function safe_post_data()
{
if ($_SERVER["REQUEST_METHOD"] == "POST") {
foreach ($_POST as $key => $value) {
if (is_string($value)) {
$_POST[$key] = clean_query_string($_POST[$key]);
}
}
}
}
<th scope="row">업데이트</th>
<td> <?php
echo $write['fo_datetime'];
?>
</td>
</tr>
<?php
}
?>
</tbody>
</table>
</div>
<div class="btn_confirm01 btn_confirm">
<input type="submit" value="확인" class="btn_submit" accesskey="s">
<a href="./form_list.php?<?php
echo clean_query_string($_SERVER['QUERY_STRING']);
?>
">목록</a>
</div>
</form>
<script>
function add(str) {
var conts = document.getElementById('sms_contents');
var bytes = document.getElementById('sms_bytes');
conts.focus();
conts.value+=str;
byte_check('sms_contents', 'sms_bytes');
return;
}
function byte_check(sms_contents, sms_bytes)
if (!get_session('ss_view_' . $bo_table . '_' . $wr_id)) {
alert('잘못된 접근입니다.');
}
// 다운로드 차감일 때 비회원은 다운로드 불가
if ($board['bo_download_point'] < 0 && $is_guest) {
alert('다운로드 권한이 없습니다.\\n회원이시라면 로그인 후 이용해 보십시오.', G5_BBS_URL . '/login.php?wr_id=' . $wr_id . '&' . $qstr . '&url=' . urlencode(G5_BBS_URL . '/board.php?bo_table=' . $bo_table . '&wr_id=' . $wr_id));
}
$sql = " select bf_source, bf_file from {$g5['board_file_table']} where bo_table = '{$bo_table}' and wr_id = '{$wr_id}' and bf_no = '{$no}' ";
$file = sql_fetch($sql);
if (!$file['bf_file']) {
alert('파일 정보가 존재하지 않습니다.');
}
// JavaScript 불가일 때
if ($js != 'on' && $board['bo_download_point'] < 0) {
$msg = $file['bf_source'] . ' 파일을 다운로드 하시면 포인트가 차감(' . number_format($board['bo_download_point']) . '점)됩니다.\\n포인트는 게시물당 한번만 차감되며 다음에 다시 다운로드 하셔도 중복하여 차감하지 않습니다.\\n그래도 다운로드 하시겠습니까?';
$url1 = G5_BBS_URL . '/download.php?' . clean_query_string($_SERVER['QUERY_STRING']) . '&js=on';
$url2 = clean_xss_tags($_SERVER['HTTP_REFERER']);
//$url1 = 확인link, $url2=취소link
// 특정주소로 이동시키려면 $url3 이용
confirm($msg, $url1, $url2);
}
if ($member['mb_level'] < $board['bo_download_level']) {
$alert_msg = '다운로드 권한이 없습니다.';
if ($member['mb_id']) {
alert($alert_msg);
} else {
alert($alert_msg . '\\n회원이시라면 로그인 후 이용해 보십시오.', G5_BBS_URL . '/login.php?wr_id=' . $wr_id . '&' . $qstr . '&url=' . urlencode(G5_BBS_URL . '/board.php?bo_table=' . $bo_table . '&wr_id=' . $wr_id));
}
}
$filepath = G5_DATA_PATH . '/file/' . $bo_table . '/' . $file['bf_file'];
$filepath = addslashes($filepath);
$session->confirmation_protected_page();
if (User::is_employee() || User::is_visitor()) {
redirect_to('index.php');
}
?>
<?php
if (isset($_GET['class_name'])) {
$class_name = $_GET['class_name'];
call_user_func_array(array($class_name, 'change_to_unique_data'), ['ajax']);
$is_data = true;
} else {
$class_name = "ToDoList";
$is_data = false;
}
$url = clean_query_string('http://' . $_SERVER['SERVER_NAME'] . $_SERVER['PHP_SELF'] . "?" . "class_name=" . u($class_name) . "&id=" . u($_GET['id']) . "&test=1");
//echo $url;
http:
//localhost/rajah_production/public/admin/edit_data.php?class_name=BlacklistIp&id=12 ;
if (isset($_GET['id'])) {
$post_link = $_SERVER["PHP_SELF"] . "?class_name=" . u($class_name) . "&id=" . urlencode($_GET['id']);
$page = "Update";
$page1 = "Update ";
$text_post = "Updated";
$text_post1 = "update";
} else {
$post_link = $_SERVER["PHP_SELF"] . "?class_name=" . u($class_name);
$page = "New";
$page1 = "Add New ";
$text_post = "created";
$text_post1 = "creation";
public function display_table_new($long_short = 0, $edit)
{
$this->set_up_display();
$output = "";
$output .= "<tr class=\"gradeX\">";
if ($long_short == 1) {
$table_field = static::$db_fields_table_display_full;
} else {
