From b3e53e3c780a1706cae0d731a444df09b84acfa5 Mon Sep 17 00:00:00 2001 From: kagla Date: Thu, 12 Aug 2021 04:50:03 +0000 Subject: [PATCH 01/16] =?UTF-8?q?PHP8,=20Fatal=20error:=20Uncaught=20TypeE?= =?UTF-8?q?rror:=20count():=20Argument=20#1=20($var)=20must=20be=20of=20ty?= =?UTF-8?q?pe=20Countable|array,=20null=20given=20=EB=B0=8F=20Warning=20?= =?UTF-8?q?=EC=98=A4=EB=A5=98=20=ED=95=B4=EA=B2=B0=20(Jay-flow=EB=8B=98,21?= =?UTF-8?q?0806)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- shop/naverpay/naverpay_item.php | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/shop/naverpay/naverpay_item.php b/shop/naverpay/naverpay_item.php index 0dffee7d3..5aa270779 100644 --- a/shop/naverpay/naverpay_item.php +++ b/shop/naverpay/naverpay_item.php @@ -7,15 +7,18 @@ $query = $_SERVER['QUERY_STRING']; $vars = array(); foreach(explode('&', $query) as $pair) { - list($key, $value) = explode('=', $pair); + @list($key, $value) = explode('=', $pair); $key = urldecode($key); $value = preg_replace("/[^A-Za-z0-9\-_]/", "", urldecode($value)); $vars[$key][] = $value; } -$itemIds = $vars['ITEM_ID']; +if (isset($vars['ITEM_ID'])) + $itemIds = $vars['ITEM_ID']; +else + $itemIds = array(); -if (count($itemIds) < 1) { +if (is_null($itemIds) || count($itemIds) < 1) { exit('ITEM_ID 는 필수입니다.'); } From 8e87434e990c00a35ff75ef246302c4a0c30c453 Mon Sep 17 00:00:00 2001 From: whitedot Date: Thu, 12 Aug 2021 16:52:29 +0900 Subject: [PATCH 02/16] =?UTF-8?q?UI=20:=201:1=EB=AC=B8=EC=9D=98=20?= =?UTF-8?q?=EA=B2=80=EC=83=89=EC=97=90=EC=84=9C=20=EA=B2=80=EC=83=89=20?= =?UTF-8?q?=EB=8C=80=EC=83=81=20=EC=A7=80=EC=A0=95=20=EB=A7=88=ED=81=AC?= =?UTF-8?q?=EC=97=85=20=EB=B0=8F=20=EC=8A=A4=ED=83=80=EC=9D=BC=EB=A7=81?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- mobile/skin/qa/basic/list.skin.php | 5 +++++ mobile/skin/qa/basic/style.css | 3 ++- skin/qa/basic/list.skin.php | 5 +++++ skin/qa/basic/style.css | 2 +- theme/basic/mobile/skin/qa/basic/list.skin.php | 5 +++++ theme/basic/mobile/skin/qa/basic/style.css | 3 ++- theme/basic/skin/qa/basic/list.skin.php | 5 +++++ theme/basic/skin/qa/basic/style.css | 2 +- 8 files changed, 26 insertions(+), 4 deletions(-) diff --git a/mobile/skin/qa/basic/list.skin.php b/mobile/skin/qa/basic/list.skin.php index 6d3b8cd3c..e9befda58 100644 --- a/mobile/skin/qa/basic/list.skin.php +++ b/mobile/skin/qa/basic/list.skin.php @@ -115,6 +115,11 @@ add_stylesheet('', 0); 게시물 검색
+ + + diff --git a/mobile/skin/qa/basic/style.css b/mobile/skin/qa/basic/style.css index add0d9d45..4b0f4eebb 100644 --- a/mobile/skin/qa/basic/style.css +++ b/mobile/skin/qa/basic/style.css @@ -136,7 +136,8 @@ #bo_sch {background:#fff;border:1px solid #d0d3db;position:relative;margin:10px} #bo_sch:after {display:block;visibility:hidden;clear:both;content:""} #bo_sch legend {position:absolute;margin:0;padding:0;font-size:0;line-height:0;text-indent:-9999em;overflow:hidden} -#bo_sch .sch_input {float:left;width:100%;height:38px;border:0;padding:0;background-color:transparent;padding:0 0 0 10px} +#bo_sch select {border:0;height:38px;border-right:1px solid #f8f8f8;float:left;width:30%} +#bo_sch .sch_input {height:38px;border:0;padding:0;background-color:transparent;float:left;width:70%;padding:0 40px 0 10px} #bo_sch .sch_btn {height:38px;position:absolute;top:0;right:0;border:0;width:40px;background:none;font-size:15px} diff --git a/skin/qa/basic/list.skin.php b/skin/qa/basic/list.skin.php index 56df884ee..e8af39051 100644 --- a/skin/qa/basic/list.skin.php +++ b/skin/qa/basic/list.skin.php @@ -41,6 +41,11 @@ add_stylesheet('', 0); 게시물 검색 + + +
