Merge branch 'master' of github.com:gnuboard/g5
This commit is contained in:
thisgun
@ -106,7 +106,7 @@ include_once('./admin.head.php');
|
|||||||
<?php } ?>
|
<?php } ?>
|
||||||
</tbody>
|
</tbody>
|
||||||
</table>
|
</table>
|
||||||
<textarea name="ma_list" style="display:none"><?=$ma_list?></textarea>
|
<textarea name="ma_list" style="display:none"><?php echo $ma_list?></textarea>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
<div class="btn_confirm01 btn_confirm">
|
<div class="btn_confirm01 btn_confirm">
|
||||||
|
|||||||
@ -15,7 +15,7 @@ $listall = '<a href="'.$_SERVER['SCRIPT_NAME'].'">처음</a>'; //페이지 처
|
|||||||
|
|
||||||
<div class="local_sch local_sch01">
|
<div class="local_sch local_sch01">
|
||||||
<form name="fvisit" method="get" onsubmit="return fvisit_submit(this);">
|
<form name="fvisit" method="get" onsubmit="return fvisit_submit(this);">
|
||||||
<?=$listall?>
|
<?php echo $listall?>
|
||||||
<label for="sch_sort" class="sound_only">검색분류</label>
|
<label for="sch_sort" class="sound_only">검색분류</label>
|
||||||
<select name="sfl" id="sch_sort" class="search_sort">
|
<select name="sfl" id="sch_sort" class="search_sort">
|
||||||
<option value="vi_ip"<?php echo get_selected($sfl, 'vi_ip'); ?>>IP</option>
|
<option value="vi_ip"<?php echo get_selected($sfl, 'vi_ip'); ?>>IP</option>
|
||||||
|
|||||||
@ -29,7 +29,8 @@ for ($i=0; $i<$ext_cnt; $i++) {
|
|||||||
|
|
||||||
function g5_path()
|
function g5_path()
|
||||||
{
|
{
|
||||||
$result['path'] = str_replace('\\', '/', dirname(__FILE__));
|
$chroot = substr($_SERVER['SCRIPT_FILENAME'], 0, strpos($_SERVER['SCRIPT_FILENAME'], dirname(__FILE__)));
|
||||||
|
$result['path'] = str_replace('\\', '/', $chroot.dirname(__FILE__));
|
||||||
$tilde_remove = preg_replace('/^\/\~[^\/]+(.*)$/', '$1', $_SERVER['SCRIPT_NAME']);
|
$tilde_remove = preg_replace('/^\/\~[^\/]+(.*)$/', '$1', $_SERVER['SCRIPT_NAME']);
|
||||||
$document_root = str_replace($tilde_remove, '', $_SERVER['SCRIPT_FILENAME']);
|
$document_root = str_replace($tilde_remove, '', $_SERVER['SCRIPT_FILENAME']);
|
||||||
$pattern = '/' . preg_quote($document_root, '/') . '/i';
|
$pattern = '/' . preg_quote($document_root, '/') . '/i';
|
||||||
|
|||||||
@ -379,6 +379,41 @@ document.onkeydown = noRefresh ;
|
|||||||
$comma = '';
|
$comma = '';
|
||||||
$sql_common = '';
|
$sql_common = '';
|
||||||
|
|
||||||
|
// 모바일 스킨 디렉토리
|
||||||
|
if( ! isset($row['bo_mobile_skin']) ){
|
||||||
|
$row['bo_mobile_skin'] = 'basic';
|
||||||
|
}
|
||||||
|
|
||||||
|
// 모바일 제목 길이
|
||||||
|
if( ! isset($row['bo_mobile_subject_len']) ){
|
||||||
|
$row['bo_mobile_subject_len'] = '30';
|
||||||
|
}
|
||||||
|
|
||||||
|
// 모바일 페이지당 목록 수
|
||||||
|
if( ! isset($row['bo_mobile_page_rows']) ){
|
||||||
|
$row['bo_mobile_page_rows'] = '15';
|
||||||
|
}
|
||||||
|
|
||||||
|
