firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

충돌수정

Browse Source
This commit is contained in:
thisgun
2021-01-04 18:23:53 +09:00
parent 27e9af5e42 b2ec5d7ef2
commit 4b4a63a1a1
26 changed files with 140 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
adm/board_form.php
View File

@ -241,7 +241,7 @@ $pg_anchor = '<ul class="anchor">
<tr>
<th scope="row"><label for="bo_table">TABLE<?php echo $sound_only ?></label></th>
<td colspan="2">
<input type="text" name="bo_table" value="<?php echo $board['bo_table'] ?>" id="bo_table" <?php echo $required ?> <?php echo $readonly ?> class="frm_input <?php echo $reaonly ?> <?php echo $required ?> <?php echo $required_valid ?>" maxlength="20">
<input type="text" name="bo_table" value="<?php echo $board['bo_table'] ?>" id="bo_table" <?php echo $required ?> <?php echo $readonly ?> class="frm_input <?php echo $readonly ?> <?php echo $required ?> <?php echo $required_valid ?>" maxlength="20">
<?php if ($w == '') { ?>
영문자, 숫자, _ 만 가능 (공백없이 20자 이내)
<?php } else { ?>

5
adm/index.php
View File

@ -100,11 +100,6 @@ $colspan = 12;
$mb_nick = get_sideview($row['mb_id'], get_text($row['mb_nick']), $row['mb_email'], $row['mb_homepage']);
$mb_id = $row['mb_id'];
if ($row['mb_leave_date'])
$mb_id = $mb_id;
else if ($row['mb_intercept_date'])
$mb_id = $mb_id;
?>
<tr>
<td class="td_mbid"><?php echo $mb_id ?></td>

11
bbs/ajax.write.token.php Normal file
View File

@ -0,0 +1,11 @@
<?php
include_once('./_common.php');
include_once(G5_LIB_PATH.'/json.lib.php');
$token_case = isset($_POST['token_case']) ? preg_replace('/[^0-9a-z_]/i', '', $_POST['token_case']) : '';
if( $token_case ){
$token = _token();
set_session('ss_'.$token_case.'_token', $token);
die(json_encode(array('error'=>'', 'token'=>$token, 'url'=>'')));
}

2
bbs/delete.php
View File

@ -9,6 +9,8 @@ if (!($token && $delete_token == $token))
//$wr = sql_fetch(" select * from $write_table where wr_id = '$wr_id' ");
$count_write = $count_comment = 0;
@include_once($board_skin_path.'/delete.head.skin.php');
if ($is_admin == 'super') // 최고관리자 통과

7
bbs/qadelete.php
View File

@ -4,11 +4,14 @@ include_once('./_common.php');
if($is_guest)
alert('회원이시라면 로그인 후 이용해 주십시오.', G5_URL);
$token = isset($_REQUEST['token']) ? clean_xss_tags($_REQUEST['token'], 1, 1) : '';
$qa_id = isset($_REQUEST['qa_id']) ? (int) $_REQUEST['qa_id'] : 0;
$delete_token = get_session('ss_qa_delete_token');
set_session('ss_qa_delete_token', '');
//관리자가 아닌경우에는 토큰을 검사합니다.
if (!$is_admin && !($token && $delete_token == $token))
//모든 회원의 토큰을 검사합니다.
if (!($token && $delete_token === $token))
alert('토큰 에러로 삭제 불가합니다.');
$tmp_array = array();

7
bbs/qalist.php
View File

@ -6,6 +6,12 @@ if($is_guest)
$qaconfig = get_qa_config();
$token = '';
if( $is_admin ){
$token = _token();
set_session('ss_qa_delete_token', $token);
}
$g5['title'] = $qaconfig['qa_title'];
include_once('./qahead.php');
@ -13,6 +19,7 @@ $skin_file = $qa_skin_path.'/list.skin.php';
$is_auth = $is_admin ? true : false;
$category_option = '';
if ($qaconfig['qa_category']) {
$category_href = G5_BBS_URL.'/qalist.php';