diff --git a/skin/qa/basic/style.css b/skin/qa/basic/style.css index 7f12e4e41..2a5d22a58 100644 --- a/skin/qa/basic/style.css +++ b/skin/qa/basic/style.css @@ -182,7 +182,7 @@ box-shadow:inset 0 2px 5px rgb(33, 135, 202)} .bo_sch select {border:0;width:100%;height:40px;border:1px solid #d0d3db;border-radius:2px;-webkit-box-shadow:inset 0 1px 1px rgba(0, 0, 0, .075); -moz-box-shadow:inset 0 1px 1px rgba(0, 0, 0, .075); box-shadow:inset 0 1px 1px rgba(0, 0, 0, .075)} -.bo_sch .sch_bar {display:inline-block;width:100%;clear:both;border:1px solid #d0d3db;border-radius:2px;-webkit-box-shadow:inset 0 1px 1px rgba(0, 0, 0, .075); +.bo_sch .sch_bar {display:inline-block;width:100%;clear:both;margin-top:15px;border:1px solid #d0d3db;border-radius:2px;-webkit-box-shadow:inset 0 1px 1px rgba(0, 0, 0, .075); -moz-box-shadow:inset 0 1px 1px rgba(0, 0, 0, .075); box-shadow:inset 0 1px 1px rgba(0, 0, 0, .075)} .bo_sch .sch_input {width:250px;height:38px;border:0;padding:0;background-color:transparent;float:left} diff --git a/theme/basic/mobile/skin/qa/basic/list.skin.php b/theme/basic/mobile/skin/qa/basic/list.skin.php index 6d3b8cd3c..e9befda58 100644 --- a/theme/basic/mobile/skin/qa/basic/list.skin.php +++ b/theme/basic/mobile/skin/qa/basic/list.skin.php @@ -115,6 +115,11 @@ add_stylesheet('', 0); 게시물 검색 + + + diff --git a/theme/basic/mobile/skin/qa/basic/style.css b/theme/basic/mobile/skin/qa/basic/style.css index add0d9d45..4b0f4eebb 100644 --- a/theme/basic/mobile/skin/qa/basic/style.css +++ b/theme/basic/mobile/skin/qa/basic/style.css @@ -136,7 +136,8 @@ #bo_sch {background:#fff;border:1px solid #d0d3db;position:relative;margin:10px} #bo_sch:after {display:block;visibility:hidden;clear:both;content:""} #bo_sch legend {position:absolute;margin:0;padding:0;font-size:0;line-height:0;text-indent:-9999em;overflow:hidden} -#bo_sch .sch_input {float:left;width:100%;height:38px;border:0;padding:0;background-color:transparent;padding:0 0 0 10px} +#bo_sch select {border:0;height:38px;border-right:1px solid #f8f8f8;float:left;width:30%} +#bo_sch .sch_input {height:38px;border:0;padding:0;background-color:transparent;float:left;width:70%;padding:0 40px 0 10px} #bo_sch .sch_btn {height:38px;position:absolute;top:0;right:0;border:0;width:40px;background:none;font-size:15px} diff --git a/theme/basic/skin/qa/basic/list.skin.php b/theme/basic/skin/qa/basic/list.skin.php index 56df884ee..e8af39051 100644 --- a/theme/basic/skin/qa/basic/list.skin.php +++ b/theme/basic/skin/qa/basic/list.skin.php @@ -41,6 +41,11 @@ add_stylesheet('', 0); 게시물 검색 + + +
diff --git a/theme/basic/skin/qa/basic/style.css b/theme/basic/skin/qa/basic/style.css index 7f12e4e41..2a5d22a58 100644 --- a/theme/basic/skin/qa/basic/style.css +++ b/theme/basic/skin/qa/basic/style.css @@ -182,7 +182,7 @@ box-shadow:inset 0 2px 5px rgb(33, 135, 202)} .bo_sch select {border:0;width:100%;height:40px;border:1px solid #d0d3db;border-radius:2px;-webkit-box-shadow:inset 0 1px 1px rgba(0, 0, 0, .075); -moz-box-shadow:inset 0 1px 1px rgba(0, 0, 0, .075); box-shadow:inset 0 1px 1px rgba(0, 0, 0, .075)} -.bo_sch .sch_bar {display:inline-block;width:100%;clear:both;border:1px solid #d0d3db;border-radius:2px;-webkit-box-shadow:inset 0 1px 1px rgba(0, 0, 0, .075); +.bo_sch .sch_bar {display:inline-block;width:100%;clear:both;margin-top:15px;border:1px solid #d0d3db;border-radius:2px;-webkit-box-shadow:inset 0 1px 1px rgba(0, 0, 0, .075); -moz-box-shadow:inset 0 1px 1px rgba(0, 0, 0, .075); box-shadow:inset 0 1px 1px rgba(0, 0, 0, .075)} .bo_sch .sch_input {width:250px;height:38px;border:0;padding:0;background-color:transparent;float:left} From 0731b57c800ed590a9c009f542b29ce023ca24d1 Mon Sep 17 00:00:00 2001 From: kagla Date: Fri, 13 Aug 2021 02:02:21 +0000 Subject: [PATCH 03/16] =?UTF-8?q?1:1=EB=AC=B8=EC=9D=98=EC=97=90=20?