From 1e2d4a6502f5e69db90a4f42245532235bfc4dd3 Mon Sep 17 00:00:00 2001 From: gnuboard Date: Sat, 19 Jan 2013 22:23:47 +0900 Subject: [PATCH 1/8] =?UTF-8?q?=ED=9A=8C=EC=9B=90=EC=8A=A4=ED=82=A8?= =?UTF-8?q?=EC=9D=B4=20=EC=A1=B4=EC=9E=AC=ED=95=98=EC=A7=80=20=EC=95=8A?= =?UTF-8?q?=EB=8A=94=20=EA=B2=BD=EC=9A=B0=20=EB=A1=9C=EA=B7=B8=EC=9D=B8?= =?UTF-8?q?=EC=9D=84=20=ED=95=A0=EC=88=98=20=EC=9E=88=EB=8F=84=EB=A1=9D=20?= =?UTF-8?q?=EA=B8=B0=EC=A1=B4=20basic=20=EC=8A=A4=ED=82=A8=EC=9C=BC?= =?UTF-8?q?=EB=A1=9C=20=EB=8C=80=EC=B2=B4?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- bbs/login.php | 6 ++++++ config.php | 1 + lib/common.lib.php | 3 +-- 3 files changed, 8 insertions(+), 2 deletions(-) diff --git a/bbs/login.php b/bbs/login.php index 810663ec0..ac97732c6 100644 --- a/bbs/login.php +++ b/bbs/login.php @@ -48,6 +48,12 @@ if ($g4['https_url']) else $login_action_url = "{$g4['bbs_url']}/login_check.php"; +// 로그인 스킨이 없는 경우 관리자 페이지 접속이 안되는 것을 막기 위하여 기본 스킨으로 대체 +$login_file = $member_skin_path.'/login.skin.php'; +if (!file_exists($login_file)) { + $member_skin_path = $g4['path'].'/'.$g4['skin_dir'].'/member/basic'; +} + include_once($member_skin_path.'/login.skin.php'); include_once('./_tail.sub.php'); diff --git a/config.php b/config.php index 2cf1bdca5..22fbdd87f 100644 --- a/config.php +++ b/config.php @@ -28,6 +28,7 @@ $g4['bbs_path'] = $g4['path'].'/'.$g4['bbs']; $g4['admin'] = 'adm'; $g4['admin_path'] = $g4['path'].'/'.$g4['admin']; +$g4['skin_dir'] = 'skin'; $g4['mobile_dir'] = 'mobile'; // 자주 사용하는 값 diff --git a/lib/common.lib.php b/lib/common.lib.php index e067d5253..e2420eb2b 100644 --- a/lib/common.lib.php +++ b/lib/common.lib.php @@ -1651,8 +1651,7 @@ function get_selected($field, $value, $first=false) function skin_path() { global $g4; - $skin_dir = 'skin'; - $skin_path = $g4['path'].'/'.$skin_dir; + $skin_path = $g4['path'].'/'.$g4['skin_dir']; if (G4_IS_MOBILE) $skin_path = $g4['mobile_path'].'/'.$skin_dir; return $skin_path; } From dc0c463be60ff61c30c5d52611b0884c726081f5 Mon Sep 17 00:00:00 2001 From: gnuboard Date: Sat, 19 Jan 2013 22:39:20 +0900 Subject: [PATCH 2/8] =?UTF-8?q?=EC=B5=9C=EA=B7=BC=EA=B2=8C=EC=8B=9C?= =?UTF-8?q?=EB=AC=BC=205=EA=B1=B4=20=EB=82=98=EC=98=A4=EB=8F=84=EB=A1=9D?= =?UTF-8?q?=20=ED=95=B4=EA=B2=B0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- adm/index.php | 34 ++++++++-------------------------- 1 file changed, 8 insertions(+), 26 deletions(-) diff --git a/adm/index.php b/adm/index.php index ce24f06e2..cf70536ef 100644 --- a/adm/index.php +++ b/adm/index.php @@ -23,36 +23,21 @@ if (!