firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

Checked PSR-1: Basic Coding Standard & Undefined Variable

Browse Source
This commit is contained in:
kjh
2022-05-27 04:47:53 +00:00
parent 0031b20597
commit 44650b31f6
14 changed files with 411 additions and 370 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
adm/board_copy_update.php
View File

@ -14,6 +14,8 @@ $target_subject = isset($_POST['target_subject']) ? trim($_POST['target_subject'
$target_subject = strip_tags(clean_xss_attributes($target_subject));
$file_copy = array();
if (empty($bo_table)) {
alert("원본 테이블 정보가 없습니다.");
}
@ -37,8 +39,6 @@ $sql = get_table_define($g5['write_prefix'] . $bo_table);
$sql = str_replace($g5['write_prefix'] . $bo_table, $g5['write_prefix'] . $target_table, $sql);
sql_query($sql, false);
$file_copy = array();
// 구조만 복사시에는 공지사항 번호는 복사하지 않는다.
if ($copy_case == 'schema_only') {
$board['bo_notice'] = '';

17
adm/board_delete.inc.php
View File

@ -1,11 +1,18 @@
<?php
// board_delete.php , boardgroup_delete.php 에서 include 하는 파일
if (!defined('_GNUBOARD_')) exit;
if (!defined('_BOARD_DELETE_')) exit; // 개별 페이지 접근 불가
// 개별 페이지 접근 불가
if (!defined('_GNUBOARD_')) {
exit;
}
if (!defined('_BOARD_DELETE_')) {
exit;
}
// $tmp_bo_table 에는 $bo_table 값을 넘겨주어야 함
if (!$tmp_bo_table) { return; }
if (!$tmp_bo_table) {
return;
}
// 게시판 1개는 삭제 불가 (게시판 복사를 위해서)
//$row = sql_fetch(" select count(*) as cnt from $g5['board_table'] ");
@ -24,7 +31,7 @@ sql_query(" delete from {$g5['scrap_table']} where bo_table = '{$tmp_bo_table}'
sql_query(" delete from {$g5['board_file_table']} where bo_table = '{$tmp_bo_table}' ");
// 게시판 테이블 DROP
sql_query(" drop table {$g5['write_prefix']}{$tmp_bo_table} ", FALSE);
sql_query(" drop table {$g5['write_prefix']}{$tmp_bo_table} ", false);
// 좋아요 테이블에서 기록 삭제
sql_query(" delete from {$g5['board_good_table']} where bo_table = '{$tmp_bo_table}' ");
@ -32,4 +39,4 @@ sql_query(" delete from {$g5['board_good_table']} where bo_table = '{$tmp_bo_tab
delete_cache_latest($tmp_bo_table);
// 게시판 폴더 전체 삭제
rm_rf(G5_DATA_PATH.'/file/'.$tmp_bo_table);
rm_rf(G5_DATA_PATH.'/file/'.$tmp_bo_table);

52
adm/board_form.php
View File

@ -7,8 +7,9 @@ auth_check_menu($auth, $sub_menu, 'w');
$sql = " select count(*) as cnt from {$g5['group_table']} ";
$row = sql_fetch($sql);
if (!$row['cnt'])
if (!$row['cnt']) {
alert('게시판그룹이 한개 이상 생성되어야 합니다.', './boardgroup_form.php');
}
$html_title = '게시판';
@ -58,7 +59,7 @@ if (!isset($board['bo_use_sns'])) {
$sql = " SHOW COLUMNS FROM `{$g5['board_table']}` LIKE 'bo_use_cert' ";
$row = sql_fetch($sql);
if(strpos($row['Type'], 'hp-') === false) {
if (strpos($row['Type'], 'hp-') === false) {
sql_query(" ALTER TABLE `{$g5['board_table']}` CHANGE `bo_use_cert` `bo_use_cert` ENUM('','cert','adult','hp-cert','hp-adult') NOT NULL DEFAULT '' ", false);
}
@ -128,7 +129,7 @@ $board_default = array(
'bo_sort_field'=>'',
);
for($i=0;$i<=10;$i++){
for ($i = 0; $i <= 10; $i++) {
$board_default['bo_'.$i.'_subj'] = '';
$board_default['bo_'.$i] = '';
}
@ -142,7 +143,6 @@ $readonly = "";
$sound_only = "";
$required_valid = "";
if ($w == '') {
$html_title .= ' 생성';
$required = 'required';
@ -179,21 +179,20 @@ if ($w == '') {
$board['bo_use_secret'] = 0;
$board['bo_include_head'] = '_head.php';
$board['bo_include_tail'] = '_tail.php';
} else if ($w == 'u') {
} elseif ($w == 'u') {
$html_title .= ' 수정';
if (!$board['bo_table'])
if (!$board['bo_table']) {
alert('존재하지 않은 게시판 입니다.');
}
if ($is_admin == 'group') {
if ($member['mb_id'] != $group['gr_admin'])
if ($member['mb_id'] != $group['gr_admin']) {
alert('그룹이 틀립니다.');
}
}
$readonly = 'readonly';
}
if ($is_admin != 'super') {
@ -202,7 +201,7 @@ if ($is_admin != 'super') {
}
$g5['title'] = $html_title;
include_once ('./admin.head.php');
include_once('./admin.head.php');
$pg_anchor = '<ul class="anchor">
<li><a href="#anc_bo_basic">기본 설정</a></li>
@ -253,7 +252,9 @@ $pg_anchor = '<ul class="anchor">
<th scope="row"><label for="gr_id">그룹<strong class="sound_only">필수</strong></label></th>
<td colspan="2">
<?php echo get_group_select('gr_id', $board['gr_id'], 'required'); ?>
<?php if ($w=='u') { ?><a href="javascript:document.location.href='./board_list.php?sfl=a.gr_id&stx='+document.fboardform.gr_id.value;" class="btn_frmline">동일그룹 게시판목록</a><?php } ?>
<?php if ($w=='u') { ?>
<a href="javascript:document.location.href='./board_list.php?sfl=a.gr_id&stx='+document.fboardform.gr_id.value;" class="btn_frmline">동일그룹 게시판목록</a>
<?php } ?>
</td>
</tr>
<tr>
@ -548,7 +549,9 @@ $pg_anchor = '<ul class="anchor">
<?php
$arr = get_skin_dir('', G5_EDITOR_PATH);
for ($i=0; $i<count($arr); $i++) {
if ($i == 0) echo "<option value=\"\">기본환경설정의 에디터 사용</option>";
if ($i == 0) {
echo "<option value=\"\">기본환경설정의 에디터 사용</option>";
}
echo "<option value=\"".$arr[$i]."\"".get_selected($board['bo_select_editor'], $arr[$i]).">".$arr[$i]."</option>\n";
}
?>
@ -701,9 +704,9 @@ $pg_anchor = '<ul class="anchor">
<?php echo help("본인확인 여부에 따라 게시물을 조회 할 수 있도록 합니다."); ?>
<select id="bo_use_cert" name="bo_use_cert">
<?php
echo option_selected("", $board['bo_use_cert'], "사용안함");
echo option_selected("", $board['bo_use_cert'], "사용안함");
if ($config['cf_cert_use']) {
echo option_selected("cert", $board['bo_use_cert'], "본인확인된 회원전체");
echo option_selected("cert", $board['bo_use_cert'], "본인확인된 회원전체");
echo option_selected("adult", $board['bo_use_cert'], "본인확인된 성인회원만");
}
?>
@ -903,7 +906,7 @@ $pg_anchor = '<ul class="anchor">
<label for="chk_all_mobile_skin">전체적용</label>
</td>
</tr>
<?php if ($is_admin === 'super'){ // 슈퍼관리자인 경우에만 수정 가능 ?>
<?php if ($is_admin === 'super') { // 슈퍼관리자인 경우에만 수정 가능 ?>
<tr>
<th scope="row"><label for="bo_include_head">상단 파일 경로</label></th>
<td>
@ -1192,17 +1195,16 @@ $pg_anchor = '<ul class="anchor">
<td>
<?php echo help('리스트에서 기본으로 정렬에 사용할 필드를 선택합니다. "기본"으로 사용하지 않으시는 경우 속도가 느려질 수 있습니다.') ?>
<select id="bo_sort_field" name="bo_sort_field">
<?php foreach( get_board_sort_fields($board) as $v ){
<?php foreach (get_board_sort_fields($board) as $v) {
$option_value = $order_by_str = $v[0];
if( $v[0] === 'wr_num, wr_reply' ){
if ($v[0] === 'wr_num, wr_reply') {
$selected = (! $board['bo_sort_field']) ? 'selected="selected"' : '';
$option_value = '';
} else {
$selected = ($board['bo_sort_field'] === $v[0]) ? 'selected="selected"' : '';
}
if( $order_by_str !== 'wr_num, wr_reply' ){
if ($order_by_str !== 'wr_num, wr_reply') {
$tmp = explode(',', $v[0]);
$order_by_str = $tmp[0];
}
@ -1335,7 +1337,7 @@ $pg_anchor = '<ul class="anchor">
<div class="btn_fixed_top">
<?php if( $bo_table && $w ){ ?>
<?php if ($bo_table && $w) { ?>
<a href="./board_copy.php?bo_table=<?php echo $board['bo_table']; ?>" id="board_copy" target="win_board_copy" class=" btn_02 btn">게시판복사</a>
<a href="<?php echo get_pretty_url($board['bo_table']); ?>" class=" btn_02 btn">게시판 바로가기</a>
<a href="./board_thumbnail_delete.php?bo_table=<?php echo $board['bo_table'].'&amp;'.$qstr;?>" onclick="return delete_confirm2('게시판 썸네일 파일을 삭제하시겠습니까?');" class="btn_02 btn">게시판 썸네일 삭제</a>
@ -1451,9 +1453,9 @@ jQuery(function($){
function fboardform_submit(f)
{
<?php
if(!$w){
$js_array = get_bo_table_banned_word();
echo "var banned_array = ". json_encode($js_array) . ";\n";
if (!$w) {
$js_array = get_bo_table_banned_word();
echo "var banned_array = ". json_encode($js_array) . ";\n";
}
?>
@ -1489,4 +1491,4 @@ function fboardform_submit(f)
</script>
<?php
include_once ('./admin.tail.php');
include_once('./admin.tail.php');

