function build_page()
{
global $mystep, $setting, $script;
$tpl_info = array("idx" => "attachment", "style" => "../plugin/" . basename(realpath(dirname(__FILE__))) . "/tpl/", "path" => ROOT_PATH . "/" . $setting['path']['template']);
$tpl = $mystep->getInstance("MyTpl", $tpl_info);
$Max_size = ini_get('upload_max_filesize');
$tpl->Set_Variable('script', $script);
$tpl->Set_Variable('Max_size', $Max_size);
$tpl->Set_Variable('MaxSize', GetFileSize($Max_size));
$tpl->Set_Variable('path_admin', $setting['path']['admin']);
$mystep->show($tpl);
return;
}
function GetFolderList($d, $dir = '', $type = '')
{
$sDir = trim($d);
$type = strtolower($type);
strpos($sDir, '.') !== false && exit('What are you doing?');
$s_Url = "";
$FDir = iPATH . $dir . '/';
$sCurrDir = $FDir;
if ($sDir != "") {
if (is_dir($FDir . $sDir)) {
$sCurrDir = $FDir . $sDir . "/";
} else {
$sDir = "";
}
$s_Url = strrpos($sDir, "/") !== false ? substr($sDir, 0, strrpos($sDir, "/")) : "";
$parentfolder = $s_Url;
}
if ($handle = opendir($sCurrDir)) {
while (false !== ($file = readdir($handle))) {
$sFileType = filetype($sCurrDir . "/" . $file);
switch ($sFileType) {
case "dir":
if ($file != '.' && $file != '..' && $file != 'admin') {
$oDirs[] = $file;
}
break;
case "file":
$oFiles[] = $file;
break;
default:
}
}
}
if (isset($oDirs)) {
foreach ($oDirs as $oDir) {
$s_Url = $sDir == "" ? $oDir : $sDir . "/" . $oDir;
$folder[] = array('path' => $s_Url, 'dir' => $oDir);
}
}
$nFileNum = isset($oFiles) ? count($oFiles) : 0;
if ($nFileNum > 0) {
foreach ($oFiles as $oFile) {
$sFileName = $sCurrDir . $oFile;
if (getext($oFile)) {
$s_Url = $sDir == "" ? $oFile : $sDir . "/" . $oFile;
if ($type && strstr($type, getext($oFile)) !== false) {
$FileList[] = array('path' => $s_Url, 'name' => $oFile, 'time' => get_date(filemtime($sFileName), "Y-m-d H:i"), 'icon' => geticon($oFile), 'ext' => getext($oFile), 'size' => GetFileSize(filesize($sFileName)));
} elseif (empty($type)) {
$FileList[] = array('path' => $s_Url, 'name' => $oFile, 'time' => get_date(filemtime($sFileName), "Y-m-d H:i"), 'icon' => geticon($oFile), 'ext' => getext($oFile), 'size' => GetFileSize(filesize($sFileName)));
}
}
}
}
$s_Url = $sDir == "" ? "/" : "/" . $sDir . "/";
$R['FileList'] = $FileList;
$R['parentfolder'] = $parentfolder;
$R['folder'] = $folder;
return $R;
}
function build_page($method)
{
global $mystep, $req, $db, $tpl, $tpl_info, $setting, $news_cat, $news_id, $cat_id, $group, $web_id, $setting_sub;
$top_mode_list = array("0" => $setting['language']['admin_art_content_top_mode_1'], "1" => $setting['language']['admin_art_content_top_mode_2'], "2" => $setting['language']['admin_art_content_top_mode_3']);
$top_list = array("1" => $setting['language']['admin_art_content_top_1'], "2" => $setting['language']['admin_art_content_top_2'], "4" => $setting['language']['admin_art_content_top_3']);
$tpl_info['idx'] = "art_content_" . ($method == "list" ? "list" : "input");
$tpl_tmp = $mystep->getInstance("MyTpl", $tpl_info);
if ($cat_info = getParaInfo("news_cat", "cat_id", $cat_id)) {
$web_id = $cat_info['web_id'];
}
$check_i = "";
$check_b = "";
$check_c = "";
if (empty($group['power_cat'])) {
$group['power_cat'] = 0;
}
if ($method == "list") {
$page = $req->getGet("page");
$keyword = $req->getGet("keyword");
$order = $req->getGet("order");
$tpl_tmp->Set_Variable('order', $order);
$order_type = $req->getGet("order_type");
if (empty($order_type)) {
$order_type = "desc";
}
$condition = array();
if (!empty($web_id)) {
$condition[] = array("web_id", "n=", $web_id, "and");
}
if (!empty($cat_id)) {
$condition[] = array("cat_id", "n=", $cat_id, "and");
}
if (!empty($keyword)) {
$condition[] = array(array(array("subject", "like", $keyword), array("tag", "like", $keyword)), "and");
}
if ($group['power_cat'] != "all") {
$condition[] = array("cat_id", "nin", $group['power_cat'], "and");
}
//navigation
$counter = $db->result($setting['db']['pre_sub'] . "news_show", "count(*)", $condition);
list($page_arr, $page_start, $page_size) = GetPageList($counter, "?keyword={$keyword}&cat_id={$cat_id}&web_id={$web_id}&order={$order}&order_type={$order_type}", $page);
$tpl_tmp->Set_Variables($page_arr);
//main list
$the_order = array();
if (!empty($cat_id) && $order != "setop") {
$the_order[] = "order desc";
}
if ($order == "setop") {
$order_type = "desc";
}
if (!empty($order)) {
$the_order[] = "{$order} {$order_type}";
}
$the_order[] = "news_id {$order_type}";
$sql = $db->buildSel_join(array(array("name" => $setting['db']['pre_sub'] . "news_show", "idx" => "a", "col" => "*", "condition" => $condition, "order" => $the_order), array("name" => $setting['db']['pre'] . "news_cat", "idx" => "b", "col" => "cat_idx, cat_name", "join" => "cat_id")), "", array("limit" => "{$page_start}, {$page_size}"));
$db->Query($sql);
while ($record = $db->GetRS()) {
HtmlTrans(&$record);
if (empty($record['link'])) {
$record['link'] = getUrl("read", array($record['news_id'], $record['cat_id']), 1, $record['web_id']);
}
$tpl_tmp->Set_Loop('record', $record);
}
$title = empty($cat_id) ? $setting['language']['admin_art_content_list_all'] : $db->result($setting['db']['pre'] . "news_cat", "cat_name", array("cat_id", "n=", $cat_id));
$tpl_tmp->Set_Variable('title', $setting['language']['admin_art_content_list_article'] . " - " . $setting_sub['web']['title'] . " - " . $title);
$tpl_tmp->Set_Variable('keyword', $keyword);
$tpl_tmp->Set_Variable('cat_id', $cat_id);
$tpl_tmp->Set_Variable('order_type_org', $order_type);
$order_type = $order_type == "asc" ? "desc" : "asc";
$tpl_tmp->Set_Variable('order_type', $order_type);
$tpl_tmp->Set_Variable('keyword', $keyword);
} elseif ($method == "edit") {
$record = $db->record($setting['db']['pre_sub'] . "news_show", "*", array("news_id", "n=", $news_id));
if (!$record) {
$tpl->Set_Variable('main', showInfo($setting['language']['admin_art_content_error'], 0));
$mystep->show($tpl);
$mystep->pageEnd(false);
}
HtmlTrans(&$record);
$tpl_tmp->Set_Variables($record, "record");
$cat_id = $record['cat_id'];
$setop = (int) $record['setop'];
foreach ($top_list as $key => $value) {
$key = (int) $key;
$tpl_tmp->Set_Loop('setop', array("key" => $key, "value" => $value, "checked" => ($setop & $key) == $key ? "checked" : ""));
