colspan.'" class="empty_table">자료가 없습니다.</td></tr>';
?>
</tbody>
</table>
</div>
<div class="btn_list01 btn_list">
<input type="submit" name="act_button" value="선택삭제" onclick="document.pressed=this.value" class="btn btn_02">
</div>
<?php
//if (isset($stx))
// echo '<script>document.fsearch.sfl.value = "'.$sfl.'";</script>'."\n";
if (strstr($sfl, 'mb_id'))
$mb_id = $stx;
else
$mb_id = '';
?>
</form>
<?php
$pagelist = get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, $_SERVER['SCRIPT_NAME'].'?'.$qstr.'&amp;page=');
$pagelist = get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, $_SERVER['SCRIPT_NAME'] . '?' . $qstr . '&amp;page=');
echo $pagelist;
?>
<form name="fauthlist2" id="fauthlist2" action="./auth_update.php" method="post" autocomplete="off" onsubmit="return fauth_add_submit(this);">
<input type="hidden" name="sfl" value="<?php echo $sfl ?>">
<input type="hidden" name="stx" value="<?php echo $stx ?>">
<input type="hidden" name="sst" value="<?php echo $sst ?>">
<input type="hidden" name="sod" value="<?php echo $sod ?>">
<input type="hidden" name="page" value="<?php echo $page ?>">
<input type="hidden" name="token" value="">
<input type="hidden" name="sfl" value="<?php echo $sfl ?>">
<input type="hidden" name="stx" value="<?php echo $stx ?>">
<input type="hidden" name="sst" value="<?php echo $sst ?>">
<input type="hidden" name="sod" value="<?php echo $sod ?>">
<input type="hidden" name="page" value="<?php echo $page ?>">
<input type="hidden" name="token" value="">
<section id="add_admin">
<h2 class="h2_frm">관리권한 추가</h2>
<section id="add_admin">
<h2 class="h2_frm">관리권한 추가</h2>
<div class="local_desc01 local_desc">
<p>
다음 양식에서 회원에게 관리권한을 부여하실 수 있습니다.<br>
권한 <strong>r</strong>은 읽기권한, <strong>w</strong>는 쓰기권한, <strong>d</strong>는 삭제권한입니다.
</p>
</div>
<div class="local_desc01 local_desc">
<p>
다음 양식에서 회원에게 관리권한을 부여하실 수 있습니다.<br>
권한 <strong>r</strong>은 읽기권한, <strong>w</strong>는 쓰기권한, <strong>d</strong>는 삭제권한입니다.
</p>
</div>
<div class="tbl_frm01 tbl_wrap">
<table>
<colgroup>
<col class="grid_4">
<col>
</colgroup>
<tbody>
<tr>
<th scope="row"><label for="mb_id">회원아이디<strong class="sound_only">필수</strong></label></th>
<td>
<strong id="msg_mb_id" class="msg_sound_only"></strong>
<input type="text" name="mb_id" value="<?php echo $mb_id ?>" id="mb_id" required class="required frm_input">
</td>
</tr>
<tr>
<th scope="row"><label for="au_menu">접근가능메뉴<strong class="sound_only">필수</strong></label></th>
<td>
<select id="au_menu" name="au_menu" required class="required">
<option value=''>선택하세요</option>
<?php
foreach($auth_menu as $key=>$value)
{
if (!(substr($key, -3) == '000' || $key == '-' || !$key))
echo '<option value="'.$key.'">'.$key.' '.$value.'</option>';
}
?>
</select>
</td>
</tr>
<tr>
<th scope="row">권한지정</th>
<td>
<input type="checkbox" name="r" value="r" id="r" checked>
<label for="r">r (읽기)</label>
<input type="checkbox" name="w" value="w" id="w">
<label for="w">w (쓰기)</label>
<input type="checkbox" name="d" value="d" id="d">
<label for="d">d (삭제)</label>
</td>
</tr>
<tr>
<th scope="row">자동등록방지</th>
<td>
<?php
include_once(G5_CAPTCHA_PATH.'/captcha.lib.php');
$captcha_html = captcha_html();
$captcha_js = chk_captcha_js();
echo $captcha_html;
?>
</td>
</tr>
</tbody>
</table>
</div>
<div class="tbl_frm01 tbl_wrap">
<table>
<colgroup>
<col class="grid_4">
<col>
</colgroup>
<tbody>
<tr>
<th scope="row"><label for="mb_id">회원아이디<strong class="sound_only">필수</strong></label></th>
<td>
<strong id="msg_mb_id" class="msg_sound_only"></strong>
<input type="text" name="mb_id" value="<?php echo $mb_id ?>" id="mb_id" required class="required frm_input">
</td>
</tr>
<tr>
<th scope="row"><label for="au_menu">접근가능메뉴<strong class="sound_only">필수</strong></label></th>
<td>
<select id="au_menu" name="au_menu" required class="required">
<option value=''>선택하세요</option>
<?php
foreach ($auth_menu as $key => $value) {
if (!(substr($key, -3) == '000' || $key == '-' || !$key)) {
echo '<option value="' . $key . '">' . $key . ' ' . $value . '</option>';
}
}
?>
</select>
</td>
</tr>
<tr>
<th scope="row">권한지정</th>
<td>
<input type="checkbox" name="r" value="r" id="r" checked>
<label for="r">r (읽기)</label>
<input type="checkbox" name="w" value="w" id="w">
<label for="w">w (쓰기)</label>
<input type="checkbox" name="d" value="d" id="d">
<label for="d">d (삭제)</label>
</td>
</tr>
<tr>
<th scope="row">자동등록방지</th>
<td>
<?php
require_once G5_CAPTCHA_PATH . '/captcha.lib.php';
$captcha_html = captcha_html();
$captcha_js = chk_captcha_js();
echo $captcha_html;
?>
</td>
</tr>
</tbody>
</table>
</div>
<div class="btn_confirm01 btn_confirm">
<input type="submit" value="추가" class="btn_submit btn">
</div>
</section>
<div class="btn_confirm01 btn_confirm">
<input type="submit" value="추가" class="btn_submit btn">
</div>
</section>
</form>
<script>
function fauth_add_submit(f){
<?php echo $captcha_js; // 캡챠 사용시 자바스크립트에서 입력된 캡챠를 검사함 ?>
function fauth_add_submit(f) {
return true;
}
<?php echo $captcha_js; // 캡챠 사용시 자바스크립트에서 입력된 캡챠를 검사함 ?>
function fauthlist_submit(f)
{
if (!is_checked("chk[]")) {
alert(document.pressed+" 하실 항목을 하나 이상 선택하세요.");
return false;
return true;
}
if(document.pressed == "선택삭제") {
if(!confirm("선택한 자료를 정말 삭제하시겠습니까?")) {
function fauthlist_submit(f) {
if (!is_checked("chk[]")) {
alert(document.pressed + " 하실 항목을 하나 이상 선택하세요.");
return false;
}
}
return true;
}
if (document.pressed == "선택삭제") {
if (!confirm("선택한 자료를 정말 삭제하시겠습니까?")) {
return false;
}
}
return true;
}
</script>
<?php
include_once ('./admin.tail.php');
require_once './admin.tail.php';

21
adm/auth_list_delete.php
View File

@ -1,36 +1,37 @@
<?php
$sub_menu = "100200";
include_once('./_common.php');
require_once './_common.php';
check_demo();
if ($is_admin != 'super')
if ($is_admin != 'super') {
alert('최고관리자만 접근 가능합니다.');
}
check_admin_token();
$count = (isset($_POST['chk']) && is_array($_POST['chk'])) ? count($_POST['chk']) : 0;
$post_act_button = isset($_POST['act_button']) ? clean_xss_tags($_POST['act_button'], 1, 1) : '';
if (!$count)
alert($_POST['act_button']." 하실 항목을 하나 이상 체크하세요.");
if (!$count) {
alert($_POST['act_button'] . " 하실 항목을 하나 이상 체크하세요.");
}
if ( (isset($_POST['mb_id']) && ! is_array($_POST['mb_id'])) || (isset($_POST['au_menu']) && ! is_array($_POST['au_menu'])) ){
if ((isset($_POST['mb_id']) && !is_array($_POST['mb_id'])) || (isset($_POST['au_menu']) && !is_array($_POST['au_menu']))) {
alert("잘못된 요청입니다.");
}
for ($i=0; $i<$count; $i++)
{
for ($i = 0; $i < $count; $i++) {
// 실제 번호를 넘김
$k = isset($_POST['chk'][$i]) ? (int) $_POST['chk'][$i] : 0;
$mb_id = isset($_POST['mb_id'][$k]) ? preg_replace('/[^a-zA-Z0-9_]/', '', $_POST['mb_id'][$k]) : '';
$au_menu = isset($_POST['au_menu'][$k]) ? preg_replace('/[^a-zA-Z0-9_]/', '', $_POST['au_menu'][$k]) : '';
$sql = " delete from {$g5['auth_table']} where mb_id = '".$mb_id."' and au_menu = '".$au_menu."' ";
$sql = " delete from {$g5['auth_table']} where mb_id = '" . $mb_id . "' and au_menu = '" . $au_menu . "' ";
sql_query($sql);
run_event('adm_auth_delete_member', $mb_id, $au_menu);
}
goto_url('./auth_list.php?'.$qstr);
goto_url('./auth_list.php?' . $qstr);

22
adm/auth_update.php
View File

@ -1,23 +1,25 @@
<?php
$sub_menu = "100200";
include_once('./_common.php');
include_once(G5_LIB_PATH.'/mailer.lib.php');
require_once './_common.php';
require_once G5_LIB_PATH . '/mailer.lib.php';
$au_menu = isset($_POST['au_menu']) ? preg_replace('/[^0-9a-z_]/i', '', $_POST['au_menu']) : '';
$post_r = isset($_POST['r']) ? preg_replace('/[^0-9a-z_]/i', '', $_POST['r']) : '';
$post_w = isset($_POST['w']) ? preg_replace('/[^0-9a-z_]/i', '', $_POST['w']) : '';
$post_d = isset($_POST['d']) ? preg_replace('/[^0-9a-z_]/i', '', $_POST['d']) : '';
if ($is_admin != 'super')
if ($is_admin != 'super') {
alert('최고관리자만 접근 가능합니다.');
}
$mb = get_member($mb_id);
if (!$mb['mb_id'])
if (!$mb['mb_id']) {
alert('존재하는 회원아이디가 아닙니다.');
}
check_admin_token();
include_once(G5_CAPTCHA_PATH.'/captcha.lib.php');
require_once G5_CAPTCHA_PATH . '/captcha.lib.php';
if (!chk_captcha()) {
alert('자동등록방지 숫자가 틀렸습니다.');
@ -27,7 +29,7 @@ $sql = " insert into {$g5['auth_table']}
set mb_id = '$mb_id',
au_menu = '$au_menu',
au_auth = '{$post_r},{$post_w},{$post_d}' ";
$result = sql_query($sql, FALSE);
$result = sql_query($sql, false);
if (!$result) {
$sql = " update {$g5['auth_table']}
set au_auth = '{$post_r},{$post_w},{$post_d}'
@ -39,15 +41,15 @@ if (!$result) {
//sql_query(" OPTIMIZE TABLE `$g5['auth_table']` ");
// 세션을 체크하여 하루에 한번만 메일알림이 가게 합니다.
if( str_replace('-', '', G5_TIME_YMD) !== get_session('adm_auth_update') ){
if (str_replace('-', '', G5_TIME_YMD) !== get_session('adm_auth_update')) {
$site_url = preg_replace('/^www\./', '', strtolower($_SERVER['SERVER_NAME']));
$to_email = 'gnuboard@'.$site_url;
$to_email = 'gnuboard@' . $site_url;
mailer($config['cf_admin_email_name'], $to_email, $config['cf_admin_email'], '['.$config['cf_title'].'] 관리권한설정 알림', '<p><b>['.$config['cf_title'].'] 관리권한설정 변경 안내</b></p><p style="padding-top:1em">회원 아이디 '.$mb['mb_id'].' 에 관리권한이 추가 되었습니다.</p><p style="padding-top:1em">'.G5_TIME_YMDHIS.'</p><p style="padding-top:1em"><a href="'.G5_URL.'" target="_blank">'.$config['cf_title'].'</a></p>', 1);
mailer($config['cf_admin_email_name'], $to_email, $config['cf_admin_email'], '[' . $config['cf_title'] . '] 관리권한설정 알림', '<p><b>[' . $config['cf_title'] . '] 관리권한설정 변경 안내</b></p><p style="padding-top:1em">회원 아이디 ' . $mb['mb_id'] . ' 에 관리권한이 추가 되었습니다.</p><p style="padding-top:1em">' . G5_TIME_YMDHIS . '</p><p style="padding-top:1em"><a href="' . G5_URL . '" target="_blank">' . $config['cf_title'] . '</a></p>', 1);
set_session('adm_auth_update', str_replace('-', '', G5_TIME_YMD));
}
run_event('adm_auth_update', $mb);
goto_url('./auth_list.php?'.$qstr);
goto_url('./auth_list.php?' . $qstr);

119
adm/board_copy.php
View File

@ -1,11 +1,16 @@
<?php
$sub_menu = "300100";
include_once("./_common.php");
require_once "./_common.php";
auth_check_menu($auth, $sub_menu, 'w');
$g5['title'] = '게시판 복사';
include_once(G5_PATH.'/head.sub.php');
require_once G5_PATH . '/head.sub.php';
$bo_table = $_REQUEST['bo_table'];
if (empty($bo_table)) {
alert_close("정상적인 방법으로 이용해주세요.");
}
?>
<script src="<?php echo G5_ADMIN_URL ?>/admin.js?ver=<?php echo G5_JS_VER; ?>"></script>
@ -14,72 +19,72 @@ include_once(G5_PATH.'/head.sub.php');
<h1><?php echo $g5['title']; ?></h1>
<form name="fboardcopy" id="fboardcopy" action="./board_copy_update.php" onsubmit="return fboardcopy_check(this);" method="post">
<input type="hidden" name="bo_table" value="<?php echo $bo_table ?>" id="bo_table">
<input type="hidden" name="token" value="">
<div class=" new_win_con">
<div class="tbl_frm01 tbl_wrap">
<table>
<caption><?php echo $g5['title']; ?></caption>
<tbody>
<tr>
<th scope="col">원본 테이블명</th>
<td><?php echo $bo_table ?></td>
</tr>
<tr>
<th scope="col"><label for="target_table">복사 테이블명<strong class="sound_only">필수</strong></label></th>
<td><input type="text" name="target_table" id="target_table" required class="required alnum_ frm_input" maxlength="20">영문자, 숫자, _ 만 가능 (공백없이)</td>
</tr>
<tr>
<th scope="col"><label for="target_subject">게시판 제목<strong class="sound_only">필수</strong></label></th>
<td><input type="text" name="target_subject" value="[복사본] <?php echo get_sanitize_input($board['bo_subject']); ?>" id="target_subject" required class="required frm_input" maxlength="120"></td>
</tr>
<tr>
<th scope="col">복사 유형</th>
<td>
<input type="radio" name="copy_case" value="schema_only" id="copy_case" checked>
<label for="copy_case">구조만</label>
<input type="radio" name="copy_case" value="schema_data_both" id="copy_case2">
<label for="copy_case2">구조와 데이터</label>
</td>
</tr>
</tbody>
</table>
<input type="hidden" name="bo_table" value="<?php echo $bo_table ?>" id="bo_table">
<input type="hidden" name="token" value="">
<div class=" new_win_con">
<div class="tbl_frm01 tbl_wrap">
<table>
<caption><?php echo $g5['title']; ?></caption>
<tbody>
<tr>
<th scope="col">원본 테이블명</th>
<td><?php echo $bo_table ?></td>
</tr>
<tr>
<th scope="col"><label for="target_table">복사 테이블명<strong class="sound_only">필수</strong></label></th>
<td><input type="text" name="target_table" id="target_table" required class="required alnum_ frm_input" maxlength="20">영문자, 숫자, _ 만 가능 (공백없이)</td>
</tr>
<tr>
<th scope="col"><label for="target_subject">게시판 제목<strong class="sound_only">필수</strong></label></th>
<td><input type="text" name="target_subject" value="[복사본] <?php echo get_sanitize_input($board['bo_subject']); ?>" id="target_subject" required class="required frm_input" maxlength="120"></td>
</tr>
<tr>
<th scope="col">복사 유형</th>
<td>
<input type="radio" name="copy_case" value="schema_only" id="copy_case" checked>
<label for="copy_case">구조만</label>
<input type="radio" name="copy_case" value="schema_data_both" id="copy_case2">
<label for="copy_case2">구조와 데이터</label>
</td>
</tr>
</tbody>
</table>
</div>
</div>
<div class="win_btn ">
<input type="submit" class="btn_submit btn" value="복사">
<input type="button" class="btn_close btn" value="창닫기" onclick="window.close();">
</div>
</div>
<div class="win_btn ">
<input type="submit" class="btn_submit btn" value="복사">
<input type="button" class="btn_close btn" value="창닫기" onclick="window.close();">
</div>
</form>
</div>
<script>
function fboardcopy_check(f)
{
<?php
if(!$w){
$js_array = get_bo_table_banned_word();
echo "var banned_array = ". json_encode($js_array) . ";\n";
}
?>
function fboardcopy_check(f) {
<?php
// 게시판명이 금지된 단어로 되어 있으면
if( (typeof banned_array != 'undefined') && jQuery.inArray(f.target_table.value, banned_array) !== -1 ){
alert("입력한 게시판 TABLE명을 사용할수 없습니다. 다른 이름으로 입력해 주세요.");
return false;
}
if (!$w) {
$js_array = get_bo_table_banned_word();
echo "var banned_array = " . json_encode($js_array) . ";\n";
}
?>
if (f.bo_table.value == f.target_table.value) {
alert("원본 테이블명과 복사할 테이블명이 달라야 합니다.");
return false;
}
// 게시판명이 금지된 단어로 되어 있으면
if ((typeof banned_array != 'undefined') && jQuery.inArray(f.target_table.value, banned_array) !== -1) {
alert("입력한 게시판 TABLE명을 사용할수 없습니다. 다른 이름으로 입력해 주세요.");
return false;
}
return true;
}
if (f.bo_table.value == f.target_table.value) {
alert("원본 테이블명과 복사할 테이블명이 달라야 합니다.");
return false;
}
return true;
}
</script>
<?php
include_once(G5_PATH.'/tail.sub.php');
require_once G5_PATH . '/tail.sub.php';

123
adm/board_copy_update.php
View File

@ -1,6 +1,6 @@
<?php
$sub_menu = '300100';
include_once('./_common.php');
require_once './_common.php';
check_demo();
@ -8,31 +8,37 @@ auth_check_menu($auth, $sub_menu, 'w');
check_admin_token();
$bo_table = isset($_POST['bo_table']) ? $_POST['bo_table'] : null;
$target_table = isset($_POST['target_table']) ? trim($_POST['target_table']) : '';
$target_subject = isset($_POST['target_subject']) ? trim($_POST['target_subject']) : '';
$target_subject = strip_tags(clean_xss_attributes($target_subject));
$file_copy = array();
if (empty($bo_table)) {
alert("원본 테이블 정보가 없습니다.");
}
if (!preg_match('/[A-Za-z0-9_]{1,20}/', $target_table)) {
alert('게시판 TABLE명은 공백없이 영문자, 숫자, _ 만 사용 가능합니다. (20자 이내)');
}
// 게시판명이 금지된 단어로 되어 있으면
if ( $w == '' && in_array($target_table, get_bo_table_banned_word()) ){
if ($w == '' && in_array($target_table, get_bo_table_banned_word())) {
alert('입력한 게시판 TABLE명을 사용할수 없습니다. 다른 이름으로 입력해 주세요.');
}
$row = sql_fetch(" select count(*) as cnt from {$g5['board_table']} where bo_table = '$target_table' ");
if ($row['cnt'])
alert($target_table.'은(는) 이미 존재하는 게시판 테이블명 입니다.\\n복사할 테이블명으로 사용할 수 없습니다.');
if ($row['cnt']) {
alert($target_table . '은(는) 이미 존재하는 게시판 테이블명 입니다.\\n복사할 테이블명으로 사용할 수 없습니다.');
}
// 게시판 테이블 생성
$sql = get_table_define($g5['write_prefix'] . $bo_table);
$sql = str_replace($g5['write_prefix'] . $bo_table, $g5['write_prefix'] . $target_table, $sql);
sql_query($sql, false);
$file_copy = array();
// 구조만 복사시에는 공지사항 번호는 복사하지 않는다.
if ($copy_case == 'schema_only') {
$board['bo_notice'] = '';
@ -87,11 +93,11 @@ $sql = " insert into {$g5['board_table']}
bo_mobile_skin = '{$board['bo_mobile_skin']}',
bo_include_head = '{$board['bo_include_head']}',
bo_include_tail = '{$board['bo_include_tail']}',
bo_content_head = '".addslashes($board['bo_content_head'])."',
bo_content_tail = '".addslashes($board['bo_content_tail'])."',
bo_mobile_content_head = '".addslashes($board['bo_mobile_content_head'])."',
bo_mobile_content_tail = '".addslashes($board['bo_mobile_content_tail'])."',
bo_insert_content = '".addslashes($board['bo_insert_content'])."',
bo_content_head = '" . addslashes($board['bo_content_head']) . "',
bo_content_tail = '" . addslashes($board['bo_content_tail']) . "',
bo_mobile_content_head = '" . addslashes($board['bo_mobile_content_head']) . "',
bo_mobile_content_tail = '" . addslashes($board['bo_mobile_content_tail']) . "',
bo_insert_content = '" . addslashes($board['bo_insert_content']) . "',
bo_gallery_cols = '{$board['bo_gallery_cols']}',
bo_gallery_width = '{$board['bo_gallery_width']}',
bo_gallery_height = '{$board['bo_gallery_height']}',
@ -108,34 +114,34 @@ $sql = " insert into {$g5['board_table']}
bo_use_sns = '{$board['bo_use_sns']}',
bo_use_captcha = '{$board['bo_use_captcha']}',
bo_sort_field = '{$board['bo_sort_field']}',
bo_1_subj = '".addslashes($board['bo_1_subj'])."',
bo_2_subj = '".addslashes($board['bo_2_subj'])."',
bo_3_subj = '".addslashes($board['bo_3_subj'])."',
bo_4_subj = '".addslashes($board['bo_4_subj'])."',
bo_5_subj = '".addslashes($board['bo_5_subj'])."',
bo_6_subj = '".addslashes($board['bo_6_subj'])."',
bo_7_subj = '".addslashes($board['bo_7_subj'])."',
bo_8_subj = '".addslashes($board['bo_8_subj'])."',
bo_9_subj = '".addslashes($board['bo_9_subj'])."',
bo_10_subj = '".addslashes($board['bo_10_subj'])."',
bo_1 = '".addslashes($board['bo_1'])."',
bo_2 = '".addslashes($board['bo_2'])."',
bo_3 = '".addslashes($board['bo_3'])."',
bo_4 = '".addslashes($board['bo_4'])."',
bo_5 = '".addslashes($board['bo_5'])."',
bo_6 = '".addslashes($board['bo_6'])."',
bo_7 = '".addslashes($board['bo_7'])."',
bo_8 = '".addslashes($board['bo_8'])."',
bo_9 = '".addslashes($board['bo_9'])."',
bo_10 = '".addslashes($board['bo_10'])."' ";
bo_1_subj = '" . addslashes($board['bo_1_subj']) . "',
bo_2_subj = '" . addslashes($board['bo_2_subj']) . "',
bo_3_subj = '" . addslashes($board['bo_3_subj']) . "',
bo_4_subj = '" . addslashes($board['bo_4_subj']) . "',
bo_5_subj = '" . addslashes($board['bo_5_subj']) . "',
bo_6_subj = '" . addslashes($board['bo_6_subj']) . "',
bo_7_subj = '" . addslashes($board['bo_7_subj']) . "',
bo_8_subj = '" . addslashes($board['bo_8_subj']) . "',
bo_9_subj = '" . addslashes($board['bo_9_subj']) . "',
bo_10_subj = '" . addslashes($board['bo_10_subj']) . "',
bo_1 = '" . addslashes($board['bo_1']) . "',
bo_2 = '" . addslashes($board['bo_2']) . "',
bo_3 = '" . addslashes($board['bo_3']) . "',
bo_4 = '" . addslashes($board['bo_4']) . "',
bo_5 = '" . addslashes($board['bo_5']) . "',
bo_6 = '" . addslashes($board['bo_6']) . "',
bo_7 = '" . addslashes($board['bo_7']) . "',
bo_8 = '" . addslashes($board['bo_8']) . "',
bo_9 = '" . addslashes($board['bo_9']) . "',
bo_10 = '" . addslashes($board['bo_10']) . "' ";
sql_query($sql, false);
// 게시판 폴더 생성
@mkdir(G5_DATA_PATH.'/file/'.$target_table, G5_DIR_PERMISSION);
@chmod(G5_DATA_PATH.'/file/'.$target_table, G5_DIR_PERMISSION);
@mkdir(G5_DATA_PATH . '/file/' . $target_table, G5_DIR_PERMISSION);
@chmod(G5_DATA_PATH . '/file/' . $target_table, G5_DIR_PERMISSION);
// 디렉토리에 있는 파일의 목록을 보이지 않게 한다.
$board_path = G5_DATA_PATH.'/file/'.$target_table;
$board_path = G5_DATA_PATH . '/file/' . $target_table;
$file = $board_path . '/index.php';
$f = @fopen($file, 'w');
@fwrite($f, '');
@ -144,31 +150,34 @@ $f = @fopen($file, 'w');
$copy_file = 0;
if ($copy_case == 'schema_data_both') {
$d = dir(G5_DATA_PATH.'/file/'.$bo_table);
$d = dir(G5_DATA_PATH . '/file/' . $bo_table);
while ($entry = $d->read()) {
if ($entry == '.' || $entry == '..') continue;
if ($entry == '.' || $entry == '..') {
continue;
}
// 김선용 201007 :
if(is_dir(G5_DATA_PATH.'/file/'.$bo_table.'/'.$entry)){
$dd = dir(G5_DATA_PATH.'/file/'.$bo_table.'/'.$entry);
@mkdir(G5_DATA_PATH.'/file/'.$target_table.'/'.$entry, G5_DIR_PERMISSION);
@chmod(G5_DATA_PATH.'/file/'.$target_table.'/'.$entry, G5_DIR_PERMISSION);
if (is_dir(G5_DATA_PATH . '/file/' . $bo_table . '/' . $entry)) {
$dd = dir(G5_DATA_PATH . '/file/' . $bo_table . '/' . $entry);
@mkdir(G5_DATA_PATH . '/file/' . $target_table . '/' . $entry, G5_DIR_PERMISSION);
@chmod(G5_DATA_PATH . '/file/' . $target_table . '/' . $entry, G5_DIR_PERMISSION);
while ($entry2 = $dd->read()) {
if ($entry2 == '.' || $entry2 == '..') continue;
@copy(G5_DATA_PATH.'/file/'.$bo_table.'/'.$entry.'/'.$entry2, G5_DATA_PATH.'/file/'.$target_table.'/'.$entry.'/'.$entry2);
@chmod(G5_DATA_PATH.'/file/'.$target_table.'/'.$entry.'/'.$entry2, G5_DIR_PERMISSION);
if ($entry2 == '.' || $entry2 == '..') {
continue;
}
@copy(G5_DATA_PATH . '/file/' . $bo_table . '/' . $entry . '/' . $entry2, G5_DATA_PATH . '/file/' . $target_table . '/' . $entry . '/' . $entry2);
@chmod(G5_DATA_PATH . '/file/' . $target_table . '/' . $entry . '/' . $entry2, G5_DIR_PERMISSION);
$copy_file++;
}
$dd->close();
}
else {
@copy(G5_DATA_PATH.'/file/'.$bo_table.'/'.$entry, G5_DATA_PATH.'/file/'.$target_table.'/'.$entry);
@chmod(G5_DATA_PATH.'/file/'.$target_table.'/'.$entry, G5_DIR_PERMISSION);
} else {
@copy(G5_DATA_PATH . '/file/' . $bo_table . '/' . $entry, G5_DATA_PATH . '/file/' . $target_table . '/' . $entry);
@chmod(G5_DATA_PATH . '/file/' . $target_table . '/' . $entry, G5_DIR_PERMISSION);
$copy_file++;
}
}
$d->close();
run_event('admin_board_copy_file', $bo_table, $target_table);
// 글복사
@ -185,26 +194,26 @@ if ($copy_case == 'schema_data_both') {
// 위의 코드는 같은 테이블명을 사용하였다는 오류가 발생함. (희한하네 ㅡㅡ;)
$sql = " select * from {$g5['board_file_table']} where bo_table = '$bo_table' ";
$result = sql_query($sql, false);
for ($i=0; $row=sql_fetch_array($result); $i++)
for ($i = 0; $row = sql_fetch_array($result); $i++) {
$file_copy[$i] = $row;
}
}
if (count($file_copy)) {
for ($i=0; $i<count($file_copy); $i++) {
for ($i = 0; $i < count($file_copy); $i++) {
$file_copy[$i] = run_replace('admin_copy_update_file', $file_copy[$i], $file_copy[$i]['bf_file'], $bo_table, $target_table);
$sql = " insert into {$g5['board_file_table']}
set bo_table = '$target_table',
wr_id = '{$file_copy[$i]['wr_id']}',
bf_no = '{$file_copy[$i]['bf_no']}',
bf_source = '".addslashes($file_copy[$i]['bf_source'])."',
bf_source = '" . addslashes($file_copy[$i]['bf_source']) . "',
bf_file = '{$file_copy[$i]['bf_file']}',
bf_download = '{$file_copy[$i]['bf_download']}',
bf_content = '".addslashes($file_copy[$i]['bf_content'])."',
bf_fileurl = '".addslashes($file_copy[$i]['bf_fileurl'])."',
bf_thumburl = '".addslashes($file_copy[$i]['bf_thumburl'])."',
bf_storage = '".addslashes($file_copy[$i]['bf_storage'])."',
bf_content = '" . addslashes($file_copy[$i]['bf_content']) . "',
bf_fileurl = '" . addslashes($file_copy[$i]['bf_fileurl']) . "',
bf_thumburl = '" . addslashes($file_copy[$i]['bf_thumburl']) . "',
bf_storage = '" . addslashes($file_copy[$i]['bf_storage']) . "',
bf_filesize = '{$file_copy[$i]['bf_filesize']}',
bf_width = '{$file_copy[$i]['bf_width']}',
bf_height = '{$file_copy[$i]['bf_height']}',
@ -220,4 +229,4 @@ delete_cache_latest($target_table);
echo "<script>opener.document.location.reload();</script>";
alert("복사에 성공 했습니다.", './board_copy.php?bo_table='.$bo_table.'&amp;'.$qstr);
alert("복사에 성공 했습니다.", './board_copy.php?bo_table=' . $bo_table . '&amp;' . $qstr);

17
adm/board_delete.inc.php
View File

@ -1,11 +1,18 @@
<?php
// board_delete.php , boardgroup_delete.php 에서 include 하는 파일
if (!defined('_GNUBOARD_')) exit;
if (!defined('_BOARD_DELETE_')) exit; // 개별 페이지 접근 불가
// 개별 페이지 접근 불가
if (!defined('_GNUBOARD_')) {
exit;
}
if (!defined('_BOARD_DELETE_')) {
exit;
}
// $tmp_bo_table 에는 $bo_table 값을 넘겨주어야 함
if (!$tmp_bo_table) { return; }
if (!$tmp_bo_table) {
return;
}
// 게시판 1개는 삭제 불가 (게시판 복사를 위해서)
//$row = sql_fetch(" select count(*) as cnt from $g5['board_table'] ");
@ -24,7 +31,7 @@ sql_query(" delete from {$g5['scrap_table']} where bo_table = '{$tmp_bo_table}'
sql_query(" delete from {$g5['board_file_table']} where bo_table = '{$tmp_bo_table}' ");
// 게시판 테이블 DROP
sql_query(" drop table {$g5['write_prefix']}{$tmp_bo_table} ", FALSE);
sql_query(" drop table {$g5['write_prefix']}{$tmp_bo_table} ", false);
// 좋아요 테이블에서 기록 삭제
sql_query(" delete from {$g5['board_good_table']} where bo_table = '{$tmp_bo_table}' ");
@ -32,4 +39,4 @@ sql_query(" delete from {$g5['board_good_table']} where bo_table = '{$tmp_bo_tab
delete_cache_latest($tmp_bo_table);
// 게시판 폴더 전체 삭제
rm_rf(G5_DATA_PATH.'/file/'.$tmp_bo_table);
rm_rf(G5_DATA_PATH . '/file/' . $tmp_bo_table);

70
adm/board_form.php
View File

@ -1,14 +1,15 @@
<?php
$sub_menu = "300100";
include_once('./_common.php');
include_once(G5_EDITOR_LIB);
require_once './_common.php';
require_once G5_EDITOR_LIB;
auth_check_menu($auth, $sub_menu, 'w');
$sql = " select count(*) as cnt from {$g5['group_table']} ";
$row = sql_fetch($sql);
if (!$row['cnt'])
if (!$row['cnt']) {
alert('게시판그룹이 한개 이상 생성되어야 합니다.', './boardgroup_form.php');
}
$html_title = '게시판';
@ -50,15 +51,17 @@ if (!isset($board['bo_use_sns'])) {
$result = sql_query(" select bo_table from `{$g5['board_table']}` ");
for ($i=0; $row=sql_fetch_array($result); $i++) {
sql_query(" ALTER TABLE `{$g5['write_prefix']}{$row['bo_table']}`
sql_query(
" ALTER TABLE `{$g5['write_prefix']}{$row['bo_table']}`
ADD `wr_facebook_user` VARCHAR(255) NOT NULL DEFAULT '' AFTER `wr_ip`,
ADD `wr_twitter_user` VARCHAR(255) NOT NULL DEFAULT '' AFTER `wr_facebook_user` ", false);
ADD `wr_twitter_user` VARCHAR(255) NOT NULL DEFAULT '' AFTER `wr_facebook_user` ", false
);
}
}
$sql = " SHOW COLUMNS FROM `{$g5['board_table']}` LIKE 'bo_use_cert' ";
$row = sql_fetch($sql);
if(strpos($row['Type'], 'hp-') === false) {
if (strpos($row['Type'], 'hp-') === false) {
sql_query(" ALTER TABLE `{$g5['board_table']}` CHANGE `bo_use_cert` `bo_use_cert` ENUM('','cert','adult','hp-cert','hp-adult') NOT NULL DEFAULT '' ", false);
}
@ -67,8 +70,10 @@ if (!isset($board['bo_use_list_file'])) {
$result = sql_query(" select bo_table from `{$g5['board_table']}` ");
for ($i=0; $row=sql_fetch_array($result); $i++) {
sql_query(" ALTER TABLE `{$g5['write_prefix']}{$row['bo_table']}`
ADD `wr_file` TINYINT NOT NULL DEFAULT '0' AFTER `wr_datetime` ", false);
sql_query(
" ALTER TABLE `{$g5['write_prefix']}{$row['bo_table']}`
ADD `wr_file` TINYINT NOT NULL DEFAULT '0' AFTER `wr_datetime` ", false
);
}
}
@ -128,7 +133,7 @@ $board_default = array(
'bo_sort_field'=>'',
);
for($i=0;$i<=10;$i++){
for ($i = 0; $i <= 10; $i++) {
$board_default['bo_'.$i.'_subj'] = '';
$board_default['bo_'.$i] = '';
}
@ -142,7 +147,6 @@ $readonly = "";
$sound_only = "";
$required_valid = "";
if ($w == '') {
$html_title .= ' 생성';
$required = 'required';
@ -179,21 +183,20 @@ if ($w == '') {
$board['bo_use_secret'] = 0;
$board['bo_include_head'] = '_head.php';
$board['bo_include_tail'] = '_tail.php';
} else if ($w == 'u') {
} elseif ($w == 'u') {
$html_title .= ' 수정';
if (!$board['bo_table'])
if (!$board['bo_table']) {
alert('존재하지 않은 게시판 입니다.');
}
if ($is_admin == 'group') {
if ($member['mb_id'] != $group['gr_admin'])
if ($member['mb_id'] != $group['gr_admin']) {
alert('그룹이 틀립니다.');
}
}
$readonly = 'readonly';
}
if ($is_admin != 'super') {
@ -202,7 +205,7 @@ if ($is_admin != 'super') {
}
$g5['title'] = $html_title;
include_once ('./admin.head.php');
require_once './admin.head.php';
$pg_anchor = '<ul class="anchor">
<li><a href="#anc_bo_basic">기본 설정</a></li>
@ -253,7 +256,9 @@ $pg_anchor = '<ul class="anchor">
<th scope="row"><label for="gr_id">그룹<strong class="sound_only">필수</strong></label></th>
<td colspan="2">
<?php echo get_group_select('gr_id', $board['gr_id'], 'required'); ?>
<?php if ($w=='u') { ?><a href="javascript:document.location.href='./board_list.php?sfl=a.gr_id&stx='+document.fboardform.gr_id.value;" class="btn_frmline">동일그룹 게시판목록</a><?php } ?>
<?php if ($w=='u') { ?>
<a href="javascript:document.location.href='./board_list.php?sfl=a.gr_id&stx='+document.fboardform.gr_id.value;" class="btn_frmline">동일그룹 게시판목록</a>
<?php } ?>
</td>
</tr>
<tr>
@ -548,7 +553,9 @@ $pg_anchor = '<ul class="anchor">
<?php
$arr = get_skin_dir('', G5_EDITOR_PATH);
for ($i=0; $i<count($arr); $i++) {
if ($i == 0) echo "<option value=\"\">기본환경설정의 에디터 사용</option>";
if ($i == 0) {
echo "<option value=\"\">기본환경설정의 에디터 사용</option>";
}
echo "<option value=\"".$arr[$i]."\"".get_selected($board['bo_select_editor'], $arr[$i]).">".$arr[$i]."</option>\n";
}
?>
@ -701,9 +708,9 @@ $pg_anchor = '<ul class="anchor">
<?php echo help("본인확인 여부에 따라 게시물을 조회 할 수 있도록 합니다."); ?>
<select id="bo_use_cert" name="bo_use_cert">
<?php
echo option_selected("", $board['bo_use_cert'], "사용안함");
echo option_selected("", $board['bo_use_cert'], "사용안함");
if ($config['cf_cert_use']) {
echo option_selected("cert", $board['bo_use_cert'], "본인확인된 회원전체");
echo option_selected("cert", $board['bo_use_cert'], "본인확인된 회원전체");
echo option_selected("adult", $board['bo_use_cert'], "본인확인된 성인회원만");
}
?>
@ -903,7 +910,7 @@ $pg_anchor = '<ul class="anchor">
<label for="chk_all_mobile_skin">전체적용</label>
</td>
</tr>
<?php if ($is_admin === 'super'){ // 슈퍼관리자인 경우에만 수정 가능 ?>
<?php if ($is_admin === 'super') { // 슈퍼관리자인 경우에만 수정 가능 ?>
<tr>
<th scope="row"><label for="bo_include_head">상단 파일 경로</label></th>
<td>
@ -934,7 +941,7 @@ $pg_anchor = '<ul class="anchor">
<?php
echo help("파일 경로를 입력 또는 수정시 캡챠를 반드시 입력해야 합니다.");
include_once(G5_CAPTCHA_PATH.'/captcha.lib.php');
include_once G5_CAPTCHA_PATH.'/captcha.lib.php';
$captcha_html = captcha_html();
$captcha_js = chk_captcha_js();
echo $captcha_html;
@ -1192,17 +1199,16 @@ $pg_anchor = '<ul class="anchor">
<td>
<?php echo help('리스트에서 기본으로 정렬에 사용할 필드를 선택합니다. "기본"으로 사용하지 않으시는 경우 속도가 느려질 수 있습니다.') ?>
<select id="bo_sort_field" name="bo_sort_field">
<?php foreach( get_board_sort_fields($board) as $v ){
<?php foreach (get_board_sort_fields($board) as $v) {
$option_value = $order_by_str = $v[0];
if( $v[0] === 'wr_num, wr_reply' ){
if ($v[0] === 'wr_num, wr_reply') {
$selected = (! $board['bo_sort_field']) ? 'selected="selected"' : '';
$option_value = '';
} else {
$selected = ($board['bo_sort_field'] === $v[0]) ? 'selected="selected"' : '';
}
if( $order_by_str !== 'wr_num, wr_reply' ){
if ($order_by_str !== 'wr_num, wr_reply') {
$tmp = explode(',', $v[0]);
$order_by_str = $tmp[0];
}
@ -1335,7 +1341,7 @@ $pg_anchor = '<ul class="anchor">
<div class="btn_fixed_top">
<?php if( $bo_table && $w ){ ?>
<?php if ($bo_table && $w) { ?>
<a href="./board_copy.php?bo_table=<?php echo $board['bo_table']; ?>" id="board_copy" target="win_board_copy" class=" btn_02 btn">게시판복사</a>
<a href="<?php echo get_pretty_url($board['bo_table']); ?>" class=" btn_02 btn">게시판 바로가기</a>
<a href="./board_thumbnail_delete.php?bo_table=<?php echo $board['bo_table'].'&amp;'.$qstr;?>" onclick="return delete_confirm2('게시판 썸네일 파일을 삭제하시겠습니까?');" class="btn_02 btn">게시판 썸네일 삭제</a>
@ -1451,9 +1457,9 @@ jQuery(function($){
function fboardform_submit(f)
{
<?php
if(!$w){
$js_array = get_bo_table_banned_word();
echo "var banned_array = ". json_encode($js_array) . ";\n";
if (!$w) {
$js_array = get_bo_table_banned_word();
echo "var banned_array = ". json_encode($js_array) . ";\n";
}
?>
@ -1489,4 +1495,4 @@ function fboardform_submit(f)
</script>
<?php
include_once ('./admin.tail.php');
require_once './admin.tail.php';

116
adm/board_form_update.php
View File

@ -2,25 +2,34 @@
$sub_menu = "300100";
include_once('./_common.php');
if ($w == 'u')
if ($w == 'u') {
check_demo();
}
auth_check_menu($auth, $sub_menu, 'w');
check_admin_token();
$gr_id = isset($_POST['gr_id']) ? preg_replace('/[^a-z0-9_]/i', '', $_POST['gr_id']) : '';
$bo_admin = isset($_POST['bo_admin']) ? preg_replace('/[^a-z0-9_\, \|\#]/i', '', $_POST['bo_admin']) : '';
$bo_subject = isset($_POST['bo_subject']) ? strip_tags(clean_xss_attributes($_POST['bo_subject'])) : '';
$bo_mobile_subject = isset($_POST['bo_mobile_subject']) ? strip_tags(clean_xss_attributes($_POST['bo_mobile_subject'])) : '';
$gr_id = isset($_POST['gr_id']) ? preg_replace('/[^a-z0-9_]/i', '', (string)$_POST['gr_id']) : '';
$bo_admin = isset($_POST['bo_admin']) ? preg_replace('/[^a-z0-9_\, \|\#]/i', '', $_POST['bo_admin']) : '';
$bo_subject = isset($_POST['bo_subject']) ? strip_tags(clean_xss_attributes($_POST['bo_subject'])) : '';
$bo_mobile_subject = isset($_POST['bo_mobile_subject']) ? strip_tags(clean_xss_attributes($_POST['bo_mobile_subject'])) : '';
if (!$gr_id) { alert('그룹 ID는 반드시 선택하세요.'); }
if (!$bo_table) { alert('게시판 TABLE명은 반드시 입력하세요.'); }
if (!preg_match("/^([A-Za-z0-9_]{1,20})$/", $bo_table)) { alert('게시판 TABLE명은 공백없이 영문자, 숫자, _ 만 사용 가능합니다. (20자 이내)'); }
if (!$bo_subject) { alert('게시판 제목을 입력하세요.'); }
if (!$gr_id) {
alert('그룹 ID는 반드시 선택하세요.');
}
if (!$bo_table) {
alert('게시판 TABLE명은 반드시 입력하세요.');
}
if (!preg_match("/^([A-Za-z0-9_]{1,20})$/", $bo_table)) {
alert('게시판 TABLE명은 공백없이 영문자, 숫자, _ 만 사용 가능합니다. (20자 이내)');
}
if (!$bo_subject) {
alert('게시판 제목을 입력하세요.');
}
// 게시판명이 금지된 단어로 되어 있으면
if ( $w == '' && in_array($bo_table, get_bo_table_banned_word()) ){
if ($w == '' && in_array($bo_table, get_bo_table_banned_word())) {
alert('입력한 게시판 TABLE명을 사용할수 없습니다. 다른 이름으로 입력해 주세요.');
}
@ -28,8 +37,8 @@ $bo_include_head = isset($_POST['bo_include_head']) ? preg_replace(array("#[\\\]
$bo_include_tail = isset($_POST['bo_include_tail']) ? preg_replace(array("#[\\\]+$#", "#(<\?php|<\?)#i"), "", substr($_POST['bo_include_tail'], 0, 255)) : '';
// 관리자가 자동등록방지를 사용해야 할 경우
if ($board && ($board['bo_include_head'] !== $bo_include_head || $board['bo_include_tail'] !== $bo_include_tail) && function_exists('get_admin_captcha_by') && get_admin_captcha_by()){
include_once(G5_CAPTCHA_PATH.'/captcha.lib.php');
if ($board && (isset($board['bo_include_head']) && $board['bo_include_head'] !== $bo_include_head || $board['bo_include_tail'] !== $bo_include_tail) && function_exists('get_admin_captcha_by') && get_admin_captcha_by()) {
include_once(G5_CAPTCHA_PATH . '/captcha.lib.php');
if (!chk_captcha()) {
alert('자동등록방지 숫자가 틀렸습니다.');
@ -39,7 +48,7 @@ if ($board && ($board['bo_include_head'] !== $bo_include_head || $board['bo_incl
if ($file = $bo_include_head) {
$file_ext = pathinfo($file, PATHINFO_EXTENSION);
if( ! $file_ext || ! in_array($file_ext, array('php', 'htm', 'html')) || ! preg_match('/^.*\.(php|htm|html)$/i', $file) ) {
if (!$file_ext || !in_array($file_ext, array('php', 'htm', 'html')) || !preg_match('/^.*\.(php|htm|html)$/i', $file)) {
alert('상단 파일 경로의 확장자는 php, htm, html 만 허용합니다.');
}
}
@ -47,25 +56,25 @@ if ($file = $bo_include_head) {
if ($file = $bo_include_tail) {
$file_ext = pathinfo($file, PATHINFO_EXTENSION);
if( ! $file_ext || ! in_array($file_ext, array('php', 'htm', 'html')) || ! preg_match('/^.*\.(php|htm|html)$/i', $file) ) {
if (!$file_ext || !in_array($file_ext, array('php', 'htm', 'html')) || !preg_match('/^.*\.(php|htm|html)$/i', $file)) {
alert('하단 파일 경로의 확장자는 php, htm, html 만 허용합니다.');
}
}
if(!is_include_path_check($bo_include_head, 1)) {
if (!is_include_path_check($bo_include_head, 1)) {
alert('상단 파일 경로에 포함시킬수 없는 문자열이 있습니다.');
}
if(!is_include_path_check($bo_include_tail, 1)) {
if (!is_include_path_check($bo_include_tail, 1)) {
alert('하단 파일 경로에 포함시킬수 없는 문자열이 있습니다.');
}
if( function_exists('filter_input_include_path') ){
if (function_exists('filter_input_include_path')) {
$bo_include_head = filter_input_include_path($bo_include_head);
$bo_include_tail = filter_input_include_path($bo_include_tail);
}
$board_path = G5_DATA_PATH.'/file/'.$bo_table;
$board_path = G5_DATA_PATH . '/file/' . $bo_table;
// 게시판 디렉토리 생성
@mkdir($board_path, G5_DIR_PERMISSION);
@ -73,7 +82,7 @@ $board_path = G5_DATA_PATH.'/file/'.$bo_table;
// 디렉토리에 있는 파일의 목록을 보이지 않게 한다.
$file = $board_path . '/index.php';
if( $f = @fopen($file, 'w') ){
if ($f = @fopen($file, 'w')) {
@fwrite($f, '');
@fclose($f);
@chmod($file, G5_FILE_PERMISSION);
@ -84,7 +93,7 @@ $src_char = array('&', '=');
$dst_char = array('', '〓');
$bo_category_list = isset($_POST['bo_category_list']) ? str_replace($src_char, $dst_char, $_POST['bo_category_list']) : '';
//https://github.com/gnuboard/gnuboard5/commit/f5f4925d4eb28ba1af728e1065fc2bdd9ce1da58 에 따른 조치
$str_bo_category_list = preg_replace("/[\<\>\'\"\\\'\\\"\%\=\(\)\/\^\*]/", "", $bo_category_list);
$str_bo_category_list = preg_replace("/[\<\>\'\"\\\'\\\"\%\=\(\)\/\^\*]/", "", (string)$bo_category_list);
$bo_use_category = isset($_POST['bo_use_category']) ? (int) $_POST['bo_use_category'] : 0;
$bo_use_sideview = isset($_POST['bo_use_sideview']) ? (int) $_POST['bo_use_sideview'] : 0;
@ -154,9 +163,9 @@ $bo_sort_field = isset($_POST['bo_sort_field']) ? clean_xss_tags($_POST['bo_sort
$etcs = array();
for($i=1;$i<=10;$i++){
$etcs['bo_'.$i.'_subj'] = ${'bo_'.$i.'_subj'} = isset($_POST['bo_'.$i.'_subj']) ? $_POST['bo_'.$i.'_subj'] : '';
$etcs['bo_'.$i] = ${'bo_'.$i} = isset($_POST['bo_'.$i]) ? $_POST['bo_'.$i] : '';
for ($i = 1; $i <= 10; $i++) {
$etcs['bo_' . $i . '_subj'] = ${'bo_' . $i . '_subj'} = isset($_POST['bo_' . $i . '_subj']) ? $_POST['bo_' . $i . '_subj'] : '';
$etcs['bo_' . $i] = ${'bo_' . $i} = isset($_POST['bo_' . $i]) ? $_POST['bo_' . $i] : '';
}
$sql_common = " gr_id = '{$gr_id}',
@ -212,9 +221,9 @@ $sql_common = " gr_id = '{$gr_id}',
";
// 최고 관리자인 경우에만 수정가능
if ($is_admin === 'super'){
$sql_common .= " bo_include_head = '".$bo_include_head."',
bo_include_tail = '".$bo_include_tail."',
if ($is_admin === 'super') {
$sql_common .= " bo_include_head = '" . $bo_include_head . "',
bo_include_tail = '" . $bo_include_tail . "',
bo_content_head = '{$bo_content_head}',
bo_content_tail = '{$bo_content_tail}',
bo_mobile_content_head = '{$bo_mobile_content_head}',
@ -260,10 +269,10 @@ $sql_common .= " bo_insert_content = '{$bo_insert_content}',
bo_10 = '{$bo_10}' ";
if ($w == '') {
$row = sql_fetch(" select count(*) as cnt from {$g5['board_table']} where bo_table = '{$bo_table}' ");
if ($row['cnt'])
alert($bo_table.' 은(는) 이미 존재하는 TABLE 입니다.');
if ($row['cnt']) {
alert($bo_table . ' 은(는) 이미 존재하는 TABLE 입니다.');
}
$sql = " insert into {$g5['board_table']}
set bo_table = '{$bo_table}',
@ -284,10 +293,8 @@ if ($w == '') {
$source = array('/__TABLE_NAME__/', '/;/');
$target = array($create_table, '');
$sql = preg_replace($source, $target, $sql);
sql_query($sql, FALSE);
} else if ($w == 'u') {
sql_query($sql, false);
} elseif ($w == 'u') {
// 게시판의 글 수
$sql = " select count(*) as cnt from {$g5['write_prefix']}{$bo_table} where wr_is_comment = 0 ";
$row = sql_fetch($sql);
@ -308,7 +315,7 @@ if ($w == '') {
//$sql = " select wr_id from {$g5['write_prefix']}{$bo_table} where wr_is_comment = 0 ";
$sql = " select a.wr_id, (count(b.wr_parent) - 1) as cnt from {$g5['write_prefix']}{$bo_table} a, {$g5['write_prefix']}{$bo_table} b where a.wr_id=b.wr_parent and a.wr_is_comment=0 group by a.wr_id ";
$result = sql_query($sql);
for ($i=0; $row=sql_fetch_array($result); $i++) {
for ($i = 0; $row = sql_fetch_array($result); $i++) {
/*
// 코멘트수를 얻습니다.
$sql2 = " select count(*) as cnt from {$g5['write_prefix']}$bo_table where wr_parent = '{$row['wr_id']}' and wr_is_comment = 1 ";
@ -324,11 +331,10 @@ if ($w == '') {
$lf = "";
if ($board['bo_notice']) {
$tmp_array = explode(",", $board['bo_notice']);
for ($i=0; $i<count($tmp_array); $i++) {
for ($i = 0; $i < count($tmp_array); $i++) {
$tmp_wr_id = trim($tmp_array[$i]);
$row = sql_fetch(" select count(*) as cnt from {$g5['write_prefix']}{$bo_table} where wr_id = '{$tmp_wr_id}' ");
if ($row['cnt'])
{
if ($row['cnt']) {
$bo_notice .= $lf . $tmp_wr_id;
$lf = ",";
}
@ -342,7 +348,6 @@ if ($w == '') {
{$sql_common}
where bo_table = '{$bo_table}' ";
sql_query($sql);
}
@ -396,9 +401,9 @@ if (is_checked('chk_grp_mobile_gallery_width')) $grp_fields .= " , bo_mobile_gal
if (is_checked('chk_grp_mobile_gallery_height'))$grp_fields .= " , bo_mobile_gallery_height = '{$bo_mobile_gallery_height}' ";
if (is_checked('chk_grp_table_width')) $grp_fields .= " , bo_table_width = '{$bo_table_width}' ";
if (is_checked('chk_grp_page_rows')) $grp_fields .= " , bo_page_rows = '{$bo_page_rows}' ";
if (is_checked('chk_grp_mobile_page_rows')) $grp_fields .= " , bo_mobile_page_rows = '{$bo_mobile_page_rows}' ";
if (is_checked('chk_grp_mobile_page_rows')) $grp_fields .= " , bo_mobile_page_rows = '{$bo_mobile_page_rows}' ";
if (is_checked('chk_grp_subject_len')) $grp_fields .= " , bo_subject_len = '{$bo_subject_len}' ";
if (is_checked('chk_grp_mobile_subject_len')) $grp_fields .= " , bo_mobile_subject_len = '{$bo_mobile_subject_len}' ";
if (is_checked('chk_grp_mobile_subject_len')) $grp_fields .= " , bo_mobile_subject_len = '{$bo_mobile_subject_len}' ";
if (is_checked('chk_grp_new')) $grp_fields .= " , bo_new = '{$bo_new}' ";
if (is_checked('chk_grp_hot')) $grp_fields .= " , bo_hot = '{$bo_hot}' ";
if (is_checked('chk_grp_image_width')) $grp_fields .= " , bo_image_width = '{$bo_image_width}' ";
@ -412,7 +417,7 @@ if (is_checked('chk_grp_upload_count')) $grp_fields .= " , bo_upload_cou
if (is_checked('chk_grp_upload_size')) $grp_fields .= " , bo_upload_size = '{$bo_upload_size}' ";
//최고관리자만 수정가능
if ($is_admin === 'super'){
if ($is_admin === 'super') {
if (is_checked('chk_grp_include_head')) $grp_fields .= " , bo_include_head = '{$bo_include_head}' ";
if (is_checked('chk_grp_include_tail')) $grp_fields .= " , bo_include_tail = '{$bo_include_tail}' ";
if (is_checked('chk_grp_content_head')) $grp_fields .= " , bo_content_head = '{$bo_content_head}' ";
@ -424,10 +429,10 @@ if ($is_admin === 'super'){
if (is_checked('chk_grp_insert_content')) $grp_fields .= " , bo_insert_content = '{$bo_insert_content}' ";
if (is_checked('chk_grp_use_search')) $grp_fields .= " , bo_use_search = '{$bo_use_search}' ";
if (is_checked('chk_grp_order')) $grp_fields .= " , bo_order = '{$bo_order}' ";
for ($i=1; $i<=10; $i++) {
if (is_checked('chk_grp_'.$i)) {
$grp_fields .= " , bo_{$i}_subj = '".$etcs['bo_'.$i.'_subj']."' ";
$grp_fields .= " , bo_{$i} = '".$etcs['bo_'.$i]."' ";
for ($i = 1; $i <= 10; $i++) {
if (is_checked('chk_grp_' . $i)) {
$grp_fields .= " , bo_{$i}_subj = '" . $etcs['bo_' . $i . '_subj'] . "' ";
$grp_fields .= " , bo_{$i} = '" . $etcs['bo_' . $i] . "' ";
}
}
@ -483,12 +488,12 @@ if (is_checked('chk_all_gallery_cols')) $all_fields .= " , bo_gallery_co
if (is_checked('chk_all_gallery_width')) $all_fields .= " , bo_gallery_width = '{$bo_gallery_width}' ";
if (is_checked('chk_all_gallery_height')) $all_fields .= " , bo_gallery_height = '{$bo_gallery_height}' ";
if (is_checked('chk_all_mobile_gallery_width')) $all_fields .= " , bo_mobile_gallery_width = '{$bo_mobile_gallery_width}' ";
if (is_checked('chk_all_mobile_gallery_height'))$all_fields .= " , bo_mobile_gallery_height = '{$bo_mobile_gallery_height}' ";
if (is_checked('chk_all_mobile_gallery_height')) $all_fields .= " , bo_mobile_gallery_height = '{$bo_mobile_gallery_height}' ";
if (is_checked('chk_all_table_width')) $all_fields .= " , bo_table_width = '{$bo_table_width}' ";
if (is_checked('chk_all_page_rows')) $all_fields .= " , bo_page_rows = '{$bo_page_rows}' ";
if (is_checked('chk_all_mobile_page_rows')) $all_fields .= " , bo_mobile_page_rows = '{$bo_mobile_page_rows}' ";
if (is_checked('chk_all_mobile_page_rows')) $all_fields .= " , bo_mobile_page_rows = '{$bo_mobile_page_rows}' ";
if (is_checked('chk_all_subject_len')) $all_fields .= " , bo_subject_len = '{$bo_subject_len}' ";
if (is_checked('chk_all_mobile_subject_len')) $all_fields .= " , bo_mobile_subject_len = '{$bo_mobile_subject_len}' ";
if (is_checked('chk_all_mobile_subject_len')) $all_fields .= " , bo_mobile_subject_len = '{$bo_mobile_subject_len}' ";
if (is_checked('chk_all_new')) $all_fields .= " , bo_new = '{$bo_new}' ";
if (is_checked('chk_all_hot')) $all_fields .= " , bo_hot = '{$bo_hot}' ";
if (is_checked('chk_all_image_width')) $all_fields .= " , bo_image_width = '{$bo_image_width}' ";
@ -502,7 +507,7 @@ if (is_checked('chk_all_upload_count')) $all_fields .= " , bo_upload_cou
if (is_checked('chk_all_upload_size')) $all_fields .= " , bo_upload_size = '{$bo_upload_size}' ";
//최고관리자만 수정가능
if ($is_admin === 'super'){
if ($is_admin === 'super') {
if (is_checked('chk_all_include_head')) $all_fields .= " , bo_include_head = '{$bo_include_head}' ";
if (is_checked('chk_all_include_tail')) $all_fields .= " , bo_include_tail = '{$bo_include_tail}' ";
if (is_checked('chk_all_content_head')) $all_fields .= " , bo_content_head = '{$bo_content_head}' ";
@ -514,10 +519,10 @@ if ($is_admin === 'super'){
if (is_checked('chk_all_insert_content')) $all_fields .= " , bo_insert_content = '{$bo_insert_content}' ";
if (is_checked('chk_all_use_search')) $all_fields .= " , bo_use_search = '{$bo_use_search}' ";
if (is_checked('chk_all_order')) $all_fields .= " , bo_order = '{$bo_order}' ";
for ($i=1; $i<=10; $i++) {
if (is_checked('chk_all_'.$i)) {
$all_fields .= " , bo_{$i}_subj = '".$etcs['bo_'.$i.'_subj']."' ";
$all_fields .= " , bo_{$i} = '".$etcs['bo_'.$i]."' ";
for ($i = 1; $i <= 10; $i++) {
if (is_checked('chk_all_' . $i)) {
$all_fields .= " , bo_{$i}_subj = '" . $etcs['bo_' . $i . '_subj'] . "' ";
$all_fields .= " , bo_{$i} = '" . $etcs['bo_' . $i] . "' ";
}
}
@ -527,9 +532,10 @@ if ($all_fields) {
delete_cache_latest($bo_table);
if(function_exists('get_admin_captcha_by'))
if (function_exists('get_admin_captcha_by')) {
get_admin_captcha_by('remove');
}
run_event('admin_board_form_update', $bo_table, $w);
goto_url("./board_form.php?w=u&bo_table={$bo_table}&amp;{$qstr}");
goto_url("./board_form.php?w=u&bo_table={$bo_table}&amp;{$qstr}");

322
adm/board_list.php
View File

@ -1,6 +1,6 @@
<?php
$sub_menu = "300100";
include_once('./_common.php');
require_once './_common.php';
auth_check_menu($auth, $sub_menu, 'r');
@ -15,13 +15,13 @@ if ($is_admin != "super") {
if ($stx) {
$sql_search .= " and ( ";
switch ($sfl) {
case "bo_table" :
case "bo_table":
$sql_search .= " ($sfl like '$stx%') ";
break;
case "a.gr_id" :
case "a.gr_id":
$sql_search .= " ($sfl = '$stx') ";
break;
default :
default:
$sql_search .= " ($sfl like '%$stx%') ";
break;
}
@ -40,16 +40,18 @@ $total_count = $row['cnt'];
$rows = $config['cf_page_rows'];
$total_page = ceil($total_count / $rows); // 전체 페이지 계산
if ($page < 1) { $page = 1; } // 페이지가 없으면 첫 페이지 (1 페이지)
if ($page < 1) {
$page = 1; // 페이지가 없으면 첫 페이지 (1 페이지)
}
$from_record = ($page - 1) * $rows; // 시작 열을 구함
$sql = " select * {$sql_common} {$sql_search} {$sql_order} limit {$from_record}, {$rows} ";
$result = sql_query($sql);
$listall = '<a href="'.$_SERVER['SCRIPT_NAME'].'" class="ov_listall">전체목록</a>';
$listall = '<a href="' . $_SERVER['SCRIPT_NAME'] . '" class="ov_listall">전체목록</a>';
$g5['title'] = '게시판관리';
include_once('./admin.head.php');
require_once './admin.head.php';
$colspan = 15;
?>
@ -60,179 +62,173 @@ $colspan = 15;
</div>
<form name="fsearch" id="fsearch" class="local_sch01 local_sch" method="get">
<label for="sfl" class="sound_only">검색대상</label>
<select name="sfl" id="sfl">
<option value="bo_table"<?php echo get_selected($sfl, "bo_table", true); ?>>TABLE</option>
<option value="bo_subject"<?php echo get_selected($sfl, "bo_subject"); ?>>제목</option>
<option value="a.gr_id"<?php echo get_selected($sfl, "a.gr_id"); ?>>그룹ID</option>
</select>
<label for="stx" class="sound_only">검색어<strong class="sound_only"> 필수</strong></label>
<input type="text" name="stx" value="<?php echo $stx ?>" id="stx" required class="required frm_input">
<input type="submit" value="검색" class="btn_submit">
<label for="sfl" class="sound_only">검색대상</label>
<select name="sfl" id="sfl">
<option value="bo_table" <?php echo get_selected($sfl, "bo_table", true); ?>>TABLE</option>
<option value="bo_subject" <?php echo get_selected($sfl, "bo_subject"); ?>>제목</option>
<option value="a.gr_id" <?php echo get_selected($sfl, "a.gr_id"); ?>>그룹ID</option>
</select>
<label for="stx" class="sound_only">검색어<strong class="sound_only"> 필수</strong></label>
<input type="text" name="stx" value="<?php echo $stx ?>" id="stx" required class="required frm_input">
<input type="submit" value="검색" class="btn_submit">
</form>
<form name="fboardlist" id="fboardlist" action="./board_list_update.php" onsubmit="return fboardlist_submit(this);" method="post">
<input type="hidden" name="sst" value="<?php echo $sst ?>">
<input type="hidden" name="sod" value="<?php echo $sod ?>">
<input type="hidden" name="sfl" value="<?php echo $sfl ?>">
<input type="hidden" name="stx" value="<?php echo $stx ?>">
<input type="hidden" name="page" value="<?php echo $page ?>">
<input type="hidden" name="token" value="<?php echo isset($token) ? $token : ''; ?>">
<input type="hidden" name="sst" value="<?php echo $sst ?>">
<input type="hidden" name="sod" value="<?php echo $sod ?>">
<input type="hidden" name="sfl" value="<?php echo $sfl ?>">
<input type="hidden" name="stx" value="<?php echo $stx ?>">
<input type="hidden" name="page" value="<?php echo $page ?>">
<input type="hidden" name="token" value="<?php echo isset($token) ? $token : ''; ?>">
<div class="tbl_head01 tbl_wrap">
<table>
<caption><?php echo $g5['title']; ?> 목록</caption>
<thead>
<tr>
<th scope="col">
<label for="chkall" class="sound_only">게시판 전체</label>
<input type="checkbox" name="chkall" value="1" id="chkall" onclick="check_all(this.form)">
</th>
<th scope="col"><?php echo subject_sort_link('a.gr_id') ?>그룹</a></th>
<th scope="col"><?php echo subject_sort_link('bo_table') ?>TABLE</a></th>
<th scope="col"><?php echo subject_sort_link('bo_skin', '', 'desc') ?>스킨</a></th>
<th scope="col"><?php echo subject_sort_link('bo_mobile_skin', '', 'desc') ?>모바일<br>스킨</a></th>
<th scope="col"><?php echo subject_sort_link('bo_subject') ?>제목</a></th>
<th scope="col">읽기P<span class="sound_only">포인트</span></th>
<th scope="col">쓰기P<span class="sound_only">포인트</span></th>
<th scope="col">댓글P<span class="sound_only">포인트</span></th>
<th scope="col">다운P<span class="sound_only">포인트</span></th>
<th scope="col"><?php echo subject_sort_link('bo_use_sns') ?>SNS<br>사용</a></th>
<th scope="col"><?php echo subject_sort_link('bo_use_search') ?>검색<br>사용</a></th>
<th scope="col"><?php echo subject_sort_link('bo_order') ?>출력<br>순서</a></th>
<th scope="col">접속기기</th>
<th scope="col">관리</th>
</tr>
</thead>
<tbody>
<?php
for ($i=0; $row=sql_fetch_array($result); $i++) {
$one_update = '<a href="./board_form.php?w=u&amp;bo_table='.$row['bo_table'].'&amp;'.$qstr.'" class="btn btn_03">수정</a>';
$one_copy = '<a href="./board_copy.php?bo_table='.$row['bo_table'].'" class="board_copy btn btn_02" target="win_board_copy">복사</a>';
<div class="tbl_head01 tbl_wrap">
<table>
<caption><?php echo $g5['title']; ?> 목록</caption>
<thead>
<tr>
<th scope="col">
<label for="chkall" class="sound_only">게시판 전체</label>
<input type="checkbox" name="chkall" value="1" id="chkall" onclick="check_all(this.form)">
</th>
<th scope="col"><?php echo subject_sort_link('a.gr_id') ?>그룹</a></th>
<th scope="col"><?php echo subject_sort_link('bo_table') ?>TABLE</a></th>
<th scope="col"><?php echo subject_sort_link('bo_skin', '', 'desc') ?>스킨</a></th>
<th scope="col"><?php echo subject_sort_link('bo_mobile_skin', '', 'desc') ?>모바일<br>스킨</a></th>
<th scope="col"><?php echo subject_sort_link('bo_subject') ?>제목</a></th>
<th scope="col">읽기P<span class="sound_only">포인트</span></th>
<th scope="col">쓰기P<span class="sound_only">포인트</span></th>
<th scope="col">댓글P<span class="sound_only">포인트</span></th>
<th scope="col">다운P<span class="sound_only">포인트</span></th>
<th scope="col"><?php echo subject_sort_link('bo_use_sns') ?>SNS<br>사용</a></th>
<th scope="col"><?php echo subject_sort_link('bo_use_search') ?>검색<br>사용</a></th>
<th scope="col"><?php echo subject_sort_link('bo_order') ?>출력<br>순서</a></th>
<th scope="col">접속기기</th>
<th scope="col">관리</th>
</tr>
</thead>
<tbody>
<?php
for ($i = 0; $row = sql_fetch_array($result); $i++) {
$one_update = '<a href="./board_form.php?w=u&amp;bo_table=' . $row['bo_table'] . '&amp;' . $qstr . '" class="btn btn_03">수정</a>';
$one_copy = '<a href="./board_copy.php?bo_table=' . $row['bo_table'] . '" class="board_copy btn btn_02" target="win_board_copy">복사</a>';
$bg = 'bg'.($i%2);
?>
$bg = 'bg' . ($i % 2);
?>
<tr class="<?php echo $bg; ?>">
<td class="td_chk">
<label for="chk_<?php echo $i; ?>" class="sound_only"><?php echo get_text($row['bo_subject']) ?></label>
<input type="checkbox" name="chk[]" value="<?php echo $i ?>" id="chk_<?php echo $i ?>">
</td>
<td>
<?php if ($is_admin == 'super'){ ?>
<?php echo get_group_select("gr_id[$i]", $row['gr_id']) ?>
<?php }else{ ?>
<input type="hidden" name="gr_id[<?php echo $i ?>]" value="<?php echo $row['gr_id'] ?>"><?php echo $row['gr_subject'] ?>
<?php } ?>
</td>
<td>
<input type="hidden" name="board_table[<?php echo $i ?>]" value="<?php echo $row['bo_table'] ?>">
<a href="<?php echo get_pretty_url($row['bo_table']) ?>"><?php echo $row['bo_table'] ?></a>
</td>
<td>
<label for="bo_skin_<?php echo $i; ?>" class="sound_only">스킨</label>
<?php echo get_skin_select('board', 'bo_skin_'.$i, "bo_skin[$i]", $row['bo_skin']); ?>
</td>
<td>
<label for="bo_mobile_skin_<?php echo $i; ?>" class="sound_only">모바일 스킨</label>
<?php echo get_mobile_skin_select('board', 'bo_mobile_skin_'.$i, "bo_mobile_skin[$i]", $row['bo_mobile_skin']); ?>
</td>
<td>
<label for="bo_subject_<?php echo $i; ?>" class="sound_only">게시판 제목<strong class="sound_only"> 필수</strong></label>
<input type="text" name="bo_subject[<?php echo $i ?>]" value="<?php echo get_text($row['bo_subject']) ?>" id="bo_subject_<?php echo $i ?>" required class="required tbl_input bo_subject full_input" size="10">
</td>
<td class="td_numsmall">
<label for="bo_read_point_<?php echo $i; ?>" class="sound_only">읽기 포인트</label>
<input type="text" name="bo_read_point[<?php echo $i ?>]" value="<?php echo $row['bo_read_point'] ?>" id="bo_read_point_<?php echo $i; ?>" class="tbl_input" size="2">
</td>
<td class="td_numsmall">
<label for="bo_write_point_<?php echo $i; ?>" class="sound_only">쓰기 포인트</label>
<input type="text" name="bo_write_point[<?php echo $i ?>]" value="<?php echo $row['bo_write_point'] ?>" id="bo_write_point_<?php echo $i; ?>" class="tbl_input" size="2">
</td>
<td class="td_numsmall">
<label for="bo_comment_point_<?php echo $i; ?>" class="sound_only">댓글 포인트</label>
<input type="text" name="bo_comment_point[<?php echo $i ?>]" value="<?php echo $row['bo_comment_point'] ?>" id="bo_comment_point_<?php echo $i; ?>" class="tbl_input" size="2">
</td>
<td class="td_numsmall">
<label for="bo_download_point_<?php echo $i; ?>" class="sound_only">다운<br>포인트</label>
<input type="text" name="bo_download_point[<?php echo $i ?>]" value="<?php echo $row['bo_download_point'] ?>" id="bo_download_point_<?php echo $i; ?>" class="tbl_input" size="2">
</td>
<td class="td_numsmall">
<label for="bo_use_sns_<?php echo $i; ?>" class="sound_only">SNS<br>사용</label>
<input type="checkbox" name="bo_use_sns[<?php echo $i ?>]" value="1" id="bo_use_sns_<?php echo $i ?>" <?php echo $row['bo_use_sns']?"checked":"" ?>>
</td>
<td class="td_numsmall">
<label for="bo_use_search_<?php echo $i; ?>" class="sound_only">검색<br>사용</label>
<input type="checkbox" name="bo_use_search[<?php echo $i ?>]" value="1" id="bo_use_search_<?php echo $i ?>" <?php echo $row['bo_use_search']?"checked":"" ?>>
</td>
<td class="td_numsmall">
<label for="bo_order_<?php echo $i; ?>" class="sound_only">출력<br>순서</label>
<input type="text" name="bo_order[<?php echo $i ?>]" value="<?php echo $row['bo_order'] ?>" id="bo_order_<?php echo $i ?>" class="tbl_input" size="2">
</td>
<td class="td_mngsmall">
<label for="bo_device_<?php echo $i; ?>" class="sound_only">접속기기</label>
<select name="bo_device[<?php echo $i ?>]" id="bo_device_<?php echo $i ?>">
<option value="both"<?php echo get_selected($row['bo_device'], 'both', true); ?>>모두</option>
<option value="pc"<?php echo get_selected($row['bo_device'], 'pc'); ?>>PC</option>
<option value="mobile"<?php echo get_selected($row['bo_device'], 'mobile'); ?>>모바일</option>
</select>
</td>
<td class="td_mng td_mng_m">
<?php echo $one_update ?>
<?php echo $one_copy ?>
</td>
</tr>
<?php
}
if ($i == 0)
echo '<tr><td colspan="'.$colspan.'" class="empty_table">자료가 없습니다.</td></tr>';
?>
</tbody>
</table>
</div>
<tr class="<?php echo $bg; ?>">
<td class="td_chk">
<label for="chk_<?php echo $i; ?>" class="sound_only"><?php echo get_text($row['bo_subject']) ?></label>
<input type="checkbox" name="chk[]" value="<?php echo $i ?>" id="chk_<?php echo $i ?>">
</td>
<td>
<?php if ($is_admin == 'super') { ?>
<?php echo get_group_select("gr_id[$i]", $row['gr_id']) ?>
<?php } else { ?>
<input type="hidden" name="gr_id[<?php echo $i ?>]" value="<?php echo $row['gr_id'] ?>"><?php echo $row['gr_subject'] ?>
<?php } ?>
</td>
<td>
<input type="hidden" name="board_table[<?php echo $i ?>]" value="<?php echo $row['bo_table'] ?>">
<a href="<?php echo get_pretty_url($row['bo_table']) ?>"><?php echo $row['bo_table'] ?></a>
</td>
<td>
<label for="bo_skin_<?php echo $i; ?>" class="sound_only">스킨</label>
<?php echo get_skin_select('board', 'bo_skin_' . $i, "bo_skin[$i]", $row['bo_skin']); ?>
</td>
<td>
<label for="bo_mobile_skin_<?php echo $i; ?>" class="sound_only">모바일 스킨</label>
<?php echo get_mobile_skin_select('board', 'bo_mobile_skin_' . $i, "bo_mobile_skin[$i]", $row['bo_mobile_skin']); ?>
</td>
<td>
<label for="bo_subject_<?php echo $i; ?>" class="sound_only">게시판 제목<strong class="sound_only"> 필수</strong></label>
<input type="text" name="bo_subject[<?php echo $i ?>]" value="<?php echo get_text($row['bo_subject']) ?>" id="bo_subject_<?php echo $i ?>" required class="required tbl_input bo_subject full_input" size="10">
</td>
<td class="td_numsmall">
<label for="bo_read_point_<?php echo $i; ?>" class="sound_only">읽기 포인트</label>
<input type="text" name="bo_read_point[<?php echo $i ?>]" value="<?php echo $row['bo_read_point'] ?>" id="bo_read_point_<?php echo $i; ?>" class="tbl_input" size="2">
</td>
<td class="td_numsmall">
<label for="bo_write_point_<?php echo $i; ?>" class="sound_only">쓰기 포인트</label>
<input type="text" name="bo_write_point[<?php echo $i ?>]" value="<?php echo $row['bo_write_point'] ?>" id="bo_write_point_<?php echo $i; ?>" class="tbl_input" size="2">
</td>
<td class="td_numsmall">
<label for="bo_comment_point_<?php echo $i; ?>" class="sound_only">댓글 포인트</label>
<input type="text" name="bo_comment_point[<?php echo $i ?>]" value="<?php echo $row['bo_comment_point'] ?>" id="bo_comment_point_<?php echo $i; ?>" class="tbl_input" size="2">
</td>
<td class="td_numsmall">
<label for="bo_download_point_<?php echo $i; ?>" class="sound_only">다운<br>포인트</label>
<input type="text" name="bo_download_point[<?php echo $i ?>]" value="<?php echo $row['bo_download_point'] ?>" id="bo_download_point_<?php echo $i; ?>" class="tbl_input" size="2">
</td>
<td class="td_numsmall">
<label for="bo_use_sns_<?php echo $i; ?>" class="sound_only">SNS<br>사용</label>
<input type="checkbox" name="bo_use_sns[<?php echo $i ?>]" value="1" id="bo_use_sns_<?php echo $i ?>" <?php echo $row['bo_use_sns'] ? "checked" : "" ?>>
</td>
<td class="td_numsmall">
<label for="bo_use_search_<?php echo $i; ?>" class="sound_only">검색<br>사용</label>
<input type="checkbox" name="bo_use_search[<?php echo $i ?>]" value="1" id="bo_use_search_<?php echo $i ?>" <?php echo $row['bo_use_search'] ? "checked" : "" ?>>
</td>
<td class="td_numsmall">
<label for="bo_order_<?php echo $i; ?>" class="sound_only">출력<br>순서</label>
<input type="text" name="bo_order[<?php echo $i ?>]" value="<?php echo $row['bo_order'] ?>" id="bo_order_<?php echo $i ?>" class="tbl_input" size="2">
</td>
<td class="td_mngsmall">
<label for="bo_device_<?php echo $i; ?>" class="sound_only">접속기기</label>
<select name="bo_device[<?php echo $i ?>]" id="bo_device_<?php echo $i ?>">
<option value="both" <?php echo get_selected($row['bo_device'], 'both', true); ?>>모두</option>
<option value="pc" <?php echo get_selected($row['bo_device'], 'pc'); ?>>PC</option>
<option value="mobile" <?php echo get_selected($row['bo_device'], 'mobile'); ?>>모바일</option>
</select>
</td>
<td class="td_mng td_mng_m">
<?php echo $one_update ?>
<?php echo $one_copy ?>
</td>
</tr>
<?php
}
if ($i == 0) {
echo '<tr><td colspan="' . $colspan . '" class="empty_table">자료가 없습니다.</td></tr>';
}
?>
</tbody>
</table>
</div>
<div class="btn_fixed_top">
<input type="submit" name="act_button" value="선택수정" onclick="document.pressed=this.value" class="btn_02 btn">
<?php if ($is_admin == 'super') { ?>
<input type="submit" name="act_button" value="선택삭제" onclick="document.pressed=this.value" class="btn_02 btn">
<?php } ?>
<?php if ($is_admin == 'super') { ?>
<a href="./board_form.php" id="bo_add" class="btn_01 btn">게시판 추가</a>
<?php } ?>
</div>
<div class="btn_fixed_top">
<input type="submit" name="act_button" value="선택수정" onclick="document.pressed=this.value" class="btn_02 btn">
<?php if ($is_admin == 'super') { ?>
<input type="submit" name="act_button" value="선택삭제" onclick="document.pressed=this.value" class="btn_02 btn">
<a href="./board_form.php" id="bo_add" class="btn_01 btn">게시판 추가</a>
<?php } ?>
</div>
</form>
<?php echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, $_SERVER['SCRIPT_NAME'].'?'.$qstr.'&amp;page='); ?>
<?php echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, $_SERVER['SCRIPT_NAME'] . '?' . $qstr . '&amp;page='); ?>
<script>
function fboardlist_submit(f)
{
if (!is_checked("chk[]")) {
alert(document.pressed+" 하실 항목을 하나 이상 선택하세요.");
return false;
}
if(document.pressed == "선택삭제") {
if(!confirm("선택한 자료를 정말 삭제하시겠습니까?")) {
function fboardlist_submit(f) {
if (!is_checked("chk[]")) {
alert(document.pressed + " 하실 항목을 하나 이상 선택하세요.");
return false;
}
if (document.pressed == "선택삭제") {
if (!confirm("선택한 자료를 정말 삭제하시겠습니까?")) {
return false;
}
}
return true;
}
return true;
}
$(function(){
$(".board_copy").click(function(){
window.open(this.href, "win_board_copy", "left=100,top=100,width=550,height=450");
return false;
$(function() {
$(".board_copy").click(function() {
window.open(this.href, "win_board_copy", "left=100,top=100,width=550,height=450");
return false;
});
});
});
</script>
<?php
include_once('./admin.tail.php');
require_once './admin.tail.php';

