From 9e502fdb18926c2186fa6056da1e387fdfde0d50 Mon Sep 17 00:00:00 2001
From: thisgun <thisgun@naver.com>
Date: Mon, 28 Jan 2019 16:22:50 +0900
Subject: [PATCH] =?UTF-8?q?KVE-2018-1987,=202019-0038=20=EC=98=81=EC=B9=B4?=
 =?UTF-8?q?=ED=8A=B8=20=EB=8B=A4=EC=A4=91=20=EC=B7=A8=EC=95=BD=EC=A0=90=20?=
 =?UTF-8?q?=EC=88=98=EC=A0=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 adm/shop_admin/configform.php         |  8 +++++++
 adm/shop_admin/orderform.php          | 10 +++++++++
 lib/shop.lib.php                      | 16 ++++++++++++--
 mobile/shop/inicis/settle_common.php  | 25 +++++++++++++++------
 mobile/shop/personalpayformupdate.php | 15 ++++++++++---
 shop/cartupdate.php                   |  1 +
 shop/inicis/inipay_cancel.php         | 31 ++++++++++++++++++++++++++-
 shop/inicis/inistdpay_return.php      | 10 ++++-----
 8 files changed, 97 insertions(+), 19 deletions(-)

diff --git a/adm/shop_admin/configform.php b/adm/shop_admin/configform.php
index c604c035b..99f67ad51 100644
--- a/adm/shop_admin/configform.php
+++ b/adm/shop_admin/configform.php
@@ -1807,6 +1807,10 @@ if($default['de_iche_use'] || $default['de_vbank_use'] || $default['de_hp_use']
                 echo '<script>'.PHP_EOL;
                 echo 'alert("'.str_replace(G5_PATH.'/', '',$log_path).' 폴더에 쓰기권한을 부여해 주십시오.\n> chmod 707 log");'.PHP_EOL;
                 echo '</script>'.PHP_EOL;
+            } else {
+                if( function_exists('check_log_folder') && is_writable($log_path) ){
+                    check_log_folder($log_path);
+                }
             }
         }
     }
@@ -1824,6 +1828,10 @@ if($default['de_iche_use'] || $default['de_vbank_use'] || $default['de_hp_use']
                 echo '<script>'.PHP_EOL;
                 echo 'alert("'.str_replace(G5_PATH.'/', '',$log_path).' 폴더에 쓰기권한을 부여해 주십시오.\n> chmod 707 log");'.PHP_EOL;
                 echo '</script>'.PHP_EOL;
+            } else {
+                if( function_exists('check_log_folder') && is_writable($log_path) ){
+                    check_log_folder($log_path);
+                }
             }
         }
     }
diff --git a/adm/shop_admin/orderform.php b/adm/shop_admin/orderform.php
index ffbd306cf..dadf9eb41 100644
--- a/adm/shop_admin/orderform.php
+++ b/adm/shop_admin/orderform.php
@@ -278,6 +278,16 @@ add_javascript(G5_POSTCODE_JS, 0);    //다음 주소 js
 <?php if($od['od_test']) { ?>
 <div class="od_test_caution">주의) 이 주문은 테스트용으로 실제 결제가 이루어지지 않았으므로 절대 배송하시면 안됩니다.</div>
 <?php } ?>
+<?php if($od['od_pg'] === 'inicis' && !$od['od_test']) {
+    $sql = "select P_TID from {$g5['g5_shop_inicis_log_table']} where oid = '$od_id' and P_STATUS = 'cancel' ";
+    $tmp_row = sql_fetch($sql);
+    if($tmp_row['P_TID']){
+?>
+<div class="od_test_caution">주의) 이 주문은 결제취소된 내역이 있습니다. 이니시스 관리자 상점에서 반드시 재확인을 해 주세요.</div>
+<?php 
+    }   //end if
+}   //end if
+?>
 
 <section id="anc_sodr_pay">
     <h2 class="h2_frm">주문결제 내역</h2>
diff --git a/lib/shop.lib.php b/lib/shop.lib.php
index f94fcd72e..28dc7a8fb 100644
--- a/lib/shop.lib.php
+++ b/lib/shop.lib.php
@@ -1374,7 +1374,7 @@ function set_cart_id($direct)
     } else {
         // 비회원장바구니 cart id 쿠키설정
         if($default['de_guest_cart_use']) {
-            $tmp_cart_id = get_cookie('ck_guest_cart_id');
+            $tmp_cart_id = preg_replace('/[^a-z0-9_\-]/i', '', get_cookie('ck_guest_cart_id'));
             if($tmp_cart_id) {
                 set_session('ss_cart_id', $tmp_cart_id);
                 //set_cookie('ck_guest_cart_id', $tmp_cart_id, ($default['de_cart_keep_term'] * 86400));
@@ -2457,8 +2457,20 @@ function is_inicis_simple_pay(){
     return false;
 }
 
