diff --git a/adm/admin.lib.php b/adm/admin.lib.php index 7fdc00985..1ad01bab1 100644 --- a/adm/admin.lib.php +++ b/adm/admin.lib.php @@ -482,7 +482,7 @@ function admin_check_xss_params($params){ if( is_array($value) ){ admin_check_xss_params($value); - } else if ( preg_match('/<\s?[^\>]*\/?\s?>/i', $value) && (preg_match('/script.*?\/script/ius', $value) || preg_match('/[onload|onerror]=.*/ius', $value)) ){ + } else if ( (preg_match('/<\s?[^\>]*\/?\s?>/i', $value) && (preg_match('/script.*?\/script/ius', $value) || preg_match('/[onload|onerror]=.*/ius', $value))) || preg_match('/^(?=.*get_ajax_token\()(?=.*xmlhttprequest\()(?=.*send\().*$/im', $value) ){ alert('요청 쿼리에 잘못된 스크립트문장이 있습니다.\\nXSS 공격일수도 있습니다.'); die(); } diff --git a/adm/board_form.php b/adm/board_form.php index 3e60031d2..f75650a74 100644 --- a/adm/board_form.php +++ b/adm/board_form.php @@ -82,6 +82,7 @@ if (!isset($board['bo_use_captcha'])) { $required = ""; $readonly = ""; +$sound_only = ""; if ($w == '') { $html_title .= ' 생성'; diff --git a/adm/config_form.php b/adm/config_form.php index 5bc7bccea..8629cd087 100644 --- a/adm/config_form.php +++ b/adm/config_form.php @@ -271,6 +271,13 @@ if(!isset($member['mb_scrap_cnt'])) { ADD `mb_scrap_cnt` int(11) NOT NULL DEFAULT '0' AFTER `mb_memo_cnt`", true); } +// 아이코드 토큰키 추가 +if( ! isset($config['cf_icode_token_key']) ){ + $sql = "ALTER TABLE `{$g5['config_table']}` + ADD COLUMN `cf_icode_token_key` VARCHAR(100) NOT NULL DEFAULT '' AFTER `cf_icode_server_port`; "; + sql_query($sql, false); +} + if(!$config['cf_faq_skin']) $config['cf_faq_skin'] = "basic"; if(!$config['cf_mobile_faq_skin']) $config['cf_mobile_faq_skin'] = "basic"; @@ -1257,29 +1264,29 @@ include_once('_rewrite_config_form.php'); - LMS로 선택하시면 90바이트 이하는 SMS로, 그 이상은 1500바이트까지 LMS로 전송됩니다.
요금은 건당 SMS는 16원, LMS는 48원입니다."); ?> + LMS로 선택하시면 90바이트 이하는 SMS로, 그 이상은 ".G5_ICODE_LMS_MAX_LENGTH."바이트까지 LMS로 전송됩니다.
요금은 건당 SMS는 16원, LMS는 48원입니다."); ?> - - + + - - + + - - 요금제 + + 요금제
(구버전) - - 아이코드 SMS 신청
회원가입 - - 아이코드 회원가입 - - - - - 충전 잔액 + + + 충전 잔액
(구버전) 원. 충전하기 + + + + SMS 전송유형을 LMS로 설정시 90바이트 이내는 SMS, 90 ~ 2000 바이트는 LMS 그 이상은 절삭 되어 LMS로 발송됩니다."); ?> + + 토큰키관리 메뉴에서 생성한 토큰키를 입력합니다."); ?> +
+ 서버아이피 : + + + + 아이코드 SMS 신청
회원가입 + + 아이코드 회원가입 + + diff --git a/adm/config_form_update.php b/adm/config_form_update.php index 731b664c5..250fc9082 100644 --- a/adm/config_form_update.php +++ b/adm/config_form_update.php @@ -36,6 +36,8 @@ foreach( $check_keys as $key ){ } } +$_POST['cf_icode_server_port'] = isset($_POST['cf_icode_server_port']) ? preg_replace('/[^0-9]/', '', $_POST['cf_icode_server_port']) : '7295'; + $sql = " update {$g5['config_table']} set cf_title = '{$_POST['cf_title']}', cf_admin = '{$_POST['cf_admin']}', @@ -143,6 +145,7 @@ $sql = " update {$g5['config_table']} cf_sms_type = '{$_POST['cf_sms_type']}', cf_icode_id = '{$_POST['cf_icode_id']}', cf_icode_pw = '{$_POST['cf_icode_pw']}', + cf_icode_token_key = '{$_POST['cf_icode_token_key']}', cf_icode_server_ip = '{$_POST['cf_icode_server_ip']}', cf_icode_server_port = '{$_POST['cf_icode_server_port']}', cf_googl_shorturl_apikey = '{$_POST['cf_googl_shorturl_apikey']}', diff --git a/adm/css/admin.css b/adm/css/admin.css index b78d40380..ef42f0319 100644 --- a/adm/css/admin.css +++ b/adm/css/admin.css @@ -535,6 +535,10 @@ td.td_grpset {width:160px;border-left:1px solid #e9ecee;text-align:center} .is_rewrite .info-success{color:#155724} .is_rewrite .info-warning{color:#856404} +.icode_old_version th{background-color:#FFFCED} +.icode_json_version th{background-color:#F6F1FF} +.cf_tr_hide {display:none} + /* 관리권한설정 */ #add_admin fieldset {margin-top:20px;overflow:auto;padding:2px 6px;line-height:1.4;resize:vertical} diff --git a/adm/menu_form.php b/adm/menu_form.php index c4a8b2dbf..bb421af1c 100644 --- a/adm/menu_form.php +++ b/adm/menu_form.php @@ -159,11 +159,11 @@ function add_menu_list(name, link, code) list += ""; list += ""; list += ""; - list += ""; + list += ""; - list += ""; + list += "\n"; - list += ""; + list += ""; list += ""; list += ""; diff --git a/adm/shop_admin/categoryform.php b/adm/shop_admin/categoryform.php index 5c4a10ec0..8664d7bfc 100644 --- a/adm/shop_admin/categoryform.php +++ b/adm/shop_admin/categoryform.php @@ -5,6 +5,8 @@ include_once(G5_EDITOR_LIB); auth_check($auth[$sub_menu], "w"); +$ca_id = isset($ca_id) ? preg_replace('/[^0-9a-z]/i', '', $ca_id) : ''; + $sql_common = " from {$g5['g5_shop_category_table']} "; if ($is_admin != 'super') $sql_common .= " where ca_mb_id = '{$member['mb_id']}' "; diff --git a/adm/shop_admin/configform.php b/adm/shop_admin/configform.php index a588981e0..e3dec51d6 100644 --- a/adm/shop_admin/configform.php +++ b/adm/shop_admin/configform.php @@ -180,6 +180,13 @@ if(!isset($default['de_taxsave_types'])) { ADD `de_taxsave_types` set('account','vbank','transfer') NOT NULL DEFAULT 'account' AFTER `de_taxsave_use` ", true); } +// 아이코드 토큰키 추가 +if( ! isset($config['cf_icode_token_key']) ){ + $sql = "ALTER TABLE `{$g5['config_table']}` + ADD COLUMN `cf_icode_token_key` VARCHAR(100) NOT NULL DEFAULT '' AFTER `cf_icode_server_port`; "; + sql_query($sql, false); +} + if( function_exists('pg_setting_check') ){ pg_setting_check(true); } @@ -1444,6 +1451,10 @@ function byte_check(el_cont, el_byte) var ch = ''; var limit_num = (jQuery("#cf_sms_type").val() == "LMS") ? 1500 : 80; + if( $("input[name='cf_icode_token_key']").length && $("input[name='cf_icode_token_key']").val() && jQuery("#cf_sms_type").val() == "LMS" ){ + limit_num = 2000; + } + for (i=0; i 4) { @@ -1524,22 +1535,22 @@ function byte_check(el_cont, el_byte) - - + + - - + + - - 요금제 + "> + 요금제
(구버전) - - 아이코드 SMS 신청
회원가입 - - - 아이코드 회원가입 - - - - + + 충전 잔액 원. @@ -1572,6 +1576,23 @@ function byte_check(el_cont, el_byte) + + + + SMS 전송유형을 LMS로 설정시 90바이트 이내는 SMS, 90 ~ 2000 바이트는 LMS 그 이상은 절삭 되어 LMS로 발송됩니다."); ?> + + 토큰키관리 메뉴에서 생성한 토큰키를 입력합니다."); ?> +
+ 서버아이피 : + + + + 아이코드 SMS 신청
