From ca925cdaafd95cb4f2f1f5ab5c07ae4c6bfc8bdc Mon Sep 17 00:00:00 2001
From: gnuboard <kagla@naver.com>
Date: Fri, 12 Jul 2013 16:25:16 +0900
Subject: [PATCH] =?UTF-8?q?=EC=83=88=EB=A1=9C=20=EC=83=9D=EC=84=B1?=
 =?UTF-8?q?=EB=90=98=EB=8A=94=20=EB=94=94=EB=A0=89=ED=86=A0=EB=A6=AC?=
 =?UTF-8?q?=EC=9D=98=20=ED=8D=BC=EB=AF=B8=EC=85=98=EC=9D=80=20755=20?=
 =?UTF-8?q?=EB=A1=9C,=20=ED=8C=8C=EC=9D=BC=EC=9D=80=20644=20=EB=A1=9C=20?=
 =?UTF-8?q?=EC=84=A4=EC=A0=95=ED=95=98=EB=A9=B0,=20=EC=83=81=EC=88=98?=
 =?UTF-8?q?=EB=A1=9C=20=EC=A0=81=EC=9A=A9?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 adm/admin.lib.php            |  2 +-
 adm/board_copy_update.php    | 14 +++++++-------
 adm/board_form_update.php    |  6 +++---
 adm/member_form_update.php   |  6 +++---
 bbs/move_update.php          |  2 +-
 bbs/register_form_update.php |  6 +++---
 bbs/write_update.php         |  6 +++---
 config.php                   |  4 ++++
 install/install_db.php       |  8 ++++----
 lib/mobile.lib.php           |  6 +++---
 lib/thumbnail.lib.php        |  6 +++---
 plugin/ckeditor/upload.php   |  4 ++--
 12 files changed, 37 insertions(+), 33 deletions(-)

diff --git a/adm/admin.lib.php b/adm/admin.lib.php
index c1d11a9fa..ba150987c 100644
--- a/adm/admin.lib.php
+++ b/adm/admin.lib.php
@@ -159,7 +159,7 @@ function icon($act, $link='', $target='_parent')
 function rm_rf($file)
 {
     if (file_exists($file)) {
-        @chmod($file,0777);
+        @chmod($file, G4_FILE_PERMISSION);
         if (is_dir($file)) {
             $handle = opendir($file);
             while($filename = readdir($handle)) {
diff --git a/adm/board_copy_update.php b/adm/board_copy_update.php
index a8cebc15c..0ebc1d5de 100644
--- a/adm/board_copy_update.php
+++ b/adm/board_copy_update.php
@@ -121,8 +121,8 @@ $sql = " insert into {$g4['board_table']}
 sql_query($sql);
 
 // 게시판 폴더 생성
-@mkdir(G4_DATA_PATH.'/file/'.$target_table, 0707);
-@chmod(G4_DATA_PATH.'/file/'.$target_table, 0707);
+@mkdir(G4_DATA_PATH.'/file/'.$target_table, G4_DIR_PERMISSION);
+@chmod(G4_DATA_PATH.'/file/'.$target_table, G4_DIR_PERMISSION);
 
 // 디렉토리에 있는 파일의 목록을 보이지 않게 한다.
 $board_path = G4_DATA_PATH.'/file/'.$target_table;
@@ -130,7 +130,7 @@ $file = $board_path . '/index.php';
 $f = @fopen($file, 'w');
 @fwrite($f, '');
 @fclose($f);
-@chmod($file, 0606);
+@chmod($file, G4_FILE_PERMISSION);
 
