Пример #1
1
 function step2()
 {
     if (!$this->input->post('w')) {
         goto_url('/');
     }
     $not_mb_id = $this->input->post('not_mb_id');
     if ($not_mb_id) {
         $title = '회원아이디 찾기 결과';
     } else {
         if (!$not_mb_id || $this->session->flashdata('mb_idpwd')) {
             $title = '비밀번호 찾기 2단계';
         }
     }
     $mb = $this->Member_forget_model->check();
     if (isset($mb['mb_id'])) {
         if ($mb['mb_id'] == ADMIN) {
             alert('관리자 아이디는 접근 불가합니다.');
         }
     } else {
         alert('입력하신 내용으로는 회원정보가 존재하지 않습니다.', 'member/forget_idpwd');
     }
     $this->load->helper('textual');
     $mb['mb_password_q'] = get_text($mb['mb_password_q']);
     $head = array('title' => $title);
     $data = array('time' => time(), 'mb_id' => $mb['mb_id'], 'mb_password_q' => $mb['mb_password_q']);
     widget::run('head', $head);
     $this->load->view('member/forget_' . ($not_mb_id ? 'id' : 'pwd'), $data);
     widget::run('tail');
 }
Пример #2
0
 function memo_delete()
 {
     $me_no = $this->input->post('me_no');
     $flag = $this->input->post('flag');
     check_token('member/memo/lists/' . $flag);
     if (!IS_MEMBER) {
         alert_close("회원만 이용하실 수 있습니다.");
     }
     if (!($flag && $me_no)) {
         alert_close("잘못된 접근입니다.");
     }
     $member = unserialize(MEMBER);
     $this->load->model('Member_memo_model');
     if ($flag == 'R') {
         $result = $this->Member_memo_model->get_del_memo($me_no, $flag, $member['mb_id']);
         $cnt = 0;
         foreach ($result as $row) {
             if ($row['me_check'] == '0000-00-00 00:00:00') {
                 $cnt++;
             }
         }
         if ($cnt > 0) {
             $this->Member_memo_model->memo_count($member['mb_id'], $cnt);
         }
     }
     $this->Member_memo_model->memo_delete($me_no, $flag, $member['mb_id']);
     goto_url('member/memo/lists/' . $flag);
 }
Пример #3
0
 function out()
 {
     if (IS_MEMBER) {
         $this->session->sess_destroy();
         delete_cookie('ck_mb_id');
     }
     goto_url('/');
 }
Пример #4
0
 function index()
 {
     $seg =& $this->seg;
     $w = $seg->get('w');
     // 모드
     $wr_id = $seg->get('wr_id');
     // 게시물아이디
     $comment_id = $seg->get('comment_id');
     // 코멘트아이디
     $qstr = $seg->output();
     switch ($w) {
         case 'u':
             $action = 'board/' . BO_TABLE . '/write' . $qstr;
             break;
         case 'd':
             $qstr = $seg->replace('wr_id', '', $qstr);
             $action = '_trans/board_write/delete';
             break;
         case 'x':
             $action = '_trans/board_comment/delete';
             break;
         case 's':
             if (IS_ADMIN) {
                 // 관리자 통과
                 goto_url('board/' . BO_TABLE . '/view/wr_id/' . $wr_id);
             }
             $write = $this->Basic_model->get_write(BO_TABLE, $wr_id, 'mb_id');
             // 회원의 글이라면
             if ($write['mb_id']) {
                 $member =& $this->member;
                 if (IS_MEMBER && $member['mb_id'] == $write['mb_id']) {
                     // 자신의 글
                     goto_url('board/' . BO_TABLE . '/view/wr_id/' . $wr_id);
                 } else {
                     $msg = '글을 읽을 권한이 없습니다.';
                     if (!IS_MEMBER) {
                         $msg .= '\\n\\n답글의 경우 비회원은 본인글을 읽은 후 읽어 주시기 바랍니다.';
                     }
                     alert($msg);
                 }
             } else {
                 // 비회원
                 $action = '_trans/board_password/check';
             }
             break;
         default:
             alert('잘못된 접근입니다.');
