From c3634c05f70c3703cd1d41e33c503a66fd51024c Mon Sep 17 00:00:00 2001 From: thisgun Date: Thu, 11 Apr 2024 11:55:55 +0900 Subject: [PATCH 01/18] =?UTF-8?q?KG=EC=9D=B4=EB=8B=88=EC=8B=9C=EC=8A=A4=20?= =?UTF-8?q?=ED=86=B5=ED=95=A9=EC=9D=B8=EC=A6=9D=20=EC=95=94=ED=98=B8?= =?UTF-8?q?=ED=99=94=EC=A0=81=EC=9A=A9=20=EC=97=AC=EB=B6=80=20=EC=84=A0?= =?UTF-8?q?=ED=83=9D=EC=98=B5=EC=85=98=20=EC=B6=94=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- adm/config_form.php | 15 +++++++++++++++ adm/config_form_update.php | 2 ++ extend/default.config.php | 2 ++ install/gnuboard5.sql | 1 + plugin/inicert/ini_request.php | 2 +- plugin/inicert/ini_result.php | 12 +++++++----- plugin/inicert/libs/INILib.php | 3 ++- plugin/inicert/libs/KISA_SEED_CBC.php | 4 ++-- 8 files changed, 32 insertions(+), 9 deletions(-) diff --git a/adm/config_form.php b/adm/config_form.php index fc1af2fda..32a180bb9 100644 --- a/adm/config_form.php +++ b/adm/config_form.php @@ -409,6 +409,11 @@ if (!isset($config['cf_cert_kg_mid'])) { ADD COLUMN `cf_cert_kg_mid` VARCHAR(255) NOT NULL DEFAULT '' AFTER `cf_cert_kg_cd`; "; sql_query($sql, false); } +if (!isset($config['cf_cert_use_seed'])) { + $sql = "ALTER TABLE `{$g5['config_table']}` + ADD COLUMN `cf_cert_use_seed` TINYINT(4) NOT NULL DEFAULT '0' AFTER `cf_cert_kg_mid`; "; + sql_query($sql, false); +} if (!$config['cf_faq_skin']) { $config['cf_faq_skin'] = "basic"; } @@ -1003,6 +1008,16 @@ if ($config['cf_sms_use'] && $config['cf_icode_id'] && $config['cf_icode_pw']) { + + + + + + + diff --git a/adm/config_form_update.php b/adm/config_form_update.php index dafa85ce5..cfe8e16cb 100644 --- a/adm/config_form_update.php +++ b/adm/config_form_update.php @@ -105,6 +105,7 @@ $check_keys = array( 'cf_cert_ipin' => 'char', 'cf_cert_hp' => 'char', 'cf_cert_simple' => 'char', + 'cf_cert_use_seed' => 'int', 'cf_admin_email' => 'char', 'cf_admin_email_name' => 'char', 'cf_add_script' => 'text', @@ -284,6 +285,7 @@ $sql = " update {$g5['config_table']} cf_cert_ipin = '{$_POST['cf_cert_ipin']}', cf_cert_hp = '{$_POST['cf_cert_hp']}', cf_cert_simple = '{$_POST['cf_cert_simple']}', + cf_cert_use_seed = '".(int)$_POST['cf_cert_use_seed']."', cf_cert_kg_cd = '{$_POST['cf_cert_kg_cd']}', cf_cert_kg_mid = '" . trim($_POST['cf_cert_kg_mid']) . "', cf_cert_kcb_cd = '{$_POST['cf_cert_kcb_cd']}', diff --git a/extend/default.config.php b/extend/default.config.php index 0df67714a..f634e939f 100644 --- a/extend/default.config.php +++ b/extend/default.config.php @@ -1,6 +1,8 @@ no_profile'); diff --git a/install/gnuboard5.sql b/install/gnuboard5.sql index 64c39a8a9..060375457 100644 --- a/install/gnuboard5.sql +++ b/install/gnuboard5.sql @@ -292,6 +292,7 @@ CREATE TABLE IF NOT EXISTS `g5_config` ( `cf_cert_simple` varchar(255) NOT NULL DEFAULT '', `cf_cert_kg_cd` varchar(255) NOT NULL DEFAULT '', `cf_cert_kg_mid` varchar(255) NOT NULL DEFAULT '', + `cf_cert_use_seed` tinyint(4) NOT NULL DEFAULT '0', `cf_cert_kcb_cd` varchar(255) NOT NULL DEFAULT '', `cf_cert_kcp_cd` varchar(255) NOT NULL DEFAULT '', `cf_lg_mid` varchar(100) NOT NULL DEFAULT '', diff --git a/plugin/inicert/ini_request.php b/plugin/inicert/ini_request.php index 3eaa70599..d7f4c110d 100644 --- a/plugin/inicert/ini_request.php +++ b/plugin/inicert/ini_request.php @@ -17,7 +17,7 @@ if($config['cf_cert_use'] == 2) { // 실서비스 일때 $mTxId ='SIR_'.$max_cr_id; } $reqSvcCd ='01'; // 요청구분코드 ["01":간편인증, "02":전자서명] -$reservedMsg ='isUseToken=Y'; // 결과조회 응답시 개인정보SEED 암호화 처리 요청 +$reservedMsg = (defined('KGINICIS_USE_CERT_SEED') && KGINICIS_USE_CERT_SEED) ? 'isUseToken=Y' : ''; // 결과조회 응답시 개인정보SEED 암호화 처리 요청 // 등록가맹점 확인 $plainText1 = hash("sha256",(string)$mid.(string)$mTxId.(string)$apiKey); diff --git a/plugin/inicert/ini_result.php b/plugin/inicert/ini_result.php index 1fd810281..2299c6b9a 100644 --- a/plugin/inicert/ini_result.php +++ b/plugin/inicert/ini_result.php @@ -54,11 +54,13 @@ if ($txId && isset($_POST["resultCode"]) && $_POST["resultCode"] === "0000") { $birth_day = $res_data['userBirthday']; // 생년월일 $ci = $res_data['userCi']; // CI - // 개인정보SEED 암호화 된것을 복호화 합니다. - $user_name = decrypt_SEED($user_name, $SEEDKEY, $SEEDIV); - $phone_no = decrypt_SEED($phone_no, $SEEDKEY, $SEEDIV); - $birth_day = decrypt_SEED($birth_day, $SEEDKEY, $SEEDIV); - $ci = decrypt_SEED($ci, $SEEDKEY, $SEEDIV); + if (defined('KGINICIS_USE_CERT_SEED') && KGINICIS_USE_CERT_SEED) { + // 개인정보SEED 암호화 된것을 복호화 합니다. + $user_name = decrypt_SEED($user_name, $SEEDKEY, $SEEDIV); + $phone_no = decrypt_SEED($phone_no, $SEEDKEY, $SEEDIV); + $birth_day = decrypt_SEED($birth_day, $SEEDKEY, $SEEDIV); + $ci = decrypt_SEED($ci, $SEEDKEY, $SEEDIV); + } @insert_cert_history($member['mb_id'], 'inicis', $cert_type); // 인증성공 시 내역 기록 diff --git a/plugin/inicert/libs/INILib.php b/plugin/inicert/libs/INILib.php index a640688bb..335fe456a 100644 --- a/plugin/inicert/libs/INILib.php +++ b/plugin/inicert/libs/INILib.php @@ -67,10 +67,11 @@ function decrypt_SEED($str, $bszUser_key, $bszIV) { $pdwRoundKey = array_pad(array(), 32, 0); $bszPlainText = null; + $planBytresMessage = array(); // 방법 1 $bszPlainText = KISA_SEED_CBC::SEED_CBC_Decrypt($keyBytes, $IVBytes, $planBytes, 0, count($planBytes)); - for ($i = 0; $i < sizeof($bszPlainText); $i++) { + for ($i = 0; $i < sizeof((array) $bszPlainText); $i++) { $planBytresMessage[] = sprintf("%02X", $bszPlainText[$i]); } return Hex2String($planBytresMessage); diff --git a/plugin/inicert/libs/KISA_SEED_CBC.php b/plugin/inicert/libs/KISA_SEED_CBC.php index 6a3498480..d45374d00 100644 --- a/plugin/inicert/libs/KISA_SEED_CBC.php +++ b/plugin/inicert/libs/KISA_SEED_CBC.php @@ -171,7 +171,7 @@ if (!defined('_KISA_SEED_KEY_')) { var $key_data = null; - function KISA_SEED_KEY() { + function __construct() { $this->key_data = array_pad(array(), 32, 0); } @@ -192,7 +192,7 @@ if (!defined('_KISA_SEED_INFO_')) { var $cbc_last_block = null; var $last_block_flag = 0; - function KISA_SEED_INFO() { + function __construct() { $this->ivec = array_pad(array(), 4, 0); $this->seed_key = new KISA_SEED_KEY(); $this->cbc_buffer = array_pad(array(), 4, 0); From ce89cba2c79a1fcfe3ce113b86b5e5e44c02b5eb Mon Sep 17 00:00:00 2001 From: thisgun Date: Thu, 11 Apr 2024 12:14:00 +0900 Subject: [PATCH 02/18] =?UTF-8?q?=EB=B2=84=EC=A0=84=205.5.15=20=EC=88=98?= =?UTF-8?q?=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- version.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/version.php b/version.php index 1d2262471..ef816a7e1 100644 --- a/version.php +++ b/version.php @@ -2,7 +2,7 @@ if (!defined('_GNUBOARD_')) exit; // 개별 페이지 접근 불가 define('G5_VERSION', '그누보드5'); -define('G5_GNUBOARD_VER', '5.5.14'); +define('G5_GNUBOARD_VER', '5.5.15'); // 그누보드5.4.5.5 버전과 영카트5.4.5.5.1 버전을 합쳐서 그누보드5.4.6 버전에서 시작함 (kagla-210617) // G5_YOUNGCART_VER 이 상수를 사용하는 곳이 있으므로 주석 처리 해제함 // 그누보드5.4.6 이상 버전 부터는 영카트를 그누보드에 포함하여 배포하므로 영카트5의 버전은 의미가 없습니다. From 712172a0ea9900a18f423b3f6456157b3ecdb01d Mon Sep 17 00:00:00 2001 From: thisgun Date: Wed, 17 Apr 2024 15:21:55 +0900 Subject: [PATCH 03/18] =?UTF-8?q?NHN=5FKCP=20=EA=B2=B0=EC=A0=9C=EC=A0=95?= =?UTF-8?q?=EB=B3=B4=20=EA=B2=80=EC=A6=9D=EA=B8=B0=EB=8A=A5=20=EC=A0=81?= =?UTF-8?q?=EC=9A=A9?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- mobile/shop/kcp/pp_ax_hub.php | 19 ++++++++++++++++++- shop/kcp/pp_ax_hub.php | 17 ++++++++++++++++- 2 files changed, 34 insertions(+), 2 deletions(-) diff --git a/mobile/shop/kcp/pp_ax_hub.php b/mobile/shop/kcp/pp_ax_hub.php index bc091650b..074a8c62f 100644 --- a/mobile/shop/kcp/pp_ax_hub.php +++ b/mobile/shop/kcp/pp_ax_hub.php @@ -9,7 +9,6 @@ /* = Copyright (c) 2010.05 KCP Inc. All Rights Reserved. = */ /* ============================================================================== */ - /* ============================================================================== */ /* = 환경 설정 파일 Include = */ /* = -------------------------------------------------------------------------- = */ @@ -110,6 +109,24 @@ /* = -------------------------------------------------------------------------- = */ if ( $req_tx == "pay" ) { + /* 1004원은 실제로 업체에서 결제하셔야 될 원 금액을 넣어주셔야 합니다. 결제금액 유효성 검증 */ + $c_PayPlus->mf_set_ordr_data( "ordr_mony", $good_mny ); + + $kcp_pay_type = ''; // 결제수단 검증 파라미터 pay_type (신용카드 : PACA, 계좌이체 : PABK, 가상계좌 : PAVC, 휴대폰 : PAMC) + + if ($use_pay_method == "100000000000") { // 신용카드 + $kcp_pay_type = 'PACA'; + } else if ($use_pay_method == "010000000000") { // 계좌이체 + $kcp_pay_type = 'PABK'; + } else if ($use_pay_method == "001000000000") { // 가상계좌 + $kcp_pay_type = 'PAVC'; + } else if ($use_pay_method == "000010000000") { // 휴대폰 + $kcp_pay_type = 'PAMC'; + } + + $c_PayPlus->mf_set_ordr_data( "pay_type", $kcp_pay_type ); + $c_PayPlus->mf_set_ordr_data( "ordr_no", $ordr_idxx ); + $post_enc_data = isset($_POST["enc_data"]) ? $_POST["enc_data"] : ''; $post_enc_info = isset($_POST["enc_info"]) ? $_POST["enc_info"] : ''; diff --git a/shop/kcp/pp_ax_hub.php b/shop/kcp/pp_ax_hub.php index 77f7c41fc..12d446fa7 100644 --- a/shop/kcp/pp_ax_hub.php +++ b/shop/kcp/pp_ax_hub.php @@ -146,7 +146,22 @@ if ( $req_tx == "pay" ) { /* 1004원은 실제로 업체에서 결제하셔야 될 원 금액을 넣어주셔야 합니다. 