firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

Merge branch 'gnuboard:master' into master

Browse Source
This commit is contained in:
Hailey Kim
2022-06-21 18:06:23 +09:00
committed by GitHub
parent 958b9342b5 2366e8ebfb
commit 444c6d88c2
186 changed files with 8382 additions and 8125 deletions
Download Patch File Download Diff File Expand all files Collapse all files

0
README.md Normal file
View File

30
adm/_common.php
View File

@ -1,32 +1,10 @@
<?php <?php
define('G5_IS_ADMIN', true); define('G5_IS_ADMIN', true);
include_once ('../common.php'); require_once '../common.php';
include_once(G5_ADMIN_PATH.'/admin.lib.php'); require_once G5_ADMIN_PATH . '/admin.lib.php';
if( isset($token) ){ if (isset($token)) {
$token = @htmlspecialchars(strip_tags($token), ENT_QUOTES); $token = @htmlspecialchars(strip_tags($token), ENT_QUOTES);
} }
if( ! function_exists('check_data_htaccess_file') ) { run_event('admin_common');
function check_data_htaccess_file() {
$save_path = G5_DATA_PATH.'/.htaccess';
if( file_exists($save_path) && is_writable($save_path) ) {
$code = file_get_contents($save_path);
$add_code = 'RedirectMatch 403 /session/.*';
if( strpos($code, $add_code) === false ){
$fp = fopen($save_path, "ab");
flock( $fp, LOCK_EX );
fwrite( $fp, "\n\n" );
fwrite( $fp, $add_code );
fwrite( $fp, "\n\n" );
flock( $fp, LOCK_UN );
fclose($fp);
}
}
}
check_data_htaccess_file();
}
run_event('admin_common');

92
adm/_rewrite_config_form.php
View File

@ -1,5 +1,7 @@
<?php <?php
if (!defined('_GNUBOARD_')) exit; if (!defined('_GNUBOARD_')) {
exit;
}
$is_use_apache = (stripos($_SERVER['SERVER_SOFTWARE'], 'apache') !== false); $is_use_apache = (stripos($_SERVER['SERVER_SOFTWARE'], 'apache') !== false);
@ -11,29 +13,29 @@ $is_write_file = false;
$is_apache_need_rules = false; $is_apache_need_rules = false;
$is_apache_rewrite = false; $is_apache_rewrite = false;
if( !($is_use_apache || $is_use_nginx || $is_use_iis) ){ // 셋다 아니면 다 출력시킨다. if (!($is_use_apache || $is_use_nginx || $is_use_iis)) { // 셋다 아니면 다 출력시킨다.
$is_use_apache = true; $is_use_apache = true;
$is_use_nginx = true; $is_use_nginx = true;
} }
if ( $is_use_nginx ){ if ($is_use_nginx) {
$is_write_file = false; $is_write_file = false;
} }
if ( $is_use_apache ){ if ($is_use_apache) {
$is_write_file = (is_writable(G5_PATH) || (file_exists(G5_PATH.'/.htaccess') && is_writable(G5_PATH.'/.htaccess'))) ? true : false; $is_write_file = (is_writable(G5_PATH) || (file_exists(G5_PATH . '/.htaccess') && is_writable(G5_PATH . '/.htaccess'))) ? true : false;
$is_apache_need_rules = check_need_rewrite_rules(); $is_apache_need_rules = check_need_rewrite_rules();
$is_apache_rewrite = function_exists('apache_get_modules') && in_array('mod_rewrite', apache_get_modules()); $is_apache_rewrite = function_exists('apache_get_modules') && in_array('mod_rewrite', apache_get_modules());
} }
$get_path_url = parse_url( G5_URL ); $get_path_url = parse_url(G5_URL);
$base_path = isset($get_path_url['path']) ? $get_path_url['path'].'/' : '/'; $base_path = isset($get_path_url['path']) ? $get_path_url['path'] . '/' : '/';
// add_stylesheet('css 구문', 출력순서); 숫자가 작을 수록 먼저 출력됨 // add_stylesheet('css 구문', 출력순서); 숫자가 작을 수록 먼저 출력됨
add_stylesheet('<link rel="stylesheet" href="'.G5_JS_URL.'/remodal/remodal.css">', 11); add_stylesheet('<link rel="stylesheet" href="' . G5_JS_URL . '/remodal/remodal.css">', 11);
add_stylesheet('<link rel="stylesheet" href="'.G5_JS_URL.'/remodal/remodal-default-theme.css">', 12); add_stylesheet('<link rel="stylesheet" href="' . G5_JS_URL . '/remodal/remodal-default-theme.css">', 12);
add_javascript('<script src="'.G5_JS_URL.'/remodal/remodal.js"></script>', 10); add_javascript('<script src="' . G5_JS_URL . '/remodal/remodal.js"></script>', 10);
?> ?>
<section id="anc_cf_url"> <section id="anc_cf_url">
<h2 class="h2_frm">짧은 주소 설정</h2> <h2 class="h2_frm">짧은 주소 설정</h2>
@ -41,48 +43,48 @@ add_javascript('<script src="'.G5_JS_URL.'/remodal/remodal.js"></script>', 10);
<div class="local_desc02 local_desc"> <div class="local_desc02 local_desc">
<p> <p>
게시판과 컨텐츠 페이지에 짧은 URL 을 사용합니다. <a href="https://sir.kr/manual/g5/286" class="btn btn_03" target="_blank" style="margin-left:10px">설정 관련 메뉴얼 보기</a> 게시판과 컨텐츠 페이지에 짧은 URL 을 사용합니다. <a href="https://sir.kr/manual/g5/286" class="btn btn_03" target="_blank" style="margin-left:10px">설정 관련 메뉴얼 보기</a>
<?php if( $is_use_apache && ! $is_use_nginx ){ ?> <?php if ($is_use_apache && !$is_use_nginx) { ?>
<?php if( ! $is_apache_rewrite ){ ?> <?php if (!$is_apache_rewrite) { ?>
<br><strong>Apache 서버인 경우 rewrite_module 이 비활성화 되어 있으면 짧은 주소를 사용할수 없습니다.</strong> <br><strong>Apache 서버인 경우 rewrite_module 이 비활성화 되어 있으면 짧은 주소를 사용할수 없습니다.</strong>
<?php } else if( ! $is_write_file && $is_apache_need_rules ) { // apache인 경우 ?> <?php } elseif (!$is_write_file && $is_apache_need_rules) { // apache인 경우 ?>
<br><strong>짧은 주소 사용시 아래 Apache 설정 코드를 참고하여 설정해 주세요.</strong> <br><strong>짧은 주소 사용시 아래 Apache 설정 코드를 참고하여 설정해 주세요.</strong>
<?php } ?> <?php } ?>
<?php } ?> <?php } ?>
</p> </p>
</div> </div>
<div class="server_config_views"> <div class="server_config_views">
<?php if ( $is_use_apache ){ ?> <?php if ($is_use_apache) { ?>
<button type="button" data-remodal-target="modal_apache" class="btn btn_03">Apache 설정 코드 보기</button> <button type="button" data-remodal-target="modal_apache" class="btn btn_03">Apache 설정 코드 보기</button>
<?php } ?> <?php } ?>
<?php if ( $is_use_nginx ) { ?> <?php if ($is_use_nginx) { ?>
<button type="button" data-remodal-target="modal_nginx" class="btn btn_03">Nginx 설정 코드 보기</button> <button type="button" data-remodal-target="modal_nginx" class="btn btn_03">Nginx 설정 코드 보기</button>
<?php } ?> <?php } ?>
</div> </div>
<div class="tbl_frm01 tbl_wrap"> <div class="tbl_frm01 tbl_wrap">
<table> <table>
<caption>짧은주소 설정</caption> <caption>짧은주소 설정</caption>
<colgroup> <colgroup>
<col class="grid_4"> <col class="grid_4">
<col> <col>
</colgroup> </colgroup>
<tbody> <tbody>
<?php <?php
$short_url_arrs = array( $short_url_arrs = array(
'0'=>array('label'=>'사용안함', 'url'=>G5_URL.'/board.php?bo_table=free&wr_id=123'), '0' => array('label' => '사용안함', 'url' => G5_URL . '/board.php?bo_table=free&wr_id=123'),
'1'=>array('label'=>'숫자', 'url'=>G5_URL.'/free/123'), '1' => array('label' => '숫자', 'url' => G5_URL . '/free/123'),
'2'=>array('label'=>'글 이름', 'url'=>G5_URL.'/free/안녕하세요/'), '2' => array('label' => '글 이름', 'url' => G5_URL . '/free/안녕하세요/'),
); );
foreach($short_url_arrs as $k=>$v){ foreach ($short_url_arrs as $k => $v) {
$checked = ((int) $config['cf_bbs_rewrite'] === (int) $k) ? 'checked' : ''; $checked = ((int) $config['cf_bbs_rewrite'] === (int) $k) ? 'checked' : '';
?> ?>
<tr> <tr>
<td><input name="cf_bbs_rewrite" id="cf_bbs_rewrite_<?php echo $k; ?>" type="radio" value="<?php echo $k; ?>" <?php echo $checked;?> ><label for="cf_bbs_rewrite_<?php echo $k; ?>" class="rules_label"><?php echo $v['label']; ?></label></td> <td><input name="cf_bbs_rewrite" id="cf_bbs_rewrite_<?php echo $k; ?>" type="radio" value="<?php echo $k; ?>" <?php echo $checked; ?>><label for="cf_bbs_rewrite_<?php echo $k; ?>" class="rules_label"><?php echo $v['label']; ?></label></td>
<td><?php echo $v['url']; ?></td> <td><?php echo $v['url']; ?></td>
</tr> </tr>
<?php } //end foreach ?> <?php } //end foreach ?>
</tbody> </tbody>
</table> </table>
</div> </div>
@ -95,13 +97,13 @@ add_javascript('<script src="'.G5_JS_URL.'/remodal/remodal.js"></script>', 10);
</button> </button>
<h4 class="copy_title">.htaccess 파일에 적용할 코드입니다. <h4 class="copy_title">.htaccess 파일에 적용할 코드입니다.
<?php if( ! $is_apache_rewrite ) { ?> <?php if (!$is_apache_rewrite) { ?>
<br><span class="info-warning">Apache 서버인 경우 rewrite_module 이 비활성화 되어 있으면 짧은 주소를 사용할수 없습니다.</span> <br><span class="info-warning">Apache 서버인 경우 rewrite_module 이 비활성화 되어 있으면 짧은 주소를 사용할수 없습니다.</span>
<?php } else if ( ! $is_write_file && $is_apache_need_rules ) { ?> <?php } elseif (!$is_write_file && $is_apache_need_rules) { ?>
<br><span class="info-warning">자동으로 .htaccess 파일을 수정 할수 있는 권한이 없습니다.<br>.htaccess 파일이 없다면 생성 후에, 아래 코드가 없으면 코드를 복사하여 붙여넣기 해 주세요.</span> <br><span class="info-warning">자동으로 .htaccess 파일을 수정 할수 있는 권한이 없습니다.<br>.htaccess 파일이 없다면 생성 후에, 아래 코드가 없으면 코드를 복사하여 붙여넣기 해 주세요.</span>
<?php } else if ( ! $is_apache_need_rules ){ ?> <?php } elseif (!$is_apache_need_rules) { ?>
<br><span class="info-success">정상적으로 적용된 상태입니다.</span> <br><span class="info-success">정상적으로 적용된 상태입니다.</span>
<?php } ?> <?php } ?>
</h4> </h4>
<textarea readonly="readonly" rows="10"><?php echo get_mod_rewrite_rules(true); ?></textarea> <textarea readonly="readonly" rows="10"><?php echo get_mod_rewrite_rules(true); ?></textarea>
</div> </div>

170
adm/admin.head.php
View File

@ -1,25 +1,29 @@
<?php <?php
if (!defined('_GNUBOARD_')) exit; if (!defined('_GNUBOARD_')) {
exit;
}
$g5_debug['php']['begin_time'] = $begin_time = get_microtime(); $g5_debug['php']['begin_time'] = $begin_time = get_microtime();
$files = glob(G5_ADMIN_PATH.'/css/admin_extend_*'); $files = glob(G5_ADMIN_PATH . '/css/admin_extend_*');
if (is_array($files)) { if (is_array($files)) {
foreach ((array) $files as $k=>$css_file) { foreach ((array) $files as $k => $css_file) {
$fileinfo = pathinfo($css_file); $fileinfo = pathinfo($css_file);
$ext = $fileinfo['extension']; $ext = $fileinfo['extension'];
if( $ext !== 'css' ) continue; if ($ext !== 'css') {
continue;
}
$css_file = str_replace(G5_ADMIN_PATH, G5_ADMIN_URL, $css_file); $css_file = str_replace(G5_ADMIN_PATH, G5_ADMIN_URL, $css_file);
add_stylesheet('<link rel="stylesheet" href="'.$css_file.'">', $k); add_stylesheet('<link rel="stylesheet" href="' . $css_file . '">', $k);
} }
} }
include_once(G5_PATH.'/head.sub.php'); require_once G5_PATH . '/head.sub.php';
function print_menu1($key, $no='') function print_menu1($key, $no = '')
{ {
global $menu; global $menu;
@ -28,35 +32,39 @@ function print_menu1($key, $no='')
return $str; return $str;
} }
function print_menu2($key, $no='') function print_menu2($key, $no = '')
{ {
global $menu, $auth_menu, $is_admin, $auth, $g5, $sub_menu; global $menu, $auth_menu, $is_admin, $auth, $g5, $sub_menu;
$str = "<ul>"; $str = "<ul>";
for($i=1; $i<count($menu[$key]); $i++) for ($i = 1; $i < count($menu[$key]); $i++) {
{ if (!isset($menu[$key][$i])) {
if( ! isset($menu[$key][$i]) ){
continue; continue;
} }
if ($is_admin != 'super' && (!array_key_exists($menu[$key][$i][0],$auth) || !strstr($auth[$menu[$key][$i][0]], 'r'))) if ($is_admin != 'super' && (!array_key_exists($menu[$key][$i][0], $auth) || !strstr($auth[$menu[$key][$i][0]], 'r'))) {
continue; continue;
}
$gnb_grp_div = $gnb_grp_style = ''; $gnb_grp_div = $gnb_grp_style = '';
if (isset($menu[$key][$i][4])){ if (isset($menu[$key][$i][4])) {
if (($menu[$key][$i][4] == 1 && $gnb_grp_style == false) || ($menu[$key][$i][4] != 1 && $gnb_grp_style == true)) $gnb_grp_div = 'gnb_grp_div'; if (($menu[$key][$i][4] == 1 && $gnb_grp_style == false) || ($menu[$key][$i][4] != 1 && $gnb_grp_style == true)) {
$gnb_grp_div = 'gnb_grp_div';
}
if ($menu[$key][$i][4] == 1) $gnb_grp_style = 'gnb_grp_style'; if ($menu[$key][$i][4] == 1) {
$gnb_grp_style = 'gnb_grp_style';
}
} }
$current_class = ''; $current_class = '';
if ($menu[$key][$i][0] == $sub_menu){ if ($menu[$key][$i][0] == $sub_menu) {
$current_class = ' on'; $current_class = ' on';
} }
$str .= '<li data-menu="'.$menu[$key][$i][0].'"><a href="'.$menu[$key][$i][2].'" class="gnb_2da '.$gnb_grp_style.' '.$gnb_grp_div.$current_class.'">'.$menu[$key][$i][1].'</a></li>'; $str .= '<li data-menu="' . $menu[$key][$i][0] . '"><a href="' . $menu[$key][$i][2] . '" class="gnb_2da ' . $gnb_grp_style . ' ' . $gnb_grp_div . $current_class . '">' . $menu[$key][$i][1] . '</a></li>';
$auth_menu[$menu[$key][$i][0]] = $menu[$key][$i][1]; $auth_menu[$menu[$key][$i][0]] = $menu[$key][$i][1];
} }
@ -66,12 +74,12 @@ function print_menu2($key, $no='')
} }
$adm_menu_cookie = array( $adm_menu_cookie = array(
'container' => '', 'container' => '',
'gnb' => '', 'gnb' => '',
'btn_gnb' => '', 'btn_gnb' => '',
); );
if( ! empty($_COOKIE['g5_admin_btn_gnb']) ){ if (!empty($_COOKIE['g5_admin_btn_gnb'])) {
$adm_menu_cookie['container'] = 'container-small'; $adm_menu_cookie['container'] = 'container-small';
$adm_menu_cookie['gnb'] = 'gnb_small'; $adm_menu_cookie['gnb'] = 'gnb_small';
$adm_menu_cookie['btn_gnb'] = 'btn_gnb_open'; $adm_menu_cookie['btn_gnb'] = 'btn_gnb_open';
@ -79,26 +87,25 @@ if( ! empty($_COOKIE['g5_admin_btn_gnb']) ){
?> ?>
<script> <script>
var tempX = 0; var tempX = 0;
var tempY = 0; var tempY = 0;
function imageview(id, w, h) function imageview(id, w, h) {
{
menu(id); menu(id);
var el_id = document.getElementById(id); var el_id = document.getElementById(id);
//submenu = eval(name+".style"); //submenu = eval(name+".style");
submenu = el_id.style; submenu = el_id.style;
submenu.left = tempX - ( w + 11 ); submenu.left = tempX - (w + 11);
submenu.top = tempY - ( h / 2 ); submenu.top = tempY - (h / 2);
selectBoxVisible(); selectBoxVisible();
if (el_id.style.display != 'none') if (el_id.style.display != 'none')
selectBoxHidden(id); selectBoxHidden(id);
} }
</script> </script>
<div id="to_content"><a href="#container">본문 바로가기</a></div> <div id="to_content"><a href="#container">본문 바로가기</a></div>
@ -106,13 +113,13 @@ function imageview(id, w, h)
<header id="hd"> <header id="hd">
<h1><?php echo $config['cf_title'] ?></h1> <h1><?php echo $config['cf_title'] ?></h1>
<div id="hd_top"> <div id="hd_top">
<button type="button" id="btn_gnb" class="btn_gnb_close <?php echo $adm_menu_cookie['btn_gnb'];?>">메뉴</button> <button type="button" id="btn_gnb" class="btn_gnb_close <?php echo $adm_menu_cookie['btn_gnb']; ?>">메뉴</button>
<div id="logo"><a href="<?php echo correct_goto_url(G5_ADMIN_URL); ?>"><img src="<?php echo G5_ADMIN_URL ?>/img/logo.png" alt="<?php echo get_text($config['cf_title']); ?> 관리자"></a></div> <div id="logo"><a href="<?php echo correct_goto_url(G5_ADMIN_URL); ?>"><img src="<?php echo G5_ADMIN_URL ?>/img/logo.png" alt="<?php echo get_text($config['cf_title']); ?> 관리자"></a></div>
<div id="tnb"> <div id="tnb">
<ul> <ul>
<?php if (defined('G5_USE_SHOP') && G5_USE_SHOP) { ?> <?php if (defined('G5_USE_SHOP') && G5_USE_SHOP) { ?>
<li class="tnb_li"><a href="<?php echo G5_SHOP_URL ?>/" class="tnb_shop" target="_blank" title="쇼핑몰 바로가기">쇼핑몰 바로가기</a></li> <li class="tnb_li"><a href="<?php echo G5_SHOP_URL ?>/" class="tnb_shop" target="_blank" title="쇼핑몰 바로가기">쇼핑몰 바로가기</a></li>
<?php } ?> <?php } ?>
<li class="tnb_li"><a href="<?php echo G5_URL ?>/" class="tnb_community" target="_blank" title="커뮤니티 바로가기">커뮤니티 바로가기</a></li> <li class="tnb_li"><a href="<?php echo G5_URL ?>/" class="tnb_community" target="_blank" title="커뮤니티 바로가기">커뮤니티 바로가기</a></li>
<li class="tnb_li"><a href="<?php echo G5_ADMIN_URL ?>/service.php" class="tnb_service">부가서비스</a></li> <li class="tnb_li"><a href="<?php echo G5_ADMIN_URL ?>/service.php" class="tnb_service">부가서비스</a></li>
@ -130,33 +137,34 @@ function imageview(id, w, h)
<ul class="gnb_ul"> <ul class="gnb_ul">
<?php <?php
$jj = 1; $jj = 1;
foreach($amenu as $key=>$value) { foreach ($amenu as $key => $value) {
$href1 = $href2 = ''; $href1 = $href2 = '';
if (isset($menu['menu'.$key][0][2]) && $menu['menu'.$key][0][2]) { if (isset($menu['menu' . $key][0][2]) && $menu['menu' . $key][0][2]) {
$href1 = '<a href="'.$menu['menu'.$key][0][2].'" class="gnb_1da">'; $href1 = '<a href="' . $menu['menu' . $key][0][2] . '" class="gnb_1da">';
$href2 = '</a>'; $href2 = '</a>';
} else { } else {
continue; continue;
} }
$current_class = ""; $current_class = "";
if (isset($sub_menu) && (substr($sub_menu, 0, 3) == substr($menu['menu'.$key][0][0], 0, 3))) if (isset($sub_menu) && (substr($sub_menu, 0, 3) == substr($menu['menu' . $key][0][0], 0, 3))) {
$current_class = " on"; $current_class = " on";
}
$button_title = $menu['menu'.$key][0][1]; $button_title = $menu['menu' . $key][0][1];
?> ?>
<li class="gnb_li<?php echo $current_class;?>"> <li class="gnb_li<?php echo $current_class; ?>">
<button type="button" class="btn_op menu-<?php echo $key; ?> menu-order-<?php echo $jj; ?>" title="<?php echo $button_title; ?>"><?php echo $button_title;?></button> <button type="button" class="btn_op menu-<?php echo $key; ?> menu-order-<?php echo $jj; ?>" title="<?php echo $button_title; ?>"><?php echo $button_title; ?></button>
<div class="gnb_oparea_wr"> <div class="gnb_oparea_wr">
<div class="gnb_oparea"> <div class="gnb_oparea">
<h3><?php echo $menu['menu'.$key][0][1];?></h3> <h3><?php echo $menu['menu' . $key][0][1]; ?></h3>
<?php echo print_menu1('menu'.$key, 1); ?> <?php echo print_menu1('menu' . $key, 1); ?>
</div>
</div> </div>
</div> </li>
</li>
<?php <?php
$jj++; $jj++;
} //end foreach } //end foreach
?> ?>
</ul> </ul>
@ -164,39 +172,37 @@ function imageview(id, w, h)
</header> </header>
<script> <script>
jQuery(function($){ jQuery(function($) {
var menu_cookie_key = 'g5_admin_btn_gnb'; var menu_cookie_key = 'g5_admin_btn_gnb';
$(".tnb_mb_btn").click(function(){ $(".tnb_mb_btn").click(function() {
$(".tnb_mb_area").toggle(); $(".tnb_mb_area").toggle();
}); });
$("#btn_gnb").click(function(){ $("#btn_gnb").click(function() {
var $this = $(this);
try { var $this = $(this);
if( ! $this.hasClass("btn_gnb_open") ){
set_cookie(menu_cookie_key, 1, 60*60*24*365);
} else {
delete_cookie(menu_cookie_key);
}
}
catch(err) {
}
$("#container").toggleClass("container-small"); try {
$("#gnb").toggleClass("gnb_small"); if (!$this.hasClass("btn_gnb_open")) {
$this.toggleClass("btn_gnb_open"); set_cookie(menu_cookie_key, 1, 60 * 60 * 24 * 365);
} else {
delete_cookie(menu_cookie_key);
}
} catch (err) {}
$("#container").toggleClass("container-small");
$("#gnb").toggleClass("gnb_small");
$this.toggleClass("btn_gnb_open");
});
$(".gnb_ul li .btn_op").click(function() {
$(this).parent().addClass("on").siblings().removeClass("on");
});
}); });
$(".gnb_ul li .btn_op" ).click(function() {
$(this).parent().addClass("on").siblings().removeClass("on");
});
});
</script> </script>

425
adm/admin.lib.php
View File

@ -1,5 +1,7 @@
<?php <?php
if (!defined('_GNUBOARD_')) exit; if (!defined('_GNUBOARD_')) {
exit;
}
/* /*
// 081022 : CSRF 방지를 위해 코드를 작성했으나 효과가 없어 주석처리 함 // 081022 : CSRF 방지를 위해 코드를 작성했으나 효과가 없어 주석처리 함
@ -10,17 +12,17 @@ if (!get_session('ss_admin')) {
*/ */
// 스킨디렉토리를 SELECT 형식으로 얻음 // 스킨디렉토리를 SELECT 형식으로 얻음
function get_skin_select($skin_gubun, $id, $name, $selected='', $event='') function get_skin_select($skin_gubun, $id, $name, $selected = '', $event = '')
{ {
global $config; global $config;
$skins = array(); $skins = array();
if(defined('G5_THEME_PATH') && $config['cf_theme']) { if (defined('G5_THEME_PATH') && $config['cf_theme']) {
$dirs = get_skin_dir($skin_gubun, G5_THEME_PATH.'/'.G5_SKIN_DIR); $dirs = get_skin_dir($skin_gubun, G5_THEME_PATH . '/' . G5_SKIN_DIR);
if(!empty($dirs)) { if (!empty($dirs)) {
foreach($dirs as $dir) { foreach ($dirs as $dir) {
$skins[] = 'theme/'.$dir; $skins[] = 'theme/' . $dir;
} }
} }
} }
@ -28,12 +30,15 @@ function get_skin_select($skin_gubun, $id, $name, $selected='', $event='')
$skins = array_merge($skins, get_skin_dir($skin_gubun)); $skins = array_merge($skins, get_skin_dir($skin_gubun));
$str = "<select id=\"$id\" name=\"$name\" $event>\n"; $str = "<select id=\"$id\" name=\"$name\" $event>\n";
for ($i=0; $i<count($skins); $i++) { for ($i = 0; $i < count($skins); $i++) {
if ($i == 0) $str .= "<option value=\"\">선택</option>"; if ($i == 0) {
if(preg_match('#^theme/(.+)$#', $skins[$i], $match)) $str .= "<option value=\"\">선택</option>";
$text = '(테마) '.$match[1]; }
else if (preg_match('#^theme/(.+)$#', $skins[$i], $match)) {
$text = '(테마) ' . $match[1];
} else {
$text = $skins[$i]; $text = $skins[$i];
}
$str .= option_selected($skins[$i], $selected, $text); $str .= option_selected($skins[$i], $selected, $text);
} }
@ -42,30 +47,33 @@ function get_skin_select($skin_gubun, $id, $name, $selected='', $event='')
} }
// 모바일 스킨디렉토리를 SELECT 형식으로 얻음 // 모바일 스킨디렉토리를 SELECT 형식으로 얻음
function get_mobile_skin_select($skin_gubun, $id, $name, $selected='', $event='') function get_mobile_skin_select($skin_gubun, $id, $name, $selected = '', $event = '')
{ {
global $config; global $config;
$skins = array(); $skins = array();
if(defined('G5_THEME_PATH') && $config['cf_theme']) { if (defined('G5_THEME_PATH') && $config['cf_theme']) {
$dirs = get_skin_dir($skin_gubun, G5_THEME_MOBILE_PATH.'/'.G5_SKIN_DIR); $dirs = get_skin_dir($skin_gubun, G5_THEME_MOBILE_PATH . '/' . G5_SKIN_DIR);
if(!empty($dirs)) { if (!empty($dirs)) {
foreach($dirs as $dir) { foreach ($dirs as $dir) {
$skins[] = 'theme/'.$dir; $skins[] = 'theme/' . $dir;
} }
} }
} }
$skins = array_merge($skins, get_skin_dir($skin_gubun, G5_MOBILE_PATH.'/'.G5_SKIN_DIR)); $skins = array_merge($skins, get_skin_dir($skin_gubun, G5_MOBILE_PATH . '/' . G5_SKIN_DIR));
$str = "<select id=\"$id\" name=\"$name\" $event>\n"; $str = "<select id=\"$id\" name=\"$name\" $event>\n";
for ($i=0; $i<count($skins); $i++) { for ($i = 0; $i < count($skins); $i++) {
if ($i == 0) $str .= "<option value=\"\">선택</option>"; if ($i == 0) {
if(preg_match('#^theme/(.+)$#', $skins[$i], $match)) $str .= "<option value=\"\">선택</option>";
$text = '(테마) '.$match[1]; }
else if (preg_match('#^theme/(.+)$#', $skins[$i], $match)) {
$text = '(테마) ' . $match[1];
} else {
$text = $skins[$i]; $text = $skins[$i];
}
$str .= option_selected($skins[$i], $selected, $text); $str .= option_selected($skins[$i], $selected, $text);
} }
@ -75,21 +83,26 @@ function get_mobile_skin_select($skin_gubun, $id, $name, $selected='', $event=''
// 스킨경로를 얻는다 // 스킨경로를 얻는다
function get_skin_dir($skin, $skin_path=G5_SKIN_PATH) function get_skin_dir($skin, $skin_path = G5_SKIN_PATH)
{ {
global $g5; global $g5;
$result_array = array(); $result_array = array();
$dirname = $skin_path.'/'.$skin.'/'; $dirname = $skin_path . '/' . $skin . '/';
if(!is_dir($dirname)) if (!is_dir($dirname)) {
return array(); return array();
}
$handle = opendir($dirname); $handle = opendir($dirname);
while ($file = readdir($handle)) { while ($file = readdir($handle)) {
if($file == '.'||$file == '..') continue; if ($file == '.' || $file == '..') {
continue;
}
if (is_dir($dirname.$file)) $result_array[] = $file; if (is_dir($dirname . $file)) {
$result_array[] = $file;
}
} }
closedir($handle); closedir($handle);
sort($result_array); sort($result_array);
@ -103,15 +116,18 @@ function get_theme_dir()
{ {
$result_array = array(); $result_array = array();
$dirname = G5_PATH.'/'.G5_THEME_DIR.'/'; $dirname = G5_PATH . '/' . G5_THEME_DIR . '/';
$handle = opendir($dirname); $handle = opendir($dirname);
while ($file = readdir($handle)) { while ($file = readdir($handle)) {
if($file == '.'||$file == '..') continue; if ($file == '.' || $file == '..') {
continue;
}
if (is_dir($dirname.$file)) { if (is_dir($dirname . $file)) {
$theme_path = $dirname.$file; $theme_path = $dirname . $file;
if(is_file($theme_path.'/index.php') && is_file($theme_path.'/head.php') && is_file($theme_path.'/tail.php')) if (is_file($theme_path . '/index.php') && is_file($theme_path . '/head.php') && is_file($theme_path . '/tail.php')) {
$result_array[] = $file; $result_array[] = $file;
}
} }
} }
closedir($handle); closedir($handle);
@ -125,21 +141,23 @@ function get_theme_dir()
function get_theme_info($dir) function get_theme_info($dir)
{ {
$info = array(); $info = array();
$path = G5_PATH.'/'.G5_THEME_DIR.'/'.$dir; $path = G5_PATH . '/' . G5_THEME_DIR . '/' . $dir;
if(is_dir($path)) { if (is_dir($path)) {
$screenshot = $path.'/screenshot.png'; $screenshot = $path . '/screenshot.png';
if(is_file($screenshot)) { $screenshot_url = '';
if (is_file($screenshot)) {
$size = @getimagesize($screenshot); $size = @getimagesize($screenshot);
if($size[2] == 3) if ($size[2] == 3) {
$screenshot_url = str_replace(G5_PATH, G5_URL, $screenshot); $screenshot_url = str_replace(G5_PATH, G5_URL, $screenshot);
}
} }
$info['screenshot'] = $screenshot_url; $info['screenshot'] = $screenshot_url;
$text = $path.'/readme.txt'; $text = $path . '/readme.txt';
if(is_file($text)) { if (is_file($text)) {
$content = file($text, false); $content = file($text, false);
$content = array_map('trim', $content); $content = array_map('trim', $content);
@ -162,8 +180,9 @@ function get_theme_info($dir)
$info['license_uri'] = trim($m7[1]); $info['license_uri'] = trim($m7[1]);
} }
if(!$info['theme_name']) if (!$info['theme_name']) {
$info['theme_name'] = $dir; $info['theme_name'] = $dir;
}
} }
return $info; return $info;
@ -171,19 +190,19 @@ function get_theme_info($dir)
// 테마설정 정보 // 테마설정 정보
function get_theme_config_value($dir, $key='*') function get_theme_config_value($dir, $key = '*')
{ {
$tconfig = array(); $tconfig = array();
$theme_config_file = G5_PATH.'/'.G5_THEME_DIR.'/'.$dir.'/theme.config.php'; $theme_config_file = G5_PATH . '/' . G5_THEME_DIR . '/' . $dir . '/theme.config.php';
if(is_file($theme_config_file)) { if (is_file($theme_config_file)) {
include($theme_config_file); include $theme_config_file;
// 22.05.26 Undefined Variable $theme_config;
if($key == '*') { if ($key == '*') {
$tconfig = $theme_config; $tconfig = $theme_config;
} else { } else {
$keys = array_map('trim', explode(',', $key)); $keys = array_map('trim', explode(',', $key));
foreach($keys as $v) { foreach ($keys as $v) {
$tconfig[$v] = isset($theme_config[$v]) ? trim($theme_config[$v]) : ''; $tconfig[$v] = isset($theme_config[$v]) ? trim($theme_config[$v]) : '';
} }
} }
@ -194,17 +213,20 @@ function get_theme_config_value($dir, $key='*')
// 회원권한을 SELECT 형식으로 얻음 // 회원권한을 SELECT 형식으로 얻음
function get_member_level_select($name, $start_id=0, $end_id=10, $selected="", $event="") function get_member_level_select($name, $start_id = 0, $end_id = 10, $selected = "", $event = "")
{ {
global $g5; global $g5;
$str = "\n<select id=\"{$name}\" name=\"{$name}\""; $str = "\n<select id=\"{$name}\" name=\"{$name}\"";
if ($event) $str .= " $event"; if ($event) {
$str .= " $event";
}
$str .= ">\n"; $str .= ">\n";
for ($i=$start_id; $i<=$end_id; $i++) { for ($i = $start_id; $i <= $end_id; $i++) {
$str .= '<option value="'.$i.'"'; $str .= '<option value="' . $i . '"';
if ($i == $selected) if ($i == $selected) {
$str .= ' selected="selected"'; $str .= ' selected="selected"';
}
$str .= ">{$i}</option>\n"; $str .= ">{$i}</option>\n";
} }
$str .= "</select>\n"; $str .= "</select>\n";
@ -213,44 +235,48 @@ function get_member_level_select($name, $start_id=0, $end_id=10, $selected="", $
// 회원아이디를 SELECT 형식으로 얻음 // 회원아이디를 SELECT 형식으로 얻음
function get_member_id_select($name, $level, $selected="", $event="") function get_member_id_select($name, $level, $selected = "", $event = "")
{ {
global $g5; global $g5;
$sql = " select mb_id from {$g5['member_table']} where mb_level >= '{$level}' "; $sql = " select mb_id from {$g5['member_table']} where mb_level >= '{$level}' ";
$result = sql_query($sql); $result = sql_query($sql);
$str = '<select id="'.$name.'" name="'.$name.'" '.$event.'><option value="">선택안함</option>'; $str = '<select id="' . $name . '" name="' . $name . '" ' . $event . '><option value="">선택안함</option>';
for ($i=0; $row=sql_fetch_array($result); $i++) for ($i = 0; $row = sql_fetch_array($result); $i++) {
{ $str .= '<option value="' . $row['mb_id'] . '"';
$str .= '<option value="'.$row['mb_id'].'"'; if ($row['mb_id'] == $selected) {
if ($row['mb_id'] == $selected) $str .= ' selected'; $str .= ' selected';
$str .= '>'.$row['mb_id'].'</option>'; }
$str .= '>' . $row['mb_id'] . '</option>';
} }
$str .= '</select>'; $str .= '</select>';
return $str; return $str;
} }
// php8 버전 호환 권한 검사 함수 // php8 버전 호환 권한 검사 함수
function auth_check_menu($auth, $sub_menu, $attr, $return=false) { function auth_check_menu($auth, $sub_menu, $attr, $return = false)
{
$check_auth = isset($auth[$sub_menu]) ? $auth[$sub_menu] : ''; $check_auth = isset($auth[$sub_menu]) ? $auth[$sub_menu] : '';
return auth_check($check_auth, $attr, $return); return auth_check($check_auth, $attr, $return);
} }
// 권한 검사 // 권한 검사
function auth_check($auth, $attr, $return=false) function auth_check($auth, $attr, $return = false)
{ {
global $is_admin; global $is_admin;
if ($is_admin == 'super') return; if ($is_admin == 'super') {
return;
}
if (!trim($auth)) { if (!trim($auth)) {
$msg = '이 메뉴에는 접근 권한이 없습니다.\\n\\n접근 권한은 최고관리자만 부여할 수 있습니다.'; $msg = '이 메뉴에는 접근 권한이 없습니다.\\n\\n접근 권한은 최고관리자만 부여할 수 있습니다.';
if($return) if ($return) {
return $msg; return $msg;
else } else {
alert($msg); alert($msg);
}
} }
$attr = strtolower($attr); $attr = strtolower($attr);
@ -258,44 +284,49 @@ function auth_check($auth, $attr, $return=false)
if (!strstr($auth, $attr)) { if (!strstr($auth, $attr)) {
if ($attr == 'r') { if ($attr == 'r') {
$msg = '읽을 권한이 없습니다.'; $msg = '읽을 권한이 없습니다.';
if($return) if ($return) {
return $msg; return $msg;
else } else {
alert($msg); alert($msg);
}
} else if ($attr == 'w') { } else if ($attr == 'w') {
$msg = '입력, 추가, 생성, 수정 권한이 없습니다.'; $msg = '입력, 추가, 생성, 수정 권한이 없습니다.';
if($return) if ($return) {
return $msg; return $msg;
else } else {
alert($msg); alert($msg);
}
} else if ($attr == 'd') { } else if ($attr == 'd') {
$msg = '삭제 권한이 없습니다.'; $msg = '삭제 권한이 없습니다.';
if($return) if ($return) {
return $msg; return $msg;
else } else {
alert($msg); alert($msg);
}
} else { } else {
$msg = '속성이 잘못 되었습니다.'; $msg = '속성이 잘못 되었습니다.';
if($return) if ($return) {
return $msg; return $msg;
else } else {
alert($msg); alert($msg);
}
} }
} }
} }
// 작업아이콘 출력 // 작업아이콘 출력
function icon($act, $link='', $target='_parent') function icon($act, $link = '', $target = '_parent')
{ {
global $g5; global $g5;
$img = array('입력'=>'insert', '추가'=>'insert', '생성'=>'insert', '수정'=>'modify', '삭제'=>'delete', '이동'=>'move', '그룹'=>'move', '보기'=>'view', '미리보기'=>'view', '복사'=>'copy'); $img = array('입력' => 'insert', '추가' => 'insert', '생성' => 'insert', '수정' => 'modify', '삭제' => 'delete', '이동' => 'move', '그룹' => 'move', '보기' => 'view', '미리보기' => 'view', '복사' => 'copy');
$icon = '<img src="'.G5_ADMIN_PATH.'/img/icon_'.$img[$act].'.gif" title="'.$act.'">'; $icon = '<img src="' . G5_ADMIN_PATH . '/img/icon_' . $img[$act] . '.gif" title="' . $act . '">';
if ($link) if ($link) {
$s = '<a href="'.$link.'">'.$icon.'</a>'; $s = '<a href="' . $link . '">' . $icon . '</a>';
else } else {
$s = $icon; $s = $icon;
}
return $s; return $s;
} }
@ -307,9 +338,10 @@ function rm_rf($file)
if (file_exists($file)) { if (file_exists($file)) {
if (is_dir($file)) { if (is_dir($file)) {
$handle = opendir($file); $handle = opendir($file);
while($filename = readdir($handle)) { while ($filename = readdir($handle)) {
if ($filename != '.' && $filename != '..') if ($filename != '.' && $filename != '..') {
rm_rf($file.'/'.$filename); rm_rf($file . '/' . $filename);
}
} }
closedir($handle); closedir($handle);
@ -323,21 +355,21 @@ function rm_rf($file)
} }
// 입력 폼 안내문 // 입력 폼 안내문
function help($help="") function help($help = "")
{ {
global $g5; global $g5;
$str = '<span class="frm_info">'.str_replace("\n", "<br>", $help).'</span>'; $str = '<span class="frm_info">' . str_replace("\n", "<br>", $help) . '</span>';
return $str; return $str;
} }
// 출력순서 // 출력순서
function order_select($fld, $sel='') function order_select($fld, $sel = '')
{ {
$s = '<select name="'.$fld.'" id="'.$fld.'">'; $s = '<select name="' . $fld . '" id="' . $fld . '">';
for ($i=1; $i<=100; $i++) { for ($i = 1; $i <= 100; $i++) {
$s .= '<option value="'.$i.'" '; $s .= '<option value="' . $i . '" ';
if ($sel) { if ($sel) {
if ($i == $sel) { if ($i == $sel) {
$s .= 'selected'; $s .= 'selected';
@ -347,7 +379,7 @@ function order_select($fld, $sel='')
$s .= 'selected'; $s .= 'selected';
} }
} }
$s .= '>'.$i.'</option>'; $s .= '>' . $i . '</option>';
} }
$s .= '</select>'; $s .= '</select>';
@ -364,11 +396,12 @@ function get_admin_token()
} }
// 관리자가 자동등록방지를 사용해야 할 경우 // 관리자가 자동등록방지를 사용해야 할 경우
function get_admin_captcha_by($type='get'){ function get_admin_captcha_by($type = 'get')
{
$captcha_name = 'ss_admin_use_captcha'; $captcha_name = 'ss_admin_use_captcha';
if($type === 'remove'){ if ($type === 'remove') {
set_session($captcha_name, ''); set_session($captcha_name, '');
} }
@ -376,9 +409,10 @@ function get_admin_captcha_by($type='get'){
} }
//input value 에서 xss 공격 filter 역할을 함 ( 반드시 input value='' 타입에만 사용할것 ) //input value 에서 xss 공격 filter 역할을 함 ( 반드시 input value='' 타입에만 사용할것 )
function get_sanitize_input($s, $is_html=false){ function get_sanitize_input($s, $is_html = false)
{
if(!$is_html){ if (!$is_html) {
$s = strip_tags($s); $s = strip_tags($s);
} }
@ -387,50 +421,51 @@ function get_sanitize_input($s, $is_html=false){
return $s; return $s;
} }
function check_log_folder($log_path, $is_delete=true){ function check_log_folder($log_path, $is_delete = true)
{
if( is_writable($log_path) ){ if (is_writable($log_path)) {
// 아파치 서버인 경우 웹에서 해당 폴더 접근 막기 // 아파치 서버인 경우 웹에서 해당 폴더 접근 막기
$htaccess_file = $log_path.'/.htaccess'; $htaccess_file = $log_path . '/.htaccess';
if ( !file_exists( $htaccess_file ) ) { if (!file_exists($htaccess_file)) {
if ( $handle = @fopen( $htaccess_file, 'w' ) ) { if ($handle = @fopen($htaccess_file, 'w')) {
fwrite( $handle, 'Order deny,allow' . "\n" ); fwrite($handle, 'Order deny,allow' . "\n");
fwrite( $handle, 'Deny from all' . "\n" ); fwrite($handle, 'Deny from all' . "\n");
fclose( $handle ); fclose($handle);
} }
} }
// 아파치 서버인 경우 해당 디렉토리 파일 목록 안보이게 하기 // 아파치 서버인 경우 해당 디렉토리 파일 목록 안보이게 하기
$index_file = $log_path . '/index.php'; $index_file = $log_path . '/index.php';
if ( !file_exists( $index_file ) ) { if (!file_exists($index_file)) {
if ( $handle = @fopen( $index_file, 'w' ) ) { if ($handle = @fopen($index_file, 'w')) {
fwrite( $handle, '' ); fwrite($handle, '');
fclose( $handle ); fclose($handle);
} }
} }
} }
if( $is_delete ) {
try {
// txt 파일과 log 파일을 조회하여 30일이 지난 파일은 삭제합니다.
$txt_files = glob($log_path.'/*.txt');
$log_files = glob($log_path.'/*.log');
$del_files = array_merge($txt_files, $log_files);
if( $del_files && is_array($del_files) ){ if ($is_delete) {
foreach ($del_files as $del_file) { try {
$filetime = filemtime($del_file); // txt 파일과 log 파일을 조회하여 30일이 지난 파일은 삭제합니다.
// 30일이 지난 파일을 삭제 $txt_files = glob($log_path . '/*.txt');
if($filetime && $filetime < (G5_SERVER_TIME - 2592000)) { $log_files = glob($log_path . '/*.log');
@unlink($del_file);
} $del_files = array_merge($txt_files, $log_files);
}
} if ($del_files && is_array($del_files)) {
} catch(Exception $e) { foreach ($del_files as $del_file) {
} $filetime = filemtime($del_file);
} // 30일이 지난 파일을 삭제
if ($filetime && $filetime < (G5_SERVER_TIME - 2592000)) {
@unlink($del_file);
}
}
}
} catch (Exception $e) {
}
}
} }
// POST로 넘어온 토큰과 세션에 저장된 토큰 비교 // POST로 넘어온 토큰과 세션에 저장된 토큰 비교
@ -439,23 +474,25 @@ function check_admin_token()
$token = get_session('ss_admin_token'); $token = get_session('ss_admin_token');
set_session('ss_admin_token', ''); set_session('ss_admin_token', '');
if(!$token || !$_REQUEST['token'] || $token != $_REQUEST['token']) if (!$token || !$_REQUEST['token'] || $token != $_REQUEST['token']) {
alert('올바른 방법으로 이용해 주십시오.', G5_URL); alert('올바른 방법으로 이용해 주십시오.', G5_URL);
}
return true; return true;
} }
// 관리자 페이지 referer 체크 // 관리자 페이지 referer 체크
function admin_referer_check($return=false) function admin_referer_check($return = false)
{ {
$referer = isset($_SERVER['HTTP_REFERER']) ? trim($_SERVER['HTTP_REFERER']) : ''; $referer = isset($_SERVER['HTTP_REFERER']) ? trim($_SERVER['HTTP_REFERER']) : '';
if(!$referer) { if (!$referer) {
$msg = '정보가 올바르지 않습니다.'; $msg = '정보가 올바르지 않습니다.';
if($return) if ($return) {
return $msg; return $msg;
else } else {
alert($msg, G5_URL); alert($msg, G5_URL);
}
} }
$p = @parse_url($referer); $p = @parse_url($referer);
@ -463,16 +500,16 @@ function admin_referer_check($return=false)
$host = preg_replace('/:[0-9]+$/', '', $_SERVER['HTTP_HOST']); $host = preg_replace('/:[0-9]+$/', '', $_SERVER['HTTP_HOST']);
$msg = ''; $msg = '';
if($host != $p['host']) { if ($host != $p['host']) {
$msg = '올바른 방법으로 이용해 주십시오.'; $msg = '올바른 방법으로 이용해 주십시오.';
} }
if( $p['path'] && ! preg_match( '/\/'.preg_quote(G5_ADMIN_DIR).'\//i', $p['path'] ) ){ if ($p['path'] && !preg_match('/\/' . preg_quote(G5_ADMIN_DIR) . '\//i', $p['path'])) {
$msg = '올바른 방법으로 이용해 주십시오'; $msg = '올바른 방법으로 이용해 주십시오';
} }
if( $msg ){ if ($msg) {
if($return) { if ($return) {
return $msg; return $msg;
} else { } else {
alert($msg, G5_URL); alert($msg, G5_URL);
@ -480,17 +517,22 @@ function admin_referer_check($return=false)
} }
} }
function admin_check_xss_params($params){ function admin_check_xss_params($params)
{
if( ! $params ) return; if (!$params) {
return;
}
foreach( $params as $key=>$value ){ foreach ($params as $key => $value) {
if ( empty($value) ) continue; if (empty($value)) {
continue;
}
if( is_array($value) ){ if (is_array($value)) {
admin_check_xss_params($value); admin_check_xss_params($value);
} else if ( (preg_match('/<\s?[^\>]*\/?\s?>/i', $value) && (preg_match('/script.*?\/script/ius', $value) || preg_match('/[onload|onerror]=.*/ius', $value))) || preg_match('/^(?=.*token\()(?=.*xmlhttprequest\()(?=.*send\().*$/im', $value) || (preg_match('/[onload|onerror|focus]=.*/ius', $value) && preg_match('/(eval|expression|exec|prompt)(\s*)\((.*)\)/ius', $value)) ){ } else if ((preg_match('/<\s?[^\>]*\/?\s?>/i', $value) && (preg_match('/script.*?\/script/ius', $value) || preg_match('/[onload|onerror]=.*/ius', $value))) || preg_match('/^(?=.*token\()(?=.*xmlhttprequest\()(?=.*send\().*$/im', $value) || (preg_match('/[onload|onerror|focus]=.*/ius', $value) && preg_match('/(eval|expression|exec|prompt)(\s*)\((.*)\)/ius', $value))) {
alert('요청 쿼리에 잘못된 스크립트문장이 있습니다.\\nXSS 공격일수도 있습니다.', G5_URL); alert('요청 쿼리에 잘못된 스크립트문장이 있습니다.\\nXSS 공격일수도 있습니다.', G5_URL);
die(); die();
} }
@ -499,31 +541,38 @@ function admin_check_xss_params($params){
return; return;
} }
function admin_menu_find_by($call, $search_key){ function admin_menu_find_by($call, $search_key)
{
global $menu; global $menu;
static $cache_menu = array();
if( empty($cache_menu) ){
foreach( $menu as $k1=>$arr1 ){
if (empty($arr1) ) continue; static $cache_menu = array();
foreach( $arr1 as $k2=>$arr2 ){
if (empty($arr2) ) continue; if (empty($cache_menu)) {
foreach ($menu as $k1 => $arr1) {
if (empty($arr1)) {
continue;
}
foreach ($arr1 as $k2 => $arr2) {
if (empty($arr2)) {
continue;
}
$menu_key = isset($arr2[3]) ? $arr2[3] : ''; $menu_key = isset($arr2[3]) ? $arr2[3] : '';
if (empty($menu_key) ) continue; if (empty($menu_key)) {
continue;
}
$cache_menu[$menu_key] = array( $cache_menu[$menu_key] = array(
'sub_menu'=>$arr2[0], 'sub_menu' => $arr2[0],
'title'=>$arr2[1], 'title' => $arr2[1],
'link'=>$arr2[2], 'link' => $arr2[2],
); );
} }
} }
} }
if( isset($cache_menu[$call]) && isset($cache_menu[$call][$search_key]) ){ if (isset($cache_menu[$call]) && isset($cache_menu[$call][$search_key])) {
return $cache_menu[$call][$search_key]; return $cache_menu[$call][$search_key];
} }
@ -531,22 +580,17 @@ function admin_menu_find_by($call, $search_key){
} }
// 접근 권한 검사 // 접근 권한 검사
if (!$member['mb_id']) if (!$member['mb_id']) {
{ alert('로그인 하십시오.', G5_BBS_URL . '/login.php?url=' . urlencode(correct_goto_url(G5_ADMIN_URL)));
alert('로그인 하십시오.', G5_BBS_URL.'/login.php?url=' . urlencode(correct_goto_url(G5_ADMIN_URL))); } else if ($is_admin != 'super') {
}
else if ($is_admin != 'super')
{
$auth = array(); $auth = array();
$sql = " select au_menu, au_auth from {$g5['auth_table']} where mb_id = '{$member['mb_id']}' "; $sql = " select au_menu, au_auth from {$g5['auth_table']} where mb_id = '{$member['mb_id']}' ";
$result = sql_query($sql); $result = sql_query($sql);
for($i=0; $row=sql_fetch_array($result); $i++) for ($i = 0; $row = sql_fetch_array($result); $i++) {
{
$auth[$row['au_menu']] = $row['au_auth']; $auth[$row['au_menu']] = $row['au_auth'];
} }
if (!$i) if (!$i) {
{
alert('최고관리자 또는 관리권한이 있는 회원만 접근 가능합니다.', G5_URL); alert('최고관리자 또는 관리권한이 있는 회원만 접근 가능합니다.', G5_URL);
} }
} }
@ -557,14 +601,14 @@ if (get_session('ss_mb_key') !== $admin_key) {
session_destroy(); session_destroy();
include_once(G5_LIB_PATH.'/mailer.lib.php'); include_once G5_LIB_PATH . '/mailer.lib.php';
// 메일 알림 // 메일 알림
mailer($member['mb_nick'], $member['mb_email'], $member['mb_email'], 'XSS 공격 알림', $_SERVER['REMOTE_ADDR'].' 아이피로 XSS 공격이 있었습니다.<br><br>관리자 권한을 탈취하려는 접근이므로 주의하시기 바랍니다.<br><br>해당 아이피는 차단하시고 의심되는 게시물이 있는지 확인하시기 바랍니다.'.G5_URL, 0); mailer($member['mb_nick'], $member['mb_email'], $member['mb_email'], 'XSS 공격 알림', $_SERVER['REMOTE_ADDR'] . ' 아이피로 XSS 공격이 있었습니다.<br><br>관리자 권한을 탈취하려는 접근이므로 주의하시기 바랍니다.<br><br>해당 아이피는 차단하시고 의심되는 게시물이 있는지 확인하시기 바랍니다.' . G5_URL, 0);
alert_close('정상적으로 로그인하여 접근하시기 바랍니다.'); alert_close('정상적으로 로그인하여 접근하시기 바랍니다.');
} }
if(isset($auth) && is_array($auth)) { if (isset($auth) && is_array($auth)) {
@ksort($auth); @ksort($auth);
} else { } else {
$auth = array(); $auth = array();
@ -577,33 +621,44 @@ unset($amenu);
$tmp = dir(G5_ADMIN_PATH); $tmp = dir(G5_ADMIN_PATH);
$menu_files = array(); $menu_files = array();
while ($entry = $tmp->read()) { while ($entry = $tmp->read()) {
if (!preg_match('/^admin.menu([0-9]{3}).*\.php$/', $entry, $m)) if (!preg_match('/^admin.menu([0-9]{3}).*\.php$/', $entry, $m)) {
continue; // 파일명이 menu 으로 시작하지 않으면 무시한다. continue; // 파일명이 menu 으로 시작하지 않으면 무시한다.
}
$amenu[$m[1]] = $entry; $amenu[$m[1]] = $entry;
$menu_files[] = G5_ADMIN_PATH.'/'.$entry; $menu_files[] = G5_ADMIN_PATH . '/' . $entry;
} }
@asort($menu_files); @asort($menu_files);
foreach($menu_files as $file){ foreach ($menu_files as $file) {
include_once($file); include_once $file;
} }
@ksort($amenu); @ksort($amenu);
$amenu = run_replace('admin_amenu', $amenu); $amenu = run_replace('admin_amenu', $amenu);
if( isset($menu) && $menu ){ if (isset($menu) && $menu) {
$menu = run_replace('admin_menu', $menu); $menu = run_replace('admin_menu', $menu);
} }
$arr_query = array(); $arr_query = array();
if (isset($sst)) $arr_query[] = 'sst='.$sst; if (isset($sst)) {
if (isset($sod)) $arr_query[] = 'sod='.$sod; $arr_query[] = 'sst=' . $sst;
if (isset($sfl)) $arr_query[] = 'sfl='.$sfl; }
if (isset($stx)) $arr_query[] = 'stx='.$stx; if (isset($sod)) {
if (isset($page)) $arr_query[] = 'page='.$page; $arr_query[] = 'sod=' . $sod;
}
if (isset($sfl)) {
$arr_query[] = 'sfl=' . $sfl;
}
if (isset($stx)) {
$arr_query[] = 'stx=' . $stx;
}
if (isset($page)) {
$arr_query[] = 'page=' . $page;
}
$qstr = implode("&amp;", $arr_query); $qstr = implode("&amp;", $arr_query);
if ( isset($_REQUEST) && $_REQUEST ){ if (isset($_REQUEST) && $_REQUEST) {
if( admin_referer_check(true) ){ if (admin_referer_check(true)) {
admin_check_xss_params($_REQUEST); admin_check_xss_params($_REQUEST);
} }
} }

36
adm/admin.menu100.php
View File

@ -1,23 +1,23 @@
<?php <?php
$menu['menu100'] = array ( $menu['menu100'] = array(
array('100000', '환경설정', G5_ADMIN_URL.'/config_form.php', 'config'), array('100000', '환경설정', G5_ADMIN_URL . '/config_form.php', 'config'),
array('100100', '기본환경설정', G5_ADMIN_URL.'/config_form.php', 'cf_basic'), array('100100', '기본환경설정', G5_ADMIN_URL . '/config_form.php', 'cf_basic'),
array('100200', '관리권한설정', G5_ADMIN_URL.'/auth_list.php', 'cf_auth'), array('100200', '관리권한설정', G5_ADMIN_URL . '/auth_list.php', 'cf_auth'),
array('100280', '테마설정', G5_ADMIN_URL.'/theme.php', 'cf_theme', 1), array('100280', '테마설정', G5_ADMIN_URL . '/theme.php', 'cf_theme', 1),
array('100290', '메뉴설정', G5_ADMIN_URL.'/menu_list.php', 'cf_menu', 1), array('100290', '메뉴설정', G5_ADMIN_URL . '/menu_list.php', 'cf_menu', 1),
array('100300', '메일 테스트', G5_ADMIN_URL.'/sendmail_test.php', 'cf_mailtest'), array('100300', '메일 테스트', G5_ADMIN_URL . '/sendmail_test.php', 'cf_mailtest'),
array('100310', '팝업레이어관리', G5_ADMIN_URL.'/newwinlist.php', 'scf_poplayer'), array('100310', '팝업레이어관리', G5_ADMIN_URL . '/newwinlist.php', 'scf_poplayer'),
array('100800', '세션파일 일괄삭제',G5_ADMIN_URL.'/session_file_delete.php', 'cf_session', 1), array('100800', '세션파일 일괄삭제', G5_ADMIN_URL . '/session_file_delete.php', 'cf_session', 1),
array('100900', '캐시파일 일괄삭제',G5_ADMIN_URL.'/cache_file_delete.php', 'cf_cache', 1), array('100900', '캐시파일 일괄삭제', G5_ADMIN_URL . '/cache_file_delete.php', 'cf_cache', 1),
array('100910', '캡챠파일 일괄삭제',G5_ADMIN_URL.'/captcha_file_delete.php', 'cf_captcha', 1), array('100910', '캡챠파일 일괄삭제', G5_ADMIN_URL . '/captcha_file_delete.php', 'cf_captcha', 1),
array('100920', '썸네일파일 일괄삭제',G5_ADMIN_URL.'/thumbnail_file_delete.php', 'cf_thumbnail', 1), array('100920', '썸네일파일 일괄삭제', G5_ADMIN_URL . '/thumbnail_file_delete.php', 'cf_thumbnail', 1),
array('100500', 'phpinfo()', G5_ADMIN_URL.'/phpinfo.php', 'cf_phpinfo') array('100500', 'phpinfo()', G5_ADMIN_URL . '/phpinfo.php', 'cf_phpinfo')
); );
if(version_compare(phpversion(), '5.3.0', '>=') && defined('G5_BROWSCAP_USE') && G5_BROWSCAP_USE) { if (version_compare(phpversion(), '5.3.0', '>=') && defined('G5_BROWSCAP_USE') && G5_BROWSCAP_USE) {
$menu['menu100'][] = array('100510', 'Browscap 업데이트', G5_ADMIN_URL.'/browscap.php', 'cf_browscap'); $menu['menu100'][] = array('100510', 'Browscap 업데이트', G5_ADMIN_URL . '/browscap.php', 'cf_browscap');
$menu['menu100'][] = array('100520', '접속로그 변환', G5_ADMIN_URL.'/browscap_convert.php', 'cf_visit_cnvrt'); $menu['menu100'][] = array('100520', '접속로그 변환', G5_ADMIN_URL . '/browscap_convert.php', 'cf_visit_cnvrt');
} }
$menu['menu100'][] = array('100410', 'DB업그레이드', G5_ADMIN_URL.'/dbupgrade.php', 'db_upgrade'); $menu['menu100'][] = array('100410', 'DB업그레이드', G5_ADMIN_URL . '/dbupgrade.php', 'db_upgrade');
$menu['menu100'][] = array('100400', '부가서비스', G5_ADMIN_URL.'/service.php', 'cf_service'); $menu['menu100'][] = array('100400', '부가서비스', G5_ADMIN_URL . '/service.php', 'cf_service');

20
adm/admin.menu200.php
View File

@ -1,11 +1,11 @@
<?php <?php
$menu['menu200'] = array ( $menu['menu200'] = array(
array('200000', '회원관리', G5_ADMIN_URL.'/member_list.php', 'member'), array('200000', '회원관리', G5_ADMIN_URL . '/member_list.php', 'member'),
array('200100', '회원관리', G5_ADMIN_URL.'/member_list.php', 'mb_list'), array('200100', '회원관리', G5_ADMIN_URL . '/member_list.php', 'mb_list'),
array('200300', '회원메일발송', G5_ADMIN_URL.'/mail_list.php', 'mb_mail'), array('200300', '회원메일발송', G5_ADMIN_URL . '/mail_list.php', 'mb_mail'),
array('200800', '접속자집계', G5_ADMIN_URL.'/visit_list.php', 'mb_visit', 1), array('200800', '접속자집계', G5_ADMIN_URL . '/visit_list.php', 'mb_visit', 1),
array('200810', '접속자검색', G5_ADMIN_URL.'/visit_search.php', 'mb_search', 1), array('200810', '접속자검색', G5_ADMIN_URL . '/visit_search.php', 'mb_search', 1),
array('200820', '접속자로그삭제', G5_ADMIN_URL.'/visit_delete.php', 'mb_delete', 1), array('200820', '접속자로그삭제', G5_ADMIN_URL . '/visit_delete.php', 'mb_delete', 1),
array('200200', '포인트관리', G5_ADMIN_URL.'/point_list.php', 'mb_point'), array('200200', '포인트관리', G5_ADMIN_URL . '/point_list.php', 'mb_point'),
array('200900', '투표관리', G5_ADMIN_URL.'/poll_list.php', 'mb_poll') array('200900', '투표관리', G5_ADMIN_URL . '/poll_list.php', 'mb_poll')
); );

22
adm/admin.menu300.php
View File

@ -1,12 +1,12 @@
<?php <?php
$menu['menu300'] = array ( $menu['menu300'] = array(
array('300000', '게시판관리', ''.G5_ADMIN_URL.'/board_list.php', 'board'), array('300000', '게시판관리', '' . G5_ADMIN_URL . '/board_list.php', 'board'),
array('300100', '게시판관리', ''.G5_ADMIN_URL.'/board_list.php', 'bbs_board'), array('300100', '게시판관리', '' . G5_ADMIN_URL . '/board_list.php', 'bbs_board'),
array('300200', '게시판그룹관리', ''.G5_ADMIN_URL.'/boardgroup_list.php', 'bbs_group'), array('300200', '게시판그룹관리', '' . G5_ADMIN_URL . '/boardgroup_list.php', 'bbs_group'),
array('300300', '인기검색어관리', ''.G5_ADMIN_URL.'/popular_list.php', 'bbs_poplist', 1), array('300300', '인기검색어관리', '' . G5_ADMIN_URL . '/popular_list.php', 'bbs_poplist', 1),
array('300400', '인기검색어순위', ''.G5_ADMIN_URL.'/popular_rank.php', 'bbs_poprank', 1), array('300400', '인기검색어순위', '' . G5_ADMIN_URL . '/popular_rank.php', 'bbs_poprank', 1),
array('300500', '1:1문의설정', ''.G5_ADMIN_URL.'/qa_config.php', 'qa'), array('300500', '1:1문의설정', '' . G5_ADMIN_URL . '/qa_config.php', 'qa'),
array('300600', '내용관리', G5_ADMIN_URL.'/contentlist.php', 'scf_contents', 1), array('300600', '내용관리', G5_ADMIN_URL . '/contentlist.php', 'scf_contents', 1),
array('300700', 'FAQ관리', G5_ADMIN_URL.'/faqmasterlist.php', 'scf_faq', 1), array('300700', 'FAQ관리', G5_ADMIN_URL . '/faqmasterlist.php', 'scf_faq', 1),
array('300820', '글,댓글 현황', G5_ADMIN_URL.'/write_count.php', 'scf_write_count'), array('300820', '글,댓글 현황', G5_ADMIN_URL . '/write_count.php', 'scf_write_count'),
); );

40
adm/admin.menu400.shop_1of2.php
View File

@ -1,21 +1,23 @@
<?php <?php
if (!defined('G5_USE_SHOP') || !G5_USE_SHOP) return; if (!defined('G5_USE_SHOP') || !G5_USE_SHOP) {
return;
}
$menu['menu400'] = array ( $menu['menu400'] = array(
array('400000', '쇼핑몰관리', G5_ADMIN_URL.'/shop_admin/', 'shop_config'), array('400000', '쇼핑몰관리', G5_ADMIN_URL . '/shop_admin/', 'shop_config'),
array('400010', '쇼핑몰현황', G5_ADMIN_URL.'/shop_admin/', 'shop_index'), array('400010', '쇼핑몰현황', G5_ADMIN_URL . '/shop_admin/', 'shop_index'),
array('400100', '쇼핑몰설정', G5_ADMIN_URL.'/shop_admin/configform.php', 'scf_config'), array('400100', '쇼핑몰설정', G5_ADMIN_URL . '/shop_admin/configform.php', 'scf_config'),
array('400400', '주문내역', G5_ADMIN_URL.'/shop_admin/orderlist.php', 'scf_order', 1), array('400400', '주문내역', G5_ADMIN_URL . '/shop_admin/orderlist.php', 'scf_order', 1),
array('400440', '개인결제관리', G5_ADMIN_URL.'/shop_admin/personalpaylist.php', 'scf_personalpay', 1), array('400440', '개인결제관리', G5_ADMIN_URL . '/shop_admin/personalpaylist.php', 'scf_personalpay', 1),
array('400200', '분류관리', G5_ADMIN_URL.'/shop_admin/categorylist.php', 'scf_cate'), array('400200', '분류관리', G5_ADMIN_URL . '/shop_admin/categorylist.php', 'scf_cate'),
array('400300', '상품관리', G5_ADMIN_URL.'/shop_admin/itemlist.php', 'scf_item'), array('400300', '상품관리', G5_ADMIN_URL . '/shop_admin/itemlist.php', 'scf_item'),
array('400660', '상품문의', G5_ADMIN_URL.'/shop_admin/itemqalist.php', 'scf_item_qna'), array('400660', '상품문의', G5_ADMIN_URL . '/shop_admin/itemqalist.php', 'scf_item_qna'),
array('400650', '사용후기', G5_ADMIN_URL.'/shop_admin/itemuselist.php', 'scf_ps'), array('400650', '사용후기', G5_ADMIN_URL . '/shop_admin/itemuselist.php', 'scf_ps'),
array('400620', '상품재고관리', G5_ADMIN_URL.'/shop_admin/itemstocklist.php', 'scf_item_stock'), array('400620', '상품재고관리', G5_ADMIN_URL . '/shop_admin/itemstocklist.php', 'scf_item_stock'),
array('400610', '상품유형관리', G5_ADMIN_URL.'/shop_admin/itemtypelist.php', 'scf_item_type'), array('400610', '상품유형관리', G5_ADMIN_URL . '/shop_admin/itemtypelist.php', 'scf_item_type'),
array('400500', '상품옵션재고관리', G5_ADMIN_URL.'/shop_admin/optionstocklist.php', 'scf_item_option'), array('400500', '상품옵션재고관리', G5_ADMIN_URL . '/shop_admin/optionstocklist.php', 'scf_item_option'),
array('400800', '쿠폰관리', G5_ADMIN_URL.'/shop_admin/couponlist.php', 'scf_coupon'), array('400800', '쿠폰관리', G5_ADMIN_URL . '/shop_admin/couponlist.php', 'scf_coupon'),
array('400810', '쿠폰존관리', G5_ADMIN_URL.'/shop_admin/couponzonelist.php', 'scf_coupon_zone'), array('400810', '쿠폰존관리', G5_ADMIN_URL . '/shop_admin/couponzonelist.php', 'scf_coupon_zone'),
array('400750', '추가배송비관리', G5_ADMIN_URL.'/shop_admin/sendcostlist.php', 'scf_sendcost', 1), array('400750', '추가배송비관리', G5_ADMIN_URL . '/shop_admin/sendcostlist.php', 'scf_sendcost', 1),
array('400410', '미완료주문', G5_ADMIN_URL.'/shop_admin/inorderlist.php', 'scf_inorder', 1), array('400410', '미완료주문', G5_ADMIN_URL . '/shop_admin/inorderlist.php', 'scf_inorder', 1),
); );

28
adm/admin.menu500.shop_2of2.php
View File

@ -1,15 +1,17 @@
<?php <?php
if (!defined('G5_USE_SHOP') || !G5_USE_SHOP) return; if (!defined('G5_USE_SHOP') || !G5_USE_SHOP) {
return;
}
$menu['menu500'] = array ( $menu['menu500'] = array(
array('500000', '쇼핑몰현황/기타', G5_ADMIN_URL.'/shop_admin/itemsellrank.php', 'shop_stats'), array('500000', '쇼핑몰현황/기타', G5_ADMIN_URL . '/shop_admin/itemsellrank.php', 'shop_stats'),
array('500110', '매출현황', G5_ADMIN_URL.'/shop_admin/sale1.php', 'sst_order_stats'), array('500110', '매출현황', G5_ADMIN_URL . '/shop_admin/sale1.php', 'sst_order_stats'),
array('500100', '상품판매순위', G5_ADMIN_URL.'/shop_admin/itemsellrank.php', 'sst_rank'), array('500100', '상품판매순위', G5_ADMIN_URL . '/shop_admin/itemsellrank.php', 'sst_rank'),
array('500120', '주문내역출력', G5_ADMIN_URL.'/shop_admin/orderprint.php', 'sst_print_order', 1), array('500120', '주문내역출력', G5_ADMIN_URL . '/shop_admin/orderprint.php', 'sst_print_order', 1),
array('500400', '재입고SMS알림', G5_ADMIN_URL.'/shop_admin/itemstocksms.php', 'sst_stock_sms', 1), array('500400', '재입고SMS알림', G5_ADMIN_URL . '/shop_admin/itemstocksms.php', 'sst_stock_sms', 1),
array('500300', '이벤트관리', G5_ADMIN_URL.'/shop_admin/itemevent.php', 'scf_event'), array('500300', '이벤트관리', G5_ADMIN_URL . '/shop_admin/itemevent.php', 'scf_event'),
array('500310', '이벤트일괄처리', G5_ADMIN_URL.'/shop_admin/itemeventlist.php', 'scf_event_mng'), array('500310', '이벤트일괄처리', G5_ADMIN_URL . '/shop_admin/itemeventlist.php', 'scf_event_mng'),
array('500500', '배너관리', G5_ADMIN_URL.'/shop_admin/bannerlist.php', 'scf_banner', 1), array('500500', '배너관리', G5_ADMIN_URL . '/shop_admin/bannerlist.php', 'scf_banner', 1),
array('500140', '보관함현황', G5_ADMIN_URL.'/shop_admin/wishlist.php', 'sst_wish'), array('500140', '보관함현황', G5_ADMIN_URL . '/shop_admin/wishlist.php', 'sst_wish'),
array('500210', '가격비교사이트', G5_ADMIN_URL.'/shop_admin/price.php', 'sst_compare', 1) array('500210', '가격비교사이트', G5_ADMIN_URL . '/shop_admin/price.php', 'sst_compare', 1)
); );

28
adm/admin.menu900.php
View File

@ -1,14 +1,14 @@
<?php <?php
$menu["menu900"] = array ( $menu["menu900"] = array(
array('900000', 'SMS 관리', ''.G5_SMS5_ADMIN_URL.'/config.php', 'sms5'), array('900000', 'SMS 관리', '' . G5_SMS5_ADMIN_URL . '/config.php', 'sms5'),
array('900100', 'SMS 기본설정', ''.G5_SMS5_ADMIN_URL.'/config.php', 'sms5_config'), array('900100', 'SMS 기본설정', '' . G5_SMS5_ADMIN_URL . '/config.php', 'sms5_config'),
array('900200', '회원정보업데이트', ''.G5_SMS5_ADMIN_URL.'/member_update.php', 'sms5_mb_update'), array('900200', '회원정보업데이트', '' . G5_SMS5_ADMIN_URL . '/member_update.php', 'sms5_mb_update'),
array('900300', '문자 보내기', ''.G5_SMS5_ADMIN_URL.'/sms_write.php', 'sms_write'), array('900300', '문자 보내기', '' . G5_SMS5_ADMIN_URL . '/sms_write.php', 'sms_write'),
array('900400', '전송내역-건별', ''.G5_SMS5_ADMIN_URL.'/history_list.php', 'sms_history' , 1), array('900400', '전송내역-건별', '' . G5_SMS5_ADMIN_URL . '/history_list.php', 'sms_history', 1),
array('900410', '전송내역-번호별', ''.G5_SMS5_ADMIN_URL.'/history_num.php', 'sms_history_num' , 1), array('900410', '전송내역-번호별', '' . G5_SMS5_ADMIN_URL . '/history_num.php', 'sms_history_num', 1),
array('900500', '이모티콘 그룹', ''.G5_SMS5_ADMIN_URL.'/form_group.php' , 'emoticon_group'), array('900500', '이모티콘 그룹', '' . G5_SMS5_ADMIN_URL . '/form_group.php', 'emoticon_group'),
array('900600', '이모티콘 관리', ''.G5_SMS5_ADMIN_URL.'/form_list.php', 'emoticon_list'), array('900600', '이모티콘 관리', '' . G5_SMS5_ADMIN_URL . '/form_list.php', 'emoticon_list'),
array('900700', '휴대폰번호 그룹', ''.G5_SMS5_ADMIN_URL.'/num_group.php' , 'hp_group', 1), array('900700', '휴대폰번호 그룹', '' . G5_SMS5_ADMIN_URL . '/num_group.php', 'hp_group', 1),
array('900800', '휴대폰번호 관리', ''.G5_SMS5_ADMIN_URL.'/num_book.php', 'hp_manage', 1), array('900800', '휴대폰번호 관리', '' . G5_SMS5_ADMIN_URL . '/num_book.php', 'hp_manage', 1),
array('900900', '휴대폰번호 파일', ''.G5_SMS5_ADMIN_URL.'/num_book_file.php' , 'hp_file', 1) array('900900', '휴대폰번호 파일', '' . G5_SMS5_ADMIN_URL . '/num_book_file.php', 'hp_file', 1)
); );

220
adm/admin.tail.php
View File

@ -1,33 +1,37 @@
<?php <?php
if (!defined('_GNUBOARD_')) exit; if (!defined('_GNUBOARD_')) {
exit;
}
// 그누보드5.4.5.5 버전과 영카트5.4.5.5.1 버전이 통합됨에 따라 그누보드 버전만 표시 // 그누보드5.4.5.5 버전과 영카트5.4.5.5.1 버전이 통합됨에 따라 그누보드 버전만 표시
// $print_version = defined('G5_YOUNGCART_VER') ? 'YoungCart Version '.G5_YOUNGCART_VER : 'Version '.G5_GNUBOARD_VER; // $print_version = defined('G5_YOUNGCART_VER') ? 'YoungCart Version '.G5_YOUNGCART_VER : 'Version '.G5_GNUBOARD_VER;
$print_version = 'Version '.G5_GNUBOARD_VER; $print_version = 'Version ' . G5_GNUBOARD_VER;
?> ?>
<noscript> <noscript>
<p> <p>
귀하께서 사용하시는 브라우저는 현재 <strong>자바스크립트를 사용하지 않음</strong>으로 설정되어 있습니다.<br> 귀하께서 사용하시는 브라우저는 현재 <strong>자바스크립트를 사용하지 않음</strong>으로 설정되어 있습니다.<br>
<strong>자바스크립트를 사용하지 않음</strong>으로 설정하신 경우는 수정이나 삭제시 별도의 경고창이 나오지 않으므로 이점 주의하시기 바랍니다. <strong>자바스크립트를 사용하지 않음</strong>으로 설정하신 경우는 수정이나 삭제시 별도의 경고창이 나오지 않으므로 이점 주의하시기 바랍니다.
</p> </p>
</noscript> </noscript>
</div> </div>
<footer id="ft"> <footer id="ft">
<p> <p>
Copyright &copy; <?php echo $_SERVER['HTTP_HOST']; ?>. All rights reserved. <?php echo $print_version; ?><br> Copyright &copy; <?php echo $_SERVER['HTTP_HOST']; ?>. All rights reserved. <?php echo $print_version; ?><br>
<button type="button" class="scroll_top"><span class="top_img"></span><span class="top_txt">TOP</span></button> <button type="button" class="scroll_top"><span class="top_img"></span><span class="top_txt">TOP</span></button>
</p> </p>
</footer> </footer>
</div> </div>
</div> </div>
<script> <script>
$(".scroll_top").click(function(){ $(".scroll_top").click(function() {
$("body,html").animate({scrollTop:0},400); $("body,html").animate({
}) scrollTop: 0
}, 400);
})
</script> </script>
<!-- <p>실행시간 : <?php echo get_microtime() - $begin_time; ?> --> <!-- <p>실행시간 : <?php echo get_microtime() - $begin_time; ?> -->
@ -35,121 +39,119 @@ $(".scroll_top").click(function(){
<script src="<?php echo G5_ADMIN_URL ?>/admin.js?ver=<?php echo G5_JS_VER; ?>"></script> <script src="<?php echo G5_ADMIN_URL ?>/admin.js?ver=<?php echo G5_JS_VER; ?>"></script>
<script src="<?php echo G5_JS_URL ?>/jquery.anchorScroll.js?ver=<?php echo G5_JS_VER; ?>"></script> <script src="<?php echo G5_JS_URL ?>/jquery.anchorScroll.js?ver=<?php echo G5_JS_VER; ?>"></script>
<script> <script>
$(function(){ $(function() {
var admin_head_height = $("#hd_top").height() + $("#container_title").height() + 5; var admin_head_height = $("#hd_top").height() + $("#container_title").height() + 5;
$("a[href^='#']").anchorScroll({ $("a[href^='#']").anchorScroll({
scrollSpeed: 0, // scroll speed scrollSpeed: 0, // scroll speed
offsetTop: admin_head_height, // offset for fixed top bars (defaults to 0) offsetTop: admin_head_height, // offset for fixed top bars (defaults to 0)
onScroll: function () { onScroll: function() {
// callback on scroll start // callback on scroll start
}, },
scrollEnd: function () { scrollEnd: function() {
// callback on scroll end // callback on scroll end
} }
}); });
var hide_menu = false; var hide_menu = false;
var mouse_event = false; var mouse_event = false;
var oldX = oldY = 0; var oldX = oldY = 0;
$(document).mousemove(function(e) { $(document).mousemove(function(e) {
if(oldX == 0) { if (oldX == 0) {
oldX = e.pageX; oldX = e.pageX;
oldY = e.pageY; oldY = e.pageY;
} }
if(oldX != e.pageX || oldY != e.pageY) { if (oldX != e.pageX || oldY != e.pageY) {
mouse_event = true; mouse_event = true;
} }
}); });
// 주메뉴 // 주메뉴
var $gnb = $(".gnb_1dli > a"); var $gnb = $(".gnb_1dli > a");
$gnb.mouseover(function() { $gnb.mouseover(function() {
if(mouse_event) { if (mouse_event) {
$(".gnb_1dli").removeClass("gnb_1dli_over gnb_1dli_over2 gnb_1dli_on");
$(this).parent().addClass("gnb_1dli_over gnb_1dli_on");
menu_rearrange($(this).parent());
hide_menu = false;
}
});
$gnb.mouseout(function() {
hide_menu = true;
});
$(".gnb_2dli").mouseover(function() {
hide_menu = false;
});
$(".gnb_2dli").mouseout(function() {
hide_menu = true;
});
$gnb.focusin(function() {
$(".gnb_1dli").removeClass("gnb_1dli_over gnb_1dli_over2 gnb_1dli_on"); $(".gnb_1dli").removeClass("gnb_1dli_over gnb_1dli_over2 gnb_1dli_on");
$(this).parent().addClass("gnb_1dli_over gnb_1dli_on"); $(this).parent().addClass("gnb_1dli_over gnb_1dli_on");
menu_rearrange($(this).parent()); menu_rearrange($(this).parent());
hide_menu = false; hide_menu = false;
} });
});
$gnb.mouseout(function() { $gnb.focusout(function() {
hide_menu = true; hide_menu = true;
}); });
$(".gnb_2dli").mouseover(function() { $(".gnb_2da").focusin(function() {
hide_menu = false; $(".gnb_1dli").removeClass("gnb_1dli_over gnb_1dli_over2 gnb_1dli_on");
}); var $gnb_li = $(this).closest(".gnb_1dli").addClass("gnb_1dli_over gnb_1dli_on");
menu_rearrange($(this).closest(".gnb_1dli"));
hide_menu = false;
});
$(".gnb_2dli").mouseout(function() { $(".gnb_2da").focusout(function() {
hide_menu = true; hide_menu = true;
}); });
$gnb.focusin(function() { $('#gnb_1dul>li').bind('mouseleave', function() {
$(".gnb_1dli").removeClass("gnb_1dli_over gnb_1dli_over2 gnb_1dli_on");
$(this).parent().addClass("gnb_1dli_over gnb_1dli_on");
menu_rearrange($(this).parent());
hide_menu = false;
});
$gnb.focusout(function() {
hide_menu = true;
});
$(".gnb_2da").focusin(function() {
$(".gnb_1dli").removeClass("gnb_1dli_over gnb_1dli_over2 gnb_1dli_on");
var $gnb_li = $(this).closest(".gnb_1dli").addClass("gnb_1dli_over gnb_1dli_on");
menu_rearrange($(this).closest(".gnb_1dli"));
hide_menu = false;
});
$(".gnb_2da").focusout(function() {
hide_menu = true;
});
$('#gnb_1dul>li').bind('mouseleave',function(){
submenu_hide();
});
$(document).bind('click focusin',function(){
if(hide_menu) {
submenu_hide(); submenu_hide();
});
$(document).bind('click focusin', function() {
if (hide_menu) {
submenu_hide();
}
});
// 폰트 리사이즈 쿠키있으면 실행
var font_resize_act = get_cookie("ck_font_resize_act");
if (font_resize_act != "") {
font_resize("container", font_resize_act);
} }
}); });
// 폰트 리사이즈 쿠키있으면 실행 function submenu_hide() {
var font_resize_act = get_cookie("ck_font_resize_act"); $(".gnb_1dli").removeClass("gnb_1dli_over gnb_1dli_over2 gnb_1dli_on");
if(font_resize_act != "") {
font_resize("container", font_resize_act);
} }
});
function submenu_hide() { function menu_rearrange(el) {
$(".gnb_1dli").removeClass("gnb_1dli_over gnb_1dli_over2 gnb_1dli_on"); var width = $("#gnb_1dul").width();
} var left = w1 = w2 = 0;
var idx = $(".gnb_1dli").index(el);
function menu_rearrange(el) for (i = 0; i <= idx; i++) {
{ w1 = $(".gnb_1dli:eq(" + i + ")").outerWidth();
var width = $("#gnb_1dul").width(); w2 = $(".gnb_2dli > a:eq(" + i + ")").outerWidth(true);
var left = w1 = w2 = 0;
var idx = $(".gnb_1dli").index(el);
for(i=0; i<=idx; i++) { if ((left + w2) > width) {
w1 = $(".gnb_1dli:eq("+i+")").outerWidth(); el.removeClass("gnb_1dli_over").addClass("gnb_1dli_over2");
w2 = $(".gnb_2dli > a:eq("+i+")").outerWidth(true); }
if((left + w2) > width) { left += w1;
el.removeClass("gnb_1dli_over").addClass("gnb_1dli_over2");
} }
left += w1;
} }
}
</script> </script>
<?php <?php
include_once(G5_PATH.'/tail.sub.php'); require_once G5_PATH . '/tail.sub.php';

10
adm/ajax.token.php
View File

@ -1,13 +1,13 @@
<?php <?php
include_once('./_common.php'); require_once './_common.php';
include_once(G5_LIB_PATH.'/json.lib.php');
set_session('ss_admin_token', ''); set_session('ss_admin_token', '');
$error = admin_referer_check(true); $error = admin_referer_check(true);
if($error) if ($error) {
die(json_encode(array('error'=>$error, 'url'=>G5_URL))); die(json_encode(array('error' => $error, 'url' => G5_URL)));
}
$token = get_admin_token(); $token = get_admin_token();
die(json_encode(array('error'=>'', 'token'=>$token, 'url'=>''))); die(json_encode(array('error' => '', 'token' => $token, 'url' => '')));

6
adm/ajax.use_captcha.php
View File

@ -1,6 +1,6 @@
<?php <?php
include_once('./_common.php'); require_once './_common.php';
if( isset($_POST['admin_use_captcha']) ){ if (isset($_POST['admin_use_captcha'])) {
set_session('ss_admin_use_captcha', true); set_session('ss_admin_use_captcha', true);
} }

365
adm/auth_list.php
View File

@ -1,9 +1,10 @@
<?php <?php
$sub_menu = "100200"; $sub_menu = "100200";
include_once('./_common.php'); require_once './_common.php';
if ($is_admin != 'super') if ($is_admin != 'super') {
alert('최고관리자만 접근 가능합니다.'); alert('최고관리자만 접근 가능합니다.');
}
$sql_common = " from {$g5['auth_table']} a left join {$g5['member_table']} b on (a.mb_id=b.mb_id) "; $sql_common = " from {$g5['auth_table']} a left join {$g5['member_table']} b on (a.mb_id=b.mb_id) ";
@ -11,7 +12,7 @@ $sql_search = " where (1) ";
if ($stx) { if ($stx) {
$sql_search .= " and ( "; $sql_search .= " and ( ";
switch ($sfl) { switch ($sfl) {
default : default:
$sql_search .= " ({$sfl} like '%{$stx}%') "; $sql_search .= " ({$sfl} like '%{$stx}%') ";
break; break;
} }
@ -33,7 +34,9 @@ $total_count = $row['cnt'];
$rows = $config['cf_page_rows']; $rows = $config['cf_page_rows'];
$total_page = ceil($total_count / $rows); // 전체 페이지 계산 $total_page = ceil($total_count / $rows); // 전체 페이지 계산
if ($page < 1) $page = 1; // 페이지가 없으면 첫 페이지 (1 페이지) if ($page < 1) {
$page = 1; // 페이지가 없으면 첫 페이지 (1 페이지)
}
$from_record = ($page - 1) * $rows; // 시작 열을 구함 $from_record = ($page - 1) * $rows; // 시작 열을 구함
$sql = " select * $sql = " select *
@ -43,10 +46,10 @@ $sql = " select *
limit {$from_record}, {$rows} "; limit {$from_record}, {$rows} ";
$result = sql_query($sql); $result = sql_query($sql);
$listall = '<a href="'.$_SERVER['SCRIPT_NAME'].'" class="ov_listall btn_ov02">전체목록</a>'; $listall = '<a href="' . $_SERVER['SCRIPT_NAME'] . '" class="ov_listall btn_ov02">전체목록</a>';
$g5['title'] = "관리권한설정"; $g5['title'] = "관리권한설정";
include_once('./admin.head.php'); require_once './admin.head.php';
$colspan = 5; $colspan = 5;
?> ?>
@ -57,213 +60,213 @@ $colspan = 5;
</div> </div>
<form name="fsearch" id="fsearch" class="local_sch01 local_sch" method="get"> <form name="fsearch" id="fsearch" class="local_sch01 local_sch" method="get">
<input type="hidden" name="sfl" value="a.mb_id" id="sfl"> <input type="hidden" name="sfl" value="a.mb_id" id="sfl">
<label for="stx" class="sound_only">회원아이디<strong class="sound_only"> 필수</strong></label> <label for="stx" class="sound_only">회원아이디<strong class="sound_only"> 필수</strong></label>
<input type="text" name="stx" value="<?php echo $stx ?>" id="stx" required class="required frm_input"> <input type="text" name="stx" value="<?php echo $stx ?>" id="stx" required class="required frm_input">
<input type="submit" value="검색" id="fsearch_submit" class="btn_submit"> <input type="submit" value="검색" id="fsearch_submit" class="btn_submit">
</form> </form>
<form name="fauthlist" id="fauthlist" method="post" action="./auth_list_delete.php" onsubmit="return fauthlist_submit(this);"> <form name="fauthlist" id="fauthlist" method="post" action="./auth_list_delete.php" onsubmit="return fauthlist_submit(this);">
<input type="hidden" name="sst" value="<?php echo $sst ?>"> <input type="hidden" name="sst" value="<?php echo $sst ?>">
<input type="hidden" name="sod" value="<?php echo $sod ?>"> <input type="hidden" name="sod" value="<?php echo $sod ?>">
<input type="hidden" name="sfl" value="<?php echo $sfl ?>"> <input type="hidden" name="sfl" value="<?php echo $sfl ?>">
<input type="hidden" name="stx" value="<?php echo $stx ?>"> <input type="hidden" name="stx" value="<?php echo $stx ?>">
<input type="hidden" name="page" value="<?php echo $page ?>"> <input type="hidden" name="page" value="<?php echo $page ?>">
<input type="hidden" name="token" value=""> <input type="hidden" name="token" value="">
<div class="tbl_head01 tbl_wrap">
<table>
<caption><?php echo $g5['title']; ?> 목록</caption>
<thead>
<tr>
<th scope="col">
<label for="chkall" class="sound_only">현재 페이지 회원 전체</label>
<input type="checkbox" name="chkall" value="1" id="chkall" onclick="check_all(this.form)">
</th>
<th scope="col"><?php echo subject_sort_link('a.mb_id') ?>회원아이디</a></th>
<th scope="col"><?php echo subject_sort_link('mb_nick') ?>닉네임</a></th>
<th scope="col">메뉴</th>
<th scope="col">권한</th>
</tr>
</thead>
<tbody>
<?php
$count = 0;
for ($i = 0; $row = sql_fetch_array($result); $i++) {
$is_continue = false;
// 회원아이디가 없는 메뉴는 삭제함
if ($row['mb_id'] == '' && $row['mb_nick'] == '') {
sql_query(" delete from {$g5['auth_table']} where au_menu = '{$row['au_menu']}' ");
$is_continue = true;
}
// 메뉴번호가 바뀌는 경우에 현재 없는 저장된 메뉴는 삭제함
if (!isset($auth_menu[$row['au_menu']])) {
sql_query(" delete from {$g5['auth_table']} where au_menu = '{$row['au_menu']}' ");
$is_continue = true;
}
if ($is_continue) {
continue;
}
$mb_nick = get_sideview($row['mb_id'], $row['mb_nick'], $row['mb_email'], $row['mb_homepage']);
$bg = 'bg' . ($i % 2);
?>
<tr class="<?php echo $bg; ?>">
<td class="td_chk">
<input type="hidden" name="au_menu[<?php echo $i ?>]" value="<?php echo $row['au_menu'] ?>">
<input type="hidden" name="mb_id[<?php echo $i ?>]" value="<?php echo $row['mb_id'] ?>">
<label for="chk_<?php echo $i; ?>" class="sound_only"><?php echo $row['mb_nick'] ?>님 권한</label>
<input type="checkbox" name="chk[]" value="<?php echo $i ?>" id="chk_<?php echo $i ?>">
</td>
<td class="td_mbid"><a href="?sfl=a.mb_id&amp;stx=<?php echo $row['mb_id'] ?>"><?php echo $row['mb_id'] ?></a></td>
<td class="td_auth_mbnick"><?php echo $mb_nick ?></td>
<td class="td_menu">
<?php echo $row['au_menu'] ?>
<?php echo $auth_menu[$row['au_menu']] ?>
</td>
<td class="td_auth"><?php echo $row['au_auth'] ?></td>
</tr>
<?php
$count++;
}
if ($count == 0) {
echo '<tr><td colspan="' . $colspan . '" class="empty_table">자료가 없습니다.</td></tr>';
}
?>
</tbody>
</table>
</div>
<div class="btn_list01 btn_list">
<input type="submit" name="act_button" value="선택삭제" onclick="document.pressed=this.value" class="btn btn_02">
</div>
<div class="tbl_head01 tbl_wrap">
<table>
<caption><?php echo $g5['title']; ?> 목록</caption>
<thead>
<tr>
<th scope="col">
<label for="chkall" class="sound_only">현재 페이지 회원 전체</label>
<input type="checkbox" name="chkall" value="1" id="chkall" onclick="check_all(this.form)">
</th>
<th scope="col"><?php echo subject_sort_link('a.mb_id') ?>회원아이디</a></th>
<th scope="col"><?php echo subject_sort_link('mb_nick') ?>닉네임</a></th>
<th scope="col">메뉴</th>
<th scope="col">권한</th>
</tr>
</thead>
<tbody>
<?php <?php
$count = 0; //if (isset($stx))
for ($i=0; $row=sql_fetch_array($result); $i++) // echo '<script>document.fsearch.sfl.value = "'.$sfl.'";</script>'."\n";
{
$is_continue = false;
// 회원아이디가 없는 메뉴는 삭제함
if($row['mb_id'] == '' && $row['mb_nick'] == '') {
sql_query(" delete from {$g5['auth_table']} where au_menu = '{$row['au_menu']}' ");
$is_continue = true;
}
// 메뉴번호가 바뀌는 경우에 현재 없는 저장된 메뉴는 삭제함 if (strstr($sfl, 'mb_id')) {
if (!isset($auth_menu[$row['au_menu']])) $mb_id = $stx;
{ } else {
sql_query(" delete from {$g5['auth_table']} where au_menu = '{$row['au_menu']}' "); $mb_id = '';
$is_continue = true;
}
if($is_continue)
continue;
$mb_nick = get_sideview($row['mb_id'], $row['mb_nick'], $row['mb_email'], $row['mb_homepage']);
$bg = 'bg'.($i%2);
?>
<tr class="<?php echo $bg; ?>">
<td class="td_chk">
<input type="hidden" name="au_menu[<?php echo $i ?>]" value="<?php echo $row['au_menu'] ?>">
<input type="hidden" name="mb_id[<?php echo $i ?>]" value="<?php echo $row['mb_id'] ?>">
<label for="chk_<?php echo $i; ?>" class="sound_only"><?php echo $row['mb_nick'] ?>님 권한</label>
<input type="checkbox" name="chk[]" value="<?php echo $i ?>" id="chk_<?php echo $i ?>">
</td>
<td class="td_mbid"><a href="?sfl=a.mb_id&amp;stx=<?php echo $row['mb_id'] ?>"><?php echo $row['mb_id'] ?></a></td>
<td class="td_auth_mbnick"><?php echo $mb_nick ?></td>
<td class="td_menu">
<?php echo $row['au_menu'] ?>
<?php echo $auth_menu[$row['au_menu']] ?>
</td>
<td class="td_auth"><?php echo $row['au_auth'] ?></td>
</tr>
<?php
$count++;
} }
if ($count == 0)
echo '<tr><td colspan="'.$colspan.'" class="empty_table">자료가 없습니다.</td></tr>';
?> ?>
</tbody>
</table>
</div>
<div class="btn_list01 btn_list">
<input type="submit" name="act_button" value="선택삭제" onclick="document.pressed=this.value" class="btn btn_02">
</div>
<?php
//if (isset($stx))
// echo '<script>document.fsearch.sfl.value = "'.$sfl.'";</script>'."\n";
if (strstr($sfl, 'mb_id'))
$mb_id = $stx;
else
$mb_id = '';
?>
</form> </form>
<?php <?php
$pagelist = get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, $_SERVER['SCRIPT_NAME'].'?'.$qstr.'&amp;page='); $pagelist = get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, $_SERVER['SCRIPT_NAME'] . '?' . $qstr . '&amp;page=');
echo $pagelist; echo $pagelist;
?> ?>
<form name="fauthlist2" id="fauthlist2" action="./auth_update.php" method="post" autocomplete="off" onsubmit="return fauth_add_submit(this);"> <form name="fauthlist2" id="fauthlist2" action="./auth_update.php" method="post" autocomplete="off" onsubmit="return fauth_add_submit(this);">
<input type="hidden" name="sfl" value="<?php echo $sfl ?>"> <input type="hidden" name="sfl" value="<?php echo $sfl ?>">
<input type="hidden" name="stx" value="<?php echo $stx ?>"> <input type="hidden" name="stx" value="<?php echo $stx ?>">
<input type="hidden" name="sst" value="<?php echo $sst ?>"> <input type="hidden" name="sst" value="<?php echo $sst ?>">
<input type="hidden" name="sod" value="<?php echo $sod ?>"> <input type="hidden" name="sod" value="<?php echo $sod ?>">
<input type="hidden" name="page" value="<?php echo $page ?>"> <input type="hidden" name="page" value="<?php echo $page ?>">
<input type="hidden" name="token" value=""> <input type="hidden" name="token" value="">
<section id="add_admin"> <section id="add_admin">
<h2 class="h2_frm">관리권한 추가</h2> <h2 class="h2_frm">관리권한 추가</h2>
<div class="local_desc01 local_desc"> <div class="local_desc01 local_desc">
<p> <p>
다음 양식에서 회원에게 관리권한을 부여하실 수 있습니다.<br> 다음 양식에서 회원에게 관리권한을 부여하실 수 있습니다.<br>
권한 <strong>r</strong>은 읽기권한, <strong>w</strong>는 쓰기권한, <strong>d</strong>는 삭제권한입니다. 권한 <strong>r</strong>은 읽기권한, <strong>w</strong>는 쓰기권한, <strong>d</strong>는 삭제권한입니다.
</p> </p>
</div> </div>
<div class="tbl_frm01 tbl_wrap"> <div class="tbl_frm01 tbl_wrap">
<table> <table>
<colgroup> <colgroup>
<col class="grid_4"> <col class="grid_4">
<col> <col>
</colgroup> </colgroup>
<tbody> <tbody>
<tr> <tr>
<th scope="row"><label for="mb_id">회원아이디<strong class="sound_only">필수</strong></label></th> <th scope="row"><label for="mb_id">회원아이디<strong class="sound_only">필수</strong></label></th>
<td> <td>
<strong id="msg_mb_id" class="msg_sound_only"></strong> <strong id="msg_mb_id" class="msg_sound_only"></strong>
<input type="text" name="mb_id" value="<?php echo $mb_id ?>" id="mb_id" required class="required frm_input"> <input type="text" name="mb_id" value="<?php echo $mb_id ?>" id="mb_id" required class="required frm_input">
</td> </td>
</tr> </tr>
<tr> <tr>
<th scope="row"><label for="au_menu">접근가능메뉴<strong class="sound_only">필수</strong></label></th> <th scope="row"><label for="au_menu">접근가능메뉴<strong class="sound_only">필수</strong></label></th>
<td> <td>
<select id="au_menu" name="au_menu" required class="required"> <select id="au_menu" name="au_menu" required class="required">
<option value=''>선택하세요</option> <option value=''>선택하세요</option>
<?php <?php
foreach($auth_menu as $key=>$value) foreach ($auth_menu as $key => $value) {
{ if (!(substr($key, -3) == '000' || $key == '-' || !$key)) {
if (!(substr($key, -3) == '000' || $key == '-' || !$key)) echo '<option value="' . $key . '">' . $key . ' ' . $value . '</option>';
echo '<option value="'.$key.'">'.$key.' '.$value.'</option>'; }
} }
?> ?>
</select> </select>
</td> </td>
</tr> </tr>
<tr> <tr>
<th scope="row">권한지정</th> <th scope="row">권한지정</th>
<td> <td>
<input type="checkbox" name="r" value="r" id="r" checked> <input type="checkbox" name="r" value="r" id="r" checked>
<label for="r">r (읽기)</label> <label for="r">r (읽기)</label>
<input type="checkbox" name="w" value="w" id="w"> <input type="checkbox" name="w" value="w" id="w">
<label for="w">w (쓰기)</label> <label for="w">w (쓰기)</label>
<input type="checkbox" name="d" value="d" id="d"> <input type="checkbox" name="d" value="d" id="d">
<label for="d">d (삭제)</label> <label for="d">d (삭제)</label>
</td> </td>
</tr> </tr>
<tr> <tr>
<th scope="row">자동등록방지</th> <th scope="row">자동등록방지</th>
<td> <td>
<?php <?php
include_once(G5_CAPTCHA_PATH.'/captcha.lib.php'); require_once G5_CAPTCHA_PATH . '/captcha.lib.php';
$captcha_html = captcha_html(); $captcha_html = captcha_html();
$captcha_js = chk_captcha_js(); $captcha_js = chk_captcha_js();
echo $captcha_html; echo $captcha_html;
?> ?>
</td> </td>
</tr> </tr>
</tbody> </tbody>
</table> </table>
</div> </div>
<div class="btn_confirm01 btn_confirm"> <div class="btn_confirm01 btn_confirm">
<input type="submit" value="추가" class="btn_submit btn"> <input type="submit" value="추가" class="btn_submit btn">
</div> </div>
</section> </section>
</form> </form>
<script> <script>
function fauth_add_submit(f){ function fauth_add_submit(f) {
<?php echo $captcha_js; // 캡챠 사용시 자바스크립트에서 입력된 캡챠를 검사함 ?>
return true; <?php echo $captcha_js; // 캡챠 사용시 자바스크립트에서 입력된 캡챠를 검사함 ?>
}
function fauthlist_submit(f) return true;
{
if (!is_checked("chk[]")) {
alert(document.pressed+" 하실 항목을 하나 이상 선택하세요.");
return false;
} }
if(document.pressed == "선택삭제") { function fauthlist_submit(f) {
if(!confirm("선택한 자료를 정말 삭제하시겠습니까?")) { if (!is_checked("chk[]")) {
alert(document.pressed + " 하실 항목을 하나 이상 선택하세요.");
return false; return false;
} }
}
return true; if (document.pressed == "선택삭제") {
} if (!confirm("선택한 자료를 정말 삭제하시겠습니까?")) {
return false;
}
}
return true;
}
</script> </script>
<?php <?php
include_once ('./admin.tail.php'); require_once './admin.tail.php';

