From da3e9714868e4282f6a621e263aba06de155b7cf Mon Sep 17 00:00:00 2001 From: MinSoo Kim Date: Mon, 18 Jul 2016 01:56:11 +0900 Subject: [PATCH 01/45] Create Photoswipe escape class MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Set 'rx-escape' as a escape class for images to escape photoswipe addon. * `rx-escape` 라는 class 를 가진 이미지는 포토스와이프 애드온으로 포토스와이프 되지 않습니다. --- addons/photoswipe/rx_photoswipe.js | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/addons/photoswipe/rx_photoswipe.js b/addons/photoswipe/rx_photoswipe.js index 4dbf8bf7c..6e7b177e8 100644 --- a/addons/photoswipe/rx_photoswipe.js +++ b/addons/photoswipe/rx_photoswipe.js @@ -217,8 +217,13 @@ var initPhotoSwipeFromDOM = function(gallerySelector) { // do not activate PhotoSwipe at the editor-component or other module components var regx_skip = /(?:(modules|addons|classes|common|layouts|libs|widgets|widgetstyles)\/)/i; var regx_allow_i6pngfix = /(?:common\/tpl\/images\/blank\.gif$)/i; + var ps_skip_class = 'rx-escape'; var galleryImgEls = $(galleryElements[i]).find('img'); for(var j = 0, jl = galleryImgEls.length; j < jl; j++) { + // if the item has skip class, skip it. + if($(galleryImgEls[j]).hasClass(ps_skip_class)) continue; + + // skip components if(regx_skip.test($(galleryImgEls[j]).attr('src')) && !regx_allow_i6pngfix.test($(galleryImgEls[j]).attr('src'))) continue; //$(galleryImgEls[j]).attr('data-pswp-uid', i+1); From c71b90b2d658ab02d197a8a4a2c37b0501669378 Mon Sep 17 00:00:00 2001 From: Kijin Sung Date: Mon, 18 Jul 2016 21:34:53 +0900 Subject: [PATCH 02/45] Fix error when writing an empty file --- common/framework/storage.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/common/framework/storage.php b/common/framework/storage.php index 88367e8bc..14ecce436 100644 --- a/common/framework/storage.php +++ b/common/framework/storage.php @@ -256,17 +256,17 @@ class Storage flock($fp, \LOCK_EX); if (is_resource($content)) { - $result = stream_copy_to_stream($content, $fp) ? true : false; + $result = stream_copy_to_stream($content, $fp); } else { - $result = fwrite($fp, $content) ? true : false; + $result = fwrite($fp, $content); } fflush($fp); flock($fp, \LOCK_UN); fclose($fp); - if (!$result) + if ($result === false) { trigger_error('Cannot write file: ' . (isset($original_filename) ? $original_filename : $filename), \E_USER_WARNING); return false; @@ -303,7 +303,7 @@ class Storage } clearstatcache(true, $filename); - return $result; + return true; } /** From 102f96207a140aa811a1baa4b9c16e5d19954b09 Mon Sep 17 00:00:00 2001 From: Kijin Sung Date: Mon, 18 Jul 2016 21:44:30 +0900 Subject: [PATCH 03/45] Add unit tests for writing empty files --- tests/unit/framework/StorageTest.php | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/tests/unit/framework/StorageTest.php b/tests/unit/framework/StorageTest.php index d7dd46ddb..3634c7ce9 100644 --- a/tests/unit/framework/StorageTest.php +++ b/tests/unit/framework/StorageTest.php @@ -167,6 +167,20 @@ class StorageTest extends \Codeception\TestCase\Test $this->assertEquals('foobarbazzjazzrhymixfoobarbazzjazzrhymixrhymix', file_get_contents($copyfile)); fclose($stream); + // Empty file write test + $this->assertTrue(Rhymix\Framework\Storage::write($testfile . '1', '')); + $this->assertTrue(file_exists($testfile . '1')); + $this->assertEquals(0, filesize($testfile . '1')); + $this->assertEmpty(0, glob($testfile . '1.tmp.*')); + + // Empty stream copy test + $stream = fopen('php://temp', 'r'); + $this->assertTrue(Rhymix\Framework\Storage::write($testfile . '2', $stream)); + $this->assertTrue(file_exists($testfile . '2')); + $this->assertEquals(0, filesize($testfile . '2')); + $this->assertEmpty(0, glob($testfile . '2.tmp.*')); + fclose($stream); + // Umask test if (strncasecmp(\PHP_OS, 'Win', 3) !== 0) { From a8de6048ac4cdd298459b3cf07bd972b49432418 Mon Sep 17 00:00:00 2001 From: Min-Soo Kim Date: Tue, 19 Jul 2016 23:34:47 +0900 Subject: [PATCH 04/45] Add Photoswipe controllable classes, escape parents (#551) 1. Escape photoswipe - `.rx-escape` - `.photoswipe-escape` 2. No caption - `.photoswipe-no-caption` 3. if the img is a child of `a, pre, xml, textarea, input, select, option, code, script, style, iframe, button, img, embed, object, ins`, then escape photoswipe. --- addons/photoswipe/rx_photoswipe.js | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/addons/photoswipe/rx_photoswipe.js b/addons/photoswipe/rx_photoswipe.js index 6e7b177e8..24096a8b4 100644 --- a/addons/photoswipe/rx_photoswipe.js +++ b/addons/photoswipe/rx_photoswipe.js @@ -41,11 +41,12 @@ var initPhotoSwipeFromDOM = function(gallerySelector) { pid: $(imgEl).attr('data-pswp-pid') }; - if(imgEl.alt) { + var ps_skip_alt_class = '.photoswipe-no-caption'; + if(imgEl.alt && !$(imgEl).is(ps_skip_alt_class)) { item.title = imgEl.alt; } - if(imgEl.title) { + if(imgEl.title && !$(imgEl).is(ps_skip_alt_class)) { item.title = imgEl.title; } @@ -217,15 +218,19 @@ var initPhotoSwipeFromDOM = function(gallerySelector) { // do not activate PhotoSwipe at the editor-component or other module components var regx_skip = /(?:(modules|addons|classes|common|layouts|libs|widgets|widgetstyles)\/)/i; var regx_allow_i6pngfix = /(?:common\/tpl\/images\/blank\.gif$)/i; - var ps_skip_class = 'rx-escape'; + var ps_skip_class = '.rx-escape, .photoswipe-escape'; + var ps_skip_elements = 'a, pre, xml, textarea, input, select, option, code, script, style, iframe, button, img, embed, object, ins'; var galleryImgEls = $(galleryElements[i]).find('img'); for(var j = 0, jl = galleryImgEls.length; j < jl; j++) { - // if the item has skip class, skip it. - if($(galleryImgEls[j]).hasClass(ps_skip_class)) continue; + // if the item has skip class(es), skip it. + if($(galleryImgEls[j]).is(ps_skip_class)) continue; // skip components if(regx_skip.test($(galleryImgEls[j]).attr('src')) && !regx_allow_i6pngfix.test($(galleryImgEls[j]).attr('src'))) continue; + // if the image is an item of some elements, skip it. + if($(galleryImgEls[j]).parent(ps_skip_elements).length > 0) continue; + //$(galleryImgEls[j]).attr('data-pswp-uid', i+1); $(galleryImgEls[j]).attr('data-pswp-pid', j+1); From 1cd544fb959a5613b1ef85b41580e9699e21bc7a Mon Sep 17 00:00:00 2001 From: Kijin Sung Date: Thu, 21 Jul 2016 14:38:10 +0900 Subject: [PATCH 05/45] Prevent deleted groups from being included in level integration --- modules/point/point.admin.controller.php | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/modules/point/point.admin.controller.php b/modules/point/point.admin.controller.php index 3754bfab5..59f5c825f 100644 --- a/modules/point/point.admin.controller.php +++ b/modules/point/point.admin.controller.php @@ -71,7 +71,8 @@ class pointAdminController extends point $oMemberModel = getModel('member'); $group_list = $oMemberModel->getGroups(); - + $config->point_group = array(); + // Per-level group configurations foreach($group_list as $group) { @@ -95,10 +96,6 @@ class pointAdminController extends point } $config->point_group[$group_srl] = $args->{'point_group_'.$group_srl}; } - else - { - unset($config->point_group[$group_srl]); - } } $config->group_reset = $args->group_reset; From bb037427ae3cf68a8c8173ddf9c9c85c7cc90165 Mon Sep 17 00:00:00 2001 From: Kijin Sung Date: Fri, 22 Jul 2016 16:02:38 +0900 Subject: [PATCH 06/45] Add triggers for member.insertGroup, member.updateGroup, member.deleteGroup --- modules/member/member.admin.controller.php | 40 +++++++++++++++++++++- 1 file changed, 39 insertions(+), 1 deletion(-) diff --git a/modules/member/member.admin.controller.php b/modules/member/member.admin.controller.php index df1ea43dc..e8d6da225 100644 --- a/modules/member/member.admin.controller.php +++ b/modules/member/member.admin.controller.php @@ -1172,6 +1172,14 @@ class memberAdminController extends member function insertGroup($args) { if(!$args->site_srl) $args->site_srl = 0; + + // Call trigger (before) + $trigger_output = ModuleHandler::triggerCall('member.insertGroup', 'before', $args); + if(!$trigger_output->toBool()) + { + return $trigger_output; + } + // Check the value of is_default. if($args->is_default != 'Y') { @@ -1193,6 +1201,9 @@ class memberAdminController extends member $output = executeQuery('member.insertGroup', $args); $this->_deleteMemberGroupCache($args->site_srl); + // Call trigger (after) + ModuleHandler::triggerCall('member.insertGroup', 'after', $args); + return $output; } @@ -1204,8 +1215,16 @@ class memberAdminController extends member function updateGroup($args) { if(!$args->site_srl) $args->site_srl = 0; - // Check the value of is_default. if(!$args->group_srl) return new Object(-1, 'lang->msg_not_founded'); + + // Call trigger (before) + $trigger_output = ModuleHandler::triggerCall('member.updateGroup', 'before', $args); + if(!$trigger_output->toBool()) + { + return $trigger_output; + } + + // Check the value of is_default. if($args->is_default!='Y') { $args->is_default = 'N'; @@ -1218,6 +1237,10 @@ class memberAdminController extends member $output = executeQuery('member.updateGroup', $args); $this->_deleteMemberGroupCache($args->site_srl); + + // Call trigger (after) + ModuleHandler::triggerCall('member.updateGroup', 'after', $args); + return $output; } @@ -1238,6 +1261,13 @@ class memberAdminController extends member if(!$group_info) return new Object(-1, 'lang->msg_not_founded'); if($group_info->is_default == 'Y') return new Object(-1, 'msg_not_delete_default'); + + // Call trigger (before) + $trigger_output = ModuleHandler::triggerCall('member.deleteGroup', 'before', $group_info); + if(!