From dc84dd131041a4cf63f6c83909e0d261a4ea2b20 Mon Sep 17 00:00:00 2001 From: Kijin Sung Date: Wed, 1 Mar 2017 23:35:12 +0900 Subject: [PATCH 01/35] Fix unauthorized config manipulation in document and comment modules Reported by @conory --- modules/comment/comment.controller.php | 36 +++++++++++++++--------- modules/document/document.controller.php | 31 ++++++++++++++++---- 2 files changed, 47 insertions(+), 20 deletions(-) diff --git a/modules/comment/comment.controller.php b/modules/comment/comment.controller.php index f08144564..b67ffe5f1 100644 --- a/modules/comment/comment.controller.php +++ b/modules/comment/comment.controller.php @@ -1525,14 +1525,28 @@ class commentController extends comment */ function procCommentInsertModuleConfig() { - $module_srl = Context::get('target_module_srl'); - if(preg_match('/^([0-9,]+)$/', $module_srl)) + $target_module_srl = Context::get('target_module_srl'); + $target_module_srl = array_map('trim', explode(',', $target_module_srl)); + $logged_info = Context::get('logged_info'); + $module_srl = array(); + $oModuleModel = getModel('module'); + foreach ($target_module_srl as $srl) { - $module_srl = explode(',', $module_srl); - } - else - { - $module_srl = array($module_srl); + if (!$srl) continue; + + $module_info = $oModuleModel->getModuleInfoByModuleSrl($srl); + if (!$module_info->module_srl) + { + return new Object(-1, 'msg_invalid_request'); + } + + $module_grant = $oModuleModel->getGrant($module_info, $logged_info); + if (!$module_grant->manager) + { + return new Object(-1, 'msg_not_permitted'); + } + + $module_srl[] = $srl; } $comment_config = new stdClass(); @@ -1560,14 +1574,8 @@ class commentController extends comment $comment_config->use_comment_validation = 'N'; } - for($i = 0; $i < count($module_srl); $i++) + foreach ($module_srl as $srl) { - $srl = trim($module_srl[$i]); - if(!$srl) - { - continue; - } - $output = $this->setCommentModuleConfig($srl, $comment_config); } diff --git a/modules/document/document.controller.php b/modules/document/document.controller.php index 56a2137fa..75bc5cdc5 100644 --- a/modules/document/document.controller.php +++ b/modules/document/document.controller.php @@ -2621,9 +2621,29 @@ class documentController extends document */ function procDocumentInsertModuleConfig() { - $module_srl = Context::get('target_module_srl'); - if(preg_match('/^([0-9,]+)$/',$module_srl)) $module_srl = explode(',',$module_srl); - else $module_srl = array($module_srl); + $target_module_srl = Context::get('target_module_srl'); + $target_module_srl = array_map('trim', explode(',', $target_module_srl)); + $logged_info = Context::get('logged_info'); + $module_srl = array(); + $oModuleModel = getModel('module'); + foreach ($target_module_srl as $srl) + { + if (!$srl) continue; + + $module_info = $oModuleModel->getModuleInfoByModuleSrl($srl); + if (!$module_info->module_srl) + { + return new Object(-1, 'msg_invalid_request'); + } + + $module_grant = $oModuleModel->getGrant($module_info, $logged_info); + if (!$module_grant->manager) + { + return new Object(-1, 'msg_not_permitted'); + } + + $module_srl[] = $srl; + } $document_config = new stdClass(); $document_config->use_history = Context::get('use_history'); @@ -2638,12 +2658,11 @@ class documentController extends document $document_config->use_status = Context::get('use_status'); $oModuleController = getController('module'); - for($i=0;$iinsertModulePartConfig('document',$srl,$document_config); } + $this->setError(-1); $this->setMessage('success_updated', 'info'); From b143b3f3e7bf14549318ba8b239b9671406a116c Mon Sep 17 00:00:00 2001 From: MinSoo Kim Date: Wed, 1 Mar 2017 23:49:43 +0900 Subject: [PATCH 02/35] Update the readme file with English translation. Thanks to kind support of Google Translate Machine Learning. --- README.md | 77 ++++++++++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 76 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index a3e44b61a..cb4039b01 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,4 @@ +# 한국어 [![Rhymix](https://cloud.githubusercontent.com/assets/8565457/12881857/7c3e69d6-ce90-11e5-94dc-8a592cf9ab7d.png)](https://www.rhymix.org) Rhymix(라이믹스)는 누구든지 쉽고 자유롭게 독립적인 홈페이지를 만들어 @@ -21,7 +22,7 @@ Rhymix는 개발자와 사용자가 서로의 권리와 책임을 존중하는 개발자 위주, 서비스 제공자 위주로 나아가는 현대의 IT 동향을 무차별적으로 받아들이기보다는 사용자의 주권과 열린 인터넷 환경을 보호하는 기술을 집중적으로 발굴하며, 우리나라 인터넷 커뮤니티의 성장을 이끌었던 90년대 제로보드와 2000년대 XE의 정신을 이어받아 -2016년 현재 위기에 처한 오픈 웹을 지키고 회복시키는 일에 앞장서고자 합니다. +2010년대 후반 현재 위기에 처한 오픈 웹을 지키고 회복시키는 일에 앞장서고자 합니다. 그러기 위해서는 다른 어떤 CMS보다도 일반 사용자를 위한 편리성이 가장 뛰어나야 합니다. @@ -87,3 +88,77 @@ GPL은 WordPress, Drupal, Joomla 등 세계적인 CMS들이 공통으로 채택 Rhymix의 소스코드를 수정하거나 확장 기능을 직접 개발하여 사용하더라도 마찬가지입니다. 그러나 직접 개발한 확장 기능을 제3자에게 배포 또는 판매할 경우에는 반드시 소스코드를 제공해야 하며, 이러한 소스코드는 모두 GPL 라이선스의 적용을 받습니다. + +# English +[![Rhymix](https://cloud.githubusercontent.com/assets/8565457/12881857/7c3e69d6-ce90-11e5-94dc-8a592cf9ab7d.png)](https://www.rhymix.org) + +Rhymix is a content management system (CMS) for anyone who wants to create independent homepages to express themselves and grow their communities easily and freely. + +Rhymix is a project to fork [XpressEngine](https://www.xpressengine.com) version 1.8 and is free software that anyone can use for free and participate in. + +Rhymix is a combination of "rhyme" in the sense of "making a poem, adjusting the sound", and "remix" in the sense of "combining, changing". +Rhymix cheers everyone who freely creates and/or assembles new things in the Internet space by combining various software and contents. + +### Development direction + +Rhymix developers want an Internet ecosystem where developers and users respect each other's rights and responsibilities, +a world where everyone can voice their voice without relying on a centralized SNS platform, +a future where ordinary bloggers, students, the disabled and others as well as developers of startups can build a home in cyberspace and communicate with each other. + +Rather than indiscriminately accepting modern IT trends that are centered on developers and service providers, +we focused on technologies that protect users' sovereignty and open Internet environment. Taking the spirit of ZeroBoard and XpressEngine, which led the growth of the Korean Internet communities in the 1990s and 2000s respectively, Rhymix wants to take the lead in recovering and restoring the open web in the crisis of late 2010s. + + +This requires the most convenience for the average user over any other CMS. + +- CMS that is convenient enough for beginners to easily create the website with a few clicks +- CMS that is actively using the latest technology, fast and secure +- CMS to help users and developers communicate well through community +- We try to ensure maximum compatibility with existing XpressEngine third-party materials such as add-ons, modules and widgets. + +### Installation Environment + +To use Rhymix, you must have a web hosting or server that meets the following requirements. + +- PHP 5.5.9 or higher (PHP 7 recommended) +- MySQL 5.0.7 or higher (MariaDB recommended) +- Required PHP module + - curl + - gd + - iconv or mbstring + - json + - mcrypt or openssl + - simplexml +- In php.ini, session.auto_start = Off should be set. +- The installation folder or the files folder must have write permission. + +### Participation in development + +Rhymix welcomes developers, designers, translators, and bugs to the public. +If you would like to participate, please read [CONTRIBUTING.md](./CONTRIBUTING.md) first to ensure efficient and orderly project management. + +If you have found a security vulnerability, please let us know at devops@rhymix.org so that we can create a patch before it is exploited. + +### Official Website + +- Rhymix : https://www.rhymix.org + +### Community + +- XETOWN (Korean) : https://www.xetown.com + +### Copyright and License + +Rhymix is a free software licensed under the [GNU GPL v2](http://korea.gnu.org/documents/copyleft/gpl.ko.html) or later. +Free software, also known as "open source" or "open", is a program that emphasizes the freedom and rights of developers and users, their participation and responsibilities, and is free to use and participate in development. + +Rhymix is based on the source code of [XpressEngine](https://www.xpressengine.com), which [NAVER](https://www.navercorp.com/) is partly copyrighted free software. +Rhymix developers have copyrights on the added and modified code. + +XpressEngine had used the GPL in its early days and switched from version 1.4.0 to LGPL, but Rhymix has reverted its licenses to the GPL to further protect its rights and adhere to the spirit of free software. +(License conversion is allowed in [LGPL v2.1 Section 