Version update: 1.7.5

.gitignore

@@ -2,5 +2,5 @@ config.user.inc.php
 /files/
 /build/
 /node_modules/
-.DS_Srore
+.DS_Store
 Thumbs.db

README.md

@@ -5,12 +5,10 @@ XpressEngine
 [![License](http://img.shields.io/badge/license-GNU%20LGPL-brightgreen.svg)](http://www.gnu.org/licenses/gpl.html)
 [![Latest release](http://img.shields.io/github/release/xpressengine/xe-core.svg)](https://github.com/xpressengine/xe-core/releases)
 
-XpressEngine(XE)은 PHP로 작성한 CMS(Content Management System)입니다.
-
-
+XpressEngine(XE)은 PHP로 작성한 설치형 CMS(Content Management System)입니다.
 오픈소스 라이선스로 누구나 사용 또는 개작할 수 있으며, 개방형 프로젝트로서 누구나 개발에 참여할 수 있습니다.
 
-## Supprot
+## Support
 * Official sitie (Korean) : http://www.xpressengine.com/
 
 ## Maintainers
@@ -23,17 +21,18 @@ adrian.vasile.constantin, aerofleet, @akasima, @andreimarin, araste, @bnu, @bong
 `CONTRIBUTING.md`파일을 참고하세요.
 
 ## License
-Copyright (C) NAVER Corp. <http://www.navercorp.com>
+Copyright 2014 NAVER Corp. <http://www.navercorp.com>
 
-This program is free software: you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation, either version 3 of the License, or
-(at your option) any later version.
+This program is free software; you can redistribute it and/or
+modify it under the terms of the GNU Lesser General Public
+License as published by the Free Software Foundation; either
+version 2.1 of the License, or (at your option) any later version.
 
-This program is distributed in the hope that it will be useful,
+This library is distributed in the hope that it will be useful,
 but WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-GNU General Public License for more details.
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+Lesser General Public License for more details.
 
-You should have received a copy of the GNU General Public License
-along with this program.  If not, see <http://www.gnu.org/licenses/>.
+You should have received a copy of the GNU Lesser General Public
+License along with this library; if not, write to the Free Software
+Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA

addons/blogapi/blogapi.addon.php

@@ -30,6 +30,13 @@ if($_REQUEST['act'] != 'api')
 // Read func file
 require_once(_XE_PATH_ . 'addons/blogapi/blogapi.func.php');
 
+// If HTTP_RAW_POST_DATA is NULL, Print error message
+if(!$GLOBALS['HTTP_RAW_POST_DATA'])
+{
+	$content = getXmlRpcFailure(1, 'Invalid Method Call');
+	printContent($content);
+}
+
 // xmlprc parsing
 // Parse the requested xmlrpc
 $xml = new SimpleXMLElement($GLOBALS['HTTP_RAW_POST_DATA']);
@@ -487,7 +494,7 @@ if($called_position == 'before_module_proc')
 					$post = new stdClass();
 					$post->categories = array();
 					$post->dateCreated = date("Ymd", $oDocument->getRegdateTime()) . 'T' . date("H:i:s", $oDocument->getRegdateTime());
-					$post->description = htmlspecialchars($oEditorController->transComponent($oDocument->getContent(false, false, true, false)), ENT_COMPAT | ENT_HTML401, 'UTF-8', false);
+					$post->description = sprintf('<![CDATA[%s]]>',$oEditorController->transComponent($oDocument->getContent(false, false, true, false)));
 					$post->link = $post->permaLink = getFullUrl('', 'document_srl', $oDocument->document_srl);
 					$post->postid = $oDocument->document_srl;
 					$post->title = htmlspecialchars($oDocument->get('title'), ENT_COMPAT | ENT_HTML401, 'UTF-8', false);

addons/blogapi/blogapi.func.php

@@ -31,7 +31,11 @@ function getXmlRpcResponse($params)
 // Encoding
 function _getEncodedVal($val, $is_sub_set = false)
 {
-	if(is_int($val))
+	if(preg_match('/^\<\!\[CDATA\[/',$val))
+	{
+		$buff = sprintf("<value>%s</value>", $val);
+	}
+	elseif(is_int($val))
 	{
 		$buff = sprintf("<value><i4>%d</i4></value>", $val);
 	}

addons/captcha/captcha.addon.php

@@ -12,8 +12,11 @@ if(!defined("__XE__")) exit();
 if(!class_exists('AddonCaptcha', false))
 {
 	// On the mobile mode, XE Core does not load jquery and xe.js as normal.
-	Context::loadFile(array('./common/js/jquery.min.js', 'head', NULL, -100000), true);
-	Context::loadFile(array('./common/js/xe.min.js', 'head', NULL, -100000), true);
+	if(Mobile::isFromMobilePhone())
+	{
+		Context::loadFile(array('./common/js/jquery.min.js', 'head', NULL, -100000), true);
+		Context::loadFile(array('./common/js/xe.min.js', 'head', NULL, -100000), true);
+	}
 
 	class AddonCaptcha
 	{

addons/captcha_member/captcha_member.addon.php

@@ -12,8 +12,11 @@ if(!defined("__XE__")) exit();
 if(!class_exists('AddonMemberCaptcha', false))
 {
 	// On the mobile mode, XE Core does not load jquery and xe.js as normal.
-	Context::loadFile(array('./common/js/jquery.min.js', 'head', NULL, -100000), true);
-	Context::loadFile(array('./common/js/xe.min.js', 'head', NULL, -100000), true);
+	if(Mobile::isFromMobilePhone())
+	{
+		Context::loadFile(array('./common/js/jquery.min.js', 'head', NULL, -100000), true);
+		Context::loadFile(array('./common/js/xe.min.js', 'head', NULL, -100000), true);
+	}
 
 	class AddonMemberCaptcha
 	{

addons/oembed/jquery.oembed.js

@@ -261,7 +261,7 @@
 					success: function (data) {
 						var oembedData = $.extend({}, data);
 						oembedData.code = embedProvider.templateData(data);
-						success(oembedData, externalUrl, container);
+						if(oembedData.code) success(oembedData, externalUrl, container);
 					},
 					error: settings.onError.call(container, externalUrl, embedProvider)
 				}, settings.ajaxOptions || {});
@@ -389,8 +389,8 @@
 
 	$.fn.oembed.getGenericCode = function (url, oembedData) {
 		var title = (oembedData.title !== null) ? oembedData.title : url,
-			code = '<a href="' + url + '">' + title + '</a>';
-		if(oembedData.html) code += "<div>" + oembedData.html + "</div>";
+			code = '';
+			if(oembedData.html) code += '<blockquote class="oembedall-blockquote"><strong>' + title + '</strong><br>' + jQuery(oembedData.html).text().substring(0,200) + '... <a href="'+url+'">more</a></blockquote>';
 		return code;
 	};
 
@@ -849,7 +849,7 @@
 			templateData: function (data) {
 				if(!data.parse) return false;
 				var text = data.parse['text']['*'].replace(/href="\/wiki/g, 'href="http://en.wikipedia.org/wiki');
-				return '<div id="content"><h3><a class="nav-link" href="http://en.wikipedia.org/wiki/' + data.parse['displaytitle'] + '">' + data.parse['displaytitle'] + '</a></h3>' + text + '</div>';
+				return '<div id="content"><blockquote class="oembedall-blockquote"><strong>' + data.parse['displaytitle'] + '</strong><br>' +jQuery(text).text().substring(0,200) + '...</blockquote></div>';
 			}
 		}),
 		new $.fn.oembed.OEmbedProvider("imdb", "rich", ["imdb.com/title/.+"], "http://www.imdbapi.com/?i=$1&callback=?", {

addons/resize_image/resize_image.addon.php

@@ -9,7 +9,7 @@ if(!defined('__XE__'))
  * @author NAVER (developers@xpressengine.com)
  * @brief Add-on to resize images in the body
  */
-if($called_position == 'after_module_proc' && Context::getResponseMethod() == "HTML" || !isCrawler())
+if($called_position == 'after_module_proc' && (Context::getResponseMethod() == "HTML" || !isCrawler()))
 {
 	if(Mobile::isFromMobilePhone())
 	{

classes/db/DBMssql.class.php

@@ -30,11 +30,11 @@ class DBMssql extends DB
 	var $column_type = array(
 		'bignumber' => 'bigint',
 		'number' => 'int',
-		'varchar' => 'varchar',
-		'char' => 'char',
-		'text' => 'text',
-		'bigtext' => 'text',
-		'date' => 'varchar(14)',
+		'varchar' => 'nvarchar',
+		'char' => 'nchar',
+		'text' => 'ntext',
+		'bigtext' => 'ntext',
+		'date' => 'nvarchar(14)',
 		'float' => 'float',
 	);
 

classes/db/DBMysql.class.php

@@ -85,9 +85,9 @@ class DBMysql extends DB
 			return;
 		}
 		// Error appears if the version is lower than 4.1
-		if(mysql_get_server_info($result) < "4.1")
+		if(version_compare(mysql_get_server_info($result), '4.1', '<'))
 		{
-			$this->setError(-1, "XE cannot be installed under the version of mysql 4.1. Current mysql version is " . mysql_get_server_info());
+			$this->setError(-1, 'XE cannot be installed under the version of mysql 4.1. Current mysql version is ' . mysql_get_server_info());
 			return;
 		}
 		// select db

classes/display/DisplayHandler.class.php

@@ -164,12 +164,13 @@ class DisplayHandler extends Handler
 						array(
 							'Request / Response info >>> ' . $_SERVER['REQUEST_METHOD'] . ' / ' . Context::getResponseMethod(),
 							array(
-								array('Request URI', 'Request method', 'Response method', 'Response contents size'),
+								array('Request URI', 'Request method', 'Response method', 'Response contents size', 'Memory peak usage'),
 								array(
 									sprintf("%s:%s%s%s%s", $_SERVER['SERVER_NAME'], $_SERVER['SERVER_PORT'], $_SERVER['PHP_SELF'], $_SERVER['QUERY_STRING'] ? '?' : '', $_SERVER['QUERY_STRING']),
 									$_SERVER['REQUEST_METHOD'],
 									Context::getResponseMethod(),
-									$this->content_size . ' byte'
+									$this->content_size . ' byte',
+									FileHandler::filesize(memory_get_peak_usage())
 								)
 							)
 						),

classes/display/HTMLDisplayHandler.php

@@ -63,7 +63,7 @@ class HTMLDisplayHandler
 		// add .x div for adminitration pages
 		if(Context::getResponseMethod() == 'HTML')
 		{
-			if(Context::get('module') != 'admin' && strpos(Context::get('act'), 'Admin') > 0)
+			if(Context::get('module') != 'admin' && strpos(Context::get('act'), 'Admin') > 0 && Context::get('act') != 'dispPageAdminContentModify' && Context::get('act') != 'dispPageAdminMobileContentModify')
 			{
 				$output = '<div class="x">' . $output . '</div>';
 			}
@@ -174,7 +174,7 @@ class HTMLDisplayHandler
 		$output = preg_replace_callback('!<meta(.*?)(?:\/|)>!is', array($this, '_moveMetaToHeader'), $output);
 
 		// change a meta fine(widget often put the tag like <!--Meta:path--> to the content because of caching)
-		$output = preg_replace_callback('/<!--(#)?Meta:([a-z0-9\_\/\.\@]+)-->/is', array($this, '_transMeta'), $output);
+		$output = preg_replace_callback('/<!--(#)?Meta:([a-z0-9\_\-\/\.\@]+)-->/is', array($this, '_transMeta'), $output);
 
 		// handles a relative path generated by using the rewrite module
 		if(Context::isAllowRewrite())
@@ -394,7 +394,7 @@ class HTMLDisplayHandler
 		$lang_type = Context::getLangType();
 
 		// add common JS/CSS files
-		if(__DEBUG__)
+		if(__DEBUG__ || !__XE_VERSION_STABLE__)
 		{
 			$oContext->loadFile(array('./common/js/jquery-1.x.js', 'head', 'lt IE 9', -111000), true);
 			$oContext->loadFile(array('./common/js/jquery.js', 'head', 'gte IE 9', -110000), true);
@@ -417,7 +417,7 @@ class HTMLDisplayHandler
 		// for admin page, add admin css
 		if(Context::get('module') == 'admin' || strpos(Context::get('act'), 'Admin') > 0)
 		{
-			if(__DEBUG__)
+			if(__DEBUG__ || !__XE_VERSION_STABLE__)
 			{
 				$oContext->loadFile(array('./modules/admin/tpl/css/admin.css', '', '', 10), true);
 				$oContext->loadFile(array("./modules/admin/tpl/css/admin_{$lang_type}.css", '', '', 10), true);
@@ -449,7 +449,7 @@ class HTMLDisplayHandler
 		$lang_type = Context::getLangType();
 
 		// add common JS/CSS files
-		if(__DEBUG__)
+		if(__DEBUG__ || !__XE_VERSION_STABLE__)
 		{
 			$oContext->loadFile(array('./common/css/mobile.css', '', '', -1000000), true);
 		}

classes/extravar/Extravar.class.php

@@ -249,7 +249,7 @@ class ExtraItem
 
 				for($i = 0, $c = count($values); $i < $c; $i++)
 				{
-					$values[$i] = htmlspecialchars($values[$i], ENT_COMPAT | ENT_HTML401, 'UTF-8', false);
+					$values[$i] = trim(htmlspecialchars($values[$i], ENT_COMPAT | ENT_HTML401, 'UTF-8', false));
 				}
 
 				return $values;
@@ -263,10 +263,6 @@ class ExtraItem
 				{
 					$values = explode('|@|', $value);
 				}
-				elseif(strpos($value, ',') !== false)
-				{
-					$values = explode(',', $value);
-				}
 				else
 				{
 					$values = array($value);
@@ -306,21 +302,15 @@ class ExtraItem
 			case 'textarea' :
 				return nl2br($value);
 				
-			case 'checkbox' :
-				if(is_array($value))
-				{
-					return implode(', ', $value);
-				}
-				return $value;
-				
 			case 'date' :
 				return zdate($value, "Y-m-d");
 
+			case 'checkbox' :
 			case 'select' :
 			case 'radio' :
 				if(is_array($value))
 				{
-					return implode(', ', $value);
+					return implode(',', $value);
 				}
 				return $value;
 
@@ -430,7 +420,8 @@ class ExtraItem
 				Context::loadJavascriptPlugin('ui.datepicker');
 
 				$buff[] = '<input type="hidden" name="' . $column_name . '" value="' . $value . '" />'; 
-				$buff[] =	'<input type="text" id="date_' . $column_name . '" value="' . zdate($value, 'Y-m-d') . '" class="date" /> <input type="button" value="' . Context::getLang('cmd_delete') . '" id="dateRemover_' . $column_name . '" />';
+				$buff[] =	'<input type="text" id="date_' . $column_name . '" value="' . zdate($value, 'Y-m-d') . '" class="date" />';
+				$buff[] =	'<input type="button" value="' . Context::getLang('cmd_delete') . '" class="btn" id="dateRemover_' . $column_name . '" />';
 				$buff[] =	'<script type="text/javascript">';
 				$buff[] = '//<![CDATA[';
 				$buff[] =	'(function($){';
@@ -462,6 +453,8 @@ class ExtraItem
 		}
 		if($this->desc)
 		{
+			$oModuleController = getController('module');
+			$oModuleController->replaceDefinedLangCode($this->desc);
 			$buff[] = '<p>' . htmlspecialchars($this->desc, ENT_COMPAT | ENT_HTML401, 'UTF-8', false) . '</p>';
 		}
 		

classes/file/FileHandler.class.php

@@ -640,7 +640,7 @@ class FileHandler
 				break;
 		}
 
-		return (int) $val;
+		return $val;
 	}
 
 	/**

classes/frontendfile/FrontEndFileHandler.class.php

@@ -160,7 +160,7 @@ class FrontEndFileHandler extends Handler
 
 		if(strpos($file->filePath, '://') === FALSE)
 		{
-			if(!__DEBUG__)
+			if(!__DEBUG__ && __XE_VERSION_STABLE__)
 			{
 				// if no debug mode, load minifed file
 				$minifiedFileName = implode('.', array($file->fileNameNoExt, 'min', $file->fileExtension));

classes/httprequest/XEHttpRequest.class.php

@@ -148,7 +148,7 @@ class XEHttpRequest
 		$is_chunked = FALSE;
 		while(strlen(trim($line = fgets($sock))))
 		{
-			list($equiv, $content) = preg_split('/ *: */', rtrim($line), 1);
+			list($equiv, $content) = preg_split('/ *: */', rtrim($line), 2);
 			if(!strcasecmp($equiv, 'Transfer-Encoding') && $content == 'chunked')
 			{
 				$is_chunked = TRUE;
@@ -163,7 +163,7 @@ class XEHttpRequest
 				$chunk_size = hexdec(fgets($sock));
 				if($chunk_size)
 				{
-					$body .= fread($sock, $chunk_size);
+					$body .= fgets($sock, $chunk_size+1);
 				}
 			}
 			else

classes/module/ModuleHandler.class.php

@@ -45,8 +45,12 @@ class ModuleHandler extends Handler
 		$oContext = Context::getInstance();
 		if($oContext->isSuccessInit == FALSE)
 		{
-			$this->error = 'msg_invalid_request';
-			return;
+			$logged_info = Context::get('logged_info');
+			if($logged_info->is_admin != "Y")
+			{
+				$this->error = 'msg_invalid_request';
+				return;
+			}
 		}
 