69
adm/board_list_update.php
View File

@ -1,26 +1,24 @@
<?php
$sub_menu = "300100";
include_once('./_common.php');
require_once './_common.php';
check_demo();
$post_count_chk = (isset($_POST['chk']) && is_array($_POST['chk'])) ? count($_POST['chk']) : 0;
$chk = (isset($_POST['chk']) && is_array($_POST['chk'])) ? $_POST['chk'] : array();
$act_button = isset($_POST['act_button']) ? strip_tags($_POST['act_button']) : '';
$board_table = (isset($_POST['board_table']) && is_array($_POST['board_table'])) ? $_POST['board_table'] : array();
$chk = (isset($_POST['chk']) && is_array($_POST['chk'])) ? $_POST['chk'] : array();
$act_button = isset($_POST['act_button']) ? strip_tags($_POST['act_button']) : '';
$board_table = (isset($_POST['board_table']) && is_array($_POST['board_table'])) ? $_POST['board_table'] : array();
if (! $post_count_chk) {
alert($act_button." 하실 항목을 하나 이상 체크하세요.");
if (!$post_count_chk) {
alert($act_button . " 하실 항목을 하나 이상 체크하세요.");
}
check_admin_token();
if ($act_button === "선택수정") {
auth_check_menu($auth, $sub_menu, 'w');
for ($i=0; $i<$post_count_chk; $i++) {
for ($i = 0; $i < $post_count_chk; $i++) {
// 실제 번호를 넘김
$k = isset($_POST['chk'][$i]) ? (int) $_POST['chk'][$i] : 0;
@ -39,59 +37,60 @@ if ($act_button === "선택수정") {
if ($is_admin != 'super') {
$sql = " select count(*) as cnt from {$g5['board_table']} a, {$g5['group_table']} b
where a.gr_id = '".sql_real_escape_string($post_gr_id)."'
where a.gr_id = '" . sql_real_escape_string($post_gr_id) . "'
and a.gr_id = b.gr_id
and b.gr_admin = '{$member['mb_id']}' ";
$row = sql_fetch($sql);
if (!$row['cnt'])
alert('최고관리자가 아닌 경우 다른 관리자의 게시판('.$board_table[$k].')은 수정이 불가합니다.');
if (!$row['cnt']) {
alert('최고관리자가 아닌 경우 다른 관리자의 게시판(' . $board_table[$k] . ')은 수정이 불가합니다.');
}
}
$p_bo_subject = is_array($_POST['bo_subject']) ? strip_tags(clean_xss_attributes($_POST['bo_subject'][$k])) : '';
$sql = " update {$g5['board_table']}
set gr_id = '".sql_real_escape_string($post_gr_id)."',
bo_subject = '".$p_bo_subject."',
bo_device = '".sql_real_escape_string($post_bo_device)."',
bo_skin = '".sql_real_escape_string($post_bo_skin)."',
bo_mobile_skin = '".sql_real_escape_string($post_bo_mobile_skin)."',
bo_read_point = '".sql_real_escape_string($post_bo_read_point)."',
bo_write_point = '".sql_real_escape_string($post_bo_write_point)."',
bo_comment_point = '".sql_real_escape_string($post_bo_comment_point)."',
bo_download_point = '".sql_real_escape_string($post_bo_download_point)."',
bo_use_search = '".sql_real_escape_string($post_bo_use_search)."',
bo_use_sns = '".sql_real_escape_string($post_bo_use_sns)."',
bo_order = '".sql_real_escape_string($post_bo_order)."'
where bo_table = '".sql_real_escape_string($post_board_table)."' ";
set gr_id = '" . sql_real_escape_string($post_gr_id) . "',
bo_subject = '" . $p_bo_subject . "',
bo_device = '" . sql_real_escape_string($post_bo_device) . "',
bo_skin = '" . sql_real_escape_string($post_bo_skin) . "',
bo_mobile_skin = '" . sql_real_escape_string($post_bo_mobile_skin) . "',
bo_read_point = '" . sql_real_escape_string($post_bo_read_point) . "',
bo_write_point = '" . sql_real_escape_string($post_bo_write_point) . "',
bo_comment_point = '" . sql_real_escape_string($post_bo_comment_point) . "',
bo_download_point = '" . sql_real_escape_string($post_bo_download_point) . "',
bo_use_search = '" . sql_real_escape_string($post_bo_use_search) . "',
bo_use_sns = '" . sql_real_escape_string($post_bo_use_sns) . "',
bo_order = '" . sql_real_escape_string($post_bo_order) . "'
where bo_table = '" . sql_real_escape_string($post_board_table) . "' ";
sql_query($sql);
}
} else if ($act_button === "선택삭제") {
if ($is_admin != 'super')
} elseif ($act_button === "선택삭제") {
if ($is_admin != 'super') {
alert('게시판 삭제는 최고관리자만 가능합니다.');
}
auth_check_menu($auth, $sub_menu, 'd');
// _BOARD_DELETE_ 상수를 선언해야 board_delete.inc.php 가 정상 작동함
/* 확인필요 22.05.27
A file should declare new symbols (classes, functions, constants, etc.) and cause no other side effects,
or it should execute logic with side effects, but should not do both.*/
define('_BOARD_DELETE_', true);
for ($i=0; $i<$post_count_chk; $i++) {
for ($i = 0; $i < $post_count_chk; $i++) {
// 실제 번호를 넘김
$k = isset($_POST['chk'][$i]) ? (int) $_POST['chk'][$i] : 0;
// include 전에 $bo_table 값을 반드시 넘겨야 함
$tmp_bo_table = isset($_POST['board_table'][$k]) ? trim(clean_xss_tags($_POST['board_table'][$k], 1, 1)) : '';
if( preg_match("/^[A-Za-z0-9_]+$/", $tmp_bo_table) ){
include ('./board_delete.inc.php');
if (preg_match("/^[A-Za-z0-9_]+$/", $tmp_bo_table)) {
include './board_delete.inc.php';
}
}
}
run_event('admin_board_list_update', $act_button, $chk, $board_table, $qstr);
goto_url('./board_list.php?'.$qstr);
goto_url('./board_list.php?' . $qstr);

28
adm/board_thumbnail_delete.php
View File

@ -1,14 +1,15 @@
<?php
$sub_menu = '300100';
include_once('./_common.php');
require_once './_common.php';
auth_check_menu($auth, $sub_menu, 'w');
if(!$board['bo_table'])
if (!$board['bo_table']) {
alert('존재하지 않는 게시판입니다.');
}
$g5['title'] = $board['bo_subject'].' 게시판 썸네일 삭제';
include_once('./admin.head.php');
$g5['title'] = $board['bo_subject'] . ' 게시판 썸네일 삭제';
require_once './admin.head.php';
?>
<div class="local_desc02 local_desc">
@ -18,28 +19,29 @@ include_once('./admin.head.php');
</div>
<?php
$dir = G5_DATA_PATH.'/file/'.$bo_table;
$dir = G5_DATA_PATH . '/file/' . $bo_table;
$cnt = 0;
if(is_dir($dir)) {
if (is_dir($dir)) {
echo '<ul>';
$files = glob($dir.'/thumb-*');
$files = glob($dir . '/thumb-*');
if (is_array($files)) {
foreach($files as $thumbnail) {
foreach ($files as $thumbnail) {
$cnt++;
@unlink($thumbnail);
echo '<li>'.$thumbnail.'</li>'.PHP_EOL;
echo '<li>' . $thumbnail . '</li>' . PHP_EOL;
flush();
if ($cnt%10==0)
if (($cnt % 10) == 0) {
echo PHP_EOL;
}
}
}
echo '<li>완료됨</li></ul>'.PHP_EOL;
echo '<div class="local_desc01 local_desc"><p><strong>썸네일 '.$cnt.'건의 삭제 완료됐습니다.</strong></p></div>'.PHP_EOL;
echo '<li>완료됨</li></ul>' . PHP_EOL;
echo '<div class="local_desc01 local_desc"><p><strong>썸네일 ' . $cnt . '건의 삭제 완료됐습니다.</strong></p></div>' . PHP_EOL;
} else {
echo '<p>첨부파일 디렉토리가 존재하지 않습니다.</p>';
}
@ -48,4 +50,4 @@ if(is_dir($dir)) {
<div class="btn_confirm01 btn_confirm"><a href="./board_form.php?w=u&amp;bo_table=<?php echo $bo_table; ?>&amp;<?php echo $qstr; ?>">게시판 수정으로 돌아가기</a></div>
<?php
include_once('./admin.tail.php');
require_once './admin.tail.php';

231
adm/boardgroup_form.php
View File

@ -1,141 +1,155 @@
<?php
$sub_menu = "300200";
include_once('./_common.php');
require_once './_common.php';
auth_check_menu($auth, $sub_menu, 'w');
if ($is_admin != 'super' && $w == '') alert('최고관리자만 접근 가능합니다.');
if ($is_admin != 'super' && $w == '') {
alert('최고관리자만 접근 가능합니다.');
}
$html_title = '게시판그룹';
$gr_id_attr = '';
$sound_only = '';
if( ! isset($group['gr_id']) ){
if (!isset($group['gr_id'])) {
$group['gr_id'] = '';
$group['gr_subject'] = '';
$group['gr_device'] = '';
}
$gr = array('gr_use_access' => 0, 'gr_admin' => '');
if ($w == '') {
$gr_id_attr = 'required';
$sound_only = '<strong class="sound_only"> 필수</strong>';
$gr = array('gr_use_access' => 0, 'gr_admin'=>'');
$html_title .= ' 생성';
} else if ($w == 'u') {
} elseif ($w == 'u') {
$gr_id_attr = 'readonly';
$gr = sql_fetch(" select * from {$g5['group_table']} where gr_id = '$gr_id' ");
$html_title .= ' 수정';
}
else
} else {
alert('제대로 된 값이 넘어오지 않았습니다.');
}
if (!isset($group['gr_device'])) {
sql_query(" ALTER TABLE `{$g5['group_table']}` ADD `gr_device` ENUM('both','pc','mobile') NOT NULL DEFAULT 'both' AFTER `gr_subject` ", false);
}
// 접근회원수
$sql1 = " select count(*) as cnt from {$g5['group_member_table']} where gr_id = '{$gr_id}' ";
$row1 = sql_fetch($sql1);
$group_member_count = $row1['cnt'];
$g5['title'] = $html_title;
include_once('./admin.head.php');
require_once './admin.head.php';
?>
<form name="fboardgroup" id="fboardgroup" action="./boardgroup_form_update.php" onsubmit="return fboardgroup_check(this);" method="post" autocomplete="off">
<input type="hidden" name="w" value="<?php echo $w ?>">
<input type="hidden" name="sfl" value="<?php echo $sfl ?>">
<input type="hidden" name="stx" value="<?php echo $stx ?>">
<input type="hidden" name="sst" value="<?php echo $sst ?>">
<input type="hidden" name="sod" value="<?php echo $sod ?>">
<input type="hidden" name="page" value="<?php echo $page ?>">
<input type="hidden" name="token" value="">
<input type="hidden" name="w" value="<?php echo $w ?>">
<input type="hidden" name="sfl" value="<?php echo $sfl ?>">
<input type="hidden" name="stx" value="<?php echo $stx ?>">
<input type="hidden" name="sst" value="<?php echo $sst ?>">
<input type="hidden" name="sod" value="<?php echo $sod ?>">
<input type="hidden" name="page" value="<?php echo $page ?>">
<input type="hidden" name="token" value="">
<div class="tbl_frm01 tbl_wrap">
<table>
<caption><?php echo $g5['title']; ?></caption>
<colgroup>
<col class="grid_4">
<col>
</colgroup>
<tbody>
<tr>
<th scope="row"><label for="gr_id">그룹 ID<?php echo $sound_only ?></label></th>
<td><input type="text" name="gr_id" value="<?php echo $group['gr_id'] ?>" id="gr_id" <?php echo $gr_id_attr; ?> class="<?php echo $gr_id_attr; ?> alnum_ frm_input" maxlength="10">
<?php
if ($w=='')
echo '영문자, 숫자, _ 만 가능 (공백없이)';
else
echo '<a href="'.G5_BBS_URL.'/group.php?gr_id='.$group['gr_id'].'" class="btn_frmline">게시판그룹 바로가기</a>';
?>
</td>
</tr>
<tr>
<th scope="row"><label for="gr_subject">그룹 제목<strong class="sound_only"> 필수</strong></label></th>
<td>
<input type="text" name="gr_subject" value="<?php echo get_text($group['gr_subject']) ?>" id="gr_subject" required class="required frm_input" size="80">
<?php
if ($w == 'u')
echo '<a href="./board_form.php?gr_id='.$gr_id.'" class="btn_frmline">게시판생성</a>';
?>
</td>
</tr>
<tr>
<th scope="row"><label for="gr_device">접속기기</label></th>
<td>
<?php echo help("PC 와 모바일 사용을 구분합니다.") ?>
<select id="gr_device" name="gr_device">
<option value="both"<?php echo get_selected($group['gr_device'], 'both', true); ?>>PC와 모바일에서 모두 사용</option>
<option value="pc"<?php echo get_selected($group['gr_device'], 'pc'); ?>>PC 전용</option>
<option value="mobile"<?php echo get_selected($group['gr_device'], 'mobile'); ?>>모바일 전용</option>
</select>
</td>
</tr>
<tr>
<th scope="row"><?php if ($is_admin == 'super') { ?><label for="gr_admin"><?php } ?>그룹 관리자<?php if ($is_admin == 'super') { ?></label><?php } ?></th>
<td>
<?php
if ($is_admin == 'super')
echo '<input type="text" id="gr_admin" name="gr_admin" class="frm_input" value="'.$gr['gr_admin'].'" maxlength="20">';
else
echo '<input type="hidden" id="gr_admin" name="gr_admin" value="'.$gr['gr_admin'].'">'.$gr['gr_admin'];
?>
</td>
</tr>
<tr>
<th scope="row"><label for="gr_use_access">접근회원사용</label></th>
<td>
<?php echo help("사용에 체크하시면 이 그룹에 속한 게시판은 접근가능한 회원만 접근이 가능합니다.") ?>
<input type="checkbox" name="gr_use_access" value="1" id="gr_use_access" <?php echo $gr['gr_use_access']?'checked':''; ?>>
사용
</td>
</tr>
<tr>
<th scope="row">접근회원수</th>
<td>
<?php
// 접근회원수
$sql1 = " select count(*) as cnt from {$g5['group_member_table']} where gr_id = '{$gr_id}' ";
$row1 = sql_fetch($sql1);
echo '<a href="./boardgroupmember_list.php?gr_id='.$gr_id.'">'.$row1['cnt'].'</a>';
?>
</td>
</tr>
<?php for ($i=1;$i<=10;$i++) { ?>
<tr>
<th scope="row">여분필드<?php echo $i ?></th>
<td class="td_extra">
<label for="gr_<?php echo $i ?>_subj">여분필드 <?php echo $i ?> 제목</label>
<input type="text" name="gr_<?php echo $i ?>_subj" value="<?php echo isset($group['gr_'.$i.'_subj']) ? get_text($group['gr_'.$i.'_subj']) : ''; ?>" id="gr_<?php echo $i ?>_subj" class="frm_input">
<label for="gr_<?php echo $i ?>">여분필드 <?php echo $i ?> 내용</label>
<input type="text" name="gr_<?php echo $i ?>" value="<?php echo isset($gr['gr_'.$i]) ? get_sanitize_input($gr['gr_'.$i]) : ''; ?>" id="gr_<?php echo $i ?>" class="frm_input">
</td>
</tr>
<?php } ?>
</tbody>
</table>
</div>
<div class="tbl_frm01 tbl_wrap">
<table>
<caption><?php echo $g5['title']; ?></caption>
<colgroup>
<col class="grid_4">
<col>
</colgroup>
<tbody>
<tr>
<th scope="row"><label for="gr_id">그룹 ID<?php echo $sound_only ?></label></th>
<td><input type="text" name="gr_id" value="<?php echo $group['gr_id'] ?>" id="gr_id" <?php echo $gr_id_attr; ?> class="<?php echo $gr_id_attr; ?> alnum_ frm_input" maxlength="10">
<?php
if ($w == '') {
echo '영문자, 숫자, _ 만 가능 (공백없이)';
} else {
echo '<a href="' . G5_BBS_URL . '/group.php?gr_id=' . $group['gr_id'] . '" class="btn_frmline">게시판그룹 바로가기</a>';
}
?>
</td>
</tr>
<tr>
<th scope="row"><label for="gr_subject">그룹 제목<strong class="sound_only"> 필수</strong></label></th>
<td>
<input type="text" name="gr_subject" value="<?php echo get_text($group['gr_subject']) ?>" id="gr_subject" required class="required frm_input" size="80">
<?php
if ($w == 'u') {
echo '<a href="./board_form.php?gr_id=' . $gr_id . '" class="btn_frmline">게시판생성</a>';
}
?>
</td>
</tr>
<tr>
<th scope="row"><label for="gr_device">접속기기</label></th>
<td>
<?php echo help("PC 와 모바일 사용을 구분합니다.") ?>
<select id="gr_device" name="gr_device">
<option value="both" <?php echo get_selected($group['gr_device'], 'both', true); ?>>PC와 모바일에서 모두 사용</option>
<option value="pc" <?php echo get_selected($group['gr_device'], 'pc'); ?>>PC 전용</option>
<option value="mobile" <?php echo get_selected($group['gr_device'], 'mobile'); ?>>모바일 전용</option>
</select>
</td>
</tr>
<tr>
<th scope="row">
<?php
if ($is_admin == 'super') {
echo '<label for="gr_admin">그룹 관리자</label>';
} else {
echo '그룹 관리자';
}
?>
</th>
<td>
<?php
if ($is_admin == 'super') {
echo '<input type="text" id="gr_admin" name="gr_admin" class="frm_input" value="' . $gr['gr_admin'] . '" maxlength="20">';
} else {
echo '<input type="hidden" id="gr_admin" name="gr_admin" value="' . $gr['gr_admin'] . '">' . $gr['gr_admin'];
}
?>
</td>
</tr>
<tr>
<th scope="row"><label for="gr_use_access">접근회원사용</label></th>
<td>
<?php echo help("사용에 체크하시면 이 그룹에 속한 게시판은 접근가능한 회원만 접근이 가능합니다.") ?>
<input type="checkbox" name="gr_use_access" value="1" id="gr_use_access" <?php echo $gr['gr_use_access'] ? 'checked' : ''; ?>>
사용
</td>
</tr>
<tr>
<th scope="row">접근회원수</th>
<td>
<?php
echo '<a href="./boardgroupmember_list.php?gr_id=' . $gr_id . '">' . $group_member_count . '</a>';
?>
</td>
</tr>
<?php for ($i = 1; $i <= 10; $i++) { ?>
<tr>
<th scope="row">여분필드<?php echo $i ?></th>
<td class="td_extra">
<label for="gr_<?php echo $i ?>_subj">여분필드 <?php echo $i ?> 제목</label>
<input type="text" name="gr_<?php echo $i ?>_subj" value="<?php echo isset($group['gr_' . $i . '_subj']) ? get_text($group['gr_' . $i . '_subj']) : ''; ?>" id="gr_<?php echo $i ?>_subj" class="frm_input">
<label for="gr_<?php echo $i ?>">여분필드 <?php echo $i ?> 내용</label>
<input type="text" name="gr_<?php echo $i ?>" value="<?php echo isset($gr['gr_' . $i]) ? get_sanitize_input($gr['gr_' . $i]) : ''; ?>" id="gr_<?php echo $i ?>" class="frm_input">
</td>
</tr>
<?php } ?>
</tbody>
</table>
</div>
<div class="btn_fixed_top">
<a href="./boardgroup_list.php?<?php echo $qstr ?>" class="btn btn_02">목록</a>
<input type="submit" class="btn_submit btn" accesskey="s" value="확인">
</div>
<div class="btn_fixed_top">
<a href="./boardgroup_list.php?<?php echo $qstr ?>" class="btn btn_02">목록</a>
<input type="submit" class="btn_submit btn" accesskey="s" value="확인">
</div>
</form>
@ -147,12 +161,11 @@ include_once('./admin.head.php');
</div>
<script>
function fboardgroup_check(f)
{
f.action = './boardgroup_form_update.php';
return true;
}
function fboardgroup_check(f) {
f.action = './boardgroup_form_update.php';
return true;
}
</script>
<?php
include_once ('./admin.tail.php');
require_once './admin.tail.php';

48
adm/boardgroup_form_update.php
View File

@ -1,38 +1,44 @@
<?php
$sub_menu = "300200";
include_once('./_common.php');
require_once './_common.php';
if ($w == 'u')
if ($w == 'u') {
check_demo();
}
auth_check_menu($auth, $sub_menu, 'w');
if ($is_admin != 'super' && $w == '') alert('최고관리자만 접근 가능합니다.');
if ($is_admin != 'super' && $w == '') {
alert('최고관리자만 접근 가능합니다.');
}
check_admin_token();
$gr_id = isset($_POST['gr_id']) ? $_POST['gr_id'] : '';
if (!preg_match("/^([A-Za-z0-9_]{1,10})$/", $gr_id))
if (!preg_match("/^([A-Za-z0-9_]{1,10})$/", $gr_id)) {
alert('그룹 ID는 공백없이 영문자, 숫자, _ 만 사용 가능합니다. (10자 이내)');
}
if (!$gr_subject) alert('그룹 제목을 입력하세요.');
if (empty($gr_subject)) {
alert('그룹 제목을 입력하세요.');
}
$posts = array();
$check_keys = array(
'gr_subject'=>'',
'gr_device'=>'',
'gr_admin'=>'',
'gr_subject' => '',
'gr_device' => '',
'gr_admin' => '',
);
for($i=1;$i<=10;$i++){
$check_keys['gr_'.$i.'_subj'] = isset($_POST['gr_'.$i.'_subj']) ? $_POST['gr_'.$i.'_subj'] : '';
$check_keys['gr_'.$i] = isset($_POST['gr_'.$i]) ? $_POST['gr_'.$i] : '';
for ($i = 1; $i <= 10; $i++) {
$check_keys['gr_' . $i . '_subj'] = isset($_POST['gr_' . $i . '_subj']) ? $_POST['gr_' . $i . '_subj'] : '';
$check_keys['gr_' . $i] = isset($_POST['gr_' . $i]) ? $_POST['gr_' . $i] : '';
}
foreach( $check_keys as $key=>$value ){
if( $key === 'gr_subject' ){
foreach ($check_keys as $key => $value) {
if ($key === 'gr_subject') {
$posts[$key] = isset($_POST[$key]) ? strip_tags(clean_xss_attributes($_POST[$key])) : '';
} else {
$posts[$key] = isset($_POST[$key]) ? $_POST[$key] : '';
@ -62,34 +68,32 @@ $sql_common = " gr_subject = '{$posts['gr_subject']}',
gr_8 = '{$posts['gr_8']}',
gr_9 = '{$posts['gr_9']}',
gr_10 = '{$posts['gr_10']}' ";
if (isset($_POST['gr_use_access']))
if (isset($_POST['gr_use_access'])) {
$sql_common .= ", gr_use_access = '{$_POST['gr_use_access']}' ";
else
} else {
$sql_common .= ", gr_use_access = '' ";
}
if ($w == '') {
$sql = " select count(*) as cnt from {$g5['group_table']} where gr_id = '{$gr_id}' ";
$row = sql_fetch($sql);
if ($row['cnt'])
if ($row['cnt']) {
alert('이미 존재하는 그룹 ID 입니다.');
}
$sql = " insert into {$g5['group_table']}
set gr_id = '{$gr_id}',
{$sql_common} ";
sql_query($sql);
} else if ($w == "u") {
} elseif ($w == "u") {
$sql = " update {$g5['group_table']}
set {$sql_common}
where gr_id = '{$gr_id}' ";
sql_query($sql);
} else {
alert('제대로 된 값이 넘어오지 않았습니다.');
}
run_event('admin_boardgroup_form_update', $gr_id, $w);
goto_url('./boardgroup_form.php?w=u&amp;gr_id='.$gr_id.'&amp;'.$qstr);
goto_url('./boardgroup_form.php?w=u&amp;gr_id=' . $gr_id . '&amp;' . $qstr);

252
adm/boardgroup_list.php
View File

@ -1,6 +1,6 @@
<?php
$sub_menu = "300200";
include_once('./_common.php');
require_once './_common.php';
auth_check_menu($auth, $sub_menu, 'r');
@ -16,27 +16,29 @@ if (!isset($group['gr_device'])) {
$sql_common = " from {$g5['group_table']} ";
$sql_search = " where (1) ";
if ($is_admin != 'super')
if ($is_admin != 'super') {
$sql_search .= " and (gr_admin = '{$member['mb_id']}') ";
}
if ($stx) {
$sql_search .= " and ( ";
switch ($sfl) {
case "gr_id" :
case "gr_admin" :
case "gr_id":
case "gr_admin":
$sql_search .= " ({$sfl} = '{$stx}') ";
break;
default :
default:
$sql_search .= " ({$sfl} like '%{$stx}%') ";
break;
}
$sql_search .= " ) ";
}
if ($sst)
if ($sst) {
$sql_order = " order by {$sst} {$sod} ";
else
} else {
$sql_order = " order by gr_id asc ";
}
$sql = " select count(*) as cnt {$sql_common} {$sql_search} {$sql_order} ";
$row = sql_fetch($sql);
@ -44,136 +46,137 @@ $total_count = $row['cnt'];
$rows = $config['cf_page_rows'];
$total_page = ceil($total_count / $rows); // 전체 페이지 계산
if ($page < 1) $page = 1; // 페이지가 없으면 첫 페이지 (1 페이지)
if ($page < 1) {
$page = 1; // 페이지가 없으면 첫 페이지 (1 페이지)
}
$from_record = ($page - 1) * $rows; // 시작 열을 구함
$sql = " select * {$sql_common} {$sql_search} {$sql_order} limit {$from_record}, {$rows} ";
$result = sql_query($sql);
$listall = '<a href="'.$_SERVER['SCRIPT_NAME'].'" class="ov_listall">처음</a>';
$listall = '<a href="' . $_SERVER['SCRIPT_NAME'] . '" class="ov_listall">처음</a>';
$g5['title'] = '게시판그룹설정';
include_once('./admin.head.php');
require_once './admin.head.php';
$colspan = 10;
?>
<div class="local_ov01 local_ov">
<?php echo $listall ?>
<span class="btn_ov01"><span class="ov_txt">전체그룹</span><span class="ov_num"> <?php echo number_format($total_count) ?>개</span></span>
<span class="btn_ov01"><span class="ov_txt">전체그룹</span><span class="ov_num"> <?php echo number_format($total_count) ?>개</span></span>
</div>
<form name="fsearch" id="fsearch" class="local_sch01 local_sch" method="get">
<label for="sfl" class="sound_only">검색대상</label>
<select name="sfl" id="sfl">
<option value="gr_subject"<?php echo get_selected($sfl, "gr_subject"); ?>>제목</option>
<option value="gr_id"<?php echo get_selected($sfl, "gr_id"); ?>>ID</option>
<option value="gr_admin"<?php echo get_selected($sfl, "gr_admin"); ?>>그룹관리자</option>
</select>
<label for="stx" class="sound_only">검색어<strong class="sound_only"> 필수</strong></label>
<input type="text" name="stx" id="stx" value="<?php echo $stx ?>" required class="required frm_input">
<input type="submit" value="검색" class="btn_submit">
<label for="sfl" class="sound_only">검색대상</label>
<select name="sfl" id="sfl">
<option value="gr_subject" <?php echo get_selected($sfl, "gr_subject"); ?>>제목</option>
<option value="gr_id" <?php echo get_selected($sfl, "gr_id"); ?>>ID</option>
<option value="gr_admin" <?php echo get_selected($sfl, "gr_admin"); ?>>그룹관리자</option>
</select>
<label for="stx" class="sound_only">검색어<strong class="sound_only"> 필수</strong></label>
<input type="text" name="stx" id="stx" value="<?php echo $stx ?>" required class="required frm_input">
<input type="submit" value="검색" class="btn_submit">
</form>
<form name="fboardgrouplist" id="fboardgrouplist" action="./boardgroup_list_update.php" onsubmit="return fboardgrouplist_submit(this);" method="post">
<input type="hidden" name="sst" value="<?php echo $sst ?>">
<input type="hidden" name="sod" value="<?php echo $sod ?>">
<input type="hidden" name="sfl" value="<?php echo $sfl ?>">
<input type="hidden" name="stx" value="<?php echo $stx ?>">
<input type="hidden" name="page" value="<?php echo $page ?>">
<input type="hidden" name="token" value="">
<input type="hidden" name="sst" value="<?php echo $sst ?>">
<input type="hidden" name="sod" value="<?php echo $sod ?>">
<input type="hidden" name="sfl" value="<?php echo $sfl ?>">
<input type="hidden" name="stx" value="<?php echo $stx ?>">
<input type="hidden" name="page" value="<?php echo $page ?>">
<input type="hidden" name="token" value="">
<div class="tbl_head01 tbl_wrap">
<table>
<caption><?php echo $g5['title']; ?> 목록</caption>
<thead>
<tr>
<th scope="col">
<label for="chkall" class="sound_only">그룹 전체</label>
<input type="checkbox" name="chkall" value="1" id="chkall" onclick="check_all(this.form)">
</th>
<th scope="col"><?php echo subject_sort_link('gr_id') ?>그룹아이디</a></th>
<th scope="col"><?php echo subject_sort_link('gr_subject') ?>제목</a></th>
<th scope="col"><?php echo subject_sort_link('gr_admin') ?>그룹관리자</a></th>
<th scope="col">게시판</th>
<th scope="col">접근<br>사용</th>
<th scope="col">접근<br>회원수</th>
<th scope="col"><?php echo subject_sort_link('gr_order') ?>출력<br>순서</a></th>
<th scope="col">접속기기</th>
<th scope="col">관리</th>
</tr>
</thead>
<tbody>
<?php
for ($i=0; $row=sql_fetch_array($result); $i++)
{
// 접근회원수
$sql1 = " select count(*) as cnt from {$g5['group_member_table']} where gr_id = '{$row['gr_id']}' ";
$row1 = sql_fetch($sql1);
<div class="tbl_head01 tbl_wrap">
<table>
<caption><?php echo $g5['title']; ?> 목록</caption>
<thead>
<tr>
<th scope="col">
<label for="chkall" class="sound_only">그룹 전체</label>
<input type="checkbox" name="chkall" value="1" id="chkall" onclick="check_all(this.form)">
</th>
<th scope="col"><?php echo subject_sort_link('gr_id') ?>그룹아이디</a></th>
<th scope="col"><?php echo subject_sort_link('gr_subject') ?>제목</a></th>
<th scope="col"><?php echo subject_sort_link('gr_admin') ?>그룹관리자</a></th>
<th scope="col">게시판</th>
<th scope="col">접근<br>사용</th>
<th scope="col">접근<br>회원수</th>
<th scope="col"><?php echo subject_sort_link('gr_order') ?>출력<br>순서</a></th>
<th scope="col">접속기기</th>
<th scope="col">관리</th>
</tr>
</thead>
<tbody>
<?php
for ($i = 0; $row = sql_fetch_array($result); $i++) {
// 접근회원수
$sql1 = " select count(*) as cnt from {$g5['group_member_table']} where gr_id = '{$row['gr_id']}' ";
$row1 = sql_fetch($sql1);
// 게시판수
$sql2 = " select count(*) as cnt from {$g5['board_table']} where gr_id = '{$row['gr_id']}' ";
$row2 = sql_fetch($sql2);
// 게시판수
$sql2 = " select count(*) as cnt from {$g5['board_table']} where gr_id = '{$row['gr_id']}' ";
$row2 = sql_fetch($sql2);
$s_upd = '<a href="./boardgroup_form.php?'.$qstr.'&amp;w=u&amp;gr_id='.$row['gr_id'].'" class="btn_03 btn">수정</a>';
$s_upd = '<a href="./boardgroup_form.php?' . $qstr . '&amp;w=u&amp;gr_id=' . $row['gr_id'] . '" class="btn_03 btn">수정</a>';
$bg = 'bg'.($i%2);
?>
$bg = 'bg' . ($i % 2);
?>
<tr class="<?php echo $bg; ?>">
<td class="td_chk">
<input type="hidden" name="group_id[<?php echo $i ?>]" value="<?php echo $row['gr_id'] ?>">
<label for="chk_<?php echo $i; ?>" class="sound_only"><?php echo get_text($row['gr_subject']); ?> 그룹</label>
<input type="checkbox" name="chk[]" value="<?php echo $i ?>" id="chk_<?php echo $i ?>">
</td>
<td class="td_left"><a href="<?php echo G5_BBS_URL ?>/group.php?gr_id=<?php echo $row['gr_id'] ?>"><?php echo $row['gr_id'] ?></a></td>
<td class="td_input">
<label for="gr_subject_<?php echo $i; ?>" class="sound_only">그룹제목</label>
<input type="text" name="gr_subject[<?php echo $i ?>]" value="<?php echo get_text($row['gr_subject']) ?>" id="gr_subject_<?php echo $i ?>" class="tbl_input">
</td>
<td class="td_mng td_input">
<?php if ($is_admin == 'super'){ ?>
<label for="gr_admin_<?php echo $i; ?>" class="sound_only">그룹관리자</label>
<input type="text" name="gr_admin[<?php echo $i ?>]" value="<?php echo get_sanitize_input($row['gr_admin']); ?>" id="gr_admin_<?php echo $i ?>" class="tbl_input" size="10" maxlength="20">
<?php }else{ ?>
<input type="hidden" name="gr_admin[<?php echo $i ?>]" value="<?php echo get_sanitize_input($row['gr_admin']); ?>"><?php echo get_text($row['gr_admin']); ?>
<?php } ?>
</td>
<td class="td_num"><a href="./board_list.php?sfl=a.gr_id&amp;stx=<?php echo $row['gr_id'] ?>"><?php echo $row2['cnt'] ?></a></td>
<td class="td_numsmall">
<label for="gr_use_access_<?php echo $i; ?>" class="sound_only">접근회원 사용</label>
<input type="checkbox" name="gr_use_access[<?php echo $i ?>]" <?php echo $row['gr_use_access']?'checked':'' ?> value="1" id="gr_use_access_<?php echo $i ?>">
</td>
<td class="td_num"><a href="./boardgroupmember_list.php?gr_id=<?php echo $row['gr_id'] ?>"><?php echo $row1['cnt'] ?></a></td>
<td class="td_numsmall">
<label for="gr_order_<?php echo $i; ?>" class="sound_only">메인메뉴 출력순서</label>
<input type="text" name="gr_order[<?php echo $i ?>]" value="<?php echo $row['gr_order'] ?>" id="gr_order_<?php echo $i ?>" class="tbl_input" size="2">
</td>
<td class="td_mng">
<label for="gr_device_<?php echo $i; ?>" class="sound_only">접속기기</label>
<select name="gr_device[<?php echo $i ?>]" id="gr_device_<?php echo $i ?>">
<option value="both"<?php echo get_selected($row['gr_device'], 'both'); ?>>모두</option>
<option value="pc"<?php echo get_selected($row['gr_device'], 'pc'); ?>>PC</option>
<option value="mobile"<?php echo get_selected($row['gr_device'], 'mobile'); ?>>모바일</option>
</select>
</td>
<td class="td_mng td_mng_s"><?php echo $s_upd ?></td>
</tr>
<tr class="<?php echo $bg; ?>">
<td class="td_chk">
<input type="hidden" name="group_id[<?php echo $i ?>]" value="<?php echo $row['gr_id'] ?>">
<label for="chk_<?php echo $i; ?>" class="sound_only"><?php echo get_text($row['gr_subject']); ?> 그룹</label>
<input type="checkbox" name="chk[]" value="<?php echo $i ?>" id="chk_<?php echo $i ?>">
</td>
<td class="td_left"><a href="<?php echo G5_BBS_URL ?>/group.php?gr_id=<?php echo $row['gr_id'] ?>"><?php echo $row['gr_id'] ?></a></td>
<td class="td_input">
<label for="gr_subject_<?php echo $i; ?>" class="sound_only">그룹제목</label>
<input type="text" name="gr_subject[<?php echo $i ?>]" value="<?php echo get_text($row['gr_subject']) ?>" id="gr_subject_<?php echo $i ?>" class="tbl_input">
</td>
<td class="td_mng td_input">
<?php if ($is_admin == 'super') { ?>
<label for="gr_admin_<?php echo $i; ?>" class="sound_only">그룹관리자</label>
<input type="text" name="gr_admin[<?php echo $i ?>]" value="<?php echo get_sanitize_input($row['gr_admin']); ?>" id="gr_admin_<?php echo $i ?>" class="tbl_input" size="10" maxlength="20">
<?php } else { ?>
<input type="hidden" name="gr_admin[<?php echo $i ?>]" value="<?php echo get_sanitize_input($row['gr_admin']); ?>"><?php echo get_text($row['gr_admin']); ?>
<?php } ?>
</td>
<td class="td_num"><a href="./board_list.php?sfl=a.gr_id&amp;stx=<?php echo $row['gr_id'] ?>"><?php echo $row2['cnt'] ?></a></td>
<td class="td_numsmall">
<label for="gr_use_access_<?php echo $i; ?>" class="sound_only">접근회원 사용</label>
<input type="checkbox" name="gr_use_access[<?php echo $i ?>]" <?php echo $row['gr_use_access'] ? 'checked' : '' ?> value="1" id="gr_use_access_<?php echo $i ?>">
</td>
<td class="td_num"><a href="./boardgroupmember_list.php?gr_id=<?php echo $row['gr_id'] ?>"><?php echo $row1['cnt'] ?></a></td>
<td class="td_numsmall">
<label for="gr_order_<?php echo $i; ?>" class="sound_only">메인메뉴 출력순서</label>
<input type="text" name="gr_order[<?php echo $i ?>]" value="<?php echo $row['gr_order'] ?>" id="gr_order_<?php echo $i ?>" class="tbl_input" size="2">
</td>
<td class="td_mng">
<label for="gr_device_<?php echo $i; ?>" class="sound_only">접속기기</label>
<select name="gr_device[<?php echo $i ?>]" id="gr_device_<?php echo $i ?>">
<option value="both" <?php echo get_selected($row['gr_device'], 'both'); ?>>모두</option>
<option value="pc" <?php echo get_selected($row['gr_device'], 'pc'); ?>>PC</option>
<option value="mobile" <?php echo get_selected($row['gr_device'], 'mobile'); ?>>모바일</option>
</select>
</td>
<td class="td_mng td_mng_s"><?php echo $s_upd ?></td>
</tr>
<?php
}
if ($i == 0) {
echo '<tr><td colspan="' . $colspan . '" class="empty_table">자료가 없습니다.</td></tr>';
}
?>
</table>
</div>
<?php
}
if ($i == 0)
echo '<tr><td colspan="'.$colspan.'" class="empty_table">자료가 없습니다.</td></tr>';
?>
</table>
</div>
<div class="btn_fixed_top">
<input type="submit" name="act_button" onclick="document.pressed=this.value" value="선택수정" class="btn btn_02">
<input type="submit" name="act_button" onclick="document.pressed=this.value" value="선택삭제" class="btn btn_02">
<a href="./boardgroup_form.php" class="btn btn_01">게시판그룹 추가</a>
</div>
<div class="btn_fixed_top">
<input type="submit" name="act_button" onclick="document.pressed=this.value" value="선택수정" class="btn btn_02">
<input type="submit" name="act_button" onclick="document.pressed=this.value" value="선택삭제" class="btn btn_02">
<a href="./boardgroup_form.php" class="btn btn_01">게시판그룹 추가</a>
</div>
</form>
<div class="local_desc01 local_desc">
@ -184,27 +187,26 @@ $colspan = 10;
</div>
<?php
$pagelist = get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, $_SERVER['SCRIPT_NAME'].'?'.$qstr.'&amp;page=');
$pagelist = get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, $_SERVER['SCRIPT_NAME'] . '?' . $qstr . '&amp;page=');
echo $pagelist;
?>
<script>
function fboardgrouplist_submit(f)
{
if (!is_checked("chk[]")) {
alert(document.pressed+" 하실 항목을 하나 이상 선택하세요.");
return false;
}
if(document.pressed == "선택삭제") {
if(!confirm("선택한 자료를 정말 삭제하시겠습니까?")) {
function fboardgrouplist_submit(f) {
if (!is_checked("chk[]")) {
alert(document.pressed + " 하실 항목을 하나 이상 선택하세요.");
return false;
}
}
return true;
}
if (document.pressed == "선택삭제") {
if (!confirm("선택한 자료를 정말 삭제하시겠습니까?")) {
return false;
}
}
return true;
}
</script>
<?php
include_once('./admin.tail.php');
require_once './admin.tail.php';

58
adm/boardgroup_list_update.php
View File

@ -1,8 +1,6 @@
<?php
$sub_menu = "300200";
include_once('./_common.php');
//print_r2($_POST); exit;
require_once './_common.php';
check_demo();
@ -10,40 +8,42 @@ auth_check_menu($auth, $sub_menu, 'w');
check_admin_token();
$post_chk = isset($_POST['chk']) ? (array) $_POST['chk'] : array();
$post_group_id = isset($_POST['group_id']) ? (array) $_POST['group_id'] : array();
$act_button = isset($_POST['act_button']) ? $_POST['act_button'] : '';
$post_chk = isset($_POST['chk']) ? (array) $_POST['chk'] : array();
$post_group_id = isset($_POST['group_id']) ? (array) $_POST['group_id'] : array();
$act_button = isset($_POST['act_button']) ? $_POST['act_button'] : '';
$count = count($post_chk);
$chk_count = count($post_chk);
if(!$count)
alert($act_button.'할 게시판그룹을 1개이상 선택해 주세요.');
if (!$chk_count) {
alert($act_button . '할 게시판그룹을 1개이상 선택해 주세요.');
}
for ($i=0; $i<$count; $i++)
{
$k = isset($post_chk[$i]) ? (int) $post_chk[$i] : 0;
$gr_id = preg_replace('/[^a-z0-9_]/i', '', $post_group_id[$k]);
$gr_subject = isset($_POST['gr_subject'][$k]) ? strip_tags(clean_xss_attributes($_POST['gr_subject'][$k])) : '';
$gr_admin = isset($_POST['gr_admin'][$k]) ? strip_tags(clean_xss_attributes($_POST['gr_admin'][$k])) : '';
$gr_device = isset($_POST['gr_device'][$k]) ? clean_xss_tags($_POST['gr_device'][$k], 1, 1, 10) : '';
$gr_use_access = isset($_POST['gr_use_access'][$k]) ? (int) $_POST['gr_use_access'][$k] : 0;
$gr_order = isset($_POST['gr_order'][$k]) ? (int) $_POST['gr_order'][$k] : 0;
for ($i = 0; $i < $chk_count; $i++) {
$k = isset($post_chk[$i]) ? (int) $post_chk[$i] : 0;
$gr_id = preg_replace('/[^a-z0-9_]/i', '', $post_group_id[$k]);
$gr_subject = isset($_POST['gr_subject'][$k]) ? strip_tags(clean_xss_attributes($_POST['gr_subject'][$k])) : '';
$gr_admin = isset($_POST['gr_admin'][$k]) ? strip_tags(clean_xss_attributes($_POST['gr_admin'][$k])) : '';
$gr_device = isset($_POST['gr_device'][$k]) ? clean_xss_tags($_POST['gr_device'][$k], 1, 1, 10) : '';
$gr_use_access = isset($_POST['gr_use_access'][$k]) ? (int) $_POST['gr_use_access'][$k] : 0;
$gr_order = isset($_POST['gr_order'][$k]) ? (int) $_POST['gr_order'][$k] : 0;
if($act_button == '선택수정') {
if ($act_button == '선택수정') {
$sql = " update {$g5['group_table']}
set gr_subject = '{$gr_subject}',
gr_device = '".sql_real_escape_string($gr_device)."',
gr_admin = '".sql_real_escape_string($gr_admin)."',
gr_use_access = '".$gr_use_access."',
gr_order = '".$gr_order."'
gr_device = '" . sql_real_escape_string($gr_device) . "',
gr_admin = '" . sql_real_escape_string($gr_admin) . "',
gr_use_access = '" . $gr_use_access . "',
gr_order = '" . $gr_order . "'
where gr_id = '{$gr_id}' ";
if ($is_admin != 'super')
if ($is_admin != 'super') {
$sql .= " and gr_admin = '{$gr_admin}' ";
}
sql_query($sql);
} else if($act_button == '선택삭제') {
} elseif ($act_button == '선택삭제') {
$row = sql_fetch(" select count(*) as cnt from {$g5['board_table']} where gr_id = '$gr_id' ");
if ($row['cnt'])
alert("이 그룹에 속한 게시판이 존재하여 게시판 그룹을 삭제할 수 없습니다.\\n\\n이 그룹에 속한 게시판을 먼저 삭제하여 주십시오.", './board_list.php?sfl=gr_id&amp;stx='.$gr_id);
if ($row['cnt']) {
alert("이 그룹에 속한 게시판이 존재하여 게시판 그룹을 삭제할 수 없습니다.\\n\\n이 그룹에 속한 게시판을 먼저 삭제하여 주십시오.", './board_list.php?sfl=gr_id&amp;stx=' . $gr_id);
}
// 그룹 삭제
sql_query(" delete from {$g5['group_table']} where gr_id = '$gr_id' ");
@ -53,6 +53,6 @@ for ($i=0; $i<$count; $i++)
}
}
run_event('admin_boardgroup_list_update', $act_button, $chk, $post_group_id, $qstr);
run_event('admin_boardgroup_list_update', $act_button, $post_chk, $post_group_id, $qstr);
goto_url('./boardgroup_list.php?'.$qstr);
goto_url('./boardgroup_list.php?' . $qstr);

201
adm/boardgroupmember_form.php
View File

@ -1,133 +1,134 @@
<?php
$sub_menu = "300200";
include_once('./_common.php');
require_once './_common.php';
auth_check_menu($auth, $sub_menu, 'w');
$mb = get_member($mb_id);
$token = isset($token) ? $token : '';
if (! (isset($mb['mb_id']) && $mb['mb_id']))
if (!(isset($mb['mb_id']) && $mb['mb_id'])) {
alert('존재하지 않는 회원입니다.');
}
$g5['title'] = '접근가능그룹';
include_once('./admin.head.php');
require_once './admin.head.php';
$colspan = 4;
?>
<form name="fboardgroupmember_form" id="fboardgroupmember_form" action="./boardgroupmember_update.php" onsubmit="return boardgroupmember_form_check(this)" method="post">
<input type="hidden" name="mb_id" value="<?php echo $mb['mb_id'] ?>" id="mb_id">
<input type="hidden" name="token" value="" id="token">
<div class="local_ov01 local_ov">
<span class="btn_ov01"><span class="ov_txt"> 아이디</span><span class="ov_num"><?php echo $mb['mb_id'] ?></span></span>
<span class="btn_ov01"><span class="ov_txt"> 이름</span><span class="ov_num"><?php echo get_text($mb['mb_name']); ?></span></span>
<span class="btn_ov01"><span class="ov_txt"> 닉네임</span><span class="ov_num"><?php echo $mb['mb_nick'] ?></span></span>
</div>
<div class="local_cmd01 local_cmd">
<input type="hidden" name="mb_id" value="<?php echo $mb['mb_id'] ?>" id="mb_id">
<input type="hidden" name="token" value="" id="token">
<label for="gr_id">그룹지정</label>
<select name="gr_id" id="gr_id">
<option value="">접근가능 그룹을 선택하세요.</option>
<?php
$sql = " select *
from {$g5['group_table']}
where gr_use_access = 1 ";
//if ($is_admin == 'group') {
if ($is_admin != 'super')
$sql .= " and gr_admin = '{$member['mb_id']}' ";
$sql .= " order by gr_id ";
$result = sql_query($sql);
for ($i=0; $row=sql_fetch_array($result); $i++) {
echo "<option value=\"".$row['gr_id']."\">".$row['gr_subject']."</option>";
}
?>
</select>
<input type="submit" value="선택" class="btn_submit btn" accesskey="s">
</div>
<div class="local_ov01 local_ov">
<span class="btn_ov01"><span class="ov_txt"> 아이디</span><span class="ov_num"><?php echo $mb['mb_id'] ?></span></span>
<span class="btn_ov01"><span class="ov_txt"> 이름</span><span class="ov_num"><?php echo get_text($mb['mb_name']); ?></span></span>
<span class="btn_ov01"><span class="ov_txt"> 닉네임</span><span class="ov_num"><?php echo $mb['mb_nick'] ?></span></span>
</div>
<div class="local_cmd01 local_cmd">
<label for="gr_id">그룹지정</label>
<select name="gr_id" id="gr_id">
<option value="">접근가능 그룹을 선택하세요.</option>
<?php
$sql = " select *
from {$g5['group_table']}
where gr_use_access = 1 ";
if ($is_admin != 'super') {
$sql .= " and gr_admin = '{$member['mb_id']}' ";
}
$sql .= " order by gr_id ";
$result = sql_query($sql);
for ($i = 0; $row = sql_fetch_array($result); $i++) {
echo "<option value=\"" . $row['gr_id'] . "\">" . $row['gr_subject'] . "</option>";
}
?>
</select>
<input type="submit" value="선택" class="btn_submit btn" accesskey="s">
</div>
</form>
<form name="fboardgroupmember" id="fboardgroupmember" action="./boardgroupmember_update.php" onsubmit="return fboardgroupmember_submit(this);" method="post">
<input type="hidden" name="sst" value="<?php echo $sst ?>" id="sst">
<input type="hidden" name="sod" value="<?php echo $sod ?>" id="sod">
<input type="hidden" name="sfl" value="<?php echo $sfl ?>" id="sfl">
<input type="hidden" name="stx" value="<?php echo $stx ?>" id="stx">
<input type="hidden" name="page" value="<?php echo $page ?>" id="page">
<input type="hidden" name="token" value="<?php echo get_sanitize_input($token); ?>" id="token">
<input type="hidden" name="mb_id" value="<?php echo $mb['mb_id'] ?>" id="mb_id">
<input type="hidden" name="w" value="d" id="w">
<input type="hidden" name="sst" value="<?php echo $sst ?>" id="sst">
<input type="hidden" name="sod" value="<?php echo $sod ?>" id="sod">
<input type="hidden" name="sfl" value="<?php echo $sfl ?>" id="sfl">
<input type="hidden" name="stx" value="<?php echo $stx ?>" id="stx">
<input type="hidden" name="page" value="<?php echo $page ?>" id="page">
<input type="hidden" name="token" value="<?php echo get_sanitize_input($token); ?>" id="token">
<input type="hidden" name="mb_id" value="<?php echo $mb['mb_id'] ?>" id="mb_id">
<input type="hidden" name="w" value="d" id="w">
<div class="tbl_head01 tbl_wrap">
<table>
<caption><?php echo $g5['title']; ?> 목록</caption>
<thead>
<tr>
<th scope="col">
<label for="chkall" class="sound_only">접근가능그룹 전체</label>
<input type="checkbox" name="chkall" value="1" id="chkall" onclick="check_all(this.form)">
</th>
<th scope="col">그룹아이디</th>
<th scope="col">그룹</th>
<th scope="col">처리일시</th>
</tr>
</thead>
<tbody>
<?php
$sql = " select * from {$g5['group_member_table']} a, {$g5['group_table']} b
where a.mb_id = '{$mb['mb_id']}'
and a.gr_id = b.gr_id ";
if ($is_admin != 'super')
$sql .= " and b.gr_admin = '{$member['mb_id']}' ";
$sql .= " order by a.gr_id desc ";
$result = sql_query($sql);
for ($i=0; $row=sql_fetch_array($result); $i++) {
?>
<tr>
<td class="td_chk">
<label for="chk_<?php echo $i; ?>" class="sound_only"><?php echo $row['gr_subject'] ?> 그룹</label>
<input type="checkbox" name="chk[]" value="<?php echo $row['gm_id'] ?>" id="chk_<?php echo $i ?>">
</td>
<td class="td_grid"><a href="<?php echo G5_BBS_URL; ?>/group.php?gr_id=<?php echo $row['gr_id'] ?>"><?php echo $row['gr_id'] ?></a></td>
<td class="td_category"><?php echo $row['gr_subject'] ?></td>
<td class="td_datetime"><?php echo $row['gm_datetime'] ?></td>
</tr>
<?php
}
<div class="tbl_head01 tbl_wrap">
<table>
<caption><?php echo $g5['title']; ?> 목록</caption>
<thead>
<tr>
<th scope="col">
<label for="chkall" class="sound_only">접근가능그룹 전체</label>
<input type="checkbox" name="chkall" value="1" id="chkall" onclick="check_all(this.form)">
</th>
<th scope="col">그룹아이디</th>
<th scope="col">그룹</th>
<th scope="col">처리일시</th>
</tr>
</thead>
<tbody>
<?php
$sql = " select * from {$g5['group_member_table']} a, {$g5['group_table']} b
where a.mb_id = '{$mb['mb_id']}'
and a.gr_id = b.gr_id ";
if ($is_admin != 'super') {
$sql .= " and b.gr_admin = '{$member['mb_id']}' ";
}
$sql .= " order by a.gr_id desc ";
$result = sql_query($sql);
for ($i = 0; $row = sql_fetch_array($result); $i++) {
?>
<tr>
<td class="td_chk">
<label for="chk_<?php echo $i; ?>" class="sound_only"><?php echo $row['gr_subject'] ?> 그룹</label>
<input type="checkbox" name="chk[]" value="<?php echo $row['gm_id'] ?>" id="chk_<?php echo $i ?>">
</td>
<td class="td_grid"><a href="<?php echo G5_BBS_URL; ?>/group.php?gr_id=<?php echo $row['gr_id'] ?>"><?php echo $row['gr_id'] ?></a></td>
<td class="td_category"><?php echo $row['gr_subject'] ?></td>
<td class="td_datetime"><?php echo $row['gm_datetime'] ?></td>
</tr>
<?php
}
if ($i == 0) {
echo '<tr><td colspan="'.$colspan.'" class="empty_table">접근가능한 그룹이 없습니다.</td></tr>';
}
?>
</tbody>
</table>
</div>
if ($i == 0) {
echo '<tr><td colspan="' . $colspan . '" class="empty_table">접근가능한 그룹이 없습니다.</td></tr>';
}
?>
</tbody>
</table>
</div>
<div class="btn_list01 btn_list">
<input type="submit" name="" value="선택삭제" class="btn btn_02">
</div>
<div class="btn_list01 btn_list">
<input type="submit" name="" value="선택삭제" class="btn btn_02">
</div>
</form>
<script>
function fboardgroupmember_submit(f)
{
if (!is_checked("chk[]")) {
alert("선택삭제 하실 항목을 하나 이상 선택하세요.");
return false;
function fboardgroupmember_submit(f) {
if (!is_checked("chk[]")) {
alert("선택삭제 하실 항목을 하나 이상 선택하세요.");
return false;
}
return true;
}
return true;
}
function boardgroupmember_form_check(f) {
if (f.gr_id.value == '') {
alert('접근가능 그룹을 선택하세요.');
return false;
}
function boardgroupmember_form_check(f)
{
if (f.gr_id.value == '') {
alert('접근가능 그룹을 선택하세요.');
return false;
return true;
}
return true;
}
</script>
<?php
include_once('./admin.tail.php');
require_once './admin.tail.php';

178
adm/boardgroupmember_list.php
View File

@ -1,6 +1,6 @@
<?php
$sub_menu = "300200";
include_once('./_common.php');
require_once './_common.php';
auth_check_menu($auth, $sub_menu, 'r');
@ -11,13 +11,13 @@ if (!$gr['gr_id']) {
$sql_common = " from {$g5['group_member_table']} a
left outer join {$g5['member_table']} b on (a.mb_id = b.mb_id) ";
$sql_search = " where gr_id = '{$gr_id}' ";
// 회원아이디로 검색되지 않던 오류를 수정
if (isset($stx) && $stx) {
$sql_search .= " and ( ";
switch ($sfl) {
default :
default:
$sql_search .= " ($sfl like '%$stx%') ";
break;
}
@ -25,7 +25,7 @@ if (isset($stx) && $stx) {
}
if (!$sst) {
$sst = "gm_datetime";
$sst = "gm_datetime";
$sod = "desc";
}
$sql_order = " order by {$sst} {$sod} ";
@ -39,7 +39,9 @@ $total_count = $row['cnt'];
$rows = $config['cf_page_rows'];
$total_page = ceil($total_count / $rows); // 전체 페이지 계산
if ($page < 1) $page = 1; // 페이지가 없으면 첫 페이지 (1 페이지)
if ($page < 1) {
$page = 1; // 페이지가 없으면 첫 페이지 (1 페이지)
}
$from_record = ($page - 1) * $rows; // 시작 열을 구함
$sql = " select *
@ -49,107 +51,107 @@ $sql = " select *
limit {$from_record}, {$rows} ";
$result = sql_query($sql);
$g5['title'] = $gr['gr_subject'].' 그룹 접근가능회원 (그룹아이디:'.$gr['gr_id'].')';
include_once('./admin.head.php');
$g5['title'] = $gr['gr_subject'] . ' 그룹 접근가능회원 (그룹아이디:' . $gr['gr_id'] . ')';
require_once './admin.head.php';
$colspan = 7;
?>
<form name="fsearch" id="fsearch" class="local_sch01 local_sch" method="get">
<input type="hidden" name="gr_id" value="<?php echo $gr_id ?>">
<label for="sfl" class="sound_only">검색대상</label>
<select name="sfl" id="sfl">
<option value="a.mb_id"<?php echo get_selected($sfl, "a.mb_id") ?>>회원아이디</option>
</select>
<label for="stx" class="sound_only">검색어<strong class="sound_only"> 필수</strong></label>
<input type="text" name="stx" value="<?php echo $stx ?>" id="stx" required class="required frm_input">
<input type="submit" value="검색" class="btn_submit">
<input type="hidden" name="gr_id" value="<?php echo $gr_id ?>">
<label for="sfl" class="sound_only">검색대상</label>
<select name="sfl" id="sfl">
<option value="a.mb_id" <?php echo get_selected($sfl, "a.mb_id") ?>>회원아이디</option>
</select>
<label for="stx" class="sound_only">검색어<strong class="sound_only"> 필수</strong></label>
<input type="text" name="stx" value="<?php echo $stx ?>" id="stx" required class="required frm_input">
<input type="submit" value="검색" class="btn_submit">
</form>
<form name="fboardgroupmember" id="fboardgroupmember" action="./boardgroupmember_update.php" onsubmit="return fboardgroupmember_submit(this);" method="post">
<input type="hidden" name="sst" value="<?php echo $sst ?>">
<input type="hidden" name="sod" value="<?php echo $sod ?>">
<input type="hidden" name="sfl" value="<?php echo $sfl ?>">
<input type="hidden" name="stx" value="<?php echo $stx ?>">
<input type="hidden" name="page" value="<?php echo $page ?>">
<input type="hidden" name="token" value="<?php echo $token ?>">
<input type="hidden" name="gr_id" value="<?php echo $gr_id ?>">
<input type="hidden" name="w" value="ld">
<input type="hidden" name="sst" value="<?php echo $sst ?>">
<input type="hidden" name="sod" value="<?php echo $sod ?>">
<input type="hidden" name="sfl" value="<?php echo $sfl ?>">
<input type="hidden" name="stx" value="<?php echo $stx ?>">
<input type="hidden" name="page" value="<?php echo $page ?>">
<input type="hidden" name="token" value="<?php echo $token ?>">
<input type="hidden" name="gr_id" value="<?php echo $gr_id ?>">
<input type="hidden" name="w" value="ld">
<div class="tbl_head01 tbl_wrap">
<table>
<caption><?php echo $g5['title']; ?> 목록</caption>
<thead>
<tr>
<th scope="col">
<label for="chkall" class="sound_only">접근가능회원 전체</label>
<input type="checkbox" name="chkall" value="1" id="chkall" onclick="check_all(this.form)">
</th>
<th scope="col">그룹</th>
<th scope="col"><?php echo subject_sort_link('b.mb_id', 'gr_id='.$gr_id) ?>회원아이디</a></th>
<th scope="col"><?php echo subject_sort_link('b.mb_name', 'gr_id='.$gr_id) ?>이름</a></th>
<th scope="col"><?php echo subject_sort_link('b.mb_nick', 'gr_id='.$gr_id) ?>별명</a></th>
<th scope="col"><?php echo subject_sort_link('b.mb_today_login', 'gr_id='.$gr_id) ?>최종접속</a></th>
<th scope="col"><?php echo subject_sort_link('a.gm_datetime', 'gr_id='.$gr_id) ?>처리일시</a></th>
</tr>
</thead>
<tbody>
<?php
for ($i=0; $row=sql_fetch_array($result); $i++)
{
// 접근가능한 그룹수
$sql2 = " select count(*) as cnt from {$g5['group_member_table']} where mb_id = '{$row['mb_id']}' ";
$row2 = sql_fetch($sql2);
$group = "";
if ($row2['cnt'])
$group = '<a href="./boardgroupmember_form.php?mb_id='.$row['mb_id'].'">'.$row2['cnt'].'</a>';
<div class="tbl_head01 tbl_wrap">
<table>
<caption><?php echo $g5['title']; ?> 목록</caption>
<thead>
<tr>
<th scope="col">
<label for="chkall" class="sound_only">접근가능회원 전체</label>
<input type="checkbox" name="chkall" value="1" id="chkall" onclick="check_all(this.form)">
</th>
<th scope="col">그룹</th>
<th scope="col"><?php echo subject_sort_link('b.mb_id', 'gr_id=' . $gr_id) ?>회원아이디</a></th>
<th scope="col"><?php echo subject_sort_link('b.mb_name', 'gr_id=' . $gr_id) ?>이름</a></th>
<th scope="col"><?php echo subject_sort_link('b.mb_nick', 'gr_id=' . $gr_id) ?>별명</a></th>
<th scope="col"><?php echo subject_sort_link('b.mb_today_login', 'gr_id=' . $gr_id) ?>최종접속</a></th>
<th scope="col"><?php echo subject_sort_link('a.gm_datetime', 'gr_id=' . $gr_id) ?>처리일시</a></th>
</tr>
</thead>
<tbody>
<?php
for ($i = 0; $row = sql_fetch_array($result); $i++) {
// 접근가능한 그룹수
$sql2 = " select count(*) as cnt from {$g5['group_member_table']} where mb_id = '{$row['mb_id']}' ";
$row2 = sql_fetch($sql2);
$group = "";
if ($row2['cnt']) {
$group = '<a href="./boardgroupmember_form.php?mb_id=' . $row['mb_id'] . '">' . $row2['cnt'] . '</a>';
}
$mb_nick = get_sideview($row['mb_id'], $row['mb_nick'], $row['mb_email'], $row['mb_homepage']);
$mb_nick = get_sideview($row['mb_id'], $row['mb_nick'], $row['mb_email'], $row['mb_homepage']);
$bg = 'bg'.($i%2);
?>
<tr class="<?php echo $bg; ?>">
<td class="td_chk">
<label for="chk_<?php echo $i; ?>" class="sound_only"><?php echo $row['mb_nick'] ?> 회원</label>
<input type="checkbox" name="chk[]" value="<?php echo $row['gm_id'] ?>" id="chk_<?php echo $i ?>">
</td>
<td class="td_grid"><?php echo $group ?></td>
<td class="td_mbid"><?php echo $row['mb_id'] ?></td>
<td class="td_mbname"><?php echo get_text($row['mb_name']); ?></td>
<td class="td_name sv_use"><?php echo $mb_nick ?></td>
<td class="td_datetime"><?php echo substr($row['mb_today_login'],2,8) ?></td>
<td class="td_datetime"><?php echo $row['gm_datetime'] ?></td>
</tr>
<?php
}
$bg = 'bg' . ($i % 2);
?>
<tr class="<?php echo $bg; ?>">
<td class="td_chk">
<label for="chk_<?php echo $i; ?>" class="sound_only"><?php echo $row['mb_nick'] ?> 회원</label>
<input type="checkbox" name="chk[]" value="<?php echo $row['gm_id'] ?>" id="chk_<?php echo $i ?>">
</td>
<td class="td_grid"><?php echo $group ?></td>
<td class="td_mbid"><?php echo $row['mb_id'] ?></td>
<td class="td_mbname"><?php echo get_text($row['mb_name']); ?></td>
<td class="td_name sv_use"><?php echo $mb_nick ?></td>
<td class="td_datetime"><?php echo substr($row['mb_today_login'], 2, 8) ?></td>
<td class="td_datetime"><?php echo $row['gm_datetime'] ?></td>
</tr>
<?php
}
if ($i == 0)
{
echo '<tr><td colspan="'.$colspan.'" class="empty_table">자료가 없습니다.</td></tr>';
}
?>
</tbody>
</table>
</div>
if ($i == 0) {
echo '<tr><td colspan="' . $colspan . '" class="empty_table">자료가 없습니다.</td></tr>';
}
?>
</tbody>
</table>
</div>
<div class="btn_list01 btn_list">
<input type="submit" name="" value="선택삭제">
</div>
<div class="btn_list01 btn_list">
<input type="submit" name="" value="선택삭제">
</div>
</form>
<?php echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, "{$_SERVER['SCRIPT_NAME']}?$qstr&amp;gr_id=$gr_id&page="); ?>
<?php
echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, "{$_SERVER['SCRIPT_NAME']}?$qstr&amp;gr_id=$gr_id&page=");
?>
<script>
function fboardgroupmember_submit(f)
{
if (!is_checked("chk[]")) {
alert("선택삭제 하실 항목을 하나 이상 선택하세요.");
return false;
}
function fboardgroupmember_submit(f) {
if (!is_checked("chk[]")) {
alert("선택삭제 하실 항목을 하나 이상 선택하세요.");
return false;
}
return true;
}
return true;
}
</script>
<?php
include_once('./admin.tail.php');
require_once './admin.tail.php';

38
adm/boardgroupmember_update.php
View File

@ -1,20 +1,19 @@
<?php
$sub_menu = "300200";
include_once('./_common.php');
require_once './_common.php';
sql_query(" ALTER TABLE {$g5['group_member_table']} CHANGE `gm_id` `gm_id` INT( 11 ) DEFAULT '0' NOT NULL AUTO_INCREMENT ", false);
if ($w == '')
{
if ($w == '') {
auth_check_menu($auth, $sub_menu, 'w');
$mb = get_member($mb_id);
if (!$mb['mb_id']) {
if (empty($mb['mb_id'])) {
alert('존재하지 않는 회원입니다.');
}
$gr = get_group($gr_id);
if (!$gr['gr_id']) {
if (empty($gr['gr_id'])) {
alert('존재하지 않는 그룹입니다.');
}
@ -25,37 +24,35 @@ if ($w == '')
$row = sql_fetch($sql);
if ($row['cnt']) {
alert('이미 등록되어 있는 자료입니다.');
}
else
{
} else {
check_admin_token();
$sql = " insert into {$g5['group_member_table']}
set gr_id = '{$_POST['gr_id']}',
mb_id = '{$_POST['mb_id']}',
gm_datetime = '".G5_TIME_YMDHIS."' ";
gm_datetime = '" . G5_TIME_YMDHIS . "' ";
sql_query($sql);
}
}
else if ($w == 'd' || $w == 'ld')
{
} elseif ($w == 'd' || $w == 'ld') {
auth_check_menu($auth, $sub_menu, 'd');
$count = count($_POST['chk']);
if(!$count)
if (!$count) {
alert('삭제할 목록을 하나이상 선택해 주세요.');
}
check_admin_token();
for($i=0; $i<$count; $i++) {
for ($i = 0; $i < $count; $i++) {
$gm_id = (int) $_POST['chk'][$i];
$sql = " select * from {$g5['group_member_table']} where gm_id = '$gm_id' ";
$gm = sql_fetch($sql);
if (!$gm['gm_id']) {
if($count == 1)
if ($count == 1) {
alert('존재하지 않는 자료입니다.');
else
} else {
continue;
}
}
$sql = " delete from {$g5['group_member_table']} where gm_id = '$gm_id' ";
@ -63,7 +60,8 @@ else if ($w == 'd' || $w == 'ld')
}
}
if ($w == 'ld')
goto_url('./boardgroupmember_list.php?gr_id='.$gr_id);
else
goto_url('./boardgroupmember_form.php?mb_id='.$mb_id);
if ($w == 'ld') {
goto_url('./boardgroupmember_list.php?gr_id=' . $gr_id);
} else {
goto_url('./boardgroupmember_form.php?mb_id=' . $mb_id);
}

44
adm/browscap.php
View File

@ -1,15 +1,17 @@
<?php
$sub_menu = "100510";
include_once('./_common.php');
require_once './_common.php';
if(!(version_compare(phpversion(), '5.3.0', '>=') && defined('G5_BROWSCAP_USE') && G5_BROWSCAP_USE))
if (!(version_compare(phpversion(), '5.3.0', '>=') && defined('G5_BROWSCAP_USE') && G5_BROWSCAP_USE)) {
alert('사용할 수 없는 기능입니다.', correct_goto_url(G5_ADMIN_URL));
}
if ($is_admin != 'super')
if ($is_admin != 'super') {
alert('최고관리자만 접근 가능합니다.');
}
$g5['title'] = 'Browscap 업데이트';
include_once('./admin.head.php');
require_once './admin.head.php';
?>
<div id="processing">
@ -18,27 +20,27 @@ include_once('./admin.head.php');
</div>
<script>
$(function() {
$("#run_update").on("click", function() {
$("#processing").html('<div class="update_processing"></div><p>Browscap 정보를 업데이트 중입니다.</p>');
$(function() {
$("#run_update").on("click", function() {
$("#processing").html('<div class="update_processing"></div><p>Browscap 정보를 업데이트 중입니다.</p>');
$.ajax({
url: "./browscap_update.php",
async: true,
cache: false,
dataType: "html",
success: function(data) {
if(data != "") {
alert(data);
return false;
$.ajax({
url: "./browscap_update.php",
async: true,
cache: false,
dataType: "html",
success: function(data) {
if (data != "") {
alert(data);
return false;
}
$("#processing").html("<div class='check_processing'></div><p>Browscap 정보를 업데이트 했습니다.</p>");
}
$("#processing").html("<div class='check_processing'></div><p>Browscap 정보를 업데이트 했습니다.</p>");
}
});
});
});
});
</script>
<?php
include_once('./admin.tail.php');
require_once './admin.tail.php';

45
adm/browscap_convert.php
View File

@ -1,19 +1,22 @@
<?php
$sub_menu = "100520";
include_once('./_common.php');
require_once './_common.php';
if(!(version_compare(phpversion(), '5.3.0', '>=') && defined('G5_BROWSCAP_USE') && G5_BROWSCAP_USE))
if (!(version_compare(phpversion(), '5.3.0', '>=') && defined('G5_BROWSCAP_USE') && G5_BROWSCAP_USE)) {
alert('사용할 수 없는 기능입니다.', correct_goto_url(G5_ADMIN_URL));
}
if ($is_admin != 'super')
if ($is_admin != 'super') {
alert('최고관리자만 접근 가능합니다.');
}
$rows = isset($_GET['rows']) ? preg_replace('#[^0-9]#', '', $_GET['rows']) : 0;
if(!$rows)
if (!$rows) {
$rows = 100;
}
$g5['title'] = '접속로그 변환';
include_once('./admin.head.php');
require_once './admin.head.php';
?>
<div id="processing">
@ -22,24 +25,26 @@ include_once('./admin.head.php');
</div>
<script>
$(function() {
$(document).on("click", "#run_update", function() {
$("#processing").html('<div class="update_processing"></div><p>Browscap 정보로 변환 중입니다.</p>');
$(function() {
$(document).on("click", "#run_update", function() {
$("#processing").html('<div class="update_processing"></div><p>Browscap 정보로 변환 중입니다.</p>');
$.ajax({
method: "GET",
url: "./browscap_converter.php",
data: { rows: "<?php echo $rows; ?>" },
async: true,
cache: false,
dataType: "html",
success: function(data) {
$("#processing").html(data);
}
$.ajax({
method: "GET",
url: "./browscap_converter.php",
data: {
rows: "<?php echo strval($rows); ?>"
},
async: true,
cache: false,
dataType: "html",
success: function(data) {
$("#processing").html(data);
}
});
});
});
});
</script>
<?php
include_once('./admin.tail.php');
require_once './admin.tail.php';

43
adm/browscap_converter.php
View File

@ -1,36 +1,39 @@
<?php
ini_set('memory_limit', '-1');
include_once('./_common.php');
require_once './_common.php';
// clean the output buffer
ob_end_clean();
if(!(version_compare(phpversion(), '5.3.0', '>=') && defined('G5_BROWSCAP_USE') && G5_BROWSCAP_USE))
if (!(version_compare(phpversion(), '5.3.0', '>=') && defined('G5_BROWSCAP_USE') && G5_BROWSCAP_USE)) {
die('사용할 수 없는 기능입니다.');
}
if($is_admin != 'super')
if ($is_admin != 'super') {
die('최고관리자로 로그인 후 실행해 주세요.');
}
// browscap cache 파일 체크
if(!is_file(G5_DATA_PATH.'/cache/browscap_cache.php')) {
echo '<p>Browscap 정보가 없습니다. 아래 링크로 이동해 Browscap 정보를 업데이트 하세요.</p>'.PHP_EOL;
echo '<p><a href="'.G5_ADMIN_URL.'/browscap.php">Browscap 업데이트</a></p>'.PHP_EOL;
if (!is_file(G5_DATA_PATH . '/cache/browscap_cache.php')) {
echo '<p>Browscap 정보가 없습니다. 아래 링크로 이동해 Browscap 정보를 업데이트 하세요.</p>' . PHP_EOL;
echo '<p><a href="' . G5_ADMIN_URL . '/browscap.php">Browscap 업데이트</a></p>' . PHP_EOL;
exit;
}
include_once(G5_PLUGIN_PATH.'/browscap/Browscap.php');
$browscap = new phpbrowscap\Browscap(G5_DATA_PATH.'/cache');
require_once G5_PLUGIN_PATH . '/browscap/Browscap.php';
$browscap = new phpbrowscap\Browscap(G5_DATA_PATH . '/cache');
$browscap->doAutoUpdate = false;
$browscap->cacheFilename = 'browscap_cache.php';
// 데이터 변환
$rows = preg_replace('#[^0-9]#', '', $_GET['rows']);
if(!$rows)
$rows = isset($_GET['rows']) ? preg_replace('#[^0-9]#', '', $_GET['rows']) : 0;
if (!$rows) {
$rows = 100;
}
$sql_common = " from {$g5['visit_table']} where vi_agent <> '' and ( vi_browser = '' or vi_os = '' or vi_device = '' ) ";
$sql_order = " order by vi_id desc ";
$sql_limit = " limit 0, $rows ";
$sql_limit = " limit 0, " . strval($rows) . " ";
$sql = " select count(vi_id) as cnt $sql_common ";
$row = sql_fetch($sql);
@ -43,20 +46,23 @@ $sql = " select vi_id, vi_agent, vi_browser, vi_os, vi_device
$result = sql_query($sql);
$cnt = 0;
for($i=0; $row=sql_fetch_array($result); $i++) {
for ($i = 0; $row = sql_fetch_array($result); $i++) {
$info = $browscap->getBrowser($row['vi_agent']);
$brow = $row['vi_browser'];
if(!$brow)
if (!$brow) {
$brow = $info->Comment;
}
$os = $row['vi_os'];
if(!$os)
if (!$os) {
$os = $info->Platform;
}
$device = $row['vi_device'];
if(!$device)
if (!$device) {
$device = $info->Device_Type;
}
$sql2 = " update {$g5['visit_table']}
set vi_browser = '$brow',
@ -68,7 +74,8 @@ for($i=0; $row=sql_fetch_array($result); $i++) {
$cnt++;
}
if(($total_count - $cnt) == 0 || $total_count == 0)
if (($total_count - $cnt) == 0 || $total_count == 0) {
echo '<div class="check_processing"></div><p>변환완료</p>';
else
echo '<p>총 '.number_format($total_count).'건 중 '.number_format($cnt).'건 변환완료<br><br>접속로그를 추가로 변환하시려면 아래 업데이트 버튼을 클릭해 주세요.</p><button type="button" id="run_update">업데이트</button>';
} else {
echo '<p>총 ' . number_format($total_count) . '건 중 ' . number_format($cnt) . '건 변환완료<br><br>접속로그를 추가로 변환하시려면 아래 업데이트 버튼을 클릭해 주세요.</p><button type="button" id="run_update">업데이트</button>';
}

