firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

Merge branch 'master' into sns

Browse Source 
Conflicts:
	bbs/register_form_update.php
	config.php
	extend/.htaccess
	plugin/kcp/kcpcert.head.skin.php
	skin/board/basic/view_comment.skin.php
This commit is contained in:
gnuboard
2013-05-21 16:06:07 +09:00
parent 811f9a8893 18b5212c86
commit b1b747646b
121 changed files with 1707 additions and 1874 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
adm/admin.lib.php
View File

@ -265,5 +265,5 @@ if (isset($page)) $arr_query[] = 'page='.$page;
$qstr = implode("&", $arr_query);
// 관리자에서는 추가 스크립트는 사용하지 않는다.
$config['cf_add_script'] = '';
//$config['cf_add_script'] = '';
?>

7
adm/auth_list.php
View File

@ -203,13 +203,6 @@ $colspan = 5;
</tbody>
</table>
<fieldset id="admin_confirm">
<legend>XSS 혹은 CSRF 방지</legend>
<p>관리자 권한을 탈취당하는 경우를 대비하여 패스워드를 다시 한번 확인합니다.</p>
<label for="admin_password">관리자 패스워드</label>
<input type="password" name="admin_password" id="admin_password" required class="required frm_input">
</fieldset>
<div class="btn_confirm">
<input type="submit" value="완료" class="btn_submit">
</div>

4
adm/auth_update.php
View File

@ -11,10 +11,6 @@ if (!$mb['mb_id'])
check_token();
if ($member['mb_password'] != sql_password($_POST['admin_password'])) {
alert('패스워드가 다릅니다.');
}
$sql = " insert into {$g4['auth_table']}
set mb_id = '{$_POST['mb_id']}',
au_menu = '{$_POST['au_menu']}',

7
adm/board_form.php
View File

@ -1164,13 +1164,6 @@ $pg_anchor = '<ul class="anchor">
</table>
</section>
<fieldset id="admin_confirm">
<legend>XSS 혹은 CSRF 방지</legend>
<p>관리자 권한을 탈취당하는 경우를 대비하여 패스워드를 다시 한번 확인합니다.</p>
<label for="admin_password">관리자 패스워드<strong class="sound_only">필수</strong></label>
<input type="password" name="admin_password" id="admin_password" required class="required frm_input">
</fieldset>
<div class="btn_confirm">
<p>
작성하신 내용을 제출하시려면 <strong>확인</strong> 버튼을, 작성을 취소하고 목록으로 돌아가시려면 <strong>목록</strong> 링크를 누르세요.

9
adm/board_form_update.php
View File

@ -7,15 +7,6 @@ if ($w == 'u')
auth_check($auth[$sub_menu], 'w');
if ($_POST['admin_password']) {
if ($member['mb_password'] != sql_password($_POST['admin_password'])) {
alert('관리자 패스워드가 틀립니다.');
}
} else {
alert('관리자 패스워드를 입력하세요.');
}
if (!$_POST['gr_id']) { alert('그룹 ID는 반드시 선택하세요.'); }
if (!$bo_table) { alert('게시판 TABLE명은 반드시 입력하세요.'); }
if (!preg_match("/^([A-Za-z0-9_]{1,20})$/", $bo_table)) { alert('게시판 TABLE명은 공백없이 영문자, 숫자, _ 만 사용 가능합니다. (20자 이내)'); }

1
adm/board_list.php
View File

@ -167,7 +167,6 @@ $colspan = 15;
<input type="submit" name="act_button" value="선택수정" onclick="document.pressed=this.value">
<?php if ($is_admin == 'super') { ?>
<input type="submit" name="act_button" value="선택삭제" onclick="document.pressed=this.value">
<a href="./board_form.php">게시판추가</a>
<?php } ?>
</div>

2
adm/boardgroupmember_list.php
View File

@ -111,7 +111,7 @@ $colspan = 7;
<td class="td_grid"><?php echo $group ?></td>
<td class="td_mbid"><?php echo $row['mb_id'] ?></td>
<td class="td_mbname"><?php echo $row['mb_name'] ?></td>
<td class="td_name"><?php echo $mb_nick ?></td>
<td class="td_name sv_use"><?php echo $mb_nick ?></td>
<td class="td_time"><?php echo substr($row['mb_today_login'],2,8) ?></td>
<td class="td_time"><?php echo $row['gm_datetime'] ?></td>
</tr>