3](https://www.gnu.org/licenses/old-licenses/lgpl-2.1.html).) + +GPL is a license that is commonly adopted by global CMSs such as WordPress, Drupal, and Joomla, so the rights and obligations of users and developers are the same as those of CMS. + +The use of Rhymix on the homepage does not oblige you to release the source code, even if you modify the Rhymix source code or develop the extension yourself. +However, if you distribute or sell your own extensions to a third party, you must provide the source code, which is subject to the GPL license. From 3710bdc3b9619d9dba5f51f055d102c1669ea352 Mon Sep 17 00:00:00 2001 From: MinSoo Kim Date: Wed, 1 Mar 2017 23:53:55 +0900 Subject: [PATCH 03/35] fix typo --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index cb4039b01..f417071fa 100644 --- a/README.md +++ b/README.md @@ -79,7 +79,7 @@ Rhymix 개발자들이 추가 및 변경한 부분의 저작권은 해당 개발 XpressEngine은 초창기에 GPL을 사용하다가 버전 1.4.0부터 LGPL로 전환했지만, Rhymix는 사용자의 권리를 더욱 보호하고 자유 소프트웨어 본연의 정신에 충실하기 위해 라이선스를 GPL로 되돌렸습니다. -(라이선스 전환은 [LGPL v2.1 제3조](http://korea.gnu.org/people/chsong/copyleft/lgpl.ko.html#term3)에서 허용하고 있습니다.) +(라이선스 전환은 [LGPL v2.1 제3조](http://korea.gnu.org/documents/copyleft/lgpl.ko.html#term3)에서 허용하고 있습니다.) GPL은 WordPress, Drupal, Joomla 등 세계적인 CMS들이 공통으로 채택하고 있는 라이선스이므로 사용자 및 개발자의 권리와 의무도 이러한 CMS들의 경우와 동일합니다. @@ -99,7 +99,7 @@ Rhymix is a project to fork [XpressEngine](https://www.xpressengine.com) version Rhymix is a combination of "rhyme" in the sense of "making a poem, adjusting the sound", and "remix" in the sense of "combining, changing". Rhymix cheers everyone who freely creates and/or assembles new things in the Internet space by combining various software and contents. -### Development direction +### Development Direction Rhymix developers want an Internet ecosystem where developers and users respect each other's rights and responsibilities, a world where everyone can voice their voice without relying on a centralized SNS platform, From 5f5f2247ddd61c7724059988d01405f36ee7f47f Mon Sep 17 00:00:00 2001 From: MinSoo Kim Date: Wed, 1 Mar 2017 23:56:03 +0900 Subject: [PATCH 04/35] =?UTF-8?q?XE=20=EC=9D=98=20=EC=BD=94=EB=93=9C?= =?UTF-8?q?=EC=97=90=EB=8A=94=20=EB=84=A4=EC=9D=B4=EB=B2=84=EA=B0=80=20?= =?UTF-8?q?=EC=A0=80=EC=9E=91=EA=B6=8C=EC=9D=84=20=EA=B0=80=EC=A7=80?= =?UTF-8?q?=EC=A7=80=20=EB=AA=BB=ED=95=9C=20=EC=BD=94=EB=93=9C=EA=B0=80=20?= =?UTF-8?q?=EC=9E=88=EC=9D=8C.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 네이버의 피고용인 이외의 참여자가 있었기 때문에 오해가 있을 수 있는 표현을 수정. --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index f417071fa..4e874e05d 100644 --- a/README.md +++ b/README.md @@ -73,7 +73,7 @@ Rhymix는 [GNU GPL v2](http://korea.gnu.org/documents/copyleft/gpl.ko.html) 개발자와 사용자의 자유와 권리, 참여와 책임을 강조하는 프로그램으로 누구나 무료로 사용할 수 있고 개발에 참여할 수도 있습니다. -Rhymix는 [NAVER](https://www.navercorp.com/)가 저작권을 가진 +Rhymix는 [NAVER](https://www.navercorp.com/)가 일부 저작권을 가진 [XpressEngine](https://www.xpressengine.com)의 소스코드에 바탕을 두고 있습니다. Rhymix 개발자들이 추가 및 변경한 부분의 저작권은 해당 개발자들에게 있습니다. From 91f11b08d96faa7ead9d46b657e9f66eae36a60f Mon Sep 17 00:00:00 2001 From: MinSoo Kim Date: Wed, 1 Mar 2017 23:57:04 +0900 Subject: [PATCH 05/35] =?UTF-8?q?=EB=8C=80=EB=AC=B8=EC=9E=90=20=EC=93=B0?= =?UTF-8?q?=EA=B8=B0=20=EA=B7=9C=EC=B9=99=20=ED=86=B5=EC=9D=BC.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 4e874e05d..c51290264 100644 --- a/README.md +++ b/README.md @@ -132,7 +132,7 @@ To use Rhymix, you must have a web hosting or server that meets the following re - In php.ini, session.auto_start = Off should be set. - The installation folder or the files folder must have write permission. -### Participation in development +### Participation in Development Rhymix welcomes developers, designers, translators, and bugs to the public. If you would like to participate, please read [CONTRIBUTING.md](./CONTRIBUTING.md) first to ensure efficient and orderly project management. From 1bd32d8d7116b530e75b9f43bf5ae78af3f26753 Mon Sep 17 00:00:00 2001 From: Kijin Sung Date: Thu, 2 Mar 2017 00:05:06 +0900 Subject: [PATCH 06/35] Fix unauthorized manipulation of documents via procDocumentManageCheckedDocument xpressengine/xe-core#2044 --- modules/document/document.controller.php | 84 ++++++++++++++---------- 1 file changed, 51 insertions(+), 33 deletions(-) diff --git a/modules/document/document.controller.php b/modules/document/document.controller.php index 75bc5cdc5..a9ad95032 100644 --- a/modules/document/document.controller.php +++ b/modules/document/document.controller.php @@ -2480,22 +2480,20 @@ class documentController extends document { @set_time_limit(0); if(!Context::get('is_logged')) return new Object(-1,'msg_not_permitted'); + $logged_info = Context::get('logged_info'); - if(!checkCSRF()) - { - return new Object(-1, 'msg_invalid_request'); - } - + // Get request parameters. + $cart = Context::get('cart'); + if(!is_array($cart)) $cart = explode('|@|', $cart); + $cart = array_unique(array_map('intval', $cart)); $type = Context::get('type'); - $target_module = Context::get('target_module'); - $module_srl = Context::get('module_srl'); - if($target_module && !$module_srl) $module_srl = $target_module; - $category_srl = Context::get('target_category'); + $target_module_srl = Context::get('module_srl') ?: Context::get('target_module'); + $target_category_srl = Context::get('target_category'); + // send default message - misol 2015-07-23 $send_default_message = Context::get('send_default_message'); if($send_default_message === 'Y') { - $logged_info = Context::get('logged_info'); $message_content = ''; $default_message_verbs = lang('default_message_verbs'); if(isset($default_message_verbs[$type]) && is_string($default_message_verbs[$type])) @@ -2509,31 +2507,54 @@ class documentController extends document if($message_content) $message_content = nl2br($message_content); } - $cart = Context::get('cart'); - if(!is_array($cart)) $document_srl_list = explode('|@|', $cart); - else $document_srl_list = $cart; - - $document_srl_count = count($document_srl_list); - - $oDocumentModel = getModel('document'); + // Check permissions on all documents. $document_items = array(); - foreach($document_srl_list as $document_srl) + $document_srl_list = array(); + $module_srl_list = array(); + $oDocumentModel = getModel('document'); + foreach ($cart as $document_srl) { $oDocument = $oDocumentModel->getDocument($document_srl); $document_items[] = $oDocument; - if(!$oDocument->isGranted()) return $this->stop('msg_not_permitted'); + $document_srl_list[] = $document_srl; + $module_srl_list[] = $oDocument->get('module_srl'); + if (!$oDocument->isGranted()) + { + return $this->stop('msg_not_permitted'); + } } - + + // Check permissions on all modules. + $oModuleModel = getModel('module'); + if (!in_array($target_module_srl, $module_srl_list)) + { + $module_srl_list[] = $target_module_srl; + } + foreach ($module_srl_list as $module_srl) + { + $module_info = $oModuleModel->getModuleInfoByModuleSrl($module_srl); + if (!$module_info->module_srl) + { + return new Object(-1, 'msg_invalid_request'); + } + + $module_grant = $oModuleModel->getGrant($module_info, $logged_info); + if (!$module_grant->manager) + { + return new Object(-1, 'msg_not_permitted'); + } + } + // Set a spam-filer not to be filtered to spams $oSpamController = getController('spamfilter'); $oSpamController->setAvoidLog(); - $oDocumentAdminController = getAdminController('document'); if($type == 'move') { - if(!$module_srl) return new Object(-1, 'fail_to_move'); + if(!$target_module_srl) return new Object(-1, 'fail_to_move'); - $output = $oDocumentAdminController->moveDocumentModule($document_srl_list, $module_srl, $category_srl); + $oDocumentAdminController = getAdminController('document'); + $output = $oDocumentAdminController->moveDocumentModule($document_srl_list, $target_module_srl, $target_category_srl); if(!$output->toBool()) return new Object(-1, 'fail_to_move'); $msg_code = 'success_moved'; @@ -2541,9 +2562,10 @@ class documentController extends document } else if($type == 'copy') { - if(!$module_srl) return new Object(-1, 'fail_to_move'); + if(!$target_module_srl) return new Object(-1, 'fail_to_move'); - $output = $oDocumentAdminController->copyDocumentModule($document_srl_list, $module_srl, $category_srl); + $oDocumentAdminController = getAdminController('document'); + $output = $oDocumentAdminController->copyDocumentModule($document_srl_list, $target_module_srl, $target_category_srl); if(!$output->toBool()) return new Object(-1, 'fail_to_move'); $msg_code = 'success_copied'; @@ -2552,9 +2574,8 @@ class documentController extends document { $oDB = &DB::getInstance(); $oDB->begin(); - for($i=0;$i<$document_srl_count;$i++) + foreach ($document_srl_list as $document_srl) { - $document_srl = $document_srl_list[$i]; $output = $this->deleteDocument($document_srl, true); if(!