$sst) { $sql_order = " order by {$sst} {$sod} "; -$sql = " select count(*) as cnt - {$sql_common} - {$sql_search} - {$sql_order} "; +$sql = " select count(*) as cnt {$sql_common} {$sql_search} {$sql_order} "; $row = sql_fetch($sql); $total_count = $row['cnt']; // 탈퇴회원수 -$sql = " select count(*) as cnt - {$sql_common} - {$sql_search} - and mb_leave_date <> '' - {$sql_order} "; +$sql = " select count(*) as cnt {$sql_common} {$sql_search} and mb_leave_date <> '' {$sql_order} "; $row = sql_fetch($sql); $leave_count = $row['cnt']; -// 차단회원수 -$sql = " select count(*) as cnt - {$sql_common} - {$sql_search} - and mb_intercept_date <> '' - {$sql_order} "; +// 차단회원수 +$sql = " select count(*) as cnt {$sql_common} {$sql_search} and mb_intercept_date <> '' {$sql_order} "; $row = sql_fetch($sql); $intercept_count = $row['cnt']; -$sql = " select * - {$sql_common} - {$sql_search} - {$sql_order} - limit {$new_member_rows} "; +$sql = " select * {$sql_common} {$sql_search} {$sql_order} limit {$new_member_rows} "; $result = sql_query($sql); $colspan = 12; @@ -137,9 +122,9 @@ if ($i == 0) Date: Sun, 20 Jan 2013 17:57:10 +0900 Subject: [PATCH 3/8] =?UTF-8?q?=EC=84=A4=EB=AC=B8=EC=A1=B0=EC=82=AC=20?= =?UTF-8?q?=EA=B8=B0=ED=83=80=EC=9D=98=EA=B2=AC=EC=93=B0=EA=B8=B0=EC=97=90?= =?UTF-8?q?=20=EB=B9=84=ED=9A=8C=EC=9B=90=EC=9D=BC=20=EA=B2=BD=EC=9A=B0=20?= =?UTF-8?q?=EC=BA=A1=EC=B1=A0=20=EC=A0=81=EC=9A=A9?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- bbs/poll_result.php | 1 + bbs/poll_update.php | 5 +++++ skin/poll/neo/poll_result.skin.php | 11 ++++++++++- 3 files changed, 16 insertions(+), 1 deletion(-) diff --git a/bbs/poll_result.php b/bbs/poll_result.php index 5a4186e8d..5ebe45fc7 100644 --- a/bbs/poll_result.php +++ b/bbs/poll_result.php @@ -1,4 +1,5 @@ = $po['po_level']) { ?> -
+ @@ -66,6 +66,7 @@ if (!defined("_GNUBOARD_")) exit; // 개별 페이지 접근 불가 +
@@ -90,5 +91,13 @@ $(function() { $(".btn_win a").click(function() { window.close(); }); + }); + +function fpollresult_submit(f) +{ + + + return true; +} \ No newline at end of file From 7189e7dcc3e24532544f3ec04bdd90c60d02d6de Mon Sep 17 00:00:00 2001 From: chicpro Date: Mon, 21 Jan 2013 10:08:50 +0900 Subject: [PATCH 4/8] =?UTF-8?q?window.close=20=EB=8C=80=EC=B2=B4=20?= =?UTF-8?q?=EC=8A=A4=ED=81=AC=EB=A6=BD=ED=8A=B8=20=EC=A0=9C=EA=B1=B0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- skin/member/neo/memo.skin.php | 12 ++---------- skin/member/neo/memo_form.skin.php | 9 +-------- skin/member/neo/memo_view.skin.php | 13 ++----------- skin/member/neo/scrap.skin.php | 12 ++---------- skin/poll/neo/poll_result.skin.php | 11 ++--------- 5 files changed, 9 insertions(+), 48 deletions(-) diff --git a/skin/member/neo/memo.skin.php b/skin/member/neo/memo.skin.php index 92865df46..981a571d5 100644 --- a/skin/member/neo/memo.skin.php +++ b/skin/member/neo/memo.skin.php @@ -36,14 +36,6 @@ if (!defined("_GNUBOARD_")) exit; // 개별 페이지 접근 불가 자료가 없습니다."; } ?> - - +
창닫기
+ \ No newline at end of file diff --git a/skin/member/neo/memo_form.skin.php b/skin/member/neo/memo_form.skin.php index e5951859a..c300070f5 100644 --- a/skin/member/neo/memo_form.skin.php +++ b/skin/member/neo/memo_form.skin.php @@ -37,19 +37,12 @@ if (!defined("_GNUBOARD_")) exit; // 개별 페이지 접근 불가