             break;
     }
     $head = array('title' => '비밀번호 확인');
     $data = array('w' => $w, 'wr_id' => $wr_id, 'comment_id' => $comment_id, 'action' => $action, 'qstr' => $seg->replace('w,comment_id', '', $qstr));
     widget::run('head', $head);
     $this->load->view('board/password', $data);
     widget::run('tail');
 }
Пример #5
0
 function update()
 {
     if ($this->input->post('chk')) {
         $pu_ids = $this->input->post('chk');
         $pu_names = $this->input->post('pu_name');
         $pu_uses = $this->input->post('pu_use');
     } else {
         alert('잘못된 접근입니다.');
     }
     $this->Popup_model->list_update($pu_ids, $pu_names, $pu_uses);
     goto_url(URL);
 }
Пример #6
0
 function update()
 {
     if ($this->input->post('chk')) {
         $gr_ids = $this->input->post('chk');
         $gr_subjects = $this->input->post('gr_subject');
         $gr_admins = $this->input->post('gr_admin');
     } else {
         alert("잘못된 접근입니다.");
     }
     foreach ($gr_ids as $gr_id) {
         $this->Boardgroup_model->list_update($gr_id, $gr_subjects[$gr_id], $gr_admins[$gr_id]);
     }
     goto_url(URL);
 }
Пример #7
0
 function delete()
 {
     if ($this->input->post('chk')) {
         $po_ids = $this->input->post('chk');
         $mb_ids = array_unique($this->input->post('mb_ids'));
     } else {
         alert('잘못된 접근입니다.');
     }
     $this->Point_model->point_delete($po_ids);
     foreach ($mb_ids as $mb_id) {
         $this->Point_model->point_reset($mb_id);
     }
     goto_url(URL);
 }
Пример #8
0
function alert($msg = '', $url = '')
{
    if (!$msg) {
        $msg = '올바른 방법으로 이용해 주십시오.';
    }
    echo "<script language='javascript'>alert('{$msg}');";
    echo "</script>";
    if ($url) {
        goto_url($url);
    } else {
        echo "<script language='javascript'>history.back();";
        echo "</script>";
    }
    exit;
}
Пример #9
0
 function password()
 {
     $this->db->select('mb_id, mb_password');
     $result = $this->db->get_where('ki_member', array('mb_level >=' => 2))->result_array();
     $key = md5($this->config->item('encryption_key'));
     $data = array();
     foreach ($result as $row) {
         $password = $this->encrypt->_xor_decode(base64_decode($row['mb_password']), $key);
         if (strlen($password) != 32) {
             exit('구 버전 암호가 아닐 수 있습니다.');
         }
         $data[] = array('mb_id' => $row['mb_id'], 'mb_password' => $this->encrypt->encode($password));
     }
     $this->db->update_batch('ki_member', $data, 'mb_id');
     goto_url('/');
 }
Пример #10
0
 function check()
 {
     if ($this->input->post('w') == 's') {
         $bo_table = $this->input->post('bo_table');
         $wr = $this->Basic_model->get_write($bo_table, $this->input->post('wr_id'), 'wr_num, wr_password');
         $this->load->library('encrypt');
         if (md5($this->input->post('password')) != $this->encrypt->decode($wr['wr_password'])) {
             alert("비밀번호가 맞지 않습니다.");
         }
         // 세션에 아래 정보를 저장. 하위번호는 패스워드없이 보아야 하기 때문
         $ss_name = "ss_secret_" . $bo_table . "_" . $wr['wr_num'];
         $this->session->set_userdata($ss_name, TRUE);
     } else {
         alert("잘못된 접근입니다.");
     }
     goto_url('board/' . $bo_table . '/view' . $this->input->post('qstr'));
 }
Пример #11
0
function alert($msg = '', $url = '')
{
    $CI =& get_instance();
    if (!$msg) {
        $msg = '올바른 방법으로 이용하세요.';
    }
    echo "<meta http-equiv=\"content-type\" content=\"text/html; charset=" . $CI->config->item('charset') . "\">";
    echo "<script type='text/javascript'>alert('" . $msg . "');";
    if (!$url) {
        echo "history.go(-1);";
    }
    echo "</script>";