$output->toBool()) return new Object(-1, 'fail_to_delete'); } @@ -2568,8 +2589,9 @@ class documentController extends document $oDB = &DB::getInstance(); $oDB->begin(); - for($i=0;$i<$document_srl_count;$i++) { - $args->document_srl = $document_srl_list[$i]; + foreach ($document_srl_list as $document_srl) + { + $args->document_srl = $document_srl; $output = $this->moveDocumentToTrash($args); if(!$output || !$output->toBool()) return new Object(-1, 'fail_to_trash'); } @@ -2587,11 +2609,7 @@ class documentController extends document // Send a message if($message_content) { - $oCommunicationController = getController('communication'); - - $logged_info = Context::get('logged_info'); - $title = cut_str($message_content,10,'...'); $sender_member_srl = $logged_info->member_srl; From 4ddf8cf91fd9f267e88e126050306dbc17e208de Mon Sep 17 00:00:00 2001 From: Kijin Sung Date: Thu, 2 Mar 2017 11:43:56 +0900 Subject: [PATCH 07/35] Fix #735 downloading files without points MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - 포인트 부족시 다운로드를 금지하더라도 비회원에게 적용되지 않는 문제 해결 - 비회원이 첨부한 파일을 비회원이 다운로드하는 경우 적용되지 않는 문제 해결 - 해당 트리거 구조개선 및 주석 수정 --- modules/point/point.controller.php | 66 ++++++++++++++++++++++-------- 1 file changed, 48 insertions(+), 18 deletions(-) diff --git a/modules/point/point.controller.php b/modules/point/point.controller.php index 0fcd42236..d2712989e 100644 --- a/modules/point/point.controller.php +++ b/modules/point/point.controller.php @@ -359,32 +359,51 @@ class pointController extends point $member_srl = $logged_info->member_srl; $module_srl = $obj->module_srl; if(!$module_srl) return new Object(); + // Pass if it is your file - if(abs($obj->member_srl) == abs($member_srl)) return new Object(); + if($member_srl && abs($obj->member_srl) == $member_srl) return new Object(); $oModuleModel = getModel('module'); $config = $oModuleModel->getModuleConfig('point'); $module_config = $oModuleModel->getModulePartConfig('point', $module_srl); - // If it is set not to allow downloading for non-logged in users, do not permit + if (isset($module_config['download_file'])) + { + $point = intval($module_config['download_file']); + } + else + { + $point = intval($config->download_file); + } + + // If the user is not logged in and download requires points, deny access. if(!Context::get('is_logged')) { - if($config->disable_download == 'Y' && strlen($module_config['download_file']) == 0 && !is_int($module_config['download_file'])) return new Object(-1,'msg_not_permitted_download'); - else return new Object(); + if($config->disable_download == 'Y' && $point) + { + return new Object(-1,'msg_not_permitted_download'); + } + else + { + return new Object(); + } } + // Get the points of the member $oPointModel = getModel('point'); $cur_point = $oPointModel->getPoint($member_srl, true); - // Get the points - $point = $module_config['download_file']; - if(strlen($point) == 0 && !is_int($point)) $point = $config->download_file; - // If points are less than 0, and if downloading a file is not allowed in this case, give an errors - if($cur_point + $point < 0 && $config->disable_download == 'Y') return new Object(-1,'msg_cannot_download'); - + + // If the member does not have enough points, deny access. + if ($config->disable_download == 'Y' && $cur_point + $point < 0) + { + return new Object(-1,'msg_cannot_download'); + } + + // Otherwise, points will be adjusted after downloading (triggerDownloadFile). return new Object(); } /** - * @brief The trigger to give points for downloading the file + * @brief The trigger to give or take points for downloading the file */ function triggerDownloadFile(&$obj) { @@ -394,21 +413,32 @@ class pointController extends point $module_srl = $obj->module_srl; $member_srl = $logged_info->member_srl; if(!$module_srl) return new Object(); + // Pass if it is your file - if(abs($obj->member_srl) == abs($member_srl)) return new Object(); + if($member_srl && abs($obj->member_srl) == $member_srl) return new Object(); + // Get the point module information $oModuleModel = getModel('module'); $config = $oModuleModel->getModuleConfig('point'); $module_config = $oModuleModel->getModulePartConfig('point', $module_srl); + if (isset($module_config['download_file'])) + { + $point = intval($module_config['download_file']); + } + else + { + $point = intval($config->download_file); + } + // Get the points of the member $oPointModel = getModel('point'); $cur_point = $oPointModel->getPoint($member_srl, true); - // Get the points - $point = $module_config['download_file']; - if(strlen($point) == 0 && !is_int($point)) $point = $config->download_file; - // Increase the point - $cur_point += $point; - $this->setPoint($member_srl,$cur_point); + + // Increase or decrease points. + if ($point) + { + $this->setPoint($member_srl, $cur_point += $point); + } return new Object(); } From c86c3a16de1b4cdb04d69c840d3a49978230f2a9 Mon Sep 17 00:00:00 2001 From: Kijin Sung Date: Thu, 2 Mar 2017 13:11:21 +0900 Subject: [PATCH 08/35] Implement _getModulePointConfig() and clean up read/download triggers --- modules/point/point.controller.php | 244 +++++++++++++++-------------- 1 file changed, 124 insertions(+), 120 deletions(-) diff --git a/modules/point/point.controller.php b/modules/point/point.controller.php index d2712989e..5de7dc2e3 100644 --- a/modules/point/point.controller.php +++ b/modules/point/point.controller.php @@ -10,14 +10,14 @@ class pointController extends point /** * @brief Initialization */ - function init() + public function init() { } /** * @brief Membership point application trigger */ - function triggerInsertMember(&$obj) + public function triggerInsertMember($obj) { // Get the point module information $oModuleModel = getModel('module'); @@ -39,7 +39,7 @@ class pointController extends point /** * @brief A trigger to add points to the member for login */ - function triggerAfterLogin(&$obj) + public function triggerAfterLogin($obj) { $member_srl = $obj->member_srl; if(!$member_srl) return new Object(); @@ -63,7 +63,7 @@ class pointController extends point /** * @brief Member group deletion trigger */ - function triggerDeleteGroup(&$obj) + public function triggerDeleteGroup($obj) { // Get the point module config $config = getModel('module')->getModuleConfig('point'); @@ -82,7 +82,7 @@ class pointController extends point /** * @brief A trigger to add points to the member for creating a post */ - function triggerInsertDocument(&$obj) + public function triggerInsertDocument($obj) { $oDocumentModel = getModel('document'); if($obj->status != $oDocumentModel->getConfigStatus('temp')) @@ -118,7 +118,7 @@ class pointController extends point * @brief The trigger to give points for normal saving the temporarily saved document * Temporary storage at the point in 1.2.3 changed to avoid payment */ - function triggerUpdateDocument(&$obj) + public function triggerUpdateDocument($obj) { $oDocumentModel = getModel('document'); $document_srl = $obj->document_srl; @@ -153,7 +153,7 @@ class pointController extends point /** * @brief The trigger which deducts the points related to post comments before deleting the post itself */ - function triggerBeforeDeleteDocument(&$obj) + public function triggerBeforeDeleteDocument($obj) { $document_srl = $obj->document_srl; $member_srl = $obj->member_srl; @@ -204,7 +204,7 @@ class pointController extends point /** * @brief A trigger to give points for deleting the post */ - function triggerDeleteDocument(&$obj) + public function triggerDeleteDocument($obj) { $oDocumentModel = getModel('document'); @@ -244,7 +244,7 @@ class pointController extends point /** * @brief A trigger which gives points for entering a comment */ - function triggerInsertComment(&$obj) + public function triggerInsertComment($obj) { $module_srl = $obj->module_srl; $member_srl = $obj->member_srl; @@ -282,7 +282,7 @@ class pointController extends point /** * @brief A trigger which gives points for deleting a comment */ - function triggerDeleteComment(&$obj) + public function triggerDeleteComment($obj) { $oModuleModel = getModel('module'); $oPointModel = getModel('point'); @@ -317,7 +317,7 @@ class pointController extends point * @brief Add the file registration trigger * To prevent taking points for invalid file registration this method wlil return a null object */ - function triggerInsertFile(&$obj) + public function triggerInsertFile($obj) { return new Object(); } @@ -326,7 +326,7 @@ class pointController extends point * @brief A trigger to give points for deleting a file * Remove points only in case an invalid file is being deleted */ - function triggerDeleteFile(&$obj) + public function triggerDeleteFile($obj) { if($obj->isvalid != 'Y') return new Object(); @@ -353,93 +353,60 @@ class pointController extends point /** * @brief The trigger called before a file is downloaded */ - function triggerBeforeDownloadFile(&$obj) + public function triggerBeforeDownloadFile($obj) { $logged_info = Context::get('logged_info'); $member_srl = $logged_info->member_srl; $module_srl = $obj->module_srl; - if(!