14
adm/browscap_update.php
View File

@ -2,22 +2,24 @@
ini_set('memory_limit', '-1');
$sub_menu = "100510";
include_once('./_common.php');
require_once './_common.php';
// clean the output buffer
ob_end_clean();
if(!(version_compare(phpversion(), '5.3.0', '>=') && defined('G5_BROWSCAP_USE') && G5_BROWSCAP_USE))
if (!(version_compare(phpversion(), '5.3.0', '>=') && defined('G5_BROWSCAP_USE') && G5_BROWSCAP_USE)) {
die('사용할 수 없는 기능입니다.');
}
if ($is_admin != 'super')
if ($is_admin != 'super') {
die('최고관리자만 접근 가능합니다.');
}
include_once(G5_PLUGIN_PATH.'/browscap/Browscap.php');
require_once G5_PLUGIN_PATH . '/browscap/Browscap.php';
$browscap = new phpbrowscap\Browscap(G5_DATA_PATH.'/cache');
$browscap = new phpbrowscap\Browscap(G5_DATA_PATH . '/cache');
$browscap->updateMethod = 'cURL';
$browscap->cacheFilename = 'browscap_cache.php';
$browscap->updateCache();
die('');
die('');

120
adm/cache_file_delete.php
View File

@ -1,59 +1,61 @@
<?php
$sub_menu = '100900';
include_once('./_common.php');
if ($is_admin != 'super')
alert('최고관리자만 접근 가능합니다.', G5_URL);
@include_once('./safe_check.php');
if(function_exists('social_log_file_delete')){
social_log_file_delete();
}
run_event('adm_cache_file_delete_before');
$g5['title'] = '캐시파일 일괄삭제';
include_once('./admin.head.php');
?>
<div class="local_desc02 local_desc">
<p>
완료 메세지가 나오기 전에 프로그램의 실행을 중지하지 마십시오.
</p>
</div>
<?php
flush();
if (!$dir=@opendir(G5_DATA_PATH.'/cache')) {
echo '<p>캐시디렉토리를 열지못했습니다.</p>';
}
$cnt=0;
echo '<ul class="session_del">'.PHP_EOL;
$files = glob(G5_DATA_PATH.'/cache/latest-*');
$content_files = glob(G5_DATA_PATH.'/cache/content-*');
$files = array_merge($files, $content_files);
if (is_array($files)) {
foreach ($files as $cache_file) {
$cnt++;
unlink($cache_file);
echo '<li>'.$cache_file.'</li>'.PHP_EOL;
flush();
if ($cnt%10==0)
echo PHP_EOL;
}
}
run_event('adm_cache_file_delete');
echo '<li>완료됨</li></ul>'.PHP_EOL;
echo '<div class="local_desc01 local_desc"><p><strong>최신글 캐시파일 '.$cnt.'건 삭제 완료됐습니다.</strong><br>프로그램의 실행을 끝마치셔도 좋습니다.</p></div>'.PHP_EOL;
?>
<?php
include_once('./admin.tail.php');
<?php
$sub_menu = '100900';
require_once './_common.php';
if ($is_admin != 'super') {
alert('최고관리자만 접근 가능합니다.', G5_URL);
}
@require_once './safe_check.php';
if (function_exists('social_log_file_delete')) {
social_log_file_delete();
}
run_event('adm_cache_file_delete_before');
$g5['title'] = '캐시파일 일괄삭제';
require_once './admin.head.php';
?>
<div class="local_desc02 local_desc">
<p>
완료 메세지가 나오기 전에 프로그램의 실행을 중지하지 마십시오.
</p>
</div>
<?php
flush();
if (!$dir = @opendir(G5_DATA_PATH . '/cache')) {
echo '<p>캐시디렉토리를 열지못했습니다.</p>';
}
$cnt = 0;
echo '<ul class="session_del">' . PHP_EOL;
$files = glob(G5_DATA_PATH . '/cache/latest-*');
$content_files = glob(G5_DATA_PATH . '/cache/content-*');
$files = array_merge($files, $content_files);
if (is_array($files)) {
foreach ($files as $cache_file) {
$cnt++;
unlink($cache_file);
echo '<li>' . $cache_file . '</li>' . PHP_EOL;
flush();
if ($cnt % 10 == 0) {
echo PHP_EOL;
}
}
}
run_event('adm_cache_file_delete');
echo '<li>완료됨</li></ul>' . PHP_EOL;
echo '<div class="local_desc01 local_desc"><p><strong>최신글 캐시파일 ' . $cnt . '건 삭제 완료됐습니다.</strong><br>프로그램의 실행을 끝마치셔도 좋습니다.</p></div>' . PHP_EOL;
?>
<?php
require_once './admin.tail.php';

108
adm/captcha_file_delete.php
View File

@ -1,52 +1,56 @@
<?php
$sub_menu = '100910';
include_once('./_common.php');
if ($is_admin != 'super')
alert('최고관리자만 접근 가능합니다.', G5_URL);
$g5['title'] = '캡챠파일 일괄삭제';
include_once('./admin.head.php');
?>
<div class="local_desc02 local_desc">
<p>
완료 메세지가 나오기 전에 프로그램의 실행을 중지하지 마십시오.
</p>
</div>
<?php
flush();
if (!$dir=@opendir(G5_DATA_PATH.'/cache')) {
echo '<p>캐시디렉토리를 열지못했습니다.</p>';
}
$cnt=0;
echo '<ul class="session_del">'.PHP_EOL;
$files = glob(G5_DATA_PATH.'/cache/?captcha-*');
if (is_array($files)) {
$before_time = G5_SERVER_TIME - 3600; // 한시간전
foreach ($files as $gcaptcha_file) {
$modification_time = filemtime($gcaptcha_file); // 파일접근시간
if ($modification_time > $before_time) continue;
$cnt++;
unlink($gcaptcha_file);
echo '<li>'.$gcaptcha_file.'</li>'.PHP_EOL;
flush();
if ($cnt%10==0)
echo PHP_EOL;
}
}
echo '<li>완료됨</li></ul>'.PHP_EOL;
echo '<div class="local_desc01 local_desc"><p><strong>캡챠파일 '.$cnt.'건의 삭제 완료됐습니다.</strong><br>프로그램의 실행을 끝마치셔도 좋습니다.</p></div>'.PHP_EOL;
?>
<?php
include_once('./admin.tail.php');
<?php
$sub_menu = '100910';
require_once './_common.php';
if ($is_admin != 'super') {
alert('최고관리자만 접근 가능합니다.', G5_URL);
}
$g5['title'] = '캡챠파일 일괄삭제';
require_once './admin.head.php';
?>
<div class="local_desc02 local_desc">
<p>
완료 메세지가 나오기 전에 프로그램의 실행을 중지하지 마십시오.
</p>
</div>
<?php
flush();
if (!$dir = @opendir(G5_DATA_PATH . '/cache')) {
echo '<p>캐시디렉토리를 열지못했습니다.</p>';
}
$cnt = 0;
echo '<ul class="session_del">' . PHP_EOL;
$files = glob(G5_DATA_PATH . '/cache/?captcha-*');
if (is_array($files)) {
$before_time = G5_SERVER_TIME - 3600; // 한시간전
foreach ($files as $gcaptcha_file) {
$modification_time = filemtime($gcaptcha_file); // 파일접근시간
if ($modification_time > $before_time) {
continue;
}
$cnt++;
unlink($gcaptcha_file);
echo '<li>' . $gcaptcha_file . '</li>' . PHP_EOL;
flush();
if ($cnt % 10 == 0) {
echo PHP_EOL;
}
}
}
echo '<li>완료됨</li></ul>' . PHP_EOL;
echo '<div class="local_desc01 local_desc"><p><strong>캡챠파일 ' . $cnt . '건의 삭제 완료됐습니다.</strong><br>프로그램의 실행을 끝마치셔도 좋습니다.</p></div>' . PHP_EOL;
?>
<?php
require_once './admin.tail.php';

2708
adm/config_form.php
View File

File diff suppressed because it is too large Load Diff

257
adm/config_form_update.php
View File

@ -1,13 +1,14 @@
<?php
$sub_menu = "100100";
include_once('./_common.php');
require_once './_common.php';
check_demo();
auth_check_menu($auth, $sub_menu, 'w');
if ($is_admin != 'super')
if ($is_admin != 'super') {
alert('최고관리자만 접근 가능합니다.');
}
$cf_title = isset($_POST['cf_title']) ? strip_tags(clean_xss_attributes($_POST['cf_title'])) : '';
$cf_admin = isset($_POST['cf_admin']) ? clean_xss_tags($_POST['cf_admin'], 1, 1) : '';
@ -15,156 +16,157 @@ $posts = array();
$mb = get_member($cf_admin);
if (! (isset($mb['mb_id']) && $mb['mb_id']))
if (!(isset($mb['mb_id']) && $mb['mb_id'])) {
alert('최고관리자 회원아이디가 존재하지 않습니다.');
}
check_admin_token();
$cf_social_servicelist = !empty($_POST['cf_social_servicelist']) ? implode(',', $_POST['cf_social_servicelist']) : '';
$check_keys = array('cf_cert_kcb_cd', 'cf_cert_kcp_cd', 'cf_editor', 'cf_recaptcha_site_key', 'cf_recaptcha_secret_key', 'cf_naver_clientid', 'cf_naver_secret', 'cf_facebook_appid', 'cf_facebook_secret', 'cf_twitter_key', 'cf_twitter_secret', 'cf_google_clientid', 'cf_google_secret', 'cf_googl_shorturl_apikey', 'cf_kakao_rest_key', 'cf_kakao_client_secret', 'cf_kakao_js_apikey', 'cf_payco_clientid', 'cf_payco_secret','cf_cert_kg_cd','cf_cert_kg_mid');
$check_keys = array('cf_cert_kcb_cd', 'cf_cert_kcp_cd', 'cf_editor', 'cf_recaptcha_site_key', 'cf_recaptcha_secret_key', 'cf_naver_clientid', 'cf_naver_secret', 'cf_facebook_appid', 'cf_facebook_secret', 'cf_twitter_key', 'cf_twitter_secret', 'cf_google_clientid', 'cf_google_secret', 'cf_googl_shorturl_apikey', 'cf_kakao_rest_key', 'cf_kakao_client_secret', 'cf_kakao_js_apikey', 'cf_payco_clientid', 'cf_payco_secret', 'cf_cert_kg_cd', 'cf_cert_kg_mid');
foreach( $check_keys as $key ){
if ( isset($_POST[$key]) && $_POST[$key] ){
foreach ($check_keys as $key) {
if (isset($_POST[$key]) && $_POST[$key]) {
$posts[$key] = $_POST[$key] = preg_replace('/[^a-z0-9_\-\.]/i', '', $_POST[$key]);
}
}
$posts['cf_icode_server_port'] = $_POST['cf_icode_server_port'] = isset($_POST['cf_icode_server_port']) ? preg_replace('/[^0-9]/', '', $_POST['cf_icode_server_port']) : '7295';
if(isset($_POST['cf_intercept_ip']) && $_POST['cf_intercept_ip']){
if (isset($_POST['cf_intercept_ip']) && $_POST['cf_intercept_ip']) {
$pattern = explode("\n", trim($_POST['cf_intercept_ip']));
for ($i=0; $i<count($pattern); $i++) {
for ($i = 0; $i < count($pattern); $i++) {
$pattern[$i] = trim($pattern[$i]);
if (empty($pattern[$i]))
if (empty($pattern[$i])) {
continue;
}
$pattern[$i] = str_replace(".", "\.", $pattern[$i]);
$pattern[$i] = str_replace("+", "[0-9\.]+", $pattern[$i]);
$pat = "/^{$pattern[$i]}$/";
if( preg_match($pat, $_SERVER['REMOTE_ADDR']) ){
alert("현재 접속 IP : ".$_SERVER['REMOTE_ADDR']." 가 차단될수 있기 때문에, 다른 IP를 입력해 주세요.");
if (preg_match($pat, $_SERVER['REMOTE_ADDR'])) {
alert("현재 접속 IP : " . $_SERVER['REMOTE_ADDR'] . " 가 차단될수 있기 때문에, 다른 IP를 입력해 주세요.");
}
}
}
$check_keys = array(
'cf_use_email_certify' => 'int',
'cf_use_homepage' => 'int',
'cf_req_homepage' => 'int',
'cf_use_tel' => 'int',
'cf_req_tel' => 'int',
'cf_use_hp' => 'int',
'cf_req_hp' => 'int',
'cf_use_addr' => 'int',
'cf_req_addr' => 'int',
'cf_use_signature' => 'int',
'cf_req_signature' => 'int',
'cf_use_profile' => 'int',
'cf_req_profile' => 'int',
'cf_register_level' => 'int',
'cf_register_point' => 'int',
'cf_icon_level' => 'int',
'cf_use_recommend' => 'int',
'cf_leave_day' => 'int',
'cf_search_part' => 'int',
'cf_email_use' => 'int',
'cf_email_wr_super_admin' => 'int',
'cf_email_wr_group_admin' => 'int',
'cf_email_wr_board_admin' => 'int',
'cf_email_wr_write' => 'int',
'cf_email_wr_comment_all' => 'int',
'cf_email_mb_super_admin' => 'int',
'cf_email_mb_member' => 'int',
'cf_email_po_super_admin' => 'int',
'cf_prohibit_id' => 'text',
'cf_prohibit_email' => 'text',
'cf_new_del' => 'int',
'cf_memo_del' => 'int',
'cf_visit_del' => 'int',
'cf_popular_del' => 'int',
'cf_use_member_icon' => 'int',
'cf_member_icon_size' => 'int',
'cf_member_icon_width' => 'int',
'cf_member_icon_height' => 'int',
'cf_member_img_size' => 'int',
'cf_member_img_width' => 'int',
'cf_member_img_height' => 'int',
'cf_login_minutes' => 'int',
'cf_formmail_is_member' => 'int',
'cf_page_rows' => 'int',
'cf_mobile_page_rows' => 'int',
'cf_social_login_use' => 'int',
'cf_cert_req' => 'int',
'cf_cert_use' => 'int',
'cf_cert_find' => 'int',
'cf_cert_ipin' => 'char',
'cf_cert_hp' => 'char',
'cf_cert_simple' => 'char',
'cf_admin_email' => 'char',
'cf_admin_email_name' => 'char',
'cf_add_script' => 'text',
'cf_use_point' => 'int',
'cf_point_term' => 'int',
'cf_use_copy_log' => 'int',
'cf_login_point' => 'int',
'cf_cut_name' => 'int',
'cf_nick_modify' => 'int',
'cf_new_skin' => 'char',
'cf_new_rows' => 'int',
'cf_search_skin' => 'char',
'cf_connect_skin' => 'char',
'cf_faq_skin' => 'char',
'cf_read_point' => 'int',
'cf_write_point' => 'int',
'cf_comment_point' => 'int',
'cf_download_point' => 'int',
'cf_write_pages' => 'int',
'cf_mobile_pages' => 'int',
'cf_link_target' => 'char',
'cf_delay_sec' => 'int',
'cf_filter' => 'text',
'cf_possible_ip' => 'text',
'cf_analytics' => 'text',
'cf_add_meta' => 'text',
'cf_member_skin' => 'char',
'cf_image_extension' => 'char',
'cf_flash_extension' => 'char',
'cf_movie_extension' => 'char',
'cf_visit' => 'char',
'cf_stipulation' => 'text',
'cf_privacy' => 'text',
'cf_open_modify' => 'int',
'cf_memo_send_point' => 'int',
'cf_mobile_new_skin' => 'char',
'cf_mobile_search_skin' => 'char',
'cf_mobile_connect_skin' => 'char',
'cf_mobile_faq_skin' => 'char',
'cf_mobile_member_skin' => 'char',
'cf_captcha_mp3' => 'char',
'cf_cert_limit' => 'int',
'cf_sms_use' => 'char',
'cf_sms_type' => 'char',
'cf_icode_id' => 'char',
'cf_icode_pw' => 'char',
'cf_icode_server_ip' => 'char',
'cf_captcha' => 'char',
'cf_syndi_token' => '',
'cf_syndi_except' => ''
'cf_use_email_certify' => 'int',
'cf_use_homepage' => 'int',
'cf_req_homepage' => 'int',
'cf_use_tel' => 'int',
'cf_req_tel' => 'int',
'cf_use_hp' => 'int',
'cf_req_hp' => 'int',
'cf_use_addr' => 'int',
'cf_req_addr' => 'int',
'cf_use_signature' => 'int',
'cf_req_signature' => 'int',
'cf_use_profile' => 'int',
'cf_req_profile' => 'int',
'cf_register_level' => 'int',
'cf_register_point' => 'int',
'cf_icon_level' => 'int',
'cf_use_recommend' => 'int',
'cf_leave_day' => 'int',
'cf_search_part' => 'int',
'cf_email_use' => 'int',
'cf_email_wr_super_admin' => 'int',
'cf_email_wr_group_admin' => 'int',
'cf_email_wr_board_admin' => 'int',
'cf_email_wr_write' => 'int',
'cf_email_wr_comment_all' => 'int',
'cf_email_mb_super_admin' => 'int',
'cf_email_mb_member' => 'int',
'cf_email_po_super_admin' => 'int',
'cf_prohibit_id' => 'text',
'cf_prohibit_email' => 'text',
'cf_new_del' => 'int',
'cf_memo_del' => 'int',
'cf_visit_del' => 'int',
'cf_popular_del' => 'int',
'cf_use_member_icon' => 'int',
'cf_member_icon_size' => 'int',
'cf_member_icon_width' => 'int',
'cf_member_icon_height' => 'int',
'cf_member_img_size' => 'int',
'cf_member_img_width' => 'int',
'cf_member_img_height' => 'int',
'cf_login_minutes' => 'int',
'cf_formmail_is_member' => 'int',
'cf_page_rows' => 'int',
'cf_mobile_page_rows' => 'int',
'cf_social_login_use' => 'int',
'cf_cert_req' => 'int',
'cf_cert_use' => 'int',
'cf_cert_find' => 'int',
'cf_cert_ipin' => 'char',
'cf_cert_hp' => 'char',
'cf_cert_simple' => 'char',
'cf_admin_email' => 'char',
'cf_admin_email_name' => 'char',
'cf_add_script' => 'text',
'cf_use_point' => 'int',
'cf_point_term' => 'int',
'cf_use_copy_log' => 'int',
'cf_login_point' => 'int',
'cf_cut_name' => 'int',
'cf_nick_modify' => 'int',
'cf_new_skin' => 'char',
'cf_new_rows' => 'int',
'cf_search_skin' => 'char',
'cf_connect_skin' => 'char',
'cf_faq_skin' => 'char',
'cf_read_point' => 'int',
'cf_write_point' => 'int',
'cf_comment_point' => 'int',
'cf_download_point' => 'int',
'cf_write_pages' => 'int',
'cf_mobile_pages' => 'int',
'cf_link_target' => 'char',
'cf_delay_sec' => 'int',
'cf_filter' => 'text',
'cf_possible_ip' => 'text',
'cf_analytics' => 'text',
'cf_add_meta' => 'text',
'cf_member_skin' => 'char',
'cf_image_extension' => 'char',
'cf_flash_extension' => 'char',
'cf_movie_extension' => 'char',
'cf_visit' => 'char',
'cf_stipulation' => 'text',
'cf_privacy' => 'text',
'cf_open_modify' => 'int',
'cf_memo_send_point' => 'int',
'cf_mobile_new_skin' => 'char',
'cf_mobile_search_skin' => 'char',
'cf_mobile_connect_skin' => 'char',
'cf_mobile_faq_skin' => 'char',
'cf_mobile_member_skin' => 'char',
'cf_captcha_mp3' => 'char',
'cf_cert_limit' => 'int',
'cf_sms_use' => 'char',
'cf_sms_type' => 'char',
'cf_icode_id' => 'char',
'cf_icode_pw' => 'char',
'cf_icode_server_ip' => 'char',
'cf_captcha' => 'char',
'cf_syndi_token' => '',
'cf_syndi_except' => ''
);
for($i=1;$i<=10;$i++){
$check_keys['cf_'.$i.'_subj'] = isset($_POST['cf_'.$i.'_subj']) ? $_POST['cf_'.$i.'_subj'] : '';
$check_keys['cf_'.$i] = isset($_POST['cf_'.$i]) ? $_POST['cf_'.$i] : '';
for ($i = 1; $i <= 10; $i++) {
$check_keys['cf_' . $i . '_subj'] = isset($_POST['cf_' . $i . '_subj']) ? $_POST['cf_' . $i . '_subj'] : '';
$check_keys['cf_' . $i] = isset($_POST['cf_' . $i]) ? $_POST['cf_' . $i] : '';
}
foreach( $check_keys as $k => $v ){
if( $v === 'int' ){
foreach ($check_keys as $k => $v) {
if ($v === 'int') {
$posts[$key] = $_POST[$k] = isset($_POST[$k]) ? (int) $_POST[$k] : 0;
} else {
if(in_array($k, array('cf_analytics', 'cf_add_meta', 'cf_add_script', 'cf_stipulation', 'cf_privacy'))){
if (in_array($k, array('cf_analytics', 'cf_add_meta', 'cf_add_script', 'cf_stipulation', 'cf_privacy'))) {
$posts[$key] = $_POST[$k] = isset($_POST[$k]) ? $_POST[$k] : '';
} else {
$posts[$key] = $_POST[$k] = isset($_POST[$k]) ? strip_tags(clean_xss_attributes($_POST[$k])) : '';
@ -173,10 +175,11 @@ foreach( $check_keys as $k => $v ){
}
// 본인확인을 사용할 경우 아이핀, 휴대폰인증 중 하나는 선택되어야 함
if($_POST['cf_cert_use'] && !$_POST['cf_cert_ipin'] && !$_POST['cf_cert_hp'] && !$_POST['cf_cert_simple'])
if ($_POST['cf_cert_use'] && !$_POST['cf_cert_ipin'] && !$_POST['cf_cert_hp'] && !$_POST['cf_cert_simple']) {
alert('본인확인을 위해 아이핀, 휴대폰 본인확인, KG이니시스 간편인증 서비스 중 하나 이상 선택해 주십시오.');
}
if(!$_POST['cf_cert_use']) {
if (!$_POST['cf_cert_use']) {
$posts[$key] = $_POST['cf_cert_ipin'] = '';
$posts[$key] = $_POST['cf_cert_hp'] = '';
$posts[$key] = $_POST['cf_cert_simple'] = '';
@ -209,8 +212,8 @@ $sql = " update {$g5['config_table']}
cf_link_target = '{$_POST['cf_link_target']}',
cf_delay_sec = '{$_POST['cf_delay_sec']}',
cf_filter = '{$_POST['cf_filter']}',
cf_possible_ip = '".trim($_POST['cf_possible_ip'])."',
cf_intercept_ip = '".trim($_POST['cf_intercept_ip'])."',
cf_possible_ip = '" . trim($_POST['cf_possible_ip']) . "',
cf_intercept_ip = '" . trim($_POST['cf_intercept_ip']) . "',
cf_analytics = '{$_POST['cf_analytics']}',
cf_add_meta = '{$_POST['cf_add_meta']}',
cf_syndi_token = '{$_POST['cf_syndi_token']}',
@ -282,7 +285,7 @@ $sql = " update {$g5['config_table']}
cf_cert_hp = '{$_POST['cf_cert_hp']}',
cf_cert_simple = '{$_POST['cf_cert_simple']}',
cf_cert_kg_cd = '{$_POST['cf_cert_kg_cd']}',
cf_cert_kg_mid = '".trim($_POST['cf_cert_kg_mid'])."',
cf_cert_kg_mid = '" . trim($_POST['cf_cert_kg_mid']) . "',
cf_cert_kcb_cd = '{$_POST['cf_cert_kcb_cd']}',
cf_cert_kcp_cd = '{$_POST['cf_cert_kcp_cd']}',
cf_cert_limit = '{$_POST['cf_cert_limit']}',
@ -337,7 +340,7 @@ sql_query($sql);
//sql_query(" OPTIMIZE TABLE `$g5[config_table]` ");
if( isset($_POST['cf_bbs_rewrite']) ){
if (isset($_POST['cf_bbs_rewrite'])) {
g5_delete_all_cache();
}
@ -345,4 +348,4 @@ run_event('admin_config_form_update');
update_rewrite_rules();
goto_url('./config_form.php', false);
goto_url('./config_form.php', false);

605
adm/contentform.php
View File

@ -1,298 +1,307 @@
<?php
$sub_menu = '300600';
include_once('./_common.php');
include_once(G5_EDITOR_LIB);
auth_check_menu($auth, $sub_menu, "w");
$co_id = isset($_REQUEST['co_id']) ? preg_replace('/[^a-z0-9_]/i', '', $_REQUEST['co_id']) : '';
// 상단, 하단 파일경로 필드 추가
if(!sql_query(" select co_include_head from {$g5['content_table']} limit 1 ", false)) {
$sql = " ALTER TABLE `{$g5['content_table']}` ADD `co_include_head` VARCHAR( 255 ) NOT NULL ,
ADD `co_include_tail` VARCHAR( 255 ) NOT NULL ";
sql_query($sql, false);
}
// html purifier 사용여부 필드
if(!sql_query(" select co_tag_filter_use from {$g5['content_table']} limit 1 ", false)) {
sql_query(" ALTER TABLE `{$g5['content_table']}`
ADD `co_tag_filter_use` tinyint(4) NOT NULL DEFAULT '0' AFTER `co_content` ", true);
sql_query(" update {$g5['content_table']} set co_tag_filter_use = '1' ");
}
// 모바일 내용 추가
if(!sql_query(" select co_mobile_content from {$g5['content_table']} limit 1", false)) {
sql_query(" ALTER TABLE `{$g5['content_table']}`
ADD `co_mobile_content` longtext NOT NULL AFTER `co_content` ", true);
}
// 스킨 설정 추가
if(!sql_query(" select co_skin from {$g5['content_table']} limit 1 ", false)) {
sql_query(" ALTER TABLE `{$g5['content_table']}`
ADD `co_skin` varchar(255) NOT NULL DEFAULT '' AFTER `co_mobile_content`,
ADD `co_mobile_skin` varchar(255) NOT NULL DEFAULT '' AFTER `co_skin` ", true);
sql_query(" update {$g5['content_table']} set co_skin = 'basic', co_mobile_skin = 'basic' ");
}
$html_title = "내용";
$g5['title'] = $html_title.' 관리';
$readonly = '';
if ($w == "u")
{
$html_title .= " 수정";
$readonly = " readonly";
$sql = " select * from {$g5['content_table']} where co_id = '$co_id' ";
$co = sql_fetch($sql);
if (!$co['co_id'])
alert('등록된 자료가 없습니다.');
}
else
{
$html_title .= ' 입력';
$co = array(
'co_id' => '',
'co_subject' => '',
'co_content' => '',
'co_mobile_content' => '',
'co_include_head' => '',
'co_include_tail' => '',
'co_tag_filter_use' => 1,
'co_html' => 2,
'co_skin' => 'basic',
'co_mobile_skin' => 'basic'
);
}
include_once (G5_ADMIN_PATH.'/admin.head.php');
?>
<form name="frmcontentform" action="./contentformupdate.php" onsubmit="return frmcontentform_check(this);" method="post" enctype="MULTIPART/FORM-DATA" >
<input type="hidden" name="w" value="<?php echo $w; ?>">
<input type="hidden" name="co_html" value="1">
<input type="hidden" name="token" value="">
<div class="tbl_frm01 tbl_wrap">
<table>
<caption><?php echo $g5['title']; ?> 목록</caption>
<colgroup>
<col class="grid_4">
<col>
</colgroup>
<tbody>
<tr>
<th scope="row"><label for="co_id">ID</label></th>
<td>
<?php echo help('20자 이내의 영문자, 숫자, _ 만 가능합니다.'); ?>
<input type="text" value="<?php echo $co['co_id']; ?>" name="co_id" id ="co_id" required <?php echo $readonly; ?> class="required <?php echo $readonly; ?> frm_input" size="20" maxlength="20">
<?php if ($w == 'u') { ?><a href="<?php echo get_pretty_url('content', $co_id); ?>" class="btn_frmline">내용확인</a><?php } ?>
</td>
</tr>
<tr>
<th scope="row"><label for="co_subject">제목</label></th>
<td><input type="text" name="co_subject" value="<?php echo htmlspecialchars2($co['co_subject']); ?>" id="co_subject" required class="frm_input required" size="90"></td>
</tr>
<tr>
<th scope="row">내용</th>
<td><?php echo editor_html('co_content', get_text(html_purifier($co['co_content']), 0)); ?></td>
</tr>
<tr>
<th scope="row">모바일 내용</th>
<td><?php echo editor_html('co_mobile_content', get_text(html_purifier($co['co_mobile_content']), 0)); ?></td>
</tr>
<tr>
<th scope="row"><label for="co_skin">스킨 디렉토리<strong class="sound_only">필수</strong></label></th>
<td>
<?php echo get_skin_select('content', 'co_skin', 'co_skin', $co['co_skin'], 'required'); ?>
</td>
</tr>
<tr>
<th scope="row"><label for="co_mobile_skin">모바일스킨 디렉토리<strong class="sound_only">필수</strong></label></th>
<td>
<?php echo get_mobile_skin_select('content', 'co_mobile_skin', 'co_mobile_skin', $co['co_mobile_skin'], 'required'); ?>
</td>
</tr>
<!--
<tr>
<th scope="row"><label for="co_tag_filter_use">태그 필터링 사용</label></th>
<td>
<?php echo help("내용에서 iframe 등의 태그를 사용하려면 사용안함으로 선택해 주십시오."); ?>
<select name="co_tag_filter_use" id="co_tag_filter_use">
<option value="1"<?php echo get_selected($co['co_tag_filter_use'], 1); ?>>사용함</option>
<option value="0"<?php echo get_selected($co['co_tag_filter_use'], 0); ?>>사용안함</option>
</select>
</td>
</tr>
-->
<tr>
<th scope="row"><label for="co_include_head">상단 파일 경로</label></th>
<td>
<?php echo help("설정값이 없으면 기본 상단 파일을 사용합니다."); ?>
<input type="text" name="co_include_head" value="<?php echo $co['co_include_head']; ?>" id="co_include_head" class="frm_input" size="60">
</td>
</tr>
<tr>
<th scope="row"><label for="co_include_tail">단 파일 경로</label></th>
<td>
<?php echo help("설정값이 없으면 기본 단 파일을 사용합니다."); ?>
<input type="text" name="co_include_tail" value="<?php echo $co['co_include_tail']; ?>" id="co_include_tail" class="frm_input" size="60">
</td>
</tr>
<tr id="admin_captcha_box" style="display:none;">
<th scope="row">자동등록방지</th>
<td>
<?php
echo help("파일 경로를 입력 또는 수정시 캡챠를 반드시 입력해야 합니다.");
include_once(G5_CAPTCHA_PATH.'/captcha.lib.php');
$captcha_html = captcha_html();
$captcha_js = chk_captcha_js();
echo $captcha_html;
?>
<script>
jQuery("#captcha_key").removeAttr("required").removeClass("required");
</script>
</td>
</tr>
<tr>
<th scope="row"><label for="co_himg">상단이미지</label></th>
<td>
<input type="file" name="co_himg" id="co_himg">
<?php
$himg = G5_DATA_PATH.'/content/'.$co['co_id'].'_h';
$himg_str = '';
if (file_exists($himg)) {
$size = @getimagesize($himg);
if($size[0] && $size[0] > 750)
$width = 750;
else
$width = $size[0];
echo '<input type="checkbox" name="co_himg_del" value="1" id="co_himg_del"> <label for="co_himg_del">삭제</label>';
$himg_str = '<img src="'.G5_DATA_URL.'/content/'.$co['co_id'].'_h" width="'.$width.'" alt="">';
}
if ($himg_str) {
echo '<div class="banner_or_img">';
echo $himg_str;
echo '</div>';
}
?>
</td>
</tr>
<tr>
<th scope="row"><label for="co_timg">하단이미지</label></th>
<td>
<input type="file" name="co_timg" id="co_timg">
<?php
$timg = G5_DATA_PATH.'/content/'.$co['co_id'].'_t';
$timg_str = '';
if (file_exists($timg)) {
$size = @getimagesize($timg);
if($size[0] && $size[0] > 750)
$width = 750;
else
$width = $size[0];
echo '<input type="checkbox" name="co_timg_del" value="1" id="co_timg_del"> <label for="co_timg_del">삭제</label>';
$timg_str = '<img src="'.G5_DATA_URL.'/content/'.$co['co_id'].'_t" width="'.$width.'" alt="">';
}
if ($timg_str) {
echo '<div class="banner_or_img">';
echo $timg_str;
echo '</div>';
}
?>
</td>
</tr>
</tbody>
</table>
</div>
<div class="btn_fixed_top">
<a href="./contentlist.php" class="btn btn_02">목록</a>
<input type="submit" value="확인" class="btn btn_submit" accesskey="s">
</div>
</form>
<?php
// [KVE-2018-2089] 취약점 으로 인해 파일 경로 수정시에만 자동등록방지 코드 사용
?>
<script>
var captcha_chk = false;
function use_captcha_check(){
$.ajax({
type: "POST",
url: g5_admin_url+"/ajax.use_captcha.php",
data: { admin_use_captcha: "1" },
cache: false,
async: false,
dataType: "json",
success: function(data) {
}
});
}
function frm_check_file(){
var co_include_head = "<?php echo $co['co_include_head']; ?>";
var co_include_tail = "<?php echo $co['co_include_tail']; ?>";
var head = jQuery.trim(jQuery("#co_include_head").val());
var tail = jQuery.trim(jQuery("#co_include_tail").val());
if(co_include_head !== head || co_include_tail !== tail){
// 캡챠를 사용합니다.
jQuery("#admin_captcha_box").show();
captcha_chk = true;
use_captcha_check();
return false;
} else {
jQuery("#admin_captcha_box").hide();
}
return true;
}
jQuery(function($){
if( window.self !== window.top ){ // frame 또는 iframe을 사용할 경우 체크
$("#co_include_head, #co_include_tail").on("change paste keyup", function(e) {
frm_check_file();
});
use_captcha_check();
}
});
function frmcontentform_check(f)
{
errmsg = "";
errfld = "";
<?php echo get_editor_js('co_content'); ?>
<?php echo chk_editor_js('co_content'); ?>
<?php echo get_editor_js('co_mobile_content'); ?>
check_field(f.co_id, "ID를 입력하세요.");
check_field(f.co_subject, "제목을 입력하세요.");
check_field(f.co_content, "내용을 입력하세요.");
if (errmsg != "") {
alert(errmsg);
errfld.focus();
return false;
}
if( captcha_chk ) {
<?php echo $captcha_js; // 캡챠 사용시 자바스크립트에서 입력된 캡챠를 검사함 ?>
}
return true;
}
</script>
<?php
include_once (G5_ADMIN_PATH.'/admin.tail.php');
<?php
$sub_menu = '300600';
require_once './_common.php';
require_once G5_EDITOR_LIB;
auth_check_menu($auth, $sub_menu, "w");
$co_id = isset($_REQUEST['co_id']) ? preg_replace('/[^a-z0-9_]/i', '', $_REQUEST['co_id']) : '';
// 상단, 하단 파일경로 필드 추가
if (!sql_query(" select co_include_head from {$g5['content_table']} limit 1 ", false)) {
$sql = " ALTER TABLE `{$g5['content_table']}` ADD `co_include_head` VARCHAR( 255 ) NOT NULL ,
ADD `co_include_tail` VARCHAR( 255 ) NOT NULL ";
sql_query($sql, false);
}
// html purifier 사용여부 필드
if (!sql_query(" select co_tag_filter_use from {$g5['content_table']} limit 1 ", false)) {
sql_query(
" ALTER TABLE `{$g5['content_table']}`
ADD `co_tag_filter_use` tinyint(4) NOT NULL DEFAULT '0' AFTER `co_content` ",
true
);
sql_query(" update {$g5['content_table']} set co_tag_filter_use = '1' ");
}
// 모바일 내용 추가
if (!sql_query(" select co_mobile_content from {$g5['content_table']} limit 1", false)) {
sql_query(
" ALTER TABLE `{$g5['content_table']}`
ADD `co_mobile_content` longtext NOT NULL AFTER `co_content` ",
true
);
}
// 스킨 설정 추가
if (!sql_query(" select co_skin from {$g5['content_table']} limit 1 ", false)) {
sql_query(
" ALTER TABLE `{$g5['content_table']}`
ADD `co_skin` varchar(255) NOT NULL DEFAULT '' AFTER `co_mobile_content`,
ADD `co_mobile_skin` varchar(255) NOT NULL DEFAULT '' AFTER `co_skin` ",
true
);
sql_query(" update {$g5['content_table']} set co_skin = 'basic', co_mobile_skin = 'basic' ");
}
$html_title = "내용";
$g5['title'] = $html_title . ' 관리';
$readonly = '';
if ($w == "u") {
$html_title .= " 수정";
$readonly = " readonly";
$sql = " select * from {$g5['content_table']} where co_id = '$co_id' ";
$co = sql_fetch($sql);
if (!$co['co_id']) {
alert('등록된 자료가 없습니다.');
}
} else {
$html_title .= ' 입력';
$co = array(
'co_id' => '',
'co_subject' => '',
'co_content' => '',
'co_mobile_content' => '',
'co_include_head' => '',
'co_include_tail' => '',
'co_tag_filter_use' => 1,
'co_html' => 2,
'co_skin' => 'basic',
'co_mobile_skin' => 'basic'
);
}
require_once G5_ADMIN_PATH . '/admin.head.php';
?>
<form name="frmcontentform" action="./contentformupdate.php" onsubmit="return frmcontentform_check(this);" method="post" enctype="MULTIPART/FORM-DATA">
<input type="hidden" name="w" value="<?php echo $w; ?>">
<input type="hidden" name="co_html" value="1">
<input type="hidden" name="token" value="">
<div class="tbl_frm01 tbl_wrap">
<table>
<caption><?php echo $g5['title']; ?> 목록</caption>
<colgroup>
<col class="grid_4">
<col>
</colgroup>
<tbody>
<tr>
<th scope="row"><label for="co_id">ID</label></th>
<td>
<?php echo help('20자 이내의 영문자, 숫자, _ 만 가능합니다.'); ?>
<input type="text" value="<?php echo $co['co_id']; ?>" name="co_id" id="co_id" required <?php echo $readonly; ?> class="required <?php echo $readonly; ?> frm_input" size="20" maxlength="20">
<?php if ($w == 'u') { ?><a href="<?php echo get_pretty_url('content', $co_id); ?>" class="btn_frmline">내용확인</a><?php } ?>
</td>
</tr>
<tr>
<th scope="row"><label for="co_subject">제목</label></th>
<td><input type="text" name="co_subject" value="<?php echo htmlspecialchars2($co['co_subject']); ?>" id="co_subject" required class="frm_input required" size="90"></td>
</tr>
<tr>
<th scope="row">내용</th>
<td><?php echo editor_html('co_content', get_text(html_purifier($co['co_content']), 0)); ?></td>
</tr>
<tr>
<th scope="row">모바일 내용</th>
<td><?php echo editor_html('co_mobile_content', get_text(html_purifier($co['co_mobile_content']), 0)); ?></td>
</tr>
<tr>
<th scope="row"><label for="co_skin">스킨 디렉토리<strong class="sound_only">필수</strong></label></th>
<td>
<?php echo get_skin_select('content', 'co_skin', 'co_skin', $co['co_skin'], 'required'); ?>
</td>
</tr>
<tr>
<th scope="row"><label for="co_mobile_skin">모바일스킨 디렉토리<strong class="sound_only">필수</strong></label></th>
<td>
<?php echo get_mobile_skin_select('content', 'co_mobile_skin', 'co_mobile_skin', $co['co_mobile_skin'], 'required'); ?>
</td>
</tr>
<!--
<tr>
<th scope="row"><label for="co_tag_filter_use">태그 필터링 사용</label></th>
<td>
<?php echo help("내용에서 iframe 등의 태그를 사용하려면 사용안함으로 선택해 주십시오."); ?>
<select name="co_tag_filter_use" id="co_tag_filter_use">
<option value="1"<?php echo get_selected($co['co_tag_filter_use'], 1); ?>>사용함</option>
<option value="0"<?php echo get_selected($co['co_tag_filter_use'], 0); ?>>사용안함</option>
</select>
</td>
</tr>
-->
<tr>
<th scope="row"><label for="co_include_head">단 파일 경로</label></th>
<td>
<?php echo help("설정값이 없으면 기본 단 파일을 사용합니다."); ?>
<input type="text" name="co_include_head" value="<?php echo $co['co_include_head']; ?>" id="co_include_head" class="frm_input" size="60">
</td>
</tr>
<tr>
<th scope="row"><label for="co_include_tail">하단 파일 경로</label></th>
<td>
<?php echo help("설정값이 없으면 기본 하단 파일을 사용합니다."); ?>
<input type="text" name="co_include_tail" value="<?php echo $co['co_include_tail']; ?>" id="co_include_tail" class="frm_input" size="60">
</td>
</tr>
<tr id="admin_captcha_box" style="display:none;">
<th scope="row">자동등록방지</th>
<td>
<?php
echo help("파일 경로를 입력 또는 수정시 캡챠를 반드시 입력해야 합니다.");
require_once G5_CAPTCHA_PATH . '/captcha.lib.php';
$captcha_html = captcha_html();
$captcha_js = chk_captcha_js();
echo $captcha_html;
?>
<script>
jQuery("#captcha_key").removeAttr("required").removeClass("required");
</script>
</td>
</tr>
<tr>
<th scope="row"><label for="co_himg">상단이미지</label></th>
<td>
<input type="file" name="co_himg" id="co_himg">
<?php
$himg = G5_DATA_PATH . '/content/' . $co['co_id'] . '_h';
$himg_str = '';
if (file_exists($himg)) {
$size = @getimagesize($himg);
if ($size[0] && $size[0] > 750) {
$width = 750;
} else {
$width = $size[0];
}
echo '<input type="checkbox" name="co_himg_del" value="1" id="co_himg_del"> <label for="co_himg_del">삭제</label>';
$himg_str = '<img src="' . G5_DATA_URL . '/content/' . $co['co_id'] . '_h" width="' . $width . '" alt="">';
}
if ($himg_str) {
echo '<div class="banner_or_img">';
echo $himg_str;
echo '</div>';
}
?>
</td>
</tr>
<tr>
<th scope="row"><label for="co_timg">하단이미지</label></th>
<td>
<input type="file" name="co_timg" id="co_timg">
<?php
$timg = G5_DATA_PATH . '/content/' . $co['co_id'] . '_t';
$timg_str = '';
if (file_exists($timg)) {
$size = @getimagesize($timg);
if ($size[0] && $size[0] > 750) {
$width = 750;
} else {
$width = $size[0];
}
echo '<input type="checkbox" name="co_timg_del" value="1" id="co_timg_del"> <label for="co_timg_del">삭제</label>';
$timg_str = '<img src="' . G5_DATA_URL . '/content/' . $co['co_id'] . '_t" width="' . $width . '" alt="">';
}
if ($timg_str) {
echo '<div class="banner_or_img">';
echo $timg_str;
echo '</div>';
}
?>
</td>
</tr>
</tbody>
</table>
</div>
<div class="btn_fixed_top">
<a href="./contentlist.php" class="btn btn_02">목록</a>
<input type="submit" value="확인" class="btn btn_submit" accesskey="s">
</div>
</form>
<?php
// [KVE-2018-2089] 취약점 으로 인해 파일 경로 수정시에만 자동등록방지 코드 사용
?>
<script>
var captcha_chk = false;
function use_captcha_check() {
$.ajax({
type: "POST",
url: g5_admin_url + "/ajax.use_captcha.php",
data: {
admin_use_captcha: "1"
},
cache: false,
async: false,
dataType: "json",
success: function(data) {}
});
}
function frm_check_file() {
var co_include_head = "<?php echo $co['co_include_head']; ?>";
var co_include_tail = "<?php echo $co['co_include_tail']; ?>";
var head = jQuery.trim(jQuery("#co_include_head").val());
var tail = jQuery.trim(jQuery("#co_include_tail").val());
if (co_include_head !== head || co_include_tail !== tail) {
// 캡챠를 사용합니다.
jQuery("#admin_captcha_box").show();
captcha_chk = true;
use_captcha_check();
return false;
} else {
jQuery("#admin_captcha_box").hide();
}
return true;
}
jQuery(function($) {
if (window.self !== window.top) { // frame 또는 iframe을 사용할 경우 체크
$("#co_include_head, #co_include_tail").on("change paste keyup", function(e) {
frm_check_file();
});
use_captcha_check();
}
});
function frmcontentform_check(f) {
errmsg = "";
errfld = "";
<?php echo get_editor_js('co_content'); ?>
<?php echo chk_editor_js('co_content'); ?>
<?php echo get_editor_js('co_mobile_content'); ?>
check_field(f.co_id, "ID를 입력하세요.");
check_field(f.co_subject, "제목을 입력하세요.");
check_field(f.co_content, "내용을 입력하세요.");
if (errmsg != "") {
alert(errmsg);
errfld.focus();
return false;
}
if (captcha_chk) {
<?php echo $captcha_js; // 캡챠 사용시 자바스크립트에서 입력된 캡챠를 검사함 ?>
}
return true;
}
</script>
<?php
require_once G5_ADMIN_PATH . '/admin.tail.php';

311
adm/contentformupdate.php
View File

@ -1,157 +1,154 @@
<?php
$sub_menu = '300600';
include_once('./_common.php');
if ($w == "u" || $w == "d")
check_demo();
if ($w == 'd')
auth_check_menu($auth, $sub_menu, "d");
else
auth_check_menu($auth, $sub_menu, "w");
check_admin_token();
$co_row = array('co_id'=>'', 'co_include_head'=>'', 'co_include_tail'=>'');
if ($w == "" || $w == "u")
{
if(isset($_REQUEST['co_id']) && preg_match("/[^a-z0-9_]/i", $_REQUEST['co_id'])) alert("ID 는 영문자, 숫자, _ 만 가능합니다.");
$sql = " select * from {$g5['content_table']} where co_id = '$co_id' ";
$co_row = sql_fetch($sql);
}
$co_id = isset($_REQUEST['co_id']) ? preg_replace('/[^a-z0-9_]/i', '', $_REQUEST['co_id']) : '';
$co_subject = isset($_POST['co_subject']) ? strip_tags(clean_xss_attributes($_POST['co_subject'])) : '';
$co_include_head = isset($_POST['co_include_head']) ? preg_replace(array("#[\\\]+$#", "#(<\?php|<\?)#i"), "", substr($_POST['co_include_head'], 0, 255)) : '';
$co_include_tail = isset($_POST['co_include_tail']) ? preg_replace(array("#[\\\]+$#", "#(<\?php|<\?)#i"), "", substr($_POST['co_include_tail'], 0, 255)) : '';
$co_tag_filter_use = isset($_POST['co_tag_filter_use']) ? (int) $_POST['co_tag_filter_use'] : 1;
$co_himg_del = (isset($_POST['co_himg_del']) && $_POST['co_himg_del']) ? 1 : 0;
$co_timg_del = (isset($_POST['co_timg_del']) && $_POST['co_timg_del']) ? 1 : 0;
$co_html = isset($_POST['co_html']) ? (int) $_POST['co_html'] : 0;
$co_content = isset($_POST['co_content']) ? $_POST['co_content'] : '';
$co_mobile_content = isset($_POST['co_mobile_content']) ? $_POST['co_mobile_content'] : '';
$co_skin = isset($_POST['co_skin']) ? clean_xss_tags($_POST['co_skin'], 1, 1) : '';
$co_mobile_skin = isset($_POST['co_mobile_skin']) ? clean_xss_tags($_POST['co_mobile_skin'], 1, 1) : '';
// 관리자가 자동등록방지를 사용해야 할 경우
if ((( isset($co_row['co_include_head']) && $co_row['co_include_head'] !== $co_include_head ) || ( isset($co_row['co_include_tail']) && $co_row['co_include_tail'] !== $co_include_tail )) && function_exists('get_admin_captcha_by') && get_admin_captcha_by()){
include_once(G5_CAPTCHA_PATH.'/captcha.lib.php');
if (!chk_captcha()) {
alert('자동등록방지 숫자가 틀렸습니다.');
}
}
@mkdir(G5_DATA_PATH."/content", G5_DIR_PERMISSION);
@chmod(G5_DATA_PATH."/content", G5_DIR_PERMISSION);
if ($co_himg_del) @unlink(G5_DATA_PATH."/content/{$co_id}_h");
if ($co_timg_del) @unlink(G5_DATA_PATH."/content/{$co_id}_t");
$error_msg = '';
if( $co_include_head ){
$file_ext = pathinfo($co_include_head, PATHINFO_EXTENSION);
if( ! $file_ext || ! in_array($file_ext, array('php', 'htm', 'html')) || ! preg_match('/^.*\.(php|htm|html)$/i', $co_include_head) ) {
alert('상단 파일 경로의 확장자는 php, htm, html 만 허용합니다.');
}
}
if( $co_include_tail ){
$file_ext = pathinfo($co_include_tail, PATHINFO_EXTENSION);
if( ! $file_ext || ! in_array($file_ext, array('php', 'htm', 'html')) || ! preg_match('/^.*\.(php|htm|html)$/i', $co_include_tail) ) {
alert('하단 파일 경로의 확장자는 php, htm, html 만 허용합니다.');
}
}
if( $co_include_head && ! is_include_path_check($co_include_head, 1) ){
$co_include_head = '';
$error_msg = '/data/file/ 또는 /data/editor/ 포함된 문자를 상단 파일 경로에 포함시킬수 없습니다.';
}
if( $co_include_tail && ! is_include_path_check($co_include_tail, 1) ){
$co_include_tail = '';
$error_msg = '/data/file/ 또는 /data/editor/ 포함된 문자를 단 파일 경로에 포함시킬수 없습니다.';
}
if( function_exists('filter_input_include_path') ){
$co_include_head = filter_input_include_path($co_include_head);
$co_include_tail = filter_input_include_path($co_include_tail);
}
$co_seo_title = exist_seo_title_recursive('content', generate_seo_title($co_subject), $g5['content_table'], $co_id);
$sql_common = " co_include_head = '$co_include_head',
co_include_tail = '$co_include_tail',
co_html = '$co_html',
co_tag_filter_use = '$co_tag_filter_use',
co_subject = '$co_subject',
co_content = '$co_content',
co_mobile_content = '$co_mobile_content',
co_seo_title = '$co_seo_title',
co_skin = '$co_skin',
co_mobile_skin = '$co_mobile_skin' ";
if ($w == "")
{
$row = $co_row;
if (isset($row['co_id']) && $row['co_id'])
alert("이미 같은 ID로 등록된 내용이 있습니다.");
$sql = " insert {$g5['content_table']}
set co_id = '$co_id',
$sql_common ";
sql_query($sql);
}
else if ($w == "u")
{
$sql = " update {$g5['content_table']}
set $sql_common
where co_id = '$co_id' ";
sql_query($sql);
}
else if ($w == "d")
{
@unlink(G5_DATA_PATH."/content/{$co_id}_h");
@unlink(G5_DATA_PATH."/content/{$co_id}_t");
$sql = " delete from {$g5['content_table']} where co_id = '$co_id' ";
sql_query($sql);
}
if(function_exists('get_admin_captcha_by'))
get_admin_captcha_by('remove');
g5_delete_cache_by_prefix('content-'.$co_id.'-');
if ($w == "" || $w == "u")
{
if ($_FILES['co_himg']['name'])
{
$dest_path = G5_DATA_PATH."/content/".$co_id."_h";
@move_uploaded_file($_FILES['co_himg']['tmp_name'], $dest_path);
@chmod($dest_path, G5_FILE_PERMISSION);
}
if ($_FILES['co_timg']['name'])
{
$dest_path = G5_DATA_PATH."/content/".$co_id."_t";
@move_uploaded_file($_FILES['co_timg']['tmp_name'], $dest_path);
@chmod($dest_path, G5_FILE_PERMISSION);
}
if( $error_msg ){
alert($error_msg, "./contentform.php?w=u&amp;co_id=$co_id");
} else {
goto_url("./contentform.php?w=u&amp;co_id=$co_id");
}
}
else
{
goto_url("./contentlist.php");
}
<?php
$sub_menu = '300600';
require_once './_common.php';
if ($w == "u" || $w == "d") {
check_demo();
}
if ($w == 'd') {
auth_check_menu($auth, $sub_menu, "d");
} else {
auth_check_menu($auth, $sub_menu, "w");
}
check_admin_token();
$co_row = array('co_id' => '', 'co_include_head' => '', 'co_include_tail' => '');
if ($w == "" || $w == "u") {
if (isset($_REQUEST['co_id']) && preg_match("/[^a-z0-9_]/i", $_REQUEST['co_id'])) {
alert("ID 는 영문자, 숫자, _ 만 가능합니다.");
}
$sql = " select * from {$g5['content_table']} where co_id = '$co_id' ";
$co_row = sql_fetch($sql);
}
$co_id = isset($_REQUEST['co_id']) ? preg_replace('/[^a-z0-9_]/i', '', $_REQUEST['co_id']) : '';
$co_subject = isset($_POST['co_subject']) ? strip_tags(clean_xss_attributes($_POST['co_subject'])) : '';
$co_include_head = isset($_POST['co_include_head']) ? preg_replace(array("#[\\\]+$#", "#(<\?php|<\?)#i"), "", substr($_POST['co_include_head'], 0, 255)) : '';
$co_include_tail = isset($_POST['co_include_tail']) ? preg_replace(array("#[\\\]+$#", "#(<\?php|<\?)#i"), "", substr($_POST['co_include_tail'], 0, 255)) : '';
$co_tag_filter_use = isset($_POST['co_tag_filter_use']) ? (int) $_POST['co_tag_filter_use'] : 1;
$co_himg_del = (isset($_POST['co_himg_del']) && $_POST['co_himg_del']) ? 1 : 0;
$co_timg_del = (isset($_POST['co_timg_del']) && $_POST['co_timg_del']) ? 1 : 0;
$co_html = isset($_POST['co_html']) ? (int) $_POST['co_html'] : 0;
$co_content = isset($_POST['co_content']) ? $_POST['co_content'] : '';
$co_mobile_content = isset($_POST['co_mobile_content']) ? $_POST['co_mobile_content'] : '';
$co_skin = isset($_POST['co_skin']) ? clean_xss_tags($_POST['co_skin'], 1, 1) : '';
$co_mobile_skin = isset($_POST['co_mobile_skin']) ? clean_xss_tags($_POST['co_mobile_skin'], 1, 1) : '';
// 관리자가 자동등록방지를 사용해야 할 경우
if (((isset($co_row['co_include_head']) && $co_row['co_include_head'] !== $co_include_head) || (isset($co_row['co_include_tail']) && $co_row['co_include_tail'] !== $co_include_tail)) && function_exists('get_admin_captcha_by') && get_admin_captcha_by()) {
include_once G5_CAPTCHA_PATH . '/captcha.lib.php';
if (!chk_captcha()) {
alert('자동등록방지 숫자가 틀렸습니다.');
}
}
@mkdir(G5_DATA_PATH . "/content", G5_DIR_PERMISSION);
@chmod(G5_DATA_PATH . "/content", G5_DIR_PERMISSION);
if ($co_himg_del) {
@unlink(G5_DATA_PATH . "/content/{$co_id}_h");
}
if ($co_timg_del) {
@unlink(G5_DATA_PATH . "/content/{$co_id}_t");
}
$error_msg = '';
if ($co_include_head) {
$file_ext = pathinfo($co_include_head, PATHINFO_EXTENSION);
if (!$file_ext || !in_array($file_ext, array('php', 'htm', 'html')) || !preg_match('/^.*\.(php|htm|html)$/i', $co_include_head)) {
alert('상단 파일 경로의 확장자는 php, htm, html 만 허용합니다.');
}
}
if ($co_include_tail) {
$file_ext = pathinfo($co_include_tail, PATHINFO_EXTENSION);
if (!$file_ext || !in_array($file_ext, array('php', 'htm', 'html')) || !preg_match('/^.*\.(php|htm|html)$/i', $co_include_tail)) {
alert('하단 파일 경로의 확장자는 php, htm, html 만 허용합니다.');
}
}
if ($co_include_head && !is_include_path_check($co_include_head, 1)) {
$co_include_head = '';
$error_msg = '/data/file/ 또는 /data/editor/ 포함된 문자를 단 파일 경로에 포함시킬수 없습니다.';
}
if ($co_include_tail && !is_include_path_check($co_include_tail, 1)) {
$co_include_tail = '';
$error_msg = '/data/file/ 또는 /data/editor/ 포함된 문자를 하단 파일 경로에 포함시킬수 없습니다.';
}
if (function_exists('filter_input_include_path')) {
$co_include_head = filter_input_include_path($co_include_head);
$co_include_tail = filter_input_include_path($co_include_tail);
}
$co_seo_title = exist_seo_title_recursive('content', generate_seo_title($co_subject), $g5['content_table'], $co_id);
$sql_common = " co_include_head = '$co_include_head',
co_include_tail = '$co_include_tail',
co_html = '$co_html',
co_tag_filter_use = '$co_tag_filter_use',
co_subject = '$co_subject',
co_content = '$co_content',
co_mobile_content = '$co_mobile_content',
co_seo_title = '$co_seo_title',
co_skin = '$co_skin',
co_mobile_skin = '$co_mobile_skin' ";
if ($w == "") {
$row = $co_row;
if (isset($row['co_id']) && $row['co_id']) {
alert("이미 같은 ID로 등록된 내용이 있습니다.");
}
$sql = " insert {$g5['content_table']}
set co_id = '$co_id',
$sql_common ";
sql_query($sql);
} elseif ($w == "u") {
$sql = " update {$g5['content_table']}
set $sql_common
where co_id = '$co_id' ";
sql_query($sql);
} elseif ($w == "d") {
@unlink(G5_DATA_PATH . "/content/{$co_id}_h");
@unlink(G5_DATA_PATH . "/content/{$co_id}_t");
$sql = " delete from {$g5['content_table']} where co_id = '$co_id' ";
sql_query($sql);
}
if (function_exists('get_admin_captcha_by')) {
get_admin_captcha_by('remove');
}
g5_delete_cache_by_prefix('content-' . $co_id . '-');
if ($w == "" || $w == "u") {
if ($_FILES['co_himg']['name']) {
$dest_path = G5_DATA_PATH . "/content/" . $co_id . "_h";
@move_uploaded_file($_FILES['co_himg']['tmp_name'], $dest_path);
@chmod($dest_path, G5_FILE_PERMISSION);
}
if ($_FILES['co_timg']['name']) {
$dest_path = G5_DATA_PATH . "/content/" . $co_id . "_t";
@move_uploaded_file($_FILES['co_timg']['tmp_name'], $dest_path);
@chmod($dest_path, G5_FILE_PERMISSION);
}
if ($error_msg) {
alert($error_msg, "./contentform.php?w=u&amp;co_id=$co_id");
} else {
goto_url("./contentform.php?w=u&amp;co_id=$co_id");
}
} else {
goto_url("./contentlist.php");
}

199
adm/contentlist.php
View File

@ -1,97 +1,102 @@
<?php
$sub_menu = '300600';
include_once('./_common.php');
auth_check_menu($auth, $sub_menu, "r");
if( !isset($g5['content_table']) ){
die('<meta charset="utf-8">/data/dbconfig.php 파일에 <strong>$g5[\'content_table\'] = G5_TABLE_PREFIX.\'content\';</strong> 를 추가해 주세요.');
}
//내용(컨텐츠)정보 테이블이 있는지 검사한다.
if(!sql_query(" DESCRIBE {$g5['content_table']} ", false)) {
if(sql_query(" DESCRIBE {$g5['g5_shop_content_table']} ", false)) {
sql_query(" ALTER TABLE {$g5['g5_shop_content_table']} RENAME TO `{$g5['content_table']}` ;", false);
} else {
$query_cp = sql_query(" CREATE TABLE IF NOT EXISTS `{$g5['content_table']}` (
`co_id` varchar(20) NOT NULL DEFAULT '',
`co_html` tinyint(4) NOT NULL DEFAULT '0',
`co_subject` varchar(255) NOT NULL DEFAULT '',
`co_content` longtext NOT NULL,
`co_hit` int(11) NOT NULL DEFAULT '0',
`co_include_head` varchar(255) NOT NULL,
`co_include_tail` varchar(255) NOT NULL,
PRIMARY KEY (`co_id`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 ", true);
// 내용관리 생성
sql_query(" insert into `{$g5['content_table']}` set co_id = 'company', co_html = '1', co_subject = '회사소개', co_content= '<p align=center><b>회사소개에 대한 내용을 입력하십시오.</b></p>' ", false );
sql_query(" insert into `{$g5['content_table']}` set co_id = 'privacy', co_html = '1', co_subject = '개인정보 처리방침', co_content= '<p align=center><b>개인정보 처리방침에 대한 내용을 입력하십시오.</b></p>' ", false );
sql_query(" insert into `{$g5['content_table']}` set co_id = 'provision', co_html = '1', co_subject = '서비스 이용약관', co_content= '<p align=center><b>서비스 이용약관에 대한 내용을 입력하십시오.</b></p>' ", false );
}
}
$g5['title'] = '내용관리';
include_once (G5_ADMIN_PATH.'/admin.head.php');
$sql_common = " from {$g5['content_table']} ";
// 테이블의 전체 레코드수만 얻음
$sql = " select count(*) as cnt " . $sql_common;
$row = sql_fetch($sql);
$total_count = $row['cnt'];
$rows = $config['cf_page_rows'];
$total_page = ceil($total_count / $rows); // 전체 페이지 계산
if ($page < 1) { $page = 1; } // 페이지가 없으면 첫 페이지 (1 페이지)
$from_record = ($page - 1) * $rows; // 시작 열을 구함
$sql = "select * $sql_common order by co_id limit $from_record, {$config['cf_page_rows']} ";
$result = sql_query($sql);
?>
<div class="local_ov01 local_ov">
<?php if ($page > 1) {?><a href="<?php echo $_SERVER['SCRIPT_NAME']; ?>">처음으로</a><?php } ?>
<span class="btn_ov01"><span class="ov_txt">전체 내용</span><span class="ov_num"> <?php echo $total_count; ?>건</span></span>
</div>
<div class="btn_fixed_top">
<a href="./contentform.php" class="btn btn_01">내용 추가</a>
</div>
<div class="tbl_head01 tbl_wrap">
<table>
<caption><?php echo $g5['title']; ?> 목록</caption>
<thead>
<tr>
<th scope="col">ID</th>
<th scope="col">제목</th>
<th scope="col">관리</th>
</tr>
</thead>
<tbody>
<?php for ($i=0; $row=sql_fetch_array($result); $i++) {
$bg = 'bg'.($i%2);
?>
<tr class="<?php echo $bg; ?>">
<td class="td_id"><?php echo $row['co_id']; ?></td>
<td class="td_left"><?php echo htmlspecialchars2($row['co_subject']); ?></td>
<td class="td_mng td_mng_l">
<a href="./contentform.php?w=u&amp;co_id=<?php echo $row['co_id']; ?>" class="btn btn_03"><span class="sound_only"><?php echo htmlspecialchars2($row['co_subject']); ?> </span>수정</a>
<a href="<?php echo get_pretty_url('content', $row['co_id']); ?>" class="btn btn_02"><span class="sound_only"><?php echo htmlspecialchars2($row['co_subject']); ?> </span> 보기</a>
<a href="./contentformupdate.php?w=d&amp;co_id=<?php echo $row['co_id']; ?>" onclick="return delete_confirm(this);" class="btn btn_02"><span class="sound_only"><?php echo htmlspecialchars2($row['co_subject']); ?> </span>삭제</a>
</td>
</tr>
<?php
}
if ($i == 0) {
echo '<tr><td colspan="3" class="empty_table">자료가 한건도 없습니다.</td></tr>';
}
?>
</tbody>
</table>
</div>
<?php echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, "{$_SERVER['SCRIPT_NAME']}?$qstr&amp;page="); ?>
<?php
include_once (G5_ADMIN_PATH.'/admin.tail.php');
<?php
$sub_menu = '300600';
require_once './_common.php';
auth_check_menu($auth, $sub_menu, "r");
if (!isset($g5['content_table'])) {
die('<meta charset="utf-8">/data/dbconfig.php 파일에 <strong>$g5[\'content_table\'] = G5_TABLE_PREFIX.\'content\';</strong> 를 추가해 주세요.');
}
//내용(컨텐츠)정보 테이블이 있는지 검사한다.
if (!sql_query(" DESCRIBE {$g5['content_table']} ", false)) {
if (sql_query(" DESCRIBE {$g5['g5_shop_content_table']} ", false)) {
sql_query(" ALTER TABLE {$g5['g5_shop_content_table']} RENAME TO `{$g5['content_table']}` ;", false);
} else {
$query_cp = sql_query(
" CREATE TABLE IF NOT EXISTS `{$g5['content_table']}` (
`co_id` varchar(20) NOT NULL DEFAULT '',
`co_html` tinyint(4) NOT NULL DEFAULT '0',
`co_subject` varchar(255) NOT NULL DEFAULT '',
`co_content` longtext NOT NULL,
`co_hit` int(11) NOT NULL DEFAULT '0',
`co_include_head` varchar(255) NOT NULL,
`co_include_tail` varchar(255) NOT NULL,
PRIMARY KEY (`co_id`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 ",
true
);
// 내용관리 생성
sql_query(" insert into `{$g5['content_table']}` set co_id = 'company', co_html = '1', co_subject = '회사소개', co_content= '<p align=center><b>회사소개에 대한 내용을 입력하십시오.</b></p>' ", false);
sql_query(" insert into `{$g5['content_table']}` set co_id = 'privacy', co_html = '1', co_subject = '개인정보 처리방침', co_content= '<p align=center><b>개인정보 처리방침에 대한 내용을 입력하십시오.</b></p>' ", false);
sql_query(" insert into `{$g5['content_table']}` set co_id = 'provision', co_html = '1', co_subject = '서비스 이용약관', co_content= '<p align=center><b>서비스 이용약관에 대한 내용을 입력하십시오.</b></p>' ", false);
}
}
$g5['title'] = '내용관리';
require_once G5_ADMIN_PATH . '/admin.head.php';
$sql_common = " from {$g5['content_table']} ";
// 테이블의 전체 레코드수만 얻음
$sql = " select count(*) as cnt " . $sql_common;
$row = sql_fetch($sql);
$total_count = $row['cnt'];
$rows = $config['cf_page_rows'];
$total_page = ceil($total_count / $rows); // 전체 페이지 계산
if ($page < 1) {
$page = 1;
} // 페이지가 없으면 첫 페이지 (1 페이지)
$from_record = ($page - 1) * $rows; // 시작 열을 구함
$sql = "select * $sql_common order by co_id limit $from_record, {$config['cf_page_rows']} ";
$result = sql_query($sql);
?>
<div class="local_ov01 local_ov">
<?php if ($page > 1) { ?><a href="<?php echo $_SERVER['SCRIPT_NAME']; ?>">처음으로</a><?php } ?>
<span class="btn_ov01"><span class="ov_txt">전체 내용</span><span class="ov_num"> <?php echo $total_count; ?>건</span></span>
</div>
<div class="btn_fixed_top">
<a href="./contentform.php" class="btn btn_01">내용 추가</a>
</div>
<div class="tbl_head01 tbl_wrap">
<table>
<caption><?php echo $g5['title']; ?> 목록</caption>
<thead>
<tr>
<th scope="col">ID</th>
<th scope="col">제목</th>
<th scope="col">관리</th>
</tr>
</thead>
<tbody>
<?php for ($i = 0; $row = sql_fetch_array($result); $i++) {
$bg = 'bg' . ($i % 2);
?>
<tr class="<?php echo $bg; ?>">
<td class="td_id"><?php echo $row['co_id']; ?></td>
<td class="td_left"><?php echo htmlspecialchars2($row['co_subject']); ?></td>
<td class="td_mng td_mng_l">
<a href="./contentform.php?w=u&amp;co_id=<?php echo $row['co_id']; ?>" class="btn btn_03"><span class="sound_only"><?php echo htmlspecialchars2($row['co_subject']); ?> </span>수정</a>
<a href="<?php echo get_pretty_url('content', $row['co_id']); ?>" class="btn btn_02"><span class="sound_only"><?php echo htmlspecialchars2($row['co_subject']); ?> </span> 보기</a>
<a href="./contentformupdate.php?w=d&amp;co_id=<?php echo $row['co_id']; ?>" onclick="return delete_confirm(this);" class="btn btn_02"><span class="sound_only"><?php echo htmlspecialchars2($row['co_subject']); ?> </span>삭제</a>
</td>
</tr>
<?php
}
if ($i == 0) {
echo '<tr><td colspan="3" class="empty_table">자료가 한건도 없습니다.</td></tr>';
}
?>
</tbody>
</table>
</div>
<?php echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, "{$_SERVER['SCRIPT_NAME']}?$qstr&amp;page="); ?>
<?php
require_once G5_ADMIN_PATH . '/admin.tail.php';

2
adm/dbupgrade.php
View File

@ -197,7 +197,7 @@ if (defined('G5_USE_SHOP') && G5_USE_SHOP) {
$result = sql_query("describe `{$g5['g5_shop_post_log_table']}`");
while ($row = sql_fetch_array($result)){
if( $row['Field'] === 'ol_msg' && $row['Type'] === 'varchar(255)' ){
if( isset($row['Field']) && $row['Field'] === 'ol_msg' && $row['Type'] === 'varchar(255)' ){
sql_query("ALTER TABLE `{$g5['g5_shop_post_log_table']}` MODIFY ol_msg TEXT NOT NULL;", false);
sql_query("ALTER TABLE `{$g5['g5_shop_post_log_table']}` DROP PRIMARY KEY;", false);
sql_query("ALTER TABLE `{$g5['g5_shop_post_log_table']}` ADD `log_id` int(11) NOT NULL AUTO_INCREMENT, ADD PRIMARY KEY (`log_id`);", false);

196
adm/faqlist.php
View File

@ -1,99 +1,97 @@
<?php
$sub_menu = '300700';
include_once('./_common.php');
auth_check_menu($auth, $sub_menu, "r");
$g5['title'] = 'FAQ 상세관리';
if (isset($_REQUEST['fm_subject'])){
$fm_subject = clean_xss_tags($_REQUEST['fm_subject'], 1, 1, 255);
$g5['title'] .= ' : '.$fm_subject;
}
$fm_id = (int) $fm_id;
include_once (G5_ADMIN_PATH.'/admin.head.php');
$sql = " select * from {$g5['faq_master_table']} where fm_id = '$fm_id' ";
$fm = sql_fetch($sql);
$sql_common = " from {$g5['faq_table']} where fm_id = '$fm_id' ";
// 테이블의 전체 레코드수만 얻음
$sql = " select count(*) as cnt " . $sql_common;
$row = sql_fetch($sql);
$total_count = $row['cnt'];
$sql = "select * $sql_common order by fa_order , fa_id ";
$result = sql_query($sql);
?>
<div class="local_ov01 local_ov">
<span class="btn_ov01"><span class="ov_txt"> 등록된 FAQ 상세내용</span><span class="ov_num"> <?php echo $total_count; ?>건</span></span>
</div>
<div class="local_desc01 local_desc">
<ol>
<li>FAQ는 무제한으로 등록할 수 있습니다</li>
<li><strong>FAQ 상세내용 추가</strong>를 눌러 자주하는 질문과 답변을 입력합니다.</li>
</ol>
</div>
<div class="btn_fixed_top">
<a href="./faqmasterlist.php" class="btn btn_02">FAQ 관리</a>
<a href="./faqform.php?fm_id=<?php echo $fm['fm_id']; ?>" class="btn btn_01">FAQ 상세내용 추가</a>
</div>
<div class="tbl_head01 tbl_wrap">
<table>
<caption><?php echo $g5['title']; ?> 목록</caption>
<thead>
<tr>
<th scope="col">번호</th>
<th scope="col">제목</th>
<th scope="col">순서</th>
<th scope="col">관리</th>
</tr>
</thead>
<tbody>
<?php
for ($i=0; $row=sql_fetch_array($result); $i++)
{
$row1 = sql_fetch(" select COUNT(*) as cnt from {$g5['faq_table']} where fm_id = '{$row['fm_id']}' ");
$cnt = $row1['cnt'];
$s_mod = icon("수정", "");
$s_del = icon("삭제", "");
$num = $i + 1;
$bg = 'bg'.($i%2);
$fa_subject = conv_content($row['fa_subject'], 1);
?>
<tr class="<?php echo $bg; ?>">
<td class="td_num"><?php echo $num; ?></td>
<td class="td_left"><?php echo $fa_subject; ?></td>
<td class="td_num"><?php echo $row['fa_order']; ?></td>
<td class="td_mng td_mng_m">
<a href="./faqform.php?w=u&amp;fm_id=<?php echo $row['fm_id']; ?>&amp;fa_id=<?php echo $row['fa_id']; ?>" class="btn btn_03"><span class="sound_only"><?php echo $fa_subject; ?> </span>수정</a>
<a href="./faqformupdate.php?w=d&amp;fm_id=<?php echo $row['fm_id']; ?>&amp;fa_id=<?php echo $row['fa_id']; ?>" onclick="return delete_confirm(this);" class="btn btn_02"><span class="sound_only"><?php echo $fa_subject; ?> </span>삭제</a>
</td>
</tr>
<?php
}
if ($i == 0) {
echo '<tr><td colspan="4" class="empty_table">자료가 없습니다.</td></tr>';
}
?>
</tbody>
</table>
</div>
<?php
include_once (G5_ADMIN_PATH.'/admin.tail.php');
<?php
$sub_menu = '300700';
require_once './_common.php';
auth_check_menu($auth, $sub_menu, "r");
$g5['title'] = 'FAQ 상세관리';
if (isset($_REQUEST['fm_subject'])) {
$fm_subject = clean_xss_tags($_REQUEST['fm_subject'], 1, 1, 255);
$g5['title'] .= ' : ' . $fm_subject;
}
$fm_id = isset($fm_id) ? (int) $fm_id : 0;
require_once G5_ADMIN_PATH . '/admin.head.php';
$sql = " select * from {$g5['faq_master_table']} where fm_id = '$fm_id' ";
$fm = sql_fetch($sql);
$sql_common = " from {$g5['faq_table']} where fm_id = '$fm_id' ";
// 테이블의 전체 레코드수만 얻음
$sql = " select count(*) as cnt " . $sql_common;
$row = sql_fetch($sql);
$total_count = $row['cnt'];
$sql = "select * $sql_common order by fa_order , fa_id ";
$result = sql_query($sql);
?>
<div class="local_ov01 local_ov">
<span class="btn_ov01"><span class="ov_txt"> 등록된 FAQ 상세내용</span><span class="ov_num"> <?php echo $total_count; ?>건</span></span>
</div>
<div class="local_desc01 local_desc">
<ol>
<li>FAQ는 무제한으로 등록할 수 있습니다</li>
<li><strong>FAQ 상세내용 추가</strong>를 눌러 자주하는 질문과 답변을 입력합니다.</li>
</ol>
</div>
<div class="btn_fixed_top">
<a href="./faqmasterlist.php" class="btn btn_02">FAQ 관리</a>
<a href="./faqform.php?fm_id=<?php echo $fm['fm_id']; ?>" class="btn btn_01">FAQ 상세내용 추가</a>
</div>
<div class="tbl_head01 tbl_wrap">
<table>
<caption><?php echo $g5['title']; ?> 목록</caption>
<thead>
<tr>
<th scope="col">번호</th>
<th scope="col">제목</th>
<th scope="col">순서</th>
<th scope="col">관리</th>
</tr>
</thead>
<tbody>
<?php
for ($i = 0; $row = sql_fetch_array($result); $i++) {
$row1 = sql_fetch(" select COUNT(*) as cnt from {$g5['faq_table']} where fm_id = '{$row['fm_id']}' ");
$cnt = $row1['cnt'];
$s_mod = icon("수정", "");
$s_del = icon("삭제", "");
$num = $i + 1;
$bg = 'bg' . ($i % 2);
$fa_subject = conv_content($row['fa_subject'], 1);
?>
<tr class="<?php echo $bg; ?>">
<td class="td_num"><?php echo $num; ?></td>
<td class="td_left"><?php echo $fa_subject; ?></td>
<td class="td_num"><?php echo $row['fa_order']; ?></td>
<td class="td_mng td_mng_m">
<a href="./faqform.php?w=u&amp;fm_id=<?php echo $row['fm_id']; ?>&amp;fa_id=<?php echo $row['fa_id']; ?>" class="btn btn_03"><span class="sound_only"><?php echo $fa_subject; ?> </span>수정</a>
<a href="./faqformupdate.php?w=d&amp;fm_id=<?php echo $row['fm_id']; ?>&amp;fa_id=<?php echo $row['fa_id']; ?>" onclick="return delete_confirm(this);" class="btn btn_02"><span class="sound_only"><?php echo $fa_subject; ?> </span>삭제</a>
</td>
</tr>
<?php
}
if ($i == 0) {
echo '<tr><td colspan="4" class="empty_table">자료가 없습니다.</td></tr>';
}
?>
</tbody>
</table>
</div>
<?php
require_once G5_ADMIN_PATH . '/admin.tail.php';