74
adm/board_form_update.php
View File

@ -2,25 +2,34 @@
$sub_menu = "300100";
include_once('./_common.php');
if ($w == 'u')
if ($w == 'u') {
check_demo();
}
auth_check_menu($auth, $sub_menu, 'w');
check_admin_token();
$gr_id = isset($_POST['gr_id']) ? preg_replace('/[^a-z0-9_]/i', '', $_POST['gr_id']) : '';
$bo_admin = isset($_POST['bo_admin']) ? preg_replace('/[^a-z0-9_\, \|\#]/i', '', $_POST['bo_admin']) : '';
$bo_subject = isset($_POST['bo_subject']) ? strip_tags(clean_xss_attributes($_POST['bo_subject'])) : '';
$bo_mobile_subject = isset($_POST['bo_mobile_subject']) ? strip_tags(clean_xss_attributes($_POST['bo_mobile_subject'])) : '';
$gr_id = isset($_POST['gr_id']) ? preg_replace('/[^a-z0-9_]/i', '', (string)$_POST['gr_id']) : '';
$bo_admin = isset($_POST['bo_admin']) ? preg_replace('/[^a-z0-9_\, \|\#]/i', '', $_POST['bo_admin']) : '';
$bo_subject = isset($_POST['bo_subject']) ? strip_tags(clean_xss_attributes($_POST['bo_subject'])) : '';
$bo_mobile_subject = isset($_POST['bo_mobile_subject']) ? strip_tags(clean_xss_attributes($_POST['bo_mobile_subject'])) : '';
if (!$gr_id) { alert('그룹 ID는 반드시 선택하세요.'); }
if (!$bo_table) { alert('게시판 TABLE명은 반드시 입력하세요.'); }
if (!preg_match("/^([A-Za-z0-9_]{1,20})$/", $bo_table)) { alert('게시판 TABLE명은 공백없이 영문자, 숫자, _ 만 사용 가능합니다. (20자 이내)'); }
if (!$bo_subject) { alert('게시판 제목을 입력하세요.'); }
if (!$gr_id) {
alert('그룹 ID는 반드시 선택하세요.');
}
if (!$bo_table) {
alert('게시판 TABLE명은 반드시 입력하세요.');
}
if (!preg_match("/^([A-Za-z0-9_]{1,20})$/", $bo_table)) {
alert('게시판 TABLE명은 공백없이 영문자, 숫자, _ 만 사용 가능합니다. (20자 이내)');
}
if (!$bo_subject) {
alert('게시판 제목을 입력하세요.');
}
// 게시판명이 금지된 단어로 되어 있으면
if ( $w == '' && in_array($bo_table, get_bo_table_banned_word()) ){
if ($w == '' && in_array($bo_table, get_bo_table_banned_word())) {
alert('입력한 게시판 TABLE명을 사용할수 없습니다. 다른 이름으로 입력해 주세요.');
}
@ -28,7 +37,7 @@ $bo_include_head = isset($_POST['bo_include_head']) ? preg_replace(array("#[\\\]
$bo_include_tail = isset($_POST['bo_include_tail']) ? preg_replace(array("#[\\\]+$#", "#(<\?php|<\?)#i"), "", substr($_POST['bo_include_tail'], 0, 255)) : '';
// 관리자가 자동등록방지를 사용해야 할 경우
if ($board && (isset($board['bo_include_head']) && $board['bo_include_head'] !== $bo_include_head || $board['bo_include_tail'] !== $bo_include_tail) && function_exists('get_admin_captcha_by') && get_admin_captcha_by()){
if ($board && (isset($board['bo_include_head']) && $board['bo_include_head'] !== $bo_include_head || $board['bo_include_tail'] !== $bo_include_tail) && function_exists('get_admin_captcha_by') && get_admin_captcha_by()) {
include_once(G5_CAPTCHA_PATH.'/captcha.lib.php');
if (!chk_captcha()) {
@ -39,7 +48,7 @@ if ($board && (isset($board['bo_include_head']) && $board['bo_include_head'] !==
if ($file = $bo_include_head) {
$file_ext = pathinfo($file, PATHINFO_EXTENSION);
if( ! $file_ext || ! in_array($file_ext, array('php', 'htm', 'html')) || ! preg_match('/^.*\.(php|htm|html)$/i', $file) ) {
if (! $file_ext || ! in_array($file_ext, array('php', 'htm', 'html')) || ! preg_match('/^.*\.(php|htm|html)$/i', $file)) {
alert('상단 파일 경로의 확장자는 php, htm, html 만 허용합니다.');
}
}
@ -47,20 +56,20 @@ if ($file = $bo_include_head) {
if ($file = $bo_include_tail) {
$file_ext = pathinfo($file, PATHINFO_EXTENSION);
if( ! $file_ext || ! in_array($file_ext, array('php', 'htm', 'html')) || ! preg_match('/^.*\.(php|htm|html)$/i', $file) ) {
if (! $file_ext || ! in_array($file_ext, array('php', 'htm', 'html')) || ! preg_match('/^.*\.(php|htm|html)$/i', $file)) {
alert('하단 파일 경로의 확장자는 php, htm, html 만 허용합니다.');
}
}
if(!is_include_path_check($bo_include_head, 1)) {
if (!is_include_path_check($bo_include_head, 1)) {
alert('상단 파일 경로에 포함시킬수 없는 문자열이 있습니다.');
}
if(!is_include_path_check($bo_include_tail, 1)) {
if (!is_include_path_check($bo_include_tail, 1)) {
alert('하단 파일 경로에 포함시킬수 없는 문자열이 있습니다.');
}
if( function_exists('filter_input_include_path') ){
if (function_exists('filter_input_include_path')) {
$bo_include_head = filter_input_include_path($bo_include_head);
$bo_include_tail = filter_input_include_path($bo_include_tail);
}
@ -73,7 +82,7 @@ $board_path = G5_DATA_PATH.'/file/'.$bo_table;
// 디렉토리에 있는 파일의 목록을 보이지 않게 한다.
$file = $board_path . '/index.php';
if( $f = @fopen($file, 'w') ){
if ($f = @fopen($file, 'w')) {
@fwrite($f, '');
@fclose($f);
@chmod($file, G5_FILE_PERMISSION);
@ -84,7 +93,7 @@ $src_char = array('&', '=');
$dst_char = array('', '〓');
$bo_category_list = isset($_POST['bo_category_list']) ? str_replace($src_char, $dst_char, $_POST['bo_category_list']) : '';
//https://github.com/gnuboard/gnuboard5/commit/f5f4925d4eb28ba1af728e1065fc2bdd9ce1da58 에 따른 조치
$str_bo_category_list = preg_replace("/[\<\>\'\"\\\'\\\"\%\=\(\)\/\^\*]/", "", $bo_category_list);
$str_bo_category_list = preg_replace("/[\<\>\'\"\\\'\\\"\%\=\(\)\/\^\*]/", "", (string)$bo_category_list);
$bo_use_category = isset($_POST['bo_use_category']) ? (int) $_POST['bo_use_category'] : 0;
$bo_use_sideview = isset($_POST['bo_use_sideview']) ? (int) $_POST['bo_use_sideview'] : 0;
@ -154,7 +163,7 @@ $bo_sort_field = isset($_POST['bo_sort_field']) ? clean_xss_tags($_POST['bo_sort
$etcs = array();
for($i=1;$i<=10;$i++){
for ($i = 1; $i <= 10; $i++) {
$etcs['bo_'.$i.'_subj'] = ${'bo_'.$i.'_subj'} = isset($_POST['bo_'.$i.'_subj']) ? $_POST['bo_'.$i.'_subj'] : '';
$etcs['bo_'.$i] = ${'bo_'.$i} = isset($_POST['bo_'.$i]) ? $_POST['bo_'.$i] : '';
}
@ -212,8 +221,8 @@ $sql_common = " gr_id = '{$gr_id}',
";
// 최고 관리자인 경우에만 수정가능
if ($is_admin === 'super'){
$sql_common .= " bo_include_head = '".$bo_include_head."',
if ($is_admin === 'super') {
$sql_common .= " bo_include_head = '".$bo_include_head."',
bo_include_tail = '".$bo_include_tail."',
bo_content_head = '{$bo_content_head}',
bo_content_tail = '{$bo_content_tail}',
@ -260,10 +269,10 @@ $sql_common .= " bo_insert_content = '{$bo_insert_content}',
bo_10 = '{$bo_10}' ";
if ($w == '') {
$row = sql_fetch(" select count(*) as cnt from {$g5['board_table']} where bo_table = '{$bo_table}' ");
if ($row['cnt'])
if ($row['cnt']) {
alert($bo_table.' 은(는) 이미 존재하는 TABLE 입니다.');
}
$sql = " insert into {$g5['board_table']}
set bo_table = '{$bo_table}',
@ -284,10 +293,8 @@ if ($w == '') {
$source = array('/__TABLE_NAME__/', '/;/');
$target = array($create_table, '');
$sql = preg_replace($source, $target, $sql);
sql_query($sql, FALSE);
} else if ($w == 'u') {
sql_query($sql, false);
} elseif ($w == 'u') {
// 게시판의 글 수
$sql = " select count(*) as cnt from {$g5['write_prefix']}{$bo_table} where wr_is_comment = 0 ";
$row = sql_fetch($sql);
@ -327,8 +334,7 @@ if ($w == '') {
for ($i=0; $i<count($tmp_array); $i++) {
$tmp_wr_id = trim($tmp_array[$i]);
$row = sql_fetch(" select count(*) as cnt from {$g5['write_prefix']}{$bo_table} where wr_id = '{$tmp_wr_id}' ");
if ($row['cnt'])
{
if ($row['cnt']) {
$bo_notice .= $lf . $tmp_wr_id;
$lf = ",";
}
@ -342,7 +348,6 @@ if ($w == '') {
{$sql_common}
where bo_table = '{$bo_table}' ";
sql_query($sql);
}
@ -412,7 +417,7 @@ if (is_checked('chk_grp_upload_count')) $grp_fields .= " , bo_upload_cou
if (is_checked('chk_grp_upload_size')) $grp_fields .= " , bo_upload_size = '{$bo_upload_size}' ";
//최고관리자만 수정가능
if ($is_admin === 'super'){
if ($is_admin === 'super') {
if (is_checked('chk_grp_include_head')) $grp_fields .= " , bo_include_head = '{$bo_include_head}' ";
if (is_checked('chk_grp_include_tail')) $grp_fields .= " , bo_include_tail = '{$bo_include_tail}' ";
if (is_checked('chk_grp_content_head')) $grp_fields .= " , bo_content_head = '{$bo_content_head}' ";
@ -502,7 +507,7 @@ if (is_checked('chk_all_upload_count')) $all_fields .= " , bo_upload_cou
if (is_checked('chk_all_upload_size')) $all_fields .= " , bo_upload_size = '{$bo_upload_size}' ";
//최고관리자만 수정가능
if ($is_admin === 'super'){
if ($is_admin === 'super') {
if (is_checked('chk_all_include_head')) $all_fields .= " , bo_include_head = '{$bo_include_head}' ";
if (is_checked('chk_all_include_tail')) $all_fields .= " , bo_include_tail = '{$bo_include_tail}' ";
if (is_checked('chk_all_content_head')) $all_fields .= " , bo_content_head = '{$bo_content_head}' ";
@ -527,9 +532,10 @@ if ($all_fields) {
delete_cache_latest($bo_table);
if(function_exists('get_admin_captcha_by'))
if (function_exists('get_admin_captcha_by')) {
get_admin_captcha_by('remove');
}
run_event('admin_board_form_update', $bo_table, $w);
goto_url("./board_form.php?w=u&bo_table={$bo_table}&amp;{$qstr}");
goto_url("./board_form.php?w=u&bo_table={$bo_table}&amp;{$qstr}");

