firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

Merge branch 'master' of github.com:gnuboard/g5

Browse Source
This commit is contained in:
thisgun
2019-06-13 16:33:42 +09:00
parent 50c7f26b3d 17238808b5
commit aa9edb872b
18 changed files with 60 additions and 42 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
adm/board_form.php
View File

@ -869,7 +869,7 @@ $pg_anchor = '<ul class="anchor">
<tr>
<th scope="row"><label for="bo_content_head">상단 내용</label></th>
<td>
<?php echo editor_html("bo_content_head", get_text($board['bo_content_head'], 0)); ?>
<?php echo editor_html("bo_content_head", get_text(html_purifier($board['bo_content_head']), 0)); ?>
</td>
<td class="td_grpset">
<input type="checkbox" name="chk_grp_content_head" value="1" id="chk_grp_content_head">
@ -881,7 +881,7 @@ $pg_anchor = '<ul class="anchor">
<tr>
<th scope="row"><label for="bo_content_tail">하단 내용</label></th>
<td>
<?php echo editor_html("bo_content_tail", get_text($board['bo_content_tail'], 0)); ?>
<?php echo editor_html("bo_content_tail", get_text(html_purifier($board['bo_content_tail']), 0)); ?>
</td>
<td class="td_grpset">
<input type="checkbox" name="chk_grp_content_tail" value="1" id="chk_grp_content_tail">
@ -893,7 +893,7 @@ $pg_anchor = '<ul class="anchor">
<tr>
<th scope="row"><label for="bo_mobile_content_head">모바일 상단 내용</label></th>
<td>
<?php echo editor_html("bo_mobile_content_head", get_text($board['bo_mobile_content_head'], 0)); ?>
<?php echo editor_html("bo_mobile_content_head", get_text(html_purifier($board['bo_mobile_content_head']), 0)); ?>
</td>
<td class="td_grpset">
<input type="checkbox" name="chk_grp_mobile_content_head" value="1" id="chk_grp_mobile_content_head">
@ -905,7 +905,7 @@ $pg_anchor = '<ul class="anchor">
<tr>
<th scope="row"><label for="bo_mobile_content_tail">모바일 하단 내용</label></th>
<td>
<?php echo editor_html("bo_mobile_content_tail", get_text($board['bo_mobile_content_tail'], 0)); ?>
<?php echo editor_html("bo_mobile_content_tail", get_text(html_purifier($board['bo_mobile_content_tail']), 0)); ?>
</td>
<td class="td_grpset">
<input type="checkbox" name="chk_grp_mobile_content_tail" value="1" id="chk_grp_mobile_content_tail">

4
adm/board_list_update.php
View File

@ -29,9 +29,11 @@ if ($_POST['act_button'] == "선택수정") {
alert('최고관리자가 아닌 경우 다른 관리자의 게시판('.$board_table[$k].')은 수정이 불가합니다.');
}
$p_bo_subject = is_array($_POST['bo_subject']) ? strip_tags($_POST['bo_subject'][$k]) : '';
$sql = " update {$g5['board_table']}
set gr_id = '".sql_real_escape_string(strip_tags($_POST['gr_id'][$k]))."',
bo_subject = '".sql_real_escape_string(strip_tags($_POST['bo_subject'][$k]))."',
bo_subject = '".$p_bo_subject."',
bo_device = '".sql_real_escape_string(strip_tags($_POST['bo_device'][$k]))."',
bo_skin = '".sql_real_escape_string(strip_tags($_POST['bo_skin'][$k]))."',
bo_mobile_skin = '".sql_real_escape_string(strip_tags($_POST['bo_mobile_skin'][$k]))."',