7
bbs/qaview.php
View File

@ -10,6 +10,9 @@ if($is_guest)
$qaconfig = get_qa_config();
$content = '';
$token = _token();
set_session('ss_qa_delete_token', $token);
$g5['title'] = $qaconfig['qa_title'];
include_once('./qahead.php');
@ -110,9 +113,9 @@ if(is_file($skin_file)) {
$update_href = G5_BBS_URL.'/qawrite.php?w=u&amp;qa_id='.$view['qa_id'].$qstr;
}
*/
if(($view['qa_type'] && $is_admin) || (!$view['qa_type'] && $view['qa_status'] == 0)) {
$update_href = G5_BBS_URL.'/qawrite.php?w=u&amp;qa_id='.$view['qa_id'].$qstr;
set_session('ss_qa_delete_token', $token = uniqid(time()));
$delete_href = G5_BBS_URL.'/qadelete.php?qa_id='.$view['qa_id'].'&amp;token='.$token.$qstr;
}
@ -129,7 +132,7 @@ if(is_file($skin_file)) {
if($is_admin) {
$answer_update_href = G5_BBS_URL.'/qawrite.php?w=u&amp;qa_id='.$answer['qa_id'].$qstr;
$answer_delete_href = G5_BBS_URL.'/qadelete.php?qa_id='.$answer['qa_id'].$qstr;
$answer_delete_href = G5_BBS_URL.'/qadelete.php?qa_id='.$answer['qa_id'].'&amp;token='.$token.$qstr;
}
}

2
bbs/qawrite.php
View File

@ -13,6 +13,8 @@ if($is_guest)
alert('회원이시라면 로그인 후 이용해 보십시오.', './login.php?url='.urlencode(G5_BBS_URL.'/qalist.php'));
$qaconfig = get_qa_config();
$token = _token();
set_session('ss_qa_write_token', $token);
$g5['title'] = $qaconfig['qa_title'];
include_once('./qahead.php');

9
bbs/qawrite_update.php
View File

@ -12,6 +12,15 @@ if($is_guest)
$msg = array();
$write_token = get_session('ss_qa_write_token');
set_session('ss_qa_write_token', '');
$token = isset($_POST['token']) ? clean_xss_tags($_POST['token'], 1, 1) : '';
//모든 회원의 토큰을 검사합니다.
if (!($token && $write_token === $token))
alert('토큰 에러로 삭제 불가합니다.');
// 1:1문의 설정값
$qaconfig = get_qa_config();
$qa_id = isset($_POST['qa_id']) ? (int) $_POST['qa_id'] : 0;

2
config.php
View File

@ -5,7 +5,7 @@
********************/
define('G5_VERSION', '그누보드5');
define('G5_GNUBOARD_VER', '5.4.3.1');
define('G5_GNUBOARD_VER', '5.4.4');
define('G5_YOUNGCART_VER', '5.4.3.1');
// 이 상수가 정의되지 않으면 각각의 개별 페이지는 별도로 실행될 수 없음

6
lib/common.lib.php
View File

@ -2549,6 +2549,7 @@ class html_process {
// 현재접속자 처리
$tmp_sql = " select count(*) as cnt from {$g5['login_table']} where lo_ip = '{$_SERVER['REMOTE_ADDR']}' ";
$tmp_row = sql_fetch($tmp_sql);
$http_host = isset($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : $_SERVER['SERVER_NAME'];
if ($tmp_row['cnt']) {
$tmp_sql = " update {$g5['login_table']} set mb_id = '{$member['mb_id']}', lo_datetime = '".G5_TIME_YMDHIS."', lo_location = '{$g5['lo_location']}', lo_url = '{$g5['lo_url']}' where lo_ip = '{$_SERVER['REMOTE_ADDR']}' ";
@ -2613,8 +2614,9 @@ class html_process {
foreach($scripts as $js) {
if(!trim($js[1]))
continue;
$js[1] = preg_replace('#\.js([\'\"]?>)<\/script>$#i', '.js?ver='.G5_JS_VER.'$1</script>', $js[1]);
$add_version_str = (stripos($js[1], $http_host) !== false) ? '?ver='.G5_JS_VER : '';
$js[1] = preg_replace('#\.js([\'\"]?>)<\/script>$#i', '.js'.$add_version_str.'$1</script>', $js[1]);
$javascript .= $php_eol.$js[1];
$php_eol = PHP_EOL;