25
adm/board_list.php
View File

@ -15,13 +15,13 @@ if ($is_admin != "super") {
if ($stx) {
$sql_search .= " and ( ";
switch ($sfl) {
case "bo_table" :
case "bo_table":
$sql_search .= " ($sfl like '$stx%') ";
break;
case "a.gr_id" :
case "a.gr_id":
$sql_search .= " ($sfl = '$stx') ";
break;
default :
default:
$sql_search .= " ($sfl like '%$stx%') ";
break;
}
@ -40,7 +40,9 @@ $total_count = $row['cnt'];
$rows = $config['cf_page_rows'];
$total_page = ceil($total_count / $rows); // 전체 페이지 계산
if ($page < 1) { $page = 1; } // 페이지가 없으면 첫 페이지 (1 페이지)
if ($page < 1) {
$page = 1; // 페이지가 없으면 첫 페이지 (1 페이지)
}
$from_record = ($page - 1) * $rows; // 시작 열을 구함
$sql = " select * {$sql_common} {$sql_search} {$sql_order} limit {$from_record}, {$rows} ";
@ -60,7 +62,6 @@ $colspan = 15;
</div>
<form name="fsearch" id="fsearch" class="local_sch01 local_sch" method="get">
<label for="sfl" class="sound_only">검색대상</label>
<select name="sfl" id="sfl">
<option value="bo_table"<?php echo get_selected($sfl, "bo_table", true); ?>>TABLE</option>
@ -70,11 +71,8 @@ $colspan = 15;
<label for="stx" class="sound_only">검색어<strong class="sound_only"> 필수</strong></label>
<input type="text" name="stx" value="<?php echo $stx ?>" id="stx" required class="required frm_input">
<input type="submit" value="검색" class="btn_submit">
</form>
<form name="fboardlist" id="fboardlist" action="./board_list_update.php" onsubmit="return fboardlist_submit(this);" method="post">
<input type="hidden" name="sst" value="<?php echo $sst ?>">
<input type="hidden" name="sod" value="<?php echo $sod ?>">
@ -114,7 +112,7 @@ $colspan = 15;
$one_update = '<a href="./board_form.php?w=u&amp;bo_table='.$row['bo_table'].'&amp;'.$qstr.'" class="btn btn_03">수정</a>';
$one_copy = '<a href="./board_copy.php?bo_table='.$row['bo_table'].'" class="board_copy btn btn_02" target="win_board_copy">복사</a>';
$bg = 'bg'.($i%2);
$bg = 'bg'.($i % 2);
?>
<tr class="<?php echo $bg; ?>">
@ -123,9 +121,9 @@ $colspan = 15;
<input type="checkbox" name="chk[]" value="<?php echo $i ?>" id="chk_<?php echo $i ?>">
</td>
<td>
<?php if ($is_admin == 'super'){ ?>
<?php if ($is_admin == 'super') { ?>
<?php echo get_group_select("gr_id[$i]", $row['gr_id']) ?>
<?php }else{ ?>
<?php } else { ?>
<input type="hidden" name="gr_id[<?php echo $i ?>]" value="<?php echo $row['gr_id'] ?>"><?php echo $row['gr_subject'] ?>
<?php } ?>
</td>
@ -188,8 +186,9 @@ $colspan = 15;
</tr>
<?php
}
if ($i == 0)
if ($i == 0) {
echo '<tr><td colspan="'.$colspan.'" class="empty_table">자료가 없습니다.</td></tr>';
}
?>
</tbody>
</table>
@ -199,8 +198,6 @@ $colspan = 15;
<input type="submit" name="act_button" value="선택수정" onclick="document.pressed=this.value" class="btn_02 btn">
<?php if ($is_admin == 'super') { ?>
<input type="submit" name="act_button" value="선택삭제" onclick="document.pressed=this.value" class="btn_02 btn">
<?php } ?>
<?php if ($is_admin == 'super') { ?>
<a href="./board_form.php" id="bo_add" class="btn_01 btn">게시판 추가</a>
<?php } ?>
</div>