= =?UTF-8?q?=EC=A0=9C=EB=AA=A9,=20=EB=82=B4=EC=9A=A9,=20=EA=B8=80=EC=93=B4?= =?UTF-8?q?=EC=9D=B4,=20=ED=9A=8C=EC=9B=90=EC=95=84=EC=9D=B4=EB=94=94=20?= =?UTF-8?q?=EC=84=A0=ED=83=9D=ED=9B=84=20=EA=B2=80=EC=83=89=EC=9D=B4=20?= =?UTF-8?q?=EA=B0=80=EB=8A=A5=ED=95=98=EB=8F=84=EB=A1=9D=20=EC=88=98?= =?UTF-8?q?=EC=A0=95=20(=EB=B6=81=EB=A7=88=ED=81=AC=EC=8A=A4=EB=8B=98,2108?= =?UTF-8?q?12)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- bbs/qalist.php | 28 +++++++++++++++---- lib/get_data.lib.php | 14 ++++++++++ mobile/skin/qa/basic/list.skin.php | 2 +- skin/qa/basic/list.skin.php | 2 +- .../basic/mobile/skin/qa/basic/list.skin.php | 2 +- theme/basic/skin/qa/basic/list.skin.php | 2 +- 6 files changed, 41 insertions(+), 9 deletions(-) diff --git a/bbs/qalist.php b/bbs/qalist.php index 08fd0b175..63401e029 100644 --- a/bbs/qalist.php +++ b/bbs/qalist.php @@ -58,15 +58,33 @@ if(is_file($skin_file)) { $stx = trim($stx); if($stx) { - if (preg_match("/[a-zA-Z]/", $stx)) - $sql_search .= " and ( INSTR(LOWER(qa_subject), LOWER('$stx')) > 0 or INSTR(LOWER(qa_content), LOWER('$stx')) > 0 )"; - else - $sql_search .= " and ( INSTR(qa_subject, '$stx') > 0 or INSTR(qa_content, '$stx') > 0 ) "; + $sfl = trim($sfl); + if ($sfl) { + switch ($sfl) { + case "qa_subject" : + case "qa_content" : + case "qa_name" : + case "mb_id" : + break; + default : + $sfl = "qa_subject"; + } + } else { + $sfl = "qa_subject"; + } + $sql_search .= " and (`{$sfl}` like '%{$stx}%') "; } + // $stx = trim($stx); + // if($stx) { + // if (preg_match("/[a-zA-Z]/", $stx)) + // $sql_search .= " and ( INSTR(LOWER(qa_subject), LOWER('$stx')) > 0 or INSTR(LOWER(qa_content), LOWER('$stx')) > 0 )"; + // else + // $sql_search .= " and ( INSTR(qa_subject, '$stx') > 0 or INSTR(qa_content, '$stx') > 0 ) "; + // } $sql_order = " order by qa_num "; - $sql = " select count(*) as cnt + $sql = " select count(*) as cnt $sql_common $sql_search "; $row = sql_fetch($sql); diff --git a/lib/get_data.lib.php b/lib/get_data.lib.php index 9b92ebcd2..253f63962 100644 --- a/lib/get_data.lib.php +++ b/lib/get_data.lib.php @@ -457,6 +457,20 @@ function get_board_sfl_select_options($sfl){ return run_replace('get_board_sfl_select_options', $str, $sfl); } +function get_qa_sfl_select_options($sfl) { + + global $is_admin; + + $str = ''; + $str .= ''; + $str .= ''; + $str .= ''; + if ($is_admin) + $str .= ''; + + return run_replace('get_qa_sfl_select_options', $str, $sfl); +} + // 읽지 않은 메모 갯수 반환 function get_memo_not_read($mb_id, $add_where='') { diff --git a/mobile/skin/qa/basic/list.skin.php b/mobile/skin/qa/basic/list.skin.php index e9befda58..2f102f5e2 100644 --- a/mobile/skin/qa/basic/list.skin.php +++ b/mobile/skin/qa/basic/list.skin.php @@ -118,7 +118,7 @@ add_stylesheet('', 0); diff --git a/skin/qa/basic/list.skin.php b/skin/qa/basic/list.skin.php index e8af39051..47fdfb615 100644 --- a/skin/qa/basic/list.skin.php +++ b/skin/qa/basic/list.skin.php @@ -44,7 +44,7 @@ add_stylesheet('', 0);
diff --git a/theme/basic/mobile/skin/qa/basic/list.skin.php b/theme/basic/mobile/skin/qa/basic/list.skin.php index e9befda58..2f102f5e2 100644 --- a/theme/basic/mobile/skin/qa/basic/list.skin.php +++ b/theme/basic/mobile/skin/qa/basic/list.skin.php @@ -118,7 +118,7 @@ add_stylesheet('', 0); diff --git a/theme/basic/skin/qa/basic/list.skin.php b/theme/basic/skin/qa/basic/list.skin.php index e8af39051..47fdfb615 100644 --- a/theme/basic/skin/qa/basic/list.skin.php +++ b/theme/basic/skin/qa/basic/list.skin.php @@ -44,7 +44,7 @@ add_stylesheet('', 0);
