firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

Merge remote-tracking branch 'origin/master' into inicert

Browse Source
This commit is contained in:
projectSylas
2021-10-01 02:37:43 +00:00
parent 70173fbccb c74c04bf16
commit 8815c4527c
23 changed files with 104 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
bbs/download.php
View File

@ -23,6 +23,7 @@ if (!$file['bf_file'])
alert_close('파일 정보가 존재하지 않습니다.');
// JavaScript 불가일 때
$js = (isset($_GET['js'])) ? $_GET['js'] : '';
if($js != 'on' && $board['bo_download_point'] < 0) {
$msg = $file['bf_source'].' 파일을 다운로드 하시면 포인트가 차감('.number_format($board['bo_download_point']).'점)됩니다.\\n포인트는 게시물당 한번만 차감되며 다음에 다시 다운로드 하셔도 중복하여 차감하지 않습니다.\\n그래도 다운로드 하시겠습니까?';
$url1 = G5_BBS_URL.'/download.php?'.clean_query_string($_SERVER['QUERY_STRING'], false).'&js=on';

28
bbs/qalist.php
View File

@ -58,15 +58,33 @@ if(is_file($skin_file)) {
$stx = trim($stx);
if($stx) {
if (preg_match("/[a-zA-Z]/", $stx))
$sql_search .= " and ( INSTR(LOWER(qa_subject), LOWER('$stx')) > 0 or INSTR(LOWER(qa_content), LOWER('$stx')) > 0 )";
else
$sql_search .= " and ( INSTR(qa_subject, '$stx') > 0 or INSTR(qa_content, '$stx') > 0 ) ";
$sfl = trim($sfl);
if ($sfl) {
switch ($sfl) {
case "qa_subject" :
case "qa_content" :
case "qa_name" :
case "mb_id" :
break;
default :
$sfl = "qa_subject";
}
} else {
$sfl = "qa_subject";
}
$sql_search .= " and (`{$sfl}` like '%{$stx}%') ";
}
// $stx = trim($stx);
// if($stx) {
// if (preg_match("/[a-zA-Z]/", $stx))
// $sql_search .= " and ( INSTR(LOWER(qa_subject), LOWER('$stx')) > 0 or INSTR(LOWER(qa_content), LOWER('$stx')) > 0 )";
// else
// $sql_search .= " and ( INSTR(qa_subject, '$stx') > 0 or INSTR(qa_content, '$stx') > 0 ) ";
// }
$sql_order = " order by qa_num ";
$sql = " select count(*) as cnt
$sql = " select count(*) as cnt
$sql_common
$sql_search ";
$row = sql_fetch($sql);

4
bbs/visit_insert.inc.php
View File

@ -14,7 +14,9 @@ if (get_cookie('ck_visit_ip') != $_SERVER['REMOTE_ADDR'])
$referer = "";
if (isset($_SERVER['HTTP_REFERER']))
$referer = escape_trim(clean_xss_tags(strip_tags($_SERVER['HTTP_REFERER'])));
$user_agent = escape_trim(clean_xss_tags(strip_tags($_SERVER['HTTP_USER_AGENT'])));
$user_agent = '';
if (isset($_SERVER['HTTP_USER_AGENT']))
$user_agent = escape_trim(clean_xss_tags(strip_tags($_SERVER['HTTP_USER_AGENT'])));
$vi_browser = '';
$vi_os = '';
$vi_device = '';

8
bbs/write_update.php
View File

@ -658,7 +658,7 @@ for ($i=(int)$row['max_bf_no']; $i>=0; $i--)
$row2 = sql_fetch(" select bf_file from {$g5['board_file_table']} where bo_table = '{$bo_table}' and wr_id = '{$wr_id}' and bf_no = '{$i}' ");
// 정보가 있다면 빠집니다.
if ($row2['bf_file']) break;
if (isset($row2['bf_file']) && $row2['bf_file']) break;
// 그렇지 않다면 정보를 삭제합니다.
sql_query(" delete from {$g5['board_file_table']} where bo_table = '{$bo_table}' and wr_id = '{$wr_id}' and bf_no = '{$i}' ");
@ -725,8 +725,10 @@ if (!($w == 'u' || $w == 'cu') && $config['cf_email_use'] && $board['bo_use_emai
}
// 옵션에 메일받기가 체크되어 있고, 게시자의 메일이 있다면
if (strstr($wr['wr_option'], 'mail') && $wr['wr_email'])
$array_email[] = $wr['wr_email'];
if (isset($wr['wr_option']) && isset($wr['wr_email'])) {
if (strstr($wr['wr_option'], 'mail') && $wr['wr_email'])
$array_email[] = $wr['wr_email'];
}
// 중복된 메일 주소는 제거
$unique_email = array_unique($array_email);