29
adm/board_list_update.php
View File

@ -5,9 +5,9 @@ include_once('./_common.php');
check_demo();
$post_count_chk = (isset($_POST['chk']) && is_array($_POST['chk'])) ? count($_POST['chk']) : 0;
$chk = (isset($_POST['chk']) && is_array($_POST['chk'])) ? $_POST['chk'] : array();
$act_button = isset($_POST['act_button']) ? strip_tags($_POST['act_button']) : '';
$board_table = (isset($_POST['board_table']) && is_array($_POST['board_table'])) ? $_POST['board_table'] : array();
$chk = (isset($_POST['chk']) && is_array($_POST['chk'])) ? $_POST['chk'] : array();
$act_button = isset($_POST['act_button']) ? strip_tags($_POST['act_button']) : '';
$board_table = (isset($_POST['board_table']) && is_array($_POST['board_table'])) ? $_POST['board_table'] : array();
if (! $post_count_chk) {
alert($act_button." 하실 항목을 하나 이상 체크하세요.");
@ -16,11 +16,9 @@ if (! $post_count_chk) {
check_admin_token();
if ($act_button === "선택수정") {
auth_check_menu($auth, $sub_menu, 'w');
for ($i=0; $i<$post_count_chk; $i++) {
// 실제 번호를 넘김
$k = isset($_POST['chk'][$i]) ? (int) $_POST['chk'][$i] : 0;
@ -43,8 +41,9 @@ if ($act_button === "선택수정") {
and a.gr_id = b.gr_id
and b.gr_admin = '{$member['mb_id']}' ";
$row = sql_fetch($sql);
if (!$row['cnt'])
if (!$row['cnt']) {
alert('최고관리자가 아닌 경우 다른 관리자의 게시판('.$board_table[$k].')은 수정이 불가합니다.');
}
}
$p_bo_subject = is_array($_POST['bo_subject']) ? strip_tags(clean_xss_attributes($_POST['bo_subject'][$k])) : '';
@ -66,15 +65,17 @@ if ($act_button === "선택수정") {
sql_query($sql);
}
} else if ($act_button === "선택삭제") {
if ($is_admin != 'super')
} elseif ($act_button === "선택삭제") {
if ($is_admin != 'super') {
alert('게시판 삭제는 최고관리자만 가능합니다.');
}
auth_check_menu($auth, $sub_menu, 'd');
// _BOARD_DELETE_ 상수를 선언해야 board_delete.inc.php 가 정상 작동함
/* 확인필요 22.05.27
A file should declare new symbols (classes, functions, constants, etc.) and cause no other side effects,
or it should execute logic with side effects, but should not do both.*/
define('_BOARD_DELETE_', true);
for ($i=0; $i<$post_count_chk; $i++) {
@ -84,14 +85,12 @@ if ($act_button === "선택수정") {
// include 전에 $bo_table 값을 반드시 넘겨야 함
$tmp_bo_table = isset($_POST['board_table'][$k]) ? trim(clean_xss_tags($_POST['board_table'][$k], 1, 1)) : '';
if( preg_match("/^[A-Za-z0-9_]+$/", $tmp_bo_table) ){
include ('./board_delete.inc.php');
if (preg_match("/^[A-Za-z0-9_]+$/", $tmp_bo_table)) {
include('./board_delete.inc.php');
}
}
}
run_event('admin_board_list_update', $act_button, $chk, $board_table, $qstr);
goto_url('./board_list.php?'.$qstr);
goto_url('./board_list.php?'.$qstr);

10
adm/board_thumbnail_delete.php
View File

@ -4,8 +4,9 @@ include_once('./_common.php');
auth_check_menu($auth, $sub_menu, 'w');
if(!$board['bo_table'])
if (!$board['bo_table']) {
alert('존재하지 않는 게시판입니다.');
}
$g5['title'] = $board['bo_subject'].' 게시판 썸네일 삭제';
include_once('./admin.head.php');
@ -21,11 +22,11 @@ include_once('./admin.head.php');
$dir = G5_DATA_PATH.'/file/'.$bo_table;
$cnt = 0;
if(is_dir($dir)) {
if (is_dir($dir)) {
echo '<ul>';
$files = glob($dir.'/thumb-*');
if (is_array($files)) {
foreach($files as $thumbnail) {
foreach ($files as $thumbnail) {
$cnt++;
@unlink($thumbnail);
@ -33,8 +34,9 @@ if(is_dir($dir)) {
flush();
if ($cnt%10==0)
if (($cnt % 10) == 0) {
echo PHP_EOL;
}
}
}

62
adm/boardgroup_form.php
View File

@ -4,35 +4,41 @@ include_once('./_common.php');
auth_check_menu($auth, $sub_menu, 'w');
if ($is_admin != 'super' && $w == '') alert('최고관리자만 접근 가능합니다.');
if ($is_admin != 'super' && $w == '') {
alert('최고관리자만 접근 가능합니다.');
}
$html_title = '게시판그룹';
$gr_id_attr = '';
$sound_only = '';
if( ! isset($group['gr_id']) ){
if (! isset($group['gr_id'])) {
$group['gr_id'] = '';
$group['gr_subject'] = '';
$group['gr_device'] = '';
}
$gr = array('gr_use_access' => 0, 'gr_admin'=>'');
if ($w == '') {
$gr_id_attr = 'required';
$sound_only = '<strong class="sound_only"> 필수</strong>';
$gr = array('gr_use_access' => 0, 'gr_admin'=>'');
$html_title .= ' 생성';
} else if ($w == 'u') {
} elseif ($w == 'u') {
$gr_id_attr = 'readonly';
$gr = sql_fetch(" select * from {$g5['group_table']} where gr_id = '$gr_id' ");
$html_title .= ' 수정';
}
else
} else {
alert('제대로 된 값이 넘어오지 않았습니다.');
}
if (!isset($group['gr_device'])) {
sql_query(" ALTER TABLE `{$g5['group_table']}` ADD `gr_device` ENUM('both','pc','mobile') NOT NULL DEFAULT 'both' AFTER `gr_subject` ", false);
}
// 접근회원수
$sql1 = " select count(*) as cnt from {$g5['group_member_table']} where gr_id = '{$gr_id}' ";
$row1 = sql_fetch($sql1);
$group_member_count = $row1['cnt'];
$g5['title'] = $html_title;
include_once('./admin.head.php');
@ -59,10 +65,11 @@ include_once('./admin.head.php');
<th scope="row"><label for="gr_id">그룹 ID<?php echo $sound_only ?></label></th>
<td><input type="text" name="gr_id" value="<?php echo $group['gr_id'] ?>" id="gr_id" <?php echo $gr_id_attr; ?> class="<?php echo $gr_id_attr; ?> alnum_ frm_input" maxlength="10">
<?php
if ($w=='')
if ($w=='') {
echo '영문자, 숫자, _ 만 가능 (공백없이)';
else
} else {
echo '<a href="'.G5_BBS_URL.'/group.php?gr_id='.$group['gr_id'].'" class="btn_frmline">게시판그룹 바로가기</a>';
}
?>
</td>
</tr>
@ -71,8 +78,9 @@ include_once('./admin.head.php');
<td>
<input type="text" name="gr_subject" value="<?php echo get_text($group['gr_subject']) ?>" id="gr_subject" required class="required frm_input" size="80">
<?php
if ($w == 'u')
if ($w == 'u') {
echo '<a href="./board_form.php?gr_id='.$gr_id.'" class="btn_frmline">게시판생성</a>';
}
?>
</td>
</tr>
@ -88,14 +96,23 @@ include_once('./admin.head.php');
</td>
</tr>
<tr>
<th scope="row"><?php if ($is_admin == 'super') { ?><label for="gr_admin"><?php } ?>그룹 관리자<?php if ($is_admin == 'super') { ?></label><?php } ?></th>
<th scope="row">
<?php
if ($is_admin == 'super') {
echo '<label for="gr_admin">그룹 관리자</label>';
} else {
echo '그룹 관리자';
}
?>
</th>
<td>
<?php
if ($is_admin == 'super')
echo '<input type="text" id="gr_admin" name="gr_admin" class="frm_input" value="'.$gr['gr_admin'].'" maxlength="20">';
else
echo '<input type="hidden" id="gr_admin" name="gr_admin" value="'.$gr['gr_admin'].'">'.$gr['gr_admin'];
?>
<?php
if ($is_admin == 'super') {
echo '<input type="text" id="gr_admin" name="gr_admin" class="frm_input" value="'.$gr['gr_admin'].'" maxlength="20">';
} else {
echo '<input type="hidden" id="gr_admin" name="gr_admin" value="'.$gr['gr_admin'].'">'.$gr['gr_admin'];
}
?>
</td>
</tr>
<tr>
@ -109,15 +126,12 @@ include_once('./admin.head.php');
<tr>
<th scope="row">접근회원수</th>
<td>
<?php
// 접근회원수
$sql1 = " select count(*) as cnt from {$g5['group_member_table']} where gr_id = '{$gr_id}' ";
$row1 = sql_fetch($sql1);
echo '<a href="./boardgroupmember_list.php?gr_id='.$gr_id.'">'.$row1['cnt'].'</a>';
?>
<?php
echo '<a href="./boardgroupmember_list.php?gr_id='.$gr_id.'">'.$group_member_count.'</a>';
?>
</td>
</tr>
<?php for ($i=1;$i<=10;$i++) { ?>
<?php for ($i=1; $i<=10; $i++) { ?>
<tr>
<th scope="row">여분필드<?php echo $i ?></th>
<td class="td_extra">
@ -155,4 +169,4 @@ function fboardgroup_check(f)
</script>
<?php
include_once ('./admin.tail.php');
include_once('./admin.tail.php');