if (($setop & $key) == $key) {
$setop -= $key;
}
}
$setop /= 1024;
foreach ($top_mode_list as $key => $value) {
$key = (int) $key;
$tpl_tmp->Set_Loop('setop_mode', array("key" => $key, "value" => $value, "checked" => $setop == $key ? "checked" : ""));
}
$theStyle = explode(",", $record['style']);
$max_count = count($theStyle);
for ($i = 0; $i < $max_count; $i++) {
if ($theStyle[$i] == "i") {
$check_i = "checked";
} elseif ($theStyle[$i] == "b") {
$check_b = "checked";
} else {
$check_c = $theStyle[$i];
}
}
$content = array();
$db->select($setting['db']['pre_sub'] . "news_detail", "*", array("news_id", "n=", $news_id), array("order" => "page"));
while ($record = $db->GetRS()) {
$record['content'] = str_replace("&", "&", $record['content']);
HtmlTrans(&$record);
$record['content'] = "<span class=\"mceSubtitle\">" . $record['sub_title'] . "</span>\n" . $record['content'];
$content[] = $record['content'];
}
$Max_size = round(GetFileSize(ini_get('upload_max_filesize')) / 1024 / 1024, 2);
$tpl_tmp->Set_Variable('MaxSize', $Max_size);
$tpl_tmp->Set_Variable('record_content', implode("\n<p><img src=\"../script/tinymce/plugins/pagebreak/img/trans.gif\" class=\"mcePageBreak mceItemNoResize\" /></p>\n", $content));
$tpl_tmp->Set_Variable('title', $setting['language']['admin_art_content_edit']);
} else {
$checked = "checked";
foreach ($top_mode_list as $key => $value) {
$key = (int) $key;
$tpl_tmp->Set_Loop('setop_mode', array("key" => $key, "value" => $value, "checked" => $checked));
$checked = "";
}
foreach ($top_list as $key => $value) {
$key = (int) $key;
$tpl_tmp->Set_Loop('setop', array("key" => $key, "value" => $value, "checked" => ""));
}
$record = array();
$record['news_id'] = 0;
$record['cat_id'] = $cat_id;
$record['web_id'] = $web_id;
$record['subject'] = "";
$record['style'] = "";
$record['describe'] = "";
$record['original'] = "";
$record['link'] = "";
$record['tag'] = "";
$record['image'] = "";
$record['content'] = "";
$record['pages'] = 1;
$record['order'] = 0;
if (!empty($cat_id) && ($cat_info = getParaInfo("news_cat", "cat_id", $cat_id))) {
$record['view_lvl'] = $cat_info['view_lvl'];
$record['notice'] = $cat_info['notice'];
} else {
$record['view_lvl'] = 0;
$record['notice'] = "";
}
$Max_size = round(GetFileSize(ini_get('upload_max_filesize')) / 1024 / 1024, 2);
$tpl_tmp->Set_Variable('MaxSize', $Max_size);
$tpl_tmp->Set_Variables($record, "record");
$tpl_tmp->Set_Variable('title', $setting['language']['admin_art_content_add']);
}
//news image
$condition = array();
if (!empty($web_id)) {
$condition = array("web_id", "n=", $web_id);
}
$db->select($setting['db']['pre'] . "news_image", "*", $condition, array("order" => "id asc"));
while ($record = $db->GetRS()) {
HtmlTrans(&$record);
$tpl_tmp->Set_Loop('news_image', $record);
}
//catalog select
if (empty($web_id)) {
$web_id = 1;
}
$max_count = count($news_cat);
for ($i = 0; $i < $max_count; $i++) {
if (($method != "add" || $setting['info']['web']['web_id'] != 1) && $news_cat[$i]['web_id'] != $web_id) {
continue;
}
//if(!empty($news_cat[$i]['cat_link'])) continue;
$news_cat[$i]['cat_name'] = (isset($news_cat[$i + 1]) && $news_cat[$i + 1]['cat_layer'] == $news_cat[$i]['cat_layer'] ? "©À " : "©¸ ") . $news_cat[$i]['cat_name'];
for ($j = 1; $j < $news_cat[$i]['cat_layer']; $j++) {
$news_cat[$i]['cat_name'] = " " . $news_cat[$i]['cat_name'];
}
$news_cat[$i] = preg_replace("/^©À /", "", preg_replace("/^©¸ /", "", $news_cat[$i]));
$tpl_tmp->Set_Loop('catalog', array('cat_id' => $news_cat[$i]['cat_id'], 'web_id' => $news_cat[$i]['web_id'], 'cat_name' => $news_cat[$i]['cat_name'], 'view_lvl' => $news_cat[$i]['view_lvl'], 'selected' => $cat_id == $news_cat[$i]['cat_id'] ? "selected" : ""));
$tpl_tmp->Set_Loop('cat_sub', array('cat_id' => $news_cat[$i]['cat_id'], 'cat_sub' => $news_cat[$i]['cat_sub']));
}
$tpl_tmp->Set_Variable('check_b', $check_b);
$tpl_tmp->Set_Variable('check_i', $check_i);
$tpl_tmp->Set_Variable('check_c', $check_c);
$tpl_tmp->Set_Variable('get_remote_file', $setting['content']['get_remote_img'] ? "checked" : "");
$tpl_tmp->Set_Variable('method', $method);
$tpl_tmp->Set_Variable('web_id', $web_id);
$tpl_tmp->Set_Variable('cat_id', $cat_id);
$tpl_tmp->Set_Variable('news_id', $news_id);
$tpl_tmp->Set_Variable('back_url', $req->getServer("HTTP_REFERER"));
$max_count = count($GLOBALS['website']);
for ($i = 0; $i < $max_count; $i++) {
$GLOBALS['website'][$i]['selected'] = $GLOBALS['website'][$i]['web_id'] == $web_id ? "selected" : "";
$tpl_tmp->Set_Loop("website", $GLOBALS['website'][$i]);
}
$db->Free();
$tpl->Set_Variable('main', $tpl_tmp->Get_Content('$db, $setting'));
unset($tpl_tmp);
$mystep->show($tpl);
return;
}
$value_use_html = 1;
}
$use_html .= " value='{$value_use_html}' onclick='check_use_html(this)'><ZeroBoard";
// 비밀글 사용;;
if (!$setup[use_secret]) {
$hide_secret_start = "<!--";
$hide_secret_end = "-->";
}
// 공지기능 사용하는지 않하는지 표시;;
if (!$is_admin && $member[level] > $setup[grant_notice] || $mode == "reply") {
$hide_notice_start = "<!--";
$hide_notice_end = "-->";
}
// 최고 업로드 가능 용량
if ($setup[use_pds]) {
$upload_limit = GetFileSize($setup[max_upload_size]);
}
// 이미지 창고 버튼
if ($member[no] && $setup[grant_imagebox] >= $member[level]) {
$a_imagebox = "<a onfocus=blur() href='javascript:showImageBox(\"{$id}\")'>";
} else {
$a_imagebox = "<Zeroboard ";
}
if ($mode == "modify" && $data[ismember] != $member[no]) {
$a_imagebox = "<Zeroboard";
}
// 미리보기 버튼
$a_preview = "<a onfocus=blur() href='javascript:view_preview()'>";
// HTML 출력
head(" onload=unlock() onunload=hideImageBox() ", "script_write.php");
include $dir . "/write.php";
function build_page($method = "")
{
global $mystep, $req, $tpl, $tpl_info, $setting, $idx, $tpl_path, $method;
$fso = $mystep->getInstance("MyFSO");
$tpl_info['idx'] = "web_template";
if ($method != "show") {
$tpl_info['idx'] .= $method == "list" ? "_list" : "_input";
}
$tpl_tmp = $mystep->getInstance("MyTpl", $tpl_info);
if ($method == "show") {
$tpl_tmp->Set_Variable('title', $setting['language']['admin_web_template_title']);
$tpl_tmp->Set_Variable('tpl_idx', $idx);
$tpl_list = $fso->Get_List($tpl_path);
$max_count = count($tpl_list['dir']);
$the_list = array();
for ($i = 0; $i < $max_count; $i++) {
$tpl_list['dir'][$i] = basename($tpl_list['dir'][$i]);
