From 1976d8baef7e4930a5ef4afd203258aae0093896 Mon Sep 17 00:00:00 2001 From: Lastorder <18280396+Lastorder-DC@users.noreply.github.com> Date: Thu, 16 Jul 2020 10:19:14 +0900 Subject: [PATCH 01/23] =?UTF-8?q?CONTRIBUTING.md=20=EA=B0=B1=EC=8B=A0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - 라이믹스 실행 환경 -> 설치 환경으로 수정(설치 환경이 아닌 경우 지원해야 할 의무는 없습니다) - 설치 환경에 라이믹스 공식 문서 링크 추가 - PHP 5.5 등 오래된 버전을 직접 언급하는 부분 삭제 및 EUC-KR 언급 삭제(사실상 도태되어 제로보드 지원 호스팅 이외 남아있지 않음) - 실행 환경 예시 수정(더이상 PHP 5 버전대를 지원하지 않으므로 예제로 부적합하며 라이믹스 버전 역시 XE의 형태(x.x.x)에서 x.x.x.x로 변경됨에 따라 수정) --- CONTRIBUTING.md | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index bd2b1ab75..358870e40 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -8,22 +8,22 @@ - 무관한 이슈에 댓글을 달지 말아 주십시오. 엉뚱한 사람에게 메일 알림이 전달됩니다. - 2가지 이상 서로 다른 문제가 있는 경우, 각각 이슈를 등록해 주십시오. - 보안 취약점은 공개적으로 언급하지 말고 devops@rhymix.org로 알려 주시면 감사하겠습니다. -- **버그 신고 전 자신의 서버가 Rhymix의 실행 환경을 충족하는지 확인해 주십시오.** - - PHP 5.5 미만, EUC-KR 환경, 퍼미션 오류 등은 호스팅 업체에 문의하셔야 합니다. +- **버그 신고 전 자신의 서버가 Rhymix의 [설치 환경](https://github.com/rhymix/rhymix-docs/blob/master/ko/introduction/requirements.md)을 충족하는지 확인해 주십시오.** - 자신의 서버 환경은 `phpinfo`를 사용하여 확인할 수 있습니다. + - 낮은 PHP 버전, 확장 미설치, 퍼미션 관련 오류는 호스팅 업체에 문의하셔야 합니다. - **버그 신고에는 아래의 내용을 반드시 포함시켜 주십시오.** - 실행 환경 - 호스팅 환경에 대한 간단한 설명 (예: ○○24 리눅스 웹호스팅) - - Rhymix 버전 (예: 1.8.15) - - PHP 버전 (예: 5.6.16) + - Rhymix 버전 (예: 1.9.9.8) + - PHP 버전 (예: 7.2.32) - 브라우저 종류 및 버전 (예: IE 11) - 에러가 발생하는 경우 에러 메시지 전체 - 화면상에 에러가 표시되거나 디자인이 깨져 보이는 경우, 해당 스크린샷 - 브라우저의 개발자도구(F12)에 에러가 표시되는 경우, 콘솔 및 네트워크 탭의 스크린샷 - 증상을 확인해 볼 수 있는 웹사이트 주소 - 내부망이나 로컬 개발환경 등 외부인의 접속이 원천적으로 불가능한 경우가 아니라면 반드시 주소를 남겨 주시기 바랍니다. - - 공개적인 개발을 추구하는 오픈소스 소프트웨어의 특성상, 이슈 해결에 필요한 정보를 공개하지 않는 경우 - 처리가 지연되거나 제3자에게 비용을 지불하고 해결해야 하는 등 불이익이 발생할 수 있습니다. + - 공개적인 개발을 추구하는 오픈소스 소프트웨어의 특성상, 이슈 해결에 필요한 정보를 공개하지 않는 경우 + 처리가 지연되거나 제3자에게 비용을 지불하고 해결해야 하는 등 불이익이 발생할 수 있습니다. ## 풀 리퀘스트(PR) 작성 From 40d8466ec86890e2762d7a25ba2445a3ec2e586a Mon Sep 17 00:00:00 2001 From: BJRambo Date: Mon, 20 Jul 2020 15:58:31 +0900 Subject: [PATCH 02/23] =?UTF-8?q?=ED=9A=8C=EC=9B=90=20=EB=8B=89=EB=84=A4?= =?UTF-8?q?=EC=9E=84=20=EB=B3=80=EA=B2=BD=20=EC=B9=BC=EB=9F=BC=EC=97=90=20?= =?UTF-8?q?=EC=9D=B8=EB=8D=B1=EC=8A=A4=20=EC=B6=94=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- modules/member/member.class.php | 12 ++++++++++++ modules/member/schemas/member_nickname_log.xml | 8 ++++---- 2 files changed, 16 insertions(+), 4 deletions(-) diff --git a/modules/member/member.class.php b/modules/member/member.class.php index 6664176e8..560d65080 100644 --- a/modules/member/member.class.php +++ b/modules/member/member.class.php @@ -225,6 +225,10 @@ class member extends ModuleObject { // Check scrap folder table if(!$oDB->isColumnExists("member_scrap", "folder_srl")) return true; + + if(!$oDB->isIndexExists('member_nickname_log', 'idx_before_nick_name')) return true; + if(!$oDB->isIndexExists('member_nickname_log', 'idx_after_nick_name')) return true; + if(!$oDB->isIndexExists('member_nickname_log', 'idx_user_id')) return true; $oModuleModel = getModel('module'); $config = $oModuleModel->getModuleConfig('member'); @@ -439,6 +443,14 @@ class member extends ModuleObject { $oDB->addIndex("member_scrap","idx_folder_srl", array("folder_srl")); } + // Add to index in member nickname log table. 2020. 07 .20 @BJRambo + if(!$oDB->isIndexExists('member_nickname_log', 'idx_before_nick_name')) + { + $oDB->addIndex('member_nickname_log', 'idx_before_nick_name', array('before_nick_name')); + $oDB->addIndex('member_nickname_log', 'idx_after_nick_name', array('after_nick_name')); + $oDB->addIndex('member_nickname_log', 'idx_user_id', array('user_id')); + } + $oModuleModel = getModel('module'); $config = $oModuleModel->getModuleConfig('member'); $changed = false; diff --git a/modules/member/schemas/member_nickname_log.xml b/modules/member/schemas/member_nickname_log.xml index ea44dc3f5..347b9a511 100644 --- a/modules/member/schemas/member_nickname_log.xml +++ b/modules/member/schemas/member_nickname_log.xml @@ -1,7 +1,7 @@ - - - + + + - +
From 221b70bf7e8c08adad09f1dfbc5628be4522e83a Mon Sep 17 00:00:00 2001 From: BJRambo Date: Wed, 22 Jul 2020 16:54:42 +0900 Subject: [PATCH 03/23] =?UTF-8?q?=ED=9A=8C=EC=9B=90=20=EB=8B=89=EB=84=A4?= =?UTF-8?q?=EC=9E=84=20=EB=B3=80=EA=B2=BD=20=EA=B8=B0=EB=A1=9D=EC=97=90=20?= =?UTF-8?q?=EA=B2=80=EC=83=89=EC=98=B5=EC=85=98=20=EC=B6=94=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- modules/member/lang/ko.php | 1 + modules/member/member.model.php | 38 ++++++++++++++++++- .../queries/getMemberModifyNickName.xml | 3 ++ modules/member/tpl/nick_name_log.html | 13 +++++++ 4 files changed, 53 insertions(+), 2 deletions(-) diff --git a/modules/member/lang/ko.php b/modules/member/lang/ko.php index a1b10736d..6fb2a4485 100644 --- a/modules/member/lang/ko.php +++ b/modules/member/lang/ko.php @@ -367,3 +367,4 @@ $lang->scrap_folder_create = '폴더 추가'; $lang->scrap_folder_rename = '이름 변경'; $lang->scrap_folder_delete = '삭제'; $lang->member_unauthenticated = '미인증'; +$lang->member_number = '회원 번호'; diff --git a/modules/member/member.model.php b/modules/member/member.model.php index 82c16d4bf..151bf980b 100644 --- a/modules/member/member.model.php +++ b/modules/member/member.model.php @@ -1247,10 +1247,44 @@ class memberModel extends member function getMemberModifyNicknameLog($page = 1, $member_srl = null) { + $search_keyword = Context::get('search_keyword'); + $search_target = Context::get('search_target'); + + // $this->user 에 재대로 된 회원 정보가 들어 가지 않음. + $logged_info = Context::get('logged_info'); + $args = new stdClass(); - $args->member_srl = $member_srl; $args->page = $page; - $output = executeQueryArray('member.getMemberModifyNickName', $args); + if($logged_info->is_admin == 'Y') + { + if($search_keyword && $search_keyword) + { + switch ($search_target) + { + case "before": + $args->before_nick_name = $search_keyword; + break; + case "after": + $args->after_nick_name = $search_keyword; + break; + case "user_id": + if($search_keyword) $search_keyword = str_replace(' ','%',$search_keyword); + $args->user_id = $search_keyword; + break; + case "member_srl": + $args->member_srl = intval($search_keyword); + break; + default: + break; + } + $output = executeQuery('member.getMemberModifyNickName', $args); + + return $output; + } + } + + $args->member_srl = $member_srl; + $output = executeQuery('member.getMemberModifyNickName', $args); return $output; } diff --git a/modules/member/queries/getMemberModifyNickName.xml b/modules/member/queries/getMemberModifyNickName.xml index ded6b8b64..46a9ba2bd 100644 --- a/modules/member/queries/getMemberModifyNickName.xml +++ b/modules/member/queries/getMemberModifyNickName.xml @@ -7,6 +7,9 @@ + + + diff --git a/modules/member/tpl/nick_name_log.html b/modules/member/tpl/nick_name_log.html index 5e76c71ef..f113402f7 100644 --- a/modules/member/tpl/nick_name_log.html +++ b/modules/member/tpl/nick_name_log.html @@ -27,6 +27,19 @@ + +
+ + + + +
+
    From d8a340a90e13138602741f8c923b6a0246238996 Mon Sep 17 00:00:00 2001 From: BJRambo Date: Wed, 22 Jul 2020 23:18:44 +0900 Subject: [PATCH 04/23] =?UTF-8?q?Fix=20#1362=20=ED=8F=AC=EC=9D=B8=ED=8A=B8?= =?UTF-8?q?=20=EB=AA=A8=EB=93=88=EC=9D=84=20=EC=82=AC=EC=9A=A9=ED=95=98?= =?UTF-8?q?=EC=A7=80=20=EC=95=8A=EC=95=84=EB=8F=84=20=ED=95=98=EB=8B=A8?= =?UTF-8?q?=EC=97=90=20=EC=84=A4=EC=A0=95=EC=9D=B4=20=EB=9C=A8=EB=8A=94=20?= =?UTF-8?q?=EB=AC=B8=EC=A0=9C=20=EA=B3=A0=EC=B9=A8?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- modules/point/tpl/config.html | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/modules/point/tpl/config.html b/modules/point/tpl/config.html index fdedc7b78..2ad9ce6b3 100644 --- a/modules/point/tpl/config.html +++ b/modules/point/tpl/config.html @@ -237,3 +237,19 @@