8
common.php
View File

@ -232,7 +232,7 @@ function chrome_domain_session_name(){
'.maru.net', // 마루호스팅
);
if(preg_match('/('.implode('|', $domain_array).')/i', $_SERVER['HTTP_HOST'])){ // 위의 도메인주소를 포함한 url접속시 기본세션이름을 변경한다.
if(isset($_SERVER['HTTP_HOST']) && preg_match('/('.implode('|', $domain_array).')/i', $_SERVER['HTTP_HOST'])){ // 위의 도메인주소를 포함한 url접속시 기본세션이름을 변경한다.
if(! defined('G5_SESSION_NAME')) define('G5_SESSION_NAME', 'G5PHPSESSID');
@session_name(G5_SESSION_NAME);
}
@ -343,8 +343,10 @@ if( $config['cf_cert_use'] || (defined('G5_YOUNGCART_VER') && G5_YOUNGCART_VER)
$res = @session_start($options);
// IE 브라우저 또는 엣지브라우저 또는 IOS 모바일과 http환경에서는 secure; SameSite=None을 설정하지 않습니다.
if( preg_match('/Edge/i', $_SERVER['HTTP_USER_AGENT']) || preg_match('/(iPhone|iPod|iPad).*AppleWebKit.*Safari/i', $_SERVER['HTTP_USER_AGENT']) || preg_match('~MSIE|Internet Explorer~i', $_SERVER['HTTP_USER_AGENT']) || preg_match('~Trident/7.0(; Touch)?; rv:11.0~',$_SERVER['HTTP_USER_AGENT']) || ! (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS']=='on') ){
return $res;
if (isset($_SERVER['HTTP_USER_AGENT'])) {
if( preg_match('/Edge/i', $_SERVER['HTTP_USER_AGENT']) || preg_match('/(iPhone|iPod|iPad).*AppleWebKit.*Safari/i', $_SERVER['HTTP_USER_AGENT']) || preg_match('~MSIE|Internet Explorer~i', $_SERVER['HTTP_USER_AGENT']) || preg_match('~Trident/7.0(; Touch)?; rv:11.0~',$_SERVER['HTTP_USER_AGENT']) || ! (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS']=='on') ){
return $res;
}
}
$headers = headers_list();

16
lib/common.lib.php
View File

@ -850,12 +850,14 @@ function get_admin($admin='super', $fields='*')
$is = true;
}
if (($is && !$mb['mb_id']) || $admin == 'group') {
// if (($is && !$mb['mb_id']) || $admin == 'group') {
if (($is && !isset($mb['mb_id'])) || $admin == 'group') {
$mb = sql_fetch("select {$fields} from {$g5['member_table']} where mb_id in ('{$group['gr_admin']}') limit 1 ");
$is = true;
}
if (($is && !$mb['mb_id']) || $admin == 'super') {
// if (($is && !$mb['mb_id']) || $admin == 'super') {
if (($is && !isset($mb['mb_id'])) || $admin == 'super') {
$mb = sql_fetch("select {$fields} from {$g5['member_table']} where mb_id in ('{$config['cf_admin']}') limit 1 ");
}
@ -2217,7 +2219,10 @@ function get_checked($field, $value)
function is_mobile()
{
return preg_match('/'.G5_MOBILE_AGENT.'/i', $_SERVER['HTTP_USER_AGENT']);
if (isset($_SERVER['HTTP_USER_AGENT']))
return preg_match('/'.G5_MOBILE_AGENT.'/i', $_SERVER['HTTP_USER_AGENT']);
else
return '';
}
@ -2344,8 +2349,9 @@ function delete_editor_thumbnail($contents)
for($i=0; $i<count($matchs[1]); $i++) {
// 이미지 path 구함
$imgurl = @parse_url($matchs[1][$i]);
$srcfile = dirname(G5_PATH).$imgurl['path'];
if(! preg_match('/(\.jpe?g|\.gif|\.png)$/i', $srcfile)) continue;
// $srcfile = dirname(G5_PATH).$imgurl['path'];
$srcfile = (G5_PATH).$imgurl['path'];
if(!preg_match('/(\.jpe?g|\.gif|\.png|\.webp)$/i', $srcfile)) continue;
$filename = preg_replace("/\.[^\.]+$/i", "", basename($srcfile));
$filepath = dirname($srcfile);
$files = glob($filepath.'/thumb-'.$filename.'*');

