From ae29c976e645f79452f7b88917f116d460d5deea Mon Sep 17 00:00:00 2001 From: projectSylas Date: Tue, 4 Jan 2022 05:36:16 +0000 Subject: [PATCH] =?UTF-8?q?=ED=86=B5=ED=95=A9=EC=9D=B8=EC=A6=9D=20:=20?= =?UTF-8?q?=EC=9D=B4=EB=A6=84/=ED=95=B8=EB=93=9C=ED=8F=B0=20=EC=9D=B8?= =?UTF-8?q?=ED=92=8B=20=EB=B0=B8=EB=A5=98=20=EC=A1=B0=EC=9E=91=EC=8B=9C=20?= =?UTF-8?q?=ED=95=B4=EC=89=AC=EA=B0=92=20=EC=B2=B4=ED=81=AC=20=EB=A1=9C?= =?UTF-8?q?=EC=A7=81=20=EC=B6=94=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- bbs/member_cert_refresh_update.php | 20 ++++++++++++-------- bbs/register_form_update.php | 20 ++++++++++++-------- plugin/inicert/ini_result.php | 9 ++++++++- plugin/kcpcert/kcpcert_result.php | 2 +- plugin/lgxpay/AuthOnlyRes.php | 2 +- plugin/okname/hpcert2.php | 2 +- plugin/social/register_member_update.php | 19 ++++++++++++------- 7 files changed, 47 insertions(+), 27 deletions(-) diff --git a/bbs/member_cert_refresh_update.php b/bbs/member_cert_refresh_update.php index 3e9beac9c..39b4c9a9d 100644 --- a/bbs/member_cert_refresh_update.php +++ b/bbs/member_cert_refresh_update.php @@ -36,20 +36,24 @@ $md5_cert_no = get_session('ss_cert_no'); $cert_type = get_session('ss_cert_type'); if ($config['cf_cert_use'] && $cert_type && $md5_cert_no) { // 해시값이 같은 경우에만 본인확인 값을 저장한다. - if (get_session('ss_cert_hash') == md5($mb_name.$cert_type.get_session('ss_cert_birth').$md5_cert_no)) { - $sql_certify .= " mb_hp = '{$mb_hp}' "; + if ($cert_type == 'ipin' && get_session('ss_cert_hash') == md5($mb_name.$cert_type.get_session('ss_cert_birth').$md5_cert_no)) { // 아이핀일때 hash 값 체크 hp미포함 + $sql_certify .= " , mb_hp = '{$mb_hp}' "; + $sql_certify .= " , mb_certify = '{$cert_type}' "; + $sql_certify .= " , mb_adult = '".get_session('ss_cert_adult')."' "; + $sql_certify .= " , mb_birth = '".get_session('ss_cert_birth')."' "; + $sql_certify .= " , mb_sex = '".get_session+('ss_cert_sex')."' "; + $sql_certify .= " , mb_dupinfo = '".get_session('ss_cert_dupinfo')."' "; + $sql_certify .= " , mb_name = '{$mb_name}' "; + } else if($cert_type != 'ipin' && get_session('ss_cert_hash') == md5($mb_name.$cert_type.get_session('ss_cert_birth').$mb_hp.$md5_cert_no)) { // 통합인증, 휴대폰일때 hash 값 체크 hp포함 + $sql_certify .= " , mb_hp = '{$mb_hp}' "; $sql_certify .= " , mb_certify = '{$cert_type}' "; $sql_certify .= " , mb_adult = '".get_session('ss_cert_adult')."' "; $sql_certify .= " , mb_birth = '".get_session('ss_cert_birth')."' "; $sql_certify .= " , mb_sex = '".get_session('ss_cert_sex')."' "; $sql_certify .= " , mb_dupinfo = '".get_session('ss_cert_dupinfo')."' "; $sql_certify .= " , mb_name = '{$mb_name}' "; - } else { - $sql_certify .= " mb_hp = '{$mb_hp}' "; - $sql_certify .= " , mb_certify = '' "; - $sql_certify .= " , mb_adult = 0 "; - $sql_certify .= " , mb_birth = '' "; - $sql_certify .= " , mb_sex = '' "; + }else { + alert('본인인증된 정보와 입력된 회원정보가 일치하지않습니다. 다시시도 해주세요'); } } else { if (get_session("ss_reg_mb_name") != $mb_name || get_session("ss_reg_mb_hp") != $mb_hp) { diff --git a/bbs/register_form_update.php b/bbs/register_form_update.php index 972dff0a8..8955520dd 100644 --- a/bbs/register_form_update.php +++ b/bbs/register_form_update.php @@ -176,7 +176,16 @@ $md5_cert_no = get_session('ss_cert_no'); $cert_type = get_session('ss_cert_type'); if ($config['cf_cert_use'] && $cert_type && $md5_cert_no) { // 해시값이 같은 경우에만 본인확인 값을 저장한다. - if (get_session('ss_cert_hash') == md5($mb_name.