firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

g5 충돌 수정

Browse Source
This commit is contained in:
thisgun
2018-08-23 09:46:43 +09:00
parent 219677babb b1fc952c76
commit 5d462d55dc
34 changed files with 85 additions and 61 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
adm/board_form_update.php
View File

@ -14,11 +14,11 @@ if (!$bo_table) { alert('게시판 TABLE명은 반드시 입력하세요.'); }
if (!preg_match("/^([A-Za-z0-9_]{1,20})$/", $bo_table)) { alert('게시판 TABLE명은 공백없이 영문자, 숫자, _ 만 사용 가능합니다. (20자 이내)'); }
if (!$_POST['bo_subject']) { alert('게시판 제목을 입력하세요.'); }
$_POST['bo_include_head'] = preg_replace("#[\\\]+$#", "", substr($_POST['bo_include_head'], 0, 255));
$_POST['bo_include_tail'] = preg_replace("#[\\\]+$#", "", substr($_POST['bo_include_tail'], 0, 255));
$bo_include_head = preg_replace(array("#[\\\]+$#", "#(<\?php|<\?)#i"), "", substr($bo_include_head, 0, 255));
$bo_include_tail = preg_replace(array("#[\\\]+$#", "#(<\?php|<\?)#i"), "", substr($bo_include_tail, 0, 255));
// 관리자가 자동등록방지를 사용해야 할 경우
if ($board && ($board['bo_include_head'] !== $_POST['bo_include_head'] || $board['bo_include_tail'] !== $_POST['bo_include_tail']) && function_exists('get_admin_captcha_by') && get_admin_captcha_by()){
if ($board && ($board['bo_include_head'] !== $bo_include_head || $board['bo_include_tail'] !== $bo_include_tail) && function_exists('get_admin_captcha_by') && get_admin_captcha_by()){
include_once(G5_CAPTCHA_PATH.'/captcha.lib.php');
if (!chk_captcha()) {
@ -26,7 +26,7 @@ if ($board && ($board['bo_include_head'] !== $_POST['bo_include_head'] || $board
}
}
if ($file = $_POST['bo_include_head']) {
if ($file = $bo_include_head) {
$file_ext = pathinfo($file, PATHINFO_EXTENSION);
if( ! $file_ext || ! in_array($file_ext, array('php', 'htm', 'html')) || ! preg_match('/^.*\.(php|htm|html)$/i', $file) ) {
@ -35,7 +35,7 @@ if ($file = $_POST['bo_include_head']) {
$_POST['bo_include_head'] = $file;
}
if ($file = $_POST['bo_include_tail']) {
if ($file = $bo_include_tail) {
$file_ext = pathinfo($file, PATHINFO_EXTENSION);
if( ! $file_ext || ! in_array($file_ext, array('php', 'htm', 'html')) || ! preg_match('/^.*\.(php|htm|html)$/i', $file) ) {
@ -44,11 +44,11 @@ if ($file = $_POST['bo_include_tail']) {
$_POST['bo_include_tail'] = $file;
}
if(!is_include_path_check($_POST['bo_include_head'], 1)) {
if(!is_include_path_check($bo_include_head, 1)) {
alert('상단 파일 경로에 포함시킬수 없는 문자열이 있습니다.');
}
if(!is_include_path_check($_POST['bo_include_tail'], 1)) {
if(!is_include_path_check($bo_include_tail, 1)) {
alert('하단 파일 경로에 포함시킬수 없는 문자열이 있습니다.');
}
@ -125,8 +125,8 @@ $sql_common = " gr_id = '{$_POST['gr_id']}',
// 최고 관리자인 경우에만 수정가능
if ($is_admin === 'super'){
$sql_common .= " bo_include_head = '{$_POST['bo_include_head']}',
bo_include_tail = '{$_POST['bo_include_tail']}',
$sql_common .= " bo_include_head = '".$bo_include_head."',
bo_include_tail = '".$bo_include_tail."',
bo_content_head = '{$_POST['bo_content_head']}',
bo_content_tail = '{$_POST['bo_content_tail']}',
bo_mobile_content_head = '{$_POST['bo_mobile_content_head']}',

2
adm/boardgroup_form.php
View File

@ -12,7 +12,7 @@ $sound_only = '';
if ($w == '') {
$gr_id_attr = 'required';
$sound_only = '<strong class="sound_only"> 필수</strong>';
$gr['gr_use_access'] = 0;
$gr = array('gr_use_access' => 0);
$html_title .= ' 생성';
} else if ($w == 'u') {
$gr_id_attr = 'readonly';

4
adm/boardgroup_form_update.php
View File

@ -16,7 +16,9 @@ if (!preg_match("/^([A-Za-z0-9_]{1,10})$/", $_POST['gr_id']))
if (!$gr_subject) alert('그룹 제목을 입력하세요.');
$sql_common = " gr_subject = '{$_POST['gr_subject']}',
$gr_subject = isset($_POST['gr_subject']) ? strip_tags($_POST['gr_subject']) : '';
$sql_common = " gr_subject = '{$gr_subject}',
gr_device = '{$_POST['gr_device']}',
gr_admin = '{$_POST['gr_admin']}',
gr_1_subj = '{$_POST['gr_1_subj']}',

