function apms_sideview($mb_id, $name = '', $email = '', $homepage = '', $level = 'no', $opt = '')
{
global $g5, $config, $bo_table, $sca, $is_admin, $member, $xp;
$name = get_text($name, 0, true);
$email = get_text(base64_encode($email));
$homepage = set_http(get_text(clean_xss_tags($homepage)));
//레벨아이콘
if ($opt) {
$xp_icon = $opt == 'no' || $level == 'no' ? '' : xp_icon($mb_id, $level) . ' ';
} else {
$xp_icon = $xp['xp_now'] || $level == 'no' ? '' : xp_icon($mb_id, $level) . ' ';
}
$tmp_name = '';
if ($mb_id) {
if ($config['cf_use_member_icon']) {
$mb_dir = substr($mb_id, 0, 2);
$icon_file = G5_DATA_PATH . '/member/' . $mb_dir . '/' . $mb_id . '.gif';
if (is_file($icon_file)) {
$width = $config['cf_member_icon_width'];
$height = $config['cf_member_icon_height'];
$icon_file_url = G5_DATA_URL . '/member/' . $mb_dir . '/' . $mb_id . '.gif';
$tmp_name .= '<img src="' . $icon_file_url . '" width="' . $width . '" height="' . $height . '" alt=""> ';
if ($config['cf_use_member_icon'] == 2) {
// 회원아이콘+이름
$tmp_name = '<span class="member">' . $xp_icon . $tmp_name . $name . '</span>';
}
} else {
$tmp_name = '<span class="member">' . $xp_icon . $name . '</span>';
}
} else {
$tmp_name = '<span class="member">' . $xp_icon . $name . '</span>';
}
//$title_mb_id = '['.$mb_id.']';
} else {
$tmp_name = '<span class="guest">' . $xp_icon . $name . '</span>';
if (!$bo_table) {
return $tmp_name;
}
//$title_mb_id = '[비회원]';
}
return "<a href=\"javascript:;\" onClick=\"showSideView(this, '{$mb_id}', '{$name}', '{$email}', '{$homepage}');\">{$tmp_name}</a>";
}
$od_zip = preg_replace('/[^0-9]/', '', $od_zip);
$od_zip1 = substr($od_zip, 0, 3);
$od_zip2 = substr($od_zip, 3);
$od_addr1 = clean_xss_tags($od_addr1);
$od_addr2 = clean_xss_tags($od_addr2);
$od_addr3 = clean_xss_tags($od_addr3);
$od_addr_jibeon = preg_match("/^(N|R)\$/", $od_addr_jibeon) ? $od_addr_jibeon : '';
$od_b_name = clean_xss_tags($od_b_name);
$od_b_tel = clean_xss_tags($od_b_tel);
$od_b_hp = clean_xss_tags($od_b_hp);
$od_b_addr1 = clean_xss_tags($od_b_addr1);
$od_b_addr2 = clean_xss_tags($od_b_addr2);
$od_b_addr3 = clean_xss_tags($od_b_addr3);
$od_b_addr_jibeon = preg_match("/^(N|R)\$/", $od_b_addr_jibeon) ? $od_b_addr_jibeon : '';
$od_memo = clean_xss_tags($od_memo);
$od_deposit_name = clean_xss_tags($od_deposit_name);
$od_tax_flag = $default['de_tax_flag_use'];
// 주문서에 입력
$sql = " insert {$g5['g5_shop_order_table']}\n set od_id = '{$od_id}',\n mb_id = '{$member['mb_id']}',\n od_pwd = '{$od_pwd}',\n od_name = '{$od_name}',\n od_email = '{$od_email}',\n od_tel = '{$od_tel}',\n od_hp = '{$od_hp}',\n od_zip1 = '{$od_zip1}',\n od_zip2 = '{$od_zip2}',\n od_addr1 = '{$od_addr1}',\n od_addr2 = '{$od_addr2}',\n od_addr3 = '{$od_addr3}',\n od_addr_jibeon = '{$od_addr_jibeon}',\n od_b_name = '{$od_b_name}',\n od_b_tel = '{$od_b_tel}',\n od_b_hp = '{$od_b_hp}',\n od_b_zip1 = '{$od_b_zip1}',\n od_b_zip2 = '{$od_b_zip2}',\n od_b_addr1 = '{$od_b_addr1}',\n od_b_addr2 = '{$od_b_addr2}',\n od_b_addr3 = '{$od_b_addr3}',\n od_b_addr_jibeon = '{$od_b_addr_jibeon}',\n od_deposit_name = '{$od_deposit_name}',\n od_memo = '{$od_memo}',\n od_cart_count = '{$cart_count}',\n od_cart_price = '{$tot_ct_price}',\n od_cart_coupon = '{$tot_it_cp_price}',\n od_send_cost = '{$od_send_cost}',\n od_send_coupon = '{$tot_sc_cp_price}',\n od_send_cost2 = '{$od_send_cost2}',\n od_coupon = '{$tot_od_cp_price}',\n od_receipt_price = '{$od_receipt_price}',\n od_receipt_point = '{$od_receipt_point}',\n od_bank_account = '{$od_bank_account}',\n od_receipt_time = '{$od_receipt_time}',\n od_misu = '{$od_misu}',\n od_pg = '{$od_pg}',\n od_tno = '{$od_tno}',\n od_app_no = '{$od_app_no}',\n od_escrow = '{$od_escrow}',\n od_tax_flag = '{$od_tax_flag}',\n od_tax_mny = '{$od_tax_mny}',\n od_vat_mny = '{$od_vat_mny}',\n od_free_mny = '{$od_free_mny}',\n od_status = '{$od_status}',\n od_shop_memo = '',\n od_hope_date = '{$od_hope_date}',\n od_time = '" . G5_TIME_YMDHIS . "',\n od_ip = '{$REMOTE_ADDR}',\n od_settle_case = '{$od_settle_case}'\n ";