19
adm/config_form.php
View File

@ -27,23 +27,25 @@ if (!isset($config['cf_mobile_new_skin'])) {
if(!isset($config['cf_gcaptcha_mp3'])) {
sql_query(" ALTER TABLE `{$g4['config_table']}`
ADD `cf_gcaptcha_mp3` VARCHAR(255) NOT NULL DEFAULT '' AFTER `cf_mobile_member_skin` ", TRUE);
ADD `cf_gcaptcha_mp3` VARCHAR(255) NOT NULL DEFAULT '' AFTER `cf_mobile_member_skin` ", true);
}
if(!isset($config['cf_kcpcert_site_cd'])) {
sql_query(" ALTER TABLE `{$g4['config_table']}`
ADD `cf_kcpcert_site_cd` VARCHAR(255) NOT NULL DEFAULT '' AFTER `cf_memo_send_point` ", TRUE);
ADD `cf_kcpcert_site_cd` VARCHAR(255) NOT NULL DEFAULT '' AFTER `cf_memo_send_point` ", true);
}
if(!isset($config['cf_kcpcert_use'])) {
sql_query(" ALTER TABLE `{$g4['config_table']}`
ADD `cf_kcpcert_use` ENUM('','test','service') NOT NULL DEFAULT '' AFTER `cf_memo_send_point` ", TRUE);
ADD `cf_kcpcert_use` ENUM('','test','service') NOT NULL DEFAULT '' AFTER `cf_memo_send_point` ", true);
}
sql_query(" ALTER TABLE `{$g4['config_table']}` CHANGE `cf_kcpcert_use` `cf_kcpcert_use` ENUM('','test','service') NOT NULL DEFAULT '' ", false);
if(!isset($config['cf_mobile_pages'])) {
sql_query(" ALTER TABLE `{$g4['config_table']}`
ADD `cf_mobile_pages` INT(11) NOT NULL DEFAULT '0' AFTER `cf_write_pages` ", TRUE);
sql_query(" UPDATE `{$g4['config_table']}` SET cf_mobile_pages = '5' ", TRUE);
ADD `cf_mobile_pages` INT(11) NOT NULL DEFAULT '0' AFTER `cf_write_pages` ", true);
sql_query(" UPDATE `{$g4['config_table']}` SET cf_mobile_pages = '5' ", true);
}
if(!isset($config['cf_facebook_use'])) {
@ -765,13 +767,6 @@ $pg_anchor = '<ul class="anchor">
</table>
</section>
<fieldset id="admin_confirm">
<legend>XSS 혹은 CSRF 방지</legend>
<p>관리자 권한을 탈취당하는 경우를 대비하여 패스워드를 다시 한번 확인합니다.</p>
<label for="admin_password">관리자 패스워드<strong class="sound_only">필수</strong></label>
<input type="password" name="admin_password" id="admin_password" required class="required frm_input">
</fieldset>
<div class="btn_confirm">
<p>
작성하신 내용을 제출하시려면 <strong>확인</strong> 버튼을, 작성을 취소하고 목록으로 돌아가시려면 <strong>목록</strong> 링크를 누르세요.

4
adm/config_form_update.php
View File

@ -9,10 +9,6 @@ auth_check($auth[$sub_menu], 'w');
if ($is_admin != 'super')
alert('최고관리자만 접근 가능합니다.');
if ($member['mb_password'] != sql_password($_POST['admin_password'])) {
alert('패스워드가 다릅니다.');
}
$mb = get_member($cf_admin);
if (!$mb['mb_id'])
alert('최고관리자 회원아이디가 존재하지 않습니다.');