1
mobile/skin/qa/basic/list.skin.php
View File

@ -45,6 +45,7 @@ add_stylesheet('<link rel="stylesheet" href="'.$qa_skin_url.'/style.css">', 0);
<input type="hidden" name="stx" value="<?php echo $stx; ?>">
<input type="hidden" name="sca" value="<?php echo $sca; ?>">
<input type="hidden" name="page" value="<?php echo $page; ?>">
<input type="hidden" name="token" value="<?php echo get_text($token); ?>">
<?php if ($is_checkbox) { ?>
<div class="all_chk chk_box">

20
mobile/skin/qa/basic/write.skin.php
View File

@ -13,6 +13,7 @@ add_stylesheet('<link rel="stylesheet" href="'.$qa_skin_url.'/style.css">', 0);
<input type="hidden" name="sca" value="<?php echo $sca ?>">
<input type="hidden" name="stx" value="<?php echo $stx ?>">
<input type="hidden" name="page" value="<?php echo $page ?>">
<input type="hidden" name="token" value="<?php echo $token ?>">
<?php
$option = '';
$option_hidden = '';
@ -173,6 +174,25 @@ add_stylesheet('<link rel="stylesheet" href="'.$qa_skin_url.'/style.css">', 0);
}
<?php } ?>
$.ajax({
type: "POST",
url: g5_bbs_url+"/ajax.write.token.php",
data: { 'token_case' : 'qa_write' },
cache: false,
async: false,
dataType: "json",
success: function(data) {
if (typeof data.token !== "undefined") {
token = data.token;
if(typeof f.token === "undefined")
$(f).prepend('<input type="hidden" name="token" value="">');
$(f).find("input[name=token]").val(token);
}
}
});
document.getElementById("btn_submit").disabled = "disabled";
return true;

2
mobile/skin/social/social_login.skin.php
View File

@ -41,7 +41,7 @@ add_stylesheet('<link rel="stylesheet" href="'.get_social_skin_url().'/style.css
<?php if( social_service_check('google') ) { //구글 로그인을 사용한다면 ?>
<a href="<?php echo $self_url;?>?provider=google&amp;url=<?php echo $urlencode;?>" class="sns-icon social_link sns-google" title="구글">
<span class="ico"></span>
<span class="txt"><i> Sign in with Google</i></span>
<span class="txt">구글<i> 로그인</i></span>
</a>
<?php } //end if ?>
<?php if( social_service_check('twitter') ) { //트위터 로그인을 사용한다면 ?>

2
mobile/skin/social/social_outlogin.skin.1.php
View File

@ -41,7 +41,7 @@ add_stylesheet('<link rel="stylesheet" href="'.get_social_skin_url().'/style.css
<?php if( social_service_check('google') ) { //구글 로그인을 사용한다면 ?>
<a href="<?php echo $self_url;?>?provider=google&amp;url=<?php echo $urlencode;?>" class="sns-icon social_link sns-google" title="구글">
<span class="ico"></span>
<span class="txt"><i> Sign in with Google</i></span>
<span class="txt">구글<i> 로그인</i></span>
</a>
<?php } //end if ?>
<?php if( social_service_check('twitter') ) { //트위터 로그인을 사용한다면 ?>

4
mobile/skin/social/social_register.skin.php
View File

@ -42,13 +42,13 @@ add_stylesheet('<link rel="stylesheet" href="'.get_social_skin_url().'/style.css
<?php if( social_service_check('google') ) { //구글 로그인을 사용한다면 ?>
<a href="<?php echo $self_url;?>?provider=google&amp;url=<?php echo $urlencode;?>" class="sns-icon social_link sns-google" title="구글">
<span class="ico"></span>
<span class="txt"><i> Sign in with Google</i></span>
<span class="txt">구글<i> 로그인</i></span>
</a>
<?php } //end if ?>
<?php if( social_service_check('twitter') ) { //트위터 로그인을 사용한다면 ?>
<a href="<?php echo $self_url;?>?provider=twitter&amp;url=<?php echo $urlencode;?>" class="sns-icon social_link sns-twitter" title="트위터">
<span class="ico"></span>
<span class="txt">트위터+<i> 트위터</i></span>
<span class="txt">트위터<i> 트위터</i></span>
</a>
<?php } //end if ?>
<?php if( social_service_check('payco') ) { //페이코 로그인을 사용한다면 ?>