-//이니시스의 삼성페이 또는 L.pay 결제인지 확인합니다.
+//이니시스의 취소된 주문인지 또는 삼성페이 또는 L.pay 결제인지 확인합니다.
 function is_inicis_order_pay($type){
+    global $default, $g5;
+
+    if( $default['de_pg_service'] === 'inicis' && get_session('P_TID') ){
+        $tid = preg_replace('/[^A-Za-z0-9_\-]/', '', get_session('P_TID'));
+        $sql = "select P_TID from `{$g5['g5_shop_inicis_log_table']}` where P_TID = '$tid' and P_STATUS = 'cancel' ";
+
+        $row = sql_fetch($sql);
+
+        if( $row['P_TID'] ){
+            alert("이미 취소된 주문입니다.", G5_SHOP_URL);
+        }
+    }
 
     if( in_array($type, array('삼성페이', 'lpay') ) ){
         return true;
diff --git a/mobile/shop/inicis/settle_common.php b/mobile/shop/inicis/settle_common.php
index acb60891e..907c33634 100644
--- a/mobile/shop/inicis/settle_common.php
+++ b/mobile/shop/inicis/settle_common.php
@@ -53,6 +53,13 @@ if($PGIP == "211.219.96.165" || $PGIP == "118.129.210.25" || $PGIP == "183.109.7
     $P_AUTH_NO  = $_POST['P_AUTH_NO'];
     $P_SRC_CODE = $_POST['P_SRC_CODE'];
 
+    include_once(G5_MSHOP_PATH.'/settle_inicis.inc.php');
+    
+    if(! ($default['de_pg_service'] === 'inicis' && $default['de_inicis_mid'] === $P_MID)){
+        echo "FAIL";
+        return;
+    }
+
     // 결과 incis log 테이블 기록
     if($P_TYPE == 'BANK' || $P_SRC_CODE == 'A') {
 
@@ -88,8 +95,6 @@ if($PGIP == "211.219.96.165" || $PGIP == "118.129.210.25" || $PGIP == "183.109.7
         if( !$exist_order['cnt'] ){
             //주문정보를 insert 합니다.
             
-            include_once(G5_MSHOP_PATH.'/settle_inicis.inc.php');
-            
             $sql = " select * from {$g5['g5_shop_order_data_table']} where od_id = $P_OID ";
             $od = sql_fetch($sql);
             $data = unserialize(base64_decode($od['dt_data']));
@@ -117,8 +122,6 @@ if($PGIP == "211.219.96.165" || $PGIP == "118.129.210.25" || $PGIP == "183.109.7
                         }
                     }
 
-                    extract($params);
-
                     $good_mny = $P_AMT;
                     $pp_name = clean_xss_tags($data['pp_name']);
                     $pp_email = clean_xss_tags($data['pp_email']);
@@ -144,7 +147,7 @@ if($PGIP == "211.219.96.165" || $PGIP == "118.129.210.25" || $PGIP == "183.109.7
                     if( !$order_id ){
                         echo "FAIL";
                     } else {
-                        $sql = " delete from {$g5['g5_shop_inicis_log_table']} where (oid = '$P_OID' and P_TID = '$P_TID') OR substr(P_AUTH_DT, 1, 8) < '".date('Ymd', strtotime('-3 month', G5_SERVER_TIME))."' ";
+                        $sql = " delete from {$g5['g5_shop_inicis_log_table']} where (oid = '$P_OID' and P_TID = '$P_TID') OR substr(P_AUTH_DT, 1, 8) < '".date('Ymd', strtotime('-1 month', G5_SERVER_TIME))."' ";
                         sql_query( $sql , false);
                     }
                 }
@@ -211,8 +214,16 @@ if($PGIP == "211.219.96.165" || $PGIP == "118.129.210.25" || $PGIP == "183.109.7
                     $_POST['P_VACT_BANK'] = $params['P_VACT_BANK'] = $PAY['P_FN_NM'];
                     $_POST['P_AUTH_NO'] = $params['P_AUTH_NO'] = $PAY['P_AUTH_NO'];
 
