From d16537c2f1afc580ad1514561a2197bdb5a15a16 Mon Sep 17 00:00:00 2001 From: thisgun Date: Tue, 24 Nov 2020 12:24:37 +0900 Subject: [PATCH] =?UTF-8?q?[KVE-2020-0797]=20=EC=98=81=EC=B9=B4=ED=8A=B8?= =?UTF-8?q?=20SQL=20=EC=9D=B8=EC=A0=9D=EC=85=98=20=EC=B7=A8=EC=95=BD?= =?UTF-8?q?=EC=A0=90=20=EC=B6=94=EA=B0=80=20=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- mobile/shop/search.php | 7 +++++++ mobile/skin/shop/basic/search.skin.php | 6 +----- shop/search.php | 7 +++++++ skin/shop/basic/search.skin.php | 13 ++++--------- theme/basic/mobile/skin/shop/basic/search.skin.php | 6 +----- theme/basic/skin/shop/basic/search.skin.php | 11 +++-------- 6 files changed, 23 insertions(+), 27 deletions(-) diff --git a/mobile/shop/search.php b/mobile/shop/search.php index faf765204..4ccbb654d 100644 --- a/mobile/shop/search.php +++ b/mobile/shop/search.php @@ -130,6 +130,13 @@ while($row = sql_fetch_array($result)){ $search_skin = G5_MSHOP_SKIN_PATH.'/search.skin.php'; +$list_file = G5_MSHOP_SKIN_PATH.'/'.$default['de_mobile_search_list_skin']; +if (file_exists($list_file) && is_include_path_check($list_file)) { + define('G5_SHOP_CSS_URL', G5_MSHOP_SKIN_URL); + $list = new item_list($list_file, $default['de_mobile_search_list_mod'], $default['de_mobile_search_list_row'], $default['de_mobile_search_img_width'], $default['de_mobile_search_img_height']); + $list->set_query(" select * $sql_common $sql_where {$order_by} limit $from_record, $items "); +} + if(!file_exists($search_skin)) { echo str_replace(G5_PATH.'/', '', $search_skin).' 스킨 파일이 존재하지 않습니다.'; } else { diff --git a/mobile/skin/shop/basic/search.skin.php b/mobile/skin/shop/basic/search.skin.php index f172071d0..5bd7323c1 100644 --- a/mobile/skin/shop/basic/search.skin.php +++ b/mobile/skin/shop/basic/search.skin.php @@ -69,11 +69,7 @@ if (!defined('_GNUBOARD_')) exit; // 개별 페이지 접근 불가
set_query(" select * $sql_common $sql_where {$order_by} limit $from_record, $items "); + if (isset($list) && is_object($list) && method_exists($list, 'run')) { $list->set_is_page(true); $list->set_mobile(true); $list->set_view('it_img', true); diff --git a/shop/search.php b/shop/search.php index 42157b9b0..44ff5b504 100644 --- a/shop/search.php +++ b/shop/search.php @@ -138,6 +138,13 @@ while($row = sql_fetch_array($result)){ $q = get_text($q); $search_skin = G5_SHOP_SKIN_PATH.'/search.skin.php'; +$list_file = G5_SHOP_SKIN_PATH.'/'.$default['de_search_list_skin']; +if (file_exists($list_file) && is_include_path_check($list_file)) { + define('G5_SHOP_CSS_URL', G5_SHOP_SKIN_URL); + $list = new item_list($list_file, $default['de_search_list_mod'], $default['de_search_list_row'], $default['de_search_img_width'], $default['de_search_img_height']); + $list->set_query(" select * $sql_common $sql_where {$order_by} limit $from_record, $items "); +} + if(!file_exists($search_skin)) { echo str_replace(G5_PATH.'/', '', $search_skin).' 스킨 파일이 존재하지 않습니다.'; } else { diff --git a/skin/shop/basic/search.skin.php b/skin/shop/basic/search.skin.php index d5c8ae57f..5b05d53a7 100644 --- a/skin/shop/basic/search.skin.php +++ b/skin/shop/basic/search.skin.php @@ -42,11 +42,10 @@ if (!defined('_GNUBOARD_')) exit; // 개별 페이지 접근 불가
    전체분류 ('.$total_cnt.')'.PHP_EOL; - for ($i=0; $row=sql_fetch_array($result); $i++) { + foreach((array) $categorys as $row){ + if( empty($row) ) continue; echo "
  • {$row['ca_name']} (".$row['cnt'].")
    • \n"; $total_cnt += $row['cnt']; } @@ -69,11 +68,7 @@ if (!defined('_GNUBOARD_')) exit; // 개별 페이지 접근 불가
    set_query(" select * $sql_common $sql_where {$order_by} limit $from_record, $items "); + if (isset($list) && is_object($list) && method_exists($list, 'run')) { $list->set_is_page(true); $list->set_view('it_img', true); $list->set_view('it_name', true); diff --git a/theme/basic/mobile/skin/shop/basic/search.skin.php b/theme/basic/mobile/skin/shop/basic/search.skin.php index f172071d0..5bd7323c1 100644 --- a/theme/basic/mobile/skin/shop/basic/search.skin.php +++ b/theme/basic/mobile/skin/shop/basic/search.skin.php @@ -69,11 +69,7 @@ if (!defined('_GNUBOARD_')) exit; // 개별 페이지 접근 불가
    set_query(" select * $sql_common $sql_where {$order_by} limit $from_record, $items "); + if (isset($list) && is_object($list) && method_exists($list, 'run')) { $list->set_is_page(true); $list->set_mobile(true); $list->set_view('it_img', true); diff --git a/theme/basic/skin/shop/basic/search.skin.php b/theme/basic/skin/shop/basic/search.skin.php index d5c8ae57f..c20e9fcbe 100644 --- a/theme/basic/skin/shop/basic/search.skin.php +++ b/theme/basic/skin/shop/basic/search.skin.php @@ -42,11 +42,10 @@ if (!defined('_GNUBOARD_')) exit; // 개별 페이지 접근 불가
      전체분류 ('.$total_cnt.')'.PHP_EOL; - for ($i=0; $row=sql_fetch_array($result); $i++) { + foreach((array) $categorys as $row){ + if( empty($row) ) continue; echo "
    • {$row['ca_name']} (".$row['cnt'].")
      • \n"; $total_cnt += $row['cnt']; } @@ -69,11 +68,7 @@ if (!defined('_GNUBOARD_')) exit; // 개별 페이지 접근 불가
      set_query(" select * $sql_common $sql_where {$order_by} limit $from_record, $items "); + if (isset($list) && is_object($list) && method_exists($list, 'run')) { $list->set_is_page(true); $list->set_view('it_img', true); $list->set_view('it_name', true);