From c1842b0155a180918d7fcbd10e6e24a230f45e8f Mon Sep 17 00:00:00 2001 From: chicpro Date: Thu, 15 Oct 2015 11:17:36 +0900 Subject: [PATCH 1/2] =?UTF-8?q?sms5=20=EB=B0=9C=EC=86=A1=20=EA=B8=B0?= =?UTF-8?q?=EB=8A=A5=20=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- adm/sms_admin/sms_write_send.php | 9 +++++++++ plugin/sms5/sms5.lib.php | 13 ------------- 2 files changed, 9 insertions(+), 13 deletions(-) diff --git a/adm/sms_admin/sms_write_send.php b/adm/sms_admin/sms_write_send.php index f256c3e41..1244fee5a 100644 --- a/adm/sms_admin/sms_write_send.php +++ b/adm/sms_admin/sms_write_send.php @@ -42,6 +42,9 @@ while ($row = array_shift($send_list)) while ($row = sql_fetch_array($qry)) { $row['bk_hp'] = get_hp($row['bk_hp'], 0); + + if(!$row['bk_hp']) continue; + if ($wr_overlap && array_overlap($hps, $row['bk_hp'])) { $overlap++; array_push( $duplicate_data['hp'], $row['bk_hp'] ); @@ -63,6 +66,8 @@ while ($row = array_shift($send_list)) $hp = get_hp($row['mb_hp'], 0); $mb_id = $row['mb_id']; + if(!$hp) continue; + if ($wr_overlap && array_overlap($hps, $hp)) { $overlap++; array_push( $duplicate_data['hp'], $row['bk_hp'] ); @@ -84,6 +89,8 @@ while ($row = array_shift($send_list)) $hp = get_hp($item[$i][1], 0); $name = $item[$i][0]; + if(!$hp) continue; + if ($wr_overlap && array_overlap($hps, $hp)) { $overlap++; array_push( $duplicate_data['hp'], $row['bk_hp'] ); @@ -99,6 +106,8 @@ while ($row = array_shift($send_list)) $row = sql_fetch("select * from {$g5['sms5_book_table']} where bk_no='$item[$i]'"); $row['bk_hp'] = get_hp($row['bk_hp'], 0); + if(!$row['bk_hp']) continue; + if ($wr_overlap && array_overlap($hps, $row['bk_hp'])) { $overlap++; array_push( $duplicate_data['hp'], $row['bk_hp'] ); diff --git a/plugin/sms5/sms5.lib.php b/plugin/sms5/sms5.lib.php index 8979454dc..175c74f36 100644 --- a/plugin/sms5/sms5.lib.php +++ b/plugin/sms5/sms5.lib.php @@ -7,19 +7,6 @@ if (!defined('_GNUBOARD_')) exit; ** *************************************************************************/ -// 스킨디렉토리를 SELECT 형식으로 얻음 -function get_sms5_skin_select($skin_gubun, $id, $name, $selected='', $event='') -{ - $skins = get_skin_dir($skin_gubun, G5_SMS5_PATH); - $str = ""; - return $str; -} - // 한페이지에 보여줄 행, 현재페이지, 총페이지수, URL function sms5_sub_paging($write_pages, $cur_page, $total_page, $url, $add="", $starget="") { From 341f59984095985d0563894edaccb8055cc9ad74 Mon Sep 17 00:00:00 2001 From: chicpro Date: Thu, 15 Oct 2015 11:38:13 +0900 Subject: [PATCH 2/2] =?UTF-8?q?=EB=B0=9C=EC=8B=A0=EB=B2=88=ED=98=B8=20?= =?UTF-8?q?=EC=9C=A0=ED=9A=A8=EC=84=B1=20=EC=B2=B4=ED=81=AC=20=EC=B6=94?= =?UTF-8?q?=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- adm/sms_admin/config_update.php | 9 ++++----- adm/sms_admin/sms_write.php | 2 +- adm/sms_admin/sms_write_send.php | 3 +++ lib/common.lib.php | 25 +++++++++++++++++++++++++ 4 files changed, 33 insertions(+), 6 deletions(-) diff --git a/adm/sms_admin/config_update.php b/adm/sms_admin/config_update.php index 04f4818d5..ec18b2ec8 100644 --- a/adm/sms_admin/config_update.php +++ b/adm/sms_admin/config_update.php @@ -8,16 +8,15 @@ check_demo(); $g5['title'] = "SMS 기본설정"; +// 회신번호 체크 +if(!check_vaild_callback($cf_phone)) + alert('회신번호가 올바르지 않습니다.'); + $userinfo = get_icode_userinfo($cf_icode_id, $cf_icode_pw); if ($userinfo['code'] == '202') alert('아이코드 아이디와 패스워드가 맞지 않습니다.'); -if ($cf_member == '1') - $cf_member = 1; -else - $cf_member = 0; - $res = sql_fetch("select * from ".$g5['sms5_config_table']." limit 1"); if (!$res) diff --git a/adm/sms_admin/sms_write.php b/adm/sms_admin/sms_write.php index b63d3dd71..1016f1d5e 100644 --- a/adm/sms_admin/sms_write.php +++ b/adm/sms_admin/sms_write.php @@ -114,7 +114,7 @@ if ($config['cf_sms_use'] == 'icode') { // 아이코드 사용
- +
diff --git a/adm/sms_admin/sms_write_send.php b/adm/sms_admin/sms_write_send.php index 1244fee5a..333b58c7c 100644 --- a/adm/sms_admin/sms_write_send.php +++ b/adm/sms_admin/sms_write_send.php @@ -12,6 +12,9 @@ $wr_message = clean_xss_tags(trim($wr_message)); if (!$wr_reply) win_close_alert('회신 번호를 숫자, - 로 입력해주세요.'); +if(!check_vaild_callback($wr_reply)) + win_close_alert('회신 번호를 올바르게 입력해 주십시오.'); + if (!$wr_message) win_close_alert('메세지를 입력해주세요.'); diff --git a/lib/common.lib.php b/lib/common.lib.php index 3ffed010e..dfb55be26 100644 --- a/lib/common.lib.php +++ b/lib/common.lib.php @@ -3136,4 +3136,29 @@ function get_skin_url($dir, $skin) return str_replace(G5_PATH, G5_URL, $skin_path); } + +// 발신번호 유효성 체크 +function check_vaild_callback($callback){ + $_callback = preg_replace('/[^0-9]/','', $callback); + + /** + * 1588 로시작하면 총8자리인데 7자리라 차단 + * 02 로시작하면 총9자리 또는 10자리인데 11자리라차단 + * 1366은 그자체가 원번호이기에 다른게 붙으면 차단 + * 030으로 시작하면 총10자리 또는 11자리인데 9자리라차단 + */ + + if( substr($_callback,0,4) == '1588') if( strlen($_callback) != 8) return false; + if( substr($_callback,0,2) == '02') if( strlen($_callback) != 9 && strlen($_callback) != 10 ) return false; + if( substr($_callback,0,3) == '030') if( strlen($_callback) != 10 && strlen($_callback) != 11 ) return false; + + if( !preg_match("/^(02|0[3-6]\d|01(0|1|3|5|6|7|8|9)|070|080|007)\-?\d{3,4}\-?\d{4,5}$/",$_callback) && + !preg_match("/^(15|16|18)\d{2}\-?\d{4,5}$/",$_callback) ){ + return false; + } else if( preg_match("/^(02|0[3-6]\d|01(0|1|3|5|6|7|8|9)|070|080)\-?0{3,4}\-?\d{4}$/",$_callback )) { + return false; + } else { + return true; + } +} ?> \ No newline at end of file