From 38308f887b3916bb427cb29d92861e26d8eb1025 Mon Sep 17 00:00:00 2001 From: kagla Date: Mon, 23 Aug 2021 07:24:24 +0000 Subject: [PATCH 04/16] =?UTF-8?q?=ED=8A=B8=EC=9C=84=ED=84=B0=20=EC=86=8C?= =?UTF-8?q?=EC=85=9C=20=EB=8C=93=EA=B8=80=20=EC=82=AC=EC=9A=A9=EC=8B=9C=20?= =?UTF-8?q?Could=20not=20connect=20to=20Twitter.=20Refresh=20the=20page=20?= =?UTF-8?q?or=20try=20again=20later.=20=EC=9D=B4=EC=A0=84=EC=97=90=20?= =?UTF-8?q?=EB=82=98=EC=98=A4=EB=8A=94=20Warning:=20Undefined=20array=20ke?= =?UTF-8?q?y=20=EC=98=A4=EB=A5=98=20=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- plugin/sns/twitter/redirect.php | 4 ++-- plugin/sns/twitter/twitteroauth/twitteroauth.php | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/plugin/sns/twitter/redirect.php b/plugin/sns/twitter/redirect.php index 4bc1586aa..505b3e047 100644 --- a/plugin/sns/twitter/redirect.php +++ b/plugin/sns/twitter/redirect.php @@ -13,8 +13,8 @@ $connection = new TwitterOAuth(CONSUMER_KEY, CONSUMER_SECRET); $request_token = $connection->getRequestToken(OAUTH_CALLBACK); /* Save temporary credentials to session. */ -$_SESSION['oauth_token'] = $token = $request_token['oauth_token']; -$_SESSION['oauth_token_secret'] = $request_token['oauth_token_secret']; +$_SESSION['oauth_token'] = $token = @$request_token['oauth_token']; +$_SESSION['oauth_token_secret'] = @$request_token['oauth_token_secret']; //print_r2($_SESSION); exit; diff --git a/plugin/sns/twitter/twitteroauth/twitteroauth.php b/plugin/sns/twitter/twitteroauth/twitteroauth.php index af8712229..49bee1457 100644 --- a/plugin/sns/twitter/twitteroauth/twitteroauth.php +++ b/plugin/sns/twitter/twitteroauth/twitteroauth.php @@ -77,7 +77,7 @@ class TwitterOAuth { $parameters['oauth_callback'] = $oauth_callback; $request = $this->oAuthRequest($this->requestTokenURL(), 'GET', $parameters); $token = OAuthUtil::parse_parameters($request); - $this->token = new OAuthConsumer($token['oauth_token'], $token['oauth_token_secret']); + $this->token = new OAuthConsumer(@$token['oauth_token'], @$token['oauth_token_secret']); return $token; } From c4544671a29913ebe3197b30ed1ef439ca17f99f Mon Sep 17 00:00:00 2001 From: kagla Date: Tue, 24 Aug 2021 13:55:22 +0900 Subject: [PATCH 05/16] =?UTF-8?q?=EB=AA=A8=EB=B0=94=EC=9D=BC=20=EA=B2=B0?= =?UTF-8?q?=EC=A0=9C=EC=8B=9C=20=EC=B9=B4=EB=93=9C=EC=82=AC=EB=AA=85?= =?UTF-8?q?=EC=9D=B4=20=EC=A0=9C=EB=8C=80=EB=A1=9C=20=EB=93=A4=EC=96=B4?= =?UTF-8?q?=EA=B0=80=EC=A7=80=20=EC=95=8A=EB=8D=98=20=EC=98=A4=EB=A5=98=20?= =?UTF-8?q?=EC=88=98=EC=A0=95=20(chewry=EB=8B=98,210817)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- mobile/shop/inicis/pay_approval.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/mobile/shop/inicis/pay_approval.php b/mobile/shop/inicis/pay_approval.php index 5befa5b30..3ee89e888 100644 --- a/mobile/shop/inicis/pay_approval.php +++ b/mobile/shop/inicis/pay_approval.php @@ -182,7 +182,8 @@ if(isset($data['pp_id']) && !empty($data['pp_id'])) { $P_VACT_NUM = $_POST['P_VACT_NUM'] = isset($PAY['P_VACT_NUM']) ? $PAY['P_VACT_NUM'] : ''; $P_VACT_NAME = $_POST['P_VACT_NAME'] = isset($PAY['P_VACT_NAME']) ? iconv_utf8($PAY['P_VACT_NAME']) : ''; $P_VACT_BANK = $_POST['P_VACT_BANK'] = (isset($PAY['P_VACT_BANK_CODE']) && isset($BANK_CODE[$PAY['P_VACT_BANK_CODE']])) ? $BANK_CODE[$PAY['P_VACT_BANK_CODE']] : ''; - $P_CARD_ISSUER = $_POST['P_CARD_ISSUER'] = isset($CARD_CODE[$PAY['P_CARD_ISSUER_CODE']]) ? $CARD_CODE[$PAY['P_CARD_ISSUER_CODE']] : ''; + // $P_CARD_ISSUER = $_POST['P_CARD_ISSUER'] = isset($CARD_CODE[$PAY['P_CARD_ISSUER_CODE']]) ? $CARD_CODE[$PAY['P_CARD_ISSUER_CODE']] : ''; + $P_CARD_ISSUER = $_POST['P_CARD_ISSUER'] = isset($CARD_CODE[$PAY['P_FN_CD1']]) ? $CARD_CODE[$PAY['P_FN_CD1']] : ''; $P_UNAME = $_POST['P_UNAME'] = isset($PAY['P_UNAME']) ? iconv_utf8($PAY['P_UNAME']) : ''; $check_keys = array('od_name', 'od_tel', 'od_pwd', 'od_hp', 'od_zip', 'od_addr1', 'od_addr2', 'od_addr3', 'od_addr_jibeon', 'od_email', 'ad_default', 'ad_subject', 'od_hope_date', 'od_b_name', 'od_b_tel', 'od_b_hp', 'od_b_zip', 'od_b_addr1', 'od_b_addr2', 'od_b_addr3', 'od_b_addr_jibeon', 'od_memo', 'od_settle_case', 'max_temp_point', 'od_temp_point', 'od_send_cost', 'od_send_cost2', 'od_bank_account', 'od_deposit_name', 'od_test', 'od_ip'); From ebf00b6834d729b55f4702c903ac262a7e2f7408 Mon Sep 17 00:00:00 2001 From: kagla Date: Thu, 9 Sep 2021 03:24:40 +0000 Subject: [PATCH 06/16] =?UTF-8?q?=EB=B0=B0=EB=84=88=EC=9D=98=20=EB=A7=81?= =?UTF-8?q?=ED=81=AC=EB=A5=BC=20=EC=9E=85=EB=A0=A5=ED=95=98=EC=A7=80=20?= =?UTF-8?q?=EC=95=8A=EC=9C=BC=EB=A9=B4=20PHP8=EC=97=90=EC=84=9C=20Warning:?= =?UTF-8?q?=20Uninitialized=20string=20offset=200=20in=20...=20=EC=99=80?= =?UTF-8?q?=20=EA=B0=99=EC=9D=80=20=EC=98=A4=EB=A5=98=EA=B0=80=20=EB=82=98?= =?UTF-8?q?=EB=8A=94=EA=B2=83=EC=9D=84=20=EC=88=98=EC=A0=95=20(=EB=8B=A4?= =?UTF-8?q?=EC=98=A8=ED=85=8C=EB=A7=88=EB=8B=98,210908)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- skin/shop/basic/boxbanner.skin.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/skin/shop/basic/boxbanner.skin.php b/skin/shop/basic/boxbanner.skin.php index d6bd9fd3e..03be8e7ac 100644 --- a/skin/shop/basic/boxbanner.skin.php +++ b/skin/shop/basic/boxbanner.skin.php @@ -23,7 +23,7 @@ for ($i=0; $row=sql_fetch_array($result); $i++) $banner = ''; $size = getimagesize($bimg); echo '
  • '.PHP_EOL; - if ($row['bn_url'][0] == '#') + if (preg_match("/^#/", $row['bn_url'])) $banner .= ''; else if ($row['bn_url'] && $row['bn_url'] != 'http://') { $banner .= ''; From 7dea8e686691b7f57ec2d32bdaf89dd4b98ce304 Mon Sep 17 00:00:00 2001 From: kagla Date: Wed, 15 Sep 2021 01:14:45 +0000 Subject: [PATCH 07/16] =?UTF-8?q?PHP8=20=EC=97=90=EC=84=9C=20=EB=B0=9C?= =?UTF-8?q?=EC=83=9D=ED=95=98=EB=8A=94=20=EC=98=A4=EB=A5=98=20=EC=88=98?= =?UTF-8?q?=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- bbs/write_update.php | 8 +++++--- lib/common.lib.php | 6 ++++-- skin/member/basic/login.skin.php | 2 +- 3 files changed, 10 insertions(+), 6 deletions(-) diff --git a/bbs/write_update.php b/bbs/write_update.php index ac32277e6..dbda388ef 100644 --- a/bbs/write_update.php +++ b/bbs/write_update.php @@ -658,7 +658,7 @@ for ($i=(int)$row['max_bf_no']; $i>=0; $i--) $row2 = sql_fetch(" select bf_file from {$g5['board_file_table']} where bo_table = '{$bo_table}' and wr_id = '{$wr_id}' and bf_no = '{$i}' "); // 정보가 있다면 빠집니다. - if ($row2['bf_file']) break; + if (isset($row2['bf_file']) && $row2['bf_file']) break; // 그렇지 않다면 정보를 삭제합니다. sql_query(" delete from {$g5['board_file_table']} where bo_table = '{$bo_table}' and wr_id = '{$wr_id}' and bf_no = '{$i}' "); @@ -725,8 +725,10 @@ if (!