// 갤러리 이미지 폭 ( 리스트 )
|
||||||
|
if( ! isset($row['bo_gallery_width']) ){
|
||||||
|
$row['bo_gallery_width'] = '174';
|
||||||
|
}
|
||||||
|
|
||||||
|
// 갤러리 이미지 높이 ( 리스트 )
|
||||||
|
if( ! isset($row['bo_gallery_height']) ){
|
||||||
|
$row['bo_gallery_height'] = '124';
|
||||||
|
}
|
||||||
|
|
||||||
|
// 모바일 갤러리 이미지 폭 ( 리스트 )
|
||||||
|
if( ! isset($row['bo_mobile_gallery_width']) ){
|
||||||
|
$row['bo_mobile_gallery_width'] = '125';
|
||||||
|
}
|
||||||
|
|
||||||
|
// 모바일 갤러리 이미지 높이 ( 리스트 )
|
||||||
|
if( ! isset($row['bo_mobile_gallery_height']) ){
|
||||||
|
$row['bo_mobile_gallery_height'] = '100';
|
||||||
|
}
|
||||||
|
|
||||||
foreach($row as $key=>$val) {
|
foreach($row as $key=>$val) {
|
||||||
if(!in_array($key, $columns))
|
if(!in_array($key, $columns))
|
||||||
continue;
|
continue;
|
||||||
|
|||||||
@ -2137,6 +2137,10 @@ function check_device($device)
|
|||||||
// 게시판 최신글 캐시 파일 삭제
|
// 게시판 최신글 캐시 파일 삭제
|
||||||
function delete_cache_latest($bo_table)
|
function delete_cache_latest($bo_table)
|
||||||
{
|
{
|
||||||
|
if (!preg_match("/^([A-Za-z0-9_]{1,20})$/", $bo_table)) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
$files = glob(G5_DATA_PATH.'/cache/latest-'.$bo_table.'-*');
|
$files = glob(G5_DATA_PATH.'/cache/latest-'.$bo_table.'-*');
|
||||||
if (is_array($files)) {
|
if (is_array($files)) {
|
||||||
foreach ($files as $filename)
|
foreach ($files as $filename)
|
||||||
|
|||||||
File diff suppressed because it is too large
Load Diff
Binary file not shown.
@ -0,0 +1,16 @@
|
|||||||
|
Core.AggressivelyRemoveScript
|
||||||
|
TYPE: bool
|
||||||
|
VERSION: 4.9.0
|
||||||
|
DEFAULT: true
|
||||||
|
--DESCRIPTION--
|
||||||
|
<p>
|
||||||
|
This directive enables aggressive pre-filter removal of
|
||||||
|
script tags. This is not necessary for security,
|
||||||
|
but it can help work around a bug in libxml where embedded
|
||||||
|
HTML elements inside script sections cause the parser to
|
||||||
|
choke. To revert to pre-4.9.0 behavior, set this to false.
|
||||||
|
This directive has no effect if %Core.Trusted is true,
|
||||||
|
%Core.RemoveScriptContents is false, or %Core.HiddenElements
|
||||||
|
does not contain script.
|
||||||
|
</p>
|
||||||
|
--# vim: et sw=4 sts=4
|
||||||
@ -0,0 +1,36 @@
|
|||||||
|
Core.LegacyEntityDecoder
|
||||||
|
TYPE: bool
|
||||||
|
VERSION: 4.9.0
|
||||||
|
DEFAULT: false
|
||||||
|
--DESCRIPTION--
|
||||||
|
<p>
|
||||||
|
Prior to HTML Purifier 4.9.0, entities were decoded by performing
|
||||||
|
a global search replace for all entities whose decoded versions
|
||||||
|
did not have special meanings under HTML, and replaced them with
|
||||||
|
their decoded versions. We would match all entities, even if they did
|
||||||
|
not have a trailing semicolon, but only if there weren't any trailing
|
||||||
|
alphanumeric characters.