$table_field = static::$db_fields_table_display_short;
}
foreach ($table_field as $fieldname) {
if (property_exists($this, $fieldname)) {
if (in_array($fieldname, static::$fields_numeric_format)) {
if ((double) $this->{$fieldname} < 0) {
$style = "color:red;";
} else {
$style = "";
}
// $output.= "<td $style class='text-right'>".number_format ( $this->$fieldname,2)."</td>";
$output .= "<td><span style='{$style}' class='text-right'>" . number_format($this->{$fieldname}, 2) . "</span></td>";
} else {
$output .= "<td class='text-center text-capitalize'>" . $this->{$fieldname} . "</td>";
}
}
}
if ($edit) {
$href = clean_query_string("class_edit?class_name=" . get_called_class() . "&id=" . urlencode($this->id));
$output .= "<td class='text-center'><a class='btn btn-primary table-btn' style='width: 5em' href='" . "class_edit?class_name=" . get_called_class() . "&id=" . urlencode($this->id) . "'>Edit</a></td>";
$output .= "<td class='text-center'><a class='btn btn-primary table-btn' style='width: 5em' href='" . $href . "'>Edit</a></td>";
$href = clean_query_string("class_delete?class_name=" . get_called_class() . "&id=" . urlencode($this->id));
$output .= "<td class='text-center'><a class='btn btn-danger table-btn' href='class_delete?class_name=" . get_called_class() . "&id=" . urlencode($this->id) . "'>Delete</a></td>";
}
$output .= "</tr>";
return $output;
}
public static function table_nav_additional()
{
$order_name = !empty($_GET["order_name"]) ? $_GET["order_name"] : 'id';
$order_type = !empty($_GET["order_type"]) ? $_GET["order_type"] : 'ASC';
$page = !empty($_GET['page']) ? (int) $_GET["page"] : 1;
if (strtoupper($order_type) == 'ASC' && !empty($_GET["order_type"])) {
$order_type = 'DESC';
} else {
$order_type = 'ASC';
}
$qstr = "?search_all=&done=0&submit=&page=" . $page . "&order_name=progress&order_type=" . $order_type;
// $qstr="?search_all=&done=0&submit=&page=1&order_name=progress&order_type=DESC";
if (isset($_GET['done']) && (int) $_GET['done'] == 0) {
$done = 1;
$done_txt = 'Show finished';
} else {
$done = 0;
$done_txt = 'Show Open';
}
$output = "</a><span> </span>";
$href = clean_query_string(static::$page_manage . "?search_all=&done={$done}&submit=");
$output .= "<a class=\"btn btn-info\" href=\"" . $href . "\">{$done_txt} " . " </a><span> </span>";
$output .= "<a class=\"btn btn-info\" href=\"" . clean_query_string(static::$page_manage . $qstr) . "\">progress" . " </a><span> </span>";
return $output;
}
$array = array();
$current_time = time();
foreach ($file as $value) {
$toc = get_line_data('news_toc', $value);
if ($toc['timestamp'] > $current_time) {
// This is an _archive_, not something that displays all posted news.
continue;
}
$time = mktime(0, 0, 0, date('n', $toc['timestamp']), 1, date('y', $toc['timestamp']));
$allready_added = false;
$result = array_search($time, $array);
if ($result === NULL || $result === false) {
$array[] = $time;
}
}
$qs = clean_query_string();
foreach ($array as $val) {
$month = date('n', $val);
$year = date("Y", $val);
echo '<a href="?fn_month=' . $month . '&fn_year=' . $year . $qs . '">' . $months[$month] . ' ' . $year . '</a><br />' . "\n";
}
break;
}
} else {
/*id Month*/
$file = get_ordered_toc();
if ($flip_news) {
$file = array_reverse($file);
}
if ($post_per_day) {
$ppp_data = array();
/**
* Parses news text or news data so that it is displayed along with its template.
* @param string|array $news_string News text to parse, or the array from the required news file.
* @param array $settings Override settings when parsing.
