firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

Checked PSR-1: Basic Coding Standard

Browse Source
This commit is contained in:
kjh
2022-05-27 09:20:20 +00:00
parent 9199b7c986
commit b1640d7b76
42 changed files with 3734 additions and 3518 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
adm/_common.php
View File

@ -1,10 +1,10 @@
<?php
define('G5_IS_ADMIN', true);
include_once ('../common.php');
include_once(G5_ADMIN_PATH.'/admin.lib.php');
require_once '../common.php';
require_once G5_ADMIN_PATH . '/admin.lib.php';
if( isset($token) ){
if (isset($token)) {
$token = @htmlspecialchars(strip_tags($token), ENT_QUOTES);
}
run_event('admin_common');
run_event('admin_common');

92
adm/_rewrite_config_form.php
View File

@ -1,5 +1,7 @@
<?php
if (!defined('_GNUBOARD_')) exit;
if (!defined('_GNUBOARD_')) {
exit;
}
$is_use_apache = (stripos($_SERVER['SERVER_SOFTWARE'], 'apache') !== false);
@ -11,29 +13,29 @@ $is_write_file = false;
$is_apache_need_rules = false;
$is_apache_rewrite = false;
if( !($is_use_apache || $is_use_nginx || $is_use_iis) ){ // 셋다 아니면 다 출력시킨다.
if (!($is_use_apache || $is_use_nginx || $is_use_iis)) { // 셋다 아니면 다 출력시킨다.
$is_use_apache = true;
$is_use_nginx = true;
}
if ( $is_use_nginx ){
if ($is_use_nginx) {
$is_write_file = false;
}
if ( $is_use_apache ){
$is_write_file = (is_writable(G5_PATH) || (file_exists(G5_PATH.'/.htaccess') && is_writable(G5_PATH.'/.htaccess'))) ? true : false;
if ($is_use_apache) {
$is_write_file = (is_writable(G5_PATH) || (file_exists(G5_PATH . '/.htaccess') && is_writable(G5_PATH . '/.htaccess'))) ? true : false;
$is_apache_need_rules = check_need_rewrite_rules();
$is_apache_rewrite = function_exists('apache_get_modules') && in_array('mod_rewrite', apache_get_modules());
}
$get_path_url = parse_url( G5_URL );
$get_path_url = parse_url(G5_URL);
$base_path = isset($get_path_url['path']) ? $get_path_url['path'].'/' : '/';
$base_path = isset($get_path_url['path']) ? $get_path_url['path'] . '/' : '/';
// add_stylesheet('css 구문', 출력순서); 숫자가 작을 수록 먼저 출력됨
add_stylesheet('<link rel="stylesheet" href="'.G5_JS_URL.'/remodal/remodal.css">', 11);
add_stylesheet('<link rel="stylesheet" href="'.G5_JS_URL.'/remodal/remodal-default-theme.css">', 12);
add_javascript('<script src="'.G5_JS_URL.'/remodal/remodal.js"></script>', 10);
add_stylesheet('<link rel="stylesheet" href="' . G5_JS_URL . '/remodal/remodal.css">', 11);
add_stylesheet('<link rel="stylesheet" href="' . G5_JS_URL . '/remodal/remodal-default-theme.css">', 12);
add_javascript('<script src="' . G5_JS_URL . '/remodal/remodal.js"></script>', 10);
?>
<section id="anc_cf_url">
<h2 class="h2_frm">짧은 주소 설정</h2>
@ -41,48 +43,48 @@ add_javascript('<script src="'.G5_JS_URL.'/remodal/remodal.js"></script>', 10);
<div class="local_desc02 local_desc">
<p>
게시판과 컨텐츠 페이지에 짧은 URL 을 사용합니다. <a href="https://sir.kr/manual/g5/286" class="btn btn_03" target="_blank" style="margin-left:10px">설정 관련 메뉴얼 보기</a>
<?php if( $is_use_apache && ! $is_use_nginx ){ ?>
<?php if( ! $is_apache_rewrite ){ ?>
<br><strong>Apache 서버인 경우 rewrite_module 이 비활성화 되어 있으면 짧은 주소를 사용할수 없습니다.</strong>
<?php } else if( ! $is_write_file && $is_apache_need_rules ) { // apache인 경우 ?>
<br><strong>짧은 주소 사용시 아래 Apache 설정 코드를 참고하여 설정해 주세요.</strong>
<?php if ($is_use_apache && !$is_use_nginx) { ?>
<?php if (!$is_apache_rewrite) { ?>
<br><strong>Apache 서버인 경우 rewrite_module 이 비활성화 되어 있으면 짧은 주소를 사용할수 없습니다.</strong>
<?php } elseif (!$is_write_file && $is_apache_need_rules) { // apache인 경우 ?>
<br><strong>짧은 주소 사용시 아래 Apache 설정 코드를 참고하여 설정해 주세요.</strong>
<?php } ?>
<?php } ?>
</p>
</div>
<div class="server_config_views">
<?php if ( $is_use_apache ){ ?>
<?php if ($is_use_apache) { ?>
<button type="button" data-remodal-target="modal_apache" class="btn btn_03">Apache 설정 코드 보기</button>
<?php } ?>
<?php if ( $is_use_nginx ) { ?>
<?php if ($is_use_nginx) { ?>
<button type="button" data-remodal-target="modal_nginx" class="btn btn_03">Nginx 설정 코드 보기</button>
<?php } ?>
</div>
<div class="tbl_frm01 tbl_wrap">
<table>
<caption>짧은주소 설정</caption>
<colgroup>
<col class="grid_4">
<col>
</colgroup>
<tbody>
<?php
$short_url_arrs = array(
'0'=>array('label'=>'사용안함', 'url'=>G5_URL.'/board.php?bo_table=free&wr_id=123'),
'1'=>array('label'=>'숫자', 'url'=>G5_URL.'/free/123'),
'2'=>array('label'=>'글 이름', 'url'=>G5_URL.'/free/안녕하세요/'),
);
foreach($short_url_arrs as $k=>$v){
$checked = ((int) $config['cf_bbs_rewrite'] === (int) $k) ? 'checked' : '';
?>
<tr>
<td><input name="cf_bbs_rewrite" id="cf_bbs_rewrite_<?php echo $k; ?>" type="radio" value="<?php echo $k; ?>" <?php echo $checked;?> ><label for="cf_bbs_rewrite_<?php echo $k; ?>" class="rules_label"><?php echo $v['label']; ?></label></td>
<td><?php echo $v['url']; ?></td>
</tr>
<?php } //end foreach ?>
</tbody>
<caption>짧은주소 설정</caption>
<colgroup>
<col class="grid_4">
<col>
</colgroup>
<tbody>
<?php
$short_url_arrs = array(
'0' => array('label' => '사용안함', 'url' => G5_URL . '/board.php?bo_table=free&wr_id=123'),
'1' => array('label' => '숫자', 'url' => G5_URL . '/free/123'),
'2' => array('label' => '글 이름', 'url' => G5_URL . '/free/안녕하세요/'),
);
foreach ($short_url_arrs as $k => $v) {
$checked = ((int) $config['cf_bbs_rewrite'] === (int) $k) ? 'checked' : '';
?>
<tr>
<td><input name="cf_bbs_rewrite" id="cf_bbs_rewrite_<?php echo $k; ?>" type="radio" value="<?php echo $k; ?>" <?php echo $checked; ?>><label for="cf_bbs_rewrite_<?php echo $k; ?>" class="rules_label"><?php echo $v['label']; ?></label></td>
<td><?php echo $v['url']; ?></td>
</tr>
<?php } //end foreach ?>
</tbody>
</table>
</div>
@ -95,13 +97,13 @@ add_javascript('<script src="'.G5_JS_URL.'/remodal/remodal.js"></script>', 10);
</button>
<h4 class="copy_title">.htaccess 파일에 적용할 코드입니다.
<?php if( ! $is_apache_rewrite ) { ?>
<br><span class="info-warning">Apache 서버인 경우 rewrite_module 이 비활성화 되어 있으면 짧은 주소를 사용할수 없습니다.</span>
<?php } else if ( ! $is_write_file && $is_apache_need_rules ) { ?>
<br><span class="info-warning">자동으로 .htaccess 파일을 수정 할수 있는 권한이 없습니다.<br>.htaccess 파일이 없다면 생성 후에, 아래 코드가 없으면 코드를 복사하여 붙여넣기 해 주세요.</span>
<?php } else if ( ! $is_apache_need_rules ){ ?>
<br><span class="info-success">정상적으로 적용된 상태입니다.</span>
<?php } ?>
<?php if (!$is_apache_rewrite) { ?>
<br><span class="info-warning">Apache 서버인 경우 rewrite_module 이 비활성화 되어 있으면 짧은 주소를 사용할수 없습니다.</span>
<?php } elseif (!$is_write_file && $is_apache_need_rules) { ?>
<br><span class="info-warning">자동으로 .htaccess 파일을 수정 할수 있는 권한이 없습니다.<br>.htaccess 파일이 없다면 생성 후에, 아래 코드가 없으면 코드를 복사하여 붙여넣기 해 주세요.</span>
<?php } elseif (!$is_apache_need_rules) { ?>
<br><span class="info-success">정상적으로 적용된 상태입니다.</span>
<?php } ?>
</h4>
<textarea readonly="readonly" rows="10"><?php echo get_mod_rewrite_rules(true); ?></textarea>
</div>

170
adm/admin.head.php
View File

@ -1,25 +1,29 @@
<?php
if (!defined('_GNUBOARD_')) exit;
if (!defined('_GNUBOARD_')) {
exit;
}
$g5_debug['php']['begin_time'] = $begin_time = get_microtime();
$files = glob(G5_ADMIN_PATH.'/css/admin_extend_*');
$files = glob(G5_ADMIN_PATH . '/css/admin_extend_*');
if (is_array($files)) {
foreach ((array) $files as $k=>$css_file) {
foreach ((array) $files as $k => $css_file) {
$fileinfo = pathinfo($css_file);
$ext = $fileinfo['extension'];
if( $ext !== 'css' ) continue;
if ($ext !== 'css') {
continue;
}
$css_file = str_replace(G5_ADMIN_PATH, G5_ADMIN_URL, $css_file);
add_stylesheet('<link rel="stylesheet" href="'.$css_file.'">', $k);
add_stylesheet('<link rel="stylesheet" href="' . $css_file . '">', $k);
}
}
include_once(G5_PATH.'/head.sub.php');
require_once G5_PATH . '/head.sub.php';
function print_menu1($key, $no='')
function print_menu1($key, $no = '')
{
global $menu;
@ -28,35 +32,39 @@ function print_menu1($key, $no='')
return $str;
}
function print_menu2($key, $no='')
function print_menu2($key, $no = '')
{
global $menu, $auth_menu, $is_admin, $auth, $g5, $sub_menu;
$str = "<ul>";
for($i=1; $i<count($menu[$key]); $i++)
{
if( ! isset($menu[$key][$i]) ){
for ($i = 1; $i < count($menu[$key]); $i++) {
if (!isset($menu[$key][$i])) {
continue;
}
if ($is_admin != 'super' && (!array_key_exists($menu[$key][$i][0],$auth) || !strstr($auth[$menu[$key][$i][0]], 'r')))
if ($is_admin != 'super' && (!array_key_exists($menu[$key][$i][0], $auth) || !strstr($auth[$menu[$key][$i][0]], 'r'))) {
continue;
}
$gnb_grp_div = $gnb_grp_style = '';
if (isset($menu[$key][$i][4])){
if (($menu[$key][$i][4] == 1 && $gnb_grp_style == false) || ($menu[$key][$i][4] != 1 && $gnb_grp_style == true)) $gnb_grp_div = 'gnb_grp_div';
if (isset($menu[$key][$i][4])) {
if (($menu[$key][$i][4] == 1 && $gnb_grp_style == false) || ($menu[$key][$i][4] != 1 && $gnb_grp_style == true)) {
$gnb_grp_div = 'gnb_grp_div';
}
if ($menu[$key][$i][4] == 1) $gnb_grp_style = 'gnb_grp_style';
if ($menu[$key][$i][4] == 1) {
$gnb_grp_style = 'gnb_grp_style';
}
}
$current_class = '';
if ($menu[$key][$i][0] == $sub_menu){
if ($menu[$key][$i][0] == $sub_menu) {
$current_class = ' on';
}
$str .= '<li data-menu="'.$menu[$key][$i][0].'"><a href="'.$menu[$key][$i][2].'" class="gnb_2da '.$gnb_grp_style.' '.$gnb_grp_div.$current_class.'">'.$menu[$key][$i][1].'</a></li>';
$str .= '<li data-menu="' . $menu[$key][$i][0] . '"><a href="' . $menu[$key][$i][2] . '" class="gnb_2da ' . $gnb_grp_style . ' ' . $gnb_grp_div . $current_class . '">' . $menu[$key][$i][1] . '</a></li>';
$auth_menu[$menu[$key][$i][0]] = $menu[$key][$i][1];
}
@ -66,12 +74,12 @@ function print_menu2($key, $no='')
}
$adm_menu_cookie = array(
'container' => '',
'gnb' => '',
'btn_gnb' => '',
'container' => '',
'gnb' => '',
'btn_gnb' => '',
);
if( ! empty($_COOKIE['g5_admin_btn_gnb']) ){
if (!empty($_COOKIE['g5_admin_btn_gnb'])) {
$adm_menu_cookie['container'] = 'container-small';
$adm_menu_cookie['gnb'] = 'gnb_small';
$adm_menu_cookie['btn_gnb'] = 'btn_gnb_open';
@ -79,26 +87,25 @@ if( ! empty($_COOKIE['g5_admin_btn_gnb']) ){
?>
<script>
var tempX = 0;
var tempY = 0;
var tempX = 0;
var tempY = 0;
function imageview(id, w, h)
{
function imageview(id, w, h) {
menu(id);
menu(id);
var el_id = document.getElementById(id);
var el_id = document.getElementById(id);
//submenu = eval(name+".style");
submenu = el_id.style;
submenu.left = tempX - ( w + 11 );
submenu.top = tempY - ( h / 2 );
//submenu = eval(name+".style");
submenu = el_id.style;
submenu.left = tempX - (w + 11);
submenu.top = tempY - (h / 2);
selectBoxVisible();
selectBoxVisible();
if (el_id.style.display != 'none')
selectBoxHidden(id);
}
if (el_id.style.display != 'none')
selectBoxHidden(id);
}
</script>
<div id="to_content"><a href="#container">본문 바로가기</a></div>
@ -106,13 +113,13 @@ function imageview(id, w, h)
<header id="hd">
<h1><?php echo $config['cf_title'] ?></h1>
<div id="hd_top">
<button type="button" id="btn_gnb" class="btn_gnb_close <?php echo $adm_menu_cookie['btn_gnb'];?>">메뉴</button>
<div id="logo"><a href="<?php echo correct_goto_url(G5_ADMIN_URL); ?>"><img src="<?php echo G5_ADMIN_URL ?>/img/logo.png" alt="<?php echo get_text($config['cf_title']); ?> 관리자"></a></div>
<button type="button" id="btn_gnb" class="btn_gnb_close <?php echo $adm_menu_cookie['btn_gnb']; ?>">메뉴</button>
<div id="logo"><a href="<?php echo correct_goto_url(G5_ADMIN_URL); ?>"><img src="<?php echo G5_ADMIN_URL ?>/img/logo.png" alt="<?php echo get_text($config['cf_title']); ?> 관리자"></a></div>
<div id="tnb">
<ul>
<?php if (defined('G5_USE_SHOP') && G5_USE_SHOP) { ?>
<li class="tnb_li"><a href="<?php echo G5_SHOP_URL ?>/" class="tnb_shop" target="_blank" title="쇼핑몰 바로가기">쇼핑몰 바로가기</a></li>
<li class="tnb_li"><a href="<?php echo G5_SHOP_URL ?>/" class="tnb_shop" target="_blank" title="쇼핑몰 바로가기">쇼핑몰 바로가기</a></li>
<?php } ?>
<li class="tnb_li"><a href="<?php echo G5_URL ?>/" class="tnb_community" target="_blank" title="커뮤니티 바로가기">커뮤니티 바로가기</a></li>
<li class="tnb_li"><a href="<?php echo G5_ADMIN_URL ?>/service.php" class="tnb_service">부가서비스</a></li>
@ -130,33 +137,34 @@ function imageview(id, w, h)
<ul class="gnb_ul">
<?php
$jj = 1;
foreach($amenu as $key=>$value) {
foreach ($amenu as $key => $value) {
$href1 = $href2 = '';
if (isset($menu['menu'.$key][0][2]) && $menu['menu'.$key][0][2]) {
$href1 = '<a href="'.$menu['menu'.$key][0][2].'" class="gnb_1da">';
if (isset($menu['menu' . $key][0][2]) && $menu['menu' . $key][0][2]) {
$href1 = '<a href="' . $menu['menu' . $key][0][2] . '" class="gnb_1da">';
$href2 = '</a>';
} else {
continue;
}
$current_class = "";
if (isset($sub_menu) && (substr($sub_menu, 0, 3) == substr($menu['menu'.$key][0][0], 0, 3)))
if (isset($sub_menu) && (substr($sub_menu, 0, 3) == substr($menu['menu' . $key][0][0], 0, 3))) {
$current_class = " on";
}
$button_title = $menu['menu'.$key][0][1];
$button_title = $menu['menu' . $key][0][1];
?>
<li class="gnb_li<?php echo $current_class;?>">
<button type="button" class="btn_op menu-<?php echo $key; ?> menu-order-<?php echo $jj; ?>" title="<?php echo $button_title; ?>"><?php echo $button_title;?></button>
<div class="gnb_oparea_wr">
<div class="gnb_oparea">
<h3><?php echo $menu['menu'.$key][0][1];?></h3>
<?php echo print_menu1('menu'.$key, 1); ?>
<li class="gnb_li<?php echo $current_class; ?>">
<button type="button" class="btn_op menu-<?php echo $key; ?> menu-order-<?php echo $jj; ?>" title="<?php echo $button_title; ?>"><?php echo $button_title; ?></button>
<div class="gnb_oparea_wr">
<div class="gnb_oparea">
<h3><?php echo $menu['menu' . $key][0][1]; ?></h3>
<?php echo print_menu1('menu' . $key, 1); ?>
</div>
</div>
</div>
</li>
</li>
<?php
$jj++;
$jj++;
} //end foreach
?>
</ul>
@ -164,39 +172,37 @@ function imageview(id, w, h)
</header>
<script>
jQuery(function($){
jQuery(function($) {
var menu_cookie_key = 'g5_admin_btn_gnb';
var menu_cookie_key = 'g5_admin_btn_gnb';
$(".tnb_mb_btn").click(function(){
$(".tnb_mb_area").toggle();
});
$(".tnb_mb_btn").click(function() {
$(".tnb_mb_area").toggle();
});
$("#btn_gnb").click(function(){
var $this = $(this);
$("#btn_gnb").click(function() {
try {
if( ! $this.hasClass("btn_gnb_open") ){
set_cookie(menu_cookie_key, 1, 60*60*24*365);
} else {
delete_cookie(menu_cookie_key);
}
}
catch(err) {
}
var $this = $(this);
$("#container").toggleClass("container-small");
$("#gnb").toggleClass("gnb_small");
$this.toggleClass("btn_gnb_open");
try {
if (!$this.hasClass("btn_gnb_open")) {
set_cookie(menu_cookie_key, 1, 60 * 60 * 24 * 365);
} else {
delete_cookie(menu_cookie_key);
}
} catch (err) {}
$("#container").toggleClass("container-small");
$("#gnb").toggleClass("gnb_small");
$this.toggleClass("btn_gnb_open");
});
$(".gnb_ul li .btn_op").click(function() {
$(this).parent().addClass("on").siblings().removeClass("on");
});
});
$(".gnb_ul li .btn_op" ).click(function() {
$(this).parent().addClass("on").siblings().removeClass("on");
});
});
</script>

425
adm/admin.lib.php
View File

@ -1,5 +1,7 @@
<?php
if (!defined('_GNUBOARD_')) exit;
if (!defined('_GNUBOARD_')) {
exit;
}
/*
// 081022 : CSRF 방지를 위해 코드를 작성했으나 효과가 없어 주석처리 함
@ -10,17 +12,17 @@ if (!get_session('ss_admin')) {
*/
// 스킨디렉토리를 SELECT 형식으로 얻음
function get_skin_select($skin_gubun, $id, $name, $selected='', $event='')
function get_skin_select($skin_gubun, $id, $name, $selected = '', $event = '')
{
global $config;
$skins = array();
if(defined('G5_THEME_PATH') && $config['cf_theme']) {
$dirs = get_skin_dir($skin_gubun, G5_THEME_PATH.'/'.G5_SKIN_DIR);
if(!empty($dirs)) {
foreach($dirs as $dir) {
$skins[] = 'theme/'.$dir;
if (defined('G5_THEME_PATH') && $config['cf_theme']) {
$dirs = get_skin_dir($skin_gubun, G5_THEME_PATH . '/' . G5_SKIN_DIR);
if (!empty($dirs)) {
foreach ($dirs as $dir) {
$skins[] = 'theme/' . $dir;
}
}
}
@ -28,12 +30,15 @@ function get_skin_select($skin_gubun, $id, $name, $selected='', $event='')
$skins = array_merge($skins, get_skin_dir($skin_gubun));
$str = "<select id=\"$id\" name=\"$name\" $event>\n";
for ($i=0; $i<count($skins); $i++) {
if ($i == 0) $str .= "<option value=\"\">선택</option>";
if(preg_match('#^theme/(.+)$#', $skins[$i], $match))
$text = '(테마) '.$match[1];
else
for ($i = 0; $i < count($skins); $i++) {
if ($i == 0) {
$str .= "<option value=\"\">선택</option>";
}
if (preg_match('#^theme/(.+)$#', $skins[$i], $match)) {
$text = '(테마) ' . $match[1];
} else {
$text = $skins[$i];
}
$str .= option_selected($skins[$i], $selected, $text);
}
@ -42,30 +47,33 @@ function get_skin_select($skin_gubun, $id, $name, $selected='', $event='')
}
// 모바일 스킨디렉토리를 SELECT 형식으로 얻음
function get_mobile_skin_select($skin_gubun, $id, $name, $selected='', $event='')
function get_mobile_skin_select($skin_gubun, $id, $name, $selected = '', $event = '')
{
global $config;
$skins = array();
if(defined('G5_THEME_PATH') && $config['cf_theme']) {
$dirs = get_skin_dir($skin_gubun, G5_THEME_MOBILE_PATH.'/'.G5_SKIN_DIR);
if(!empty($dirs)) {
foreach($dirs as $dir) {
$skins[] = 'theme/'.$dir;
if (defined('G5_THEME_PATH') && $config['cf_theme']) {
$dirs = get_skin_dir($skin_gubun, G5_THEME_MOBILE_PATH . '/' . G5_SKIN_DIR);
if (!empty($dirs)) {
foreach ($dirs as $dir) {
$skins[] = 'theme/' . $dir;
}
}
}
$skins = array_merge($skins, get_skin_dir($skin_gubun, G5_MOBILE_PATH.'/'.G5_SKIN_DIR));
$skins = array_merge($skins, get_skin_dir($skin_gubun, G5_MOBILE_PATH . '/' . G5_SKIN_DIR));
$str = "<select id=\"$id\" name=\"$name\" $event>\n";
for ($i=0; $i<count($skins); $i++) {
if ($i == 0) $str .= "<option value=\"\">선택</option>";
if(preg_match('#^theme/(.+)$#', $skins[$i], $match))
$text = '(테마) '.$match[1];
else
for ($i = 0; $i < count($skins); $i++) {
if ($i == 0) {
$str .= "<option value=\"\">선택</option>";
}
if (preg_match('#^theme/(.+)$#', $skins[$i], $match)) {
$text = '(테마) ' . $match[1];
} else {
$text = $skins[$i];
}
$str .= option_selected($skins[$i], $selected, $text);
}
@ -75,21 +83,26 @@ function get_mobile_skin_select($skin_gubun, $id, $name, $selected='', $event=''
// 스킨경로를 얻는다
function get_skin_dir($skin, $skin_path=G5_SKIN_PATH)
function get_skin_dir($skin, $skin_path = G5_SKIN_PATH)
{
global $g5;
$result_array = array();
$dirname = $skin_path.'/'.$skin.'/';
if(!is_dir($dirname))
$dirname = $skin_path . '/' . $skin . '/';
if (!is_dir($dirname)) {
return array();
}
$handle = opendir($dirname);
while ($file = readdir($handle)) {
if($file == '.'||$file == '..') continue;
if ($file == '.' || $file == '..') {
continue;
}
if (is_dir($dirname.$file)) $result_array[] = $file;
if (is_dir($dirname . $file)) {
$result_array[] = $file;
}
}
closedir($handle);
sort($result_array);
@ -103,15 +116,18 @@ function get_theme_dir()
{
$result_array = array();
$dirname = G5_PATH.'/'.G5_THEME_DIR.'/';
$dirname = G5_PATH . '/' . G5_THEME_DIR . '/';
$handle = opendir($dirname);
while ($file = readdir($handle)) {
if($file == '.'||$file == '..') continue;
if ($file == '.' || $file == '..') {
continue;
}
if (is_dir($dirname.$file)) {
$theme_path = $dirname.$file;
if(is_file($theme_path.'/index.php') && is_file($theme_path.'/head.php') && is_file($theme_path.'/tail.php'))
if (is_dir($dirname . $file)) {
$theme_path = $dirname . $file;
if (is_file($theme_path . '/index.php') && is_file($theme_path . '/head.php') && is_file($theme_path . '/tail.php')) {
$result_array[] = $file;
}
}
}
closedir($handle);
@ -125,21 +141,23 @@ function get_theme_dir()
function get_theme_info($dir)
{
$info = array();
$path = G5_PATH.'/'.G5_THEME_DIR.'/'.$dir;
$path = G5_PATH . '/' . G5_THEME_DIR . '/' . $dir;
if(is_dir($path)) {
$screenshot = $path.'/screenshot.png';
if(is_file($screenshot)) {
if (is_dir($path)) {
$screenshot = $path . '/screenshot.png';
$screenshot_url = '';
if (is_file($screenshot)) {
$size = @getimagesize($screenshot);
if($size[2] == 3)
if ($size[2] == 3) {
$screenshot_url = str_replace(G5_PATH, G5_URL, $screenshot);
}
}
$info['screenshot'] = $screenshot_url;
$text = $path.'/readme.txt';
if(is_file($text)) {
$text = $path . '/readme.txt';
if (is_file($text)) {
$content = file($text, false);
$content = array_map('trim', $content);
@ -162,8 +180,9 @@ function get_theme_info($dir)
$info['license_uri'] = trim($m7[1]);
}
if(!$info['theme_name'])
if (!$info['theme_name']) {
$info['theme_name'] = $dir;
}
}
return $info;
@ -171,19 +190,19 @@ function get_theme_info($dir)
// 테마설정 정보
function get_theme_config_value($dir, $key='*')
function get_theme_config_value($dir, $key = '*')
{
$tconfig = array();
$theme_config_file = G5_PATH.'/'.G5_THEME_DIR.'/'.$dir.'/theme.config.php';
if(is_file($theme_config_file)) {
include($theme_config_file);
if($key == '*') {
$theme_config_file = G5_PATH . '/' . G5_THEME_DIR . '/' . $dir . '/theme.config.php';
if (is_file($theme_config_file)) {
include $theme_config_file;
// 22.05.26 Undefined Variable $theme_config;
if ($key == '*') {
$tconfig = $theme_config;
} else {
$keys = array_map('trim', explode(',', $key));
foreach($keys as $v) {
foreach ($keys as $v) {
$tconfig[$v] = isset($theme_config[$v]) ? trim($theme_config[$v]) : '';
}
}
@ -194,17 +213,20 @@ function get_theme_config_value($dir, $key='*')
// 회원권한을 SELECT 형식으로 얻음
function get_member_level_select($name, $start_id=0, $end_id=10, $selected="", $event="")
function get_member_level_select($name, $start_id = 0, $end_id = 10, $selected = "", $event = "")
{
global $g5;
$str = "\n<select id=\"{$name}\" name=\"{$name}\"";
if ($event) $str .= " $event";
if ($event) {
$str .= " $event";
}
$str .= ">\n";
for ($i=$start_id; $i<=$end_id; $i++) {
$str .= '<option value="'.$i.'"';
if ($i == $selected)
for ($i = $start_id; $i <= $end_id; $i++) {
$str .= '<option value="' . $i . '"';
if ($i == $selected) {
$str .= ' selected="selected"';
}
$str .= ">{$i}</option>\n";
}
$str .= "</select>\n";
@ -213,44 +235,48 @@ function get_member_level_select($name, $start_id=0, $end_id=10, $selected="", $
// 회원아이디를 SELECT 형식으로 얻음
function get_member_id_select($name, $level, $selected="", $event="")
function get_member_id_select($name, $level, $selected = "", $event = "")
{
global $g5;
$sql = " select mb_id from {$g5['member_table']} where mb_level >= '{$level}' ";
$result = sql_query($sql);
$str = '<select id="'.$name.'" name="'.$name.'" '.$event.'><option value="">선택안함</option>';
for ($i=0; $row=sql_fetch_array($result); $i++)
{
$str .= '<option value="'.$row['mb_id'].'"';
if ($row['mb_id'] == $selected) $str .= ' selected';
$str .= '>'.$row['mb_id'].'</option>';
$str = '<select id="' . $name . '" name="' . $name . '" ' . $event . '><option value="">선택안함</option>';
for ($i = 0; $row = sql_fetch_array($result); $i++) {
$str .= '<option value="' . $row['mb_id'] . '"';
if ($row['mb_id'] == $selected) {
$str .= ' selected';
}
$str .= '>' . $row['mb_id'] . '</option>';
}
$str .= '</select>';
return $str;
}
// php8 버전 호환 권한 검사 함수
function auth_check_menu($auth, $sub_menu, $attr, $return=false) {
function auth_check_menu($auth, $sub_menu, $attr, $return = false)
{
$check_auth = isset($auth[$sub_menu]) ? $auth[$sub_menu] : '';
return auth_check($check_auth, $attr, $return);
}
// 권한 검사
function auth_check($auth, $attr, $return=false)
function auth_check($auth, $attr, $return = false)
{
global $is_admin;
if ($is_admin == 'super') return;
if ($is_admin == 'super') {
return;
}
if (!trim($auth)) {
$msg = '이 메뉴에는 접근 권한이 없습니다.\\n\\n접근 권한은 최고관리자만 부여할 수 있습니다.';
if($return)
if ($return) {
return $msg;
else
} else {
alert($msg);
}
}
$attr = strtolower($attr);
@ -258,44 +284,49 @@ function auth_check($auth, $attr, $return=false)
if (!strstr($auth, $attr)) {
if ($attr == 'r') {
$msg = '읽을 권한이 없습니다.';
if($return)
if ($return) {
return $msg;
else
} else {
alert($msg);
}
} else if ($attr == 'w') {
$msg = '입력, 추가, 생성, 수정 권한이 없습니다.';
if($return)
if ($return) {
return $msg;
else
} else {
alert($msg);
}
} else if ($attr == 'd') {
$msg = '삭제 권한이 없습니다.';
if($return)
if ($return) {
return $msg;
else
} else {
alert($msg);
}
} else {
$msg = '속성이 잘못 되었습니다.';
if($return)
if ($return) {
return $msg;
else
} else {
alert($msg);
}
}
}
}
// 작업아이콘 출력
function icon($act, $link='', $target='_parent')
function icon($act, $link = '', $target = '_parent')
{
global $g5;
$img = array('입력'=>'insert', '추가'=>'insert', '생성'=>'insert', '수정'=>'modify', '삭제'=>'delete', '이동'=>'move', '그룹'=>'move', '보기'=>'view', '미리보기'=>'view', '복사'=>'copy');
$icon = '<img src="'.G5_ADMIN_PATH.'/img/icon_'.$img[$act].'.gif" title="'.$act.'">';
if ($link)
$s = '<a href="'.$link.'">'.$icon.'</a>';
else
$img = array('입력' => 'insert', '추가' => 'insert', '생성' => 'insert', '수정' => 'modify', '삭제' => 'delete', '이동' => 'move', '그룹' => 'move', '보기' => 'view', '미리보기' => 'view', '복사' => 'copy');
$icon = '<img src="' . G5_ADMIN_PATH . '/img/icon_' . $img[$act] . '.gif" title="' . $act . '">';
if ($link) {
$s = '<a href="' . $link . '">' . $icon . '</a>';
} else {
$s = $icon;
}
return $s;
}
@ -307,9 +338,10 @@ function rm_rf($file)
if (file_exists($file)) {
if (is_dir($file)) {
$handle = opendir($file);
while($filename = readdir($handle)) {
if ($filename != '.' && $filename != '..')
rm_rf($file.'/'.$filename);
while ($filename = readdir($handle)) {
if ($filename != '.' && $filename != '..') {
rm_rf($file . '/' . $filename);
}
}
closedir($handle);
@ -323,21 +355,21 @@ function rm_rf($file)
}
// 입력 폼 안내문
function help($help="")
function help($help = "")
{
global $g5;
$str = '<span class="frm_info">'.str_replace("\n", "<br>", $help).'</span>';
$str = '<span class="frm_info">' . str_replace("\n", "<br>", $help) . '</span>';
return $str;
}
// 출력순서
function order_select($fld, $sel='')
function order_select($fld, $sel = '')
{
$s = '<select name="'.$fld.'" id="'.$fld.'">';
for ($i=1; $i<=100; $i++) {
$s .= '<option value="'.$i.'" ';
$s = '<select name="' . $fld . '" id="' . $fld . '">';
for ($i = 1; $i <= 100; $i++) {
$s .= '<option value="' . $i . '" ';
if ($sel) {
if ($i == $sel) {
$s .= 'selected';
@ -347,7 +379,7 @@ function order_select($fld, $sel='')
$s .= 'selected';
}
}
$s .= '>'.$i.'</option>';
$s .= '>' . $i . '</option>';
}
$s .= '</select>';
@ -364,11 +396,12 @@ function get_admin_token()
}
// 관리자가 자동등록방지를 사용해야 할 경우
function get_admin_captcha_by($type='get'){
function get_admin_captcha_by($type = 'get')
{
$captcha_name = 'ss_admin_use_captcha';
if($type === 'remove'){
if ($type === 'remove') {
set_session($captcha_name, '');
}
@ -376,9 +409,10 @@ function get_admin_captcha_by($type='get'){
}
//input value 에서 xss 공격 filter 역할을 함 ( 반드시 input value='' 타입에만 사용할것 )
function get_sanitize_input($s, $is_html=false){
function get_sanitize_input($s, $is_html = false)
{
if(!$is_html){
if (!$is_html) {
$s = strip_tags($s);
}
@ -387,50 +421,51 @@ function get_sanitize_input($s, $is_html=false){
return $s;
}
function check_log_folder($log_path, $is_delete=true){
function check_log_folder($log_path, $is_delete = true)
{
if( is_writable($log_path) ){
if (is_writable($log_path)) {
// 아파치 서버인 경우 웹에서 해당 폴더 접근 막기
$htaccess_file = $log_path.'/.htaccess';
if ( !file_exists( $htaccess_file ) ) {
if ( $handle = @fopen( $htaccess_file, 'w' ) ) {
fwrite( $handle, 'Order deny,allow' . "\n" );
fwrite( $handle, 'Deny from all' . "\n" );
fclose( $handle );
$htaccess_file = $log_path . '/.htaccess';
if (!file_exists($htaccess_file)) {
if ($handle = @fopen($htaccess_file, 'w')) {
fwrite($handle, 'Order deny,allow' . "\n");
fwrite($handle, 'Deny from all' . "\n");
fclose($handle);
}
}
// 아파치 서버인 경우 해당 디렉토리 파일 목록 안보이게 하기
$index_file = $log_path . '/index.php';
if ( !file_exists( $index_file ) ) {
if ( $handle = @fopen( $index_file, 'w' ) ) {
fwrite( $handle, '' );
fclose( $handle );
if (!file_exists($index_file)) {
if ($handle = @fopen($index_file, 'w')) {
fwrite($handle, '');
fclose($handle);
}
}
}
if( $is_delete ) {
try {
// txt 파일과 log 파일을 조회하여 30일이 지난 파일은 삭제합니다.
$txt_files = glob($log_path.'/*.txt');
$log_files = glob($log_path.'/*.log');
$del_files = array_merge($txt_files, $log_files);
if( $del_files && is_array($del_files) ){
foreach ($del_files as $del_file) {
$filetime = filemtime($del_file);
// 30일이 지난 파일을 삭제
if($filetime && $filetime < (G5_SERVER_TIME - 2592000)) {
@unlink($del_file);
}
}
}
} catch(Exception $e) {
}
}
if ($is_delete) {
try {
// txt 파일과 log 파일을 조회하여 30일이 지난 파일은 삭제합니다.
$txt_files = glob($log_path . '/*.txt');
$log_files = glob($log_path . '/*.log');
$del_files = array_merge($txt_files, $log_files);
if ($del_files && is_array($del_files)) {
foreach ($del_files as $del_file) {
$filetime = filemtime($del_file);
// 30일이 지난 파일을 삭제
if ($filetime && $filetime < (G5_SERVER_TIME - 2592000)) {
@unlink($del_file);
}
}
}
} catch (Exception $e) {
}
}
}
// POST로 넘어온 토큰과 세션에 저장된 토큰 비교
@ -439,23 +474,25 @@ function check_admin_token()
$token = get_session('ss_admin_token');
set_session('ss_admin_token', '');
if(!$token || !$_REQUEST['token'] || $token != $_REQUEST['token'])
if (!$token || !$_REQUEST['token'] || $token != $_REQUEST['token']) {
alert('올바른 방법으로 이용해 주십시오.', G5_URL);
}
return true;
}
// 관리자 페이지 referer 체크
function admin_referer_check($return=false)
function admin_referer_check($return = false)
{
$referer = isset($_SERVER['HTTP_REFERER']) ? trim($_SERVER['HTTP_REFERER']) : '';
if(!$referer) {
if (!$referer) {
$msg = '정보가 올바르지 않습니다.';
if($return)
if ($return) {
return $msg;
else
} else {
alert($msg, G5_URL);
}
}
$p = @parse_url($referer);
@ -463,16 +500,16 @@ function admin_referer_check($return=false)
$host = preg_replace('/:[0-9]+$/', '', $_SERVER['HTTP_HOST']);
$msg = '';
if($host != $p['host']) {
if ($host != $p['host']) {
$msg = '올바른 방법으로 이용해 주십시오.';
}
if( $p['path'] && ! preg_match( '/\/'.preg_quote(G5_ADMIN_DIR).'\//i', $p['path'] ) ){
if ($p['path'] && !preg_match('/\/' . preg_quote(G5_ADMIN_DIR) . '\//i', $p['path'])) {
$msg = '올바른 방법으로 이용해 주십시오';
}
if( $msg ){
if($return) {
if ($msg) {
if ($return) {
return $msg;
} else {
alert($msg, G5_URL);
@ -480,17 +517,22 @@ function admin_referer_check($return=false)
}
}
function admin_check_xss_params($params){
function admin_check_xss_params($params)
{
if( ! $params ) return;
if (!$params) {
return;
}
foreach( $params as $key=>$value ){
foreach ($params as $key => $value) {
if ( empty($value) ) continue;
if (empty($value)) {
continue;
}
if( is_array($value) ){
if (is_array($value)) {
admin_check_xss_params($value);
} else if ( (preg_match('/<\s?[^\>]*\/?\s?>/i', $value) && (preg_match('/script.*?\/script/ius', $value) || preg_match('/[onload|onerror]=.*/ius', $value))) || preg_match('/^(?=.*token\()(?=.*xmlhttprequest\()(?=.*send\().*$/im', $value) || (preg_match('/[onload|onerror|focus]=.*/ius', $value) && preg_match('/(eval|expression|exec|prompt)(\s*)\((.*)\)/ius', $value)) ){
} else if ((preg_match('/<\s?[^\>]*\/?\s?>/i', $value) && (preg_match('/script.*?\/script/ius', $value) || preg_match('/[onload|onerror]=.*/ius', $value))) || preg_match('/^(?=.*token\()(?=.*xmlhttprequest\()(?=.*send\().*$/im', $value) || (preg_match('/[onload|onerror|focus]=.*/ius', $value) && preg_match('/(eval|expression|exec|prompt)(\s*)\((.*)\)/ius', $value))) {
alert('요청 쿼리에 잘못된 스크립트문장이 있습니다.\\nXSS 공격일수도 있습니다.', G5_URL);
die();
}
@ -499,31 +541,38 @@ function admin_check_xss_params($params){
return;
}
function admin_menu_find_by($call, $search_key){
function admin_menu_find_by($call, $search_key)
{
global $menu;
static $cache_menu = array();
if( empty($cache_menu) ){
foreach( $menu as $k1=>$arr1 ){
if (empty($arr1) ) continue;
foreach( $arr1 as $k2=>$arr2 ){
if (empty($arr2) ) continue;
static $cache_menu = array();
if (empty($cache_menu)) {
foreach ($menu as $k1 => $arr1) {
if (empty($arr1)) {
continue;
}
foreach ($arr1 as $k2 => $arr2) {
if (empty($arr2)) {
continue;
}
$menu_key = isset($arr2[3]) ? $arr2[3] : '';
if (empty($menu_key) ) continue;
if (empty($menu_key)) {
continue;
}
$cache_menu[$menu_key] = array(
'sub_menu'=>$arr2[0],
'title'=>$arr2[1],
'link'=>$arr2[2],
);
'sub_menu' => $arr2[0],
'title' => $arr2[1],
'link' => $arr2[2],
);
}
}
}
if( isset($cache_menu[$call]) && isset($cache_menu[$call][$search_key]) ){
if (isset($cache_menu[$call]) && isset($cache_menu[$call][$search_key])) {
return $cache_menu[$call][$search_key];
}
@ -531,22 +580,17 @@ function admin_menu_find_by($call, $search_key){
}
// 접근 권한 검사
if (!$member['mb_id'])
{
alert('로그인 하십시오.', G5_BBS_URL.'/login.php?url=' . urlencode(correct_goto_url(G5_ADMIN_URL)));
}
else if ($is_admin != 'super')
{
if (!$member['mb_id']) {
alert('로그인 하십시오.', G5_BBS_URL . '/login.php?url=' . urlencode(correct_goto_url(G5_ADMIN_URL)));
} else if ($is_admin != 'super') {
$auth = array();
$sql = " select au_menu, au_auth from {$g5['auth_table']} where mb_id = '{$member['mb_id']}' ";
$result = sql_query($sql);
for($i=0; $row=sql_fetch_array($result); $i++)
{
for ($i = 0; $row = sql_fetch_array($result); $i++) {
$auth[$row['au_menu']] = $row['au_auth'];
}
if (!$i)
{
if (!$i) {
alert('최고관리자 또는 관리권한이 있는 회원만 접근 가능합니다.', G5_URL);
}
}
@ -557,14 +601,14 @@ if (get_session('ss_mb_key') !== $admin_key) {
session_destroy();
include_once(G5_LIB_PATH.'/mailer.lib.php');
include_once G5_LIB_PATH . '/mailer.lib.php';
// 메일 알림
mailer($member['mb_nick'], $member['mb_email'], $member['mb_email'], 'XSS 공격 알림', $_SERVER['REMOTE_ADDR'].' 아이피로 XSS 공격이 있었습니다.<br><br>관리자 권한을 탈취하려는 접근이므로 주의하시기 바랍니다.<br><br>해당 아이피는 차단하시고 의심되는 게시물이 있는지 확인하시기 바랍니다.'.G5_URL, 0);
mailer($member['mb_nick'], $member['mb_email'], $member['mb_email'], 'XSS 공격 알림', $_SERVER['REMOTE_ADDR'] . ' 아이피로 XSS 공격이 있었습니다.<br><br>관리자 권한을 탈취하려는 접근이므로 주의하시기 바랍니다.<br><br>해당 아이피는 차단하시고 의심되는 게시물이 있는지 확인하시기 바랍니다.' . G5_URL, 0);
alert_close('정상적으로 로그인하여 접근하시기 바랍니다.');
}
if(isset($auth) && is_array($auth)) {
if (isset($auth) && is_array($auth)) {
@ksort($auth);
} else {
$auth = array();
@ -577,33 +621,44 @@ unset($amenu);
$tmp = dir(G5_ADMIN_PATH);
$menu_files = array();
while ($entry = $tmp->read()) {
if (!preg_match('/^admin.menu([0-9]{3}).*\.php$/', $entry, $m))
if (!preg_match('/^admin.menu([0-9]{3}).*\.php$/', $entry, $m)) {
continue; // 파일명이 menu 으로 시작하지 않으면 무시한다.
}
$amenu[$m[1]] = $entry;
$menu_files[] = G5_ADMIN_PATH.'/'.$entry;
$menu_files[] = G5_ADMIN_PATH . '/' . $entry;
}
@asort($menu_files);
foreach($menu_files as $file){
include_once($file);
foreach ($menu_files as $file) {
include_once $file;
}
@ksort($amenu);
$amenu = run_replace('admin_amenu', $amenu);
if( isset($menu) && $menu ){
$menu = run_replace('admin_menu', $menu);
if (isset($menu) && $menu) {
$menu = run_replace('admin_menu', $menu);
}
$arr_query = array();
if (isset($sst)) $arr_query[] = 'sst='.$sst;
if (isset($sod)) $arr_query[] = 'sod='.$sod;
if (isset($sfl)) $arr_query[] = 'sfl='.$sfl;
if (isset($stx)) $arr_query[] = 'stx='.$stx;
if (isset($page)) $arr_query[] = 'page='.$page;
if (isset($sst)) {
$arr_query[] = 'sst=' . $sst;
}
if (isset($sod)) {
$arr_query[] = 'sod=' . $sod;
}
if (isset($sfl)) {
$arr_query[] = 'sfl=' . $sfl;
}
if (isset($stx)) {
$arr_query[] = 'stx=' . $stx;
}
if (isset($page)) {
$arr_query[] = 'page=' . $page;
}
$qstr = implode("&amp;", $arr_query);
if ( isset($_REQUEST) && $_REQUEST ){
if( admin_referer_check(true) ){
if (isset($_REQUEST) && $_REQUEST) {
if (admin_referer_check(true)) {
admin_check_xss_params($_REQUEST);
}
}