($w == 'u' || $w == 'cu') && $config['cf_email_use'] && $board['bo_use_emai } // 옵션에 메일받기가 체크되어 있고, 게시자의 메일이 있다면 - if (strstr($wr['wr_option'], 'mail') && $wr['wr_email']) - $array_email[] = $wr['wr_email']; + if (isset($wr['wr_option']) && isset($wr['wr_email'])) { + if (strstr($wr['wr_option'], 'mail') && $wr['wr_email']) + $array_email[] = $wr['wr_email']; + } // 중복된 메일 주소는 제거 $unique_email = array_unique($array_email); diff --git a/lib/common.lib.php b/lib/common.lib.php index d84af1501..b7493f18d 100644 --- a/lib/common.lib.php +++ b/lib/common.lib.php @@ -850,12 +850,14 @@ function get_admin($admin='super', $fields='*') $is = true; } - if (($is && !$mb['mb_id']) || $admin == 'group') { + // if (($is && !$mb['mb_id']) || $admin == 'group') { + if (($is && !isset($mb['mb_id'])) || $admin == 'group') { $mb = sql_fetch("select {$fields} from {$g5['member_table']} where mb_id in ('{$group['gr_admin']}') limit 1 "); $is = true; } - if (($is && !$mb['mb_id']) || $admin == 'super') { + // if (($is && !$mb['mb_id']) || $admin == 'super') { + if (($is && !isset($mb['mb_id'])) || $admin == 'super') { $mb = sql_fetch("select {$fields} from {$g5['member_table']} where mb_id in ('{$config['cf_admin']}') limit 1 "); } diff --git a/skin/member/basic/login.skin.php b/skin/member/basic/login.skin.php index 15f94e3a7..d282aeba2 100644 --- a/skin/member/basic/login.skin.php +++ b/skin/member/basic/login.skin.php @@ -39,7 +39,7 @@ add_stylesheet('',
    • - + From a3e8c97ef56ac178482ce9c657a8390f50d839a9 Mon Sep 17 00:00:00 2001 From: kagla Date: Wed, 15 Sep 2021 02:30:19 +0000 Subject: [PATCH 08/16] =?UTF-8?q?=EC=9D=B4=EB=AF=B8=EC=A7=80=20=ED=8C=8C?= =?UTF-8?q?=EC=9D=BC=20=EC=97=85=EB=A1=9C=EB=93=9C=20=EA=B8=B0=EB=8A=A5?= =?UTF-8?q?=EC=9D=84=20=EC=9D=B4=EC=9A=A9=ED=95=9C=20=EC=9B=B9=EB=B3=80?= =?UTF-8?q?=EC=A1=B0=20=EB=B0=A9=EC=A7=80=20=EC=BD=94=EB=93=9C=20=EC=A0=81?= =?UTF-8?q?=EC=9A=A9=20(=EB=82=98=EC=B0=BD=ED=98=B8=EB=8B=98,=EB=A0=88?= =?UTF-8?q?=EC=9D=B4=EB=94=98=EB=8B=98,210915)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- plugin/editor/cheditor5/imageUpload/upload.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/plugin/editor/cheditor5/imageUpload/upload.php b/plugin/editor/cheditor5/imageUpload/upload.php index 9594f8c7a..f305b65d3 100644 --- a/plugin/editor/cheditor5/imageUpload/upload.php +++ b/plugin/editor/cheditor5/imageUpload/upload.php @@ -77,7 +77,7 @@ run_event('cheditor_photo_upload', $data_dir, $data_url); // $tempfile = $_FILES['file']['tmp_name']; $filename = $_FILES['file']['name']; - +$filename_len = strrpos($filename, "."); $type = substr($filename, strrpos($filename, ".")+1); $found = false; switch ($type) { @@ -89,7 +89,7 @@ switch ($type) { $found = true; } -if ($found != true) { +if ($found != true || $filename_len != 23) { exit; } From 688440eb18e354a0348f9e40e21f145bdb90c75d Mon Sep 17 00:00:00 2001 From: kagla Date: Thu, 16 Sep 2021 02:09:09 +0000 Subject: [PATCH 09/16] =?UTF-8?q?JavaScript=20=EB=B6=88=EA=B0=80=EC=9D=BC?= =?UTF-8?q?=20=EB=95=8C=20Undefined=20variable=20$js=20=EC=98=A4=EB=A5=98?= =?UTF-8?q?=20=EB=82=98=EC=98=A4=EC=A7=80=20=EC=95=8A=EB=8F=84=EB=A1=9D=20?= =?UTF-8?q?=EC=88=98=EC=A0=95=20(=EC=A1=B0=EC=95=88=EB=8B=98,210916)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- bbs/download.php | 1 + 1 file changed, 1 insertion(+) diff --git a/bbs/download.php b/bbs/download.php index 504595b74..f0f70afb7 100644 --- a/bbs/download.php +++ b/bbs/download.php @@ -23,6 +23,7 @@ if (!$file['bf_file']) alert_close('파일 정보가 존재하지 않습니다.'); // JavaScript 불가일 때 +$js = (isset($_GET['js'])) ? $_GET['js'] : ''; if($js != 'on' && $board['bo_download_point'] < 0) { $msg = $file['bf_source'].' 파일을 다운로드 하시면 포인트가 차감('.number_format($board['bo_download_point']).'점)됩니다.\\n포인트는 게시물당 한번만 차감되며 다음에 다시 다운로드 하셔도 중복하여 차감하지 않습니다.\\n그래도 다운로드 하시겠습니까?'; $url1 = G5_BBS_URL.'/download.php?'