+ 창닫기
\ No newline at end of file + \ No newline at end of file diff --git a/skin/member/neo/scrap.skin.php b/skin/member/neo/scrap.skin.php index 5341f55d4..246f32f08 100644 --- a/skin/member/neo/scrap.skin.php +++ b/skin/member/neo/scrap.skin.php @@ -34,14 +34,6 @@ if (!defined("_GNUBOARD_")) exit; // 개별 페이지 접근 불가
+ +
창닫기
- - \ No newline at end of file diff --git a/skin/poll/neo/poll_result.skin.php b/skin/poll/neo/poll_result.skin.php index 54b992cd9..9b6d9c0f4 100644 --- a/skin/poll/neo/poll_result.skin.php +++ b/skin/poll/neo/poll_result.skin.php @@ -82,18 +82,11 @@ if (!defined("_GNUBOARD_")) exit; // 개별 페이지 접근 불가 + +
창닫기
From 31e61f0f10f129ebaa0cfdde92c9713e26a0609d Mon Sep 17 00:00:00 2001 From: chicpro Date: Mon, 21 Jan 2013 11:06:41 +0900 Subject: [PATCH 6/8] =?UTF-8?q?=EB=94=B0=EC=98=B4=ED=91=9C=20=EB=B0=8F=20p?= =?UTF-8?q?hp=5Feol=20=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- bbs/profile.php | 24 ++++++++++++------------ skin/member/neo/profile.skin.php | 10 +++++----- 2 files changed, 17 insertions(+), 17 deletions(-) diff --git a/bbs/profile.php b/bbs/profile.php index ffe877fba..0a15be6a0 100644 --- a/bbs/profile.php +++ b/bbs/profile.php @@ -1,31 +1,31 @@ '; diff --git a/skin/member/neo/profile.skin.php b/skin/member/neo/profile.skin.php index 5580c1fa7..b0c535bea 100644 --- a/skin/member/neo/profile.skin.php +++ b/skin/member/neo/profile.skin.php @@ -1,5 +1,5 @@
@@ -9,11 +9,11 @@ if (!defined("_GNUBOARD_")) exit; // 개별 페이지 접근 불가 회원권한 - + 포인트 - + @@ -23,11 +23,11 @@ if (!defined("_GNUBOARD_")) exit; // 개별 페이지 접근 불가 회원가입일 - = $mb[mb_level]) ? substr($mb[mb_datetime],0,10) ." (".$mb_reg_after." 일)" : "알 수 없음"; ?> + = $mb['mb_level']) ? substr($mb['mb_datetime'],0,10) ." (".number_format($mb_reg_after)." 일)" : "알 수 없음"; ?> 최종접속일 - = $mb[mb_level]) ? $mb[mb_today_login] : "알 수 없음";?> + = $mb['mb_level']) ? $mb['mb_today_login'] : "알 수 없음";?> From 926281afa4dd564f594c444ae04d20f41ee71ce3 Mon Sep 17 00:00:00 2001 From: chicpro Date: Mon, 21 Jan 2013 11:13:06 +0900 Subject: [PATCH 7/8] =?UTF-8?q?=EB=94=B0=EC=98=B4=ED=91=9C=20=EB=B6=80?= =?UTF-8?q?=EB=B6=84=20=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- bbs/register_form_update_mail1.php | 14 +++++++------- bbs/register_form_update_mail2.php | 10 +++++----- bbs/register_form_update_mail3.php | 10 +++++----- bbs/write_update_mail.php | 12 ++++++------ 4 files changed, 23 insertions(+), 23 deletions(-) diff --git a/bbs/register_form_update_mail1.php b/bbs/register_form_update_mail1.php index d91958f3d..5d0b8c8f5 100644 --- a/bbs/register_form_update_mail1.php +++ b/bbs/register_form_update_mail1.php @@ -1,10 +1,10 @@ - + 회원가입 축하 메일 @@ -29,7 +29,7 @@ body, th, td, form, input, select, text, textarea, caption { font-size: 12px; fo - +
회원가입을 축하합니다.