$result = sql_query($sql, false);
// 주문정보 입력 오류시 결제 취소
if (!$result) {
if ($tno) {
$cancel_msg = '주문정보 입력 오류';
switch ($od_pg) {
case 'lg':
include G5_SHOP_PATH . '/lg/xpay_cancel.php';
break;
case 'inicis':
include G5_SHOP_PATH . '/inicis/inipay_cancel.php';
break;
}
// "인터넷옵션 > 보안 > 사용자정의수준 > 스크립팅 > Action 스크립팅 > 사용 안 함" 일 경우의 오류 처리
// 이 옵션을 사용 안 함으로 설정할 경우 어떤 스크립트도 실행 되지 않습니다.
//if (!trim($_POST["wr_content"])) die ("내용을 입력하여 주십시오.");
$is_new = true;
$is_ajax = true;
$is_response = true;
@(include_once $board_skin_path . '/write_comment_update.head.skin.php');
if ($is_member) {
$mb_id = $member['mb_id'];
// 4.00.13 - 실명 사용일때 댓글에 닉네임으로 입력되던 오류를 수정
$wr_name = addslashes(clean_xss_tags($board['bo_use_name'] ? $member['mb_name'] : $member['mb_nick']));
$wr_password = $member['mb_password'];
if ($member['mb_open']) {
$wr_email = addslashes($member['mb_email']);
$wr_homepage = addslashes(clean_xss_tags($member['mb_homepage']));
} else {
$wr_email = '';
$wr_homepage = '';
}
$as_level = (int) $member['as_level'];
} else {
$mb_id = '';
$wr_password = get_encrypt_string($wr_password);
$as_level = 1;
}
if ($w == 'c') {
/*
if ($member[mb_point] + $board[bo_comment_point] < 0 && !$is_admin)
alert('보유하신 포인트('.number_format($member[mb_point]).')가 없거나 모자라서 댓글쓰기('.number_format($board[bo_comment_point]).')가 불가합니다.\\n\\n포인트를 적립하신 후 다시 댓글을 써 주십시오.');
*/
if (!$member['mb_open'] && $is_admin != 'super' && $member['mb_id'] != $mb_id) {
alert_close('자신의 정보를 공개하지 않으면 다른분의 정보를 조회할 수 없습니다.\\n\\n정보공개 설정은 회원정보수정에서 하실 수 있습니다.');
}
$mb = apms_member($mb_id);
if (!$mb['mb_id']) {
alert_close('회원정보가 존재하지 않습니다.\\n\\n탈퇴하였을 수 있습니다.');
}
if (!$mb['mb_open'] && $is_admin != 'super' && $member['mb_id'] != $mb_id) {
alert_close('정보공개를 하지 않았습니다.');
}
$mb_nick = apms_sideview($mb['mb_id'], get_text($mb['mb_nick']), $mb['mb_email'], $mb['mb_homepage'], $mb['as_level']);
// 회원가입후 몇일째인지? + 1 은 당일을 포함한다는 뜻
$sql = " select (TO_DAYS('" . G5_TIME_YMDHIS . "') - TO_DAYS('{$mb['mb_datetime']}') + 1) as days ";
$row = sql_fetch($sql);
$mb_reg_after = $row['days'];
$mb_homepage = set_http(get_text(clean_xss_tags($mb['mb_homepage'])));
$mb_profile = $mb['mb_profile'] ? conv_content($mb['mb_profile'], 0) : '';
$mb_signature = $mb['mb_signature'] ? apms_content(conv_content($mb['mb_signature'], 1)) : '';
// Page ID
$pid = $pid ? $pid : '';
$at = apms_page_thema($pid);
if (!defined('THEMA_PATH')) {
include_once G5_LIB_PATH . '/apms.thema.lib.php';
}
$g5['title'] = get_text($mb['mb_nick']) . '님의 자기소개';
include_once G5_PATH . '/head.sub.php';
if (!USE_G5_THEME) {
@(include_once THEMA_PATH . '/head.sub.php');
}
$skin_path = $member_skin_path;
$skin_url = $member_skin_url;
define('G5_HTTP_BBS_URL', https_url(G5_BBS_DIR, false));
define('G5_HTTPS_BBS_URL', https_url(G5_BBS_DIR, true));
if ($config['cf_editor']) {
define('G5_EDITOR_LIB', G5_EDITOR_PATH . "/{$config['cf_editor']}/editor.lib.php");
} else {
define('G5_EDITOR_LIB', G5_LIB_PATH . "/editor.lib.php");
}
// 4.00.03 : [보안관련] PHPSESSID 가 틀리면 로그아웃한다.