36
adm/admin.menu100.php
View File

@ -1,23 +1,23 @@
<?php
$menu['menu100'] = array (
array('100000', '환경설정', G5_ADMIN_URL.'/config_form.php', 'config'),
array('100100', '기본환경설정', G5_ADMIN_URL.'/config_form.php', 'cf_basic'),
array('100200', '관리권한설정', G5_ADMIN_URL.'/auth_list.php', 'cf_auth'),
array('100280', '테마설정', G5_ADMIN_URL.'/theme.php', 'cf_theme', 1),
array('100290', '메뉴설정', G5_ADMIN_URL.'/menu_list.php', 'cf_menu', 1),
array('100300', '메일 테스트', G5_ADMIN_URL.'/sendmail_test.php', 'cf_mailtest'),
array('100310', '팝업레이어관리', G5_ADMIN_URL.'/newwinlist.php', 'scf_poplayer'),
array('100800', '세션파일 일괄삭제',G5_ADMIN_URL.'/session_file_delete.php', 'cf_session', 1),
array('100900', '캐시파일 일괄삭제',G5_ADMIN_URL.'/cache_file_delete.php', 'cf_cache', 1),
array('100910', '캡챠파일 일괄삭제',G5_ADMIN_URL.'/captcha_file_delete.php', 'cf_captcha', 1),
array('100920', '썸네일파일 일괄삭제',G5_ADMIN_URL.'/thumbnail_file_delete.php', 'cf_thumbnail', 1),
array('100500', 'phpinfo()', G5_ADMIN_URL.'/phpinfo.php', 'cf_phpinfo')
$menu['menu100'] = array(
array('100000', '환경설정', G5_ADMIN_URL . '/config_form.php', 'config'),
array('100100', '기본환경설정', G5_ADMIN_URL . '/config_form.php', 'cf_basic'),
array('100200', '관리권한설정', G5_ADMIN_URL . '/auth_list.php', 'cf_auth'),
array('100280', '테마설정', G5_ADMIN_URL . '/theme.php', 'cf_theme', 1),
array('100290', '메뉴설정', G5_ADMIN_URL . '/menu_list.php', 'cf_menu', 1),
array('100300', '메일 테스트', G5_ADMIN_URL . '/sendmail_test.php', 'cf_mailtest'),
array('100310', '팝업레이어관리', G5_ADMIN_URL . '/newwinlist.php', 'scf_poplayer'),
array('100800', '세션파일 일괄삭제', G5_ADMIN_URL . '/session_file_delete.php', 'cf_session', 1),
array('100900', '캐시파일 일괄삭제', G5_ADMIN_URL . '/cache_file_delete.php', 'cf_cache', 1),
array('100910', '캡챠파일 일괄삭제', G5_ADMIN_URL . '/captcha_file_delete.php', 'cf_captcha', 1),
array('100920', '썸네일파일 일괄삭제', G5_ADMIN_URL . '/thumbnail_file_delete.php', 'cf_thumbnail', 1),
array('100500', 'phpinfo()', G5_ADMIN_URL . '/phpinfo.php', 'cf_phpinfo')
);
if(version_compare(phpversion(), '5.3.0', '>=') && defined('G5_BROWSCAP_USE') && G5_BROWSCAP_USE) {
$menu['menu100'][] = array('100510', 'Browscap 업데이트', G5_ADMIN_URL.'/browscap.php', 'cf_browscap');
$menu['menu100'][] = array('100520', '접속로그 변환', G5_ADMIN_URL.'/browscap_convert.php', 'cf_visit_cnvrt');
if (version_compare(phpversion(), '5.3.0', '>=') && defined('G5_BROWSCAP_USE') && G5_BROWSCAP_USE) {
$menu['menu100'][] = array('100510', 'Browscap 업데이트', G5_ADMIN_URL . '/browscap.php', 'cf_browscap');
$menu['menu100'][] = array('100520', '접속로그 변환', G5_ADMIN_URL . '/browscap_convert.php', 'cf_visit_cnvrt');
}
$menu['menu100'][] = array('100410', 'DB업그레이드', G5_ADMIN_URL.'/dbupgrade.php', 'db_upgrade');
$menu['menu100'][] = array('100400', '부가서비스', G5_ADMIN_URL.'/service.php', 'cf_service');
$menu['menu100'][] = array('100410', 'DB업그레이드', G5_ADMIN_URL . '/dbupgrade.php', 'db_upgrade');
$menu['menu100'][] = array('100400', '부가서비스', G5_ADMIN_URL . '/service.php', 'cf_service');

20
adm/admin.menu200.php
View File

@ -1,11 +1,11 @@
<?php
$menu['menu200'] = array (
array('200000', '회원관리', G5_ADMIN_URL.'/member_list.php', 'member'),
array('200100', '회원관리', G5_ADMIN_URL.'/member_list.php', 'mb_list'),
array('200300', '회원메일발송', G5_ADMIN_URL.'/mail_list.php', 'mb_mail'),
array('200800', '접속자집계', G5_ADMIN_URL.'/visit_list.php', 'mb_visit', 1),
array('200810', '접속자검색', G5_ADMIN_URL.'/visit_search.php', 'mb_search', 1),
array('200820', '접속자로그삭제', G5_ADMIN_URL.'/visit_delete.php', 'mb_delete', 1),
array('200200', '포인트관리', G5_ADMIN_URL.'/point_list.php', 'mb_point'),
array('200900', '투표관리', G5_ADMIN_URL.'/poll_list.php', 'mb_poll')
);
$menu['menu200'] = array(
array('200000', '회원관리', G5_ADMIN_URL . '/member_list.php', 'member'),
array('200100', '회원관리', G5_ADMIN_URL . '/member_list.php', 'mb_list'),
array('200300', '회원메일발송', G5_ADMIN_URL . '/mail_list.php', 'mb_mail'),
array('200800', '접속자집계', G5_ADMIN_URL . '/visit_list.php', 'mb_visit', 1),
array('200810', '접속자검색', G5_ADMIN_URL . '/visit_search.php', 'mb_search', 1),
array('200820', '접속자로그삭제', G5_ADMIN_URL . '/visit_delete.php', 'mb_delete', 1),
array('200200', '포인트관리', G5_ADMIN_URL . '/point_list.php', 'mb_point'),
array('200900', '투표관리', G5_ADMIN_URL . '/poll_list.php', 'mb_poll')
);

22
adm/admin.menu300.php
View File

@ -1,12 +1,12 @@
<?php
$menu['menu300'] = array (
array('300000', '게시판관리', ''.G5_ADMIN_URL.'/board_list.php', 'board'),
array('300100', '게시판관리', ''.G5_ADMIN_URL.'/board_list.php', 'bbs_board'),
array('300200', '게시판그룹관리', ''.G5_ADMIN_URL.'/boardgroup_list.php', 'bbs_group'),
array('300300', '인기검색어관리', ''.G5_ADMIN_URL.'/popular_list.php', 'bbs_poplist', 1),
array('300400', '인기검색어순위', ''.G5_ADMIN_URL.'/popular_rank.php', 'bbs_poprank', 1),
array('300500', '1:1문의설정', ''.G5_ADMIN_URL.'/qa_config.php', 'qa'),
array('300600', '내용관리', G5_ADMIN_URL.'/contentlist.php', 'scf_contents', 1),
array('300700', 'FAQ관리', G5_ADMIN_URL.'/faqmasterlist.php', 'scf_faq', 1),
array('300820', '글,댓글 현황', G5_ADMIN_URL.'/write_count.php', 'scf_write_count'),
);
$menu['menu300'] = array(
array('300000', '게시판관리', '' . G5_ADMIN_URL . '/board_list.php', 'board'),
array('300100', '게시판관리', '' . G5_ADMIN_URL . '/board_list.php', 'bbs_board'),
array('300200', '게시판그룹관리', '' . G5_ADMIN_URL . '/boardgroup_list.php', 'bbs_group'),
array('300300', '인기검색어관리', '' . G5_ADMIN_URL . '/popular_list.php', 'bbs_poplist', 1),
array('300400', '인기검색어순위', '' . G5_ADMIN_URL . '/popular_rank.php', 'bbs_poprank', 1),
array('300500', '1:1문의설정', '' . G5_ADMIN_URL . '/qa_config.php', 'qa'),
array('300600', '내용관리', G5_ADMIN_URL . '/contentlist.php', 'scf_contents', 1),
array('300700', 'FAQ관리', G5_ADMIN_URL . '/faqmasterlist.php', 'scf_faq', 1),
array('300820', '글,댓글 현황', G5_ADMIN_URL . '/write_count.php', 'scf_write_count'),
);

40
adm/admin.menu400.shop_1of2.php
View File

@ -1,21 +1,23 @@
<?php
if (!defined('G5_USE_SHOP') || !G5_USE_SHOP) return;
if (!defined('G5_USE_SHOP') || !G5_USE_SHOP) {
return;
}
$menu['menu400'] = array (
array('400000', '쇼핑몰관리', G5_ADMIN_URL.'/shop_admin/', 'shop_config'),
array('400010', '쇼핑몰현황', G5_ADMIN_URL.'/shop_admin/', 'shop_index'),
array('400100', '쇼핑몰설정', G5_ADMIN_URL.'/shop_admin/configform.php', 'scf_config'),
array('400400', '주문내역', G5_ADMIN_URL.'/shop_admin/orderlist.php', 'scf_order', 1),
array('400440', '개인결제관리', G5_ADMIN_URL.'/shop_admin/personalpaylist.php', 'scf_personalpay', 1),
array('400200', '분류관리', G5_ADMIN_URL.'/shop_admin/categorylist.php', 'scf_cate'),
array('400300', '상품관리', G5_ADMIN_URL.'/shop_admin/itemlist.php', 'scf_item'),
array('400660', '상품문의', G5_ADMIN_URL.'/shop_admin/itemqalist.php', 'scf_item_qna'),
array('400650', '사용후기', G5_ADMIN_URL.'/shop_admin/itemuselist.php', 'scf_ps'),
array('400620', '상품재고관리', G5_ADMIN_URL.'/shop_admin/itemstocklist.php', 'scf_item_stock'),
array('400610', '상품유형관리', G5_ADMIN_URL.'/shop_admin/itemtypelist.php', 'scf_item_type'),
array('400500', '상품옵션재고관리', G5_ADMIN_URL.'/shop_admin/optionstocklist.php', 'scf_item_option'),
array('400800', '쿠폰관리', G5_ADMIN_URL.'/shop_admin/couponlist.php', 'scf_coupon'),
array('400810', '쿠폰존관리', G5_ADMIN_URL.'/shop_admin/couponzonelist.php', 'scf_coupon_zone'),
array('400750', '추가배송비관리', G5_ADMIN_URL.'/shop_admin/sendcostlist.php', 'scf_sendcost', 1),
array('400410', '미완료주문', G5_ADMIN_URL.'/shop_admin/inorderlist.php', 'scf_inorder', 1),
);
$menu['menu400'] = array(
array('400000', '쇼핑몰관리', G5_ADMIN_URL . '/shop_admin/', 'shop_config'),
array('400010', '쇼핑몰현황', G5_ADMIN_URL . '/shop_admin/', 'shop_index'),
array('400100', '쇼핑몰설정', G5_ADMIN_URL . '/shop_admin/configform.php', 'scf_config'),
array('400400', '주문내역', G5_ADMIN_URL . '/shop_admin/orderlist.php', 'scf_order', 1),
array('400440', '개인결제관리', G5_ADMIN_URL . '/shop_admin/personalpaylist.php', 'scf_personalpay', 1),
array('400200', '분류관리', G5_ADMIN_URL . '/shop_admin/categorylist.php', 'scf_cate'),
array('400300', '상품관리', G5_ADMIN_URL . '/shop_admin/itemlist.php', 'scf_item'),
array('400660', '상품문의', G5_ADMIN_URL . '/shop_admin/itemqalist.php', 'scf_item_qna'),
array('400650', '사용후기', G5_ADMIN_URL . '/shop_admin/itemuselist.php', 'scf_ps'),
array('400620', '상품재고관리', G5_ADMIN_URL . '/shop_admin/itemstocklist.php', 'scf_item_stock'),
array('400610', '상품유형관리', G5_ADMIN_URL . '/shop_admin/itemtypelist.php', 'scf_item_type'),
array('400500', '상품옵션재고관리', G5_ADMIN_URL . '/shop_admin/optionstocklist.php', 'scf_item_option'),
array('400800', '쿠폰관리', G5_ADMIN_URL . '/shop_admin/couponlist.php', 'scf_coupon'),
array('400810', '쿠폰존관리', G5_ADMIN_URL . '/shop_admin/couponzonelist.php', 'scf_coupon_zone'),
array('400750', '추가배송비관리', G5_ADMIN_URL . '/shop_admin/sendcostlist.php', 'scf_sendcost', 1),
array('400410', '미완료주문', G5_ADMIN_URL . '/shop_admin/inorderlist.php', 'scf_inorder', 1),
);

28
adm/admin.menu500.shop_2of2.php
View File

@ -1,15 +1,17 @@
<?php
if (!defined('G5_USE_SHOP') || !G5_USE_SHOP) return;
if (!defined('G5_USE_SHOP') || !G5_USE_SHOP) {
return;
}
$menu['menu500'] = array (
array('500000', '쇼핑몰현황/기타', G5_ADMIN_URL.'/shop_admin/itemsellrank.php', 'shop_stats'),
array('500110', '매출현황', G5_ADMIN_URL.'/shop_admin/sale1.php', 'sst_order_stats'),
array('500100', '상품판매순위', G5_ADMIN_URL.'/shop_admin/itemsellrank.php', 'sst_rank'),
array('500120', '주문내역출력', G5_ADMIN_URL.'/shop_admin/orderprint.php', 'sst_print_order', 1),
array('500400', '재입고SMS알림', G5_ADMIN_URL.'/shop_admin/itemstocksms.php', 'sst_stock_sms', 1),
array('500300', '이벤트관리', G5_ADMIN_URL.'/shop_admin/itemevent.php', 'scf_event'),
array('500310', '이벤트일괄처리', G5_ADMIN_URL.'/shop_admin/itemeventlist.php', 'scf_event_mng'),
array('500500', '배너관리', G5_ADMIN_URL.'/shop_admin/bannerlist.php', 'scf_banner', 1),
array('500140', '보관함현황', G5_ADMIN_URL.'/shop_admin/wishlist.php', 'sst_wish'),
array('500210', '가격비교사이트', G5_ADMIN_URL.'/shop_admin/price.php', 'sst_compare', 1)
);
$menu['menu500'] = array(
array('500000', '쇼핑몰현황/기타', G5_ADMIN_URL . '/shop_admin/itemsellrank.php', 'shop_stats'),
array('500110', '매출현황', G5_ADMIN_URL . '/shop_admin/sale1.php', 'sst_order_stats'),
array('500100', '상품판매순위', G5_ADMIN_URL . '/shop_admin/itemsellrank.php', 'sst_rank'),
array('500120', '주문내역출력', G5_ADMIN_URL . '/shop_admin/orderprint.php', 'sst_print_order', 1),
array('500400', '재입고SMS알림', G5_ADMIN_URL . '/shop_admin/itemstocksms.php', 'sst_stock_sms', 1),
array('500300', '이벤트관리', G5_ADMIN_URL . '/shop_admin/itemevent.php', 'scf_event'),
array('500310', '이벤트일괄처리', G5_ADMIN_URL . '/shop_admin/itemeventlist.php', 'scf_event_mng'),
array('500500', '배너관리', G5_ADMIN_URL . '/shop_admin/bannerlist.php', 'scf_banner', 1),
array('500140', '보관함현황', G5_ADMIN_URL . '/shop_admin/wishlist.php', 'sst_wish'),
array('500210', '가격비교사이트', G5_ADMIN_URL . '/shop_admin/price.php', 'sst_compare', 1)
);

28
adm/admin.menu900.php
View File

@ -1,14 +1,14 @@
<?php
$menu["menu900"] = array (
array('900000', 'SMS 관리', ''.G5_SMS5_ADMIN_URL.'/config.php', 'sms5'),
array('900100', 'SMS 기본설정', ''.G5_SMS5_ADMIN_URL.'/config.php', 'sms5_config'),
array('900200', '회원정보업데이트', ''.G5_SMS5_ADMIN_URL.'/member_update.php', 'sms5_mb_update'),
array('900300', '문자 보내기', ''.G5_SMS5_ADMIN_URL.'/sms_write.php', 'sms_write'),
array('900400', '전송내역-건별', ''.G5_SMS5_ADMIN_URL.'/history_list.php', 'sms_history' , 1),
array('900410', '전송내역-번호별', ''.G5_SMS5_ADMIN_URL.'/history_num.php', 'sms_history_num' , 1),
array('900500', '이모티콘 그룹', ''.G5_SMS5_ADMIN_URL.'/form_group.php' , 'emoticon_group'),
array('900600', '이모티콘 관리', ''.G5_SMS5_ADMIN_URL.'/form_list.php', 'emoticon_list'),
array('900700', '휴대폰번호 그룹', ''.G5_SMS5_ADMIN_URL.'/num_group.php' , 'hp_group', 1),
array('900800', '휴대폰번호 관리', ''.G5_SMS5_ADMIN_URL.'/num_book.php', 'hp_manage', 1),
array('900900', '휴대폰번호 파일', ''.G5_SMS5_ADMIN_URL.'/num_book_file.php' , 'hp_file', 1)
);
<?php
$menu["menu900"] = array(
array('900000', 'SMS 관리', '' . G5_SMS5_ADMIN_URL . '/config.php', 'sms5'),
array('900100', 'SMS 기본설정', '' . G5_SMS5_ADMIN_URL . '/config.php', 'sms5_config'),
array('900200', '회원정보업데이트', '' . G5_SMS5_ADMIN_URL . '/member_update.php', 'sms5_mb_update'),
array('900300', '문자 보내기', '' . G5_SMS5_ADMIN_URL . '/sms_write.php', 'sms_write'),
array('900400', '전송내역-건별', '' . G5_SMS5_ADMIN_URL . '/history_list.php', 'sms_history', 1),
array('900410', '전송내역-번호별', '' . G5_SMS5_ADMIN_URL . '/history_num.php', 'sms_history_num', 1),
array('900500', '이모티콘 그룹', '' . G5_SMS5_ADMIN_URL . '/form_group.php', 'emoticon_group'),
array('900600', '이모티콘 관리', '' . G5_SMS5_ADMIN_URL . '/form_list.php', 'emoticon_list'),
array('900700', '휴대폰번호 그룹', '' . G5_SMS5_ADMIN_URL . '/num_group.php', 'hp_group', 1),
array('900800', '휴대폰번호 관리', '' . G5_SMS5_ADMIN_URL . '/num_book.php', 'hp_manage', 1),
array('900900', '휴대폰번호 파일', '' . G5_SMS5_ADMIN_URL . '/num_book_file.php', 'hp_file', 1)
);