결제금액 유효성 검증 */ $c_PayPlus->mf_set_ordr_data( "ordr_mony", $good_mny ); - + + $kcp_pay_type = ''; // 결제수단 검증 파라미터 pay_type (신용카드 : PACA, 계좌이체 : PABK, 가상계좌 : PAVC, 휴대폰 : PAMC) + + if ($use_pay_method == "100000000000") { // 신용카드 + $kcp_pay_type = 'PACA'; + } else if ($use_pay_method == "010000000000") { // 계좌이체 + $kcp_pay_type = 'PABK'; + } else if ($use_pay_method == "001000000000") { // 가상계좌 + $kcp_pay_type = 'PAVC'; + } else if ($use_pay_method == "000010000000") { // 휴대폰 + $kcp_pay_type = 'PAMC'; + } + + $c_PayPlus->mf_set_ordr_data( "pay_type", $kcp_pay_type ); + $c_PayPlus->mf_set_ordr_data( "ordr_no", $ordr_idxx ); + $post_enc_data = isset($_POST['enc_data']) ? $_POST['enc_data'] : ''; $post_enc_info = isset($_POST['enc_info']) ? $_POST['enc_info'] : ''; From 61a0236938ee946ebd8cf797249bb836f477ae38 Mon Sep 17 00:00:00 2001 From: thisgun Date: Wed, 17 Apr 2024 18:23:10 +0900 Subject: [PATCH 04/18] =?UTF-8?q?=EB=B2=84=EC=A0=84=205.5.16=20=EC=88=98?= =?UTF-8?q?=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- version.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/version.php b/version.php index ef816a7e1..fe61dfc44 100644 --- a/version.php +++ b/version.php @@ -2,7 +2,7 @@ if (!defined('_GNUBOARD_')) exit; // 개별 페이지 접근 불가 define('G5_VERSION', '그누보드5'); -define('G5_GNUBOARD_VER', '5.5.15'); +define('G5_GNUBOARD_VER', '5.5.16'); // 그누보드5.4.5.5 버전과 영카트5.4.5.5.1 버전을 합쳐서 그누보드5.4.6 버전에서 시작함 (kagla-210617) // G5_YOUNGCART_VER 이 상수를 사용하는 곳이 있으므로 주석 처리 해제함 // 그누보드5.4.6 이상 버전 부터는 영카트를 그누보드에 포함하여 배포하므로 영카트5의 버전은 의미가 없습니다. From 02e0996eb4293c8edd9aea807f9282cdb5c6d9f3 Mon Sep 17 00:00:00 2001 From: kit rio Date: Thu, 11 Apr 2024 17:46:58 +0900 Subject: [PATCH 05/18] =?UTF-8?q?kisa=20seed=5Fcbc=20undefined=20=EB=B3=80?= =?UTF-8?q?=EC=88=98=20=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit SEED_CBC_Decrypt 함수 return null 전에 초기화 --- plugin/inicert/libs/KISA_SEED_CBC.php | 1 + 1 file changed, 1 insertion(+) diff --git a/plugin/inicert/libs/KISA_SEED_CBC.php b/plugin/inicert/libs/KISA_SEED_CBC.php index d45374d00..4e5d7cb1d 100644 --- a/plugin/inicert/libs/KISA_SEED_CBC.php +++ b/plugin/inicert/libs/KISA_SEED_CBC.php @@ -782,6 +782,7 @@ class KISA_SEED_CBC { $pbszCipherText = array_pad(array(), $message_length, 0); Common::arraycopy_system($message, $message_offset, $pbszCipherText, 0, $message_length); $nCipherTextLen = count($pbszCipherText); + $result = null; if ($nCipherTextLen % KISA_SEED_CBC::BLOCK_SIZE_SEED) { return $result; From 6697327265aa892c3c8574f19ff9b216d15e7a63 Mon Sep 17 00:00:00 2001 From: thisgun Date: Tue, 14 May 2024 16:04:14 +0900 Subject: [PATCH 06/18] =?UTF-8?q?=EC=87=BC=ED=95=91=EB=AA=B0=20=EC=A3=BC?= =?UTF-8?q?=EB=AC=B8=20SMS=20=ED=8C=8C=EC=9D=BC=EC=9D=98=20=EA=B8=88?= =?UTF-8?q?=EC=95=A1=EB=B3=80=EC=88=98=EC=97=90=20(int)=20=ED=98=95=20?= =?UTF-8?q?=EC=B6=94=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- mobile/shop/orderformupdate.php | 2 +- shop/orderformupdate.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/mobile/shop/orderformupdate.php b/mobile/shop/orderformupdate.php index a68f76f4d..5edf37245 100644 --- a/mobile/shop/orderformupdate.php +++ b/mobile/shop/orderformupdate.php @@ -843,7 +843,7 @@ if($config['cf_sms_use'] && ($default['de_sms_use2'] || $default['de_sms_use3']) $sms_content = str_replace("{보낸분}", $od_name, $sms_content); $sms_content = str_replace("{받는분}", $od_b_name, $sms_content); $sms_content = str_replace("{주문번호}", $od_id, $sms_content); - $sms_content = str_replace("{주문금액}", number_format($tot_ct_price + $od_send_cost + $od_send_cost2), $sms_content); + $sms_content = str_replace("{주문금액}", number_format($tot_ct_price + $od_send_cost + (int) $od_send_cost2), $sms_content); $sms_content = str_replace("{회원아이디}", $member['mb_id'], $sms_content); $sms_content = str_replace("{회사명}", $default['de_admin_company_name'], $sms_content); diff --git a/shop/orderformupdate.php b/shop/orderformupdate.php index 349294285..aa6883a3a 100644 --- a/shop/orderformupdate.php +++ b/shop/orderformupdate.php @@ -785,7 +785,7 @@ if($config['cf_sms_use'] && ($default['de_sms_use2'] || $default['de_sms_use3']) $sms_content = str_replace("{보낸분}", $od_name, $sms_content); $sms_content = str_replace("{받는분}", $od_b_name, $sms_content); $sms_content = str_replace("{주문번호}", $od_id, $sms_content); - $sms_content = str_replace("{주문금액}", number_format($tot_ct_price + $od_send_cost + $od_send_cost2), $sms_content); + $sms_content = str_replace("{주문금액}", number_format($tot_ct_price + $od_send_cost + (int) $od_send_cost2), $sms_content); $sms_content = str_replace("{회원아이디}", $member['mb_id'], $sms_content); $sms_content = str_replace("{회사명}", $default['de_admin_company_name'], $sms_content); From cc96048dfa89b46fa1aca0d5be939f0da71d86b6 Mon Sep 17 00:00:00 2001 From: thisgun Date: Tue, 14 May 2024 17:10:00 +0900 Subject: [PATCH 07/18] =?UTF-8?q?NHN=5FKCP=20=EA=B2=B0=EC=A0=9C=EC=A0=95?