 		// Set variables from request arguments

classes/security/conf/embedWhiteUrl.xml

@@ -15,10 +15,6 @@
 			<pattern>http://api.v.daum.net/</pattern>
 			<pattern>http://tvpot.daum.net/playlist/playlist.swf</pattern>
 		</domain>
-		<domain name="http://www.mncast.com" desc="엠엔캐스트">
-			<pattern>http://dory.mncast.com/mncHMovie.swf</pattern>
-			<pattern>http://dory.mncast.com/mncastPlayer.swf</pattern>
-		</domain>
 		<domain name="http://www.youtube.com" desc="Youtube">
 			<pattern>http://www.youtube.com/v/</pattern>
 			<pattern>http://www.youtube-nocookie.com/</pattern>

common/css/xe.css

@@ -45,6 +45,10 @@ a img {
 	}
 }
 
+.xe-widget-wrapper {
+	overflow: hidden;
+}
+
 /* Popup Menu Area */
 #popup_menu_area {
 	position: absolute;

common/js/common.js

@@ -59,9 +59,9 @@ if(jQuery) jQuery.noConflict();
 			if(typeof(options.wrap) == "string") options.wrap ='#'+options.wrap;
 
 			if(options.wrap) {
-				obj = $(options.wrap).find('input[name='+itemName+']:checkbox');
+				obj = $(options.wrap).find('input[name="'+itemName+'"]:checkbox');
 			} else {
-				obj = $('input[name='+itemName+']:checkbox');
+				obj = $('input[name="'+itemName+'"]:checkbox');
 			}
 
 			if(options.checked == 'toggle') {

common/js/xe.js

@@ -58,9 +58,9 @@ if(jQuery) jQuery.noConflict();
 			if(typeof(options.wrap) == "string") options.wrap ='#'+options.wrap;
 
 			if(options.wrap) {
-				obj = $(options.wrap).find('input[name='+itemName+']:checkbox');
+				obj = $(options.wrap).find('input[name="'+itemName+'"]:checkbox');
 			} else {
-				obj = $('input[name='+itemName+']:checkbox');
+				obj = $('input[name="'+itemName+'"]:checkbox');
 			}
 
 			if(options.checked == 'toggle') {

config/config.inc.php

@@ -29,7 +29,11 @@ define('__ZBXE__', __XE__);
 /**
  * Display XE's full version.
  */
-define('__XE_VERSION__', '1.7.4.2');
+define('__XE_VERSION__', '1.7.5');
+define('__XE_VERSION_ALPHA__', (stripos(__XE_VERSION__, 'alpha') !== false));
+define('__XE_VERSION_BETA__', (stripos(__XE_VERSION__, 'beta') !== false));
+define('__XE_VERSION_RC__', (stripos(__XE_VERSION__, 'rc') !== false));
+define('__XE_VERSION_STABLE__', (!__XE_VERSION_ALPHA__ && !__XE_VERSION_BETA__ && !__XE_VERSION_RC__));
 
 /**
  * @deprecated __ZBXE_VERSION__ will be removed. Use __XE_VERSION__ instead.

config/func.inc.php

@@ -236,7 +236,46 @@ function executeQueryArray($query_id, $args = NULL, $arg_columns = NULL)
 function getNextSequence()
 {
 	$oDB = DB::getInstance();
-	return $oDB->getNextSequence();
+	$seq = $oDB->getNextSequence();
+	setUserSequence($seq);
+	return $seq;
+}
+
+/**
+ * Set Sequence number to session
+ *
+ * @param int $seq sequence number
+ * @return void
+ */
+function setUserSequence($seq)
+{
+	$arr_seq = array();
+	if(isset($_SESSION['seq']))
+	{
+		$arr_seq = $_SESSION['seq'];
+	}
+	$arr_seq[] = $seq;
+	$_SESSION['seq'] = $arr_seq;
+}
+
+/**
+ * Check Sequence number grant
+ *
+ * @param int $seq sequence number
+ * @return boolean
+ */
+function checkUserSequence($seq)
+{
+	if(!isset($_SESSION['seq']))
+	{
+		return false;
+	}
+	if(!in_array($seq, $_SESSION['seq']))
+	{
+		return false;
+	}
+
+	return true;
 }
 
 /**
@@ -776,7 +815,7 @@ function debugPrint($debug_output = NULL, $display_option = TRUE, $file = '_debu
 		}
 		$type = FirePHP::INFO;
 
-		$label = sprintf('[%s:%d] %s() (m:%s)', $file_name, $line_num, $function, FileHandler::filesize(memory_get_usage()));
+		$label = sprintf('[%s:%d] %s() (Memory usage: current=%s, peak=%s)', $file_name, $line_num, $function, FileHandler::filesize(memory_get_usage()), FileHandler::filesize(memory_get_peak_usage()));
 
 		// Check a FirePHP option
 		if($display_option === 'TABLE')

index.php

@@ -45,7 +45,7 @@ require dirname(__FILE__) . '/config/config.inc.php';
  * @brief Initialize by creating Context object
  * Set all Request Argument/Environment variables
  **/
-$oContext = &Context::getInstance();
+$oContext = Context::getInstance();
 $oContext->init();
 
 /**
@@ -59,8 +59,7 @@ if($oContext->checkSSO())
 	{
 		if($oModuleHandler->init())
 		{
-			$oModule = &$oModuleHandler->procModule();
-			$oModuleHandler->displayContent($oModule);
+			$oModuleHandler->displayContent($oModuleHandler->procModule());
 		}
 	}
 	catch(Exception $e)

modules/addon/addon.class.php

@@ -19,7 +19,6 @@ class addon extends ModuleObject
 		$oAddonController = getAdminController('addon');
 		$oAddonController->doInsert('autolink', 0, 'site', 'Y');
 		$oAddonController->doInsert('blogapi');
-		$oAddonController->doInsert('counter', 0, 'site', 'Y');
 		$oAddonController->doInsert('member_communication', 0, 'site', 'Y');
 		$oAddonController->doInsert('member_extra_info', 0, 'site', 'Y');
 		$oAddonController->doInsert('mobile', 0, 'site', 'Y');

modules/addon/tpl/setup_addon.html

@@ -100,13 +100,13 @@
 			</div>
 		</div>
 	</block>
+</block>
+</section>
 	<div class="x_clearfix btnArea">
 		<div class="x_pull-right">
 			<button type="submit" class="x_btn x_btn-primary">{$lang->cmd_save}</button>
 		</div>
 	</div>
-</block>
-</section>
 </form>
 <script>
 (function($){

modules/admin/admin.admin.model.php

@@ -95,6 +95,81 @@ class adminAdminModel extends admin
 		}
 	}
 
+	function getFTPPath()
+	{
+		$ftp_info = Context::getRequestVars();
+
+		if(!$ftp_info->ftp_host)
+		{
+			$ftp_info->ftp_host = "127.0.0.1";
+		}
+
+		if(!$ftp_info->ftp_port || !is_numeric($ftp_info->ftp_port))
+		{
+			$ftp_info->ftp_port = '22';
+		}
+
+		$connection = ftp_connect($ftp_info->ftp_host, $ftp_info->ftp_port);
+		if(!$connection)
+		{
+			return new Object(-1, sprintf(Context::getLang('msg_ftp_not_connected'), $ftp_host));
+		}
+
+		$login_result = @ftp_login($connection, $ftp_info->ftp_user, $ftp_info->ftp_password);
+		if(!$login_result)
+		{
+			ftp_close($connection);
+			return new Object(-1, 'msg_ftp_invalid_auth_info');
+		}
+
+		// create temp file
+		$pin = $_SERVER['REQUEST_TIME'];
+		FileHandler::writeFile('./files/cache/ftp_check', $pin);
+
+		// create path candidate
+		$xe_path = _XE_PATH_;
+		$path_info = array_reverse(explode('/', _XE_PATH_));
+		array_pop($path_info); // remove last '/'
+		$path_candidate = array();
+
+		$temp = '';
+		foreach($path_info as $path)
+		{
+			$temp = '/' . $path . $temp;
+			$path_candidate[] = $temp;
+		}
+
+		// try
+		foreach($path_candidate as $path)
+		{
+			// upload check file
+			if(!ftp_put($connection, $path . 'ftp_check.html', FileHandler::getRealPath('./files/cache/ftp_check'), FTP_BINARY))
+			{
+				continue;
+			}
+
+			// get check file
+			$result = FileHandler::getRemoteResource(getNotencodedFullUrl() . 'ftp_check.html');
+
+			// delete temp check file
+			ftp_delete($connection, $path . 'ftp_check.html');
+
+			// found
+			if($result == $pin)
+			{
+				$found_path = $path;
+				break;
+			}
+		}
+
+		FileHandler::removeFile('./files/cache/ftp_check', $pin);
+
+		if($found_path)
+		{
+			$this->add('found_path', $found_path);
+		}
+	}
+
 	/**
 	 * Find XE installed path on ftp
 	 */
@@ -130,6 +205,15 @@ class adminAdminModel extends admin
 			return $this->getSFTPPath();
 		}
 
+		if($ftp_info->ftp_pasv == 'N')
+		{
+			if(function_exists('ftp_connect'))
+			{
+				return $this->getFTPPath();
+			}
+			$ftp_info->ftp_pasv = "Y";
+		}
+
 		$oFTP = new ftp();
 		if(!$oFTP->ftp_connect($ftp_info->ftp_host, $ftp_info->ftp_port))
 		{
@@ -350,7 +434,7 @@ class adminAdminModel extends admin
 		$info['module'] = '';
 		$oModuleModel = getModel('module');
 		$module_list = $oModuleModel->getModuleList();
-		foreach($module_list as $module)
+		if($module_list) foreach($module_list as $module)
 		{
 			if(in_array($module->module, $skip['module']))
 			{
@@ -363,7 +447,7 @@ class adminAdminModel extends admin
 		$info['addon'] = '';
 		$oAddonAdminModel = getAdminModel('addon');
 		$addon_list = $oAddonAdminModel->getAddonList();
-		foreach($addon_list as $addon)
+		if($addon_list) foreach($addon_list as $addon)
 		{
 			if(in_array($addon->addon, $skip['addon']))
 			{
@@ -376,7 +460,7 @@ class adminAdminModel extends admin
 		$info['layout'] = "";
 		$oLayoutModel = getModel('layout');
 		$layout_list = $oLayoutModel->getDownloadedLayoutList();
-		foreach($layout_list as $layout)
+		if($layout_list) foreach($layout_list as $layout)
 		{
 			if(in_array($layout->layout, $skip['layout']))
 			{
@@ -389,7 +473,7 @@ class adminAdminModel extends admin
 		$info['widget'] = "";
 		$oWidgetModel = getModel('widget');
 		$widget_list = $oWidgetModel->getDownloadedWidgetList();
-		foreach($widget_list as $widget)
+		if($widget_list) foreach($widget_list as $widget)
 		{
 			if(in_array($widget->widget, $skip['widget']))
 			{
@@ -402,7 +486,7 @@ class adminAdminModel extends admin
 		$info['widgetstyle'] = "";
 		$oWidgetModel = getModel('widget');
 		$widgetstyle_list = $oWidgetModel->getDownloadedWidgetStyleList();
-		foreach($widgetstyle_list as $widgetstyle)
+		if($widgetstyle_list) foreach($widgetstyle_list as $widgetstyle)
 		{
 			if(in_array($widgetstyle->widgetStyle, $skip['widgetstyle']))
 			{

modules/admin/admin.admin.view.php

@@ -172,13 +172,11 @@ class adminAdminView extends admin
 
 			foreach($parentMenu['list'] as $childKey => $childMenu)
 			{
-				if($subMenuTitle == $childMenu['text'])
+				if($subMenuTitle == $childMenu['text'] && $parentSrl == 0)
 				{
 					$parentSrl = $childMenu['parent_srl'];
-					break;
 				}
 			}
-			if($parentSrl) break;
 		}
 
 		// Admin logo, title setup
@@ -350,11 +348,26 @@ class adminAdminView extends admin
 			}
 		}
 
+		$site_module_info = Context::get('site_module_info');
+		$oAddonAdminModel = getAdminModel('addon');
+		$counterAddonActivated = $oAddonAdminModel->isActivatedAddon('counter', $site_module_info->site_srl );
+		if(!$counterAddonActivated)
+		{
+			$columnList = array('member_srl', 'nick_name', 'user_name', 'user_id', 'email_address');
+			$args = new stdClass;
+			$args->page = 1;
+			$args->list_count = 5;
+			$output = executeQuery('member.getMemberList', $args, $columnList);
+			Context::set('latestMemberList', $output->data);
+			unset($args, $output, $columnList);
+		}
+
 		Context::set('module_list', $module_list);
 		Context::set('needUpdate', $isUpdated);
 		Context::set('addTables', $addTables);
 		Context::set('needUpdate', $needUpdate);
 		Context::set('newVersionList', $needUpdateList);
+		Context::set('counterAddonActivated', $counterAddonActivated);
 
 		$oSecurity = new Security();
 		$oSecurity->encodeHTML('module_list..', 'module_list..author..', 'newVersionList..');
@@ -402,10 +415,6 @@ class adminAdminView extends admin
 		$whitelist = implode("\r\n", $db_info->sitelock_whitelist);
 		Context::set('sitelock_whitelist', $whitelist);
 
-		if(gettype($db_info->admin_ip_list)!="array")
-			$db_info->admin_ip_list = array();
-		if(!in_array('127.0.0.1', $db_info->admin_ip_list)) $db_info->admin_ip_list[] = '127.0.0.1';
-		if(!in_array($_SERVER['REMOTE_ADDR'], $db_info->admin_ip_list)) $db_info->admin_ip_list[] = $_SERVER['REMOTE_ADDR'];
 
 		if($db_info->admin_ip_list) $admin_ip_list = implode("\r\n", $db_info->admin_ip_list);
 		else $admin_ip_list = '';

modules/admin/lang/lang.xml

@@ -1590,8 +1590,8 @@
 		<value xml:lang="jp"><![CDATA[HTMLタグを使用できます。]]></value>
 	</item>
 	<item name="sitelock_warning_whitelist">
-		<value xml:lang="ko"><![CDATA[이곳에 관리자의 IP를 반드시 포함해야 합니다.<br />만약 접근이 차단된 경우 './files/config/db.config.php' 파일에서 `'use_sitelock' => '<strong>Y</strong>'`를 `'use_sitelock' => '<strong>N</strong>'`으로 변경하여 차단을 해제할 수 있습니다.]]></value>
-		<value xml:lang="jp"><![CDATA[ここに管理者のIPを必ず記入てください。<br />もし接近が遮断された場合、'./files/config/db.config.php' ファイルから `'use_sitelock' => '<strong>Y</strong>'`を `'use_sitelock' => '<strong>N</strong>'`へ変更すれば遮断が解除できます。]]></value>
+		<value xml:lang="ko"><![CDATA[이곳에 관리자의 IP를 반드시 포함해야 합니다.<br />만약 접근이 차단된 경우 './files/config/db.config.php' 파일에서 `'use_sitelock' => '<strong>Y</strong>'`를 `'use_sitelock' => '<strong>N</strong>'`으로 변경하여 차단을 해제할 수 있습니다.<br />사이트 잠금 디자인 파일의 위치는 './common/tpl/sitelock.html' 입니다.]]></value>
+		<value xml:lang="jp"><![CDATA[ここに管理者のIPを必ず記入てください。<br />もし接近が遮断された場合、'./files/config/db.config.php' ファイルから `'use_sitelock' => '<strong>Y</strong>'`を `'use_sitelock' => '<strong>N</strong>'`へ変更すれば遮断が解除できます。<br />サイトロックの設計ファイルの場所は、'./commo/tpl/sitelock.html' です。]]></value>
 	</item>
 	<item name="your_ip">
 		<value xml:lang="ko"><![CDATA[접속하신 IP]]></value>