|
||||||
|
</p>
|
||||||
|
<table>
|
||||||
|
<tr><th>Original</th><th>Text</th><th>Attribute</th></tr>
|
||||||
|
<tr><td>&yen;</td><td>¥</td><td>¥</td></tr>
|
||||||
|
<tr><td>&yen</td><td>¥</td><td>¥</td></tr>
|
||||||
|
<tr><td>&yena</td><td>&yena</td><td>&yena</td></tr>
|
||||||
|
<tr><td>&yen=</td><td>¥=</td><td>¥=</td></tr>
|
||||||
|
</table>
|
||||||
|
<p>
|
||||||
|
In HTML Purifier 4.9.0, we changed the behavior of entity parsing
|
||||||
|
to match entities that had missing trailing semicolons in less
|
||||||
|
cases, to more closely match HTML5 parsing behavior:
|
||||||
|
</p>
|
||||||
|
<table>
|
||||||
|
<tr><th>Original</th><th>Text</th><th>Attribute</th></tr>
|
||||||
|
<tr><td>&yen;</td><td>¥</td><td>¥</td></tr>
|
||||||
|
<tr><td>&yen</td><td>¥</td><td>¥</td></tr>
|
||||||
|
<tr><td>&yena</td><td>¥a</td><td>&yena</td></tr>
|
||||||
|
<tr><td>&yen=</td><td>¥=</td><td>&yen=</td></tr>
|
||||||
|
</table>
|
||||||
|
<p>
|
||||||
|
This flag reverts back to pre-HTML Purifier 4.9.0 behavior.
|
||||||
|
</p>
|
||||||
|
--# vim: et sw=4 sts=4
|
||||||
@ -0,0 +1,10 @@
|
|||||||
|
--# vim: et sw=4 sts=4
|
||||||
|
HTML.TargetNoopener
|
||||||
|
TYPE: bool
|
||||||
|
VERSION: 4.8.0
|
||||||
|
DEFAULT: TRUE
|
||||||
|
--DESCRIPTION--
|
||||||
|
If enabled, noopener rel attributes are added to links which have
|
||||||
|
a target attribute associated with them. This prevents malicious
|
||||||
|
destinations from overwriting the original window.
|
||||||
|
--# vim: et sw=4 sts=4
|
||||||
@ -1,5 +1,5 @@
|
|||||||
URI.DefaultScheme
|
URI.DefaultScheme
|
||||||
TYPE: string
|
TYPE: string/null
|
||||||
DEFAULT: 'http'
|
DEFAULT: 'http'
|
||||||
--DESCRIPTION--
|
--DESCRIPTION--
|
||||||
|
|
||||||
@ -7,4 +7,9 @@ DEFAULT: 'http'
|
|||||||
Defines through what scheme the output will be served, in order to
|
Defines through what scheme the output will be served, in order to
|
||||||
select the proper object validator when no scheme information is present.
|
select the proper object validator when no scheme information is present.
|
||||||
</p>
|
</p>
|
||||||
|
|
||||||
|
<p>
|
||||||
|
Starting with HTML Purifier 4.9.0, the default scheme can be null, in
|
||||||
|
which case we reject all URIs which do not have explicit schemes.