= =?UTF-8?q?=EB=B3=B4=20=EA=B2=80=EC=A6=9D=EA=B8=B0=EB=8A=A5=20=EC=B6=94?= =?UTF-8?q?=EA=B0=80=20=EC=A0=81=EC=9A=A9?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- mobile/shop/kcp/pp_ax_hub.php | 8 ++++---- shop/kcp/pp_ax_hub.php | 8 ++++---- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/mobile/shop/kcp/pp_ax_hub.php b/mobile/shop/kcp/pp_ax_hub.php index 074a8c62f..8b52d4ef8 100644 --- a/mobile/shop/kcp/pp_ax_hub.php +++ b/mobile/shop/kcp/pp_ax_hub.php @@ -114,13 +114,13 @@ $kcp_pay_type = ''; // 결제수단 검증 파라미터 pay_type (신용카드 : PACA, 계좌이체 : PABK, 가상계좌 : PAVC, 휴대폰 : PAMC) - if ($use_pay_method == "100000000000") { // 신용카드 + if ($use_pay_method == "100000000000" && (in_array($od_settle_case, array('신용카드', '간편결제')))) { // 신용카드 $kcp_pay_type = 'PACA'; - } else if ($use_pay_method == "010000000000") { // 계좌이체 + } else if ($use_pay_method == "010000000000" && $od_settle_case === '계좌이체') { // 계좌이체 $kcp_pay_type = 'PABK'; - } else if ($use_pay_method == "001000000000") { // 가상계좌 + } else if ($use_pay_method == "001000000000" && $od_settle_case === '가상계좌') { // 가상계좌 $kcp_pay_type = 'PAVC'; - } else if ($use_pay_method == "000010000000") { // 휴대폰 + } else if ($use_pay_method == "000010000000" && $od_settle_case === '휴대폰') { // 휴대폰 $kcp_pay_type = 'PAMC'; } diff --git a/shop/kcp/pp_ax_hub.php b/shop/kcp/pp_ax_hub.php index 12d446fa7..4e7606ef4 100644 --- a/shop/kcp/pp_ax_hub.php +++ b/shop/kcp/pp_ax_hub.php @@ -149,13 +149,13 @@ if ( $req_tx == "pay" ) $kcp_pay_type = ''; // 결제수단 검증 파라미터 pay_type (신용카드 : PACA, 계좌이체 : PABK, 가상계좌 : PAVC, 휴대폰 : PAMC) - if ($use_pay_method == "100000000000") { // 신용카드 + if ($use_pay_method == "100000000000" && (in_array($od_settle_case, array('신용카드', '간편결제')))) { // 신용카드 $kcp_pay_type = 'PACA'; - } else if ($use_pay_method == "010000000000") { // 계좌이체 + } else if ($use_pay_method == "010000000000" && $od_settle_case === '계좌이체') { // 계좌이체 $kcp_pay_type = 'PABK'; - } else if ($use_pay_method == "001000000000") { // 가상계좌 + } else if ($use_pay_method == "001000000000" && $od_settle_case === '가상계좌') { // 가상계좌 $kcp_pay_type = 'PAVC'; - } else if ($use_pay_method == "000010000000") { // 휴대폰 + } else if ($use_pay_method == "000010000000" && $od_settle_case === '휴대폰') { // 휴대폰 $kcp_pay_type = 'PAMC'; } From 68dc0bd4ecf2a5412156930ddb92de570cfabfd5 Mon Sep 17 00:00:00 2001 From: thisgun Date: Fri, 31 May 2024 19:23:42 +0900 Subject: [PATCH 08/18] =?UTF-8?q?KG=EC=9D=B4=EB=8B=88=EC=8B=9C=EC=8A=A4=20?= =?UTF-8?q?MID=20SEED=EB=8C=80=EC=B9=AD=ED=82=A4=20=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- adm/config_form.php | 2 +- extend/default.config.php | 2 +- install/gnuboard5.sql | 2 +- plugin/inicert/ini_result.php | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/adm/config_form.php b/adm/config_form.php index 32a180bb9..28ab4217f 100644 --- a/adm/config_form.php +++ b/adm/config_form.php @@ -411,7 +411,7 @@ if (!isset($config['cf_cert_kg_mid'])) { } if (!isset($config['cf_cert_use_seed'])) { $sql = "ALTER TABLE `{$g5['config_table']}` - ADD COLUMN `cf_cert_use_seed` TINYINT(4) NOT NULL DEFAULT '0' AFTER `cf_cert_kg_mid`; "; + ADD COLUMN `cf_cert_use_seed` TINYINT(4) NOT NULL DEFAULT '1' AFTER `cf_cert_kg_mid`; "; sql_query($sql, false); } if (!$config['cf_faq_skin']) { diff --git a/extend/default.config.php b/extend/default.config.php index f634e939f..da6dc8356 100644 --- a/extend/default.config.php +++ b/extend/default.config.php @@ -1,7 +1,7 @@ no_profile'); diff --git a/install/gnuboard5.sql b/install/gnuboard5.sql index 060375457..617df0ebd 100644 --- a/install/gnuboard5.sql +++ b/install/gnuboard5.sql @@ -292,7 +292,7 @@ CREATE TABLE IF NOT EXISTS `g5_config` ( `cf_cert_simple` varchar(255) NOT NULL DEFAULT '', `cf_cert_kg_cd` varchar(255) NOT NULL DEFAULT '', `cf_cert_kg_mid` varchar(255) NOT NULL DEFAULT '', - `cf_cert_use_seed` tinyint(4) NOT NULL DEFAULT '0', + `cf_cert_use_seed` tinyint(4) NOT NULL DEFAULT '1', `cf_cert_kcb_cd` varchar(255) NOT NULL DEFAULT '', `cf_cert_kcp_cd` varchar(255) NOT NULL DEFAULT '', `cf_lg_mid` varchar(100) NOT NULL DEFAULT '', diff --git a/plugin/inicert/ini_result.php b/plugin/inicert/ini_result.php index 2299c6b9a..9649696a2 100644 --- a/plugin/inicert/ini_result.php +++ b/plugin/inicert/ini_result.php @@ -6,7 +6,7 @@ require_once (dirname(__FILE__) .'