From 74ea8e651a0b93f56a4db1bbbc838b481d71cae3 Mon Sep 17 00:00:00 2001 From: thisgun Date: Thu, 26 Nov 2020 16:49:26 +0900 Subject: [PATCH 01/11] =?UTF-8?q?=EA=B2=8C=EC=8B=9C=ED=8C=90=20=EA=B4=80?= =?UTF-8?q?=EB=A6=AC=EC=9E=90=EC=97=90=EC=84=9C=20=EA=B2=8C=EC=8B=9C?= =?UTF-8?q?=ED=8C=90=20=EB=B3=B5=EC=82=AC=EC=8B=9C=20=EB=88=84=EB=9D=BD?= =?UTF-8?q?=EB=90=9C=20=ED=95=84=EB=93=9C(=EB=AA=A9=EB=A1=9D=EC=97=90?= =?UTF-8?q?=EC=84=9C=20=ED=8C=8C=EC=9D=BC=20=EC=82=AC=EC=9A=A9)=20?= =?UTF-8?q?=EC=B6=94=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- adm/board_copy_update.php | 1 + 1 file changed, 1 insertion(+) diff --git a/adm/board_copy_update.php b/adm/board_copy_update.php index 7a44a9c48..30b37b59f 100644 --- a/adm/board_copy_update.php +++ b/adm/board_copy_update.php @@ -74,6 +74,7 @@ $sql = " insert into {$g5['board_table']} bo_use_ip_view = '{$board['bo_use_ip_view']}', bo_use_list_view = '{$board['bo_use_list_view']}', bo_use_list_content = '{$board['bo_use_list_content']}', + bo_use_list_file = '{$board['bo_use_list_file']}', bo_table_width = '{$board['bo_table_width']}', bo_subject_len = '{$board['bo_subject_len']}', bo_mobile_subject_len = '{$board['bo_mobile_subject_len']}', From c7092ee1b331a1642e5310ff2331437c7f4ee2ce Mon Sep 17 00:00:00 2001 From: thisgun Date: Thu, 26 Nov 2020 18:34:40 +0900 Subject: [PATCH 02/11] =?UTF-8?q?=ED=8C=8C=EB=9D=BC=EB=AF=B8=ED=84=B0?= =?UTF-8?q?=EA=B0=80=20=EB=B0=B0=EC=97=B4=EC=9D=BC=20=EA=B2=BD=EC=9A=B0=20?= =?UTF-8?q?get=5Fparams=5Fmerge=5Furl=20=ED=95=A8=EC=88=98=20=EC=BD=94?= =?UTF-8?q?=EB=93=9C=20=EA=B0=9C=EC=84=A0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- lib/common.lib.php | 53 +++++++++++++++++++++++++++++----------------- 1 file changed, 33 insertions(+), 20 deletions(-) diff --git a/lib/common.lib.php b/lib/common.lib.php index 29ce6d4b6..82f5207b3 100644 --- a/lib/common.lib.php +++ b/lib/common.lib.php @@ -3353,6 +3353,11 @@ function clean_query_string($query, $amp=true) $q = array(); foreach($out as $key=>$val) { + if(($key && is_array($key)) || ($val && is_array($val))){ + $q[$key] = $val; + continue; + } + $key = strip_tags(trim($key)); $val = trim($val); @@ -3426,33 +3431,41 @@ function clean_query_string($query, $amp=true) return $str; } -function get_params_merge_url($params){ - $p = @parse_url(G5_URL); - $href = $p['scheme'].'://'.$p['host']; - if(isset($p['port']) && $p['port']) - $href .= ':'.$p['port']; - - if( $tmp = explode('?', $_SERVER['REQUEST_URI']) ){ - if( isset($tmp[0]) && $tmp[0] ) +function get_params_merge_url($params, $url=''){ + $str_url = $url ? $url : G5_URL; + $p = @parse_url($str_url); + $href = (isset($p['scheme']) ? "{$p['scheme']}://" : '') + . (isset($p['user']) ? $p['user'] + . (isset($p['pass']) ? ":{$p['pass']}" : '').'@' : '') + . (isset($p['host']) ? $p['host'] : '') + . ((isset($p['path']) && $url) ? $p['path'] : '') + . ((isset($p['port']) && $p['port']) ? ":{$p['port']}" : ''); + + $ori_params = ''; + if( $url ){ + $ori_params = !empty($p['query']) ? $p['query'] : ''; + } else if( $tmp = explode('?', $_SERVER['REQUEST_URI']) ){ + if( isset($tmp[0]) && $tmp[0] ) { $href .= $tmp[0]; - } - $q = array(); - if($_SERVER['QUERY_STRING']) { - foreach($_GET as $key=>$val) { - $key = strip_tags($key); - $val = strip_tags($val); - - if($key && $val) - $q[$key] = $val; + $ori_params = $tmp[1]; + } + if( $freg = strstr($ori_params, '#') ) { + $p['fragment'] = preg_replace('/^#/', '', $freg); } } - - if( is_array($params) ){ + + $q = array(); + if( $ori_params ){ + parse_str( $ori_params, $q ); + } + + if( is_array($params) && $params ){ $q = array_merge($q, $params); } $query = http_build_query($q, '', '&'); - $href .= '?'.$query; + $qc = (strpos( $href, '?' ) !== false) ? '&' : '?'; + $href .= $qc.$query.(isset($p['fragment']) ? "#{$p['fragment']}" : ''); return $href; } From ec32a2b066b63ca6dcf5643b8224b8c3ea4d5dc1 Mon Sep 17 00:00:00 2001 From: whitedot Date: Thu, 3 Dec 2020 18:19:30 +0900 Subject: [PATCH 03/11] =?UTF-8?q?=EA=B2=8C=EC=8B=9C=ED=8C=90=20:=20?= =?UTF-8?q?=EC=8A=A4=ED=83=80=EC=9D=BC=EC=8B=9C=ED=8A=B8=20=EA=B8=B0?= =?UTF-8?q?=EB=B3=B8=EC=8A=A4=ED=83=80=EC=9D=BC=20(=ED=8A=B9=ED=9E=88=20?= =?UTF-8?q?=EB=B2=84=ED=8A=BC)=20=EB=B3=B5=EA=B5=AC=20ff2e30cd5935baf67527?= =?UTF-8?q?bb4ff1548edef473f783?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- skin/board/basic/style.css | 5 ++++- skin/board/gallery/style.css | 4 +++- theme/basic/skin/board/basic/style.css | 5 ++++- theme/basic/skin/board/gallery/style.css | 4 +++- 4 files changed, 14 insertions(+), 4 deletions(-) diff --git a/skin/board/basic/style.css b/skin/board/basic/style.css index 46cb1018e..0cf2d24d8 100644 --- a/skin/board/basic/style.css +++ b/skin/board/basic/style.css @@ -19,6 +19,7 @@ #bo_list .txt_expired {color:#ccc} #bo_list tbody tr {border-left:2px solid transparent} #bo_list tbody tr:hover {border-left:2px solid #253dbe} +#bo_list tbody .even td {background:#fbfbfb} #bo_cate {margin:25px 0} #bo_cate h2 {position:absolute;font-size:0;line-height:0;overflow:hidden} @@ -335,4 +336,6 @@ box-shadow:inset 0 1px 2px rgba(0, 0, 0, 0.1)} #bo_w .bo_w_flie .file_wr {position:relative;border:1px solid #ccc;background:#fff;color:#000;vertical-align:middle;border-radius:3px;padding:5px;height:40px;margin:0} #bo_w .bo_w_flie .frm_input {margin:10px 0 0} #bo_w .bo_w_flie .file_del {position:absolute;top:10px;right:10px;font-size:0.92em;color:#7d7d7d} -#bo_w .bo_w_select select {border:1px solid #d0d3db;width:100%;height:40px;border-radius:3px} \ No newline at end of file +#bo_w .bo_w_select select {border:1px solid #d0d3db;width:100%;height:40px;border-radius:3px} +#bo_w .btn_submit {padding:0 20px;font-size:1.167em} +#bo_w .btn_cancel {border-radius:3px;font-size:1.167em} \ No newline at end of file diff --git a/skin/board/gallery/style.css b/skin/board/gallery/style.css index a9fe37a5d..763ee44d2 100644 --- a/skin/board/gallery/style.css +++ b/skin/board/gallery/style.css @@ -370,4 +370,6 @@ box-shadow:inset 0 1px 2px rgba(0, 0, 0, 0.1)} #bo_w .bo_w_flie .file_wr {position:relative;border:1px solid #ccc;background:#fff;color:#000;vertical-align:middle;border-radius:3px;padding:5px;height:40px;margin:0} #bo_w .bo_w_flie .frm_input {margin:10px 0 0} #bo_w .bo_w_flie .file_del {position:absolute;top:10px;right:10px;font-size:0.92em;color:#7d7d7d} -#bo_w .bo_w_select select {border:1px solid #d0d3db;width:100%;height:40px;border-radius:3px} \ No newline at end of file +#bo_w .bo_w_select select {border:1px solid #d0d3db;width:100%;height:40px;border-radius:3px} +#bo_w .btn_submit {padding:0 20px;font-size:1.167em} +#bo_w .btn_cancel {border-radius:3px;font-size:1.167em} \ No newline at end of file diff --git a/theme/basic/skin/board/basic/style.css b/theme/basic/skin/board/basic/style.css index 46cb1018e..0cf2d24d8 100644 --- a/theme/basic/skin/board/basic/style.css +++ b/theme/basic/skin/board/basic/style.css @@ -19,6 +19,7 @@ #bo_list .txt_expired {color:#ccc} #bo_list tbody tr {border-left:2px solid transparent} #bo_list tbody tr:hover {border-left:2px solid #253dbe} +#bo_list tbody .even td {background:#fbfbfb} #bo_cate {margin:25px 0} #bo_cate h2 {position:absolute;font-size:0;line-height:0;overflow:hidden} @@ -335,4 +336,6 @@ box-shadow:inset 0 1px 2px rgba(0, 0, 0, 0.1)} #bo_w .bo_w_flie .file_wr {position:relative;border:1px solid #ccc;background:#fff;color:#000;vertical-align:middle;border-radius:3px;padding:5px;height:40px;margin:0} #bo_w .bo_w_flie .frm_input {margin:10px 0 0} #bo_w .bo_w_flie .file_del {position:absolute;top:10px;right:10px;font-size:0.92em;color:#7d7d7d} -#bo_w .bo_w_select select {border:1px solid #d0d3db;width:100%;height:40px;border-radius:3px} \ No newline at end of file +#bo_w .bo_w_select select {border:1px solid #d0d3db;width:100%;height:40px;border-radius:3px} +#bo_w .btn_submit {padding:0 20px;font-size:1.167em} +#bo_w .btn_cancel {border-radius:3px;font-size:1.167em} \ No newline at end of file diff --git a/theme/basic/skin/board/gallery/style.css b/theme/basic/skin/board/gallery/style.css index a9fe37a5d..763ee44d2 100644 --- a/theme/basic/skin/board/gallery/style.css +++ b/theme/basic/skin/board/gallery/style.css @@ -370,4 +370,6 @@ box-shadow:inset 0 1px 2px rgba(0, 0, 0, 0.1)} #bo_w .bo_w_flie .file_wr {position:relative;border:1px solid #ccc;background:#fff;color:#000;vertical-align:middle;border-radius:3px;padding:5px;height:40px;margin:0} #bo_w .bo_w_flie .frm_input {margin:10px 0 0} #bo_w .bo_w_flie .file_del {position:absolute;top:10px;right:10px;font-size:0.92em;color:#7d7d7d} -#bo_w .bo_w_select select {border:1px solid #d0d3db;width:100%;height:40px;border-radius:3px} \ No newline at end of file +#bo_w .bo_w_select select {border:1px solid #d0d3db;width:100%;height:40px;border-radius:3px} +#bo_w .btn_submit {padding:0 20px;font-size:1.167em} +#bo_w .btn_cancel {border-radius:3px;font-size:1.167em} \ No newline at end of file From 582d1a01f44560c5b1063bb5340cce2f2dbf0a4e Mon Sep 17 00:00:00 2001 From: thisgun Date: Mon, 4 Jan 2021 15:33:29 +0900 Subject: [PATCH 04/11] =?UTF-8?q?php8.0=20=EB=B2=84=EC=A0=84=20=ED=98=B8?= =?UTF-8?q?=ED=99=98=20=EC=BD=94=EB=93=9C=20=EC=A0=81=EC=9A=A9=20=EB=B0=8F?= =?UTF-8?q?=20PHP=20=EB=81=9D=20=ED=83=9C=EA=B7=B8=20=EC=82=AD=EC=A0=9C=20?= =?UTF-8?q?=EC=9D=BC=EA=B4=84=EC=A0=81=EC=9A=A9?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- _common.php | 3 +- _head.php | 3 +- _tail.php | 3 +- adm/_common.php | 3 +- adm/admin.head.php | 16 +- adm/admin.lib.php | 21 +- adm/admin.menu100.php | 3 +- adm/admin.menu200.php | 3 +- adm/admin.menu300.php | 3 +- adm/admin.menu900.php | 3 +- adm/admin.tail.php | 3 +- adm/ajax.token.php | 3 +- adm/ajax.use_captcha.php | 3 +- adm/auth_list.php | 3 +- adm/auth_list_delete.php | 10 +- adm/auth_update.php | 20 +- adm/board_copy.php | 5 +- adm/board_copy_update.php | 7 +- adm/board_delete.inc.php | 3 +- adm/board_form.php | 58 +- adm/board_form_update.php | 280 +- adm/board_list.php | 13 +- adm/board_list_update.php | 73 +- adm/board_thumbnail_delete.php | 5 +- adm/boardgroup_form.php | 18 +- adm/boardgroup_form_update.php | 82 +- adm/boardgroup_list.php | 13 +- adm/boardgroup_list_update.php | 22 +- adm/boardgroupmember_form.php | 11 +- adm/boardgroupmember_list.php | 7 +- adm/boardgroupmember_update.php | 7 +- adm/browscap.php | 3 +- adm/browscap_convert.php | 5 +- adm/browscap_converter.php | 3 +- adm/browscap_update.php | 3 +- adm/cache_file_delete.php | 3 +- adm/captcha_file_delete.php | 3 +- adm/config_form.php | 10 +- adm/config_form_update.php | 156 +- adm/contentform.php | 16 +- adm/contentformupdate.php | 13 +- adm/contentlist.php | 5 +- adm/dbupgrade.php | 5 +- adm/faqform.php | 11 +- adm/faqformupdate.php | 13 +- adm/faqlist.php | 9 +- adm/faqmasterform.php | 11 +- adm/faqmasterformupdate.php | 21 +- adm/faqmasterlist.php | 5 +- adm/index.php | 5 +- adm/mail_delete.php | 9 +- adm/mail_form.php | 10 +- adm/mail_list.php | 5 +- adm/mail_preview.php | 4 +- adm/mail_select_form.php | 21 +- adm/mail_select_list.php | 5 +- adm/mail_select_update.php | 10 +- adm/mail_test.php | 6 +- adm/mail_update.php | 10 +- adm/member_delete.php | 9 +- adm/member_form.php | 45 +- adm/member_form_update.php | 121 +- adm/member_list.php | 27 +- adm/member_list_delete.php | 5 +- adm/member_list_update.php | 39 +- adm/menu_form.php | 9 +- adm/menu_form_search.php | 6 +- adm/menu_list.php | 8 +- adm/menu_list_update.php | 3 +- adm/newwinform.php | 15 +- adm/newwinformupdate.php | 53 +- adm/newwinlist.php | 5 +- adm/phpinfo.php | 5 +- adm/point_list.php | 11 +- adm/point_list_delete.php | 7 +- adm/point_update.php | 13 +- adm/poll_delete.php | 9 +- adm/poll_form.php | 16 +- adm/poll_form_update.php | 5 +- adm/poll_list.php | 7 +- adm/popular_list.php | 11 +- adm/popular_rank.php | 12 +- adm/qa_config.php | 5 +- adm/qa_config_update.php | 5 +- adm/safe_check.php | 3 +- adm/sendmail_test.php | 5 +- adm/service.php | 5 +- adm/session_file_delete.php | 3 +- adm/sms_admin/_common.php | 3 +- adm/sms_admin/ajax.hp_chk.php | 8 +- adm/sms_admin/ajax.sms_write_form.php | 7 +- adm/sms_admin/ajax.sms_write_group.php | 2 +- adm/sms_admin/ajax.sms_write_level.php | 6 +- adm/sms_admin/ajax.sms_write_person.php | 6 +- adm/sms_admin/config.php | 9 +- adm/sms_admin/config_update.php | 14 +- adm/sms_admin/emoticon_move.php | 5 +- adm/sms_admin/emoticon_move_update.php | 15 +- adm/sms_admin/form_group.php | 11 +- adm/sms_admin/form_group_move.php | 8 +- adm/sms_admin/form_group_update.php | 25 +- adm/sms_admin/form_list.php | 7 +- adm/sms_admin/form_multi_update.php | 9 +- adm/sms_admin/form_update.php | 10 +- adm/sms_admin/form_write.php | 18 +- adm/sms_admin/history_list.php | 9 +- adm/sms_admin/history_num.php | 7 +- adm/sms_admin/history_send.php | 7 +- adm/sms_admin/history_view.php | 13 +- adm/sms_admin/install.php | 7 +- adm/sms_admin/member_update.php | 7 +- adm/sms_admin/member_update_run.php | 9 +- adm/sms_admin/num_book.php | 14 +- adm/sms_admin/num_book_file.php | 5 +- adm/sms_admin/num_book_file_download.php | 60 +- adm/sms_admin/num_book_file_upload.php | 87 +- adm/sms_admin/num_book_move.php | 7 +- adm/sms_admin/num_book_multi_update.php | 11 +- adm/sms_admin/num_book_update.php | 14 +- adm/sms_admin/num_book_write.php | 12 +- adm/sms_admin/num_group.php | 9 +- adm/sms_admin/num_group_move.php | 18 +- adm/sms_admin/num_group_update.php | 29 +- adm/sms_admin/number_move_update.php | 15 +- adm/sms_admin/sms_write.php | 13 +- adm/sms_admin/sms_write_form.php | 4 +- adm/sms_admin/sms_write_overlap_check.php | 7 +- adm/sms_admin/sms_write_send.php | 16 +- adm/theme.php | 3 +- adm/theme_config_load.php | 5 +- adm/theme_preview.php | 5 +- adm/theme_update.php | 14 +- adm/thumbnail_file_delete.php | 3 +- adm/view.php | 3 +- adm/visit_browser.php | 16 +- adm/visit_date.php | 10 +- adm/visit_delete.php | 5 +- adm/visit_delete_update.php | 5 +- adm/visit_device.php | 16 +- adm/visit_domain.php | 19 +- adm/visit_hour.php | 12 +- adm/visit_list.php | 8 +- adm/visit_month.php | 10 +- adm/visit_os.php | 16 +- adm/visit_search.php | 6 +- adm/visit_week.php | 12 +- adm/visit_year.php | 10 +- adm/write_count.php | 14 +- bbs/_common.php | 3 +- bbs/_head.php | 3 +- bbs/_head.sub.php | 3 +- bbs/_tail.php | 3 +- bbs/_tail.sub.php | 3 +- bbs/ajax.autosave.php | 9 +- bbs/ajax.autosavedel.php | 5 +- bbs/ajax.autosavelist.php | 3 +- bbs/ajax.autosaveload.php | 5 +- bbs/ajax.comment_token.php | 3 +- bbs/ajax.filter.php | 7 +- bbs/ajax.mb_email.php | 7 +- bbs/ajax.mb_hp.php | 7 +- bbs/ajax.mb_id.php | 5 +- bbs/ajax.mb_nick.php | 7 +- bbs/ajax.mb_recommend.php | 5 +- bbs/alert.php | 7 +- bbs/alert_close.php | 3 +- bbs/board.php | 5 +- bbs/board_head.php | 3 +- bbs/board_list_update.php | 14 +- bbs/board_tail.php | 3 +- bbs/confirm.php | 12 +- bbs/content.php | 59 +- bbs/current_connect.php | 3 +- bbs/db_table.optimize.php | 3 +- bbs/delete.php | 3 +- bbs/delete_all.php | 5 +- bbs/delete_comment.php | 5 +- bbs/download.php | 7 +- bbs/email_certify.php | 7 +- bbs/email_stop.php | 5 +- bbs/faq.php | 7 +- bbs/formmail.php | 3 +- bbs/formmail_send.php | 3 +- bbs/good.php | 3 +- bbs/group.php | 3 +- bbs/link.php | 5 +- bbs/list.php | 5 +- bbs/login.php | 5 +- bbs/login_check.php | 11 +- bbs/logout.php | 3 +- bbs/member_confirm.php | 5 +- bbs/member_leave.php | 7 +- bbs/memo.php | 5 +- bbs/memo_delete.php | 5 +- bbs/memo_form.php | 5 +- bbs/memo_form_update.php | 5 +- bbs/memo_view.php | 9 +- bbs/move.php | 17 +- bbs/move_update.php | 12 +- bbs/new.php | 3 +- bbs/new_delete.php | 11 +- bbs/newwin.inc.php | 2 +- bbs/password.php | 7 +- bbs/password_check.php | 3 +- bbs/password_lost.php | 3 +- bbs/password_lost2.php | 3 +- bbs/password_lost_certify.php | 7 +- bbs/point.php | 3 +- bbs/poll_etc_update.php | 9 +- bbs/poll_result.php | 17 +- bbs/poll_update.php | 14 +- bbs/profile.php | 3 +- bbs/qadelete.php | 5 +- bbs/qadownload.php | 5 +- bbs/qahead.php | 3 +- bbs/qalist.php | 4 +- bbs/qatail.php | 3 +- bbs/qaview.php | 18 +- bbs/qawrite.php | 8 +- bbs/qawrite_update.php | 32 +- bbs/register.php | 3 +- bbs/register_email.php | 14 +- bbs/register_email_update.php | 7 +- bbs/register_form.php | 11 +- bbs/register_form_update.php | 48 +- bbs/register_result.php | 3 +- bbs/rss.php | 3 +- bbs/scrap.php | 3 +- bbs/scrap_delete.php | 5 +- bbs/scrap_popin.php | 3 +- bbs/scrap_popin_update.php | 5 +- bbs/search.php | 5 +- bbs/sns_send.php | 14 +- bbs/view.php | 7 +- bbs/view_comment.php | 6 +- bbs/view_image.php | 5 +- bbs/visit_browscap.inc.php | 3 +- bbs/visit_insert.inc.php | 11 +- bbs/write.php | 17 +- bbs/write_comment_update.php | 36 +- bbs/write_comment_update.sns.php | 7 +- bbs/write_token.php | 3 +- bbs/write_update.php | 49 +- common.php | 31 +- config.php | 3 +- extend/debugbar.extend.php | 3 +- extend/default.config.php | 3 +- extend/g5_54version_update.extend.php | 3 +- extend/smarteditor_upload_extend.php | 3 +- extend/sms5.extend.php | 5 +- extend/social_login.extend.php | 3 +- extend/user.config.php | 3 +- extend/version.extend.php | 3 +- g4_import.php | 3 +- g4_import_run.php | 13 +- head.php | 2 +- head.sub.php | 3 +- index.php | 3 +- install/ajax.install.check.php | 17 +- install/index.php | 3 +- install/install.function.php | 25 +- install/install.inc.php | 5 +- install/install_config.php | 3 +- install/install_db.php | 21 +- install/library.check.php | 3 +- js/certify.js | 6 +- js/jquery.fancylist.js | 2 +- js/jquery.menu.js | 2 +- lib/Cache/FileCache.class.php | 3 +- lib/Cache/obj.class.php | 4 +- lib/Excel/oleread.inc.php | 3 +- .../class.writeexcel_biffwriter.inc.php | 4 +- .../class.writeexcel_format.inc.php | 4 +- .../class.writeexcel_formula.inc.php | 21 +- .../class.writeexcel_olewriter.inc.php | 4 +- .../class.writeexcel_workbook.inc.php | 4 +- .../class.writeexcel_workbookbig.inc.php | 4 +- .../class.writeexcel_worksheet.inc.php | 4 +- lib/Excel/reader.php | 4 +- lib/Hook/hook.class.php | 4 +- lib/Hook/hook.extends.class.php | 4 +- lib/PHPExcel.php | 1153 +++ lib/PHPExcel/Autoloader.php | 81 + lib/PHPExcel/CachedObjectStorage/APC.php | 290 + .../CachedObjectStorage/CacheBase.php | 368 + lib/PHPExcel/CachedObjectStorage/DiscISAM.php | 208 + lib/PHPExcel/CachedObjectStorage/ICache.php | 103 + lib/PHPExcel/CachedObjectStorage/Igbinary.php | 149 + lib/PHPExcel/CachedObjectStorage/Memcache.php | 308 + lib/PHPExcel/CachedObjectStorage/Memory.php | 118 + .../CachedObjectStorage/MemoryGZip.php | 133 + .../CachedObjectStorage/MemorySerialized.php | 129 + lib/PHPExcel/CachedObjectStorage/PHPTemp.php | 200 + lib/PHPExcel/CachedObjectStorage/SQLite.php | 307 + lib/PHPExcel/CachedObjectStorage/SQLite3.php | 346 + lib/PHPExcel/CachedObjectStorage/Wincache.php | 289 + lib/PHPExcel/CachedObjectStorageFactory.php | 231 + .../CalcEngine/CyclicReferenceStack.php | 94 + lib/PHPExcel/CalcEngine/Logger.php | 151 + lib/PHPExcel/Calculation.php | 4391 ++++++++++ lib/PHPExcel/Calculation/Database.php | 676 ++ lib/PHPExcel/Calculation/DateTime.php | 1553 ++++ lib/PHPExcel/Calculation/Engineering.php | 2650 ++++++ lib/PHPExcel/Calculation/Exception.php | 46 + lib/PHPExcel/Calculation/ExceptionHandler.php | 45 + lib/PHPExcel/Calculation/Financial.php | 2359 +++++ lib/PHPExcel/Calculation/FormulaParser.php | 622 ++ lib/PHPExcel/Calculation/FormulaToken.php | 176 + lib/PHPExcel/Calculation/Function.php | 148 + lib/PHPExcel/Calculation/Functions.php | 760 ++ lib/PHPExcel/Calculation/Logical.php | 285 + lib/PHPExcel/Calculation/LookupRef.php | 879 ++ lib/PHPExcel/Calculation/MathTrig.php | 1459 ++++ lib/PHPExcel/Calculation/Statistical.php | 3745 ++++++++ lib/PHPExcel/Calculation/TextData.php | 651 ++ lib/PHPExcel/Calculation/Token/Stack.php | 111 + lib/PHPExcel/Calculation/functionlist.txt | 351 + lib/PHPExcel/Cell.php | 1032 +++ lib/PHPExcel/Cell/AdvancedValueBinder.php | 187 + lib/PHPExcel/Cell/DataType.php | 115 + lib/PHPExcel/Cell/DataValidation.php | 492 ++ lib/PHPExcel/Cell/DefaultValueBinder.php | 102 + lib/PHPExcel/Cell/Hyperlink.php | 124 + lib/PHPExcel/Cell/IValueBinder.php | 47 + lib/PHPExcel/Chart.php | 680 ++ lib/PHPExcel/Chart/Axis.php | 561 ++ lib/PHPExcel/Chart/DataSeries.php | 390 + lib/PHPExcel/Chart/DataSeriesValues.php | 333 + lib/PHPExcel/Chart/Exception.php | 46 + lib/PHPExcel/Chart/GridLines.php | 472 + lib/PHPExcel/Chart/Layout.php | 486 ++ lib/PHPExcel/Chart/Legend.php | 170 + lib/PHPExcel/Chart/PlotArea.php | 126 + lib/PHPExcel/Chart/Properties.php | 363 + .../Chart/Renderer/PHP Charting Libraries.txt | 20 + lib/PHPExcel/Chart/Renderer/jpgraph.php | 883 ++ lib/PHPExcel/Chart/Title.php | 86 + lib/PHPExcel/Comment.php | 338 + lib/PHPExcel/DocumentProperties.php | 611 ++ lib/PHPExcel/DocumentSecurity.php | 222 + lib/PHPExcel/Exception.php | 54 + lib/PHPExcel/HashTable.php | 204 + lib/PHPExcel/Helper/HTML.php | 808 ++ lib/PHPExcel/IComparable.php | 34 + lib/PHPExcel/IOFactory.php | 289 + lib/PHPExcel/NamedRange.php | 249 + lib/PHPExcel/Reader/Abstract.php | 289 + lib/PHPExcel/Reader/CSV.php | 406 + lib/PHPExcel/Reader/DefaultReadFilter.php | 51 + lib/PHPExcel/Reader/Excel2003XML.php | 801 ++ lib/PHPExcel/Reader/Excel2007.php | 2051 +++++ lib/PHPExcel/Reader/Excel2007/Chart.php | 520 ++ lib/PHPExcel/Reader/Excel2007/Theme.php | 127 + lib/PHPExcel/Reader/Excel5.php | 7594 +++++++++++++++++ lib/PHPExcel/Reader/Excel5/Color.php | 32 + lib/PHPExcel/Reader/Excel5/Color/BIFF5.php | 77 + lib/PHPExcel/Reader/Excel5/Color/BIFF8.php | 77 + lib/PHPExcel/Reader/Excel5/Color/BuiltIn.php | 31 + lib/PHPExcel/Reader/Excel5/ErrorCode.php | 28 + lib/PHPExcel/Reader/Excel5/Escher.php | 669 ++ lib/PHPExcel/Reader/Excel5/MD5.php | 203 + lib/PHPExcel/Reader/Excel5/RC4.php | 81 + lib/PHPExcel/Reader/Excel5/Style/Border.php | 36 + .../Reader/Excel5/Style/FillPattern.php | 41 + lib/PHPExcel/Reader/Exception.php | 46 + lib/PHPExcel/Reader/Gnumeric.php | 850 ++ lib/PHPExcel/Reader/HTML.php | 549 ++ lib/PHPExcel/Reader/IReadFilter.php | 39 + lib/PHPExcel/Reader/IReader.php | 46 + lib/PHPExcel/Reader/OOCalc.php | 696 ++ lib/PHPExcel/Reader/SYLK.php | 478 ++ lib/PHPExcel/ReferenceHelper.php | 913 ++ lib/PHPExcel/RichText.php | 191 + lib/PHPExcel/RichText/ITextElement.php | 56 + lib/PHPExcel/RichText/Run.php | 98 + lib/PHPExcel/RichText/TextElement.php | 105 + lib/PHPExcel/Settings.php | 389 + lib/PHPExcel/Shared/CodePage.php | 156 + lib/PHPExcel/Shared/Date.php | 418 + lib/PHPExcel/Shared/Drawing.php | 270 + lib/PHPExcel/Shared/Escher.php | 83 + lib/PHPExcel/Shared/Escher/DgContainer.php | 75 + .../Escher/DgContainer/SpgrContainer.php | 102 + .../DgContainer/SpgrContainer/SpContainer.php | 388 + lib/PHPExcel/Shared/Escher/DggContainer.php | 196 + .../Escher/DggContainer/BstoreContainer.php | 57 + .../DggContainer/BstoreContainer/BSE.php | 112 + .../DggContainer/BstoreContainer/BSE/Blip.php | 83 + lib/PHPExcel/Shared/Excel5.php | 298 + lib/PHPExcel/Shared/File.php | 180 + lib/PHPExcel/Shared/Font.php | 741 ++ lib/PHPExcel/Shared/JAMA/CHANGELOG.TXT | 16 + .../Shared/JAMA/CholeskyDecomposition.php | 148 + .../Shared/JAMA/EigenvalueDecomposition.php | 864 ++ lib/PHPExcel/Shared/JAMA/LUDecomposition.php | 257 + lib/PHPExcel/Shared/JAMA/Matrix.php | 1159 +++ lib/PHPExcel/Shared/JAMA/QRDecomposition.php | 235 + .../JAMA/SingularValueDecomposition.php | 528 ++ lib/PHPExcel/Shared/JAMA/utils/Error.php | 83 + lib/PHPExcel/Shared/JAMA/utils/Maths.php | 44 + lib/PHPExcel/Shared/OLE.php | 526 ++ .../Shared/OLE/ChainedBlockStream.php | 206 + lib/PHPExcel/Shared/OLE/PPS.php | 230 + lib/PHPExcel/Shared/OLE/PPS/File.php | 74 + lib/PHPExcel/Shared/OLE/PPS/Root.php | 462 + lib/PHPExcel/Shared/OLERead.php | 318 + lib/PHPExcel/Shared/PCLZip/gnu-lgpl.txt | 504 ++ lib/PHPExcel/Shared/PCLZip/pclzip.lib.php | 5173 +++++++++++ lib/PHPExcel/Shared/PCLZip/readme.txt | 421 + lib/PHPExcel/Shared/PasswordHasher.php | 67 + lib/PHPExcel/Shared/String.php | 819 ++ lib/PHPExcel/Shared/TimeZone.php | 144 + lib/PHPExcel/Shared/XMLWriter.php | 124 + lib/PHPExcel/Shared/ZipArchive.php | 163 + lib/PHPExcel/Shared/ZipStreamWrapper.php | 200 + lib/PHPExcel/Shared/trend/bestFitClass.php | 425 + .../Shared/trend/exponentialBestFitClass.php | 138 + .../Shared/trend/linearBestFitClass.php | 102 + .../Shared/trend/logarithmicBestFitClass.php | 110 + .../Shared/trend/polynomialBestFitClass.php | 222 + .../Shared/trend/powerBestFitClass.php | 138 + lib/PHPExcel/Shared/trend/trendClass.php | 147 + lib/PHPExcel/Style.php | 644 ++ lib/PHPExcel/Style/Alignment.php | 464 + lib/PHPExcel/Style/Border.php | 282 + lib/PHPExcel/Style/Borders.php | 429 + lib/PHPExcel/Style/Color.php | 443 + lib/PHPExcel/Style/Conditional.php | 293 + lib/PHPExcel/Style/Fill.php | 322 + lib/PHPExcel/Style/Font.php | 543 ++ lib/PHPExcel/Style/NumberFormat.php | 751 ++ lib/PHPExcel/Style/Protection.php | 204 + lib/PHPExcel/Style/Supervisor.php | 125 + lib/PHPExcel/Worksheet.php | 2968 +++++++ lib/PHPExcel/Worksheet/AutoFilter.php | 846 ++ lib/PHPExcel/Worksheet/AutoFilter/Column.php | 405 + .../Worksheet/AutoFilter/Column/Rule.php | 468 + lib/PHPExcel/Worksheet/BaseDrawing.php | 507 ++ lib/PHPExcel/Worksheet/CellIterator.php | 88 + lib/PHPExcel/Worksheet/Column.php | 86 + lib/PHPExcel/Worksheet/ColumnCellIterator.php | 216 + lib/PHPExcel/Worksheet/ColumnDimension.php | 132 + lib/PHPExcel/Worksheet/ColumnIterator.php | 201 + lib/PHPExcel/Worksheet/Dimension.php | 178 + lib/PHPExcel/Worksheet/Drawing.php | 147 + lib/PHPExcel/Worksheet/Drawing/Shadow.php | 296 + lib/PHPExcel/Worksheet/HeaderFooter.php | 494 ++ .../Worksheet/HeaderFooterDrawing.php | 361 + lib/PHPExcel/Worksheet/MemoryDrawing.php | 201 + lib/PHPExcel/Worksheet/PageMargins.php | 233 + lib/PHPExcel/Worksheet/PageSetup.php | 839 ++ lib/PHPExcel/Worksheet/Protection.php | 581 ++ lib/PHPExcel/Worksheet/Row.php | 86 + lib/PHPExcel/Worksheet/RowCellIterator.php | 225 + lib/PHPExcel/Worksheet/RowDimension.php | 132 + lib/PHPExcel/Worksheet/RowIterator.php | 192 + lib/PHPExcel/Worksheet/SheetView.php | 187 + lib/PHPExcel/WorksheetIterator.php | 108 + lib/PHPExcel/Writer/Abstract.php | 157 + lib/PHPExcel/Writer/CSV.php | 352 + lib/PHPExcel/Writer/Excel2007.php | 533 ++ lib/PHPExcel/Writer/Excel2007/Chart.php | 1520 ++++ lib/PHPExcel/Writer/Excel2007/Comments.php | 260 + .../Writer/Excel2007/ContentTypes.php | 240 + lib/PHPExcel/Writer/Excel2007/DocProps.php | 262 + lib/PHPExcel/Writer/Excel2007/Drawing.php | 589 ++ lib/PHPExcel/Writer/Excel2007/Rels.php | 424 + lib/PHPExcel/Writer/Excel2007/RelsRibbon.php | 67 + lib/PHPExcel/Writer/Excel2007/RelsVBA.php | 63 + lib/PHPExcel/Writer/Excel2007/StringTable.php | 313 + lib/PHPExcel/Writer/Excel2007/Style.php | 696 ++ lib/PHPExcel/Writer/Excel2007/Theme.php | 869 ++ lib/PHPExcel/Writer/Excel2007/Workbook.php | 448 + lib/PHPExcel/Writer/Excel2007/Worksheet.php | 1219 +++ lib/PHPExcel/Writer/Excel2007/WriterPart.php | 75 + lib/PHPExcel/Writer/Excel5.php | 904 ++ lib/PHPExcel/Writer/Excel5/BIFFwriter.php | 246 + lib/PHPExcel/Writer/Excel5/Escher.php | 523 ++ lib/PHPExcel/Writer/Excel5/Font.php | 166 + lib/PHPExcel/Writer/Excel5/Parser.php | 1531 ++++ lib/PHPExcel/Writer/Excel5/Workbook.php | 1444 ++++ lib/PHPExcel/Writer/Excel5/Worksheet.php | 4240 +++++++++ lib/PHPExcel/Writer/Excel5/Xf.php | 557 ++ lib/PHPExcel/Writer/Exception.php | 46 + lib/PHPExcel/Writer/HTML.php | 1612 ++++ lib/PHPExcel/Writer/IWriter.php | 37 + lib/PHPExcel/Writer/OpenDocument.php | 190 + .../Writer/OpenDocument/Cell/Comment.php | 63 + lib/PHPExcel/Writer/OpenDocument/Content.php | 272 + lib/PHPExcel/Writer/OpenDocument/Meta.php | 95 + lib/PHPExcel/Writer/OpenDocument/MetaInf.php | 87 + lib/PHPExcel/Writer/OpenDocument/Mimetype.php | 41 + lib/PHPExcel/Writer/OpenDocument/Settings.php | 76 + lib/PHPExcel/Writer/OpenDocument/Styles.php | 92 + .../Writer/OpenDocument/Thumbnails.php | 41 + .../Writer/OpenDocument/WriterPart.php | 30 + lib/PHPExcel/Writer/PDF.php | 89 + lib/PHPExcel/Writer/PDF/Core.php | 355 + lib/PHPExcel/Writer/PDF/DomPDF.php | 108 + lib/PHPExcel/Writer/PDF/mPDF.php | 118 + lib/PHPExcel/Writer/PDF/tcPDF.php | 123 + lib/PHPExcel/locale/bg/config | 49 + lib/PHPExcel/locale/cs/config | 47 + lib/PHPExcel/locale/cs/functions | 438 + lib/PHPExcel/locale/da/config | 48 + lib/PHPExcel/locale/da/functions | 438 + lib/PHPExcel/locale/de/config | 47 + lib/PHPExcel/locale/de/functions | 438 + lib/PHPExcel/locale/en/uk/config | 32 + lib/PHPExcel/locale/es/config | 47 + lib/PHPExcel/locale/es/functions | 438 + lib/PHPExcel/locale/fi/config | 47 + lib/PHPExcel/locale/fi/functions | 438 + lib/PHPExcel/locale/fr/config | 47 + lib/PHPExcel/locale/fr/functions | 438 + lib/PHPExcel/locale/hu/config | 47 + lib/PHPExcel/locale/hu/functions | 438 + lib/PHPExcel/locale/it/config | 47 + lib/PHPExcel/locale/it/functions | 438 + lib/PHPExcel/locale/nl/config | 47 + lib/PHPExcel/locale/nl/functions | 438 + lib/PHPExcel/locale/no/config | 47 + lib/PHPExcel/locale/no/functions | 438 + lib/PHPExcel/locale/pl/config | 47 + lib/PHPExcel/locale/pl/functions | 438 + lib/PHPExcel/locale/pt/br/config | 47 + lib/PHPExcel/locale/pt/br/functions | 408 + lib/PHPExcel/locale/pt/config | 47 + lib/PHPExcel/locale/pt/functions | 408 + lib/PHPExcel/locale/ru/config | 47 + lib/PHPExcel/locale/ru/functions | 438 + lib/PHPExcel/locale/sv/config | 47 + lib/PHPExcel/locale/sv/functions | 408 + lib/PHPExcel/locale/tr/config | 47 + lib/PHPExcel/locale/tr/functions | 438 + lib/URI/uri.class.php | 3 +- lib/cache.lib.php | 3 +- lib/common.lib.php | 101 +- lib/connect.lib.php | 3 +- lib/editor.lib.php | 3 +- lib/get_data.lib.php | 9 +- lib/hook.lib.php | 3 +- lib/icode.lms.lib.php | 4 +- lib/icode.sms.lib.php | 3 +- lib/json.lib.php | 3 +- lib/latest.lib.php | 9 +- lib/mailer.lib.php | 3 +- lib/naver_syndi.lib.php | 3 +- lib/outlogin.lib.php | 3 +- lib/poll.lib.php | 3 +- lib/popular.lib.php | 3 +- lib/register.lib.php | 3 +- lib/thumbnail.lib.php | 22 +- lib/uri.lib.php | 9 +- lib/visit.lib.php | 3 +- mobile/_head.php | 3 +- mobile/_tail.php | 3 +- mobile/content.php | 59 +- mobile/group.php | 3 +- mobile/head.php | 2 +- mobile/index.php | 3 +- mobile/skin/board/basic/view.skin.php | 6 +- mobile/skin/board/basic/view_comment.skin.php | 2 +- mobile/skin/board/gallery/view.skin.php | 6 +- .../skin/board/gallery/view_comment.skin.php | 2 +- mobile/skin/connect/basic/connect.skin.php | 2 +- mobile/skin/member/basic/login_check.skin.php | 3 +- mobile/skin/qa/basic/style.css | 1 + mobile/skin/qa/basic/view.skin.php | 11 +- mobile/skin/search/basic/search.skin.php | 10 +- mobile/tail.php | 3 +- plugin/PHPMailer/LICENSE | 42 +- plugin/PHPMailer/PHPMailerAutoload.php | 21 +- plugin/PHPMailer/VERSION | 2 +- plugin/PHPMailer/class.phpmailer.php | 61 +- plugin/PHPMailer/class.pop3.php | 2 +- plugin/PHPMailer/class.smtp.php | 133 +- plugin/PHPMailer/composer.json | 21 +- plugin/PHPMailer/composer.lock | 945 +- plugin/PHPMailer/examples/code_generator.phps | 141 +- plugin/PHPMailer/examples/gmail.phps | 24 + plugin/PHPMailer/examples/gmail_xoauth.phps | 4 +- plugin/PHPMailer/extras/README.md | 8 +- plugin/PHPMailer/extras/htmlfilter.php | 16 +- .../PHPMailer/language/phpmailer.lang-ba.php | 26 + .../PHPMailer/language/phpmailer.lang-cs.php | 2 +- .../PHPMailer/language/phpmailer.lang-nb.php | 32 +- .../language/phpmailer.lang-pt_br.php | 3 +- .../PHPMailer/language/phpmailer.lang-rs.php | 26 + .../PHPMailer/language/phpmailer.lang-tr.php | 3 +- .../language/phpmailer.lang-zh_cn.php | 7 +- plugin/browscap/Browscap.php | 3 +- plugin/editor/cheditor5/editor.lib.php | 3 +- .../editor/cheditor5/imageUpload/_common.php | 3 +- .../editor/cheditor5/imageUpload/config.php | 5 +- .../editor/cheditor5/imageUpload/delete.php | 4 +- .../editor/cheditor5/imageUpload/upload.php | 3 +- plugin/editor/smarteditor2/editor.lib.php | 3 +- .../photo_uploader/popup/_common.php | 3 +- .../photo_uploader/popup/php/JSON.php | 18 +- .../popup/php/UploadHandler.php | 41 +- .../photo_uploader/popup/php/_common.php | 3 +- .../photo_uploader/popup/php/index.php | 2 +- .../htmlpurifier/HTMLPurifier.standalone.php | 272 +- plugin/htmlpurifier/extend.video.php | 3 +- .../ConfigSchema/Builder/ConfigSchema.php | 96 +- .../HTMLPurifier/ConfigSchema/Builder/Xml.php | 288 +- .../HTMLPurifier/ConfigSchema/Exception.php | 22 +- .../HTMLPurifier/ConfigSchema/Interchange.php | 94 +- .../ConfigSchema/Interchange/Directive.php | 178 +- .../ConfigSchema/Interchange/Id.php | 116 +- .../ConfigSchema/InterchangeBuilder.php | 452 +- .../HTMLPurifier/ConfigSchema/Validator.php | 496 +- .../ConfigSchema/ValidatorAtom.php | 260 +- .../HTMLPurifier/ConfigSchema/schema.ser | Bin 15923 -> 24190 bytes .../schema/Attr.AllowedClasses.txt | 16 +- .../schema/Attr.AllowedFrameTargets.txt | 24 +- .../ConfigSchema/schema/Attr.AllowedRel.txt | 18 +- .../ConfigSchema/schema/Attr.AllowedRev.txt | 18 +- .../schema/Attr.ClassUseCDATA.txt | 38 +- .../schema/Attr.DefaultImageAlt.txt | 22 +- .../schema/Attr.DefaultInvalidImage.txt | 18 +- .../schema/Attr.DefaultInvalidImageAlt.txt | 16 +- .../schema/Attr.DefaultTextDir.txt | 20 +- .../ConfigSchema/schema/Attr.EnableID.txt | 32 +- .../schema/Attr.ForbiddenClasses.txt | 16 +- .../ConfigSchema/schema/Attr.ID.HTML5.txt | 20 +- .../ConfigSchema/schema/Attr.IDBlacklist.txt | 10 +- .../schema/Attr.IDBlacklistRegexp.txt | 18 +- .../ConfigSchema/schema/Attr.IDPrefix.txt | 24 +- .../schema/Attr.IDPrefixLocal.txt | 28 +- .../schema/AutoFormat.AutoParagraph.txt | 62 +- .../ConfigSchema/schema/AutoFormat.Custom.txt | 24 +- .../schema/AutoFormat.DisplayLinkURI.txt | 22 +- .../schema/AutoFormat.Linkify.txt | 24 +- .../AutoFormat.PurifierLinkify.DocURL.txt | 24 +- .../schema/AutoFormat.PurifierLinkify.txt | 24 +- .../AutoFormat.RemoveEmpty.Predicate.txt | 28 +- ...rmat.RemoveEmpty.RemoveNbsp.Exceptions.txt | 22 +- .../AutoFormat.RemoveEmpty.RemoveNbsp.txt | 2 +- .../schema/AutoFormat.RemoveEmpty.txt | 92 +- ...utoFormat.RemoveSpansWithoutAttributes.txt | 22 +- .../schema/CSS.AllowDuplicates.txt | 22 +- .../schema/CSS.AllowImportant.txt | 16 +- .../ConfigSchema/schema/CSS.AllowTricky.txt | 22 +- .../ConfigSchema/schema/CSS.AllowedFonts.txt | 24 +- .../schema/CSS.AllowedProperties.txt | 36 +- .../ConfigSchema/schema/CSS.DefinitionRev.txt | 22 +- .../schema/CSS.ForbiddenProperties.txt | 26 +- .../ConfigSchema/schema/CSS.MaxImgLength.txt | 32 +- .../ConfigSchema/schema/CSS.Proprietary.txt | 20 +- .../ConfigSchema/schema/CSS.Trusted.txt | 18 +- .../schema/Cache.DefinitionImpl.txt | 28 +- .../schema/Cache.SerializerPath.txt | 26 +- .../schema/Cache.SerializerPermissions.txt | 32 +- .../schema/Core.AggressivelyFixLt.txt | 36 +- .../schema/Core.AggressivelyRemoveScript.txt | 32 +- .../schema/Core.AllowHostnameUnderscore.txt | 32 +- .../schema/Core.AllowParseManyTags.txt | 12 + .../schema/Core.CollectErrors.txt | 24 +- .../schema/Core.ColorKeywords.txt | 159 +- .../schema/Core.ConvertDocumentToFragment.txt | 28 +- .../Core.DirectLexLineNumberSyncInterval.txt | 34 +- .../schema/Core.DisableExcludes.txt | 28 +- .../ConfigSchema/schema/Core.EnableIDNA.txt | 18 +- .../ConfigSchema/schema/Core.Encoding.txt | 30 +- .../schema/Core.EscapeInvalidChildren.txt | 24 +- .../schema/Core.EscapeInvalidTags.txt | 14 +- .../schema/Core.EscapeNonASCIICharacters.txt | 26 +- .../schema/Core.HiddenElements.txt | 38 +- .../ConfigSchema/schema/Core.Language.txt | 20 +- .../schema/Core.LegacyEntityDecoder.txt | 72 +- .../ConfigSchema/schema/Core.LexerImpl.txt | 68 +- .../schema/Core.MaintainLineNumbers.txt | 32 +- .../schema/Core.NormalizeNewlines.txt | 22 +- .../schema/Core.RemoveInvalidImg.txt | 24 +- .../Core.RemoveProcessingInstructions.txt | 22 +- .../schema/Core.RemoveScriptContents.txt | 24 +- .../ConfigSchema/schema/Filter.Custom.txt | 22 +- .../Filter.ExtractStyleBlocks.Escaping.txt | 28 +- .../Filter.ExtractStyleBlocks.Scope.txt | 58 +- .../Filter.ExtractStyleBlocks.TidyImpl.txt | 32 +- .../schema/Filter.ExtractStyleBlocks.txt | 148 +- .../ConfigSchema/schema/Filter.YouTube.txt | 32 +- .../ConfigSchema/schema/HTML.Allowed.txt | 50 +- .../schema/HTML.AllowedAttributes.txt | 38 +- .../schema/HTML.AllowedComments.txt | 20 +- .../schema/HTML.AllowedCommentsRegexp.txt | 30 +- .../schema/HTML.AllowedElements.txt | 46 +- .../schema/HTML.AllowedModules.txt | 40 +- .../schema/HTML.Attr.Name.UseCDATA.txt | 22 +- .../ConfigSchema/schema/HTML.BlockWrapper.txt | 36 +- .../ConfigSchema/schema/HTML.CoreModules.txt | 46 +- .../schema/HTML.CustomDoctype.txt | 18 +- .../ConfigSchema/schema/HTML.DefinitionID.txt | 66 +- .../schema/HTML.DefinitionRev.txt | 32 +- .../ConfigSchema/schema/HTML.Doctype.txt | 22 +- .../schema/HTML.FlashAllowFullScreen.txt | 22 +- .../schema/HTML.ForbiddenAttributes.txt | 42 +- .../schema/HTML.ForbiddenElements.txt | 40 +- .../ConfigSchema/schema/HTML.Forms.txt | 11 + .../ConfigSchema/schema/HTML.MaxImgLength.txt | 28 +- .../ConfigSchema/schema/HTML.Nofollow.txt | 14 +- .../ConfigSchema/schema/HTML.Parent.txt | 24 +- .../ConfigSchema/schema/HTML.Proprietary.txt | 24 +- .../ConfigSchema/schema/HTML.SafeEmbed.txt | 26 +- .../ConfigSchema/schema/HTML.SafeIframe.txt | 26 +- .../ConfigSchema/schema/HTML.SafeObject.txt | 26 +- .../schema/HTML.SafeScripting.txt | 20 +- .../ConfigSchema/schema/HTML.Strict.txt | 18 +- .../ConfigSchema/schema/HTML.TargetBlank.txt | 16 +- .../schema/HTML.TargetNoopener.txt | 20 +- .../schema/HTML.TargetNoreferrer.txt | 18 +- .../ConfigSchema/schema/HTML.TidyAdd.txt | 16 +- .../ConfigSchema/schema/HTML.TidyLevel.txt | 48 +- .../ConfigSchema/schema/HTML.TidyRemove.txt | 16 +- .../ConfigSchema/schema/HTML.Trusted.txt | 18 +- .../ConfigSchema/schema/HTML.XHTML.txt | 22 +- .../schema/Output.CommentScriptContents.txt | 20 +- .../schema/Output.FixInnerHTML.txt | 30 +- .../schema/Output.FlashCompat.txt | 22 +- .../ConfigSchema/schema/Output.Newline.txt | 26 +- .../ConfigSchema/schema/Output.SortAttr.txt | 28 +- .../ConfigSchema/schema/Output.TidyFormat.txt | 50 +- .../ConfigSchema/schema/Test.ForceNoIconv.txt | 14 +- .../schema/URI.AllowedSchemes.txt | 36 +- .../ConfigSchema/schema/URI.Base.txt | 34 +- .../ConfigSchema/schema/URI.DefaultScheme.txt | 30 +- .../ConfigSchema/schema/URI.DefinitionID.txt | 22 +- .../ConfigSchema/schema/URI.DefinitionRev.txt | 22 +- .../ConfigSchema/schema/URI.Disable.txt | 28 +- .../schema/URI.DisableExternal.txt | 22 +- .../schema/URI.DisableExternalResources.txt | 26 +- .../schema/URI.DisableResources.txt | 30 +- .../ConfigSchema/schema/URI.Host.txt | 38 +- .../ConfigSchema/schema/URI.HostBlacklist.txt | 18 +- .../ConfigSchema/schema/URI.MakeAbsolute.txt | 26 +- .../ConfigSchema/schema/URI.Munge.txt | 166 +- .../schema/URI.MungeResources.txt | 34 +- .../schema/URI.MungeSecretKey.txt | 60 +- .../schema/URI.OverrideAllowedSchemes.txt | 18 +- .../schema/URI.SafeIframeRegexp.txt | 44 +- .../HTMLPurifier/ConfigSchema/schema/info.ini | 6 +- .../Filter/ExtractStyleBlocks.php | 682 +- .../HTMLPurifier/Filter/YouTube.php | 130 +- .../HTMLPurifier/Language/messages/en.php | 110 +- .../standalone/HTMLPurifier/Lexer/PH5P.php | 4 +- .../standalone/HTMLPurifier/Printer.php | 436 +- .../HTMLPurifier/Printer/CSSDefinition.php | 88 +- .../HTMLPurifier/Printer/ConfigForm.css | 20 +- .../HTMLPurifier/Printer/ConfigForm.js | 10 +- .../HTMLPurifier/Printer/ConfigForm.php | 4 +- .../HTMLPurifier/Printer/HTMLDefinition.php | 4 +- plugin/kcaptcha/_common.php | 3 +- plugin/kcaptcha/captcha.lib.php | 3 +- plugin/kcaptcha/kcaptcha.lib.php | 7 +- plugin/kcaptcha/kcaptcha_config.php | 3 +- plugin/kcaptcha/kcaptcha_image.php | 3 +- plugin/kcaptcha/kcaptcha_mp3.php | 3 +- plugin/kcaptcha/kcaptcha_result.php | 7 +- plugin/kcaptcha/kcaptcha_session.php | 5 +- plugin/kcpcert/_common.php | 3 +- plugin/kcpcert/kcpcert_config.php | 3 +- plugin/kcpcert/kcpcert_result.php | 3 +- plugin/kcpcert/lib/ct_cli_lib.php | 16 +- plugin/lgxpay/AuthOnlyRes.php | 3 +- plugin/lgxpay/_common.php | 3 +- plugin/lgxpay/lgdacom/JSON.php | 6 +- plugin/lgxpay/lgdacom/XPayClient.php | 3 +- plugin/lgxpay/lgdacom/XPayClient4DB.php | 3 +- plugin/lgxpay/lgdacom/patch.php | 3 +- plugin/lgxpay/lgdacom/ping.php | 3 +- plugin/lgxpay/returnurl.php | 6 +- plugin/okname/_common.php | 3 +- plugin/okname/hpcert.config.php | 3 +- plugin/okname/hpcert1.php | 3 +- plugin/okname/hpcert2.php | 21 +- plugin/okname/ipin.config.php | 3 +- plugin/okname/ipin1.php | 3 +- plugin/okname/ipin2.php | 9 +- plugin/okname/key_dir_check.php | 3 +- plugin/recaptcha/_common.php | 3 +- plugin/recaptcha/captcha.lib.php | 3 +- plugin/recaptcha/recaptcha.class.php | 3 +- plugin/recaptcha/recaptcha.user.lib.php | 3 +- plugin/recaptcha_inv/_common.php | 3 +- plugin/recaptcha_inv/captcha.lib.php | 3 +- plugin/recaptcha_inv/recaptcha.class.php | 3 +- plugin/recaptcha_inv/recaptcha.user.lib.php | 3 +- plugin/sms5/JSON.php | 96 +- plugin/sms5/_common.php | 3 +- plugin/sms5/ajax.sms_emoticon.php | 10 +- plugin/sms5/index.php | 3 +- plugin/sms5/sms5.lib.php | 13 +- plugin/sns/_common.php | 3 +- plugin/sns/twitter/_common.php | 3 +- plugin/sns/twitter/callback.php | 3 +- plugin/sns/view_comment_list.sns.skin.php | 2 +- plugin/sns/view_comment_write.sns.skin.php | 6 +- plugin/social/Hybrid/Auth.php | 4 +- .../social/Hybrid/thirdparty/OAuth/OAuth.php | 2 +- plugin/social/_common.php | 3 +- plugin/social/error.php | 7 +- plugin/social/includes/functions.php | 13 +- plugin/social/includes/g5_endpoint.php | 4 +- plugin/social/includes/g5_endpoint_class.php | 3 +- plugin/social/includes/loading.php | 3 +- plugin/social/includes/providers.php | 4 +- plugin/social/popup.php | 3 +- plugin/social/register_member.php | 4 +- plugin/social/register_member_update.php | 15 +- plugin/social/unlink.php | 3 +- plugin/syndi/_common.php | 3 +- plugin/syndi/ping.php | 3 +- skin/board/basic/view.skin.php | 4 +- skin/board/gallery/view.skin.php | 4 +- skin/connect/basic/connect.skin.php | 2 +- skin/member/basic/login_check.skin.php | 3 +- skin/popular/basic/popular.skin.php | 2 +- skin/search/basic/search.skin.php | 10 +- tail.php | 3 +- tail.sub.php | 2 +- theme/basic/_common.php | 3 +- theme/basic/group.php | 3 +- theme/basic/head.php | 3 +- theme/basic/head.sub.php | 3 +- theme/basic/index.php | 5 +- theme/basic/mobile/_common.php | 3 +- theme/basic/mobile/group.php | 3 +- theme/basic/mobile/head.php | 2 +- theme/basic/mobile/index.php | 3 +- .../mobile/skin/board/basic/view.skin.php | 6 +- .../skin/board/basic/view_comment.skin.php | 2 +- .../mobile/skin/board/gallery/view.skin.php | 6 +- .../skin/board/gallery/view_comment.skin.php | 2 +- .../skin/connect/basic/connect.skin.php | 2 +- .../skin/member/basic/login_check.skin.php | 3 +- theme/basic/mobile/skin/qa/basic/style.css | 1 + .../basic/mobile/skin/qa/basic/view.skin.php | 2 - .../mobile/skin/search/basic/search.skin.php | 10 +- theme/basic/mobile/tail.php | 3 +- theme/basic/skin/board/basic/view.skin.php | 4 +- theme/basic/skin/board/gallery/view.skin.php | 4 +- .../basic/skin/connect/basic/connect.skin.php | 2 +- theme/basic/skin/latest/basic/latest.skin.php | 2 +- .../skin/latest/pic_list/latest.skin.php | 2 +- .../skin/member/basic/login_check.skin.php | 3 +- .../basic/skin/popular/basic/popular.skin.php | 2 +- theme/basic/skin/search/basic/search.skin.php | 10 +- theme/basic/tail.php | 3 +- theme/basic/tail.sub.php | 2 +- theme/basic/theme.config.php | 5 +- 852 files changed, 120617 insertions(+), 6307 deletions(-) create mode 100644 lib/PHPExcel.php create mode 100644 lib/PHPExcel/Autoloader.php create mode 100644 lib/PHPExcel/CachedObjectStorage/APC.php create mode 100644 lib/PHPExcel/CachedObjectStorage/CacheBase.php create mode 100644 lib/PHPExcel/CachedObjectStorage/DiscISAM.php create mode 100644 lib/PHPExcel/CachedObjectStorage/ICache.php create mode 100644 lib/PHPExcel/CachedObjectStorage/Igbinary.php create mode 100644 lib/PHPExcel/CachedObjectStorage/Memcache.php create mode 100644 lib/PHPExcel/CachedObjectStorage/Memory.php create mode 100644 lib/PHPExcel/CachedObjectStorage/MemoryGZip.php create mode 100644 lib/PHPExcel/CachedObjectStorage/MemorySerialized.php create mode 100644 lib/PHPExcel/CachedObjectStorage/PHPTemp.php create mode 100644 lib/PHPExcel/CachedObjectStorage/SQLite.php create mode 100644 lib/PHPExcel/CachedObjectStorage/SQLite3.php create mode 100644 lib/PHPExcel/CachedObjectStorage/Wincache.php create mode 100644 lib/PHPExcel/CachedObjectStorageFactory.php create mode 100644 lib/PHPExcel/CalcEngine/CyclicReferenceStack.php create mode 100644 lib/PHPExcel/CalcEngine/Logger.php create mode 100644 lib/PHPExcel/Calculation.php create mode 100644 lib/PHPExcel/Calculation/Database.php create mode 100644 lib/PHPExcel/Calculation/DateTime.php create mode 100644 lib/PHPExcel/Calculation/Engineering.php create mode 100644 lib/PHPExcel/Calculation/Exception.php create mode 100644 lib/PHPExcel/Calculation/ExceptionHandler.php create mode 100644 lib/PHPExcel/Calculation/Financial.php create mode 100644 lib/PHPExcel/Calculation/FormulaParser.php create mode 100644 lib/PHPExcel/Calculation/FormulaToken.php create mode 100644 lib/PHPExcel/Calculation/Function.php create mode 100644 lib/PHPExcel/Calculation/Functions.php create mode 100644 lib/PHPExcel/Calculation/Logical.php create mode 100644 lib/PHPExcel/Calculation/LookupRef.php create mode 100644 lib/PHPExcel/Calculation/MathTrig.php create mode 100644 lib/PHPExcel/Calculation/Statistical.php create mode 100644 lib/PHPExcel/Calculation/TextData.php create mode 100644 lib/PHPExcel/Calculation/Token/Stack.php create mode 100644 lib/PHPExcel/Calculation/functionlist.txt create mode 100644 lib/PHPExcel/Cell.php create mode 100644 lib/PHPExcel/Cell/AdvancedValueBinder.php create mode 100644 lib/PHPExcel/Cell/DataType.php create mode 100644 lib/PHPExcel/Cell/DataValidation.php create mode 100644 lib/PHPExcel/Cell/DefaultValueBinder.php create mode 100644 lib/PHPExcel/Cell/Hyperlink.php create mode 100644 lib/PHPExcel/Cell/IValueBinder.php create mode 100644 lib/PHPExcel/Chart.php create mode 100644 lib/PHPExcel/Chart/Axis.php create mode 100644 lib/PHPExcel/Chart/DataSeries.php create mode 100644 lib/PHPExcel/Chart/DataSeriesValues.php create mode 100644 lib/PHPExcel/Chart/Exception.php create mode 100644 lib/PHPExcel/Chart/GridLines.php create mode 100644 lib/PHPExcel/Chart/Layout.php create mode 100644 lib/PHPExcel/Chart/Legend.php create mode 100644 lib/PHPExcel/Chart/PlotArea.php create mode 100644 lib/PHPExcel/Chart/Properties.php create mode 100644 lib/PHPExcel/Chart/Renderer/PHP Charting Libraries.txt create mode 100644 lib/PHPExcel/Chart/Renderer/jpgraph.php create mode 100644 lib/PHPExcel/Chart/Title.php create mode 100644 lib/PHPExcel/Comment.php create mode 100644 lib/PHPExcel/DocumentProperties.php create mode 100644 lib/PHPExcel/DocumentSecurity.php create mode 100644 lib/PHPExcel/Exception.php create mode 100644 lib/PHPExcel/HashTable.php create mode 100644 lib/PHPExcel/Helper/HTML.php create mode 100644 lib/PHPExcel/IComparable.php create mode 100644 lib/PHPExcel/IOFactory.php create mode 100644 lib/PHPExcel/NamedRange.php create mode 100644 lib/PHPExcel/Reader/Abstract.php create mode 100644 lib/PHPExcel/Reader/CSV.php create mode 100644 lib/PHPExcel/Reader/DefaultReadFilter.php create mode 100644 lib/PHPExcel/Reader/Excel2003XML.php create mode 100644 lib/PHPExcel/Reader/Excel2007.php create mode 100644 lib/PHPExcel/Reader/Excel2007/Chart.php create mode 100644 lib/PHPExcel/Reader/Excel2007/Theme.php create mode 100644 lib/PHPExcel/Reader/Excel5.php create mode 100644 lib/PHPExcel/Reader/Excel5/Color.php create mode 100644 lib/PHPExcel/Reader/Excel5/Color/BIFF5.php create mode 100644 lib/PHPExcel/Reader/Excel5/Color/BIFF8.php create mode 100644 lib/PHPExcel/Reader/Excel5/Color/BuiltIn.php create mode 100644 lib/PHPExcel/Reader/Excel5/ErrorCode.php create mode 100644 lib/PHPExcel/Reader/Excel5/Escher.php create mode 100644 lib/PHPExcel/Reader/Excel5/MD5.php create mode 100644 lib/PHPExcel/Reader/Excel5/RC4.php create mode 100644 lib/PHPExcel/Reader/Excel5/Style/Border.php create mode 100644 lib/PHPExcel/Reader/Excel5/Style/FillPattern.php create mode 100644 lib/PHPExcel/Reader/Exception.php create mode 100644 lib/PHPExcel/Reader/Gnumeric.php create mode 100644 lib/PHPExcel/Reader/HTML.php create mode 100644 lib/PHPExcel/Reader/IReadFilter.php create mode 100644 lib/PHPExcel/Reader/IReader.php create mode 100644 lib/PHPExcel/Reader/OOCalc.php create mode 100644 lib/PHPExcel/Reader/SYLK.php create mode 100644 lib/PHPExcel/ReferenceHelper.php create mode 100644 lib/PHPExcel/RichText.php create mode 100644 lib/PHPExcel/RichText/ITextElement.php create mode 100644 lib/PHPExcel/RichText/Run.php create mode 100644 lib/PHPExcel/RichText/TextElement.php create mode 100644 lib/PHPExcel/Settings.php create mode 100644 lib/PHPExcel/Shared/CodePage.php create mode 100644 lib/PHPExcel/Shared/Date.php create mode 100644 lib/PHPExcel/Shared/Drawing.php create mode 100644 lib/PHPExcel/Shared/Escher.php create mode 100644 lib/PHPExcel/Shared/Escher/DgContainer.php create mode 100644 lib/PHPExcel/Shared/Escher/DgContainer/SpgrContainer.php create mode 100644 lib/PHPExcel/Shared/Escher/DgContainer/SpgrContainer/SpContainer.php create mode 100644 lib/PHPExcel/Shared/Escher/DggContainer.php create mode 100644 lib/PHPExcel/Shared/Escher/DggContainer/BstoreContainer.php create mode 100644 lib/PHPExcel/Shared/Escher/DggContainer/BstoreContainer/BSE.php create mode 100644 lib/PHPExcel/Shared/Escher/DggContainer/BstoreContainer/BSE/Blip.php create mode 100644 lib/PHPExcel/Shared/Excel5.php create mode 100644 lib/PHPExcel/Shared/File.php create mode 100644 lib/PHPExcel/Shared/Font.php create mode 100644 lib/PHPExcel/Shared/JAMA/CHANGELOG.TXT create mode 100644 lib/PHPExcel/Shared/JAMA/CholeskyDecomposition.php create mode 100644 lib/PHPExcel/Shared/JAMA/EigenvalueDecomposition.php create mode 100644 lib/PHPExcel/Shared/JAMA/LUDecomposition.php create mode 100644 lib/PHPExcel/Shared/JAMA/Matrix.php create mode 100644 lib/PHPExcel/Shared/JAMA/QRDecomposition.php create mode 100644 lib/PHPExcel/Shared/JAMA/SingularValueDecomposition.php create mode 100644 lib/PHPExcel/Shared/JAMA/utils/Error.php create mode 100644 lib/PHPExcel/Shared/JAMA/utils/Maths.php create mode 100644 lib/PHPExcel/Shared/OLE.php create mode 100644 lib/PHPExcel/Shared/OLE/ChainedBlockStream.php create mode 100644 lib/PHPExcel/Shared/OLE/PPS.php create mode 100644 lib/PHPExcel/Shared/OLE/PPS/File.php create mode 100644 lib/PHPExcel/Shared/OLE/PPS/Root.php create mode 100644 lib/PHPExcel/Shared/OLERead.php create mode 100644 lib/PHPExcel/Shared/PCLZip/gnu-lgpl.txt create mode 100644 lib/PHPExcel/Shared/PCLZip/pclzip.lib.php create mode 100644 lib/PHPExcel/Shared/PCLZip/readme.txt create mode 100644 lib/PHPExcel/Shared/PasswordHasher.php create mode 100644 lib/PHPExcel/Shared/String.php create mode 100644 lib/PHPExcel/Shared/TimeZone.php create mode 100644 lib/PHPExcel/Shared/XMLWriter.php create mode 100644 lib/PHPExcel/Shared/ZipArchive.php create mode 100644 lib/PHPExcel/Shared/ZipStreamWrapper.php create mode 100644 lib/PHPExcel/Shared/trend/bestFitClass.php create mode 100644 lib/PHPExcel/Shared/trend/exponentialBestFitClass.php create mode 100644 lib/PHPExcel/Shared/trend/linearBestFitClass.php create mode 100644 lib/PHPExcel/Shared/trend/logarithmicBestFitClass.php create mode 100644 lib/PHPExcel/Shared/trend/polynomialBestFitClass.php create mode 100644 lib/PHPExcel/Shared/trend/powerBestFitClass.php create mode 100644 lib/PHPExcel/Shared/trend/trendClass.php create mode 100644 lib/PHPExcel/Style.php create mode 100644 lib/PHPExcel/Style/Alignment.php create mode 100644 lib/PHPExcel/Style/Border.php create mode 100644 lib/PHPExcel/Style/Borders.php create mode 100644 lib/PHPExcel/Style/Color.php create mode 100644 lib/PHPExcel/Style/Conditional.php create mode 100644 lib/PHPExcel/Style/Fill.php create mode 100644 lib/PHPExcel/Style/Font.php create mode 100644 lib/PHPExcel/Style/NumberFormat.php create mode 100644 lib/PHPExcel/Style/Protection.php create mode 100644 lib/PHPExcel/Style/Supervisor.php create mode 100644 lib/PHPExcel/Worksheet.php create mode 100644 lib/PHPExcel/Worksheet/AutoFilter.php create mode 100644 lib/PHPExcel/Worksheet/AutoFilter/Column.php create mode 100644 lib/PHPExcel/Worksheet/AutoFilter/Column/Rule.php create mode 100644 lib/PHPExcel/Worksheet/BaseDrawing.php create mode 100644 lib/PHPExcel/Worksheet/CellIterator.php create mode 100644 lib/PHPExcel/Worksheet/Column.php create mode 100644 lib/PHPExcel/Worksheet/ColumnCellIterator.php create mode 100644 lib/PHPExcel/Worksheet/ColumnDimension.php create mode 100644 lib/PHPExcel/Worksheet/ColumnIterator.php create mode 100644 lib/PHPExcel/Worksheet/Dimension.php create mode 100644 lib/PHPExcel/Worksheet/Drawing.php create mode 100644 lib/PHPExcel/Worksheet/Drawing/Shadow.php create mode 100644 lib/PHPExcel/Worksheet/HeaderFooter.php create mode 100644 lib/PHPExcel/Worksheet/HeaderFooterDrawing.php create mode 100644 lib/PHPExcel/Worksheet/MemoryDrawing.php create mode 100644 lib/PHPExcel/Worksheet/PageMargins.php create mode 100644 lib/PHPExcel/Worksheet/PageSetup.php create mode 100644 lib/PHPExcel/Worksheet/Protection.php create mode 100644 lib/PHPExcel/Worksheet/Row.php create mode 100644 lib/PHPExcel/Worksheet/RowCellIterator.php create mode 100644 lib/PHPExcel/Worksheet/RowDimension.php create mode 100644 lib/PHPExcel/Worksheet/RowIterator.php create mode 100644 lib/PHPExcel/Worksheet/SheetView.php create mode 100644 lib/PHPExcel/WorksheetIterator.php create mode 100644 lib/PHPExcel/Writer/Abstract.php create mode 100644 lib/PHPExcel/Writer/CSV.php create mode 100644 lib/PHPExcel/Writer/Excel2007.php create mode 100644 lib/PHPExcel/Writer/Excel2007/Chart.php create mode 100644 lib/PHPExcel/Writer/Excel2007/Comments.php create mode 100644 lib/PHPExcel/Writer/Excel2007/ContentTypes.php create mode 100644 lib/PHPExcel/Writer/Excel2007/DocProps.php create mode 100644 lib/PHPExcel/Writer/Excel2007/Drawing.php create mode 100644 lib/PHPExcel/Writer/Excel2007/Rels.php create mode 100644 lib/PHPExcel/Writer/Excel2007/RelsRibbon.php create mode 100644 lib/PHPExcel/Writer/Excel2007/RelsVBA.php create mode 100644 lib/PHPExcel/Writer/Excel2007/StringTable.php create mode 100644 lib/PHPExcel/Writer/Excel2007/Style.php create mode 100644 lib/PHPExcel/Writer/Excel2007/Theme.php create mode 100644 lib/PHPExcel/Writer/Excel2007/Workbook.php create mode 100644 lib/PHPExcel/Writer/Excel2007/Worksheet.php create mode 100644 lib/PHPExcel/Writer/Excel2007/WriterPart.php create mode 100644 lib/PHPExcel/Writer/Excel5.php create mode 100644 lib/PHPExcel/Writer/Excel5/BIFFwriter.php create mode 100644 lib/PHPExcel/Writer/Excel5/Escher.php create mode 100644 lib/PHPExcel/Writer/Excel5/Font.php create mode 100644 lib/PHPExcel/Writer/Excel5/Parser.php create mode 100644 lib/PHPExcel/Writer/Excel5/Workbook.php create mode 100644 lib/PHPExcel/Writer/Excel5/Worksheet.php create mode 100644 lib/PHPExcel/Writer/Excel5/Xf.php create mode 100644 lib/PHPExcel/Writer/Exception.php create mode 100644 lib/PHPExcel/Writer/HTML.php create mode 100644 lib/PHPExcel/Writer/IWriter.php create mode 100644 lib/PHPExcel/Writer/OpenDocument.php create mode 100644 lib/PHPExcel/Writer/OpenDocument/Cell/Comment.php create mode 100644 lib/PHPExcel/Writer/OpenDocument/Content.php create mode 100644 lib/PHPExcel/Writer/OpenDocument/Meta.php create mode 100644 lib/PHPExcel/Writer/OpenDocument/MetaInf.php create mode 100644 lib/PHPExcel/Writer/OpenDocument/Mimetype.php create mode 100644 lib/PHPExcel/Writer/OpenDocument/Settings.php create mode 100644 lib/PHPExcel/Writer/OpenDocument/Styles.php create mode 100644 lib/PHPExcel/Writer/OpenDocument/Thumbnails.php create mode 100644 lib/PHPExcel/Writer/OpenDocument/WriterPart.php create mode 100644 lib/PHPExcel/Writer/PDF.php create mode 100644 lib/PHPExcel/Writer/PDF/Core.php create mode 100644 lib/PHPExcel/Writer/PDF/DomPDF.php create mode 100644 lib/PHPExcel/Writer/PDF/mPDF.php create mode 100644 lib/PHPExcel/Writer/PDF/tcPDF.php create mode 100644 lib/PHPExcel/locale/bg/config create mode 100644 lib/PHPExcel/locale/cs/config create mode 100644 lib/PHPExcel/locale/cs/functions create mode 100644 lib/PHPExcel/locale/da/config create mode 100644 lib/PHPExcel/locale/da/functions create mode 100644 lib/PHPExcel/locale/de/config create mode 100644 lib/PHPExcel/locale/de/functions create mode 100644 lib/PHPExcel/locale/en/uk/config create mode 100644 lib/PHPExcel/locale/es/config create mode 100644 lib/PHPExcel/locale/es/functions create mode 100644 lib/PHPExcel/locale/fi/config create mode 100644 lib/PHPExcel/locale/fi/functions create mode 100644 lib/PHPExcel/locale/fr/config create mode 100644 lib/PHPExcel/locale/fr/functions create mode 100644 lib/PHPExcel/locale/hu/config create mode 100644 lib/PHPExcel/locale/hu/functions create mode 100644 lib/PHPExcel/locale/it/config create mode 100644 lib/PHPExcel/locale/it/functions create mode 100644 lib/PHPExcel/locale/nl/config create mode 100644 lib/PHPExcel/locale/nl/functions create mode 100644 lib/PHPExcel/locale/no/config create mode 100644 lib/PHPExcel/locale/no/functions create mode 100644 lib/PHPExcel/locale/pl/config create mode 100644 lib/PHPExcel/locale/pl/functions create mode 100644 lib/PHPExcel/locale/pt/br/config create mode 100644 lib/PHPExcel/locale/pt/br/functions create mode 100644 lib/PHPExcel/locale/pt/config create mode 100644 lib/PHPExcel/locale/pt/functions create mode 100644 lib/PHPExcel/locale/ru/config create mode 100644 lib/PHPExcel/locale/ru/functions create mode 100644 lib/PHPExcel/locale/sv/config create mode 100644 lib/PHPExcel/locale/sv/functions create mode 100644 lib/PHPExcel/locale/tr/config create mode 100644 lib/PHPExcel/locale/tr/functions create mode 100644 plugin/PHPMailer/language/phpmailer.lang-ba.php create mode 100644 plugin/PHPMailer/language/phpmailer.lang-rs.php create mode 100644 plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.AllowParseManyTags.txt create mode 100644 plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.Forms.txt diff --git a/_common.php b/_common.php index 2ed94c3fb..e29eb0bc1 100644 --- a/_common.php +++ b/_common.php @@ -1,3 +1,2 @@ \ No newline at end of file +include_once('./common.php'); \ No newline at end of file diff --git a/_head.php b/_head.php index 79e267fb7..2a12509c5 100644 --- a/_head.php +++ b/_head.php @@ -1,5 +1,4 @@ \ No newline at end of file +include_once(G5_PATH.'/head.php'); \ No newline at end of file diff --git a/_tail.php b/_tail.php index ae47c3b51..d4b52cfec 100644 --- a/_tail.php +++ b/_tail.php @@ -1,5 +1,4 @@ \ No newline at end of file +include_once(G5_PATH.'/tail.php'); \ No newline at end of file diff --git a/adm/_common.php b/adm/_common.php index 316c629c3..a61a0623a 100644 --- a/adm/_common.php +++ b/adm/_common.php @@ -7,5 +7,4 @@ if( isset($token) ){ $token = @htmlspecialchars(strip_tags($token), ENT_QUOTES); } -run_event('admin_common'); -?> \ No newline at end of file +run_event('admin_common'); \ No newline at end of file diff --git a/adm/admin.head.php b/adm/admin.head.php index 53adc6e39..13d1251de 100644 --- a/adm/admin.head.php +++ b/adm/admin.head.php @@ -32,17 +32,23 @@ function print_menu2($key, $no='') { global $menu, $auth_menu, $is_admin, $auth, $g5, $sub_menu; - $str .= "
    "; + $str = "
      "; for($i=1; $i \ No newline at end of file +//$config['cf_add_script'] = ''; \ No newline at end of file diff --git a/adm/admin.menu100.php b/adm/admin.menu100.php index 6658e18c5..3f1455db5 100644 --- a/adm/admin.menu100.php +++ b/adm/admin.menu100.php @@ -20,5 +20,4 @@ if(version_compare(phpversion(), '5.3.0', '>=') && defined('G5_BROWSCAP_USE') && } $menu['menu100'][] = array('100410', 'DB업그레이드', G5_ADMIN_URL.'/dbupgrade.php', 'db_upgrade'); -$menu['menu100'][] = array('100400', '부가서비스', G5_ADMIN_URL.'/service.php', 'cf_service'); -?> \ No newline at end of file +$menu['menu100'][] = array('100400', '부가서비스', G5_ADMIN_URL.'/service.php', 'cf_service'); \ No newline at end of file diff --git a/adm/admin.menu200.php b/adm/admin.menu200.php index 1e41855db..eec9564e7 100644 --- a/adm/admin.menu200.php +++ b/adm/admin.menu200.php @@ -8,5 +8,4 @@ $menu['menu200'] = array ( array('200820', '접속자로그삭제', G5_ADMIN_URL.'/visit_delete.php', 'mb_delete', 1), array('200200', '포인트관리', G5_ADMIN_URL.'/point_list.php', 'mb_point'), array('200900', '투표관리', G5_ADMIN_URL.'/poll_list.php', 'mb_poll') -); -?> \ No newline at end of file +); \ No newline at end of file diff --git a/adm/admin.menu300.php b/adm/admin.menu300.php index 65f848587..4af1e15ba 100644 --- a/adm/admin.menu300.php +++ b/adm/admin.menu300.php @@ -9,5 +9,4 @@ $menu['menu300'] = array ( array('300600', '내용관리', G5_ADMIN_URL.'/contentlist.php', 'scf_contents', 1), array('300700', 'FAQ관리', G5_ADMIN_URL.'/faqmasterlist.php', 'scf_faq', 1), array('300820', '글,댓글 현황', G5_ADMIN_URL.'/write_count.php', 'scf_write_count'), -); -?> \ No newline at end of file +); \ No newline at end of file diff --git a/adm/admin.menu900.php b/adm/admin.menu900.php index f8d4fb063..0d911ce1a 100644 --- a/adm/admin.menu900.php +++ b/adm/admin.menu900.php @@ -11,5 +11,4 @@ $menu["menu900"] = array ( array('900700', '휴대폰번호 그룹', ''.G5_SMS5_ADMIN_URL.'/num_group.php' , 'hp_group', 1), array('900800', '휴대폰번호 관리', ''.G5_SMS5_ADMIN_URL.'/num_book.php', 'hp_manage', 1), array('900900', '휴대폰번호 파일', ''.G5_SMS5_ADMIN_URL.'/num_book_file.php' , 'hp_file', 1) -); -?> \ No newline at end of file +); \ No newline at end of file diff --git a/adm/admin.tail.php b/adm/admin.tail.php index 1033fd2f5..3e4944a84 100644 --- a/adm/admin.tail.php +++ b/adm/admin.tail.php @@ -150,5 +150,4 @@ function menu_rearrange(el) \ No newline at end of file +include_once(G5_PATH.'/tail.sub.php'); \ No newline at end of file diff --git a/adm/ajax.token.php b/adm/ajax.token.php index f6a100a1f..74744f5e0 100644 --- a/adm/ajax.token.php +++ b/adm/ajax.token.php @@ -10,5 +10,4 @@ if($error) $token = get_admin_token(); -die(json_encode(array('error'=>'', 'token'=>$token, 'url'=>''))); -?> \ No newline at end of file +die(json_encode(array('error'=>'', 'token'=>$token, 'url'=>''))); \ No newline at end of file diff --git a/adm/ajax.use_captcha.php b/adm/ajax.use_captcha.php index 8f7de32b1..750f4af07 100644 --- a/adm/ajax.use_captcha.php +++ b/adm/ajax.use_captcha.php @@ -3,5 +3,4 @@ include_once('./_common.php'); if( isset($_POST['admin_use_captcha']) ){ set_session('ss_admin_use_captcha', true); -} -?> \ No newline at end of file +} \ No newline at end of file diff --git a/adm/auth_list.php b/adm/auth_list.php index fea4626e8..8391432ef 100644 --- a/adm/auth_list.php +++ b/adm/auth_list.php @@ -266,5 +266,4 @@ function fauthlist_submit(f) +include_once ('./admin.tail.php'); \ No newline at end of file diff --git a/adm/auth_list_delete.php b/adm/auth_list_delete.php index c378d75ec..8bce63d36 100644 --- a/adm/auth_list_delete.php +++ b/adm/auth_list_delete.php @@ -10,6 +10,7 @@ if ($is_admin != 'super') check_admin_token(); $count = (isset($_POST['chk']) && is_array($_POST['chk'])) ? count($_POST['chk']) : 0; +$post_act_button = isset($_POST['act_button']) ? clean_xss_tags($_POST['act_button'], 1, 1) : ''; if (!$count) alert($_POST['act_button']." 하실 항목을 하나 이상 체크하세요."); @@ -21,10 +22,10 @@ if ( (isset($_POST['mb_id']) && ! is_array($_POST['mb_id'])) || (isset($_POST['a for ($i=0; $i<$count; $i++) { // 실제 번호를 넘김 - $k = $chk[$i]; + $k = isset($_POST['chk'][$i]) ? (int) $_POST['chk'][$i] : 0; - $mb_id = preg_replace('/[^a-zA-Z0-9_]/', '', $_POST['mb_id'][$k]); - $au_menu = preg_replace('/[^a-zA-Z0-9_]/', '', $_POST['au_menu'][$k]); + $mb_id = isset($_POST['mb_id'][$k]) ? preg_replace('/[^a-zA-Z0-9_]/', '', $_POST['mb_id'][$k]) : ''; + $au_menu = isset($_POST['au_menu'][$k]) ? preg_replace('/[^a-zA-Z0-9_]/', '', $_POST['au_menu'][$k]) : ''; $sql = " delete from {$g5['auth_table']} where mb_id = '".$mb_id."' and au_menu = '".$au_menu."' "; sql_query($sql); @@ -32,5 +33,4 @@ for ($i=0; $i<$count; $i++) run_event('adm_auth_delete_member', $mb_id, $au_menu); } -goto_url('./auth_list.php?'.$qstr); -?> +goto_url('./auth_list.php?'.$qstr); \ No newline at end of file diff --git a/adm/auth_update.php b/adm/auth_update.php index 4b0a58fef..5f90a056a 100644 --- a/adm/auth_update.php +++ b/adm/auth_update.php @@ -3,6 +3,11 @@ $sub_menu = "100200"; include_once('./_common.php'); include_once(G5_LIB_PATH.'/mailer.lib.php'); +$au_menu = isset($_POST['au_menu']) ? preg_replace('/[^0-9a-z_]/i', '', $_POST['au_menu']) : ''; +$post_r = isset($_POST['r']) ? preg_replace('/[^0-9a-z_]/i', '', $_POST['r']) : ''; +$post_w = isset($_POST['w']) ? preg_replace('/[^0-9a-z_]/i', '', $_POST['w']) : ''; +$post_d = isset($_POST['d']) ? preg_replace('/[^0-9a-z_]/i', '', $_POST['d']) : ''; + if ($is_admin != 'super') alert('최고관리자만 접근 가능합니다.'); @@ -19,15 +24,15 @@ if (!chk_captcha()) { } $sql = " insert into {$g5['auth_table']} - set mb_id = '{$_POST['mb_id']}', - au_menu = '{$_POST['au_menu']}', - au_auth = '{$_POST['r']},{$_POST['w']},{$_POST['d']}' "; + set mb_id = '$mb_id', + au_menu = '$au_menu', + au_auth = '{$post_r},{$post_w},{$post_d}' "; $result = sql_query($sql, FALSE); if (!$result) { $sql = " update {$g5['auth_table']} - set au_auth = '{$_POST['r']},{$_POST['w']},{$_POST['d']}' - where mb_id = '{$_POST['mb_id']}' - and au_menu = '{$_POST['au_menu']}' "; + set au_auth = '{$post_r},{$post_w},{$post_d}' + where mb_id = '$mb_id' + and au_menu = '$au_menu' "; sql_query($sql); } @@ -45,5 +50,4 @@ if( str_replace('-', '', G5_TIME_YMD) !== get_session('adm_auth_update') ){ run_event('adm_auth_update', $mb); -goto_url('./auth_list.php?'.$qstr); -?> +goto_url('./auth_list.php?'.$qstr); \ No newline at end of file diff --git a/adm/board_copy.php b/adm/board_copy.php index fb889174a..f0588585a 100644 --- a/adm/board_copy.php +++ b/adm/board_copy.php @@ -2,7 +2,7 @@ $sub_menu = "300100"; include_once("./_common.php"); -auth_check($auth[$sub_menu], 'w'); +auth_check_menu($auth, $sub_menu, 'w'); $g5['title'] = '게시판 복사'; include_once(G5_PATH.'/head.sub.php'); @@ -82,5 +82,4 @@ function fboardcopy_check(f) +include_once(G5_PATH.'/tail.sub.php'); \ No newline at end of file diff --git a/adm/board_copy_update.php b/adm/board_copy_update.php index 30b37b59f..a0452345f 100644 --- a/adm/board_copy_update.php +++ b/adm/board_copy_update.php @@ -4,12 +4,12 @@ include_once('./_common.php'); check_demo(); -auth_check($auth[$sub_menu], 'w'); +auth_check_menu($auth, $sub_menu, 'w'); check_admin_token(); -$target_table = trim($_POST['target_table']); -$target_subject = trim($_POST['target_subject']); +$target_table = isset($_POST['target_table']) ? trim($_POST['target_table']) : ''; +$target_subject = isset($_POST['target_subject']) ? trim($_POST['target_subject']) : ''; $target_subject = strip_tags(clean_xss_attributes($target_subject)); @@ -221,4 +221,3 @@ delete_cache_latest($target_table); echo ""; alert("복사에 성공 했습니다.", './board_copy.php?bo_table='.$bo_table.'&'.$qstr); -?> \ No newline at end of file diff --git a/adm/board_delete.inc.php b/adm/board_delete.inc.php index e043d3555..4e1490520 100644 --- a/adm/board_delete.inc.php +++ b/adm/board_delete.inc.php @@ -32,5 +32,4 @@ sql_query(" delete from {$g5['board_good_table']} where bo_table = '{$tmp_bo_tab delete_cache_latest($tmp_bo_table); // 게시판 폴더 전체 삭제 -rm_rf(G5_DATA_PATH.'/file/'.$tmp_bo_table); -?> \ No newline at end of file +rm_rf(G5_DATA_PATH.'/file/'.$tmp_bo_table); \ No newline at end of file diff --git a/adm/board_form.php b/adm/board_form.php index ec8676883..64f8ea916 100644 --- a/adm/board_form.php +++ b/adm/board_form.php @@ -3,7 +3,7 @@ $sub_menu = "300100"; include_once('./_common.php'); include_once(G5_EDITOR_LIB); -auth_check($auth[$sub_menu], 'w'); +auth_check_menu($auth, $sub_menu, 'w'); $sql = " select count(*) as cnt from {$g5['group_table']} "; $row = sql_fetch($sql); @@ -11,6 +11,8 @@ if (!