    if ($url) {
        goto_url($url);
    }
    exit;
}
Пример #12
0
 function update()
 {
     if ($this->input->post('chk')) {
         $bo_tables = $this->input->post('chk');
         $bo_subjects = $this->input->post('bo_subject');
         $gr_ids = $this->input->post('gr_id');
         $bo_skins = $this->input->post('bo_skin');
         $bo_use_searchs = $this->input->post('bo_use_search');
         $bo_order_searchs = $this->input->post('bo_order_search');
     } else {
         alert('잘못된 접근입니다.');
     }
     foreach ($bo_tables as $bo_table) {
         $bo_use_search = isset($bo_use_searchs[$bo_table]) ? $bo_use_searchs[$bo_table] : '';
         $this->Board_model->list_update($bo_table, $bo_subjects[$bo_table], $gr_ids[$bo_table], $bo_skins[$bo_table], $bo_use_search, $bo_order_searchs[$bo_table]);
     }
     goto_url(URL);
 }
Пример #13
0
function alert($msg = '', $url = '')
{
    if (!$msg) {
        $msg = '올바른 방법으로 이용해 주십시오.';
    }
    //header("Content-Type: text/html; charset=$g4[charset]");
    echo "<meta http-equiv=\"content-type\" content=\"text/html; charset=utf-8\">";
    echo "<script language='javascript'>alert('{$msg}');";
    if (!$url) {
        echo "history.go(-1);";
    }
    echo "</script>";
    if ($url) {
        // 4.06.00 : 불여우의 경우 아래의 코드를 제대로 인식하지 못함
        //echo "<meta http-equiv='refresh' content='0;url=$url'>";
        goto_url($url);
    }
    exit;
}
Пример #14
0
 function update()
 {
     if ($this->input->post('chk')) {
         $mb_ids = $this->input->post('chk');
         $mb_levels = $this->input->post('mb_levels');
     } else {
         alert('잘못된 접근입니다.');
     }
     if (SU_ADMIN != ADMIN) {
         $key = array_search(ADMIN, $mb_ids);
         if ($key !== FALSE) {
             unset($mb_ids[$key]);
             $msg = '최고관리자는 수정할 수 없습니다.';
             echo "<script type='text/javascript'>alert('" . $msg . "');</script>";
         }
     }
     foreach ($mb_ids as $mb_id) {
         $this->Member_model->list_update($mb_id, $mb_levels[$mb_id]);
     }
     goto_url(URL);
 }
Пример #15
0
 function form($w = '', $ma_id = '')
 {
     $this->load->library('form_validation');
     $config = array(array('field' => 'ma_subject', 'label' => '제목', 'rules' => 'trim|required'), array('field' => 'ma_content', 'label' => '내용', 'rules' => 'trim|required'));
     $this->form_validation->set_rules($config);
     if ($this->form_validation->run() == FALSE) {
         if (!$w) {
             $title = "입력";
             $ma = FALSE;
         } else {
             if ($w == 'u') {
                 $title = "수정";
                 $ma = $this->Mail_model->get_mail($ma_id, 'ma_id,ma_subject,ma_content');
                 if (!isset($ma['ma_id'])) {
                     alert("등록된 자료가 없습니다.");
                 }
             } else {
                 alert("잘못된 접근입니다.");
             }
         }
         $head = array('title' => '회원메일 ' . $title);
         $data = array('w' => $w, 'ma_id' => $ma['ma_id'], 'subject' => $ma['ma_subject'], 'content' => $ma['ma_content'], 'token' => get_token());
         widget::run('head', $head);
         $this->load->view(ADM_F . '/mail_form', $data);
         widget::run('tail');
     } else {
         check_token();
         $w = $this->input->post('w');
         if (!$w) {
             $this->Mail_model->insert();
         } else {
             if ($w == 'u') {
                 $this->Mail_model->update();
             } else {
                 alert("잘못된 접근입니다.");
             }
         }
         goto_url(ADM_F . '/mail/lists');
     }
 }
Пример #16
0
                    $fg_no = 0;
                }
                if ($fg_no) {