@@ -39,9 +39,9 @@ body, th, td, form, input, select, text, textarea, caption { font-size: 12px; fo 님의 회원가입을 진심으로 축하합니다. - +

아래의 주소를 클릭하시면 회원가입이 완료됩니다. -

+

회원님의 성원에 보답하고자 더욱 더 열심히 하겠습니다. @@ -54,8 +54,8 @@ body, th, td, form, input, select, text, textarea, caption { font-size: 12px; fo - - 로그인 후 모든 정보를 이용하실 수 있습니다.[바로가기] + + 로그인 후 모든 정보를 이용하실 수 있습니다.[바로가기] diff --git a/bbs/register_form_update_mail2.php b/bbs/register_form_update_mail2.php index 13b613ee7..7b0e1da49 100644 --- a/bbs/register_form_update_mail2.php +++ b/bbs/register_form_update_mail2.php @@ -1,10 +1,10 @@ - + 회원가입 메일 @@ -29,7 +29,7 @@ body, th, td, form, input, select, text, textarea, caption { font-size: 12px; fo - +
회원가입 메일
@@ -48,8 +48,8 @@ body, th, td, form, input, select, text, textarea, caption { font-size: 12px; fo - - 관리자화면에서 자세한 내용을 확인하실 수 있습니다.[바로가기] + + 관리자화면에서 자세한 내용을 확인하실 수 있습니다.[바로가기] diff --git a/bbs/register_form_update_mail3.php b/bbs/register_form_update_mail3.php index ec1040e20..2f2e8af63 100644 --- a/bbs/register_form_update_mail3.php +++ b/bbs/register_form_update_mail3.php @@ -1,10 +1,10 @@ - + 인증 메일 @@ -29,7 +29,7 @@ body, th, td, form, input, select, text, textarea, caption { font-size: 12px; fo - +
인증 메일입니다.
@@ -52,8 +52,8 @@ body, th, td, form, input, select, text, textarea, caption { font-size: 12px; fo - - 로그인 후 모든 정보를 이용하실 수 있습니다.[바로가기] + + 로그인 후 모든 정보를 이용하실 수 있습니다.[바로가기] diff --git a/bbs/write_update_mail.php b/bbs/write_update_mail.php index e89ee5665..ef3e1e105 100644 --- a/bbs/write_update_mail.php +++ b/bbs/write_update_mail.php @@ -1,10 +1,10 @@ - + <?=$wr_subject?> 메일 @@ -29,14 +29,14 @@ body, th, td, form, input, select, text, textarea, caption { font-size: 12px; fo - + - + - + @@ -52,7 +52,7 @@ body, th, td, form, input, select, text, textarea, caption { font-size: 12px; fo - +
제목
게시자
홈페이지에서도 게시물을 확인하실 수 있습니다.[바로가기]
From 346e4acf417c5aeb6d89bf91678d1f04c8f6b13a Mon Sep 17 00:00:00 2001 From: chicpro Date: Mon, 21 Jan 2013 11:19:16 +0900 Subject: [PATCH 8/8] =?UTF-8?q?=EB=94=B0=EC=98=B4=ED=91=9C=20=EB=B0=8F=20p?= =?UTF-8?q?hp=5Feol=20=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- bbs/password_lost2.php | 34 +++++++++++++++++----------------- bbs/password_lost_certify.php | 18 +++++++++--------- 2 files changed, 26 insertions(+), 26 deletions(-) diff --git a/bbs/password_lost2.php b/bbs/password_lost2.php index 5549a8c26..ab6c05677 100644 --- a/bbs/password_lost2.php +++ b/bbs/password_lost2.php @@ -16,12 +16,12 @@ $email = trim($_POST['mb_email']); if (!