    + From 8727294d1a78fd45538178da729e616f38e20db6 Mon Sep 17 00:00:00 2001 From: BJRambo Date: Wed, 22 Jul 2020 23:42:29 +0900 Subject: [PATCH 05/23] =?UTF-8?q?Revert=20"Fix=20#1362=20=ED=8F=AC?= =?UTF-8?q?=EC=9D=B8=ED=8A=B8=20=EB=AA=A8=EB=93=88=EC=9D=84=20=EC=82=AC?= =?UTF-8?q?=EC=9A=A9=ED=95=98=EC=A7=80=20=EC=95=8A=EC=95=84=EB=8F=84=20?= =?UTF-8?q?=ED=95=98=EB=8B=A8=EC=97=90=20=EC=84=A4=EC=A0=95=EC=9D=B4=20?= =?UTF-8?q?=EB=9C=A8=EB=8A=94=20=EB=AC=B8=EC=A0=9C=20=EA=B3=A0=EC=B9=A8"?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This reverts commit d8a340a90e13138602741f8c923b6a0246238996. --- modules/point/tpl/config.html | 16 ---------------- 1 file changed, 16 deletions(-) diff --git a/modules/point/tpl/config.html b/modules/point/tpl/config.html index 2ad9ce6b3..fdedc7b78 100644 --- a/modules/point/tpl/config.html +++ b/modules/point/tpl/config.html @@ -237,19 +237,3 @@