21
adm/auth_list_delete.php
View File

@ -1,36 +1,37 @@
<?php <?php
$sub_menu = "100200"; $sub_menu = "100200";
include_once('./_common.php'); require_once './_common.php';
check_demo(); check_demo();
if ($is_admin != 'super') if ($is_admin != 'super') {
alert('최고관리자만 접근 가능합니다.'); alert('최고관리자만 접근 가능합니다.');
}
check_admin_token(); check_admin_token();
$count = (isset($_POST['chk']) && is_array($_POST['chk'])) ? count($_POST['chk']) : 0; $count = (isset($_POST['chk']) && is_array($_POST['chk'])) ? count($_POST['chk']) : 0;
$post_act_button = isset($_POST['act_button']) ? clean_xss_tags($_POST['act_button'], 1, 1) : ''; $post_act_button = isset($_POST['act_button']) ? clean_xss_tags($_POST['act_button'], 1, 1) : '';
if (!$count) if (!$count) {
alert($_POST['act_button']." 하실 항목을 하나 이상 체크하세요."); alert($_POST['act_button'] . " 하실 항목을 하나 이상 체크하세요.");
}
if ( (isset($_POST['mb_id']) && ! is_array($_POST['mb_id'])) || (isset($_POST['au_menu']) && ! is_array($_POST['au_menu'])) ){ if ((isset($_POST['mb_id']) && !is_array($_POST['mb_id'])) || (isset($_POST['au_menu']) && !is_array($_POST['au_menu']))) {
alert("잘못된 요청입니다."); alert("잘못된 요청입니다.");
} }
for ($i=0; $i<$count; $i++) for ($i = 0; $i < $count; $i++) {
{
// 실제 번호를 넘김 // 실제 번호를 넘김
$k = isset($_POST['chk'][$i]) ? (int) $_POST['chk'][$i] : 0; $k = isset($_POST['chk'][$i]) ? (int) $_POST['chk'][$i] : 0;
$mb_id = isset($_POST['mb_id'][$k]) ? preg_replace('/[^a-zA-Z0-9_]/', '', $_POST['mb_id'][$k]) : ''; $mb_id = isset($_POST['mb_id'][$k]) ? preg_replace('/[^a-zA-Z0-9_]/', '', $_POST['mb_id'][$k]) : '';
$au_menu = isset($_POST['au_menu'][$k]) ? preg_replace('/[^a-zA-Z0-9_]/', '', $_POST['au_menu'][$k]) : ''; $au_menu = isset($_POST['au_menu'][$k]) ? preg_replace('/[^a-zA-Z0-9_]/', '', $_POST['au_menu'][$k]) : '';
$sql = " delete from {$g5['auth_table']} where mb_id = '".$mb_id."' and au_menu = '".$au_menu."' "; $sql = " delete from {$g5['auth_table']} where mb_id = '" . $mb_id . "' and au_menu = '" . $au_menu . "' ";
sql_query($sql); sql_query($sql);
run_event('adm_auth_delete_member', $mb_id, $au_menu); run_event('adm_auth_delete_member', $mb_id, $au_menu);
} }
goto_url('./auth_list.php?'.$qstr); goto_url('./auth_list.php?' . $qstr);

22
adm/auth_update.php
View File

@ -1,23 +1,25 @@
<?php <?php
$sub_menu = "100200"; $sub_menu = "100200";
include_once('./_common.php'); require_once './_common.php';
include_once(G5_LIB_PATH.'/mailer.lib.php'); require_once G5_LIB_PATH . '/mailer.lib.php';
$au_menu = isset($_POST['au_menu']) ? preg_replace('/[^0-9a-z_]/i', '', $_POST['au_menu']) : ''; $au_menu = isset($_POST['au_menu']) ? preg_replace('/[^0-9a-z_]/i', '', $_POST['au_menu']) : '';
$post_r = isset($_POST['r']) ? preg_replace('/[^0-9a-z_]/i', '', $_POST['r']) : ''; $post_r = isset($_POST['r']) ? preg_replace('/[^0-9a-z_]/i', '', $_POST['r']) : '';
$post_w = isset($_POST['w']) ? preg_replace('/[^0-9a-z_]/i', '', $_POST['w']) : ''; $post_w = isset($_POST['w']) ? preg_replace('/[^0-9a-z_]/i', '', $_POST['w']) : '';
$post_d = isset($_POST['d']) ? preg_replace('/[^0-9a-z_]/i', '', $_POST['d']) : ''; $post_d = isset($_POST['d']) ? preg_replace('/[^0-9a-z_]/i', '', $_POST['d']) : '';
if ($is_admin != 'super') if ($is_admin != 'super') {
alert('최고관리자만 접근 가능합니다.'); alert('최고관리자만 접근 가능합니다.');
}
$mb = get_member($mb_id); $mb = get_member($mb_id);
if (!$mb['mb_id']) if (!$mb['mb_id']) {
alert('존재하는 회원아이디가 아닙니다.'); alert('존재하는 회원아이디가 아닙니다.');
}
check_admin_token(); check_admin_token();
include_once(G5_CAPTCHA_PATH.'/captcha.lib.php'); require_once G5_CAPTCHA_PATH . '/captcha.lib.php';
if (!chk_captcha()) { if (!chk_captcha()) {
alert('자동등록방지 숫자가 틀렸습니다.'); alert('자동등록방지 숫자가 틀렸습니다.');
@ -27,7 +29,7 @@ $sql = " insert into {$g5['auth_table']}
set mb_id = '$mb_id', set mb_id = '$mb_id',
au_menu = '$au_menu', au_menu = '$au_menu',
au_auth = '{$post_r},{$post_w},{$post_d}' "; au_auth = '{$post_r},{$post_w},{$post_d}' ";
$result = sql_query($sql, FALSE); $result = sql_query($sql, false);
if (!$result) { if (!$result) {
$sql = " update {$g5['auth_table']} $sql = " update {$g5['auth_table']}
set au_auth = '{$post_r},{$post_w},{$post_d}' set au_auth = '{$post_r},{$post_w},{$post_d}'
@ -39,15 +41,15 @@ if (!$result) {
//sql_query(" OPTIMIZE TABLE `$g5['auth_table']` "); //sql_query(" OPTIMIZE TABLE `$g5['auth_table']` ");
// 세션을 체크하여 하루에 한번만 메일알림이 가게 합니다. // 세션을 체크하여 하루에 한번만 메일알림이 가게 합니다.
if( str_replace('-', '', G5_TIME_YMD) !== get_session('adm_auth_update') ){ if (str_replace('-', '', G5_TIME_YMD) !== get_session('adm_auth_update')) {
$site_url = preg_replace('/^www\./', '', strtolower($_SERVER['SERVER_NAME'])); $site_url = preg_replace('/^www\./', '', strtolower($_SERVER['SERVER_NAME']));
$to_email = 'gnuboard@'.$site_url; $to_email = 'gnuboard@' . $site_url;
mailer($config['cf_admin_email_name'], $to_email, $config['cf_admin_email'], '['.$config['cf_title'].'] 관리권한설정 알림', '<p><b>['.$config['cf_title'].'] 관리권한설정 변경 안내</b></p><p style="padding-top:1em">회원 아이디 '.$mb['mb_id'].' 에 관리권한이 추가 되었습니다.</p><p style="padding-top:1em">'.G5_TIME_YMDHIS.'</p><p style="padding-top:1em"><a href="'.G5_URL.'" target="_blank">'.$config['cf_title'].'</a></p>', 1); mailer($config['cf_admin_email_name'], $to_email, $config['cf_admin_email'], '[' . $config['cf_title'] . '] 관리권한설정 알림', '<p><b>[' . $config['cf_title'] . '] 관리권한설정 변경 안내</b></p><p style="padding-top:1em">회원 아이디 ' . $mb['mb_id'] . ' 에 관리권한이 추가 되었습니다.</p><p style="padding-top:1em">' . G5_TIME_YMDHIS . '</p><p style="padding-top:1em"><a href="' . G5_URL . '" target="_blank">' . $config['cf_title'] . '</a></p>', 1);
set_session('adm_auth_update', str_replace('-', '', G5_TIME_YMD)); set_session('adm_auth_update', str_replace('-', '', G5_TIME_YMD));
} }
run_event('adm_auth_update', $mb); run_event('adm_auth_update', $mb);
goto_url('./auth_list.php?'.$qstr); goto_url('./auth_list.php?' . $qstr);

119
adm/board_copy.php
View File

@ -1,11 +1,16 @@
<?php <?php
$sub_menu = "300100"; $sub_menu = "300100";
include_once("./_common.php"); require_once "./_common.php";
auth_check_menu($auth, $sub_menu, 'w'); auth_check_menu($auth, $sub_menu, 'w');
$g5['title'] = '게시판 복사'; $g5['title'] = '게시판 복사';
include_once(G5_PATH.'/head.sub.php'); require_once G5_PATH . '/head.sub.php';
$bo_table = $_REQUEST['bo_table'];
if (empty($bo_table)) {
alert_close("정상적인 방법으로 이용해주세요.");
}
?> ?>
<script src="<?php echo G5_ADMIN_URL ?>/admin.js?ver=<?php echo G5_JS_VER; ?>"></script> <script src="<?php echo G5_ADMIN_URL ?>/admin.js?ver=<?php echo G5_JS_VER; ?>"></script>
@ -14,72 +19,72 @@ include_once(G5_PATH.'/head.sub.php');
<h1><?php echo $g5['title']; ?></h1> <h1><?php echo $g5['title']; ?></h1>
<form name="fboardcopy" id="fboardcopy" action="./board_copy_update.php" onsubmit="return fboardcopy_check(this);" method="post"> <form name="fboardcopy" id="fboardcopy" action="./board_copy_update.php" onsubmit="return fboardcopy_check(this);" method="post">
<input type="hidden" name="bo_table" value="<?php echo $bo_table ?>" id="bo_table"> <input type="hidden" name="bo_table" value="<?php echo $bo_table ?>" id="bo_table">
<input type="hidden" name="token" value=""> <input type="hidden" name="token" value="">
<div class=" new_win_con"> <div class=" new_win_con">
<div class="tbl_frm01 tbl_wrap"> <div class="tbl_frm01 tbl_wrap">
<table> <table>
<caption><?php echo $g5['title']; ?></caption> <caption><?php echo $g5['title']; ?></caption>
<tbody> <tbody>
<tr> <tr>
<th scope="col">원본 테이블명</th> <th scope="col">원본 테이블명</th>
<td><?php echo $bo_table ?></td> <td><?php echo $bo_table ?></td>
</tr> </tr>
<tr> <tr>
<th scope="col"><label for="target_table">복사 테이블명<strong class="sound_only">필수</strong></label></th> <th scope="col"><label for="target_table">복사 테이블명<strong class="sound_only">필수</strong></label></th>
<td><input type="text" name="target_table" id="target_table" required class="required alnum_ frm_input" maxlength="20">영문자, 숫자, _ 만 가능 (공백없이)</td> <td><input type="text" name="target_table" id="target_table" required class="required alnum_ frm_input" maxlength="20">영문자, 숫자, _ 만 가능 (공백없이)</td>
</tr> </tr>
<tr> <tr>
<th scope="col"><label for="target_subject">게시판 제목<strong class="sound_only">필수</strong></label></th> <th scope="col"><label for="target_subject">게시판 제목<strong class="sound_only">필수</strong></label></th>
<td><input type="text" name="target_subject" value="[복사본] <?php echo get_sanitize_input($board['bo_subject']); ?>" id="target_subject" required class="required frm_input" maxlength="120"></td> <td><input type="text" name="target_subject" value="[복사본] <?php echo get_sanitize_input($board['bo_subject']); ?>" id="target_subject" required class="required frm_input" maxlength="120"></td>
</tr> </tr>
<tr> <tr>
<th scope="col">복사 유형</th> <th scope="col">복사 유형</th>
<td> <td>
<input type="radio" name="copy_case" value="schema_only" id="copy_case" checked> <input type="radio" name="copy_case" value="schema_only" id="copy_case" checked>
<label for="copy_case">구조만</label> <label for="copy_case">구조만</label>
<input type="radio" name="copy_case" value="schema_data_both" id="copy_case2"> <input type="radio" name="copy_case" value="schema_data_both" id="copy_case2">
<label for="copy_case2">구조와 데이터</label> <label for="copy_case2">구조와 데이터</label>
</td> </td>
</tr> </tr>
</tbody> </tbody>
</table> </table>
</div>
</div>
<div class="win_btn ">
<input type="submit" class="btn_submit btn" value="복사">
<input type="button" class="btn_close btn" value="창닫기" onclick="window.close();">
</div> </div>
</div>
<div class="win_btn ">
<input type="submit" class="btn_submit btn" value="복사">
<input type="button" class="btn_close btn" value="창닫기" onclick="window.close();">
</div>
</form> </form>
</div> </div>
<script> <script>
function fboardcopy_check(f) function fboardcopy_check(f) {
{ <?php
<?php
if(!$w){
$js_array = get_bo_table_banned_word();
echo "var banned_array = ". json_encode($js_array) . ";\n";
}
?>
// 게시판명이 금지된 단어로 되어 있으면 if (!$w) {
if( (typeof banned_array != 'undefined') && jQuery.inArray(f.target_table.value, banned_array) !== -1 ){ $js_array = get_bo_table_banned_word();
alert("입력한 게시판 TABLE명을 사용할수 없습니다. 다른 이름으로 입력해 주세요."); echo "var banned_array = " . json_encode($js_array) . ";\n";
return false; }
} ?>
if (f.bo_table.value == f.target_table.value) { // 게시판명이 금지된 단어로 되어 있으면
alert("원본 테이블명과 복사할 테이블명이 달라야 합니다."); if ((typeof banned_array != 'undefined') && jQuery.inArray(f.target_table.value, banned_array) !== -1) {
return false; alert("입력한 게시판 TABLE명을 사용할수 없습니다. 다른 이름으로 입력해 주세요.");
} return false;
}
return true; if (f.bo_table.value == f.target_table.value) {
} alert("원본 테이블명과 복사할 테이블명이 달라야 합니다.");
return false;
}
return true;
}
</script> </script>
<?php <?php
include_once(G5_PATH.'/tail.sub.php'); require_once G5_PATH . '/tail.sub.php';

123
adm/board_copy_update.php
View File

@ -1,6 +1,6 @@
<?php <?php
$sub_menu = '300100'; $sub_menu = '300100';
include_once('./_common.php'); require_once './_common.php';
check_demo(); check_demo();
@ -8,31 +8,37 @@ auth_check_menu($auth, $sub_menu, 'w');
check_admin_token(); check_admin_token();
$bo_table = isset($_POST['bo_table']) ? $_POST['bo_table'] : null;
$target_table = isset($_POST['target_table']) ? trim($_POST['target_table']) : ''; $target_table = isset($_POST['target_table']) ? trim($_POST['target_table']) : '';
$target_subject = isset($_POST['target_subject']) ? trim($_POST['target_subject']) : ''; $target_subject = isset($_POST['target_subject']) ? trim($_POST['target_subject']) : '';
$target_subject = strip_tags(clean_xss_attributes($target_subject)); $target_subject = strip_tags(clean_xss_attributes($target_subject));
$file_copy = array();
if (empty($bo_table)) {
alert("원본 테이블 정보가 없습니다.");
}
if (!preg_match('/[A-Za-z0-9_]{1,20}/', $target_table)) { if (!preg_match('/[A-Za-z0-9_]{1,20}/', $target_table)) {
alert('게시판 TABLE명은 공백없이 영문자, 숫자, _ 만 사용 가능합니다. (20자 이내)'); alert('게시판 TABLE명은 공백없이 영문자, 숫자, _ 만 사용 가능합니다. (20자 이내)');
} }
// 게시판명이 금지된 단어로 되어 있으면 // 게시판명이 금지된 단어로 되어 있으면
if ( $w == '' && in_array($target_table, get_bo_table_banned_word()) ){ if ($w == '' && in_array($target_table, get_bo_table_banned_word())) {
alert('입력한 게시판 TABLE명을 사용할수 없습니다. 다른 이름으로 입력해 주세요.'); alert('입력한 게시판 TABLE명을 사용할수 없습니다. 다른 이름으로 입력해 주세요.');
} }
$row = sql_fetch(" select count(*) as cnt from {$g5['board_table']} where bo_table = '$target_table' "); $row = sql_fetch(" select count(*) as cnt from {$g5['board_table']} where bo_table = '$target_table' ");
if ($row['cnt']) if ($row['cnt']) {
alert($target_table.'은(는) 이미 존재하는 게시판 테이블명 입니다.\\n복사할 테이블명으로 사용할 수 없습니다.'); alert($target_table . '은(는) 이미 존재하는 게시판 테이블명 입니다.\\n복사할 테이블명으로 사용할 수 없습니다.');
}
// 게시판 테이블 생성 // 게시판 테이블 생성
$sql = get_table_define($g5['write_prefix'] . $bo_table); $sql = get_table_define($g5['write_prefix'] . $bo_table);
$sql = str_replace($g5['write_prefix'] . $bo_table, $g5['write_prefix'] . $target_table, $sql); $sql = str_replace($g5['write_prefix'] . $bo_table, $g5['write_prefix'] . $target_table, $sql);
sql_query($sql, false); sql_query($sql, false);
$file_copy = array();
// 구조만 복사시에는 공지사항 번호는 복사하지 않는다. // 구조만 복사시에는 공지사항 번호는 복사하지 않는다.
if ($copy_case == 'schema_only') { if ($copy_case == 'schema_only') {
$board['bo_notice'] = ''; $board['bo_notice'] = '';
@ -87,11 +93,11 @@ $sql = " insert into {$g5['board_table']}
bo_mobile_skin = '{$board['bo_mobile_skin']}', bo_mobile_skin = '{$board['bo_mobile_skin']}',
bo_include_head = '{$board['bo_include_head']}', bo_include_head = '{$board['bo_include_head']}',
bo_include_tail = '{$board['bo_include_tail']}', bo_include_tail = '{$board['bo_include_tail']}',
bo_content_head = '".addslashes($board['bo_content_head'])."', bo_content_head = '" . addslashes($board['bo_content_head']) . "',
bo_content_tail = '".addslashes($board['bo_content_tail'])."', bo_content_tail = '" . addslashes($board['bo_content_tail']) . "',
bo_mobile_content_head = '".addslashes($board['bo_mobile_content_head'])."', bo_mobile_content_head = '" . addslashes($board['bo_mobile_content_head']) . "',
bo_mobile_content_tail = '".addslashes($board['bo_mobile_content_tail'])."', bo_mobile_content_tail = '" . addslashes($board['bo_mobile_content_tail']) . "',
bo_insert_content = '".addslashes($board['bo_insert_content'])."', bo_insert_content = '" . addslashes($board['bo_insert_content']) . "',
bo_gallery_cols = '{$board['bo_gallery_cols']}', bo_gallery_cols = '{$board['bo_gallery_cols']}',
bo_gallery_width = '{$board['bo_gallery_width']}', bo_gallery_width = '{$board['bo_gallery_width']}',
bo_gallery_height = '{$board['bo_gallery_height']}', bo_gallery_height = '{$board['bo_gallery_height']}',
@ -108,34 +114,34 @@ $sql = " insert into {$g5['board_table']}
bo_use_sns = '{$board['bo_use_sns']}', bo_use_sns = '{$board['bo_use_sns']}',
bo_use_captcha = '{$board['bo_use_captcha']}', bo_use_captcha = '{$board['bo_use_captcha']}',
bo_sort_field = '{$board['bo_sort_field']}', bo_sort_field = '{$board['bo_sort_field']}',
bo_1_subj = '".addslashes($board['bo_1_subj'])."', bo_1_subj = '" . addslashes($board['bo_1_subj']) . "',
bo_2_subj = '".addslashes($board['bo_2_subj'])."', bo_2_subj = '" . addslashes($board['bo_2_subj']) . "',
bo_3_subj = '".addslashes($board['bo_3_subj'])."', bo_3_subj = '" . addslashes($board['bo_3_subj']) . "',
bo_4_subj = '".addslashes($board['bo_4_subj'])."', bo_4_subj = '" . addslashes($board['bo_4_subj']) . "',
bo_5_subj = '".addslashes($board['bo_5_subj'])."', bo_5_subj = '" . addslashes($board['bo_5_subj']) . "',
bo_6_subj = '".addslashes($board['bo_6_subj'])."', bo_6_subj = '" . addslashes($board['bo_6_subj']) . "',
bo_7_subj = '".addslashes($board['bo_7_subj'])."', bo_7_subj = '" . addslashes($board['bo_7_subj']) . "',
bo_8_subj = '".addslashes($board['bo_8_subj'])."', bo_8_subj = '" . addslashes($board['bo_8_subj']) . "',
bo_9_subj = '".addslashes($board['bo_9_subj'])."', bo_9_subj = '" . addslashes($board['bo_9_subj']) . "',
bo_10_subj = '".addslashes($board['bo_10_subj'])."', bo_10_subj = '" . addslashes($board['bo_10_subj']) . "',
bo_1 = '".addslashes($board['bo_1'])."', bo_1 = '" . addslashes($board['bo_1']) . "',
bo_2 = '".addslashes($board['bo_2'])."', bo_2 = '" . addslashes($board['bo_2']) . "',
bo_3 = '".addslashes($board['bo_3'])."', bo_3 = '" . addslashes($board['bo_3']) . "',
bo_4 = '".addslashes($board['bo_4'])."', bo_4 = '" . addslashes($board['bo_4']) . "',
bo_5 = '".addslashes($board['bo_5'])."', bo_5 = '" . addslashes($board['bo_5']) . "',
bo_6 = '".addslashes($board['bo_6'])."', bo_6 = '" . addslashes($board['bo_6']) . "',
bo_7 = '".addslashes($board['bo_7'])."', bo_7 = '" . addslashes($board['bo_7']) . "',
bo_8 = '".addslashes($board['bo_8'])."', bo_8 = '" . addslashes($board['bo_8']) . "',
bo_9 = '".addslashes($board['bo_9'])."', bo_9 = '" . addslashes($board['bo_9']) . "',
bo_10 = '".addslashes($board['bo_10'])."' "; bo_10 = '" . addslashes($board['bo_10']) . "' ";
sql_query($sql, false); sql_query($sql, false);
// 게시판 폴더 생성 // 게시판 폴더 생성
@mkdir(G5_DATA_PATH.'/file/'.$target_table, G5_DIR_PERMISSION); @mkdir(G5_DATA_PATH . '/file/' . $target_table, G5_DIR_PERMISSION);
@chmod(G5_DATA_PATH.'/file/'.$target_table, G5_DIR_PERMISSION); @chmod(G5_DATA_PATH . '/file/' . $target_table, G5_DIR_PERMISSION);
// 디렉토리에 있는 파일의 목록을 보이지 않게 한다. // 디렉토리에 있는 파일의 목록을 보이지 않게 한다.
$board_path = G5_DATA_PATH.'/file/'.$target_table; $board_path = G5_DATA_PATH . '/file/' . $target_table;
$file = $board_path . '/index.php'; $file = $board_path . '/index.php';
$f = @fopen($file, 'w'); $f = @fopen($file, 'w');
@fwrite($f, ''); @fwrite($f, '');
@ -144,31 +150,34 @@ $f = @fopen($file, 'w');
$copy_file = 0; $copy_file = 0;
if ($copy_case == 'schema_data_both') { if ($copy_case == 'schema_data_both') {
$d = dir(G5_DATA_PATH.'/file/'.$bo_table); $d = dir(G5_DATA_PATH . '/file/' . $bo_table);
while ($entry = $d->read()) { while ($entry = $d->read()) {
if ($entry == '.' || $entry == '..') continue; if ($entry == '.' || $entry == '..') {
continue;
}
// 김선용 201007 : // 김선용 201007 :
if(is_dir(G5_DATA_PATH.'/file/'.$bo_table.'/'.$entry)){ if (is_dir(G5_DATA_PATH . '/file/' . $bo_table . '/' . $entry)) {
$dd = dir(G5_DATA_PATH.'/file/'.$bo_table.'/'.$entry); $dd = dir(G5_DATA_PATH . '/file/' . $bo_table . '/' . $entry);
@mkdir(G5_DATA_PATH.'/file/'.$target_table.'/'.$entry, G5_DIR_PERMISSION); @mkdir(G5_DATA_PATH . '/file/' . $target_table . '/' . $entry, G5_DIR_PERMISSION);
@chmod(G5_DATA_PATH.'/file/'.$target_table.'/'.$entry, G5_DIR_PERMISSION); @chmod(G5_DATA_PATH . '/file/' . $target_table . '/' . $entry, G5_DIR_PERMISSION);
while ($entry2 = $dd->read()) { while ($entry2 = $dd->read()) {
if ($entry2 == '.' || $entry2 == '..') continue; if ($entry2 == '.' || $entry2 == '..') {
@copy(G5_DATA_PATH.'/file/'.$bo_table.'/'.$entry.'/'.$entry2, G5_DATA_PATH.'/file/'.$target_table.'/'.$entry.'/'.$entry2); continue;
@chmod(G5_DATA_PATH.'/file/'.$target_table.'/'.$entry.'/'.$entry2, G5_DIR_PERMISSION); }
@copy(G5_DATA_PATH . '/file/' . $bo_table . '/' . $entry . '/' . $entry2, G5_DATA_PATH . '/file/' . $target_table . '/' . $entry . '/' . $entry2);
@chmod(G5_DATA_PATH . '/file/' . $target_table . '/' . $entry . '/' . $entry2, G5_DIR_PERMISSION);
$copy_file++; $copy_file++;
} }
$dd->close(); $dd->close();
} } else {
else { @copy(G5_DATA_PATH . '/file/' . $bo_table . '/' . $entry, G5_DATA_PATH . '/file/' . $target_table . '/' . $entry);
@copy(G5_DATA_PATH.'/file/'.$bo_table.'/'.$entry, G5_DATA_PATH.'/file/'.$target_table.'/'.$entry); @chmod(G5_DATA_PATH . '/file/' . $target_table . '/' . $entry, G5_DIR_PERMISSION);
@chmod(G5_DATA_PATH.'/file/'.$target_table.'/'.$entry, G5_DIR_PERMISSION);
$copy_file++; $copy_file++;
} }
} }
$d->close(); $d->close();
run_event('admin_board_copy_file', $bo_table, $target_table); run_event('admin_board_copy_file', $bo_table, $target_table);
// 글복사 // 글복사
@ -185,26 +194,26 @@ if ($copy_case == 'schema_data_both') {
// 위의 코드는 같은 테이블명을 사용하였다는 오류가 발생함. (희한하네 ㅡㅡ;) // 위의 코드는 같은 테이블명을 사용하였다는 오류가 발생함. (희한하네 ㅡㅡ;)
$sql = " select * from {$g5['board_file_table']} where bo_table = '$bo_table' "; $sql = " select * from {$g5['board_file_table']} where bo_table = '$bo_table' ";
$result = sql_query($sql, false); $result = sql_query($sql, false);
for ($i=0; $row=sql_fetch_array($result); $i++) for ($i = 0; $row = sql_fetch_array($result); $i++) {
$file_copy[$i] = $row; $file_copy[$i] = $row;
}
} }
if (count($file_copy)) { if (count($file_copy)) {
for ($i=0; $i<count($file_copy); $i++) { for ($i = 0; $i < count($file_copy); $i++) {
$file_copy[$i] = run_replace('admin_copy_update_file', $file_copy[$i], $file_copy[$i]['bf_file'], $bo_table, $target_table); $file_copy[$i] = run_replace('admin_copy_update_file', $file_copy[$i], $file_copy[$i]['bf_file'], $bo_table, $target_table);
$sql = " insert into {$g5['board_file_table']} $sql = " insert into {$g5['board_file_table']}
set bo_table = '$target_table', set bo_table = '$target_table',
wr_id = '{$file_copy[$i]['wr_id']}', wr_id = '{$file_copy[$i]['wr_id']}',
bf_no = '{$file_copy[$i]['bf_no']}', bf_no = '{$file_copy[$i]['bf_no']}',
bf_source = '".addslashes($file_copy[$i]['bf_source'])."', bf_source = '" . addslashes($file_copy[$i]['bf_source']) . "',
bf_file = '{$file_copy[$i]['bf_file']}', bf_file = '{$file_copy[$i]['bf_file']}',
bf_download = '{$file_copy[$i]['bf_download']}', bf_download = '{$file_copy[$i]['bf_download']}',
bf_content = '".addslashes($file_copy[$i]['bf_content'])."', bf_content = '" . addslashes($file_copy[$i]['bf_content']) . "',
bf_fileurl = '".addslashes($file_copy[$i]['bf_fileurl'])."', bf_fileurl = '" . addslashes($file_copy[$i]['bf_fileurl']) . "',
bf_thumburl = '".addslashes($file_copy[$i]['bf_thumburl'])."', bf_thumburl = '" . addslashes($file_copy[$i]['bf_thumburl']) . "',
bf_storage = '".addslashes($file_copy[$i]['bf_storage'])."', bf_storage = '" . addslashes($file_copy[$i]['bf_storage']) . "',
bf_filesize = '{$file_copy[$i]['bf_filesize']}', bf_filesize = '{$file_copy[$i]['bf_filesize']}',
bf_width = '{$file_copy[$i]['bf_width']}', bf_width = '{$file_copy[$i]['bf_width']}',
bf_height = '{$file_copy[$i]['bf_height']}', bf_height = '{$file_copy[$i]['bf_height']}',
@ -220,4 +229,4 @@ delete_cache_latest($target_table);
echo "<script>opener.document.location.reload();</script>"; echo "<script>opener.document.location.reload();</script>";
alert("복사에 성공 했습니다.", './board_copy.php?bo_table='.$bo_table.'&amp;'.$qstr); alert("복사에 성공 했습니다.", './board_copy.php?bo_table=' . $bo_table . '&amp;' . $qstr);

17
adm/board_delete.inc.php
View File

@ -1,11 +1,18 @@
<?php <?php
// board_delete.php , boardgroup_delete.php 에서 include 하는 파일 // board_delete.php , boardgroup_delete.php 에서 include 하는 파일
if (!defined('_GNUBOARD_')) exit; // 개별 페이지 접근 불가
if (!defined('_BOARD_DELETE_')) exit; // 개별 페이지 접근 불가 if (!defined('_GNUBOARD_')) {
exit;
}
if (!defined('_BOARD_DELETE_')) {
exit;
}
// $tmp_bo_table 에는 $bo_table 값을 넘겨주어야 함 // $tmp_bo_table 에는 $bo_table 값을 넘겨주어야 함
if (!$tmp_bo_table) { return; } if (!$tmp_bo_table) {
return;
}
// 게시판 1개는 삭제 불가 (게시판 복사를 위해서) // 게시판 1개는 삭제 불가 (게시판 복사를 위해서)
//$row = sql_fetch(" select count(*) as cnt from $g5['board_table'] "); //$row = sql_fetch(" select count(*) as cnt from $g5['board_table'] ");
@ -24,7 +31,7 @@ sql_query(" delete from {$g5['scrap_table']} where bo_table = '{$tmp_bo_table}'
sql_query(" delete from {$g5['board_file_table']} where bo_table = '{$tmp_bo_table}' "); sql_query(" delete from {$g5['board_file_table']} where bo_table = '{$tmp_bo_table}' ");
// 게시판 테이블 DROP // 게시판 테이블 DROP
sql_query(" drop table {$g5['write_prefix']}{$tmp_bo_table} ", FALSE); sql_query(" drop table {$g5['write_prefix']}{$tmp_bo_table} ", false);
// 좋아요 테이블에서 기록 삭제 // 좋아요 테이블에서 기록 삭제
sql_query(" delete from {$g5['board_good_table']} where bo_table = '{$tmp_bo_table}' "); sql_query(" delete from {$g5['board_good_table']} where bo_table = '{$tmp_bo_table}' ");
@ -32,4 +39,4 @@ sql_query(" delete from {$g5['board_good_table']} where bo_table = '{$tmp_bo_tab
delete_cache_latest($tmp_bo_table); delete_cache_latest($tmp_bo_table);
// 게시판 폴더 전체 삭제 // 게시판 폴더 전체 삭제
rm_rf(G5_DATA_PATH.'/file/'.$tmp_bo_table); rm_rf(G5_DATA_PATH . '/file/' . $tmp_bo_table);

70
adm/board_form.php
View File

@ -1,14 +1,15 @@
<?php <?php
$sub_menu = "300100"; $sub_menu = "300100";
include_once('./_common.php'); require_once './_common.php';
include_once(G5_EDITOR_LIB); require_once G5_EDITOR_LIB;
auth_check_menu($auth, $sub_menu, 'w'); auth_check_menu($auth, $sub_menu, 'w');
$sql = " select count(*) as cnt from {$g5['group_table']} "; $sql = " select count(*) as cnt from {$g5['group_table']} ";
$row = sql_fetch($sql); $row = sql_fetch($sql);
if (!$row['cnt']) if (!$row['cnt']) {
alert('게시판그룹이 한개 이상 생성되어야 합니다.', './boardgroup_form.php'); alert('게시판그룹이 한개 이상 생성되어야 합니다.', './boardgroup_form.php');
}
$html_title = '게시판'; $html_title = '게시판';
@ -50,15 +51,17 @@ if (!isset($board['bo_use_sns'])) {
$result = sql_query(" select bo_table from `{$g5['board_table']}` "); $result = sql_query(" select bo_table from `{$g5['board_table']}` ");
for ($i=0; $row=sql_fetch_array($result); $i++) { for ($i=0; $row=sql_fetch_array($result); $i++) {
sql_query(" ALTER TABLE `{$g5['write_prefix']}{$row['bo_table']}` sql_query(
" ALTER TABLE `{$g5['write_prefix']}{$row['bo_table']}`
ADD `wr_facebook_user` VARCHAR(255) NOT NULL DEFAULT '' AFTER `wr_ip`, ADD `wr_facebook_user` VARCHAR(255) NOT NULL DEFAULT '' AFTER `wr_ip`,
ADD `wr_twitter_user` VARCHAR(255) NOT NULL DEFAULT '' AFTER `wr_facebook_user` ", false); ADD `wr_twitter_user` VARCHAR(255) NOT NULL DEFAULT '' AFTER `wr_facebook_user` ", false
);
} }
} }
$sql = " SHOW COLUMNS FROM `{$g5['board_table']}` LIKE 'bo_use_cert' "; $sql = " SHOW COLUMNS FROM `{$g5['board_table']}` LIKE 'bo_use_cert' ";
$row = sql_fetch($sql); $row = sql_fetch($sql);
if(strpos($row['Type'], 'hp-') === false) { if (strpos($row['Type'], 'hp-') === false) {
sql_query(" ALTER TABLE `{$g5['board_table']}` CHANGE `bo_use_cert` `bo_use_cert` ENUM('','cert','adult','hp-cert','hp-adult') NOT NULL DEFAULT '' ", false); sql_query(" ALTER TABLE `{$g5['board_table']}` CHANGE `bo_use_cert` `bo_use_cert` ENUM('','cert','adult','hp-cert','hp-adult') NOT NULL DEFAULT '' ", false);
} }
@ -67,8 +70,10 @@ if (!isset($board['bo_use_list_file'])) {
$result = sql_query(" select bo_table from `{$g5['board_table']}` "); $result = sql_query(" select bo_table from `{$g5['board_table']}` ");
for ($i=0; $row=sql_fetch_array($result); $i++) { for ($i=0; $row=sql_fetch_array($result); $i++) {
sql_query(" ALTER TABLE `{$g5['write_prefix']}{$row['bo_table']}` sql_query(
ADD `wr_file` TINYINT NOT NULL DEFAULT '0' AFTER `wr_datetime` ", false); " ALTER TABLE `{$g5['write_prefix']}{$row['bo_table']}`
ADD `wr_file` TINYINT NOT NULL DEFAULT '0' AFTER `wr_datetime` ", false
);
} }
} }
@ -128,7 +133,7 @@ $board_default = array(
'bo_sort_field'=>'', 'bo_sort_field'=>'',
); );
for($i=0;$i<=10;$i++){ for ($i = 0; $i <= 10; $i++) {
$board_default['bo_'.$i.'_subj'] = ''; $board_default['bo_'.$i.'_subj'] = '';
$board_default['bo_'.$i] = ''; $board_default['bo_'.$i] = '';
} }
@ -142,7 +147,6 @@ $readonly = "";
$sound_only = ""; $sound_only = "";
$required_valid = ""; $required_valid = "";
if ($w == '') { if ($w == '') {
$html_title .= ' 생성'; $html_title .= ' 생성';
$required = 'required'; $required = 'required';
@ -179,21 +183,20 @@ if ($w == '') {
$board['bo_use_secret'] = 0; $board['bo_use_secret'] = 0;
$board['bo_include_head'] = '_head.php'; $board['bo_include_head'] = '_head.php';
$board['bo_include_tail'] = '_tail.php'; $board['bo_include_tail'] = '_tail.php';
} elseif ($w == 'u') {
} else if ($w == 'u') {
$html_title .= ' 수정'; $html_title .= ' 수정';
if (!$board['bo_table']) if (!$board['bo_table']) {
alert('존재하지 않은 게시판 입니다.'); alert('존재하지 않은 게시판 입니다.');
}
if ($is_admin == 'group') { if ($is_admin == 'group') {
if ($member['mb_id'] != $group['gr_admin']) if ($member['mb_id'] != $group['gr_admin']) {
alert('그룹이 틀립니다.'); alert('그룹이 틀립니다.');
}
} }
$readonly = 'readonly'; $readonly = 'readonly';
} }
if ($is_admin != 'super') { if ($is_admin != 'super') {
@ -202,7 +205,7 @@ if ($is_admin != 'super') {
} }
$g5['title'] = $html_title; $g5['title'] = $html_title;
include_once ('./admin.head.php'); require_once './admin.head.php';
$pg_anchor = '<ul class="anchor"> $pg_anchor = '<ul class="anchor">
<li><a href="#anc_bo_basic">기본 설정</a></li> <li><a href="#anc_bo_basic">기본 설정</a></li>
@ -253,7 +256,9 @@ $pg_anchor = '<ul class="anchor">
<th scope="row"><label for="gr_id">그룹<strong class="sound_only">필수</strong></label></th> <th scope="row"><label for="gr_id">그룹<strong class="sound_only">필수</strong></label></th>
<td colspan="2"> <td colspan="2">
<?php echo get_group_select('gr_id', $board['gr_id'], 'required'); ?> <?php echo get_group_select('gr_id', $board['gr_id'], 'required'); ?>
<?php if ($w=='u') { ?><a href="javascript:document.location.href='./board_list.php?sfl=a.gr_id&stx='+document.fboardform.gr_id.value;" class="btn_frmline">동일그룹 게시판목록</a><?php } ?> <?php if ($w=='u') { ?>
<a href="javascript:document.location.href='./board_list.php?sfl=a.gr_id&stx='+document.fboardform.gr_id.value;" class="btn_frmline">동일그룹 게시판목록</a>
<?php } ?>
</td> </td>
</tr> </tr>
<tr> <tr>
@ -548,7 +553,9 @@ $pg_anchor = '<ul class="anchor">
<?php <?php
$arr = get_skin_dir('', G5_EDITOR_PATH); $arr = get_skin_dir('', G5_EDITOR_PATH);
for ($i=0; $i<count($arr); $i++) { for ($i=0; $i<count($arr); $i++) {
if ($i == 0) echo "<option value=\"\">기본환경설정의 에디터 사용</option>"; if ($i == 0) {
echo "<option value=\"\">기본환경설정의 에디터 사용</option>";
}
echo "<option value=\"".$arr[$i]."\"".get_selected($board['bo_select_editor'], $arr[$i]).">".$arr[$i]."</option>\n"; echo "<option value=\"".$arr[$i]."\"".get_selected($board['bo_select_editor'], $arr[$i]).">".$arr[$i]."</option>\n";
} }
?> ?>
@ -701,9 +708,9 @@ $pg_anchor = '<ul class="anchor">
<?php echo help("본인확인 여부에 따라 게시물을 조회 할 수 있도록 합니다."); ?> <?php echo help("본인확인 여부에 따라 게시물을 조회 할 수 있도록 합니다."); ?>
<select id="bo_use_cert" name="bo_use_cert"> <select id="bo_use_cert" name="bo_use_cert">
<?php <?php
echo option_selected("", $board['bo_use_cert'], "사용안함"); echo option_selected("", $board['bo_use_cert'], "사용안함");
if ($config['cf_cert_use']) { if ($config['cf_cert_use']) {
echo option_selected("cert", $board['bo_use_cert'], "본인확인된 회원전체"); echo option_selected("cert", $board['bo_use_cert'], "본인확인된 회원전체");
echo option_selected("adult", $board['bo_use_cert'], "본인확인된 성인회원만"); echo option_selected("adult", $board['bo_use_cert'], "본인확인된 성인회원만");
} }
?> ?>
@ -903,7 +910,7 @@ $pg_anchor = '<ul class="anchor">
<label for="chk_all_mobile_skin">전체적용</label> <label for="chk_all_mobile_skin">전체적용</label>
</td> </td>
</tr> </tr>
<?php if ($is_admin === 'super'){ // 슈퍼관리자인 경우에만 수정 가능 ?> <?php if ($is_admin === 'super') { // 슈퍼관리자인 경우에만 수정 가능 ?>
<tr> <tr>
<th scope="row"><label for="bo_include_head">상단 파일 경로</label></th> <th scope="row"><label for="bo_include_head">상단 파일 경로</label></th>
<td> <td>
@ -934,7 +941,7 @@ $pg_anchor = '<ul class="anchor">
<?php <?php
echo help("파일 경로를 입력 또는 수정시 캡챠를 반드시 입력해야 합니다."); echo help("파일 경로를 입력 또는 수정시 캡챠를 반드시 입력해야 합니다.");
include_once(G5_CAPTCHA_PATH.'/captcha.lib.php'); include_once G5_CAPTCHA_PATH.'/captcha.lib.php';
$captcha_html = captcha_html(); $captcha_html = captcha_html();
$captcha_js = chk_captcha_js(); $captcha_js = chk_captcha_js();
echo $captcha_html; echo $captcha_html;
@ -1192,17 +1199,16 @@ $pg_anchor = '<ul class="anchor">
<td> <td>
<?php echo help('리스트에서 기본으로 정렬에 사용할 필드를 선택합니다. "기본"으로 사용하지 않으시는 경우 속도가 느려질 수 있습니다.') ?> <?php echo help('리스트에서 기본으로 정렬에 사용할 필드를 선택합니다. "기본"으로 사용하지 않으시는 경우 속도가 느려질 수 있습니다.') ?>
<select id="bo_sort_field" name="bo_sort_field"> <select id="bo_sort_field" name="bo_sort_field">
<?php foreach( get_board_sort_fields($board) as $v ){ <?php foreach (get_board_sort_fields($board) as $v) {
$option_value = $order_by_str = $v[0]; $option_value = $order_by_str = $v[0];
if( $v[0] === 'wr_num, wr_reply' ){ if ($v[0] === 'wr_num, wr_reply') {
$selected = (! $board['bo_sort_field']) ? 'selected="selected"' : ''; $selected = (! $board['bo_sort_field']) ? 'selected="selected"' : '';
$option_value = ''; $option_value = '';
} else { } else {
$selected = ($board['bo_sort_field'] === $v[0]) ? 'selected="selected"' : ''; $selected = ($board['bo_sort_field'] === $v[0]) ? 'selected="selected"' : '';
} }
if( $order_by_str !== 'wr_num, wr_reply' ){ if ($order_by_str !== 'wr_num, wr_reply') {
$tmp = explode(',', $v[0]); $tmp = explode(',', $v[0]);
$order_by_str = $tmp[0]; $order_by_str = $tmp[0];
} }
@ -1335,7 +1341,7 @@ $pg_anchor = '<ul class="anchor">
<div class="btn_fixed_top"> <div class="btn_fixed_top">
<?php if( $bo_table && $w ){ ?> <?php if ($bo_table && $w) { ?>
<a href="./board_copy.php?bo_table=<?php echo $board['bo_table']; ?>" id="board_copy" target="win_board_copy" class=" btn_02 btn">게시판복사</a> <a href="./board_copy.php?bo_table=<?php echo $board['bo_table']; ?>" id="board_copy" target="win_board_copy" class=" btn_02 btn">게시판복사</a>
<a href="<?php echo get_pretty_url($board['bo_table']); ?>" class=" btn_02 btn">게시판 바로가기</a> <a href="<?php echo get_pretty_url($board['bo_table']); ?>" class=" btn_02 btn">게시판 바로가기</a>
<a href="./board_thumbnail_delete.php?bo_table=<?php echo $board['bo_table'].'&amp;'.$qstr;?>" onclick="return delete_confirm2('게시판 썸네일 파일을 삭제하시겠습니까?');" class="btn_02 btn">게시판 썸네일 삭제</a> <a href="./board_thumbnail_delete.php?bo_table=<?php echo $board['bo_table'].'&amp;'.$qstr;?>" onclick="return delete_confirm2('게시판 썸네일 파일을 삭제하시겠습니까?');" class="btn_02 btn">게시판 썸네일 삭제</a>
@ -1451,9 +1457,9 @@ jQuery(function($){
function fboardform_submit(f) function fboardform_submit(f)
{ {
<?php <?php
if(!$w){ if (!$w) {
$js_array = get_bo_table_banned_word(); $js_array = get_bo_table_banned_word();
echo "var banned_array = ". json_encode($js_array) . ";\n"; echo "var banned_array = ". json_encode($js_array) . ";\n";
} }
?> ?>
@ -1489,4 +1495,4 @@ function fboardform_submit(f)
</script> </script>
<?php <?php
include_once ('./admin.tail.php'); require_once './admin.tail.php';

116
adm/board_form_update.php
View File

@ -2,25 +2,34 @@
$sub_menu = "300100"; $sub_menu = "300100";
include_once('./_common.php'); include_once('./_common.php');
if ($w == 'u') if ($w == 'u') {
check_demo(); check_demo();
}
auth_check_menu($auth, $sub_menu, 'w'); auth_check_menu($auth, $sub_menu, 'w');
check_admin_token(); check_admin_token();
$gr_id = isset($_POST['gr_id']) ? preg_replace('/[^a-z0-9_]/i', '', $_POST['gr_id']) : ''; $gr_id = isset($_POST['gr_id']) ? preg_replace('/[^a-z0-9_]/i', '', (string)$_POST['gr_id']) : '';
$bo_admin = isset($_POST['bo_admin']) ? preg_replace('/[^a-z0-9_\, \|\#]/i', '', $_POST['bo_admin']) : ''; $bo_admin = isset($_POST['bo_admin']) ? preg_replace('/[^a-z0-9_\, \|\#]/i', '', $_POST['bo_admin']) : '';
$bo_subject = isset($_POST['bo_subject']) ? strip_tags(clean_xss_attributes($_POST['bo_subject'])) : ''; $bo_subject = isset($_POST['bo_subject']) ? strip_tags(clean_xss_attributes($_POST['bo_subject'])) : '';
$bo_mobile_subject = isset($_POST['bo_mobile_subject']) ? strip_tags(clean_xss_attributes($_POST['bo_mobile_subject'])) : ''; $bo_mobile_subject = isset($_POST['bo_mobile_subject']) ? strip_tags(clean_xss_attributes($_POST['bo_mobile_subject'])) : '';
if (!$gr_id) { alert('그룹 ID는 반드시 선택하세요.'); } if (!$gr_id) {
if (!$bo_table) { alert('게시판 TABLE명은 반드시 입력하세요.'); } alert('그룹 ID는 반드시 선택하세요.');
if (!preg_match("/^([A-Za-z0-9_]{1,20})$/", $bo_table)) { alert('게시판 TABLE명은 공백없이 영문자, 숫자, _ 만 사용 가능합니다. (20자 이내)'); } }
if (!$bo_subject) { alert('게시판 제목을 입력하세요.'); } if (!$bo_table) {
alert('게시판 TABLE명은 반드시 입력하세요.');
}
if (!preg_match("/^([A-Za-z0-9_]{1,20})$/", $bo_table)) {
alert('게시판 TABLE명은 공백없이 영문자, 숫자, _ 만 사용 가능합니다. (20자 이내)');
}
if (!$bo_subject) {
alert('게시판 제목을 입력하세요.');
}
// 게시판명이 금지된 단어로 되어 있으면 // 게시판명이 금지된 단어로 되어 있으면
if ( $w == '' && in_array($bo_table, get_bo_table_banned_word()) ){ if ($w == '' && in_array($bo_table, get_bo_table_banned_word())) {
alert('입력한 게시판 TABLE명을 사용할수 없습니다. 다른 이름으로 입력해 주세요.'); alert('입력한 게시판 TABLE명을 사용할수 없습니다. 다른 이름으로 입력해 주세요.');
} }
@ -28,8 +37,8 @@ $bo_include_head = isset($_POST['bo_include_head']) ? preg_replace(array("#[\\\]
$bo_include_tail = isset($_POST['bo_include_tail']) ? preg_replace(array("#[\\\]+$#", "#(<\?php|<\?)#i"), "", substr($_POST['bo_include_tail'], 0, 255)) : ''; $bo_include_tail = isset($_POST['bo_include_tail']) ? preg_replace(array("#[\\\]+$#", "#(<\?php|<\?)#i"), "", substr($_POST['bo_include_tail'], 0, 255)) : '';
// 관리자가 자동등록방지를 사용해야 할 경우 // 관리자가 자동등록방지를 사용해야 할 경우
if ($board && ($board['bo_include_head'] !== $bo_include_head || $board['bo_include_tail'] !== $bo_include_tail) && function_exists('get_admin_captcha_by') && get_admin_captcha_by()){ if ($board && (isset($board['bo_include_head']) && $board['bo_include_head'] !== $bo_include_head || $board['bo_include_tail'] !== $bo_include_tail) && function_exists('get_admin_captcha_by') && get_admin_captcha_by()) {
include_once(G5_CAPTCHA_PATH.'/captcha.lib.php'); include_once(G5_CAPTCHA_PATH . '/captcha.lib.php');
if (!chk_captcha()) { if (!chk_captcha()) {
alert('자동등록방지 숫자가 틀렸습니다.'); alert('자동등록방지 숫자가 틀렸습니다.');
@ -39,7 +48,7 @@ if ($board && ($board['bo_include_head'] !== $bo_include_head || $board['bo_incl
if ($file = $bo_include_head) { if ($file = $bo_include_head) {
$file_ext = pathinfo($file, PATHINFO_EXTENSION); $file_ext = pathinfo($file, PATHINFO_EXTENSION);
if( ! $file_ext || ! in_array($file_ext, array('php', 'htm', 'html')) || ! preg_match('/^.*\.(php|htm|html)$/i', $file) ) { if (!$file_ext || !in_array($file_ext, array('php', 'htm', 'html')) || !preg_match('/^.*\.(php|htm|html)$/i', $file)) {
alert('상단 파일 경로의 확장자는 php, htm, html 만 허용합니다.'); alert('상단 파일 경로의 확장자는 php, htm, html 만 허용합니다.');
} }
} }
@ -47,25 +56,25 @@ if ($file = $bo_include_head) {
if ($file = $bo_include_tail) { if ($file = $bo_include_tail) {
$file_ext = pathinfo($file, PATHINFO_EXTENSION); $file_ext = pathinfo($file, PATHINFO_EXTENSION);
if( ! $file_ext || ! in_array($file_ext, array('php', 'htm', 'html')) || ! preg_match('/^.*\.(php|htm|html)$/i', $file) ) { if (!$file_ext || !in_array($file_ext, array('php', 'htm', 'html')) || !preg_match('/^.*\.(php|htm|html)$/i', $file)) {
alert('하단 파일 경로의 확장자는 php, htm, html 만 허용합니다.'); alert('하단 파일 경로의 확장자는 php, htm, html 만 허용합니다.');
} }
} }
if(!is_include_path_check($bo_include_head, 1)) { if (!is_include_path_check($bo_include_head, 1)) {
alert('상단 파일 경로에 포함시킬수 없는 문자열이 있습니다.'); alert('상단 파일 경로에 포함시킬수 없는 문자열이 있습니다.');
} }
if(!is_include_path_check($bo_include_tail, 1)) { if (!is_include_path_check($bo_include_tail, 1)) {
alert('하단 파일 경로에 포함시킬수 없는 문자열이 있습니다.'); alert('하단 파일 경로에 포함시킬수 없는 문자열이 있습니다.');
} }
if( function_exists('filter_input_include_path') ){ if (function_exists('filter_input_include_path')) {
$bo_include_head = filter_input_include_path($bo_include_head); $bo_include_head = filter_input_include_path($bo_include_head);
$bo_include_tail = filter_input_include_path($bo_include_tail); $bo_include_tail = filter_input_include_path($bo_include_tail);
} }
$board_path = G5_DATA_PATH.'/file/'.$bo_table; $board_path = G5_DATA_PATH . '/file/' . $bo_table;
// 게시판 디렉토리 생성 // 게시판 디렉토리 생성
@mkdir($board_path, G5_DIR_PERMISSION); @mkdir($board_path, G5_DIR_PERMISSION);
@ -73,7 +82,7 @@ $board_path = G5_DATA_PATH.'/file/'.$bo_table;
// 디렉토리에 있는 파일의 목록을 보이지 않게 한다. // 디렉토리에 있는 파일의 목록을 보이지 않게 한다.
$file = $board_path . '/index.php'; $file = $board_path . '/index.php';
if( $f = @fopen($file, 'w') ){ if ($f = @fopen($file, 'w')) {
@fwrite($f, ''); @fwrite($f, '');
@fclose($f); @fclose($f);
@chmod($file, G5_FILE_PERMISSION); @chmod($file, G5_FILE_PERMISSION);
@ -84,7 +93,7 @@ $src_char = array('&', '=');
$dst_char = array('', '〓'); $dst_char = array('', '〓');
$bo_category_list = isset($_POST['bo_category_list']) ? str_replace($src_char, $dst_char, $_POST['bo_category_list']) : ''; $bo_category_list = isset($_POST['bo_category_list']) ? str_replace($src_char, $dst_char, $_POST['bo_category_list']) : '';
//https://github.com/gnuboard/gnuboard5/commit/f5f4925d4eb28ba1af728e1065fc2bdd9ce1da58 에 따른 조치 //https://github.com/gnuboard/gnuboard5/commit/f5f4925d4eb28ba1af728e1065fc2bdd9ce1da58 에 따른 조치
$str_bo_category_list = preg_replace("/[\<\>\'\"\\\'\\\"\%\=\(\)\/\^\*]/", "", $bo_category_list); $str_bo_category_list = preg_replace("/[\<\>\'\"\\\'\\\"\%\=\(\)\/\^\*]/", "", (string)$bo_category_list);
$bo_use_category = isset($_POST['bo_use_category']) ? (int) $_POST['bo_use_category'] : 0; $bo_use_category = isset($_POST['bo_use_category']) ? (int) $_POST['bo_use_category'] : 0;
$bo_use_sideview = isset($_POST['bo_use_sideview']) ? (int) $_POST['bo_use_sideview'] : 0; $bo_use_sideview = isset($_POST['bo_use_sideview']) ? (int) $_POST['bo_use_sideview'] : 0;
@ -154,9 +163,9 @@ $bo_sort_field = isset($_POST['bo_sort_field']) ? clean_xss_tags($_POST['bo_sort
$etcs = array(); $etcs = array();
for($i=1;$i<=10;$i++){ for ($i = 1; $i <= 10; $i++) {
$etcs['bo_'.$i.'_subj'] = ${'bo_'.$i.'_subj'} = isset($_POST['bo_'.$i.'_subj']) ? $_POST['bo_'.$i.'_subj'] : ''; $etcs['bo_' . $i . '_subj'] = ${'bo_' . $i . '_subj'} = isset($_POST['bo_' . $i . '_subj']) ? $_POST['bo_' . $i . '_subj'] : '';
$etcs['bo_'.$i] = ${'bo_'.$i} = isset($_POST['bo_'.$i]) ? $_POST['bo_'.$i] : ''; $etcs['bo_' . $i] = ${'bo_' . $i} = isset($_POST['bo_' . $i]) ? $_POST['bo_' . $i] : '';
} }
$sql_common = " gr_id = '{$gr_id}', $sql_common = " gr_id = '{$gr_id}',
@ -212,9 +221,9 @@ $sql_common = " gr_id = '{$gr_id}',
"; ";
// 최고 관리자인 경우에만 수정가능 // 최고 관리자인 경우에만 수정가능
if ($is_admin === 'super'){ if ($is_admin === 'super') {
$sql_common .= " bo_include_head = '".$bo_include_head."', $sql_common .= " bo_include_head = '" . $bo_include_head . "',
bo_include_tail = '".$bo_include_tail."', bo_include_tail = '" . $bo_include_tail . "',
bo_content_head = '{$bo_content_head}', bo_content_head = '{$bo_content_head}',
bo_content_tail = '{$bo_content_tail}', bo_content_tail = '{$bo_content_tail}',
bo_mobile_content_head = '{$bo_mobile_content_head}', bo_mobile_content_head = '{$bo_mobile_content_head}',
@ -260,10 +269,10 @@ $sql_common .= " bo_insert_content = '{$bo_insert_content}',
bo_10 = '{$bo_10}' "; bo_10 = '{$bo_10}' ";
if ($w == '') { if ($w == '') {
$row = sql_fetch(" select count(*) as cnt from {$g5['board_table']} where bo_table = '{$bo_table}' "); $row = sql_fetch(" select count(*) as cnt from {$g5['board_table']} where bo_table = '{$bo_table}' ");
if ($row['cnt']) if ($row['cnt']) {
alert($bo_table.' 은(는) 이미 존재하는 TABLE 입니다.'); alert($bo_table . ' 은(는) 이미 존재하는 TABLE 입니다.');
}
$sql = " insert into {$g5['board_table']} $sql = " insert into {$g5['board_table']}
set bo_table = '{$bo_table}', set bo_table = '{$bo_table}',
@ -284,10 +293,8 @@ if ($w == '') {
$source = array('/__TABLE_NAME__/', '/;/'); $source = array('/__TABLE_NAME__/', '/;/');
$target = array($create_table, ''); $target = array($create_table, '');
$sql = preg_replace($source, $target, $sql); $sql = preg_replace($source, $target, $sql);
sql_query($sql, FALSE); sql_query($sql, false);
} elseif ($w == 'u') {
} else if ($w == 'u') {
// 게시판의 글 수 // 게시판의 글 수
$sql = " select count(*) as cnt from {$g5['write_prefix']}{$bo_table} where wr_is_comment = 0 "; $sql = " select count(*) as cnt from {$g5['write_prefix']}{$bo_table} where wr_is_comment = 0 ";
$row = sql_fetch($sql); $row = sql_fetch($sql);
@ -308,7 +315,7 @@ if ($w == '') {
//$sql = " select wr_id from {$g5['write_prefix']}{$bo_table} where wr_is_comment = 0 "; //$sql = " select wr_id from {$g5['write_prefix']}{$bo_table} where wr_is_comment = 0 ";
$sql = " select a.wr_id, (count(b.wr_parent) - 1) as cnt from {$g5['write_prefix']}{$bo_table} a, {$g5['write_prefix']}{$bo_table} b where a.wr_id=b.wr_parent and a.wr_is_comment=0 group by a.wr_id "; $sql = " select a.wr_id, (count(b.wr_parent) - 1) as cnt from {$g5['write_prefix']}{$bo_table} a, {$g5['write_prefix']}{$bo_table} b where a.wr_id=b.wr_parent and a.wr_is_comment=0 group by a.wr_id ";
$result = sql_query($sql); $result = sql_query($sql);
for ($i=0; $row=sql_fetch_array($result); $i++) { for ($i = 0; $row = sql_fetch_array($result); $i++) {
/* /*
// 코멘트수를 얻습니다. // 코멘트수를 얻습니다.
$sql2 = " select count(*) as cnt from {$g5['write_prefix']}$bo_table where wr_parent = '{$row['wr_id']}' and wr_is_comment = 1 "; $sql2 = " select count(*) as cnt from {$g5['write_prefix']}$bo_table where wr_parent = '{$row['wr_id']}' and wr_is_comment = 1 ";
@ -324,11 +331,10 @@ if ($w == '') {
$lf = ""; $lf = "";
if ($board['bo_notice']) { if ($board['bo_notice']) {
$tmp_array = explode(",", $board['bo_notice']); $tmp_array = explode(",", $board['bo_notice']);
for ($i=0; $i<count($tmp_array); $i++) { for ($i = 0; $i < count($tmp_array); $i++) {
$tmp_wr_id = trim($tmp_array[$i]); $tmp_wr_id = trim($tmp_array[$i]);
$row = sql_fetch(" select count(*) as cnt from {$g5['write_prefix']}{$bo_table} where wr_id = '{$tmp_wr_id}' "); $row = sql_fetch(" select count(*) as cnt from {$g5['write_prefix']}{$bo_table} where wr_id = '{$tmp_wr_id}' ");
if ($row['cnt']) if ($row['cnt']) {
{
$bo_notice .= $lf . $tmp_wr_id; $bo_notice .= $lf . $tmp_wr_id;
$lf = ","; $lf = ",";
} }
@ -342,7 +348,6 @@ if ($w == '') {
{$sql_common} {$sql_common}
where bo_table = '{$bo_table}' "; where bo_table = '{$bo_table}' ";
sql_query($sql); sql_query($sql);
} }
@ -396,9 +401,9 @@ if (is_checked('chk_grp_mobile_gallery_width')) $grp_fields .= " , bo_mobile_gal
if (is_checked('chk_grp_mobile_gallery_height'))$grp_fields .= " , bo_mobile_gallery_height = '{$bo_mobile_gallery_height}' "; if (is_checked('chk_grp_mobile_gallery_height'))$grp_fields .= " , bo_mobile_gallery_height = '{$bo_mobile_gallery_height}' ";
if (is_checked('chk_grp_table_width')) $grp_fields .= " , bo_table_width = '{$bo_table_width}' "; if (is_checked('chk_grp_table_width')) $grp_fields .= " , bo_table_width = '{$bo_table_width}' ";
if (is_checked('chk_grp_page_rows')) $grp_fields .= " , bo_page_rows = '{$bo_page_rows}' "; if (is_checked('chk_grp_page_rows')) $grp_fields .= " , bo_page_rows = '{$bo_page_rows}' ";
if (is_checked('chk_grp_mobile_page_rows')) $grp_fields .= " , bo_mobile_page_rows = '{$bo_mobile_page_rows}' "; if (is_checked('chk_grp_mobile_page_rows')) $grp_fields .= " , bo_mobile_page_rows = '{$bo_mobile_page_rows}' ";
if (is_checked('chk_grp_subject_len')) $grp_fields .= " , bo_subject_len = '{$bo_subject_len}' "; if (is_checked('chk_grp_subject_len')) $grp_fields .= " , bo_subject_len = '{$bo_subject_len}' ";
if (is_checked('chk_grp_mobile_subject_len')) $grp_fields .= " , bo_mobile_subject_len = '{$bo_mobile_subject_len}' "; if (is_checked('chk_grp_mobile_subject_len')) $grp_fields .= " , bo_mobile_subject_len = '{$bo_mobile_subject_len}' ";
if (is_checked('chk_grp_new')) $grp_fields .= " , bo_new = '{$bo_new}' "; if (is_checked('chk_grp_new')) $grp_fields .= " , bo_new = '{$bo_new}' ";
if (is_checked('chk_grp_hot')) $grp_fields .= " , bo_hot = '{$bo_hot}' "; if (is_checked('chk_grp_hot')) $grp_fields .= " , bo_hot = '{$bo_hot}' ";
if (is_checked('chk_grp_image_width')) $grp_fields .= " , bo_image_width = '{$bo_image_width}' "; if (is_checked('chk_grp_image_width')) $grp_fields .= " , bo_image_width = '{$bo_image_width}' ";
@ -412,7 +417,7 @@ if (is_checked('chk_grp_upload_count')) $grp_fields .= " , bo_upload_cou
if (is_checked('chk_grp_upload_size')) $grp_fields .= " , bo_upload_size = '{$bo_upload_size}' "; if (is_checked('chk_grp_upload_size')) $grp_fields .= " , bo_upload_size = '{$bo_upload_size}' ";
//최고관리자만 수정가능 //최고관리자만 수정가능
if ($is_admin === 'super'){ if ($is_admin === 'super') {
if (is_checked('chk_grp_include_head')) $grp_fields .= " , bo_include_head = '{$bo_include_head}' "; if (is_checked('chk_grp_include_head')) $grp_fields .= " , bo_include_head = '{$bo_include_head}' ";
if (is_checked('chk_grp_include_tail')) $grp_fields .= " , bo_include_tail = '{$bo_include_tail}' "; if (is_checked('chk_grp_include_tail')) $grp_fields .= " , bo_include_tail = '{$bo_include_tail}' ";
if (is_checked('chk_grp_content_head')) $grp_fields .= " , bo_content_head = '{$bo_content_head}' "; if (is_checked('chk_grp_content_head')) $grp_fields .= " , bo_content_head = '{$bo_content_head}' ";
@ -424,10 +429,10 @@ if ($is_admin === 'super'){
if (is_checked('chk_grp_insert_content')) $grp_fields .= " , bo_insert_content = '{$bo_insert_content}' "; if (is_checked('chk_grp_insert_content')) $grp_fields .= " , bo_insert_content = '{$bo_insert_content}' ";
if (is_checked('chk_grp_use_search')) $grp_fields .= " , bo_use_search = '{$bo_use_search}' "; if (is_checked('chk_grp_use_search')) $grp_fields .= " , bo_use_search = '{$bo_use_search}' ";
if (is_checked('chk_grp_order')) $grp_fields .= " , bo_order = '{$bo_order}' "; if (is_checked('chk_grp_order')) $grp_fields .= " , bo_order = '{$bo_order}' ";
for ($i=1; $i<=10; $i++) { for ($i = 1; $i <= 10; $i++) {
if (is_checked('chk_grp_'.$i)) { if (is_checked('chk_grp_' . $i)) {
$grp_fields .= " , bo_{$i}_subj = '".$etcs['bo_'.$i.'_subj']."' "; $grp_fields .= " , bo_{$i}_subj = '" . $etcs['bo_' . $i . '_subj'] . "' ";
$grp_fields .= " , bo_{$i} = '".$etcs['bo_'.$i]."' "; $grp_fields .= " , bo_{$i} = '" . $etcs['bo_' . $i] . "' ";
} }
} }
@ -483,12 +488,12 @@ if (is_checked('chk_all_gallery_cols')) $all_fields .= " , bo_gallery_co
if (is_checked('chk_all_gallery_width')) $all_fields .= " , bo_gallery_width = '{$bo_gallery_width}' "; if (is_checked('chk_all_gallery_width')) $all_fields .= " , bo_gallery_width = '{$bo_gallery_width}' ";
if (is_checked('chk_all_gallery_height')) $all_fields .= " , bo_gallery_height = '{$bo_gallery_height}' "; if (is_checked('chk_all_gallery_height')) $all_fields .= " , bo_gallery_height = '{$bo_gallery_height}' ";
if (is_checked('chk_all_mobile_gallery_width')) $all_fields .= " , bo_mobile_gallery_width = '{$bo_mobile_gallery_width}' "; if (is_checked('chk_all_mobile_gallery_width')) $all_fields .= " , bo_mobile_gallery_width = '{$bo_mobile_gallery_width}' ";
if (is_checked('chk_all_mobile_gallery_height'))$all_fields .= " , bo_mobile_gallery_height = '{$bo_mobile_gallery_height}' "; if (is_checked('chk_all_mobile_gallery_height')) $all_fields .= " , bo_mobile_gallery_height = '{$bo_mobile_gallery_height}' ";
if (is_checked('chk_all_table_width')) $all_fields .= " , bo_table_width = '{$bo_table_width}' "; if (is_checked('chk_all_table_width')) $all_fields .= " , bo_table_width = '{$bo_table_width}' ";
if (is_checked('chk_all_page_rows')) $all_fields .= " , bo_page_rows = '{$bo_page_rows}' "; if (is_checked('chk_all_page_rows')) $all_fields .= " , bo_page_rows = '{$bo_page_rows}' ";
if (is_checked('chk_all_mobile_page_rows')) $all_fields .= " , bo_mobile_page_rows = '{$bo_mobile_page_rows}' "; if (is_checked('chk_all_mobile_page_rows')) $all_fields .= " , bo_mobile_page_rows = '{$bo_mobile_page_rows}' ";
if (is_checked('chk_all_subject_len')) $all_fields .= " , bo_subject_len = '{$bo_subject_len}' "; if (is_checked('chk_all_subject_len')) $all_fields .= " , bo_subject_len = '{$bo_subject_len}' ";
if (is_checked('chk_all_mobile_subject_len')) $all_fields .= " , bo_mobile_subject_len = '{$bo_mobile_subject_len}' "; if (is_checked('chk_all_mobile_subject_len')) $all_fields .= " , bo_mobile_subject_len = '{$bo_mobile_subject_len}' ";
if (is_checked('chk_all_new')) $all_fields .= " , bo_new = '{$bo_new}' "; if (is_checked('chk_all_new')) $all_fields .= " , bo_new = '{$bo_new}' ";
if (is_checked('chk_all_hot')) $all_fields .= " , bo_hot = '{$bo_hot}' "; if (is_checked('chk_all_hot')) $all_fields .= " , bo_hot = '{$bo_hot}' ";
if (is_checked('chk_all_image_width')) $all_fields .= " , bo_image_width = '{$bo_image_width}' "; if (is_checked('chk_all_image_width')) $all_fields .= " , bo_image_width = '{$bo_image_width}' ";
@ -502,7 +507,7 @@ if (is_checked('chk_all_upload_count')) $all_fields .= " , bo_upload_cou
if (is_checked('chk_all_upload_size')) $all_fields .= " , bo_upload_size = '{$bo_upload_size}' "; if (is_checked('chk_all_upload_size')) $all_fields .= " , bo_upload_size = '{$bo_upload_size}' ";
//최고관리자만 수정가능 //최고관리자만 수정가능
if ($is_admin === 'super'){ if ($is_admin === 'super') {
if (is_checked('chk_all_include_head')) $all_fields .= " , bo_include_head = '{$bo_include_head}' "; if (is_checked('chk_all_include_head')) $all_fields .= " , bo_include_head = '{$bo_include_head}' ";
if (is_checked('chk_all_include_tail')) $all_fields .= " , bo_include_tail = '{$bo_include_tail}' "; if (is_checked('chk_all_include_tail')) $all_fields .= " , bo_include_tail = '{$bo_include_tail}' ";
if (is_checked('chk_all_content_head')) $all_fields .= " , bo_content_head = '{$bo_content_head}' "; if (is_checked('chk_all_content_head')) $all_fields .= " , bo_content_head = '{$bo_content_head}' ";
@ -514,10 +519,10 @@ if ($is_admin === 'super'){
if (is_checked('chk_all_insert_content')) $all_fields .= " , bo_insert_content = '{$bo_insert_content}' "; if (is_checked('chk_all_insert_content')) $all_fields .= " , bo_insert_content = '{$bo_insert_content}' ";
if (is_checked('chk_all_use_search')) $all_fields .= " , bo_use_search = '{$bo_use_search}' "; if (is_checked('chk_all_use_search')) $all_fields .= " , bo_use_search = '{$bo_use_search}' ";
if (is_checked('chk_all_order')) $all_fields .= " , bo_order = '{$bo_order}' "; if (is_checked('chk_all_order')) $all_fields .= " , bo_order = '{$bo_order}' ";
for ($i=1; $i<=10; $i++) { for ($i = 1; $i <= 10; $i++) {
if (is_checked('chk_all_'.$i)) { if (is_checked('chk_all_' . $i)) {
$all_fields .= " , bo_{$i}_subj = '".$etcs['bo_'.$i.'_subj']."' "; $all_fields .= " , bo_{$i}_subj = '" . $etcs['bo_' . $i . '_subj'] . "' ";
$all_fields .= " , bo_{$i} = '".$etcs['bo_'.$i]."' "; $all_fields .= " , bo_{$i} = '" . $etcs['bo_' . $i] . "' ";
} }
} }
@ -527,9 +532,10 @@ if ($all_fields) {
delete_cache_latest($bo_table); delete_cache_latest($bo_table);
if(function_exists('get_admin_captcha_by')) if (function_exists('get_admin_captcha_by')) {
get_admin_captcha_by('remove'); get_admin_captcha_by('remove');
}
run_event('admin_board_form_update', $bo_table, $w); run_event('admin_board_form_update', $bo_table, $w);
goto_url("./board_form.php?w=u&bo_table={$bo_table}&amp;{$qstr}"); goto_url("./board_form.php?w=u&bo_table={$bo_table}&amp;{$qstr}");

322
adm/board_list.php
View File

@ -1,6 +1,6 @@
<?php <?php
$sub_menu = "300100"; $sub_menu = "300100";
include_once('./_common.php'); require_once './_common.php';
auth_check_menu($auth, $sub_menu, 'r'); auth_check_menu($auth, $sub_menu, 'r');
@ -15,13 +15,13 @@ if ($is_admin != "super") {
if ($stx) { if ($stx) {
$sql_search .= " and ( "; $sql_search .= " and ( ";
switch ($sfl) { switch ($sfl) {
case "bo_table" : case "bo_table":
$sql_search .= " ($sfl like '$stx%') "; $sql_search .= " ($sfl like '$stx%') ";
break; break;
case "a.gr_id" : case "a.gr_id":
$sql_search .= " ($sfl = '$stx') "; $sql_search .= " ($sfl = '$stx') ";
break; break;
default : default:
$sql_search .= " ($sfl like '%$stx%') "; $sql_search .= " ($sfl like '%$stx%') ";
break; break;
} }
@ -40,16 +40,18 @@ $total_count = $row['cnt'];
$rows = $config['cf_page_rows']; $rows = $config['cf_page_rows'];
$total_page = ceil($total_count / $rows); // 전체 페이지 계산 $total_page = ceil($total_count / $rows); // 전체 페이지 계산
if ($page < 1) { $page = 1; } // 페이지가 없으면 첫 페이지 (1 페이지) if ($page < 1) {
$page = 1; // 페이지가 없으면 첫 페이지 (1 페이지)
}
$from_record = ($page - 1) * $rows; // 시작 열을 구함 $from_record = ($page - 1) * $rows; // 시작 열을 구함
$sql = " select * {$sql_common} {$sql_search} {$sql_order} limit {$from_record}, {$rows} "; $sql = " select * {$sql_common} {$sql_search} {$sql_order} limit {$from_record}, {$rows} ";
$result = sql_query($sql); $result = sql_query($sql);
$listall = '<a href="'.$_SERVER['SCRIPT_NAME'].'" class="ov_listall">전체목록</a>'; $listall = '<a href="' . $_SERVER['SCRIPT_NAME'] . '" class="ov_listall">전체목록</a>';
$g5['title'] = '게시판관리'; $g5['title'] = '게시판관리';
include_once('./admin.head.php'); require_once './admin.head.php';
$colspan = 15; $colspan = 15;
?> ?>
@ -60,179 +62,173 @@ $colspan = 15;
</div> </div>
<form name="fsearch" id="fsearch" class="local_sch01 local_sch" method="get"> <form name="fsearch" id="fsearch" class="local_sch01 local_sch" method="get">
<label for="sfl" class="sound_only">검색대상</label>
<label for="sfl" class="sound_only">검색대상</label> <select name="sfl" id="sfl">
<select name="sfl" id="sfl"> <option value="bo_table" <?php echo get_selected($sfl, "bo_table", true); ?>>TABLE</option>
<option value="bo_table"<?php echo get_selected($sfl, "bo_table", true); ?>>TABLE</option> <option value="bo_subject" <?php echo get_selected($sfl, "bo_subject"); ?>>제목</option>
<option value="bo_subject"<?php echo get_selected($sfl, "bo_subject"); ?>>제목</option> <option value="a.gr_id" <?php echo get_selected($sfl, "a.gr_id"); ?>>그룹ID</option>
<option value="a.gr_id"<?php echo get_selected($sfl, "a.gr_id"); ?>>그룹ID</option> </select>
</select> <label for="stx" class="sound_only">검색어<strong class="sound_only"> 필수</strong></label>
<label for="stx" class="sound_only">검색어<strong class="sound_only"> 필수</strong></label> <input type="text" name="stx" value="<?php echo $stx ?>" id="stx" required class="required frm_input">
<input type="text" name="stx" value="<?php echo $stx ?>" id="stx" required class="required frm_input"> <input type="submit" value="검색" class="btn_submit">
<input type="submit" value="검색" class="btn_submit">
</form> </form>
<form name="fboardlist" id="fboardlist" action="./board_list_update.php" onsubmit="return fboardlist_submit(this);" method="post"> <form name="fboardlist" id="fboardlist" action="./board_list_update.php" onsubmit="return fboardlist_submit(this);" method="post">
<input type="hidden" name="sst" value="<?php echo $sst ?>"> <input type="hidden" name="sst" value="<?php echo $sst ?>">
<input type="hidden" name="sod" value="<?php echo $sod ?>"> <input type="hidden" name="sod" value="<?php echo $sod ?>">
<input type="hidden" name="sfl" value="<?php echo $sfl ?>"> <input type="hidden" name="sfl" value="<?php echo $sfl ?>">
<input type="hidden" name="stx" value="<?php echo $stx ?>"> <input type="hidden" name="stx" value="<?php echo $stx ?>">
<input type="hidden" name="page" value="<?php echo $page ?>"> <input type="hidden" name="page" value="<?php echo $page ?>">
<input type="hidden" name="token" value="<?php echo isset($token) ? $token : ''; ?>"> <input type="hidden" name="token" value="<?php echo isset($token) ? $token : ''; ?>">
<div class="tbl_head01 tbl_wrap"> <div class="tbl_head01 tbl_wrap">
<table> <table>
<caption><?php echo $g5['title']; ?> 목록</caption> <caption><?php echo $g5['title']; ?> 목록</caption>
<thead> <thead>
<tr> <tr>
<th scope="col"> <th scope="col">
<label for="chkall" class="sound_only">게시판 전체</label> <label for="chkall" class="sound_only">게시판 전체</label>
<input type="checkbox" name="chkall" value="1" id="chkall" onclick="check_all(this.form)"> <input type="checkbox" name="chkall" value="1" id="chkall" onclick="check_all(this.form)">
</th> </th>
<th scope="col"><?php echo subject_sort_link('a.gr_id') ?>그룹</a></th> <th scope="col"><?php echo subject_sort_link('a.gr_id') ?>그룹</a></th>
<th scope="col"><?php echo subject_sort_link('bo_table') ?>TABLE</a></th> <th scope="col"><?php echo subject_sort_link('bo_table') ?>TABLE</a></th>
<th scope="col"><?php echo subject_sort_link('bo_skin', '', 'desc') ?>스킨</a></th> <th scope="col"><?php echo subject_sort_link('bo_skin', '', 'desc') ?>스킨</a></th>
<th scope="col"><?php echo subject_sort_link('bo_mobile_skin', '', 'desc') ?>모바일<br>스킨</a></th> <th scope="col"><?php echo subject_sort_link('bo_mobile_skin', '', 'desc') ?>모바일<br>스킨</a></th>
<th scope="col"><?php echo subject_sort_link('bo_subject') ?>제목</a></th> <th scope="col"><?php echo subject_sort_link('bo_subject') ?>제목</a></th>
<th scope="col">읽기P<span class="sound_only">포인트</span></th> <th scope="col">읽기P<span class="sound_only">포인트</span></th>
<th scope="col">쓰기P<span class="sound_only">포인트</span></th> <th scope="col">쓰기P<span class="sound_only">포인트</span></th>
<th scope="col">댓글P<span class="sound_only">포인트</span></th> <th scope="col">댓글P<span class="sound_only">포인트</span></th>
<th scope="col">다운P<span class="sound_only">포인트</span></th> <th scope="col">다운P<span class="sound_only">포인트</span></th>
<th scope="col"><?php echo subject_sort_link('bo_use_sns') ?>SNS<br>사용</a></th> <th scope="col"><?php echo subject_sort_link('bo_use_sns') ?>SNS<br>사용</a></th>
<th scope="col"><?php echo subject_sort_link('bo_use_search') ?>검색<br>사용</a></th> <th scope="col"><?php echo subject_sort_link('bo_use_search') ?>검색<br>사용</a></th>
<th scope="col"><?php echo subject_sort_link('bo_order') ?>출력<br>순서</a></th> <th scope="col"><?php echo subject_sort_link('bo_order') ?>출력<br>순서</a></th>
<th scope="col">접속기기</th> <th scope="col">접속기기</th>
<th scope="col">관리</th> <th scope="col">관리</th>
</tr> </tr>
</thead> </thead>
<tbody> <tbody>
<?php <?php
for ($i=0; $row=sql_fetch_array($result); $i++) { for ($i = 0; $row = sql_fetch_array($result); $i++) {
$one_update = '<a href="./board_form.php?w=u&amp;bo_table='.$row['bo_table'].'&amp;'.$qstr.'" class="btn btn_03">수정</a>'; $one_update = '<a href="./board_form.php?w=u&amp;bo_table=' . $row['bo_table'] . '&amp;' . $qstr . '" class="btn btn_03">수정</a>';
$one_copy = '<a href="./board_copy.php?bo_table='.$row['bo_table'].'" class="board_copy btn btn_02" target="win_board_copy">복사</a>'; $one_copy = '<a href="./board_copy.php?bo_table=' . $row['bo_table'] . '" class="board_copy btn btn_02" target="win_board_copy">복사</a>';
$bg = 'bg'.($i%2); $bg = 'bg' . ($i % 2);
?> ?>
<tr class="<?php echo $bg; ?>"> <tr class="<?php echo $bg; ?>">
<td class="td_chk"> <td class="td_chk">
<label for="chk_<?php echo $i; ?>" class="sound_only"><?php echo get_text($row['bo_subject']) ?></label> <label for="chk_<?php echo $i; ?>" class="sound_only"><?php echo get_text($row['bo_subject']) ?></label>
<input type="checkbox" name="chk[]" value="<?php echo $i ?>" id="chk_<?php echo $i ?>"> <input type="checkbox" name="chk[]" value="<?php echo $i ?>" id="chk_<?php echo $i ?>">
</td> </td>
<td> <td>
<?php if ($is_admin == 'super'){ ?> <?php if ($is_admin == 'super') { ?>
<?php echo get_group_select("gr_id[$i]", $row['gr_id']) ?> <?php echo get_group_select("gr_id[$i]", $row['gr_id']) ?>
<?php }else{ ?> <?php } else { ?>
<input type="hidden" name="gr_id[<?php echo $i ?>]" value="<?php echo $row['gr_id'] ?>"><?php echo $row['gr_subject'] ?> <input type="hidden" name="gr_id[<?php echo $i ?>]" value="<?php echo $row['gr_id'] ?>"><?php echo $row['gr_subject'] ?>
<?php } ?> <?php } ?>
</td> </td>
<td> <td>
<input type="hidden" name="board_table[<?php echo $i ?>]" value="<?php echo $row['bo_table'] ?>"> <input type="hidden" name="board_table[<?php echo $i ?>]" value="<?php echo $row['bo_table'] ?>">
<a href="<?php echo get_pretty_url($row['bo_table']) ?>"><?php echo $row['bo_table'] ?></a> <a href="<?php echo get_pretty_url($row['bo_table']) ?>"><?php echo $row['bo_table'] ?></a>
</td> </td>
<td> <td>
<label for="bo_skin_<?php echo $i; ?>" class="sound_only">스킨</label> <label for="bo_skin_<?php echo $i; ?>" class="sound_only">스킨</label>
<?php echo get_skin_select('board', 'bo_skin_'.$i, "bo_skin[$i]", $row['bo_skin']); ?> <?php echo get_skin_select('board', 'bo_skin_' . $i, "bo_skin[$i]", $row['bo_skin']); ?>
</td> </td>
<td> <td>
<label for="bo_mobile_skin_<?php echo $i; ?>" class="sound_only">모바일 스킨</label> <label for="bo_mobile_skin_<?php echo $i; ?>" class="sound_only">모바일 스킨</label>
<?php echo get_mobile_skin_select('board', 'bo_mobile_skin_'.$i, "bo_mobile_skin[$i]", $row['bo_mobile_skin']); ?> <?php echo get_mobile_skin_select('board', 'bo_mobile_skin_' . $i, "bo_mobile_skin[$i]", $row['bo_mobile_skin']); ?>
</td> </td>
<td> <td>
<label for="bo_subject_<?php echo $i; ?>" class="sound_only">게시판 제목<strong class="sound_only"> 필수</strong></label> <label for="bo_subject_<?php echo $i; ?>" class="sound_only">게시판 제목<strong class="sound_only"> 필수</strong></label>
<input type="text" name="bo_subject[<?php echo $i ?>]" value="<?php echo get_text($row['bo_subject']) ?>" id="bo_subject_<?php echo $i ?>" required class="required tbl_input bo_subject full_input" size="10"> <input type="text" name="bo_subject[<?php echo $i ?>]" value="<?php echo get_text($row['bo_subject']) ?>" id="bo_subject_<?php echo $i ?>" required class="required tbl_input bo_subject full_input" size="10">
</td> </td>
<td class="td_numsmall"> <td class="td_numsmall">
<label for="bo_read_point_<?php echo $i; ?>" class="sound_only">읽기 포인트</label> <label for="bo_read_point_<?php echo $i; ?>" class="sound_only">읽기 포인트</label>
<input type="text" name="bo_read_point[<?php echo $i ?>]" value="<?php echo $row['bo_read_point'] ?>" id="bo_read_point_<?php echo $i; ?>" class="tbl_input" size="2"> <input type="text" name="bo_read_point[<?php echo $i ?>]" value="<?php echo $row['bo_read_point'] ?>" id="bo_read_point_<?php echo $i; ?>" class="tbl_input" size="2">
</td> </td>
<td class="td_numsmall"> <td class="td_numsmall">
<label for="bo_write_point_<?php echo $i; ?>" class="sound_only">쓰기 포인트</label> <label for="bo_write_point_<?php echo $i; ?>" class="sound_only">쓰기 포인트</label>
<input type="text" name="bo_write_point[<?php echo $i ?>]" value="<?php echo $row['bo_write_point'] ?>" id="bo_write_point_<?php echo $i; ?>" class="tbl_input" size="2"> <input type="text" name="bo_write_point[<?php echo $i ?>]" value="<?php echo $row['bo_write_point'] ?>" id="bo_write_point_<?php echo $i; ?>" class="tbl_input" size="2">
</td> </td>
<td class="td_numsmall"> <td class="td_numsmall">
<label for="bo_comment_point_<?php echo $i; ?>" class="sound_only">댓글 포인트</label> <label for="bo_comment_point_<?php echo $i; ?>" class="sound_only">댓글 포인트</label>
<input type="text" name="bo_comment_point[<?php echo $i ?>]" value="<?php echo $row['bo_comment_point'] ?>" id="bo_comment_point_<?php echo $i; ?>" class="tbl_input" size="2"> <input type="text" name="bo_comment_point[<?php echo $i ?>]" value="<?php echo $row['bo_comment_point'] ?>" id="bo_comment_point_<?php echo $i; ?>" class="tbl_input" size="2">
</td> </td>
<td class="td_numsmall"> <td class="td_numsmall">
<label for="bo_download_point_<?php echo $i; ?>" class="sound_only">다운<br>포인트</label> <label for="bo_download_point_<?php echo $i; ?>" class="sound_only">다운<br>포인트</label>
<input type="text" name="bo_download_point[<?php echo $i ?>]" value="<?php echo $row['bo_download_point'] ?>" id="bo_download_point_<?php echo $i; ?>" class="tbl_input" size="2"> <input type="text" name="bo_download_point[<?php echo $i ?>]" value="<?php echo $row['bo_download_point'] ?>" id="bo_download_point_<?php echo $i; ?>" class="tbl_input" size="2">
</td> </td>
<td class="td_numsmall"> <td class="td_numsmall">
<label for="bo_use_sns_<?php echo $i; ?>" class="sound_only">SNS<br>사용</label> <label for="bo_use_sns_<?php echo $i; ?>" class="sound_only">SNS<br>사용</label>
<input type="checkbox" name="bo_use_sns[<?php echo $i ?>]" value="1" id="bo_use_sns_<?php echo $i ?>" <?php echo $row['bo_use_sns']?"checked":"" ?>> <input type="checkbox" name="bo_use_sns[<?php echo $i ?>]" value="1" id="bo_use_sns_<?php echo $i ?>" <?php echo $row['bo_use_sns'] ? "checked" : "" ?>>
</td> </td>
<td class="td_numsmall"> <td class="td_numsmall">
<label for="bo_use_search_<?php echo $i; ?>" class="sound_only">검색<br>사용</label> <label for="bo_use_search_<?php echo $i; ?>" class="sound_only">검색<br>사용</label>
<input type="checkbox" name="bo_use_search[<?php echo $i ?>]" value="1" id="bo_use_search_<?php echo $i ?>" <?php echo $row['bo_use_search']?"checked":"" ?>> <input type="checkbox" name="bo_use_search[<?php echo $i ?>]" value="1" id="bo_use_search_<?php echo $i ?>" <?php echo $row['bo_use_search'] ? "checked" : "" ?>>
</td> </td>
<td class="td_numsmall"> <td class="td_numsmall">
<label for="bo_order_<?php echo $i; ?>" class="sound_only">출력<br>순서</label> <label for="bo_order_<?php echo $i; ?>" class="sound_only">출력<br>순서</label>
<input type="text" name="bo_order[<?php echo $i ?>]" value="<?php echo $row['bo_order'] ?>" id="bo_order_<?php echo $i ?>" class="tbl_input" size="2"> <input type="text" name="bo_order[<?php echo $i ?>]" value="<?php echo $row['bo_order'] ?>" id="bo_order_<?php echo $i ?>" class="tbl_input" size="2">
</td> </td>
<td class="td_mngsmall"> <td class="td_mngsmall">
<label for="bo_device_<?php echo $i; ?>" class="sound_only">접속기기</label> <label for="bo_device_<?php echo $i; ?>" class="sound_only">접속기기</label>
<select name="bo_device[<?php echo $i ?>]" id="bo_device_<?php echo $i ?>"> <select name="bo_device[<?php echo $i ?>]" id="bo_device_<?php echo $i ?>">
<option value="both"<?php echo get_selected($row['bo_device'], 'both', true); ?>>모두</option> <option value="both" <?php echo get_selected($row['bo_device'], 'both', true); ?>>모두</option>
<option value="pc"<?php echo get_selected($row['bo_device'], 'pc'); ?>>PC</option> <option value="pc" <?php echo get_selected($row['bo_device'], 'pc'); ?>>PC</option>
<option value="mobile"<?php echo get_selected($row['bo_device'], 'mobile'); ?>>모바일</option> <option value="mobile" <?php echo get_selected($row['bo_device'], 'mobile'); ?>>모바일</option>
</select> </select>
</td> </td>
<td class="td_mng td_mng_m"> <td class="td_mng td_mng_m">
<?php echo $one_update ?> <?php echo $one_update ?>
<?php echo $one_copy ?> <?php echo $one_copy ?>
</td> </td>
</tr> </tr>
<?php <?php
} }
if ($i == 0) if ($i == 0) {
echo '<tr><td colspan="'.$colspan.'" class="empty_table">자료가 없습니다.</td></tr>'; echo '<tr><td colspan="' . $colspan . '" class="empty_table">자료가 없습니다.</td></tr>';
?> }
</tbody> ?>
</table> </tbody>
</div> </table>
</div>
<div class="btn_fixed_top"> <div class="btn_fixed_top">
<input type="submit" name="act_button" value="선택수정" onclick="document.pressed=this.value" class="btn_02 btn"> <input type="submit" name="act_button" value="선택수정" onclick="document.pressed=this.value" class="btn_02 btn">
<?php if ($is_admin == 'super') { ?> <?php if ($is_admin == 'super') { ?>
<input type="submit" name="act_button" value="선택삭제" onclick="document.pressed=this.value" class="btn_02 btn"> <input type="submit" name="act_button" value="선택삭제" onclick="document.pressed=this.value" class="btn_02 btn">
<?php } ?> <a href="./board_form.php" id="bo_add" class="btn_01 btn">게시판 추가</a>
<?php if ($is_admin == 'super') { ?> <?php } ?>
<a href="./board_form.php" id="bo_add" class="btn_01 btn">게시판 추가</a> </div>
<?php } ?>
</div>
</form> </form>
<?php echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, $_SERVER['SCRIPT_NAME'].'?'.$qstr.'&amp;page='); ?> <?php echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, $_SERVER['SCRIPT_NAME'] . '?' . $qstr . '&amp;page='); ?>
<script> <script>
function fboardlist_submit(f) function fboardlist_submit(f) {
{ if (!is_checked("chk[]")) {
if (!is_checked("chk[]")) { alert(document.pressed + " 하실 항목을 하나 이상 선택하세요.");
alert(document.pressed+" 하실 항목을 하나 이상 선택하세요.");
return false;
}
if(document.pressed == "선택삭제") {
if(!confirm("선택한 자료를 정말 삭제하시겠습니까?")) {
return false; return false;
} }
if (document.pressed == "선택삭제") {
if (!confirm("선택한 자료를 정말 삭제하시겠습니까?")) {
return false;
}
}
return true;
} }
return true; $(function() {
} $(".board_copy").click(function() {
window.open(this.href, "win_board_copy", "left=100,top=100,width=550,height=450");
$(function(){ return false;
$(".board_copy").click(function(){ });
window.open(this.href, "win_board_copy", "left=100,top=100,width=550,height=450");
return false;
}); });
});
</script> </script>
<?php <?php
include_once('./admin.tail.php'); require_once './admin.tail.php';