5
adm/boardgroup_list_update.php
View File

@ -19,7 +19,8 @@ for ($i=0; $i<$count; $i++)
{
$k = $_POST['chk'][$i];
$gr_id = preg_replace('/[^a-z0-9_]/i', '', $_POST['group_id'][$k]);
$gr_subject = sql_real_escape_string(strip_tags($_POST['gr_subject'][$k]));
$gr_subject = is_array($_POST['gr_subject']) ? strip_tags($_POST['gr_subject'][$k]) : '';
$gr_admin = is_array($_POST['gr_admin']) ? strip_tags($_POST['gr_admin'][$k]) : '';
if($_POST['act_button'] == '선택수정') {
$sql = " update {$g5['group_table']}
@ -30,7 +31,7 @@ for ($i=0; $i<$count; $i++)
gr_order = '".sql_real_escape_string($_POST['gr_order'][$k])."'
where gr_id = '{$gr_id}' ";
if ($is_admin != 'super')
$sql .= " and gr_admin = '{$_POST['gr_admin'][$k]}' ";
$sql .= " and gr_admin = '{$gr_admin}' ";
sql_query($sql);
} else if($_POST['act_button'] == '선택삭제') {
$row = sql_fetch(" select count(*) as cnt from {$g5['board_table']} where gr_id = '$gr_id' ");

1
adm/contentform.php
View File

@ -35,6 +35,7 @@ if(!sql_query(" select co_skin from {$g5['content_table']} limit 1 ", false)) {
$html_title = "내용";
$g5['title'] = $html_title.' 관리';
$readonly = '';
if ($w == "u")
{

4
adm/faqform.php
View File

@ -54,11 +54,11 @@ include_once (G5_ADMIN_PATH.'/admin.head.php');
</tr>
<tr>
<th scope="row">질문</th>
<td><?php echo editor_html('fa_subject', get_text($fa['fa_subject'], 0)); ?></td>
<td><?php echo editor_html('fa_subject', get_text(html_purifier($fa['fa_subject']), 0)); ?></td>
</tr>
<tr>
<th scope="row">답변</th>
<td><?php echo editor_html('fa_content', get_text($fa['fa_content'], 0)); ?></td>
<td><?php echo editor_html('fa_content', get_text(html_purifier($fa['fa_content']), 0)); ?></td>
</tr>
</tbody>
</table>

8
adm/faqmasterform.php
View File

@ -117,25 +117,25 @@ include_once (G5_ADMIN_PATH.'/admin.head.php');
<tr>
<th scope="row">상단 내용</th>
<td>
<?php echo editor_html('fm_head_html', get_text($fm['fm_head_html'], 0)); ?>
<?php echo editor_html('fm_head_html', get_text(html_purifier($fm['fm_head_html']), 0)); ?>
</td>
</tr>
<tr>
<th scope="row">하단 내용</th>
<td>
<?php echo editor_html('fm_tail_html', get_text($fm['fm_tail_html'], 0)); ?>
<?php echo editor_html('fm_tail_html', get_text(html_purifier($fm['fm_tail_html']), 0)); ?>
</td>
</tr>
<tr>
<th scope="row">모바일상단 내용</th>
<td>
<?php echo editor_html('fm_mobile_head_html', get_text($fm['fm_mobile_head_html'], 0)); ?>
<?php echo editor_html('fm_mobile_head_html', get_text(html_purifier($fm['fm_mobile_head_html']), 0)); ?>
</td>
</tr>
<tr>
<th scope="row">모바일하단 내용</th>
<td>
<?php echo editor_html('fm_mobile_tail_html', get_text($fm['fm_mobile_tail_html'], 0)); ?>
<?php echo editor_html('fm_mobile_tail_html', get_text(html_purifier($fm['fm_mobile_tail_html']), 0)); ?>
</td>
</tr>
</tbody>

2
adm/mail_form.php
View File

@ -44,7 +44,7 @@ include_once('./admin.head.php');
</tr>
<tr>
<th scope="row"><label for="ma_content">메일 내용<strong class="sound_only">필수</strong></label></th>
<td><?php echo editor_html("ma_content", get_text($ma['ma_content'], 0)); ?></td>
<td><?php echo editor_html("ma_content", get_text(html_purifier($ma['ma_content']), 0)); ?></td>
</tr>
</tbody>
</table>

