firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

sms5 auth 체크 함수 수정 및 기타 문제 수정

Browse Source
This commit is contained in:
thisgun
2014-04-16 15:51:24 +09:00
parent f5583edec7
commit 87014a0c5c
9 changed files with 20 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
adm/sms_admin/ajax.hp_chk.php
View File

@ -10,9 +10,7 @@ if( !function_exists('json_encode') ) {
} }
} }
if( $auth_check = ajax_auth_check($auth[$sub_menu], "r") ){ ajax_auth_check($auth[$sub_menu], "r");
die("{\"error\":\"$auth_check\"}");
}
$err = ''; $err = '';
$arr_ajax_msg = array(); $arr_ajax_msg = array();

4
adm/sms_admin/ajax.sms_write_form.php
View File

@ -10,9 +10,7 @@ if( !function_exists('json_encode') ) {
} }
} }
if( $auth_check = ajax_auth_check($auth[$sub_menu], "r") ){ ajax_auth_check($auth[$sub_menu], "r");
die("{\"error\":\"$auth_check\"}");
}
$page_size = 6; $page_size = 6;

4
adm/sms_admin/ajax.sms_write_level.php
View File

@ -10,9 +10,7 @@ if( !function_exists('json_encode') ) {
} }
} }
if( $auth_check = ajax_auth_check($auth[$sub_menu], "r") ){ ajax_auth_check($auth[$sub_menu], "r");
die("{\"error\":\"$auth_check\"}");
}
$lev = array(); $lev = array();

4
adm/sms_admin/ajax.sms_write_person.php
View File

@ -5,9 +5,7 @@ include_once("./_common.php");
$page_size = 10; $page_size = 10;
$colspan = 5; $colspan = 5;
if( $auth_check = ajax_auth_check($auth[$sub_menu], "r") ){ auth_check($auth[$sub_menu], "r");
die("{\"error\":\"$auth_check\"}");
}
$g5['title'] = "휴대폰번호 관리"; $g5['title'] = "휴대폰번호 관리";

6
adm/sms_admin/member_update_run.php
View File

@ -10,7 +10,11 @@ if( !function_exists('json_encode') ) {
} }
} }
auth_check($auth[$sub_menu], "w"); if( $mtype == "json" ){
ajax_auth_check($auth[$sub_menu], "w");
} else {
auth_check($auth[$sub_menu], "w");
}
$count = 0; $count = 0;
$hp_yes = 0; $hp_yes = 0;

4
adm/sms_admin/sms_write.php
View File

@ -452,7 +452,7 @@ hp_list.options[hp_list.length] = new Option(item, value);
<?php <?php
if ($fo_no) { if ($fo_no) {
$row = sql_fetch("select * from {$g5['sms5_form_table']} where fo_no='$fo_no'"); $row = sql_fetch("select * from {$g5['sms5_form_table']} where fo_no='$fo_no'");
$fo_content = str_replace("\r\n", "\\n", $row['fo_content']); $fo_content = str_replace(array("\r\n","\n"), "\\n", $row['fo_content']);
echo "add(\"$fo_content\");"; echo "add(\"$fo_content\");";
} }
?> ?>
@ -472,7 +472,7 @@ if ($wr_no)
echo "var hp_list = document.getElementById('hp_list');\n"; echo "var hp_list = document.getElementById('hp_list');\n";
//echo "add(\"$row[wr_message]\");\n"; //echo "add(\"$row[wr_message]\");\n";
$wr_message = str_replace('"', '\"', $row['wr_message']); $wr_message = str_replace('"', '\"', $row['wr_message']);
$wr_message = str_replace("\r\n", "\\n", $wr_message); $wr_message = str_replace(array("\r\n","\n"), "\\n", $wr_message);
echo "add(\"$wr_message\");\n"; echo "add(\"$wr_message\");\n";
echo "document.getElementById('wr_reply').value = '{$row['wr_reply']}';\n"; echo "document.getElementById('wr_reply').value = '{$row['wr_reply']}';\n";