/libs/INILib.php'); $txId = isset($_POST['txId']) ? clean_xss_tags($_POST['txId'], 1, 1) : ''; $mid = substr($txId, 6, 10); $SEEDKEY = isset($_POST['token']) ? clean_xss_tags($_POST['token'], 1, 1) : ''; -$SEEDIV = "SASKGINICIS00000"; +$SEEDIV = 'SASHOSTSIRIAS000'; if ($txId && isset($_POST["resultCode"]) && $_POST["resultCode"] === "0000") { From 3fd8740c920e9157bc09d1701105e294707f1e65 Mon Sep 17 00:00:00 2001 From: thisgun Date: Mon, 3 Jun 2024 12:39:48 +0900 Subject: [PATCH 09/18] =?UTF-8?q?=EA=B4=80=EB=A6=AC=EC=9E=90=20=EA=B8=B0?= =?UTF-8?q?=EB=B3=B8=ED=99=98=EA=B2=BD=EC=84=A4=EC=A0=95=EC=97=90=EC=84=9C?= =?UTF-8?q?=20=EB=B6=88=ED=95=84=EC=9A=94=ED=95=9C=20=EC=BD=94=EB=93=9C=20?= =?UTF-8?q?=EC=A0=9C=EA=B1=B0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- adm/config_form_update.php | 17 ++++++++--------- lib/common.lib.php | 4 ++++ 2 files changed, 12 insertions(+), 9 deletions(-) diff --git a/adm/config_form_update.php b/adm/config_form_update.php index cfe8e16cb..81186b371 100644 --- a/adm/config_form_update.php +++ b/adm/config_form_update.php @@ -12,7 +12,6 @@ if ($is_admin != 'super') { $cf_title = isset($_POST['cf_title']) ? strip_tags(clean_xss_attributes($_POST['cf_title'])) : ''; $cf_admin = isset($_POST['cf_admin']) ? clean_xss_tags($_POST['cf_admin'], 1, 1) : ''; -$posts = array(); $mb = get_member($cf_admin); @@ -28,11 +27,11 @@ $check_keys = array('cf_cert_kcb_cd', 'cf_cert_kcp_cd', 'cf_editor', 'cf_recaptc foreach ($check_keys as $key) { if (isset($_POST[$key]) && $_POST[$key]) { - $posts[$key] = $_POST[$key] = preg_replace('/[^a-z0-9_\-\.]/i', '', $_POST[$key]); + $_POST[$key] = preg_replace('/[^a-z0-9_\-\.]/i', '', $_POST[$key]); } } -$posts['cf_icode_server_port'] = $_POST['cf_icode_server_port'] = isset($_POST['cf_icode_server_port']) ? preg_replace('/[^0-9]/', '', $_POST['cf_icode_server_port']) : '7295'; +$_POST['cf_icode_server_port'] = isset($_POST['cf_icode_server_port']) ? preg_replace('/[^0-9]/', '', $_POST['cf_icode_server_port']) : '7295'; if (isset($_POST['cf_intercept_ip']) && $_POST['cf_intercept_ip']) { $pattern = explode("\n", trim($_POST['cf_intercept_ip'])); @@ -165,12 +164,12 @@ for ($i = 1; $i <= 10; $i++) { foreach ($check_keys as $k => $v) { if ($v === 'int') { - $posts[$key] = $_POST[$k] = isset($_POST[$k]) ? (int) $_POST[$k] : 0; + $_POST[$k] = isset($_POST[$k]) ? (int) $_POST[$k] : 0; } else { if (in_array($k, array('cf_analytics', 'cf_add_meta', 'cf_add_script', 'cf_stipulation', 'cf_privacy'))) { - $posts[$key] = $_POST[$k] = isset($_POST[$k]) ? $_POST[$k] : ''; + $_POST[$k] = isset($_POST[$k]) ? $_POST[$k] : ''; } else { - $posts[$key] = $_POST[$k] = isset($_POST[$k]) ? strip_tags(clean_xss_attributes($_POST[$k])) : ''; + $_POST[$k] = isset($_POST[$k]) ? strip_tags(clean_xss_attributes($_POST[$k])) : ''; } } } @@ -181,9 +180,9 @@ if ($_POST['cf_cert_use'] && !$_POST['cf_cert_ipin'] && !$_POST['cf_cert_hp'] && } if (!$_POST['cf_cert_use']) { - $posts[$key] = $_POST['cf_cert_ipin'] = ''; - $posts[$key] = $_POST['cf_cert_hp'] = ''; - $posts[$key] = $_POST['cf_cert_simple'] = ''; + $_POST['cf_cert_ipin'] = ''; + $_POST['cf_cert_hp'] = ''; + $_POST['cf_cert_simple'] = ''; } $sql = " update {$g5['config_table']} diff --git a/lib/common.lib.php b/lib/common.lib.php index 059f775ca..5d1247e81 100644 --- a/lib/common.lib.php +++ b/lib/common.lib.php @@ -1320,6 +1320,10 @@ function delete_point($mb_id, $rel_table, $rel_id, $rel_action) and po_rel_action = '$rel_action' "; $row = sql_fetch($sql); + if (! (isset($row['po_id']) && $row['po_id'])) { + return true; + } + if(isset($row['po_point']) && $row['po_point'] < 0) { $mb_id = $row['mb_id']; $po_point = abs($row['po_point']); From f4dfbacf0316746518195f441a5c7a9e98c7a46a Mon Sep 17 00:00:00 2001 From: thisgun Date: Tue, 4 Jun 2024 10:25:59 +0900 Subject: [PATCH 10/18] =?UTF-8?q?=EA=B8=80=EB=B3=B5=EC=82=AC=20sql=20query?= =?UTF-8?q?=EC=97=90=20=EB=B3=8B=EC=B9=AD=20as=20=EC=B6=94=EA=B0=80=20?