$trigger_output->toBool()) + { + return $trigger_output; + } // Get groups where is_default == 'Y' $columnList = array('site_srl', 'group_srl'); @@ -1251,6 +1281,14 @@ class memberAdminController extends member $args->group_srl = $group_srl; $output = executeQuery('member.deleteGroup', $args); $this->_deleteMemberGroupCache($site_srl); + if (!$output->toBool()) + { + return $output; + } + + // Call trigger (after) + ModuleHandler::triggerCall('member.deleteGroup', 'after', $group_info); + return $output; } From 48e4746f7dfb07494f1f92ca04d1670620818a91 Mon Sep 17 00:00:00 2001 From: Kijin Sung Date: Fri, 22 Jul 2016 16:11:25 +0900 Subject: [PATCH 07/45] Automatically exclude deleted groups from point/level/group integration --- modules/point/point.class.php | 4 ++++ modules/point/point.controller.php | 19 +++++++++++++++++++ 2 files changed, 23 insertions(+) diff --git a/modules/point/point.class.php b/modules/point/point.class.php index ef40999d4..305e6a094 100644 --- a/modules/point/point.class.php +++ b/modules/point/point.class.php @@ -85,6 +85,7 @@ class point extends ModuleObject $oModuleController->insertTrigger('file.downloadFile', 'point', 'controller', 'triggerBeforeDownloadFile', 'before'); $oModuleController->insertTrigger('file.downloadFile', 'point', 'controller', 'triggerDownloadFile', 'after'); $oModuleController->insertTrigger('member.doLogin', 'point', 'controller', 'triggerAfterLogin', 'after'); + $oModuleController->insertTrigger('member.deleteGroup', 'point', 'controller', 'triggerDeleteGroup', 'after'); $oModuleController->insertTrigger('module.dispAdditionSetup', 'point', 'view', 'triggerDispPointAdditionSetup', 'after'); $oModuleController->insertTrigger('document.updateReadedCount', 'point', 'controller', 'triggerUpdateReadedCount', 'after'); // Add a trigger for voting up and down 2008.05.13 haneul @@ -121,6 +122,7 @@ class point extends ModuleObject if(!$oModuleModel->getTrigger('file.downloadFile', 'point', 'controller', 'triggerBeforeDownloadFile', 'before')) return true; if(!$oModuleModel->getTrigger('file.downloadFile', 'point', 'controller', 'triggerDownloadFile', 'after')) return true; if(!$oModuleModel->getTrigger('member.doLogin', 'point', 'controller', 'triggerAfterLogin', 'after')) return true; + if(!$oModuleModel->getTrigger('member.deleteGroup', 'point', 'controller', 'triggerDeleteGroup', 'after')) return true; if(!$oModuleModel->getTrigger('module.dispAdditionSetup', 'point', 'view', 'triggerDispPointAdditionSetup', 'after')) return true; if(!$oModuleModel->getTrigger('document.updateReadedCount', 'point', 'controller', 'triggerUpdateReadedCount', 'after')) return true; // Add a trigger for voting up and down 2008.05.13 haneul @@ -169,6 +171,8 @@ class point extends ModuleObject $oModuleController->insertTrigger('file.downloadFile', 'point', 'controller', 'triggerDownloadFile', 'after'); if(!$oModuleModel->getTrigger('member.doLogin', 'point', 'controller', 'triggerAfterLogin', 'after')) $oModuleController->insertTrigger('member.doLogin', 'point', 'controller', 'triggerAfterLogin', 'after'); + if(!$oModuleModel->getTrigger('member.deleteGroup', 'point', 'controller', 'triggerDeleteGroup', 'after')) + $oModuleController->insertTrigger('member.deleteGroup', 'point', 'controller', 'triggerDeleteGroup', 'after'); if(!$oModuleModel->getTrigger('module.dispAdditionSetup', 'point', 'view', 'triggerDispPointAdditionSetup', 'after')) $oModuleController->insertTrigger('module.dispAdditionSetup', 'point', 'view', 'triggerDispPointAdditionSetup', 'after'); if(!$oModuleModel->getTrigger('document.updateReadedCount', 'point', 'controller', 'triggerUpdateReadedCount', 'after')) diff --git a/modules/point/point.controller.php b/modules/point/point.controller.php index 5253957cd..0fcd42236 100644 --- a/modules/point/point.controller.php +++ b/modules/point/point.controller.php @@ -60,6 +60,25 @@ class pointController extends point return new Object(); } + /** + * @brief Member group deletion trigger + */ + function triggerDeleteGroup(&$obj) + { + // Get the point module config + $config = getModel('module')->getModuleConfig('point'); + // Get the group_srl of the deleted group + $group_srl = $obj->group_srl; + // Exclude deleted group from point/level/group integration + if($config->point_group && isset($config->point_group[$group_srl])) + { + unset($config->point_group[$group_srl]); + getController('module')->insertModuleConfig('point', $config); + } + + return new Object(); + } + /** * @brief A trigger to add points to the member for creating a post */ From 21c19dc831f4e1a743d8407c88b35cd25d2c2cab Mon Sep 17 00:00:00 2001 From: Min-Soo Kim Date: Fri, 22 Jul 2016 22:51:36 +0900 Subject: [PATCH 08/45] Photoswipe addon bug fix (#553) able anchor element or onclick event bound to image elements except gallery items. --- addons/photoswipe/rx_photoswipe.js | 21 +++++++++------------ 1 file changed, 9 insertions(+), 12 deletions(-) diff --git a/addons/photoswipe/rx_photoswipe.js b/addons/photoswipe/rx_photoswipe.js index 24096a8b4..4680d0a25 100644 --- a/addons/photoswipe/rx_photoswipe.js +++ b/addons/photoswipe/rx_photoswipe.js @@ -11,11 +11,15 @@ var getPSImageSize = function(src) { } var initPhotoSwipeFromDOM = function(gallerySelector) { + var ps_skip_class = '.rx-escape, .photoswipe-escape'; + var ps_skip_elements_array = ['a', 'pre', 'xml', 'textarea', 'input', 'select', 'option', 'code', 'script', 'style', 'iframe', 'button', 'img', 'embed', 'object', 'ins']; + var ps_skip_elements = ''; + ps_skip_elements_array.forEach(function(el, i) { ps_skip_elements += el + ' img,'; }) // parse slide data (url, title, size ...) from DOM elements // (children of gallerySelector) var parseThumbnailElements = function(el) { - var imgElements = $(el).find("img"), + var imgElements = $(el).find("img:not(" + ps_skip_elements + ps_skip_class + ")"), numNodes = imgElements.length, items = [], imgEl, @@ -68,7 +72,7 @@ var initPhotoSwipeFromDOM = function(gallerySelector) { // find root element of slide var clickedListItem = closest(eTarget, function(el) { - return (el.tagName && el.tagName.toUpperCase() === 'IMG'); + return (el.tagName && el.tagName.toUpperCase() === 'IMG' && el.hasAttribute('data-pswp-pid')); }); if(!clickedListItem) { @@ -81,7 +85,7 @@ var initPhotoSwipeFromDOM = function(gallerySelector) { // find index of clicked item by looping through all child nodes // alternatively, you may define index via data- attribute var clickedGallery = $(clickedListItem).closest(gallerySelector).get(0), - childNodes = $(clickedGallery).find('img'), + childNodes = $(clickedGallery).find("img:not(" + ps_skip_elements + ps_skip_class + ")"), numChildNodes = childNodes.length, nodeIndex = 0, index; @@ -218,19 +222,12 @@ var initPhotoSwipeFromDOM = function(gallerySelector) { // do not activate PhotoSwipe at the editor-component or other module components var regx_skip = /(?:(modules|addons|classes|common|layouts|libs|widgets|widgetstyles)\/)/i; var regx_allow_i6pngfix = /(?:common\/tpl\/images\/blank\.gif$)/i; - var ps_skip_class = '.rx-escape, .photoswipe-escape'; - var ps_skip_elements = 'a, pre, xml, textarea, input, select, option, code, script, style, iframe, button, img, embed, object, ins'; - var galleryImgEls = $(galleryElements[i]).find('img'); - for(var j = 0, jl = galleryImgEls.length; j < jl; j++) { - // if the item has skip class(es), skip it. - if($(galleryImgEls[j]).is(ps_skip_class)) continue; + var galleryImgEls = $(galleryElements[i]).find("img:not(" + ps_skip_elements + ps_skip_class + ")"); + for(var j = 0, jl = galleryImgEls.length; j < jl; j++) { // skip components if(regx_skip.test($(galleryImgEls[j]).attr('src')) && !regx_allow_i6pngfix.test($(galleryImgEls[j]).attr('src'))) continue; - // if the image is an item of some elements, skip it. - if($(galleryImgEls[j]).parent(ps_skip_elements).length > 0) continue; - //$(galleryImgEls[j]).attr('data-pswp-uid', i+1); $(galleryImgEls[j]).attr('data-pswp-pid', j+1); From f20c75ef0994f176340283a436ed89e3deb1acd8 Mon Sep 17 00:00:00 2001 From: Min-Soo Kim Date: Sun, 24 Jul 2016 16:38:15 +0900 Subject: [PATCH 09/45] Add photoswipe enroll class MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit `.photoswipe-images` 클래스를 가진 이미지는 강제로 포토스와이프가 적용됩니다. ```html ``` 와 같은 이미지는 포토스와이프가 적용됩니다. ```html ``` 와 같은 상황에서도 포토스와이프가 적용됩니다. ```html ``` 와 같은 코드에서는 포토스와이프가 적용되지 않습니다.