modules/admin/tpl/_dashboard_counter.html

@@ -0,0 +1,169 @@
+<div>
+	<section class="status">
+		<h2>{$lang->uv}</h2>
+		<div style="margin:10px 15px;height:142px" id="visitors"></div>
+		<div class="more">
+			<dl>
+				<dt>{$lang->menu_gnb['user']}: </dt><dd><a href="{getUrl('', 'module', 'admin', 'act', 'dispMemberAdminList')}">{number_format($status->member->totalCount)} (<!--@if($status->member->todayCount > 0)-->+<!--@end-->{number_format($status->member->todayCount)})</a></dd>
+			</dl>
+			<a href="{getUrl('', 'module', 'admin', 'act', 'dispCounterAdminIndex')}"><i>&rsaquo;</i> {$lang->details}</a>
+		</div>
+	</section>
+	<section class="status">
+		<h2>{$lang->pv}</h2>
+		<div style="margin:10px 15px;height:142px" id="page_views"></div>
+		<div class="more">
+			<dl>
+				<dt>{$lang->menu_gnb_sub['document']}: </dt><dd><a href="{getUrl('', 'module', 'admin', 'act', 'dispDocumentAdminList')}">{number_format($status->document->totalCount)} (<!--@if($status->document->todayCount > 0)-->+<!--@end-->{number_format($status->document->todayCount)})</a></dd>
+			</dl>
+			<a href="{getUrl('', 'module', 'admin', 'act', 'dispCounterAdminIndex')}"><i>&rsaquo;</i> {$lang->details}</a>
+		</div>
+	</section>
+	<style scoped>.jqplot-table-legend{background:#fff;top:13px!important}</style>
+</div>
+
+<div>
+	<section class="document">
+		<h2>{$lang->latest_documents}</h2>
+		<ul>
+			<li loop="$latestDocumentList => $key,$value">
+				{@$document = $value->variables}
+				<a href="{getUrl('', 'document_srl', $document['document_srl'])}" target="_blank"><!--@if(trim($value->getTitle()))-->{$value->getTitle()}<!--@else--><strong>{$lang->no_title_document}</strong><!--@end--></a> 
+				<span class="side">{$value->getNickName()}</span>
+				<form class="action" method="POST">
+					<input type="hidden" name="module" value="admin" />
+					<input type="hidden" name="act" value="procDocumentManageCheckedDocument" />
+					<input type="hidden" name="cart[]" value="{$document['document_srl']}" />
+					<input type="hidden" name="success_return_url" value="{getUrl('', 'module', 'admin')}" />
+					<button type="submit" name="type" value="trash" class="x_icon-trash">{$lang->cmd_trash}</button>
+					<button type="submit" name="type" value="delete" class="x_icon-remove">{$lang->cmd_delete}</button>
+				</form>
+			</li>
+			<li cond="!is_array($latestDocumentList) || count($latestDocumentList) < 1">{$lang->no_data}</li>
+		</ul>
+		<p class="more"><a href="{getUrl('', 'module', 'admin', 'act', 'dispDocumentAdminList')}"><i>&rsaquo;</i> {$lang->more}</a></p>
+	</section>
+	<section class="reply">
+		<h2>{$lang->latest_comments}</h2>
+		<ul>
+			<li loop="$latestCommentList => $key,$value">
+				<a href="{getUrl('', 'document_srl', $value->document_srl)}#comment_{$value->comment_srl}" target="_blank"><!--@if(trim($value->content))-->{$value->getSummary()}<!--@else--><strong>{$lang->no_text_comment}</strong><!--@end--></a> 
+				<span class="side">{$value->getNickName()}</span> 
+				<form class="action">
+					<input type="hidden" name="module" value="admin" />
+					<input type="hidden" name="act" value="procCommentAdminDeleteChecked" />
+					<input type="hidden" name="cart[]" value="{$value->comment_srl}" />
+					<input type="hidden" name="success_return_url" value="{getUrl('', 'module', 'admin')}" />
+					<button type="submit" name="is_trash" value="true" class="x_icon-trash">{$lang->cmd_trash}</button>
+					<button type="submit" name="is_trash" value="false" class="x_icon-remove">{$lang->cmd_delete}</button>
+				</form>
+			</li>
+			<li cond="!is_array($latestCommentList) || count($latestCommentList) < 1">{$lang->no_data}</li>
+		</ul>
+		<p class="more"><a href="{getUrl('', 'module', 'admin', 'act', 'dispCommentAdminList')}"><i>&rsaquo;</i> {$lang->more}</a></p>
+	</section>
+</div>
+
+<script>
+xe.lang.this_week = '{$lang->this_week}';
+xe.lang.last_week = '{$lang->last_week}';
+xe.lang.next_week = '{$lang->next_week}';
+xe.lang.mon = '{$lang->mon}';
+xe.lang.tue = '{$lang->tue}';
+xe.lang.wed = '{$lang->wed}';
+xe.lang.thu = '{$lang->thu}';
+xe.lang.fri = '{$lang->fri}';
+xe.lang.sat = '{$lang->sat}';
+xe.lang.sun = '{$lang->sun}';
+
+jQuery(function($)
+{
+	// Dashboard portlet UI
+	$('.dashboard>div>section>ul>li')
+	.bind('mouseenter focusin', function(){
+		$(this).addClass('hover').find('>.action').show();
+	})
+	.bind('mouseleave focusout', function()
+	{
+		if(!$(this).find(':focus').length)
+		{
+			$(this).removeClass('hover').find('>.action').hide();
+		}
+	});
+
+	// check browser version
+	if($.browser.msie == true ) {
+		var arrBrowserVersion = $.browser.version.split('.');
+		if(parseInt(arrBrowserVersion[0]) <= 8) {
+			$('#checkBrowserMessage').show();
+		}
+	}
+});
+
+function obj2Array(htObj)
+{
+	var aRes = [];
+
+	for(var x in htObj)
+	{
+		if(!htObj.hasOwnProperty(x)) continue;
+		aRes.push(htObj[x]);
+	}
+
+	return aRes;
+}
+
+jQuery(function ($)
+{
+	$.exec_json("counter.getWeeklyUniqueVisitor", {}, function(htRes)
+	{
+		var aLastWeek = obj2Array(htRes.last_week.list);
+		var aThisWeek = obj2Array(htRes.this_week.list);
+
+		drawChart("visitors", "Weekly Visitors", aLastWeek, aThisWeek);
+	});
+
+	$.exec_json("counter.getWeeklyPageView", {}, function(htRes)
+	{
+		var aLastWeek = obj2Array(htRes.last_week.list);
+		var aThisWeek = obj2Array(htRes.this_week.list);
+
+		drawChart("page_views", "Weekly Page Views", aLastWeek, aThisWeek);
+	});
+});
+
+function drawChart(sContainerId, sTitle, aLastWeek, aThisWeek)
+{
+	$ = jQuery;
+
+	var s1 = aLastWeek;
+	var s2 = aThisWeek;
+	// Can specify a custom tick Array.
+	// Ticks should match up one for each y value (category) in the series.
+	var ticks = [xe.lang.sun,xe.lang.mon,xe.lang.tue,xe.lang.wed,xe.lang.thu,xe.lang.fri,xe.lang.sat];
+
+	var plot1 = $.jqplot(sContainerId, [s1, s2], {
+		seriesDefaults:{
+			renderer:$.jqplot.BarRenderer,
+			rendererOptions: {fillToZero: true}
+		},
+		series:[
+			{label: xe.lang.last_week},
+			{label: xe.lang.this_week}
+		],
+		legend:
+		{
+			show: true,
+			placement: 'outsideGrid'
+		},
+		axes: {
+			xaxis: {
+				renderer: $.jqplot.CategoryAxisRenderer, ticks: ticks
+			},
+			yaxis: {
+				min: 0, ticks: 1, pad: 1.05
+			}
+		}
+	});
+};
+</script>

modules/admin/tpl/_dashboard_default.html

@@ -0,0 +1,66 @@
+<div>
+	<section class="member">
+		<h2>{$lang->member}</h2>
+		<ul>
+			<li loop="$latestMemberList => $key,$value">
+				{@$document = $value->variables}
+				<a href="{getUrl('', 'module', 'admin', 'act', 'dispMemberAdminInsert', 'member_srl', $value->member_srl)}" target="_blank">{$value->nick_name}</a>
+			</li>
+			<li cond="!is_array($latestMemberList) || count($latestMemberList) < 1">{$lang->no_data}</li>
+		</ul>
+		<div class="more">
+			<dl>
+				<dt>{$lang->menu_gnb['user']}: </dt><dd><a href="{getUrl('', 'module', 'admin', 'act', 'dispMemberAdminList')}">{number_format($status->member->totalCount)} (<!--@if($status->member->todayCount > 0)-->+<!--@end-->{number_format($status->member->todayCount)})</a></dd>
+			</dl>
+			<a href="{getUrl('', 'module', 'admin', 'act', 'dispMemberAdminList')}"><i>&rsaquo;</i> {$lang->more}</a>
+		</div>
+	</section>
+</div>
+
+<div>
+	<section class="document">
+		<h2>{$lang->latest_documents}</h2>
+		<ul>
+			<li loop="$latestDocumentList => $key,$value">
+				{@$document = $value->variables}
+				<a href="{getUrl('', 'document_srl', $document['document_srl'])}" target="_blank"><!--@if(trim($value->getTitle()))-->{$value->getTitle()}<!--@else--><strong>{$lang->no_title_document}</strong><!--@end--></a> 
+				<span class="side">{$value->getNickName()}</span>
+				<form class="action" method="POST">
+					<input type="hidden" name="module" value="admin" />
+					<input type="hidden" name="act" value="procDocumentManageCheckedDocument" />
+					<input type="hidden" name="cart[]" value="{$document['document_srl']}" />
+					<input type="hidden" name="success_return_url" value="{getUrl('', 'module', 'admin')}" />
+					<button type="submit" name="type" value="trash" class="x_icon-trash">{$lang->cmd_trash}</button>
+					<button type="submit" name="type" value="delete" class="x_icon-remove">{$lang->cmd_delete}</button>
+				</form>
+			</li>
+			<li cond="!is_array($latestDocumentList) || count($latestDocumentList) < 1">{$lang->no_data}</li>
+		</ul>
+		<div class="more">
+			<dl>
+				<dt>{$lang->menu_gnb_sub['document']}: </dt><dd><a href="{getUrl('', 'module', 'admin', 'act', 'dispDocumentAdminList')}">{number_format($status->document->totalCount)} (<!--@if($status->document->todayCount > 0)-->+<!--@end-->{number_format($status->document->todayCount)})</a></dd>
+			</dl>
+			<a href="{getUrl('', 'module', 'admin', 'act', 'dispDocumentAdminList')}"><i>&rsaquo;</i> {$lang->more}</a>
+		</div>
+	</section>
+	<section class="reply">
+		<h2>{$lang->latest_comments}</h2>
+		<ul>
+			<li loop="$latestCommentList => $key,$value">
+				<a href="{getUrl('', 'document_srl', $value->document_srl)}#comment_{$value->comment_srl}" target="_blank"><!--@if(trim($value->content))-->{$value->getSummary()}<!--@else--><strong>{$lang->no_text_comment}</strong><!--@end--></a> 
+				<span class="side">{$value->getNickName()}</span> 
+				<form class="action">
+					<input type="hidden" name="module" value="admin" />
+					<input type="hidden" name="act" value="procCommentAdminDeleteChecked" />
+					<input type="hidden" name="cart[]" value="{$value->comment_srl}" />
+					<input type="hidden" name="success_return_url" value="{getUrl('', 'module', 'admin')}" />
+					<button type="submit" name="is_trash" value="true" class="x_icon-trash">{$lang->cmd_trash}</button>
+					<button type="submit" name="is_trash" value="false" class="x_icon-remove">{$lang->cmd_delete}</button>
+				</form>
+			</li>
+			<li cond="!is_array($latestCommentList) || count($latestCommentList) < 1">{$lang->no_data}</li>
+		</ul>
+		<p class="more"><a href="{getUrl('', 'module', 'admin', 'act', 'dispCommentAdminList')}"><i>&rsaquo;</i> {$lang->more}</a></p>
+	</section>
+</div>
+

modules/admin/tpl/css/admin.bootstrap.css

@@ -751,7 +751,7 @@
 .x [class^="x_icon-"], 
 .x [class*=" x_icon-"]{display:inline-block;width:14px;height:14px;margin-top:1px;*margin-right:.3em;line-height:14px;vertical-align:text-top;background-image:url("../img/glyphicons-halflings.png");background-position:14px 14px;background-repeat:no-repeat}
 /* White icons with optional class, or on hover/active states of certain elements */
-.x .x_icon-white, 
+#gnb.gnb.open .x_icon-white, 
 .x .x_nav-pills>.x_active>a>[class^="x_icon-"], 
 .x .x_nav-pills>.x_active>a>[class*=" x_icon-"], 
 .x .x_nav-list>.x_active>a>[class^="x_icon-"], 
@@ -1591,4 +1591,4 @@ to{background-position:0 0}
 .x .x_hide{display:none}
 .x .x_show{display:block}
 .x .x_invisible{visibility:hidden}
-.x .x_affix{position:fixed}
+.x .x_affix{position:fixed}

modules/admin/tpl/css/admin.css

@@ -358,6 +358,9 @@ body>.x,
 .x_modal-backdrop {
 	display: none;
 }
+.x_modal {
+	top: 30px;
+}
 .x_modal-backdrop {
 	opacity: .6;
 	filter: alpha(opacity=60);
@@ -410,7 +413,7 @@ body>.x,
 	min-width: 220px;
 }
 .x .x_form-horizontal .x_control-group {
-	margin-bottom: 10px;
+margin-bottom: 10px;
 }
 .x input[type="text"], 
 .x input[type="password"], 
@@ -1421,6 +1424,9 @@ body>.x,
 .x .dashboard>div>.status dl a {
 	color: #767676;
 }
+.x .dashboard>div>.member>h2:before {
+	background-position: -168px 0px;
+}
 .x .dashboard>div>.document>h2:before {
 	background-position: -264px -48px;
 }
@@ -1439,6 +1445,32 @@ body>.x,
 .x .dashboard>div>section>.more i {
 	font: 12px Tahoma, Geneva, sans-serif;
 }
+.x .dashboard>div>section>.more dl {
+	color: #767676;
+	display: inline-block;
+	*display: inline;
+	zoom: 1;
+	margin: 0 8px 0 0;
+	padding: 1px 8px 0;
+	font: 11px/1 돋움, Dotum, Arial, Helvetica, sans-serif;
+	background: #fff;
+	box-shadow: 0 0 3px #999 inset;
+	border-radius: 3px;
+	min-width: 60px;
+	text-align: center;
+}
+.x .dashboard>div>section>.more dt {
+	display: inline;
+	font-weight: normal;
+}
+.x .dashboard>div>section>.more dd {
+	display: inline;
+	margin: 0;
+}
+.x .dashboard>div>section>.more dl a {
+	color: #767676;
+}
+
 .x .dashboard>div>section ul {
 	list-style: none;
 	margin: 10px;

modules/admin/tpl/index.html

@@ -48,173 +48,13 @@
 	</div>
 	
 	<div class="dashboard">
-		<div>
-			<section class="status">
-				<h2>{$lang->uv}</h2>
-				<div style="margin:10px 15px;height:142px" id="visitors"></div>
-				<div class="more">
-					<dl>
-						<dt>{$lang->menu_gnb['user']}: </dt><dd><a href="{getUrl('', 'module', 'admin', 'act', 'dispMemberAdminList')}">{number_format($status->member->totalCount)} (<!--@if($status->member->todayCount > 0)-->+<!--@end-->{number_format($status->member->todayCount)})</a></dd>
-					</dl>
-					<a href="{getUrl('', 'module', 'admin', 'act', 'dispCounterAdminIndex')}"><i>&rsaquo;</i> {$lang->details}</a>
-				</div>
-			</section>
-			<section class="status">
-				<h2>{$lang->pv}</h2>
-				<div style="margin:10px 15px;height:142px" id="page_views"></div>
-				<div class="more">
-					<dl>
-						<dt>{$lang->menu_gnb_sub['document']}: </dt><dd><a href="{getUrl('', 'module', 'admin', 'act', 'dispDocumentAdminList')}">{number_format($status->document->totalCount)} (<!--@if($status->document->todayCount > 0)-->+<!--@end-->{number_format($status->document->todayCount)})</a></dd>
-					</dl>
-					<a href="{getUrl('', 'module', 'admin', 'act', 'dispCounterAdminIndex')}"><i>&rsaquo;</i> {$lang->details}</a>
-				</div>
-			</section>
-			<style scoped>.jqplot-table-legend{background:#fff;top:13px!important}</style>
-		</div>
-		<div>
-			<section class="document">
-				<h2>{$lang->latest_documents}</h2>
-				<ul>
-					<li loop="$latestDocumentList => $key,$value">
-						{@$document = $value->variables}
-						<a href="{getUrl('', 'document_srl', $document['document_srl'])}" target="_blank"><!--@if(trim($value->getTitle()))-->{$value->getTitle()}<!--@else--><strong>{$lang->no_title_document}</strong><!--@end--></a> 
-						<span class="side">{$value->getNickName()}</span>
-						<form class="action" method="POST">
-							<input type="hidden" name="module" value="admin" />
-							<input type="hidden" name="act" value="procDocumentManageCheckedDocument" />
-							<input type="hidden" name="cart[]" value="{$document['document_srl']}" />
-							<input type="hidden" name="success_return_url" value="{getUrl('', 'module', 'admin')}" />
-							<button type="submit" name="type" value="trash" class="x_icon-trash">{$lang->cmd_trash}</button>
-							<button type="submit" name="type" value="delete" class="x_icon-remove">{$lang->cmd_delete}</button>
-						</form>
-					</li>
-					<li cond="!is_array($latestDocumentList) || count($latestDocumentList) < 1">{$lang->no_data}</li>
-				</ul>
-				<p class="more"><a href="{getUrl('', 'module', 'admin', 'act', 'dispDocumentAdminList')}"><i>&rsaquo;</i> {$lang->more}</a></p>
-			</section>
-			<section class="reply">
-				<h2>{$lang->latest_comments}</h2>
-				<ul>
-					<li loop="$latestCommentList => $key,$value">
-						<a href="{getUrl('', 'document_srl', $value->document_srl)}#comment_{$value->comment_srl}" target="_blank"><!--@if(trim($value->content))-->{$value->getSummary()}<!--@else--><strong>{$lang->no_text_comment}</strong><!--@end--></a> 
-						<span class="side">{$value->getNickName()}</span> 
-						<form class="action">
-							<input type="hidden" name="module" value="admin" />
-							<input type="hidden" name="act" value="procCommentAdminDeleteChecked" />
-							<input type="hidden" name="cart[]" value="{$value->comment_srl}" />
-							<input type="hidden" name="success_return_url" value="{getUrl('', 'module', 'admin')}" />
-							<button type="submit" name="is_trash" value="true" class="x_icon-trash">{$lang->cmd_trash}</button>
-							<button type="submit" name="is_trash" value="false" class="x_icon-remove">{$lang->cmd_delete}</button>
-						</form>
-					</li>
-					<li cond="!is_array($latestCommentList) || count($latestCommentList) < 1">{$lang->no_data}</li>
-				</ul>
-				<p class="more"><a href="{getUrl('', 'module', 'admin', 'act', 'dispCommentAdminList')}"><i>&rsaquo;</i> {$lang->more}</a></p>
-			</section>
-		</div>
+		<block cond="$counterAddonActivated">
+			<include target="./_dashboard_counter.html" />
+		</block>
+		<block cond="!$counterAddonActivated">
+			<include target="./_dashboard_default.html" />
+		</block>
 	</div>
 </div>
 <include target="./_footer.html" />
-<script>
-xe.lang.this_week = '{$lang->this_week}';
-xe.lang.last_week = '{$lang->last_week}';
-xe.lang.next_week = '{$lang->next_week}';
-xe.lang.mon = '{$lang->mon}';
-xe.lang.tue = '{$lang->tue}';
-xe.lang.wed = '{$lang->wed}';
-xe.lang.thu = '{$lang->thu}';
-xe.lang.fri = '{$lang->fri}';
-xe.lang.sat = '{$lang->sat}';
-xe.lang.sun = '{$lang->sun}';
 