69
adm/board_list_update.php
View File

@ -1,26 +1,24 @@
<?php <?php
$sub_menu = "300100"; $sub_menu = "300100";
include_once('./_common.php'); require_once './_common.php';
check_demo(); check_demo();
$post_count_chk = (isset($_POST['chk']) && is_array($_POST['chk'])) ? count($_POST['chk']) : 0; $post_count_chk = (isset($_POST['chk']) && is_array($_POST['chk'])) ? count($_POST['chk']) : 0;
$chk = (isset($_POST['chk']) && is_array($_POST['chk'])) ? $_POST['chk'] : array(); $chk = (isset($_POST['chk']) && is_array($_POST['chk'])) ? $_POST['chk'] : array();
$act_button = isset($_POST['act_button']) ? strip_tags($_POST['act_button']) : ''; $act_button = isset($_POST['act_button']) ? strip_tags($_POST['act_button']) : '';
$board_table = (isset($_POST['board_table']) && is_array($_POST['board_table'])) ? $_POST['board_table'] : array(); $board_table = (isset($_POST['board_table']) && is_array($_POST['board_table'])) ? $_POST['board_table'] : array();
if (! $post_count_chk) { if (!$post_count_chk) {
alert($act_button." 하실 항목을 하나 이상 체크하세요."); alert($act_button . " 하실 항목을 하나 이상 체크하세요.");
} }
check_admin_token(); check_admin_token();
if ($act_button === "선택수정") { if ($act_button === "선택수정") {
auth_check_menu($auth, $sub_menu, 'w'); auth_check_menu($auth, $sub_menu, 'w');
for ($i=0; $i<$post_count_chk; $i++) { for ($i = 0; $i < $post_count_chk; $i++) {
// 실제 번호를 넘김 // 실제 번호를 넘김
$k = isset($_POST['chk'][$i]) ? (int) $_POST['chk'][$i] : 0; $k = isset($_POST['chk'][$i]) ? (int) $_POST['chk'][$i] : 0;
@ -39,59 +37,60 @@ if ($act_button === "선택수정") {
if ($is_admin != 'super') { if ($is_admin != 'super') {
$sql = " select count(*) as cnt from {$g5['board_table']} a, {$g5['group_table']} b $sql = " select count(*) as cnt from {$g5['board_table']} a, {$g5['group_table']} b
where a.gr_id = '".sql_real_escape_string($post_gr_id)."' where a.gr_id = '" . sql_real_escape_string($post_gr_id) . "'
and a.gr_id = b.gr_id and a.gr_id = b.gr_id
and b.gr_admin = '{$member['mb_id']}' "; and b.gr_admin = '{$member['mb_id']}' ";
$row = sql_fetch($sql); $row = sql_fetch($sql);
if (!$row['cnt']) if (!$row['cnt']) {
alert('최고관리자가 아닌 경우 다른 관리자의 게시판('.$board_table[$k].')은 수정이 불가합니다.'); alert('최고관리자가 아닌 경우 다른 관리자의 게시판(' . $board_table[$k] . ')은 수정이 불가합니다.');
}
} }
$p_bo_subject = is_array($_POST['bo_subject']) ? strip_tags(clean_xss_attributes($_POST['bo_subject'][$k])) : ''; $p_bo_subject = is_array($_POST['bo_subject']) ? strip_tags(clean_xss_attributes($_POST['bo_subject'][$k])) : '';
$sql = " update {$g5['board_table']} $sql = " update {$g5['board_table']}
set gr_id = '".sql_real_escape_string($post_gr_id)."', set gr_id = '" . sql_real_escape_string($post_gr_id) . "',
bo_subject = '".$p_bo_subject."', bo_subject = '" . $p_bo_subject . "',
bo_device = '".sql_real_escape_string($post_bo_device)."', bo_device = '" . sql_real_escape_string($post_bo_device) . "',
bo_skin = '".sql_real_escape_string($post_bo_skin)."', bo_skin = '" . sql_real_escape_string($post_bo_skin) . "',
bo_mobile_skin = '".sql_real_escape_string($post_bo_mobile_skin)."', bo_mobile_skin = '" . sql_real_escape_string($post_bo_mobile_skin) . "',
bo_read_point = '".sql_real_escape_string($post_bo_read_point)."', bo_read_point = '" . sql_real_escape_string($post_bo_read_point) . "',
bo_write_point = '".sql_real_escape_string($post_bo_write_point)."', bo_write_point = '" . sql_real_escape_string($post_bo_write_point) . "',
bo_comment_point = '".sql_real_escape_string($post_bo_comment_point)."', bo_comment_point = '" . sql_real_escape_string($post_bo_comment_point) . "',
bo_download_point = '".sql_real_escape_string($post_bo_download_point)."', bo_download_point = '" . sql_real_escape_string($post_bo_download_point) . "',
bo_use_search = '".sql_real_escape_string($post_bo_use_search)."', bo_use_search = '" . sql_real_escape_string($post_bo_use_search) . "',
bo_use_sns = '".sql_real_escape_string($post_bo_use_sns)."', bo_use_sns = '" . sql_real_escape_string($post_bo_use_sns) . "',
bo_order = '".sql_real_escape_string($post_bo_order)."' bo_order = '" . sql_real_escape_string($post_bo_order) . "'
where bo_table = '".sql_real_escape_string($post_board_table)."' "; where bo_table = '" . sql_real_escape_string($post_board_table) . "' ";
sql_query($sql); sql_query($sql);
} }
} elseif ($act_button === "선택삭제") {
} else if ($act_button === "선택삭제") { if ($is_admin != 'super') {
if ($is_admin != 'super')
alert('게시판 삭제는 최고관리자만 가능합니다.'); alert('게시판 삭제는 최고관리자만 가능합니다.');
}
auth_check_menu($auth, $sub_menu, 'd'); auth_check_menu($auth, $sub_menu, 'd');
// _BOARD_DELETE_ 상수를 선언해야 board_delete.inc.php 가 정상 작동함 // _BOARD_DELETE_ 상수를 선언해야 board_delete.inc.php 가 정상 작동함
/* 확인필요 22.05.27
A file should declare new symbols (classes, functions, constants, etc.) and cause no other side effects,
or it should execute logic with side effects, but should not do both.*/
define('_BOARD_DELETE_', true); define('_BOARD_DELETE_', true);
for ($i=0; $i<$post_count_chk; $i++) { for ($i = 0; $i < $post_count_chk; $i++) {
// 실제 번호를 넘김 // 실제 번호를 넘김
$k = isset($_POST['chk'][$i]) ? (int) $_POST['chk'][$i] : 0; $k = isset($_POST['chk'][$i]) ? (int) $_POST['chk'][$i] : 0;
// include 전에 $bo_table 값을 반드시 넘겨야 함 // include 전에 $bo_table 값을 반드시 넘겨야 함
$tmp_bo_table = isset($_POST['board_table'][$k]) ? trim(clean_xss_tags($_POST['board_table'][$k], 1, 1)) : ''; $tmp_bo_table = isset($_POST['board_table'][$k]) ? trim(clean_xss_tags($_POST['board_table'][$k], 1, 1)) : '';
if( preg_match("/^[A-Za-z0-9_]+$/", $tmp_bo_table) ){ if (preg_match("/^[A-Za-z0-9_]+$/", $tmp_bo_table)) {
include ('./board_delete.inc.php'); include './board_delete.inc.php';
} }
} }
} }
run_event('admin_board_list_update', $act_button, $chk, $board_table, $qstr); run_event('admin_board_list_update', $act_button, $chk, $board_table, $qstr);
goto_url('./board_list.php?'.$qstr); goto_url('./board_list.php?' . $qstr);

28
adm/board_thumbnail_delete.php
View File

@ -1,14 +1,15 @@
<?php <?php
$sub_menu = '300100'; $sub_menu = '300100';
include_once('./_common.php'); require_once './_common.php';
auth_check_menu($auth, $sub_menu, 'w'); auth_check_menu($auth, $sub_menu, 'w');
if(!$board['bo_table']) if (!$board['bo_table']) {
alert('존재하지 않는 게시판입니다.'); alert('존재하지 않는 게시판입니다.');
}
$g5['title'] = $board['bo_subject'].' 게시판 썸네일 삭제'; $g5['title'] = $board['bo_subject'] . ' 게시판 썸네일 삭제';
include_once('./admin.head.php'); require_once './admin.head.php';
?> ?>
<div class="local_desc02 local_desc"> <div class="local_desc02 local_desc">
@ -18,28 +19,29 @@ include_once('./admin.head.php');
</div> </div>
<?php <?php
$dir = G5_DATA_PATH.'/file/'.$bo_table; $dir = G5_DATA_PATH . '/file/' . $bo_table;
$cnt = 0; $cnt = 0;
if(is_dir($dir)) { if (is_dir($dir)) {
echo '<ul>'; echo '<ul>';
$files = glob($dir.'/thumb-*'); $files = glob($dir . '/thumb-*');
if (is_array($files)) { if (is_array($files)) {
foreach($files as $thumbnail) { foreach ($files as $thumbnail) {
$cnt++; $cnt++;
@unlink($thumbnail); @unlink($thumbnail);
echo '<li>'.$thumbnail.'</li>'.PHP_EOL; echo '<li>' . $thumbnail . '</li>' . PHP_EOL;
flush(); flush();
if ($cnt%10==0) if (($cnt % 10) == 0) {
echo PHP_EOL; echo PHP_EOL;
}
} }
} }
echo '<li>완료됨</li></ul>'.PHP_EOL; echo '<li>완료됨</li></ul>' . PHP_EOL;
echo '<div class="local_desc01 local_desc"><p><strong>썸네일 '.$cnt.'건의 삭제 완료됐습니다.</strong></p></div>'.PHP_EOL; echo '<div class="local_desc01 local_desc"><p><strong>썸네일 ' . $cnt . '건의 삭제 완료됐습니다.</strong></p></div>' . PHP_EOL;
} else { } else {
echo '<p>첨부파일 디렉토리가 존재하지 않습니다.</p>'; echo '<p>첨부파일 디렉토리가 존재하지 않습니다.</p>';
} }
@ -48,4 +50,4 @@ if(is_dir($dir)) {
<div class="btn_confirm01 btn_confirm"><a href="./board_form.php?w=u&amp;bo_table=<?php echo $bo_table; ?>&amp;<?php echo $qstr; ?>">게시판 수정으로 돌아가기</a></div> <div class="btn_confirm01 btn_confirm"><a href="./board_form.php?w=u&amp;bo_table=<?php echo $bo_table; ?>&amp;<?php echo $qstr; ?>">게시판 수정으로 돌아가기</a></div>
<?php <?php
include_once('./admin.tail.php'); require_once './admin.tail.php';

231
adm/boardgroup_form.php
View File

@ -1,141 +1,155 @@
<?php <?php
$sub_menu = "300200"; $sub_menu = "300200";
include_once('./_common.php'); require_once './_common.php';
auth_check_menu($auth, $sub_menu, 'w'); auth_check_menu($auth, $sub_menu, 'w');
if ($is_admin != 'super' && $w == '') alert('최고관리자만 접근 가능합니다.'); if ($is_admin != 'super' && $w == '') {
alert('최고관리자만 접근 가능합니다.');
}
$html_title = '게시판그룹'; $html_title = '게시판그룹';
$gr_id_attr = ''; $gr_id_attr = '';
$sound_only = ''; $sound_only = '';
if( ! isset($group['gr_id']) ){ if (!isset($group['gr_id'])) {
$group['gr_id'] = ''; $group['gr_id'] = '';
$group['gr_subject'] = ''; $group['gr_subject'] = '';
$group['gr_device'] = ''; $group['gr_device'] = '';
} }
$gr = array('gr_use_access' => 0, 'gr_admin' => '');
if ($w == '') { if ($w == '') {
$gr_id_attr = 'required'; $gr_id_attr = 'required';
$sound_only = '<strong class="sound_only"> 필수</strong>'; $sound_only = '<strong class="sound_only"> 필수</strong>';
$gr = array('gr_use_access' => 0, 'gr_admin'=>'');
$html_title .= ' 생성'; $html_title .= ' 생성';
} else if ($w == 'u') { } elseif ($w == 'u') {
$gr_id_attr = 'readonly'; $gr_id_attr = 'readonly';
$gr = sql_fetch(" select * from {$g5['group_table']} where gr_id = '$gr_id' "); $gr = sql_fetch(" select * from {$g5['group_table']} where gr_id = '$gr_id' ");
$html_title .= ' 수정'; $html_title .= ' 수정';
} } else {
else
alert('제대로 된 값이 넘어오지 않았습니다.'); alert('제대로 된 값이 넘어오지 않았습니다.');
}
if (!isset($group['gr_device'])) { if (!isset($group['gr_device'])) {
sql_query(" ALTER TABLE `{$g5['group_table']}` ADD `gr_device` ENUM('both','pc','mobile') NOT NULL DEFAULT 'both' AFTER `gr_subject` ", false); sql_query(" ALTER TABLE `{$g5['group_table']}` ADD `gr_device` ENUM('both','pc','mobile') NOT NULL DEFAULT 'both' AFTER `gr_subject` ", false);
} }
// 접근회원수
$sql1 = " select count(*) as cnt from {$g5['group_member_table']} where gr_id = '{$gr_id}' ";
$row1 = sql_fetch($sql1);
$group_member_count = $row1['cnt'];
$g5['title'] = $html_title; $g5['title'] = $html_title;
include_once('./admin.head.php'); require_once './admin.head.php';
?> ?>
<form name="fboardgroup" id="fboardgroup" action="./boardgroup_form_update.php" onsubmit="return fboardgroup_check(this);" method="post" autocomplete="off"> <form name="fboardgroup" id="fboardgroup" action="./boardgroup_form_update.php" onsubmit="return fboardgroup_check(this);" method="post" autocomplete="off">
<input type="hidden" name="w" value="<?php echo $w ?>"> <input type="hidden" name="w" value="<?php echo $w ?>">
<input type="hidden" name="sfl" value="<?php echo $sfl ?>"> <input type="hidden" name="sfl" value="<?php echo $sfl ?>">
<input type="hidden" name="stx" value="<?php echo $stx ?>"> <input type="hidden" name="stx" value="<?php echo $stx ?>">
<input type="hidden" name="sst" value="<?php echo $sst ?>"> <input type="hidden" name="sst" value="<?php echo $sst ?>">
<input type="hidden" name="sod" value="<?php echo $sod ?>"> <input type="hidden" name="sod" value="<?php echo $sod ?>">
<input type="hidden" name="page" value="<?php echo $page ?>"> <input type="hidden" name="page" value="<?php echo $page ?>">
<input type="hidden" name="token" value=""> <input type="hidden" name="token" value="">
<div class="tbl_frm01 tbl_wrap"> <div class="tbl_frm01 tbl_wrap">
<table> <table>
<caption><?php echo $g5['title']; ?></caption> <caption><?php echo $g5['title']; ?></caption>
<colgroup> <colgroup>
<col class="grid_4"> <col class="grid_4">
<col> <col>
</colgroup> </colgroup>
<tbody> <tbody>
<tr> <tr>
<th scope="row"><label for="gr_id">그룹 ID<?php echo $sound_only ?></label></th> <th scope="row"><label for="gr_id">그룹 ID<?php echo $sound_only ?></label></th>
<td><input type="text" name="gr_id" value="<?php echo $group['gr_id'] ?>" id="gr_id" <?php echo $gr_id_attr; ?> class="<?php echo $gr_id_attr; ?> alnum_ frm_input" maxlength="10"> <td><input type="text" name="gr_id" value="<?php echo $group['gr_id'] ?>" id="gr_id" <?php echo $gr_id_attr; ?> class="<?php echo $gr_id_attr; ?> alnum_ frm_input" maxlength="10">
<?php <?php
if ($w=='') if ($w == '') {
echo '영문자, 숫자, _ 만 가능 (공백없이)'; echo '영문자, 숫자, _ 만 가능 (공백없이)';
else } else {
echo '<a href="'.G5_BBS_URL.'/group.php?gr_id='.$group['gr_id'].'" class="btn_frmline">게시판그룹 바로가기</a>'; echo '<a href="' . G5_BBS_URL . '/group.php?gr_id=' . $group['gr_id'] . '" class="btn_frmline">게시판그룹 바로가기</a>';
?> }
</td> ?>
</tr> </td>
<tr> </tr>
<th scope="row"><label for="gr_subject">그룹 제목<strong class="sound_only"> 필수</strong></label></th> <tr>
<td> <th scope="row"><label for="gr_subject">그룹 제목<strong class="sound_only"> 필수</strong></label></th>
<input type="text" name="gr_subject" value="<?php echo get_text($group['gr_subject']) ?>" id="gr_subject" required class="required frm_input" size="80"> <td>
<?php <input type="text" name="gr_subject" value="<?php echo get_text($group['gr_subject']) ?>" id="gr_subject" required class="required frm_input" size="80">
if ($w == 'u') <?php
echo '<a href="./board_form.php?gr_id='.$gr_id.'" class="btn_frmline">게시판생성</a>'; if ($w == 'u') {
?> echo '<a href="./board_form.php?gr_id=' . $gr_id . '" class="btn_frmline">게시판생성</a>';
</td> }
</tr> ?>
<tr> </td>
<th scope="row"><label for="gr_device">접속기기</label></th> </tr>
<td> <tr>
<?php echo help("PC 와 모바일 사용을 구분합니다.") ?> <th scope="row"><label for="gr_device">접속기기</label></th>
<select id="gr_device" name="gr_device"> <td>
<option value="both"<?php echo get_selected($group['gr_device'], 'both', true); ?>>PC와 모바일에서 모두 사용</option> <?php echo help("PC 와 모바일 사용을 구분합니다.") ?>
<option value="pc"<?php echo get_selected($group['gr_device'], 'pc'); ?>>PC 전용</option> <select id="gr_device" name="gr_device">
<option value="mobile"<?php echo get_selected($group['gr_device'], 'mobile'); ?>>모바일 전용</option> <option value="both" <?php echo get_selected($group['gr_device'], 'both', true); ?>>PC와 모바일에서 모두 사용</option>
</select> <option value="pc" <?php echo get_selected($group['gr_device'], 'pc'); ?>>PC 전용</option>
</td> <option value="mobile" <?php echo get_selected($group['gr_device'], 'mobile'); ?>>모바일 전용</option>
</tr> </select>
<tr> </td>
<th scope="row"><?php if ($is_admin == 'super') { ?><label for="gr_admin"><?php } ?>그룹 관리자<?php if ($is_admin == 'super') { ?></label><?php } ?></th> </tr>
<td> <tr>
<?php <th scope="row">
if ($is_admin == 'super') <?php
echo '<input type="text" id="gr_admin" name="gr_admin" class="frm_input" value="'.$gr['gr_admin'].'" maxlength="20">'; if ($is_admin == 'super') {
else echo '<label for="gr_admin">그룹 관리자</label>';
echo '<input type="hidden" id="gr_admin" name="gr_admin" value="'.$gr['gr_admin'].'">'.$gr['gr_admin']; } else {
?> echo '그룹 관리자';
</td> }
</tr> ?>
<tr> </th>
<th scope="row"><label for="gr_use_access">접근회원사용</label></th> <td>
<td> <?php
<?php echo help("사용에 체크하시면 이 그룹에 속한 게시판은 접근가능한 회원만 접근이 가능합니다.") ?> if ($is_admin == 'super') {
<input type="checkbox" name="gr_use_access" value="1" id="gr_use_access" <?php echo $gr['gr_use_access']?'checked':''; ?>> echo '<input type="text" id="gr_admin" name="gr_admin" class="frm_input" value="' . $gr['gr_admin'] . '" maxlength="20">';
사용 } else {
</td> echo '<input type="hidden" id="gr_admin" name="gr_admin" value="' . $gr['gr_admin'] . '">' . $gr['gr_admin'];
</tr> }
<tr> ?>
<th scope="row">접근회원수</th> </td>
<td> </tr>
<?php <tr>
// 접근회원수 <th scope="row"><label for="gr_use_access">접근회원사용</label></th>
$sql1 = " select count(*) as cnt from {$g5['group_member_table']} where gr_id = '{$gr_id}' "; <td>
$row1 = sql_fetch($sql1); <?php echo help("사용에 체크하시면 이 그룹에 속한 게시판은 접근가능한 회원만 접근이 가능합니다.") ?>
echo '<a href="./boardgroupmember_list.php?gr_id='.$gr_id.'">'.$row1['cnt'].'</a>'; <input type="checkbox" name="gr_use_access" value="1" id="gr_use_access" <?php echo $gr['gr_use_access'] ? 'checked' : ''; ?>>
?> 사용
</td> </td>
</tr> </tr>
<?php for ($i=1;$i<=10;$i++) { ?> <tr>
<tr> <th scope="row">접근회원수</th>
<th scope="row">여분필드<?php echo $i ?></th> <td>
<td class="td_extra"> <?php
<label for="gr_<?php echo $i ?>_subj">여분필드 <?php echo $i ?> 제목</label> echo '<a href="./boardgroupmember_list.php?gr_id=' . $gr_id . '">' . $group_member_count . '</a>';
<input type="text" name="gr_<?php echo $i ?>_subj" value="<?php echo isset($group['gr_'.$i.'_subj']) ? get_text($group['gr_'.$i.'_subj']) : ''; ?>" id="gr_<?php echo $i ?>_subj" class="frm_input"> ?>
<label for="gr_<?php echo $i ?>">여분필드 <?php echo $i ?> 내용</label> </td>
<input type="text" name="gr_<?php echo $i ?>" value="<?php echo isset($gr['gr_'.$i]) ? get_sanitize_input($gr['gr_'.$i]) : ''; ?>" id="gr_<?php echo $i ?>" class="frm_input"> </tr>
</td> <?php for ($i = 1; $i <= 10; $i++) { ?>
</tr> <tr>
<?php } ?> <th scope="row">여분필드<?php echo $i ?></th>
</tbody> <td class="td_extra">
</table> <label for="gr_<?php echo $i ?>_subj">여분필드 <?php echo $i ?> 제목</label>
</div> <input type="text" name="gr_<?php echo $i ?>_subj" value="<?php echo isset($group['gr_' . $i . '_subj']) ? get_text($group['gr_' . $i . '_subj']) : ''; ?>" id="gr_<?php echo $i ?>_subj" class="frm_input">
<label for="gr_<?php echo $i ?>">여분필드 <?php echo $i ?> 내용</label>
<input type="text" name="gr_<?php echo $i ?>" value="<?php echo isset($gr['gr_' . $i]) ? get_sanitize_input($gr['gr_' . $i]) : ''; ?>" id="gr_<?php echo $i ?>" class="frm_input">
</td>
</tr>
<?php } ?>
</tbody>
</table>
</div>
<div class="btn_fixed_top"> <div class="btn_fixed_top">
<a href="./boardgroup_list.php?<?php echo $qstr ?>" class="btn btn_02">목록</a> <a href="./boardgroup_list.php?<?php echo $qstr ?>" class="btn btn_02">목록</a>
<input type="submit" class="btn_submit btn" accesskey="s" value="확인"> <input type="submit" class="btn_submit btn" accesskey="s" value="확인">
</div> </div>
</form> </form>
@ -147,12 +161,11 @@ include_once('./admin.head.php');
</div> </div>
<script> <script>
function fboardgroup_check(f) function fboardgroup_check(f) {
{ f.action = './boardgroup_form_update.php';
f.action = './boardgroup_form_update.php'; return true;
return true; }
}
</script> </script>
<?php <?php
include_once ('./admin.tail.php'); require_once './admin.tail.php';

48
adm/boardgroup_form_update.php
View File

@ -1,38 +1,44 @@
<?php <?php
$sub_menu = "300200"; $sub_menu = "300200";
include_once('./_common.php'); require_once './_common.php';
if ($w == 'u') if ($w == 'u') {
check_demo(); check_demo();
}
auth_check_menu($auth, $sub_menu, 'w'); auth_check_menu($auth, $sub_menu, 'w');
if ($is_admin != 'super' && $w == '') alert('최고관리자만 접근 가능합니다.'); if ($is_admin != 'super' && $w == '') {
alert('최고관리자만 접근 가능합니다.');
}
check_admin_token(); check_admin_token();
$gr_id = isset($_POST['gr_id']) ? $_POST['gr_id'] : ''; $gr_id = isset($_POST['gr_id']) ? $_POST['gr_id'] : '';
if (!preg_match("/^([A-Za-z0-9_]{1,10})$/", $gr_id)) if (!preg_match("/^([A-Za-z0-9_]{1,10})$/", $gr_id)) {
alert('그룹 ID는 공백없이 영문자, 숫자, _ 만 사용 가능합니다. (10자 이내)'); alert('그룹 ID는 공백없이 영문자, 숫자, _ 만 사용 가능합니다. (10자 이내)');
}
if (!$gr_subject) alert('그룹 제목을 입력하세요.'); if (empty($gr_subject)) {
alert('그룹 제목을 입력하세요.');
}
$posts = array(); $posts = array();
$check_keys = array( $check_keys = array(
'gr_subject'=>'', 'gr_subject' => '',
'gr_device'=>'', 'gr_device' => '',
'gr_admin'=>'', 'gr_admin' => '',
); );
for($i=1;$i<=10;$i++){ for ($i = 1; $i <= 10; $i++) {
$check_keys['gr_'.$i.'_subj'] = isset($_POST['gr_'.$i.'_subj']) ? $_POST['gr_'.$i.'_subj'] : ''; $check_keys['gr_' . $i . '_subj'] = isset($_POST['gr_' . $i . '_subj']) ? $_POST['gr_' . $i . '_subj'] : '';
$check_keys['gr_'.$i] = isset($_POST['gr_'.$i]) ? $_POST['gr_'.$i] : ''; $check_keys['gr_' . $i] = isset($_POST['gr_' . $i]) ? $_POST['gr_' . $i] : '';
} }
foreach( $check_keys as $key=>$value ){ foreach ($check_keys as $key => $value) {
if( $key === 'gr_subject' ){ if ($key === 'gr_subject') {
$posts[$key] = isset($_POST[$key]) ? strip_tags(clean_xss_attributes($_POST[$key])) : ''; $posts[$key] = isset($_POST[$key]) ? strip_tags(clean_xss_attributes($_POST[$key])) : '';
} else { } else {
$posts[$key] = isset($_POST[$key]) ? $_POST[$key] : ''; $posts[$key] = isset($_POST[$key]) ? $_POST[$key] : '';
@ -62,34 +68,32 @@ $sql_common = " gr_subject = '{$posts['gr_subject']}',
gr_8 = '{$posts['gr_8']}', gr_8 = '{$posts['gr_8']}',
gr_9 = '{$posts['gr_9']}', gr_9 = '{$posts['gr_9']}',
gr_10 = '{$posts['gr_10']}' "; gr_10 = '{$posts['gr_10']}' ";
if (isset($_POST['gr_use_access'])) if (isset($_POST['gr_use_access'])) {
$sql_common .= ", gr_use_access = '{$_POST['gr_use_access']}' "; $sql_common .= ", gr_use_access = '{$_POST['gr_use_access']}' ";
else } else {
$sql_common .= ", gr_use_access = '' "; $sql_common .= ", gr_use_access = '' ";
}
if ($w == '') { if ($w == '') {
$sql = " select count(*) as cnt from {$g5['group_table']} where gr_id = '{$gr_id}' "; $sql = " select count(*) as cnt from {$g5['group_table']} where gr_id = '{$gr_id}' ";
$row = sql_fetch($sql); $row = sql_fetch($sql);
if ($row['cnt']) if ($row['cnt']) {
alert('이미 존재하는 그룹 ID 입니다.'); alert('이미 존재하는 그룹 ID 입니다.');
}
$sql = " insert into {$g5['group_table']} $sql = " insert into {$g5['group_table']}
set gr_id = '{$gr_id}', set gr_id = '{$gr_id}',
{$sql_common} "; {$sql_common} ";
sql_query($sql); sql_query($sql);
} elseif ($w == "u") {
} else if ($w == "u") {
$sql = " update {$g5['group_table']} $sql = " update {$g5['group_table']}
set {$sql_common} set {$sql_common}
where gr_id = '{$gr_id}' "; where gr_id = '{$gr_id}' ";
sql_query($sql); sql_query($sql);
} else { } else {
alert('제대로 된 값이 넘어오지 않았습니다.'); alert('제대로 된 값이 넘어오지 않았습니다.');
} }
run_event('admin_boardgroup_form_update', $gr_id, $w); run_event('admin_boardgroup_form_update', $gr_id, $w);
goto_url('./boardgroup_form.php?w=u&amp;gr_id='.$gr_id.'&amp;'.$qstr); goto_url('./boardgroup_form.php?w=u&amp;gr_id=' . $gr_id . '&amp;' . $qstr);

252
adm/boardgroup_list.php
View File

@ -1,6 +1,6 @@
<?php <?php
$sub_menu = "300200"; $sub_menu = "300200";
include_once('./_common.php'); require_once './_common.php';
auth_check_menu($auth, $sub_menu, 'r'); auth_check_menu($auth, $sub_menu, 'r');
@ -16,27 +16,29 @@ if (!isset($group['gr_device'])) {
$sql_common = " from {$g5['group_table']} "; $sql_common = " from {$g5['group_table']} ";
$sql_search = " where (1) "; $sql_search = " where (1) ";
if ($is_admin != 'super') if ($is_admin != 'super') {
$sql_search .= " and (gr_admin = '{$member['mb_id']}') "; $sql_search .= " and (gr_admin = '{$member['mb_id']}') ";
}
if ($stx) { if ($stx) {
$sql_search .= " and ( "; $sql_search .= " and ( ";
switch ($sfl) { switch ($sfl) {
case "gr_id" : case "gr_id":
case "gr_admin" : case "gr_admin":
$sql_search .= " ({$sfl} = '{$stx}') "; $sql_search .= " ({$sfl} = '{$stx}') ";
break; break;
default : default:
$sql_search .= " ({$sfl} like '%{$stx}%') "; $sql_search .= " ({$sfl} like '%{$stx}%') ";
break; break;
} }
$sql_search .= " ) "; $sql_search .= " ) ";
} }
if ($sst) if ($sst) {
$sql_order = " order by {$sst} {$sod} "; $sql_order = " order by {$sst} {$sod} ";
else } else {
$sql_order = " order by gr_id asc "; $sql_order = " order by gr_id asc ";
}
$sql = " select count(*) as cnt {$sql_common} {$sql_search} {$sql_order} "; $sql = " select count(*) as cnt {$sql_common} {$sql_search} {$sql_order} ";
$row = sql_fetch($sql); $row = sql_fetch($sql);
@ -44,136 +46,137 @@ $total_count = $row['cnt'];
$rows = $config['cf_page_rows']; $rows = $config['cf_page_rows'];
$total_page = ceil($total_count / $rows); // 전체 페이지 계산 $total_page = ceil($total_count / $rows); // 전체 페이지 계산
if ($page < 1) $page = 1; // 페이지가 없으면 첫 페이지 (1 페이지) if ($page < 1) {
$page = 1; // 페이지가 없으면 첫 페이지 (1 페이지)
}
$from_record = ($page - 1) * $rows; // 시작 열을 구함 $from_record = ($page - 1) * $rows; // 시작 열을 구함
$sql = " select * {$sql_common} {$sql_search} {$sql_order} limit {$from_record}, {$rows} "; $sql = " select * {$sql_common} {$sql_search} {$sql_order} limit {$from_record}, {$rows} ";
$result = sql_query($sql); $result = sql_query($sql);
$listall = '<a href="'.$_SERVER['SCRIPT_NAME'].'" class="ov_listall">처음</a>'; $listall = '<a href="' . $_SERVER['SCRIPT_NAME'] . '" class="ov_listall">처음</a>';
$g5['title'] = '게시판그룹설정'; $g5['title'] = '게시판그룹설정';
include_once('./admin.head.php'); require_once './admin.head.php';
$colspan = 10; $colspan = 10;
?> ?>
<div class="local_ov01 local_ov"> <div class="local_ov01 local_ov">
<?php echo $listall ?> <?php echo $listall ?>
<span class="btn_ov01"><span class="ov_txt">전체그룹</span><span class="ov_num"> <?php echo number_format($total_count) ?>개</span></span> <span class="btn_ov01"><span class="ov_txt">전체그룹</span><span class="ov_num"> <?php echo number_format($total_count) ?>개</span></span>
</div> </div>
<form name="fsearch" id="fsearch" class="local_sch01 local_sch" method="get"> <form name="fsearch" id="fsearch" class="local_sch01 local_sch" method="get">
<label for="sfl" class="sound_only">검색대상</label> <label for="sfl" class="sound_only">검색대상</label>
<select name="sfl" id="sfl"> <select name="sfl" id="sfl">
<option value="gr_subject"<?php echo get_selected($sfl, "gr_subject"); ?>>제목</option> <option value="gr_subject" <?php echo get_selected($sfl, "gr_subject"); ?>>제목</option>
<option value="gr_id"<?php echo get_selected($sfl, "gr_id"); ?>>ID</option> <option value="gr_id" <?php echo get_selected($sfl, "gr_id"); ?>>ID</option>
<option value="gr_admin"<?php echo get_selected($sfl, "gr_admin"); ?>>그룹관리자</option> <option value="gr_admin" <?php echo get_selected($sfl, "gr_admin"); ?>>그룹관리자</option>
</select> </select>
<label for="stx" class="sound_only">검색어<strong class="sound_only"> 필수</strong></label> <label for="stx" class="sound_only">검색어<strong class="sound_only"> 필수</strong></label>
<input type="text" name="stx" id="stx" value="<?php echo $stx ?>" required class="required frm_input"> <input type="text" name="stx" id="stx" value="<?php echo $stx ?>" required class="required frm_input">
<input type="submit" value="검색" class="btn_submit"> <input type="submit" value="검색" class="btn_submit">
</form> </form>
<form name="fboardgrouplist" id="fboardgrouplist" action="./boardgroup_list_update.php" onsubmit="return fboardgrouplist_submit(this);" method="post"> <form name="fboardgrouplist" id="fboardgrouplist" action="./boardgroup_list_update.php" onsubmit="return fboardgrouplist_submit(this);" method="post">
<input type="hidden" name="sst" value="<?php echo $sst ?>"> <input type="hidden" name="sst" value="<?php echo $sst ?>">
<input type="hidden" name="sod" value="<?php echo $sod ?>"> <input type="hidden" name="sod" value="<?php echo $sod ?>">
<input type="hidden" name="sfl" value="<?php echo $sfl ?>"> <input type="hidden" name="sfl" value="<?php echo $sfl ?>">
<input type="hidden" name="stx" value="<?php echo $stx ?>"> <input type="hidden" name="stx" value="<?php echo $stx ?>">
<input type="hidden" name="page" value="<?php echo $page ?>"> <input type="hidden" name="page" value="<?php echo $page ?>">
<input type="hidden" name="token" value=""> <input type="hidden" name="token" value="">
<div class="tbl_head01 tbl_wrap"> <div class="tbl_head01 tbl_wrap">
<table> <table>
<caption><?php echo $g5['title']; ?> 목록</caption> <caption><?php echo $g5['title']; ?> 목록</caption>
<thead> <thead>
<tr> <tr>
<th scope="col"> <th scope="col">
<label for="chkall" class="sound_only">그룹 전체</label> <label for="chkall" class="sound_only">그룹 전체</label>
<input type="checkbox" name="chkall" value="1" id="chkall" onclick="check_all(this.form)"> <input type="checkbox" name="chkall" value="1" id="chkall" onclick="check_all(this.form)">
</th> </th>
<th scope="col"><?php echo subject_sort_link('gr_id') ?>그룹아이디</a></th> <th scope="col"><?php echo subject_sort_link('gr_id') ?>그룹아이디</a></th>
<th scope="col"><?php echo subject_sort_link('gr_subject') ?>제목</a></th> <th scope="col"><?php echo subject_sort_link('gr_subject') ?>제목</a></th>
<th scope="col"><?php echo subject_sort_link('gr_admin') ?>그룹관리자</a></th> <th scope="col"><?php echo subject_sort_link('gr_admin') ?>그룹관리자</a></th>
<th scope="col">게시판</th> <th scope="col">게시판</th>
<th scope="col">접근<br>사용</th> <th scope="col">접근<br>사용</th>
<th scope="col">접근<br>회원수</th> <th scope="col">접근<br>회원수</th>
<th scope="col"><?php echo subject_sort_link('gr_order') ?>출력<br>순서</a></th> <th scope="col"><?php echo subject_sort_link('gr_order') ?>출력<br>순서</a></th>
<th scope="col">접속기기</th> <th scope="col">접속기기</th>
<th scope="col">관리</th> <th scope="col">관리</th>
</tr> </tr>
</thead> </thead>
<tbody> <tbody>
<?php <?php
for ($i=0; $row=sql_fetch_array($result); $i++) for ($i = 0; $row = sql_fetch_array($result); $i++) {
{ // 접근회원수
// 접근회원수 $sql1 = " select count(*) as cnt from {$g5['group_member_table']} where gr_id = '{$row['gr_id']}' ";
$sql1 = " select count(*) as cnt from {$g5['group_member_table']} where gr_id = '{$row['gr_id']}' "; $row1 = sql_fetch($sql1);
$row1 = sql_fetch($sql1);
// 게시판수 // 게시판수
$sql2 = " select count(*) as cnt from {$g5['board_table']} where gr_id = '{$row['gr_id']}' "; $sql2 = " select count(*) as cnt from {$g5['board_table']} where gr_id = '{$row['gr_id']}' ";
$row2 = sql_fetch($sql2); $row2 = sql_fetch($sql2);
$s_upd = '<a href="./boardgroup_form.php?'.$qstr.'&amp;w=u&amp;gr_id='.$row['gr_id'].'" class="btn_03 btn">수정</a>'; $s_upd = '<a href="./boardgroup_form.php?' . $qstr . '&amp;w=u&amp;gr_id=' . $row['gr_id'] . '" class="btn_03 btn">수정</a>';
$bg = 'bg'.($i%2); $bg = 'bg' . ($i % 2);
?> ?>
<tr class="<?php echo $bg; ?>"> <tr class="<?php echo $bg; ?>">
<td class="td_chk"> <td class="td_chk">
<input type="hidden" name="group_id[<?php echo $i ?>]" value="<?php echo $row['gr_id'] ?>"> <input type="hidden" name="group_id[<?php echo $i ?>]" value="<?php echo $row['gr_id'] ?>">
<label for="chk_<?php echo $i; ?>" class="sound_only"><?php echo get_text($row['gr_subject']); ?> 그룹</label> <label for="chk_<?php echo $i; ?>" class="sound_only"><?php echo get_text($row['gr_subject']); ?> 그룹</label>
<input type="checkbox" name="chk[]" value="<?php echo $i ?>" id="chk_<?php echo $i ?>"> <input type="checkbox" name="chk[]" value="<?php echo $i ?>" id="chk_<?php echo $i ?>">
</td> </td>
<td class="td_left"><a href="<?php echo G5_BBS_URL ?>/group.php?gr_id=<?php echo $row['gr_id'] ?>"><?php echo $row['gr_id'] ?></a></td> <td class="td_left"><a href="<?php echo G5_BBS_URL ?>/group.php?gr_id=<?php echo $row['gr_id'] ?>"><?php echo $row['gr_id'] ?></a></td>
<td class="td_input"> <td class="td_input">
<label for="gr_subject_<?php echo $i; ?>" class="sound_only">그룹제목</label> <label for="gr_subject_<?php echo $i; ?>" class="sound_only">그룹제목</label>
<input type="text" name="gr_subject[<?php echo $i ?>]" value="<?php echo get_text($row['gr_subject']) ?>" id="gr_subject_<?php echo $i ?>" class="tbl_input"> <input type="text" name="gr_subject[<?php echo $i ?>]" value="<?php echo get_text($row['gr_subject']) ?>" id="gr_subject_<?php echo $i ?>" class="tbl_input">
</td> </td>
<td class="td_mng td_input"> <td class="td_mng td_input">
<?php if ($is_admin == 'super'){ ?> <?php if ($is_admin == 'super') { ?>
<label for="gr_admin_<?php echo $i; ?>" class="sound_only">그룹관리자</label> <label for="gr_admin_<?php echo $i; ?>" class="sound_only">그룹관리자</label>
<input type="text" name="gr_admin[<?php echo $i ?>]" value="<?php echo get_sanitize_input($row['gr_admin']); ?>" id="gr_admin_<?php echo $i ?>" class="tbl_input" size="10" maxlength="20"> <input type="text" name="gr_admin[<?php echo $i ?>]" value="<?php echo get_sanitize_input($row['gr_admin']); ?>" id="gr_admin_<?php echo $i ?>" class="tbl_input" size="10" maxlength="20">
<?php }else{ ?> <?php } else { ?>
<input type="hidden" name="gr_admin[<?php echo $i ?>]" value="<?php echo get_sanitize_input($row['gr_admin']); ?>"><?php echo get_text($row['gr_admin']); ?> <input type="hidden" name="gr_admin[<?php echo $i ?>]" value="<?php echo get_sanitize_input($row['gr_admin']); ?>"><?php echo get_text($row['gr_admin']); ?>
<?php } ?> <?php } ?>
</td> </td>
<td class="td_num"><a href="./board_list.php?sfl=a.gr_id&amp;stx=<?php echo $row['gr_id'] ?>"><?php echo $row2['cnt'] ?></a></td> <td class="td_num"><a href="./board_list.php?sfl=a.gr_id&amp;stx=<?php echo $row['gr_id'] ?>"><?php echo $row2['cnt'] ?></a></td>
<td class="td_numsmall"> <td class="td_numsmall">
<label for="gr_use_access_<?php echo $i; ?>" class="sound_only">접근회원 사용</label> <label for="gr_use_access_<?php echo $i; ?>" class="sound_only">접근회원 사용</label>
<input type="checkbox" name="gr_use_access[<?php echo $i ?>]" <?php echo $row['gr_use_access']?'checked':'' ?> value="1" id="gr_use_access_<?php echo $i ?>"> <input type="checkbox" name="gr_use_access[<?php echo $i ?>]" <?php echo $row['gr_use_access'] ? 'checked' : '' ?> value="1" id="gr_use_access_<?php echo $i ?>">
</td> </td>
<td class="td_num"><a href="./boardgroupmember_list.php?gr_id=<?php echo $row['gr_id'] ?>"><?php echo $row1['cnt'] ?></a></td> <td class="td_num"><a href="./boardgroupmember_list.php?gr_id=<?php echo $row['gr_id'] ?>"><?php echo $row1['cnt'] ?></a></td>
<td class="td_numsmall"> <td class="td_numsmall">
<label for="gr_order_<?php echo $i; ?>" class="sound_only">메인메뉴 출력순서</label> <label for="gr_order_<?php echo $i; ?>" class="sound_only">메인메뉴 출력순서</label>
<input type="text" name="gr_order[<?php echo $i ?>]" value="<?php echo $row['gr_order'] ?>" id="gr_order_<?php echo $i ?>" class="tbl_input" size="2"> <input type="text" name="gr_order[<?php echo $i ?>]" value="<?php echo $row['gr_order'] ?>" id="gr_order_<?php echo $i ?>" class="tbl_input" size="2">
</td> </td>
<td class="td_mng"> <td class="td_mng">
<label for="gr_device_<?php echo $i; ?>" class="sound_only">접속기기</label> <label for="gr_device_<?php echo $i; ?>" class="sound_only">접속기기</label>
<select name="gr_device[<?php echo $i ?>]" id="gr_device_<?php echo $i ?>"> <select name="gr_device[<?php echo $i ?>]" id="gr_device_<?php echo $i ?>">
<option value="both"<?php echo get_selected($row['gr_device'], 'both'); ?>>모두</option> <option value="both" <?php echo get_selected($row['gr_device'], 'both'); ?>>모두</option>
<option value="pc"<?php echo get_selected($row['gr_device'], 'pc'); ?>>PC</option> <option value="pc" <?php echo get_selected($row['gr_device'], 'pc'); ?>>PC</option>
<option value="mobile"<?php echo get_selected($row['gr_device'], 'mobile'); ?>>모바일</option> <option value="mobile" <?php echo get_selected($row['gr_device'], 'mobile'); ?>>모바일</option>
</select> </select>
</td> </td>
<td class="td_mng td_mng_s"><?php echo $s_upd ?></td> <td class="td_mng td_mng_s"><?php echo $s_upd ?></td>
</tr> </tr>
<?php
}
if ($i == 0) {
echo '<tr><td colspan="' . $colspan . '" class="empty_table">자료가 없습니다.</td></tr>';
}
?>
</table>
</div>
<?php <div class="btn_fixed_top">
} <input type="submit" name="act_button" onclick="document.pressed=this.value" value="선택수정" class="btn btn_02">
if ($i == 0) <input type="submit" name="act_button" onclick="document.pressed=this.value" value="선택삭제" class="btn btn_02">
echo '<tr><td colspan="'.$colspan.'" class="empty_table">자료가 없습니다.</td></tr>'; <a href="./boardgroup_form.php" class="btn btn_01">게시판그룹 추가</a>
?> </div>
</table>
</div>
<div class="btn_fixed_top">
<input type="submit" name="act_button" onclick="document.pressed=this.value" value="선택수정" class="btn btn_02">
<input type="submit" name="act_button" onclick="document.pressed=this.value" value="선택삭제" class="btn btn_02">
<a href="./boardgroup_form.php" class="btn btn_01">게시판그룹 추가</a>
</div>
</form> </form>
<div class="local_desc01 local_desc"> <div class="local_desc01 local_desc">
@ -184,27 +187,26 @@ $colspan = 10;
</div> </div>
<?php <?php
$pagelist = get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, $_SERVER['SCRIPT_NAME'].'?'.$qstr.'&amp;page='); $pagelist = get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, $_SERVER['SCRIPT_NAME'] . '?' . $qstr . '&amp;page=');
echo $pagelist; echo $pagelist;
?> ?>
<script> <script>
function fboardgrouplist_submit(f) function fboardgrouplist_submit(f) {
{ if (!is_checked("chk[]")) {
if (!is_checked("chk[]")) { alert(document.pressed + " 하실 항목을 하나 이상 선택하세요.");
alert(document.pressed+" 하실 항목을 하나 이상 선택하세요.");
return false;
}
if(document.pressed == "선택삭제") {
if(!confirm("선택한 자료를 정말 삭제하시겠습니까?")) {
return false; return false;
} }
}
return true; if (document.pressed == "선택삭제") {
} if (!confirm("선택한 자료를 정말 삭제하시겠습니까?")) {
return false;
}
}
return true;
}
</script> </script>
<?php <?php
include_once('./admin.tail.php'); require_once './admin.tail.php';

58
adm/boardgroup_list_update.php
View File

@ -1,8 +1,6 @@
<?php <?php
$sub_menu = "300200"; $sub_menu = "300200";
include_once('./_common.php'); require_once './_common.php';
//print_r2($_POST); exit;
check_demo(); check_demo();
@ -10,40 +8,42 @@ auth_check_menu($auth, $sub_menu, 'w');
check_admin_token(); check_admin_token();
$post_chk = isset($_POST['chk']) ? (array) $_POST['chk'] : array(); $post_chk = isset($_POST['chk']) ? (array) $_POST['chk'] : array();
$post_group_id = isset($_POST['group_id']) ? (array) $_POST['group_id'] : array(); $post_group_id = isset($_POST['group_id']) ? (array) $_POST['group_id'] : array();
$act_button = isset($_POST['act_button']) ? $_POST['act_button'] : ''; $act_button = isset($_POST['act_button']) ? $_POST['act_button'] : '';
$count = count($post_chk); $chk_count = count($post_chk);
if(!$count) if (!$chk_count) {
alert($act_button.'할 게시판그룹을 1개이상 선택해 주세요.'); alert($act_button . '할 게시판그룹을 1개이상 선택해 주세요.');
}
for ($i=0; $i<$count; $i++) for ($i = 0; $i < $chk_count; $i++) {
{ $k = isset($post_chk[$i]) ? (int) $post_chk[$i] : 0;
$k = isset($post_chk[$i]) ? (int) $post_chk[$i] : 0; $gr_id = preg_replace('/[^a-z0-9_]/i', '', $post_group_id[$k]);
$gr_id = preg_replace('/[^a-z0-9_]/i', '', $post_group_id[$k]); $gr_subject = isset($_POST['gr_subject'][$k]) ? strip_tags(clean_xss_attributes($_POST['gr_subject'][$k])) : '';
$gr_subject = isset($_POST['gr_subject'][$k]) ? strip_tags(clean_xss_attributes($_POST['gr_subject'][$k])) : ''; $gr_admin = isset($_POST['gr_admin'][$k]) ? strip_tags(clean_xss_attributes($_POST['gr_admin'][$k])) : '';
$gr_admin = isset($_POST['gr_admin'][$k]) ? strip_tags(clean_xss_attributes($_POST['gr_admin'][$k])) : ''; $gr_device = isset($_POST['gr_device'][$k]) ? clean_xss_tags($_POST['gr_device'][$k], 1, 1, 10) : '';
$gr_device = isset($_POST['gr_device'][$k]) ? clean_xss_tags($_POST['gr_device'][$k], 1, 1, 10) : ''; $gr_use_access = isset($_POST['gr_use_access'][$k]) ? (int) $_POST['gr_use_access'][$k] : 0;
$gr_use_access = isset($_POST['gr_use_access'][$k]) ? (int) $_POST['gr_use_access'][$k] : 0; $gr_order = isset($_POST['gr_order'][$k]) ? (int) $_POST['gr_order'][$k] : 0;
$gr_order = isset($_POST['gr_order'][$k]) ? (int) $_POST['gr_order'][$k] : 0;
if($act_button == '선택수정') { if ($act_button == '선택수정') {
$sql = " update {$g5['group_table']} $sql = " update {$g5['group_table']}
set gr_subject = '{$gr_subject}', set gr_subject = '{$gr_subject}',
gr_device = '".sql_real_escape_string($gr_device)."', gr_device = '" . sql_real_escape_string($gr_device) . "',
gr_admin = '".sql_real_escape_string($gr_admin)."', gr_admin = '" . sql_real_escape_string($gr_admin) . "',
gr_use_access = '".$gr_use_access."', gr_use_access = '" . $gr_use_access . "',
gr_order = '".$gr_order."' gr_order = '" . $gr_order . "'
where gr_id = '{$gr_id}' "; where gr_id = '{$gr_id}' ";
if ($is_admin != 'super') if ($is_admin != 'super') {
$sql .= " and gr_admin = '{$gr_admin}' "; $sql .= " and gr_admin = '{$gr_admin}' ";
}
sql_query($sql); sql_query($sql);
} else if($act_button == '선택삭제') { } elseif ($act_button == '선택삭제') {
$row = sql_fetch(" select count(*) as cnt from {$g5['board_table']} where gr_id = '$gr_id' "); $row = sql_fetch(" select count(*) as cnt from {$g5['board_table']} where gr_id = '$gr_id' ");
if ($row['cnt']) if ($row['cnt']) {
alert("이 그룹에 속한 게시판이 존재하여 게시판 그룹을 삭제할 수 없습니다.\\n\\n이 그룹에 속한 게시판을 먼저 삭제하여 주십시오.", './board_list.php?sfl=gr_id&amp;stx='.$gr_id); alert("이 그룹에 속한 게시판이 존재하여 게시판 그룹을 삭제할 수 없습니다.\\n\\n이 그룹에 속한 게시판을 먼저 삭제하여 주십시오.", './board_list.php?sfl=gr_id&amp;stx=' . $gr_id);
}
// 그룹 삭제 // 그룹 삭제
sql_query(" delete from {$g5['group_table']} where gr_id = '$gr_id' "); sql_query(" delete from {$g5['group_table']} where gr_id = '$gr_id' ");
@ -53,6 +53,6 @@ for ($i=0; $i<$count; $i++)
} }
} }
run_event('admin_boardgroup_list_update', $act_button, $chk, $post_group_id, $qstr); run_event('admin_boardgroup_list_update', $act_button, $post_chk, $post_group_id, $qstr);
goto_url('./boardgroup_list.php?'.$qstr); goto_url('./boardgroup_list.php?' . $qstr);

201
adm/boardgroupmember_form.php
View File

@ -1,133 +1,134 @@
<?php <?php
$sub_menu = "300200"; $sub_menu = "300200";
include_once('./_common.php'); require_once './_common.php';
auth_check_menu($auth, $sub_menu, 'w'); auth_check_menu($auth, $sub_menu, 'w');
$mb = get_member($mb_id); $mb = get_member($mb_id);
$token = isset($token) ? $token : ''; $token = isset($token) ? $token : '';
if (! (isset($mb['mb_id']) && $mb['mb_id'])) if (!(isset($mb['mb_id']) && $mb['mb_id'])) {
alert('존재하지 않는 회원입니다.'); alert('존재하지 않는 회원입니다.');
}
$g5['title'] = '접근가능그룹'; $g5['title'] = '접근가능그룹';
include_once('./admin.head.php'); require_once './admin.head.php';
$colspan = 4; $colspan = 4;
?> ?>
<form name="fboardgroupmember_form" id="fboardgroupmember_form" action="./boardgroupmember_update.php" onsubmit="return boardgroupmember_form_check(this)" method="post"> <form name="fboardgroupmember_form" id="fboardgroupmember_form" action="./boardgroupmember_update.php" onsubmit="return boardgroupmember_form_check(this)" method="post">
<input type="hidden" name="mb_id" value="<?php echo $mb['mb_id'] ?>" id="mb_id"> <input type="hidden" name="mb_id" value="<?php echo $mb['mb_id'] ?>" id="mb_id">
<input type="hidden" name="token" value="" id="token"> <input type="hidden" name="token" value="" id="token">
<div class="local_ov01 local_ov">
<span class="btn_ov01"><span class="ov_txt"> 아이디</span><span class="ov_num"><?php echo $mb['mb_id'] ?></span></span>
<span class="btn_ov01"><span class="ov_txt"> 이름</span><span class="ov_num"><?php echo get_text($mb['mb_name']); ?></span></span>
<span class="btn_ov01"><span class="ov_txt"> 닉네임</span><span class="ov_num"><?php echo $mb['mb_nick'] ?></span></span>
</div>
<div class="local_cmd01 local_cmd">
<label for="gr_id">그룹지정</label> <div class="local_ov01 local_ov">
<select name="gr_id" id="gr_id"> <span class="btn_ov01"><span class="ov_txt"> 아이디</span><span class="ov_num"><?php echo $mb['mb_id'] ?></span></span>
<option value="">접근가능 그룹을 선택하세요.</option> <span class="btn_ov01"><span class="ov_txt"> 이름</span><span class="ov_num"><?php echo get_text($mb['mb_name']); ?></span></span>
<?php <span class="btn_ov01"><span class="ov_txt"> 닉네임</span><span class="ov_num"><?php echo $mb['mb_nick'] ?></span></span>
$sql = " select * </div>
from {$g5['group_table']}
where gr_use_access = 1 "; <div class="local_cmd01 local_cmd">
//if ($is_admin == 'group') { <label for="gr_id">그룹지정</label>
if ($is_admin != 'super') <select name="gr_id" id="gr_id">
$sql .= " and gr_admin = '{$member['mb_id']}' "; <option value="">접근가능 그룹을 선택하세요.</option>
$sql .= " order by gr_id "; <?php
$result = sql_query($sql); $sql = " select *
for ($i=0; $row=sql_fetch_array($result); $i++) { from {$g5['group_table']}
echo "<option value=\"".$row['gr_id']."\">".$row['gr_subject']."</option>"; where gr_use_access = 1 ";
} if ($is_admin != 'super') {
?> $sql .= " and gr_admin = '{$member['mb_id']}' ";
</select> }
<input type="submit" value="선택" class="btn_submit btn" accesskey="s"> $sql .= " order by gr_id ";
</div> $result = sql_query($sql);
for ($i = 0; $row = sql_fetch_array($result); $i++) {
echo "<option value=\"" . $row['gr_id'] . "\">" . $row['gr_subject'] . "</option>";
}
?>
</select>
<input type="submit" value="선택" class="btn_submit btn" accesskey="s">
</div>
</form> </form>
<form name="fboardgroupmember" id="fboardgroupmember" action="./boardgroupmember_update.php" onsubmit="return fboardgroupmember_submit(this);" method="post"> <form name="fboardgroupmember" id="fboardgroupmember" action="./boardgroupmember_update.php" onsubmit="return fboardgroupmember_submit(this);" method="post">
<input type="hidden" name="sst" value="<?php echo $sst ?>" id="sst"> <input type="hidden" name="sst" value="<?php echo $sst ?>" id="sst">
<input type="hidden" name="sod" value="<?php echo $sod ?>" id="sod"> <input type="hidden" name="sod" value="<?php echo $sod ?>" id="sod">
<input type="hidden" name="sfl" value="<?php echo $sfl ?>" id="sfl"> <input type="hidden" name="sfl" value="<?php echo $sfl ?>" id="sfl">
<input type="hidden" name="stx" value="<?php echo $stx ?>" id="stx"> <input type="hidden" name="stx" value="<?php echo $stx ?>" id="stx">
<input type="hidden" name="page" value="<?php echo $page ?>" id="page"> <input type="hidden" name="page" value="<?php echo $page ?>" id="page">
<input type="hidden" name="token" value="<?php echo get_sanitize_input($token); ?>" id="token"> <input type="hidden" name="token" value="<?php echo get_sanitize_input($token); ?>" id="token">
<input type="hidden" name="mb_id" value="<?php echo $mb['mb_id'] ?>" id="mb_id"> <input type="hidden" name="mb_id" value="<?php echo $mb['mb_id'] ?>" id="mb_id">
<input type="hidden" name="w" value="d" id="w"> <input type="hidden" name="w" value="d" id="w">
<div class="tbl_head01 tbl_wrap"> <div class="tbl_head01 tbl_wrap">
<table> <table>
<caption><?php echo $g5['title']; ?> 목록</caption> <caption><?php echo $g5['title']; ?> 목록</caption>
<thead> <thead>
<tr> <tr>
<th scope="col"> <th scope="col">
<label for="chkall" class="sound_only">접근가능그룹 전체</label> <label for="chkall" class="sound_only">접근가능그룹 전체</label>
<input type="checkbox" name="chkall" value="1" id="chkall" onclick="check_all(this.form)"> <input type="checkbox" name="chkall" value="1" id="chkall" onclick="check_all(this.form)">
</th> </th>
<th scope="col">그룹아이디</th> <th scope="col">그룹아이디</th>
<th scope="col">그룹</th> <th scope="col">그룹</th>
<th scope="col">처리일시</th> <th scope="col">처리일시</th>
</tr> </tr>
</thead> </thead>
<tbody> <tbody>
<?php <?php
$sql = " select * from {$g5['group_member_table']} a, {$g5['group_table']} b $sql = " select * from {$g5['group_member_table']} a, {$g5['group_table']} b
where a.mb_id = '{$mb['mb_id']}' where a.mb_id = '{$mb['mb_id']}'
and a.gr_id = b.gr_id "; and a.gr_id = b.gr_id ";
if ($is_admin != 'super') if ($is_admin != 'super') {
$sql .= " and b.gr_admin = '{$member['mb_id']}' "; $sql .= " and b.gr_admin = '{$member['mb_id']}' ";
$sql .= " order by a.gr_id desc "; }
$result = sql_query($sql); $sql .= " order by a.gr_id desc ";
for ($i=0; $row=sql_fetch_array($result); $i++) { $result = sql_query($sql);
?> for ($i = 0; $row = sql_fetch_array($result); $i++) {
<tr> ?>
<td class="td_chk"> <tr>
<label for="chk_<?php echo $i; ?>" class="sound_only"><?php echo $row['gr_subject'] ?> 그룹</label> <td class="td_chk">
<input type="checkbox" name="chk[]" value="<?php echo $row['gm_id'] ?>" id="chk_<?php echo $i ?>"> <label for="chk_<?php echo $i; ?>" class="sound_only"><?php echo $row['gr_subject'] ?> 그룹</label>
</td> <input type="checkbox" name="chk[]" value="<?php echo $row['gm_id'] ?>" id="chk_<?php echo $i ?>">
<td class="td_grid"><a href="<?php echo G5_BBS_URL; ?>/group.php?gr_id=<?php echo $row['gr_id'] ?>"><?php echo $row['gr_id'] ?></a></td> </td>
<td class="td_category"><?php echo $row['gr_subject'] ?></td> <td class="td_grid"><a href="<?php echo G5_BBS_URL; ?>/group.php?gr_id=<?php echo $row['gr_id'] ?>"><?php echo $row['gr_id'] ?></a></td>
<td class="td_datetime"><?php echo $row['gm_datetime'] ?></td> <td class="td_category"><?php echo $row['gr_subject'] ?></td>
</tr> <td class="td_datetime"><?php echo $row['gm_datetime'] ?></td>
<?php </tr>
} <?php
}
if ($i == 0) { if ($i == 0) {
echo '<tr><td colspan="'.$colspan.'" class="empty_table">접근가능한 그룹이 없습니다.</td></tr>'; echo '<tr><td colspan="' . $colspan . '" class="empty_table">접근가능한 그룹이 없습니다.</td></tr>';
} }
?> ?>
</tbody> </tbody>
</table> </table>
</div> </div>
<div class="btn_list01 btn_list"> <div class="btn_list01 btn_list">
<input type="submit" name="" value="선택삭제" class="btn btn_02"> <input type="submit" name="" value="선택삭제" class="btn btn_02">
</div> </div>
</form> </form>
<script> <script>
function fboardgroupmember_submit(f) function fboardgroupmember_submit(f) {
{ if (!is_checked("chk[]")) {
if (!is_checked("chk[]")) { alert("선택삭제 하실 항목을 하나 이상 선택하세요.");
alert("선택삭제 하실 항목을 하나 이상 선택하세요."); return false;
return false; }
return true;
} }
return true; function boardgroupmember_form_check(f) {
} if (f.gr_id.value == '') {
alert('접근가능 그룹을 선택하세요.');
return false;
}
function boardgroupmember_form_check(f) return true;
{
if (f.gr_id.value == '') {
alert('접근가능 그룹을 선택하세요.');
return false;
} }
return true;
}
</script> </script>
<?php <?php
include_once('./admin.tail.php'); require_once './admin.tail.php';

178
adm/boardgroupmember_list.php
View File

@ -1,6 +1,6 @@
<?php <?php
$sub_menu = "300200"; $sub_menu = "300200";
include_once('./_common.php'); require_once './_common.php';
auth_check_menu($auth, $sub_menu, 'r'); auth_check_menu($auth, $sub_menu, 'r');
@ -11,13 +11,13 @@ if (!$gr['gr_id']) {
$sql_common = " from {$g5['group_member_table']} a $sql_common = " from {$g5['group_member_table']} a
left outer join {$g5['member_table']} b on (a.mb_id = b.mb_id) "; left outer join {$g5['member_table']} b on (a.mb_id = b.mb_id) ";
$sql_search = " where gr_id = '{$gr_id}' "; $sql_search = " where gr_id = '{$gr_id}' ";
// 회원아이디로 검색되지 않던 오류를 수정 // 회원아이디로 검색되지 않던 오류를 수정
if (isset($stx) && $stx) { if (isset($stx) && $stx) {
$sql_search .= " and ( "; $sql_search .= " and ( ";
switch ($sfl) { switch ($sfl) {
default : default:
$sql_search .= " ($sfl like '%$stx%') "; $sql_search .= " ($sfl like '%$stx%') ";
break; break;
} }
@ -25,7 +25,7 @@ if (isset($stx) && $stx) {
} }
if (!$sst) { if (!$sst) {
$sst = "gm_datetime"; $sst = "gm_datetime";
$sod = "desc"; $sod = "desc";
} }
$sql_order = " order by {$sst} {$sod} "; $sql_order = " order by {$sst} {$sod} ";
@ -39,7 +39,9 @@ $total_count = $row['cnt'];
$rows = $config['cf_page_rows']; $rows = $config['cf_page_rows'];
$total_page = ceil($total_count / $rows); // 전체 페이지 계산 $total_page = ceil($total_count / $rows); // 전체 페이지 계산
if ($page < 1) $page = 1; // 페이지가 없으면 첫 페이지 (1 페이지) if ($page < 1) {
$page = 1; // 페이지가 없으면 첫 페이지 (1 페이지)
}
$from_record = ($page - 1) * $rows; // 시작 열을 구함 $from_record = ($page - 1) * $rows; // 시작 열을 구함
$sql = " select * $sql = " select *
@ -49,107 +51,107 @@ $sql = " select *
limit {$from_record}, {$rows} "; limit {$from_record}, {$rows} ";
$result = sql_query($sql); $result = sql_query($sql);
$g5['title'] = $gr['gr_subject'].' 그룹 접근가능회원 (그룹아이디:'.$gr['gr_id'].')'; $g5['title'] = $gr['gr_subject'] . ' 그룹 접근가능회원 (그룹아이디:' . $gr['gr_id'] . ')';
include_once('./admin.head.php'); require_once './admin.head.php';
$colspan = 7; $colspan = 7;
?> ?>
<form name="fsearch" id="fsearch" class="local_sch01 local_sch" method="get"> <form name="fsearch" id="fsearch" class="local_sch01 local_sch" method="get">
<input type="hidden" name="gr_id" value="<?php echo $gr_id ?>"> <input type="hidden" name="gr_id" value="<?php echo $gr_id ?>">
<label for="sfl" class="sound_only">검색대상</label> <label for="sfl" class="sound_only">검색대상</label>
<select name="sfl" id="sfl"> <select name="sfl" id="sfl">
<option value="a.mb_id"<?php echo get_selected($sfl, "a.mb_id") ?>>회원아이디</option> <option value="a.mb_id" <?php echo get_selected($sfl, "a.mb_id") ?>>회원아이디</option>
</select> </select>
<label for="stx" class="sound_only">검색어<strong class="sound_only"> 필수</strong></label> <label for="stx" class="sound_only">검색어<strong class="sound_only"> 필수</strong></label>
<input type="text" name="stx" value="<?php echo $stx ?>" id="stx" required class="required frm_input"> <input type="text" name="stx" value="<?php echo $stx ?>" id="stx" required class="required frm_input">
<input type="submit" value="검색" class="btn_submit"> <input type="submit" value="검색" class="btn_submit">
</form> </form>
<form name="fboardgroupmember" id="fboardgroupmember" action="./boardgroupmember_update.php" onsubmit="return fboardgroupmember_submit(this);" method="post"> <form name="fboardgroupmember" id="fboardgroupmember" action="./boardgroupmember_update.php" onsubmit="return fboardgroupmember_submit(this);" method="post">
<input type="hidden" name="sst" value="<?php echo $sst ?>"> <input type="hidden" name="sst" value="<?php echo $sst ?>">
<input type="hidden" name="sod" value="<?php echo $sod ?>"> <input type="hidden" name="sod" value="<?php echo $sod ?>">
<input type="hidden" name="sfl" value="<?php echo $sfl ?>"> <input type="hidden" name="sfl" value="<?php echo $sfl ?>">
<input type="hidden" name="stx" value="<?php echo $stx ?>"> <input type="hidden" name="stx" value="<?php echo $stx ?>">
<input type="hidden" name="page" value="<?php echo $page ?>"> <input type="hidden" name="page" value="<?php echo $page ?>">
<input type="hidden" name="token" value="<?php echo $token ?>"> <input type="hidden" name="token" value="<?php echo $token ?>">
<input type="hidden" name="gr_id" value="<?php echo $gr_id ?>"> <input type="hidden" name="gr_id" value="<?php echo $gr_id ?>">
<input type="hidden" name="w" value="ld"> <input type="hidden" name="w" value="ld">
<div class="tbl_head01 tbl_wrap"> <div class="tbl_head01 tbl_wrap">
<table> <table>
<caption><?php echo $g5['title']; ?> 목록</caption> <caption><?php echo $g5['title']; ?> 목록</caption>
<thead> <thead>
<tr> <tr>
<th scope="col"> <th scope="col">
<label for="chkall" class="sound_only">접근가능회원 전체</label> <label for="chkall" class="sound_only">접근가능회원 전체</label>
<input type="checkbox" name="chkall" value="1" id="chkall" onclick="check_all(this.form)"> <input type="checkbox" name="chkall" value="1" id="chkall" onclick="check_all(this.form)">
</th> </th>
<th scope="col">그룹</th> <th scope="col">그룹</th>
<th scope="col"><?php echo subject_sort_link('b.mb_id', 'gr_id='.$gr_id) ?>회원아이디</a></th> <th scope="col"><?php echo subject_sort_link('b.mb_id', 'gr_id=' . $gr_id) ?>회원아이디</a></th>
<th scope="col"><?php echo subject_sort_link('b.mb_name', 'gr_id='.$gr_id) ?>이름</a></th> <th scope="col"><?php echo subject_sort_link('b.mb_name', 'gr_id=' . $gr_id) ?>이름</a></th>
<th scope="col"><?php echo subject_sort_link('b.mb_nick', 'gr_id='.$gr_id) ?>별명</a></th> <th scope="col"><?php echo subject_sort_link('b.mb_nick', 'gr_id=' . $gr_id) ?>별명</a></th>
<th scope="col"><?php echo subject_sort_link('b.mb_today_login', 'gr_id='.$gr_id) ?>최종접속</a></th> <th scope="col"><?php echo subject_sort_link('b.mb_today_login', 'gr_id=' . $gr_id) ?>최종접속</a></th>
<th scope="col"><?php echo subject_sort_link('a.gm_datetime', 'gr_id='.$gr_id) ?>처리일시</a></th> <th scope="col"><?php echo subject_sort_link('a.gm_datetime', 'gr_id=' . $gr_id) ?>처리일시</a></th>
</tr> </tr>
</thead> </thead>
<tbody> <tbody>
<?php <?php
for ($i=0; $row=sql_fetch_array($result); $i++) for ($i = 0; $row = sql_fetch_array($result); $i++) {
{ // 접근가능한 그룹수
// 접근가능한 그룹수 $sql2 = " select count(*) as cnt from {$g5['group_member_table']} where mb_id = '{$row['mb_id']}' ";
$sql2 = " select count(*) as cnt from {$g5['group_member_table']} where mb_id = '{$row['mb_id']}' "; $row2 = sql_fetch($sql2);
$row2 = sql_fetch($sql2); $group = "";
$group = ""; if ($row2['cnt']) {
if ($row2['cnt']) $group = '<a href="./boardgroupmember_form.php?mb_id=' . $row['mb_id'] . '">' . $row2['cnt'] . '</a>';
$group = '<a href="./boardgroupmember_form.php?mb_id='.$row['mb_id'].'">'.$row2['cnt'].'</a>'; }
$mb_nick = get_sideview($row['mb_id'], $row['mb_nick'], $row['mb_email'], $row['mb_homepage']); $mb_nick = get_sideview($row['mb_id'], $row['mb_nick'], $row['mb_email'], $row['mb_homepage']);
$bg = 'bg'.($i%2); $bg = 'bg' . ($i % 2);
?> ?>
<tr class="<?php echo $bg; ?>"> <tr class="<?php echo $bg; ?>">
<td class="td_chk"> <td class="td_chk">
<label for="chk_<?php echo $i; ?>" class="sound_only"><?php echo $row['mb_nick'] ?> 회원</label> <label for="chk_<?php echo $i; ?>" class="sound_only"><?php echo $row['mb_nick'] ?> 회원</label>
<input type="checkbox" name="chk[]" value="<?php echo $row['gm_id'] ?>" id="chk_<?php echo $i ?>"> <input type="checkbox" name="chk[]" value="<?php echo $row['gm_id'] ?>" id="chk_<?php echo $i ?>">
</td> </td>
<td class="td_grid"><?php echo $group ?></td> <td class="td_grid"><?php echo $group ?></td>
<td class="td_mbid"><?php echo $row['mb_id'] ?></td> <td class="td_mbid"><?php echo $row['mb_id'] ?></td>
<td class="td_mbname"><?php echo get_text($row['mb_name']); ?></td> <td class="td_mbname"><?php echo get_text($row['mb_name']); ?></td>
<td class="td_name sv_use"><?php echo $mb_nick ?></td> <td class="td_name sv_use"><?php echo $mb_nick ?></td>
<td class="td_datetime"><?php echo substr($row['mb_today_login'],2,8) ?></td> <td class="td_datetime"><?php echo substr($row['mb_today_login'], 2, 8) ?></td>
<td class="td_datetime"><?php echo $row['gm_datetime'] ?></td> <td class="td_datetime"><?php echo $row['gm_datetime'] ?></td>
</tr> </tr>
<?php <?php
} }
if ($i == 0) if ($i == 0) {
{ echo '<tr><td colspan="' . $colspan . '" class="empty_table">자료가 없습니다.</td></tr>';
echo '<tr><td colspan="'.$colspan.'" class="empty_table">자료가 없습니다.</td></tr>'; }
} ?>
?> </tbody>
</tbody> </table>
</table> </div>
</div>
<div class="btn_list01 btn_list"> <div class="btn_list01 btn_list">
<input type="submit" name="" value="선택삭제"> <input type="submit" name="" value="선택삭제">
</div> </div>
</form> </form>
<?php echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, "{$_SERVER['SCRIPT_NAME']}?$qstr&amp;gr_id=$gr_id&page="); ?> <?php
echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, "{$_SERVER['SCRIPT_NAME']}?$qstr&amp;gr_id=$gr_id&page=");
?>
<script> <script>
function fboardgroupmember_submit(f) function fboardgroupmember_submit(f) {
{ if (!is_checked("chk[]")) {
if (!is_checked("chk[]")) { alert("선택삭제 하실 항목을 하나 이상 선택하세요.");
alert("선택삭제 하실 항목을 하나 이상 선택하세요."); return false;
return false; }
}
return true; return true;
} }
</script> </script>
<?php <?php
include_once('./admin.tail.php'); require_once './admin.tail.php';

38
adm/boardgroupmember_update.php
View File

@ -1,20 +1,19 @@
<?php <?php
$sub_menu = "300200"; $sub_menu = "300200";
include_once('./_common.php'); require_once './_common.php';
sql_query(" ALTER TABLE {$g5['group_member_table']} CHANGE `gm_id` `gm_id` INT( 11 ) DEFAULT '0' NOT NULL AUTO_INCREMENT ", false); sql_query(" ALTER TABLE {$g5['group_member_table']} CHANGE `gm_id` `gm_id` INT( 11 ) DEFAULT '0' NOT NULL AUTO_INCREMENT ", false);
if ($w == '') if ($w == '') {
{
auth_check_menu($auth, $sub_menu, 'w'); auth_check_menu($auth, $sub_menu, 'w');
$mb = get_member($mb_id); $mb = get_member($mb_id);
if (!$mb['mb_id']) { if (empty($mb['mb_id'])) {
alert('존재하지 않는 회원입니다.'); alert('존재하지 않는 회원입니다.');
} }
$gr = get_group($gr_id); $gr = get_group($gr_id);
if (!$gr['gr_id']) { if (empty($gr['gr_id'])) {
alert('존재하지 않는 그룹입니다.'); alert('존재하지 않는 그룹입니다.');
} }
@ -25,37 +24,35 @@ if ($w == '')
$row = sql_fetch($sql); $row = sql_fetch($sql);
if ($row['cnt']) { if ($row['cnt']) {
alert('이미 등록되어 있는 자료입니다.'); alert('이미 등록되어 있는 자료입니다.');
} } else {
else
{
check_admin_token(); check_admin_token();
$sql = " insert into {$g5['group_member_table']} $sql = " insert into {$g5['group_member_table']}
set gr_id = '{$_POST['gr_id']}', set gr_id = '{$_POST['gr_id']}',
mb_id = '{$_POST['mb_id']}', mb_id = '{$_POST['mb_id']}',
gm_datetime = '".G5_TIME_YMDHIS."' "; gm_datetime = '" . G5_TIME_YMDHIS . "' ";
sql_query($sql); sql_query($sql);
} }
} } elseif ($w == 'd' || $w == 'ld') {
else if ($w == 'd' || $w == 'ld')
{
auth_check_menu($auth, $sub_menu, 'd'); auth_check_menu($auth, $sub_menu, 'd');
$count = count($_POST['chk']); $count = count($_POST['chk']);
if(!$count) if (!$count) {
alert('삭제할 목록을 하나이상 선택해 주세요.'); alert('삭제할 목록을 하나이상 선택해 주세요.');
}
check_admin_token(); check_admin_token();
for($i=0; $i<$count; $i++) { for ($i = 0; $i < $count; $i++) {
$gm_id = (int) $_POST['chk'][$i]; $gm_id = (int) $_POST['chk'][$i];
$sql = " select * from {$g5['group_member_table']} where gm_id = '$gm_id' "; $sql = " select * from {$g5['group_member_table']} where gm_id = '$gm_id' ";
$gm = sql_fetch($sql); $gm = sql_fetch($sql);
if (!$gm['gm_id']) { if (!$gm['gm_id']) {
if($count == 1) if ($count == 1) {
alert('존재하지 않는 자료입니다.'); alert('존재하지 않는 자료입니다.');
else } else {
continue; continue;
}
} }
$sql = " delete from {$g5['group_member_table']} where gm_id = '$gm_id' "; $sql = " delete from {$g5['group_member_table']} where gm_id = '$gm_id' ";
@ -63,7 +60,8 @@ else if ($w == 'd' || $w == 'ld')
} }
} }
if ($w == 'ld') if ($w == 'ld') {
goto_url('./boardgroupmember_list.php?gr_id='.$gr_id); goto_url('./boardgroupmember_list.php?gr_id=' . $gr_id);
else } else {
goto_url('./boardgroupmember_form.php?mb_id='.$mb_id); goto_url('./boardgroupmember_form.php?mb_id=' . $mb_id);
}

44
adm/browscap.php
View File

@ -1,15 +1,17 @@
<?php <?php
$sub_menu = "100510"; $sub_menu = "100510";
include_once('./_common.php'); require_once './_common.php';
if(!(version_compare(phpversion(), '5.3.0', '>=') && defined('G5_BROWSCAP_USE') && G5_BROWSCAP_USE)) if (!(version_compare(phpversion(), '5.3.0', '>=') && defined('G5_BROWSCAP_USE') && G5_BROWSCAP_USE)) {
alert('사용할 수 없는 기능입니다.', correct_goto_url(G5_ADMIN_URL)); alert('사용할 수 없는 기능입니다.', correct_goto_url(G5_ADMIN_URL));
}
if ($is_admin != 'super') if ($is_admin != 'super') {
alert('최고관리자만 접근 가능합니다.'); alert('최고관리자만 접근 가능합니다.');
}
$g5['title'] = 'Browscap 업데이트'; $g5['title'] = 'Browscap 업데이트';
include_once('./admin.head.php'); require_once './admin.head.php';
?> ?>
<div id="processing"> <div id="processing">
@ -18,27 +20,27 @@ include_once('./admin.head.php');
</div> </div>
<script> <script>
$(function() { $(function() {
$("#run_update").on("click", function() { $("#run_update").on("click", function() {
$("#processing").html('<div class="update_processing"></div><p>Browscap 정보를 업데이트 중입니다.</p>'); $("#processing").html('<div class="update_processing"></div><p>Browscap 정보를 업데이트 중입니다.</p>');
$.ajax({ $.ajax({
url: "./browscap_update.php", url: "./browscap_update.php",
async: true, async: true,
cache: false, cache: false,
dataType: "html", dataType: "html",
success: function(data) { success: function(data) {
if(data != "") { if (data != "") {
alert(data); alert(data);
return false; return false;
}
$("#processing").html("<div class='check_processing'></div><p>Browscap 정보를 업데이트 했습니다.</p>");
} }
});
$("#processing").html("<div class='check_processing'></div><p>Browscap 정보를 업데이트 했습니다.</p>");
}
}); });
}); });
});
</script> </script>
<?php <?php
include_once('./admin.tail.php'); require_once './admin.tail.php';

45
adm/browscap_convert.php
View File

@ -1,19 +1,22 @@
<?php <?php
$sub_menu = "100520"; $sub_menu = "100520";
include_once('./_common.php'); require_once './_common.php';
if(!(version_compare(phpversion(), '5.3.0', '>=') && defined('G5_BROWSCAP_USE') && G5_BROWSCAP_USE)) if (!(version_compare(phpversion(), '5.3.0', '>=') && defined('G5_BROWSCAP_USE') && G5_BROWSCAP_USE)) {
alert('사용할 수 없는 기능입니다.', correct_goto_url(G5_ADMIN_URL)); alert('사용할 수 없는 기능입니다.', correct_goto_url(G5_ADMIN_URL));
}
if ($is_admin != 'super') if ($is_admin != 'super') {
alert('최고관리자만 접근 가능합니다.'); alert('최고관리자만 접근 가능합니다.');
}
$rows = isset($_GET['rows']) ? preg_replace('#[^0-9]#', '', $_GET['rows']) : 0; $rows = isset($_GET['rows']) ? preg_replace('#[^0-9]#', '', $_GET['rows']) : 0;
if(!$rows) if (!$rows) {
$rows = 100; $rows = 100;
}
$g5['title'] = '접속로그 변환'; $g5['title'] = '접속로그 변환';
include_once('./admin.head.php'); require_once './admin.head.php';
?> ?>
<div id="processing"> <div id="processing">
@ -22,24 +25,26 @@ include_once('./admin.head.php');
</div> </div>
<script> <script>
$(function() { $(function() {
$(document).on("click", "#run_update", function() { $(document).on("click", "#run_update", function() {
$("#processing").html('<div class="update_processing"></div><p>Browscap 정보로 변환 중입니다.</p>'); $("#processing").html('<div class="update_processing"></div><p>Browscap 정보로 변환 중입니다.</p>');
$.ajax({ $.ajax({
method: "GET", method: "GET",
url: "./browscap_converter.php", url: "./browscap_converter.php",
data: { rows: "<?php echo $rows; ?>" }, data: {
async: true, rows: "<?php echo strval($rows); ?>"
cache: false, },
dataType: "html", async: true,
success: function(data) { cache: false,
$("#processing").html(data); dataType: "html",
} success: function(data) {
$("#processing").html(data);
}
});
}); });
}); });
});
</script> </script>
<?php <?php
include_once('./admin.tail.php'); require_once './admin.tail.php';

43
adm/browscap_converter.php
View File

@ -1,36 +1,39 @@
<?php <?php
ini_set('memory_limit', '-1'); ini_set('memory_limit', '-1');
include_once('./_common.php'); require_once './_common.php';
// clean the output buffer // clean the output buffer
ob_end_clean(); ob_end_clean();
if(!(version_compare(phpversion(), '5.3.0', '>=') && defined('G5_BROWSCAP_USE') && G5_BROWSCAP_USE)) if (!(version_compare(phpversion(), '5.3.0', '>=') && defined('G5_BROWSCAP_USE') && G5_BROWSCAP_USE)) {
die('사용할 수 없는 기능입니다.'); die('사용할 수 없는 기능입니다.');
}
if($is_admin != 'super') if ($is_admin != 'super') {
die('최고관리자로 로그인 후 실행해 주세요.'); die('최고관리자로 로그인 후 실행해 주세요.');
}
// browscap cache 파일 체크 // browscap cache 파일 체크
if(!is_file(G5_DATA_PATH.'/cache/browscap_cache.php')) { if (!is_file(G5_DATA_PATH . '/cache/browscap_cache.php')) {
echo '<p>Browscap 정보가 없습니다. 아래 링크로 이동해 Browscap 정보를 업데이트 하세요.</p>'.PHP_EOL; echo '<p>Browscap 정보가 없습니다. 아래 링크로 이동해 Browscap 정보를 업데이트 하세요.</p>' . PHP_EOL;
echo '<p><a href="'.G5_ADMIN_URL.'/browscap.php">Browscap 업데이트</a></p>'.PHP_EOL; echo '<p><a href="' . G5_ADMIN_URL . '/browscap.php">Browscap 업데이트</a></p>' . PHP_EOL;
exit; exit;
} }
include_once(G5_PLUGIN_PATH.'/browscap/Browscap.php'); require_once G5_PLUGIN_PATH . '/browscap/Browscap.php';
$browscap = new phpbrowscap\Browscap(G5_DATA_PATH.'/cache'); $browscap = new phpbrowscap\Browscap(G5_DATA_PATH . '/cache');
$browscap->doAutoUpdate = false; $browscap->doAutoUpdate = false;
$browscap->cacheFilename = 'browscap_cache.php'; $browscap->cacheFilename = 'browscap_cache.php';
// 데이터 변환 // 데이터 변환
$rows = preg_replace('#[^0-9]#', '', $_GET['rows']); $rows = isset($_GET['rows']) ? preg_replace('#[^0-9]#', '', $_GET['rows']) : 0;
if(!$rows) if (!$rows) {
$rows = 100; $rows = 100;
}
$sql_common = " from {$g5['visit_table']} where vi_agent <> '' and ( vi_browser = '' or vi_os = '' or vi_device = '' ) "; $sql_common = " from {$g5['visit_table']} where vi_agent <> '' and ( vi_browser = '' or vi_os = '' or vi_device = '' ) ";
$sql_order = " order by vi_id desc "; $sql_order = " order by vi_id desc ";
$sql_limit = " limit 0, $rows "; $sql_limit = " limit 0, " . strval($rows) . " ";
$sql = " select count(vi_id) as cnt $sql_common "; $sql = " select count(vi_id) as cnt $sql_common ";
$row = sql_fetch($sql); $row = sql_fetch($sql);
@ -43,20 +46,23 @@ $sql = " select vi_id, vi_agent, vi_browser, vi_os, vi_device
$result = sql_query($sql); $result = sql_query($sql);
$cnt = 0; $cnt = 0;
for($i=0; $row=sql_fetch_array($result); $i++) { for ($i = 0; $row = sql_fetch_array($result); $i++) {
$info = $browscap->getBrowser($row['vi_agent']); $info = $browscap->getBrowser($row['vi_agent']);
$brow = $row['vi_browser']; $brow = $row['vi_browser'];
if(!$brow) if (!$brow) {
$brow = $info->Comment; $brow = $info->Comment;
}
$os = $row['vi_os']; $os = $row['vi_os'];
if(!$os) if (!$os) {
$os = $info->Platform; $os = $info->Platform;
}
$device = $row['vi_device']; $device = $row['vi_device'];
if(!$device) if (!$device) {
$device = $info->Device_Type; $device = $info->Device_Type;
}
$sql2 = " update {$g5['visit_table']} $sql2 = " update {$g5['visit_table']}
set vi_browser = '$brow', set vi_browser = '$brow',
@ -68,7 +74,8 @@ for($i=0; $row=sql_fetch_array($result); $i++) {
$cnt++; $cnt++;
} }
if(($total_count - $cnt) == 0 || $total_count == 0) if (($total_count - $cnt) == 0 || $total_count == 0) {
echo '<div class="check_processing"></div><p>변환완료</p>'; echo '<div class="check_processing"></div><p>변환완료</p>';
else } else {
echo '<p>총 '.number_format($total_count).'건 중 '.number_format($cnt).'건 변환완료<br><br>접속로그를 추가로 변환하시려면 아래 업데이트 버튼을 클릭해 주세요.</p><button type="button" id="run_update">업데이트</button>'; echo '<p>총 ' . number_format($total_count) . '건 중 ' . number_format($cnt) . '건 변환완료<br><br>접속로그를 추가로 변환하시려면 아래 업데이트 버튼을 클릭해 주세요.</p><button type="button" id="run_update">업데이트</button>';
}

14
adm/browscap_update.php
View File

@ -2,22 +2,24 @@
ini_set('memory_limit', '-1'); ini_set('memory_limit', '-1');
$sub_menu = "100510"; $sub_menu = "100510";
include_once('./_common.php'); require_once './_common.php';
// clean the output buffer // clean the output buffer
ob_end_clean(); ob_end_clean();
if(!(version_compare(phpversion(), '5.3.0', '>=') && defined('G5_BROWSCAP_USE') && G5_BROWSCAP_USE)) if (!(version_compare(phpversion(), '5.3.0', '>=') && defined('G5_BROWSCAP_USE') && G5_BROWSCAP_USE)) {
die('사용할 수 없는 기능입니다.'); die('사용할 수 없는 기능입니다.');
}
if ($is_admin != 'super') if ($is_admin != 'super') {
die('최고관리자만 접근 가능합니다.'); die('최고관리자만 접근 가능합니다.');
}
include_once(G5_PLUGIN_PATH.'/browscap/Browscap.php'); require_once G5_PLUGIN_PATH . '/browscap/Browscap.php';
$browscap = new phpbrowscap\Browscap(G5_DATA_PATH.'/cache'); $browscap = new phpbrowscap\Browscap(G5_DATA_PATH . '/cache');
$browscap->updateMethod = 'cURL'; $browscap->updateMethod = 'cURL';
$browscap->cacheFilename = 'browscap_cache.php'; $browscap->cacheFilename = 'browscap_cache.php';
$browscap->updateCache(); $browscap->updateCache();
die(''); die('');

120
adm/cache_file_delete.php
View File

@ -1,59 +1,61 @@
<?php <?php
$sub_menu = '100900'; $sub_menu = '100900';
include_once('./_common.php'); require_once './_common.php';
if ($is_admin != 'super') if ($is_admin != 'super') {
alert('최고관리자만 접근 가능합니다.', G5_URL); alert('최고관리자만 접근 가능합니다.', G5_URL);
}
@include_once('./safe_check.php');
if(function_exists('social_log_file_delete')){ @require_once './safe_check.php';
social_log_file_delete(); if (function_exists('social_log_file_delete')) {
} social_log_file_delete();
}
run_event('adm_cache_file_delete_before');
run_event('adm_cache_file_delete_before');
$g5['title'] = '캐시파일 일괄삭제';
include_once('./admin.head.php'); $g5['title'] = '캐시파일 일괄삭제';
?> require_once './admin.head.php';
?>
<div class="local_desc02 local_desc">
<p> <div class="local_desc02 local_desc">
완료 메세지가 나오기 전에 프로그램의 실행을 중지하지 마십시오. <p>
</p> 완료 메세지가 나오기 전에 프로그램의 실행을 중지하지 마십시오.
</div> </p>
</div>
<?php
flush(); <?php
flush();
if (!$dir=@opendir(G5_DATA_PATH.'/cache')) {
echo '<p>캐시디렉토리를 열지못했습니다.</p>'; if (!$dir = @opendir(G5_DATA_PATH . '/cache')) {
} echo '<p>캐시디렉토리를 열지못했습니다.</p>';
}
$cnt=0;
echo '<ul class="session_del">'.PHP_EOL; $cnt = 0;
echo '<ul class="session_del">' . PHP_EOL;
$files = glob(G5_DATA_PATH.'/cache/latest-*');
$content_files = glob(G5_DATA_PATH.'/cache/content-*'); $files = glob(G5_DATA_PATH . '/cache/latest-*');
$content_files = glob(G5_DATA_PATH . '/cache/content-*');
$files = array_merge($files, $content_files);
if (is_array($files)) { $files = array_merge($files, $content_files);
foreach ($files as $cache_file) { if (is_array($files)) {
$cnt++; foreach ($files as $cache_file) {
unlink($cache_file); $cnt++;
echo '<li>'.$cache_file.'</li>'.PHP_EOL; unlink($cache_file);
echo '<li>' . $cache_file . '</li>' . PHP_EOL;
flush();
flush();
if ($cnt%10==0)
echo PHP_EOL; if ($cnt % 10 == 0) {
} echo PHP_EOL;
} }
}
run_event('adm_cache_file_delete'); }
echo '<li>완료됨</li></ul>'.PHP_EOL; run_event('adm_cache_file_delete');
echo '<div class="local_desc01 local_desc"><p><strong>최신글 캐시파일 '.$cnt.'건 삭제 완료됐습니다.</strong><br>프로그램의 실행을 끝마치셔도 좋습니다.</p></div>'.PHP_EOL;
?> echo '<li>완료됨</li></ul>' . PHP_EOL;
echo '<div class="local_desc01 local_desc"><p><strong>최신글 캐시파일 ' . $cnt . '건 삭제 완료됐습니다.</strong><br>프로그램의 실행을 끝마치셔도 좋습니다.</p></div>' . PHP_EOL;
<?php ?>
include_once('./admin.tail.php');
<?php
require_once './admin.tail.php';

108
adm/captcha_file_delete.php
View File

@ -1,52 +1,56 @@
<?php <?php
$sub_menu = '100910'; $sub_menu = '100910';
include_once('./_common.php'); require_once './_common.php';
if ($is_admin != 'super') if ($is_admin != 'super') {
alert('최고관리자만 접근 가능합니다.', G5_URL); alert('최고관리자만 접근 가능합니다.', G5_URL);
}
$g5['title'] = '캡챠파일 일괄삭제';
include_once('./admin.head.php'); $g5['title'] = '캡챠파일 일괄삭제';
?> require_once './admin.head.php';
?>
<div class="local_desc02 local_desc">
<p> <div class="local_desc02 local_desc">
완료 메세지가 나오기 전에 프로그램의 실행을 중지하지 마십시오. <p>
</p> 완료 메세지가 나오기 전에 프로그램의 실행을 중지하지 마십시오.
</div> </p>
</div>
<?php
flush(); <?php
flush();
if (!$dir=@opendir(G5_DATA_PATH.'/cache')) {
echo '<p>캐시디렉토리를 열지못했습니다.</p>'; if (!$dir = @opendir(G5_DATA_PATH . '/cache')) {
} echo '<p>캐시디렉토리를 열지못했습니다.</p>';
}
$cnt=0;
echo '<ul class="session_del">'.PHP_EOL; $cnt = 0;
echo '<ul class="session_del">' . PHP_EOL;
$files = glob(G5_DATA_PATH.'/cache/?captcha-*');
if (is_array($files)) { $files = glob(G5_DATA_PATH . '/cache/?captcha-*');
$before_time = G5_SERVER_TIME - 3600; // 한시간전 if (is_array($files)) {
foreach ($files as $gcaptcha_file) { $before_time = G5_SERVER_TIME - 3600; // 한시간전
$modification_time = filemtime($gcaptcha_file); // 파일접근시간 foreach ($files as $gcaptcha_file) {
$modification_time = filemtime($gcaptcha_file); // 파일접근시간
if ($modification_time > $before_time) continue;
if ($modification_time > $before_time) {
$cnt++; continue;
unlink($gcaptcha_file); }
echo '<li>'.$gcaptcha_file.'</li>'.PHP_EOL;
$cnt++;
flush(); unlink($gcaptcha_file);
echo '<li>' . $gcaptcha_file . '</li>' . PHP_EOL;
if ($cnt%10==0)
echo PHP_EOL; flush();
}
} if ($cnt % 10 == 0) {
echo PHP_EOL;
echo '<li>완료됨</li></ul>'.PHP_EOL; }
echo '<div class="local_desc01 local_desc"><p><strong>캡챠파일 '.$cnt.'건의 삭제 완료됐습니다.</strong><br>프로그램의 실행을 끝마치셔도 좋습니다.</p></div>'.PHP_EOL; }
?> }
<?php echo '<li>완료됨</li></ul>' . PHP_EOL;
include_once('./admin.tail.php'); echo '<div class="local_desc01 local_desc"><p><strong>캡챠파일 ' . $cnt . '건의 삭제 완료됐습니다.</strong><br>프로그램의 실행을 끝마치셔도 좋습니다.</p></div>' . PHP_EOL;
?>
<?php
require_once './admin.tail.php';

