기타 추적되지 않는 파일들..
This commit is contained in:
@ -685,10 +685,6 @@ function html_purifier($html)
|
||||
)
|
||||
);
|
||||
|
||||
// 커스텀 URI 필터 등록
|
||||
$def = $config->getDefinition('URI', true); // URI 정의 가져오기
|
||||
$def->addFilter(new HTMLPurifierContinueParamFilter(), $config); // 커스텀 필터 추가
|
||||
|
||||
$purifier = new HTMLPurifier($config);
|
||||
|
||||
return run_replace('html_purifier_result', $purifier->purify($html), $purifier, $html);
|
||||
@ -2535,10 +2531,6 @@ function get_uniqid()
|
||||
{
|
||||
global $g5;
|
||||
|
||||
if ($get_uniqid_key = run_replace('get_uniqid_key', '')) {
|
||||
return $get_uniqid_key;
|
||||
}
|
||||
|
||||
sql_query(" LOCK TABLE {$g5['uniqid_table']} WRITE ");
|
||||
while (1) {
|
||||
// 년월일시분초에 100분의 1초 두자리를 추가함 (1/100 초 앞에 자리가 모자르면 0으로 채움)
|
||||
@ -4119,9 +4111,15 @@ function safe_replace_regex($str, $str_case=''){
|
||||
return preg_replace('/[^0-9a-z_\-]/i', '', $str);
|
||||
}
|
||||
|
||||
function get_real_client_ip() {
|
||||
|
||||
return run_replace('get_real_client_ip', $_SERVER['REMOTE_ADDR']);
|
||||
function get_real_client_ip(){
|
||||
|
||||
$real_ip = $_SERVER['REMOTE_ADDR'];
|
||||
|
||||
if(isset($_SERVER['HTTP_X_FORWARDED_FOR']) && preg_match('/^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\z/', $_SERVER['HTTP_X_FORWARDED_FOR']) ){
|
||||
$real_ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
|
||||
}
|
||||
|
||||
return preg_replace('/[^0-9.]/', '', $real_ip);
|
||||
}
|
||||
|
||||
function check_mail_bot($ip=''){
|
||||
@ -4190,14 +4188,7 @@ function is_include_path_check($path='', $is_input='')
|
||||
if ( $peer_count && $peer_count > $slash_count ){
|
||||
return false;
|
||||
}
|
||||
|
||||
$dirname_doc_root = !empty($_SERVER['DOCUMENT_ROOT']) ? dirname($_SERVER['DOCUMENT_ROOT']) : dirname(dirname(dirname(__DIR__)));
|
||||
|
||||
// 웹서버 폴더만 허용
|
||||
if ($dirname_doc_root && file_exists($path) && strpos(realpath($path), realpath($dirname_doc_root)) !== 0) {
|
||||
return false;
|
||||
}
|
||||
|
||||
|
||||
try {
|
||||
// whether $path is unix or not
|
||||
$unipath = strlen($path)==0 || substr($path, 0, 1) != '/';
|
||||
@ -4233,8 +4224,8 @@ function is_include_path_check($path='', $is_input='')
|
||||
//echo 'Caught exception: ', $e->getMessage(), "\n";
|
||||
return false;
|
||||
}
|
||||
|
||||
if (preg_match('/\/data\/(file|editor|qa|cache|member|member_image|session|tmp)\/[A-Za-z0-9_]{1,20}\//i', $replace_path) || preg_match('/pear(cmd)?\.php/i', $replace_path)){
|
||||
|
||||
if( preg_match('/\/data\/(file|editor|qa|cache|member|member_image|session|tmp)\/[A-Za-z0-9_]{1,20}\//i', $replace_path) ){
|
||||
return false;
|
||||
}
|
||||
if( preg_match('/'.G5_PLUGIN_DIR.'\//i', $replace_path) && (preg_match('/'.G5_OKNAME_DIR.'\//i', $replace_path) || preg_match('/'.G5_KCPCERT_DIR.'\//i', $replace_path) || preg_match('/'.G5_LGXPAY_DIR.'\//i', $replace_path)) || (preg_match('/search\.skin\.php/i', $replace_path) ) ){
|
||||
|
||||
@ -2641,10 +2641,10 @@ function make_order_field($data, $exclude)
|
||||
|
||||
if(is_array($value)) {
|
||||
foreach($value as $k=>$v) {
|
||||
$field .= '<input type="hidden" name="'.get_text($key.'['.$k.']').'" value="'.get_text($v).'">'.PHP_EOL;
|
||||
$field .= '<input type="hidden" name="'.$key.'['.$k.']" value="'.get_text($v).'">'.PHP_EOL;
|
||||
}
|
||||
} else {
|
||||
$field .= '<input type="hidden" name="'.get_text($key).'" value="'.get_text($value).'">'.PHP_EOL;
|
||||
$field .= '<input type="hidden" name="'.$key.'" value="'.get_text($value).'">'.PHP_EOL;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@ -212,15 +212,18 @@ function shop_exist_check_seo_title($seo_title, $type, $shop_item_table, $it_id)
|
||||
function shop_seo_title_update($it_id, $is_edit=false){
|
||||
global $g5;
|
||||
|
||||
$shop_item_cache = $is_edit ? false : true;
|
||||
$shop_item_cache = $is_edit ? false : true;
|
||||
$item = get_shop_item($it_id, $shop_item_cache);
|
||||
|
||||
if( (! $item['it_seo_title'] || $is_edit) && $item['it_name'] ){
|
||||
$has_seo_title = isset($item['it_seo_title']) ? $item['it_seo_title'] : null;
|
||||
$has_name = isset($item['it_name']) ? $item['it_name'] : null;
|
||||
|
||||
if ((!$has_seo_title || $is_edit) && $has_name) {
|
||||
$it_seo_title = exist_seo_title_recursive('shop', generate_seo_title($item['it_name']), $g5['g5_shop_item_table'], $item['it_id']);
|
||||
|
||||
if( isset($item['it_seo_title']) && $it_seo_title !== $item['it_seo_title'] ){
|
||||
$sql = " update `{$g5['g5_shop_item_table']}` set it_seo_title = '{$it_seo_title}' where it_id = '{$item['it_id']}' ";
|
||||
if ($has_seo_title !== $it_seo_title) {
|
||||
$sql = "UPDATE `{$g5['g5_shop_item_table']}` SET it_seo_title = '{$it_seo_title}' WHERE it_id = '{$item['it_id']}' ";
|
||||
sql_query($sql);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user