220
adm/admin.tail.php
View File

@ -1,33 +1,37 @@
<?php
if (!defined('_GNUBOARD_')) exit;
if (!defined('_GNUBOARD_')) {
exit;
}
// 그누보드5.4.5.5 버전과 영카트5.4.5.5.1 버전이 통합됨에 따라 그누보드 버전만 표시
// $print_version = defined('G5_YOUNGCART_VER') ? 'YoungCart Version '.G5_YOUNGCART_VER : 'Version '.G5_GNUBOARD_VER;
$print_version = 'Version '.G5_GNUBOARD_VER;
$print_version = 'Version ' . G5_GNUBOARD_VER;
?>
<noscript>
<p>
귀하께서 사용하시는 브라우저는 현재 <strong>자바스크립트를 사용하지 않음</strong>으로 설정되어 있습니다.<br>
<strong>자바스크립트를 사용하지 않음</strong>으로 설정하신 경우는 수정이나 삭제시 별도의 경고창이 나오지 않으므로 이점 주의하시기 바랍니다.
</p>
</noscript>
<noscript>
<p>
귀하께서 사용하시는 브라우저는 현재 <strong>자바스크립트를 사용하지 않음</strong>으로 설정되어 있습니다.<br>
<strong>자바스크립트를 사용하지 않음</strong>으로 설정하신 경우는 수정이나 삭제시 별도의 경고창이 나오지 않으므로 이점 주의하시기 바랍니다.
</p>
</noscript>
</div>
<footer id="ft">
<p>
Copyright &copy; <?php echo $_SERVER['HTTP_HOST']; ?>. All rights reserved. <?php echo $print_version; ?><br>
<button type="button" class="scroll_top"><span class="top_img"></span><span class="top_txt">TOP</span></button>
</p>
</footer>
</div>
</div>
<footer id="ft">
<p>
Copyright &copy; <?php echo $_SERVER['HTTP_HOST']; ?>. All rights reserved. <?php echo $print_version; ?><br>
<button type="button" class="scroll_top"><span class="top_img"></span><span class="top_txt">TOP</span></button>
</p>
</footer>
</div>
</div>
<script>
$(".scroll_top").click(function(){
$("body,html").animate({scrollTop:0},400);
})
$(".scroll_top").click(function() {
$("body,html").animate({
scrollTop: 0
}, 400);
})
</script>
<!-- <p>실행시간 : <?php echo get_microtime() - $begin_time; ?> -->
@ -35,121 +39,119 @@ $(".scroll_top").click(function(){
<script src="<?php echo G5_ADMIN_URL ?>/admin.js?ver=<?php echo G5_JS_VER; ?>"></script>
<script src="<?php echo G5_JS_URL ?>/jquery.anchorScroll.js?ver=<?php echo G5_JS_VER; ?>"></script>
<script>
$(function(){
$(function() {
var admin_head_height = $("#hd_top").height() + $("#container_title").height() + 5;
var admin_head_height = $("#hd_top").height() + $("#container_title").height() + 5;
$("a[href^='#']").anchorScroll({
scrollSpeed: 0, // scroll speed
offsetTop: admin_head_height, // offset for fixed top bars (defaults to 0)
onScroll: function () {
// callback on scroll start
},
scrollEnd: function () {
// callback on scroll end
}
});
$("a[href^='#']").anchorScroll({
scrollSpeed: 0, // scroll speed
offsetTop: admin_head_height, // offset for fixed top bars (defaults to 0)
onScroll: function() {
// callback on scroll start
},
scrollEnd: function() {
// callback on scroll end
}
});
var hide_menu = false;
var mouse_event = false;
var oldX = oldY = 0;
var hide_menu = false;
var mouse_event = false;
var oldX = oldY = 0;
$(document).mousemove(function(e) {
if(oldX == 0) {
oldX = e.pageX;
oldY = e.pageY;
}
$(document).mousemove(function(e) {
if (oldX == 0) {
oldX = e.pageX;
oldY = e.pageY;
}
if(oldX != e.pageX || oldY != e.pageY) {
mouse_event = true;
}
});
if (oldX != e.pageX || oldY != e.pageY) {
mouse_event = true;
}
});
// 주메뉴
var $gnb = $(".gnb_1dli > a");
$gnb.mouseover(function() {
if(mouse_event) {
// 주메뉴
var $gnb = $(".gnb_1dli > a");
$gnb.mouseover(function() {
if (mouse_event) {
$(".gnb_1dli").removeClass("gnb_1dli_over gnb_1dli_over2 gnb_1dli_on");
$(this).parent().addClass("gnb_1dli_over gnb_1dli_on");
menu_rearrange($(this).parent());
hide_menu = false;
}
});
$gnb.mouseout(function() {
hide_menu = true;
});
$(".gnb_2dli").mouseover(function() {
hide_menu = false;
});
$(".gnb_2dli").mouseout(function() {
hide_menu = true;
});
$gnb.focusin(function() {
$(".gnb_1dli").removeClass("gnb_1dli_over gnb_1dli_over2 gnb_1dli_on");
$(this).parent().addClass("gnb_1dli_over gnb_1dli_on");
menu_rearrange($(this).parent());
hide_menu = false;
}
});
});
$gnb.mouseout(function() {
hide_menu = true;
});
$gnb.focusout(function() {
hide_menu = true;
});
$(".gnb_2dli").mouseover(function() {
hide_menu = false;
});
$(".gnb_2da").focusin(function() {
$(".gnb_1dli").removeClass("gnb_1dli_over gnb_1dli_over2 gnb_1dli_on");
var $gnb_li = $(this).closest(".gnb_1dli").addClass("gnb_1dli_over gnb_1dli_on");
menu_rearrange($(this).closest(".gnb_1dli"));
hide_menu = false;
});
$(".gnb_2dli").mouseout(function() {
hide_menu = true;
});
$(".gnb_2da").focusout(function() {
hide_menu = true;
});
$gnb.focusin(function() {
$(".gnb_1dli").removeClass("gnb_1dli_over gnb_1dli_over2 gnb_1dli_on");
$(this).parent().addClass("gnb_1dli_over gnb_1dli_on");
menu_rearrange($(this).parent());
hide_menu = false;
});
$gnb.focusout(function() {
hide_menu = true;
});
$(".gnb_2da").focusin(function() {
$(".gnb_1dli").removeClass("gnb_1dli_over gnb_1dli_over2 gnb_1dli_on");
var $gnb_li = $(this).closest(".gnb_1dli").addClass("gnb_1dli_over gnb_1dli_on");
menu_rearrange($(this).closest(".gnb_1dli"));
hide_menu = false;
});
$(".gnb_2da").focusout(function() {
hide_menu = true;
});
$('#gnb_1dul>li').bind('mouseleave',function(){
submenu_hide();
});
$(document).bind('click focusin',function(){
if(hide_menu) {
$('#gnb_1dul>li').bind('mouseleave', function() {
submenu_hide();
});
$(document).bind('click focusin', function() {
if (hide_menu) {
submenu_hide();
}
});
// 폰트 리사이즈 쿠키있으면 실행
var font_resize_act = get_cookie("ck_font_resize_act");
if (font_resize_act != "") {
font_resize("container", font_resize_act);
}
});
// 폰트 리사이즈 쿠키있으면 실행
var font_resize_act = get_cookie("ck_font_resize_act");
if(font_resize_act != "") {
font_resize("container", font_resize_act);
function submenu_hide() {
$(".gnb_1dli").removeClass("gnb_1dli_over gnb_1dli_over2 gnb_1dli_on");
}
});
function submenu_hide() {
$(".gnb_1dli").removeClass("gnb_1dli_over gnb_1dli_over2 gnb_1dli_on");
}
function menu_rearrange(el) {
var width = $("#gnb_1dul").width();
var left = w1 = w2 = 0;
var idx = $(".gnb_1dli").index(el);
function menu_rearrange(el)
{
var width = $("#gnb_1dul").width();
var left = w1 = w2 = 0;
var idx = $(".gnb_1dli").index(el);
for (i = 0; i <= idx; i++) {
w1 = $(".gnb_1dli:eq(" + i + ")").outerWidth();
w2 = $(".gnb_2dli > a:eq(" + i + ")").outerWidth(true);
for(i=0; i<=idx; i++) {
w1 = $(".gnb_1dli:eq("+i+")").outerWidth();
w2 = $(".gnb_2dli > a:eq("+i+")").outerWidth(true);
if ((left + w2) > width) {
el.removeClass("gnb_1dli_over").addClass("gnb_1dli_over2");
}
if((left + w2) > width) {
el.removeClass("gnb_1dli_over").addClass("gnb_1dli_over2");
left += w1;
}
left += w1;
}
}
</script>
<?php
include_once(G5_PATH.'/tail.sub.php');
require_once G5_PATH . '/tail.sub.php';

11
adm/ajax.token.php
View File

@ -1,13 +1,14 @@
<?php
include_once('./_common.php');
include_once(G5_LIB_PATH.'/json.lib.php');
require_once './_common.php';
require_once G5_LIB_PATH . '/json.lib.php';
set_session('ss_admin_token', '');
$error = admin_referer_check(true);
if($error)
die(json_encode(array('error'=>$error, 'url'=>G5_URL)));
if ($error) {
die(json_encode(array('error' => $error, 'url' => G5_URL)));
}
$token = get_admin_token();
die(json_encode(array('error'=>'', 'token'=>$token, 'url'=>'')));
die(json_encode(array('error' => '', 'token' => $token, 'url' => '')));

6
adm/ajax.use_captcha.php
View File

@ -1,6 +1,6 @@
<?php
include_once('./_common.php');
require_once './_common.php';
if( isset($_POST['admin_use_captcha']) ){
if (isset($_POST['admin_use_captcha'])) {
set_session('ss_admin_use_captcha', true);
}
}

365
adm/auth_list.php
View File

@ -1,9 +1,10 @@
<?php
$sub_menu = "100200";
include_once('./_common.php');
require_once './_common.php';
if ($is_admin != 'super')
if ($is_admin != 'super') {
alert('최고관리자만 접근 가능합니다.');
}
$sql_common = " from {$g5['auth_table']} a left join {$g5['member_table']} b on (a.mb_id=b.mb_id) ";
@ -11,7 +12,7 @@ $sql_search = " where (1) ";
if ($stx) {
$sql_search .= " and ( ";
switch ($sfl) {
default :
default:
$sql_search .= " ({$sfl} like '%{$stx}%') ";
break;
}
@ -33,7 +34,9 @@ $total_count = $row['cnt'];
$rows = $config['cf_page_rows'];
$total_page = ceil($total_count / $rows); // 전체 페이지 계산
if ($page < 1) $page = 1; // 페이지가 없으면 첫 페이지 (1 페이지)
if ($page < 1) {
$page = 1; // 페이지가 없으면 첫 페이지 (1 페이지)
}
$from_record = ($page - 1) * $rows; // 시작 열을 구함
$sql = " select *
@ -43,10 +46,10 @@ $sql = " select *
limit {$from_record}, {$rows} ";
$result = sql_query($sql);
$listall = '<a href="'.$_SERVER['SCRIPT_NAME'].'" class="ov_listall btn_ov02">전체목록</a>';
$listall = '<a href="' . $_SERVER['SCRIPT_NAME'] . '" class="ov_listall btn_ov02">전체목록</a>';
$g5['title'] = "관리권한설정";
include_once('./admin.head.php');
require_once './admin.head.php';
$colspan = 5;
?>
@ -57,213 +60,213 @@ $colspan = 5;
</div>
<form name="fsearch" id="fsearch" class="local_sch01 local_sch" method="get">
<input type="hidden" name="sfl" value="a.mb_id" id="sfl">
<input type="hidden" name="sfl" value="a.mb_id" id="sfl">
<label for="stx" class="sound_only">회원아이디<strong class="sound_only"> 필수</strong></label>
<input type="text" name="stx" value="<?php echo $stx ?>" id="stx" required class="required frm_input">
<input type="submit" value="검색" id="fsearch_submit" class="btn_submit">
<label for="stx" class="sound_only">회원아이디<strong class="sound_only"> 필수</strong></label>
<input type="text" name="stx" value="<?php echo $stx ?>" id="stx" required class="required frm_input">
<input type="submit" value="검색" id="fsearch_submit" class="btn_submit">
</form>
<form name="fauthlist" id="fauthlist" method="post" action="./auth_list_delete.php" onsubmit="return fauthlist_submit(this);">
<input type="hidden" name="sst" value="<?php echo $sst ?>">
<input type="hidden" name="sod" value="<?php echo $sod ?>">
<input type="hidden" name="sfl" value="<?php echo $sfl ?>">
<input type="hidden" name="stx" value="<?php echo $stx ?>">
<input type="hidden" name="page" value="<?php echo $page ?>">
<input type="hidden" name="token" value="">
<input type="hidden" name="sst" value="<?php echo $sst ?>">
<input type="hidden" name="sod" value="<?php echo $sod ?>">
<input type="hidden" name="sfl" value="<?php echo $sfl ?>">
<input type="hidden" name="stx" value="<?php echo $stx ?>">
<input type="hidden" name="page" value="<?php echo $page ?>">
<input type="hidden" name="token" value="">
<div class="tbl_head01 tbl_wrap">
<table>
<caption><?php echo $g5['title']; ?> 목록</caption>
<thead>
<tr>
<th scope="col">
<label for="chkall" class="sound_only">현재 페이지 회원 전체</label>
<input type="checkbox" name="chkall" value="1" id="chkall" onclick="check_all(this.form)">
</th>
<th scope="col"><?php echo subject_sort_link('a.mb_id') ?>회원아이디</a></th>
<th scope="col"><?php echo subject_sort_link('mb_nick') ?>닉네임</a></th>
<th scope="col">메뉴</th>
<th scope="col">권한</th>
</tr>
</thead>
<tbody>
<?php
$count = 0;
for ($i = 0; $row = sql_fetch_array($result); $i++) {
$is_continue = false;
// 회원아이디가 없는 메뉴는 삭제함
if ($row['mb_id'] == '' && $row['mb_nick'] == '') {
sql_query(" delete from {$g5['auth_table']} where au_menu = '{$row['au_menu']}' ");
$is_continue = true;
}
// 메뉴번호가 바뀌는 경우에 현재 없는 저장된 메뉴는 삭제함
if (!isset($auth_menu[$row['au_menu']])) {
sql_query(" delete from {$g5['auth_table']} where au_menu = '{$row['au_menu']}' ");
$is_continue = true;
}
if ($is_continue) {
continue;
}
$mb_nick = get_sideview($row['mb_id'], $row['mb_nick'], $row['mb_email'], $row['mb_homepage']);
$bg = 'bg' . ($i % 2);
?>
<tr class="<?php echo $bg; ?>">
<td class="td_chk">
<input type="hidden" name="au_menu[<?php echo $i ?>]" value="<?php echo $row['au_menu'] ?>">
<input type="hidden" name="mb_id[<?php echo $i ?>]" value="<?php echo $row['mb_id'] ?>">
<label for="chk_<?php echo $i; ?>" class="sound_only"><?php echo $row['mb_nick'] ?>님 권한</label>
<input type="checkbox" name="chk[]" value="<?php echo $i ?>" id="chk_<?php echo $i ?>">
</td>
<td class="td_mbid"><a href="?sfl=a.mb_id&amp;stx=<?php echo $row['mb_id'] ?>"><?php echo $row['mb_id'] ?></a></td>
<td class="td_auth_mbnick"><?php echo $mb_nick ?></td>
<td class="td_menu">
<?php echo $row['au_menu'] ?>
<?php echo $auth_menu[$row['au_menu']] ?>
</td>
<td class="td_auth"><?php echo $row['au_auth'] ?></td>
</tr>
<?php
$count++;
}
if ($count == 0) {
echo '<tr><td colspan="' . $colspan . '" class="empty_table">자료가 없습니다.</td></tr>';
}
?>
</tbody>
</table>
</div>
<div class="btn_list01 btn_list">
<input type="submit" name="act_button" value="선택삭제" onclick="document.pressed=this.value" class="btn btn_02">
</div>
<div class="tbl_head01 tbl_wrap">
<table>
<caption><?php echo $g5['title']; ?> 목록</caption>
<thead>
<tr>
<th scope="col">
<label for="chkall" class="sound_only">현재 페이지 회원 전체</label>
<input type="checkbox" name="chkall" value="1" id="chkall" onclick="check_all(this.form)">
</th>
<th scope="col"><?php echo subject_sort_link('a.mb_id') ?>회원아이디</a></th>
<th scope="col"><?php echo subject_sort_link('mb_nick') ?>닉네임</a></th>
<th scope="col">메뉴</th>
<th scope="col">권한</th>
</tr>
</thead>
<tbody>
<?php
$count = 0;
for ($i=0; $row=sql_fetch_array($result); $i++)
{
$is_continue = false;
// 회원아이디가 없는 메뉴는 삭제함
if($row['mb_id'] == '' && $row['mb_nick'] == '') {
sql_query(" delete from {$g5['auth_table']} where au_menu = '{$row['au_menu']}' ");
$is_continue = true;
}
//if (isset($stx))
// echo '<script>document.fsearch.sfl.value = "'.$sfl.'";</script>'."\n";
// 메뉴번호가 바뀌는 경우에 현재 없는 저장된 메뉴는 삭제함
if (!isset($auth_menu[$row['au_menu']]))
{
sql_query(" delete from {$g5['auth_table']} where au_menu = '{$row['au_menu']}' ");
$is_continue = true;
}
if($is_continue)
continue;
$mb_nick = get_sideview($row['mb_id'], $row['mb_nick'], $row['mb_email'], $row['mb_homepage']);
$bg = 'bg'.($i%2);
?>
<tr class="<?php echo $bg; ?>">
<td class="td_chk">
<input type="hidden" name="au_menu[<?php echo $i ?>]" value="<?php echo $row['au_menu'] ?>">
<input type="hidden" name="mb_id[<?php echo $i ?>]" value="<?php echo $row['mb_id'] ?>">
<label for="chk_<?php echo $i; ?>" class="sound_only"><?php echo $row['mb_nick'] ?>님 권한</label>
<input type="checkbox" name="chk[]" value="<?php echo $i ?>" id="chk_<?php echo $i ?>">
</td>
<td class="td_mbid"><a href="?sfl=a.mb_id&amp;stx=<?php echo $row['mb_id'] ?>"><?php echo $row['mb_id'] ?></a></td>
<td class="td_auth_mbnick"><?php echo $mb_nick ?></td>
<td class="td_menu">
<?php echo $row['au_menu'] ?>
<?php echo $auth_menu[$row['au_menu']] ?>
</td>
<td class="td_auth"><?php echo $row['au_auth'] ?></td>
</tr>
<?php
$count++;
if (strstr($sfl, 'mb_id')) {
$mb_id = $stx;
} else {
$mb_id = '';
}
if ($count == 0)
echo '<tr><td colspan="'.$colspan.'" class="empty_table">자료가 없습니다.</td></tr>';
?>
</tbody>
</table>
</div>
<div class="btn_list01 btn_list">
<input type="submit" name="act_button" value="선택삭제" onclick="document.pressed=this.value" class="btn btn_02">
</div>
<?php
//if (isset($stx))
// echo '<script>document.fsearch.sfl.value = "'.$sfl.'";</script>'."\n";
if (strstr($sfl, 'mb_id'))
$mb_id = $stx;
else
$mb_id = '';
?>
</form>
<?php
$pagelist = get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, $_SERVER['SCRIPT_NAME'].'?'.$qstr.'&amp;page=');
$pagelist = get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, $_SERVER['SCRIPT_NAME'] . '?' . $qstr . '&amp;page=');
echo $pagelist;
?>
<form name="fauthlist2" id="fauthlist2" action="./auth_update.php" method="post" autocomplete="off" onsubmit="return fauth_add_submit(this);">
<input type="hidden" name="sfl" value="<?php echo $sfl ?>">
<input type="hidden" name="stx" value="<?php echo $stx ?>">
<input type="hidden" name="sst" value="<?php echo $sst ?>">
<input type="hidden" name="sod" value="<?php echo $sod ?>">
<input type="hidden" name="page" value="<?php echo $page ?>">
<input type="hidden" name="token" value="">
<input type="hidden" name="sfl" value="<?php echo $sfl ?>">
<input type="hidden" name="stx" value="<?php echo $stx ?>">
<input type="hidden" name="sst" value="<?php echo $sst ?>">
<input type="hidden" name="sod" value="<?php echo $sod ?>">
<input type="hidden" name="page" value="<?php echo $page ?>">
<input type="hidden" name="token" value="">
<section id="add_admin">
<h2 class="h2_frm">관리권한 추가</h2>
<section id="add_admin">
<h2 class="h2_frm">관리권한 추가</h2>
<div class="local_desc01 local_desc">
<p>
다음 양식에서 회원에게 관리권한을 부여하실 수 있습니다.<br>
권한 <strong>r</strong>은 읽기권한, <strong>w</strong>는 쓰기권한, <strong>d</strong>는 삭제권한입니다.
</p>
</div>
<div class="local_desc01 local_desc">
<p>
다음 양식에서 회원에게 관리권한을 부여하실 수 있습니다.<br>
권한 <strong>r</strong>은 읽기권한, <strong>w</strong>는 쓰기권한, <strong>d</strong>는 삭제권한입니다.
</p>
</div>
<div class="tbl_frm01 tbl_wrap">
<table>
<colgroup>
<col class="grid_4">
<col>
</colgroup>
<tbody>
<tr>
<th scope="row"><label for="mb_id">회원아이디<strong class="sound_only">필수</strong></label></th>
<td>
<strong id="msg_mb_id" class="msg_sound_only"></strong>
<input type="text" name="mb_id" value="<?php echo $mb_id ?>" id="mb_id" required class="required frm_input">
</td>
</tr>
<tr>
<th scope="row"><label for="au_menu">접근가능메뉴<strong class="sound_only">필수</strong></label></th>
<td>
<select id="au_menu" name="au_menu" required class="required">
<option value=''>선택하세요</option>
<?php
foreach($auth_menu as $key=>$value)
{
if (!(substr($key, -3) == '000' || $key == '-' || !$key))
echo '<option value="'.$key.'">'.$key.' '.$value.'</option>';
}
?>
</select>
</td>
</tr>
<tr>
<th scope="row">권한지정</th>
<td>
<input type="checkbox" name="r" value="r" id="r" checked>
<label for="r">r (읽기)</label>
<input type="checkbox" name="w" value="w" id="w">
<label for="w">w (쓰기)</label>
<input type="checkbox" name="d" value="d" id="d">
<label for="d">d (삭제)</label>
</td>
</tr>
<tr>
<th scope="row">자동등록방지</th>
<td>
<?php
include_once(G5_CAPTCHA_PATH.'/captcha.lib.php');
$captcha_html = captcha_html();
$captcha_js = chk_captcha_js();
echo $captcha_html;
?>
</td>
</tr>
</tbody>
</table>
</div>
<div class="tbl_frm01 tbl_wrap">
<table>
<colgroup>
<col class="grid_4">
<col>
</colgroup>
<tbody>
<tr>
<th scope="row"><label for="mb_id">회원아이디<strong class="sound_only">필수</strong></label></th>
<td>
<strong id="msg_mb_id" class="msg_sound_only"></strong>
<input type="text" name="mb_id" value="<?php echo $mb_id ?>" id="mb_id" required class="required frm_input">
</td>
</tr>
<tr>
<th scope="row"><label for="au_menu">접근가능메뉴<strong class="sound_only">필수</strong></label></th>
<td>
<select id="au_menu" name="au_menu" required class="required">
<option value=''>선택하세요</option>
<?php
foreach ($auth_menu as $key => $value) {
if (!(substr($key, -3) == '000' || $key == '-' || !$key)) {
echo '<option value="' . $key . '">' . $key . ' ' . $value . '</option>';
}
}
?>
</select>
</td>
</tr>
<tr>
<th scope="row">권한지정</th>
<td>
<input type="checkbox" name="r" value="r" id="r" checked>
<label for="r">r (읽기)</label>
<input type="checkbox" name="w" value="w" id="w">
<label for="w">w (쓰기)</label>
<input type="checkbox" name="d" value="d" id="d">
<label for="d">d (삭제)</label>
</td>
</tr>
<tr>
<th scope="row">자동등록방지</th>
<td>
<?php
require_once G5_CAPTCHA_PATH . '/captcha.lib.php';
$captcha_html = captcha_html();
$captcha_js = chk_captcha_js();
echo $captcha_html;
?>
</td>
</tr>
</tbody>
</table>
</div>
<div class="btn_confirm01 btn_confirm">
<input type="submit" value="추가" class="btn_submit btn">
</div>
</section>
<div class="btn_confirm01 btn_confirm">
<input type="submit" value="추가" class="btn_submit btn">
</div>
</section>
</form>
<script>
function fauth_add_submit(f){
<?php echo $captcha_js; // 캡챠 사용시 자바스크립트에서 입력된 캡챠를 검사함 ?>
function fauth_add_submit(f) {
return true;
}
<?php echo $captcha_js; // 캡챠 사용시 자바스크립트에서 입력된 캡챠를 검사함 ?>
function fauthlist_submit(f)
{
if (!is_checked("chk[]")) {
alert(document.pressed+" 하실 항목을 하나 이상 선택하세요.");
return false;
return true;
}
if(document.pressed == "선택삭제") {
if(!confirm("선택한 자료를 정말 삭제하시겠습니까?")) {
function fauthlist_submit(f) {
if (!is_checked("chk[]")) {
alert(document.pressed + " 하실 항목을 하나 이상 선택하세요.");
return false;
}
}
return true;
}
if (document.pressed == "선택삭제") {
if (!confirm("선택한 자료를 정말 삭제하시겠습니까?")) {
return false;
}
}
return true;
}
</script>
<?php
include_once ('./admin.tail.php');
require_once './admin.tail.php';

21
adm/auth_list_delete.php
View File

@ -1,36 +1,37 @@
<?php
$sub_menu = "100200";
include_once('./_common.php');
require_once './_common.php';
check_demo();
if ($is_admin != 'super')
if ($is_admin != 'super') {
alert('최고관리자만 접근 가능합니다.');
}
check_admin_token();
$count = (isset($_POST['chk']) && is_array($_POST['chk'])) ? count($_POST['chk']) : 0;
$post_act_button = isset($_POST['act_button']) ? clean_xss_tags($_POST['act_button'], 1, 1) : '';
if (!$count)
alert($_POST['act_button']." 하실 항목을 하나 이상 체크하세요.");
if (!$count) {
alert($_POST['act_button'] . " 하실 항목을 하나 이상 체크하세요.");
}
if ( (isset($_POST['mb_id']) && ! is_array($_POST['mb_id'])) || (isset($_POST['au_menu']) && ! is_array($_POST['au_menu'])) ){
if ((isset($_POST['mb_id']) && !is_array($_POST['mb_id'])) || (isset($_POST['au_menu']) && !is_array($_POST['au_menu']))) {
alert("잘못된 요청입니다.");
}
for ($i=0; $i<$count; $i++)
{
for ($i = 0; $i < $count; $i++) {
// 실제 번호를 넘김
$k = isset($_POST['chk'][$i]) ? (int) $_POST['chk'][$i] : 0;
$mb_id = isset($_POST['mb_id'][$k]) ? preg_replace('/[^a-zA-Z0-9_]/', '', $_POST['mb_id'][$k]) : '';
$au_menu = isset($_POST['au_menu'][$k]) ? preg_replace('/[^a-zA-Z0-9_]/', '', $_POST['au_menu'][$k]) : '';
$sql = " delete from {$g5['auth_table']} where mb_id = '".$mb_id."' and au_menu = '".$au_menu."' ";
$sql = " delete from {$g5['auth_table']} where mb_id = '" . $mb_id . "' and au_menu = '" . $au_menu . "' ";
sql_query($sql);
run_event('adm_auth_delete_member', $mb_id, $au_menu);
}
goto_url('./auth_list.php?'.$qstr);
goto_url('./auth_list.php?' . $qstr);

22
adm/auth_update.php
View File

@ -1,23 +1,25 @@
<?php
$sub_menu = "100200";
include_once('./_common.php');
include_once(G5_LIB_PATH.'/mailer.lib.php');
require_once './_common.php';
require_once G5_LIB_PATH . '/mailer.lib.php';
$au_menu = isset($_POST['au_menu']) ? preg_replace('/[^0-9a-z_]/i', '', $_POST['au_menu']) : '';
$post_r = isset($_POST['r']) ? preg_replace('/[^0-9a-z_]/i', '', $_POST['r']) : '';
$post_w = isset($_POST['w']) ? preg_replace('/[^0-9a-z_]/i', '', $_POST['w']) : '';
$post_d = isset($_POST['d']) ? preg_replace('/[^0-9a-z_]/i', '', $_POST['d']) : '';
if ($is_admin != 'super')
if ($is_admin != 'super') {
alert('최고관리자만 접근 가능합니다.');
}
$mb = get_member($mb_id);
if (!$mb['mb_id'])
if (!$mb['mb_id']) {
alert('존재하는 회원아이디가 아닙니다.');
}
check_admin_token();
include_once(G5_CAPTCHA_PATH.'/captcha.lib.php');
require_once G5_CAPTCHA_PATH . '/captcha.lib.php';
if (!chk_captcha()) {
alert('자동등록방지 숫자가 틀렸습니다.');
@ -27,7 +29,7 @@ $sql = " insert into {$g5['auth_table']}
set mb_id = '$mb_id',
au_menu = '$au_menu',
au_auth = '{$post_r},{$post_w},{$post_d}' ";
$result = sql_query($sql, FALSE);
$result = sql_query($sql, false);
if (!$result) {
$sql = " update {$g5['auth_table']}
set au_auth = '{$post_r},{$post_w},{$post_d}'
@ -39,15 +41,15 @@ if (!$result) {
//sql_query(" OPTIMIZE TABLE `$g5['auth_table']` ");
// 세션을 체크하여 하루에 한번만 메일알림이 가게 합니다.
if( str_replace('-', '', G5_TIME_YMD) !== get_session('adm_auth_update') ){
if (str_replace('-', '', G5_TIME_YMD) !== get_session('adm_auth_update')) {
$site_url = preg_replace('/^www\./', '', strtolower($_SERVER['SERVER_NAME']));
$to_email = 'gnuboard@'.$site_url;
$to_email = 'gnuboard@' . $site_url;
mailer($config['cf_admin_email_name'], $to_email, $config['cf_admin_email'], '['.$config['cf_title'].'] 관리권한설정 알림', '<p><b>['.$config['cf_title'].'] 관리권한설정 변경 안내</b></p><p style="padding-top:1em">회원 아이디 '.$mb['mb_id'].' 에 관리권한이 추가 되었습니다.</p><p style="padding-top:1em">'.G5_TIME_YMDHIS.'</p><p style="padding-top:1em"><a href="'.G5_URL.'" target="_blank">'.$config['cf_title'].'</a></p>', 1);
mailer($config['cf_admin_email_name'], $to_email, $config['cf_admin_email'], '[' . $config['cf_title'] . '] 관리권한설정 알림', '<p><b>[' . $config['cf_title'] . '] 관리권한설정 변경 안내</b></p><p style="padding-top:1em">회원 아이디 ' . $mb['mb_id'] . ' 에 관리권한이 추가 되었습니다.</p><p style="padding-top:1em">' . G5_TIME_YMDHIS . '</p><p style="padding-top:1em"><a href="' . G5_URL . '" target="_blank">' . $config['cf_title'] . '</a></p>', 1);
set_session('adm_auth_update', str_replace('-', '', G5_TIME_YMD));
}
run_event('adm_auth_update', $mb);
goto_url('./auth_list.php?'.$qstr);
goto_url('./auth_list.php?' . $qstr);

115
adm/board_copy.php
View File

@ -1,11 +1,11 @@
<?php
$sub_menu = "300100";
include_once("./_common.php");
require_once "./_common.php";
auth_check_menu($auth, $sub_menu, 'w');
$g5['title'] = '게시판 복사';
include_once(G5_PATH.'/head.sub.php');
require_once G5_PATH . '/head.sub.php';
$bo_table = $_REQUEST['bo_table'];
if (empty($bo_table)) {
@ -19,73 +19,72 @@ if (empty($bo_table)) {
<h1><?php echo $g5['title']; ?></h1>
<form name="fboardcopy" id="fboardcopy" action="./board_copy_update.php" onsubmit="return fboardcopy_check(this);" method="post">
<input type="hidden" name="bo_table" value="<?php echo $bo_table ?>" id="bo_table">
<input type="hidden" name="token" value="">
<div class=" new_win_con">
<div class="tbl_frm01 tbl_wrap">
<table>
<caption><?php echo $g5['title']; ?></caption>
<tbody>
<tr>
<th scope="col">원본 테이블명</th>
<td><?php echo $bo_table ?></td>
</tr>
<tr>
<th scope="col"><label for="target_table">복사 테이블명<strong class="sound_only">필수</strong></label></th>
<td><input type="text" name="target_table" id="target_table" required class="required alnum_ frm_input" maxlength="20">영문자, 숫자, _ 만 가능 (공백없이)</td>
</tr>
<tr>
<th scope="col"><label for="target_subject">게시판 제목<strong class="sound_only">필수</strong></label></th>
<td><input type="text" name="target_subject" value="[복사본] <?php echo get_sanitize_input($board['bo_subject']); ?>" id="target_subject" required class="required frm_input" maxlength="120"></td>
</tr>
<tr>
<th scope="col">복사 유형</th>
<td>
<input type="radio" name="copy_case" value="schema_only" id="copy_case" checked>
<label for="copy_case">구조만</label>
<input type="radio" name="copy_case" value="schema_data_both" id="copy_case2">
<label for="copy_case2">구조와 데이터</label>
</td>
</tr>
</tbody>
</table>
<input type="hidden" name="bo_table" value="<?php echo $bo_table ?>" id="bo_table">
<input type="hidden" name="token" value="">
<div class=" new_win_con">
<div class="tbl_frm01 tbl_wrap">
<table>
<caption><?php echo $g5['title']; ?></caption>
<tbody>
<tr>
<th scope="col">원본 테이블명</th>
<td><?php echo $bo_table ?></td>
</tr>
<tr>
<th scope="col"><label for="target_table">복사 테이블명<strong class="sound_only">필수</strong></label></th>
<td><input type="text" name="target_table" id="target_table" required class="required alnum_ frm_input" maxlength="20">영문자, 숫자, _ 만 가능 (공백없이)</td>
</tr>
<tr>
<th scope="col"><label for="target_subject">게시판 제목<strong class="sound_only">필수</strong></label></th>
<td><input type="text" name="target_subject" value="[복사본] <?php echo get_sanitize_input($board['bo_subject']); ?>" id="target_subject" required class="required frm_input" maxlength="120"></td>
</tr>
<tr>
<th scope="col">복사 유형</th>
<td>
<input type="radio" name="copy_case" value="schema_only" id="copy_case" checked>
<label for="copy_case">구조만</label>
<input type="radio" name="copy_case" value="schema_data_both" id="copy_case2">
<label for="copy_case2">구조와 데이터</label>
</td>
</tr>
</tbody>
</table>
</div>
</div>
<div class="win_btn ">
<input type="submit" class="btn_submit btn" value="복사">
<input type="button" class="btn_close btn" value="창닫기" onclick="window.close();">
</div>
</div>
<div class="win_btn ">
<input type="submit" class="btn_submit btn" value="복사">
<input type="button" class="btn_close btn" value="창닫기" onclick="window.close();">
</div>
</form>
</div>
<script>
function fboardcopy_check(f)
{
<?php
if (!$w) {
$js_array = get_bo_table_banned_word();
echo "var banned_array = ". json_encode($js_array) . ";\n";
}
?>
function fboardcopy_check(f) {
<?php
// 게시판명이 금지된 단어로 되어 있으면
if( (typeof banned_array != 'undefined') && jQuery.inArray(f.target_table.value, banned_array) !== -1 ){
alert("입력한 게시판 TABLE명을 사용할수 없습니다. 다른 이름으로 입력해 주세요.");
return false;
}
if (!$w) {
$js_array = get_bo_table_banned_word();
echo "var banned_array = " . json_encode($js_array) . ";\n";
}
?>
if (f.bo_table.value == f.target_table.value) {
alert("원본 테이블명과 복사할 테이블명이 달라야 합니다.");
return false;
}
// 게시판명이 금지된 단어로 되어 있으면
if ((typeof banned_array != 'undefined') && jQuery.inArray(f.target_table.value, banned_array) !== -1) {
alert("입력한 게시판 TABLE명을 사용할수 없습니다. 다른 이름으로 입력해 주세요.");
return false;
}
return true;
}
if (f.bo_table.value == f.target_table.value) {
alert("원본 테이블명과 복사할 테이블명이 달라야 합니다.");
return false;
}
return true;
}
</script>
<?php
include_once(G5_PATH.'/tail.sub.php');
require_once G5_PATH . '/tail.sub.php';