2708
adm/config_form.php
View File

File diff suppressed because it is too large Load Diff

257
adm/config_form_update.php
View File

@ -1,13 +1,14 @@
<?php <?php
$sub_menu = "100100"; $sub_menu = "100100";
include_once('./_common.php'); require_once './_common.php';
check_demo(); check_demo();
auth_check_menu($auth, $sub_menu, 'w'); auth_check_menu($auth, $sub_menu, 'w');
if ($is_admin != 'super') if ($is_admin != 'super') {
alert('최고관리자만 접근 가능합니다.'); alert('최고관리자만 접근 가능합니다.');
}
$cf_title = isset($_POST['cf_title']) ? strip_tags(clean_xss_attributes($_POST['cf_title'])) : ''; $cf_title = isset($_POST['cf_title']) ? strip_tags(clean_xss_attributes($_POST['cf_title'])) : '';
$cf_admin = isset($_POST['cf_admin']) ? clean_xss_tags($_POST['cf_admin'], 1, 1) : ''; $cf_admin = isset($_POST['cf_admin']) ? clean_xss_tags($_POST['cf_admin'], 1, 1) : '';
@ -15,156 +16,157 @@ $posts = array();
$mb = get_member($cf_admin); $mb = get_member($cf_admin);
if (! (isset($mb['mb_id']) && $mb['mb_id'])) if (!(isset($mb['mb_id']) && $mb['mb_id'])) {
alert('최고관리자 회원아이디가 존재하지 않습니다.'); alert('최고관리자 회원아이디가 존재하지 않습니다.');
}
check_admin_token(); check_admin_token();
$cf_social_servicelist = !empty($_POST['cf_social_servicelist']) ? implode(',', $_POST['cf_social_servicelist']) : ''; $cf_social_servicelist = !empty($_POST['cf_social_servicelist']) ? implode(',', $_POST['cf_social_servicelist']) : '';
$check_keys = array('cf_cert_kcb_cd', 'cf_cert_kcp_cd', 'cf_editor', 'cf_recaptcha_site_key', 'cf_recaptcha_secret_key', 'cf_naver_clientid', 'cf_naver_secret', 'cf_facebook_appid', 'cf_facebook_secret', 'cf_twitter_key', 'cf_twitter_secret', 'cf_google_clientid', 'cf_google_secret', 'cf_googl_shorturl_apikey', 'cf_kakao_rest_key', 'cf_kakao_client_secret', 'cf_kakao_js_apikey', 'cf_payco_clientid', 'cf_payco_secret','cf_cert_kg_cd','cf_cert_kg_mid'); $check_keys = array('cf_cert_kcb_cd', 'cf_cert_kcp_cd', 'cf_editor', 'cf_recaptcha_site_key', 'cf_recaptcha_secret_key', 'cf_naver_clientid', 'cf_naver_secret', 'cf_facebook_appid', 'cf_facebook_secret', 'cf_twitter_key', 'cf_twitter_secret', 'cf_google_clientid', 'cf_google_secret', 'cf_googl_shorturl_apikey', 'cf_kakao_rest_key', 'cf_kakao_client_secret', 'cf_kakao_js_apikey', 'cf_payco_clientid', 'cf_payco_secret', 'cf_cert_kg_cd', 'cf_cert_kg_mid');
foreach( $check_keys as $key ){ foreach ($check_keys as $key) {
if ( isset($_POST[$key]) && $_POST[$key] ){ if (isset($_POST[$key]) && $_POST[$key]) {
$posts[$key] = $_POST[$key] = preg_replace('/[^a-z0-9_\-\.]/i', '', $_POST[$key]); $posts[$key] = $_POST[$key] = preg_replace('/[^a-z0-9_\-\.]/i', '', $_POST[$key]);
} }
} }
$posts['cf_icode_server_port'] = $_POST['cf_icode_server_port'] = isset($_POST['cf_icode_server_port']) ? preg_replace('/[^0-9]/', '', $_POST['cf_icode_server_port']) : '7295'; $posts['cf_icode_server_port'] = $_POST['cf_icode_server_port'] = isset($_POST['cf_icode_server_port']) ? preg_replace('/[^0-9]/', '', $_POST['cf_icode_server_port']) : '7295';
if(isset($_POST['cf_intercept_ip']) && $_POST['cf_intercept_ip']){ if (isset($_POST['cf_intercept_ip']) && $_POST['cf_intercept_ip']) {
$pattern = explode("\n", trim($_POST['cf_intercept_ip'])); $pattern = explode("\n", trim($_POST['cf_intercept_ip']));
for ($i=0; $i<count($pattern); $i++) { for ($i = 0; $i < count($pattern); $i++) {
$pattern[$i] = trim($pattern[$i]); $pattern[$i] = trim($pattern[$i]);
if (empty($pattern[$i])) if (empty($pattern[$i])) {
continue; continue;
}
$pattern[$i] = str_replace(".", "\.", $pattern[$i]); $pattern[$i] = str_replace(".", "\.", $pattern[$i]);
$pattern[$i] = str_replace("+", "[0-9\.]+", $pattern[$i]); $pattern[$i] = str_replace("+", "[0-9\.]+", $pattern[$i]);
$pat = "/^{$pattern[$i]}$/"; $pat = "/^{$pattern[$i]}$/";
if( preg_match($pat, $_SERVER['REMOTE_ADDR']) ){ if (preg_match($pat, $_SERVER['REMOTE_ADDR'])) {
alert("현재 접속 IP : ".$_SERVER['REMOTE_ADDR']." 가 차단될수 있기 때문에, 다른 IP를 입력해 주세요."); alert("현재 접속 IP : " . $_SERVER['REMOTE_ADDR'] . " 가 차단될수 있기 때문에, 다른 IP를 입력해 주세요.");
} }
} }
} }
$check_keys = array( $check_keys = array(
'cf_use_email_certify' => 'int', 'cf_use_email_certify' => 'int',
'cf_use_homepage' => 'int', 'cf_use_homepage' => 'int',
'cf_req_homepage' => 'int', 'cf_req_homepage' => 'int',
'cf_use_tel' => 'int', 'cf_use_tel' => 'int',
'cf_req_tel' => 'int', 'cf_req_tel' => 'int',
'cf_use_hp' => 'int', 'cf_use_hp' => 'int',
'cf_req_hp' => 'int', 'cf_req_hp' => 'int',
'cf_use_addr' => 'int', 'cf_use_addr' => 'int',
'cf_req_addr' => 'int', 'cf_req_addr' => 'int',
'cf_use_signature' => 'int', 'cf_use_signature' => 'int',
'cf_req_signature' => 'int', 'cf_req_signature' => 'int',
'cf_use_profile' => 'int', 'cf_use_profile' => 'int',
'cf_req_profile' => 'int', 'cf_req_profile' => 'int',
'cf_register_level' => 'int', 'cf_register_level' => 'int',
'cf_register_point' => 'int', 'cf_register_point' => 'int',
'cf_icon_level' => 'int', 'cf_icon_level' => 'int',
'cf_use_recommend' => 'int', 'cf_use_recommend' => 'int',
'cf_leave_day' => 'int', 'cf_leave_day' => 'int',
'cf_search_part' => 'int', 'cf_search_part' => 'int',
'cf_email_use' => 'int', 'cf_email_use' => 'int',
'cf_email_wr_super_admin' => 'int', 'cf_email_wr_super_admin' => 'int',
'cf_email_wr_group_admin' => 'int', 'cf_email_wr_group_admin' => 'int',
'cf_email_wr_board_admin' => 'int', 'cf_email_wr_board_admin' => 'int',
'cf_email_wr_write' => 'int', 'cf_email_wr_write' => 'int',
'cf_email_wr_comment_all' => 'int', 'cf_email_wr_comment_all' => 'int',
'cf_email_mb_super_admin' => 'int', 'cf_email_mb_super_admin' => 'int',
'cf_email_mb_member' => 'int', 'cf_email_mb_member' => 'int',
'cf_email_po_super_admin' => 'int', 'cf_email_po_super_admin' => 'int',
'cf_prohibit_id' => 'text', 'cf_prohibit_id' => 'text',
'cf_prohibit_email' => 'text', 'cf_prohibit_email' => 'text',
'cf_new_del' => 'int', 'cf_new_del' => 'int',
'cf_memo_del' => 'int', 'cf_memo_del' => 'int',
'cf_visit_del' => 'int', 'cf_visit_del' => 'int',
'cf_popular_del' => 'int', 'cf_popular_del' => 'int',
'cf_use_member_icon' => 'int', 'cf_use_member_icon' => 'int',
'cf_member_icon_size' => 'int', 'cf_member_icon_size' => 'int',
'cf_member_icon_width' => 'int', 'cf_member_icon_width' => 'int',
'cf_member_icon_height' => 'int', 'cf_member_icon_height' => 'int',
'cf_member_img_size' => 'int', 'cf_member_img_size' => 'int',
'cf_member_img_width' => 'int', 'cf_member_img_width' => 'int',
'cf_member_img_height' => 'int', 'cf_member_img_height' => 'int',
'cf_login_minutes' => 'int', 'cf_login_minutes' => 'int',
'cf_formmail_is_member' => 'int', 'cf_formmail_is_member' => 'int',
'cf_page_rows' => 'int', 'cf_page_rows' => 'int',
'cf_mobile_page_rows' => 'int', 'cf_mobile_page_rows' => 'int',
'cf_social_login_use' => 'int', 'cf_social_login_use' => 'int',
'cf_cert_req' => 'int', 'cf_cert_req' => 'int',
'cf_cert_use' => 'int', 'cf_cert_use' => 'int',
'cf_cert_find' => 'int', 'cf_cert_find' => 'int',
'cf_cert_ipin' => 'char', 'cf_cert_ipin' => 'char',
'cf_cert_hp' => 'char', 'cf_cert_hp' => 'char',
'cf_cert_simple' => 'char', 'cf_cert_simple' => 'char',
'cf_admin_email' => 'char', 'cf_admin_email' => 'char',
'cf_admin_email_name' => 'char', 'cf_admin_email_name' => 'char',
'cf_add_script' => 'text', 'cf_add_script' => 'text',
'cf_use_point' => 'int', 'cf_use_point' => 'int',
'cf_point_term' => 'int', 'cf_point_term' => 'int',
'cf_use_copy_log' => 'int', 'cf_use_copy_log' => 'int',
'cf_login_point' => 'int', 'cf_login_point' => 'int',
'cf_cut_name' => 'int', 'cf_cut_name' => 'int',
'cf_nick_modify' => 'int', 'cf_nick_modify' => 'int',
'cf_new_skin' => 'char', 'cf_new_skin' => 'char',
'cf_new_rows' => 'int', 'cf_new_rows' => 'int',
'cf_search_skin' => 'char', 'cf_search_skin' => 'char',
'cf_connect_skin' => 'char', 'cf_connect_skin' => 'char',
'cf_faq_skin' => 'char', 'cf_faq_skin' => 'char',
'cf_read_point' => 'int', 'cf_read_point' => 'int',
'cf_write_point' => 'int', 'cf_write_point' => 'int',
'cf_comment_point' => 'int', 'cf_comment_point' => 'int',
'cf_download_point' => 'int', 'cf_download_point' => 'int',
'cf_write_pages' => 'int', 'cf_write_pages' => 'int',
'cf_mobile_pages' => 'int', 'cf_mobile_pages' => 'int',
'cf_link_target' => 'char', 'cf_link_target' => 'char',
'cf_delay_sec' => 'int', 'cf_delay_sec' => 'int',
'cf_filter' => 'text', 'cf_filter' => 'text',
'cf_possible_ip' => 'text', 'cf_possible_ip' => 'text',
'cf_analytics' => 'text', 'cf_analytics' => 'text',
'cf_add_meta' => 'text', 'cf_add_meta' => 'text',
'cf_member_skin' => 'char', 'cf_member_skin' => 'char',
'cf_image_extension' => 'char', 'cf_image_extension' => 'char',
'cf_flash_extension' => 'char', 'cf_flash_extension' => 'char',
'cf_movie_extension' => 'char', 'cf_movie_extension' => 'char',
'cf_visit' => 'char', 'cf_visit' => 'char',
'cf_stipulation' => 'text', 'cf_stipulation' => 'text',
'cf_privacy' => 'text', 'cf_privacy' => 'text',
'cf_open_modify' => 'int', 'cf_open_modify' => 'int',
'cf_memo_send_point' => 'int', 'cf_memo_send_point' => 'int',
'cf_mobile_new_skin' => 'char', 'cf_mobile_new_skin' => 'char',
'cf_mobile_search_skin' => 'char', 'cf_mobile_search_skin' => 'char',
'cf_mobile_connect_skin' => 'char', 'cf_mobile_connect_skin' => 'char',
'cf_mobile_faq_skin' => 'char', 'cf_mobile_faq_skin' => 'char',
'cf_mobile_member_skin' => 'char', 'cf_mobile_member_skin' => 'char',
'cf_captcha_mp3' => 'char', 'cf_captcha_mp3' => 'char',
'cf_cert_limit' => 'int', 'cf_cert_limit' => 'int',
'cf_sms_use' => 'char', 'cf_sms_use' => 'char',
'cf_sms_type' => 'char', 'cf_sms_type' => 'char',
'cf_icode_id' => 'char', 'cf_icode_id' => 'char',
'cf_icode_pw' => 'char', 'cf_icode_pw' => 'char',
'cf_icode_server_ip' => 'char', 'cf_icode_server_ip' => 'char',
'cf_captcha' => 'char', 'cf_captcha' => 'char',
'cf_syndi_token' => '', 'cf_syndi_token' => '',
'cf_syndi_except' => '' 'cf_syndi_except' => ''
); );
for($i=1;$i<=10;$i++){ for ($i = 1; $i <= 10; $i++) {
$check_keys['cf_'.$i.'_subj'] = isset($_POST['cf_'.$i.'_subj']) ? $_POST['cf_'.$i.'_subj'] : ''; $check_keys['cf_' . $i . '_subj'] = isset($_POST['cf_' . $i . '_subj']) ? $_POST['cf_' . $i . '_subj'] : '';
$check_keys['cf_'.$i] = isset($_POST['cf_'.$i]) ? $_POST['cf_'.$i] : ''; $check_keys['cf_' . $i] = isset($_POST['cf_' . $i]) ? $_POST['cf_' . $i] : '';
} }
foreach( $check_keys as $k => $v ){ foreach ($check_keys as $k => $v) {
if( $v === 'int' ){ if ($v === 'int') {
$posts[$key] = $_POST[$k] = isset($_POST[$k]) ? (int) $_POST[$k] : 0; $posts[$key] = $_POST[$k] = isset($_POST[$k]) ? (int) $_POST[$k] : 0;
} else { } else {
if(in_array($k, array('cf_analytics', 'cf_add_meta', 'cf_add_script', 'cf_stipulation', 'cf_privacy'))){ if (in_array($k, array('cf_analytics', 'cf_add_meta', 'cf_add_script', 'cf_stipulation', 'cf_privacy'))) {
$posts[$key] = $_POST[$k] = isset($_POST[$k]) ? $_POST[$k] : ''; $posts[$key] = $_POST[$k] = isset($_POST[$k]) ? $_POST[$k] : '';
} else { } else {
$posts[$key] = $_POST[$k] = isset($_POST[$k]) ? strip_tags(clean_xss_attributes($_POST[$k])) : ''; $posts[$key] = $_POST[$k] = isset($_POST[$k]) ? strip_tags(clean_xss_attributes($_POST[$k])) : '';
@ -173,10 +175,11 @@ foreach( $check_keys as $k => $v ){
} }
// 본인확인을 사용할 경우 아이핀, 휴대폰인증 중 하나는 선택되어야 함 // 본인확인을 사용할 경우 아이핀, 휴대폰인증 중 하나는 선택되어야 함
if($_POST['cf_cert_use'] && !$_POST['cf_cert_ipin'] && !$_POST['cf_cert_hp'] && !$_POST['cf_cert_simple']) if ($_POST['cf_cert_use'] && !$_POST['cf_cert_ipin'] && !$_POST['cf_cert_hp'] && !$_POST['cf_cert_simple']) {
alert('본인확인을 위해 아이핀, 휴대폰 본인확인, KG이니시스 간편인증 서비스 중 하나 이상 선택해 주십시오.'); alert('본인확인을 위해 아이핀, 휴대폰 본인확인, KG이니시스 간편인증 서비스 중 하나 이상 선택해 주십시오.');
}
if(!$_POST['cf_cert_use']) { if (!$_POST['cf_cert_use']) {
$posts[$key] = $_POST['cf_cert_ipin'] = ''; $posts[$key] = $_POST['cf_cert_ipin'] = '';
$posts[$key] = $_POST['cf_cert_hp'] = ''; $posts[$key] = $_POST['cf_cert_hp'] = '';
$posts[$key] = $_POST['cf_cert_simple'] = ''; $posts[$key] = $_POST['cf_cert_simple'] = '';
@ -209,8 +212,8 @@ $sql = " update {$g5['config_table']}
cf_link_target = '{$_POST['cf_link_target']}', cf_link_target = '{$_POST['cf_link_target']}',
cf_delay_sec = '{$_POST['cf_delay_sec']}', cf_delay_sec = '{$_POST['cf_delay_sec']}',
cf_filter = '{$_POST['cf_filter']}', cf_filter = '{$_POST['cf_filter']}',
cf_possible_ip = '".trim($_POST['cf_possible_ip'])."', cf_possible_ip = '" . trim($_POST['cf_possible_ip']) . "',
cf_intercept_ip = '".trim($_POST['cf_intercept_ip'])."', cf_intercept_ip = '" . trim($_POST['cf_intercept_ip']) . "',
cf_analytics = '{$_POST['cf_analytics']}', cf_analytics = '{$_POST['cf_analytics']}',
cf_add_meta = '{$_POST['cf_add_meta']}', cf_add_meta = '{$_POST['cf_add_meta']}',
cf_syndi_token = '{$_POST['cf_syndi_token']}', cf_syndi_token = '{$_POST['cf_syndi_token']}',
@ -282,7 +285,7 @@ $sql = " update {$g5['config_table']}
cf_cert_hp = '{$_POST['cf_cert_hp']}', cf_cert_hp = '{$_POST['cf_cert_hp']}',
cf_cert_simple = '{$_POST['cf_cert_simple']}', cf_cert_simple = '{$_POST['cf_cert_simple']}',
cf_cert_kg_cd = '{$_POST['cf_cert_kg_cd']}', cf_cert_kg_cd = '{$_POST['cf_cert_kg_cd']}',
cf_cert_kg_mid = '".trim($_POST['cf_cert_kg_mid'])."', cf_cert_kg_mid = '" . trim($_POST['cf_cert_kg_mid']) . "',
cf_cert_kcb_cd = '{$_POST['cf_cert_kcb_cd']}', cf_cert_kcb_cd = '{$_POST['cf_cert_kcb_cd']}',
cf_cert_kcp_cd = '{$_POST['cf_cert_kcp_cd']}', cf_cert_kcp_cd = '{$_POST['cf_cert_kcp_cd']}',
cf_cert_limit = '{$_POST['cf_cert_limit']}', cf_cert_limit = '{$_POST['cf_cert_limit']}',
@ -337,7 +340,7 @@ sql_query($sql);
//sql_query(" OPTIMIZE TABLE `$g5[config_table]` "); //sql_query(" OPTIMIZE TABLE `$g5[config_table]` ");
if( isset($_POST['cf_bbs_rewrite']) ){ if (isset($_POST['cf_bbs_rewrite'])) {
g5_delete_all_cache(); g5_delete_all_cache();
} }
@ -345,4 +348,4 @@ run_event('admin_config_form_update');
update_rewrite_rules(); update_rewrite_rules();
goto_url('./config_form.php', false); goto_url('./config_form.php', false);

605
adm/contentform.php
View File

@ -1,298 +1,307 @@
<?php <?php
$sub_menu = '300600'; $sub_menu = '300600';
include_once('./_common.php'); require_once './_common.php';
include_once(G5_EDITOR_LIB); require_once G5_EDITOR_LIB;
auth_check_menu($auth, $sub_menu, "w"); auth_check_menu($auth, $sub_menu, "w");
$co_id = isset($_REQUEST['co_id']) ? preg_replace('/[^a-z0-9_]/i', '', $_REQUEST['co_id']) : ''; $co_id = isset($_REQUEST['co_id']) ? preg_replace('/[^a-z0-9_]/i', '', $_REQUEST['co_id']) : '';
// 상단, 하단 파일경로 필드 추가 // 상단, 하단 파일경로 필드 추가
if(!sql_query(" select co_include_head from {$g5['content_table']} limit 1 ", false)) { if (!sql_query(" select co_include_head from {$g5['content_table']} limit 1 ", false)) {
$sql = " ALTER TABLE `{$g5['content_table']}` ADD `co_include_head` VARCHAR( 255 ) NOT NULL , $sql = " ALTER TABLE `{$g5['content_table']}` ADD `co_include_head` VARCHAR( 255 ) NOT NULL ,
ADD `co_include_tail` VARCHAR( 255 ) NOT NULL "; ADD `co_include_tail` VARCHAR( 255 ) NOT NULL ";
sql_query($sql, false); sql_query($sql, false);
} }
// html purifier 사용여부 필드 // html purifier 사용여부 필드
if(!sql_query(" select co_tag_filter_use from {$g5['content_table']} limit 1 ", false)) { if (!sql_query(" select co_tag_filter_use from {$g5['content_table']} limit 1 ", false)) {
sql_query(" ALTER TABLE `{$g5['content_table']}` sql_query(
ADD `co_tag_filter_use` tinyint(4) NOT NULL DEFAULT '0' AFTER `co_content` ", true); " ALTER TABLE `{$g5['content_table']}`
sql_query(" update {$g5['content_table']} set co_tag_filter_use = '1' "); ADD `co_tag_filter_use` tinyint(4) NOT NULL DEFAULT '0' AFTER `co_content` ",
} true
);
// 모바일 내용 추가 sql_query(" update {$g5['content_table']} set co_tag_filter_use = '1' ");
if(!sql_query(" select co_mobile_content from {$g5['content_table']} limit 1", false)) { }
sql_query(" ALTER TABLE `{$g5['content_table']}`
ADD `co_mobile_content` longtext NOT NULL AFTER `co_content` ", true); // 모바일 내용 추가
} if (!sql_query(" select co_mobile_content from {$g5['content_table']} limit 1", false)) {
sql_query(
// 스킨 설정 추가 " ALTER TABLE `{$g5['content_table']}`
if(!sql_query(" select co_skin from {$g5['content_table']} limit 1 ", false)) { ADD `co_mobile_content` longtext NOT NULL AFTER `co_content` ",
sql_query(" ALTER TABLE `{$g5['content_table']}` true
ADD `co_skin` varchar(255) NOT NULL DEFAULT '' AFTER `co_mobile_content`, );
ADD `co_mobile_skin` varchar(255) NOT NULL DEFAULT '' AFTER `co_skin` ", true); }
sql_query(" update {$g5['content_table']} set co_skin = 'basic', co_mobile_skin = 'basic' ");
} // 스킨 설정 추가
if (!sql_query(" select co_skin from {$g5['content_table']} limit 1 ", false)) {
$html_title = "내용"; sql_query(
$g5['title'] = $html_title.' 관리'; " ALTER TABLE `{$g5['content_table']}`
$readonly = ''; ADD `co_skin` varchar(255) NOT NULL DEFAULT '' AFTER `co_mobile_content`,
ADD `co_mobile_skin` varchar(255) NOT NULL DEFAULT '' AFTER `co_skin` ",
if ($w == "u") true
{ );
$html_title .= " 수정"; sql_query(" update {$g5['content_table']} set co_skin = 'basic', co_mobile_skin = 'basic' ");
$readonly = " readonly"; }
$sql = " select * from {$g5['content_table']} where co_id = '$co_id' "; $html_title = "내용";
$co = sql_fetch($sql); $g5['title'] = $html_title . ' 관리';
if (!$co['co_id']) $readonly = '';
alert('등록된 자료가 없습니다.');
} if ($w == "u") {
else $html_title .= " 수정";
{ $readonly = " readonly";
$html_title .= ' 입력';
$co = array( $sql = " select * from {$g5['content_table']} where co_id = '$co_id' ";
'co_id' => '', $co = sql_fetch($sql);
'co_subject' => '', if (!$co['co_id']) {
'co_content' => '', alert('등록된 자료가 없습니다.');
'co_mobile_content' => '', }
'co_include_head' => '', } else {
'co_include_tail' => '', $html_title .= ' 입력';
'co_tag_filter_use' => 1, $co = array(
'co_html' => 2, 'co_id' => '',
'co_skin' => 'basic', 'co_subject' => '',
'co_mobile_skin' => 'basic' 'co_content' => '',
); 'co_mobile_content' => '',
} 'co_include_head' => '',
'co_include_tail' => '',
include_once (G5_ADMIN_PATH.'/admin.head.php'); 'co_tag_filter_use' => 1,
?> 'co_html' => 2,
'co_skin' => 'basic',
<form name="frmcontentform" action="./contentformupdate.php" onsubmit="return frmcontentform_check(this);" method="post" enctype="MULTIPART/FORM-DATA" > 'co_mobile_skin' => 'basic'
<input type="hidden" name="w" value="<?php echo $w; ?>"> );
<input type="hidden" name="co_html" value="1"> }
<input type="hidden" name="token" value="">
require_once G5_ADMIN_PATH . '/admin.head.php';
<div class="tbl_frm01 tbl_wrap"> ?>
<table>
<caption><?php echo $g5['title']; ?> 목록</caption> <form name="frmcontentform" action="./contentformupdate.php" onsubmit="return frmcontentform_check(this);" method="post" enctype="MULTIPART/FORM-DATA">
<colgroup> <input type="hidden" name="w" value="<?php echo $w; ?>">
<col class="grid_4"> <input type="hidden" name="co_html" value="1">
<col> <input type="hidden" name="token" value="">
</colgroup>
<tbody> <div class="tbl_frm01 tbl_wrap">
<tr> <table>
<th scope="row"><label for="co_id">ID</label></th> <caption><?php echo $g5['title']; ?> 목록</caption>
<td> <colgroup>
<?php echo help('20자 이내의 영문자, 숫자, _ 만 가능합니다.'); ?> <col class="grid_4">
<input type="text" value="<?php echo $co['co_id']; ?>" name="co_id" id ="co_id" required <?php echo $readonly; ?> class="required <?php echo $readonly; ?> frm_input" size="20" maxlength="20"> <col>
<?php if ($w == 'u') { ?><a href="<?php echo get_pretty_url('content', $co_id); ?>" class="btn_frmline">내용확인</a><?php } ?> </colgroup>
</td> <tbody>
</tr> <tr>
<tr> <th scope="row"><label for="co_id">ID</label></th>
<th scope="row"><label for="co_subject">제목</label></th> <td>
<td><input type="text" name="co_subject" value="<?php echo htmlspecialchars2($co['co_subject']); ?>" id="co_subject" required class="frm_input required" size="90"></td> <?php echo help('20자 이내의 영문자, 숫자, _ 만 가능합니다.'); ?>
</tr> <input type="text" value="<?php echo $co['co_id']; ?>" name="co_id" id="co_id" required <?php echo $readonly; ?> class="required <?php echo $readonly; ?> frm_input" size="20" maxlength="20">
<tr> <?php if ($w == 'u') { ?><a href="<?php echo get_pretty_url('content', $co_id); ?>" class="btn_frmline">내용확인</a><?php } ?>
<th scope="row">내용</th> </td>
<td><?php echo editor_html('co_content', get_text(html_purifier($co['co_content']), 0)); ?></td> </tr>
</tr> <tr>
<tr> <th scope="row"><label for="co_subject">제목</label></th>
<th scope="row">모바일 내용</th> <td><input type="text" name="co_subject" value="<?php echo htmlspecialchars2($co['co_subject']); ?>" id="co_subject" required class="frm_input required" size="90"></td>
<td><?php echo editor_html('co_mobile_content', get_text(html_purifier($co['co_mobile_content']), 0)); ?></td> </tr>
</tr> <tr>
<tr> <th scope="row">내용</th>
<th scope="row"><label for="co_skin">스킨 디렉토리<strong class="sound_only">필수</strong></label></th> <td><?php echo editor_html('co_content', get_text(html_purifier($co['co_content']), 0)); ?></td>
<td> </tr>
<?php echo get_skin_select('content', 'co_skin', 'co_skin', $co['co_skin'], 'required'); ?> <tr>
</td> <th scope="row">모바일 내용</th>
</tr> <td><?php echo editor_html('co_mobile_content', get_text(html_purifier($co['co_mobile_content']), 0)); ?></td>
<tr> </tr>
<th scope="row"><label for="co_mobile_skin">모바일스킨 디렉토리<strong class="sound_only">필수</strong></label></th> <tr>
<td> <th scope="row"><label for="co_skin">스킨 디렉토리<strong class="sound_only">필수</strong></label></th>
<?php echo get_mobile_skin_select('content', 'co_mobile_skin', 'co_mobile_skin', $co['co_mobile_skin'], 'required'); ?> <td>
</td> <?php echo get_skin_select('content', 'co_skin', 'co_skin', $co['co_skin'], 'required'); ?>
</tr> </td>
<!-- </tr>
<tr> <tr>
<th scope="row"><label for="co_tag_filter_use">태그 필터링 사용</label></th> <th scope="row"><label for="co_mobile_skin">모바일스킨 디렉토리<strong class="sound_only">필수</strong></label></th>
<td> <td>
<?php echo help("내용에서 iframe 등의 태그를 사용하려면 사용안함으로 선택해 주십시오."); ?> <?php echo get_mobile_skin_select('content', 'co_mobile_skin', 'co_mobile_skin', $co['co_mobile_skin'], 'required'); ?>
<select name="co_tag_filter_use" id="co_tag_filter_use"> </td>
<option value="1"<?php echo get_selected($co['co_tag_filter_use'], 1); ?>>사용함</option> </tr>
<option value="0"<?php echo get_selected($co['co_tag_filter_use'], 0); ?>>사용안함</option> <!--
</select> <tr>
</td> <th scope="row"><label for="co_tag_filter_use">태그 필터링 사용</label></th>
</tr> <td>
--> <?php echo help("내용에서 iframe 등의 태그를 사용하려면 사용안함으로 선택해 주십시오."); ?>
<tr> <select name="co_tag_filter_use" id="co_tag_filter_use">
<th scope="row"><label for="co_include_head">상단 파일 경로</label></th> <option value="1"<?php echo get_selected($co['co_tag_filter_use'], 1); ?>>사용함</option>
<td> <option value="0"<?php echo get_selected($co['co_tag_filter_use'], 0); ?>>사용안함</option>
<?php echo help("설정값이 없으면 기본 상단 파일을 사용합니다."); ?> </select>
<input type="text" name="co_include_head" value="<?php echo $co['co_include_head']; ?>" id="co_include_head" class="frm_input" size="60"> </td>
</td> </tr>
</tr> -->
<tr> <tr>
<th scope="row"><label for="co_include_tail">단 파일 경로</label></th> <th scope="row"><label for="co_include_head">단 파일 경로</label></th>
<td> <td>
<?php echo help("설정값이 없으면 기본 단 파일을 사용합니다."); ?> <?php echo help("설정값이 없으면 기본 단 파일을 사용합니다."); ?>
<input type="text" name="co_include_tail" value="<?php echo $co['co_include_tail']; ?>" id="co_include_tail" class="frm_input" size="60"> <input type="text" name="co_include_head" value="<?php echo $co['co_include_head']; ?>" id="co_include_head" class="frm_input" size="60">
</td> </td>
</tr> </tr>
<tr id="admin_captcha_box" style="display:none;"> <tr>
<th scope="row">자동등록방지</th> <th scope="row"><label for="co_include_tail">하단 파일 경로</label></th>
<td> <td>
<?php <?php echo help("설정값이 없으면 기본 하단 파일을 사용합니다."); ?>
echo help("파일 경로를 입력 또는 수정시 캡챠를 반드시 입력해야 합니다."); <input type="text" name="co_include_tail" value="<?php echo $co['co_include_tail']; ?>" id="co_include_tail" class="frm_input" size="60">
</td>
include_once(G5_CAPTCHA_PATH.'/captcha.lib.php'); </tr>
$captcha_html = captcha_html(); <tr id="admin_captcha_box" style="display:none;">
$captcha_js = chk_captcha_js(); <th scope="row">자동등록방지</th>
echo $captcha_html; <td>
?> <?php
<script> echo help("파일 경로를 입력 또는 수정시 캡챠를 반드시 입력해야 합니다.");
jQuery("#captcha_key").removeAttr("required").removeClass("required");
</script> require_once G5_CAPTCHA_PATH . '/captcha.lib.php';
</td> $captcha_html = captcha_html();
</tr> $captcha_js = chk_captcha_js();
<tr> echo $captcha_html;
<th scope="row"><label for="co_himg">상단이미지</label></th> ?>
<td> <script>
<input type="file" name="co_himg" id="co_himg"> jQuery("#captcha_key").removeAttr("required").removeClass("required");
<?php </script>
$himg = G5_DATA_PATH.'/content/'.$co['co_id'].'_h'; </td>
$himg_str = ''; </tr>
if (file_exists($himg)) { <tr>
$size = @getimagesize($himg); <th scope="row"><label for="co_himg">상단이미지</label></th>
if($size[0] && $size[0] > 750) <td>
$width = 750; <input type="file" name="co_himg" id="co_himg">
else <?php
$width = $size[0]; $himg = G5_DATA_PATH . '/content/' . $co['co_id'] . '_h';
$himg_str = '';
echo '<input type="checkbox" name="co_himg_del" value="1" id="co_himg_del"> <label for="co_himg_del">삭제</label>'; if (file_exists($himg)) {
$himg_str = '<img src="'.G5_DATA_URL.'/content/'.$co['co_id'].'_h" width="'.$width.'" alt="">'; $size = @getimagesize($himg);
} if ($size[0] && $size[0] > 750) {
if ($himg_str) { $width = 750;
echo '<div class="banner_or_img">'; } else {
echo $himg_str; $width = $size[0];
echo '</div>'; }
}
?> echo '<input type="checkbox" name="co_himg_del" value="1" id="co_himg_del"> <label for="co_himg_del">삭제</label>';
</td> $himg_str = '<img src="' . G5_DATA_URL . '/content/' . $co['co_id'] . '_h" width="' . $width . '" alt="">';
</tr> }
<tr> if ($himg_str) {
<th scope="row"><label for="co_timg">하단이미지</label></th> echo '<div class="banner_or_img">';
<td> echo $himg_str;
<input type="file" name="co_timg" id="co_timg"> echo '</div>';
<?php }
$timg = G5_DATA_PATH.'/content/'.$co['co_id'].'_t'; ?>
$timg_str = ''; </td>
if (file_exists($timg)) { </tr>
$size = @getimagesize($timg); <tr>
if($size[0] && $size[0] > 750) <th scope="row"><label for="co_timg">하단이미지</label></th>
$width = 750; <td>
else <input type="file" name="co_timg" id="co_timg">
$width = $size[0]; <?php
$timg = G5_DATA_PATH . '/content/' . $co['co_id'] . '_t';
echo '<input type="checkbox" name="co_timg_del" value="1" id="co_timg_del"> <label for="co_timg_del">삭제</label>'; $timg_str = '';
$timg_str = '<img src="'.G5_DATA_URL.'/content/'.$co['co_id'].'_t" width="'.$width.'" alt="">'; if (file_exists($timg)) {
} $size = @getimagesize($timg);
if ($timg_str) { if ($size[0] && $size[0] > 750) {
echo '<div class="banner_or_img">'; $width = 750;
echo $timg_str; } else {
echo '</div>'; $width = $size[0];
} }
?>
</td> echo '<input type="checkbox" name="co_timg_del" value="1" id="co_timg_del"> <label for="co_timg_del">삭제</label>';
</tr> $timg_str = '<img src="' . G5_DATA_URL . '/content/' . $co['co_id'] . '_t" width="' . $width . '" alt="">';
</tbody> }
</table> if ($timg_str) {
</div> echo '<div class="banner_or_img">';
echo $timg_str;
<div class="btn_fixed_top"> echo '</div>';
<a href="./contentlist.php" class="btn btn_02">목록</a> }
<input type="submit" value="확인" class="btn btn_submit" accesskey="s"> ?>
</div> </td>
</tr>
</form> </tbody>
</table>
<?php </div>
// [KVE-2018-2089] 취약점 으로 인해 파일 경로 수정시에만 자동등록방지 코드 사용
?> <div class="btn_fixed_top">
<script> <a href="./contentlist.php" class="btn btn_02">목록</a>
var captcha_chk = false; <input type="submit" value="확인" class="btn btn_submit" accesskey="s">
</div>
function use_captcha_check(){
$.ajax({ </form>
type: "POST",
url: g5_admin_url+"/ajax.use_captcha.php", <?php
data: { admin_use_captcha: "1" }, // [KVE-2018-2089] 취약점 으로 인해 파일 경로 수정시에만 자동등록방지 코드 사용
cache: false, ?>
async: false, <script>
dataType: "json", var captcha_chk = false;
success: function(data) {
} function use_captcha_check() {
}); $.ajax({
} type: "POST",
url: g5_admin_url + "/ajax.use_captcha.php",
function frm_check_file(){ data: {
var co_include_head = "<?php echo $co['co_include_head']; ?>"; admin_use_captcha: "1"
var co_include_tail = "<?php echo $co['co_include_tail']; ?>"; },
var head = jQuery.trim(jQuery("#co_include_head").val()); cache: false,
var tail = jQuery.trim(jQuery("#co_include_tail").val()); async: false,
dataType: "json",
if(co_include_head !== head || co_include_tail !== tail){ success: function(data) {}
// 캡챠를 사용합니다. });
jQuery("#admin_captcha_box").show(); }
captcha_chk = true;
function frm_check_file() {
use_captcha_check(); var co_include_head = "<?php echo $co['co_include_head']; ?>";
var co_include_tail = "<?php echo $co['co_include_tail']; ?>";
return false; var head = jQuery.trim(jQuery("#co_include_head").val());
} else { var tail = jQuery.trim(jQuery("#co_include_tail").val());
jQuery("#admin_captcha_box").hide();
} if (co_include_head !== head || co_include_tail !== tail) {
// 캡챠를 사용합니다.
return true; jQuery("#admin_captcha_box").show();
} captcha_chk = true;
jQuery(function($){ use_captcha_check();
if( window.self !== window.top ){ // frame 또는 iframe을 사용할 경우 체크
$("#co_include_head, #co_include_tail").on("change paste keyup", function(e) { return false;
frm_check_file(); } else {
}); jQuery("#admin_captcha_box").hide();
}
use_captcha_check();
} return true;
}); }
function frmcontentform_check(f) jQuery(function($) {
{ if (window.self !== window.top) { // frame 또는 iframe을 사용할 경우 체크
errmsg = ""; $("#co_include_head, #co_include_tail").on("change paste keyup", function(e) {
errfld = ""; frm_check_file();
});
<?php echo get_editor_js('co_content'); ?>
<?php echo chk_editor_js('co_content'); ?> use_captcha_check();
<?php echo get_editor_js('co_mobile_content'); ?> }
});
check_field(f.co_id, "ID를 입력하세요.");
check_field(f.co_subject, "제목을 입력하세요."); function frmcontentform_check(f) {
check_field(f.co_content, "내용을 입력하세요."); errmsg = "";
errfld = "";
if (errmsg != "") {
alert(errmsg); <?php echo get_editor_js('co_content'); ?>
errfld.focus(); <?php echo chk_editor_js('co_content'); ?>
return false; <?php echo get_editor_js('co_mobile_content'); ?>
}
check_field(f.co_id, "ID를 입력하세요.");
if( captcha_chk ) { check_field(f.co_subject, "제목을 입력하세요.");
<?php echo $captcha_js; // 캡챠 사용시 자바스크립트에서 입력된 캡챠를 검사함 ?> check_field(f.co_content, "내용을 입력하세요.");
}
if (errmsg != "") {
return true; alert(errmsg);
} errfld.focus();
</script> return false;
}
<?php
include_once (G5_ADMIN_PATH.'/admin.tail.php'); if (captcha_chk) {
<?php echo $captcha_js; // 캡챠 사용시 자바스크립트에서 입력된 캡챠를 검사함 ?>
}
return true;
}
</script>
<?php
require_once G5_ADMIN_PATH . '/admin.tail.php';

311
adm/contentformupdate.php
View File

@ -1,157 +1,154 @@
<?php <?php
$sub_menu = '300600'; $sub_menu = '300600';
include_once('./_common.php'); require_once './_common.php';
if ($w == "u" || $w == "d") if ($w == "u" || $w == "d") {
check_demo(); check_demo();
}
if ($w == 'd')
auth_check_menu($auth, $sub_menu, "d"); if ($w == 'd') {
else auth_check_menu($auth, $sub_menu, "d");
auth_check_menu($auth, $sub_menu, "w"); } else {
auth_check_menu($auth, $sub_menu, "w");
check_admin_token(); }
$co_row = array('co_id'=>'', 'co_include_head'=>'', 'co_include_tail'=>''); check_admin_token();
if ($w == "" || $w == "u") $co_row = array('co_id' => '', 'co_include_head' => '', 'co_include_tail' => '');
{
if(isset($_REQUEST['co_id']) && preg_match("/[^a-z0-9_]/i", $_REQUEST['co_id'])) alert("ID 는 영문자, 숫자, _ 만 가능합니다."); if ($w == "" || $w == "u") {
if (isset($_REQUEST['co_id']) && preg_match("/[^a-z0-9_]/i", $_REQUEST['co_id'])) {
$sql = " select * from {$g5['content_table']} where co_id = '$co_id' "; alert("ID 는 영문자, 숫자, _ 만 가능합니다.");
$co_row = sql_fetch($sql); }
}
$sql = " select * from {$g5['content_table']} where co_id = '$co_id' ";
$co_id = isset($_REQUEST['co_id']) ? preg_replace('/[^a-z0-9_]/i', '', $_REQUEST['co_id']) : ''; $co_row = sql_fetch($sql);
$co_subject = isset($_POST['co_subject']) ? strip_tags(clean_xss_attributes($_POST['co_subject'])) : ''; }
$co_include_head = isset($_POST['co_include_head']) ? preg_replace(array("#[\\\]+$#", "#(<\?php|<\?)#i"), "", substr($_POST['co_include_head'], 0, 255)) : '';
$co_include_tail = isset($_POST['co_include_tail']) ? preg_replace(array("#[\\\]+$#", "#(<\?php|<\?)#i"), "", substr($_POST['co_include_tail'], 0, 255)) : ''; $co_id = isset($_REQUEST['co_id']) ? preg_replace('/[^a-z0-9_]/i', '', $_REQUEST['co_id']) : '';
$co_tag_filter_use = isset($_POST['co_tag_filter_use']) ? (int) $_POST['co_tag_filter_use'] : 1; $co_subject = isset($_POST['co_subject']) ? strip_tags(clean_xss_attributes($_POST['co_subject'])) : '';
$co_himg_del = (isset($_POST['co_himg_del']) && $_POST['co_himg_del']) ? 1 : 0; $co_include_head = isset($_POST['co_include_head']) ? preg_replace(array("#[\\\]+$#", "#(<\?php|<\?)#i"), "", substr($_POST['co_include_head'], 0, 255)) : '';
$co_timg_del = (isset($_POST['co_timg_del']) && $_POST['co_timg_del']) ? 1 : 0; $co_include_tail = isset($_POST['co_include_tail']) ? preg_replace(array("#[\\\]+$#", "#(<\?php|<\?)#i"), "", substr($_POST['co_include_tail'], 0, 255)) : '';
$co_html = isset($_POST['co_html']) ? (int) $_POST['co_html'] : 0; $co_tag_filter_use = isset($_POST['co_tag_filter_use']) ? (int) $_POST['co_tag_filter_use'] : 1;
$co_content = isset($_POST['co_content']) ? $_POST['co_content'] : ''; $co_himg_del = (isset($_POST['co_himg_del']) && $_POST['co_himg_del']) ? 1 : 0;
$co_mobile_content = isset($_POST['co_mobile_content']) ? $_POST['co_mobile_content'] : ''; $co_timg_del = (isset($_POST['co_timg_del']) && $_POST['co_timg_del']) ? 1 : 0;
$co_skin = isset($_POST['co_skin']) ? clean_xss_tags($_POST['co_skin'], 1, 1) : ''; $co_html = isset($_POST['co_html']) ? (int) $_POST['co_html'] : 0;
$co_mobile_skin = isset($_POST['co_mobile_skin']) ? clean_xss_tags($_POST['co_mobile_skin'], 1, 1) : ''; $co_content = isset($_POST['co_content']) ? $_POST['co_content'] : '';
$co_mobile_content = isset($_POST['co_mobile_content']) ? $_POST['co_mobile_content'] : '';
// 관리자가 자동등록방지를 사용해야 할 경우 $co_skin = isset($_POST['co_skin']) ? clean_xss_tags($_POST['co_skin'], 1, 1) : '';
if ((( isset($co_row['co_include_head']) && $co_row['co_include_head'] !== $co_include_head ) || ( isset($co_row['co_include_tail']) && $co_row['co_include_tail'] !== $co_include_tail )) && function_exists('get_admin_captcha_by') && get_admin_captcha_by()){ $co_mobile_skin = isset($_POST['co_mobile_skin']) ? clean_xss_tags($_POST['co_mobile_skin'], 1, 1) : '';
include_once(G5_CAPTCHA_PATH.'/captcha.lib.php');
// 관리자가 자동등록방지를 사용해야 할 경우
if (!chk_captcha()) { if (((isset($co_row['co_include_head']) && $co_row['co_include_head'] !== $co_include_head) || (isset($co_row['co_include_tail']) && $co_row['co_include_tail'] !== $co_include_tail)) && function_exists('get_admin_captcha_by') && get_admin_captcha_by()) {
alert('자동등록방지 숫자가 틀렸습니다.'); include_once G5_CAPTCHA_PATH . '/captcha.lib.php';
}
} if (!chk_captcha()) {
alert('자동등록방지 숫자가 틀렸습니다.');
@mkdir(G5_DATA_PATH."/content", G5_DIR_PERMISSION); }
@chmod(G5_DATA_PATH."/content", G5_DIR_PERMISSION); }
if ($co_himg_del) @unlink(G5_DATA_PATH."/content/{$co_id}_h"); @mkdir(G5_DATA_PATH . "/content", G5_DIR_PERMISSION);
if ($co_timg_del) @unlink(G5_DATA_PATH."/content/{$co_id}_t"); @chmod(G5_DATA_PATH . "/content", G5_DIR_PERMISSION);
$error_msg = ''; if ($co_himg_del) {
@unlink(G5_DATA_PATH . "/content/{$co_id}_h");
if( $co_include_head ){ }
if ($co_timg_del) {
$file_ext = pathinfo($co_include_head, PATHINFO_EXTENSION); @unlink(G5_DATA_PATH . "/content/{$co_id}_t");
}
if( ! $file_ext || ! in_array($file_ext, array('php', 'htm', 'html')) || ! preg_match('/^.*\.(php|htm|html)$/i', $co_include_head) ) {
alert('상단 파일 경로의 확장자는 php, htm, html 만 허용합니다.'); $error_msg = '';
}
} if ($co_include_head) {
$file_ext = pathinfo($co_include_head, PATHINFO_EXTENSION);
if( $co_include_tail ){
if (!$file_ext || !in_array($file_ext, array('php', 'htm', 'html')) || !preg_match('/^.*\.(php|htm|html)$/i', $co_include_head)) {
$file_ext = pathinfo($co_include_tail, PATHINFO_EXTENSION); alert('상단 파일 경로의 확장자는 php, htm, html 만 허용합니다.');
}
if( ! $file_ext || ! in_array($file_ext, array('php', 'htm', 'html')) || ! preg_match('/^.*\.(php|htm|html)$/i', $co_include_tail) ) { }
alert('하단 파일 경로의 확장자는 php, htm, html 만 허용합니다.');
} if ($co_include_tail) {
} $file_ext = pathinfo($co_include_tail, PATHINFO_EXTENSION);
if( $co_include_head && ! is_include_path_check($co_include_head, 1) ){ if (!$file_ext || !in_array($file_ext, array('php', 'htm', 'html')) || !preg_match('/^.*\.(php|htm|html)$/i', $co_include_tail)) {
$co_include_head = ''; alert('하단 파일 경로의 확장자는 php, htm, html 만 허용합니다.');
$error_msg = '/data/file/ 또는 /data/editor/ 포함된 문자를 상단 파일 경로에 포함시킬수 없습니다.'; }
} }
if( $co_include_tail && ! is_include_path_check($co_include_tail, 1) ){ if ($co_include_head && !is_include_path_check($co_include_head, 1)) {
$co_include_tail = ''; $co_include_head = '';
$error_msg = '/data/file/ 또는 /data/editor/ 포함된 문자를 단 파일 경로에 포함시킬수 없습니다.'; $error_msg = '/data/file/ 또는 /data/editor/ 포함된 문자를 단 파일 경로에 포함시킬수 없습니다.';
} }
if( function_exists('filter_input_include_path') ){ if ($co_include_tail && !is_include_path_check($co_include_tail, 1)) {
$co_include_head = filter_input_include_path($co_include_head); $co_include_tail = '';
$co_include_tail = filter_input_include_path($co_include_tail); $error_msg = '/data/file/ 또는 /data/editor/ 포함된 문자를 하단 파일 경로에 포함시킬수 없습니다.';
} }
$co_seo_title = exist_seo_title_recursive('content', generate_seo_title($co_subject), $g5['content_table'], $co_id); if (function_exists('filter_input_include_path')) {
$co_include_head = filter_input_include_path($co_include_head);
$sql_common = " co_include_head = '$co_include_head', $co_include_tail = filter_input_include_path($co_include_tail);
co_include_tail = '$co_include_tail', }
co_html = '$co_html',
co_tag_filter_use = '$co_tag_filter_use', $co_seo_title = exist_seo_title_recursive('content', generate_seo_title($co_subject), $g5['content_table'], $co_id);
co_subject = '$co_subject',
co_content = '$co_content', $sql_common = " co_include_head = '$co_include_head',
co_mobile_content = '$co_mobile_content', co_include_tail = '$co_include_tail',
co_seo_title = '$co_seo_title', co_html = '$co_html',
co_skin = '$co_skin', co_tag_filter_use = '$co_tag_filter_use',
co_mobile_skin = '$co_mobile_skin' "; co_subject = '$co_subject',
co_content = '$co_content',
if ($w == "") co_mobile_content = '$co_mobile_content',
{ co_seo_title = '$co_seo_title',
$row = $co_row; co_skin = '$co_skin',
if (isset($row['co_id']) && $row['co_id']) co_mobile_skin = '$co_mobile_skin' ";
alert("이미 같은 ID로 등록된 내용이 있습니다.");
if ($w == "") {
$sql = " insert {$g5['content_table']} $row = $co_row;
set co_id = '$co_id', if (isset($row['co_id']) && $row['co_id']) {
$sql_common "; alert("이미 같은 ID로 등록된 내용이 있습니다.");
sql_query($sql); }
}
else if ($w == "u") $sql = " insert {$g5['content_table']}
{ set co_id = '$co_id',
$sql = " update {$g5['content_table']} $sql_common ";
set $sql_common sql_query($sql);
where co_id = '$co_id' "; } elseif ($w == "u") {
sql_query($sql); $sql = " update {$g5['content_table']}
} set $sql_common
else if ($w == "d") where co_id = '$co_id' ";
{ sql_query($sql);
@unlink(G5_DATA_PATH."/content/{$co_id}_h"); } elseif ($w == "d") {
@unlink(G5_DATA_PATH."/content/{$co_id}_t"); @unlink(G5_DATA_PATH . "/content/{$co_id}_h");
@unlink(G5_DATA_PATH . "/content/{$co_id}_t");
$sql = " delete from {$g5['content_table']} where co_id = '$co_id' ";
sql_query($sql); $sql = " delete from {$g5['content_table']} where co_id = '$co_id' ";
} sql_query($sql);
}
if(function_exists('get_admin_captcha_by'))
get_admin_captcha_by('remove'); if (function_exists('get_admin_captcha_by')) {
get_admin_captcha_by('remove');
g5_delete_cache_by_prefix('content-'.$co_id.'-'); }
if ($w == "" || $w == "u") g5_delete_cache_by_prefix('content-' . $co_id . '-');
{
if ($_FILES['co_himg']['name']) if ($w == "" || $w == "u") {
{ if ($_FILES['co_himg']['name']) {
$dest_path = G5_DATA_PATH."/content/".$co_id."_h"; $dest_path = G5_DATA_PATH . "/content/" . $co_id . "_h";
@move_uploaded_file($_FILES['co_himg']['tmp_name'], $dest_path); @move_uploaded_file($_FILES['co_himg']['tmp_name'], $dest_path);
@chmod($dest_path, G5_FILE_PERMISSION); @chmod($dest_path, G5_FILE_PERMISSION);
} }
if ($_FILES['co_timg']['name']) if ($_FILES['co_timg']['name']) {
{ $dest_path = G5_DATA_PATH . "/content/" . $co_id . "_t";
$dest_path = G5_DATA_PATH."/content/".$co_id."_t"; @move_uploaded_file($_FILES['co_timg']['tmp_name'], $dest_path);
@move_uploaded_file($_FILES['co_timg']['tmp_name'], $dest_path); @chmod($dest_path, G5_FILE_PERMISSION);
@chmod($dest_path, G5_FILE_PERMISSION); }
}
if ($error_msg) {
if( $error_msg ){ alert($error_msg, "./contentform.php?w=u&amp;co_id=$co_id");
alert($error_msg, "./contentform.php?w=u&amp;co_id=$co_id"); } else {
} else { goto_url("./contentform.php?w=u&amp;co_id=$co_id");
goto_url("./contentform.php?w=u&amp;co_id=$co_id"); }
} } else {
} goto_url("./contentlist.php");
else }
{
goto_url("./contentlist.php");
}

199
adm/contentlist.php
View File

@ -1,97 +1,102 @@
<?php <?php
$sub_menu = '300600'; $sub_menu = '300600';
include_once('./_common.php'); require_once './_common.php';
auth_check_menu($auth, $sub_menu, "r"); auth_check_menu($auth, $sub_menu, "r");
if( !isset($g5['content_table']) ){ if (!isset($g5['content_table'])) {
die('<meta charset="utf-8">/data/dbconfig.php 파일에 <strong>$g5[\'content_table\'] = G5_TABLE_PREFIX.\'content\';</strong> 를 추가해 주세요.'); die('<meta charset="utf-8">/data/dbconfig.php 파일에 <strong>$g5[\'content_table\'] = G5_TABLE_PREFIX.\'content\';</strong> 를 추가해 주세요.');
} }
//내용(컨텐츠)정보 테이블이 있는지 검사한다. //내용(컨텐츠)정보 테이블이 있는지 검사한다.
if(!sql_query(" DESCRIBE {$g5['content_table']} ", false)) { if (!sql_query(" DESCRIBE {$g5['content_table']} ", false)) {
if(sql_query(" DESCRIBE {$g5['g5_shop_content_table']} ", false)) { if (sql_query(" DESCRIBE {$g5['g5_shop_content_table']} ", false)) {
sql_query(" ALTER TABLE {$g5['g5_shop_content_table']} RENAME TO `{$g5['content_table']}` ;", false); sql_query(" ALTER TABLE {$g5['g5_shop_content_table']} RENAME TO `{$g5['content_table']}` ;", false);
} else { } else {
$query_cp = sql_query(" CREATE TABLE IF NOT EXISTS `{$g5['content_table']}` ( $query_cp = sql_query(
`co_id` varchar(20) NOT NULL DEFAULT '', " CREATE TABLE IF NOT EXISTS `{$g5['content_table']}` (
`co_html` tinyint(4) NOT NULL DEFAULT '0', `co_id` varchar(20) NOT NULL DEFAULT '',
`co_subject` varchar(255) NOT NULL DEFAULT '', `co_html` tinyint(4) NOT NULL DEFAULT '0',
`co_content` longtext NOT NULL, `co_subject` varchar(255) NOT NULL DEFAULT '',
`co_hit` int(11) NOT NULL DEFAULT '0', `co_content` longtext NOT NULL,
`co_include_head` varchar(255) NOT NULL, `co_hit` int(11) NOT NULL DEFAULT '0',
`co_include_tail` varchar(255) NOT NULL, `co_include_head` varchar(255) NOT NULL,
PRIMARY KEY (`co_id`) `co_include_tail` varchar(255) NOT NULL,
) ENGINE=MyISAM DEFAULT CHARSET=utf8 ", true); PRIMARY KEY (`co_id`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 ",
// 내용관리 생성 true
sql_query(" insert into `{$g5['content_table']}` set co_id = 'company', co_html = '1', co_subject = '회사소개', co_content= '<p align=center><b>회사소개에 대한 내용을 입력하십시오.</b></p>' ", false ); );
sql_query(" insert into `{$g5['content_table']}` set co_id = 'privacy', co_html = '1', co_subject = '개인정보 처리방침', co_content= '<p align=center><b>개인정보 처리방침에 대한 내용을 입력하십시오.</b></p>' ", false );
sql_query(" insert into `{$g5['content_table']}` set co_id = 'provision', co_html = '1', co_subject = '서비스 이용약관', co_content= '<p align=center><b>서비스 이용약관에 대한 내용을 입력하십시오.</b></p>' ", false ); // 내용관리 생성
} sql_query(" insert into `{$g5['content_table']}` set co_id = 'company', co_html = '1', co_subject = '회사소개', co_content= '<p align=center><b>회사소개에 대한 내용을 입력하십시오.</b></p>' ", false);
} sql_query(" insert into `{$g5['content_table']}` set co_id = 'privacy', co_html = '1', co_subject = '개인정보 처리방침', co_content= '<p align=center><b>개인정보 처리방침에 대한 내용을 입력하십시오.</b></p>' ", false);
sql_query(" insert into `{$g5['content_table']}` set co_id = 'provision', co_html = '1', co_subject = '서비스 이용약관', co_content= '<p align=center><b>서비스 이용약관에 대한 내용을 입력하십시오.</b></p>' ", false);
$g5['title'] = '내용관리'; }
include_once (G5_ADMIN_PATH.'/admin.head.php'); }
$sql_common = " from {$g5['content_table']} "; $g5['title'] = '내용관리';
require_once G5_ADMIN_PATH . '/admin.head.php';
// 테이블의 전체 레코드수만 얻음
$sql = " select count(*) as cnt " . $sql_common; $sql_common = " from {$g5['content_table']} ";
$row = sql_fetch($sql);
$total_count = $row['cnt']; // 테이블의 전체 레코드수만 얻음
$sql = " select count(*) as cnt " . $sql_common;
$rows = $config['cf_page_rows']; $row = sql_fetch($sql);
$total_page = ceil($total_count / $rows); // 전체 페이지 계산 $total_count = $row['cnt'];
if ($page < 1) { $page = 1; } // 페이지가 없으면 첫 페이지 (1 페이지)
$from_record = ($page - 1) * $rows; // 시작 열을 구함 $rows = $config['cf_page_rows'];
$total_page = ceil($total_count / $rows); // 전체 페이지 계산
$sql = "select * $sql_common order by co_id limit $from_record, {$config['cf_page_rows']} "; if ($page < 1) {
$result = sql_query($sql); $page = 1;
?> } // 페이지가 없으면 첫 페이지 (1 페이지)
$from_record = ($page - 1) * $rows; // 시작 열을 구함
<div class="local_ov01 local_ov">
<?php if ($page > 1) {?><a href="<?php echo $_SERVER['SCRIPT_NAME']; ?>">처음으로</a><?php } ?> $sql = "select * $sql_common order by co_id limit $from_record, {$config['cf_page_rows']} ";
<span class="btn_ov01"><span class="ov_txt">전체 내용</span><span class="ov_num"> <?php echo $total_count; ?>건</span></span> $result = sql_query($sql);
</div> ?>
<div class="btn_fixed_top"> <div class="local_ov01 local_ov">
<a href="./contentform.php" class="btn btn_01">내용 추가</a> <?php if ($page > 1) { ?><a href="<?php echo $_SERVER['SCRIPT_NAME']; ?>">처음으로</a><?php } ?>
</div> <span class="btn_ov01"><span class="ov_txt">전체 내용</span><span class="ov_num"> <?php echo $total_count; ?>건</span></span>
</div>
<div class="tbl_head01 tbl_wrap">
<table> <div class="btn_fixed_top">
<caption><?php echo $g5['title']; ?> 목록</caption> <a href="./contentform.php" class="btn btn_01">내용 추가</a>
<thead> </div>
<tr>
<th scope="col">ID</th> <div class="tbl_head01 tbl_wrap">
<th scope="col">제목</th> <table>
<th scope="col">관리</th> <caption><?php echo $g5['title']; ?> 목록</caption>
</tr> <thead>
</thead> <tr>
<tbody> <th scope="col">ID</th>
<?php for ($i=0; $row=sql_fetch_array($result); $i++) { <th scope="col">제목</th>
$bg = 'bg'.($i%2); <th scope="col">관리</th>
?> </tr>
<tr class="<?php echo $bg; ?>"> </thead>
<td class="td_id"><?php echo $row['co_id']; ?></td> <tbody>
<td class="td_left"><?php echo htmlspecialchars2($row['co_subject']); ?></td> <?php for ($i = 0; $row = sql_fetch_array($result); $i++) {
<td class="td_mng td_mng_l"> $bg = 'bg' . ($i % 2);
<a href="./contentform.php?w=u&amp;co_id=<?php echo $row['co_id']; ?>" class="btn btn_03"><span class="sound_only"><?php echo htmlspecialchars2($row['co_subject']); ?> </span>수정</a> ?>
<a href="<?php echo get_pretty_url('content', $row['co_id']); ?>" class="btn btn_02"><span class="sound_only"><?php echo htmlspecialchars2($row['co_subject']); ?> </span> 보기</a> <tr class="<?php echo $bg; ?>">
<a href="./contentformupdate.php?w=d&amp;co_id=<?php echo $row['co_id']; ?>" onclick="return delete_confirm(this);" class="btn btn_02"><span class="sound_only"><?php echo htmlspecialchars2($row['co_subject']); ?> </span>삭제</a> <td class="td_id"><?php echo $row['co_id']; ?></td>
</td> <td class="td_left"><?php echo htmlspecialchars2($row['co_subject']); ?></td>
</tr> <td class="td_mng td_mng_l">
<?php <a href="./contentform.php?w=u&amp;co_id=<?php echo $row['co_id']; ?>" class="btn btn_03"><span class="sound_only"><?php echo htmlspecialchars2($row['co_subject']); ?> </span>수정</a>
} <a href="<?php echo get_pretty_url('content', $row['co_id']); ?>" class="btn btn_02"><span class="sound_only"><?php echo htmlspecialchars2($row['co_subject']); ?> </span> 보기</a>
if ($i == 0) { <a href="./contentformupdate.php?w=d&amp;co_id=<?php echo $row['co_id']; ?>" onclick="return delete_confirm(this);" class="btn btn_02"><span class="sound_only"><?php echo htmlspecialchars2($row['co_subject']); ?> </span>삭제</a>
echo '<tr><td colspan="3" class="empty_table">자료가 한건도 없습니다.</td></tr>'; </td>
} </tr>
?> <?php
</tbody> }
</table> if ($i == 0) {
</div> echo '<tr><td colspan="3" class="empty_table">자료가 한건도 없습니다.</td></tr>';
}
<?php echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, "{$_SERVER['SCRIPT_NAME']}?$qstr&amp;page="); ?> ?>
</tbody>
<?php </table>
include_once (G5_ADMIN_PATH.'/admin.tail.php'); </div>
<?php echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, "{$_SERVER['SCRIPT_NAME']}?$qstr&amp;page="); ?>
<?php
require_once G5_ADMIN_PATH . '/admin.tail.php';

2
adm/dbupgrade.php
View File

@ -197,7 +197,7 @@ if (defined('G5_USE_SHOP') && G5_USE_SHOP) {
$result = sql_query("describe `{$g5['g5_shop_post_log_table']}`"); $result = sql_query("describe `{$g5['g5_shop_post_log_table']}`");
while ($row = sql_fetch_array($result)){ while ($row = sql_fetch_array($result)){
if( $row['Field'] === 'ol_msg' && $row['Type'] === 'varchar(255)' ){ if( isset($row['Field']) && $row['Field'] === 'ol_msg' && $row['Type'] === 'varchar(255)' ){
sql_query("ALTER TABLE `{$g5['g5_shop_post_log_table']}` MODIFY ol_msg TEXT NOT NULL;", false); sql_query("ALTER TABLE `{$g5['g5_shop_post_log_table']}` MODIFY ol_msg TEXT NOT NULL;", false);
sql_query("ALTER TABLE `{$g5['g5_shop_post_log_table']}` DROP PRIMARY KEY;", false); sql_query("ALTER TABLE `{$g5['g5_shop_post_log_table']}` DROP PRIMARY KEY;", false);
sql_query("ALTER TABLE `{$g5['g5_shop_post_log_table']}` ADD `log_id` int(11) NOT NULL AUTO_INCREMENT, ADD PRIMARY KEY (`log_id`);", false); sql_query("ALTER TABLE `{$g5['g5_shop_post_log_table']}` ADD `log_id` int(11) NOT NULL AUTO_INCREMENT, ADD PRIMARY KEY (`log_id`);", false);

196
adm/faqlist.php
View File

@ -1,99 +1,97 @@
<?php <?php
$sub_menu = '300700'; $sub_menu = '300700';
include_once('./_common.php'); require_once './_common.php';
auth_check_menu($auth, $sub_menu, "r"); auth_check_menu($auth, $sub_menu, "r");
$g5['title'] = 'FAQ 상세관리'; $g5['title'] = 'FAQ 상세관리';
if (isset($_REQUEST['fm_subject'])){ if (isset($_REQUEST['fm_subject'])) {
$fm_subject = clean_xss_tags($_REQUEST['fm_subject'], 1, 1, 255); $fm_subject = clean_xss_tags($_REQUEST['fm_subject'], 1, 1, 255);
$g5['title'] .= ' : '.$fm_subject; $g5['title'] .= ' : ' . $fm_subject;
} }
$fm_id = (int) $fm_id; $fm_id = isset($fm_id) ? (int) $fm_id : 0;
include_once (G5_ADMIN_PATH.'/admin.head.php'); require_once G5_ADMIN_PATH . '/admin.head.php';
$sql = " select * from {$g5['faq_master_table']} where fm_id = '$fm_id' "; $sql = " select * from {$g5['faq_master_table']} where fm_id = '$fm_id' ";
$fm = sql_fetch($sql); $fm = sql_fetch($sql);
$sql_common = " from {$g5['faq_table']} where fm_id = '$fm_id' "; $sql_common = " from {$g5['faq_table']} where fm_id = '$fm_id' ";
// 테이블의 전체 레코드수만 얻음 // 테이블의 전체 레코드수만 얻음
$sql = " select count(*) as cnt " . $sql_common; $sql = " select count(*) as cnt " . $sql_common;
$row = sql_fetch($sql); $row = sql_fetch($sql);
$total_count = $row['cnt']; $total_count = $row['cnt'];
$sql = "select * $sql_common order by fa_order , fa_id "; $sql = "select * $sql_common order by fa_order , fa_id ";
$result = sql_query($sql); $result = sql_query($sql);
?> ?>
<div class="local_ov01 local_ov"> <div class="local_ov01 local_ov">
<span class="btn_ov01"><span class="ov_txt"> 등록된 FAQ 상세내용</span><span class="ov_num"> <?php echo $total_count; ?>건</span></span> <span class="btn_ov01"><span class="ov_txt"> 등록된 FAQ 상세내용</span><span class="ov_num"> <?php echo $total_count; ?>건</span></span>
</div> </div>
<div class="local_desc01 local_desc"> <div class="local_desc01 local_desc">
<ol> <ol>
<li>FAQ는 무제한으로 등록할 수 있습니다</li> <li>FAQ는 무제한으로 등록할 수 있습니다</li>
<li><strong>FAQ 상세내용 추가</strong>를 눌러 자주하는 질문과 답변을 입력합니다.</li> <li><strong>FAQ 상세내용 추가</strong>를 눌러 자주하는 질문과 답변을 입력합니다.</li>
</ol> </ol>
</div> </div>
<div class="btn_fixed_top"> <div class="btn_fixed_top">
<a href="./faqmasterlist.php" class="btn btn_02">FAQ 관리</a> <a href="./faqmasterlist.php" class="btn btn_02">FAQ 관리</a>
<a href="./faqform.php?fm_id=<?php echo $fm['fm_id']; ?>" class="btn btn_01">FAQ 상세내용 추가</a> <a href="./faqform.php?fm_id=<?php echo $fm['fm_id']; ?>" class="btn btn_01">FAQ 상세내용 추가</a>
</div> </div>
<div class="tbl_head01 tbl_wrap"> <div class="tbl_head01 tbl_wrap">
<table> <table>
<caption><?php echo $g5['title']; ?> 목록</caption> <caption><?php echo $g5['title']; ?> 목록</caption>
<thead> <thead>
<tr> <tr>
<th scope="col">번호</th> <th scope="col">번호</th>
<th scope="col">제목</th> <th scope="col">제목</th>
<th scope="col">순서</th> <th scope="col">순서</th>
<th scope="col">관리</th> <th scope="col">관리</th>
</tr> </tr>
</thead> </thead>
<tbody> <tbody>
<?php <?php
for ($i=0; $row=sql_fetch_array($result); $i++) for ($i = 0; $row = sql_fetch_array($result); $i++) {
{ $row1 = sql_fetch(" select COUNT(*) as cnt from {$g5['faq_table']} where fm_id = '{$row['fm_id']}' ");
$row1 = sql_fetch(" select COUNT(*) as cnt from {$g5['faq_table']} where fm_id = '{$row['fm_id']}' "); $cnt = $row1['cnt'];
$cnt = $row1['cnt'];
$s_mod = icon("수정", "");
$s_mod = icon("수정", ""); $s_del = icon("삭제", "");
$s_del = icon("삭제", "");
$num = $i + 1;
$num = $i + 1;
$bg = 'bg' . ($i % 2);
$bg = 'bg'.($i%2);
$fa_subject = conv_content($row['fa_subject'], 1);
$fa_subject = conv_content($row['fa_subject'], 1); ?>
?>
<tr class="<?php echo $bg; ?>">
<tr class="<?php echo $bg; ?>"> <td class="td_num"><?php echo $num; ?></td>
<td class="td_num"><?php echo $num; ?></td> <td class="td_left"><?php echo $fa_subject; ?></td>
<td class="td_left"><?php echo $fa_subject; ?></td> <td class="td_num"><?php echo $row['fa_order']; ?></td>
<td class="td_num"><?php echo $row['fa_order']; ?></td> <td class="td_mng td_mng_m">
<td class="td_mng td_mng_m"> <a href="./faqform.php?w=u&amp;fm_id=<?php echo $row['fm_id']; ?>&amp;fa_id=<?php echo $row['fa_id']; ?>" class="btn btn_03"><span class="sound_only"><?php echo $fa_subject; ?> </span>수정</a>
<a href="./faqform.php?w=u&amp;fm_id=<?php echo $row['fm_id']; ?>&amp;fa_id=<?php echo $row['fa_id']; ?>" class="btn btn_03"><span class="sound_only"><?php echo $fa_subject; ?> </span>수정</a> <a href="./faqformupdate.php?w=d&amp;fm_id=<?php echo $row['fm_id']; ?>&amp;fa_id=<?php echo $row['fa_id']; ?>" onclick="return delete_confirm(this);" class="btn btn_02"><span class="sound_only"><?php echo $fa_subject; ?> </span>삭제</a>
<a href="./faqformupdate.php?w=d&amp;fm_id=<?php echo $row['fm_id']; ?>&amp;fa_id=<?php echo $row['fa_id']; ?>" onclick="return delete_confirm(this);" class="btn btn_02"><span class="sound_only"><?php echo $fa_subject; ?> </span>삭제</a> </td>
</td> </tr>
</tr> <?php
}
<?php
} if ($i == 0) {
echo '<tr><td colspan="4" class="empty_table">자료가 없습니다.</td></tr>';
if ($i == 0) { }
echo '<tr><td colspan="4" class="empty_table">자료가 없습니다.</td></tr>'; ?>
} </tbody>
?> </table>
</tbody>
</table> </div>
</div>
<?php
require_once G5_ADMIN_PATH . '/admin.tail.php';
<?php
include_once (G5_ADMIN_PATH.'/admin.tail.php');

342
adm/faqmasterform.php
View File

@ -1,167 +1,175 @@
<?php <?php
$sub_menu = '300700'; $sub_menu = '300700';
include_once('./_common.php'); require_once './_common.php';
include_once(G5_EDITOR_LIB); require_once G5_EDITOR_LIB;
auth_check_menu($auth, $sub_menu, "w"); auth_check_menu($auth, $sub_menu, "w");
$html_title = 'FAQ'; $html_title = 'FAQ';
$fm_id = isset($_GET['fm_id']) ? preg_replace('/[^0-9]/', '', $_GET['fm_id']) : 0; $fm_id = isset($_GET['fm_id']) ? strval(preg_replace('/[^0-9]/', '', $_GET['fm_id'])) : 0;
if ($w == "u") if ($w == "u") {
{ $html_title .= ' 수정';
$html_title .= ' 수정'; $readonly = ' readonly';
$readonly = ' readonly';
$sql = " select * from {$g5['faq_master_table']} where fm_id = '$fm_id' ";
$sql = " select * from {$g5['faq_master_table']} where fm_id = '$fm_id' "; $fm = sql_fetch($sql);
$fm = sql_fetch($sql); if (!$fm['fm_id']) {
if (!$fm['fm_id']) alert('등록된 자료가 없습니다.'); alert('등록된 자료가 없습니다.');
} }
else } else {
{ $html_title .= ' 입력';
$html_title .= ' 입력'; $fm = array('fm_order' => '', 'fm_subject' => '', 'fm_id' => 0, 'fm_head_html' => '', 'fm_tail_html' => '', 'fm_mobile_head_html' => '', 'fm_mobile_tail_html' => '');
$fm = array('fm_order'=>'', 'fm_subject'=>'', 'fm_id'=>0, 'fm_head_html'=> '', 'fm_tail_html'=> '', 'fm_mobile_head_html' => '', 'fm_mobile_tail_html' => ''); }
}
$g5['title'] = $html_title . ' 관리';
$g5['title'] = $html_title.' 관리';
// 모바일 상하단 내용 필드추가
// 모바일 상하단 내용 필드추가 if (!sql_query(" select fm_mobile_head_html from {$g5['faq_master_table']} limit 1 ", false)) {
if(!sql_query(" select fm_mobile_head_html from {$g5['faq_master_table']} limit 1 ", false)) { sql_query(
sql_query(" ALTER TABLE `{$g5['faq_master_table']}` " ALTER TABLE `{$g5['faq_master_table']}`
ADD `fm_mobile_head_html` text NOT NULL AFTER `fm_tail_html`, ADD `fm_mobile_head_html` text NOT NULL AFTER `fm_tail_html`,
ADD `fm_mobile_tail_html` text NOT NULL AFTER `fm_mobile_head_html` ", true); ADD `fm_mobile_tail_html` text NOT NULL AFTER `fm_mobile_head_html` ",
} true
);
include_once (G5_ADMIN_PATH.'/admin.head.php'); }
?>
require_once G5_ADMIN_PATH . '/admin.head.php';
<form name="frmfaqmasterform" action="./faqmasterformupdate.php" onsubmit="return frmfaqmasterform_check(this);" method="post" enctype="MULTIPART/FORM-DATA"> ?>
<input type="hidden" name="w" value="<?php echo $w; ?>">
<input type="hidden" name="fm_id" value="<?php echo $fm_id; ?>"> <form name="frmfaqmasterform" action="./faqmasterformupdate.php" onsubmit="return frmfaqmasterform_check(this);" method="post" enctype="MULTIPART/FORM-DATA">
<input type="hidden" name="token" value=""> <input type="hidden" name="w" value="<?php echo $w; ?>">
<input type="hidden" name="fm_id" value="<?php echo $fm_id; ?>">
<div class="tbl_frm01 tbl_wrap"> <input type="hidden" name="token" value="">
<table>
<caption><?php echo $g5['title']; ?></caption> <div class="tbl_frm01 tbl_wrap">
<colgroup> <table>
<col class="grid_4"> <caption><?php echo $g5['title']; ?></caption>
<col> <colgroup>
</colgroup> <col class="grid_4">
<tbody> <col>
<tr> </colgroup>
<th scope="row"><label for="fm_order">출력순서</label></th> <tbody>
<td> <tr>
<?php echo help('숫자가 작을수록 FAQ 분류에서 먼저 출력됩니다.'); ?> <th scope="row"><label for="fm_order">출력순서</label></th>
<input type="text" name="fm_order" value="<?php echo $fm['fm_order']; ?>" id="fm_order" class="frm_input" maxlength="10" size="10"> <td>
</td> <?php echo help('숫자가 작을수록 FAQ 분류에서 먼저 출력됩니다.'); ?>
</tr> <input type="text" name="fm_order" value="<?php echo $fm['fm_order']; ?>" id="fm_order" class="frm_input" maxlength="10" size="10">
<tr> </td>
<th scope="row"><label for="fm_subject">제목</label></th> </tr>
<td> <tr>
<input type="text" value="<?php echo get_text($fm['fm_subject']); ?>" name="fm_subject" id="fm_subject" required class="frm_input required" size="70"> <th scope="row"><label for="fm_subject">제목</label></th>
<?php if ($w == 'u') { ?> <td>
<a href="<?php echo G5_BBS_URL; ?>/faq.php?fm_id=<?php echo $fm_id; ?>" class="btn_frmline">보기</a> <input type="text" value="<?php echo get_text($fm['fm_subject']); ?>" name="fm_subject" id="fm_subject" required class="frm_input required" size="70">
<a href="./faqlist.php?fm_id=<?php echo $fm_id; ?>" class="btn_frmline">상세보기</a> <?php if ($w == 'u') { ?>
<?php } ?> <a href="<?php echo G5_BBS_URL; ?>/faq.php?fm_id=<?php echo $fm_id; ?>" class="btn_frmline">보기</a>
</td> <a href="./faqlist.php?fm_id=<?php echo $fm_id; ?>" class="btn_frmline">상세보기</a>
</tr> <?php } ?>
<tr> </td>
<th scope="row"><label for="fm_himg">상단이미지</label></th> </tr>
<td> <tr>
<input type="file" name="fm_himg" id="fm_himg"> <th scope="row"><label for="fm_himg">상단이미지</label></th>
<?php <td>
$himg = G5_DATA_PATH.'/faq/'.$fm['fm_id'].'_h'; <input type="file" name="fm_himg" id="fm_himg">
$himg_str = ''; <?php
if (file_exists($himg)) { $himg = G5_DATA_PATH . '/faq/' . $fm['fm_id'] . '_h';
$size = @getimagesize($himg); $himg_str = '';
if($size[0] && $size[0] > 750) $width = 0;
$width = 750; if (file_exists($himg)) {
else $size = @getimagesize($himg);
$width = $size[0]; if ($size) {
if ($size[0] && $size[0] > 750) {
echo '<input type="checkbox" name="fm_himg_del" value="1" id="fm_himg_del"> <label for="fm_himg_del">삭제</label>'; $width = 750;
$himg_str = '<img src="'.G5_DATA_URL.'/faq/'.$fm['fm_id'].'_h" width="'.$width.'" alt="">'; } else {
} $width = $size[0];
if ($himg_str) { }
echo '<div class="banner_or_img">'; }
echo $himg_str; echo '<input type="checkbox" name="fm_himg_del" value="1" id="fm_himg_del"> <label for="fm_himg_del">삭제</label>';
echo '</div>'; $himg_str = '<img src="' . G5_DATA_URL . '/faq/' . $fm['fm_id'] . '_h" width="' . $width . '" alt="">';
} }
?> if ($himg_str) {
</td> echo '<div class="banner_or_img">';
</tr> echo $himg_str;
<tr> echo '</div>';
<th scope="row"><label for="fm_timg">하단이미지</label></th> }
<td> ?>
<input type="file" name="fm_timg" id="fm_timg"> </td>
<?php </tr>
$timg = G5_DATA_PATH.'/faq/'.$fm['fm_id'].'_t'; <tr>
$timg_str = ''; <th scope="row"><label for="fm_timg">하단이미지</label></th>
if (file_exists($timg)) { <td>
$size = @getimagesize($timg); <input type="file" name="fm_timg" id="fm_timg">
if($size[0] && $size[0] > 750) <?php
$width = 750; $timg = G5_DATA_PATH . '/faq/' . $fm['fm_id'] . '_t';
else $timg_str = '';
$width = $size[0]; $width = 0;
if (file_exists($timg)) {
echo '<input type="checkbox" name="fm_timg_del" value="1" id="fm_timg_del"><label for="fm_timg_del">삭제</label>'; $size = @getimagesize($timg);
$timg_str = '<img src="'.G5_DATA_URL.'/faq/'.$fm['fm_id'].'_t" width="'.$width.'" alt="">'; if ($size) {
} if ($size[0] && $size[0] > 750) {
if ($timg_str) { $width = 750;
echo '<div class="banner_or_img">'; } else {
echo $timg_str; $width = $size[0];
echo '</div>'; }
} }
?>
</td> echo '<input type="checkbox" name="fm_timg_del" value="1" id="fm_timg_del"><label for="fm_timg_del">삭제</label>';
</tr> $timg_str = '<img src="' . G5_DATA_URL . '/faq/' . $fm['fm_id'] . '_t" width="' . $width . '" alt="">';
<tr> }
<th scope="row">상단 내용</th> if ($timg_str) {
<td> echo '<div class="banner_or_img">';
<?php echo editor_html('fm_head_html', get_text(html_purifier($fm['fm_head_html']), 0)); ?> echo $timg_str;
</td> echo '</div>';
</tr> }
<tr> ?>
<th scope="row">하단 내용</th> </td>
<td> </tr>
<?php echo editor_html('fm_tail_html', get_text(html_purifier($fm['fm_tail_html']), 0)); ?> <tr>
</td> <th scope="row">상단 내용</th>
</tr> <td>
<tr> <?php echo editor_html('fm_head_html', get_text(html_purifier($fm['fm_head_html']), 0)); ?>
<th scope="row">모바일상단 내용</th> </td>
<td> </tr>
<?php echo editor_html('fm_mobile_head_html', get_text(html_purifier($fm['fm_mobile_head_html']), 0)); ?> <tr>
</td> <th scope="row">하단 내용</th>
</tr> <td>
<tr> <?php echo editor_html('fm_tail_html', get_text(html_purifier($fm['fm_tail_html']), 0)); ?>
<th scope="row">모바일하단 내용</th> </td>
<td> </tr>
<?php echo editor_html('fm_mobile_tail_html', get_text(html_purifier($fm['fm_mobile_tail_html']), 0)); ?> <tr>
</td> <th scope="row">모바일상단 내용</th>
</tr> <td>
</tbody> <?php echo editor_html('fm_mobile_head_html', get_text(html_purifier($fm['fm_mobile_head_html']), 0)); ?>
</table> </td>
</div> </tr>
<tr>
<div class="btn_fixed_top"> <th scope="row">모바일하단 내용</th>
<a href="./faqmasterlist.php" class="btn btn_02">목록</a> <td>
<input type="submit" value="확인" class="btn_submit btn" accesskey="s"> <?php echo editor_html('fm_mobile_tail_html', get_text(html_purifier($fm['fm_mobile_tail_html']), 0)); ?>
</div> </td>
</tr>
</form> </tbody>
</table>
<script> </div>
function frmfaqmasterform_check(f)
{ <div class="btn_fixed_top">
<?php echo get_editor_js('fm_head_html'); ?> <a href="./faqmasterlist.php" class="btn btn_02">목록</a>
<?php echo get_editor_js('fm_tail_html'); ?> <input type="submit" value="확인" class="btn_submit btn" accesskey="s">
<?php echo get_editor_js('fm_mobile_head_html'); ?> </div>
<?php echo get_editor_js('fm_mobile_tail_html'); ?>
} </form>
// document.frmfaqmasterform.fm_subject.focus(); <script>
</script> function frmfaqmasterform_check(f) {
<?php echo get_editor_js('fm_head_html'); ?>
<?php <?php echo get_editor_js('fm_tail_html'); ?>
include_once (G5_ADMIN_PATH.'/admin.tail.php'); <?php echo get_editor_js('fm_mobile_head_html'); ?>
<?php echo get_editor_js('fm_mobile_tail_html'); ?>
}
// document.frmfaqmasterform.fm_subject.focus();
</script>
<?php
require_once G5_ADMIN_PATH . '/admin.tail.php';

166
adm/faqmasterformupdate.php
View File

@ -1,83 +1,83 @@
<?php <?php
$sub_menu = '300700'; $sub_menu = '300700';
include_once('./_common.php'); require_once './_common.php';
if ($w == "u" || $w == "d") if ($w == "u" || $w == "d") {
check_demo(); check_demo();
}
if ($w == 'd')
auth_check_menu($auth, $sub_menu, "d"); if ($w == 'd') {
else auth_check_menu($auth, $sub_menu, "d");
auth_check_menu($auth, $sub_menu, "w"); } else {
auth_check_menu($auth, $sub_menu, "w");
check_admin_token(); }
@mkdir(G5_DATA_PATH."/faq", G5_DIR_PERMISSION); check_admin_token();
@chmod(G5_DATA_PATH."/faq", G5_DIR_PERMISSION);
@mkdir(G5_DATA_PATH . "/faq", G5_DIR_PERMISSION);
$fm_id = isset($_REQUEST['fm_id']) ? (int) $_REQUEST['fm_id'] : 0; @chmod(G5_DATA_PATH . "/faq", G5_DIR_PERMISSION);
$fm_himg_del = isset($_POST['fm_himg_del']) ? (int) $_POST['fm_himg_del'] : 0;
$fm_timg_del = isset($_POST['fm_timg_del']) ? (int) $_POST['fm_timg_del'] : 0; $fm_id = isset($_REQUEST['fm_id']) ? (int) $_REQUEST['fm_id'] : 0;
$fm_subject = isset($_POST['fm_subject']) ? strip_tags(clean_xss_attributes($_POST['fm_subject'])) : ''; $fm_himg_del = isset($_POST['fm_himg_del']) ? (int) $_POST['fm_himg_del'] : 0;
$fm_head_html = isset($_POST['fm_head_html']) ? $_POST['fm_head_html'] : ''; $fm_timg_del = isset($_POST['fm_timg_del']) ? (int) $_POST['fm_timg_del'] : 0;
$fm_tail_html = isset($_POST['fm_tail_html']) ? $_POST['fm_tail_html'] : ''; $fm_subject = isset($_POST['fm_subject']) ? strip_tags(clean_xss_attributes($_POST['fm_subject'])) : '';
$fm_mobile_head_html = isset($_POST['fm_mobile_head_html']) ? $_POST['fm_mobile_head_html'] : ''; $fm_head_html = isset($_POST['fm_head_html']) ? $_POST['fm_head_html'] : '';
$fm_mobile_tail_html = isset($_POST['fm_mobile_tail_html']) ? $_POST['fm_mobile_tail_html'] : ''; $fm_tail_html = isset($_POST['fm_tail_html']) ? $_POST['fm_tail_html'] : '';
$fm_order = isset($_POST['fm_order']) ? (int) $_POST['fm_order'] : 0; $fm_mobile_head_html = isset($_POST['fm_mobile_head_html']) ? $_POST['fm_mobile_head_html'] : '';
$fm_mobile_tail_html = isset($_POST['fm_mobile_tail_html']) ? $_POST['fm_mobile_tail_html'] : '';
if ($fm_himg_del) @unlink(G5_DATA_PATH."/faq/{$fm_id}_h"); $fm_order = isset($_POST['fm_order']) ? (int) $_POST['fm_order'] : 0;
if ($fm_timg_del) @unlink(G5_DATA_PATH."/faq/{$fm_id}_t");
if ($fm_himg_del) {
$sql_common = " set fm_subject = '$fm_subject', @unlink(G5_DATA_PATH . "/faq/{$fm_id}_h");
fm_head_html = '$fm_head_html', }
fm_tail_html = '$fm_tail_html', if ($fm_timg_del) {
fm_mobile_head_html = '$fm_mobile_head_html', @unlink(G5_DATA_PATH . "/faq/{$fm_id}_t");
fm_mobile_tail_html = '$fm_mobile_tail_html', }
fm_order = '$fm_order' ";
$sql_common = " set fm_subject = '$fm_subject',
if ($w == "") fm_head_html = '$fm_head_html',
{ fm_tail_html = '$fm_tail_html',
$sql = " alter table {$g5['faq_master_table']} auto_increment=1 "; fm_mobile_head_html = '$fm_mobile_head_html',
sql_query($sql); fm_mobile_tail_html = '$fm_mobile_tail_html',
fm_order = '$fm_order' ";
$sql = " insert {$g5['faq_master_table']} $sql_common ";
sql_query($sql); if ($w == "") {
$sql = " alter table {$g5['faq_master_table']} auto_increment=1 ";
$fm_id = sql_insert_id(); sql_query($sql);
}
else if ($w == "u") $sql = " insert {$g5['faq_master_table']} $sql_common ";
{ sql_query($sql);
$sql = " update {$g5['faq_master_table']} $sql_common where fm_id = '$fm_id' ";
sql_query($sql); $fm_id = sql_insert_id();
} } elseif ($w == "u") {
else if ($w == "d") $sql = " update {$g5['faq_master_table']} $sql_common where fm_id = '$fm_id' ";
{ sql_query($sql);
@unlink(G5_DATA_PATH."/faq/{$fm_id}_h"); } elseif ($w == "d") {
@unlink(G5_DATA_PATH."/faq/{$fm_id}_t"); @unlink(G5_DATA_PATH . "/faq/{$fm_id}_h");
@unlink(G5_DATA_PATH . "/faq/{$fm_id}_t");
// FAQ삭제
$sql = " delete from {$g5['faq_master_table']} where fm_id = '$fm_id' "; // FAQ삭제
sql_query($sql); $sql = " delete from {$g5['faq_master_table']} where fm_id = '$fm_id' ";
sql_query($sql);
// FAQ상세삭제
$sql = " delete from {$g5['faq_table']} where fm_id = '$fm_id' "; // FAQ상세삭제
sql_query($sql); $sql = " delete from {$g5['faq_table']} where fm_id = '$fm_id' ";
} sql_query($sql);
}
if ($w == "" || $w == "u")
{ if ($w == "" || $w == "u") {
if ($_FILES['fm_himg']['name']){ if ($_FILES['fm_himg']['name']) {
$dest_path = G5_DATA_PATH."/faq/".$fm_id."_h"; $dest_path = G5_DATA_PATH . "/faq/" . $fm_id . "_h";
@move_uploaded_file($_FILES['fm_himg']['tmp_name'], $dest_path); @move_uploaded_file($_FILES['fm_himg']['tmp_name'], $dest_path);
@chmod($dest_path, G5_FILE_PERMISSION); @chmod($dest_path, G5_FILE_PERMISSION);
} }
if ($_FILES['fm_timg']['name']){ if ($_FILES['fm_timg']['name']) {
$dest_path = G5_DATA_PATH."/faq/".$fm_id."_t"; $dest_path = G5_DATA_PATH . "/faq/" . $fm_id . "_t";
@move_uploaded_file($_FILES['fm_timg']['tmp_name'], $dest_path); @move_uploaded_file($_FILES['fm_timg']['tmp_name'], $dest_path);
@chmod($dest_path, G5_FILE_PERMISSION); @chmod($dest_path, G5_FILE_PERMISSION);
} }
goto_url("./faqmasterform.php?w=u&amp;fm_id=$fm_id"); goto_url("./faqmasterform.php?w=u&amp;fm_id=$fm_id");
} } else {
else goto_url("./faqmasterlist.php");
goto_url("./faqmasterlist.php"); }

264
adm/faqmasterlist.php
View File

@ -1,127 +1,137 @@
<?php <?php
$sub_menu = '300700'; $sub_menu = '300700';
include_once('./_common.php'); require_once './_common.php';
auth_check_menu($auth, $sub_menu, "r"); auth_check_menu($auth, $sub_menu, "r");
//dbconfig파일에 $g5['faq_table'] , $g5['faq_master_table'] 배열변수가 있는지 체크 //dbconfig파일에 $g5['faq_table'] , $g5['faq_master_table'] 배열변수가 있는지 체크
if( !isset($g5['faq_table']) || !isset($g5['faq_master_table']) ){ if (!isset($g5['faq_table']) || !isset($g5['faq_master_table'])) {
die('<meta charset="utf-8">/data/dbconfig.php 파일에 <br ><strong>$g5[\'faq_table\'] = G5_TABLE_PREFIX.\'faq\';</strong><br ><strong>$g5[\'faq_master_table\'] = G5_TABLE_PREFIX.\'faq_master\';</strong><br > 를 추가해 주세요.'); die('<meta charset="utf-8">/data/dbconfig.php 파일에 <br ><strong>$g5[\'faq_table\'] = G5_TABLE_PREFIX.\'faq\';</strong><br ><strong>$g5[\'faq_master_table\'] = G5_TABLE_PREFIX.\'faq_master\';</strong><br > 를 추가해 주세요.');
} }
//자주하시는 질문 마스터 테이블이 있는지 검사한다. //자주하시는 질문 마스터 테이블이 있는지 검사한다.
if(!sql_query(" DESCRIBE {$g5['faq_master_table']} ", false)) { if (!sql_query(" DESCRIBE {$g5['faq_master_table']} ", false)) {
if(sql_query(" DESCRIBE {$g5['g5_shop_faq_master_table']} ", false)) { if (sql_query(" DESCRIBE {$g5['g5_shop_faq_master_table']} ", false)) {
sql_query(" ALTER TABLE {$g5['g5_shop_faq_master_table']} RENAME TO `{$g5['faq_master_table']}` ;", false); sql_query(" ALTER TABLE {$g5['g5_shop_faq_master_table']} RENAME TO `{$g5['faq_master_table']}` ;", false);
} else { } else {
$query_cp = sql_query(" CREATE TABLE IF NOT EXISTS `{$g5['faq_master_table']}` ( $query_cp = sql_query(
`fm_id` int(11) NOT NULL AUTO_INCREMENT, " CREATE TABLE IF NOT EXISTS `{$g5['faq_master_table']}` (
`fm_subject` varchar(255) NOT NULL DEFAULT '', `fm_id` int(11) NOT NULL AUTO_INCREMENT,
`fm_head_html` text NOT NULL, `fm_subject` varchar(255) NOT NULL DEFAULT '',
`fm_tail_html` text NOT NULL, `fm_head_html` text NOT NULL,
`fm_order` int(11) NOT NULL DEFAULT '0', `fm_tail_html` text NOT NULL,
PRIMARY KEY (`fm_id`) `fm_order` int(11) NOT NULL DEFAULT '0',
) ENGINE=MyISAM DEFAULT CHARSET=utf8 ", true); PRIMARY KEY (`fm_id`)
} ) ENGINE=MyISAM DEFAULT CHARSET=utf8 ",
// FAQ Master true
sql_query(" insert into `{$g5['faq_master_table']}` set fm_id = '1', fm_subject = '자주하시는 질문' ", false); );
} }
// FAQ Master
//자주하시는 질문 테이블이 있는지 검사한다. sql_query(" insert into `{$g5['faq_master_table']}` set fm_id = '1', fm_subject = '자주하시는 질문' ", false);
if(!sql_query(" DESCRIBE {$g5['faq_table']} ", false)) { }
if(sql_query(" DESCRIBE {$g5['g5_shop_faq_table']} ", false)) {
sql_query(" ALTER TABLE {$g5['g5_shop_faq_table']} RENAME TO `{$g5['faq_table']}` ;", false); //자주하시는 질문 테이블이 있는지 검사한다.
} else { if (!sql_query(" DESCRIBE {$g5['faq_table']} ", false)) {
$query_cp = sql_query(" CREATE TABLE IF NOT EXISTS `{$g5['faq_table']}` ( if (sql_query(" DESCRIBE {$g5['g5_shop_faq_table']} ", false)) {
`fa_id` int(11) NOT NULL AUTO_INCREMENT, sql_query(" ALTER TABLE {$g5['g5_shop_faq_table']} RENAME TO `{$g5['faq_table']}` ;", false);
`fm_id` int(11) NOT NULL DEFAULT '0', } else {
`fa_subject` text NOT NULL, $query_cp = sql_query(
`fa_content` text NOT NULL, " CREATE TABLE IF NOT EXISTS `{$g5['faq_table']}` (
`fa_order` int(11) NOT NULL DEFAULT '0', `fa_id` int(11) NOT NULL AUTO_INCREMENT,
PRIMARY KEY (`fa_id`), `fm_id` int(11) NOT NULL DEFAULT '0',
KEY `fm_id` (`fm_id`) `fa_subject` text NOT NULL,
) ENGINE=MyISAM DEFAULT CHARSET=utf8 ", true); `fa_content` text NOT NULL,
} `fa_order` int(11) NOT NULL DEFAULT '0',
} PRIMARY KEY (`fa_id`),
KEY `fm_id` (`fm_id`)
$g5['title'] = 'FAQ관리'; ) ENGINE=MyISAM DEFAULT CHARSET=utf8 ",
include_once (G5_ADMIN_PATH.'/admin.head.php'); true
);
$sql_common = " from {$g5['faq_master_table']} "; }
}
// 테이블의 전체 레코드수만 얻음
$sql = " select count(*) as cnt " . $sql_common; $g5['title'] = 'FAQ관리';
$row = sql_fetch($sql); require_once G5_ADMIN_PATH . '/admin.head.php';
$total_count = $row['cnt'];
$sql_common = " from {$g5['faq_master_table']} ";
$rows = $config['cf_page_rows'];
$total_page = ceil($total_count / $rows); // 전체 페이지 계산 // 테이블의 전체 레코드수만 얻음
if ($page < 1) { $page = 1; } // 페이지가 없으면 첫 페이지 (1 페이지) $sql = " select count(*) as cnt " . $sql_common;
$from_record = ($page - 1) * $rows; // 시작 열을 구함 $row = sql_fetch($sql);
$total_count = $row['cnt'];
$sql = "select * $sql_common order by fm_order, fm_id limit $from_record, {$config['cf_page_rows']} ";
$result = sql_query($sql); $rows = $config['cf_page_rows'];
?> $total_page = ceil($total_count / $rows); // 전체 페이지 계산
if ($page < 1) {
<div class="local_ov01 local_ov"> $page = 1;
<?php if ($page > 1) {?><a href="<?php echo $_SERVER['SCRIPT_NAME']; ?>">처음으로</a><?php } ?> } // 페이지가 없으면 첫 페이지 (1 페이지)
<span class="btn_ov01"><span class="ov_txt"> 전체 FAQ </span><span class="ov_num"> <?php echo $total_count; ?>건</span></span> $from_record = ($page - 1) * $rows; // 시작 열을 구함
</div>
$sql = "select * $sql_common order by fm_order, fm_id limit $from_record, {$config['cf_page_rows']} ";
<div class="local_desc01 local_desc"> $result = sql_query($sql);
<ol> ?>
<li>FAQ는 무제한으로 등록할 수 있습니다</li>
<li><strong>FAQ추가</strong>를 눌러 FAQ Master를 생성합니다. (하나의 FAQ 타이틀 생성 : 자주하시는 질문, 이용안내..등 )</li> <div class="local_ov01 local_ov">
<li>생성한 FAQ Master 의 <strong>제목</strong>을 눌러 세부 내용을 관리할 수 있습니다.</li> <?php if ($page > 1) { ?>
</ol> <a href="<?php echo $_SERVER['SCRIPT_NAME']; ?>">처음으로</a>
</div> <?php } ?>
<span class="btn_ov01"><span class="ov_txt"> 전체 FAQ </span><span class="ov_num"> <?php echo $total_count; ?>건</span></span>
<div class="btn_fixed_top"> </div>
<a href="./faqmasterform.php" class="btn_01 btn">FAQ추가</a>
</div> <div class="local_desc01 local_desc">
<ol>
<div class="tbl_head01 tbl_wrap"> <li>FAQ는 무제한으로 등록할 수 있습니다</li>
<table> <li><strong>FAQ추가</strong>를 눌러 FAQ Master를 생성합니다. (하나의 FAQ 타이틀 생성 : 자주하시는 질문, 이용안내..등 )</li>
<caption><?php echo $g5['title']; ?> 목록</caption> <li>생성한 FAQ Master 의 <strong>제목</strong>을 눌러 세부 내용을 관리할 수 있습니다.</li>
<thead> </ol>
<tr> </div>
<th scope="col">ID</th>
<th scope="col">제목</th> <div class="btn_fixed_top">
<th scope="col">FAQ수</th> <a href="./faqmasterform.php" class="btn_01 btn">FAQ추가</a>
<th scope="col">순서</th> </div>
<th scope="col">관리</th>
</tr> <div class="tbl_head01 tbl_wrap">
</thead> <table>
<tbody> <caption><?php echo $g5['title']; ?> 목록</caption>
<?php for ($i=0; $row=sql_fetch_array($result); $i++) { <thead>
$sql1 = " select COUNT(*) as cnt from {$g5['faq_table']} where fm_id = '{$row['fm_id']}' "; <tr>
$row1 = sql_fetch($sql1); <th scope="col">ID</th>
$cnt = $row1['cnt']; <th scope="col">제목</th>
$bg = 'bg'.($i%2); <th scope="col">FAQ수</th>
?> <th scope="col">순서</th>
<tr class="<?php echo $bg; ?>"> <th scope="col">관리</th>
<td class="td_num"><?php echo $row['fm_id']; ?></td> </tr>
<td class="td_left"><a href="./faqlist.php?fm_id=<?php echo $row['fm_id']; ?>&amp;fm_subject=<?php echo $row['fm_subject']; ?>"><?php echo stripslashes($row['fm_subject']); ?></a></td> </thead>
<td class="td_num"><?php echo $cnt; ?></td> <tbody>
<td class="td_num"><?php echo $row['fm_order']?></td> <?php for ($i = 0; $row = sql_fetch_array($result); $i++) {
<td class="td_mng td_mng_l"> $sql1 = " select COUNT(*) as cnt from {$g5['faq_table']} where fm_id = '{$row['fm_id']}' ";
<a href="./faqmasterform.php?w=u&amp;fm_id=<?php echo $row['fm_id']; ?>" class="btn btn_03"><span class="sound_only"><?php echo stripslashes($row['fm_subject']); ?> </span>수정</a> $row1 = sql_fetch($sql1);
<a href="<?php echo G5_BBS_URL; ?>/faq.php?fm_id=<?php echo $row['fm_id']; ?>" class="btn btn_02"><span class="sound_only"><?php echo stripslashes($row['fm_subject']); ?> </span>보기</a> $cnt = $row1['cnt'];
<a href="./faqmasterformupdate.php?w=d&amp;fm_id=<?php echo $row['fm_id']; ?>" onclick="return delete_confirm(this);" class="btn btn_02"><span class="sound_only"><?php echo stripslashes($row['fm_subject']); ?> </span>삭제</a> $bg = 'bg' . ($i % 2);
</td> ?>
</tr> <tr class="<?php echo $bg; ?>">
<?php <td class="td_num"><?php echo $row['fm_id']; ?></td>
} <td class="td_left"><a href="./faqlist.php?fm_id=<?php echo $row['fm_id']; ?>&amp;fm_subject=<?php echo $row['fm_subject']; ?>"><?php echo stripslashes($row['fm_subject']); ?></a></td>
<td class="td_num"><?php echo $cnt; ?></td>
if ($i == 0){ <td class="td_num"><?php echo $row['fm_order'] ?></td>
echo '<tr><td colspan="5" class="empty_table"><span>자료가 한건도 없습니다.</span></td></tr>'; <td class="td_mng td_mng_l">
} <a href="./faqmasterform.php?w=u&amp;fm_id=<?php echo $row['fm_id']; ?>" class="btn btn_03"><span class="sound_only"><?php echo stripslashes($row['fm_subject']); ?> </span>수정</a>
?> <a href="<?php echo G5_BBS_URL; ?>/faq.php?fm_id=<?php echo $row['fm_id']; ?>" class="btn btn_02"><span class="sound_only"><?php echo stripslashes($row['fm_subject']); ?> </span>보기</a>
</tbody> <a href="./faqmasterformupdate.php?w=d&amp;fm_id=<?php echo $row['fm_id']; ?>" onclick="return delete_confirm(this);" class="btn btn_02"><span class="sound_only"><?php echo stripslashes($row['fm_subject']); ?> </span>삭제</a>
</table> </td>
</div> </tr>
<?php
<?php echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, "{$_SERVER['SCRIPT_NAME']}?$qstr&amp;page="); ?> }
<?php if ($i == 0) {
include_once (G5_ADMIN_PATH.'/admin.tail.php'); echo '<tr><td colspan="5" class="empty_table"><span>자료가 한건도 없습니다.</span></td></tr>';
}
?>
</tbody>
</table>
</div>
<?php echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, "{$_SERVER['SCRIPT_NAME']}?$qstr&amp;page="); ?>
<?php
require_once G5_ADMIN_PATH . '/admin.tail.php';