                    sql_query("update {$g5['sms5_form_group_table']} set fg_count = 0 where fg_no = '{$fg_no}'");
                }
                sql_query("delete from {$g5['sms5_form_table']} where fg_no = '{$fg_no}'");
            }
        } else {
            if ($w == 'no') {
                if ($fg_no == 'no') {
                    $fg_no = 0;
                }
                if ($fg_no) {
                    sql_query("update {$g5['sms5_form_group_table']} set fg_count = 0 where fg_no = '{$fg_no}'");
                }
                sql_query("delete from {$g5['sms5_form_table']} where fg_no = '{$fg_no}'");
            } else {
                if (!strlen(trim($fg_name))) {
                    alert('그룹명을 입력해주세요');
                }
                $res = sql_fetch("select fg_name from {$g5['sms5_form_group_table']} where fg_name = '{$fg_name}'");
                if ($res) {
                    alert('같은 그룹명이 존재합니다.');
                }
                sql_query("insert into {$g5['sms5_form_group_table']} set fg_name = '{$fg_name}'");
            }
        }
    }
}
goto_url('./form_group.php');
Пример #17
0
$sub_menu = '100310';
include_once './_common.php';
if ($w == "u" || $w == "d") {
    check_demo();
}
if ($w == 'd') {
    auth_check($auth[$sub_menu], "d");
} else {
    auth_check($auth[$sub_menu], "w");
}
$sql_common = " nw_division = '{$_POST['nw_division']}',\r\n                nw_device = '{$_POST['nw_device']}',\r\n                nw_begin_time = '{$_POST['nw_begin_time']}',\r\n                nw_end_time = '{$_POST['nw_end_time']}',\r\n                nw_disable_hours = '{$_POST['nw_disable_hours']}',\r\n                nw_left = '{$_POST['nw_left']}',\r\n                nw_top = '{$_POST['nw_top']}',\r\n                nw_height = '{$_POST['nw_height']}',\r\n                nw_width = '{$_POST['nw_width']}',\r\n                nw_subject = '{$_POST['nw_subject']}',\r\n                nw_content = '{$_POST['nw_content']}',\r\n                nw_content_html = '{$_POST['nw_content_html']}' ";
if ($w == "") {
    $sql = " insert {$g5['new_win_table']} set {$sql_common} ";
    sql_query($sql);
    $nw_id = mysql_insert_id();
} else {
    if ($w == "u") {
        $sql = " update {$g5['new_win_table']} set {$sql_common} where nw_id = '{$nw_id}' ";
        sql_query($sql);
    } else {
        if ($w == "d") {
            $sql = " delete from {$g5['new_win_table']} where nw_id = '{$nw_id}' ";
            sql_query($sql);
        }
    }
}
if ($w == "d") {
    goto_url('./newwinlist.php');
} else {
    goto_url("./newwinform.php?w=u&amp;nw_id={$nw_id}");
}
Пример #18
0
check_demo();
check_admin_token();
if (!count($_POST['chk'])) {
    alert($_POST['act_button'] . " 하실 항목을 하나 이상 체크하세요.");
}
if ($_POST['act_button'] == "선택수정") {
    auth_check($auth[$sub_menu], 'w');
} else {
    if ($_POST['act_button'] == "선택삭제") {
        auth_check($auth[$sub_menu], 'd');
    } else {
        alert("선택수정이나 선택삭제 작업이 아닙니다.");
    }
}
for ($i = 0; $i < count($_POST['chk']); $i++) {
    $k = $_POST['chk'][$i];
    // 실제 번호를 넘김
    if ($_POST['act_button'] == "선택수정") {
        $sql = "update {$g5['g5_shop_item_use_table']}\r\n                   set is_score   = '{$_POST['is_score'][$k]}',\r\n                       is_confirm = '{$_POST['is_confirm'][$k]}'\r\n                 where is_id      = '{$_POST['is_id'][$k]}' ";
        sql_query($sql);
    } else {
        if ($_POST['act_button'] == "선택삭제") {
            $sql = "delete from {$g5['g5_shop_item_use_table']} where is_id = '{$_POST['is_id'][$k]}' ";
            sql_query($sql);
        }
    }
    update_use_cnt($_POST['it_id'][$k]);