(`` anchor 태그의 자식 요소, `rx-escape` 클래스가 있는 항목이기 때문) ```html ``` 와 같은 코드에서도 포토스와이프는 적용되지 않습니다. (`` anchor 태그의 자식 요소이기 때문) --- addons/photoswipe/rx_photoswipe.js | 21 ++++++++++++++------- 1 file changed, 14 insertions(+), 7 deletions(-) diff --git a/addons/photoswipe/rx_photoswipe.js b/addons/photoswipe/rx_photoswipe.js index 4680d0a25..cc4891c9d 100644 --- a/addons/photoswipe/rx_photoswipe.js +++ b/addons/photoswipe/rx_photoswipe.js @@ -11,15 +11,22 @@ var getPSImageSize = function(src) { } var initPhotoSwipeFromDOM = function(gallerySelector) { - var ps_skip_class = '.rx-escape, .photoswipe-escape'; - var ps_skip_elements_array = ['a', 'pre', 'xml', 'textarea', 'input', 'select', 'option', 'code', 'script', 'style', 'iframe', 'button', 'img', 'embed', 'object', 'ins']; - var ps_skip_elements = ''; - ps_skip_elements_array.forEach(function(el, i) { ps_skip_elements += el + ' img,'; }) + // photoswipe will skip images that have these classes or are children of these elements. + var ps_skip_class = '.rx-escape, .photoswipe-escape', + ps_skip_elements_array = ['a', 'pre', 'xml', 'textarea', 'input', 'select', 'option', 'code', 'script', 'style', 'iframe', 'button', 'img', 'embed', 'object', 'ins'], + ps_skip_elements = ''; + ps_skip_elements_array.forEach(function(el, i) { ps_skip_elements += el + ' img,'; }); + + // Photoswipe will enroll images that have this class, though the image is marked as skip item by criteria above. + var ps_enroll_class = '.photoswipe-images'; + + // CSS selector for photoswipe items. + var ps_find_selector = 'img:not(' + ps_skip_elements + ps_skip_class + '), img' + ps_enroll_class; // parse slide data (url, title, size ...) from DOM elements // (children of gallerySelector) var parseThumbnailElements = function(el) { - var imgElements = $(el).find("img:not(" + ps_skip_elements + ps_skip_class + ")"), + var imgElements = $(el).find(ps_find_selector), numNodes = imgElements.length, items = [], imgEl, @@ -85,7 +92,7 @@ var initPhotoSwipeFromDOM = function(gallerySelector) { // find index of clicked item by looping through all child nodes // alternatively, you may define index via data- attribute var clickedGallery = $(clickedListItem).closest(gallerySelector).get(0), - childNodes = $(clickedGallery).find("img:not(" + ps_skip_elements + ps_skip_class + ")"), + childNodes = $(clickedGallery).find(ps_find_selector), numChildNodes = childNodes.length, nodeIndex = 0, index; @@ -223,7 +230,7 @@ var initPhotoSwipeFromDOM = function(gallerySelector) { var regx_skip = /(?:(modules|addons|classes|common|layouts|libs|widgets|widgetstyles)\/)/i; var regx_allow_i6pngfix = /(?:common\/tpl\/images\/blank\.gif$)/i; - var galleryImgEls = $(galleryElements[i]).find("img:not(" + ps_skip_elements + ps_skip_class + ")"); + var galleryImgEls = $(galleryElements[i]).find(ps_find_selector); for(var j = 0, jl = galleryImgEls.length; j < jl; j++) { // skip components if(regx_skip.test($(galleryImgEls[j]).attr('src')) && !regx_allow_i6pngfix.test($(galleryImgEls[j]).attr('src'))) continue; From 679d4af0c64f2f84ccfff3639a0f8ef67a9d0ada Mon Sep 17 00:00:00 2001 From: Kijin Sung Date: Sun, 24 Jul 2016 17:42:14 +0900 Subject: [PATCH 10/45] Automatically generate notify ID if not given --- modules/ncenterlite/ncenterlite.controller.php | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/modules/ncenterlite/ncenterlite.controller.php b/modules/ncenterlite/ncenterlite.controller.php index 553817518..821ac4ff7 100644 --- a/modules/ncenterlite/ncenterlite.controller.php +++ b/modules/ncenterlite/ncenterlite.controller.php @@ -993,7 +993,11 @@ class ncenterliteController extends ncenterlite return new Object(); } - + // 노티 ID가 없는 경우 자동 생성 + if (!$args->notify) + { + $args->notify = $this->_getNotifyId($args); + } if($anonymous == TRUE) { From 3245c3ae46cd7dc935ec52e7f56b401a39c91007 Mon Sep 17 00:00:00 2001 From: Kijin Sung Date: Sun, 24 Jul 2016 17:49:23 +0900 Subject: [PATCH 11/45] Add X, Y, Z notification types for customization --- modules/ncenterlite/ncenterlite.model.php | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/modules/ncenterlite/ncenterlite.model.php b/modules/ncenterlite/ncenterlite.model.php index 2e5f1ba44..7794d386f 100644 --- a/modules/ncenterlite/ncenterlite.model.php +++ b/modules/ncenterlite/ncenterlite.model.php @@ -328,6 +328,26 @@ class ncenterliteModel extends ncenterlite $type = $lang->ncenterlite_type_test; break; + // Custom string. + case 'X': + return $notification->target_body; + + // Custom language. + case 'Y': + return $lang->{$notification->target_body}; + + // Custom language with string interpolation. + case 'Z': + return vsprintf($lang->{$notification->target_body}, array( + $notification->target_member_srl, // %1$d + $notification->target_nick_name, // %2$s + $notification->target_user_id, // %3$s + $notification->target_email_address, // %4$s + $notification->target_browser, // %5$s + $notification->target_summary, // %6$s + $notification->target_url, // %7$s + )); + // Other. case 'U': default: From 6a9681622c3506bd8d051a57e86a15f2f460da30 Mon Sep 17 00:00:00 2001 From: Kijin Sung Date: Sun, 24 Jul 2016 18:02:04 +0900 Subject: [PATCH 12/45] Also auto-generate the regdate field if it is empty --- modules/ncenterlite/ncenterlite.controller.php | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/modules/ncenterlite/ncenterlite.controller.php b/modules/ncenterlite/ncenterlite.controller.php index 821ac4ff7..fb50a53c3 100644 --- a/modules/ncenterlite/ncenterlite.controller.php +++ b/modules/ncenterlite/ncenterlite.controller.php @@ -998,6 +998,12 @@ class ncenterliteController extends ncenterlite { $args->notify = $this->_getNotifyId($args); } + + // 날짜가 없는 경우 자동 생성 + if (!$args->regdate) + { + $args->regdate = date('YmdHis'); + } if($anonymous == TRUE) { From b6c56dd14c794e01d5f9d7be872ce59c18e79f31 Mon Sep 17 00:00:00 2001 From: Kijin Sung Date: Tue, 26 Jul 2016 23:08:38 +0900 Subject: [PATCH 13/45] Remove duplicate index in ncenterlite module --- modules/ncenterlite/ncenterlite.class.php | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/modules/ncenterlite/ncenterlite.class.php b/modules/ncenterlite/ncenterlite.class.php index 0a42f5b09..d93f3db2d 100644 --- a/modules/ncenterlite/ncenterlite.class.php +++ b/modules/ncenterlite/ncenterlite.class.php @@ -124,12 +124,13 @@ class ncenterlite extends ModuleObject return true; } - if(!$oDB->isIndexExists('ncenterlite_notify', 'idx_notify')) + if(!$oDB->isIndexExists('ncenterlite_notify', 'idx_target_member_srl')) { return true; } - if(!$oDB->isIndexExists('ncenterlite_notify', 'idx_target_member_srl')) + // PK duplicate + if($oDB->isIndexExists('ncenterlite_notify', 'idx_notify')) { return true; } @@ -202,16 +203,17 @@ class ncenterlite extends ModuleObject $oDB->addIndex('ncenterlite_notify', 'idx_target_p_srl', array('target_p_srl')); } - if(!$oDB->isIndexExists('ncenterlite_notify', 'idx_notify')) - { - $oDB->addIndex('ncenterlite_notify', 'idx_notify', array('notify')); - } - if(!$oDB->isIndexExists('ncenterlite_notify', 'idx_target_member_srl')) { $oDB->addIndex('ncenterlite_notify', 'idx_target_member_srl', array('target_member_srl')); } + // PK duplicate + if($oDB->isIndexExists('ncenterlite_notify', 'idx_notify')) + { + $oDB->dropIndex('ncenterlite_notify', 'idx_notify'); + } + return new Object(0, 'success_updated'); } From 51d3f634fee8a50826406d299d32ca6f9d255232 Mon Sep 17 00:00:00 2001 From: Kijin Sung Date: Tue, 26 Jul 2016 23:12:04 +0900 Subject: [PATCH 14/45] Add composite index to speed up getNotifyList query --- modules/ncenterlite/ncenterlite.class.php | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/modules/ncenterlite/ncenterlite.class.php b/modules/ncenterlite/ncenterlite.class.php index d93f3db2d..8d1e317c3 100644 --- a/modules/ncenterlite/ncenterlite.class.php +++ b/modules/ncenterlite/ncenterlite.class.php @@ -129,6 +129,12 @@ class ncenterlite extends ModuleObject return true; } + // Composite index to speed up getNotifyList + if(!$oDB->isIndexExists('ncenterlite_notify', 'idx_member_srl_and_readed')) + { + return true; + } + // PK duplicate if($oDB->isIndexExists('ncenterlite_notify', 'idx_notify')) { @@ -208,6 +214,12 @@ class ncenterlite extends ModuleObject $oDB->addIndex('ncenterlite_notify', 'idx_target_member_srl', array('target_member_srl')); } + // Composite index to speed up getNotifyList + if(!$oDB->isIndexExists('ncenterlite_notify', 'idx_member_srl_and_readed')) + { + $oDB->addIndex('ncenterlite_notify', 'idx_member_srl_and_readed', array('member_srl', 'readed')); + } + // PK duplicate if($oDB->isIndexExists('ncenterlite_notify', 'idx_notify')) { From 4062ae7839c4e7fd23f47a936cc212f6cf3c7c5e Mon Sep 17 00:00:00 2001 From: Kijin Sung Date: Tue, 26 Jul 2016 23:18:17 +0900 Subject: [PATCH 15/45] Delete idx_notify index from schema --- modules/ncenterlite/schemas/ncenterlite_notify.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/ncenterlite/schemas/ncenterlite_notify.xml b/modules/ncenterlite/schemas/ncenterlite_notify.xml index 083da9708..b7798222e 100644 --- a/modules/ncenterlite/schemas/ncenterlite_notify.xml +++ b/modules/ncenterlite/schemas/ncenterlite_notify.xml @@ -1,5 +1,5 @@ - + From 2dba5ac182de123ba79593d578479054d1500410 Mon Sep 17 00:00:00 2001 From: Kijin Sung Date: Tue, 26 Jul 2016 23:18:57 +0900 Subject: [PATCH 16/45] Fix typo in 'brief' field definition --- .../schemas/ncenterlite_notify.xml | 32 +++++++++---------- .../schemas/ncenterlite_user_set.xml | 2 +- 2 files changed, 17 insertions(+), 17 deletions(-) diff --git a/modules/ncenterlite/schemas/ncenterlite_notify.xml b/modules/ncenterlite/schemas/ncenterlite_notify.xml index b7798222e..6a0d9ef2b 100644 --- a/modules/ncenterlite/schemas/ncenterlite_notify.xml +++ b/modules/ncenterlite/schemas/ncenterlite_notify.xml @@ -1,24 +1,24 @@
- + - - - - - - + + + + + + - + - - - - + + + + - - - - + + + +
