public function kboard_document_delete($content_uid, $board_id) { $content = new KBContent(); $content->initWithUID($content_uid); if ($content->member_uid) { $this->core->add_creds('kboard_document_delete', $content->member_uid, $this->prefs['delete']['creds'], $this->prefs['delete']['log'], 0, '', $this->mycred_type); } }
function kboard_share_footer() { $uid = intval($_GET['uid']); $content = new KBContent(); $content->initWithUID($uid); echo '<script>' . "\n"; echo 'var snsTitle = "' . $content->title . '";' . "\n"; echo 'var snsSummary = "' . addslashes(mb_strcut(strip_tags(str_replace(array("\r", "\n"), '', $content->content)), 0, 100, 'utf8')) . '";' . "\n"; echo 'var snsUrl = location.href;' . "\n"; echo 'var facebookImageUrl = "' . ($content->thumbnail_file ? get_site_url() . $content->thumbnail_file : '') . '";' . "\n"; echo '</script>' . "\n"; }
/** * 댓글 입력 */ public function insert() { $referer = isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : ''; $host = isset($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : ''; header("Content-Type: text/html; charset=UTF-8"); if (!stristr($referer, $host)) { wp_die('KBoard : ' . __('This page is restricted from external access.', 'kboard-comments')); } $content = isset($_POST['content']) ? $_POST['content'] : ''; $comment_content = isset($_POST['comment_content']) ? $_POST['comment_content'] : ''; $member_display = isset($_POST['member_display']) ? $_POST['member_display'] : ''; $password = isset($_POST['password']) ? $_POST['password'] : ''; $captcha_text = isset($_POST['captcha']) ? $_POST['captcha'] : ''; if (!class_exists('KBCaptcha')) { include_once KBOARD_DIR_PATH . '/class/KBCaptcha.class.php'; } $captcha = new KBCaptcha(); $content = $content ? $content : $comment_content; $content_uid = isset($_POST['content_uid']) ? intval($_POST['content_uid']) : ''; $parent_uid = isset($_POST['parent_uid']) ? intval($_POST['parent_uid']) : ''; $member_uid = isset($_POST['member_uid']) ? intval($_POST['member_uid']) : ''; if (!is_user_logged_in() && !$member_display) { die("<script>alert('" . __('Please enter a author.', 'kboard-comments') . "');history.go(-1);</script>"); } else { if (!is_user_logged_in() && !$password) { die("<script>alert('" . __('Please enter a password.', 'kboard-comments') . "');history.go(-1);</script>"); } else { if (!$captcha->textCheck($captcha_text)) { die("<script>alert('" . __('The CAPTCHA code is not valid. Please enter the CAPTCHA code.', 'kboard-comments') . "');history.go(-1);</script>"); } else { if (!$content_uid) { die("<script>alert('" . __('No document UID.', 'kboard-comments') . "');history.go(-1);</script>"); } else { if (!$content) { die("<script>alert('" . __('Type the content of the comment.', 'kboard-comments') . "');history.go(-1);</script>"); } } } } } $document = new KBContent(); $document->initWithUID($content_uid); $setting = new KBoardMeta($document->board_id); if (!is_user_logged_in() && $setting->permission_comment_write == '1') { die('<script>alert("' . __('You do not have permission.', 'kboard-comments') . '");history.go(-1);</script>'); } $commentList = new KBCommentList($content_uid); $commentList->add($parent_uid, $member_uid, $member_display, $content, $password); header("Location:{$referer}"); exit; }
public function editorExecute() { global $user_ID; if (isset($_POST['kboard-editor-execute-nonce']) && wp_verify_nonce($_POST['kboard-editor-execute-nonce'], 'kboard-editor-execute')) { header("Content-Type: text/html; charset=UTF-8"); $uid = intval($_POST['uid']); $board_id = intval($_POST['board_id']); $board = new KBoard($board_id); if (!$board->uid) { die('<script>alert("' . __('You do not have permission.', 'kboard') . '");history.go(-1);</script>'); } if ($board->isWriter() && $board->permission_write == 'all' && $_POST['title']) { if (!$user_ID && !$_POST['password']) { die('<script>alert("' . __('Please enter your password.', 'kboard') . '");history.go(-1);";</script>'); } } $content = new KBContent(); $content->initWithUID($uid); $content->setBoardID($board_id); if (!