14
lib/get_data.lib.php
View File

@ -457,6 +457,20 @@ function get_board_sfl_select_options($sfl){
return run_replace('get_board_sfl_select_options', $str, $sfl);
}
function get_qa_sfl_select_options($sfl) {
global $is_admin;
$str = '';
$str .= '<option value="qa_subject" '.get_selected($sfl, 'qa_subject', true).'>제목</option>';
$str .= '<option value="qa_content" '.get_selected($sfl, 'qa_content').'>내용</option>';
$str .= '<option value="qa_name" '.get_selected($sfl, 'qa_name').'>글쓴이</option>';
if ($is_admin)
$str .= '<option value="mb_id" '.get_selected($sfl, 'mb_id').'>회원아이디</option>';
return run_replace('get_qa_sfl_select_options', $str, $sfl);
}
// 읽지 않은 메모 갯수 반환
function get_memo_not_read($mb_id, $add_where='')
{

3
mobile/shop/inicis/pay_approval.php
View File

@ -182,7 +182,8 @@ if(isset($data['pp_id']) && !empty($data['pp_id'])) {
$P_VACT_NUM = $_POST['P_VACT_NUM'] = isset($PAY['P_VACT_NUM']) ? $PAY['P_VACT_NUM'] : '';
$P_VACT_NAME = $_POST['P_VACT_NAME'] = isset($PAY['P_VACT_NAME']) ? iconv_utf8($PAY['P_VACT_NAME']) : '';
$P_VACT_BANK = $_POST['P_VACT_BANK'] = (isset($PAY['P_VACT_BANK_CODE']) && isset($BANK_CODE[$PAY['P_VACT_BANK_CODE']])) ? $BANK_CODE[$PAY['P_VACT_BANK_CODE']] : '';
$P_CARD_ISSUER = $_POST['P_CARD_ISSUER'] = isset($CARD_CODE[$PAY['P_CARD_ISSUER_CODE']]) ? $CARD_CODE[$PAY['P_CARD_ISSUER_CODE']] : '';
// $P_CARD_ISSUER = $_POST['P_CARD_ISSUER'] = isset($CARD_CODE[$PAY['P_CARD_ISSUER_CODE']]) ? $CARD_CODE[$PAY['P_CARD_ISSUER_CODE']] : '';
$P_CARD_ISSUER = $_POST['P_CARD_ISSUER'] = isset($CARD_CODE[$PAY['P_FN_CD1']]) ? $CARD_CODE[$PAY['P_FN_CD1']] : '';
$P_UNAME = $_POST['P_UNAME'] = isset($PAY['P_UNAME']) ? iconv_utf8($PAY['P_UNAME']) : '';
$check_keys = array('od_name', 'od_tel', 'od_pwd', 'od_hp', 'od_zip', 'od_addr1', 'od_addr2', 'od_addr3', 'od_addr_jibeon', 'od_email', 'ad_default', 'ad_subject', 'od_hope_date', 'od_b_name', 'od_b_tel', 'od_b_hp', 'od_b_zip', 'od_b_addr1', 'od_b_addr2', 'od_b_addr3', 'od_b_addr_jibeon', 'od_memo', 'od_settle_case', 'max_temp_point', 'od_temp_point', 'od_send_cost', 'od_send_cost2', 'od_bank_account', 'od_deposit_name', 'od_test', 'od_ip');