46
adm/boardgroup_form_update.php
View File

@ -2,37 +2,43 @@
$sub_menu = "300200";
include_once('./_common.php');
if ($w == 'u')
if ($w == 'u') {
check_demo();
}
auth_check_menu($auth, $sub_menu, 'w');
if ($is_admin != 'super' && $w == '') alert('최고관리자만 접근 가능합니다.');
if ($is_admin != 'super' && $w == '') {
alert('최고관리자만 접근 가능합니다.');
}
check_admin_token();
$gr_id = isset($_POST['gr_id']) ? $_POST['gr_id'] : '';
if (!preg_match("/^([A-Za-z0-9_]{1,10})$/", $gr_id))
if (!preg_match("/^([A-Za-z0-9_]{1,10})$/", $gr_id)) {
alert('그룹 ID는 공백없이 영문자, 숫자, _ 만 사용 가능합니다. (10자 이내)');
}
if (!$gr_subject) alert('그룹 제목을 입력하세요.');
if (empty($gr_subject)) {
alert('그룹 제목을 입력하세요.');
}
$posts = array();
$check_keys = array(
'gr_subject'=>'',
'gr_device'=>'',
'gr_admin'=>'',
'gr_subject'=>'',
'gr_device'=>'',
'gr_admin'=>'',
);
for($i=1;$i<=10;$i++){
$check_keys['gr_'.$i.'_subj'] = isset($_POST['gr_'.$i.'_subj']) ? $_POST['gr_'.$i.'_subj'] : '';
$check_keys['gr_'.$i] = isset($_POST['gr_'.$i]) ? $_POST['gr_'.$i] : '';
for ($i = 1; $i <= 10; $i++) {
$check_keys['gr_'.$i.'_subj'] = isset($_POST['gr_'.$i.'_subj']) ? $_POST['gr_'.$i.'_subj'] : '';
$check_keys['gr_'.$i] = isset($_POST['gr_'.$i]) ? $_POST['gr_'.$i] : '';
}
foreach( $check_keys as $key=>$value ){
if( $key === 'gr_subject' ){
foreach ($check_keys as $key => $value) {
if ($key === 'gr_subject') {
$posts[$key] = isset($_POST[$key]) ? strip_tags(clean_xss_attributes($_POST[$key])) : '';
} else {
$posts[$key] = isset($_POST[$key]) ? $_POST[$key] : '';
@ -62,34 +68,32 @@ $sql_common = " gr_subject = '{$posts['gr_subject']}',
gr_8 = '{$posts['gr_8']}',
gr_9 = '{$posts['gr_9']}',
gr_10 = '{$posts['gr_10']}' ";
if (isset($_POST['gr_use_access']))
if (isset($_POST['gr_use_access'])) {
$sql_common .= ", gr_use_access = '{$_POST['gr_use_access']}' ";
else
} else {
$sql_common .= ", gr_use_access = '' ";
}
if ($w == '') {
$sql = " select count(*) as cnt from {$g5['group_table']} where gr_id = '{$gr_id}' ";
$row = sql_fetch($sql);
if ($row['cnt'])
if ($row['cnt']) {
alert('이미 존재하는 그룹 ID 입니다.');
}
$sql = " insert into {$g5['group_table']}
set gr_id = '{$gr_id}',
{$sql_common} ";
sql_query($sql);
} else if ($w == "u") {
} elseif ($w == "u") {
$sql = " update {$g5['group_table']}
set {$sql_common}
where gr_id = '{$gr_id}' ";
sql_query($sql);
} else {
alert('제대로 된 값이 넘어오지 않았습니다.');
}
run_event('admin_boardgroup_form_update', $gr_id, $w);
goto_url('./boardgroup_form.php?w=u&amp;gr_id='.$gr_id.'&amp;'.$qstr);
goto_url('./boardgroup_form.php?w=u&amp;gr_id='.$gr_id.'&amp;'.$qstr);

49
adm/boardgroup_list.php
View File

@ -16,27 +16,29 @@ if (!isset($group['gr_device'])) {
$sql_common = " from {$g5['group_table']} ";
$sql_search = " where (1) ";
if ($is_admin != 'super')
if ($is_admin != 'super') {
$sql_search .= " and (gr_admin = '{$member['mb_id']}') ";
}
if ($stx) {
$sql_search .= " and ( ";
switch ($sfl) {
case "gr_id" :
case "gr_admin" :
case "gr_id":
case "gr_admin":
$sql_search .= " ({$sfl} = '{$stx}') ";
break;
default :
default:
$sql_search .= " ({$sfl} like '%{$stx}%') ";
break;
}
$sql_search .= " ) ";
}
if ($sst)
if ($sst) {
$sql_order = " order by {$sst} {$sod} ";
else
} else {
$sql_order = " order by gr_id asc ";
}
$sql = " select count(*) as cnt {$sql_common} {$sql_search} {$sql_order} ";
$row = sql_fetch($sql);
@ -44,7 +46,9 @@ $total_count = $row['cnt'];
$rows = $config['cf_page_rows'];
$total_page = ceil($total_count / $rows); // 전체 페이지 계산
if ($page < 1) $page = 1; // 페이지가 없으면 첫 페이지 (1 페이지)
if ($page < 1) {
$page = 1; // 페이지가 없으면 첫 페이지 (1 페이지)
}
$from_record = ($page - 1) * $rows; // 시작 열을 구함
$sql = " select * {$sql_common} {$sql_search} {$sql_order} limit {$from_record}, {$rows} ";
@ -64,15 +68,15 @@ $colspan = 10;
</div>
<form name="fsearch" id="fsearch" class="local_sch01 local_sch" method="get">
<label for="sfl" class="sound_only">검색대상</label>
<select name="sfl" id="sfl">
<option value="gr_subject"<?php echo get_selected($sfl, "gr_subject"); ?>>제목</option>
<option value="gr_id"<?php echo get_selected($sfl, "gr_id"); ?>>ID</option>
<option value="gr_admin"<?php echo get_selected($sfl, "gr_admin"); ?>>그룹관리자</option>
</select>
<label for="stx" class="sound_only">검색어<strong class="sound_only"> 필수</strong></label>
<input type="text" name="stx" id="stx" value="<?php echo $stx ?>" required class="required frm_input">
<input type="submit" value="검색" class="btn_submit">
<label for="sfl" class="sound_only">검색대상</label>
<select name="sfl" id="sfl">
<option value="gr_subject"<?php echo get_selected($sfl, "gr_subject"); ?>>제목</option>
<option value="gr_id"<?php echo get_selected($sfl, "gr_id"); ?>>ID</option>
<option value="gr_admin"<?php echo get_selected($sfl, "gr_admin"); ?>>그룹관리자</option>
</select>
<label for="stx" class="sound_only">검색어<strong class="sound_only"> 필수</strong></label>
<input type="text" name="stx" id="stx" value="<?php echo $stx ?>" required class="required frm_input">
<input type="submit" value="검색" class="btn_submit">
</form>
@ -106,8 +110,7 @@ $colspan = 10;
</thead>
<tbody>
<?php
for ($i=0; $row=sql_fetch_array($result); $i++)
{
for ($i=0; $row=sql_fetch_array($result); $i++) {
// 접근회원수
$sql1 = " select count(*) as cnt from {$g5['group_member_table']} where gr_id = '{$row['gr_id']}' ";
$row1 = sql_fetch($sql1);
@ -133,10 +136,10 @@ $colspan = 10;
<input type="text" name="gr_subject[<?php echo $i ?>]" value="<?php echo get_text($row['gr_subject']) ?>" id="gr_subject_<?php echo $i ?>" class="tbl_input">
</td>
<td class="td_mng td_input">
<?php if ($is_admin == 'super'){ ?>
<?php if ($is_admin == 'super') { ?>
<label for="gr_admin_<?php echo $i; ?>" class="sound_only">그룹관리자</label>
<input type="text" name="gr_admin[<?php echo $i ?>]" value="<?php echo get_sanitize_input($row['gr_admin']); ?>" id="gr_admin_<?php echo $i ?>" class="tbl_input" size="10" maxlength="20">
<?php }else{ ?>
<?php } else { ?>
<input type="hidden" name="gr_admin[<?php echo $i ?>]" value="<?php echo get_sanitize_input($row['gr_admin']); ?>"><?php echo get_text($row['gr_admin']); ?>
<?php } ?>
</td>
@ -160,11 +163,11 @@ $colspan = 10;
</td>
<td class="td_mng td_mng_s"><?php echo $s_upd ?></td>
</tr>
<?php
}
if ($i == 0)
}
if ($i == 0) {
echo '<tr><td colspan="'.$colspan.'" class="empty_table">자료가 없습니다.</td></tr>';
}
?>
</table>
</div>