$uid && !$board->isWriter()) { die('<script>alert("' . __('You do not have permission.', 'kboard') . '");history.go(-1);</script>'); } else { if ($uid && !$board->isEditor($content->member_uid)) { if ($board->permission_write == 'all') { if (!$board->isConfirm($content->password, $content->uid)) { die('<script>alert("' . __('You do not have permission.', 'kboard') . '");history.go(-1);</script>'); } } else { die('<script>alert("' . __('You do not have permission.', 'kboard') . '");history.go(-1);</script>'); } } } $execute_uid = $content->execute(); // 비밀번호가 입력되면 즉시 인증과정을 거친다. if ($content->password) { $board->isConfirm($content->password, $execute_uid); } $url = new KBUrl(); $next_page_url = $url->set('uid', $execute_uid)->set('mod', 'document')->toString(); $next_page_url = apply_filters('kboard_after_executing_url', $next_page_url, $execute_uid, $board_id); wp_redirect($next_page_url); } else { wp_redirect(site_url()); } exit; }
function kboard_ocean_rating_like() { global $wpdb; if (isset($_POST['document_uid']) && intval($_POST['document_uid'])) { if (!@in_array($_POST['document_uid'], $_SESSION['kboard_ocean_rating_like'])) { $_SESSION['kboard_ocean_rating_like'][] = $_POST['document_uid']; $content = new KBContent(); $content->initWithUID($_POST['document_uid']); $content->like += 1; if ($content->uid) { $wpdb->query("UPDATE `{$wpdb->prefix}kboard_board_content` SET `like`='{$content->like}' WHERE `uid`='{$content->uid}'"); } echo $content->like; exit; } echo ''; exit; } exit; }
$file = kboard_htmlclear($file); $file = kboard_xssfilter($file); $file = addslashes($file); } else { $file = ''; } if (!$uid || !$file) { die('<script>alert("' . __('You do not have permission.', 'kboard') . '");history.go(-1);</script>'); } if (!strstr($referer, basename(__FILE__))) { $_SESSION['redirect_uri'] = $referer; } $content = new KBContent(); $content->initWithUID($uid); if ($content->parent_uid) { $parent = new KBContent(); $parent->initWithUID($content->getTopContentUID()); $board = new KBoard($parent->board_id); } else { $board = new KBoard($content->board_id); } if (!$board->isEditor($content->member_uid)) { if ($board->permission_write == 'all') { if (!$board->isConfirm($content->password, $content->uid)) { $url = new KBUrl(); $skin_path = KBOARD_URL_PATH . "/skin/{$board->skin}"; include KBOARD_DIR_PATH . "/skin/{$board->skin}/confirm.php"; exit; } } else { die('<script>alert("' . __('You do not have permission.', 'kboard') . '");history.go(-1);</script>');
<span class="navi-arrow">«</span> <span class="navi-document-title cut_strings"><?php echo $bottom_content->title; ?> </span> </a> <?php } ?> </div> <div class="kboard-next-document"> <?php $top_content_uid = $content->getNextUID(); if ($top_content_uid) { $top_content = new KBContent(); $top_content->initWithUID($top_content_uid); ?> <a href="<?php echo $url->getDocumentURLWithUID($top_content_uid); ?> "> <span class="navi-document-title cut_strings"><?php echo $top_content->title; ?> </span> <span class="navi-arrow">»</span> </a> <?php } ?>
<?php list($path) = explode(DIRECTORY_SEPARATOR . 'wp-content', dirname(__FILE__) . DIRECTORY_SEPARATOR); include $path . DIRECTORY_SEPARATOR . 'wp-load.php'; header("Content-Type: text/html; charset=UTF-8"); if (!stristr($_SERVER['HTTP_REFERER'], $_SERVER['HTTP_HOST'])) { wp_die('KBoard : ' . __('This page is restricted from external access.', 'kboard')); } $uid = intval($_GET['uid']); $file = addslashes(kboard_xssfilter(kboard_htmlclear(trim($_GET['file'])))); if (!$uid || !$file) { die('<script>alert("' . __('You do not have permission.', 'kboard') . '");history.go(-1);</script>'); } $content = new KBContent(); $content->initWithUID($uid); $board = new KBoard($content->board_id); if (!$board->isReader($content->member_uid, $content->secret)) { if (!