342
adm/faqmasterform.php
View File

@ -1,167 +1,175 @@
<?php
$sub_menu = '300700';
include_once('./_common.php');
include_once(G5_EDITOR_LIB);
auth_check_menu($auth, $sub_menu, "w");
$html_title = 'FAQ';
$fm_id = isset($_GET['fm_id']) ? preg_replace('/[^0-9]/', '', $_GET['fm_id']) : 0;
if ($w == "u")
{
$html_title .= ' 수정';
$readonly = ' readonly';
$sql = " select * from {$g5['faq_master_table']} where fm_id = '$fm_id' ";
$fm = sql_fetch($sql);
if (!$fm['fm_id']) alert('등록된 자료가 없습니다.');
}
else
{
$html_title .= ' 입력';
$fm = array('fm_order'=>'', 'fm_subject'=>'', 'fm_id'=>0, 'fm_head_html'=> '', 'fm_tail_html'=> '', 'fm_mobile_head_html' => '', 'fm_mobile_tail_html' => '');
}
$g5['title'] = $html_title.' 관리';
// 모바일 상하단 내용 필드추가
if(!sql_query(" select fm_mobile_head_html from {$g5['faq_master_table']} limit 1 ", false)) {
sql_query(" ALTER TABLE `{$g5['faq_master_table']}`
ADD `fm_mobile_head_html` text NOT NULL AFTER `fm_tail_html`,
ADD `fm_mobile_tail_html` text NOT NULL AFTER `fm_mobile_head_html` ", true);
}
include_once (G5_ADMIN_PATH.'/admin.head.php');
?>
<form name="frmfaqmasterform" action="./faqmasterformupdate.php" onsubmit="return frmfaqmasterform_check(this);" method="post" enctype="MULTIPART/FORM-DATA">
<input type="hidden" name="w" value="<?php echo $w; ?>">
<input type="hidden" name="fm_id" value="<?php echo $fm_id; ?>">
<input type="hidden" name="token" value="">
<div class="tbl_frm01 tbl_wrap">
<table>
<caption><?php echo $g5['title']; ?></caption>
<colgroup>
<col class="grid_4">
<col>
</colgroup>
<tbody>
<tr>
<th scope="row"><label for="fm_order">출력순서</label></th>
<td>
<?php echo help('숫자가 작을수록 FAQ 분류에서 먼저 출력됩니다.'); ?>
<input type="text" name="fm_order" value="<?php echo $fm['fm_order']; ?>" id="fm_order" class="frm_input" maxlength="10" size="10">
</td>
</tr>
<tr>
<th scope="row"><label for="fm_subject">제목</label></th>
<td>
<input type="text" value="<?php echo get_text($fm['fm_subject']); ?>" name="fm_subject" id="fm_subject" required class="frm_input required" size="70">
<?php if ($w == 'u') { ?>
<a href="<?php echo G5_BBS_URL; ?>/faq.php?fm_id=<?php echo $fm_id; ?>" class="btn_frmline">보기</a>
<a href="./faqlist.php?fm_id=<?php echo $fm_id; ?>" class="btn_frmline">상세보기</a>
<?php } ?>
</td>
</tr>
<tr>
<th scope="row"><label for="fm_himg">상단이미지</label></th>
<td>
<input type="file" name="fm_himg" id="fm_himg">
<?php
$himg = G5_DATA_PATH.'/faq/'.$fm['fm_id'].'_h';
$himg_str = '';
if (file_exists($himg)) {
$size = @getimagesize($himg);
if($size[0] && $size[0] > 750)
$width = 750;
else
$width = $size[0];
echo '<input type="checkbox" name="fm_himg_del" value="1" id="fm_himg_del"> <label for="fm_himg_del">삭제</label>';
$himg_str = '<img src="'.G5_DATA_URL.'/faq/'.$fm['fm_id'].'_h" width="'.$width.'" alt="">';
}
if ($himg_str) {
echo '<div class="banner_or_img">';
echo $himg_str;
echo '</div>';
}
?>
</td>
</tr>
<tr>
<th scope="row"><label for="fm_timg">하단이미지</label></th>
<td>
<input type="file" name="fm_timg" id="fm_timg">
<?php
$timg = G5_DATA_PATH.'/faq/'.$fm['fm_id'].'_t';
$timg_str = '';
if (file_exists($timg)) {
$size = @getimagesize($timg);
if($size[0] && $size[0] > 750)
$width = 750;
else
$width = $size[0];
echo '<input type="checkbox" name="fm_timg_del" value="1" id="fm_timg_del"><label for="fm_timg_del">삭제</label>';
$timg_str = '<img src="'.G5_DATA_URL.'/faq/'.$fm['fm_id'].'_t" width="'.$width.'" alt="">';
}
if ($timg_str) {
echo '<div class="banner_or_img">';
echo $timg_str;
echo '</div>';
}
?>
</td>
</tr>
<tr>
<th scope="row">상단 내용</th>
<td>
<?php echo editor_html('fm_head_html', get_text(html_purifier($fm['fm_head_html']), 0)); ?>
</td>
</tr>
<tr>
<th scope="row">하단 내용</th>
<td>
<?php echo editor_html('fm_tail_html', get_text(html_purifier($fm['fm_tail_html']), 0)); ?>
</td>
</tr>
<tr>
<th scope="row">모바일상단 내용</th>
<td>
<?php echo editor_html('fm_mobile_head_html', get_text(html_purifier($fm['fm_mobile_head_html']), 0)); ?>
</td>
</tr>
<tr>
<th scope="row">모바일하단 내용</th>
<td>
<?php echo editor_html('fm_mobile_tail_html', get_text(html_purifier($fm['fm_mobile_tail_html']), 0)); ?>
</td>
</tr>
</tbody>
</table>
</div>
<div class="btn_fixed_top">
<a href="./faqmasterlist.php" class="btn btn_02">목록</a>
<input type="submit" value="확인" class="btn_submit btn" accesskey="s">
</div>
</form>
<script>
function frmfaqmasterform_check(f)
{
<?php echo get_editor_js('fm_head_html'); ?>
<?php echo get_editor_js('fm_tail_html'); ?>
<?php echo get_editor_js('fm_mobile_head_html'); ?>
<?php echo get_editor_js('fm_mobile_tail_html'); ?>
}
// document.frmfaqmasterform.fm_subject.focus();
</script>
<?php
include_once (G5_ADMIN_PATH.'/admin.tail.php');
<?php
$sub_menu = '300700';
require_once './_common.php';
require_once G5_EDITOR_LIB;
auth_check_menu($auth, $sub_menu, "w");
$html_title = 'FAQ';
$fm_id = isset($_GET['fm_id']) ? strval(preg_replace('/[^0-9]/', '', $_GET['fm_id'])) : 0;
if ($w == "u") {
$html_title .= ' 수정';
$readonly = ' readonly';
$sql = " select * from {$g5['faq_master_table']} where fm_id = '$fm_id' ";
$fm = sql_fetch($sql);
if (!$fm['fm_id']) {
alert('등록된 자료가 없습니다.');
}
} else {
$html_title .= ' 입력';
$fm = array('fm_order' => '', 'fm_subject' => '', 'fm_id' => 0, 'fm_head_html' => '', 'fm_tail_html' => '', 'fm_mobile_head_html' => '', 'fm_mobile_tail_html' => '');
}
$g5['title'] = $html_title . ' 관리';
// 모바일 상하단 내용 필드추가
if (!sql_query(" select fm_mobile_head_html from {$g5['faq_master_table']} limit 1 ", false)) {
sql_query(
" ALTER TABLE `{$g5['faq_master_table']}`
ADD `fm_mobile_head_html` text NOT NULL AFTER `fm_tail_html`,
ADD `fm_mobile_tail_html` text NOT NULL AFTER `fm_mobile_head_html` ",
true
);
}
require_once G5_ADMIN_PATH . '/admin.head.php';
?>
<form name="frmfaqmasterform" action="./faqmasterformupdate.php" onsubmit="return frmfaqmasterform_check(this);" method="post" enctype="MULTIPART/FORM-DATA">
<input type="hidden" name="w" value="<?php echo $w; ?>">
<input type="hidden" name="fm_id" value="<?php echo $fm_id; ?>">
<input type="hidden" name="token" value="">
<div class="tbl_frm01 tbl_wrap">
<table>
<caption><?php echo $g5['title']; ?></caption>
<colgroup>
<col class="grid_4">
<col>
</colgroup>
<tbody>
<tr>
<th scope="row"><label for="fm_order">출력순서</label></th>
<td>
<?php echo help('숫자가 작을수록 FAQ 분류에서 먼저 출력됩니다.'); ?>
<input type="text" name="fm_order" value="<?php echo $fm['fm_order']; ?>" id="fm_order" class="frm_input" maxlength="10" size="10">
</td>
</tr>
<tr>
<th scope="row"><label for="fm_subject">제목</label></th>
<td>
<input type="text" value="<?php echo get_text($fm['fm_subject']); ?>" name="fm_subject" id="fm_subject" required class="frm_input required" size="70">
<?php if ($w == 'u') { ?>
<a href="<?php echo G5_BBS_URL; ?>/faq.php?fm_id=<?php echo $fm_id; ?>" class="btn_frmline">보기</a>
<a href="./faqlist.php?fm_id=<?php echo $fm_id; ?>" class="btn_frmline">상세보기</a>
<?php } ?>
</td>
</tr>
<tr>
<th scope="row"><label for="fm_himg">상단이미지</label></th>
<td>
<input type="file" name="fm_himg" id="fm_himg">
<?php
$himg = G5_DATA_PATH . '/faq/' . $fm['fm_id'] . '_h';
$himg_str = '';
$width = 0;
if (file_exists($himg)) {
$size = @getimagesize($himg);
if ($size) {
if ($size[0] && $size[0] > 750) {
$width = 750;
} else {
$width = $size[0];
}
}
echo '<input type="checkbox" name="fm_himg_del" value="1" id="fm_himg_del"> <label for="fm_himg_del">삭제</label>';
$himg_str = '<img src="' . G5_DATA_URL . '/faq/' . $fm['fm_id'] . '_h" width="' . $width . '" alt="">';
}
if ($himg_str) {
echo '<div class="banner_or_img">';
echo $himg_str;
echo '</div>';
}
?>
</td>
</tr>
<tr>
<th scope="row"><label for="fm_timg">하단이미지</label></th>
<td>
<input type="file" name="fm_timg" id="fm_timg">
<?php
$timg = G5_DATA_PATH . '/faq/' . $fm['fm_id'] . '_t';
$timg_str = '';
$width = 0;
if (file_exists($timg)) {
$size = @getimagesize($timg);
if ($size) {
if ($size[0] && $size[0] > 750) {
$width = 750;
} else {
$width = $size[0];
}
}
echo '<input type="checkbox" name="fm_timg_del" value="1" id="fm_timg_del"><label for="fm_timg_del">삭제</label>';
$timg_str = '<img src="' . G5_DATA_URL . '/faq/' . $fm['fm_id'] . '_t" width="' . $width . '" alt="">';
}
if ($timg_str) {
echo '<div class="banner_or_img">';
echo $timg_str;
echo '</div>';
}
?>
</td>
</tr>
<tr>
<th scope="row">상단 내용</th>
<td>
<?php echo editor_html('fm_head_html', get_text(html_purifier($fm['fm_head_html']), 0)); ?>
</td>
</tr>
<tr>
<th scope="row">하단 내용</th>
<td>
<?php echo editor_html('fm_tail_html', get_text(html_purifier($fm['fm_tail_html']), 0)); ?>
</td>
</tr>
<tr>
<th scope="row">모바일상단 내용</th>
<td>
<?php echo editor_html('fm_mobile_head_html', get_text(html_purifier($fm['fm_mobile_head_html']), 0)); ?>
</td>
</tr>
<tr>
<th scope="row">모바일하단 내용</th>
<td>
<?php echo editor_html('fm_mobile_tail_html', get_text(html_purifier($fm['fm_mobile_tail_html']), 0)); ?>
</td>
</tr>
</tbody>
</table>
</div>
<div class="btn_fixed_top">
<a href="./faqmasterlist.php" class="btn btn_02">목록</a>
<input type="submit" value="확인" class="btn_submit btn" accesskey="s">
</div>
</form>
<script>
function frmfaqmasterform_check(f) {
<?php echo get_editor_js('fm_head_html'); ?>
<?php echo get_editor_js('fm_tail_html'); ?>
<?php echo get_editor_js('fm_mobile_head_html'); ?>
<?php echo get_editor_js('fm_mobile_tail_html'); ?>
}
// document.frmfaqmasterform.fm_subject.focus();
</script>
<?php
require_once G5_ADMIN_PATH . '/admin.tail.php';

166
adm/faqmasterformupdate.php
View File

@ -1,83 +1,83 @@
<?php
$sub_menu = '300700';
include_once('./_common.php');
if ($w == "u" || $w == "d")
check_demo();
if ($w == 'd')
auth_check_menu($auth, $sub_menu, "d");
else
auth_check_menu($auth, $sub_menu, "w");
check_admin_token();
@mkdir(G5_DATA_PATH."/faq", G5_DIR_PERMISSION);
@chmod(G5_DATA_PATH."/faq", G5_DIR_PERMISSION);
$fm_id = isset($_REQUEST['fm_id']) ? (int) $_REQUEST['fm_id'] : 0;
$fm_himg_del = isset($_POST['fm_himg_del']) ? (int) $_POST['fm_himg_del'] : 0;
$fm_timg_del = isset($_POST['fm_timg_del']) ? (int) $_POST['fm_timg_del'] : 0;
$fm_subject = isset($_POST['fm_subject']) ? strip_tags(clean_xss_attributes($_POST['fm_subject'])) : '';
$fm_head_html = isset($_POST['fm_head_html']) ? $_POST['fm_head_html'] : '';
$fm_tail_html = isset($_POST['fm_tail_html']) ? $_POST['fm_tail_html'] : '';
$fm_mobile_head_html = isset($_POST['fm_mobile_head_html']) ? $_POST['fm_mobile_head_html'] : '';
$fm_mobile_tail_html = isset($_POST['fm_mobile_tail_html']) ? $_POST['fm_mobile_tail_html'] : '';
$fm_order = isset($_POST['fm_order']) ? (int) $_POST['fm_order'] : 0;
if ($fm_himg_del) @unlink(G5_DATA_PATH."/faq/{$fm_id}_h");
if ($fm_timg_del) @unlink(G5_DATA_PATH."/faq/{$fm_id}_t");
$sql_common = " set fm_subject = '$fm_subject',
fm_head_html = '$fm_head_html',
fm_tail_html = '$fm_tail_html',
fm_mobile_head_html = '$fm_mobile_head_html',
fm_mobile_tail_html = '$fm_mobile_tail_html',
fm_order = '$fm_order' ";
if ($w == "")
{
$sql = " alter table {$g5['faq_master_table']} auto_increment=1 ";
sql_query($sql);
$sql = " insert {$g5['faq_master_table']} $sql_common ";
sql_query($sql);
$fm_id = sql_insert_id();
}
else if ($w == "u")
{
$sql = " update {$g5['faq_master_table']} $sql_common where fm_id = '$fm_id' ";
sql_query($sql);
}
else if ($w == "d")
{
@unlink(G5_DATA_PATH."/faq/{$fm_id}_h");
@unlink(G5_DATA_PATH."/faq/{$fm_id}_t");
// FAQ삭제
$sql = " delete from {$g5['faq_master_table']} where fm_id = '$fm_id' ";
sql_query($sql);
// FAQ상세삭제
$sql = " delete from {$g5['faq_table']} where fm_id = '$fm_id' ";
sql_query($sql);
}
if ($w == "" || $w == "u")
{
if ($_FILES['fm_himg']['name']){
$dest_path = G5_DATA_PATH."/faq/".$fm_id."_h";
@move_uploaded_file($_FILES['fm_himg']['tmp_name'], $dest_path);
@chmod($dest_path, G5_FILE_PERMISSION);
}
if ($_FILES['fm_timg']['name']){
$dest_path = G5_DATA_PATH."/faq/".$fm_id."_t";
@move_uploaded_file($_FILES['fm_timg']['tmp_name'], $dest_path);
@chmod($dest_path, G5_FILE_PERMISSION);
}
goto_url("./faqmasterform.php?w=u&amp;fm_id=$fm_id");
}
else
goto_url("./faqmasterlist.php");
<?php
$sub_menu = '300700';
require_once './_common.php';
if ($w == "u" || $w == "d") {
check_demo();
}
if ($w == 'd') {
auth_check_menu($auth, $sub_menu, "d");
} else {
auth_check_menu($auth, $sub_menu, "w");
}
check_admin_token();
@mkdir(G5_DATA_PATH . "/faq", G5_DIR_PERMISSION);
@chmod(G5_DATA_PATH . "/faq", G5_DIR_PERMISSION);
$fm_id = isset($_REQUEST['fm_id']) ? (int) $_REQUEST['fm_id'] : 0;
$fm_himg_del = isset($_POST['fm_himg_del']) ? (int) $_POST['fm_himg_del'] : 0;
$fm_timg_del = isset($_POST['fm_timg_del']) ? (int) $_POST['fm_timg_del'] : 0;
$fm_subject = isset($_POST['fm_subject']) ? strip_tags(clean_xss_attributes($_POST['fm_subject'])) : '';
$fm_head_html = isset($_POST['fm_head_html']) ? $_POST['fm_head_html'] : '';
$fm_tail_html = isset($_POST['fm_tail_html']) ? $_POST['fm_tail_html'] : '';
$fm_mobile_head_html = isset($_POST['fm_mobile_head_html']) ? $_POST['fm_mobile_head_html'] : '';
$fm_mobile_tail_html = isset($_POST['fm_mobile_tail_html']) ? $_POST['fm_mobile_tail_html'] : '';
$fm_order = isset($_POST['fm_order']) ? (int) $_POST['fm_order'] : 0;
if ($fm_himg_del) {
@unlink(G5_DATA_PATH . "/faq/{$fm_id}_h");
}
if ($fm_timg_del) {
@unlink(G5_DATA_PATH . "/faq/{$fm_id}_t");
}
$sql_common = " set fm_subject = '$fm_subject',
fm_head_html = '$fm_head_html',
fm_tail_html = '$fm_tail_html',
fm_mobile_head_html = '$fm_mobile_head_html',
fm_mobile_tail_html = '$fm_mobile_tail_html',
fm_order = '$fm_order' ";
if ($w == "") {
$sql = " alter table {$g5['faq_master_table']} auto_increment=1 ";
sql_query($sql);
$sql = " insert {$g5['faq_master_table']} $sql_common ";
sql_query($sql);
$fm_id = sql_insert_id();
} elseif ($w == "u") {
$sql = " update {$g5['faq_master_table']} $sql_common where fm_id = '$fm_id' ";
sql_query($sql);
} elseif ($w == "d") {
@unlink(G5_DATA_PATH . "/faq/{$fm_id}_h");
@unlink(G5_DATA_PATH . "/faq/{$fm_id}_t");
// FAQ삭제
$sql = " delete from {$g5['faq_master_table']} where fm_id = '$fm_id' ";
sql_query($sql);
// FAQ상세삭제
$sql = " delete from {$g5['faq_table']} where fm_id = '$fm_id' ";
sql_query($sql);
}
if ($w == "" || $w == "u") {
if ($_FILES['fm_himg']['name']) {
$dest_path = G5_DATA_PATH . "/faq/" . $fm_id . "_h";
@move_uploaded_file($_FILES['fm_himg']['tmp_name'], $dest_path);
@chmod($dest_path, G5_FILE_PERMISSION);
}
if ($_FILES['fm_timg']['name']) {
$dest_path = G5_DATA_PATH . "/faq/" . $fm_id . "_t";
@move_uploaded_file($_FILES['fm_timg']['tmp_name'], $dest_path);
@chmod($dest_path, G5_FILE_PERMISSION);
}
goto_url("./faqmasterform.php?w=u&amp;fm_id=$fm_id");
} else {
goto_url("./faqmasterlist.php");
}

264
adm/faqmasterlist.php
View File

@ -1,127 +1,137 @@
<?php
$sub_menu = '300700';
include_once('./_common.php');
auth_check_menu($auth, $sub_menu, "r");
//dbconfig파일에 $g5['faq_table'] , $g5['faq_master_table'] 배열변수가 있는지 체크
if( !isset($g5['faq_table']) || !isset($g5['faq_master_table']) ){
die('<meta charset="utf-8">/data/dbconfig.php 파일에 <br ><strong>$g5[\'faq_table\'] = G5_TABLE_PREFIX.\'faq\';</strong><br ><strong>$g5[\'faq_master_table\'] = G5_TABLE_PREFIX.\'faq_master\';</strong><br > 를 추가해 주세요.');
}
//자주하시는 질문 마스터 테이블이 있는지 검사한다.
if(!sql_query(" DESCRIBE {$g5['faq_master_table']} ", false)) {
if(sql_query(" DESCRIBE {$g5['g5_shop_faq_master_table']} ", false)) {
sql_query(" ALTER TABLE {$g5['g5_shop_faq_master_table']} RENAME TO `{$g5['faq_master_table']}` ;", false);
} else {
$query_cp = sql_query(" CREATE TABLE IF NOT EXISTS `{$g5['faq_master_table']}` (
`fm_id` int(11) NOT NULL AUTO_INCREMENT,
`fm_subject` varchar(255) NOT NULL DEFAULT '',
`fm_head_html` text NOT NULL,
`fm_tail_html` text NOT NULL,
`fm_order` int(11) NOT NULL DEFAULT '0',
PRIMARY KEY (`fm_id`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 ", true);
}
// FAQ Master
sql_query(" insert into `{$g5['faq_master_table']}` set fm_id = '1', fm_subject = '자주하시는 질문' ", false);
}
//자주하시는 질문 테이블이 있는지 검사한다.
if(!sql_query(" DESCRIBE {$g5['faq_table']} ", false)) {
if(sql_query(" DESCRIBE {$g5['g5_shop_faq_table']} ", false)) {
sql_query(" ALTER TABLE {$g5['g5_shop_faq_table']} RENAME TO `{$g5['faq_table']}` ;", false);
} else {
$query_cp = sql_query(" CREATE TABLE IF NOT EXISTS `{$g5['faq_table']}` (
`fa_id` int(11) NOT NULL AUTO_INCREMENT,
`fm_id` int(11) NOT NULL DEFAULT '0',
`fa_subject` text NOT NULL,
`fa_content` text NOT NULL,
`fa_order` int(11) NOT NULL DEFAULT '0',
PRIMARY KEY (`fa_id`),
KEY `fm_id` (`fm_id`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 ", true);
}
}
$g5['title'] = 'FAQ관리';
include_once (G5_ADMIN_PATH.'/admin.head.php');
$sql_common = " from {$g5['faq_master_table']} ";
// 테이블의 전체 레코드수만 얻음
$sql = " select count(*) as cnt " . $sql_common;
$row = sql_fetch($sql);
$total_count = $row['cnt'];
$rows = $config['cf_page_rows'];
$total_page = ceil($total_count / $rows); // 전체 페이지 계산
if ($page < 1) { $page = 1; } // 페이지가 없으면 첫 페이지 (1 페이지)
$from_record = ($page - 1) * $rows; // 시작 열을 구함
$sql = "select * $sql_common order by fm_order, fm_id limit $from_record, {$config['cf_page_rows']} ";
$result = sql_query($sql);
?>
<div class="local_ov01 local_ov">
<?php if ($page > 1) {?><a href="<?php echo $_SERVER['SCRIPT_NAME']; ?>">처음으로</a><?php } ?>
<span class="btn_ov01"><span class="ov_txt"> 전체 FAQ </span><span class="ov_num"> <?php echo $total_count; ?>건</span></span>
</div>
<div class="local_desc01 local_desc">
<ol>
<li>FAQ는 무제한으로 등록할 수 있습니다</li>
<li><strong>FAQ추가</strong>를 눌러 FAQ Master를 생성합니다. (하나의 FAQ 타이틀 생성 : 자주하시는 질문, 이용안내..등 )</li>
<li>생성한 FAQ Master 의 <strong>제목</strong>을 눌러 세부 내용을 관리할 수 있습니다.</li>
</ol>
</div>
<div class="btn_fixed_top">
<a href="./faqmasterform.php" class="btn_01 btn">FAQ추가</a>
</div>
<div class="tbl_head01 tbl_wrap">
<table>
<caption><?php echo $g5['title']; ?> 목록</caption>
<thead>
<tr>
<th scope="col">ID</th>
<th scope="col">제목</th>
<th scope="col">FAQ수</th>
<th scope="col">순서</th>
<th scope="col">관리</th>
</tr>
</thead>
<tbody>
<?php for ($i=0; $row=sql_fetch_array($result); $i++) {
$sql1 = " select COUNT(*) as cnt from {$g5['faq_table']} where fm_id = '{$row['fm_id']}' ";
$row1 = sql_fetch($sql1);
$cnt = $row1['cnt'];
$bg = 'bg'.($i%2);
?>
<tr class="<?php echo $bg; ?>">
<td class="td_num"><?php echo $row['fm_id']; ?></td>
<td class="td_left"><a href="./faqlist.php?fm_id=<?php echo $row['fm_id']; ?>&amp;fm_subject=<?php echo $row['fm_subject']; ?>"><?php echo stripslashes($row['fm_subject']); ?></a></td>
<td class="td_num"><?php echo $cnt; ?></td>
<td class="td_num"><?php echo $row['fm_order']?></td>
<td class="td_mng td_mng_l">
<a href="./faqmasterform.php?w=u&amp;fm_id=<?php echo $row['fm_id']; ?>" class="btn btn_03"><span class="sound_only"><?php echo stripslashes($row['fm_subject']); ?> </span>수정</a>
<a href="<?php echo G5_BBS_URL; ?>/faq.php?fm_id=<?php echo $row['fm_id']; ?>" class="btn btn_02"><span class="sound_only"><?php echo stripslashes($row['fm_subject']); ?> </span>보기</a>
<a href="./faqmasterformupdate.php?w=d&amp;fm_id=<?php echo $row['fm_id']; ?>" onclick="return delete_confirm(this);" class="btn btn_02"><span class="sound_only"><?php echo stripslashes($row['fm_subject']); ?> </span>삭제</a>
</td>
</tr>
<?php
}
if ($i == 0){
echo '<tr><td colspan="5" class="empty_table"><span>자료가 한건도 없습니다.</span></td></tr>';
}
?>
</tbody>
</table>
</div>
<?php echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, "{$_SERVER['SCRIPT_NAME']}?$qstr&amp;page="); ?>
<?php
include_once (G5_ADMIN_PATH.'/admin.tail.php');
<?php
$sub_menu = '300700';
require_once './_common.php';
auth_check_menu($auth, $sub_menu, "r");
//dbconfig파일에 $g5['faq_table'] , $g5['faq_master_table'] 배열변수가 있는지 체크
if (!isset($g5['faq_table']) || !isset($g5['faq_master_table'])) {
die('<meta charset="utf-8">/data/dbconfig.php 파일에 <br ><strong>$g5[\'faq_table\'] = G5_TABLE_PREFIX.\'faq\';</strong><br ><strong>$g5[\'faq_master_table\'] = G5_TABLE_PREFIX.\'faq_master\';</strong><br > 를 추가해 주세요.');
}
//자주하시는 질문 마스터 테이블이 있는지 검사한다.
if (!sql_query(" DESCRIBE {$g5['faq_master_table']} ", false)) {
if (sql_query(" DESCRIBE {$g5['g5_shop_faq_master_table']} ", false)) {
sql_query(" ALTER TABLE {$g5['g5_shop_faq_master_table']} RENAME TO `{$g5['faq_master_table']}` ;", false);
} else {
$query_cp = sql_query(
" CREATE TABLE IF NOT EXISTS `{$g5['faq_master_table']}` (
`fm_id` int(11) NOT NULL AUTO_INCREMENT,
`fm_subject` varchar(255) NOT NULL DEFAULT '',
`fm_head_html` text NOT NULL,
`fm_tail_html` text NOT NULL,
`fm_order` int(11) NOT NULL DEFAULT '0',
PRIMARY KEY (`fm_id`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 ",
true
);
}
// FAQ Master
sql_query(" insert into `{$g5['faq_master_table']}` set fm_id = '1', fm_subject = '자주하시는 질문' ", false);
}
//자주하시는 질문 테이블이 있는지 검사한다.
if (!sql_query(" DESCRIBE {$g5['faq_table']} ", false)) {
if (sql_query(" DESCRIBE {$g5['g5_shop_faq_table']} ", false)) {
sql_query(" ALTER TABLE {$g5['g5_shop_faq_table']} RENAME TO `{$g5['faq_table']}` ;", false);
} else {
$query_cp = sql_query(
" CREATE TABLE IF NOT EXISTS `{$g5['faq_table']}` (
`fa_id` int(11) NOT NULL AUTO_INCREMENT,
`fm_id` int(11) NOT NULL DEFAULT '0',
`fa_subject` text NOT NULL,
`fa_content` text NOT NULL,
`fa_order` int(11) NOT NULL DEFAULT '0',
PRIMARY KEY (`fa_id`),
KEY `fm_id` (`fm_id`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 ",
true
);
}
}
$g5['title'] = 'FAQ관리';
require_once G5_ADMIN_PATH . '/admin.head.php';
$sql_common = " from {$g5['faq_master_table']} ";
// 테이블의 전체 레코드수만 얻음
$sql = " select count(*) as cnt " . $sql_common;
$row = sql_fetch($sql);
$total_count = $row['cnt'];
$rows = $config['cf_page_rows'];
$total_page = ceil($total_count / $rows); // 전체 페이지 계산
if ($page < 1) {
$page = 1;
} // 페이지가 없으면 첫 페이지 (1 페이지)
$from_record = ($page - 1) * $rows; // 시작 열을 구함
$sql = "select * $sql_common order by fm_order, fm_id limit $from_record, {$config['cf_page_rows']} ";
$result = sql_query($sql);
?>
<div class="local_ov01 local_ov">
<?php if ($page > 1) { ?>
<a href="<?php echo $_SERVER['SCRIPT_NAME']; ?>">처음으로</a>
<?php } ?>
<span class="btn_ov01"><span class="ov_txt"> 전체 FAQ </span><span class="ov_num"> <?php echo $total_count; ?>건</span></span>
</div>
<div class="local_desc01 local_desc">
<ol>
<li>FAQ는 무제한으로 등록할 수 있습니다</li>
<li><strong>FAQ추가</strong>를 눌러 FAQ Master를 생성합니다. (하나의 FAQ 타이틀 생성 : 자주하시는 질문, 이용안내..등 )</li>
<li>생성한 FAQ Master 의 <strong>제목</strong>을 눌러 세부 내용을 관리할 수 있습니다.</li>
</ol>
</div>
<div class="btn_fixed_top">
<a href="./faqmasterform.php" class="btn_01 btn">FAQ추가</a>
</div>
<div class="tbl_head01 tbl_wrap">
<table>
<caption><?php echo $g5['title']; ?> 목록</caption>
<thead>
<tr>
<th scope="col">ID</th>
<th scope="col">제목</th>
<th scope="col">FAQ수</th>
<th scope="col">순서</th>
<th scope="col">관리</th>
</tr>
</thead>
<tbody>
<?php for ($i = 0; $row = sql_fetch_array($result); $i++) {
$sql1 = " select COUNT(*) as cnt from {$g5['faq_table']} where fm_id = '{$row['fm_id']}' ";
$row1 = sql_fetch($sql1);
$cnt = $row1['cnt'];
$bg = 'bg' . ($i % 2);
?>
<tr class="<?php echo $bg; ?>">
<td class="td_num"><?php echo $row['fm_id']; ?></td>
<td class="td_left"><a href="./faqlist.php?fm_id=<?php echo $row['fm_id']; ?>&amp;fm_subject=<?php echo $row['fm_subject']; ?>"><?php echo stripslashes($row['fm_subject']); ?></a></td>
<td class="td_num"><?php echo $cnt; ?></td>
<td class="td_num"><?php echo $row['fm_order'] ?></td>
<td class="td_mng td_mng_l">
<a href="./faqmasterform.php?w=u&amp;fm_id=<?php echo $row['fm_id']; ?>" class="btn btn_03"><span class="sound_only"><?php echo stripslashes($row['fm_subject']); ?> </span>수정</a>
<a href="<?php echo G5_BBS_URL; ?>/faq.php?fm_id=<?php echo $row['fm_id']; ?>" class="btn btn_02"><span class="sound_only"><?php echo stripslashes($row['fm_subject']); ?> </span>보기</a>
<a href="./faqmasterformupdate.php?w=d&amp;fm_id=<?php echo $row['fm_id']; ?>" onclick="return delete_confirm(this);" class="btn btn_02"><span class="sound_only"><?php echo stripslashes($row['fm_subject']); ?> </span>삭제</a>
</td>
</tr>
<?php
}
if ($i == 0) {
echo '<tr><td colspan="5" class="empty_table"><span>자료가 한건도 없습니다.</span></td></tr>';
}
?>
</tbody>
</table>
</div>
<?php echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, "{$_SERVER['SCRIPT_NAME']}?$qstr&amp;page="); ?>
<?php
require_once G5_ADMIN_PATH . '/admin.tail.php';

353
adm/index.php
View File

@ -1,14 +1,14 @@
<?php
$sub_menu = '100000';
include_once('./_common.php');
require_once './_common.php';
@include_once('./safe_check.php');
if(function_exists('social_log_file_delete')){
@require_once './safe_check.php';
if (function_exists('social_log_file_delete')) {
social_log_file_delete(86400); //소셜로그인 디버그 파일 24시간 지난것은 삭제
}
$g5['title'] = '관리자메인';
include_once ('./admin.head.php');
require_once './admin.head.php';
$new_member_rows = 5;
$new_point_rows = 5;
@ -18,8 +18,9 @@ $sql_common = " from {$g5['member_table']} ";
$sql_search = " where (1) ";
if ($is_admin != 'super')
if ($is_admin != 'super') {
$sql_search .= " and mb_level <= '{$member['mb_level']}' ";
}
if (!$sst) {
$sst = "mb_datetime";
@ -56,69 +57,69 @@ $colspan = 12;
<div class="tbl_head01 tbl_wrap">
<table>
<caption>신규가입회원</caption>
<thead>
<tr>
<th scope="col">회원아이디</th>
<th scope="col">이름</th>
<th scope="col">닉네임</th>
<th scope="col">권한</th>
<th scope="col">포인트</th>
<th scope="col">수신</th>
<th scope="col">공개</th>
<th scope="col">인증</th>
<th scope="col">차단</th>
<th scope="col">그룹</th>
</tr>
</thead>
<tbody>
<?php
for ($i=0; $row=sql_fetch_array($result); $i++)
{
// 접근가능한 그룹수
$sql2 = " select count(*) as cnt from {$g5['group_member_table']} where mb_id = '{$row['mb_id']}' ";
$row2 = sql_fetch($sql2);
$group = "";
if ($row2['cnt'])
$group = '<a href="./boardgroupmember_form.php?mb_id='.$row['mb_id'].'">'.$row2['cnt'].'</a>';
<caption>신규가입회원</caption>
<thead>
<tr>
<th scope="col">회원아이디</th>
<th scope="col">이름</th>
<th scope="col">닉네임</th>
<th scope="col">권한</th>
<th scope="col">포인트</th>
<th scope="col">수신</th>
<th scope="col">공개</th>
<th scope="col">인증</th>
<th scope="col">차단</th>
<th scope="col">그룹</th>
</tr>
</thead>
<tbody>
<?php
for ($i = 0; $row = sql_fetch_array($result); $i++) {
// 접근가능한 그룹수
$sql2 = " select count(*) as cnt from {$g5['group_member_table']} where mb_id = '{$row['mb_id']}' ";
$row2 = sql_fetch($sql2);
$group = "";
if ($row2['cnt']) {
$group = '<a href="./boardgroupmember_form.php?mb_id=' . $row['mb_id'] . '">' . $row2['cnt'] . '</a>';
}
if ($is_admin == 'group')
{
$s_mod = '';
$s_del = '';
}
else
{
$s_mod = '<a href="./member_form.php?$qstr&amp;w=u&amp;mb_id='.$row['mb_id'].'">수정</a>';
$s_del = '<a href="./member_delete.php?'.$qstr.'&amp;w=d&amp;mb_id='.$row['mb_id'].'&amp;url='.$_SERVER['SCRIPT_NAME'].'" onclick="return delete_confirm(this);">삭제</a>';
}
$s_grp = '<a href="./boardgroupmember_form.php?mb_id='.$row['mb_id'].'">그룹</a>';
if ($is_admin == 'group') {
$s_mod = '';
$s_del = '';
} else {
$s_mod = '<a href="./member_form.php?$qstr&amp;w=u&amp;mb_id=' . $row['mb_id'] . '">수정</a>';
$s_del = '<a href="./member_delete.php?' . $qstr . '&amp;w=d&amp;mb_id=' . $row['mb_id'] . '&amp;url=' . $_SERVER['SCRIPT_NAME'] . '" onclick="return delete_confirm(this);">삭제</a>';
}
$s_grp = '<a href="./boardgroupmember_form.php?mb_id=' . $row['mb_id'] . '">그룹</a>';
$leave_date = $row['mb_leave_date'] ? $row['mb_leave_date'] : date("Ymd", G5_SERVER_TIME);
$intercept_date = $row['mb_intercept_date'] ? $row['mb_intercept_date'] : date("Ymd", G5_SERVER_TIME);
$leave_date = $row['mb_leave_date'] ? $row['mb_leave_date'] : date("Ymd", G5_SERVER_TIME);
$intercept_date = $row['mb_intercept_date'] ? $row['mb_intercept_date'] : date("Ymd", G5_SERVER_TIME);
$mb_nick = get_sideview($row['mb_id'], get_text($row['mb_nick']), $row['mb_email'], $row['mb_homepage']);
$mb_nick = get_sideview($row['mb_id'], get_text($row['mb_nick']), $row['mb_email'], $row['mb_homepage']);
$mb_id = $row['mb_id'];
?>
<tr>
<td class="td_mbid"><?php echo $mb_id ?></td>
<td class="td_mbname"><?php echo get_text($row['mb_name']); ?></td>
<td class="td_mbname sv_use"><div><?php echo $mb_nick ?></div></td>
<td class="td_num"><?php echo $row['mb_level'] ?></td>
<td><a href="./point_list.php?sfl=mb_id&amp;stx=<?php echo $row['mb_id'] ?>"><?php echo number_format($row['mb_point']) ?></a></td>
<td class="td_boolean"><?php echo $row['mb_mailling']?'예':'아니오'; ?></td>
<td class="td_boolean"><?php echo $row['mb_open']?'예':'아니오'; ?></td>
<td class="td_boolean"><?php echo preg_match('/[1-9]/', $row['mb_email_certify'])?'예':'아니오'; ?></td>
<td class="td_boolean"><?php echo $row['mb_intercept_date']?'예':'아니오'; ?></td>
<td class="td_category"><?php echo $group ?></td>
</tr>
<?php
}
if ($i == 0)
echo '<tr><td colspan="'.$colspan.'" class="empty_table">자료가 없습니다.</td></tr>';
?>
</tbody>
$mb_id = $row['mb_id'];
?>
<tr>
<td class="td_mbid"><?php echo $mb_id ?></td>
<td class="td_mbname"><?php echo get_text($row['mb_name']); ?></td>
<td class="td_mbname sv_use">
<div><?php echo $mb_nick ?></div>
</td>
<td class="td_num"><?php echo $row['mb_level'] ?></td>
<td><a href="./point_list.php?sfl=mb_id&amp;stx=<?php echo $row['mb_id'] ?>"><?php echo number_format($row['mb_point']) ?></a></td>
<td class="td_boolean"><?php echo $row['mb_mailling'] ? '예' : '아니오'; ?></td>
<td class="td_boolean"><?php echo $row['mb_open'] ? '예' : '아니오'; ?></td>
<td class="td_boolean"><?php echo preg_match('/[1-9]/', $row['mb_email_certify']) ? '예' : '아니오'; ?></td>
<td class="td_boolean"><?php echo $row['mb_intercept_date'] ? '예' : '아니오'; ?></td>
<td class="td_category"><?php echo $group ?></td>
</tr>
<?php
}
if ($i == 0) {
echo '<tr><td colspan="' . $colspan . '" class="empty_table">자료가 없습니다.</td></tr>';
}
?>
</tbody>
</table>
</div>
@ -131,13 +132,15 @@ $colspan = 12;
<?php
$sql_common = " from {$g5['board_new_table']} a, {$g5['board_table']} b, {$g5['group_table']} c where a.bo_table = b.bo_table and b.gr_id = c.gr_id ";
if ($gr_id)
if ($gr_id) {
$sql_common .= " and b.gr_id = '$gr_id' ";
}
if (isset($view) && $view) {
if ($view == 'w')
if ($view == 'w') {
$sql_common .= " and a.wr_id = a.wr_parent ";
else if ($view == 'c')
} elseif ($view == 'c') {
$sql_common .= " and a.wr_id <> a.wr_parent ";
}
}
$sql_order = " order by a.bn_id desc ";
@ -153,72 +156,74 @@ $colspan = 5;
<div class="tbl_head01 tbl_wrap">
<table>
<caption>최근게시물</caption>
<thead>
<tr>
<th scope="col">그룹</th>
<th scope="col">게시판</th>
<th scope="col">제목</th>
<th scope="col">이름</th>
<th scope="col">일시</th>
</tr>
</thead>
<tbody>
<?php
$sql = " select a.*, b.bo_subject, c.gr_subject, c.gr_id {$sql_common} {$sql_order} limit {$new_write_rows} ";
$result = sql_query($sql);
for ($i=0; $row=sql_fetch_array($result); $i++)
{
$tmp_write_table = $g5['write_prefix'] . $row['bo_table'];
<caption>최근게시물</caption>
<thead>
<tr>
<th scope="col">그룹</th>
<th scope="col">게시판</th>
<th scope="col">제목</th>
<th scope="col">이름</th>
<th scope="col">일시</th>
</tr>
</thead>
<tbody>
<?php
$sql = " select a.*, b.bo_subject, c.gr_subject, c.gr_id {$sql_common} {$sql_order} limit {$new_write_rows} ";
$result = sql_query($sql);
for ($i = 0; $row = sql_fetch_array($result); $i++) {
$tmp_write_table = $g5['write_prefix'] . $row['bo_table'];
if ($row['wr_id'] == $row['wr_parent']) // 원글
{
$comment = "";
$comment_link = "";
$row2 = sql_fetch(" select * from $tmp_write_table where wr_id = '{$row['wr_id']}' ");
// 원글
if ($row['wr_id'] == $row['wr_parent']) {
$comment = "";
$comment_link = "";
$row2 = sql_fetch(" select * from $tmp_write_table where wr_id = '{$row['wr_id']}' ");
$name = get_sideview($row2['mb_id'], get_text(cut_str($row2['wr_name'], $config['cf_cut_name'])), $row2['wr_email'], $row2['wr_homepage']);
// 당일인 경우 시간으로 표시함
$datetime = substr($row2['wr_datetime'],0,10);
$datetime2 = $row2['wr_datetime'];
if ($datetime == G5_TIME_YMD)
$datetime2 = substr($datetime2,11,5);
else
$datetime2 = substr($datetime2,5,5);
$name = get_sideview($row2['mb_id'], get_text(cut_str($row2['wr_name'], $config['cf_cut_name'])), $row2['wr_email'], $row2['wr_homepage']);
// 당일인 경우 시간으로 표시함
$datetime = substr($row2['wr_datetime'], 0, 10);
$datetime2 = $row2['wr_datetime'];
if ($datetime == G5_TIME_YMD) {
$datetime2 = substr($datetime2, 11, 5);
} else {
$datetime2 = substr($datetime2, 5, 5);
}
} else // 코멘트
{
$comment = '댓글. ';
$comment_link = '#c_' . $row['wr_id'];
$row2 = sql_fetch(" select * from {$tmp_write_table} where wr_id = '{$row['wr_parent']}' ");
$row3 = sql_fetch(" select mb_id, wr_name, wr_email, wr_homepage, wr_datetime from {$tmp_write_table} where wr_id = '{$row['wr_id']}' ");
}
else // 코멘트
{
$comment = '댓글. ';
$comment_link = '#c_'.$row['wr_id'];
$row2 = sql_fetch(" select * from {$tmp_write_table} where wr_id = '{$row['wr_parent']}' ");
$row3 = sql_fetch(" select mb_id, wr_name, wr_email, wr_homepage, wr_datetime from {$tmp_write_table} where wr_id = '{$row['wr_id']}' ");
$name = get_sideview($row3['mb_id'], get_text(cut_str($row3['wr_name'], $config['cf_cut_name'])), $row3['wr_email'], $row3['wr_homepage']);
// 당일인 경우 시간으로 표시함
$datetime = substr($row3['wr_datetime'], 0, 10);
$datetime2 = $row3['wr_datetime'];
if ($datetime == G5_TIME_YMD) {
$datetime2 = substr($datetime2, 11, 5);
} else {
$datetime2 = substr($datetime2, 5, 5);
}
}
?>
$name = get_sideview($row3['mb_id'], get_text(cut_str($row3['wr_name'], $config['cf_cut_name'])), $row3['wr_email'], $row3['wr_homepage']);
// 당일인 경우 시간으로 표시함
$datetime = substr($row3['wr_datetime'],0,10);
$datetime2 = $row3['wr_datetime'];
if ($datetime == G5_TIME_YMD)
$datetime2 = substr($datetime2,11,5);
else
$datetime2 = substr($datetime2,5,5);
}
?>
<tr>
<td class="td_category"><a href="<?php echo G5_BBS_URL ?>/new.php?gr_id=<?php echo $row['gr_id'] ?>"><?php echo cut_str($row['gr_subject'], 10) ?></a></td>
<td class="td_category"><a href="<?php echo get_pretty_url($row['bo_table']) ?>"><?php echo cut_str($row['bo_subject'], 20) ?></a></td>
<td><a href="<?php echo get_pretty_url($row['bo_table'], $row2['wr_id']); ?><?php echo $comment_link ?>"><?php echo $comment ?><?php echo conv_subject($row2['wr_subject'], 100) ?></a></td>
<td class="td_mbname">
<div><?php echo $name ?></div>
</td>
<td class="td_datetime"><?php echo $datetime ?></td>
</tr>
<tr>
<td class="td_category"><a href="<?php echo G5_BBS_URL ?>/new.php?gr_id=<?php echo $row['gr_id'] ?>"><?php echo cut_str($row['gr_subject'],10) ?></a></td>
<td class="td_category"><a href="<?php echo get_pretty_url($row['bo_table']) ?>"><?php echo cut_str($row['bo_subject'],20) ?></a></td>
<td><a href="<?php echo get_pretty_url($row['bo_table'], $row2['wr_id']); ?><?php echo $comment_link ?>"><?php echo $comment ?><?php echo conv_subject($row2['wr_subject'], 100) ?></a></td>
<td class="td_mbname"><div><?php echo $name ?></div></td>
<td class="td_datetime"><?php echo $datetime ?></td>
</tr>
<?php
}
if ($i == 0)
echo '<tr><td colspan="'.$colspan.'" class="empty_table">자료가 없습니다.</td></tr>';
?>
</tbody>
<?php
}
if ($i == 0) {
echo '<tr><td colspan="' . $colspan . '" class="empty_table">자료가 없습니다.</td></tr>';
}
?>
</tbody>
</table>
</div>
@ -250,56 +255,56 @@ $colspan = 7;
<div class="tbl_head01 tbl_wrap">
<table>
<caption>최근 포인트 발생내역</caption>
<thead>
<tr>
<th scope="col">회원아이디</th>
<th scope="col">이름</th>
<th scope="col">닉네임</th>
<th scope="col">일시</th>
<th scope="col">포인트 내용</th>
<th scope="col">포인트</th>
<th scope="col">포인트합</th>
</tr>
</thead>
<tbody>
<?php
$row2['mb_id'] = '';
for ($i=0; $row=sql_fetch_array($result); $i++)
{
if ($row2['mb_id'] != $row['mb_id'])
{
$sql2 = " select mb_id, mb_name, mb_nick, mb_email, mb_homepage, mb_point from {$g5['member_table']} where mb_id = '{$row['mb_id']}' ";
$row2 = sql_fetch($sql2);
}
<caption>최근 포인트 발생내역</caption>
<thead>
<tr>
<th scope="col">회원아이디</th>
<th scope="col">이름</th>
<th scope="col">닉네임</th>
<th scope="col">일시</th>
<th scope="col">포인트 내용</th>
<th scope="col">포인트</th>
<th scope="col">포인트합</th>
</tr>
</thead>
<tbody>
<?php
$row2['mb_id'] = '';
for ($i = 0; $row = sql_fetch_array($result); $i++) {
if ($row2['mb_id'] != $row['mb_id']) {
$sql2 = " select mb_id, mb_name, mb_nick, mb_email, mb_homepage, mb_point from {$g5['member_table']} where mb_id = '{$row['mb_id']}' ";
$row2 = sql_fetch($sql2);
}
$mb_nick = get_sideview($row['mb_id'], $row2['mb_nick'], $row2['mb_email'], $row2['mb_homepage']);
$mb_nick = get_sideview($row['mb_id'], $row2['mb_nick'], $row2['mb_email'], $row2['mb_homepage']);
$link1 = $link2 = "";
if (!preg_match("/^\@/", $row['po_rel_table']) && $row['po_rel_table'])
{
$link1 = '<a href="'.get_pretty_url($row['po_rel_table'], $row['po_rel_id']).'" target="_blank">';
$link2 = '</a>';
}
?>
$link1 = $link2 = "";
if (!preg_match("/^\@/", $row['po_rel_table']) && $row['po_rel_table']) {
$link1 = '<a href="' . get_pretty_url($row['po_rel_table'], $row['po_rel_id']) . '" target="_blank">';
$link2 = '</a>';
}
?>
<tr>
<td class="td_mbid"><a href="./point_list.php?sfl=mb_id&amp;stx=<?php echo $row['mb_id'] ?>"><?php echo $row['mb_id'] ?></a></td>
<td class="td_mbname"><?php echo get_text($row2['mb_name']); ?></td>
<td class="td_name sv_use"><div><?php echo $mb_nick ?></div></td>
<td class="td_datetime"><?php echo $row['po_datetime'] ?></td>
<td><?php echo $link1.$row['po_content'].$link2 ?></td>
<td class="td_numbig"><?php echo number_format($row['po_point']) ?></td>
<td class="td_numbig"><?php echo number_format($row['po_mb_point']) ?></td>
</tr>
<tr>
<td class="td_mbid"><a href="./point_list.php?sfl=mb_id&amp;stx=<?php echo $row['mb_id'] ?>"><?php echo $row['mb_id'] ?></a></td>
<td class="td_mbname"><?php echo get_text($row2['mb_name']); ?></td>
<td class="td_name sv_use">
<div><?php echo $mb_nick ?></div>
</td>
<td class="td_datetime"><?php echo $row['po_datetime'] ?></td>
<td><?php echo $link1 . $row['po_content'] . $link2 ?></td>
<td class="td_numbig"><?php echo number_format($row['po_point']) ?></td>
<td class="td_numbig"><?php echo number_format($row['po_mb_point']) ?></td>
</tr>
<?php
}
<?php
}
if ($i == 0)
echo '<tr><td colspan="'.$colspan.'" class="empty_table">자료가 없습니다.</td></tr>';
?>
</tbody>
if ($i == 0) {
echo '<tr><td colspan="' . $colspan . '" class="empty_table">자료가 없습니다.</td></tr>';
}
?>
</tbody>
</table>
</div>
@ -309,4 +314,4 @@ $colspan = 7;
</section>
<?php
include_once ('./admin.tail.php');
require_once './admin.tail.php';

9
adm/mail_delete.php
View File

@ -1,6 +1,6 @@
<?php
$sub_menu = '200300';
include_once('./_common.php');
require_once './_common.php';
check_demo();
@ -10,14 +10,15 @@ check_admin_token();
$post_count_chk = (isset($_POST['chk']) && is_array($_POST['chk'])) ? count($_POST['chk']) : 0;
if(! $post_count_chk)
if (!$post_count_chk) {
alert('삭제할 메일목록을 1개이상 선택해 주세요.');
}
for($i=0; $i<$post_count_chk; $i++) {
for ($i = 0; $i < $post_count_chk; $i++) {
$ma_id = isset($_POST['chk'][$i]) ? (int) $_POST['chk'][$i] : 0;
$sql = " delete from {$g5['mail_table']} where ma_id = '$ma_id' ";
sql_query($sql);
}
goto_url('./mail_list.php');
goto_url('./mail_list.php');

174
adm/mail_form.php
View File

@ -1,86 +1,88 @@
<?php
$sub_menu = "200300";
include_once('./_common.php');
include_once(G5_EDITOR_LIB);
auth_check_menu($auth, $sub_menu, 'r');
$html_title = '회원메일';
$ma_id = isset($_GET['ma_id']) ? (int) $_GET['ma_id'] : 0;
$ma = array('ma_id'=>0, 'ma_subject'=>'', 'ma_content'=>'');
if ($w == 'u') {
$html_title .= '수정';
$readonly = ' readonly';
$sql = " select * from {$g5['mail_table']} where ma_id = '{$ma_id}' ";
$ma = sql_fetch($sql);
if (!$ma['ma_id'])
alert('등록된 자료가 없습니다.');
} else {
$html_title .= '입력';
}
$g5['title'] = $html_title;
include_once('./admin.head.php');
?>
<div class="local_desc"><p>메일 내용에 {이름} , {닉네임} , {회원아이디} , {이메일} 처럼 내용에 삽입하면 해당 내용에 맞게 변환하여 메일을 발송합니다.</p></div>
<form name="fmailform" id="fmailform" action="./mail_update.php" onsubmit="return fmailform_check(this);" method="post">
<input type="hidden" name="w" value="<?php echo $w ?>" id="w">
<input type="hidden" name="ma_id" value="<?php echo $ma['ma_id'] ?>" id="ma_id">
<input type="hidden" name="token" value="" id="token">
<div class="tbl_frm01 tbl_wrap">
<table>
<caption><?php echo $g5['title']; ?></caption>
<colgroup>
<col class="grid_4">
<col>
</colgroup>
<tbody>
<tr>
<th scope="row"><label for="ma_subject">메일 제목<strong class="sound_only">필수</strong></label></th>
<td><input type="text" name="ma_subject" value="<?php echo get_sanitize_input($ma['ma_subject']); ?>" id="ma_subject" required class="required frm_input" size="100"></td>
</tr>
<tr>
<th scope="row"><label for="ma_content">메일 내용<strong class="sound_only">필수</strong></label></th>
<td><?php echo editor_html("ma_content", get_text(html_purifier($ma['ma_content']), 0)); ?></td>
</tr>
</tbody>
</table>
</div>
<div class="btn_fixed_top ">
<input type="submit" class="btn_submit btn" accesskey="s" value="확인">
</div>
</form>
<script>
function fmailform_check(f)
{
errmsg = "";
errfld = "";
check_field(f.ma_subject, "제목을 입력하세요.");
//check_field(f.ma_content, "내용을 입력하세요.");
if (errmsg != "") {
alert(errmsg);
errfld.focus();
return false;
}
<?php echo get_editor_js("ma_content"); ?>
<?php echo chk_editor_js("ma_content"); ?>
return true;
}
document.fmailform.ma_subject.focus();
</script>
<?php
include_once('./admin.tail.php');
<?php
$sub_menu = "200300";
require_once './_common.php';
require_once G5_EDITOR_LIB;
auth_check_menu($auth, $sub_menu, 'r');
$html_title = '회원메일';
$ma_id = isset($_GET['ma_id']) ? (int) $_GET['ma_id'] : 0;
$ma = array('ma_id' => 0, 'ma_subject' => '', 'ma_content' => '');
if ($w == 'u') {
$html_title .= '수정';
$readonly = ' readonly';
$sql = " select * from {$g5['mail_table']} where ma_id = '{$ma_id}' ";
$ma = sql_fetch($sql);
if (!$ma['ma_id']) {
alert('등록된 자료가 없습니다.');
}
} else {
$html_title .= '입력';
}
$g5['title'] = $html_title;
require_once './admin.head.php';
?>
<div class="local_desc">
<p>메일 내용에 {이름} , {닉네임} , {회원아이디} , {이메일} 처럼 내용에 삽입하면 해당 내용에 맞게 변환하여 메일을 발송합니다.</p>
</div>
<form name="fmailform" id="fmailform" action="./mail_update.php" onsubmit="return fmailform_check(this);" method="post">
<input type="hidden" name="w" value="<?php echo $w ?>" id="w">
<input type="hidden" name="ma_id" value="<?php echo $ma['ma_id'] ?>" id="ma_id">
<input type="hidden" name="token" value="" id="token">
<div class="tbl_frm01 tbl_wrap">
<table>
<caption><?php echo $g5['title']; ?></caption>
<colgroup>
<col class="grid_4">
<col>
</colgroup>
<tbody>
<tr>
<th scope="row"><label for="ma_subject">메일 제목<strong class="sound_only">필수</strong></label></th>
<td><input type="text" name="ma_subject" value="<?php echo get_sanitize_input($ma['ma_subject']); ?>" id="ma_subject" required class="required frm_input" size="100"></td>
</tr>
<tr>
<th scope="row"><label for="ma_content">메일 내용<strong class="sound_only">필수</strong></label></th>
<td><?php echo editor_html("ma_content", get_text(html_purifier($ma['ma_content']), 0)); ?></td>
</tr>
</tbody>
</table>
</div>
<div class="btn_fixed_top ">
<input type="submit" class="btn_submit btn" accesskey="s" value="확인">
</div>
</form>
<script>
function fmailform_check(f) {
errmsg = "";
errfld = "";
check_field(f.ma_subject, "제목을 입력하세요.");
//check_field(f.ma_content, "내용을 입력하세요.");
if (errmsg != "") {
alert(errmsg);
errfld.focus();
return false;
}
<?php echo get_editor_js("ma_content"); ?>
<?php echo chk_editor_js("ma_content"); ?>
return true;
}
document.fmailform.ma_subject.focus();
</script>
<?php
require_once './admin.tail.php';

119
adm/mail_list.php
View File

@ -1,6 +1,6 @@
<?php
$sub_menu = '200300';
include_once('./_common.php');
require_once './_common.php';
auth_check_menu($auth, $sub_menu, 'r');
@ -17,7 +17,7 @@ $sql = " select * {$sql_common} order by ma_id desc ";
$result = sql_query($sql);
$g5['title'] = '회원메일발송';
include_once('./admin.head.php');
require_once './admin.head.php';
$colspan = 7;
?>
@ -32,73 +32,74 @@ $colspan = 7;
<form name="fmaillist" id="fmaillist" action="./mail_delete.php" method="post">
<div class="tbl_head01 tbl_wrap">
<table>
<caption><?php echo $g5['title']; ?> 목록</caption>
<thead>
<tr>
<th scope="col"><input type="checkbox" name="chkall" value="1" id="chkall" title="현재 페이지 목록 전체선택" onclick="check_all(this.form)"></th>
<th scope="col">번호</th>
<th scope="col">제목</th>
<th scope="col">작성일시</th>
<th scope="col">테스트</th>
<th scope="col">보내기</th>
<th scope="col">미리보기</th>
</tr>
</thead>
<tbody>
<?php
for ($i=0; $row=sql_fetch_array($result); $i++) {
$s_vie = '<a href="./mail_preview.php?ma_id='.$row['ma_id'].'" target="_blank" class="btn btn_03">미리보기</a>';
<div class="tbl_head01 tbl_wrap">
<table>
<caption><?php echo $g5['title']; ?> 목록</caption>
<thead>
<tr>
<th scope="col"><input type="checkbox" name="chkall" value="1" id="chkall" title="현재 페이지 목록 전체선택" onclick="check_all(this.form)"></th>
<th scope="col">번호</th>
<th scope="col">제목</th>
<th scope="col">작성일시</th>
<th scope="col">테스트</th>
<th scope="col">보내기</th>
<th scope="col">미리보기</th>
</tr>
</thead>
<tbody>
<?php
for ($i = 0; $row = sql_fetch_array($result); $i++) {
$s_vie = '<a href="./mail_preview.php?ma_id=' . $row['ma_id'] . '" target="_blank" class="btn btn_03">미리보기</a>';
$num = number_format($total_count - ($page - 1) * $config['cf_page_rows'] - $i);
$num = number_format($total_count - ($page - 1) * $config['cf_page_rows'] - $i);
$bg = 'bg'.($i%2);
?>
$bg = 'bg' . ($i % 2);
?>
<tr class="<?php echo $bg; ?>">
<td class="td_chk">
<label for="chk_<?php echo $i; ?>" class="sound_only"><?php echo $row['ma_subject']; ?> 메일</label>
<input type="checkbox" id="chk_<?php echo $i ?>" name="chk[]" value="<?php echo $row['ma_id'] ?>">
</td>
<td class="td_num_c"><?php echo $num ?></td>
<td class="td_left"><a href="./mail_form.php?w=u&amp;ma_id=<?php echo $row['ma_id'] ?>"><?php echo $row['ma_subject'] ?></a></td>
<td class="td_datetime"><?php echo $row['ma_time'] ?></td>
<td class="td_test"><a href="./mail_test.php?ma_id=<?php echo $row['ma_id'] ?>">테스트</a></td>
<td class="td_send"><a href="./mail_select_form.php?ma_id=<?php echo $row['ma_id'] ?>">보내기</a></td>
<td class="td_mng"><?php echo $s_vie ?></td>
</tr>
<tr class="<?php echo $bg; ?>">
<td class="td_chk">
<label for="chk_<?php echo $i; ?>" class="sound_only"><?php echo $row['ma_subject']; ?> 메일</label>
<input type="checkbox" id="chk_<?php echo $i ?>" name="chk[]" value="<?php echo $row['ma_id'] ?>">
</td>
<td class="td_num_c"><?php echo $num ?></td>
<td class="td_left"><a href="./mail_form.php?w=u&amp;ma_id=<?php echo $row['ma_id'] ?>"><?php echo $row['ma_subject'] ?></a></td>
<td class="td_datetime"><?php echo $row['ma_time'] ?></td>
<td class="td_test"><a href="./mail_test.php?ma_id=<?php echo $row['ma_id'] ?>">테스트</a></td>
<td class="td_send"><a href="./mail_select_form.php?ma_id=<?php echo $row['ma_id'] ?>">보내기</a></td>
<td class="td_mng"><?php echo $s_vie ?></td>
</tr>
<?php
}
if (!$i)
echo "<tr><td colspan=\"".$colspan."\" class=\"empty_table\">자료가 없습니다.</td></tr>";
?>
</tbody>
</table>
</div>
<div class="btn_fixed_top">
<input type="submit" value="선택삭제" class="btn btn_02">
<a href="./mail_form.php" id="mail_add" class="btn btn_01">메일내용추가</a>
</div>
<?php
}
if (!$i) {
echo "<tr><td colspan=\"" . $colspan . "\" class=\"empty_table\">자료가 없습니다.</td></tr>";
}
?>
</tbody>
</table>
</div>
<div class="btn_fixed_top">
<input type="submit" value="선택삭제" class="btn btn_02">
<a href="./mail_form.php" id="mail_add" class="btn btn_01">메일내용추가</a>
</div>
</form>
<script>
$(function() {
$('#fmaillist').submit(function() {
if(confirm("한번 삭제한 자료는 복구할 방법이 없습니다.\n\n정말 삭제하시겠습니까?")) {
if (!is_checked("chk[]")) {
alert("선택삭제 하실 항목을 하나 이상 선택하세요.");
$(function() {
$('#fmaillist').submit(function() {
if (confirm("한번 삭제한 자료는 복구할 방법이 없습니다.\n\n정말 삭제하시겠습니까?")) {
if (!is_checked("chk[]")) {
alert("선택삭제 하실 항목을 하나 이상 선택하세요.");
return false;
}
return true;
} else {
return false;
}
return true;
} else {
return false;
}
});
});
});
</script>
<?php
include_once ('./admin.tail.php');
require_once './admin.tail.php';

28
adm/mail_preview.php
View File

@ -1,7 +1,7 @@
<?php
$sub_menu = "200300";
include_once('./_common.php');
include_once(G5_LIB_PATH.'/mailer.lib.php');
require_once './_common.php';
require_once G5_LIB_PATH . '/mailer.lib.php';
auth_check_menu($auth, $sub_menu, 'r');
@ -10,27 +10,23 @@ $ma_id = isset($_REQUEST['ma_id']) ? (int) $_REQUEST['ma_id'] : 0;
$se = sql_fetch("select ma_subject, ma_content from {$g5['mail_table']} where ma_id = '{$ma_id}' ");
$subject = $se['ma_subject'];
$content = conv_content($se['ma_content'], 1) . "<hr size=0><p><span style='font-size:9pt; font-family:굴림'>▶ 더 이상 정보 수신을 원치 않으시면 [<a href='".G5_BBS_URL."/email_stop.php?mb_id=***&amp;mb_md5=***' target='_blank'>수신거부</a>] 해 주십시오.</span></p>";
$content = conv_content($se['ma_content'], 1) . "<hr size=0><p><span style='font-size:9pt; font-family:굴림'>▶ 더 이상 정보 수신을 원치 않으시면 [<a href='" . G5_BBS_URL . "/email_stop.php?mb_id=***&amp;mb_md5=***' target='_blank'>수신거부</a>] 해 주십시오.</span></p>";
?>
<!doctype html>
<html lang="ko">
<head>
<meta charset="utf-8">
<title><?php echo G5_VERSION ?> 메일발송 테스트</title>
<meta charset="utf-8">
<title><?php echo G5_VERSION ?> 메일발송 테스트</title>
</head>
<body>
<h1><?php echo $subject; ?></h1>
<p>
<?php echo $content; ?>
</p>
<p>
<strong>주의!</strong> 이 화면에 보여지는 디자인은 실제 내용이 발송되었을 때 디자인과 다를 수 있습니다.
</p>
<h1><?php echo $subject; ?></h1>
<p><?php echo $content; ?></p>
<p>
<strong>주의!</strong> 이 화면에 보여지는 디자인은 실제 내용이 발송되었을 때 디자인과 다를 수 있습니다.
</p>
</body>
</html>

266
adm/mail_select_form.php
View File

@ -1,127 +1,139 @@
<?php
$sub_menu = "200300";
include_once('./_common.php');
if (!$config['cf_email_use'])
alert('환경설정에서 \'메일발송 사용\'에 체크하셔야 메일을 발송할 수 있습니다.');
auth_check_menu($auth, $sub_menu, 'r');
$ma_id = isset($_GET['ma_id']) ? (int) $_GET['ma_id'] : 0;
$sql = " select * from {$g5['mail_table']} where ma_id = '$ma_id' ";
$ma = sql_fetch($sql);
if (!$ma['ma_id'])
alert('보내실 내용을 선택하여 주십시오.');
// 전체회원수
$sql = " select COUNT(*) as cnt from {$g5['member_table']} ";
$row = sql_fetch($sql);
$tot_cnt = $row['cnt'];
// 탈퇴대기회원수
$sql = " select COUNT(*) as cnt from {$g5['member_table']} where mb_leave_date <> '' ";
$row = sql_fetch($sql);
$finish_cnt = $row['cnt'];
$last_option = explode('||', $ma['ma_last_option']);
for ($i=0; $i<count($last_option); $i++) {
$option = explode('=', $last_option[$i]);
// 동적변수
$var = isset($option[0]) ? $option[0] : '';
if( isset($option[1]) ) $$var = $option[1];
}
if (!isset($mb_id1)) $mb_id1 = 1;
if (!isset($mb_level_from)) $mb_level_from = 1;
if (!isset($mb_level_to)) $mb_level_to = 10;
if (!isset($mb_mailling)) $mb_mailling = 1;
$mb_id1_from = isset($mb_id1_from) ? clean_xss_tags($mb_id1_from, 1, 1, 30) : '';
$mb_id1_to = isset($mb_id1_to) ? clean_xss_tags($mb_id1_to, 1, 1, 30) : '';
$mb_email = isset($mb_email) ? clean_xss_tags($mb_email, 1, 1, 100) : '';
$g5['title'] = '회원메일발송';
include_once('./admin.head.php');
?>
<div class="local_ov01 local_ov">
전체회원 <?php echo number_format($tot_cnt) ?>명 , 탈퇴대기회원 <?php echo number_format($finish_cnt) ?>명, 정상회원 <?php echo number_format($tot_cnt - $finish_cnt) ?>명 중 메일 발송 대상 선택
</div>
<form name="frmsendmailselectform" id="frmsendmailselectform" action="./mail_select_list.php" method="post" autocomplete="off">
<input type="hidden" name="ma_id" value="<?php echo $ma_id ?>">
<div class="tbl_frm01 tbl_wrap">
<table>
<caption><?php echo $g5['title']; ?> 대상선택</caption>
<tbody>
<tr>
<th scope="row">회원 ID</th>
<td>
<input type="radio" name="mb_id1" value="1" id="mb_id1_all" <?php echo $mb_id1?"checked":""; ?>> <label for="mb_id1_all">전체</label>
<input type="radio" name="mb_id1" value="0" id="mb_id1_section" <?php echo !$mb_id1?"checked":""; ?>> <label for="mb_id1_section">구간</label>
<input type="text" name="mb_id1_from" value="<?php echo get_sanitize_input($mb_id1_from); ?>" id="mb_id1_from" title="시작구간" class="frm_input"> 에서
<input type="text" name="mb_id1_to" value="<?php echo get_sanitize_input($mb_id1_to); ?>" id="mb_id1_to" title="종료구간" class="frm_input"> 까지
</td>
</tr>
<tr>
<th scope="row"><label for="mb_email">E-mail</label></th>
<td>
<?php echo help("메일 주소에 단어 포함 (예 : @".preg_replace('#^(www[^\.]*\.){1}#', '', $_SERVER['HTTP_HOST']).")") ?>
<input type="text" name="mb_email" value="<?php echo get_sanitize_input($mb_email); ?>" id="mb_email" class="frm_input" size="50">
</td>
</tr>
<tr>
<th scope="row"><label for="mb_mailling">메일링</label></th>
<td>
<select name="mb_mailling" id="mb_mailling">
<option value="1">수신동의한 회원만
<option value="">전체
</select>
</td>
</tr>
<tr>
<th scope="row">권한</th>
<td>
<label for="mb_level_from" class="sound_only">최소권한</label>
<select name="mb_level_from" id="mb_level_from">
<?php for ($i=1; $i<=10; $i++) { ?>
<option value="<?php echo $i ?>"><?php echo $i ?></option>
<?php } ?>
</select> 에서
<label for="mb_level_to" class="sound_only">최대권한</label>
<select name="mb_level_to" id="mb_level_to">
<?php for ($i=1; $i<=10; $i++) { ?>
<option value="<?php echo $i ?>"<?php echo $i==10 ? " selected" : ""; ?>><?php echo $i ?></option>
<?php } ?>
</select> 까지
</td>
</tr>
<tr>
<th scope="row"><label for="gr_id">게시판그룹회원</label></th>
<td>
<select name="gr_id" id="gr_id">
<option value=''>전체</option>
<?php
$sql = " select gr_id, gr_subject from {$g5['group_table']} order by gr_subject ";
$result = sql_query($sql);
for ($i=0; $row=sql_fetch_array($result); $i++) {
echo '<option value="'.$row['gr_id'].'">'.$row['gr_subject'].'</option>';
}
?>
</select>
</td>
</tr>
</tbody>
</table>
</div>
<div class="btn_confirm01 btn_confirm">
<input type="submit" value="확인" class="btn_submit">
<a href="./mail_list.php">목록 </a>
</div>
</form>
<?php
include_once('./admin.tail.php');
<?php
$sub_menu = "200300";
require_once './_common.php';
if (!$config['cf_email_use']) {
alert('환경설정에서 \'메일발송 사용\'에 체크하셔야 메일을 발송할 수 있습니다.');
}
auth_check_menu($auth, $sub_menu, 'r');
$ma_id = isset($_GET['ma_id']) ? (int) $_GET['ma_id'] : 0;
$sql = " select * from {$g5['mail_table']} where ma_id = '$ma_id' ";
$ma = sql_fetch($sql);
if (!$ma['ma_id']) {
alert('보내실 내용을 선택하여 주십시오.');
}
// 전체회원수
$sql = " select COUNT(*) as cnt from {$g5['member_table']} ";
$row = sql_fetch($sql);
$tot_cnt = $row['cnt'];
// 탈퇴대기회원수
$sql = " select COUNT(*) as cnt from {$g5['member_table']} where mb_leave_date <> '' ";
$row = sql_fetch($sql);
$finish_cnt = $row['cnt'];
$last_option = explode('||', $ma['ma_last_option']);
for ($i = 0; $i < count($last_option); $i++) {
$option = explode('=', $last_option[$i]);
// 동적변수
$var = isset($option[0]) ? $option[0] : '';
if (isset($option[1])) {
$$var = $option[1];
}
}
if (!isset($mb_id1)) {
$mb_id1 = 1;
}
if (!isset($mb_level_from)) {
$mb_level_from = 1;
}
if (!isset($mb_level_to)) {
$mb_level_to = 10;
}
if (!isset($mb_mailling)) {
$mb_mailling = 1;
}
$mb_id1_from = isset($mb_id1_from) ? clean_xss_tags($mb_id1_from, 1, 1, 30) : '';
$mb_id1_to = isset($mb_id1_to) ? clean_xss_tags($mb_id1_to, 1, 1, 30) : '';
$mb_email = isset($mb_email) ? clean_xss_tags($mb_email, 1, 1, 100) : '';
$g5['title'] = '회원메일발송';
require_once './admin.head.php';
?>
<div class="local_ov01 local_ov">
전체회원 <?php echo number_format($tot_cnt) ?>명 , 탈퇴대기회원 <?php echo number_format($finish_cnt) ?>명, 정상회원 <?php echo number_format($tot_cnt - $finish_cnt) ?>명 중 메일 발송 대상 선택
</div>
<form name="frmsendmailselectform" id="frmsendmailselectform" action="./mail_select_list.php" method="post" autocomplete="off">
<input type="hidden" name="ma_id" value="<?php echo $ma_id ?>">
<div class="tbl_frm01 tbl_wrap">
<table>
<caption><?php echo $g5['title']; ?> 대상선택</caption>
<tbody>
<tr>
<th scope="row">회원 ID</th>
<td>
<input type="radio" name="mb_id1" value="1" id="mb_id1_all" <?php echo $mb_id1 ? "checked" : ""; ?>> <label for="mb_id1_all">전체</label>
<input type="radio" name="mb_id1" value="0" id="mb_id1_section" <?php echo !$mb_id1 ? "checked" : ""; ?>> <label for="mb_id1_section">구간</label>
<input type="text" name="mb_id1_from" value="<?php echo get_sanitize_input($mb_id1_from); ?>" id="mb_id1_from" title="시작구간" class="frm_input"> 에서
<input type="text" name="mb_id1_to" value="<?php echo get_sanitize_input($mb_id1_to); ?>" id="mb_id1_to" title="종료구간" class="frm_input"> 까지
</td>
</tr>
<tr>
<th scope="row"><label for="mb_email">E-mail</label></th>
<td>
<?php echo help("메일 주소에 단어 포함 (예 : @" . preg_replace('#^(www[^\.]*\.){1}#', '', $_SERVER['HTTP_HOST']) . ")") ?>
<input type="text" name="mb_email" value="<?php echo get_sanitize_input($mb_email); ?>" id="mb_email" class="frm_input" size="50">
</td>
</tr>
<tr>
<th scope="row"><label for="mb_mailling">메일링</label></th>
<td>
<select name="mb_mailling" id="mb_mailling">
<option value="1">수신동의한 회원만
<option value="">전체
</select>
</td>
</tr>
<tr>
<th scope="row">권한</th>
<td>
<label for="mb_level_from" class="sound_only">최소권한</label>
<select name="mb_level_from" id="mb_level_from">
<?php for ($i = 1; $i <= 10; $i++) { ?>
<option value="<?php echo $i ?>"><?php echo $i ?></option>
<?php } ?>
</select> 에서
<label for="mb_level_to" class="sound_only">최대권한</label>
<select name="mb_level_to" id="mb_level_to">
<?php for ($i = 1; $i <= 10; $i++) { ?>
<option value="<?php echo $i ?>" <?php echo $i == 10 ? " selected" : ""; ?>><?php echo $i ?></option>
<?php } ?>
</select> 까지
</td>
</tr>
<tr>
<th scope="row"><label for="gr_id">게시판그룹회원</label></th>
<td>
<select name="gr_id" id="gr_id">
<option value=''>전체</option>
<?php
$sql = " select gr_id, gr_subject from {$g5['group_table']} order by gr_subject ";
$result = sql_query($sql);
for ($i = 0; $row = sql_fetch_array($result); $i++) {
echo '<option value="' . $row['gr_id'] . '">' . $row['gr_subject'] . '</option>';
}
?>
</select>
</td>
</tr>
</tbody>
</table>
</div>
<div class="btn_confirm01 btn_confirm">
<input type="submit" value="확인" class="btn_submit">
<a href="./mail_list.php">목록 </a>
</div>
</form>
<?php
require_once './admin.tail.php';