회원가입 + + + 아이코드 회원가입 + + diff --git a/adm/shop_admin/configformupdate.php b/adm/shop_admin/configformupdate.php index dc3a76056..45933944b 100644 --- a/adm/shop_admin/configformupdate.php +++ b/adm/shop_admin/configformupdate.php @@ -26,6 +26,7 @@ if ($_FILES['mobile_logo_img']['name']) upload_file($_FILES['mobile_logo_img'][' if ($_FILES['mobile_logo_img2']['name']) upload_file($_FILES['mobile_logo_img2']['tmp_name'], "mobile_logo_img2", G5_DATA_PATH."/common"); $de_kcp_mid = substr($_POST['de_kcp_mid'],0,3); +$cf_icode_server_port = isset($cf_icode_server_port) ? preg_replace('/[^0-9]/', '', $cf_icode_server_port) : '7295'; // kcp 전자결제를 사용할 때 site key 입력체크 if($_POST['de_pg_service'] == 'kcp' && !$_POST['de_card_test'] && ($_POST['de_iche_use'] || $_POST['de_vbank_use'] || $_POST['de_hp_use'] || $_POST['de_card_use'])) { @@ -428,6 +429,7 @@ $sql = " update {$g5['config_table']} cf_icode_pw = '{$cf_icode_pw}', cf_icode_server_ip = '{$_POST['cf_icode_server_ip']}', cf_icode_server_port = '{$_POST['cf_icode_server_port']}', + cf_icode_token_key = '{$cf_icode_token_key}', cf_lg_mid = '{$cf_lg_mid}', cf_lg_mert_key = '{$cf_lg_mert_key}' "; sql_query($sql); diff --git a/adm/shop_admin/itemdelete.inc.php b/adm/shop_admin/itemdelete.inc.php index 3df806357..78c5ac531 100644 --- a/adm/shop_admin/itemdelete.inc.php +++ b/adm/shop_admin/itemdelete.inc.php @@ -19,7 +19,7 @@ if (!function_exists("itemdelete")) { // 상품 이미지 삭제 $dir_list = array(); for($i=1; $i<=10; $i++) { - $file = G5_DATA_PATH.'/item/'.$it['it_img'.$i]; + $file = G5_DATA_PATH.'/item/'.clean_relative_paths($it['it_img'.$i]); if(is_file($file) && $it['it_img'.$i]) { @unlink($file); $dir = dirname($file); @@ -78,9 +78,9 @@ if (!function_exists("itemdelete")) { else $data_path = $p['path']; - $destfile = G5_PATH.$data_path; + $destfile = G5_PATH.clean_relative_paths($data_path); - if(is_file($destfile)) + if(is_file($destfile) && preg_match('/(\.(gif|jpe?g|png))$/i', $destfile)) @unlink($destfile); } @@ -95,9 +95,9 @@ if (!function_exists("itemdelete")) { else $data_path = $p['path']; - $destfile = G5_PATH.$data_path; + $destfile = G5_PATH.clean_relative_paths($data_path); - if(is_file($destfile)) + if(is_file($destfile) && preg_match('/(\.(gif|jpe?g|png))$/i', $destfile)) @unlink($destfile); } //------------------------------------------------------------------------ diff --git a/adm/sms_admin/config.php b/adm/sms_admin/config.php index 5eb96e1a9..a8e89543e 100644 --- a/adm/sms_admin/config.php +++ b/adm/sms_admin/config.php @@ -9,6 +9,14 @@ $g5['title'] = "SMS 기본설정"; if (!$config['cf_icode_server_ip']) $config['cf_icode_server_ip'] = '211.172.232.124'; if (!$config['cf_icode_server_port']) $config['cf_icode_server_port'] = '7295'; +// 아이코드 토큰키 추가 +if( ! isset($config['cf_icode_token_key']) ){ + $sql = "ALTER TABLE `{$g5['config_table']}` + ADD COLUMN `cf_icode_token_key` VARCHAR(100) NOT NULL DEFAULT '' AFTER `cf_icode_server_port`; "; + sql_query($sql, false); + $config['cf_icode_token_key'] = ''; +} + if ($config['cf_sms_use'] && $config['cf_icode_id'] && $config['cf_icode_pw']) { $userinfo = get_icode_userinfo($config['cf_icode_id'], $config['cf_icode_pw']); @@ -23,7 +31,7 @@ if (!$sms5['cf_skin']) include_once(G5_ADMIN_PATH.'/admin.head.php'); ?> - +

SMS 기능을 사용하시려면 먼저 아이코드에 서비스 신청을 하셔야 합니다.
@@ -47,22 +55,31 @@ if ($config['cf_sms_use'] == 'icode') { // 아이코드 사용 - + + + LMS로 선택하시면 90바이트 이하는 SMS로, 그 이상은 ".G5_ICODE_LMS_MAX_LENGTH."바이트까지 LMS로 전송됩니다.
요금은 건당 SMS는 16원, LMS는 48원입니다."); ?> + + + + + - + - - + + - - 현재 비밀번호가 입력되어 있지 않습니다. + - - 요금제 + + 요금제
(구버전) '; } else { - echo '가입해주세요.'; echo ''; } ?> - - 충전 잔액 + + 충전 잔액
(구버전) 충전하기 + + + + SMS 전송유형을 LMS로 설정시 90바이트 이내는 SMS, 90 ~ 2000 바이트는 LMS 그 이상은 절삭 되어 LMS로 발송됩니다."); ?> + + 토큰키관리 메뉴에서 생성한 토큰키를 입력합니다."); ?> +
+ 서버아이피 : + + diff --git a/adm/sms_admin/config_update.php b/adm/sms_admin/config_update.php index 3d9b57e03..236d56e74 100644 --- a/adm/sms_admin/config_update.php +++ b/adm/sms_admin/config_update.php @@ -15,6 +15,7 @@ if(!check_vaild_callback($cf_phone)) alert('회신번호가 올바르지 않습니다.'); $userinfo = get_icode_userinfo($cf_icode_id, $cf_icode_pw); +$cf_icode_server_port = isset($cf_icode_server_port) ? preg_replace('/[^0-9]/', '', $cf_icode_server_port) : '7295'; if ($userinfo['code'] == '202') alert('아이코드 아이디와 패스워드가 맞지 않습니다.'); @@ -33,10 +34,12 @@ sql_query($sql); // 아이코드 설정 $sql = " update {$g5['config_table']} set cf_sms_use = '$cf_sms_use', + cf_sms_type = '$cf_sms_type', cf_icode_id = '$cf_icode_id', cf_icode_pw = '$cf_icode_pw', cf_icode_server_ip = '$cf_icode_server_ip', - cf_icode_server_port = '$cf_icode_server_port' "; + cf_icode_server_port = '$cf_icode_server_port', + cf_icode_token_key = '$cf_icode_token_key'"; sql_query($sql); goto_url("./config.php"); diff --git a/adm/sms_admin/css/sms5.css b/adm/sms_admin/css/sms5.css index b5c09d1c4..03187e7ea 100644 --- a/adm/sms_admin/css/sms5.css +++ b/adm/sms_admin/css/sms5.css @@ -22,6 +22,7 @@ .sms5_box {position:relative;padding:10px;border-radius:5px;background:#fbec99} .sms5_box .box_ico {position:absolute;top:20px;left:-7px;width:7px;height:13px;background:url('../img/box_ico.gif') no-repeat} .sms5_box .box_txt {border:0;background:transparent;word-break:break-all;resize:none;overflow:hidden} +.sms5_box textarea.box_txt.is_overview{overflow:visible;min-height:130px} .sms5_box .box_square {width:100px;height:90px} #write_wrap {z-index:9} diff --git a/adm/sms_admin/history_send.php b/adm/sms_admin/history_send.php index 109dfcc41..9b4f29600 100644 --- a/adm/sms_admin/history_send.php +++ b/adm/sms_admin/history_send.php @@ -224,8 +224,8 @@ if($config['cf_sms_type'] == 'LMS') { ?> &st=&sv=&wr_no=&wr_renum='; @@ -104,7 +104,7 @@ function all_send()

- +