4
adm/index.php
View File

@ -99,7 +99,7 @@ $colspan = 12;
<tr>
<td><?php echo $mb_id ?></td>
<td class="td_mbname"><?php echo $row['mb_name'] ?></td>
<td class="td_name"><div><?php echo $mb_nick ?></div></td>
<td class="td_name sv_use"><div><?php echo $mb_nick ?></div></td>
<td class="td_num"><?php echo $row['mb_level'] ?></td>
<td class="td_bignum"><a href="./point_list.php?sfl=mb_id&amp;stx=<?php echo $row['mb_id'] ?>"><?php echo number_format($row['mb_point']) ?></a></td>
<td class="td_boolean"><?php echo $row['mb_mailling']?'예':'아니오'; ?></td>
@ -281,7 +281,7 @@ $colspan = 7;
<tr>
<td class="td_mbid"><a href="./point_list.php?sfl=mb_id&amp;stx=<?php echo $row['mb_id'] ?>"><?php echo $row['mb_id'] ?></a></td>
<td class="td_mbname"><?php echo $row2['mb_name'] ?></td>
<td class="td_name"><div><?php echo $mb_nick ?></div></td>
<td class="td_name sv_use"><div><?php echo $mb_nick ?></div></td>
<td class="td_time"><?php echo $row['po_datetime'] ?></td>
<td><?php echo $link1.$row['po_content'].$link2 ?></td>
<td class="td_bignum"><?php echo number_format($row['po_point']) ?></td>

5
adm/mail_select_form.php
View File

@ -85,7 +85,7 @@ include_once('./admin.head.php');
</select> 에서
<select name="mb_level_to" id="mb_level_to" title="최대권한">
<?php for ($i=1; $i<=10; $i++) { ?>
<option value="<?php echo $i ?>"><?php echo $i ?></option>
<option value="<?php echo $i ?>"<?php echo $i==10 ? " selected" : ""; ?>><?php echo $i ?></option>
<?php } ?>
</select> 까지
</td>
@ -98,8 +98,7 @@ include_once('./admin.head.php');
<?php
$sql = " select gr_id, gr_subject from {$g4['group_table']} order by gr_subject ";
$result = sql_query($sql);
for ($i=0; $row=sql_fetch_array($result); $i++)
{
for ($i=0; $row=sql_fetch_array($result); $i++) {
echo '<option value="'.$row['gr_id'].'">'.$row['gr_subject'].'</option>';
}
?>

5
adm/mail_select_list.php
View File

@ -74,7 +74,6 @@ include_once('./admin.head.php');
<form name="fmailselectlist" id="fmailselectlist" method="post" action="./mail_select_update.php">
<input type="hidden" name="token" value="<?php echo $token ?>">
<input type="hidden" name="ma_id" value="<?php echo $ma_id ?>">
<input type="hidden" name="ma_list" value="<?php echo $ma_list ?>">
<table>
<thead>
<tr>
@ -93,8 +92,7 @@ include_once('./admin.head.php');
$i=0;
$ma_list = "";
$cr = "";
while ($row=sql_fetch_array($result))
{
while ($row=sql_fetch_array($result)) {
$i++;
$ma_list .= $cr . $row['mb_email'] . "||" . $row['mb_id'] . "||" . $row['mb_name'] . "||" . $row['mb_nick'] . "||" . $row['mb_datetime'];
$cr = "\n";
@ -110,6 +108,7 @@ include_once('./admin.head.php');
<?php } ?>
</tbody>
</table>
<textarea name="ma_list" style="display:none"><?=$ma_list?></textarea>
</div>
<div class="btn_confirm">