96
adm/board_copy_update.php
View File

@ -1,6 +1,6 @@
<?php
$sub_menu = '300100';
include_once('./_common.php');
require_once './_common.php';
check_demo();
@ -31,7 +31,7 @@ if ($w == '' && in_array($target_table, get_bo_table_banned_word())) {
$row = sql_fetch(" select count(*) as cnt from {$g5['board_table']} where bo_table = '$target_table' ");
if ($row['cnt']) {
alert($target_table.'은(는) 이미 존재하는 게시판 테이블명 입니다.\\n복사할 테이블명으로 사용할 수 없습니다.');
alert($target_table . '은(는) 이미 존재하는 게시판 테이블명 입니다.\\n복사할 테이블명으로 사용할 수 없습니다.');
}
// 게시판 테이블 생성
@ -93,11 +93,11 @@ $sql = " insert into {$g5['board_table']}
bo_mobile_skin = '{$board['bo_mobile_skin']}',
bo_include_head = '{$board['bo_include_head']}',
bo_include_tail = '{$board['bo_include_tail']}',
bo_content_head = '".addslashes($board['bo_content_head'])."',
bo_content_tail = '".addslashes($board['bo_content_tail'])."',
bo_mobile_content_head = '".addslashes($board['bo_mobile_content_head'])."',
bo_mobile_content_tail = '".addslashes($board['bo_mobile_content_tail'])."',
bo_insert_content = '".addslashes($board['bo_insert_content'])."',
bo_content_head = '" . addslashes($board['bo_content_head']) . "',
bo_content_tail = '" . addslashes($board['bo_content_tail']) . "',
bo_mobile_content_head = '" . addslashes($board['bo_mobile_content_head']) . "',
bo_mobile_content_tail = '" . addslashes($board['bo_mobile_content_tail']) . "',
bo_insert_content = '" . addslashes($board['bo_insert_content']) . "',
bo_gallery_cols = '{$board['bo_gallery_cols']}',
bo_gallery_width = '{$board['bo_gallery_width']}',
bo_gallery_height = '{$board['bo_gallery_height']}',
@ -114,34 +114,34 @@ $sql = " insert into {$g5['board_table']}
bo_use_sns = '{$board['bo_use_sns']}',
bo_use_captcha = '{$board['bo_use_captcha']}',
bo_sort_field = '{$board['bo_sort_field']}',
bo_1_subj = '".addslashes($board['bo_1_subj'])."',
bo_2_subj = '".addslashes($board['bo_2_subj'])."',
bo_3_subj = '".addslashes($board['bo_3_subj'])."',
bo_4_subj = '".addslashes($board['bo_4_subj'])."',
bo_5_subj = '".addslashes($board['bo_5_subj'])."',
bo_6_subj = '".addslashes($board['bo_6_subj'])."',
bo_7_subj = '".addslashes($board['bo_7_subj'])."',
bo_8_subj = '".addslashes($board['bo_8_subj'])."',
bo_9_subj = '".addslashes($board['bo_9_subj'])."',
bo_10_subj = '".addslashes($board['bo_10_subj'])."',
bo_1 = '".addslashes($board['bo_1'])."',
bo_2 = '".addslashes($board['bo_2'])."',
bo_3 = '".addslashes($board['bo_3'])."',
bo_4 = '".addslashes($board['bo_4'])."',
bo_5 = '".addslashes($board['bo_5'])."',
bo_6 = '".addslashes($board['bo_6'])."',
bo_7 = '".addslashes($board['bo_7'])."',
bo_8 = '".addslashes($board['bo_8'])."',
bo_9 = '".addslashes($board['bo_9'])."',
bo_10 = '".addslashes($board['bo_10'])."' ";
bo_1_subj = '" . addslashes($board['bo_1_subj']) . "',
bo_2_subj = '" . addslashes($board['bo_2_subj']) . "',
bo_3_subj = '" . addslashes($board['bo_3_subj']) . "',
bo_4_subj = '" . addslashes($board['bo_4_subj']) . "',
bo_5_subj = '" . addslashes($board['bo_5_subj']) . "',
bo_6_subj = '" . addslashes($board['bo_6_subj']) . "',
bo_7_subj = '" . addslashes($board['bo_7_subj']) . "',
bo_8_subj = '" . addslashes($board['bo_8_subj']) . "',
bo_9_subj = '" . addslashes($board['bo_9_subj']) . "',
bo_10_subj = '" . addslashes($board['bo_10_subj']) . "',
bo_1 = '" . addslashes($board['bo_1']) . "',
bo_2 = '" . addslashes($board['bo_2']) . "',
bo_3 = '" . addslashes($board['bo_3']) . "',
bo_4 = '" . addslashes($board['bo_4']) . "',
bo_5 = '" . addslashes($board['bo_5']) . "',
bo_6 = '" . addslashes($board['bo_6']) . "',
bo_7 = '" . addslashes($board['bo_7']) . "',
bo_8 = '" . addslashes($board['bo_8']) . "',
bo_9 = '" . addslashes($board['bo_9']) . "',
bo_10 = '" . addslashes($board['bo_10']) . "' ";
sql_query($sql, false);
// 게시판 폴더 생성
@mkdir(G5_DATA_PATH.'/file/'.$target_table, G5_DIR_PERMISSION);
@chmod(G5_DATA_PATH.'/file/'.$target_table, G5_DIR_PERMISSION);
@mkdir(G5_DATA_PATH . '/file/' . $target_table, G5_DIR_PERMISSION);
@chmod(G5_DATA_PATH . '/file/' . $target_table, G5_DIR_PERMISSION);
// 디렉토리에 있는 파일의 목록을 보이지 않게 한다.
$board_path = G5_DATA_PATH.'/file/'.$target_table;
$board_path = G5_DATA_PATH . '/file/' . $target_table;
$file = $board_path . '/index.php';
$f = @fopen($file, 'w');
@fwrite($f, '');
@ -150,34 +150,34 @@ $f = @fopen($file, 'w');
$copy_file = 0;
if ($copy_case == 'schema_data_both') {
$d = dir(G5_DATA_PATH.'/file/'.$bo_table);
$d = dir(G5_DATA_PATH . '/file/' . $bo_table);
while ($entry = $d->read()) {
if ($entry == '.' || $entry == '..') {
continue;
}
// 김선용 201007 :
if (is_dir(G5_DATA_PATH.'/file/'.$bo_table.'/'.$entry)) {
$dd = dir(G5_DATA_PATH.'/file/'.$bo_table.'/'.$entry);
@mkdir(G5_DATA_PATH.'/file/'.$target_table.'/'.$entry, G5_DIR_PERMISSION);
@chmod(G5_DATA_PATH.'/file/'.$target_table.'/'.$entry, G5_DIR_PERMISSION);
if (is_dir(G5_DATA_PATH . '/file/' . $bo_table . '/' . $entry)) {
$dd = dir(G5_DATA_PATH . '/file/' . $bo_table . '/' . $entry);
@mkdir(G5_DATA_PATH . '/file/' . $target_table . '/' . $entry, G5_DIR_PERMISSION);
@chmod(G5_DATA_PATH . '/file/' . $target_table . '/' . $entry, G5_DIR_PERMISSION);
while ($entry2 = $dd->read()) {
if ($entry2 == '.' || $entry2 == '..') {
continue;
}
@copy(G5_DATA_PATH.'/file/'.$bo_table.'/'.$entry.'/'.$entry2, G5_DATA_PATH.'/file/'.$target_table.'/'.$entry.'/'.$entry2);
@chmod(G5_DATA_PATH.'/file/'.$target_table.'/'.$entry.'/'.$entry2, G5_DIR_PERMISSION);
@copy(G5_DATA_PATH . '/file/' . $bo_table . '/' . $entry . '/' . $entry2, G5_DATA_PATH . '/file/' . $target_table . '/' . $entry . '/' . $entry2);
@chmod(G5_DATA_PATH . '/file/' . $target_table . '/' . $entry . '/' . $entry2, G5_DIR_PERMISSION);
$copy_file++;
}
$dd->close();
} else {
@copy(G5_DATA_PATH.'/file/'.$bo_table.'/'.$entry, G5_DATA_PATH.'/file/'.$target_table.'/'.$entry);
@chmod(G5_DATA_PATH.'/file/'.$target_table.'/'.$entry, G5_DIR_PERMISSION);
@copy(G5_DATA_PATH . '/file/' . $bo_table . '/' . $entry, G5_DATA_PATH . '/file/' . $target_table . '/' . $entry);
@chmod(G5_DATA_PATH . '/file/' . $target_table . '/' . $entry, G5_DIR_PERMISSION);
$copy_file++;
}
}
$d->close();
run_event('admin_board_copy_file', $bo_table, $target_table);
// 글복사
@ -194,26 +194,26 @@ if ($copy_case == 'schema_data_both') {
// 위의 코드는 같은 테이블명을 사용하였다는 오류가 발생함. (희한하네 ㅡㅡ;)
$sql = " select * from {$g5['board_file_table']} where bo_table = '$bo_table' ";
$result = sql_query($sql, false);
for ($i=0; $row=sql_fetch_array($result); $i++) {
for ($i = 0; $row = sql_fetch_array($result); $i++) {
$file_copy[$i] = $row;
}
}
if (count($file_copy)) {
for ($i=0; $i<count($file_copy); $i++) {
for ($i = 0; $i < count($file_copy); $i++) {
$file_copy[$i] = run_replace('admin_copy_update_file', $file_copy[$i], $file_copy[$i]['bf_file'], $bo_table, $target_table);
$sql = " insert into {$g5['board_file_table']}
set bo_table = '$target_table',
wr_id = '{$file_copy[$i]['wr_id']}',
bf_no = '{$file_copy[$i]['bf_no']}',
bf_source = '".addslashes($file_copy[$i]['bf_source'])."',
bf_source = '" . addslashes($file_copy[$i]['bf_source']) . "',
bf_file = '{$file_copy[$i]['bf_file']}',
bf_download = '{$file_copy[$i]['bf_download']}',
bf_content = '".addslashes($file_copy[$i]['bf_content'])."',
bf_fileurl = '".addslashes($file_copy[$i]['bf_fileurl'])."',
bf_thumburl = '".addslashes($file_copy[$i]['bf_thumburl'])."',
bf_storage = '".addslashes($file_copy[$i]['bf_storage'])."',
bf_content = '" . addslashes($file_copy[$i]['bf_content']) . "',
bf_fileurl = '" . addslashes($file_copy[$i]['bf_fileurl']) . "',
bf_thumburl = '" . addslashes($file_copy[$i]['bf_thumburl']) . "',
bf_storage = '" . addslashes($file_copy[$i]['bf_storage']) . "',
bf_filesize = '{$file_copy[$i]['bf_filesize']}',
bf_width = '{$file_copy[$i]['bf_width']}',
bf_height = '{$file_copy[$i]['bf_height']}',
@ -229,4 +229,4 @@ delete_cache_latest($target_table);
echo "<script>opener.document.location.reload();</script>";
alert("복사에 성공 했습니다.", './board_copy.php?bo_table='.$bo_table.'&amp;'.$qstr);
alert("복사에 성공 했습니다.", './board_copy.php?bo_table=' . $bo_table . '&amp;' . $qstr);

4
adm/board_delete.inc.php
View File

@ -1,7 +1,7 @@
<?php
// board_delete.php , boardgroup_delete.php 에서 include 하는 파일
// 개별 페이지 접근 불가
// 개별 페이지 접근 불가
if (!defined('_GNUBOARD_')) {
exit;
}
@ -39,4 +39,4 @@ sql_query(" delete from {$g5['board_good_table']} where bo_table = '{$tmp_bo_tab
delete_cache_latest($tmp_bo_table);
// 게시판 폴더 전체 삭제
rm_rf(G5_DATA_PATH.'/file/'.$tmp_bo_table);
rm_rf(G5_DATA_PATH . '/file/' . $tmp_bo_table);

22
adm/board_form.php
View File

@ -1,7 +1,7 @@
<?php
$sub_menu = "300100";
include_once('./_common.php');
include_once(G5_EDITOR_LIB);
require_once './_common.php';
require_once G5_EDITOR_LIB;
auth_check_menu($auth, $sub_menu, 'w');
@ -51,9 +51,11 @@ if (!isset($board['bo_use_sns'])) {
$result = sql_query(" select bo_table from `{$g5['board_table']}` ");
for ($i=0; $row=sql_fetch_array($result); $i++) {
sql_query(" ALTER TABLE `{$g5['write_prefix']}{$row['bo_table']}`
sql_query(
" ALTER TABLE `{$g5['write_prefix']}{$row['bo_table']}`
ADD `wr_facebook_user` VARCHAR(255) NOT NULL DEFAULT '' AFTER `wr_ip`,
ADD `wr_twitter_user` VARCHAR(255) NOT NULL DEFAULT '' AFTER `wr_facebook_user` ", false);
ADD `wr_twitter_user` VARCHAR(255) NOT NULL DEFAULT '' AFTER `wr_facebook_user` ", false
);
}
}
@ -68,8 +70,10 @@ if (!isset($board['bo_use_list_file'])) {
$result = sql_query(" select bo_table from `{$g5['board_table']}` ");
for ($i=0; $row=sql_fetch_array($result); $i++) {
sql_query(" ALTER TABLE `{$g5['write_prefix']}{$row['bo_table']}`
ADD `wr_file` TINYINT NOT NULL DEFAULT '0' AFTER `wr_datetime` ", false);
sql_query(
" ALTER TABLE `{$g5['write_prefix']}{$row['bo_table']}`
ADD `wr_file` TINYINT NOT NULL DEFAULT '0' AFTER `wr_datetime` ", false
);
}
}
@ -201,7 +205,7 @@ if ($is_admin != 'super') {
}
$g5['title'] = $html_title;
include_once('./admin.head.php');
require_once './admin.head.php';
$pg_anchor = '<ul class="anchor">
<li><a href="#anc_bo_basic">기본 설정</a></li>
@ -937,7 +941,7 @@ $pg_anchor = '<ul class="anchor">
<?php
echo help("파일 경로를 입력 또는 수정시 캡챠를 반드시 입력해야 합니다.");
include_once(G5_CAPTCHA_PATH.'/captcha.lib.php');
include_once G5_CAPTCHA_PATH.'/captcha.lib.php';
$captcha_html = captcha_html();
$captcha_js = chk_captcha_js();
echo $captcha_html;
@ -1491,4 +1495,4 @@ function fboardform_submit(f)
</script>
<?php
include_once('./admin.tail.php');
require_once './admin.tail.php';

48
adm/board_form_update.php
View File

@ -38,7 +38,7 @@ $bo_include_tail = isset($_POST['bo_include_tail']) ? preg_replace(array("#[\\\]
// 관리자가 자동등록방지를 사용해야 할 경우
if ($board && (isset($board['bo_include_head']) && $board['bo_include_head'] !== $bo_include_head || $board['bo_include_tail'] !== $bo_include_tail) && function_exists('get_admin_captcha_by') && get_admin_captcha_by()) {
include_once(G5_CAPTCHA_PATH.'/captcha.lib.php');
include_once(G5_CAPTCHA_PATH . '/captcha.lib.php');
if (!chk_captcha()) {
alert('자동등록방지 숫자가 틀렸습니다.');
@ -48,7 +48,7 @@ if ($board && (isset($board['bo_include_head']) && $board['bo_include_head'] !==
if ($file = $bo_include_head) {
$file_ext = pathinfo($file, PATHINFO_EXTENSION);
if (! $file_ext || ! in_array($file_ext, array('php', 'htm', 'html')) || ! preg_match('/^.*\.(php|htm|html)$/i', $file)) {
if (!$file_ext || !in_array($file_ext, array('php', 'htm', 'html')) || !preg_match('/^.*\.(php|htm|html)$/i', $file)) {
alert('상단 파일 경로의 확장자는 php, htm, html 만 허용합니다.');
}
}
@ -56,7 +56,7 @@ if ($file = $bo_include_head) {
if ($file = $bo_include_tail) {
$file_ext = pathinfo($file, PATHINFO_EXTENSION);
if (! $file_ext || ! in_array($file_ext, array('php', 'htm', 'html')) || ! preg_match('/^.*\.(php|htm|html)$/i', $file)) {
if (!$file_ext || !in_array($file_ext, array('php', 'htm', 'html')) || !preg_match('/^.*\.(php|htm|html)$/i', $file)) {
alert('하단 파일 경로의 확장자는 php, htm, html 만 허용합니다.');
}
}
@ -74,7 +74,7 @@ if (function_exists('filter_input_include_path')) {
$bo_include_tail = filter_input_include_path($bo_include_tail);
}
$board_path = G5_DATA_PATH.'/file/'.$bo_table;
$board_path = G5_DATA_PATH . '/file/' . $bo_table;
// 게시판 디렉토리 생성
@mkdir($board_path, G5_DIR_PERMISSION);
@ -164,8 +164,8 @@ $bo_sort_field = isset($_POST['bo_sort_field']) ? clean_xss_tags($_POST['bo_sort
$etcs = array();
for ($i = 1; $i <= 10; $i++) {
$etcs['bo_'.$i.'_subj'] = ${'bo_'.$i.'_subj'} = isset($_POST['bo_'.$i.'_subj']) ? $_POST['bo_'.$i.'_subj'] : '';
$etcs['bo_'.$i] = ${'bo_'.$i} = isset($_POST['bo_'.$i]) ? $_POST['bo_'.$i] : '';
$etcs['bo_' . $i . '_subj'] = ${'bo_' . $i . '_subj'} = isset($_POST['bo_' . $i . '_subj']) ? $_POST['bo_' . $i . '_subj'] : '';
$etcs['bo_' . $i] = ${'bo_' . $i} = isset($_POST['bo_' . $i]) ? $_POST['bo_' . $i] : '';
}
$sql_common = " gr_id = '{$gr_id}',
@ -222,8 +222,8 @@ $sql_common = " gr_id = '{$gr_id}',
// 최고 관리자인 경우에만 수정가능
if ($is_admin === 'super') {
$sql_common .= " bo_include_head = '".$bo_include_head."',
bo_include_tail = '".$bo_include_tail."',
$sql_common .= " bo_include_head = '" . $bo_include_head . "',
bo_include_tail = '" . $bo_include_tail . "',
bo_content_head = '{$bo_content_head}',
bo_content_tail = '{$bo_content_tail}',
bo_mobile_content_head = '{$bo_mobile_content_head}',
@ -271,7 +271,7 @@ $sql_common .= " bo_insert_content = '{$bo_insert_content}',
if ($w == '') {
$row = sql_fetch(" select count(*) as cnt from {$g5['board_table']} where bo_table = '{$bo_table}' ");
if ($row['cnt']) {
alert($bo_table.' 은(는) 이미 존재하는 TABLE 입니다.');
alert($bo_table . ' 은(는) 이미 존재하는 TABLE 입니다.');
}
$sql = " insert into {$g5['board_table']}
@ -315,7 +315,7 @@ if ($w == '') {
//$sql = " select wr_id from {$g5['write_prefix']}{$bo_table} where wr_is_comment = 0 ";
$sql = " select a.wr_id, (count(b.wr_parent) - 1) as cnt from {$g5['write_prefix']}{$bo_table} a, {$g5['write_prefix']}{$bo_table} b where a.wr_id=b.wr_parent and a.wr_is_comment=0 group by a.wr_id ";
$result = sql_query($sql);
for ($i=0; $row=sql_fetch_array($result); $i++) {
for ($i = 0; $row = sql_fetch_array($result); $i++) {
/*
// 코멘트수를 얻습니다.
$sql2 = " select count(*) as cnt from {$g5['write_prefix']}$bo_table where wr_parent = '{$row['wr_id']}' and wr_is_comment = 1 ";
@ -331,7 +331,7 @@ if ($w == '') {
$lf = "";
if ($board['bo_notice']) {
$tmp_array = explode(",", $board['bo_notice']);
for ($i=0; $i<count($tmp_array); $i++) {
for ($i = 0; $i < count($tmp_array); $i++) {
$tmp_wr_id = trim($tmp_array[$i]);
$row = sql_fetch(" select count(*) as cnt from {$g5['write_prefix']}{$bo_table} where wr_id = '{$tmp_wr_id}' ");
if ($row['cnt']) {
@ -401,9 +401,9 @@ if (is_checked('chk_grp_mobile_gallery_width')) $grp_fields .= " , bo_mobile_gal
if (is_checked('chk_grp_mobile_gallery_height'))$grp_fields .= " , bo_mobile_gallery_height = '{$bo_mobile_gallery_height}' ";
if (is_checked('chk_grp_table_width')) $grp_fields .= " , bo_table_width = '{$bo_table_width}' ";
if (is_checked('chk_grp_page_rows')) $grp_fields .= " , bo_page_rows = '{$bo_page_rows}' ";
if (is_checked('chk_grp_mobile_page_rows')) $grp_fields .= " , bo_mobile_page_rows = '{$bo_mobile_page_rows}' ";
if (is_checked('chk_grp_mobile_page_rows')) $grp_fields .= " , bo_mobile_page_rows = '{$bo_mobile_page_rows}' ";
if (is_checked('chk_grp_subject_len')) $grp_fields .= " , bo_subject_len = '{$bo_subject_len}' ";
if (is_checked('chk_grp_mobile_subject_len')) $grp_fields .= " , bo_mobile_subject_len = '{$bo_mobile_subject_len}' ";
if (is_checked('chk_grp_mobile_subject_len')) $grp_fields .= " , bo_mobile_subject_len = '{$bo_mobile_subject_len}' ";
if (is_checked('chk_grp_new')) $grp_fields .= " , bo_new = '{$bo_new}' ";
if (is_checked('chk_grp_hot')) $grp_fields .= " , bo_hot = '{$bo_hot}' ";
if (is_checked('chk_grp_image_width')) $grp_fields .= " , bo_image_width = '{$bo_image_width}' ";
@ -429,10 +429,10 @@ if ($is_admin === 'super') {
if (is_checked('chk_grp_insert_content')) $grp_fields .= " , bo_insert_content = '{$bo_insert_content}' ";
if (is_checked('chk_grp_use_search')) $grp_fields .= " , bo_use_search = '{$bo_use_search}' ";
if (is_checked('chk_grp_order')) $grp_fields .= " , bo_order = '{$bo_order}' ";
for ($i=1; $i<=10; $i++) {
if (is_checked('chk_grp_'.$i)) {
$grp_fields .= " , bo_{$i}_subj = '".$etcs['bo_'.$i.'_subj']."' ";
$grp_fields .= " , bo_{$i} = '".$etcs['bo_'.$i]."' ";
for ($i = 1; $i <= 10; $i++) {
if (is_checked('chk_grp_' . $i)) {
$grp_fields .= " , bo_{$i}_subj = '" . $etcs['bo_' . $i . '_subj'] . "' ";
$grp_fields .= " , bo_{$i} = '" . $etcs['bo_' . $i] . "' ";
}
}
@ -488,12 +488,12 @@ if (is_checked('chk_all_gallery_cols')) $all_fields .= " , bo_gallery_co
if (is_checked('chk_all_gallery_width')) $all_fields .= " , bo_gallery_width = '{$bo_gallery_width}' ";
if (is_checked('chk_all_gallery_height')) $all_fields .= " , bo_gallery_height = '{$bo_gallery_height}' ";
if (is_checked('chk_all_mobile_gallery_width')) $all_fields .= " , bo_mobile_gallery_width = '{$bo_mobile_gallery_width}' ";
if (is_checked('chk_all_mobile_gallery_height'))$all_fields .= " , bo_mobile_gallery_height = '{$bo_mobile_gallery_height}' ";
if (is_checked('chk_all_mobile_gallery_height')) $all_fields .= " , bo_mobile_gallery_height = '{$bo_mobile_gallery_height}' ";
if (is_checked('chk_all_table_width')) $all_fields .= " , bo_table_width = '{$bo_table_width}' ";
if (is_checked('chk_all_page_rows')) $all_fields .= " , bo_page_rows = '{$bo_page_rows}' ";
if (is_checked('chk_all_mobile_page_rows')) $all_fields .= " , bo_mobile_page_rows = '{$bo_mobile_page_rows}' ";
if (is_checked('chk_all_mobile_page_rows')) $all_fields .= " , bo_mobile_page_rows = '{$bo_mobile_page_rows}' ";
if (is_checked('chk_all_subject_len')) $all_fields .= " , bo_subject_len = '{$bo_subject_len}' ";
if (is_checked('chk_all_mobile_subject_len')) $all_fields .= " , bo_mobile_subject_len = '{$bo_mobile_subject_len}' ";
if (is_checked('chk_all_mobile_subject_len')) $all_fields .= " , bo_mobile_subject_len = '{$bo_mobile_subject_len}' ";
if (is_checked('chk_all_new')) $all_fields .= " , bo_new = '{$bo_new}' ";
if (is_checked('chk_all_hot')) $all_fields .= " , bo_hot = '{$bo_hot}' ";
if (is_checked('chk_all_image_width')) $all_fields .= " , bo_image_width = '{$bo_image_width}' ";
@ -519,10 +519,10 @@ if ($is_admin === 'super') {
if (is_checked('chk_all_insert_content')) $all_fields .= " , bo_insert_content = '{$bo_insert_content}' ";
if (is_checked('chk_all_use_search')) $all_fields .= " , bo_use_search = '{$bo_use_search}' ";
if (is_checked('chk_all_order')) $all_fields .= " , bo_order = '{$bo_order}' ";
for ($i=1; $i<=10; $i++) {
if (is_checked('chk_all_'.$i)) {
$all_fields .= " , bo_{$i}_subj = '".$etcs['bo_'.$i.'_subj']."' ";
$all_fields .= " , bo_{$i} = '".$etcs['bo_'.$i]."' ";
for ($i = 1; $i <= 10; $i++) {
if (is_checked('chk_all_' . $i)) {
$all_fields .= " , bo_{$i}_subj = '" . $etcs['bo_' . $i . '_subj'] . "' ";
$all_fields .= " , bo_{$i} = '" . $etcs['bo_' . $i] . "' ";
}
}