diff --git a/adm/sms_admin/sms5.sql b/adm/sms_admin/sms5.sql index 652872219..96bb7b1a4 100644 --- a/adm/sms_admin/sms5.sql +++ b/adm/sms_admin/sms5.sql @@ -149,7 +149,7 @@ CREATE TABLE `{$g5['sms5_write_table']}` ( `wr_no` int(11) NOT NULL default '1', `wr_renum` int(11) NOT NULL default '0', `wr_reply` varchar(255) NOT NULL default '', - `wr_message` varchar(255) NOT NULL default '', + `wr_message` text NOT NULL, `wr_booking` datetime NOT NULL default '0000-00-00 00:00:00', `wr_total` int(11) NOT NULL default '0', `wr_re_total` int(11) NOT NULL default '0', diff --git a/adm/sms_admin/sms_write.php b/adm/sms_admin/sms_write.php index 4654a3a6d..77754a97c 100644 --- a/adm/sms_admin/sms_write.php +++ b/adm/sms_admin/sms_write.php @@ -266,8 +266,8 @@ function sms5_chk_send(f) w = document.body.clientWidth/2 - 200; h = document.body.clientHeight/2 - 100; - act = window.open('sms_ing.php', 'act', 'width=300, height=200, left=' + w + ', top=' + h); - act.focus(); + //act = window.open('sms_ing.php', 'act', 'width=300, height=200, left=' + w + ', top=' + h); + //act.focus(); f.send_list.value = list; return true; @@ -407,6 +407,7 @@ function byte_check(wr_message, sms_bytes) var conts = document.getElementById(wr_message); var bytes = document.getElementById(sms_bytes); var max_bytes = document.getElementById("sms_max_bytes"); + var lms_max_length = var i = 0; var cnt = 0; @@ -427,14 +428,14 @@ function byte_check(wr_message, sms_bytes) if(cnt > 90) - max_bytes.innerHTML = 1500; + max_bytes.innerHTML = lms_max_length; else max_bytes.innerHTML = 90; - if (cnt > 1500) + if (cnt > lms_max_length) { - exceed = cnt - 1500; - alert('메시지 내용은 1500바이트를 넘을수 없습니다.\n\n작성하신 메세지 내용은 '+ exceed +'byte가 초과되었습니다.\n\n초과된 부분은 자동으로 삭제됩니다.'); + exceed = cnt - lms_max_length; + alert('메시지 내용은 '+ lms_max_length +'바이트를 넘을수 없습니다.\n\n작성하신 메세지 내용은 '+ exceed +'byte가 초과되었습니다.\n\n초과된 부분은 자동으로 삭제됩니다.'); var tcnt = 0; var xcnt = 0; var tmp = conts.value; @@ -447,7 +448,7 @@ function byte_check(wr_message, sms_bytes) tcnt += 1; } - if (tcnt > 1500) { + if (tcnt > lms_max_length) { tmp = tmp.substring(0,i); break; } else { diff --git a/adm/sms_admin/sms_write_send.php b/adm/sms_admin/sms_write_send.php index c7ec11030..e88bdae46 100644 --- a/adm/sms_admin/sms_write_send.php +++ b/adm/sms_admin/sms_write_send.php @@ -6,8 +6,24 @@ auth_check($auth[$sub_menu], "w"); check_admin_token(); +$result = sql_query("describe `{$g5['sms5_write_table']}`"); +while ($row = sql_fetch_array($result)){ + if( $row['Field'] === 'wr_message' && $row['Type'] === 'varchar(255)' ){ + sql_query("ALTER TABLE `{$g5['sms5_write_table']}` MODIFY wr_message TEXT NOT NULL;", false); + break; + } +} + $g5['title'] = "문자전송중"; +if ($config['cf_sms_use'] != 'icode') { + alert('기본환경설정에서 icode sms 사용이 비활성화 되어 있습니다.'); +} + +if ( ! (($config['cf_icode_id'] && $config['cf_icode_pw']) || $config['cf_icode_token_key']) ) { + alert('아이코드 설정값이 존재하지 않습니다.'); +} + $wr_reply = preg_replace('#[^0-9\-]#', '', trim($wr_reply)); $wr_message = clean_xss_tags(trim($wr_message)); @@ -94,12 +110,12 @@ while ($row = array_shift($send_list)) $hp = get_hp($item[$i][1], 0); $name = $item[$i][0]; - if(!$hp) continue; + if(!$hp) continue 2; if ($wr_overlap && array_overlap($hps, $hp)) { $overlap++; array_push( $duplicate_data['hp'], $row['bk_hp'] ); - continue; + continue 2; } array_push($list, array('bk_hp' => $hp, 'bk_name' => $name)); @@ -111,12 +127,12 @@ while ($row = array_shift($send_list)) $row = sql_fetch("select * from {$g5['sms5_book_table']} where bk_no='$item[$i]'"); $row['bk_hp'] = get_hp($row['bk_hp'], 0); - if(!$row['bk_hp']) continue; + if(!$row['bk_hp']) continue 2; if ($wr_overlap && array_overlap($hps, $row['bk_hp'])) { $overlap++; array_push( $duplicate_data['hp'], $row['bk_hp'] ); - continue; + continue 2; } array_push($list, $row); array_push($hps, $row['bk_hp']); @@ -141,14 +157,11 @@ if ($wr_by && $wr_bm && $wr_bd && $wr_bh && $wr_bi) { $booking = ''; } -if ($config['cf_sms_use'] != 'icode') { - alert('기본환경설정에서 icode sms 사용이 비활성화 되어 있습니다.'); -} - include_once(G5_ADMIN_PATH.'/admin.head.php'); $reply = str_replace('-', '', trim($wr_reply)); -$wr_message = conv_unescape_nl($wr_message); +$db_wr_message = conv_unescape_nl($wr_message); +$wr_message = conv_unescape_nl(stripslashes($wr_message)); $SMS = new SMS5; @@ -186,7 +199,7 @@ if($config['cf_sms_type'] == 'LMS') { if($result) { $result = $SMS->Send(); - + if ($result) //SMS 서버에 접속했습니다. { foreach ($SMS->Result as $result) @@ -242,7 +255,7 @@ if($config['cf_sms_type'] == 'LMS') { } } - sql_query("insert into {$g5['sms5_write_table']} set wr_no='$wr_no', wr_renum=0, wr_reply='$wr_reply', wr_message='$wr_message', wr_success='$wr_success', wr_failure='$wr_failure', wr_memo='$str_serialize', wr_booking='$wr_booking', wr_total='$wr_total', wr_datetime='".G5_TIME_YMDHIS."'"); + sql_query("insert into {$g5['sms5_write_table']} set wr_no='$wr_no', wr_renum=0, wr_reply='$wr_reply', wr_message='$db_wr_message', wr_success='$wr_success', wr_failure='$wr_failure', wr_memo='$str_serialize', wr_booking='$wr_booking', wr_total='$wr_total', wr_datetime='".G5_TIME_YMDHIS."'"); } } else { $SMS->SMS_con($config['cf_icode_server_ip'], $config['cf_icode_id'], $config['cf_icode_pw'], $config['cf_icode_server_port']); @@ -260,7 +273,7 @@ if($config['cf_sms_type'] == 'LMS') { else $wr_no = 1; - sql_query("insert into {$g5['sms5_write_table']} set wr_no='$wr_no', wr_renum=0, wr_reply='$wr_reply', wr_message='$wr_message', wr_booking='$wr_booking', wr_total='$wr_total', wr_datetime='".G5_TIME_YMDHIS."'"); + sql_query("insert into {$g5['sms5_write_table']} set wr_no='$wr_no', wr_renum=0, wr_reply='$wr_reply', wr_message='$db_wr_message', wr_booking='$wr_booking', wr_total='$wr_total', wr_datetime='".G5_TIME_YMDHIS."'"); $wr_success = 0; $wr_failure = 0; @@ -324,11 +337,16 @@ if($config['cf_sms_type'] == 'LMS') { function win_close_alert($msg) { - $html = ""; + $html = ""; echo $html; exit; @@ -336,8 +354,8 @@ function win_close_alert($msg) { ?> 0) { } // 음성 캡챠 파일 삭제 -$captcha_mp3 = glob(G5_PATH.'/data/cache/kcaptcha-*.mp3'); +$captcha_mp3 = glob(G5_DATA_PATH.'/cache/kcaptcha-*.mp3'); if($captcha_mp3 && is_array($captcha_mp3)) { foreach ($captcha_mp3 as $file) { if (filemtime($file) + 86400 < G5_SERVER_TIME) { diff --git a/bbs/download.php b/bbs/download.php index e4f7fa3fe..2b2aa1f2b 100644 --- a/bbs/download.php +++ b/bbs/download.php @@ -108,17 +108,17 @@ run_event('download_file_header', $file, $file_exist_check); if(preg_match("/msie/i", $_SERVER['HTTP_USER_AGENT']) && preg_match("/5\.5/", $_SERVER['HTTP_USER_AGENT'])) { header("content-type: doesn/matter"); - header("content-length: ".filesize("$filepath")); + header("content-length: ".filesize($filepath)); header("content-disposition: attachment; filename=\"$original\""); header("content-transfer-encoding: binary"); } else if (preg_match("/Firefox/i", $_SERVER['HTTP_USER_AGENT'])){ header("content-type: file/unknown"); - header("content-length: ".filesize("$filepath")); + header("content-length: ".filesize($filepath)); header("content-disposition: attachment; filename=\"".basename($file['bf_source'])."