119
adm/mail_select_list.php
View File

@ -1,25 +1,38 @@
<?php
$sub_menu = "200300";
include_once('./_common.php');
require_once './_common.php';
auth_check_menu($auth, $sub_menu, 'r');
$ma_id = isset($_REQUEST['ma_id']) ? (int) $_REQUEST['ma_id'] : 0;
$ma_last_option = "";
$sql_common = " from {$g5['member_table']} ";
$sql_where = " where (1) ";
$mb_id1 = isset($_POST['mb_id1']) ? (int) $_POST['mb_id1'] : 1;
$mb_id1_from = isset($_POST['mb_id1_from']) ? clean_xss_tags($_POST['mb_id1_from'], 1, 1, 30) : '';
$mb_id1_to = isset($_POST['mb_id1_to']) ? clean_xss_tags($_POST['mb_id1_to'], 1, 1, 30) : '';
$mb_email = isset($_POST['mb_email']) ? clean_xss_tags($_POST['mb_email'], 1, 1, 100) : '';
$mb_mailling = isset($_POST['mb_mailling']) ? clean_xss_tags($_POST['mb_mailling'], 1, 1, 100) : '';
$mb_level_from = isset($_POST['mb_level_from'])? (int) $_POST['mb_level_from'] : 1;
$mb_level_to = isset($_POST['mb_level_to']) ? (int) $_POST['mb_level_to'] : 10;
// 회원ID ..에서 ..까지
if ($mb_id1 != 1)
if ($mb_id1 != 1) {
$sql_where .= " and mb_id between '{$mb_id1_from}' and '{$mb_id1_to}' ";
}
// E-mail에 특정 단어 포함
if ($mb_email != "")
if ($mb_email != "") {
$sql_where .= " and mb_email like '%{$mb_email}%' ";
}
// 메일링
if ($mb_mailling != "")
if ($mb_mailling != "") {
$sql_where .= " and mb_mailling = '{$mb_mailling}' ";
}
// 권한
$sql_where .= " and mb_level between '{$mb_level_from}' and '{$mb_level_to}' ";
@ -30,13 +43,14 @@ if ($gr_id) {
$comma = "";
$sql2 = " select mb_id from {$g5['group_member_table']} where gr_id = '{$gr_id}' order by mb_id ";
$result2 = sql_query($sql2);
for ($k=0; $row2=sql_fetch_array($result2); $k++) {
for ($k = 0; $row2 = sql_fetch_array($result2); $k++) {
$group_member .= "{$comma}'{$row2['mb_id']}'";
$comma = ",";
}
if (!$group_member)
if (!$group_member) {
alert('선택하신 게시판 그룹회원이 한명도 없습니다.');
}
$sql_where .= " and mb_id in ($group_member) ";
}
@ -47,8 +61,9 @@ $sql_where .= " and mb_leave_date = '' and mb_intercept_date = '' ";
$sql = " select COUNT(*) as cnt {$sql_common} {$sql_where} ";
$row = sql_fetch($sql);
$cnt = $row['cnt'];
if ($cnt == 0)
if ($cnt == 0) {
alert('선택하신 내용으로는 해당되는 회원자료가 없습니다.');
}
// 마지막 옵션을 저장합니다.
$ma_last_option .= "mb_id1={$mb_id1}";
@ -63,58 +78,58 @@ $ma_last_option .= "||gr_id={$gr_id}";
sql_query(" update {$g5['mail_table']} set ma_last_option = '{$ma_last_option}' where ma_id = '{$ma_id}' ");
$g5['title'] = "메일발송 대상 회원";
include_once('./admin.head.php');
require_once './admin.head.php';
?>
<form name="fmailselectlist" id="fmailselectlist" method="post" action="./mail_select_update.php">
<input type="hidden" name="token" value="">
<input type="hidden" name="ma_id" value="<?php echo $ma_id ?>">
<input type="hidden" name="token" value="">
<input type="hidden" name="ma_id" value="<?php echo get_text($ma_id); ?>">
<div class="tbl_head01 tbl_wrap">
<table>
<caption><?php echo $g5['title']; ?> 목록</caption>
<thead>
<tr>
<th scope="col">번호</th>
<th scope="col">회원아이디</th>
<th scope="col">이름</th>
<th scope="col">닉네임</th>
<th scope="col">E-mail</th>
</tr>
</thead>
<tbody>
<?php
$sql = " select mb_id, mb_name, mb_nick, mb_email, mb_datetime $sql_common $sql_where order by mb_id ";
$result = sql_query($sql);
$i=0;
$ma_list = "";
$cr = "";
while ($row=sql_fetch_array($result)) {
$i++;
$ma_list .= $cr . $row['mb_email'] . "||" . $row['mb_id'] . "||" . get_text($row['mb_name']) . "||" . $row['mb_nick'] . "||" . $row['mb_datetime'];
$cr = "\n";
<div class="tbl_head01 tbl_wrap">
<table>
<caption><?php echo $g5['title']; ?> 목록</caption>
<thead>
<tr>
<th scope="col">번호</th>
<th scope="col">회원아이디</th>
<th scope="col">이름</th>
<th scope="col">닉네임</th>
<th scope="col">E-mail</th>
</tr>
</thead>
<tbody>
<?php
$sql = " select mb_id, mb_name, mb_nick, mb_email, mb_datetime $sql_common $sql_where order by mb_id ";
$result = sql_query($sql);
$i = 0;
$ma_list = "";
$cr = "";
while ($row = sql_fetch_array($result)) {
$i++;
$ma_list .= $cr . $row['mb_email'] . "||" . $row['mb_id'] . "||" . get_text($row['mb_name']) . "||" . $row['mb_nick'] . "||" . $row['mb_datetime'];
$cr = "\n";
$bg = 'bg'.($i%2);
?>
<tr class="<?php echo $bg; ?>">
<td class="td_num"><?php echo $i ?></td>
<td class="td_mbid"><?php echo $row['mb_id'] ?></td>
<td class="td_mbname"><?php echo get_text($row['mb_name']); ?></td>
<td class="td_mbname"><?php echo $row['mb_nick'] ?></td>
<td><?php echo $row['mb_email'] ?></td>
</tr>
<?php } ?>
</tbody>
</table>
<textarea name="ma_list" style="display:none"><?php echo $ma_list?></textarea>
</div>
$bg = 'bg' . ($i % 2);
?>
<tr class="<?php echo $bg; ?>">
<td class="td_num"><?php echo $i ?></td>
<td class="td_mbid"><?php echo $row['mb_id'] ?></td>
<td class="td_mbname"><?php echo get_text($row['mb_name']); ?></td>
<td class="td_mbname"><?php echo $row['mb_nick'] ?></td>
<td><?php echo $row['mb_email'] ?></td>
</tr>
<?php } ?>
</tbody>
</table>
<textarea name="ma_list" style="display:none"><?php echo $ma_list ?></textarea>
</div>
<div class="btn_confirm01 btn_confirm">
<input type="submit" value="메일보내기" class="btn_submit">
<a href="./mail_select_form.php?ma_id=<?php echo $ma_id ?>">뒤로</a>
</div>
<div class="btn_confirm01 btn_confirm">
<input type="submit" value="메일보내기" class="btn_submit">
<a href="./mail_select_form.php?ma_id=<?php echo $ma_id ?>">뒤로</a>
</div>
</form>
<?php
include_once('./admin.tail.php');
require_once './admin.tail.php';

37
adm/mail_select_update.php
View File

@ -1,6 +1,6 @@
<?php
$sub_menu = "200300";
include_once('./_common.php');
require_once './_common.php';
auth_check_menu($auth, $sub_menu, 'w');
@ -10,8 +10,8 @@ check_demo();
check_admin_token();
include_once('./admin.head.php');
include_once(G5_LIB_PATH.'/mailer.lib.php');
require_once './admin.head.php';
require_once G5_LIB_PATH . '/mailer.lib.php';
$countgap = 10; // 몇건씩 보낼지 설정
$maxscreen = 500; // 몇건씩 화면에 보여줄건지?
@ -25,7 +25,7 @@ echo "</span>";
<span id="cont"></span>
<?php
include_once('./admin.tail.php');
require_once './admin.tail.php';
flush();
ob_flush();
@ -43,25 +43,23 @@ $ma = sql_fetch($sql);
$subject = $ma['ma_subject'];
$cnt = 0;
for ($i=0; $i<count($member_list); $i++)
{
for ($i = 0; $i < count($member_list); $i++) {
list($to_email, $mb_id, $name, $nick, $datetime) = explode("||", trim($member_list[$i]));
$sw = preg_match("/[0-9a-zA-Z_]+(\.[0-9a-zA-Z_]+)*@[0-9a-zA-Z_]+(\.[0-9a-zA-Z_]+)*/", $to_email);
// 올바른 메일 주소만
if ($sw == true)
{
if ($sw == true) {
$cnt++;
$mb_md5 = md5($mb_id.$to_email.$datetime);
$mb_md5 = md5($mb_id . $to_email . $datetime);
$content = $ma['ma_content'];
$content = preg_replace("/{이름}/", $name, $content);
$content = preg_replace("/{닉네임}/", $nick, $content);
$content = preg_replace("/{회원아이디}/", $mb_id, $content);
$content = preg_replace("/{이메일}/", $to_email, $content);
$content = preg_replace("/{이름}/", $name, (string)$content);
$content = preg_replace("/{닉네임}/", $nick, (string)$content);
$content = preg_replace("/{회원아이디}/", $mb_id, (string)$content);
$content = preg_replace("/{이메일}/", $to_email, (string)$content);
$content = $content . "<hr size=0><p><span style='font-size:9pt; font-family:굴림'>▶ 더 이상 정보 수신을 원치 않으시면 [<a href='".G5_BBS_URL."/email_stop.php?mb_id={$mb_id}&amp;mb_md5={$mb_md5}' target='_blank'>수신거부</a>] 해 주십시오.</span></p>";
$content = $content . "<hr size=0><p><span style='font-size:9pt; font-family:굴림'>▶ 더 이상 정보 수신을 원치 않으시면 [<a href='" . G5_BBS_URL . "/email_stop.php?mb_id={$mb_id}&amp;mb_md5={$mb_md5}' target='_blank'>수신거부</a>] 해 주십시오.</span></p>";
mailer($config['cf_admin_email_name'], $config['cf_admin_email'], $to_email, $subject, $content, 1);
@ -71,15 +69,18 @@ for ($i=0; $i<count($member_list); $i++)
ob_flush();
ob_end_flush();
usleep($sleepsec);
if ($cnt % $countgap == 0)
{
if ($cnt % $countgap == 0) {
echo "<script> document.all.cont.innerHTML += '<br>'; document.body.scrollTop += 1000; </script>\n";
}
// 화면을 지운다... 부하를 줄임
if ($cnt % $maxscreen == 0)
if ($cnt % $maxscreen == 0) {
echo "<script> document.all.cont.innerHTML = ''; document.body.scrollTop += 1000; </script>\n";
}
}
}
?>
<script> document.all.cont.innerHTML += "<br><br>총 <?php echo number_format($cnt) ?>건 발송<br><br><font color=crimson><b>[끝]</b></font>"; document.body.scrollTop += 1000; </script>
<script>
document.all.cont.innerHTML += "<br><br>총 <?php echo number_format($cnt) ?>건 발송<br><br><font color=crimson><b>[끝]</b></font>";
document.body.scrollTop += 1000;
</script>

21
adm/mail_test.php
View File

@ -1,11 +1,12 @@
<?php
$sub_menu = "200300";
include_once('./_common.php');
require_once './_common.php';
if (!$config['cf_email_use'])
if (!$config['cf_email_use']) {
alert('환경설정에서 \'메일발송 사용\'에 체크하셔야 메일을 발송할 수 있습니다.');
}
include_once(G5_LIB_PATH.'/mailer.lib.php');
require_once G5_LIB_PATH . '/mailer.lib.php';
auth_check_menu($auth, $sub_menu, 'w');
@ -25,15 +26,15 @@ $ma = sql_fetch($sql);
$subject = $ma['ma_subject'];
$content = $ma['ma_content'];
$content = preg_replace("/{이름}/", $name, $content);
$content = preg_replace("/{닉네임}/", $nick, $content);
$content = preg_replace("/{회원아이디}/", $mb_id, $content);
$content = preg_replace("/{이메일}/", $email, $content);
$content = preg_replace("/{이름}/", $name, (string)$content);
$content = preg_replace("/{닉네임}/", $nick, (string)$content);
$content = preg_replace("/{회원아이디}/", $mb_id, (string)$content);
$content = preg_replace("/{이메일}/", $email, (string)$content);
$mb_md5 = md5($member['mb_id'].$member['mb_email'].$member['mb_datetime']);
$mb_md5 = md5($member['mb_id'] . $member['mb_email'] . $member['mb_datetime']);
$content = $content . '<p>더 이상 정보 수신을 원치 않으시면 [<a href="'.G5_BBS_URL.'/email_stop.php?mb_id='.$mb_id.'&amp;mb_md5='.$mb_md5.'" target="_blank">수신거부</a>] 해 주십시오.</p>';
$content = $content . '<p>더 이상 정보 수신을 원치 않으시면 [<a href="' . G5_BBS_URL . '/email_stop.php?mb_id=' . $mb_id . '&amp;mb_md5=' . $mb_md5 . '" target="_blank">수신거부</a>] 해 주십시오.</p>';
mailer($config['cf_title'], $member['mb_email'], $member['mb_email'], $subject, $content, 1);
alert($member['mb_nick'].'('.$member['mb_email'].')님께 테스트 메일을 발송하였습니다. 확인하여 주십시오.');
alert($member['mb_nick'] . '(' . $member['mb_email'] . ')님께 테스트 메일을 발송하였습니다. 확인하여 주십시오.');

24
adm/mail_update.php
View File

@ -1,9 +1,10 @@
<?php
$sub_menu = "200300";
include_once('./_common.php');
require_once './_common.php';
if ($w == 'u' || $w == 'd')
if ($w == 'u' || $w == 'd') {
check_demo();
}
auth_check_menu($auth, $sub_menu, 'w');
@ -13,29 +14,24 @@ $ma_id = isset($_POST['ma_id']) ? (int) $_POST['ma_id'] : 0;
$ma_subject = isset($_POST['ma_subject']) ? strip_tags(clean_xss_attributes($_POST['ma_subject'])) : '';
$ma_content = isset($_POST['ma_content']) ? $_POST['ma_content'] : '';
if ($w == '')
{
if ($w == '') {
$sql = " insert {$g5['mail_table']}
set ma_subject = '{$ma_subject}',
ma_content = '{$ma_content}',
ma_time = '".G5_TIME_YMDHIS."',
ma_time = '" . G5_TIME_YMDHIS . "',
ma_ip = '{$_SERVER['REMOTE_ADDR']}' ";
sql_query($sql);
}
else if ($w == 'u')
{
} elseif ($w == 'u') {
$sql = " update {$g5['mail_table']}
set ma_subject = '{$ma_subject}',
ma_content = '{$ma_content}',
ma_time = '".G5_TIME_YMDHIS."',
ma_time = '" . G5_TIME_YMDHIS . "',
ma_ip = '{$_SERVER['REMOTE_ADDR']}'
where ma_id = '{$ma_id}' ";
sql_query($sql);
}
else if ($w == 'd')
{
$sql = " delete from {$g5['mail_table']} where ma_id = '{$ma_id}' ";
} elseif ($w == 'd') {
$sql = " delete from {$g5['mail_table']} where ma_id = '{$ma_id}' ";
sql_query($sql);
}
goto_url('./mail_list.php');
goto_url('./mail_list.php');

20
adm/member_delete.php
View File

@ -1,6 +1,6 @@
<?php
$sub_menu = "200100";
include_once("./_common.php");
require_once "./_common.php";
check_demo();
@ -8,21 +8,23 @@ auth_check_menu($auth, $sub_menu, "d");
$mb = isset($_POST['mb_id']) ? get_member($_POST['mb_id']) : array();
if (! (isset($mb['mb_id']) && $mb['mb_id']))
if (!(isset($mb['mb_id']) && $mb['mb_id'])) {
alert("회원자료가 존재하지 않습니다.");
else if ($member['mb_id'] == $mb['mb_id'])
} elseif ($member['mb_id'] == $mb['mb_id']) {
alert("로그인 중인 관리자는 삭제 할 수 없습니다.");
else if (is_admin($mb['mb_id']) == "super")
} elseif (is_admin($mb['mb_id']) == "super") {
alert("최고 관리자는 삭제할 수 없습니다.");
else if ($mb['mb_level'] >= $member['mb_level'])
} elseif ($mb['mb_level'] >= $member['mb_level']) {
alert("자신보다 권한이 높거나 같은 회원은 삭제할 수 없습니다.");
}
check_admin_token();
// 회원자료 삭제
member_delete($mb['mb_id']);
if ($url)
goto_url("{$url}?$qstr&amp;w=u&amp;mb_id=$mb_id");
else
goto_url("./member_list.php?$qstr");
if (isset($url)) {
goto_url("{$url}?$qstr&amp;w=u&amp;mb_id=" . $mb['mb_id']);
} else {
goto_url("./member_list.php?$qstr");
}

872
adm/member_form.php
View File

@ -1,50 +1,51 @@
<?php
$sub_menu = "200100";
include_once('./_common.php');
require_once './_common.php';
auth_check_menu($auth, $sub_menu, 'w');
$mb = array(
'mb_certify' => null,
'mb_adult' => null,
'mb_sms' => null,
'mb_intercept_date' => null,
'mb_id' => null,
'mb_name' => null,
'mb_nick' => null,
'mb_point' => null,
'mb_email' => null,
'mb_homepage' => null,
'mb_hp' => null,
'mb_tel' => null,
'mb_zip1' => null,
'mb_zip2' => null,
'mb_addr1' => null,
'mb_addr2' => null,
'mb_addr3' => null,
'mb_addr_jibeon' => null,
'mb_signature' => null,
'mb_profile' => null,
'mb_memo' => null,
'mb_leave_date' => null,
'mb_1' => null,
'mb_2' => null,
'mb_3' => null,
'mb_4' => null,
'mb_5' => null,
'mb_6' => null,
'mb_7' => null,
'mb_8' => null,
'mb_9' => null,
'mb_10' => null,
'mb_certify' => null,
'mb_adult' => null,
'mb_sms' => null,
'mb_intercept_date' => null,
'mb_id' => null,
'mb_name' => null,
'mb_nick' => null,
'mb_point' => null,
'mb_email' => null,
'mb_homepage' => null,
'mb_hp' => null,
'mb_tel' => null,
'mb_zip1' => null,
'mb_zip2' => null,
'mb_addr1' => null,
'mb_addr2' => null,
'mb_addr3' => null,
'mb_addr_jibeon' => null,
'mb_signature' => null,
'mb_profile' => null,
'mb_memo' => null,
'mb_leave_date' => null,
'mb_1' => null,
'mb_2' => null,
'mb_3' => null,
'mb_4' => null,
'mb_5' => null,
'mb_6' => null,
'mb_7' => null,
'mb_8' => null,
'mb_9' => null,
'mb_10' => null,
);
$sound_only = '';
$required_mb_id = '';
$required_mb_id_class = '';
$required_mb_password = '';
$html_title = '';
if ($w == '')
{
if ($w == '') {
$required_mb_id = 'required';
$required_mb_id_class = 'required alnum_';
$required_mb_password = 'required';
@ -54,15 +55,15 @@ if ($w == '')
$mb['mb_open'] = 1;
$mb['mb_level'] = $config['cf_register_level'];
$html_title = '추가';
}
else if ($w == 'u')
{
} elseif ($w == 'u') {
$mb = get_member($mb_id);
if (!$mb['mb_id'])
if (!$mb['mb_id']) {
alert('존재하지 않는 회원자료입니다.');
}
if ($is_admin != 'super' && $mb['mb_level'] >= $member['mb_level'])
if ($is_admin != 'super' && $mb['mb_level'] >= $member['mb_level']) {
alert('자신보다 권한이 높거나 같은 회원은 수정할 수 없습니다.');
}
$required_mb_id = 'readonly';
$html_title = '수정';
@ -90,12 +91,12 @@ else if ($w == 'u')
$mb['mb_8'] = get_text($mb['mb_8']);
$mb['mb_9'] = get_text($mb['mb_9']);
$mb['mb_10'] = get_text($mb['mb_10']);
}
else
} else {
alert('제대로 된 값이 넘어오지 않았습니다.');
}
// 본인확인방법
switch($mb['mb_certify']) {
switch ($mb['mb_certify']) {
case 'simple':
$mb_certify_case = '간편인증';
$mb_certify_val = 'simple';
@ -147,39 +148,40 @@ if (isset($mb['mb_certify'])) {
sql_query(" ALTER TABLE `{$g5['member_table']}` ADD `mb_certify` TINYINT(4) NOT NULL DEFAULT '0' AFTER `mb_hp` ", false);
}
if(isset($mb['mb_adult'])) {
if (isset($mb['mb_adult'])) {
sql_query(" ALTER TABLE `{$g5['member_table']}` CHANGE `mb_adult` `mb_adult` TINYINT(4) NOT NULL DEFAULT '0' ", false);
} else {
sql_query(" ALTER TABLE `{$g5['member_table']}` ADD `mb_adult` TINYINT NOT NULL DEFAULT '0' AFTER `mb_certify` ", false);
}
// 지번주소 필드추가
if(!isset($mb['mb_addr_jibeon'])) {
if (!isset($mb['mb_addr_jibeon'])) {
sql_query(" ALTER TABLE {$g5['member_table']} ADD `mb_addr_jibeon` varchar(255) NOT NULL DEFAULT '' AFTER `mb_addr2` ", false);
}
// 건물명필드추가
if(!isset($mb['mb_addr3'])) {
if (!isset($mb['mb_addr3'])) {
sql_query(" ALTER TABLE {$g5['member_table']} ADD `mb_addr3` varchar(255) NOT NULL DEFAULT '' AFTER `mb_addr2` ", false);
}
// 중복가입 확인필드 추가
if(!isset($mb['mb_dupinfo'])) {
if (!isset($mb['mb_dupinfo'])) {
sql_query(" ALTER TABLE {$g5['member_table']} ADD `mb_dupinfo` varchar(255) NOT NULL DEFAULT '' AFTER `mb_adult` ", false);
}
// 이메일인증 체크 필드추가
if(!isset($mb['mb_email_certify2'])) {
if (!isset($mb['mb_email_certify2'])) {
sql_query(" ALTER TABLE {$g5['member_table']} ADD `mb_email_certify2` varchar(255) NOT NULL DEFAULT '' AFTER `mb_email_certify` ", false);
}
// 본인인증 내역 테이블 정보가 dbconfig에 없으면 소셜 테이블 정의
if( !isset($g5['member_cert_history']) ){
$g5['member_cert_history_table'] = G5_TABLE_PREFIX.'member_cert_history';
if (!isset($g5['member_cert_history'])) {
$g5['member_cert_history_table'] = G5_TABLE_PREFIX . 'member_cert_history';
}
// 멤버 본인인증 정보 변경 내역 테이블 없을 경우 생성
if(isset($g5['member_cert_history_table']) && !sql_query(" DESC {$g5['member_cert_history_table']} ", false)) {
sql_query(" CREATE TABLE IF NOT EXISTS `{$g5['member_cert_history_table']}` (
if (isset($g5['member_cert_history_table']) && !sql_query(" DESC {$g5['member_cert_history_table']} ", false)) {
sql_query(
" CREATE TABLE IF NOT EXISTS `{$g5['member_cert_history_table']}` (
`ch_id` int(11) NOT NULL auto_increment,
`mb_id` varchar(20) NOT NULL DEFAULT '',
`ch_name` varchar(255) NOT NULL DEFAULT '',
@ -189,7 +191,9 @@ if(isset($g5['member_cert_history_table']) && !sql_query(" DESC {$g5['member_cer
`ch_datetime` datetime NOT NULL default '0000-00-00 00:00:00',
PRIMARY KEY (`ch_id`),
KEY `mb_id` (`mb_id`)
) ", true);
) ",
true
);
}
$mb_cert_history = '';
@ -198,389 +202,429 @@ if (isset($mb_id) && $mb_id) {
$mb_cert_history = sql_query($sql);
}
if ($mb['mb_intercept_date']) $g5['title'] = "차단된 ";
else $g5['title'] .= "";
$g5['title'] .= '회원 '.$html_title;
include_once('./admin.head.php');
if ($mb['mb_intercept_date']) {
$g5['title'] = "차단된 ";
} else {
$g5['title'] .= "";
}
$g5['title'] .= '회원 ' . $html_title;
require_once './admin.head.php';
// add_javascript('js 구문', 출력순서); 숫자가 작을 수록 먼저 출력됨
add_javascript(G5_POSTCODE_JS, 0); //다음 주소 js
?>
<form name="fmember" id="fmember" action="./member_form_update.php" onsubmit="return fmember_submit(this);" method="post" enctype="multipart/form-data">
<input type="hidden" name="w" value="<?php echo $w ?>">
<input type="hidden" name="sfl" value="<?php echo $sfl ?>">
<input type="hidden" name="stx" value="<?php echo $stx ?>">
<input type="hidden" name="sst" value="<?php echo $sst ?>">
<input type="hidden" name="sod" value="<?php echo $sod ?>">
<input type="hidden" name="page" value="<?php echo $page ?>">
<input type="hidden" name="token" value="">
<input type="hidden" name="w" value="<?php echo $w ?>">
<input type="hidden" name="sfl" value="<?php echo $sfl ?>">
<input type="hidden" name="stx" value="<?php echo $stx ?>">
<input type="hidden" name="sst" value="<?php echo $sst ?>">
<input type="hidden" name="sod" value="<?php echo $sod ?>">
<input type="hidden" name="page" value="<?php echo $page ?>">
<input type="hidden" name="token" value="">
<div class="tbl_frm01 tbl_wrap">
<table>
<caption><?php echo $g5['title']; ?></caption>
<colgroup>
<col class="grid_4">
<col>
<col class="grid_4">
<col>
</colgroup>
<tbody>
<tr>
<th scope="row"><label for="mb_id">아이디<?php echo $sound_only ?></label></th>
<td>
<input type="text" name="mb_id" value="<?php echo $mb['mb_id'] ?>" id="mb_id" <?php echo $required_mb_id ?> class="frm_input <?php echo $required_mb_id_class ?>" size="15" maxlength="20">
<?php if ($w=='u'){ ?><a href="./boardgroupmember_form.php?mb_id=<?php echo $mb['mb_id'] ?>" class="btn_frmline">접근가능그룹보기</a><?php } ?>
</td>
<th scope="row"><label for="mb_password">비밀번호<?php echo $sound_only ?></label></th>
<td><input type="password" name="mb_password" id="mb_password" <?php echo $required_mb_password ?> class="frm_input <?php echo $required_mb_password ?>" size="15" maxlength="20"></td>
</tr>
<tr>
<th scope="row"><label for="mb_name">이름(실명)<strong class="sound_only">필수</strong></label></th>
<td><input type="text" name="mb_name" value="<?php echo $mb['mb_name'] ?>" id="mb_name" required class="required frm_input" size="15" maxlength="20"></td>
<th scope="row"><label for="mb_nick">닉네임<strong class="sound_only">필수</strong></label></th>
<td><input type="text" name="mb_nick" value="<?php echo $mb['mb_nick'] ?>" id="mb_nick" required class="required frm_input" size="15" maxlength="20"></td>
</tr>
<tr>
<th scope="row"><label for="mb_level">회원 권한</label></th>
<td><?php echo get_member_level_select('mb_level', 1, $member['mb_level'], $mb['mb_level']) ?></td>
<th scope="row">포인트</th>
<td><a href="./point_list.php?sfl=mb_id&amp;stx=<?php echo $mb['mb_id'] ?>" target="_blank"><?php echo number_format($mb['mb_point']) ?></a> 점</td>
</tr>
<tr>
<th scope="row"><label for="mb_email">E-mail<strong class="sound_only">필수</strong></label></th>
<td><input type="text" name="mb_email" value="<?php echo $mb['mb_email'] ?>" id="mb_email" maxlength="100" required class="required frm_input email" size="30"></td>
<th scope="row"><label for="mb_homepage">홈페이지</label></th>
<td><input type="text" name="mb_homepage" value="<?php echo $mb['mb_homepage'] ?>" id="mb_homepage" class="frm_input" maxlength="255" size="15"></td>
</tr>
<tr>
<th scope="row"><label for="mb_hp">휴대폰번호</label></th>
<td><input type="text" name="mb_hp" value="<?php echo $mb['mb_hp'] ?>" id="mb_hp" class="frm_input" size="15" maxlength="20"></td>
<th scope="row"><label for="mb_tel">전화번호</label></th>
<td><input type="text" name="mb_tel" value="<?php echo $mb['mb_tel'] ?>" id="mb_tel" class="frm_input" size="15" maxlength="20"></td>
</tr>
<tr>
<th scope="row">본인확인방법</th>
<td colspan="3">
<input type="radio" name="mb_certify_case" value="simple" id="mb_certify_sa" <?php if($mb['mb_certify'] == 'simple') echo 'checked="checked"'; ?>>
<label for="mb_certify_sa">간편인증</label>
<input type="radio" name="mb_certify_case" value="hp" id="mb_certify_hp" <?php if($mb['mb_certify'] == 'hp') echo 'checked="checked"'; ?>>
<label for="mb_certify_hp">휴대폰</label>
<input type="radio" name="mb_certify_case" value="ipin" id="mb_certify_ipin" <?php if($mb['mb_certify'] == 'ipin') echo 'checked="checked"'; ?>>
<label for="mb_certify_ipin">아이핀</label>
</td>
</tr>
<tr>
<th scope="row">본인확인</th>
<td>
<input type="radio" name="mb_certify" value="1" id="mb_certify_yes" <?php echo $mb_certify_yes; ?>>
<label for="mb_certify_yes">예</label>
<input type="radio" name="mb_certify" value="" id="mb_certify_no" <?php echo $mb_certify_no; ?>>
<label for="mb_certify_no">아니오</label>
</td>
<th scope="row">성인인증</th>
<td>
<input type="radio" name="mb_adult" value="1" id="mb_adult_yes" <?php echo $mb_adult_yes; ?>>
<label for="mb_adult_yes">예</label>
<input type="radio" name="mb_adult" value="0" id="mb_adult_no" <?php echo $mb_adult_no; ?>>
<label for="mb_adult_no">아니오</label>
</td>
</tr>
<tr>
<th scope="row">주소</th>
<td colspan="3" class="td_addr_line">
<label for="mb_zip" class="sound_only">우편번호</label>
<input type="text" name="mb_zip" value="<?php echo $mb['mb_zip1'].$mb['mb_zip2']; ?>" id="mb_zip" class="frm_input readonly" size="5" maxlength="6">
<button type="button" class="btn_frmline" onclick="win_zip('fmember', 'mb_zip', 'mb_addr1', 'mb_addr2', 'mb_addr3', 'mb_addr_jibeon');">주소 검색</button><br>
<input type="text" name="mb_addr1" value="<?php echo $mb['mb_addr1'] ?>" id="mb_addr1" class="frm_input readonly" size="60">
<label for="mb_addr1">기본주소</label><br>
<input type="text" name="mb_addr2" value="<?php echo $mb['mb_addr2'] ?>" id="mb_addr2" class="frm_input" size="60">
<label for="mb_addr2">상세주소</label>
<br>
<input type="text" name="mb_addr3" value="<?php echo $mb['mb_addr3'] ?>" id="mb_addr3" class="frm_input" size="60">
<label for="mb_addr3">참고항목</label>
<input type="hidden" name="mb_addr_jibeon" value="<?php echo $mb['mb_addr_jibeon']; ?>"><br>
</td>
</tr>
<tr>
<th scope="row"><label for="mb_icon">회원아이콘</label></th>
<td colspan="3">
<?php echo help('이미지 크기는 <strong>넓이 '.$config['cf_member_icon_width'].'픽셀 높이 '.$config['cf_member_icon_height'].'픽셀</strong>로 해주세요.') ?>
<input type="file" name="mb_icon" id="mb_icon">
<?php
$mb_dir = substr($mb['mb_id'],0,2);
$icon_file = G5_DATA_PATH.'/member/'.$mb_dir.'/'.get_mb_icon_name($mb['mb_id']).'.gif';
if (file_exists($icon_file)) {
$icon_url = str_replace(G5_DATA_PATH, G5_DATA_URL, $icon_file);
$icon_filemtile = (defined('G5_USE_MEMBER_IMAGE_FILETIME') && G5_USE_MEMBER_IMAGE_FILETIME) ? '?'.filemtime($icon_file) : '';
echo '<img src="'.$icon_url.$icon_filemtile.'" alt="">';
echo '<input type="checkbox" id="del_mb_icon" name="del_mb_icon" value="1">삭제';
}
?>
</td>
</tr>
<tr>
<th scope="row"><label for="mb_img">회원이미지</label></th>
<td colspan="3">
<?php echo help('이미지 크기는 <strong>넓이 '.$config['cf_member_img_width'].'픽셀 높이 '.$config['cf_member_img_height'].'픽셀</strong>로 해주세요.') ?>
<input type="file" name="mb_img" id="mb_img">
<?php
$mb_dir = substr($mb['mb_id'],0,2);
$icon_file = G5_DATA_PATH.'/member_image/'.$mb_dir.'/'.get_mb_icon_name($mb['mb_id']).'.gif';
if (file_exists($icon_file)) {
echo get_member_profile_img($mb['mb_id']);
echo '<input type="checkbox" id="del_mb_img" name="del_mb_img" value="1">삭제';
}
?>
</td>
</tr>
<tr>
<th scope="row">메일 수신</th>
<td>
<input type="radio" name="mb_mailling" value="1" id="mb_mailling_yes" <?php echo $mb_mailling_yes; ?>>
<label for="mb_mailling_yes">예</label>
<input type="radio" name="mb_mailling" value="0" id="mb_mailling_no" <?php echo $mb_mailling_no; ?>>
<label for="mb_mailling_no">아니오</label>
</td>
<th scope="row"><label for="mb_sms_yes">SMS 수신</label></th>
<td>
<input type="radio" name="mb_sms" value="1" id="mb_sms_yes" <?php echo $mb_sms_yes; ?>>
<label for="mb_sms_yes">예</label>
<input type="radio" name="mb_sms" value="0" id="mb_sms_no" <?php echo $mb_sms_no; ?>>
<label for="mb_sms_no">아니오</label>
</td>
</tr>
<tr>
<th scope="row">정보 공개</th>
<td colspan="3">
<input type="radio" name="mb_open" value="1" id="mb_open_yes" <?php echo $mb_open_yes; ?>>
<label for="mb_open_yes">예</label>
<input type="radio" name="mb_open" value="0" id="mb_open_no" <?php echo $mb_open_no; ?>>
<label for="mb_open_no">아니오</label>
</td>
</tr>
<tr>
<th scope="row"><label for="mb_signature">서명</label></th>
<td colspan="3"><textarea name="mb_signature" id="mb_signature"><?php echo $mb['mb_signature'] ?></textarea></td>
</tr>
<tr>
<th scope="row"><label for="mb_profile">자기 소개</label></th>
<td colspan="3"><textarea name="mb_profile" id="mb_profile"><?php echo $mb['mb_profile'] ?></textarea></td>
</tr>
<tr>
<th scope="row"><label for="mb_memo">메모</label></th>
<td colspan="3"><textarea name="mb_memo" id="mb_memo"><?php echo $mb['mb_memo'] ?></textarea></td>
</tr>
<tr>
<th scope="row"><label for="mb_cert_history">본인인증 내역</label></th>
<td colspan="3">
<?php
$cnt = 0;
while ($row = sql_fetch_array($mb_cert_history)) {
$cnt++;
switch($row['ch_type']){
case 'simple':
$cert_type = '간편인증';
break;
case 'hp':
$cert_type = '휴대폰';
break;
case 'ipin':
$cert_type = '아이핀';
break;
}
?>
<div>
[<?php echo $row['ch_datetime']; ?>]
<?php echo $row['mb_id']; ?> /
<?php echo $row['ch_name']; ?> /
<?php echo $row['ch_hp']; ?> /
<?php echo $cert_type; ?>
</div>
<?php } ?>
<?php if ($cnt == 0) { ?>
본인인증 내역이 없습니다.
<?php } ?>
</td>
</tr>
<?php if ($w == 'u') { ?>
<tr>
<th scope="row">회원가입일</th>
<td><?php echo $mb['mb_datetime'] ?></td>
<th scope="row">최근접속일</th>
<td><?php echo $mb['mb_today_login'] ?></td>
</tr>
<tr>
<th scope="row">IP</th>
<td colspan="3"><?php echo $mb['mb_ip'] ?></td>
</tr>
<?php if ($config['cf_use_email_certify']) { ?>
<tr>
<th scope="row">인증일시</th>
<td colspan="3">
<?php if ($mb['mb_email_certify'] == '0000-00-00 00:00:00') { ?>
<?php echo help('회원님이 메일을 수신할 수 없는 경우 등에 직접 인증처리를 하실 수 있습니다.') ?>
<input type="checkbox" name="passive_certify" id="passive_certify">
<label for="passive_certify">수동인증</label>
<?php } else { ?>
<?php echo $mb['mb_email_certify'] ?>
<?php } ?>
</td>
</tr>
<?php } ?>
<?php } ?>
<?php if ($config['cf_use_recommend']) { // 추천인 사용 ?>
<tr>
<th scope="row">추천인</th>
<td colspan="3"><?php echo ($mb['mb_recommend'] ? get_text($mb['mb_recommend']) : '없음'); // 081022 : CSRF 보안 결함으로 인한 코드 수정 ?></td>
</tr>
<?php } ?>
<tr>
<th scope="row"><label for="mb_leave_date">탈퇴일자</label></th>
<td>
<input type="text" name="mb_leave_date" value="<?php echo $mb['mb_leave_date'] ?>" id="mb_leave_date" class="frm_input" maxlength="8">
<input type="checkbox" value="<?php echo date("Ymd"); ?>" id="mb_leave_date_set_today" onclick="if (this.form.mb_leave_date.value==this.form.mb_leave_date.defaultValue) {
this.form.mb_leave_date.value=this.value; } else { this.form.mb_leave_date.value=this.form.mb_leave_date.defaultValue; }">
<label for="mb_leave_date_set_today">탈퇴일을 오늘로 지정</label>
</td>
<th scope="row">접근차단일자</th>
<td>
<input type="text" name="mb_intercept_date" value="<?php echo $mb['mb_intercept_date'] ?>" id="mb_intercept_date" class="frm_input" maxlength="8">
<input type="checkbox" value="<?php echo date("Ymd"); ?>" id="mb_intercept_date_set_today" onclick="if
(this.form.mb_intercept_date.value==this.form.mb_intercept_date.defaultValue) { this.form.mb_intercept_date.value=this.value; } else {
this.form.mb_intercept_date.value=this.form.mb_intercept_date.defaultValue; }">
<label for="mb_intercept_date_set_today">접근차단일을 오늘로 지정</label>
</td>
</tr>
<?php
//소셜계정이 있다면
if(function_exists('social_login_link_account') && $mb['mb_id'] ){
if( $my_social_accounts = social_login_link_account($mb['mb_id'], false, 'get_data') ){ ?>
<tr>
<th>소셜계정목록</th>
<td colspan="3">
<ul class="social_link_box">
<li class="social_login_container">
<h4>연결된 소셜 계정 목록</h4>
<?php foreach($my_social_accounts as $account){ //반복문
if( empty($account) ) continue;
$provider = strtolower($account['provider']);
$provider_name = social_get_provider_service_name($provider);
?>
<div class="account_provider" data-mpno="social_<?php echo $account['mp_no'];?>" >
<div class="sns-wrap-32 sns-wrap-over">
<span class="sns-icon sns-<?php echo $provider; ?>" title="<?php echo $provider_name; ?>">
<span class="ico"></span>
<span class="txt"><?php echo $provider_name; ?></span>
</span>
<span class="provider_name"><?php echo $provider_name; //서비스이름?> ( <?php echo $account['displayname']; ?> )</span>
<span class="account_hidden" style="display:none"><?php echo $account['mb_id']; ?></span>
</div>
<div class="btn_info"><a href="<?php echo G5_SOCIAL_LOGIN_URL.'/unlink.php?mp_no='.$account['mp_no'] ?>" class="social_unlink" data-provider="<?php echo $account['mp_no'];?>" >연동해제</a> <span class="sound_only"><?php echo substr($account['mp_register_day'], 2, 14); ?></span></div>
</div>
<?php } //end foreach ?>
</li>
</ul>
<script>
jQuery(function($){
$(".account_provider").on("click", ".social_unlink", function(e){
e.preventDefault();
if (!confirm('정말 이 계정 연결을 삭제하시겠습니까?')) {
return false;
}
var ajax_url = "<?php echo G5_SOCIAL_LOGIN_URL.'/unlink.php' ?>";
var mb_id = '',
mp_no = $(this).attr("data-provider"),
$mp_el = $(this).parents(".account_provider");
mb_id = $mp_el.find(".account_hidden").text();
if( ! mp_no ){
alert('잘못된 요청! mp_no 값이 없습니다.');
return;
}
$.ajax({
url: ajax_url,
type: 'POST',
data: {
'mp_no': mp_no,
'mb_id': mb_id
},
dataType: 'json',
async: false,
success: function(data, textStatus) {
if (data.error) {
alert(data.error);
return false;
} else {
alert("연결이 해제 되었습니다.");
$mp_el.fadeOut("normal", function() {
$(this).remove();
});
<div class="tbl_frm01 tbl_wrap">
<table>
<caption><?php echo $g5['title']; ?></caption>
<colgroup>
<col class="grid_4">
<col>
<col class="grid_4">
<col>
</colgroup>
<tbody>
<tr>
<th scope="row"><label for="mb_id">아이디<?php echo $sound_only ?></label></th>
<td>
<input type="text" name="mb_id" value="<?php echo $mb['mb_id'] ?>" id="mb_id" <?php echo $required_mb_id ?> class="frm_input <?php echo $required_mb_id_class ?>" size="15" maxlength="20">
<?php if ($w == 'u') { ?><a href="./boardgroupmember_form.php?mb_id=<?php echo $mb['mb_id'] ?>" class="btn_frmline">접근가능그룹보기</a><?php } ?>
</td>
<th scope="row"><label for="mb_password">비밀번호<?php echo $sound_only ?></label></th>
<td>
<div>
<input type="password" name="mb_password" id="mb_password" <?php echo $required_mb_password ?> class="frm_input <?php echo $required_mb_password ?>" size="15" maxlength="20">
</div>
<div id="mb_password_captcha_wrap" style="display:none">
<?php
require_once G5_CAPTCHA_PATH . '/captcha.lib.php';
$captcha_html = captcha_html();
$captcha_js = chk_captcha_js();
echo $captcha_html;
?>
</div>
</td>
</tr>
<tr>
<th scope="row"><label for="mb_name">이름(실명)<strong class="sound_only">필수</strong></label></th>
<td><input type="text" name="mb_name" value="<?php echo $mb['mb_name'] ?>" id="mb_name" required class="required frm_input" size="15" maxlength="20"></td>
<th scope="row"><label for="mb_nick">닉네임<strong class="sound_only">필수</strong></label></th>
<td><input type="text" name="mb_nick" value="<?php echo $mb['mb_nick'] ?>" id="mb_nick" required class="required frm_input" size="15" maxlength="20"></td>
</tr>
<tr>
<th scope="row"><label for="mb_level">회원 권한</label></th>
<td><?php echo get_member_level_select('mb_level', 1, $member['mb_level'], $mb['mb_level']) ?></td>
<th scope="row">포인트</th>
<td><a href="./point_list.php?sfl=mb_id&amp;stx=<?php echo $mb['mb_id'] ?>" target="_blank"><?php echo number_format($mb['mb_point']) ?></a> 점</td>
</tr>
<tr>
<th scope="row"><label for="mb_email">E-mail<strong class="sound_only">필수</strong></label></th>
<td><input type="text" name="mb_email" value="<?php echo $mb['mb_email'] ?>" id="mb_email" maxlength="100" required class="required frm_input email" size="30"></td>
<th scope="row"><label for="mb_homepage">홈페이지</label></th>
<td><input type="text" name="mb_homepage" value="<?php echo $mb['mb_homepage'] ?>" id="mb_homepage" class="frm_input" maxlength="255" size="15"></td>
</tr>
<tr>
<th scope="row"><label for="mb_hp">휴대폰번호</label></th>
<td><input type="text" name="mb_hp" value="<?php echo $mb['mb_hp'] ?>" id="mb_hp" class="frm_input" size="15" maxlength="20"></td>
<th scope="row"><label for="mb_tel">전화번호</label></th>
<td><input type="text" name="mb_tel" value="<?php echo $mb['mb_tel'] ?>" id="mb_tel" class="frm_input" size="15" maxlength="20"></td>
</tr>
<tr>
<th scope="row">본인확인방법</th>
<td colspan="3">
<input type="radio" name="mb_certify_case" value="simple" id="mb_certify_sa" <?php if ($mb['mb_certify'] == 'simple') { echo 'checked="checked"'; } ?>>
<label for="mb_certify_sa">간편인증</label>
<input type="radio" name="mb_certify_case" value="hp" id="mb_certify_hp" <?php if ($mb['mb_certify'] == 'hp') { echo 'checked="checked"'; } ?>>
<label for="mb_certify_hp">휴대폰</label>
<input type="radio" name="mb_certify_case" value="ipin" id="mb_certify_ipin" <?php if ($mb['mb_certify'] == 'ipin') { echo 'checked="checked"'; } ?>>
<label for="mb_certify_ipin">아이핀</label>
</td>
</tr>
<tr>
<th scope="row">본인확인</th>
<td>
<input type="radio" name="mb_certify" value="1" id="mb_certify_yes" <?php echo $mb_certify_yes; ?>>
<label for="mb_certify_yes">예</label>
<input type="radio" name="mb_certify" value="0" id="mb_certify_no" <?php echo $mb_certify_no; ?>>
<label for="mb_certify_no">아니오</label>
</td>
<th scope="row">성인인증</th>
<td>
<input type="radio" name="mb_adult" value="1" id="mb_adult_yes" <?php echo $mb_adult_yes; ?>>
<label for="mb_adult_yes">예</label>
<input type="radio" name="mb_adult" value="0" id="mb_adult_no" <?php echo $mb_adult_no; ?>>
<label for="mb_adult_no">아니오</label>
</td>
</tr>
<tr>
<th scope="row">주소</th>
<td colspan="3" class="td_addr_line">
<label for="mb_zip" class="sound_only">우편번호</label>
<input type="text" name="mb_zip" value="<?php echo $mb['mb_zip1'] . $mb['mb_zip2']; ?>" id="mb_zip" class="frm_input readonly" size="5" maxlength="6">
<button type="button" class="btn_frmline" onclick="win_zip('fmember', 'mb_zip', 'mb_addr1', 'mb_addr2', 'mb_addr3', 'mb_addr_jibeon');">주소 검색</button><br>
<input type="text" name="mb_addr1" value="<?php echo $mb['mb_addr1'] ?>" id="mb_addr1" class="frm_input readonly" size="60">
<label for="mb_addr1">기본주소</label><br>
<input type="text" name="mb_addr2" value="<?php echo $mb['mb_addr2'] ?>" id="mb_addr2" class="frm_input" size="60">
<label for="mb_addr2">상세주소</label>
<br>
<input type="text" name="mb_addr3" value="<?php echo $mb['mb_addr3'] ?>" id="mb_addr3" class="frm_input" size="60">
<label for="mb_addr3">참고항목</label>
<input type="hidden" name="mb_addr_jibeon" value="<?php echo $mb['mb_addr_jibeon']; ?>"><br>
</td>
</tr>
<tr>
<th scope="row"><label for="mb_icon">회원아이콘</label></th>
<td colspan="3">
<?php echo help('이미지 크기는 <strong>넓이 ' . $config['cf_member_icon_width'] . '픽셀 높이 ' . $config['cf_member_icon_height'] . '픽셀</strong>로 해주세요.') ?>
<input type="file" name="mb_icon" id="mb_icon">
<?php
$mb_dir = substr($mb['mb_id'], 0, 2);
$icon_file = G5_DATA_PATH . '/member/' . $mb_dir . '/' . get_mb_icon_name($mb['mb_id']) . '.gif';
if (file_exists($icon_file)) {
$icon_url = str_replace(G5_DATA_PATH, G5_DATA_URL, $icon_file);
$icon_filemtile = (defined('G5_USE_MEMBER_IMAGE_FILETIME') && G5_USE_MEMBER_IMAGE_FILETIME) ? '?' . filemtime($icon_file) : '';
echo '<img src="' . $icon_url . $icon_filemtile . '" alt="">';
echo '<input type="checkbox" id="del_mb_icon" name="del_mb_icon" value="1">삭제';
}
}
});
?>
</td>
</tr>
<tr>
<th scope="row"><label for="mb_img">회원이미지</label></th>
<td colspan="3">
<?php echo help('이미지 크기는 <strong>넓이 ' . $config['cf_member_img_width'] . '픽셀 높이 ' . $config['cf_member_img_height'] . '픽셀</strong>로 해주세요.') ?>
<input type="file" name="mb_img" id="mb_img">
<?php
$mb_dir = substr($mb['mb_id'], 0, 2);
$icon_file = G5_DATA_PATH . '/member_image/' . $mb_dir . '/' . get_mb_icon_name($mb['mb_id']) . '.gif';
if (file_exists($icon_file)) {
echo get_member_profile_img($mb['mb_id']);
echo '<input type="checkbox" id="del_mb_img" name="del_mb_img" value="1">삭제';
}
?>
</td>
</tr>
<tr>
<th scope="row">메일 수신</th>
<td>
<input type="radio" name="mb_mailling" value="1" id="mb_mailling_yes" <?php echo $mb_mailling_yes; ?>>
<label for="mb_mailling_yes">예</label>
<input type="radio" name="mb_mailling" value="0" id="mb_mailling_no" <?php echo $mb_mailling_no; ?>>
<label for="mb_mailling_no">아니오</label>
</td>
<th scope="row"><label for="mb_sms_yes">SMS 수신</label></th>
<td>
<input type="radio" name="mb_sms" value="1" id="mb_sms_yes" <?php echo $mb_sms_yes; ?>>
<label for="mb_sms_yes">예</label>
<input type="radio" name="mb_sms" value="0" id="mb_sms_no" <?php echo $mb_sms_no; ?>>
<label for="mb_sms_no">아니오</label>
</td>
</tr>
<tr>
<th scope="row">정보 공개</th>
<td colspan="3">
<input type="radio" name="mb_open" value="1" id="mb_open_yes" <?php echo $mb_open_yes; ?>>
<label for="mb_open_yes">예</label>
<input type="radio" name="mb_open" value="0" id="mb_open_no" <?php echo $mb_open_no; ?>>
<label for="mb_open_no">아니오</label>
</td>
</tr>
<tr>
<th scope="row"><label for="mb_signature">서명</label></th>
<td colspan="3"><textarea name="mb_signature" id="mb_signature"><?php echo $mb['mb_signature'] ?></textarea></td>
</tr>
<tr>
<th scope="row"><label for="mb_profile">자기 소개</label></th>
<td colspan="3"><textarea name="mb_profile" id="mb_profile"><?php echo $mb['mb_profile'] ?></textarea></td>
</tr>
<tr>
<th scope="row"><label for="mb_memo">메모</label></th>
<td colspan="3"><textarea name="mb_memo" id="mb_memo"><?php echo $mb['mb_memo'] ?></textarea></td>
</tr>
<tr>
<th scope="row"><label for="mb_cert_history">본인인증 내역</label></th>
<td colspan="3">
<?php
$cnt = 0;
while ($row = sql_fetch_array($mb_cert_history)) {
$cnt++;
$cert_type = '';
switch ($row['ch_type']) {
case 'simple':
$cert_type = '간편인증';
break;
case 'hp':
$cert_type = '휴대폰';
break;
case 'ipin':
$cert_type = '아이핀';
break;
}
?>
<div>
[<?php echo $row['ch_datetime']; ?>]
<?php echo $row['mb_id']; ?> /
<?php echo $row['ch_name']; ?> /
<?php echo $row['ch_hp']; ?> /
<?php echo $cert_type; ?>
</div>
<?php } ?>
return;
});
});
</script>
<?php if ($cnt == 0) { ?>
본인인증 내역이 없습니다.
<?php } ?>
</td>
</tr>
</td>
</tr>
<?php if ($w == 'u') { ?>
<tr>
<th scope="row">회원가입일</th>
<td><?php echo $mb['mb_datetime'] ?></td>
<th scope="row">최근접속일</th>
<td><?php echo $mb['mb_today_login'] ?></td>
</tr>
<tr>
<th scope="row">IP</th>
<td colspan="3"><?php echo $mb['mb_ip'] ?></td>
</tr>
<?php if ($config['cf_use_email_certify']) { ?>
<tr>
<th scope="row">인증일시</th>
<td colspan="3">
<?php if ($mb['mb_email_certify'] == '0000-00-00 00:00:00') { ?>
<?php echo help('회원님이 메일을 수신할 수 없는 경우 등에 직접 인증처리를 하실 수 있습니다.') ?>
<input type="checkbox" name="passive_certify" id="passive_certify">
<label for="passive_certify">수동인증</label>
<?php } else { ?>
<?php echo $mb['mb_email_certify'] ?>
<?php } ?>
</td>
</tr>
<?php } ?>
<?php } ?>
<?php
} //end if
} //end if
<?php if ($config['cf_use_recommend']) { // 추천인 사용 ?>
<tr>
<th scope="row">추천인</th>
<td colspan="3"><?php echo ($mb['mb_recommend'] ? get_text($mb['mb_recommend']) : '없음'); // 081022 : CSRF 보안 결함으로 인한 코드 수정 ?></td>
</tr>
<?php } ?>
run_event('admin_member_form_add', $mb, $w, 'table');
?>
<tr>
<th scope="row"><label for="mb_leave_date">탈퇴일자</label></th>
<td>
<input type="text" name="mb_leave_date" value="<?php echo $mb['mb_leave_date'] ?>" id="mb_leave_date" class="frm_input" maxlength="8">
<input type="checkbox" value="<?php echo date("Ymd"); ?>" id="mb_leave_date_set_today" onclick="if (this.form.mb_leave_date.value==this.form.mb_leave_date.defaultValue) { this.form.mb_leave_date.value=this.value; } else { this.form.mb_leave_date.value=this.form.mb_leave_date.defaultValue; }">
<label for="mb_leave_date_set_today">탈퇴일을 오늘로 지정</label>
</td>
<th scope="row">접근차단일자</th>
<td>
<input type="text" name="mb_intercept_date" value="<?php echo $mb['mb_intercept_date'] ?>" id="mb_intercept_date" class="frm_input" maxlength="8">
<input type="checkbox" value="<?php echo date("Ymd"); ?>" id="mb_intercept_date_set_today" onclick="if (this.form.mb_intercept_date.value==this.form.mb_intercept_date.defaultValue) { this.form.mb_intercept_date.value=this.value; } else { this.form.mb_intercept_date.value=this.form.mb_intercept_date.defaultValue; }">
<label for="mb_intercept_date_set_today">접근차단일을 오늘로 지정</label>
</td>
</tr>
<?php for ($i=1; $i<=10; $i++) { ?>
<tr>
<th scope="row"><label for="mb_<?php echo $i ?>">여분 필드 <?php echo $i ?></label></th>
<td colspan="3"><input type="text" name="mb_<?php echo $i ?>" value="<?php echo $mb['mb_'.$i] ?>" id="mb_<?php echo $i ?>" class="frm_input" size="30" maxlength="255"></td>
</tr>
<?php } ?>
<?php
//소셜계정이 있다면
if (function_exists('social_login_link_account') && $mb['mb_id']) {
if ($my_social_accounts = social_login_link_account($mb['mb_id'], false, 'get_data')) { ?>
<tr>
<th>소셜계정목록</th>
<td colspan="3">
<ul class="social_link_box">
<li class="social_login_container">
<h4>연결된 소셜 계정 목록</h4>
<?php foreach ($my_social_accounts as $account) { //반복문
if (empty($account)) {
continue;
}
</tbody>
</table>
</div>
$provider = strtolower($account['provider']);
$provider_name = social_get_provider_service_name($provider);
?>
<div class="account_provider" data-mpno="social_<?php echo $account['mp_no']; ?>">
<div class="sns-wrap-32 sns-wrap-over">
<span class="sns-icon sns-<?php echo $provider; ?>" title="<?php echo $provider_name; ?>">
<span class="ico"></span>
<span class="txt"><?php echo $provider_name; ?></span>
</span>
<div class="btn_fixed_top">
<a href="./member_list.php?<?php echo $qstr ?>" class="btn btn_02">목록</a>
<input type="submit" value="확인" class="btn_submit btn" accesskey='s'>
</div>
<span class="provider_name"><?php echo $provider_name; //서비스이름 ?> ( <?php echo $account['displayname']; ?> )</span>
<span class="account_hidden" style="display:none"><?php echo $account['mb_id']; ?></span>
</div>
<div class="btn_info"><a href="<?php echo G5_SOCIAL_LOGIN_URL . '/unlink.php?mp_no=' . $account['mp_no'] ?>" class="social_unlink" data-provider="<?php echo $account['mp_no']; ?>">연동해제</a> <span class="sound_only"><?php echo substr($account['mp_register_day'], 2, 14); ?></span></div>
</div>
<?php } //end foreach ?>
</li>
</ul>
<script>
jQuery(function($) {
$(".account_provider").on("click", ".social_unlink", function(e) {
e.preventDefault();
if (!confirm('정말 이 계정 연결을 삭제하시겠습니까?')) {
return false;
}
var ajax_url = "<?php echo G5_SOCIAL_LOGIN_URL . '/unlink.php' ?>";
var mb_id = '',
mp_no = $(this).attr("data-provider"),
$mp_el = $(this).parents(".account_provider");
mb_id = $mp_el.find(".account_hidden").text();
if (!mp_no) {
alert('잘못된 요청! mp_no 값이 없습니다.');
return;
}
$.ajax({
url: ajax_url,
type: 'POST',
data: {
'mp_no': mp_no,
'mb_id': mb_id
},
dataType: 'json',
async: false,
success: function(data, textStatus) {
if (data.error) {
alert(data.error);
return false;
} else {
alert("연결이 해제 되었습니다.");
$mp_el.fadeOut("normal", function() {
$(this).remove();
});
}
}
});
return;
});
});
</script>
</td>
</tr>
<?php
} //end if
} //end if
run_event('admin_member_form_add', $mb, $w, 'table');
?>
<?php for ($i = 1; $i <= 10; $i++) { ?>
<tr>
<th scope="row"><label for="mb_<?php echo $i ?>">여분 필드 <?php echo $i ?></label></th>
<td colspan="3"><input type="text" name="mb_<?php echo $i ?>" value="<?php echo $mb['mb_' . $i] ?>" id="mb_<?php echo $i ?>" class="frm_input" size="30" maxlength="255"></td>
</tr>
<?php } ?>
</tbody>
</table>
</div>
<div class="btn_fixed_top">
<a href="./member_list.php?<?php echo $qstr ?>" class="btn btn_02">목록</a>
<input type="submit" value="확인" class="btn_submit btn" accesskey='s'>
</div>
</form>
<script>
function fmember_submit(f)
{
if (!f.mb_icon.value.match(/\.(gif|jpe?g|png)$/i) && f.mb_icon.value) {
alert('아이콘은 이미지 파일만 가능합니다.');
return false;
function fmember_submit(f) {
if (!f.mb_icon.value.match(/\.(gif|jpe?g|png)$/i) && f.mb_icon.value) {
alert('아이콘은 이미지 파일만 가능합니다.');
return false;
}
if (!f.mb_img.value.match(/\.(gif|jpe?g|png)$/i) && f.mb_img.value) {
alert('회원이미지는 이미지 파일만 가능합니다.');
return false;
}
if( jQuery("#mb_password").val() ){
<?php echo $captcha_js; // 캡챠 사용시 자바스크립트에서 입력된 캡챠를 검사함 ?>
}
return true;
}
if (!f.mb_img.value.match(/\.(gif|jpe?g|png)$/i) && f.mb_img.value) {
alert('회원이미지는 이미지 파일만 가능합니다.');
return false;
}
jQuery(function($){
$("#captcha_key").prop('required', false).removeAttr("required").removeClass("required");
return true;
}
$("#mb_password").on("keyup", function(e) {
var $warp = $("#mb_password_captcha_wrap"),
tooptipid = "mp_captcha_tooltip",
$span_text = $("<span>", {id:tooptipid, style:"font-size:0.95em;letter-spacing:-0.1em"}).html("비밀번호를 수정할 경우 캡챠를 입력해야 합니다."),
$parent = $(this).parent(),
is_invisible_recaptcha = $("#captcha").hasClass("invisible_recaptcha");
if($(this).val()){
$warp.show();
if(! is_invisible_recaptcha) {
$warp.css("margin-top","1em");
if(! $("#"+tooptipid).length){ $parent.append($span_text) }
}
} else {
$warp.hide();
if($("#"+tooptipid).length && ! is_invisible_recaptcha){ $parent.find("#"+tooptipid).remove(); }
}
});
});
</script>
<?php
run_event('admin_member_form_after', $mb, $w);
include_once('./admin.tail.php');
require_once './admin.tail.php';

244
adm/member_form_update.php
View File

@ -1,33 +1,45 @@
<?php
$sub_menu = "200100";
include_once("./_common.php");
include_once(G5_LIB_PATH."/register.lib.php");
include_once(G5_LIB_PATH.'/thumbnail.lib.php');
require_once "./_common.php";
require_once G5_LIB_PATH . "/register.lib.php";
require_once G5_LIB_PATH . '/thumbnail.lib.php';
if ($w == 'u')
if ($w == 'u') {
check_demo();
}
auth_check_menu($auth, $sub_menu, 'w');
check_admin_token();
$mb_id = isset($_POST['mb_id']) ? trim($_POST['mb_id']) : '';
$mb_id = isset($_POST['mb_id']) ? trim($_POST['mb_id']) : '';
$mb_password = isset($_POST['mb_password']) ? trim($_POST['mb_password']) : '';
$mb_certify_case = isset($_POST['mb_certify_case']) ? preg_replace('/[^0-9a-z_]/i', '', $_POST['mb_certify_case']) : '';
$mb_certify = isset($_POST['mb_certify']) ? preg_replace('/[^0-9a-z_]/i', '', $_POST['mb_certify']) : '';
$mb_zip = isset($_POST['mb_zip']) ? preg_replace('/[^0-9a-z_]/i', '', $_POST['mb_zip']) : '';
$mb_certify = isset($_POST['mb_certify']) ? preg_replace('/[^0-9a-z_]/i', '', $_POST['mb_certify']) : '';
$mb_zip = isset($_POST['mb_zip']) ? preg_replace('/[^0-9a-z_]/i', '', $_POST['mb_zip']) : '';
// 관리자가 자동등록방지를 사용해야 할 경우 ( 회원의 비밀번호 변경시 캡챠를 체크한다 )
if ($mb_password && function_exists('get_admin_captcha_by') && get_admin_captcha_by()) {
include_once(G5_CAPTCHA_PATH . '/captcha.lib.php');
if (!chk_captcha()) {
alert('자동등록방지 숫자가 틀렸습니다.');
}
}
// 휴대폰번호 체크
$mb_hp = hyphen_hp_number($_POST['mb_hp']);
if($mb_hp) {
if ($mb_hp) {
$result = exist_mb_hp($mb_hp, $mb_id);
if ($result)
if ($result) {
alert($result);
}
}
// 인증정보처리
if($mb_certify_case && $mb_certify) {
$mb_certify = isset($_POST['mb_certify_case']) ? preg_replace('/[^0-9a-z_]/i', '', $_POST['mb_certify_case']) : '';
$mb_adult = isset($_POST['mb_adult']) ? preg_replace('/[^0-9a-z_]/i', '', $_POST['mb_adult']) : '';
if ($mb_certify_case && $mb_certify) {
$mb_certify = isset($_POST['mb_certify_case']) ? preg_replace('/[^0-9a-z_]/i', '', (string)$_POST['mb_certify_case']) : '';
$mb_adult = isset($_POST['mb_adult']) ? preg_replace('/[^0-9a-z_]/i', '', (string)$_POST['mb_adult']) : '';
} else {
$mb_certify = '';
$mb_adult = 0;
@ -39,33 +51,39 @@ $mb_zip2 = substr($mb_zip, 3);
$mb_email = isset($_POST['mb_email']) ? get_email_address(trim($_POST['mb_email'])) : '';
$mb_nick = isset($_POST['mb_nick']) ? trim(strip_tags($_POST['mb_nick'])) : '';
if ($msg = valid_mb_nick($mb_nick)) alert($msg, "", true, true);
if ($msg = valid_mb_nick($mb_nick)) {
alert($msg, "", true, true);
}
$posts = array();
$check_keys = array(
'mb_name',
'mb_homepage',
'mb_tel',
'mb_addr1',
'mb_addr2',
'mb_addr3',
'mb_addr_jibeon',
'mb_signature',
'mb_leave_date',
'mb_intercept_date',
'mb_mailling',
'mb_sms',
'mb_open',
'mb_profile',
'mb_level'
'mb_name',
'mb_homepage',
'mb_tel',
'mb_addr1',
'mb_addr2',
'mb_addr3',
'mb_addr_jibeon',
'mb_signature',
'mb_leave_date',
'mb_intercept_date',
'mb_mailling',
'mb_sms',
'mb_open',
'mb_profile',
'mb_level'
);
for($i=1;$i<=10;$i++){
$check_keys[] = 'mb_'.$i;
for ($i = 1; $i <= 10; $i++) {
$check_keys[] = 'mb_' . $i;
}
foreach( $check_keys as $key ){
$posts[$key] = isset($_POST[$key]) ? clean_xss_tags($_POST[$key], 1, 1) : '';
foreach ($check_keys as $key) {
if( in_array($key, array('mb_signature', 'mb_profile')) ){
$posts[$key] = isset($_POST[$key]) ? clean_xss_tags($_POST[$key], 1, 1, 0, 0) : '';
} else {
$posts[$key] = isset($_POST[$key]) ? clean_xss_tags($_POST[$key], 1, 1) : '';
}
}
$mb_memo = isset($_POST['mb_memo']) ? $_POST['mb_memo'] : '';
@ -104,63 +122,70 @@ $sql_common = " mb_name = '{$posts['mb_name']}',
mb_9 = '{$posts['mb_9']}',
mb_10 = '{$posts['mb_10']}' ";
if ($w == '')
{
if ($w == '') {
$mb = get_member($mb_id);
if (isset($mb['mb_id']) && $mb['mb_id'])
alert('이미 존재하는 회원아이디입니다.\\n : '.$mb['mb_id'].'\\n이름 : '.$mb['mb_name'].'\\n닉네임 : '.$mb['mb_nick'].'\\n메일 : '.$mb['mb_email']);
if (isset($mb['mb_id']) && $mb['mb_id']) {
alert('이미 존재하는 회원아이디입니다.\\n : ' . $mb['mb_id'] . '\\n이름 : ' . $mb['mb_name'] . '\\n닉네임 : ' . $mb['mb_nick'] . '\\n메일 : ' . $mb['mb_email']);
}
// 닉네임중복체크
$sql = " select mb_id, mb_name, mb_nick, mb_email from {$g5['member_table']} where mb_nick = '{$mb_nick}' ";
$row = sql_fetch($sql);
if (isset($row['mb_id']) && $row['mb_id'])
alert('이미 존재하는 닉네임입니다.\\n : '.$row['mb_id'].'\\n이름 : '.$row['mb_name'].'\\n닉네임 : '.$row['mb_nick'].'\\n메일 : '.$row['mb_email']);
if (isset($row['mb_id']) && $row['mb_id']) {
alert('이미 존재하는 닉네임입니다.\\n : ' . $row['mb_id'] . '\\n이름 : ' . $row['mb_name'] . '\\n닉네임 : ' . $row['mb_nick'] . '\\n메일 : ' . $row['mb_email']);
}
// 이메일중복체크
$sql = " select mb_id, mb_name, mb_nick, mb_email from {$g5['member_table']} where mb_email = '{$mb_email}' ";
$row = sql_fetch($sql);
if (isset($row['mb_id']) && $row['mb_id'])
alert('이미 존재하는 이메일입니다.\\n : '.$row['mb_id'].'\\n이름 : '.$row['mb_name'].'\\n닉네임 : '.$row['mb_nick'].'\\n메일 : '.$row['mb_email']);
if (isset($row['mb_id']) && $row['mb_id']) {
alert('이미 존재하는 이메일입니다.\\n : ' . $row['mb_id'] . '\\n이름 : ' . $row['mb_name'] . '\\n닉네임 : ' . $row['mb_nick'] . '\\n메일 : ' . $row['mb_email']);
}
sql_query(" insert into {$g5['member_table']} set mb_id = '{$mb_id}', mb_password = '".get_encrypt_string($mb_password)."', mb_datetime = '".G5_TIME_YMDHIS."', mb_ip = '{$_SERVER['REMOTE_ADDR']}', mb_email_certify = '".G5_TIME_YMDHIS."', {$sql_common} ");
}
else if ($w == 'u')
{
sql_query(" insert into {$g5['member_table']} set mb_id = '{$mb_id}', mb_password = '" . get_encrypt_string($mb_password) . "', mb_datetime = '" . G5_TIME_YMDHIS . "', mb_ip = '{$_SERVER['REMOTE_ADDR']}', mb_email_certify = '" . G5_TIME_YMDHIS . "', {$sql_common} ");
} elseif ($w == 'u') {
$mb = get_member($mb_id);
if (! (isset($mb['mb_id']) && $mb['mb_id']))
if (!(isset($mb['mb_id']) && $mb['mb_id'])) {
alert('존재하지 않는 회원자료입니다.');
}
if ($is_admin != 'super' && $mb['mb_level'] >= $member['mb_level'])
if ($is_admin != 'super' && $mb['mb_level'] >= $member['mb_level']) {
alert('자신보다 권한이 높거나 같은 회원은 수정할 수 없습니다.');
}
if ($is_admin !== 'super' && is_admin($mb['mb_id']) === 'super' ) {
if ($is_admin !== 'super' && is_admin($mb['mb_id']) === 'super') {
alert('최고관리자의 비밀번호를 수정할수 없습니다.');
}
if ($mb_id === $member['mb_id'] && $_POST['mb_level'] != $mb['mb_level'])
alert($mb['mb_id'].' : 로그인 중인 관리자 레벨은 수정 할 수 없습니다.');
if ($mb_id === $member['mb_id'] && $_POST['mb_level'] != $mb['mb_level']) {
alert($mb['mb_id'] . ' : 로그인 중인 관리자 레벨은 수정 할 수 없습니다.');
}
// 닉네임중복체크
$sql = " select mb_id, mb_name, mb_nick, mb_email from {$g5['member_table']} where mb_nick = '{$mb_nick}' and mb_id <> '$mb_id' ";
$row = sql_fetch($sql);
if (isset($row['mb_id']) && $row['mb_id'])
alert('이미 존재하는 닉네임입니다.\\n : '.$row['mb_id'].'\\n이름 : '.$row['mb_name'].'\\n닉네임 : '.$row['mb_nick'].'\\n메일 : '.$row['mb_email']);
if (isset($row['mb_id']) && $row['mb_id']) {
alert('이미 존재하는 닉네임입니다.\\n : ' . $row['mb_id'] . '\\n이름 : ' . $row['mb_name'] . '\\n닉네임 : ' . $row['mb_nick'] . '\\n메일 : ' . $row['mb_email']);
}
// 이메일중복체크
$sql = " select mb_id, mb_name, mb_nick, mb_email from {$g5['member_table']} where mb_email = '{$mb_email}' and mb_id <> '$mb_id' ";
$row = sql_fetch($sql);
if (isset($row['mb_id']) && $row['mb_id'])
alert('이미 존재하는 이메일입니다.\\n : '.$row['mb_id'].'\\n이름 : '.$row['mb_name'].'\\n닉네임 : '.$row['mb_nick'].'\\n메일 : '.$row['mb_email']);
if (isset($row['mb_id']) && $row['mb_id']) {
alert('이미 존재하는 이메일입니다.\\n : ' . $row['mb_id'] . '\\n이름 : ' . $row['mb_name'] . '\\n닉네임 : ' . $row['mb_nick'] . '\\n메일 : ' . $row['mb_email']);
}
if ($mb_password)
$sql_password = " , mb_password = '".get_encrypt_string($mb_password)."' ";
else
if ($mb_password) {
$sql_password = " , mb_password = '" . get_encrypt_string($mb_password) . "' ";
} else {
$sql_password = "";
}
if (isset($passive_certify) && $passive_certify)
$sql_certify = " , mb_email_certify = '".G5_TIME_YMDHIS."' ";
else
if (isset($passive_certify) && $passive_certify) {
$sql_certify = " , mb_email_certify = '" . G5_TIME_YMDHIS . "' ";
} else {
$sql_certify = "";
}
$sql = " update {$g5['member_table']}
set {$sql_common}
@ -168,18 +193,18 @@ else if ($w == 'u')
{$sql_certify}
where mb_id = '{$mb_id}' ";
sql_query($sql);
}
else
} else {
alert('제대로 된 값이 넘어오지 않았습니다.');
}
if( $w == '' || $w == 'u' ){
$mb_dir = substr($mb_id,0,2);
$mb_icon_img = get_mb_icon_name($mb_id).'.gif';
if ($w == '' || $w == 'u') {
$mb_dir = substr($mb_id, 0, 2);
$mb_icon_img = get_mb_icon_name($mb_id) . '.gif';
// 회원 아이콘 삭제
if (isset($del_mb_icon) && $del_mb_icon)
@unlink(G5_DATA_PATH.'/member/'.$mb_dir.'/'.$mb_icon_img);
if (isset($del_mb_icon) && $del_mb_icon) {
@unlink(G5_DATA_PATH . '/member/' . $mb_dir . '/' . $mb_icon_img);
}
$image_regex = "/(\.(gif|jpe?g|png))$/i";
@ -190,77 +215,82 @@ if( $w == '' || $w == 'u' ){
}
if (preg_match($image_regex, $_FILES['mb_icon']['name'])) {
$mb_icon_dir = G5_DATA_PATH.'/member/'.$mb_dir;
$mb_icon_dir = G5_DATA_PATH . '/member/' . $mb_dir;
@mkdir($mb_icon_dir, G5_DIR_PERMISSION);
@chmod($mb_icon_dir, G5_DIR_PERMISSION);
$dest_path = $mb_icon_dir.'/'.$mb_icon_img;
$dest_path = $mb_icon_dir . '/' . $mb_icon_img;
move_uploaded_file($_FILES['mb_icon']['tmp_name'], $dest_path);
chmod($dest_path, G5_FILE_PERMISSION);
if (file_exists($dest_path)) {
$size = @getimagesize($dest_path);
if ($size[0] > $config['cf_member_icon_width'] || $size[1] > $config['cf_member_icon_height']) {
$thumb = null;
if($size[2] === 2 || $size[2] === 3) {
//jpg 또는 png 파일 적용
$thumb = thumbnail($mb_icon_img, $mb_icon_dir, $mb_icon_dir, $config['cf_member_icon_width'], $config['cf_member_icon_height'], true, true);
if($thumb) {
@unlink($dest_path);
rename($mb_icon_dir.'/'.$thumb, $dest_path);
if ($size) {
if ($size[0] > $config['cf_member_icon_width'] || $size[1] > $config['cf_member_icon_height']) {
$thumb = null;
if ($size[2] === 2 || $size[2] === 3) {
//jpg 또는 png 파일 적용
$thumb = thumbnail($mb_icon_img, $mb_icon_dir, $mb_icon_dir, $config['cf_member_icon_width'], $config['cf_member_icon_height'], true, true);
if ($thumb) {
@unlink($dest_path);
rename($mb_icon_dir . '/' . $thumb, $dest_path);
}
}
if (!$thumb) {
// 아이콘의 폭 또는 높이가 설정값 보다 크다면 이미 업로드 된 아이콘 삭제
@unlink($dest_path);
}
}
if( !$thumb ){
// 아이콘의 폭 또는 높이가 설정값 보다 크다면 이미 업로드 된 아이콘 삭제
@unlink($dest_path);
}
}
}
}
}
$mb_img_dir = G5_DATA_PATH.'/member_image/';
if( !is_dir($mb_img_dir) ){
$mb_img_dir = G5_DATA_PATH . '/member_image/';
if (!is_dir($mb_img_dir)) {
@mkdir($mb_img_dir, G5_DIR_PERMISSION);
@chmod($mb_img_dir, G5_DIR_PERMISSION);
}
$mb_img_dir .= substr($mb_id,0,2);
$mb_img_dir .= substr($mb_id, 0, 2);
// 회원 이미지 삭제
if (isset($del_mb_img) && $del_mb_img)
@unlink($mb_img_dir.'/'.$mb_icon_img);
if (isset($del_mb_img) && $del_mb_img) {
@unlink($mb_img_dir . '/' . $mb_icon_img);
}
// 아이콘 업로드
if (isset($_FILES['mb_img']) && is_uploaded_file($_FILES['mb_img']['tmp_name'])) {
if (!preg_match($image_regex, $_FILES['mb_img']['name'])) {
alert($_FILES['mb_img']['name'] . '은(는) 이미지 파일이 아닙니다.');
}
if (preg_match($image_regex, $_FILES['mb_img']['name'])) {
@mkdir($mb_img_dir, G5_DIR_PERMISSION);
@chmod($mb_img_dir, G5_DIR_PERMISSION);
$dest_path = $mb_img_dir.'/'.$mb_icon_img;
$dest_path = $mb_img_dir . '/' . $mb_icon_img;
move_uploaded_file($_FILES['mb_img']['tmp_name'], $dest_path);
chmod($dest_path, G5_FILE_PERMISSION);
if (file_exists($dest_path)) {
$size = @getimagesize($dest_path);
if ($size[0] > $config['cf_member_img_width'] || $size[1] > $config['cf_member_img_height']) {
$thumb = null;
if($size[2] === 2 || $size[2] === 3) {
//jpg 또는 png 파일 적용
$thumb = thumbnail($mb_icon_img, $mb_img_dir, $mb_img_dir, $config['cf_member_img_width'], $config['cf_member_img_height'], true, true);
if($thumb) {
@unlink($dest_path);
rename($mb_img_dir.'/'.$thumb, $dest_path);
if ($size) {
if ($size[0] > $config['cf_member_img_width'] || $size[1] > $config['cf_member_img_height']) {
$thumb = null;
if ($size[2] === 2 || $size[2] === 3) {
//jpg 또는 png 파일 적용
$thumb = thumbnail($mb_icon_img, $mb_img_dir, $mb_img_dir, $config['cf_member_img_width'], $config['cf_member_img_height'], true, true);
if ($thumb) {
@unlink($dest_path);
rename($mb_img_dir . '/' . $thumb, $dest_path);
}
}
if (!$thumb) {
// 아이콘의 폭 또는 높이가 설정값 보다 크다면 이미 업로드 된 아이콘 삭제
@unlink($dest_path);
}
}
if( !$thumb ){
// 아이콘의 폭 또는 높이가 설정값 보다 크다면 이미 업로드 된 아이콘 삭제
@unlink($dest_path);
}
}
}
@ -268,6 +298,10 @@ if( $w == '' || $w == 'u' ){
}
}
if (function_exists('get_admin_captcha_by')) {
get_admin_captcha_by('remove');
}
run_event('admin_member_form_update', $w, $mb_id);
goto_url('./member_form.php?'.$qstr.'&amp;w=u&amp;mb_id='.$mb_id, false);
goto_url('./member_form.php?' . $qstr . '&amp;w=u&amp;mb_id=' . $mb_id, false);