307
adm/board_list.php
View File

@ -1,6 +1,6 @@
<?php
$sub_menu = "300100";
include_once('./_common.php');
require_once './_common.php';
auth_check_menu($auth, $sub_menu, 'r');
@ -48,10 +48,10 @@ $from_record = ($page - 1) * $rows; // 시작 열을 구함
$sql = " select * {$sql_common} {$sql_search} {$sql_order} limit {$from_record}, {$rows} ";
$result = sql_query($sql);
$listall = '<a href="'.$_SERVER['SCRIPT_NAME'].'" class="ov_listall">전체목록</a>';
$listall = '<a href="' . $_SERVER['SCRIPT_NAME'] . '" class="ov_listall">전체목록</a>';
$g5['title'] = '게시판관리';
include_once('./admin.head.php');
require_once './admin.head.php';
$colspan = 15;
?>
@ -62,174 +62,173 @@ $colspan = 15;
</div>
<form name="fsearch" id="fsearch" class="local_sch01 local_sch" method="get">
<label for="sfl" class="sound_only">검색대상</label>
<select name="sfl" id="sfl">
<option value="bo_table"<?php echo get_selected($sfl, "bo_table", true); ?>>TABLE</option>
<option value="bo_subject"<?php echo get_selected($sfl, "bo_subject"); ?>>제목</option>
<option value="a.gr_id"<?php echo get_selected($sfl, "a.gr_id"); ?>>그룹ID</option>
</select>
<label for="stx" class="sound_only">검색어<strong class="sound_only"> 필수</strong></label>
<input type="text" name="stx" value="<?php echo $stx ?>" id="stx" required class="required frm_input">
<input type="submit" value="검색" class="btn_submit">
<label for="sfl" class="sound_only">검색대상</label>
<select name="sfl" id="sfl">
<option value="bo_table" <?php echo get_selected($sfl, "bo_table", true); ?>>TABLE</option>
<option value="bo_subject" <?php echo get_selected($sfl, "bo_subject"); ?>>제목</option>
<option value="a.gr_id" <?php echo get_selected($sfl, "a.gr_id"); ?>>그룹ID</option>
</select>
<label for="stx" class="sound_only">검색어<strong class="sound_only"> 필수</strong></label>
<input type="text" name="stx" value="<?php echo $stx ?>" id="stx" required class="required frm_input">
<input type="submit" value="검색" class="btn_submit">
</form>
<form name="fboardlist" id="fboardlist" action="./board_list_update.php" onsubmit="return fboardlist_submit(this);" method="post">
<input type="hidden" name="sst" value="<?php echo $sst ?>">
<input type="hidden" name="sod" value="<?php echo $sod ?>">
<input type="hidden" name="sfl" value="<?php echo $sfl ?>">
<input type="hidden" name="stx" value="<?php echo $stx ?>">
<input type="hidden" name="page" value="<?php echo $page ?>">
<input type="hidden" name="token" value="<?php echo isset($token) ? $token : ''; ?>">
<input type="hidden" name="sst" value="<?php echo $sst ?>">
<input type="hidden" name="sod" value="<?php echo $sod ?>">
<input type="hidden" name="sfl" value="<?php echo $sfl ?>">
<input type="hidden" name="stx" value="<?php echo $stx ?>">
<input type="hidden" name="page" value="<?php echo $page ?>">
<input type="hidden" name="token" value="<?php echo isset($token) ? $token : ''; ?>">
<div class="tbl_head01 tbl_wrap">
<table>
<caption><?php echo $g5['title']; ?> 목록</caption>
<thead>
<tr>
<th scope="col">
<label for="chkall" class="sound_only">게시판 전체</label>
<input type="checkbox" name="chkall" value="1" id="chkall" onclick="check_all(this.form)">
</th>
<th scope="col"><?php echo subject_sort_link('a.gr_id') ?>그룹</a></th>
<th scope="col"><?php echo subject_sort_link('bo_table') ?>TABLE</a></th>
<th scope="col"><?php echo subject_sort_link('bo_skin', '', 'desc') ?>스킨</a></th>
<th scope="col"><?php echo subject_sort_link('bo_mobile_skin', '', 'desc') ?>모바일<br>스킨</a></th>
<th scope="col"><?php echo subject_sort_link('bo_subject') ?>제목</a></th>
<th scope="col">읽기P<span class="sound_only">포인트</span></th>
<th scope="col">쓰기P<span class="sound_only">포인트</span></th>
<th scope="col">댓글P<span class="sound_only">포인트</span></th>
<th scope="col">다운P<span class="sound_only">포인트</span></th>
<th scope="col"><?php echo subject_sort_link('bo_use_sns') ?>SNS<br>사용</a></th>
<th scope="col"><?php echo subject_sort_link('bo_use_search') ?>검색<br>사용</a></th>
<th scope="col"><?php echo subject_sort_link('bo_order') ?>출력<br>순서</a></th>
<th scope="col">접속기기</th>
<th scope="col">관리</th>
</tr>
</thead>
<tbody>
<?php
for ($i=0; $row=sql_fetch_array($result); $i++) {
$one_update = '<a href="./board_form.php?w=u&amp;bo_table='.$row['bo_table'].'&amp;'.$qstr.'" class="btn btn_03">수정</a>';
$one_copy = '<a href="./board_copy.php?bo_table='.$row['bo_table'].'" class="board_copy btn btn_02" target="win_board_copy">복사</a>';
<div class="tbl_head01 tbl_wrap">
<table>
<caption><?php echo $g5['title']; ?> 목록</caption>
<thead>
<tr>
<th scope="col">
<label for="chkall" class="sound_only">게시판 전체</label>
<input type="checkbox" name="chkall" value="1" id="chkall" onclick="check_all(this.form)">
</th>
<th scope="col"><?php echo subject_sort_link('a.gr_id') ?>그룹</a></th>
<th scope="col"><?php echo subject_sort_link('bo_table') ?>TABLE</a></th>
<th scope="col"><?php echo subject_sort_link('bo_skin', '', 'desc') ?>스킨</a></th>
<th scope="col"><?php echo subject_sort_link('bo_mobile_skin', '', 'desc') ?>모바일<br>스킨</a></th>
<th scope="col"><?php echo subject_sort_link('bo_subject') ?>제목</a></th>
<th scope="col">읽기P<span class="sound_only">포인트</span></th>
<th scope="col">쓰기P<span class="sound_only">포인트</span></th>
<th scope="col">댓글P<span class="sound_only">포인트</span></th>
<th scope="col">다운P<span class="sound_only">포인트</span></th>
<th scope="col"><?php echo subject_sort_link('bo_use_sns') ?>SNS<br>사용</a></th>
<th scope="col"><?php echo subject_sort_link('bo_use_search') ?>검색<br>사용</a></th>
<th scope="col"><?php echo subject_sort_link('bo_order') ?>출력<br>순서</a></th>
<th scope="col">접속기기</th>
<th scope="col">관리</th>
</tr>
</thead>
<tbody>
<?php
for ($i = 0; $row = sql_fetch_array($result); $i++) {
$one_update = '<a href="./board_form.php?w=u&amp;bo_table=' . $row['bo_table'] . '&amp;' . $qstr . '" class="btn btn_03">수정</a>';
$one_copy = '<a href="./board_copy.php?bo_table=' . $row['bo_table'] . '" class="board_copy btn btn_02" target="win_board_copy">복사</a>';
$bg = 'bg'.($i % 2);
?>
$bg = 'bg' . ($i % 2);
?>
<tr class="<?php echo $bg; ?>">
<td class="td_chk">
<label for="chk_<?php echo $i; ?>" class="sound_only"><?php echo get_text($row['bo_subject']) ?></label>
<input type="checkbox" name="chk[]" value="<?php echo $i ?>" id="chk_<?php echo $i ?>">
</td>
<td>
<?php if ($is_admin == 'super') { ?>
<?php echo get_group_select("gr_id[$i]", $row['gr_id']) ?>
<?php } else { ?>
<input type="hidden" name="gr_id[<?php echo $i ?>]" value="<?php echo $row['gr_id'] ?>"><?php echo $row['gr_subject'] ?>
<?php } ?>
</td>
<td>
<input type="hidden" name="board_table[<?php echo $i ?>]" value="<?php echo $row['bo_table'] ?>">
<a href="<?php echo get_pretty_url($row['bo_table']) ?>"><?php echo $row['bo_table'] ?></a>
</td>
<td>
<label for="bo_skin_<?php echo $i; ?>" class="sound_only">스킨</label>
<?php echo get_skin_select('board', 'bo_skin_'.$i, "bo_skin[$i]", $row['bo_skin']); ?>
</td>
<td>
<label for="bo_mobile_skin_<?php echo $i; ?>" class="sound_only">모바일 스킨</label>
<?php echo get_mobile_skin_select('board', 'bo_mobile_skin_'.$i, "bo_mobile_skin[$i]", $row['bo_mobile_skin']); ?>
</td>
<td>
<label for="bo_subject_<?php echo $i; ?>" class="sound_only">게시판 제목<strong class="sound_only"> 필수</strong></label>
<input type="text" name="bo_subject[<?php echo $i ?>]" value="<?php echo get_text($row['bo_subject']) ?>" id="bo_subject_<?php echo $i ?>" required class="required tbl_input bo_subject full_input" size="10">
</td>
<td class="td_numsmall">
<label for="bo_read_point_<?php echo $i; ?>" class="sound_only">읽기 포인트</label>
<input type="text" name="bo_read_point[<?php echo $i ?>]" value="<?php echo $row['bo_read_point'] ?>" id="bo_read_point_<?php echo $i; ?>" class="tbl_input" size="2">
</td>
<td class="td_numsmall">
<label for="bo_write_point_<?php echo $i; ?>" class="sound_only">쓰기 포인트</label>
<input type="text" name="bo_write_point[<?php echo $i ?>]" value="<?php echo $row['bo_write_point'] ?>" id="bo_write_point_<?php echo $i; ?>" class="tbl_input" size="2">
</td>
<td class="td_numsmall">
<label for="bo_comment_point_<?php echo $i; ?>" class="sound_only">댓글 포인트</label>
<input type="text" name="bo_comment_point[<?php echo $i ?>]" value="<?php echo $row['bo_comment_point'] ?>" id="bo_comment_point_<?php echo $i; ?>" class="tbl_input" size="2">
</td>
<td class="td_numsmall">
<label for="bo_download_point_<?php echo $i; ?>" class="sound_only">다운<br>포인트</label>
<input type="text" name="bo_download_point[<?php echo $i ?>]" value="<?php echo $row['bo_download_point'] ?>" id="bo_download_point_<?php echo $i; ?>" class="tbl_input" size="2">
</td>
<td class="td_numsmall">
<label for="bo_use_sns_<?php echo $i; ?>" class="sound_only">SNS<br>사용</label>
<input type="checkbox" name="bo_use_sns[<?php echo $i ?>]" value="1" id="bo_use_sns_<?php echo $i ?>" <?php echo $row['bo_use_sns']?"checked":"" ?>>
</td>
<td class="td_numsmall">
<label for="bo_use_search_<?php echo $i; ?>" class="sound_only">검색<br>사용</label>
<input type="checkbox" name="bo_use_search[<?php echo $i ?>]" value="1" id="bo_use_search_<?php echo $i ?>" <?php echo $row['bo_use_search']?"checked":"" ?>>
</td>
<td class="td_numsmall">
<label for="bo_order_<?php echo $i; ?>" class="sound_only">출력<br>순서</label>
<input type="text" name="bo_order[<?php echo $i ?>]" value="<?php echo $row['bo_order'] ?>" id="bo_order_<?php echo $i ?>" class="tbl_input" size="2">
</td>
<td class="td_mngsmall">
<label for="bo_device_<?php echo $i; ?>" class="sound_only">접속기기</label>
<select name="bo_device[<?php echo $i ?>]" id="bo_device_<?php echo $i ?>">
<option value="both"<?php echo get_selected($row['bo_device'], 'both', true); ?>>모두</option>
<option value="pc"<?php echo get_selected($row['bo_device'], 'pc'); ?>>PC</option>
<option value="mobile"<?php echo get_selected($row['bo_device'], 'mobile'); ?>>모바일</option>
</select>
</td>
<td class="td_mng td_mng_m">
<?php echo $one_update ?>
<?php echo $one_copy ?>
</td>
</tr>
<?php
}
if ($i == 0) {
echo '<tr><td colspan="'.$colspan.'" class="empty_table">자료가 없습니다.</td></tr>';
}
?>
</tbody>
</table>
</div>
<tr class="<?php echo $bg; ?>">
<td class="td_chk">
<label for="chk_<?php echo $i; ?>" class="sound_only"><?php echo get_text($row['bo_subject']) ?></label>
<input type="checkbox" name="chk[]" value="<?php echo $i ?>" id="chk_<?php echo $i ?>">
</td>
<td>
<?php if ($is_admin == 'super') { ?>
<?php echo get_group_select("gr_id[$i]", $row['gr_id']) ?>
<?php } else { ?>
<input type="hidden" name="gr_id[<?php echo $i ?>]" value="<?php echo $row['gr_id'] ?>"><?php echo $row['gr_subject'] ?>
<?php } ?>
</td>
<td>
<input type="hidden" name="board_table[<?php echo $i ?>]" value="<?php echo $row['bo_table'] ?>">
<a href="<?php echo get_pretty_url($row['bo_table']) ?>"><?php echo $row['bo_table'] ?></a>
</td>
<td>
<label for="bo_skin_<?php echo $i; ?>" class="sound_only">스킨</label>
<?php echo get_skin_select('board', 'bo_skin_' . $i, "bo_skin[$i]", $row['bo_skin']); ?>
</td>
<td>
<label for="bo_mobile_skin_<?php echo $i; ?>" class="sound_only">모바일 스킨</label>
<?php echo get_mobile_skin_select('board', 'bo_mobile_skin_' . $i, "bo_mobile_skin[$i]", $row['bo_mobile_skin']); ?>
</td>
<td>
<label for="bo_subject_<?php echo $i; ?>" class="sound_only">게시판 제목<strong class="sound_only"> 필수</strong></label>
<input type="text" name="bo_subject[<?php echo $i ?>]" value="<?php echo get_text($row['bo_subject']) ?>" id="bo_subject_<?php echo $i ?>" required class="required tbl_input bo_subject full_input" size="10">
</td>
<td class="td_numsmall">
<label for="bo_read_point_<?php echo $i; ?>" class="sound_only">읽기 포인트</label>
<input type="text" name="bo_read_point[<?php echo $i ?>]" value="<?php echo $row['bo_read_point'] ?>" id="bo_read_point_<?php echo $i; ?>" class="tbl_input" size="2">
</td>
<td class="td_numsmall">
<label for="bo_write_point_<?php echo $i; ?>" class="sound_only">쓰기 포인트</label>
<input type="text" name="bo_write_point[<?php echo $i ?>]" value="<?php echo $row['bo_write_point'] ?>" id="bo_write_point_<?php echo $i; ?>" class="tbl_input" size="2">
</td>
<td class="td_numsmall">
<label for="bo_comment_point_<?php echo $i; ?>" class="sound_only">댓글 포인트</label>
<input type="text" name="bo_comment_point[<?php echo $i ?>]" value="<?php echo $row['bo_comment_point'] ?>" id="bo_comment_point_<?php echo $i; ?>" class="tbl_input" size="2">
</td>
<td class="td_numsmall">
<label for="bo_download_point_<?php echo $i; ?>" class="sound_only">다운<br>포인트</label>
<input type="text" name="bo_download_point[<?php echo $i ?>]" value="<?php echo $row['bo_download_point'] ?>" id="bo_download_point_<?php echo $i; ?>" class="tbl_input" size="2">
</td>
<td class="td_numsmall">
<label for="bo_use_sns_<?php echo $i; ?>" class="sound_only">SNS<br>사용</label>
<input type="checkbox" name="bo_use_sns[<?php echo $i ?>]" value="1" id="bo_use_sns_<?php echo $i ?>" <?php echo $row['bo_use_sns'] ? "checked" : "" ?>>
</td>
<td class="td_numsmall">
<label for="bo_use_search_<?php echo $i; ?>" class="sound_only">검색<br>사용</label>
<input type="checkbox" name="bo_use_search[<?php echo $i ?>]" value="1" id="bo_use_search_<?php echo $i ?>" <?php echo $row['bo_use_search'] ? "checked" : "" ?>>
</td>
<td class="td_numsmall">
<label for="bo_order_<?php echo $i; ?>" class="sound_only">출력<br>순서</label>
<input type="text" name="bo_order[<?php echo $i ?>]" value="<?php echo $row['bo_order'] ?>" id="bo_order_<?php echo $i ?>" class="tbl_input" size="2">
</td>
<td class="td_mngsmall">
<label for="bo_device_<?php echo $i; ?>" class="sound_only">접속기기</label>
<select name="bo_device[<?php echo $i ?>]" id="bo_device_<?php echo $i ?>">
<option value="both" <?php echo get_selected($row['bo_device'], 'both', true); ?>>모두</option>
<option value="pc" <?php echo get_selected($row['bo_device'], 'pc'); ?>>PC</option>
<option value="mobile" <?php echo get_selected($row['bo_device'], 'mobile'); ?>>모바일</option>
</select>
</td>
<td class="td_mng td_mng_m">
<?php echo $one_update ?>
<?php echo $one_copy ?>
</td>
</tr>
<?php
}
if ($i == 0) {
echo '<tr><td colspan="' . $colspan . '" class="empty_table">자료가 없습니다.</td></tr>';
}
?>
</tbody>
</table>
</div>
<div class="btn_fixed_top">
<input type="submit" name="act_button" value="선택수정" onclick="document.pressed=this.value" class="btn_02 btn">
<?php if ($is_admin == 'super') { ?>
<input type="submit" name="act_button" value="선택삭제" onclick="document.pressed=this.value" class="btn_02 btn">
<a href="./board_form.php" id="bo_add" class="btn_01 btn">게시판 추가</a>
<?php } ?>
</div>
<div class="btn_fixed_top">
<input type="submit" name="act_button" value="선택수정" onclick="document.pressed=this.value" class="btn_02 btn">
<?php if ($is_admin == 'super') { ?>
<input type="submit" name="act_button" value="선택삭제" onclick="document.pressed=this.value" class="btn_02 btn">
<a href="./board_form.php" id="bo_add" class="btn_01 btn">게시판 추가</a>
<?php } ?>
</div>
</form>
<?php echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, $_SERVER['SCRIPT_NAME'].'?'.$qstr.'&amp;page='); ?>
<?php echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, $_SERVER['SCRIPT_NAME'] . '?' . $qstr . '&amp;page='); ?>
<script>
function fboardlist_submit(f)
{
if (!is_checked("chk[]")) {
alert(document.pressed+" 하실 항목을 하나 이상 선택하세요.");
return false;
}
if(document.pressed == "선택삭제") {
if(!confirm("선택한 자료를 정말 삭제하시겠습니까?")) {
function fboardlist_submit(f) {
if (!is_checked("chk[]")) {
alert(document.pressed + " 하실 항목을 하나 이상 선택하세요.");
return false;
}
if (document.pressed == "선택삭제") {
if (!confirm("선택한 자료를 정말 삭제하시겠습니까?")) {
return false;
}
}
return true;
}
return true;
}
$(function(){
$(".board_copy").click(function(){
window.open(this.href, "win_board_copy", "left=100,top=100,width=550,height=450");
return false;
$(function() {
$(".board_copy").click(function() {
window.open(this.href, "win_board_copy", "left=100,top=100,width=550,height=450");
return false;
});
});
});
</script>
<?php
include_once('./admin.tail.php');
require_once './admin.tail.php';

44
adm/board_list_update.php
View File

@ -1,6 +1,6 @@
<?php
$sub_menu = "300100";
include_once('./_common.php');
require_once './_common.php';
check_demo();
@ -9,8 +9,8 @@ $chk = (isset($_POST['chk']) && is_array($_POST['chk'])) ? $_POST['ch
$act_button = isset($_POST['act_button']) ? strip_tags($_POST['act_button']) : '';
$board_table = (isset($_POST['board_table']) && is_array($_POST['board_table'])) ? $_POST['board_table'] : array();
if (! $post_count_chk) {
alert($act_button." 하실 항목을 하나 이상 체크하세요.");
if (!$post_count_chk) {
alert($act_button . " 하실 항목을 하나 이상 체크하세요.");
}
check_admin_token();
@ -18,7 +18,7 @@ check_admin_token();
if ($act_button === "선택수정") {
auth_check_menu($auth, $sub_menu, 'w');
for ($i=0; $i<$post_count_chk; $i++) {
for ($i = 0; $i < $post_count_chk; $i++) {
// 실제 번호를 넘김
$k = isset($_POST['chk'][$i]) ? (int) $_POST['chk'][$i] : 0;
@ -37,31 +37,31 @@ if ($act_button === "선택수정") {
if ($is_admin != 'super') {
$sql = " select count(*) as cnt from {$g5['board_table']} a, {$g5['group_table']} b
where a.gr_id = '".sql_real_escape_string($post_gr_id)."'
where a.gr_id = '" . sql_real_escape_string($post_gr_id) . "'
and a.gr_id = b.gr_id
and b.gr_admin = '{$member['mb_id']}' ";
$row = sql_fetch($sql);
if (!$row['cnt']) {
alert('최고관리자가 아닌 경우 다른 관리자의 게시판('.$board_table[$k].')은 수정이 불가합니다.');
alert('최고관리자가 아닌 경우 다른 관리자의 게시판(' . $board_table[$k] . ')은 수정이 불가합니다.');
}
}
$p_bo_subject = is_array($_POST['bo_subject']) ? strip_tags(clean_xss_attributes($_POST['bo_subject'][$k])) : '';
$sql = " update {$g5['board_table']}
set gr_id = '".sql_real_escape_string($post_gr_id)."',
bo_subject = '".$p_bo_subject."',
bo_device = '".sql_real_escape_string($post_bo_device)."',
bo_skin = '".sql_real_escape_string($post_bo_skin)."',
bo_mobile_skin = '".sql_real_escape_string($post_bo_mobile_skin)."',
bo_read_point = '".sql_real_escape_string($post_bo_read_point)."',
bo_write_point = '".sql_real_escape_string($post_bo_write_point)."',
bo_comment_point = '".sql_real_escape_string($post_bo_comment_point)."',
bo_download_point = '".sql_real_escape_string($post_bo_download_point)."',
bo_use_search = '".sql_real_escape_string($post_bo_use_search)."',
bo_use_sns = '".sql_real_escape_string($post_bo_use_sns)."',
bo_order = '".sql_real_escape_string($post_bo_order)."'
where bo_table = '".sql_real_escape_string($post_board_table)."' ";
set gr_id = '" . sql_real_escape_string($post_gr_id) . "',
bo_subject = '" . $p_bo_subject . "',
bo_device = '" . sql_real_escape_string($post_bo_device) . "',
bo_skin = '" . sql_real_escape_string($post_bo_skin) . "',
bo_mobile_skin = '" . sql_real_escape_string($post_bo_mobile_skin) . "',
bo_read_point = '" . sql_real_escape_string($post_bo_read_point) . "',
bo_write_point = '" . sql_real_escape_string($post_bo_write_point) . "',
bo_comment_point = '" . sql_real_escape_string($post_bo_comment_point) . "',
bo_download_point = '" . sql_real_escape_string($post_bo_download_point) . "',
bo_use_search = '" . sql_real_escape_string($post_bo_use_search) . "',
bo_use_sns = '" . sql_real_escape_string($post_bo_use_sns) . "',
bo_order = '" . sql_real_escape_string($post_bo_order) . "'
where bo_table = '" . sql_real_escape_string($post_board_table) . "' ";
sql_query($sql);
}
@ -78,7 +78,7 @@ if ($act_button === "선택수정") {
or it should execute logic with side effects, but should not do both.*/
define('_BOARD_DELETE_', true);
for ($i=0; $i<$post_count_chk; $i++) {
for ($i = 0; $i < $post_count_chk; $i++) {
// 실제 번호를 넘김
$k = isset($_POST['chk'][$i]) ? (int) $_POST['chk'][$i] : 0;
@ -86,11 +86,11 @@ if ($act_button === "선택수정") {
$tmp_bo_table = isset($_POST['board_table'][$k]) ? trim(clean_xss_tags($_POST['board_table'][$k], 1, 1)) : '';
if (preg_match("/^[A-Za-z0-9_]+$/", $tmp_bo_table)) {
include('./board_delete.inc.php');
include './board_delete.inc.php';
}
}
}
run_event('admin_board_list_update', $act_button, $chk, $board_table, $qstr);
goto_url('./board_list.php?'.$qstr);
goto_url('./board_list.php?' . $qstr);

18
adm/board_thumbnail_delete.php
View File

@ -1,6 +1,6 @@
<?php
$sub_menu = '300100';
include_once('./_common.php');
require_once './_common.php';
auth_check_menu($auth, $sub_menu, 'w');
@ -8,8 +8,8 @@ if (!$board['bo_table']) {
alert('존재하지 않는 게시판입니다.');
}
$g5['title'] = $board['bo_subject'].' 게시판 썸네일 삭제';
include_once('./admin.head.php');
$g5['title'] = $board['bo_subject'] . ' 게시판 썸네일 삭제';
require_once './admin.head.php';
?>
<div class="local_desc02 local_desc">
@ -19,18 +19,18 @@ include_once('./admin.head.php');
</div>
<?php
$dir = G5_DATA_PATH.'/file/'.$bo_table;
$dir = G5_DATA_PATH . '/file/' . $bo_table;
$cnt = 0;
if (is_dir($dir)) {
echo '<ul>';
$files = glob($dir.'/thumb-*');
$files = glob($dir . '/thumb-*');
if (is_array($files)) {
foreach ($files as $thumbnail) {
$cnt++;
@unlink($thumbnail);
echo '<li>'.$thumbnail.'</li>'.PHP_EOL;
echo '<li>' . $thumbnail . '</li>' . PHP_EOL;
flush();
@ -40,8 +40,8 @@ if (is_dir($dir)) {
}
}
echo '<li>완료됨</li></ul>'.PHP_EOL;
echo '<div class="local_desc01 local_desc"><p><strong>썸네일 '.$cnt.'건의 삭제 완료됐습니다.</strong></p></div>'.PHP_EOL;
echo '<li>완료됨</li></ul>' . PHP_EOL;
echo '<div class="local_desc01 local_desc"><p><strong>썸네일 ' . $cnt . '건의 삭제 완료됐습니다.</strong></p></div>' . PHP_EOL;
} else {
echo '<p>첨부파일 디렉토리가 존재하지 않습니다.</p>';
}
@ -50,4 +50,4 @@ if (is_dir($dir)) {
<div class="btn_confirm01 btn_confirm"><a href="./board_form.php?w=u&amp;bo_table=<?php echo $bo_table; ?>&amp;<?php echo $qstr; ?>">게시판 수정으로 돌아가기</a></div>
<?php
include_once('./admin.tail.php');
require_once './admin.tail.php';

225
adm/boardgroup_form.php
View File

@ -1,6 +1,6 @@
<?php
$sub_menu = "300200";
include_once('./_common.php');
require_once './_common.php';
auth_check_menu($auth, $sub_menu, 'w');
@ -12,13 +12,13 @@ $html_title = '게시판그룹';
$gr_id_attr = '';
$sound_only = '';
if (! isset($group['gr_id'])) {
if (!isset($group['gr_id'])) {
$group['gr_id'] = '';
$group['gr_subject'] = '';
$group['gr_device'] = '';
}
$gr = array('gr_use_access' => 0, 'gr_admin'=>'');
$gr = array('gr_use_access' => 0, 'gr_admin' => '');
if ($w == '') {
$gr_id_attr = 'required';
$sound_only = '<strong class="sound_only"> 필수</strong>';
@ -41,115 +41,115 @@ $row1 = sql_fetch($sql1);
$group_member_count = $row1['cnt'];
$g5['title'] = $html_title;
include_once('./admin.head.php');
require_once './admin.head.php';
?>
<form name="fboardgroup" id="fboardgroup" action="./boardgroup_form_update.php" onsubmit="return fboardgroup_check(this);" method="post" autocomplete="off">
<input type="hidden" name="w" value="<?php echo $w ?>">
<input type="hidden" name="sfl" value="<?php echo $sfl ?>">
<input type="hidden" name="stx" value="<?php echo $stx ?>">
<input type="hidden" name="sst" value="<?php echo $sst ?>">
<input type="hidden" name="sod" value="<?php echo $sod ?>">
<input type="hidden" name="page" value="<?php echo $page ?>">
<input type="hidden" name="token" value="">
<input type="hidden" name="w" value="<?php echo $w ?>">
<input type="hidden" name="sfl" value="<?php echo $sfl ?>">
<input type="hidden" name="stx" value="<?php echo $stx ?>">
<input type="hidden" name="sst" value="<?php echo $sst ?>">
<input type="hidden" name="sod" value="<?php echo $sod ?>">
<input type="hidden" name="page" value="<?php echo $page ?>">
<input type="hidden" name="token" value="">
<div class="tbl_frm01 tbl_wrap">
<table>
<caption><?php echo $g5['title']; ?></caption>
<colgroup>
<col class="grid_4">
<col>
</colgroup>
<tbody>
<tr>
<th scope="row"><label for="gr_id">그룹 ID<?php echo $sound_only ?></label></th>
<td><input type="text" name="gr_id" value="<?php echo $group['gr_id'] ?>" id="gr_id" <?php echo $gr_id_attr; ?> class="<?php echo $gr_id_attr; ?> alnum_ frm_input" maxlength="10">
<?php
if ($w=='') {
echo '영문자, 숫자, _ 만 가능 (공백없이)';
} else {
echo '<a href="'.G5_BBS_URL.'/group.php?gr_id='.$group['gr_id'].'" class="btn_frmline">게시판그룹 바로가기</a>';
}
?>
</td>
</tr>
<tr>
<th scope="row"><label for="gr_subject">그룹 제목<strong class="sound_only"> 필수</strong></label></th>
<td>
<input type="text" name="gr_subject" value="<?php echo get_text($group['gr_subject']) ?>" id="gr_subject" required class="required frm_input" size="80">
<?php
if ($w == 'u') {
echo '<a href="./board_form.php?gr_id='.$gr_id.'" class="btn_frmline">게시판생성</a>';
}
?>
</td>
</tr>
<tr>
<th scope="row"><label for="gr_device">접속기기</label></th>
<td>
<?php echo help("PC 와 모바일 사용을 구분합니다.") ?>
<select id="gr_device" name="gr_device">
<option value="both"<?php echo get_selected($group['gr_device'], 'both', true); ?>>PC와 모바일에서 모두 사용</option>
<option value="pc"<?php echo get_selected($group['gr_device'], 'pc'); ?>>PC 전용</option>
<option value="mobile"<?php echo get_selected($group['gr_device'], 'mobile'); ?>>모바일 전용</option>
</select>
</td>
</tr>
<tr>
<th scope="row">
<?php
if ($is_admin == 'super') {
echo '<label for="gr_admin">그룹 관리자</label>';
} else {
echo '그룹 관리자';
}
?>
</th>
<td>
<?php
if ($is_admin == 'super') {
echo '<input type="text" id="gr_admin" name="gr_admin" class="frm_input" value="'.$gr['gr_admin'].'" maxlength="20">';
} else {
echo '<input type="hidden" id="gr_admin" name="gr_admin" value="'.$gr['gr_admin'].'">'.$gr['gr_admin'];
}
?>
</td>
</tr>
<tr>
<th scope="row"><label for="gr_use_access">접근회원사용</label></th>
<td>
<?php echo help("사용에 체크하시면 이 그룹에 속한 게시판은 접근가능한 회원만 접근이 가능합니다.") ?>
<input type="checkbox" name="gr_use_access" value="1" id="gr_use_access" <?php echo $gr['gr_use_access']?'checked':''; ?>>
사용
</td>
</tr>
<tr>
<th scope="row">접근회원수</th>
<td>
<?php
echo '<a href="./boardgroupmember_list.php?gr_id='.$gr_id.'">'.$group_member_count.'</a>';
?>
</td>
</tr>
<?php for ($i=1; $i<=10; $i++) { ?>
<tr>
<th scope="row">여분필드<?php echo $i ?></th>
<td class="td_extra">
<label for="gr_<?php echo $i ?>_subj">여분필드 <?php echo $i ?> 제목</label>
<input type="text" name="gr_<?php echo $i ?>_subj" value="<?php echo isset($group['gr_'.$i.'_subj']) ? get_text($group['gr_'.$i.'_subj']) : ''; ?>" id="gr_<?php echo $i ?>_subj" class="frm_input">
<label for="gr_<?php echo $i ?>">여분필드 <?php echo $i ?> 내용</label>
<input type="text" name="gr_<?php echo $i ?>" value="<?php echo isset($gr['gr_'.$i]) ? get_sanitize_input($gr['gr_'.$i]) : ''; ?>" id="gr_<?php echo $i ?>" class="frm_input">
</td>
</tr>
<?php } ?>
</tbody>
</table>
</div>
<div class="tbl_frm01 tbl_wrap">
<table>
<caption><?php echo $g5['title']; ?></caption>
<colgroup>
<col class="grid_4">
<col>
</colgroup>
<tbody>
<tr>
<th scope="row"><label for="gr_id">그룹 ID<?php echo $sound_only ?></label></th>
<td><input type="text" name="gr_id" value="<?php echo $group['gr_id'] ?>" id="gr_id" <?php echo $gr_id_attr; ?> class="<?php echo $gr_id_attr; ?> alnum_ frm_input" maxlength="10">
<?php
if ($w == '') {
echo '영문자, 숫자, _ 만 가능 (공백없이)';
} else {
echo '<a href="' . G5_BBS_URL . '/group.php?gr_id=' . $group['gr_id'] . '" class="btn_frmline">게시판그룹 바로가기</a>';
}
?>
</td>
</tr>
<tr>
<th scope="row"><label for="gr_subject">그룹 제목<strong class="sound_only"> 필수</strong></label></th>
<td>
<input type="text" name="gr_subject" value="<?php echo get_text($group['gr_subject']) ?>" id="gr_subject" required class="required frm_input" size="80">
<?php
if ($w == 'u') {
echo '<a href="./board_form.php?gr_id=' . $gr_id . '" class="btn_frmline">게시판생성</a>';
}
?>
</td>
</tr>
<tr>
<th scope="row"><label for="gr_device">접속기기</label></th>
<td>
<?php echo help("PC 와 모바일 사용을 구분합니다.") ?>
<select id="gr_device" name="gr_device">
<option value="both" <?php echo get_selected($group['gr_device'], 'both', true); ?>>PC와 모바일에서 모두 사용</option>
<option value="pc" <?php echo get_selected($group['gr_device'], 'pc'); ?>>PC 전용</option>
<option value="mobile" <?php echo get_selected($group['gr_device'], 'mobile'); ?>>모바일 전용</option>
</select>
</td>
</tr>
<tr>
<th scope="row">
<?php
if ($is_admin == 'super') {
echo '<label for="gr_admin">그룹 관리자</label>';
} else {
echo '그룹 관리자';
}
?>
</th>
<td>
<?php
if ($is_admin == 'super') {
echo '<input type="text" id="gr_admin" name="gr_admin" class="frm_input" value="' . $gr['gr_admin'] . '" maxlength="20">';
} else {
echo '<input type="hidden" id="gr_admin" name="gr_admin" value="' . $gr['gr_admin'] . '">' . $gr['gr_admin'];
}
?>
</td>
</tr>
<tr>
<th scope="row"><label for="gr_use_access">접근회원사용</label></th>
<td>
<?php echo help("사용에 체크하시면 이 그룹에 속한 게시판은 접근가능한 회원만 접근이 가능합니다.") ?>
<input type="checkbox" name="gr_use_access" value="1" id="gr_use_access" <?php echo $gr['gr_use_access'] ? 'checked' : ''; ?>>
사용
</td>
</tr>
<tr>
<th scope="row">접근회원수</th>
<td>
<?php
echo '<a href="./boardgroupmember_list.php?gr_id=' . $gr_id . '">' . $group_member_count . '</a>';
?>
</td>
</tr>
<?php for ($i = 1; $i <= 10; $i++) { ?>
<tr>
<th scope="row">여분필드<?php echo $i ?></th>
<td class="td_extra">
<label for="gr_<?php echo $i ?>_subj">여분필드 <?php echo $i ?> 제목</label>
<input type="text" name="gr_<?php echo $i ?>_subj" value="<?php echo isset($group['gr_' . $i . '_subj']) ? get_text($group['gr_' . $i . '_subj']) : ''; ?>" id="gr_<?php echo $i ?>_subj" class="frm_input">
<label for="gr_<?php echo $i ?>">여분필드 <?php echo $i ?> 내용</label>
<input type="text" name="gr_<?php echo $i ?>" value="<?php echo isset($gr['gr_' . $i]) ? get_sanitize_input($gr['gr_' . $i]) : ''; ?>" id="gr_<?php echo $i ?>" class="frm_input">
</td>
</tr>
<?php } ?>
</tbody>
</table>
</div>
<div class="btn_fixed_top">
<a href="./boardgroup_list.php?<?php echo $qstr ?>" class="btn btn_02">목록</a>
<input type="submit" class="btn_submit btn" accesskey="s" value="확인">
</div>
<div class="btn_fixed_top">
<a href="./boardgroup_list.php?<?php echo $qstr ?>" class="btn btn_02">목록</a>
<input type="submit" class="btn_submit btn" accesskey="s" value="확인">
</div>
</form>
@ -161,12 +161,11 @@ include_once('./admin.head.php');
</div>
<script>
function fboardgroup_check(f)
{
f.action = './boardgroup_form_update.php';
return true;
}
function fboardgroup_check(f) {
f.action = './boardgroup_form_update.php';
return true;
}
</script>
<?php
include_once('./admin.tail.php');
require_once './admin.tail.php';

14
adm/boardgroup_form_update.php
View File

@ -1,6 +1,6 @@
<?php
$sub_menu = "300200";
include_once('./_common.php');
require_once './_common.php';
if ($w == 'u') {
check_demo();
@ -27,14 +27,14 @@ if (empty($gr_subject)) {
$posts = array();
$check_keys = array(
'gr_subject'=>'',
'gr_device'=>'',
'gr_admin'=>'',
'gr_subject' => '',
'gr_device' => '',
'gr_admin' => '',
);
for ($i = 1; $i <= 10; $i++) {
$check_keys['gr_'.$i.'_subj'] = isset($_POST['gr_'.$i.'_subj']) ? $_POST['gr_'.$i.'_subj'] : '';
$check_keys['gr_'.$i] = isset($_POST['gr_'.$i]) ? $_POST['gr_'.$i] : '';
$check_keys['gr_' . $i . '_subj'] = isset($_POST['gr_' . $i . '_subj']) ? $_POST['gr_' . $i . '_subj'] : '';
$check_keys['gr_' . $i] = isset($_POST['gr_' . $i]) ? $_POST['gr_' . $i] : '';
}
foreach ($check_keys as $key => $value) {
@ -96,4 +96,4 @@ if ($w == '') {
run_event('admin_boardgroup_form_update', $gr_id, $w);
goto_url('./boardgroup_form.php?w=u&amp;gr_id='.$gr_id.'&amp;'.$qstr);
goto_url('./boardgroup_form.php?w=u&amp;gr_id=' . $gr_id . '&amp;' . $qstr);