\""); header("content-description: php generated data"); } else { header("content-type: file/unknown"); - header("content-length: ".filesize("$filepath")); + header("content-length: ".filesize($filepath)); header("content-disposition: attachment; filename=\"$original\""); header("content-description: php generated data"); } diff --git a/bbs/move_update.php b/bbs/move_update.php index b3c28f09c..044586264 100644 --- a/bbs/move_update.php +++ b/bbs/move_update.php @@ -192,6 +192,8 @@ while ($row = sql_fetch_array($result)) sql_query(" update {$g5['board_table']} set bo_count_write = bo_count_write + '$count_write' where bo_table = '$move_bo_table' "); sql_query(" update {$g5['board_table']} set bo_count_comment = bo_count_comment + '$count_comment' where bo_table = '$move_bo_table' "); + + run_event('bbs_move_copy', $row2, $move_bo_table, $insert_id, $next_wr_num, $sw); delete_cache_latest($move_bo_table); } diff --git a/bbs/password.php b/bbs/password.php index 5f6c4672e..54209e9d3 100644 --- a/bbs/password.php +++ b/bbs/password.php @@ -3,6 +3,10 @@ include_once('./_common.php'); $g5['title'] = '비밀번호 입력'; +if( isset($comment_id) ){ + $comment_id = (int) $comment_id; +} + switch ($w) { case 'u' : $action = G5_HTTP_BBS_URL.'/write.php'; diff --git a/bbs/qadownload.php b/bbs/qadownload.php index 3c1a838c0..b6f163ed7 100644 --- a/bbs/qadownload.php +++ b/bbs/qadownload.php @@ -22,21 +22,26 @@ if($is_guest) { $filepath = G5_DATA_PATH.'/qa/'.$file['qa_file'.$no]; $filepath = addslashes($filepath); -if (!is_file($filepath) || !file_exists($filepath)) +$file_exist_check = (!is_file($filepath) || !file_exists($filepath)) ? false : true; + +if ( false === run_replace('qa_download_file_exist_check', $file_exist_check, $file) ){ alert('파일이 존재하지 않습니다.'); +} $g5['title'] = '다운로드 > '.conv_subject($file['qa_subject'], 255); +run_event('qa_download_file_header', $file, $file_exist_check); + $original = urlencode($file['qa_source'.$no]); if(preg_match("/msie/i", $_SERVER['HTTP_USER_AGENT']) && preg_match("/5\.5/", $_SERVER['HTTP_USER_AGENT'])) { header("content-type: doesn/matter"); - header("content-length: ".filesize("$filepath")); + header("content-length: ".filesize($filepath)); header("content-disposition: attachment; filename=\"$original\""); header("content-transfer-encoding: binary"); } else { header("content-type: file/unknown"); - header("content-length: ".filesize("$filepath")); + header("content-length: ".filesize($filepath)); header("content-disposition: attachment; filename=\"$original\""); header("content-description: php generated data"); } diff --git a/bbs/write_update.php b/bbs/write_update.php index 3f50cc96a..723cb7857 100644 --- a/bbs/write_update.php +++ b/bbs/write_update.php @@ -466,9 +466,9 @@ for ($i=0; $ino_profile'); +define('G5_NO_PROFILE_IMG', 'no_profile'); // 썸네일 처리 방식, 비율유지 하지 않고 썸네일을 생성하려면 주석을 풀고 값은 false 입력합니다. ( true 또는 주석으로 된 경우에는 비율 유지합니다. ) //define('G5_USE_THUMB_RATIO', false); diff --git a/extend/sms5.extend.php b/extend/sms5.extend.php index dbef097cf..cae7e38a3 100644 --- a/extend/sms5.extend.php +++ b/extend/sms5.extend.php @@ -13,6 +13,12 @@ define('G5_SMS5_ADMIN_DIR', 'sms_admin'); define('G5_SMS5_ADMIN_PATH', G5_ADMIN_PATH.'/'.G5_SMS5_ADMIN_DIR); define('G5_SMS5_ADMIN_URL', G5_ADMIN_URL.'/'.G5_SMS5_ADMIN_DIR); +define('ICODE_JSON_SOCKET_HOST', '211.172.232.124'); +define('ICODE_JSON_SOCKET_PORT', '9201'); + +define('G5_ICODE_LMS_MAX_LENGTH', 1500); // 구버전 LMS 최대길이 +define('G5_ICODE_JSON_MAX_LENGTH', 2000); // JSON 버전 LMS 최대길이 + // SMS 테이블명 $g5['sms5_prefix'] = 'sms5_'; $g5['sms5_config_table'] = $g5['sms5_prefix'] . 'config'; diff --git a/install/ajax.install.check.php b/install/ajax.install.check.php index fd5616f73..a6fc82f2c 100644 --- a/install/ajax.install.check.php +++ b/install/ajax.install.check.php @@ -15,6 +15,10 @@ if (file_exists($dbconfig_file)) { die(install_json_msg('프로그램이 이미 설치되어 있습니다.')); } +if (preg_match("/[^0-9a-z_]+/i", $_POST['table_prefix']) ) { + die(install_json_msg('TABLE명 접두사는 영문자, 숫자, _ 만 입력하세요.')); +} + $mysql_host = safe_install_string_check($_POST['mysql_host'], 'json'); $mysql_user = safe_install_string_check($_POST['mysql_user'], 'json'); $mysql_pass = safe_install_string_check($_POST['mysql_pass'], 'json'); diff --git a/install/install_config.php b/install/install_config.php index 6dd988989..937dc7008 100644 --- a/install/install_config.php +++ b/install/install_config.php @@ -61,13 +61,13 @@ $ajax_token = md5($tmp_str.$_SERVER['REMOTE_ADDR'].$_SERVER['DOCUMENT_ROOT']); - 가능한 변경하지 마십시오. + TABLE명 접두사는 영문자, 숫자, _ 만 입력 가능합니다. - 가능한 변경하지 마십시오. + 쇼핑몰TABLE명 접두사는 영문자, 숫자, _ 만 입력 가능합니다. diff --git a/install/install_db.php b/install/install_db.php index 73539409b..50f86f287 100644 --- a/install/install_db.php +++ b/install/install_db.php @@ -23,11 +23,11 @@ include_once ('./install.inc.php'); //print_r($_POST); exit; -$mysql_host = $_POST['mysql_host']; -$mysql_user = $_POST['mysql_user']; -$mysql_pass = $_POST['mysql_pass']; -$mysql_db = $_POST['mysql_db']; -$table_prefix= $_POST['table_prefix']; +$mysql_host = safe_install_string_check($_POST['mysql_host']); +$mysql_user = safe_install_string_check($_POST['mysql_user']); +$mysql_pass = safe_install_string_check($_POST['mysql_pass']); +$mysql_db = safe_install_string_check($_POST['mysql_db']); +$table_prefix= safe_install_string_check($_POST['table_prefix']); $admin_id = $_POST['admin_id']; $admin_pass = $_POST['admin_pass']; $admin_name = $_POST['admin_name']; @@ -35,9 +35,13 @@ $admin_email = $_POST['admin_email']; $g5_install = 0; if (isset($_POST['g5_install'])) $g5_install = $_POST['g5_install']; -$g5_shop_prefix = $_POST['g5_shop_prefix']; +$g5_shop_prefix = safe_install_string_check($_POST['g5_shop_prefix']); $g5_shop_install= $_POST['g5_shop_install']; +if (preg_match("/[^0-9a-z_]+/i", $table_prefix) || preg_match("/[^0-9a-z_]+/i", $g5_shop_prefix)) { + die('

TABLE명 접두사는 영문자, 숫자, _ 만 입력하세요.

뒤로가기
'); +} + if (preg_match("/[^0-9a-z_]+/i", $admin_id)) { die('

관리자 아이디는 영문자, 숫자, _ 만 입력하세요.