    - From 5a66bcab8227e930c49e32c461780c12a275d24b Mon Sep 17 00:00:00 2001 From: BJRambo Date: Wed, 22 Jul 2020 23:44:49 +0900 Subject: [PATCH 06/23] =?UTF-8?q?Fix=20#1362=20=ED=8F=AC=EC=9D=B8=ED=8A=B8?= =?UTF-8?q?=EB=AA=A8=EB=93=88=EC=9D=84=20=EC=82=AC=EC=9A=A9=ED=95=98?= =?UTF-8?q?=EC=A7=80=20=EC=95=8A=EB=8D=94=EB=9D=BC=EB=8F=84=20=EC=84=A4?= =?UTF-8?q?=EC=A0=95=EA=B0=92=EC=9D=80=20=EC=A0=80=EC=9E=A5=ED=95=A0=20?= =?UTF-8?q?=EC=88=98=20=EC=9E=88=EB=8F=84=EB=A1=9D=20=EA=B0=9C=EC=84=A0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 변경점이 많습니다. 크게 변경한 점은 없고 if($args->able_module == 'Y') 안에서 동작하는 $config 변수들을 전부 if문 밖으로 빼내서 설정을 저장하도록 하였습니다. 설정 저장을 테스트 해봤으며 큰 문제 없어 보입니다. --- modules/point/point.admin.controller.php | 209 ++++++++++++----------- 1 file changed, 105 insertions(+), 104 deletions(-) diff --git a/modules/point/point.admin.controller.php b/modules/point/point.admin.controller.php index c88d96d0e..a2cd3488b 100644 --- a/modules/point/point.admin.controller.php +++ b/modules/point/point.admin.controller.php @@ -37,110 +37,6 @@ class pointAdminController extends point //module IO config is on $config->able_module = 'Y'; - - // Check the point name - $config->point_name = $args->point_name; - if(!$config->point_name) - { - $config->point_name = 'point'; - } - - // Specify the default points - $config->signup_point = (int)$args->signup_point; - $config->login_point = (int)$args->login_point; - $config->insert_document = (int)$args->insert_document; - $config->insert_comment = (int)$args->insert_comment; - $config->upload_file = (int)$args->upload_file; - $config->download_file = (int)$args->download_file; - $config->read_document = (int)$args->read_document; - $config->voter = (int)$args->voter; - $config->blamer = (int)$args->blamer; - $config->voted = (int)$args->voted; - $config->blamed = (int)$args->blamed; - $config->download_file_author = (int)$args->download_file_author; - $config->read_document_author = (int)$args->read_document_author; - $config->voter_comment = (int)$args->voter_comment; - $config->blamer_comment = (int)$args->blamer_comment; - $config->voted_comment = (int)$args->voted_comment; - $config->blamed_comment = (int)$args->blamed_comment; - - // Specify notice exceptions - $config->read_document_except_notice = ($args->read_document_except_notice === 'Y'); - $config->read_document_author_except_notice = ($args->read_document_author_except_notice === 'Y'); - - // Specify revert on delete - $config->insert_document_revert_on_delete = ($args->insert_document_revert_on_delete === 'Y'); - $config->insert_comment_revert_on_delete = ($args->insert_comment_revert_on_delete === 'Y'); - $config->upload_file_revert_on_delete = ($args->upload_file_revert_on_delete === 'Y'); - - // Specify time limits - $config->insert_comment_limit = $config->no_point_date = (int)$args->insert_comment_limit; - $config->read_document_limit = (int)$args->read_document_limit; - $config->voter_limit = (int)$args->voter_limit; - $config->blamer_limit = (int)$args->blamer_limit; - $config->voted_limit = (int)$args->voted_limit; - $config->blamed_limit = (int)$args->blamed_limit; - $config->read_document_author_limit = (int)$args->read_document_author_limit; - $config->voter_comment_limit = (int)$args->voter_comment_limit; - $config->blamer_comment_limit = (int)$args->blamer_comment_limit; - $config->voted_comment_limit = (int)$args->voted_comment_limit; - $config->blamed_comment_limit = (int)$args->blamed_comment_limit; - - // The highest level - $config->max_level = $args->max_level; - if($config->max_level>1000) $config->max_level = 1000; - if($config->max_level<1) $config->max_level = 1; - - // Set the level icon - $config->level_icon = $args->level_icon; - - // Check if downloads are not allowed - $config->disable_download = ($args->disable_download === 'Y') ? 'Y' : 'N'; - - // Check if reading a document is not allowed - $config->disable_read_document = ($args->disable_read_document === 'Y') ? 'Y' : 'N'; - $config->disable_read_document_except_robots = ($args->disable_read_document_except_robots === 'Y') ? 'Y' : 'N'; - - $oMemberModel = getModel('member'); - $group_list = $oMemberModel->getGroups(); - $config->point_group = array(); - - // Per-level group configurations - foreach($group_list as $group) - { - // Admin group should not be connected to point. - if($group->is_admin == 'Y' || $group->is_default == 'Y') continue; - - $group_srl = $group->group_srl; - - if(isset($args->{'point_group_'.$group_srl})) - { - //if group level is higher than max level, change to max level - if($args->{'point_group_'.$group_srl} > $args->max_level) - { - $args->{'point_group_'.$group_srl} = $args->max_level; - } - - //if group level is lower than 1, change to 1 - if($args->{'point_group_'.$group_srl} && $args->{'point_group_'.$group_srl} < 1) - { - $args->{'point_group_'.$group_srl} = 1; - } - $config->point_group[$group_srl] = $args->{'point_group_'.$group_srl}; - } - } - - $config->group_reset = $args->group_reset; - $config->group_ratchet = $args->group_ratchet; - // Per-level point configurations - unset($config->level_step); - for($i=1;$i<=$config->max_level;$i++) - { - $key = "level_step_".$i; - $config->level_step[$i] = (int)$args->{$key}; - } - // A function to calculate per-level points - $config->expression = $args->expression; } else { @@ -150,6 +46,111 @@ class pointAdminController extends point // Delete Triggers $oModuleController->deleteModuleTriggers('point'); } + + // Check the point name + $config->point_name = $args->point_name; + if(!$config->point_name) + { + $config->point_name = 'point'; + } + + // Specify the default points + $config->signup_point = (int)$args->signup_point; + $config->login_point = (int)$args->login_point; + $config->insert_document = (int)$args->insert_document; + $config->insert_comment = (int)$args->insert_comment; + $config->upload_file = (int)$args->upload_file; + $config->download_file = (int)$args->download_file; + $config->read_document = (int)$args->read_document; + $config->voter = (int)$args->voter; + $config->blamer = (int)$args->blamer; + $config->voted = (int)$args->voted; + $config->blamed = (int)$args->blamed; + $config->download_file_author = (int)$args->download_file_author; + $config->read_document_author = (int)$args->read_document_author; + $config->voter_comment = (int)$args->voter_comment; + $config->blamer_comment = (int)$args->blamer_comment; + $config->voted_comment = (int)$args->voted_comment; + $config->blamed_comment = (int)$args->blamed_comment; + + // Specify notice exceptions + $config->read_document_except_notice = ($args->read_document_except_notice === 'Y'); + $config->read_document_author_except_notice = ($args->read_document_author_except_notice === 'Y'); + + // Specify revert on delete + $config->insert_document_revert_on_delete = ($args->insert_document_revert_on_delete === 'Y'); + $config->insert_comment_revert_on_delete = ($args->insert_comment_revert_on_delete === 'Y'); + $config->upload_file_revert_on_delete = ($args->upload_file_revert_on_delete === 'Y'); + + // Specify time limits + $config->insert_comment_limit = $config->no_point_date = (int)$args->insert_comment_limit; + $config->read_document_limit = (int)$args->read_document_limit; + $config->voter_limit = (int)$args->voter_limit; + $config->blamer_limit = (int)$args->blamer_limit; + $config->voted_limit = (int)$args->voted_limit; + $config->blamed_limit = (int)$args->blamed_limit; + $config->read_document_author_limit = (int)$args->read_document_author_limit; + $config->voter_comment_limit = (int)$args->voter_comment_limit; + $config->blamer_comment_limit = (int)$args->blamer_comment_limit; + $config->voted_comment_limit = (int)$args->voted_comment_limit; + $config->blamed_comment_limit = (int)$args->blamed_comment_limit; + + // The highest level + $config->max_level = $args->max_level; + if($config->max_level>1000) $config->max_level = 1000; + if($config->max_level<1) $config->max_level = 1; + + // Set the level icon + $config->level_icon = $args->level_icon; + + // Check if downloads are not allowed + $config->disable_download = ($args->disable_download === 'Y') ? 