if (isset($_REQUEST['PHPSESSID']) && $_REQUEST['PHPSESSID'] != session_id()) {
echo '<script>console.log("common2:' . $_SESSION["ss_mb_id"] . ' ");</script>';
goto_url(G5_BBS_URL . '/logout.php');
}
// QUERY_STRING
$qstr = '';
if (isset($_REQUEST['sca'])) {
$sca = clean_xss_tags(trim($_REQUEST['sca']));
if ($sca) {
$sca = preg_replace("/[\\<\\>\\'\"\\\\'\\\"\\%\\=\\(\\)\\s]/", "", $sca);
$qstr .= '&sca=' . urlencode($sca);
}
} else {
$sca = '';
}
if (isset($_REQUEST['sfl'])) {
$sfl = trim($_REQUEST['sfl']);
$sfl = preg_replace("/[\\<\\>\\'\"\\\\'\\\"\\%\\=\\(\\)\\s]/", "", $sfl);
if ($sfl) {
$qstr .= '&sfl=' . urlencode($sfl);
}
// search field (검색 필드)
} else {
?>
">
<input type="hidden" name="sod" value="<?php
echo $sod;
?>
">
<input type="hidden" name="page" value="<?php
echo $page;
?>
">
<input type="hidden" name="act" value="<?php
echo $act;
?>
">
<input type="hidden" name="url" value="<?php
echo get_text(clean_xss_tags($_SERVER['HTTP_REFERER']));
?>
">
<div class="tbl_head01 tbl_wrap">
<table>
<caption><?php
echo $act;
?>
할 게시판을 한개 이상 선택하여 주십시오.</caption>
<thead>
<tr>
<th scope="col">
<label for="chkall" class="sound_only">현재 페이지 게시판 전체</label>
<input type="checkbox" id="chkall" onclick="if (this.checked) all_checked(true); else all_checked(false);">
</th>
function clean_query_string($query, $amp = true)
{
$qstr = trim($query);
parse_str($qstr, $out);
if (is_array($out)) {
$q = array();
foreach ($out as $key => $val) {
$key = strip_tags(trim($key));
$val = trim($val);
switch ($key) {
case 'wr_id':
$val = (int) preg_replace('/[^0-9]/', '', $val);
$q[$key] = $val;
break;
case 'sca':
$val = clean_xss_tags($val);
$q[$key] = $val;
break;
case 'sfl':
$val = preg_replace("/[\\<\\>\\'\"\\\\'\\\"\\%\\=\\(\\)\\s]/", "", $val);
$q[$key] = $val;
break;
case 'stx':
$val = get_search_string($val);
$q[$key] = $val;
break;
case 'sst':
$val = preg_replace("/[\\<\\>\\'\"\\\\'\\\"\\%\\=\\(\\)\\s]/", "", $val);
$q[$key] = $val;
break;
case 'sod':
$val = preg_match("/^(asc|desc)\$/i", $val) ? $val : '';
$q[$key] = $val;
break;
case 'sop':
$val = preg_match("/^(or|and)\$/i", $val) ? $val : '';
$q[$key] = $val;
break;
case 'spt':
$val = (int) preg_replace('/[^0-9]/', '', $val);
$q[$key] = $val;
break;
case 'page':
$val = (int) preg_replace('/[^0-9]/', '', $val);
$q[$key] = $val;
break;
case 'w':
$val = substr($val, 0, 2);
$q[$key] = $val;
break;
case 'bo_table':
$val = preg_replace('/[^a-z0-9_]/i', '', $val);
$val = substr($val, 0, 20);
$q[$key] = $val;
break;
case 'gr_id':
$val = preg_replace('/[^a-z0-9_]/i', '', $val);
$q[$key] = $val;
break;
default:
$val = clean_xss_tags($val);
$q[$key] = $val;
break;
}
}
if ($amp) {
$sep = '&';
} else {
$sep = '&';
}
$str = http_build_query($q, '', $sep);
} else {
$str = clean_xss_tags($qstr);
}
return $str;
}
// 한글이 아닙니다. (자음, 모음만 있는 한글은 처리하지 않습니다.)
// 한글이 아닙니다.
// 한글, 영문, 숫자가 아닙니다.
// 한글, 영문이 아닙니다.
// 숫자가 아닙니다.
// 영문이 아닙니다.
// 영문 또는 숫자가 아닙니다.