$row['cnt']) alert('게시판그룹이 한개 이상 생성되어야 합니다.', './boardgroup_form.php'); $html_title = '게시판'; +$reaonly = ''; +$required_valid = ''; if (!isset($board['bo_device'])) { // 게시판 사용 필드 추가 @@ -84,6 +86,57 @@ if (!isset($board['bo_select_editor'])) { sql_query(" ALTER TABLE `{$g5['board_table']}` ADD `bo_select_editor` VARCHAR(50) NOT NULL DEFAULT '' AFTER `bo_use_dhtml_editor` ", false); } +$board_default = array( +'bo_mobile_subject'=>'', +'bo_device'=>'', +'bo_use_category'=>0, +'bo_category_list'=>'', +'bo_admin'=>'', +'bo_list_level'=>0, +'bo_read_level'=>0, +'bo_write_level'=>0, +'bo_reply_level'=>0, +'bo_comment_level'=>0, +'bo_link_level'=>0, +'bo_upload_level'=>0, +'bo_download_level'=>0, +'bo_html_level'=>0, +'bo_use_sideview'=>0, +'bo_select_editor'=>'', +'bo_use_rss_view'=>0, +'bo_use_good'=>0, +'bo_use_nogood'=>0, +'bo_use_name'=>0, +'bo_use_signature'=>0, +'bo_use_ip_view'=>0, +'bo_use_list_content'=>0, +'bo_use_list_file'=>0, +'bo_use_list_view'=>0, +'bo_use_email'=>0, +'bo_use_file_content'=>0, +'bo_use_cert'=>'', +'bo_write_min'=>0, +'bo_write_max'=>0, +'bo_comment_min'=>0, +'bo_comment_max'=>0, +'bo_use_sns'=>0, +'bo_order'=>0, +'bo_use_captcha'=>0, +'bo_content_head'=>'', +'bo_content_tail'=>'', +'bo_mobile_content_head'=>'', +'bo_mobile_content_tail'=>'', +'bo_insert_content'=>'', +'bo_sort_field'=>'', +); + +for($i=0;$i<=10;$i++){ + $board_default['bo_'.$i.'_subj'] = ''; + $board_default['bo_'.$i] = ''; +} + +$board = array_merge($board_default, $board); + run_event('adm_board_form_before', $board, $w); $required = ""; @@ -1439,5 +1492,4 @@ function fboardform_submit(f) +include_once ('./admin.tail.php'); \ No newline at end of file diff --git a/adm/board_form_update.php b/adm/board_form_update.php index 79a882870..557a1a2a6 100644 --- a/adm/board_form_update.php +++ b/adm/board_form_update.php @@ -5,25 +5,27 @@ include_once('./_common.php'); if ($w == 'u') check_demo(); -auth_check($auth[$sub_menu], 'w'); +auth_check_menu($auth, $sub_menu, 'w'); check_admin_token(); $gr_id = isset($_POST['gr_id']) ? preg_replace('/[^a-z0-9_]/i', '', $_POST['gr_id']) : ''; $bo_admin = isset($_POST['bo_admin']) ? preg_replace('/[^a-z0-9_\, \|\#]/i', '', $_POST['bo_admin']) : ''; +$bo_subject = isset($_POST['bo_subject']) ? strip_tags(clean_xss_attributes($_POST['bo_subject'])) : ''; +$bo_mobile_subject = isset($_POST['bo_mobile_subject']) ? strip_tags(clean_xss_attributes($_POST['bo_mobile_subject'])) : ''; if (!$gr_id) { alert('그룹 ID는 반드시 선택하세요.'); } if (!$bo_table) { alert('게시판 TABLE명은 반드시 입력하세요.'); } if (!preg_match("/^([A-Za-z0-9_]{1,20})$/", $bo_table)) { alert('게시판 TABLE명은 공백없이 영문자, 숫자, _ 만 사용 가능합니다. (20자 이내)'); } -if (!$_POST['bo_subject']) { alert('게시판 제목을 입력하세요.'); } +if (!$bo_subject) { alert('게시판 제목을 입력하세요.'); } // 게시판명이 금지된 단어로 되어 있으면 if ( $w == '' && in_array($bo_table, get_bo_table_banned_word()) ){ alert('입력한 게시판 TABLE명을 사용할수 없습니다. 다른 이름으로 입력해 주세요.'); } -$bo_include_head = preg_replace(array("#[\\\]+$#", "#(<\?php|<\?)#i"), "", substr($bo_include_head, 0, 255)); -$bo_include_tail = preg_replace(array("#[\\\]+$#", "#(<\?php|<\?)#i"), "", substr($bo_include_tail, 0, 255)); +$bo_include_head = isset($_POST['bo_include_head']) ? preg_replace(array("#[\\\]+$#", "#(<\?php|<\?)#i"), "", substr($_POST['bo_include_head'], 0, 255)) : ''; +$bo_include_tail = isset($_POST['bo_include_tail']) ? preg_replace(array("#[\\\]+$#", "#(<\?php|<\?)#i"), "", substr($_POST['bo_include_tail'], 0, 255)) : ''; // 관리자가 자동등록방지를 사용해야 할 경우 if ($board && ($board['bo_include_head'] !== $bo_include_head || $board['bo_include_tail'] !== $bo_include_tail) && function_exists('get_admin_captcha_by') && get_admin_captcha_by()){ @@ -40,7 +42,6 @@ if ($file = $bo_include_head) { if( ! $file_ext || ! in_array($file_ext, array('php', 'htm', 'html')) || ! preg_match('/^.*\.(php|htm|html)$/i', $file) ) { alert('상단 파일 경로의 확장자는 php, htm, html 만 허용합니다.'); } - $_POST['bo_include_head'] = $file; } if ($file = $bo_include_tail) { @@ -49,7 +50,6 @@ if ($file = $bo_include_tail) { if( ! $file_ext || ! in_array($file_ext, array('php', 'htm', 'html')) || ! preg_match('/^.*\.(php|htm|html)$/i', $file) ) { alert('하단 파일 경로의 확장자는 php, htm, html 만 허용합니다.'); } - $_POST['bo_include_tail'] = $file; } if(!is_include_path_check($bo_include_head, 1)) { @@ -73,10 +73,11 @@ $board_path = G5_DATA_PATH.'/file/'.$bo_table; // 디렉토리에 있는 파일의 목록을 보이지 않게 한다. $file = $board_path . '/index.php'; -$f = @fopen($file, 'w'); -@fwrite($f, ''); -@fclose($f); -@chmod($file, G5_FILE_PERMISSION); +if( $f = @fopen($file, 'w') ){ + @fwrite($f, ''); + @fclose($f); + @chmod($file, G5_FILE_PERMISSION); +} // 분류에 & 나 = 는 사용이 불가하므로 2바이트로 바꾼다. $src_char = array('&', '='); @@ -85,108 +86,178 @@ $bo_category_list = isset($_POST['bo_category_list']) ? str_replace($src_char, $ //https://github.com/gnuboard/gnuboard5/commit/f5f4925d4eb28ba1af728e1065fc2bdd9ce1da58 에 따른 조치 $str_bo_category_list = preg_replace("/[\<\>\'\"\\\'\\\"\%\=\(\)\/\^\*]/", "", $bo_category_list); -$_POST['bo_subject'] = strip_tags(clean_xss_attributes($_POST['bo_subject'])); -$_POST['bo_mobile_subject'] = strip_tags(clean_xss_attributes($_POST['bo_mobile_subject'])); +$bo_use_category = isset($_POST['bo_use_category']) ? (int) $_POST['bo_use_category'] : 0; +$bo_use_sideview = isset($_POST['bo_use_sideview']) ? (int) $_POST['bo_use_sideview'] : 0; +$bo_use_dhtml_editor = isset($_POST['bo_use_dhtml_editor']) ? (int) $_POST['bo_use_dhtml_editor'] : 0; +$bo_use_good = isset($_POST['bo_use_good']) ? (int) $_POST['bo_use_good'] : 0; +$bo_use_nogood = isset($_POST['bo_use_nogood']) ? (int) $_POST['bo_use_nogood'] : 0; +$bo_use_name = isset($_POST['bo_use_name']) ? (int) $_POST['bo_use_name'] : 0; +$bo_use_signature = isset($_POST['bo_use_signature']) ? (int) $_POST['bo_use_signature'] : 0; +$bo_use_ip_view = isset($_POST['bo_use_ip_view']) ? (int) $_POST['bo_use_ip_view'] : 0; +$bo_use_list_view = isset($_POST['bo_use_list_view']) ? (int) $_POST['bo_use_list_view'] : 0; +$bo_use_list_file = isset($_POST['bo_use_list_file']) ? (int) $_POST['bo_use_list_file'] : 0; +$bo_use_list_content = isset($_POST['bo_use_list_content']) ? (int) $_POST['bo_use_list_content'] : 0; +$bo_use_email = isset($_POST['bo_use_email']) ? (int) $_POST['bo_use_email'] : 0; +$bo_use_sns = isset($_POST['bo_use_sns']) ? (int) $_POST['bo_use_sns'] : 0; +$bo_use_captcha = isset($_POST['bo_use_captcha']) ? (int) $_POST['bo_use_captcha'] : 0; +$bo_table_width = isset($_POST['bo_table_width']) ? (int) $_POST['bo_table_width'] : 0; +$bo_subject_len = isset($_POST['bo_subject_len']) ? (int) $_POST['bo_subject_len'] : 0; +$bo_mobile_subject_len = isset($_POST['bo_mobile_subject_len']) ? (int) $_POST['bo_mobile_subject_len'] : 0; +$bo_page_rows = isset($_POST['bo_page_rows']) ? (int) $_POST['bo_page_rows'] : 0; +$bo_mobile_page_rows = isset($_POST['bo_mobile_page_rows']) ? (int) $_POST['bo_mobile_page_rows'] : 0; +$bo_use_rss_view = isset($_POST['bo_use_rss_view']) ? (int) $_POST['bo_use_rss_view'] : 0; +$bo_use_secret = isset($_POST['bo_use_secret']) ? (int) $_POST['bo_use_secret'] : 0; +$bo_use_file_content = isset($_POST['bo_use_file_content']) ? (int) $_POST['bo_use_file_content'] : 0; +$bo_new = isset($_POST['bo_new']) ? (int) $_POST['bo_new'] : 0; +$bo_hot = isset($_POST['bo_hot']) ? (int) $_POST['bo_hot'] : 0; +$bo_image_width = isset($_POST['bo_image_width']) ? (int) $_POST['bo_image_width'] : 0; +$bo_use_search = isset($_POST['bo_use_search']) ? (int) $_POST['bo_use_search'] : 0; +$bo_use_cert = isset($_POST['bo_use_cert']) ? preg_replace('/[^0-9a-z_]/i', '', $_POST['bo_use_cert']) : ''; +$bo_device = isset($_POST['bo_device']) ? clean_xss_tags($_POST['bo_device'], 1, 1) : ''; +$bo_list_level = isset($_POST['bo_list_level']) ? (int) $_POST['bo_list_level'] : 0; +$bo_read_level = isset($_POST['bo_read_level']) ? (int) $_POST['bo_read_level'] : 0; +$bo_write_level = isset($_POST['bo_write_level']) ? (int) $_POST['bo_write_level'] : 0; +$bo_reply_level = isset($_POST['bo_reply_level']) ? (int) $_POST['bo_reply_level'] : 0; +$bo_comment_level = isset($_POST['bo_comment_level']) ? (int) $_POST['bo_comment_level'] : 0; +$bo_html_level = isset($_POST['bo_html_level']) ? (int) $_POST['bo_html_level'] : 0; +$bo_link_level = isset($_POST['bo_link_level']) ? (int) $_POST['bo_link_level'] : 0; +$bo_count_modify = isset($_POST['bo_count_modify']) ? (int) $_POST['bo_count_modify'] : 0; +$bo_count_delete = isset($_POST['bo_count_delete']) ? (int) $_POST['bo_count_delete'] : 0; +$bo_upload_level = isset($_POST['bo_upload_level']) ? (int) $_POST['bo_upload_level'] : 0; +$bo_download_level = isset($_POST['bo_download_level']) ? (int) $_POST['bo_download_level'] : 0; +$bo_read_point = isset($_POST['bo_read_point']) ? (int) $_POST['bo_read_point'] : 0; +$bo_write_point = isset($_POST['bo_write_point']) ? (int) $_POST['bo_write_point'] : 0; +$bo_comment_point = isset($_POST['bo_comment_point']) ? (int) $_POST['bo_comment_point'] : 0; +$bo_download_point = isset($_POST['bo_download_point']) ? (int) $_POST['bo_download_point'] : 0; +$bo_select_editor = isset($_POST['bo_select_editor']) ? clean_xss_tags($_POST['bo_select_editor'], 1, 1) : ''; +$bo_skin = isset($_POST['bo_skin']) ? clean_xss_tags($_POST['bo_skin'], 1, 1) : ''; +$bo_mobile_skin = isset($_POST['bo_mobile_skin']) ? clean_xss_tags($_POST['bo_mobile_skin'], 1, 1) : ''; +$bo_content_head = isset($_POST['bo_content_head']) ? $_POST['bo_content_head'] : ''; +$bo_content_tail = isset($_POST['bo_content_tail']) ? $_POST['bo_content_tail'] : ''; +$bo_mobile_content_head = isset($_POST['bo_mobile_content_head']) ? $_POST['bo_mobile_content_head'] : ''; +$bo_mobile_content_tail = isset($_POST['bo_mobile_content_tail']) ? $_POST['bo_mobile_content_tail'] : ''; +$bo_insert_content = isset($_POST['bo_insert_content']) ? $_POST['bo_insert_content'] : ''; +$bo_gallery_cols = isset($_POST['bo_gallery_cols']) ? (int) $_POST['bo_gallery_cols'] : 0; +$bo_gallery_width = isset($_POST['bo_gallery_width']) ? (int) $_POST['bo_gallery_width'] : 0; +$bo_gallery_height = isset($_POST['bo_gallery_height']) ? (int) $_POST['bo_gallery_height'] : 0; +$bo_mobile_gallery_width = isset($_POST['bo_mobile_gallery_width']) ? (int) $_POST['bo_mobile_gallery_width'] : 0; +$bo_mobile_gallery_height = isset($_POST['bo_mobile_gallery_height']) ? (int) $_POST['bo_mobile_gallery_height'] : 0; +$bo_upload_count = isset($_POST['bo_upload_count']) ? (int) $_POST['bo_upload_count'] : 0; +$bo_upload_size = isset($_POST['bo_upload_size']) ? (int) $_POST['bo_upload_size'] : 0; +$bo_reply_order = isset($_POST['bo_reply_order']) ? (int) $_POST['bo_reply_order'] : 0; +$bo_order = isset($_POST['bo_order']) ? (int) $_POST['bo_order'] : 0; +$bo_write_min = isset($_POST['bo_write_min']) ? (int) $_POST['bo_write_min'] : 0; +$bo_write_max = isset($_POST['bo_write_max']) ? (int) $_POST['bo_write_max'] : 0; +$bo_comment_min = isset($_POST['bo_comment_min']) ? (int) $_POST['bo_comment_min'] : 0; +$bo_comment_max = isset($_POST['bo_comment_max']) ? (int) $_POST['bo_comment_max'] : 0; +$bo_sort_field = isset($_POST['bo_sort_field']) ? clean_xss_tags($_POST['bo_sort_field'], 1, 1) : ''; + +$etcs = array(); + +for($i=1;$i<=10;$i++){ + $etcs['bo_'.$i.'_subj'] = ${'bo_'.$i.'_subj'} = isset($_POST['bo_'.$i.'_subj']) ? $_POST['bo_'.$i.'_subj'] : ''; + $etcs['bo_'.$i] = ${'bo_'.$i} = isset($_POST['bo_'.$i]) ? $_POST['bo_'.$i] : ''; +} $sql_common = " gr_id = '{$gr_id}', - bo_subject = '{$_POST['bo_subject']}', - bo_mobile_subject = '{$_POST['bo_mobile_subject']}', - bo_device = '{$_POST['bo_device']}', + bo_subject = '{$bo_subject}', + bo_mobile_subject = '{$bo_mobile_subject}', + bo_device = '{$bo_device}', bo_admin = '{$bo_admin}', - bo_list_level = '{$_POST['bo_list_level']}', - bo_read_level = '{$_POST['bo_read_level']}', - bo_write_level = '{$_POST['bo_write_level']}', - bo_reply_level = '{$_POST['bo_reply_level']}', - bo_comment_level = '{$_POST['bo_comment_level']}', - bo_html_level = '{$_POST['bo_html_level']}', - bo_link_level = '{$_POST['bo_link_level']}', - bo_count_modify = '{$_POST['bo_count_modify']}', - bo_count_delete = '{$_POST['bo_count_delete']}', - bo_upload_level = '{$_POST['bo_upload_level']}', - bo_download_level = '{$_POST['bo_download_level']}', - bo_read_point = '{$_POST['bo_read_point']}', - bo_write_point = '{$_POST['bo_write_point']}', - bo_comment_point = '{$_POST['bo_comment_point']}', - bo_download_point = '{$_POST['bo_download_point']}', - bo_use_category = '{$_POST['bo_use_category']}', + bo_list_level = '{$bo_list_level}', + bo_read_level = '{$bo_read_level}', + bo_write_level = '{$bo_write_level}', + bo_reply_level = '{$bo_reply_level}', + bo_comment_level = '{$bo_comment_level}', + bo_html_level = '{$bo_html_level}', + bo_link_level = '{$bo_link_level}', + bo_count_modify = '{$bo_count_modify}', + bo_count_delete = '{$bo_count_delete}', + bo_upload_level = '{$bo_upload_level}', + bo_download_level = '{$bo_download_level}', + bo_read_point = '{$bo_read_point}', + bo_write_point = '{$bo_write_point}', + bo_comment_point = '{$bo_comment_point}', + bo_download_point = '{$bo_download_point}', + bo_use_category = '{$bo_use_category}', bo_category_list = '{$str_bo_category_list}', - bo_use_sideview = '{$_POST['bo_use_sideview']}', - bo_use_file_content = '{$_POST['bo_use_file_content']}', - bo_use_secret = '{$_POST['bo_use_secret']}', - bo_use_dhtml_editor = '{$_POST['bo_use_dhtml_editor']}', - bo_select_editor = '{$_POST['bo_select_editor']}', - bo_use_rss_view = '{$_POST['bo_use_rss_view']}', - bo_use_good = '{$_POST['bo_use_good']}', - bo_use_nogood = '{$_POST['bo_use_nogood']}', - bo_use_name = '{$_POST['bo_use_name']}', - bo_use_signature = '{$_POST['bo_use_signature']}', - bo_use_ip_view = '{$_POST['bo_use_ip_view']}', - bo_use_list_view = '{$_POST['bo_use_list_view']}', - bo_use_list_file = '{$_POST['bo_use_list_file']}', - bo_use_list_content = '{$_POST['bo_use_list_content']}', - bo_use_email = '{$_POST['bo_use_email']}', - bo_use_cert = '{$_POST['bo_use_cert']}', - bo_use_sns = '{$_POST['bo_use_sns']}', - bo_use_captcha = '{$_POST['bo_use_captcha']}', - bo_table_width = '{$_POST['bo_table_width']}', - bo_subject_len = '{$_POST['bo_subject_len']}', - bo_mobile_subject_len = '{$_POST['bo_mobile_subject_len']}', - bo_page_rows = '{$_POST['bo_page_rows']}', - bo_mobile_page_rows = '{$_POST['bo_mobile_page_rows']}', - bo_new = '{$_POST['bo_new']}', - bo_hot = '{$_POST['bo_hot']}', - bo_image_width = '{$_POST['bo_image_width']}', - bo_skin = '{$_POST['bo_skin']}', - bo_mobile_skin = '{$_POST['bo_mobile_skin']}', + bo_use_sideview = '{$bo_use_sideview}', + bo_use_file_content = '{$bo_use_file_content}', + bo_use_secret = '{$bo_use_secret}', + bo_use_dhtml_editor = '{$bo_use_dhtml_editor}', + bo_select_editor = '{$bo_select_editor}', + bo_use_rss_view = '{$bo_use_rss_view}', + bo_use_good = '{$bo_use_good}', + bo_use_nogood = '{$bo_use_nogood}', + bo_use_name = '{$bo_use_name}', + bo_use_signature = '{$bo_use_signature}', + bo_use_ip_view = '{$bo_use_ip_view}', + bo_use_list_view = '{$bo_use_list_view}', + bo_use_list_file = '{$bo_use_list_file}', + bo_use_list_content = '{$bo_use_list_content}', + bo_use_email = '{$bo_use_email}', + bo_use_cert = '{$bo_use_cert}', + bo_use_sns = '{$bo_use_sns}', + bo_use_captcha = '{$bo_use_captcha}', + bo_table_width = '{$bo_table_width}', + bo_subject_len = '{$bo_subject_len}', + bo_mobile_subject_len = '{$bo_mobile_subject_len}', + bo_page_rows = '{$bo_page_rows}', + bo_mobile_page_rows = '{$bo_mobile_page_rows}', + bo_new = '{$bo_new}', + bo_hot = '{$bo_hot}', + bo_image_width = '{$bo_image_width}', + bo_skin = '{$bo_skin}', + bo_mobile_skin = '{$bo_mobile_skin}', "; // 최고 관리자인 경우에만 수정가능 if ($is_admin === 'super'){ $sql_common .= " bo_include_head = '".$bo_include_head."', bo_include_tail = '".$bo_include_tail."', - bo_content_head = '{$_POST['bo_content_head']}', - bo_content_tail = '{$_POST['bo_content_tail']}', - bo_mobile_content_head = '{$_POST['bo_mobile_content_head']}', - bo_mobile_content_tail = '{$_POST['bo_mobile_content_tail']}', + bo_content_head = '{$bo_content_head}', + bo_content_tail = '{$bo_content_tail}', + bo_mobile_content_head = '{$bo_mobile_content_head}', + bo_mobile_content_tail = '{$bo_mobile_content_tail}', "; } -$sql_common .= " bo_insert_content = '{$_POST['bo_insert_content']}', - bo_gallery_cols = '{$_POST['bo_gallery_cols']}', - bo_gallery_width = '{$_POST['bo_gallery_width']}', - bo_gallery_height = '{$_POST['bo_gallery_height']}', - bo_mobile_gallery_width = '{$_POST['bo_mobile_gallery_width']}', - bo_mobile_gallery_height= '{$_POST['bo_mobile_gallery_height']}', - bo_upload_count = '{$_POST['bo_upload_count']}', - bo_upload_size = '{$_POST['bo_upload_size']}', - bo_reply_order = '{$_POST['bo_reply_order']}', - bo_use_search = '{$_POST['bo_use_search']}', - bo_order = '{$_POST['bo_order']}', - bo_write_min = '{$_POST['bo_write_min']}', - bo_write_max = '{$_POST['bo_write_max']}', - bo_comment_min = '{$_POST['bo_comment_min']}', - bo_comment_max = '{$_POST['bo_comment_max']}', - bo_sort_field = '{$_POST['bo_sort_field']}', - bo_1_subj = '{$_POST['bo_1_subj']}', - bo_2_subj = '{$_POST['bo_2_subj']}', - bo_3_subj = '{$_POST['bo_3_subj']}', - bo_4_subj = '{$_POST['bo_4_subj']}', - bo_5_subj = '{$_POST['bo_5_subj']}', - bo_6_subj = '{$_POST['bo_6_subj']}', - bo_7_subj = '{$_POST['bo_7_subj']}', - bo_8_subj = '{$_POST['bo_8_subj']}', - bo_9_subj = '{$_POST['bo_9_subj']}', - bo_10_subj = '{$_POST['bo_10_subj']}', - bo_1 = '{$_POST['bo_1']}', - bo_2 = '{$_POST['bo_2']}', - bo_3 = '{$_POST['bo_3']}', - bo_4 = '{$_POST['bo_4']}', - bo_5 = '{$_POST['bo_5']}', - bo_6 = '{$_POST['bo_6']}', - bo_7 = '{$_POST['bo_7']}', - bo_8 = '{$_POST['bo_8']}', - bo_9 = '{$_POST['bo_9']}', - bo_10 = '{$_POST['bo_10']}' "; +$sql_common .= " bo_insert_content = '{$bo_insert_content}', + bo_gallery_cols = '{$bo_gallery_cols}', + bo_gallery_width = '{$bo_gallery_width}', + bo_gallery_height = '{$bo_gallery_height}', + bo_mobile_gallery_width = '{$bo_mobile_gallery_width}', + bo_mobile_gallery_height= '{$bo_mobile_gallery_height}', + bo_upload_count = '{$bo_upload_count}', + bo_upload_size = '{$bo_upload_size}', + bo_reply_order = '{$bo_reply_order}', + bo_use_search = '{$bo_use_search}', + bo_order = '{$bo_order}', + bo_write_min = '{$bo_write_min}', + bo_write_max = '{$bo_write_max}', + bo_comment_min = '{$bo_comment_min}', + bo_comment_max = '{$bo_comment_max}', + bo_sort_field = '{$bo_sort_field}', + bo_1_subj = '{$bo_1_subj}', + bo_2_subj = '{$bo_2_subj}', + bo_3_subj = '{$bo_3_subj}', + bo_4_subj = '{$bo_4_subj}', + bo_5_subj = '{$bo_5_subj}', + bo_6_subj = '{$bo_6_subj}', + bo_7_subj = '{$bo_7_subj}', + bo_8_subj = '{$bo_8_subj}', + bo_9_subj = '{$bo_9_subj}', + bo_10_subj = '{$bo_10_subj}', + bo_1 = '{$bo_1}', + bo_2 = '{$bo_2}', + bo_3 = '{$bo_3}', + bo_4 = '{$bo_4}', + bo_5 = '{$bo_5}', + bo_6 = '{$bo_6}', + bo_7 = '{$bo_7}', + bo_8 = '{$bo_8}', + bo_9 = '{$bo_9}', + bo_10 = '{$bo_10}' "; if ($w == '') { @@ -355,8 +426,8 @@ if (is_checked('chk_grp_use_search')) $grp_fields .= " , bo_use_search if (is_checked('chk_grp_order')) $grp_fields .= " , bo_order = '{$bo_order}' "; for ($i=1; $i<=10; $i++) { if (is_checked('chk_grp_'.$i)) { - $grp_fields .= " , bo_{$i}_subj = '".$_POST['bo_'.$i.'_subj']."' "; - $grp_fields .= " , bo_{$i} = '".$_POST['bo_'.$i]."' "; + $grp_fields .= " , bo_{$i}_subj = '".$etcs['bo_'.$i.'_subj']."' "; + $grp_fields .= " , bo_{$i} = '".$etcs['bo_'.$i]."' "; } } @@ -445,8 +516,8 @@ if (is_checked('chk_all_use_search')) $all_fields .= " , bo_use_search if (is_checked('chk_all_order')) $all_fields .= " , bo_order = '{$bo_order}' "; for ($i=1; $i<=10; $i++) { if (is_checked('chk_all_'.$i)) { - $all_fields .= " , bo_{$i}_subj = '".$_POST['bo_'.$i.'_subj']."' "; - $all_fields .= " , bo_{$i} = '".$_POST['bo_'.$i]."' "; + $all_fields .= " , bo_{$i}_subj = '".$etcs['bo_'.$i.'_subj']."' "; + $all_fields .= " , bo_{$i} = '".$etcs['bo_'.$i]."' "; } } @@ -461,5 +532,4 @@ if(function_exists('get_admin_captcha_by')) run_event('admin_board_form_update', $bo_table, $w); -goto_url("./board_form.php?w=u&bo_table={$bo_table}&{$qstr}"); -?> +goto_url("./board_form.php?w=u&bo_table={$bo_table}&{$qstr}"); \ No newline at end of file diff --git a/adm/board_list.php b/adm/board_list.php index d4ed4282e..3d6babfa9 100644 --- a/adm/board_list.php +++ b/adm/board_list.php @@ -2,7 +2,7 @@ $sub_menu = "300100"; include_once('./_common.php'); -auth_check($auth[$sub_menu], 'r'); +auth_check_menu($auth, $sub_menu, 'r'); $sql_common = " from {$g5['board_table']} a "; $sql_search = " where (1) "; @@ -63,9 +63,9 @@ $colspan = 15; @@ -81,7 +81,7 @@ $colspan = 15; - +
      @@ -235,5 +235,4 @@ $(function(){ +include_once('./admin.tail.php'); \ No newline at end of file diff --git a/adm/board_list_update.php b/adm/board_list_update.php index 552f60d99..9952804fd 100644 --- a/adm/board_list_update.php +++ b/adm/board_list_update.php @@ -4,28 +4,42 @@ include_once('./_common.php'); check_demo(); -if (!count($_POST['chk'])) { - alert($_POST['act_button']." 하실 항목을 하나 이상 체크하세요."); +$post_count_chk = (isset($_POST['chk']) && is_array($_POST['chk'])) ? count($_POST['chk']) : 0; +$chk = (isset($_POST['chk']) && is_array($_POST['chk'])) ? $_POST['chk'] : array(); +$act_button = isset($_POST['act_button']) ? strip_tags($_POST['act_button']) : ''; +$board_table = (isset($_POST['board_table']) && is_array($_POST['board_table'])) ? $_POST['board_table'] : array(); + +if (! $post_count_chk) { + alert($act_button." 하실 항목을 하나 이상 체크하세요."); } check_admin_token(); -$act_button = isset($_POST['act_button']) ? strip_tags($_POST['act_button']) : ''; -$chk = (isset($_POST['chk']) && is_array($_POST['chk'])) ? $_POST['chk'] : array(); -$board_table = (isset($_POST['board_table']) && is_array($_POST['board_table'])) ? $_POST['board_table'] : array(); +if ($act_button === "선택수정") { -if ($_POST['act_button'] == "선택수정") { + auth_check_menu($auth, $sub_menu, 'w'); - auth_check($auth[$sub_menu], 'w'); - - for ($i=0; $i +goto_url('./board_list.php?'.$qstr); \ No newline at end of file diff --git a/adm/board_thumbnail_delete.php b/adm/board_thumbnail_delete.php index 720cad4f9..93024ca44 100644 --- a/adm/board_thumbnail_delete.php +++ b/adm/board_thumbnail_delete.php @@ -2,7 +2,7 @@ $sub_menu = '300100'; include_once('./_common.php'); -auth_check($auth[$sub_menu], 'w'); +auth_check_menu($auth, $sub_menu, 'w'); if(!$board['bo_table']) alert('존재하지 않는 게시판입니다.'); @@ -48,5 +48,4 @@ if(is_dir($dir)) {
      게시판 수정으로 돌아가기
      \ No newline at end of file +include_once('./admin.tail.php'); \ No newline at end of file diff --git a/adm/boardgroup_form.php b/adm/boardgroup_form.php index c9e8338bd..e240e1fc6 100644 --- a/adm/boardgroup_form.php +++ b/adm/boardgroup_form.php @@ -2,17 +2,24 @@ $sub_menu = "300200"; include_once('./_common.php'); -auth_check($auth[$sub_menu], 'w'); +auth_check_menu($auth, $sub_menu, 'w'); if ($is_admin != 'super' && $w == '') alert('최고관리자만 접근 가능합니다.'); $html_title = '게시판그룹'; $gr_id_attr = ''; $sound_only = ''; + +if( ! isset($group['gr_id']) ){ + $group['gr_id'] = ''; + $group['gr_subject'] = ''; + $group['gr_device'] = ''; +} + if ($w == '') { $gr_id_attr = 'required'; $sound_only = ' 필수'; - $gr = array('gr_use_access' => 0); + $gr = array('gr_use_access' => 0, 'gr_admin'=>''); $html_title .= ' 생성'; } else if ($w == 'u') { $gr_id_attr = 'readonly'; @@ -115,9 +122,9 @@ include_once('./admin.head.php');       @@ -148,5 +155,4 @@ function fboardgroup_check(f) +include_once ('./admin.tail.php'); \ No newline at end of file diff --git a/adm/boardgroup_form_update.php b/adm/boardgroup_form_update.php index 35d8843c1..41048403c 100644 --- a/adm/boardgroup_form_update.php +++ b/adm/boardgroup_form_update.php @@ -5,42 +5,63 @@ include_once('./_common.php'); if ($w == 'u') check_demo(); -auth_check($auth[$sub_menu], 'w'); +auth_check_menu($auth, $sub_menu, 'w'); if ($is_admin != 'super' && $w == '') alert('최고관리자만 접근 가능합니다.'); check_admin_token(); -if (!preg_match("/^([A-Za-z0-9_]{1,10})$/", $_POST['gr_id'])) +$gr_id = isset($_POST['gr_id']) ? $_POST['gr_id'] : ''; + +if (!preg_match("/^([A-Za-z0-9_]{1,10})$/", $gr_id)) alert('그룹 ID는 공백없이 영문자, 숫자, _ 만 사용 가능합니다. (10자 이내)'); if (!$gr_subject) alert('그룹 제목을 입력하세요.'); -$gr_subject = isset($_POST['gr_subject']) ? strip_tags(clean_xss_attributes($_POST['gr_subject'])) : ''; +$posts = array(); -$sql_common = " gr_subject = '{$gr_subject}', - gr_device = '{$_POST['gr_device']}', - gr_admin = '{$_POST['gr_admin']}', - gr_1_subj = '{$_POST['gr_1_subj']}', - gr_2_subj = '{$_POST['gr_2_subj']}', - gr_3_subj = '{$_POST['gr_3_subj']}', - gr_4_subj = '{$_POST['gr_4_subj']}', - gr_5_subj = '{$_POST['gr_5_subj']}', - gr_6_subj = '{$_POST['gr_6_subj']}', - gr_7_subj = '{$_POST['gr_7_subj']}', - gr_8_subj = '{$_POST['gr_8_subj']}', - gr_9_subj = '{$_POST['gr_9_subj']}', - gr_10_subj = '{$_POST['gr_10_subj']}', - gr_1 = '{$_POST['gr_1']}', - gr_2 = '{$_POST['gr_2']}', - gr_3 = '{$_POST['gr_3']}', - gr_4 = '{$_POST['gr_4']}', - gr_5 = '{$_POST['gr_5']}', - gr_6 = '{$_POST['gr_6']}', - gr_7 = '{$_POST['gr_7']}', - gr_8 = '{$_POST['gr_8']}', - gr_9 = '{$_POST['gr_9']}', - gr_10 = '{$_POST['gr_10']}' "; +$check_keys = array( +'gr_subject', +'gr_device', +'gr_admin' +); + +for($i=1;$i<=10;$i++){ + $check_keys['gr_'.$i.'_subj'] = isset($_POST['gr_'.$i.'_subj']) ? $_POST['gr_'.$i.'_subj'] : ''; + $check_keys['gr_'.$i] = isset($_POST['gr_'.$i]) ? $_POST['gr_'.$i] : ''; +} + +foreach( $check_keys as $key ){ + if( $key === 'gr_subject' ){ + $posts[$key] = isset($_POST[$key]) ? strip_tags(clean_xss_attributes($_POST[$key])) : ''; + } else { + $posts[$key] = isset($_POST[$key]) ? $_POST[$key] : ''; + } +} + +$sql_common = " gr_subject = '{$posts['gr_subject']}', + gr_device = '{$posts['gr_device']}', + gr_admin = '{$posts['gr_admin']}', + gr_1_subj = '{$posts['gr_1_subj']}', + gr_2_subj = '{$posts['gr_2_subj']}', + gr_3_subj = '{$posts['gr_3_subj']}', + gr_4_subj = '{$posts['gr_4_subj']}', + gr_5_subj = '{$posts['gr_5_subj']}', + gr_6_subj = '{$posts['gr_6_subj']}', + gr_7_subj = '{$posts['gr_7_subj']}', + gr_8_subj = '{$posts['gr_8_subj']}', + gr_9_subj = '{$posts['gr_9_subj']}', + gr_10_subj = '{$posts['gr_10_subj']}', + gr_1 = '{$posts['gr_1']}', + gr_2 = '{$posts['gr_2']}', + gr_3 = '{$posts['gr_3']}', + gr_4 = '{$posts['gr_4']}', + gr_5 = '{$posts['gr_5']}', + gr_6 = '{$posts['gr_6']}', + gr_7 = '{$posts['gr_7']}', + gr_8 = '{$posts['gr_8']}', + gr_9 = '{$posts['gr_9']}', + gr_10 = '{$posts['gr_10']}' "; if (isset($_POST['gr_use_access'])) $sql_common .= ", gr_use_access = '{$_POST['gr_use_access']}' "; else @@ -48,13 +69,13 @@ else if ($w == '') { - $sql = " select count(*) as cnt from {$g5['group_table']} where gr_id = '{$_POST['gr_id']}' "; + $sql = " select count(*) as cnt from {$g5['group_table']} where gr_id = '{$gr_id}' "; $row = sql_fetch($sql); if ($row['cnt']) alert('이미 존재하는 그룹 ID 입니다.'); $sql = " insert into {$g5['group_table']} - set gr_id = '{$_POST['gr_id']}', + set gr_id = '{$gr_id}', {$sql_common} "; sql_query($sql); @@ -62,7 +83,7 @@ if ($w == '') { $sql = " update {$g5['group_table']} set {$sql_common} - where gr_id = '{$_POST['gr_id']}' "; + where gr_id = '{$gr_id}' "; sql_query($sql); } else { @@ -71,5 +92,4 @@ if ($w == '') { run_event('admin_boardgroup_form_update', $gr_id, $w); -goto_url('./boardgroup_form.php?w=u&gr_id='.$gr_id.'&'.$qstr); -?> +goto_url('./boardgroup_form.php?w=u&gr_id='.$gr_id.'&'.$qstr); \ No newline at end of file diff --git a/adm/boardgroup_list.php b/adm/boardgroup_list.php index 08cd18382..793d5a28b 100644 --- a/adm/boardgroup_list.php +++ b/adm/boardgroup_list.php @@ -2,7 +2,7 @@ $sub_menu = "300200"; include_once('./_common.php'); -auth_check($auth[$sub_menu], 'r'); +auth_check_menu($auth, $sub_menu, 'r'); if (!isset($group['gr_device'])) { // 게시판 그룹 사용 필드 추가 @@ -10,7 +10,7 @@ if (!isset($group['gr_device'])) { // pc : pc 전용 사용 // mobile : mobile 전용 사용 // none : 사용 안함 - sql_query(" ALTER TABLE `{$g5['board_group_table']}` ADD `gr_device` ENUM( 'both', 'pc', 'mobile' ) NOT NULL DEFAULT 'both' AFTER `gr_subject` ", false); + sql_query(" ALTER TABLE `{$g5['group_table']}` ADD `gr_device` ENUM( 'both', 'pc', 'mobile' ) NOT NULL DEFAULT 'both' AFTER `gr_subject` ", false); } $sql_common = " from {$g5['group_table']} "; @@ -66,9 +66,9 @@ $colspan = 10; @@ -207,5 +207,4 @@ function fboardgrouplist_submit(f) +include_once('./admin.tail.php'); \ No newline at end of file diff --git a/adm/boardgroup_list_update.php b/adm/boardgroup_list_update.php index b49a673b9..94cbd96a6 100644 --- a/adm/boardgroup_list_update.php +++ b/adm/boardgroup_list_update.php @@ -6,7 +6,7 @@ include_once('./_common.php'); check_demo(); -auth_check($auth[$sub_menu], 'w'); +auth_check_menu($auth, $sub_menu, 'w'); check_admin_token(); @@ -21,18 +21,21 @@ if(!$count) for ($i=0; $i<$count; $i++) { - $k = $post_chk[$i]; + $k = isset($post_chk[$i]) ? (int) $post_chk[$i] : 0; $gr_id = preg_replace('/[^a-z0-9_]/i', '', $post_group_id[$k]); - $gr_subject = is_array($_POST['gr_subject']) ? strip_tags(clean_xss_attributes($_POST['gr_subject'][$k])) : ''; - $gr_admin = is_array($_POST['gr_admin']) ? strip_tags(clean_xss_attributes($_POST['gr_admin'][$k])) : ''; + $gr_subject = isset($_POST['gr_subject'][$k]) ? strip_tags(clean_xss_attributes($_POST['gr_subject'][$k])) : ''; + $gr_admin = isset($_POST['gr_admin'][$k]) ? strip_tags(clean_xss_attributes($_POST['gr_admin'][$k])) : ''; + $gr_device = isset($_POST['gr_device'][$k]) ? clean_xss_tags($_POST['gr_device'][$k], 1, 1, 10) : ''; + $gr_use_access = isset($_POST['gr_use_access'][$k]) ? (int) $_POST['gr_use_access'][$k] : 0; + $gr_order = isset($_POST['gr_order'][$k]) ? (int) $_POST['gr_order'][$k] : 0; if($act_button == '선택수정') { $sql = " update {$g5['group_table']} set gr_subject = '{$gr_subject}', - gr_device = '".sql_real_escape_string($_POST['gr_device'][$k])."', - gr_admin = '".sql_real_escape_string($_POST['gr_admin'][$k])."', - gr_use_access = '".sql_real_escape_string($_POST['gr_use_access'][$k])."', - gr_order = '".sql_real_escape_string($_POST['gr_order'][$k])."' + gr_device = '".sql_real_escape_string($gr_device)."', + gr_admin = '".sql_real_escape_string($gr_admin)."', + gr_use_access = '".$gr_use_access."', + gr_order = '".$gr_order."' where gr_id = '{$gr_id}' "; if ($is_admin != 'super') $sql .= " and gr_admin = '{$gr_admin}' "; @@ -52,5 +55,4 @@ for ($i=0; $i<$count; $i++) run_event('admin_boardgroup_list_update', $act_button, $chk, $post_group_id, $qstr); -goto_url('./boardgroup_list.php?'.$qstr); -?> +goto_url('./boardgroup_list.php?'.$qstr); \ No newline at end of file diff --git a/adm/boardgroupmember_form.php b/adm/boardgroupmember_form.php index 7a8c2d11d..529d7495d 100644 --- a/adm/boardgroupmember_form.php +++ b/adm/boardgroupmember_form.php @@ -2,10 +2,12 @@ $sub_menu = "300200"; include_once('./_common.php'); -auth_check($auth[$sub_menu], 'w'); +auth_check_menu($auth, $sub_menu, 'w'); $mb = get_member($mb_id); -if (!$mb['mb_id']) +$token = isset($token) ? $token : ''; + +if (! (isset($mb['mb_id']) && $mb['mb_id'])) alert('존재하지 않는 회원입니다.'); $g5['title'] = '접근가능그룹'; @@ -51,7 +53,7 @@ $colspan = 4; - + @@ -128,5 +130,4 @@ function boardgroupmember_form_check(f) +include_once('./admin.tail.php'); \ No newline at end of file diff --git a/adm/boardgroupmember_list.php b/adm/boardgroupmember_list.php index 8827df7f1..2cfad069d 100644 --- a/adm/boardgroupmember_list.php +++ b/adm/boardgroupmember_list.php @@ -2,7 +2,7 @@ $sub_menu = "300200"; include_once('./_common.php'); -auth_check($auth[$sub_menu], 'r'); +auth_check_menu($auth, $sub_menu, 'r'); $gr = get_group($gr_id); if (!$gr['gr_id']) { @@ -59,7 +59,7 @@ $colspan = 7; @@ -152,5 +152,4 @@ function fboardgroupmember_submit(f) +include_once('./admin.tail.php'); \ No newline at end of file diff --git a/adm/boardgroupmember_update.php b/adm/boardgroupmember_update.php index 56de9c4cc..4d943b30d 100644 --- a/adm/boardgroupmember_update.php +++ b/adm/boardgroupmember_update.php @@ -6,7 +6,7 @@ sql_query(" ALTER TABLE {$g5['group_member_table']} CHANGE `gm_id` `gm_id` INT( if ($w == '') { - auth_check($auth[$sub_menu], 'w'); + auth_check_menu($auth, $sub_menu, 'w'); $mb = get_member($mb_id); if (!$mb['mb_id']) { @@ -39,7 +39,7 @@ if ($w == '') } else if ($w == 'd' || $w == 'ld') { - auth_check($auth[$sub_menu], 'd'); + auth_check_menu($auth, $sub_menu, 'd'); $count = count($_POST['chk']); if(!$count) @@ -66,5 +66,4 @@ else if ($w == 'd' || $w == 'ld') if ($w == 'ld') goto_url('./boardgroupmember_list.php?gr_id='.$gr_id); else - goto_url('./boardgroupmember_form.php?mb_id='.$mb_id); -?> + goto_url('./boardgroupmember_form.php?mb_id='.$mb_id); \ No newline at end of file diff --git a/adm/browscap.php b/adm/browscap.php index 0c287c14e..d26fc6ab1 100644 --- a/adm/browscap.php +++ b/adm/browscap.php @@ -41,5 +41,4 @@ $(function() { \ No newline at end of file +include_once('./admin.tail.php'); \ No newline at end of file diff --git a/adm/browscap_convert.php b/adm/browscap_convert.php index 7c0dfc880..9f0eac4ca 100644 --- a/adm/browscap_convert.php +++ b/adm/browscap_convert.php @@ -8,7 +8,7 @@ if(!(version_compare(phpversion(), '5.3.0', '>=') && defined('G5_BROWSCAP_USE') if ($is_admin != 'super') alert('최고관리자만 접근 가능합니다.'); -$rows = preg_replace('#[^0-9]#', '', $_GET['rows']); +$rows = isset($_GET['rows']) ? preg_replace('#[^0-9]#', '', $_GET['rows']) : 0; if(!$rows) $rows = 100; @@ -42,5 +42,4 @@ $(function() { \ No newline at end of file +include_once('./admin.tail.php'); \ No newline at end of file diff --git a/adm/browscap_converter.php b/adm/browscap_converter.php index f7572edb7..a89aca909 100644 --- a/adm/browscap_converter.php +++ b/adm/browscap_converter.php @@ -71,5 +71,4 @@ for($i=0; $row=sql_fetch_array($result); $i++) { if(($total_count - $cnt) == 0 || $total_count == 0) echo '