498
adm/member_list.php
View File

@ -1,6 +1,6 @@
<?php
$sub_menu = "200100";
include_once('./_common.php');
require_once './_common.php';
auth_check_menu($auth, $sub_menu, 'r');
@ -10,25 +10,26 @@ $sql_search = " where (1) ";
if ($stx) {
$sql_search .= " and ( ";
switch ($sfl) {
case 'mb_point' :
case 'mb_point':
$sql_search .= " ({$sfl} >= '{$stx}') ";
break;
case 'mb_level' :
case 'mb_level':
$sql_search .= " ({$sfl} = '{$stx}') ";
break;
case 'mb_tel' :
case 'mb_hp' :
case 'mb_tel':
case 'mb_hp':
$sql_search .= " ({$sfl} like '%{$stx}') ";
break;
default :
default:
$sql_search .= " ({$sfl} like '{$stx}%') ";
break;
}
$sql_search .= " ) ";
}
if ($is_admin != 'super')
if ($is_admin != 'super') {
$sql_search .= " and mb_level <= '{$member['mb_level']}' ";
}
if (!$sst) {
$sst = "mb_datetime";
@ -43,7 +44,9 @@ $total_count = $row['cnt'];
$rows = $config['cf_page_rows'];
$total_page = ceil($total_count / $rows); // 전체 페이지 계산
if ($page < 1) $page = 1; // 페이지가 없으면 첫 페이지 (1 페이지)
if ($page < 1) {
$page = 1; // 페이지가 없으면 첫 페이지 (1 페이지)
}
$from_record = ($page - 1) * $rows; // 시작 열을 구함
// 탈퇴회원수
@ -56,10 +59,10 @@ $sql = " select count(*) as cnt {$sql_common} {$sql_search} and mb_intercept_dat
$row = sql_fetch($sql);
$intercept_count = $row['cnt'];
$listall = '<a href="'.$_SERVER['SCRIPT_NAME'].'" class="ov_listall">전체목록</a>';
$listall = '<a href="' . $_SERVER['SCRIPT_NAME'] . '" class="ov_listall">전체목록</a>';
$g5['title'] = '회원관리';
include_once('./admin.head.php');
require_once './admin.head.php';
$sql = " select * {$sql_common} {$sql_search} {$sql_order} limit {$from_record}, {$rows} ";
$result = sql_query($sql);
@ -71,28 +74,28 @@ $colspan = 16;
<?php echo $listall ?>
<span class="btn_ov01"><span class="ov_txt">총회원수 </span><span class="ov_num"> <?php echo number_format($total_count) ?>명 </span></span>
<a href="?sst=mb_intercept_date&amp;sod=desc&amp;sfl=<?php echo $sfl ?>&amp;stx=<?php echo $stx ?>" class="btn_ov01" data-tooltip-text="차단된 순으로 정렬합니다.&#xa;전체 데이터를 출력합니다."> <span class="ov_txt">차단 </span><span class="ov_num"><?php echo number_format($intercept_count) ?>명</span></a>
<a href="?sst=mb_leave_date&amp;sod=desc&amp;sfl=<?php echo $sfl ?>&amp;stx=<?php echo $stx ?>" class="btn_ov01" data-tooltip-text="탈퇴된 순으로 정렬합니다.&#xa;전체 데이터를 출력합니다."> <span class="ov_txt">탈퇴 </span><span class="ov_num"><?php echo number_format($leave_count) ?>명</span></a>
<a href="?sst=mb_leave_date&amp;sod=desc&amp;sfl=<?php echo $sfl ?>&amp;stx=<?php echo $stx ?>" class="btn_ov01" data-tooltip-text="탈퇴된 순으로 정렬합니다.&#xa;전체 데이터를 출력합니다."> <span class="ov_txt">탈퇴 </span><span class="ov_num"><?php echo number_format($leave_count) ?>명</span></a>
</div>
<form id="fsearch" name="fsearch" class="local_sch01 local_sch" method="get">
<label for="sfl" class="sound_only">검색대상</label>
<select name="sfl" id="sfl">
<option value="mb_id"<?php echo get_selected($sfl, "mb_id"); ?>>회원아이디</option>
<option value="mb_nick"<?php echo get_selected($sfl, "mb_nick"); ?>>닉네임</option>
<option value="mb_name"<?php echo get_selected($sfl, "mb_name"); ?>>이름</option>
<option value="mb_level"<?php echo get_selected($sfl, "mb_level"); ?>>권한</option>
<option value="mb_email"<?php echo get_selected($sfl, "mb_email"); ?>>E-MAIL</option>
<option value="mb_tel"<?php echo get_selected($sfl, "mb_tel"); ?>>전화번호</option>
<option value="mb_hp"<?php echo get_selected($sfl, "mb_hp"); ?>>휴대폰번호</option>
<option value="mb_point"<?php echo get_selected($sfl, "mb_point"); ?>>포인트</option>
<option value="mb_datetime"<?php echo get_selected($sfl, "mb_datetime"); ?>>가입일시</option>
<option value="mb_ip"<?php echo get_selected($sfl, "mb_ip"); ?>>IP</option>
<option value="mb_recommend"<?php echo get_selected($sfl, "mb_recommend"); ?>>추천인</option>
</select>
<label for="stx" class="sound_only">검색어<strong class="sound_only"> 필수</strong></label>
<input type="text" name="stx" value="<?php echo $stx ?>" id="stx" required class="required frm_input">
<input type="submit" class="btn_submit" value="검색">
<label for="sfl" class="sound_only">검색대상</label>
<select name="sfl" id="sfl">
<option value="mb_id" <?php echo get_selected($sfl, "mb_id"); ?>>회원아이디</option>
<option value="mb_nick" <?php echo get_selected($sfl, "mb_nick"); ?>>닉네임</option>
<option value="mb_name" <?php echo get_selected($sfl, "mb_name"); ?>>이름</option>
<option value="mb_level" <?php echo get_selected($sfl, "mb_level"); ?>>권한</option>
<option value="mb_email" <?php echo get_selected($sfl, "mb_email"); ?>>E-MAIL</option>
<option value="mb_tel" <?php echo get_selected($sfl, "mb_tel"); ?>>전화번호</option>
<option value="mb_hp" <?php echo get_selected($sfl, "mb_hp"); ?>>휴대폰번호</option>
<option value="mb_point" <?php echo get_selected($sfl, "mb_point"); ?>>포인트</option>
<option value="mb_datetime" <?php echo get_selected($sfl, "mb_datetime"); ?>>가입일시</option>
<option value="mb_ip" <?php echo get_selected($sfl, "mb_ip"); ?>>IP</option>
<option value="mb_recommend" <?php echo get_selected($sfl, "mb_recommend"); ?>>추천인</option>
</select>
<label for="stx" class="sound_only">검색어<strong class="sound_only"> 필수</strong></label>
<input type="text" name="stx" value="<?php echo $stx ?>" id="stx" required class="required frm_input">
<input type="submit" class="btn_submit" value="검색">
</form>
@ -104,236 +107,243 @@ $colspan = 16;
<form name="fmemberlist" id="fmemberlist" action="./member_list_update.php" onsubmit="return fmemberlist_submit(this);" method="post">
<input type="hidden" name="sst" value="<?php echo $sst ?>">
<input type="hidden" name="sod" value="<?php echo $sod ?>">
<input type="hidden" name="sfl" value="<?php echo $sfl ?>">
<input type="hidden" name="stx" value="<?php echo $stx ?>">
<input type="hidden" name="page" value="<?php echo $page ?>">
<input type="hidden" name="token" value="">
<input type="hidden" name="sst" value="<?php echo $sst ?>">
<input type="hidden" name="sod" value="<?php echo $sod ?>">
<input type="hidden" name="sfl" value="<?php echo $sfl ?>">
<input type="hidden" name="stx" value="<?php echo $stx ?>">
<input type="hidden" name="page" value="<?php echo $page ?>">
<input type="hidden" name="token" value="">
<div class="tbl_head01 tbl_wrap">
<table>
<caption><?php echo $g5['title']; ?> 목록</caption>
<thead>
<tr>
<th scope="col" id="mb_list_chk" rowspan="2" >
<label for="chkall" class="sound_only">회원 전체</label>
<input type="checkbox" name="chkall" value="1" id="chkall" onclick="check_all(this.form)">
</th>
<th scope="col" id="mb_list_id" colspan="2"><?php echo subject_sort_link('mb_id') ?>아이디</a></th>
<th scope="col" rowspan="2" id="mb_list_cert"><?php echo subject_sort_link('mb_certify', '', 'desc') ?>본인확인</a></th>
<th scope="col" id="mb_list_mailc"><?php echo subject_sort_link('mb_email_certify', '', 'desc') ?>메일인증</a></th>
<th scope="col" id="mb_list_open"><?php echo subject_sort_link('mb_open', '', 'desc') ?>정보공개</a></th>
<th scope="col" id="mb_list_mailr"><?php echo subject_sort_link('mb_mailling', '', 'desc') ?>메일수신</a></th>
<th scope="col" id="mb_list_auth">상태</th>
<th scope="col" id="mb_list_mobile">휴대폰</th>
<th scope="col" id="mb_list_lastcall"><?php echo subject_sort_link('mb_today_login', '', 'desc') ?>최종접속</a></th>
<th scope="col" id="mb_list_grp">접근그룹</th>
<th scope="col" rowspan="2" id="mb_list_mng">관리</th>
</tr>
<tr>
<th scope="col" id="mb_list_name"><?php echo subject_sort_link('mb_name') ?>이름</a></th>
<th scope="col" id="mb_list_nick"><?php echo subject_sort_link('mb_nick') ?>닉네임</a></th>
<th scope="col" id="mb_list_sms"><?php echo subject_sort_link('mb_sms', '', 'desc') ?>SMS수신</a></th>
<th scope="col" id="mb_list_adultc"><?php echo subject_sort_link('mb_adult', '', 'desc') ?>성인인증</a></th>
<th scope="col" id="mb_list_auth"><?php echo subject_sort_link('mb_intercept_date', '', 'desc') ?>접근차단</a></th>
<th scope="col" id="mb_list_deny"><?php echo subject_sort_link('mb_level', '', 'desc') ?>권한</a></th>
<th scope="col" id="mb_list_tel">전화번호</th>
<th scope="col" id="mb_list_join"><?php echo subject_sort_link('mb_datetime', '', 'desc') ?>가입일</a></th>
<th scope="col" id="mb_list_point"><?php echo subject_sort_link('mb_point', '', 'desc') ?> 포인트</a></th>
</tr>
</thead>
<tbody>
<?php
for ($i=0; $row=sql_fetch_array($result); $i++) {
// 접근가능한 그룹수
$sql2 = " select count(*) as cnt from {$g5['group_member_table']} where mb_id = '{$row['mb_id']}' ";
$row2 = sql_fetch($sql2);
$group = '';
if ($row2['cnt'])
$group = '<a href="./boardgroupmember_form.php?mb_id='.$row['mb_id'].'">'.$row2['cnt'].'</a>';
if ($is_admin == 'group') {
$s_mod = '';
} else {
$s_mod = '<a href="./member_form.php?'.$qstr.'&amp;w=u&amp;mb_id='.$row['mb_id'].'" class="btn btn_03">수정</a>';
}
$s_grp = '<a href="./boardgroupmember_form.php?mb_id='.$row['mb_id'].'" class="btn btn_02">그룹</a>';
$leave_date = $row['mb_leave_date'] ? $row['mb_leave_date'] : date('Ymd', G5_SERVER_TIME);
$intercept_date = $row['mb_intercept_date'] ? $row['mb_intercept_date'] : date('Ymd', G5_SERVER_TIME);
$mb_nick = get_sideview($row['mb_id'], get_text($row['mb_nick']), $row['mb_email'], $row['mb_homepage']);
$mb_id = $row['mb_id'];
$leave_msg = '';
$intercept_msg = '';
$intercept_title = '';
if ($row['mb_leave_date']) {
$mb_id = $mb_id;
$leave_msg = '<span class="mb_leave_msg">탈퇴함</span>';
}
else if ($row['mb_intercept_date']) {
$mb_id = $mb_id;
$intercept_msg = '<span class="mb_intercept_msg">차단됨</span>';
$intercept_title = '차단해제';
}
if ($intercept_title == '')
$intercept_title = '차단하기';
$address = $row['mb_zip1'] ? print_address($row['mb_addr1'], $row['mb_addr2'], $row['mb_addr3'], $row['mb_addr_jibeon']) : '';
$bg = 'bg'.($i%2);
switch($row['mb_certify']) {
case 'hp':
$mb_certify_case = '휴대폰';
$mb_certify_val = 'hp';
break;
case 'ipin':
$mb_certify_case = '아이핀';
$mb_certify_val = '';
break;
case 'simple':
$mb_certify_case = '간편인증';
$mb_certify_val = '';
break;
case 'admin':
$mb_certify_case = '관리자';
$mb_certify_val = 'admin';
break;
default:
$mb_certify_case = '&nbsp;';
$mb_certify_val = 'admin';
break;
}
?>
<tr class="<?php echo $bg; ?>">
<td headers="mb_list_chk" class="td_chk" rowspan="2">
<input type="hidden" name="mb_id[<?php echo $i ?>]" value="<?php echo $row['mb_id'] ?>" id="mb_id_<?php echo $i ?>">
<label for="chk_<?php echo $i; ?>" class="sound_only"><?php echo get_text($row['mb_name']); ?> <?php echo get_text($row['mb_nick']); ?>님</label>
<input type="checkbox" name="chk[]" value="<?php echo $i ?>" id="chk_<?php echo $i ?>">
</td>
<td headers="mb_list_id" colspan="2" class="td_name sv_use">
<?php echo $mb_id ?>
<?php
//소셜계정이 있다면
if(function_exists('social_login_link_account')){
if( $my_social_accounts = social_login_link_account($row['mb_id'], false, 'get_data') ){
echo '<div class="member_social_provider sns-wrap-over sns-wrap-32">';
foreach( (array) $my_social_accounts as $account){ //반복문
if( empty($account) || empty($account['provider']) ) continue;
$provider = strtolower($account['provider']);
$provider_name = social_get_provider_service_name($provider);
echo '<span class="sns-icon sns-'.$provider.'" title="'.$provider_name.'">';
echo '<span class="ico"></span>';
echo '<span class="txt">'.$provider_name.'</span>';
echo '</span>';
<div class="tbl_head01 tbl_wrap">
<table>
<caption><?php echo $g5['title']; ?> 목록</caption>
<thead>
<tr>
<th scope="col" id="mb_list_chk" rowspan="2">
<label for="chkall" class="sound_only">회원 전체</label>
<input type="checkbox" name="chkall" value="1" id="chkall" onclick="check_all(this.form)">
</th>
<th scope="col" id="mb_list_id" colspan="2"><?php echo subject_sort_link('mb_id') ?>아이디</a></th>
<th scope="col" rowspan="2" id="mb_list_cert"><?php echo subject_sort_link('mb_certify', '', 'desc') ?>본인확인</a></th>
<th scope="col" id="mb_list_mailc"><?php echo subject_sort_link('mb_email_certify', '', 'desc') ?>메일인증</a></th>
<th scope="col" id="mb_list_open"><?php echo subject_sort_link('mb_open', '', 'desc') ?>정보공개</a></th>
<th scope="col" id="mb_list_mailr"><?php echo subject_sort_link('mb_mailling', '', 'desc') ?>메일수신</a></th>
<th scope="col" id="mb_list_auth">상태</th>
<th scope="col" id="mb_list_mobile">휴대폰</th>
<th scope="col" id="mb_list_lastcall"><?php echo subject_sort_link('mb_today_login', '', 'desc') ?>최종접속</a></th>
<th scope="col" id="mb_list_grp">접근그룹</th>
<th scope="col" rowspan="2" id="mb_list_mng">관리</th>
</tr>
<tr>
<th scope="col" id="mb_list_name"><?php echo subject_sort_link('mb_name') ?>이름</a></th>
<th scope="col" id="mb_list_nick"><?php echo subject_sort_link('mb_nick') ?>닉네임</a></th>
<th scope="col" id="mb_list_sms"><?php echo subject_sort_link('mb_sms', '', 'desc') ?>SMS수신</a></th>
<th scope="col" id="mb_list_adultc"><?php echo subject_sort_link('mb_adult', '', 'desc') ?>성인인증</a></th>
<th scope="col" id="mb_list_auth"><?php echo subject_sort_link('mb_intercept_date', '', 'desc') ?>접근차단</a></th>
<th scope="col" id="mb_list_deny"><?php echo subject_sort_link('mb_level', '', 'desc') ?>권한</a></th>
<th scope="col" id="mb_list_tel">전화번호</th>
<th scope="col" id="mb_list_join"><?php echo subject_sort_link('mb_datetime', '', 'desc') ?>가입일</a></th>
<th scope="col" id="mb_list_point"><?php echo subject_sort_link('mb_point', '', 'desc') ?> 포인트</a></th>
</tr>
</thead>
<tbody>
<?php
for ($i = 0; $row = sql_fetch_array($result); $i++) {
// 접근가능한 그룹수
$sql2 = " select count(*) as cnt from {$g5['group_member_table']} where mb_id = '{$row['mb_id']}' ";
$row2 = sql_fetch($sql2);
$group = '';
if ($row2['cnt']) {
$group = '<a href="./boardgroupmember_form.php?mb_id=' . $row['mb_id'] . '">' . $row2['cnt'] . '</a>';
}
echo '</div>';
if ($is_admin == 'group') {
$s_mod = '';
} else {
$s_mod = '<a href="./member_form.php?' . $qstr . '&amp;w=u&amp;mb_id=' . $row['mb_id'] . '" class="btn btn_03">수정</a>';
}
$s_grp = '<a href="./boardgroupmember_form.php?mb_id=' . $row['mb_id'] . '" class="btn btn_02">그룹</a>';
$leave_date = $row['mb_leave_date'] ? $row['mb_leave_date'] : date('Ymd', G5_SERVER_TIME);
$intercept_date = $row['mb_intercept_date'] ? $row['mb_intercept_date'] : date('Ymd', G5_SERVER_TIME);
$mb_nick = get_sideview($row['mb_id'], get_text($row['mb_nick']), $row['mb_email'], $row['mb_homepage']);
$mb_id = $row['mb_id'];
$leave_msg = '';
$intercept_msg = '';
$intercept_title = '';
if ($row['mb_leave_date']) {
$mb_id = $mb_id;
$leave_msg = '<span class="mb_leave_msg">탈퇴함</span>';
} elseif ($row['mb_intercept_date']) {
$mb_id = $mb_id;
$intercept_msg = '<span class="mb_intercept_msg">차단됨</span>';
$intercept_title = '차단해제';
}
if ($intercept_title == '') {
$intercept_title = '차단하기';
}
$address = $row['mb_zip1'] ? print_address($row['mb_addr1'], $row['mb_addr2'], $row['mb_addr3'], $row['mb_addr_jibeon']) : '';
$bg = 'bg' . ($i % 2);
switch ($row['mb_certify']) {
case 'hp':
$mb_certify_case = '휴대폰';
$mb_certify_val = 'hp';
break;
case 'ipin':
$mb_certify_case = '아이핀';
$mb_certify_val = '';
break;
case 'simple':
$mb_certify_case = '간편인증';
$mb_certify_val = '';
break;
case 'admin':
$mb_certify_case = '관리자';
$mb_certify_val = 'admin';
break;
default:
$mb_certify_case = '&nbsp;';
$mb_certify_val = 'admin';
break;
}
?>
<tr class="<?php echo $bg; ?>">
<td headers="mb_list_chk" class="td_chk" rowspan="2">
<input type="hidden" name="mb_id[<?php echo $i ?>]" value="<?php echo $row['mb_id'] ?>" id="mb_id_<?php echo $i ?>">
<label for="chk_<?php echo $i; ?>" class="sound_only"><?php echo get_text($row['mb_name']); ?> <?php echo get_text($row['mb_nick']); ?>님</label>
<input type="checkbox" name="chk[]" value="<?php echo $i ?>" id="chk_<?php echo $i ?>">
</td>
<td headers="mb_list_id" colspan="2" class="td_name sv_use">
<?php echo $mb_id ?>
<?php
//소셜계정이 있다면
if (function_exists('social_login_link_account')) {
if ($my_social_accounts = social_login_link_account($row['mb_id'], false, 'get_data')) {
echo '<div class="member_social_provider sns-wrap-over sns-wrap-32">';
foreach ((array) $my_social_accounts as $account) { //반복문
if (empty($account) || empty($account['provider'])) {
continue;
}
$provider = strtolower($account['provider']);
$provider_name = social_get_provider_service_name($provider);
echo '<span class="sns-icon sns-' . $provider . '" title="' . $provider_name . '">';
echo '<span class="ico"></span>';
echo '<span class="txt">' . $provider_name . '</span>';
echo '</span>';
}
echo '</div>';
}
}
?>
</td>
<td headers="mb_list_cert" rowspan="2" class="td_mbcert">
<input type="radio" name="mb_certify[<?php echo $i; ?>]" value="simple" id="mb_certify_sa_<?php echo $i; ?>" <?php echo $row['mb_certify'] == 'simple' ? 'checked' : ''; ?>>
<label for="mb_certify_sa_<?php echo $i; ?>">간편인증</label><br>
<input type="radio" name="mb_certify[<?php echo $i; ?>]" value="hp" id="mb_certify_hp_<?php echo $i; ?>" <?php echo $row['mb_certify'] == 'hp' ? 'checked' : ''; ?>>
<label for="mb_certify_hp_<?php echo $i; ?>">휴대폰</label><br>
<input type="radio" name="mb_certify[<?php echo $i; ?>]" value="ipin" id="mb_certify_ipin_<?php echo $i; ?>" <?php echo $row['mb_certify'] == 'ipin' ? 'checked' : ''; ?>>
<label for="mb_certify_ipin_<?php echo $i; ?>">아이핀</label>
</td>
<td headers="mb_list_mailc"><?php echo preg_match('/[1-9]/', $row['mb_email_certify']) ? '<span class="txt_true">Yes</span>' : '<span class="txt_false">No</span>'; ?></td>
<td headers="mb_list_open">
<label for="mb_open_<?php echo $i; ?>" class="sound_only">정보공개</label>
<input type="checkbox" name="mb_open[<?php echo $i; ?>]" <?php echo $row['mb_open'] ? 'checked' : ''; ?> value="1" id="mb_open_<?php echo $i; ?>">
</td>
<td headers="mb_list_mailr">
<label for="mb_mailling_<?php echo $i; ?>" class="sound_only">메일수신</label>
<input type="checkbox" name="mb_mailling[<?php echo $i; ?>]" <?php echo $row['mb_mailling'] ? 'checked' : ''; ?> value="1" id="mb_mailling_<?php echo $i; ?>">
</td>
<td headers="mb_list_auth" class="td_mbstat">
<?php
if ($leave_msg || $intercept_msg) {
echo $leave_msg . ' ' . $intercept_msg;
} else {
echo "정상";
}
?>
</td>
<td headers="mb_list_mobile" class="td_tel"><?php echo get_text($row['mb_hp']); ?></td>
<td headers="mb_list_lastcall" class="td_date"><?php echo substr($row['mb_today_login'], 2, 8); ?></td>
<td headers="mb_list_grp" class="td_numsmall"><?php echo $group ?></td>
<td headers="mb_list_mng" rowspan="2" class="td_mng td_mng_s"><?php echo $s_mod ?><?php echo $s_grp ?></td>
</tr>
<tr class="<?php echo $bg; ?>">
<td headers="mb_list_name" class="td_mbname"><?php echo get_text($row['mb_name']); ?></td>
<td headers="mb_list_nick" class="td_name sv_use">
<div><?php echo $mb_nick ?></div>
</td>
<td headers="mb_list_sms">
<label for="mb_sms_<?php echo $i; ?>" class="sound_only">SMS수신</label>
<input type="checkbox" name="mb_sms[<?php echo $i; ?>]" <?php echo $row['mb_sms'] ? 'checked' : ''; ?> value="1" id="mb_sms_<?php echo $i; ?>">
</td>
<td headers="mb_list_adultc">
<label for="mb_adult_<?php echo $i; ?>" class="sound_only">성인인증</label>
<input type="checkbox" name="mb_adult[<?php echo $i; ?>]" <?php echo $row['mb_adult'] ? 'checked' : ''; ?> value="1" id="mb_adult_<?php echo $i; ?>">
</td>
<td headers="mb_list_deny">
<?php if (empty($row['mb_leave_date'])) { ?>
<input type="checkbox" name="mb_intercept_date[<?php echo $i; ?>]" <?php echo $row['mb_intercept_date'] ? 'checked' : ''; ?> value="<?php echo $intercept_date ?>" id="mb_intercept_date_<?php echo $i ?>" title="<?php echo $intercept_title ?>">
<label for="mb_intercept_date_<?php echo $i; ?>" class="sound_only">접근차단</label>
<?php } ?>
</td>
<td headers="mb_list_auth" class="td_mbstat">
<?php echo get_member_level_select("mb_level[$i]", 1, $member['mb_level'], $row['mb_level']) ?>
</td>
<td headers="mb_list_tel" class="td_tel"><?php echo get_text($row['mb_tel']); ?></td>
<td headers="mb_list_join" class="td_date"><?php echo substr($row['mb_datetime'], 2, 8); ?></td>
<td headers="mb_list_point" class="td_num"><a href="point_list.php?sfl=mb_id&amp;stx=<?php echo $row['mb_id'] ?>"><?php echo number_format($row['mb_point']) ?></a></td>
</tr>
<?php
}
}
?>
</td>
<td headers="mb_list_cert" rowspan="2" class="td_mbcert">
<input type="radio" name="mb_certify[<?php echo $i; ?>]" value="simple" id="mb_certify_sa_<?php echo $i; ?>" <?php echo $row['mb_certify']=='simple'?'checked':''; ?>>
<label for="mb_certify_sa_<?php echo $i; ?>">간편인증</label><br>
<input type="radio" name="mb_certify[<?php echo $i; ?>]" value="hp" id="mb_certify_hp_<?php echo $i; ?>" <?php echo $row['mb_certify']=='hp'?'checked':''; ?>>
<label for="mb_certify_hp_<?php echo $i; ?>">휴대폰</label><br>
<input type="radio" name="mb_certify[<?php echo $i; ?>]" value="ipin" id="mb_certify_ipin_<?php echo $i; ?>" <?php echo $row['mb_certify']=='ipin'?'checked':''; ?>>
<label for="mb_certify_ipin_<?php echo $i; ?>">아이핀</label>
</td>
<td headers="mb_list_mailc"><?php echo preg_match('/[1-9]/', $row['mb_email_certify'])?'<span class="txt_true">Yes</span>':'<span class="txt_false">No</span>'; ?></td>
<td headers="mb_list_open">
<label for="mb_open_<?php echo $i; ?>" class="sound_only">정보공개</label>
<input type="checkbox" name="mb_open[<?php echo $i; ?>]" <?php echo $row['mb_open']?'checked':''; ?> value="1" id="mb_open_<?php echo $i; ?>">
</td>
<td headers="mb_list_mailr">
<label for="mb_mailling_<?php echo $i; ?>" class="sound_only">메일수신</label>
<input type="checkbox" name="mb_mailling[<?php echo $i; ?>]" <?php echo $row['mb_mailling']?'checked':''; ?> value="1" id="mb_mailling_<?php echo $i; ?>">
</td>
<td headers="mb_list_auth" class="td_mbstat">
<?php
if ($leave_msg || $intercept_msg) echo $leave_msg.' '.$intercept_msg;
else echo "정상";
?>
</td>
<td headers="mb_list_mobile" class="td_tel"><?php echo get_text($row['mb_hp']); ?></td>
<td headers="mb_list_lastcall" class="td_date"><?php echo substr($row['mb_today_login'],2,8); ?></td>
<td headers="mb_list_grp" class="td_numsmall"><?php echo $group ?></td>
<td headers="mb_list_mng" rowspan="2" class="td_mng td_mng_s"><?php echo $s_mod ?><?php echo $s_grp ?></td>
</tr>
<tr class="<?php echo $bg; ?>">
<td headers="mb_list_name" class="td_mbname"><?php echo get_text($row['mb_name']); ?></td>
<td headers="mb_list_nick" class="td_name sv_use"><div><?php echo $mb_nick ?></div></td>
<td headers="mb_list_sms">
<label for="mb_sms_<?php echo $i; ?>" class="sound_only">SMS수신</label>
<input type="checkbox" name="mb_sms[<?php echo $i; ?>]" <?php echo $row['mb_sms']?'checked':''; ?> value="1" id="mb_sms_<?php echo $i; ?>">
</td>
<td headers="mb_list_adultc">
<label for="mb_adult_<?php echo $i; ?>" class="sound_only">성인인증</label>
<input type="checkbox" name="mb_adult[<?php echo $i; ?>]" <?php echo $row['mb_adult']?'checked':''; ?> value="1" id="mb_adult_<?php echo $i; ?>">
</td>
<td headers="mb_list_deny">
<?php if(empty($row['mb_leave_date'])){ ?>
<input type="checkbox" name="mb_intercept_date[<?php echo $i; ?>]" <?php echo $row['mb_intercept_date']?'checked':''; ?> value="<?php echo $intercept_date ?>" id="mb_intercept_date_<?php echo $i ?>" title="<?php echo $intercept_title ?>">
<label for="mb_intercept_date_<?php echo $i; ?>" class="sound_only">접근차단</label>
<?php } ?>
</td>
<td headers="mb_list_auth" class="td_mbstat">
<?php echo get_member_level_select("mb_level[$i]", 1, $member['mb_level'], $row['mb_level']) ?>
</td>
<td headers="mb_list_tel" class="td_tel"><?php echo get_text($row['mb_tel']); ?></td>
<td headers="mb_list_join" class="td_date"><?php echo substr($row['mb_datetime'],2,8); ?></td>
<td headers="mb_list_point" class="td_num"><a href="point_list.php?sfl=mb_id&amp;stx=<?php echo $row['mb_id'] ?>"><?php echo number_format($row['mb_point']) ?></a></td>
if ($i == 0) {
echo "<tr><td colspan=\"" . $colspan . "\" class=\"empty_table\">자료가 없습니다.</td></tr>";
}
?>
</tbody>
</table>
</div>
</tr>
<div class="btn_fixed_top">
<input type="submit" name="act_button" value="선택수정" onclick="document.pressed=this.value" class="btn btn_02">
<input type="submit" name="act_button" value="선택삭제" onclick="document.pressed=this.value" class="btn btn_02">
<?php if ($is_admin == 'super') { ?>
<a href="./member_form.php" id="member_add" class="btn btn_01">회원추가</a>
<?php } ?>
<?php
}
if ($i == 0)
echo "<tr><td colspan=\"".$colspan."\" class=\"empty_table\">자료가 없습니다.</td></tr>";
?>
</tbody>
</table>
</div>
<div class="btn_fixed_top">
<input type="submit" name="act_button" value="선택수정" onclick="document.pressed=this.value" class="btn btn_02">
<input type="submit" name="act_button" value="선택삭제" onclick="document.pressed=this.value" class="btn btn_02">
<?php if ($is_admin == 'super') { ?>
<a href="./member_form.php" id="member_add" class="btn btn_01">회원추가</a>
<?php } ?>
</div>
</div>
</form>
<?php echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, '?'.$qstr.'&amp;page='); ?>
<?php echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, '?' . $qstr . '&amp;page='); ?>
<script>
function fmemberlist_submit(f)
{
if (!is_checked("chk[]")) {
alert(document.pressed+" 하실 항목을 하나 이상 선택하세요.");
return false;
}
if(document.pressed == "선택삭제") {
if(!confirm("선택한 자료를 정말 삭제하시겠습니까?")) {
function fmemberlist_submit(f) {
if (!is_checked("chk[]")) {
alert(document.pressed + " 하실 항목을 하나 이상 선택하세요.");
return false;
}
}
return true;
}
if (document.pressed == "선택삭제") {
if (!confirm("선택한 자료를 정말 삭제하시겠습니까?")) {
return false;
}
}
return true;
}
</script>
<?php
include_once ('./admin.tail.php');
require_once './admin.tail.php';

16
adm/member_list_delete.php
View File

@ -1,6 +1,6 @@
<?php
$sub_menu = "200100";
include_once("./_common.php");
require_once "./_common.php";
check_demo();
@ -9,8 +9,7 @@ auth_check_menu($auth, $sub_menu, "d");
check_admin_token();
$msg = "";
for ($i=0; $i<count($chk); $i++)
{
for ($i = 0; $i < count($chk); $i++) {
// 실제 번호를 넘김
$k = $_POST['chk'][$i];
@ -18,11 +17,11 @@ for ($i=0; $i<count($chk); $i++)
if (!$mb['mb_id']) {
$msg .= "{$mb['mb_id']} : 회원자료가 존재하지 않습니다.\\n";
} else if ($member['mb_id'] == $mb['mb_id']) {
} elseif ($member['mb_id'] == $mb['mb_id']) {
$msg .= "{$mb['mb_id']} : 로그인 중인 관리자는 삭제 할 수 없습니다.\\n";
} else if (is_admin($mb['mb_id']) == "super") {
} elseif (is_admin($mb['mb_id']) == "super") {
$msg .= "{$mb['mb_id']} : 최고 관리자는 삭제할 수 없습니다.\\n";
} else if ($is_admin != "super" && $mb['mb_level'] >= $member['mb_level']) {
} elseif ($is_admin != "super" && $mb['mb_level'] >= $member['mb_level']) {
$msg .= "{$mb['mb_id']} : 자신보다 권한이 높거나 같은 회원은 삭제할 수 없습니다.\\n";
} else {
// 회원자료 삭제
@ -30,7 +29,8 @@ for ($i=0; $i<count($chk); $i++)
}
}
if ($msg)
if ($msg) {
echo "<script type='text/javascript'> alert('$msg'); </script>";
}
goto_url("./member_list.php?$qstr");
goto_url("./member_list.php?$qstr");

69
adm/member_list_update.php
View File

@ -1,11 +1,11 @@
<?php
$sub_menu = "200100";
include_once('./_common.php');
require_once './_common.php';
check_demo();
if (! (isset($_POST['chk']) && is_array($_POST['chk']))) {
alert($_POST['act_button']." 하실 항목을 하나 이상 체크하세요.");
if (!(isset($_POST['chk']) && is_array($_POST['chk']))) {
alert($_POST['act_button'] . " 하실 항목을 하나 이상 체크하세요.");
}
auth_check_menu($auth, $sub_menu, 'w');
@ -16,12 +16,10 @@ $mb_datas = array();
$msg = '';
if ($_POST['act_button'] == "선택수정") {
for ($i=0; $i<count($_POST['chk']); $i++)
{
for ($i = 0; $i < count($_POST['chk']); $i++) {
// 실제 번호를 넘김
$k = isset($_POST['chk'][$i]) ? (int) $_POST['chk'][$i] : 0;
$post_mb_certify = (isset($_POST['mb_certify'][$k]) && $_POST['mb_certify'][$k]) ? clean_xss_tags($_POST['mb_certify'][$k], 1, 1, 20) : '';
$post_mb_level = isset($_POST['mb_level'][$k]) ? (int) $_POST['mb_level'][$k] : 0;
$post_mb_intercept_date = (isset($_POST['mb_intercept_date'][$k]) && $_POST['mb_intercept_date'][$k]) ? clean_xss_tags($_POST['mb_intercept_date'][$k], 1, 1, 8) : '';
@ -31,48 +29,46 @@ if ($_POST['act_button'] == "선택수정") {
$mb_datas[] = $mb = get_member($_POST['mb_id'][$k]);
if (! (isset($mb['mb_id']) && $mb['mb_id'])) {
$msg .= $mb['mb_id'].' : 회원자료가 존재하지 않습니다.\\n';
} else if ($is_admin != 'super' && $mb['mb_level'] >= $member['mb_level']) {
$msg .= $mb['mb_id'].' : 자신보다 권한이 높거나 같은 회원은 수정할 수 없습니다.\\n';
} else if ($member['mb_id'] == $mb['mb_id']) {
$msg .= $mb['mb_id'].' : 로그인 중인 관리자는 수정 할 수 없습니다.\\n';
if (!(isset($mb['mb_id']) && $mb['mb_id'])) {
$msg .= $mb['mb_id'] . ' : 회원자료가 존재하지 않습니다.\\n';
} elseif ($is_admin != 'super' && $mb['mb_level'] >= $member['mb_level']) {
$msg .= $mb['mb_id'] . ' : 자신보다 권한이 높거나 같은 회원은 수정할 수 없습니다.\\n';
} elseif ($member['mb_id'] == $mb['mb_id']) {
$msg .= $mb['mb_id'] . ' : 로그인 중인 관리자는 수정 할 수 없습니다.\\n';
} else {
if($post_mb_certify)
if ($post_mb_certify) {
$mb_adult = isset($_POST['mb_adult'][$k]) ? (int) $_POST['mb_adult'][$k] : 0;
else
} else {
$mb_adult = 0;
}
$sql = " update {$g5['member_table']}
set mb_level = '".$post_mb_level."',
mb_intercept_date = '".sql_real_escape_string($post_mb_intercept_date)."',
mb_mailling = '".$post_mb_mailling."',
mb_sms = '".$post_mb_sms."',
mb_open = '".$post_mb_open."',
mb_certify = '".sql_real_escape_string($post_mb_certify)."',
set mb_level = '" . $post_mb_level . "',
mb_intercept_date = '" . sql_real_escape_string($post_mb_intercept_date) . "',
mb_mailling = '" . $post_mb_mailling . "',
mb_sms = '" . $post_mb_sms . "',
mb_open = '" . $post_mb_open . "',
mb_certify = '" . sql_real_escape_string($post_mb_certify) . "',
mb_adult = '{$mb_adult}'
where mb_id = '".sql_real_escape_string($mb['mb_id'])."' ";
where mb_id = '" . sql_real_escape_string($mb['mb_id']) . "' ";
sql_query($sql);
}
}
} else if ($_POST['act_button'] == "선택삭제") {
for ($i=0; $i<count($_POST['chk']); $i++)
{
} elseif ($_POST['act_button'] == "선택삭제") {
for ($i = 0; $i < count($_POST['chk']); $i++) {
// 실제 번호를 넘김
$k = isset($_POST['chk'][$i]) ? (int) $_POST['chk'][$i] : 0;
$mb_datas[] = $mb = get_member($_POST['mb_id'][$k]);
if (!$mb['mb_id']) {
$msg .= $mb['mb_id'].' : 회원자료가 존재하지 않습니다.\\n';
} else if ($member['mb_id'] == $mb['mb_id']) {
$msg .= $mb['mb_id'].' : 로그인 중인 관리자는 삭제 할 수 없습니다.\\n';
} else if (is_admin($mb['mb_id']) == 'super') {
$msg .= $mb['mb_id'].' : 최고 관리자는 삭제할 수 없습니다.\\n';
} else if ($is_admin != 'super' && $mb['mb_level'] >= $member['mb_level']) {
$msg .= $mb['mb_id'].' : 자신보다 권한이 높거나 같은 회원은 삭제할 수 없습니다.\\n';
$msg .= $mb['mb_id'] . ' : 회원자료가 존재하지 않습니다.\\n';
} elseif ($member['mb_id'] == $mb['mb_id']) {
$msg .= $mb['mb_id'] . ' : 로그인 중인 관리자는 삭제 할 수 없습니다.\\n';
} elseif (is_admin($mb['mb_id']) == 'super') {
$msg .= $mb['mb_id'] . ' : 최고 관리자는 삭제할 수 없습니다.\\n';
} elseif ($is_admin != 'super' && $mb['mb_level'] >= $member['mb_level']) {
$msg .= $mb['mb_id'] . ' : 자신보다 권한이 높거나 같은 회원은 삭제할 수 없습니다.\\n';
} else {
// 회원자료 삭제
member_delete($mb['mb_id']);
@ -80,10 +76,11 @@ if ($_POST['act_button'] == "선택수정") {
}
}
if ($msg)
if ($msg) {
//echo '<script> alert("'.$msg.'"); </script>';
alert($msg);
}
run_event('admin_member_list_update', $_POST['act_button'], $mb_datas);
goto_url('./member_list.php?'.$qstr);
goto_url('./member_list.php?' . $qstr);

306
adm/menu_form.php
View File

@ -1,22 +1,24 @@
<?php
$sub_menu = "100290";
include_once('./_common.php');
require_once './_common.php';
if ($is_admin != 'super')
if ($is_admin != 'super') {
alert_close('최고관리자만 접근 가능합니다.');
}
$g5['title'] = '메뉴 추가';
include_once(G5_PATH.'/head.sub.php');
require_once G5_PATH . '/head.sub.php';
$new = isset($_GET['new']) ? clean_xss_tags($_GET['new'], 1, 1) : '';
$code = isset($_GET['code']) ? preg_replace('/[^0-9a-zA-Z]/', '', $_GET['code']) : '';
$new = isset($_GET['new']) ? clean_xss_tags($_GET['new'], 1, 1) : '';
$code = isset($_GET['code']) ? (string)preg_replace('/[^0-9a-zA-Z]/', '', $_GET['code']) : '';
// 코드
if($new == 'new' || !$code) {
$code = base_convert(substr($code,0, 2), 36, 10);
if ($new == 'new' || !$code) {
$code = (int)base_convert(substr($code, 0, 2), 36, 10);
$code += 36;
$code = base_convert($code, 10, 36);
$code = base_convert((string)$code, 10, 36);
}
?>
<div id="menu_frm" class="new_win">
@ -24,174 +26,174 @@ if($new == 'new' || !$code) {
<form name="fmenuform" id="fmenuform" class="new_win_con">
<div class="new_win_desc">
<label for="me_type">대상선택</label>
<select name="me_type" id="me_type">
<option value="">직접입력</option>
<option value="group">게시판그룹</option>
<option value="board">게시판</option>
<option value="content">내용관리</option>
</select>
</div>
<div class="new_win_desc">
<label for="me_type">대상선택</label>
<select name="me_type" id="me_type">
<option value="">직접입력</option>
<option value="group">게시판그룹</option>
<option value="board">게시판</option>
<option value="content">내용관리</option>
</select>
</div>
<div id="menu_result"></div>
<div id="menu_result"></div>
</form>
</div>
<script>
$(function() {
$("#menu_result").load(
"./menu_form_search.php"
);
function link_checks_all_chage(){
var $links = $(opener.document).find("#menulist input[name='me_link[]']"),
$o_link = $(".td_mngsmall input[name='link[]']"),
hrefs = [],
menu_exist = false;
if( $links.length ){
$links.each(function( index ) {
hrefs.push( $(this).val() );
});
$o_link.each(function( index ) {
if( $.inArray( $(this).val(), hrefs ) != -1 ){
$(this).closest("tr").find("td:eq( 0 )").addClass("exist_menu_link");
menu_exist = true;
}
});
}
if( menu_exist ){
$(".menu_exists_tip").show();
} else {
$(".menu_exists_tip").hide();
}
}
function menu_result_change( type ){
var dfd = new $.Deferred();
$("#menu_result").empty().load(
"./menu_form_search.php",
{ type : type },
function(){
dfd.resolve('Finished');
}
$(function() {
$("#menu_result").load(
"./menu_form_search.php"
);
return dfd.promise();
}
function link_checks_all_chage() {
$("#me_type").on("change", function() {
var type = $(this).val();
var $links = $(opener.document).find("#menulist input[name='me_link[]']"),
$o_link = $(".td_mngsmall input[name='link[]']"),
hrefs = [],
menu_exist = false;
var promise = menu_result_change( type );
if ($links.length) {
$links.each(function(index) {
hrefs.push($(this).val());
});
$o_link.each(function(index) {
if ($.inArray($(this).val(), hrefs) != -1) {
$(this).closest("tr").find("td:eq( 0 )").addClass("exist_menu_link");
menu_exist = true;
}
});
}
if (menu_exist) {
$(".menu_exists_tip").show();
} else {
$(".menu_exists_tip").hide();
}
}
function menu_result_change(type) {
var dfd = new $.Deferred();
$("#menu_result").empty().load(
"./menu_form_search.php", {
type: type
},
function() {
dfd.resolve('Finished');
}
);
return dfd.promise();
}
$("#me_type").on("change", function() {
var type = $(this).val();
var promise = menu_result_change(type);
promise.done(function(message) {
link_checks_all_chage(type);
});
promise.done(function(message) {
link_checks_all_chage(type);
});
$(document).on("click", "#add_manual", function() {
var me_name = $.trim($("#me_name").val());
var me_link = $.trim($("#me_link").val());
add_menu_list(me_name, me_link, "<?php echo $code; ?>");
});
$(document).on("click", ".add_select", function() {
var me_name = $.trim($(this).siblings("input[name='subject[]']").val());
var me_link = $.trim($(this).siblings("input[name='link[]']").val());
add_menu_list(me_name, me_link, "<?php echo $code; ?>");
});
});
$(document).on("click", "#add_manual", function() {
var me_name = $.trim($("#me_name").val());
var me_link = $.trim($("#me_link").val());
function add_menu_list(name, link, code) {
var $menulist = $("#menulist", opener.document);
var ms = new Date().getTime();
var sub_menu_class;
<?php if ($new == 'new') { ?>
sub_menu_class = " class=\"td_category\"";
<?php } else { ?>
sub_menu_class = " class=\"td_category sub_menu_class\"";
<?php } ?>
add_menu_list(me_name, me_link, "<?php echo $code; ?>");
});
var list = "<tr class=\"menu_list menu_group_<?php echo $code; ?>\">";
list += "<td" + sub_menu_class + ">";
list += "<label for=\"me_name_" + ms + "\" class=\"sound_only\">메뉴<strong class=\"sound_only\"> 필수</strong></label>";
list += "<input type=\"hidden\" name=\"code[]\" value=\"<?php echo $code; ?>\">";
list += "<input type=\"text\" name=\"me_name[]\" value=\"" + name + "\" id=\"me_name_" + ms + "\" required class=\"required frm_input full_input\">";
list += "</td>";
list += "<td>";
list += "<label for=\"me_link_" + ms + "\" class=\"sound_only\">링크<strong class=\"sound_only\"> 필수</strong></label>";
list += "<input type=\"text\" name=\"me_link[]\" value=\"" + link + "\" id=\"me_link_" + ms + "\" required class=\"required frm_input full_input\">";
list += "</td>";
list += "<td class=\"td_mng\">";
list += "<label for=\"me_target_" + ms + "\" class=\"sound_only\">새창</label>";
list += "<select name=\"me_target[]\" id=\"me_target_" + ms + "\">";
list += "<option value=\"self\">사용안함</option>";
list += "<option value=\"blank\">사용함</option>";
list += "</select>";
list += "</td>";
list += "<td class=\"td_numsmall\">";
list += "<label for=\"me_order_" + ms + "\" class=\"sound_only\">순서<strong class=\"sound_only\"> 필수</strong></label>";
list += "<input type=\"text\" name=\"me_order[]\" value=\"0\" id=\"me_order_" + ms + "\" required class=\"required frm_input\" size=\"5\">";
list += "</td>";
list += "<td class=\"td_mngsmall\">";
list += "<label for=\"me_use_" + ms + "\" class=\"sound_only\">PC사용</label>";
list += "<select name=\"me_use[]\" id=\"me_use_" + ms + "\">";
list += "<option value=\"1\">사용함</option>";
list += "<option value=\"0\">사용안함</option>";
list += "</select>";
list += "</td>";
list += "<td class=\"td_mngsmall\">";
list += "<label for=\"me_mobile_use_" + ms + "\" class=\"sound_only\">모바일사용</label>";
list += "<select name=\"me_mobile_use[]\" id=\"me_mobile_use_" + ms + "\">";
list += "<option value=\"1\">사용함</option>";
list += "<option value=\"0\">사용안함</option>";
list += "</select>";
list += "</td>";
list += "<td class=\"td_mng\">";
<?php if ($new == 'new') { ?>
list += "<button type=\"button\" class=\"btn_add_submenu btn_03\">추가</button>\n";
<?php } ?>
list += "<button type=\"button\" class=\"btn_del_menu btn_02\">삭제</button>";
list += "</td>";
list += "</tr>";
$(document).on("click", ".add_select", function() {
var me_name = $.trim($(this).siblings("input[name='subject[]']").val());
var me_link = $.trim($(this).siblings("input[name='link[]']").val());
var $menu_last = null;
add_menu_list(me_name, me_link, "<?php echo $code; ?>");
});
});
if (code)
$menu_last = $menulist.find("tr.menu_group_" + code + ":last");
else
$menu_last = $menulist.find("tr.menu_list:last");
function add_menu_list(name, link, code)
{
var $menulist = $("#menulist", opener.document);
var ms = new Date().getTime();
var sub_menu_class;
<?php if($new == 'new') { ?>
sub_menu_class = " class=\"td_category\"";
<?php } else { ?>
sub_menu_class = " class=\"td_category sub_menu_class\"";
<?php } ?>
if ($menu_last.length > 0) {
$menu_last.after(list);
} else {
if ($menulist.find("#empty_menu_list").length > 0)
$menulist.find("#empty_menu_list").remove();
var list = "<tr class=\"menu_list menu_group_<?php echo $code; ?>\">";
list += "<td"+sub_menu_class+">";
list += "<label for=\"me_name_"+ms+"\" class=\"sound_only\">메뉴<strong class=\"sound_only\"> 필수</strong></label>";
list += "<input type=\"hidden\" name=\"code[]\" value=\"<?php echo $code; ?>\">";
list += "<input type=\"text\" name=\"me_name[]\" value=\""+name+"\" id=\"me_name_"+ms+"\" required class=\"required frm_input full_input\">";
list += "</td>";
list += "<td>";
list += "<label for=\"me_link_"+ms+"\" class=\"sound_only\">링크<strong class=\"sound_only\"> 필수</strong></label>";
list += "<input type=\"text\" name=\"me_link[]\" value=\""+link+"\" id=\"me_link_"+ms+"\" required class=\"required frm_input full_input\">";
list += "</td>";
list += "<td class=\"td_mng\">";
list += "<label for=\"me_target_"+ms+"\" class=\"sound_only\">새창</label>";
list += "<select name=\"me_target[]\" id=\"me_target_"+ms+"\">";
list += "<option value=\"self\">사용안함</option>";
list += "<option value=\"blank\">사용함</option>";
list += "</select>";
list += "</td>";
list += "<td class=\"td_numsmall\">";
list += "<label for=\"me_order_"+ms+"\" class=\"sound_only\">순서<strong class=\"sound_only\"> 필수</strong></label>";
list += "<input type=\"text\" name=\"me_order[]\" value=\"0\" id=\"me_order_"+ms+"\" required class=\"required frm_input\" size=\"5\">";
list += "</td>";
list += "<td class=\"td_mngsmall\">";
list += "<label for=\"me_use_"+ms+"\" class=\"sound_only\">PC사용</label>";
list += "<select name=\"me_use[]\" id=\"me_use_"+ms+"\">";
list += "<option value=\"1\">사용함</option>";
list += "<option value=\"0\">사용안함</option>";
list += "</select>";
list += "</td>";
list += "<td class=\"td_mngsmall\">";
list += "<label for=\"me_mobile_use_"+ms+"\" class=\"sound_only\">모바일사용</label>";
list += "<select name=\"me_mobile_use[]\" id=\"me_mobile_use_"+ms+"\">";
list += "<option value=\"1\">사용함</option>";
list += "<option value=\"0\">사용안함</option>";
list += "</select>";
list += "</td>";
list += "<td class=\"td_mng\">";
<?php if($new == 'new') { ?>
list += "<button type=\"button\" class=\"btn_add_submenu btn_03\">추가</button>\n";
<?php } ?>
list += "<button type=\"button\" class=\"btn_del_menu btn_02\">삭제</button>";
list += "</td>";
list += "</tr>";
$menulist.find("table tbody").append(list);
}
var $menu_last = null;
$menulist.find("tr.menu_list").each(function(index) {
$(this).removeClass("bg0 bg1")
.addClass("bg" + (index % 2));
});
if(code)
$menu_last = $menulist.find("tr.menu_group_"+code+":last");
else
$menu_last = $menulist.find("tr.menu_list:last");
if($menu_last.length > 0) {
$menu_last.after(list);
} else {
if($menulist.find("#empty_menu_list").length > 0)
$menulist.find("#empty_menu_list").remove();
$menulist.find("table tbody").append(list);
window.close();
}
$menulist.find("tr.menu_list").each(function(index) {
$(this).removeClass("bg0 bg1")
.addClass("bg"+(index % 2));
});
window.close();
}
</script>
<?php
include_once(G5_PATH.'/tail.sub.php');
require_once G5_PATH . '/tail.sub.php';

113
adm/menu_form_search.php
View File

@ -1,12 +1,13 @@
<?php
include_once('./_common.php');
require_once './_common.php';
if ($is_admin != 'super')
if ($is_admin != 'super') {
die('최고관리자만 접근 가능합니다.');
}
$type = isset($_REQUEST['type']) ? preg_replace('/[^0-9a-z_]/i', '', $_REQUEST['type']) : '';
switch($type) {
switch ($type) {
case 'group':
$sql = " select gr_id as id, gr_subject as subject
from {$g5['group_table']}
@ -27,32 +28,31 @@ switch($type) {
break;
}
if($sql) {
if ($sql) {
$result = sql_query($sql);
for($i=0; $row=sql_fetch_array($result); $i++) {
if($i == 0) {
$bbs_subject_title = ($type == 'board') ? '게시판제목' : '제목';
?>
for ($i = 0; $row = sql_fetch_array($result); $i++) {
if ($i == 0) {
$bbs_subject_title = ($type == 'board') ? '게시판제목' : '제목';
?>
<div class="tbl_head01 tbl_wrap">
<table>
<thead>
<tr>
<th scope="col"><?php echo $bbs_subject_title; ?></th>
<?php if($type == 'board'){ ?>
<th scope="col">게시판 그룹</th>
<?php } ?>
<th scope="col">선택</th>
</tr>
</thead>
<tbody>
<thead>
<tr>
<th scope="col"><?php echo $bbs_subject_title; ?></th>
<?php if ($type == 'board') { ?>
<th scope="col">게시판 그룹</th>
<?php } ?>
<th scope="col">선택</th>
</tr>
</thead>
<tbody>
<?php }
switch($type) {
<?php }
switch ($type) {
case 'group':
$link = G5_BBS_URL.'/group.php?gr_id='.$row['id'];
$link = G5_BBS_URL . '/group.php?gr_id=' . $row['id'];
break;
case 'board':
$link = get_pretty_url($row['id']);
@ -64,26 +64,26 @@ if($sql) {
$link = '';
break;
}
?>
<tr>
<td><?php echo $row['subject']; ?></td>
<?php
if($type == 'board'){
$group = get_call_func_cache('get_group', array($row['gr_id']));
?>
<td><?php echo $group['gr_subject']; ?></td>
<?php } ?>
<td class="td_mngsmall">
<input type="hidden" name="subject[]" value="<?php echo preg_replace('/[\'\"]/', '', $row['subject']); ?>">
<input type="hidden" name="link[]" value="<?php echo $link; ?>">
<button type="button" class="add_select btn btn_03"><span class="sound_only"><?php echo $row['subject']; ?> </span>선택</button>
</td>
</tr>
<?php } ?>
<tr>
<td><?php echo $row['subject']; ?></td>
<?php
if ($type == 'board') {
$group = get_call_func_cache('get_group', array($row['gr_id']));
?>
<td><?php echo $group['gr_subject']; ?></td>
<?php } ?>
<td class="td_mngsmall">
<input type="hidden" name="subject[]" value="<?php echo preg_replace('/[\'\"]/', '', $row['subject']); ?>">
<input type="hidden" name="link[]" value="<?php echo $link; ?>">
<button type="button" class="add_select btn btn_03"><span class="sound_only"><?php echo $row['subject']; ?> </span>선택</button>
</td>
</tr>
</tbody>
<?php } ?>
</tbody>
</table>
</div>
@ -96,26 +96,25 @@ if($sql) {
</div>
<?php } else { ?>
<div class="tbl_frm01 tbl_wrap">
<table>
<colgroup>
<col class="grid_2">
<col>
</colgroup>
<tbody>
<tr>
<th scope="row"><label for="me_name">메뉴<strong class="sound_only"> 필수</strong></label></th>
<td><input type="text" name="me_name" id="me_name" required class="frm_input required"></td>
</tr>
<tr>
<th scope="row"><label for="me_link">링크<strong class="sound_only"> 필수</strong></label></th>
<td>
<?php echo help('링크는 http://를 포함해서 입력해 주세요.'); ?>
<input type="text" name="me_link" id="me_link" required class="frm_input full_input required">
</td>
</tr>
</tbody>
<colgroup>
<col class="grid_2">
<col>
</colgroup>
<tbody>
<tr>
<th scope="row"><label for="me_name">메뉴<strong class="sound_only"> 필수</strong></label></th>
<td><input type="text" name="me_name" id="me_name" required class="frm_input required"></td>
</tr>
<tr>
<th scope="row"><label for="me_link">링크<strong class="sound_only"> 필수</strong></label></th>
<td>
<?php echo help('링크는 http://를 포함해서 입력해 주세요.'); ?>
<input type="text" name="me_link" id="me_link" required class="frm_input full_input required">
</td>
</tr>
</tbody>
</table>
</div>

329
adm/menu_list.php
View File

@ -1,17 +1,19 @@
<?php
$sub_menu = "100290";
include_once('./_common.php');
require_once './_common.php';
if ($is_admin != 'super')
if ($is_admin != 'super') {
alert('최고관리자만 접근 가능합니다.');
}
// 메뉴테이블 생성
if( !isset($g5['menu_table']) ){
if (!isset($g5['menu_table'])) {
die('<meta charset="utf-8">dbconfig.php 파일에 <strong>$g5[\'menu_table\'] = G5_TABLE_PREFIX.\'menu\';</strong> 를 추가해 주세요.');
}
if(!sql_query(" DESCRIBE {$g5['menu_table']} ", false)) {
sql_query(" CREATE TABLE IF NOT EXISTS `{$g5['menu_table']}` (
if (!sql_query(" DESCRIBE {$g5['menu_table']} ", false)) {
sql_query(
" CREATE TABLE IF NOT EXISTS `{$g5['menu_table']}` (
`me_id` int(11) NOT NULL AUTO_INCREMENT,
`me_code` varchar(255) NOT NULL DEFAULT '',
`me_name` varchar(255) NOT NULL DEFAULT '',
@ -21,14 +23,16 @@ if(!sql_query(" DESCRIBE {$g5['menu_table']} ", false)) {
`me_use` tinyint(4) NOT NULL DEFAULT '0',
`me_mobile_use` tinyint(4) NOT NULL DEFAULT '0',
PRIMARY KEY (`me_id`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 ", true);
) ENGINE=MyISAM DEFAULT CHARSET=utf8 ",
true
);
}
$sql = " select * from {$g5['menu_table']} order by me_id ";
$result = sql_query($sql);
$g5['title'] = "메뉴설정";
include_once('./admin.head.php');
require_once './admin.head.php';
$colspan = 7;
$sub_menu_info = '';
@ -39,181 +43,178 @@ $sub_menu_info = '';
</div>
<form name="fmenulist" id="fmenulist" method="post" action="./menu_list_update.php" onsubmit="return fmenulist_submit(this);">
<input type="hidden" name="token" value="">
<input type="hidden" name="token" value="">
<div id="menulist" class="tbl_head01 tbl_wrap">
<table>
<caption><?php echo $g5['title']; ?> 목록</caption>
<thead>
<tr>
<th scope="col">메뉴</th>
<th scope="col">링크</th>
<th scope="col">새창</th>
<th scope="col">순서</th>
<th scope="col">PC사용</th>
<th scope="col">모바일사용</th>
<th scope="col">관리</th>
</tr>
</thead>
<tbody>
<?php
for ($i=0; $row=sql_fetch_array($result); $i++)
{
$bg = 'bg'.($i%2);
$sub_menu_class = '';
if(strlen($row['me_code']) == 4) {
$sub_menu_class = ' sub_menu_class';
$sub_menu_info = '<span class="sound_only">'.$row['me_name'].'의 서브</span>';
$sub_menu_ico = '<span class="sub_menu_ico"></span>';
}
<div id="menulist" class="tbl_head01 tbl_wrap">
<table>
<caption><?php echo $g5['title']; ?> 목록</caption>
<thead>
<tr>
<th scope="col">메뉴</th>
<th scope="col">링크</th>
<th scope="col">새창</th>
<th scope="col">순서</th>
<th scope="col">PC사용</th>
<th scope="col">모바일사용</th>
<th scope="col">관리</th>
</tr>
</thead>
<tbody>
<?php
for ($i = 0; $row = sql_fetch_array($result); $i++) {
$bg = 'bg' . ($i % 2);
$sub_menu_class = '';
if (strlen($row['me_code']) == 4) {
$sub_menu_class = ' sub_menu_class';
$sub_menu_info = '<span class="sound_only">' . $row['me_name'] . '의 서브</span>';
$sub_menu_ico = '<span class="sub_menu_ico"></span>';
}
$search = array('"', "'");
$replace = array('&#034;', '&#039;');
$me_name = str_replace($search, $replace, $row['me_name']);
?>
<tr class="<?php echo $bg; ?> menu_list menu_group_<?php echo substr($row['me_code'], 0, 2); ?>">
<td class="td_category<?php echo $sub_menu_class; ?>">
<input type="hidden" name="code[]" value="<?php echo substr($row['me_code'], 0, 2) ?>">
<label for="me_name_<?php echo $i; ?>" class="sound_only"><?php echo $sub_menu_info; ?> 메뉴<strong class="sound_only"> 필수</strong></label>
<input type="text" name="me_name[]" value="<?php echo get_sanitize_input($me_name); ?>" id="me_name_<?php echo $i; ?>" required class="required tbl_input full_input">
</td>
<td>
<label for="me_link_<?php echo $i; ?>" class="sound_only">링크<strong class="sound_only"> 필수</strong></label>
<input type="text" name="me_link[]" value="<?php echo $row['me_link'] ?>" id="me_link_<?php echo $i; ?>" required class="required tbl_input full_input">
</td>
<td class="td_mng">
<label for="me_target_<?php echo $i; ?>" class="sound_only">새창</label>
<select name="me_target[]" id="me_target_<?php echo $i; ?>">
<option value="self"<?php echo get_selected($row['me_target'], 'self', true); ?>>사용안함</option>
<option value="blank"<?php echo get_selected($row['me_target'], 'blank', true); ?>>사용함</option>
</select>
</td>
<td class="td_num">
<label for="me_order_<?php echo $i; ?>" class="sound_only">순서</label>
<input type="text" name="me_order[]" value="<?php echo $row['me_order'] ?>" id="me_order_<?php echo $i; ?>" class="tbl_input" size="5">
</td>
<td class="td_mng">
<label for="me_use_<?php echo $i; ?>" class="sound_only">PC사용</label>
<select name="me_use[]" id="me_use_<?php echo $i; ?>">
<option value="1"<?php echo get_selected($row['me_use'], '1', true); ?>>사용함</option>
<option value="0"<?php echo get_selected($row['me_use'], '0', true); ?>>사용안함</option>
</select>
</td>
<td class="td_mng">
<label for="me_mobile_use_<?php echo $i; ?>" class="sound_only">모바일사용</label>
<select name="me_mobile_use[]" id="me_mobile_use_<?php echo $i; ?>">
<option value="1"<?php echo get_selected($row['me_mobile_use'], '1', true); ?>>사용함</option>
<option value="0"<?php echo get_selected($row['me_mobile_use'], '0', true); ?>>사용안함</option>
</select>
</td>
<td class="td_mng">
<?php if(strlen($row['me_code']) == 2) { ?>
<button type="button" class="btn_add_submenu btn_03 ">추가</button>
<?php } ?>
<button type="button" class="btn_del_menu btn_02">삭제</button>
</td>
</tr>
<?php
}
$search = array('"', "'");
$replace = array('&#034;', '&#039;');
$me_name = str_replace($search, $replace, $row['me_name']);
?>
<tr class="<?php echo $bg; ?> menu_list menu_group_<?php echo substr($row['me_code'], 0, 2); ?>">
<td class="td_category<?php echo $sub_menu_class; ?>">
<input type="hidden" name="code[]" value="<?php echo substr($row['me_code'], 0, 2) ?>">
<label for="me_name_<?php echo $i; ?>" class="sound_only"><?php echo $sub_menu_info; ?> 메뉴<strong class="sound_only"> 필수</strong></label>
<input type="text" name="me_name[]" value="<?php echo get_sanitize_input($me_name); ?>" id="me_name_<?php echo $i; ?>" required class="required tbl_input full_input">
</td>
<td>
<label for="me_link_<?php echo $i; ?>" class="sound_only">링크<strong class="sound_only"> 필수</strong></label>
<input type="text" name="me_link[]" value="<?php echo $row['me_link'] ?>" id="me_link_<?php echo $i; ?>" required class="required tbl_input full_input">
</td>
<td class="td_mng">
<label for="me_target_<?php echo $i; ?>" class="sound_only">새창</label>
<select name="me_target[]" id="me_target_<?php echo $i; ?>">
<option value="self" <?php echo get_selected($row['me_target'], 'self', true); ?>>사용안함</option>
<option value="blank" <?php echo get_selected($row['me_target'], 'blank', true); ?>>사용함</option>
</select>
</td>
<td class="td_num">
<label for="me_order_<?php echo $i; ?>" class="sound_only">순서</label>
<input type="text" name="me_order[]" value="<?php echo $row['me_order'] ?>" id="me_order_<?php echo $i; ?>" class="tbl_input" size="5">
</td>
<td class="td_mng">
<label for="me_use_<?php echo $i; ?>" class="sound_only">PC사용</label>
<select name="me_use[]" id="me_use_<?php echo $i; ?>">
<option value="1" <?php echo get_selected($row['me_use'], '1', true); ?>>사용함</option>
<option value="0" <?php echo get_selected($row['me_use'], '0', true); ?>>사용안함</option>
</select>
</td>
<td class="td_mng">
<label for="me_mobile_use_<?php echo $i; ?>" class="sound_only">모바일사용</label>
<select name="me_mobile_use[]" id="me_mobile_use_<?php echo $i; ?>">
<option value="1" <?php echo get_selected($row['me_mobile_use'], '1', true); ?>>사용함</option>
<option value="0" <?php echo get_selected($row['me_mobile_use'], '0', true); ?>>사용안함</option>
</select>
</td>
<td class="td_mng">
<?php if (strlen($row['me_code']) == 2) { ?>
<button type="button" class="btn_add_submenu btn_03 ">추가</button>
<?php } ?>
<button type="button" class="btn_del_menu btn_02">삭제</button>
</td>
</tr>
<?php
}
if ($i==0)
echo '<tr id="empty_menu_list"><td colspan="'.$colspan.'" class="empty_table">자료가 없습니다.</td></tr>';
?>
</tbody>
</table>
</div>
if ($i == 0) {
echo '<tr id="empty_menu_list"><td colspan="' . $colspan . '" class="empty_table">자료가 없습니다.</td></tr>';
}
?>
</tbody>
</table>
</div>
<div class="btn_fixed_top">
<button type="button" onclick="return add_menu();" class="btn btn_02">메뉴추가<span class="sound_only"> 새창</span></button>
<input type="submit" name="act_button" value="확인" class="btn_submit btn ">
</div>
<div class="btn_fixed_top">
<button type="button" onclick="return add_menu();" class="btn btn_02">메뉴추가<span class="sound_only"> 새창</span></button>
<input type="submit" name="act_button" value="확인" class="btn_submit btn ">
</div>
</form>
<script>
$(function() {
$(document).on("click", ".btn_add_submenu", function() {
var code = $(this).closest("tr").find("input[name='code[]']").val().substr(0, 2);
add_submenu(code);
});
$(document).on("click", ".btn_del_menu", function() {
if(!confirm("메뉴를 삭제하시겠습니까?\n메뉴 삭제후 메뉴설정의 확인 버튼을 눌러 메뉴를 저장해 주세요."))
return false;
var $tr = $(this).closest("tr");
if($tr.find("td.sub_menu_class").length > 0) {
$tr.remove();
} else {
$(function() {
$(document).on("click", ".btn_add_submenu", function() {
var code = $(this).closest("tr").find("input[name='code[]']").val().substr(0, 2);
$("tr.menu_group_"+code).remove();
}
add_submenu(code);
});
if($("#menulist tr.menu_list").length < 1) {
var list = "<tr id=\"empty_menu_list\"><td colspan=\"<?php echo $colspan; ?>\" class=\"empty_table\">자료가 없습니다.</td></tr>\n";
$("#menulist table tbody").append(list);
} else {
$("#menulist tr.menu_list").each(function(index) {
$(this).removeClass("bg0 bg1")
.addClass("bg"+(index % 2));
});
}
});
});
$(document).on("click", ".btn_del_menu", function() {
if (!confirm("메뉴를 삭제하시겠습니까?\n메뉴 삭제후 메뉴설정의 확인 버튼을 눌러 메뉴를 저장해 주세요."))
return false;
function add_menu()
{
var max_code = base_convert(0, 10, 36);
$("#menulist tr.menu_list").each(function() {
var me_code = $(this).find("input[name='code[]']").val().substr(0, 2);
if(max_code < me_code)
max_code = me_code;
var $tr = $(this).closest("tr");
if ($tr.find("td.sub_menu_class").length > 0) {
$tr.remove();
} else {
var code = $(this).closest("tr").find("input[name='code[]']").val().substr(0, 2);
$("tr.menu_group_" + code).remove();
}
if ($("#menulist tr.menu_list").length < 1) {
var list = "<tr id=\"empty_menu_list\"><td colspan=\"<?php echo $colspan; ?>\" class=\"empty_table\">자료가 없습니다.</td></tr>\n";
$("#menulist table tbody").append(list);
} else {
$("#menulist tr.menu_list").each(function(index) {
$(this).removeClass("bg0 bg1")
.addClass("bg" + (index % 2));
});
}
});
});
var url = "./menu_form.php?code="+max_code+"&new=new";
window.open(url, "add_menu", "left=100,top=100,width=550,height=650,scrollbars=yes,resizable=yes");
return false;
}
function add_menu() {
var max_code = base_convert(0, 10, 36);
$("#menulist tr.menu_list").each(function() {
var me_code = $(this).find("input[name='code[]']").val().substr(0, 2);
if (max_code < me_code)
max_code = me_code;
});
function add_submenu(code)
{
var url = "./menu_form.php?code="+code;
window.open(url, "add_menu", "left=100,top=100,width=550,height=650,scrollbars=yes,resizable=yes");
return false;
}
function base_convert(number, frombase, tobase) {
// discuss at: http://phpjs.org/functions/base_convert/
// original by: Philippe Baumann
// improved by: Rafał Kukawski (http://blog.kukawski.pl)
// example 1: base_convert('A37334', 16, 2);
// returns 1: '101000110111001100110100'
return parseInt(number + '', frombase | 0)
.toString(tobase | 0);
}
function fmenulist_submit(f)
{
var me_links = document.getElementsByName('me_link[]');
var reg = /^javascript/;
for (i=0; i<me_links.length; i++){
if( reg.test(me_links[i].value) ){
alert('링크에 자바스크립트문을 입력할수 없습니다.');
me_links[i].focus();
return false;
}
var url = "./menu_form.php?code=" + max_code + "&new=new";
window.open(url, "add_menu", "left=100,top=100,width=550,height=650,scrollbars=yes,resizable=yes");
return false;
}
return true;
}
function add_submenu(code) {
var url = "./menu_form.php?code=" + code;
window.open(url, "add_menu", "left=100,top=100,width=550,height=650,scrollbars=yes,resizable=yes");
return false;
}
function base_convert(number, frombase, tobase) {
// discuss at: http://phpjs.org/functions/base_convert/
// original by: Philippe Baumann
// improved by: Rafał Kukawski (http://blog.kukawski.pl)
// example 1: base_convert('A37334', 16, 2);
// returns 1: '101000110111001100110100'
return parseInt(number + '', frombase | 0)
.toString(tobase | 0);
}
function fmenulist_submit(f) {
var me_links = document.getElementsByName('me_link[]');
var reg = /^javascript/;
for (i = 0; i < me_links.length; i++) {
if (reg.test(me_links[i].value)) {
alert('링크에 자바스크립트문을 입력할수 없습니다.');
me_links[i].focus();
return false;
}
}
return true;
}
</script>
<?php
include_once ('./admin.tail.php');
require_once './admin.tail.php';

45
adm/menu_list_update.php
View File

@ -1,11 +1,12 @@
<?php
$sub_menu = "100290";
include_once('./_common.php');
require_once './_common.php';
check_demo();
if ($is_admin != 'super')
if ($is_admin != 'super') {
alert('최고관리자만 접근 가능합니다.');
}
check_admin_token();
@ -17,11 +18,10 @@ $group_code = null;
$primary_code = null;
$count = isset($_POST['code']) ? count($_POST['code']) : 0;
for ($i=0; $i<$count; $i++)
{
for ($i = 0; $i < $count; $i++) {
$_POST = array_map_deep('trim', $_POST);
if(preg_match('/^javascript/i', preg_replace('/[ ]{1,}|[\t]/', '', $_POST['me_link'][$i]))){
if (preg_match('/^javascript/i', preg_replace('/[ ]{1,}|[\t]/', '', $_POST['me_link'][$i]))) {
$_POST['me_link'][$i] = G5_URL;
}
@ -31,31 +31,32 @@ for ($i=0; $i<$count; $i++)
$code = is_array($_POST['code']) ? strip_tags($_POST['code'][$i]) : '';
$me_name = is_array($_POST['me_name']) ? strip_tags($_POST['me_name'][$i]) : '';
$me_link = (preg_match('/^javascript/i', $_POST['me_link'][$i]) || preg_match('/script:/i', $_POST['me_link'][$i])) ? G5_URL : strip_tags(clean_xss_attributes($_POST['me_link'][$i]));
if(!$code || !$me_name || !$me_link)
if (!$code || !$me_name || !$me_link) {
continue;
}
$sub_code = '';
if($group_code == $code) {
if ($group_code == $code) {
$sql = " select MAX(SUBSTRING(me_code,3,2)) as max_me_code
from {$g5['menu_table']}
where SUBSTRING(me_code,1,2) = '$primary_code' ";
$row = sql_fetch($sql);
$sub_code = base_convert($row['max_me_code'], 36, 10);
$sub_code = (int)base_convert($row['max_me_code'], 36, 10);
$sub_code += 36;
$sub_code = base_convert($sub_code, 10, 36);
$sub_code = base_convert((string)$sub_code, 10, 36);
$me_code = $primary_code.$sub_code;
$me_code = $primary_code . $sub_code;
} else {
$sql = " select MAX(SUBSTRING(me_code,1,2)) as max_me_code
from {$g5['menu_table']}
where LENGTH(me_code) = '2' ";
$row = sql_fetch($sql);
$me_code = base_convert($row['max_me_code'], 36, 10);
$me_code = (int)base_convert($row['max_me_code'], 36, 10);
$me_code += 36;
$me_code = base_convert($me_code, 10, 36);
$me_code = base_convert((string)$me_code, 10, 36);
$group_code = $code;
$primary_code = $me_code;
@ -63,16 +64,16 @@ for ($i=0; $i<$count; $i++)
// 메뉴 등록
$sql = " insert into {$g5['menu_table']}
set me_code = '".$me_code."',
me_name = '".$me_name."',
me_link = '".$me_link."',
me_target = '".sql_real_escape_string(strip_tags($_POST['me_target'][$i]))."',
me_order = '".sql_real_escape_string(strip_tags($_POST['me_order'][$i]))."',
me_use = '".sql_real_escape_string(strip_tags($_POST['me_use'][$i]))."',
me_mobile_use = '".sql_real_escape_string(strip_tags($_POST['me_mobile_use'][$i]))."' ";
set me_code = '" . $me_code . "',
me_name = '" . $me_name . "',
me_link = '" . $me_link . "',
me_target = '" . sql_real_escape_string(strip_tags($_POST['me_target'][$i])) . "',
me_order = '" . sql_real_escape_string(strip_tags($_POST['me_order'][$i])) . "',
me_use = '" . sql_real_escape_string(strip_tags($_POST['me_use'][$i])) . "',
me_mobile_use = '" . sql_real_escape_string(strip_tags($_POST['me_mobile_use'][$i])) . "' ";
sql_query($sql);
}
run_event('admin_menu_list_update');
goto_url('./menu_list.php');
goto_url('./menu_list.php');