뒤로가기
'); } @@ -539,10 +543,10 @@ $f = @fopen($file, 'a'); fwrite($f, "= $minimum_coin) + $is_sms_send = true; + } + } + } + + return $is_sms_send; +} + function is_use_email_certify(){ global $config; @@ -3727,12 +3777,12 @@ function is_include_path_check($path='', $is_input='') try { // whether $path is unix or not - $unipath = strlen($path)==0 || $path{0}!='/'; + $unipath = strlen($path)==0 || substr($path, 0, 1) != '/'; $unc = substr($path,0,2)=='\\\\'?true:false; // attempts to detect if path is relative in which case, add cwd if(strpos($path,':') === false && $unipath && !$unc){ $path=getcwd().DIRECTORY_SEPARATOR.$path; - if($path{0}=='/'){ + if(substr($path, 0, 1) == '/'){ $unipath = false; } } diff --git a/lib/icode.lms.lib.php b/lib/icode.lms.lib.php index f7bb6f361..0da41bdb0 100644 --- a/lib/icode.lms.lib.php +++ b/lib/icode.lms.lib.php @@ -4,12 +4,19 @@ if (!defined('_GNUBOARD_')) exit; // 요금제에 따른 port 구분 function get_icode_port_type($id, $pw) { + global $config; + + // 토큰키를 사용한다면 true 로 리턴 + if( isset($config['cf_icode_token_key']) && $config['cf_icode_token_key'] ){ + return 1; + } + $userinfo = get_icode_userinfo($id, $pw); if($userinfo['payment'] == 'A') { // 충전제 return 1; } else if($userinfo['payment'] == 'C') { // 정액제 - return 1; + return 2; } else { return false; } @@ -28,10 +35,21 @@ class LMS { var $socket_portcode; var $Data = array(); var $Result = array(); + var $icode_key; // SMS 서버 접속 function SMS_con($host, $id, $pw, $portcode) { - $this->socket_host = $host; + global $config; + + // 토큰키를 사용한다면 + if(isset($config['cf_icode_token_key']) && $config['cf_icode_token_key']){ + $this->icode_key = $config['cf_icode_token_key']; + $this->socket_host = ICODE_JSON_SOCKET_HOST; + $this->socket_port = ICODE_JSON_SOCKET_PORT; + } else { + $this->socket_host = $host; + } + $this->socket_portcode = $portcode; $this->icode_id = FillSpace($id, 10); $this->icode_pw = FillSpace($pw, 10); @@ -43,32 +61,63 @@ class LMS { } function Add($strDest, $strCallBack, $strCaller, $strSubject, $strURL, $strData, $strDate="", $nCount) { + global $config; // 문자 타입별 Port 설정. $sendType = strlen($strData) > 90 ? 1 : 0; // 0: SMS / 1: LMS - /* 개발 완료 후 아래 포트를 rand 함수를 이용하는 라인으로 변경 바랍니다.*/ + // 토큰키를 사용한다면 + if( isset($config['cf_icode_token_key']) && $config['cf_icode_token_key'] === $this->icode_key ){ + + // 개행치환 + $strData = preg_replace("/\r\n/","\n",$strData); + $strData = preg_replace("/\r/","\n",$strData); - // 충전식 - if ($this->socket_portcode == 1) { - if($sendType && $sendType == 1) { - //$this->socket_port = 8200; // LMS - $this->socket_port=(int)rand(8200,8201); // LMS - } else { - //$this->socket_port = 6295; // SMS - $this->socket_port=(int)rand(6295,6297); // SMS - } - } - // 정액제 - else { - if($sendType && $sendType == 1) { - //$this->socket_port = 8300; // LMS - $this->socket_port=(int)rand(8300,8301); // LMS - } else { - //$this->socket_port = 6291; // SMS - $this->socket_port=(int)rand(6291,6293); // SMS - } - } + $checks = array('msg'=>$strData, 'subject'=>$strSubject); + $tmps = array(); + + foreach( $checks as $k=>$v ){ + + // 문자 내용이 euc-kr 인지 체크합니다. + $enc = mb_detect_encoding($v, array('EUC-KR', 'UTF-8')); + + // 문자 내용이 euc-kr 이면 json_encode 에서 깨지기 때문에 utf-8 로 변환합니다. + $tmps[$k] = ($enc === 'EUC-KR') ? iconv_utf8($v) : $v; + } + + $strData = $tmps['msg']; + $strSubject = $tmps['subject']; + + // 문자 타입별 Port 설정. + $sendType = strlen($strData)>90 ? 1 : 0; // 0: SMS / 1: LMS + if($sendType==0) $strSubject = ""; + + $is_use_json = true; + + } else { + /* 개발 완료 후 아래 포트를 rand 함수를 이용하는 라인으로 변경 바랍니다.*/ + + // 충전식 + if ($this->socket_portcode == 1) { + if($sendType && $sendType == 1) { + //$this->socket_port = 8200; // LMS + $this->socket_port=(int)rand(8200,8201); // LMS + } else { + //$this->socket_port = 6295; // SMS + $this->socket_port=(int)rand(6295,6297); // SMS + } + } + // 정액제 + else { + if($sendType && $sendType == 1) { + //$this->socket_port = 8300; // LMS + $this->socket_port=(int)rand(8300,8301); // LMS + } else { + //$this->socket_port = 6291; // SMS + $this->socket_port=(int)rand(6291,6293); // SMS + } + } + } $strCallBack = FillSpace($strCallBack, 11); // 회신번호 $strDate = FillSpace($strDate, 12); // 즉시(12byte 공백), 예약전송(YmdHi) @@ -88,9 +137,9 @@ class LMS { $strSubject = str_replace(">", "]", $strSubject); $strSubject = FillSpace($strSubject,30); - $strData = FillSpace(CutChar($strData,1500),1500); + $strData = $is_use_json ? CutCharUtf8($strData, G5_ICODE_JSON_MAX_LENGTH) : FillSpace(CutChar($strData, G5_ICODE_LMS_MAX_LENGTH), G5_ICODE_LMS_MAX_LENGTH); } else if (!$strURL) { - $strData = FillSpace(CutChar($strData,90),90); + $strData = $is_use_json ? CutCharUtf8($strData, G5_ICODE_JSON_MAX_LENGTH) : FillSpace(CutChar($strData,90),90); $strCaller = FillSpace($strCaller,10); } else { $strURL = FillSpace($strURL,50); @@ -102,39 +151,85 @@ class LMS { for ($i=0; $i<$nCount; $i++) { - $strDest[$i] = FillSpace($strDest[$i],11); - if ($sendType && $sendType == 1) { - $this->Data[$i] = '01144 '.$this->icode_id.$this->icode_pw.$strDest[$i].$strCallBack.$strSubject.$strDate.$strData; - } else if (!$strURL) { - $this->Data[$i] = '01144 '.$this->icode_id.$this->icode_pw.$strDest[$i].$strCallBack.$strCaller.$strDate.$strData; - } else { - $strData = FillSpace(CheckCallCenter($strURL, $strDest[$i], $strData),80); - $this->Data[$i] = '05173 '.$this->icode_id.$this->icode_pw.$strDest[$i].$strCallBack.$strURL.$strDate.$strData; - } + if($is_use_json) { + $strDest[$i] = $strDest[$i]; + $list = array( + "key" => $this->icode_key, + "tel" => $strDest[$i], + "cb" => $strCallBack, + "msg" => $strData, + "title" => $strSubject?$strSubject:"", + "date" => $strDate?$strDate:"" + ); + $packet = json_encode($list); + + if( !$packet ){ // json_encode가 잘못되었으면 보내지 않습니다. + continue; + } + $this->Data[$i] = '06'.str_pad(strlen($packet), 4, "0", STR_PAD_LEFT).$packet; + } else { + $strDest[$i] = FillSpace($strDest[$i],11); + if ($sendType && $sendType == 1) { + $this->Data[$i] = '01144 '.$this->icode_id.$this->icode_pw.$strDest[$i].$strCallBack.$strSubject.$strDate.$strData; + } else if (!$strURL) { + $this->Data[$i] = '01144 '.$this->icode_id.$this->icode_pw.$strDest[$i].$strCallBack.$strCaller.$strDate.$strData; + } else { + $strData = FillSpace(CheckCallCenter($strURL, $strDest[$i], $strData),80); + $this->Data[$i] = '05173 '.$this->icode_id.$this->icode_pw.$strDest[$i].$strCallBack.$strURL.$strDate.$strData; + } + } } return true; } function Send() { - $fsocket = fsockopen($this->socket_host,$this->socket_port, $errno, $errstr, 2); - if (!$fsocket) return false; - set_time_limit(60); + global $config; - foreach($this->Data as $puts) { - fputs($fsocket, $puts); - while(!$gets) { $gets = fgets($fsocket,30); } - $dest = substr($puts,26,11); - if (substr($gets,0,19) == "0223 00".$dest) { - $this->Result[] = $dest.":".substr($gets,19,10); - } else { - $this->Result[$dest] = $dest.":Error(".substr($gets,6,2).")"; - } - $gets = ""; - } + // 토큰키를 사용한다면 + if( isset($config['cf_icode_token_key']) && $config['cf_icode_token_key'] === $this->icode_key ){ + $fsocket = @fsockopen($this->socket_host,$this->socket_port, $errno, $errstr, 2); + if (!