    update_use_avg($_POST['it_id'][$k]);
}
goto_url("./itemuselist.php?sca={$sca}&amp;sst={$sst}&amp;sod={$sod}&amp;sfl={$sfl}&amp;stx={$stx}&amp;page={$page}");
Пример #19
0
    // 쿠키 한달간 저장
    $key = md5($_SERVER['SERVER_ADDR'] . $_SERVER['REMOTE_ADDR'] . $_SERVER['HTTP_USER_AGENT'] . $mb['mb_password']);
    set_cookie('ck_mb_id', $mb['mb_id'], 86400 * 31);
    set_cookie('ck_auto', $key, 86400 * 31);
    // 자동로그인 end ---------------------------
} else {
    set_cookie('ck_mb_id', '', 0);
    set_cookie('ck_auto', '', 0);
}
if ($url) {
    // url 체크
    check_url_host($url);
    $link = urldecode($url);
    // 2003-06-14 추가 (다른 변수들을 넘겨주기 위함)
    if (preg_match("/\\?/", $link)) {
        $split = "&amp;";
    } else {
        $split = "?";
    }
    // $_POST 배열변수에서 아래의 이름을 가지지 않은 것만 넘김
    foreach ($_POST as $key => $value) {
        if ($key != 'mb_id' && $key != 'mb_password' && $key != 'x' && $key != 'y' && $key != 'url') {
            $link .= "{$split}{$key}={$value}";
            $split = "&amp;";
        }
    }
} else {
    $link = G5_URL;
}
goto_url($link);
Пример #20
0
    $name = cut_str($pc_name, $config['cf_cut_name']);
    $mb_id = '';
    if ($member['mb_id']) {
        $mb_id = '(' . $member['mb_id'] . ')';
    }
    // 환경설정의 투표 기타의견 작성시 최고관리자에게 메일발송 사용에 체크되어 있을 경우
    if ($config['cf_email_po_super_admin']) {
        $subject = $po['po_subject'];
        $content = $pc_idea;
        ob_start();
        include_once './poll_etc_update_mail.php';
        $content = ob_get_contents();
        ob_end_clean();
        // 관리자에게 보내는 메일
        $admin = get_admin('super');
        $from_email = $member['mb_email'] ? $member['mb_email'] : $admin['mb_email'];
        mailer($name, $from_email, $admin['mb_email'], '[' . $config['cf_title'] . '] 설문조사 기타의견 메일', $content, 1);
    }
} else {
    if ($w == 'd') {
        if ($member[mb_id] || $is_admin == 'super') {
            $sql = " delete from {$g5[poll_etc_table]} where pc_id = '{$pc_id}' ";
            if (!$is_admin) {
                $sql .= " and mb_id = '{$member['mb_id']}' ";
            }
            sql_query($sql);
        }
    }
}
goto_url('./poll_result.php?po_id=' . $po_id . '&amp;skin_dir=' . $skin_dir);
Пример #21
0
        }
        if (!$is_auth) {
            if ($it['pt_id'] != $member['mb_id']) {
                alert("\\'{$member['mb_id']}\\' 님께서 수정 할 권한이 없는 상품입니다.");
            }
        }
        // 첫번째 분류
        $ca_id = $it['ca_id'];
        $sql = " select * from {$g5['g5_shop_category_table']} where ca_id = '{$ca_id}' ";
        $ca = sql_fetch($sql);
        $ss_name = 'ss_item_' . $it_id;
        if (!get_session($ss_name)) {
            set_session($ss_name, TRUE);
        }
    } else {
        goto_url("./");
    }
}
$qstr = $qstr . '&amp;sca=' . $sca . '&amp;ap=list&amp;page=' . $page;
$frm_submit = '<div class="btn_confirm01 btn_confirm"><input type="submit" value="확인" class="btn_submit" accesskey="s"> <a href="./?' . $qstr . '" class="btn_frmline">목록</a>';
if ($it_id) {
    $frm_submit .= PHP_EOL . '<a href="' . G5_SHOP_URL . '/item.php?it_id=' . $it_id . '" target="blank" class="btn_frmline">보기</a> <a href="./?ap=item" class="btn_frmline">신규</a>';
}
$frm_submit .= '</div>';
include_once $skin_path . '/itemform.skin.php';
// 입력폼 선택
if ($w == "" && !$fn) {
    ?>
	<style>
		.new_win { line-height:1.4; }
		.new_win h1 { line-height:60px; margin:0px; font-weight:bold; }
Пример #22
0
    alert('그룹 ID는 공백없이 영문자, 숫자, _ 만 사용 가능합니다. (10자 이내)');
}
if (!$gr_subject) {
    alert('그룹 제목을 입력하세요.');
}