// 영문, 숫자, _ 가 아닙니다.
// 최소 글자 이상 입력하세요.
// 이미지 파일이 아닙니다..gif .jpg .png 파일만 가능합니다.
// 파일만 가능합니다.
// 공백이 없어야 합니다.
$msg2 = str_replace("\\n", "<br>", $msg);
$url = clean_xss_tags($url);
if (!$url) {
$url = clean_xss_tags($_SERVER['HTTP_REFERER']);
}
// url 체크
check_url_host($url);
if ($error) {
$header2 = "다음 항목에 오류가 있습니다.";
} else {
$header2 = "다음 내용을 확인해 주세요.";
}
?>
<script>
alert("<?php
echo strip_tags($msg);
?>
");
if ($msg = exist_mb_nick($mb_nick, $mb_id)) {
alert($msg, "", true, true);
}
if ($msg = exist_mb_email($mb_email, $mb_id)) {
alert($msg, "", true, true);
}
}
$mb_name = clean_xss_tags($mb_name);
$mb_email = get_email_address($mb_email);
$mb_homepage = clean_xss_tags($mb_homepage);
$mb_tel = clean_xss_tags($mb_tel);
$mb_zip1 = preg_replace('/[^0-9]/', '', $mb_zip1);
$mb_zip2 = preg_replace('/[^0-9]/', '', $mb_zip2);
$mb_addr1 = clean_xss_tags($mb_addr1);
$mb_addr2 = clean_xss_tags($mb_addr2);
$mb_addr3 = clean_xss_tags($mb_addr3);
$mb_addr_jibeon = preg_match("/^(N|R)\$/", $mb_addr_jibeon) ? $mb_addr_jibeon : '';
// 사용자 코드 실행
@(include_once $member_skin_path . '/register_form_update.head.skin.php');
//===============================================================
// 본인확인
//---------------------------------------------------------------
$mb_hp = hyphen_hp_number($mb_hp);
if ($config['cf_cert_use'] && $_SESSION['ss_cert_type'] && $_SESSION['ss_cert_dupinfo']) {
// 중복체크
$sql = " select mb_id from {$g5['member_table']} where mb_id <> '{$member['mb_id']}' and mb_dupinfo = '{$_SESSION['ss_cert_dupinfo']}' ";
$row = sql_fetch($sql);
if ($row['mb_id']) {
alert("입력하신 본인확인 정보로 가입된 내역이 존재합니다.\\n회원아이디 : " . $row['mb_id']);
}
}
<?php
include_once './_common.php';
if (!$is_member) {
goto_url(G5_BBS_URL . "/login.php?url=" . urlencode(G5_BBS_URL . "/mypage.php"));
}
$mb_homepage = set_http(clean_xss_tags($member['mb_homepage']));
$mb_profile = $member['mb_profile'] ? conv_content($member['mb_profile'], 0) : '';
$mb_signature = $member['mb_signature'] ? apms_content(conv_content($member['mb_signature'], 1)) : '';
// Page ID
$pid = $pid ? $pid : 'mypage';
$at = apms_page_thema($pid);
if (!defined('THEMA_PATH')) {
include_once G5_LIB_PATH . '/apms.thema.lib.php';
}
$g5['title'] = $member['mb_name'] . '님 마이페이지';
include_once './_head.php';
$skin_path = $member_skin_path;
$skin_url = $member_skin_url;
// 스킨설정
$wset = G5_IS_MOBILE ? apms_skin_set('member_mobile') : apms_skin_set('member');
$setup_href = '';
if (is_file($skin_path . '/setup.skin.php') && ($is_demo || $is_admin == 'super')) {
$setup_href = './skin.setup.php?skin=member';
}
include_once $skin_path . '/mypage.skin.php';
include_once './_tail.php';
function display_surveys($su_id = null, $skin_dir = 'basic')
{
global $g5, $member, $is_admin;
$su_id = clean_xss_tags($su_id);
if (preg_match('#^theme/(.+)$#', $skin_dir, $match)) {
if (G5_IS_MOBILE) {
$surveys_skin_path = G5_THEME_MOBILE_PATH . '/' . G5_SKIN_DIR . '/surveys/' . $match[1];
if (!is_dir($surveys_skin_path)) {
$surveys_skin_path = G5_THEME_PATH . '/' . G5_SKIN_DIR . '/surveys/' . $match[1];
}
$surveys_skin_url = str_replace(G5_PATH, G5_URL, $surveys_skin_path);
} else {
$surveys_skin_path = G5_THEME_PATH . '/' . G5_SKIN_DIR . '/surveys/' . $match[1];
$surveys_skin_url = str_replace(G5_PATH, G5_URL, $surveys_skin_path);
}
$skin_dir = $match[1];
} else {
if (G5_IS_MOBILE) {
$surveys_skin_path = G5_MOBILE_PATH . '/' . G5_SKIN_DIR . '/surveys/' . $skin_dir;