94
adm/member_form.php
View File

@ -57,38 +57,41 @@ else if ($w == 'u')
else
alert('제대로 된 값이 넘어오지 않았습니다.');
$mailling_no_checked = '';
$sms_no_checked = '';
$open_no_checked = '';
if ($mb['mb_mailling'] == 1) {
$mailling_checked = 'checked="checked"'; //메일수신
// 휴대폰 본인확인
$mb_hp_certify_yes = $mb['mb_hp_certify'] ? 'checked="checked"' : '';
$mb_hp_certify_no = !$mb['mb_hp_certify'] ? 'checked="checked"' : '';
// 휴대폰 성인인증
$mb_adult_yes = $mb['mb_adult'] ? 'checked="checked"' : '';
$mb_adult_no = !$mb['mb_adult'] ? 'checked="checked"' : '';
//메일수신
$mb_mailling_yes = $mb['mb_mailling'] ? 'checked="checked"' : '';
$mb_mailling_no = !$mb['mb_mailling'] ? 'checked="checked"' : '';
// SMS 수신
$mb_sms_yes = $mb['mb_sms'] ? 'checked="checked"' : '';
$mb_sms_no = !$mb['mb_sms'] ? 'checked="checked"' : '';
// 정보 공개
$mb_open_yes = $mb['mb_open'] ? 'checked="checked"' : '';
$mb_open_no = !$mb['mb_open'] ? 'checked="checked"' : '';
if (isset($mb['mb_hp_certify'])) {
// 날짜시간형이라면 drop 시킴
if (preg_match("/-/", $mb['mb_hp_certify'])) {
sql_query(" ALTER TABLE `{$g4['member_table']}` DROP `mb_hp_certify` ", false);
}
} else {
$mailing_checked = '';
$mailling_no_checked = 'checked="checked"';
sql_query(" ALTER TABLE `{$g4['member_table']}` ADD `mb_hp_certify` TINYINT NOT NULL DEFAULT '0' AFTER `mb_hp` ", false);
}
if ($mb['mb_sms']) {
$sms_checked = 'checked="checked"'; // SMS 수신
if(isset($mb['mb_adult'])) {
sql_query(" ALTER TABLE `{$g4['member_table']}` CHANGE `mb_adult` `mb_adult` TINYINT NOT NULL DEFAULT '0' ", false);
} else {
$sms_checked = '';
$sms_no_checked = 'checked="checked"';
sql_query(" ALTER TABLE `{$g4['member_table']}` ADD `mb_adult` TINYINT NOT NULL DEFAULT '0' AFTER `mb_hp_certify` ", false);
}
if ($mb['mb_open']) {
$open_checked = 'checked="checked"'; // 정보 공개
} else {
$open_checked = '';
$open_no_checked = 'checked="checked"';
}
if(!isset($mb['mb_adult'])) {
sql_query(" ALTER TABLE `{$g4['member_table']}`
ADD `mb_adult` ENUM('N', 'Y') NOT NULL DEFAULT 'N' AFTER `mb_birth`,
ADD `mb_hp_certify` DATETIME NOT NULL DEFAULT '0000-00-00 00:00:00' AFTER `mb_lost_certify` ", false);
}
sql_query(" ALTER TABLE `{$g4['member_table']}` CHANGE `mb_adult` `mb_adult` ENUM('N','Y') NOT NULL DEFAULT 'N' ", false);
if ($mb['mb_intercept_date']) $g4['title'] = "차단된 ";
else $g4['title'] .= "";
$g4['title'] .= '회원 '.$html_title;
@ -141,10 +144,26 @@ include_once('./admin.head.php');
<td><input type="text" name="mb_homepage" value="<?php echo $mb['mb_homepage'] ?>" id="mb_homepage" class="frm_input" maxlength="255" size="15"></td>
</tr>
<tr>
<th scope="row"><label for="mb_tel">전화번호</label></th>
<td><input type="text" name="mb_tel" value="<?php echo $mb['mb_tel'] ?>" id="mb_tel" class="frm_input" size="15" maxlength="20"></td>
<th scope="row"><label for="mb_hp">휴대폰번호</label></th>
<td><input type="text" name="mb_hp" value="<?php echo $mb['mb_hp'] ?>" id="mb_hp" class="frm_input" size="15" maxlength="20"></td>
<th scope="row"><label for="mb_tel">전화번호</label></th>