if ($tpl_list['dir'][$i] == "cache" || strpos($tpl_list['dir'][$i], "admin") !== false) {
continue;
}
$tpl_tmp->Set_Loop("tpl_list", array("idx" => $tpl_list['dir'][$i], "img" => is_file($tpl_path . $tpl_list['dir'][$i] . "/sample.jpg") ? "/" . $setting['path']['template'] . "/" . $tpl_list['dir'][$i] . "/sample.jpg" : "/images/noimage.gif"));
$the_list[] = $tpl_list['dir'][$i];
}
$tpl_tmp->Set_Variable('tpl_list', toJson($the_list, $setting['gen']['charset']));
$max_count = count($GLOBALS['website']);
for ($i = 0; $i < $max_count; $i++) {
$setting_sub = getSubSetting($GLOBALS['website'][$i]['web_id']);
$GLOBALS['website'][$i]['tpl'] = $setting_sub['gen']['template'];
$tpl_tmp->Set_Loop("website", $GLOBALS['website'][$i]);
}
} elseif ($method == "list") {
$tpl_tmp->Set_Variable('title', $setting['language']['admin_web_template_title']);
$tpl_tmp->Set_Variable('tpl_idx', $idx);
$tpl_list = $fso->Get_List($tpl_path);
$max_count = count($tpl_list['dir']);
for ($i = 0; $i < $max_count; $i++) {
$tpl_list['dir'][$i] = basename($tpl_list['dir'][$i]);
if ($tpl_list['dir'][$i] == "cache") {
continue;
}
$tpl_tmp->Set_Loop("tpl_list", array("idx" => $tpl_list['dir'][$i], "selected" => $tpl_list['dir'][$i] == $idx ? "selected" : ""));
}
$css_file = ROOT_PATH . "/images/" . $idx . "/style.css";
if (is_file($css_file)) {
$tpl_tmp->Set_Loop("file", array("name" => "style.css", "size" => GetFileSize(filesize($css_file)), "attr" => $fso->Get_Attrib(substr(DecOct(fileperms($css_file)), -3)), "time" => date("Y/m/d H:i:s", filemtime($css_file))));
}
$file_list = $fso->Get_Tree($tpl_path . $idx, false, ".tpl");
foreach ($file_list as $key => $value) {
$curFile = $value;
$curFile['name'] = $key;
$tpl_tmp->Set_Loop("file", $curFile);
}
} else {
$file = array();
$file['idx'] = $idx;
$file['content'] = "";
if ($method == "edit") {
$file['name'] = $req->getGet("file");
if ($file['name'] == "style.css") {
$the_file = ROOT_PATH . "/images/" . $idx . "/style.css";
$file['type'] = "css";
} else {
$the_file = $tpl_path . $idx . "/" . $file['name'];
$file['type'] = "htmlmixed";
}
if (is_file($the_file)) {
$file['content'] = file_get_contents($the_file);
$file['content'] = htmlspecialchars($file['content']);
$file['content'] = str_replace("\t", " ", $file['content']);
}
$tpl_tmp->Set_Variable('title', $setting['language']['admin_web_template_edit']);
} else {
$file['name'] = "";
$tpl_tmp->Set_Variable('title', $setting['language']['admin_web_template_add']);
}
$tpl_tmp->Set_Variable('readonly', $method == "edit" ? "readonly" : "");
$tpl_tmp->Set_Variables($file, "file");
}
$tpl_tmp->Set_Variable('back_url', $req->getServer("HTTP_REFERER"));
$tpl_tmp->Set_Variable('method', $method);
$tpl->Set_Variable('main', $tpl_tmp->Get_Content('$db, $setting'));
unset($tpl_tmp);
$mystep->show($tpl);
return;
}
function build_page($method)
{
global $mystep, $req, $db, $tpl, $tpl_info, $setting, $id, $web_id;
$tpl_info['idx'] = "art_info_" . ($method == "list" ? "list" : "input");
$tpl_tmp = $mystep->getInstance("MyTpl", $tpl_info);
if ($method == "list") {
$condition = array();
if (!empty($web_id)) {
$condition = array("web_id", "n=", $web_id);
}
$db->select($setting['db']['pre'] . "info_show", "*", $condition, array("order" => "id asc"));
$n = 0;
while ($record = $db->GetRS()) {
$n++;
if ($webInfo = getParaInfo("website", "web_id", $record['web_id'])) {
$record['web_id'] = $webInfo['name'];
} else {
$record['web_id'] = "ALL";
}
$tpl_tmp->Set_Loop('record', $record);
}
$tpl_tmp->Set_If('empty', $n == 0);
$tpl_tmp->Set_Variable('title', $setting['language']['admin_art_info_title']);
$tpl_tmp->Set_Variable('web_id', $web_id);
} else {
if ($method == "edit") {
$record = $db->record($setting['db']['pre'] . "info_show", "*", array("id", "n=", $id));
if ($record === false) {
$tpl->Set_Variable('main', showInfo($setting['language']['admin_art_info_error'], 0));
$mystep->show($tpl);
$mystep->pageEnd(false);
}
$web_id = $record['web_id'];
HtmlTrans(&$record);
} else {
$record = array();
$record['id'] = 0;
$record['web_id'] = $web_id;
$record['subject'] = "";
$record['content'] = "";
$record['attach_list'] = "|";
}
$tpl_tmp->Set_Variables($record);
$Max_size = round(GetFileSize(ini_get('upload_max_filesize')) / 1024 / 1024, 2);
$tpl_tmp->Set_Variable('title', $method == 'add' ? $setting['language']['admin_art_info_add'] : $setting['language']['admin_art_info_edit']);
$tpl_tmp->Set_Variable('method', $method);
$tpl_tmp->Set_Variable('MaxSize', $Max_size);
$tpl_tmp->Set_Variable('back_url', $req->getServer("HTTP_REFERER"));
}
$max_count = count($GLOBALS['website']);
for ($i = 0; $i < $max_count; $i++) {
$GLOBALS['website'][$i]['selected'] = $GLOBALS['website'][$i]['web_id'] == $web_id ? "selected" : "";
$tpl_tmp->Set_Loop("website", $GLOBALS['website'][$i]);
}
$db->Free();
$tpl->Set_Variable('main', $tpl_tmp->Get_Content('$db, $setting'));
unset($tpl_tmp);
$mystep->show($tpl);
return;
}
}
} else {
$record = $db->GetSingleRecord("repair table " . $setting['db']['name'] . "." . $table_name);
$op_info .= $record['Table'] . " - <i>" . $record['Msg_text'] . "</i>";
}
}
write_log($log_info);
if ($method == "export") {
$mystep->pageEnd(false);
}
}
$tpl_info['idx'] = "func_backup";
$tpl_tmp = $mystep->getInstance("MyTpl", $tpl_info);
$Max_size = ini_get('upload_max_filesize');
$tpl_tmp->Set_Variable('max_size', $Max_size);
$Max_size = GetFileSize($Max_size);
if ($Max_size == 0) {
$Max_size = 1024 * 1024;
}
$tbl_list = $db->GetTabs($setting_sub['db']['name']);
$max_count = count($tbl_list);
for ($i = 0; $i < $max_count; $i++) {
$tpl_tmp->Set_Loop('tbls', array("name" => $tbl_list[$i]));
}
$db->Free();
$max_count = count($GLOBALS['website']);
for ($i = 0; $i < $max_count; $i++) {
$GLOBALS['website'][$i]['selected'] = $GLOBALS['website'][$i]['idx'] == $web_idx ? "selected" : "";
$tpl_tmp->Set_Loop("website", $GLOBALS['website'][$i]);
}
$db->Free();
</span>
</div>
<ul class="attachment">
<?php
for ($i = 0, $loop = count($attachments); $i < $loop; $i++) {
$fileIcon = array('image' => 'fa-file-image-o');
?>
<li><a href="<?php
echo $attachments[$i]->download;
?>
" download="<?php
echo $attachments[$i]->name;
?>
"><span class="filesize">(<?php
echo GetFileSize($attachments[$i]->size);