$surveys_skin_url = G5_MOBILE_URL . '/' . G5_SKIN_DIR . '/surveys/' . $skin_dir;
} else {
$surveys_skin_path = G5_SKIN_PATH . '/surveys/' . $skin_dir;
$surveys_skin_url = G5_SKIN_URL . '/surveys/' . $skin_dir;
}
}
$conditions = array(" su_removed = 0 ");
if (!is_null($su_id)) {
$conditions[] = whereClause('su_id', $su_id);
} else {
if (!$is_admin) {
// 관리자는 기간설정이 없음
$conditions[] = 'su_begin_time <= "' . date('Y-m-d H:i:s') . '"';
$conditions[] = 'su_end_time >= "' . date('Y-m-d H:i:s') . '"';
}
}
$condition = count($conditions) ? ' where ' . implode(' and ', $conditions) : '';
$sql = "select * from {$g5['surveys_m_table']} " . $condition . ' order by su_id desc';
$surveys = sql_fetch($sql);
// 회원레벨설정
$surveys_level = explode(',', $surveys['su_level']);
if ($surveys != false && !in_array($member['mb_level'], $surveys_level)) {
$message = '설문조사 권한이 없습니다.';
}
if ($surveys['su_multiple'] == 'Y') {
if ($member) {
$sql = "select suq_id from {$g5['surveys_r_table']} where su_id = '{$surveys['su_id']}' and mb_id = '{$member['mb_id']}' group by mb_id ";
} else {
$sql = "select suq_id from {$g5['surveys_r_table']} where su_id = '{$surveys['su_id']}' and sur_ip = '{$_SERVER['REMOTE_ADDR']}' group by sur_ip ";
}
$has_result = sql_fetch($sql);
if ($has_result['suq_id']) {
$message = '이미 설문조사에 참여하셨습니다. 현재 설문조사는 한번만 참여가 가능합니다.';
}
}
if ($surveys) {
$categories = array();
$sql = "select * from {$g5['surveys_c_table']} where su_id = '{$surveys['su_id']}'";
$result = sql_query($sql);
while ($row = sql_fetch_array($result)) {
$categories[$row['suc_id']] = $row;
}
$group_surveys_items = array();
$rows = array();
$sql = "select * from {$g5['surveys_q_table']} q left join {$g5['surveys_c_table']} c on q.suq_category = c.suc_id where q.su_id = '{$surveys['su_id']}' order by suq_sort asc ";
$result = sql_query($sql);
while ($row = sql_fetch_array($result)) {
$rows[] = $row;
$group_surveys_items[$row['suc_id']][] = $row;
}
}
ob_start();
include_once $surveys_skin_path . '/surveys.skin.php';
$content = ob_get_contents();
ob_end_clean();
return $content;
}
include_once G5_LIB_PATH . '/apms.thema.lib.php';
}
// 본인인증, 성인인증체크
$is_cert = false;
if (!$is_admin) {
$is_cert = shop_member_cert_check($it_id, 'item');
if ($is_cert) {
alert($is_cert, G5_SHOP_URL);
}
}
// 등록자 정보
$author_id = $it['pt_id'] ? $it['pt_id'] : $config['cf_admin'];
$author = apms_member($author_id);
$author_photo = $author['photo'];
if ($author['mb_open']) {
$author['homepage'] = set_http(clean_xss_tags($author['mb_homepage']));
$author['email'] = $author['mb_email'];
} else {
$author['email'] = $author['mb_email'] = '';
$author['homepage'] = $author['mb_homepage'] = '';
}
$author['profile'] = $author['mb_profile'] ? conv_content($author['mb_profile'], 0) : '';
$author['signature'] = $author['mb_signature'] ? apms_content(conv_content($author['mb_signature'], 1)) : '';
// 오늘 본 상품 저장 시작
// tv 는 today view 약자
$saved = false;
$tv_idx = (int) get_session("ss_tv_idx");
if ($tv_idx > 0) {
for ($i = 1; $i <= $tv_idx; $i++) {
if (get_session("ss_tv[{$i}]") == $it_id) {
$saved = true;
function eb_nameview($skin_dir, $mb_id, $name = '', $email = '', $homepage = '')
{
global $config;
global $g5;
global $bo_table, $sca, $is_admin, $member, $tpl_name, $tpl, $eyoomer;
// 익명일 경우, 네임뷰
if ($mb_id == 'anonymous') {
$is_anonymous = true;
$head['name'] = get_text($name);
} else {
$following = $eyoomer['following'];
if (!$following) {
$following = array();
}
if (in_array($mb_id, $following)) {
$follow = true;