<td><input type="text" name="mb_tel" value="<?php echo $mb['mb_tel'] ?>" id="mb_tel" class="frm_input" size="15" maxlength="20"></td>
</tr>
<tr>
<th scope="row">휴대폰 본인확인</th>
<td>
<input type="radio" name="mb_hp_certify" value="1" id="mb_hp_certify_yes" <?php echo $mb_hp_certify_yes; ?>>
<label for="mb_hp_certify_yes">예</label>
<input type="radio" name="mb_hp_certify" value="0" id="mb_hp_certify_no" <?php echo $mb_hp_certify_no; ?>>
<label for="mb_hp_certify_no">아니오</label>
</td>
<th scope="row"><label for="mb_adult">휴대폰 성인인증</label></th>
<td>
<input type="radio" name="mb_adult" value="1" id="mb_adult_yes" <?php echo $mb_adult_yes; ?>>
<label for="mb_adult_yes">예</label>
<input type="radio" name="mb_adult" value="0" id="mb_adult_no" <?php echo $mb_adult_no; ?>>
<label for="mb_adult_no">아니오</label>
</td>
</tr>
<tr>
<th scope="row"><label for="mb_zip1">주소</label></th>
@ -181,25 +200,25 @@ include_once('./admin.head.php');
<tr>
<th scope="row">메일 수신</th>
<td>
<input type="radio" name="mb_mailling" value="1" id="mb_mailling_yes" <?php echo $mailling_checked ?>>
<input type="radio" name="mb_mailling" value="1" id="mb_mailling_yes" <?php echo $mb_mailling_yes; ?>>
<label for="mb_mailling_yes">예</label>
<input type="radio" name="mb_mailling" value="0" id="mb_mailling_no" <?php echo $mailling_no_checked ?>>
<input type="radio" name="mb_mailling" value="0" id="mb_mailling_no" <?php echo $mb_mailling_no; ?>>
<label for="mb_mailling_no">아니오</label>
</td>
<th scope="row"><label for="mb_sms_yes">SMS 수신</label></th>
<td>
<input type="radio" name="mb_sms" value="1" id="mb_sms_yes" <?php echo $sms_checked ?>>
<input type="radio" name="mb_sms" value="1" id="mb_sms_yes" <?php echo $mb_sms_yes; ?>>
<label for="mb_sms_yes">예</label>
<input type="radio" name="mb_sms" value="0" id="mb_sms_no" <?php echo $sms_no_checked ?>>
<input type="radio" name="mb_sms" value="0" id="mb_sms_no" <?php echo $mb_sms_no; ?>>
<label for="mb_sms_no">아니오</label>
</td>
</tr>
<tr>
<th scope="row"><label for="mb_open">정보 공개</label></th>
<td colspan="3">
<input type="radio" name="mb_open" value="1" id="mb_open" <?php echo $open_checked ?>>
<input type="radio" name="mb_open" value="1" id="mb_open_yes" <?php echo $mb_open_yes; ?>>
<label for="mb_open">예</label>
<input type="radio" name="mb_open" value="0" id="mb_open_no" <?php echo $open_no_checked ?>>
<input type="radio" name="mb_open" value="0" id="mb_open_no" <?php echo $mb_open_no; ?>>
<label for="mb_open_no">아니오</label>
</td>
</tr>
@ -276,13 +295,6 @@ include_once('./admin.head.php');
</div>
<fieldset id="admin_confirm">
<legend>XSS 혹은 CSRF 방지</legend>
<p>관리자 권한을 탈취 당하는 경우를 대비하여 관리자의 패스워드를 다시 한번 확인합니다.</p>
<label for="admin_password">관리자 패스워드<strong class="sound_only">필수</strong></label>
<input type="password" name="admin_password" id="admin_password" required class="required frm_input">
</fieldset>
<div class="btn_confirm">
<p>
작성하신 내용을 제출하시려면 <strong>확인</strong> 버튼을, 작성을 취소하고 목록으로 돌아가시려면 <strong>목록</strong> 링크를 누르세요.