?>
)</span><i class="fa <?php
echo empty($fileIcon[$attachments[$i]->type]) == true ? 'fa-file-o' : $fileIcon[$attachments[$i]->type];
?>
"></i> <?php
echo $attachments[$i]->name;
?>
</a></li>
<?php
}
?>
</ul>
<?php
}
?>
} else {
if (!move_uploaded_file($file1, "data/{$id}/" . $s_file_name1)) {
Error("파일업로드가 제대로 되지 않았습니다");
}
$file_name1 = "data/{$id}/" . $s_file_name1;
@chmod($file_name1, 0706);
}
}
}
if ($file2_size > 0 && $setup[use_pds] && $file2) {
if (!is_uploaded_file($file2)) {
Error("정상적인 방법으로 업로드 해주세요");
}
$file2_size = filesize($file2);
if ($setup[max_upload_size] < $file2_size && !$is_admin) {
error("파일 업로드는 최고 " . GetFileSize($setup[max_upload_size]) . " 까지 가능합니다");
}
if ($file2_size > 0) {
$s_file_name2 = $file2_name;
if (eregi("\\.inc", $s_file_name2) || eregi("\\.pht", $s_file_name2) || eregi("\\.htm", $s_file_name2) || eregi("\\.shtml", $s_file_name2) || eregi("\\.ztx", $s_file_name2) || eregi("\\.php", $s_file_name2) || eregi("\\.dot", $s_file_name1) || eregi("\\.asp", $s_file_name2) || eregi("\\.cgi", $s_file_name2) || eregi("\\.pl", $s_file_name2)) {
Error("Html, PHP 관련파일은 업로드할수 없습니다");
}
//확장자 검사
if ($setup[pds_ext2]) {
$temp = explode(".", $s_file_name2);
$s_point = count($temp) - 1;
$upload_check = $temp[$s_point];
if (!eregi($upload_check, $setup[pds_ext2]) || !$upload_check) {
Error("업로드는 {$setup['pds_ext2']} 확장자만 가능합니다");
}
}
set_time_limit(0);
$script = "";
if (count($_POST) > 0) {
$path_upload = $setting['path']['upload'] . "/pic/" . date("Ym") . "/";
$upload = new MyUploader();
$upload->init("../" . $path_upload, true);
$upload->DoIt();
if ($upload->upload_result[0]['error'] == 0) {
$the_file = $path_upload . "/" . $upload->upload_result[0]['new_name'];
if (!empty($width) && !empty($height)) {
img_thumb(ROOT_PATH . "/" . $the_file, $width, $height, ROOT_PATH . "/" . $the_file . ".thumb");
unlink(ROOT_PATH . "/" . $the_file);
rename(ROOT_PATH . "/" . $the_file . ".thumb", ROOT_PATH . "/" . $the_file);
}
$script = "\r\n\t\t\tvar theOLE = null;\r\n\t\t\ttheOLE = parent.parent || parent.dialogArguments || parent.opener;\r\n\t\t\ttheOLE.document.forms[0].{$parent_element}.value = '" . $web_url . "/" . $the_file . "';\r\n\t\t\talert('" . $setting['language']['admin_upload_img_ok'] . "');\r\n\t\t\tif(parent.parent==null){parent.close();}else{parent.parent.\$.closePopupLayer();}\r\n\t\t\treturn;\r\n\t\t";
} else {
$script = "\r\n\t\t\talert('" . $upload->upload_result[0]['message'] . "');\r\n\t\t\tif(parent.parent==null){parent.close();}else{parent.parent.\$.closePopupLayer();}\r\n\t\t";
}
}
$tpl_info['idx'] = "upload_img";
$tpl_tmp = $mystep->getInstance("MyTpl", $tpl_info);
$tpl_tmp->Set_Variable('script', $script);
$tpl_tmp->Set_Variable('para', implode("|", $para));
$tpl_tmp->Set_Variable('self', $setting['info']['self']);
$Max_size = ini_get('upload_max_filesize');
$tpl_tmp->Set_Variable('Max_size', $Max_size);
$tpl_tmp->Set_Variable('MaxSize', GetFileSize($Max_size));
$tpl->Set_Variable('main', $tpl_tmp->Get_Content('$db, $setting'));
unset($tpl_tmp);
$mystep->show($tpl);
$mystep->pageEnd(false);
for ($i = 0, $loop = count($versions); $i < $loop; $i++) {
?>
<tr<?php
echo $i == 0 ? ' class="opened"' : '';
?>
>
<td class="title" onclick="$(this).parents('tr').toggleClass('opened');"><div><i class="fa fa-caret-right"></i><i class="fa fa-caret-down"></i> <?php
echo $versions[$i]->file->name;
?>
</div></td>
<td class="version"><div><?php
echo $versions[$i]->version;
?>
</div></td>
<td class="size"><div><?php
echo GetFileSize($versions[$i]->file->size);
?>
</div></td>
<td class="reg_date"><div><?php
echo GetTime('F d, Y', $versions[$i]->reg_date);
?>
</div></td>
<td class="hit"><div><?php
echo number_format($versions[$i]->file->hit);
?>
</div></td>
<td class="download">
<button type="button" class="btn btnRed" onclick="Dataroom.download(<?php
echo $idx;
?>
,'<?php
$tpl = $mystep->getInstance("MyTpl", $tpl_info);
if (empty($tbl)) {
$title = $setting['language']['plugin_db_info_db'] . " - " . $db_name;
$db->select("information_schema.tables", "table_name as Name, Engine, table_rows as Rows, (data_length+index_length) as Data_length, Create_time, table_collation as Collation, table_comment as Comment", array("table_schema", "=", $db_name));
$root_mode = true;
if ($db->CheckError()) {
$db->free();
$db->clearError();
$db->Query("SHOW TABLE STATUS FROM " . $db_name);
$root_mode = false;
}
$n = 1;
while ($record = $db->GetRS()) {
HtmlTrans(&$record);
$record['no'] = $n++;
$record['Data_length'] = $root_mode ? GetFileSize($record['Data_length']) : "--";
$tpl->Set_Loop('record', $record);
}
$db_list = $db->GetDBs();
$max_count = count($db_list);
for ($i = 0; $i < $max_count; $i++) {
$tpl->Set_Loop("db", array("name" => $db_list[$i], "selected" => $db_list[$i] == $db_name ? "selected" : ""));
}
} else {
$title = $setting['language']['plugin_db_info_tbl'] . " - " . $db_name . " - " . $tbl;
$tbl_info = $db->GetTabSetting($tbl, $db_name);
$db->Query("describe " . $db_name . "." . $tbl);
$n = 1;
while ($record = $db->GetRS()) {
HtmlTrans(&$record);
$record['no'] = $n++;
function build_page($method)
{
global $mystep, $req, $db, $setting, $id, $rules, $info_snatch, $info_import;
$tpl_info = array("idx" => "main", "style" => "../plugin/" . basename(realpath(dirname(__FILE__))) . "/tpl/", "path" => ROOT_PATH . "/" . $setting['path']['template']);
$tpl = $mystep->getInstance("MyTpl", $tpl_info);
if ($method == "rule_add" || $method == "rule_edit") {
$tpl_info['idx'] = "rule_input";
} else {
$tpl_info['idx'] = $method;
}
$tpl_tmp = $mystep->getInstance("MyTpl", $tpl_info);
if ($method == "rule") {
$i = 1;
foreach ($rules as $key => $value) {
$value['no'] = $i++;
$value['id'] = $key;
$value['counter'] = $db->result($setting['db']['pre'] . "news_snatch", "count(*)", array("idx", "=", $value['idx']));
$tpl_tmp->Set_Loop('record', $value);
}
} elseif ($method == "rule_add") {
//no script
} elseif ($method == "rule_edit") {
$rule = array();
$rule['id'] = $id;
$rule['name'] = $rules[$id]['name'];
$rule['url'] = $rules[$id]['url'];
$rule['notes'] = $rules[$id]['notes'];
if (empty($rules[$id]['para'])) {
$rule['para'] = "";
} else {
$rule['para'] = var_export($rules[$id]['para'], true);
}