}
$email = base64_encode($email);
$homepage = set_http(clean_xss_tags($homepage));
$name = preg_replace("/\\'/", "", $name);
$name = preg_replace("/\\'/", "", $name);
$name = preg_replace("/\"/", """, $name);
$name = get_text(cut_str($name, $config['cf_cut_name']));
$title_name = $name;
$tmp_name = "";
if ($mb_id) {
$head['link'] = G5_BBS_URL . '/profile.php?mb_id=' . $mb_id;
if ($config['cf_use_member_icon']) {
$mb_dir = substr($mb_id, 0, 2);
$icon_file = G5_DATA_PATH . '/member/' . $mb_dir . '/' . $mb_id . '.gif';
if (file_exists($icon_file)) {
$width = $config['cf_member_icon_width'];
$height = $config['cf_member_icon_height'];
$icon_file_url = G5_DATA_URL . '/member/' . $mb_dir . '/' . $mb_id . '.gif';
$tmp_name .= '<img src="' . $icon_file_url . '" width="' . $width . '" height="' . $height . '" alt="">';
if ($config['cf_use_member_icon'] == 2) {
// 회원아이콘+이름
$tmp_name = $tmp_name . ' ' . $name;
}
} else {
$tmp_name = $tmp_name . " " . $name;
}
} else {
$tmp_name = $tmp_name . ' ' . $name;
}
$head['name'] = $tmp_name;
$head['title'] = '[' . $mb_id . ']';
} else {
if (!$bo_table) {
return $name;
}
$head['link'] = G5_BBS_URL . '/board.php?bo_table=' . $bo_table . '&sca=' . $sca . '&sfl=wr_name,1&stx=' . $name;
$head['name'] = $name;
$head['title'] = '[비회원]';
}
$name = get_text($name);
$email = get_text($email);
$homepage = get_text($homepage);
if ($mb_id) {
$link['memo'] = G5_BBS_URL . "/memo_form.php?me_recv_mb_id=" . $mb_id;
$link['profile'] = G5_BBS_URL . "/profile.php?mb_id=" . $mb_id;
$link['article'] = G5_BBS_URL . "/new.php?mb_id=" . $mb_id;
$link['userpage'] = G5_URL . "/?" . $mb_id;
}
if ($email) {
$link['email'] = G5_BBS_URL . "/formmail.php?mb_id=" . $mb_id . "&name=" . urlencode($name) . "&email=" . $email;
}
if ($homepage) {
$link['home'] = $homepage;
}
if ($bo_table) {
if ($mb_id) {
$link['sid'] = G5_BBS_URL . "/board.php?bo_table=" . $bo_table . "&sca=" . $sca . "&sfl=mb_id,1&stx=" . $mb_id;
} else {
$link['sname'] = G5_BBS_URL . "/board.php?bo_table=" . $bo_table . "&sca=" . $sca . "&sfl=wr_name,1&stx=" . $name;
}
}
if ($g5['sms5_use_sideview']) {
$mb = get_member($mb_id, " mb_open, mb_sms , mb_hp ");
if ($mb['mb_open'] && $mb['mb_sms'] && $mb['mb_hp']) {
$link['sms'] = G5_SMS5_URL . "/?mb_id=" . $mb_id;
}
}
if ($is_admin == "super" && $mb_id) {
$link['info'] = G5_ADMIN_URL . "/member_form.php?w=u&mb_id=" . $mb_id;
$link['point'] = G5_ADMIN_URL . "/point_list.php?sfl=mb_id&stx=" . $mb_id;
}
}
$tpl->define(array('pc' => 'skin_pc/nameview/' . $skin_dir . '/nameview.skin.html', 'mo' => 'skin_mo/nameview/' . $skin_dir . '/nameview.skin.html', 'bs' => 'skin_bs/nameview/' . $skin_dir . '/nameview.skin.html'));
$tpl->assign(array("head" => $head, "link" => $link, "mb_id" => $mb_id, "email" => $email, "home" => $homepage, "bo_table" => $bo_table, "g5" => $g5, "is_admin" => $is_admin, "follow" => $follow, "is_anonymous" => $is_anonymous));
$tpl->print_($tpl_name);
}
} else {
$wr_email = addslashes($wr['wr_email']);
}
if (isset($_POST['wr_homepage']) && $_POST['wr_homepage']) {
$wr_homepage = addslashes(clean_xss_tags($_POST['wr_homepage']));
} else {
$wr_homepage = addslashes(clean_xss_tags($wr['wr_homepage']));
}
}
} else {
$mb_id = "";
// 비회원의 경우 이름이 누락되는 경우가 있음
if (!trim($wr_name)) {
alert("이름은 필히 입력하셔야 합니다.");
}
$wr_name = clean_xss_tags(trim($_POST['wr_name']));
$wr_email = get_email_address(trim($_POST['wr_email']));
}
$sql_password = $wr_password ? " , wr_password = '******' " : "";