$module_srl) return new Object(); - // Pass if it is your file - if($member_srl && abs($obj->member_srl) == $member_srl) return new Object(); - - $oModuleModel = getModel('module'); - $config = $oModuleModel->getModuleConfig('point'); - $module_config = $oModuleModel->getModulePartConfig('point', $module_srl); - if (isset($module_config['download_file'])) + if ($member_srl && abs($obj->member_srl) == $member_srl) { - $point = intval($module_config['download_file']); - } - else - { - $point = intval($config->download_file); + return new Object(); } - // If the user is not logged in and download requires points, deny access. - if(!Context::get('is_logged')) + $point = $this->_getModulePointConfig($module_srl, 'download_file'); + if (!$point) { - if($config->disable_download == 'Y' && $point) - { - return new Object(-1,'msg_not_permitted_download'); - } - else - { - return new Object(); - } + return new Object(); } - // Get the points of the member - $oPointModel = getModel('point'); - $cur_point = $oPointModel->getPoint($member_srl, true); + // Get current points. + $cur_point = $member_srl ? getModel('point')->getPoint($member_srl, true) : 0; - // If the member does not have enough points, deny access. + // If the user (member or guest) does not have enough points, deny access. + $config = getModel('module')->getModuleConfig('point'); if ($config->disable_download == 'Y' && $cur_point + $point < 0) { - return new Object(-1,'msg_cannot_download'); + return new Object(-1, 'msg_cannot_download'); } - // Otherwise, points will be adjusted after downloading (triggerDownloadFile). + // Points will be adjusted after downloading (triggerDownloadFile). return new Object(); } /** * @brief The trigger to give or take points for downloading the file */ - function triggerDownloadFile(&$obj) + public function triggerDownloadFile($obj) { - // Run only when logged in $logged_info = Context::get('logged_info'); - if(!$logged_info->member_srl) return new Object(); - $module_srl = $obj->module_srl; $member_srl = $logged_info->member_srl; - if(!$module_srl) return new Object(); + $module_srl = $obj->module_srl; - // Pass if it is your file - if($member_srl && abs($obj->member_srl) == $member_srl) return new Object(); - - // Get the point module information - $oModuleModel = getModel('module'); - $config = $oModuleModel->getModuleConfig('point'); - $module_config = $oModuleModel->getModulePartConfig('point', $module_srl); - if (isset($module_config['download_file'])) + if (!$member_srl || abs($obj->member_srl) == $member_srl) { - $point = intval($module_config['download_file']); - } - else - { - $point = intval($config->download_file); + return new Object(); } - // Get the points of the member - $oPointModel = getModel('point'); - $cur_point = $oPointModel->getPoint($member_srl, true); - - // Increase or decrease points. - if ($point) + $point = $this->_getModulePointConfig($module_srl, 'download_file'); + if (!$point) { - $this->setPoint($member_srl, $cur_point += $point); + return new Object(); } - + + $cur_point = getModel('point')->getPoint($member_srl, true); + $this->setPoint($member_srl, $cur_point + $point); + return new Object(); } @@ -447,67 +414,70 @@ class pointController extends point * @brief Give points for hits increase * Run it even if there are no points */ - function triggerUpdateReadedCount(&$obj) + public function triggerUpdateReadedCount($obj) { - $oModuleModel = getModel('module'); - $oPointModel = getModel('point'); - // Get visitor information $logged_info = Context::get('logged_info'); $member_srl = $logged_info->member_srl; - // Get the original author number + $module_srl = $obj->get('module_srl'); $target_member_srl = abs($obj->get('member_srl')); - // Pass without increasing the hits if the viewer is the same as the author - if($target_member_srl == $member_srl) return new Object(); - // Get the point information for each module - $config = $oModuleModel->getModuleConfig('point'); - $module_config = $oModuleModel->getModulePartConfig('point', $obj->get('module_srl')); - // Get hits points - $point = $module_config['read_document']; - if(strlen($point) == 0 && !is_int($point)) $point = $config->read_document; - // Pass if there are no requested points - if(!$point) return new Object(); - // In case of a registered member, if it is read but cannot just pass, then get the current points - $args = new stdClass(); - if($member_srl) + if ($member_srl && $target_member_srl == $member_srl) { + return new Object(); + } + + $point = $this->_getModulePointConfig($module_srl, 'read_document'); + if (!$point) + { + return new Object(); + } + + // If the current member has already read this document, do not adjust points again. + if ($member_srl) + { + $args = new stdClass(); $args->member_srl = $member_srl; $args->document_srl = $obj->document_srl; $output = executeQuery('document.getDocumentReadedLogInfo', $args); - if($output->data->count) return new Object(); - $cur_point = $oPointModel->getPoint($member_srl, true); + if ($output->data->count) + { + return new Object(); + } } - else - { - $cur_point = 0; - } - // Get the defaul configurations of the Point Module - $config = $oModuleModel->getModuleConfig('point'); - // When the requested points are negative, compared it with the current point - $_SESSION['banned_document'][$obj->document_srl] = false; - if($config->disable_read_document == 'Y' && $point < 0 && abs($point)>$cur_point) + + // Get current points. + $cur_point = $member_srl ? getModel('point')->getPoint($member_srl, true) : 0; + + // If the user (member or guest) does not have enough points, deny access. + $config = getModel('module')->getModuleConfig('point'); + if($config->disable_read_document == 'Y' && $cur_point + $point < 0) { $message = sprintf(lang('msg_disallow_by_point'), abs($point), $cur_point); $obj->add('content', $message); $_SESSION['banned_document'][$obj->document_srl] = true; return new Object(-1, $message); } - // If not logged in, pass - if(!$logged_info->member_srl) return new Object(); - // Pass, if there are no requested points - if(!$point) return new Object(); - // If the read record is missing, leave it - $output = executeQuery('document.insertDocumentReadedLog', $args); - // Increase the point - $cur_point += $point; - $this->setPoint($member_srl,$cur_point); - + else + { + $_SESSION['banned_document'][$obj->document_srl] = false; + } + + // Adjust points for member. + if ($member_srl) + { + $args = new stdClass(); + $args->member_srl = $member_srl; + $args->document_srl = $obj->document_srl; + $output = executeQuery('document.insertDocumentReadedLog', $args); + $this->setPoint($member_srl, $cur_point + $point); + } + return new Object(); } /** * @brief Points for voting up or down */ - function triggerUpdateVotedCount(&$obj) + public function triggerUpdateVotedCount($obj) { $module_srl = $obj->module_srl; $member_srl = $obj->member_srl; @@ -567,10 +537,28 @@ class pointController extends point return new Object(); } + /** + * @brief Copy point settings when copying module + */ + public function triggerCopyModule($obj) + { + $oModuleModel = getModel('module'); + $pointConfig = $oModuleModel->getModulePartConfig('point', $obj->originModuleSrl); + + $oModuleController = getController('module'); + if(is_array($obj->moduleSrlList)) + { + foreach($obj->moduleSrlList AS $key=>$moduleSrl) + { + $oModuleController->insertModulePartConfig('point', $moduleSrl, $pointConfig); + } + } + } + /** * @brief Set points */ - function setPoint($member_srl, $point, $mode = null) + public function setPoint($member_srl, $point, $mode = null) { $member_srl = abs($member_srl); $mode_arr = array('add', 'minus', 'update', 'signup'); @@ -737,20 +725,36 @@ class pointController extends point return $output; } - - function triggerCopyModule(&$obj) + + /** + * Get point configuration for module, falling back to defaults if not set. + * + * @param int $module_srl + * @param string $config_key + * @return int + */ + protected function _getModulePointConfig($module_srl, $config_key) { - $oModuleModel = getModel('module'); - $pointConfig = $oModuleModel->getModulePartConfig('point', $obj->originModuleSrl); - - $oModuleController = getController('module'); - if(is_array($obj->moduleSrlList)) + $module_srl = intval($module_srl); + $config_key = strval($config_key); + if (!