* @return Parsed news text
*/
function parse_news_to_view($news_string, $settings = array())
{
assert(is_array($settings));
global $fsnw, $wfpost, $ht, $smilies, $bb, $stfpop, $compop, $furl, $fullnewsh, $fullnewsw, $fullnewss, $fullnewsz, $fslink, $datefor, $stflink, $stfheight, $stfwidth, $stfscrolls, $stfresize, $pclink, $datefor, $link_headline_fullstory, $hurl, $comheight, $comwidth, $comscrolls, $comresize;
$news_text = array();
if (!empty($news_string)) {
$icon = '';
$email = '';
$writer = '';
$link_full_news = '';
$link_comments = '';
$link_tell_friend = '';
$article = $news_string;
if (!is_array($news_string)) {
$article = get_line_data('news', $news_string);
}
// Get the template HTML
$news_tmpl = get_template((isset($settings['template']) ? $settings['template'] : 'news_temp') . '.php', false);
$other_qs = clean_query_string();
$news_url = isset($settings['news_url']) ? $settings['news_url'] : '';
$sep = strpos($news_url, '?') === false ? '?' : '&';
// Create the 'read more...' link
if ($article['fullnews'] != '') {
if ($fsnw) {
$link_full_news = '<a href="' . $furl . '/fullnews.php?fn_id=' . $article['news_id'] . '" onclick="window.open(this.href,\'\',\'height=' . $fullnewsh . ',width=' . $fullnewsw . ',toolbar=no,menubar=no,scrollbars=' . $fullnewss . ',resizable=' . $fullnewsz . '\'); return false">' . $fslink . '</a>';
} else {
$link_full_news = '<a href="' . $news_url . $sep . 'fn_mode=fullnews&fn_id=' . $article['news_id'] . $other_qs . '">' . $fslink . '</a>';
}
}
// Create the comments link
if ($compop) {
$link_comments = '<a href="' . $furl . '/comments.php?fn_id=' . $article['news_id'] . '" onclick="window.open(this.href,\'\',\'height=' . $comheight . ',width=' . $comwidth . ',toolbar=no,menubar=no,scrollbars=' . $comscrolls . ',resizable=' . $comresize . '\'); return false">' . $pclink . '</a>';
} else {
$link_comments = '<a href="' . $news_url . $sep . 'fn_mode=comments&fn_id=' . $article['news_id'] . $other_qs . '">' . $pclink . '</a>';
}
// Create the tell a friend link
if ($stfpop) {
$link_tell_friend = '<a href="' . $furl . '/send.php?fn_id=' . $article['news_id'] . '" onclick="window.open(this.href,\'\',\'height=' . $stfheight . ',width=' . $stfwidth . ',toolbar=no,menubar=no,scrollbars=' . $stfscrolls . ',resizable=' . $stfresize . '\'); return false">' . $stflink . '</a>';
} else {
$link_tell_friend = '<a href="' . $news_url . $sep . 'fn_mode=send&fn_id=' . $article['news_id'] . $other_qs . '">' . $stflink . '</a>';
}
// Make sure the number of comments is 0 or above.
$num_comments = max((int) $article['numcomments'], 0);
// Get author information
$author = get_author($article['author']);
if ($author === false) {
$author = array('showemail' => false, 'nick' => $article['author']);
}
// Create the icon
if (strpos($news_tmpl, '{icon}') !== false && !empty($author['icon'])) {
$icon = '<img src="' . $author['icon'] . '" alt="" />';
}
// Put the writer's name with his email as a link, or in some cases not.
$email = $author['showemail'] ? $author['email'] : '';
if (!$email) {
$writer = $author['nick'];
} else {
$writer = '<a href="mailto:' . $author['email'] . '">' . $author['nick'] . '</a>';
}
// Get our new lines back
$article['shortnews'] = str_replace('&br;', $ht ? '' : '<br />', $article['shortnews']);
$article['fullnews'] = str_replace('&br;', $ht ? '' : '<br />', $article['fullnews']);
$article['headline'] = format_message($article['headline'], $ht, $bb, $smilies, $wfpost);
$article['shortnews'] = format_message($article['shortnews'], $ht, $bb, $smilies, $wfpost);
$article['fullnews'] = format_message($article['fullnews'], $ht, $bb, $smilies, $wfpost);
$file = file(FNEWS_ROOT_PATH . 'categories.php');
array_shift($file);
$categories = explode(',', $article['categories']);
$cat_icon = '';
$cat_id = 0;
$cat_name = '';
$category_filter = isset($settings['category']) ? $settings['category'] : array();
$num_category_filter = sizeof($category_filter);
foreach ($file as $category) {
$category = get_line_data('categories', $category);
if ($num_category_filter > 0 && in_array($category['category_id'], $category_filter) || $num_category_filter == 0 && in_array($category['category_id'], $categories)) {
$cat_icon = $category['icon'] != '' ? '<img src="' . $category['icon'] . '" alt="" />' : '';
$cat_id = $category['category_id'];
$cat_name = $category['name'];
break;
}
}
$news_text = array('post_id' => $article['news_id'], 'link_tell_friend' => $link_tell_friend, 'link_full_news' => $link_full_news, 'subject' => $article['headline'], 'description' => $article['description'], 'writer' => $writer, 'email' => $email, 'date' => date($datefor, (int) $article['timestamp']), 'icon' => $icon, 'news' => $article['shortnews'], 'fullnews' => $article['fullnews'], 'cat_icon' => $cat_icon, 'cat_id' => $cat_id, 'cat_name' => $cat_name);
if (strpos($news_tmpl, '{comments}') !== false) {
$news_text += array('nrc' => $num_comments, 'link_comments' => $link_comments);
} else {
$news_text += array('nrc' => '', 'link_comments' => '');
}
// Replace in the values!