3
adm/boardgroup_list_update.php
View File

@ -19,10 +19,11 @@ for ($i=0; $i<$count; $i++)
{
$k = $_POST['chk'][$i];
$gr_id = $_POST['group_id'][$k];
$gr_subject = strip_tags($_POST['gr_subject'][$k]);
if($_POST['act_button'] == '선택수정') {
$sql = " update {$g5['group_table']}
set gr_subject = '{$_POST['gr_subject'][$k]}',
set gr_subject = '{$gr_subject}',
gr_device = '{$_POST['gr_device'][$k]}',
gr_admin = '{$_POST['gr_admin'][$k]}',
gr_use_access = '{$_POST['gr_use_access'][$k]}',

8
adm/contentform.php
View File

@ -49,9 +49,11 @@ if ($w == "u")
else
{
$html_title .= ' 입력';
$co['co_html'] = 2;
$co['co_skin'] = 'basic';
$co['co_mobile_skin'] = 'basic';
$co = array(
'co_html' => 2,
'co_skin' => 'basic',
'co_mobile_skin' => 'basic'
);
}
include_once (G5_ADMIN_PATH.'/admin.head.php');

6
adm/contentformupdate.php
View File

@ -20,8 +20,12 @@ if ($w == "" || $w == "u")
$co_row = sql_fetch($sql);
}
$co_subject = strip_tags($co_subject);
$co_include_head = preg_replace(array("#[\\\]+$#", "#(<\?php|<\?)#i"), "", substr($co_include_head, 0, 255));
$co_include_tail = preg_replace(array("#[\\\]+$#", "#(<\?php|<\?)#i"), "", substr($co_include_tail, 0, 255));
// 관리자가 자동등록방지를 사용해야 할 경우
if (($co_row['co_include_head'] !== $_POST['co_include_head'] || $co_row['co_include_tail'] !== $_POST['co_include_tail']) && function_exists('get_admin_captcha_by') && get_admin_captcha_by()){
if (($co_row['co_include_head'] !== $co_include_head || $co_row['co_include_tail'] !== $co_include_tail) && function_exists('get_admin_captcha_by') && get_admin_captcha_by()){
include_once(G5_CAPTCHA_PATH.'/captcha.lib.php');
if (!chk_captcha()) {

1
adm/faqmasterform.php
View File

@ -21,6 +21,7 @@ if ($w == "u")
else
{
$html_title .= ' 입력';
$fm = array();
}
$g5['title'] = $html_title.' 관리';

2
adm/faqmasterformupdate.php
View File

@ -18,6 +18,8 @@ check_admin_token();
if ($fm_himg_del) @unlink(G5_DATA_PATH."/faq/{$fm_id}_h");
if ($fm_timg_del) @unlink(G5_DATA_PATH."/faq/{$fm_id}_t");
$fm_subject = strip_tags($fm_subject);
$sql_common = " set fm_subject = '$fm_subject',
fm_head_html = '$fm_head_html',
fm_tail_html = '$fm_tail_html',

2
adm/newwinform.php
View File

@ -125,7 +125,7 @@ include_once (G5_ADMIN_PATH.'/admin.head.php');
<tr>
<th scope="row"><label for="nw_subject">팝업 제목<strong class="sound_only"> 필수</strong></label></th>
<td>
<input type="text" name="nw_subject" value="<?php echo stripslashes($nw['nw_subject']) ?>" id="nw_subject" required class="frm_input required" size="80">
<input type="text" name="nw_subject" value="<?php echo get_sanitize_input($nw['nw_subject']); ?>" id="nw_subject" required class="frm_input required" size="80">
</td>
</tr>
<tr>

5
adm/newwinformupdate.php
View File

@ -13,7 +13,8 @@ else
check_admin_token();
$nw_subject = isset($_POST['nw_subject']) ? strip_tags($_POST['nw_subject']) : '';
$sql_common = " nw_division = '{$_POST['nw_division']}',
nw_device = '{$_POST['nw_device']}',
nw_begin_time = '{$_POST['nw_begin_time']}',
@ -23,7 +24,7 @@ $sql_common = " nw_division = '{$_POST['nw_division']}',
nw_top = '{$_POST['nw_top']}',
nw_height = '{$_POST['nw_height']}',
nw_width = '{$_POST['nw_width']}',
nw_subject = '{$_POST['nw_subject']}',
nw_subject = '{$nw_subject}',
nw_content = '{$_POST['nw_content']}',
nw_content_html = '{$_POST['nw_content_html']}' ";

6
adm/point_update.php
View File

@ -6,9 +6,9 @@ auth_check($auth[$sub_menu], 'w');
check_admin_token();
$mb_id = $_POST['mb_id'];
$po_point = $_POST['po_point'];
$po_content = $_POST['po_content'];
$mb_id = strip_tags($_POST['mb_id']);
$po_point = strip_tags($_POST['po_point']);
$po_content = strip_tags($_POST['po_content']);
$expire = preg_replace('/[^0-9]/', '', $_POST['po_expire_term']);
$mb = get_member($mb_id);