$rule['rule_snatch'] = htmlspecialchars(GetFile("rule/" . $rules[$id]['idx'] . "_snatch.php"));
$rule['rule_import'] = htmlspecialchars(GetFile("rule/" . $rules[$id]['idx'] . "_import.php"));
$tpl_tmp->Set_Variables($rule);
} elseif ($method == "news") {
$page = $req->getGet("page");
$keyword = $req->getGet("keyword");
$order = $req->getGet("order");
$tpl_tmp->Set_Variable('order', $order);
$order_type = $req->getGet("order_type");
if (empty($order_type)) {
$order_type = "desc";
}
$condition = array();
if (!empty($keyword)) {
$condition[] = array("subject", "like", $keyword);
}
$counter = $db->result($setting['db']['pre'] . "news_snatch", "count(*)", $condition);
list($page_arr, $page_start, $page_size) = GetPageList($counter, "?method=news&keyword={$keyword}&order={$order}&order_type={$order_type}", $page);
$tpl_tmp->Set_Variables($page_arr);
if ($counter > 0) {
if (empty($order)) {
$order = "id";
}
$the_order = array();
$the_order[] = "{$order} {$order_type}";
if ($order != "id") {
$the_order[] = "id desc";
}
$db->select($setting['db']['pre'] . "news_snatch", "id, idx, url, original, subject", $condition, array("order" => $the_order, "limit" => "{$page_start}, {$page_size}"));
while ($record = $db->GetRS()) {
HtmlTrans(&$record);
$tpl_tmp->Set_Loop('record', $record);
}
}
$tpl_tmp->Set_Variable('keyword', $keyword);
$tpl_tmp->Set_Variable('order_type_org', $order_type);
$order_type = $order_type == "asc" ? "desc" : "asc";
$tpl_tmp->Set_Variable('order_type', $order_type);
$tpl_tmp->Set_Variable('keyword', $keyword);
} elseif ($method == "news_edit") {
$record = $db->record($setting['db']['pre'] . "news_snatch", "*", array("id", "n=", $id));
if ($record === false) {
$tpl->Set_Variable('main', showInfo($setting['language']['admin_art_content_error'], 0));
echo $tpl->Read_Cache();
return;
}
HtmlTrans(&$record);
$tpl_tmp->Set_Variables($record, "record");
} elseif ($method == "snatch") {
$refresh = 600;
if (isset($rules[$id]['para']['refresh'])) {
$refresh = $rules[$id]['para']['refresh'];
}
if (false && file_exists($info_snatch) && time() - filemtime($info_snatch) < $refresh && $req->getReq("f") == "") {
$show = $setting['language']['plugin_news_snatch_interrupt'];
} else {
$show = "";
if (file_exists($info_snatch)) {
unlink($info_snatch);
}
}
$tpl_tmp->Set_Variable('id', $id);
$tpl_tmp->Set_Variable('refresh', $refresh);
$tpl_tmp->Set_Variable('info_file', $info_snatch);
$tpl_tmp->Set_Variable('show', addslashes($show));
} elseif ($method == "import") {
$idx = $req->getReq("idx");
$para = array();
for ($i = 0, $m = count($rules); $i < $m; $i++) {
if ($rules[$i]['idx'] == $idx) {
$para = $rules[$i]['para'];
break;
}
}
$refresh = 600;
if (isset($para['refresh'])) {
$refresh = $para['refresh'];
}
if (false && file_exists($info_import) && time() - filemtime($info_import) < $refresh && $req->getReq("f") == "") {
$show = $setting['language']['plugin_news_import_interrupt'];
} else {
$show = "";
if (file_exists($info_import)) {
unlink($info_import);
}
}
$tpl_tmp->Set_Variable('id', $id);
$tpl_tmp->Set_Variable('idx', $idx);
$tpl_tmp->Set_Variable('refresh', $refresh);
$tpl_tmp->Set_Variable('info_file', $info_import);
$tpl_tmp->Set_Variable('show', addslashes($show));
} elseif ($method == "upload") {
global $script;
$tpl_tmp->Set_Variable('script', $script);
$tpl_tmp->Set_Variable('self', $setting['info']['self']);
$Max_size = ini_get('upload_max_filesize');
$tpl_tmp->Set_Variable('Max_size', $Max_size);
$tpl_tmp->Set_Variable('MaxSize', GetFileSize($Max_size));
}
$tpl_tmp->Set_Variable('title', $setting['language']['plugin_news_snatch_title_' . $method]);
$tpl_tmp->Set_Variable('id', $id);
$tpl_tmp->Set_Variable('method', $method);
$tpl->Set_Variable('path_admin', $setting['path']['admin']);
$tpl->Set_Variable('main', $tpl_tmp->Get_Content('$setting'));
$db->Free();
unset($tpl_tmp);
$mystep->show($tpl);
return;
}
function build_page($method)
{
global $mystep, $req, $tpl, $tpl_info, $plugin, $setting, $idx, $plugin_path, $website;
$tpl_info['idx'] = "web_plugin_" . $method;
$tpl_tmp = $mystep->getInstance("MyTpl", $tpl_info);
$tpl_tmp->allow_script = true;
if ($method == "list") {
if ($plugin_info = json_decode(GetRemoteContent($setting['gen']['update'] . "/plugin.php?l=" . $setting['gen']['language']))) {
foreach ($plugin_info as $key => $value) {
$update_info[$key] = array();
$update_info[$key]['idx'] = $key;
$update_info[$key]['name'] = getString($value->name);
$update_info[$key]['ver'] = $value->ver;
$update_info[$key]['intro'] = getString($value->intro);
}
unset($plugin_info);
} else {
$update_info = array();
}
$fso = $mystep->getInstance("MyFSO");
$plugin_list = $fso->Get_List($plugin_path);
$max_count = count($plugin_list['dir']);
$n = 0;
for ($i = 0; $i < $max_count; $i++) {
if (is_file($plugin_list['dir'][$i] . "/info.php")) {
$info = array();
include $plugin_list['dir'][$i] . "/info.php";
$update_info_hash = array();
if (isset($info['update_url'])) {
if (isset($update_info_hash[md5($info['update_url'])])) {
$plugin_info_remote = $update_info_hash[md5($info['update_url'])];
} else {
if ($plugin_info_remote = json_decode(GetRemoteContent($info['update_url'] . "/plugin.php?l=" . $setting['gen']['language']))) {
$update_info_hash[md5($info['update_url'])] = $plugin_info_remote;
} else {
$plugin_info_remote = new stdClass();
}
}
if (isset($plugin_info_remote->{$info}['idx'])) {
$update_info[$info['idx']] = array();
$update_info[$info['idx']]['idx'] = $info['idx'];
$update_info[$info['idx']]['name'] = getString($plugin_info_remote->{$info}['idx']->name);
$update_info[$info['idx']]['ver'] = $plugin_info_remote->{$info}['idx']->ver;
$update_info[$info['idx']]['intro'] = getString($plugin_info_remote->{$info}['idx']->intro);
}
}
if (isset($update_info[$info['idx']]) && $info['ver'] < $update_info[$info['idx']]['ver']) {
$info['ver_new'] = $update_info[$info['idx']]['ver'];
$info['update'] = "";
} else {
$info['ver_new'] = "";
$info['update'] = "none";
}
if ($plugin_info = getParaInfo("plugin", "idx", $info['idx'])) {
$info['order'] = $plugin_info['order'];
$info['active'] = $plugin_info['active'] ? $setting['language']['close'] : $setting['language']['open'];
$tpl_tmp->Set_Loop("plugin_list_1", $info);
} else {
$n++;