8
adm/member_form_update.php
View File

@ -10,10 +10,6 @@ auth_check($auth[$sub_menu], 'w');
check_token();
if ($member['mb_password'] != sql_password($_POST['admin_password'])) {
alert('패스워드가 다릅니다.');
}
$mb_id = escape_trim($_POST['mb_id']);
// 휴대폰번호 체크
@ -29,7 +25,9 @@ $sql_common = " mb_name = '{$_POST['mb_name']}',
mb_email = '{$_POST['mb_email']}',
mb_homepage = '{$_POST['mb_homepage']}',
mb_tel = '{$_POST['mb_tel']}',
mb_hp = '$mb_hp',
mb_hp = '{$_POST['mb_hp']}',
mb_hp_certify = '{$_POST['mb_hp_certify']}',
mb_adult = '{$_POST['mb_adult']}',
mb_zip1 = '{$_POST['mb_zip1']}',
mb_zip2 = '{$_POST['mb_zip2']}',
mb_addr1 = '{$_POST['mb_addr1']}',

95
adm/member_list.php
View File

@ -78,7 +78,8 @@ $colspan = 15;
<a href="?sst=mb_intercept_date&amp;sod=desc&amp;sfl=<?php echo $sfl ?>&amp;stx=<?php echo $stx ?>">차단 <?php echo number_format($intercept_count) ?></a>명,
<a href="?sst=mb_leave_date&amp;sod=desc&amp;sfl=<?php echo $sfl ?>&amp;stx=<?php echo $stx ?>">탈퇴 <?php echo number_format($leave_count) ?></a>명
</span>
<select name="sfl" title="검색대상">
<label for="sfl" class="sound_only">검색대상</label>
<select name="sfl">
<option value="mb_id"<?php echo get_selected($_GET['sfl'], "mb_id"); ?>>회원아이디</option>
<option value="mb_nick"<?php echo get_selected($_GET['sfl'], "mb_nick"); ?>>별명</option>
<option value="mb_name"<?php echo get_selected($_GET['sfl'], "mb_name"); ?>>이름</option>
@ -91,7 +92,8 @@ $colspan = 15;
<option value="mb_ip"<?php echo get_selected($_GET['sfl'], "mb_ip"); ?>>IP</option>
<option value="mb_recommend"<?php echo get_selected($_GET['sfl'], "mb_recommend"); ?>>추천인</option>
</select>
<input type="text" name="stx" value="<?php echo $stx ?>" title="검색어(필수)" required class="required frm_input">
<label for="stx" class="sound_only">검색어<strong class="sound_only"> 필수</strong></label>
<input type="text" name="stx" value="<?php echo $stx ?>" id="stx" required class="required frm_input">
<input type="submit" class="btn_submit" value="검색">
</fieldset>
</form>
@ -116,20 +118,27 @@ $colspan = 15;
<table class="tbl_mb_list">
<thead>
<tr>
<th scope="col"><input type="checkbox" name="chkall" value="1" id="chkall" title="현재 페이지 회원 전체선택" onclick="check_all(this.form)"></th>
<th scope="col" rowspan="2"><input type="checkbox" name="chkall" value="1" id="chkall" title="현재 페이지 회원 전체선택" onclick="check_all(this.form)"></th>
<th scope="col"><?php echo subject_sort_link('mb_id') ?>회원아이디</a></th>
<th scope="col"><?php echo subject_sort_link('mb_nick') ?>별명</a></th>
<th scope="col"><?php echo subject_sort_link('mb_name') ?>이름</a></th>
<th scope="col"><?php echo subject_sort_link('mb_level', '', 'desc') ?>권한</a></th>
<th scope="col"><?php echo subject_sort_link('mb_point', '', 'desc') ?> 포인트</a></th>
<th scope="col">휴대폰</th>
<th scope="col" colspan="6">주소</th>
<th scope="col"><?php echo subject_sort_link('mb_today_login', '', 'desc') ?>최종접속</a></th>
<th scope="col"><?php echo subject_sort_link('mb_point', '', 'desc') ?> 포인트</a></th>
<th scope="col" rowspan="2">관리</th>
</tr>
<tr>
<th scope="col"><?php echo subject_sort_link('mb_nick') ?>별명</a></th>
<th scope="col">상태/<?php echo subject_sort_link('mb_level', '', 'desc') ?>권한</a></th>
<th scope="col">전화번호</th>
<th scope="col"><?php echo subject_sort_link('mb_email_certify', '', 'desc') ?>메일<br>인증</a></th>
<th scope="col"><?php echo subject_sort_link('mb_mailling', '', 'desc') ?>메일<br>수신</a></th>
<th scope="col"><?php echo subject_sort_link('mb_open', '', 'desc') ?>정보<br>공개</a></th>
<th scope="col"><?php echo subject_sort_link('mb_hp_certify', '', 'desc') ?>본인<br>확인</a></th>
<th scope="col"><?php echo subject_sort_link('mb_adult', '', 'desc') ?>성인<br>인증</a></th>
<th scope="col"><?php echo subject_sort_link('mb_intercept_date', '', 'desc') ?>접근<br>차단</a></th>
<th scope="col"><?php echo subject_sort_link('mb_datetime', '', 'desc') ?>가입일</a></th>
<th scope="col"><?php echo subject_sort_link('mb_mailling', '', 'desc') ?>수신</a></th>
<th scope="col"><?php echo subject_sort_link('mb_open', '', 'desc') ?>공개</a></th>
<th scope="col"><?php echo subject_sort_link('mb_email_certify', '', 'desc') ?>인증</a></th>
<th scope="col"><?php echo subject_sort_link('mb_intercept_date', '', 'desc') ?>차단</a></th>
<th scope="col">그룹</th>
<th scope="col">관리</th>
<th scope="col" title="접근가능한 그룹수">접근그룹</th>
</tr>
</thead>
<tbody>
@ -142,13 +151,10 @@ $colspan = 15;
if ($row2['cnt'])
$group = '<a href="./boardgroupmember_form.php?mb_id='.$row['mb_id'].'">'.$row2['cnt'].'</a>';
if ($is_admin == 'group')
{
if ($is_admin == 'group') {
$s_mod = '';
$s_del = '';
}
else
{
} else {