$sql_common = " gr_subject = '{$_POST['gr_subject']}',\n                gr_device = '{$_POST['gr_device']}',\n                gr_admin  = '{$_POST['gr_admin']}',\n                gr_show_menu  = '{$_POST['gr_show_menu']}',\n                gr_1_subj = '{$_POST['gr_1_subj']}',\n                gr_2_subj = '{$_POST['gr_2_subj']}',\n                gr_3_subj = '{$_POST['gr_3_subj']}',\n                gr_4_subj = '{$_POST['gr_4_subj']}',\n                gr_5_subj = '{$_POST['gr_5_subj']}',\n                gr_6_subj = '{$_POST['gr_6_subj']}',\n                gr_7_subj = '{$_POST['gr_7_subj']}',\n                gr_8_subj = '{$_POST['gr_8_subj']}',\n                gr_9_subj = '{$_POST['gr_9_subj']}',\n                gr_10_subj = '{$_POST['gr_10_subj']}',\n                gr_1 = '{$_POST['gr_1']}',\n                gr_2 = '{$_POST['gr_2']}',\n                gr_3 = '{$_POST['gr_3']}',\n                gr_4 = '{$_POST['gr_4']}',\n                gr_5 = '{$_POST['gr_5']}',\n                gr_6 = '{$_POST['gr_6']}',\n                gr_7 = '{$_POST['gr_7']}',\n                gr_8 = '{$_POST['gr_8']}',\n                gr_9 = '{$_POST['gr_9']}',\n                gr_10 = '{$_POST['gr_10']}' ";
if (isset($_POST['gr_use_access'])) {
    $sql_common .= ", gr_use_access = '{$_POST['gr_use_access']}' ";
} else {
    $sql_common .= ", gr_use_access = '' ";
}
if ($w == '') {
    $sql = " select count(*) as cnt from {$g5['group_table']} where gr_id = '{$_POST['gr_id']}' ";
    $row = sql_fetch($sql);
    if ($row['cnt']) {
        alert('이미 존재하는 그룹 ID 입니다.');
    }
    $sql = " insert into {$g5['group_table']}\n                set gr_id = '{$_POST['gr_id']}',\n                     {$sql_common} ";
    sql_query($sql);
} else {
    if ($w == "u") {
        $sql = " update {$g5['group_table']}\n                set {$sql_common}\n                where gr_id = '{$_POST['gr_id']}' ";
        sql_query($sql);
    } else {
        alert('제대로 된 값이 넘어오지 않았습니다.');
    }
}
// syndication ping
include G5_SYNDI_PATH . '/include/include.adm.boardgroup_form_update.php';
goto_url('./boardgroup_form.php?w=u&amp;gr_id=' . $gr_id . '&amp;' . $qstr);
Пример #23
0
<?php

include_once "./_common.php";
if ($w == "u") {
    $action = "./write.php";
} else {
    if ($w == "d") {
        $action = "./delete.php";
    } else {
        if ($w == "x") {
            $action = "./delete_comment.php";
        } else {
            if ($w == "s") {
                // 패스워드 창에서 로그인 하는 경우 관리자 또는 자신의 글이면 바로 글보기로 감
                if ($is_admin || $member[mb_id] == $write[mb_id] && $write[mb_id]) {
                    goto_url("./board.php?bo_table={$bo_table}&wr_id={$wr_id}");
                } else {
                    $action = "./password_check.php";
                }
            } else {
                alert("w 값이 제대로 넘어오지 않았습니다.");
            }
        }
    }
}
$g4[title] = "패스워드 입력";
$member_skin_path = "{$g4['path']}/skin/member/{$config['cf_member_skin']}";
include_once "{$g4['path']}/head.sub.php";
if ($board[bo_include_head]) {
    @(include $board[bo_include_head]);
}
Пример #24
0
<?php

include_once './_common.php';
if (!$is_member) {
    alert('회원만 이용하실 수 있습니다.');
}
$sql = " delete from {$g5['scrap_table']} where mb_id = '{$member['mb_id']}' and ms_id = '{$ms_id}' ";
sql_query($sql);
goto_url('./scrap.php?page=' . $page);
Пример #25
0
                }
            }
        }
    }
}
$_SESSION['ss_is_mobile'] = $is_mobile;
define('G5_IS_MOBILE', $is_mobile);
if (G5_IS_MOBILE) {
    include_once G5_LIB_PATH . '/mobile.lib.php';
    // 모바일 전용 라이브러리
    $g5['mobile_path'] = G5_PATH . '/' . $g5['mobile_dir'];
}
//==============================================================================
// 4.00.03 : [보안관련] PHPSESSID 가 틀리면 로그아웃한다.