353
adm/index.php
View File

@ -1,14 +1,14 @@
<?php <?php
$sub_menu = '100000'; $sub_menu = '100000';
include_once('./_common.php'); require_once './_common.php';
@include_once('./safe_check.php'); @require_once './safe_check.php';
if(function_exists('social_log_file_delete')){ if (function_exists('social_log_file_delete')) {
social_log_file_delete(86400); //소셜로그인 디버그 파일 24시간 지난것은 삭제 social_log_file_delete(86400); //소셜로그인 디버그 파일 24시간 지난것은 삭제
} }
$g5['title'] = '관리자메인'; $g5['title'] = '관리자메인';
include_once ('./admin.head.php'); require_once './admin.head.php';
$new_member_rows = 5; $new_member_rows = 5;
$new_point_rows = 5; $new_point_rows = 5;
@ -18,8 +18,9 @@ $sql_common = " from {$g5['member_table']} ";
$sql_search = " where (1) "; $sql_search = " where (1) ";
if ($is_admin != 'super') if ($is_admin != 'super') {
$sql_search .= " and mb_level <= '{$member['mb_level']}' "; $sql_search .= " and mb_level <= '{$member['mb_level']}' ";
}
if (!$sst) { if (!$sst) {
$sst = "mb_datetime"; $sst = "mb_datetime";
@ -56,69 +57,69 @@ $colspan = 12;
<div class="tbl_head01 tbl_wrap"> <div class="tbl_head01 tbl_wrap">
<table> <table>
<caption>신규가입회원</caption> <caption>신규가입회원</caption>
<thead> <thead>
<tr> <tr>
<th scope="col">회원아이디</th> <th scope="col">회원아이디</th>
<th scope="col">이름</th> <th scope="col">이름</th>
<th scope="col">닉네임</th> <th scope="col">닉네임</th>
<th scope="col">권한</th> <th scope="col">권한</th>
<th scope="col">포인트</th> <th scope="col">포인트</th>
<th scope="col">수신</th> <th scope="col">수신</th>
<th scope="col">공개</th> <th scope="col">공개</th>
<th scope="col">인증</th> <th scope="col">인증</th>
<th scope="col">차단</th> <th scope="col">차단</th>
<th scope="col">그룹</th> <th scope="col">그룹</th>
</tr> </tr>
</thead> </thead>
<tbody> <tbody>
<?php <?php
for ($i=0; $row=sql_fetch_array($result); $i++) for ($i = 0; $row = sql_fetch_array($result); $i++) {
{ // 접근가능한 그룹수
// 접근가능한 그룹수 $sql2 = " select count(*) as cnt from {$g5['group_member_table']} where mb_id = '{$row['mb_id']}' ";
$sql2 = " select count(*) as cnt from {$g5['group_member_table']} where mb_id = '{$row['mb_id']}' "; $row2 = sql_fetch($sql2);
$row2 = sql_fetch($sql2); $group = "";
$group = ""; if ($row2['cnt']) {
if ($row2['cnt']) $group = '<a href="./boardgroupmember_form.php?mb_id=' . $row['mb_id'] . '">' . $row2['cnt'] . '</a>';
$group = '<a href="./boardgroupmember_form.php?mb_id='.$row['mb_id'].'">'.$row2['cnt'].'</a>'; }
if ($is_admin == 'group') if ($is_admin == 'group') {
{ $s_mod = '';
$s_mod = ''; $s_del = '';
$s_del = ''; } else {
} $s_mod = '<a href="./member_form.php?$qstr&amp;w=u&amp;mb_id=' . $row['mb_id'] . '">수정</a>';
else $s_del = '<a href="./member_delete.php?' . $qstr . '&amp;w=d&amp;mb_id=' . $row['mb_id'] . '&amp;url=' . $_SERVER['SCRIPT_NAME'] . '" onclick="return delete_confirm(this);">삭제</a>';
{ }
$s_mod = '<a href="./member_form.php?$qstr&amp;w=u&amp;mb_id='.$row['mb_id'].'">수정</a>'; $s_grp = '<a href="./boardgroupmember_form.php?mb_id=' . $row['mb_id'] . '">그룹</a>';
$s_del = '<a href="./member_delete.php?'.$qstr.'&amp;w=d&amp;mb_id='.$row['mb_id'].'&amp;url='.$_SERVER['SCRIPT_NAME'].'" onclick="return delete_confirm(this);">삭제</a>';
}
$s_grp = '<a href="./boardgroupmember_form.php?mb_id='.$row['mb_id'].'">그룹</a>';
$leave_date = $row['mb_leave_date'] ? $row['mb_leave_date'] : date("Ymd", G5_SERVER_TIME); $leave_date = $row['mb_leave_date'] ? $row['mb_leave_date'] : date("Ymd", G5_SERVER_TIME);
$intercept_date = $row['mb_intercept_date'] ? $row['mb_intercept_date'] : date("Ymd", G5_SERVER_TIME); $intercept_date = $row['mb_intercept_date'] ? $row['mb_intercept_date'] : date("Ymd", G5_SERVER_TIME);
$mb_nick = get_sideview($row['mb_id'], get_text($row['mb_nick']), $row['mb_email'], $row['mb_homepage']); $mb_nick = get_sideview($row['mb_id'], get_text($row['mb_nick']), $row['mb_email'], $row['mb_homepage']);
$mb_id = $row['mb_id']; $mb_id = $row['mb_id'];
?> ?>
<tr> <tr>
<td class="td_mbid"><?php echo $mb_id ?></td> <td class="td_mbid"><?php echo $mb_id ?></td>
<td class="td_mbname"><?php echo get_text($row['mb_name']); ?></td> <td class="td_mbname"><?php echo get_text($row['mb_name']); ?></td>
<td class="td_mbname sv_use"><div><?php echo $mb_nick ?></div></td> <td class="td_mbname sv_use">
<td class="td_num"><?php echo $row['mb_level'] ?></td> <div><?php echo $mb_nick ?></div>
<td><a href="./point_list.php?sfl=mb_id&amp;stx=<?php echo $row['mb_id'] ?>"><?php echo number_format($row['mb_point']) ?></a></td> </td>
<td class="td_boolean"><?php echo $row['mb_mailling']?'예':'아니오'; ?></td> <td class="td_num"><?php echo $row['mb_level'] ?></td>
<td class="td_boolean"><?php echo $row['mb_open']?'예':'아니오'; ?></td> <td><a href="./point_list.php?sfl=mb_id&amp;stx=<?php echo $row['mb_id'] ?>"><?php echo number_format($row['mb_point']) ?></a></td>
<td class="td_boolean"><?php echo preg_match('/[1-9]/', $row['mb_email_certify'])?'예':'아니오'; ?></td> <td class="td_boolean"><?php echo $row['mb_mailling'] ? '예' : '아니오'; ?></td>
<td class="td_boolean"><?php echo $row['mb_intercept_date']?'예':'아니오'; ?></td> <td class="td_boolean"><?php echo $row['mb_open'] ? '예' : '아니오'; ?></td>
<td class="td_category"><?php echo $group ?></td> <td class="td_boolean"><?php echo preg_match('/[1-9]/', $row['mb_email_certify']) ? '예' : '아니오'; ?></td>
</tr> <td class="td_boolean"><?php echo $row['mb_intercept_date'] ? '예' : '아니오'; ?></td>
<?php <td class="td_category"><?php echo $group ?></td>
} </tr>
if ($i == 0) <?php
echo '<tr><td colspan="'.$colspan.'" class="empty_table">자료가 없습니다.</td></tr>'; }
?> if ($i == 0) {
</tbody> echo '<tr><td colspan="' . $colspan . '" class="empty_table">자료가 없습니다.</td></tr>';
}
?>
</tbody>
</table> </table>
</div> </div>
@ -131,13 +132,15 @@ $colspan = 12;
<?php <?php
$sql_common = " from {$g5['board_new_table']} a, {$g5['board_table']} b, {$g5['group_table']} c where a.bo_table = b.bo_table and b.gr_id = c.gr_id "; $sql_common = " from {$g5['board_new_table']} a, {$g5['board_table']} b, {$g5['group_table']} c where a.bo_table = b.bo_table and b.gr_id = c.gr_id ";
if ($gr_id) if ($gr_id) {
$sql_common .= " and b.gr_id = '$gr_id' "; $sql_common .= " and b.gr_id = '$gr_id' ";
}
if (isset($view) && $view) { if (isset($view) && $view) {
if ($view == 'w') if ($view == 'w') {
$sql_common .= " and a.wr_id = a.wr_parent "; $sql_common .= " and a.wr_id = a.wr_parent ";
else if ($view == 'c') } elseif ($view == 'c') {
$sql_common .= " and a.wr_id <> a.wr_parent "; $sql_common .= " and a.wr_id <> a.wr_parent ";
}
} }
$sql_order = " order by a.bn_id desc "; $sql_order = " order by a.bn_id desc ";
@ -153,72 +156,74 @@ $colspan = 5;
<div class="tbl_head01 tbl_wrap"> <div class="tbl_head01 tbl_wrap">
<table> <table>
<caption>최근게시물</caption> <caption>최근게시물</caption>
<thead> <thead>
<tr> <tr>
<th scope="col">그룹</th> <th scope="col">그룹</th>
<th scope="col">게시판</th> <th scope="col">게시판</th>
<th scope="col">제목</th> <th scope="col">제목</th>
<th scope="col">이름</th> <th scope="col">이름</th>
<th scope="col">일시</th> <th scope="col">일시</th>
</tr> </tr>
</thead> </thead>
<tbody> <tbody>
<?php <?php
$sql = " select a.*, b.bo_subject, c.gr_subject, c.gr_id {$sql_common} {$sql_order} limit {$new_write_rows} "; $sql = " select a.*, b.bo_subject, c.gr_subject, c.gr_id {$sql_common} {$sql_order} limit {$new_write_rows} ";
$result = sql_query($sql); $result = sql_query($sql);
for ($i=0; $row=sql_fetch_array($result); $i++) for ($i = 0; $row = sql_fetch_array($result); $i++) {
{ $tmp_write_table = $g5['write_prefix'] . $row['bo_table'];
$tmp_write_table = $g5['write_prefix'] . $row['bo_table'];
if ($row['wr_id'] == $row['wr_parent']) // 원글 // 원글
{ if ($row['wr_id'] == $row['wr_parent']) {
$comment = ""; $comment = "";
$comment_link = ""; $comment_link = "";
$row2 = sql_fetch(" select * from $tmp_write_table where wr_id = '{$row['wr_id']}' "); $row2 = sql_fetch(" select * from $tmp_write_table where wr_id = '{$row['wr_id']}' ");
$name = get_sideview($row2['mb_id'], get_text(cut_str($row2['wr_name'], $config['cf_cut_name'])), $row2['wr_email'], $row2['wr_homepage']); $name = get_sideview($row2['mb_id'], get_text(cut_str($row2['wr_name'], $config['cf_cut_name'])), $row2['wr_email'], $row2['wr_homepage']);
// 당일인 경우 시간으로 표시함 // 당일인 경우 시간으로 표시함
$datetime = substr($row2['wr_datetime'],0,10); $datetime = substr($row2['wr_datetime'], 0, 10);
$datetime2 = $row2['wr_datetime']; $datetime2 = $row2['wr_datetime'];
if ($datetime == G5_TIME_YMD) if ($datetime == G5_TIME_YMD) {
$datetime2 = substr($datetime2,11,5); $datetime2 = substr($datetime2, 11, 5);
else } else {
$datetime2 = substr($datetime2,5,5); $datetime2 = substr($datetime2, 5, 5);
}
} else // 코멘트
{
$comment = '댓글. ';
$comment_link = '#c_' . $row['wr_id'];
$row2 = sql_fetch(" select * from {$tmp_write_table} where wr_id = '{$row['wr_parent']}' ");
$row3 = sql_fetch(" select mb_id, wr_name, wr_email, wr_homepage, wr_datetime from {$tmp_write_table} where wr_id = '{$row['wr_id']}' ");
} $name = get_sideview($row3['mb_id'], get_text(cut_str($row3['wr_name'], $config['cf_cut_name'])), $row3['wr_email'], $row3['wr_homepage']);
else // 코멘트 // 당일인 경우 시간으로 표시함
{ $datetime = substr($row3['wr_datetime'], 0, 10);
$comment = '댓글. '; $datetime2 = $row3['wr_datetime'];
$comment_link = '#c_'.$row['wr_id']; if ($datetime == G5_TIME_YMD) {
$row2 = sql_fetch(" select * from {$tmp_write_table} where wr_id = '{$row['wr_parent']}' "); $datetime2 = substr($datetime2, 11, 5);
$row3 = sql_fetch(" select mb_id, wr_name, wr_email, wr_homepage, wr_datetime from {$tmp_write_table} where wr_id = '{$row['wr_id']}' "); } else {
$datetime2 = substr($datetime2, 5, 5);
}
}
?>
$name = get_sideview($row3['mb_id'], get_text(cut_str($row3['wr_name'], $config['cf_cut_name'])), $row3['wr_email'], $row3['wr_homepage']); <tr>
// 당일인 경우 시간으로 표시함 <td class="td_category"><a href="<?php echo G5_BBS_URL ?>/new.php?gr_id=<?php echo $row['gr_id'] ?>"><?php echo cut_str($row['gr_subject'], 10) ?></a></td>
$datetime = substr($row3['wr_datetime'],0,10); <td class="td_category"><a href="<?php echo get_pretty_url($row['bo_table']) ?>"><?php echo cut_str($row['bo_subject'], 20) ?></a></td>
$datetime2 = $row3['wr_datetime']; <td><a href="<?php echo get_pretty_url($row['bo_table'], $row2['wr_id']); ?><?php echo $comment_link ?>"><?php echo $comment ?><?php echo conv_subject($row2['wr_subject'], 100) ?></a></td>
if ($datetime == G5_TIME_YMD) <td class="td_mbname">
$datetime2 = substr($datetime2,11,5); <div><?php echo $name ?></div>
else </td>
$datetime2 = substr($datetime2,5,5); <td class="td_datetime"><?php echo $datetime ?></td>
} </tr>
?>
<tr> <?php
<td class="td_category"><a href="<?php echo G5_BBS_URL ?>/new.php?gr_id=<?php echo $row['gr_id'] ?>"><?php echo cut_str($row['gr_subject'],10) ?></a></td> }
<td class="td_category"><a href="<?php echo get_pretty_url($row['bo_table']) ?>"><?php echo cut_str($row['bo_subject'],20) ?></a></td> if ($i == 0) {
<td><a href="<?php echo get_pretty_url($row['bo_table'], $row2['wr_id']); ?><?php echo $comment_link ?>"><?php echo $comment ?><?php echo conv_subject($row2['wr_subject'], 100) ?></a></td> echo '<tr><td colspan="' . $colspan . '" class="empty_table">자료가 없습니다.</td></tr>';
<td class="td_mbname"><div><?php echo $name ?></div></td> }
<td class="td_datetime"><?php echo $datetime ?></td> ?>
</tr> </tbody>
<?php
}
if ($i == 0)
echo '<tr><td colspan="'.$colspan.'" class="empty_table">자료가 없습니다.</td></tr>';
?>
</tbody>
</table> </table>
</div> </div>
@ -250,56 +255,56 @@ $colspan = 7;
<div class="tbl_head01 tbl_wrap"> <div class="tbl_head01 tbl_wrap">
<table> <table>
<caption>최근 포인트 발생내역</caption> <caption>최근 포인트 발생내역</caption>
<thead> <thead>
<tr> <tr>
<th scope="col">회원아이디</th> <th scope="col">회원아이디</th>
<th scope="col">이름</th> <th scope="col">이름</th>
<th scope="col">닉네임</th> <th scope="col">닉네임</th>
<th scope="col">일시</th> <th scope="col">일시</th>
<th scope="col">포인트 내용</th> <th scope="col">포인트 내용</th>
<th scope="col">포인트</th> <th scope="col">포인트</th>
<th scope="col">포인트합</th> <th scope="col">포인트합</th>
</tr> </tr>
</thead> </thead>
<tbody> <tbody>
<?php <?php
$row2['mb_id'] = ''; $row2['mb_id'] = '';
for ($i=0; $row=sql_fetch_array($result); $i++) for ($i = 0; $row = sql_fetch_array($result); $i++) {
{ if ($row2['mb_id'] != $row['mb_id']) {
if ($row2['mb_id'] != $row['mb_id']) $sql2 = " select mb_id, mb_name, mb_nick, mb_email, mb_homepage, mb_point from {$g5['member_table']} where mb_id = '{$row['mb_id']}' ";
{ $row2 = sql_fetch($sql2);
$sql2 = " select mb_id, mb_name, mb_nick, mb_email, mb_homepage, mb_point from {$g5['member_table']} where mb_id = '{$row['mb_id']}' "; }
$row2 = sql_fetch($sql2);
}
$mb_nick = get_sideview($row['mb_id'], $row2['mb_nick'], $row2['mb_email'], $row2['mb_homepage']); $mb_nick = get_sideview($row['mb_id'], $row2['mb_nick'], $row2['mb_email'], $row2['mb_homepage']);
$link1 = $link2 = ""; $link1 = $link2 = "";
if (!preg_match("/^\@/", $row['po_rel_table']) && $row['po_rel_table']) if (!preg_match("/^\@/", $row['po_rel_table']) && $row['po_rel_table']) {
{ $link1 = '<a href="' . get_pretty_url($row['po_rel_table'], $row['po_rel_id']) . '" target="_blank">';
$link1 = '<a href="'.get_pretty_url($row['po_rel_table'], $row['po_rel_id']).'" target="_blank">'; $link2 = '</a>';
$link2 = '</a>'; }
} ?>
?>
<tr> <tr>
<td class="td_mbid"><a href="./point_list.php?sfl=mb_id&amp;stx=<?php echo $row['mb_id'] ?>"><?php echo $row['mb_id'] ?></a></td> <td class="td_mbid"><a href="./point_list.php?sfl=mb_id&amp;stx=<?php echo $row['mb_id'] ?>"><?php echo $row['mb_id'] ?></a></td>
<td class="td_mbname"><?php echo get_text($row2['mb_name']); ?></td> <td class="td_mbname"><?php echo get_text($row2['mb_name']); ?></td>
<td class="td_name sv_use"><div><?php echo $mb_nick ?></div></td> <td class="td_name sv_use">
<td class="td_datetime"><?php echo $row['po_datetime'] ?></td> <div><?php echo $mb_nick ?></div>
<td><?php echo $link1.$row['po_content'].$link2 ?></td> </td>
<td class="td_numbig"><?php echo number_format($row['po_point']) ?></td> <td class="td_datetime"><?php echo $row['po_datetime'] ?></td>
<td class="td_numbig"><?php echo number_format($row['po_mb_point']) ?></td> <td><?php echo $link1 . $row['po_content'] . $link2 ?></td>
</tr> <td class="td_numbig"><?php echo number_format($row['po_point']) ?></td>
<td class="td_numbig"><?php echo number_format($row['po_mb_point']) ?></td>
</tr>
<?php <?php
} }
if ($i == 0) if ($i == 0) {
echo '<tr><td colspan="'.$colspan.'" class="empty_table">자료가 없습니다.</td></tr>'; echo '<tr><td colspan="' . $colspan . '" class="empty_table">자료가 없습니다.</td></tr>';
?> }
</tbody> ?>
</tbody>
</table> </table>
</div> </div>
@ -309,4 +314,4 @@ $colspan = 7;
</section> </section>
<?php <?php
include_once ('./admin.tail.php'); require_once './admin.tail.php';

9
adm/mail_delete.php
View File

@ -1,6 +1,6 @@
<?php <?php
$sub_menu = '200300'; $sub_menu = '200300';
include_once('./_common.php'); require_once './_common.php';
check_demo(); check_demo();
@ -10,14 +10,15 @@ check_admin_token();
$post_count_chk = (isset($_POST['chk']) && is_array($_POST['chk'])) ? count($_POST['chk']) : 0; $post_count_chk = (isset($_POST['chk']) && is_array($_POST['chk'])) ? count($_POST['chk']) : 0;
if(! $post_count_chk) if (!$post_count_chk) {
alert('삭제할 메일목록을 1개이상 선택해 주세요.'); alert('삭제할 메일목록을 1개이상 선택해 주세요.');
}
for($i=0; $i<$post_count_chk; $i++) { for ($i = 0; $i < $post_count_chk; $i++) {
$ma_id = isset($_POST['chk'][$i]) ? (int) $_POST['chk'][$i] : 0; $ma_id = isset($_POST['chk'][$i]) ? (int) $_POST['chk'][$i] : 0;
$sql = " delete from {$g5['mail_table']} where ma_id = '$ma_id' "; $sql = " delete from {$g5['mail_table']} where ma_id = '$ma_id' ";
sql_query($sql); sql_query($sql);
} }
goto_url('./mail_list.php'); goto_url('./mail_list.php');

174
adm/mail_form.php
View File

@ -1,86 +1,88 @@
<?php <?php
$sub_menu = "200300"; $sub_menu = "200300";
include_once('./_common.php'); require_once './_common.php';
include_once(G5_EDITOR_LIB); require_once G5_EDITOR_LIB;
auth_check_menu($auth, $sub_menu, 'r'); auth_check_menu($auth, $sub_menu, 'r');
$html_title = '회원메일'; $html_title = '회원메일';
$ma_id = isset($_GET['ma_id']) ? (int) $_GET['ma_id'] : 0; $ma_id = isset($_GET['ma_id']) ? (int) $_GET['ma_id'] : 0;
$ma = array('ma_id'=>0, 'ma_subject'=>'', 'ma_content'=>''); $ma = array('ma_id' => 0, 'ma_subject' => '', 'ma_content' => '');
if ($w == 'u') { if ($w == 'u') {
$html_title .= '수정'; $html_title .= '수정';
$readonly = ' readonly'; $readonly = ' readonly';
$sql = " select * from {$g5['mail_table']} where ma_id = '{$ma_id}' "; $sql = " select * from {$g5['mail_table']} where ma_id = '{$ma_id}' ";
$ma = sql_fetch($sql); $ma = sql_fetch($sql);
if (!$ma['ma_id']) if (!$ma['ma_id']) {
alert('등록된 자료가 없습니다.'); alert('등록된 자료가 없습니다.');
} else { }
$html_title .= '입력'; } else {
} $html_title .= '입력';
}
$g5['title'] = $html_title;
include_once('./admin.head.php'); $g5['title'] = $html_title;
?> require_once './admin.head.php';
?>
<div class="local_desc"><p>메일 내용에 {이름} , {닉네임} , {회원아이디} , {이메일} 처럼 내용에 삽입하면 해당 내용에 맞게 변환하여 메일을 발송합니다.</p></div>
<div class="local_desc">
<form name="fmailform" id="fmailform" action="./mail_update.php" onsubmit="return fmailform_check(this);" method="post"> <p>메일 내용에 {이름} , {닉네임} , {회원아이디} , {이메일} 처럼 내용에 삽입하면 해당 내용에 맞게 변환하여 메일을 발송합니다.</p>
<input type="hidden" name="w" value="<?php echo $w ?>" id="w"> </div>
<input type="hidden" name="ma_id" value="<?php echo $ma['ma_id'] ?>" id="ma_id">
<input type="hidden" name="token" value="" id="token"> <form name="fmailform" id="fmailform" action="./mail_update.php" onsubmit="return fmailform_check(this);" method="post">
<input type="hidden" name="w" value="<?php echo $w ?>" id="w">
<div class="tbl_frm01 tbl_wrap"> <input type="hidden" name="ma_id" value="<?php echo $ma['ma_id'] ?>" id="ma_id">
<table> <input type="hidden" name="token" value="" id="token">
<caption><?php echo $g5['title']; ?></caption>
<colgroup> <div class="tbl_frm01 tbl_wrap">
<col class="grid_4"> <table>
<col> <caption><?php echo $g5['title']; ?></caption>
</colgroup> <colgroup>
<tbody> <col class="grid_4">
<tr> <col>
<th scope="row"><label for="ma_subject">메일 제목<strong class="sound_only">필수</strong></label></th> </colgroup>
<td><input type="text" name="ma_subject" value="<?php echo get_sanitize_input($ma['ma_subject']); ?>" id="ma_subject" required class="required frm_input" size="100"></td> <tbody>
</tr> <tr>
<tr> <th scope="row"><label for="ma_subject">메일 제목<strong class="sound_only">필수</strong></label></th>
<th scope="row"><label for="ma_content">메일 내용<strong class="sound_only">필수</strong></label></th> <td><input type="text" name="ma_subject" value="<?php echo get_sanitize_input($ma['ma_subject']); ?>" id="ma_subject" required class="required frm_input" size="100"></td>
<td><?php echo editor_html("ma_content", get_text(html_purifier($ma['ma_content']), 0)); ?></td> </tr>
</tr> <tr>
</tbody> <th scope="row"><label for="ma_content">메일 내용<strong class="sound_only">필수</strong></label></th>
</table> <td><?php echo editor_html("ma_content", get_text(html_purifier($ma['ma_content']), 0)); ?></td>
</div> </tr>
</tbody>
<div class="btn_fixed_top "> </table>
<input type="submit" class="btn_submit btn" accesskey="s" value="확인"> </div>
</div>
</form> <div class="btn_fixed_top ">
<input type="submit" class="btn_submit btn" accesskey="s" value="확인">
<script> </div>
function fmailform_check(f) </form>
{
errmsg = ""; <script>
errfld = ""; function fmailform_check(f) {
errmsg = "";
check_field(f.ma_subject, "제목을 입력하세요."); errfld = "";
//check_field(f.ma_content, "내용을 입력하세요.");
check_field(f.ma_subject, "제목을 입력하세요.");
if (errmsg != "") { //check_field(f.ma_content, "내용을 입력하세요.");
alert(errmsg);
errfld.focus(); if (errmsg != "") {
return false; alert(errmsg);
} errfld.focus();
return false;
<?php echo get_editor_js("ma_content"); ?> }
<?php echo chk_editor_js("ma_content"); ?>
<?php echo get_editor_js("ma_content"); ?>
return true; <?php echo chk_editor_js("ma_content"); ?>
}
return true;
document.fmailform.ma_subject.focus(); }
</script>
document.fmailform.ma_subject.focus();
<?php </script>
include_once('./admin.tail.php');
<?php
require_once './admin.tail.php';

119
adm/mail_list.php
View File

@ -1,6 +1,6 @@
<?php <?php
$sub_menu = '200300'; $sub_menu = '200300';
include_once('./_common.php'); require_once './_common.php';
auth_check_menu($auth, $sub_menu, 'r'); auth_check_menu($auth, $sub_menu, 'r');
@ -17,7 +17,7 @@ $sql = " select * {$sql_common} order by ma_id desc ";
$result = sql_query($sql); $result = sql_query($sql);
$g5['title'] = '회원메일발송'; $g5['title'] = '회원메일발송';
include_once('./admin.head.php'); require_once './admin.head.php';
$colspan = 7; $colspan = 7;
?> ?>
@ -32,73 +32,74 @@ $colspan = 7;
<form name="fmaillist" id="fmaillist" action="./mail_delete.php" method="post"> <form name="fmaillist" id="fmaillist" action="./mail_delete.php" method="post">
<div class="tbl_head01 tbl_wrap"> <div class="tbl_head01 tbl_wrap">
<table> <table>
<caption><?php echo $g5['title']; ?> 목록</caption> <caption><?php echo $g5['title']; ?> 목록</caption>
<thead> <thead>
<tr> <tr>
<th scope="col"><input type="checkbox" name="chkall" value="1" id="chkall" title="현재 페이지 목록 전체선택" onclick="check_all(this.form)"></th> <th scope="col"><input type="checkbox" name="chkall" value="1" id="chkall" title="현재 페이지 목록 전체선택" onclick="check_all(this.form)"></th>
<th scope="col">번호</th> <th scope="col">번호</th>
<th scope="col">제목</th> <th scope="col">제목</th>
<th scope="col">작성일시</th> <th scope="col">작성일시</th>
<th scope="col">테스트</th> <th scope="col">테스트</th>
<th scope="col">보내기</th> <th scope="col">보내기</th>
<th scope="col">미리보기</th> <th scope="col">미리보기</th>
</tr> </tr>
</thead> </thead>
<tbody> <tbody>
<?php <?php
for ($i=0; $row=sql_fetch_array($result); $i++) { for ($i = 0; $row = sql_fetch_array($result); $i++) {
$s_vie = '<a href="./mail_preview.php?ma_id='.$row['ma_id'].'" target="_blank" class="btn btn_03">미리보기</a>'; $s_vie = '<a href="./mail_preview.php?ma_id=' . $row['ma_id'] . '" target="_blank" class="btn btn_03">미리보기</a>';
$num = number_format($total_count - ($page - 1) * $config['cf_page_rows'] - $i); $num = number_format($total_count - ($page - 1) * $config['cf_page_rows'] - $i);
$bg = 'bg'.($i%2); $bg = 'bg' . ($i % 2);
?> ?>
<tr class="<?php echo $bg; ?>"> <tr class="<?php echo $bg; ?>">
<td class="td_chk"> <td class="td_chk">
<label for="chk_<?php echo $i; ?>" class="sound_only"><?php echo $row['ma_subject']; ?> 메일</label> <label for="chk_<?php echo $i; ?>" class="sound_only"><?php echo $row['ma_subject']; ?> 메일</label>
<input type="checkbox" id="chk_<?php echo $i ?>" name="chk[]" value="<?php echo $row['ma_id'] ?>"> <input type="checkbox" id="chk_<?php echo $i ?>" name="chk[]" value="<?php echo $row['ma_id'] ?>">
</td> </td>
<td class="td_num_c"><?php echo $num ?></td> <td class="td_num_c"><?php echo $num ?></td>
<td class="td_left"><a href="./mail_form.php?w=u&amp;ma_id=<?php echo $row['ma_id'] ?>"><?php echo $row['ma_subject'] ?></a></td> <td class="td_left"><a href="./mail_form.php?w=u&amp;ma_id=<?php echo $row['ma_id'] ?>"><?php echo $row['ma_subject'] ?></a></td>
<td class="td_datetime"><?php echo $row['ma_time'] ?></td> <td class="td_datetime"><?php echo $row['ma_time'] ?></td>
<td class="td_test"><a href="./mail_test.php?ma_id=<?php echo $row['ma_id'] ?>">테스트</a></td> <td class="td_test"><a href="./mail_test.php?ma_id=<?php echo $row['ma_id'] ?>">테스트</a></td>
<td class="td_send"><a href="./mail_select_form.php?ma_id=<?php echo $row['ma_id'] ?>">보내기</a></td> <td class="td_send"><a href="./mail_select_form.php?ma_id=<?php echo $row['ma_id'] ?>">보내기</a></td>
<td class="td_mng"><?php echo $s_vie ?></td> <td class="td_mng"><?php echo $s_vie ?></td>
</tr> </tr>
<?php <?php
} }
if (!$i) if (!$i) {
echo "<tr><td colspan=\"".$colspan."\" class=\"empty_table\">자료가 없습니다.</td></tr>"; echo "<tr><td colspan=\"" . $colspan . "\" class=\"empty_table\">자료가 없습니다.</td></tr>";
?> }
</tbody> ?>
</table> </tbody>
</div> </table>
<div class="btn_fixed_top"> </div>
<input type="submit" value="선택삭제" class="btn btn_02"> <div class="btn_fixed_top">
<a href="./mail_form.php" id="mail_add" class="btn btn_01">메일내용추가</a> <input type="submit" value="선택삭제" class="btn btn_02">
</div> <a href="./mail_form.php" id="mail_add" class="btn btn_01">메일내용추가</a>
</div>
</form> </form>
<script> <script>
$(function() { $(function() {
$('#fmaillist').submit(function() { $('#fmaillist').submit(function() {
if(confirm("한번 삭제한 자료는 복구할 방법이 없습니다.\n\n정말 삭제하시겠습니까?")) { if (confirm("한번 삭제한 자료는 복구할 방법이 없습니다.\n\n정말 삭제하시겠습니까?")) {
if (!is_checked("chk[]")) { if (!is_checked("chk[]")) {
alert("선택삭제 하실 항목을 하나 이상 선택하세요."); alert("선택삭제 하실 항목을 하나 이상 선택하세요.");
return false;
}
return true;
} else {
return false; return false;
} }
});
return true;
} else {
return false;
}
}); });
});
</script> </script>
<?php <?php
include_once ('./admin.tail.php'); require_once './admin.tail.php';

28
adm/mail_preview.php
View File

@ -1,7 +1,7 @@
<?php <?php
$sub_menu = "200300"; $sub_menu = "200300";
include_once('./_common.php'); require_once './_common.php';
include_once(G5_LIB_PATH.'/mailer.lib.php'); require_once G5_LIB_PATH . '/mailer.lib.php';
auth_check_menu($auth, $sub_menu, 'r'); auth_check_menu($auth, $sub_menu, 'r');
@ -10,27 +10,23 @@ $ma_id = isset($_REQUEST['ma_id']) ? (int) $_REQUEST['ma_id'] : 0;
$se = sql_fetch("select ma_subject, ma_content from {$g5['mail_table']} where ma_id = '{$ma_id}' "); $se = sql_fetch("select ma_subject, ma_content from {$g5['mail_table']} where ma_id = '{$ma_id}' ");
$subject = $se['ma_subject']; $subject = $se['ma_subject'];
$content = conv_content($se['ma_content'], 1) . "<hr size=0><p><span style='font-size:9pt; font-family:굴림'>▶ 더 이상 정보 수신을 원치 않으시면 [<a href='".G5_BBS_URL."/email_stop.php?mb_id=***&amp;mb_md5=***' target='_blank'>수신거부</a>] 해 주십시오.</span></p>"; $content = conv_content($se['ma_content'], 1) . "<hr size=0><p><span style='font-size:9pt; font-family:굴림'>▶ 더 이상 정보 수신을 원치 않으시면 [<a href='" . G5_BBS_URL . "/email_stop.php?mb_id=***&amp;mb_md5=***' target='_blank'>수신거부</a>] 해 주십시오.</span></p>";
?> ?>
<!doctype html> <!doctype html>
<html lang="ko"> <html lang="ko">
<head> <head>
<meta charset="utf-8"> <meta charset="utf-8">
<title><?php echo G5_VERSION ?> 메일발송 테스트</title> <title><?php echo G5_VERSION ?> 메일발송 테스트</title>
</head> </head>
<body> <body>
<h1><?php echo $subject; ?></h1>
<h1><?php echo $subject; ?></h1> <p><?php echo $content; ?></p>
<p>
<p> <strong>주의!</strong> 이 화면에 보여지는 디자인은 실제 내용이 발송되었을 때 디자인과 다를 수 있습니다.
<?php echo $content; ?> </p>
</p>
<p>
<strong>주의!</strong> 이 화면에 보여지는 디자인은 실제 내용이 발송되었을 때 디자인과 다를 수 있습니다.
</p>
</body> </body>
</html> </html>

266
adm/mail_select_form.php
View File

@ -1,127 +1,139 @@
<?php <?php
$sub_menu = "200300"; $sub_menu = "200300";
include_once('./_common.php'); require_once './_common.php';
if (!$config['cf_email_use']) if (!$config['cf_email_use']) {
alert('환경설정에서 \'메일발송 사용\'에 체크하셔야 메일을 발송할 수 있습니다.'); alert('환경설정에서 \'메일발송 사용\'에 체크하셔야 메일을 발송할 수 있습니다.');
}
auth_check_menu($auth, $sub_menu, 'r');
auth_check_menu($auth, $sub_menu, 'r');
$ma_id = isset($_GET['ma_id']) ? (int) $_GET['ma_id'] : 0;
$ma_id = isset($_GET['ma_id']) ? (int) $_GET['ma_id'] : 0;
$sql = " select * from {$g5['mail_table']} where ma_id = '$ma_id' ";
$ma = sql_fetch($sql); $sql = " select * from {$g5['mail_table']} where ma_id = '$ma_id' ";
if (!$ma['ma_id']) $ma = sql_fetch($sql);
alert('보내실 내용을 선택하여 주십시오.'); if (!$ma['ma_id']) {
alert('보내실 내용을 선택하여 주십시오.');
// 전체회원수 }
$sql = " select COUNT(*) as cnt from {$g5['member_table']} ";
$row = sql_fetch($sql); // 전체회원수
$tot_cnt = $row['cnt']; $sql = " select COUNT(*) as cnt from {$g5['member_table']} ";
$row = sql_fetch($sql);
// 탈퇴대기회원수 $tot_cnt = $row['cnt'];
$sql = " select COUNT(*) as cnt from {$g5['member_table']} where mb_leave_date <> '' ";
$row = sql_fetch($sql); // 탈퇴대기회원수
$finish_cnt = $row['cnt']; $sql = " select COUNT(*) as cnt from {$g5['member_table']} where mb_leave_date <> '' ";
$row = sql_fetch($sql);
$last_option = explode('||', $ma['ma_last_option']); $finish_cnt = $row['cnt'];
for ($i=0; $i<count($last_option); $i++) {
$option = explode('=', $last_option[$i]); $last_option = explode('||', $ma['ma_last_option']);
// 동적변수 for ($i = 0; $i < count($last_option); $i++) {
$var = isset($option[0]) ? $option[0] : ''; $option = explode('=', $last_option[$i]);
if( isset($option[1]) ) $$var = $option[1]; // 동적변수
} $var = isset($option[0]) ? $option[0] : '';
if (isset($option[1])) {
if (!isset($mb_id1)) $mb_id1 = 1; $$var = $option[1];
if (!isset($mb_level_from)) $mb_level_from = 1; }
if (!isset($mb_level_to)) $mb_level_to = 10; }
if (!isset($mb_mailling)) $mb_mailling = 1;
if (!isset($mb_id1)) {
$mb_id1_from = isset($mb_id1_from) ? clean_xss_tags($mb_id1_from, 1, 1, 30) : ''; $mb_id1 = 1;
$mb_id1_to = isset($mb_id1_to) ? clean_xss_tags($mb_id1_to, 1, 1, 30) : ''; }
$mb_email = isset($mb_email) ? clean_xss_tags($mb_email, 1, 1, 100) : ''; if (!isset($mb_level_from)) {
$mb_level_from = 1;
$g5['title'] = '회원메일발송'; }
include_once('./admin.head.php'); if (!isset($mb_level_to)) {
?> $mb_level_to = 10;
}
<div class="local_ov01 local_ov"> if (!isset($mb_mailling)) {
전체회원 <?php echo number_format($tot_cnt) ?>명 , 탈퇴대기회원 <?php echo number_format($finish_cnt) ?>명, 정상회원 <?php echo number_format($tot_cnt - $finish_cnt) ?>명 중 메일 발송 대상 선택 $mb_mailling = 1;
</div> }
<form name="frmsendmailselectform" id="frmsendmailselectform" action="./mail_select_list.php" method="post" autocomplete="off"> $mb_id1_from = isset($mb_id1_from) ? clean_xss_tags($mb_id1_from, 1, 1, 30) : '';
<input type="hidden" name="ma_id" value="<?php echo $ma_id ?>"> $mb_id1_to = isset($mb_id1_to) ? clean_xss_tags($mb_id1_to, 1, 1, 30) : '';
$mb_email = isset($mb_email) ? clean_xss_tags($mb_email, 1, 1, 100) : '';
<div class="tbl_frm01 tbl_wrap">
<table> $g5['title'] = '회원메일발송';
<caption><?php echo $g5['title']; ?> 대상선택</caption> require_once './admin.head.php';
<tbody> ?>
<tr>
<th scope="row">회원 ID</th> <div class="local_ov01 local_ov">
<td> 전체회원 <?php echo number_format($tot_cnt) ?>명 , 탈퇴대기회원 <?php echo number_format($finish_cnt) ?>명, 정상회원 <?php echo number_format($tot_cnt - $finish_cnt) ?>명 중 메일 발송 대상 선택
<input type="radio" name="mb_id1" value="1" id="mb_id1_all" <?php echo $mb_id1?"checked":""; ?>> <label for="mb_id1_all">전체</label> </div>
<input type="radio" name="mb_id1" value="0" id="mb_id1_section" <?php echo !$mb_id1?"checked":""; ?>> <label for="mb_id1_section">구간</label>
<input type="text" name="mb_id1_from" value="<?php echo get_sanitize_input($mb_id1_from); ?>" id="mb_id1_from" title="시작구간" class="frm_input"> 에서 <form name="frmsendmailselectform" id="frmsendmailselectform" action="./mail_select_list.php" method="post" autocomplete="off">
<input type="text" name="mb_id1_to" value="<?php echo get_sanitize_input($mb_id1_to); ?>" id="mb_id1_to" title="종료구간" class="frm_input"> 까지 <input type="hidden" name="ma_id" value="<?php echo $ma_id ?>">
</td>
</tr> <div class="tbl_frm01 tbl_wrap">
<tr> <table>
<th scope="row"><label for="mb_email">E-mail</label></th> <caption><?php echo $g5['title']; ?> 대상선택</caption>
<td> <tbody>
<?php echo help("메일 주소에 단어 포함 (예 : @".preg_replace('#^(www[^\.]*\.){1}#', '', $_SERVER['HTTP_HOST']).")") ?> <tr>
<input type="text" name="mb_email" value="<?php echo get_sanitize_input($mb_email); ?>" id="mb_email" class="frm_input" size="50"> <th scope="row">회원 ID</th>
</td> <td>
</tr> <input type="radio" name="mb_id1" value="1" id="mb_id1_all" <?php echo $mb_id1 ? "checked" : ""; ?>> <label for="mb_id1_all">전체</label>
<tr> <input type="radio" name="mb_id1" value="0" id="mb_id1_section" <?php echo !$mb_id1 ? "checked" : ""; ?>> <label for="mb_id1_section">구간</label>
<th scope="row"><label for="mb_mailling">메일링</label></th> <input type="text" name="mb_id1_from" value="<?php echo get_sanitize_input($mb_id1_from); ?>" id="mb_id1_from" title="시작구간" class="frm_input"> 에서
<td> <input type="text" name="mb_id1_to" value="<?php echo get_sanitize_input($mb_id1_to); ?>" id="mb_id1_to" title="종료구간" class="frm_input"> 까지
<select name="mb_mailling" id="mb_mailling"> </td>
<option value="1">수신동의한 회원만 </tr>
<option value="">전체 <tr>
</select> <th scope="row"><label for="mb_email">E-mail</label></th>
</td> <td>
</tr> <?php echo help("메일 주소에 단어 포함 (예 : @" . preg_replace('#^(www[^\.]*\.){1}#', '', $_SERVER['HTTP_HOST']) . ")") ?>
<tr> <input type="text" name="mb_email" value="<?php echo get_sanitize_input($mb_email); ?>" id="mb_email" class="frm_input" size="50">
<th scope="row">권한</th> </td>
<td> </tr>
<label for="mb_level_from" class="sound_only">최소권한</label> <tr>
<select name="mb_level_from" id="mb_level_from"> <th scope="row"><label for="mb_mailling">메일링</label></th>
<?php for ($i=1; $i<=10; $i++) { ?> <td>
<option value="<?php echo $i ?>"><?php echo $i ?></option> <select name="mb_mailling" id="mb_mailling">
<?php } ?> <option value="1">수신동의한 회원만
</select> 에서 <option value="">전체
<label for="mb_level_to" class="sound_only">최대권한</label> </select>
<select name="mb_level_to" id="mb_level_to"> </td>
<?php for ($i=1; $i<=10; $i++) { ?> </tr>
<option value="<?php echo $i ?>"<?php echo $i==10 ? " selected" : ""; ?>><?php echo $i ?></option> <tr>
<?php } ?> <th scope="row">권한</th>
</select> 까지 <td>
</td> <label for="mb_level_from" class="sound_only">최소권한</label>
</tr> <select name="mb_level_from" id="mb_level_from">
<tr> <?php for ($i = 1; $i <= 10; $i++) { ?>
<th scope="row"><label for="gr_id">게시판그룹회원</label></th> <option value="<?php echo $i ?>"><?php echo $i ?></option>
<td> <?php } ?>
<select name="gr_id" id="gr_id"> </select> 에서
<option value=''>전체</option> <label for="mb_level_to" class="sound_only">최대권한</label>
<?php <select name="mb_level_to" id="mb_level_to">
$sql = " select gr_id, gr_subject from {$g5['group_table']} order by gr_subject "; <?php for ($i = 1; $i <= 10; $i++) { ?>
$result = sql_query($sql); <option value="<?php echo $i ?>" <?php echo $i == 10 ? " selected" : ""; ?>><?php echo $i ?></option>
for ($i=0; $row=sql_fetch_array($result); $i++) { <?php } ?>
echo '<option value="'.$row['gr_id'].'">'.$row['gr_subject'].'</option>'; </select> 까지
} </td>
?> </tr>
</select> <tr>
</td> <th scope="row"><label for="gr_id">게시판그룹회원</label></th>
</tr> <td>
</tbody> <select name="gr_id" id="gr_id">
</table> <option value=''>전체</option>
</div> <?php
$sql = " select gr_id, gr_subject from {$g5['group_table']} order by gr_subject ";
<div class="btn_confirm01 btn_confirm"> $result = sql_query($sql);
<input type="submit" value="확인" class="btn_submit"> for ($i = 0; $row = sql_fetch_array($result); $i++) {
<a href="./mail_list.php">목록 </a> echo '<option value="' . $row['gr_id'] . '">' . $row['gr_subject'] . '</option>';
</div> }
</form> ?>
</select>
<?php </td>
include_once('./admin.tail.php'); </tr>
</tbody>
</table>
</div>
<div class="btn_confirm01 btn_confirm">
<input type="submit" value="확인" class="btn_submit">
<a href="./mail_list.php">목록 </a>
</div>
</form>
<?php
require_once './admin.tail.php';

119
adm/mail_select_list.php
View File

@ -1,25 +1,38 @@
<?php <?php
$sub_menu = "200300"; $sub_menu = "200300";
include_once('./_common.php'); require_once './_common.php';
auth_check_menu($auth, $sub_menu, 'r'); auth_check_menu($auth, $sub_menu, 'r');
$ma_id = isset($_REQUEST['ma_id']) ? (int) $_REQUEST['ma_id'] : 0;
$ma_last_option = ""; $ma_last_option = "";
$sql_common = " from {$g5['member_table']} "; $sql_common = " from {$g5['member_table']} ";
$sql_where = " where (1) "; $sql_where = " where (1) ";
$mb_id1 = isset($_POST['mb_id1']) ? (int) $_POST['mb_id1'] : 1;
$mb_id1_from = isset($_POST['mb_id1_from']) ? clean_xss_tags($_POST['mb_id1_from'], 1, 1, 30) : '';
$mb_id1_to = isset($_POST['mb_id1_to']) ? clean_xss_tags($_POST['mb_id1_to'], 1, 1, 30) : '';
$mb_email = isset($_POST['mb_email']) ? clean_xss_tags($_POST['mb_email'], 1, 1, 100) : '';
$mb_mailling = isset($_POST['mb_mailling']) ? clean_xss_tags($_POST['mb_mailling'], 1, 1, 100) : '';
$mb_level_from = isset($_POST['mb_level_from'])? (int) $_POST['mb_level_from'] : 1;
$mb_level_to = isset($_POST['mb_level_to']) ? (int) $_POST['mb_level_to'] : 10;
// 회원ID ..에서 ..까지 // 회원ID ..에서 ..까지
if ($mb_id1 != 1) if ($mb_id1 != 1) {
$sql_where .= " and mb_id between '{$mb_id1_from}' and '{$mb_id1_to}' "; $sql_where .= " and mb_id between '{$mb_id1_from}' and '{$mb_id1_to}' ";
}
// E-mail에 특정 단어 포함 // E-mail에 특정 단어 포함
if ($mb_email != "") if ($mb_email != "") {
$sql_where .= " and mb_email like '%{$mb_email}%' "; $sql_where .= " and mb_email like '%{$mb_email}%' ";
}
// 메일링 // 메일링
if ($mb_mailling != "") if ($mb_mailling != "") {
$sql_where .= " and mb_mailling = '{$mb_mailling}' "; $sql_where .= " and mb_mailling = '{$mb_mailling}' ";
}
// 권한 // 권한
$sql_where .= " and mb_level between '{$mb_level_from}' and '{$mb_level_to}' "; $sql_where .= " and mb_level between '{$mb_level_from}' and '{$mb_level_to}' ";
@ -30,13 +43,14 @@ if ($gr_id) {
$comma = ""; $comma = "";
$sql2 = " select mb_id from {$g5['group_member_table']} where gr_id = '{$gr_id}' order by mb_id "; $sql2 = " select mb_id from {$g5['group_member_table']} where gr_id = '{$gr_id}' order by mb_id ";
$result2 = sql_query($sql2); $result2 = sql_query($sql2);
for ($k=0; $row2=sql_fetch_array($result2); $k++) { for ($k = 0; $row2 = sql_fetch_array($result2); $k++) {
$group_member .= "{$comma}'{$row2['mb_id']}'"; $group_member .= "{$comma}'{$row2['mb_id']}'";
$comma = ","; $comma = ",";
} }
if (!$group_member) if (!$group_member) {
alert('선택하신 게시판 그룹회원이 한명도 없습니다.'); alert('선택하신 게시판 그룹회원이 한명도 없습니다.');
}
$sql_where .= " and mb_id in ($group_member) "; $sql_where .= " and mb_id in ($group_member) ";
} }
@ -47,8 +61,9 @@ $sql_where .= " and mb_leave_date = '' and mb_intercept_date = '' ";
$sql = " select COUNT(*) as cnt {$sql_common} {$sql_where} "; $sql = " select COUNT(*) as cnt {$sql_common} {$sql_where} ";
$row = sql_fetch($sql); $row = sql_fetch($sql);
$cnt = $row['cnt']; $cnt = $row['cnt'];
if ($cnt == 0) if ($cnt == 0) {
alert('선택하신 내용으로는 해당되는 회원자료가 없습니다.'); alert('선택하신 내용으로는 해당되는 회원자료가 없습니다.');
}
// 마지막 옵션을 저장합니다. // 마지막 옵션을 저장합니다.
$ma_last_option .= "mb_id1={$mb_id1}"; $ma_last_option .= "mb_id1={$mb_id1}";
@ -63,58 +78,58 @@ $ma_last_option .= "||gr_id={$gr_id}";
sql_query(" update {$g5['mail_table']} set ma_last_option = '{$ma_last_option}' where ma_id = '{$ma_id}' "); sql_query(" update {$g5['mail_table']} set ma_last_option = '{$ma_last_option}' where ma_id = '{$ma_id}' ");
$g5['title'] = "메일발송 대상 회원"; $g5['title'] = "메일발송 대상 회원";
include_once('./admin.head.php'); require_once './admin.head.php';
?> ?>
<form name="fmailselectlist" id="fmailselectlist" method="post" action="./mail_select_update.php"> <form name="fmailselectlist" id="fmailselectlist" method="post" action="./mail_select_update.php">
<input type="hidden" name="token" value=""> <input type="hidden" name="token" value="">
<input type="hidden" name="ma_id" value="<?php echo $ma_id ?>"> <input type="hidden" name="ma_id" value="<?php echo get_text($ma_id); ?>">
<div class="tbl_head01 tbl_wrap"> <div class="tbl_head01 tbl_wrap">
<table> <table>
<caption><?php echo $g5['title']; ?> 목록</caption> <caption><?php echo $g5['title']; ?> 목록</caption>
<thead> <thead>
<tr> <tr>
<th scope="col">번호</th> <th scope="col">번호</th>
<th scope="col">회원아이디</th> <th scope="col">회원아이디</th>
<th scope="col">이름</th> <th scope="col">이름</th>
<th scope="col">닉네임</th> <th scope="col">닉네임</th>
<th scope="col">E-mail</th> <th scope="col">E-mail</th>
</tr> </tr>
</thead> </thead>
<tbody> <tbody>
<?php <?php
$sql = " select mb_id, mb_name, mb_nick, mb_email, mb_datetime $sql_common $sql_where order by mb_id "; $sql = " select mb_id, mb_name, mb_nick, mb_email, mb_datetime $sql_common $sql_where order by mb_id ";
$result = sql_query($sql); $result = sql_query($sql);
$i=0; $i = 0;
$ma_list = ""; $ma_list = "";
$cr = ""; $cr = "";
while ($row=sql_fetch_array($result)) { while ($row = sql_fetch_array($result)) {
$i++; $i++;
$ma_list .= $cr . $row['mb_email'] . "||" . $row['mb_id'] . "||" . get_text($row['mb_name']) . "||" . $row['mb_nick'] . "||" . $row['mb_datetime']; $ma_list .= $cr . $row['mb_email'] . "||" . $row['mb_id'] . "||" . get_text($row['mb_name']) . "||" . $row['mb_nick'] . "||" . $row['mb_datetime'];
$cr = "\n"; $cr = "\n";
$bg = 'bg'.($i%2); $bg = 'bg' . ($i % 2);
?> ?>
<tr class="<?php echo $bg; ?>"> <tr class="<?php echo $bg; ?>">
<td class="td_num"><?php echo $i ?></td> <td class="td_num"><?php echo $i ?></td>
<td class="td_mbid"><?php echo $row['mb_id'] ?></td> <td class="td_mbid"><?php echo $row['mb_id'] ?></td>
<td class="td_mbname"><?php echo get_text($row['mb_name']); ?></td> <td class="td_mbname"><?php echo get_text($row['mb_name']); ?></td>
<td class="td_mbname"><?php echo $row['mb_nick'] ?></td> <td class="td_mbname"><?php echo $row['mb_nick'] ?></td>
<td><?php echo $row['mb_email'] ?></td> <td><?php echo $row['mb_email'] ?></td>
</tr> </tr>
<?php } ?> <?php } ?>
</tbody> </tbody>
</table> </table>
<textarea name="ma_list" style="display:none"><?php echo $ma_list?></textarea> <textarea name="ma_list" style="display:none"><?php echo $ma_list ?></textarea>
</div> </div>
<div class="btn_confirm01 btn_confirm"> <div class="btn_confirm01 btn_confirm">
<input type="submit" value="메일보내기" class="btn_submit"> <input type="submit" value="메일보내기" class="btn_submit">
<a href="./mail_select_form.php?ma_id=<?php echo $ma_id ?>">뒤로</a> <a href="./mail_select_form.php?ma_id=<?php echo $ma_id ?>">뒤로</a>
</div> </div>
</form> </form>
<?php <?php
include_once('./admin.tail.php'); require_once './admin.tail.php';

37
adm/mail_select_update.php
View File

@ -1,6 +1,6 @@
<?php <?php
$sub_menu = "200300"; $sub_menu = "200300";
include_once('./_common.php'); require_once './_common.php';
auth_check_menu($auth, $sub_menu, 'w'); auth_check_menu($auth, $sub_menu, 'w');
@ -10,8 +10,8 @@ check_demo();
check_admin_token(); check_admin_token();
include_once('./admin.head.php'); require_once './admin.head.php';
include_once(G5_LIB_PATH.'/mailer.lib.php'); require_once G5_LIB_PATH . '/mailer.lib.php';
$countgap = 10; // 몇건씩 보낼지 설정 $countgap = 10; // 몇건씩 보낼지 설정
$maxscreen = 500; // 몇건씩 화면에 보여줄건지? $maxscreen = 500; // 몇건씩 화면에 보여줄건지?
@ -25,7 +25,7 @@ echo "</span>";
<span id="cont"></span> <span id="cont"></span>
<?php <?php
include_once('./admin.tail.php'); require_once './admin.tail.php';
flush(); flush();
ob_flush(); ob_flush();
@ -43,25 +43,23 @@ $ma = sql_fetch($sql);
$subject = $ma['ma_subject']; $subject = $ma['ma_subject'];
$cnt = 0; $cnt = 0;
for ($i=0; $i<count($member_list); $i++) for ($i = 0; $i < count($member_list); $i++) {
{
list($to_email, $mb_id, $name, $nick, $datetime) = explode("||", trim($member_list[$i])); list($to_email, $mb_id, $name, $nick, $datetime) = explode("||", trim($member_list[$i]));
$sw = preg_match("/[0-9a-zA-Z_]+(\.[0-9a-zA-Z_]+)*@[0-9a-zA-Z_]+(\.[0-9a-zA-Z_]+)*/", $to_email); $sw = preg_match("/[0-9a-zA-Z_]+(\.[0-9a-zA-Z_]+)*@[0-9a-zA-Z_]+(\.[0-9a-zA-Z_]+)*/", $to_email);
// 올바른 메일 주소만 // 올바른 메일 주소만
if ($sw == true) if ($sw == true) {
{
$cnt++; $cnt++;
$mb_md5 = md5($mb_id.$to_email.$datetime); $mb_md5 = md5($mb_id . $to_email . $datetime);
$content = $ma['ma_content']; $content = $ma['ma_content'];
$content = preg_replace("/{이름}/", $name, $content); $content = preg_replace("/{이름}/", $name, (string)$content);
$content = preg_replace("/{닉네임}/", $nick, $content); $content = preg_replace("/{닉네임}/", $nick, (string)$content);
$content = preg_replace("/{회원아이디}/", $mb_id, $content); $content = preg_replace("/{회원아이디}/", $mb_id, (string)$content);
$content = preg_replace("/{이메일}/", $to_email, $content); $content = preg_replace("/{이메일}/", $to_email, (string)$content);
$content = $content . "<hr size=0><p><span style='font-size:9pt; font-family:굴림'>▶ 더 이상 정보 수신을 원치 않으시면 [<a href='".G5_BBS_URL."/email_stop.php?mb_id={$mb_id}&amp;mb_md5={$mb_md5}' target='_blank'>수신거부</a>] 해 주십시오.</span></p>"; $content = $content . "<hr size=0><p><span style='font-size:9pt; font-family:굴림'>▶ 더 이상 정보 수신을 원치 않으시면 [<a href='" . G5_BBS_URL . "/email_stop.php?mb_id={$mb_id}&amp;mb_md5={$mb_md5}' target='_blank'>수신거부</a>] 해 주십시오.</span></p>";
mailer($config['cf_admin_email_name'], $config['cf_admin_email'], $to_email, $subject, $content, 1); mailer($config['cf_admin_email_name'], $config['cf_admin_email'], $to_email, $subject, $content, 1);
@ -71,15 +69,18 @@ for ($i=0; $i<count($member_list); $i++)
ob_flush(); ob_flush();
ob_end_flush(); ob_end_flush();
usleep($sleepsec); usleep($sleepsec);
if ($cnt % $countgap == 0) if ($cnt % $countgap == 0) {
{
echo "<script> document.all.cont.innerHTML += '<br>'; document.body.scrollTop += 1000; </script>\n"; echo "<script> document.all.cont.innerHTML += '<br>'; document.body.scrollTop += 1000; </script>\n";
} }
// 화면을 지운다... 부하를 줄임 // 화면을 지운다... 부하를 줄임
if ($cnt % $maxscreen == 0) if ($cnt % $maxscreen == 0) {
echo "<script> document.all.cont.innerHTML = ''; document.body.scrollTop += 1000; </script>\n"; echo "<script> document.all.cont.innerHTML = ''; document.body.scrollTop += 1000; </script>\n";
}
} }
} }
?> ?>
<script> document.all.cont.innerHTML += "<br><br>총 <?php echo number_format($cnt) ?>건 발송<br><br><font color=crimson><b>[끝]</b></font>"; document.body.scrollTop += 1000; </script> <script>
document.all.cont.innerHTML += "<br><br>총 <?php echo number_format($cnt) ?>건 발송<br><br><font color=crimson><b>[끝]</b></font>";
document.body.scrollTop += 1000;
</script>

21
adm/mail_test.php
View File

@ -1,11 +1,12 @@
<?php <?php
$sub_menu = "200300"; $sub_menu = "200300";
include_once('./_common.php'); require_once './_common.php';
if (!$config['cf_email_use']) if (!$config['cf_email_use']) {
alert('환경설정에서 \'메일발송 사용\'에 체크하셔야 메일을 발송할 수 있습니다.'); alert('환경설정에서 \'메일발송 사용\'에 체크하셔야 메일을 발송할 수 있습니다.');
}
include_once(G5_LIB_PATH.'/mailer.lib.php'); require_once G5_LIB_PATH . '/mailer.lib.php';
auth_check_menu($auth, $sub_menu, 'w'); auth_check_menu($auth, $sub_menu, 'w');
@ -25,15 +26,15 @@ $ma = sql_fetch($sql);
$subject = $ma['ma_subject']; $subject = $ma['ma_subject'];
$content = $ma['ma_content']; $content = $ma['ma_content'];
$content = preg_replace("/{이름}/", $name, $content); $content = preg_replace("/{이름}/", $name, (string)$content);
$content = preg_replace("/{닉네임}/", $nick, $content); $content = preg_replace("/{닉네임}/", $nick, (string)$content);
$content = preg_replace("/{회원아이디}/", $mb_id, $content); $content = preg_replace("/{회원아이디}/", $mb_id, (string)$content);
$content = preg_replace("/{이메일}/", $email, $content); $content = preg_replace("/{이메일}/", $email, (string)$content);
$mb_md5 = md5($member['mb_id'].$member['mb_email'].$member['mb_datetime']); $mb_md5 = md5($member['mb_id'] . $member['mb_email'] . $member['mb_datetime']);
$content = $content . '<p>더 이상 정보 수신을 원치 않으시면 [<a href="'.G5_BBS_URL.'/email_stop.php?mb_id='.$mb_id.'&amp;mb_md5='.$mb_md5.'" target="_blank">수신거부</a>] 해 주십시오.</p>'; $content = $content . '<p>더 이상 정보 수신을 원치 않으시면 [<a href="' . G5_BBS_URL . '/email_stop.php?mb_id=' . $mb_id . '&amp;mb_md5=' . $mb_md5 . '" target="_blank">수신거부</a>] 해 주십시오.</p>';
mailer($config['cf_title'], $member['mb_email'], $member['mb_email'], $subject, $content, 1); mailer($config['cf_title'], $member['mb_email'], $member['mb_email'], $subject, $content, 1);
alert($member['mb_nick'].'('.$member['mb_email'].')님께 테스트 메일을 발송하였습니다. 확인하여 주십시오.'); alert($member['mb_nick'] . '(' . $member['mb_email'] . ')님께 테스트 메일을 발송하였습니다. 확인하여 주십시오.');

24
adm/mail_update.php
View File

@ -1,9 +1,10 @@
<?php <?php
$sub_menu = "200300"; $sub_menu = "200300";
include_once('./_common.php'); require_once './_common.php';
if ($w == 'u' || $w == 'd') if ($w == 'u' || $w == 'd') {
check_demo(); check_demo();
}
auth_check_menu($auth, $sub_menu, 'w'); auth_check_menu($auth, $sub_menu, 'w');
@ -13,29 +14,24 @@ $ma_id = isset($_POST['ma_id']) ? (int) $_POST['ma_id'] : 0;
$ma_subject = isset($_POST['ma_subject']) ? strip_tags(clean_xss_attributes($_POST['ma_subject'])) : ''; $ma_subject = isset($_POST['ma_subject']) ? strip_tags(clean_xss_attributes($_POST['ma_subject'])) : '';
$ma_content = isset($_POST['ma_content']) ? $_POST['ma_content'] : ''; $ma_content = isset($_POST['ma_content']) ? $_POST['ma_content'] : '';
if ($w == '') if ($w == '') {
{
$sql = " insert {$g5['mail_table']} $sql = " insert {$g5['mail_table']}
set ma_subject = '{$ma_subject}', set ma_subject = '{$ma_subject}',
ma_content = '{$ma_content}', ma_content = '{$ma_content}',
ma_time = '".G5_TIME_YMDHIS."', ma_time = '" . G5_TIME_YMDHIS . "',
ma_ip = '{$_SERVER['REMOTE_ADDR']}' "; ma_ip = '{$_SERVER['REMOTE_ADDR']}' ";
sql_query($sql); sql_query($sql);
} } elseif ($w == 'u') {
else if ($w == 'u')
{
$sql = " update {$g5['mail_table']} $sql = " update {$g5['mail_table']}
set ma_subject = '{$ma_subject}', set ma_subject = '{$ma_subject}',
ma_content = '{$ma_content}', ma_content = '{$ma_content}',
ma_time = '".G5_TIME_YMDHIS."', ma_time = '" . G5_TIME_YMDHIS . "',
ma_ip = '{$_SERVER['REMOTE_ADDR']}' ma_ip = '{$_SERVER['REMOTE_ADDR']}'
where ma_id = '{$ma_id}' "; where ma_id = '{$ma_id}' ";
sql_query($sql); sql_query($sql);
} } elseif ($w == 'd') {
else if ($w == 'd') $sql = " delete from {$g5['mail_table']} where ma_id = '{$ma_id}' ";
{
$sql = " delete from {$g5['mail_table']} where ma_id = '{$ma_id}' ";
sql_query($sql); sql_query($sql);
} }
goto_url('./mail_list.php'); goto_url('./mail_list.php');

20
adm/member_delete.php
View File

@ -1,6 +1,6 @@
<?php <?php
$sub_menu = "200100"; $sub_menu = "200100";
include_once("./_common.php"); require_once "./_common.php";
check_demo(); check_demo();
@ -8,21 +8,23 @@ auth_check_menu($auth, $sub_menu, "d");
$mb = isset($_POST['mb_id']) ? get_member($_POST['mb_id']) : array(); $mb = isset($_POST['mb_id']) ? get_member($_POST['mb_id']) : array();
if (! (isset($mb['mb_id']) && $mb['mb_id'])) if (!(isset($mb['mb_id']) && $mb['mb_id'])) {
alert("회원자료가 존재하지 않습니다."); alert("회원자료가 존재하지 않습니다.");
else if ($member['mb_id'] == $mb['mb_id']) } elseif ($member['mb_id'] == $mb['mb_id']) {
alert("로그인 중인 관리자는 삭제 할 수 없습니다."); alert("로그인 중인 관리자는 삭제 할 수 없습니다.");
else if (is_admin($mb['mb_id']) == "super") } elseif (is_admin($mb['mb_id']) == "super") {
alert("최고 관리자는 삭제할 수 없습니다."); alert("최고 관리자는 삭제할 수 없습니다.");
else if ($mb['mb_level'] >= $member['mb_level']) } elseif ($mb['mb_level'] >= $member['mb_level']) {
alert("자신보다 권한이 높거나 같은 회원은 삭제할 수 없습니다."); alert("자신보다 권한이 높거나 같은 회원은 삭제할 수 없습니다.");
}
check_admin_token(); check_admin_token();
// 회원자료 삭제 // 회원자료 삭제
member_delete($mb['mb_id']); member_delete($mb['mb_id']);
if ($url) if (isset($url)) {
goto_url("{$url}?$qstr&amp;w=u&amp;mb_id=$mb_id"); goto_url("{$url}?$qstr&amp;w=u&amp;mb_id=" . $mb['mb_id']);
else } else {
goto_url("./member_list.php?$qstr"); goto_url("./member_list.php?$qstr");
}

872
adm/member_form.php
View File

@ -1,50 +1,51 @@
<?php <?php
$sub_menu = "200100"; $sub_menu = "200100";
include_once('./_common.php'); require_once './_common.php';
auth_check_menu($auth, $sub_menu, 'w'); auth_check_menu($auth, $sub_menu, 'w');
$mb = array( $mb = array(
'mb_certify' => null, 'mb_certify' => null,
'mb_adult' => null, 'mb_adult' => null,
'mb_sms' => null, 'mb_sms' => null,
'mb_intercept_date' => null, 'mb_intercept_date' => null,
'mb_id' => null, 'mb_id' => null,
'mb_name' => null, 'mb_name' => null,
'mb_nick' => null, 'mb_nick' => null,
'mb_point' => null, 'mb_point' => null,
'mb_email' => null, 'mb_email' => null,
'mb_homepage' => null, 'mb_homepage' => null,
'mb_hp' => null, 'mb_hp' => null,
'mb_tel' => null, 'mb_tel' => null,
'mb_zip1' => null, 'mb_zip1' => null,
'mb_zip2' => null, 'mb_zip2' => null,
'mb_addr1' => null, 'mb_addr1' => null,
'mb_addr2' => null, 'mb_addr2' => null,
'mb_addr3' => null, 'mb_addr3' => null,
'mb_addr_jibeon' => null, 'mb_addr_jibeon' => null,
'mb_signature' => null, 'mb_signature' => null,
'mb_profile' => null, 'mb_profile' => null,
'mb_memo' => null, 'mb_memo' => null,
'mb_leave_date' => null, 'mb_leave_date' => null,
'mb_1' => null, 'mb_1' => null,
'mb_2' => null, 'mb_2' => null,
'mb_3' => null, 'mb_3' => null,
'mb_4' => null, 'mb_4' => null,
'mb_5' => null, 'mb_5' => null,
'mb_6' => null, 'mb_6' => null,
'mb_7' => null, 'mb_7' => null,
'mb_8' => null, 'mb_8' => null,
'mb_9' => null, 'mb_9' => null,
'mb_10' => null, 'mb_10' => null,
); );
$sound_only = ''; $sound_only = '';
$required_mb_id = '';
$required_mb_id_class = ''; $required_mb_id_class = '';
$required_mb_password = ''; $required_mb_password = '';
$html_title = '';
if ($w == '') if ($w == '') {
{
$required_mb_id = 'required'; $required_mb_id = 'required';
$required_mb_id_class = 'required alnum_'; $required_mb_id_class = 'required alnum_';
$required_mb_password = 'required'; $required_mb_password = 'required';
@ -54,15 +55,15 @@ if ($w == '')
$mb['mb_open'] = 1; $mb['mb_open'] = 1;
$mb['mb_level'] = $config['cf_register_level']; $mb['mb_level'] = $config['cf_register_level'];
$html_title = '추가'; $html_title = '추가';
} } elseif ($w == 'u') {
else if ($w == 'u')
{
$mb = get_member($mb_id); $mb = get_member($mb_id);
if (!$mb['mb_id']) if (!$mb['mb_id']) {
alert('존재하지 않는 회원자료입니다.'); alert('존재하지 않는 회원자료입니다.');
}
if ($is_admin != 'super' && $mb['mb_level'] >= $member['mb_level']) if ($is_admin != 'super' && $mb['mb_level'] >= $member['mb_level']) {
alert('자신보다 권한이 높거나 같은 회원은 수정할 수 없습니다.'); alert('자신보다 권한이 높거나 같은 회원은 수정할 수 없습니다.');
}
$required_mb_id = 'readonly'; $required_mb_id = 'readonly';
$html_title = '수정'; $html_title = '수정';
@ -90,12 +91,12 @@ else if ($w == 'u')
$mb['mb_8'] = get_text($mb['mb_8']); $mb['mb_8'] = get_text($mb['mb_8']);
$mb['mb_9'] = get_text($mb['mb_9']); $mb['mb_9'] = get_text($mb['mb_9']);
$mb['mb_10'] = get_text($mb['mb_10']); $mb['mb_10'] = get_text($mb['mb_10']);
} } else {
else
alert('제대로 된 값이 넘어오지 않았습니다.'); alert('제대로 된 값이 넘어오지 않았습니다.');
}
// 본인확인방법 // 본인확인방법
switch($mb['mb_certify']) { switch ($mb['mb_certify']) {
case 'simple': case 'simple':
$mb_certify_case = '간편인증'; $mb_certify_case = '간편인증';
$mb_certify_val = 'simple'; $mb_certify_val = 'simple';
@ -147,39 +148,40 @@ if (isset($mb['mb_certify'])) {
sql_query(" ALTER TABLE `{$g5['member_table']}` ADD `mb_certify` TINYINT(4) NOT NULL DEFAULT '0' AFTER `mb_hp` ", false); sql_query(" ALTER TABLE `{$g5['member_table']}` ADD `mb_certify` TINYINT(4) NOT NULL DEFAULT '0' AFTER `mb_hp` ", false);
} }
if(isset($mb['mb_adult'])) { if (isset($mb['mb_adult'])) {
sql_query(" ALTER TABLE `{$g5['member_table']}` CHANGE `mb_adult` `mb_adult` TINYINT(4) NOT NULL DEFAULT '0' ", false); sql_query(" ALTER TABLE `{$g5['member_table']}` CHANGE `mb_adult` `mb_adult` TINYINT(4) NOT NULL DEFAULT '0' ", false);
} else { } else {
sql_query(" ALTER TABLE `{$g5['member_table']}` ADD `mb_adult` TINYINT NOT NULL DEFAULT '0' AFTER `mb_certify` ", false); sql_query(" ALTER TABLE `{$g5['member_table']}` ADD `mb_adult` TINYINT NOT NULL DEFAULT '0' AFTER `mb_certify` ", false);
} }
// 지번주소 필드추가 // 지번주소 필드추가
if(!isset($mb['mb_addr_jibeon'])) { if (!isset($mb['mb_addr_jibeon'])) {
sql_query(" ALTER TABLE {$g5['member_table']} ADD `mb_addr_jibeon` varchar(255) NOT NULL DEFAULT '' AFTER `mb_addr2` ", false); sql_query(" ALTER TABLE {$g5['member_table']} ADD `mb_addr_jibeon` varchar(255) NOT NULL DEFAULT '' AFTER `mb_addr2` ", false);
} }
// 건물명필드추가 // 건물명필드추가
if(!isset($mb['mb_addr3'])) { if (!isset($mb['mb_addr3'])) {
sql_query(" ALTER TABLE {$g5['member_table']} ADD `mb_addr3` varchar(255) NOT NULL DEFAULT '' AFTER `mb_addr2` ", false); sql_query(" ALTER TABLE {$g5['member_table']} ADD `mb_addr3` varchar(255) NOT NULL DEFAULT '' AFTER `mb_addr2` ", false);
} }
// 중복가입 확인필드 추가 // 중복가입 확인필드 추가
if(!isset($mb['mb_dupinfo'])) { if (!isset($mb['mb_dupinfo'])) {
sql_query(" ALTER TABLE {$g5['member_table']} ADD `mb_dupinfo` varchar(255) NOT NULL DEFAULT '' AFTER `mb_adult` ", false); sql_query(" ALTER TABLE {$g5['member_table']} ADD `mb_dupinfo` varchar(255) NOT NULL DEFAULT '' AFTER `mb_adult` ", false);
} }
// 이메일인증 체크 필드추가 // 이메일인증 체크 필드추가
if(!isset($mb['mb_email_certify2'])) { if (!isset($mb['mb_email_certify2'])) {
sql_query(" ALTER TABLE {$g5['member_table']} ADD `mb_email_certify2` varchar(255) NOT NULL DEFAULT '' AFTER `mb_email_certify` ", false); sql_query(" ALTER TABLE {$g5['member_table']} ADD `mb_email_certify2` varchar(255) NOT NULL DEFAULT '' AFTER `mb_email_certify` ", false);
} }
// 본인인증 내역 테이블 정보가 dbconfig에 없으면 소셜 테이블 정의 // 본인인증 내역 테이블 정보가 dbconfig에 없으면 소셜 테이블 정의
if( !isset($g5['member_cert_history']) ){ if (!isset($g5['member_cert_history'])) {
$g5['member_cert_history_table'] = G5_TABLE_PREFIX.'member_cert_history'; $g5['member_cert_history_table'] = G5_TABLE_PREFIX . 'member_cert_history';
} }
// 멤버 본인인증 정보 변경 내역 테이블 없을 경우 생성 // 멤버 본인인증 정보 변경 내역 테이블 없을 경우 생성
if(isset($g5['member_cert_history_table']) && !sql_query(" DESC {$g5['member_cert_history_table']} ", false)) { if (isset($g5['member_cert_history_table']) && !sql_query(" DESC {$g5['member_cert_history_table']} ", false)) {
sql_query(" CREATE TABLE IF NOT EXISTS `{$g5['member_cert_history_table']}` ( sql_query(
" CREATE TABLE IF NOT EXISTS `{$g5['member_cert_history_table']}` (
`ch_id` int(11) NOT NULL auto_increment, `ch_id` int(11) NOT NULL auto_increment,
`mb_id` varchar(20) NOT NULL DEFAULT '', `mb_id` varchar(20) NOT NULL DEFAULT '',
`ch_name` varchar(255) NOT NULL DEFAULT '', `ch_name` varchar(255) NOT NULL DEFAULT '',
@ -189,7 +191,9 @@ if(isset($g5['member_cert_history_table']) && !sql_query(" DESC {$g5['member_cer
`ch_datetime` datetime NOT NULL default '0000-00-00 00:00:00', `ch_datetime` datetime NOT NULL default '0000-00-00 00:00:00',
PRIMARY KEY (`ch_id`), PRIMARY KEY (`ch_id`),
KEY `mb_id` (`mb_id`) KEY `mb_id` (`mb_id`)
) ", true); ) ",
true
);
} }
$mb_cert_history = ''; $mb_cert_history = '';
@ -198,389 +202,429 @@ if (isset($mb_id) && $mb_id) {
$mb_cert_history = sql_query($sql); $mb_cert_history = sql_query($sql);
} }
if ($mb['mb_intercept_date']) $g5['title'] = "차단된 "; if ($mb['mb_intercept_date']) {
else $g5['title'] .= ""; $g5['title'] = "차단된 ";
$g5['title'] .= '회원 '.$html_title; } else {
include_once('./admin.head.php'); $g5['title'] .= "";
}
$g5['title'] .= '회원 ' . $html_title;
require_once './admin.head.php';
// add_javascript('js 구문', 출력순서); 숫자가 작을 수록 먼저 출력됨 // add_javascript('js 구문', 출력순서); 숫자가 작을 수록 먼저 출력됨
add_javascript(G5_POSTCODE_JS, 0); //다음 주소 js add_javascript(G5_POSTCODE_JS, 0); //다음 주소 js
?> ?>
<form name="fmember" id="fmember" action="./member_form_update.php" onsubmit="return fmember_submit(this);" method="post" enctype="multipart/form-data"> <form name="fmember" id="fmember" action="./member_form_update.php" onsubmit="return fmember_submit(this);" method="post" enctype="multipart/form-data">
<input type="hidden" name="w" value="<?php echo $w ?>"> <input type="hidden" name="w" value="<?php echo $w ?>">
<input type="hidden" name="sfl" value="<?php echo $sfl ?>"> <input type="hidden" name="sfl" value="<?php echo $sfl ?>">
<input type="hidden" name="stx" value="<?php echo $stx ?>"> <input type="hidden" name="stx" value="<?php echo $stx ?>">
<input type="hidden" name="sst" value="<?php echo $sst ?>"> <input type="hidden" name="sst" value="<?php echo $sst ?>">
<input type="hidden" name="sod" value="<?php echo $sod ?>"> <input type="hidden" name="sod" value="<?php echo $sod ?>">
<input type="hidden" name="page" value="<?php echo $page ?>"> <input type="hidden" name="page" value="<?php echo $page ?>">
<input type="hidden" name="token" value=""> <input type="hidden" name="token" value="">
<div class="tbl_frm01 tbl_wrap"> <div class="tbl_frm01 tbl_wrap">
<table> <table>
<caption><?php echo $g5['title']; ?></caption> <caption><?php echo $g5['title']; ?></caption>
<colgroup> <colgroup>
<col class="grid_4"> <col class="grid_4">
<col> <col>
<col class="grid_4"> <col class="grid_4">
<col> <col>
</colgroup> </colgroup>
<tbody> <tbody>
<tr> <tr>
<th scope="row"><label for="mb_id">아이디<?php echo $sound_only ?></label></th> <th scope="row"><label for="mb_id">아이디<?php echo $sound_only ?></label></th>
<td> <td>
<input type="text" name="mb_id" value="<?php echo $mb['mb_id'] ?>" id="mb_id" <?php echo $required_mb_id ?> class="frm_input <?php echo $required_mb_id_class ?>" size="15" maxlength="20"> <input type="text" name="mb_id" value="<?php echo $mb['mb_id'] ?>" id="mb_id" <?php echo $required_mb_id ?> class="frm_input <?php echo $required_mb_id_class ?>" size="15" maxlength="20">
<?php if ($w=='u'){ ?><a href="./boardgroupmember_form.php?mb_id=<?php echo $mb['mb_id'] ?>" class="btn_frmline">접근가능그룹보기</a><?php } ?> <?php if ($w == 'u') { ?><a href="./boardgroupmember_form.php?mb_id=<?php echo $mb['mb_id'] ?>" class="btn_frmline">접근가능그룹보기</a><?php } ?>
</td> </td>
<th scope="row"><label for="mb_password">비밀번호<?php echo $sound_only ?></label></th> <th scope="row"><label for="mb_password">비밀번호<?php echo $sound_only ?></label></th>
<td><input type="password" name="mb_password" id="mb_password" <?php echo $required_mb_password ?> class="frm_input <?php echo $required_mb_password ?>" size="15" maxlength="20"></td> <td>
</tr> <div>
<tr> <input type="password" name="mb_password" id="mb_password" <?php echo $required_mb_password ?> class="frm_input <?php echo $required_mb_password ?>" size="15" maxlength="20">
<th scope="row"><label for="mb_name">이름(실명)<strong class="sound_only">필수</strong></label></th> </div>
<td><input type="text" name="mb_name" value="<?php echo $mb['mb_name'] ?>" id="mb_name" required class="required frm_input" size="15" maxlength="20"></td> <div id="mb_password_captcha_wrap" style="display:none">
<th scope="row"><label for="mb_nick">닉네임<strong class="sound_only">필수</strong></label></th> <?php
<td><input type="text" name="mb_nick" value="<?php echo $mb['mb_nick'] ?>" id="mb_nick" required class="required frm_input" size="15" maxlength="20"></td> require_once G5_CAPTCHA_PATH . '/captcha.lib.php';
</tr> $captcha_html = captcha_html();
<tr> $captcha_js = chk_captcha_js();
<th scope="row"><label for="mb_level">회원 권한</label></th> echo $captcha_html;
<td><?php echo get_member_level_select('mb_level', 1, $member['mb_level'], $mb['mb_level']) ?></td> ?>
<th scope="row">포인트</th> </div>
<td><a href="./point_list.php?sfl=mb_id&amp;stx=<?php echo $mb['mb_id'] ?>" target="_blank"><?php echo number_format($mb['mb_point']) ?></a> 점</td> </td>
</tr> </tr>
<tr> <tr>
<th scope="row"><label for="mb_email">E-mail<strong class="sound_only">필수</strong></label></th> <th scope="row"><label for="mb_name">이름(실명)<strong class="sound_only">필수</strong></label></th>
<td><input type="text" name="mb_email" value="<?php echo $mb['mb_email'] ?>" id="mb_email" maxlength="100" required class="required frm_input email" size="30"></td> <td><input type="text" name="mb_name" value="<?php echo $mb['mb_name'] ?>" id="mb_name" required class="required frm_input" size="15" maxlength="20"></td>
<th scope="row"><label for="mb_homepage">홈페이지</label></th> <th scope="row"><label for="mb_nick">닉네임<strong class="sound_only">필수</strong></label></th>
<td><input type="text" name="mb_homepage" value="<?php echo $mb['mb_homepage'] ?>" id="mb_homepage" class="frm_input" maxlength="255" size="15"></td> <td><input type="text" name="mb_nick" value="<?php echo $mb['mb_nick'] ?>" id="mb_nick" required class="required frm_input" size="15" maxlength="20"></td>
</tr> </tr>
<tr> <tr>
<th scope="row"><label for="mb_hp">휴대폰번호</label></th> <th scope="row"><label for="mb_level">회원 권한</label></th>
<td><input type="text" name="mb_hp" value="<?php echo $mb['mb_hp'] ?>" id="mb_hp" class="frm_input" size="15" maxlength="20"></td> <td><?php echo get_member_level_select('mb_level', 1, $member['mb_level'], $mb['mb_level']) ?></td>
<th scope="row"><label for="mb_tel">전화번호</label></th> <th scope="row">포인트</th>
<td><input type="text" name="mb_tel" value="<?php echo $mb['mb_tel'] ?>" id="mb_tel" class="frm_input" size="15" maxlength="20"></td> <td><a href="./point_list.php?sfl=mb_id&amp;stx=<?php echo $mb['mb_id'] ?>" target="_blank"><?php echo number_format($mb['mb_point']) ?></a> 점</td>
</tr> </tr>
<tr> <tr>
<th scope="row">본인확인방법</th> <th scope="row"><label for="mb_email">E-mail<strong class="sound_only">필수</strong></label></th>
<td colspan="3"> <td><input type="text" name="mb_email" value="<?php echo $mb['mb_email'] ?>" id="mb_email" maxlength="100" required class="required frm_input email" size="30"></td>
<input type="radio" name="mb_certify_case" value="simple" id="mb_certify_sa" <?php if($mb['mb_certify'] == 'simple') echo 'checked="checked"'; ?>> <th scope="row"><label for="mb_homepage">홈페이지</label></th>
<label for="mb_certify_sa">간편인증</label> <td><input type="text" name="mb_homepage" value="<?php echo $mb['mb_homepage'] ?>" id="mb_homepage" class="frm_input" maxlength="255" size="15"></td>
<input type="radio" name="mb_certify_case" value="hp" id="mb_certify_hp" <?php if($mb['mb_certify'] == 'hp') echo 'checked="checked"'; ?>> </tr>
<label for="mb_certify_hp">휴대폰</label> <tr>
<input type="radio" name="mb_certify_case" value="ipin" id="mb_certify_ipin" <?php if($mb['mb_certify'] == 'ipin') echo 'checked="checked"'; ?>> <th scope="row"><label for="mb_hp">휴대폰번호</label></th>
<label for="mb_certify_ipin">아이핀</label> <td><input type="text" name="mb_hp" value="<?php echo $mb['mb_hp'] ?>" id="mb_hp" class="frm_input" size="15" maxlength="20"></td>
</td> <th scope="row"><label for="mb_tel">전화번호</label></th>
</tr> <td><input type="text" name="mb_tel" value="<?php echo $mb['mb_tel'] ?>" id="mb_tel" class="frm_input" size="15" maxlength="20"></td>
<tr> </tr>
<th scope="row">본인확인</th> <tr>
<td> <th scope="row">본인확인방법</th>
<input type="radio" name="mb_certify" value="1" id="mb_certify_yes" <?php echo $mb_certify_yes; ?>> <td colspan="3">
<label for="mb_certify_yes">예</label> <input type="radio" name="mb_certify_case" value="simple" id="mb_certify_sa" <?php if ($mb['mb_certify'] == 'simple') { echo 'checked="checked"'; } ?>>
<input type="radio" name="mb_certify" value="" id="mb_certify_no" <?php echo $mb_certify_no; ?>> <label for="mb_certify_sa">간편인증</label>
<label for="mb_certify_no">아니오</label> <input type="radio" name="mb_certify_case" value="hp" id="mb_certify_hp" <?php if ($mb['mb_certify'] == 'hp') { echo 'checked="checked"'; } ?>>
</td> <label for="mb_certify_hp">휴대폰</label>
<th scope="row">성인인증</th> <input type="radio" name="mb_certify_case" value="ipin" id="mb_certify_ipin" <?php if ($mb['mb_certify'] == 'ipin') { echo 'checked="checked"'; } ?>>
<td> <label for="mb_certify_ipin">아이핀</label>
<input type="radio" name="mb_adult" value="1" id="mb_adult_yes" <?php echo $mb_adult_yes; ?>> </td>
<label for="mb_adult_yes">예</label> </tr>
<input type="radio" name="mb_adult" value="0" id="mb_adult_no" <?php echo $mb_adult_no; ?>> <tr>
<label for="mb_adult_no">아니오</label> <th scope="row">본인확인</th>
</td> <td>
</tr> <input type="radio" name="mb_certify" value="1" id="mb_certify_yes" <?php echo $mb_certify_yes; ?>>
<tr> <label for="mb_certify_yes">예</label>
<th scope="row">주소</th> <input type="radio" name="mb_certify" value="0" id="mb_certify_no" <?php echo $mb_certify_no; ?>>
<td colspan="3" class="td_addr_line"> <label for="mb_certify_no">아니오</label>
<label for="mb_zip" class="sound_only">우편번호</label> </td>
<input type="text" name="mb_zip" value="<?php echo $mb['mb_zip1'].$mb['mb_zip2']; ?>" id="mb_zip" class="frm_input readonly" size="5" maxlength="6"> <th scope="row">성인인증</th>
<button type="button" class="btn_frmline" onclick="win_zip('fmember', 'mb_zip', 'mb_addr1', 'mb_addr2', 'mb_addr3', 'mb_addr_jibeon');">주소 검색</button><br> <td>
<input type="text" name="mb_addr1" value="<?php echo $mb['mb_addr1'] ?>" id="mb_addr1" class="frm_input readonly" size="60"> <input type="radio" name="mb_adult" value="1" id="mb_adult_yes" <?php echo $mb_adult_yes; ?>>
<label for="mb_addr1">기본주소</label><br> <label for="mb_adult_yes">예</label>
<input type="text" name="mb_addr2" value="<?php echo $mb['mb_addr2'] ?>" id="mb_addr2" class="frm_input" size="60"> <input type="radio" name="mb_adult" value="0" id="mb_adult_no" <?php echo $mb_adult_no; ?>>
<label for="mb_addr2">상세주소</label> <label for="mb_adult_no">아니오</label>
<br> </td>
<input type="text" name="mb_addr3" value="<?php echo $mb['mb_addr3'] ?>" id="mb_addr3" class="frm_input" size="60"> </tr>
<label for="mb_addr3">참고항목</label> <tr>
<input type="hidden" name="mb_addr_jibeon" value="<?php echo $mb['mb_addr_jibeon']; ?>"><br> <th scope="row">주소</th>
</td> <td colspan="3" class="td_addr_line">
</tr> <label for="mb_zip" class="sound_only">우편번호</label>
<tr> <input type="text" name="mb_zip" value="<?php echo $mb['mb_zip1'] . $mb['mb_zip2']; ?>" id="mb_zip" class="frm_input readonly" size="5" maxlength="6">
<th scope="row"><label for="mb_icon">회원아이콘</label></th> <button type="button" class="btn_frmline" onclick="win_zip('fmember', 'mb_zip', 'mb_addr1', 'mb_addr2', 'mb_addr3', 'mb_addr_jibeon');">주소 검색</button><br>
<td colspan="3"> <input type="text" name="mb_addr1" value="<?php echo $mb['mb_addr1'] ?>" id="mb_addr1" class="frm_input readonly" size="60">
<?php echo help('이미지 크기는 <strong>넓이 '.$config['cf_member_icon_width'].'픽셀 높이 '.$config['cf_member_icon_height'].'픽셀</strong>로 해주세요.') ?> <label for="mb_addr1">기본주소</label><br>
<input type="file" name="mb_icon" id="mb_icon"> <input type="text" name="mb_addr2" value="<?php echo $mb['mb_addr2'] ?>" id="mb_addr2" class="frm_input" size="60">
<?php <label for="mb_addr2">상세주소</label>
$mb_dir = substr($mb['mb_id'],0,2); <br>
$icon_file = G5_DATA_PATH.'/member/'.$mb_dir.'/'.get_mb_icon_name($mb['mb_id']).'.gif'; <input type="text" name="mb_addr3" value="<?php echo $mb['mb_addr3'] ?>" id="mb_addr3" class="frm_input" size="60">
if (file_exists($icon_file)) { <label for="mb_addr3">참고항목</label>
$icon_url = str_replace(G5_DATA_PATH, G5_DATA_URL, $icon_file); <input type="hidden" name="mb_addr_jibeon" value="<?php echo $mb['mb_addr_jibeon']; ?>"><br>
$icon_filemtile = (defined('G5_USE_MEMBER_IMAGE_FILETIME') && G5_USE_MEMBER_IMAGE_FILETIME) ? '?'.filemtime($icon_file) : ''; </td>
echo '<img src="'.$icon_url.$icon_filemtile.'" alt="">'; </tr>
echo '<input type="checkbox" id="del_mb_icon" name="del_mb_icon" value="1">삭제'; <tr>
} <th scope="row"><label for="mb_icon">회원아이콘</label></th>
?> <td colspan="3">
</td> <?php echo help('이미지 크기는 <strong>넓이 ' . $config['cf_member_icon_width'] . '픽셀 높이 ' . $config['cf_member_icon_height'] . '픽셀</strong>로 해주세요.') ?>
</tr> <input type="file" name="mb_icon" id="mb_icon">
<tr> <?php
<th scope="row"><label for="mb_img">회원이미지</label></th> $mb_dir = substr($mb['mb_id'], 0, 2);
<td colspan="3"> $icon_file = G5_DATA_PATH . '/member/' . $mb_dir . '/' . get_mb_icon_name($mb['mb_id']) . '.gif';
<?php echo help('이미지 크기는 <strong>넓이 '.$config['cf_member_img_width'].'픽셀 높이 '.$config['cf_member_img_height'].'픽셀</strong>로 해주세요.') ?> if (file_exists($icon_file)) {
<input type="file" name="mb_img" id="mb_img"> $icon_url = str_replace(G5_DATA_PATH, G5_DATA_URL, $icon_file);
<?php $icon_filemtile = (defined('G5_USE_MEMBER_IMAGE_FILETIME') && G5_USE_MEMBER_IMAGE_FILETIME) ? '?' . filemtime($icon_file) : '';
$mb_dir = substr($mb['mb_id'],0,2); echo '<img src="' . $icon_url . $icon_filemtile . '" alt="">';
$icon_file = G5_DATA_PATH.'/member_image/'.$mb_dir.'/'.get_mb_icon_name($mb['mb_id']).'.gif'; echo '<input type="checkbox" id="del_mb_icon" name="del_mb_icon" value="1">삭제';
if (file_exists($icon_file)) {
echo get_member_profile_img($mb['mb_id']);
echo '<input type="checkbox" id="del_mb_img" name="del_mb_img" value="1">삭제';
}
?>
</td>
</tr>
<tr>
<th scope="row">메일 수신</th>
<td>
<input type="radio" name="mb_mailling" value="1" id="mb_mailling_yes" <?php echo $mb_mailling_yes; ?>>
<label for="mb_mailling_yes">예</label>
<input type="radio" name="mb_mailling" value="0" id="mb_mailling_no" <?php echo $mb_mailling_no; ?>>
<label for="mb_mailling_no">아니오</label>
</td>
<th scope="row"><label for="mb_sms_yes">SMS 수신</label></th>
<td>
<input type="radio" name="mb_sms" value="1" id="mb_sms_yes" <?php echo $mb_sms_yes; ?>>
<label for="mb_sms_yes">예</label>
<input type="radio" name="mb_sms" value="0" id="mb_sms_no" <?php echo $mb_sms_no; ?>>
<label for="mb_sms_no">아니오</label>
</td>
</tr>
<tr>
<th scope="row">정보 공개</th>
<td colspan="3">
<input type="radio" name="mb_open" value="1" id="mb_open_yes" <?php echo $mb_open_yes; ?>>
<label for="mb_open_yes">예</label>
<input type="radio" name="mb_open" value="0" id="mb_open_no" <?php echo $mb_open_no; ?>>
<label for="mb_open_no">아니오</label>
</td>
</tr>
<tr>
<th scope="row"><label for="mb_signature">서명</label></th>
<td colspan="3"><textarea name="mb_signature" id="mb_signature"><?php echo $mb['mb_signature'] ?></textarea></td>
</tr>
<tr>
<th scope="row"><label for="mb_profile">자기 소개</label></th>
<td colspan="3"><textarea name="mb_profile" id="mb_profile"><?php echo $mb['mb_profile'] ?></textarea></td>
</tr>
<tr>
<th scope="row"><label for="mb_memo">메모</label></th>
<td colspan="3"><textarea name="mb_memo" id="mb_memo"><?php echo $mb['mb_memo'] ?></textarea></td>
</tr>
<tr>
<th scope="row"><label for="mb_cert_history">본인인증 내역</label></th>
<td colspan="3">
<?php
$cnt = 0;
while ($row = sql_fetch_array($mb_cert_history)) {
$cnt++;
switch($row['ch_type']){
case 'simple':
$cert_type = '간편인증';
break;
case 'hp':
$cert_type = '휴대폰';
break;
case 'ipin':
$cert_type = '아이핀';
break;
}
?>
<div>
[<?php echo $row['ch_datetime']; ?>]
<?php echo $row['mb_id']; ?> /
<?php echo $row['ch_name']; ?> /
<?php echo $row['ch_hp']; ?> /
<?php echo $cert_type; ?>
</div>
<?php } ?>
<?php if ($cnt == 0) { ?>
본인인증 내역이 없습니다.
<?php } ?>
</td>
</tr>
<?php if ($w == 'u') { ?>
<tr>
<th scope="row">회원가입일</th>
<td><?php echo $mb['mb_datetime'] ?></td>
<th scope="row">최근접속일</th>
<td><?php echo $mb['mb_today_login'] ?></td>
</tr>
<tr>
<th scope="row">IP</th>
<td colspan="3"><?php echo $mb['mb_ip'] ?></td>
</tr>
<?php if ($config['cf_use_email_certify']) { ?>
<tr>
<th scope="row">인증일시</th>
<td colspan="3">
<?php if ($mb['mb_email_certify'] == '0000-00-00 00:00:00') { ?>
<?php echo help('회원님이 메일을 수신할 수 없는 경우 등에 직접 인증처리를 하실 수 있습니다.') ?>
<input type="checkbox" name="passive_certify" id="passive_certify">
<label for="passive_certify">수동인증</label>
<?php } else { ?>
<?php echo $mb['mb_email_certify'] ?>
<?php } ?>
</td>
</tr>
<?php } ?>
<?php } ?>
<?php if ($config['cf_use_recommend']) { // 추천인 사용 ?>
<tr>
<th scope="row">추천인</th>
<td colspan="3"><?php echo ($mb['mb_recommend'] ? get_text($mb['mb_recommend']) : '없음'); // 081022 : CSRF 보안 결함으로 인한 코드 수정 ?></td>
</tr>
<?php } ?>
<tr>
<th scope="row"><label for="mb_leave_date">탈퇴일자</label></th>
<td>
<input type="text" name="mb_leave_date" value="<?php echo $mb['mb_leave_date'] ?>" id="mb_leave_date" class="frm_input" maxlength="8">
<input type="checkbox" value="<?php echo date("Ymd"); ?>" id="mb_leave_date_set_today" onclick="if (this.form.mb_leave_date.value==this.form.mb_leave_date.defaultValue) {
this.form.mb_leave_date.value=this.value; } else { this.form.mb_leave_date.value=this.form.mb_leave_date.defaultValue; }">
<label for="mb_leave_date_set_today">탈퇴일을 오늘로 지정</label>
</td>
<th scope="row">접근차단일자</th>
<td>
<input type="text" name="mb_intercept_date" value="<?php echo $mb['mb_intercept_date'] ?>" id="mb_intercept_date" class="frm_input" maxlength="8">
<input type="checkbox" value="<?php echo date("Ymd"); ?>" id="mb_intercept_date_set_today" onclick="if
(this.form.mb_intercept_date.value==this.form.mb_intercept_date.defaultValue) { this.form.mb_intercept_date.value=this.value; } else {
this.form.mb_intercept_date.value=this.form.mb_intercept_date.defaultValue; }">
<label for="mb_intercept_date_set_today">접근차단일을 오늘로 지정</label>
</td>
</tr>
<?php
//소셜계정이 있다면
if(function_exists('social_login_link_account') && $mb['mb_id'] ){
if( $my_social_accounts = social_login_link_account($mb['mb_id'], false, 'get_data') ){ ?>
<tr>
<th>소셜계정목록</th>
<td colspan="3">
<ul class="social_link_box">
<li class="social_login_container">
<h4>연결된 소셜 계정 목록</h4>
<?php foreach($my_social_accounts as $account){ //반복문
if( empty($account) ) continue;
$provider = strtolower($account['provider']);
$provider_name = social_get_provider_service_name($provider);
?>
<div class="account_provider" data-mpno="social_<?php echo $account['mp_no'];?>" >
<div class="sns-wrap-32 sns-wrap-over">
<span class="sns-icon sns-<?php echo $provider; ?>" title="<?php echo $provider_name; ?>">
<span class="ico"></span>
<span class="txt"><?php echo $provider_name; ?></span>
</span>
<span class="provider_name"><?php echo $provider_name; //서비스이름?> ( <?php echo $account['displayname']; ?> )</span>
<span class="account_hidden" style="display:none"><?php echo $account['mb_id']; ?></span>
</div>
<div class="btn_info"><a href="<?php echo G5_SOCIAL_LOGIN_URL.'/unlink.php?mp_no='.$account['mp_no'] ?>" class="social_unlink" data-provider="<?php echo $account['mp_no'];?>" >연동해제</a> <span class="sound_only"><?php echo substr($account['mp_register_day'], 2, 14); ?></span></div>
</div>
<?php } //end foreach ?>
</li>
</ul>
<script>
jQuery(function($){
$(".account_provider").on("click", ".social_unlink", function(e){
e.preventDefault();
if (!confirm('정말 이 계정 연결을 삭제하시겠습니까?')) {
return false;
}
var ajax_url = "<?php echo G5_SOCIAL_LOGIN_URL.'/unlink.php' ?>";
var mb_id = '',
mp_no = $(this).attr("data-provider"),
$mp_el = $(this).parents(".account_provider");
mb_id = $mp_el.find(".account_hidden").text();
if( ! mp_no ){
alert('잘못된 요청! mp_no 값이 없습니다.');
return;
}
$.ajax({
url: ajax_url,
type: 'POST',
data: {
'mp_no': mp_no,
'mb_id': mb_id
},
dataType: 'json',
async: false,
success: function(data, textStatus) {
if (data.error) {
alert(data.error);
return false;
} else {
alert("연결이 해제 되었습니다.");
$mp_el.fadeOut("normal", function() {
$(this).remove();
});
} }
} ?>
}); </td>
</tr>
<tr>
<th scope="row"><label for="mb_img">회원이미지</label></th>
<td colspan="3">
<?php echo help('이미지 크기는 <strong>넓이 ' . $config['cf_member_img_width'] . '픽셀 높이 ' . $config['cf_member_img_height'] . '픽셀</strong>로 해주세요.') ?>
<input type="file" name="mb_img" id="mb_img">
<?php
$mb_dir = substr($mb['mb_id'], 0, 2);
$icon_file = G5_DATA_PATH . '/member_image/' . $mb_dir . '/' . get_mb_icon_name($mb['mb_id']) . '.gif';
if (file_exists($icon_file)) {
echo get_member_profile_img($mb['mb_id']);
echo '<input type="checkbox" id="del_mb_img" name="del_mb_img" value="1">삭제';
}
?>
</td>
</tr>
<tr>
<th scope="row">메일 수신</th>
<td>
<input type="radio" name="mb_mailling" value="1" id="mb_mailling_yes" <?php echo $mb_mailling_yes; ?>>
<label for="mb_mailling_yes">예</label>
<input type="radio" name="mb_mailling" value="0" id="mb_mailling_no" <?php echo $mb_mailling_no; ?>>
<label for="mb_mailling_no">아니오</label>
</td>
<th scope="row"><label for="mb_sms_yes">SMS 수신</label></th>
<td>
<input type="radio" name="mb_sms" value="1" id="mb_sms_yes" <?php echo $mb_sms_yes; ?>>
<label for="mb_sms_yes">예</label>
<input type="radio" name="mb_sms" value="0" id="mb_sms_no" <?php echo $mb_sms_no; ?>>
<label for="mb_sms_no">아니오</label>
</td>
</tr>
<tr>
<th scope="row">정보 공개</th>
<td colspan="3">
<input type="radio" name="mb_open" value="1" id="mb_open_yes" <?php echo $mb_open_yes; ?>>
<label for="mb_open_yes">예</label>
<input type="radio" name="mb_open" value="0" id="mb_open_no" <?php echo $mb_open_no; ?>>
<label for="mb_open_no">아니오</label>
</td>
</tr>
<tr>
<th scope="row"><label for="mb_signature">서명</label></th>
<td colspan="3"><textarea name="mb_signature" id="mb_signature"><?php echo $mb['mb_signature'] ?></textarea></td>
</tr>
<tr>
<th scope="row"><label for="mb_profile">자기 소개</label></th>
<td colspan="3"><textarea name="mb_profile" id="mb_profile"><?php echo $mb['mb_profile'] ?></textarea></td>
</tr>
<tr>
<th scope="row"><label for="mb_memo">메모</label></th>
<td colspan="3"><textarea name="mb_memo" id="mb_memo"><?php echo $mb['mb_memo'] ?></textarea></td>
</tr>
<tr>
<th scope="row"><label for="mb_cert_history">본인인증 내역</label></th>
<td colspan="3">
<?php
$cnt = 0;
while ($row = sql_fetch_array($mb_cert_history)) {
$cnt++;
$cert_type = '';
switch ($row['ch_type']) {
case 'simple':
$cert_type = '간편인증';
break;
case 'hp':
$cert_type = '휴대폰';
break;
case 'ipin':
$cert_type = '아이핀';
break;
}
?>
<div>
[<?php echo $row['ch_datetime']; ?>]
<?php echo $row['mb_id']; ?> /
<?php echo $row['ch_name']; ?> /
<?php echo $row['ch_hp']; ?> /
<?php echo $cert_type; ?>
</div>
<?php } ?>
return; <?php if ($cnt == 0) { ?>
}); 본인인증 내역이 없습니다.
}); <?php } ?>
</script> </td>
</tr>
</td> <?php if ($w == 'u') { ?>
</tr> <tr>
<th scope="row">회원가입일</th>
<td><?php echo $mb['mb_datetime'] ?></td>
<th scope="row">최근접속일</th>
<td><?php echo $mb['mb_today_login'] ?></td>
</tr>
<tr>
<th scope="row">IP</th>
<td colspan="3"><?php echo $mb['mb_ip'] ?></td>
</tr>
<?php if ($config['cf_use_email_certify']) { ?>
<tr>
<th scope="row">인증일시</th>
<td colspan="3">
<?php if ($mb['mb_email_certify'] == '0000-00-00 00:00:00') { ?>
<?php echo help('회원님이 메일을 수신할 수 없는 경우 등에 직접 인증처리를 하실 수 있습니다.') ?>
<input type="checkbox" name="passive_certify" id="passive_certify">
<label for="passive_certify">수동인증</label>
<?php } else { ?>
<?php echo $mb['mb_email_certify'] ?>
<?php } ?>
</td>
</tr>
<?php } ?>
<?php } ?>
<?php <?php if ($config['cf_use_recommend']) { // 추천인 사용 ?>
} //end if <tr>
} //end if <th scope="row">추천인</th>
<td colspan="3"><?php echo ($mb['mb_recommend'] ? get_text($mb['mb_recommend']) : '없음'); // 081022 : CSRF 보안 결함으로 인한 코드 수정 ?></td>
</tr>
<?php } ?>
run_event('admin_member_form_add', $mb, $w, 'table'); <tr>
?> <th scope="row"><label for="mb_leave_date">탈퇴일자</label></th>
<td>
<input type="text" name="mb_leave_date" value="<?php echo $mb['mb_leave_date'] ?>" id="mb_leave_date" class="frm_input" maxlength="8">
<input type="checkbox" value="<?php echo date("Ymd"); ?>" id="mb_leave_date_set_today" onclick="if (this.form.mb_leave_date.value==this.form.mb_leave_date.defaultValue) { this.form.mb_leave_date.value=this.value; } else { this.form.mb_leave_date.value=this.form.mb_leave_date.defaultValue; }">
<label for="mb_leave_date_set_today">탈퇴일을 오늘로 지정</label>
</td>
<th scope="row">접근차단일자</th>
<td>
<input type="text" name="mb_intercept_date" value="<?php echo $mb['mb_intercept_date'] ?>" id="mb_intercept_date" class="frm_input" maxlength="8">
<input type="checkbox" value="<?php echo date("Ymd"); ?>" id="mb_intercept_date_set_today" onclick="if (this.form.mb_intercept_date.value==this.form.mb_intercept_date.defaultValue) { this.form.mb_intercept_date.value=this.value; } else { this.form.mb_intercept_date.value=this.form.mb_intercept_date.defaultValue; }">
<label for="mb_intercept_date_set_today">접근차단일을 오늘로 지정</label>
</td>
</tr>
<?php for ($i=1; $i<=10; $i++) { ?> <?php
<tr> //소셜계정이 있다면
<th scope="row"><label for="mb_<?php echo $i ?>">여분 필드 <?php echo $i ?></label></th> if (function_exists('social_login_link_account') && $mb['mb_id']) {
<td colspan="3"><input type="text" name="mb_<?php echo $i ?>" value="<?php echo $mb['mb_'.$i] ?>" id="mb_<?php echo $i ?>" class="frm_input" size="30" maxlength="255"></td> if ($my_social_accounts = social_login_link_account($mb['mb_id'], false, 'get_data')) { ?>
</tr> <tr>
<?php } ?> <th>소셜계정목록</th>
<td colspan="3">
<ul class="social_link_box">
<li class="social_login_container">
<h4>연결된 소셜 계정 목록</h4>
<?php foreach ($my_social_accounts as $account) { //반복문
if (empty($account)) {
continue;
}
</tbody> $provider = strtolower($account['provider']);
</table> $provider_name = social_get_provider_service_name($provider);
</div> ?>
<div class="account_provider" data-mpno="social_<?php echo $account['mp_no']; ?>">
<div class="sns-wrap-32 sns-wrap-over">
<span class="sns-icon sns-<?php echo $provider; ?>" title="<?php echo $provider_name; ?>">
<span class="ico"></span>
<span class="txt"><?php echo $provider_name; ?></span>
</span>
<div class="btn_fixed_top"> <span class="provider_name"><?php echo $provider_name; //서비스이름 ?> ( <?php echo $account['displayname']; ?> )</span>
<a href="./member_list.php?<?php echo $qstr ?>" class="btn btn_02">목록</a> <span class="account_hidden" style="display:none"><?php echo $account['mb_id']; ?></span>
<input type="submit" value="확인" class="btn_submit btn" accesskey='s'> </div>
</div> <div class="btn_info"><a href="<?php echo G5_SOCIAL_LOGIN_URL . '/unlink.php?mp_no=' . $account['mp_no'] ?>" class="social_unlink" data-provider="<?php echo $account['mp_no']; ?>">연동해제</a> <span class="sound_only"><?php echo substr($account['mp_register_day'], 2, 14); ?></span></div>
</div>
<?php } //end foreach ?>
</li>
</ul>
<script>
jQuery(function($) {
$(".account_provider").on("click", ".social_unlink", function(e) {
e.preventDefault();
if (!confirm('정말 이 계정 연결을 삭제하시겠습니까?')) {
return false;
}
var ajax_url = "<?php echo G5_SOCIAL_LOGIN_URL . '/unlink.php' ?>";
var mb_id = '',
mp_no = $(this).attr("data-provider"),
$mp_el = $(this).parents(".account_provider");
mb_id = $mp_el.find(".account_hidden").text();
if (!mp_no) {
alert('잘못된 요청! mp_no 값이 없습니다.');
return;
}
$.ajax({
url: ajax_url,
type: 'POST',
data: {
'mp_no': mp_no,
'mb_id': mb_id
},
dataType: 'json',
async: false,
success: function(data, textStatus) {
if (data.error) {
alert(data.error);
return false;
} else {
alert("연결이 해제 되었습니다.");
$mp_el.fadeOut("normal", function() {
$(this).remove();
});
}
}
});
return;
});
});
</script>
</td>
</tr>
<?php
} //end if
} //end if
run_event('admin_member_form_add', $mb, $w, 'table');
?>
<?php for ($i = 1; $i <= 10; $i++) { ?>
<tr>
<th scope="row"><label for="mb_<?php echo $i ?>">여분 필드 <?php echo $i ?></label></th>
<td colspan="3"><input type="text" name="mb_<?php echo $i ?>" value="<?php echo $mb['mb_' . $i] ?>" id="mb_<?php echo $i ?>" class="frm_input" size="30" maxlength="255"></td>
</tr>
<?php } ?>
</tbody>
</table>
</div>
<div class="btn_fixed_top">
<a href="./member_list.php?<?php echo $qstr ?>" class="btn btn_02">목록</a>
<input type="submit" value="확인" class="btn_submit btn" accesskey='s'>
</div>
</form> </form>
<script> <script>
function fmember_submit(f) function fmember_submit(f) {
{ if (!f.mb_icon.value.match(/\.(gif|jpe?g|png)$/i) && f.mb_icon.value) {
if (!f.mb_icon.value.match(/\.(gif|jpe?g|png)$/i) && f.mb_icon.value) { alert('아이콘은 이미지 파일만 가능합니다.');
alert('아이콘은 이미지 파일만 가능합니다.'); return false;
return false; }
if (!f.mb_img.value.match(/\.(gif|jpe?g|png)$/i) && f.mb_img.value) {
alert('회원이미지는 이미지 파일만 가능합니다.');
return false;
}
if( jQuery("#mb_password").val() ){
<?php echo $captcha_js; // 캡챠 사용시 자바스크립트에서 입력된 캡챠를 검사함 ?>
}
return true;
} }
if (!f.mb_img.value.match(/\.(gif|jpe?g|png)$/i) && f.mb_img.value) { jQuery(function($){
alert('회원이미지는 이미지 파일만 가능합니다.'); $("#captcha_key").prop('required', false).removeAttr("required").removeClass("required");
return false;
}
return true; $("#mb_password").on("keyup", function(e) {
} var $warp = $("#mb_password_captcha_wrap"),
tooptipid = "mp_captcha_tooltip",
$span_text = $("<span>", {id:tooptipid, style:"font-size:0.95em;letter-spacing:-0.1em"}).html("비밀번호를 수정할 경우 캡챠를 입력해야 합니다."),
$parent = $(this).parent(),
is_invisible_recaptcha = $("#captcha").hasClass("invisible_recaptcha");
if($(this).val()){
$warp.show();
if(! is_invisible_recaptcha) {
$warp.css("margin-top","1em");
if(! $("#"+tooptipid).length){ $parent.append($span_text) }
}
} else {
$warp.hide();
if($("#"+tooptipid).length && ! is_invisible_recaptcha){ $parent.find("#"+tooptipid).remove(); }
}
});
});
</script> </script>
<?php <?php
run_event('admin_member_form_after', $mb, $w); run_event('admin_member_form_after', $mb, $w);
include_once('./admin.tail.php'); require_once './admin.tail.php';