$cert_type.get_session('ss_cert_birth').$md5_cert_no)) { + if ($cert_type == 'ipin' && get_session('ss_cert_hash') == md5($mb_name.$cert_type.get_session('ss_cert_birth').$md5_cert_no)) { // 아이핀일때 hash 값 체크 hp미포함 + $sql_certify .= " , mb_hp = '{$mb_hp}' "; + $sql_certify .= " , mb_certify = '{$cert_type}' "; + $sql_certify .= " , mb_adult = '".get_session('ss_cert_adult')."' "; + $sql_certify .= " , mb_birth = '".get_session('ss_cert_birth')."' "; + $sql_certify .= " , mb_sex = '".get_session+('ss_cert_sex')."' "; + $sql_certify .= " , mb_dupinfo = '".get_session('ss_cert_dupinfo')."' "; + if($w == 'u') + $sql_certify .= " , mb_name = '{$mb_name}' "; + } else if($cert_type != 'ipin' && get_session('ss_cert_hash') == md5($mb_name.$cert_type.get_session('ss_cert_birth').$mb_hp.$md5_cert_no)) { // 통합인증, 휴대폰일때 hash 값 체크 hp포함 $sql_certify .= " , mb_hp = '{$mb_hp}' "; $sql_certify .= " , mb_certify = '{$cert_type}' "; $sql_certify .= " , mb_adult = '".get_session('ss_cert_adult')."' "; @@ -185,12 +194,8 @@ if ($config['cf_cert_use'] && $cert_type && $md5_cert_no) { $sql_certify .= " , mb_dupinfo = '".get_session('ss_cert_dupinfo')."' "; if($w == 'u') $sql_certify .= " , mb_name = '{$mb_name}' "; - } else { - $sql_certify .= " , mb_hp = '{$mb_hp}' "; - $sql_certify .= " , mb_certify = '' "; - $sql_certify .= " , mb_adult = 0 "; - $sql_certify .= " , mb_birth = '' "; - $sql_certify .= " , mb_sex = '' "; + }else { + alert('본인인증된 정보와 입력된 회원정보가 일치하지않습니다. 다시시도 해주세요'); } } else { if (get_session("ss_reg_mb_name") != $mb_name || get_session("ss_reg_mb_hp") != $mb_hp) { @@ -202,7 +207,6 @@ if ($config['cf_cert_use'] && $cert_type && $md5_cert_no) { } } //=============================================================== - if ($w == '') { $sql = " insert into {$g5['member_table']} set mb_id = '{$mb_id}', diff --git a/plugin/inicert/ini_result.php b/plugin/inicert/ini_result.php index a2d9804c7..ffe924505 100644 --- a/plugin/inicert/ini_result.php +++ b/plugin/inicert/ini_result.php @@ -46,6 +46,13 @@ if ($_POST["resultCode"] === "0000") { $md5_ci = md5($ci . $ci); $phone_no = hyphen_hp_number($phone_no); $mb_dupinfo = $md5_ci; + + // $sql = " select mb_dupinfo from {$g5['member_table']} where mb_id = '{$member['mb_id']}'"; + // $row = sql_fetch($sql); + + // if (!empty($row['mb_dupinfo'])) { + // if($row['mb_dupinfo'] != $mb_dupinfo) alert_close("해당 계정은 이미 다른명의로 본인인증 되어있는 계정입니다."); + // } $sql = " select mb_id from {$g5['member_table']} where mb_id <> '{$member['mb_id']}' and mb_dupinfo = '{$mb_dupinfo}' "; $row = sql_fetch($sql); @@ -56,7 +63,7 @@ if ($_POST["resultCode"] === "0000") { // hash 데이터 $md5_cert_no = md5($cert_no); - $hash_data = md5($user_name.$cert_type.$birth_day.$md5_cert_no); + $hash_data = md5($user_name.$cert_type.$birth_day.$phone_no.$md5_cert_no); // 성인인증결과 $adult_day = date("Ymd", strtotime("-19 years", G5_SERVER_TIME)); diff --git a/plugin/kcpcert/kcpcert_result.php b/plugin/kcpcert/kcpcert_result.php index 814993dee..100223fa9 100644 --- a/plugin/kcpcert/kcpcert_result.php +++ b/plugin/kcpcert/kcpcert_result.php @@ -160,7 +160,7 @@ if( $cert_enc_use == "Y" ) // hash 데이터 $cert_type = 'hp'; $md5_cert_no = md5($cert_no); - $hash_data = md5($user_name.