5
adm/qa_config_update.php
View File

@ -12,8 +12,11 @@ $error_msg = '';
$qaconfig = get_qa_config();
$qa_include_head = preg_replace(array("#[\\\]+$#", "#(<\?php|<\?)#i"), "", substr($qa_include_head, 0, 255));
$qa_include_tail = preg_replace(array("#[\\\]+$#", "#(<\?php|<\?)#i"), "", substr($qa_include_tail, 0, 255));
// 관리자가 자동등록방지를 사용해야 할 경우
if ($board && ($qaconfig['qa_include_head'] !== $_POST['qa_include_head'] || $qaconfig['qa_include_tail'] !== $_POST['qa_include_tail']) && function_exists('get_admin_captcha_by') && get_admin_captcha_by()){
if ($board && ($qaconfig['qa_include_head'] !== $qa_include_head || $qaconfig['qa_include_tail'] !== $qa_include_tail) && function_exists('get_admin_captcha_by') && get_admin_captcha_by()){
include_once(G5_CAPTCHA_PATH.'/captcha.lib.php');
if (!chk_captcha()) {

2
adm/sms_admin/history_num.php
View File

@ -27,7 +27,7 @@ $vnum = $total_count - (($page-1) * $page_size);
include_once(G5_ADMIN_PATH.'/admin.head.php');
?>
<form name="search_form" method="get" action="<?echo $_SERVER['SCRIPT_NAME']?>" class="local_sch01 local_sch" >
<form name="search_form" method="get" action="<?php echo $_SERVER['SCRIPT_NAME']; ?>" class="local_sch01 local_sch" >
<label for="st" class="sound_only">검색대상</label>
<select name="st" id="st">
<option value="hs_name"<?php echo get_selected('hs_name', $st); ?>>이름</option>

2
adm/sms_admin/num_book_update.php
View File

@ -21,6 +21,8 @@ if ($w=='u') // 업데이트
if (!strlen(trim($bk_name)))
alert('이름을 입력해주세요');
$bk_name = strip_tags($bk_name);
if ($bk_hp == '')
alert('휴대폰번호만 입력 가능합니다.');
/*

14
adm/sms_admin/num_book_write.php
View File

@ -30,7 +30,7 @@ if ($w == 'u' && is_numeric($bk_no)) {
$g5['title'] .= '수정';
}
else {
$write['bg_no'] = $bg_no;
$write = array('bg_no' => (int) $bg_no);
$g5['title'] .= '추가';
}
@ -43,12 +43,12 @@ include_once(G5_ADMIN_PATH."/admin.head.php");
?>
<form name="book_form" id="book_form" method="post" action="./num_book_update.php">
<input type="hidden" name="w" value="<?php echo $w?>">
<input type="hidden" name="page" value="<?php echo $page?>">
<input type="hidden" name="ap" value="<?php echo $ap?>">
<input type="hidden" name="w" value="<?php echo get_sanitize_input($w); ?>">
<input type="hidden" name="page" value="<?php echo get_sanitize_input($page); ?>">
<input type="hidden" name="ap" value="<?php echo get_sanitize_input($ap); ?>">
<input type="hidden" name="bk_no" value="<?php echo $write['bk_no']?>">
<input type="hidden" name="mb_id" id="mb_id" value="<?php echo $write['mb_id']?>">
<input type="hidden" name="get_bg_no" value="<?php echo $bg_no?>">
<input type="hidden" name="get_bg_no" value="<?php echo get_sanitize_input($bg_no); ?>">
<div class="tbl_frm01 tbl_wrap">
<table>
@ -74,7 +74,7 @@ include_once(G5_ADMIN_PATH."/admin.head.php");
</tr>
<tr>
<th scope="row"><label for="bk_name">이름<strong class="sound_only"> 필수</strong></label></th>
<td><input type="text" name="bk_name" id="bk_name" maxlength="50" value="<?php echo $write['bk_name']?>" required class="frm_input required"></td>
<td><input type="text" name="bk_name" id="bk_name" maxlength="50" value="<?php echo get_sanitize_input($write['bk_name']); ?>" required class="frm_input required"></td>
</tr>
<tr>
<th scope="row"><label for="bk_hp">휴대폰번호<strong class="sound_only"> 필수</strong></label></th>
@ -187,14 +187,12 @@ function book_submit(){
if($check_msg.size()> 0)
$check_msg.remove();
// $("#exist_msg").text("<?php echo $exist_msg_2; ?>");
is_submit = true;
} else {
if($check_msg.size() < 1)
$("input#bk_hp").after("<div id=\"hp_check_el\"><h3>이 번호를 쓰는 회원 정보</h3><ul></ul></div>");
$("#hp_check_el").find("ul").html( list_text );
// $("#exist_msg").html("<?php echo $exist_msg_1 ?>");
if(confirm("회원 정보에 중복 휴대폰 번호가 있습니다.수정하실 경우 회원정보에 반영되지 않습니다.\n수정하시겠습니까?"))
is_submit = true;