$tpl_tmp->Set_Loop("plugin_list_2", $info);
}
unset($update_info[$info['idx']]);
}
}
foreach ($update_info as $key => $value) {
$tpl_tmp->Set_Loop("plugin_list_3", $value);
}
$tpl_tmp->Set_If('empty_2', $n == 0);
$tpl_tmp->Set_If('empty_3', count($update_info) == 0);
$tpl_tmp->Set_Variable('self', $setting['info']['self']);
$tpl_tmp->Set_Variable('title', $setting['language']['admin_web_plugin_title']);
global $db;
$db->select($setting['db']['pre'] . "admin_cat", "file, count(*) as counter", array("file", "!=", "###"), array("group" => "file", "having" => array("counter", "n>", 1)));
$dp_list = "";
while ($cur = $db->getRS()) {
$dp_list .= $cur['file'] . " (" . $cur['counter'] . ")\\n";
}
$tpl_tmp->Set_Variable('dp_list', $dp_list);
} elseif ($method == "setting") {
$tpl_tmp->Set_Variable('title', $setting['language']['admin_web_plugin_setup']);
$plugin_info = getParaInfo("plugin", "idx", $idx);
include $plugin_path . $idx . "/info.php";
if ($plugin_info === false) {
$tpl->Set_Variable('main', showInfo($setting['language']['admin_web_plugin_err'], 0));
$mystep->show($tpl);
$mystep->pageEnd(false);
}
$max_count = count($website);
for ($i = 0; $i < $max_count; $i++) {
$tpl_tmp->Set_Loop('subweb', array("web_id" => $website[$i]['web_id'], "name" => $website[$i]['name'], "checked" => strpos($plugin_info['subweb'], "," . $website[$i]['web_id'] . ",") !== false ? "checked" : ""));
}
$info['description'] = nl2br($info['description']);
$tpl_tmp->Set_Variable('idx', $plugin_info['idx']);
$tpl_tmp->Set_Variable('name', $plugin_info['name']);
$tpl_tmp->Set_Variable('subweb', $plugin_info['subweb']);
$tpl_tmp->Set_Variable('description', $info['description']);
$tpl_tmp->Set_Variable('back_url', $req->getServer("HTTP_REFERER"));
} elseif ($method == "upload") {
global $script;
$tpl_tmp->Set_Variable('script', $script);
$tpl_tmp->Set_Variable('self', $setting['info']['self']);
$Max_size = ini_get('upload_max_filesize');
$tpl_tmp->Set_Variable('Max_size', $Max_size);
$tpl_tmp->Set_Variable('MaxSize', GetFileSize($Max_size));
} else {
$tpl_tmp->Set_Variable('title', $setting['language']['admin_web_plugin_install']);
include $plugin_path . $idx . "/info.php";
$info['description'] = nl2br($info['description']);
$tpl_tmp->Set_Variables($info);
$tpl_tmp->Set_Variable('back_url', $req->getServer("HTTP_REFERER"));
$max_count = count($website);
for ($i = 0; $i < $max_count; $i++) {
$tpl_tmp->Set_Loop('subweb', array("web_id" => $website[$i]['web_id'], "name" => $website[$i]['name'], "checked" => ""));
}
include $plugin_path . $idx . "/class.php";
$check_info = call_user_func(array($info['class'], "check"));
$color = "black";
$info = $check_info;
if (empty($check_info)) {
$color = "green";
$info = $setting['language']['admin_web_plugin_check_ok'];
}
$check_info = '<span style="color:' . $color . '">' . $info . '</span>';
$tpl_tmp->Set_Variable('check', $check_info);
$tpl_tmp->Set_Variable('subweb', "");
}
$tpl->Set_Variable('main', $tpl_tmp->Get_Content('$db, $setting, $idx'));
unset($tpl_tmp);
$mystep->show($tpl);
return;
}
}
if ($sitelink2) {
$sitelink2 = "<a href={$sitelink2} target=_blank>{$sitelink2}</a>";
}
$file_name1 = $reply_data[s_file_name1];
$file_name2 = $reply_data[s_file_name2];
$file_download1 = $reply_data[download1];
$file_download2 = $reply_data[download2];
if ($file_name1) {
$file_size1 = @GetFileSize(filesize($reply_data[file_name1]));
$a_file_link1 = "<a href=download.php?{$href}{$sort}&no={$reply_data['no']}&filenum=1>";
} else {
$a_file_link = "<Zeroboard";
}
if ($file_name2) {
$file_size2 = @GetFileSize(filesize($reply_data[file_name2]));
$a_file_link2 = "<a href=download.php?{$href}{$sort}&no={$reply_data['no']}&filenum=2>";
} else {
$a_file_link = "Zeroboard";
}
if ($comment_num == 0) {
$comment_num = "";
}
$upload_image1 = $upload_image2 = "";
if (eregi("\\.jpg", $file_name1) || eregi("\\.gif", $file_name1) || eregi("\\.png", $file_name1)) {
$upload_image1 = "<img src={$reply_data['file_name1']} border=0><br>";
}
if (eregi("\\.jpg", $file_name2) || eregi("\\.gif", $file_name2) || eregi("\\.png", $file_name2)) {
$upload_image2 = "<img src={$reply_data['file_name2']} border=0><br>";
}
// 카테고리의 이름을 구함
public function DoIt($type = "pack", $separator = "|")
{
$this->pack_result = array();
if ($type == "pack") {
$this->pack_fp = fopen($this->pack_file, "wb");
if (!$this->pack_fp) {
die("Error Occurs In Creating Output File !");
}
$time = $_SERVER['REQUEST_TIME'];
if (count($this->file_list) > 0) {
$this->PackFileList($separator);
} else {
$this->PackFile($this->pack_dir, $separator);
}
fclose($this->pack_fp);
if ($_SERVER['REQUEST_TIME'] - $time <= 1) {
sleep(1);
}
WriteFile($this->pack_file, gzcompress(GetFile($this->pack_file), 9));
} else {
WriteFile($this->pack_file, gzuncompress(GetFile($this->pack_file)));
$this->pack_fp = fopen($this->pack_file, "rb");
if (!$this->pack_fp) {
die("Error Occurs In Reading Pack File !");
}
$this->UnpackFile($this->pack_dir, $separator);
fclose($this->pack_fp);
unlink($this->pack_file);
}
$filename = $this->pack_file;
$filesize = GetFileSize($filename);
array_push($this->pack_result, "<br />File Count: {$this->file_count} File(s)");
return $filename;
}
</td>
<td width="120" class="vtop td24 lineheight">评论总数</td>
<td class="lineheight smallfont"><?php
echo $DreamCMS->db->get_var("SELECT count(id) FROM #DC@__comment");
?>
</td>
</tr>
<tr>
<td width="120" class="vtop td24 lineheight">数据库大小</td>
<td width="300" class="lineheight smallfont"><?php
echo GetFileSize($datasize + $indexsize);
?>
</td>
<td width="120" class="vtop td24 lineheight">文章数据大小</td>
<td class="lineheight smallfont"><?php
echo GetFileSize($content_datasize);
?>
</td>
</tr>
</table>
<table class="tb tb2 nobdb nobdt fixpadding" style="display:none">
<tr>
<th colspan="17" class="partition">系统信息</th>
</tr>
<tr>
<td width="120" class="vtop td24 lineheight">当前程序版本</td>
<td width="300" class="lineheight smallfont">DreamArticle <?php
echo Version;
?>
</td>
<td width="120" class="vtop td24 lineheight"><a href="http://www.idreamsoft.cn/thread.php?fid=8" class="lightlink smallfont" target="_blank">最新版本</a></td>
echo $in;
?>
&type=other"><span>其它文件</span></a></li>
</ul>
</div>
<table class="tb tb2 " width="100%">
<tr>
<th></th>
<th>文件名</th>
<th>文件大小</th>