-jQuery(function($)
-{
-	// Dashboard portlet UI
-	$('.dashboard>div>section>ul>li')
-	.bind('mouseenter focusin', function(){
-		$(this).addClass('hover').find('>.action').show();
-	})
-	.bind('mouseleave focusout', function()
-	{
-		if(!$(this).find(':focus').length)
-		{
-			$(this).removeClass('hover').find('>.action').hide();
-		}
-	});
-
-	// check browser version
-	if($.browser.msie == true ) {
-		var arrBrowserVersion = $.browser.version.split('.');
-		if(parseInt(arrBrowserVersion[0]) <= 8) {
-			$('#checkBrowserMessage').show();
-		}
-	}
-});
-
-function obj2Array(htObj)
-{
-	var aRes = [];
-
-	for(var x in htObj)
-	{
-		if(!htObj.hasOwnProperty(x)) continue;
-		aRes.push(htObj[x]);
-	}
-
-	return aRes;
-}
-
-jQuery(function ($)
-{
-	$.exec_json("counter.getWeeklyUniqueVisitor", {}, function(htRes)
-	{
-		var aLastWeek = obj2Array(htRes.last_week.list);
-		var aThisWeek = obj2Array(htRes.this_week.list);
-
-		drawChart("visitors", "Weekly Visitors", aLastWeek, aThisWeek);
-	});
-
-	$.exec_json("counter.getWeeklyPageView", {}, function(htRes)
-	{
-		var aLastWeek = obj2Array(htRes.last_week.list);
-		var aThisWeek = obj2Array(htRes.this_week.list);
-
-		drawChart("page_views", "Weekly Page Views", aLastWeek, aThisWeek);
-	});
-});
-
-function drawChart(sContainerId, sTitle, aLastWeek, aThisWeek)
-{
-	$ = jQuery;
-
-	var s1 = aLastWeek;
-	var s2 = aThisWeek;
-	// Can specify a custom tick Array.
-	// Ticks should match up one for each y value (category) in the series.
-	var ticks = [xe.lang.sun,xe.lang.mon,xe.lang.tue,xe.lang.wed,xe.lang.thu,xe.lang.fri,xe.lang.sat];
-
-	var plot1 = $.jqplot(sContainerId, [s1, s2], {
-		seriesDefaults:{
-			renderer:$.jqplot.BarRenderer,
-			rendererOptions: {fillToZero: true}
-		},
-		series:[
-			{label: xe.lang.last_week},
-			{label: xe.lang.this_week}
-		],
-		legend:
-		{
-			show: true,
-			placement: 'outsideGrid'
-		},
-		axes: {
-			xaxis: {
-				renderer: $.jqplot.CategoryAxisRenderer, ticks: ticks
-			},
-			yaxis: {
-				min: 0, ticks: 1, pad: 1.05
-			}
-		}
-	});
-};
-</script>

modules/admin/tpl/js/admin.js

@@ -422,6 +422,14 @@ jQuery(function($){
 				var zIndex = xeModalInitailZIndex + ((xeModalStack.length - 1) * 2);
 
 				$xeModalBackdrop.css('z-index', zIndex).show();
+				var xeModalBackdropHeight = $xeModalBackdrop.height();
+				var modalBodyHeight = xeModalBackdropHeight;
+				modalBodyHeight -= $modal.find('.x_modal-header:visible').height();
+				modalBodyHeight -= $modal.find('.x_modal-footer:visible').height();
+				modalBodyHeight -= 150;
+
+				$modal.find('.x_modal-body').css('height', modalBodyHeight);
+
 				$modal.css('z-index', zIndex + 1);
 			})
 			.bind('close.mw', function(){

modules/board/board.admin.view.php

@@ -55,7 +55,7 @@ class boardAdminView extends board {
 
 		// install order (sorting) options
 		foreach($this->order_target as $key) $order_target[$key] = Context::getLang($key);
-		$order_target['list_order'] = Context::getLang('document_srl');
+		$order_target['list_order'] = Context::getLang('regdate');
 		$order_target['update_order'] = Context::getLang('last_update');
 		Context::set('order_target', $order_target);
 	}

modules/board/board.class.php

@@ -11,7 +11,7 @@ class board extends ModuleObject
 {
 	var $search_option = array('title','content','title_content','comment','user_name','nick_name','user_id','tag'); ///< 검색 옵션
 
-	var $order_target = array('list_order', 'update_order', 'regdate', 'voted_count', 'blamed_count', 'readed_count', 'comment_count', 'title'); // 정렬 옵션
+	var $order_target = array('list_order', 'update_order', 'voted_count', 'blamed_count', 'readed_count', 'comment_count', 'title'); // 정렬 옵션
 
 	var $skin = "default"; ///< skin name
 	var $list_count = 20; ///< the number of documents displayed in a page

modules/board/board.controller.php

@@ -76,6 +76,15 @@ class boardController extends board
 			$bAnonymous = false;
 		}
 
+		if((!$obj->status && $obj->is_secret == 'Y') || strtoupper($obj->status == 'SECRET'))
+		{
+			$use_status = explode('|@|', $this->module_info->use_status);
+			if(!is_array($use_status) || !in_array('SECRET', $use_status))
+			{
+				$obj->status = 'PUBLIC';
+			}
+		}
+
 		// update the document if it is existed
 		if($oDocument->isExists() && $oDocument->document_srl == $obj->document_srl)
 		{

modules/board/board.mobile.php

@@ -24,11 +24,29 @@ class boardMobile extends boardView
 			$this->module_info->secret = 'Y';
 		}
 
-		//If category are exsist, set value 'use_category' to 'Y'
-		if(count($oDocumentModel->getCategoryList($this->module_info->module_srl)))
-			$this->module_info->use_category = 'Y';
+		// use_category <=1.5.x, hide_category >=1.7.x
+		$count_category = count($oDocumentModel->getCategoryList($this->module_info->module_srl));
+		if($count_category)
+		{
+			if($this->module_info->hide_category)
+			{
+				$this->module_info->use_category = ($this->module_info->hide_category == 'Y') ? 'N' : 'Y';
+			}
+			else if($this->module_info->use_category)
+			{
+				$this->module_info->hide_category = ($this->module_info->use_category == 'Y') ? 'N' : 'Y';
+			}
+			else
+			{
+				$this->module_info->hide_category = 'N';
+				$this->module_info->use_category = 'Y';
+			}
+		}
 		else
+		{
+			$this->module_info->hide_category = 'Y';
 			$this->module_info->use_category = 'N';
+		}
 
 		/**
 		 * check the consultation function, if the user is admin then swich off consultation function

modules/board/conf/info.xml

@@ -18,8 +18,8 @@
 	<description xml:lang="ru">Модуль для функционирования форума. Также включает в себя функции администратора такие как создание/управление форумами.</description>
 	<description xml:lang="zh-TW">提供用戶相對應的討論板功能，包含建立/新增及管理等功能。</description>
 	<description xml:lang="tr">Pano yapılandırmaları için kullanılan modüldür. Ayrıca oluşturma/yönetme gibi yönetici özellikleri de içerir.</description>
-	<version>1.7.2-beta.3</version>
-	<date>2014-01-09</date>
+	<version>1.7.2</version>
+	<date>2014-03-20</date>
 	<category>service</category>
 
 	<author email_address="developers@xpressengine.com" link="http://xpressengine.com/">

modules/board/queries/getBoardList.xml

@@ -11,8 +11,8 @@
             <condition operation="like" column="mid" var="s_mid" pipe="or" />
             <condition operation="like" column="browser_title" var="s_browser_title" pipe="or" />
             <condition operation="like" column="comment" var="s_comment" pipe="or" />
-            <condition operation="equal" column="module_category_srl" var="s_module_category_srl" pipe="or" />
         </group>
+        <condition operation="equal" column="module_category_srl" var="s_module_category_srl" pipe="and" />
     </conditions>
     <navigation>
         <index var="sort_index" default="module_srl" order="desc" />

modules/board/skins/default/list.html

@@ -11,9 +11,9 @@
 				<th scope="col" cond="$val->type=='nick_name' && $val->idx==-1"><span>{$lang->writer}</span></th>
 				<th scope="col" cond="$val->type=='user_id' && $val->idx==-1"><span>{$lang->user_id}</span></th>
 				<th scope="col" cond="$val->type=='user_name' && $val->idx==-1"><span>{$lang->user_name}</span></th>
-				<th scope="col" cond="$val->type=='regdate' && $val->idx==-1"><span><a href="{getUrl('sort_index','regdate','order_type',$order_type)}">{$lang->date}</a></span></th>
-				<th scope="col" cond="$val->type=='last_update' && $val->idx==-1"><span><a href="{getUrl('sort_index','last_update','order_type',$order_type)}">{$lang->last_update}</a></span></th>
-				<th scope="col" cond="$val->type=='last_post' && $val->idx==-1"><span><a href="{getUrl('sort_index','last_update','order_type',$order_type)}">{$lang->last_post}</a></span></th>
+				<th scope="col" cond="$val->type=='regdate' && $val->idx==-1"><span><a href="{getUrl('sort_index','list_order','order_type',$order_type)}">{$lang->date}</a></span></th>
+				<th scope="col" cond="$val->type=='last_update' && $val->idx==-1"><span><a href="{getUrl('sort_index','update_order','order_type',$order_type)}">{$lang->last_update}</a></span></th>
+				<th scope="col" cond="$val->type=='last_post' && $val->idx==-1"><span><a href="{getUrl('sort_index','update_order','order_type',$order_type)}">{$lang->last_post}</a></span></th>
 				<th scope="col" cond="$val->type=='readed_count' && $val->idx==-1"><span><a href="{getUrl('sort_index','readed_count','order_type',$order_type)}">{$lang->readed_count}</a></span></th>
 				<th scope="col" cond="$val->type=='voted_count' && $val->idx==-1"><span><a href="{getUrl('sort_index','voted_count','order_type',$order_type)}">{$lang->voted_count}</a></span></th>
 				<th scope="col" cond="$val->type=='blamed_count' && $val->idx==-1"><span><a href="{getUrl('sort_index','blamed_count','order_type',$order_type)}">{$lang->blamed_count}</a></span></th>

modules/board/tpl/index.html

@@ -89,8 +89,9 @@
 <form action="" class="search x_input-append center" no-error-return-url="true">
 	<input loop="$param => $key, $val" cond="!in_array($key, array('mid', 'vid', 'act', 'page', 'search_target', 'search_keyword'))" type="hidden" name="{$key}" value="{$val}" />
 	<select cond="count($module_category)" name="module_category_srl" title="{$lang->module_category}" style="margin-right:4px">
+		<option value="" selected="selected"|cond="!$module_category_srl">{$lang->all}</option>
 		<option value="0" selected="selected"|cond="$module_category_srl==='0'">{$lang->not_exists}</option>
-		<option value="{$key}" loop="$module_category => $key,$val"  selected="selected"|cond="$module_category==$key">{$val->title}</option>
+		<option value="{$key}" loop="$module_category => $key,$val"  selected="selected"|cond="$module_category_srl==$key">{$val->title}</option>
 	</select>
 	<select name="search_target" title="{$lang->search_target}" style="margin-right:4px">
 		<option value="mid" selected="selected"|cond="$search_target=='mid'">{$lang->mid}</option>
@@ -124,4 +125,4 @@ jQuery(function($){
 		}
 	});
 });
-</script>
+</script>

modules/comment/comment.admin.controller.php

@@ -340,6 +340,35 @@ class commentAdminController extends comment
 		}
 	}
 
+	/**
+	  * @fn procCommentAdminMoveToTrash
+	  * @brief move a comment to trash
+	  * @see commentModel::getCommentMenu
+	  */
+	function procCommentAdminMoveToTrash()
+	{
+		$oDB = DB::getInstance();
+		$oDB->begin();
+
+		$comment_srl = Context::get('comment_srl');
+		$oCommentModel = getModel('comment');
+		$oCommentController = getController('comment');
+		$oComment = $oCommentModel->getComment($comment_srl, false);
+
+		if(!$oComment->isGranted()) return $this->stop('msg_not_permitted');
+
+		$message_content = "";
+		$this->_moveCommentToTrash(array($comment_srl), $oCommentController, $oDB, $message_content);
+
+		$isTrash = true;
+		$output = $oCommentController->deleteComment($comment_srl, TRUE, $isTrash);
+
+		$oDB->commit();
+
+		$returnUrl = Context::get('cur_url');
+		$this->add('redirect_url', $returnUrl);
+	}
+
 	/**
 	 * Cancel the blacklist of abused comments reported by other users
 	 * @return void|object
@@ -443,7 +472,7 @@ class commentAdminController extends comment
 		$obj->module_srl = $originObject->module_srl;
 
 		$oCommentController = getController('comment');
-		$output = $oCommentController->insertComment($obj);
+		$output = $oCommentController->insertComment($obj, true);
 
 		return $output;
 	}

modules/comment/comment.admin.view.php

@@ -52,7 +52,7 @@ class commentAdminView extends comment
 		// get a list by using comment->getCommentList. 
 		$oCommentModel = getModel('comment');
 		$secretNameList = $oCommentModel->getSecretNameList();
-		$columnList = array('comment_srl', 'document_srl', 'is_secret', 'status', 'content', 'comments.member_srl', 'comments.nick_name', 'comments.regdate', 'ipaddress', 'voted_count', 'blamed_count');
+		$columnList = array('comment_srl', 'document_srl','module_srl','is_secret', 'status', 'content', 'comments.member_srl', 'comments.nick_name', 'comments.regdate', 'ipaddress', 'voted_count', 'blamed_count');
 		$output = $oCommentModel->getTotalCommentList($args, $columnList);
 
 		// $modules = $oCommentModel->getDistinctModules();
@@ -66,6 +66,31 @@ class commentAdminView extends comment
 		// Context::set('modules_list', $modules_list);
 		Context::set('page_navigation', $output->page_navigation);
 		Context::set('secret_name_list', $secretNameList);
+
+		$oModuleModel = getModel('module');
+		$module_list = array();
+		$mod_srls = array();
+		foreach($output->data as $val)
+		{
+			$mod_srls[] = $val->module_srl;
+		}
+		$mod_srls = array_unique($mod_srls);
+		// Module List
+		$mod_srls_count = count($mod_srls);
+		if($mod_srls_count)
+		{
+			$columnList = array('module_srl', 'mid', 'browser_title');
+			$module_output = $oModuleModel->getModulesInfo($mod_srls, $columnList);
+			if($module_output && is_array($module_output))
+			{
+				foreach($module_output as $module)
+				{
+					$module_list[$module->module_srl] = $module;
+				}
+			}
+		}
+		Context::set('module_list', $module_list);
+
 		// set the template 
 		$this->setTemplatePath($this->module_path . 'tpl');
 		$this->setTemplateFile('comment_list');

modules/comment/comment.controller.php

@@ -300,6 +300,10 @@ class commentController extends comment
 		{
 			$obj->comment_srl = getNextSequence();
 		}
+		elseif(!$is_admin && !$manual_inserted && !checkUserSequence($obj->comment_srl)) 
+		{
+			return new Object(-1, 'msg_not_permitted');
+		}
 