      변환완료

      '; else - echo '

      총 '.number_format($total_count).'건 중 '.number_format($cnt).'건 변환완료

      접속로그를 추가로 변환하시려면 아래 업데이트 버튼을 클릭해 주세요.

      '; -?> \ No newline at end of file + echo '

      총 '.number_format($total_count).'건 중 '.number_format($cnt).'건 변환완료

      접속로그를 추가로 변환하시려면 아래 업데이트 버튼을 클릭해 주세요.

      '; \ No newline at end of file diff --git a/adm/browscap_update.php b/adm/browscap_update.php index e27a73974..2e7001018 100644 --- a/adm/browscap_update.php +++ b/adm/browscap_update.php @@ -20,5 +20,4 @@ $browscap->updateMethod = 'cURL'; $browscap->cacheFilename = 'browscap_cache.php'; $browscap->updateCache(); -die(''); -?> \ No newline at end of file +die(''); \ No newline at end of file diff --git a/adm/cache_file_delete.php b/adm/cache_file_delete.php index 544fad52b..808842c93 100644 --- a/adm/cache_file_delete.php +++ b/adm/cache_file_delete.php @@ -56,5 +56,4 @@ echo '

      최신글 캐시파일 '.$ ?> \ No newline at end of file +include_once('./admin.tail.php'); \ No newline at end of file diff --git a/adm/captcha_file_delete.php b/adm/captcha_file_delete.php index 65cb56535..e3d0f4981 100644 --- a/adm/captcha_file_delete.php +++ b/adm/captcha_file_delete.php @@ -49,5 +49,4 @@ echo '

      캡챠파일 '.$cnt.'건 ?> \ No newline at end of file +include_once('./admin.tail.php'); \ No newline at end of file diff --git a/adm/config_form.php b/adm/config_form.php index 6dcf7d90d..237b83610 100644 --- a/adm/config_form.php +++ b/adm/config_form.php @@ -2,7 +2,7 @@ $sub_menu = "100100"; include_once('./_common.php'); -auth_check($auth[$sub_menu], 'r'); +auth_check_menu($auth, $sub_menu, 'r'); if ($is_admin != 'super') alert('최고관리자만 접근 가능합니다.'); @@ -304,6 +304,7 @@ $pg_anchor = '