 $copy_file = 0;
 if ($copy_case == 'schema_data_both') {
@@ -141,19 +141,19 @@ if ($copy_case == 'schema_data_both') {
         // 김선용 201007 :
         if(is_dir(G4_DATA_PATH.'/file/'.$bo_table.'/'.$entry)){
             $dd = dir(G4_DATA_PATH.'/file/'.$bo_table.'/'.$entry);
-            @mkdir(G4_DATA_PATH.'/file/'.$target_table.'/'.$entry, 0707);
-            @chmod(G4_DATA_PATH.'/file/'.$target_table.'/'.$entry, 0707);
+            @mkdir(G4_DATA_PATH.'/file/'.$target_table.'/'.$entry G4_DIR_PERMISSION);
+            @chmod(G4_DATA_PATH.'/file/'.$target_table.'/'.$entry G4_DIR_PERMISSION);
             while ($entry2 = $dd->read()) {
                 if ($entry2 == '.' || $entry2 == '..') continue;
                 @copy(G4_DATA_PATH.'/file/'.$bo_table.'/'.$entry.'/'.$entry2, G4_DATA_PATH.'/file/'.$target_table.'/'.$entry.'/'.$entry2);
-                @chmod(G4_DATA_PATH.'/file/'.$target_table.'/'.$entry.'/'.$entry2, 0707);
+                @chmod(G4_DATA_PATH.'/file/'.$target_table.'/'.$entry.'/'.$entry2, G4_DIR_PERMISSION);
                 $copy_file++;
             }
             $dd->close();
         }
         else {
             @copy(G4_DATA_PATH.'/file/'.$bo_table.'/'.$entry, G4_DATA_PATH.'/file/'.$target_table.'/'.$entry);
-            @chmod(G4_DATA_PATH.'/file/'.$target_table.'/'.$entry, 0707);
+            @chmod(G4_DATA_PATH.'/file/'.$target_table.'/'.$entry G4_DIR_PERMISSION);
             $copy_file++;
         }
     }
diff --git a/adm/board_form_update.php b/adm/board_form_update.php
index cd43ab701..c49f04d25 100644
--- a/adm/board_form_update.php
+++ b/adm/board_form_update.php
@@ -27,15 +27,15 @@ if ($file = $_POST['bo_include_tail']) {
 $board_path = G4_DATA_PATH.'/file/'.$bo_table;
 
 // 게시판 디렉토리 생성
-@mkdir($board_path, 0707);
-@chmod($board_path, 0707);
+@mkdir($board_path, G4_DIR_PERMISSION);
+@chmod($board_path, G4_DIR_PERMISSION);
 
 // 디렉토리에 있는 파일의 목록을 보이지 않게 한다.
 $file = $board_path . '/index.php';
 $f = @fopen($file, 'w');
 @fwrite($f, '');
 @fclose($f);
-@chmod($file, 0606);
+@chmod($file, G4_FILE_PERMISSION);
 
 // 분류에 & 나 = 는 사용이 불가하므로 2바이트로 바꾼다.
 $src_char = array('&', '=');
diff --git a/adm/member_form_update.php b/adm/member_form_update.php
index fdb97cb05..a2114ec07 100644
--- a/adm/member_form_update.php
+++ b/adm/member_form_update.php
@@ -99,13 +99,13 @@ else if ($w == 'u')
         }
 
         if (preg_match("/(\.gif)$/i", $_FILES['mb_icon']['name'])) {
-            @mkdir(G4_DATA_PATH.'/member/'.$mb_dir, 0707);
-            @chmod(G4_DATA_PATH.'/member/'.$mb_dir, 0707);
+            @mkdir(G4_DATA_PATH.'/member/'.$mb_dir, G4_DIR_PERMISSION);
+            @chmod(G4_DATA_PATH.'/member/'.$mb_dir, G4_DIR_PERMISSION);
 
             $dest_path = G4_DATA_PATH.'/member/'.$mb_dir.'/'.$mb_id.'.gif';
 
             move_uploaded_file($_FILES['mb_icon']['tmp_name'], $dest_path);
-            chmod($dest_path, 0606);
+            chmod($dest_path, G4_FILE_PERMISSION);
 
             if (file_exists($dest_path)) {
                 $size = getimagesize($dest_path);
diff --git a/bbs/move_update.php b/bbs/move_update.php
index de33c4620..ac58d546d 100644
--- a/bbs/move_update.php
+++ b/bbs/move_update.php
@@ -97,7 +97,7 @@ while ($row = sql_fetch_array($result))
                     {
                         // 원본파일을 복사하고 퍼미션을 변경
                         @copy($src_dir.'/'.$row3['bf_file'], $dst_dir.'/'.$row3['bf_file']);
-                        @chmod($dst_dir/$row3['bf_file'], 0606);
+                        @chmod($dst_dir/$row3['bf_file'], G4_FILE_PERMISSION);
                     }
 