$email) alert_close('메일주소 오류입니다.'); -$sql = " select count(*) as cnt from {$g4['member_table']} where mb_email = '{$email}' "; +$sql = " select count(*) as cnt from {$g4['member_table']} where mb_email = '$email' "; $row = sql_fetch($sql); if ($row['cnt'] > 1) - alert('동일한 메일주소가 2개 이상 존재합니다.\n\n관리자에게 문의하여 주십시오.'); + alert('동일한 메일주소가 2개 이상 존재합니다.\\n\\n관리자에게 문의하여 주십시오.'); -$sql = " select mb_no, mb_id, mb_name, mb_nick, mb_email, mb_datetime from {$g4['member_table']} where mb_email = '{$email}' "; +$sql = " select mb_no, mb_id, mb_name, mb_nick, mb_email, mb_datetime from {$g4['member_table']} where mb_email = '$email' "; $mb = sql_fetch($sql); if (!$mb['mb_id']) alert('존재하지 않는 회원입니다.'); @@ -35,17 +35,17 @@ $randval = rand(4, 6); $change_password = substr(md5(get_microtime()), 0, $randval); $mb_lost_certify = sql_password($change_password); -$mb_datetime = sql_password($mb[mb_datetime]); +$mb_datetime = sql_password($mb['mb_datetime']); // 회원테이블에 필드를 추가 -sql_query(" ALTER TABLE `{$g4[member_table]}` ADD `mb_lost_certify` VARCHAR( 255 ) NOT NULL AFTER `mb_memo` ", false); +sql_query(" ALTER TABLE `{$g4['member_table']}` ADD `mb_lost_certify` VARCHAR( 255 ) NOT NULL AFTER `mb_memo` ", false); -$sql = " update {$g4[member_table]} - set mb_lost_certify = '{$mb_lost_certify}' - where mb_id = '{$mb[mb_id]}' "; +$sql = " update {$g4['member_table']} + set mb_lost_certify = '$mb_lost_certify' + where mb_id = '{$mb['mb_id']}' "; sql_query($sql); -$href = $g4[url].'/'.$g4[bbs].'/password_lost_certify.php?mb_no='.$mb[mb_no].'&mb_datetime='.$mb_datetime.'&mb_lost_certify='.$mb_lost_certify; +$href = $g4['url'].'/'.$g4['bbs'].'/password_lost_certify.php?mb_no='.$mb['mb_no'].'&mb_datetime='.$mb_datetime.'&mb_lost_certify='.$mb_lost_certify; $subject = '요청하신 회원아이디/패스워드 정보입니다.'; @@ -54,13 +54,13 @@ $content .= '

'; $content .= '

요청하신 계정정보는 다음과 같습니다.

'; $content .= '
'; $content .= '
    '; -$content .= '
  • 회원아이디 : '.$mb[mb_id].'
    • '; +$content .= '
  • 회원아이디 : '.$mb['mb_id'].'
    • '; $content .= '
  • 변경 패스워드 : '.$change_password.'
    • '; -$content .= '
  • 이름 : '.addslashes($mb[mb_name]).'
    • '; -$content .= '
  • 별명 : '.addslashes($mb[mb_nick]).'
    • '; -$content .= '
  • 이메일주소 : '.addslashes($mb[mb_email]).'
    • '; -$content .= '
  • 요청일시 : '.$g4[time_ymdhis].'
    • '; -$content .= '
  • 홈페이지 : '.$g4[url].'
    • '; +$content .= '
  • 이름 : '.addslashes($mb['mb_name']).'
