충돌 수정

2019-01-07 14:36:43 +09:00
parent 8fb76607de e069c00ecd
commit f9d0d693f8
11 changed files with 70 additions and 7 deletions
--- a/adm/admin.lib.php
+++ b/adm/admin.lib.php
@ -379,6 +379,47 @@ function get_sanitize_input($s, $is_html=false){
    return $s;
 }

+function check_log_folder($log_path){
+
+    if( is_writable($log_path) ){
+
+        // 아파치 서버인 경우 웹에서 해당 폴더 접근 막기
+        $htaccess_file = $log_path.'/.htaccess';
+        if ( !file_exists( $htaccess_file ) ) {
+            if ( $handle = @fopen( $htaccess_file, 'w' ) ) {
+                fwrite( $handle, 'Order deny,allow' . "\n" );
+                fwrite( $handle, 'Deny from all' . "\n" );
+                fclose( $handle );
+            }
+        }
+        
+        // 아파치 서버인 경우 해당 디렉토리 파일 목록 안보이게 하기
+        $index_file = $log_path . '/index.php';
+        if ( !file_exists( $index_file ) ) {
+            if ( $handle = @fopen( $index_file, 'w' ) ) {
+                fwrite( $handle, '' );
+                fclose( $handle );
+            }
+        }
+    }
+    
+    // txt 파일과 log 파일을 조회하여 30일이 지난 파일은 삭제합니다.
+    $txt_files = glob($log_path.'/*.txt');
+    $log_files = glob($log_path.'/*.log');
+    
+    $del_files = array_merge($txt_files, $log_files);
+
+    if( $del_files && is_array($del_files) ){
+        foreach ($del_files as $del_file) {
+            $filetime = filemtime($del_file);
+            // 30일이 지난 파일을 삭제
+            if($filetime && $filetime < (G5_SERVER_TIME - 2592000)) {
+                @unlink($del_file);
+            }
+        }
+    }
+}
+
 // POST로 넘어온 토큰과 세션에 저장된 토큰 비교
 function check_admin_token()
 {
--- a/adm/sms_admin/emoticon_move_update.php
+++ b/adm/sms_admin/emoticon_move_update.php
@ -6,6 +6,8 @@ auth_check($auth[$sub_menu], "r");
 if(!count($_POST['chk_fg_no']))
    alert('이모티콘을 이동할 그룹을 한개 이상 선택해 주십시오.', $url);

+$fo_no_list = preg_replace('/[^a-zA-Z0-9\, ]/', '', $fo_no_list);
+
 $sql = "select * from {$g5['sms5_form_table']} where fo_no in ($fo_no_list) order by fo_no desc ";
 $result = sql_query($sql);
 $save = array();
--- a/adm/sms_admin/history_num.php
+++ b/adm/sms_admin/history_num.php
@ -16,6 +16,10 @@ if ($st && trim($sv))
 else
    $sql_search = "";

+if( isset($st) && !in_array($st, array('hs_name', 'hs_hp', 'bk_no')) ){
+    $st = '';
+}
+
 $total_res = sql_fetch("select count(*) as cnt from {$g5['sms5_history_table']} where 1 $sql_search");
 $total_count = $total_res['cnt'];

--- a/adm/sms_admin/history_view.php
+++ b/adm/sms_admin/history_view.php
@ -8,6 +8,10 @@ $colspan = 10;
 $st = isset($st) ? strip_tags($st) : '';
 $ssv = isset($ssv) ? strip_tags($ssv) : '';

+if( $st && !in_array($st, array('hs_name', 'hs_hp', 'bk_no')) ){
+    $st = '';
+}
+
 auth_check($auth[$sub_menu], "r");

 $g5['title'] = "문자전송 상세내역";
--- a/adm/sms_admin/num_book_move.php
+++ b/adm/sms_admin/num_book_move.php
@ -31,8 +31,8 @@ for ($i=0; $row=sql_fetch_array($result); $i++)

    <form name="fboardmoveall" method="post" action="./number_move_update.php" onsubmit="return fboardmoveall_submit(this);">
    <input type="hidden" name="sw" value="<?php echo $sw ?>">
-    <input type="hidden" name="bk_no_list" value="<?php echo $bk_no_list ?>">
-    <input type="hidden" name="act" value="<?php echo $act ?>">
+    <input type="hidden" name="bk_no_list" value="<?php echo get_sanitize_input($bk_no_list); ?>">
+    <input type="hidden" name="act" value="<?php echo get_sanitize_input($act); ?>">
    <input type="hidden" name="url" value="<?php echo clean_xss_tags(strip_tags($_SERVER['HTTP_REFERER'])); ?>">
    <div class=" new_win_con"> 
        <div class="tbl_head01 tbl_wrap">
--- a/adm/sms_admin/number_move_update.php
+++ b/adm/sms_admin/number_move_update.php
@ -6,6 +6,8 @@ auth_check($auth[$sub_menu], "r");
 if(!count($_POST['chk_bg_no']))
    alert('번호를 '.$act.'할 그룹을 한개 이상 선택해 주십시오.', $url);