|
||||||
|
</p>
|
||||||
--# vim: et sw=4 sts=4
|
--# vim: et sw=4 sts=4
|
||||||
|
|||||||
@ -95,7 +95,10 @@ class HTMLPurifier_Filter_ExtractStyleBlocks extends HTMLPurifier_Filter
|
|||||||
if ($tidy !== null) {
|
if ($tidy !== null) {
|
||||||
$this->_tidy = $tidy;
|
$this->_tidy = $tidy;
|
||||||
}
|
}
|
||||||
$html = preg_replace_callback('#<style(?:\s.*)?>(.+)</style>#isU', array($this, 'styleCallback'), $html);
|
// NB: this must be NON-greedy because if we have
|
||||||
|
// <style>foo</style> <style>bar</style>
|
||||||
|
// we must not grab foo</style> <style>bar
|
||||||
|
$html = preg_replace_callback('#<style(?:\s.*)?>(.*)<\/style>#isU', array($this, 'styleCallback'), $html);
|
||||||
$style_blocks = $this->_styleMatches;
|
$style_blocks = $this->_styleMatches;
|
||||||
$this->_styleMatches = array(); // reset
|
$this->_styleMatches = array(); // reset
|
||||||
$context->register('StyleBlocks', $style_blocks); // $context must not be reused
|
$context->register('StyleBlocks', $style_blocks); // $context must not be reused
|
||||||
|
|||||||
@ -21,7 +21,7 @@ class HTMLPurifier_Lexer_PH5P extends HTMLPurifier_Lexer_DOMLex
|
|||||||
public function tokenizeHTML($html, $config, $context)
|
public function tokenizeHTML($html, $config, $context)
|
||||||
{
|
{
|
||||||
$new_html = $this->normalize($html, $config, $context);
|
$new_html = $this->normalize($html, $config, $context);
|
||||||
$new_html = $this->wrapHTML($new_html, $config, $context);
|
$new_html = $this->wrapHTML($new_html, $config, $context, false /* no div */);
|
||||||
try {
|
try {
|
||||||
$parser = new HTML5($new_html);
|
$parser = new HTML5($new_html);
|
||||||
$doc = $parser->save();
|
$doc = $parser->save();
|
||||||
@ -34,9 +34,9 @@ class HTMLPurifier_Lexer_PH5P extends HTMLPurifier_Lexer_DOMLex
|
|||||||
$tokens = array();
|
$tokens = array();
|
||||||
$this->tokenizeDOM(
|
$this->tokenizeDOM(
|
||||||
$doc->getElementsByTagName('html')->item(0)-> // <html>
|
$doc->getElementsByTagName('html')->item(0)-> // <html>
|
||||||
getElementsByTagName('body')->item(0) // <body>
|
getElementsByTagName('body')->item(0) // <body>
|
||||||
,
|
,
|
||||||
$tokens
|
$tokens, $config
|
||||||
);
|
);
|
||||||
return $tokens;
|
return $tokens;
|
||||||
}
|
}
|
||||||
@ -1515,6 +1515,7 @@ class HTML5
|
|||||||
// Consume the maximum number of characters possible, with the
|
// Consume the maximum number of characters possible, with the
|
||||||
// consumed characters case-sensitively matching one of the
|
// consumed characters case-sensitively matching one of the
|
||||||
// identifiers in the first column of the entities table.
|
// identifiers in the first column of the entities table.
|
||||||
|
|
||||||
$e_name = $this->characters('0-9A-Za-z;', $this->char + 1);
|
$e_name = $this->characters('0-9A-Za-z;', $this->char + 1);
|
||||||
$len = strlen($e_name);
|
$len = strlen($e_name);
|
||||||
|
|
||||||
@ -1547,7 +1548,7 @@ class HTML5
|
|||||||
|
|
||||||
// Return a character token for the character corresponding to the
|
// Return a character token for the character corresponding to the
|
||||||
// entity name (as given by the second column of the entities table).
|
// entity name (as given by the second column of the entities table).
|
||||||
return html_entity_decode('&' . $entity . ';', ENT_QUOTES, 'UTF-8');
|
return html_entity_decode('&' . rtrim($entity, ';') . ';', ENT_QUOTES, 'UTF-8');
|
||||||
}
|
}
|
||||||
|
|
||||||
private function emitToken($token)
|
private function emitToken($token)
|
||||||
|
|||||||
Reference in New Issue
Block a user