    • '; +$content .= '
  • 별명 : '.addslashes($mb['mb_nick']).'
    • '; +$content .= '
  • 이메일주소 : '.addslashes($mb['mb_email']).'
    • '; +$content .= '
  • 요청일시 : '.$g4['time_ymdhis'].'
    • '; +$content .= '
  • 홈페이지 : '.$g4['url'].'
    • '; $content .= '
'; $content .= '
'; $content .= '

'.$href.'

'; @@ -75,7 +75,7 @@ $content .= '

[끝]

'; $content .= '
'; $admin = get_admin('super'); -mailer($admin[mb_nick], $admin[mb_email], $mb[mb_email], $subject, $content, 1); +mailer($admin['mb_nick'], $admin['mb_email'], $mb['mb_email'], $subject, $content, 1); -alert_close($email.' 메일로 회원아이디와 패스워드를 인증할 수 있는 메일이 발송 되었습니다.\n\n메일을 확인하여 주십시오.'); +alert_close($email.' 메일로 회원아이디와 패스워드를 인증할 수 있는 메일이 발송 되었습니다.\\n\\n메일을 확인하여 주십시오.'); ?> \ No newline at end of file diff --git a/bbs/password_lost_certify.php b/bbs/password_lost_certify.php index 8dce632ca..bfd43ad86 100644 --- a/bbs/password_lost_certify.php +++ b/bbs/password_lost_certify.php @@ -3,23 +3,23 @@ include_once('./_common.php'); // 오류시 공히 Error 라고 처리하는 것은 회원정보가 있는지? 패스워드가 틀린지? 를 알아보려는 해킹에 대비한것 -$mb_no = trim($_GET[mb_no]); -$mb_datetime = trim($_GET[mb_datetime]); -$mb_lost_certify = trim($_GET[mb_lost_certify]); +$mb_no = trim($_GET['mb_no']); +$mb_datetime = trim($_GET['mb_datetime']); +$mb_lost_certify = trim($_GET['mb_lost_certify']); // 회원아이디가 아닌 회원고유번호로 회원정보를 구한다. -$sql = " select mb_id, mb_datetime, mb_lost_certify from {$g4[member_table]} where mb_no = '{$mb_no}' "; +$sql = " select mb_id, mb_datetime, mb_lost_certify from {$g4['member_table']} where mb_no = '$mb_no' "; $mb = sql_fetch($sql); -if (!trim($mb[mb_lost_certify])) +if (!trim($mb['mb_lost_certify'])) die("Error"); // 인증 링크는 한번만 처리가 되게 한다. -sql_query(" update {$g4[member_table]} set mb_lost_certify = '' where mb_no = '{$mb_no}' "); +sql_query(" update {$g4['member_table']} set mb_lost_certify = '' where mb_no = '$mb_no' "); // 변경될 패스워드가 넘어와야하고 저장된 변경패스워드를 md5 로 변환하여 같으면 정상 -if ($mb_lost_certify && $mb_datetime === sql_password($mb[mb_datetime]) && $mb_lost_certify === $mb[mb_lost_certify]) { - sql_query(" update {$g4[member_table]} set mb_password = '{$mb[mb_lost_certify]}' where mb_no = '{$mb_no}' "); - alert('이메일로 보내드린 패스워드로 변경 하였습니다.'.PHP_EOL.PHP_EOL.'회원아이디와 변경된 패스워드로 로그인 하시기 바랍니다.', $g4[url].'/'.$g4[bbs].'/login.php'); +if ($mb_lost_certify && $mb_datetime === sql_password($mb['mb_datetime']) && $mb_lost_certify === $mb['mb_lost_certify']) { + sql_query(" update {$g4['member_table']} set mb_password = '{$mb['mb_lost_certify']}' where mb_no = '$mb_no' "); + alert('이메일로 보내드린 패스워드로 변경 하였습니다.\\n\\n회원아이디와 변경된 패스워드로 로그인 하시기 바랍니다.', $g4['url'].'/'.$g4['bbs'].'/login.php'); } else { die("Error");