 		// determine the order
 		$obj->list_order = getNextSequence() * -1;
@@ -516,18 +520,22 @@ class commentController extends comment
 			$oMail->setSender($obj->email_address, $obj->email_address);
 			$mail_title = "[XE - " . Context::get('mid') . "] A new comment was posted on document: \"" . $oDocument->getTitleText() . "\"";
 			$oMail->setTitle($mail_title);
+			$url_comment = getFullUrl('','document_srl',$obj->document_srl).'#comment_'.$obj->comment_srl;
 			if($using_validation)
 			{
-				$url_approve = getFullUrl('', 'module', 'comment', 'act', 'procCommentAdminChangePublishedStatusChecked', 'cart[]', $obj->comment_srl, 'will_publish', '1', 'search_target', 'is_published', 'search_keyword', 'N');
-				$url_trash = getFullUrl('', 'module', 'comment', 'act', 'procCommentAdminDeleteChecked', 'cart[]', $obj->comment_srl, 'search_target', 'is_trash', 'search_keyword', 'true');
+				$url_approve = getFullUrl('', 'module', 'admin', 'act', 'procCommentAdminChangePublishedStatusChecked', 'cart[]', $obj->comment_srl, 'will_publish', '1', 'search_target', 'is_published', 'search_keyword', 'N');
+				$url_trash = getFullUrl('', 'module', 'admin', 'act', 'procCommentAdminDeleteChecked', 'cart[]', $obj->comment_srl, 'search_target', 'is_trash', 'search_keyword', 'true');
 				$mail_content = "
 					A new comment on the document \"" . $oDocument->getTitleText() . "\" is waiting for your approval.
 					<br />
 					<br />
 					Author: " . $member_info->nick_name . "
 					<br />Author e-mail: " . $member_info->email_address . "
+					<br />From : <a href=\"" . $url_comment . "\">" . $url_comment . "</a>
 					<br />Comment:
 					<br />\"" . $obj->content . "\"
+					<br />Document:
+					<br />\"" . $oDocument->getContentText(). "\"
 					<br />
 					<br />
 					Approve it: <a href=\"" . $url_approve . "\">" . $url_approve . "</a>
@@ -542,8 +550,11 @@ class commentController extends comment
 				$mail_content = "
 					Author: " . $member_info->nick_name . "
 					<br />Author e-mail: " . $member_info->email_address . "
+					<br />From : <a href=\"" . $url_comment . "\">" . $url_comment . "</a>
 					<br />Comment:
 					<br />\"" . $obj->content . "\"
+					<br />Document:
+					<br />\"" . $oDocument->getContentText(). "\"
 					";
 				$oMail->setContent($mail_content);
 
@@ -843,18 +854,27 @@ class commentController extends comment
 		// call a trigger (after)
 		if($output->toBool())
 		{
+			$comment->isMoveToTrash = $isMoveToTrash;
 			$trigger_output = ModuleHandler::triggerCall('comment.deleteComment', 'after', $comment);
 			if(!$trigger_output->toBool())
 			{
 				$oDB->rollback();
 				return $trigger_output;
 			}
+			unset($comment->isMoveToTrash);
 		}
 
 		if(!$isMoveToTrash)
 		{
 			$this->_deleteDeclaredComments($args);
 			$this->_deleteVotedComments($args);
+		} 
+		else 
+		{
+			$args = new stdClass();
+			$args->upload_target_srl = $comment_srl;
+			$args->isvalid = 'N';
+			$output = executeQuery('file.updateFileValid', $args);
 		}
 
 		// commit
@@ -1087,7 +1107,17 @@ class commentController extends comment
 		$_SESSION['voted_comment'][$comment_srl] = TRUE;
 
 		// Return the result
-		return new Object(0, $success_message);
+		$output = new Object(0, $success_message);
+		if($point > 0)
+		{
+			$output->add('voted_count', $obj->after_point);
+		}
+		else
+		{
+			$output->add('blamed_count', $obj->after_point);
+		}
+
+		return $output;
 	}
 
 	/**

modules/comment/comment.model.php

@@ -76,6 +76,13 @@ class commentModel extends comment
 		// call a trigger (after)
 		ModuleHandler::triggerCall('comment.getCommentMenu', 'after', $menu_list);
 
+		if($this->grant->manager){
+			$str_confirm = Context::getLang('confirm_move');
+			$url = sprintf("if(!confirm('%s')) return; var params = new Array(); params['comment_srl']='%s'; params['mid']=current_mid;params['cur_url']=current_url; exec_xml('comment', 'procCommentAdminMoveToTrash', params)", $str_confirm, $comment_srl);
+			$oCommentController->addCommentPopupMenu($url,'cmd_trash','','javascript');
+
+		}
+
 		// find a comment by IP matching if an administrator.
 		if($logged_info->is_admin == 'Y')
 		{
@@ -378,6 +385,7 @@ class commentModel extends comment
 			$args->module_srl = $obj->module_srl;
 		}
 
+		$args->document_srl = $obj->document_srl;
 		$args->list_count = $obj->list_count;
 
 		if(strpos($args->module_srl, ",") === false)

modules/comment/conf/module.xml

@@ -4,6 +4,7 @@
 	<permissions>
 		<permission action="procCommentAdminAddCart" target="manager" />
 		<permission action="procCommentGetList" target="manager" />
+		<permission action="procCommentAdminMoveToTrash" target="manager" />
 	</permissions>
 	<actions>
 		<action name="getCommentMenu" type="model" />
@@ -21,6 +22,7 @@
 		<action name="procCommentAdminCancelDeclare" type="controller" />
 		<action name="procCommentAdminAddCart" type="controller" />
 		<action name="procCommentGetList" type="controller" />
+		<action name="procCommentAdminMoveToTrash" type="controller" />
 	</actions>
 	<menus>
 		<menu name="comment">

modules/comment/queries/getNewestCommentList.xml

@@ -8,6 +8,7 @@
     <conditions>
         <condition operation="equal" column="status" var="status" pipe="and" />
         <condition operation="in" column="module_srl" var="module_srl" filter="number" pipe="and" />
+        <condition operation="equal" column="document_srl" var="document_srl" filter="number" pipe="and" />
     </conditions>
     <navigation>
         <index var="sort_index" default="list_order" order="asc" />

modules/comment/tpl/comment_list.html

@@ -47,7 +47,12 @@ xe.lang.msg_empty_search_keyword = '{$lang->msg_empty_search_keyword}';
 		<tbody>
 			<tr loop="$comment_list => $no, $val">
 				{@ $comment = $val->getContentText(200)}
-				<td><a href="{getUrl('','document_srl',$val->document_srl)}#comment_{$val->comment_srl}" target="_blank"><!--@if(strlen($comment))-->{$comment}<!--@else--><em>{$lang->no_text_comment}</em><!--@end--></a></td>
+				<td>
+					<block cond="isset($module_list[$val->module_srl])">
+					<a href="{getUrl('', 'mid', $module_list[$val->module_srl]->mid)}" target="_blank">{$module_list[$val->module_srl]->browser_title}</a> - 
+					</block>
+					<a href="{getUrl('','document_srl',$val->document_srl)}#comment_{$val->comment_srl}" target="_blank"><!--@if(strlen($comment))-->{$comment}<!--@else--><em>{$lang->no_text_comment}</em><!--@end--></a>
+				</td>
 				<td class="nowr"><a href="#popup_menu_area" class="member_{$val->member_srl}">{$val->getNickName()}</a></td>
 				<td class="nowr">{number_format($val->get('voted_count'))}/{number_format($val->get('blamed_count'))}</td>
 				<td class="nowr">{(zdate($val->regdate,"Y-m-d\nH:i:s"))}</td>

modules/communication/communication.admin.controller.php

@@ -24,7 +24,7 @@ class communicationAdminController extends communication
 	function procCommunicationAdminInsertConfig()
 	{
 		// get the default information
-		$args = Context::gets('skin', 'colorset', 'editor_skin', 'sel_editor_colorset', 'mskin', 'mcolorset', 'layout_srl', 'mlayout_srl');
+		$args = Context::gets('skin', 'colorset', 'editor_skin', 'sel_editor_colorset', 'mskin', 'mcolorset', 'layout_srl', 'mlayout_srl', 'grant_write_default','grant_write_group');
 		$args->editor_colorset = $args->sel_editor_colorset;
 		unset($args->sel_editor_colorset);
 
@@ -53,6 +53,11 @@ class communicationAdminController extends communication
 			$args->layout_srl = NULL;
 		}
 
+		$oCommunicationModel = getModel('communication');
+		$args->grant_write = $oCommunicationModel->getGrantArray($args->grant_write_default, $args->grant_write_group);
+		unset($args->grant_write_default);
+		unset($args->grant_write_group);
+
 		// create the module module Controller object
 		$oModuleController = getController('module');
 		$output = $oModuleController->insertModuleConfig('communication', $args);

modules/communication/communication.admin.view.php

@@ -58,6 +58,10 @@ class communicationAdminView extends communication
 		$security->encodeHTML('communication_skin_list..title');
 		$security->encodeHTML('communication_mobile_skin_list..title');
 
+		$oMemberModel = getModel('member');
+		$group_list = $oMemberModel->getGroups($this->site_srl);
+		Context::set('group_list', $group_list);
+
 		// specify a template
 		$this->setTemplatePath($this->module_path . 'tpl');
 		$this->setTemplateFile('index');

modules/communication/communication.controller.php

@@ -88,6 +88,12 @@ class communicationController extends communication
 		// Check if there is a member to receive a message
 		$oMemberModel = getModel('member');
 		$oCommunicationModel = getModel('communication');
+		$config = $oCommunicationModel->getConfig();
+
+		if(!$oCommunicationModel->checkGrant($config->grant_write))
+		{
+			return new Object(-1, 'msg_not_permitted');
+		}
 
 		$receiver_member_info = $oMemberModel->getMemberInfoByMemberSrl($receiver_srl);
 		if($receiver_member_info->member_srl != $receiver_srl)

modules/communication/communication.model.php

@@ -51,10 +51,102 @@ class communicationModel extends communication
 		{
 			$communication_config->mskin = 'default';
 		}
+		
+		if(!$communication_config->grant_write)
+		{
+			$communication_config->grant_write = array('default_grant'=>'member');
+		}
 
 		return $communication_config;
 	}
 
+	/**
+	  * @brief get grant array for insert to database. table module_config's config field 
+	  * @param string $default
+	  * @param array $group
+	  * @return array
+	  */
+	function getGrantArray($default, $group)
+	{
+		$grant = array();
+		if($default!="")
+		{
+			switch($default)
+			{
+				case "-2":
+					$grant = array("default_grant"=>"site");
+					break;
+				case "-3":
+					$grant = array("default_grant"=>"manager");
+					break;
+				default :
+					$grant = array("default_grant"=>"member");
+					break;
+			}
+		} 
+		else if(is_array($group)) 
+		{
+			$oMemberModel = getModel('member');
+			$group_list = $oMemberModel->getGroups($this->site_srl);
+
+			$group_grant = array();
+			foreach($group as $group_srl)
+			{
+				$group_grant[$group_srl] = $group_list[$group_srl]->title;
+			}
+			$grant = array('group_grant'=>$group_grant);
+		} 
+		return $grant;
+	}
+
+	/**
+	  * @brief check member's grant
+	  * @param object $member_info
+	  * @param array $arrGrant
+	  * @return boolean
+	  */
+	function checkGrant($arrGrant)
+	{
+		if(!$arrGrant)
+			return false;
+
+		$logged_info = Context::get('logged_info');
+		if(!$logged_info)
+			return false;
+
+		if($logged_info->is_admin == "Y")
+			return true;
+
+		if($arrGrant['default_grant'])
+		{
+			if($arrGrant['default_grant'] == "member" && $logged_info)
+				return true;
+
+			if($arrGrant['default_grant'] == "site" && $this->site_srl == $logged_info->site_srl)
+				return true;
+
+			if($arrGrant['default_grant'] == "manager" && $logged_info->is_admin == "Y")
+				return true;
+		}
+
+		if($arrGrant['group_grant'])
+		{
+			$group_grant = $arrGrant['group_grant'];
+			if(!is_array($group_grant))
+				return false;
+
+			foreach($logged_info->group_list as $group_srl=>$title)
+			{
+				if(isset($group_grant[$group_srl])&&$group_grant[$group_srl]==$title)
+					return true;
+			}
+
+		}
+
+		return false;
+
+	}
+
 	/**
 	 * get the message contents
 	 * @param int $message_srl

modules/communication/lang/lang.xml

@@ -376,4 +376,12 @@
 		<value xml:lang="en"><![CDATA[Friends in a mobile environment is not supported. Please go to the PC page.]]></value>
 		<value xml:lang="jp"><![CDATA[モバイル環境では友達リストページをサポートしません。PC画面へ移動してください。]]></value>
 	</item>
+	<item name="cmd_write_communication">
+		<value xml:lang="ko"><![CDATA[작성 권한]]></value>
+		<value xml:lang="en"><![CDATA[Write Grant]]></value>
+	</item>
+	<item name="cmd_manage_base">
+		<value xml:lang="ko"><![CDATA[기본 정보]]></value>
+		<value xml:lang="en"><![CDATA[Basic infomation]]></value>
+	</item>
 </lang>

modules/communication/queries/getNewMessage.xml

@@ -1,6 +1,6 @@
 <query id="getNewMessage" action="select">
 	<tables>
-		<table name="message" />
+		<table name="member_message" alias="message" />
 		<table name="member" />
 	</tables>
 	<columns>

modules/communication/tpl/index.html

@@ -1,4 +1,5 @@
 <load target="js/communication_admin.js" usecdn="true" />
+<load target="../../module/tpl/js/module_admin.js" />
 <load target="../../editor/tpl/js/editor_module_config.js" usecdn="true" />
 
 <div class="x_page-header">
@@ -81,6 +82,24 @@
 		</div>
 	</div>
 
+	<div class="x_control-group">
+		<label class="x_control-label" for="mlayout_srl">{$lang->cmd_write_communication}</label>
+		<div class="x_controls">
+			<select name="grant_write_default" class="grant_default">
+				<option value="-1" selected="selected"|cond="$communication_config->grant_write['default_grant']=='member'">{$lang->grant_to_login_user}</option>
+				<option value="-2" selected="selected"|cond="$communication_config->grant_write['default_grant']=='site'">{$lang->grant_to_site_user}</option>
+				<option value="-3" selected="selected"|cond="$communication_config->grant_write['default_grant']=='manager'">{$lang->grant_to_admin}</option>
+				<option value="" selected="selected"|cond="$communication_config->grant_write['default_grant']==''">{$lang->grant_to_group}</option>
+			</select>
+			<div id="zone_grant_write" hidden style="margin:8px 0 0 0">
+				<label loop="$group_list => $group_srl, $group_item" for="grant_write_group_{$group_srl}">
+					<input type="checkbox" class="checkbox" name="grant_write_group[]" value="{$group_item->group_srl}" id="grant_write_group_{$group_item->group_srl}" checked="checked"|cond="isset($communication_config->grant_write['group_grant'][$group_srl])&&$communication_config->grant_write['group_grant'][$group_srl]==$group_item->title"/>
+					{$group_item->title}
+				</label>
+			</div>
+		</div>
+	</div>
+
 	<div class="btnArea">
 		<button class="x_btn x_btn-primary" type="submit">{$lang->cmd_registration}</button>
 	</div>
@@ -89,5 +108,7 @@
     jQuery(function() { 
 		doGetSkinColorset("{$communication_config->skin}", 'P'); 
 		doGetSkinColorset("{$communication_config->mskin}", 'M'); 
+		jQuery('.grant_default').change( function(event) { doShowGrantZone(); } ); 
+		doShowGrantZone()
 	});
 </script>

modules/document/conf/module.xml

@@ -14,6 +14,7 @@
         <permission action="procDocumentMoveCategory" target="member" />
         <permission action="procDocumentDeleteCategory" target="member" />
         <permission action="procDocumentMakeXmlFile" target="member" />
+        <permission action="procDocumentAdminMoveToTrash" target="member" />
     </permissions>
     <actions>
         <action name="dispDocumentPrint" type="view" />
@@ -58,6 +59,7 @@
         <action name="procDocumentAdminInsertConfig" type="controller" />
         <action name="procDocumentAdminDeleteAllThumbnail" type="controller" />
         <action name="procDocumentAdminCancelDeclare" type="controller" />
+        <action name="procDocumentAdminMoveToTrash" type="controller" />
 	
     </actions>
 	<menus>

modules/document/document.admin.controller.php

@@ -712,6 +712,81 @@ class documentAdminController extends document
 		return $this->setRedirectUrl($returnUrl, $output);
 	}
 
