firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

보안서버 경로문제 해결

Browse Source
This commit is contained in:
gnuboard
2013-05-09 15:47:24 +09:00
parent c40741ced5
commit 6a9b81fe4b
13 changed files with 49 additions and 84 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
bbs/board.php
View File

@ -134,7 +134,7 @@ if (isset($wr_id) && $wr_id) {
if ($member['mb_id'])
alert('목록을 볼 권한이 없습니다.', G4_URL);
else
alert('목록을 볼 권한이 없습니다.\\n\\n회원이시라면 로그인 후 이용해 보십시오.', './login.php?wr_id='.$wr_id.$qstr.'&url='.urlencode(G4_BBS_URL.'/board.php?bo_table='.$bo_table.'&wr_id='.$wr_id.$qstr));
alert('목록을 볼 권한이 없습니다.\\n\\n회원이시라면 로그인 후 이용해 보십시오.', './login.php?'.$qstr.'&url='.urlencode(G4_BBS_URL.'/board.php?bo_table='.$bo_table.'&'.$qstr));
}
if (!isset($page) || (isset($page) && $page == 0)) $page = 1;

28
bbs/login.php
View File

@ -4,6 +4,8 @@ include_once('./_common.php');
$g4['title'] = '로그인';
include_once('./_head.sub.php');
$url = $_GET['url'];
$p = parse_url($url);
if ((isset($p['scheme']) && $p['scheme']) || (isset($p['host']) && $p['host'])) {
//print_r2($p);
@ -19,31 +21,7 @@ if ($is_member) {
goto_url(G4_URL);
}
if ($url)
$urlencode = urlencode($url);
else
$urlencode = urlencode($_SERVER['REQUEST_URI']);
if (G4_HTTPS_DOMAIN) {
$login_url = $_GET['url'];
if ($login_url) {
if (preg_match("/^\.\.\//", $url)) {
$login_url = urlencode(G4_URL."/".preg_replace("/^\.\.\//", "", $login_url));
} else {
$purl = parse_url(G4_URL);
if ($purl['path']) {
$path = urlencode($purl['path']);
$urlencode = preg_replace("/".$path."/", "", $urlencode);
}
$login_url = $urlencode;
}
} else {
$login_url = G4_URL;
}
} else {
$login_url = $urlencode;
}
$login_url = login_url($url);
$login_action_url = G4_HTTPS_BBS_URL."/login_check.php";
// 로그인 스킨이 없는 경우 관리자 페이지 접속이 안되는 것을 막기 위하여 기본 스킨으로 대체

4
bbs/memo_form_update.php
View File

@ -74,8 +74,8 @@ for ($i=0; $i<count($member_list['id']); $i++) {
if ($member_list) {
$str_nick_list = implode(',', $member_list['nick']);
alert($str_nick_list." 님께 쪽지를 전달하였습니다.", "./memo.php?kind=send", false);
alert($str_nick_list." 님께 쪽지를 전달하였습니다.", G4_HTTP_BBS_URL."/memo.php?kind=send", false);
} else {
alert("회원아이디 오류 같습니다.", "./memo_form.php", false);
alert("회원아이디 오류 같습니다.", G4_HTTP_BBS_URL."/memo_form.php", false);
}
?>

2
bbs/register.php
View File

@ -12,7 +12,7 @@ set_session("ss_mb_reg", "");
$g4['title'] = '회원가입약관';
include_once('./_head.php');
$register_action_url = G4_HTTPS_BBS_URL.'/register_form.php';
$register_action_url = G4_BBS_URL.'/register_form.php';
include_once($member_skin_path.'/register.skin.php');
include_once('./_tail.php');

2
bbs/register_form_update.php
View File

@ -346,7 +346,7 @@ if ($msg)
echo '<script>alert(\''.$msg.'\');</script>';
if ($w == "") {
goto_url(G4_BBS_URL.'/register_result.php');
goto_url(G4_HTTP_BBS_URL.'/register_result.php');
} else if ($w == 'u') {
$row = sql_fetch(" select mb_password from {$g4['member_table']} where mb_id = '{$member['mb_id']}' ");
$tmp_password = $row['mb_password'];

2
bbs/write.php
View File

@ -377,7 +377,7 @@ $editor_html = editor_html('wr_content', $content, $is_dhtml_editor);
include_once(G4_PATH.'/head.sub.php');
include_once('./board_head.php');
$action_url = G4_HTTPS_BBS_URL."/write_update.php";
$action_url = https_url(G4_BBS_DIR)."/write_update.php";
echo '<!-- skin : '.$board_skin_path.' -->';
include_once ($board_skin_path.'/write.skin.php');

4
bbs/write_update.php
View File

@ -623,7 +623,7 @@ if (!($w == 'u' || $w == 'cu') && $config['cf_email_use'] && $board['bo_use_emai
delete_cache_latest($bo_table);
if ($file_upload_msg)
alert($file_upload_msg, G4_HTTPS_BBS_URL.'/board.php?bo_table='.$bo_table.'&amp;wr_id='.$wr_id.'&amp;page='.$page.$qstr);
alert($file_upload_msg, G4_HTTP_BBS_URL.'/board.php?bo_table='.$bo_table.'&amp;wr_id='.$wr_id.'&amp;page='.$page.$qstr);
else
goto_url(G4_HTTPS_BBS_URL.'/board.php?bo_table='.$bo_table.'&amp;wr_id='.$wr_id.$qstr);
goto_url(G4_HTTP_BBS_URL.'/board.php?bo_table='.$bo_table.'&amp;wr_id='.$wr_id.$qstr);
?>