44
adm/boardgroup_list_update.php
View File

@ -2,34 +2,32 @@
$sub_menu = "300200";
include_once('./_common.php');
//print_r2($_POST); exit;
check_demo();
auth_check_menu($auth, $sub_menu, 'w');
check_admin_token();
$post_chk = isset($_POST['chk']) ? (array) $_POST['chk'] : array();
$post_group_id = isset($_POST['group_id']) ? (array) $_POST['group_id'] : array();
$act_button = isset($_POST['act_button']) ? $_POST['act_button'] : '';
$post_chk = isset($_POST['chk']) ? (array) $_POST['chk'] : array();
$post_group_id = isset($_POST['group_id']) ? (array) $_POST['group_id'] : array();
$act_button = isset($_POST['act_button']) ? $_POST['act_button'] : '';
$count = count($post_chk);
$chk_count = count($post_chk);
if(!$count)
if (!$chk_count) {
alert($act_button.'할 게시판그룹을 1개이상 선택해 주세요.');
}
for ($i=0; $i<$count; $i++)
{
$k = isset($post_chk[$i]) ? (int) $post_chk[$i] : 0;
$gr_id = preg_replace('/[^a-z0-9_]/i', '', $post_group_id[$k]);
$gr_subject = isset($_POST['gr_subject'][$k]) ? strip_tags(clean_xss_attributes($_POST['gr_subject'][$k])) : '';
$gr_admin = isset($_POST['gr_admin'][$k]) ? strip_tags(clean_xss_attributes($_POST['gr_admin'][$k])) : '';
$gr_device = isset($_POST['gr_device'][$k]) ? clean_xss_tags($_POST['gr_device'][$k], 1, 1, 10) : '';
$gr_use_access = isset($_POST['gr_use_access'][$k]) ? (int) $_POST['gr_use_access'][$k] : 0;
$gr_order = isset($_POST['gr_order'][$k]) ? (int) $_POST['gr_order'][$k] : 0;
for ($i=0; $i<$chk_count; $i++) {
$k = isset($post_chk[$i]) ? (int) $post_chk[$i] : 0;
$gr_id = preg_replace('/[^a-z0-9_]/i', '', $post_group_id[$k]);
$gr_subject = isset($_POST['gr_subject'][$k]) ? strip_tags(clean_xss_attributes($_POST['gr_subject'][$k])) : '';
$gr_admin = isset($_POST['gr_admin'][$k]) ? strip_tags(clean_xss_attributes($_POST['gr_admin'][$k])) : '';
$gr_device = isset($_POST['gr_device'][$k]) ? clean_xss_tags($_POST['gr_device'][$k], 1, 1, 10) : '';
$gr_use_access = isset($_POST['gr_use_access'][$k]) ? (int) $_POST['gr_use_access'][$k] : 0;
$gr_order = isset($_POST['gr_order'][$k]) ? (int) $_POST['gr_order'][$k] : 0;
if($act_button == '선택수정') {
if ($act_button == '선택수정') {
$sql = " update {$g5['group_table']}
set gr_subject = '{$gr_subject}',
gr_device = '".sql_real_escape_string($gr_device)."',
@ -37,13 +35,15 @@ for ($i=0; $i<$count; $i++)
gr_use_access = '".$gr_use_access."',
gr_order = '".$gr_order."'
where gr_id = '{$gr_id}' ";
if ($is_admin != 'super')
if ($is_admin != 'super') {
$sql .= " and gr_admin = '{$gr_admin}' ";
}
sql_query($sql);
} else if($act_button == '선택삭제') {
} elseif ($act_button == '선택삭제') {
$row = sql_fetch(" select count(*) as cnt from {$g5['board_table']} where gr_id = '$gr_id' ");
if ($row['cnt'])
if ($row['cnt']) {
alert("이 그룹에 속한 게시판이 존재하여 게시판 그룹을 삭제할 수 없습니다.\\n\\n이 그룹에 속한 게시판을 먼저 삭제하여 주십시오.", './board_list.php?sfl=gr_id&amp;stx='.$gr_id);
}
// 그룹 삭제
sql_query(" delete from {$g5['group_table']} where gr_id = '$gr_id' ");
@ -53,6 +53,6 @@ for ($i=0; $i<$count; $i++)
}
}
run_event('admin_boardgroup_list_update', $act_button, $chk, $post_group_id, $qstr);
run_event('admin_boardgroup_list_update', $act_button, $post_chk, $post_group_id, $qstr);
goto_url('./boardgroup_list.php?'.$qstr);
goto_url('./boardgroup_list.php?'.$qstr);