346
adm/newwinform.php
View File

@ -1,174 +1,172 @@
<?php
$sub_menu = '100310';
include_once('./_common.php');
include_once(G5_EDITOR_LIB);
auth_check_menu($auth, $sub_menu, "w");
$nw_id = isset($_REQUEST['nw_id']) ? preg_replace('/[^0-9]/', '', $_REQUEST['nw_id']) : 0;
$nw = array(
'nw_begin_time'=>'',
'nw_end_time'=>'',
'nw_subject'=>'',
'nw_content'=>'',
'nw_division'=>'',
);
$html_title = "팝업레이어";
// 팝업레이어 테이블에 쇼핑몰, 커뮤니티 인지 구분하는 여부 필드 추가
$sql = " ALTER TABLE `{$g5['new_win_table']}` ADD `nw_division` VARCHAR(10) NOT NULL DEFAULT 'both' ";
sql_query($sql, false);
if ($w == "u")
{
$html_title .= " 수정";
$sql = " select * from {$g5['new_win_table']} where nw_id = '$nw_id' ";
$nw = sql_fetch($sql);
if (! (isset($nw['nw_id']) && $nw['nw_id'])) alert("등록된 자료가 없습니다.");
}
else
{
$html_title .= " 입력";
$nw['nw_device'] = 'both';
$nw['nw_disable_hours'] = 24;
$nw['nw_left'] = 10;
$nw['nw_top'] = 10;
$nw['nw_width'] = 450;
$nw['nw_height'] = 500;
$nw['nw_content_html'] = 2;
}
$g5['title'] = $html_title;
include_once (G5_ADMIN_PATH.'/admin.head.php');
?>
<form name="frmnewwin" action="./newwinformupdate.php" onsubmit="return frmnewwin_check(this);" method="post">
<input type="hidden" name="w" value="<?php echo $w; ?>">
<input type="hidden" name="nw_id" value="<?php echo $nw_id; ?>">
<input type="hidden" name="token" value="">
<div class="local_desc01 local_desc">
<p>초기화면 접속 시 자동으로 뜰 팝업레이어를 설정합니다.</p>
</div>
<div class="tbl_frm01 tbl_wrap">
<table>
<caption><?php echo $g5['title']; ?></caption>
<colgroup>
<col class="grid_4">
<col>
</colgroup>
<tbody>
<tr>
<th scope="row"><label for="nw_division">구분</label></th>
<td>
<?php echo help("커뮤니티에 표시될 것인지 쇼핑몰에 표시될 것인지를 설정합니다."); ?>
<select name="nw_division" id="nw_division">
<option value="comm"<?php echo get_selected($nw['nw_division'], 'comm'); ?>>커뮤니티</option>
<?php if (defined('G5_USE_SHOP') && G5_USE_SHOP) { ?>
<option value="both"<?php echo get_selected($nw['nw_division'], 'both', true); ?>>커뮤니티와 쇼핑몰</option>
<option value="shop"<?php echo get_selected($nw['nw_division'], 'shop'); ?>>쇼핑몰</option>
<?php } ?>
</select>
</td>
</tr>
<tr>
<th scope="row"><label for="nw_device">접속기기</label></th>
<td>
<?php echo help("팝업레이어가 표시될 접속기기를 설정합니다."); ?>
<select name="nw_device" id="nw_device">
<option value="both"<?php echo get_selected($nw['nw_device'], 'both', true); ?>>PC와 모바일</option>
<option value="pc"<?php echo get_selected($nw['nw_device'], 'pc'); ?>>PC</option>
<option value="mobile"<?php echo get_selected($nw['nw_device'], 'mobile'); ?>>모바일</option>
</select>
</td>
</tr>
<tr>
<th scope="row"><label for="nw_disable_hours">시간<strong class="sound_only"> 필수</strong></label></th>
<td>
<?php echo help("고객이 다시 보지 않음을 선택할 시 몇 시간동안 팝업레이어를 보여주지 않을지 설정합니다."); ?>
<input type="text" name="nw_disable_hours" value="<?php echo $nw['nw_disable_hours']; ?>" id="nw_disable_hours" required class="frm_input required" size="5"> 시간
</td>
</tr>
<tr>
<th scope="row"><label for="nw_begin_time">시작일시<strong class="sound_only"> 필수</strong></label></th>
<td>
<input type="text" name="nw_begin_time" value="<?php echo $nw['nw_begin_time']; ?>" id="nw_begin_time" required class="frm_input required" size="21" maxlength="19">
<input type="checkbox" name="nw_begin_chk" value="<?php echo date("Y-m-d 00:00:00", G5_SERVER_TIME); ?>" id="nw_begin_chk" onclick="if (this.checked == true) this.form.nw_begin_time.value=this.form.nw_begin_chk.value; else this.form.nw_begin_time.value = this.form.nw_begin_time.defaultValue;">
<label for="nw_begin_chk">시작일시를 오늘로</label>
</td>
</tr>
<tr>
<th scope="row"><label for="nw_end_time">종료일시<strong class="sound_only"> 필수</strong></label></th>
<td>
<input type="text" name="nw_end_time" value="<?php echo $nw['nw_end_time']; ?>" id="nw_end_time" required class="frm_input required" size="21" maxlength="19">
<input type="checkbox" name="nw_end_chk" value="<?php echo date("Y-m-d 23:59:59", G5_SERVER_TIME+(60*60*24*7)); ?>" id="nw_end_chk" onclick="if (this.checked == true) this.form.nw_end_time.value=this.form.nw_end_chk.value; else this.form.nw_end_time.value = this.form.nw_end_time.defaultValue;">
<label for="nw_end_chk">종료일시를 오늘로부터 7일 후로</label>
</td>
</tr>
<tr>
<th scope="row"><label for="nw_left">팝업레이어 좌측 위치<strong class="sound_only"> 필수</strong></label></th>
<td>
<input type="text" name="nw_left" value="<?php echo $nw['nw_left']; ?>" id="nw_left" required class="frm_input required" size="5"> px
</td>
</tr>
<tr>
<th scope="row"><label for="nw_top">팝업레이어 상단 위치<strong class="sound_only"> 필수</strong></label></th>
<td>
<input type="text" name="nw_top" value="<?php echo $nw['nw_top']; ?>" id="nw_top" required class="frm_input required" size="5"> px
</td>
</tr>
<tr>
<th scope="row"><label for="nw_width">팝업레이어 넓이<strong class="sound_only"> 필수</strong></label></th>
<td>
<input type="text" name="nw_width" value="<?php echo $nw['nw_width'] ?>" id="nw_width" required class="frm_input required" size="5"> px
</td>
</tr>
<tr>
<th scope="row"><label for="nw_height">팝업레이어 높이<strong class="sound_only"> 필수</strong></label></th>
<td>
<input type="text" name="nw_height" value="<?php echo $nw['nw_height'] ?>" id="nw_height" required class="frm_input required" size="5"> px
</td>
</tr>
<tr>
<th scope="row"><label for="nw_subject">팝업 제목<strong class="sound_only"> 필수</strong></label></th>
<td>
<input type="text" name="nw_subject" value="<?php echo get_sanitize_input($nw['nw_subject']); ?>" id="nw_subject" required class="frm_input required" size="80">
</td>
</tr>
<tr>
<th scope="row"><label for="nw_content">내용</label></th>
<td><?php echo editor_html('nw_content', get_text(html_purifier($nw['nw_content']), 0)); ?></td>
</tr>
</tbody>
</table>
</div>
<div class="btn_fixed_top">
<a href="./newwinlist.php" class=" btn btn_02">목록</a>
<input type="submit" value="확인" class="btn_submit btn" accesskey="s">
</div>
</form>
<script>
function frmnewwin_check(f)
{
errmsg = "";
errfld = "";
<?php echo get_editor_js('nw_content'); ?>
check_field(f.nw_subject, "제목을 입력하세요.");
if (errmsg != "") {
alert(errmsg);
errfld.focus();
return false;
}
return true;
}
</script>
<?php
include_once (G5_ADMIN_PATH.'/admin.tail.php');
<?php
$sub_menu = '100310';
require_once './_common.php';
require_once G5_EDITOR_LIB;
auth_check_menu($auth, $sub_menu, "w");
$nw_id = isset($_REQUEST['nw_id']) ? (string)preg_replace('/[^0-9]/', '', $_REQUEST['nw_id']) : 0;
$nw = array(
'nw_begin_time' => '',
'nw_end_time' => '',
'nw_subject' => '',
'nw_content' => '',
'nw_division' => '',
);
$html_title = "팝업레이어";
// 팝업레이어 테이블에 쇼핑몰, 커뮤니티 인지 구분하는 여부 필드 추가
$sql = " ALTER TABLE `{$g5['new_win_table']}` ADD `nw_division` VARCHAR(10) NOT NULL DEFAULT 'both' ";
sql_query($sql, false);
if ($w == "u") {
$html_title .= " 수정";
$sql = " select * from {$g5['new_win_table']} where nw_id = '$nw_id' ";
$nw = sql_fetch($sql);
if (!(isset($nw['nw_id']) && $nw['nw_id'])) {
alert("등록된 자료가 없습니다.");
}
} else {
$html_title .= " 입력";
$nw['nw_device'] = 'both';
$nw['nw_disable_hours'] = 24;
$nw['nw_left'] = 10;
$nw['nw_top'] = 10;
$nw['nw_width'] = 450;
$nw['nw_height'] = 500;
$nw['nw_content_html'] = 2;
}
$g5['title'] = $html_title;
require_once G5_ADMIN_PATH . '/admin.head.php';
?>
<form name="frmnewwin" action="./newwinformupdate.php" onsubmit="return frmnewwin_check(this);" method="post">
<input type="hidden" name="w" value="<?php echo $w; ?>">
<input type="hidden" name="nw_id" value="<?php echo $nw_id; ?>">
<input type="hidden" name="token" value="">
<div class="local_desc01 local_desc">
<p>초기화면 접속 시 자동으로 뜰 팝업레이어를 설정합니다.</p>
</div>
<div class="tbl_frm01 tbl_wrap">
<table>
<caption><?php echo $g5['title']; ?></caption>
<colgroup>
<col class="grid_4">
<col>
</colgroup>
<tbody>
<tr>
<th scope="row"><label for="nw_division">구분</label></th>
<td>
<?php echo help("커뮤니티에 표시될 것인지 쇼핑몰에 표시될 것인지를 설정합니다."); ?>
<select name="nw_division" id="nw_division">
<option value="comm" <?php echo get_selected($nw['nw_division'], 'comm'); ?>>커뮤니티</option>
<?php if (defined('G5_USE_SHOP') && G5_USE_SHOP) { ?>
<option value="both" <?php echo get_selected($nw['nw_division'], 'both', true); ?>>커뮤니티와 쇼핑몰</option>
<option value="shop" <?php echo get_selected($nw['nw_division'], 'shop'); ?>>쇼핑몰</option>
<?php } ?>
</select>
</td>
</tr>
<tr>
<th scope="row"><label for="nw_device">접속기기</label></th>
<td>
<?php echo help("팝업레이어가 표시될 접속기기를 설정합니다."); ?>
<select name="nw_device" id="nw_device">
<option value="both" <?php echo get_selected($nw['nw_device'], 'both', true); ?>>PC와 모바일</option>
<option value="pc" <?php echo get_selected($nw['nw_device'], 'pc'); ?>>PC</option>
<option value="mobile" <?php echo get_selected($nw['nw_device'], 'mobile'); ?>>모바일</option>
</select>
</td>
</tr>
<tr>
<th scope="row"><label for="nw_disable_hours">시간<strong class="sound_only"> 필수</strong></label></th>
<td>
<?php echo help("고객이 다시 보지 않음을 선택할 시 몇 시간동안 팝업레이어를 보여주지 않을지 설정합니다."); ?>
<input type="text" name="nw_disable_hours" value="<?php echo $nw['nw_disable_hours']; ?>" id="nw_disable_hours" required class="frm_input required" size="5"> 시간
</td>
</tr>
<tr>
<th scope="row"><label for="nw_begin_time">시작일시<strong class="sound_only"> 필수</strong></label></th>
<td>
<input type="text" name="nw_begin_time" value="<?php echo $nw['nw_begin_time']; ?>" id="nw_begin_time" required class="frm_input required" size="21" maxlength="19">
<input type="checkbox" name="nw_begin_chk" value="<?php echo date("Y-m-d 00:00:00", G5_SERVER_TIME); ?>" id="nw_begin_chk" onclick="if (this.checked == true) this.form.nw_begin_time.value=this.form.nw_begin_chk.value; else this.form.nw_begin_time.value = this.form.nw_begin_time.defaultValue;">
<label for="nw_begin_chk">시작일시를 오늘로</label>
</td>
</tr>
<tr>
<th scope="row"><label for="nw_end_time">종료일시<strong class="sound_only"> 필수</strong></label></th>
<td>
<input type="text" name="nw_end_time" value="<?php echo $nw['nw_end_time']; ?>" id="nw_end_time" required class="frm_input required" size="21" maxlength="19">
<input type="checkbox" name="nw_end_chk" value="<?php echo date("Y-m-d 23:59:59", G5_SERVER_TIME + (60 * 60 * 24 * 7)); ?>" id="nw_end_chk" onclick="if (this.checked == true) this.form.nw_end_time.value=this.form.nw_end_chk.value; else this.form.nw_end_time.value = this.form.nw_end_time.defaultValue;">
<label for="nw_end_chk">종료일시를 오늘로부터 7일 후로</label>
</td>
</tr>
<tr>
<th scope="row"><label for="nw_left">팝업레이어 좌측 위치<strong class="sound_only"> 필수</strong></label></th>
<td>
<input type="text" name="nw_left" value="<?php echo $nw['nw_left']; ?>" id="nw_left" required class="frm_input required" size="5"> px
</td>
</tr>
<tr>
<th scope="row"><label for="nw_top">팝업레이어 상단 위치<strong class="sound_only"> 필수</strong></label></th>
<td>
<input type="text" name="nw_top" value="<?php echo $nw['nw_top']; ?>" id="nw_top" required class="frm_input required" size="5"> px
</td>
</tr>
<tr>
<th scope="row"><label for="nw_width">팝업레이어 넓이<strong class="sound_only"> 필수</strong></label></th>
<td>
<input type="text" name="nw_width" value="<?php echo $nw['nw_width'] ?>" id="nw_width" required class="frm_input required" size="5"> px
</td>
</tr>
<tr>
<th scope="row"><label for="nw_height">팝업레이어 높이<strong class="sound_only"> 필수</strong></label></th>
<td>
<input type="text" name="nw_height" value="<?php echo $nw['nw_height'] ?>" id="nw_height" required class="frm_input required" size="5"> px
</td>
</tr>
<tr>
<th scope="row"><label for="nw_subject">팝업 제목<strong class="sound_only"> 필수</strong></label></th>
<td>
<input type="text" name="nw_subject" value="<?php echo get_sanitize_input($nw['nw_subject']); ?>" id="nw_subject" required class="frm_input required" size="80">
</td>
</tr>
<tr>
<th scope="row"><label for="nw_content">내용</label></th>
<td><?php echo editor_html('nw_content', get_text(html_purifier($nw['nw_content']), 0)); ?></td>
</tr>
</tbody>
</table>
</div>
<div class="btn_fixed_top">
<a href="./newwinlist.php" class=" btn btn_02">목록</a>
<input type="submit" value="확인" class="btn_submit btn" accesskey="s">
</div>
</form>
<script>
function frmnewwin_check(f) {
errmsg = "";
errfld = "";
<?php echo get_editor_js('nw_content'); ?>
check_field(f.nw_subject, "제목을 입력하세요.");
if (errmsg != "") {
alert(errmsg);
errfld.focus();
return false;
}
return true;
}
</script>
<?php
require_once G5_ADMIN_PATH . '/admin.tail.php';

158
adm/newwinformupdate.php
View File

@ -1,82 +1,76 @@
<?php
$sub_menu = '100310';
include_once('./_common.php');
$nw_id = isset($_REQUEST['nw_id']) ? preg_replace('/[^0-9]/', '', $_REQUEST['nw_id']) : 0;
if ($w == "u" || $w == "d")
check_demo();
if ($w == 'd')
auth_check_menu($auth, $sub_menu, "d");
else
auth_check_menu($auth, $sub_menu, "w");
check_admin_token();
$nw_subject = isset($_POST['nw_subject']) ? strip_tags(clean_xss_attributes($_POST['nw_subject'])) : '';
$posts = array();
$check_keys = array(
'nw_device'=>'str',
'nw_division'=>'str',
'nw_begin_time'=>'str',
'nw_end_time'=>'str',
'nw_disable_hours'=>'int',
'nw_left'=>'int',
'nw_top'=>'int',
'nw_height'=>'int',
'nw_width'=>'int',
'nw_content'=>'text',
'nw_content_html'=>'text',
);
foreach($check_keys as $key=>$val){
if($val === 'int'){
$posts[$key] = isset($_POST[$key]) ? (int) $_POST[$key] : 0;
} else if ($val === 'str') {
$posts[$key] = isset($_POST[$key]) ? clean_xss_tags($_POST[$key], 1, 1) : 0;
} else {
$posts[$key] = isset($_POST[$key]) ? trim($_POST[$key]) : 0;
}
}
$sql_common = " nw_device = '{$posts['nw_device']}',
nw_division = '{$posts['nw_division']}',
nw_begin_time = '{$posts['nw_begin_time']}',
nw_end_time = '{$posts['nw_end_time']}',
nw_disable_hours = '{$posts['nw_disable_hours']}',
nw_left = '{$posts['nw_left']}',
nw_top = '{$posts['nw_top']}',
nw_height = '{$posts['nw_height']}',
nw_width = '{$posts['nw_width']}',
nw_subject = '{$nw_subject}',
nw_content = '{$posts['nw_content']}',
nw_content_html = '{$posts['nw_content_html']}' ";
if($w == "")
{
$sql = " insert {$g5['new_win_table']} set $sql_common ";
sql_query($sql);
$nw_id = sql_insert_id();
}
else if ($w == "u")
{
$sql = " update {$g5['new_win_table']} set $sql_common where nw_id = '$nw_id' ";
sql_query($sql);
}
else if ($w == "d")
{
$sql = " delete from {$g5['new_win_table']} where nw_id = '$nw_id' ";
sql_query($sql);
}
if ($w == "d")
{
goto_url('./newwinlist.php');
}
else
{
goto_url("./newwinform.php?w=u&amp;nw_id=$nw_id");
}
<?php
$sub_menu = '100310';
require_once './_common.php';
$nw_id = isset($_REQUEST['nw_id']) ? (string)preg_replace('/[^0-9]/', '', $_REQUEST['nw_id']) : 0;
if ($w == "u" || $w == "d") {
check_demo();
}
if ($w == 'd') {
auth_check_menu($auth, $sub_menu, "d");
} else {
auth_check_menu($auth, $sub_menu, "w");
}
check_admin_token();
$nw_subject = isset($_POST['nw_subject']) ? strip_tags(clean_xss_attributes($_POST['nw_subject'])) : '';
$posts = array();
$check_keys = array(
'nw_device' => 'str',
'nw_division' => 'str',
'nw_begin_time' => 'str',
'nw_end_time' => 'str',
'nw_disable_hours' => 'int',
'nw_left' => 'int',
'nw_top' => 'int',
'nw_height' => 'int',
'nw_width' => 'int',
'nw_content' => 'text',
'nw_content_html' => 'text',
);
foreach ($check_keys as $key => $val) {
if ($val === 'int') {
$posts[$key] = isset($_POST[$key]) ? (int) $_POST[$key] : 0;
} elseif ($val === 'str') {
$posts[$key] = isset($_POST[$key]) ? clean_xss_tags($_POST[$key], 1, 1) : 0;
} else {
$posts[$key] = isset($_POST[$key]) ? trim($_POST[$key]) : 0;
}
}
$sql_common = " nw_device = '{$posts['nw_device']}',
nw_division = '{$posts['nw_division']}',
nw_begin_time = '{$posts['nw_begin_time']}',
nw_end_time = '{$posts['nw_end_time']}',
nw_disable_hours = '{$posts['nw_disable_hours']}',
nw_left = '{$posts['nw_left']}',
nw_top = '{$posts['nw_top']}',
nw_height = '{$posts['nw_height']}',
nw_width = '{$posts['nw_width']}',
nw_subject = '{$nw_subject}',
nw_content = '{$posts['nw_content']}',
nw_content_html = '{$posts['nw_content_html']}' ";
if ($w == "") {
$sql = " insert {$g5['new_win_table']} set $sql_common ";
sql_query($sql);
$nw_id = sql_insert_id();
} elseif ($w == "u") {
$sql = " update {$g5['new_win_table']} set $sql_common where nw_id = '$nw_id' ";
sql_query($sql);
} elseif ($w == "d") {
$sql = " delete from {$g5['new_win_table']} where nw_id = '$nw_id' ";
sql_query($sql);
}
if ($w == "d") {
goto_url('./newwinlist.php');
} else {
goto_url("./newwinform.php?w=u&amp;nw_id=$nw_id");
}

239
adm/newwinlist.php
View File

@ -1,118 +1,121 @@
<?php
$sub_menu = '100310';
include_once('./_common.php');
auth_check_menu($auth, $sub_menu, "r");
if( !isset($g5['new_win_table']) ){
die('<meta charset="utf-8">/data/dbconfig.php 파일에 <strong>$g5[\'new_win_table\'] = G5_TABLE_PREFIX.\'new_win\';</strong> 를 추가해 주세요.');
}
//내용(컨텐츠)정보 테이블이 있는지 검사한다.
if(!sql_query(" DESCRIBE {$g5['new_win_table']} ", false)) {
if(sql_query(" DESCRIBE {$g5['g5_shop_new_win_table']} ", false)) {
sql_query(" ALTER TABLE {$g5['g5_shop_new_win_table']} RENAME TO `{$g5['new_win_table']}` ;", false);
} else {
$query_cp = sql_query(" CREATE TABLE IF NOT EXISTS `{$g5['new_win_table']}` (
`nw_id` int(11) NOT NULL AUTO_INCREMENT,
`nw_division` varchar(10) NOT NULL DEFAULT 'both',
`nw_device` varchar(10) NOT NULL DEFAULT 'both',
`nw_begin_time` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
`nw_end_time` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
`nw_disable_hours` int(11) NOT NULL DEFAULT '0',
`nw_left` int(11) NOT NULL DEFAULT '0',
`nw_top` int(11) NOT NULL DEFAULT '0',
`nw_height` int(11) NOT NULL DEFAULT '0',
`nw_width` int(11) NOT NULL DEFAULT '0',
`nw_subject` text NOT NULL,
`nw_content` text NOT NULL,
`nw_content_html` tinyint(4) NOT NULL DEFAULT '0',
PRIMARY KEY (`nw_id`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 ", true);
}
}
$g5['title'] = '팝업레이어 관리';
include_once (G5_ADMIN_PATH.'/admin.head.php');
$sql_common = " from {$g5['new_win_table']} ";
// 테이블의 전체 레코드수만 얻음
$sql = " select count(*) as cnt " . $sql_common;
$row = sql_fetch($sql);
$total_count = $row['cnt'];
$sql = "select * $sql_common order by nw_id desc ";
$result = sql_query($sql);
?>
<div class="local_ov01 local_ov"><span class="btn_ov01"><span class="ov_txt">전체 </span><span class="ov_num"> <?php echo $total_count; ?>건</span></span></div>
<div class="btn_fixed_top ">
<a href="./newwinform.php" class="btn btn_01">새창관리추가</a>
</div>
<div class="tbl_head01 tbl_wrap">
<table>
<caption><?php echo $g5['title']; ?> 목록</caption>
<thead>
<tr>
<th scope="col">번호</th>
<th scope="col">제목</th>
<th scope="col">접속기기</th>
<th scope="col">시작일시</th>
<th scope="col">종료일시</th>
<th scope="col">시간</th>
<th scope="col">Left</th>
<th scope="col">Top</th>
<th scope="col">Width</th>
<th scope="col">Height</th>
<th scope="col">관리</th>
</tr>
</thead>
<tbody>
<?php
for ($i=0; $row=sql_fetch_array($result); $i++) {
$bg = 'bg'.($i%2);
switch($row['nw_device']) {
case 'pc':
$nw_device = 'PC';
break;
case 'mobile':
$nw_device = '모바일';
break;
default:
$nw_device = '모';
break;
}
?>
<tr class="<?php echo $bg; ?>">
<td class="td_num"><?php echo $row['nw_id']; ?></td>
<td class="td_left"><?php echo $row['nw_subject']; ?></td>
<td class="td_device"><?php echo $nw_device; ?></td>
<td class="td_datetime"><?php echo substr($row['nw_begin_time'],2,14); ?></td>
<td class="td_datetime"><?php echo substr($row['nw_end_time'],2,14); ?></td>
<td class="td_num"><?php echo $row['nw_disable_hours']; ?>시간</td>
<td class="td_num"><?php echo $row['nw_left']; ?>px</td>
<td class="td_num"><?php echo $row['nw_top']; ?>px</td>
<td class="td_num"><?php echo $row['nw_width']; ?>px</td>
<td class="td_num"><?php echo $row['nw_height']; ?>px</td>
<td class="td_mng td_mng_m">
<a href="./newwinform.php?w=u&amp;nw_id=<?php echo $row['nw_id']; ?>" class="btn btn_03"><span class="sound_only"><?php echo $row['nw_subject']; ?> </span>수정</a>
<a href="./newwinformupdate.php?w=d&amp;nw_id=<?php echo $row['nw_id']; ?>" onclick="return delete_confirm(this);" class="btn btn_02"><span class="sound_only"><?php echo $row['nw_subject']; ?> </span>삭제</a>
</td>
</tr>
<?php
}
if ($i == 0) {
echo '<tr><td colspan="11" class="empty_table">자료가 한건도 없습니다.</td></tr>';
}
?>
</tbody>
</table>
</div>
<?php
include_once (G5_ADMIN_PATH.'/admin.tail.php');
<?php
$sub_menu = '100310';
require_once './_common.php';
auth_check_menu($auth, $sub_menu, "r");
if (!isset($g5['new_win_table'])) {
die('<meta charset="utf-8">/data/dbconfig.php 파일에 <strong>$g5[\'new_win_table\'] = G5_TABLE_PREFIX.\'new_win\';</strong> 를 추가해 주세요.');
}
//내용(컨텐츠)정보 테이블이 있는지 검사한다.
if (!sql_query(" DESCRIBE {$g5['new_win_table']} ", false)) {
if (sql_query(" DESCRIBE {$g5['g5_shop_new_win_table']} ", false)) {
sql_query(" ALTER TABLE {$g5['g5_shop_new_win_table']} RENAME TO `{$g5['new_win_table']}` ;", false);
} else {
$query_cp = sql_query(
" CREATE TABLE IF NOT EXISTS `{$g5['new_win_table']}` (
`nw_id` int(11) NOT NULL AUTO_INCREMENT,
`nw_division` varchar(10) NOT NULL DEFAULT 'both',
`nw_device` varchar(10) NOT NULL DEFAULT 'both',
`nw_begin_time` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
`nw_end_time` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
`nw_disable_hours` int(11) NOT NULL DEFAULT '0',
`nw_left` int(11) NOT NULL DEFAULT '0',
`nw_top` int(11) NOT NULL DEFAULT '0',
`nw_height` int(11) NOT NULL DEFAULT '0',
`nw_width` int(11) NOT NULL DEFAULT '0',
`nw_subject` text NOT NULL,
`nw_content` text NOT NULL,
`nw_content_html` tinyint(4) NOT NULL DEFAULT '0',
PRIMARY KEY (`nw_id`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 ",
true
);
}
}
$g5['title'] = '팝업레이어 관리';
require_once G5_ADMIN_PATH . '/admin.head.php';
$sql_common = " from {$g5['new_win_table']} ";
// 테이블의 전체 레코드수만 얻음
$sql = " select count(*) as cnt " . $sql_common;
$row = sql_fetch($sql);
$total_count = $row['cnt'];
$sql = "select * $sql_common order by nw_id desc ";
$result = sql_query($sql);
?>
<div class="local_ov01 local_ov"><span class="btn_ov01"><span class="ov_txt">전체 </span><span class="ov_num"> <?php echo $total_count; ?>건</span></span></div>
<div class="btn_fixed_top ">
<a href="./newwinform.php" class="btn btn_01">새창관리추가</a>
</div>
<div class="tbl_head01 tbl_wrap">
<table>
<caption><?php echo $g5['title']; ?> 목록</caption>
<thead>
<tr>
<th scope="col">번호</th>
<th scope="col">제목</th>
<th scope="col">접속기기</th>
<th scope="col">시작일시</th>
<th scope="col">종료일시</th>
<th scope="col">시간</th>
<th scope="col">Left</th>
<th scope="col">Top</th>
<th scope="col">Width</th>
<th scope="col">Height</th>
<th scope="col">관리</th>
</tr>
</thead>
<tbody>
<?php
for ($i = 0; $row = sql_fetch_array($result); $i++) {
$bg = 'bg' . ($i % 2);
switch ($row['nw_device']) {
case 'pc':
$nw_device = 'PC';
break;
case 'mobile':
$nw_device = '모바일';
break;
default:
$nw_device = '모두';
break;
}
?>
<tr class="<?php echo $bg; ?>">
<td class="td_num"><?php echo $row['nw_id']; ?></td>
<td class="td_left"><?php echo $row['nw_subject']; ?></td>
<td class="td_device"><?php echo $nw_device; ?></td>
<td class="td_datetime"><?php echo substr($row['nw_begin_time'], 2, 14); ?></td>
<td class="td_datetime"><?php echo substr($row['nw_end_time'], 2, 14); ?></td>
<td class="td_num"><?php echo $row['nw_disable_hours']; ?>시간</td>
<td class="td_num"><?php echo $row['nw_left']; ?>px</td>
<td class="td_num"><?php echo $row['nw_top']; ?>px</td>
<td class="td_num"><?php echo $row['nw_width']; ?>px</td>
<td class="td_num"><?php echo $row['nw_height']; ?>px</td>
<td class="td_mng td_mng_m">
<a href="./newwinform.php?w=u&amp;nw_id=<?php echo $row['nw_id']; ?>" class="btn btn_03"><span class="sound_only"><?php echo $row['nw_subject']; ?> </span>수정</a>
<a href="./newwinformupdate.php?w=d&amp;nw_id=<?php echo $row['nw_id']; ?>" onclick="return delete_confirm(this);" class="btn btn_02"><span class="sound_only"><?php echo $row['nw_subject']; ?> </span>삭제</a>
</td>
</tr>
<?php
}
if ($i == 0) {
echo '<tr><td colspan="11" class="empty_table">자료가 한건도 없습니다.</td></tr>';
}
?>
</tbody>
</table>
</div>
<?php
require_once G5_ADMIN_PATH . '/admin.tail.php';

4
adm/phpinfo.php
View File

@ -1,9 +1,9 @@
<?php
$sub_menu = "100500";
include_once('./_common.php');
require_once './_common.php';
check_demo();
auth_check_menu($auth, $sub_menu, 'r');
phpinfo();
phpinfo();

301
adm/point_list.php
View File

@ -1,20 +1,20 @@
<?php
$sub_menu = "200200";
include_once('./_common.php');
require_once './_common.php';
auth_check_menu($auth, $sub_menu, 'r');
$sql_common = " from {$g5['point_table']} ";
$sql_common = " from {$g5['point_table']} po";
$sql_search = " where (1) ";
if ($stx) {
$sql_search .= " and ( ";
switch ($sfl) {
case 'mb_id' :
$sql_search .= " ({$sfl} = '{$stx}') ";
case 'mb_id':
$sql_search .= " (po.{$sfl} = '{$stx}') ";
break;
default :
default:
$sql_search .= " ({$sfl} like '%{$stx}%') ";
break;
}
@ -36,36 +36,41 @@ $total_count = $row['cnt'];
$rows = $config['cf_page_rows'];
$total_page = ceil($total_count / $rows); // 전체 페이지 계산
if ($page < 1) $page = 1; // 페이지가 없으면 첫 페이지 (1 페이지)
if ($page < 1) {
$page = 1; // 페이지가 없으면 첫 페이지 (1 페이지)
}
$from_record = ($page - 1) * $rows; // 시작 열을 구함
$sql = " select *
$sql = " select po.*, mb.mb_name, mb.mb_nick, mb.mb_email, mb.mb_homepage, mb.mb_point
{$sql_common}
LEFT JOIN {$g5['member_table']} mb ON po.mb_id = mb.mb_id
{$sql_search}
{$sql_order}
limit {$from_record}, {$rows} ";
$result = sql_query($sql);
$listall = '<a href="'.$_SERVER['SCRIPT_NAME'].'" class="ov_listall">전체목록</a>';
$listall = '<a href="' . $_SERVER['SCRIPT_NAME'] . '" class="ov_listall">전체목록</a>';
$mb = array();
if ($sfl == 'mb_id' && $stx)
if ($sfl == 'mb_id' && $stx) {
$mb = get_member($stx);
}
$g5['title'] = '포인트관리';
include_once ('./admin.head.php');
require_once './admin.head.php';
$colspan = 9;
$po_expire_term = '';
if($config['cf_point_term'] > 0) {
if ($config['cf_point_term'] > 0) {
$po_expire_term = $config['cf_point_term'];
}
if (strstr($sfl, "mb_id"))
if (strstr($sfl, "mb_id")) {
$mb_id = $stx;
else
} else {
$mb_id = "";
}
?>
<div class="local_ov01 local_ov">
@ -73,109 +78,110 @@ else
<span class="btn_ov01"><span class="ov_txt">전체 </span><span class="ov_num"> <?php echo number_format($total_count) ?> 건 </span></span>
<?php
if (isset($mb['mb_id']) && $mb['mb_id']) {
echo '&nbsp;<span class="btn_ov01"><span class="ov_txt">' . $mb['mb_id'] .' 님 포인트 합계 </span><span class="ov_num"> ' . number_format($mb['mb_point']) . '점</span></span>';
echo '&nbsp;<span class="btn_ov01"><span class="ov_txt">' . $mb['mb_id'] . ' 님 포인트 합계 </span><span class="ov_num"> ' . number_format($mb['mb_point']) . '점</span></span>';
} else {
$row2 = sql_fetch(" select sum(po_point) as sum_point from {$g5['point_table']} ");
echo '&nbsp;<span class="btn_ov01"><span class="ov_txt">전체 합계</span><span class="ov_num">'.number_format($row2['sum_point']).'점 </span></span>';
echo '&nbsp;<span class="btn_ov01"><span class="ov_txt">전체 합계</span><span class="ov_num">' . number_format($row2['sum_point']) . '점 </span></span>';
}
?>
</div>
<form name="fsearch" id="fsearch" class="local_sch01 local_sch" method="get">
<label for="sfl" class="sound_only">검색대상</label>
<select name="sfl" id="sfl">
<option value="mb_id"<?php echo get_selected($sfl, "mb_id"); ?>>회원아이디</option>
<option value="po_content"<?php echo get_selected($sfl, "po_content"); ?>>내용</option>
</select>
<label for="stx" class="sound_only">검색어<strong class="sound_only"> 필수</strong></label>
<input type="text" name="stx" value="<?php echo $stx ?>" id="stx" required class="required frm_input">
<input type="submit" class="btn_submit" value="검색">
<label for="sfl" class="sound_only">검색대상</label>
<select name="sfl" id="sfl">
<option value="mb_id" <?php echo get_selected($sfl, "mb_id"); ?>>회원아이디</option>
<option value="po_content" <?php echo get_selected($sfl, "po_content"); ?>>내용</option>
</select>
<label for="stx" class="sound_only">검색어<strong class="sound_only"> 필수</strong></label>
<input type="text" name="stx" value="<?php echo $stx ?>" id="stx" required class="required frm_input">
<input type="submit" class="btn_submit" value="검색">
</form>
<form name="fpointlist" id="fpointlist" method="post" action="./point_list_delete.php" onsubmit="return fpointlist_submit(this);">
<input type="hidden" name="sst" value="<?php echo $sst ?>">
<input type="hidden" name="sod" value="<?php echo $sod ?>">
<input type="hidden" name="sfl" value="<?php echo $sfl ?>">
<input type="hidden" name="stx" value="<?php echo $stx ?>">
<input type="hidden" name="page" value="<?php echo $page ?>">
<input type="hidden" name="token" value="">
<input type="hidden" name="sst" value="<?php echo $sst ?>">
<input type="hidden" name="sod" value="<?php echo $sod ?>">
<input type="hidden" name="sfl" value="<?php echo $sfl ?>">
<input type="hidden" name="stx" value="<?php echo $stx ?>">
<input type="hidden" name="page" value="<?php echo $page ?>">
<input type="hidden" name="token" value="">
<div class="tbl_head01 tbl_wrap">
<table>
<caption><?php echo $g5['title']; ?> 목록</caption>
<thead>
<tr>
<th scope="col">
<label for="chkall" class="sound_only">포인트 내역 전체</label>
<input type="checkbox" name="chkall" value="1" id="chkall" onclick="check_all(this.form)">
</th>
<th scope="col"><?php echo subject_sort_link('mb_id') ?>회원아이디</a></th>
<th scope="col">이름</th>
<th scope="col">닉네임</th>
<th scope="col"><?php echo subject_sort_link('po_content') ?>포인트 내용</a></th>
<th scope="col"><?php echo subject_sort_link('po_point') ?>포인트</a></th>
<th scope="col"><?php echo subject_sort_link('po_datetime') ?>일시</a></th>
<th scope="col">만료일</th>
<th scope="col">포인트합</th>
</tr>
</thead>
<tbody>
<?php
for ($i=0; $row=sql_fetch_array($result); $i++) {
if ($i==0 || ($row2['mb_id'] != $row['mb_id'])) {
$sql2 = " select mb_id, mb_name, mb_nick, mb_email, mb_homepage, mb_point from {$g5['member_table']} where mb_id = '{$row['mb_id']}' ";
$row2 = sql_fetch($sql2);
}
<div class="tbl_head01 tbl_wrap">
<table>
<caption><?php echo $g5['title']; ?> 목록</caption>
<thead>
<tr>
<th scope="col">
<label for="chkall" class="sound_only">포인트 내역 전체</label>
<input type="checkbox" name="chkall" value="1" id="chkall" onclick="check_all(this.form)">
</th>
<th scope="col"><?php echo subject_sort_link('mb_id') ?>회원아이디</a></th>
<th scope="col">이름</th>
<th scope="col">닉네임</th>
<th scope="col"><?php echo subject_sort_link('po_content') ?>포인트 내용</a></th>
<th scope="col"><?php echo subject_sort_link('po_point') ?>포인트</a></th>
<th scope="col"><?php echo subject_sort_link('po_datetime') ?>일시</a></th>
<th scope="col">만료일</th>
<th scope="col">포인트합</th>
</tr>
</thead>
<tbody>
<?php
for ($i = 0; $row = sql_fetch_array($result); $i++) {
$mb_nick = get_sideview($row['mb_id'], $row['mb_nick'], $row['mb_email'], $row['mb_homepage']);
$mb_nick = get_sideview($row['mb_id'], $row2['mb_nick'], $row2['mb_email'], $row2['mb_homepage']);
$link1 = $link2 = '';
if (!preg_match("/^\@/", $row['po_rel_table']) && $row['po_rel_table']) {
$link1 = '<a href="' . get_pretty_url($row['po_rel_table'], $row['po_rel_id']) . '" target="_blank">';
$link2 = '</a>';
}
$link1 = $link2 = '';
if (!preg_match("/^\@/", $row['po_rel_table']) && $row['po_rel_table']) {
$link1 = '<a href="'.get_pretty_url($row['po_rel_table'], $row['po_rel_id']).'" target="_blank">';
$link2 = '</a>';
}
$expr = '';
if ($row['po_expired'] == 1) {
$expr = ' txt_expired';
}
$expr = '';
if($row['po_expired'] == 1)
$expr = ' txt_expired';
$bg = 'bg' . ($i % 2);
?>
$bg = 'bg'.($i%2);
?>
<tr class="<?php echo $bg; ?>">
<td class="td_chk">
<input type="hidden" name="mb_id[<?php echo $i ?>]" value="<?php echo $row['mb_id'] ?>" id="mb_id_<?php echo $i ?>">
<input type="hidden" name="po_id[<?php echo $i ?>]" value="<?php echo $row['po_id'] ?>" id="po_id_<?php echo $i ?>">
<label for="chk_<?php echo $i; ?>" class="sound_only"><?php echo $row['po_content'] ?> 내역</label>
<input type="checkbox" name="chk[]" value="<?php echo $i ?>" id="chk_<?php echo $i ?>">
</td>
<td class="td_left"><a href="?sfl=mb_id&amp;stx=<?php echo $row['mb_id'] ?>"><?php echo $row['mb_id'] ?></a></td>
<td class="td_left"><?php echo get_text($row['mb_name']); ?></td>
<td class="td_left sv_use">
<div><?php echo $mb_nick ?></div>
</td>
<td class="td_left"><?php echo $link1 ?><?php echo $row['po_content'] ?><?php echo $link2 ?></td>
<td class="td_num td_pt"><?php echo number_format($row['po_point']) ?></td>
<td class="td_datetime"><?php echo $row['po_datetime'] ?></td>
<td class="td_datetime2<?php echo $expr; ?>">
<?php if ($row['po_expired'] == 1) { ?>
만료<?php echo substr(str_replace('-', '', $row['po_expire_date']), 2); ?>
<?php } else {
echo $row['po_expire_date'] == '9999-12-31' ? '&nbsp;' : $row['po_expire_date'];
} ?>
</td>
<td class="td_num td_pt"><?php echo number_format($row['po_mb_point']) ?></td>
</tr>
<tr class="<?php echo $bg; ?>">
<td class="td_chk">
<input type="hidden" name="mb_id[<?php echo $i ?>]" value="<?php echo $row['mb_id'] ?>" id="mb_id_<?php echo $i ?>">
<input type="hidden" name="po_id[<?php echo $i ?>]" value="<?php echo $row['po_id'] ?>" id="po_id_<?php echo $i ?>">
<label for="chk_<?php echo $i; ?>" class="sound_only"><?php echo $row['po_content'] ?> 내역</label>
<input type="checkbox" name="chk[]" value="<?php echo $i ?>" id="chk_<?php echo $i ?>">
</td>
<td class="td_left"><a href="?sfl=mb_id&amp;stx=<?php echo $row['mb_id'] ?>"><?php echo $row['mb_id'] ?></a></td>
<td class="td_left"><?php echo get_text($row2['mb_name']); ?></td>
<td class="td_left sv_use"><div><?php echo $mb_nick ?></div></td>
<td class="td_left"><?php echo $link1 ?><?php echo $row['po_content'] ?><?php echo $link2 ?></td>
<td class="td_num td_pt"><?php echo number_format($row['po_point']) ?></td>
<td class="td_datetime"><?php echo $row['po_datetime'] ?></td>
<td class="td_datetime2<?php echo $expr; ?>">
<?php if ($row['po_expired'] == 1) { ?>
만료<?php echo substr(str_replace('-', '', $row['po_expire_date']), 2); ?>
<?php } else echo $row['po_expire_date'] == '9999-12-31' ? '&nbsp;' : $row['po_expire_date']; ?>
</td>
<td class="td_num td_pt"><?php echo number_format($row['po_mb_point']) ?></td>
</tr>
<?php
}
<?php
}
if ($i == 0) {
echo '<tr><td colspan="' . $colspan . '" class="empty_table">자료가 없습니다.</td></tr>';
}
?>
</tbody>
</table>
</div>
if ($i == 0)
echo '<tr><td colspan="'.$colspan.'" class="empty_table">자료가 없습니다.</td></tr>';
?>
</tbody>
</table>
</div>
<div class="btn_fixed_top">
<input type="submit" name="act_button" value="선택삭제" onclick="document.pressed=this.value" class="btn btn_02">
</div>
<div class="btn_fixed_top">
<input type="submit" name="act_button" value="선택삭제" onclick="document.pressed=this.value" class="btn btn_02">
</div>
</form>
@ -185,67 +191,66 @@ else
<h2 class="h2_frm">개별회원 포인트 증감 설정</h2>
<form name="fpointlist2" method="post" id="fpointlist2" action="./point_update.php" autocomplete="off">
<input type="hidden" name="sfl" value="<?php echo $sfl ?>">
<input type="hidden" name="stx" value="<?php echo $stx ?>">
<input type="hidden" name="sst" value="<?php echo $sst ?>">
<input type="hidden" name="sod" value="<?php echo $sod ?>">
<input type="hidden" name="page" value="<?php echo $page ?>">
<input type="hidden" name="token" value="<?php echo isset($token) ? $token : ''; ?>">
<input type="hidden" name="sfl" value="<?php echo $sfl ?>">
<input type="hidden" name="stx" value="<?php echo $stx ?>">
<input type="hidden" name="sst" value="<?php echo $sst ?>">
<input type="hidden" name="sod" value="<?php echo $sod ?>">
<input type="hidden" name="page" value="<?php echo $page ?>">
<input type="hidden" name="token" value="<?php echo isset($token) ? $token : ''; ?>">
<div class="tbl_frm01 tbl_wrap">
<table>
<colgroup>
<col class="grid_4">
<col>
</colgroup>
<tbody>
<tr>
<th scope="row"><label for="mb_id">회원아이디<strong class="sound_only">필수</strong></label></th>
<td><input type="text" name="mb_id" value="<?php echo $mb_id ?>" id="mb_id" class="required frm_input" required></td>
</tr>
<tr>
<th scope="row"><label for="po_content">포인트 내용<strong class="sound_only">필수</strong></label></th>
<td><input type="text" name="po_content" id="po_content" required class="required frm_input" size="80"></td>
</tr>
<tr>
<th scope="row"><label for="po_point">포인트<strong class="sound_only">필수</strong></label></th>
<td><input type="text" name="po_point" id="po_point" required class="required frm_input"></td>
</tr>
<?php if($config['cf_point_term'] > 0) { ?>
<tr>
<th scope="row"><label for="po_expire_term">포인트 유효기간</label></th>
<td><input type="text" name="po_expire_term" value="<?php echo $po_expire_term; ?>" id="po_expire_term" class="frm_input" size="5"> 일</td>
</tr>
<?php } ?>
</tbody>
</table>
</div>
<div class="tbl_frm01 tbl_wrap">
<table>
<colgroup>
<col class="grid_4">
<col>
</colgroup>
<tbody>
<tr>
<th scope="row"><label for="mb_id">회원아이디<strong class="sound_only">필수</strong></label></th>
<td><input type="text" name="mb_id" value="<?php echo $mb_id ?>" id="mb_id" class="required frm_input" required></td>
</tr>
<tr>
<th scope="row"><label for="po_content">포인트 내용<strong class="sound_only">필수</strong></label></th>
<td><input type="text" name="po_content" id="po_content" required class="required frm_input" size="80"></td>
</tr>
<tr>
<th scope="row"><label for="po_point">포인트<strong class="sound_only">필수</strong></label></th>
<td><input type="text" name="po_point" id="po_point" required class="required frm_input"></td>
</tr>
<?php if ($config['cf_point_term'] > 0) { ?>
<tr>
<th scope="row"><label for="po_expire_term">포인트 유효기간</label></th>
<td><input type="text" name="po_expire_term" value="<?php echo $po_expire_term; ?>" id="po_expire_term" class="frm_input" size="5"> 일</td>
</tr>
<?php } ?>
</tbody>
</table>
</div>
<div class="btn_confirm01 btn_confirm">
<input type="submit" value="확인" class="btn_submit btn">
</div>
<div class="btn_confirm01 btn_confirm">
<input type="submit" value="확인" class="btn_submit btn">
</div>
</form>
</section>
<script>
function fpointlist_submit(f)
{
if (!is_checked("chk[]")) {
alert(document.pressed+" 하실 항목을 하나 이상 선택하세요.");
return false;
}
if(document.pressed == "선택삭제") {
if(!confirm("선택한 자료를 정말 삭제하시겠습니까?")) {
function fpointlist_submit(f) {
if (!is_checked("chk[]")) {
alert(document.pressed + " 하실 항목을 하나 이상 선택하세요.");
return false;
}
}
return true;
}
if (document.pressed == "선택삭제") {
if (!confirm("선택한 자료를 정말 삭제하시겠습니까?")) {
return false;
}
}
return true;
}
</script>
<?php
include_once ('./admin.tail.php');
require_once './admin.tail.php';

26
adm/point_list_delete.php
View File

@ -1,6 +1,6 @@
<?php
$sub_menu = '200200';
include_once('./_common.php');
require_once './_common.php';
check_demo();
@ -9,11 +9,11 @@ auth_check_menu($auth, $sub_menu, 'd');
check_admin_token();
$count = (isset($_POST['chk']) && is_array($_POST['chk'])) ? count($_POST['chk']) : 0;
if(!$count)
alert($_POST['act_button'].' 하실 항목을 하나 이상 체크하세요.');
if (!$count) {
alert($_POST['act_button'] . ' 하실 항목을 하나 이상 체크하세요.');
}
for ($i=0; $i<$count; $i++)
{
for ($i = 0; $i < $count; $i++) {
// 실제 번호를 넘김
$k = $_POST['chk'][$i];
$po_id = (int) $_POST['po_id'][$k];
@ -23,19 +23,21 @@ for ($i=0; $i<$count; $i++)
$sql = " select * from {$g5['point_table']} where po_id = '{$po_id}' ";
$row = sql_fetch($sql);
if(!$row['po_id'])
if (!$row['po_id']) {
continue;
}
if($row['po_point'] < 0) {
if ($row['po_point'] < 0) {
$mb_id = $row['mb_id'];
$po_point = abs($row['po_point']);
if($row['po_rel_table'] == '@expire')
if ($row['po_rel_table'] == '@expire') {
delete_expire_point($mb_id, $po_point);
else
} else {
delete_use_point($mb_id, $po_point);
}
} else {
if($row['po_use_point'] > 0) {
if ($row['po_use_point'] > 0) {
insert_use_point($row['mb_id'], $row['po_use_point'], $row['po_id']);
}
}
@ -53,8 +55,8 @@ for ($i=0; $i<$count; $i++)
// 포인트 UPDATE
$sum_point = get_point_sum($_POST['mb_id'][$k]);
$sql= " update {$g5['member_table']} set mb_point = '$sum_point' where mb_id = '{$str_mb_id}' ";
$sql = " update {$g5['member_table']} set mb_point = '$sum_point' where mb_id = '{$str_mb_id}' ";
sql_query($sql);
}
goto_url('./point_list.php?'.$qstr);
goto_url('./point_list.php?' . $qstr);

18
adm/point_update.php
View File

@ -1,24 +1,26 @@
<?php
$sub_menu = "200200";
include_once('./_common.php');
require_once './_common.php';
auth_check_menu($auth, $sub_menu, 'w');
check_admin_token();
$mb_id = isset($_POST['mb_id']) ? strip_tags(clean_xss_attributes($_POST['mb_id'])) : '';
$po_point = isset($_POST['po_point']) ? strip_tags(clean_xss_attributes($_POST['po_point'])) : 0;
$po_point = isset($_POST['po_point']) ? (int)strip_tags(clean_xss_attributes($_POST['po_point'])) : 0;
$po_content = isset($_POST['po_content']) ? strip_tags(clean_xss_attributes($_POST['po_content'])) : '';
$expire = isset($_POST['po_expire_term']) ? preg_replace('/[^0-9]/', '', $_POST['po_expire_term']) : '';
$mb = get_member($mb_id);
if (!$mb['mb_id'])
alert('존재하는 회원아이디가 아닙니다.', './point_list.php?'.$qstr);
if (!$mb['mb_id']) {
alert('존재하는 회원아이디가 아닙니다.', './point_list.php?' . $qstr);
}
if (($po_point < 0) && ($po_point * (-1) > $mb['mb_point']))
alert('포인트를 깎는 경우 현재 포인트보다 작으면 안됩니다.', './point_list.php?'.$qstr);
if (($po_point < 0) && ($po_point * (-1) > $mb['mb_point'])) {
alert('포인트를 깎는 경우 현재 포인트보다 작으면 안됩니다.', './point_list.php?' . $qstr);
}
insert_point($mb_id, $po_point, $po_content, '@passive', $mb_id, $member['mb_id'].'-'.uniqid(''), $expire);
insert_point($mb_id, $po_point, $po_content, '@passive', $mb_id, $member['mb_id'] . '-' . uniqid(''), $expire);
goto_url('./point_list.php?'.$qstr);
goto_url('./point_list.php?' . $qstr);

9
adm/poll_delete.php
View File

@ -1,6 +1,6 @@
<?php
$sub_menu = "200900";
include_once('./_common.php');
require_once './_common.php';
check_demo();
@ -10,10 +10,11 @@ check_admin_token();
$count = (isset($_POST['chk']) && is_array($_POST['chk'])) ? count($_POST['chk']) : 0;
if(!$count)
if (!$count) {
alert('삭제할 투표목록을 1개이상 선택해 주세요.');
}
for($i=0; $i<$count; $i++) {
for ($i = 0; $i < $count; $i++) {
$po_id = isset($_POST['chk'][$i]) ? (int) $_POST['chk'][$i] : 0;
$sql = " delete from {$g5['poll_table']} where po_id = '$po_id' ";
@ -23,4 +24,4 @@ for($i=0; $i<$count; $i++) {
sql_query($sql);
}
goto_url('./poll_list.php?'.$qstr);
goto_url('./poll_list.php?' . $qstr);

176
adm/poll_form.php
View File

@ -1,121 +1,123 @@
<?php
$sub_menu = "200900";
include_once('./_common.php');
require_once './_common.php';
auth_check_menu($auth, $sub_menu, 'w');
$po_id = isset($po_id) ? (int) $po_id : 0;
$po = array(
'po_subject'=>'',
'po_etc'=>'',
'po_level'=>'',
'po_point'=>'',
'po_subject' => '',
'po_etc' => '',
'po_level' => '',
'po_point' => '',
);
$html_title = '투표';
if ($w == '')
if ($w == '') {
$html_title .= ' 생성';
else if ($w == 'u') {
} elseif ($w == 'u') {
$html_title .= ' 수정';
$sql = " select * from {$g5['poll_table']} where po_id = '{$po_id}' ";
$po = sql_fetch($sql);
} else
} else {
alert('w 값이 제대로 넘어오지 않았습니다.');
}
$g5['title'] = $html_title;
include_once('./admin.head.php');
require_once './admin.head.php';
?>
<form name="fpoll" id="fpoll" action="./poll_form_update.php" method="post" enctype="multipart/form-data">
<input type="hidden" name="po_id" value="<?php echo $po_id ?>">
<input type="hidden" name="w" value="<?php echo $w ?>">
<input type="hidden" name="sfl" value="<?php echo $sfl ?>">
<input type="hidden" name="stx" value="<?php echo $stx ?>">
<input type="hidden" name="sst" value="<?php echo $sst ?>">
<input type="hidden" name="sod" value="<?php echo $sod ?>">
<input type="hidden" name="page" value="<?php echo $page ?>">
<input type="hidden" name="token" value="">
<input type="hidden" name="po_id" value="<?php echo $po_id ?>">
<input type="hidden" name="w" value="<?php echo $w ?>">
<input type="hidden" name="sfl" value="<?php echo $sfl ?>">
<input type="hidden" name="stx" value="<?php echo $stx ?>">
<input type="hidden" name="sst" value="<?php echo $sst ?>">
<input type="hidden" name="sod" value="<?php echo $sod ?>">
<input type="hidden" name="page" value="<?php echo $page ?>">
<input type="hidden" name="token" value="">
<div class="tbl_frm01 tbl_wrap">
<div class="tbl_frm01 tbl_wrap">
<table>
<caption><?php echo $g5['title']; ?></caption>
<tbody>
<tr>
<th scope="row"><label for="po_subject">투표 제목<strong class="sound_only">필수</strong></label></th>
<td><input type="text" name="po_subject" value="<?php echo get_sanitize_input($po['po_subject']); ?>" id="po_subject" required class="required frm_input" size="80" maxlength="125"></td>
</tr>
<table>
<caption><?php echo $g5['title']; ?></caption>
<tbody>
<tr>
<th scope="row"><label for="po_subject">투표 제목<strong class="sound_only">필수</strong></label></th>
<td><input type="text" name="po_subject" value="<?php echo get_sanitize_input($po['po_subject']); ?>" id="po_subject" required class="required frm_input" size="80" maxlength="125"></td>
</tr>
<?php
for ($i=1; $i<=9; $i++) {
$required = '';
if ($i==1 || $i==2) {
$required = 'required';
$sound_only = '<strong class="sound_only">필수</strong>';
}
<?php
for ($i = 1; $i <= 9; $i++) {
$required = '';
$sound_only = '';
if ($i == 1 || $i == 2) {
$required = 'required';
$sound_only = '<strong class="sound_only">필수</strong>';
}
$po_poll = isset($po['po_poll'.$i]) ? get_text($po['po_poll'.$i]) : '';
$po_cnt = isset($po['po_cnt'.$i]) ? get_text($po['po_cnt'.$i]) : 0;
?>
$po_poll = isset($po['po_poll' . $i]) ? get_text($po['po_poll' . $i]) : '';
$po_cnt = isset($po['po_cnt' . $i]) ? get_text($po['po_cnt' . $i]) : 0;
?>
<tr>
<th scope="row"><label for="po_poll<?php echo $i ?>">항목 <?php echo $i ?><?php echo $sound_only ?></label></th>
<td>
<input type="text" name="po_poll<?php echo $i ?>" value="<?php echo $po_poll ?>" id="po_poll<?php echo $i ?>" <?php echo $required ?> class="frm_input <?php echo $required ?>" maxlength="125">
<label for="po_cnt<?php echo $i ?>">항목 <?php echo $i ?> 투표수</label>
<input type="text" name="po_cnt<?php echo $i ?>" value="<?php echo $po_cnt; ?>" id="po_cnt<?php echo $i ?>" class="frm_input" size="3">
</td>
</tr>
<tr>
<th scope="row"><label for="po_poll<?php echo $i ?>">항목 <?php echo $i ?><?php echo $sound_only ?></label></th>
<td>
<input type="text" name="po_poll<?php echo $i ?>" value="<?php echo $po_poll ?>" id="po_poll<?php echo $i ?>" <?php echo $required ?> class="frm_input <?php echo $required ?>" maxlength="125">
<label for="po_cnt<?php echo $i ?>">항목 <?php echo $i ?> 투표수</label>
<input type="text" name="po_cnt<?php echo $i ?>" value="<?php echo $po_cnt; ?>" id="po_cnt<?php echo $i ?>" class="frm_input" size="3">
</td>
</tr>
<?php } ?>
<?php } ?>
<tr>
<th scope="row"><label for="po_etc">기타의견</label></th>
<td>
<?php echo help('기타 의견을 남길 수 있도록 하려면, 간단한 질문을 입력하세요.') ?>
<input type="text" name="po_etc" value="<?php echo get_text($po['po_etc']) ?>" id="po_etc" class="frm_input" size="80" maxlength="125">
</td>
</tr>
<tr>
<th scope="row"><label for="po_level">투표가능 회원레벨</label></th>
<td>
<?php echo help("레벨을 1로 설정하면 손님도 투표할 수 있습니다.") ?>
<?php echo get_member_level_select('po_level', 1, 10, $po['po_level']) ?> 이상 투표할 수 있음
</td>
</tr>
<tr>
<th scope="row"><label for="po_point">포인트</label></th>
<td>
<?php echo help('투표에 참여한 회원에게 포인트를 부여합니다.') ?>
<input type="text" name="po_point" value="<?php echo $po['po_point'] ?>" id="po_point" class="frm_input"> 점
</td>
</tr>
<tr>
<th scope="row"><label for="po_etc">기타의견</label></th>
<td>
<?php echo help('기타 의견을 남길 수 있도록 하려면, 간단한 질문을 입력하세요.') ?>
<input type="text" name="po_etc" value="<?php echo get_text($po['po_etc']) ?>" id="po_etc" class="frm_input" size="80" maxlength="125">
</td>
</tr>
<tr>
<th scope="row"><label for="po_level">투표가능 회원레벨</label></th>
<td>
<?php echo help("레벨을 1로 설정하면 손님도 투표할 수 있습니다.") ?>
<?php echo get_member_level_select('po_level', 1, 10, $po['po_level']) ?> 이상 투표할 수 있음
</td>
</tr>
<tr>
<th scope="row"><label for="po_point">포인트</label></th>
<td>
<?php echo help('투표에 참여한 회원에게 포인트를 부여합니다.') ?>
<input type="text" name="po_point" value="<?php echo $po['po_point'] ?>" id="po_point" class="frm_input"> 점
</td>
</tr>
<?php if ($w == 'u') { ?>
<tr>
<th scope="row">투표등록일</th>
<td><?php echo $po['po_date']; ?></td>
</tr>
<tr>
<th scope="row"><label for="po_ips">투표참가 IP</label></th>
<td><textarea name="po_ips" id="po_ips" readonly rows="10"><?php echo preg_replace("/\n/", " / ", $po['po_ips']) ?></textarea></td>
</tr>
<tr>
<th scope="row"><label for="mb_ids">투표참가 회원</label></th>
<td><textarea name="mb_ids" id="mb_ids" readonly rows="10"><?php echo preg_replace("/\n/", " / ", $po['mb_ids']) ?></textarea></td>
</tr>
<?php } ?>
</tbody>
</table>
<?php if ($w == 'u') { ?>
<tr>
<th scope="row">투표등록일</th>
<td><?php echo $po['po_date']; ?></td>
</tr>
<tr>
<th scope="row"><label for="po_ips">투표참가 IP</label></th>
<td><textarea name="po_ips" id="po_ips" readonly rows="10"><?php echo preg_replace("/\n/", " / ", $po['po_ips']) ?></textarea></td>
</tr>
<tr>
<th scope="row"><label for="mb_ids">투표참가 회원</label></th>
<td><textarea name="mb_ids" id="mb_ids" readonly rows="10"><?php echo preg_replace("/\n/", " / ", $po['mb_ids']) ?></textarea></td>
</tr>
<?php } ?>
</tbody>
</table>
</div>
</div>
<div class="btn_fixed_top ">
<a href="./poll_list.php?<?php echo $qstr ?>" class="btn_02 btn">목록</a>
<input type="submit" value="확인" class="btn_submit btn" accesskey="s">
</div>
<div class="btn_fixed_top ">
<a href="./poll_list.php?<?php echo $qstr ?>" class="btn_02 btn">목록</a>
<input type="submit" value="확인" class="btn_submit btn" accesskey="s">
</div>
</form>
<?php
include_once('./admin.tail.php');
require_once './admin.tail.php';

83
adm/poll_form_update.php
View File

@ -1,60 +1,62 @@
<?php
$sub_menu = "200900";
include_once('./_common.php');
require_once './_common.php';
$w = $_POST['w'];
if ($w == 'u' || $w == 'd')
if ($w == 'u' || $w == 'd') {
check_demo();
}
auth_check_menu($auth, $sub_menu, 'w');
check_admin_token();
$check_keys = array(
'po_subject',
'po_poll1',
'po_poll2',
'po_poll3',
'po_poll4',
'po_poll5',
'po_poll6',
'po_poll7',
'po_poll8',
'po_poll9',
'po_cnt1',
'po_cnt2',
'po_cnt3',
'po_cnt4',
'po_cnt5',
'po_cnt6',
'po_cnt7',
'po_cnt8',
'po_cnt9',
'po_etc',
'po_level',
'po_point',
'po_id'
'po_subject',
'po_poll1',
'po_poll2',
'po_poll3',
'po_poll4',
'po_poll5',
'po_poll6',
'po_poll7',
'po_poll8',
'po_poll9',
'po_cnt1',
'po_cnt2',
'po_cnt3',
'po_cnt4',
'po_cnt5',
'po_cnt6',
'po_cnt7',
'po_cnt8',
'po_cnt9',
'po_etc',
'po_level',
'po_point',
'po_id'
);
foreach( $_POST as $key=>$value ){
if( empty($value) ) continue;
foreach ($_POST as $key => $value) {
if (empty($value)) {
continue;
}
if( in_array($key, $check_keys) ) {
if (in_array($key, $check_keys)) {
$_POST[$key] = strip_tags(clean_xss_attributes($value));
}
}
if ($w == '')
{
$po_id = isset($_POST['po_id']) ? $_POST['po_id'] : '';
if ($w == '') {
$sql = " insert {$g5['poll_table']}
( po_subject, po_poll1, po_poll2, po_poll3, po_poll4, po_poll5, po_poll6, po_poll7, po_poll8, po_poll9, po_cnt1, po_cnt2, po_cnt3, po_cnt4, po_cnt5, po_cnt6, po_cnt7, po_cnt8, po_cnt9, po_etc, po_level, po_point, po_date )
values ( '{$_POST['po_subject']}', '{$_POST['po_poll1']}', '{$_POST['po_poll2']}', '{$_POST['po_poll3']}', '{$_POST['po_poll4']}', '{$_POST['po_poll5']}', '{$_POST['po_poll6']}', '{$_POST['po_poll7']}', '{$_POST['po_poll8']}', '{$_POST['po_poll9']}', '{$_POST['po_cnt1']}', '{$_POST['po_cnt2']}', '{$_POST['po_cnt3']}', '{$_POST['po_cnt4']}', '{$_POST['po_cnt5']}', '{$_POST['po_cnt6']}', '{$_POST['po_cnt7']}', '{$_POST['po_cnt8']}', '{$_POST['po_cnt9']}', '{$_POST['po_etc']}', '{$_POST['po_level']}', '{$_POST['po_point']}', '".G5_TIME_YMD."' ) ";
values ( '{$_POST['po_subject']}', '{$_POST['po_poll1']}', '{$_POST['po_poll2']}', '{$_POST['po_poll3']}', '{$_POST['po_poll4']}', '{$_POST['po_poll5']}', '{$_POST['po_poll6']}', '{$_POST['po_poll7']}', '{$_POST['po_poll8']}', '{$_POST['po_poll9']}', '{$_POST['po_cnt1']}', '{$_POST['po_cnt2']}', '{$_POST['po_cnt3']}', '{$_POST['po_cnt4']}', '{$_POST['po_cnt5']}', '{$_POST['po_cnt6']}', '{$_POST['po_cnt7']}', '{$_POST['po_cnt8']}', '{$_POST['po_cnt9']}', '{$_POST['po_etc']}', '{$_POST['po_level']}', '{$_POST['po_point']}', '" . G5_TIME_YMD . "' ) ";
sql_query($sql);
$po_id = sql_insert_id();
}
else if ($w == 'u')
{
} elseif ($w == 'u') {
$sql = " update {$g5['poll_table']}
set po_subject = '{$_POST['po_subject']}',
po_poll1 = '{$_POST['po_poll1']}',
@ -80,9 +82,7 @@ else if ($w == 'u')
po_point = '{$_POST['po_point']}'
where po_id = '{$_POST['po_id']}' ";
sql_query($sql);
}
else if ($w == 'd')
{
} elseif ($w == 'd') {
$sql = " delete from {$g5['poll_table']} where po_id = '{$_POST['po_id']}' ";
sql_query($sql);
@ -96,7 +96,8 @@ else if ($w == 'd')
$row = sql_fetch(" select max(po_id) as max_po_id from {$g5['poll_table']} ");
sql_query(" update {$g5['config_table']} set cf_max_po_id = '{$row['max_po_id']}' ");
if ($w == 'd')
goto_url('./poll_list.php?'.$qstr);
else
goto_url('./poll_form.php?w=u&po_id='.$po_id.'&amp;'.$qstr);
if ($w == 'd') {
goto_url('./poll_list.php?' . $qstr);
} else {
goto_url('./poll_form.php?w=u&po_id=' . $po_id . '&amp;' . $qstr);
}

169
adm/poll_list.php
View File

@ -1,6 +1,6 @@
<?php
$sub_menu = "200900";
include_once('./_common.php');
require_once './_common.php';
auth_check_menu($auth, $sub_menu, 'r');
@ -10,7 +10,7 @@ $sql_search = " where (1) ";
if ($stx) {
$sql_search .= " and ( ";
switch ($sfl) {
default :
default:
$sql_search .= " ({$sfl} like '%{$stx}%') ";
break;
}
@ -18,7 +18,7 @@ if ($stx) {
}
if (!$sst) {
$sst = "po_id";
$sst = "po_id";
$sod = "desc";
}
$sql_order = " order by {$sst} {$sod} ";
@ -32,7 +32,9 @@ $total_count = $row['cnt'];
$rows = $config['cf_page_rows'];
$total_page = ceil($total_count / $rows); // 전체 페이지 계산
if ($page < 1) $page = 1; // 페이지가 없으면 첫 페이지 (1 페이지)
if ($page < 1) {
$page = 1; // 페이지가 없으면 첫 페이지 (1 페이지)
}
$from_record = ($page - 1) * $rows; // 시작 열을 구함
$sql = " select *
@ -42,10 +44,10 @@ $sql = " select *
limit {$from_record}, {$rows} ";
$result = sql_query($sql);
$listall = '<a href="'.$_SERVER['SCRIPT_NAME'].'" class="ov_listall">전체목록</a>';
$listall = '<a href="' . $_SERVER['SCRIPT_NAME'] . '" class="ov_listall">전체목록</a>';
$g5['title'] = '투표관리';
include_once('./admin.head.php');
require_once './admin.head.php';
$colspan = 7;
?>
@ -56,102 +58,103 @@ $colspan = 7;
</div>
<form name="fsearch" id="fsearch" class="local_sch01 local_sch" method="get">
<div class="sch_last">
<label for="sfl" class="sound_only">검색대상</label>
<select name="sfl" id="sfl">
<option value="po_subject"<?php echo get_selected($sfl, "po_subject"); ?>>제목</option>
</select>
<label for="stx" class="sound_only">검색어<strong class="sound_only"> 필수</strong></label>
<input type="text" name="stx" value="<?php echo $stx ?>" id="stx" required class="required frm_input">
<input type="submit" class="btn_submit" value="검색">
</div>
<div class="sch_last">
<label for="sfl" class="sound_only">검색대상</label>
<select name="sfl" id="sfl">
<option value="po_subject" <?php echo get_selected($sfl, "po_subject"); ?>>제목</option>
</select>
<label for="stx" class="sound_only">검색어<strong class="sound_only"> 필수</strong></label>
<input type="text" name="stx" value="<?php echo $stx ?>" id="stx" required class="required frm_input">
<input type="submit" class="btn_submit" value="검색">
</div>
</form>
<form name="fpolllist" id="fpolllist" action="./poll_delete.php" method="post">
<input type="hidden" name="sst" value="<?php echo $sst ?>">
<input type="hidden" name="sod" value="<?php echo $sod ?>">
<input type="hidden" name="sfl" value="<?php echo $sfl ?>">
<input type="hidden" name="stx" value="<?php echo $stx ?>">
<input type="hidden" name="page" value="<?php echo $page ?>">
<input type="hidden" name="token" value="">
<input type="hidden" name="sst" value="<?php echo $sst ?>">
<input type="hidden" name="sod" value="<?php echo $sod ?>">
<input type="hidden" name="sfl" value="<?php echo $sfl ?>">
<input type="hidden" name="stx" value="<?php echo $stx ?>">
<input type="hidden" name="page" value="<?php echo $page ?>">
<input type="hidden" name="token" value="">
<div class="tbl_head01 tbl_wrap">
<table>
<caption><?php echo $g5['title']; ?> 목록</caption>
<thead>
<tr>
<th scope="col">
<label for="chkall" class="sound_only">현재 페이지 투표 전체</label>
<input type="checkbox" name="chkall" value="1" id="chkall" onclick="check_all(this.form)">
</th>
<th scope="col">번호</th>
<th scope="col">제목</th>
<th scope="col">투표권한</th>
<th scope="col">투표수</th>
<th scope="col">기타의견</th>
<th scope="col">관리</th>
</tr>
</thead>
<tbody>
<?php
for ($i=0; $row=sql_fetch_array($result); $i++) {
$sql2 = " select sum(po_cnt1+po_cnt2+po_cnt3+po_cnt4+po_cnt5+po_cnt6+po_cnt7+po_cnt8+po_cnt9) as sum_po_cnt from {$g5['poll_table']} where po_id = '{$row['po_id']}' ";
$row2 = sql_fetch($sql2);
$po_etc = ($row['po_etc']) ? "사용" : "미사용";
<div class="tbl_head01 tbl_wrap">
<table>
<caption><?php echo $g5['title']; ?> 목록</caption>
<thead>
<tr>
<th scope="col">
<label for="chkall" class="sound_only">현재 페이지 투표 전체</label>
<input type="checkbox" name="chkall" value="1" id="chkall" onclick="check_all(this.form)">
</th>
<th scope="col">번호</th>
<th scope="col">제목</th>
<th scope="col">투표권한</th>
<th scope="col">투표수</th>
<th scope="col">기타의견</th>
<th scope="col">관리</th>
</tr>
</thead>
<tbody>
<?php
for ($i = 0; $row = sql_fetch_array($result); $i++) {
$sql2 = " select sum(po_cnt1+po_cnt2+po_cnt3+po_cnt4+po_cnt5+po_cnt6+po_cnt7+po_cnt8+po_cnt9) as sum_po_cnt from {$g5['poll_table']} where po_id = '{$row['po_id']}' ";
$row2 = sql_fetch($sql2);
$po_etc = ($row['po_etc']) ? "사용" : "미사용";
$s_mod = '<a href="./poll_form.php?'.$qstr.'&amp;w=u&amp;po_id='.$row['po_id'].'" class="btn btn_03">수정</a>';
$s_mod = '<a href="./poll_form.php?' . $qstr . '&amp;w=u&amp;po_id=' . $row['po_id'] . '" class="btn btn_03">수정</a>';
$bg = 'bg'.($i%2);
?>
$bg = 'bg' . ($i % 2);
?>
<tr class="<?php echo $bg; ?>">
<td class="td_chk">
<label for="chk_<?php echo $i; ?>" class="sound_only"><?php echo cut_str(get_text($row['po_subject']),70) ?> 투표</label>
<input type="checkbox" name="chk[]" value="<?php echo $row['po_id'] ?>" id="chk_<?php echo $i ?>">
</td>
<td class="td_num"><?php echo $row['po_id'] ?></td>
<td class="td_left"><?php echo cut_str(get_text($row['po_subject']),70) ?></td>
<td class="td_num"><?php echo $row['po_level'] ?></td>
<td class="td_num"><?php echo $row2['sum_po_cnt'] ?></td>
<td class="td_etc"><?php echo $po_etc ?></td>
<td class="td_mng td_mng_s"><?php echo $s_mod ?></td>
</tr>
<tr class="<?php echo $bg; ?>">
<td class="td_chk">
<label for="chk_<?php echo $i; ?>" class="sound_only"><?php echo cut_str(get_text($row['po_subject']), 70) ?> 투표</label>
<input type="checkbox" name="chk[]" value="<?php echo $row['po_id'] ?>" id="chk_<?php echo $i ?>">
</td>
<td class="td_num"><?php echo $row['po_id'] ?></td>
<td class="td_left"><?php echo cut_str(get_text($row['po_subject']), 70) ?></td>
<td class="td_num"><?php echo $row['po_level'] ?></td>
<td class="td_num"><?php echo $row2['sum_po_cnt'] ?></td>
<td class="td_etc"><?php echo $po_etc ?></td>
<td class="td_mng td_mng_s"><?php echo $s_mod ?></td>
</tr>
<?php
}
<?php
}
if ($i==0)
echo '<tr><td colspan="'.$colspan.'" class="empty_table">자료가 없습니다.</td></tr>';
?>
</tbody>
</table>
</div>
if ($i == 0) {
echo '<tr><td colspan="' . $colspan . '" class="empty_table">자료가 없습니다.</td></tr>';
}
?>
</tbody>
</table>
</div>
<div class="btn_fixed_top">
<input type="submit" value="선택삭제" class="btn btn_02">
<a href="./poll_form.php" id="poll_add" class="btn btn_01">투표 추가</a>
</div>
<div class="btn_fixed_top">
<input type="submit" value="선택삭제" class="btn btn_02">
<a href="./poll_form.php" id="poll_add" class="btn btn_01">투표 추가</a>
</div>
</form>
<?php echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, "{$_SERVER['SCRIPT_NAME']}?$qstr&amp;page="); ?>
<script>
$(function() {
$('#fpolllist').submit(function() {
if(confirm("한번 삭제한 자료는 복구할 방법이 없습니다.\n\n정말 삭제하시겠습니까?")) {
if (!is_checked("chk[]")) {
alert("선택삭제 하실 항목을 하나 이상 선택하세요.");
$(function() {
$('#fpolllist').submit(function() {
if (confirm("한번 삭제한 자료는 복구할 방법이 없습니다.\n\n정말 삭제하시겠습니까?")) {
if (!is_checked("chk[]")) {
alert("선택삭제 하실 항목을 하나 이상 선택하세요.");
return false;
}
return true;
} else {
return false;
}
return true;
} else {
return false;
}
});
});
});
</script>
<?php
include_once ('./admin.tail.php');
require_once './admin.tail.php';

340
adm/popular_list.php
View File

@ -1,170 +1,170 @@
<?php
$sub_menu = "300300";
include_once('./_common.php');
auth_check_menu($auth, $sub_menu, 'r');
// 체크된 자료 삭제
if (isset($_POST['chk']) && is_array($_POST['chk'])) {
for ($i=0; $i<count($_POST['chk']); $i++) {
$pp_id = (int) $_POST['chk'][$i];
sql_query(" delete from {$g5['popular_table']} where pp_id = '$pp_id' ", true);
}
}
$sql_common = " from {$g5['popular_table']} a ";
$sql_search = " where (1) ";
if ($stx) {
$sql_search .= " and ( ";
switch ($sfl) {
case "pp_word" :
$sql_search .= " ({$sfl} like '{$stx}%') ";
break;
case "pp_date" :
$sql_search .= " ({$sfl} = '{$stx}') ";
break;
default :
$sql_search .= " ({$sfl} like '%{$stx}%') ";
break;
}
$sql_search .= " ) ";
}
if (!$sst) {
$sst = "pp_id";
$sod = "desc";
}
$sql_order = " order by {$sst} {$sod} ";
$sql = " select count(*) as cnt
{$sql_common}
{$sql_search}
{$sql_order} ";
$row = sql_fetch($sql);
$total_count = $row['cnt'];
$rows = $config['cf_page_rows'];
$total_page = ceil($total_count / $rows); // 전체 페이지 계산
if ($page < 1) { $page = 1; } // 페이지가 없으면 첫 페이지 (1 페이지)
$from_record = ($page - 1) * $rows; // 시작 열을 구함
$sql = " select *
{$sql_common}
{$sql_search}
{$sql_order}
limit {$from_record}, {$rows} ";
$result = sql_query($sql);
$listall = '<a href="'.$_SERVER['SCRIPT_NAME'].'" class="ov_listall">전체목록</a>';
$g5['title'] = '인기검색어관리';
include_once('./admin.head.php');
$colspan = 4;
?>
<script>
var list_update_php = '';
var list_delete_php = 'popular_list.php';
</script>
<div class="local_ov01 local_ov">
<?php echo $listall ?>
<span class="btn_ov01"><span class="ov_txt">건수</span><span class="ov_num"> <?php echo number_format($total_count) ?>개</span></span>
</div>
<form name="fsearch" id="fsearch" class="local_sch01 local_sch" method="get">
<div class="sch_last">
<label for="sfl" class="sound_only">검색대상</label>
<select name="sfl" id="sfl">
<option value="pp_word"<?php echo get_selected($sfl, "pp_word"); ?>>검색어</option>
<option value="pp_date"<?php echo get_selected($sfl, "pp_date"); ?>>등록일</option>
</select>
<label for="stx" class="sound_only">검색어<strong class="sound_only"> 필수</strong></label>
<input type="text" name="stx" value="<?php echo $stx ?>" id="stx" required class="required frm_input">
<input type="submit" value="검색" class="btn_submit">
</div>
</form>
<form name="fpopularlist" id="fpopularlist" method="post">
<input type="hidden" name="sst" value="<?php echo $sst ?>">
<input type="hidden" name="sod" value="<?php echo $sod ?>">
<input type="hidden" name="sfl" value="<?php echo $sfl ?>">
<input type="hidden" name="stx" value="<?php echo $stx ?>">
<input type="hidden" name="page" value="<?php echo $page ?>">
<input type="hidden" name="token" value="<?php echo isset($token) ? $token : ''; ?>">
<div class="tbl_head01 tbl_wrap">
<table>
<caption><?php echo $g5['title']; ?> 목록</caption>
<thead>
<tr>
<th scope="col">
<label for="chkall" class="sound_only">현재 페이지 인기검색어 전체</label>
<input type="checkbox" name="chkall" value="1" id="chkall" onclick="check_all(this.form)">
</th>
<th scope="col"><?php echo subject_sort_link('pp_word') ?>검색어</a></th>
<th scope="col">등록일</th>
<th scope="col">등록IP</th>
</tr>
</thead>
<tbody>
<?php
for ($i=0; $row=sql_fetch_array($result); $i++) {
$word = get_text($row['pp_word']);
$bg = 'bg'.($i%2);
?>
<tr class="<?php echo $bg; ?>">
<td class="td_chk">
<label for="chk_<?php echo $i; ?>" class="sound_only"><?php echo $word ?></label>
<input type="checkbox" name="chk[]" value="<?php echo $row['pp_id'] ?>" id="chk_<?php echo $i ?>">
</td>
<td class="td_left"><a href="<?php echo $_SERVER['SCRIPT_NAME'] ?>?sfl=pp_word&amp;stx=<?php echo $word ?>"><?php echo $word ?></a></td>
<td><?php echo $row['pp_date'] ?></td>
<td><?php echo $row['pp_ip'] ?></td>
</tr>
<?php
}
if ($i == 0)
echo '<tr><td colspan="'.$colspan.'" class="empty_table">자료가 없습니다.</td></tr>';
?>
</tbody>
</table>
</div>
<?php if ($is_admin == 'super'){ ?>
<div class=" btn_fixed_top">
<button type="submit" class="btn btn_02">선택삭제</button>
</div>
<?php } ?>
</form>
<?php echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, "{$_SERVER['SCRIPT_NAME']}?$qstr&amp;page="); ?>
<script>
$(function() {
$('#fpopularlist').submit(function() {
if(confirm("한번 삭제한 자료는 복구할 방법이 없습니다.\n\n정말 삭제하시겠습니까?")) {
if (!is_checked("chk[]")) {
alert("선택삭제 하실 항목을 하나 이상 선택하세요.");
return false;
}
return true;
} else {
return false;
}
});
});
</script>
<?php
include_once('./admin.tail.php');
<?php
$sub_menu = "300300";
require_once './_common.php';
auth_check_menu($auth, $sub_menu, 'r');
// 체크된 자료 삭제
if (isset($_POST['chk']) && is_array($_POST['chk'])) {
for ($i = 0; $i < count($_POST['chk']); $i++) {
$pp_id = (int) $_POST['chk'][$i];
sql_query(" delete from {$g5['popular_table']} where pp_id = '$pp_id' ", true);
}
}
$sql_common = " from {$g5['popular_table']} a ";
$sql_search = " where (1) ";
if ($stx) {
$sql_search .= " and ( ";
switch ($sfl) {
case "pp_word":
$sql_search .= " ({$sfl} like '{$stx}%') ";
break;
case "pp_date":
$sql_search .= " ({$sfl} = '{$stx}') ";
break;
default:
$sql_search .= " ({$sfl} like '%{$stx}%') ";
break;
}
$sql_search .= " ) ";
}
if (!$sst) {
$sst = "pp_id";
$sod = "desc";
}
$sql_order = " order by {$sst} {$sod} ";
$sql = " select count(*) as cnt
{$sql_common}
{$sql_search}
{$sql_order} ";
$row = sql_fetch($sql);
$total_count = $row['cnt'];
$rows = $config['cf_page_rows'];
$total_page = ceil($total_count / $rows); // 전체 페이지 계산
if ($page < 1) {
$page = 1;
} // 페이지가 없으면 첫 페이지 (1 페이지)
$from_record = ($page - 1) * $rows; // 시작 열을 구함
$sql = " select *
{$sql_common}
{$sql_search}
{$sql_order}
limit {$from_record}, {$rows} ";
$result = sql_query($sql);
$listall = '<a href="' . $_SERVER['SCRIPT_NAME'] . '" class="ov_listall">전체목록</a>';
$g5['title'] = '인기검색어관리';
require_once './admin.head.php';
$colspan = 4;
?>
<script>
var list_update_php = '';
var list_delete_php = 'popular_list.php';
</script>
<div class="local_ov01 local_ov">
<?php echo $listall ?>
<span class="btn_ov01"><span class="ov_txt">건수</span><span class="ov_num"> <?php echo number_format($total_count) ?>개</span></span>
</div>
<form name="fsearch" id="fsearch" class="local_sch01 local_sch" method="get">
<div class="sch_last">
<label for="sfl" class="sound_only">검색대상</label>
<select name="sfl" id="sfl">
<option value="pp_word" <?php echo get_selected($sfl, "pp_word"); ?>>검색어</option>
<option value="pp_date" <?php echo get_selected($sfl, "pp_date"); ?>>등록일</option>
</select>
<label for="stx" class="sound_only">검색어<strong class="sound_only"> 필수</strong></label>
<input type="text" name="stx" value="<?php echo $stx ?>" id="stx" required class="required frm_input">
<input type="submit" value="검색" class="btn_submit">
</div>
</form>
<form name="fpopularlist" id="fpopularlist" method="post">
<input type="hidden" name="sst" value="<?php echo $sst ?>">
<input type="hidden" name="sod" value="<?php echo $sod ?>">
<input type="hidden" name="sfl" value="<?php echo $sfl ?>">
<input type="hidden" name="stx" value="<?php echo $stx ?>">
<input type="hidden" name="page" value="<?php echo $page ?>">
<input type="hidden" name="token" value="<?php echo isset($token) ? $token : ''; ?>">
<div class="tbl_head01 tbl_wrap">
<table>
<caption><?php echo $g5['title']; ?> 목록</caption>
<thead>
<tr>
<th scope="col">
<label for="chkall" class="sound_only">현재 페이지 인기검색어 전체</label>
<input type="checkbox" name="chkall" value="1" id="chkall" onclick="check_all(this.form)">
</th>
<th scope="col"><?php echo subject_sort_link('pp_word') ?>검색어</a></th>
<th scope="col">등록일</th>
<th scope="col">등록IP</th>
</tr>
</thead>
<tbody>
<?php
for ($i = 0; $row = sql_fetch_array($result); $i++) {
$word = get_text($row['pp_word']);
$bg = 'bg' . ($i % 2);
?>
<tr class="<?php echo $bg; ?>">
<td class="td_chk">
<label for="chk_<?php echo $i; ?>" class="sound_only"><?php echo $word ?></label>
<input type="checkbox" name="chk[]" value="<?php echo $row['pp_id'] ?>" id="chk_<?php echo $i ?>">
</td>
<td class="td_left"><a href="<?php echo $_SERVER['SCRIPT_NAME'] ?>?sfl=pp_word&amp;stx=<?php echo $word ?>"><?php echo $word ?></a></td>
<td><?php echo $row['pp_date'] ?></td>
<td><?php echo $row['pp_ip'] ?></td>
</tr>
<?php
}
if ($i == 0) {
echo '<tr><td colspan="' . $colspan . '" class="empty_table">자료가 없습니다.</td></tr>';
}
?>
</tbody>
</table>
</div>
<?php if ($is_admin == 'super') { ?>
<div class=" btn_fixed_top">
<button type="submit" class="btn btn_02">선택삭제</button>
</div>
<?php } ?>
</form>
<?php echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, "{$_SERVER['SCRIPT_NAME']}?$qstr&amp;page="); ?>
<script>
$(function() {
$('#fpopularlist').submit(function() {
if (confirm("한번 삭제한 자료는 복구할 방법이 없습니다.\n\n정말 삭제하시겠습니까?")) {
if (!is_checked("chk[]")) {
alert("선택삭제 하실 항목을 하나 이상 선택하세요.");
return false;
}
return true;
} else {
return false;
}
});
});
</script>
<?php
require_once './admin.tail.php';