$fsocket) return false; + set_time_limit(300); - fclose($fsocket); - $this->Data = ""; + foreach($this->Data as $puts) { + fputs($fsocket, $puts); + while(!$gets) { $gets = fgets($fsocket,32); } + $json = json_decode(substr($puts,6), true); + + $dest = $json["tel"]; + if (substr($gets,0,20) == "0225 00".FillSpace($dest,12)) { + $this->Result[] = $dest.":".substr($gets,20,11); + + } else { + $this->Result[$dest] = $dest.":Error(".substr($gets,6,2).")"; + if(substr($gets,6,2) >= "80") break; + } + $gets = ""; + } + + fclose($fsocket); + } else { + $fsocket = @fsockopen($this->socket_host,$this->socket_port, $errno, $errstr, 2); + if (!$fsocket) return false; + set_time_limit(300); + + foreach($this->Data as $puts) { + fputs($fsocket, $puts); + while(!$gets) { $gets = fgets($fsocket,30); } + $dest = substr($puts,26,11); + if (substr($gets,0,19) == "0223 00".$dest) { + $this->Result[] = $dest.":".substr($gets,19,10); + } else { + $this->Result[$dest] = $dest.":Error(".substr($gets,6,2).")"; + } + $gets = ""; + } + + fclose($fsocket); + } + + $this->Data = array(); return true; } } @@ -168,6 +263,24 @@ function CutChar($word, $cut) { return $word; } +function CutCharUtf8($word, $cut) { + preg_match_all('/[\xE0-\xFF][\x80-\xFF]{2}|./', $word, $match); // target for BMP + + $m = $match[0]; + $slen = strlen($word); // length of source string + if ($slen <= $cut) return $word; + + $ret = array(); + $count = 0; + for ($i=0; $i < $cut; $i++) { + $count += (strlen($m[$i]) > 1)?2:1; + if ($count > $cut) break; + $ret[] = $m[$i]; + } + + return join('', $ret); +} + /** * 수신번호의 값이 정확한 값인지 확인합니다. * @@ -183,7 +296,6 @@ function CheckCommonTypeDest($strDest, $nCount) { } } - /** * 회신번호 유효성 여부조회 * * @param string callback 회신번호 diff --git a/lib/icode.sms.lib.php b/lib/icode.sms.lib.php index a3bee6613..6201f0081 100644 --- a/lib/icode.sms.lib.php +++ b/lib/icode.sms.lib.php @@ -44,8 +44,20 @@ class SMS { var $SMS_Port; var $Data = array(); var $Result = array(); + var $icode_key; + var $socket_port; + var $socket_host; function SMS_con($sms_server,$sms_id,$sms_pw,$port) { + global $config; + + // 토큰키를 사용한다면 + if(isset($config['cf_icode_token_key']) && $config['cf_icode_token_key']){ + $this->icode_key = $config['cf_icode_token_key']; + $this->socket_host = ICODE_JSON_SOCKET_HOST; + $this->socket_port = ICODE_JSON_SOCKET_PORT; + } + $this->ID=$sms_id; // 계약 후 지정 $this->PWD=$sms_pw; // 계약 후 지정 $this->SMS_Server=$sms_server; @@ -60,25 +72,82 @@ class SMS { } function Add($dest, $callBack, $Caller, $msg, $rsvTime="") { - global $g5; + global $g5, $config; - // 내용 검사 1 - $Error = CheckCommonType($dest, $rsvTime); - if ($Error) return $Error; - // 내용 검사 2 - //if ( eregi("[^0-9]",$callBack) ) return "회신 전화번호가 잘못되었습니다"; - if ( preg_match("/[^0-9]/i",$callBack) ) return "회신 전화번호가 잘못되었습니다"; + // 토큰키를 사용한다면 + if( isset($config['cf_icode_token_key']) && $config['cf_icode_token_key'] === $this->icode_key ){ - $msg=cut_char($msg,80); // 80자 제한 - // 보낼 내용을 배열에 집어넣기 - $dest = spacing($dest,11); - $callBack = spacing($callBack,11); - $Caller = spacing($Caller,10); - $rsvTime = spacing($rsvTime,12); - $msg = spacing($msg,80); + // 내용 검사 1 + $Error = CheckCommonType($dest, $rsvTime); + if ($Error) return $Error; + if ( preg_match("/[^0-9]/i",$callBack) ) return "회신 전화번호가 잘못되었습니다"; - $this->Data[] = '01144 '.$this->ID.$this->PWD.$dest.$callBack.$Caller.$rsvTime.$msg; - return ""; + // 개행치환 + $msg = preg_replace("/\r\n/", "\n", $msg); + $msg = preg_replace("/\r/", "\n", $msg); + // 90byte 이내는 SMS, 90 ~ 2000 byte 는 LMS 그 이상은 절삭 되어 LMS로 발송 + // SMS 이기 때문에 90byte 이내로 합니다. + $msg=cut_char($msg, 90); + $msg = spacing($msg, 90); + + // 한글 깨진것이 있는지 체크합니다. + if( preg_match('/^([\x00-\x7e]|.{2})*/', $msg, $z) ){ + $msg = $z[0]; + } + + // 문자 내용이 euc-kr 인지 체크합니다. + $enc = mb_detect_encoding($msg, array('EUC-KR', 'UTF-8')); + + // 문자 내용이 euc-kr 이면 json_encode 에서 깨지기 때문에 utf-8 로 변환합니다. + if($enc === 'EUC-KR'){ + $msg = iconv_utf8($msg); + } + + // 보낼 내용을 배열에 집어넣기 + $dest = spacing($dest,11); + $callBack = spacing($callBack,11); + $Caller = spacing($Caller,10); + $rsvTime = $rsvTime ? spacing($rsvTime,12) : ''; + + $list = array( + "key" => $this->icode_key, + "tel" => $dest, + "cb" => $callBack, + "msg" => $msg, + "title" => "", //SMS 의 경우 타이틀을 지정할수 없습니다. + "date" => $rsvTime + ); + + $packet = json_encode($list); + + if( !$packet ){ // json_encode가 잘못되었으면 보내지 않습니다. + return "json_encode error"; + } + $this->Data[] = '06'.str_pad(strlen($packet), 4, "0", STR_PAD_LEFT).$packet; + + return ''; + + } else { + // 기존 OLD SMS + + // 내용 검사 1 + $Error = CheckCommonType($dest, $rsvTime); + if ($Error) return $Error; + // 내용 검사 2 + //if ( eregi("[^0-9]",$callBack) ) return "회신 전화번호가 잘못되었습니다"; + if ( preg_match("/[^0-9]/i",$callBack) ) return "회신 전화번호가 잘못되었습니다"; + + $msg=cut_char($msg,80); // 80자 제한 + // 보낼 내용을 배열에 집어넣기 + $dest = spacing($dest,11); + $callBack = spacing($callBack,11); + $Caller = spacing($Caller,10); + $rsvTime = spacing($rsvTime,12); + $msg = spacing($msg,80); + + $this->Data[] = '01144 '.$this->ID.$this->PWD.$dest.$callBack.$Caller.$rsvTime.$msg; + return ""; + } } function AddURL($dest, $callBack, $URL, $msg, $rsvTime="") { @@ -121,26 +190,53 @@ class SMS { return ""; } - function Send () { - $fp=@fsockopen(trim($this->SMS_Server),trim($this->SMS_Port), $errno, $errstr, 2); - if (!$fp) return false; - set_time_limit(60); + function Send() { + global $config; - ## php4.3.10일경우 - ## zend 최신버전으로 업해주세요.. - ## 또는 122번째 줄을 $this->Data as $tmp => $puts 로 변경해 주세요. + // 토큰키를 사용한다면 + if( isset($config['cf_icode_token_key']) && $config['cf_icode_token_key'] === $this->icode_key ){ + $fsocket = @fsockopen(trim($this->socket_host),trim($this->socket_port), $errno, $errstr, 2); + if (!$fsocket) return false; + set_time_limit(300); - foreach($this->Data as $puts) { - $dest = substr($puts,26,11); - fputs($fp,$puts); - while(!$gets) { $gets=fgets($fp,30); } - if (substr($gets,0,19)=="0223 00".$dest) $this->Result[]=$dest.":".substr($gets,19,10); - else $this->Result[$dest]=$dest.":Error"; - $gets=""; - } - fclose($fp); - $this->Data=""; - return true; + foreach($this->Data as $puts) { + fputs($fsocket, $puts); + while(!$gets) { $gets = fgets($fsocket,32); } + $json = json_decode(substr($puts,6), true); + + $dest = $json["tel"]; + if (substr($gets,0,20) == "0225 00".spacing($dest,12)) { + $this->Result[] = $dest.":".substr($gets,20,11); + + } else { + $this->Result[$dest] = $dest.":Error(".substr($gets,6,2).")"; + if(substr($gets,6,2) >= "80") break; + } + $gets = ""; + } + fclose($fsocket); + + } else { + + $fp=@fsockopen(trim($this->SMS_Server),trim($this->SMS_Port)); + if (!$fp) return false; + set_time_limit(300); + + ## php4.3.10일경우 + ## zend 최신버전으로 업해주세요.. + ## 또는 122번째 줄을 $this->Data as $tmp => $puts 로 변경해 주세요. + + foreach($this->Data as $puts) { + $dest = substr($puts,26,11); + fputs($fp,$puts); + while(!$gets) { $gets=fgets($fp,30); } + if (substr($gets,0,19)=="0223 00".$dest) $this->Result[]=$dest.":".substr($gets,19,10); + else $this->Result[$dest]=$dest.":Error"; + $gets=""; + } + fclose($fp); + } + $this->Data=array(); } } ?> \ No newline at end of file diff --git a/lib/naverpay.lib.php b/lib/naverpay.lib.php index 6d1ab6d8c..853a9b4d8 100644 --- a/lib/naverpay.lib.php +++ b/lib/naverpay.lib.php @@ -38,7 +38,7 @@ class naverpay_register if(!