'Y' : 'N'; + + // Check if reading a document is not allowed + $config->disable_read_document = ($args->disable_read_document === 'Y') ? 'Y' : 'N'; + $config->disable_read_document_except_robots = ($args->disable_read_document_except_robots === 'Y') ? 'Y' : 'N'; + + $oMemberModel = getModel('member'); + $group_list = $oMemberModel->getGroups(); + $config->point_group = array(); + + // Per-level group configurations + foreach($group_list as $group) + { + // Admin group should not be connected to point. + if($group->is_admin == 'Y' || $group->is_default == 'Y') continue; + + $group_srl = $group->group_srl; + + if(isset($args->{'point_group_'.$group_srl})) + { + //if group level is higher than max level, change to max level + if($args->{'point_group_'.$group_srl} > $args->max_level) + { + $args->{'point_group_'.$group_srl} = $args->max_level; + } + + //if group level is lower than 1, change to 1 + if($args->{'point_group_'.$group_srl} && $args->{'point_group_'.$group_srl} < 1) + { + $args->{'point_group_'.$group_srl} = 1; + } + $config->point_group[$group_srl] = $args->{'point_group_'.$group_srl}; + } + } + + $config->group_reset = $args->group_reset; + $config->group_ratchet = $args->group_ratchet; + // Per-level point configurations + unset($config->level_step); + for($i=1;$i<=$config->max_level;$i++) + { + $key = "level_step_".$i; + $config->level_step[$i] = (int)$args->{$key}; + } + // A function to calculate per-level points + $config->expression = $args->expression; + // Save $oModuleController->insertModuleConfig('point', $config); From 46d7d3e8c44b155bd1c9687c00d486425a05159c Mon Sep 17 00:00:00 2001 From: BJRambo Date: Thu, 23 Jul 2020 16:52:37 +0900 Subject: [PATCH 07/23] =?UTF-8?q?Fix=20#1363=20=ED=9A=8C=EC=9B=90=20?= =?UTF-8?q?=EB=A9=94=EB=AA=A8=EB=A5=BC=20=EB=B9=88=EA=B0=92=EC=9C=BC?= =?UTF-8?q?=EB=A1=9C=20=EC=82=AD=EC=A0=9C=20=EC=95=88=EB=90=98=EB=8A=94=20?= =?UTF-8?q?=EB=AC=B8=EC=A0=9C=20=EA=B3=A0=EC=B9=A8?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- modules/member/member.admin.controller.php | 6 ++++++ modules/member/member.controller.php | 11 +++++++++-- 2 files changed, 15 insertions(+), 2 deletions(-) diff --git a/modules/member/member.admin.controller.php b/modules/member/member.admin.controller.php index fcf1f3b0f..b1dc82b8f 100644 --- a/modules/member/member.admin.controller.php +++ b/modules/member/member.admin.controller.php @@ -112,6 +112,12 @@ class memberAdminController extends member } } + // 실제로 디비쿼리시 빈값이 없다면 해당 쿼리를 무시하고 업데이트 하기 때문에 메모의 내용이 삭제가 되지 않습니다. + if(!$args->description) + { + $args->description = ''; + } + $oMemberController = getController('member'); // Execute insert or update depending on the value of member_srl if(!$args->member_srl) diff --git a/modules/member/member.controller.php b/modules/member/member.controller.php index 37558a00e..ad655d566 100644 --- a/modules/member/member.controller.php +++ b/modules/member/member.controller.php @@ -591,7 +591,7 @@ class memberController extends member throw new Rhymix\Framework\Exceptions\SecurityViolation; } - $oMemberModel = &getModel ('member'); + $oMemberModel = getModel('member'); $config = $oMemberModel->getMemberConfig(); // call a trigger (before) @@ -2764,8 +2764,12 @@ class memberController extends member else { unset($args->is_admin); + unset($args->limit_date); + unset($args->description); if($is_admin == false) + { unset($args->denied); + } if($logged_info->member_srl != $args->member_srl && $is_admin == false) { return new BaseObject(-1, 'msg_invalid_request'); @@ -2966,7 +2970,10 @@ class memberController extends member if(!$args->user_name) $args->user_name = $orgMemberInfo->user_name; if(!$args->user_id) $args->user_id = $orgMemberInfo->user_id; if(!$args->nick_name) $args->nick_name = $orgMemberInfo->nick_name; - if(!$args->description) $args->description = $orgMemberInfo->description; + if($logged_info->is_admin !== 'Y') + { + $args->description = $orgMemberInfo->description; + } if(!$args->birthday) $args->birthday = $orgMemberInfo->birthday; $output = executeQuery('member.updateMember', $args); From d603b6c9660aaa63305fafde40e4c22c0cf235ec Mon Sep 17 00:00:00 2001 From: BJRambo Date: Thu, 23 Jul 2020 16:57:46 +0900 Subject: [PATCH 08/23] =?UTF-8?q?=ED=9A=8C=EC=9B=90=20=EB=A9=94=EB=AA=A8?= =?UTF-8?q?=EA=B0=80=20=EC=84=B8=ED=8C=85=EB=90=98=EC=97=88=EB=8A=94?= =?UTF-8?q?=EC=A7=80=20=EB=AA=85=ED=99=95=ED=95=98=EA=B2=8C=20=EC=84=A4?= =?UTF-8?q?=EC=A0=95=EC=B6=94=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- modules/member/member.admin.controller.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/member/member.admin.controller.php b/modules/member/member.admin.controller.php index b1dc82b8f..7ab17a4f0 100644 --- a/modules/member/member.admin.controller.php +++ b/modules/member/member.admin.controller.php @@ -113,7 +113,7 @@ class memberAdminController extends member } // 실제로 디비쿼리시 빈값이 없다면 해당 쿼리를 무시하고 업데이트 하기 때문에 메모의 내용이 삭제가 되지 않습니다. - if(!$args->description) + if(!isset($args->description)) { $args->description = ''; } From 8ef75ea63f559ad1a3f12ad9b064fcd0fcb3a62d Mon Sep 17 00:00:00 2001 From: Kijin Sung Date: Thu, 23 Jul 2020 20:22:17 +0900 Subject: [PATCH 09/23] Fix $css_content being set to null in iOS --- modules/editor/skins/ckeditor/editor.html | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/modules/editor/skins/ckeditor/editor.html b/modules/editor/skins/ckeditor/editor.html index 6f3998975..750831dd8 100644 --- a/modules/editor/skins/ckeditor/editor.html +++ b/modules/editor/skins/ckeditor/editor.html @@ -26,7 +26,7 @@ var auto_saved_msg = "{$lang->msg_auto_saved}"; {@ $css_file_list[] = $additional_css_url} -{@ $css_content = null } +{@ $css_content = "" } @@ -158,7 +158,7 @@ var auto_saved_msg = "{$lang->msg_auto_saved}"; settings.ckeconfig.removePlugins = (settings.ckeconfig.removePlugins ? (settings.ckeconfig.removePlugins + ',') : '') + 'enterkey'; settings.loadXeComponent = false; var additional_styles = '.cke_wysiwyg_div { padding: 8px !important; }'; - $('head').append('' + additional_styles + css_content.replace(/\.xe_content\.editable/g, '.cke_wysiwyg_div') + ''); + $('head').append('' + additional_styles + String(css_content).replace(/\.xe_content\.editable/g, '.cke_wysiwyg_div') + ''); } From 6c0e3ace1f430c711ea6355d95c37009fe523fd6 Mon Sep 17 00:00:00 2001 From: Kijin Sung Date: Thu, 23 Jul 2020 20:25:00 +0900 Subject: [PATCH 10/23] Fix #1361 always add at least one