244
adm/member_form_update.php
View File

@ -1,33 +1,45 @@
<?php <?php
$sub_menu = "200100"; $sub_menu = "200100";
include_once("./_common.php"); require_once "./_common.php";
include_once(G5_LIB_PATH."/register.lib.php"); require_once G5_LIB_PATH . "/register.lib.php";
include_once(G5_LIB_PATH.'/thumbnail.lib.php'); require_once G5_LIB_PATH . '/thumbnail.lib.php';
if ($w == 'u') if ($w == 'u') {
check_demo(); check_demo();
}
auth_check_menu($auth, $sub_menu, 'w'); auth_check_menu($auth, $sub_menu, 'w');
check_admin_token(); check_admin_token();
$mb_id = isset($_POST['mb_id']) ? trim($_POST['mb_id']) : ''; $mb_id = isset($_POST['mb_id']) ? trim($_POST['mb_id']) : '';
$mb_password = isset($_POST['mb_password']) ? trim($_POST['mb_password']) : '';
$mb_certify_case = isset($_POST['mb_certify_case']) ? preg_replace('/[^0-9a-z_]/i', '', $_POST['mb_certify_case']) : ''; $mb_certify_case = isset($_POST['mb_certify_case']) ? preg_replace('/[^0-9a-z_]/i', '', $_POST['mb_certify_case']) : '';
$mb_certify = isset($_POST['mb_certify']) ? preg_replace('/[^0-9a-z_]/i', '', $_POST['mb_certify']) : ''; $mb_certify = isset($_POST['mb_certify']) ? preg_replace('/[^0-9a-z_]/i', '', $_POST['mb_certify']) : '';
$mb_zip = isset($_POST['mb_zip']) ? preg_replace('/[^0-9a-z_]/i', '', $_POST['mb_zip']) : ''; $mb_zip = isset($_POST['mb_zip']) ? preg_replace('/[^0-9a-z_]/i', '', $_POST['mb_zip']) : '';
// 관리자가 자동등록방지를 사용해야 할 경우 ( 회원의 비밀번호 변경시 캡챠를 체크한다 )
if ($mb_password && function_exists('get_admin_captcha_by') && get_admin_captcha_by()) {
include_once(G5_CAPTCHA_PATH . '/captcha.lib.php');
if (!chk_captcha()) {
alert('자동등록방지 숫자가 틀렸습니다.');
}
}
// 휴대폰번호 체크 // 휴대폰번호 체크
$mb_hp = hyphen_hp_number($_POST['mb_hp']); $mb_hp = hyphen_hp_number($_POST['mb_hp']);
if($mb_hp) { if ($mb_hp) {
$result = exist_mb_hp($mb_hp, $mb_id); $result = exist_mb_hp($mb_hp, $mb_id);
if ($result) if ($result) {
alert($result); alert($result);
}
} }
// 인증정보처리 // 인증정보처리
if($mb_certify_case && $mb_certify) { if ($mb_certify_case && $mb_certify) {
$mb_certify = isset($_POST['mb_certify_case']) ? preg_replace('/[^0-9a-z_]/i', '', $_POST['mb_certify_case']) : ''; $mb_certify = isset($_POST['mb_certify_case']) ? preg_replace('/[^0-9a-z_]/i', '', (string)$_POST['mb_certify_case']) : '';
$mb_adult = isset($_POST['mb_adult']) ? preg_replace('/[^0-9a-z_]/i', '', $_POST['mb_adult']) : ''; $mb_adult = isset($_POST['mb_adult']) ? preg_replace('/[^0-9a-z_]/i', '', (string)$_POST['mb_adult']) : '';
} else { } else {
$mb_certify = ''; $mb_certify = '';
$mb_adult = 0; $mb_adult = 0;
@ -39,33 +51,39 @@ $mb_zip2 = substr($mb_zip, 3);
$mb_email = isset($_POST['mb_email']) ? get_email_address(trim($_POST['mb_email'])) : ''; $mb_email = isset($_POST['mb_email']) ? get_email_address(trim($_POST['mb_email'])) : '';
$mb_nick = isset($_POST['mb_nick']) ? trim(strip_tags($_POST['mb_nick'])) : ''; $mb_nick = isset($_POST['mb_nick']) ? trim(strip_tags($_POST['mb_nick'])) : '';
if ($msg = valid_mb_nick($mb_nick)) alert($msg, "", true, true); if ($msg = valid_mb_nick($mb_nick)) {
alert($msg, "", true, true);
}
$posts = array(); $posts = array();
$check_keys = array( $check_keys = array(
'mb_name', 'mb_name',
'mb_homepage', 'mb_homepage',
'mb_tel', 'mb_tel',
'mb_addr1', 'mb_addr1',
'mb_addr2', 'mb_addr2',
'mb_addr3', 'mb_addr3',
'mb_addr_jibeon', 'mb_addr_jibeon',
'mb_signature', 'mb_signature',
'mb_leave_date', 'mb_leave_date',
'mb_intercept_date', 'mb_intercept_date',
'mb_mailling', 'mb_mailling',
'mb_sms', 'mb_sms',
'mb_open', 'mb_open',
'mb_profile', 'mb_profile',
'mb_level' 'mb_level'
); );
for($i=1;$i<=10;$i++){ for ($i = 1; $i <= 10; $i++) {
$check_keys[] = 'mb_'.$i; $check_keys[] = 'mb_' . $i;
} }
foreach( $check_keys as $key ){ foreach ($check_keys as $key) {
$posts[$key] = isset($_POST[$key]) ? clean_xss_tags($_POST[$key], 1, 1) : ''; if( in_array($key, array('mb_signature', 'mb_profile')) ){
$posts[$key] = isset($_POST[$key]) ? clean_xss_tags($_POST[$key], 1, 1, 0, 0) : '';
} else {
$posts[$key] = isset($_POST[$key]) ? clean_xss_tags($_POST[$key], 1, 1) : '';
}
} }
$mb_memo = isset($_POST['mb_memo']) ? $_POST['mb_memo'] : ''; $mb_memo = isset($_POST['mb_memo']) ? $_POST['mb_memo'] : '';
@ -104,63 +122,70 @@ $sql_common = " mb_name = '{$posts['mb_name']}',
mb_9 = '{$posts['mb_9']}', mb_9 = '{$posts['mb_9']}',
mb_10 = '{$posts['mb_10']}' "; mb_10 = '{$posts['mb_10']}' ";
if ($w == '') if ($w == '') {
{
$mb = get_member($mb_id); $mb = get_member($mb_id);
if (isset($mb['mb_id']) && $mb['mb_id']) if (isset($mb['mb_id']) && $mb['mb_id']) {
alert('이미 존재하는 회원아이디입니다.\\n : '.$mb['mb_id'].'\\n이름 : '.$mb['mb_name'].'\\n닉네임 : '.$mb['mb_nick'].'\\n메일 : '.$mb['mb_email']); alert('이미 존재하는 회원아이디입니다.\\n : ' . $mb['mb_id'] . '\\n이름 : ' . $mb['mb_name'] . '\\n닉네임 : ' . $mb['mb_nick'] . '\\n메일 : ' . $mb['mb_email']);
}
// 닉네임중복체크 // 닉네임중복체크
$sql = " select mb_id, mb_name, mb_nick, mb_email from {$g5['member_table']} where mb_nick = '{$mb_nick}' "; $sql = " select mb_id, mb_name, mb_nick, mb_email from {$g5['member_table']} where mb_nick = '{$mb_nick}' ";
$row = sql_fetch($sql); $row = sql_fetch($sql);
if (isset($row['mb_id']) && $row['mb_id']) if (isset($row['mb_id']) && $row['mb_id']) {
alert('이미 존재하는 닉네임입니다.\\n : '.$row['mb_id'].'\\n이름 : '.$row['mb_name'].'\\n닉네임 : '.$row['mb_nick'].'\\n메일 : '.$row['mb_email']); alert('이미 존재하는 닉네임입니다.\\n : ' . $row['mb_id'] . '\\n이름 : ' . $row['mb_name'] . '\\n닉네임 : ' . $row['mb_nick'] . '\\n메일 : ' . $row['mb_email']);
}
// 이메일중복체크 // 이메일중복체크
$sql = " select mb_id, mb_name, mb_nick, mb_email from {$g5['member_table']} where mb_email = '{$mb_email}' "; $sql = " select mb_id, mb_name, mb_nick, mb_email from {$g5['member_table']} where mb_email = '{$mb_email}' ";
$row = sql_fetch($sql); $row = sql_fetch($sql);
if (isset($row['mb_id']) && $row['mb_id']) if (isset($row['mb_id']) && $row['mb_id']) {
alert('이미 존재하는 이메일입니다.\\n : '.$row['mb_id'].'\\n이름 : '.$row['mb_name'].'\\n닉네임 : '.$row['mb_nick'].'\\n메일 : '.$row['mb_email']); alert('이미 존재하는 이메일입니다.\\n : ' . $row['mb_id'] . '\\n이름 : ' . $row['mb_name'] . '\\n닉네임 : ' . $row['mb_nick'] . '\\n메일 : ' . $row['mb_email']);
}
sql_query(" insert into {$g5['member_table']} set mb_id = '{$mb_id}', mb_password = '".get_encrypt_string($mb_password)."', mb_datetime = '".G5_TIME_YMDHIS."', mb_ip = '{$_SERVER['REMOTE_ADDR']}', mb_email_certify = '".G5_TIME_YMDHIS."', {$sql_common} "); sql_query(" insert into {$g5['member_table']} set mb_id = '{$mb_id}', mb_password = '" . get_encrypt_string($mb_password) . "', mb_datetime = '" . G5_TIME_YMDHIS . "', mb_ip = '{$_SERVER['REMOTE_ADDR']}', mb_email_certify = '" . G5_TIME_YMDHIS . "', {$sql_common} ");
} } elseif ($w == 'u') {
else if ($w == 'u')
{
$mb = get_member($mb_id); $mb = get_member($mb_id);
if (! (isset($mb['mb_id']) && $mb['mb_id'])) if (!(isset($mb['mb_id']) && $mb['mb_id'])) {
alert('존재하지 않는 회원자료입니다.'); alert('존재하지 않는 회원자료입니다.');
}
if ($is_admin != 'super' && $mb['mb_level'] >= $member['mb_level']) if ($is_admin != 'super' && $mb['mb_level'] >= $member['mb_level']) {
alert('자신보다 권한이 높거나 같은 회원은 수정할 수 없습니다.'); alert('자신보다 권한이 높거나 같은 회원은 수정할 수 없습니다.');
}
if ($is_admin !== 'super' && is_admin($mb['mb_id']) === 'super' ) { if ($is_admin !== 'super' && is_admin($mb['mb_id']) === 'super') {
alert('최고관리자의 비밀번호를 수정할수 없습니다.'); alert('최고관리자의 비밀번호를 수정할수 없습니다.');
} }
if ($mb_id === $member['mb_id'] && $_POST['mb_level'] != $mb['mb_level']) if ($mb_id === $member['mb_id'] && $_POST['mb_level'] != $mb['mb_level']) {
alert($mb['mb_id'].' : 로그인 중인 관리자 레벨은 수정 할 수 없습니다.'); alert($mb['mb_id'] . ' : 로그인 중인 관리자 레벨은 수정 할 수 없습니다.');
}
// 닉네임중복체크 // 닉네임중복체크
$sql = " select mb_id, mb_name, mb_nick, mb_email from {$g5['member_table']} where mb_nick = '{$mb_nick}' and mb_id <> '$mb_id' "; $sql = " select mb_id, mb_name, mb_nick, mb_email from {$g5['member_table']} where mb_nick = '{$mb_nick}' and mb_id <> '$mb_id' ";
$row = sql_fetch($sql); $row = sql_fetch($sql);
if (isset($row['mb_id']) && $row['mb_id']) if (isset($row['mb_id']) && $row['mb_id']) {
alert('이미 존재하는 닉네임입니다.\\n : '.$row['mb_id'].'\\n이름 : '.$row['mb_name'].'\\n닉네임 : '.$row['mb_nick'].'\\n메일 : '.$row['mb_email']); alert('이미 존재하는 닉네임입니다.\\n : ' . $row['mb_id'] . '\\n이름 : ' . $row['mb_name'] . '\\n닉네임 : ' . $row['mb_nick'] . '\\n메일 : ' . $row['mb_email']);
}
// 이메일중복체크 // 이메일중복체크
$sql = " select mb_id, mb_name, mb_nick, mb_email from {$g5['member_table']} where mb_email = '{$mb_email}' and mb_id <> '$mb_id' "; $sql = " select mb_id, mb_name, mb_nick, mb_email from {$g5['member_table']} where mb_email = '{$mb_email}' and mb_id <> '$mb_id' ";
$row = sql_fetch($sql); $row = sql_fetch($sql);
if (isset($row['mb_id']) && $row['mb_id']) if (isset($row['mb_id']) && $row['mb_id']) {
alert('이미 존재하는 이메일입니다.\\n : '.$row['mb_id'].'\\n이름 : '.$row['mb_name'].'\\n닉네임 : '.$row['mb_nick'].'\\n메일 : '.$row['mb_email']); alert('이미 존재하는 이메일입니다.\\n : ' . $row['mb_id'] . '\\n이름 : ' . $row['mb_name'] . '\\n닉네임 : ' . $row['mb_nick'] . '\\n메일 : ' . $row['mb_email']);
}
if ($mb_password) if ($mb_password) {
$sql_password = " , mb_password = '".get_encrypt_string($mb_password)."' "; $sql_password = " , mb_password = '" . get_encrypt_string($mb_password) . "' ";
else } else {
$sql_password = ""; $sql_password = "";
}
if (isset($passive_certify) && $passive_certify) if (isset($passive_certify) && $passive_certify) {
$sql_certify = " , mb_email_certify = '".G5_TIME_YMDHIS."' "; $sql_certify = " , mb_email_certify = '" . G5_TIME_YMDHIS . "' ";
else } else {
$sql_certify = ""; $sql_certify = "";
}
$sql = " update {$g5['member_table']} $sql = " update {$g5['member_table']}
set {$sql_common} set {$sql_common}
@ -168,18 +193,18 @@ else if ($w == 'u')
{$sql_certify} {$sql_certify}
where mb_id = '{$mb_id}' "; where mb_id = '{$mb_id}' ";
sql_query($sql); sql_query($sql);
} } else {
else
alert('제대로 된 값이 넘어오지 않았습니다.'); alert('제대로 된 값이 넘어오지 않았습니다.');
}
if( $w == '' || $w == 'u' ){ if ($w == '' || $w == 'u') {
$mb_dir = substr($mb_id, 0, 2);
$mb_dir = substr($mb_id,0,2); $mb_icon_img = get_mb_icon_name($mb_id) . '.gif';
$mb_icon_img = get_mb_icon_name($mb_id).'.gif';
// 회원 아이콘 삭제 // 회원 아이콘 삭제
if (isset($del_mb_icon) && $del_mb_icon) if (isset($del_mb_icon) && $del_mb_icon) {
@unlink(G5_DATA_PATH.'/member/'.$mb_dir.'/'.$mb_icon_img); @unlink(G5_DATA_PATH . '/member/' . $mb_dir . '/' . $mb_icon_img);
}
$image_regex = "/(\.(gif|jpe?g|png))$/i"; $image_regex = "/(\.(gif|jpe?g|png))$/i";
@ -190,77 +215,82 @@ if( $w == '' || $w == 'u' ){
} }
if (preg_match($image_regex, $_FILES['mb_icon']['name'])) { if (preg_match($image_regex, $_FILES['mb_icon']['name'])) {
$mb_icon_dir = G5_DATA_PATH.'/member/'.$mb_dir; $mb_icon_dir = G5_DATA_PATH . '/member/' . $mb_dir;
@mkdir($mb_icon_dir, G5_DIR_PERMISSION); @mkdir($mb_icon_dir, G5_DIR_PERMISSION);
@chmod($mb_icon_dir, G5_DIR_PERMISSION); @chmod($mb_icon_dir, G5_DIR_PERMISSION);
$dest_path = $mb_icon_dir.'/'.$mb_icon_img; $dest_path = $mb_icon_dir . '/' . $mb_icon_img;
move_uploaded_file($_FILES['mb_icon']['tmp_name'], $dest_path); move_uploaded_file($_FILES['mb_icon']['tmp_name'], $dest_path);
chmod($dest_path, G5_FILE_PERMISSION); chmod($dest_path, G5_FILE_PERMISSION);
if (file_exists($dest_path)) { if (file_exists($dest_path)) {
$size = @getimagesize($dest_path); $size = @getimagesize($dest_path);
if ($size[0] > $config['cf_member_icon_width'] || $size[1] > $config['cf_member_icon_height']) { if ($size) {
$thumb = null; if ($size[0] > $config['cf_member_icon_width'] || $size[1] > $config['cf_member_icon_height']) {
if($size[2] === 2 || $size[2] === 3) { $thumb = null;
//jpg 또는 png 파일 적용 if ($size[2] === 2 || $size[2] === 3) {
$thumb = thumbnail($mb_icon_img, $mb_icon_dir, $mb_icon_dir, $config['cf_member_icon_width'], $config['cf_member_icon_height'], true, true); //jpg 또는 png 파일 적용
if($thumb) { $thumb = thumbnail($mb_icon_img, $mb_icon_dir, $mb_icon_dir, $config['cf_member_icon_width'], $config['cf_member_icon_height'], true, true);
@unlink($dest_path); if ($thumb) {
rename($mb_icon_dir.'/'.$thumb, $dest_path); @unlink($dest_path);
rename($mb_icon_dir . '/' . $thumb, $dest_path);
}
}
if (!$thumb) {
// 아이콘의 폭 또는 높이가 설정값 보다 크다면 이미 업로드 된 아이콘 삭제
@unlink($dest_path);
} }
}
if( !$thumb ){
// 아이콘의 폭 또는 높이가 설정값 보다 크다면 이미 업로드 된 아이콘 삭제
@unlink($dest_path);
} }
} }
} }
} }
} }
$mb_img_dir = G5_DATA_PATH.'/member_image/'; $mb_img_dir = G5_DATA_PATH . '/member_image/';
if( !is_dir($mb_img_dir) ){ if (!is_dir($mb_img_dir)) {
@mkdir($mb_img_dir, G5_DIR_PERMISSION); @mkdir($mb_img_dir, G5_DIR_PERMISSION);
@chmod($mb_img_dir, G5_DIR_PERMISSION); @chmod($mb_img_dir, G5_DIR_PERMISSION);
} }
$mb_img_dir .= substr($mb_id,0,2); $mb_img_dir .= substr($mb_id, 0, 2);
// 회원 이미지 삭제 // 회원 이미지 삭제
if (isset($del_mb_img) && $del_mb_img) if (isset($del_mb_img) && $del_mb_img) {
@unlink($mb_img_dir.'/'.$mb_icon_img); @unlink($mb_img_dir . '/' . $mb_icon_img);
}
// 아이콘 업로드 // 아이콘 업로드
if (isset($_FILES['mb_img']) && is_uploaded_file($_FILES['mb_img']['tmp_name'])) { if (isset($_FILES['mb_img']) && is_uploaded_file($_FILES['mb_img']['tmp_name'])) {
if (!preg_match($image_regex, $_FILES['mb_img']['name'])) { if (!preg_match($image_regex, $_FILES['mb_img']['name'])) {
alert($_FILES['mb_img']['name'] . '은(는) 이미지 파일이 아닙니다.'); alert($_FILES['mb_img']['name'] . '은(는) 이미지 파일이 아닙니다.');
} }
if (preg_match($image_regex, $_FILES['mb_img']['name'])) { if (preg_match($image_regex, $_FILES['mb_img']['name'])) {
@mkdir($mb_img_dir, G5_DIR_PERMISSION); @mkdir($mb_img_dir, G5_DIR_PERMISSION);
@chmod($mb_img_dir, G5_DIR_PERMISSION); @chmod($mb_img_dir, G5_DIR_PERMISSION);
$dest_path = $mb_img_dir.'/'.$mb_icon_img; $dest_path = $mb_img_dir . '/' . $mb_icon_img;
move_uploaded_file($_FILES['mb_img']['tmp_name'], $dest_path); move_uploaded_file($_FILES['mb_img']['tmp_name'], $dest_path);
chmod($dest_path, G5_FILE_PERMISSION); chmod($dest_path, G5_FILE_PERMISSION);
if (file_exists($dest_path)) { if (file_exists($dest_path)) {
$size = @getimagesize($dest_path); $size = @getimagesize($dest_path);
if ($size[0] > $config['cf_member_img_width'] || $size[1] > $config['cf_member_img_height']) { if ($size) {
$thumb = null; if ($size[0] > $config['cf_member_img_width'] || $size[1] > $config['cf_member_img_height']) {
if($size[2] === 2 || $size[2] === 3) { $thumb = null;
//jpg 또는 png 파일 적용 if ($size[2] === 2 || $size[2] === 3) {
$thumb = thumbnail($mb_icon_img, $mb_img_dir, $mb_img_dir, $config['cf_member_img_width'], $config['cf_member_img_height'], true, true); //jpg 또는 png 파일 적용
if($thumb) { $thumb = thumbnail($mb_icon_img, $mb_img_dir, $mb_img_dir, $config['cf_member_img_width'], $config['cf_member_img_height'], true, true);
@unlink($dest_path); if ($thumb) {
rename($mb_img_dir.'/'.$thumb, $dest_path); @unlink($dest_path);
rename($mb_img_dir . '/' . $thumb, $dest_path);
}
}
if (!$thumb) {
// 아이콘의 폭 또는 높이가 설정값 보다 크다면 이미 업로드 된 아이콘 삭제
@unlink($dest_path);
} }
}
if( !$thumb ){
// 아이콘의 폭 또는 높이가 설정값 보다 크다면 이미 업로드 된 아이콘 삭제
@unlink($dest_path);
} }
} }
} }
@ -268,6 +298,10 @@ if( $w == '' || $w == 'u' ){
} }
} }
if (function_exists('get_admin_captcha_by')) {
get_admin_captcha_by('remove');
}
run_event('admin_member_form_update', $w, $mb_id); run_event('admin_member_form_update', $w, $mb_id);
goto_url('./member_form.php?'.$qstr.'&amp;w=u&amp;mb_id='.$mb_id, false); goto_url('./member_form.php?' . $qstr . '&amp;w=u&amp;mb_id=' . $mb_id, false);

498
adm/member_list.php
View File

@ -1,6 +1,6 @@
<?php <?php
$sub_menu = "200100"; $sub_menu = "200100";
include_once('./_common.php'); require_once './_common.php';
auth_check_menu($auth, $sub_menu, 'r'); auth_check_menu($auth, $sub_menu, 'r');
@ -10,25 +10,26 @@ $sql_search = " where (1) ";
if ($stx) { if ($stx) {
$sql_search .= " and ( "; $sql_search .= " and ( ";
switch ($sfl) { switch ($sfl) {
case 'mb_point' : case 'mb_point':
$sql_search .= " ({$sfl} >= '{$stx}') "; $sql_search .= " ({$sfl} >= '{$stx}') ";
break; break;
case 'mb_level' : case 'mb_level':
$sql_search .= " ({$sfl} = '{$stx}') "; $sql_search .= " ({$sfl} = '{$stx}') ";
break; break;
case 'mb_tel' : case 'mb_tel':
case 'mb_hp' : case 'mb_hp':
$sql_search .= " ({$sfl} like '%{$stx}') "; $sql_search .= " ({$sfl} like '%{$stx}') ";
break; break;
default : default:
$sql_search .= " ({$sfl} like '{$stx}%') "; $sql_search .= " ({$sfl} like '{$stx}%') ";
break; break;
} }
$sql_search .= " ) "; $sql_search .= " ) ";
} }
if ($is_admin != 'super') if ($is_admin != 'super') {
$sql_search .= " and mb_level <= '{$member['mb_level']}' "; $sql_search .= " and mb_level <= '{$member['mb_level']}' ";
}
if (!$sst) { if (!$sst) {
$sst = "mb_datetime"; $sst = "mb_datetime";
@ -43,7 +44,9 @@ $total_count = $row['cnt'];
$rows = $config['cf_page_rows']; $rows = $config['cf_page_rows'];
$total_page = ceil($total_count / $rows); // 전체 페이지 계산 $total_page = ceil($total_count / $rows); // 전체 페이지 계산
if ($page < 1) $page = 1; // 페이지가 없으면 첫 페이지 (1 페이지) if ($page < 1) {
$page = 1; // 페이지가 없으면 첫 페이지 (1 페이지)
}
$from_record = ($page - 1) * $rows; // 시작 열을 구함 $from_record = ($page - 1) * $rows; // 시작 열을 구함
// 탈퇴회원수 // 탈퇴회원수
@ -56,10 +59,10 @@ $sql = " select count(*) as cnt {$sql_common} {$sql_search} and mb_intercept_dat
$row = sql_fetch($sql); $row = sql_fetch($sql);
$intercept_count = $row['cnt']; $intercept_count = $row['cnt'];
$listall = '<a href="'.$_SERVER['SCRIPT_NAME'].'" class="ov_listall">전체목록</a>'; $listall = '<a href="' . $_SERVER['SCRIPT_NAME'] . '" class="ov_listall">전체목록</a>';
$g5['title'] = '회원관리'; $g5['title'] = '회원관리';
include_once('./admin.head.php'); require_once './admin.head.php';
$sql = " select * {$sql_common} {$sql_search} {$sql_order} limit {$from_record}, {$rows} "; $sql = " select * {$sql_common} {$sql_search} {$sql_order} limit {$from_record}, {$rows} ";
$result = sql_query($sql); $result = sql_query($sql);
@ -71,28 +74,28 @@ $colspan = 16;
<?php echo $listall ?> <?php echo $listall ?>
<span class="btn_ov01"><span class="ov_txt">총회원수 </span><span class="ov_num"> <?php echo number_format($total_count) ?>명 </span></span> <span class="btn_ov01"><span class="ov_txt">총회원수 </span><span class="ov_num"> <?php echo number_format($total_count) ?>명 </span></span>
<a href="?sst=mb_intercept_date&amp;sod=desc&amp;sfl=<?php echo $sfl ?>&amp;stx=<?php echo $stx ?>" class="btn_ov01" data-tooltip-text="차단된 순으로 정렬합니다.&#xa;전체 데이터를 출력합니다."> <span class="ov_txt">차단 </span><span class="ov_num"><?php echo number_format($intercept_count) ?>명</span></a> <a href="?sst=mb_intercept_date&amp;sod=desc&amp;sfl=<?php echo $sfl ?>&amp;stx=<?php echo $stx ?>" class="btn_ov01" data-tooltip-text="차단된 순으로 정렬합니다.&#xa;전체 데이터를 출력합니다."> <span class="ov_txt">차단 </span><span class="ov_num"><?php echo number_format($intercept_count) ?>명</span></a>
<a href="?sst=mb_leave_date&amp;sod=desc&amp;sfl=<?php echo $sfl ?>&amp;stx=<?php echo $stx ?>" class="btn_ov01" data-tooltip-text="탈퇴된 순으로 정렬합니다.&#xa;전체 데이터를 출력합니다."> <span class="ov_txt">탈퇴 </span><span class="ov_num"><?php echo number_format($leave_count) ?>명</span></a> <a href="?sst=mb_leave_date&amp;sod=desc&amp;sfl=<?php echo $sfl ?>&amp;stx=<?php echo $stx ?>" class="btn_ov01" data-tooltip-text="탈퇴된 순으로 정렬합니다.&#xa;전체 데이터를 출력합니다."> <span class="ov_txt">탈퇴 </span><span class="ov_num"><?php echo number_format($leave_count) ?>명</span></a>
</div> </div>
<form id="fsearch" name="fsearch" class="local_sch01 local_sch" method="get"> <form id="fsearch" name="fsearch" class="local_sch01 local_sch" method="get">
<label for="sfl" class="sound_only">검색대상</label> <label for="sfl" class="sound_only">검색대상</label>
<select name="sfl" id="sfl"> <select name="sfl" id="sfl">
<option value="mb_id"<?php echo get_selected($sfl, "mb_id"); ?>>회원아이디</option> <option value="mb_id" <?php echo get_selected($sfl, "mb_id"); ?>>회원아이디</option>
<option value="mb_nick"<?php echo get_selected($sfl, "mb_nick"); ?>>닉네임</option> <option value="mb_nick" <?php echo get_selected($sfl, "mb_nick"); ?>>닉네임</option>
<option value="mb_name"<?php echo get_selected($sfl, "mb_name"); ?>>이름</option> <option value="mb_name" <?php echo get_selected($sfl, "mb_name"); ?>>이름</option>
<option value="mb_level"<?php echo get_selected($sfl, "mb_level"); ?>>권한</option> <option value="mb_level" <?php echo get_selected($sfl, "mb_level"); ?>>권한</option>
<option value="mb_email"<?php echo get_selected($sfl, "mb_email"); ?>>E-MAIL</option> <option value="mb_email" <?php echo get_selected($sfl, "mb_email"); ?>>E-MAIL</option>
<option value="mb_tel"<?php echo get_selected($sfl, "mb_tel"); ?>>전화번호</option> <option value="mb_tel" <?php echo get_selected($sfl, "mb_tel"); ?>>전화번호</option>
<option value="mb_hp"<?php echo get_selected($sfl, "mb_hp"); ?>>휴대폰번호</option> <option value="mb_hp" <?php echo get_selected($sfl, "mb_hp"); ?>>휴대폰번호</option>
<option value="mb_point"<?php echo get_selected($sfl, "mb_point"); ?>>포인트</option> <option value="mb_point" <?php echo get_selected($sfl, "mb_point"); ?>>포인트</option>
<option value="mb_datetime"<?php echo get_selected($sfl, "mb_datetime"); ?>>가입일시</option> <option value="mb_datetime" <?php echo get_selected($sfl, "mb_datetime"); ?>>가입일시</option>
<option value="mb_ip"<?php echo get_selected($sfl, "mb_ip"); ?>>IP</option> <option value="mb_ip" <?php echo get_selected($sfl, "mb_ip"); ?>>IP</option>
<option value="mb_recommend"<?php echo get_selected($sfl, "mb_recommend"); ?>>추천인</option> <option value="mb_recommend" <?php echo get_selected($sfl, "mb_recommend"); ?>>추천인</option>
</select> </select>
<label for="stx" class="sound_only">검색어<strong class="sound_only"> 필수</strong></label> <label for="stx" class="sound_only">검색어<strong class="sound_only"> 필수</strong></label>
<input type="text" name="stx" value="<?php echo $stx ?>" id="stx" required class="required frm_input"> <input type="text" name="stx" value="<?php echo $stx ?>" id="stx" required class="required frm_input">
<input type="submit" class="btn_submit" value="검색"> <input type="submit" class="btn_submit" value="검색">
</form> </form>
@ -104,236 +107,243 @@ $colspan = 16;
<form name="fmemberlist" id="fmemberlist" action="./member_list_update.php" onsubmit="return fmemberlist_submit(this);" method="post"> <form name="fmemberlist" id="fmemberlist" action="./member_list_update.php" onsubmit="return fmemberlist_submit(this);" method="post">
<input type="hidden" name="sst" value="<?php echo $sst ?>"> <input type="hidden" name="sst" value="<?php echo $sst ?>">
<input type="hidden" name="sod" value="<?php echo $sod ?>"> <input type="hidden" name="sod" value="<?php echo $sod ?>">
<input type="hidden" name="sfl" value="<?php echo $sfl ?>"> <input type="hidden" name="sfl" value="<?php echo $sfl ?>">
<input type="hidden" name="stx" value="<?php echo $stx ?>"> <input type="hidden" name="stx" value="<?php echo $stx ?>">
<input type="hidden" name="page" value="<?php echo $page ?>"> <input type="hidden" name="page" value="<?php echo $page ?>">
<input type="hidden" name="token" value=""> <input type="hidden" name="token" value="">
<div class="tbl_head01 tbl_wrap"> <div class="tbl_head01 tbl_wrap">
<table> <table>
<caption><?php echo $g5['title']; ?> 목록</caption> <caption><?php echo $g5['title']; ?> 목록</caption>
<thead> <thead>
<tr> <tr>
<th scope="col" id="mb_list_chk" rowspan="2" > <th scope="col" id="mb_list_chk" rowspan="2">
<label for="chkall" class="sound_only">회원 전체</label> <label for="chkall" class="sound_only">회원 전체</label>
<input type="checkbox" name="chkall" value="1" id="chkall" onclick="check_all(this.form)"> <input type="checkbox" name="chkall" value="1" id="chkall" onclick="check_all(this.form)">
</th> </th>
<th scope="col" id="mb_list_id" colspan="2"><?php echo subject_sort_link('mb_id') ?>아이디</a></th> <th scope="col" id="mb_list_id" colspan="2"><?php echo subject_sort_link('mb_id') ?>아이디</a></th>
<th scope="col" rowspan="2" id="mb_list_cert"><?php echo subject_sort_link('mb_certify', '', 'desc') ?>본인확인</a></th> <th scope="col" rowspan="2" id="mb_list_cert"><?php echo subject_sort_link('mb_certify', '', 'desc') ?>본인확인</a></th>
<th scope="col" id="mb_list_mailc"><?php echo subject_sort_link('mb_email_certify', '', 'desc') ?>메일인증</a></th> <th scope="col" id="mb_list_mailc"><?php echo subject_sort_link('mb_email_certify', '', 'desc') ?>메일인증</a></th>
<th scope="col" id="mb_list_open"><?php echo subject_sort_link('mb_open', '', 'desc') ?>정보공개</a></th> <th scope="col" id="mb_list_open"><?php echo subject_sort_link('mb_open', '', 'desc') ?>정보공개</a></th>
<th scope="col" id="mb_list_mailr"><?php echo subject_sort_link('mb_mailling', '', 'desc') ?>메일수신</a></th> <th scope="col" id="mb_list_mailr"><?php echo subject_sort_link('mb_mailling', '', 'desc') ?>메일수신</a></th>
<th scope="col" id="mb_list_auth">상태</th> <th scope="col" id="mb_list_auth">상태</th>
<th scope="col" id="mb_list_mobile">휴대폰</th> <th scope="col" id="mb_list_mobile">휴대폰</th>
<th scope="col" id="mb_list_lastcall"><?php echo subject_sort_link('mb_today_login', '', 'desc') ?>최종접속</a></th> <th scope="col" id="mb_list_lastcall"><?php echo subject_sort_link('mb_today_login', '', 'desc') ?>최종접속</a></th>
<th scope="col" id="mb_list_grp">접근그룹</th> <th scope="col" id="mb_list_grp">접근그룹</th>
<th scope="col" rowspan="2" id="mb_list_mng">관리</th> <th scope="col" rowspan="2" id="mb_list_mng">관리</th>
</tr> </tr>
<tr> <tr>
<th scope="col" id="mb_list_name"><?php echo subject_sort_link('mb_name') ?>이름</a></th> <th scope="col" id="mb_list_name"><?php echo subject_sort_link('mb_name') ?>이름</a></th>
<th scope="col" id="mb_list_nick"><?php echo subject_sort_link('mb_nick') ?>닉네임</a></th> <th scope="col" id="mb_list_nick"><?php echo subject_sort_link('mb_nick') ?>닉네임</a></th>
<th scope="col" id="mb_list_sms"><?php echo subject_sort_link('mb_sms', '', 'desc') ?>SMS수신</a></th> <th scope="col" id="mb_list_sms"><?php echo subject_sort_link('mb_sms', '', 'desc') ?>SMS수신</a></th>
<th scope="col" id="mb_list_adultc"><?php echo subject_sort_link('mb_adult', '', 'desc') ?>성인인증</a></th> <th scope="col" id="mb_list_adultc"><?php echo subject_sort_link('mb_adult', '', 'desc') ?>성인인증</a></th>
<th scope="col" id="mb_list_auth"><?php echo subject_sort_link('mb_intercept_date', '', 'desc') ?>접근차단</a></th> <th scope="col" id="mb_list_auth"><?php echo subject_sort_link('mb_intercept_date', '', 'desc') ?>접근차단</a></th>
<th scope="col" id="mb_list_deny"><?php echo subject_sort_link('mb_level', '', 'desc') ?>권한</a></th> <th scope="col" id="mb_list_deny"><?php echo subject_sort_link('mb_level', '', 'desc') ?>권한</a></th>
<th scope="col" id="mb_list_tel">전화번호</th> <th scope="col" id="mb_list_tel">전화번호</th>
<th scope="col" id="mb_list_join"><?php echo subject_sort_link('mb_datetime', '', 'desc') ?>가입일</a></th> <th scope="col" id="mb_list_join"><?php echo subject_sort_link('mb_datetime', '', 'desc') ?>가입일</a></th>
<th scope="col" id="mb_list_point"><?php echo subject_sort_link('mb_point', '', 'desc') ?> 포인트</a></th> <th scope="col" id="mb_list_point"><?php echo subject_sort_link('mb_point', '', 'desc') ?> 포인트</a></th>
</tr> </tr>
</thead> </thead>
<tbody> <tbody>
<?php <?php
for ($i=0; $row=sql_fetch_array($result); $i++) { for ($i = 0; $row = sql_fetch_array($result); $i++) {
// 접근가능한 그룹수 // 접근가능한 그룹수
$sql2 = " select count(*) as cnt from {$g5['group_member_table']} where mb_id = '{$row['mb_id']}' "; $sql2 = " select count(*) as cnt from {$g5['group_member_table']} where mb_id = '{$row['mb_id']}' ";
$row2 = sql_fetch($sql2); $row2 = sql_fetch($sql2);
$group = ''; $group = '';
if ($row2['cnt']) if ($row2['cnt']) {
$group = '<a href="./boardgroupmember_form.php?mb_id='.$row['mb_id'].'">'.$row2['cnt'].'</a>'; $group = '<a href="./boardgroupmember_form.php?mb_id=' . $row['mb_id'] . '">' . $row2['cnt'] . '</a>';
if ($is_admin == 'group') {
$s_mod = '';
} else {
$s_mod = '<a href="./member_form.php?'.$qstr.'&amp;w=u&amp;mb_id='.$row['mb_id'].'" class="btn btn_03">수정</a>';
}
$s_grp = '<a href="./boardgroupmember_form.php?mb_id='.$row['mb_id'].'" class="btn btn_02">그룹</a>';
$leave_date = $row['mb_leave_date'] ? $row['mb_leave_date'] : date('Ymd', G5_SERVER_TIME);
$intercept_date = $row['mb_intercept_date'] ? $row['mb_intercept_date'] : date('Ymd', G5_SERVER_TIME);
$mb_nick = get_sideview($row['mb_id'], get_text($row['mb_nick']), $row['mb_email'], $row['mb_homepage']);
$mb_id = $row['mb_id'];
$leave_msg = '';
$intercept_msg = '';
$intercept_title = '';
if ($row['mb_leave_date']) {
$mb_id = $mb_id;
$leave_msg = '<span class="mb_leave_msg">탈퇴함</span>';
}
else if ($row['mb_intercept_date']) {
$mb_id = $mb_id;
$intercept_msg = '<span class="mb_intercept_msg">차단됨</span>';
$intercept_title = '차단해제';
}
if ($intercept_title == '')
$intercept_title = '차단하기';
$address = $row['mb_zip1'] ? print_address($row['mb_addr1'], $row['mb_addr2'], $row['mb_addr3'], $row['mb_addr_jibeon']) : '';
$bg = 'bg'.($i%2);
switch($row['mb_certify']) {
case 'hp':
$mb_certify_case = '휴대폰';
$mb_certify_val = 'hp';
break;
case 'ipin':
$mb_certify_case = '아이핀';
$mb_certify_val = '';
break;
case 'simple':
$mb_certify_case = '간편인증';
$mb_certify_val = '';
break;
case 'admin':
$mb_certify_case = '관리자';
$mb_certify_val = 'admin';
break;
default:
$mb_certify_case = '&nbsp;';
$mb_certify_val = 'admin';
break;
}
?>
<tr class="<?php echo $bg; ?>">
<td headers="mb_list_chk" class="td_chk" rowspan="2">
<input type="hidden" name="mb_id[<?php echo $i ?>]" value="<?php echo $row['mb_id'] ?>" id="mb_id_<?php echo $i ?>">
<label for="chk_<?php echo $i; ?>" class="sound_only"><?php echo get_text($row['mb_name']); ?> <?php echo get_text($row['mb_nick']); ?>님</label>
<input type="checkbox" name="chk[]" value="<?php echo $i ?>" id="chk_<?php echo $i ?>">
</td>
<td headers="mb_list_id" colspan="2" class="td_name sv_use">
<?php echo $mb_id ?>
<?php
//소셜계정이 있다면
if(function_exists('social_login_link_account')){
if( $my_social_accounts = social_login_link_account($row['mb_id'], false, 'get_data') ){
echo '<div class="member_social_provider sns-wrap-over sns-wrap-32">';
foreach( (array) $my_social_accounts as $account){ //반복문
if( empty($account) || empty($account['provider']) ) continue;
$provider = strtolower($account['provider']);
$provider_name = social_get_provider_service_name($provider);
echo '<span class="sns-icon sns-'.$provider.'" title="'.$provider_name.'">';
echo '<span class="ico"></span>';
echo '<span class="txt">'.$provider_name.'</span>';
echo '</span>';
} }
echo '</div>';
if ($is_admin == 'group') {
$s_mod = '';
} else {
$s_mod = '<a href="./member_form.php?' . $qstr . '&amp;w=u&amp;mb_id=' . $row['mb_id'] . '" class="btn btn_03">수정</a>';
}
$s_grp = '<a href="./boardgroupmember_form.php?mb_id=' . $row['mb_id'] . '" class="btn btn_02">그룹</a>';
$leave_date = $row['mb_leave_date'] ? $row['mb_leave_date'] : date('Ymd', G5_SERVER_TIME);
$intercept_date = $row['mb_intercept_date'] ? $row['mb_intercept_date'] : date('Ymd', G5_SERVER_TIME);
$mb_nick = get_sideview($row['mb_id'], get_text($row['mb_nick']), $row['mb_email'], $row['mb_homepage']);
$mb_id = $row['mb_id'];
$leave_msg = '';
$intercept_msg = '';
$intercept_title = '';
if ($row['mb_leave_date']) {
$mb_id = $mb_id;
$leave_msg = '<span class="mb_leave_msg">탈퇴함</span>';
} elseif ($row['mb_intercept_date']) {
$mb_id = $mb_id;
$intercept_msg = '<span class="mb_intercept_msg">차단됨</span>';
$intercept_title = '차단해제';
}
if ($intercept_title == '') {
$intercept_title = '차단하기';
}
$address = $row['mb_zip1'] ? print_address($row['mb_addr1'], $row['mb_addr2'], $row['mb_addr3'], $row['mb_addr_jibeon']) : '';
$bg = 'bg' . ($i % 2);
switch ($row['mb_certify']) {
case 'hp':
$mb_certify_case = '휴대폰';
$mb_certify_val = 'hp';
break;
case 'ipin':
$mb_certify_case = '아이핀';
$mb_certify_val = '';
break;
case 'simple':
$mb_certify_case = '간편인증';
$mb_certify_val = '';
break;
case 'admin':
$mb_certify_case = '관리자';
$mb_certify_val = 'admin';
break;
default:
$mb_certify_case = '&nbsp;';
$mb_certify_val = 'admin';
break;
}
?>
<tr class="<?php echo $bg; ?>">
<td headers="mb_list_chk" class="td_chk" rowspan="2">
<input type="hidden" name="mb_id[<?php echo $i ?>]" value="<?php echo $row['mb_id'] ?>" id="mb_id_<?php echo $i ?>">
<label for="chk_<?php echo $i; ?>" class="sound_only"><?php echo get_text($row['mb_name']); ?> <?php echo get_text($row['mb_nick']); ?>님</label>
<input type="checkbox" name="chk[]" value="<?php echo $i ?>" id="chk_<?php echo $i ?>">
</td>
<td headers="mb_list_id" colspan="2" class="td_name sv_use">
<?php echo $mb_id ?>
<?php
//소셜계정이 있다면
if (function_exists('social_login_link_account')) {
if ($my_social_accounts = social_login_link_account($row['mb_id'], false, 'get_data')) {
echo '<div class="member_social_provider sns-wrap-over sns-wrap-32">';
foreach ((array) $my_social_accounts as $account) { //반복문
if (empty($account) || empty($account['provider'])) {
continue;
}
$provider = strtolower($account['provider']);
$provider_name = social_get_provider_service_name($provider);
echo '<span class="sns-icon sns-' . $provider . '" title="' . $provider_name . '">';
echo '<span class="ico"></span>';
echo '<span class="txt">' . $provider_name . '</span>';
echo '</span>';
}
echo '</div>';
}
}
?>
</td>
<td headers="mb_list_cert" rowspan="2" class="td_mbcert">
<input type="radio" name="mb_certify[<?php echo $i; ?>]" value="simple" id="mb_certify_sa_<?php echo $i; ?>" <?php echo $row['mb_certify'] == 'simple' ? 'checked' : ''; ?>>
<label for="mb_certify_sa_<?php echo $i; ?>">간편인증</label><br>
<input type="radio" name="mb_certify[<?php echo $i; ?>]" value="hp" id="mb_certify_hp_<?php echo $i; ?>" <?php echo $row['mb_certify'] == 'hp' ? 'checked' : ''; ?>>
<label for="mb_certify_hp_<?php echo $i; ?>">휴대폰</label><br>
<input type="radio" name="mb_certify[<?php echo $i; ?>]" value="ipin" id="mb_certify_ipin_<?php echo $i; ?>" <?php echo $row['mb_certify'] == 'ipin' ? 'checked' : ''; ?>>
<label for="mb_certify_ipin_<?php echo $i; ?>">아이핀</label>
</td>
<td headers="mb_list_mailc"><?php echo preg_match('/[1-9]/', $row['mb_email_certify']) ? '<span class="txt_true">Yes</span>' : '<span class="txt_false">No</span>'; ?></td>
<td headers="mb_list_open">
<label for="mb_open_<?php echo $i; ?>" class="sound_only">정보공개</label>
<input type="checkbox" name="mb_open[<?php echo $i; ?>]" <?php echo $row['mb_open'] ? 'checked' : ''; ?> value="1" id="mb_open_<?php echo $i; ?>">
</td>
<td headers="mb_list_mailr">
<label for="mb_mailling_<?php echo $i; ?>" class="sound_only">메일수신</label>
<input type="checkbox" name="mb_mailling[<?php echo $i; ?>]" <?php echo $row['mb_mailling'] ? 'checked' : ''; ?> value="1" id="mb_mailling_<?php echo $i; ?>">
</td>
<td headers="mb_list_auth" class="td_mbstat">
<?php
if ($leave_msg || $intercept_msg) {
echo $leave_msg . ' ' . $intercept_msg;
} else {
echo "정상";
}
?>
</td>
<td headers="mb_list_mobile" class="td_tel"><?php echo get_text($row['mb_hp']); ?></td>
<td headers="mb_list_lastcall" class="td_date"><?php echo substr($row['mb_today_login'], 2, 8); ?></td>
<td headers="mb_list_grp" class="td_numsmall"><?php echo $group ?></td>
<td headers="mb_list_mng" rowspan="2" class="td_mng td_mng_s"><?php echo $s_mod ?><?php echo $s_grp ?></td>
</tr>
<tr class="<?php echo $bg; ?>">
<td headers="mb_list_name" class="td_mbname"><?php echo get_text($row['mb_name']); ?></td>
<td headers="mb_list_nick" class="td_name sv_use">
<div><?php echo $mb_nick ?></div>
</td>
<td headers="mb_list_sms">
<label for="mb_sms_<?php echo $i; ?>" class="sound_only">SMS수신</label>
<input type="checkbox" name="mb_sms[<?php echo $i; ?>]" <?php echo $row['mb_sms'] ? 'checked' : ''; ?> value="1" id="mb_sms_<?php echo $i; ?>">
</td>
<td headers="mb_list_adultc">
<label for="mb_adult_<?php echo $i; ?>" class="sound_only">성인인증</label>
<input type="checkbox" name="mb_adult[<?php echo $i; ?>]" <?php echo $row['mb_adult'] ? 'checked' : ''; ?> value="1" id="mb_adult_<?php echo $i; ?>">
</td>
<td headers="mb_list_deny">
<?php if (empty($row['mb_leave_date'])) { ?>
<input type="checkbox" name="mb_intercept_date[<?php echo $i; ?>]" <?php echo $row['mb_intercept_date'] ? 'checked' : ''; ?> value="<?php echo $intercept_date ?>" id="mb_intercept_date_<?php echo $i ?>" title="<?php echo $intercept_title ?>">
<label for="mb_intercept_date_<?php echo $i; ?>" class="sound_only">접근차단</label>
<?php } ?>
</td>
<td headers="mb_list_auth" class="td_mbstat">
<?php echo get_member_level_select("mb_level[$i]", 1, $member['mb_level'], $row['mb_level']) ?>
</td>
<td headers="mb_list_tel" class="td_tel"><?php echo get_text($row['mb_tel']); ?></td>
<td headers="mb_list_join" class="td_date"><?php echo substr($row['mb_datetime'], 2, 8); ?></td>
<td headers="mb_list_point" class="td_num"><a href="point_list.php?sfl=mb_id&amp;stx=<?php echo $row['mb_id'] ?>"><?php echo number_format($row['mb_point']) ?></a></td>
</tr>
<?php
} }
} if ($i == 0) {
?> echo "<tr><td colspan=\"" . $colspan . "\" class=\"empty_table\">자료가 없습니다.</td></tr>";
</td> }
<td headers="mb_list_cert" rowspan="2" class="td_mbcert"> ?>
<input type="radio" name="mb_certify[<?php echo $i; ?>]" value="simple" id="mb_certify_sa_<?php echo $i; ?>" <?php echo $row['mb_certify']=='simple'?'checked':''; ?>> </tbody>
<label for="mb_certify_sa_<?php echo $i; ?>">간편인증</label><br> </table>
<input type="radio" name="mb_certify[<?php echo $i; ?>]" value="hp" id="mb_certify_hp_<?php echo $i; ?>" <?php echo $row['mb_certify']=='hp'?'checked':''; ?>> </div>
<label for="mb_certify_hp_<?php echo $i; ?>">휴대폰</label><br>
<input type="radio" name="mb_certify[<?php echo $i; ?>]" value="ipin" id="mb_certify_ipin_<?php echo $i; ?>" <?php echo $row['mb_certify']=='ipin'?'checked':''; ?>>
<label for="mb_certify_ipin_<?php echo $i; ?>">아이핀</label>
</td>
<td headers="mb_list_mailc"><?php echo preg_match('/[1-9]/', $row['mb_email_certify'])?'<span class="txt_true">Yes</span>':'<span class="txt_false">No</span>'; ?></td>
<td headers="mb_list_open">
<label for="mb_open_<?php echo $i; ?>" class="sound_only">정보공개</label>
<input type="checkbox" name="mb_open[<?php echo $i; ?>]" <?php echo $row['mb_open']?'checked':''; ?> value="1" id="mb_open_<?php echo $i; ?>">
</td>
<td headers="mb_list_mailr">
<label for="mb_mailling_<?php echo $i; ?>" class="sound_only">메일수신</label>
<input type="checkbox" name="mb_mailling[<?php echo $i; ?>]" <?php echo $row['mb_mailling']?'checked':''; ?> value="1" id="mb_mailling_<?php echo $i; ?>">
</td>
<td headers="mb_list_auth" class="td_mbstat">
<?php
if ($leave_msg || $intercept_msg) echo $leave_msg.' '.$intercept_msg;
else echo "정상";
?>
</td>
<td headers="mb_list_mobile" class="td_tel"><?php echo get_text($row['mb_hp']); ?></td>
<td headers="mb_list_lastcall" class="td_date"><?php echo substr($row['mb_today_login'],2,8); ?></td>
<td headers="mb_list_grp" class="td_numsmall"><?php echo $group ?></td>
<td headers="mb_list_mng" rowspan="2" class="td_mng td_mng_s"><?php echo $s_mod ?><?php echo $s_grp ?></td>
</tr>
<tr class="<?php echo $bg; ?>">
<td headers="mb_list_name" class="td_mbname"><?php echo get_text($row['mb_name']); ?></td>
<td headers="mb_list_nick" class="td_name sv_use"><div><?php echo $mb_nick ?></div></td>
<td headers="mb_list_sms">
<label for="mb_sms_<?php echo $i; ?>" class="sound_only">SMS수신</label>
<input type="checkbox" name="mb_sms[<?php echo $i; ?>]" <?php echo $row['mb_sms']?'checked':''; ?> value="1" id="mb_sms_<?php echo $i; ?>">
</td>
<td headers="mb_list_adultc">
<label for="mb_adult_<?php echo $i; ?>" class="sound_only">성인인증</label>
<input type="checkbox" name="mb_adult[<?php echo $i; ?>]" <?php echo $row['mb_adult']?'checked':''; ?> value="1" id="mb_adult_<?php echo $i; ?>">
</td>
<td headers="mb_list_deny">
<?php if(empty($row['mb_leave_date'])){ ?>
<input type="checkbox" name="mb_intercept_date[<?php echo $i; ?>]" <?php echo $row['mb_intercept_date']?'checked':''; ?> value="<?php echo $intercept_date ?>" id="mb_intercept_date_<?php echo $i ?>" title="<?php echo $intercept_title ?>">
<label for="mb_intercept_date_<?php echo $i; ?>" class="sound_only">접근차단</label>
<?php } ?>
</td>
<td headers="mb_list_auth" class="td_mbstat">
<?php echo get_member_level_select("mb_level[$i]", 1, $member['mb_level'], $row['mb_level']) ?>
</td>
<td headers="mb_list_tel" class="td_tel"><?php echo get_text($row['mb_tel']); ?></td>
<td headers="mb_list_join" class="td_date"><?php echo substr($row['mb_datetime'],2,8); ?></td>
<td headers="mb_list_point" class="td_num"><a href="point_list.php?sfl=mb_id&amp;stx=<?php echo $row['mb_id'] ?>"><?php echo number_format($row['mb_point']) ?></a></td>
</tr> <div class="btn_fixed_top">
<input type="submit" name="act_button" value="선택수정" onclick="document.pressed=this.value" class="btn btn_02">
<input type="submit" name="act_button" value="선택삭제" onclick="document.pressed=this.value" class="btn btn_02">
<?php if ($is_admin == 'super') { ?>
<a href="./member_form.php" id="member_add" class="btn btn_01">회원추가</a>
<?php } ?>
<?php </div>
}
if ($i == 0)
echo "<tr><td colspan=\"".$colspan."\" class=\"empty_table\">자료가 없습니다.</td></tr>";
?>
</tbody>
</table>
</div>
<div class="btn_fixed_top">
<input type="submit" name="act_button" value="선택수정" onclick="document.pressed=this.value" class="btn btn_02">
<input type="submit" name="act_button" value="선택삭제" onclick="document.pressed=this.value" class="btn btn_02">
<?php if ($is_admin == 'super') { ?>
<a href="./member_form.php" id="member_add" class="btn btn_01">회원추가</a>
<?php } ?>
</div>
</form> </form>
<?php echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, '?'.$qstr.'&amp;page='); ?> <?php echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, '?' . $qstr . '&amp;page='); ?>
<script> <script>
function fmemberlist_submit(f) function fmemberlist_submit(f) {
{ if (!is_checked("chk[]")) {
if (!is_checked("chk[]")) { alert(document.pressed + " 하실 항목을 하나 이상 선택하세요.");
alert(document.pressed+" 하실 항목을 하나 이상 선택하세요.");
return false;
}
if(document.pressed == "선택삭제") {
if(!confirm("선택한 자료를 정말 삭제하시겠습니까?")) {
return false; return false;
} }
}
return true; if (document.pressed == "선택삭제") {
} if (!confirm("선택한 자료를 정말 삭제하시겠습니까?")) {
return false;
}
}
return true;
}
</script> </script>
<?php <?php
include_once ('./admin.tail.php'); require_once './admin.tail.php';

16
adm/member_list_delete.php
View File

@ -1,6 +1,6 @@
<?php <?php
$sub_menu = "200100"; $sub_menu = "200100";
include_once("./_common.php"); require_once "./_common.php";
check_demo(); check_demo();
@ -9,8 +9,7 @@ auth_check_menu($auth, $sub_menu, "d");
check_admin_token(); check_admin_token();
$msg = ""; $msg = "";
for ($i=0; $i<count($chk); $i++) for ($i = 0; $i < count($chk); $i++) {
{
// 실제 번호를 넘김 // 실제 번호를 넘김
$k = $_POST['chk'][$i]; $k = $_POST['chk'][$i];
@ -18,11 +17,11 @@ for ($i=0; $i<count($chk); $i++)
if (!$mb['mb_id']) { if (!$mb['mb_id']) {
$msg .= "{$mb['mb_id']} : 회원자료가 존재하지 않습니다.\\n"; $msg .= "{$mb['mb_id']} : 회원자료가 존재하지 않습니다.\\n";
} else if ($member['mb_id'] == $mb['mb_id']) { } elseif ($member['mb_id'] == $mb['mb_id']) {
$msg .= "{$mb['mb_id']} : 로그인 중인 관리자는 삭제 할 수 없습니다.\\n"; $msg .= "{$mb['mb_id']} : 로그인 중인 관리자는 삭제 할 수 없습니다.\\n";
} else if (is_admin($mb['mb_id']) == "super") { } elseif (is_admin($mb['mb_id']) == "super") {
$msg .= "{$mb['mb_id']} : 최고 관리자는 삭제할 수 없습니다.\\n"; $msg .= "{$mb['mb_id']} : 최고 관리자는 삭제할 수 없습니다.\\n";
} else if ($is_admin != "super" && $mb['mb_level'] >= $member['mb_level']) { } elseif ($is_admin != "super" && $mb['mb_level'] >= $member['mb_level']) {
$msg .= "{$mb['mb_id']} : 자신보다 권한이 높거나 같은 회원은 삭제할 수 없습니다.\\n"; $msg .= "{$mb['mb_id']} : 자신보다 권한이 높거나 같은 회원은 삭제할 수 없습니다.\\n";
} else { } else {
// 회원자료 삭제 // 회원자료 삭제
@ -30,7 +29,8 @@ for ($i=0; $i<count($chk); $i++)
} }
} }
if ($msg) if ($msg) {
echo "<script type='text/javascript'> alert('$msg'); </script>"; echo "<script type='text/javascript'> alert('$msg'); </script>";
}
goto_url("./member_list.php?$qstr"); goto_url("./member_list.php?$qstr");

69
adm/member_list_update.php
View File

@ -1,11 +1,11 @@
<?php <?php
$sub_menu = "200100"; $sub_menu = "200100";
include_once('./_common.php'); require_once './_common.php';
check_demo(); check_demo();
if (! (isset($_POST['chk']) && is_array($_POST['chk']))) { if (!(isset($_POST['chk']) && is_array($_POST['chk']))) {
alert($_POST['act_button']." 하실 항목을 하나 이상 체크하세요."); alert($_POST['act_button'] . " 하실 항목을 하나 이상 체크하세요.");
} }
auth_check_menu($auth, $sub_menu, 'w'); auth_check_menu($auth, $sub_menu, 'w');
@ -16,12 +16,10 @@ $mb_datas = array();
$msg = ''; $msg = '';
if ($_POST['act_button'] == "선택수정") { if ($_POST['act_button'] == "선택수정") {
for ($i = 0; $i < count($_POST['chk']); $i++) {
for ($i=0; $i<count($_POST['chk']); $i++)
{
// 실제 번호를 넘김 // 실제 번호를 넘김
$k = isset($_POST['chk'][$i]) ? (int) $_POST['chk'][$i] : 0; $k = isset($_POST['chk'][$i]) ? (int) $_POST['chk'][$i] : 0;
$post_mb_certify = (isset($_POST['mb_certify'][$k]) && $_POST['mb_certify'][$k]) ? clean_xss_tags($_POST['mb_certify'][$k], 1, 1, 20) : ''; $post_mb_certify = (isset($_POST['mb_certify'][$k]) && $_POST['mb_certify'][$k]) ? clean_xss_tags($_POST['mb_certify'][$k], 1, 1, 20) : '';
$post_mb_level = isset($_POST['mb_level'][$k]) ? (int) $_POST['mb_level'][$k] : 0; $post_mb_level = isset($_POST['mb_level'][$k]) ? (int) $_POST['mb_level'][$k] : 0;
$post_mb_intercept_date = (isset($_POST['mb_intercept_date'][$k]) && $_POST['mb_intercept_date'][$k]) ? clean_xss_tags($_POST['mb_intercept_date'][$k], 1, 1, 8) : ''; $post_mb_intercept_date = (isset($_POST['mb_intercept_date'][$k]) && $_POST['mb_intercept_date'][$k]) ? clean_xss_tags($_POST['mb_intercept_date'][$k], 1, 1, 8) : '';
@ -31,48 +29,46 @@ if ($_POST['act_button'] == "선택수정") {
$mb_datas[] = $mb = get_member($_POST['mb_id'][$k]); $mb_datas[] = $mb = get_member($_POST['mb_id'][$k]);
if (! (isset($mb['mb_id']) && $mb['mb_id'])) { if (!(isset($mb['mb_id']) && $mb['mb_id'])) {
$msg .= $mb['mb_id'].' : 회원자료가 존재하지 않습니다.\\n'; $msg .= $mb['mb_id'] . ' : 회원자료가 존재하지 않습니다.\\n';
} else if ($is_admin != 'super' && $mb['mb_level'] >= $member['mb_level']) { } elseif ($is_admin != 'super' && $mb['mb_level'] >= $member['mb_level']) {
$msg .= $mb['mb_id'].' : 자신보다 권한이 높거나 같은 회원은 수정할 수 없습니다.\\n'; $msg .= $mb['mb_id'] . ' : 자신보다 권한이 높거나 같은 회원은 수정할 수 없습니다.\\n';
} else if ($member['mb_id'] == $mb['mb_id']) { } elseif ($member['mb_id'] == $mb['mb_id']) {
$msg .= $mb['mb_id'].' : 로그인 중인 관리자는 수정 할 수 없습니다.\\n'; $msg .= $mb['mb_id'] . ' : 로그인 중인 관리자는 수정 할 수 없습니다.\\n';
} else { } else {
if($post_mb_certify) if ($post_mb_certify) {
$mb_adult = isset($_POST['mb_adult'][$k]) ? (int) $_POST['mb_adult'][$k] : 0; $mb_adult = isset($_POST['mb_adult'][$k]) ? (int) $_POST['mb_adult'][$k] : 0;
else } else {
$mb_adult = 0; $mb_adult = 0;
}
$sql = " update {$g5['member_table']} $sql = " update {$g5['member_table']}
set mb_level = '".$post_mb_level."', set mb_level = '" . $post_mb_level . "',
mb_intercept_date = '".sql_real_escape_string($post_mb_intercept_date)."', mb_intercept_date = '" . sql_real_escape_string($post_mb_intercept_date) . "',
mb_mailling = '".$post_mb_mailling."', mb_mailling = '" . $post_mb_mailling . "',
mb_sms = '".$post_mb_sms."', mb_sms = '" . $post_mb_sms . "',
mb_open = '".$post_mb_open."', mb_open = '" . $post_mb_open . "',
mb_certify = '".sql_real_escape_string($post_mb_certify)."', mb_certify = '" . sql_real_escape_string($post_mb_certify) . "',
mb_adult = '{$mb_adult}' mb_adult = '{$mb_adult}'
where mb_id = '".sql_real_escape_string($mb['mb_id'])."' "; where mb_id = '" . sql_real_escape_string($mb['mb_id']) . "' ";
sql_query($sql); sql_query($sql);
} }
} }
} elseif ($_POST['act_button'] == "선택삭제") {
} else if ($_POST['act_button'] == "선택삭제") { for ($i = 0; $i < count($_POST['chk']); $i++) {
for ($i=0; $i<count($_POST['chk']); $i++)
{
// 실제 번호를 넘김 // 실제 번호를 넘김
$k = isset($_POST['chk'][$i]) ? (int) $_POST['chk'][$i] : 0; $k = isset($_POST['chk'][$i]) ? (int) $_POST['chk'][$i] : 0;
$mb_datas[] = $mb = get_member($_POST['mb_id'][$k]); $mb_datas[] = $mb = get_member($_POST['mb_id'][$k]);
if (!$mb['mb_id']) { if (!$mb['mb_id']) {
$msg .= $mb['mb_id'].' : 회원자료가 존재하지 않습니다.\\n'; $msg .= $mb['mb_id'] . ' : 회원자료가 존재하지 않습니다.\\n';
} else if ($member['mb_id'] == $mb['mb_id']) { } elseif ($member['mb_id'] == $mb['mb_id']) {
$msg .= $mb['mb_id'].' : 로그인 중인 관리자는 삭제 할 수 없습니다.\\n'; $msg .= $mb['mb_id'] . ' : 로그인 중인 관리자는 삭제 할 수 없습니다.\\n';
} else if (is_admin($mb['mb_id']) == 'super') { } elseif (is_admin($mb['mb_id']) == 'super') {
$msg .= $mb['mb_id'].' : 최고 관리자는 삭제할 수 없습니다.\\n'; $msg .= $mb['mb_id'] . ' : 최고 관리자는 삭제할 수 없습니다.\\n';
} else if ($is_admin != 'super' && $mb['mb_level'] >= $member['mb_level']) { } elseif ($is_admin != 'super' && $mb['mb_level'] >= $member['mb_level']) {
$msg .= $mb['mb_id'].' : 자신보다 권한이 높거나 같은 회원은 삭제할 수 없습니다.\\n'; $msg .= $mb['mb_id'] . ' : 자신보다 권한이 높거나 같은 회원은 삭제할 수 없습니다.\\n';
} else { } else {
// 회원자료 삭제 // 회원자료 삭제
member_delete($mb['mb_id']); member_delete($mb['mb_id']);
@ -80,10 +76,11 @@ if ($_POST['act_button'] == "선택수정") {
} }
} }
if ($msg) if ($msg) {
//echo '<script> alert("'.$msg.'"); </script>'; //echo '<script> alert("'.$msg.'"); </script>';
alert($msg); alert($msg);
}
run_event('admin_member_list_update', $_POST['act_button'], $mb_datas); run_event('admin_member_list_update', $_POST['act_button'], $mb_datas);
goto_url('./member_list.php?'.$qstr); goto_url('./member_list.php?' . $qstr);

306
adm/menu_form.php
View File

@ -1,22 +1,24 @@
<?php <?php
$sub_menu = "100290"; $sub_menu = "100290";
include_once('./_common.php'); require_once './_common.php';
if ($is_admin != 'super') if ($is_admin != 'super') {
alert_close('최고관리자만 접근 가능합니다.'); alert_close('최고관리자만 접근 가능합니다.');
}
$g5['title'] = '메뉴 추가'; $g5['title'] = '메뉴 추가';
include_once(G5_PATH.'/head.sub.php'); require_once G5_PATH . '/head.sub.php';
$new = isset($_GET['new']) ? clean_xss_tags($_GET['new'], 1, 1) : ''; $new = isset($_GET['new']) ? clean_xss_tags($_GET['new'], 1, 1) : '';
$code = isset($_GET['code']) ? preg_replace('/[^0-9a-zA-Z]/', '', $_GET['code']) : ''; $code = isset($_GET['code']) ? (string)preg_replace('/[^0-9a-zA-Z]/', '', $_GET['code']) : '';
// 코드 // 코드
if($new == 'new' || !$code) { if ($new == 'new' || !$code) {
$code = base_convert(substr($code,0, 2), 36, 10); $code = (int)base_convert(substr($code, 0, 2), 36, 10);
$code += 36; $code += 36;
$code = base_convert($code, 10, 36); $code = base_convert((string)$code, 10, 36);
} }
?> ?>
<div id="menu_frm" class="new_win"> <div id="menu_frm" class="new_win">
@ -24,174 +26,174 @@ if($new == 'new' || !$code) {
<form name="fmenuform" id="fmenuform" class="new_win_con"> <form name="fmenuform" id="fmenuform" class="new_win_con">
<div class="new_win_desc"> <div class="new_win_desc">
<label for="me_type">대상선택</label> <label for="me_type">대상선택</label>
<select name="me_type" id="me_type"> <select name="me_type" id="me_type">
<option value="">직접입력</option> <option value="">직접입력</option>
<option value="group">게시판그룹</option> <option value="group">게시판그룹</option>
<option value="board">게시판</option> <option value="board">게시판</option>
<option value="content">내용관리</option> <option value="content">내용관리</option>
</select> </select>
</div> </div>
<div id="menu_result"></div> <div id="menu_result"></div>
</form> </form>
</div> </div>
<script> <script>
$(function() { $(function() {
$("#menu_result").load( $("#menu_result").load(
"./menu_form_search.php" "./menu_form_search.php"
);
function link_checks_all_chage(){
var $links = $(opener.document).find("#menulist input[name='me_link[]']"),
$o_link = $(".td_mngsmall input[name='link[]']"),
hrefs = [],
menu_exist = false;
if( $links.length ){
$links.each(function( index ) {
hrefs.push( $(this).val() );
});
$o_link.each(function( index ) {
if( $.inArray( $(this).val(), hrefs ) != -1 ){
$(this).closest("tr").find("td:eq( 0 )").addClass("exist_menu_link");
menu_exist = true;
}
});
}
if( menu_exist ){
$(".menu_exists_tip").show();
} else {
$(".menu_exists_tip").hide();
}
}
function menu_result_change( type ){
var dfd = new $.Deferred();
$("#menu_result").empty().load(
"./menu_form_search.php",
{ type : type },
function(){
dfd.resolve('Finished');
}
); );
return dfd.promise(); function link_checks_all_chage() {
}
$("#me_type").on("change", function() { var $links = $(opener.document).find("#menulist input[name='me_link[]']"),
var type = $(this).val(); $o_link = $(".td_mngsmall input[name='link[]']"),
hrefs = [],
menu_exist = false;
var promise = menu_result_change( type ); if ($links.length) {
$links.each(function(index) {
hrefs.push($(this).val());
});
$o_link.each(function(index) {
if ($.inArray($(this).val(), hrefs) != -1) {
$(this).closest("tr").find("td:eq( 0 )").addClass("exist_menu_link");
menu_exist = true;
}
});
}
if (menu_exist) {
$(".menu_exists_tip").show();
} else {
$(".menu_exists_tip").hide();
}
}
function menu_result_change(type) {
var dfd = new $.Deferred();
$("#menu_result").empty().load(
"./menu_form_search.php", {
type: type
},
function() {
dfd.resolve('Finished');
}
);
return dfd.promise();
}
$("#me_type").on("change", function() {
var type = $(this).val();
var promise = menu_result_change(type);
promise.done(function(message) {
link_checks_all_chage(type);
});
promise.done(function(message) {
link_checks_all_chage(type);
}); });
$(document).on("click", "#add_manual", function() {
var me_name = $.trim($("#me_name").val());
var me_link = $.trim($("#me_link").val());
add_menu_list(me_name, me_link, "<?php echo $code; ?>");
});
$(document).on("click", ".add_select", function() {
var me_name = $.trim($(this).siblings("input[name='subject[]']").val());
var me_link = $.trim($(this).siblings("input[name='link[]']").val());
add_menu_list(me_name, me_link, "<?php echo $code; ?>");
});
}); });
$(document).on("click", "#add_manual", function() { function add_menu_list(name, link, code) {
var me_name = $.trim($("#me_name").val()); var $menulist = $("#menulist", opener.document);
var me_link = $.trim($("#me_link").val()); var ms = new Date().getTime();
var sub_menu_class;
<?php if ($new == 'new') { ?>
sub_menu_class = " class=\"td_category\"";
<?php } else { ?>
sub_menu_class = " class=\"td_category sub_menu_class\"";
<?php } ?>
add_menu_list(me_name, me_link, "<?php echo $code; ?>"); var list = "<tr class=\"menu_list menu_group_<?php echo $code; ?>\">";
}); list += "<td" + sub_menu_class + ">";
list += "<label for=\"me_name_" + ms + "\" class=\"sound_only\">메뉴<strong class=\"sound_only\"> 필수</strong></label>";
list += "<input type=\"hidden\" name=\"code[]\" value=\"<?php echo $code; ?>\">";
list += "<input type=\"text\" name=\"me_name[]\" value=\"" + name + "\" id=\"me_name_" + ms + "\" required class=\"required frm_input full_input\">";
list += "</td>";
list += "<td>";
list += "<label for=\"me_link_" + ms + "\" class=\"sound_only\">링크<strong class=\"sound_only\"> 필수</strong></label>";
list += "<input type=\"text\" name=\"me_link[]\" value=\"" + link + "\" id=\"me_link_" + ms + "\" required class=\"required frm_input full_input\">";
list += "</td>";
list += "<td class=\"td_mng\">";
list += "<label for=\"me_target_" + ms + "\" class=\"sound_only\">새창</label>";
list += "<select name=\"me_target[]\" id=\"me_target_" + ms + "\">";
list += "<option value=\"self\">사용안함</option>";
list += "<option value=\"blank\">사용함</option>";
list += "</select>";
list += "</td>";
list += "<td class=\"td_numsmall\">";
list += "<label for=\"me_order_" + ms + "\" class=\"sound_only\">순서<strong class=\"sound_only\"> 필수</strong></label>";
list += "<input type=\"text\" name=\"me_order[]\" value=\"0\" id=\"me_order_" + ms + "\" required class=\"required frm_input\" size=\"5\">";
list += "</td>";
list += "<td class=\"td_mngsmall\">";
list += "<label for=\"me_use_" + ms + "\" class=\"sound_only\">PC사용</label>";
list += "<select name=\"me_use[]\" id=\"me_use_" + ms + "\">";
list += "<option value=\"1\">사용함</option>";
list += "<option value=\"0\">사용안함</option>";
list += "</select>";
list += "</td>";
list += "<td class=\"td_mngsmall\">";
list += "<label for=\"me_mobile_use_" + ms + "\" class=\"sound_only\">모바일사용</label>";
list += "<select name=\"me_mobile_use[]\" id=\"me_mobile_use_" + ms + "\">";
list += "<option value=\"1\">사용함</option>";
list += "<option value=\"0\">사용안함</option>";
list += "</select>";
list += "</td>";
list += "<td class=\"td_mng\">";
<?php if ($new == 'new') { ?>
list += "<button type=\"button\" class=\"btn_add_submenu btn_03\">추가</button>\n";
<?php } ?>
list += "<button type=\"button\" class=\"btn_del_menu btn_02\">삭제</button>";
list += "</td>";
list += "</tr>";
$(document).on("click", ".add_select", function() { var $menu_last = null;
var me_name = $.trim($(this).siblings("input[name='subject[]']").val());
var me_link = $.trim($(this).siblings("input[name='link[]']").val());
add_menu_list(me_name, me_link, "<?php echo $code; ?>"); if (code)
}); $menu_last = $menulist.find("tr.menu_group_" + code + ":last");
}); else
$menu_last = $menulist.find("tr.menu_list:last");
function add_menu_list(name, link, code) if ($menu_last.length > 0) {
{ $menu_last.after(list);
var $menulist = $("#menulist", opener.document); } else {
var ms = new Date().getTime(); if ($menulist.find("#empty_menu_list").length > 0)
var sub_menu_class; $menulist.find("#empty_menu_list").remove();
<?php if($new == 'new') { ?>
sub_menu_class = " class=\"td_category\"";
<?php } else { ?>
sub_menu_class = " class=\"td_category sub_menu_class\"";
<?php } ?>
var list = "<tr class=\"menu_list menu_group_<?php echo $code; ?>\">"; $menulist.find("table tbody").append(list);
list += "<td"+sub_menu_class+">"; }
list += "<label for=\"me_name_"+ms+"\" class=\"sound_only\">메뉴<strong class=\"sound_only\"> 필수</strong></label>";
list += "<input type=\"hidden\" name=\"code[]\" value=\"<?php echo $code; ?>\">";
list += "<input type=\"text\" name=\"me_name[]\" value=\""+name+"\" id=\"me_name_"+ms+"\" required class=\"required frm_input full_input\">";
list += "</td>";
list += "<td>";
list += "<label for=\"me_link_"+ms+"\" class=\"sound_only\">링크<strong class=\"sound_only\"> 필수</strong></label>";
list += "<input type=\"text\" name=\"me_link[]\" value=\""+link+"\" id=\"me_link_"+ms+"\" required class=\"required frm_input full_input\">";
list += "</td>";
list += "<td class=\"td_mng\">";
list += "<label for=\"me_target_"+ms+"\" class=\"sound_only\">새창</label>";
list += "<select name=\"me_target[]\" id=\"me_target_"+ms+"\">";
list += "<option value=\"self\">사용안함</option>";
list += "<option value=\"blank\">사용함</option>";
list += "</select>";
list += "</td>";
list += "<td class=\"td_numsmall\">";
list += "<label for=\"me_order_"+ms+"\" class=\"sound_only\">순서<strong class=\"sound_only\"> 필수</strong></label>";
list += "<input type=\"text\" name=\"me_order[]\" value=\"0\" id=\"me_order_"+ms+"\" required class=\"required frm_input\" size=\"5\">";
list += "</td>";
list += "<td class=\"td_mngsmall\">";
list += "<label for=\"me_use_"+ms+"\" class=\"sound_only\">PC사용</label>";
list += "<select name=\"me_use[]\" id=\"me_use_"+ms+"\">";
list += "<option value=\"1\">사용함</option>";
list += "<option value=\"0\">사용안함</option>";
list += "</select>";
list += "</td>";
list += "<td class=\"td_mngsmall\">";
list += "<label for=\"me_mobile_use_"+ms+"\" class=\"sound_only\">모바일사용</label>";
list += "<select name=\"me_mobile_use[]\" id=\"me_mobile_use_"+ms+"\">";
list += "<option value=\"1\">사용함</option>";
list += "<option value=\"0\">사용안함</option>";
list += "</select>";
list += "</td>";
list += "<td class=\"td_mng\">";
<?php if($new == 'new') { ?>
list += "<button type=\"button\" class=\"btn_add_submenu btn_03\">추가</button>\n";
<?php } ?>
list += "<button type=\"button\" class=\"btn_del_menu btn_02\">삭제</button>";
list += "</td>";
list += "</tr>";
var $menu_last = null; $menulist.find("tr.menu_list").each(function(index) {
$(this).removeClass("bg0 bg1")
.addClass("bg" + (index % 2));
});
if(code) window.close();
$menu_last = $menulist.find("tr.menu_group_"+code+":last");
else
$menu_last = $menulist.find("tr.menu_list:last");
if($menu_last.length > 0) {
$menu_last.after(list);
} else {
if($menulist.find("#empty_menu_list").length > 0)
$menulist.find("#empty_menu_list").remove();
$menulist.find("table tbody").append(list);
} }
$menulist.find("tr.menu_list").each(function(index) {
$(this).removeClass("bg0 bg1")
.addClass("bg"+(index % 2));
});
window.close();
}
</script> </script>
<?php <?php
include_once(G5_PATH.'/tail.sub.php'); require_once G5_PATH . '/tail.sub.php';

113
adm/menu_form_search.php
View File

@ -1,12 +1,13 @@
<?php <?php
include_once('./_common.php'); require_once './_common.php';
if ($is_admin != 'super') if ($is_admin != 'super') {
die('최고관리자만 접근 가능합니다.'); die('최고관리자만 접근 가능합니다.');
}
$type = isset($_REQUEST['type']) ? preg_replace('/[^0-9a-z_]/i', '', $_REQUEST['type']) : ''; $type = isset($_REQUEST['type']) ? preg_replace('/[^0-9a-z_]/i', '', $_REQUEST['type']) : '';
switch($type) { switch ($type) {
case 'group': case 'group':
$sql = " select gr_id as id, gr_subject as subject $sql = " select gr_id as id, gr_subject as subject
from {$g5['group_table']} from {$g5['group_table']}
@ -27,32 +28,31 @@ switch($type) {
break; break;
} }
if($sql) { if ($sql) {
$result = sql_query($sql); $result = sql_query($sql);
for($i=0; $row=sql_fetch_array($result); $i++) { for ($i = 0; $row = sql_fetch_array($result); $i++) {
if($i == 0) { if ($i == 0) {
$bbs_subject_title = ($type == 'board') ? '게시판제목' : '제목';
$bbs_subject_title = ($type == 'board') ? '게시판제목' : '제목'; ?>
?>
<div class="tbl_head01 tbl_wrap"> <div class="tbl_head01 tbl_wrap">
<table> <table>
<thead> <thead>
<tr> <tr>
<th scope="col"><?php echo $bbs_subject_title; ?></th> <th scope="col"><?php echo $bbs_subject_title; ?></th>
<?php if($type == 'board'){ ?> <?php if ($type == 'board') { ?>
<th scope="col">게시판 그룹</th> <th scope="col">게시판 그룹</th>
<?php } ?> <?php } ?>
<th scope="col">선택</th> <th scope="col">선택</th>
</tr> </tr>
</thead> </thead>
<tbody> <tbody>
<?php } <?php }
switch($type) { switch ($type) {
case 'group': case 'group':
$link = G5_BBS_URL.'/group.php?gr_id='.$row['id']; $link = G5_BBS_URL . '/group.php?gr_id=' . $row['id'];
break; break;
case 'board': case 'board':
$link = get_pretty_url($row['id']); $link = get_pretty_url($row['id']);
@ -64,26 +64,26 @@ if($sql) {
$link = ''; $link = '';
break; break;
} }
?>
<tr>
<td><?php echo $row['subject']; ?></td>
<?php
if($type == 'board'){
$group = get_call_func_cache('get_group', array($row['gr_id']));
?> ?>
<td><?php echo $group['gr_subject']; ?></td>
<?php } ?>
<td class="td_mngsmall">
<input type="hidden" name="subject[]" value="<?php echo preg_replace('/[\'\"]/', '', $row['subject']); ?>">
<input type="hidden" name="link[]" value="<?php echo $link; ?>">
<button type="button" class="add_select btn btn_03"><span class="sound_only"><?php echo $row['subject']; ?> </span>선택</button>
</td>
</tr>
<?php } ?> <tr>
<td><?php echo $row['subject']; ?></td>
<?php
if ($type == 'board') {
$group = get_call_func_cache('get_group', array($row['gr_id']));
?>
<td><?php echo $group['gr_subject']; ?></td>
<?php } ?>
<td class="td_mngsmall">
<input type="hidden" name="subject[]" value="<?php echo preg_replace('/[\'\"]/', '', $row['subject']); ?>">
<input type="hidden" name="link[]" value="<?php echo $link; ?>">
<button type="button" class="add_select btn btn_03"><span class="sound_only"><?php echo $row['subject']; ?> </span>선택</button>
</td>
</tr>
</tbody> <?php } ?>
</tbody>
</table> </table>
</div> </div>
@ -96,26 +96,25 @@ if($sql) {
</div> </div>
<?php } else { ?> <?php } else { ?>
<div class="tbl_frm01 tbl_wrap"> <div class="tbl_frm01 tbl_wrap">
<table> <table>
<colgroup> <colgroup>
<col class="grid_2"> <col class="grid_2">
<col> <col>
</colgroup> </colgroup>
<tbody> <tbody>
<tr> <tr>
<th scope="row"><label for="me_name">메뉴<strong class="sound_only"> 필수</strong></label></th> <th scope="row"><label for="me_name">메뉴<strong class="sound_only"> 필수</strong></label></th>
<td><input type="text" name="me_name" id="me_name" required class="frm_input required"></td> <td><input type="text" name="me_name" id="me_name" required class="frm_input required"></td>
</tr> </tr>
<tr> <tr>
<th scope="row"><label for="me_link">링크<strong class="sound_only"> 필수</strong></label></th> <th scope="row"><label for="me_link">링크<strong class="sound_only"> 필수</strong></label></th>
<td> <td>
<?php echo help('링크는 http://를 포함해서 입력해 주세요.'); ?> <?php echo help('링크는 http://를 포함해서 입력해 주세요.'); ?>
<input type="text" name="me_link" id="me_link" required class="frm_input full_input required"> <input type="text" name="me_link" id="me_link" required class="frm_input full_input required">
</td> </td>
</tr> </tr>
</tbody> </tbody>
</table> </table>
</div> </div>