$user_ID) { die('<script>alert("' . __('Please Log in to continue.', 'kboard') . '");location.href="' . wp_login_url() . '";</script>'); } else { die('<script>alert("' . __('You do not have permission.', 'kboard') . '");history.go(-1);</script>'); } } $file_info = $wpdb->get_row("SELECT * FROM `{$wpdb->prefix}kboard_board_attached` WHERE `content_uid`='{$uid}' AND `file_key`='{$file}'"); list($path) = explode(DIRECTORY_SEPARATOR . 'wp-content', dirname(__FILE__) . DIRECTORY_SEPARATOR); $path = $path . str_replace('/', DIRECTORY_SEPARATOR, $file_info->file_path); $name = $file_info->file_name; if (!$file_info->file_path || !file_exists($path)) { die('<script>alert("' . __('You do not have permission.', 'kboard') . '");history.go(-1);</script>'); } header('Content-type: ' . kboard_mime_type($path));
/** * 최상위 부모 UID를 반환한다. * @return int */ public function getTopContentUID() { if ($this->parent_uid) { $content = new KBContent(); $content->initWithUID($this->parent_uid); return $content->getTopContentUID(); } return $this->uid; }
echo $url->getDocumentURLWithUID($top_content_uid); ?> "><?php echo $top_content->title; ?> </a> <?php } ?> </div> <div class="kboard-bottom-document cut_strings"> <?php $bottom_content_uid = $content->getPrevUID(); if ($bottom_content_uid) { $bottom_content = new KBContent(); $bottom_content->initWithUID($bottom_content_uid); ?> <a href="<?php echo $url->getDocumentURLWithUID($bottom_content_uid); ?> "><?php echo $bottom_content->title; ?> </a> <?php } ?> </div> </div>
list($path) = explode(DIRECTORY_SEPARATOR . 'wp-content', dirname(__FILE__) . DIRECTORY_SEPARATOR); include $path . DIRECTORY_SEPARATOR . 'wp-load.php'; header("Content-Type: text/html; charset=UTF-8"); if (!stristr($_SERVER['HTTP_REFERER'], $_SERVER['HTTP_HOST'])) { wp_die('KBoard : ' . __('This page is restricted from external access.', 'kboard')); } $uid = intval($_GET['uid']); $file = addslashes(kboard_xssfilter(kboard_htmlclear(trim($_GET['file'])))); if (!$uid || !$file) { die('<script>alert("' . __('You do not have permission.', 'kboard') . '");history.go(-1);</script>'); } if (!strstr($_SERVER['HTTP_REFERER'], basename(__FILE__))) { $_SESSION['redirect_uri'] = $_SERVER['HTTP_REFERER']; } $content = new KBContent(); $content->initWithUID($uid); $board = new KBoard($content->board_id); if (!$board->isEditor($content->member_uid)) { if ($board->permission_write == 'all') { if (!$board->isConfirm($content->password, $content->uid)) { $url = new KBUrl(); $skin_path = KBOARD_URL_PATH . "/skin/{$board->skin}"; include KBOARD_DIR_PATH . "/skin/{$board->skin}/confirm.php"; exit; } } elseif (!$user_ID) { die('<script>alert("' . __('Please Log in to continue.', 'kboard') . '");location.href="' . wp_login_url() . '";</script>'); } else { die('<script>alert("' . __('You do not have permission.', 'kboard') . '");history.go(-1);</script>'); }
/** * 게시물 삭제 페이지를 생성한다. (완료 후 바로 리다이렉션) */ public function builderRemove() { if (!stristr($_SERVER['HTTP_REFERER'], $_SERVER['HTTP_HOST'])) { echo '<script>alert("KBoard : ' . __('This page is restricted from external access.', 'kboard') . '");</script>'; return; } $url = new KBUrl(); $content = new KBContent($this->board_id); $content->initWithUID($this->uid); if (!$this->board->isEditor($content->member_uid)) { if ($this->board->permission_write == 'all') { if (!$this->board->isConfirm($content->password, $content->uid)) { $confirm_view = true; } } else { die('<script>alert("' . __('You do not have permission.', 'kboard') . '");history.go(-1);</script>'); } } if ($confirm_view) { $skin_path = KBOARD_URL_PATH . "/skin/{$this->skin}"; $board = $this->board; include KBOARD_DIR_PATH . "/skin/{$this->skin}/confirm.php"; } else { $content->remove(); // 삭제뒤 게시판 리스트로 이동한다. $next = $url->set('mod', 'list')->toString(); die("<script>location.href='{$next}';</script>"); } }