    tag --- modules/editor/skins/simpleeditor/js/simpleeditor.js | 3 +++ 1 file changed, 3 insertions(+) diff --git a/modules/editor/skins/simpleeditor/js/simpleeditor.js b/modules/editor/skins/simpleeditor/js/simpleeditor.js index 2cfda25b5..8c064d9e3 100644 --- a/modules/editor/skins/simpleeditor/js/simpleeditor.js +++ b/modules/editor/skins/simpleeditor/js/simpleeditor.js @@ -46,6 +46,9 @@ str = str.replace(/<\/?(\?xml|meta|link|font|span|style|script|noscript|frame|noframes|(?:st1|o):[a-z0-9]+)\b[^>]*?>/ig, ''); str = str.replace(/(id|class|style|on(?:[a-z0-9]+)|Mso(?:[a-z0-9]+))="[^"]*"/ig, ''); str = str.replace(/(<\/?)div(\W)/g, '$1p$2'); + if (!str.match(/<\/?p>/)) { + str = '

    ' + str + '

    '; + } return str; }; From 07a4f57a6f660259fa29568a6c5324957afea0bb Mon Sep 17 00:00:00 2001 From: Kijin Sung Date: Mon, 27 Jul 2020 11:16:55 +0900 Subject: [PATCH 11/23] Fix incorrect option value in editor module config screen --- modules/editor/tpl/admin_index.html | 8 ++++---- modules/editor/tpl/editor_module_config.html | 8 ++++---- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/modules/editor/tpl/admin_index.html b/modules/editor/tpl/admin_index.html index 680d40093..f80b73510 100644 --- a/modules/editor/tpl/admin_index.html +++ b/modules/editor/tpl/admin_index.html @@ -57,7 +57,7 @@ {$lang->guide_editor_toolbar}  

    @@ -86,7 +86,7 @@ {$lang->guide_editor_toolbar}  

    @@ -118,7 +118,7 @@ {$lang->guide_editor_toolbar}  

    @@ -147,7 +147,7 @@ {$lang->guide_editor_toolbar}  

    diff --git a/modules/editor/tpl/editor_module_config.html b/modules/editor/tpl/editor_module_config.html index 9a9a2e769..b9bdf74ca 100644 --- a/modules/editor/tpl/editor_module_config.html +++ b/modules/editor/tpl/editor_module_config.html @@ -49,7 +49,7 @@ {$lang->guide_editor_toolbar}  