+	/**
+	  * @fn procDocumentAdminMoveToTrash
+	  * @brief move a document to trash.
+	  * @see documentModel::getDocumentMenu
+	  */
+	function procDocumentAdminMoveToTrash()
+	{
+		$document_srl = Context::get('document_srl');
+
+		$oDocumentModel = getModel('document');
+		$oDocumentController = getController('document');
+		$oDocument = $oDocumentModel->getDocument($document_srl, false, false);
+		if(!$oDocument->isGranted()) return $this->stop('msg_not_permitted');
+	
+		$oModuleModel = getModel('module');
+		$module_info = $oModuleModel->getModuleInfoByDocumentSrl($document_srl);
+
+		$args = new stdClass();
+		$args->description = $message_content;
+		$args->document_srl = $document_srl;
+
+		$oDocumentController->moveDocumentToTrash($args);
+
+		$returnUrl = Context::get('success_return_url');
+		if(!$returnUrl)	
+		{
+			$arrUrl = parse_url(Context::get('cur_url'));
+			$query = "";
+
+			if($arrUrl['query'])
+			{
+				parse_str($arrUrl['query'], $arrQuery);
+
+				// set query
+				if(isset($arrQuery['document_srl']))
+					unset($arrQuery['document_srl']);
+
+				$searchArgs = new stdClass;
+				foreach($arrQuery as $key=>$val)
+				{
+					$searchArgs->{$key} = $val;
+				}
+
+				if(!isset($searchArgs->sort_index))
+					$searchArgs->sort_index = $module_info->order_target;
+
+				foreach($module_info as $key=>$val)
+				{
+					if(!isset($searchArgs->{$key}))
+						$searchArgs->{$key} = $val;
+				}
+
+				$oDocumentModel = getModel('document');
+				$output = $oDocumentModel->getDocumentList($searchArgs, $module_info->except_notice, TRUE, array('document_srl'));
+
+				$cur_page = 1;
+				if(isset($arrQuery['page'])) {
+					$cur_page = (int)$arrQuery['page'];
+				}
+
+
+				if($cur_page>1 && count($output->data) == 0)
+					$arrQuery['page'] = $cur_page - 1;
+
+				$query = "?";
+				foreach($arrQuery as $key=>$val)
+					$query .= sprintf("%s=%s&", $key, $val);
+				$query = substr($query, 0, -1);
+			}
+			$returnUrl = $arrUrl['path'] . $query;
+		}
+
+		$this->add('redirect_url', $returnUrl);
+	}
+
 	/**
 	 * Restor document from trash
 	 * @return void|object

modules/document/document.admin.view.php

@@ -50,7 +50,7 @@ class documentAdminView extends document
 
 		// get a list
 		$oDocumentModel = getModel('document');
-		$columnList = array('document_srl', 'title', 'member_srl', 'nick_name', 'readed_count', 'voted_count', 'blamed_count', 'regdate', 'ipaddress', 'status');
+		$columnList = array('document_srl', 'module_srl', 'title', 'member_srl', 'nick_name', 'readed_count', 'voted_count', 'blamed_count', 'regdate', 'ipaddress', 'status');
 		$output = $oDocumentModel->getDocumentList($args, false, true, $columnList);
 
 		// get Status name list
@@ -72,6 +72,30 @@ class documentAdminView extends document
 		}
 		Context::set('search_option', $search_option);
 
+		$oModuleModel = getModel('module');
+		$module_list = array();
+		$mod_srls = array();
+		foreach($output->data as $oDocument)
+		{
+			$mod_srls[] = $oDocument->get('module_srl');
+		}
+		$mod_srls = array_unique($mod_srls);
+		// Module List
+		$mod_srls_count = count($mod_srls);
+		if($mod_srls_count)
+		{
+			$columnList = array('module_srl', 'mid', 'browser_title');
+			$module_output = $oModuleModel->getModulesInfo($mod_srls, $columnList);
+			if($module_output && is_array($module_output))
+			{
+				foreach($module_output as $module)
+				{
+					$module_list[$module->module_srl] = $module;
+				}
+			}
+		}
+		Context::set('module_list', $module_list);
+
 		// Specify a template
 		$this->setTemplatePath($this->module_path.'tpl');
 		$this->setTemplateFile('document_list');

modules/document/document.controller.php

@@ -234,6 +234,7 @@ class documentController extends document
 		if(!$output->toBool()) return $output;
 		// Register it if no given document_srl exists
 		if(!$obj->document_srl) $obj->document_srl = getNextSequence();
+		elseif(!$manual_inserted && !$isRestore && !checkUserSequence($obj->document_srl)) return new Object(-1, 'msg_not_permitted');
 
 		$oDocumentModel = getModel('document');
 		// Set to 0 if the category_srl doesn't exist
@@ -518,7 +519,7 @@ class documentController extends document
 		{
 			foreach($extra_keys as $idx => $extra_item)
 			{
-				$value = '';
+				$value = NULL;
 				if(isset($obj->{'extra_vars'.$idx}))
 				{
 					$tmp = $obj->{'extra_vars'.$idx};
@@ -528,7 +529,7 @@ class documentController extends document
 						$value = trim($tmp);
 				}
 				else if(isset($obj->{$extra_item->name})) $value = trim($obj->{$extra_item->name});
-				if(!isset($value)) continue;
+				if($value == NULL) continue;
 				$this->insertDocumentExtraVar($obj->module_srl, $obj->document_srl, $idx, $value, $extra_item->eid);
 			}
 		}
@@ -818,9 +819,10 @@ class documentController extends document
 		$document_srl = $oDocument->document_srl;
 		$member_srl = $oDocument->get('member_srl');
 		$logged_info = Context::get('logged_info');
-		// Call a trigger when the read count is updated (after)
-		$output = ModuleHandler::triggerCall('document.updateReadedCount', 'after', $oDocument);
-		if(!$output->toBool()) return $output;
+
+		// Call a trigger when the read count is updated (before)
+		$trigger_output = ModuleHandler::triggerCall('document.updateReadedCount', 'before', $oDocument);
+		if(!$trigger_output->toBool()) return $trigger_output;
 
 		// Pass if read count is increaded on the session information
 		if($_SESSION['readed_document'][$document_srl]) return false;
@@ -837,11 +839,25 @@ class documentController extends document
 			$_SESSION['readed_document'][$document_srl] = true;
 			return false;
 		}
+
+		$oDB = DB::getInstance();
+		$oDB->begin();
+
 		// Update read counts
 		$args = new stdClass;
 		$args->document_srl = $document_srl;
 		$output = executeQuery('document.updateReadedCount', $args);
 
+		// Call a trigger when the read count is updated (after)
+		$outptrigger_outputut = ModuleHandler::triggerCall('document.updateReadedCount', 'after', $oDocument);
+		if(!$trigger_output->toBool())
+		{
+			$oDB->rollback();
+			return $trigger_output;
+		}
+
+		$oDB->commit();
+
 		$oCacheHandler = CacheHandler::getInstance('object');
 		if($oCacheHandler->isSupport())
 		{
@@ -1127,14 +1143,19 @@ class documentController extends document
 		$_SESSION['voted_document'][$document_srl] = true;
 
 		// Return result
+		$output = new Object();
 		if($point > 0)
 		{
-			return new Object(0, 'success_voted');
+			$output->setMessage('success_voted');
+			$output->add('voted_count', $obj->after_point);
 		}
 		else
 		{
-			return new Object(0, 'success_blamed');
+			$output->setMessage('success_blamed');
+			$output->add('blamed_count', $obj->after_point);
 		}
+		
+		return $output;
 	}
 
 	/**

modules/document/document.item.php

@@ -141,9 +141,8 @@ class documentItem extends Object
 		$oDocumentModel = getModel('document');
 		if($load_extra_vars)
 		{
-			$oDocumentModel->getDocumentExtraVarsFromDB($this->document_srl);
-			$this->add('title', $this->get('title'));
-			$this->add('content', $this->get('content'));
+			$GLOBALS['XE_DOCUMENT_LIST'][$attribute->document_srl] = $this;
+			$oDocumentModel->setToAllDocumentExtraVars();
 		}
 		$GLOBALS['XE_DOCUMENT_LIST'][$this->document_srl] = $this;
 	}

modules/document/document.model.php

@@ -520,6 +520,13 @@ class documentModel extends document
 		$oDocumentController->addDocumentPopupMenu($url,'cmd_print','','printDocument');
 		// Call a trigger (after)
 		ModuleHandler::triggerCall('document.getDocumentMenu', 'after', $menu_list);
+		if($this->grant->manager)
+		{
+			$str_confirm = Context::getLang('confirm_move');
+			$url = sprintf("if(!confirm('%s')) return; var params = new Array(); params['document_srl']='%s'; params['mid']=current_mid;params['cur_url']=current_url; exec_xml('document', 'procDocumentAdminMoveToTrash', params)", $str_confirm, $document_srl);
+			$oDocumentController->addDocumentPopupMenu($url,'cmd_trash','','javascript');
+		}
+
 		// If you are managing to find posts by ip
 		if($logged_info->is_admin == 'Y')
 		{

modules/document/queries/getDocumentListWithExtraVars.xml

@@ -9,6 +9,7 @@
     <conditions>
         <condition operation="in" column="documents.module_srl" var="module_srl" filter="number" />
         <condition operation="in" column="documents.category_srl" var="category_srl" filter="number" pipe="and" />
+        <condition operation="equal" column="documents.member_srl" var="member_srl" filter="number" pipe="and" />
         <condition operation="equal" column="extra_vars.module_srl" default="documents.module_srl" pipe="and" />
         <condition operation="equal" column="extra_vars.document_srl" default="documents.document_srl" pipe="and" />
         <condition operation="equal" column="extra_vars.var_idx" var="var_idx" notnull="notnull" pipe="and" />

modules/document/queries/getDocumentListWithExtraVarsPage.xml

@@ -9,6 +9,7 @@
     <conditions>
         <condition operation="in" column="documents.module_srl" var="module_srl" filter="number" />
         <condition operation="in" column="documents.category_srl" var="category_srl" filter="number" pipe="and" />
+        <condition operation="equal" column="documents.member_srl" var="member_srl" filter="number" pipe="and" />
         <condition operation="equal" column="extra_vars.module_srl" default="documents.module_srl" pipe="and" />
         <condition operation="equal" column="extra_vars.document_srl" default="documents.document_srl" pipe="and" />
         <condition operation="equal" column="extra_vars.var_idx" var="var_idx" notnull="notnull" pipe="and" />

modules/document/tpl/document_list.html

@@ -48,7 +48,11 @@ xe.lang.msg_empty_search_keyword = '{$lang->msg_empty_search_keyword}';
 		</thead>
 		<tbody>
 			<tr loop="$document_list => $no, $oDocument">
-				<td class="title"><a href="{getUrl('','document_srl',$oDocument->document_srl)}" target="_blank"><!--@if(trim($oDocument->getTitleText()))-->{htmlspecialchars($oDocument->getTitleText())}<!--@else--><em>{$lang->no_title_document}</em><!--@end--></a></td>
+				<td class="title">
+				<block cond="isset($module_list[$oDocument->get('module_srl')])">
+				<a href="{getUrl('', 'mid', $module_list[$oDocument->get('module_srl')]->mid)}" target="_blank">{$module_list[$oDocument->get('module_srl')]->browser_title}</a> - 
+				</block>
+				<a href="{getUrl('','document_srl',$oDocument->document_srl)}" target="_blank"><!--@if(trim($oDocument->getTitleText()))-->{htmlspecialchars($oDocument->getTitleText())}<!--@else--><em>{$lang->no_title_document}</em><!--@end--></a></td>
 				<td class="nowr"><a href="#popup_menu_area" class="member_{$oDocument->get('member_srl')}">{$oDocument->getNickName()}</a></td>
 				<td class="nowr">{$oDocument->get('readed_count')}</td>
 				<td class="nowr">{$oDocument->get('voted_count')}/{$oDocument->get('blamed_count')}</td>

modules/editor/components/image_link/tpl/popup.js

@@ -24,8 +24,8 @@
         var align = (node.style.cssFloat) ? node.style.cssFloat : node.style.styleFloat;
         var margin = (node.style.margin) ? node.style.margin.match('[0-9]+') : node.getAttribute('margin');
         var alt = node.getAttribute('alt');
-        var width = $(node).width();
-        var height = $(node).height();
+		var width = node.getAttribute('width');
+		var height = node.getAttribute('height');
         var link_url = node.getAttribute('link_url');
         var open_window = node.getAttribute('open_window');
 

modules/editor/editor.model.php

@@ -493,6 +493,8 @@ class editorModel extends editor
 		$oEditorController->deleteSavedDoc(false);
 		$oEditorController->doSaveDoc($saved_doc);
 
+		setUserSequence($saved_doc->document_srl);
+
 		return $saved_doc;
 	}
 

modules/editor/tpl/js/uploader.js

@@ -422,7 +422,7 @@ function insertUploadedFile(editorSequence) {
 				temp_code = '';
 				temp_code += "<img src=\""+file.download_url+"\" alt=\""+file.source_filename+"\"";
 				if(obj.complete === true) { temp_code += " width=\""+obj.width+"\" height=\""+obj.height+"\""; }
-				temp_code += " />\r\n";
+				temp_code += " />\r\n<p><br /></p>\r\n";
 				text.push(temp_code);
 			} else {
 				// 이미지외의 경우는 multimedia_link 컴포넌트 연결

modules/file/file.admin.controller.php

@@ -122,6 +122,7 @@ class fileAdminController extends file
 
 		$download_grant = Context::get('download_grant');
 
+		$file_config = new stdClass;
 		$file_config->allow_outlink = Context::get('allow_outlink');
 		$file_config->allow_outlink_format = Context::get('allow_outlink_format');
 		$file_config->allow_outlink_site = Context::get('allow_outlink_site');

modules/file/file.admin.model.php

@@ -92,7 +92,7 @@ class fileAdminModel extends file
 			if($_SESSION['file_management'][$file->file_srl]) $file->isCarted = true;
 			else $file->isCarted = false;
 
-			$file->download_url = $oFileModel->getDownloadUrl($file->file_srl, $file->sid);
+			$file->download_url = $oFileModel->getDownloadUrl($file->file_srl, $file->sid, $file->module_srl);
 			$output->data[$key] = $file;
 		}
 

modules/file/file.controller.php

@@ -160,6 +160,8 @@ class fileController extends file
 	{
 		$oFileModel = getModel('file');
 
+		if(isset($this->grant->access) && $this->grant->access !== true) return new Object(-1, 'msg_not_permitted');
+
 		$file_srl = Context::get('file_srl');
 		$sid = Context::get('sid');
 		$logged_info = Context::get('logged_info');
@@ -518,6 +520,8 @@ class fileController extends file
 		$comment_srl = $obj->comment_srl;
 		if(!$comment_srl) return new Object();
 
+		if($obj->isMoveToTrash) return new Object();
+
 		$output = $this->deleteFiles($comment_srl);
 		return $output;
 	}

modules/file/file.model.php

@@ -46,7 +46,7 @@ class fileModel extends file
 				$obj->source_filename = $file_info->source_filename;
 				$obj->file_size = $file_info->file_size;
 				$obj->disp_file_size = FileHandler::filesize($file_info->file_size);
-				if($file_info->direct_download=='N') $obj->download_url = $this->getDownloadUrl($file_info->file_srl, $file_info->sid);
+				if($file_info->direct_download=='N') $obj->download_url = $this->getDownloadUrl($file_info->file_srl, $file_info->sid, $file_info->module_srl);
 				else $obj->download_url = str_replace('./', '', $file_info->uploaded_filename);
 				$obj->direct_download = $file_info->direct_download;
 				$files[] = $obj;
@@ -95,9 +95,9 @@ class fileModel extends file
 	 * @param string $sid
 	 * @return string Returns a url
 	 */
-	function getDownloadUrl($file_srl, $sid)
+	function getDownloadUrl($file_srl, $sid, $module_srl="")
 	{
-		return sprintf('?module=%s&act=%s&file_srl=%s&sid=%s', 'file', 'procFileDownload', $file_srl, $sid);
+		return sprintf('?module=%s&act=%s&file_srl=%s&sid=%s&module_srl=%s', 'file', 'procFileDownload', $file_srl, $sid, $module_srl);
 	}
 
 	/**
@@ -164,7 +164,7 @@ class fileModel extends file
 		if(count($output->data) == 1)
 		{
 			$file = $output->data[0];
-			$file->download_url = $this->getDownloadUrl($file->file_srl, $file->sid);
+			$file->download_url = $this->getDownloadUrl($file->file_srl, $file->sid, $file->module_srl);
 
 			return $file;
 		}
@@ -177,7 +177,7 @@ class fileModel extends file
 				foreach($output->data as $key=>$value)
 				{
 					$file = $value;
-					$file->download_url = $this->getDownloadUrl($file->file_srl, $file->sid);
+					$file->download_url = $this->getDownloadUrl($file->file_srl, $file->sid, $file->module_srl);
 					$fileList[] = $file;
 				}
 			}
@@ -211,7 +211,7 @@ class fileModel extends file
 		{
 			$file = $file_list[$i];
 			$file->source_filename = stripslashes($file->source_filename);
-			$file->download_url = $this->getDownloadUrl($file->file_srl, $file->sid);
+			$file->download_url = $this->getDownloadUrl($file->file_srl, $file->sid, $file->module_srl);
 			$file_list[$i] = $file;
 		}
 