$kbdoc->team_id = 1; $kbdoc->assigned_user_id = 'seed_will_id'; $kbdoc->active_date = $v['start_date']; $kbdoc->exp_date = $v['exp_date']; $kbdoc->is_external_article = 1; $kbdoc->save(); $kbdocRevision = new KBDocumentRevision(); $kbdocRevision->change_log = translate('DEF_CREATE_LOG', 'KBDocuments'); $kbdocRevision->revision = '1'; $kbdocRevision->kbdocument_id = $kbdoc->id; $kbdocRevision->latest = true; $kbdocRevision->save(); $docRevision = new DocumentRevision(); $docRevision->filename = $kbdoc->kbdocument_name; $docRevision->save(); $kbdocContent = new KBContent(); $kbdocContent->document_revision_id = $docRevision->id; $kbdocContent->team_id = $kbdoc->team_id; $kbdocContent->kbdocument_body = $v['body']; $kbdocContent->save(); $kbdocRevision->kbcontent_id = $kbdocContent->id; $kbdocRevision->document_revision_id = $docRevision->id; $kbdocRevision->save(); $kbdoc->kbdocument_revision_id = $kbdocRevision->id; $kbdoc->save(); foreach ($v['tags'] as $tag) { $kbdocKBTag = new KBDocumentKBTag(); $kbdocKBTag->kbtag_id = array_search($tag, $kbtags_hash); $kbdocKBTag->kbdocument_id = $kbdoc->id; $kbdocKBTag->team_id = $kbdoc->team_id; $kbdocKBTag->save();
/** * 첨부파일 다운로드 */ public function fileDownload() { global $wpdb; header('X-Robots-Tag: noindex', true); // 검색엔진 수집 금지 header('Content-Type: text/html; charset=UTF-8'); $referer = isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : ''; $host = isset($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : ''; if ($referer) { $url = parse_url($referer); $referer_host = $url['host'] . (isset($url['port']) && $url['port'] ? ':' . $url['port'] : ''); } else { wp_die('KBoard : ' . __('This page is restricted from external access.', 'kboard')); } if (!in_array($referer_host, array($host))) { wp_die('KBoard : ' . __('This page is restricted from external access.', 'kboard')); } $uid = isset($_GET['uid']) ? intval($_GET['uid']) : ''; if (isset($_GET['file'])) { $file = trim($_GET['file']); $file = kboard_htmlclear($file); $file = kboard_xssfilter($file); $file = esc_sql($file); } else { $file = ''; } if (!$uid || !$file) { die('<script>alert("' . __('You do not have permission.', 'kboard') . '");history.go(-1);</script>'); } $content = new KBContent(); $content->initWithUID($uid); if ($content->parent_uid) { $parent = new KBContent(); $parent->initWithUID($content->getTopContentUID()); $board = new KBoard($parent->board_id); } else { $board = new KBoard($content->board_id); } if (!$board->isReader($content->member_uid, $content->secret)) { if (!$user_ID && $board->permission_read == 'author') { die('<script>alert("' . __('Please Log in to continue.', 'kboard') . '");location.href="' . wp_login_url($referer) . '";</script>'); } else { if ($content->secret && in_array($board->permission_write, array('all', 'author')) && in_array($board->permission_read, array('all', 'author'))) { if (!$board->isConfirm($content->password, $content->uid)) { if ($content->parent_uid) { $parent = new KBContent(); $parent->initWithUID($content->getTopContentUID()); if (!$board->isReader($parent->member_uid, $content->secret)) { if (!$board->isConfirm($parent->password, $parent->uid)) { die('<script>alert("' . __('You do not have permission.', 'kboard') . '");history.go(-1);</script>'); } } } else { die('<script>alert("' . __('You do not have permission.', 'kboard') . '");history.go(-1);</script>'); } } } else { die('<script>alert("' . __('You do not have permission.', 'kboard') . '");history.go(-1);</script>'); } } } $file_info = $wpdb->get_row("SELECT * FROM `{$wpdb->prefix}kboard_board_attached` WHERE `content_uid`='{$uid}' AND `file_key`='{$file}'"); list($path) = explode(DIRECTORY_SEPARATOR . 'wp-content', dirname(__FILE__) . DIRECTORY_SEPARATOR); $path = $path . str_replace('/', DIRECTORY_SEPARATOR, $file_info->file_path); $filename = str_replace(' ', '-', $file_info->file_name); if (!