177
adm/boardgroupmember_form.php
View File

@ -6,9 +6,10 @@ auth_check_menu($auth, $sub_menu, 'w');
$mb = get_member($mb_id);
$token = isset($token) ? $token : '';
if (! (isset($mb['mb_id']) && $mb['mb_id']))
if (! (isset($mb['mb_id']) && $mb['mb_id'])) {
alert('존재하지 않는 회원입니다.');
}
$g5['title'] = '접근가능그룹';
include_once('./admin.head.php');
@ -16,95 +17,99 @@ include_once('./admin.head.php');
$colspan = 4;
?>
<form name="fboardgroupmember_form" id="fboardgroupmember_form" action="./boardgroupmember_update.php" onsubmit="return boardgroupmember_form_check(this)" method="post">
<input type="hidden" name="mb_id" value="<?php echo $mb['mb_id'] ?>" id="mb_id">
<input type="hidden" name="token" value="" id="token">
<div class="local_ov01 local_ov">
<span class="btn_ov01"><span class="ov_txt"> 아이디</span><span class="ov_num"><?php echo $mb['mb_id'] ?></span></span>
<span class="btn_ov01"><span class="ov_txt"> 이름</span><span class="ov_num"><?php echo get_text($mb['mb_name']); ?></span></span>
<span class="btn_ov01"><span class="ov_txt"> 닉네임</span><span class="ov_num"><?php echo $mb['mb_nick'] ?></span></span>
</div>
<div class="local_cmd01 local_cmd">
<form name="fboardgroupmember_form" id="fboardgroupmember_form" action="./boardgroupmember_update.php"
onsubmit="return boardgroupmember_form_check(this)" method="post">
<input type="hidden" name="mb_id" value="<?php echo $mb['mb_id'] ?>" id="mb_id">
<input type="hidden" name="token" value="" id="token">
<label for="gr_id">그룹지정</label>
<select name="gr_id" id="gr_id">
<option value="">접근가능 그룹을 선택하세요.</option>
<?php
$sql = " select *
from {$g5['group_table']}
where gr_use_access = 1 ";
//if ($is_admin == 'group') {
if ($is_admin != 'super')
$sql .= " and gr_admin = '{$member['mb_id']}' ";
$sql .= " order by gr_id ";
$result = sql_query($sql);
for ($i=0; $row=sql_fetch_array($result); $i++) {
echo "<option value=\"".$row['gr_id']."\">".$row['gr_subject']."</option>";
}
?>
</select>
<input type="submit" value="선택" class="btn_submit btn" accesskey="s">
</div>
<div class="local_ov01 local_ov">
<span class="btn_ov01"><span class="ov_txt"> 아이디</span><span class="ov_num"><?php echo $mb['mb_id'] ?></span></span>
<span class="btn_ov01"><span class="ov_txt"> 이름</span><span class="ov_num"><?php echo get_text($mb['mb_name']); ?></span></span>
<span class="btn_ov01"><span class="ov_txt"> 닉네임</span><span class="ov_num"><?php echo $mb['mb_nick'] ?></span></span>
</div>
<div class="local_cmd01 local_cmd">
<label for="gr_id">그룹지정</label>
<select name="gr_id" id="gr_id">
<option value="">접근가능 그룹을 선택하세요.</option>
<?php
$sql = " select *
from {$g5['group_table']}
where gr_use_access = 1 ";
if ($is_admin != 'super') {
$sql .= " and gr_admin = '{$member['mb_id']}' ";
}
$sql .= " order by gr_id ";
$result = sql_query($sql);
for ($i=0; $row=sql_fetch_array($result); $i++) {
echo "<option value=\"".$row['gr_id']."\">".$row['gr_subject']."</option>";
}
?>
</select>
<input type="submit" value="선택" class="btn_submit btn" accesskey="s">
</div>
</form>
<form name="fboardgroupmember" id="fboardgroupmember" action="./boardgroupmember_update.php" onsubmit="return fboardgroupmember_submit(this);" method="post">
<input type="hidden" name="sst" value="<?php echo $sst ?>" id="sst">
<input type="hidden" name="sod" value="<?php echo $sod ?>" id="sod">
<input type="hidden" name="sfl" value="<?php echo $sfl ?>" id="sfl">
<input type="hidden" name="stx" value="<?php echo $stx ?>" id="stx">
<input type="hidden" name="page" value="<?php echo $page ?>" id="page">
<input type="hidden" name="token" value="<?php echo get_sanitize_input($token); ?>" id="token">
<input type="hidden" name="mb_id" value="<?php echo $mb['mb_id'] ?>" id="mb_id">
<input type="hidden" name="w" value="d" id="w">
<form name="fboardgroupmember" id="fboardgroupmember" action="./boardgroupmember_update.php"
onsubmit="return fboardgroupmember_submit(this);" method="post">
<input type="hidden" name="sst" value="<?php echo $sst ?>" id="sst">
<input type="hidden" name="sod" value="<?php echo $sod ?>" id="sod">
<input type="hidden" name="sfl" value="<?php echo $sfl ?>" id="sfl">
<input type="hidden" name="stx" value="<?php echo $stx ?>" id="stx">
<input type="hidden" name="page" value="<?php echo $page ?>" id="page">
<input type="hidden" name="token" value="<?php echo get_sanitize_input($token); ?>" id="token">
<input type="hidden" name="mb_id" value="<?php echo $mb['mb_id'] ?>" id="mb_id">
<input type="hidden" name="w" value="d" id="w">
<div class="tbl_head01 tbl_wrap">
<table>
<caption><?php echo $g5['title']; ?> 목록</caption>
<thead>
<tr>
<th scope="col">
<label for="chkall" class="sound_only">접근가능그룹 전체</label>
<input type="checkbox" name="chkall" value="1" id="chkall" onclick="check_all(this.form)">
</th>
<th scope="col">그룹아이디</th>
<th scope="col">그룹</th>
<th scope="col">처리일시</th>
</tr>
</thead>
<tbody>
<?php
$sql = " select * from {$g5['group_member_table']} a, {$g5['group_table']} b
where a.mb_id = '{$mb['mb_id']}'
and a.gr_id = b.gr_id ";
if ($is_admin != 'super')
$sql .= " and b.gr_admin = '{$member['mb_id']}' ";
$sql .= " order by a.gr_id desc ";
$result = sql_query($sql);
for ($i=0; $row=sql_fetch_array($result); $i++) {
?>
<tr>
<td class="td_chk">
<label for="chk_<?php echo $i; ?>" class="sound_only"><?php echo $row['gr_subject'] ?> 그룹</label>
<input type="checkbox" name="chk[]" value="<?php echo $row['gm_id'] ?>" id="chk_<?php echo $i ?>">
</td>
<td class="td_grid"><a href="<?php echo G5_BBS_URL; ?>/group.php?gr_id=<?php echo $row['gr_id'] ?>"><?php echo $row['gr_id'] ?></a></td>
<td class="td_category"><?php echo $row['gr_subject'] ?></td>
<td class="td_datetime"><?php echo $row['gm_datetime'] ?></td>
</tr>
<?php
}
<div class="tbl_head01 tbl_wrap">
<table>
<caption><?php echo $g5['title']; ?> 목록</caption>
<thead>
<tr>
<th scope="col">
<label for="chkall" class="sound_only">접근가능그룹 전체</label>
<input type="checkbox" name="chkall" value="1" id="chkall" onclick="check_all(this.form)">
</th>
<th scope="col">그룹아이디</th>
<th scope="col">그룹</th>
<th scope="col">처리일시</th>
</tr>
</thead>
<tbody>
<?php
$sql = " select * from {$g5['group_member_table']} a, {$g5['group_table']} b
where a.mb_id = '{$mb['mb_id']}'
and a.gr_id = b.gr_id ";
if ($is_admin != 'super') {
$sql .= " and b.gr_admin = '{$member['mb_id']}' ";
}
$sql .= " order by a.gr_id desc ";
$result = sql_query($sql);
for ($i=0; $row=sql_fetch_array($result); $i++) {
?>
<tr>
<td class="td_chk">
<label for="chk_<?php echo $i; ?>" class="sound_only"><?php echo $row['gr_subject'] ?> 그룹</label>
<input type="checkbox" name="chk[]" value="<?php echo $row['gm_id'] ?>" id="chk_<?php echo $i ?>">
</td>
<td class="td_grid"><a href="<?php echo G5_BBS_URL; ?>/group.php?gr_id=<?php echo $row['gr_id'] ?>"><?php echo $row['gr_id'] ?></a></td>
<td class="td_category"><?php echo $row['gr_subject'] ?></td>
<td class="td_datetime"><?php echo $row['gm_datetime'] ?></td>
</tr>
<?php
}
if ($i == 0) {
echo '<tr><td colspan="'.$colspan.'" class="empty_table">접근가능한 그룹이 없습니다.</td></tr>';
}
?>
</tbody>
</table>
</div>
if ($i == 0) {
echo '<tr><td colspan="'.$colspan.'" class="empty_table">접근가능한 그룹이 없습니다.</td></tr>';
}
?>
</tbody>
</table>
</div>
<div class="btn_list01 btn_list">
<input type="submit" name="" value="선택삭제" class="btn btn_02">
</div>
<div class="btn_list01 btn_list">
<input type="submit" name="" value="선택삭제" class="btn btn_02">
</div>
</form>
<script>
@ -130,4 +135,4 @@ function boardgroupmember_form_check(f)
</script>
<?php
include_once('./admin.tail.php');
include_once('./admin.tail.php');