diff --git a/modules/ncenterlite/schemas/ncenterlite_user_set.xml b/modules/ncenterlite/schemas/ncenterlite_user_set.xml index 0562ed1e4..6143f1693 100644 --- a/modules/ncenterlite/schemas/ncenterlite_user_set.xml +++ b/modules/ncenterlite/schemas/ncenterlite_user_set.xml @@ -1,5 +1,5 @@ - + From bcf6523e81e28893fff888b30202cddaab355518 Mon Sep 17 00:00:00 2001 From: BJRambo Date: Sat, 30 Jul 2016 07:49:30 +0900 Subject: [PATCH 17/45] Modify the title of the comment notification e-mail. --- modules/comment/comment.controller.php | 21 +++++++++++---------- modules/comment/lang/en.php | 1 + modules/comment/lang/ko.php | 1 + 3 files changed, 13 insertions(+), 10 deletions(-) diff --git a/modules/comment/comment.controller.php b/modules/comment/comment.controller.php index 402063609..8e62e49bf 100644 --- a/modules/comment/comment.controller.php +++ b/modules/comment/comment.controller.php @@ -638,16 +638,22 @@ class commentController extends comment $module_info = $oModuleModel->getModuleInfoByDocumentSrl($obj->document_srl); // If there is no problem to register comment then send an email to all admin were set in module admin panel - if($module_info->admin_mail && $member_info->is_admin != 'Y') + if($module_info->admin_mail/* && $member_info->is_admin != 'Y'*/) { $oMail = new Mail(); - if($is_logged) + // 메일 발신자 조작으로 취급하여 스팸으로 직행할 수 있기때문에 회원설정에서 입력된 웹마스터 메일주소를 이용하도록 함 + $member_config = $oMemberModel->getMemberConfig(); + $admin_email_adress = $member_config->webmaster_email; + // 관리자 메일을 입력하지 않으면 메일을 보내지 않음. + if(!$admin_email_adress) { - $oMail->setSender($obj->email_address, $obj->email_address); + return; } - - $mail_title = "[Rhymix - " . Context::get('mid') . "] A new comment was posted on document: \"" . $oDocument->getTitleText() . "\""; + // 매일 보내는 이를 관리자 계정으로 설정한다. + $oMail->setSender($member_config->webmaster_name, $member_config->webmaster_email); + $mail_title = sprintf(lang('msg_comment_notify_mail'), Context::get('mid'), $oDocument->getTitleText()); + //$mail_title = "[" . Context::get('mid') . "] A new comment was posted on document: \"" . $oDocument->getTitleText() . "\""; $oMail->setTitle($mail_title); $url_comment = getFullUrl('','document_srl',$obj->document_srl).'#comment_'.$obj->comment_srl; if($using_validation) @@ -710,7 +716,6 @@ class commentController extends comment // get all admins emails $admins_emails = $module_info->admin_mail; $target_mail = explode(',', $admins_emails); - // send email to all admins - START for($i = 0; $i < count($target_mail); $i++) { @@ -719,10 +724,6 @@ class commentController extends comment { continue; } - if(!$is_logged) - { - $oMail->setSender($email_address, $email_address); - } $oMail->setReceiptor($email_address, $email_address); $oMail->send(); } diff --git a/modules/comment/lang/en.php b/modules/comment/lang/en.php index dea93e25d..16a36ed3c 100644 --- a/modules/comment/lang/en.php +++ b/modules/comment/lang/en.php @@ -49,3 +49,4 @@ $lang->improper_comment_reasons['others'] = 'Others (Write your own)'; $lang->about_improper_comment_declare = 'Write here why you report this comment as an improper thing.'; $lang->msg_deleted_comment = 'This comment has been deleted.'; $lang->msg_admin_deleted_comment = 'This comment has been deleted by an administrator.'; +$lang->msg_comment_notify_mail = "[%s] A new comment was posted on document: \" %s \""; diff --git a/modules/comment/lang/ko.php b/modules/comment/lang/ko.php index 0ad2e16b2..59e7cb8f1 100644 --- a/modules/comment/lang/ko.php +++ b/modules/comment/lang/ko.php @@ -53,3 +53,4 @@ $lang->improper_comment_reasons['others'] = '기타(직접작성)'; $lang->about_improper_comment_declare = '댓글을 신고하신 이유를 간단히 적어서 제출해주시면 관리자 검토 후 조치하겠습니다.'; $lang->msg_deleted_comment = '삭제된 댓글입니다.'; $lang->msg_admin_deleted_comment = '관리자가 삭제한 댓글입니다.'; +$lang->msg_comment_notify_mail = '[%s] 새로운 댓글이 등록되었습니다 : %s'; From e4140c51622f16ac5594198b1627504905dbd284 Mon Sep 17 00:00:00 2001 From: BJRambo Date: Sat, 30 Jul 2016 07:56:49 +0900 Subject: [PATCH 18/45] Deleted test code --- modules/comment/comment.controller.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/comment/comment.controller.php b/modules/comment/comment.controller.php index 8e62e49bf..695195c20 100644 --- a/modules/comment/comment.controller.php +++ b/modules/comment/comment.controller.php @@ -638,7 +638,7 @@ class commentController extends comment $module_info = $oModuleModel->getModuleInfoByDocumentSrl($obj->document_srl); // If there is no problem to register comment then send an email to all admin were set in module admin panel - if($module_info->admin_mail/* && $member_info->is_admin != 'Y'*/) + if($module_info->admin_mail && $member_info->is_admin != 'Y') { $oMail = new Mail(); From c1e62d93c7d1b1363894981652bb5c9a79750204 Mon Sep 17 00:00:00 2001 From: BJRambo Date: Sat, 30 Jul 2016 08:11:09 +0900 Subject: [PATCH 19/45] Improvement to cut the post title --- modules/comment/comment.controller.php | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/modules/comment/comment.controller.php b/modules/comment/comment.controller.php index 695195c20..45a588f82 100644 --- a/modules/comment/comment.controller.php +++ b/modules/comment/comment.controller.php @@ -652,8 +652,7 @@ class commentController extends comment } // 매일 보내는 이를 관리자 계정으로 설정한다. $oMail->setSender($member_config->webmaster_name, $member_config->webmaster_email); - $mail_title = sprintf(lang('msg_comment_notify_mail'), Context::get('mid'), $oDocument->getTitleText()); - //$mail_title = "[" . Context::get('mid') . "] A new comment was posted on document: \"" . $oDocument->getTitleText() . "\""; + $mail_title = sprintf(lang('msg_comment_notify_mail'), Context::get('mid'), cut_str($oDocument->getTitleText(), 20, '...')); $oMail->setTitle($mail_title); $url_comment = getFullUrl('','document_srl',$obj->document_srl).'#comment_'.$obj->comment_srl; if($using_validation) From 0c2c3b80ac8c6cc0deea16ceef50ddc3c116ad9a Mon Sep 17 00:00:00 2001 From: BJRambo Date: Sat, 30 Jul 2016 08:23:58 +0900 Subject: [PATCH 20/45] Fixed the format of the notifycation e-mail for new posts --- modules/board/board.controller.php | 31 +++++++++++++++--------------- modules/board/lang/en.php | 1 + modules/board/lang/ko.php | 1 + 3 files changed, 18 insertions(+), 15 deletions(-) diff --git a/modules/board/board.controller.php b/modules/board/board.controller.php index ada9c426a..a7afd54d3 100644 --- a/modules/board/board.controller.php +++ b/modules/board/board.controller.php @@ -177,26 +177,27 @@ class boardController extends board { $oModuleModel = getModel('module'); $member_config = $oModuleModel->getModuleConfig('member'); - $is_logged = Context::get('is_logged'); - if(!$is_logged && !$member_config->webmaster_email) + if($member_config->webmaster_email) { - $obj->email_address = $this->module_info->admin_mail; + $mail_title = sprintf(lang('msg_document_notify_mail'), $obj->mid, cut_str($obj->title, 20, '...')); + + $oMail = new Mail(); + $oMail->setTitle($mail_title); + $oMail->setContent( sprintf("From : %s
\r\n%s", getFullUrl('','document_srl',$obj->document_srl), getFullUrl('','document_srl',$obj->document_srl), $obj->content)); + $oMail->setSender($member_config->webmaster_name ?: null, $member_config->webmaster_email); + + $target_mail = explode(',',$this->module_info->admin_mail); + for($i=0;$isetReceiptor($email_address, $email_address); + $oMail->send(); + } } - $oMail = new Mail(); - $oMail->setTitle($obj->title); - $oMail->setContent( sprintf("From : %s
\r\n%s", getFullUrl('','document_srl',$obj->document_srl), getFullUrl('','document_srl',$obj->document_srl), $obj->content)); - $oMail->setSender($obj->user_name ?: null, $obj->email_address ? $obj->email_address : $member_config->webmaster_email); - $target_mail = explode(',',$this->module_info->admin_mail); - for($i=0;$isetReceiptor($email_address, $email_address); - $oMail->send(); - } } } diff --git a/modules/board/lang/en.php b/modules/board/lang/en.php index 303b1171f..108f4589c 100644 --- a/modules/board/lang/en.php +++ b/modules/board/lang/en.php @@ -48,3 +48,4 @@ $lang->cmd_only_p_comment = 'Only if there are replies'; $lang->cmd_all_comment_message = 'Always'; $lang->cmd_do_not_message = 'Never'; $lang->delete_placeholder = 'Delete Placeholder'; +$lang->msg_document_notify_mail = '[%s] The new post : %s'; diff --git a/modules/board/lang/ko.php b/modules/board/lang/ko.php index b7a7a36e4..42b8b5fb5 100644 --- a/modules/board/lang/ko.php +++ b/modules/board/lang/ko.php @@ -77,3 +77,4 @@ $lang->cmd_only_p_comment = '대댓글이 있는 경우에만 남김'; $lang->cmd_all_comment_message = '모든 댓글에 남김'; $lang->cmd_do_not_message = '남기지 않음'; $lang->delete_placeholder = '완전 삭제'; +$lang->msg_document_notify_mail = '[%s] 새로운 게시글이 등록되었습니다 : %s'; From a7cc0b64b8c74a72d4109596e69879e76debbb5d Mon Sep 17 00:00:00 2001 From: BJRambo Date: Mon, 1 Aug 2016 13:22:47 +0900 Subject: [PATCH 21/45] =?UTF-8?q?=EB=AA=A8=EB=93=88=EC=9D=98=20mid?= =?UTF-8?q?=EB=A5=BC=20=EB=82=98=ED=83=80=EB=82=B4=EC=A7=80=20=EC=95=8A?= =?UTF-8?q?=EA=B3=A0=20=EB=B8=8C=EB=9D=BC=EC=9A=B0=EC=A0=80=20=ED=83=80?= =?UTF-8?q?=EC=9D=B4=ED=8B=80=EC=9D=84=20=EC=B6=9C=EB=A0=A5=ED=95=98?= =?UTF-8?q?=EB=8F=84=EB=A1=9D=20=EA=B3=A0=EC=B9=A8?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- modules/board/board.controller.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/board/board.controller.php b/modules/board/board.controller.php index a7afd54d3..738cb5767 100644 --- a/modules/board/board.controller.php +++ b/modules/board/board.controller.php @@ -180,7 +180,7 @@ class boardController extends board if($member_config->webmaster_email) { - $mail_title = sprintf(lang('msg_document_notify_mail'), $obj->mid, cut_str($obj->title, 20, '...')); + $mail_title = sprintf(lang('msg_document_notify_mail'), $this->module_info->browser_title, cut_str($obj->title, 20, '...')); $oMail = new Mail(); $oMail->setTitle($mail_title); From a37b288f1ba759b8e3888359732c90228d982e1e Mon Sep 17 00:00:00 2001 From: sejin7940 Date: Fri, 8 Aug 2014 06:19:03 +0900 Subject: [PATCH 22/45] Update Validator.class.php --- classes/validator/Validator.class.php | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/classes/validator/Validator.class.php b/classes/validator/Validator.class.php index 5c630c30c..495adb9de 100644 --- a/classes/validator/Validator.class.php +++ b/classes/validator/Validator.class.php @@ -91,7 +91,8 @@ class Validator 'url' => '/^(https?