= =?UTF-8?q?=EB=B0=8F=20=ED=8F=AC=EC=9D=B8=ED=8A=B8=20=EC=97=85=EB=8D=B0?= =?UTF-8?q?=EC=9D=B4=ED=8A=B8=20=EC=BD=94=EB=93=9C=20=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- bbs/move_update.php | 2 +- bbs/poll_update.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/bbs/move_update.php b/bbs/move_update.php index cbef072da..7c417f606 100644 --- a/bbs/move_update.php +++ b/bbs/move_update.php @@ -80,7 +80,7 @@ while ($row = sql_fetch_array($result)) } $sql = " insert into $move_write_table - set wr_num = " . ($next_wr_num ? "'$next_wr_num'" : "(SELECT IFNULL(MIN(wr_num) - 1, -1) FROM $move_write_table sq) ") . ", + set wr_num = " . ($next_wr_num ? "'$next_wr_num'" : "(SELECT IFNULL(MIN(wr_num) - 1, -1) FROM $move_write_table as sq) ") . ", wr_reply = '{$row2['wr_reply']}', wr_is_comment = '{$row2['wr_is_comment']}', wr_comment = '{$row2['wr_comment']}', diff --git a/bbs/poll_update.php b/bbs/poll_update.php index cca29431b..d6fb5d809 100644 --- a/bbs/poll_update.php +++ b/bbs/poll_update.php @@ -3,7 +3,7 @@ include_once('./_common.php'); $po_id = isset($_POST['po_id']) ? preg_replace('/[^0-9]/', '', $_POST['po_id']) : 0; -$po = sql_fetch(" select * from {$g5['poll_table']} where po_id = '{$_POST['po_id']}' "); +$po = sql_fetch(" select * from {$g5['poll_table']} where po_id = '$po_id' "); if (! (isset($po['po_id']) && $po['po_id'])) alert('po_id 값이 제대로 넘어오지 않았습니다.'); From 0ded1df66db2c74f7858061dbc9bca5cdaf6a5ee Mon Sep 17 00:00:00 2001 From: thisgun Date: Tue, 4 Jun 2024 11:27:16 +0900 Subject: [PATCH 11/18] =?UTF-8?q?=EC=82=BC=ED=92=88=EC=9E=AC=EA=B3=A0?= =?UTF-8?q?=EA=B4=80=EB=A6=AC=EA=B0=80=20=EC=A0=9C=EB=8C=80=EB=A1=9C=20?= =?UTF-8?q?=ED=91=9C=EC=8B=9C=EB=90=98=EC=A7=80=20=EC=95=8A=EB=8A=94=20?= =?UTF-8?q?=EB=AC=B8=EC=A0=9C=20=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- adm/shop_admin/itemstocklist.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/adm/shop_admin/itemstocklist.php b/adm/shop_admin/itemstocklist.php index 314192d85..93fe0f6e6 100644 --- a/adm/shop_admin/itemstocklist.php +++ b/adm/shop_admin/itemstocklist.php @@ -35,7 +35,7 @@ $sql_common .= $sql_search; // 테이블의 전체 레코드수만 얻음 $sql = " select count(*) as cnt " . $sql_common; $row = sql_fetch($sql); -$total_count = $row['cnt']; +$total_count = isset($row['cnt']) ? $row['cnt'] : 0; $rows = $config['cf_page_rows']; $total_page = ceil($total_count / $rows); // 전체 페이지 계산 @@ -171,7 +171,7 @@ $listall = '전체목 - + From ed6b7f332625ae53db07600b0e9a7da4f8ee7461 Mon Sep 17 00:00:00 2001 From: thisgun Date: Tue, 4 Jun 2024 17:38:33 +0900 Subject: [PATCH 12/18] =?UTF-8?q?=EA=B8=80=EC=93=B0=EA=B8=B0=20=EC=9E=84?= =?UTF-8?q?=EC=8B=9C=EC=A0=80=EC=9E=A5=EA=B3=BC=20=EC=AA=BD=EC=A7=80?= =?UTF-8?q?=EC=93=B0=EA=B8=B0=20=EC=BD=94=EB=93=9C=20=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- bbs/ajax.autosave.php | 4 ++-- bbs/memo_form_update.php | 14 +++++++++----- 2 files changed, 11 insertions(+), 7 deletions(-) diff --git a/bbs/ajax.autosave.php b/bbs/ajax.autosave.php index 1e01c798a..3eddb39ca 100644 --- a/bbs/ajax.autosave.php +++ b/bbs/ajax.autosave.php @@ -4,8 +4,8 @@ include_once('./_common.php'); if (!$is_member) die('0'); $uid = isset($_REQUEST['uid']) ? preg_replace('/[^0-9]/', '', $_REQUEST['uid']) : 0; -$subject = isset($_REQUEST['subject']) ? trim($_REQUEST['subject']) : ''; -$content = isset($_REQUEST['content']) ? trim($_REQUEST['content']) : ''; +$subject = isset($_REQUEST['subject']) ? preg_replace("#[\\\]+$#", "", substr(trim($_POST['subject']),0,255)) : ''; +$content = isset($_REQUEST['content']) ? preg_replace("#[\\\]+$#", "", substr(trim($_POST['content']),0,65536)) : ''; if ($subject && $content) { $sql = " select count(*) as cnt from {$g5['autosave_table']} where mb_id = '{$member['mb_id']}' and as_subject = '$subject' and as_content = '$content' "; diff --git a/bbs/memo_form_update.php b/bbs/memo_form_update.php index 42263fce5..4397e4503 100644 --- a/bbs/memo_form_update.php +++ b/bbs/memo_form_update.php @@ -14,24 +14,28 @@ $str_nick_list = ''; $msg = ''; $error_list = array(); $member_list = array('id'=>array(), 'nick'=>array()); +$me_memo = isset($_POST['me_memo']) ? preg_replace("#[\\\]+$#", "", substr(trim($_POST['me_memo']),0,65536)) : ''; run_event('memo_form_update_before', $recv_list); for ($i=0; $i Date: Tue, 4 Jun 2024 17:59:20 +0900 Subject: [PATCH 13/18] =?UTF-8?q?=EC=86=8C=EC=85=9C=EB=A1=9C=EA=B7=B8?= =?UTF-8?q?