160
adm/boardgroupmember_list.php
View File

@ -11,13 +11,13 @@ if (!$gr['gr_id']) {
$sql_common = " from {$g5['group_member_table']} a
left outer join {$g5['member_table']} b on (a.mb_id = b.mb_id) ";
$sql_search = " where gr_id = '{$gr_id}' ";
// 회원아이디로 검색되지 않던 오류를 수정
if (isset($stx) && $stx) {
$sql_search .= " and ( ";
switch ($sfl) {
default :
default:
$sql_search .= " ($sfl like '%$stx%') ";
break;
}
@ -25,7 +25,7 @@ if (isset($stx) && $stx) {
}
if (!$sst) {
$sst = "gm_datetime";
$sst = "gm_datetime";
$sod = "desc";
}
$sql_order = " order by {$sst} {$sod} ";
@ -39,7 +39,9 @@ $total_count = $row['cnt'];
$rows = $config['cf_page_rows'];
$total_page = ceil($total_count / $rows); // 전체 페이지 계산
if ($page < 1) $page = 1; // 페이지가 없으면 첫 페이지 (1 페이지)
if ($page < 1) {
$page = 1; // 페이지가 없으면 첫 페이지 (1 페이지)
}
$from_record = ($page - 1) * $rows; // 시작 열을 구함
$sql = " select *
@ -56,88 +58,90 @@ $colspan = 7;
?>
<form name="fsearch" id="fsearch" class="local_sch01 local_sch" method="get">
<input type="hidden" name="gr_id" value="<?php echo $gr_id ?>">
<label for="sfl" class="sound_only">검색대상</label>
<select name="sfl" id="sfl">
<option value="a.mb_id"<?php echo get_selected($sfl, "a.mb_id") ?>>회원아이디</option>
</select>
<label for="stx" class="sound_only">검색어<strong class="sound_only"> 필수</strong></label>
<input type="text" name="stx" value="<?php echo $stx ?>" id="stx" required class="required frm_input">
<input type="submit" value="검색" class="btn_submit">
<input type="hidden" name="gr_id" value="<?php echo $gr_id ?>">
<label for="sfl" class="sound_only">검색대상</label>
<select name="sfl" id="sfl">
<option value="a.mb_id"<?php echo get_selected($sfl, "a.mb_id") ?>>회원아이디</option>
</select>
<label for="stx" class="sound_only">검색어<strong class="sound_only"> 필수</strong></label>
<input type="text" name="stx" value="<?php echo $stx ?>" id="stx" required class="required frm_input">
<input type="submit" value="검색" class="btn_submit">
</form>
<form name="fboardgroupmember" id="fboardgroupmember" action="./boardgroupmember_update.php" onsubmit="return fboardgroupmember_submit(this);" method="post">
<input type="hidden" name="sst" value="<?php echo $sst ?>">
<input type="hidden" name="sod" value="<?php echo $sod ?>">
<input type="hidden" name="sfl" value="<?php echo $sfl ?>">
<input type="hidden" name="stx" value="<?php echo $stx ?>">
<input type="hidden" name="page" value="<?php echo $page ?>">
<input type="hidden" name="token" value="<?php echo $token ?>">
<input type="hidden" name="gr_id" value="<?php echo $gr_id ?>">
<input type="hidden" name="w" value="ld">
<form name="fboardgroupmember" id="fboardgroupmember" action="./boardgroupmember_update.php"
onsubmit="return fboardgroupmember_submit(this);" method="post">
<input type="hidden" name="sst" value="<?php echo $sst ?>">
<input type="hidden" name="sod" value="<?php echo $sod ?>">
<input type="hidden" name="sfl" value="<?php echo $sfl ?>">
<input type="hidden" name="stx" value="<?php echo $stx ?>">
<input type="hidden" name="page" value="<?php echo $page ?>">
<input type="hidden" name="token" value="<?php echo $token ?>">
<input type="hidden" name="gr_id" value="<?php echo $gr_id ?>">
<input type="hidden" name="w" value="ld">
<div class="tbl_head01 tbl_wrap">
<table>
<caption><?php echo $g5['title']; ?> 목록</caption>
<thead>
<tr>
<th scope="col">
<label for="chkall" class="sound_only">접근가능회원 전체</label>
<input type="checkbox" name="chkall" value="1" id="chkall" onclick="check_all(this.form)">
</th>
<th scope="col">그룹</th>
<th scope="col"><?php echo subject_sort_link('b.mb_id', 'gr_id='.$gr_id) ?>회원아이디</a></th>
<th scope="col"><?php echo subject_sort_link('b.mb_name', 'gr_id='.$gr_id) ?>이름</a></th>
<th scope="col"><?php echo subject_sort_link('b.mb_nick', 'gr_id='.$gr_id) ?>별명</a></th>
<th scope="col"><?php echo subject_sort_link('b.mb_today_login', 'gr_id='.$gr_id) ?>최종접속</a></th>
<th scope="col"><?php echo subject_sort_link('a.gm_datetime', 'gr_id='.$gr_id) ?>처리일시</a></th>
</tr>
</thead>
<tbody>
<?php
for ($i=0; $row=sql_fetch_array($result); $i++)
{
// 접근가능한 그룹수
$sql2 = " select count(*) as cnt from {$g5['group_member_table']} where mb_id = '{$row['mb_id']}' ";
$row2 = sql_fetch($sql2);
$group = "";
if ($row2['cnt'])
$group = '<a href="./boardgroupmember_form.php?mb_id='.$row['mb_id'].'">'.$row2['cnt'].'</a>';
<div class="tbl_head01 tbl_wrap">
<table>
<caption><?php echo $g5['title']; ?> 목록</caption>
<thead>
<tr>
<th scope="col">
<label for="chkall" class="sound_only">접근가능회원 전체</label>
<input type="checkbox" name="chkall" value="1" id="chkall" onclick="check_all(this.form)">
</th>
<th scope="col">그룹</th>
<th scope="col"><?php echo subject_sort_link('b.mb_id', 'gr_id='.$gr_id) ?>회원아이디</a></th>
<th scope="col"><?php echo subject_sort_link('b.mb_name', 'gr_id='.$gr_id) ?>이름</a></th>
<th scope="col"><?php echo subject_sort_link('b.mb_nick', 'gr_id='.$gr_id) ?>별명</a></th>
<th scope="col"><?php echo subject_sort_link('b.mb_today_login', 'gr_id='.$gr_id) ?>최종접속</a></th>
<th scope="col"><?php echo subject_sort_link('a.gm_datetime', 'gr_id='.$gr_id) ?>처리일시</a></th>
</tr>
</thead>
<tbody>
<?php
for ($i=0; $row=sql_fetch_array($result); $i++) {
// 접근가능한 그룹수
$sql2 = " select count(*) as cnt from {$g5['group_member_table']} where mb_id = '{$row['mb_id']}' ";
$row2 = sql_fetch($sql2);
$group = "";
if ($row2['cnt']) {
$group = '<a href="./boardgroupmember_form.php?mb_id='.$row['mb_id'].'">'.$row2['cnt'].'</a>';
}
$mb_nick = get_sideview($row['mb_id'], $row['mb_nick'], $row['mb_email'], $row['mb_homepage']);
$mb_nick = get_sideview($row['mb_id'], $row['mb_nick'], $row['mb_email'], $row['mb_homepage']);
$bg = 'bg'.($i%2);
?>
<tr class="<?php echo $bg; ?>">
<td class="td_chk">
<label for="chk_<?php echo $i; ?>" class="sound_only"><?php echo $row['mb_nick'] ?> 회원</label>
<input type="checkbox" name="chk[]" value="<?php echo $row['gm_id'] ?>" id="chk_<?php echo $i ?>">
</td>
<td class="td_grid"><?php echo $group ?></td>
<td class="td_mbid"><?php echo $row['mb_id'] ?></td>
<td class="td_mbname"><?php echo get_text($row['mb_name']); ?></td>
<td class="td_name sv_use"><?php echo $mb_nick ?></td>
<td class="td_datetime"><?php echo substr($row['mb_today_login'],2,8) ?></td>
<td class="td_datetime"><?php echo $row['gm_datetime'] ?></td>
</tr>
<?php
}
$bg = 'bg'.($i%2);
?>
<tr class="<?php echo $bg; ?>">
<td class="td_chk">
<label for="chk_<?php echo $i; ?>" class="sound_only"><?php echo $row['mb_nick'] ?> 회원</label>
<input type="checkbox" name="chk[]" value="<?php echo $row['gm_id'] ?>" id="chk_<?php echo $i ?>">
</td>
<td class="td_grid"><?php echo $group ?></td>
<td class="td_mbid"><?php echo $row['mb_id'] ?></td>
<td class="td_mbname"><?php echo get_text($row['mb_name']); ?></td>
<td class="td_name sv_use"><?php echo $mb_nick ?></td>
<td class="td_datetime"><?php echo substr($row['mb_today_login'], 2, 8) ?></td>
<td class="td_datetime"><?php echo $row['gm_datetime'] ?></td>
</tr>
<?php
}
if ($i == 0)
{
echo '<tr><td colspan="'.$colspan.'" class="empty_table">자료가 없습니다.</td></tr>';
}
?>
</tbody>
</table>
</div>
if ($i == 0) {
echo '<tr><td colspan="'.$colspan.'" class="empty_table">자료가 없습니다.</td></tr>';
}
?>
</tbody>
</table>
</div>
<div class="btn_list01 btn_list">
<input type="submit" name="" value="선택삭제">
</div>
<div class="btn_list01 btn_list">
<input type="submit" name="" value="선택삭제">
</div>
</form>
<?php echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, "{$_SERVER['SCRIPT_NAME']}?$qstr&amp;gr_id=$gr_id&page="); ?>
<?php
echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, "{$_SERVER['SCRIPT_NAME']}?$qstr&amp;gr_id=$gr_id&page=");
?>
<script>
function fboardgroupmember_submit(f)
@ -152,4 +156,4 @@ function fboardgroupmember_submit(f)
</script>
<?php
include_once('./admin.tail.php');
include_once('./admin.tail.php');

32
adm/boardgroupmember_update.php
View File

@ -4,17 +4,16 @@ include_once('./_common.php');
sql_query(" ALTER TABLE {$g5['group_member_table']} CHANGE `gm_id` `gm_id` INT( 11 ) DEFAULT '0' NOT NULL AUTO_INCREMENT ", false);
if ($w == '')
{
if ($w == '') {
auth_check_menu($auth, $sub_menu, 'w');
$mb = get_member($mb_id);
if (!$mb['mb_id']) {
if (empty($mb['mb_id'])) {
alert('존재하지 않는 회원입니다.');
}
$gr = get_group($gr_id);
if (!$gr['gr_id']) {
if (empty($gr['gr_id'])) {
alert('존재하지 않는 그룹입니다.');
}
@ -25,9 +24,7 @@ if ($w == '')
$row = sql_fetch($sql);
if ($row['cnt']) {
alert('이미 등록되어 있는 자료입니다.');
}
else
{
} else {
check_admin_token();
$sql = " insert into {$g5['group_member_table']}
@ -36,26 +33,26 @@ if ($w == '')
gm_datetime = '".G5_TIME_YMDHIS."' ";
sql_query($sql);
}
}
else if ($w == 'd' || $w == 'ld')
{
} elseif ($w == 'd' || $w == 'ld') {
auth_check_menu($auth, $sub_menu, 'd');
$count = count($_POST['chk']);
if(!$count)
if (!$count) {
alert('삭제할 목록을 하나이상 선택해 주세요.');
}
check_admin_token();
for($i=0; $i<$count; $i++) {
for ($i = 0; $i < $count; $i++) {
$gm_id = (int) $_POST['chk'][$i];
$sql = " select * from {$g5['group_member_table']} where gm_id = '$gm_id' ";
$gm = sql_fetch($sql);
if (!$gm['gm_id']) {
if($count == 1)
if ($count == 1) {
alert('존재하지 않는 자료입니다.');
else
} else {
continue;
}
}
$sql = " delete from {$g5['group_member_table']} where gm_id = '$gm_id' ";
@ -63,7 +60,8 @@ else if ($w == 'd' || $w == 'ld')
}
}
if ($w == 'ld')
if ($w == 'ld') {
goto_url('./boardgroupmember_list.php?gr_id='.$gr_id);
else
goto_url('./boardgroupmember_form.php?mb_id='.$mb_id);
} else {
goto_url('./boardgroupmember_form.php?mb_id='.$mb_id);
}