if (isset($_REQUEST['PHPSESSID']) && $_REQUEST['PHPSESSID'] != session_id()) {
    goto_url(G5_BBS_URL . '/logout.php');
}
// QUERY_STRING
$qstr = '';
if (isset($_REQUEST['sca'])) {
    $sca = escape_trim($_REQUEST['sca']);
    if ($sca) {
        $qstr .= '&amp;sca=' . urlencode($sca);
    }
} else {
    $sca = '';
}
if (isset($_REQUEST['sfl'])) {
    $sfl = escape_trim($_REQUEST['sfl']);
    $sfl = preg_replace("/[\\<\\>\\'\"\\%\\=\\(\\)\\s]/", "", $sfl);
    if ($sfl) {
Пример #26
0
        alert("존재하지 않는 그룹입니다.");
    }
    $sql = " select count(*) as cnt\n               from {$g4['group_member_table']}\n              where gr_id = '{$gr_id}'\n                and mb_id = '{$mb_id}' ";
    $row = sql_fetch($sql);
    if ($row[cnt]) {
        alert("이미 등록되어 있는 자료입니다.");
    } else {
        check_token();
        $sql = " insert into {$g4['group_member_table']}\n                    set gr_id       = '{$_POST['gr_id']}',\n                        mb_id       = '{$_POST['mb_id']}',\n                        gm_datetime = '{$g4['time_ymdhis']}' ";
        sql_query($sql);
    }
} else {
    if ($w == 'd' || $w == 'listdelete') {
        auth_check($auth[$sub_menu], "d");
        $sql = " select * from {$g4['group_member_table']} where gm_id = '{$_POST['gm_id']}' ";
        $gm = sql_fetch($sql);
        if (!$gm[gm_id]) {
            alert("존재하지 않는 자료입니다.");
        }
        check_token();
        $gr_id = $gm[gr_id];
        $mb_id = $gm[mb_id];
        $sql = " delete from {$g4['group_member_table']} where gm_id = '{$_POST['gm_id']}' ";
        sql_query($sql);
    }
}
if ($w == 'listdelete') {
    goto_url("./boardgroupmember_list.php?gr_id={$gr_id}");
} else {
    goto_url("./boardgroupmember_form.php?mb_id={$mb_id}");
}
Пример #27
0
}
if (is_checked('chk_all_content_tail')) {
    $all_fields .= " , bo_content_tail = '{$bo_content_tail}' ";
}
if (is_checked('chk_all_mobile_content_head')) {
    $all_fields .= " , bo_mobile_content_head = '{$bo_mobile_content_head}' ";
}
if (is_checked('chk_all_mobile_content_tail')) {
    $all_fields .= " , bo_mobile_content_tail = '{$bo_mobile_content_tail}' ";
}
if (is_checked('chk_all_insert_content')) {
    $all_fields .= " , bo_insert_content = '{$bo_insert_content}' ";
}
if (is_checked('chk_all_use_search')) {
    $all_fields .= " , bo_use_search = '{$bo_use_search}' ";
}
if (is_checked('chk_all_order')) {
    $all_fields .= " , bo_order = '{$bo_order}' ";
}
for ($i = 1; $i <= 10; $i++) {
    if (is_checked('chk_all_' . $i)) {
        $all_fields .= " , bo_{$i}_subj = '" . $_POST['bo_' . $i . '_subj'] . "' ";
        $all_fields .= " , bo_{$i} = '" . $_POST['bo_' . $i] . "' ";
    }
}
if ($all_fields) {
    sql_query(" update {$g5['board_table']} set bo_table = bo_table {$all_fields} ");
}
delete_cache_latest($bo_table);
goto_url("./board_form.php?w=u&bo_table={$bo_table}&amp;{$qstr}");
Пример #28
0
<?php