3
plugin/lgxpay/lgdacom/XPayClient.php
View File

@ -862,7 +862,8 @@ class XPayClient
{
curl_close($this->ch);
}
function GetTimeStamp()
function GetTimeStamp()
{
$Result = "";
$Result = date("YmdHis");

1
skin/qa/basic/list.skin.php
View File

@ -72,6 +72,7 @@ add_stylesheet('<link rel="stylesheet" href="'.$qa_skin_url.'/style.css">', 0);
<input type="hidden" name="stx" value="<?php echo $stx; ?>">
<input type="hidden" name="sca" value="<?php echo $sca; ?>">
<input type="hidden" name="page" value="<?php echo $page; ?>">
<input type="hidden" name="token" value="<?php echo get_text($token); ?>">
<div class="tbl_head01 tbl_wrap">
<table>

20
skin/qa/basic/write.skin.php
View File

@ -14,6 +14,7 @@ add_stylesheet('<link rel="stylesheet" href="'.$qa_skin_url.'/style.css">', 0);
<input type="hidden" name="sca" value="<?php echo $sca ?>">
<input type="hidden" name="stx" value="<?php echo $stx ?>">
<input type="hidden" name="page" value="<?php echo $page ?>">
<input type="hidden" name="token" value="<?php echo $token ?>">
<?php
$option = '';
$option_hidden = '';
@ -166,6 +167,25 @@ add_stylesheet('<link rel="stylesheet" href="'.$qa_skin_url.'/style.css">', 0);
}
<?php } ?>
$.ajax({
type: "POST",
url: g5_bbs_url+"/ajax.write.token.php",
data: { 'token_case' : 'qa_write' },
cache: false,
async: false,
dataType: "json",
success: function(data) {
if (typeof data.token !== "undefined") {
token = data.token;
if(typeof f.token === "undefined")
$(f).prepend('<input type="hidden" name="token" value="">');
$(f).find("input[name=token]").val(token);
}
}
});
document.getElementById("btn_submit").disabled = "disabled";
return true;

2
skin/social/social_login.skin.php
View File

@ -41,7 +41,7 @@ add_stylesheet('<link rel="stylesheet" href="'.get_social_skin_url().'/style.css
<?php if( social_service_check('google') ) { //구글 로그인을 사용한다면 ?>
<a href="<?php echo $self_url;?>?provider=google&amp;url=<?php echo $urlencode;?>" class="sns-icon social_link sns-google" title="구글">
<span class="ico"></span>
<span class="txt"><i> Sign in with Google</i></span>
<span class="txt">구글<i> 로그인</i></span>
</a>
<?php } //end if ?>
<?php if( social_service_check('twitter') ) { //트위터 로그인을 사용한다면 ?>

2
skin/social/social_outlogin.skin.1.php
View File

@ -41,7 +41,7 @@ add_stylesheet('<link rel="stylesheet" href="'.get_social_skin_url().'/style.css
<?php if( social_service_check('google') ) { //구글 로그인을 사용한다면 ?>
<a href="<?php echo $self_url;?>?provider=google&amp;url=<?php echo $urlencode;?>" class="sns-icon social_link sns-google" title="구글">
<span class="ico"></span>
<span class="txt"><i> Sign in with Google</i></span>
<span class="txt">구글<i> 로그인</i></span>
</a>
<?php } //end if ?>
<?php if( social_service_check('twitter') ) { //트위터 로그인을 사용한다면 ?>