|ftp|mms):\/\/[0-9a-z-]+(\.[_0-9a-z-]+)+(:\d+)?/', 'alpha' => '/^[a-z]*$/i', 'alpha_number' => '/^[a-z][a-z0-9_]*$/i', - 'number' => '/^(?:[1-9]\\d*|0)$/' + 'number' => '/^(?:[1-9]\\d*|0)$/', + 'real' => '/^\d*(\.?\d*)$/' )); $this->_has_mb_func = is_callable('mb_strlen'); @@ -714,7 +715,7 @@ class Validator { $name = strtolower($name); - if(in_array($name, array('email', 'userid', 'url', 'alpha', 'alpha_number', 'number'))) + if(in_array($name, array('email', 'userid', 'url', 'alpha', 'alpha_number', 'number', 'real'))) { continue; } From f80e289de938af5cf381b0fc7ac39b8ae48fb181 Mon Sep 17 00:00:00 2001 From: sejin7940 Date: Fri, 8 Aug 2014 06:19:41 +0900 Subject: [PATCH 23/45] Update fileModuleConfig.xml --- modules/file/ruleset/fileModuleConfig.xml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/modules/file/ruleset/fileModuleConfig.xml b/modules/file/ruleset/fileModuleConfig.xml index 2cf75672f..385bbc71f 100644 --- a/modules/file/ruleset/fileModuleConfig.xml +++ b/modules/file/ruleset/fileModuleConfig.xml @@ -4,8 +4,8 @@ - - + + From 17dd0c90618589ed0dc8d543985c28996546e62c Mon Sep 17 00:00:00 2001 From: sejin7940 Date: Sun, 26 Oct 2014 19:21:53 +0900 Subject: [PATCH 24/45] Update file.model.php --- modules/file/file.model.php | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/modules/file/file.model.php b/modules/file/file.model.php index cee62d217..a38deb12a 100644 --- a/modules/file/file.model.php +++ b/modules/file/file.model.php @@ -175,6 +175,16 @@ class fileModel extends file if(!$config->allow_outlink) $config->allow_outlink = 'Y'; if(!$config->download_grant) $config->download_grant = array(); + $size = preg_replace('/[a-z]/is', '', ini_get('upload_max_filesize')); + if($config->allowed_filesize > $size) + { + $config->allowed_filesize = $size; + } + if($config->allowed_attach_size > $size) + { + $config->allowed_attach_size = $size; + } + return $config; } From 46278a886b456dfcac4c81fa5c93efe027c32c89 Mon Sep 17 00:00:00 2001 From: bnu Date: Tue, 26 Jul 2016 15:24:20 +0900 Subject: [PATCH 25/45] =?UTF-8?q?type=20=EC=9D=B4=EB=A6=84=EC=9D=84=20'flo?= =?UTF-8?q?at'=EB=A1=9C=20=EB=B3=80=EA=B2=BD?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- classes/validator/Validator.class.php | 4 ++-- modules/file/ruleset/fileModuleConfig.xml | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/classes/validator/Validator.class.php b/classes/validator/Validator.class.php index 495adb9de..af9ade505 100644 --- a/classes/validator/Validator.class.php +++ b/classes/validator/Validator.class.php @@ -92,7 +92,7 @@ class Validator 'alpha' => '/^[a-z]*$/i', 'alpha_number' => '/^[a-z][a-z0-9_]*$/i', 'number' => '/^(?:[1-9]\\d*|0)$/', - 'real' => '/^\d*(\.?\d*)$/' + 'float' => '/^\d*(\.?\d*)$/' )); $this->_has_mb_func = is_callable('mb_strlen'); @@ -715,7 +715,7 @@ class Validator { $name = strtolower($name); - if(in_array($name, array('email', 'userid', 'url', 'alpha', 'alpha_number', 'number', 'real'))) + if(in_array($name, array('email', 'userid', 'url', 'alpha', 'alpha_number', 'number', 'float'))) { continue; } diff --git a/modules/file/ruleset/fileModuleConfig.xml b/modules/file/ruleset/fileModuleConfig.xml index 385bbc71f..963180a3e 100644 --- a/modules/file/ruleset/fileModuleConfig.xml +++ b/modules/file/ruleset/fileModuleConfig.xml @@ -4,8 +4,8 @@ - - + + From 61c54504efc91155567d87bdbddaf82d1c59bec8 Mon Sep 17 00:00:00 2001 From: bnu Date: Tue, 26 Jul 2016 17:26:37 +0900 Subject: [PATCH 26/45] =?UTF-8?q?-=20invalid=5Ffloat=20=EB=A9=94=EC=8B=9C?= =?UTF-8?q?=EC=A7=80=20=EC=B6=94=EA=B0=80=20-=20=ED=8C=8C=EC=9D=BC=20?= =?UTF-8?q?=EC=9A=A9=EB=9F=89=20=EC=84=A4=EC=A0=95=EC=9D=98=20=EB=A3=B0?= =?UTF-8?q?=EC=85=8B=20=EC=B6=94=EA=B0=80=20=EC=88=98=EC=A0=95=20-=20XML?= =?UTF-8?q?=20Filter=EC=97=90=EC=84=9C=20float=EB=A5=BC=20=EC=B2=98?= =?UTF-8?q?=EB=A6=AC=ED=95=A0=20=EC=88=98=20=EC=9E=88=EB=8F=84=EB=A1=9D=20?= =?UTF-8?q?=EB=A3=B0=EC=84=B8=20=EC=B6=94=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- classes/validator/Validator.class.php | 2 +- common/js/xml_js_filter.js | 4 ++++ common/lang/en.php | 1 + common/lang/ja.php | 1 + common/lang/ko.php | 1 + common/lang/zh-CN.php | 1 + common/lang/zh-TW.php | 1 + modules/file/ruleset/insertConfig.xml | 4 ++-- modules/file/tpl/adminConfig.html | 4 ++-- 9 files changed, 14 insertions(+), 5 deletions(-) diff --git a/classes/validator/Validator.class.php b/classes/validator/Validator.class.php index af9ade505..2afbcb96d 100644 --- a/classes/validator/Validator.class.php +++ b/classes/validator/Validator.class.php @@ -92,7 +92,7 @@ class Validator 'alpha' => '/^[a-z]*$/i', 'alpha_number' => '/^[a-z][a-z0-9_]*$/i', 'number' => '/^(?:[1-9]\\d*|0)$/', - 'float' => '/^\d*(\.?\d*)$/' + 'float' => '/^\d+(\.\d+)?$/' )); $this->_has_mb_func = is_callable('mb_strlen'); diff --git a/common/js/xml_js_filter.js b/common/js/xml_js_filter.js index 537fbde11..17108540b 100644 --- a/common/js/xml_js_filter.js +++ b/common/js/xml_js_filter.js @@ -51,6 +51,10 @@ // number var regNum = /^[0-9]*$/; this.cast('ADD_RULE', ['number', regNum]); + + // float + var regFloat = /^\d+(\.\d+)?$/; + this.cast('ADD_RULE', ['float', regFloat]); // }}} add filters }, // run validator diff --git a/common/lang/en.php b/common/lang/en.php index 0b7e1abaf..65429151c 100644 --- a/common/lang/en.php +++ b/common/lang/en.php @@ -310,6 +310,7 @@ $lang->filter['invalid_alpha'] = 'The format of %s is invalid. Please enter Engl $lang->filter['invalid_alpha_number'] = 'The format of %s is invalid. Please enter English alphabets and numbers only.'; $lang->filter['invalid_mid'] = 'The format of %s is invalid. Module ID should be begun with a letter. Subsequent characters may be letters, digits or underscore characters.'; $lang->filter['invalid_number'] = 'The format of %s is invalid. Please enter numbers only.'; +$lang->filter['invalid_float'] = 'The format of %s is invalid. Please enter numbers only.'; $lang->filter['invalid_extension'] = 'The format of %s is invalid. e.g.) *.* or *.jpg;*.gif;.'; $lang->security_warning_embed = 'Due to security concern, administrators are not allowed to view embedded items.
To view them, please use another non-administrator ID.'; $lang->msg_pc_to_mobile = 'View mobile optimized version of this page'; diff --git a/common/lang/ja.php b/common/lang/ja.php index ab81bae9c..e6b81a3b8 100644 --- a/common/lang/ja.php +++ b/common/lang/ja.php @@ -293,6 +293,7 @@ $lang->filter['invalid_alpha'] = '%sの形式が正しくありません。半 $lang->filter['invalid_alpha_number'] = '%sの形式が正しくありません。半角英数字で入力してください。'; $lang->filter['invalid_mid'] = '%sの形式が正しくありません。 最初の文字は英文から始め、「英文+数字+_」組合せで入力が必要です。'; $lang->filter['invalid_number'] = '%sの形式が正しくありません。半角数字で入力してください。'; +$lang->filter['invalid_float'] = '%sの形式が正しくありません。半角数字で入力してください。'; $lang->security_warning_embed = 'セキュリティ問題のため、管理者IDではembedを見ることができません。
他のIDでログインしてください。'; $lang->msg_pc_to_mobile = 'このページは、モバイル表示が可能です。モバイル表示へ移動しますか?'; $lang->cmd_yes = 'はい'; diff --git a/common/lang/ko.php b/common/lang/ko.php index e9290c67d..720909c06 100644 --- a/common/lang/ko.php +++ b/common/lang/ko.php @@ -310,6 +310,7 @@ $lang->filter['invalid_alpha'] = '%s의 형식이 잘못되었습니다. 영문 $lang->filter['invalid_alpha_number'] = '%s의 형식이 잘못되었습니다. 영문과 숫자로만 입력해야 합니다.'; $lang->filter['invalid_mid'] = '%s의 형식이 잘못되었습니다. 첫 글자는 영문으로 시작해야 하며 \'영문+숫자+_\'로만 입력해야 합니다.'; $lang->filter['invalid_number'] = '%s의 형식이 잘못되었습니다. 숫자로만 입력해야 합니다.'; +$lang->filter['invalid_float'] = '%s의 형식이 잘못되었습니다. 숫자로만 입력해야 합니다.'; $lang->filter['invalid_extension'] = '%s의 형식이 잘못되었습니다. *.* 나 *.jpg;*.gif; 처럼 입력해야 합니다.'; $lang->security_invalid_session = '바르지 않은 접근입니다. 인증을 위해 다시 로그인해야 합니다.'; $lang->security_warning_embed = '보안 문제로 관리자 아이디로는 embed를 볼 수 없습니다. 확인하려면 다른 아이디로 접속하세요'; diff --git a/common/lang/zh-CN.php b/common/lang/zh-CN.php index cc43b14a6..936207cdd 100644 --- a/common/lang/zh-CN.php +++ b/common/lang/zh-CN.php @@ -277,6 +277,7 @@ $lang->filter['invalid_alpha'] = '%s只能输入英文字母'; $lang->filter['invalid_alpha_number'] = '%s只能输入英文或数字'; $lang->filter['invalid_mid'] = '%s 格式错误。 模块名称只能用英文、数字及下划线,开头必须是英文。'; $lang->filter['invalid_number'] = '%s只能输入数字'; +$lang->filter['invalid_float'] = '%s只能输入数字'; $lang->security_warning_embed = '由于安全问题,不允许用系统管理员ID操作embed对象,请使用其他拥有管理权限的ID操作。'; $lang->cmd_yes = '是'; $lang->cmd_no = '否'; diff --git a/common/lang/zh-TW.php b/common/lang/zh-TW.php index c10602414..a6a4083ed 100644 --- a/common/lang/zh-TW.php +++ b/common/lang/zh-TW.php @@ -276,6 +276,7 @@ $lang->filter['invalid_alpha'] = '%s只能輸入英文字母'; $lang->filter['invalid_alpha_number'] = '%s只能輸入英文或數字'; $lang->filter['invalid_mid'] = '%s 格式錯誤。 模組名稱只能使用英文、數字及底線,開頭必須是英文。'; $lang->filter['invalid_number'] = '%s只能輸入數字'; +$lang->filter['invalid_float'] = '%s只能輸入數字'; $lang->security_warning_embed = '基於安全因素,管理員無法檢視嵌入的物件。
請使用其他非管理員帳號檢視。'; $lang->msg_pc_to_mobile = '此頁面有手機頁面,要移至手機頁面嗎?'; $lang->cmd_yes = '是'; diff --git a/modules/file/ruleset/insertConfig.xml b/modules/file/ruleset/insertConfig.xml index 2cf75672f..963180a3e 100644 --- a/modules/file/ruleset/insertConfig.xml +++ b/modules/file/ruleset/insertConfig.xml @@ -4,8 +4,8 @@ - - + + diff --git a/modules/file/tpl/adminConfig.html b/modules/file/tpl/adminConfig.html index 905a6654b..255e26141 100644 --- a/modules/file/tpl/adminConfig.html +++ b/modules/file/tpl/adminConfig.html @@ -34,13 +34,13 @@