        if (!$config['cf_icode_server_ip']) $config['cf_icode_server_ip'] = '211.172.232.124'; if (!$config['cf_icode_server_port']) $config['cf_icode_server_port'] = '7295'; +$userinfo = array('payment'=>''); if ($config['cf_sms_use'] && $config['cf_icode_id'] && $config['cf_icode_pw']) { $userinfo = get_icode_userinfo($config['cf_icode_id'], $config['cf_icode_pw']); } @@ -569,14 +570,14 @@ if ($config['cf_sms_use'] && $config['cf_icode_id'] && $config['cf_icode_pw']) {
      @@ -1529,5 +1530,4 @@ if($config['cf_cert_use']) { } } -include_once ('./admin.tail.php'); -?> +include_once ('./admin.tail.php'); \ No newline at end of file diff --git a/adm/config_form_update.php b/adm/config_form_update.php index f7e51ae24..d2564cd8a 100644 --- a/adm/config_form_update.php +++ b/adm/config_form_update.php @@ -4,39 +4,33 @@ include_once('./_common.php'); check_demo(); -auth_check($auth[$sub_menu], 'w'); +auth_check_menu($auth, $sub_menu, 'w'); if ($is_admin != 'super') alert('최고관리자만 접근 가능합니다.'); +$cf_title = isset($_POST['cf_title']) ? strip_tags(clean_xss_attributes($_POST['cf_title'])) : ''; +$cf_admin = isset($_POST['cf_admin']) ? clean_xss_tags($_POST['cf_admin'], 1, 1) : ''; +$posts = array(); + $mb = get_member($cf_admin); -if (!$mb['mb_id']) + +if (! (isset($mb['mb_id']) && $mb['mb_id'])) alert('최고관리자 회원아이디가 존재하지 않습니다.'); check_admin_token(); -// 본인확인을 사용할 경우 아이핀, 휴대폰인증 중 하나는 선택되어야 함 -if($_POST['cf_cert_use'] && !$_POST['cf_cert_ipin'] && !$_POST['cf_cert_hp']) - alert('본인확인을 위해 아이핀 또는 휴대폰 본인학인 서비스를 하나이상 선택해 주십시오'); - -if(!$_POST['cf_cert_use']) { - $_POST['cf_cert_ipin'] = ''; - $_POST['cf_cert_hp'] = ''; -} - $cf_social_servicelist = !empty($_POST['cf_social_servicelist']) ? implode(',', $_POST['cf_social_servicelist']) : ''; -$_POST['cf_title'] = strip_tags(clean_xss_attributes($_POST['cf_title'])); - $check_keys = array('cf_lg_mid', 'cf_lg_mert_key', 'cf_cert_kcb_cd', 'cf_cert_kcp_cd', 'cf_editor', 'cf_recaptcha_site_key', 'cf_recaptcha_secret_key', 'cf_naver_clientid', 'cf_naver_secret', 'cf_facebook_appid', 'cf_facebook_secret', 'cf_twitter_key', 'cf_twitter_secret', 'cf_google_clientid', 'cf_google_secret', 'cf_googl_shorturl_apikey', 'cf_kakao_rest_key', 'cf_kakao_client_secret', 'cf_kakao_js_apikey', 'cf_payco_clientid', 'cf_payco_secret'); foreach( $check_keys as $key ){ if ( isset($_POST[$key]) && $_POST[$key] ){ - $_POST[$key] = preg_replace('/[^a-z0-9_\-\.]/i', '', $_POST[$key]); + $posts[$key] = $_POST[$key] = preg_replace('/[^a-z0-9_\-\.]/i', '', $_POST[$key]); } } -$_POST['cf_icode_server_port'] = isset($_POST['cf_icode_server_port']) ? preg_replace('/[^0-9]/', '', $_POST['cf_icode_server_port']) : '7295'; +$posts['cf_icode_server_port'] = $_POST['cf_icode_server_port'] = isset($_POST['cf_icode_server_port']) ? preg_replace('/[^0-9]/', '', $_POST['cf_icode_server_port']) : '7295'; if(isset($_POST['cf_intercept_ip']) && $_POST['cf_intercept_ip']){ @@ -56,9 +50,134 @@ if(isset($_POST['cf_intercept_ip']) && $_POST['cf_intercept_ip']){ } } +$check_keys = array( +'cf_use_email_certify' => 'int', +'cf_use_homepage' => 'int', +'cf_req_homepage' => 'int', +'cf_use_tel' => 'int', +'cf_req_tel' => 'int', +'cf_use_hp' => 'int', +'cf_req_hp' => 'int', +'cf_use_addr' => 'int', +'cf_req_addr' => 'int', +'cf_use_signature' => 'int', +'cf_req_signature' => 'int', +'cf_use_profile' => 'int', +'cf_req_profile' => 'int', +'cf_register_level' => 'int', +'cf_register_point' => 'int', +'cf_icon_level' => 'int', +'cf_use_recommend' => 'int', +'cf_leave_day' => 'int', +'cf_search_part' => 'int', +'cf_email_use' => 'int', +'cf_email_wr_super_admin' => 'int', +'cf_email_wr_group_admin' => 'int', +'cf_email_wr_board_admin' => 'int', +'cf_email_wr_write' => 'int', +'cf_email_wr_comment_all' => 'int', +'cf_email_mb_super_admin' => 'int', +'cf_email_mb_member' => 'int', +'cf_email_po_super_admin' => 'int', +'cf_prohibit_id' => 'text', +'cf_prohibit_email' => 'text', +'cf_new_del' => 'int', +'cf_memo_del' => 'int', +'cf_visit_del' => 'int', +'cf_popular_del' => 'int', +'cf_use_member_icon' => 'int', +'cf_member_icon_size' => 'int', +'cf_member_icon_width' => 'int', +'cf_member_icon_height' => 'int', +'cf_member_img_size' => 'int', +'cf_member_img_width' => 'int', +'cf_member_img_height' => 'int', +'cf_login_minutes' => 'int', +'cf_formmail_is_member' => 'int', +'cf_page_rows' => 'int', +'cf_mobile_page_rows' => 'int', +'cf_social_login_use' => 'int', +'cf_cert_req' => 'int', +'cf_cert_use' => 'int', +'cf_cert_ipin' => 'char', +'cf_cert_hp' => 'char', +'cf_admin_email' => 'char', +'cf_admin_email_name' => 'char', +'cf_add_script' => 'text', +'cf_use_point' => 'int', +'cf_point_term' => 'int', +'cf_use_copy_log' => 'int', +'cf_login_point' => 'int', +'cf_cut_name' => 'int', +'cf_nick_modify' => 'int', +'cf_new_skin' => 'char', +'cf_new_rows' => 'int', +'cf_search_skin' => 'char', +'cf_connect_skin' => 'char', +'cf_faq_skin' => 'char', +'cf_read_point' => 'int', +'cf_write_point' => 'int', +'cf_comment_point' => 'int', +'cf_download_point' => 'int', +'cf_write_pages' => 'int', +'cf_mobile_pages' => 'int', +'cf_link_target' => 'char', +'cf_delay_sec' => 'int', +'cf_filter' => 'text', +'cf_possible_ip' => 'text', +'cf_analytics' => 'text', +'cf_add_meta' => 'text', +'cf_member_skin' => 'char', +'cf_image_extension' => 'char', +'cf_flash_extension' => 'char', +'cf_movie_extension' => 'char', +'cf_visit' => 'char', +'cf_stipulation' => 'text', +'cf_privacy' => 'text', +'cf_open_modify' => 'int', +'cf_memo_send_point' => 'int', +'cf_mobile_new_skin' => 'char', +'cf_mobile_search_skin' => 'char', +'cf_mobile_connect_skin' => 'char', +'cf_mobile_faq_skin' => 'char', +'cf_mobile_member_skin' => 'char', +'cf_captcha_mp3' => 'char', +'cf_cert_limit' => 'int', +'cf_sms_use' => 'char', +'cf_sms_type' => 'char', +'cf_icode_id' => 'char', +'cf_icode_pw' => 'char', +'cf_icode_server_ip' => 'char', +'cf_captcha' => 'char', +'cf_syndi_token' => '', +'cf_syndi_except' => '' +); + +for($i=1;$i<=10;$i++){ + $check_keys['cf_'.$i.'_subj'] = isset($_POST['cf_'.$i.'_subj']) ? $_POST['cf_'.$i.'_subj'] : ''; + $check_keys['cf_'.$i] = isset($_POST['cf_'.$i]) ? $_POST['cf_'.$i] : ''; +} + +foreach( $check_keys as $k => $v ){ + if( $v === 'int' ){ + $posts[$key] = $_POST[$k] = isset($_POST[$k]) ? (int) $_POST[$k] : 0; + } else { + $posts[$key] = $_POST[$k] = isset($_POST[$k]) ? $_POST[$k] : ''; + } +} + +// 본인확인을 사용할 경우 아이핀, 휴대폰인증 중 하나는 선택되어야 함 +if($_POST['cf_cert_use'] && !$_POST['cf_cert_ipin'] && !$_POST['cf_cert_hp']) + alert('본인확인을 위해 아이핀 또는 휴대폰 본인학인 서비스를 하나이상 선택해 주십시오'); + +if(!$_POST['cf_cert_use']) { + $posts[$key] = $_POST['cf_cert_ipin'] = ''; + $posts[$key] = $_POST['cf_cert_hp'] = ''; +} + $sql = " update {$g5['config_table']} - set cf_title = '{$_POST['cf_title']}', - cf_admin = '{$_POST['cf_admin']}', + set cf_title = '{$cf_title}', + cf_admin = '{$cf_admin}', cf_admin_email = '{$_POST['cf_admin_email']}', cf_admin_email_name = '{$_POST['cf_admin_email_name']}', cf_add_script = '{$_POST['cf_add_script']}', @@ -217,5 +336,4 @@ run_event('admin_config_form_update'); update_rewrite_rules(); -goto_url('./config_form.php', false); -?> \ No newline at end of file +goto_url('./config_form.php', false); \ No newline at end of file diff --git a/adm/contentform.php b/adm/contentform.php index 4a8eeb1c6..7aa1184f2 100644 --- a/adm/contentform.php +++ b/adm/contentform.php @@ -3,7 +3,9 @@ $sub_menu = '300600'; include_once('./_common.php'); include_once(G5_EDITOR_LIB); -auth_check($auth[$sub_menu], "w"); +auth_check_menu($auth, $sub_menu, "w"); + +$co_id = isset($_REQUEST['co_id']) ? preg_replace('/[^a-z0-9_]/i', '', $_REQUEST['co_id']) : ''; // 상단, 하단 파일경로 필드 추가 if(!sql_query(" select co_include_head from {$g5['content_table']} limit 1 ", false)) { @@ -51,6 +53,13 @@ else { $html_title .= ' 입력'; $co = array( + 'co_id' => '', + 'co_subject' => '', + 'co_content' => '', + 'co_mobile_content' => '', + 'co_include_head' => '', + 'co_include_tail' => '', + 'co_tag_filter_use' => 1, 'co_html' => 2, 'co_skin' => 'basic', 'co_mobile_skin' => 'basic' @@ -153,6 +162,7 @@ include_once (G5_ADMIN_PATH.'/admin.head.php'); 750) @@ -177,6 +187,7 @@ include_once (G5_ADMIN_PATH.'/admin.head.php'); 750) @@ -284,5 +295,4 @@ function frmcontentform_check(f) +include_once (G5_ADMIN_PATH.'/admin.tail.php'); \ No newline at end of file diff --git a/adm/contentformupdate.php b/adm/contentformupdate.php index af8c35007..ac1be285d 100644 --- a/adm/contentformupdate.php +++ b/adm/contentformupdate.php @@ -6,25 +6,27 @@ if ($w == "u" || $w == "d") check_demo(); if ($w == 'd') - auth_check($auth[$sub_menu], "d"); + auth_check_menu($auth, $sub_menu, "d"); else - auth_check($auth[$sub_menu], "w"); + auth_check_menu($auth, $sub_menu, "w"); check_admin_token(); if ($w == "" || $w == "u") { - if(preg_match("/[^a-z0-9_]/i", $co_id)) alert("ID 는 영문자, 숫자, _ 만 가능합니다."); + if(isset($_POST['co_id']) && preg_match("/[^a-z0-9_]/i", $_POST['co_id'])) alert("ID 는 영문자, 숫자, _ 만 가능합니다."); $sql = " select * from {$g5['content_table']} where co_id = '$co_id' "; $co_row = sql_fetch($sql); } -$co_id = preg_replace('/[^a-z0-9_]/i', '', $co_id); +$co_id = isset($_POST['co_id']) ? preg_replace('/[^a-z0-9_]/i', '', $_POST['co_id']) : ''; $co_subject = strip_tags(clean_xss_attributes($co_subject)); $co_include_head = preg_replace(array("#[\\\]+$#", "#(<\?php|<\?)#i"), "", substr($co_include_head, 0, 255)); $co_include_tail = preg_replace(array("#[\\\]+$#", "#(<\?php|<\?)#i"), "", substr($co_include_tail, 0, 255)); $co_tag_filter_use = isset($_POST['co_tag_filter_use']) ? (int) $_POST['co_tag_filter_use'] : 1; +$co_himg_del = (isset($_POST['co_himg_del']) && $_POST['co_himg_del']) ? 1 : 0; +$co_timg_del = (isset($_POST['co_timg_del']) && $_POST['co_timg_del']) ? 1 : 0; // 관리자가 자동등록방지를 사용해야 할 경우 if (($co_row['co_include_head'] !== $co_include_head || $co_row['co_include_tail'] !== $co_include_tail) && function_exists('get_admin_captcha_by') && get_admin_captcha_by()){ @@ -145,5 +147,4 @@ if ($w == "" || $w == "u") else { goto_url("./contentlist.php"); -} -?> +} \ No newline at end of file diff --git a/adm/contentlist.php b/adm/contentlist.php index a23437423..cf4c54660 100644 --- a/adm/contentlist.php +++ b/adm/contentlist.php @@ -2,7 +2,7 @@ $sub_menu = '300600'; include_once('./_common.php'); -auth_check($auth[$sub_menu], "r"); +auth_check_menu($auth, $sub_menu, "r"); if( !isset($g5['content_table']) ){ die('/data/dbconfig.php 파일에 $g5[\'content_table\'] = G5_TABLE_PREFIX.\'content\'; 를 추가해 주세요.'); @@ -94,5 +94,4 @@ $result = sql_query($sql); +include_once (G5_ADMIN_PATH.'/admin.tail.php'); \ No newline at end of file diff --git a/adm/dbupgrade.php b/adm/dbupgrade.php index 23ae7916b..d5d954d1f 100644 --- a/adm/dbupgrade.php +++ b/adm/dbupgrade.php @@ -2,7 +2,7 @@ $sub_menu = '100410'; include_once('./_common.php'); -auth_check($auth[$sub_menu], 'r'); +auth_check_menu($auth, $sub_menu, 'r'); $g5['title'] = 'DB 업그레이드'; include_once('./admin.head.php'); @@ -189,5 +189,4 @@ $db_upgrade_msg = $is_check ? 'DB 업그레이드가 완료되었습니다.' : ' \ No newline at end of file +include_once ('./admin.tail.php'); \ No newline at end of file diff --git a/adm/faqform.php b/adm/faqform.php index f5791df49..33024c77d 100644 --- a/adm/faqform.php +++ b/adm/faqform.php @@ -3,16 +3,18 @@ $sub_menu = '300700'; include_once('./_common.php'); include_once(G5_EDITOR_LIB); -auth_check($auth[$sub_menu], "w"); +auth_check_menu($auth, $sub_menu, "w"); -$fm_id = (int) $fm_id; -$fa_id = isset($fa_id) ? (int) $fa_id : 0; +$fm_id = isset($_GET['fm_id']) ? (int) $_GET['fm_id'] : 0; +$fa_id = isset($_GET['fa_id']) ? (int) $_GET['fa_id'] : 0; $sql = " select * from {$g5['faq_master_table']} where fm_id = '$fm_id' "; $fm = sql_fetch($sql); $html_title = 'FAQ '.$fm['fm_subject']; +$fa = array('fa_id'=>0, 'fm_id'=>0, 'fa_subject'=>'', 'fa_content'=>'', 'fa_order'=>0); + if ($w == "u") { $html_title .= " 수정"; @@ -97,5 +99,4 @@ function frmfaqform_check(f) +include_once (G5_ADMIN_PATH.'/admin.tail.php'); \ No newline at end of file diff --git a/adm/faqformupdate.php b/adm/faqformupdate.php index 35b8dcb30..2b54d1879 100644 --- a/adm/faqformupdate.php +++ b/adm/faqformupdate.php @@ -6,12 +6,18 @@ if ($w == "u" || $w == "d") check_demo(); if ($w == 'd') - auth_check($auth[$sub_menu], "d"); + auth_check_menu($auth, $sub_menu, "d"); else - auth_check($auth[$sub_menu], "w"); + auth_check_menu($auth, $sub_menu, "w"); check_admin_token(); +$fm_id = isset($_POST['fm_id']) ? (int) $_POST['fm_id'] : 0; +$fa_subject = isset($_POST['fa_subject']) ? $_POST['fa_subject'] : ''; +$fa_content = isset($_POST['fa_content']) ? $_POST['fa_content'] : ''; +$fa_order = isset($_POST['fa_order']) ? (int) $_POST['fa_order'] : 0; +$fa_id = isset($_POST['fa_id']) ? (int) $_POST['fa_id'] : 0; + $sql_common = " fa_subject = '$fa_subject', fa_content = '$fa_content', fa_order = '$fa_order' "; @@ -41,5 +47,4 @@ else if ($w == "d") if ($w == 'd') goto_url("./faqlist.php?fm_id=$fm_id"); else - goto_url("./faqform.php?w=u&fm_id=$fm_id&fa_id=$fa_id"); -?> + goto_url("./faqform.php?w=u&fm_id=$fm_id&fa_id=$fa_id"); \ No newline at end of file diff --git a/adm/faqlist.php b/adm/faqlist.php index 6f4849bb0..eccd16772 100644 --- a/adm/faqlist.php +++ b/adm/faqlist.php @@ -2,11 +2,11 @@ $sub_menu = '300700'; include_once('./_common.php'); -auth_check($auth[$sub_menu], "r"); +auth_check_menu($auth, $sub_menu, "r"); $g5['title'] = 'FAQ 상세관리'; -if ($fm_subject){ - $fm_subject = clean_xss_tags(strip_tags($fm_subject)); +if (isset($_REQUEST['fm_subject'])){ + $fm_subject = clean_xss_tags($_REQUEST['fm_subject'], 1, 1, 255); $g5['title'] .= ' : '.$fm_subject; } @@ -96,5 +96,4 @@ $result = sql_query($sql); +include_once (G5_ADMIN_PATH.'/admin.tail.php'); \ No newline at end of file diff --git a/adm/faqmasterform.php b/adm/faqmasterform.php index 4ac3f6f80..5e3410615 100644 --- a/adm/faqmasterform.php +++ b/adm/faqmasterform.php @@ -3,11 +3,11 @@ $sub_menu = '300700'; include_once('./_common.php'); include_once(G5_EDITOR_LIB); -auth_check($auth[$sub_menu], "w"); +auth_check_menu($auth, $sub_menu, "w"); $html_title = 'FAQ'; -$fm_id = preg_replace('/[^0-9]/', '', $fm_id); +$fm_id = isset($_GET['fm_id']) ? preg_replace('/[^0-9]/', '', $_GET['fm_id']) : 0; if ($w == "u") { @@ -21,7 +21,7 @@ if ($w == "u") else { $html_title .= ' 입력'; - $fm = array(); + $fm = array('fm_order'=>'', 'fm_subject'=>'', 'fm_id'=>0, 'fm_head_html'=> '', 'fm_tail_html'=> '', 'fm_mobile_head_html' => '', 'fm_mobile_tail_html' => ''); } $g5['title'] = $html_title.' 관리'; @@ -72,6 +72,7 @@ include_once (G5_ADMIN_PATH.'/admin.head.php'); 750) @@ -96,6 +97,7 @@ include_once (G5_ADMIN_PATH.'/admin.head.php'); 750) @@ -162,5 +164,4 @@ function frmfaqmasterform_check(f) +include_once (G5_ADMIN_PATH.'/admin.tail.php'); \ No newline at end of file diff --git a/adm/faqmasterformupdate.php b/adm/faqmasterformupdate.php index 609e805b3..bdc3c39a1 100644 --- a/adm/faqmasterformupdate.php +++ b/adm/faqmasterformupdate.php @@ -5,21 +5,29 @@ include_once('./_common.php'); if ($w == "u" || $w == "d") check_demo(); -if ($W == 'd') - auth_check($auth[$sub_menu], "d"); +if ($w == 'd') + auth_check_menu($auth, $sub_menu, "d"); else - auth_check($auth[$sub_menu], "w"); + auth_check_menu($auth, $sub_menu, "w"); check_admin_token(); @mkdir(G5_DATA_PATH."/faq", G5_DIR_PERMISSION); @chmod(G5_DATA_PATH."/faq", G5_DIR_PERMISSION); +$fm_id = isset($_POST['fm_id']) ? (int) $_POST['fm_id'] : 0; +$fm_himg_del = isset($_POST['fm_himg_del']) ? (int) $_POST['fm_himg_del'] : 0; +$fm_timg_del = isset($_POST['fm_timg_del']) ? (int) $_POST['fm_timg_del'] : 0; +$fm_subject = isset($_POST['fm_subject']) ? strip_tags(clean_xss_attributes($_POST['fm_subject'])) : ''; +$fm_head_html = isset($_POST['fm_head_html']) ? $_POST['fm_head_html'] : ''; +$fm_tail_html = isset($_POST['fm_tail_html']) ? $_POST['fm_tail_html'] : ''; +$fm_mobile_head_html = isset($_POST['fm_mobile_head_html']) ? $_POST['fm_mobile_head_html'] : ''; +$fm_mobile_tail_html = isset($_POST['fm_mobile_tail_html']) ? $_POST['fm_mobile_tail_html'] : ''; +$fm_order = isset($_POST['fm_order']) ? (int) $_POST['fm_order'] : 0; + if ($fm_himg_del) @unlink(G5_DATA_PATH."/faq/{$fm_id}_h"); if ($fm_timg_del) @unlink(G5_DATA_PATH."/faq/{$fm_id}_t"); -$fm_subject = strip_tags(clean_xss_attributes($fm_subject)); - $sql_common = " set fm_subject = '$fm_subject', fm_head_html = '$fm_head_html', fm_tail_html = '$fm_tail_html', @@ -72,5 +80,4 @@ if ($w == "" || $w == "u") goto_url("./faqmasterform.php?w=u&fm_id=$fm_id"); } else - goto_url("./faqmasterlist.php"); -?> + goto_url("./faqmasterlist.php"); \ No newline at end of file diff --git a/adm/faqmasterlist.php b/adm/faqmasterlist.php index 50dfc11e0..d5abfbb9d 100644 --- a/adm/faqmasterlist.php +++ b/adm/faqmasterlist.php @@ -2,7 +2,7 @@ $sub_menu = '300700'; include_once('./_common.php'); -auth_check($auth[$sub_menu], "r"); +auth_check_menu($auth, $sub_menu, "r"); //dbconfig파일에 $g5['faq_table'] , $g5['faq_master_table'] 배열변수가 있는지 체크 if( !isset($g5['faq_table']) || !isset($g5['faq_master_table']) ){ @@ -124,5 +124,4 @@ $result = sql_query($sql); +include_once (G5_ADMIN_PATH.'/admin.tail.php'); \ No newline at end of file diff --git a/adm/index.php b/adm/index.php index 4a2020238..f6b954dc4 100644 --- a/adm/index.php +++ b/adm/index.php @@ -138,7 +138,7 @@ $sql_common = " from {$g5['board_new_table']} a, {$g5['board_table']} b, {$g5['g if ($gr_id) $sql_common .= " and b.gr_id = '$gr_id' "; -if ($view) { +if (isset($view) && $view) { if ($view == 'w') $sql_common .= " and a.wr_id = a.wr_parent "; else if ($view == 'c') @@ -314,5 +314,4 @@ $colspan = 7; +include_once ('./admin.tail.php'); \ No newline at end of file diff --git a/adm/mail_delete.php b/adm/mail_delete.php index a190802eb..a351bd879 100644 --- a/adm/mail_delete.php +++ b/adm/mail_delete.php @@ -4,21 +4,20 @@ include_once('./_common.php'); check_demo(); -auth_check($auth[$sub_menu], 'd'); +auth_check_menu($auth, $sub_menu, 'd'); check_admin_token(); -$count = count($_POST['chk']); +$post_count_chk = (isset($_POST['chk']) && is_array($_POST['chk'])) ? count($_POST['chk']) : 0; if(!$count) alert('삭제할 메일목록을 1개이상 선택해 주세요.'); for($i=0; $i<$count; $i++) { - $ma_id = $_POST['chk'][$i]; + $ma_id = isset($_POST['chk'][$i]) ? (int) $_POST['chk'][$i] : 0; $sql = " delete from {$g5['mail_table']} where ma_id = '$ma_id' "; sql_query($sql); } -goto_url('./mail_list.php'); -?> \ No newline at end of file +goto_url('./mail_list.php'); \ No newline at end of file diff --git a/adm/mail_form.php b/adm/mail_form.php index 6ee6fb95b..a7671fb3b 100644 --- a/adm/mail_form.php +++ b/adm/mail_form.php @@ -3,15 +3,16 @@ $sub_menu = "200300"; include_once('./_common.php'); include_once(G5_EDITOR_LIB); -auth_check($auth[$sub_menu], 'r'); +auth_check_menu($auth, $sub_menu, 'r'); $html_title = '회원메일'; +$ma_id = isset($_GET['ma_id']) ? (int) $_GET['ma_id'] : 0; +$ma = array('ma_id'=>0, 'ma_subject'=>'', 'ma_content'=>''); + if ($w == 'u') { $html_title .= '수정'; $readonly = ' readonly'; - - $ma_id = (int) $ma_id; $sql = " select * from {$g5['mail_table']} where ma_id = '{$ma_id}' "; $ma = sql_fetch($sql); @@ -82,5 +83,4 @@ document.fmailform.ma_subject.focus(); +include_once('./admin.tail.php'); \ No newline at end of file diff --git a/adm/mail_list.php b/adm/mail_list.php index 587a8ddb0..9e2368ff4 100644 --- a/adm/mail_list.php +++ b/adm/mail_list.php @@ -2,7 +2,7 @@ $sub_menu = '200300'; include_once('./_common.php'); -auth_check($auth[$sub_menu], 'r'); +auth_check_menu($auth, $sub_menu, 'r'); $sql_common = " from {$g5['mail_table']} "; @@ -101,5 +101,4 @@ $(function() { \ No newline at end of file +include_once ('./admin.tail.php'); \ No newline at end of file diff --git a/adm/mail_preview.php b/adm/mail_preview.php index 16abd479d..a13020e5c 100644 --- a/adm/mail_preview.php +++ b/adm/mail_preview.php @@ -3,7 +3,9 @@ $sub_menu = "200300"; include_once('./_common.php'); include_once(G5_LIB_PATH.'/mailer.lib.php'); -auth_check($auth[$sub_menu], 'r'); +auth_check_menu($auth, $sub_menu, 'r'); + +$ma_id = isset($_REQUEST['ma_id']) ? (int) $_REQUEST['ma_id'] : 0; $se = sql_fetch("select ma_subject, ma_content from {$g5['mail_table']} where ma_id = '{$ma_id}' "); diff --git a/adm/mail_select_form.php b/adm/mail_select_form.php index a8115297d..076e3a60f 100644 --- a/adm/mail_select_form.php +++ b/adm/mail_select_form.php @@ -5,7 +5,9 @@ include_once('./_common.php'); if (!$config['cf_email_use']) alert('환경설정에서 \'메일발송 사용\'에 체크하셔야 메일을 발송할 수 있습니다.'); -auth_check($auth[$sub_menu], 'r'); +auth_check_menu($auth, $sub_menu, 'r'); + +$ma_id = isset($_GET['ma_id']) ? (int) $_GET['ma_id'] : 0; $sql = " select * from {$g5['mail_table']} where ma_id = '$ma_id' "; $ma = sql_fetch($sql); @@ -26,8 +28,8 @@ $last_option = explode('||', $ma['ma_last_option']); for ($i=0; $i @@ -55,15 +61,15 @@ include_once('./admin.head.php'); @@ -118,5 +124,4 @@ include_once('./admin.head.php'); +include_once('./admin.tail.php'); \ No newline at end of file diff --git a/adm/mail_select_list.php b/adm/mail_select_list.php index b78b55375..e08032e79 100644 --- a/adm/mail_select_list.php +++ b/adm/mail_select_list.php @@ -2,7 +2,7 @@ $sub_menu = "200300"; include_once('./_common.php'); -auth_check($auth[$sub_menu], 'r'); +auth_check_menu($auth, $sub_menu, 'r'); $ma_last_option = ""; @@ -117,5 +117,4 @@ include_once('./admin.head.php'); +include_once('./admin.tail.php'); \ No newline at end of file diff --git a/adm/mail_select_update.php b/adm/mail_select_update.php index 219e58573..4a7ba5be8 100644 --- a/adm/mail_select_update.php +++ b/adm/mail_select_update.php @@ -2,7 +2,7 @@ $sub_menu = "200300"; include_once('./_common.php'); -auth_check($auth[$sub_menu], 'w'); +auth_check_menu($auth, $sub_menu, 'w'); $html_title = '회원메일 발송'; @@ -26,14 +26,12 @@ echo ""; - - + \ No newline at end of file diff --git a/adm/mail_test.php b/adm/mail_test.php index bc321f545..3731a3f2a 100644 --- a/adm/mail_test.php +++ b/adm/mail_test.php @@ -7,7 +7,7 @@ if (!$config['cf_email_use']) include_once(G5_LIB_PATH.'/mailer.lib.php'); -auth_check($auth[$sub_menu], 'w'); +auth_check_menu($auth, $sub_menu, 'w'); check_demo(); @@ -17,6 +17,7 @@ $name = get_text($member['mb_name']); $nick = $member['mb_nick']; $mb_id = $member['mb_id']; $email = $member['mb_email']; +$ma_id = isset($_REQUEST['ma_id']) ? (int) $_REQUEST['ma_id'] : 0; $sql = "select ma_subject, ma_content from {$g5['mail_table']} where ma_id = '{$ma_id}' "; $ma = sql_fetch($sql); @@ -35,5 +36,4 @@ $content = $content . '

      더 이상 정보 수신을 원치 않으시면 [ +alert($member['mb_nick'].'('.$member['mb_email'].')님께 테스트 메일을 발송하였습니다. 확인하여 주십시오.'); \ No newline at end of file diff --git a/adm/mail_update.php b/adm/mail_update.php index 04d04ac92..844aa4435 100644 --- a/adm/mail_update.php +++ b/adm/mail_update.php @@ -5,18 +5,19 @@ include_once('./_common.php'); if ($w == 'u' || $w == 'd') check_demo(); -auth_check($auth[$sub_menu], 'w'); +auth_check_menu($auth, $sub_menu, 'w'); check_admin_token(); $ma_id = isset($_POST['ma_id']) ? (int) $_POST['ma_id'] : 0; $ma_subject = isset($_POST['ma_subject']) ? strip_tags(clean_xss_attributes($_POST['ma_subject'])) : ''; +$ma_content = isset($_POST['ma_content']) ? $_POST['ma_content'] : ''; if ($w == '') { $sql = " insert {$g5['mail_table']} set ma_subject = '{$ma_subject}', - ma_content = '{$_POST['ma_content']}', + ma_content = '{$ma_content}', ma_time = '".G5_TIME_YMDHIS."', ma_ip = '{$_SERVER['REMOTE_ADDR']}' "; sql_query($sql); @@ -25,7 +26,7 @@ else if ($w == 'u') { $sql = " update {$g5['mail_table']} set ma_subject = '{$ma_subject}', - ma_content = '{$_POST['ma_content']}', + ma_content = '{$ma_content}', ma_time = '".G5_TIME_YMDHIS."', ma_ip = '{$_SERVER['REMOTE_ADDR']}' where ma_id = '{$ma_id}' "; @@ -37,5 +38,4 @@ else if ($w == 'd') sql_query($sql); } -goto_url('./mail_list.php'); -?> +goto_url('./mail_list.php'); \ No newline at end of file diff --git a/adm/member_delete.php b/adm/member_delete.php index e536f6c57..6f675f347 100644 --- a/adm/member_delete.php +++ b/adm/member_delete.php @@ -4,11 +4,11 @@ include_once("./_common.php"); check_demo(); -auth_check($auth[$sub_menu], "d"); +auth_check_menu($auth, $sub_menu, "d"); -$mb = get_member($_POST['mb_id']); +$mb = isset($_POST['mb_id']) ? get_member($_POST['mb_id']) : array(); -if (!$mb['mb_id']) +if (! (isset($mb['mb_id']) && $mb['mb_id'])) alert("회원자료가 존재하지 않습니다."); else if ($member['mb_id'] == $mb['mb_id']) alert("로그인 중인 관리자는 삭제 할 수 없습니다."); @@ -25,5 +25,4 @@ member_delete($mb['mb_id']); if ($url) goto_url("{$url}?$qstr&w=u&mb_id=$mb_id"); else - goto_url("./member_list.php?$qstr"); -?> + goto_url("./member_list.php?$qstr"); \ No newline at end of file diff --git a/adm/member_form.php b/adm/member_form.php index a5b249d35..470fccced 100644 --- a/adm/member_form.php +++ b/adm/member_form.php @@ -2,7 +2,46 @@ $sub_menu = "200100"; include_once('./_common.php'); -auth_check($auth[$sub_menu], 'w'); +auth_check_menu($auth, $sub_menu, 'w'); + +$mb = array( +'mb_certify' => null, +'mb_adult' => null, +'mb_sms' => null, +'mb_intercept_date' => null, +'mb_id' => null, +'mb_name' => null, +'mb_nick' => null, +'mb_point' => null, +'mb_email' => null, +'mb_homepage' => null, +'mb_hp' => null, +'mb_tel' => null, +'mb_zip1' => null, +'mb_zip2' => null, +'mb_addr1' => null, +'mb_addr2' => null, +'mb_addr3' => null, +'mb_addr_jibeon' => null, +'mb_signature' => null, +'mb_profile' => null, +'mb_memo' => null, +'mb_leave_date' => null, +'mb_1' => null, +'mb_2' => null, +'mb_3' => null, +'mb_4' => null, +'mb_5' => null, +'mb_6' => null, +'mb_7' => null, +'mb_8' => null, +'mb_9' => null, +'mb_10' => null, +); + +$sound_only = ''; +$required_mb_id_class = ''; +$required_mb_password = ''; if ($w == '') { @@ -26,7 +65,6 @@ else if ($w == 'u') alert('자신보다 권한이 높거나 같은 회원은 수정할 수 없습니다.'); $required_mb_id = 'readonly'; - $required_mb_password = ''; $html_title = '수정'; $mb['mb_name'] = get_text($mb['mb_name']); @@ -481,5 +519,4 @@ function fmember_submit(f) +include_once('./admin.tail.php'); \ No newline at end of file diff --git a/adm/member_form_update.php b/adm/member_form_update.php index a0c87eb9d..163fbcb74 100644 --- a/adm/member_form_update.php +++ b/adm/member_form_update.php @@ -7,11 +7,14 @@ include_once(G5_LIB_PATH.'/thumbnail.lib.php'); if ($w == 'u') check_demo(); -auth_check($auth[$sub_menu], 'w'); +auth_check_menu($auth, $sub_menu, 'w'); check_admin_token(); -$mb_id = trim($_POST['mb_id']); +$mb_id = isset($_POST['mb_id']) ? trim($_POST['mb_id']) : ''; +$mb_certify_case = isset($_POST['mb_certify_case']) ? preg_replace('/[^0-9a-z_]/i', '', $_POST['mb_certify_case']) : ''; +$mb_certify = isset($_POST['mb_certify']) ? preg_replace('/[^0-9a-z_]/i', '', $_POST['mb_certify']) : ''; +$mb_zip = isset($_POST['mb_zip']) ? preg_replace('/[^0-9a-z_]/i', '', $_POST['mb_zip']) : ''; // 휴대폰번호 체크 $mb_hp = hyphen_hp_number($_POST['mb_hp']); @@ -22,72 +25,101 @@ if($mb_hp) { } // 인증정보처리 -if($_POST['mb_certify_case'] && $_POST['mb_certify']) { - $mb_certify = $_POST['mb_certify_case']; - $mb_adult = $_POST['mb_adult']; +if($mb_certify_case && $mb_certify) { + $mb_certify = isset($_POST['mb_certify_case']) ? preg_replace('/[^0-9a-z_]/i', '', $_POST['mb_certify_case']) : ''; + $mb_adult = isset($_POST['mb_adult']) ? preg_replace('/[^0-9a-z_]/i', '', $_POST['mb_adult']) : ''; } else { $mb_certify = ''; $mb_adult = 0; } -$mb_zip1 = substr($_POST['mb_zip'], 0, 3); -$mb_zip2 = substr($_POST['mb_zip'], 3); +$mb_zip1 = substr($mb_zip, 0, 3); +$mb_zip2 = substr($mb_zip, 3); $mb_email = isset($_POST['mb_email']) ? get_email_address(trim($_POST['mb_email'])) : ''; $mb_nick = isset($_POST['mb_nick']) ? trim(strip_tags($_POST['mb_nick'])) : ''; if ($msg = valid_mb_nick($mb_nick)) alert($msg, "", true, true); -$sql_common = " mb_name = '{$_POST['mb_name']}', +$posts = array(); +$check_keys = array( +'mb_name', +'mb_homepage', +'mb_tel', +'mb_addr1', +'mb_addr2', +'mb_addr3', +'mb_addr_jibeon', +'mb_signature', +'mb_leave_date', +'mb_intercept_date', +'mb_mailling', +'mb_sms', +'mb_open', +'mb_profile', +'mb_level' +); + +for($i=1;$i<=10;$i++){ + $check_keys[] = 'mb_'.$i; +} + +foreach( $check_keys as $key ){ + $posts[$key] = isset($_POST[$key]) ? clean_xss_tags($_POST[$key], 1, 1) : ''; +} + +$mb_memo = isset($_POST['mb_memo']) ? $_POST['mb_memo'] : ''; + +$sql_common = " mb_name = '{$posts['mb_name']}', mb_nick = '{$mb_nick}', mb_email = '{$mb_email}', - mb_homepage = '{$_POST['mb_homepage']}', - mb_tel = '{$_POST['mb_tel']}', + mb_homepage = '{$posts['mb_homepage']}', + mb_tel = '{$posts['mb_tel']}', mb_hp = '{$mb_hp}', mb_certify = '{$mb_certify}', mb_adult = '{$mb_adult}', mb_zip1 = '$mb_zip1', mb_zip2 = '$mb_zip2', - mb_addr1 = '{$_POST['mb_addr1']}', - mb_addr2 = '{$_POST['mb_addr2']}', - mb_addr3 = '{$_POST['mb_addr3']}', - mb_addr_jibeon = '{$_POST['mb_addr_jibeon']}', - mb_signature = '{$_POST['mb_signature']}', - mb_leave_date = '{$_POST['mb_leave_date']}', - mb_intercept_date='{$_POST['mb_intercept_date']}', - mb_memo = '{$_POST['mb_memo']}', - mb_mailling = '{$_POST['mb_mailling']}', - mb_sms = '{$_POST['mb_sms']}', - mb_open = '{$_POST['mb_open']}', - mb_profile = '{$_POST['mb_profile']}', - mb_level = '{$_POST['mb_level']}', - mb_1 = '{$_POST['mb_1']}', - mb_2 = '{$_POST['mb_2']}', - mb_3 = '{$_POST['mb_3']}', - mb_4 = '{$_POST['mb_4']}', - mb_5 = '{$_POST['mb_5']}', - mb_6 = '{$_POST['mb_6']}', - mb_7 = '{$_POST['mb_7']}', - mb_8 = '{$_POST['mb_8']}', - mb_9 = '{$_POST['mb_9']}', - mb_10 = '{$_POST['mb_10']}' "; + mb_addr1 = '{$posts['mb_addr1']}', + mb_addr2 = '{$posts['mb_addr2']}', + mb_addr3 = '{$posts['mb_addr3']}', + mb_addr_jibeon = '{$posts['mb_addr_jibeon']}', + mb_signature = '{$posts['mb_signature']}', + mb_leave_date = '{$posts['mb_leave_date']}', + mb_intercept_date='{$posts['mb_intercept_date']}', + mb_memo = '{$mb_memo}', + mb_mailling = '{$posts['mb_mailling']}', + mb_sms = '{$posts['mb_sms']}', + mb_open = '{$posts['mb_open']}', + mb_profile = '{$posts['mb_profile']}', + mb_level = '{$posts['mb_level']}', + mb_1 = '{$posts['mb_1']}', + mb_2 = '{$posts['mb_2']}', + mb_3 = '{$posts['mb_3']}', + mb_4 = '{$posts['mb_4']}', + mb_5 = '{$posts['mb_5']}', + mb_6 = '{$posts['mb_6']}', + mb_7 = '{$posts['mb_7']}', + mb_8 = '{$posts['mb_8']}', + mb_9 = '{$posts['mb_9']}', + mb_10 = '{$posts['mb_10']}' "; if ($w == '') { $mb = get_member($mb_id); - if ($mb['mb_id']) + if (isset($mb['mb_id']) && $mb['mb_id']) alert('이미 존재하는 회원아이디입니다.\\nID : '.$mb['mb_id'].'\\n이름 : '.$mb['mb_name'].'\\n닉네임 : '.$mb['mb_nick'].'\\n메일 : '.$mb['mb_email']); // 닉네임중복체크 $sql = " select mb_id, mb_name, mb_nick, mb_email from {$g5['member_table']} where mb_nick = '{$mb_nick}' "; $row = sql_fetch($sql); - if ($row['mb_id']) + if (isset($row['mb_id']) && $row['mb_id']) alert('이미 존재하는 닉네임입니다.\\nID : '.$row['mb_id'].'\\n이름 : '.$row['mb_name'].'\\n닉네임 : '.$row['mb_nick'].'\\n메일 : '.$row['mb_email']); // 이메일중복체크 $sql = " select mb_id, mb_name, mb_nick, mb_email from {$g5['member_table']} where mb_email = '{$mb_email}' "; $row = sql_fetch($sql); - if ($row['mb_id']) + if (isset($row['mb_id']) && $row['mb_id']) alert('이미 존재하는 이메일입니다.\\nID : '.$row['mb_id'].'\\n이름 : '.$row['mb_name'].'\\n닉네임 : '.$row['mb_nick'].'\\n메일 : '.$row['mb_email']); sql_query(" insert into {$g5['member_table']} set mb_id = '{$mb_id}', mb_password = '".get_encrypt_string($mb_password)."', mb_datetime = '".G5_TIME_YMDHIS."', mb_ip = '{$_SERVER['REMOTE_ADDR']}', mb_email_certify = '".G5_TIME_YMDHIS."', {$sql_common} "); @@ -95,7 +127,7 @@ if ($w == '') else if ($w == 'u') { $mb = get_member($mb_id); - if (!$mb['mb_id']) + if (! (isset($mb['mb_id']) && $mb['mb_id'])) alert('존재하지 않는 회원자료입니다.'); if ($is_admin != 'super' && $mb['mb_level'] >= $member['mb_level']) @@ -105,19 +137,19 @@ else if ($w == 'u') alert('최고관리자의 비밀번호를 수정할수 없습니다.'); } - if ($_POST['mb_id'] == $member['mb_id'] && $_POST['mb_level'] != $mb['mb_level']) + if ($mb_id === $member['mb_id'] && $_POST['mb_level'] != $mb['mb_level']) alert($mb['mb_id'].' : 로그인 중인 관리자 레벨은 수정 할 수 없습니다.'); // 닉네임중복체크 $sql = " select mb_id, mb_name, mb_nick, mb_email from {$g5['member_table']} where mb_nick = '{$mb_nick}' and mb_id <> '$mb_id' "; $row = sql_fetch($sql); - if ($row['mb_id']) + if (isset($row['mb_id']) && $row['mb_id']) alert('이미 존재하는 닉네임입니다.\\nID : '.$row['mb_id'].'\\n이름 : '.$row['mb_name'].'\\n닉네임 : '.$row['mb_nick'].'\\n메일 : '.$row['mb_email']); // 이메일중복체크 $sql = " select mb_id, mb_name, mb_nick, mb_email from {$g5['member_table']} where mb_email = '{$mb_email}' and mb_id <> '$mb_id' "; $row = sql_fetch($sql); - if ($row['mb_id']) + if (isset($row['mb_id']) && $row['mb_id']) alert('이미 존재하는 이메일입니다.\\nID : '.$row['mb_id'].'\\n이름 : '.$row['mb_name'].'\\n닉네임 : '.$row['mb_nick'].'\\n메일 : '.$row['mb_email']); if ($mb_password) @@ -125,7 +157,7 @@ else if ($w == 'u') else $sql_password = ""; - if ($passive_certify) + if (isset($passive_certify) && $passive_certify) $sql_certify = " , mb_email_certify = '".G5_TIME_YMDHIS."' "; else $sql_certify = ""; @@ -146,7 +178,7 @@ if( $w == '' || $w == 'u' ){ $mb_icon_img = get_mb_icon_name($mb_id).'.gif'; // 회원 아이콘 삭제 - if ($del_mb_icon) + if (isset($del_mb_icon) && $del_mb_icon) @unlink(G5_DATA_PATH.'/member/'.$mb_dir.'/'.$mb_icon_img); $image_regex = "/(\.(gif|jpe?g|png))$/i"; @@ -196,7 +228,7 @@ if( $w == '' || $w == 'u' ){ $mb_img_dir .= substr($mb_id,0,2); // 회원 이미지 삭제 - if ($del_mb_img) + if (isset($del_mb_img) && $del_mb_img) @unlink($mb_img_dir.'/'.$mb_icon_img); // 아이콘 업로드 @@ -238,5 +270,4 @@ if( $w == '' || $w == 'u' ){ run_event('admin_member_form_update', $w, $mb_id); -goto_url('./member_form.php?'.$qstr.'&w=u&mb_id='.$mb_id, false); -?> \ No newline at end of file +goto_url('./member_form.php?'.$qstr.'&w=u&mb_id='.$mb_id, false); \ No newline at end of file diff --git a/adm/member_list.php b/adm/member_list.php index e8bcf4611..248b62be8 100644 --- a/adm/member_list.php +++ b/adm/member_list.php @@ -2,7 +2,7 @@ $sub_menu = "200100"; include_once('./_common.php'); -auth_check($auth[$sub_menu], 'r'); +auth_check_menu($auth, $sub_menu, 'r'); $sql_common = " from {$g5['member_table']} "; @@ -78,17 +78,17 @@ $colspan = 16; @@ -330,5 +330,4 @@ function fmemberlist_submit(f) +include_once ('./admin.tail.php'); \ No newline at end of file diff --git a/adm/member_list_delete.php b/adm/member_list_delete.php index f416a6011..eeab528f7 100644 --- a/adm/member_list_delete.php +++ b/adm/member_list_delete.php @@ -4,7 +4,7 @@ include_once("./_common.php"); check_demo(); -auth_check($auth[$sub_menu], "d"); +auth_check_menu($auth, $sub_menu, "d"); check_admin_token(); @@ -33,5 +33,4 @@ for ($i=0; $i alert('$msg'); "; -goto_url("./member_list.php?$qstr"); -?> +goto_url("./member_list.php?$qstr"); \ No newline at end of file diff --git a/adm/member_list_update.php b/adm/member_list_update.php index 7e250d4af..82a2db6c3 100644 --- a/adm/member_list_update.php +++ b/adm/member_list_update.php @@ -4,46 +4,54 @@ include_once('./_common.php'); check_demo(); -if (!count($_POST['chk'])) { +if (! (isset($_POST['chk']) && is_array($_POST['chk']))) { alert($_POST['act_button']." 하실 항목을 하나 이상 체크하세요."); } -auth_check($auth[$sub_menu], 'w'); +auth_check_menu($auth, $sub_menu, 'w'); check_admin_token(); $mb_datas = array(); +$msg = ''; if ($_POST['act_button'] == "선택수정") { for ($i=0; $i= $member['mb_level']) { $msg .= $mb['mb_id'].' : 자신보다 권한이 높거나 같은 회원은 수정할 수 없습니다.\\n'; } else if ($member['mb_id'] == $mb['mb_id']) { $msg .= $mb['mb_id'].' : 로그인 중인 관리자는 수정 할 수 없습니다.\\n'; } else { - if($_POST['mb_certify'][$k]) - $mb_adult = (int) $_POST['mb_adult'][$k]; + if($post_mb_certify) + $mb_adult = isset($_POST['mb_adult'][$k]) ? (int) $_POST['mb_adult'][$k] : 0; else $mb_adult = 0; $sql = " update {$g5['member_table']} - set mb_level = '".sql_real_escape_string($_POST['mb_level'][$k])."', - mb_intercept_date = '".sql_real_escape_string($_POST['mb_intercept_date'][$k])."', - mb_mailling = '".sql_real_escape_string($_POST['mb_mailling'][$k])."', - mb_sms = '".sql_real_escape_string($_POST['mb_sms'][$k])."', - mb_open = '".sql_real_escape_string($_POST['mb_open'][$k])."', - mb_certify = '".sql_real_escape_string($_POST['mb_certify'][$k])."', + set mb_level = '".$post_mb_level."', + mb_intercept_date = '".sql_real_escape_string($post_mb_intercept_date)."', + mb_mailling = '".$post_mb_mailling."', + mb_sms = '".$post_mb_sms."', + mb_open = '".$post_mb_open."', + mb_certify = '".sql_real_escape_string($post_mb_certify)."', mb_adult = '{$mb_adult}' - where mb_id = '".sql_real_escape_string($_POST['mb_id'][$k])."' "; + where mb_id = '".sql_real_escape_string($mb['mb_id'])."' "; sql_query($sql); } } @@ -53,7 +61,7 @@ if ($_POST['act_button'] == "선택수정") { for ($i=0; $i +goto_url('./member_list.php?'.$qstr); \ No newline at end of file diff --git a/adm/menu_form.php b/adm/menu_form.php index bb421af1c..59bbd4415 100644 --- a/adm/menu_form.php +++ b/adm/menu_form.php @@ -8,7 +8,7 @@ if ($is_admin != 'super') $g5['title'] = '메뉴 추가'; include_once(G5_PATH.'/head.sub.php'); -$code = isset($code) ? preg_replace('/[^0-9a-zA-Z]/', '', strip_tags($code)) : ''; +$code = isset($_GET['code']) ? preg_replace('/[^0-9a-zA-Z]/', '', $_GET['code']) : ''; // 코드 if($new == 'new' || !$code) { @@ -174,10 +174,10 @@ function add_menu_list(name, link, code) else $menu_last = $menulist.find("tr.menu_list:last"); - if($menu_last.size() > 0) { + if($menu_last.length > 0) { $menu_last.after(list); } else { - if($menulist.find("#empty_menu_list").size() > 0) + if($menulist.find("#empty_menu_list").length > 0) $menulist.find("#empty_menu_list").remove(); $menulist.find("table tbody").append(list); @@ -193,5 +193,4 @@ function add_menu_list(name, link, code) \ No newline at end of file +include_once(G5_PATH.'/tail.sub.php'); \ No newline at end of file diff --git a/adm/menu_form_search.php b/adm/menu_form_search.php index 497ee3ee1..bb26e26f4 100644 --- a/adm/menu_form_search.php +++ b/adm/menu_form_search.php @@ -4,6 +4,8 @@ include_once('./_common.php'); if ($is_admin != 'super') die('최고관리자만 접근 가능합니다.'); +$type = isset($_REQUEST['type']) ? preg_replace('/[^0-9a-z_]/i', '', $_REQUEST['type']) : ''; + switch($type) { case 'group': $sql = " select gr_id as id, gr_subject as subject @@ -24,9 +26,7 @@ switch($type) { $sql = ''; break; } -?> -추가 - \ No newline at end of file +