$it['it_id']) continue; - if($it['it_sc_method'] == 1) { // 착불 + if($it['it_sc_type'] > 1 && $it['it_sc_method'] == 1) { // 착불 $cnt++; continue; } diff --git a/mobile/shop/orderformupdate.php b/mobile/shop/orderformupdate.php index 0184fccd3..c85cfeed9 100644 --- a/mobile/shop/orderformupdate.php +++ b/mobile/shop/orderformupdate.php @@ -770,25 +770,7 @@ include_once(G5_SHOP_PATH.'/ordermail2.inc.php'); // SMS BEGIN -------------------------------------------------------- // 주문고객과 쇼핑몰관리자에게 SMS 전송 if($config['cf_sms_use'] && ($default['de_sms_use2'] || $default['de_sms_use3'])) { - $is_sms_send = false; - - // 충전식일 경우 잔액이 있는지 체크 - if($config['cf_icode_id'] && $config['cf_icode_pw']) { - $userinfo = get_icode_userinfo($config['cf_icode_id'], $config['cf_icode_pw']); - - if($userinfo['code'] == 0) { - if($userinfo['payment'] == 'C') { // 정액제 - $is_sms_send = true; - } else { - $minimum_coin = 100; - if(defined('G5_ICODE_COIN')) - $minimum_coin = intval(G5_ICODE_COIN); - - if((int)$userinfo['coin'] >= $minimum_coin) - $is_sms_send = true; - } - } - } + $is_sms_send = (function_exists('is_sms_send')) ? is_sms_send('orderformupdate') : false; if($is_sms_send) { $sms_contents = array($default['de_sms_cont2'], $default['de_sms_cont3']); diff --git a/mobile/skin/board/basic/style.css b/mobile/skin/board/basic/style.css index ac9fb3c70..17b5be269 100644 --- a/mobile/skin/board/basic/style.css +++ b/mobile/skin/board/basic/style.css @@ -85,6 +85,7 @@ .more_opt {display:none;position:absolute;top:50px;right:7px;background:#fff;border:1px solid #b8bfc4;z-index:999} .more_opt:before {content:"";position:absolute;top:-8px;right:6px;width:0;height:0;border-style:solid;border-width:0 6px 8px 6px;border-color:transparent transparent #b8bfc4 transparent} .more_opt:after {content:"";position:absolute;top:-6px;right:6px;width:0;height:0;border-style:solid;border-width:0 6px 8px 6px;border-color:transparent transparent #fff transparent} +.more_opt.is_list_btn{width:90px} .more_opt li {display:block;border-bottom:1px solid #f1f1f1;padding:10px;margin:0;color:#6b757c;text-align:left} .more_opt li:last-child {border-bottom:0} .more_opt li button, .more_opt li a {width:100%;border:0;background:#fff;color:#6b757c} diff --git a/mobile/skin/board/basic/view.skin.php b/mobile/skin/board/basic/view.skin.php index 78c0a067d..3cd9811ba 100644 --- a/mobile/skin/board/basic/view.skin.php +++ b/mobile/skin/board/basic/view.skin.php @@ -143,7 +143,7 @@ jQuery(function($){ if (isset($view['file'][$i]['source']) && $view['file'][$i]['source'] && !$view['file'][$i]['view']) { ?>
  • - + () diff --git a/mobile/skin/board/basic/view_comment.skin.php b/mobile/skin/board/basic/view_comment.skin.php index 6ff08887b..eda34f3fa 100644 --- a/mobile/skin/board/basic/view_comment.skin.php +++ b/mobile/skin/board/basic/view_comment.skin.php @@ -22,6 +22,7 @@ var char_max = parseInt(); // 최대 $str = preg_replace("/\[\\]/i", "", $str); $c_reply_href = $comment_common_url.'&c_id='.$comment_id.'&w=c#bo_vc_w'; $c_edit_href = $comment_common_url.'&c_id='.$comment_id.'&w=cu#bo_vc_w'; + $is_comment_reply_edit = ($list[$i]['is_reply'] || $list[$i]['is_edit'] || $list[$i]['is_del']) ? 1 : 0; ?>
    style="margin-left:px;border-bottom-color:#f8f8f8">
    @@ -37,6 +38,7 @@ var char_max = parseInt(); // 최대 +
    + ", $str); $c_reply_href = $comment_common_url.'&c_id='.$comment_id.'&w=c#bo_vc_w'; $c_edit_href = $comment_common_url.'&c_id='.$comment_id.'&w=cu#bo_vc_w'; + $is_comment_reply_edit = ($list[$i]['is_reply'] || $list[$i]['is_edit'] || $list[$i]['is_del']) ? 1 : 0; ?>
    style="margin-left:px;border-bottom-color:#f8f8f8">
    @@ -37,6 +38,7 @@ var char_max = parseInt(); // 최대 +
      @@ -45,6 +47,7 @@ var char_max = parseInt(); // 최대
    • 삭제
    + + + + - - \ No newline at end of file + \ No newline at end of file diff --git a/skin/board/basic/write.skin.php b/skin/board/basic/write.skin.php index c62eca526..5e341d278 100644 --- a/skin/board/basic/write.skin.php +++ b/skin/board/basic/write.skin.php @@ -130,7 +130,7 @@ add_stylesheet('', 0
    - " id="wr_link" class="frm_input full_input" size="50"> + " id="wr_link" class="frm_input full_input" size="50">
    diff --git a/skin/board/gallery/list.skin.php b/skin/board/gallery/list.skin.php index 79337530b..8a50868fa 100644 --- a/skin/board/gallery/list.skin.php +++ b/skin/board/gallery/list.skin.php @@ -36,7 +36,6 @@ add_stylesheet('', 0 페이지
    - -
    diff --git a/skin/board/gallery/style.css b/skin/board/gallery/style.css index 67bbbdc73..c58c86801 100644 --- a/skin/board/gallery/style.css +++ b/skin/board/gallery/style.css @@ -124,7 +124,7 @@ box-shadow:inset 0 2px 5px rgb(33, 135, 202)} #bo_gall .gall_now .gall_text_href a {color:#ff3061} #bo_gall .gall_href a:link, #bo_gall .gall_href a:focus, #bo_gall .gall_href a:hover {text-decoration:none} -#bo_gall .gall_img {border-bottom:1px solid #eee;text-align:center;max-height:200px;overflow:hidden} +#bo_gall .gall_img {border-bottom:1px solid #eee;text-align:center;height:200px;max-height:200px;overflow:hidden} #bo_gall .gall_img a,#bo_gall .gall_img .no_image,#bo_gall .gall_img .is_notice {display:block} #bo_gall .gall_img img {max-width:100%;height:auto !important} #bo_gall .gall_img span {display:inline-block;background:#eaeaea;text-align:center;line-height:200px;text-transform:uppercase;font-weight:bold;font-size:1.25em;color:#777} diff --git a/skin/board/gallery/view.skin.php b/skin/board/gallery/view.skin.php index ea415a230..358c6d844 100644 --- a/skin/board/gallery/view.skin.php +++ b/skin/board/gallery/view.skin.php @@ -161,7 +161,7 @@ add_stylesheet('', 0 ?>
  • - + ()
    diff --git a/skin/board/gallery/view_comment.skin.php b/skin/board/gallery/view_comment.skin.php index c918445e3..704020f2b 100644 --- a/skin/board/gallery/view_comment.skin.php +++ b/skin/board/gallery/view_comment.skin.php @@ -26,6 +26,7 @@ var char_max = parseInt(); // 최대 $cmt_sv = $cmt_amt - $i + 1; // 댓글 헤더 z-index 재설정 ie8 이하 사이드뷰 겹침 문제 해결 $c_reply_href = $comment_common_url.'&c_id='.$comment_id.'&w=c#bo_vc_w'; $c_edit_href = $comment_common_url.'&c_id='.$comment_id.'&w=cu#bo_vc_w'; + $is_comment_reply_edit = ($list[$i]['is_reply'] || $list[$i]['is_edit'] || $list[$i]['is_del']) ? 1 : 0; ?>
    style="margin-left:px;border-top-color:#e0e0e0"> @@ -53,7 +54,7 @@ var char_max = parseInt(); // 최대 비밀글

    - ); // 최대 " id="secret_comment_">
    • +
    + + + + - - \ No newline at end of file + \ No newline at end of file diff --git a/skin/board/gallery/write.skin.php b/skin/board/gallery/write.skin.php index 3e3617db6..a99b79000 100644 --- a/skin/board/gallery/write.skin.php +++ b/skin/board/gallery/write.skin.php @@ -128,7 +128,7 @@ add_stylesheet('', 0
    - " id="wr_link" class="frm_input full_input" size="50"> + " id="wr_link" class="frm_input full_input" size="50">
    diff --git a/skin/latest/pic_block/latest.skin.php b/skin/latest/pic_block/latest.skin.php index 791e2b48b..dcd824410 100644 --- a/skin/latest/pic_block/latest.skin.php +++ b/skin/latest/pic_block/latest.skin.php @@ -24,7 +24,7 @@ $list_count = (is_array($list) && $list) ? count($list) : 0; } $img_content = ''.$thumb['alt'].''; ?> -