- MB/{$upload_max_filesize} + MB / {$upload_max_filesize}
- MB + MB
From ea7d60360e9c71b9194ddaa86d01a8bd8cd76b60 Mon Sep 17 00:00:00 2001 From: Kyeongdae Date: Mon, 18 Jan 2016 19:15:28 +0900 Subject: [PATCH 27/45] =?UTF-8?q?=EA=B2=8C=EC=8B=9C=ED=8C=90=20=EC=83=81?= =?UTF-8?q?=EB=8B=B4=EA=B8=80=20=EC=A1=B0=ED=9A=8C=20=EA=B6=8C=ED=95=9C=20?= =?UTF-8?q?=EC=B6=94=EA=B0=80.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- modules/board/board.view.php | 2 +- modules/board/conf/module.xml | 5 +++++ 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/modules/board/board.view.php b/modules/board/board.view.php index 6c5dab7ce..41af3c945 100644 --- a/modules/board/board.view.php +++ b/modules/board/board.view.php @@ -74,7 +74,7 @@ class boardView extends board * check the consultation function, if the user is admin then swich off consultation function * if the user is not logged, then disppear write document/write comment./ view document **/ - if($this->module_info->consultation == 'Y' && !$this->grant->manager) + if($this->module_info->consultation == 'Y' && !$this->grant->manager && !$this->grant->consultation_read) { $this->consultation = TRUE; if(!Context::get('is_logged')) diff --git a/modules/board/conf/module.xml b/modules/board/conf/module.xml index dfa619e9b..7e2981f00 100644 --- a/modules/board/conf/module.xml +++ b/modules/board/conf/module.xml @@ -44,6 +44,11 @@ 發表評論 yorum yaz + + 상담글 조회 + Consultation Document Read + 相談文照会 + From 7822e9c0700f3a378333c76d2d1115527107ef83 Mon Sep 17 00:00:00 2001 From: Kyeongdae Date: Mon, 1 Feb 2016 10:45:52 +0900 Subject: [PATCH 28/45] =?UTF-8?q?=EB=AA=A8=EB=B0=94=EC=9D=BC=20=EA=B2=8C?= =?UTF-8?q?=EC=8B=9C=ED=8C=90=20=EC=83=81=EB=8B=B4=EA=B8=80=20=EC=A1=B0?= =?UTF-8?q?=ED=9A=8C=20=EA=B6=8C=ED=95=9C=20=EC=B6=94=EA=B0=80.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- modules/board/board.mobile.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/board/board.mobile.php b/modules/board/board.mobile.php index a036a0156..22d67b195 100644 --- a/modules/board/board.mobile.php +++ b/modules/board/board.mobile.php @@ -55,7 +55,7 @@ class boardMobile extends boardView * check the consultation function, if the user is admin then swich off consultation function * if the user is not logged, then disppear write document/write comment./ view document **/ - if($this->module_info->consultation == 'Y' && !$this->grant->manager) + if($this->module_info->consultation == 'Y' && !$this->grant->manager && !$this->grant->consultation_read) { $this->consultation = true; if(!Context::get('is_logged')) $this->grant->list = $this->grant->write_document = $this->grant->write_comment = $this->grant->view = false; From 05128b9f4be6a1f8492df111d1d384dc2edb0ef0 Mon Sep 17 00:00:00 2001 From: Kijin Sung Date: Tue, 26 Jul 2016 13:32:08 +0900 Subject: [PATCH 29/45] When SSL is optional, redirect to http after writing (#1939) --- common/js/common.js | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/common/js/common.js b/common/js/common.js index 0448b32d1..a420790b0 100644 --- a/common/js/common.js +++ b/common/js/common.js @@ -294,12 +294,17 @@ jQuery(function($) { } } - re = /http:\/\/([^:\/]+)(:\d+|)/i; + re = /https?:\/\/([^:\/]+)(:\d+|)/i; if (bUseSSL && re.test(uri)) { toReplace = 'https://'+RegExp.$1; if (window.https_port && https_port != 443) toReplace += ':' + https_port; uri = uri.replace(re, toReplace); } + if (!bUseSSL && re.test(uri)) { + toReplace = 'http://'+RegExp.$1; + if (window.http_port && http_port != 80) toReplace += ':' + http_port; + uri = uri.replace(re, toReplace); + } // insert index.php if it isn't included uri = uri.replace(/\/(index\.php)?\?/, '/index.php?'); From 2529939be2692921ab1030d5675c66182fcd492d Mon Sep 17 00:00:00 2001 From: Kijin Sung Date: Tue, 2 Aug 2016 16:18:32 +0900 Subject: [PATCH 30/45] Fix unit test for Validator class --- tests/unit/classes/validator/condition.en.js | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/unit/classes/validator/condition.en.js b/tests/unit/classes/validator/condition.en.js index c067b6434..159668a3e 100644 --- a/tests/unit/classes/validator/condition.en.js +++ b/tests/unit/classes/validator/condition.en.js @@ -17,5 +17,6 @@ v.cast('ADD_MESSAGE',['invalid_alpha','%s의 형식이 잘못되었습니다. v.cast('ADD_MESSAGE',['invalid_alpha_number','%s의 형식이 잘못되었습니다. 영문과 숫자로만 입력해야 합니다.']); v.cast('ADD_MESSAGE',['invalid_mid','%s의 형식이 잘못되었습니다. 첫 글자는 영문으로 시작해야 하며 \'영문+숫자+_\'로만 입력해야 합니다.']); v.cast('ADD_MESSAGE',['invalid_number','%s의 형식이 잘못되었습니다. 숫자로만 입력해야 합니다.']); +v.cast('ADD_MESSAGE',['invalid_float','%s의 형식이 잘못되었습니다. 숫자로만 입력해야 합니다.']); v.cast('ADD_MESSAGE',['invalid_extension','%s의 형식이 잘못되었습니다. *.* 나 *.jpg;*.gif; 처럼 입력해야 합니다.']); })(jQuery); From 09234c7b55410d4deeefae509d90320908806462 Mon Sep 17 00:00:00 2001 From: Kijin Sung Date: Tue, 2 Aug 2016 16:23:28 +0900 Subject: [PATCH 31/45] Import xpressengine/xe-core#1817 --- modules/member/lang/zh-TW.php | 1 + 1 file changed, 1 insertion(+) diff --git a/modules/member/lang/zh-TW.php b/modules/member/lang/zh-TW.php index 3fcd0bb9c..71d215ae3 100644 --- a/modules/member/lang/zh-TW.php +++ b/modules/member/lang/zh-TW.php @@ -180,6 +180,7 @@ $lang->about_member_default = '將成為註冊會員時的預設群組。'; $lang->about_find_member_account = '帳號/密碼將發送到您註冊時,所輸入的電子郵件當中。輸入註冊時的電子郵件地址後,請按「查詢帳號/密碼」按鈕。
'; $lang->about_temp_password = '已發送臨時密碼。
請登入後修改密碼。
'; $lang->about_ssl_port = '請輸入想要使用 SSL 預設埠口以外的埠口。'; +$lang->about_reset_auth_mail = '目前註冊的電子郵件地址為 %s 。如果你想改變你的e-mail>地址,你可以註冊更新,新的E-mail地址認證信息後重新發送郵件'; $lang->about_resend_auth_mail = '如果沒有收到認證郵件可以再重寄一次。'; $lang->no_article = '主題不存在'; $lang->find_account_question = '密碼提示問答'; From 910f7220e6af0e2a4b651b3800db73a9576af134 Mon Sep 17 00:00:00 2001 From: Kijin Sung Date: Tue, 2 Aug 2016 16:30:33 +0900 Subject: [PATCH 32/45] Import cryptographic signature functions from XE 1.8.23 --- classes/security/Password.class.php | 17 +++++++++++- common/framework/parsers/configparser.php | 2 +- common/framework/security.php | 34 +++++++++++++++++++++++ 3 files changed, 51 insertions(+), 2 deletions(-) diff --git a/classes/security/Password.class.php b/classes/security/Password.class.php index c0a1da502..993314f87 100644 --- a/classes/security/Password.class.php +++ b/classes/security/Password.class.php @@ -58,7 +58,22 @@ class Password { return Rhymix\Framework\Password::getRandomPassword($length); } - + + public function createSignature($string) + { + return Rhymix\Framework\Security::createSignature($string); + } + + public function checkSignature($string, $signature) + { + return Rhymix\Framework\Security::verifySignature($string, $signature); + } + + public function getSecretKey() + { + return config('crypto.authentication_key'); + } + public function pbkdf2($password, $salt, $algorithm = 'sha256', $iterations = 8192, $length = 24) { $hash = Rhymix\Framework\Security::pbkdf2($password, $salt, $algorithm, $iterations, $length); diff --git a/common/framework/parsers/configparser.php b/common/framework/parsers/configparser.php index 3c4edce18..cfa60dbac 100644 --- a/common/framework/parsers/configparser.php +++ b/common/framework/parsers/configparser.php @@ -160,7 +160,7 @@ class ConfigParser // Create new crypto keys. $config['crypto']['encryption_key'] = Security::getRandom(64, 'alnum'); - $config['crypto']['authentication_key'] = Security::getRandom(64, 'alnum'); + $config['crypto']['authentication_key'] = $db_info->secret_key ?: Security::getRandom(64, 'alnum'); $config['crypto']['session_key'] = Security::getRandom(64, 'alnum'); // Convert language configuration. diff --git a/common/framework/security.php b/common/framework/security.php index a474acb58..5a2803c2d 100644 --- a/common/framework/security.php +++ b/common/framework/security.php @@ -112,6 +112,40 @@ class Security return \CryptoCompat::decrypt($ciphertext, $key); } + /** + * Create a digital signature to verify the authenticity of a string. + * + * @param string $string + * @return string + */ + public static function createSignature($string) + { + $key = config('crypto.authentication_key'); + $salt = self::getRandom(8, 'alnum'); + $hash = substr(base64_encode(hash_hmac('sha256', hash_hmac('sha256', $string, $salt), $key, true)), 0, 32); + return $salt . strtr($hash, '+/', '-_'); + } + + /** + * Check whether a signature is valid. + * + * @param string $string + * @param string $signature + * @return bool + */ + public static function verifySignature($string, $signature) + { + if(strlen($signature) !== 40) + { + return false; + } + + $key = config('crypto.authentication_key'); + $salt = substr($signature, 0, 8); + $hash = substr(base64_encode(hash_hmac('sha256', hash_hmac('sha256', $string, $salt), $key, true)), 0, 32); + return self::compareStrings(substr($signature, 8), strtr($hash, '+/', '-_')); + } + /** * Generate a cryptographically secure random string. * From 2822a1d3e1a44af85420dc2f05167f1e745c111a Mon Sep 17 00:00:00 2001 From: Kijin Sung Date: Tue, 2 Aug 2016 16:35:46 +0900 Subject: [PATCH 33/45] Add unit tests for signature creation and verification routines --- tests/unit/framework/SecurityTest.php | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/tests/unit/framework/SecurityTest.php b/tests/unit/framework/SecurityTest.php index f0db07f0d..86e9c81b5 100644 --- a/tests/unit/framework/SecurityTest.php +++ b/tests/unit/framework/SecurityTest.php @@ -55,6 +55,17 @@ class SecurityTest extends \Codeception\TestCase\Test $this->assertEquals(false, $decrypted); } + public function testSignature() + { + $plaintext = Rhymix\Framework\Security::getRandom(); + + $signature = Rhymix\Framework\Security::createSignature($plaintext); + $this->assertRegexp('/^[a-zA-Z0-9-_]{40}$/', $signature); + $this->assertEquals(true, Rhymix\Framework\Security::verifySignature($plaintext, $signature)); + $this->assertEquals(false, Rhymix\Framework\Security::verifySignature($plaintext, $signature . 