                     $sql = " insert into {$g4['board_file_table']}
diff --git a/bbs/register_form_update.php b/bbs/register_form_update.php
index baad1d0ea..840b2674b 100644
--- a/bbs/register_form_update.php
+++ b/bbs/register_form_update.php
@@ -114,11 +114,11 @@ if (isset($_FILES['mb_icon']) && is_uploaded_file($_FILES['mb_icon']['tmp_name']
     if (preg_match("/(\.gif)$/i", $_FILES['mb_icon']['name'])) {
         // 아이콘 용량이 설정값보다 이하만 업로드 가능
         if ($_FILES['mb_icon']['size'] <= $config['cf_member_icon_size']) {
-            @mkdir($mb_dir, 0707);
-            @chmod($mb_dir, 0707);
+            @mkdir($mb_dir, G4_DIR_PERMISSION);
+            @chmod($mb_dir, G4_DIR_PERMISSION);
             $dest_path = $mb_dir.'/'.$mb_id.'.gif';
             move_uploaded_file($_FILES['mb_icon']['tmp_name'], $dest_path);
-            chmod($dest_path, 0606);
+            chmod($dest_path, G4_FILE_PERMISSION);
             if (file_exists($dest_path)) {
                 //=================================================================\
                 // 090714
diff --git a/bbs/write_update.php b/bbs/write_update.php
index f39ce4b9d..a2e075b5f 100644
--- a/bbs/write_update.php
+++ b/bbs/write_update.php
@@ -175,8 +175,8 @@ if (!isset($_POST['wr_subject']) || !trim($_POST['wr_subject']))
     alert('제목을 입력하여 주십시오.');
 
 // 디렉토리가 없다면 생성합니다. (퍼미션도 변경하구요.)
-@mkdir(G4_DATA_PATH.'/file/'.$bo_table, 0707);
-@chmod(G4_DATA_PATH.'/file/'.$bo_table, 0707);
+@mkdir(G4_DATA_PATH.'/file/'.$bo_table, G4_DIR_PERMISSION);
+@chmod(G4_DATA_PATH.'/file/'.$bo_table, G4_DIR_PERMISSION);
 
 $chars_array = array_merge(range(0,9), range('a','z'), range('A','Z'));
 
@@ -276,7 +276,7 @@ for ($i=0; $i<count($_FILES['bf_file']['name']); $i++) {
         $error_code = move_uploaded_file($tmp_file, $dest_file) or die($_FILES['bf_file']['error'][$i]);
 
         // 올라간 파일의 퍼미션을 변경합니다.
-        chmod($dest_file, 0606);
+        chmod($dest_file, G4_FILE_PERMISSION);
     }
 }
 
diff --git a/config.php b/config.php
index 39639a4e6..6f1fdb9b1 100644
--- a/config.php
+++ b/config.php
@@ -128,6 +128,10 @@ define('G4_HANGUL',         16); // 한글
 define('G4_SPACE',          32); // 공백
 define('G4_SPECIAL',        64); // 특수문자
 
+// 퍼미션 
+define('G4_DIR_PERMISSION',  0755); // 디렉토리 생성시 퍼미션
+define('G4_FILE_PERMISSION', 0644); // 파일 생성시 퍼미션
+
 // 모바일 인지 결정 $_SERVER['HTTP_USER_AGENT']
 define('G4_MOBILE_AGENT',   'phone|samsung|lgtel|mobile|skt|nokia|blackberry|android|sony');
 
diff --git a/install/install_db.php b/install/install_db.php
index 93a1158f8..ff734bd71 100644
--- a/install/install_db.php
+++ b/install/install_db.php
@@ -163,8 +163,8 @@ $dir_arr = array (
 );
 
 for ($i=0; $i<count($dir_arr); $i++) {
-    @mkdir($dir_arr[$i], 0707);
-    @chmod($dir_arr[$i], 0707);
+    @mkdir($dir_arr[$i], G4_DIR_PERMISSION);
+    @chmod($dir_arr[$i], G4_DIR_PERMISSION);
 }
 ?>
 