$module_srl || !$config_key) { - foreach($obj->moduleSrlList AS $key=>$moduleSrl) - { - $oModuleController->insertModulePartConfig('point', $moduleSrl, $pointConfig); - } + return 0; } + + $oModuleModel = getModel('module'); + $module_config = $oModuleModel->getModulePartConfig('point', $module_srl); + if (isset($module_config[$config_key]) && $module_config[$config_key] !== '') + { + $point = $module_config[$config_key]; + } + else + { + $default_config = $oModuleModel->getModuleConfig('point'); + $point = $default_config->{$config_key}; + } + + return intval($point); } } /* End of file point.controller.php */ From d4ccf4222d9f71cf635aa789ee8711f7fae305ef Mon Sep 17 00:00:00 2001 From: Kijin Sung Date: Thu, 2 Mar 2017 14:15:04 +0900 Subject: [PATCH 09/35] Refactor triggerUpdateVotedCount() --- modules/point/point.controller.php | 74 ++++++++++++------------------ 1 file changed, 29 insertions(+), 45 deletions(-) diff --git a/modules/point/point.controller.php b/modules/point/point.controller.php index 5de7dc2e3..2a6bad7b2 100644 --- a/modules/point/point.controller.php +++ b/modules/point/point.controller.php @@ -479,61 +479,45 @@ class pointController extends point */ public function triggerUpdateVotedCount($obj) { + $logged_info = Context::get('logged_info'); + $logged_member_srl = $logged_info->member_srl; $module_srl = $obj->module_srl; - $member_srl = $obj->member_srl; - if(!$module_srl || !$member_srl) return new Object(); - - $oModuleModel = getModel('module'); - $config = $oModuleModel->getModuleConfig('point'); - $module_config = $oModuleModel->getModulePartConfig('point', $module_srl); - - $oPointModel = getModel('point'); - $cur_point = $oPointModel->getPoint($member_srl, true); - - if( $obj->point > 0 ) + $member_srl = abs($obj->member_srl); + if ($logged_member_srl && $logged_member_srl == $member_srl) { - if($obj->comment_srl) - { - $point = $module_config['voted_comment']; - if(strlen($point) == 0 && !is_int($point)) $point = $config->voted_comment; - } - else - { - $point = $module_config['voted']; - if(strlen($point) == 0 && !is_int($point)) $point = $config->voted; - } + return new Object(); + } + elseif (!$member_srl) + { + return new Object(); + } + + // Get current points. + $cur_point = getModel('point')->getPoint($member_srl, true); + + // Get adjustment amount. + if ($obj->point > 0) + { + $config_key = (isset($obj->comment_srl) && $obj->comment_srl) ? 'voted_comment' : 'voted'; } else { - if($obj->comment_srl) - { - $point = $module_config['blamed_comment']; - if(strlen($point) == 0 && !is_int($point)) $point = $config->blamed_comment; - } - else - { - $point = $module_config['blamed']; - if(strlen($point) == 0 && !is_int($point)) $point = $config->blamed; - } + $config_key = (isset($obj->comment_srl) && $obj->comment_srl) ? 'blamed_comment' : 'blamed'; } - - - if(!$point) return new Object(); - // Increase the point - if($obj->cancel > 0) + + $point = $this->_getModulePointConfig($module_srl, $config_key); + if (!$point) { - $cur_point -= $point; + return new Object(); } - else if($obj->cancel == null) + + if (isset($obj->cancel) && $obj->cancel) { - $cur_point += $point; + $point = -1 * $point; } - else - { - $cur_point += $point; - } - $this->setPoint($member_srl,$cur_point); - + + $this->setPoint($member_srl, $cur_point + $point); + return new Object(); } From d4136f9081a4b3105ec066a1dc248ce047b8bca1 Mon Sep 17 00:00:00 2001 From: Kijin Sung Date: Thu, 2 Mar 2017 14:57:43 +0900 Subject: [PATCH 10/35] Refactor triggerInsertMember() and triggerAfterLogin() --- modules/point/point.controller.php | 82 ++++++++++++++++++------------ 1 file changed, 49 insertions(+), 33 deletions(-) diff --git a/modules/point/point.controller.php b/modules/point/point.controller.php index 2a6bad7b2..03d8817cb 100644 --- a/modules/point/point.controller.php +++ b/modules/point/point.controller.php @@ -19,20 +19,22 @@ class pointController extends point */ public function triggerInsertMember($obj) { - // Get the point module information - $oModuleModel = getModel('module'); - $config = $oModuleModel->getModuleConfig('point'); - // Get the member_srl of the newly registered member $member_srl = $obj->member_srl; - // Get the points of the member - $oPointModel = getModel('point'); - $cur_point = $oPointModel->getPoint($member_srl, true); - - $point = $config->signup_point; - // Increase the point - $cur_point += $point; - $this->setPoint($member_srl,$cur_point, 'signup'); - + if (!$member_srl) + { + return new Object(); + } + + $config = getModel('module')->getModuleConfig('point'); + $point = intval($config->signup_point); + if (!$point) + { + return new Object(); + } + + $cur_point = getModel('point')->getPoint($member_srl, true); + $this->setPoint($member_srl, $cur_point + $point, 'signup'); + return new Object(); } @@ -42,21 +44,27 @@ class pointController extends point public function triggerAfterLogin($obj) { $member_srl = $obj->member_srl; - if(!$member_srl) return new Object(); - // If the last login is not today, give the points - if(substr($obj->last_login,0,8)==date("Ymd")) return new Object(); - // Get the point module information - $oModuleModel = getModel('module'); - $config = $oModuleModel->getModuleConfig('point'); - // Get the points of the member - $oPointModel = getModel('point'); - $cur_point = $oPointModel->getPoint($member_srl, true); - - $point = $config->login_point; - // Increase the point - $cur_point += $point; - $this->setPoint($member_srl,$cur_point); - + if (!$member_srl) + { + return new Object(); + } + + // Points are given only once a day. + if (substr($obj->last_login, 0, 8) === date('Ymd')) + { + return new Object(); + } + + $config = getModel('module')->getModuleConfig('point'); + $point = intval($config->login_point); + if (!$point) + { + return new Object(); + } + + $cur_point = getModel('point')->getPoint($member_srl, true); + $this->setPoint($member_srl, $cur_point + $point); + return new Object(); } @@ -65,10 +73,9 @@ class pointController extends point */ public function triggerDeleteGroup($obj) { - // Get the point module config - $config = getModel('module')->getModuleConfig('point'); - // Get the group_srl of the deleted group $group_srl = $obj->group_srl; + $config = getModel('module')->getModuleConfig('point'); + // Exclude deleted group from point/level/group integration if($config->point_group && isset($config->point_group[$group_srl])) { @@ -721,13 +728,22 @@ class pointController extends point { $module_srl = intval($module_srl); $config_key = strval($config_key); - if (!$module_srl || !$config_key) + if (!$config_key) { return 0; } $oModuleModel = getModel('module'); - $module_config = $oModuleModel->getModulePartConfig('point', $module_srl); + + if ($module_srl) + { + $module_config = $oModuleModel->getModulePartConfig('point', $module_srl); + } + else + { + $module_config = null; + } + if (isset($module_config[$config_key]) && $module_config[$config_key] !== '') { $point = $module_config[$config_key]; From 0b71f425ed21ded72f84176b805241cc583a937c Mon Sep 17 00:00:00 2001 From: Kijin Sung Date: Thu, 2 Mar 2017 15:03:45 +0900 Subject: [PATCH 11/35] Cache module config in point triggers --- modules/point/point.class.php | 17 +++++++++++++++++ modules/point/point.controller.php | 25 +++++++++++++++++-------- 2 files changed, 34 insertions(+), 8 deletions(-) diff --git a/modules/point/point.class.php b/modules/point/point.class.php index 305e6a094..1d2e9eb0a 100644 --- a/modules/point/point.class.php +++ b/modules/point/point.class.php @@ -7,6 +7,23 @@ */ class point extends ModuleObject { + /** + * @brief Configuration cache + */ + protected static $_config = null; + + /** + * @brief Shortcut to getting module configuration + */ + public function getConfig() + { + if (self::$_config === null) + { + self::$_config = getModel('module')->getModuleConfig('point'); + } + return self::$_config; + } + /** * @brief Additional tasks required to accomplish during the installation */ diff --git a/modules/point/point.controller.php b/modules/point/point.controller.php index 03d8817cb..1ba9b3cc1 100644 --- a/modules/point/point.controller.php +++ b/modules/point/point.controller.php @@ -7,6 +7,11 @@ */ class pointController extends point { + /** + * @brief Cache module point config + */ + protected static $_module_point_config = array(); + /** * @brief Initialization */ @@ -25,7 +30,7 @@ class pointController extends point return new Object(); } - $config = getModel('module')->getModuleConfig('point'); + $config = $this->getConfig(); $point = intval($config->signup_point); if (!