    @@ -75,7 +75,7 @@ {$lang->guide_editor_toolbar}  

    @@ -104,7 +104,7 @@ {$lang->guide_editor_toolbar}  

    @@ -130,7 +130,7 @@ {$lang->guide_editor_toolbar}  

    From a9175b1c9dd99e1f1fb9257d228bce7726d6febc Mon Sep 17 00:00:00 2001 From: Kijin Sung Date: Mon, 27 Jul 2020 11:56:28 +0900 Subject: [PATCH 12/23] =?UTF-8?q?reCAPTCHA=20=EC=95=A0=EB=93=9C=EC=98=A8?= =?UTF-8?q?=EC=9D=84=20=EB=A1=9C=EA=B7=B8=EC=9D=B8=20=ED=8F=BC=EC=97=90?= =?UTF-8?q?=EB=8F=84=20=EC=82=AC=EC=9A=A9=ED=95=A0=20=EC=88=98=20=EC=9E=88?= =?UTF-8?q?=EB=8F=84=EB=A1=9D=20=EA=B0=9C=EC=84=A0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- addons/recaptcha/conf/info.xml | 12 ++++++++++++ addons/recaptcha/recaptcha.addon.php | 4 ++++ 2 files changed, 16 insertions(+) diff --git a/addons/recaptcha/conf/info.xml b/addons/recaptcha/conf/info.xml index 5908ba095..e6b0eaa42 100644 --- a/addons/recaptcha/conf/info.xml +++ b/addons/recaptcha/conf/info.xml @@ -26,6 +26,18 @@ Yes + + 아니오 + No + + + + 로그인에 사용 + Use on Login Form + + + Yes + 아니오 No diff --git a/addons/recaptcha/recaptcha.addon.php b/addons/recaptcha/recaptcha.addon.php index 6a75c1e49..816580bb9 100644 --- a/addons/recaptcha/recaptcha.addon.php +++ b/addons/recaptcha/recaptcha.addon.php @@ -24,6 +24,10 @@ elseif ($addon_info->use_signup === 'Y' && preg_match('/^(?:disp|proc)Member(?:S { $enable_captcha = true; } +elseif ($addon_info->use_login === 'Y' && preg_match('/^(?:disp|proc)MemberLogin(?:Form)?/i', $current_action)) +{ + $enable_captcha = true; +} elseif ($addon_info->use_recovery === 'Y' && preg_match('/^(?:disp|proc)Member(?:FindAccount|ResendAuthMail)/i', $current_action)) { $enable_captcha = true; From a87a31a61144c705b3a13f071f0d92669d7db0bd Mon Sep 17 00:00:00 2001 From: Kijin Sung Date: Mon, 27 Jul 2020 12:07:42 +0900 Subject: [PATCH 13/23] Add login form to reCAPTCHA autoinsert list --- addons/recaptcha/recaptcha.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/addons/recaptcha/recaptcha.js b/addons/recaptcha/recaptcha.js index 4cfd3fb0d..a1e5ae1cb 100644 --- a/addons/recaptcha/recaptcha.js +++ b/addons/recaptcha/recaptcha.js @@ -7,7 +7,7 @@ function reCaptchaCallback() { if (recaptcha_instances.size() === 0) { var autoinsert_candidates = $("form").filter(function() { var actinput = $("input[name='act']", this); - if (actinput.size() && actinput.val() && actinput.val().match(/^proc.+(Insert(Document|Comment|)|FindAccount|ResendAuthMail)/i)) { + if (actinput.size() && actinput.val() && actinput.val().match(/^proc.+(Insert(Document|Comment|)|Login|FindAccount|ResendAuthMail)/i)) { return true; } var procfilter = $(this).attr("onsubmit"); From 585e4f41f4af28aa6a8348c7a30ed6e366275c48 Mon Sep 17 00:00:00 2001 From: Kijin Sung Date: Mon, 27 Jul 2020 12:11:06 +0900 Subject: [PATCH 14/23] Add reCAPTCHA placeholders to default member skin --- modules/member/m.skins/default/login_form.html | 3 +++ modules/member/skins/default/login_form.html | 3 +++ 2 files changed, 6 insertions(+) diff --git a/modules/member/m.skins/default/login_form.html b/modules/member/m.skins/default/login_form.html index b4f5d5e3a..396f90ee4 100644 --- a/modules/member/m.skins/default/login_form.html +++ b/modules/member/m.skins/default/login_form.html @@ -15,6 +15,9 @@
+
+ {$captcha} +
diff --git a/modules/member/skins/default/login_form.html b/modules/member/skins/default/login_form.html index f11c6f40e..390bcfa49 100644 --- a/modules/member/skins/default/login_form.html +++ b/modules/member/skins/default/login_form.html @@ -18,6 +18,9 @@
+
+ {$captcha} +
-
+
{$captcha}
From b97ca16b6cb9344f43e0b01a436108cfe082aba0 Mon Sep 17 00:00:00 2001 From: Kijin Sung Date: Mon, 27 Jul 2020 21:57:47 +0900 Subject: [PATCH 16/23] Add .editable class to simpleeditor div --- modules/editor/skins/simpleeditor/editor.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/editor/skins/simpleeditor/editor.html b/modules/editor/skins/simpleeditor/editor.html index 93bf30514..df188c852 100644 --- a/modules/editor/skins/simpleeditor/editor.html +++ b/modules/editor/skins/simpleeditor/editor.html @@ -4,7 +4,7 @@
-
Date: Fri, 31 Jul 2020 13:41:35 +0900 Subject: [PATCH 17/23] Clean up vote cancel functions and ensure consistency between document and comment modules #1367 --- modules/comment/comment.controller.php | 13 ++++++++----- modules/document/document.controller.php | 2 +- 2 files changed, 9 insertions(+), 6 deletions(-) diff --git a/modules/comment/comment.controller.php b/modules/comment/comment.controller.php index f60af2b09..88f2e3e26 100644 --- a/modules/comment/comment.controller.php +++ b/modules/comment/comment.controller.php @@ -162,15 +162,18 @@ class commentController extends comment function updateVotedCountCancel($comment_srl, $oComment, $point) { - $logged_info = Context::get('logged_info'); + if(!$_SESSION['voted_comment'][$comment_srl] && !$this->user->member_srl) + { + return new BaseObject(-1, $point > 0 ? 'failed_voted_canceled' : 'failed_blamed_canceled'); + } // Check if the current user has voted previously. $args = new stdClass; $args->comment_srl = $comment_srl; $args->point = $point; - if($logged_info->member_srl) + if($this->user->member_srl) { - $args->member_srl = $logged_info->member_srl; + $args->member_srl = $this->user->member_srl; } else { @@ -206,7 +209,7 @@ class commentController extends comment $args = new stdClass(); $d_args = new stdClass(); $args->comment_srl = $d_args->comment_srl = $comment_srl; - $d_args->member_srl = $logged_info->member_srl; + $d_args->member_srl = $this->user->member_srl; if ($trigger_obj->update_target === 'voted_count') { $args->voted_count = $trigger_obj->after_point; @@ -221,7 +224,7 @@ class commentController extends comment if(!$d_output->toBool()) return $d_output; //session reset - $_SESSION['voted_comment'][$comment_srl] = false; + unset($_SESSION['voted_comment'][$comment_srl]); // Call a trigger (after) ModuleHandler::triggerCall('comment.updateVotedCountCancel', 'after', $trigger_obj); diff --git a/modules/document/document.controller.php b/modules/document/document.controller.php index af1a4c13d..687d78795 100644 --- a/modules/document/document.controller.php +++ b/modules/document/document.controller.php @@ -273,7 +273,7 @@ class documentController extends document if(!$d_output->toBool()) return $d_output; } // session reset - $_SESSION['voted_document'][$document_srl] = false; + unset($_SESSION['voted_document'][$document_srl]); // Call a trigger (after) ModuleHandler::triggerCall('document.updateVotedCountCancel', 'after', $trigger_obj); From 45c6e423609871c80a45b000db4a9297f75e16eb Mon Sep 17 00:00:00 2001 From: Kijin Sung Date: Fri, 31 Jul 2020 13:54:04 +0900 Subject: [PATCH 18/23] Fix #1368 broken links to www.xpressengine.com --- README.md | 8 ++++---- common/constants.php | 2 +- layouts/default/layout.html | 2 +- layouts/simple_world/layout.html | 2 +- layouts/xedition/demo/welcome_main.html | 4 ++-- modules/importer/lang/es.php | 2 +- modules/importer/lang/ko.php | 2 +- modules/install/tpl/footer.html | 2 +- 8 files changed, 12 insertions(+), 12 deletions(-) diff --git a/README.md b/README.md index 9f043be7f..307be2d77 100644 --- a/README.md +++ b/README.md @@ -4,7 +4,7 @@ Rhymix(라이믹스)는 누구든지 쉽고 자유롭게 독립적인 홈페이지를 만들어 자신을 표현하고 커뮤니티를 키워나갈 수 있도록 돕기 위한 CMS(content management system)입니다. -[XpressEngine](https://www.xpressengine.com) 1.8 버전을 fork(가지치기)하여 진행하는 프로젝트로, +[XpressEngine](https://xe1.xpressengine.com) 1.8 버전을 fork(가지치기)하여 진행하는 프로젝트로, 누구나 무료로 사용할 수 있고 개발에 참여할 수도 있는 자유 소프트웨어(free software)입니다. Rhymix는 "시를 짓다, 운을 맞추다"라는 의미의 "rhyme"과 @@ -62,7 +62,7 @@ Rhymix는 [GNU GPL v2](http://korea.gnu.org/documents/copyleft/gpl.ko.html) 누구나 무료로 사용할 수 있고 개발에 참여할 수도 있습니다. Rhymix는 [NAVER](https://www.navercorp.com/)가 일부 저작권을 가진 -[XpressEngine](https://www.xpressengine.com)의 소스코드에 바탕을 두고 있습니다. +[XpressEngine](https://xe1.xpressengine.com)의 소스코드에 바탕을 두고 있습니다. Rhymix 개발자들이 추가 및 변경한 부분의 저작권은 해당 개발자들에게 있습니다. XpressEngine은 초창기에 GPL을 사용하다가 버전 1.4.0부터 LGPL로 전환했지만, @@ -82,7 +82,7 @@ Rhymix의 소스코드를 수정하거나 확장 기능을 직접 개발하여 Rhymix is a content management system (CMS) for everyone who wants to create independent homepages to express themselves and build their communities easily and freely. -Rhymix is a fork of [XpressEngine](https://www.xpressengine.com) version 1.8 and is free software that anyone can use for free and participate. +Rhymix is a fork of [XpressEngine](https://xe1.xpressengine.com) version 1.8 and is free software that anyone can use for free and participate. Rhymix is a combination of "rhyme" in the sense of "making a poem, adjusting the sound", and "remix" in the sense of "combining, changing". Rhymix cheers everyone who freely creates and/or assembles new things in the Internet space by combining various software and contents. @@ -129,7 +129,7 @@ If you have found a security vulnerability, please let us know at devops@rhymix. Rhymix is a free software licensed under the [GNU GPL v2](https://www.gnu.org/licenses/old-licenses/gpl-2.0.html) or later. Free software is a program that emphasizes the rights and responsibilities of developers and users to participate or use in freedom. -Rhymix is based on the source code of [XpressEngine](https://www.xpressengine.com) ([Github](https://github.com/xpressengine/xe-core/)), which [NAVER](https://www.navercorp.com/) is partly copyrighted free software. +Rhymix is based on the source code of [XpressEngine](https://xe1.xpressengine.com) ([Github](https://github.com/xpressengine/xe-core/)), which is free software partly owned by [NAVER](https://www.navercorp.com/). Rhymix developers have copyrights on the added and modified code. XpressEngine has been licensed under the GPL in its early days and switched to LGPL from version 1.4.0, but Rhymix has reverted its licenses to the GPL for further protection of the rights and spirit of free software. diff --git a/common/constants.php b/common/constants.php index 215e7e7fa..3fe113e16 100644 --- a/common/constants.php +++ b/common/constants.php @@ -141,7 +141,7 @@ define('__ZBXE_VERSION__', RX_VERSION); define('_XE_PATH_', RX_BASEDIR); define('_XE_PACKAGE_', 'XE'); define('_XE_LOCATION_', 'en'); -define('_XE_LOCATION_SITE_', 'https://www.xpressengine.com/'); +define('_XE_LOCATION_SITE_', 'https://xe1.xpressengine.com/'); define('_XE_DOWNLOAD_SERVER_', 'https://download.xpressengine.com/'); define('__DEBUG__', 0); diff --git a/layouts/default/layout.html b/layouts/default/layout.html index 736d8e5b5..184f1fde3 100644 --- a/layouts/default/layout.html +++ b/layouts/default/layout.html @@ -104,6 +104,6 @@
-