2
skin/social/social_register.skin.php
View File

@ -43,7 +43,7 @@ add_stylesheet('<link rel="stylesheet" href="'.get_social_skin_url().'/style.css
<?php if( social_service_check('google') ) { //구글 로그인을 사용한다면 ?>
<a href="<?php echo $self_url;?>?provider=google&amp;url=<?php echo $urlencode;?>" class="sns-icon social_link sns-google" title="구글">
<span class="ico"></span>
<span class="txt">Sign in with Google</span>
<span class="txt">구글로 회원가입하기</span>
</a>
<?php } //end if ?>
<?php if( social_service_check('twitter') ) { //트위터 로그인을 사용한다면 ?>

1
theme/basic/mobile/skin/qa/basic/list.skin.php
View File

@ -45,6 +45,7 @@ add_stylesheet('<link rel="stylesheet" href="'.$qa_skin_url.'/style.css">', 0);
<input type="hidden" name="stx" value="<?php echo $stx; ?>">
<input type="hidden" name="sca" value="<?php echo $sca; ?>">
<input type="hidden" name="page" value="<?php echo $page; ?>">
<input type="hidden" name="token" value="<?php echo get_text($token); ?>">
<?php if ($is_checkbox) { ?>
<div class="all_chk chk_box">

20
theme/basic/mobile/skin/qa/basic/write.skin.php
View File

@ -13,6 +13,7 @@ add_stylesheet('<link rel="stylesheet" href="'.$qa_skin_url.'/style.css">', 0);
<input type="hidden" name="sca" value="<?php echo $sca ?>">
<input type="hidden" name="stx" value="<?php echo $stx ?>">
<input type="hidden" name="page" value="<?php echo $page ?>">
<input type="hidden" name="token" value="<?php echo $token ?>">
<?php
$option = '';
$option_hidden = '';
@ -173,6 +174,25 @@ add_stylesheet('<link rel="stylesheet" href="'.$qa_skin_url.'/style.css">', 0);
}
<?php } ?>
$.ajax({
type: "POST",
url: g5_bbs_url+"/ajax.write.token.php",
data: { 'token_case' : 'qa_write' },
cache: false,
async: false,
dataType: "json",
success: function(data) {
if (typeof data.token !== "undefined") {
token = data.token;
if(typeof f.token === "undefined")
$(f).prepend('<input type="hidden" name="token" value="">');
$(f).find("input[name=token]").val(token);
}
}
});
document.getElementById("btn_submit").disabled = "disabled";
return true;

1
theme/basic/skin/qa/basic/list.skin.php
View File

@ -72,6 +72,7 @@ add_stylesheet('<link rel="stylesheet" href="'.$qa_skin_url.'/style.css">', 0);
<input type="hidden" name="stx" value="<?php echo $stx; ?>">
<input type="hidden" name="sca" value="<?php echo $sca; ?>">
<input type="hidden" name="page" value="<?php echo $page; ?>">
<input type="hidden" name="token" value="<?php echo get_text($token); ?>">
<div class="tbl_head01 tbl_wrap">
<table>

20
theme/basic/skin/qa/basic/write.skin.php
View File

@ -14,6 +14,7 @@ add_stylesheet('<link rel="stylesheet" href="'.$qa_skin_url.'/style.css">', 0);
<input type="hidden" name="sca" value="<?php echo $sca ?>">
<input type="hidden" name="stx" value="<?php echo $stx ?>">
<input type="hidden" name="page" value="<?php echo $page ?>">
<input type="hidden" name="token" value="<?php echo $token ?>">
<?php
$option = '';
$option_hidden = '';
@ -166,6 +167,25 @@ add_stylesheet('<link rel="stylesheet" href="'.$qa_skin_url.'/style.css">', 0);
}
<?php } ?>
$.ajax({
type: "POST",
url: g5_bbs_url+"/ajax.write.token.php",
data: { 'token_case' : 'qa_write' },
cache: false,
async: false,
dataType: "json",
success: function(data) {
if (typeof data.token !== "undefined") {
token = data.token;
if(typeof f.token === "undefined")
$(f).prepend('<input type="hidden" name="token" value="">');
$(f).find("input[name=token]").val(token);
}
}
});
document.getElementById("btn_submit").disabled = "disabled";
return true;