-                    extract($params);
+                    $check_keys = array('od_name', 'od_tel', 'od_pwd', 'od_hp', 'od_zip', 'od_addr1', 'od_addr2', 'od_addr3', 'od_addr_jibeon', 'od_email', 'ad_default', 'ad_subject', 'od_hope_date', 'od_b_name', 'od_b_tel', 'od_b_hp', 'od_b_zip', 'od_b_addr1', 'od_b_addr2', 'od_b_addr3', 'od_b_addr_jibeon', 'od_memo', 'od_settle_case', 'max_temp_point', 'od_temp_point', 'od_send_cost', 'od_send_cost2', 'od_bank_account', 'od_deposit_name', 'od_test', 'od_ip');
                     
+                    foreach($check_keys as $key){
+                        $$key = isset($params[$key]) ? $params[$key] : '';
+                    }
+                    
+                    $od_send_cost = (int) $od_send_cost;
+                    $od_send_cost2 = (int) $od_send_cost2;
+                    $ad_default = (int) $ad_default;
+
                     if( $od['mb_id'] ){
                         $is_member = true;
                         $member = get_member($od['mb_id']);
@@ -224,7 +235,7 @@ if($PGIP == "211.219.96.165" || $PGIP == "118.129.210.25" || $PGIP == "183.109.7
                     if( !$order_id ){
                         echo "FAIL";
                     } else {
-                        $sql = " delete from {$g5['g5_shop_inicis_log_table']} where (oid = '$P_OID' and P_TID = '$P_TID') OR substr(P_AUTH_DT, 1, 8) < '".date('Ymd', strtotime('-3 month', G5_SERVER_TIME))."' ";
+                        $sql = " delete from {$g5['g5_shop_inicis_log_table']} where (oid = '$P_OID' and P_TID = '$P_TID') OR substr(P_AUTH_DT, 1, 8) < '".date('Ymd', strtotime('-1 month', G5_SERVER_TIME))."' ";
                         sql_query( $sql , false);
                     }
                 }
diff --git a/mobile/shop/personalpayformupdate.php b/mobile/shop/personalpayformupdate.php
index c715257bb..3be3ceb7b 100644
--- a/mobile/shop/personalpayformupdate.php
+++ b/mobile/shop/personalpayformupdate.php
@@ -21,10 +21,19 @@ $pp = sql_fetch($sql);
 if(!$pp['pp_id'])
     alert('개인결제 정보가 존재하지 않습니다.', G5_SHOP_URL.'/personalpay.php');
 
-if($pp['pp_tno'])
-    alert('이미 결제하신 개인결제 내역입니다.', G5_SHOP_URL);
-
 $hash_data = md5($_POST['pp_id'].$_POST['good_mny'].$pp['pp_time']);
+
+if($pp['pp_tno']){
+    if( $default['de_pg_service'] == 'inicis' && ($_POST['pp_id'] === get_session('ss_personalpay_id') && $hash_data === get_session('ss_personalpay_hash')) ){
+        $uid = md5($pp['pp_id'].$pp['pp_time'].$_SERVER['REMOTE_ADDR']);
+        set_session('ss_personalpay_uid', $uid);
+
+        goto_url(G5_SHOP_URL.'/personalpayresult.php?pp_id='.$pp['pp_id'].'&amp;uid='.$uid);
+    } else {
+        alert('이미 결제하신 개인결제 내역입니다.', G5_SHOP_URL);
+    }
+}
+
 if($_POST['pp_id'] != get_session('ss_personalpay_id') || $hash_data != get_session('ss_personalpay_hash'))
     die('개인결제 정보가 올바르지 않습니다.');
 
diff --git a/shop/cartupdate.php b/shop/cartupdate.php
index e3e9d1778..b362126fd 100644
--- a/shop/cartupdate.php
+++ b/shop/cartupdate.php
@@ -20,6 +20,7 @@ if (!$tmp_cart_id)
     alert('더 이상 작업을 진행할 수 없습니다.\\n\\n브라우저의 쿠키 허용을 사용하지 않음으로 설정한것 같습니다.\\n\\n브라우저의 인터넷 옵션에서 쿠키 허용을 사용으로 설정해 주십시오.\\n\\n그래도 진행이 되지 않는다면 쇼핑몰 운영자에게 문의 바랍니다.');
 }
 