@@ -226,24 +226,21 @@ class fileModel extends file
 	function getUploadConfig()
 	{
 		$logged_info = Context::get('logged_info');
-		$file_config = new stdClass();
+
+		$module_srl = Context::get('module_srl');
+		// Get the current module if module_srl doesn't exist
+		if(!$module_srl)
+		{
+			$current_module_info = Context::get('current_module_info');
+			$module_srl = $current_module_info->module_srl;
+		}
+		$file_config = $this->getFileConfig($module_srl);
+
 		if($logged_info->is_admin == 'Y')
 		{
 			$file_config->allowed_filesize = preg_replace("/[a-z]/is","",ini_get('upload_max_filesize'));
-			$file_config->allowed_attach_size = preg_replace("/[a-z]/is","",ini_get('upload_max_filesize'));
 			$file_config->allowed_filetypes = '*.*';
 		}
-		else
-		{
-			$module_srl = Context::get('module_srl');
-			// Get the current module if module_srl doesn't exist
-			if(!$module_srl)
-			{
-				$current_module_info = Context::get('current_module_info');
-				$module_srl = $current_module_info->module_srl;
-			}
-			$file_config = $this->getFileConfig($module_srl);
-		}
 		return $file_config;
 	}
 

modules/importer/importer.admin.controller.php

@@ -937,6 +937,7 @@ class importerAdminController extends importer
 				$obj->last_update = base64_decode($xmlDoc->comment->update->body);
 				if(!$obj->last_update) $obj->last_update = $obj->regdate;
 				$obj->ipaddress = base64_decode($xmlDoc->comment->ipaddress->body);
+				$obj->status = base64_decode($xmlDoc->comment->status->body);
 				$obj->list_order = $obj->comment_srl*-1;
 				// Change content information (attachment)
 				if(count($files))
@@ -1008,9 +1009,9 @@ class importerAdminController extends importer
 		$started = false;
 		$buff = null;
 
+		$file_obj = new stdClass;
 		while(!feof($fp))
 		{
-			$file_obj = new stdClass;
 			$str = trim(fgets($fp, 1024));
 			// If it ends with </attaches>, break
 			if(trim($str) == '</attaches>') break;

modules/install/install.admin.controller.php

@@ -335,8 +335,8 @@ class installAdminController extends install
 		list($width, $height, $type_no, $attrs) = @getimagesize($target_file);
 		if($iconname == 'favicon.ico')
 		{
-			if(!preg_match('/^.*(icon).*$/',$type)) {
-				Context::set('msg', '*.icon '.Context::getLang('msg_possible_only_file'));
+			if(!preg_match('/^.*\.ico$/i',$type)) {
+				Context::set('msg', '*.ico '.Context::getLang('msg_possible_only_file'));
 				return;
 			}
 			if($width && $height && ($width != '16' || $height != '16')) {
@@ -346,7 +346,7 @@ class installAdminController extends install
 		}
 		else if($iconname == 'mobicon.png')
 		{
-			if(!preg_match('/^.*(png).*$/',$type)) {
+			if(!preg_match('/^.*\.png$/i',$type)) {
 				Context::set('msg', '*.png '.Context::getLang('msg_possible_only_file'));
 				return;
 			}

modules/install/install.controller.php

@@ -167,9 +167,14 @@ class installController extends install
 		if(!$oDB->isConnected()) return $oDB->getError();
 
 		// Install all the modules
-		$oDB->begin();
-		$this->installDownloadedModule();
-		$oDB->commit();
+		try {
+			$oDB->begin();
+			$this->installDownloadedModule();
+			$oDB->commit();
+		} catch(Exception $e) {
+			$oDB->rollback();
+			return new Object(-1, $e->getMessage());
+		}
 
 		// Create a config file
 		if(!$this->makeConfigFile()) return new Object(-1, 'msg_install_failed');
@@ -515,6 +520,8 @@ class installController extends install
 			$file = trim($schema_files[$i]);
 			if(!$file || substr($file,-4)!='.xml') continue;
 			$output = $oDB->createTableByXmlFile($file);
+			if($output === false)
+				throw new Exception('msg_create_table_failed');
 		}
 		// Create a table and module instance and then execute install() method
 		unset($oModule);

modules/install/lang/lang.xml

@@ -405,7 +405,7 @@
 			<value xml:lang="vi"><![CDATA[Dùng chức năng <b>innodb</b> để sử dụng MySql Database.<br />Giao dịch được kích hoạt cho innodb]]></value>
 		</item>
 		<item name="cubrid">
-			<value xml:lang="ko"><![CDATA[CUBRID DB를 이용합니다. <a href="http://xe.xpressengine.net/18180659" target="_blank">Manual</a>]]></value>
+			<value xml:lang="ko"><![CDATA[CUBRID DB를 이용합니다. <a href="http://www.cubrid.com/zbxe/?mid=bbs_developer_tutorial&category=47452" target="_blank">Manual</a>]]></value>
 			<value xml:lang="en"><![CDATA[Use CUBRID as a database. See <a href="http://www.cubrid.org/wiki_tutorials/entry/cubrid-installation-instructions" target="_blank">Manual</a> for more info]]></value>
 			<value xml:lang="jp"><![CDATA[CUBRID DBを利用します。 <a href="http://www.cubrid.org/wiki_tutorials/entry/cubrid-installation-instructions" target="_blank">Manual</a>]]></value>
 			<value xml:lang="zh-CN"><![CDATA[使用CUBRID DB。 <a href="http://www.cubrid.org/wiki_tutorials/entry/cubrid-installation-instructions" target="_blank">Manual</a>]]></value>
@@ -808,6 +808,10 @@
 		<value xml:lang="tr"><![CDATA[Kurulum dosyası oluşturulurken bir hata oluştu.]]></value>
 		<value xml:lang="vi"><![CDATA[Đã có lỗi xảy ra khi tạo File cài đặt.]]></value>
 	</item>
+	<item name="msg_create_table_failed">
+		<value xml:lang="ko"><![CDATA[DB 테이블 생성에 실패했습니다.]]></value>
+		<value xml:lang="en"><![CDATA[Failed to create database tables.]]></value>
+	</item>
 	<item name="ftp_get_list">
 		<value xml:lang="ko"><![CDATA[목록 가져오기]]></value>
 		<value xml:lang="en"><![CDATA[Get List]]></value>

modules/integration_search/tpl/skin_info.html

@@ -1,13 +1,13 @@
 <include target="header.html" />
 
-<div cond="$XE_VALIDATOR_MESSAGE && $XE_VALIDATOR_ID == 'moduels/integration_search/tpl/skin_info/1'" class="message {$XE_VALIDATOR_MESSAGE_TYPE}">
+<div cond="$XE_VALIDATOR_MESSAGE && $XE_VALIDATOR_ID == 'modules/integration_search/tpl/skin_info/1'" class="message {$XE_VALIDATOR_MESSAGE_TYPE}">
 	<p>{$XE_VALIDATOR_MESSAGE}</p>
 </div>
 
 <form action="{Context::getRequestUri()}" method="post" enctype="multipart/form-data">
 <input type="hidden" name="module" value="integration_search" />
 <input type="hidden" name="act" value="procIntegration_searchAdminInsertSkin" />
-<input type="hidden" name="xe_validator_id" value="moduels/integration_search/tpl/skin_info/1" />
+<input type="hidden" name="xe_validator_id" value="modules/integration_search/tpl/skin_info/1" />
 	<section class="section">
 		<h1>{$lang->skin_default_info}</h1>
 

modules/layout/layout.admin.controller.php

@@ -262,15 +262,8 @@ class layoutAdminController extends layout
 			$oLayoutModel = getModel('layout');
 			$cache_file = $oLayoutModel->getUserLayoutCache($args->layout_srl, Context::getLangType());
 			FileHandler::removeFile($cache_file);
-			//remove from cache
-			$oCacheHandler = CacheHandler::getInstance('object', null, true);
-			if($oCacheHandler->isSupport())
-			{
-				$object_key = 'layout:' . $args->layout_srl;
-				$cache_key = $oCacheHandler->getGroupKey('site_and_module', $object_key);
-				$oCacheHandler->delete($cache_key);
-			}
 		}
+
 		return $output;
 	}
 
@@ -336,14 +329,7 @@ class layoutAdminController extends layout
 		$args = new stdClass();
 		$args->layout_srl = $layout_srl;
 		$output = executeQuery("layout.deleteLayout", $args);
-		//remove from cache
-		$oCacheHandler = CacheHandler::getInstance('object', null, true);
-		if($oCacheHandler->isSupport())
-		{
-			$object_key = 'layout:'.$layout_srl;
-			$cache_key = $oCacheHandler->getGroupKey('site_and_module', $object_key);
-			$oCacheHandler->delete($cache_key);
-		}
+
 		if(!$output->toBool()) return $output;
 
 		return new Object(0,'success_deleted');

modules/layout/layout.class.php

@@ -86,8 +86,6 @@ class layout extends ModuleObject
 			$oDB->addColumn('layouts','layout_type','char',1,'P',true);
 		}
 
-		$oCacheHandler = CacheHandler::getInstance('object', null, true);
-
 		$args->layout = '.';
 		$output = executeQueryArray('layout.getLayoutDotList', $args);
 		if($output->data && count($output->data) > 0)
@@ -101,13 +99,6 @@ class layout extends ModuleObject
 					$args->layout = implode('|@|', $layout_path);
 					$args->layout_srl = $layout->layout_srl;
 					$output = executeQuery('layout.updateLayout', $args);
-
-					if($oCacheHandler->isSupport())
-					{
-						$object_key = 'layout:' . $args->layout_srl;
-						$cache_key = $oCacheHandler->getGroupKey('site_and_module', $object_key);
-						$oCacheHandler->delete($cache_key);
-					}
 				}
 			}
 		}

modules/layout/layout.model.php

@@ -258,31 +258,15 @@ class layoutModel extends layout
 	 */
 	function getLayout($layout_srl)
 	{
-		$layout_info = false;
+		// Get information from the DB
+		$args = new stdClass();
+		$args->layout_srl = $layout_srl;
+		$output = executeQuery('layout.getLayout', $args);
+		if(!$output->data) return;
 
-		// cache controll
-		$oCacheHandler = CacheHandler::getInstance('object', null, true);
-		if($oCacheHandler->isSupport())
-		{
-			$object_key = 'layout:' . $layout_srl;
-			$cache_key = $oCacheHandler->getGroupKey('site_and_module', $object_key);
-			$layout_info = $oCacheHandler->get($cache_key);
-		}
+		// Return xml file informaton after listing up the layout and extra_vars
+		$layout_info = $this->getLayoutInfo($layout, $output->data, $output->data->layout_type);
 
-		if($layout_info === false)
-		{
-			// Get information from the DB
-			$args = new stdClass();
-			$args->layout_srl = $layout_srl;
-			$output = executeQuery('layout.getLayout', $args);
-			if(!$output->data) return;
-
-			// Return xml file informaton after listing up the layout and extra_vars
-			$layout_info = $this->getLayoutInfo($layout, $output->data, $output->data->layout_type);
-
-			//insert in cache
-			if($oCacheHandler->isSupport()) $oCacheHandler->put($cache_key, $layout_info);
-		}
 		return $layout_info;
 	}
 

modules/layout/tpl/layout_info_view.html

@@ -136,7 +136,7 @@
 				</div>
 			</div>
 		</block>
-		<block cond="$group"></div></div></block>
+		<block cond="$group"></div></block>
 	</section>
 	<section class="section">
 		<h1 cond="$selected_layout->menu">{$lang->menu}</h1>

modules/member/lang/lang.xml

@@ -509,6 +509,12 @@
 		<value xml:lang="tr"><![CDATA[Geçici Zaman Sınırı]]></value>
 		<value xml:lang="vi"><![CDATA[Hạn sử dụng]]></value>
 	</item>
+	<item name="limit_day_description">
+		<value xml:lang="ko"><![CDATA[임시 제한 일자 설명]]></value>
+		<value xml:lang="en"><![CDATA[Description for Temporary Limit Date]]></value>
+		<value xml:lang="jp"><![CDATA[一時的な期限日の説明]]></value>
+	</item>
+
 	<item name="limit_date">
 		<value xml:lang="ko"><![CDATA[제한일]]></value>
 		<value xml:lang="en"><![CDATA[Limit Date]]></value>
@@ -2335,6 +2341,10 @@
 		<value xml:lang="zh-CN"><![CDATA[可设定密码更新周期，将会定期通知更换密码。 (设为零则不适用)]]></value>
 		<value xml:lang="tr"><![CDATA[Eğer buna bir değer biçerseniz, şifrenizi belirli aralıklarla değiştirmeniz konusunda bildirim alacaksanız (eğer 0 olarak ayarlandıysa, devredışıdır)]]></value>
 	</item>
+	<item name="msg_change_password_date">
+		<value xml:lang="ko"><![CDATA[%s일 동안 비밀번호를 변경하지 않았습니다. 개인정보 보호를 위하여 비밀번호를 변경해야 합니다.]]></value>
+		<value xml:lang="en"><![CDATA[You have not changed the password during %s days. For personal information protection, you need to change the password.]]></value>
+	</item>
 	<item name="login_trial_limit1">
 		<value xml:lang="ko"><![CDATA[로그인 시도 횟수 제한 횟수]]></value>
 		<value xml:lang="en"><![CDATA[Sign in trial limit]]></value>

modules/member/m.skins/default/find_member_account.html

@@ -51,7 +51,7 @@
 			<li>
 				<label for="question">{$lang->find_account_question}</label>
 				<select id="question" name="find_account_question" style="width:290px;display:block;">
-				<!--@for($i=1,$c=count($lang->find_account_question_items);$i<$c;$i++)-->
+				<!--@for($i=1,$c=count($lang->find_account_question_items);$i<=$c;$i++)-->
 					<option value="{$i}">{$lang->find_account_question_items[$i]}</option>
 				<!--@end-->
 				</select>

modules/member/member.admin.controller.php

@@ -61,6 +61,9 @@ class memberAdminController extends member
 		unset($all_args->success_return_url);
 		unset($all_args->ruleset);
 		if(!isset($args->limit_date)) $args->limit_date = "";
+		unset($all_args->password);
+		unset($all_args->password2);
+		unset($all_args->reset_password);
 		// Add extra vars after excluding necessary information from all the requested arguments
 		$extra_vars = delObjectVars($all_args, $args);
 		$args->extra_vars = serialize($extra_vars);
@@ -181,6 +184,7 @@ class memberAdminController extends member
 
 		$args = Context::gets(
 			'limit_day',
+			'limit_day_description',
 			'agreement',
 			'redirect_url',
 			'profile_image', 'profile_image_max_width', 'profile_image_max_height',
@@ -471,7 +475,7 @@ class memberAdminController extends member
 				}
 				else if($formInfo->name == 'password')
 				{
-					$fields[] = '<field name="password"><if test="$act == \'procMemberInsert\'" attr="required" value="true" /><if test="$act == \'procMemberInsert\'" attr="length" value="6:20" /></field>';
+					$fields[] = '<field name="password"><if test="$act == \'procMemberInsert\'" attr="required" value="true" /><if test="$act == \'procMemberInsert\'" attr="length" value="4:20" /></field>';
 					$fields[] = '<field name="password2"><if test="$act == \'procMemberInsert\'" attr="required" value="true" /><if test="$act == \'procMemberInsert\'" attr="equalto" value="password" /></field>';
 				}
 				else if($formInfo->name == 'find_account_question')
@@ -827,7 +831,6 @@ class memberAdminController extends member
 						{
 							$args->denied = $var->denied;
 							$output = executeQuery('member.updateMemberDeniedInfo', $args);
-							$this->_clearMemberCache($args->member_srl);
 							if(!$output->toBool())
 							{
 								$oDB->rollback();
@@ -849,6 +852,7 @@ class memberAdminController extends member
 						$this->setMessage('success_deleted');
 					}
 			}
+			$oMemberController->_clearMemberCache($args->member_srl);
 		}
 
 		$message = $var->message;

modules/member/member.admin.view.php

@@ -94,7 +94,7 @@ class memberAdminView extends member
 			}
 		}
 		$config = $this->memberConfig;
-		$memberIdentifiers = array('user_id'=>'user_id', 'user_name'=>'user_name', 'nick_name'=>'nick_name');
+		$memberIdentifiers = array('email_address'=>'email_address', 'user_id'=>'user_id', 'user_name'=>'user_name', 'nick_name'=>'nick_name');
 		$usedIdentifiers = array();	
 
 		if(is_array($config->signupForm))

modules/member/member.controller.php

@@ -67,8 +67,8 @@ class memberController extends member
 			$oMemberModel = getModel('member');
 			if($this->memberInfo->change_password_date < date ('YmdHis', strtotime ('-' . $limit_date . ' day')))
 			{
-				$this->setRedirectUrl(getNotEncodedUrl('','vid',Context::get('vid'),'mid',Context::get('mid'),'act','dispMemberModifyPassword'));
-				return;
+				$msg = sprintf(Context::getLang('msg_change_password_date'), $limit_date);
+				return $this->setRedirectUrl(getNotEncodedUrl('','vid',Context::get('vid'),'mid',Context::get('mid'),'act','dispMemberModifyPassword'), new Object(-1, $msg));
 			}
 		}
 