$point) { @@ -55,7 +60,7 @@ class pointController extends point return new Object(); } - $config = getModel('module')->getModuleConfig('point'); + $config = $this->getConfig(); $point = intval($config->login_point); if (!$point) { @@ -74,7 +79,7 @@ class pointController extends point public function triggerDeleteGroup($obj) { $group_srl = $obj->group_srl; - $config = getModel('module')->getModuleConfig('point'); + $config = $this->getConfig(); // Exclude deleted group from point/level/group integration if($config->point_group && isset($config->point_group[$group_srl])) @@ -381,7 +386,7 @@ class pointController extends point $cur_point = $member_srl ? getModel('point')->getPoint($member_srl, true) : 0; // If the user (member or guest) does not have enough points, deny access. - $config = getModel('module')->getModuleConfig('point'); + $config = $this->getConfig(); if ($config->disable_download == 'Y' && $cur_point + $point < 0) { return new Object(-1, 'msg_cannot_download'); @@ -455,7 +460,7 @@ class pointController extends point $cur_point = $member_srl ? getModel('point')->getPoint($member_srl, true) : 0; // If the user (member or guest) does not have enough points, deny access. - $config = getModel('module')->getModuleConfig('point'); + $config = $this->getConfig(); if($config->disable_read_document == 'Y' && $cur_point + $point < 0) { $message = sprintf(lang('msg_disallow_by_point'), abs($point), $cur_point); @@ -737,11 +742,15 @@ class pointController extends point if ($module_srl) { - $module_config = $oModuleModel->getModulePartConfig('point', $module_srl); + if (!isset(self::$_module_point_config[$module_srl])) + { + self::$_module_point_config[$module_srl] = $oModuleModel->getModulePartConfig('point', $module_srl); + } + $module_config = self::$_module_point_config[$module_srl]; } else { - $module_config = null; + $module_config = array(); } if (isset($module_config[$config_key]) && $module_config[$config_key] !== '') @@ -750,7 +759,7 @@ class pointController extends point } else { - $default_config = $oModuleModel->getModuleConfig('point'); + $default_config = $this->getConfig(); $point = $default_config->{$config_key}; } From 590b11aa23cb6bb0e151824c9a034be2dd1269d3 Mon Sep 17 00:00:00 2001 From: Kijin Sung Date: Thu, 2 Mar 2017 16:09:38 +0900 Subject: [PATCH 12/35] Refactor all remaining triggers in Point module --- modules/point/point.controller.php | 372 ++++++++++++++++------------- 1 file changed, 200 insertions(+), 172 deletions(-) diff --git a/modules/point/point.controller.php b/modules/point/point.controller.php index 1ba9b3cc1..7c5fbdcb0 100644 --- a/modules/point/point.controller.php +++ b/modules/point/point.controller.php @@ -96,33 +96,39 @@ class pointController extends point */ public function triggerInsertDocument($obj) { - $oDocumentModel = getModel('document'); - if($obj->status != $oDocumentModel->getConfigStatus('temp')) + $module_srl = $obj->module_srl; + $member_srl = abs($obj->member_srl); + if (!$module_srl || !$member_srl) { - $module_srl = $obj->module_srl; - $member_srl = $obj->member_srl; - if(!$module_srl || !$member_srl) return new Object(); - // The fix to disable giving points for saving the document temporarily - if($module_srl == $member_srl) return new Object(); - // Get the point module information - $oModuleModel = getModel('module'); - $config = $oModuleModel->getModuleConfig('point'); - $module_config = $oModuleModel->getModulePartConfig('point',$module_srl); - // Get the points of the member - $oPointModel = getModel('point'); - $cur_point = $oPointModel->getPoint($member_srl, true); - - $point = $module_config['insert_document']; - if(strlen($point) == 0 && !is_int($point)) $point = $config->insert_document; - $cur_point += $point; - // Add points for attaching a file - $point = $module_config['upload_file']; - if(strlen($point) == 0 && !is_int($point)) $point = $config->upload_file; - if($obj->uploaded_count) $cur_point += $point * $obj->uploaded_count; - // Increase the point - $this->setPoint($member_srl,$cur_point); + return new Object(); } + + // The fix to disable giving points for saving the document temporarily + if ($module_srl == $member_srl) + { + return new Object(); + } + if ($obj->status === getModel('document')->getConfigStatus('temp')) + { + return new Object(); + } + + // Get the points of the member + $cur_point = getModel('point')->getPoint($member_srl, true); + // Add points for the document. + $document_point = $this->_getModulePointConfig($module_srl, 'insert_document'); + $cur_point += $document_point; + + // Add points for attached files. + if ($obj->uploaded_count > 0) + { + $attached_files_point = $this->_getModulePointConfig($module_srl, 'upload_file'); + $cur_point += $attached_files_point * $obj->uploaded_count; + } + + // Increase the point. + $this->setPoint($member_srl, $cur_point); return new Object(); } @@ -133,32 +139,37 @@ class pointController extends point public function triggerUpdateDocument($obj) { $oDocumentModel = getModel('document'); - $document_srl = $obj->document_srl; - $oDocument = $oDocumentModel->getDocument($document_srl); - - // if status is TEMP or PUBLIC... give not point, only status is empty - if($oDocument->get('status') == $oDocumentModel->getConfigStatus('temp') && $obj->status != $oDocumentModel->getConfigStatus('temp')) + $oDocument = $oDocumentModel->getDocument($obj->document_srl); + + $module_srl = $oDocument->get('module_srl'); + $member_srl = abs($oDocument->get('member_srl')); + if (!$module_srl || !$member_srl) { - $oModuleModel = getModel('module'); - - // Get the point module information - $config = $oModuleModel->getModuleConfig('point'); - $module_config = $oModuleModel->getModulePartConfig('point',$obj->module_srl); - // Get the points of the member - $oPointModel = getModel('point'); - $cur_point = $oPointModel->getPoint($oDocument->get('member_srl'), true); - - $point = $module_config['insert_document']; - if(strlen($point) == 0 && !is_int($point)) $point = $config->insert_document; - $cur_point += $point; - // Add points for attaching a file - $point = $module_config['upload_file']; - if(strlen($point) == 0 && !is_int($point)) $point = $config->upload_file; - if($obj->uploaded_count) $cur_point += $point * $obj->uploaded_count; - // Increase the point - $this->setPoint($oDocument->get('member_srl'), $cur_point); + return new Object(); + } + + // Only give points if the document is being updated from TEMP to another status such as PUBLIC. + if ($obj->status === $oDocumentModel->getConfigStatus('temp') || $oDocument->get('status') !== $oDocumentModel->getConfigStatus('temp')) + { + return new Object(); } + // Get the points of the member + $cur_point = getModel('point')->getPoint($member_srl, true); + + // Add points for the document. + $document_point = $this->_getModulePointConfig($module_srl, 'insert_document'); + $cur_point += $document_point; + + // Add points for attached files. + if ($obj->uploaded_count > 0) + { + $attached_files_point = $this->_getModulePointConfig($module_srl, 'upload_file'); + $cur_point += $attached_files_point * $obj->uploaded_count; + } + + // Increase the point. + $this->setPoint($member_srl, $cur_point); return new Object(); } @@ -168,48 +179,57 @@ class pointController extends point public function triggerBeforeDeleteDocument($obj) { $document_srl = $obj->document_srl; - $member_srl = $obj->member_srl; - - $oDocumentModel = getModel('document'); - $oDocument = $oDocumentModel->getDocument($document_srl); - if(!$oDocument->isExists()) return new Object(); - // Get the point module information - $oModuleModel = getModel('module'); - $config = $oModuleModel->getModuleConfig('point'); - $module_config = $oModuleModel->getModulePartConfig('point',$oDocument->get('module_srl')); - // The process related to clearing the post comments - $comment_point = $module_config['insert_comment']; - if(strlen($comment_point) == 0 && !is_int($comment_point)) $comment_point = $config->insert_comment; - // If there are comment points, attempt to deduct - if($comment_point>0) return new Object(); - // Get all the comments related to this post + $oDocument = getModel('document')->getDocument($document_srl); + if (!$oDocument->isExists()) + { + return new Object(); + } + if (!$oDocument->get('comment_count')) + { + return new Object(); + } + + $comment_point = $this->_getModulePointConfig($module_srl, 'insert_comment'); + if (!$comment_point) + { + return new Object(); + } + + // Find out which members wrote how many comments on this document. $cp_args = new stdClass(); $cp_args->document_srl = $document_srl; $output = executeQueryArray('point.getCommentUsers', $cp_args); - // Return if there is no object - if(!