221
adm/boardgroup_list.php
View File

@ -1,6 +1,6 @@
<?php
$sub_menu = "300200";
include_once('./_common.php');
require_once './_common.php';
auth_check_menu($auth, $sub_menu, 'r');
@ -54,25 +54,25 @@ $from_record = ($page - 1) * $rows; // 시작 열을 구함
$sql = " select * {$sql_common} {$sql_search} {$sql_order} limit {$from_record}, {$rows} ";
$result = sql_query($sql);
$listall = '<a href="'.$_SERVER['SCRIPT_NAME'].'" class="ov_listall">처음</a>';
$listall = '<a href="' . $_SERVER['SCRIPT_NAME'] . '" class="ov_listall">처음</a>';
$g5['title'] = '게시판그룹설정';
include_once('./admin.head.php');
require_once './admin.head.php';
$colspan = 10;
?>
<div class="local_ov01 local_ov">
<?php echo $listall ?>
<span class="btn_ov01"><span class="ov_txt">전체그룹</span><span class="ov_num"> <?php echo number_format($total_count) ?>개</span></span>
<span class="btn_ov01"><span class="ov_txt">전체그룹</span><span class="ov_num"> <?php echo number_format($total_count) ?>개</span></span>
</div>
<form name="fsearch" id="fsearch" class="local_sch01 local_sch" method="get">
<label for="sfl" class="sound_only">검색대상</label>
<select name="sfl" id="sfl">
<option value="gr_subject"<?php echo get_selected($sfl, "gr_subject"); ?>>제목</option>
<option value="gr_id"<?php echo get_selected($sfl, "gr_id"); ?>>ID</option>
<option value="gr_admin"<?php echo get_selected($sfl, "gr_admin"); ?>>그룹관리자</option>
<option value="gr_subject" <?php echo get_selected($sfl, "gr_subject"); ?>>제목</option>
<option value="gr_id" <?php echo get_selected($sfl, "gr_id"); ?>>ID</option>
<option value="gr_admin" <?php echo get_selected($sfl, "gr_admin"); ?>>그룹관리자</option>
</select>
<label for="stx" class="sound_only">검색어<strong class="sound_only"> 필수</strong></label>
<input type="text" name="stx" id="stx" value="<?php echo $stx ?>" required class="required frm_input">
@ -81,102 +81,102 @@ $colspan = 10;
<form name="fboardgrouplist" id="fboardgrouplist" action="./boardgroup_list_update.php" onsubmit="return fboardgrouplist_submit(this);" method="post">
<input type="hidden" name="sst" value="<?php echo $sst ?>">
<input type="hidden" name="sod" value="<?php echo $sod ?>">
<input type="hidden" name="sfl" value="<?php echo $sfl ?>">
<input type="hidden" name="stx" value="<?php echo $stx ?>">
<input type="hidden" name="page" value="<?php echo $page ?>">
<input type="hidden" name="token" value="">
<input type="hidden" name="sst" value="<?php echo $sst ?>">
<input type="hidden" name="sod" value="<?php echo $sod ?>">
<input type="hidden" name="sfl" value="<?php echo $sfl ?>">
<input type="hidden" name="stx" value="<?php echo $stx ?>">
<input type="hidden" name="page" value="<?php echo $page ?>">
<input type="hidden" name="token" value="">
<div class="tbl_head01 tbl_wrap">
<table>
<caption><?php echo $g5['title']; ?> 목록</caption>
<thead>
<tr>
<th scope="col">
<label for="chkall" class="sound_only">그룹 전체</label>
<input type="checkbox" name="chkall" value="1" id="chkall" onclick="check_all(this.form)">
</th>
<th scope="col"><?php echo subject_sort_link('gr_id') ?>그룹아이디</a></th>
<th scope="col"><?php echo subject_sort_link('gr_subject') ?>제목</a></th>
<th scope="col"><?php echo subject_sort_link('gr_admin') ?>그룹관리자</a></th>
<th scope="col">게시판</th>
<th scope="col">접근<br>사용</th>
<th scope="col">접근<br>회원수</th>
<th scope="col"><?php echo subject_sort_link('gr_order') ?>출력<br>순서</a></th>
<th scope="col">접속기기</th>
<th scope="col">관리</th>
</tr>
</thead>
<tbody>
<?php
for ($i=0; $row=sql_fetch_array($result); $i++) {
// 접근회원수
$sql1 = " select count(*) as cnt from {$g5['group_member_table']} where gr_id = '{$row['gr_id']}' ";
$row1 = sql_fetch($sql1);
<div class="tbl_head01 tbl_wrap">
<table>
<caption><?php echo $g5['title']; ?> 목록</caption>
<thead>
<tr>
<th scope="col">
<label for="chkall" class="sound_only">그룹 전체</label>
<input type="checkbox" name="chkall" value="1" id="chkall" onclick="check_all(this.form)">
</th>
<th scope="col"><?php echo subject_sort_link('gr_id') ?>그룹아이디</a></th>
<th scope="col"><?php echo subject_sort_link('gr_subject') ?>제목</a></th>
<th scope="col"><?php echo subject_sort_link('gr_admin') ?>그룹관리자</a></th>
<th scope="col">게시판</th>
<th scope="col">접근<br>사용</th>
<th scope="col">접근<br>회원수</th>
<th scope="col"><?php echo subject_sort_link('gr_order') ?>출력<br>순서</a></th>
<th scope="col">접속기기</th>
<th scope="col">관리</th>
</tr>
</thead>
<tbody>
<?php
for ($i = 0; $row = sql_fetch_array($result); $i++) {
// 접근회원수
$sql1 = " select count(*) as cnt from {$g5['group_member_table']} where gr_id = '{$row['gr_id']}' ";
$row1 = sql_fetch($sql1);
// 게시판수
$sql2 = " select count(*) as cnt from {$g5['board_table']} where gr_id = '{$row['gr_id']}' ";
$row2 = sql_fetch($sql2);
// 게시판수
$sql2 = " select count(*) as cnt from {$g5['board_table']} where gr_id = '{$row['gr_id']}' ";
$row2 = sql_fetch($sql2);
$s_upd = '<a href="./boardgroup_form.php?'.$qstr.'&amp;w=u&amp;gr_id='.$row['gr_id'].'" class="btn_03 btn">수정</a>';
$s_upd = '<a href="./boardgroup_form.php?' . $qstr . '&amp;w=u&amp;gr_id=' . $row['gr_id'] . '" class="btn_03 btn">수정</a>';
$bg = 'bg'.($i%2);
?>
$bg = 'bg' . ($i % 2);
?>
<tr class="<?php echo $bg; ?>">
<td class="td_chk">
<input type="hidden" name="group_id[<?php echo $i ?>]" value="<?php echo $row['gr_id'] ?>">
<label for="chk_<?php echo $i; ?>" class="sound_only"><?php echo get_text($row['gr_subject']); ?> 그룹</label>
<input type="checkbox" name="chk[]" value="<?php echo $i ?>" id="chk_<?php echo $i ?>">
</td>
<td class="td_left"><a href="<?php echo G5_BBS_URL ?>/group.php?gr_id=<?php echo $row['gr_id'] ?>"><?php echo $row['gr_id'] ?></a></td>
<td class="td_input">
<label for="gr_subject_<?php echo $i; ?>" class="sound_only">그룹제목</label>
<input type="text" name="gr_subject[<?php echo $i ?>]" value="<?php echo get_text($row['gr_subject']) ?>" id="gr_subject_<?php echo $i ?>" class="tbl_input">
</td>
<td class="td_mng td_input">
<?php if ($is_admin == 'super') { ?>
<label for="gr_admin_<?php echo $i; ?>" class="sound_only">그룹관리자</label>
<input type="text" name="gr_admin[<?php echo $i ?>]" value="<?php echo get_sanitize_input($row['gr_admin']); ?>" id="gr_admin_<?php echo $i ?>" class="tbl_input" size="10" maxlength="20">
<?php } else { ?>
<input type="hidden" name="gr_admin[<?php echo $i ?>]" value="<?php echo get_sanitize_input($row['gr_admin']); ?>"><?php echo get_text($row['gr_admin']); ?>
<?php } ?>
</td>
<td class="td_num"><a href="./board_list.php?sfl=a.gr_id&amp;stx=<?php echo $row['gr_id'] ?>"><?php echo $row2['cnt'] ?></a></td>
<td class="td_numsmall">
<label for="gr_use_access_<?php echo $i; ?>" class="sound_only">접근회원 사용</label>
<input type="checkbox" name="gr_use_access[<?php echo $i ?>]" <?php echo $row['gr_use_access']?'checked':'' ?> value="1" id="gr_use_access_<?php echo $i ?>">
</td>
<td class="td_num"><a href="./boardgroupmember_list.php?gr_id=<?php echo $row['gr_id'] ?>"><?php echo $row1['cnt'] ?></a></td>
<td class="td_numsmall">
<label for="gr_order_<?php echo $i; ?>" class="sound_only">메인메뉴 출력순서</label>
<input type="text" name="gr_order[<?php echo $i ?>]" value="<?php echo $row['gr_order'] ?>" id="gr_order_<?php echo $i ?>" class="tbl_input" size="2">
</td>
<td class="td_mng">
<label for="gr_device_<?php echo $i; ?>" class="sound_only">접속기기</label>
<select name="gr_device[<?php echo $i ?>]" id="gr_device_<?php echo $i ?>">
<option value="both"<?php echo get_selected($row['gr_device'], 'both'); ?>>모두</option>
<option value="pc"<?php echo get_selected($row['gr_device'], 'pc'); ?>>PC</option>
<option value="mobile"<?php echo get_selected($row['gr_device'], 'mobile'); ?>>모바일</option>
</select>
</td>
<td class="td_mng td_mng_s"><?php echo $s_upd ?></td>
</tr>
<?php
}
if ($i == 0) {
echo '<tr><td colspan="'.$colspan.'" class="empty_table">자료가 없습니다.</td></tr>';
}
?>
</table>
</div>
<tr class="<?php echo $bg; ?>">
<td class="td_chk">
<input type="hidden" name="group_id[<?php echo $i ?>]" value="<?php echo $row['gr_id'] ?>">
<label for="chk_<?php echo $i; ?>" class="sound_only"><?php echo get_text($row['gr_subject']); ?> 그룹</label>
<input type="checkbox" name="chk[]" value="<?php echo $i ?>" id="chk_<?php echo $i ?>">
</td>
<td class="td_left"><a href="<?php echo G5_BBS_URL ?>/group.php?gr_id=<?php echo $row['gr_id'] ?>"><?php echo $row['gr_id'] ?></a></td>
<td class="td_input">
<label for="gr_subject_<?php echo $i; ?>" class="sound_only">그룹제목</label>
<input type="text" name="gr_subject[<?php echo $i ?>]" value="<?php echo get_text($row['gr_subject']) ?>" id="gr_subject_<?php echo $i ?>" class="tbl_input">
</td>
<td class="td_mng td_input">
<?php if ($is_admin == 'super') { ?>
<label for="gr_admin_<?php echo $i; ?>" class="sound_only">그룹관리자</label>
<input type="text" name="gr_admin[<?php echo $i ?>]" value="<?php echo get_sanitize_input($row['gr_admin']); ?>" id="gr_admin_<?php echo $i ?>" class="tbl_input" size="10" maxlength="20">
<?php } else { ?>
<input type="hidden" name="gr_admin[<?php echo $i ?>]" value="<?php echo get_sanitize_input($row['gr_admin']); ?>"><?php echo get_text($row['gr_admin']); ?>
<?php } ?>
</td>
<td class="td_num"><a href="./board_list.php?sfl=a.gr_id&amp;stx=<?php echo $row['gr_id'] ?>"><?php echo $row2['cnt'] ?></a></td>
<td class="td_numsmall">
<label for="gr_use_access_<?php echo $i; ?>" class="sound_only">접근회원 사용</label>
<input type="checkbox" name="gr_use_access[<?php echo $i ?>]" <?php echo $row['gr_use_access'] ? 'checked' : '' ?> value="1" id="gr_use_access_<?php echo $i ?>">
</td>
<td class="td_num"><a href="./boardgroupmember_list.php?gr_id=<?php echo $row['gr_id'] ?>"><?php echo $row1['cnt'] ?></a></td>
<td class="td_numsmall">
<label for="gr_order_<?php echo $i; ?>" class="sound_only">메인메뉴 출력순서</label>
<input type="text" name="gr_order[<?php echo $i ?>]" value="<?php echo $row['gr_order'] ?>" id="gr_order_<?php echo $i ?>" class="tbl_input" size="2">
</td>
<td class="td_mng">
<label for="gr_device_<?php echo $i; ?>" class="sound_only">접속기기</label>
<select name="gr_device[<?php echo $i ?>]" id="gr_device_<?php echo $i ?>">
<option value="both" <?php echo get_selected($row['gr_device'], 'both'); ?>>모두</option>
<option value="pc" <?php echo get_selected($row['gr_device'], 'pc'); ?>>PC</option>
<option value="mobile" <?php echo get_selected($row['gr_device'], 'mobile'); ?>>모바일</option>
</select>
</td>
<td class="td_mng td_mng_s"><?php echo $s_upd ?></td>
</tr>
<?php
}
if ($i == 0) {
echo '<tr><td colspan="' . $colspan . '" class="empty_table">자료가 없습니다.</td></tr>';
}
?>
</table>
</div>
<div class="btn_fixed_top">
<input type="submit" name="act_button" onclick="document.pressed=this.value" value="선택수정" class="btn btn_02">
<input type="submit" name="act_button" onclick="document.pressed=this.value" value="선택삭제" class="btn btn_02">
<a href="./boardgroup_form.php" class="btn btn_01">게시판그룹 추가</a>
</div>
<div class="btn_fixed_top">
<input type="submit" name="act_button" onclick="document.pressed=this.value" value="선택수정" class="btn btn_02">
<input type="submit" name="act_button" onclick="document.pressed=this.value" value="선택삭제" class="btn btn_02">
<a href="./boardgroup_form.php" class="btn btn_01">게시판그룹 추가</a>
</div>
</form>
<div class="local_desc01 local_desc">
@ -187,27 +187,26 @@ $colspan = 10;
</div>
<?php
$pagelist = get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, $_SERVER['SCRIPT_NAME'].'?'.$qstr.'&amp;page=');
$pagelist = get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, $_SERVER['SCRIPT_NAME'] . '?' . $qstr . '&amp;page=');
echo $pagelist;
?>
<script>
function fboardgrouplist_submit(f)
{
if (!is_checked("chk[]")) {
alert(document.pressed+" 하실 항목을 하나 이상 선택하세요.");
return false;
}
if(document.pressed == "선택삭제") {
if(!confirm("선택한 자료를 정말 삭제하시겠습니까?")) {
function fboardgrouplist_submit(f) {
if (!is_checked("chk[]")) {
alert(document.pressed + " 하실 항목을 하나 이상 선택하세요.");
return false;
}
}
return true;
}
if (document.pressed == "선택삭제") {
if (!confirm("선택한 자료를 정말 삭제하시겠습니까?")) {
return false;
}
}
return true;
}
</script>
<?php
include_once('./admin.tail.php');
require_once './admin.tail.php';

18
adm/boardgroup_list_update.php
View File

@ -1,6 +1,6 @@
<?php
$sub_menu = "300200";
include_once('./_common.php');
require_once './_common.php';
check_demo();
@ -15,10 +15,10 @@ $act_button = isset($_POST['act_button']) ? $_POST['act_button'] : '';
$chk_count = count($post_chk);
if (!$chk_count) {
alert($act_button.'할 게시판그룹을 1개이상 선택해 주세요.');
alert($act_button . '할 게시판그룹을 1개이상 선택해 주세요.');
}
for ($i=0; $i<$chk_count; $i++) {
for ($i = 0; $i < $chk_count; $i++) {
$k = isset($post_chk[$i]) ? (int) $post_chk[$i] : 0;
$gr_id = preg_replace('/[^a-z0-9_]/i', '', $post_group_id[$k]);
$gr_subject = isset($_POST['gr_subject'][$k]) ? strip_tags(clean_xss_attributes($_POST['gr_subject'][$k])) : '';
@ -30,10 +30,10 @@ for ($i=0; $i<$chk_count; $i++) {
if ($act_button == '선택수정') {
$sql = " update {$g5['group_table']}
set gr_subject = '{$gr_subject}',
gr_device = '".sql_real_escape_string($gr_device)."',
gr_admin = '".sql_real_escape_string($gr_admin)."',
gr_use_access = '".$gr_use_access."',
gr_order = '".$gr_order."'
gr_device = '" . sql_real_escape_string($gr_device) . "',
gr_admin = '" . sql_real_escape_string($gr_admin) . "',
gr_use_access = '" . $gr_use_access . "',
gr_order = '" . $gr_order . "'
where gr_id = '{$gr_id}' ";
if ($is_admin != 'super') {
$sql .= " and gr_admin = '{$gr_admin}' ";
@ -42,7 +42,7 @@ for ($i=0; $i<$chk_count; $i++) {
} elseif ($act_button == '선택삭제') {
$row = sql_fetch(" select count(*) as cnt from {$g5['board_table']} where gr_id = '$gr_id' ");
if ($row['cnt']) {
alert("이 그룹에 속한 게시판이 존재하여 게시판 그룹을 삭제할 수 없습니다.\\n\\n이 그룹에 속한 게시판을 먼저 삭제하여 주십시오.", './board_list.php?sfl=gr_id&amp;stx='.$gr_id);
alert("이 그룹에 속한 게시판이 존재하여 게시판 그룹을 삭제할 수 없습니다.\\n\\n이 그룹에 속한 게시판을 먼저 삭제하여 주십시오.", './board_list.php?sfl=gr_id&amp;stx=' . $gr_id);
}
// 그룹 삭제
@ -55,4 +55,4 @@ for ($i=0; $i<$chk_count; $i++) {
run_event('admin_boardgroup_list_update', $act_button, $post_chk, $post_group_id, $qstr);
goto_url('./boardgroup_list.php?'.$qstr);
goto_url('./boardgroup_list.php?' . $qstr);

98
adm/boardgroupmember_form.php
View File

@ -1,24 +1,23 @@
<?php
$sub_menu = "300200";
include_once('./_common.php');
require_once './_common.php';
auth_check_menu($auth, $sub_menu, 'w');
$mb = get_member($mb_id);
$token = isset($token) ? $token : '';
if (! (isset($mb['mb_id']) && $mb['mb_id'])) {
if (!(isset($mb['mb_id']) && $mb['mb_id'])) {
alert('존재하지 않는 회원입니다.');
}
$g5['title'] = '접근가능그룹';
include_once('./admin.head.php');
require_once './admin.head.php';
$colspan = 4;
?>
<form name="fboardgroupmember_form" id="fboardgroupmember_form" action="./boardgroupmember_update.php"
onsubmit="return boardgroupmember_form_check(this)" method="post">
<form name="fboardgroupmember_form" id="fboardgroupmember_form" action="./boardgroupmember_update.php" onsubmit="return boardgroupmember_form_check(this)" method="post">
<input type="hidden" name="mb_id" value="<?php echo $mb['mb_id'] ?>" id="mb_id">
<input type="hidden" name="token" value="" id="token">
@ -26,7 +25,7 @@ $colspan = 4;
<span class="btn_ov01"><span class="ov_txt"> 아이디</span><span class="ov_num"><?php echo $mb['mb_id'] ?></span></span>
<span class="btn_ov01"><span class="ov_txt"> 이름</span><span class="ov_num"><?php echo get_text($mb['mb_name']); ?></span></span>
<span class="btn_ov01"><span class="ov_txt"> 닉네임</span><span class="ov_num"><?php echo $mb['mb_nick'] ?></span></span>
</div>
</div>
<div class="local_cmd01 local_cmd">
<label for="gr_id">그룹지정</label>
@ -41,8 +40,8 @@ $colspan = 4;
}
$sql .= " order by gr_id ";
$result = sql_query($sql);
for ($i=0; $row=sql_fetch_array($result); $i++) {
echo "<option value=\"".$row['gr_id']."\">".$row['gr_subject']."</option>";
for ($i = 0; $row = sql_fetch_array($result); $i++) {
echo "<option value=\"" . $row['gr_id'] . "\">" . $row['gr_subject'] . "</option>";
}
?>
</select>
@ -50,8 +49,7 @@ $colspan = 4;
</div>
</form>
<form name="fboardgroupmember" id="fboardgroupmember" action="./boardgroupmember_update.php"
onsubmit="return fboardgroupmember_submit(this);" method="post">
<form name="fboardgroupmember" id="fboardgroupmember" action="./boardgroupmember_update.php" onsubmit="return fboardgroupmember_submit(this);" method="post">
<input type="hidden" name="sst" value="<?php echo $sst ?>" id="sst">
<input type="hidden" name="sod" value="<?php echo $sod ?>" id="sod">
<input type="hidden" name="sfl" value="<?php echo $sfl ?>" id="sfl">
@ -76,33 +74,33 @@ $colspan = 4;
</tr>
</thead>
<tbody>
<?php
$sql = " select * from {$g5['group_member_table']} a, {$g5['group_table']} b
<?php
$sql = " select * from {$g5['group_member_table']} a, {$g5['group_table']} b
where a.mb_id = '{$mb['mb_id']}'
and a.gr_id = b.gr_id ";
if ($is_admin != 'super') {
$sql .= " and b.gr_admin = '{$member['mb_id']}' ";
}
$sql .= " order by a.gr_id desc ";
$result = sql_query($sql);
for ($i=0; $row=sql_fetch_array($result); $i++) {
?>
<tr>
<td class="td_chk">
<label for="chk_<?php echo $i; ?>" class="sound_only"><?php echo $row['gr_subject'] ?> 그룹</label>
<input type="checkbox" name="chk[]" value="<?php echo $row['gm_id'] ?>" id="chk_<?php echo $i ?>">
</td>
<td class="td_grid"><a href="<?php echo G5_BBS_URL; ?>/group.php?gr_id=<?php echo $row['gr_id'] ?>"><?php echo $row['gr_id'] ?></a></td>
<td class="td_category"><?php echo $row['gr_subject'] ?></td>
<td class="td_datetime"><?php echo $row['gm_datetime'] ?></td>
</tr>
<?php
}
if ($is_admin != 'super') {
$sql .= " and b.gr_admin = '{$member['mb_id']}' ";
}
$sql .= " order by a.gr_id desc ";
$result = sql_query($sql);
for ($i = 0; $row = sql_fetch_array($result); $i++) {
?>
<tr>
<td class="td_chk">
<label for="chk_<?php echo $i; ?>" class="sound_only"><?php echo $row['gr_subject'] ?> 그룹</label>
<input type="checkbox" name="chk[]" value="<?php echo $row['gm_id'] ?>" id="chk_<?php echo $i ?>">
</td>
<td class="td_grid"><a href="<?php echo G5_BBS_URL; ?>/group.php?gr_id=<?php echo $row['gr_id'] ?>"><?php echo $row['gr_id'] ?></a></td>
<td class="td_category"><?php echo $row['gr_subject'] ?></td>
<td class="td_datetime"><?php echo $row['gm_datetime'] ?></td>
</tr>
<?php
}
if ($i == 0) {
echo '<tr><td colspan="'.$colspan.'" class="empty_table">접근가능한 그룹이 없습니다.</td></tr>';
}
?>
if ($i == 0) {
echo '<tr><td colspan="' . $colspan . '" class="empty_table">접근가능한 그룹이 없습니다.</td></tr>';
}
?>
</tbody>
</table>
</div>
@ -113,26 +111,24 @@ $colspan = 4;
</form>
<script>
function fboardgroupmember_submit(f)
{
if (!is_checked("chk[]")) {
alert("선택삭제 하실 항목을 하나 이상 선택하세요.");
return false;
function fboardgroupmember_submit(f) {
if (!is_checked("chk[]")) {
alert("선택삭제 하실 항목을 하나 이상 선택하세요.");
return false;
}
return true;
}
return true;
}
function boardgroupmember_form_check(f) {
if (f.gr_id.value == '') {
alert('접근가능 그룹을 선택하세요.');
return false;
}
function boardgroupmember_form_check(f)
{
if (f.gr_id.value == '') {
alert('접근가능 그룹을 선택하세요.');
return false;
return true;
}
return true;
}
</script>
<?php
include_once('./admin.tail.php');
require_once './admin.tail.php';

98
adm/boardgroupmember_list.php
View File

@ -1,6 +1,6 @@
<?php
$sub_menu = "300200";
include_once('./_common.php');
require_once './_common.php';
auth_check_menu($auth, $sub_menu, 'r');
@ -51,8 +51,8 @@ $sql = " select *
limit {$from_record}, {$rows} ";
$result = sql_query($sql);
$g5['title'] = $gr['gr_subject'].' 그룹 접근가능회원 (그룹아이디:'.$gr['gr_id'].')';
include_once('./admin.head.php');
$g5['title'] = $gr['gr_subject'] . ' 그룹 접근가능회원 (그룹아이디:' . $gr['gr_id'] . ')';
require_once './admin.head.php';
$colspan = 7;
?>
@ -61,15 +61,14 @@ $colspan = 7;
<input type="hidden" name="gr_id" value="<?php echo $gr_id ?>">
<label for="sfl" class="sound_only">검색대상</label>
<select name="sfl" id="sfl">
<option value="a.mb_id"<?php echo get_selected($sfl, "a.mb_id") ?>>회원아이디</option>
<option value="a.mb_id" <?php echo get_selected($sfl, "a.mb_id") ?>>회원아이디</option>
</select>
<label for="stx" class="sound_only">검색어<strong class="sound_only"> 필수</strong></label>
<input type="text" name="stx" value="<?php echo $stx ?>" id="stx" required class="required frm_input">
<input type="submit" value="검색" class="btn_submit">
</form>
<form name="fboardgroupmember" id="fboardgroupmember" action="./boardgroupmember_update.php"
onsubmit="return fboardgroupmember_submit(this);" method="post">
<form name="fboardgroupmember" id="fboardgroupmember" action="./boardgroupmember_update.php" onsubmit="return fboardgroupmember_submit(this);" method="post">
<input type="hidden" name="sst" value="<?php echo $sst ?>">
<input type="hidden" name="sod" value="<?php echo $sod ?>">
<input type="hidden" name="sfl" value="<?php echo $sfl ?>">
@ -89,47 +88,47 @@ $colspan = 7;
<input type="checkbox" name="chkall" value="1" id="chkall" onclick="check_all(this.form)">
</th>
<th scope="col">그룹</th>
<th scope="col"><?php echo subject_sort_link('b.mb_id', 'gr_id='.$gr_id) ?>회원아이디</a></th>
<th scope="col"><?php echo subject_sort_link('b.mb_name', 'gr_id='.$gr_id) ?>이름</a></th>
<th scope="col"><?php echo subject_sort_link('b.mb_nick', 'gr_id='.$gr_id) ?>별명</a></th>
<th scope="col"><?php echo subject_sort_link('b.mb_today_login', 'gr_id='.$gr_id) ?>최종접속</a></th>
<th scope="col"><?php echo subject_sort_link('a.gm_datetime', 'gr_id='.$gr_id) ?>처리일시</a></th>
<th scope="col"><?php echo subject_sort_link('b.mb_id', 'gr_id=' . $gr_id) ?>회원아이디</a></th>
<th scope="col"><?php echo subject_sort_link('b.mb_name', 'gr_id=' . $gr_id) ?>이름</a></th>
<th scope="col"><?php echo subject_sort_link('b.mb_nick', 'gr_id=' . $gr_id) ?>별명</a></th>
<th scope="col"><?php echo subject_sort_link('b.mb_today_login', 'gr_id=' . $gr_id) ?>최종접속</a></th>
<th scope="col"><?php echo subject_sort_link('a.gm_datetime', 'gr_id=' . $gr_id) ?>처리일시</a></th>
</tr>
</thead>
<tbody>
<?php
for ($i=0; $row=sql_fetch_array($result); $i++) {
// 접근가능한 그룹수
$sql2 = " select count(*) as cnt from {$g5['group_member_table']} where mb_id = '{$row['mb_id']}' ";
$row2 = sql_fetch($sql2);
$group = "";
if ($row2['cnt']) {
$group = '<a href="./boardgroupmember_form.php?mb_id='.$row['mb_id'].'">'.$row2['cnt'].'</a>';
<?php
for ($i = 0; $row = sql_fetch_array($result); $i++) {
// 접근가능한 그룹수
$sql2 = " select count(*) as cnt from {$g5['group_member_table']} where mb_id = '{$row['mb_id']}' ";
$row2 = sql_fetch($sql2);
$group = "";
if ($row2['cnt']) {
$group = '<a href="./boardgroupmember_form.php?mb_id=' . $row['mb_id'] . '">' . $row2['cnt'] . '</a>';
}
$mb_nick = get_sideview($row['mb_id'], $row['mb_nick'], $row['mb_email'], $row['mb_homepage']);
$bg = 'bg' . ($i % 2);
?>
<tr class="<?php echo $bg; ?>">
<td class="td_chk">
<label for="chk_<?php echo $i; ?>" class="sound_only"><?php echo $row['mb_nick'] ?> 회원</label>
<input type="checkbox" name="chk[]" value="<?php echo $row['gm_id'] ?>" id="chk_<?php echo $i ?>">
</td>
<td class="td_grid"><?php echo $group ?></td>
<td class="td_mbid"><?php echo $row['mb_id'] ?></td>
<td class="td_mbname"><?php echo get_text($row['mb_name']); ?></td>
<td class="td_name sv_use"><?php echo $mb_nick ?></td>
<td class="td_datetime"><?php echo substr($row['mb_today_login'], 2, 8) ?></td>
<td class="td_datetime"><?php echo $row['gm_datetime'] ?></td>
</tr>
<?php
}
$mb_nick = get_sideview($row['mb_id'], $row['mb_nick'], $row['mb_email'], $row['mb_homepage']);
$bg = 'bg'.($i%2);
if ($i == 0) {
echo '<tr><td colspan="' . $colspan . '" class="empty_table">자료가 없습니다.</td></tr>';
}
?>
<tr class="<?php echo $bg; ?>">
<td class="td_chk">
<label for="chk_<?php echo $i; ?>" class="sound_only"><?php echo $row['mb_nick'] ?> 회원</label>
<input type="checkbox" name="chk[]" value="<?php echo $row['gm_id'] ?>" id="chk_<?php echo $i ?>">
</td>
<td class="td_grid"><?php echo $group ?></td>
<td class="td_mbid"><?php echo $row['mb_id'] ?></td>
<td class="td_mbname"><?php echo get_text($row['mb_name']); ?></td>
<td class="td_name sv_use"><?php echo $mb_nick ?></td>
<td class="td_datetime"><?php echo substr($row['mb_today_login'], 2, 8) ?></td>
<td class="td_datetime"><?php echo $row['gm_datetime'] ?></td>
</tr>
<?php
}
if ($i == 0) {
echo '<tr><td colspan="'.$colspan.'" class="empty_table">자료가 없습니다.</td></tr>';
}
?>
</tbody>
</table>
</div>
@ -144,16 +143,15 @@ echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pa
?>
<script>
function fboardgroupmember_submit(f)
{
if (!is_checked("chk[]")) {
alert("선택삭제 하실 항목을 하나 이상 선택하세요.");
return false;
}
function fboardgroupmember_submit(f) {
if (!is_checked("chk[]")) {
alert("선택삭제 하실 항목을 하나 이상 선택하세요.");
return false;
}
return true;
}
return true;
}
</script>
<?php
include_once('./admin.tail.php');
require_once './admin.tail.php';

8
adm/boardgroupmember_update.php
View File

@ -1,6 +1,6 @@
<?php
$sub_menu = "300200";
include_once('./_common.php');
require_once './_common.php';
sql_query(" ALTER TABLE {$g5['group_member_table']} CHANGE `gm_id` `gm_id` INT( 11 ) DEFAULT '0' NOT NULL AUTO_INCREMENT ", false);
@ -30,7 +30,7 @@ if ($w == '') {
$sql = " insert into {$g5['group_member_table']}
set gr_id = '{$_POST['gr_id']}',
mb_id = '{$_POST['mb_id']}',
gm_datetime = '".G5_TIME_YMDHIS."' ";
gm_datetime = '" . G5_TIME_YMDHIS . "' ";
sql_query($sql);
}
} elseif ($w == 'd' || $w == 'ld') {
@ -61,7 +61,7 @@ if ($w == '') {
}
if ($w == 'ld') {
goto_url('./boardgroupmember_list.php?gr_id='.$gr_id);
goto_url('./boardgroupmember_list.php?gr_id=' . $gr_id);
} else {
goto_url('./boardgroupmember_form.php?mb_id='.$mb_id);
goto_url('./boardgroupmember_form.php?mb_id=' . $mb_id);
}

38
adm/browscap.php
View File

@ -1,6 +1,6 @@
<?php
$sub_menu = "100510";
include_once('./_common.php');
require_once './_common.php';
if (!(version_compare(phpversion(), '5.3.0', '>=') && defined('G5_BROWSCAP_USE') && G5_BROWSCAP_USE)) {
alert('사용할 수 없는 기능입니다.', correct_goto_url(G5_ADMIN_URL));
@ -11,7 +11,7 @@ if ($is_admin != 'super') {
}
$g5['title'] = 'Browscap 업데이트';
include_once('./admin.head.php');
require_once './admin.head.php';
?>
<div id="processing">
@ -20,27 +20,27 @@ include_once('./admin.head.php');
</div>
<script>
$(function() {
$("#run_update").on("click", function() {
$("#processing").html('<div class="update_processing"></div><p>Browscap 정보를 업데이트 중입니다.</p>');
$(function() {
$("#run_update").on("click", function() {
$("#processing").html('<div class="update_processing"></div><p>Browscap 정보를 업데이트 중입니다.</p>');
$.ajax({
url: "./browscap_update.php",
async: true,
cache: false,
dataType: "html",
success: function(data) {
if(data != "") {
alert(data);
return false;
$.ajax({
url: "./browscap_update.php",
async: true,
cache: false,
dataType: "html",
success: function(data) {
if (data != "") {
alert(data);
return false;
}
$("#processing").html("<div class='check_processing'></div><p>Browscap 정보를 업데이트 했습니다.</p>");
}
$("#processing").html("<div class='check_processing'></div><p>Browscap 정보를 업데이트 했습니다.</p>");
}
});
});
});
});
</script>
<?php
include_once('./admin.tail.php');
require_once './admin.tail.php';

36
adm/browscap_convert.php
View File

@ -1,6 +1,6 @@
<?php
$sub_menu = "100520";
include_once('./_common.php');
require_once './_common.php';
if (!(version_compare(phpversion(), '5.3.0', '>=') && defined('G5_BROWSCAP_USE') && G5_BROWSCAP_USE)) {
alert('사용할 수 없는 기능입니다.', correct_goto_url(G5_ADMIN_URL));
@ -16,7 +16,7 @@ if (!$rows) {
}
$g5['title'] = '접속로그 변환';
include_once('./admin.head.php');
require_once './admin.head.php';
?>
<div id="processing">
@ -25,24 +25,26 @@ include_once('./admin.head.php');
</div>
<script>
$(function() {
$(document).on("click", "#run_update", function() {
$("#processing").html('<div class="update_processing"></div><p>Browscap 정보로 변환 중입니다.</p>');
$(function() {
$(document).on("click", "#run_update", function() {
$("#processing").html('<div class="update_processing"></div><p>Browscap 정보로 변환 중입니다.</p>');
$.ajax({
method: "GET",
url: "./browscap_converter.php",
data: { rows: "<?php echo strval($rows); ?>" },
async: true,
cache: false,
dataType: "html",
success: function(data) {
$("#processing").html(data);
}
$.ajax({
method: "GET",
url: "./browscap_converter.php",
data: {
rows: "<?php echo strval($rows); ?>"
},
async: true,
cache: false,
dataType: "html",
success: function(data) {
$("#processing").html(data);
}
});
});
});
});
</script>
<?php
include_once('./admin.tail.php');
require_once './admin.tail.php';

14
adm/browscap_converter.php
View File

@ -1,6 +1,6 @@
<?php
ini_set('memory_limit', '-1');
include_once('./_common.php');
require_once './_common.php';
// clean the output buffer
ob_end_clean();
@ -14,14 +14,14 @@ if ($is_admin != 'super') {
}
// browscap cache 파일 체크
if (!is_file(G5_DATA_PATH.'/cache/browscap_cache.php')) {
echo '<p>Browscap 정보가 없습니다. 아래 링크로 이동해 Browscap 정보를 업데이트 하세요.</p>'.PHP_EOL;
echo '<p><a href="'.G5_ADMIN_URL.'/browscap.php">Browscap 업데이트</a></p>'.PHP_EOL;
if (!is_file(G5_DATA_PATH . '/cache/browscap_cache.php')) {
echo '<p>Browscap 정보가 없습니다. 아래 링크로 이동해 Browscap 정보를 업데이트 하세요.</p>' . PHP_EOL;
echo '<p><a href="' . G5_ADMIN_URL . '/browscap.php">Browscap 업데이트</a></p>' . PHP_EOL;
exit;
}
include_once(G5_PLUGIN_PATH.'/browscap/Browscap.php');
$browscap = new phpbrowscap\Browscap(G5_DATA_PATH.'/cache');
require_once G5_PLUGIN_PATH . '/browscap/Browscap.php';
$browscap = new phpbrowscap\Browscap(G5_DATA_PATH . '/cache');
$browscap->doAutoUpdate = false;
$browscap->cacheFilename = 'browscap_cache.php';
@ -77,5 +77,5 @@ for ($i = 0; $row = sql_fetch_array($result); $i++) {
if (($total_count - $cnt) == 0 || $total_count == 0) {
echo '<div class="check_processing"></div><p>변환완료</p>';
} else {
echo '<p>총 '.number_format($total_count).'건 중 '.number_format($cnt).'건 변환완료<br><br>접속로그를 추가로 변환하시려면 아래 업데이트 버튼을 클릭해 주세요.</p><button type="button" id="run_update">업데이트</button>';
echo '<p>총 ' . number_format($total_count) . '건 중 ' . number_format($cnt) . '건 변환완료<br><br>접속로그를 추가로 변환하시려면 아래 업데이트 버튼을 클릭해 주세요.</p><button type="button" id="run_update">업데이트</button>';
}