.clean_query_string($_SERVER['QUERY_STRING'], false).'&js=on'; From 63217a6a6726dc051528116e6eb79bb47d523334 Mon Sep 17 00:00:00 2001 From: kagla Date: Thu, 16 Sep 2021 04:54:33 +0000 Subject: [PATCH 10/16] =?UTF-8?q?['HTTP=5FHOST']=20=EA=B0=80=20=EC=84=A0?= =?UTF-8?q?=EC=96=B8=EB=90=98=EC=A7=80=20=EC=95=8A=EC=95=84=20PHP8=20?= =?UTF-8?q?=EC=97=90=EC=84=9C=20=EB=B0=9C=EC=83=9D=ED=95=98=EB=8D=98=20?= =?UTF-8?q?=EC=98=A4=EB=A5=98=20=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- common.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/common.php b/common.php index 8fbde6e96..0a3930ab9 100644 --- a/common.php +++ b/common.php @@ -232,7 +232,7 @@ function chrome_domain_session_name(){ '.maru.net', // 마루호스팅 ); - if(preg_match('/('.implode('|', $domain_array).')/i', $_SERVER['HTTP_HOST'])){ // 위의 도메인주소를 포함한 url접속시 기본세션이름을 변경한다. + if(isset($_SERVER['HTTP_HOST']) && preg_match('/('.implode('|', $domain_array).')/i', $_SERVER['HTTP_HOST'])){ // 위의 도메인주소를 포함한 url접속시 기본세션이름을 변경한다. if(! defined('G5_SESSION_NAME')) define('G5_SESSION_NAME', 'G5PHPSESSID'); @session_name(G5_SESSION_NAME); } From 50612db75af9df81a44773817516ec3de06b4570 Mon Sep 17 00:00:00 2001 From: kagla Date: Thu, 16 Sep 2021 04:55:11 +0000 Subject: [PATCH 11/16] =?UTF-8?q?=EA=B2=BD=EB=A1=9C=EA=B0=80=20=EC=9E=98?= =?UTF-8?q?=EB=AA=BB=20=EB=B0=98=ED=99=98=EB=90=98=EC=96=B4=20thumb-?= =?UTF-8?q?=EC=9D=B4=EB=AF=B8=EC=A7=80=20=ED=8C=8C=EC=9D=BC=EC=9D=B4=20?= =?UTF-8?q?=EC=82=AD=EC=A0=9C=EB=90=98=EC=A7=80=20=EC=95=8A=EB=8D=98=20?= =?UTF-8?q?=EC=98=A4=EB=A5=98=20=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- lib/common.lib.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/lib/common.lib.php b/lib/common.lib.php index b7493f18d..742cdcac5 100644 --- a/lib/common.lib.php +++ b/lib/common.lib.php @@ -2346,7 +2346,8 @@ function delete_editor_thumbnail($contents) for($i=0; $i Date: Thu, 16 Sep 2021 04:56:06 +0000 Subject: [PATCH 12/16] =?UTF-8?q?=EC=9D=B4=EB=AF=B8=EC=A7=80=20=ED=99=95?= =?UTF-8?q?=EC=9E=A5=EC=9E=90=EC=97=90=20.webp=20=EC=B6=94=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- lib/common.lib.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/common.lib.php b/lib/common.lib.php index 742cdcac5..18562a637 100644 --- a/lib/common.lib.php +++ b/lib/common.lib.php @@ -2348,7 +2348,7 @@ function delete_editor_thumbnail($contents) $imgurl = @parse_url($matchs[1][$i]); // $srcfile = dirname(G5_PATH).$imgurl['path']; $srcfile = (G5_PATH).$imgurl['path']; - if(! preg_match('/(\.jpe?g|\.gif|\.png)$/i', $srcfile)) continue; + if(!preg_match('/(\.jpe?g|\.gif|\.png|\.webp)$/i', $srcfile)) continue; $filename = preg_replace("/\.[^\.]+$/i", "", basename($srcfile)); $filepath = dirname($srcfile); $files = glob($filepath.'/thumb-'.$filename.'*'); From abe801a7ac314bbd36b70f0bff5b0ce538b92d08 Mon Sep 17 00:00:00 2001 From: kagla Date: Thu, 16 Sep 2021 06:05:07 +0000 Subject: [PATCH 13/16] =?UTF-8?q?PHP8=EC=97=90=EC=84=9C=20=EB=82=98?= =?UTF-8?q?=EC=98=A4=EB=8A=94=20PHP=20Warning:=20=20Undefined=20array=20ke?= =?UTF-8?q?y=20"HTTP=5FUSER=5FAGENT"=20=EC=98=A4=EB=A5=98=20=EC=88=98?= =?UTF-8?q?=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- bbs/visit_insert.inc.