$output->data) return new Object(); - // Organize the member number - $member_srls = array(); - $cnt = count($output->data); - for($i=0;$i<$cnt;$i++) + if (!$output->data) { - if($output->data[$i]->member_srl<1) continue; - $member_srls[abs($output->data[$i]->member_srl)] = $output->data[$i]->count; + return new Object(); } - // Remove the member number who has written the original post - if($member_srl) unset($member_srls[abs($member_srl)]); - if(!count($member_srls)) return new Object(); - // Remove all the points for each member + + $member_srls = array(); + foreach ($output->data as $data) + { + if ($data->member_srl && abs($data->member_srl) != abs($oDocument->get('member_srl'))) + { + if (!isset($member_srls[abs($data->member_srl)])) + { + $member_srls[abs($data->member_srl)] = 0; + } + $member_srls[abs($data->member_srl)] += $data->count; + } + } + if (!count($member_srls)) + { + return new Object(); + } + + // Remove points from each member. $oPointModel = getModel('point'); - // Get the points - $point = $module_config['download_file']; - foreach($member_srls as $member_srl => $cnt) + foreach ($member_srls as $member_srl => $count) { $cur_point = $oPointModel->getPoint($member_srl, true); - $cur_point -= $cnt * $comment_point; - $this->setPoint($member_srl,$cur_point); + $cur_point -= $count * $comment_point; + $this->setPoint($member_srl, $cur_point); } - + return new Object(); } @@ -218,38 +238,45 @@ class pointController extends point */ public function triggerDeleteDocument($obj) { - $oDocumentModel = getModel('document'); - - if($obj->status != $oDocumentModel->getConfigStatus('temp')) + $module_srl = $obj->module_srl; + $member_srl = abs($obj->member_srl); + if (!$module_srl || !$member_srl) { - $module_srl = $obj->module_srl; - $member_srl = $obj->member_srl; - // The process related to clearing the post object - if(!$module_srl || !$member_srl) return new Object(); - // Run only when logged in - $logged_info = Context::get('logged_info'); - if(!$logged_info->member_srl) return new Object(); - // Get the points of the member - $oPointModel = getModel('point'); - $cur_point = $oPointModel->getPoint($member_srl, true); - // Get the point module information - $oModuleModel = getModel('module'); - $config = $oModuleModel->getModuleConfig('point'); - $module_config = $oModuleModel->getModulePartConfig('point', $module_srl); - - $point = $module_config['insert_document']; - if(strlen($point) == 0 && !is_int($point)) $point = $config->insert_document; - // if the point is set to decrease when writing a document, make sure it does not increase the points when deleting an article - if($point < 0) return new Object(); - $cur_point -= $point; - // Add points related to deleting an attachment - $point = $module_config['upload_file']; - if(strlen($point) == 0 && !is_int($point)) $point = $config->upload_file; - if($obj->uploaded_count) $cur_point -= $point * $obj->uploaded_count; - // Increase the point - $this->setPoint($member_srl,$cur_point); + return new Object(); } + + // The fix to disable giving points for saving the document temporarily + if ($module_srl == $member_srl) + { + return new Object(); + } + if ($obj->status === getModel('document')->getConfigStatus('temp')) + { + return new Object(); + } + + // Get the points of the member + $cur_point = getModel('point')->getPoint($member_srl, true); + // Subtract points for the document. + $document_point = $this->_getModulePointConfig($module_srl, 'insert_document'); + if ($document_point > 0) + { + $cur_point -= $document_point; + } + + // Subtract points for attached files. + if ($obj->uploaded_count > 0) + { + $attached_files_point = $this->_getModulePointConfig($module_srl, 'upload_file'); + if ($attached_files_point > 0) + { + $cur_point -= $attached_files_point * $obj->uploaded_count; + } + } + + // Increase the point. + $this->setPoint($member_srl, $cur_point); return new Object(); } @@ -259,35 +286,35 @@ class pointController extends point public function triggerInsertComment($obj) { $module_srl = $obj->module_srl; - $member_srl = $obj->member_srl; - if(!$module_srl || !$member_srl) return new Object(); - // Do not increase the points if the member is the author of the post - $document_srl = $obj->document_srl; - $oDocumentModel = getModel('document'); - $oDocument = $oDocumentModel->getDocument($document_srl); - // Get the point module information - $oModuleModel = getModel('module'); - $config = $oModuleModel->getModuleConfig('point'); - if($config->no_point_date > 0) + $member_srl = abs($obj->member_srl); + if (!$module_srl || !$member_srl) { - if($oDocument->get('regdate') < date('YmdHis', strtotime('-'.$config->no_point_date.' day'))) - { - return new Object(); - } + return new Object(); } - if(!$oDocument->isExists() || abs($oDocument->get('member_srl'))==abs($member_srl)) return new Object(); - - $module_config = $oModuleModel->getModulePartConfig('point', $module_srl); + + // Abort if the comment and the document have the same author. + $oDocument = getModel('document')->getDocument($obj->document_srl); + if (!$oDocument->isExists() || abs($oDocument->get('member_srl')) == $member_srl) + { + return new Object(); + } + + // Abort if the document is older than a configured limit. + $config = $this->getConfig(); + if ($config->no_point_date > 0 && ztime($oDocument->get('regdate')) < time() - ($config->no_point_date * 86400)) + { + return new Object(); + } + // Get the points of the member - $oPointModel = getModel('point'); - $cur_point = $oPointModel->getPoint($member_srl, true); - - $point = $module_config['insert_comment']; - if(strlen($point) == 0 && !is_int($point)) $point = $config->insert_comment; - // Increase the point - $cur_point += $point; - $this->setPoint($member_srl,$cur_point); + $cur_point = getModel('point')->getPoint($member_srl, true); + // Add points for the comment. + $comment_point = $this->_getModulePointConfig($module_srl, 'insert_comment'); + $cur_point += $comment_point; + + // Increase the point. + $this->setPoint($member_srl, $cur_point); return new Object(); } @@ -296,32 +323,36 @@ class pointController extends point */ public function triggerDeleteComment($obj) { - $oModuleModel = getModel('module'); - $oPointModel = getModel('point'); - $oDocumentModel = getModel('document'); - $module_srl = $obj->module_srl; $member_srl = abs($obj->member_srl); - $document_srl = $obj->document_srl; - if(!$module_srl || !$member_srl) return new Object(); - // Get the original article (if the original article is missing or if the member is its author, do not apply the points) - $oDocument = $oDocumentModel->getDocument($document_srl); - if(!$oDocument->isExists()) return new Object(); - if($oDocument->get('member_srl')==$member_srl) return new Object(); - // Get the point module information - $config = $oModuleModel->getModuleConfig('point'); - $module_config = $oModuleModel->getModulePartConfig('point', $module_srl); + if (!$module_srl || !$member_srl) + { + return new Object(); + } + + // Abort if the comment and the document have the same author. + $oDocument = getModel('document')->getDocument($obj->document_srl); + if (!$oDocument->isExists() || abs($oDocument->get('member_srl')) == $member_srl) + { + return new Object(); + } + + // Abort if the document is older than a configured limit. + $config = $this->getConfig(); + if ($config->no_point_date > 0 && ztime($oDocument->get('regdate')) < ztime($obj->regdate) - ($config->no_point_date * 86400)) + { + return new Object(); + } + // Get the points of the member - $cur_point = $oPointModel->getPoint($member_srl, true); - - $point = $module_config['insert_comment']; - if(strlen($point) == 0 && !is_int($point)) $point = $config->insert_comment; - // if the point is set to decrease when writing a comment, make sure it does not increase the points when deleting a comment - if($point < 0) return new Object(); - // Increase the point - $cur_point -= $point; - $this->setPoint($member_srl,$cur_point); + $cur_point = getModel('point')->getPoint($member_srl, true); + // Add points for the comment. + $comment_point = $this->_getModulePointConfig($module_srl, 'insert_comment'); + $cur_point -= $comment_point; + + // Increase the point. + $this->setPoint($member_srl, $cur_point); return new Object(); } @@ -340,25 +371,22 @@ class pointController extends point */ public function triggerDeleteFile($obj) { - if($obj->isvalid != 'Y') return new Object(); - $module_srl = $obj->module_srl; - $member_srl = $obj->member_srl; - if(!$module_srl || !