5
mobile/skin/qa/basic/list.skin.php
View File

@ -115,6 +115,11 @@ add_stylesheet('<link rel="stylesheet" href="'.$qa_skin_url.'/style.css">', 0);
<legend>게시물 검색</legend>
<form name="fsearch" method="get">
<input type="hidden" name="sca" value="<?php echo $sca ?>">
<input type="hidden" name="sop" value="and">
<label for="sfl" class="sound_only">검색대상</label>
<select name="sfl" id="sfl">
<?php echo get_qa_sfl_select_options($sfl); ?>
</select>
<label for="stx" class="sound_only">검색어<strong class="sound_only"> 필수</strong></label>
<input type="text" name="stx" value="<?php echo stripslashes($stx) ?>" required placeholder="검색어를 입력하세요" id="stx" class="sch_input" size="15" maxlength="15">
<button type="submit" value="검색" class="sch_btn"><i class="fa fa-search" aria-hidden="true"></i> <span class="sound_only">검색</span></button>

3
mobile/skin/qa/basic/style.css
View File

@ -136,7 +136,8 @@
#bo_sch {background:#fff;border:1px solid #d0d3db;position:relative;margin:10px}
#bo_sch:after {display:block;visibility:hidden;clear:both;content:""}
#bo_sch legend {position:absolute;margin:0;padding:0;font-size:0;line-height:0;text-indent:-9999em;overflow:hidden}
#bo_sch .sch_input {float:left;width:100%;height:38px;border:0;padding:0;background-color:transparent;padding:0 0 0 10px}
#bo_sch select {border:0;height:38px;border-right:1px solid #f8f8f8;float:left;width:30%}
#bo_sch .sch_input {height:38px;border:0;padding:0;background-color:transparent;float:left;width:70%;padding:0 40px 0 10px}
#bo_sch .sch_btn {height:38px;position:absolute;top:0;right:0;border:0;width:40px;background:none;font-size:15px}

4
plugin/editor/cheditor5/imageUpload/upload.php
View File

@ -77,7 +77,7 @@ run_event('cheditor_photo_upload', $data_dir, $data_url);
//
$tempfile = $_FILES['file']['tmp_name'];
$filename = $_FILES['file']['name'];
$filename_len = strrpos($filename, ".");
$type = substr($filename, strrpos($filename, ".")+1);
$found = false;
switch ($type) {
@ -89,7 +89,7 @@ switch ($type) {
$found = true;
}
if ($found != true) {
if ($found != true || $filename_len != 23) {
exit;
}

4
plugin/sns/twitter/redirect.php
View File

@ -13,8 +13,8 @@ $connection = new TwitterOAuth(CONSUMER_KEY, CONSUMER_SECRET);
$request_token = $connection->getRequestToken(OAUTH_CALLBACK);
/* Save temporary credentials to session. */
$_SESSION['oauth_token'] = $token = $request_token['oauth_token'];
$_SESSION['oauth_token_secret'] = $request_token['oauth_token_secret'];
$_SESSION['oauth_token'] = $token = @$request_token['oauth_token'];
$_SESSION['oauth_token_secret'] = @$request_token['oauth_token_secret'];
//print_r2($_SESSION); exit;

2
plugin/sns/twitter/twitteroauth/twitteroauth.php
View File

@ -77,7 +77,7 @@ class TwitterOAuth {
$parameters['oauth_callback'] = $oauth_callback;
$request = $this->oAuthRequest($this->requestTokenURL(), 'GET', $parameters);
$token = OAuthUtil::parse_parameters($request);
$this->token = new OAuthConsumer($token['oauth_token'], $token['oauth_token_secret']);
$this->token = new OAuthConsumer(@$token['oauth_token'], @$token['oauth_token_secret']);
return $token;
}

9
shop/naverpay/naverpay_item.php
View File

@ -7,15 +7,18 @@ $query = $_SERVER['QUERY_STRING'];
$vars = array();
foreach(explode('&', $query) as $pair) {
list($key, $value) = explode('=', $pair);
@list($key, $value) = explode('=', $pair);
$key = urldecode($key);
$value = preg_replace("/[^A-Za-z0-9\-_]/", "", urldecode($value));
$vars[$key][] = $value;
}
$itemIds = $vars['ITEM_ID'];
if (isset($vars['ITEM_ID']))
$itemIds = $vars['ITEM_ID'];
else
$itemIds = array();
if (count($itemIds) < 1) {
if (is_null($itemIds) || count($itemIds) < 1) {
exit('ITEM_ID 는 필수입니다.');
}