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/bbs/visit_insert.inc.php b/bbs/visit_insert.inc.php index 4aa235bd3..28232b330 100644 --- a/bbs/visit_insert.inc.php +++ b/bbs/visit_insert.inc.php @@ -14,7 +14,9 @@ if (get_cookie('ck_visit_ip') != $_SERVER['REMOTE_ADDR']) $referer = ""; if (isset($_SERVER['HTTP_REFERER'])) $referer = escape_trim(clean_xss_tags(strip_tags($_SERVER['HTTP_REFERER']))); - $user_agent = escape_trim(clean_xss_tags(strip_tags($_SERVER['HTTP_USER_AGENT']))); + $user_agent = ''; + if (isset($_SERVER['HTTP_USER_AGENT'])) + $user_agent = escape_trim(clean_xss_tags(strip_tags($_SERVER['HTTP_USER_AGENT']))); $vi_browser = ''; $vi_os = ''; $vi_device = ''; From 469e1ff890829ed31a533afffec57c311f9220da Mon Sep 17 00:00:00 2001 From: kagla Date: Thu, 16 Sep 2021 06:05:59 +0000 Subject: [PATCH 14/16] =?UTF-8?q?PHP8=EC=97=90=EC=84=9C=20=EB=82=98?= =?UTF-8?q?=EC=98=A4=EB=8A=94=20PHP=20Warning:=20=20Undefined=20array=20ke?= =?UTF-8?q?y=20"HTTP=5FUSER=5FAGENT"=20=EC=98=A4=EB=A5=98=20=EC=88=98?= =?UTF-8?q?=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- common.php | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/common.php b/common.php index 0a3930ab9..3accb2512 100644 --- a/common.php +++ b/common.php @@ -339,8 +339,10 @@ if( $config['cf_cert_use'] || (defined('G5_YOUNGCART_VER') && G5_YOUNGCART_VER) $res = @session_start($options); // IE 브라우저 또는 엣지브라우저 또는 IOS 모바일과 http환경에서는 secure; SameSite=None을 설정하지 않습니다. - if( preg_match('/Edge/i', $_SERVER['HTTP_USER_AGENT']) || preg_match('/(iPhone|iPod|iPad).*AppleWebKit.*Safari/i', $_SERVER['HTTP_USER_AGENT']) || preg_match('~MSIE|Internet Explorer~i', $_SERVER['HTTP_USER_AGENT']) || preg_match('~Trident/7.0(; Touch)?; rv:11.0~',$_SERVER['HTTP_USER_AGENT']) || ! (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS']=='on') ){ - return $res; + if (isset($_SERVER['HTTP_USER_AGENT'])) { + if( preg_match('/Edge/i', $_SERVER['HTTP_USER_AGENT']) || preg_match('/(iPhone|iPod|iPad).*AppleWebKit.*Safari/i', $_SERVER['HTTP_USER_AGENT']) || preg_match('~MSIE|Internet Explorer~i', $_SERVER['HTTP_USER_AGENT']) || preg_match('~Trident/7.0(; Touch)?; rv:11.0~',$_SERVER['HTTP_USER_AGENT']) || ! (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS']=='on') ){ + return $res; + } } $headers = headers_list(); From b2041758f4479f4a600dcdf8ebf3c89189978ddb Mon Sep 17 00:00:00 2001 From: kagla Date: Thu, 16 Sep 2021 06:07:41 +0000 Subject: [PATCH 15/16] =?UTF-8?q?PHP8=EC=97=90=EC=84=9C=20=EB=82=98?= =?UTF-8?q?=EC=98=A4=EB=8A=94=20Undefined=20array=20key=20"HTTP=5FUSER=5FA?= =?UTF-8?q?GENT"=20=EC=98=A4=EB=A5=98=20=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- lib/common.lib.php | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/lib/common.lib.php b/lib/common.lib.php index 18562a637..b6bb9837c 100644 --- a/lib/common.lib.php +++ b/lib/common.lib.php @@ -2219,7 +2219,10 @@ function get_checked($field, $value) function is_mobile() { - return preg_match('/'.G5_MOBILE_AGENT.'/i', $_SERVER['HTTP_USER_AGENT']); + if (isset($_SERVER['HTTP_USER_AGENT'])) + return preg_match('/'.G5_MOBILE_AGENT.'/i', $_SERVER['HTTP_USER_AGENT']); + else + return ''; } From c74c04bf1697b8ba92fb63ed2540795c8cb2f6bb Mon Sep 17 00:00:00 2001 From: kagla Date: Thu, 23 Sep 2021 05:29:22 +0000 Subject: [PATCH 16/16] =?UTF-8?q?=EB=B2=84=EC=A0=84=205.4.16=20=EC=88=98?= =?UTF-8?q?=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- version.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/version.php b/version.php index 089ceab54..e44e7b826 100644 --- a/version.php +++ b/version.php @@ -2,7 +2,7 @@ if (!defined('_GNUBOARD_')) exit; // 개별 페이지 접근 불가 define('G5_VERSION', '그누보드5'); -define('G5_GNUBOARD_VER', '5.4.15.1'); +define('G5_GNUBOARD_VER', '5.4.16'); // 그누보드5.4.5.5 버전과 영카트5.4.5.5.1 버전을 합쳐서 그누보드5.4.6 버전에서 시작함 (kagla-210617) // G5_YOUNGCART_VER 이 상수를 사용하는 곳이 있으므로 주석 처리 해제함 // 그누보드5.4.6 이상 버전 부터는 영카트를 그누보드에 포함하여 배포하므로 영카트5의 버전은 의미가 없습니다.