$sql_ip = '';
if (!$is_admin) {
$sql_ip = " , wr_ip = '{$_SERVER['REMOTE_ADDR']}' ";
}
$sql = " update {$write_table}\n set ca_name = '{$ca_name}',\n wr_option = '{$html},{$secret},{$mail}',\n wr_subject = '{$wr_subject}',\n wr_content = '{$wr_content}',\n wr_link1 = '{$wr_link1}',\n wr_link2 = '{$wr_link2}',\n mb_id = '{$mb_id}',\n wr_name = '{$wr_name}',\n wr_email = '{$wr_email}',\n wr_homepage = '{$wr_homepage}',\n wr_1 = '{$wr_1}',\n wr_2 = '{$wr_2}',\n wr_3 = '{$wr_3}',\n wr_4 = '{$wr_4}',\n wr_5 = '{$wr_5}',\n wr_6 = '{$wr_6}',\n wr_7 = '{$wr_7}',\n wr_8 = '{$wr_8}',\n wr_9 = '{$wr_9}',\n wr_10= '{$wr_10}'\n {$sql_ip}\n {$sql_password}\n where wr_id = '{$wr['wr_id']}' ";
sql_query($sql);
// 분류가 수정되는 경우 해당되는 코멘트의 분류명도 모두 수정함
// 코멘트의 분류를 수정하지 않으면 검색이 제대로 되지 않음
$sql = " update {$write_table} set ca_name = '{$ca_name}' where wr_parent = '{$wr['wr_id']}' ";
sql_query($sql);
/*
if ($notice) {
exit;
}
// 개별 페이지 접근 불가
// 컴퓨터의 아이피와 쿠키에 저장된 아이피가 다르다면 테이블에 반영함
if (get_cookie('ck_visit_ip') != $_SERVER['REMOTE_ADDR']) {
set_cookie('ck_visit_ip', $_SERVER['REMOTE_ADDR'], 86400);
// 하루동안 저장
$tmp_row = sql_fetch(" select max(vi_id) as max_vi_id from {$g5['visit_table']} ");
$vi_id = $tmp_row['max_vi_id'] + 1;
// $_SERVER 배열변수 값의 변조를 이용한 SQL Injection 공격을 막는 코드입니다. 110810
$remote_addr = escape_trim($_SERVER['REMOTE_ADDR']);
$referer = "";
if (isset($_SERVER['HTTP_REFERER'])) {
$referer = escape_trim(clean_xss_tags($_SERVER['HTTP_REFERER']));
}
$user_agent = escape_trim(clean_xss_tags($_SERVER['HTTP_USER_AGENT']));
$sql = " insert {$g5['visit_table']} ( vi_id, vi_ip, vi_date, vi_time, vi_referer, vi_agent ) values ( '{$vi_id}', '{$remote_addr}', '" . G5_TIME_YMD . "', '" . G5_TIME_HIS . "', '{$referer}', '{$user_agent}' ) ";
$result = sql_query($sql, FALSE);
// 정상으로 INSERT 되었다면 방문자 합계에 반영
if ($result) {
$sql = " insert {$g5['visit_sum_table']} ( vs_count, vs_date) values ( 1, '" . G5_TIME_YMD . "' ) ";
$result = sql_query($sql, FALSE);
// DUPLICATE 오류가 발생한다면 이미 날짜별 행이 생성되었으므로 UPDATE 실행
if (!$result) {
$sql = " update {$g5['visit_sum_table']} set vs_count = vs_count + 1 where vs_date = '" . G5_TIME_YMD . "' ";
$result = sql_query($sql);
}
// INSERT, UPDATE 된건이 있다면 기본환경설정 테이블에 저장
// 방문객 접속시마다 따로 쿼리를 하지 않기 위함 (엄청난 쿼리를 줄임 ^^)
// 오늘
$sql = " select vs_count as cnt from {$g5['visit_sum_table']} where vs_date = '" . G5_TIME_YMD . "' ";
<?php
$sub_menu = "900300";
include_once "./_common.php";
auth_check($auth[$sub_menu], "w");
$g5['title'] = "문자전송중";
$wr_reply = preg_replace('#[^0-9\\-]#', '', trim($wr_reply));
$wr_message = clean_xss_tags(trim($wr_message));
if (!$wr_reply) {
win_close_alert('회신 번호를 숫자, - 로 입력해주세요.');
}
if (!$wr_message) {
win_close_alert('메세지를 입력해주세요.');
}
if (!trim($send_list)) {
win_close_alert('문자 메세지를 받을 휴대폰번호를 입력해주세요.');
}
$list = array();
$hps = array();
$send_list = explode('/', $send_list);
$wr_overlap = 1;
// 중복번호를 체크함
$overlap = 0;
$duplicate_data = array();
$duplicate_data['hp'] = array();
$str_serialize = "";
while ($row = array_shift($send_list)) {
$item = explode(',', $row);
for ($i = 1, $max = count($item); $i < $max; $i++) {
if (!trim($item[$i])) {
continue;
<?php
include_once './_common.php';
include_once G5_CAPTCHA_PATH . '/captcha.lib.php';
$g5['title'] = '메일인증 메일주소 변경';
include_once './_head.php';
$mb_id = substr(clean_xss_tags($_GET['mb_id']), 0, 20);
$sql = " select mb_email, mb_datetime, mb_email_certify from {$g5['member_table']} where mb_id = '{$mb_id}' ";