234
adm/popular_rank.php
View File

@ -1,112 +1,122 @@
<?php
$sub_menu = "300400";
include_once('./_common.php');
auth_check_menu($auth, $sub_menu, 'r');
$fr_date = isset($_REQUEST['fr_date']) ? $_REQUEST['fr_date'] : '';
$to_date = isset($_REQUEST['to_date']) ? $_REQUEST['to_date'] : '';
if (empty($fr_date) || ! preg_match("/^[0-9]{4}-(0[1-9]|1[0-2])-(0[1-9]|[1-2][0-9]|3[0-1])$/", $fr_date) ) $fr_date = G5_TIME_YMD;
if (empty($to_date) || ! preg_match("/^[0-9]{4}-(0[1-9]|1[0-2])-(0[1-9]|[1-2][0-9]|3[0-1])$/", $to_date) ) $to_date = G5_TIME_YMD;
$qstr = "fr_date={$fr_date}&amp;to_date={$to_date}";
$sql_common = " from {$g5['popular_table']} a ";
$sql_search = " where trim(pp_word) <> '' and pp_date between '{$fr_date}' and '{$to_date}' ";
$sql_group = " group by pp_word ";
$sql_order = " order by cnt desc ";
$sql = " select pp_word {$sql_common} {$sql_search} {$sql_group} ";
$result = sql_query($sql);
$total_count = sql_num_rows($result);
$rows = $config['cf_page_rows'];
$total_page = ceil($total_count / $rows); // 전체 페이지 계산
if ($page < 1) { $page = 1; } // 페이지가 없으면 첫 페이지 (1 페이지)
$from_record = ($page - 1) * $rows; // 시작 열을 구함
$sql = " select pp_word, count(*) as cnt {$sql_common} {$sql_search} {$sql_group} {$sql_order} limit {$from_record}, {$rows} ";
$result = sql_query($sql);
$listall = '<a href="'.$_SERVER['SCRIPT_NAME'].'" class="ov_listall">전체목록</a>';
$g5['title'] = '인기검색어순위';
include_once('./admin.head.php');
include_once(G5_PLUGIN_PATH.'/jquery-ui/datepicker.php');
$colspan = 3;
?>
<script>
$(function(){
$("#fr_date, #to_date").datepicker({ changeMonth: true, changeYear: true, dateFormat: "yy-mm-dd", showButtonPanel: true, yearRange: "c-99:c+99", maxDate: "+0d" });
});
</script>
<div class="local_ov01 local_ov">
<?php echo $listall ?>
<span class="btn_ov01"><span class="ov_txt">건수</span><span class="ov_num"> <?php echo number_format($total_count) ?>개</span></span>
</div>
<form name="fsearch" id="fsearch" class="local_sch02 local_sch" method="get">
<div class="sch_last">
<strong>기간별검색</strong>
<input type="text" name="fr_date" value="<?php echo $fr_date ?>" id="fr_date" class="frm_input" size="11" maxlength="10">
<label for="fr_date" class="sound_only">시작일</label>
~
<input type="text" name="to_date" value="<?php echo $to_date ?>" id="to_date" class="frm_input" size="11" maxlength="10">
<label for="to_date" class="sound_only">종료일</label>
<input type="submit" class="btn_sch2" value="검색">
</div>
</form>
<form name="fpopularrank" id="fpopularrank" method="post">
<input type="hidden" name="sst" value="<?php echo $sst ?>">
<input type="hidden" name="sod" value="<?php echo $sod ?>">
<input type="hidden" name="sfl" value="<?php echo $sfl ?>">
<input type="hidden" name="stx" value="<?php echo $stx ?>">
<input type="hidden" name="page" value="<?php echo $page ?>">
<input type="hidden" name="token" value="<?php echo isset($token) ? $token : ''; ?>">
<div class="tbl_head01 tbl_wrap">
<table>
<caption><?php echo $g5['title']; ?> 목록</caption>
<thead>
<tr>
<th scope="col">순위</th>
<th scope="col">검색어</th>
<th scope="col">검색회수</th>
</tr>
</thead>
<tbody>
<?php
for ($i=0; $row=sql_fetch_array($result); $i++) {
$word = get_text($row['pp_word']);
$rank = ($i + 1 + ($rows * ($page - 1)));
?>
<tr>
<td class="td_num"><?php echo $rank ?></td>
<td class="td_left"><?php echo $word ?></td>
<td class="td_num"><?php echo $row['cnt'] ?></td>
</tr>
<?php
}
if ($i == 0)
echo '<tr><td colspan="'.$colspan.'" class="empty_table">자료가 없습니다.</td></tr>';
?>
</tbody>
</table>
</div>
</form>
<?php
echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, "{$_SERVER['SCRIPT_NAME']}?$qstr&amp;page=");
include_once('./admin.tail.php');
<?php
$sub_menu = "300400";
require_once './_common.php';
auth_check_menu($auth, $sub_menu, 'r');
$fr_date = isset($_REQUEST['fr_date']) ? $_REQUEST['fr_date'] : '';
$to_date = isset($_REQUEST['to_date']) ? $_REQUEST['to_date'] : '';
if (empty($fr_date) || !preg_match("/^[0-9]{4}-(0[1-9]|1[0-2])-(0[1-9]|[1-2][0-9]|3[0-1])$/", $fr_date)) {
$fr_date = G5_TIME_YMD;
}
if (empty($to_date) || !preg_match("/^[0-9]{4}-(0[1-9]|1[0-2])-(0[1-9]|[1-2][0-9]|3[0-1])$/", $to_date)) {
$to_date = G5_TIME_YMD;
}
$qstr = "fr_date={$fr_date}&amp;to_date={$to_date}";
$sql_common = " from {$g5['popular_table']} a ";
$sql_search = " where trim(pp_word) <> '' and pp_date between '{$fr_date}' and '{$to_date}' ";
$sql_group = " group by pp_word ";
$sql_order = " order by cnt desc ";
$sql = " select pp_word {$sql_common} {$sql_search} {$sql_group} ";
$result = sql_query($sql);
$total_count = sql_num_rows($result);
$rows = $config['cf_page_rows'];
$total_page = ceil($total_count / $rows); // 전체 페이지 계산
if ($page < 1) {
$page = 1;
} // 페이지가 없으면 첫 페이지 (1 페이지)
$from_record = ($page - 1) * $rows; // 시작 열을 구함
$sql = " select pp_word, count(*) as cnt {$sql_common} {$sql_search} {$sql_group} {$sql_order} limit {$from_record}, {$rows} ";
$result = sql_query($sql);
$listall = '<a href="' . $_SERVER['SCRIPT_NAME'] . '" class="ov_listall">전체목록</a>';
$g5['title'] = '인기검색어순위';
require_once './admin.head.php';
require_once G5_PLUGIN_PATH . '/jquery-ui/datepicker.php';
$colspan = 3;
?>
<script>
$(function() {
$("#fr_date, #to_date").datepicker({
changeMonth: true,
changeYear: true,
dateFormat: "yy-mm-dd",
showButtonPanel: true,
yearRange: "c-99:c+99",
maxDate: "+0d"
});
});
</script>
<div class="local_ov01 local_ov">
<?php echo $listall ?>
<span class="btn_ov01"><span class="ov_txt">건수</span><span class="ov_num"> <?php echo number_format($total_count) ?>개</span></span>
</div>
<form name="fsearch" id="fsearch" class="local_sch02 local_sch" method="get">
<div class="sch_last">
<strong>기간별검색</strong>
<input type="text" name="fr_date" value="<?php echo $fr_date ?>" id="fr_date" class="frm_input" size="11" maxlength="10">
<label for="fr_date" class="sound_only">시작일</label>
~
<input type="text" name="to_date" value="<?php echo $to_date ?>" id="to_date" class="frm_input" size="11" maxlength="10">
<label for="to_date" class="sound_only">종료일</label>
<input type="submit" class="btn_sch2" value="검색">
</div>
</form>
<form name="fpopularrank" id="fpopularrank" method="post">
<input type="hidden" name="sst" value="<?php echo $sst ?>">
<input type="hidden" name="sod" value="<?php echo $sod ?>">
<input type="hidden" name="sfl" value="<?php echo $sfl ?>">
<input type="hidden" name="stx" value="<?php echo $stx ?>">
<input type="hidden" name="page" value="<?php echo $page ?>">
<input type="hidden" name="token" value="<?php echo isset($token) ? $token : ''; ?>">
<div class="tbl_head01 tbl_wrap">
<table>
<caption><?php echo $g5['title']; ?> 목록</caption>
<thead>
<tr>
<th scope="col">순위</th>
<th scope="col">검색어</th>
<th scope="col">검색회수</th>
</tr>
</thead>
<tbody>
<?php
for ($i = 0; $row = sql_fetch_array($result); $i++) {
$word = get_text($row['pp_word']);
$rank = ($i + 1 + ($rows * ($page - 1)));
?>
<tr>
<td class="td_num"><?php echo $rank ?></td>
<td class="td_left"><?php echo $word ?></td>
<td class="td_num"><?php echo $row['cnt'] ?></td>
</tr>
<?php
}
if ($i == 0) {
echo '<tr><td colspan="' . $colspan . '" class="empty_table">자료가 없습니다.</td></tr>';
}
?>
</tbody>
</table>
</div>
</form>
<?php
echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, "{$_SERVER['SCRIPT_NAME']}?$qstr&amp;page=");
require_once './admin.tail.php';

565
adm/qa_config.php
View File

@ -1,16 +1,17 @@
<?php
$sub_menu = "300500";
include_once('./_common.php');
include_once(G5_EDITOR_LIB);
require_once './_common.php';
require_once G5_EDITOR_LIB;
auth_check_menu($auth, $sub_menu, 'r');
$g5['title'] = '1:1문의 설정';
include_once ('./admin.head.php');
require_once './admin.head.php';
// DB 테이블 생성
if(!sql_query(" DESCRIBE `{$g5['qa_config_table']}` ", false)) {
sql_query(" CREATE TABLE IF NOT EXISTS `{$g5['qa_config_table']}` (
if (!sql_query(" DESCRIBE `{$g5['qa_config_table']}` ", false)) {
sql_query(
" CREATE TABLE IF NOT EXISTS `{$g5['qa_config_table']}` (
`qa_title` varchar(255) NOT NULL DEFAULT'',
`qa_category` varchar(255) NOT NULL DEFAULT'',
`qa_skin` varchar(255) NOT NULL DEFAULT '',
@ -46,8 +47,11 @@ if(!sql_query(" DESCRIBE `{$g5['qa_config_table']}` ", false)) {
`qa_3` varchar(255) NOT NULL DEFAULT '',
`qa_4` varchar(255) NOT NULL DEFAULT '',
`qa_5` varchar(255) NOT NULL DEFAULT ''
)", true);
sql_query(" CREATE TABLE IF NOT EXISTS `{$g5['qa_content_table']}` (
)",
true
);
sql_query(
" CREATE TABLE IF NOT EXISTS `{$g5['qa_content_table']}` (
`qa_id` int(11) NOT NULL AUTO_INCREMENT,
`qa_num` int(11) NOT NULL DEFAULT '0',
`qa_parent` int(11) NOT NULL DEFAULT '0',
@ -77,18 +81,20 @@ if(!sql_query(" DESCRIBE `{$g5['qa_config_table']}` ", false)) {
`qa_5` varchar(255) NOT NULL DEFAULT '',
PRIMARY KEY (`qa_id`),
KEY `qa_num_parent` (`qa_num`,`qa_parent`)
)", true);
)",
true
);
}
$sql = " SHOW COLUMNS FROM `{$g5['qa_content_table']}` LIKE 'qa_content' ";
$row = sql_fetch($sql);
if(strpos($row['Type'], 'text') === false) {
if (strpos($row['Type'], 'text') === false) {
sql_query(" ALTER TABLE `{$g5['qa_content_table']}` CHANGE `qa_content` `qa_content` text NOT NULL ", true);
}
$qaconfig = get_qa_config();
if(empty($qaconfig)) {
if (empty($qaconfig)) {
$sql = " insert into `{$g5['qa_config_table']}`
( qa_title, qa_category, qa_skin, qa_mobile_skin, qa_use_email, qa_req_email, qa_use_hp, qa_req_hp, qa_use_editor, qa_subject_len, qa_mobile_subject_len, qa_page_rows, qa_mobile_page_rows, qa_image_width, qa_upload_size, qa_insert_content )
values
@ -99,301 +105,306 @@ if(empty($qaconfig)) {
}
// 관리자 이메일필드 추가
if(!isset($qaconfig['qa_admin_email'])) {
sql_query(" ALTER TABLE `{$g5['qa_config_table']}`
ADD `qa_admin_email` varchar(255) NOT NULL DEFAULT '' AFTER `qa_admin_hp` ", true);
if (!isset($qaconfig['qa_admin_email'])) {
sql_query(
" ALTER TABLE `{$g5['qa_config_table']}`
ADD `qa_admin_email` varchar(255) NOT NULL DEFAULT '' AFTER `qa_admin_hp` ",
true
);
}
// 상단 하단 설정 필드 추가
if(!isset($qaconfig['qa_include_head'])) {
sql_query(" ALTER TABLE `{$g5['qa_config_table']}`
if (!isset($qaconfig['qa_include_head'])) {
sql_query(
" ALTER TABLE `{$g5['qa_config_table']}`
ADD `qa_include_head` varchar(255) NOT NULL DEFAULT '' AFTER `qa_insert_content`,
ADD `qa_include_tail` varchar(255) NOT NULL DEFAULT '' AFTER `qa_include_head`,
ADD `qa_content_head` text NOT NULL AFTER `qa_include_tail`,
ADD `qa_content_tail` text NOT NULL AFTER `qa_content_head`,
ADD `qa_mobile_content_head` text NOT NULL AFTER `qa_content_tail`,
ADD `qa_mobile_content_tail` text NOT NULL AFTER `qa_mobile_content_head` ", true);
ADD `qa_mobile_content_tail` text NOT NULL AFTER `qa_mobile_content_head` ",
true
);
}
?>
<form name="fqaconfigform" id="fqaconfigform" method="post" onsubmit="return fqaconfigform_submit(this);" autocomplete="off">
<input type="hidden" name="token" value="" id="token">
<input type="hidden" name="token" value="" id="token">
<section id="anc_cf_qa_config">
<h2 class="h2_frm">1:1문의 설정</h2>
<section id="anc_cf_qa_config">
<h2 class="h2_frm">1:1문의 설정</h2>
<div class="tbl_frm01 tbl_wrap">
<table>
<caption>1:1문의 설정</caption>
<colgroup>
<col class="grid_4">
<col>
</colgroup>
<tbody>
<tr>
<th scope="row"><label for="qa_title">타이틀<strong class="sound_only">필수</strong></label></th>
<td>
<input type="text" name="qa_title" value="<?php echo get_sanitize_input($qaconfig['qa_title']); ?>" id="qa_title" required class="required frm_input" size="40">
<a href="<?php echo G5_BBS_URL; ?>/qalist.php" class="btn_frmline">1:1문의 바로가기</a>
</td>
</tr>
<tr>
<th scope="row"><label for="qa_category">분류<strong class="sound_only">필수</strong></label></th>
<td>
<?php echo help('분류와 분류 사이는 | 로 구분하세요. (예: 질문|답변) 첫자로 #은 입력하지 마세요. (예: #질문|#답변 [X])') ?>
<input type="text" name="qa_category" value="<?php echo get_sanitize_input($qaconfig['qa_category']); ?>" id="qa_category" required class="required frm_input" size="70">
</td>
</tr>
<tr>
<th scope="row"><label for="qa_skin">스킨 디렉토리<strong class="sound_only">필수</strong></label></th>
<td>
<?php echo get_skin_select('qa', 'qa_skin', 'qa_skin', $qaconfig['qa_skin'], 'required'); ?>
</td>
</tr>
<tr>
<th scope="row"><label for="qa_mobile_skin">모바일 스킨 디렉토리<strong class="sound_only">필수</strong></label></th>
<td>
<?php echo get_mobile_skin_select('qa', 'qa_mobile_skin', 'qa_mobile_skin', $qaconfig['qa_mobile_skin'], 'required'); ?>
</td>
</tr>
<tr>
<th scope="row">이메일 입력</th>
<td>
<input type="checkbox" name="qa_use_email" value="1" id="qa_use_email" <?php echo $qaconfig['qa_use_email']?'checked':''; ?>> <label for="qa_use_email">보이기</label>
<input type="checkbox" name="qa_req_email" value="1" id="qa_req_email" <?php echo $qaconfig['qa_req_email']?'checked':''; ?>> <label for="qa_req_email">필수입력</label>
</td>
</tr>
<tr>
<th scope="row">휴대폰 입력</th>
<td>
<input type="checkbox" name="qa_use_hp" value="1" id="qa_use_hp" <?php echo $qaconfig['qa_use_hp']?'checked':''; ?>> <label for="qa_use_hp">보이기</label>
<input type="checkbox" name="qa_req_hp" value="1" id="qa_req_hp" <?php echo $qaconfig['qa_req_hp']?'checked':''; ?>> <label for="qa_req_hp">필수입력</label>
</td>
</tr>
<tr>
<th scope="row"><label for="qa_use_sms">SMS 알림</label></th>
<td>
<?php echo help('휴대폰 입력을 사용하실 경우 문의글 등록시 등록자가 답변등록시 SMS 알림 수신을 선택할 수 있도록 합니다.<br>SMS 알림을 사용하기 위해서는 기본환경설정 > <a href="'.G5_ADMIN_URL.'/config_form.php#anc_cf_sms">SMS 설정</a>을 하셔야 합니다.') ?>
<select name="qa_use_sms" id="qa_use_sms">
<?php echo option_selected(0, $qaconfig['qa_use_sms'], '사용안함'); ?>
<?php echo option_selected(1, $qaconfig['qa_use_sms'], '사용함'); ?>
</select>
</td>
</tr>
<tr>
<th scope="row"><label for="qa_send_number">SMS 발신번호</label></th>
<td>
<?php echo help('SMS 알림 전송시 발신번호로 사용됩니다.'); ?>
<input type="text" name="qa_send_number" value="<?php echo get_sanitize_input($qaconfig['qa_send_number']); ?>" id="qa_send_number" class="frm_input" size="30">
</td>
</tr>
<tr>
<th scope="row"><label for="qa_admin_hp">관리자 휴대폰번호</label></th>
<td>
<?php echo help('관리자 휴대폰번호를 입력하시면 문의글 등록시 등록하신 번호로 SMS 알림이 전송됩니다.<br>SMS 알림을 사용하지 않으시면 알림이 전송되지 않습니다.'); ?>
<input type="text" name="qa_admin_hp" value="<?php echo get_sanitize_input($qaconfig['qa_admin_hp']); ?>" id="qa_admin_hp" class="frm_input" size="30">
</td>
</tr>
<tr>
<th scope="row"><label for="qa_admin_email">관리자 이메일</label></th>
<td>
<?php echo help('관리자 이메일을 입력하시면 문의글 등록시 등록하신 이메일로 알림이 전송됩니다.'); ?>
<input type="text" name="qa_admin_email" value="<?php echo get_sanitize_input($qaconfig['qa_admin_email']); ?>" id="qa_admin_email" class="frm_input" size="50">
</td>
</tr>
<tr>
<th scope="row"><label for="qa_use_editor">DHTML 에디터 사용</label></th>
<td>
<?php echo help('글작성시 내용을 DHTML 에디터 기능으로 사용할 것인지 설정합니다. 스킨에 따라 적용되지 않을 수 있습니다.'); ?>
<select name="qa_use_editor" id="qa_use_editor">
<?php echo option_selected(0, $qaconfig['qa_use_editor'], '사용안함'); ?>
<?php echo option_selected(1, $qaconfig['qa_use_editor'], '사용함'); ?>
</select>
</td>
</tr>
<tr>
<th scope="row"><label for="qa_subject_len">제목 길이<strong class="sound_only"> 필수</strong></label></th>
<td>
<?php echo help('목록에서의 제목 글자수') ?>
<input type="text" name="qa_subject_len" value="<?php echo $qaconfig['qa_subject_len'] ?>" id="qa_subject_len" required class="required numeric frm_input" size="4">
</td>
</tr>
<tr>
<th scope="row"><label for="qa_mobile_subject_len">모바일 제목 길이<strong class="sound_only"> 필수</strong></label></th>
<td>
<?php echo help('목록에서의 제목 글자수') ?>
<input type="text" name="qa_mobile_subject_len" value="<?php echo $qaconfig['qa_mobile_subject_len'] ?>" id="qa_mobile_subject_len" required class="required numeric frm_input" size="4">
</td>
</tr>
<tr>
<th scope="row"><label for="qa_page_rows">페이지당 목록 수<strong class="sound_only"> 필수</strong></label></th>
<td>
<input type="text" name="qa_page_rows" value="<?php echo $qaconfig['qa_page_rows'] ?>" id="qa_page_rows" required class="required numeric frm_input" size="4">
</td>
</tr>
<tr>
<th scope="row"><label for="qa_mobile_page_rows">모바일 페이지당 목록 수<strong class="sound_only"> 필수</strong></label></th>
<td>
<input type="text" name="qa_mobile_page_rows" value="<?php echo $qaconfig['qa_mobile_page_rows'] ?>" id="qa_mobile_page_rows" required class="required numeric frm_input" size="4">
</td>
</tr>
<tr>
<th scope="row"><label for="qa_image_width">이미지 폭 크기<strong class="sound_only"> 필수</strong></label></th>
<td>
<?php echo help('게시판에서 출력되는 이미지의 폭 크기') ?>
<input type="text" name="qa_image_width" value="<?php echo $qaconfig['qa_image_width'] ?>" id="qa_image_width" required class="required numeric frm_input" size="4"> 픽셀
</td>
</tr>
<tr>
<th scope="row"><label for="qa_upload_size">파일 업로드 용량<strong class="sound_only"> 필수</strong></label></th>
<td>
<?php echo help('최대 '.ini_get("upload_max_filesize").' 이하 업로드 가능, 1 MB = 1,048,576 bytes') ?>
업로드 파일 한개당 <input type="text" name="qa_upload_size" value="<?php echo $qaconfig['qa_upload_size'] ?>" id="qa_upload_size" required class="required numeric frm_input" size="10"> bytes 이하
</td>
</tr>
<tr>
<th scope="row"><label for="qa_include_head">상단 파일 경로</label></th>
<td>
<input type="text" name="qa_include_head" value="<?php echo $qaconfig['qa_include_head'] ?>" id="qa_include_head" class="frm_input" size="50">
</td>
</tr>
<tr>
<th scope="row"><label for="qa_include_tail">하단 파일 경로</label></th>
<td>
<input type="text" name="qa_include_tail" value="<?php echo $qaconfig['qa_include_tail'] ?>" id="qa_include_tail" class="frm_input" size="50">
</td>
</tr>
<tr id="admin_captcha_box" style="display:none;">
<th scope="row">자동등록방지</th>
<td>
<?php
echo help("파일 경로를 입력 또는 수정시 캡챠를 반드시 입력해야 합니다.");
<div class="tbl_frm01 tbl_wrap">
<table>
<caption>1:1문의 설정</caption>
<colgroup>
<col class="grid_4">
<col>
</colgroup>
<tbody>
<tr>
<th scope="row"><label for="qa_title">타이틀<strong class="sound_only">필수</strong></label></th>
<td>
<input type="text" name="qa_title" value="<?php echo get_sanitize_input($qaconfig['qa_title']); ?>" id="qa_title" required class="required frm_input" size="40">
<a href="<?php echo G5_BBS_URL; ?>/qalist.php" class="btn_frmline">1:1문의 바로가기</a>
</td>
</tr>
<tr>
<th scope="row"><label for="qa_category">분류<strong class="sound_only">필수</strong></label></th>
<td>
<?php echo help('분류와 분류 사이는 | 로 구분하세요. (예: 질문|답변) 첫자로 #은 입력하지 마세요. (예: #질문|#답변 [X])') ?>
<input type="text" name="qa_category" value="<?php echo get_sanitize_input($qaconfig['qa_category']); ?>" id="qa_category" required class="required frm_input" size="70">
</td>
</tr>
<tr>
<th scope="row"><label for="qa_skin">스킨 디렉토리<strong class="sound_only">필수</strong></label></th>
<td>
<?php echo get_skin_select('qa', 'qa_skin', 'qa_skin', $qaconfig['qa_skin'], 'required'); ?>
</td>
</tr>
<tr>
<th scope="row"><label for="qa_mobile_skin">모바일 스킨 디렉토리<strong class="sound_only">필수</strong></label></th>
<td>
<?php echo get_mobile_skin_select('qa', 'qa_mobile_skin', 'qa_mobile_skin', $qaconfig['qa_mobile_skin'], 'required'); ?>
</td>
</tr>
<tr>
<th scope="row">이메일 입력</th>
<td>
<input type="checkbox" name="qa_use_email" value="1" id="qa_use_email" <?php echo $qaconfig['qa_use_email'] ? 'checked' : ''; ?>> <label for="qa_use_email">보이기</label>
<input type="checkbox" name="qa_req_email" value="1" id="qa_req_email" <?php echo $qaconfig['qa_req_email'] ? 'checked' : ''; ?>> <label for="qa_req_email">필수입력</label>
</td>
</tr>
<tr>
<th scope="row">휴대폰 입력</th>
<td>
<input type="checkbox" name="qa_use_hp" value="1" id="qa_use_hp" <?php echo $qaconfig['qa_use_hp'] ? 'checked' : ''; ?>> <label for="qa_use_hp">보이기</label>
<input type="checkbox" name="qa_req_hp" value="1" id="qa_req_hp" <?php echo $qaconfig['qa_req_hp'] ? 'checked' : ''; ?>> <label for="qa_req_hp">필수입력</label>
</td>
</tr>
<tr>
<th scope="row"><label for="qa_use_sms">SMS 알림</label></th>
<td>
<?php echo help('휴대폰 입력을 사용하실 경우 문의글 등록시 등록자가 답변등록시 SMS 알림 수신을 선택할 수 있도록 합니다.<br>SMS 알림을 사용하기 위해서는 기본환경설정 > <a href="' . G5_ADMIN_URL . '/config_form.php#anc_cf_sms">SMS 설정</a>을 하셔야 합니다.') ?>
<select name="qa_use_sms" id="qa_use_sms">
<?php echo option_selected(0, $qaconfig['qa_use_sms'], '사용안함'); ?>
<?php echo option_selected(1, $qaconfig['qa_use_sms'], '사용함'); ?>
</select>
</td>
</tr>
<tr>
<th scope="row"><label for="qa_send_number">SMS 발신번호</label></th>
<td>
<?php echo help('SMS 알림 전송시 발신번호로 사용됩니다.'); ?>
<input type="text" name="qa_send_number" value="<?php echo get_sanitize_input($qaconfig['qa_send_number']); ?>" id="qa_send_number" class="frm_input" size="30">
</td>
</tr>
<tr>
<th scope="row"><label for="qa_admin_hp">관리자 휴대폰번호</label></th>
<td>
<?php echo help('관리자 휴대폰번호를 입력하시면 문의글 등록시 등록하신 번호로 SMS 알림이 전송됩니다.<br>SMS 알림을 사용하지 않으시면 알림이 전송되지 않습니다.'); ?>
<input type="text" name="qa_admin_hp" value="<?php echo get_sanitize_input($qaconfig['qa_admin_hp']); ?>" id="qa_admin_hp" class="frm_input" size="30">
</td>
</tr>
<tr>
<th scope="row"><label for="qa_admin_email">관리자 이메일</label></th>
<td>
<?php echo help('관리자 이메일을 입력하시면 문의글 등록시 등록하신 이메일로 알림이 전송됩니다.'); ?>
<input type="text" name="qa_admin_email" value="<?php echo get_sanitize_input($qaconfig['qa_admin_email']); ?>" id="qa_admin_email" class="frm_input" size="50">
</td>
</tr>
<tr>
<th scope="row"><label for="qa_use_editor">DHTML 에디터 사용</label></th>
<td>
<?php echo help('글작성시 내용을 DHTML 에디터 기능으로 사용할 것인지 설정합니다. 스킨에 따라 적용되지 않을 수 있습니다.'); ?>
<select name="qa_use_editor" id="qa_use_editor">
<?php echo option_selected(0, $qaconfig['qa_use_editor'], '사용안함'); ?>
<?php echo option_selected(1, $qaconfig['qa_use_editor'], '사용함'); ?>
</select>
</td>
</tr>
<tr>
<th scope="row"><label for="qa_subject_len">제목 길이<strong class="sound_only"> 필수</strong></label></th>
<td>
<?php echo help('목록에서의 제목 글자수') ?>
<input type="text" name="qa_subject_len" value="<?php echo $qaconfig['qa_subject_len'] ?>" id="qa_subject_len" required class="required numeric frm_input" size="4">
</td>
</tr>
<tr>
<th scope="row"><label for="qa_mobile_subject_len">모바일 제목 길이<strong class="sound_only"> 필수</strong></label></th>
<td>
<?php echo help('목록에서의 제목 글자수') ?>
<input type="text" name="qa_mobile_subject_len" value="<?php echo $qaconfig['qa_mobile_subject_len'] ?>" id="qa_mobile_subject_len" required class="required numeric frm_input" size="4">
</td>
</tr>
<tr>
<th scope="row"><label for="qa_page_rows">페이지당 목록 수<strong class="sound_only"> 필수</strong></label></th>
<td>
<input type="text" name="qa_page_rows" value="<?php echo $qaconfig['qa_page_rows'] ?>" id="qa_page_rows" required class="required numeric frm_input" size="4">
</td>
</tr>
<tr>
<th scope="row"><label for="qa_mobile_page_rows">모바일 페이지당 목록 수<strong class="sound_only"> 필수</strong></label></th>
<td>
<input type="text" name="qa_mobile_page_rows" value="<?php echo $qaconfig['qa_mobile_page_rows'] ?>" id="qa_mobile_page_rows" required class="required numeric frm_input" size="4">
</td>
</tr>
<tr>
<th scope="row"><label for="qa_image_width">이미지 폭 크기<strong class="sound_only"> 필수</strong></label></th>
<td>
<?php echo help('게시판에서 출력되는 이미지의 폭 크기') ?>
<input type="text" name="qa_image_width" value="<?php echo $qaconfig['qa_image_width'] ?>" id="qa_image_width" required class="required numeric frm_input" size="4"> 픽셀
</td>
</tr>
<tr>
<th scope="row"><label for="qa_upload_size">파일 업로드 용량<strong class="sound_only"> 필수</strong></label></th>
<td>
<?php echo help('최대 ' . ini_get("upload_max_filesize") . ' 이하 업로드 가능, 1 MB = 1,048,576 bytes') ?>
업로드 파일 한개당 <input type="text" name="qa_upload_size" value="<?php echo $qaconfig['qa_upload_size'] ?>" id="qa_upload_size" required class="required numeric frm_input" size="10"> bytes 이하
</td>
</tr>
<tr>
<th scope="row"><label for="qa_include_head">상단 파일 경로</label></th>
<td>
<input type="text" name="qa_include_head" value="<?php echo $qaconfig['qa_include_head'] ?>" id="qa_include_head" class="frm_input" size="50">
</td>
</tr>
<tr>
<th scope="row"><label for="qa_include_tail">하단 파일 경로</label></th>
<td>
<input type="text" name="qa_include_tail" value="<?php echo $qaconfig['qa_include_tail'] ?>" id="qa_include_tail" class="frm_input" size="50">
</td>
</tr>
<tr id="admin_captcha_box" style="display:none;">
<th scope="row">자동등록방지</th>
<td>
<?php
echo help("파일 경로를 입력 또는 수정시 캡챠를 반드시 입력해야 합니다.");
include_once(G5_CAPTCHA_PATH.'/captcha.lib.php');
$captcha_html = captcha_html();
$captcha_js = chk_captcha_js();
echo $captcha_html;
?>
<script>
jQuery("#captcha_key").removeAttr("required").removeClass("required");
</script>
</td>
</tr>
<tr>
<th scope="row"><label for="qa_content_head">상단 내용</label></th>
<td>
<?php echo editor_html("qa_content_head", get_text(html_purifier($qaconfig['qa_content_head']), 0)); ?>
</td>
</tr>
<tr>
<th scope="row"><label for="qa_content_tail">하단 내용</label></th>
<td>
<?php echo editor_html("qa_content_tail", get_text(html_purifier($qaconfig['qa_content_tail']), 0)); ?>
</td>
</tr>
<tr>
<th scope="row"><label for="qa_mobile_content_head">모바일 상단 내용</label></th>
<td>
<?php echo editor_html("qa_mobile_content_head", get_text(html_purifier($qaconfig['qa_mobile_content_head']), 0)); ?>
</td>
</tr>
<tr>
<th scope="row"><label for="qa_mobile_content_tail">모바일 하단 내용</label></th>
<td>
<?php echo editor_html("qa_mobile_content_tail", get_text(html_purifier($qaconfig['qa_mobile_content_tail']), 0)); ?>
</td>
</tr>
<tr>
<th scope="row"><label for="qa_insert_content">글쓰기 기본 내용</label></th>
<td>
<textarea id="qa_insert_content" name="qa_insert_content" rows="5"><?php echo html_purifier($qaconfig['qa_insert_content']); ?></textarea>
</td>
</tr>
<?php for ($i=1; $i<=5; $i++) { ?>
<tr>
<th scope="row">여분필드<?php echo $i ?></th>
<td class="td_extra">
<label for="qa_<?php echo $i ?>_subj">여분필드 <?php echo $i ?> 제목</label>
<input type="text" name="qa_<?php echo $i ?>_subj" id="qa_<?php echo $i ?>_subj" value="<?php echo get_text($qaconfig['qa_'.$i.'_subj']) ?>" class="frm_input">
<label for="qa_<?php echo $i ?>">여분필드 <?php echo $i ?> 값</label>
<input type="text" name="qa_<?php echo $i ?>" value="<?php echo get_text($qaconfig['qa_'.$i]) ?>" id="qa_<?php echo $i ?>" class="frm_input">
</td>
</tr>
<?php } ?>
</tbody>
</table>
require_once G5_CAPTCHA_PATH . '/captcha.lib.php';
$captcha_html = captcha_html();
$captcha_js = chk_captcha_js();
echo $captcha_html;
?>
<script>
jQuery("#captcha_key").removeAttr("required").removeClass("required");
</script>
</td>
</tr>
<tr>
<th scope="row"><label for="qa_content_head">상단 내용</label></th>
<td>
<?php echo editor_html("qa_content_head", get_text(html_purifier($qaconfig['qa_content_head']), 0)); ?>
</td>
</tr>
<tr>
<th scope="row"><label for="qa_content_tail">하단 내용</label></th>
<td>
<?php echo editor_html("qa_content_tail", get_text(html_purifier($qaconfig['qa_content_tail']), 0)); ?>
</td>
</tr>
<tr>
<th scope="row"><label for="qa_mobile_content_head">모바일 상단 내용</label></th>
<td>
<?php echo editor_html("qa_mobile_content_head", get_text(html_purifier($qaconfig['qa_mobile_content_head']), 0)); ?>
</td>
</tr>
<tr>
<th scope="row"><label for="qa_mobile_content_tail">모바일 하단 내용</label></th>
<td>
<?php echo editor_html("qa_mobile_content_tail", get_text(html_purifier($qaconfig['qa_mobile_content_tail']), 0)); ?>
</td>
</tr>
<tr>
<th scope="row"><label for="qa_insert_content">글쓰기 기본 내용</label></th>
<td>
<textarea id="qa_insert_content" name="qa_insert_content" rows="5"><?php echo html_purifier($qaconfig['qa_insert_content']); ?></textarea>
</td>
</tr>
<?php for ($i = 1; $i <= 5; $i++) { ?>
<tr>
<th scope="row">여분필드<?php echo $i ?></th>
<td class="td_extra">
<label for="qa_<?php echo $i ?>_subj">여분필드 <?php echo $i ?> 제목</label>
<input type="text" name="qa_<?php echo $i ?>_subj" id="qa_<?php echo $i ?>_subj" value="<?php echo get_text($qaconfig['qa_' . $i . '_subj']) ?>" class="frm_input">
<label for="qa_<?php echo $i ?>">여분필드 <?php echo $i ?> 값</label>
<input type="text" name="qa_<?php echo $i ?>" value="<?php echo get_text($qaconfig['qa_' . $i]) ?>" id="qa_<?php echo $i ?>" class="frm_input">
</td>
</tr>
<?php } ?>
</tbody>
</table>
</div>
</section>
<div class="btn_fixed_top">
<input type="submit" value="확인" class="btn_submit btn" accesskey="s">
</div>
</section>
<div class="btn_fixed_top">
<input type="submit" value="확인" class="btn_submit btn" accesskey="s">
</div>
</form>
<script>
var captcha_chk = false;
var captcha_chk = false;
function use_captcha_check() {
$.ajax({
type: "POST",
url: g5_admin_url + "/ajax.use_captcha.php",
data: {
admin_use_captcha: "1"
},
cache: false,
async: false,
dataType: "json",
success: function(data) {}
});
}
function use_captcha_check(){
$.ajax({
type: "POST",
url: g5_admin_url+"/ajax.use_captcha.php",
data: { admin_use_captcha: "1" },
cache: false,
async: false,
dataType: "json",
success: function(data) {
function frm_check_file() {
var qa_include_head = "<?php echo $qaconfig['qa_include_head']; ?>";
var qa_include_tail = "<?php echo $qaconfig['qa_include_tail']; ?>";
var head = jQuery.trim(jQuery("#qa_include_head").val());
var tail = jQuery.trim(jQuery("#qa_include_tail").val());
if (qa_include_head !== head || qa_include_tail !== tail) {
// 캡챠를 사용합니다.
jQuery("#admin_captcha_box").show();
captcha_chk = true;
use_captcha_check();
return false;
} else {
jQuery("#admin_captcha_box").hide();
}
return true;
}
jQuery(function($) {
if (window.self !== window.top) { // frame 또는 iframe을 사용할 경우 체크
$("#qa_include_head, #qa_include_tail").on("change paste keyup", function(e) {
frm_check_file();
});
use_captcha_check();
}
});
}
function frm_check_file(){
var qa_include_head = "<?php echo $qaconfig['qa_include_head']; ?>";
var qa_include_tail = "<?php echo $qaconfig['qa_include_tail']; ?>";
var head = jQuery.trim(jQuery("#qa_include_head").val());
var tail = jQuery.trim(jQuery("#qa_include_tail").val());
function fqaconfigform_submit(f) {
<?php echo get_editor_js("qa_content_head"); ?>
<?php echo get_editor_js("qa_content_tail"); ?>
<?php echo get_editor_js("qa_mobile_content_head"); ?>
<?php echo get_editor_js("qa_mobile_content_tail"); ?>
if(qa_include_head !== head || qa_include_tail !== tail){
// 캡챠 사용합니다.
jQuery("#admin_captcha_box").show();
captcha_chk = true;
if (captcha_chk) {
<?php echo isset($captcha_js) ? $captcha_js : ''; // 캡챠 사용시 자바스크립트에서 입력된 캡챠를 검사함 ?>
}
use_captcha_check();
return false;
} else {
jQuery("#admin_captcha_box").hide();
f.action = "./qa_config_update.php";
return true;
}
return true;
}
jQuery(function($){
if( window.self !== window.top ){ // frame 또는 iframe을 사용할 경우 체크
$("#qa_include_head, #qa_include_tail").on("change paste keyup", function(e) {
frm_check_file();
});
use_captcha_check();
}
});
function fqaconfigform_submit(f)
{
<?php echo get_editor_js("qa_content_head"); ?>
<?php echo get_editor_js("qa_content_tail"); ?>
<?php echo get_editor_js("qa_mobile_content_head"); ?>
<?php echo get_editor_js("qa_mobile_content_tail"); ?>
if( captcha_chk ) {
<?php echo isset($captcha_js) ? $captcha_js : ''; // 캡챠 사용시 자바스크립트에서 입력된 캡챠를 검사함 ?>
}
f.action = "./qa_config_update.php";
return true;
}
</script>
<?php
include_once ('./admin.tail.php');
require_once './admin.tail.php';

37
adm/qa_config_update.php
View File

@ -1,6 +1,6 @@
<?php
$sub_menu = "300500";
include_once('./_common.php');
require_once './_common.php';
check_demo();
@ -14,49 +14,49 @@ $qaconfig = get_qa_config();
$check_keys = array('qa_title', 'qa_category', 'qa_skin', 'qa_mobile_skin', 'qa_use_email', 'qa_req_email', 'qa_use_hp', 'qa_req_hp', 'qa_use_sms', 'qa_send_number', 'qa_admin_hp', 'qa_admin_email', 'qa_subject_len', 'qa_mobile_subject_len', 'qa_page_rows', 'qa_mobile_page_rows', 'qa_image_width', 'qa_upload_size');
foreach($check_keys as $key){
$$key = $_POST[$key] = isset($_POST[$key]) ? strip_tags(clean_xss_attributes($_POST[$key])) : '';
foreach ($check_keys as $key) {
$$key = $_POST[$key] = isset($_POST[$key]) ? strip_tags(clean_xss_attributes($_POST[$key])) : '';
}
$qa_include_head = preg_replace(array("#[\\\]+$#", "#(<\?php|<\?)#i"), "", substr($qa_include_head, 0, 255));
$qa_include_tail = preg_replace(array("#[\\\]+$#", "#(<\?php|<\?)#i"), "", substr($qa_include_tail, 0, 255));
$qa_include_head = isset($qa_include_head) ? preg_replace(array("#[\\\]+$#", "#(<\?php|<\?)#i"), "", substr($qa_include_head, 0, 255)) : '';
$qa_include_tail = isset($qa_include_tail) ? preg_replace(array("#[\\\]+$#", "#(<\?php|<\?)#i"), "", substr($qa_include_tail, 0, 255)) : '';
// 관리자가 자동등록방지를 사용해야 할 경우
if ($board && ($qaconfig['qa_include_head'] !== $qa_include_head || $qaconfig['qa_include_tail'] !== $qa_include_tail) && function_exists('get_admin_captcha_by') && get_admin_captcha_by()){
include_once(G5_CAPTCHA_PATH.'/captcha.lib.php');
if ($board && ($qaconfig['qa_include_head'] !== $qa_include_head || $qaconfig['qa_include_tail'] !== $qa_include_tail) && function_exists('get_admin_captcha_by') && get_admin_captcha_by()) {
include_once G5_CAPTCHA_PATH . '/captcha.lib.php';
if (!chk_captcha()) {
alert('자동등록방지 숫자가 틀렸습니다.');
}
}
if( $qa_include_head ){
if ($qa_include_head) {
$file_ext = pathinfo($qa_include_head, PATHINFO_EXTENSION);
if( ! $file_ext || ! in_array($file_ext, array('php', 'htm', 'html')) || ! preg_match('/^.*\.(php|htm|html)$/i', $qa_include_head) ) {
if (!$file_ext || !in_array($file_ext, array('php', 'htm', 'html')) || !preg_match('/^.*\.(php|htm|html)$/i', $qa_include_head)) {
alert('상단 파일 경로의 확장자는 php, htm, html 만 허용합니다.');
}
}
if( $qa_include_tail ){
if ($qa_include_tail) {
$file_ext = pathinfo($qa_include_tail, PATHINFO_EXTENSION);
if( ! $file_ext || ! in_array($file_ext, array('php', 'htm', 'html')) || ! preg_match('/^.*\.(php|htm|html)$/i', $qa_include_tail) ) {
if (!$file_ext || !in_array($file_ext, array('php', 'htm', 'html')) || !preg_match('/^.*\.(php|htm|html)$/i', $qa_include_tail)) {
alert('하단 파일 경로의 확장자는 php, htm, html 만 허용합니다.');
}
}
if( $qa_include_head && ! is_include_path_check($qa_include_head, 1) ){
if ($qa_include_head && !is_include_path_check($qa_include_head, 1)) {
$qa_include_head = '';
$error_msg = '/data/file/ 또는 /data/editor/ 포함된 문자를 상단 파일 경로에 포함시킬수 없습니다.';
}
if( $qa_include_tail && ! is_include_path_check($qa_include_tail, 1) ){
if ($qa_include_tail && !is_include_path_check($qa_include_tail, 1)) {
$qa_include_tail = '';
$error_msg = '/data/file/ 또는 /data/editor/ 포함된 문자를 하단 파일 경로에 포함시킬수 없습니다.';
}
if( function_exists('filter_input_include_path') ){
if (function_exists('filter_input_include_path')) {
$qa_include_head = filter_input_include_path($qa_include_head);
$qa_include_tail = filter_input_include_path($qa_include_tail);
}
@ -67,7 +67,7 @@ $dst_char = array('', '〓');
$qa_category = str_replace($src_char, $dst_char, $_POST['qa_category']);
//https://github.com/gnuboard/gnuboard5/commit/f5f4925d4eb28ba1af728e1065fc2bdd9ce1da58 에 따른 조치
$qa_category = preg_replace("/[\<\>\'\"\\\'\\\"\%\=\(\)\/\^\*]/", "", $qa_category);
$qa_category = preg_replace("/[\<\>\'\"\\\'\\\"\%\=\(\)\/\^\*]/", "", (string)$qa_category);
$sql = " update {$g5['qa_config_table']}
set qa_title = '{$_POST['qa_title']}',
@ -108,11 +108,12 @@ $sql = " update {$g5['qa_config_table']}
qa_5 = '{$_POST['qa_5']}' ";
sql_query($sql);
if(function_exists('get_admin_captcha_by'))
if (function_exists('get_admin_captcha_by')) {
get_admin_captcha_by('remove');
}
if($error_msg){
if ($error_msg) {
alert($error_msg, './qa_config.php');
} else {
goto_url('./qa_config.php');
}
}

17
adm/safe_check.php
View File

@ -1,16 +1,21 @@
<?php
if (!defined('_GNUBOARD_')) exit; // 개별 페이지 접근 불가
if (!defined('_GNUBOARD_')) {
exit; // 개별 페이지 접근 불가
}
function social_log_file_delete($second=0){
$files = glob(G5_DATA_PATH.'/tmp/social_*');
function social_log_file_delete($second = 0)
{
$files = glob(G5_DATA_PATH . '/tmp/social_*');
if (is_array($files)) {
$before_time = $second ? G5_SERVER_TIME - $second : 0;
foreach ($files as $social_log_file) {
$modification_time = filemtime($log_file); // 파일접근시간
$modification_time = filemtime($social_log_file); // 파일접근시간
if ($before_time && $modification_time > $before_time) continue;
if ($before_time && $modification_time > $before_time) {
continue;
}
unlink($social_log_file);
}
}
}
}

2
adm/shop_admin/admin.shop.lib.php
View File

@ -72,7 +72,7 @@ function order_update_delivery($od_id, $mb_id, $change_status, $delivery)
if($change_status != '배송')
return;
$sql = " update {$g5['g5_shop_order_table']} set od_delivery_company = '{$delivery['delivery_company']}', od_invoice = '{$delivery['invoice']}', od_invoice_time = '{$delivery['invoice_time']}' where od_id = '$od_id' and od_status = '준비' ";
$sql = " update {$g5['g5_shop_order_table']} set od_delivery_company = '".sql_real_escape_string($delivery['delivery_company'])."', od_invoice = '".sql_real_escape_string($delivery['invoice'])."', od_invoice_time = '".sql_real_escape_string($delivery['invoice_time'])."' where od_id = '$od_id' and od_status = '준비' ";
sql_query($sql);
$sql = " select * from {$g5['g5_shop_cart_table']} where od_id = '$od_id' ";

2
adm/shop_admin/categoryform.php
View File

@ -49,7 +49,7 @@ if ($w == "")
where SUBSTRING(ca_id,1,$len) = '$ca_id' ";
$row = sql_fetch($sql);
$subid = base_convert($row['max_subid'], 36, 10);
$subid = base_convert((string)$row['max_subid'], 36, 10);
$subid += 36;
if ($subid >= 36 * 36)
{

6
adm/shop_admin/configformupdate.php
View File

@ -239,7 +239,11 @@ $check_sanitize_keys = array(
);
foreach( $check_sanitize_keys as $key ){
$$key = isset($_POST[$key]) ? clean_xss_tags($_POST[$key], 1, 1) : '';
if( in_array($key, array('de_bank_account')) ){
$$key = isset($_POST[$key]) ? clean_xss_tags($_POST[$key], 1, 1, 0, 0) : '';
} else {
$$key = isset($_POST[$key]) ? clean_xss_tags($_POST[$key], 1, 1) : '';
}
}
$warning_msg = '';

2
adm/shop_admin/couponformupdate.php
View File

@ -139,7 +139,7 @@ if($w == '') {
}
// 쿠폰생성알림 발송
if($w == '' && ($_POST['cp_sms_send'] || $_POST['cp_email_send'])) {
if ($w == '' && (isset($_POST['cp_sms_send']) || isset($_POST['cp_email_send']))) {
include_once(G5_LIB_PATH.'/mailer.lib.php');
$sms_count = 0;

2
adm/shop_admin/inorderformupdate.php
View File

@ -232,7 +232,7 @@ $od_b_addr1 = clean_xss_tags($data['od_b_addr1']);
$od_b_addr2 = clean_xss_tags($data['od_b_addr2']);
$od_b_addr3 = clean_xss_tags($data['od_b_addr3']);
$od_b_addr_jibeon = preg_match("/^(N|R)$/", $data['od_b_addr_jibeon']) ? $data['od_b_addr_jibeon'] : '';
$od_memo = clean_xss_tags($data['od_memo']);
$od_memo = clean_xss_tags($data['od_memo'], 0, 1, 0, 0);
$od_deposit_name = clean_xss_tags($data['od_deposit_name']);
$od_tax_flag = $default['de_tax_flag_use'];
$od_receipt_price = $tot_ct_price + $od_send_cost + $od_send_cost2 - ($od_temp_point + $tot_cp_price + $tot_sc_cp_price);

56
adm/shop_admin/itemexcelupdate.php
View File

@ -10,7 +10,7 @@ auth_check_menu($auth, $sub_menu, "w");
function only_number($n)
{
return preg_replace('/[^0-9]/', '', $n);
return preg_replace('/[^0-9]/', '', (string)$n);
}
$is_upload_file = (isset($_FILES['excelfile']['tmp_name']) && $_FILES['excelfile']['tmp_name']) ? 1 : 0;
@ -50,44 +50,44 @@ if($is_upload_file) {
$it_id = (string) $rowData[0][$j++];
$it_id = preg_match('/[-+]?[0-9]*\.?[0-9]+([eE][-+]?[0-9]+)/', $it_id) ? addslashes(sprintf("%.0f", $it_id)) : preg_replace('/[^0-9a-z_\-]/i', '', $it_id);
$ca_id = addslashes($rowData[0][$j++]);
$ca_id2 = addslashes($rowData[0][$j++]);
$ca_id3 = addslashes($rowData[0][$j++]);
$ca_id2 = addslashes((string)$rowData[0][$j++]);
$ca_id3 = addslashes((string)$rowData[0][$j++]);
$it_name = addslashes($rowData[0][$j++]);
$it_maker = addslashes($rowData[0][$j++]);
$it_origin = addslashes($rowData[0][$j++]);
$it_brand = addslashes($rowData[0][$j++]);
$it_model = addslashes($rowData[0][$j++]);
$it_type1 = addslashes($rowData[0][$j++]);
$it_type2 = addslashes($rowData[0][$j++]);
$it_type3 = addslashes($rowData[0][$j++]);
$it_type4 = addslashes($rowData[0][$j++]);
$it_type5 = addslashes($rowData[0][$j++]);
$it_basic = addslashes($rowData[0][$j++]);
$it_explan = addslashes($rowData[0][$j++]);
$it_mobile_explan = addslashes($rowData[0][$j++]);
$it_maker = addslashes((string)$rowData[0][$j++]);
$it_origin = addslashes((string)$rowData[0][$j++]);
$it_brand = addslashes((string)$rowData[0][$j++]);
$it_model = addslashes((string)$rowData[0][$j++]);
$it_type1 = addslashes((string)$rowData[0][$j++]);
$it_type2 = addslashes((string)$rowData[0][$j++]);
$it_type3 = addslashes((string)$rowData[0][$j++]);
$it_type4 = addslashes((string)$rowData[0][$j++]);
$it_type5 = addslashes((string)$rowData[0][$j++]);
$it_basic = addslashes((string)$rowData[0][$j++]);
$it_explan = addslashes((string)$rowData[0][$j++]);
$it_mobile_explan = addslashes((string)$rowData[0][$j++]);
$it_cust_price = addslashes(only_number($rowData[0][$j++]));
$it_price = addslashes(only_number($rowData[0][$j++]));
$it_tel_inq = addslashes($rowData[0][$j++]);
$it_tel_inq = addslashes((string)$rowData[0][$j++]);
$it_point = addslashes(only_number($rowData[0][$j++]));
$it_point_type = addslashes(only_number($rowData[0][$j++]));
$it_sell_email = addslashes($rowData[0][$j++]);
$it_use = addslashes($rowData[0][$j++]);
$it_sell_email = addslashes((string)$rowData[0][$j++]);
$it_use = addslashes((string)$rowData[0][$j++]);
$it_stock_qty = addslashes(only_number($rowData[0][$j++]));
$it_noti_qty = addslashes(only_number($rowData[0][$j++]));
$it_buy_min_qty = addslashes(only_number($rowData[0][$j++]));
$it_buy_max_qty = addslashes(only_number($rowData[0][$j++]));
$it_notax = addslashes(only_number($rowData[0][$j++]));
$it_order = addslashes(only_number($rowData[0][$j++]));
$it_img1 = addslashes($rowData[0][$j++]);
$it_img2 = addslashes($rowData[0][$j++]);
$it_img3 = addslashes($rowData[0][$j++]);
$it_img4 = addslashes($rowData[0][$j++]);
$it_img5 = addslashes($rowData[0][$j++]);
$it_img6 = addslashes($rowData[0][$j++]);
$it_img7 = addslashes($rowData[0][$j++]);
$it_img8 = addslashes($rowData[0][$j++]);
$it_img9 = addslashes($rowData[0][$j++]);
$it_img10 = addslashes($rowData[0][$j++]);
$it_img1 = addslashes((string)$rowData[0][$j++]);
$it_img2 = addslashes((string)$rowData[0][$j++]);
$it_img3 = addslashes((string)$rowData[0][$j++]);
$it_img4 = addslashes((string)$rowData[0][$j++]);
$it_img5 = addslashes((string)$rowData[0][$j++]);
$it_img6 = addslashes((string)$rowData[0][$j++]);
$it_img7 = addslashes((string)$rowData[0][$j++]);
$it_img8 = addslashes((string)$rowData[0][$j++]);
$it_img9 = addslashes((string)$rowData[0][$j++]);
$it_img10 = addslashes((string)$rowData[0][$j++]);
$it_explan2 = strip_tags(trim($it_explan));
if(!$it_id || !$ca_id || !$it_name) {

10
adm/shop_admin/itemformupdate.php
View File

@ -476,13 +476,13 @@ if ($w == "" || $w == "u")
{
$sql = " insert into {$g5['g5_shop_item_relation_table']}
set it_id = '$it_id',
it_id2 = '$it_id2[$i]',
it_id2 = '".sql_real_escape_string($it_id2[$i])."',
ir_no = '$i' ";
sql_query($sql, false);
// 관련상품의 반대로도 등록
$sql = " insert into {$g5['g5_shop_item_relation_table']}
set it_id = '$it_id2[$i]',
set it_id = '".sql_real_escape_string($it_id2[$i])."',
it_id2 = '$it_id',
ir_no = '$i' ";
sql_query($sql, false);
@ -496,7 +496,7 @@ if ($w == "" || $w == "u")
if (trim($ev_id[$i]))
{
$sql = " insert into {$g5['g5_shop_event_item_table']}
set ev_id = '$ev_id[$i]',
set ev_id = '".sql_real_escape_string($ev_id[$i])."',
it_id = '$it_id' ";
sql_query($sql, false);
}
@ -510,7 +510,7 @@ if($option_count) {
( `io_id`, `io_type`, `it_id`, `io_price`, `io_stock_qty`, `io_noti_qty`, `io_use` )
VALUES ";
for($i=0; $i<$option_count; $i++) {
$sql .= $comma . " ( '{$_POST['opt_id'][$i]}', '0', '$it_id', '{$_POST['opt_price'][$i]}', '{$_POST['opt_stock_qty'][$i]}', '{$_POST['opt_noti_qty'][$i]}', '{$_POST['opt_use'][$i]}' )";
$sql .= $comma . " ( '".sql_real_escape_string($_POST['opt_id'][$i])."', '0', '$it_id', '".sql_real_escape_string($_POST['opt_price'][$i])."', '".sql_real_escape_string($_POST['opt_stock_qty'][$i])."', '".sql_real_escape_string($_POST['opt_noti_qty'][$i])."', '".sql_real_escape_string($_POST['opt_use'][$i])."' )";
$comma = ' , ';
}
@ -524,7 +524,7 @@ if($supply_count) {
( `io_id`, `io_type`, `it_id`, `io_price`, `io_stock_qty`, `io_noti_qty`, `io_use` )
VALUES ";
for($i=0; $i<$supply_count; $i++) {
$sql .= $comma . " ( '{$_POST['spl_id'][$i]}', '1', '$it_id', '{$_POST['spl_price'][$i]}', '{$_POST['spl_stock_qty'][$i]}', '{$_POST['spl_noti_qty'][$i]}', '{$_POST['spl_use'][$i]}' )";
$sql .= $comma . " ( '".sql_real_escape_string($_POST['spl_id'][$i])."', '1', '$it_id', '".sql_real_escape_string($_POST['spl_price'][$i])."', '".sql_real_escape_string($_POST['spl_stock_qty'][$i])."', '".sql_real_escape_string($_POST['spl_noti_qty'][$i])."', '".sql_real_escape_string($_POST['spl_use'][$i])."' )";
$comma = ' , ';
}

4
adm/shop_admin/itemlistupdate.php
View File

@ -35,8 +35,8 @@ if ($post_act_button == "선택수정") {
$p_it_stock_qty = (isset($_POST['it_stock_qty']) && is_array($_POST['it_stock_qty'])) ? strip_tags($_POST['it_stock_qty'][$k]) : '';
$p_it_skin = (isset($_POST['it_skin']) && is_array($_POST['it_skin'])) ? strip_tags($_POST['it_skin'][$k]) : '';
$p_it_mobile_skin = (isset($_POST['it_mobile_skin']) && is_array($_POST['it_mobile_skin'])) ? strip_tags($_POST['it_mobile_skin'][$k]) : '';
$p_it_use = (isset($_POST['it_use']) && is_array($_POST['it_use'])) ? strip_tags($_POST['it_use'][$k]) : '';
$p_it_soldout = (isset($_POST['it_soldout']) && is_array($_POST['it_soldout'])) ? strip_tags($_POST['it_soldout'][$k]) : '';
$p_it_use = isset($_POST['it_use'][$k]) ? clean_xss_tags($_POST['it_use'][$k], 1, 1) : 0;
$p_it_soldout = isset($_POST['it_soldout'][$k]) ? clean_xss_tags($_POST['it_soldout'][$k], 1, 1) : 0;
$p_it_order = (isset($_POST['it_order']) && is_array($_POST['it_order'])) ? strip_tags($_POST['it_order'][$k]) : '';
$p_it_id = isset($_POST['it_id'][$k]) ? preg_replace('/[^a-z0-9_\-]/i', '', $_POST['it_id'][$k]) : '';

6
adm/shop_admin/itemstocklist.php
View File

@ -171,9 +171,9 @@ $listall = '<a href="'.$_SERVER['SCRIPT_NAME'].'" class="ov_listall">전체목
<?php echo $row['it_id']; ?>
</td>
<td class="td_left"><a href="<?php echo $href; ?>"><?php echo get_it_image($row['it_id'], 50, 50); ?> <?php echo cut_str(stripslashes($row['it_name']), 60, "&#133"); ?></a></td>
<td class="td_num<?php echo $it_stock_qty_st; ?>"><?php echo $it_stock_qty; ?></td>
<td class="td_num"><?php echo number_format($wait_qty); ?></td>
<td class="td_num"><?php echo number_format($temporary_qty); ?></td>
<td class="td_num<?php echo $it_stock_qty_st; ?>"><?php echo (int)$it_stock_qty; ?></td>
<td class="td_num"><?php echo number_format((float)$wait_qty); ?></td>
<td class="td_num"><?php echo number_format((float)$temporary_qty); ?></td>
<td class="td_num">
<label for="stock_qty_<?php echo $i; ?>" class="sound_only">재고수정</label>
<input type="text" name="it_stock_qty[<?php echo $i; ?>]" value="<?php echo $row['it_stock_qty']; ?>" id="stock_qty_<?php echo $i; ?>" class="frm_input" size="10" autocomplete="off">

10
adm/shop_admin/itemsupply.php
View File

@ -85,7 +85,7 @@ if($ps_run) {
} // for
} else {
for($i=0; $i<$subject_count; $i++) {
$spl_subject = isset($_POST['subject'][$i]) ? preg_replace(G5_OPTION_ID_FILTER, '', trim(stripslashes($_POST['subject'][$i]))) : '';
$spl_subject = isset($_POST['subject'][$i]) ? preg_replace(G5_OPTION_ID_FILTER, '', strip_tags(trim(stripslashes($_POST['subject'][$i])))) : '';
$spl_val = isset($_POST['supply'][$i]) ? explode(',', preg_replace(G5_OPTION_ID_FILTER, '', trim(stripslashes($_POST['supply'][$i])))) : '';
$spl_count = count($spl_val);
@ -103,7 +103,7 @@ if($ps_run) {
$sql = " select io_price, io_stock_qty, io_noti_qty, io_use
from {$g5['g5_shop_item_option_table']}
where it_id = '{$post_it_id}'
and io_id = '$spl_id'
and io_id = '".sql_real_escape_string($spl_id)."'
and io_type = '1' ";
$row = sql_fetch($sql);
@ -117,11 +117,11 @@ if($ps_run) {
?>
<tr>
<td class="td_chk">
<input type="hidden" name="spl_id[]" value="<?php echo $spl_id; ?>">
<label for="spl_chk_<?php echo $i; ?>" class="sound_only"><?php echo $spl_subject.' '.$spl; ?></label>
<input type="hidden" name="spl_id[]" value="<?php echo get_text($spl_id); ?>">
<label for="spl_chk_<?php echo $i; ?>" class="sound_only"><?php echo get_text($spl_subject.' '.$spl); ?></label>
<input type="checkbox" name="spl_chk[]" id="spl_chk_<?php echo $i; ?>" value="1">
</td>
<td class="spl-subject-cell"><?php echo $spl_subject; ?></td>
<td class="spl-subject-cell"><?php echo get_text($spl_subject); ?></td>
<td class="spl-cell"><?php echo $spl; ?></td>
<td class="td_numsmall">
<label for="spl_price_<?php echo $i; ?>" class="sound_only">상품금액</label>

47
adm/shop_admin/orderdeliveryexcel.php
View File

@ -21,7 +21,6 @@ if(! function_exists('column_char')) {
}
}
if (phpversion() >= '5.2.0') {
include_once(G5_LIB_PATH.'/PHPExcel.php');
$headers = array('주문번호', '주문자명', '주문자전화1', '주문자전화2', '배송자명', '배송지전화1', '배송지전화2', '배송지주소', '배송회사', '운송장번호');
@ -47,7 +46,7 @@ if (phpversion() >= '5.2.0') {
$data = array_merge(array($headers), $rows);
$excel = new PHPExcel();
$excel->setActiveSheetIndex(0)->getStyle( "A1:${last_char}1" )->getFill()->setFillType(PHPExcel_Style_Fill::FILL_SOLID)->getStartColor()->setARGB($header_bgcolor);
$excel->setActiveSheetIndex(0)->getStyle( "A1:{$last_char}1" )->getFill()->setFillType(PHPExcel_Style_Fill::FILL_SOLID)->getStartColor()->setARGB($header_bgcolor);
$excel->setActiveSheetIndex(0)->getStyle( "A:$last_char" )->getAlignment()->setVertical(PHPExcel_Style_Alignment::VERTICAL_CENTER)->setWrapText(true);
foreach($widths as $i => $w) $excel->setActiveSheetIndex(0)->getColumnDimension( column_char($i) )->setWidth($w);
$excel->getActiveSheet()->fromArray($data,NULL,'A1');
@ -58,47 +57,3 @@ if (phpversion() >= '5.2.0') {
$writer = PHPExcel_IOFactory::createWriter($excel, 'Excel5');
$writer->save('php://output');
} else {
/*================================================================================
php_writeexcel http://www.bettina-attack.de/jonny/view.php/projects/php_writeexcel/
=================================================================================*/
include_once(G5_LIB_PATH.'/Excel/php_writeexcel/class.writeexcel_workbook.inc.php');
include_once(G5_LIB_PATH.'/Excel/php_writeexcel/class.writeexcel_worksheet.inc.php');
$fname = tempnam(G5_DATA_PATH, "tmp-deliverylist.xls");
$workbook = new writeexcel_workbook($fname);
$worksheet = $workbook->addworksheet();
// Put Excel data
$data = array('주문번호', '주문자명', '주문자전화1', '주문자전화2', '배송자명', '배송지전화1', '배송지전화2', '배송지주소', '배송회사', '운송장번호');
$data = array_map('iconv_euckr', $data);
$col = 0;
foreach($data as $cell) {
$worksheet->write(0, $col++, $cell);
}
for($i=1; $row=sql_fetch_array($result); $i++) {
$row = array_map('iconv_euckr', $row);
$worksheet->write($i, 0, ' '.$row['od_id']);
$worksheet->write($i, 1, $row['od_name']);
$worksheet->write($i, 2, ' '.$row['od_tel']);
$worksheet->write($i, 3, ' '.$row['od_hp']);
$worksheet->write($i, 4, $row['od_b_name']);
$worksheet->write($i, 5, ' '.$row['od_b_tel']);
$worksheet->write($i, 6, ' '.$row['od_b_hp']);
$worksheet->write($i, 7, print_address($row['od_b_addr1'], $row['od_b_addr2'], $row['od_b_addr3'], $row['od_b_addr_jibeon']));
$worksheet->write($i, 8, $row['od_delivery_company']);
$worksheet->write($i, 9, $row['od_invoice']);
}
$workbook->close();
header("Content-Type: application/x-msexcel; name=\"deliverylist-".date("ymd", time()).".xls\"");
header("Content-Disposition: inline; filename=\"deliverylist-".date("ymd", time()).".xls\"");
$fh=fopen($fname, "rb");
fpassthru($fh);
unlink($fname);
}

92
adm/shop_admin/orderprintresult.php
View File

@ -168,7 +168,6 @@ if ($csv == 'xls')
if (!$cnt)
alert("출력할 내역이 없습니다.");
if (phpversion() >= '5.2.0') {
include_once(G5_LIB_PATH.'/PHPExcel.php');
$headers = array('우편번호', '주소', '이름', '전화1', '전화2', '상품명', '수량', '선택사항', '배송비', '상품코드', '주문번호', '운송장번호', '전하실말씀');
@ -235,7 +234,7 @@ if ($csv == 'xls')
$data = array_merge(array($headers), $rows);
$excel = new PHPExcel();
$excel->setActiveSheetIndex(0)->getStyle( "A1:${last_char}1" )->getFill()->setFillType(PHPExcel_Style_Fill::FILL_SOLID)->getStartColor()->setARGB($header_bgcolor);
$excel->setActiveSheetIndex(0)->getStyle( "A1:{$last_char}1" )->getFill()->setFillType(PHPExcel_Style_Fill::FILL_SOLID)->getStartColor()->setARGB($header_bgcolor);
$excel->setActiveSheetIndex(0)->getStyle( "A:$last_char" )->getAlignment()->setVertical(PHPExcel_Style_Alignment::VERTICAL_CENTER)->setWrapText(true);
foreach($widths as $i => $w) $excel->setActiveSheetIndex(0)->getColumnDimension( column_char($i) )->setWidth($w);
$excel->getActiveSheet()->fromArray($data,NULL,'A1');
@ -246,95 +245,6 @@ if ($csv == 'xls')
$writer = PHPExcel_IOFactory::createWriter($excel, 'Excel5');
$writer->save('php://output');
} else {
/*================================================================================
php_writeexcel http://www.bettina-attack.de/jonny/view.php/projects/php_writeexcel/
=================================================================================*/
include_once(G5_LIB_PATH.'/Excel/php_writeexcel/class.writeexcel_workbook.inc.php');
include_once(G5_LIB_PATH.'/Excel/php_writeexcel/class.writeexcel_worksheet.inc.php');
$fname = tempnam(G5_DATA_PATH, "tmp-orderlist.xls");
$workbook = new writeexcel_workbook($fname);
$worksheet = $workbook->addworksheet();
// Put Excel data
$data = array('우편번호', '주소', '이름', '전화1', '전화2', '상품명', '수량', '선택사항', '배송비', '상품코드', '주문번호', '운송장번호', '전하실말씀');
$data = array_map('iconv_euckr', $data);
$col = 0;
foreach($data as $cell) {
$worksheet->write(0, $col++, $cell);
}
$save_it_id = '';
for($i=1; $row=sql_fetch_array($result); $i++)
{
if($save_it_id != $row['it_id']) {
// 합계금액 계산
$sql = " select SUM(IF(io_type = 1, (io_price * ct_qty), ((ct_price + io_price) * ct_qty))) as price,
SUM(ct_qty) as qty
from {$g5['g5_shop_cart_table']}
where it_id = '{$row['it_id']}'
and od_id = '{$row['od_id']}' ";
$sum = sql_fetch($sql);
switch($row['ct_send_cost'])
{
case 1:
$ct_send_cost = '착불';
break;
case 2:
$ct_send_cost = '무료';
break;
default:
$ct_send_cost = '선불';
break;
}
// 조건부무료
if($row['it_sc_type'] == 2) {
$sendcost = get_item_sendcost($row['it_id'], $sum['price'], $sum['qty'], $row['od_id']);
if($sendcost == 0)
$ct_send_cost = '무료';
}
$save_it_id = $row['it_id'];
$ct_send_cost = iconv_euckr($ct_send_cost);
}
$pull_address = iconv('UTF-8', 'UHC', print_address($row['od_b_addr1'], $row['od_b_addr2'], $row['od_b_addr3'], $row['od_b_addr_jibeon']));
$row = array_map('iconv_euckr', $row);
$worksheet->write($i, 0, ' '.$row['od_b_zip1'].$row['od_b_zip2']);
$worksheet->write($i, 1, $pull_address);
$worksheet->write($i, 2, $row['od_b_name']);
$worksheet->write($i, 3, ' '.$row['od_b_tel']);
$worksheet->write($i, 4, ' '.$row['od_b_hp']);
$worksheet->write($i, 5, $row['it_name']);
$worksheet->write($i, 6, $row['ct_qty']);
$worksheet->write($i, 7, $row['ct_option']);
$worksheet->write($i, 8, $ct_send_cost);
$worksheet->write($i, 9, ' '.$row['it_id']);
$worksheet->write($i, 10, ' '.$row['od_id']);
$worksheet->write($i, 11, $row['od_invoice']);
$worksheet->write($i, 12, $row['od_memo']);
}
$workbook->close();
header("Content-Type: application/x-msexcel; name=\"orderlist-".date("ymd", time()).".xls\"");
header("Content-Disposition: inline; filename=\"orderlist-".date("ymd", time()).".xls\"");
$fh=fopen($fname, "rb");
fpassthru($fh);
unlink($fname);
exit;
} //end if php 5.2.0
}

2
adm/sms_admin/num_book_file_download.php
View File

@ -51,7 +51,7 @@ for($i=1; $res=sql_fetch_array($qry); $i++)
$data = array_merge(array($headers), $rows);
$excel->setActiveSheetIndex(0)->getStyle( "A1:${last_char}1" )->getFill()->setFillType(PHPExcel_Style_Fill::FILL_SOLID)->getStartColor()->setARGB($header_bgcolor);
$excel->setActiveSheetIndex(0)->getStyle( "A1:{$last_char}1" )->getFill()->setFillType(PHPExcel_Style_Fill::FILL_SOLID)->getStartColor()->setARGB($header_bgcolor);
$excel->setActiveSheetIndex(0)->getStyle( "A:$last_char" )->getAlignment()->setVertical(PHPExcel_Style_Alignment::VERTICAL_CENTER)->setWrapText(true);
foreach($widths as $i => $w) $excel->setActiveSheetIndex(0)->getColumnDimension( column_char($i) )->setWidth($w);
$excel->getActiveSheet()->fromArray($data,NULL,'A1');

4
adm/sms_admin/num_book_file_upload.php
View File

@ -74,13 +74,13 @@ for ($i = 1; $i <= $num_rows; $i++) {
switch ($ext) {
case '.csv' :
$name = $csv[$i][0];
$name = isset($csv[$i][0]) ? $csv[$i][0] : '';
$str_encode = @mb_detect_encoding($name, $encode);
if( $str_encode == "EUC-KR" ){
$name = iconv_utf8( $name );
}
$name = addslashes($name);
$hp = addslashes($csv[$i][1]);
$hp = addslashes(isset($csv[$i][1]) ? $csv[$i][1] : '');
break;
case '.xls' :
case '.xlsx' :

3
adm/sms_admin/number_move_update.php
View File

@ -1,4 +1,5 @@
<?php
$sub_menu = "900800";
include_once('./_common.php');
auth_check_menu($auth, $sub_menu, "r");
@ -20,7 +21,7 @@ for ($kk=0;$row = sql_fetch_array($result);$kk++)
$bk_no = $row['bk_no'];
for ($i=0; $i<count($post_chk_bg_no); $i++)
{
$bg_no = $post_chk_bg_no[$i];
$bg_no = (int) $post_chk_bg_no[$i];
if( !$bg_no ) continue;
$sql = " insert into {$g5['sms5_book_table']}

2
adm/sms_admin/sms_write_send.php
View File

@ -25,7 +25,7 @@ if ( ! (($config['cf_icode_id'] && $config['cf_icode_pw']) || $config['cf_icode_
}
$wr_reply = isset($_REQUEST['wr_reply']) ? preg_replace('#[^0-9\-]#', '', trim($_REQUEST['wr_reply'])) : '';
$wr_message = isset($_REQUEST['wr_message']) ? clean_xss_tags(trim($_REQUEST['wr_message'])) : '';
$wr_message = isset($_REQUEST['wr_message']) ? clean_xss_tags(trim($_REQUEST['wr_message']), 1, 1, 0, 0) : '';
$send_list = isset($_REQUEST['send_list']) ? clean_xss_tags(trim($_REQUEST['send_list']), 1, 1) : '';
$wr_by = isset($_REQUEST['wr_by']) ? clean_xss_tags(trim($_REQUEST['wr_by']), 1, 1) : '';

Some files were not shown because too many files have changed in this diff Show More