$s_mod = '<a href="./member_form.php?'.$qstr.'&amp;w=u&amp;mb_id='.$row['mb_id'].'">수정</a>';
//$s_del = '<a href="javascript:post_delete(\'member_delete.php\', \''.$row['mb_id'].'\');">삭제</a>';
}
@ -165,42 +171,58 @@ $colspan = 15;
$intercept_title = '';
if ($row['mb_leave_date']) {
$mb_id = $mb_id;
$leave_msg = '<br>탈퇴함';
$leave_msg = '<span class="mb_leave_msg">탈퇴함</span>';
}
else if ($row['mb_intercept_date']) {
$mb_id = $mb_id;
$intercept_msg = '<br>차단됨';
$intercept_msg = '<span class="mb_intercept_msg">차단됨</span>';
$intercept_title = '차단해제';
}
if ($intercept_title == '')
$intercept_title = '차단하기';
$address = $row['mb_zip1'] ? $row['mb_addr1'].' '.$row['mb_addr2'] : '';
$tr_bg = '';
if ($i%2 == 0) $tr_bg = 'class="tr_bg"';
?>
<tr>
<td class="td_chk">
<tr <?php echo $tr_bg; ?>>
<td class="td_chk" rowspan="2">
<input type="hidden" name="mb_id[<?php echo $i ?>]" value="<?php echo $row['mb_id'] ?>" id="mb_id_<?php echo $i ?>">
<input type="checkbox" name="chk[]" value="<?php echo $i ?>" id="chk_<?php echo $i ?>" title="회원선택">
<label for="chk_<?php echo $i; ?>" class="sound_only">회원선택</label>
<input type="checkbox" name="chk[]" value="<?php echo $i ?>" id="chk_<?php echo $i ?>">
</td>
<td class="td_mbid">
<?php echo $mb_id ?>
<span><?php echo $leave_msg ?><?php echo $intercept_msg ?></span>
</td>
<td class="td_name"><div><?php echo $mb_nick ?></div></td>
<td class="td_mbname"><?php echo $row['mb_name'] ?></td>
<td><?php echo get_member_level_select("mb_level[$i]", 1, $member['mb_level'], $row['mb_level']) ?></td>
<td class="td_name sv_use"><?php echo $mb_id ?></td>
<td class="td_mbname"><?php echo $row['mb_name']; ?></td>
<td><?php echo $row['mb_hp']; ?></td>
<td colspan="6" class="td_addr"><?php echo $address; ?></td>
<td><?php echo substr($row['mb_today_login'],2,8); ?></td>
<td class="td_bignum"><a href="point_list.php?sfl=mb_id&amp;stx=<?php echo $row['mb_id'] ?>"><?php echo number_format($row['mb_point']) ?></a></td>
<td><?php echo substr($row['mb_today_login'],2,8) ?></td>
<td><?php echo substr($row['mb_datetime'],2,8) ?></td>
<td><?php echo $row['mb_mailling']?'<span class="txt_true">Yes</span>':'<span class="txt_false">No</span>'; ?></td>
<td><?php echo $row['mb_open']?'<span class="txt_true">Yes</span>':'<span class="txt_false">No</span>'; ?></td>
<td><?php echo preg_match('/[1-9]/', $row['mb_email_certify'])?'<span class="txt_true">Yes</span>':'<span class="txt_false">No</span>'; ?></td>
<td rowspan="2"><?php echo $s_mod ?><br><?php echo $s_grp ?></td>
</tr>
<tr <?php echo $tr_bg; ?>>
<td class="td_name sv_use"><div><?php echo $mb_nick ?></div></td>
<td class="">
<?php
if ($leave_msg || $intercept_msg) echo $leave_msg.' '.$intercept_msg;
else echo "정상";
?>
<?php echo get_member_level_select("mb_level[$i]", 1, $member['mb_level'], $row['mb_level']) ?>
</td>
<td><?php echo $row['mb_tel']; ?></td>
<td class="td_chk"><?php echo preg_match('/[1-9]/', $row['mb_email_certify'])?'<span class="txt_true">Yes</span>':'<span class="txt_false">No</span>'; ?></td>
<td class="td_chk"><input type="checkbox" name="mb_mailling[<?php echo $i; ?>]" <?php echo $row['mb_mailling']?'checked':''; ?> value="1"></td>
<td class="td_chk"><input type="checkbox" name="mb_open[<?php echo $i; ?>]" <?php echo $row['mb_open']?'checked':''; ?> value="1"></td>
<td class="td_chk"><input type="checkbox" name="mb_hp_certify[<?php echo $i; ?>]" <?php echo $row['mb_hp_certify']?'checked':''; ?> value="1"></td>
<td class="td_chk"><input type="checkbox" name="mb_adult[<?php echo $i; ?>]" <?php echo $row['mb_adult']?'checked':''; ?> value="1"></td>
<td class="td_chk">
<?php if(empty($row['mb_leave_date'])){ ?>
<input type="checkbox" name="mb_intercept_date[<?php echo $i ?>]" <?php echo $row['mb_intercept_date']?'checked':''; ?> value="<?php echo $intercept_date ?>" id="mb_intercept_date_<?php echo $i ?>" title="<?php echo $intercept_title ?>">
<input type="checkbox" name="mb_intercept_date[<?php echo $i; ?>]" <?php echo $row['mb_intercept_date']?'checked':''; ?> value="<?php echo $intercept_date ?>" id="mb_intercept_date_<?php echo $i ?>" title="<?php echo $intercept_title ?>">
<?php } ?>
</td>
<td><?php echo substr($row['mb_datetime'],2,8); ?></td>
<td class="td_chk"><?php echo $group ?></td>
<td><?php echo $s_mod ?> <?php echo $s_grp ?></td>
</tr>
<?php
@ -213,7 +235,6 @@ $colspan = 15;
<div class="btn_list">
<input type="submit" name="act_button" value="선택수정" onclick="document.pressed=this.value">
<input type="submit" name="act_button" value="선택삭제" onclick="document.pressed=this.value">
<?php if ($is_admin == 'super') { ?><a href="./member_form.php">회원추가</a><?php } ?>
</div>
</form>