12
adm/menu_list_update.php
View File

@ -20,9 +20,11 @@ $count = count($_POST['code']);
for ($i=0; $i<$count; $i++)
{
$_POST = array_map_deep('trim', $_POST);
$_POST['me_link'][$i] = is_array($_POST['me_link']) ? clean_xss_tags($_POST['me_link'][$i], 1) : '';
$code = strip_tags($_POST['code'][$i]);
$me_name = strip_tags($_POST['me_name'][$i]);
$code = is_array($_POST['code']) ? strip_tags($_POST['code'][$i]) : '';
$me_name = is_array($_POST['me_name']) ? strip_tags($_POST['me_name'][$i]) : '';
$me_link = (preg_match('/^javascript/i', $_POST['me_link'][$i]) || preg_match('/script:/i', $_POST['me_link'][$i])) ? G5_URL : strip_tags($_POST['me_link'][$i]);
if(!$code || !$me_name || !$me_link)
@ -56,9 +58,9 @@ for ($i=0; $i<$count; $i++)
// 메뉴 등록
$sql = " insert into {$g5['menu_table']}
set me_code = '$me_code',
me_name = '$me_name',
me_link = '$me_link',
set me_code = '".$me_code."',
me_name = '".$me_name."',
me_link = '".$me_link."',
me_target = '".sql_real_escape_string(strip_tags($_POST['me_target'][$i]))."',
me_order = '".sql_real_escape_string(strip_tags($_POST['me_order'][$i]))."',
me_use = '".sql_real_escape_string(strip_tags($_POST['me_use'][$i]))."',

2
adm/newwinform.php
View File

@ -130,7 +130,7 @@ include_once (G5_ADMIN_PATH.'/admin.head.php');
</tr>
<tr>
<th scope="row"><label for="nw_content">내용</label></th>
<td><?php echo editor_html('nw_content', get_text($nw['nw_content'], 0)); ?></td>
<td><?php echo editor_html('nw_content', get_text(html_purifier($nw['nw_content']), 0)); ?></td>
</tr>
</tbody>
</table>

8
adm/qa_config.php
View File

@ -282,25 +282,25 @@ if(!isset($qaconfig['qa_include_head'])) {
<tr>
<th scope="row"><label for="qa_content_head">상단 내용</label></th>
<td>
<?php echo editor_html("qa_content_head", get_text($qaconfig['qa_content_head'], 0)); ?>
<?php echo editor_html("qa_content_head", get_text(html_purifier($qaconfig['qa_content_head']), 0)); ?>
</td>
</tr>
<tr>
<th scope="row"><label for="qa_content_tail">하단 내용</label></th>
<td>
<?php echo editor_html("qa_content_tail", get_text($qaconfig['qa_content_tail'], 0)); ?>
<?php echo editor_html("qa_content_tail", get_text(html_purifier($qaconfig['qa_content_tail']), 0)); ?>
</td>
</tr>
<tr>
<th scope="row"><label for="qa_mobile_content_head">모바일 상단 내용</label></th>
<td>
<?php echo editor_html("qa_mobile_content_head", get_text($qaconfig['qa_mobile_content_head'], 0)); ?>
<?php echo editor_html("qa_mobile_content_head", get_text(html_purifier($qaconfig['qa_mobile_content_head']), 0)); ?>
</td>
</tr>
<tr>
<th scope="row"><label for="qa_mobile_content_tail">모바일 하단 내용</label></th>
<td>
<?php echo editor_html("qa_mobile_content_tail", get_text($qaconfig['qa_mobile_content_tail'], 0)); ?>
<?php echo editor_html("qa_mobile_content_tail", get_text(html_purifier($qaconfig['qa_mobile_content_tail']), 0)); ?>
</td>
</tr>
<tr>

2
adm/visit_list.php
View File

@ -73,7 +73,7 @@ $result = sql_query($sql);
}
$title = str_replace(array('<', '>', '&'), array("&lt;", "&gt;", "&amp;"), $referer);
$link = '<a href="'.$row['vi_referer'].'" target="_blank">';
$link = '<a href="'.get_text($row['vi_referer']).'" target="_blank">';
$link = str_replace('&', "&amp;", $link);
$link2 = '</a>';
}

2
adm/visit_search.php
View File

@ -92,7 +92,7 @@ $listall = '<a href="'.$_SERVER['SCRIPT_NAME'].'">처음</a>'; //페이지 처
}
$title = str_replace(array("<", ">"), array("&lt;", "&gt;"), $referer);
$link = '<a href="'.$row['vi_referer'].'" target="_blank" title="'.$title.'">';
$link = '<a href="'.get_text($row['vi_referer']).'" target="_blank" title="'.$title.'">';
}
if ($is_admin == 'super')