      @@ -143,14 +144,14 @@ $(function() { return false; var $tr = $(this).closest("tr"); - if($tr.find("td.sub_menu_class").size() > 0) { + if($tr.find("td.sub_menu_class").length > 0) { $tr.remove(); } else { var code = $(this).closest("tr").find("input[name='code[]']").val().substr(0, 2); $("tr.menu_group_"+code).remove(); } - if($("#menulist tr.menu_list").size() < 1) { + if($("#menulist tr.menu_list").length < 1) { var list = "
      \n"; $("#menulist table tbody").append(list); } else { @@ -215,5 +216,4 @@ function fmenulist_submit(f) +include_once ('./admin.tail.php'); \ No newline at end of file diff --git a/adm/menu_list_update.php b/adm/menu_list_update.php index 528a5a42b..9a3ecd499 100644 --- a/adm/menu_list_update.php +++ b/adm/menu_list_update.php @@ -70,5 +70,4 @@ for ($i=0; $i<$count; $i++) run_event('admin_menu_list_update'); -goto_url('./menu_list.php'); -?> +goto_url('./menu_list.php'); \ No newline at end of file diff --git a/adm/newwinform.php b/adm/newwinform.php index 371aea64a..7dc842c5d 100644 --- a/adm/newwinform.php +++ b/adm/newwinform.php @@ -3,9 +3,15 @@ $sub_menu = '100310'; include_once('./_common.php'); include_once(G5_EDITOR_LIB); -auth_check($auth[$sub_menu], "w"); +auth_check_menu($auth, $sub_menu, "w"); -$nw_id = preg_replace('/[^0-9]/', '', $nw_id); +$nw_id = isset($_REQUEST['nw_id']) ? preg_replace('/[^0-9]/', '', $_REQUEST['nw_id']) : 0; +$nw = array( +'nw_begin_time'=>'', +'nw_end_time'=>'', +'nw_subject'=>'', +'nw_content'=>'', +); $html_title = "팝업레이어"; if ($w == "u") @@ -13,7 +19,7 @@ if ($w == "u") $html_title .= " 수정"; $sql = " select * from {$g5['new_win_table']} where nw_id = '$nw_id' "; $nw = sql_fetch($sql); - if (!$nw['nw_id']) alert("등록된 자료가 없습니다."); + if (! (isset($nw['nw_id']) && $nw['nw_id'])) alert("등록된 자료가 없습니다."); } else { @@ -146,5 +152,4 @@ function frmnewwin_check(f) +include_once (G5_ADMIN_PATH.'/admin.tail.php'); \ No newline at end of file diff --git a/adm/newwinformupdate.php b/adm/newwinformupdate.php index f03701166..e046fe0fa 100644 --- a/adm/newwinformupdate.php +++ b/adm/newwinformupdate.php @@ -2,29 +2,55 @@ $sub_menu = '100310'; include_once('./_common.php'); +$nw_id = isset($_POST['nw_id']) ? preg_replace('/[^0-9]/', '', $_POST['nw_id']) : 0; + if ($w == "u" || $w == "d") check_demo(); if ($w == 'd') - auth_check($auth[$sub_menu], "d"); + auth_check_menu($auth, $sub_menu, "d"); else - auth_check($auth[$sub_menu], "w"); + auth_check_menu($auth, $sub_menu, "w"); check_admin_token(); $nw_subject = isset($_POST['nw_subject']) ? strip_tags(clean_xss_attributes($_POST['nw_subject'])) : ''; +$posts = array(); -$sql_common = " nw_device = '{$_POST['nw_device']}', - nw_begin_time = '{$_POST['nw_begin_time']}', - nw_end_time = '{$_POST['nw_end_time']}', - nw_disable_hours = '{$_POST['nw_disable_hours']}', - nw_left = '{$_POST['nw_left']}', - nw_top = '{$_POST['nw_top']}', - nw_height = '{$_POST['nw_height']}', - nw_width = '{$_POST['nw_width']}', +$check_keys = array( +'nw_device'=>'str', +'nw_begin_time'=>'str', +'nw_end_time'=>'str', +'nw_disable_hours'=>'int', +'nw_left'=>'int', +'nw_top'=>'int', +'nw_height'=>'int', +'nw_width'=>'int', +'nw_content'=>'text', +'nw_content_html'=>'text', +); + +foreach($check_keys as $key=>$val){ + if($val === 'int'){ + $posts[$key] = isset($_POST[$key]) ? (int) $_POST[$key] : 0; + } else if ($val === 'str') { + $posts[$key] = isset($_POST[$key]) ? clean_xss_tags($_POST[$key], 1, 1) : 0; + } else { + $posts[$key] = isset($_POST[$key]) ? trim($_POST[$key]) : 0; + } +} + +$sql_common = " nw_device = '{$posts['nw_device']}', + nw_begin_time = '{$posts['nw_begin_time']}', + nw_end_time = '{$posts['nw_end_time']}', + nw_disable_hours = '{$posts['nw_disable_hours']}', + nw_left = '{$posts['nw_left']}', + nw_top = '{$posts['nw_top']}', + nw_height = '{$posts['nw_height']}', + nw_width = '{$posts['nw_width']}', nw_subject = '{$nw_subject}', - nw_content = '{$_POST['nw_content']}', - nw_content_html = '{$_POST['nw_content_html']}' "; + nw_content = '{$posts['nw_content']}', + nw_content_html = '{$posts['nw_content_html']}' "; if($w == "") { @@ -51,5 +77,4 @@ if ($w == "d") else { goto_url("./newwinform.php?w=u&nw_id=$nw_id"); -} -?> +} \ No newline at end of file diff --git a/adm/newwinlist.php b/adm/newwinlist.php index 093892050..ba44e063e 100644 --- a/adm/newwinlist.php +++ b/adm/newwinlist.php @@ -2,7 +2,7 @@ $sub_menu = '100310'; include_once('./_common.php'); -auth_check($auth[$sub_menu], "r"); +auth_check_menu($auth, $sub_menu, "r"); if( !isset($g5['new_win_table']) ){ die('/data/dbconfig.php 파일에 $g5[\'new_win_table\'] = G5_TABLE_PREFIX.\'new_win\'; 를 추가해 주세요.'); @@ -114,5 +114,4 @@ $result = sql_query($sql); +include_once (G5_ADMIN_PATH.'/admin.tail.php'); \ No newline at end of file diff --git a/adm/phpinfo.php b/adm/phpinfo.php index a7f01a149..6bb61c4be 100644 --- a/adm/phpinfo.php +++ b/adm/phpinfo.php @@ -4,7 +4,6 @@ include_once('./_common.php'); check_demo(); -auth_check($auth[$sub_menu], 'r'); +auth_check_menu($auth, $sub_menu, 'r'); -phpinfo(); -?> \ No newline at end of file +phpinfo(); \ No newline at end of file diff --git a/adm/point_list.php b/adm/point_list.php index 7e25aec50..a8c348ad4 100644 --- a/adm/point_list.php +++ b/adm/point_list.php @@ -2,7 +2,7 @@ $sub_menu = "200200"; include_once('./_common.php'); -auth_check($auth[$sub_menu], 'r'); +auth_check_menu($auth, $sub_menu, 'r'); $sql_common = " from {$g5['point_table']} "; @@ -84,8 +84,8 @@ else
      @@ -190,7 +190,7 @@ else - +
      여분필드 - + - +
      경고) curl이 지원되지 않아 네이버 신디케이션을 사용할수 없습니다.'); ?> 연동키는 네이버 웹마스터도구 -> 네이버 신디케이션에서 발급할 수 있습니다.') ?> - +
      참고로 그룹접근사용 게시판, 글읽기 권한 2 이상 게시판, 비밀글은 신디케이션 수집에서 제외됩니다.') ?> - +
      > > - 에서 - 까지 + 에서 + 까지
      - +
      \" class=\"empty_table\">자료가 없습니다.
      @@ -248,5 +248,4 @@ function fpointlist_submit(f) +include_once ('./admin.tail.php'); \ No newline at end of file diff --git a/adm/point_list_delete.php b/adm/point_list_delete.php index fb064b3bf..6926ad8cd 100644 --- a/adm/point_list_delete.php +++ b/adm/point_list_delete.php @@ -4,11 +4,11 @@ include_once('./_common.php'); check_demo(); -auth_check($auth[$sub_menu], 'd'); +auth_check_menu($auth, $sub_menu, 'd'); check_admin_token(); -$count = count($_POST['chk']); +$count = (isset($_POST['chk']) && is_array($_POST['chk'])) ? count($_POST['chk']) : 0; if(!$count) alert($_POST['act_button'].' 하실 항목을 하나 이상 체크하세요.'); @@ -57,5 +57,4 @@ for ($i=0; $i<$count; $i++) sql_query($sql); } -goto_url('./point_list.php?'.$qstr); -?> \ No newline at end of file +goto_url('./point_list.php?'.$qstr); \ No newline at end of file diff --git a/adm/point_update.php b/adm/point_update.php index ac1a70411..b560538dd 100644 --- a/adm/point_update.php +++ b/adm/point_update.php @@ -2,14 +2,14 @@ $sub_menu = "200200"; include_once('./_common.php'); -auth_check($auth[$sub_menu], 'w'); +auth_check_menu($auth, $sub_menu, 'w'); check_admin_token(); -$mb_id = strip_tags(clean_xss_attributes($_POST['mb_id'])); -$po_point = strip_tags(clean_xss_attributes($_POST['po_point'])); -$po_content = strip_tags(clean_xss_attributes($_POST['po_content'])); -$expire = preg_replace('/[^0-9]/', '', $_POST['po_expire_term']); +$mb_id = isset($_POST['mb_id']) ? strip_tags(clean_xss_attributes($_POST['mb_id'])) : ''; +$po_point = isset($_POST['po_point']) ? strip_tags(clean_xss_attributes($_POST['po_point'])) : 0; +$po_content = isset($_POST['po_content']) ? strip_tags(clean_xss_attributes($_POST['po_content'])) : ''; +$expire = isset($_POST['po_expire_term']) ? preg_replace('/[^0-9]/', '', $_POST['po_expire_term']) : ''; $mb = get_member($mb_id); @@ -21,5 +21,4 @@ if (($po_point < 0) && ($po_point * (-1) > $mb['mb_point'])) insert_point($mb_id, $po_point, $po_content, '@passive', $mb_id, $member['mb_id'].'-'.uniqid(''), $expire); -goto_url('./point_list.php?'.$qstr); -?> +goto_url('./point_list.php?'.$qstr); \ No newline at end of file diff --git a/adm/poll_delete.php b/adm/poll_delete.php index 3cae4f3cf..5827ca065 100644 --- a/adm/poll_delete.php +++ b/adm/poll_delete.php @@ -4,17 +4,17 @@ include_once('./_common.php'); check_demo(); -auth_check($auth[$sub_menu], 'd'); +auth_check_menu($auth, $sub_menu, 'd'); check_admin_token(); -$count = count($_POST['chk']); +$count = (isset($_POST['chk']) && is_array($_POST['chk'])) ? count($_POST['chk']) : 0; if(!$count) alert('삭제할 투표목록을 1개이상 선택해 주세요.'); for($i=0; $i<$count; $i++) { - $po_id = $_POST['chk'][$i]; + $po_id = isset($_POST['chk'][$i]) ? (int) $_POST['chk'][$i] : 0; $sql = " delete from {$g5['poll_table']} where po_id = '$po_id' "; sql_query($sql); @@ -23,5 +23,4 @@ for($i=0; $i<$count; $i++) { sql_query($sql); } -goto_url('./poll_list.php?'.$qstr); -?> \ No newline at end of file +goto_url('./poll_list.php?'.$qstr); \ No newline at end of file diff --git a/adm/poll_form.php b/adm/poll_form.php index 3de75ddbe..f04ac7e2c 100644 --- a/adm/poll_form.php +++ b/adm/poll_form.php @@ -2,9 +2,15 @@ $sub_menu = "200900"; include_once('./_common.php'); -auth_check($auth[$sub_menu], 'w'); +auth_check_menu($auth, $sub_menu, 'w'); $po_id = isset($po_id) ? (int) $po_id : 0; +$po = array( +'po_subject'=>'', +'po_etc'=>'', +'po_level'=>'', +'po_point'=>'', +); $html_title = '투표'; if ($w == '') @@ -48,7 +54,8 @@ include_once('./admin.head.php'); $sound_only = '필수'; } - $po_poll = get_text($po['po_poll'.$i]); + $po_poll = isset($po['po_poll'.$i]) ? get_text($po['po_poll'.$i]) : ''; + $po_cnt = isset($po['po_cnt'.$i]) ? get_text($po['po_cnt'.$i]) : 0; ?> @@ -56,7 +63,7 @@ include_once('./admin.head.php'); @@ -111,5 +118,4 @@ include_once('./admin.head.php'); +include_once('./admin.tail.php'); \ No newline at end of file diff --git a/adm/poll_form_update.php b/adm/poll_form_update.php index f5972aa8a..2c4e7c6c2 100644 --- a/adm/poll_form_update.php +++ b/adm/poll_form_update.php @@ -6,7 +6,7 @@ $w = $_POST['w']; if ($w == 'u' || $w == 'd') check_demo(); -auth_check($auth[$sub_menu], 'w'); +auth_check_menu($auth, $sub_menu, 'w'); check_admin_token(); @@ -99,5 +99,4 @@ sql_query(" update {$g5['config_table']} set cf_max_po_id = '{$row['max_po_id']} if ($w == 'd') goto_url('./poll_list.php?'.$qstr); else - goto_url('./poll_form.php?w=u&po_id='.$po_id.'&'.$qstr); -?> + goto_url('./poll_form.php?w=u&po_id='.$po_id.'&'.$qstr); \ No newline at end of file diff --git a/adm/poll_list.php b/adm/poll_list.php index 9b2123d8e..8b719c314 100644 --- a/adm/poll_list.php +++ b/adm/poll_list.php @@ -2,7 +2,7 @@ $sub_menu = "200900"; include_once('./_common.php'); -auth_check($auth[$sub_menu], 'r'); +auth_check_menu($auth, $sub_menu, 'r'); $sql_common = " from {$g5['poll_table']} "; @@ -59,7 +59,7 @@ $colspan = 7;
      @@ -154,5 +154,4 @@ $(function() { \ No newline at end of file +include_once ('./admin.tail.php'); \ No newline at end of file diff --git a/adm/popular_list.php b/adm/popular_list.php index 80f200be2..d55c975d7 100644 --- a/adm/popular_list.php +++ b/adm/popular_list.php @@ -2,7 +2,7 @@ $sub_menu = "300300"; include_once('./_common.php'); -auth_check($auth[$sub_menu], 'r'); +auth_check_menu($auth, $sub_menu, 'r'); // 체크된 자료 삭제 if (isset($_POST['chk']) && is_array($_POST['chk'])) { @@ -79,8 +79,8 @@ var list_delete_php = 'popular_list.php';
      @@ -94,7 +94,7 @@ var list_delete_php = 'popular_list.php'; - +
      class="frm_input " maxlength="125"> - +
      @@ -167,5 +167,4 @@ $(function() { +include_once('./admin.tail.php'); \ No newline at end of file diff --git a/adm/popular_rank.php b/adm/popular_rank.php index b39127a59..53552d627 100644 --- a/adm/popular_rank.php +++ b/adm/popular_rank.php @@ -2,7 +2,10 @@ $sub_menu = "300400"; include_once('./_common.php'); -auth_check($auth[$sub_menu], 'r'); +auth_check_menu($auth, $sub_menu, 'r'); + +$fr_date = isset($_REQUEST['fr_date']) ? $_REQUEST['fr_date'] : ''; +$to_date = isset($_REQUEST['to_date']) ? $_REQUEST['to_date'] : ''; if (empty($fr_date) || ! preg_match("/^[0-9]{4}-(0[1-9]|1[0-2])-(0[1-9]|[1-2][0-9]|3[0-1])$/", $fr_date) ) $fr_date = G5_TIME_YMD; if (empty($to_date) || ! preg_match("/^[0-9]{4}-(0[1-9]|1[0-2])-(0[1-9]|[1-2][0-9]|3[0-1])$/", $to_date) ) $to_date = G5_TIME_YMD; @@ -64,7 +67,7 @@ $(function(){ - +
      @@ -105,8 +108,5 @@ $(function(){ - +include_once('./admin.tail.php'); \ No newline at end of file diff --git a/adm/qa_config.php b/adm/qa_config.php index c06a0a059..13664223b 100644 --- a/adm/qa_config.php +++ b/adm/qa_config.php @@ -3,7 +3,7 @@ $sub_menu = "300500"; include_once('./_common.php'); include_once(G5_EDITOR_LIB); -auth_check($auth[$sub_menu], 'r'); +auth_check_menu($auth, $sub_menu, 'r'); $g5['title'] = '1:1문의 설정'; include_once ('./admin.head.php'); @@ -396,5 +396,4 @@ function fqaconfigform_submit(f) \ No newline at end of file +include_once ('./admin.tail.php'); \ No newline at end of file diff --git a/adm/qa_config_update.php b/adm/qa_config_update.php index 829c78adb..9f5869073 100644 --- a/adm/qa_config_update.php +++ b/adm/qa_config_update.php @@ -4,7 +4,7 @@ include_once('./_common.php'); check_demo(); -auth_check($auth[$sub_menu], 'w'); +auth_check_menu($auth, $sub_menu, 'w'); check_admin_token(); @@ -107,5 +107,4 @@ if($error_msg){ alert($error_msg, './qa_config.php'); } else { goto_url('./qa_config.php'); -} -?> \ No newline at end of file +} \ No newline at end of file diff --git a/adm/safe_check.php b/adm/safe_check.php index 71f28f5c5..0143ddf55 100644 --- a/adm/safe_check.php +++ b/adm/safe_check.php @@ -13,5 +13,4 @@ function social_log_file_delete($second=0){ unlink($social_log_file); } } -} -?> \ No newline at end of file +} \ No newline at end of file diff --git a/adm/sendmail_test.php b/adm/sendmail_test.php index c0a88e600..bb7801d11 100644 --- a/adm/sendmail_test.php +++ b/adm/sendmail_test.php @@ -2,7 +2,7 @@ $sub_menu = '100300'; include_once('./_common.php'); -auth_check($auth[$sub_menu], 'r'); +auth_check_menu($auth, $sub_menu, 'r'); if (!$config['cf_email_use']) alert('환경설정에서 \'메일발송 사용\'에 체크하셔야 메일을 발송할 수 있습니다.'); @@ -72,5 +72,4 @@ if (isset($_POST['email'])) { +include_once('./admin.tail.php'); \ No newline at end of file diff --git a/adm/service.php b/adm/service.php index c677beaff..f38583766 100644 --- a/adm/service.php +++ b/adm/service.php @@ -2,7 +2,7 @@ $sub_menu = '100400'; include_once('./_common.php'); -auth_check($auth[$sub_menu], 'r'); +auth_check_menu($auth, $sub_menu, 'r'); $g5['title'] = '부가서비스'; include_once('./admin.head.php'); @@ -45,5 +45,4 @@ include_once('./admin.head.php'); +include_once('./admin.tail.php'); \ No newline at end of file diff --git a/adm/session_file_delete.php b/adm/session_file_delete.php index 0b88f8dc2..bfbbb08f3 100644 --- a/adm/session_file_delete.php +++ b/adm/session_file_delete.php @@ -57,5 +57,4 @@ include_once("./admin.head.php"); ?> +include_once("./admin.tail.php"); \ No newline at end of file diff --git a/adm/sms_admin/_common.php b/adm/sms_admin/_common.php index 3c53259a8..e295daf97 100644 --- a/adm/sms_admin/_common.php +++ b/adm/sms_admin/_common.php @@ -19,5 +19,4 @@ if( isset($token) ){ $token = @htmlspecialchars(strip_tags($token), ENT_QUOTES); } -add_stylesheet('', 0); -?> \ No newline at end of file +add_stylesheet('', 0); \ No newline at end of file diff --git a/adm/sms_admin/ajax.hp_chk.php b/adm/sms_admin/ajax.hp_chk.php index b1c303565..4634817b3 100644 --- a/adm/sms_admin/ajax.hp_chk.php +++ b/adm/sms_admin/ajax.hp_chk.php @@ -10,12 +10,14 @@ if( !function_exists('json_encode') ) { } } -ajax_auth_check($auth[$sub_menu], "r"); +ajax_auth_check_menu($auth, $sub_menu, "r"); $err = ''; $arr_ajax_msg = array(); $exist_hplist = array(); +$bk_hp = isset($_REQUEST['bk_hp']) ? clean_xss_tags($_REQUEST['bk_hp'], 1, 1) : ''; + if( !$bk_hp ) $err = '휴대폰번호를 입력해 주십시오.'; @@ -46,6 +48,4 @@ if(!$row['cnt'] && $w == 'u') { $arr_ajax_msg['error'] = $err; $arr_ajax_msg['exist'] = $exist_hplist; -die( json_encode($arr_ajax_msg) ); - -?> \ No newline at end of file +die( json_encode($arr_ajax_msg) ); \ No newline at end of file diff --git a/adm/sms_admin/ajax.sms_write_form.php b/adm/sms_admin/ajax.sms_write_form.php index 82a02b22a..8514179e4 100644 --- a/adm/sms_admin/ajax.sms_write_form.php +++ b/adm/sms_admin/ajax.sms_write_form.php @@ -10,7 +10,9 @@ if( !function_exists('json_encode') ) { } } -ajax_auth_check($auth[$sub_menu], "r"); +ajax_auth_check_menu($auth, $sub_menu, "r"); + +$fg_no = isset($_REQUEST['fg_no']) ? preg_replace('/[^0-9]/i', '', $_REQUEST['fg_no']) : ''; $page_size = 6; @@ -82,5 +84,4 @@ $arr_ajax_msg = array( 'total_page'=>$total_page ); -die( json_encode($arr_ajax_msg) ); -?> \ No newline at end of file +die( json_encode($arr_ajax_msg) ); \ No newline at end of file diff --git a/adm/sms_admin/ajax.sms_write_group.php b/adm/sms_admin/ajax.sms_write_group.php index 702357183..5b10312e3 100644 --- a/adm/sms_admin/ajax.sms_write_group.php +++ b/adm/sms_admin/ajax.sms_write_group.php @@ -4,7 +4,7 @@ include_once("./_common.php"); $colspan = 3; -auth_check($auth[$sub_menu], "r"); +auth_check_menu($auth, $sub_menu, "r"); $no_group = sql_fetch("select * from {$g5['sms5_book_group_table']} where bg_no=1"); diff --git a/adm/sms_admin/ajax.sms_write_level.php b/adm/sms_admin/ajax.sms_write_level.php index d17fcd54b..b36cf1d18 100644 --- a/adm/sms_admin/ajax.sms_write_level.php +++ b/adm/sms_admin/ajax.sms_write_level.php @@ -10,7 +10,7 @@ if( !function_exists('json_encode') ) { } } -ajax_auth_check($auth[$sub_menu], "r"); +ajax_auth_check_menu($auth, $sub_menu, "r"); $lev = array(); @@ -26,6 +26,7 @@ while ($row = sql_fetch_array($qry)) $lev[$row['mb_level']] = $row['cnt']; } $str_json = array(); +$line = 0; $tmp_str = ''; $tmp_str .= '
      @@ -53,5 +54,4 @@ $tmp_str .= '
      '; $str_json['html'] = $tmp_str; -echo json_encode($str_json); -?> \ No newline at end of file +echo json_encode($str_json); \ No newline at end of file diff --git a/adm/sms_admin/ajax.sms_write_person.php b/adm/sms_admin/ajax.sms_write_person.php index c37b70058..26a90c3b7 100644 --- a/adm/sms_admin/ajax.sms_write_person.php +++ b/adm/sms_admin/ajax.sms_write_person.php @@ -5,7 +5,11 @@ include_once("./_common.php"); $page_size = 10; $colspan = 5; -auth_check($auth[$sub_menu], "r"); +$bg_no = isset($_REQUEST['bg_no']) ? (int) $_REQUEST['bg_no'] : 0; +$ap = isset($_REQUEST['ap']) ? (int) $_REQUEST['ap'] : 0; +$no_hp = isset($_REQUEST['no_hp']) ? clean_xss_tags($_REQUEST['no_hp'], 1, 1) : ''; + +auth_check_menu($auth, $sub_menu, "r"); $g5['title'] = "휴대폰번호 관리"; diff --git a/adm/sms_admin/config.php b/adm/sms_admin/config.php index a8e89543e..dc2d28467 100644 --- a/adm/sms_admin/config.php +++ b/adm/sms_admin/config.php @@ -2,7 +2,7 @@ $sub_menu = "900100"; include_once("./_common.php"); -auth_check($auth[$sub_menu], "r"); +auth_check_menu($auth, $sub_menu, "r"); $g5['title'] = "SMS 기본설정"; @@ -25,7 +25,7 @@ if ($config['cf_sms_use'] && $config['cf_icode_id'] && $config['cf_icode_pw']) if (!$config['cf_icode_id']) $config['cf_icode_id'] = 'sir_'; -if (!$sms5['cf_skin']) +if (! (isset($sms5['cf_skin']) && $sms5['cf_skin'])) $sms5['cf_skin'] = 'basic'; include_once(G5_ADMIN_PATH.'/admin.head.php'); @@ -117,7 +117,7 @@ if ($config['cf_sms_use'] == 'icode') { // 아이코드 사용       @@ -144,5 +144,4 @@ if ($config['cf_sms_use'] == 'icode') { // 아이코드 사용 \ No newline at end of file +include_once(G5_ADMIN_PATH.'/admin.tail.php'); \ No newline at end of file diff --git a/adm/sms_admin/config_update.php b/adm/sms_admin/config_update.php index 236d56e74..da708f998 100644 --- a/adm/sms_admin/config_update.php +++ b/adm/sms_admin/config_update.php @@ -2,7 +2,7 @@ $sub_menu = "900100"; include_once("./_common.php"); -auth_check($auth[$sub_menu], "w"); +auth_check_menu($auth, $sub_menu, "w"); check_demo(); @@ -10,6 +10,15 @@ check_admin_token(); $g5['title'] = "SMS 기본설정"; +$cf_phone = isset($_REQUEST['cf_phone']) ? clean_xss_tags($_REQUEST['cf_phone'], 1, 1) : ''; +$cf_sms_use = isset($_REQUEST['cf_sms_use']) ? clean_xss_tags($_REQUEST['cf_sms_use'], 1, 1) : ''; +$cf_sms_type = isset($_REQUEST['cf_sms_type']) ? clean_xss_tags($_REQUEST['cf_sms_type'], 1, 1) : ''; +$cf_icode_id = isset($_REQUEST['cf_icode_id']) ? clean_xss_tags($_REQUEST['cf_icode_id'], 1, 1) : ''; +$cf_icode_pw = isset($_REQUEST['cf_icode_pw']) ? clean_xss_tags($_REQUEST['cf_icode_pw'], 1, 1) : ''; +$cf_icode_server_ip = isset($_REQUEST['cf_icode_server_ip']) ? clean_xss_tags($_REQUEST['cf_icode_server_ip'], 1, 1) : ''; +$cf_icode_server_port = isset($_REQUEST['cf_icode_server_port']) ? clean_xss_tags($_REQUEST['cf_icode_server_port'], 1, 1) : ''; +$cf_icode_token_key = isset($_REQUEST['cf_icode_token_key']) ? clean_xss_tags($_REQUEST['cf_icode_token_key'], 1, 1) : ''; + // 회신번호 체크 if(!check_vaild_callback($cf_phone)) alert('회신번호가 올바르지 않습니다.'); @@ -42,5 +51,4 @@ $sql = " update {$g5['config_table']} cf_icode_token_key = '$cf_icode_token_key'"; sql_query($sql); -goto_url("./config.php"); -?> \ No newline at end of file +goto_url("./config.php"); \ No newline at end of file diff --git a/adm/sms_admin/emoticon_move.php b/adm/sms_admin/emoticon_move.php index 4e04cf496..7c1db6eb3 100644 --- a/adm/sms_admin/emoticon_move.php +++ b/adm/sms_admin/emoticon_move.php @@ -6,7 +6,7 @@ if ($sw != 'move'){ alert('sw 값이 제대로 넘어오지 않았습니다.'); } -auth_check($auth[$sub_menu], "r"); +auth_check_menu($auth, $sub_menu, "r"); $g5['title'] = '이모티콘그룹 이동'; include_once(G5_PATH.'/head.sub.php'); @@ -111,5 +111,4 @@ function fboardmoveall_submit(f) +include_once(G5_PATH.'/tail.sub.php'); \ No newline at end of file diff --git a/adm/sms_admin/emoticon_move_update.php b/adm/sms_admin/emoticon_move_update.php index 8fe03b539..30a6bf330 100644 --- a/adm/sms_admin/emoticon_move_update.php +++ b/adm/sms_admin/emoticon_move_update.php @@ -1,12 +1,14 @@ 돌아가기 -HEREDOC; -?> \ No newline at end of file +HEREDOC; \ No newline at end of file diff --git a/adm/sms_admin/form_group.php b/adm/sms_admin/form_group.php index d91d061ac..4fb6cedc0 100644 --- a/adm/sms_admin/form_group.php +++ b/adm/sms_admin/form_group.php @@ -4,7 +4,7 @@ include_once("./_common.php"); $colspan = 5; -auth_check($auth[$sub_menu], "r"); +auth_check_menu($auth, $sub_menu, "r"); $g5['title'] = "이모티콘 그룹"; @@ -67,8 +67,8 @@ function grouplist_submit(f) -
      - + +
      @@ -83,7 +83,7 @@ function grouplist_submit(f)

      그룹명순으로 정렬됩니다.