Powered by XE.

+

Powered by Rhymix

{$layout_info->FOOTER}

diff --git a/layouts/simple_world/layout.html b/layouts/simple_world/layout.html index 4096eeb86..c27d5057d 100644 --- a/layouts/simple_world/layout.html +++ b/layouts/simple_world/layout.html @@ -166,7 +166,7 @@
    • -

    Powered by Rhymix.

    +

    Powered by Rhymix

    {$layout_info->FOOTER}

    \ No newline at end of file diff --git a/layouts/xedition/demo/welcome_main.html b/layouts/xedition/demo/welcome_main.html index 09134c037..4fe257a4b 100644 --- a/layouts/xedition/demo/welcome_main.html +++ b/layouts/xedition/demo/welcome_main.html @@ -114,9 +114,9 @@

    도움이 필요할 때에는 전문가들과 이야기할 수 있습니다.

  • - DOWNLOAD + DOWNLOAD

    DOWNLOAD

    -

    Rhymix 자료실을 통해 나만의 홈페이지를 만들어보세요.

    +

    자료실을 통해 나만의 홈페이지를 만들어보세요.

  • GITHUB diff --git a/modules/importer/lang/es.php b/modules/importer/lang/es.php index a7a65d535..dddc31ca2 100644 --- a/modules/importer/lang/es.php +++ b/modules/importer/lang/es.php @@ -33,6 +33,6 @@ $lang->about_ttxml_user_id = 'Por favor, de entrada ID de usuario establecer com $lang->about_type_module = 'Seleccione esta opción si estas transfeririendo información del documento de los tableros'; $lang->about_type_syncmember = 'Seleccione esta opción cuando tenga que sincronizar la información del usuario luego de haber transferido la información del usuario y del artículo.'; $lang->about_importer = 'Es posible trasferir los datos de Zeroboard4, zb5beta o de otros programas a Rhymix. -Para la transferencia debe utilizar XML Exporter para transformar los datos en archivo XML, y luego subir ese archivo.'; +Para la transferencia debe utilizar XML Exporter para transformar los datos en archivo XML, y luego subir ese archivo.'; $lang->about_target_path = 'Para descargar los archivos adjuntos de ZeroBoard4, ingresa la ubicación de ZeroBoard4 instalado. Si esta en el mismo servidor escriba la ubicación de ZeroBoard4 como por ejemplo: /home/ID/public_html/bbs o si esta en otro servidor escriba la ubicación de ZeroBoard4 instalado como por ejemplo: http://dominio/bbs'; diff --git a/modules/importer/lang/ko.php b/modules/importer/lang/ko.php index 5b1b85fec..d15b13bbe 100644 --- a/modules/importer/lang/ko.php +++ b/modules/importer/lang/ko.php @@ -48,7 +48,7 @@ $lang->about_type_ttxml = '데이터 이전 대상이 TTXML(textcube계열)일 $lang->about_ttxml_user_id = '글쓴이로 설정할 사용자 아이디를 입력해주세요. (가입된 아이디만 가능)'; $lang->about_type_module = '데이터 이전 대상이 게시판 등의 게시물 정보일 경우 선택해주세요.'; $lang->about_type_syncmember = '회원정보와 게시물정보 등을 이전 후, 회원정보를 동기화해야 할 때 선택해주세요.'; -$lang->about_importer = '다른 프로그램의 데이터를 XML 형식으로 변환 후 업로드하면 Rhymix로 이전할 수 있습니다. XML Exporter를 이용하면 XML파일로 변환할 수 있습니다.'; +$lang->about_importer = '다른 프로그램의 데이터를 XML 형식으로 변환 후 업로드하면 Rhymix로 이전할 수 있습니다. XML Exporter를 이용하면 XML파일로 변환할 수 있습니다.'; $lang->about_target_path = '첨부 파일을 받기 위해 제로보드4가 설치된 위치를 입력해주세요. 같은 서버에 있을 경우 /home/아이디/public_html/bbs 등과 같이 제로보드4의 위치를 입력하고 다른 서버일 경우 http:도메인/bbs 처럼 제로보드4가 설치된 곳의 url을 입력해주세요.'; diff --git a/modules/install/tpl/footer.html b/modules/install/tpl/footer.html index 4e5b58830..e8fa93043 100644 --- a/modules/install/tpl/footer.html +++ b/modules/install/tpl/footer.html @@ -6,7 +6,7 @@
    • From d9a63c30ce4fa8c92a5231c16ba7de0b21908b01 Mon Sep 17 00:00:00 2001 From: Kijin Sung Date: Fri, 31 Jul 2020 14:58:11 +0900 Subject: [PATCH 19/23] Remove problematic special characters in utf8_clean() --- common/functions.php | 25 ++++++++++++++++++------- 1 file changed, 18 insertions(+), 7 deletions(-) diff --git a/common/functions.php b/common/functions.php index 1100a75f5..71ac287ef 100644 --- a/common/functions.php +++ b/common/functions.php @@ -587,22 +587,33 @@ function utf8_check($str) } /** - * Remove BOM and invalid UTF-8 sequences from file content. + * Remove BOM and invalid UTF-8 sequences from text content. * * @param string $str * @return string */ function utf8_clean($str) { - if (strlen($str) >= 3 && substr($str, 0, 3) === "\xEF\xBB\xBF") - { - $str = substr($str, 3); - } - + // Check if the input is a valid UTF-8 string. if (!utf8_check($str)) { $str = @iconv('UTF-8', 'UTF-8//IGNORE', $str); - } + } + + // Normalize the text content. + if (class_exists('Normalizer')) + { + $str = Normalizer::normalize($str, Normalizer::FORM_C); + } + + // Remove BOM. + $str = preg_replace('/\xEF\xBB\xBF/', '', $str); + + // Remove Hangul Filler and RLO character. + $str = preg_replace('/(?:&#(?:8238|x202e|12644|x3164);|\xE3\x85\xA4|\xE2\x80\xAE)/i', '', $str); + + // Remove excessively long sequences (more than 3) of combining diacritical marks. + $str = preg_replace('/(\pM{3})\pM+/u', '$1', $str); return $str; } From a740f395383061b35360aa70c4171d983b1d9695 Mon Sep 17 00:00:00 2001 From: Kijin Sung Date: Fri, 31 Jul 2020 14:58:21 +0900 Subject: [PATCH 20/23] Add unit tests for utf8_clean() --- tests/unit/functions/FunctionsTest.php | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/tests/unit/functions/FunctionsTest.php b/tests/unit/functions/FunctionsTest.php index f9ccc4792..7794f8ea2 100644 --- a/tests/unit/functions/FunctionsTest.php +++ b/tests/unit/functions/FunctionsTest.php @@ -196,6 +196,11 @@ class FunctionsTest extends \Codeception\TestCase\Test $this->assertFalse(utf8_check(iconv('UTF-8', 'EUC-KR', '라이믹스'))); $this->assertFalse(utf8_check(chr(129) . chr(214) . chr(181) . chr(73) . chr(97))); + $this->assertEquals('Hello', utf8_clean("\xEF\xBB\xBF" . 'Hello' . "\xBC\xBC")); + $this->assertEquals('Hello', utf8_clean('Hello‮ㅤ' . "\xE3\x85\xA4\xE2\x80\xAE")); + $this->assertEquals('Hello' . "\xC3\xA9", utf8_clean('Hello' . "e\xCC\x81")); + $this->assertEquals('Hello' . "\xCD\x9D\xCD\x9D\xCD\x9D", utf8_clean('Hello' . "\xCD\x9D\xCD\x9D\xCD\x9D\xCD\x9D\xCD\x9D")); + $this->assertEquals('Emoticon: 😁', utf8_mbencode("Emoticon: \xf0\x9f\x98\x81")); $this->assertEquals('Emoticon: 😜', utf8_mbencode("Emoticon: \xf0\x9f\x98\x9c")); $this->assertEquals('한글은 인코딩하지 않음', utf8_mbencode('한글은 인코딩하지 않음')); From 4c9f2ec3a180975656283137b6ef5b389db2643f Mon Sep 17 00:00:00 2001 From: Kijin Sung Date: Fri, 31 Jul 2020 15:03:24 +0900 Subject: [PATCH 21/23] Fix #769 #1359 remove problematic characters in board module --- modules/board/board.controller.php | 26 ++++++++++++++++++++++++++ modules/board/lang/en.php | 4 ++++ modules/board/lang/ko.php | 2 ++ modules/board/tpl/board_insert.html | 12 ++++++++++++ 4 files changed, 44 insertions(+) diff --git a/modules/board/board.controller.php b/modules/board/board.controller.php index 141bab621..900b71676 100644 --- a/modules/board/board.controller.php +++ b/modules/board/board.controller.php @@ -32,6 +32,23 @@ class boardController extends board $obj->module_srl = $this->module_srl; $obj->commentStatus = $obj->comment_status; + // Remove disallowed Unicode symbols. + if ($this->module_info->filter_specialchars !== 'N') + { + if (isset($obj->title)) + { + $obj->title = utf8_clean($obj->title); + } + if (isset($obj->content)) + { + $obj->content = utf8_clean($obj->content); + } + if (isset($obj->tags)) + { + $obj->tags = utf8_clean($obj->tags); + } + } + // Return error if content is empty. if (is_empty_html_content($obj->content)) { @@ -371,6 +388,15 @@ class boardController extends board $obj = Context::getRequestVars(); $obj->module_srl = $this->module_srl; + // Remove disallowed Unicode symbols. + if ($this->module_info->filter_specialchars !== 'N') + { + if (isset($obj->content)) + { + $obj->content = utf8_clean($obj->content); + } + } + // Return error if content is empty. if (is_empty_html_content($obj->content)) { diff --git a/modules/board/lang/en.php b/modules/board/lang/en.php index 096da04f6..ab1e5541f 100644 --- a/modules/board/lang/en.php +++ b/modules/board/lang/en.php @@ -57,6 +57,8 @@ $lang->about_allow_no_category = 'Allow users to write documents without selecti $lang->protect_content = 'Protect Content'; $lang->protect_comment = 'Protect Comment'; $lang->protect_regdate = 'Update/Delete Time Limit'; +$lang->cancel_vote = 'Vote Cancellation'; +$lang->filter_specialchars = 'Block Abuse of Unicode Symbols'; $lang->document_length_limit = 'Limit Document Size'; $lang->comment_length_limit = 'Limit Comment Size'; $lang->about_document_length_limit = 'Restrict documents that are too large. This limit may be triggered by copying and pasting a web page that contains a lot of unnecessary tags.'; @@ -64,6 +66,8 @@ $lang->about_comment_length_limit = 'Restrict comments that are too large.'; $lang->update_order_on_comment = 'Update Document on New Comment'; $lang->about_update_order_on_comment = 'When a new comment is posted, update the update timestamp of the parent document. This is needed for forums.'; $lang->non_login_vote = 'Allow guest votes'; +$lang->about_cancel_vote = 'Allow users to cancel their votes'; +$lang->about_filter_specialchars = 'Prevent use of excessive Unicode accents, RLO characters, and other symbols that hinder readability.'; $lang->document_force_to_move = 'Delete to Trash'; $lang->about_document_force_to_move = 'When a document is deleted, move to Trash instead of deleting it permamently.'; $lang->about_non_login_vote = 'Allow users who are not logged in to vote on articles.'; diff --git a/modules/board/lang/ko.php b/modules/board/lang/ko.php index 2461eb182..50ea9c2d4 100644 --- a/modules/board/lang/ko.php +++ b/modules/board/lang/ko.php @@ -59,6 +59,7 @@ $lang->protect_content = '글 보호 기능'; $lang->protect_comment = '댓글 보호 기능'; $lang->protect_regdate = '기간 제한 기능'; $lang->cancel_vote = '추천/비추천/신고 취소 허용'; +$lang->filter_specialchars = '유니코드 특수문자 오남용 금지'; $lang->document_length_limit = '문서 길이 제한'; $lang->comment_length_limit = '댓글 길이 제한'; $lang->about_document_length_limit = '지나치게 용량이 큰 글을 작성하지 못하도록 합니다. 지저분한 태그가 많이 붙은 글을 붙여넣기하면 제한을 초과할 수도 있습니다.'; @@ -67,6 +68,7 @@ $lang->update_order_on_comment = '댓글 작성시 글 수정 시각 갱신'; $lang->about_update_order_on_comment = '댓글이 작성되면 해당 글의 수정 시각을 갱신합니다. 포럼형 게시판, 최근 댓글 표시 기능 등에 필요합니다.'; $lang->non_login_vote = '비회원 추천 허용'; $lang->about_cancel_vote = '추천 비추천 신고를 취소할 수 있습니다.'; +$lang->about_filter_specialchars = '가독성에 악영향을 주는 과도한 유니코드 악센트 기호의 조합, RLO 문자 등의 사용을 금지합니다.'; $lang->about_non_login_vote = '로그인하지 않은 방문자도 추천할 수 있도록 합니다.'; $lang->about_protect_regdate = '글이나 댓글을 작성한 후 일정 기간이 지나면 수정 또는 삭제할 수 없도록 합니다. (단위 : day)'; $lang->about_protect_content = '댓글이 달린 글은 수정 또는 삭제할 수 없도록 합니다.'; diff --git a/modules/board/tpl/board_insert.html b/modules/board/tpl/board_insert.html index 919d2421b..36449594a 100644 --- a/modules/board/tpl/board_insert.html +++ b/modules/board/tpl/board_insert.html @@ -330,6 +330,18 @@