6
adm/member_list_update.php
View File

@ -28,7 +28,11 @@ if ($_POST['act_button'] == "선택수정") {
} else {
$sql = " update {$g4['member_table']}
set mb_level = '{$_POST['mb_level'][$k]}',
mb_intercept_date = '{$_POST['mb_intercept_date'][$k]}'
mb_intercept_date = '{$_POST['mb_intercept_date'][$k]}',
mb_mailling = '{$_POST['mb_mailling'][$k]}',
mb_open = '{$_POST['mb_open'][$k]}',
mb_hp_certify = '{$_POST['mb_hp_certify'][$k]}',
mb_adult = '{$_POST['mb_adult'][$k]}'
where mb_id = '{$_POST['mb_id'][$k]}' ";
sql_query($sql);
}

9
adm/point_list.php
View File

@ -150,7 +150,7 @@ function point_clear()
</td>
<td class="td_mbid"><a href="?sfl=mb_id&amp;stx=<?php echo $row['mb_id'] ?>"><?php echo $row['mb_id'] ?></a></td>
<td class="td_mbname"><?php echo $row2['mb_name'] ?></td>
<td class="td_name"><div><?php echo $mb_nick ?></div></td>
<td class="td_name sv_use"><div><?php echo $mb_nick ?></div></td>
<td class="td_time"><?php echo $row['po_datetime'] ?></td>
<td class="td_pt_log"><?php echo $link1 ?><?php echo $row['po_content'] ?><?php echo $link2 ?></td>
<td class="td_num td_pt"><?php echo number_format($row['po_point']) ?></td>
@ -207,13 +207,6 @@ function point_clear()
</tbody>
</table>
<fieldset id="admin_confirm">
<legend>XSS 혹은 CSRF 방지</legend>
<p>관리자 권한을 탈취당하는 경우를 대비하여 패스워드를 다시 한번 확인합니다.</p>
<label for="admin_password">관리자패스워드<strong class="sound_only">필수</strong></label>
<input type="password" name="admin_password" id="admin_password" required class="required frm_input">
</fieldset>
<div class="btn_confirm">
<input type="submit" value="확인" class="btn_submit">
</div>

4
adm/point_update.php
View File

@ -6,10 +6,6 @@ auth_check($auth[$sub_menu], 'w');
check_token();
if ($member['mb_password'] != sql_password($_POST['admin_password'])) {
alert('패스워드가 다릅니다.');
}
$mb_id = $_POST['mb_id'];
$po_point = $_POST['po_point'];
$po_content = $_POST['po_content'];