@@ -175,7 +175,7 @@ for ($i=0; $i<count($dir_arr); $i++) {
 
 // DB 설정 파일 생성
 $file = '../'.G4_DATA_DIR.'/'.G4_DBCONFIG_FILE;
-$f = @fopen($file, 'w');
+$f = @fopen($file, 'a');
 
 fwrite($f, "<?php\n");
 fwrite($f, "if (!defined('_GNUBOARD_')) exit;\n");
@@ -210,7 +210,7 @@ fwrite($f, "\$g4['autosave_table'] = G4_TABLE_PREFIX.'autosave'; // 게시글 
 fwrite($f, "?>");
 
 fclose($f);
-@chmod($file, 0606);
+@chmod($file, G4_FILE_PERMISSION);
 ?>
 
     <li>DB설정 파일 생성 완료 (<?php echo $file ?>)</li>
diff --git a/lib/mobile.lib.php b/lib/mobile.lib.php
index bceca7506..ffd916960 100644
--- a/lib/mobile.lib.php
+++ b/lib/mobile.lib.php
@@ -33,7 +33,7 @@ function mobile_create_thumb($srcImg, $width, $thumb)
     imagecopy($target, $source, 0, 0, 0, 0, $size[0], $size[1]);
 
     imagejpeg($target, $thumb, 100);
-    chmod($thumb, 0606); // 추후 삭제를 위하여 파일모드 변경
+    chmod($thumb, G4_FILE_PERMISSION); // 추후 삭제를 위하여 파일모드 변경
 
     return $thumb;
 }
@@ -62,8 +62,8 @@ function mobile_thumb($matches)
 
             $thumb_dir = G4_DATA_PATH.'/thumb/'.$bo_table;
             if (!is_dir($thumb_dir)) {
-                @mkdir($thumb_dir, 0707);
-                @chmod($thumb_dir, 0707);
+                @mkdir($thumb_dir, G4_DIR_PERMISSION);
+                @chmod($thumb_dir, G4_DIR_PERMISSION);
             }
 
             $result = true;
diff --git a/lib/thumbnail.lib.php b/lib/thumbnail.lib.php
index 23b8b18dc..1233d736f 100644
--- a/lib/thumbnail.lib.php
+++ b/lib/thumbnail.lib.php
@@ -180,8 +180,8 @@ function thumbnail($filename, $source_path, $target_path, $thumb_width, $thumb_h
         return;
 
     if (!is_dir($target_path)) {
-        @mkdir($target_path, 0707);
-        @chmod($target_path, 0707);
+        @mkdir($target_path, G4_DIR_PERMISSION);
+        @chmod($target_path, G4_DIR_PERMISSION);
     }
 
     // Animated GIF는 썸네일 생성하지 않음
@@ -299,7 +299,7 @@ function thumbnail($filename, $source_path, $target_path, $thumb_width, $thumb_h
     }
 
     imagejpeg($dst, $thumb_file, 90);
-    chmod($thumb_file, 0606); // 추후 삭제를 위하여 파일모드 변경
+    chmod($thumb_file, G4_FILE_PERMISSION); // 추후 삭제를 위하여 파일모드 변경
 
     imagedestroy($src);
     imagedestroy($dst);
diff --git a/plugin/ckeditor/upload.php b/plugin/ckeditor/upload.php
index 7d8a40d09..e9e14e86e 100644
--- a/plugin/ckeditor/upload.php
+++ b/plugin/ckeditor/upload.php
@@ -5,8 +5,8 @@ $ym = date('ym', G4_SERVER_TIME);
 
 $data_dir = G4_DATA_PATH.'/editor/'.$ym;
 $data_url = G4_DATA_URL.'/editor/'.$ym;
-@mkdir($data_dir, 0707);
-@chmod($data_dir, 0707);
+@mkdir($data_dir, G4_DIR_PERMISSION);
+@chmod($data_dir, G4_DIR_PERMISSION);
  
 // 업로드 DIALOG 에서 전송된 값
 $funcNum = $_GET['CKEditorFuncNum'] ;