+$bk_no_list = preg_replace('/[^a-zA-Z0-9\, ]/', '', $bk_no_list);
+
 $sql = "select * from {$g5['sms5_book_table']} where bk_no in ($bk_no_list) order by bk_no desc ";
 $result = sql_query($sql);
 $save = array();
--- a/bbs/move_update.php
+++ b/bbs/move_update.php
@ -125,7 +125,7 @@ while ($row = sql_fetch_array($result))
                        // 제이프로님 코드제안 적용
                        $copy_file_name = ($bo_table !== $move_bo_table) ? $row3['bf_file'] : $row2['wr_id'].'_copy_'.$insert_id.'_'.$row3['bf_file'];
                        @copy($src_dir.'/'.$row3['bf_file'], $dst_dir.'/'.$copy_file_name);
-                        @chmod($dst_dir/$row3['bf_file'], G5_FILE_PERMISSION);
+                        @chmod($dst_dir.'/'.$row3['bf_file'], G5_FILE_PERMISSION);
                    }

                    $sql = " insert into {$g5['board_file_table']}
--- a/config.php
+++ b/config.php
@ -5,7 +5,7 @@
 ********************/

 define('G5_VERSION', '그누보드5');
-define('G5_GNUBOARD_VER', '5.3.2.3');
+define('G5_GNUBOARD_VER', '5.3.2.4');
 define('G5_YOUNGCART_VER', '5.3.2.3');

 // 이 상수가 정의되지 않으면 각각의 개별 페이지는 별도로 실행될 수 없음
--- a/lib/common.lib.php
+++ b/lib/common.lib.php
@ -3504,8 +3504,10 @@ function is_include_path_check($path='', $is_input='')
 {
    if( $path ){
        if ($is_input){
+            // 장태진 @jtjisgod <jtjisgod@gmail.com> 추가
+            // 보안 목적 : rar wrapper 차단

-            if( stripos($path, 'php:') !== false || stripos($path, 'zlib:') !== false || stripos($path, 'bzip2:') !== false || stripos($path, 'zip:') !== false || stripos($path, 'data:') !== false || stripos($path, 'phar:') !== false ){
+            if( stripos($path, 'rar:') !== false || stripos($path, 'php:') !== false || stripos($path, 'zlib:') !== false || stripos($path, 'bzip2:') !== false || stripos($path, 'zip:') !== false || stripos($path, 'data:') !== false || stripos($path, 'phar:') !== false ){
                return false;
            }

--- a/plugin/lgxpay/lgdacom/XPayClient.php
+++ b/plugin/lgxpay/lgdacom/XPayClient.php
@ -143,7 +143,7 @@ class XPayClient
        // log_dir 재설정
        $this->config["log_dir"] = $home_dir."/log";

-		$this->log_file = $this->config["log_dir"] . "/log_" . date("Ymd") . ".log";
+		$this->log_file = $this->config["log_dir"] . "/log_" . date("Ymd") . '_' . substr(md5(mt_rand()), 0, 12) . ".log";
 		// make log directory if does not exist
 		if (!file_exists($this->config["log_dir"])) {
 			mkdir($this->config["log_dir"], "0777", true);
@ -604,6 +604,10 @@ class XPayClient

 	function Log($msg, $level=LGD_LOG_FATAL)
 	{
+        if( !(defined('LGD_LOG_SAVE') && LGD_LOG_SAVE) ){
+            return;
+        }
+
 		if ($level > $this->config["log_level"])
 			return;
 		$err_msg = date("Y-m-d H:i:s")." [".$this->err_label[$level]."] [".$this->TX_ID."] ".$msg."\n";
--- a/plugin/lgxpay/lgdacom/XPayClient4DB.php
+++ b/plugin/lgxpay/lgdacom/XPayClient4DB.php
@ -141,7 +141,7 @@ class XPayClient
 		$array3 = array($mid => $mertkey);
 		$this->config = $array1 + $array2 + $array3;
 		
-		$this->log_file = $this->config["log_dir"] . "/log_" . date("Ymd") . ".log";
+		$this->log_file = $this->config["log_dir"] . "/log_" . date("Ymd") . '_' . substr(md5(mt_rand()), 0, 12) . ".log";
 		// make log directory if does not exist
 		if (!file_exists($this->config["log_dir"])) {
 			mkdir($this->config["log_dir"], "0777", true);
@ -602,6 +602,10 @@ class XPayClient

 	function Log($msg, $level=LGD_LOG_FATAL)
 	{
+        if( !(defined('LGD_LOG_SAVE') && LGD_LOG_SAVE) ){
+            return;
+        }
+
 		if ($level > $this->config["log_level"])
 			return;
 		$err_msg = date("Y-m-d H:i:s")." [".$this->err_label[$level]."] [".$this->TX_ID."] ".$msg."\n";