$news_tmpl = replace_masks($news_tmpl, array('post_id' => $news_text['post_id'], 'user' => $news_text['writer'], 'date' => $news_text['date'], 'icon' => $news_text['icon'], 'send' => $news_text['link_tell_friend'], 'nrc' => $news_text['nrc'], 'cat_id' => $news_text['cat_id'], 'cat_name' => $news_text['cat_name'], 'cat_icon' => $news_text['cat_icon'], 'fullstory' => $news_text['link_full_news'], 'comments' => $news_text['link_comments'], 'subject' => '<a id="fus_' . $news_text['post_id'] . '"></a>' . $news_text['subject'], 'news' => $news_text['news'], 'description' => $news_text['description']));
$news_text += array('display' => $news_tmpl);
}
return $news_text;
}
$news_file = file(FNEWS_ROOT_PATH . 'news/news.' . $toc['news_id'] . '.php');
$valid_posts[] = get_line_data('news', $news_file[1]);
}
}
ob_start();
if (sizeof($valid_posts) > 0) {
if ($fn_date_order == 'asc') {
$valid_posts = array_reverse($valid_posts);
}
if ($fn_pagination) {
$total_posts = sizeof($valid_posts);
$pagination = '';
$max_pages = ceil($total_posts / $fn_news_per_page);
if ($max_pages > 1) {
$fn_page = $fn_page > $max_pages ? $max_pages : $fn_page;
$other_qs = clean_query_string();
if ($news_pagination_arrows) {
if ($fn_page - 1 >= 1) {
$pagination .= '<a href="?fn_page=' . ($fn_page - 1) . $other_qs . '">' . $news_pagination_prv . '</a> ';
} else {
$pagination .= $news_pagination_prv . ' ';
}
}
if ($news_pagination_numbers || !$news_pagination_numbers && !$news_pagination_arrows) {
$pagination .= create_page_numbers($max_pages, $fn_page, '?' . $other_qs, 'fn_page');
}
if ($news_pagination_arrows) {
if ($fn_page + 1 <= $max_pages) {
$pagination .= ' <a href="?fn_page=' . ($fn_page + 1) . $other_qs . '">' . $news_pagination_nxt . '</a>';
} else {
$pagination .= ' ' . $news_pagination_nxt;
$text = 'http://localhost/rajah_production/public/admin/edit_data.php?class_name=LinksCategory?id=1';
$text = "http://localhost/rajah_production/public/admin/delete_data.php?class_name=Links?id=4";
$text = "http://localhost/rajah_production/public/admin/manage_data.php?class_name=Links?&page=8";
$text = "http://localhost/rajah_production/public/admin/manage_data.php?class_name=Links?class_name=Links&page=1&view=1";
$text_qry_str = "/rajah_production/public/admin/edit_data.php?id=4";
$text = "http://localhost/rajah_production/public/admin/edit_data.php?id=4";
function clean_query_string($text_qry_str)
{
if (substr_count($text_qry_str, '?') > 1) {
$occ = substr_count($text_qry_str, '?');
// echo "\n"."Number time ? ".$occ."\n";
$pos = (int) strpos($text_qry_str, '?');
// echo"position ".$pos."\n";
$qry_str_part1 = substr($text_qry_str, 0, $pos + 1);
// echo "\n";
$qry_str_part2 = substr($text_qry_str, $pos + 1);
// echo "\n";
$qry_str_part2 = str_replace("&?", "&", $qry_str_part2, $count);
$qry_str_part2 = str_replace("&&", "&", $qry_str_part2, $count);
$qry_str_part2 = str_replace("??", "&", $qry_str_part2, $count);
$qry_str_part2 = str_replace("?&", "&", $qry_str_part2, $count);
echo $text_qry_str;
echo "\n";
$new_url = $qry_str_part1 . str_replace("?", "&", $qry_str_part2, $count) . "\n";
return $new_url;
} else {
return $text_qry_str;
}
}
echo clean_query_string($text);