10
common.php
View File

@ -163,14 +163,8 @@ ini_set("session.cookie_domain", G4_COOKIE_DOMAIN);
@session_start();
// 보안서버주소 설정
if (G4_HTTPS_DOMAIN) {
define('G4_HTTPS_URL', G4_HTTPS_DOMAIN);
define('G4_HTTPS_BBS_URL', G4_HTTPS_DOMAIN.'/'.G4_BBS_DIR);
} else {
define('G4_HTTPS_URL', G4_URL);
define('G4_HTTPS_BBS_URL', G4_BBS_URL);
}
define('G4_HTTP_BBS_URL', https_url(G4_BBS_DIR, false));
define('G4_HTTPS_BBS_URL', https_url(G4_BBS_DIR, true));
//==============================================================================
// Mobile 모바일 설정

23
config.php
View File

@ -24,8 +24,8 @@ if (PHP_VERSION >= '5.3.0') {
보안서버주소가 없다면 공란으로 두시면 되며 보안서버주소 뒤에 / 는 붙이지 않습니다.
입력예) https://www.domain.com:443/gnuboard4s
*/
define('G4_DOMAIN', ''); // 사용하지 않습니다.
define('G4_HTTPS_DOMAIN', '');
define('G4_DOMAIN', 'http://sir.co.kr:80/g4s');
define('G4_HTTPS_DOMAIN', 'https://sir.co.kr/g4s');
/*
www.sir.co.kr 과 sir.co.kr 도메인은 서로 다른 도메인으로 인식합니다. 쿠키를 공유하려면 .sir.co.kr 과 같이 입력하세요.
@ -53,26 +53,13 @@ define('G4_SNS_DIR', 'sns');
define('G4_SYNDI_DIR', 'syndi');
// URL 은 브라우저상에서의 경로 (도메인으로 부터의)
if (G4_DOMAIN) {
define('G4_URL', G4_DOMAIN);
} else {
if (isset($g4_path['url']))
define('G4_URL', $g4_path['url']);
else
define('G4_URL', '');
}
if (G4_HTTPS_DOMAIN) {
define('G4_URL', G4_HTTPS_DOMAIN);
} else {
define('G4_URL', G4_DOMAIN);
}
if (isset($g4_path['path'])) {
define('G4_PATH', $g4_path['path']);
} else {
define('G4_PATH', '');
define('G4_URL', $g4_path['url']);
}
define('G4_PATH', $g4_path['path']);
define('G4_ADMIN_URL', G4_URL.'/'.G4_ADMIN_DIR);
define('G4_BBS_URL', G4_URL.'/'.G4_BBS_DIR);

28
lib/common.lib.php
View File

@ -1981,4 +1981,32 @@ function hyphen_hp_number($hp)
$hp = preg_replace("/[^0-9]/", "", $hp);
return preg_replace("/([0-9]{3})([0-9]{3,4})([0-9]{4})$/", "\\1-\\2-\\3", $hp);
}
function login_url($url='')
{
if (!$url) $url = G4_URL;
$p = parse_url($url);
return $url.urldecode(preg_replace("/^".urlencode($p['path'])."/", "", urlencode($_SERVER['REQUEST_URI'])));
}
function https_url($dir, $https=true)
{
if ($https) {
if (G4_HTTPS_DOMAIN) {
$url = G4_HTTPS_DOMAIN.'/'.$dir;
} else {
$url = G4_URL.'/'.$dir;
}
} else {
if (G4_DOMAIN) {
$url = G4_DOMAIN.'/'.$dir;
} else {
$url = G4_URL.'/'.$dir;
}
}
return $url;
}
?>

24
lib/outlogin.lib.php
View File

@ -34,29 +34,7 @@ function outlogin($skin_dir='basic')
$is_auth = true;
}
if (G4_HTTPS_DOMAIN) {
$outlogin_url = $_GET['url'];
if ($outlogin_url) {
if (preg_match("/^\.\.\//", $outlogin_url)) {
$outlogin_url = urlencode(G4_URL."/".preg_replace("/^\.\.\//", "", $outlogin_url));
}
else {
$purl = parse_url(G4_URL);
if ($purl['path']) {
$path = urlencode($purl['path']);
$urlencode = preg_replace("/".$path."/", "", $urlencode);
}
$outlogin_url = $urlencode;
}
}
else {
$outlogin_url = G4_URL;
}
}
else {
$outlogin_url = $urlencode;
}
$outlogin_url = login_url();
$outlogin_action_url = G4_HTTPS_BBS_URL.'/login_check.php';
ob_start();

2
plugin/ckeditor/ckeditor.lib.php
View File

@ -36,7 +36,7 @@ function editor_html($id, $content, $ckeditor=true, $class="")
}
$ckeditor_class = $ckeditor ? "ckeditor" : "";
$html .= "\n<textarea id=\"$id\" name=\"$id\" class=\"$ckeditor_class $class\" style=\"width:100%;\" maxlength=\"65536\">$content</textarea>";
$html .= "\n<textarea id=\"$id\" name=\"$id\" class=\"$ckeditor_class $class required\" style=\"width:100%;\" required maxlength=\"65536\">$content</textarea>";
$html .= "\n<span class=\"sound_only\">웹 에디터 끝</span>";
return $html;
}

2
skin/member/basic/memo_form.skin.php
View File

@ -13,7 +13,7 @@ if (!defined('_GNUBOARD_')) exit; // 개별 페이지 접근 불가
<li><a href="./memo_form.php">쪽지쓰기</a></li>
</ul>
<form name="fmemoform" action="./memo_form_update.php" onsubmit="return fmemoform_submit(this);" method="post" autocomplete="off">
<form name="fmemoform" action="<?php echo $memo_action_url; ?>" onsubmit="return fmemoform_submit(this);" method="post" autocomplete="off">
<div class="cbox">
<table class="frm_tbl">
<caption>쪽지쓰기</caption>