$file_info->file_path || !file_exists($path)) { die('<script>alert("' . __('You do not have permission.', 'kboard') . '");history.go(-1);</script>'); } if (get_option('kboard_attached_copy_download')) { $unique_dir = uniqid(); $upload_dir = wp_upload_dir(); $temp_path = $upload_dir['basedir'] . '/kboard_temp'; $kboard_file_handler = new KBFileHandler(); $kboard_file_handler->deleteWithOvertime($temp_path, 60); $kboard_file_handler->mkPath("{$temp_path}/{$unique_dir}"); copy($path, "{$temp_path}/{$unique_dir}/{$filename}"); header('Location:' . $upload_dir['baseurl'] . "/kboard_temp/{$unique_dir}/{$filename}"); } else { $ie = isset($_SERVER['HTTP_USER_AGENT']) && (strpos($_SERVER['HTTP_USER_AGENT'], 'Trident') !== false || strpos($_SERVER['HTTP_USER_AGENT'], 'MSIE') !== false); if ($ie) { $filename = iconv('UTF-8', 'EUC-KR//IGNORE', $filename); } header('Content-type: ' . kboard_mime_type($path)); header('Content-Disposition: attachment; filename="' . $filename . '"'); header('Content-Transfer-Encoding: binary'); header('Content-length: ' . sprintf('%d', filesize($path))); header('Expires: 0'); if ($ie) { header('Cache-Control: must-revalidate, post-check=0, pre-check=0'); header('Pragma: public'); } else { header('Pragma: no-cache'); } $fp = fopen($path, 'rb'); fpassthru($fp); fclose($fp); } exit; }
$parent_uid = isset($_POST['parent_uid']) ? intval($_POST['parent_uid']) : ''; $member_uid = isset($_POST['member_uid']) ? intval($_POST['member_uid']) : ''; if (!is_user_logged_in() && !$member_display) { die("<script>alert('" . __('Please enter a author.', 'kboard-comments') . "');history.go(-1);</script>"); } else { if (!is_user_logged_in() && !$password) { die("<script>alert('" . __('Please enter a password.', 'kboard-comments') . "');history.go(-1);</script>"); } else { if (!$captcha->textCheck($captcha_text)) { die("<script>alert('" . __('The CAPTCHA code is not valid. Please enter the CAPTCHA code.', 'kboard-comments') . "');history.go(-1);</script>"); } else { if (!$content_uid) { die("<script>alert('" . __('No document UID.', 'kboard-comments') . "');history.go(-1);</script>"); } else { if (!$content) { die("<script>alert('" . __('Type the content of the comment.', 'kboard-comments') . "');history.go(-1);</script>"); } } } } } $document = new KBContent(); $document->initWithUID($content_uid); $setting = new KBoardMeta($document->board_id); if (!is_user_logged_in() && $setting->permission_comment_write == '1') { die('<script>alert("' . __('You do not have permission.', 'kboard-comments') . '");history.go(-1);</script>'); } $commentList = new KBCommentList($content_uid); $commentList->add($parent_uid, $member_uid, $member_display, $content, $password); // 댓글 입력 완료 후 이전 페이지로 이동 header("Location:" . $referer);
<tr> <th class="check-column"></th> <td>댓글이 없습니다.</td> <td></td> <td></td> <td></td> </tr> <?php } ?> <?php while ($comment = $commentList->hasNext()) { ?> <?php $content = new KBContent(); $content->initWithUID($comment->content_uid); $board = new KBoard($content->board_id); $url = new KBUrl(); ?> <tr> <th class="check-column"><input type="checkbox" name="comment_uid[]" value="<?php echo $comment->uid; ?> "></th> <td><a class="row-title" href="<?php echo KBOARD_SETTING_PAGE; ?> &board_id=<?php echo $board->uid; ?>
/** * 답글 리스트에서 다음 게시물을 반환한다. * @return KBContent */ public function hasNextReply() { if (!$this->resource_reply) { return ''; } $this->row = current($this->resource_reply); if ($this->row) { next($this->resource_reply); $content = new KBContent(); $content->initWithRow($this->row); return $content; } else { unset($this->resource_reply); return ''; } }
function kboard_content_list() { include_once 'class/KBContentListTable.class.php'; $table = new KBContentListTable(); $action = $table->current_action(); if (isset($_POST['uid'])) { $content = new KBContent(); if ($action == 'board_change') { foreach ($_POST['uid'] as $key => $value) { $board_id = $_POST['board_id_' . $value]; if ($board_id) { $content->initWithUID($value); $content->board_id = $board_id; $content->updateContent(); } } } else { if ($action == 'delete') { foreach ($_POST['uid'] as $key => $value) { $content->initWithUID($value); $content->remove(); } } } } $table->prepare_items(); include_once 'pages/kboard_content_list.php'; }