@@ -230,7 +230,8 @@ class memberController extends member
 				}
 				// Check if duplicated
 				$member_srl = $oMemberModel->getMemberSrlByNickName($value);
-				if($member_srl && $logged_info->member_srl != $member_srl ) return new Object(0,'msg_exists_nick_name');
+				$member_srl_by_decode = $oMemberModel->getMemberSrlByNickName(utf8_decode($value));
+				if(($member_srl && $logged_info->member_srl != $member_srl ) || ($member_srl_by_decode && $logged_info->member_srl != $member_srl_by_decode )) return new Object(0,'msg_exists_nick_name');
 
 				break;
 			case 'email_address' :
@@ -369,11 +370,16 @@ class memberController extends member
 		{
 			if($config->identifier == 'email_address')
 			{
-				$this->doLogin($args->email_address);
+				$output = $this->doLogin($args->email_address);
 			}
 			else
 			{
-				$this->doLogin($args->user_id);
+				$output = $this->doLogin($args->user_id);
+			}
+			if(!$output->toBool()) {
+				if($output->error == -9)
+					$output->error = -11;
+				return $this->setRedirectUrl(getUrl('', 'act', 'dispMemberLoginForm'), $output);
 			}
 		}
 
@@ -384,6 +390,7 @@ class memberController extends member
 		{
 			$msg = sprintf(Context::getLang('msg_confirm_mail_sent'), $args->email_address);
 			$this->setMessage($msg);
+			return $this->setRedirectUrl(getUrl('', 'act', 'dispMemberLoginForm'), new Object(-12, $msg));
 		}
 		else $this->setMessage('success_registed');
 		// Call a trigger (after)
@@ -407,7 +414,7 @@ class memberController extends member
 			}
 		}
 
-		$this->_clearMemberCache($args->member_srl);
+		$this->_clearMemberCache($args->member_srl, $site_module_info->site_srl);
 
 		$this->setRedirectUrl($returnUrl);
 	}
@@ -556,7 +563,6 @@ class memberController extends member
 		// Get user_id information
 		$this->memberInfo = $oMemberModel->getMemberInfoByMemberSrl($args->member_srl);
 
-		$this->_clearMemberCache($args->member_srl);
 
 		// Call a trigger after successfully log-in (after)
 		$trigger_output = ModuleHandler::triggerCall('member.procMemberModifyInfo', 'after', $this->memberInfo);
@@ -567,7 +573,8 @@ class memberController extends member
 		$this->add('member_srl', $args->member_srl);
 		$this->setMessage('success_updated');
 
-		$this->_clearMemberCache($args->member_srl);
+		$site_module_info = Context::get('site_module_info');
+		$this->_clearMemberCache($args->member_srl, $site_module_info->site_srl);
 
 		$returnUrl = Context::get('success_return_url') ? Context::get('success_return_url') : getNotEncodedUrl('', 'mid', Context::get('mid'), 'act', 'dispMemberInfo');
 		$this->setRedirectUrl($returnUrl);
@@ -645,8 +652,6 @@ class memberController extends member
 		// Return success message
 		$this->setMessage('success_leaved');
 
-		$this->_clearMemberCache($member_srl);
-
 		$returnUrl = Context::get('success_return_url') ? Context::get('success_return_url') : getNotEncodedUrl('', 'mid', Context::get('mid'), 'act', '');
 		$this->setRedirectUrl($returnUrl);
 	}
@@ -1099,7 +1104,8 @@ class memberController extends member
 		if(!$output->toBool()) return $this->stop($output->getMessage());
 		// Remove all values having the member_srl from authentication table
 		executeQuery('member.deleteAuthMail',$args);
-		
+
+		$site_module_info = Context::get('site_module_info');
 		$this->_clearMemberCache($args->member_srl);
 
 		// Notify the result
@@ -1194,27 +1200,48 @@ class memberController extends member
 		if(!$memberSrl) return new Object(-1, 'msg_not_exists_member');
 
 		$columnList = array('member_srl', 'user_id', 'user_name', 'nick_name', 'email_address');
-		$memberInfo = $oMemberModel->getMemberInfoByMemberSrl($memberSrl, 0, $columnList);
+		$member_info = $oMemberModel->getMemberInfoByMemberSrl($memberSrl, 0, $columnList);
 
-		// Check if a authentication mail has been sent previously
-		$chk_args = new stdClass;
-		$chk_args->member_srl = $memberInfo->member_srl;
-		$output = executeQuery('member.chkAuthMail', $chk_args);
-		if($output->toBool() && $output->data->count == '0') return new Object(-1, 'msg_invalid_request');
-
-		$auth_args = new stdClass;
-		$auth_args->member_srl = $memberInfo->member_srl;
-		$output = executeQueryArray('member.getAuthMailInfo', $auth_args);
-		if(!$output->data || !$output->data[0]->auth_key)  return new Object(-1, 'msg_invalid_request');
-		$auth_info = $output->data[0];
-
-		// Get content of the email to send a member
-		Context::set('memberInfo', $memberInfo);
 		$oModuleModel = getModel('module');
 		$member_config = $oModuleModel->getModuleConfig('member');
 		if(!$member_config->skin) $member_config->skin = "default";
 		if(!$member_config->colorset) $member_config->colorset = "white";
 
+		// Check if a authentication mail has been sent previously
+		$chk_args = new stdClass;
+		$chk_args->member_srl = $member_info->member_srl;
+		$output = executeQuery('member.chkAuthMail', $chk_args);
+		if($output->toBool() && $output->data->count == '0') return new Object(-1, 'msg_invalid_request');
+
+		$auth_args = new stdClass;
+		$auth_args->member_srl = $member_info->member_srl;
+		$output = executeQueryArray('member.getAuthMailInfo', $auth_args);
+		if(!$output->data || !$output->data[0]->auth_key)  return new Object(-1, 'msg_invalid_request');
+		$auth_info = $output->data[0];
+
+		$memberInfo = array();
+		global $lang;
+		if(is_array($member_config->signupForm))
+		{
+			$exceptForm=array('password', 'find_account_question');
+			foreach($member_config->signupForm as $form)
+			{
+				if(!in_array($form->name, $exceptForm) && $form->isDefaultForm && ($form->required || $form->mustRequired))
+				{
+					$memberInfo[$lang->{$form->name}] = $member_info->{$form->name};
+				}
+			}
+		}
+		else
+		{
+			$memberInfo[$lang->user_id] = $member_info->user_id;
+			$memberInfo[$lang->user_name] = $member_info->user_name;
+			$memberInfo[$lang->nick_name] = $member_info->nick_name;
+			$memberInfo[$lang->email_address] = $member_info->email_address;
+		}
+
+		// Get content of the email to send a member
+		Context::set('memberInfo', $memberInfo);
 		Context::set('member_config', $member_config);
 
 		$tpl_path = sprintf('%sskins/%s', $this->module_path, $member_config->skin);
@@ -1225,9 +1252,6 @@ class memberController extends member
 
 		$oTemplate = &TemplateHandler::getInstance();
 		$content = $oTemplate->compile($tpl_path, 'confirm_member_account_mail');
-		// Get information of the Webmaster
-		$oModuleModel = getModel('module');
-		$member_config = $oModuleModel->getModuleConfig('member');
 		// Send a mail
 		$oMail = new Mail();
 		$oMail->setTitle( Context::getLang('msg_confirm_account_title') );
@@ -1282,7 +1306,6 @@ class memberController extends member
 		list($args->email_id, $args->email_host) = explode('@', $newEmail);
 
 		$output = executeQuery('member.updateMemberEmailAddress', $args);
-		$this->_clearMemberCache($args->member_srl);
 		if(!$output->toBool())
 		{
 			return $this->stop($output->getMessage());
@@ -1401,7 +1424,7 @@ class memberController extends member
 		$output = executeQuery('member.deleteMembersGroup', $args);
 		if(!$output->toBool()) return $output;
 		$this->setMessage('success_deleted');
-		$this->_clearMemberCache($args->member_srl);
+		$this->_clearMemberCache($args->member_srl, $site_module_info->site_srl);
 	}
 
 	/**
@@ -1496,7 +1519,7 @@ class memberController extends member
 		$output = executeQuery('member.addMemberToGroup',$args);
 		$output2 = ModuleHandler::triggerCall('member.addMemberToGroup', 'after', $args);
 
-		$this->_clearMemberCache($member_srl);
+		$this->_clearMemberCache($member_srl, $site_srl);
 
 		return $output;
 	}
@@ -1536,7 +1559,7 @@ class memberController extends member
 			$output = executeQuery('member.addMemberToGroup', $obj);
 			if(!$output->toBool()) return $output;
 
-			$this->_clearMemberCache($obj->member_srl);
+			$this->_clearMemberCache($obj->member_srl, $args->site_srl);
 		}
 
 		return new Object();
@@ -1710,12 +1733,13 @@ class memberController extends member
 			return new Object(-1,'msg_user_denied');
 		}
 		// Notify if denied_date is less than the current time
-		if($this->memberInfo->limit_date && substr($this->memberInfo->limit_date,0,8) >= date("Ymd")) return new Object(-1,sprintf(Context::getLang('msg_user_limited'),zdate($this->memberInfo->limit_date,"Y-m-d")));
+		if($this->memberInfo->limit_date && substr($this->memberInfo->limit_date,0,8) >= date("Ymd")) return new Object(-9,sprintf(Context::getLang('msg_user_limited'),zdate($this->memberInfo->limit_date,"Y-m-d")));
 		// Update the latest login time
 		$args->member_srl = $this->memberInfo->member_srl;
 		$output = executeQuery('member.updateLastLogin', $args);
 
-		$this->_clearMemberCache($args->member_srl);
+		$site_module_info = Context::get('site_module_info');
+		$this->_clearMemberCache($args->member_srl, $site_module_info->site_srl);
 
 		// Check if there is recoding table.
 		$oDB = &DB::getInstance();
@@ -1812,6 +1836,7 @@ class memberController extends member
 		$_SESSION['ipaddress'] = $_SERVER['REMOTE_ADDR'];
 		$_SESSION['member_srl'] = $this->memberInfo->member_srl;
 		$_SESSION['is_admin'] = '';
+		setcookie('xe_logged', 'true', 0, '/');
 		// Do not save your password in the session jiwojum;;
 		//unset($this->memberInfo->password);
 		// User Group Settings
@@ -1938,7 +1963,8 @@ class memberController extends member
 			return new Object(-1,'denied_nick_name');
 		}
 		$member_srl = $oMemberModel->getMemberSrlByNickName($args->nick_name);
-		if($member_srl) return new Object(-1,'msg_exists_nick_name');
+		$member_srl_by_decode = $oMemberModel->getMemberSrlByNickName(utf8_decode($args->nick_name));
+		if($member_srl || $member_srl_by_decode) return new Object(-1,'msg_exists_nick_name');
 
 		$member_srl = $oMemberModel->getMemberSrlByEmailAddress($args->email_address);
 		if($member_srl) return new Object(-1,'msg_exists_email_address');
@@ -2094,6 +2120,10 @@ class memberController extends member
 		{
 			return new Object(-1, 'denied_nick_name');
 		}
+		
+		$member_srl = $oMemberModel->getMemberSrlByNickName($args->nick_name);
+		$member_srl_by_decode = $oMemberModel->getMemberSrlByNickName(utf8_decode($args->nick_name));
+ 		if(($member_srl || $member_srl_by_decode) && $orgMemberInfo->nick_name != $args->nick_name) return new Object(-1,'msg_exists_nick_name');
 
 		list($args->email_id, $args->email_host) = explode('@', $args->email_address);
 		// Website, blog, checks the address
@@ -2174,7 +2204,7 @@ class memberController extends member
 		$oDB->commit();
 
 		//remove from cache
-		$this->_clearMemberCache($args->member_srl);
+		$this->_clearMemberCache($args->member_srl, $args->site_srl);
 
 		// Save Session
 		if(!$this->memberInfo) $this->memberInfo = $oMemberModel->getMemberInfoByMemberSrl($args->member_srl);
@@ -2318,10 +2348,12 @@ class memberController extends member
 		{
 			$_SESSION[$key] = '';
 		}
+
 		session_destroy();
 		setcookie(session_name(), '', $_SERVER['REQUEST_TIME']-42000, '/');
 		setcookie('sso','',$_SERVER['REQUEST_TIME']-42000, '/');
 		setcookie('xeak','',$_SERVER['REQUEST_TIME']-42000, '/');
+		setcookie('xe_logged', 'false', $_SERVER['REQUEST_TIME'] - 42000, '/');
 
 		if($memberSrl || $_COOKIE['xeak'])
 		{
@@ -2666,6 +2698,13 @@ class memberController extends member
 			$object_key = 'member_groups:' . getNumberingPath($member_srl) . $member_srl . '_' . $site_srl;
 			$cache_key = $oCacheHandler->getGroupKey('member', $object_key);
 			$oCacheHandler->delete($cache_key);
+
+			if($site_srl !== 0)
+			{
+				$object_key = 'member_groups:' . getNumberingPath($member_srl) . $member_srl . '_0';
+				$cache_key = $oCacheHandler->getGroupKey('member', $object_key);
+				$oCacheHandler->delete($cache_key);
+			}
 		}
 
 		$oCacheHandler = CacheHandler::getInstance('object');

modules/member/member.view.php

@@ -415,8 +415,17 @@ class memberView extends member
 		$config = $this->member_config;
 		Context::set('identifier', $config->identifier);
 
+		$XE_VALIDATOR_MESSAGE = Context::get('XE_VALIDATOR_MESSAGE');
+		$XE_VALIDATOR_ERROR = Context::get('XE_VALIDATOR_ERROR');
+		if($XE_VALIDATOR_ERROR == -11)
+			Context::set('XE_VALIDATOR_MESSAGE', $XE_VALIDATOR_MESSAGE . $config->limit_day_description);
+
+		if($XE_VALIDATOR_ERROR < -10 && $XE_VALIDATOR_ERROR > -21)
+			Context::set('referer_url', '/'); 
+		else
+			Context::set('referer_url', htmlspecialchars($_SERVER['HTTP_REFERER'], ENT_COMPAT | ENT_HTML401, 'UTF-8', false));
+
 		// Set a template file
-		Context::set('referer_url', htmlspecialchars($_SERVER['HTTP_REFERER'], ENT_COMPAT | ENT_HTML401, 'UTF-8', false));
 		$this->setTemplateFile('login_form');
 	}
 

modules/member/skins/default/confirm_member_account_mail.html

@@ -2,7 +2,7 @@
 <hr noshade="noshade" />
 <ul>
     <li>Site : <a href="{getUrl()}" target="_blank">{getUrl()}</a></li>
-    <li loop="$memberInfo=>$name,$value">{$name} : {$value}</li>
+    <li loop="$memberInfo=>$name,$value" cond="!is_object($value)&&!is_array($value)">{$name} : {$value}</li>
 </ul>
 <hr noshade="noshade" />
 {$lang->msg_confirm_account_comment}<br />

modules/member/skins/default/confirm_member_new_email.html

@@ -2,7 +2,7 @@
 <hr noshade="noshade" />
 <ul>
     <li>Site : <a href="{getUrl()}" target="_blank">{getUrl()}</a></li>
-    <li loop="$memberInfo=>$name,$value">{$name} : {$value}</li>
+    <li loop="$memberInfo=>$name,$value" cond="!is_object($value)&&!is_array($value)">{$name} : {$value}</li>
 </ul>
 <hr noshade="noshade" />
 {sprintf($lang->msg_confirm_email_address_change, $newEmail)}<br />

modules/member/skins/default/find_member_account.html

@@ -6,7 +6,7 @@
 	<div cond="$XE_VALIDATOR_MESSAGE && $XE_VALIDATOR_ID == 'modules/member/skin/default/find_member_account/1'" class="message {$XE_VALIDATOR_MESSAGE_TYPE}">
 		<p>{$XE_VALIDATOR_MESSAGE}</p>
 	</div>
-	<form action="/" method="get" ruleset="findAccount">
+	<form action="{getUrl('')}" method="get" ruleset="findAccount">
 		<input type="hidden" name="mid" value="{$mid}" />
 		<input type="hidden" name="act" value="procMemberFindAccount" />
 		<input type="hidden" name="document_srl" value="{$document_srl}" />

modules/member/skins/default/find_member_account_mail.html

@@ -2,9 +2,9 @@
 <hr noshade="noshade" />
 <ul>
 	<li>{$lang->site} : <a href="{getUrl()}" target="_blank">{getUrl()}</a></li>
-	<li loop="$memberInfo=>$name,$value">{$name} : {$value}</li>
+	<li loop="$memberInfo=>$name,$value" cond="!is_object($value)&&!is_array($value)">{$name} : {$value}</li>
 	<li>{$lang->password} : <span style="color:red">{$auth_args->new_password}</span></li>
 </ul>
 <hr noshade="noshade" />
 {$lang->msg_find_account_comment}<br />
-<a href="{$find_url}">{$find_url}</a>
+<a href="{$find_url}">{$find_url}</a>