6
adm/browscap_update.php
View File

@ -2,7 +2,7 @@
ini_set('memory_limit', '-1');
$sub_menu = "100510";
include_once('./_common.php');
require_once './_common.php';
// clean the output buffer
ob_end_clean();
@ -15,9 +15,9 @@ if ($is_admin != 'super') {
die('최고관리자만 접근 가능합니다.');
}
include_once(G5_PLUGIN_PATH.'/browscap/Browscap.php');
require_once G5_PLUGIN_PATH . '/browscap/Browscap.php';
$browscap = new phpbrowscap\Browscap(G5_DATA_PATH.'/cache');
$browscap = new phpbrowscap\Browscap(G5_DATA_PATH . '/cache');
$browscap->updateMethod = 'cURL';
$browscap->cacheFilename = 'browscap_cache.php';
$browscap->updateCache();

120
adm/cache_file_delete.php
View File

@ -1,59 +1,61 @@
<?php
$sub_menu = '100900';
include_once('./_common.php');
if ($is_admin != 'super')
alert('최고관리자만 접근 가능합니다.', G5_URL);
@include_once('./safe_check.php');
if(function_exists('social_log_file_delete')){
social_log_file_delete();
}
run_event('adm_cache_file_delete_before');
$g5['title'] = '캐시파일 일괄삭제';
include_once('./admin.head.php');
?>
<div class="local_desc02 local_desc">
<p>
완료 메세지가 나오기 전에 프로그램의 실행을 중지하지 마십시오.
</p>
</div>
<?php
flush();
if (!$dir=@opendir(G5_DATA_PATH.'/cache')) {
echo '<p>캐시디렉토리를 열지못했습니다.</p>';
}
$cnt=0;
echo '<ul class="session_del">'.PHP_EOL;
$files = glob(G5_DATA_PATH.'/cache/latest-*');
$content_files = glob(G5_DATA_PATH.'/cache/content-*');
$files = array_merge($files, $content_files);
if (is_array($files)) {
foreach ($files as $cache_file) {
$cnt++;
unlink($cache_file);
echo '<li>'.$cache_file.'</li>'.PHP_EOL;
flush();
if ($cnt%10==0)
echo PHP_EOL;
}
}
run_event('adm_cache_file_delete');
echo '<li>완료됨</li></ul>'.PHP_EOL;
echo '<div class="local_desc01 local_desc"><p><strong>최신글 캐시파일 '.$cnt.'건 삭제 완료됐습니다.</strong><br>프로그램의 실행을 끝마치셔도 좋습니다.</p></div>'.PHP_EOL;
?>
<?php
include_once('./admin.tail.php');
<?php
$sub_menu = '100900';
require_once './_common.php';
if ($is_admin != 'super') {
alert('최고관리자만 접근 가능합니다.', G5_URL);
}
@require_once './safe_check.php';
if (function_exists('social_log_file_delete')) {
social_log_file_delete();
}
run_event('adm_cache_file_delete_before');
$g5['title'] = '캐시파일 일괄삭제';
require_once './admin.head.php';
?>
<div class="local_desc02 local_desc">
<p>
완료 메세지가 나오기 전에 프로그램의 실행을 중지하지 마십시오.
</p>
</div>
<?php
flush();
if (!$dir = @opendir(G5_DATA_PATH . '/cache')) {
echo '<p>캐시디렉토리를 열지못했습니다.</p>';
}
$cnt = 0;
echo '<ul class="session_del">' . PHP_EOL;
$files = glob(G5_DATA_PATH . '/cache/latest-*');
$content_files = glob(G5_DATA_PATH . '/cache/content-*');
$files = array_merge($files, $content_files);
if (is_array($files)) {
foreach ($files as $cache_file) {
$cnt++;
unlink($cache_file);
echo '<li>' . $cache_file . '</li>' . PHP_EOL;
flush();
if ($cnt % 10 == 0) {
echo PHP_EOL;
}
}
}
run_event('adm_cache_file_delete');
echo '<li>완료됨</li></ul>' . PHP_EOL;
echo '<div class="local_desc01 local_desc"><p><strong>최신글 캐시파일 ' . $cnt . '건 삭제 완료됐습니다.</strong><br>프로그램의 실행을 끝마치셔도 좋습니다.</p></div>' . PHP_EOL;
?>
<?php
require_once './admin.tail.php';

108
adm/captcha_file_delete.php
View File

@ -1,52 +1,56 @@
<?php
$sub_menu = '100910';
include_once('./_common.php');
if ($is_admin != 'super')
alert('최고관리자만 접근 가능합니다.', G5_URL);
$g5['title'] = '캡챠파일 일괄삭제';
include_once('./admin.head.php');
?>
<div class="local_desc02 local_desc">
<p>
완료 메세지가 나오기 전에 프로그램의 실행을 중지하지 마십시오.
</p>
</div>
<?php
flush();
if (!$dir=@opendir(G5_DATA_PATH.'/cache')) {
echo '<p>캐시디렉토리를 열지못했습니다.</p>';
}
$cnt=0;
echo '<ul class="session_del">'.PHP_EOL;
$files = glob(G5_DATA_PATH.'/cache/?captcha-*');
if (is_array($files)) {
$before_time = G5_SERVER_TIME - 3600; // 한시간전
foreach ($files as $gcaptcha_file) {
$modification_time = filemtime($gcaptcha_file); // 파일접근시간
if ($modification_time > $before_time) continue;
$cnt++;
unlink($gcaptcha_file);
echo '<li>'.$gcaptcha_file.'</li>'.PHP_EOL;
flush();
if ($cnt%10==0)
echo PHP_EOL;
}
}
echo '<li>완료됨</li></ul>'.PHP_EOL;
echo '<div class="local_desc01 local_desc"><p><strong>캡챠파일 '.$cnt.'건의 삭제 완료됐습니다.</strong><br>프로그램의 실행을 끝마치셔도 좋습니다.</p></div>'.PHP_EOL;
?>
<?php
include_once('./admin.tail.php');
<?php
$sub_menu = '100910';
require_once './_common.php';
if ($is_admin != 'super') {
alert('최고관리자만 접근 가능합니다.', G5_URL);
}
$g5['title'] = '캡챠파일 일괄삭제';
require_once './admin.head.php';
?>
<div class="local_desc02 local_desc">
<p>
완료 메세지가 나오기 전에 프로그램의 실행을 중지하지 마십시오.
</p>
</div>
<?php
flush();
if (!$dir = @opendir(G5_DATA_PATH . '/cache')) {
echo '<p>캐시디렉토리를 열지못했습니다.</p>';
}
$cnt = 0;
echo '<ul class="session_del">' . PHP_EOL;
$files = glob(G5_DATA_PATH . '/cache/?captcha-*');
if (is_array($files)) {
$before_time = G5_SERVER_TIME - 3600; // 한시간전
foreach ($files as $gcaptcha_file) {
$modification_time = filemtime($gcaptcha_file); // 파일접근시간
if ($modification_time > $before_time) {
continue;
}
$cnt++;
unlink($gcaptcha_file);
echo '<li>' . $gcaptcha_file . '</li>' . PHP_EOL;
flush();
if ($cnt % 10 == 0) {
echo PHP_EOL;
}
}
}
echo '<li>완료됨</li></ul>' . PHP_EOL;
echo '<div class="local_desc01 local_desc"><p><strong>캡챠파일 ' . $cnt . '건의 삭제 완료됐습니다.</strong><br>프로그램의 실행을 끝마치셔도 좋습니다.</p></div>' . PHP_EOL;
?>
<?php
require_once './admin.tail.php';

2708
adm/config_form.php
View File

File diff suppressed because it is too large Load Diff

257
adm/config_form_update.php
View File

@ -1,13 +1,14 @@
<?php
$sub_menu = "100100";
include_once('./_common.php');
require_once './_common.php';
check_demo();
auth_check_menu($auth, $sub_menu, 'w');
if ($is_admin != 'super')
if ($is_admin != 'super') {
alert('최고관리자만 접근 가능합니다.');
}
$cf_title = isset($_POST['cf_title']) ? strip_tags(clean_xss_attributes($_POST['cf_title'])) : '';
$cf_admin = isset($_POST['cf_admin']) ? clean_xss_tags($_POST['cf_admin'], 1, 1) : '';
@ -15,156 +16,157 @@ $posts = array();
$mb = get_member($cf_admin);
if (! (isset($mb['mb_id']) && $mb['mb_id']))
if (!(isset($mb['mb_id']) && $mb['mb_id'])) {
alert('최고관리자 회원아이디가 존재하지 않습니다.');
}
check_admin_token();
$cf_social_servicelist = !empty($_POST['cf_social_servicelist']) ? implode(',', $_POST['cf_social_servicelist']) : '';
$check_keys = array('cf_cert_kcb_cd', 'cf_cert_kcp_cd', 'cf_editor', 'cf_recaptcha_site_key', 'cf_recaptcha_secret_key', 'cf_naver_clientid', 'cf_naver_secret', 'cf_facebook_appid', 'cf_facebook_secret', 'cf_twitter_key', 'cf_twitter_secret', 'cf_google_clientid', 'cf_google_secret', 'cf_googl_shorturl_apikey', 'cf_kakao_rest_key', 'cf_kakao_client_secret', 'cf_kakao_js_apikey', 'cf_payco_clientid', 'cf_payco_secret','cf_cert_kg_cd','cf_cert_kg_mid');
$check_keys = array('cf_cert_kcb_cd', 'cf_cert_kcp_cd', 'cf_editor', 'cf_recaptcha_site_key', 'cf_recaptcha_secret_key', 'cf_naver_clientid', 'cf_naver_secret', 'cf_facebook_appid', 'cf_facebook_secret', 'cf_twitter_key', 'cf_twitter_secret', 'cf_google_clientid', 'cf_google_secret', 'cf_googl_shorturl_apikey', 'cf_kakao_rest_key', 'cf_kakao_client_secret', 'cf_kakao_js_apikey', 'cf_payco_clientid', 'cf_payco_secret', 'cf_cert_kg_cd', 'cf_cert_kg_mid');
foreach( $check_keys as $key ){
if ( isset($_POST[$key]) && $_POST[$key] ){
foreach ($check_keys as $key) {
if (isset($_POST[$key]) && $_POST[$key]) {
$posts[$key] = $_POST[$key] = preg_replace('/[^a-z0-9_\-\.]/i', '', $_POST[$key]);
}
}
$posts['cf_icode_server_port'] = $_POST['cf_icode_server_port'] = isset($_POST['cf_icode_server_port']) ? preg_replace('/[^0-9]/', '', $_POST['cf_icode_server_port']) : '7295';
if(isset($_POST['cf_intercept_ip']) && $_POST['cf_intercept_ip']){
if (isset($_POST['cf_intercept_ip']) && $_POST['cf_intercept_ip']) {
$pattern = explode("\n", trim($_POST['cf_intercept_ip']));
for ($i=0; $i<count($pattern); $i++) {
for ($i = 0; $i < count($pattern); $i++) {
$pattern[$i] = trim($pattern[$i]);
if (empty($pattern[$i]))
if (empty($pattern[$i])) {
continue;
}
$pattern[$i] = str_replace(".", "\.", $pattern[$i]);
$pattern[$i] = str_replace("+", "[0-9\.]+", $pattern[$i]);
$pat = "/^{$pattern[$i]}$/";
if( preg_match($pat, $_SERVER['REMOTE_ADDR']) ){
alert("현재 접속 IP : ".$_SERVER['REMOTE_ADDR']." 가 차단될수 있기 때문에, 다른 IP를 입력해 주세요.");
if (preg_match($pat, $_SERVER['REMOTE_ADDR'])) {
alert("현재 접속 IP : " . $_SERVER['REMOTE_ADDR'] . " 가 차단될수 있기 때문에, 다른 IP를 입력해 주세요.");
}
}
}
$check_keys = array(
'cf_use_email_certify' => 'int',
'cf_use_homepage' => 'int',
'cf_req_homepage' => 'int',
'cf_use_tel' => 'int',
'cf_req_tel' => 'int',
'cf_use_hp' => 'int',
'cf_req_hp' => 'int',
'cf_use_addr' => 'int',
'cf_req_addr' => 'int',
'cf_use_signature' => 'int',
'cf_req_signature' => 'int',
'cf_use_profile' => 'int',
'cf_req_profile' => 'int',
'cf_register_level' => 'int',
'cf_register_point' => 'int',
'cf_icon_level' => 'int',
'cf_use_recommend' => 'int',
'cf_leave_day' => 'int',
'cf_search_part' => 'int',
'cf_email_use' => 'int',
'cf_email_wr_super_admin' => 'int',
'cf_email_wr_group_admin' => 'int',
'cf_email_wr_board_admin' => 'int',
'cf_email_wr_write' => 'int',
'cf_email_wr_comment_all' => 'int',
'cf_email_mb_super_admin' => 'int',
'cf_email_mb_member' => 'int',
'cf_email_po_super_admin' => 'int',
'cf_prohibit_id' => 'text',
'cf_prohibit_email' => 'text',
'cf_new_del' => 'int',
'cf_memo_del' => 'int',
'cf_visit_del' => 'int',
'cf_popular_del' => 'int',
'cf_use_member_icon' => 'int',
'cf_member_icon_size' => 'int',
'cf_member_icon_width' => 'int',
'cf_member_icon_height' => 'int',
'cf_member_img_size' => 'int',
'cf_member_img_width' => 'int',
'cf_member_img_height' => 'int',
'cf_login_minutes' => 'int',
'cf_formmail_is_member' => 'int',
'cf_page_rows' => 'int',
'cf_mobile_page_rows' => 'int',
'cf_social_login_use' => 'int',
'cf_cert_req' => 'int',
'cf_cert_use' => 'int',
'cf_cert_find' => 'int',
'cf_cert_ipin' => 'char',
'cf_cert_hp' => 'char',
'cf_cert_simple' => 'char',
'cf_admin_email' => 'char',
'cf_admin_email_name' => 'char',
'cf_add_script' => 'text',
'cf_use_point' => 'int',
'cf_point_term' => 'int',
'cf_use_copy_log' => 'int',
'cf_login_point' => 'int',
'cf_cut_name' => 'int',
'cf_nick_modify' => 'int',
'cf_new_skin' => 'char',
'cf_new_rows' => 'int',
'cf_search_skin' => 'char',
'cf_connect_skin' => 'char',
'cf_faq_skin' => 'char',
'cf_read_point' => 'int',
'cf_write_point' => 'int',
'cf_comment_point' => 'int',
'cf_download_point' => 'int',
'cf_write_pages' => 'int',
'cf_mobile_pages' => 'int',
'cf_link_target' => 'char',
'cf_delay_sec' => 'int',
'cf_filter' => 'text',
'cf_possible_ip' => 'text',
'cf_analytics' => 'text',
'cf_add_meta' => 'text',
'cf_member_skin' => 'char',
'cf_image_extension' => 'char',
'cf_flash_extension' => 'char',
'cf_movie_extension' => 'char',
'cf_visit' => 'char',
'cf_stipulation' => 'text',
'cf_privacy' => 'text',
'cf_open_modify' => 'int',
'cf_memo_send_point' => 'int',
'cf_mobile_new_skin' => 'char',
'cf_mobile_search_skin' => 'char',
'cf_mobile_connect_skin' => 'char',
'cf_mobile_faq_skin' => 'char',
'cf_mobile_member_skin' => 'char',
'cf_captcha_mp3' => 'char',
'cf_cert_limit' => 'int',
'cf_sms_use' => 'char',
'cf_sms_type' => 'char',
'cf_icode_id' => 'char',
'cf_icode_pw' => 'char',
'cf_icode_server_ip' => 'char',
'cf_captcha' => 'char',
'cf_syndi_token' => '',
'cf_syndi_except' => ''
'cf_use_email_certify' => 'int',
'cf_use_homepage' => 'int',
'cf_req_homepage' => 'int',
'cf_use_tel' => 'int',
'cf_req_tel' => 'int',
'cf_use_hp' => 'int',
'cf_req_hp' => 'int',
'cf_use_addr' => 'int',
'cf_req_addr' => 'int',
'cf_use_signature' => 'int',
'cf_req_signature' => 'int',
'cf_use_profile' => 'int',
'cf_req_profile' => 'int',
'cf_register_level' => 'int',
'cf_register_point' => 'int',
'cf_icon_level' => 'int',
'cf_use_recommend' => 'int',
'cf_leave_day' => 'int',
'cf_search_part' => 'int',
'cf_email_use' => 'int',
'cf_email_wr_super_admin' => 'int',
'cf_email_wr_group_admin' => 'int',
'cf_email_wr_board_admin' => 'int',
'cf_email_wr_write' => 'int',
'cf_email_wr_comment_all' => 'int',
'cf_email_mb_super_admin' => 'int',
'cf_email_mb_member' => 'int',
'cf_email_po_super_admin' => 'int',
'cf_prohibit_id' => 'text',
'cf_prohibit_email' => 'text',
'cf_new_del' => 'int',
'cf_memo_del' => 'int',
'cf_visit_del' => 'int',
'cf_popular_del' => 'int',
'cf_use_member_icon' => 'int',
'cf_member_icon_size' => 'int',
'cf_member_icon_width' => 'int',
'cf_member_icon_height' => 'int',
'cf_member_img_size' => 'int',
'cf_member_img_width' => 'int',
'cf_member_img_height' => 'int',
'cf_login_minutes' => 'int',
'cf_formmail_is_member' => 'int',
'cf_page_rows' => 'int',
'cf_mobile_page_rows' => 'int',
'cf_social_login_use' => 'int',
'cf_cert_req' => 'int',
'cf_cert_use' => 'int',
'cf_cert_find' => 'int',
'cf_cert_ipin' => 'char',
'cf_cert_hp' => 'char',
'cf_cert_simple' => 'char',
'cf_admin_email' => 'char',
'cf_admin_email_name' => 'char',
'cf_add_script' => 'text',
'cf_use_point' => 'int',
'cf_point_term' => 'int',
'cf_use_copy_log' => 'int',
'cf_login_point' => 'int',
'cf_cut_name' => 'int',
'cf_nick_modify' => 'int',
'cf_new_skin' => 'char',
'cf_new_rows' => 'int',
'cf_search_skin' => 'char',
'cf_connect_skin' => 'char',
'cf_faq_skin' => 'char',
'cf_read_point' => 'int',
'cf_write_point' => 'int',
'cf_comment_point' => 'int',
'cf_download_point' => 'int',
'cf_write_pages' => 'int',
'cf_mobile_pages' => 'int',
'cf_link_target' => 'char',
'cf_delay_sec' => 'int',
'cf_filter' => 'text',
'cf_possible_ip' => 'text',
'cf_analytics' => 'text',
'cf_add_meta' => 'text',
'cf_member_skin' => 'char',
'cf_image_extension' => 'char',
'cf_flash_extension' => 'char',
'cf_movie_extension' => 'char',
'cf_visit' => 'char',
'cf_stipulation' => 'text',
'cf_privacy' => 'text',
'cf_open_modify' => 'int',
'cf_memo_send_point' => 'int',
'cf_mobile_new_skin' => 'char',
'cf_mobile_search_skin' => 'char',
'cf_mobile_connect_skin' => 'char',
'cf_mobile_faq_skin' => 'char',
'cf_mobile_member_skin' => 'char',
'cf_captcha_mp3' => 'char',
'cf_cert_limit' => 'int',
'cf_sms_use' => 'char',
'cf_sms_type' => 'char',
'cf_icode_id' => 'char',
'cf_icode_pw' => 'char',
'cf_icode_server_ip' => 'char',
'cf_captcha' => 'char',
'cf_syndi_token' => '',
'cf_syndi_except' => ''
);
for($i=1;$i<=10;$i++){
$check_keys['cf_'.$i.'_subj'] = isset($_POST['cf_'.$i.'_subj']) ? $_POST['cf_'.$i.'_subj'] : '';
$check_keys['cf_'.$i] = isset($_POST['cf_'.$i]) ? $_POST['cf_'.$i] : '';
for ($i = 1; $i <= 10; $i++) {
$check_keys['cf_' . $i . '_subj'] = isset($_POST['cf_' . $i . '_subj']) ? $_POST['cf_' . $i . '_subj'] : '';
$check_keys['cf_' . $i] = isset($_POST['cf_' . $i]) ? $_POST['cf_' . $i] : '';
}
foreach( $check_keys as $k => $v ){
if( $v === 'int' ){
foreach ($check_keys as $k => $v) {
if ($v === 'int') {
$posts[$key] = $_POST[$k] = isset($_POST[$k]) ? (int) $_POST[$k] : 0;
} else {
if(in_array($k, array('cf_analytics', 'cf_add_meta', 'cf_add_script', 'cf_stipulation', 'cf_privacy'))){
if (in_array($k, array('cf_analytics', 'cf_add_meta', 'cf_add_script', 'cf_stipulation', 'cf_privacy'))) {
$posts[$key] = $_POST[$k] = isset($_POST[$k]) ? $_POST[$k] : '';
} else {
$posts[$key] = $_POST[$k] = isset($_POST[$k]) ? strip_tags(clean_xss_attributes($_POST[$k])) : '';
@ -173,10 +175,11 @@ foreach( $check_keys as $k => $v ){
}
// 본인확인을 사용할 경우 아이핀, 휴대폰인증 중 하나는 선택되어야 함
if($_POST['cf_cert_use'] && !$_POST['cf_cert_ipin'] && !$_POST['cf_cert_hp'] && !$_POST['cf_cert_simple'])
if ($_POST['cf_cert_use'] && !$_POST['cf_cert_ipin'] && !$_POST['cf_cert_hp'] && !$_POST['cf_cert_simple']) {
alert('본인확인을 위해 아이핀, 휴대폰 본인확인, KG이니시스 간편인증 서비스 중 하나 이상 선택해 주십시오.');
}
if(!$_POST['cf_cert_use']) {
if (!$_POST['cf_cert_use']) {
$posts[$key] = $_POST['cf_cert_ipin'] = '';
$posts[$key] = $_POST['cf_cert_hp'] = '';
$posts[$key] = $_POST['cf_cert_simple'] = '';
@ -209,8 +212,8 @@ $sql = " update {$g5['config_table']}
cf_link_target = '{$_POST['cf_link_target']}',
cf_delay_sec = '{$_POST['cf_delay_sec']}',
cf_filter = '{$_POST['cf_filter']}',
cf_possible_ip = '".trim($_POST['cf_possible_ip'])."',
cf_intercept_ip = '".trim($_POST['cf_intercept_ip'])."',
cf_possible_ip = '" . trim($_POST['cf_possible_ip']) . "',
cf_intercept_ip = '" . trim($_POST['cf_intercept_ip']) . "',
cf_analytics = '{$_POST['cf_analytics']}',
cf_add_meta = '{$_POST['cf_add_meta']}',
cf_syndi_token = '{$_POST['cf_syndi_token']}',
@ -282,7 +285,7 @@ $sql = " update {$g5['config_table']}
cf_cert_hp = '{$_POST['cf_cert_hp']}',
cf_cert_simple = '{$_POST['cf_cert_simple']}',
cf_cert_kg_cd = '{$_POST['cf_cert_kg_cd']}',
cf_cert_kg_mid = '".trim($_POST['cf_cert_kg_mid'])."',
cf_cert_kg_mid = '" . trim($_POST['cf_cert_kg_mid']) . "',
cf_cert_kcb_cd = '{$_POST['cf_cert_kcb_cd']}',
cf_cert_kcp_cd = '{$_POST['cf_cert_kcp_cd']}',
cf_cert_limit = '{$_POST['cf_cert_limit']}',
@ -337,7 +340,7 @@ sql_query($sql);
//sql_query(" OPTIMIZE TABLE `$g5[config_table]` ");
if( isset($_POST['cf_bbs_rewrite']) ){
if (isset($_POST['cf_bbs_rewrite'])) {
g5_delete_all_cache();
}
@ -345,4 +348,4 @@ run_event('admin_config_form_update');
update_rewrite_rules();
goto_url('./config_form.php', false);
goto_url('./config_form.php', false);

605
adm/contentform.php
View File

@ -1,298 +1,307 @@
<?php
$sub_menu = '300600';
include_once('./_common.php');
include_once(G5_EDITOR_LIB);
auth_check_menu($auth, $sub_menu, "w");
$co_id = isset($_REQUEST['co_id']) ? preg_replace('/[^a-z0-9_]/i', '', $_REQUEST['co_id']) : '';
// 상단, 하단 파일경로 필드 추가
if(!sql_query(" select co_include_head from {$g5['content_table']} limit 1 ", false)) {
$sql = " ALTER TABLE `{$g5['content_table']}` ADD `co_include_head` VARCHAR( 255 ) NOT NULL ,
ADD `co_include_tail` VARCHAR( 255 ) NOT NULL ";
sql_query($sql, false);
}
// html purifier 사용여부 필드
if(!sql_query(" select co_tag_filter_use from {$g5['content_table']} limit 1 ", false)) {
sql_query(" ALTER TABLE `{$g5['content_table']}`
ADD `co_tag_filter_use` tinyint(4) NOT NULL DEFAULT '0' AFTER `co_content` ", true);
sql_query(" update {$g5['content_table']} set co_tag_filter_use = '1' ");
}
// 모바일 내용 추가
if(!sql_query(" select co_mobile_content from {$g5['content_table']} limit 1", false)) {
sql_query(" ALTER TABLE `{$g5['content_table']}`
ADD `co_mobile_content` longtext NOT NULL AFTER `co_content` ", true);
}
// 스킨 설정 추가
if(!sql_query(" select co_skin from {$g5['content_table']} limit 1 ", false)) {
sql_query(" ALTER TABLE `{$g5['content_table']}`
ADD `co_skin` varchar(255) NOT NULL DEFAULT '' AFTER `co_mobile_content`,
ADD `co_mobile_skin` varchar(255) NOT NULL DEFAULT '' AFTER `co_skin` ", true);
sql_query(" update {$g5['content_table']} set co_skin = 'basic', co_mobile_skin = 'basic' ");
}
$html_title = "내용";
$g5['title'] = $html_title.' 관리';
$readonly = '';
if ($w == "u")
{
$html_title .= " 수정";
$readonly = " readonly";
$sql = " select * from {$g5['content_table']} where co_id = '$co_id' ";
$co = sql_fetch($sql);
if (!$co['co_id'])
alert('등록된 자료가 없습니다.');
}
else
{
$html_title .= ' 입력';
$co = array(
'co_id' => '',
'co_subject' => '',
'co_content' => '',
'co_mobile_content' => '',
'co_include_head' => '',
'co_include_tail' => '',
'co_tag_filter_use' => 1,
'co_html' => 2,
'co_skin' => 'basic',
'co_mobile_skin' => 'basic'
);
}
include_once (G5_ADMIN_PATH.'/admin.head.php');
?>
<form name="frmcontentform" action="./contentformupdate.php" onsubmit="return frmcontentform_check(this);" method="post" enctype="MULTIPART/FORM-DATA" >
<input type="hidden" name="w" value="<?php echo $w; ?>">
<input type="hidden" name="co_html" value="1">
<input type="hidden" name="token" value="">
<div class="tbl_frm01 tbl_wrap">
<table>
<caption><?php echo $g5['title']; ?> 목록</caption>
<colgroup>
<col class="grid_4">
<col>
</colgroup>
<tbody>
<tr>
<th scope="row"><label for="co_id">ID</label></th>
<td>
<?php echo help('20자 이내의 영문자, 숫자, _ 만 가능합니다.'); ?>
<input type="text" value="<?php echo $co['co_id']; ?>" name="co_id" id ="co_id" required <?php echo $readonly; ?> class="required <?php echo $readonly; ?> frm_input" size="20" maxlength="20">
<?php if ($w == 'u') { ?><a href="<?php echo get_pretty_url('content', $co_id); ?>" class="btn_frmline">내용확인</a><?php } ?>
</td>
</tr>
<tr>
<th scope="row"><label for="co_subject">제목</label></th>
<td><input type="text" name="co_subject" value="<?php echo htmlspecialchars2($co['co_subject']); ?>" id="co_subject" required class="frm_input required" size="90"></td>
</tr>
<tr>
<th scope="row">내용</th>
<td><?php echo editor_html('co_content', get_text(html_purifier($co['co_content']), 0)); ?></td>
</tr>
<tr>
<th scope="row">모바일 내용</th>
<td><?php echo editor_html('co_mobile_content', get_text(html_purifier($co['co_mobile_content']), 0)); ?></td>
</tr>
<tr>
<th scope="row"><label for="co_skin">스킨 디렉토리<strong class="sound_only">필수</strong></label></th>
<td>
<?php echo get_skin_select('content', 'co_skin', 'co_skin', $co['co_skin'], 'required'); ?>
</td>
</tr>
<tr>
<th scope="row"><label for="co_mobile_skin">모바일스킨 디렉토리<strong class="sound_only">필수</strong></label></th>
<td>
<?php echo get_mobile_skin_select('content', 'co_mobile_skin', 'co_mobile_skin', $co['co_mobile_skin'], 'required'); ?>
</td>
</tr>
<!--
<tr>
<th scope="row"><label for="co_tag_filter_use">태그 필터링 사용</label></th>
<td>
<?php echo help("내용에서 iframe 등의 태그를 사용하려면 사용안함으로 선택해 주십시오."); ?>
<select name="co_tag_filter_use" id="co_tag_filter_use">
<option value="1"<?php echo get_selected($co['co_tag_filter_use'], 1); ?>>사용함</option>
<option value="0"<?php echo get_selected($co['co_tag_filter_use'], 0); ?>>사용안함</option>
</select>
</td>
</tr>
-->
<tr>
<th scope="row"><label for="co_include_head">상단 파일 경로</label></th>
<td>
<?php echo help("설정값이 없으면 기본 상단 파일을 사용합니다."); ?>
<input type="text" name="co_include_head" value="<?php echo $co['co_include_head']; ?>" id="co_include_head" class="frm_input" size="60">
</td>
</tr>
<tr>
<th scope="row"><label for="co_include_tail">단 파일 경로</label></th>
<td>
<?php echo help("설정값이 없으면 기본 단 파일을 사용합니다."); ?>
<input type="text" name="co_include_tail" value="<?php echo $co['co_include_tail']; ?>" id="co_include_tail" class="frm_input" size="60">
</td>
</tr>
<tr id="admin_captcha_box" style="display:none;">
<th scope="row">자동등록방지</th>
<td>
<?php
echo help("파일 경로를 입력 또는 수정시 캡챠를 반드시 입력해야 합니다.");
include_once(G5_CAPTCHA_PATH.'/captcha.lib.php');
$captcha_html = captcha_html();
$captcha_js = chk_captcha_js();
echo $captcha_html;
?>
<script>
jQuery("#captcha_key").removeAttr("required").removeClass("required");
</script>
</td>
</tr>
<tr>
<th scope="row"><label for="co_himg">상단이미지</label></th>
<td>
<input type="file" name="co_himg" id="co_himg">
<?php
$himg = G5_DATA_PATH.'/content/'.$co['co_id'].'_h';
$himg_str = '';
if (file_exists($himg)) {
$size = @getimagesize($himg);
if($size[0] && $size[0] > 750)
$width = 750;
else
$width = $size[0];
echo '<input type="checkbox" name="co_himg_del" value="1" id="co_himg_del"> <label for="co_himg_del">삭제</label>';
$himg_str = '<img src="'.G5_DATA_URL.'/content/'.$co['co_id'].'_h" width="'.$width.'" alt="">';
}
if ($himg_str) {
echo '<div class="banner_or_img">';
echo $himg_str;
echo '</div>';
}
?>
</td>
</tr>
<tr>
<th scope="row"><label for="co_timg">하단이미지</label></th>
<td>
<input type="file" name="co_timg" id="co_timg">
<?php
$timg = G5_DATA_PATH.'/content/'.$co['co_id'].'_t';
$timg_str = '';
if (file_exists($timg)) {
$size = @getimagesize($timg);
if($size[0] && $size[0] > 750)
$width = 750;
else
$width = $size[0];
echo '<input type="checkbox" name="co_timg_del" value="1" id="co_timg_del"> <label for="co_timg_del">삭제</label>';
$timg_str = '<img src="'.G5_DATA_URL.'/content/'.$co['co_id'].'_t" width="'.$width.'" alt="">';
}
if ($timg_str) {
echo '<div class="banner_or_img">';
echo $timg_str;
echo '</div>';
}
?>
</td>
</tr>
</tbody>
</table>
</div>
<div class="btn_fixed_top">
<a href="./contentlist.php" class="btn btn_02">목록</a>
<input type="submit" value="확인" class="btn btn_submit" accesskey="s">
</div>
</form>
<?php
// [KVE-2018-2089] 취약점 으로 인해 파일 경로 수정시에만 자동등록방지 코드 사용
?>
<script>
var captcha_chk = false;
function use_captcha_check(){
$.ajax({
type: "POST",
url: g5_admin_url+"/ajax.use_captcha.php",
data: { admin_use_captcha: "1" },
cache: false,
async: false,
dataType: "json",
success: function(data) {
}
});
}
function frm_check_file(){
var co_include_head = "<?php echo $co['co_include_head']; ?>";
var co_include_tail = "<?php echo $co['co_include_tail']; ?>";
var head = jQuery.trim(jQuery("#co_include_head").val());
var tail = jQuery.trim(jQuery("#co_include_tail").val());
if(co_include_head !== head || co_include_tail !== tail){
// 캡챠를 사용합니다.
jQuery("#admin_captcha_box").show();
captcha_chk = true;
use_captcha_check();
return false;
} else {
jQuery("#admin_captcha_box").hide();
}
return true;
}
jQuery(function($){
if( window.self !== window.top ){ // frame 또는 iframe을 사용할 경우 체크
$("#co_include_head, #co_include_tail").on("change paste keyup", function(e) {
frm_check_file();
});
use_captcha_check();
}
});
function frmcontentform_check(f)
{
errmsg = "";
errfld = "";
<?php echo get_editor_js('co_content'); ?>
<?php echo chk_editor_js('co_content'); ?>
<?php echo get_editor_js('co_mobile_content'); ?>
check_field(f.co_id, "ID를 입력하세요.");
check_field(f.co_subject, "제목을 입력하세요.");
check_field(f.co_content, "내용을 입력하세요.");
if (errmsg != "") {
alert(errmsg);
errfld.focus();
return false;
}
if( captcha_chk ) {
<?php echo $captcha_js; // 캡챠 사용시 자바스크립트에서 입력된 캡챠를 검사함 ?>
}
return true;
}
</script>
<?php
include_once (G5_ADMIN_PATH.'/admin.tail.php');
<?php
$sub_menu = '300600';
require_once './_common.php';
require_once G5_EDITOR_LIB;
auth_check_menu($auth, $sub_menu, "w");
$co_id = isset($_REQUEST['co_id']) ? preg_replace('/[^a-z0-9_]/i', '', $_REQUEST['co_id']) : '';
// 상단, 하단 파일경로 필드 추가
if (!sql_query(" select co_include_head from {$g5['content_table']} limit 1 ", false)) {
$sql = " ALTER TABLE `{$g5['content_table']}` ADD `co_include_head` VARCHAR( 255 ) NOT NULL ,
ADD `co_include_tail` VARCHAR( 255 ) NOT NULL ";
sql_query($sql, false);
}
// html purifier 사용여부 필드
if (!sql_query(" select co_tag_filter_use from {$g5['content_table']} limit 1 ", false)) {
sql_query(
" ALTER TABLE `{$g5['content_table']}`
ADD `co_tag_filter_use` tinyint(4) NOT NULL DEFAULT '0' AFTER `co_content` ",
true
);
sql_query(" update {$g5['content_table']} set co_tag_filter_use = '1' ");
}
// 모바일 내용 추가
if (!sql_query(" select co_mobile_content from {$g5['content_table']} limit 1", false)) {
sql_query(
" ALTER TABLE `{$g5['content_table']}`
ADD `co_mobile_content` longtext NOT NULL AFTER `co_content` ",
true
);
}
// 스킨 설정 추가
if (!sql_query(" select co_skin from {$g5['content_table']} limit 1 ", false)) {
sql_query(
" ALTER TABLE `{$g5['content_table']}`
ADD `co_skin` varchar(255) NOT NULL DEFAULT '' AFTER `co_mobile_content`,
ADD `co_mobile_skin` varchar(255) NOT NULL DEFAULT '' AFTER `co_skin` ",
true
);
sql_query(" update {$g5['content_table']} set co_skin = 'basic', co_mobile_skin = 'basic' ");
}
$html_title = "내용";
$g5['title'] = $html_title . ' 관리';
$readonly = '';
if ($w == "u") {
$html_title .= " 수정";
$readonly = " readonly";
$sql = " select * from {$g5['content_table']} where co_id = '$co_id' ";
$co = sql_fetch($sql);
if (!$co['co_id']) {
alert('등록된 자료가 없습니다.');
}
} else {
$html_title .= ' 입력';
$co = array(
'co_id' => '',
'co_subject' => '',
'co_content' => '',
'co_mobile_content' => '',
'co_include_head' => '',
'co_include_tail' => '',
'co_tag_filter_use' => 1,
'co_html' => 2,
'co_skin' => 'basic',
'co_mobile_skin' => 'basic'
);
}
require_once G5_ADMIN_PATH . '/admin.head.php';
?>
<form name="frmcontentform" action="./contentformupdate.php" onsubmit="return frmcontentform_check(this);" method="post" enctype="MULTIPART/FORM-DATA">
<input type="hidden" name="w" value="<?php echo $w; ?>">
<input type="hidden" name="co_html" value="1">
<input type="hidden" name="token" value="">
<div class="tbl_frm01 tbl_wrap">
<table>
<caption><?php echo $g5['title']; ?> 목록</caption>
<colgroup>
<col class="grid_4">
<col>
</colgroup>
<tbody>
<tr>
<th scope="row"><label for="co_id">ID</label></th>
<td>
<?php echo help('20자 이내의 영문자, 숫자, _ 만 가능합니다.'); ?>
<input type="text" value="<?php echo $co['co_id']; ?>" name="co_id" id="co_id" required <?php echo $readonly; ?> class="required <?php echo $readonly; ?> frm_input" size="20" maxlength="20">
<?php if ($w == 'u') { ?><a href="<?php echo get_pretty_url('content', $co_id); ?>" class="btn_frmline">내용확인</a><?php } ?>
</td>
</tr>
<tr>
<th scope="row"><label for="co_subject">제목</label></th>
<td><input type="text" name="co_subject" value="<?php echo htmlspecialchars2($co['co_subject']); ?>" id="co_subject" required class="frm_input required" size="90"></td>
</tr>
<tr>
<th scope="row">내용</th>
<td><?php echo editor_html('co_content', get_text(html_purifier($co['co_content']), 0)); ?></td>
</tr>
<tr>
<th scope="row">모바일 내용</th>
<td><?php echo editor_html('co_mobile_content', get_text(html_purifier($co['co_mobile_content']), 0)); ?></td>
</tr>
<tr>
<th scope="row"><label for="co_skin">스킨 디렉토리<strong class="sound_only">필수</strong></label></th>
<td>
<?php echo get_skin_select('content', 'co_skin', 'co_skin', $co['co_skin'], 'required'); ?>
</td>
</tr>
<tr>
<th scope="row"><label for="co_mobile_skin">모바일스킨 디렉토리<strong class="sound_only">필수</strong></label></th>
<td>
<?php echo get_mobile_skin_select('content', 'co_mobile_skin', 'co_mobile_skin', $co['co_mobile_skin'], 'required'); ?>
</td>
</tr>
<!--
<tr>
<th scope="row"><label for="co_tag_filter_use">태그 필터링 사용</label></th>
<td>
<?php echo help("내용에서 iframe 등의 태그를 사용하려면 사용안함으로 선택해 주십시오."); ?>
<select name="co_tag_filter_use" id="co_tag_filter_use">
<option value="1"<?php echo get_selected($co['co_tag_filter_use'], 1); ?>>사용함</option>
<option value="0"<?php echo get_selected($co['co_tag_filter_use'], 0); ?>>사용안함</option>
</select>
</td>
</tr>
-->
<tr>
<th scope="row"><label for="co_include_head">단 파일 경로</label></th>
<td>
<?php echo help("설정값이 없으면 기본 단 파일을 사용합니다."); ?>
<input type="text" name="co_include_head" value="<?php echo $co['co_include_head']; ?>" id="co_include_head" class="frm_input" size="60">
</td>
</tr>
<tr>
<th scope="row"><label for="co_include_tail">하단 파일 경로</label></th>
<td>
<?php echo help("설정값이 없으면 기본 하단 파일을 사용합니다."); ?>
<input type="text" name="co_include_tail" value="<?php echo $co['co_include_tail']; ?>" id="co_include_tail" class="frm_input" size="60">
</td>
</tr>
<tr id="admin_captcha_box" style="display:none;">
<th scope="row">자동등록방지</th>
<td>
<?php
echo help("파일 경로를 입력 또는 수정시 캡챠를 반드시 입력해야 합니다.");
require_once G5_CAPTCHA_PATH . '/captcha.lib.php';
$captcha_html = captcha_html();
$captcha_js = chk_captcha_js();
echo $captcha_html;
?>
<script>
jQuery("#captcha_key").removeAttr("required").removeClass("required");
</script>
</td>
</tr>
<tr>
<th scope="row"><label for="co_himg">상단이미지</label></th>
<td>
<input type="file" name="co_himg" id="co_himg">
<?php
$himg = G5_DATA_PATH . '/content/' . $co['co_id'] . '_h';
$himg_str = '';
if (file_exists($himg)) {
$size = @getimagesize($himg);
if ($size[0] && $size[0] > 750) {
$width = 750;
} else {
$width = $size[0];
}
echo '<input type="checkbox" name="co_himg_del" value="1" id="co_himg_del"> <label for="co_himg_del">삭제</label>';
$himg_str = '<img src="' . G5_DATA_URL . '/content/' . $co['co_id'] . '_h" width="' . $width . '" alt="">';
}
if ($himg_str) {
echo '<div class="banner_or_img">';
echo $himg_str;
echo '</div>';
}
?>
</td>
</tr>
<tr>
<th scope="row"><label for="co_timg">하단이미지</label></th>
<td>
<input type="file" name="co_timg" id="co_timg">
<?php
$timg = G5_DATA_PATH . '/content/' . $co['co_id'] . '_t';
$timg_str = '';
if (file_exists($timg)) {
$size = @getimagesize($timg);
if ($size[0] && $size[0] > 750) {
$width = 750;
} else {
$width = $size[0];
}
echo '<input type="checkbox" name="co_timg_del" value="1" id="co_timg_del"> <label for="co_timg_del">삭제</label>';
$timg_str = '<img src="' . G5_DATA_URL . '/content/' . $co['co_id'] . '_t" width="' . $width . '" alt="">';
}
if ($timg_str) {
echo '<div class="banner_or_img">';
echo $timg_str;
echo '</div>';
}
?>
</td>
</tr>
</tbody>
</table>
</div>
<div class="btn_fixed_top">
<a href="./contentlist.php" class="btn btn_02">목록</a>
<input type="submit" value="확인" class="btn btn_submit" accesskey="s">
</div>
</form>
<?php
// [KVE-2018-2089] 취약점 으로 인해 파일 경로 수정시에만 자동등록방지 코드 사용
?>
<script>
var captcha_chk = false;
function use_captcha_check() {
$.ajax({
type: "POST",
url: g5_admin_url + "/ajax.use_captcha.php",
data: {
admin_use_captcha: "1"
},
cache: false,
async: false,
dataType: "json",
success: function(data) {}
});
}
function frm_check_file() {
var co_include_head = "<?php echo $co['co_include_head']; ?>";
var co_include_tail = "<?php echo $co['co_include_tail']; ?>";
var head = jQuery.trim(jQuery("#co_include_head").val());
var tail = jQuery.trim(jQuery("#co_include_tail").val());
if (co_include_head !== head || co_include_tail !== tail) {
// 캡챠를 사용합니다.
jQuery("#admin_captcha_box").show();
captcha_chk = true;
use_captcha_check();
return false;
} else {
jQuery("#admin_captcha_box").hide();
}
return true;
}
jQuery(function($) {
if (window.self !== window.top) { // frame 또는 iframe을 사용할 경우 체크
$("#co_include_head, #co_include_tail").on("change paste keyup", function(e) {
frm_check_file();
});
use_captcha_check();
}
});
function frmcontentform_check(f) {
errmsg = "";
errfld = "";
<?php echo get_editor_js('co_content'); ?>
<?php echo chk_editor_js('co_content'); ?>
<?php echo get_editor_js('co_mobile_content'); ?>
check_field(f.co_id, "ID를 입력하세요.");
check_field(f.co_subject, "제목을 입력하세요.");
check_field(f.co_content, "내용을 입력하세요.");
if (errmsg != "") {
alert(errmsg);
errfld.focus();
return false;
}
if (captcha_chk) {
<?php echo $captcha_js; // 캡챠 사용시 자바스크립트에서 입력된 캡챠를 검사함 ?>
}
return true;
}
</script>
<?php
require_once G5_ADMIN_PATH . '/admin.tail.php';