2
skin/member/basic/login.skin.php
View File

@ -39,7 +39,7 @@ add_stylesheet('<link rel="stylesheet" href="'.$member_skin_url.'/style.css">',
</div>
<?php // 쇼핑몰 사용시 여기부터 ?>
<?php if ($default['de_level_sell'] == 1) { // 상품구입 권한 ?>
<?php if (isset($default['de_level_sell']) && $default['de_level_sell'] == 1) { // 상품구입 권한 ?>
<!-- 주문하기, 신청하기 -->
<?php if (preg_match("/orderform.php/", $url)) { ?>

5
skin/qa/basic/list.skin.php
View File

@ -41,6 +41,11 @@ add_stylesheet('<link rel="stylesheet" href="'.$qa_skin_url.'/style.css">', 0);
<legend>게시물 검색</legend>
<form name="fsearch" method="get">
<input type="hidden" name="sca" value="<?php echo $sca ?>">
<input type="hidden" name="sop" value="and">
<label for="sfl" class="sound_only">검색대상</label>
<select name="sfl" id="sfl">
<?php echo get_qa_sfl_select_options($sfl); ?>
</select>
<label for="stx" class="sound_only">검색어<strong class="sound_only"> 필수</strong></label>
<div class="sch_bar">
<input type="text" name="stx" value="<?php echo stripslashes($stx); ?>" id="stx" required class="sch_input" size="25" maxlength="15" placeholder=" 검색어를 입력해주세요">

2
skin/qa/basic/style.css
View File

@ -111,7 +111,7 @@ box-shadow:inset 0 2px 5px rgb(33, 135, 202)}
.bo_sch select {border:0;width:100%;height:40px;border:1px solid #d0d3db;border-radius:2px;-webkit-box-shadow:inset 0 1px 1px rgba(0, 0, 0, .075);
-moz-box-shadow:inset 0 1px 1px rgba(0, 0, 0, .075);
box-shadow:inset 0 1px 1px rgba(0, 0, 0, .075)}
.bo_sch .sch_bar {display:inline-block;width:100%;clear:both;border:1px solid #d0d3db;border-radius:2px;-webkit-box-shadow:inset 0 1px 1px rgba(0, 0, 0, .075);
.bo_sch .sch_bar {display:inline-block;width:100%;clear:both;margin-top:15px;border:1px solid #d0d3db;border-radius:2px;-webkit-box-shadow:inset 0 1px 1px rgba(0, 0, 0, .075);
-moz-box-shadow:inset 0 1px 1px rgba(0, 0, 0, .075);
box-shadow:inset 0 1px 1px rgba(0, 0, 0, .075)}
.bo_sch .sch_input {width:250px;height:38px;border:0;padding:0;background-color:transparent;float:left}

2
skin/shop/basic/boxbanner.skin.php
View File

@ -23,7 +23,7 @@ for ($i=0; $row=sql_fetch_array($result); $i++)
$banner = '';
$size = getimagesize($bimg);
echo '<li>'.PHP_EOL;
if ($row['bn_url'][0] == '#')
if (preg_match("/^#/", $row['bn_url']))
$banner .= '<a href="'.$row['bn_url'].'">';
else if ($row['bn_url'] && $row['bn_url'] != 'http://') {
$banner .= '<a href="'.G5_SHOP_URL.'/bannerhit.php?bn_id='.$row['bn_id'].'"'.$bn_new_win.'>';

5
theme/basic/mobile/skin/qa/basic/list.skin.php
View File

@ -115,6 +115,11 @@ add_stylesheet('<link rel="stylesheet" href="'.$qa_skin_url.'/style.css">', 0);
<legend>게시물 검색</legend>
<form name="fsearch" method="get">
<input type="hidden" name="sca" value="<?php echo $sca ?>">
<input type="hidden" name="sop" value="and">
<label for="sfl" class="sound_only">검색대상</label>
<select name="sfl" id="sfl">
<?php echo get_qa_sfl_select_options($sfl); ?>
</select>
<label for="stx" class="sound_only">검색어<strong class="sound_only"> 필수</strong></label>
<input type="text" name="stx" value="<?php echo stripslashes($stx) ?>" required placeholder="검색어를 입력하세요" id="stx" class="sch_input" size="15" maxlength="15">
<button type="submit" value="검색" class="sch_btn"><i class="fa fa-search" aria-hidden="true"></i> <span class="sound_only">검색</span></button>