<th>上传时间</th>
</tr>
<?php
for ($i = 0; $i < $_count; $i++) {
$rs[$i]['time'] = get_date($rs[$i]['time'], "Y-m-d H:i");
$rs[$i]['size'] = GetFileSize($rs[$i]['size']);
$rs[$i]['icon'] = geticon($rs[$i]['filename']);
?>
<tr>
<td><?php
echo $total - ($i + $firstcount);
?>
</td>
<td><?php
echo $rs[$i]['icon'];
?>
<?php
echo $rs[$i]['filename'];
?>
</td>
<td><?php
function list_check(&$data, $view_check = 0)
{
global $keyword, $sn, $ss, $sc, $setup, $member, $href, $id, $dir, $category_data, $is_admin, $_zbResizeCheck, $name, $email, $subject, $sort, $prev_no, $no, $homepage, $memo, $hit, $vote, $ip, $comment_num, $sitelink1, $sitelink2, $file_name1, $file_name2, $file_download1, $file_download2, $file_size1, $file_size2, $upload_image1, $upload_image2, $category_name, $date, $reg_date, $insert, $icon, $face_image, $number, $loop_number, $a_file_link1, $a_file_link2, $a_reply, $a_delete, $a_modify, $zbLayer, $_zbCheckNum, $_listCheckTime;
$_listCheckTimeStart = getmicrotime();
if ($view_check) {
$setup[only_board] = 0;
}
// 제목에 5줄로 툴바 만듬
if ($setup[use_status]) {
$tmpData = explode("\n", stripslashes($data[memo]));
$totalCommentLineNum = count($tmpData);
if ($totalCommentLineNum > 10) {
$showCommentStr_tail .= "\n" . ($totalCommentLineNum - 10) . " lines more... (total : {$totalCommentLineNum} lines)";
$tmpData_Count = 10;
} else {
$tmpData_Count = $totalCommentLineNum;
}
$showCommentStr = "";
for ($i = 0; $i < $tmpData_Count; $i++) {
$tmpStr = trim($tmpData[$i]);
if ($tmpStr) {
$showCommentStr .= $tmpStr . "\n";
}
}
$showCommentStr = str_replace("'", "", $showCommentStr);
$showCommentStr = str_replace("\"", "", $showCommentStr);
$showCommentStr .= $showCommentStr_tail;
}
$_zbCount = check_zbLayer($data);
// HTML 사용일 경우 현재 회원의 html 권한이 없거나 관리자가 아니라면 style 속성을 제거
if ($data[use_html] && $data[islevel] > $setup[grant_html]) {
$style_pattern = "/(\\<.*?)style=(.*?)(\\>?)/i";
$data[memo] = preg_replace($style_pattern, "\\1\\3", $data[memo]);
}
// 검색어에 해당하는 글자를 빨간;; 색으로 바꾸어줌;;
if ($keyword) {
$keyword_pattern = "/{$keyword}/i";
if ($sn == "on") {
$data[name] = preg_replace($keyword_pattern, "<font color=FF001E style=background-color:FFF000;>{$keyword}</font>", $data[name]);
}
if ($ss == "on") {
$data[subject] = preg_replace($keyword_pattern, "<font color=FF001E style=background-color:FFF000;>{$keyword}</font>", $data[subject]);
}
if ($ss == "on" && $setup[cut_length] > 0) {
$setup[cut_length] = $setup[cut_length] + 52;
}
}
// ' 등의 특수문자때문에 붙인 \(역슬래쉬)를 떼어낸다
$name = $data[name] = stripslashes($data[name]);
// 이름
$temp_name = get_private_icon($data[ismember], "2");
if ($temp_name) {
$name = "<img src='{$temp_name}' border=0 align=absmiddle>";
}
$subject = $data[subject] = stripslashes($data[subject]);
// 제목
//$subject=$data[subject];
$subject = cut_str($subject, $setup[cut_length]);
// 제목 자르는 부분
$hit = $data[hit];
// 조회수
$vote = $data[vote];
// 투표수
$comment_num = "[" . $data[total_comment] . "]";
// 간단한 답글 수
if ($data[total_comment] == 0) {
$comment_num = "";
}
if ($setup[use_alllist]) {
$view_file = "zboard.php";
} else {
$view_file = "view.php";
}
// 제목에 링크 거는 부분;
if ($member[level] <= $setup[grant_view] || $is_admin) {
//if($setup[use_status]&&!$data[is_secret]) $addShowComment = " onMouseOver=\"showComment('$showCommentStr',true)\" onMouseOut=\"showComment('',false)\" ";
if ($setup[use_status] && !$data[is_secret]) {
$addShowComment = " title=\"{$showCommentStr}\" ";
}
$subject = "<a href=\"" . $view_file . "?{$href}{$sort}&no={$data['no']}\" {$addShowComment} >" . $subject . "</a>";
}
if (!$setup[only_board]) {
$homepage = $data[homepage] = stripslashes($data[homepage]);
if ($homepage) {
$homepage = "<a href='{$homepage}' target=_blank>{$homepage}</a>";
}
// 이미지 박스 사용을 위해서 정규표현식 사용
if ($data[ismember]) {
$imageBoxPattern = "/\\[img\\:(.+?)\\.(jpg|gif)\\,align\\=([a-z]){0,}\\,width\\=([0-9]+)\\,height\\=([0-9]+)\\,vspace\\=([0-9]+)\\,hspace\\=([0-9]+)\\,border\\=([0-9]+)\\]/i";
$data[memo] = preg_replace($imageBoxPattern, "<img src='icon/member_image_box/{$data['ismember']}/\\1.\\2' align='\\3' width='\\4' height='\\5' vspace='\\6' hspace='\\7' border='\\8'>", stripslashes($data[memo]));
} else {
$data[memo] = stripslashes($data[memo]);
}
if ($data[use_html] < 2) {
$memo = $data[memo] = nl2br($data[memo]);
}
$memo = $data[memo];
// 자동링크 거는 부분;;
if ($setup[use_autolink]) {
$memo = autolink($memo);
}
$memo .= "<!--\"<-->";
// 검색어가 있을경우 내용의 키워드를 변경
if ($sc == "on" && $keyword) {
$keyword_pattern = "/([^<]*){$keyword}([^>]*)/i";
$memo = preg_replace($keyword_pattern, "\\1<font color=FF001E style=background-color:FFF000;>{$keyword}</font>\\2", $memo);
$keyword_pattern2 = "/<img(.*)<font color=FF001E style=background-color:FFF000;>{$keyword}<\\/font>(.*)>/i";
$memo = preg_replace($keyword_pattern2, "<img\\1{$keyword}\\2>", $memo);
}
// 이미지 리사이즈를 위해서 처리하는 부분
$memo = preg_replace("/(\\<img)(.*)(\\>?)/i", "\\1 name=zb_target_resize style=\"cursor:hand\" onclick=window.open(this.src) \\2 \\3", $memo);
$memo = "<table border=0 cellspacing=0 cellpadding=0 width=100% style=\"table-layout:fixed;\"><col width=100%></col><tr><td valign=top>" . $memo . "</table>";
$_zbResizeCheck = true;
// 아이피
if ($is_admin) {
$ip = "IP Address : " . $data[ip] . " ";
}
$sitelink1 = $data[sitelink1] = stripslashes($data[sitelink1]);
$sitelink2 = $data[sitelink2] = stripslashes($data[sitelink2]);
if ($sitelink1) {
$sitelink1 = "<a href='{$sitelink1}' target=_blank>{$sitelink1}</a>";
}
if ($sitelink2) {
$sitelink2 = "<a href='{$sitelink2}' target=_blank>{$sitelink2}</a>";
}
$file_name1 = $data[s_file_name1];
$file_name2 = $data[s_file_name2];
$file_download1 = $data[download1];
$file_download2 = $data[download2];
if ($file_name1) {
$file_size1 = @GetFileSize(filesize($data[file_name1]));
$a_file_link1 = "<a href='download.php?{$href}{$sort}&no={$data['no']}&filenum=1'>";
} else {
$file_size1 = 0;
$a_file_link1 = "<Zeroboard";
}
if ($file_name2) {
$file_size2 = @GetFileSize(filesize($data[file_name2]));
$a_file_link2 = "<a href='download.php?{$href}{$sort}&no={$data['no']}&filenum=2'>";
} else {
$file_size2 = 0;
$a_file_link2 = "<Zeroboard";
}
$upload_image1 = $upload_image2 = "";
if (eregi("\\.jpg", $file_name1) || eregi("\\.gif", $file_name1) || eregi("\\.png", $file_name1)) {