=EC=9D=B8=20=ED=83=80=EC=9E=84=EC=95=84=EC=9B=83=20=EC=84=A4?= =?UTF-8?q?=EC=A0=95=ED=83=80=EC=9E=84=20=EC=88=98=EC=A0=95=20#315?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- plugin/social/Hybrid/thirdparty/OAuth/OAuth1Client.php | 5 +++-- plugin/social/Hybrid/thirdparty/OAuth/OAuth2Client.php | 5 +++-- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/plugin/social/Hybrid/thirdparty/OAuth/OAuth1Client.php b/plugin/social/Hybrid/thirdparty/OAuth/OAuth1Client.php index 64c03c87d..8b09187f1 100644 --- a/plugin/social/Hybrid/thirdparty/OAuth/OAuth1Client.php +++ b/plugin/social/Hybrid/thirdparty/OAuth/OAuth1Client.php @@ -20,8 +20,8 @@ class OAuth1Client{ public $redirect_uri = ""; public $decode_json = true; - public $curl_time_out = 30; - public $curl_connect_time_out = 30; + public $curl_time_out = 10; + public $curl_connect_time_out = 15; public $curl_ssl_verifypeer = false; public $curl_auth_header = true; public $curl_useragent = "OAuth/1 Simple PHP Client v0.1; HybridAuth http://hybridauth.sourceforge.net/"; @@ -194,6 +194,7 @@ class OAuth1Client{ curl_setopt( $ci, CURLOPT_USERAGENT , $this->curl_useragent ); curl_setopt( $ci, CURLOPT_CONNECTTIMEOUT, $this->curl_connect_time_out ); curl_setopt( $ci, CURLOPT_TIMEOUT , $this->curl_time_out ); + curl_setopt( $ci, CURLOPT_MAXREDIRS , 10); curl_setopt( $ci, CURLOPT_RETURNTRANSFER, true ); curl_setopt( $ci, CURLOPT_HTTPHEADER , array('Expect:') ); curl_setopt( $ci, CURLOPT_SSL_VERIFYPEER, $this->curl_ssl_verifypeer ); diff --git a/plugin/social/Hybrid/thirdparty/OAuth/OAuth2Client.php b/plugin/social/Hybrid/thirdparty/OAuth/OAuth2Client.php index 0046d2c58..7c6deee4a 100644 --- a/plugin/social/Hybrid/thirdparty/OAuth/OAuth2Client.php +++ b/plugin/social/Hybrid/thirdparty/OAuth/OAuth2Client.php @@ -26,8 +26,8 @@ class OAuth2Client //-- public $sign_token_name = "access_token"; - public $curl_time_out = 30; - public $curl_connect_time_out = 30; + public $curl_time_out = 10; + public $curl_connect_time_out = 15; public $curl_ssl_verifypeer = false; public $curl_ssl_verifyhost = false; public $curl_header = array(); @@ -221,6 +221,7 @@ class OAuth2Client curl_setopt($ch, CURLOPT_TIMEOUT , $this->curl_time_out ); curl_setopt($ch, CURLOPT_USERAGENT , $this->curl_useragent ); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT , $this->curl_connect_time_out ); + curl_setopt($ch, CURLOPT_MAXREDIRS , 10); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER , $this->curl_ssl_verifypeer ); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST , $this->curl_ssl_verifyhost ); curl_setopt($ch, CURLOPT_HTTPHEADER , $this->curl_header ); From 940e701fa460785f6cbf5cec5dbe60faf1df7f8b Mon Sep 17 00:00:00 2001 From: thisgun Date: Tue, 4 Jun 2024 18:48:56 +0900 Subject: [PATCH 14/18] =?UTF-8?q?=EA=B4=80=EB=A6=AC=EC=9E=90=20=ED=9A=8C?= =?UTF-8?q?=EC=9B=90=EA=B4=80=EB=A6=AC=EC=97=90=EC=84=9C=20PHP=20WARNING?= =?UTF-8?q?=20=EA=B2=BD=EA=B3=A0=EB=AC=B8=EC=9D=B4=20=EB=82=98=EC=98=A4?= =?UTF-8?q?=EB=8A=94=20=EC=BD=94=EB=93=9C=20=EC=88=98=EC=A0=95=20#316?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- adm/member_form.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/adm/member_form.php b/adm/member_form.php index 16694b3fd..a249b2184 100644 --- a/adm/member_form.php +++ b/adm/member_form.php @@ -205,7 +205,7 @@ if (isset($mb_id) && $mb_id) { if ($mb['mb_intercept_date']) { $g5['title'] = "차단된 "; } else { - $g5['title'] .= ""; + $g5['title'] = ""; } $g5['title'] .= '회원 ' . $html_title; require_once './admin.head.php'; From e03e01d41098f6a42788e53cb8bd5894ce47cd15 Mon Sep 17 00:00:00 2001 From: thisgun Date: Wed, 5 Jun 2024 14:56:50 +0900 Subject: [PATCH 15/18] =?UTF-8?q?Open=20Redirect=20=EC=B7=A8=EC=95=BD?= =?UTF-8?q?=EC=A0=90=20=EC=88=98=EC=A0=95=20#318?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- bbs/member_confirm.php | 4 ++++ lib/common.lib.php | 21 +++++++++++++++++++++ 2 files changed, 25 insertions(+) diff --git a/bbs/member_confirm.php b/bbs/member_confirm.php index c46121e05..e3041527e 100644 --- a/bbs/member_confirm.php +++ b/bbs/member_confirm.php @@ -31,6 +31,10 @@ if($url){ if( preg_match('#^/{3,}#', $url) ){ $url = preg_replace('#^/{3,}#', '/', $url); } + + if (function_exists('safe_filter_url_host')) { + $url = safe_filter_url_host($url); + } } $url = get_text($url); diff --git a/lib/common.lib.php b/lib/common.lib.php index 5d1247e81..124335ce9 100644 --- a/lib/common.lib.php +++ b/lib/common.lib.php @@ -102,6 +102,10 @@ function goto_url($url) { run_event('goto_url', $url); + if (function_exists('safe_filter_url_host')) { + $url = safe_filter_url_host($url); + } + $url = str_replace("&", "&", $url); //echo ""; @@ -182,6 +186,10 @@ function alert($msg='', $url='', $error=true, $post=false) run_event('alert', $msg, $url, $error, $post); + if (function_exists('safe_filter_url_host')) { + $url = safe_filter_url_host($url); + } + $msg = $msg ? strip_tags($msg, '