    {$lang->about_cancel_vote}

    +
    + +
    + + +

    {$lang->about_filter_specialchars}

    +
    +
    From f07b971e1ebba5f291cbd22b7e55dca418102c3d Mon Sep 17 00:00:00 2001 From: Kijin Sung Date: Fri, 31 Jul 2020 15:03:52 +0900 Subject: [PATCH 22/23] Remove problematic characters in member nickname, etc. #886 --- modules/member/member.admin.controller.php | 2 +- modules/member/member.controller.php | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/modules/member/member.admin.controller.php b/modules/member/member.admin.controller.php index 7ab17a4f0..80934fbee 100644 --- a/modules/member/member.admin.controller.php +++ b/modules/member/member.admin.controller.php @@ -108,7 +108,7 @@ class memberAdminController extends member { if(isset($args->{$val})) { - $args->{$val} = preg_replace('/[\pZ\pC]+/u', '', html_entity_decode($args->{$val})); + $args->{$val} = preg_replace('/[\pZ\pC]+/u', '', utf8_clean(html_entity_decode($args->{$val}))); } } diff --git a/modules/member/member.controller.php b/modules/member/member.controller.php index ad655d566..9a0eb62d4 100644 --- a/modules/member/member.controller.php +++ b/modules/member/member.controller.php @@ -742,7 +742,7 @@ class memberController extends member { if(isset($args->{$val})) { - $args->{$val} = preg_replace('/[\pZ\pC]+/u', '', html_entity_decode($args->{$val})); + $args->{$val} = preg_replace('/[\pZ\pC]+/u', '', utf8_clean(html_entity_decode($args->{$val}))); } } @@ -1040,7 +1040,7 @@ class memberController extends member { if(isset($args->{$val})) { - $args->{$val} = preg_replace('/[\pZ\pC]+/u', '', html_entity_decode($args->{$val})); + $args->{$val} = preg_replace('/[\pZ\pC]+/u', '', utf8_clean(html_entity_decode($args->{$val}))); } } From 750045d095e7a3144e0eb7a93a4c2392e81fc25b Mon Sep 17 00:00:00 2001 From: Kijin Sung Date: Fri, 31 Jul 2020 15:33:46 +0900 Subject: [PATCH 23/23] Add option to disallow symbols in nickname #886 --- modules/member/lang/en.php | 4 +++ modules/member/lang/ko.php | 4 +++ modules/member/member.admin.controller.php | 8 +++++ modules/member/member.controller.php | 34 ++++++++++++++++++++++ modules/member/tpl/default_config.html | 10 +++++++ 5 files changed, 60 insertions(+) diff --git a/modules/member/lang/en.php b/modules/member/lang/en.php index 617688c7b..4cf929649 100644 --- a/modules/member/lang/en.php +++ b/modules/member/lang/en.php @@ -125,6 +125,9 @@ $lang->cmd_member_list = 'Member List'; $lang->cmd_module_config = 'Default Setting'; $lang->cmd_member_group = 'Member Groups'; $lang->cmd_send_mail = 'Send Mail'; +$lang->cmd_modify_nickname_log = 'Nickname Change Log'; +$lang->cmd_nickname_symbols = 'Allow Symbols in Nickname'; +$lang->cmd_nickname_symbols_list = 'Only Allow:'; $lang->cmd_manage_id = 'Prohibited IDs'; $lang->cmd_manage_email_host = 'E-mail provider check'; $lang->cmd_manage_nick_name = 'Prohibited NickNames'; @@ -268,6 +271,7 @@ $lang->msg_feature_deprecated = 'This feature is deprecated.'; $lang->msg_question_not_allowed = 'The administrator has disabled this function.'; $lang->msg_question_not_exists = 'You haven`t set your question for a temporary password.'; $lang->msg_answer_not_matches = 'Your answer for the question is not correct.'; +$lang->msg_invalid_symbol_in_nickname = 'Your nickname contains a disallowed symbol, \'%s\'.'; $lang->change_password_date = 'Password renewal cycle'; $lang->about_change_password_date = 'If you set a value to this, you will be notified to change your password periodically. (If set to 0, disabled)'; $lang->msg_change_password_date = 'You have not changed the password during %s days. For personal information protection, you need to change the password.'; diff --git a/modules/member/lang/ko.php b/modules/member/lang/ko.php index 6fb2a4485..d5afe7b07 100644 --- a/modules/member/lang/ko.php +++ b/modules/member/lang/ko.php @@ -141,6 +141,8 @@ $lang->cmd_view_scrapped_document = '스크랩 보기'; $lang->cmd_view_saved_document = '저장함 보기'; $lang->cmd_send_email = '메일 보내기'; $lang->cmd_modify_nickname_log = '닉네임 변경 기록'; +$lang->cmd_nickname_symbols = '닉네임에 특수문자 허용'; +$lang->cmd_nickname_symbols_list = '다음의 문자만 허용:'; $lang->cmd_member_profile_view = '회원 프로필사진 보이기'; $lang->cmd_allow_duplicate_nickname = '닉네임 중복 허용'; $lang->about_allow_duplicate_nickname = '여러 회원이 동일한 닉네임을 사용하는 것을 허용합니다. 주의: 잘못 사용할 경우 혼란이 발생할 수 있습니다.'; @@ -258,6 +260,7 @@ $lang->about_reset_auth_mail = '현재등록된 이메일 주소는 %s입니다. $lang->about_resend_auth_mail = '가입 인증 메일을 받지 못한 경우 다시 받을 수 있습니다.'; $lang->about_reset_auth_mail_submit = '이메일을 로그인 계정으로 사용할 경우 신규 메일주소로 로그인해야 합니다.'; $lang->about_update_nickname_log = '닉네임 로그를 기록합니다. 이 옵션을 사용하게 되면, 닉네임변경이력을 남기도록 할 수 있습니다.'; +$lang->about_nickname_symbols = '닉네임에 특수문자를 사용할 수 있도록 허용하거나 금지합니다.'; $lang->about_member_profile_view = '관리자 회원목록 페이지에서 프로필 이미지를 볼 수 있는 옵션입니다. 회원목록을 보기 원치 않을 경우에는 아니요를 선택하세요.'; $lang->no_article = '글이 없습니다.'; $lang->find_account_question = '비밀번호 찾기 질문/답변'; @@ -282,6 +285,7 @@ $lang->msg_feature_deprecated = '지원되지 않는 기능입니다.'; $lang->msg_question_not_allowed = '질문/답변을 통한 비밀번호 찾기 기능은 이 사이트에서 사용할 수 없습니다.'; $lang->msg_question_not_exists = '등록한 비밀번호 찾기 질문/답변이 없습니다.'; $lang->msg_answer_not_matches = '비밀번호 찾기 질문/답변 또는 정보가 올바르지 않습니다.'; +$lang->msg_invalid_symbol_in_nickname = '닉네임에 사용할 수 없는 특수문자 \'%s\'가 포함되어 있습니다.'; $lang->change_password_date = '비밀번호 갱신주기'; $lang->about_change_password_date = '일정 기간이 지나면 비밀번호를 변경하도록 유도하는 기능입니다. 사용하지 않으려면 0을 입력하십시오.'; $lang->msg_change_password_date = '%s일 동안 비밀번호를 변경하지 않았습니다. 개인정보 보호를 위하여 비밀번호를 변경해야 합니다.'; diff --git a/modules/member/member.admin.controller.php b/modules/member/member.admin.controller.php index 80934fbee..ff7e50224 100644 --- a/modules/member/member.admin.controller.php +++ b/modules/member/member.admin.controller.php @@ -209,6 +209,8 @@ class memberAdminController extends member 'password_hashing_auto_upgrade', 'password_change_invalidate_other_sessions', 'update_nickname_log', + 'nickname_symbols', + 'nickname_symbols_allowed_list', 'allow_duplicate_nickname', 'member_profile_view' ); @@ -242,6 +244,12 @@ class memberAdminController extends member { $args->password_hashing_auto_upgrade = 'N'; } + + if(!in_array($args->nickname_symbols, ['Y', 'N', 'LIST'])) + { + $args->nickname_symbols = 'Y'; + } + $args->nickname_symbols_allowed_list = utf8_trim($args->nickname_symbols_allowed_list); $oModuleController = getController('module'); $output = $oModuleController->updateModuleConfig('member', $args); diff --git a/modules/member/member.controller.php b/modules/member/member.controller.php index 9a0eb62d4..49b81fb82 100644 --- a/modules/member/member.controller.php +++ b/modules/member/member.controller.php @@ -746,6 +746,23 @@ class memberController extends member } } + // Check symbols in nickname + if($config->nickname_symbols === 'N') + { + if(preg_match('/[^\pL\d]/u', $args->nick_name, $matches)) + { + throw new Rhymix\Framework\Exception(sprintf(lang('msg_invalid_symbol_in_nickname'), escape($matches[0]))); + } + } + elseif($config->nickname_symbols === 'LIST') + { + $list = preg_quote($config->nickname_symbols_allowed_list, '/'); + if(preg_match('/[^\pL\d' . $list . ']/u', $args->nick_name, $matches)) + { + throw new Rhymix\Framework\Exception(sprintf(lang('msg_invalid_symbol_in_nickname'), escape($matches[0]))); + } + } + // Insert member info $output = $this->insertMember($args); if($output instanceof BaseObject && !$output->toBool()) @@ -1044,6 +1061,23 @@ class memberController extends member } } + // Check symbols in nickname + if($config->nickname_symbols === 'N') + { + if(preg_match('/[^\pL\d]/u', $args->nick_name, $matches)) + { + throw new Rhymix\Framework\Exception(sprintf(lang('msg_invalid_symbol_in_nickname'), escape($matches[0]))); + } + } + elseif($config->nickname_symbols === 'LIST') + { + $list = preg_quote($config->nickname_symbols_allowed_list, '/'); + if(preg_match('/[^\pL\d' . $list . ']/u', $args->nick_name, $matches)) + { + throw new Rhymix\Framework\Exception(sprintf(lang('msg_invalid_symbol_in_nickname'), escape($matches[0]))); + } + } + // Execute insert or update depending on the value of member_srl $output = $this->updateMember($args); if(!$output->toBool()) return $output; diff --git a/modules/member/tpl/default_config.html b/modules/member/tpl/default_config.html index f777738a2..590bd6d8f 100644 --- a/modules/member/tpl/default_config.html +++ b/modules/member/tpl/default_config.html @@ -49,6 +49,16 @@

    {$lang->about_update_nickname_log}

    +
    +
    {$lang->cmd_nickname_symbols}
    +
    + + + + +

    {$lang->about_nickname_symbols}

    +
    +