      - +
      @@ -173,5 +173,4 @@ function grouplist_submit(f) \ No newline at end of file +include_once(G5_ADMIN_PATH.'/admin.tail.php'); \ No newline at end of file diff --git a/adm/sms_admin/form_group_move.php b/adm/sms_admin/form_group_move.php index 27faa14d1..5b430a830 100644 --- a/adm/sms_admin/form_group_move.php +++ b/adm/sms_admin/form_group_move.php @@ -3,7 +3,10 @@ $sub_menu = "900500"; include_once("./_common.php"); -auth_check($auth[$sub_menu], "w"); +auth_check_menu($auth, $sub_menu, "w"); + +$fg_no = isset($_REQUEST['fg_no']) ? (int) $_REQUEST['fg_no'] : 0; +$move_no = isset($_REQUEST['move_no']) ? (int) $_REQUEST['move_no'] : 0; if ($fg_no) { @@ -26,5 +29,4 @@ $group = sql_fetch("select * from {$g5['sms5_form_group_table']} where fg_no = ' sql_query("update {$g5['sms5_form_table']} set fg_no = '$move_no', fg_member = '{$group['fg_member']}' where fg_no = '$fg_no'"); -goto_url('./form_group.php'); -?> \ No newline at end of file +goto_url('./form_group.php'); \ No newline at end of file diff --git a/adm/sms_admin/form_group_update.php b/adm/sms_admin/form_group_update.php index d5257dcea..7daebb063 100644 --- a/adm/sms_admin/form_group_update.php +++ b/adm/sms_admin/form_group_update.php @@ -2,15 +2,17 @@ $sub_menu = "900500"; include_once("./_common.php"); -auth_check($auth[$sub_menu], "w"); +auth_check_menu($auth, $sub_menu, "w"); + +$post_cnk = (isset($_POST['chk']) && is_array($_POST['chk'])) ? $_POST['chk'] : array(); if ($w == 'u') // 업데이트 { - for ($i=0; $i \ No newline at end of file +goto_url('./form_group.php'); \ No newline at end of file diff --git a/adm/sms_admin/form_list.php b/adm/sms_admin/form_list.php index dca08fb51..64b771ae3 100644 --- a/adm/sms_admin/form_list.php +++ b/adm/sms_admin/form_list.php @@ -5,7 +5,7 @@ include_once("./_common.php"); $page_size = 12; $colspan = 2; -auth_check($auth[$sub_menu], "r"); +auth_check_menu($auth, $sub_menu, "r"); $token = get_token(); @@ -13,7 +13,7 @@ $g5['title'] = "이모티콘 관리"; if ($page < 1) $page = 1; -$fg_no = isset($fg_no) ? (int) $fg_no : ''; +$fg_no = isset($_REQUEST['fg_no']) ? (int) $_REQUEST['fg_no'] : 0; if (is_numeric($fg_no)) $sql_group = " and fg_no='$fg_no' "; @@ -237,5 +237,4 @@ function select_copy(sw, f) { \ No newline at end of file +include_once(G5_ADMIN_PATH.'/admin.tail.php'); \ No newline at end of file diff --git a/adm/sms_admin/form_multi_update.php b/adm/sms_admin/form_multi_update.php index f321a1577..d90793829 100644 --- a/adm/sms_admin/form_multi_update.php +++ b/adm/sms_admin/form_multi_update.php @@ -2,19 +2,22 @@ $sub_menu = "900600"; include_once("./_common.php"); -auth_check($auth[$sub_menu], "w"); +auth_check_menu($auth, $sub_menu, "w"); check_admin_token(); +$post_fo_no = (isset($_POST['fo_no']) && is_array($_POST['fo_no'])) ? $_POST['fo_no'] : array(); +$atype = isset($_POST['atype']) ? clean_xss_tags($_POST['atype'], 1, 1) : ''; + if($atype == "del"){ - $count = count($_POST['fo_no']); + $count = count($post_fo_no); if(!$count) alert('선택삭제 하실 항목을 하나이상 선택해 주세요.'); for ($i=0; $i<$count; $i++) { // 실제 번호를 넘김 - $fo_no = (int) $_POST['fo_no'][$i]; + $fo_no = (int) $post_fo_no[$i]; if (!trim($fo_no)) continue; $res = sql_fetch("select * from {$g5['sms5_form_table']} where fo_no='$fo_no'"); diff --git a/adm/sms_admin/form_update.php b/adm/sms_admin/form_update.php index 1eb78101a..3236eeee5 100644 --- a/adm/sms_admin/form_update.php +++ b/adm/sms_admin/form_update.php @@ -2,10 +2,11 @@ $sub_menu = "900600"; include_once("./_common.php"); -auth_check($auth[$sub_menu], "w"); +auth_check_menu($auth, $sub_menu, "w"); -$fo_name = isset($fo_name) ? strip_tags(clean_xss_attributes($fo_name)) : ''; -$fo_content = isset($fo_content) ? strip_tags(clean_xss_attributes($fo_content)) : ''; +$fo_name = isset($_REQUEST['fo_name']) ? strip_tags(clean_xss_attributes($_REQUEST['fo_name'])) : ''; +$fo_content = isset($_REQUEST['fo_content']) ? strip_tags(clean_xss_attributes($_REQUEST['fo_content'])) : ''; +$fo_receipt = isset($_REQUEST['fo_receipt']) ? clean_xss_tags($_REQUEST['fo_receipt'], 1, 1) : ''; $g5['title'] = "이모티콘 업데이트"; @@ -77,5 +78,4 @@ else // 등록 } $go_url = './form_list.php?page='.$page.'&fg_no='.$get_fg_no; -goto_url($go_url); -?> \ No newline at end of file +goto_url($go_url); \ No newline at end of file diff --git a/adm/sms_admin/form_write.php b/adm/sms_admin/form_write.php index b8e4913f7..a28671f38 100644 --- a/adm/sms_admin/form_write.php +++ b/adm/sms_admin/form_write.php @@ -2,11 +2,19 @@ $sub_menu = "900600"; include_once("./_common.php"); -auth_check($auth[$sub_menu], "w"); +auth_check_menu($auth, $sub_menu, "w"); $g5['title'] = "이모티콘 "; -$fg_no = isset($fg_no) ? (int) $fg_no : ''; +$fo_no = isset($_REQUEST['fo_no']) ? (int) $_REQUEST['fo_no'] : 0; +$fg_no = isset($_REQUEST['fg_no']) ? (int) $_REQUEST['fg_no'] : ''; + +$write = array( +'fg_no'=>null, +'fo_no'=>null, +'fo_name'=>'', +'fo_content'=>'' +); if ($w == 'u' && is_numeric($fo_no)) { $write = sql_fetch("select * from {$g5['sms5_form_table']} where fo_no='$fo_no'"); @@ -14,6 +22,7 @@ if ($w == 'u' && is_numeric($fo_no)) { } else { $write['fg_no'] = $fg_no; + $write['fo_no'] = $fo_no; $g5['title'] .= '추가'; } @@ -23,7 +32,7 @@ include_once(G5_ADMIN_PATH.'/admin.head.php');
      - +
      @@ -231,5 +240,4 @@ $(function(){ \ No newline at end of file +include_once(G5_ADMIN_PATH.'/admin.tail.php'); \ No newline at end of file diff --git a/adm/sms_admin/history_list.php b/adm/sms_admin/history_list.php index d3edc13e9..467cc33db 100644 --- a/adm/sms_admin/history_list.php +++ b/adm/sms_admin/history_list.php @@ -5,7 +5,7 @@ include_once("./_common.php"); $page_size = 20; $colspan = 11; -auth_check($auth[$sub_menu], "r"); +auth_check_menu($auth, $sub_menu, "r"); $g5['title'] = "문자전송 내역"; @@ -23,7 +23,7 @@ $total_page = (int)($total_count/$page_size) + ($total_count%$page_size==0 ? 0 : $page_start = $page_size * ( $page - 1 ); $vnum = $total_count - (($page-1) * $page_size); - +$line = 0; include_once(G5_ADMIN_PATH.'/admin.head.php'); ?> @@ -68,7 +68,7 @@ include_once(G5_ADMIN_PATH.'/admin.head.php'); while($res = sql_fetch_array($qry)) { $bg = 'bg'.($line++%2); $tmp_wr_memo = @unserialize($res['wr_memo']); - $dupli_count = $tmp_wr_memo['total'] ? $tmp_wr_memo['total'] : 0; + $dupli_count = (isset($tmp_wr_memo['total']) && $tmp_wr_memo['total']) ? (int) $tmp_wr_memo['total'] : 0; ?>
      @@ -94,5 +94,4 @@ include_once(G5_ADMIN_PATH.'/admin.head.php'); \ No newline at end of file +include_once(G5_ADMIN_PATH.'/admin.tail.php'); \ No newline at end of file diff --git a/adm/sms_admin/history_num.php b/adm/sms_admin/history_num.php index 043fdd3f0..6fe344a35 100644 --- a/adm/sms_admin/history_num.php +++ b/adm/sms_admin/history_num.php @@ -5,12 +5,14 @@ include_once('./_common.php'); $page_size = 20; $colspan = 10; -auth_check($auth[$sub_menu], "r"); +auth_check_menu($auth, $sub_menu, "r"); $g5['title'] = "문자전송 내역 (번호별)"; if ($page < 1) $page = 1; +$line = 0; + if( isset($st) && !in_array($st, array('hs_name', 'hs_hp', 'bk_no')) ){ $st = ''; } @@ -107,5 +109,4 @@ include_once(G5_ADMIN_PATH.'/admin.head.php'); \ No newline at end of file +include_once(G5_ADMIN_PATH.'/admin.tail.php'); \ No newline at end of file diff --git a/adm/sms_admin/history_send.php b/adm/sms_admin/history_send.php index 9b4f29600..12d51f0be 100644 --- a/adm/sms_admin/history_send.php +++ b/adm/sms_admin/history_send.php @@ -2,7 +2,9 @@ $sub_menu = "900400"; include_once("./_common.php"); -auth_check($auth[$sub_menu], "w"); +auth_check_menu($auth, $sub_menu, "w"); + +$wr_no = isset($_REQUEST['wr_no']) ? (int) $_REQUEST['wr_no'] : 0; $g5['title'] = "문자전송중"; @@ -229,5 +231,4 @@ if($config['cf_sms_type'] == 'LMS') { location.href = 'history_view.php?wr_no=&wr_renum='; \ No newline at end of file +include_once(G5_ADMIN_PATH.'/admin.tail.php'); \ No newline at end of file diff --git a/adm/sms_admin/history_view.php b/adm/sms_admin/history_view.php index 4ea64a885..1cf76df57 100644 --- a/adm/sms_admin/history_view.php +++ b/adm/sms_admin/history_view.php @@ -6,8 +6,12 @@ $spage_size = 20; $colspan = 10; $re_text = ''; -$st = isset($st) ? strip_tags($st) : ''; -$ssv = isset($ssv) ? strip_tags($ssv) : ''; +$st = isset($_REQUEST['st']) ? clean_xss_tags($_REQUEST['st'], 1, 1) : ''; +$ssv = isset($_REQUEST['ssv']) ? clean_xss_tags($_REQUEST['ssv'], 1, 1) : ''; +$wr_no = isset($_REQUEST['wr_no']) ? (int) $_REQUEST['wr_no'] : 0; +$wr_renum = isset($_REQUEST['wr_renum']) ? (int) $_REQUEST['wr_renum'] : 0; +$spage = isset($_REQUEST['spage']) ? (int) $_REQUEST['spage'] : 0; +$line = 0; if( $st && !in_array($st, array('hs_name', 'hs_hp', 'bk_no')) ){ $st = ''; @@ -17,7 +21,7 @@ if( $sst && !in_array($sst, array('mb_id', 'bk_no', 'hs_name', 'hs_hp', 'hs_date $sst = ''; } -auth_check($auth[$sub_menu], "r"); +auth_check_menu($auth, $sub_menu, "r"); $g5['title'] = "문자전송 상세내역"; @@ -261,5 +265,4 @@ function all_send() \ No newline at end of file +include_once(G5_ADMIN_PATH.'/admin.tail.php'); \ No newline at end of file diff --git a/adm/sms_admin/install.php b/adm/sms_admin/install.php index 025ecda8e..c5405c3d2 100644 --- a/adm/sms_admin/install.php +++ b/adm/sms_admin/install.php @@ -2,11 +2,11 @@ $sub_menu = "900000"; include_once("./_common.php"); -auth_check($auth[$sub_menu], 'r'); +auth_check_menu($auth, $sub_menu, 'r'); $g5['title'] = "SMS5 솔루션 설치"; -$setup = $_POST['setup']; +$setup = (isset($_POST['setup']) && $_POST['setup']) ? 1 : 0; include_once(G5_ADMIN_PATH.'/admin.head.php'); ?> @@ -83,5 +83,4 @@ flush(); usleep(50000); \ No newline at end of file +include_once(G5_ADMIN_PATH.'/admin.tail.php'); \ No newline at end of file diff --git a/adm/sms_admin/member_update.php b/adm/sms_admin/member_update.php index cf90a404e..0008c794f 100644 --- a/adm/sms_admin/member_update.php +++ b/adm/sms_admin/member_update.php @@ -2,7 +2,7 @@ $sub_menu = "900200"; include_once("./_common.php"); -auth_check($auth[$sub_menu], "r"); +auth_check_menu($auth, $sub_menu, "r"); $g5['title'] = "회원정보 업데이트"; @@ -19,7 +19,7 @@ include_once(G5_ADMIN_PATH.'/admin.head.php');

      - 마지막 업데이트 일시 :
      + 마지막 업데이트 일시 :

      @@ -64,5 +64,4 @@ include_once(G5_ADMIN_PATH.'/admin.head.php'); \ No newline at end of file +include_once(G5_ADMIN_PATH.'/admin.tail.php'); \ No newline at end of file diff --git a/adm/sms_admin/member_update_run.php b/adm/sms_admin/member_update_run.php index 94efc229c..aeea60f48 100644 --- a/adm/sms_admin/member_update_run.php +++ b/adm/sms_admin/member_update_run.php @@ -3,6 +3,8 @@ $sub_menu = "900200"; include_once("./_common.php"); @include_once(G5_PLUGIN_PATH."/sms5/JSON.php"); +$mtype = isset($_REQUEST['mtype']) ? clean_xss_tags($_REQUEST['mtype'], 1, 1) : ''; + if(empty($config['cf_sms_use'])){ if( $mtype == "json" ){ die("{\"error\":\"환경 설정의 SMS 사용에서 아이코드를 사용설정해 주셔야 실행할수 있습니다.\"}"); @@ -19,9 +21,9 @@ if( !function_exists('json_encode') ) { } if( $mtype == "json" ){ - ajax_auth_check($auth[$sub_menu], "w"); + ajax_auth_check_menu($auth, $sub_menu, "w"); } else { - auth_check($auth[$sub_menu], "w"); + auth_check_menu($auth, $sub_menu, "w"); } $count = 0; @@ -126,5 +128,4 @@ if( $mtype == "json" ){ die( json_encode($json_msg) ); } else { die( $msg ); -} -?> \ No newline at end of file +} \ No newline at end of file diff --git a/adm/sms_admin/num_book.php b/adm/sms_admin/num_book.php index d6a658567..4e89db11f 100644 --- a/adm/sms_admin/num_book.php +++ b/adm/sms_admin/num_book.php @@ -5,7 +5,7 @@ include_once("./_common.php"); $page_size = 20; $colspan = 9; -auth_check($auth[$sub_menu], "r"); +auth_check_menu($auth, $sub_menu, "r"); $token = get_token(); @@ -13,8 +13,8 @@ $g5['title'] = "휴대폰번호 관리"; if ($page < 1) $page = 1; -$bg_no = isset($bg_no) ? preg_replace('/[^0-9]/i', '', $bg_no) : ''; -$st = isset($st) ? preg_replace('/[^a-z0-9]/i', '', $st) : ''; +$bg_no = isset($_REQUEST['bg_no']) ? preg_replace('/[^0-9]/i', '', $_REQUEST['bg_no']) : ''; +$st = isset($_REQUEST['st']) ? preg_replace('/[^a-z0-9]/i', '', $_REQUEST['st']) : ''; $sql_korean = $sql_group = $sql_search = $sql_no_hp = ''; @@ -33,6 +33,9 @@ if ($st == 'all') { $sql_search = ''; } +$ap = isset($_GET['ap']) ? (int) $_GET['ap'] : 0; +$no_hp = isset($_GET['no_hp']) ? preg_replace('/[^0-9a-z_]/i', '', $_GET['no_hp']) : 0; + if ($ap > 0) $sql_korean = korean_index('bk_name', $ap-1); else { @@ -104,7 +107,7 @@ function no_hp_click(val)
      - 업데이트 + 업데이트 건수 회원 비회원 @@ -262,5 +265,4 @@ function select_copy(sw, f) { \ No newline at end of file +include_once(G5_ADMIN_PATH.'/admin.tail.php'); \ No newline at end of file diff --git a/adm/sms_admin/num_book_file.php b/adm/sms_admin/num_book_file.php index ed4f6f35b..abaa1912a 100644 --- a/adm/sms_admin/num_book_file.php +++ b/adm/sms_admin/num_book_file.php @@ -2,7 +2,7 @@ $sub_menu = "900900"; include_once("./_common.php"); -auth_check($auth[$sub_menu], "r"); +auth_check_menu($auth, $sub_menu, "r"); $g5['title'] = "휴대폰번호 파일"; @@ -154,5 +154,4 @@ function download() } \ No newline at end of file +include_once(G5_ADMIN_PATH.'/admin.tail.php'); \ No newline at end of file diff --git a/adm/sms_admin/num_book_file_download.php b/adm/sms_admin/num_book_file_download.php index 65c1bdaa1..55d8e6f0d 100644 --- a/adm/sms_admin/num_book_file_download.php +++ b/adm/sms_admin/num_book_file_download.php @@ -2,7 +2,10 @@ $sub_menu = "900900"; include_once("./_common.php"); -auth_check($auth[$sub_menu], "r"); +$bg_no = isset($_REQUEST['bg_no']) ? clean_xss_tags($_REQUEST['bg_no'], 1, 1) : ''; +$no_hp = isset($_REQUEST['no_hp']) ? clean_xss_tags($_REQUEST['no_hp'], 1, 1) : ''; + +auth_check_menu($auth, $sub_menu, "r"); if ($bg_no != 'all' && $bg_no < 1) alert_just('다운로드 할 휴대폰번호 그룹을 선택해주세요.'); @@ -18,50 +21,49 @@ if (!$total['cnt']) alert_just('데이터가 없습니다.'); $qry = sql_query("select * from {$g5['sms5_book_table']} where 1 $sql_bg $sql_hp order by bk_name"); -/*================================================================================ -php_writeexcel http://www.bettina-attack.de/jonny/view.php/projects/php_writeexcel/ -=================================================================================*/ +if(! function_exists('column_char')) { + function column_char($i) { + return chr( 65 + $i ); + } +} -include_once(G5_LIB_PATH.'/Excel/php_writeexcel/class.writeexcel_workbook.inc.php'); -include_once(G5_LIB_PATH.'/Excel/php_writeexcel/class.writeexcel_worksheet.inc.php'); +include_once(G5_LIB_PATH.'/PHPExcel.php'); +$excel = new PHPExcel(); -$fname = tempnam(G5_DATA_PATH, "tmp.xls"); -$workbook = new writeexcel_workbook($fname); -$worksheet = $workbook->addworksheet(); - -$num2_format =& $workbook->addformat(array(num_format => '\0#')); - -// Put Excel data -$data = array('이름', '전화번호'); -$data = array_map('iconv_euckr', $data); +$headers = array('이름', '전화번호'); +$widths = array(18, 25); +$header_bgcolor = 'FFABCDEF'; +$last_char = column_char(count($headers) - 1); +$rows = array(); $col = 0; -foreach($data as $cell) { - $worksheet->write(0, $col++, $cell); -} for($i=1; $res=sql_fetch_array($qry); $i++) { - $res = array_map('iconv_euckr', $res); + //$res = array_map('iconv_euckr', $res); $hp = get_hp($res['bk_hp'], $hyphen); if ($no_hp && $res['bk_hp'] != '' && !$hp) continue; - $worksheet->write($i, 0, $res['bk_name']); - $worksheet->write($i, 1, $hp, $num2_format); + $rows[] = array($res['bk_name'], ' '.$hp); } -$workbook->close(); +$data = array_merge(array($headers), $rows); + +$excel->setActiveSheetIndex(0)->getStyle( "A1:${last_char}1" )->getFill()->setFillType(PHPExcel_Style_Fill::FILL_SOLID)->getStartColor()->setARGB($header_bgcolor); +$excel->setActiveSheetIndex(0)->getStyle( "A:$last_char" )->getAlignment()->setVertical(PHPExcel_Style_Alignment::VERTICAL_CENTER)->setWrapText(true); +foreach($widths as $i => $w) $excel->setActiveSheetIndex(0)->getColumnDimension( column_char($i) )->setWidth($w); +$excel->getActiveSheet()->fromArray($data,NULL,'A1'); $filename = "휴대폰번호목록-".date("ymd", time()).".xls"; if( is_ie() ) $filename = utf2euc($filename); -header("Content-Type: application/x-msexcel; name=".$filename); -header("Content-Disposition: inline; filename=".$filename); -$fh=fopen($fname, "rb"); -fpassthru($fh); -unlink($fname); +header("Content-Type: application/octet-stream"); +header("Content-Disposition: attachment; filename=".$filename); +header("Cache-Control: max-age=0"); -exit; -?> \ No newline at end of file +$writer = PHPExcel_IOFactory::createWriter($excel, 'Excel5'); +$writer->save('php://output'); + +exit; \ No newline at end of file diff --git a/adm/sms_admin/num_book_file_upload.php b/adm/sms_admin/num_book_file_upload.php index c1fa4cdda..0c07d9ea9 100644 --- a/adm/sms_admin/num_book_file_upload.php +++ b/adm/sms_admin/num_book_file_upload.php @@ -2,14 +2,17 @@ $sub_menu = "900900"; include_once("./_common.php"); -auth_check($auth[$sub_menu], "w"); +auth_check_menu($auth, $sub_menu, "w"); + +$upload_bg_no = isset($_REQUEST['upload_bg_no']) ? clean_xss_tags($_REQUEST['upload_bg_no'], 1, 1) : ''; +$confirm = isset($_REQUEST['confirm']) ? clean_xss_tags($_REQUEST['confirm'], 1, 1) : ''; if (!$upload_bg_no) alert_after('그룹을 선택해주세요.'); $bg_no = $upload_bg_no; -if (!$_FILES['csv']['size']) +if (! (isset($_FILES['csv']['size']) && $_FILES['csv']['size'])) alert_after('파일을 선택해주세요.'); $file = $_FILES['csv']['tmp_name']; @@ -18,6 +21,12 @@ $filename = $_FILES['csv']['name']; $pos = strrpos($filename, '.'); $ext = strtolower(substr($filename, $pos, strlen($filename))); +if(! function_exists('column_char')) { + function column_char($i) { + return chr( 65 + $i ); + } +} + switch ($ext) { case '.csv' : $data = file($file); @@ -36,16 +45,17 @@ switch ($ext) { } break; case '.xls' : - include_once(G5_LIB_PATH.'/Excel/reader.php'); - $data = new Spreadsheet_Excel_Reader(); + case '.xlsx' : + include_once(G5_LIB_PATH.'/PHPExcel/IOFactory.php'); + $objPHPExcel = PHPExcel_IOFactory::load($file); + $sheet = $objPHPExcel->getSheet(0); + + $num_rows = $sheet->getHighestRow(); + $highestColumn = $sheet->getHighestColumn(); - // Set output Encoding. - $data->setOutputEncoding('UTF-8'); - $data->read($file); - $num_rows = $data->sheets[0]['numRows']; break; default : - alert_after('xls파일과 csv파일만 허용합니다.'); + alert_after('xls파일 xlsx파일과 csv파일만 허용합니다.'); } $counter = 0; @@ -54,6 +64,8 @@ $failure = 0; $inner_overlap = 0; $overlap = 0; $arr_hp = array(); +$dupl_hp = array(); +$regi_hp = array(); $encode = array('ASCII','UTF-8','EUC-KR'); for ($i = 1; $i <= $num_rows; $i++) { @@ -71,18 +83,25 @@ for ($i = 1; $i <= $num_rows; $i++) { $hp = addslashes($csv[$i][1]); break; case '.xls' : - $name = addslashes($data->sheets[0]['cells'][$i][$j++]); - $str_encode = @mb_detect_encoding($name, $encode); - if( $str_encode == "EUC-KR" ){ - $name = iconv_utf8( $name ); + case '.xlsx' : + $rowData = $sheet->rangeToArray('A' . $i . ':' . $highestColumn . $i, + NULL, + TRUE, + FALSE); + $name = isset($rowData[0][0]) ? addslashes($rowData[0][0]) : ''; + if( $name ){ + $str_encode = @mb_detect_encoding($name, $encode); + if( $str_encode == "EUC-KR" ){ + $name = iconv_utf8( $name ); + } } - $hp = addslashes(get_hp($data->sheets[0]['cells'][$i][$j++])); + $hp = isset($rowData[0][1]) ? addslashes(get_hp($rowData[0][1])) : ''; break; } + if (!(strlen($name)&&$hp)) { $failure++; - } else { if (in_array($hp, $arr_hp)) { @@ -92,15 +111,17 @@ for ($i = 1; $i <= $num_rows; $i++) { array_push($arr_hp, $hp); $res = sql_fetch("select * from {$g5['sms5_book_table']} where bk_hp='$hp'"); - if ($res) + + if (isset($res['bk_hp']) && $res['bk_hp']) { + array_push($dupl_hp, $hp); $overlap++; - } - else if (!$confirm && $hp) - { + } else if (!$confirm && $hp) { sql_query("insert into {$g5['sms5_book_table']} set bg_no='$bg_no', bk_name='".addslashes($name)."', bk_hp='$hp', bk_receipt=1, bk_datetime='".G5_TIME_YMDHIS."'"); sql_query("update {$g5['sms5_book_group_table']} set bg_count = bg_count + 1, bg_nomember = bg_nomember + 1, bg_receipt = bg_receipt + 1 where bg_no='$bg_no'"); $success++; + } else { + array_push($regi_hp, $hp); } } } @@ -127,7 +148,7 @@ html += \"
    • 중복번호 ".number_format($overlap)." 건
      등록가능 ".number_format($result)." 건\";"; + echo "html += \"
    • 등록가능 ".number_format($result)." 건
      \";"; echo "html += \"
      \";"; } else @@ -143,16 +164,27 @@ parent.document.getElementById('uploading').style.display = 'none'; parent.document.getElementById('register').style.display = 'none'; info.style.display = 'block'; -info.innerHTML = html; +info.innerHTML = html;"; -parent.document.getElementById('overlap').innerHTML = '

      중복번호 목록
      ';"; +if( $dupl_hp ) { + echo "parent.document.getElementById('overlap').innerHTML = '

      중복번호 목록
      ';"; -for ($i=0; $i"; +if( $regi_hp ) { + echo "parent.document.getElementById('regi_hps').innerHTML = '

      등록가능 목록
      ';"; + + for ($i=0; $i"; function alert_after($str) { echo ""; alert_just($str); -} -?> \ No newline at end of file +} \ No newline at end of file diff --git a/adm/sms_admin/num_book_move.php b/adm/sms_admin/num_book_move.php index f69248d89..e59013fb1 100644 --- a/adm/sms_admin/num_book_move.php +++ b/adm/sms_admin/num_book_move.php @@ -11,12 +11,12 @@ if ($sw == 'move'){ alert('sw 값이 제대로 넘어오지 않았습니다.'); } -auth_check($auth[$sub_menu], "r"); +auth_check_menu($auth, $sub_menu, "r"); $g5['title'] = '번호그룹 ' . $act; include_once(G5_PATH.'/head.sub.php'); -$bk_no_list = implode(',', $_POST['bk_no']); +$bk_no_list = isset($_POST['bk_no']) ? implode(',', $_POST['bk_no']) : ''; $sql = " select * from {$g5['sms5_book_group_table']} order by bg_no "; $result = sql_query($sql); @@ -124,5 +124,4 @@ function fboardmoveall_submit(f) +include_once(G5_PATH.'/tail.sub.php'); \ No newline at end of file diff --git a/adm/sms_admin/num_book_multi_update.php b/adm/sms_admin/num_book_multi_update.php index 5919a7f61..e1f579e76 100644 --- a/adm/sms_admin/num_book_multi_update.php +++ b/adm/sms_admin/num_book_multi_update.php @@ -2,13 +2,15 @@ $sub_menu = "900800"; include_once("./_common.php"); -auth_check($auth[$sub_menu], "w"); +auth_check_menu($auth, $sub_menu, "w"); $g5['title'] = "전화번호부"; -for ($i=0; $i \ No newline at end of file +goto_url('./num_book.php'.$str_query); \ No newline at end of file diff --git a/adm/sms_admin/num_book_update.php b/adm/sms_admin/num_book_update.php index 079c5eae1..6358e2017 100644 --- a/adm/sms_admin/num_book_update.php +++ b/adm/sms_admin/num_book_update.php @@ -2,7 +2,7 @@ $sub_menu = "900800"; include_once("./_common.php"); -auth_check($auth[$sub_menu], "w"); +auth_check_menu($auth, $sub_menu, "w"); $g5['title'] = "휴대폰번호 업데이트"; @@ -10,10 +10,11 @@ $g5['sms5_demo'] = 0; $is_hp_exist = false; -$bk_hp = get_hp($bk_hp); +$bk_hp = isset($_REQUEST['bk_hp']) ? get_hp($_REQUEST['bk_hp']) : ''; -$bk_memo = strip_tags($bk_memo); -$bk_name = strip_tags($bk_name); +$bk_memo = isset($_REQUEST['bk_memo']) ? strip_tags($_REQUEST['bk_memo']) : ''; +$bk_name = isset($_REQUEST['bk_name']) ? strip_tags($_REQUEST['bk_name']) : ''; +$bg_no = isset($_REQUEST['bg_no']) ? (int) $_REQUEST['bg_no'] : 0; if ($w=='u') // 업데이트 { @@ -54,7 +55,7 @@ if ($w=='u') // 업데이트 // 휴대폰번호 중복체크 $sql = " select mb_id from {$g5['member_table']} where mb_id <> '{$res['mb_id']}' and mb_hp = '{$bk_hp}' "; $mb_hp_exist = sql_fetch($sql); - if ($mb_hp_exist['mb_id']) { //중복된 회원 휴대폰번호가 있다면 + if (isset($mb_hp_exist['mb_id']) && $mb_hp_exist['mb_id']) { //중복된 회원 휴대폰번호가 있다면 $is_hp_exist = true; } else { sql_query("update {$g5['member_table']} set mb_name='".addslashes($bk_name)."', mb_hp='$bk_hp', mb_sms='$bk_receipt' where mb_id='{$res['mb_id']}'", false); @@ -136,5 +137,4 @@ else // 등록 } $go_url = './num_book.php?page='.$page.'&bg_no='.$get_bg_no.'&ap='.$ap; -goto_url($go_url); -?> \ No newline at end of file +goto_url($go_url); \ No newline at end of file diff --git a/adm/sms_admin/num_book_write.php b/adm/sms_admin/num_book_write.php index 665673472..7890ee90f 100644 --- a/adm/sms_admin/num_book_write.php +++ b/adm/sms_admin/num_book_write.php @@ -3,8 +3,11 @@ $sub_menu = "900800"; include_once("./_common.php"); $colspan = 4; +$bk_no = isset($_REQUEST['bk_no']) ? (int) $_REQUEST['bk_no'] : 0; +$bg_no = isset($_REQUEST['bg_no']) ? (int) $_REQUEST['bg_no'] : 0; +$ap = isset($_REQUEST['ap']) ? clean_xss_tags($_REQUEST['ap'], 1, 1) : ''; -auth_check($auth[$sub_menu], "r"); +auth_check_menu($auth, $sub_menu, "r"); $g5['title'] = "휴대폰번호 "; @@ -184,12 +187,12 @@ function book_submit(){ var $check_msg = $("#hp_check_el"); if( !list_text ){ // 중복 휴대폰 번호가 없다면 submit - if($check_msg.size()> 0) + if($check_msg.length > 0) $check_msg.remove(); is_submit = true; } else { - if($check_msg.size() < 1) + if($check_msg.length < 1) $("input#bk_hp").after("

      이 번호를 쓰는 회원 정보

        "); $("#hp_check_el").find("ul").html( list_text ); @@ -210,5 +213,4 @@ function book_submit(){ } \ No newline at end of file +include_once(G5_ADMIN_PATH.'/admin.tail.php'); \ No newline at end of file diff --git a/adm/sms_admin/num_group.php b/adm/sms_admin/num_group.php index 2da088f9c..880774b2e 100644 --- a/adm/sms_admin/num_group.php +++ b/adm/sms_admin/num_group.php @@ -2,7 +2,7 @@ $sub_menu = "900700"; include_once("./_common.php"); -auth_check($auth[$sub_menu], "r"); +auth_check_menu($auth, $sub_menu, "r"); $g5['title'] = "휴대폰번호 그룹"; @@ -77,8 +77,8 @@ function num_group_submit(f) 건수
        • - - + +
        @@ -185,5 +185,4 @@ function num_group_submit(f) \ No newline at end of file +include_once(G5_ADMIN_PATH.'/admin.tail.php'); \ No newline at end of file diff --git a/adm/sms_admin/num_group_move.php b/adm/sms_admin/num_group_move.php index 733585c16..689fdcd37 100644 --- a/adm/sms_admin/num_group_move.php +++ b/adm/sms_admin/num_group_move.php @@ -3,12 +3,18 @@ $sub_menu = "900700"; include_once("./_common.php"); -auth_check($auth[$sub_menu], "w"); +$bk_no = isset($_REQUEST['bk_no']) ? (int) $_REQUEST['bk_no'] : 0; +$bg_no = isset($_REQUEST['bg_no']) ? (int) $_REQUEST['bg_no'] : 0; +$move_no = isset($_REQUEST['move_no']) ? (int) $_REQUEST['move_no'] : 0; + +auth_check_menu($auth, $sub_menu, "w"); $res = sql_fetch("select * from {$g5['sms5_book_group_table']} where bg_no='$bg_no'"); -sql_query("update {$g5['sms5_book_group_table']} set bg_count = bg_count + {$res['bg_count']}, bg_member = bg_member + {$res['bg_member']}, bg_nomember = bg_nomember + {$res['bg_nomember']}, bg_receipt = bg_receipt + {$res['bg_receipt']}, bg_reject = bg_reject + {$res['bg_reject']} where bg_no='$move_no'"); -sql_query("update {$g5['sms5_book_group_table']} set bg_count = 0, bg_member = 0, bg_nomember = 0, bg_receipt = 0, bg_reject = 0 where bg_no='$bg_no'"); -sql_query("update {$g5['sms5_book_table']} set bg_no='$move_no' where bg_no='$bg_no'"); -goto_url('./num_group.php'); -?> \ No newline at end of file +if( $res ) { + sql_query("update {$g5['sms5_book_group_table']} set bg_count = bg_count + {$res['bg_count']}, bg_member = bg_member + {$res['bg_member']}, bg_nomember = bg_nomember + {$res['bg_nomember']}, bg_receipt = bg_receipt + {$res['bg_receipt']}, bg_reject = bg_reject + {$res['bg_reject']} where bg_no='$move_no'"); + sql_query("update {$g5['sms5_book_group_table']} set bg_count = 0, bg_member = 0, bg_nomember = 0, bg_receipt = 0, bg_reject = 0 where bg_no='$bg_no'"); + sql_query("update {$g5['sms5_book_table']} set bg_no='$move_no' where bg_no='$bg_no'"); +} + +goto_url('./num_group.php'); \ No newline at end of file diff --git a/adm/sms_admin/num_group_update.php b/adm/sms_admin/num_group_update.php index dffeab6ee..abd3407b0 100644 --- a/adm/sms_admin/num_group_update.php +++ b/adm/sms_admin/num_group_update.php @@ -2,16 +2,18 @@ $sub_menu = "900700"; include_once("./_common.php"); -auth_check($auth[$sub_menu], "w"); +$post_chk = (isset($_POST['chk']) && is_array($_POST['chk'])) ? $_POST['chk'] : array(); + +auth_check_menu($auth, $sub_menu, "w"); if ($w == 'u') // 업데이트 { - for ($i=0; $i \ No newline at end of file +goto_url('./num_group.php'); \ No newline at end of file diff --git a/adm/sms_admin/number_move_update.php b/adm/sms_admin/number_move_update.php index 76ad32fcb..f1925645f 100644 --- a/adm/sms_admin/number_move_update.php +++ b/adm/sms_admin/number_move_update.php @@ -1,12 +1,14 @@ 돌아가기 -HEREDOC; -?> \ No newline at end of file +HEREDOC; \ No newline at end of file diff --git a/adm/sms_admin/sms_write.php b/adm/sms_admin/sms_write.php index 77754a97c..c09090e2a 100644 --- a/adm/sms_admin/sms_write.php +++ b/adm/sms_admin/sms_write.php @@ -2,7 +2,11 @@ $sub_menu = "900300"; include_once("./_common.php"); -auth_check($auth[$sub_menu], "r"); +auth_check_menu($auth, $sub_menu, "r"); + +$wr_no = isset($_REQUEST['wr_no']) ? (int) $_REQUEST['wr_no'] : 0; +$bk_no = isset($_REQUEST['bk_no']) ? (int) $_REQUEST['bk_no'] : 0; +$fo_no = isset($_REQUEST['fo_no']) ? (int) $_REQUEST['fo_no'] : 0; $g5['title'] = "문자 보내기"; @@ -10,7 +14,7 @@ include_once(G5_ADMIN_PATH.'/admin.head.php'); ?>
        - 회원정보 최근 업데이트 : + 회원정보 최근 업데이트 :
        - +
        @@ -831,5 +835,4 @@ var sms_obj={ \ No newline at end of file +include_once(G5_ADMIN_PATH.'/admin.tail.php'); \ No newline at end of file diff --git a/adm/sms_admin/sms_write_form.php b/adm/sms_admin/sms_write_form.php index 103535b5e..f9421d9f4 100644 --- a/adm/sms_admin/sms_write_form.php +++ b/adm/sms_admin/sms_write_form.php @@ -6,9 +6,9 @@ $qry = sql_query("select * from {$g5['sms5_form_group_table']} order by fg_name" while ($res = sql_fetch_array($qry)) array_push($group, $res); $res = sql_fetch("select count(*) as cnt from `{$g5['sms5_form_table']}` where fg_no=0"); -$no_count = $res['cnt']; +$no_count = isset($res['cnt']) ? $res['cnt'] : 0; -$fg_no = isset($fg_no) ? (int) $fg_no : ''; +$fg_no = isset($_REQUEST['fg_no']) ? (int) $_REQUEST['fg_no'] : 0; ?>
        diff --git a/adm/sms_admin/sms_write_overlap_check.php b/adm/sms_admin/sms_write_overlap_check.php index 100ed6ba3..8dc7f7722 100644 --- a/adm/sms_admin/sms_write_overlap_check.php +++ b/adm/sms_admin/sms_write_overlap_check.php @@ -2,12 +2,14 @@ $sub_menu = "900300"; include_once("./_common.php"); -auth_check($auth[$sub_menu], "w"); +auth_check_menu($auth, $sub_menu, "w"); $list = $hps = array(); $overlap = 0; +$send_list = isset($_REQUEST['send_list']) ? clean_xss_tags($_REQUEST['send_list'], 1, 1) : ''; + if( !$send_list ){ die("넘어온 데이터 값이 없습니다."); } @@ -65,5 +67,4 @@ while ($row = array_shift($send_list)) if ($overlap) die("중복되는 휴대폰번호가 $overlap 건 있습니다. "); else - die("중복되는 휴대폰번호가 없습니다. "); -?> \ No newline at end of file + die("중복되는 휴대폰번호가 없습니다. "); \ No newline at end of file diff --git a/adm/sms_admin/sms_write_send.php b/adm/sms_admin/sms_write_send.php index e88bdae46..9cd072f08 100644 --- a/adm/sms_admin/sms_write_send.php +++ b/adm/sms_admin/sms_write_send.php @@ -2,7 +2,7 @@ $sub_menu = "900300"; include_once("./_common.php"); -auth_check($auth[$sub_menu], "w"); +auth_check_menu($auth, $sub_menu, "w"); check_admin_token(); @@ -24,8 +24,15 @@ if ( ! (($config['cf_icode_id'] && $config['cf_icode_pw']) || $config['cf_icode_ alert('아이코드 설정값이 존재하지 않습니다.'); } -$wr_reply = preg_replace('#[^0-9\-]#', '', trim($wr_reply)); -$wr_message = clean_xss_tags(trim($wr_message)); +$wr_reply = isset($_REQUEST['wr_reply']) ? preg_replace('#[^0-9\-]#', '', trim($_REQUEST['wr_reply'])) : ''; +$wr_message = isset($_REQUEST['wr_message']) ? clean_xss_tags(trim($_REQUEST['wr_message'])) : ''; +$send_list = isset($_REQUEST['send_list']) ? clean_xss_tags(trim($_REQUEST['send_list']), 1, 1) : ''; + +$wr_by = isset($_REQUEST['wr_by']) ? clean_xss_tags(trim($_REQUEST['wr_by']), 1, 1) : ''; +$wr_bm = isset($_REQUEST['wr_bm']) ? clean_xss_tags(trim($_REQUEST['wr_bm']), 1, 1) : ''; +$wr_bd = isset($_REQUEST['wr_bd']) ? clean_xss_tags(trim($_REQUEST['wr_bd']), 1, 1) : ''; +$wr_bh = isset($_REQUEST['wr_bh']) ? clean_xss_tags(trim($_REQUEST['wr_bh']), 1, 1) : ''; +$wr_bi = isset($_REQUEST['wr_bi']) ? clean_xss_tags(trim($_REQUEST['wr_bi']), 1, 1) : ''; if (!$wr_reply) win_close_alert('회신 번호를 숫자, - 로 입력해주세요.'); @@ -359,5 +366,4 @@ function win_close_alert($msg) { location.href = 'history_view.php?wr_no='; \ No newline at end of file +include_once(G5_ADMIN_PATH.'/admin.tail.php'); \ No newline at end of file diff --git a/adm/theme.php b/adm/theme.php index 32eb294eb..ceeea78c5 100644 --- a/adm/theme.php +++ b/adm/theme.php @@ -75,5 +75,4 @@ include_once('./admin.head.php'); \ No newline at end of file +include_once ('./admin.tail.php'); \ No newline at end of file diff --git a/adm/theme_config_load.php b/adm/theme_config_load.php index a19a2a293..24c807bed 100644 --- a/adm/theme_config_load.php +++ b/adm/theme_config_load.php @@ -6,7 +6,7 @@ include_once(G5_LIB_PATH.'/json.lib.php'); $data = array(); $data['error'] = ''; -$data['error'] = auth_check($auth[$sub_menu], 'w', true); +$data['error'] = auth_check_menu($auth, $sub_menu, 'w', true); if($data['error']) die(json_encode($data)); @@ -74,5 +74,4 @@ if($type == 'board') { $data['error'] = '적용할 기본환경 회원스킨 설정이 없습니다.'; } -die(json_encode($data)); -?> \ No newline at end of file +die(json_encode($data)); \ No newline at end of file diff --git a/adm/theme_preview.php b/adm/theme_preview.php index 559db4e63..e281009fa 100644 --- a/adm/theme_preview.php +++ b/adm/theme_preview.php @@ -11,7 +11,7 @@ if(!$theme || !in_array($theme, $theme_dir)) $info = get_theme_info($theme); $arr_mode = array('index', 'list', 'view'); -$mode = substr(strip_tags($_GET['mode']), 0, 20); +$mode = isset($_GET['mode']) ? substr(strip_tags($_GET['mode']), 0, 20) : ''; if(!in_array($mode, $arr_mode)) $mode = 'index'; @@ -114,5 +114,4 @@ require_once(G5_PATH.'/head.sub.php'); \ No newline at end of file +require_once(G5_PATH.'/tail.sub.php'); \ No newline at end of file diff --git a/adm/theme_update.php b/adm/theme_update.php index 4749fb893..8804a9f9d 100644 --- a/adm/theme_update.php +++ b/adm/theme_update.php @@ -7,10 +7,13 @@ if ($is_admin != 'super') admin_referer_check(); -$theme = trim($_POST['theme']); +$theme = isset($_POST['theme']) ? trim($_POST['theme']) : ''; +$post_type = isset($_POST['type']) ? clean_xss_tags($_POST['type'], 1, 1) : ''; +$post_set_default_skin = isset($_POST['set_default_skin']) ? clean_xss_tags($_POST['set_default_skin'], 1, 1) : ''; + $theme_dir = get_theme_dir(); -if($_POST['type'] == 'reset') { +if($post_type == 'reset') { $sql = " update {$g5['config_table']} set cf_theme = '' "; sql_query($sql); die(''); @@ -24,7 +27,7 @@ $sql = " update {$g5['config_table']} set cf_theme = '$theme' "; sql_query($sql); // 테마 설정 스킨 적용 -if($_POST['set_default_skin'] == 1) { +if($post_set_default_skin == 1) { $keys = 'set_default_skin, cf_member_skin, cf_mobile_member_skin, cf_new_skin, cf_mobile_new_skin, cf_search_skin, cf_mobile_search_skin, cf_connect_skin, cf_mobile_connect_skin, cf_faq_skin, cf_mobile_faq_skin, qa_skin, qa_mobile_skin'; $tconfig = get_theme_config_value($theme, $keys); @@ -68,7 +71,6 @@ if($_POST['set_default_skin'] == 1) { } } -run_event('adm_theme_update', $theme, $_POST['set_default_skin']); +run_event('adm_theme_update', $theme, $post_set_default_skin); -die(''); -?> \ No newline at end of file +die(''); \ No newline at end of file diff --git a/adm/thumbnail_file_delete.php b/adm/thumbnail_file_delete.php index 47f40c918..edbb7a610 100644 --- a/adm/thumbnail_file_delete.php +++ b/adm/thumbnail_file_delete.php @@ -68,5 +68,4 @@ echo '