3
theme/basic/mobile/skin/qa/basic/style.css
View File

@ -136,7 +136,8 @@
#bo_sch {background:#fff;border:1px solid #d0d3db;position:relative;margin:10px}
#bo_sch:after {display:block;visibility:hidden;clear:both;content:""}
#bo_sch legend {position:absolute;margin:0;padding:0;font-size:0;line-height:0;text-indent:-9999em;overflow:hidden}
#bo_sch .sch_input {float:left;width:100%;height:38px;border:0;padding:0;background-color:transparent;padding:0 0 0 10px}
#bo_sch select {border:0;height:38px;border-right:1px solid #f8f8f8;float:left;width:30%}
#bo_sch .sch_input {height:38px;border:0;padding:0;background-color:transparent;float:left;width:70%;padding:0 40px 0 10px}
#bo_sch .sch_btn {height:38px;position:absolute;top:0;right:0;border:0;width:40px;background:none;font-size:15px}

5
theme/basic/skin/qa/basic/list.skin.php
View File

@ -41,6 +41,11 @@ add_stylesheet('<link rel="stylesheet" href="'.$qa_skin_url.'/style.css">', 0);
<legend>게시물 검색</legend>
<form name="fsearch" method="get">
<input type="hidden" name="sca" value="<?php echo $sca ?>">
<input type="hidden" name="sop" value="and">
<label for="sfl" class="sound_only">검색대상</label>
<select name="sfl" id="sfl">
<?php echo get_qa_sfl_select_options($sfl); ?>
</select>
<label for="stx" class="sound_only">검색어<strong class="sound_only"> 필수</strong></label>
<div class="sch_bar">
<input type="text" name="stx" value="<?php echo stripslashes($stx); ?>" id="stx" required class="sch_input" size="25" maxlength="15" placeholder=" 검색어를 입력해주세요">

2
theme/basic/skin/qa/basic/style.css
View File

@ -111,7 +111,7 @@ box-shadow:inset 0 2px 5px rgb(33, 135, 202)}
.bo_sch select {border:0;width:100%;height:40px;border:1px solid #d0d3db;border-radius:2px;-webkit-box-shadow:inset 0 1px 1px rgba(0, 0, 0, .075);
-moz-box-shadow:inset 0 1px 1px rgba(0, 0, 0, .075);
box-shadow:inset 0 1px 1px rgba(0, 0, 0, .075)}
.bo_sch .sch_bar {display:inline-block;width:100%;clear:both;border:1px solid #d0d3db;border-radius:2px;-webkit-box-shadow:inset 0 1px 1px rgba(0, 0, 0, .075);
.bo_sch .sch_bar {display:inline-block;width:100%;clear:both;margin-top:15px;border:1px solid #d0d3db;border-radius:2px;-webkit-box-shadow:inset 0 1px 1px rgba(0, 0, 0, .075);
-moz-box-shadow:inset 0 1px 1px rgba(0, 0, 0, .075);
box-shadow:inset 0 1px 1px rgba(0, 0, 0, .075)}
.bo_sch .sch_input {width:250px;height:38px;border:0;padding:0;background-color:transparent;float:left}

2
version.php
View File

@ -2,7 +2,7 @@
if (!defined('_GNUBOARD_')) exit; // 개별 페이지 접근 불가
define('G5_VERSION', '그누보드5');
define('G5_GNUBOARD_VER', '5.4.15.1');
define('G5_GNUBOARD_VER', '5.4.16');
// 그누보드5.4.5.5 버전과 영카트5.4.5.5.1 버전을 합쳐서 그누보드5.4.6 버전에서 시작함 (kagla-210617)
// G5_YOUNGCART_VER 이 상수를 사용하는 곳이 있으므로 주석 처리 해제함
// 그누보드5.4.6 이상 버전 부터는 영카트를 그누보드에 포함하여 배포하므로 영카트5의 버전은 의미가 없습니다.