firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

기타 추적되지 않는 파일들..

Browse Source
This commit is contained in:
KWON
2025-07-02 14:16:37 +09:00
parent 2d7bbdca89
commit b6080d2e47
74 changed files with 14184 additions and 2028 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
lib/common.lib.php
View File

@ -685,10 +685,6 @@ function html_purifier($html)
)
);
// 커스텀 URI 필터 등록
$def = $config->getDefinition('URI', true); // URI 정의 가져오기
$def->addFilter(new HTMLPurifierContinueParamFilter(), $config); // 커스텀 필터 추가
$purifier = new HTMLPurifier($config);
return run_replace('html_purifier_result', $purifier->purify($html), $purifier, $html);
@ -2535,10 +2531,6 @@ function get_uniqid()
{
global $g5;
if ($get_uniqid_key = run_replace('get_uniqid_key', '')) {
return $get_uniqid_key;
}
sql_query(" LOCK TABLE {$g5['uniqid_table']} WRITE ");
while (1) {
// 년월일시분초에 100분의 1초 두자리를 추가함 (1/100 초 앞에 자리가 모자르면 0으로 채움)
@ -4119,9 +4111,15 @@ function safe_replace_regex($str, $str_case=''){
return preg_replace('/[^0-9a-z_\-]/i', '', $str);
}
function get_real_client_ip() {
return run_replace('get_real_client_ip', $_SERVER['REMOTE_ADDR']);
function get_real_client_ip(){
$real_ip = $_SERVER['REMOTE_ADDR'];
if(isset($_SERVER['HTTP_X_FORWARDED_FOR']) && preg_match('/^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\z/', $_SERVER['HTTP_X_FORWARDED_FOR']) ){
$real_ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
}
return preg_replace('/[^0-9.]/', '', $real_ip);
}
function check_mail_bot($ip=''){
@ -4190,14 +4188,7 @@ function is_include_path_check($path='', $is_input='')
if ( $peer_count && $peer_count > $slash_count ){
return false;
}
$dirname_doc_root = !empty($_SERVER['DOCUMENT_ROOT']) ? dirname($_SERVER['DOCUMENT_ROOT']) : dirname(dirname(dirname(__DIR__)));
// 웹서버 폴더만 허용
if ($dirname_doc_root && file_exists($path) && strpos(realpath($path), realpath($dirname_doc_root)) !== 0) {
return false;
}
try {
// whether $path is unix or not
$unipath = strlen($path)==0 || substr($path, 0, 1) != '/';
@ -4233,8 +4224,8 @@ function is_include_path_check($path='', $is_input='')
//echo 'Caught exception: ', $e->getMessage(), "\n";
return false;
}
if (preg_match('/\/data\/(file|editor|qa|cache|member|member_image|session|tmp)\/[A-Za-z0-9_]{1,20}\//i', $replace_path) || preg_match('/pear(cmd)?\.php/i', $replace_path)){
if( preg_match('/\/data\/(file|editor|qa|cache|member|member_image|session|tmp)\/[A-Za-z0-9_]{1,20}\//i', $replace_path) ){
return false;
}
if( preg_match('/'.G5_PLUGIN_DIR.'\//i', $replace_path) && (preg_match('/'.G5_OKNAME_DIR.'\//i', $replace_path) || preg_match('/'.G5_KCPCERT_DIR.'\//i', $replace_path) || preg_match('/'.G5_LGXPAY_DIR.'\//i', $replace_path)) || (preg_match('/search\.skin\.php/i', $replace_path) ) ){