$upload_image1 = "<img src={$data['file_name1']} border=0 name=zb_target_resize style=\"cursor:hand\" onclick=window.open(this.src)><br>";
}
if (eregi("\\.jpg", $file_name2) || eregi("\\.gif", $file_name2) || eregi("\\.png", $file_name2)) {
$upload_image2 = "<img src={$data['file_name2']} border=0 name=zb_target_resize style=\"cursor:hand\" onclick=window.open(this.src)><br>";
}
}
// 카테고리의 이름을 구함
if ($data[category] && $setup[use_category]) {
$category_name = $category_data[$data[category]];
} else {
$category_name = " ";
}
// 글쓴 시간을 년월일 시분초 로 변환함
$reg_date = "<span title='" . date("Y년 m월 d일 H시 i분 s초", $data[reg_date]) . "'>" . date("Y/m/d", $data[reg_date]) . "</span>";
$date = date("Y-m-d H:i:s", $data[reg_date]);
// 폼메일을 사용하고 관련메뉴가 생성이 되면 레이어오픈
if ($_zbCount && $setup[use_formmail]) {
$name = "<span onMousedown=\"ZB_layerAction('zbLayer{$_zbCheckNum}','visible')\" style=cursor:hand>{$name}</span>";
// 폼메일을 사용안할 경우 무조건 메일링크
} else {
if ($data[email]) {
$name = "<a href=\"javascript:void(window.open('open_window.php?mode=m&str=" . urlencode(base64_encode($data[email])) . "','ZBremote','width=1,height=1,left=1,top=1'))\">{$name}</a>";
}
//$name="<a href=\"javascript:void(window.open('view_info.php?to=$email&id=$id&member_no=$data[ismember]','mailform','width=400,height=510,statusbar=no,scrollbars=yes,toolbar=no'))\">$name</a>";
}
// Depth에 의한 들임값을 정함
$insert = "";
if ($data[depth] > 15) {
$data[depth] = 15;
}
for ($z = 0; $z < $data[depth]; $z++) {
$insert .= " ";
}
$icon = get_icon($data);
// 이름앞에 붙는 아이콘 정의;;
$face_image = get_face($data);
$number = $loop_number;
// 바로 전에 본 글인 경우 번호를 아이콘으로 바꿈
if ($prev_no == $data[no]) {
$number = "<img src={$dir}/arrow.gif border=0 align=absmiddle>";
} elseif ($number != " ") {
$number = $loop_number;
}
// 답글 버튼
if (($is_admin || $member[level] <= $setup[grant_reply]) && $data[headnum] > -2000000000 && $data[headnum] != -1) {
$a_reply = "<a href='write.php?{$href}{$sort}&no={$data['no']}&mode=reply'>";
} else {
$a_reply = "<Zeroboard";
}
// 삭제버튼
if (($is_admin || $member[level] <= $setup[grant_delete] || $data[ismember] == $member[no] || !$data[ismember]) && !$data[child]) {
$a_delete = "<a href='delete.php?{$href}{$sort}&no={$data['no']}'>";
} else {
$a_delete = "<Zeroboard";
}
// 수정버튼
if ($is_admin || $member[level] <= $setup[grant_delete] || $data[ismember] == $member[no] || !$data[ismember]) {
$a_modify = "<a href='write.php?{$href}{$sort}&no={$data['no']}&mode=modify'>";
} else {
$a_modify = "<Zeroboard";
}
// 스팸메일러 금지
$mail = $data[email] = "";
$_listCheckTime += getmicrotime() - $_listCheckTimeStart;
}
function RunTest($s_test, $a_vars)
{
global $aAlertInfo;
$s_op_chars = "&|^!=~#<>";
// these are the characters for the operators
$i_len = strlen($s_test);
$b_ok = true;
if ($i_len <= 0) {
//
// empty test - true
//
} elseif ($s_test == "!") {
//
// test asserts false
//
$b_ok = false;
} elseif (($i_span = strcspn($s_test, $s_op_chars)) >= $i_len) {
//
// no operator - just check field presence
//
$b_ok = !TestFieldEmpty($s_test, $a_vars, $s_mesg);
} else {
//
// get first field name
//
$s_fld1 = trim(substr($s_test, 0, $i_span));
//
// get the operator
//
$s_rem = substr($s_test, $i_span);
$i_span = strspn($s_rem, $s_op_chars);
$s_oper = substr($s_rem, 0, $i_span);
switch ($s_oper) {
case '&':
case '|':
case '^':
case '=':
case '!=':
//
// get the second field name
//
$s_fld2 = trim(substr($s_rem, $i_span));
$b_ok = FieldTest($s_oper, $s_fld1, $s_fld2, $a_vars, $s_error_mesg);
break;
case '~':
case '!~':
//
// get the regular expression
//
$s_pat = trim(substr($s_rem, $i_span));
if (!TestFieldEmpty($s_fld1, $a_vars, $s_mesg)) {
$s_value = GetFieldValue($s_fld1, $a_vars);
} else {
$s_value = "";
}
//echo "<p>Pattern: '".htmlspecialchars($s_pat)."': count=".preg_match($s_pat,$s_value)."<br /></p>";
//
// match the regular expression
//
if (preg_match($s_pat, $s_value) > 0) {
$b_ok = $s_oper == '~';
} else {
$b_ok = $s_oper == '!~';
}
if (!$b_ok) {
$aAlertInfo[] = GetMessage(MSG_PAT_FAILED, array("OPER" => $s_oper, "PAT" => $s_pat, "VALUE" => $s_value));
}
break;
case '#=':
case '#!=':
case '#<':
case '#>':
case '#<=':
case '#>=':
//
// numeric tests
//
$s_num = trim(substr($s_rem, $i_span));
//
// if this is a file field, get the size of the file for
// numeric tests
//
if (($s_value = GetFileSize($s_fld1)) === false) {
$s_value = $a_vars[$s_fld1];
}
if (strpos($s_num, '.') === false) {
//
// treat as integer
//
$m_num = (int) $s_num;
$m_fld = (int) $s_value;
} else {
//
// treat as floating point
//
$m_num = (double) $s_num;
$m_fld = (double) $s_value;
}
switch ($s_oper) {
case '#=':
$b_ok = $m_fld == $m_num;
break;
case '#!=':
$b_ok = $m_fld != $m_num;
break;
case '#<':
$b_ok = $m_fld < $m_num;
break;
case '#>':
$b_ok = $m_fld > $m_num;
break;
case '#<=':
$b_ok = $m_fld <= $m_num;
break;
case '#>=':
$b_ok = $m_fld >= $m_num;
break;
}
break;
default:
SendAlert(GetMessage(MSG_COND_OPER, array("OPER" => $s_oper)));
break;
}
}
return $b_ok;
}
} else {
if (!move_uploaded_file($file1, "data/{$id}/" . $s_file_name1)) {
Error("It occured error when upload file(s)");
}
$file_name1 = "data/{$id}/" . $s_file_name1;
@chmod($file_name1, 0706);
}
}
}
if ($file2_size > 0 && $setup[use_pds] && $file2) {
if (!is_uploaded_file($file2)) {
Error("Please make upload properly");
}
$file2_size = filesize($file2);
if ($setup[max_upload_size] < $file2_size && !$is_admin) {
error("Maximum upload size of second file is " . GetFileSize($setup[max_upload_size]) . " ");
}
if ($file2_size > 0) {
$s_file_name2 = $file2_name;
if (eregi("\\.inc", $s_file_name2) || eregi("\\.pht", $s_file_name2) || eregi("\\.htm", $s_file_name2) || eregi("\\.shtml", $s_file_name2) || eregi("\\.ztx", $s_file_name2) || eregi("\\.php", $s_file_name2) || eregi("\\.dot", $s_file_name1) || eregi("\\.asp", $s_file_name2) || eregi("\\.cgi", $s_file_name2) || eregi("\\.pl", $s_file_name2)) {
Error("Related file with HTML(PHP) can not upload");
}
//확장자 검사
if ($setup[pds_ext2]) {
$temp = explode(".", $s_file_name2);
$s_point = count($temp) - 1;
$upload_check = $temp[$s_point];
if (!eregi($upload_check, $setup[pds_ext2]) || !$upload_check) {
Error("Only available upload file format is {$setup['pds_ext2']}");
}
}