4
adm/sms_admin/sms_write_send.php
View File

@ -134,7 +134,7 @@ $SMS = new SMS5;
$SMS->SMS_con($config['cf_icode_server_ip'], $config['cf_icode_id'], $config['cf_icode_pw'], $config['cf_icode_server_port']); $SMS->SMS_con($config['cf_icode_server_ip'], $config['cf_icode_id'], $config['cf_icode_pw'], $config['cf_icode_server_port']);
$reply = str_replace('-', '', trim($wr_reply)); $reply = str_replace('-', '', trim($wr_reply));
$wr_message = str_replace('\r\n', PHP_EOL, $wr_message); // common.php 에서 mysql_real_escape_string 함수로 인해 수정 $wr_message = conv_unescape_nl($wr_message);
$result = $SMS->Add($list, $reply, '', '', $wr_message, $booking, $wr_total); $result = $SMS->Add($list, $reply, '', '', $wr_message, $booking, $wr_total);
@ -200,7 +200,7 @@ if ($result)
$log = array_shift($SMS->Log); $log = array_shift($SMS->Log);
sql_query("insert into {$g5['sms5_history_table']} set wr_no='$wr_no', wr_renum=0, bg_no='{$row['bg_no']}', mb_id='{$row['mb_id']}', bk_no='{$row['bk_no']}', hs_name='".addslashes($row['bk_name'])."', hs_hp='{$row['bk_hp']}', hs_datetime='".G5_TIME_YMDHIS."', hs_flag='$hs_flag', hs_code='$hs_code', hs_memo='".addslashes($hs_memo)."', hs_log='".addslashes(stripslashes($log))."'"); sql_query("insert into {$g5['sms5_history_table']} set wr_no='$wr_no', wr_renum=0, bg_no='{$row['bg_no']}', mb_id='{$row['mb_id']}', bk_no='{$row['bk_no']}', hs_name='".addslashes($row['bk_name'])."', hs_hp='{$row['bk_hp']}', hs_datetime='".G5_TIME_YMDHIS."', hs_flag='$hs_flag', hs_code='$hs_code', hs_memo='".addslashes($hs_memo)."', hs_log='".addslashes($log)."'");
} }
$SMS->Init(); // 보관하고 있던 결과값을 지웁니다. $SMS->Init(); // 보관하고 있던 결과값을 지웁니다.

10
plugin/sms5/sms5.lib.php
View File

@ -68,19 +68,19 @@ function ajax_auth_check($auth, $attr)
if ($is_admin == 'super') return; if ($is_admin == 'super') return;
if (!trim($auth)) if (!trim($auth))
return '이 메뉴에는 접근 권한이 없습니다.\\n\\n접근 권한은 최고관리자만 부여할 수 있습니다.'; die("{\"error\":\"이 메뉴에는 접근 권한이 없습니다.\\n\\n접근 권한은 최고관리자만 부여할 수 있습니다.\"}");
$attr = strtolower($attr); $attr = strtolower($attr);
if (!strstr($auth, $attr)) { if (!strstr($auth, $attr)) {
if ($attr == 'r') if ($attr == 'r')
return '읽을 권한이 없습니다.'; die("{\"error\":\"읽을 권한이 없습니다.\"}");
else if ($attr == 'w') else if ($attr == 'w')
return '입력, 추가, 생성, 수정 권한이 없습니다.'; die("{\"error\":\"입력, 추가, 생성, 수정 권한이 없습니다.\"}");
else if ($attr == 'd') else if ($attr == 'd')
return '삭제 권한이 없습니다.'; die("{\"error\":\"삭제 권한이 없습니다.\"}");
else else
return '속성이 잘못 되었습니다.'; die("{\"error\":\"속성이 잘못 되었습니다.\"}");
} }
} }

3
plugin/sms5/write_update.php
View File

@ -91,7 +91,8 @@ if ($mh_by && $mh_bm && $mh_bd && $mh_bh && $mh_bi) {
$SMS = new SMS5; $SMS = new SMS5;
$SMS->SMS_con($config['cf_icode_server_ip'], $config['cf_icode_id'], $config['cf_icode_pw'], $config['cf_icode_server_port']); $SMS->SMS_con($config['cf_icode_server_ip'], $config['cf_icode_id'], $config['cf_icode_pw'], $config['cf_icode_server_port']);
$wr_message = str_replace('\r\n', PHP_EOL, $wr_message); // common.php 에서 mysql_real_escape_string 함수로 인해 수정 $mh_message = conv_unescape_nl($mh_message);
$result = $SMS->Add($mh_hp, $mh_reply, '', '', $mh_message, $booking, $total); $result = $SMS->Add($mh_hp, $mh_reply, '', '', $mh_message, $booking, $total);
$is_success = null; $is_success = null;