'x')); + $this->assertEquals(false, Rhymix\Framework\Security::verifySignature($plaintext, 'x' . $signature)); + } + public function testGetRandom() { $this->assertRegExp('/^[0-9a-zA-Z]{32}$/', Rhymix\Framework\Security::getRandom()); From 7e2894b7d3839f8cd7dde25a92402810f28d4025 Mon Sep 17 00:00:00 2001 From: Kijin Sung Date: Tue, 2 Aug 2016 16:38:47 +0900 Subject: [PATCH 34/45] Version 1.8.23 --- common/constants.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/common/constants.php b/common/constants.php index a7201c857..83cb9525d 100644 --- a/common/constants.php +++ b/common/constants.php @@ -3,7 +3,7 @@ /** * RX_VERSION is the version number of the Rhymix CMS. */ -define('RX_VERSION', '1.8.22'); +define('RX_VERSION', '1.8.23'); /** * RX_MICROTIME is the startup time of the current script, in microseconds since the Unix epoch. From 44a34229fb5cb0725fe0b4a93bcfc34562761981 Mon Sep 17 00:00:00 2001 From: Kijin Sung Date: Tue, 2 Aug 2016 16:48:46 +0900 Subject: [PATCH 35/45] Fix failing unit test in HHVM --- tests/unit/framework/SecurityTest.php | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tests/unit/framework/SecurityTest.php b/tests/unit/framework/SecurityTest.php index 86e9c81b5..6c83c595f 100644 --- a/tests/unit/framework/SecurityTest.php +++ b/tests/unit/framework/SecurityTest.php @@ -20,6 +20,7 @@ class SecurityTest extends \Codeception\TestCase\Test public function testEncryption() { $plaintext = Rhymix\Framework\Security::getRandom(); + config('crypto.encryption_key', Rhymix\Framework\Security::getRandom()); // Encryption with default key. $encrypted = Rhymix\Framework\Security::encrypt($plaintext); @@ -58,6 +59,7 @@ class SecurityTest extends \Codeception\TestCase\Test public function testSignature() { $plaintext = Rhymix\Framework\Security::getRandom(); + config('crypto.authentication_key', Rhymix\Framework\Security::getRandom()); $signature = Rhymix\Framework\Security::createSignature($plaintext); $this->assertRegexp('/^[a-zA-Z0-9-_]{40}$/', $signature); From e771e4ae0bd064b46532f4c838b3b988e8a115ae Mon Sep 17 00:00:00 2001 From: Kijin Sung Date: Fri, 5 Aug 2016 17:03:24 +0900 Subject: [PATCH 36/45] Apply non-GET/non-POST CSRF patch from XE 1.8.24 (bed604e) --- classes/module/ModuleHandler.class.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/classes/module/ModuleHandler.class.php b/classes/module/ModuleHandler.class.php index fbf27eb4a..f411d65f1 100644 --- a/classes/module/ModuleHandler.class.php +++ b/classes/module/ModuleHandler.class.php @@ -475,8 +475,8 @@ class ModuleHandler extends Handler } } - // check CSRF for POST actions - if(Context::getRequestMethod() === 'POST' && Context::isInstalled()) + // check CSRF for non-GET (POST, PUT, etc.) actions + if(Context::getRequestMethod() !== 'GET' && Context::isInstalled()) { if($xml_info->action->{$this->act} && $xml_info->action->{$this->act}->check_csrf !== 'false' && !checkCSRF()) { @@ -617,8 +617,8 @@ class ModuleHandler extends Handler } } - // check CSRF for POST actions - if(Context::getRequestMethod() === 'POST' && Context::isInstalled()) + // check CSRF for non-GET (POST, PUT, etc.) actions + if(Context::getRequestMethod() !== 'GET' && Context::isInstalled()) { if($xml_info->action->{$this->act} && $xml_info->action->{$this->act}->check_csrf !== 'false' && !checkCSRF()) { From 6a1f7844bf15036aca4d078f54184bcab00b1f53 Mon Sep 17 00:00:00 2001 From: Kijin Sung Date: Fri, 5 Aug 2016 17:12:26 +0900 Subject: [PATCH 37/45] Version 1.8.24 --- common/constants.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/common/constants.php b/common/constants.php index 83cb9525d..a8d7afa6c 100644 --- a/common/constants.php +++ b/common/constants.php @@ -3,7 +3,7 @@ /** * RX_VERSION is the version number of the Rhymix CMS. */ -define('RX_VERSION', '1.8.23'); +define('RX_VERSION', '1.8.24'); /** * RX_MICROTIME is the startup time of the current script, in microseconds since the Unix epoch. From 792a6b731be163bdb2313527beb62056fc428412 Mon Sep 17 00:00:00 2001 From: BJRambo Date: Mon, 8 Aug 2016 21:23:15 +0900 Subject: [PATCH 38/45] =?UTF-8?q?=ED=83=9C=EB=B8=94=EB=A6=BF=20=EC=84=A4?= =?UTF-8?q?=EC=A0=95=EC=97=AC=EB=B6=80=EC=99=80=20=EC=83=81=EA=B4=80?= =?UTF-8?q?=EC=97=86=EC=9D=B4=20=EB=AA=A8=EB=B0=94=EC=9D=BC=EC=B5=9C?= =?UTF-8?q?=EC=A0=81=ED=99=94=20=EB=B2=84=ED=8A=BC=EC=9D=B4=20=EB=9C=A8?= =?UTF-8?q?=EB=8A=94=20=EB=AC=B8=EC=A0=9C=20=EA=B3=A0=EC=B9=A8?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- classes/module/ModuleHandler.class.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/classes/module/ModuleHandler.class.php b/classes/module/ModuleHandler.class.php index f411d65f1..f56c1e2b4 100644 --- a/classes/module/ModuleHandler.class.php +++ b/classes/module/ModuleHandler.class.php @@ -780,7 +780,9 @@ class ModuleHandler extends Handler 'dispLayoutPreviewWithModule' => 1 ); $db_use_mobile = Mobile::isMobileEnabled(); - if($type == "view" && $this->module_info->use_mobile == "Y" && Mobile::isMobileCheckByAgent() && !isset($skipAct[Context::get('act')]) && $db_use_mobile === true) + $tablet_use = Rhymix\Framework\UA::isTablet(); + $config_talbet_use = config('mobile.tablets'); + if($type == "view" && $this->module_info->use_mobile == "Y" && Mobile::isMobileCheckByAgent() && !isset($skipAct[Context::get('act')]) && $db_use_mobile === true && ($tablet_use === true && $config_talbet_use === false) === false) { global $lang; $header = ''; From d59f7ae29c0a0506ea7b04df18e6cd0e6a1987d0 Mon Sep 17 00:00:00 2001 From: BJRambo Date: Mon, 8 Aug 2016 21:30:04 +0900 Subject: [PATCH 39/45] fixed typo --- classes/module/ModuleHandler.class.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/classes/module/ModuleHandler.class.php b/classes/module/ModuleHandler.class.php index f56c1e2b4..612906397 100644 --- a/classes/module/ModuleHandler.class.php +++ b/classes/module/ModuleHandler.class.php @@ -781,8 +781,8 @@ class ModuleHandler extends Handler ); $db_use_mobile = Mobile::isMobileEnabled(); $tablet_use = Rhymix\Framework\UA::isTablet(); - $config_talbet_use = config('mobile.tablets'); - if($type == "view" && $this->module_info->use_mobile == "Y" && Mobile::isMobileCheckByAgent() && !isset($skipAct[Context::get('act')]) && $db_use_mobile === true && ($tablet_use === true && $config_talbet_use === false) === false) + $config_telbet_use = config('mobile.tablets'); + if($type == "view" && $this->module_info->use_mobile == "Y" && Mobile::isMobileCheckByAgent() && !isset($skipAct[Context::get('act')]) && $db_use_mobile === true && ($tablet_use === true && $config_telbet_use === false) === false) { global $lang; $header = ''; From bac8a0ab9d9e58e03ab29e0714402f17180bfcf7 Mon Sep 17 00:00:00 2001 From: BJRambo Date: Mon, 8 Aug 2016 22:02:56 +0900 Subject: [PATCH 40/45] =?UTF-8?q?=EC=84=9C=EB=AA=85=EC=97=90=20=ED=8C=8C?= =?UTF-8?q?=EC=9D=BC=EC=B2=A8=EB=B6=80=EB=A5=BC=20=ED=95=A0=20=EC=88=98=20?= =?UTF-8?q?=EC=9E=88=EB=8F=84=EB=A1=9D=20=EA=B0=9C=EC=84=A0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- modules/member/member.view.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/member/member.view.php b/modules/member/member.view.php index d31360620..4ced0a57e 100644 --- a/modules/member/member.view.php +++ b/modules/member/member.view.php @@ -314,7 +314,7 @@ class memberView extends member $option = new stdClass(); $option->primary_key_name = 'member_srl'; $option->content_key_name = 'signature'; - $option->allow_fileupload = false; + $option->allow_fileupload = true; $option->enable_autosave = false; $option->enable_default_component = true; $option->enable_component = false; From def55840c5bd1e67606634bbd84c00398411a74c Mon Sep 17 00:00:00 2001 From: BJRambo Date: Wed, 10 Aug 2016 19:20:57 +0900 Subject: [PATCH 41/45] Add files upload option in member editor --- modules/member/lang/ko.php | 2 ++ modules/member/member.admin.controller.php | 3 ++- modules/member/member.model.php | 1 + modules/member/member.view.php | 9 ++++++++- modules/member/tpl/default_config.html | 8 ++++++++ 5 files changed, 21 insertions(+), 2 deletions(-) diff --git a/modules/member/lang/ko.php b/modules/member/lang/ko.php index 5497ddaa8..8166b5d2f 100644 --- a/modules/member/lang/ko.php +++ b/modules/member/lang/ko.php @@ -117,6 +117,7 @@ $lang->cmd_view_scrapped_document = '스크랩 보기'; $lang->cmd_view_saved_document = '저장함 보기'; $lang->cmd_send_email = '메일 보내기'; $lang->cmd_modify_nickname_log = '닉네임 변경 기록'; +$lang->cmd_member_file_upload = '서명에 파일 첨부 사용'; $lang->msg_email_not_exists = '이메일 주소가 존재하지 않습니다.'; $lang->msg_alreay_scrapped = '이미 스크랩된 게시물입니다.'; $lang->msg_cart_is_null = '대상을 선택해주세요.'; @@ -164,6 +165,7 @@ $lang->msg_admin_ip_not_allowed = '접속하신 IP 주소에서는 관리자 로 $lang->about_rechecked_password = '회원의 정보를 안전하게 보호하기 위해 비밀번호를 다시 한번 확인 합니다.'; $lang->about_user_id = '회원 ID는 3~20자 사이의 영문+숫자로 이루어져야 하며 영문으로 시작해야 합니다.'; $lang->about_password = '비밀번호는 6~20자로 되어야 합니다.'; +$lang->about_member_file_upload = '회원정보의 서명에 파일을 첨부할 수 있도록 합니다.'; $lang->cmd_config_password_strength = '비밀번호 보안수준'; $lang->cmd_password_hashing_algorithm = '비밀번호 암호화 알고리듬'; $lang->cmd_password_hashing_work_factor = '비밀번호 암호화 소요시간'; diff --git a/modules/member/member.admin.controller.php b/modules/member/member.admin.controller.php index e8d6da225..2c11ff038 100644 --- a/modules/member/member.admin.controller.php +++ b/modules/member/member.admin.controller.php @@ -173,7 +173,8 @@ class memberAdminController extends member 'password_hashing_algorithm', 'password_hashing_work_factor', 'password_hashing_auto_upgrade', - 'update_nickname_log' + 'update_nickname_log', + 'member_allow_fileupload' ); if(!array_key_exists($args->password_hashing_algorithm, Rhymix\Framework\Password::getSupportedAlgorithms())) diff --git a/modules/member/member.model.php b/modules/member/member.model.php index 4e076dc6d..93191b070 100644 --- a/modules/member/member.model.php +++ b/modules/member/member.model.php @@ -73,6 +73,7 @@ class memberModel extends member if(!