311
adm/contentformupdate.php
View File

@ -1,157 +1,154 @@
<?php
$sub_menu = '300600';
include_once('./_common.php');
if ($w == "u" || $w == "d")
check_demo();
if ($w == 'd')
auth_check_menu($auth, $sub_menu, "d");
else
auth_check_menu($auth, $sub_menu, "w");
check_admin_token();
$co_row = array('co_id'=>'', 'co_include_head'=>'', 'co_include_tail'=>'');
if ($w == "" || $w == "u")
{
if(isset($_REQUEST['co_id']) && preg_match("/[^a-z0-9_]/i", $_REQUEST['co_id'])) alert("ID 는 영문자, 숫자, _ 만 가능합니다.");
$sql = " select * from {$g5['content_table']} where co_id = '$co_id' ";
$co_row = sql_fetch($sql);
}
$co_id = isset($_REQUEST['co_id']) ? preg_replace('/[^a-z0-9_]/i', '', $_REQUEST['co_id']) : '';
$co_subject = isset($_POST['co_subject']) ? strip_tags(clean_xss_attributes($_POST['co_subject'])) : '';
$co_include_head = isset($_POST['co_include_head']) ? preg_replace(array("#[\\\]+$#", "#(<\?php|<\?)#i"), "", substr($_POST['co_include_head'], 0, 255)) : '';
$co_include_tail = isset($_POST['co_include_tail']) ? preg_replace(array("#[\\\]+$#", "#(<\?php|<\?)#i"), "", substr($_POST['co_include_tail'], 0, 255)) : '';
$co_tag_filter_use = isset($_POST['co_tag_filter_use']) ? (int) $_POST['co_tag_filter_use'] : 1;
$co_himg_del = (isset($_POST['co_himg_del']) && $_POST['co_himg_del']) ? 1 : 0;
$co_timg_del = (isset($_POST['co_timg_del']) && $_POST['co_timg_del']) ? 1 : 0;
$co_html = isset($_POST['co_html']) ? (int) $_POST['co_html'] : 0;
$co_content = isset($_POST['co_content']) ? $_POST['co_content'] : '';
$co_mobile_content = isset($_POST['co_mobile_content']) ? $_POST['co_mobile_content'] : '';
$co_skin = isset($_POST['co_skin']) ? clean_xss_tags($_POST['co_skin'], 1, 1) : '';
$co_mobile_skin = isset($_POST['co_mobile_skin']) ? clean_xss_tags($_POST['co_mobile_skin'], 1, 1) : '';
// 관리자가 자동등록방지를 사용해야 할 경우
if ((( isset($co_row['co_include_head']) && $co_row['co_include_head'] !== $co_include_head ) || ( isset($co_row['co_include_tail']) && $co_row['co_include_tail'] !== $co_include_tail )) && function_exists('get_admin_captcha_by') && get_admin_captcha_by()){
include_once(G5_CAPTCHA_PATH.'/captcha.lib.php');
if (!chk_captcha()) {
alert('자동등록방지 숫자가 틀렸습니다.');
}
}
@mkdir(G5_DATA_PATH."/content", G5_DIR_PERMISSION);
@chmod(G5_DATA_PATH."/content", G5_DIR_PERMISSION);
if ($co_himg_del) @unlink(G5_DATA_PATH."/content/{$co_id}_h");
if ($co_timg_del) @unlink(G5_DATA_PATH."/content/{$co_id}_t");
$error_msg = '';
if( $co_include_head ){
$file_ext = pathinfo($co_include_head, PATHINFO_EXTENSION);
if( ! $file_ext || ! in_array($file_ext, array('php', 'htm', 'html')) || ! preg_match('/^.*\.(php|htm|html)$/i', $co_include_head) ) {
alert('상단 파일 경로의 확장자는 php, htm, html 만 허용합니다.');
}
}
if( $co_include_tail ){
$file_ext = pathinfo($co_include_tail, PATHINFO_EXTENSION);
if( ! $file_ext || ! in_array($file_ext, array('php', 'htm', 'html')) || ! preg_match('/^.*\.(php|htm|html)$/i', $co_include_tail) ) {
alert('하단 파일 경로의 확장자는 php, htm, html 만 허용합니다.');
}
}
if( $co_include_head && ! is_include_path_check($co_include_head, 1) ){
$co_include_head = '';
$error_msg = '/data/file/ 또는 /data/editor/ 포함된 문자를 상단 파일 경로에 포함시킬수 없습니다.';
}
if( $co_include_tail && ! is_include_path_check($co_include_tail, 1) ){
$co_include_tail = '';
$error_msg = '/data/file/ 또는 /data/editor/ 포함된 문자를 단 파일 경로에 포함시킬수 없습니다.';
}
if( function_exists('filter_input_include_path') ){
$co_include_head = filter_input_include_path($co_include_head);
$co_include_tail = filter_input_include_path($co_include_tail);
}
$co_seo_title = exist_seo_title_recursive('content', generate_seo_title($co_subject), $g5['content_table'], $co_id);
$sql_common = " co_include_head = '$co_include_head',
co_include_tail = '$co_include_tail',
co_html = '$co_html',
co_tag_filter_use = '$co_tag_filter_use',
co_subject = '$co_subject',
co_content = '$co_content',
co_mobile_content = '$co_mobile_content',
co_seo_title = '$co_seo_title',
co_skin = '$co_skin',
co_mobile_skin = '$co_mobile_skin' ";
if ($w == "")
{
$row = $co_row;
if (isset($row['co_id']) && $row['co_id'])
alert("이미 같은 ID로 등록된 내용이 있습니다.");
$sql = " insert {$g5['content_table']}
set co_id = '$co_id',
$sql_common ";
sql_query($sql);
}
else if ($w == "u")
{
$sql = " update {$g5['content_table']}
set $sql_common
where co_id = '$co_id' ";
sql_query($sql);
}
else if ($w == "d")
{
@unlink(G5_DATA_PATH."/content/{$co_id}_h");
@unlink(G5_DATA_PATH."/content/{$co_id}_t");
$sql = " delete from {$g5['content_table']} where co_id = '$co_id' ";
sql_query($sql);
}
if(function_exists('get_admin_captcha_by'))
get_admin_captcha_by('remove');
g5_delete_cache_by_prefix('content-'.$co_id.'-');
if ($w == "" || $w == "u")
{
if ($_FILES['co_himg']['name'])
{
$dest_path = G5_DATA_PATH."/content/".$co_id."_h";
@move_uploaded_file($_FILES['co_himg']['tmp_name'], $dest_path);
@chmod($dest_path, G5_FILE_PERMISSION);
}
if ($_FILES['co_timg']['name'])
{
$dest_path = G5_DATA_PATH."/content/".$co_id."_t";
@move_uploaded_file($_FILES['co_timg']['tmp_name'], $dest_path);
@chmod($dest_path, G5_FILE_PERMISSION);
}
if( $error_msg ){
alert($error_msg, "./contentform.php?w=u&amp;co_id=$co_id");
} else {
goto_url("./contentform.php?w=u&amp;co_id=$co_id");
}
}
else
{
goto_url("./contentlist.php");
}
<?php
$sub_menu = '300600';
require_once './_common.php';
if ($w == "u" || $w == "d") {
check_demo();
}
if ($w == 'd') {
auth_check_menu($auth, $sub_menu, "d");
} else {
auth_check_menu($auth, $sub_menu, "w");
}
check_admin_token();
$co_row = array('co_id' => '', 'co_include_head' => '', 'co_include_tail' => '');
if ($w == "" || $w == "u") {
if (isset($_REQUEST['co_id']) && preg_match("/[^a-z0-9_]/i", $_REQUEST['co_id'])) {
alert("ID 는 영문자, 숫자, _ 만 가능합니다.");
}
$sql = " select * from {$g5['content_table']} where co_id = '$co_id' ";
$co_row = sql_fetch($sql);
}
$co_id = isset($_REQUEST['co_id']) ? preg_replace('/[^a-z0-9_]/i', '', $_REQUEST['co_id']) : '';
$co_subject = isset($_POST['co_subject']) ? strip_tags(clean_xss_attributes($_POST['co_subject'])) : '';
$co_include_head = isset($_POST['co_include_head']) ? preg_replace(array("#[\\\]+$#", "#(<\?php|<\?)#i"), "", substr($_POST['co_include_head'], 0, 255)) : '';
$co_include_tail = isset($_POST['co_include_tail']) ? preg_replace(array("#[\\\]+$#", "#(<\?php|<\?)#i"), "", substr($_POST['co_include_tail'], 0, 255)) : '';
$co_tag_filter_use = isset($_POST['co_tag_filter_use']) ? (int) $_POST['co_tag_filter_use'] : 1;
$co_himg_del = (isset($_POST['co_himg_del']) && $_POST['co_himg_del']) ? 1 : 0;
$co_timg_del = (isset($_POST['co_timg_del']) && $_POST['co_timg_del']) ? 1 : 0;
$co_html = isset($_POST['co_html']) ? (int) $_POST['co_html'] : 0;
$co_content = isset($_POST['co_content']) ? $_POST['co_content'] : '';
$co_mobile_content = isset($_POST['co_mobile_content']) ? $_POST['co_mobile_content'] : '';
$co_skin = isset($_POST['co_skin']) ? clean_xss_tags($_POST['co_skin'], 1, 1) : '';
$co_mobile_skin = isset($_POST['co_mobile_skin']) ? clean_xss_tags($_POST['co_mobile_skin'], 1, 1) : '';
// 관리자가 자동등록방지를 사용해야 할 경우
if (((isset($co_row['co_include_head']) && $co_row['co_include_head'] !== $co_include_head) || (isset($co_row['co_include_tail']) && $co_row['co_include_tail'] !== $co_include_tail)) && function_exists('get_admin_captcha_by') && get_admin_captcha_by()) {
include_once G5_CAPTCHA_PATH . '/captcha.lib.php';
if (!chk_captcha()) {
alert('자동등록방지 숫자가 틀렸습니다.');
}
}
@mkdir(G5_DATA_PATH . "/content", G5_DIR_PERMISSION);
@chmod(G5_DATA_PATH . "/content", G5_DIR_PERMISSION);
if ($co_himg_del) {
@unlink(G5_DATA_PATH . "/content/{$co_id}_h");
}
if ($co_timg_del) {
@unlink(G5_DATA_PATH . "/content/{$co_id}_t");
}
$error_msg = '';
if ($co_include_head) {
$file_ext = pathinfo($co_include_head, PATHINFO_EXTENSION);
if (!$file_ext || !in_array($file_ext, array('php', 'htm', 'html')) || !preg_match('/^.*\.(php|htm|html)$/i', $co_include_head)) {
alert('상단 파일 경로의 확장자는 php, htm, html 만 허용합니다.');
}
}
if ($co_include_tail) {
$file_ext = pathinfo($co_include_tail, PATHINFO_EXTENSION);
if (!$file_ext || !in_array($file_ext, array('php', 'htm', 'html')) || !preg_match('/^.*\.(php|htm|html)$/i', $co_include_tail)) {
alert('하단 파일 경로의 확장자는 php, htm, html 만 허용합니다.');
}
}
if ($co_include_head && !is_include_path_check($co_include_head, 1)) {
$co_include_head = '';
$error_msg = '/data/file/ 또는 /data/editor/ 포함된 문자를 단 파일 경로에 포함시킬수 없습니다.';
}
if ($co_include_tail && !is_include_path_check($co_include_tail, 1)) {
$co_include_tail = '';
$error_msg = '/data/file/ 또는 /data/editor/ 포함된 문자를 하단 파일 경로에 포함시킬수 없습니다.';
}
if (function_exists('filter_input_include_path')) {
$co_include_head = filter_input_include_path($co_include_head);
$co_include_tail = filter_input_include_path($co_include_tail);
}
$co_seo_title = exist_seo_title_recursive('content', generate_seo_title($co_subject), $g5['content_table'], $co_id);
$sql_common = " co_include_head = '$co_include_head',
co_include_tail = '$co_include_tail',
co_html = '$co_html',
co_tag_filter_use = '$co_tag_filter_use',
co_subject = '$co_subject',
co_content = '$co_content',
co_mobile_content = '$co_mobile_content',
co_seo_title = '$co_seo_title',
co_skin = '$co_skin',
co_mobile_skin = '$co_mobile_skin' ";
if ($w == "") {
$row = $co_row;
if (isset($row['co_id']) && $row['co_id']) {
alert("이미 같은 ID로 등록된 내용이 있습니다.");
}
$sql = " insert {$g5['content_table']}
set co_id = '$co_id',
$sql_common ";
sql_query($sql);
} elseif ($w == "u") {
$sql = " update {$g5['content_table']}
set $sql_common
where co_id = '$co_id' ";
sql_query($sql);
} elseif ($w == "d") {
@unlink(G5_DATA_PATH . "/content/{$co_id}_h");
@unlink(G5_DATA_PATH . "/content/{$co_id}_t");
$sql = " delete from {$g5['content_table']} where co_id = '$co_id' ";
sql_query($sql);
}
if (function_exists('get_admin_captcha_by')) {
get_admin_captcha_by('remove');
}
g5_delete_cache_by_prefix('content-' . $co_id . '-');
if ($w == "" || $w == "u") {
if ($_FILES['co_himg']['name']) {
$dest_path = G5_DATA_PATH . "/content/" . $co_id . "_h";
@move_uploaded_file($_FILES['co_himg']['tmp_name'], $dest_path);
@chmod($dest_path, G5_FILE_PERMISSION);
}
if ($_FILES['co_timg']['name']) {
$dest_path = G5_DATA_PATH . "/content/" . $co_id . "_t";
@move_uploaded_file($_FILES['co_timg']['tmp_name'], $dest_path);
@chmod($dest_path, G5_FILE_PERMISSION);
}
if ($error_msg) {
alert($error_msg, "./contentform.php?w=u&amp;co_id=$co_id");
} else {
goto_url("./contentform.php?w=u&amp;co_id=$co_id");
}
} else {
goto_url("./contentlist.php");
}

199
adm/contentlist.php
View File

@ -1,97 +1,102 @@
<?php
$sub_menu = '300600';
include_once('./_common.php');
auth_check_menu($auth, $sub_menu, "r");
if( !isset($g5['content_table']) ){
die('<meta charset="utf-8">/data/dbconfig.php 파일에 <strong>$g5[\'content_table\'] = G5_TABLE_PREFIX.\'content\';</strong> 를 추가해 주세요.');
}
//내용(컨텐츠)정보 테이블이 있는지 검사한다.
if(!sql_query(" DESCRIBE {$g5['content_table']} ", false)) {
if(sql_query(" DESCRIBE {$g5['g5_shop_content_table']} ", false)) {
sql_query(" ALTER TABLE {$g5['g5_shop_content_table']} RENAME TO `{$g5['content_table']}` ;", false);
} else {
$query_cp = sql_query(" CREATE TABLE IF NOT EXISTS `{$g5['content_table']}` (
`co_id` varchar(20) NOT NULL DEFAULT '',
`co_html` tinyint(4) NOT NULL DEFAULT '0',
`co_subject` varchar(255) NOT NULL DEFAULT '',
`co_content` longtext NOT NULL,
`co_hit` int(11) NOT NULL DEFAULT '0',
`co_include_head` varchar(255) NOT NULL,
`co_include_tail` varchar(255) NOT NULL,
PRIMARY KEY (`co_id`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 ", true);
// 내용관리 생성
sql_query(" insert into `{$g5['content_table']}` set co_id = 'company', co_html = '1', co_subject = '회사소개', co_content= '<p align=center><b>회사소개에 대한 내용을 입력하십시오.</b></p>' ", false );
sql_query(" insert into `{$g5['content_table']}` set co_id = 'privacy', co_html = '1', co_subject = '개인정보 처리방침', co_content= '<p align=center><b>개인정보 처리방침에 대한 내용을 입력하십시오.</b></p>' ", false );
sql_query(" insert into `{$g5['content_table']}` set co_id = 'provision', co_html = '1', co_subject = '서비스 이용약관', co_content= '<p align=center><b>서비스 이용약관에 대한 내용을 입력하십시오.</b></p>' ", false );
}
}
$g5['title'] = '내용관리';
include_once (G5_ADMIN_PATH.'/admin.head.php');
$sql_common = " from {$g5['content_table']} ";
// 테이블의 전체 레코드수만 얻음
$sql = " select count(*) as cnt " . $sql_common;
$row = sql_fetch($sql);
$total_count = $row['cnt'];
$rows = $config['cf_page_rows'];
$total_page = ceil($total_count / $rows); // 전체 페이지 계산
if ($page < 1) { $page = 1; } // 페이지가 없으면 첫 페이지 (1 페이지)
$from_record = ($page - 1) * $rows; // 시작 열을 구함
$sql = "select * $sql_common order by co_id limit $from_record, {$config['cf_page_rows']} ";
$result = sql_query($sql);
?>
<div class="local_ov01 local_ov">
<?php if ($page > 1) {?><a href="<?php echo $_SERVER['SCRIPT_NAME']; ?>">처음으로</a><?php } ?>
<span class="btn_ov01"><span class="ov_txt">전체 내용</span><span class="ov_num"> <?php echo $total_count; ?>건</span></span>
</div>
<div class="btn_fixed_top">
<a href="./contentform.php" class="btn btn_01">내용 추가</a>
</div>
<div class="tbl_head01 tbl_wrap">
<table>
<caption><?php echo $g5['title']; ?> 목록</caption>
<thead>
<tr>
<th scope="col">ID</th>
<th scope="col">제목</th>
<th scope="col">관리</th>
</tr>
</thead>
<tbody>
<?php for ($i=0; $row=sql_fetch_array($result); $i++) {
$bg = 'bg'.($i%2);
?>
<tr class="<?php echo $bg; ?>">
<td class="td_id"><?php echo $row['co_id']; ?></td>
<td class="td_left"><?php echo htmlspecialchars2($row['co_subject']); ?></td>
<td class="td_mng td_mng_l">
<a href="./contentform.php?w=u&amp;co_id=<?php echo $row['co_id']; ?>" class="btn btn_03"><span class="sound_only"><?php echo htmlspecialchars2($row['co_subject']); ?> </span>수정</a>
<a href="<?php echo get_pretty_url('content', $row['co_id']); ?>" class="btn btn_02"><span class="sound_only"><?php echo htmlspecialchars2($row['co_subject']); ?> </span> 보기</a>
<a href="./contentformupdate.php?w=d&amp;co_id=<?php echo $row['co_id']; ?>" onclick="return delete_confirm(this);" class="btn btn_02"><span class="sound_only"><?php echo htmlspecialchars2($row['co_subject']); ?> </span>삭제</a>
</td>
</tr>
<?php
}
if ($i == 0) {
echo '<tr><td colspan="3" class="empty_table">자료가 한건도 없습니다.</td></tr>';
}
?>
</tbody>
</table>
</div>
<?php echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, "{$_SERVER['SCRIPT_NAME']}?$qstr&amp;page="); ?>
<?php
include_once (G5_ADMIN_PATH.'/admin.tail.php');
<?php
$sub_menu = '300600';
require_once './_common.php';
auth_check_menu($auth, $sub_menu, "r");
if (!isset($g5['content_table'])) {
die('<meta charset="utf-8">/data/dbconfig.php 파일에 <strong>$g5[\'content_table\'] = G5_TABLE_PREFIX.\'content\';</strong> 를 추가해 주세요.');
}
//내용(컨텐츠)정보 테이블이 있는지 검사한다.
if (!sql_query(" DESCRIBE {$g5['content_table']} ", false)) {
if (sql_query(" DESCRIBE {$g5['g5_shop_content_table']} ", false)) {
sql_query(" ALTER TABLE {$g5['g5_shop_content_table']} RENAME TO `{$g5['content_table']}` ;", false);
} else {
$query_cp = sql_query(
" CREATE TABLE IF NOT EXISTS `{$g5['content_table']}` (
`co_id` varchar(20) NOT NULL DEFAULT '',
`co_html` tinyint(4) NOT NULL DEFAULT '0',
`co_subject` varchar(255) NOT NULL DEFAULT '',
`co_content` longtext NOT NULL,
`co_hit` int(11) NOT NULL DEFAULT '0',
`co_include_head` varchar(255) NOT NULL,
`co_include_tail` varchar(255) NOT NULL,
PRIMARY KEY (`co_id`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 ",
true
);
// 내용관리 생성
sql_query(" insert into `{$g5['content_table']}` set co_id = 'company', co_html = '1', co_subject = '회사소개', co_content= '<p align=center><b>회사소개에 대한 내용을 입력하십시오.</b></p>' ", false);
sql_query(" insert into `{$g5['content_table']}` set co_id = 'privacy', co_html = '1', co_subject = '개인정보 처리방침', co_content= '<p align=center><b>개인정보 처리방침에 대한 내용을 입력하십시오.</b></p>' ", false);
sql_query(" insert into `{$g5['content_table']}` set co_id = 'provision', co_html = '1', co_subject = '서비스 이용약관', co_content= '<p align=center><b>서비스 이용약관에 대한 내용을 입력하십시오.</b></p>' ", false);
}
}
$g5['title'] = '내용관리';
require_once G5_ADMIN_PATH . '/admin.head.php';
$sql_common = " from {$g5['content_table']} ";
// 테이블의 전체 레코드수만 얻음
$sql = " select count(*) as cnt " . $sql_common;
$row = sql_fetch($sql);
$total_count = $row['cnt'];
$rows = $config['cf_page_rows'];
$total_page = ceil($total_count / $rows); // 전체 페이지 계산
if ($page < 1) {
$page = 1;
} // 페이지가 없으면 첫 페이지 (1 페이지)
$from_record = ($page - 1) * $rows; // 시작 열을 구함
$sql = "select * $sql_common order by co_id limit $from_record, {$config['cf_page_rows']} ";
$result = sql_query($sql);
?>
<div class="local_ov01 local_ov">
<?php if ($page > 1) { ?><a href="<?php echo $_SERVER['SCRIPT_NAME']; ?>">처음으로</a><?php } ?>
<span class="btn_ov01"><span class="ov_txt">전체 내용</span><span class="ov_num"> <?php echo $total_count; ?>건</span></span>
</div>
<div class="btn_fixed_top">
<a href="./contentform.php" class="btn btn_01">내용 추가</a>
</div>
<div class="tbl_head01 tbl_wrap">
<table>
<caption><?php echo $g5['title']; ?> 목록</caption>
<thead>
<tr>
<th scope="col">ID</th>
<th scope="col">제목</th>
<th scope="col">관리</th>
</tr>
</thead>
<tbody>
<?php for ($i = 0; $row = sql_fetch_array($result); $i++) {
$bg = 'bg' . ($i % 2);
?>
<tr class="<?php echo $bg; ?>">
<td class="td_id"><?php echo $row['co_id']; ?></td>
<td class="td_left"><?php echo htmlspecialchars2($row['co_subject']); ?></td>
<td class="td_mng td_mng_l">
<a href="./contentform.php?w=u&amp;co_id=<?php echo $row['co_id']; ?>" class="btn btn_03"><span class="sound_only"><?php echo htmlspecialchars2($row['co_subject']); ?> </span>수정</a>
<a href="<?php echo get_pretty_url('content', $row['co_id']); ?>" class="btn btn_02"><span class="sound_only"><?php echo htmlspecialchars2($row['co_subject']); ?> </span> 보기</a>
<a href="./contentformupdate.php?w=d&amp;co_id=<?php echo $row['co_id']; ?>" onclick="return delete_confirm(this);" class="btn btn_02"><span class="sound_only"><?php echo htmlspecialchars2($row['co_subject']); ?> </span>삭제</a>
</td>
</tr>
<?php
}
if ($i == 0) {
echo '<tr><td colspan="3" class="empty_table">자료가 한건도 없습니다.</td></tr>';
}
?>
</tbody>
</table>
</div>
<?php echo get_paging(G5_IS_MOBILE ? $config['cf_mobile_pages'] : $config['cf_write_pages'], $page, $total_page, "{$_SERVER['SCRIPT_NAME']}?$qstr&amp;page="); ?>
<?php
require_once G5_ADMIN_PATH . '/admin.tail.php';