  • +
  • 비밀글 "; diff --git a/skin/latest/pic_block/style.css b/skin/latest/pic_block/style.css index 6b5dbb8af..a7c8601fe 100644 --- a/skin/latest/pic_block/style.css +++ b/skin/latest/pic_block/style.css @@ -10,7 +10,7 @@ .pic_lt ul:after {display:block;visibility:hidden;clear:both;content:""} .pic_lt ul {margin: 0 -10px} .pic_lt li {float:left;width:25%;padding:0 10px} -.pic_lt li.galley_li:nth-child(4n+1) {clear: both!important} +.pic_lt li.gallery_li:nth-child(4n+1) {clear: both!important} .pic_lt li .lt_img {margin:5px 0;display:block} .pic_lt li .lt_img img {width:100%;height:auto} .pic_lt li a:hover {color:#a22121} diff --git a/skin/qa/basic/view.skin.php b/skin/qa/basic/view.skin.php index 8c00c0105..a8db766a5 100644 --- a/skin/qa/basic/view.skin.php +++ b/skin/qa/basic/view.skin.php @@ -107,7 +107,7 @@ add_stylesheet('', 0); ?>
  • - +
    • diff --git a/theme/basic/mobile/skin/board/basic/style.css b/theme/basic/mobile/skin/board/basic/style.css index ac9fb3c70..17b5be269 100644 --- a/theme/basic/mobile/skin/board/basic/style.css +++ b/theme/basic/mobile/skin/board/basic/style.css @@ -85,6 +85,7 @@ .more_opt {display:none;position:absolute;top:50px;right:7px;background:#fff;border:1px solid #b8bfc4;z-index:999} .more_opt:before {content:"";position:absolute;top:-8px;right:6px;width:0;height:0;border-style:solid;border-width:0 6px 8px 6px;border-color:transparent transparent #b8bfc4 transparent} .more_opt:after {content:"";position:absolute;top:-6px;right:6px;width:0;height:0;border-style:solid;border-width:0 6px 8px 6px;border-color:transparent transparent #fff transparent} +.more_opt.is_list_btn{width:90px} .more_opt li {display:block;border-bottom:1px solid #f1f1f1;padding:10px;margin:0;color:#6b757c;text-align:left} .more_opt li:last-child {border-bottom:0} .more_opt li button, .more_opt li a {width:100%;border:0;background:#fff;color:#6b757c} diff --git a/theme/basic/mobile/skin/board/basic/view.skin.php b/theme/basic/mobile/skin/board/basic/view.skin.php index 78c0a067d..3cd9811ba 100644 --- a/theme/basic/mobile/skin/board/basic/view.skin.php +++ b/theme/basic/mobile/skin/board/basic/view.skin.php @@ -143,7 +143,7 @@ jQuery(function($){ if (isset($view['file'][$i]['source']) && $view['file'][$i]['source'] && !$view['file'][$i]['view']) { ?>
  • - + () diff --git a/theme/basic/mobile/skin/board/basic/view_comment.skin.php b/theme/basic/mobile/skin/board/basic/view_comment.skin.php index 6ff08887b..eda34f3fa 100644 --- a/theme/basic/mobile/skin/board/basic/view_comment.skin.php +++ b/theme/basic/mobile/skin/board/basic/view_comment.skin.php @@ -22,6 +22,7 @@ var char_max = parseInt(); // 최대 $str = preg_replace("/\[\\]/i", "", $str); $c_reply_href = $comment_common_url.'&c_id='.$comment_id.'&w=c#bo_vc_w'; $c_edit_href = $comment_common_url.'&c_id='.$comment_id.'&w=cu#bo_vc_w'; + $is_comment_reply_edit = ($list[$i]['is_reply'] || $list[$i]['is_edit'] || $list[$i]['is_del']) ? 1 : 0; ?>
    style="margin-left:px;border-bottom-color:#f8f8f8">
    @@ -37,6 +38,7 @@ var char_max = parseInt(); // 최대 +
    + ", $str); $c_reply_href = $comment_common_url.'&c_id='.$comment_id.'&w=c#bo_vc_w'; $c_edit_href = $comment_common_url.'&c_id='.$comment_id.'&w=cu#bo_vc_w'; + $is_comment_reply_edit = ($list[$i]['is_reply'] || $list[$i]['is_edit'] || $list[$i]['is_del']) ? 1 : 0; ?>
    style="margin-left:px;border-bottom-color:#f8f8f8">
    @@ -37,6 +38,7 @@ var char_max = parseInt(); // 최대 +
      @@ -45,6 +47,7 @@ var char_max = parseInt(); // 최대
    • 삭제
    + + + + - - \ No newline at end of file + \ No newline at end of file diff --git a/theme/basic/skin/board/basic/write.skin.php b/theme/basic/skin/board/basic/write.skin.php index c62eca526..5e341d278 100644 --- a/theme/basic/skin/board/basic/write.skin.php +++ b/theme/basic/skin/board/basic/write.skin.php @@ -130,7 +130,7 @@ add_stylesheet('', 0
    - " id="wr_link" class="frm_input full_input" size="50"> + " id="wr_link" class="frm_input full_input" size="50">
    diff --git a/theme/basic/skin/board/gallery/list.skin.php b/theme/basic/skin/board/gallery/list.skin.php index 79337530b..8a50868fa 100644 --- a/theme/basic/skin/board/gallery/list.skin.php +++ b/theme/basic/skin/board/gallery/list.skin.php @@ -36,7 +36,6 @@ add_stylesheet('', 0 페이지
    - -
    diff --git a/theme/basic/skin/board/gallery/style.css b/theme/basic/skin/board/gallery/style.css index 67bbbdc73..c58c86801 100644 --- a/theme/basic/skin/board/gallery/style.css +++ b/theme/basic/skin/board/gallery/style.css @@ -124,7 +124,7 @@ box-shadow:inset 0 2px 5px rgb(33, 135, 202)} #bo_gall .gall_now .gall_text_href a {color:#ff3061} #bo_gall .gall_href a:link, #bo_gall .gall_href a:focus, #bo_gall .gall_href a:hover {text-decoration:none} -#bo_gall .gall_img {border-bottom:1px solid #eee;text-align:center;max-height:200px;overflow:hidden} +#bo_gall .gall_img {border-bottom:1px solid #eee;text-align:center;height:200px;max-height:200px;overflow:hidden} #bo_gall .gall_img a,#bo_gall .gall_img .no_image,#bo_gall .gall_img .is_notice {display:block} #bo_gall .gall_img img {max-width:100%;height:auto !important} #bo_gall .gall_img span {display:inline-block;background:#eaeaea;text-align:center;line-height:200px;text-transform:uppercase;font-weight:bold;font-size:1.25em;color:#777} diff --git a/theme/basic/skin/board/gallery/view.skin.php b/theme/basic/skin/board/gallery/view.skin.php index ea415a230..358c6d844 100644 --- a/theme/basic/skin/board/gallery/view.skin.php +++ b/theme/basic/skin/board/gallery/view.skin.php @@ -161,7 +161,7 @@ add_stylesheet('', 0 ?>
  • - + ()
    diff --git a/theme/basic/skin/board/gallery/view_comment.skin.php b/theme/basic/skin/board/gallery/view_comment.skin.php index c918445e3..0c856557a 100644 --- a/theme/basic/skin/board/gallery/view_comment.skin.php +++ b/theme/basic/skin/board/gallery/view_comment.skin.php @@ -26,6 +26,7 @@ var char_max = parseInt(); // 최대 $cmt_sv = $cmt_amt - $i + 1; // 댓글 헤더 z-index 재설정 ie8 이하 사이드뷰 겹침 문제 해결 $c_reply_href = $comment_common_url.'&c_id='.$comment_id.'&w=c#bo_vc_w'; $c_edit_href = $comment_common_url.'&c_id='.$comment_id.'&w=cu#bo_vc_w'; + $is_comment_reply_edit = ($list[$i]['is_reply'] || $list[$i]['is_edit'] || $list[$i]['is_del']) ? 1 : 0; ?>
    style="margin-left:px;border-top-color:#e0e0e0"> @@ -53,7 +54,7 @@ var char_max = parseInt(); // 최대 비밀글

    - ); // 최대 " id="secret_comment_"> +
      @@ -78,6 +80,7 @@ var char_max = parseInt(); // 최대
    • 삭제
    + + + + - - \ No newline at end of file + \ No newline at end of file diff --git a/theme/basic/skin/board/gallery/write.skin.php b/theme/basic/skin/board/gallery/write.skin.php index 3e3617db6..a99b79000 100644 --- a/theme/basic/skin/board/gallery/write.skin.php +++ b/theme/basic/skin/board/gallery/write.skin.php @@ -128,7 +128,7 @@ add_stylesheet('', 0
    - " id="wr_link" class="frm_input full_input" size="50"> + " id="wr_link" class="frm_input full_input" size="50">
    diff --git a/theme/basic/skin/qa/basic/view.skin.php b/theme/basic/skin/qa/basic/view.skin.php index 8c00c0105..a8db766a5 100644 --- a/theme/basic/skin/qa/basic/view.skin.php +++ b/theme/basic/skin/qa/basic/view.skin.php @@ -107,7 +107,7 @@ add_stylesheet('', 0); ?>
  • - +