$config->signature_editor_skin || $config->signature_editor_skin == 'default') $config->signature_editor_skin = 'ckeditor'; if(!$config->sel_editor_colorset) $config->sel_editor_colorset = 'moono'; + if(!$config->member_allow_fileupload) $config->member_allow_fileupload = 'N'; if($config->redirect_mid) { diff --git a/modules/member/member.view.php b/modules/member/member.view.php index 4ced0a57e..9e113e5b8 100644 --- a/modules/member/member.view.php +++ b/modules/member/member.view.php @@ -314,7 +314,14 @@ class memberView extends member $option = new stdClass(); $option->primary_key_name = 'member_srl'; $option->content_key_name = 'signature'; - $option->allow_fileupload = true; + if($member_config->member_allow_fileupload === 'Y') + { + $option->allow_fileupload = true; + } + else + { + $option->allow_fileupload = false; + } $option->enable_autosave = false; $option->enable_default_component = true; $option->enable_component = false; diff --git a/modules/member/tpl/default_config.html b/modules/member/tpl/default_config.html index 48f303295..2b2854325 100644 --- a/modules/member/tpl/default_config.html +++ b/modules/member/tpl/default_config.html @@ -92,6 +92,14 @@

{$lang->about_member_sync}

+
+ +
+ + +

{$lang->about_member_file_upload}

+
+
From 1d11ad7357b0387825a565d30ea7999248eeb4bf Mon Sep 17 00:00:00 2001 From: Kijin Sung Date: Wed, 10 Aug 2016 20:51:12 +0900 Subject: [PATCH 42/45] Fix #565 Allow other units in editor config --- modules/editor/editor.admin.controller.php | 10 +++++++--- modules/editor/lang/en.php | 2 ++ modules/editor/lang/ko.php | 2 ++ modules/editor/tpl/admin_index.html | 9 ++++++--- 4 files changed, 17 insertions(+), 6 deletions(-) diff --git a/modules/editor/editor.admin.controller.php b/modules/editor/editor.admin.controller.php index fa2660fd4..89e944d41 100644 --- a/modules/editor/editor.admin.controller.php +++ b/modules/editor/editor.admin.controller.php @@ -164,10 +164,14 @@ class editorAdminController extends editor $config->font_defined = $configVars->font_defined = 'N'; $config->content_font = $configVars->content_font; } - $config->content_font_size = intval($configVars->content_font_size) . 'px'; - $config->content_line_height = intval($configVars->content_line_height) . '%'; - $config->content_paragraph_spacing = intval($configVars->content_paragraph_spacing) . 'px'; + $config->content_font_size = trim($configVars->content_font_size); + $config->content_font_size = ctype_digit($config->content_font_size) ? ($config->content_font_size . 'px') : $config->content_font_size; + $config->content_line_height = trim($configVars->content_line_height); + $config->content_line_height = ctype_digit($config->content_line_height) ? ($config->content_line_height . '%') : $config->content_line_height; + $config->content_paragraph_spacing = trim($configVars->content_paragraph_spacing); + $config->content_paragraph_spacing = ctype_digit($config->content_paragraph_spacing) ? ($config->content_paragraph_spacing . '%') : $config->content_paragraph_spacing; $config->content_word_break = $configVars->content_word_break; + $config->content_word_break = in_array($config->content_word_break, array('normal', 'keep-all', 'break-all', 'none')) ? $config->content_word_break : 'normal'; $oModuleController->insertModuleConfig('editor', $config); $this->setRedirectUrl(Context::get('error_return_url')); diff --git a/modules/editor/lang/en.php b/modules/editor/lang/en.php index 12d32fbdd..0dde255e7 100644 --- a/modules/editor/lang/en.php +++ b/modules/editor/lang/en.php @@ -18,6 +18,8 @@ $lang->word_break_normal = 'Wrap Asian scripts at character boundary and Latin s $lang->word_break_keep_all = 'Wrap at word boundary'; $lang->word_break_break_all = 'Wrap at character boundary'; $lang->word_break_none = 'Do not wrap long lines'; +$lang->about_unit_default_px = 'The unit is px unless otherwise specified.'; +$lang->about_unit_default_percent = 'The unit is % unless otherwise specified.'; $lang->font_preview = 'The quick brown fox jumps over the lazy dog. いろはにほへと / ちりぬるを / わかよたれそ / つねならむ / うゐのおくやま / けふこえて / あさきゆめみし / ゑひもせす 키스의 고유 조건은 입술끼리 만나야 하고 특별한 기술은 필요치 않다.'; diff --git a/modules/editor/lang/ko.php b/modules/editor/lang/ko.php index 4d3aeb1a4..e3f322c8c 100644 --- a/modules/editor/lang/ko.php +++ b/modules/editor/lang/ko.php @@ -19,6 +19,8 @@ $lang->word_break_normal = '한글은 글자 단위로 줄바꿈, 영문은 단 $lang->word_break_keep_all = '모든 언어를 단어 단위로 줄바꿈'; $lang->word_break_break_all = '모든 언어를 글자 단위로 줄바꿈'; $lang->word_break_none = '줄을 바꾸지 않음'; +$lang->about_unit_default_px = '단위를 지정하지 않을 경우 px 단위를 사용합니다.'; +$lang->about_unit_default_percent = '단위를 지정하지 않을 경우 % 단위를 사용합니다.'; $lang->font_preview = 'The quick brown fox jumps over the lazy dog. いろはにほへと / ちりぬるを / わかよたれそ / つねならむ / うゐのおくやま / けふこえて / あさきゆめみし / ゑひもせす 키스의 고유 조건은 입술끼리 만나야 하고 특별한 기술은 필요치 않다.'; diff --git a/modules/editor/tpl/admin_index.html b/modules/editor/tpl/admin_index.html index 4054dea72..544e2f450 100644 --- a/modules/editor/tpl/admin_index.html +++ b/modules/editor/tpl/admin_index.html @@ -116,19 +116,22 @@
- px + +

{$lang->about_unit_default_px}

- % + +

{$lang->about_unit_default_percent}

- px + +

{$lang->about_unit_default_px}

From 647ede11d755c4a7da3ca42dde72c38945637ba4 Mon Sep 17 00:00:00 2001 From: Kijin Sung Date: Wed, 10 Aug 2016 21:04:09 +0900 Subject: [PATCH 43/45] Increase time limit during install; fix #560 --- modules/install/install.controller.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/modules/install/install.controller.php b/modules/install/install.controller.php index fc101f070..7de20e9ca 100644 --- a/modules/install/install.controller.php +++ b/modules/install/install.controller.php @@ -20,8 +20,8 @@ class installController extends install return new Object(-1, 'msg_already_installed'); } - $this->db_tmp_config_file = _XE_PATH_.'files/config/tmpDB.config.php'; - $this->etc_tmp_config_file = _XE_PATH_.'files/config/tmpEtc.config.php'; + // Increase time limit. + @set_time_limit(0); } /** From 81f59b83bd00b1e818517caa27354743dd1cc323 Mon Sep 17 00:00:00 2001 From: BJRambo Date: Wed, 10 Aug 2016 21:37:43 +0900 Subject: [PATCH 44/45] Fixed typo --- classes/module/ModuleHandler.class.php | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/classes/module/ModuleHandler.class.php b/classes/module/ModuleHandler.class.php index 612906397..ca736d731 100644 --- a/classes/module/ModuleHandler.class.php +++ b/classes/module/ModuleHandler.class.php @@ -780,9 +780,10 @@ class ModuleHandler extends Handler 'dispLayoutPreviewWithModule' => 1 ); $db_use_mobile = Mobile::isMobileEnabled(); + $tablet_use = Rhymix\Framework\UA::isTablet(); - $config_telbet_use = config('mobile.tablets'); - if($type == "view" && $this->module_info->use_mobile == "Y" && Mobile::isMobileCheckByAgent() && !isset($skipAct[Context::get('act')]) && $db_use_mobile === true && ($tablet_use === true && $config_telbet_use === false) === false) + $config_tablet_use = config('mobile.tablets'); + if($type == "view" && $this->module_info->use_mobile == "Y" && Mobile::isMobileCheckByAgent() && !isset($skipAct[Context::get('act')]) && $db_use_mobile === true && ($tablet_use === true && $config_tablet_use === false) === false) { global $lang; $header = ''; From 95d34eb0bf9d962d154662d5a628645a458957ff Mon Sep 17 00:00:00 2001 From: Kijin Sung Date: Wed, 10 Aug 2016 21:40:53 +0900 Subject: [PATCH 45/45] Fix #562 javascript error in widget setup page --- modules/widget/tpl/js/generate_code.js | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/modules/widget/tpl/js/generate_code.js b/modules/widget/tpl/js/generate_code.js index 1d2dc9edf..5434a9eda 100644 --- a/modules/widget/tpl/js/generate_code.js +++ b/modules/widget/tpl/js/generate_code.js @@ -121,10 +121,10 @@ function doFillWidgetVars() { if (node.name == 'widget_cache') { var widget_cache = selected_node.getAttribute(node.name); - var widget_cache_unit = widget_cache.match(/[smhd]$/i); + var widget_cache_unit = widget_cache ? widget_cache.match(/[smhd]$/i) : 'm'; if (widget_cache_unit) { jQuery("#widget_cache_unit").val(widget_cache_unit); - widget_cache = widget_cache.replace(/[smhd]$/i, ""); + widget_cache = widget_cache ? widget_cache.replace(/[smhd]$/i, "") : 0; } jQuery("#widget_cache").val(widget_cache); continue;