329
adm/menu_list.php
View File

@ -1,17 +1,19 @@
<?php <?php
$sub_menu = "100290"; $sub_menu = "100290";
include_once('./_common.php'); require_once './_common.php';
if ($is_admin != 'super') if ($is_admin != 'super') {
alert('최고관리자만 접근 가능합니다.'); alert('최고관리자만 접근 가능합니다.');
}
// 메뉴테이블 생성 // 메뉴테이블 생성
if( !isset($g5['menu_table']) ){ if (!isset($g5['menu_table'])) {
die('<meta charset="utf-8">dbconfig.php 파일에 <strong>$g5[\'menu_table\'] = G5_TABLE_PREFIX.\'menu\';</strong> 를 추가해 주세요.'); die('<meta charset="utf-8">dbconfig.php 파일에 <strong>$g5[\'menu_table\'] = G5_TABLE_PREFIX.\'menu\';</strong> 를 추가해 주세요.');
} }
if(!sql_query(" DESCRIBE {$g5['menu_table']} ", false)) { if (!sql_query(" DESCRIBE {$g5['menu_table']} ", false)) {
sql_query(" CREATE TABLE IF NOT EXISTS `{$g5['menu_table']}` ( sql_query(
" CREATE TABLE IF NOT EXISTS `{$g5['menu_table']}` (
`me_id` int(11) NOT NULL AUTO_INCREMENT, `me_id` int(11) NOT NULL AUTO_INCREMENT,
`me_code` varchar(255) NOT NULL DEFAULT '', `me_code` varchar(255) NOT NULL DEFAULT '',
`me_name` varchar(255) NOT NULL DEFAULT '', `me_name` varchar(255) NOT NULL DEFAULT '',
@ -21,14 +23,16 @@ if(!sql_query(" DESCRIBE {$g5['menu_table']} ", false)) {
`me_use` tinyint(4) NOT NULL DEFAULT '0', `me_use` tinyint(4) NOT NULL DEFAULT '0',
`me_mobile_use` tinyint(4) NOT NULL DEFAULT '0', `me_mobile_use` tinyint(4) NOT NULL DEFAULT '0',
PRIMARY KEY (`me_id`) PRIMARY KEY (`me_id`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 ", true); ) ENGINE=MyISAM DEFAULT CHARSET=utf8 ",
true
);
} }
$sql = " select * from {$g5['menu_table']} order by me_id "; $sql = " select * from {$g5['menu_table']} order by me_id ";
$result = sql_query($sql); $result = sql_query($sql);
$g5['title'] = "메뉴설정"; $g5['title'] = "메뉴설정";
include_once('./admin.head.php'); require_once './admin.head.php';
$colspan = 7; $colspan = 7;
$sub_menu_info = ''; $sub_menu_info = '';
@ -39,181 +43,178 @@ $sub_menu_info = '';
</div> </div>
<form name="fmenulist" id="fmenulist" method="post" action="./menu_list_update.php" onsubmit="return fmenulist_submit(this);"> <form name="fmenulist" id="fmenulist" method="post" action="./menu_list_update.php" onsubmit="return fmenulist_submit(this);">
<input type="hidden" name="token" value=""> <input type="hidden" name="token" value="">
<div id="menulist" class="tbl_head01 tbl_wrap"> <div id="menulist" class="tbl_head01 tbl_wrap">
<table> <table>
<caption><?php echo $g5['title']; ?> 목록</caption> <caption><?php echo $g5['title']; ?> 목록</caption>
<thead> <thead>
<tr> <tr>
<th scope="col">메뉴</th> <th scope="col">메뉴</th>
<th scope="col">링크</th> <th scope="col">링크</th>
<th scope="col">새창</th> <th scope="col">새창</th>
<th scope="col">순서</th> <th scope="col">순서</th>
<th scope="col">PC사용</th> <th scope="col">PC사용</th>
<th scope="col">모바일사용</th> <th scope="col">모바일사용</th>
<th scope="col">관리</th> <th scope="col">관리</th>
</tr> </tr>
</thead> </thead>
<tbody> <tbody>
<?php <?php
for ($i=0; $row=sql_fetch_array($result); $i++) for ($i = 0; $row = sql_fetch_array($result); $i++) {
{ $bg = 'bg' . ($i % 2);
$bg = 'bg'.($i%2); $sub_menu_class = '';
$sub_menu_class = ''; if (strlen($row['me_code']) == 4) {
if(strlen($row['me_code']) == 4) { $sub_menu_class = ' sub_menu_class';
$sub_menu_class = ' sub_menu_class'; $sub_menu_info = '<span class="sound_only">' . $row['me_name'] . '의 서브</span>';
$sub_menu_info = '<span class="sound_only">'.$row['me_name'].'의 서브</span>'; $sub_menu_ico = '<span class="sub_menu_ico"></span>';
$sub_menu_ico = '<span class="sub_menu_ico"></span>'; }
}
$search = array('"', "'"); $search = array('"', "'");
$replace = array('&#034;', '&#039;'); $replace = array('&#034;', '&#039;');
$me_name = str_replace($search, $replace, $row['me_name']); $me_name = str_replace($search, $replace, $row['me_name']);
?> ?>
<tr class="<?php echo $bg; ?> menu_list menu_group_<?php echo substr($row['me_code'], 0, 2); ?>"> <tr class="<?php echo $bg; ?> menu_list menu_group_<?php echo substr($row['me_code'], 0, 2); ?>">
<td class="td_category<?php echo $sub_menu_class; ?>"> <td class="td_category<?php echo $sub_menu_class; ?>">
<input type="hidden" name="code[]" value="<?php echo substr($row['me_code'], 0, 2) ?>"> <input type="hidden" name="code[]" value="<?php echo substr($row['me_code'], 0, 2) ?>">
<label for="me_name_<?php echo $i; ?>" class="sound_only"><?php echo $sub_menu_info; ?> 메뉴<strong class="sound_only"> 필수</strong></label> <label for="me_name_<?php echo $i; ?>" class="sound_only"><?php echo $sub_menu_info; ?> 메뉴<strong class="sound_only"> 필수</strong></label>
<input type="text" name="me_name[]" value="<?php echo get_sanitize_input($me_name); ?>" id="me_name_<?php echo $i; ?>" required class="required tbl_input full_input"> <input type="text" name="me_name[]" value="<?php echo get_sanitize_input($me_name); ?>" id="me_name_<?php echo $i; ?>" required class="required tbl_input full_input">
</td> </td>
<td> <td>
<label for="me_link_<?php echo $i; ?>" class="sound_only">링크<strong class="sound_only"> 필수</strong></label> <label for="me_link_<?php echo $i; ?>" class="sound_only">링크<strong class="sound_only"> 필수</strong></label>
<input type="text" name="me_link[]" value="<?php echo $row['me_link'] ?>" id="me_link_<?php echo $i; ?>" required class="required tbl_input full_input"> <input type="text" name="me_link[]" value="<?php echo $row['me_link'] ?>" id="me_link_<?php echo $i; ?>" required class="required tbl_input full_input">
</td> </td>
<td class="td_mng"> <td class="td_mng">
<label for="me_target_<?php echo $i; ?>" class="sound_only">새창</label> <label for="me_target_<?php echo $i; ?>" class="sound_only">새창</label>
<select name="me_target[]" id="me_target_<?php echo $i; ?>"> <select name="me_target[]" id="me_target_<?php echo $i; ?>">
<option value="self"<?php echo get_selected($row['me_target'], 'self', true); ?>>사용안함</option> <option value="self" <?php echo get_selected($row['me_target'], 'self', true); ?>>사용안함</option>
<option value="blank"<?php echo get_selected($row['me_target'], 'blank', true); ?>>사용함</option> <option value="blank" <?php echo get_selected($row['me_target'], 'blank', true); ?>>사용함</option>
</select> </select>
</td> </td>
<td class="td_num"> <td class="td_num">
<label for="me_order_<?php echo $i; ?>" class="sound_only">순서</label> <label for="me_order_<?php echo $i; ?>" class="sound_only">순서</label>
<input type="text" name="me_order[]" value="<?php echo $row['me_order'] ?>" id="me_order_<?php echo $i; ?>" class="tbl_input" size="5"> <input type="text" name="me_order[]" value="<?php echo $row['me_order'] ?>" id="me_order_<?php echo $i; ?>" class="tbl_input" size="5">
</td> </td>
<td class="td_mng"> <td class="td_mng">
<label for="me_use_<?php echo $i; ?>" class="sound_only">PC사용</label> <label for="me_use_<?php echo $i; ?>" class="sound_only">PC사용</label>
<select name="me_use[]" id="me_use_<?php echo $i; ?>"> <select name="me_use[]" id="me_use_<?php echo $i; ?>">
<option value="1"<?php echo get_selected($row['me_use'], '1', true); ?>>사용함</option> <option value="1" <?php echo get_selected($row['me_use'], '1', true); ?>>사용함</option>
<option value="0"<?php echo get_selected($row['me_use'], '0', true); ?>>사용안함</option> <option value="0" <?php echo get_selected($row['me_use'], '0', true); ?>>사용안함</option>
</select> </select>
</td> </td>
<td class="td_mng"> <td class="td_mng">
<label for="me_mobile_use_<?php echo $i; ?>" class="sound_only">모바일사용</label> <label for="me_mobile_use_<?php echo $i; ?>" class="sound_only">모바일사용</label>
<select name="me_mobile_use[]" id="me_mobile_use_<?php echo $i; ?>"> <select name="me_mobile_use[]" id="me_mobile_use_<?php echo $i; ?>">
<option value="1"<?php echo get_selected($row['me_mobile_use'], '1', true); ?>>사용함</option> <option value="1" <?php echo get_selected($row['me_mobile_use'], '1', true); ?>>사용함</option>
<option value="0"<?php echo get_selected($row['me_mobile_use'], '0', true); ?>>사용안함</option> <option value="0" <?php echo get_selected($row['me_mobile_use'], '0', true); ?>>사용안함</option>
</select> </select>
</td> </td>
<td class="td_mng"> <td class="td_mng">
<?php if(strlen($row['me_code']) == 2) { ?> <?php if (strlen($row['me_code']) == 2) { ?>
<button type="button" class="btn_add_submenu btn_03 ">추가</button> <button type="button" class="btn_add_submenu btn_03 ">추가</button>
<?php } ?> <?php } ?>
<button type="button" class="btn_del_menu btn_02">삭제</button> <button type="button" class="btn_del_menu btn_02">삭제</button>
</td> </td>
</tr> </tr>
<?php <?php
} }
if ($i==0) if ($i == 0) {
echo '<tr id="empty_menu_list"><td colspan="'.$colspan.'" class="empty_table">자료가 없습니다.</td></tr>'; echo '<tr id="empty_menu_list"><td colspan="' . $colspan . '" class="empty_table">자료가 없습니다.</td></tr>';
?> }
</tbody> ?>
</table> </tbody>
</div> </table>
</div>
<div class="btn_fixed_top"> <div class="btn_fixed_top">
<button type="button" onclick="return add_menu();" class="btn btn_02">메뉴추가<span class="sound_only"> 새창</span></button> <button type="button" onclick="return add_menu();" class="btn btn_02">메뉴추가<span class="sound_only"> 새창</span></button>
<input type="submit" name="act_button" value="확인" class="btn_submit btn "> <input type="submit" name="act_button" value="확인" class="btn_submit btn ">
</div> </div>
</form> </form>
<script> <script>
$(function() { $(function() {
$(document).on("click", ".btn_add_submenu", function() { $(document).on("click", ".btn_add_submenu", function() {
var code = $(this).closest("tr").find("input[name='code[]']").val().substr(0, 2);
add_submenu(code);
});
$(document).on("click", ".btn_del_menu", function() {
if(!confirm("메뉴를 삭제하시겠습니까?\n메뉴 삭제후 메뉴설정의 확인 버튼을 눌러 메뉴를 저장해 주세요."))
return false;
var $tr = $(this).closest("tr");
if($tr.find("td.sub_menu_class").length > 0) {
$tr.remove();
} else {
var code = $(this).closest("tr").find("input[name='code[]']").val().substr(0, 2); var code = $(this).closest("tr").find("input[name='code[]']").val().substr(0, 2);
$("tr.menu_group_"+code).remove(); add_submenu(code);
} });
if($("#menulist tr.menu_list").length < 1) { $(document).on("click", ".btn_del_menu", function() {
var list = "<tr id=\"empty_menu_list\"><td colspan=\"<?php echo $colspan; ?>\" class=\"empty_table\">자료가 없습니다.</td></tr>\n"; if (!confirm("메뉴를 삭제하시겠습니까?\n메뉴 삭제후 메뉴설정의 확인 버튼을 눌러 메뉴를 저장해 주세요."))
$("#menulist table tbody").append(list); return false;
} else {
$("#menulist tr.menu_list").each(function(index) {
$(this).removeClass("bg0 bg1")
.addClass("bg"+(index % 2));
});
}
});
});
function add_menu() var $tr = $(this).closest("tr");
{ if ($tr.find("td.sub_menu_class").length > 0) {
var max_code = base_convert(0, 10, 36); $tr.remove();
$("#menulist tr.menu_list").each(function() { } else {
var me_code = $(this).find("input[name='code[]']").val().substr(0, 2); var code = $(this).closest("tr").find("input[name='code[]']").val().substr(0, 2);
if(max_code < me_code) $("tr.menu_group_" + code).remove();
max_code = me_code; }
if ($("#menulist tr.menu_list").length < 1) {
var list = "<tr id=\"empty_menu_list\"><td colspan=\"<?php echo $colspan; ?>\" class=\"empty_table\">자료가 없습니다.</td></tr>\n";
$("#menulist table tbody").append(list);
} else {
$("#menulist tr.menu_list").each(function(index) {
$(this).removeClass("bg0 bg1")
.addClass("bg" + (index % 2));
});
}
});
}); });
var url = "./menu_form.php?code="+max_code+"&new=new"; function add_menu() {
window.open(url, "add_menu", "left=100,top=100,width=550,height=650,scrollbars=yes,resizable=yes"); var max_code = base_convert(0, 10, 36);
return false; $("#menulist tr.menu_list").each(function() {
} var me_code = $(this).find("input[name='code[]']").val().substr(0, 2);
if (max_code < me_code)
max_code = me_code;
});
function add_submenu(code) var url = "./menu_form.php?code=" + max_code + "&new=new";
{ window.open(url, "add_menu", "left=100,top=100,width=550,height=650,scrollbars=yes,resizable=yes");
var url = "./menu_form.php?code="+code; return false;
window.open(url, "add_menu", "left=100,top=100,width=550,height=650,scrollbars=yes,resizable=yes");
return false;
}
function base_convert(number, frombase, tobase) {
// discuss at: http://phpjs.org/functions/base_convert/
// original by: Philippe Baumann
// improved by: Rafał Kukawski (http://blog.kukawski.pl)
// example 1: base_convert('A37334', 16, 2);
// returns 1: '101000110111001100110100'
return parseInt(number + '', frombase | 0)
.toString(tobase | 0);
}
function fmenulist_submit(f)
{
var me_links = document.getElementsByName('me_link[]');
var reg = /^javascript/;
for (i=0; i<me_links.length; i++){
if( reg.test(me_links[i].value) ){
alert('링크에 자바스크립트문을 입력할수 없습니다.');
me_links[i].focus();
return false;
}
} }
return true; function add_submenu(code) {
} var url = "./menu_form.php?code=" + code;
window.open(url, "add_menu", "left=100,top=100,width=550,height=650,scrollbars=yes,resizable=yes");
return false;
}
function base_convert(number, frombase, tobase) {
// discuss at: http://phpjs.org/functions/base_convert/
// original by: Philippe Baumann
// improved by: Rafał Kukawski (http://blog.kukawski.pl)
// example 1: base_convert('A37334', 16, 2);
// returns 1: '101000110111001100110100'
return parseInt(number + '', frombase | 0)
.toString(tobase | 0);
}
function fmenulist_submit(f) {
var me_links = document.getElementsByName('me_link[]');
var reg = /^javascript/;
for (i = 0; i < me_links.length; i++) {
if (reg.test(me_links[i].value)) {
alert('링크에 자바스크립트문을 입력할수 없습니다.');
me_links[i].focus();
return false;
}
}
return true;
}
</script> </script>
<?php <?php
include_once ('./admin.tail.php'); require_once './admin.tail.php';

45
adm/menu_list_update.php
View File

@ -1,11 +1,12 @@
<?php <?php
$sub_menu = "100290"; $sub_menu = "100290";
include_once('./_common.php'); require_once './_common.php';
check_demo(); check_demo();
if ($is_admin != 'super') if ($is_admin != 'super') {
alert('최고관리자만 접근 가능합니다.'); alert('최고관리자만 접근 가능합니다.');
}
check_admin_token(); check_admin_token();
@ -17,11 +18,10 @@ $group_code = null;
$primary_code = null; $primary_code = null;
$count = isset($_POST['code']) ? count($_POST['code']) : 0; $count = isset($_POST['code']) ? count($_POST['code']) : 0;
for ($i=0; $i<$count; $i++) for ($i = 0; $i < $count; $i++) {
{
$_POST = array_map_deep('trim', $_POST); $_POST = array_map_deep('trim', $_POST);
if(preg_match('/^javascript/i', preg_replace('/[ ]{1,}|[\t]/', '', $_POST['me_link'][$i]))){ if (preg_match('/^javascript/i', preg_replace('/[ ]{1,}|[\t]/', '', $_POST['me_link'][$i]))) {
$_POST['me_link'][$i] = G5_URL; $_POST['me_link'][$i] = G5_URL;
} }
@ -31,31 +31,32 @@ for ($i=0; $i<$count; $i++)
$code = is_array($_POST['code']) ? strip_tags($_POST['code'][$i]) : ''; $code = is_array($_POST['code']) ? strip_tags($_POST['code'][$i]) : '';
$me_name = is_array($_POST['me_name']) ? strip_tags($_POST['me_name'][$i]) : ''; $me_name = is_array($_POST['me_name']) ? strip_tags($_POST['me_name'][$i]) : '';
$me_link = (preg_match('/^javascript/i', $_POST['me_link'][$i]) || preg_match('/script:/i', $_POST['me_link'][$i])) ? G5_URL : strip_tags(clean_xss_attributes($_POST['me_link'][$i])); $me_link = (preg_match('/^javascript/i', $_POST['me_link'][$i]) || preg_match('/script:/i', $_POST['me_link'][$i])) ? G5_URL : strip_tags(clean_xss_attributes($_POST['me_link'][$i]));
if(!$code || !$me_name || !$me_link) if (!$code || !$me_name || !$me_link) {
continue; continue;
}
$sub_code = ''; $sub_code = '';
if($group_code == $code) { if ($group_code == $code) {
$sql = " select MAX(SUBSTRING(me_code,3,2)) as max_me_code $sql = " select MAX(SUBSTRING(me_code,3,2)) as max_me_code
from {$g5['menu_table']} from {$g5['menu_table']}
where SUBSTRING(me_code,1,2) = '$primary_code' "; where SUBSTRING(me_code,1,2) = '$primary_code' ";
$row = sql_fetch($sql); $row = sql_fetch($sql);
$sub_code = base_convert($row['max_me_code'], 36, 10); $sub_code = (int)base_convert($row['max_me_code'], 36, 10);
$sub_code += 36; $sub_code += 36;
$sub_code = base_convert($sub_code, 10, 36); $sub_code = base_convert((string)$sub_code, 10, 36);
$me_code = $primary_code.$sub_code; $me_code = $primary_code . $sub_code;
} else { } else {
$sql = " select MAX(SUBSTRING(me_code,1,2)) as max_me_code $sql = " select MAX(SUBSTRING(me_code,1,2)) as max_me_code
from {$g5['menu_table']} from {$g5['menu_table']}
where LENGTH(me_code) = '2' "; where LENGTH(me_code) = '2' ";
$row = sql_fetch($sql); $row = sql_fetch($sql);
$me_code = base_convert($row['max_me_code'], 36, 10); $me_code = (int)base_convert($row['max_me_code'], 36, 10);
$me_code += 36; $me_code += 36;
$me_code = base_convert($me_code, 10, 36); $me_code = base_convert((string)$me_code, 10, 36);
$group_code = $code; $group_code = $code;
$primary_code = $me_code; $primary_code = $me_code;
@ -63,16 +64,16 @@ for ($i=0; $i<$count; $i++)
// 메뉴 등록 // 메뉴 등록
$sql = " insert into {$g5['menu_table']} $sql = " insert into {$g5['menu_table']}
set me_code = '".$me_code."', set me_code = '" . $me_code . "',
me_name = '".$me_name."', me_name = '" . $me_name . "',
me_link = '".$me_link."', me_link = '" . $me_link . "',
me_target = '".sql_real_escape_string(strip_tags($_POST['me_target'][$i]))."', me_target = '" . sql_real_escape_string(strip_tags($_POST['me_target'][$i])) . "',
me_order = '".sql_real_escape_string(strip_tags($_POST['me_order'][$i]))."', me_order = '" . sql_real_escape_string(strip_tags($_POST['me_order'][$i])) . "',
me_use = '".sql_real_escape_string(strip_tags($_POST['me_use'][$i]))."', me_use = '" . sql_real_escape_string(strip_tags($_POST['me_use'][$i])) . "',
me_mobile_use = '".sql_real_escape_string(strip_tags($_POST['me_mobile_use'][$i]))."' "; me_mobile_use = '" . sql_real_escape_string(strip_tags($_POST['me_mobile_use'][$i])) . "' ";
sql_query($sql); sql_query($sql);
} }
run_event('admin_menu_list_update'); run_event('admin_menu_list_update');
goto_url('./menu_list.php'); goto_url('./menu_list.php');

346
adm/newwinform.php
View File

@ -1,174 +1,172 @@
<?php <?php
$sub_menu = '100310'; $sub_menu = '100310';
include_once('./_common.php'); require_once './_common.php';
include_once(G5_EDITOR_LIB); require_once G5_EDITOR_LIB;
auth_check_menu($auth, $sub_menu, "w"); auth_check_menu($auth, $sub_menu, "w");
$nw_id = isset($_REQUEST['nw_id']) ? preg_replace('/[^0-9]/', '', $_REQUEST['nw_id']) : 0; $nw_id = isset($_REQUEST['nw_id']) ? (string)preg_replace('/[^0-9]/', '', $_REQUEST['nw_id']) : 0;
$nw = array( $nw = array(
'nw_begin_time'=>'', 'nw_begin_time' => '',
'nw_end_time'=>'', 'nw_end_time' => '',
'nw_subject'=>'', 'nw_subject' => '',
'nw_content'=>'', 'nw_content' => '',
'nw_division'=>'', 'nw_division' => '',
); );
$html_title = "팝업레이어"; $html_title = "팝업레이어";
// 팝업레이어 테이블에 쇼핑몰, 커뮤니티 인지 구분하는 여부 필드 추가 // 팝업레이어 테이블에 쇼핑몰, 커뮤니티 인지 구분하는 여부 필드 추가
$sql = " ALTER TABLE `{$g5['new_win_table']}` ADD `nw_division` VARCHAR(10) NOT NULL DEFAULT 'both' "; $sql = " ALTER TABLE `{$g5['new_win_table']}` ADD `nw_division` VARCHAR(10) NOT NULL DEFAULT 'both' ";
sql_query($sql, false); sql_query($sql, false);
if ($w == "u") if ($w == "u") {
{ $html_title .= " 수정";
$html_title .= " 수정"; $sql = " select * from {$g5['new_win_table']} where nw_id = '$nw_id' ";
$sql = " select * from {$g5['new_win_table']} where nw_id = '$nw_id' "; $nw = sql_fetch($sql);
$nw = sql_fetch($sql); if (!(isset($nw['nw_id']) && $nw['nw_id'])) {
if (! (isset($nw['nw_id']) && $nw['nw_id'])) alert("등록된 자료가 없습니다."); alert("등록된 자료가 없습니다.");
} }
else } else {
{ $html_title .= " 입력";
$html_title .= " 입력"; $nw['nw_device'] = 'both';
$nw['nw_device'] = 'both'; $nw['nw_disable_hours'] = 24;
$nw['nw_disable_hours'] = 24; $nw['nw_left'] = 10;
$nw['nw_left'] = 10; $nw['nw_top'] = 10;
$nw['nw_top'] = 10; $nw['nw_width'] = 450;
$nw['nw_width'] = 450; $nw['nw_height'] = 500;
$nw['nw_height'] = 500; $nw['nw_content_html'] = 2;
$nw['nw_content_html'] = 2; }
}
$g5['title'] = $html_title;
$g5['title'] = $html_title; require_once G5_ADMIN_PATH . '/admin.head.php';
include_once (G5_ADMIN_PATH.'/admin.head.php'); ?>
?>
<form name="frmnewwin" action="./newwinformupdate.php" onsubmit="return frmnewwin_check(this);" method="post">
<form name="frmnewwin" action="./newwinformupdate.php" onsubmit="return frmnewwin_check(this);" method="post"> <input type="hidden" name="w" value="<?php echo $w; ?>">
<input type="hidden" name="w" value="<?php echo $w; ?>"> <input type="hidden" name="nw_id" value="<?php echo $nw_id; ?>">
<input type="hidden" name="nw_id" value="<?php echo $nw_id; ?>"> <input type="hidden" name="token" value="">
<input type="hidden" name="token" value="">
<div class="local_desc01 local_desc">
<div class="local_desc01 local_desc"> <p>초기화면 접속 시 자동으로 뜰 팝업레이어를 설정합니다.</p>
<p>초기화면 접속 시 자동으로 뜰 팝업레이어를 설정합니다.</p> </div>
</div>
<div class="tbl_frm01 tbl_wrap">
<div class="tbl_frm01 tbl_wrap"> <table>
<table> <caption><?php echo $g5['title']; ?></caption>
<caption><?php echo $g5['title']; ?></caption> <colgroup>
<colgroup> <col class="grid_4">
<col class="grid_4"> <col>
<col> </colgroup>
</colgroup> <tbody>
<tbody> <tr>
<tr> <th scope="row"><label for="nw_division">구분</label></th>
<th scope="row"><label for="nw_division">구분</label></th> <td>
<td> <?php echo help("커뮤니티에 표시될 것인지 쇼핑몰에 표시될 것인지를 설정합니다."); ?>
<?php echo help("커뮤니티에 표시될 것인지 쇼핑몰에 표시될 것인지를 설정합니다."); ?> <select name="nw_division" id="nw_division">
<select name="nw_division" id="nw_division"> <option value="comm" <?php echo get_selected($nw['nw_division'], 'comm'); ?>>커뮤니티</option>
<option value="comm"<?php echo get_selected($nw['nw_division'], 'comm'); ?>>커뮤니티</option> <?php if (defined('G5_USE_SHOP') && G5_USE_SHOP) { ?>
<?php if (defined('G5_USE_SHOP') && G5_USE_SHOP) { ?> <option value="both" <?php echo get_selected($nw['nw_division'], 'both', true); ?>>커뮤니티와 쇼핑몰</option>
<option value="both"<?php echo get_selected($nw['nw_division'], 'both', true); ?>>커뮤니티와 쇼핑몰</option> <option value="shop" <?php echo get_selected($nw['nw_division'], 'shop'); ?>>쇼핑몰</option>
<option value="shop"<?php echo get_selected($nw['nw_division'], 'shop'); ?>>쇼핑몰</option> <?php } ?>
<?php } ?> </select>
</select> </td>
</td> </tr>
</tr> <tr>
<tr> <th scope="row"><label for="nw_device">접속기기</label></th>
<th scope="row"><label for="nw_device">접속기기</label></th> <td>
<td> <?php echo help("팝업레이어가 표시될 접속기기를 설정합니다."); ?>
<?php echo help("팝업레이어가 표시될 접속기기를 설정합니다."); ?> <select name="nw_device" id="nw_device">
<select name="nw_device" id="nw_device"> <option value="both" <?php echo get_selected($nw['nw_device'], 'both', true); ?>>PC와 모바일</option>
<option value="both"<?php echo get_selected($nw['nw_device'], 'both', true); ?>>PC와 모바일</option> <option value="pc" <?php echo get_selected($nw['nw_device'], 'pc'); ?>>PC</option>
<option value="pc"<?php echo get_selected($nw['nw_device'], 'pc'); ?>>PC</option> <option value="mobile" <?php echo get_selected($nw['nw_device'], 'mobile'); ?>>모바일</option>
<option value="mobile"<?php echo get_selected($nw['nw_device'], 'mobile'); ?>>모바일</option> </select>
</select> </td>
</td> </tr>
</tr> <tr>
<tr> <th scope="row"><label for="nw_disable_hours">시간<strong class="sound_only"> 필수</strong></label></th>
<th scope="row"><label for="nw_disable_hours">시간<strong class="sound_only"> 필수</strong></label></th> <td>
<td> <?php echo help("고객이 다시 보지 않음을 선택할 시 몇 시간동안 팝업레이어를 보여주지 않을지 설정합니다."); ?>
<?php echo help("고객이 다시 보지 않음을 선택할 시 몇 시간동안 팝업레이어를 보여주지 않을지 설정합니다."); ?> <input type="text" name="nw_disable_hours" value="<?php echo $nw['nw_disable_hours']; ?>" id="nw_disable_hours" required class="frm_input required" size="5"> 시간
<input type="text" name="nw_disable_hours" value="<?php echo $nw['nw_disable_hours']; ?>" id="nw_disable_hours" required class="frm_input required" size="5"> 시간 </td>
</td> </tr>
</tr> <tr>
<tr> <th scope="row"><label for="nw_begin_time">시작일시<strong class="sound_only"> 필수</strong></label></th>
<th scope="row"><label for="nw_begin_time">시작일시<strong class="sound_only"> 필수</strong></label></th> <td>
<td> <input type="text" name="nw_begin_time" value="<?php echo $nw['nw_begin_time']; ?>" id="nw_begin_time" required class="frm_input required" size="21" maxlength="19">
<input type="text" name="nw_begin_time" value="<?php echo $nw['nw_begin_time']; ?>" id="nw_begin_time" required class="frm_input required" size="21" maxlength="19"> <input type="checkbox" name="nw_begin_chk" value="<?php echo date("Y-m-d 00:00:00", G5_SERVER_TIME); ?>" id="nw_begin_chk" onclick="if (this.checked == true) this.form.nw_begin_time.value=this.form.nw_begin_chk.value; else this.form.nw_begin_time.value = this.form.nw_begin_time.defaultValue;">
<input type="checkbox" name="nw_begin_chk" value="<?php echo date("Y-m-d 00:00:00", G5_SERVER_TIME); ?>" id="nw_begin_chk" onclick="if (this.checked == true) this.form.nw_begin_time.value=this.form.nw_begin_chk.value; else this.form.nw_begin_time.value = this.form.nw_begin_time.defaultValue;"> <label for="nw_begin_chk">시작일시를 오늘로</label>
<label for="nw_begin_chk">시작일시를 오늘로</label> </td>
</td> </tr>
</tr> <tr>
<tr> <th scope="row"><label for="nw_end_time">종료일시<strong class="sound_only"> 필수</strong></label></th>
<th scope="row"><label for="nw_end_time">종료일시<strong class="sound_only"> 필수</strong></label></th> <td>
<td> <input type="text" name="nw_end_time" value="<?php echo $nw['nw_end_time']; ?>" id="nw_end_time" required class="frm_input required" size="21" maxlength="19">
<input type="text" name="nw_end_time" value="<?php echo $nw['nw_end_time']; ?>" id="nw_end_time" required class="frm_input required" size="21" maxlength="19"> <input type="checkbox" name="nw_end_chk" value="<?php echo date("Y-m-d 23:59:59", G5_SERVER_TIME + (60 * 60 * 24 * 7)); ?>" id="nw_end_chk" onclick="if (this.checked == true) this.form.nw_end_time.value=this.form.nw_end_chk.value; else this.form.nw_end_time.value = this.form.nw_end_time.defaultValue;">
<input type="checkbox" name="nw_end_chk" value="<?php echo date("Y-m-d 23:59:59", G5_SERVER_TIME+(60*60*24*7)); ?>" id="nw_end_chk" onclick="if (this.checked == true) this.form.nw_end_time.value=this.form.nw_end_chk.value; else this.form.nw_end_time.value = this.form.nw_end_time.defaultValue;"> <label for="nw_end_chk">종료일시를 오늘로부터 7일 후로</label>
<label for="nw_end_chk">종료일시를 오늘로부터 7일 후로</label> </td>
</td> </tr>
</tr> <tr>
<tr> <th scope="row"><label for="nw_left">팝업레이어 좌측 위치<strong class="sound_only"> 필수</strong></label></th>
<th scope="row"><label for="nw_left">팝업레이어 좌측 위치<strong class="sound_only"> 필수</strong></label></th> <td>
<td> <input type="text" name="nw_left" value="<?php echo $nw['nw_left']; ?>" id="nw_left" required class="frm_input required" size="5"> px
<input type="text" name="nw_left" value="<?php echo $nw['nw_left']; ?>" id="nw_left" required class="frm_input required" size="5"> px </td>
</td> </tr>
</tr> <tr>
<tr> <th scope="row"><label for="nw_top">팝업레이어 상단 위치<strong class="sound_only"> 필수</strong></label></th>
<th scope="row"><label for="nw_top">팝업레이어 상단 위치<strong class="sound_only"> 필수</strong></label></th> <td>
<td> <input type="text" name="nw_top" value="<?php echo $nw['nw_top']; ?>" id="nw_top" required class="frm_input required" size="5"> px
<input type="text" name="nw_top" value="<?php echo $nw['nw_top']; ?>" id="nw_top" required class="frm_input required" size="5"> px </td>
</td> </tr>
</tr> <tr>
<tr> <th scope="row"><label for="nw_width">팝업레이어 넓이<strong class="sound_only"> 필수</strong></label></th>
<th scope="row"><label for="nw_width">팝업레이어 넓이<strong class="sound_only"> 필수</strong></label></th> <td>
<td> <input type="text" name="nw_width" value="<?php echo $nw['nw_width'] ?>" id="nw_width" required class="frm_input required" size="5"> px
<input type="text" name="nw_width" value="<?php echo $nw['nw_width'] ?>" id="nw_width" required class="frm_input required" size="5"> px </td>
</td> </tr>
</tr> <tr>
<tr> <th scope="row"><label for="nw_height">팝업레이어 높이<strong class="sound_only"> 필수</strong></label></th>
<th scope="row"><label for="nw_height">팝업레이어 높이<strong class="sound_only"> 필수</strong></label></th> <td>
<td> <input type="text" name="nw_height" value="<?php echo $nw['nw_height'] ?>" id="nw_height" required class="frm_input required" size="5"> px
<input type="text" name="nw_height" value="<?php echo $nw['nw_height'] ?>" id="nw_height" required class="frm_input required" size="5"> px </td>
</td> </tr>
</tr> <tr>
<tr> <th scope="row"><label for="nw_subject">팝업 제목<strong class="sound_only"> 필수</strong></label></th>
<th scope="row"><label for="nw_subject">팝업 제목<strong class="sound_only"> 필수</strong></label></th> <td>
<td> <input type="text" name="nw_subject" value="<?php echo get_sanitize_input($nw['nw_subject']); ?>" id="nw_subject" required class="frm_input required" size="80">
<input type="text" name="nw_subject" value="<?php echo get_sanitize_input($nw['nw_subject']); ?>" id="nw_subject" required class="frm_input required" size="80"> </td>
</td> </tr>
</tr> <tr>
<tr> <th scope="row"><label for="nw_content">내용</label></th>
<th scope="row"><label for="nw_content">내용</label></th> <td><?php echo editor_html('nw_content', get_text(html_purifier($nw['nw_content']), 0)); ?></td>
<td><?php echo editor_html('nw_content', get_text(html_purifier($nw['nw_content']), 0)); ?></td> </tr>
</tr> </tbody>
</tbody> </table>
</table> </div>
</div>
<div class="btn_fixed_top">
<div class="btn_fixed_top"> <a href="./newwinlist.php" class=" btn btn_02">목록</a>
<a href="./newwinlist.php" class=" btn btn_02">목록</a> <input type="submit" value="확인" class="btn_submit btn" accesskey="s">
<input type="submit" value="확인" class="btn_submit btn" accesskey="s"> </div>
</div> </form>
</form>
<script>
<script> function frmnewwin_check(f) {
function frmnewwin_check(f) errmsg = "";
{ errfld = "";
errmsg = "";
errfld = ""; <?php echo get_editor_js('nw_content'); ?>
<?php echo get_editor_js('nw_content'); ?> check_field(f.nw_subject, "제목을 입력하세요.");
check_field(f.nw_subject, "제목을 입력하세요."); if (errmsg != "") {
alert(errmsg);
if (errmsg != "") { errfld.focus();
alert(errmsg); return false;
errfld.focus(); }
return false; return true;
} }
return true; </script>
}
</script> <?php
require_once G5_ADMIN_PATH . '/admin.tail.php';
<?php
include_once (G5_ADMIN_PATH.'/admin.tail.php');

158
adm/newwinformupdate.php
View File

@ -1,82 +1,76 @@
<?php <?php
$sub_menu = '100310'; $sub_menu = '100310';
include_once('./_common.php'); require_once './_common.php';
$nw_id = isset($_REQUEST['nw_id']) ? preg_replace('/[^0-9]/', '', $_REQUEST['nw_id']) : 0; $nw_id = isset($_REQUEST['nw_id']) ? (string)preg_replace('/[^0-9]/', '', $_REQUEST['nw_id']) : 0;
if ($w == "u" || $w == "d") if ($w == "u" || $w == "d") {
check_demo(); check_demo();
}
if ($w == 'd')
auth_check_menu($auth, $sub_menu, "d"); if ($w == 'd') {
else auth_check_menu($auth, $sub_menu, "d");
auth_check_menu($auth, $sub_menu, "w"); } else {
auth_check_menu($auth, $sub_menu, "w");
check_admin_token(); }
$nw_subject = isset($_POST['nw_subject']) ? strip_tags(clean_xss_attributes($_POST['nw_subject'])) : ''; check_admin_token();
$posts = array();
$nw_subject = isset($_POST['nw_subject']) ? strip_tags(clean_xss_attributes($_POST['nw_subject'])) : '';
$check_keys = array( $posts = array();
'nw_device'=>'str',
'nw_division'=>'str', $check_keys = array(
'nw_begin_time'=>'str', 'nw_device' => 'str',
'nw_end_time'=>'str', 'nw_division' => 'str',
'nw_disable_hours'=>'int', 'nw_begin_time' => 'str',
'nw_left'=>'int', 'nw_end_time' => 'str',
'nw_top'=>'int', 'nw_disable_hours' => 'int',
'nw_height'=>'int', 'nw_left' => 'int',
'nw_width'=>'int', 'nw_top' => 'int',
'nw_content'=>'text', 'nw_height' => 'int',
'nw_content_html'=>'text', 'nw_width' => 'int',
); 'nw_content' => 'text',
'nw_content_html' => 'text',
foreach($check_keys as $key=>$val){ );
if($val === 'int'){
$posts[$key] = isset($_POST[$key]) ? (int) $_POST[$key] : 0; foreach ($check_keys as $key => $val) {
} else if ($val === 'str') { if ($val === 'int') {
$posts[$key] = isset($_POST[$key]) ? clean_xss_tags($_POST[$key], 1, 1) : 0; $posts[$key] = isset($_POST[$key]) ? (int) $_POST[$key] : 0;
} else { } elseif ($val === 'str') {
$posts[$key] = isset($_POST[$key]) ? trim($_POST[$key]) : 0; $posts[$key] = isset($_POST[$key]) ? clean_xss_tags($_POST[$key], 1, 1) : 0;
} } else {
} $posts[$key] = isset($_POST[$key]) ? trim($_POST[$key]) : 0;
}
$sql_common = " nw_device = '{$posts['nw_device']}', }
nw_division = '{$posts['nw_division']}',
nw_begin_time = '{$posts['nw_begin_time']}', $sql_common = " nw_device = '{$posts['nw_device']}',
nw_end_time = '{$posts['nw_end_time']}', nw_division = '{$posts['nw_division']}',
nw_disable_hours = '{$posts['nw_disable_hours']}', nw_begin_time = '{$posts['nw_begin_time']}',
nw_left = '{$posts['nw_left']}', nw_end_time = '{$posts['nw_end_time']}',
nw_top = '{$posts['nw_top']}', nw_disable_hours = '{$posts['nw_disable_hours']}',
nw_height = '{$posts['nw_height']}', nw_left = '{$posts['nw_left']}',
nw_width = '{$posts['nw_width']}', nw_top = '{$posts['nw_top']}',
nw_subject = '{$nw_subject}', nw_height = '{$posts['nw_height']}',
nw_content = '{$posts['nw_content']}', nw_width = '{$posts['nw_width']}',
nw_content_html = '{$posts['nw_content_html']}' "; nw_subject = '{$nw_subject}',
nw_content = '{$posts['nw_content']}',
if($w == "") nw_content_html = '{$posts['nw_content_html']}' ";
{
$sql = " insert {$g5['new_win_table']} set $sql_common "; if ($w == "") {
sql_query($sql); $sql = " insert {$g5['new_win_table']} set $sql_common ";
sql_query($sql);
$nw_id = sql_insert_id();
} $nw_id = sql_insert_id();
else if ($w == "u") } elseif ($w == "u") {
{ $sql = " update {$g5['new_win_table']} set $sql_common where nw_id = '$nw_id' ";
$sql = " update {$g5['new_win_table']} set $sql_common where nw_id = '$nw_id' "; sql_query($sql);
sql_query($sql); } elseif ($w == "d") {
} $sql = " delete from {$g5['new_win_table']} where nw_id = '$nw_id' ";
else if ($w == "d") sql_query($sql);
{ }
$sql = " delete from {$g5['new_win_table']} where nw_id = '$nw_id' ";
sql_query($sql); if ($w == "d") {
} goto_url('./newwinlist.php');
} else {
if ($w == "d") goto_url("./newwinform.php?w=u&amp;nw_id=$nw_id");
{ }
goto_url('./newwinlist.php');
}
else
{
goto_url("./newwinform.php?w=u&amp;nw_id=$nw_id");
}

239
adm/newwinlist.php
View File

@ -1,118 +1,121 @@
<?php <?php
$sub_menu = '100310'; $sub_menu = '100310';
include_once('./_common.php'); require_once './_common.php';
auth_check_menu($auth, $sub_menu, "r"); auth_check_menu($auth, $sub_menu, "r");
if( !isset($g5['new_win_table']) ){ if (!isset($g5['new_win_table'])) {
die('<meta charset="utf-8">/data/dbconfig.php 파일에 <strong>$g5[\'new_win_table\'] = G5_TABLE_PREFIX.\'new_win\';</strong> 를 추가해 주세요.'); die('<meta charset="utf-8">/data/dbconfig.php 파일에 <strong>$g5[\'new_win_table\'] = G5_TABLE_PREFIX.\'new_win\';</strong> 를 추가해 주세요.');
} }
//내용(컨텐츠)정보 테이블이 있는지 검사한다. //내용(컨텐츠)정보 테이블이 있는지 검사한다.
if(!sql_query(" DESCRIBE {$g5['new_win_table']} ", false)) { if (!sql_query(" DESCRIBE {$g5['new_win_table']} ", false)) {
if(sql_query(" DESCRIBE {$g5['g5_shop_new_win_table']} ", false)) { if (sql_query(" DESCRIBE {$g5['g5_shop_new_win_table']} ", false)) {
sql_query(" ALTER TABLE {$g5['g5_shop_new_win_table']} RENAME TO `{$g5['new_win_table']}` ;", false); sql_query(" ALTER TABLE {$g5['g5_shop_new_win_table']} RENAME TO `{$g5['new_win_table']}` ;", false);
} else { } else {
$query_cp = sql_query(" CREATE TABLE IF NOT EXISTS `{$g5['new_win_table']}` ( $query_cp = sql_query(
`nw_id` int(11) NOT NULL AUTO_INCREMENT, " CREATE TABLE IF NOT EXISTS `{$g5['new_win_table']}` (
`nw_division` varchar(10) NOT NULL DEFAULT 'both', `nw_id` int(11) NOT NULL AUTO_INCREMENT,
`nw_device` varchar(10) NOT NULL DEFAULT 'both', `nw_division` varchar(10) NOT NULL DEFAULT 'both',
`nw_begin_time` datetime NOT NULL DEFAULT '0000-00-00 00:00:00', `nw_device` varchar(10) NOT NULL DEFAULT 'both',
`nw_end_time` datetime NOT NULL DEFAULT '0000-00-00 00:00:00', `nw_begin_time` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
`nw_disable_hours` int(11) NOT NULL DEFAULT '0', `nw_end_time` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
`nw_left` int(11) NOT NULL DEFAULT '0', `nw_disable_hours` int(11) NOT NULL DEFAULT '0',
`nw_top` int(11) NOT NULL DEFAULT '0', `nw_left` int(11) NOT NULL DEFAULT '0',
`nw_height` int(11) NOT NULL DEFAULT '0', `nw_top` int(11) NOT NULL DEFAULT '0',
`nw_width` int(11) NOT NULL DEFAULT '0', `nw_height` int(11) NOT NULL DEFAULT '0',
`nw_subject` text NOT NULL, `nw_width` int(11) NOT NULL DEFAULT '0',
`nw_content` text NOT NULL, `nw_subject` text NOT NULL,
`nw_content_html` tinyint(4) NOT NULL DEFAULT '0', `nw_content` text NOT NULL,
PRIMARY KEY (`nw_id`) `nw_content_html` tinyint(4) NOT NULL DEFAULT '0',
) ENGINE=MyISAM DEFAULT CHARSET=utf8 ", true); PRIMARY KEY (`nw_id`)
} ) ENGINE=MyISAM DEFAULT CHARSET=utf8 ",
} true
);
$g5['title'] = '팝업레이어 관리'; }
include_once (G5_ADMIN_PATH.'/admin.head.php'); }
$sql_common = " from {$g5['new_win_table']} "; $g5['title'] = '팝업레이어 관리';
require_once G5_ADMIN_PATH . '/admin.head.php';
// 테이블의 전체 레코드수만 얻음
$sql = " select count(*) as cnt " . $sql_common; $sql_common = " from {$g5['new_win_table']} ";
$row = sql_fetch($sql);
$total_count = $row['cnt']; // 테이블의 전체 레코드수만 얻음
$sql = " select count(*) as cnt " . $sql_common;
$sql = "select * $sql_common order by nw_id desc "; $row = sql_fetch($sql);
$result = sql_query($sql); $total_count = $row['cnt'];
?>
$sql = "select * $sql_common order by nw_id desc ";
<div class="local_ov01 local_ov"><span class="btn_ov01"><span class="ov_txt">전체 </span><span class="ov_num"> <?php echo $total_count; ?>건</span></span></div> $result = sql_query($sql);
?>
<div class="btn_fixed_top ">
<a href="./newwinform.php" class="btn btn_01">새창관리추가</a> <div class="local_ov01 local_ov"><span class="btn_ov01"><span class="ov_txt">전체 </span><span class="ov_num"> <?php echo $total_count; ?>건</span></span></div>
</div>
<div class="btn_fixed_top ">
<div class="tbl_head01 tbl_wrap"> <a href="./newwinform.php" class="btn btn_01">새창관리추가</a>
<table> </div>
<caption><?php echo $g5['title']; ?> 목록</caption>
<thead> <div class="tbl_head01 tbl_wrap">
<tr> <table>
<th scope="col">번호</th> <caption><?php echo $g5['title']; ?> 목록</caption>
<th scope="col">제목</th> <thead>
<th scope="col">접속기기</th> <tr>
<th scope="col">시작일시</th> <th scope="col">번호</th>
<th scope="col">종료일시</th> <th scope="col">제목</th>
<th scope="col">시간</th> <th scope="col">접속기기</th>
<th scope="col">Left</th> <th scope="col">시작일시</th>
<th scope="col">Top</th> <th scope="col">종료일시</th>
<th scope="col">Width</th> <th scope="col">시간</th>
<th scope="col">Height</th> <th scope="col">Left</th>
<th scope="col">관리</th> <th scope="col">Top</th>
</tr> <th scope="col">Width</th>
</thead> <th scope="col">Height</th>
<tbody> <th scope="col">관리</th>
<?php </tr>
for ($i=0; $row=sql_fetch_array($result); $i++) { </thead>
$bg = 'bg'.($i%2); <tbody>
<?php
switch($row['nw_device']) { for ($i = 0; $row = sql_fetch_array($result); $i++) {
case 'pc': $bg = 'bg' . ($i % 2);
$nw_device = 'PC';
break; switch ($row['nw_device']) {
case 'mobile': case 'pc':
$nw_device = '모바일'; $nw_device = 'PC';
break; break;
default: case 'mobile':
$nw_device = '모'; $nw_device = '모바일';
break; break;
} default:
?> $nw_device = '모두';
<tr class="<?php echo $bg; ?>"> break;
<td class="td_num"><?php echo $row['nw_id']; ?></td> }
<td class="td_left"><?php echo $row['nw_subject']; ?></td> ?>
<td class="td_device"><?php echo $nw_device; ?></td> <tr class="<?php echo $bg; ?>">
<td class="td_datetime"><?php echo substr($row['nw_begin_time'],2,14); ?></td> <td class="td_num"><?php echo $row['nw_id']; ?></td>
<td class="td_datetime"><?php echo substr($row['nw_end_time'],2,14); ?></td> <td class="td_left"><?php echo $row['nw_subject']; ?></td>
<td class="td_num"><?php echo $row['nw_disable_hours']; ?>시간</td> <td class="td_device"><?php echo $nw_device; ?></td>
<td class="td_num"><?php echo $row['nw_left']; ?>px</td> <td class="td_datetime"><?php echo substr($row['nw_begin_time'], 2, 14); ?></td>
<td class="td_num"><?php echo $row['nw_top']; ?>px</td> <td class="td_datetime"><?php echo substr($row['nw_end_time'], 2, 14); ?></td>
<td class="td_num"><?php echo $row['nw_width']; ?>px</td> <td class="td_num"><?php echo $row['nw_disable_hours']; ?>시간</td>
<td class="td_num"><?php echo $row['nw_height']; ?>px</td> <td class="td_num"><?php echo $row['nw_left']; ?>px</td>
<td class="td_mng td_mng_m"> <td class="td_num"><?php echo $row['nw_top']; ?>px</td>
<a href="./newwinform.php?w=u&amp;nw_id=<?php echo $row['nw_id']; ?>" class="btn btn_03"><span class="sound_only"><?php echo $row['nw_subject']; ?> </span>수정</a> <td class="td_num"><?php echo $row['nw_width']; ?>px</td>
<a href="./newwinformupdate.php?w=d&amp;nw_id=<?php echo $row['nw_id']; ?>" onclick="return delete_confirm(this);" class="btn btn_02"><span class="sound_only"><?php echo $row['nw_subject']; ?> </span>삭제</a> <td class="td_num"><?php echo $row['nw_height']; ?>px</td>
</td> <td class="td_mng td_mng_m">
</tr> <a href="./newwinform.php?w=u&amp;nw_id=<?php echo $row['nw_id']; ?>" class="btn btn_03"><span class="sound_only"><?php echo $row['nw_subject']; ?> </span>수정</a>
<?php <a href="./newwinformupdate.php?w=d&amp;nw_id=<?php echo $row['nw_id']; ?>" onclick="return delete_confirm(this);" class="btn btn_02"><span class="sound_only"><?php echo $row['nw_subject']; ?> </span>삭제</a>
} </td>
</tr>
if ($i == 0) { <?php
echo '<tr><td colspan="11" class="empty_table">자료가 한건도 없습니다.</td></tr>'; }
}
?> if ($i == 0) {
</tbody> echo '<tr><td colspan="11" class="empty_table">자료가 한건도 없습니다.</td></tr>';
</table> }
</div> ?>
</tbody>
</table>
<?php </div>
include_once (G5_ADMIN_PATH.'/admin.tail.php');
<?php
require_once G5_ADMIN_PATH . '/admin.tail.php';

4
adm/phpinfo.php
View File

@ -1,9 +1,9 @@
<?php <?php
$sub_menu = "100500"; $sub_menu = "100500";
include_once('./_common.php'); require_once './_common.php';
check_demo(); check_demo();
auth_check_menu($auth, $sub_menu, 'r'); auth_check_menu($auth, $sub_menu, 'r');
phpinfo(); phpinfo();

301
adm/point_list.php
View File

@ -1,20 +1,20 @@
<?php <?php
$sub_menu = "200200"; $sub_menu = "200200";
include_once('./_common.php'); require_once './_common.php';
auth_check_menu($auth, $sub_menu, 'r'); auth_check_menu($auth, $sub_menu, 'r');
$sql_common = " from {$g5['point_table']} "; $sql_common = " from {$g5['point_table']} po";
$sql_search = " where (1) "; $sql_search = " where (1) ";
if ($stx) { if ($stx) {
$sql_search .= " and ( "; $sql_search .= " and ( ";
switch ($sfl) { switch ($sfl) {
case 'mb_id' : case 'mb_id':
$sql_search .= " ({$sfl} = '{$stx}') "; $sql_search .= " (po.{$sfl} = '{$stx}') ";
break; break;
default : default:
$sql_search .= " ({$sfl} like '%{$stx}%') "; $sql_search .= " ({$sfl} like '%{$stx}%') ";
break; break;
} }
@ -36,36 +36,41 @@ $total_count = $row['cnt'];
$rows = $config['cf_page_rows']; $rows = $config['cf_page_rows'];
$total_page = ceil($total_count / $rows); // 전체 페이지 계산 $total_page = ceil($total_count / $rows); // 전체 페이지 계산
if ($page < 1) $page = 1; // 페이지가 없으면 첫 페이지 (1 페이지) if ($page < 1) {
$page = 1; // 페이지가 없으면 첫 페이지 (1 페이지)
}
$from_record = ($page - 1) * $rows; // 시작 열을 구함 $from_record = ($page - 1) * $rows; // 시작 열을 구함
$sql = " select * $sql = " select po.*, mb.mb_name, mb.mb_nick, mb.mb_email, mb.mb_homepage, mb.mb_point
{$sql_common} {$sql_common}
LEFT JOIN {$g5['member_table']} mb ON po.mb_id = mb.mb_id
{$sql_search} {$sql_search}
{$sql_order} {$sql_order}
limit {$from_record}, {$rows} "; limit {$from_record}, {$rows} ";
$result = sql_query($sql); $result = sql_query($sql);
$listall = '<a href="'.$_SERVER['SCRIPT_NAME'].'" class="ov_listall">전체목록</a>'; $listall = '<a href="' . $_SERVER['SCRIPT_NAME'] . '" class="ov_listall">전체목록</a>';
$mb = array(); $mb = array();
if ($sfl == 'mb_id' && $stx) if ($sfl == 'mb_id' && $stx) {
$mb = get_member($stx); $mb = get_member($stx);
}
$g5['title'] = '포인트관리'; $g5['title'] = '포인트관리';
include_once ('./admin.head.php'); require_once './admin.head.php';
$colspan = 9; $colspan = 9;
$po_expire_term = ''; $po_expire_term = '';
if($config['cf_point_term'] > 0) { if ($config['cf_point_term'] > 0) {
$po_expire_term = $config['cf_point_term']; $po_expire_term = $config['cf_point_term'];
} }
if (strstr($sfl, "mb_id")) if (strstr($sfl, "mb_id")) {
$mb_id = $stx; $mb_id = $stx;
else } else {
$mb_id = ""; $mb_id = "";
}
?> ?>
<div class="local_ov01 local_ov"> <div class="local_ov01 local_ov">
@ -73,109 +78,110 @@ else
<span class="btn_ov01"><span class="ov_txt">전체 </span><span class="ov_num"> <?php echo number_format($total_count) ?> 건 </span></span> <span class="btn_ov01"><span class="ov_txt">전체 </span><span class="ov_num"> <?php echo number_format($total_count) ?> 건 </span></span>
<?php <?php
if (isset($mb['mb_id']) && $mb['mb_id']) { if (isset($mb['mb_id']) && $mb['mb_id']) {
echo '&nbsp;<span class="btn_ov01"><span class="ov_txt">' . $mb['mb_id'] .' 님 포인트 합계 </span><span class="ov_num"> ' . number_format($mb['mb_point']) . '점</span></span>'; echo '&nbsp;<span class="btn_ov01"><span class="ov_txt">' . $mb['mb_id'] . ' 님 포인트 합계 </span><span class="ov_num"> ' . number_format($mb['mb_point']) . '점</span></span>';
} else { } else {
$row2 = sql_fetch(" select sum(po_point) as sum_point from {$g5['point_table']} "); $row2 = sql_fetch(" select sum(po_point) as sum_point from {$g5['point_table']} ");
echo '&nbsp;<span class="btn_ov01"><span class="ov_txt">전체 합계</span><span class="ov_num">'.number_format($row2['sum_point']).'점 </span></span>'; echo '&nbsp;<span class="btn_ov01"><span class="ov_txt">전체 합계</span><span class="ov_num">' . number_format($row2['sum_point']) . '점 </span></span>';
} }
?> ?>
</div> </div>
<form name="fsearch" id="fsearch" class="local_sch01 local_sch" method="get"> <form name="fsearch" id="fsearch" class="local_sch01 local_sch" method="get">
<label for="sfl" class="sound_only">검색대상</label> <label for="sfl" class="sound_only">검색대상</label>
<select name="sfl" id="sfl"> <select name="sfl" id="sfl">
<option value="mb_id"<?php echo get_selected($sfl, "mb_id"); ?>>회원아이디</option> <option value="mb_id" <?php echo get_selected($sfl, "mb_id"); ?>>회원아이디</option>
<option value="po_content"<?php echo get_selected($sfl, "po_content"); ?>>내용</option> <option value="po_content" <?php echo get_selected($sfl, "po_content"); ?>>내용</option>
</select> </select>
<label for="stx" class="sound_only">검색어<strong class="sound_only"> 필수</strong></label> <label for="stx" class="sound_only">검색어<strong class="sound_only"> 필수</strong></label>
<input type="text" name="stx" value="<?php echo $stx ?>" id="stx" required class="required frm_input"> <input type="text" name="stx" value="<?php echo $stx ?>" id="stx" required class="required frm_input">
<input type="submit" class="btn_submit" value="검색"> <input type="submit" class="btn_submit" value="검색">
</form> </form>
<form name="fpointlist" id="fpointlist" method="post" action="./point_list_delete.php" onsubmit="return fpointlist_submit(this);"> <form name="fpointlist" id="fpointlist" method="post" action="./point_list_delete.php" onsubmit="return fpointlist_submit(this);">
<input type="hidden" name="sst" value="<?php echo $sst ?>"> <input type="hidden" name="sst" value="<?php echo $sst ?>">
<input type="hidden" name="sod" value="<?php echo $sod ?>"> <input type="hidden" name="sod" value="<?php echo $sod ?>">
<input type="hidden" name="sfl" value="<?php echo $sfl ?>"> <input type="hidden" name="sfl" value="<?php echo $sfl ?>">
<input type="hidden" name="stx" value="<?php echo $stx ?>"> <input type="hidden" name="stx" value="<?php echo $stx ?>">
<input type="hidden" name="page" value="<?php echo $page ?>"> <input type="hidden" name="page" value="<?php echo $page ?>">
<input type="hidden" name="token" value=""> <input type="hidden" name="token" value="">
<div class="tbl_head01 tbl_wrap"> <div class="tbl_head01 tbl_wrap">
<table> <table>
<caption><?php echo $g5['title']; ?> 목록</caption> <caption><?php echo $g5['title']; ?> 목록</caption>
<thead> <thead>
<tr> <tr>
<th scope="col"> <th scope="col">
<label for="chkall" class="sound_only">포인트 내역 전체</label> <label for="chkall" class="sound_only">포인트 내역 전체</label>
<input type="checkbox" name="chkall" value="1" id="chkall" onclick="check_all(this.form)"> <input type="checkbox" name="chkall" value="1" id="chkall" onclick="check_all(this.form)">
</th> </th>
<th scope="col"><?php echo subject_sort_link('mb_id') ?>회원아이디</a></th> <th scope="col"><?php echo subject_sort_link('mb_id') ?>회원아이디</a></th>
<th scope="col">이름</th> <th scope="col">이름</th>
<th scope="col">닉네임</th> <th scope="col">닉네임</th>
<th scope="col"><?php echo subject_sort_link('po_content') ?>포인트 내용</a></th> <th scope="col"><?php echo subject_sort_link('po_content') ?>포인트 내용</a></th>
<th scope="col"><?php echo subject_sort_link('po_point') ?>포인트</a></th> <th scope="col"><?php echo subject_sort_link('po_point') ?>포인트</a></th>
<th scope="col"><?php echo subject_sort_link('po_datetime') ?>일시</a></th> <th scope="col"><?php echo subject_sort_link('po_datetime') ?>일시</a></th>
<th scope="col">만료일</th> <th scope="col">만료일</th>
<th scope="col">포인트합</th> <th scope="col">포인트합</th>
</tr> </tr>
</thead> </thead>
<tbody> <tbody>
<?php <?php
for ($i=0; $row=sql_fetch_array($result); $i++) { for ($i = 0; $row = sql_fetch_array($result); $i++) {
if ($i==0 || ($row2['mb_id'] != $row['mb_id'])) { $mb_nick = get_sideview($row['mb_id'], $row['mb_nick'], $row['mb_email'], $row['mb_homepage']);
$sql2 = " select mb_id, mb_name, mb_nick, mb_email, mb_homepage, mb_point from {$g5['member_table']} where mb_id = '{$row['mb_id']}' ";
$row2 = sql_fetch($sql2);
}
$mb_nick = get_sideview($row['mb_id'], $row2['mb_nick'], $row2['mb_email'], $row2['mb_homepage']); $link1 = $link2 = '';
if (!preg_match("/^\@/", $row['po_rel_table']) && $row['po_rel_table']) {
$link1 = '<a href="' . get_pretty_url($row['po_rel_table'], $row['po_rel_id']) . '" target="_blank">';
$link2 = '</a>';
}
$link1 = $link2 = ''; $expr = '';
if (!preg_match("/^\@/", $row['po_rel_table']) && $row['po_rel_table']) { if ($row['po_expired'] == 1) {
$link1 = '<a href="'.get_pretty_url($row['po_rel_table'], $row['po_rel_id']).'" target="_blank">'; $expr = ' txt_expired';
$link2 = '</a>'; }
}
$expr = ''; $bg = 'bg' . ($i % 2);
if($row['po_expired'] == 1) ?>
$expr = ' txt_expired';
$bg = 'bg'.($i%2); <tr class="<?php echo $bg; ?>">
?> <td class="td_chk">
<input type="hidden" name="mb_id[<?php echo $i ?>]" value="<?php echo $row['mb_id'] ?>" id="mb_id_<?php echo $i ?>">
<input type="hidden" name="po_id[<?php echo $i ?>]" value="<?php echo $row['po_id'] ?>" id="po_id_<?php echo $i ?>">
<label for="chk_<?php echo $i; ?>" class="sound_only"><?php echo $row['po_content'] ?> 내역</label>
<input type="checkbox" name="chk[]" value="<?php echo $i ?>" id="chk_<?php echo $i ?>">
</td>
<td class="td_left"><a href="?sfl=mb_id&amp;stx=<?php echo $row['mb_id'] ?>"><?php echo $row['mb_id'] ?></a></td>
<td class="td_left"><?php echo get_text($row['mb_name']); ?></td>
<td class="td_left sv_use">
<div><?php echo $mb_nick ?></div>
</td>
<td class="td_left"><?php echo $link1 ?><?php echo $row['po_content'] ?><?php echo $link2 ?></td>
<td class="td_num td_pt"><?php echo number_format($row['po_point']) ?></td>
<td class="td_datetime"><?php echo $row['po_datetime'] ?></td>
<td class="td_datetime2<?php echo $expr; ?>">
<?php if ($row['po_expired'] == 1) { ?>
만료<?php echo substr(str_replace('-', '', $row['po_expire_date']), 2); ?>
<?php } else {
echo $row['po_expire_date'] == '9999-12-31' ? '&nbsp;' : $row['po_expire_date'];
} ?>
</td>
<td class="td_num td_pt"><?php echo number_format($row['po_mb_point']) ?></td>
</tr>
<tr class="<?php echo $bg; ?>"> <?php
<td class="td_chk"> }
<input type="hidden" name="mb_id[<?php echo $i ?>]" value="<?php echo $row['mb_id'] ?>" id="mb_id_<?php echo $i ?>">
<input type="hidden" name="po_id[<?php echo $i ?>]" value="<?php echo $row['po_id'] ?>" id="po_id_<?php echo $i ?>">
<label for="chk_<?php echo $i; ?>" class="sound_only"><?php echo $row['po_content'] ?> 내역</label>
<input type="checkbox" name="chk[]" value="<?php echo $i ?>" id="chk_<?php echo $i ?>">
</td>
<td class="td_left"><a href="?sfl=mb_id&amp;stx=<?php echo $row['mb_id'] ?>"><?php echo $row['mb_id'] ?></a></td>
<td class="td_left"><?php echo get_text($row2['mb_name']); ?></td>
<td class="td_left sv_use"><div><?php echo $mb_nick ?></div></td>
<td class="td_left"><?php echo $link1 ?><?php echo $row['po_content'] ?><?php echo $link2 ?></td>
<td class="td_num td_pt"><?php echo number_format($row['po_point']) ?></td>
<td class="td_datetime"><?php echo $row['po_datetime'] ?></td>
<td class="td_datetime2<?php echo $expr; ?>">
<?php if ($row['po_expired'] == 1) { ?>
만료<?php echo substr(str_replace('-', '', $row['po_expire_date']), 2); ?>
<?php } else echo $row['po_expire_date'] == '9999-12-31' ? '&nbsp;' : $row['po_expire_date']; ?>
</td>
<td class="td_num td_pt"><?php echo number_format($row['po_mb_point']) ?></td>
</tr>
<?php if ($i == 0) {
} echo '<tr><td colspan="' . $colspan . '" class="empty_table">자료가 없습니다.</td></tr>';
}
?>
</tbody>
</table>
</div>
if ($i == 0) <div class="btn_fixed_top">
echo '<tr><td colspan="'.$colspan.'" class="empty_table">자료가 없습니다.</td></tr>'; <input type="submit" name="act_button" value="선택삭제" onclick="document.pressed=this.value" class="btn btn_02">
?> </div>
</tbody>
</table>
</div>
<div class="btn_fixed_top">
<input type="submit" name="act_button" value="선택삭제" onclick="document.pressed=this.value" class="btn btn_02">
</div>
</form> </form>
@ -185,67 +191,66 @@ else
<h2 class="h2_frm">개별회원 포인트 증감 설정</h2> <h2 class="h2_frm">개별회원 포인트 증감 설정</h2>
<form name="fpointlist2" method="post" id="fpointlist2" action="./point_update.php" autocomplete="off"> <form name="fpointlist2" method="post" id="fpointlist2" action="./point_update.php" autocomplete="off">
<input type="hidden" name="sfl" value="<?php echo $sfl ?>"> <input type="hidden" name="sfl" value="<?php echo $sfl ?>">
<input type="hidden" name="stx" value="<?php echo $stx ?>"> <input type="hidden" name="stx" value="<?php echo $stx ?>">
<input type="hidden" name="sst" value="<?php echo $sst ?>"> <input type="hidden" name="sst" value="<?php echo $sst ?>">
<input type="hidden" name="sod" value="<?php echo $sod ?>"> <input type="hidden" name="sod" value="<?php echo $sod ?>">
<input type="hidden" name="page" value="<?php echo $page ?>"> <input type="hidden" name="page" value="<?php echo $page ?>">
<input type="hidden" name="token" value="<?php echo isset($token) ? $token : ''; ?>"> <input type="hidden" name="token" value="<?php echo isset($token) ? $token : ''; ?>">
<div class="tbl_frm01 tbl_wrap"> <div class="tbl_frm01 tbl_wrap">
<table> <table>
<colgroup> <colgroup>
<col class="grid_4"> <col class="grid_4">
<col> <col>
</colgroup> </colgroup>
<tbody> <tbody>
<tr> <tr>
<th scope="row"><label for="mb_id">회원아이디<strong class="sound_only">필수</strong></label></th> <th scope="row"><label for="mb_id">회원아이디<strong class="sound_only">필수</strong></label></th>
<td><input type="text" name="mb_id" value="<?php echo $mb_id ?>" id="mb_id" class="required frm_input" required></td> <td><input type="text" name="mb_id" value="<?php echo $mb_id ?>" id="mb_id" class="required frm_input" required></td>
</tr> </tr>
<tr> <tr>
<th scope="row"><label for="po_content">포인트 내용<strong class="sound_only">필수</strong></label></th> <th scope="row"><label for="po_content">포인트 내용<strong class="sound_only">필수</strong></label></th>
<td><input type="text" name="po_content" id="po_content" required class="required frm_input" size="80"></td> <td><input type="text" name="po_content" id="po_content" required class="required frm_input" size="80"></td>
</tr> </tr>
<tr> <tr>
<th scope="row"><label for="po_point">포인트<strong class="sound_only">필수</strong></label></th> <th scope="row"><label for="po_point">포인트<strong class="sound_only">필수</strong></label></th>
<td><input type="text" name="po_point" id="po_point" required class="required frm_input"></td> <td><input type="text" name="po_point" id="po_point" required class="required frm_input"></td>
</tr> </tr>
<?php if($config['cf_point_term'] > 0) { ?> <?php if ($config['cf_point_term'] > 0) { ?>
<tr> <tr>
<th scope="row"><label for="po_expire_term">포인트 유효기간</label></th> <th scope="row"><label for="po_expire_term">포인트 유효기간</label></th>
<td><input type="text" name="po_expire_term" value="<?php echo $po_expire_term; ?>" id="po_expire_term" class="frm_input" size="5"> 일</td> <td><input type="text" name="po_expire_term" value="<?php echo $po_expire_term; ?>" id="po_expire_term" class="frm_input" size="5"> 일</td>
</tr> </tr>
<?php } ?> <?php } ?>
</tbody> </tbody>
</table> </table>
</div> </div>
<div class="btn_confirm01 btn_confirm"> <div class="btn_confirm01 btn_confirm">
<input type="submit" value="확인" class="btn_submit btn"> <input type="submit" value="확인" class="btn_submit btn">
</div> </div>
</form> </form>
</section> </section>
<script> <script>
function fpointlist_submit(f) function fpointlist_submit(f) {
{ if (!is_checked("chk[]")) {
if (!is_checked("chk[]")) { alert(document.pressed + " 하실 항목을 하나 이상 선택하세요.");
alert(document.pressed+" 하실 항목을 하나 이상 선택하세요.");
return false;
}
if(document.pressed == "선택삭제") {
if(!confirm("선택한 자료를 정말 삭제하시겠습니까?")) {
return false; return false;
} }
}
return true; if (document.pressed == "선택삭제") {
} if (!confirm("선택한 자료를 정말 삭제하시겠습니까?")) {
return false;
}
}
return true;
}
</script> </script>
<?php <?php
include_once ('./admin.tail.php'); require_once './admin.tail.php';

26
adm/point_list_delete.php
View File

@ -1,6 +1,6 @@
<?php <?php
$sub_menu = '200200'; $sub_menu = '200200';
include_once('./_common.php'); require_once './_common.php';
check_demo(); check_demo();
@ -9,11 +9,11 @@ auth_check_menu($auth, $sub_menu, 'd');
check_admin_token(); check_admin_token();
$count = (isset($_POST['chk']) && is_array($_POST['chk'])) ? count($_POST['chk']) : 0; $count = (isset($_POST['chk']) && is_array($_POST['chk'])) ? count($_POST['chk']) : 0;
if(!$count) if (!$count) {
alert($_POST['act_button'].' 하실 항목을 하나 이상 체크하세요.'); alert($_POST['act_button'] . ' 하실 항목을 하나 이상 체크하세요.');
}
for ($i=0; $i<$count; $i++) for ($i = 0; $i < $count; $i++) {
{
// 실제 번호를 넘김 // 실제 번호를 넘김
$k = $_POST['chk'][$i]; $k = $_POST['chk'][$i];
$po_id = (int) $_POST['po_id'][$k]; $po_id = (int) $_POST['po_id'][$k];
@ -23,19 +23,21 @@ for ($i=0; $i<$count; $i++)
$sql = " select * from {$g5['point_table']} where po_id = '{$po_id}' "; $sql = " select * from {$g5['point_table']} where po_id = '{$po_id}' ";
$row = sql_fetch($sql); $row = sql_fetch($sql);
if(!$row['po_id']) if (!$row['po_id']) {
continue; continue;
}
if($row['po_point'] < 0) { if ($row['po_point'] < 0) {
$mb_id = $row['mb_id']; $mb_id = $row['mb_id'];
$po_point = abs($row['po_point']); $po_point = abs($row['po_point']);
if($row['po_rel_table'] == '@expire') if ($row['po_rel_table'] == '@expire') {
delete_expire_point($mb_id, $po_point); delete_expire_point($mb_id, $po_point);
else } else {
delete_use_point($mb_id, $po_point); delete_use_point($mb_id, $po_point);
}
} else { } else {
if($row['po_use_point'] > 0) { if ($row['po_use_point'] > 0) {
insert_use_point($row['mb_id'], $row['po_use_point'], $row['po_id']); insert_use_point($row['mb_id'], $row['po_use_point'], $row['po_id']);
} }
} }
@ -53,8 +55,8 @@ for ($i=0; $i<$count; $i++)
// 포인트 UPDATE // 포인트 UPDATE
$sum_point = get_point_sum($_POST['mb_id'][$k]); $sum_point = get_point_sum($_POST['mb_id'][$k]);
$sql= " update {$g5['member_table']} set mb_point = '$sum_point' where mb_id = '{$str_mb_id}' "; $sql = " update {$g5['member_table']} set mb_point = '$sum_point' where mb_id = '{$str_mb_id}' ";
sql_query($sql); sql_query($sql);
} }
goto_url('./point_list.php?'.$qstr); goto_url('./point_list.php?' . $qstr);

18
adm/point_update.php
View File

@ -1,24 +1,26 @@
<?php <?php
$sub_menu = "200200"; $sub_menu = "200200";
include_once('./_common.php'); require_once './_common.php';
auth_check_menu($auth, $sub_menu, 'w'); auth_check_menu($auth, $sub_menu, 'w');
check_admin_token(); check_admin_token();
$mb_id = isset($_POST['mb_id']) ? strip_tags(clean_xss_attributes($_POST['mb_id'])) : ''; $mb_id = isset($_POST['mb_id']) ? strip_tags(clean_xss_attributes($_POST['mb_id'])) : '';
$po_point = isset($_POST['po_point']) ? strip_tags(clean_xss_attributes($_POST['po_point'])) : 0; $po_point = isset($_POST['po_point']) ? (int)strip_tags(clean_xss_attributes($_POST['po_point'])) : 0;
$po_content = isset($_POST['po_content']) ? strip_tags(clean_xss_attributes($_POST['po_content'])) : ''; $po_content = isset($_POST['po_content']) ? strip_tags(clean_xss_attributes($_POST['po_content'])) : '';
$expire = isset($_POST['po_expire_term']) ? preg_replace('/[^0-9]/', '', $_POST['po_expire_term']) : ''; $expire = isset($_POST['po_expire_term']) ? preg_replace('/[^0-9]/', '', $_POST['po_expire_term']) : '';
$mb = get_member($mb_id); $mb = get_member($mb_id);
if (!$mb['mb_id']) if (!$mb['mb_id']) {
alert('존재하는 회원아이디가 아닙니다.', './point_list.php?'.$qstr); alert('존재하는 회원아이디가 아닙니다.', './point_list.php?' . $qstr);
}
if (($po_point < 0) && ($po_point * (-1) > $mb['mb_point'])) if (($po_point < 0) && ($po_point * (-1) > $mb['mb_point'])) {
alert('포인트를 깎는 경우 현재 포인트보다 작으면 안됩니다.', './point_list.php?'.$qstr); alert('포인트를 깎는 경우 현재 포인트보다 작으면 안됩니다.', './point_list.php?' . $qstr);
}
insert_point($mb_id, $po_point, $po_content, '@passive', $mb_id, $member['mb_id'].'-'.uniqid(''), $expire); insert_point($mb_id, $po_point, $po_content, '@passive', $mb_id, $member['mb_id'] . '-' . uniqid(''), $expire);
goto_url('./point_list.php?'.$qstr); goto_url('./point_list.php?' . $qstr);

9
adm/poll_delete.php
View File

@ -1,6 +1,6 @@
<?php <?php
$sub_menu = "200900"; $sub_menu = "200900";
include_once('./_common.php'); require_once './_common.php';
check_demo(); check_demo();
@ -10,10 +10,11 @@ check_admin_token();
$count = (isset($_POST['chk']) && is_array($_POST['chk'])) ? count($_POST['chk']) : 0; $count = (isset($_POST['chk']) && is_array($_POST['chk'])) ? count($_POST['chk']) : 0;
if(!$count) if (!$count) {
alert('삭제할 투표목록을 1개이상 선택해 주세요.'); alert('삭제할 투표목록을 1개이상 선택해 주세요.');
}
for($i=0; $i<$count; $i++) { for ($i = 0; $i < $count; $i++) {
$po_id = isset($_POST['chk'][$i]) ? (int) $_POST['chk'][$i] : 0; $po_id = isset($_POST['chk'][$i]) ? (int) $_POST['chk'][$i] : 0;
$sql = " delete from {$g5['poll_table']} where po_id = '$po_id' "; $sql = " delete from {$g5['poll_table']} where po_id = '$po_id' ";
@ -23,4 +24,4 @@ for($i=0; $i<$count; $i++) {
sql_query($sql); sql_query($sql);
} }
goto_url('./poll_list.php?'.$qstr); goto_url('./poll_list.php?' . $qstr);

176
adm/poll_form.php
View File

@ -1,121 +1,123 @@
<?php <?php
$sub_menu = "200900"; $sub_menu = "200900";
include_once('./_common.php'); require_once './_common.php';
auth_check_menu($auth, $sub_menu, 'w'); auth_check_menu($auth, $sub_menu, 'w');
$po_id = isset($po_id) ? (int) $po_id : 0; $po_id = isset($po_id) ? (int) $po_id : 0;
$po = array( $po = array(
'po_subject'=>'', 'po_subject' => '',
'po_etc'=>'', 'po_etc' => '',
'po_level'=>'', 'po_level' => '',
'po_point'=>'', 'po_point' => '',
); );
$html_title = '투표'; $html_title = '투표';
if ($w == '') if ($w == '') {
$html_title .= ' 생성'; $html_title .= ' 생성';
else if ($w == 'u') { } elseif ($w == 'u') {
$html_title .= ' 수정'; $html_title .= ' 수정';
$sql = " select * from {$g5['poll_table']} where po_id = '{$po_id}' "; $sql = " select * from {$g5['poll_table']} where po_id = '{$po_id}' ";
$po = sql_fetch($sql); $po = sql_fetch($sql);
} else } else {
alert('w 값이 제대로 넘어오지 않았습니다.'); alert('w 값이 제대로 넘어오지 않았습니다.');
}
$g5['title'] = $html_title; $g5['title'] = $html_title;
include_once('./admin.head.php'); require_once './admin.head.php';
?> ?>
<form name="fpoll" id="fpoll" action="./poll_form_update.php" method="post" enctype="multipart/form-data"> <form name="fpoll" id="fpoll" action="./poll_form_update.php" method="post" enctype="multipart/form-data">
<input type="hidden" name="po_id" value="<?php echo $po_id ?>"> <input type="hidden" name="po_id" value="<?php echo $po_id ?>">
<input type="hidden" name="w" value="<?php echo $w ?>"> <input type="hidden" name="w" value="<?php echo $w ?>">
<input type="hidden" name="sfl" value="<?php echo $sfl ?>"> <input type="hidden" name="sfl" value="<?php echo $sfl ?>">
<input type="hidden" name="stx" value="<?php echo $stx ?>"> <input type="hidden" name="stx" value="<?php echo $stx ?>">
<input type="hidden" name="sst" value="<?php echo $sst ?>"> <input type="hidden" name="sst" value="<?php echo $sst ?>">
<input type="hidden" name="sod" value="<?php echo $sod ?>"> <input type="hidden" name="sod" value="<?php echo $sod ?>">
<input type="hidden" name="page" value="<?php echo $page ?>"> <input type="hidden" name="page" value="<?php echo $page ?>">
<input type="hidden" name="token" value=""> <input type="hidden" name="token" value="">
<div class="tbl_frm01 tbl_wrap"> <div class="tbl_frm01 tbl_wrap">
<table> <table>
<caption><?php echo $g5['title']; ?></caption> <caption><?php echo $g5['title']; ?></caption>
<tbody> <tbody>
<tr> <tr>
<th scope="row"><label for="po_subject">투표 제목<strong class="sound_only">필수</strong></label></th> <th scope="row"><label for="po_subject">투표 제목<strong class="sound_only">필수</strong></label></th>
<td><input type="text" name="po_subject" value="<?php echo get_sanitize_input($po['po_subject']); ?>" id="po_subject" required class="required frm_input" size="80" maxlength="125"></td> <td><input type="text" name="po_subject" value="<?php echo get_sanitize_input($po['po_subject']); ?>" id="po_subject" required class="required frm_input" size="80" maxlength="125"></td>
</tr> </tr>
<?php <?php
for ($i=1; $i<=9; $i++) { for ($i = 1; $i <= 9; $i++) {
$required = ''; $required = '';
if ($i==1 || $i==2) { $sound_only = '';
$required = 'required'; if ($i == 1 || $i == 2) {
$sound_only = '<strong class="sound_only">필수</strong>'; $required = 'required';
} $sound_only = '<strong class="sound_only">필수</strong>';
}
$po_poll = isset($po['po_poll'.$i]) ? get_text($po['po_poll'.$i]) : ''; $po_poll = isset($po['po_poll' . $i]) ? get_text($po['po_poll' . $i]) : '';
$po_cnt = isset($po['po_cnt'.$i]) ? get_text($po['po_cnt'.$i]) : 0; $po_cnt = isset($po['po_cnt' . $i]) ? get_text($po['po_cnt' . $i]) : 0;
?> ?>
<tr> <tr>
<th scope="row"><label for="po_poll<?php echo $i ?>">항목 <?php echo $i ?><?php echo $sound_only ?></label></th> <th scope="row"><label for="po_poll<?php echo $i ?>">항목 <?php echo $i ?><?php echo $sound_only ?></label></th>
<td> <td>
<input type="text" name="po_poll<?php echo $i ?>" value="<?php echo $po_poll ?>" id="po_poll<?php echo $i ?>" <?php echo $required ?> class="frm_input <?php echo $required ?>" maxlength="125"> <input type="text" name="po_poll<?php echo $i ?>" value="<?php echo $po_poll ?>" id="po_poll<?php echo $i ?>" <?php echo $required ?> class="frm_input <?php echo $required ?>" maxlength="125">
<label for="po_cnt<?php echo $i ?>">항목 <?php echo $i ?> 투표수</label> <label for="po_cnt<?php echo $i ?>">항목 <?php echo $i ?> 투표수</label>
<input type="text" name="po_cnt<?php echo $i ?>" value="<?php echo $po_cnt; ?>" id="po_cnt<?php echo $i ?>" class="frm_input" size="3"> <input type="text" name="po_cnt<?php echo $i ?>" value="<?php echo $po_cnt; ?>" id="po_cnt<?php echo $i ?>" class="frm_input" size="3">
</td> </td>
</tr> </tr>
<?php } ?> <?php } ?>
<tr> <tr>
<th scope="row"><label for="po_etc">기타의견</label></th> <th scope="row"><label for="po_etc">기타의견</label></th>
<td> <td>
<?php echo help('기타 의견을 남길 수 있도록 하려면, 간단한 질문을 입력하세요.') ?> <?php echo help('기타 의견을 남길 수 있도록 하려면, 간단한 질문을 입력하세요.') ?>
<input type="text" name="po_etc" value="<?php echo get_text($po['po_etc']) ?>" id="po_etc" class="frm_input" size="80" maxlength="125"> <input type="text" name="po_etc" value="<?php echo get_text($po['po_etc']) ?>" id="po_etc" class="frm_input" size="80" maxlength="125">
</td> </td>
</tr> </tr>
<tr> <tr>
<th scope="row"><label for="po_level">투표가능 회원레벨</label></th> <th scope="row"><label for="po_level">투표가능 회원레벨</label></th>
<td> <td>
<?php echo help("레벨을 1로 설정하면 손님도 투표할 수 있습니다.") ?> <?php echo help("레벨을 1로 설정하면 손님도 투표할 수 있습니다.") ?>
<?php echo get_member_level_select('po_level', 1, 10, $po['po_level']) ?> 이상 투표할 수 있음 <?php echo get_member_level_select('po_level', 1, 10, $po['po_level']) ?> 이상 투표할 수 있음
</td> </td>
</tr> </tr>
<tr> <tr>
<th scope="row"><label for="po_point">포인트</label></th> <th scope="row"><label for="po_point">포인트</label></th>
<td> <td>
<?php echo help('투표에 참여한 회원에게 포인트를 부여합니다.') ?> <?php echo help('투표에 참여한 회원에게 포인트를 부여합니다.') ?>
<input type="text" name="po_point" value="<?php echo $po['po_point'] ?>" id="po_point" class="frm_input"> 점 <input type="text" name="po_point" value="<?php echo $po['po_point'] ?>" id="po_point" class="frm_input"> 점
</td> </td>
</tr> </tr>
<?php if ($w == 'u') { ?> <?php if ($w == 'u') { ?>
<tr> <tr>
<th scope="row">투표등록일</th> <th scope="row">투표등록일</th>
<td><?php echo $po['po_date']; ?></td> <td><?php echo $po['po_date']; ?></td>
</tr> </tr>
<tr> <tr>
<th scope="row"><label for="po_ips">투표참가 IP</label></th> <th scope="row"><label for="po_ips">투표참가 IP</label></th>
<td><textarea name="po_ips" id="po_ips" readonly rows="10"><?php echo preg_replace("/\n/", " / ", $po['po_ips']) ?></textarea></td> <td><textarea name="po_ips" id="po_ips" readonly rows="10"><?php echo preg_replace("/\n/", " / ", $po['po_ips']) ?></textarea></td>
</tr> </tr>
<tr> <tr>
<th scope="row"><label for="mb_ids">투표참가 회원</label></th> <th scope="row"><label for="mb_ids">투표참가 회원</label></th>
<td><textarea name="mb_ids" id="mb_ids" readonly rows="10"><?php echo preg_replace("/\n/", " / ", $po['mb_ids']) ?></textarea></td> <td><textarea name="mb_ids" id="mb_ids" readonly rows="10"><?php echo preg_replace("/\n/", " / ", $po['mb_ids']) ?></textarea></td>
</tr> </tr>
<?php } ?> <?php } ?>
</tbody> </tbody>
</table> </table>
</div> </div>
<div class="btn_fixed_top "> <div class="btn_fixed_top ">
<a href="./poll_list.php?<?php echo $qstr ?>" class="btn_02 btn">목록</a> <a href="./poll_list.php?<?php echo $qstr ?>" class="btn_02 btn">목록</a>
<input type="submit" value="확인" class="btn_submit btn" accesskey="s"> <input type="submit" value="확인" class="btn_submit btn" accesskey="s">
</div> </div>
</form> </form>
<?php <?php
include_once('./admin.tail.php'); require_once './admin.tail.php';

83
adm/poll_form_update.php
View File

@ -1,60 +1,62 @@
<?php <?php
$sub_menu = "200900"; $sub_menu = "200900";
include_once('./_common.php'); require_once './_common.php';
$w = $_POST['w']; $w = $_POST['w'];
if ($w == 'u' || $w == 'd') if ($w == 'u' || $w == 'd') {
check_demo(); check_demo();
}
auth_check_menu($auth, $sub_menu, 'w'); auth_check_menu($auth, $sub_menu, 'w');
check_admin_token(); check_admin_token();
$check_keys = array( $check_keys = array(
'po_subject', 'po_subject',
'po_poll1', 'po_poll1',
'po_poll2', 'po_poll2',
'po_poll3', 'po_poll3',
'po_poll4', 'po_poll4',
'po_poll5', 'po_poll5',
'po_poll6', 'po_poll6',
'po_poll7', 'po_poll7',
'po_poll8', 'po_poll8',
'po_poll9', 'po_poll9',
'po_cnt1', 'po_cnt1',
'po_cnt2', 'po_cnt2',
'po_cnt3', 'po_cnt3',
'po_cnt4', 'po_cnt4',
'po_cnt5', 'po_cnt5',
'po_cnt6', 'po_cnt6',
'po_cnt7', 'po_cnt7',
'po_cnt8', 'po_cnt8',
'po_cnt9', 'po_cnt9',
'po_etc', 'po_etc',
'po_level', 'po_level',
'po_point', 'po_point',
'po_id' 'po_id'
); );
foreach( $_POST as $key=>$value ){ foreach ($_POST as $key => $value) {
if( empty($value) ) continue; if (empty($value)) {
continue;
}
if( in_array($key, $check_keys) ) { if (in_array($key, $check_keys)) {
$_POST[$key] = strip_tags(clean_xss_attributes($value)); $_POST[$key] = strip_tags(clean_xss_attributes($value));
} }
} }
if ($w == '') $po_id = isset($_POST['po_id']) ? $_POST['po_id'] : '';
{
if ($w == '') {
$sql = " insert {$g5['poll_table']} $sql = " insert {$g5['poll_table']}
( po_subject, po_poll1, po_poll2, po_poll3, po_poll4, po_poll5, po_poll6, po_poll7, po_poll8, po_poll9, po_cnt1, po_cnt2, po_cnt3, po_cnt4, po_cnt5, po_cnt6, po_cnt7, po_cnt8, po_cnt9, po_etc, po_level, po_point, po_date ) ( po_subject, po_poll1, po_poll2, po_poll3, po_poll4, po_poll5, po_poll6, po_poll7, po_poll8, po_poll9, po_cnt1, po_cnt2, po_cnt3, po_cnt4, po_cnt5, po_cnt6, po_cnt7, po_cnt8, po_cnt9, po_etc, po_level, po_point, po_date )
values ( '{$_POST['po_subject']}', '{$_POST['po_poll1']}', '{$_POST['po_poll2']}', '{$_POST['po_poll3']}', '{$_POST['po_poll4']}', '{$_POST['po_poll5']}', '{$_POST['po_poll6']}', '{$_POST['po_poll7']}', '{$_POST['po_poll8']}', '{$_POST['po_poll9']}', '{$_POST['po_cnt1']}', '{$_POST['po_cnt2']}', '{$_POST['po_cnt3']}', '{$_POST['po_cnt4']}', '{$_POST['po_cnt5']}', '{$_POST['po_cnt6']}', '{$_POST['po_cnt7']}', '{$_POST['po_cnt8']}', '{$_POST['po_cnt9']}', '{$_POST['po_etc']}', '{$_POST['po_level']}', '{$_POST['po_point']}', '".G5_TIME_YMD."' ) "; values ( '{$_POST['po_subject']}', '{$_POST['po_poll1']}', '{$_POST['po_poll2']}', '{$_POST['po_poll3']}', '{$_POST['po_poll4']}', '{$_POST['po_poll5']}', '{$_POST['po_poll6']}', '{$_POST['po_poll7']}', '{$_POST['po_poll8']}', '{$_POST['po_poll9']}', '{$_POST['po_cnt1']}', '{$_POST['po_cnt2']}', '{$_POST['po_cnt3']}', '{$_POST['po_cnt4']}', '{$_POST['po_cnt5']}', '{$_POST['po_cnt6']}', '{$_POST['po_cnt7']}', '{$_POST['po_cnt8']}', '{$_POST['po_cnt9']}', '{$_POST['po_etc']}', '{$_POST['po_level']}', '{$_POST['po_point']}', '" . G5_TIME_YMD . "' ) ";
sql_query($sql); sql_query($sql);
$po_id = sql_insert_id(); $po_id = sql_insert_id();
} } elseif ($w == 'u') {
else if ($w == 'u')
{
$sql = " update {$g5['poll_table']} $sql = " update {$g5['poll_table']}
set po_subject = '{$_POST['po_subject']}', set po_subject = '{$_POST['po_subject']}',
po_poll1 = '{$_POST['po_poll1']}', po_poll1 = '{$_POST['po_poll1']}',
@ -80,9 +82,7 @@ else if ($w == 'u')
po_point = '{$_POST['po_point']}' po_point = '{$_POST['po_point']}'
where po_id = '{$_POST['po_id']}' "; where po_id = '{$_POST['po_id']}' ";
sql_query($sql); sql_query($sql);
} } elseif ($w == 'd') {
else if ($w == 'd')
{
$sql = " delete from {$g5['poll_table']} where po_id = '{$_POST['po_id']}' "; $sql = " delete from {$g5['poll_table']} where po_id = '{$_POST['po_id']}' ";
sql_query($sql); sql_query($sql);
@ -96,7 +96,8 @@ else if ($w == 'd')
$row = sql_fetch(" select max(po_id) as max_po_id from {$g5['poll_table']} "); $row = sql_fetch(" select max(po_id) as max_po_id from {$g5['poll_table']} ");
sql_query(" update {$g5['config_table']} set cf_max_po_id = '{$row['max_po_id']}' "); sql_query(" update {$g5['config_table']} set cf_max_po_id = '{$row['max_po_id']}' ");
if ($w == 'd') if ($w == 'd') {
goto_url('./poll_list.php?'.$qstr); goto_url('./poll_list.php?' . $qstr);
else } else {
goto_url('./poll_form.php?w=u&po_id='.$po_id.'&amp;'.$qstr); goto_url('./poll_form.php?w=u&po_id=' . $po_id . '&amp;' . $qstr);
}

169
adm/poll_list.php
View File

@ -1,6 +1,6 @@
<?php <?php
$sub_menu = "200900"; $sub_menu = "200900";
include_once('./_common.php'); require_once './_common.php';
auth_check_menu($auth, $sub_menu, 'r'); auth_check_menu($auth, $sub_menu, 'r');
@ -10,7 +10,7 @@ $sql_search = " where (1) ";
if ($stx) { if ($stx) {
$sql_search .= " and ( "; $sql_search .= " and ( ";
switch ($sfl) { switch ($sfl) {
default : default:
$sql_search .= " ({$sfl} like '%{$stx}%') "; $sql_search .= " ({$sfl} like '%{$stx}%') ";
break; break;
} }
@ -18,7 +18,7 @@ if ($stx) {
} }
if (!$sst) { if (!$sst) {
$sst = "po_id"; $sst = "po_id";
$sod = "desc"; $sod = "desc";
} }
$sql_order = " order by {$sst} {$sod} "; $sql_order = " order by {$sst} {$sod} ";
@ -32,7 +32,9 @@ $total_count = $row['cnt'];
$rows = $config['cf_page_rows']; $rows = $config['cf_page_rows'];
$total_page = ceil($total_count / $rows); // 전체 페이지 계산 $total_page = ceil($total_count / $rows); // 전체 페이지 계산
if ($page < 1) $page = 1; // 페이지가 없으면 첫 페이지 (1 페이지) if ($page < 1) {
$page = 1; // 페이지가 없으면 첫 페이지 (1 페이지)
}
$from_record = ($page - 1) * $rows; // 시작 열을 구함 $from_record = ($page - 1) * $rows; // 시작 열을 구함
$sql = " select * $sql = " select *
@ -42,10 +44,10 @@ $sql = " select *
limit {$from_record}, {$rows} "; limit {$from_record}, {$rows} ";
$result = sql_query($sql); $result = sql_query($sql);
$listall = '<a href="'.$_SERVER['SCRIPT_NAME'].'" class="ov_listall">전체목록</a>'; $listall = '<a href="' . $_SERVER['SCRIPT_NAME'] . '" class="ov_listall">전체목록</a>';
$g5['title'] = '투표관리'; $g5['title'] = '투표관리';
include_once('./admin.head.php'); require_once './admin.head.php';
$colspan = 7; $colspan = 7;
?> ?>
@ -56,102 +58,103 @@ $colspan = 7;
</div> </div>
<form name="fsearch" id="fsearch" class="local_sch01 local_sch" method="get"> <form name="fsearch" id="fsearch" class="local_sch01 local_sch" method="get">
<div class="sch_last"> <div class="sch_last">
<label for="sfl" class="sound_only">검색대상</label> <label for="sfl" class="sound_only">검색대상</label>
<select name="sfl" id="sfl"> <select name="sfl" id="sfl">
<option value="po_subject"<?php echo get_selected($sfl, "po_subject"); ?>>제목</option> <option value="po_subject" <?php echo get_selected($sfl, "po_subject"); ?>>제목</option>
</select> </select>
<label for="stx" class="sound_only">검색어<strong class="sound_only"> 필수</strong></label> <label for="stx" class="sound_only">검색어<strong class="sound_only"> 필수</strong></label>
<input type="text" name="stx" value="<?php echo $stx ?>" id="stx" required class="required frm_input"> <input type="text" name="stx" value="<?php echo $stx ?>" id="stx" required class="required frm_input">
<input type="submit" class="btn_submit" value="검색"> <input type="submit" class="btn_submit" value="검색">
</div> </div>
</form> </form>
<form name="fpolllist" id="fpolllist" action="./poll_delete.php" method="post"> <form name="fpolllist" id="fpolllist" action="./poll_delete.php" method="post">
<input type="hidden" name="sst" value="<?php echo $sst ?>"> <input type="hidden" name="sst" value="<?php echo $sst ?>">
<input type="hidden" name="sod" value="<?php echo $sod ?>"> <input type="hidden" name="sod" value="<?php echo $sod ?>">
<input type="hidden" name="sfl" value="<?php echo $sfl ?>"> <input type="hidden" name="sfl" value="<?php echo $sfl ?>">
<input type="hidden" name="stx" value="<?php echo $stx ?>"> <input type="hidden" name="stx" value="<?php echo $stx ?>">
<input type="hidden" name="page" value="<?php echo $page ?>"> <input type="hidden" name="page" value="<?php echo $page ?>">
<input type="hidden" name="token" value=""> <input type="hidden" name="token" value="">
<div class="tbl_head01 tbl_wrap"> <div class="tbl_head01 tbl_wrap">
<table> <table>
<caption><?php echo $g5['title']; ?> 목록</caption> <caption><?php echo $g5['title']; ?> 목록</caption>
<thead> <thead>
<tr> <tr>
<th scope="col"> <th scope="col">
<label for="chkall" class="sound_only">현재 페이지 투표 전체</label> <label for="chkall" class="sound_only">현재 페이지 투표 전체</label>
<input type="checkbox" name="chkall" value="1" id="chkall" onclick="check_all(this.form)"> <input type="checkbox" name="chkall" value="1" id="chkall" onclick="check_all(this.form)">
</th> </th>
<th scope="col">번호</th> <th scope="col">번호</th>
<th scope="col">제목</th> <th scope="col">제목</th>
<th scope="col">투표권한</th> <th scope="col">투표권한</th>
<th scope="col">투표수</th> <th scope="col">투표수</th>
<th scope="col">기타의견</th> <th scope="col">기타의견</th>
<th scope="col">관리</th> <th scope="col">관리</th>
</tr> </tr>
</thead> </thead>
<tbody> <tbody>
<?php <?php
for ($i=0; $row=sql_fetch_array($result); $i++) { for ($i = 0; $row = sql_fetch_array($result); $i++) {
$sql2 = " select sum(po_cnt1+po_cnt2+po_cnt3+po_cnt4+po_cnt5+po_cnt6+po_cnt7+po_cnt8+po_cnt9) as sum_po_cnt from {$g5['poll_table']} where po_id = '{$row['po_id']}' "; $sql2 = " select sum(po_cnt1+po_cnt2+po_cnt3+po_cnt4+po_cnt5+po_cnt6+po_cnt7+po_cnt8+po_cnt9) as sum_po_cnt from {$g5['poll_table']} where po_id = '{$row['po_id']}' ";
$row2 = sql_fetch($sql2); $row2 = sql_fetch($sql2);
$po_etc = ($row['po_etc']) ? "사용" : "미사용"; $po_etc = ($row['po_etc']) ? "사용" : "미사용";
$s_mod = '<a href="./poll_form.php?'.$qstr.'&amp;w=u&amp;po_id='.$row['po_id'].'" class="btn btn_03">수정</a>'; $s_mod = '<a href="./poll_form.php?' . $qstr . '&amp;w=u&amp;po_id=' . $row['po_id'] . '" class="btn btn_03">수정</a>';
$bg = 'bg'.($i%2); $bg = 'bg' . ($i % 2);
?> ?>
<tr class="<?php echo $bg; ?>"> <tr class="<?php echo $bg; ?>">
<td class="td_chk"> <td class="td_chk">
<label for="chk_<?php echo $i; ?>" class="sound_only"><?php echo cut_str(get_text($row['po_subject']),70) ?> 투표</label> <label for="chk_<?php echo $i; ?>" class="sound_only"><?php echo cut_str(get_text($row['po_subject']), 70) ?> 투표</label>
<input type="checkbox" name="chk[]" value="<?php echo $row['po_id'] ?>" id="chk_<?php echo $i ?>"> <input type="checkbox" name="chk[]" value="<?php echo $row['po_id'] ?>" id="chk_<?php echo $i ?>">
</td> </td>
<td class="td_num"><?php echo $row['po_id'] ?></td> <td class="td_num"><?php echo $row['po_id'] ?></td>
<td class="td_left"><?php echo cut_str(get_text($row['po_subject']),70) ?></td> <td class="td_left"><?php echo cut_str(get_text($row['po_subject']), 70) ?></td>
<td class="td_num"><?php echo $row['po_level'] ?></td> <td class="td_num"><?php echo $row['po_level'] ?></td>
<td class="td_num"><?php echo $row2['sum_po_cnt'] ?></td> <td class="td_num"><?php echo $row2['sum_po_cnt'] ?></td>
<td class="td_etc"><?php echo $po_etc ?></td> <td class="td_etc"><?php echo $po_etc ?></td>
<td class="td_mng td_mng_s"><?php echo $s_mod ?></td> <td class="td_mng td_mng_s"><?php echo $s_mod ?></td>
</tr> </tr>
<?php <?php
} }
if ($i==0) if ($i == 0) {
echo '<tr><td colspan="'.$colspan.'" class="empty_table">자료가 없습니다.</td></tr>'; echo '<tr><td colspan="' . $colspan . '" class="empty_table">자료가 없습니다.</td></tr>';
?> }
</tbody> ?>
</table> </tbody>
</div> </table>
</div>
<div class="btn_fixed_top"> <div class="btn_fixed_top">
<input type="submit" value="선택삭제" class="btn btn_02"> <input type="submit" value="선택삭제" class="btn btn_02">
<a href="./poll_form.php" id="poll_add" class="btn btn_01">투표 추가</a> <a href="./poll_form.php" id="poll_add" class="btn btn_01">투표 추가</a>
</div> </div>
</form> </form>
<?php echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, "{$_SERVER['SCRIPT_NAME']}?$qstr&amp;page="); ?> <?php echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, "{$_SERVER['SCRIPT_NAME']}?$qstr&amp;page="); ?>
<script> <script>
$(function() { $(function() {
$('#fpolllist').submit(function() { $('#fpolllist').submit(function() {
if(confirm("한번 삭제한 자료는 복구할 방법이 없습니다.\n\n정말 삭제하시겠습니까?")) { if (confirm("한번 삭제한 자료는 복구할 방법이 없습니다.\n\n정말 삭제하시겠습니까?")) {
if (!is_checked("chk[]")) { if (!is_checked("chk[]")) {
alert("선택삭제 하실 항목을 하나 이상 선택하세요."); alert("선택삭제 하실 항목을 하나 이상 선택하세요.");
return false;
}
return true;
} else {
return false; return false;
} }
});
return true;
} else {
return false;
}
}); });
});
</script> </script>
<?php <?php
include_once ('./admin.tail.php'); require_once './admin.tail.php';