$sub_menu = "200100";
include_once "./_common.php";
check_demo();
auth_check($auth[$sub_menu], "d");
$mb = get_member($_POST['mb_id']);
if (!$mb[mb_id]) {
    alert("회원자료가 존재하지 않습니다.");
} else {
    if ($member[mb_id] == $mb[mb_id]) {
        alert("로그인 중인 관리자는 삭제 할 수 없습니다.");
    } else {
        if (is_admin($mb[mb_id]) == "super") {
            alert("최고 관리자는 삭제할 수 없습니다.");
        } else {
            if ($mb[mb_level] >= $member[mb_level]) {
                alert("자신보다 권한이 높거나 같은 회원은 삭제할 수 없습니다.");
            }
        }
    }
}
check_token();
// 회원자료 삭제
member_delete($mb[mb_id]);
if ($url) {
    goto_url("{$url}?{$qstr}&w=u&mb_id={$mb_id}");
} else {
    goto_url("./member_list.php?{$qstr}");
}
Пример #29
0
<?php

include_once './_common.php';
if (USE_G5_THEME && defined('G5_THEME_PATH')) {
    require_once G5_SHOP_PATH . '/yc/orderaddress.php';
    return;
}
if (!$is_member) {
    alert_close('회원이시라면 회원로그인 후 이용해 주십시오.');
}
if ($w == 'd') {
    $sql = " delete from {$g5['g5_shop_order_address_table']} where mb_id = '{$member['mb_id']}' and ad_id = '{$ad_id}' ";
    sql_query($sql);
    goto_url($_SERVER['SCRIPT_NAME']);
}
$sql_common = " from {$g5['g5_shop_order_address_table']} where mb_id = '{$member['mb_id']}' ";
$sql = " select count(ad_id) as cnt " . $sql_common;
$row = sql_fetch($sql);
$total_count = $row['cnt'];
$rows = $config['cf_page_rows'];
$total_page = ceil($total_count / $rows);
// 전체 페이지 계산
if ($page < 1) {
    $page = 1;
}
// 페이지가 없으면 첫 페이지 (1 페이지)
$from_record = ($page - 1) * $rows;
// 시작 열을 구함
$sql = " select *\n            {$sql_common}\n            order by ad_default desc, ad_id desc\n            limit {$from_record}, {$rows}";
$result = sql_query($sql);
if (!sql_num_rows($result)) {
Пример #30
0
    if ($w == "u") {
        $sql = " update {$g5['faq_master_table']} {$sql_common} where fm_id = '{$fm_id}' ";
        sql_query($sql);
    } else {
        if ($w == "d") {
            @unlink(G5_DATA_PATH . "/faq/{$fm_id}_h");
            @unlink(G5_DATA_PATH . "/faq/{$fm_id}_t");
            // FAQ삭제
            $sql = " delete from {$g5['faq_master_table']} where fm_id = '{$fm_id}' ";
            sql_query($sql);
            // FAQ상세삭제
            $sql = " delete from {$g5['faq_table']} where fm_id = '{$fm_id}' ";
            sql_query($sql);
        }
    }
}
if ($w == "" || $w == "u") {
    if ($_FILES['fm_himg']['name']) {
        $dest_path = G5_DATA_PATH . "/faq/" . $fm_id . "_h";
        @move_uploaded_file($_FILES['fm_himg']['tmp_name'], $dest_path);
        @chmod($dest_path, G5_FILE_PERMISSION);
    }
    if ($_FILES['fm_timg']['name']) {
        $dest_path = G5_DATA_PATH . "/faq/" . $fm_id . "_t";
        @move_uploaded_file($_FILES['fm_timg']['tmp_name'], $dest_path);
        @chmod($dest_path, G5_FILE_PERMISSION);
    }
    goto_url("./faqmasterform.php?w=u&amp;fm_id={$fm_id}");
} else {
    goto_url("./faqmasterlist.php");
}