+$tmp_cart_id = preg_replace('/[^a-z0-9_\-]/i', '', $tmp_cart_id);
 
 // 레벨(권한)이 상품구입 권한보다 작다면 상품을 구입할 수 없음.
 if ($member['mb_level'] < $default['de_level_sell'])
diff --git a/shop/inicis/inipay_cancel.php b/shop/inicis/inipay_cancel.php
index b96f06f04..74ee4d167 100644
--- a/shop/inicis/inipay_cancel.php
+++ b/shop/inicis/inipay_cancel.php
@@ -11,13 +11,42 @@ if (!defined("_GNUBOARD_")) exit; // 개별 페이지 접근 불가
 
 $cancelFlag = "true";
 
-// $cancelFlag를 "ture"로 변경하는 condition 판단은 개별적으로
+// $cancelFlag를 "true"로 변경하는 condition 판단은 개별적으로
 // 수행하여 주십시오.
 
 if($cancelFlag == "true")
 {
+
+    if( isset($is_noti_pay) && $is_noti_pay ){
+        return;
+    }
+
     include_once(G5_SHOP_PATH.'/settle_inicis.inc.php');
 
+    if( get_session('ss_order_id') && $tno ){
+
+        $ini_oid = preg_replace('/[^a-z0-9_\-]/i', '', get_session('ss_order_id'));
+        $tno = preg_replace('/[^a-z0-9_\-]/i', '', $tno);
+
+        $sql = "select oid from {$g5['g5_shop_inicis_log_table']} where oid = '$ini_oid' and P_TID = '$tno' ";
+
+        $exists_log = sql_fetch($sql);
+        
+        if( $exists_log['oid'] ){
+            $sql = " update {$g5['g5_shop_inicis_log_table']}
+                        set P_STATUS  = 'cancel',
+                        P_AUTH_DT = '".preg_replace('/[^0-9]/', '', G5_TIME_YMDHIS)."' where oid = '$ini_oid' and P_TID = '$tno' ";
+        } else {
+            $sql = " insert into {$g5['g5_shop_inicis_log_table']}
+                        set oid = '$ini_oid',
+                            P_TID     = '$tno',
+                            P_STATUS  = 'cancel',
+                            P_AUTH_DT = '".preg_replace('/[^0-9]/', '', G5_TIME_YMDHIS)."' ";
+        }
+
+        sql_query($sql, false);
+    }
+
     $TID = $tno;
     $inipay->SetField("type", "cancel"); // 고정
     if( $default['de_inicis_admin_key'] ){
diff --git a/shop/inicis/inistdpay_return.php b/shop/inicis/inistdpay_return.php
index 773392873..0606c3ff1 100644
--- a/shop/inicis/inistdpay_return.php
+++ b/shop/inicis/inistdpay_return.php
@@ -49,13 +49,12 @@ if(isset($data['pp_id']) && $data['pp_id']) {   //개인결제
         if( in_array($key, array('pp_name', 'pp_email', 'pp_hp', 'pp_settle_case')) ){
 
             $var_datas[$key] = $value;
-
+            
+            $$key = $value;
         }
 
     }
 
-    @extract($var_datas);
-
     include_once(G5_SHOP_PATH.'/personalpayformupdate.php');
 
 } else {    //상점주문
@@ -65,13 +64,12 @@ if(isset($data['pp_id']) && $data['pp_id']) {   //개인결제
         if( in_array($key, array('od_price', 'od_name', 'od_tel', 'od_hp', 'od_email', 'od_memo', 'od_settle_case', 'max_temp_point', 'od_temp_point', 'od_bank_account', 'od_deposit_name', 'od_test', 'od_ip', 'od_zip', 'od_addr1', 'od_addr2', 'od_addr3', 'od_addr_jibeon', 'od_b_name', 'od_b_tel', 'od_b_hp', 'od_b_addr1', 'od_b_addr2', 'od_b_addr3', 'od_b_addr_jibeon', 'od_b_zip', 'od_send_cost', 'od_send_cost2', 'od_hope_date')) ){
 
             $var_datas[$key] = $value;
-
+            
+            $$key = $value;
         }
 
     }
 
-    @extract($var_datas);
-
     $od_send_cost = (int) $_POST['od_send_cost'];
     $od_send_cost2 = (int) $_POST['od_send_cost2'];