$cert_type.$birth_day.$md5_cert_no); + $hash_data = md5($user_name.$cert_type.$birth_day.$phone_no.$md5_cert_no); // 성인인증결과 $adult_day = date("Ymd", strtotime("-19 years", G5_SERVER_TIME)); diff --git a/plugin/lgxpay/AuthOnlyRes.php b/plugin/lgxpay/AuthOnlyRes.php index f09d8c13d..6f202e3a3 100644 --- a/plugin/lgxpay/AuthOnlyRes.php +++ b/plugin/lgxpay/AuthOnlyRes.php @@ -140,7 +140,7 @@ if ($xpay->TX()) { // hash 데이터 $cert_type = 'hp'; $md5_cert_no = md5($cert_no); - $hash_data = md5($user_name.$cert_type.$birth_day.$md5_cert_no); + $hash_data = md5($user_name.$cert_type.$birth_day.$phone_no.$md5_cert_no); // 성인인증결과 $adult_day = date("Ymd", strtotime("-19 years", G5_SERVER_TIME)); diff --git a/plugin/okname/hpcert2.php b/plugin/okname/hpcert2.php index 26ca27601..ada63f818 100644 --- a/plugin/okname/hpcert2.php +++ b/plugin/okname/hpcert2.php @@ -123,7 +123,7 @@ if (!empty($row['mb_id'])) { // hash 데이터 $cert_type = 'hp'; $md5_cert_no = md5($req_num); -$hash_data = md5($mb_name.$cert_type.$mb_birth.$md5_cert_no); +$hash_data = md5($mb_name.$cert_type.$mb_birth.$phone_no.$md5_cert_no); // 성인인증결과 $adult_day = date("Ymd", strtotime("-19 years", G5_SERVER_TIME)); diff --git a/plugin/social/register_member_update.php b/plugin/social/register_member_update.php index 8502704f4..61dc7bb83 100644 --- a/plugin/social/register_member_update.php +++ b/plugin/social/register_member_update.php @@ -117,7 +117,16 @@ if($config['cf_cert_use']) { $cert_type = get_session('ss_cert_type'); if ($config['cf_cert_use'] && $cert_type && $md5_cert_no) { // 해시값이 같은 경우에만 본인확인 값을 저장한다. - if (get_session('ss_cert_hash') == md5($mb_name.$cert_type.get_session('ss_cert_birth').$md5_cert_no)) { + if ($cert_type == 'ipin' && get_session('ss_cert_hash') == md5($mb_name.$cert_type.get_session('ss_cert_birth').$md5_cert_no)) { // 아이핀일때 hash 값 체크 hp미포함 + $sql_certify .= " , mb_hp = '{$mb_hp}' "; + $sql_certify .= " , mb_certify = '{$cert_type}' "; + $sql_certify .= " , mb_adult = '".get_session('ss_cert_adult')."' "; + $sql_certify .= " , mb_birth = '".get_session('ss_cert_birth')."' "; + $sql_certify .= " , mb_sex = '".get_session+('ss_cert_sex')."' "; + $sql_certify .= " , mb_dupinfo = '".get_session('ss_cert_dupinfo')."' "; + if($w == 'u') + $sql_certify .= " , mb_name = '{$mb_name}' "; + } else if($cert_type != 'ipin' && get_session('ss_cert_hash') == md5($mb_name.$cert_type.get_session('ss_cert_birth').$mb_hp.$md5_cert_no)) { // 통합인증, 휴대폰일때 hash 값 체크 hp포함 $sql_certify .= " , mb_hp = '{$mb_hp}' "; $sql_certify .= " , mb_certify = '{$cert_type}' "; $sql_certify .= " , mb_adult = '".get_session('ss_cert_adult')."' "; @@ -126,12 +135,8 @@ if($config['cf_cert_use']) { $sql_certify .= " , mb_dupinfo = '".get_session('ss_cert_dupinfo')."' "; if($w == 'u') $sql_certify .= " , mb_name = '{$mb_name}' "; - } else { - $sql_certify .= " , mb_hp = '{$mb_hp}' "; - $sql_certify .= " , mb_certify = '' "; - $sql_certify .= " , mb_adult = 0 "; - $sql_certify .= " , mb_birth = '' "; - $sql_certify .= " , mb_sex = '' "; + }else { + alert('본인인증된 정보와 개인정보가 일치하지않습니다. 다시시도 해주세요'); } } else { if (get_session("ss_reg_mb_name") != $mb_name || get_session("ss_reg_mb_hp") != $mb_hp) {