$mb = sql_fetch($sql);
if (substr($mb['mb_email_certify'], 0, 1) != 0) {
alert("이미 메일인증 하신 회원입니다.", G5_URL);
}
?>
<p class="rg_em_p">메일인증을 받지 못한 경우 회원정보의 메일주소를 변경 할 수 있습니다.</p>
<form method="post" name="fregister_email" action="<?php
echo G5_HTTPS_BBS_URL . '/register_email_update.php';
?>
" onsubmit="return fregister_email_submit(this);">
<input type="hidden" name="mb_id" value="<?php
echo $mb_id;
?>
">
<div class="tbl_frm01 tbl_frm rg_em">
<table>
<caption>사이트 이용정보 입력</caption>
<tr>
<th scope="row"><label for="reg_mb_email">E-mail<strong class="sound_only">필수</strong></label></th>
<td><input type="text" name="mb_email" id="reg_mb_email" required class="frm_input email required" size="30" maxlength="100" value="<?php
$begin_time = get_microtime();
if (!isset($g5['title'])) {
$g5['title'] = $config['cf_title'];
$g5_head_title = $g5['title'];
} else {
$g5_head_title = $g5['title'];
// 상태바에 표시될 제목
$g5_head_title .= " | " . $config['cf_title'];
}
// 현재 접속자
// 게시판 제목에 ' 포함되면 오류 발생
$g5['lo_location'] = addslashes($g5['title']);
if (!$g5['lo_location']) {
$g5['lo_location'] = addslashes(clean_xss_tags($_SERVER['REQUEST_URI']));
}
$g5['lo_url'] = addslashes(clean_xss_tags($_SERVER['REQUEST_URI']));
if (strstr($g5['lo_url'], '/' . G5_ADMIN_DIR . '/') || $is_admin == 'super') {
$g5['lo_url'] = '';
}
/*
// 만료된 페이지로 사용하시는 경우
header("Cache-Control: no-cache"); // HTTP/1.1
header("Expires: 0"); // rfc2616 - Section 14.21
header("Pragma: no-cache"); // HTTP/1.0
*/
?>
<!doctype html>
<html lang="ko">
<head>
<meta charset="utf-8">
<link rel="shortcut icon" type="image/x-icon" href="<?php
include_once "./_common.php";
$g5['title'] = "문자전송중";
if (!($token && get_session("ss_token") == $token)) {
die("올바른 방법으로 사용해 주십시오.");
}
if (!$sms5['cf_member']) {
die("문자전송이 허용되지 않았습니다. 사이트 관리자에게 문의하여 주십시오.");
}
if (!$is_member) {
die("로그인 해주세요.");
}
if ($member['mb_level'] < $sms5['cf_level']) {
alert("회원 {$sms5['cf_level']}레벨 이상만 문자전송이 가능합니다.");
}
$mh_reply = preg_replace('#[^0-9\\-]#', '', trim($mh_reply));
$mh_message = clean_xss_tags(trim($mh_message));
if (!$mh_reply) {
alert('보내는 번호를 입력해주세요.');
}
if (!$mh_message) {
alert('메세지를 입력해주세요.');
}
if ($is_admin != 'super') {
$mh_reply = get_hp($mh_reply, 0);
if (!$mh_reply) {
alert("보내는 번호가 올바르지 않습니다.");
}
} else {
$mh_reply = str_replace("-", "", $mh_reply);
if (!check_string($mh_reply, G5_NUMERIC)) {
alert("보내는 번호가 올바르지 않습니다.");
<?php
include_once './_common.php';
if ($is_guest) {
alert('로그인 한 회원만 접근하실 수 있습니다.', G5_BBS_URL . '/login.php');
}
/*
if ($url)
$urlencode = urlencode($url);
else
$urlencode = urlencode($_SERVER[REQUEST_URI]);
*/
// Page ID
$pid = 'confirm';
$at = apms_page_thema($pid);
if (!defined('THEMA_PATH')) {
include_once G5_LIB_PATH . '/apms.thema.lib.php';
}
$g5['title'] = '회원 비밀번호 확인';
include_once './_head.php';
$skin_path = $member_skin_path;
$skin_url = $member_skin_url;
$url = clean_xss_tags($_GET['url']);
// url 체크
check_url_host($url);
include_once $skin_path . '/member_confirm.skin.php';
include_once './_tail.php';
<?php
include_once './_common.php';
include_once G5_PATH . '/head.sub.php';
$url1 = clean_xss_tags($url1);
$url2 = clean_xss_tags($url2);
$url3 = clean_xss_tags($url3);
// url 체크
check_url_host($url1);
check_url_host($url2);
check_url_host($url3);
?>
<script>
var conf = "<?php
echo strip_tags($msg);
?>
";
if (confirm(conf)) {
document.location.replace("<?php
echo $url1;
?>
");
} else {
document.location.replace("<?php
echo $url2;
?>
");
}
</script>