        썸네일 '.$cnt.'건의 ?> \ No newline at end of file +include_once('./admin.tail.php'); \ No newline at end of file diff --git a/adm/view.php b/adm/view.php index 777bd326e..057eea104 100644 --- a/adm/view.php +++ b/adm/view.php @@ -24,5 +24,4 @@ include_once ('./admin.head.php'); run_event('admin_get_page_'.$call, $arr_query, $token); -include_once ('./admin.tail.php'); -?> \ No newline at end of file +include_once ('./admin.tail.php'); \ No newline at end of file diff --git a/adm/visit_browser.php b/adm/visit_browser.php index 15cc0c297..6b2737e5c 100644 --- a/adm/visit_browser.php +++ b/adm/visit_browser.php @@ -2,7 +2,10 @@ $sub_menu = "200800"; include_once('./_common.php'); -auth_check($auth[$sub_menu], 'r'); +auth_check_menu($auth, $sub_menu, 'r'); + +$fr_date = isset($_REQUEST['fr_date']) ? preg_replace('/[^0-9 :\-]/i', '', $_REQUEST['fr_date']) : G5_TIME_YMD; +$to_date = isset($_REQUEST['to_date']) ? preg_replace('/[^0-9 :\-]/i', '', $_REQUEST['to_date']) : G5_TIME_YMD; $g5['title'] = '브라우저별 접속자집계'; include_once('./visit.sub.php'); @@ -11,6 +14,8 @@ $colspan = 5; $max = 0; $sum_count = 0; +$arr = array(); + $sql = " select * from {$g5['visit_table']} where vi_date between '{$fr_date}' and '{$to_date}' "; $result = sql_query($sql); @@ -19,7 +24,11 @@ while ($row=sql_fetch_array($result)) { if(!$s) $s = get_brow($row['vi_agent']); - $arr[$s]++; + if( isset($arr[$s]) ){ + $arr[$s]++; + } else { + $arr[$s] = 1; + } if ($arr[$s] > $max) $max = $arr[$s]; @@ -93,5 +102,4 @@ while ($row=sql_fetch_array($result)) {

        +include_once('./admin.tail.php'); \ No newline at end of file diff --git a/adm/visit_date.php b/adm/visit_date.php index 967f4e8e9..3b552cda5 100644 --- a/adm/visit_date.php +++ b/adm/visit_date.php @@ -2,7 +2,10 @@ $sub_menu = "200800"; include_once('./_common.php'); -auth_check($auth[$sub_menu], 'r'); +auth_check_menu($auth, $sub_menu, 'r'); + +$fr_date = isset($_REQUEST['fr_date']) ? preg_replace('/[^0-9 :\-]/i', '', $_REQUEST['fr_date']) : G5_TIME_YMD; +$to_date = isset($_REQUEST['to_date']) ? preg_replace('/[^0-9 :\-]/i', '', $_REQUEST['to_date']) : G5_TIME_YMD; $g5['title'] = '일별 접속자집계'; include_once('./visit.sub.php'); @@ -11,6 +14,8 @@ $colspan = 4; $max = 0; $sum_count = 0; +$arr = array(); + $sql = " select vs_date, vs_count as cnt from {$g5['visit_sum_table']} where vs_date between '{$fr_date}' and '{$to_date}' @@ -82,5 +87,4 @@ for ($i=0; $row=sql_fetch_array($result); $i++) {
        +include_once('./admin.tail.php'); \ No newline at end of file diff --git a/adm/visit_delete.php b/adm/visit_delete.php index 99fe62e49..16390c3ee 100644 --- a/adm/visit_delete.php +++ b/adm/visit_delete.php @@ -2,7 +2,7 @@ $sub_menu = "200820"; include_once('./_common.php'); -auth_check($auth[$sub_menu], 'r'); +auth_check_menu($auth, $sub_menu, 'r'); $g5['title'] = '접속자로그삭제'; include_once('./admin.head.php'); @@ -91,5 +91,4 @@ function form_submit(f) +include_once('./admin.tail.php'); \ No newline at end of file diff --git a/adm/visit_delete_update.php b/adm/visit_delete_update.php index 716eec63f..d19006981 100644 --- a/adm/visit_delete_update.php +++ b/adm/visit_delete_update.php @@ -4,7 +4,7 @@ include_once('./_common.php'); check_demo(); -auth_check($auth[$sub_menu], 'd'); +auth_check_menu($auth, $sub_menu, 'd'); if ($is_admin != 'super') alert('최고관리자만 접근 가능합니다.'); @@ -56,5 +56,4 @@ $sql = " select count(*) as cnt from {$g5['visit_table']} "; $row = sql_fetch($sql); $total_count2 = $row['cnt']; -alert('총 '.number_format($total_count).'건 중 '.number_format($total_count - $total_count2).'건 삭제 완료', './visit_delete.php'); -?> \ No newline at end of file +alert('총 '.number_format($total_count).'건 중 '.number_format($total_count - $total_count2).'건 삭제 완료', './visit_delete.php'); \ No newline at end of file diff --git a/adm/visit_device.php b/adm/visit_device.php index df2362bcd..2fed093dc 100644 --- a/adm/visit_device.php +++ b/adm/visit_device.php @@ -2,7 +2,10 @@ $sub_menu = "200800"; include_once('./_common.php'); -auth_check($auth[$sub_menu], 'r'); +auth_check_menu($auth, $sub_menu, 'r'); + +$fr_date = isset($_REQUEST['fr_date']) ? preg_replace('/[^0-9 :\-]/i', '', $_REQUEST['fr_date']) : G5_TIME_YMD; +$to_date = isset($_REQUEST['to_date']) ? preg_replace('/[^0-9 :\-]/i', '', $_REQUEST['to_date']) : G5_TIME_YMD; $g5['title'] = '기기별 접속자집계'; include_once('./visit.sub.php'); @@ -11,6 +14,8 @@ $colspan = 5; $max = 0; $sum_count = 0; +$arr = array(); + $sql = " select * from {$g5['visit_table']} where vi_date between '$fr_date' and '$to_date' "; $result = sql_query($sql); @@ -19,7 +24,11 @@ while ($row=sql_fetch_array($result)) { if(!$s) $s = '기타'; - $arr[$s]++; + if( isset($arr[$s]) ){ + $arr[$s]++; + } else { + $arr[$s] = 1; + } if ($arr[$s] > $max) $max = $arr[$s]; @@ -97,5 +106,4 @@ while ($row=sql_fetch_array($result)) { +include_once('./admin.tail.php'); \ No newline at end of file diff --git a/adm/visit_domain.php b/adm/visit_domain.php index 348a87c63..81e9b6801 100644 --- a/adm/visit_domain.php +++ b/adm/visit_domain.php @@ -2,7 +2,10 @@ $sub_menu = "200800"; include_once('./_common.php'); -auth_check($auth[$sub_menu], 'r'); +auth_check_menu($auth, $sub_menu, 'r'); + +$fr_date = isset($_REQUEST['fr_date']) ? preg_replace('/[^0-9 :\-]/i', '', $_REQUEST['fr_date']) : G5_TIME_YMD; +$to_date = isset($_REQUEST['to_date']) ? preg_replace('/[^0-9 :\-]/i', '', $_REQUEST['to_date']) : G5_TIME_YMD; $g5['title'] = '도메인별 접속자집계'; include_once('./visit.sub.php'); @@ -11,15 +14,22 @@ $colspan = 5; $max = 0; $sum_count = 0; +$arr = array(); + $sql = " select * from {$g5['visit_table']} where vi_date between '{$fr_date}' and '{$to_date}' "; $result = sql_query($sql); while ($row=sql_fetch_array($result)) { $str = $row['vi_referer']; preg_match("/^http[s]*:\/\/([\.\-\_0-9a-zA-Z]*)\//", $str, $match); - $s = $match[1]; + $s = isset($match[1]) ? $match[1] : 0; $s = preg_replace("/^(www\.|search\.|dirsearch\.|dir\.search\.|dir\.|kr\.search\.|myhome\.)(.*)/", "\\2", $s); - $arr[$s]++; + + if( isset($arr[$s]) ){ + $arr[$s]++; + } else { + $arr[$s] = 1; + } if ($arr[$s] > $max) $max = $arr[$s]; @@ -100,5 +110,4 @@ while ($row=sql_fetch_array($result)) { +include_once('./admin.tail.php'); \ No newline at end of file diff --git a/adm/visit_hour.php b/adm/visit_hour.php index ba4f13479..e13392221 100644 --- a/adm/visit_hour.php +++ b/adm/visit_hour.php @@ -2,7 +2,10 @@ $sub_menu = "200800"; include_once('./_common.php'); -auth_check($auth[$sub_menu], 'r'); +auth_check_menu($auth, $sub_menu, 'r'); + +$fr_date = isset($_REQUEST['fr_date']) ? preg_replace('/[^0-9 :\-]/i', '', $_REQUEST['fr_date']) : G5_TIME_YMD; +$to_date = isset($_REQUEST['to_date']) ? preg_replace('/[^0-9 :\-]/i', '', $_REQUEST['to_date']) : G5_TIME_YMD; $g5['title'] = '시간별 접속자집계'; include_once('./visit.sub.php'); @@ -11,6 +14,8 @@ $colspan = 4; $max = 0; $sum_count = 0; +$arr = array(); + $sql = " select SUBSTRING(vi_time,1,2) as vi_hour, count(vi_id) as cnt from {$g5['visit_table']} where vi_date between '{$fr_date}' and '{$to_date}' @@ -50,7 +55,7 @@ for ($i=0; $row=sql_fetch_array($result); $i++) { if ($i) { for ($i=0; $i<24; $i++) { $hour = sprintf("%02d", $i); - $count = (int)$arr[$hour]; + $count = isset($arr[$hour]) ? (int) $arr[$hour] : 0; $rate = ($count / $sum_count * 100); $s_rate = number_format($rate, 1); @@ -78,5 +83,4 @@ for ($i=0; $row=sql_fetch_array($result); $i++) { +include_once('./admin.tail.php'); \ No newline at end of file diff --git a/adm/visit_list.php b/adm/visit_list.php index 46744e99f..54a313edf 100644 --- a/adm/visit_list.php +++ b/adm/visit_list.php @@ -2,7 +2,10 @@ $sub_menu = "200800"; include_once('./_common.php'); -auth_check($auth[$sub_menu], 'r'); +auth_check_menu($auth, $sub_menu, 'r'); + +$fr_date = isset($_REQUEST['fr_date']) ? preg_replace('/[^0-9 :\-]/i', '', $_REQUEST['fr_date']) : G5_TIME_YMD; +$to_date = isset($_REQUEST['to_date']) ? preg_replace('/[^0-9 :\-]/i', '', $_REQUEST['to_date']) : G5_TIME_YMD; $g5['title'] = '접속자집계'; include_once('./visit.sub.php'); @@ -114,5 +117,4 @@ $qstr .= "&page="; $pagelist = get_paging($config['cf_write_pages'], $page, $total_page, "{$_SERVER['SCRIPT_NAME']}?$qstr"); echo $pagelist; -include_once('./admin.tail.php'); -?> +include_once('./admin.tail.php'); \ No newline at end of file diff --git a/adm/visit_month.php b/adm/visit_month.php index 5524f74c0..390419f1c 100644 --- a/adm/visit_month.php +++ b/adm/visit_month.php @@ -2,7 +2,10 @@ $sub_menu = "200800"; include_once('./_common.php'); -auth_check($auth[$sub_menu], 'r'); +auth_check_menu($auth, $sub_menu, 'r'); + +$fr_date = isset($_REQUEST['fr_date']) ? preg_replace('/[^0-9 :\-]/i', '', $_REQUEST['fr_date']) : G5_TIME_YMD; +$to_date = isset($_REQUEST['to_date']) ? preg_replace('/[^0-9 :\-]/i', '', $_REQUEST['to_date']) : G5_TIME_YMD; $g5['title'] = '월별 접속자집계'; include_once('./visit.sub.php'); @@ -11,6 +14,8 @@ $colspan = 4; $max = 0; $sum_count = 0; +$arr = array(); + $sql = " select SUBSTRING(vs_date,1,7) as vs_month, SUM(vs_count) as cnt from {$g5['visit_sum_table']} where vs_date between '{$fr_date}' and '{$to_date}' @@ -86,5 +91,4 @@ for ($i=0; $row=sql_fetch_array($result); $i++) { +include_once('./admin.tail.php'); \ No newline at end of file diff --git a/adm/visit_os.php b/adm/visit_os.php index 183604ab5..17fb7ed13 100644 --- a/adm/visit_os.php +++ b/adm/visit_os.php @@ -2,7 +2,10 @@ $sub_menu = "200800"; include_once('./_common.php'); -auth_check($auth[$sub_menu], 'r'); +auth_check_menu($auth, $sub_menu, 'r'); + +$fr_date = isset($_REQUEST['fr_date']) ? preg_replace('/[^0-9 :\-]/i', '', $_REQUEST['fr_date']) : G5_TIME_YMD; +$to_date = isset($_REQUEST['to_date']) ? preg_replace('/[^0-9 :\-]/i', '', $_REQUEST['to_date']) : G5_TIME_YMD; $g5['title'] = 'OS별 접속자집계'; include_once('./visit.sub.php'); @@ -11,6 +14,8 @@ $colspan = 5; $max = 0; $sum_count = 0; +$arr = array(); + $sql = " select * from {$g5['visit_table']} where vi_date between '$fr_date' and '$to_date' "; $result = sql_query($sql); @@ -19,7 +24,11 @@ while ($row=sql_fetch_array($result)) { if(!$s) $s = get_os($row['vi_agent']); - $arr[$s]++; + if( isset($arr[$s]) ){ + $arr[$s]++; + } else { + $arr[$s] = 1; + } if ($arr[$s] > $max) $max = $arr[$s]; @@ -97,5 +106,4 @@ while ($row=sql_fetch_array($result)) { +include_once('./admin.tail.php'); \ No newline at end of file diff --git a/adm/visit_search.php b/adm/visit_search.php index 524f2026f..21b803d4e 100644 --- a/adm/visit_search.php +++ b/adm/visit_search.php @@ -3,7 +3,7 @@ $sub_menu = '200810'; include_once('./_common.php'); include_once(G5_PATH.'/lib/visit.lib.php'); -auth_check($auth[$sub_menu], 'r'); +auth_check_menu($auth, $sub_menu, 'r'); $g5['title'] = '접속자검색'; include_once('./admin.head.php'); @@ -122,6 +122,7 @@ if(isset($sfl) && $sfl && !in_array($sfl, array('vi_ip','vi_date','vi_time','vi_ +include_once('./admin.tail.php'); \ No newline at end of file diff --git a/adm/visit_week.php b/adm/visit_week.php index 5ebccac2d..036e20844 100644 --- a/adm/visit_week.php +++ b/adm/visit_week.php @@ -2,7 +2,10 @@ $sub_menu = "200800"; include_once('./_common.php'); -auth_check($auth[$sub_menu], 'r'); +auth_check_menu($auth, $sub_menu, 'r'); + +$fr_date = isset($_REQUEST['fr_date']) ? preg_replace('/[^0-9 :\-]/i', '', $_REQUEST['fr_date']) : G5_TIME_YMD; +$to_date = isset($_REQUEST['to_date']) ? preg_replace('/[^0-9 :\-]/i', '', $_REQUEST['to_date']) : G5_TIME_YMD; $g5['title'] = '요일별 접속자집계'; include_once('./visit.sub.php'); @@ -11,6 +14,8 @@ $colspan = 4; $weekday = array ('월', '화', '수', '목', '금', '토', '일'); $sum_count = 0; +$arr = array(); + $sql = " select WEEKDAY(vs_date) as weekday_date, SUM(vs_count) as cnt from {$g5['visit_sum_table']} where vs_date between '{$fr_date}' and '{$to_date}' @@ -47,7 +52,7 @@ for ($i=0; $row=sql_fetch_array($result); $i++) { $k = 0; if ($i) { for ($i=0; $i<7; $i++) { - $count = (int)$arr[$i]; + $count = isset($arr[$i]) ? (int) $arr[$i] : 0; $rate = ($count / $sum_count * 100); $s_rate = number_format($rate, 1); @@ -77,5 +82,4 @@ for ($i=0; $row=sql_fetch_array($result); $i++) { +include_once('./admin.tail.php'); \ No newline at end of file diff --git a/adm/visit_year.php b/adm/visit_year.php index 1d42e1512..226fe962c 100644 --- a/adm/visit_year.php +++ b/adm/visit_year.php @@ -2,7 +2,10 @@ $sub_menu = "200800"; include_once('./_common.php'); -auth_check($auth[$sub_menu], 'r'); +auth_check_menu($auth, $sub_menu, 'r'); + +$fr_date = isset($_REQUEST['fr_date']) ? preg_replace('/[^0-9 :\-]/i', '', $_REQUEST['fr_date']) : G5_TIME_YMD; +$to_date = isset($_REQUEST['to_date']) ? preg_replace('/[^0-9 :\-]/i', '', $_REQUEST['to_date']) : G5_TIME_YMD; $g5['title'] = '연도별 접속자집계'; include_once('./visit.sub.php'); @@ -11,6 +14,8 @@ $colspan = 4; $max = 0; $sum_count = 0; +$arr = array(); + $sql = " select SUBSTRING(vs_date,1,4) as vs_year, SUM(vs_count) as cnt from {$g5['visit_sum_table']} where vs_date between '{$fr_date}' and '{$to_date}' @@ -82,5 +87,4 @@ for ($i=0; $row=sql_fetch_array($result); $i++) { +include_once('./admin.tail.php'); \ No newline at end of file diff --git a/adm/write_count.php b/adm/write_count.php index c37271627..fe6f12732 100644 --- a/adm/write_count.php +++ b/adm/write_count.php @@ -4,11 +4,14 @@ include_once('./_common.php'); check_demo(); -auth_check($auth[$sub_menu], 'r'); +auth_check_menu($auth, $sub_menu, 'r'); $g5['title'] = '글,댓글 현황'; include_once ('./admin.head.php'); +$graph = isset($_GET['graph']) ? clean_xss_tags($_GET['graph'], 1, 1) : ''; +$period = isset($_GET['period']) ? clean_xss_tags($_GET['period'], 1, 1) : ''; + // http://www.jqplot.com/ add_stylesheet('', 1); add_javascript('', 1); @@ -75,6 +78,8 @@ $sql_bo_table = ''; if ($bo_table) $sql_bo_table = "and bo_table = '$bo_table'"; +$line1 = $line2 = array(); + switch ($day) { case '시간' : $sql = " select substr(bn_datetime,6,8) as hours, sum(if(wr_id=wr_parent,1,0)) as wcount, sum(if(wr_id=wr_parent,0,1)) as ccount from {$g5['board_new_table']} where substr(bn_datetime,1,10) between '$from' and '$to' {$sql_bo_table} group by hours order by bn_datetime "; @@ -175,8 +180,8 @@ if (empty($line1) || empty($line2)) {
        +include_once('./_tail.php'); \ No newline at end of file diff --git a/bbs/register_email_update.php b/bbs/register_email_update.php index ec6a5672d..0dda117d9 100644 --- a/bbs/register_email_update.php +++ b/bbs/register_email_update.php @@ -3,8 +3,8 @@ include_once('./_common.php'); include_once(G5_CAPTCHA_PATH.'/captcha.lib.php'); include_once(G5_LIB_PATH.'/mailer.lib.php'); -$mb_id = substr(clean_xss_tags($_POST['mb_id']), 0, 20); -$mb_email = get_email_address(trim($_POST['mb_email'])); +$mb_id = isset($_POST['mb_id']) ? substr(clean_xss_tags($_POST['mb_id']), 0, 20) : ''; +$mb_email = isset($_POST['mb_email']) ? get_email_address(trim($_POST['mb_email'])) : ''; if(!$mb_id || !$mb_email) alert('올바른 방법으로 이용해 주십시오.', G5_URL); @@ -47,5 +47,4 @@ mailer($config['cf_admin_email_name'], $config['cf_admin_email'], $mb_email, $su $sql = " update {$g5['member_table']} set mb_email = '$mb_email' where mb_id = '$mb_id' "; sql_query($sql); -alert("인증메일을 {$mb_email} 메일로 다시 보내 드렸습니다.\\n\\n잠시후 {$mb_email} 메일을 확인하여 주십시오.", G5_URL); -?> \ No newline at end of file +alert("인증메일을 {$mb_email} 메일로 다시 보내 드렸습니다.\\n\\n잠시후 {$mb_email} 메일을 확인하여 주십시오.", G5_URL); \ No newline at end of file diff --git a/bbs/register_form.php b/bbs/register_form.php index 321e4dea8..c79046575 100644 --- a/bbs/register_form.php +++ b/bbs/register_form.php @@ -14,7 +14,7 @@ set_session("ss_cert_type", ""); $is_social_login_modify = false; -if( $provider && function_exists('social_nonce_is_valid') ){ //모바일로 소셜 연결을 했다면 +if( isset($_REQUEST['provider']) && $_REQUEST['provider'] && function_exists('social_nonce_is_valid') ){ //모바일로 소셜 연결을 했다면 if( social_nonce_is_valid(get_session("social_link_token"), $provider) ){ //토큰값이 유효한지 체크 $w = 'u'; //회원 수정으로 처리 $_POST['mb_id'] = $member['mb_id']; @@ -87,7 +87,7 @@ if ($w == "") { if (isset($_POST['mb_password'])) { // 수정된 정보를 업데이트후 되돌아 온것이라면 비밀번호가 암호화 된채로 넘어온것임 - if ($_POST['is_update']) { + if (isset($_POST['is_update']) && $_POST['is_update']) { $tmp_password = $_POST['mb_password']; $pass_check = ($member['mb_password'] === $tmp_password); } else { @@ -144,8 +144,8 @@ $req_nick = !isset($member['mb_nick_date']) || (isset($member['mb_nick_date']) & $required = ($w=='') ? 'required' : ''; $readonly = ($w=='u') ? 'readonly' : ''; -$agree = preg_replace('#[^0-9]#', '', $agree); -$agree2 = preg_replace('#[^0-9]#', '', $agree2); +$agree = isset($_REQUEST['agree']) ? preg_replace('#[^0-9]#', '', $_REQUEST['agree']) : ''; +$agree2 = isset($_REQUEST['agree2']) ? preg_replace('#[^0-9]#', '', $_REQUEST['agree2']) : ''; // add_javascript('js 구문', 출력순서); 숫자가 작을 수록 먼저 출력됨 if ($config['cf_use_addr']) @@ -155,5 +155,4 @@ include_once($member_skin_path.'/register_form.skin.php'); run_event('register_form_after', $w, $agree, $agree2); -include_once('./_tail.php'); -?> \ No newline at end of file +include_once('./_tail.php'); \ No newline at end of file diff --git a/bbs/register_form_update.php b/bbs/register_form_update.php index c68a33687..d109b53cc 100644 --- a/bbs/register_form_update.php +++ b/bbs/register_form_update.php @@ -24,18 +24,18 @@ if (!chk_captcha()) { if($w == 'u') $mb_id = isset($_SESSION['ss_mb_id']) ? trim($_SESSION['ss_mb_id']) : ''; else if($w == '') - $mb_id = trim($_POST['mb_id']); + $mb_id = isset($_POST['mb_id']) ? trim($_POST['mb_id']) : ''; else alert('잘못된 접근입니다', G5_URL); if(!$mb_id) alert('회원아이디 값이 없습니다. 올바른 방법으로 이용해 주십시오.'); -$mb_password = trim($_POST['mb_password']); -$mb_password_re = trim($_POST['mb_password_re']); -$mb_name = trim($_POST['mb_name']); -$mb_nick = trim($_POST['mb_nick']); -$mb_email = trim($_POST['mb_email']); +$mb_password = isset($_POST['mb_password']) ? trim($_POST['mb_password']) : ''; +$mb_password_re = isset($_POST['mb_password_re']) ? trim($_POST['mb_password_re']) : ''; +$mb_name = isset($_POST['mb_name']) ? trim($_POST['mb_name']) : ''; +$mb_nick = isset($_POST['mb_name']) ? trim($_POST['mb_nick']) : ''; +$mb_email = isset($_POST['mb_name']) ? trim($_POST['mb_email']) : ''; $mb_sex = isset($_POST['mb_sex']) ? trim($_POST['mb_sex']) : ""; $mb_birth = isset($_POST['mb_birth']) ? trim($_POST['mb_birth']) : ""; $mb_homepage = isset($_POST['mb_homepage']) ? trim($_POST['mb_homepage']) : ""; @@ -127,7 +127,8 @@ if ($w == '' || $w == 'u') { // 본인확인 체크 if($config['cf_cert_use'] && $config['cf_cert_req']) { - if(trim($_POST['cert_no']) != $_SESSION['ss_cert_no'] || !$_SESSION['ss_cert_no']) + $post_cert_no = isset($_POST['cert_no']) ? trim($_POST['cert_no']) : ''; + if($post_cert_no !== get_session('ss_cert_no') || ! get_session('ss_cert_no')) alert("회원가입을 위해서는 본인확인을 해주셔야 합니다."); } @@ -161,9 +162,9 @@ if ($w == '' || $w == 'u') { // 본인확인 //--------------------------------------------------------------- $mb_hp = hyphen_hp_number($mb_hp); -if($config['cf_cert_use'] && $_SESSION['ss_cert_type'] && $_SESSION['ss_cert_dupinfo']) { +if($config['cf_cert_use'] && get_session('ss_cert_type') && get_session('ss_cert_dupinfo')) { // 중복체크 - $sql = " select mb_id from {$g5['member_table']} where mb_id <> '{$member['mb_id']}' and mb_dupinfo = '{$_SESSION['ss_cert_dupinfo']}' "; + $sql = " select mb_id from {$g5['member_table']} where mb_id <> '{$member['mb_id']}' and mb_dupinfo = '".get_session('ss_cert_dupinfo')."' "; $row = sql_fetch($sql); if ($row['mb_id']) { alert("입력하신 본인확인 정보로 가입된 내역이 존재합니다.\\n회원아이디 : ".$row['mb_id']); @@ -171,17 +172,17 @@ if($config['cf_cert_use'] && $_SESSION['ss_cert_type'] && $_SESSION['ss_cert_dup } $sql_certify = ''; -$md5_cert_no = $_SESSION['ss_cert_no']; -$cert_type = $_SESSION['ss_cert_type']; +$md5_cert_no = get_session('ss_cert_no'); +$cert_type = get_session('ss_cert_type'); if ($config['cf_cert_use'] && $cert_type && $md5_cert_no) { // 해시값이 같은 경우에만 본인확인 값을 저장한다. - if ($_SESSION['ss_cert_hash'] == md5($mb_name.$cert_type.$_SESSION['ss_cert_birth'].$md5_cert_no)) { + if (get_session('ss_cert_hash') == md5($mb_name.$cert_type.get_session('ss_cert_birth').$md5_cert_no)) { $sql_certify .= " , mb_hp = '{$mb_hp}' "; $sql_certify .= " , mb_certify = '{$cert_type}' "; - $sql_certify .= " , mb_adult = '{$_SESSION['ss_cert_adult']}' "; - $sql_certify .= " , mb_birth = '{$_SESSION['ss_cert_birth']}' "; - $sql_certify .= " , mb_sex = '{$_SESSION['ss_cert_sex']}' "; - $sql_certify .= " , mb_dupinfo = '{$_SESSION['ss_cert_dupinfo']}' "; + $sql_certify .= " , mb_adult = '".get_session('ss_cert_adult')."' "; + $sql_certify .= " , mb_birth = '".get_session('ss_cert_birth')."' "; + $sql_certify .= " , mb_sex = '".get_session('ss_cert_sex')."' "; + $sql_certify .= " , mb_dupinfo = '".get_session('ss_cert_dupinfo')."' "; if($w == 'u') $sql_certify .= " , mb_name = '{$mb_name}' "; } else { @@ -304,7 +305,7 @@ if ($w == '') { set_session('ss_mb_reg', $mb_id); } else if ($w == 'u') { - if (!trim($_SESSION['ss_mb_id'])) + if (!trim(get_session('ss_mb_id'))) alert('로그인 되어 있지 않습니다.'); if (trim($_POST['mb_id']) != $mb_id) @@ -508,11 +509,11 @@ if ($config['cf_use_email_certify'] && $old_email != $mb_email) { // 사용자 코드 실행 @include_once ($member_skin_path.'/register_form_update.tail.skin.php'); -unset($_SESSION['ss_cert_type']); -unset($_SESSION['ss_cert_no']); -unset($_SESSION['ss_cert_hash']); -unset($_SESSION['ss_cert_birth']); -unset($_SESSION['ss_cert_adult']); +if(isset($_SESSION['ss_cert_type'])) unset($_SESSION['ss_cert_type']); +if(isset($_SESSION['ss_cert_no'])) unset($_SESSION['ss_cert_no']); +if(isset($_SESSION['ss_cert_hash'])) unset($_SESSION['ss_cert_hash']); +if(isset($_SESSION['ss_cert_hash'])) unset($_SESSION['ss_cert_birth']); +if(isset($_SESSION['ss_cert_hash'])) unset($_SESSION['ss_cert_adult']); if ($msg) echo ''; @@ -549,5 +550,4 @@ if ($w == '') { '; } -} -?> +} \ No newline at end of file diff --git a/bbs/register_result.php b/bbs/register_result.php index cc27753cd..cc7523794 100644 --- a/bbs/register_result.php +++ b/bbs/register_result.php @@ -11,5 +11,4 @@ if (!$mb['mb_id']) $g5['title'] = '회원가입 완료'; include_once('./_head.php'); include_once($member_skin_path.'/register_result.skin.php'); -include_once('./_tail.php'); -?> \ No newline at end of file +include_once('./_tail.php'); \ No newline at end of file diff --git a/bbs/rss.php b/bbs/rss.php index 9d6def1d0..bde5af31f 100644 --- a/bbs/rss.php +++ b/bbs/rss.php @@ -86,5 +86,4 @@ $date = date('r', strtotime($date)); } echo ''."\n"; -echo ''."\n"; -?> +echo ''."\n"; \ No newline at end of file diff --git a/bbs/scrap.php b/bbs/scrap.php index 20644214a..bc4ff4673 100644 --- a/bbs/scrap.php +++ b/bbs/scrap.php @@ -56,5 +56,4 @@ for ($i=0; $row=sql_fetch_array($result); $i++) { include_once($member_skin_path.'/scrap.skin.php'); -include_once(G5_PATH.'/tail.sub.php'); -?> +include_once(G5_PATH.'/tail.sub.php'); \ No newline at end of file diff --git a/bbs/scrap_delete.php b/bbs/scrap_delete.php index 64f83ca0a..6859caaf9 100644 --- a/bbs/scrap_delete.php +++ b/bbs/scrap_delete.php @@ -1,6 +1,8 @@ +goto_url('./scrap.php?page='.$page); \ No newline at end of file diff --git a/bbs/scrap_popin.php b/bbs/scrap_popin.php index 13e5b4cac..3ab5bef64 100644 --- a/bbs/scrap_popin.php +++ b/bbs/scrap_popin.php @@ -59,5 +59,4 @@ HEREDOC; include_once($member_skin_path.'/scrap_popin.skin.php'); -include_once(G5_PATH.'/tail.sub.php'); -?> +include_once(G5_PATH.'/tail.sub.php'); \ No newline at end of file diff --git a/bbs/scrap_popin_update.php b/bbs/scrap_popin_update.php index c1fb89399..5287d7652 100644 --- a/bbs/scrap_popin_update.php +++ b/bbs/scrap_popin_update.php @@ -36,7 +36,7 @@ if ($row['cnt']) exit; } -$wr_content = trim($_POST['wr_content']); +$wr_content = isset($_POST['wr_content']) ? trim($_POST['wr_content']) : ''; // 덧글이 넘어오고 코멘트를 쓸 권한이 있다면 if ($wr_content && ($member['mb_level'] >= $board['bo_comment_level'])) @@ -117,5 +117,4 @@ echo <<이 글을 스크랩 하였습니다.

        스크랩 확인하기 -HEREDOC; -?> +HEREDOC; \ No newline at end of file diff --git a/bbs/search.php b/bbs/search.php index 33f786bc9..3b1affbf3 100644 --- a/bbs/search.php +++ b/bbs/search.php @@ -228,7 +228,7 @@ $group_select = '
        예) 010-123-4567"); ?> - +