340
adm/popular_list.php
View File

@ -1,170 +1,170 @@
<?php <?php
$sub_menu = "300300"; $sub_menu = "300300";
include_once('./_common.php'); require_once './_common.php';
auth_check_menu($auth, $sub_menu, 'r'); auth_check_menu($auth, $sub_menu, 'r');
// 체크된 자료 삭제 // 체크된 자료 삭제
if (isset($_POST['chk']) && is_array($_POST['chk'])) { if (isset($_POST['chk']) && is_array($_POST['chk'])) {
for ($i=0; $i<count($_POST['chk']); $i++) { for ($i = 0; $i < count($_POST['chk']); $i++) {
$pp_id = (int) $_POST['chk'][$i]; $pp_id = (int) $_POST['chk'][$i];
sql_query(" delete from {$g5['popular_table']} where pp_id = '$pp_id' ", true); sql_query(" delete from {$g5['popular_table']} where pp_id = '$pp_id' ", true);
} }
} }
$sql_common = " from {$g5['popular_table']} a "; $sql_common = " from {$g5['popular_table']} a ";
$sql_search = " where (1) "; $sql_search = " where (1) ";
if ($stx) { if ($stx) {
$sql_search .= " and ( "; $sql_search .= " and ( ";
switch ($sfl) { switch ($sfl) {
case "pp_word" : case "pp_word":
$sql_search .= " ({$sfl} like '{$stx}%') "; $sql_search .= " ({$sfl} like '{$stx}%') ";
break; break;
case "pp_date" : case "pp_date":
$sql_search .= " ({$sfl} = '{$stx}') "; $sql_search .= " ({$sfl} = '{$stx}') ";
break; break;
default : default:
$sql_search .= " ({$sfl} like '%{$stx}%') "; $sql_search .= " ({$sfl} like '%{$stx}%') ";
break; break;
} }
$sql_search .= " ) "; $sql_search .= " ) ";
} }
if (!$sst) { if (!$sst) {
$sst = "pp_id"; $sst = "pp_id";
$sod = "desc"; $sod = "desc";
} }
$sql_order = " order by {$sst} {$sod} "; $sql_order = " order by {$sst} {$sod} ";
$sql = " select count(*) as cnt $sql = " select count(*) as cnt
{$sql_common} {$sql_common}
{$sql_search} {$sql_search}
{$sql_order} "; {$sql_order} ";
$row = sql_fetch($sql); $row = sql_fetch($sql);
$total_count = $row['cnt']; $total_count = $row['cnt'];
$rows = $config['cf_page_rows']; $rows = $config['cf_page_rows'];
$total_page = ceil($total_count / $rows); // 전체 페이지 계산 $total_page = ceil($total_count / $rows); // 전체 페이지 계산
if ($page < 1) { $page = 1; } // 페이지가 없으면 첫 페이지 (1 페이지) if ($page < 1) {
$from_record = ($page - 1) * $rows; // 시작 열을 구함 $page = 1;
} // 페이지가 없으면 첫 페이지 (1 페이지)
$sql = " select * $from_record = ($page - 1) * $rows; // 시작 열을 구함
{$sql_common}
{$sql_search} $sql = " select *
{$sql_order} {$sql_common}
limit {$from_record}, {$rows} "; {$sql_search}
$result = sql_query($sql); {$sql_order}
limit {$from_record}, {$rows} ";
$listall = '<a href="'.$_SERVER['SCRIPT_NAME'].'" class="ov_listall">전체목록</a>'; $result = sql_query($sql);
$g5['title'] = '인기검색어관리'; $listall = '<a href="' . $_SERVER['SCRIPT_NAME'] . '" class="ov_listall">전체목록</a>';
include_once('./admin.head.php');
$g5['title'] = '인기검색어관리';
$colspan = 4; require_once './admin.head.php';
?>
$colspan = 4;
<script> ?>
var list_update_php = '';
var list_delete_php = 'popular_list.php'; <script>
</script> var list_update_php = '';
var list_delete_php = 'popular_list.php';
<div class="local_ov01 local_ov"> </script>
<?php echo $listall ?>
<span class="btn_ov01"><span class="ov_txt">건수</span><span class="ov_num"> <?php echo number_format($total_count) ?>개</span></span> <div class="local_ov01 local_ov">
</div> <?php echo $listall ?>
<span class="btn_ov01"><span class="ov_txt">건수</span><span class="ov_num"> <?php echo number_format($total_count) ?>개</span></span>
<form name="fsearch" id="fsearch" class="local_sch01 local_sch" method="get"> </div>
<div class="sch_last">
<label for="sfl" class="sound_only">검색대상</label> <form name="fsearch" id="fsearch" class="local_sch01 local_sch" method="get">
<select name="sfl" id="sfl"> <div class="sch_last">
<option value="pp_word"<?php echo get_selected($sfl, "pp_word"); ?>>검색어</option> <label for="sfl" class="sound_only">검색대상</label>
<option value="pp_date"<?php echo get_selected($sfl, "pp_date"); ?>>등록일</option> <select name="sfl" id="sfl">
</select> <option value="pp_word" <?php echo get_selected($sfl, "pp_word"); ?>>검색어</option>
<label for="stx" class="sound_only">검색어<strong class="sound_only"> 필수</strong></label> <option value="pp_date" <?php echo get_selected($sfl, "pp_date"); ?>>등록일</option>
<input type="text" name="stx" value="<?php echo $stx ?>" id="stx" required class="required frm_input"> </select>
<input type="submit" value="검색" class="btn_submit"> <label for="stx" class="sound_only">검색어<strong class="sound_only"> 필수</strong></label>
</div> <input type="text" name="stx" value="<?php echo $stx ?>" id="stx" required class="required frm_input">
</form> <input type="submit" value="검색" class="btn_submit">
</div>
<form name="fpopularlist" id="fpopularlist" method="post"> </form>
<input type="hidden" name="sst" value="<?php echo $sst ?>">
<input type="hidden" name="sod" value="<?php echo $sod ?>"> <form name="fpopularlist" id="fpopularlist" method="post">
<input type="hidden" name="sfl" value="<?php echo $sfl ?>"> <input type="hidden" name="sst" value="<?php echo $sst ?>">
<input type="hidden" name="stx" value="<?php echo $stx ?>"> <input type="hidden" name="sod" value="<?php echo $sod ?>">
<input type="hidden" name="page" value="<?php echo $page ?>"> <input type="hidden" name="sfl" value="<?php echo $sfl ?>">
<input type="hidden" name="token" value="<?php echo isset($token) ? $token : ''; ?>"> <input type="hidden" name="stx" value="<?php echo $stx ?>">
<input type="hidden" name="page" value="<?php echo $page ?>">
<div class="tbl_head01 tbl_wrap"> <input type="hidden" name="token" value="<?php echo isset($token) ? $token : ''; ?>">
<table>
<caption><?php echo $g5['title']; ?> 목록</caption> <div class="tbl_head01 tbl_wrap">
<thead> <table>
<tr> <caption><?php echo $g5['title']; ?> 목록</caption>
<th scope="col"> <thead>
<label for="chkall" class="sound_only">현재 페이지 인기검색어 전체</label> <tr>
<input type="checkbox" name="chkall" value="1" id="chkall" onclick="check_all(this.form)"> <th scope="col">
</th> <label for="chkall" class="sound_only">현재 페이지 인기검색어 전체</label>
<th scope="col"><?php echo subject_sort_link('pp_word') ?>검색어</a></th> <input type="checkbox" name="chkall" value="1" id="chkall" onclick="check_all(this.form)">
<th scope="col">등록일</th> </th>
<th scope="col">등록IP</th> <th scope="col"><?php echo subject_sort_link('pp_word') ?>검색어</a></th>
</tr> <th scope="col">등록일</th>
</thead> <th scope="col">등록IP</th>
<tbody> </tr>
<?php </thead>
for ($i=0; $row=sql_fetch_array($result); $i++) { <tbody>
<?php
$word = get_text($row['pp_word']); for ($i = 0; $row = sql_fetch_array($result); $i++) {
$bg = 'bg'.($i%2); $word = get_text($row['pp_word']);
?> $bg = 'bg' . ($i % 2);
?>
<tr class="<?php echo $bg; ?>"> <tr class="<?php echo $bg; ?>">
<td class="td_chk"> <td class="td_chk">
<label for="chk_<?php echo $i; ?>" class="sound_only"><?php echo $word ?></label> <label for="chk_<?php echo $i; ?>" class="sound_only"><?php echo $word ?></label>
<input type="checkbox" name="chk[]" value="<?php echo $row['pp_id'] ?>" id="chk_<?php echo $i ?>"> <input type="checkbox" name="chk[]" value="<?php echo $row['pp_id'] ?>" id="chk_<?php echo $i ?>">
</td> </td>
<td class="td_left"><a href="<?php echo $_SERVER['SCRIPT_NAME'] ?>?sfl=pp_word&amp;stx=<?php echo $word ?>"><?php echo $word ?></a></td> <td class="td_left"><a href="<?php echo $_SERVER['SCRIPT_NAME'] ?>?sfl=pp_word&amp;stx=<?php echo $word ?>"><?php echo $word ?></a></td>
<td><?php echo $row['pp_date'] ?></td> <td><?php echo $row['pp_date'] ?></td>
<td><?php echo $row['pp_ip'] ?></td> <td><?php echo $row['pp_ip'] ?></td>
</tr> </tr>
<?php
<?php }
}
if ($i == 0) {
if ($i == 0) echo '<tr><td colspan="' . $colspan . '" class="empty_table">자료가 없습니다.</td></tr>';
echo '<tr><td colspan="'.$colspan.'" class="empty_table">자료가 없습니다.</td></tr>'; }
?> ?>
</tbody> </tbody>
</table> </table>
</div> </div>
<?php if ($is_admin == 'super'){ ?> <?php if ($is_admin == 'super') { ?>
<div class=" btn_fixed_top"> <div class=" btn_fixed_top">
<button type="submit" class="btn btn_02">선택삭제</button> <button type="submit" class="btn btn_02">선택삭제</button>
</div> </div>
<?php } ?> <?php } ?>
</form> </form>
<?php echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, "{$_SERVER['SCRIPT_NAME']}?$qstr&amp;page="); ?> <?php echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, "{$_SERVER['SCRIPT_NAME']}?$qstr&amp;page="); ?>
<script> <script>
$(function() { $(function() {
$('#fpopularlist').submit(function() { $('#fpopularlist').submit(function() {
if(confirm("한번 삭제한 자료는 복구할 방법이 없습니다.\n\n정말 삭제하시겠습니까?")) { if (confirm("한번 삭제한 자료는 복구할 방법이 없습니다.\n\n정말 삭제하시겠습니까?")) {
if (!is_checked("chk[]")) { if (!is_checked("chk[]")) {
alert("선택삭제 하실 항목을 하나 이상 선택하세요."); alert("선택삭제 하실 항목을 하나 이상 선택하세요.");
return false; return false;
} }
return true; return true;
} else { } else {
return false; return false;
} }
}); });
}); });
</script> </script>
<?php <?php
include_once('./admin.tail.php'); require_once './admin.tail.php';

234
adm/popular_rank.php
View File

@ -1,112 +1,122 @@
<?php <?php
$sub_menu = "300400"; $sub_menu = "300400";
include_once('./_common.php'); require_once './_common.php';
auth_check_menu($auth, $sub_menu, 'r'); auth_check_menu($auth, $sub_menu, 'r');
$fr_date = isset($_REQUEST['fr_date']) ? $_REQUEST['fr_date'] : ''; $fr_date = isset($_REQUEST['fr_date']) ? $_REQUEST['fr_date'] : '';
$to_date = isset($_REQUEST['to_date']) ? $_REQUEST['to_date'] : ''; $to_date = isset($_REQUEST['to_date']) ? $_REQUEST['to_date'] : '';
if (empty($fr_date) || ! preg_match("/^[0-9]{4}-(0[1-9]|1[0-2])-(0[1-9]|[1-2][0-9]|3[0-1])$/", $fr_date) ) $fr_date = G5_TIME_YMD; if (empty($fr_date) || !preg_match("/^[0-9]{4}-(0[1-9]|1[0-2])-(0[1-9]|[1-2][0-9]|3[0-1])$/", $fr_date)) {
if (empty($to_date) || ! preg_match("/^[0-9]{4}-(0[1-9]|1[0-2])-(0[1-9]|[1-2][0-9]|3[0-1])$/", $to_date) ) $to_date = G5_TIME_YMD; $fr_date = G5_TIME_YMD;
}
$qstr = "fr_date={$fr_date}&amp;to_date={$to_date}"; if (empty($to_date) || !preg_match("/^[0-9]{4}-(0[1-9]|1[0-2])-(0[1-9]|[1-2][0-9]|3[0-1])$/", $to_date)) {
$to_date = G5_TIME_YMD;
$sql_common = " from {$g5['popular_table']} a "; }
$sql_search = " where trim(pp_word) <> '' and pp_date between '{$fr_date}' and '{$to_date}' ";
$sql_group = " group by pp_word "; $qstr = "fr_date={$fr_date}&amp;to_date={$to_date}";
$sql_order = " order by cnt desc ";
$sql_common = " from {$g5['popular_table']} a ";
$sql = " select pp_word {$sql_common} {$sql_search} {$sql_group} "; $sql_search = " where trim(pp_word) <> '' and pp_date between '{$fr_date}' and '{$to_date}' ";
$result = sql_query($sql); $sql_group = " group by pp_word ";
$total_count = sql_num_rows($result); $sql_order = " order by cnt desc ";
$rows = $config['cf_page_rows']; $sql = " select pp_word {$sql_common} {$sql_search} {$sql_group} ";
$total_page = ceil($total_count / $rows); // 전체 페이지 계산 $result = sql_query($sql);
if ($page < 1) { $page = 1; } // 페이지가 없으면 첫 페이지 (1 페이지) $total_count = sql_num_rows($result);
$from_record = ($page - 1) * $rows; // 시작 열을 구함
$rows = $config['cf_page_rows'];
$sql = " select pp_word, count(*) as cnt {$sql_common} {$sql_search} {$sql_group} {$sql_order} limit {$from_record}, {$rows} "; $total_page = ceil($total_count / $rows); // 전체 페이지 계산
$result = sql_query($sql); if ($page < 1) {
$page = 1;
$listall = '<a href="'.$_SERVER['SCRIPT_NAME'].'" class="ov_listall">전체목록</a>'; } // 페이지가 없으면 첫 페이지 (1 페이지)
$from_record = ($page - 1) * $rows; // 시작 열을 구함
$g5['title'] = '인기검색어순위';
include_once('./admin.head.php'); $sql = " select pp_word, count(*) as cnt {$sql_common} {$sql_search} {$sql_group} {$sql_order} limit {$from_record}, {$rows} ";
include_once(G5_PLUGIN_PATH.'/jquery-ui/datepicker.php'); $result = sql_query($sql);
$colspan = 3; $listall = '<a href="' . $_SERVER['SCRIPT_NAME'] . '" class="ov_listall">전체목록</a>';
?>
$g5['title'] = '인기검색어순위';
<script> require_once './admin.head.php';
$(function(){ require_once G5_PLUGIN_PATH . '/jquery-ui/datepicker.php';
$("#fr_date, #to_date").datepicker({ changeMonth: true, changeYear: true, dateFormat: "yy-mm-dd", showButtonPanel: true, yearRange: "c-99:c+99", maxDate: "+0d" });
}); $colspan = 3;
</script> ?>
<div class="local_ov01 local_ov"> <script>
<?php echo $listall ?> $(function() {
<span class="btn_ov01"><span class="ov_txt">건수</span><span class="ov_num"> <?php echo number_format($total_count) ?>개</span></span> $("#fr_date, #to_date").datepicker({
</div> changeMonth: true,
changeYear: true,
<form name="fsearch" id="fsearch" class="local_sch02 local_sch" method="get"> dateFormat: "yy-mm-dd",
<div class="sch_last"> showButtonPanel: true,
<strong>기간별검색</strong> yearRange: "c-99:c+99",
<input type="text" name="fr_date" value="<?php echo $fr_date ?>" id="fr_date" class="frm_input" size="11" maxlength="10"> maxDate: "+0d"
<label for="fr_date" class="sound_only">시작일</label> });
~ });
<input type="text" name="to_date" value="<?php echo $to_date ?>" id="to_date" class="frm_input" size="11" maxlength="10"> </script>
<label for="to_date" class="sound_only">종료일</label>
<input type="submit" class="btn_sch2" value="검색"> <div class="local_ov01 local_ov">
</div> <?php echo $listall ?>
</form> <span class="btn_ov01"><span class="ov_txt">건수</span><span class="ov_num"> <?php echo number_format($total_count) ?>개</span></span>
</div>
<form name="fpopularrank" id="fpopularrank" method="post">
<input type="hidden" name="sst" value="<?php echo $sst ?>"> <form name="fsearch" id="fsearch" class="local_sch02 local_sch" method="get">
<input type="hidden" name="sod" value="<?php echo $sod ?>"> <div class="sch_last">
<input type="hidden" name="sfl" value="<?php echo $sfl ?>"> <strong>기간별검색</strong>
<input type="hidden" name="stx" value="<?php echo $stx ?>"> <input type="text" name="fr_date" value="<?php echo $fr_date ?>" id="fr_date" class="frm_input" size="11" maxlength="10">
<input type="hidden" name="page" value="<?php echo $page ?>"> <label for="fr_date" class="sound_only">시작일</label>
<input type="hidden" name="token" value="<?php echo isset($token) ? $token : ''; ?>"> ~
<input type="text" name="to_date" value="<?php echo $to_date ?>" id="to_date" class="frm_input" size="11" maxlength="10">
<div class="tbl_head01 tbl_wrap"> <label for="to_date" class="sound_only">종료일</label>
<table> <input type="submit" class="btn_sch2" value="검색">
<caption><?php echo $g5['title']; ?> 목록</caption> </div>
<thead> </form>
<tr>
<th scope="col">순위</th> <form name="fpopularrank" id="fpopularrank" method="post">
<th scope="col">검색어</th> <input type="hidden" name="sst" value="<?php echo $sst ?>">
<th scope="col">검색회수</th> <input type="hidden" name="sod" value="<?php echo $sod ?>">
</tr> <input type="hidden" name="sfl" value="<?php echo $sfl ?>">
</thead> <input type="hidden" name="stx" value="<?php echo $stx ?>">
<tbody> <input type="hidden" name="page" value="<?php echo $page ?>">
<?php <input type="hidden" name="token" value="<?php echo isset($token) ? $token : ''; ?>">
for ($i=0; $row=sql_fetch_array($result); $i++) {
<div class="tbl_head01 tbl_wrap">
$word = get_text($row['pp_word']); <table>
$rank = ($i + 1 + ($rows * ($page - 1))); <caption><?php echo $g5['title']; ?> 목록</caption>
<thead>
?> <tr>
<th scope="col">순위</th>
<tr> <th scope="col">검색어</th>
<td class="td_num"><?php echo $rank ?></td> <th scope="col">검색회수</th>
<td class="td_left"><?php echo $word ?></td> </tr>
<td class="td_num"><?php echo $row['cnt'] ?></td> </thead>
</tr> <tbody>
<?php
<?php for ($i = 0; $row = sql_fetch_array($result); $i++) {
} $word = get_text($row['pp_word']);
$rank = ($i + 1 + ($rows * ($page - 1)));
if ($i == 0) ?>
echo '<tr><td colspan="'.$colspan.'" class="empty_table">자료가 없습니다.</td></tr>'; <tr>
?> <td class="td_num"><?php echo $rank ?></td>
</tbody> <td class="td_left"><?php echo $word ?></td>
</table> <td class="td_num"><?php echo $row['cnt'] ?></td>
</div> </tr>
<?php
</form> }
<?php if ($i == 0) {
echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, "{$_SERVER['SCRIPT_NAME']}?$qstr&amp;page="); echo '<tr><td colspan="' . $colspan . '" class="empty_table">자료가 없습니다.</td></tr>';
}
include_once('./admin.tail.php'); ?>
</tbody>
</table>
</div>
</form>
<?php
echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, "{$_SERVER['SCRIPT_NAME']}?$qstr&amp;page=");
require_once './admin.tail.php';

565
adm/qa_config.php
View File

@ -1,16 +1,17 @@
<?php <?php
$sub_menu = "300500"; $sub_menu = "300500";
include_once('./_common.php'); require_once './_common.php';
include_once(G5_EDITOR_LIB); require_once G5_EDITOR_LIB;
auth_check_menu($auth, $sub_menu, 'r'); auth_check_menu($auth, $sub_menu, 'r');
$g5['title'] = '1:1문의 설정'; $g5['title'] = '1:1문의 설정';
include_once ('./admin.head.php'); require_once './admin.head.php';
// DB 테이블 생성 // DB 테이블 생성
if(!sql_query(" DESCRIBE `{$g5['qa_config_table']}` ", false)) { if (!sql_query(" DESCRIBE `{$g5['qa_config_table']}` ", false)) {
sql_query(" CREATE TABLE IF NOT EXISTS `{$g5['qa_config_table']}` ( sql_query(
" CREATE TABLE IF NOT EXISTS `{$g5['qa_config_table']}` (
`qa_title` varchar(255) NOT NULL DEFAULT'', `qa_title` varchar(255) NOT NULL DEFAULT'',
`qa_category` varchar(255) NOT NULL DEFAULT'', `qa_category` varchar(255) NOT NULL DEFAULT'',
`qa_skin` varchar(255) NOT NULL DEFAULT '', `qa_skin` varchar(255) NOT NULL DEFAULT '',
@ -46,8 +47,11 @@ if(!sql_query(" DESCRIBE `{$g5['qa_config_table']}` ", false)) {
`qa_3` varchar(255) NOT NULL DEFAULT '', `qa_3` varchar(255) NOT NULL DEFAULT '',
`qa_4` varchar(255) NOT NULL DEFAULT '', `qa_4` varchar(255) NOT NULL DEFAULT '',
`qa_5` varchar(255) NOT NULL DEFAULT '' `qa_5` varchar(255) NOT NULL DEFAULT ''
)", true); )",
sql_query(" CREATE TABLE IF NOT EXISTS `{$g5['qa_content_table']}` ( true
);
sql_query(
" CREATE TABLE IF NOT EXISTS `{$g5['qa_content_table']}` (
`qa_id` int(11) NOT NULL AUTO_INCREMENT, `qa_id` int(11) NOT NULL AUTO_INCREMENT,
`qa_num` int(11) NOT NULL DEFAULT '0', `qa_num` int(11) NOT NULL DEFAULT '0',
`qa_parent` int(11) NOT NULL DEFAULT '0', `qa_parent` int(11) NOT NULL DEFAULT '0',
@ -77,18 +81,20 @@ if(!sql_query(" DESCRIBE `{$g5['qa_config_table']}` ", false)) {
`qa_5` varchar(255) NOT NULL DEFAULT '', `qa_5` varchar(255) NOT NULL DEFAULT '',
PRIMARY KEY (`qa_id`), PRIMARY KEY (`qa_id`),
KEY `qa_num_parent` (`qa_num`,`qa_parent`) KEY `qa_num_parent` (`qa_num`,`qa_parent`)
)", true); )",
true
);
} }
$sql = " SHOW COLUMNS FROM `{$g5['qa_content_table']}` LIKE 'qa_content' "; $sql = " SHOW COLUMNS FROM `{$g5['qa_content_table']}` LIKE 'qa_content' ";
$row = sql_fetch($sql); $row = sql_fetch($sql);
if(strpos($row['Type'], 'text') === false) { if (strpos($row['Type'], 'text') === false) {
sql_query(" ALTER TABLE `{$g5['qa_content_table']}` CHANGE `qa_content` `qa_content` text NOT NULL ", true); sql_query(" ALTER TABLE `{$g5['qa_content_table']}` CHANGE `qa_content` `qa_content` text NOT NULL ", true);
} }
$qaconfig = get_qa_config(); $qaconfig = get_qa_config();
if(empty($qaconfig)) { if (empty($qaconfig)) {
$sql = " insert into `{$g5['qa_config_table']}` $sql = " insert into `{$g5['qa_config_table']}`
( qa_title, qa_category, qa_skin, qa_mobile_skin, qa_use_email, qa_req_email, qa_use_hp, qa_req_hp, qa_use_editor, qa_subject_len, qa_mobile_subject_len, qa_page_rows, qa_mobile_page_rows, qa_image_width, qa_upload_size, qa_insert_content ) ( qa_title, qa_category, qa_skin, qa_mobile_skin, qa_use_email, qa_req_email, qa_use_hp, qa_req_hp, qa_use_editor, qa_subject_len, qa_mobile_subject_len, qa_page_rows, qa_mobile_page_rows, qa_image_width, qa_upload_size, qa_insert_content )
values values
@ -99,301 +105,306 @@ if(empty($qaconfig)) {
} }
// 관리자 이메일필드 추가 // 관리자 이메일필드 추가
if(!isset($qaconfig['qa_admin_email'])) { if (!isset($qaconfig['qa_admin_email'])) {
sql_query(" ALTER TABLE `{$g5['qa_config_table']}` sql_query(
ADD `qa_admin_email` varchar(255) NOT NULL DEFAULT '' AFTER `qa_admin_hp` ", true); " ALTER TABLE `{$g5['qa_config_table']}`
ADD `qa_admin_email` varchar(255) NOT NULL DEFAULT '' AFTER `qa_admin_hp` ",
true
);
} }
// 상단 하단 설정 필드 추가 // 상단 하단 설정 필드 추가
if(!isset($qaconfig['qa_include_head'])) { if (!isset($qaconfig['qa_include_head'])) {
sql_query(" ALTER TABLE `{$g5['qa_config_table']}` sql_query(
" ALTER TABLE `{$g5['qa_config_table']}`
ADD `qa_include_head` varchar(255) NOT NULL DEFAULT '' AFTER `qa_insert_content`, ADD `qa_include_head` varchar(255) NOT NULL DEFAULT '' AFTER `qa_insert_content`,
ADD `qa_include_tail` varchar(255) NOT NULL DEFAULT '' AFTER `qa_include_head`, ADD `qa_include_tail` varchar(255) NOT NULL DEFAULT '' AFTER `qa_include_head`,
ADD `qa_content_head` text NOT NULL AFTER `qa_include_tail`, ADD `qa_content_head` text NOT NULL AFTER `qa_include_tail`,
ADD `qa_content_tail` text NOT NULL AFTER `qa_content_head`, ADD `qa_content_tail` text NOT NULL AFTER `qa_content_head`,
ADD `qa_mobile_content_head` text NOT NULL AFTER `qa_content_tail`, ADD `qa_mobile_content_head` text NOT NULL AFTER `qa_content_tail`,
ADD `qa_mobile_content_tail` text NOT NULL AFTER `qa_mobile_content_head` ", true); ADD `qa_mobile_content_tail` text NOT NULL AFTER `qa_mobile_content_head` ",
true
);
} }
?> ?>
<form name="fqaconfigform" id="fqaconfigform" method="post" onsubmit="return fqaconfigform_submit(this);" autocomplete="off"> <form name="fqaconfigform" id="fqaconfigform" method="post" onsubmit="return fqaconfigform_submit(this);" autocomplete="off">
<input type="hidden" name="token" value="" id="token"> <input type="hidden" name="token" value="" id="token">
<section id="anc_cf_qa_config"> <section id="anc_cf_qa_config">
<h2 class="h2_frm">1:1문의 설정</h2> <h2 class="h2_frm">1:1문의 설정</h2>
<div class="tbl_frm01 tbl_wrap"> <div class="tbl_frm01 tbl_wrap">
<table> <table>
<caption>1:1문의 설정</caption> <caption>1:1문의 설정</caption>
<colgroup> <colgroup>
<col class="grid_4"> <col class="grid_4">
<col> <col>
</colgroup> </colgroup>
<tbody> <tbody>
<tr> <tr>
<th scope="row"><label for="qa_title">타이틀<strong class="sound_only">필수</strong></label></th> <th scope="row"><label for="qa_title">타이틀<strong class="sound_only">필수</strong></label></th>
<td> <td>
<input type="text" name="qa_title" value="<?php echo get_sanitize_input($qaconfig['qa_title']); ?>" id="qa_title" required class="required frm_input" size="40"> <input type="text" name="qa_title" value="<?php echo get_sanitize_input($qaconfig['qa_title']); ?>" id="qa_title" required class="required frm_input" size="40">
<a href="<?php echo G5_BBS_URL; ?>/qalist.php" class="btn_frmline">1:1문의 바로가기</a> <a href="<?php echo G5_BBS_URL; ?>/qalist.php" class="btn_frmline">1:1문의 바로가기</a>
</td> </td>
</tr> </tr>
<tr> <tr>
<th scope="row"><label for="qa_category">분류<strong class="sound_only">필수</strong></label></th> <th scope="row"><label for="qa_category">분류<strong class="sound_only">필수</strong></label></th>
<td> <td>
<?php echo help('분류와 분류 사이는 | 로 구분하세요. (예: 질문|답변) 첫자로 #은 입력하지 마세요. (예: #질문|#답변 [X])') ?> <?php echo help('분류와 분류 사이는 | 로 구분하세요. (예: 질문|답변) 첫자로 #은 입력하지 마세요. (예: #질문|#답변 [X])') ?>
<input type="text" name="qa_category" value="<?php echo get_sanitize_input($qaconfig['qa_category']); ?>" id="qa_category" required class="required frm_input" size="70"> <input type="text" name="qa_category" value="<?php echo get_sanitize_input($qaconfig['qa_category']); ?>" id="qa_category" required class="required frm_input" size="70">
</td> </td>
</tr> </tr>
<tr> <tr>
<th scope="row"><label for="qa_skin">스킨 디렉토리<strong class="sound_only">필수</strong></label></th> <th scope="row"><label for="qa_skin">스킨 디렉토리<strong class="sound_only">필수</strong></label></th>
<td> <td>
<?php echo get_skin_select('qa', 'qa_skin', 'qa_skin', $qaconfig['qa_skin'], 'required'); ?> <?php echo get_skin_select('qa', 'qa_skin', 'qa_skin', $qaconfig['qa_skin'], 'required'); ?>
</td> </td>
</tr> </tr>
<tr> <tr>
<th scope="row"><label for="qa_mobile_skin">모바일 스킨 디렉토리<strong class="sound_only">필수</strong></label></th> <th scope="row"><label for="qa_mobile_skin">모바일 스킨 디렉토리<strong class="sound_only">필수</strong></label></th>
<td> <td>
<?php echo get_mobile_skin_select('qa', 'qa_mobile_skin', 'qa_mobile_skin', $qaconfig['qa_mobile_skin'], 'required'); ?> <?php echo get_mobile_skin_select('qa', 'qa_mobile_skin', 'qa_mobile_skin', $qaconfig['qa_mobile_skin'], 'required'); ?>
</td> </td>
</tr> </tr>
<tr> <tr>
<th scope="row">이메일 입력</th> <th scope="row">이메일 입력</th>
<td> <td>
<input type="checkbox" name="qa_use_email" value="1" id="qa_use_email" <?php echo $qaconfig['qa_use_email']?'checked':''; ?>> <label for="qa_use_email">보이기</label> <input type="checkbox" name="qa_use_email" value="1" id="qa_use_email" <?php echo $qaconfig['qa_use_email'] ? 'checked' : ''; ?>> <label for="qa_use_email">보이기</label>
<input type="checkbox" name="qa_req_email" value="1" id="qa_req_email" <?php echo $qaconfig['qa_req_email']?'checked':''; ?>> <label for="qa_req_email">필수입력</label> <input type="checkbox" name="qa_req_email" value="1" id="qa_req_email" <?php echo $qaconfig['qa_req_email'] ? 'checked' : ''; ?>> <label for="qa_req_email">필수입력</label>
</td> </td>
</tr> </tr>
<tr> <tr>
<th scope="row">휴대폰 입력</th> <th scope="row">휴대폰 입력</th>
<td> <td>
<input type="checkbox" name="qa_use_hp" value="1" id="qa_use_hp" <?php echo $qaconfig['qa_use_hp']?'checked':''; ?>> <label for="qa_use_hp">보이기</label> <input type="checkbox" name="qa_use_hp" value="1" id="qa_use_hp" <?php echo $qaconfig['qa_use_hp'] ? 'checked' : ''; ?>> <label for="qa_use_hp">보이기</label>
<input type="checkbox" name="qa_req_hp" value="1" id="qa_req_hp" <?php echo $qaconfig['qa_req_hp']?'checked':''; ?>> <label for="qa_req_hp">필수입력</label> <input type="checkbox" name="qa_req_hp" value="1" id="qa_req_hp" <?php echo $qaconfig['qa_req_hp'] ? 'checked' : ''; ?>> <label for="qa_req_hp">필수입력</label>
</td> </td>
</tr> </tr>
<tr> <tr>
<th scope="row"><label for="qa_use_sms">SMS 알림</label></th> <th scope="row"><label for="qa_use_sms">SMS 알림</label></th>
<td> <td>
<?php echo help('휴대폰 입력을 사용하실 경우 문의글 등록시 등록자가 답변등록시 SMS 알림 수신을 선택할 수 있도록 합니다.<br>SMS 알림을 사용하기 위해서는 기본환경설정 > <a href="'.G5_ADMIN_URL.'/config_form.php#anc_cf_sms">SMS 설정</a>을 하셔야 합니다.') ?> <?php echo help('휴대폰 입력을 사용하실 경우 문의글 등록시 등록자가 답변등록시 SMS 알림 수신을 선택할 수 있도록 합니다.<br>SMS 알림을 사용하기 위해서는 기본환경설정 > <a href="' . G5_ADMIN_URL . '/config_form.php#anc_cf_sms">SMS 설정</a>을 하셔야 합니다.') ?>
<select name="qa_use_sms" id="qa_use_sms"> <select name="qa_use_sms" id="qa_use_sms">
<?php echo option_selected(0, $qaconfig['qa_use_sms'], '사용안함'); ?> <?php echo option_selected(0, $qaconfig['qa_use_sms'], '사용안함'); ?>
<?php echo option_selected(1, $qaconfig['qa_use_sms'], '사용함'); ?> <?php echo option_selected(1, $qaconfig['qa_use_sms'], '사용함'); ?>
</select> </select>
</td> </td>
</tr> </tr>
<tr> <tr>
<th scope="row"><label for="qa_send_number">SMS 발신번호</label></th> <th scope="row"><label for="qa_send_number">SMS 발신번호</label></th>
<td> <td>
<?php echo help('SMS 알림 전송시 발신번호로 사용됩니다.'); ?> <?php echo help('SMS 알림 전송시 발신번호로 사용됩니다.'); ?>
<input type="text" name="qa_send_number" value="<?php echo get_sanitize_input($qaconfig['qa_send_number']); ?>" id="qa_send_number" class="frm_input" size="30"> <input type="text" name="qa_send_number" value="<?php echo get_sanitize_input($qaconfig['qa_send_number']); ?>" id="qa_send_number" class="frm_input" size="30">
</td> </td>
</tr> </tr>
<tr> <tr>
<th scope="row"><label for="qa_admin_hp">관리자 휴대폰번호</label></th> <th scope="row"><label for="qa_admin_hp">관리자 휴대폰번호</label></th>
<td> <td>
<?php echo help('관리자 휴대폰번호를 입력하시면 문의글 등록시 등록하신 번호로 SMS 알림이 전송됩니다.<br>SMS 알림을 사용하지 않으시면 알림이 전송되지 않습니다.'); ?> <?php echo help('관리자 휴대폰번호를 입력하시면 문의글 등록시 등록하신 번호로 SMS 알림이 전송됩니다.<br>SMS 알림을 사용하지 않으시면 알림이 전송되지 않습니다.'); ?>
<input type="text" name="qa_admin_hp" value="<?php echo get_sanitize_input($qaconfig['qa_admin_hp']); ?>" id="qa_admin_hp" class="frm_input" size="30"> <input type="text" name="qa_admin_hp" value="<?php echo get_sanitize_input($qaconfig['qa_admin_hp']); ?>" id="qa_admin_hp" class="frm_input" size="30">
</td> </td>
</tr> </tr>
<tr> <tr>
<th scope="row"><label for="qa_admin_email">관리자 이메일</label></th> <th scope="row"><label for="qa_admin_email">관리자 이메일</label></th>
<td> <td>
<?php echo help('관리자 이메일을 입력하시면 문의글 등록시 등록하신 이메일로 알림이 전송됩니다.'); ?> <?php echo help('관리자 이메일을 입력하시면 문의글 등록시 등록하신 이메일로 알림이 전송됩니다.'); ?>
<input type="text" name="qa_admin_email" value="<?php echo get_sanitize_input($qaconfig['qa_admin_email']); ?>" id="qa_admin_email" class="frm_input" size="50"> <input type="text" name="qa_admin_email" value="<?php echo get_sanitize_input($qaconfig['qa_admin_email']); ?>" id="qa_admin_email" class="frm_input" size="50">
</td> </td>
</tr> </tr>
<tr> <tr>
<th scope="row"><label for="qa_use_editor">DHTML 에디터 사용</label></th> <th scope="row"><label for="qa_use_editor">DHTML 에디터 사용</label></th>
<td> <td>
<?php echo help('글작성시 내용을 DHTML 에디터 기능으로 사용할 것인지 설정합니다. 스킨에 따라 적용되지 않을 수 있습니다.'); ?> <?php echo help('글작성시 내용을 DHTML 에디터 기능으로 사용할 것인지 설정합니다. 스킨에 따라 적용되지 않을 수 있습니다.'); ?>
<select name="qa_use_editor" id="qa_use_editor"> <select name="qa_use_editor" id="qa_use_editor">
<?php echo option_selected(0, $qaconfig['qa_use_editor'], '사용안함'); ?> <?php echo option_selected(0, $qaconfig['qa_use_editor'], '사용안함'); ?>
<?php echo option_selected(1, $qaconfig['qa_use_editor'], '사용함'); ?> <?php echo option_selected(1, $qaconfig['qa_use_editor'], '사용함'); ?>
</select> </select>
</td> </td>
</tr> </tr>
<tr> <tr>
<th scope="row"><label for="qa_subject_len">제목 길이<strong class="sound_only"> 필수</strong></label></th> <th scope="row"><label for="qa_subject_len">제목 길이<strong class="sound_only"> 필수</strong></label></th>
<td> <td>
<?php echo help('목록에서의 제목 글자수') ?> <?php echo help('목록에서의 제목 글자수') ?>
<input type="text" name="qa_subject_len" value="<?php echo $qaconfig['qa_subject_len'] ?>" id="qa_subject_len" required class="required numeric frm_input" size="4"> <input type="text" name="qa_subject_len" value="<?php echo $qaconfig['qa_subject_len'] ?>" id="qa_subject_len" required class="required numeric frm_input" size="4">
</td> </td>
</tr> </tr>
<tr> <tr>
<th scope="row"><label for="qa_mobile_subject_len">모바일 제목 길이<strong class="sound_only"> 필수</strong></label></th> <th scope="row"><label for="qa_mobile_subject_len">모바일 제목 길이<strong class="sound_only"> 필수</strong></label></th>
<td> <td>
<?php echo help('목록에서의 제목 글자수') ?> <?php echo help('목록에서의 제목 글자수') ?>
<input type="text" name="qa_mobile_subject_len" value="<?php echo $qaconfig['qa_mobile_subject_len'] ?>" id="qa_mobile_subject_len" required class="required numeric frm_input" size="4"> <input type="text" name="qa_mobile_subject_len" value="<?php echo $qaconfig['qa_mobile_subject_len'] ?>" id="qa_mobile_subject_len" required class="required numeric frm_input" size="4">
</td> </td>
</tr> </tr>
<tr> <tr>
<th scope="row"><label for="qa_page_rows">페이지당 목록 수<strong class="sound_only"> 필수</strong></label></th> <th scope="row"><label for="qa_page_rows">페이지당 목록 수<strong class="sound_only"> 필수</strong></label></th>
<td> <td>
<input type="text" name="qa_page_rows" value="<?php echo $qaconfig['qa_page_rows'] ?>" id="qa_page_rows" required class="required numeric frm_input" size="4"> <input type="text" name="qa_page_rows" value="<?php echo $qaconfig['qa_page_rows'] ?>" id="qa_page_rows" required class="required numeric frm_input" size="4">
</td> </td>
</tr> </tr>
<tr> <tr>
<th scope="row"><label for="qa_mobile_page_rows">모바일 페이지당 목록 수<strong class="sound_only"> 필수</strong></label></th> <th scope="row"><label for="qa_mobile_page_rows">모바일 페이지당 목록 수<strong class="sound_only"> 필수</strong></label></th>
<td> <td>
<input type="text" name="qa_mobile_page_rows" value="<?php echo $qaconfig['qa_mobile_page_rows'] ?>" id="qa_mobile_page_rows" required class="required numeric frm_input" size="4"> <input type="text" name="qa_mobile_page_rows" value="<?php echo $qaconfig['qa_mobile_page_rows'] ?>" id="qa_mobile_page_rows" required class="required numeric frm_input" size="4">
</td> </td>
</tr> </tr>
<tr> <tr>
<th scope="row"><label for="qa_image_width">이미지 폭 크기<strong class="sound_only"> 필수</strong></label></th> <th scope="row"><label for="qa_image_width">이미지 폭 크기<strong class="sound_only"> 필수</strong></label></th>
<td> <td>
<?php echo help('게시판에서 출력되는 이미지의 폭 크기') ?> <?php echo help('게시판에서 출력되는 이미지의 폭 크기') ?>
<input type="text" name="qa_image_width" value="<?php echo $qaconfig['qa_image_width'] ?>" id="qa_image_width" required class="required numeric frm_input" size="4"> 픽셀 <input type="text" name="qa_image_width" value="<?php echo $qaconfig['qa_image_width'] ?>" id="qa_image_width" required class="required numeric frm_input" size="4"> 픽셀
</td> </td>
</tr> </tr>
<tr> <tr>
<th scope="row"><label for="qa_upload_size">파일 업로드 용량<strong class="sound_only"> 필수</strong></label></th> <th scope="row"><label for="qa_upload_size">파일 업로드 용량<strong class="sound_only"> 필수</strong></label></th>
<td> <td>
<?php echo help('최대 '.ini_get("upload_max_filesize").' 이하 업로드 가능, 1 MB = 1,048,576 bytes') ?> <?php echo help('최대 ' . ini_get("upload_max_filesize") . ' 이하 업로드 가능, 1 MB = 1,048,576 bytes') ?>
업로드 파일 한개당 <input type="text" name="qa_upload_size" value="<?php echo $qaconfig['qa_upload_size'] ?>" id="qa_upload_size" required class="required numeric frm_input" size="10"> bytes 이하 업로드 파일 한개당 <input type="text" name="qa_upload_size" value="<?php echo $qaconfig['qa_upload_size'] ?>" id="qa_upload_size" required class="required numeric frm_input" size="10"> bytes 이하
</td> </td>
</tr> </tr>
<tr> <tr>
<th scope="row"><label for="qa_include_head">상단 파일 경로</label></th> <th scope="row"><label for="qa_include_head">상단 파일 경로</label></th>
<td> <td>
<input type="text" name="qa_include_head" value="<?php echo $qaconfig['qa_include_head'] ?>" id="qa_include_head" class="frm_input" size="50"> <input type="text" name="qa_include_head" value="<?php echo $qaconfig['qa_include_head'] ?>" id="qa_include_head" class="frm_input" size="50">
</td> </td>
</tr> </tr>
<tr> <tr>
<th scope="row"><label for="qa_include_tail">하단 파일 경로</label></th> <th scope="row"><label for="qa_include_tail">하단 파일 경로</label></th>
<td> <td>
<input type="text" name="qa_include_tail" value="<?php echo $qaconfig['qa_include_tail'] ?>" id="qa_include_tail" class="frm_input" size="50"> <input type="text" name="qa_include_tail" value="<?php echo $qaconfig['qa_include_tail'] ?>" id="qa_include_tail" class="frm_input" size="50">
</td> </td>
</tr> </tr>
<tr id="admin_captcha_box" style="display:none;"> <tr id="admin_captcha_box" style="display:none;">
<th scope="row">자동등록방지</th> <th scope="row">자동등록방지</th>
<td> <td>
<?php <?php
echo help("파일 경로를 입력 또는 수정시 캡챠를 반드시 입력해야 합니다."); echo help("파일 경로를 입력 또는 수정시 캡챠를 반드시 입력해야 합니다.");
include_once(G5_CAPTCHA_PATH.'/captcha.lib.php'); require_once G5_CAPTCHA_PATH . '/captcha.lib.php';
$captcha_html = captcha_html(); $captcha_html = captcha_html();
$captcha_js = chk_captcha_js(); $captcha_js = chk_captcha_js();
echo $captcha_html; echo $captcha_html;
?> ?>
<script> <script>
jQuery("#captcha_key").removeAttr("required").removeClass("required"); jQuery("#captcha_key").removeAttr("required").removeClass("required");
</script> </script>
</td> </td>
</tr> </tr>
<tr> <tr>
<th scope="row"><label for="qa_content_head">상단 내용</label></th> <th scope="row"><label for="qa_content_head">상단 내용</label></th>
<td> <td>
<?php echo editor_html("qa_content_head", get_text(html_purifier($qaconfig['qa_content_head']), 0)); ?> <?php echo editor_html("qa_content_head", get_text(html_purifier($qaconfig['qa_content_head']), 0)); ?>
</td> </td>
</tr> </tr>
<tr> <tr>
<th scope="row"><label for="qa_content_tail">하단 내용</label></th> <th scope="row"><label for="qa_content_tail">하단 내용</label></th>
<td> <td>
<?php echo editor_html("qa_content_tail", get_text(html_purifier($qaconfig['qa_content_tail']), 0)); ?> <?php echo editor_html("qa_content_tail", get_text(html_purifier($qaconfig['qa_content_tail']), 0)); ?>
</td> </td>
</tr> </tr>
<tr> <tr>
<th scope="row"><label for="qa_mobile_content_head">모바일 상단 내용</label></th> <th scope="row"><label for="qa_mobile_content_head">모바일 상단 내용</label></th>
<td> <td>
<?php echo editor_html("qa_mobile_content_head", get_text(html_purifier($qaconfig['qa_mobile_content_head']), 0)); ?> <?php echo editor_html("qa_mobile_content_head", get_text(html_purifier($qaconfig['qa_mobile_content_head']), 0)); ?>
</td> </td>
</tr> </tr>
<tr> <tr>
<th scope="row"><label for="qa_mobile_content_tail">모바일 하단 내용</label></th> <th scope="row"><label for="qa_mobile_content_tail">모바일 하단 내용</label></th>
<td> <td>
<?php echo editor_html("qa_mobile_content_tail", get_text(html_purifier($qaconfig['qa_mobile_content_tail']), 0)); ?> <?php echo editor_html("qa_mobile_content_tail", get_text(html_purifier($qaconfig['qa_mobile_content_tail']), 0)); ?>
</td> </td>
</tr> </tr>
<tr> <tr>
<th scope="row"><label for="qa_insert_content">글쓰기 기본 내용</label></th> <th scope="row"><label for="qa_insert_content">글쓰기 기본 내용</label></th>
<td> <td>
<textarea id="qa_insert_content" name="qa_insert_content" rows="5"><?php echo html_purifier($qaconfig['qa_insert_content']); ?></textarea> <textarea id="qa_insert_content" name="qa_insert_content" rows="5"><?php echo html_purifier($qaconfig['qa_insert_content']); ?></textarea>
</td> </td>
</tr> </tr>
<?php for ($i=1; $i<=5; $i++) { ?> <?php for ($i = 1; $i <= 5; $i++) { ?>
<tr> <tr>
<th scope="row">여분필드<?php echo $i ?></th> <th scope="row">여분필드<?php echo $i ?></th>
<td class="td_extra"> <td class="td_extra">
<label for="qa_<?php echo $i ?>_subj">여분필드 <?php echo $i ?> 제목</label> <label for="qa_<?php echo $i ?>_subj">여분필드 <?php echo $i ?> 제목</label>
<input type="text" name="qa_<?php echo $i ?>_subj" id="qa_<?php echo $i ?>_subj" value="<?php echo get_text($qaconfig['qa_'.$i.'_subj']) ?>" class="frm_input"> <input type="text" name="qa_<?php echo $i ?>_subj" id="qa_<?php echo $i ?>_subj" value="<?php echo get_text($qaconfig['qa_' . $i . '_subj']) ?>" class="frm_input">
<label for="qa_<?php echo $i ?>">여분필드 <?php echo $i ?> 값</label> <label for="qa_<?php echo $i ?>">여분필드 <?php echo $i ?> 값</label>
<input type="text" name="qa_<?php echo $i ?>" value="<?php echo get_text($qaconfig['qa_'.$i]) ?>" id="qa_<?php echo $i ?>" class="frm_input"> <input type="text" name="qa_<?php echo $i ?>" value="<?php echo get_text($qaconfig['qa_' . $i]) ?>" id="qa_<?php echo $i ?>" class="frm_input">
</td> </td>
</tr> </tr>
<?php } ?> <?php } ?>
</tbody> </tbody>
</table> </table>
</div>
</section>
<div class="btn_fixed_top">
<input type="submit" value="확인" class="btn_submit btn" accesskey="s">
</div> </div>
</section>
<div class="btn_fixed_top">
<input type="submit" value="확인" class="btn_submit btn" accesskey="s">
</div>
</form> </form>
<script> <script>
var captcha_chk = false;
var captcha_chk = false; function use_captcha_check() {
$.ajax({
type: "POST",
url: g5_admin_url + "/ajax.use_captcha.php",
data: {
admin_use_captcha: "1"
},
cache: false,
async: false,
dataType: "json",
success: function(data) {}
});
}
function use_captcha_check(){ function frm_check_file() {
$.ajax({ var qa_include_head = "<?php echo $qaconfig['qa_include_head']; ?>";
type: "POST", var qa_include_tail = "<?php echo $qaconfig['qa_include_tail']; ?>";
url: g5_admin_url+"/ajax.use_captcha.php", var head = jQuery.trim(jQuery("#qa_include_head").val());
data: { admin_use_captcha: "1" }, var tail = jQuery.trim(jQuery("#qa_include_tail").val());
cache: false,
async: false, if (qa_include_head !== head || qa_include_tail !== tail) {
dataType: "json", // 캡챠를 사용합니다.
success: function(data) { jQuery("#admin_captcha_box").show();
captcha_chk = true;
use_captcha_check();
return false;
} else {
jQuery("#admin_captcha_box").hide();
}
return true;
}
jQuery(function($) {
if (window.self !== window.top) { // frame 또는 iframe을 사용할 경우 체크
$("#qa_include_head, #qa_include_tail").on("change paste keyup", function(e) {
frm_check_file();
});
use_captcha_check();
} }
}); });
}
function frm_check_file(){ function fqaconfigform_submit(f) {
var qa_include_head = "<?php echo $qaconfig['qa_include_head']; ?>"; <?php echo get_editor_js("qa_content_head"); ?>
var qa_include_tail = "<?php echo $qaconfig['qa_include_tail']; ?>"; <?php echo get_editor_js("qa_content_tail"); ?>
var head = jQuery.trim(jQuery("#qa_include_head").val()); <?php echo get_editor_js("qa_mobile_content_head"); ?>
var tail = jQuery.trim(jQuery("#qa_include_tail").val()); <?php echo get_editor_js("qa_mobile_content_tail"); ?>
if(qa_include_head !== head || qa_include_tail !== tail){ if (captcha_chk) {
// 캡챠 사용합니다. <?php echo isset($captcha_js) ? $captcha_js : ''; // 캡챠 사용시 자바스크립트에서 입력된 캡챠를 검사함 ?>
jQuery("#admin_captcha_box").show(); }
captcha_chk = true;
use_captcha_check(); f.action = "./qa_config_update.php";
return true;
return false;
} else {
jQuery("#admin_captcha_box").hide();
} }
return true;
}
jQuery(function($){
if( window.self !== window.top ){ // frame 또는 iframe을 사용할 경우 체크
$("#qa_include_head, #qa_include_tail").on("change paste keyup", function(e) {
frm_check_file();
});
use_captcha_check();
}
});
function fqaconfigform_submit(f)
{
<?php echo get_editor_js("qa_content_head"); ?>
<?php echo get_editor_js("qa_content_tail"); ?>
<?php echo get_editor_js("qa_mobile_content_head"); ?>
<?php echo get_editor_js("qa_mobile_content_tail"); ?>
if( captcha_chk ) {
<?php echo isset($captcha_js) ? $captcha_js : ''; // 캡챠 사용시 자바스크립트에서 입력된 캡챠를 검사함 ?>
}
f.action = "./qa_config_update.php";
return true;
}
</script> </script>
<?php <?php
include_once ('./admin.tail.php'); require_once './admin.tail.php';

37
adm/qa_config_update.php
View File

@ -1,6 +1,6 @@
<?php <?php
$sub_menu = "300500"; $sub_menu = "300500";
include_once('./_common.php'); require_once './_common.php';
check_demo(); check_demo();
@ -14,49 +14,49 @@ $qaconfig = get_qa_config();
$check_keys = array('qa_title', 'qa_category', 'qa_skin', 'qa_mobile_skin', 'qa_use_email', 'qa_req_email', 'qa_use_hp', 'qa_req_hp', 'qa_use_sms', 'qa_send_number', 'qa_admin_hp', 'qa_admin_email', 'qa_subject_len', 'qa_mobile_subject_len', 'qa_page_rows', 'qa_mobile_page_rows', 'qa_image_width', 'qa_upload_size'); $check_keys = array('qa_title', 'qa_category', 'qa_skin', 'qa_mobile_skin', 'qa_use_email', 'qa_req_email', 'qa_use_hp', 'qa_req_hp', 'qa_use_sms', 'qa_send_number', 'qa_admin_hp', 'qa_admin_email', 'qa_subject_len', 'qa_mobile_subject_len', 'qa_page_rows', 'qa_mobile_page_rows', 'qa_image_width', 'qa_upload_size');
foreach($check_keys as $key){ foreach ($check_keys as $key) {
$$key = $_POST[$key] = isset($_POST[$key]) ? strip_tags(clean_xss_attributes($_POST[$key])) : ''; $$key = $_POST[$key] = isset($_POST[$key]) ? strip_tags(clean_xss_attributes($_POST[$key])) : '';
} }
$qa_include_head = preg_replace(array("#[\\\]+$#", "#(<\?php|<\?)#i"), "", substr($qa_include_head, 0, 255)); $qa_include_head = isset($qa_include_head) ? preg_replace(array("#[\\\]+$#", "#(<\?php|<\?)#i"), "", substr($qa_include_head, 0, 255)) : '';
$qa_include_tail = preg_replace(array("#[\\\]+$#", "#(<\?php|<\?)#i"), "", substr($qa_include_tail, 0, 255)); $qa_include_tail = isset($qa_include_tail) ? preg_replace(array("#[\\\]+$#", "#(<\?php|<\?)#i"), "", substr($qa_include_tail, 0, 255)) : '';
// 관리자가 자동등록방지를 사용해야 할 경우 // 관리자가 자동등록방지를 사용해야 할 경우
if ($board && ($qaconfig['qa_include_head'] !== $qa_include_head || $qaconfig['qa_include_tail'] !== $qa_include_tail) && function_exists('get_admin_captcha_by') && get_admin_captcha_by()){ if ($board && ($qaconfig['qa_include_head'] !== $qa_include_head || $qaconfig['qa_include_tail'] !== $qa_include_tail) && function_exists('get_admin_captcha_by') && get_admin_captcha_by()) {
include_once(G5_CAPTCHA_PATH.'/captcha.lib.php'); include_once G5_CAPTCHA_PATH . '/captcha.lib.php';
if (!chk_captcha()) { if (!chk_captcha()) {
alert('자동등록방지 숫자가 틀렸습니다.'); alert('자동등록방지 숫자가 틀렸습니다.');
} }
} }
if( $qa_include_head ){ if ($qa_include_head) {
$file_ext = pathinfo($qa_include_head, PATHINFO_EXTENSION); $file_ext = pathinfo($qa_include_head, PATHINFO_EXTENSION);
if( ! $file_ext || ! in_array($file_ext, array('php', 'htm', 'html')) || ! preg_match('/^.*\.(php|htm|html)$/i', $qa_include_head) ) { if (!$file_ext || !in_array($file_ext, array('php', 'htm', 'html')) || !preg_match('/^.*\.(php|htm|html)$/i', $qa_include_head)) {
alert('상단 파일 경로의 확장자는 php, htm, html 만 허용합니다.'); alert('상단 파일 경로의 확장자는 php, htm, html 만 허용합니다.');
} }
} }
if( $qa_include_tail ){ if ($qa_include_tail) {
$file_ext = pathinfo($qa_include_tail, PATHINFO_EXTENSION); $file_ext = pathinfo($qa_include_tail, PATHINFO_EXTENSION);
if( ! $file_ext || ! in_array($file_ext, array('php', 'htm', 'html')) || ! preg_match('/^.*\.(php|htm|html)$/i', $qa_include_tail) ) { if (!$file_ext || !in_array($file_ext, array('php', 'htm', 'html')) || !preg_match('/^.*\.(php|htm|html)$/i', $qa_include_tail)) {
alert('하단 파일 경로의 확장자는 php, htm, html 만 허용합니다.'); alert('하단 파일 경로의 확장자는 php, htm, html 만 허용합니다.');
} }
} }
if( $qa_include_head && ! is_include_path_check($qa_include_head, 1) ){ if ($qa_include_head && !is_include_path_check($qa_include_head, 1)) {
$qa_include_head = ''; $qa_include_head = '';
$error_msg = '/data/file/ 또는 /data/editor/ 포함된 문자를 상단 파일 경로에 포함시킬수 없습니다.'; $error_msg = '/data/file/ 또는 /data/editor/ 포함된 문자를 상단 파일 경로에 포함시킬수 없습니다.';
} }
if( $qa_include_tail && ! is_include_path_check($qa_include_tail, 1) ){ if ($qa_include_tail && !is_include_path_check($qa_include_tail, 1)) {
$qa_include_tail = ''; $qa_include_tail = '';
$error_msg = '/data/file/ 또는 /data/editor/ 포함된 문자를 하단 파일 경로에 포함시킬수 없습니다.'; $error_msg = '/data/file/ 또는 /data/editor/ 포함된 문자를 하단 파일 경로에 포함시킬수 없습니다.';
} }
if( function_exists('filter_input_include_path') ){ if (function_exists('filter_input_include_path')) {
$qa_include_head = filter_input_include_path($qa_include_head); $qa_include_head = filter_input_include_path($qa_include_head);
$qa_include_tail = filter_input_include_path($qa_include_tail); $qa_include_tail = filter_input_include_path($qa_include_tail);
} }
@ -67,7 +67,7 @@ $dst_char = array('', '〓');
$qa_category = str_replace($src_char, $dst_char, $_POST['qa_category']); $qa_category = str_replace($src_char, $dst_char, $_POST['qa_category']);
//https://github.com/gnuboard/gnuboard5/commit/f5f4925d4eb28ba1af728e1065fc2bdd9ce1da58 에 따른 조치 //https://github.com/gnuboard/gnuboard5/commit/f5f4925d4eb28ba1af728e1065fc2bdd9ce1da58 에 따른 조치
$qa_category = preg_replace("/[\<\>\'\"\\\'\\\"\%\=\(\)\/\^\*]/", "", $qa_category); $qa_category = preg_replace("/[\<\>\'\"\\\'\\\"\%\=\(\)\/\^\*]/", "", (string)$qa_category);
$sql = " update {$g5['qa_config_table']} $sql = " update {$g5['qa_config_table']}
set qa_title = '{$_POST['qa_title']}', set qa_title = '{$_POST['qa_title']}',
@ -108,11 +108,12 @@ $sql = " update {$g5['qa_config_table']}
qa_5 = '{$_POST['qa_5']}' "; qa_5 = '{$_POST['qa_5']}' ";
sql_query($sql); sql_query($sql);
if(function_exists('get_admin_captcha_by')) if (function_exists('get_admin_captcha_by')) {
get_admin_captcha_by('remove'); get_admin_captcha_by('remove');
}
if($error_msg){ if ($error_msg) {
alert($error_msg, './qa_config.php'); alert($error_msg, './qa_config.php');
} else { } else {
goto_url('./qa_config.php'); goto_url('./qa_config.php');
} }

17
adm/safe_check.php
View File

@ -1,16 +1,21 @@
<?php <?php
if (!defined('_GNUBOARD_')) exit; // 개별 페이지 접근 불가 if (!defined('_GNUBOARD_')) {
exit; // 개별 페이지 접근 불가
}
function social_log_file_delete($second=0){ function social_log_file_delete($second = 0)
$files = glob(G5_DATA_PATH.'/tmp/social_*'); {
$files = glob(G5_DATA_PATH . '/tmp/social_*');
if (is_array($files)) { if (is_array($files)) {
$before_time = $second ? G5_SERVER_TIME - $second : 0; $before_time = $second ? G5_SERVER_TIME - $second : 0;
foreach ($files as $social_log_file) { foreach ($files as $social_log_file) {
$modification_time = filemtime($log_file); // 파일접근시간 $modification_time = filemtime($social_log_file); // 파일접근시간
if ($before_time && $modification_time > $before_time) continue; if ($before_time && $modification_time > $before_time) {
continue;
}
unlink($social_log_file); unlink($social_log_file);
} }
} }
} }

2
adm/shop_admin/admin.shop.lib.php
View File

@ -72,7 +72,7 @@ function order_update_delivery($od_id, $mb_id, $change_status, $delivery)
if($change_status != '배송') if($change_status != '배송')
return; return;
$sql = " update {$g5['g5_shop_order_table']} set od_delivery_company = '{$delivery['delivery_company']}', od_invoice = '{$delivery['invoice']}', od_invoice_time = '{$delivery['invoice_time']}' where od_id = '$od_id' and od_status = '준비' "; $sql = " update {$g5['g5_shop_order_table']} set od_delivery_company = '".sql_real_escape_string($delivery['delivery_company'])."', od_invoice = '".sql_real_escape_string($delivery['invoice'])."', od_invoice_time = '".sql_real_escape_string($delivery['invoice_time'])."' where od_id = '$od_id' and od_status = '준비' ";
sql_query($sql); sql_query($sql);
$sql = " select * from {$g5['g5_shop_cart_table']} where od_id = '$od_id' "; $sql = " select * from {$g5['g5_shop_cart_table']} where od_id = '$od_id' ";

2
adm/shop_admin/categoryform.php
View File

@ -49,7 +49,7 @@ if ($w == "")
where SUBSTRING(ca_id,1,$len) = '$ca_id' "; where SUBSTRING(ca_id,1,$len) = '$ca_id' ";
$row = sql_fetch($sql); $row = sql_fetch($sql);
$subid = base_convert($row['max_subid'], 36, 10); $subid = base_convert((string)$row['max_subid'], 36, 10);
$subid += 36; $subid += 36;
if ($subid >= 36 * 36) if ($subid >= 36 * 36)
{ {

6
adm/shop_admin/configformupdate.php
View File

@ -239,7 +239,11 @@ $check_sanitize_keys = array(
); );
foreach( $check_sanitize_keys as $key ){ foreach( $check_sanitize_keys as $key ){
$$key = isset($_POST[$key]) ? clean_xss_tags($_POST[$key], 1, 1) : ''; if( in_array($key, array('de_bank_account')) ){
$$key = isset($_POST[$key]) ? clean_xss_tags($_POST[$key], 1, 1, 0, 0) : '';
} else {
$$key = isset($_POST[$key]) ? clean_xss_tags($_POST[$key], 1, 1) : '';
}
} }
$warning_msg = ''; $warning_msg = '';

2
adm/shop_admin/couponformupdate.php
View File

@ -139,7 +139,7 @@ if($w == '') {
} }
// 쿠폰생성알림 발송 // 쿠폰생성알림 발송
if($w == '' && ($_POST['cp_sms_send'] || $_POST['cp_email_send'])) { if ($w == '' && (isset($_POST['cp_sms_send']) || isset($_POST['cp_email_send']))) {
include_once(G5_LIB_PATH.'/mailer.lib.php'); include_once(G5_LIB_PATH.'/mailer.lib.php');
$sms_count = 0; $sms_count = 0;

2
adm/shop_admin/inorderformupdate.php
View File

@ -232,7 +232,7 @@ $od_b_addr1 = clean_xss_tags($data['od_b_addr1']);
$od_b_addr2 = clean_xss_tags($data['od_b_addr2']); $od_b_addr2 = clean_xss_tags($data['od_b_addr2']);
$od_b_addr3 = clean_xss_tags($data['od_b_addr3']); $od_b_addr3 = clean_xss_tags($data['od_b_addr3']);
$od_b_addr_jibeon = preg_match("/^(N|R)$/", $data['od_b_addr_jibeon']) ? $data['od_b_addr_jibeon'] : ''; $od_b_addr_jibeon = preg_match("/^(N|R)$/", $data['od_b_addr_jibeon']) ? $data['od_b_addr_jibeon'] : '';
$od_memo = clean_xss_tags($data['od_memo']); $od_memo = clean_xss_tags($data['od_memo'], 0, 1, 0, 0);
$od_deposit_name = clean_xss_tags($data['od_deposit_name']); $od_deposit_name = clean_xss_tags($data['od_deposit_name']);
$od_tax_flag = $default['de_tax_flag_use']; $od_tax_flag = $default['de_tax_flag_use'];
$od_receipt_price = $tot_ct_price + $od_send_cost + $od_send_cost2 - ($od_temp_point + $tot_cp_price + $tot_sc_cp_price); $od_receipt_price = $tot_ct_price + $od_send_cost + $od_send_cost2 - ($od_temp_point + $tot_cp_price + $tot_sc_cp_price);

56
adm/shop_admin/itemexcelupdate.php
View File

@ -10,7 +10,7 @@ auth_check_menu($auth, $sub_menu, "w");
function only_number($n) function only_number($n)
{ {
return preg_replace('/[^0-9]/', '', $n); return preg_replace('/[^0-9]/', '', (string)$n);
} }
$is_upload_file = (isset($_FILES['excelfile']['tmp_name']) && $_FILES['excelfile']['tmp_name']) ? 1 : 0; $is_upload_file = (isset($_FILES['excelfile']['tmp_name']) && $_FILES['excelfile']['tmp_name']) ? 1 : 0;
@ -50,44 +50,44 @@ if($is_upload_file) {
$it_id = (string) $rowData[0][$j++]; $it_id = (string) $rowData[0][$j++];
$it_id = preg_match('/[-+]?[0-9]*\.?[0-9]+([eE][-+]?[0-9]+)/', $it_id) ? addslashes(sprintf("%.0f", $it_id)) : preg_replace('/[^0-9a-z_\-]/i', '', $it_id); $it_id = preg_match('/[-+]?[0-9]*\.?[0-9]+([eE][-+]?[0-9]+)/', $it_id) ? addslashes(sprintf("%.0f", $it_id)) : preg_replace('/[^0-9a-z_\-]/i', '', $it_id);
$ca_id = addslashes($rowData[0][$j++]); $ca_id = addslashes($rowData[0][$j++]);
$ca_id2 = addslashes($rowData[0][$j++]); $ca_id2 = addslashes((string)$rowData[0][$j++]);
$ca_id3 = addslashes($rowData[0][$j++]); $ca_id3 = addslashes((string)$rowData[0][$j++]);
$it_name = addslashes($rowData[0][$j++]); $it_name = addslashes($rowData[0][$j++]);
$it_maker = addslashes($rowData[0][$j++]); $it_maker = addslashes((string)$rowData[0][$j++]);
$it_origin = addslashes($rowData[0][$j++]); $it_origin = addslashes((string)$rowData[0][$j++]);
$it_brand = addslashes($rowData[0][$j++]); $it_brand = addslashes((string)$rowData[0][$j++]);
$it_model = addslashes($rowData[0][$j++]); $it_model = addslashes((string)$rowData[0][$j++]);
$it_type1 = addslashes($rowData[0][$j++]); $it_type1 = addslashes((string)$rowData[0][$j++]);
$it_type2 = addslashes($rowData[0][$j++]); $it_type2 = addslashes((string)$rowData[0][$j++]);
$it_type3 = addslashes($rowData[0][$j++]); $it_type3 = addslashes((string)$rowData[0][$j++]);
$it_type4 = addslashes($rowData[0][$j++]); $it_type4 = addslashes((string)$rowData[0][$j++]);
$it_type5 = addslashes($rowData[0][$j++]); $it_type5 = addslashes((string)$rowData[0][$j++]);
$it_basic = addslashes($rowData[0][$j++]); $it_basic = addslashes((string)$rowData[0][$j++]);
$it_explan = addslashes($rowData[0][$j++]); $it_explan = addslashes((string)$rowData[0][$j++]);
$it_mobile_explan = addslashes($rowData[0][$j++]); $it_mobile_explan = addslashes((string)$rowData[0][$j++]);
$it_cust_price = addslashes(only_number($rowData[0][$j++])); $it_cust_price = addslashes(only_number($rowData[0][$j++]));
$it_price = addslashes(only_number($rowData[0][$j++])); $it_price = addslashes(only_number($rowData[0][$j++]));
$it_tel_inq = addslashes($rowData[0][$j++]); $it_tel_inq = addslashes((string)$rowData[0][$j++]);
$it_point = addslashes(only_number($rowData[0][$j++])); $it_point = addslashes(only_number($rowData[0][$j++]));
$it_point_type = addslashes(only_number($rowData[0][$j++])); $it_point_type = addslashes(only_number($rowData[0][$j++]));
$it_sell_email = addslashes($rowData[0][$j++]); $it_sell_email = addslashes((string)$rowData[0][$j++]);
$it_use = addslashes($rowData[0][$j++]); $it_use = addslashes((string)$rowData[0][$j++]);
$it_stock_qty = addslashes(only_number($rowData[0][$j++])); $it_stock_qty = addslashes(only_number($rowData[0][$j++]));
$it_noti_qty = addslashes(only_number($rowData[0][$j++])); $it_noti_qty = addslashes(only_number($rowData[0][$j++]));
$it_buy_min_qty = addslashes(only_number($rowData[0][$j++])); $it_buy_min_qty = addslashes(only_number($rowData[0][$j++]));
$it_buy_max_qty = addslashes(only_number($rowData[0][$j++])); $it_buy_max_qty = addslashes(only_number($rowData[0][$j++]));
$it_notax = addslashes(only_number($rowData[0][$j++])); $it_notax = addslashes(only_number($rowData[0][$j++]));
$it_order = addslashes(only_number($rowData[0][$j++])); $it_order = addslashes(only_number($rowData[0][$j++]));
$it_img1 = addslashes($rowData[0][$j++]); $it_img1 = addslashes((string)$rowData[0][$j++]);
$it_img2 = addslashes($rowData[0][$j++]); $it_img2 = addslashes((string)$rowData[0][$j++]);
$it_img3 = addslashes($rowData[0][$j++]); $it_img3 = addslashes((string)$rowData[0][$j++]);
$it_img4 = addslashes($rowData[0][$j++]); $it_img4 = addslashes((string)$rowData[0][$j++]);
$it_img5 = addslashes($rowData[0][$j++]); $it_img5 = addslashes((string)$rowData[0][$j++]);
$it_img6 = addslashes($rowData[0][$j++]); $it_img6 = addslashes((string)$rowData[0][$j++]);
$it_img7 = addslashes($rowData[0][$j++]); $it_img7 = addslashes((string)$rowData[0][$j++]);
$it_img8 = addslashes($rowData[0][$j++]); $it_img8 = addslashes((string)$rowData[0][$j++]);
$it_img9 = addslashes($rowData[0][$j++]); $it_img9 = addslashes((string)$rowData[0][$j++]);
$it_img10 = addslashes($rowData[0][$j++]); $it_img10 = addslashes((string)$rowData[0][$j++]);
$it_explan2 = strip_tags(trim($it_explan)); $it_explan2 = strip_tags(trim($it_explan));
if(!$it_id || !$ca_id || !$it_name) { if(!$it_id || !$ca_id || !$it_name) {

10
adm/shop_admin/itemformupdate.php
View File

@ -476,13 +476,13 @@ if ($w == "" || $w == "u")
{ {
$sql = " insert into {$g5['g5_shop_item_relation_table']} $sql = " insert into {$g5['g5_shop_item_relation_table']}
set it_id = '$it_id', set it_id = '$it_id',
it_id2 = '$it_id2[$i]', it_id2 = '".sql_real_escape_string($it_id2[$i])."',
ir_no = '$i' "; ir_no = '$i' ";
sql_query($sql, false); sql_query($sql, false);
// 관련상품의 반대로도 등록 // 관련상품의 반대로도 등록
$sql = " insert into {$g5['g5_shop_item_relation_table']} $sql = " insert into {$g5['g5_shop_item_relation_table']}
set it_id = '$it_id2[$i]', set it_id = '".sql_real_escape_string($it_id2[$i])."',
it_id2 = '$it_id', it_id2 = '$it_id',
ir_no = '$i' "; ir_no = '$i' ";
sql_query($sql, false); sql_query($sql, false);
@ -496,7 +496,7 @@ if ($w == "" || $w == "u")
if (trim($ev_id[$i])) if (trim($ev_id[$i]))
{ {
$sql = " insert into {$g5['g5_shop_event_item_table']} $sql = " insert into {$g5['g5_shop_event_item_table']}
set ev_id = '$ev_id[$i]', set ev_id = '".sql_real_escape_string($ev_id[$i])."',
it_id = '$it_id' "; it_id = '$it_id' ";
sql_query($sql, false); sql_query($sql, false);
} }
@ -510,7 +510,7 @@ if($option_count) {
( `io_id`, `io_type`, `it_id`, `io_price`, `io_stock_qty`, `io_noti_qty`, `io_use` ) ( `io_id`, `io_type`, `it_id`, `io_price`, `io_stock_qty`, `io_noti_qty`, `io_use` )
VALUES "; VALUES ";
for($i=0; $i<$option_count; $i++) { for($i=0; $i<$option_count; $i++) {
$sql .= $comma . " ( '{$_POST['opt_id'][$i]}', '0', '$it_id', '{$_POST['opt_price'][$i]}', '{$_POST['opt_stock_qty'][$i]}', '{$_POST['opt_noti_qty'][$i]}', '{$_POST['opt_use'][$i]}' )"; $sql .= $comma . " ( '".sql_real_escape_string($_POST['opt_id'][$i])."', '0', '$it_id', '".sql_real_escape_string($_POST['opt_price'][$i])."', '".sql_real_escape_string($_POST['opt_stock_qty'][$i])."', '".sql_real_escape_string($_POST['opt_noti_qty'][$i])."', '".sql_real_escape_string($_POST['opt_use'][$i])."' )";
$comma = ' , '; $comma = ' , ';
} }
@ -524,7 +524,7 @@ if($supply_count) {
( `io_id`, `io_type`, `it_id`, `io_price`, `io_stock_qty`, `io_noti_qty`, `io_use` ) ( `io_id`, `io_type`, `it_id`, `io_price`, `io_stock_qty`, `io_noti_qty`, `io_use` )
VALUES "; VALUES ";
for($i=0; $i<$supply_count; $i++) { for($i=0; $i<$supply_count; $i++) {
$sql .= $comma . " ( '{$_POST['spl_id'][$i]}', '1', '$it_id', '{$_POST['spl_price'][$i]}', '{$_POST['spl_stock_qty'][$i]}', '{$_POST['spl_noti_qty'][$i]}', '{$_POST['spl_use'][$i]}' )"; $sql .= $comma . " ( '".sql_real_escape_string($_POST['spl_id'][$i])."', '1', '$it_id', '".sql_real_escape_string($_POST['spl_price'][$i])."', '".sql_real_escape_string($_POST['spl_stock_qty'][$i])."', '".sql_real_escape_string($_POST['spl_noti_qty'][$i])."', '".sql_real_escape_string($_POST['spl_use'][$i])."' )";
$comma = ' , '; $comma = ' , ';
} }

4
adm/shop_admin/itemlistupdate.php
View File

@ -35,8 +35,8 @@ if ($post_act_button == "선택수정") {
$p_it_stock_qty = (isset($_POST['it_stock_qty']) && is_array($_POST['it_stock_qty'])) ? strip_tags($_POST['it_stock_qty'][$k]) : ''; $p_it_stock_qty = (isset($_POST['it_stock_qty']) && is_array($_POST['it_stock_qty'])) ? strip_tags($_POST['it_stock_qty'][$k]) : '';
$p_it_skin = (isset($_POST['it_skin']) && is_array($_POST['it_skin'])) ? strip_tags($_POST['it_skin'][$k]) : ''; $p_it_skin = (isset($_POST['it_skin']) && is_array($_POST['it_skin'])) ? strip_tags($_POST['it_skin'][$k]) : '';
$p_it_mobile_skin = (isset($_POST['it_mobile_skin']) && is_array($_POST['it_mobile_skin'])) ? strip_tags($_POST['it_mobile_skin'][$k]) : ''; $p_it_mobile_skin = (isset($_POST['it_mobile_skin']) && is_array($_POST['it_mobile_skin'])) ? strip_tags($_POST['it_mobile_skin'][$k]) : '';
$p_it_use = (isset($_POST['it_use']) && is_array($_POST['it_use'])) ? strip_tags($_POST['it_use'][$k]) : ''; $p_it_use = isset($_POST['it_use'][$k]) ? clean_xss_tags($_POST['it_use'][$k], 1, 1) : 0;
$p_it_soldout = (isset($_POST['it_soldout']) && is_array($_POST['it_soldout'])) ? strip_tags($_POST['it_soldout'][$k]) : ''; $p_it_soldout = isset($_POST['it_soldout'][$k]) ? clean_xss_tags($_POST['it_soldout'][$k], 1, 1) : 0;
$p_it_order = (isset($_POST['it_order']) && is_array($_POST['it_order'])) ? strip_tags($_POST['it_order'][$k]) : ''; $p_it_order = (isset($_POST['it_order']) && is_array($_POST['it_order'])) ? strip_tags($_POST['it_order'][$k]) : '';
$p_it_id = isset($_POST['it_id'][$k]) ? preg_replace('/[^a-z0-9_\-]/i', '', $_POST['it_id'][$k]) : ''; $p_it_id = isset($_POST['it_id'][$k]) ? preg_replace('/[^a-z0-9_\-]/i', '', $_POST['it_id'][$k]) : '';

6
adm/shop_admin/itemstocklist.php
View File

@ -171,9 +171,9 @@ $listall = '<a href="'.$_SERVER['SCRIPT_NAME'].'" class="ov_listall">전체목
<?php echo $row['it_id']; ?> <?php echo $row['it_id']; ?>
</td> </td>
<td class="td_left"><a href="<?php echo $href; ?>"><?php echo get_it_image($row['it_id'], 50, 50); ?> <?php echo cut_str(stripslashes($row['it_name']), 60, "&#133"); ?></a></td> <td class="td_left"><a href="<?php echo $href; ?>"><?php echo get_it_image($row['it_id'], 50, 50); ?> <?php echo cut_str(stripslashes($row['it_name']), 60, "&#133"); ?></a></td>
<td class="td_num<?php echo $it_stock_qty_st; ?>"><?php echo $it_stock_qty; ?></td> <td class="td_num<?php echo $it_stock_qty_st; ?>"><?php echo (int)$it_stock_qty; ?></td>
<td class="td_num"><?php echo number_format($wait_qty); ?></td> <td class="td_num"><?php echo number_format((float)$wait_qty); ?></td>
<td class="td_num"><?php echo number_format($temporary_qty); ?></td> <td class="td_num"><?php echo number_format((float)$temporary_qty); ?></td>
<td class="td_num"> <td class="td_num">
<label for="stock_qty_<?php echo $i; ?>" class="sound_only">재고수정</label> <label for="stock_qty_<?php echo $i; ?>" class="sound_only">재고수정</label>
<input type="text" name="it_stock_qty[<?php echo $i; ?>]" value="<?php echo $row['it_stock_qty']; ?>" id="stock_qty_<?php echo $i; ?>" class="frm_input" size="10" autocomplete="off"> <input type="text" name="it_stock_qty[<?php echo $i; ?>]" value="<?php echo $row['it_stock_qty']; ?>" id="stock_qty_<?php echo $i; ?>" class="frm_input" size="10" autocomplete="off">

10
adm/shop_admin/itemsupply.php
View File

@ -85,7 +85,7 @@ if($ps_run) {
} // for } // for
} else { } else {
for($i=0; $i<$subject_count; $i++) { for($i=0; $i<$subject_count; $i++) {
$spl_subject = isset($_POST['subject'][$i]) ? preg_replace(G5_OPTION_ID_FILTER, '', trim(stripslashes($_POST['subject'][$i]))) : ''; $spl_subject = isset($_POST['subject'][$i]) ? preg_replace(G5_OPTION_ID_FILTER, '', strip_tags(trim(stripslashes($_POST['subject'][$i])))) : '';
$spl_val = isset($_POST['supply'][$i]) ? explode(',', preg_replace(G5_OPTION_ID_FILTER, '', trim(stripslashes($_POST['supply'][$i])))) : ''; $spl_val = isset($_POST['supply'][$i]) ? explode(',', preg_replace(G5_OPTION_ID_FILTER, '', trim(stripslashes($_POST['supply'][$i])))) : '';
$spl_count = count($spl_val); $spl_count = count($spl_val);
@ -103,7 +103,7 @@ if($ps_run) {
$sql = " select io_price, io_stock_qty, io_noti_qty, io_use $sql = " select io_price, io_stock_qty, io_noti_qty, io_use
from {$g5['g5_shop_item_option_table']} from {$g5['g5_shop_item_option_table']}
where it_id = '{$post_it_id}' where it_id = '{$post_it_id}'
and io_id = '$spl_id' and io_id = '".sql_real_escape_string($spl_id)."'
and io_type = '1' "; and io_type = '1' ";
$row = sql_fetch($sql); $row = sql_fetch($sql);
@ -117,11 +117,11 @@ if($ps_run) {
?> ?>
<tr> <tr>
<td class="td_chk"> <td class="td_chk">
<input type="hidden" name="spl_id[]" value="<?php echo $spl_id; ?>"> <input type="hidden" name="spl_id[]" value="<?php echo get_text($spl_id); ?>">
<label for="spl_chk_<?php echo $i; ?>" class="sound_only"><?php echo $spl_subject.' '.$spl; ?></label> <label for="spl_chk_<?php echo $i; ?>" class="sound_only"><?php echo get_text($spl_subject.' '.$spl); ?></label>
<input type="checkbox" name="spl_chk[]" id="spl_chk_<?php echo $i; ?>" value="1"> <input type="checkbox" name="spl_chk[]" id="spl_chk_<?php echo $i; ?>" value="1">
</td> </td>
<td class="spl-subject-cell"><?php echo $spl_subject; ?></td> <td class="spl-subject-cell"><?php echo get_text($spl_subject); ?></td>
<td class="spl-cell"><?php echo $spl; ?></td> <td class="spl-cell"><?php echo $spl; ?></td>
<td class="td_numsmall"> <td class="td_numsmall">
<label for="spl_price_<?php echo $i; ?>" class="sound_only">상품금액</label> <label for="spl_price_<?php echo $i; ?>" class="sound_only">상품금액</label>

47
adm/shop_admin/orderdeliveryexcel.php
View File

@ -21,7 +21,6 @@ if(! function_exists('column_char')) {
} }
} }
if (phpversion() >= '5.2.0') {
include_once(G5_LIB_PATH.'/PHPExcel.php'); include_once(G5_LIB_PATH.'/PHPExcel.php');
$headers = array('주문번호', '주문자명', '주문자전화1', '주문자전화2', '배송자명', '배송지전화1', '배송지전화2', '배송지주소', '배송회사', '운송장번호'); $headers = array('주문번호', '주문자명', '주문자전화1', '주문자전화2', '배송자명', '배송지전화1', '배송지전화2', '배송지주소', '배송회사', '운송장번호');
@ -47,7 +46,7 @@ if (phpversion() >= '5.2.0') {
$data = array_merge(array($headers), $rows); $data = array_merge(array($headers), $rows);
$excel = new PHPExcel(); $excel = new PHPExcel();
$excel->setActiveSheetIndex(0)->getStyle( "A1:${last_char}1" )->getFill()->setFillType(PHPExcel_Style_Fill::FILL_SOLID)->getStartColor()->setARGB($header_bgcolor); $excel->setActiveSheetIndex(0)->getStyle( "A1:{$last_char}1" )->getFill()->setFillType(PHPExcel_Style_Fill::FILL_SOLID)->getStartColor()->setARGB($header_bgcolor);
$excel->setActiveSheetIndex(0)->getStyle( "A:$last_char" )->getAlignment()->setVertical(PHPExcel_Style_Alignment::VERTICAL_CENTER)->setWrapText(true); $excel->setActiveSheetIndex(0)->getStyle( "A:$last_char" )->getAlignment()->setVertical(PHPExcel_Style_Alignment::VERTICAL_CENTER)->setWrapText(true);
foreach($widths as $i => $w) $excel->setActiveSheetIndex(0)->getColumnDimension( column_char($i) )->setWidth($w); foreach($widths as $i => $w) $excel->setActiveSheetIndex(0)->getColumnDimension( column_char($i) )->setWidth($w);
$excel->getActiveSheet()->fromArray($data,NULL,'A1'); $excel->getActiveSheet()->fromArray($data,NULL,'A1');
@ -58,47 +57,3 @@ if (phpversion() >= '5.2.0') {
$writer = PHPExcel_IOFactory::createWriter($excel, 'Excel5'); $writer = PHPExcel_IOFactory::createWriter($excel, 'Excel5');
$writer->save('php://output'); $writer->save('php://output');
} else {
/*================================================================================
php_writeexcel http://www.bettina-attack.de/jonny/view.php/projects/php_writeexcel/
=================================================================================*/
include_once(G5_LIB_PATH.'/Excel/php_writeexcel/class.writeexcel_workbook.inc.php');
include_once(G5_LIB_PATH.'/Excel/php_writeexcel/class.writeexcel_worksheet.inc.php');
$fname = tempnam(G5_DATA_PATH, "tmp-deliverylist.xls");
$workbook = new writeexcel_workbook($fname);
$worksheet = $workbook->addworksheet();
// Put Excel data
$data = array('주문번호', '주문자명', '주문자전화1', '주문자전화2', '배송자명', '배송지전화1', '배송지전화2', '배송지주소', '배송회사', '운송장번호');
$data = array_map('iconv_euckr', $data);
$col = 0;
foreach($data as $cell) {
$worksheet->write(0, $col++, $cell);
}
for($i=1; $row=sql_fetch_array($result); $i++) {
$row = array_map('iconv_euckr', $row);
$worksheet->write($i, 0, ' '.$row['od_id']);
$worksheet->write($i, 1, $row['od_name']);
$worksheet->write($i, 2, ' '.$row['od_tel']);
$worksheet->write($i, 3, ' '.$row['od_hp']);
$worksheet->write($i, 4, $row['od_b_name']);
$worksheet->write($i, 5, ' '.$row['od_b_tel']);
$worksheet->write($i, 6, ' '.$row['od_b_hp']);
$worksheet->write($i, 7, print_address($row['od_b_addr1'], $row['od_b_addr2'], $row['od_b_addr3'], $row['od_b_addr_jibeon']));
$worksheet->write($i, 8, $row['od_delivery_company']);
$worksheet->write($i, 9, $row['od_invoice']);
}
$workbook->close();
header("Content-Type: application/x-msexcel; name=\"deliverylist-".date("ymd", time()).".xls\"");
header("Content-Disposition: inline; filename=\"deliverylist-".date("ymd", time()).".xls\"");
$fh=fopen($fname, "rb");
fpassthru($fh);
unlink($fname);
}

92
adm/shop_admin/orderprintresult.php
View File

@ -168,7 +168,6 @@ if ($csv == 'xls')
if (!$cnt) if (!$cnt)
alert("출력할 내역이 없습니다."); alert("출력할 내역이 없습니다.");
if (phpversion() >= '5.2.0') {
include_once(G5_LIB_PATH.'/PHPExcel.php'); include_once(G5_LIB_PATH.'/PHPExcel.php');
$headers = array('우편번호', '주소', '이름', '전화1', '전화2', '상품명', '수량', '선택사항', '배송비', '상품코드', '주문번호', '운송장번호', '전하실말씀'); $headers = array('우편번호', '주소', '이름', '전화1', '전화2', '상품명', '수량', '선택사항', '배송비', '상품코드', '주문번호', '운송장번호', '전하실말씀');
@ -235,7 +234,7 @@ if ($csv == 'xls')
$data = array_merge(array($headers), $rows); $data = array_merge(array($headers), $rows);
$excel = new PHPExcel(); $excel = new PHPExcel();
$excel->setActiveSheetIndex(0)->getStyle( "A1:${last_char}1" )->getFill()->setFillType(PHPExcel_Style_Fill::FILL_SOLID)->getStartColor()->setARGB($header_bgcolor); $excel->setActiveSheetIndex(0)->getStyle( "A1:{$last_char}1" )->getFill()->setFillType(PHPExcel_Style_Fill::FILL_SOLID)->getStartColor()->setARGB($header_bgcolor);
$excel->setActiveSheetIndex(0)->getStyle( "A:$last_char" )->getAlignment()->setVertical(PHPExcel_Style_Alignment::VERTICAL_CENTER)->setWrapText(true); $excel->setActiveSheetIndex(0)->getStyle( "A:$last_char" )->getAlignment()->setVertical(PHPExcel_Style_Alignment::VERTICAL_CENTER)->setWrapText(true);
foreach($widths as $i => $w) $excel->setActiveSheetIndex(0)->getColumnDimension( column_char($i) )->setWidth($w); foreach($widths as $i => $w) $excel->setActiveSheetIndex(0)->getColumnDimension( column_char($i) )->setWidth($w);
$excel->getActiveSheet()->fromArray($data,NULL,'A1'); $excel->getActiveSheet()->fromArray($data,NULL,'A1');
@ -246,95 +245,6 @@ if ($csv == 'xls')
$writer = PHPExcel_IOFactory::createWriter($excel, 'Excel5'); $writer = PHPExcel_IOFactory::createWriter($excel, 'Excel5');
$writer->save('php://output'); $writer->save('php://output');
} else {
/*================================================================================
php_writeexcel http://www.bettina-attack.de/jonny/view.php/projects/php_writeexcel/
=================================================================================*/
include_once(G5_LIB_PATH.'/Excel/php_writeexcel/class.writeexcel_workbook.inc.php');
include_once(G5_LIB_PATH.'/Excel/php_writeexcel/class.writeexcel_worksheet.inc.php');
$fname = tempnam(G5_DATA_PATH, "tmp-orderlist.xls");
$workbook = new writeexcel_workbook($fname);
$worksheet = $workbook->addworksheet();
// Put Excel data
$data = array('우편번호', '주소', '이름', '전화1', '전화2', '상품명', '수량', '선택사항', '배송비', '상품코드', '주문번호', '운송장번호', '전하실말씀');
$data = array_map('iconv_euckr', $data);
$col = 0;
foreach($data as $cell) {
$worksheet->write(0, $col++, $cell);
}
$save_it_id = '';
for($i=1; $row=sql_fetch_array($result); $i++)
{
if($save_it_id != $row['it_id']) {
// 합계금액 계산
$sql = " select SUM(IF(io_type = 1, (io_price * ct_qty), ((ct_price + io_price) * ct_qty))) as price,
SUM(ct_qty) as qty
from {$g5['g5_shop_cart_table']}
where it_id = '{$row['it_id']}'
and od_id = '{$row['od_id']}' ";
$sum = sql_fetch($sql);
switch($row['ct_send_cost'])
{
case 1:
$ct_send_cost = '착불';
break;
case 2:
$ct_send_cost = '무료';
break;
default:
$ct_send_cost = '선불';
break;
}
// 조건부무료
if($row['it_sc_type'] == 2) {
$sendcost = get_item_sendcost($row['it_id'], $sum['price'], $sum['qty'], $row['od_id']);
if($sendcost == 0)
$ct_send_cost = '무료';
}
$save_it_id = $row['it_id'];
$ct_send_cost = iconv_euckr($ct_send_cost);
}
$pull_address = iconv('UTF-8', 'UHC', print_address($row['od_b_addr1'], $row['od_b_addr2'], $row['od_b_addr3'], $row['od_b_addr_jibeon']));
$row = array_map('iconv_euckr', $row);
$worksheet->write($i, 0, ' '.$row['od_b_zip1'].$row['od_b_zip2']);
$worksheet->write($i, 1, $pull_address);
$worksheet->write($i, 2, $row['od_b_name']);
$worksheet->write($i, 3, ' '.$row['od_b_tel']);
$worksheet->write($i, 4, ' '.$row['od_b_hp']);
$worksheet->write($i, 5, $row['it_name']);
$worksheet->write($i, 6, $row['ct_qty']);
$worksheet->write($i, 7, $row['ct_option']);
$worksheet->write($i, 8, $ct_send_cost);
$worksheet->write($i, 9, ' '.$row['it_id']);
$worksheet->write($i, 10, ' '.$row['od_id']);
$worksheet->write($i, 11, $row['od_invoice']);
$worksheet->write($i, 12, $row['od_memo']);
}
$workbook->close();
header("Content-Type: application/x-msexcel; name=\"orderlist-".date("ymd", time()).".xls\"");
header("Content-Disposition: inline; filename=\"orderlist-".date("ymd", time()).".xls\"");
$fh=fopen($fname, "rb");
fpassthru($fh);
unlink($fname);
exit;
} //end if php 5.2.0
} }

2
adm/sms_admin/num_book_file_download.php
View File

@ -51,7 +51,7 @@ for($i=1; $res=sql_fetch_array($qry); $i++)
$data = array_merge(array($headers), $rows); $data = array_merge(array($headers), $rows);
$excel->setActiveSheetIndex(0)->getStyle( "A1:${last_char}1" )->getFill()->setFillType(PHPExcel_Style_Fill::FILL_SOLID)->getStartColor()->setARGB($header_bgcolor); $excel->setActiveSheetIndex(0)->getStyle( "A1:{$last_char}1" )->getFill()->setFillType(PHPExcel_Style_Fill::FILL_SOLID)->getStartColor()->setARGB($header_bgcolor);
$excel->setActiveSheetIndex(0)->getStyle( "A:$last_char" )->getAlignment()->setVertical(PHPExcel_Style_Alignment::VERTICAL_CENTER)->setWrapText(true); $excel->setActiveSheetIndex(0)->getStyle( "A:$last_char" )->getAlignment()->setVertical(PHPExcel_Style_Alignment::VERTICAL_CENTER)->setWrapText(true);
foreach($widths as $i => $w) $excel->setActiveSheetIndex(0)->getColumnDimension( column_char($i) )->setWidth($w); foreach($widths as $i => $w) $excel->setActiveSheetIndex(0)->getColumnDimension( column_char($i) )->setWidth($w);
$excel->getActiveSheet()->fromArray($data,NULL,'A1'); $excel->getActiveSheet()->fromArray($data,NULL,'A1');

4
adm/sms_admin/num_book_file_upload.php
View File

@ -74,13 +74,13 @@ for ($i = 1; $i <= $num_rows; $i++) {
switch ($ext) { switch ($ext) {
case '.csv' : case '.csv' :
$name = $csv[$i][0]; $name = isset($csv[$i][0]) ? $csv[$i][0] : '';
$str_encode = @mb_detect_encoding($name, $encode); $str_encode = @mb_detect_encoding($name, $encode);
if( $str_encode == "EUC-KR" ){ if( $str_encode == "EUC-KR" ){
$name = iconv_utf8( $name ); $name = iconv_utf8( $name );
} }
$name = addslashes($name); $name = addslashes($name);
$hp = addslashes($csv[$i][1]); $hp = addslashes(isset($csv[$i][1]) ? $csv[$i][1] : '');
break; break;
case '.xls' : case '.xls' :
case '.xlsx' : case '.xlsx' :

3
adm/sms_admin/number_move_update.php
View File

@ -1,4 +1,5 @@
<?php <?php
$sub_menu = "900800";
include_once('./_common.php'); include_once('./_common.php');
auth_check_menu($auth, $sub_menu, "r"); auth_check_menu($auth, $sub_menu, "r");
@ -20,7 +21,7 @@ for ($kk=0;$row = sql_fetch_array($result);$kk++)
$bk_no = $row['bk_no']; $bk_no = $row['bk_no'];
for ($i=0; $i<count($post_chk_bg_no); $i++) for ($i=0; $i<count($post_chk_bg_no); $i++)
{ {
$bg_no = $post_chk_bg_no[$i]; $bg_no = (int) $post_chk_bg_no[$i];
if( !$bg_no ) continue; if( !$bg_no ) continue;
$sql = " insert into {$g5['sms5_book_table']} $sql = " insert into {$g5['sms5_book_table']}

2
adm/sms_admin/sms_write_send.php
View File

@ -25,7 +25,7 @@ if ( ! (($config['cf_icode_id'] && $config['cf_icode_pw']) || $config['cf_icode_
} }
$wr_reply = isset($_REQUEST['wr_reply']) ? preg_replace('#[^0-9\-]#', '', trim($_REQUEST['wr_reply'])) : ''; $wr_reply = isset($_REQUEST['wr_reply']) ? preg_replace('#[^0-9\-]#', '', trim($_REQUEST['wr_reply'])) : '';
$wr_message = isset($_REQUEST['wr_message']) ? clean_xss_tags(trim($_REQUEST['wr_message'])) : ''; $wr_message = isset($_REQUEST['wr_message']) ? clean_xss_tags(trim($_REQUEST['wr_message']), 1, 1, 0, 0) : '';
$send_list = isset($_REQUEST['send_list']) ? clean_xss_tags(trim($_REQUEST['send_list']), 1, 1) : ''; $send_list = isset($_REQUEST['send_list']) ? clean_xss_tags(trim($_REQUEST['send_list']), 1, 1) : '';
$wr_by = isset($_REQUEST['wr_by']) ? clean_xss_tags(trim($_REQUEST['wr_by']), 1, 1) : ''; $wr_by = isset($_REQUEST['wr_by']) ? clean_xss_tags(trim($_REQUEST['wr_by']), 1, 1) : '';

Some files were not shown because too many files have changed in this diff Show More