') : '올바른 방법으로 이용해 주십시오.'; $header = ''; @@ -220,6 +228,12 @@ function confirm($msg, $url1='', $url2='', $url3='') alert($msg); } + if (function_exists('safe_filter_url_host')) { + $url1 = safe_filter_url_host($url1); + $url2 = safe_filter_url_host($url2); + $url3 = safe_filter_url_host($url3); + } + if(!trim($url1) || !trim($url2)) { $msg = '$url1 과 $url2 를 지정해 주세요.'; alert($msg); @@ -3598,6 +3612,13 @@ function login_password_check($mb, $pass, $hash) return check_password($pass, $hash); } +function safe_filter_url_host($url) { + + $regex = run_replace('safe_filter_url_regex', '\\', $url); + + return $regex ? preg_replace('#'. preg_quote($regex, '#') .'#iu', '', $url) : ''; +} + // 동일한 host url 인지 function check_url_host($url, $msg='', $return_url=G5_URL, $is_redirect=false) { From 56615a5e9ecdb3b145b1c81efd3de006dab87bd3 Mon Sep 17 00:00:00 2001 From: thisgun Date: Fri, 7 Jun 2024 12:24:41 +0900 Subject: [PATCH 16/18] =?UTF-8?q?=EB=B9=84=ED=9A=8C=EC=9B=90=EC=9D=B8=20?= =?UTF-8?q?=EC=83=81=ED=83=9C=EC=97=90=EC=84=9C=20=EC=9E=A5=EB=B0=94?= =?UTF-8?q?=EA=B5=AC=EB=8B=88=EC=97=90=EC=84=9C=20=EC=A3=BC=EB=AC=B8?= =?UTF-8?q?=ED=95=98=EA=B8=B0=20=ED=9B=84=20=EB=A1=9C=EA=B7=B8=EC=9D=B8?= =?UTF-8?q?=ED=95=98=EB=A9=B4=20=EC=9E=A5=EB=B0=94=EA=B5=AC=EB=8B=88?= =?UTF-8?q?=EA=B0=80=20=EB=B9=84=EC=96=B4=EC=9E=88=EB=8A=94=20=EB=AC=B8?= =?UTF-8?q?=EC=A0=9C=20=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- bbs/login_check.php | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/bbs/login_check.php b/bbs/login_check.php index 3882f38c0..c34c44ce2 100644 --- a/bbs/login_check.php +++ b/bbs/login_check.php @@ -147,8 +147,16 @@ if(function_exists('set_cart_id')){ cart_item_clean(); set_cart_id(''); $s_cart_id = get_session('ss_cart_id'); + + $add_cart_where = ''; + + // 장바구니에서 주문하기를 하는 경우 + if (strpos($link, 'orderform.php') !== false) { + $add_cart_where = " and ct_select_time < '".date('Y-m-d H:i:s', strtotime('-1 hour', G5_SERVER_TIME))."' "; + } + // 선택필드 초기화 - $sql = " update {$g5['g5_shop_cart_table']} set ct_select = '0' where od_id = '$s_cart_id' "; + $sql = " update {$g5['g5_shop_cart_table']} set ct_select = '0' where od_id = '$s_cart_id' $add_cart_where "; sql_query($sql); } From 08df8728632379ddfc40f4fb45792002fa06e9fd Mon Sep 17 00:00:00 2001 From: thisgun Date: Fri, 7 Jun 2024 12:31:17 +0900 Subject: [PATCH 17/18] =?UTF-8?q?HTMLPurifier=5FFilter=5Fiframevideo=20?= =?UTF-8?q?=ED=81=B4=EB=9E=98=EC=8A=A4=EB=AA=85=EC=9D=98=20=EB=8C=80?= =?UTF-8?q?=EC=86=8C=EB=AC=B8=EC=9E=90=20=EB=B6=88=EC=9D=BC=EC=B9=98=20?= =?UTF-8?q?=EC=88=98=EC=A0=95#324?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- plugin/htmlpurifier/extend.video.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/plugin/htmlpurifier/extend.video.php b/plugin/htmlpurifier/extend.video.php index 81b4aea0e..5c8ec59d2 100644 --- a/plugin/htmlpurifier/extend.video.php +++ b/plugin/htmlpurifier/extend.video.php @@ -8,7 +8,7 @@ if (!defined('_GNUBOARD_')) exit; // 개별 페이지 접근 불가 */ if( !class_exists('HTMLPurifier_Filter_Iframevideo') ){ - class HTMLPurifier_Filter_iframevideo extends HTMLPurifier_Filter + class HTMLPurifier_Filter_Iframevideo extends HTMLPurifier_Filter { public $name = 'Iframevideo'; From 62c0803cf5a96b00775fac61a3ef68b21250b65c Mon Sep 17 00:00:00 2001 From: thisgun Date: Fri, 7 Jun 2024 12:38:32 +0900 Subject: [PATCH 18/18] =?UTF-8?q?=EC=B4=88=EA=B8=B0=ED=99=94=EB=90=98?= =?UTF-8?q?=EC=A7=80=20=EC=95=8A=EC=9D=80=20=20=EB=B3=80=EC=88=98=20?= =?UTF-8?q?=EC=88=98=EC=A0=95=20#325?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- lib/get_data.lib.php | 2 ++ 1 file changed, 2 insertions(+) diff --git a/lib/get_data.lib.php b/lib/get_data.lib.php index 4e6b8bc49..4de6b353e 100644 --- a/lib/get_data.lib.php +++ b/lib/get_data.lib.php @@ -145,6 +145,8 @@ function get_content_by_field($write_table, $type='bbs', $where_field='', $where { global $g5, $g5_object; + static $cache = array(); + $order_key = 'wr_id'; if( $type === 'content' ){