$member_srl) return new Object(); - // Get the point module information - $oModuleModel = getModel('module'); - $config = $oModuleModel->getModuleConfig('point'); - $module_config = $oModuleModel->getModulePartConfig('point', $module_srl); + $member_srl = abs($obj->member_srl); + if (!$module_srl || !$member_srl || $obj->isvalid !== 'Y') + { + return new Object(); + } + // Get the points of the member - $oPointModel = getModel('point'); - $cur_point = $oPointModel->getPoint($member_srl, true); - - $point = $module_config['upload_file']; - if(strlen($point) == 0 && !is_int($point)) $point = $config->upload_file; - // Increase the point - $cur_point -= $point; - $this->setPoint($member_srl,$cur_point); + $cur_point = getModel('point')->getPoint($member_srl, true); + // Subtract points for the file. + $file_point = $this->_getModulePointConfig($module_srl, 'upload_file'); + $cur_point -= $file_point; + + // Update the point. + $this->setPoint($member_srl, $cur_point); return new Object(); } From da2be81260ced6503e5e51d9dcf9990efa69ebba Mon Sep 17 00:00:00 2001 From: Kijin Sung Date: Thu, 2 Mar 2017 16:30:57 +0900 Subject: [PATCH 13/35] Add and subtract points for comment attachments --- modules/point/point.controller.php | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/modules/point/point.controller.php b/modules/point/point.controller.php index 7c5fbdcb0..c30285771 100644 --- a/modules/point/point.controller.php +++ b/modules/point/point.controller.php @@ -313,6 +313,13 @@ class pointController extends point $comment_point = $this->_getModulePointConfig($module_srl, 'insert_comment'); $cur_point += $comment_point; + // Add points for attached files. + if ($obj->uploaded_count > 0) + { + $attached_files_point = $this->_getModulePointConfig($module_srl, 'upload_file'); + $cur_point += $attached_files_point * $obj->uploaded_count; + } + // Increase the point. $this->setPoint($member_srl, $cur_point); return new Object(); @@ -351,6 +358,16 @@ class pointController extends point $comment_point = $this->_getModulePointConfig($module_srl, 'insert_comment'); $cur_point -= $comment_point; + // Subtract points for attached files. + if ($obj->uploaded_count > 0) + { + $attached_files_point = $this->_getModulePointConfig($module_srl, 'upload_file'); + if ($attached_files_point > 0) + { + $cur_point -= $attached_files_point * $obj->uploaded_count; + } + } + // Increase the point. $this->setPoint($member_srl, $cur_point); return new Object(); From 0d2db40e02eb17e8d0c027cfef72ab0f74483c3d Mon Sep 17 00:00:00 2001 From: Kijin Sung Date: Thu, 2 Mar 2017 16:35:35 +0900 Subject: [PATCH 14/35] Don't double-subtract points when deleting document or comment with attached files --- modules/point/point.controller.php | 20 -------------------- 1 file changed, 20 deletions(-) diff --git a/modules/point/point.controller.php b/modules/point/point.controller.php index c30285771..36a6aa657 100644 --- a/modules/point/point.controller.php +++ b/modules/point/point.controller.php @@ -265,16 +265,6 @@ class pointController extends point $cur_point -= $document_point; } - // Subtract points for attached files. - if ($obj->uploaded_count > 0) - { - $attached_files_point = $this->_getModulePointConfig($module_srl, 'upload_file'); - if ($attached_files_point > 0) - { - $cur_point -= $attached_files_point * $obj->uploaded_count; - } - } - // Increase the point. $this->setPoint($member_srl, $cur_point); return new Object(); @@ -358,16 +348,6 @@ class pointController extends point $comment_point = $this->_getModulePointConfig($module_srl, 'insert_comment'); $cur_point -= $comment_point; - // Subtract points for attached files. - if ($obj->uploaded_count > 0) - { - $attached_files_point = $this->_getModulePointConfig($module_srl, 'upload_file'); - if ($attached_files_point > 0) - { - $cur_point -= $attached_files_point * $obj->uploaded_count; - } - } - // Increase the point. $this->setPoint($member_srl, $cur_point); return new Object(); From 5b22b0399c6d2836404195d013a5754e5318d587 Mon Sep 17 00:00:00 2001 From: Kijin Sung Date: Thu, 2 Mar 2017 16:45:15 +0900 Subject: [PATCH 15/35] Fix double-deduction of comment points on document deletion --- modules/point/point.controller.php | 52 ------------------------------ 1 file changed, 52 deletions(-) diff --git a/modules/point/point.controller.php b/modules/point/point.controller.php index 36a6aa657..d0a3c5046 100644 --- a/modules/point/point.controller.php +++ b/modules/point/point.controller.php @@ -178,58 +178,6 @@ class pointController extends point */ public function triggerBeforeDeleteDocument($obj) { - $document_srl = $obj->document_srl; - $oDocument = getModel('document')->getDocument($document_srl); - if (!$oDocument->isExists()) - { - return new Object(); - } - if (!$oDocument->get('comment_count')) - { - return new Object(); - } - - $comment_point = $this->_getModulePointConfig($module_srl, 'insert_comment'); - if (!$comment_point) - { - return new Object(); - } - - // Find out which members wrote how many comments on this document. - $cp_args = new stdClass(); - $cp_args->document_srl = $document_srl; - $output = executeQueryArray('point.getCommentUsers', $cp_args); - if (!$output->data) - { - return new Object(); - } - - $member_srls = array(); - foreach ($output->data as $data) - { - if ($data->member_srl && abs($data->member_srl) != abs($oDocument->get('member_srl'))) - { - if (!isset($member_srls[abs($data->member_srl)])) - { - $member_srls[abs($data->member_srl)] = 0; - } - $member_srls[abs($data->member_srl)] += $data->count; - } - } - if (!count($member_srls)) - { - return new Object(); - } - - // Remove points from each member. - $oPointModel = getModel('point'); - foreach ($member_srls as $member_srl => $count) - { - $cur_point = $oPointModel->getPoint($member_srl, true); - $cur_point -= $count * $comment_point; - $this->setPoint($member_srl, $cur_point); - } - return new Object(); } From e370ba680f8d5e8a836c43cabbdcb7e425633e76 Mon Sep 17 00:00:00 2001 From: Kijin Sung Date: Thu, 2 Mar 2017 16:52:33 +0900 Subject: [PATCH 16/35] Improve shared caching and invalidation of member points --- modules/point/point.class.php | 10 ++++++++++ modules/point/point.controller.php | 12 ++++-------- modules/point/point.model.php | 31 ++++++++++++++++-------------- 3 files changed, 31 insertions(+), 22 deletions(-) diff --git a/modules/point/point.class.php b/modules/point/point.class.php index 1d2e9eb0a..cc17b6cbc 100644 --- a/modules/point/point.class.php +++ b/modules/point/point.class.php @@ -12,6 +12,16 @@ class point extends ModuleObject */ protected static $_config = null; + /** + * @brief Module configuration cache + */ + protected static $_module_config_cache = array(); + + /** + * @brief Member point cache + */ + protected static $_member_point_cache = array(); + /** * @brief Shortcut to getting module configuration */ diff --git a/modules/point/point.controller.php b/modules/point/point.controller.php index d0a3c5046..51f6cacdb 100644 --- a/modules/point/point.controller.php +++ b/modules/point/point.controller.php @@ -7,11 +7,6 @@ */ class pointController extends point { - /** - * @brief Cache module point config - */ - protected static $_module_point_config = array(); - /** * @brief Initialization */ @@ -691,6 +686,7 @@ class pointController extends point FileHandler::writeFile($cache_filename, $point); getController('member')->_clearMemberCache($member_srl); + unset(self::$_member_point_cache[$member_srl]); return $output; } @@ -715,11 +711,11 @@ class pointController extends point if ($module_srl) { - if (!isset(self::$_module_point_config[$module_srl])) + if (!isset(self::$_module_config_cache[$module_srl])) { - self::$_module_point_config[$module_srl] = $oModuleModel->getModulePartConfig('point', $module_srl); + self::$_module_config_cache[$module_srl] = $oModuleModel->getModulePartConfig('point', $module_srl); } - $module_config = self::$_module_point_config[$module_srl]; + $module_config = self::$_module_config_cache[$module_srl]; } else { diff --git a/modules/point/point.model.php b/modules/point/point.model.php index 28bfcfacd..ccbdaa48e 100644 --- a/modules/point/point.model.php +++ b/modules/point/point.model.php @@ -7,8 +7,6 @@ */ class pointModel extends point { - var $pointList = array(); - /** * @brief Initialization */ @@ -36,29 +34,34 @@ class pointModel extends point $member_srl = abs($member_srl); // Get from instance memory - if(!$from_db && $this->pointList[$member_srl]) return $this->pointList[$member_srl]; + if (!$from_db && isset(self::$_member_point_cache[$member_srl]) + { + return self::$_member_point_cache[$member_srl]; + } // Get from file cache - $path = sprintf(_XE_PATH_ . 'files/member_extra_info/point/%s',getNumberingPath($member_srl)); - $cache_filename = sprintf('%s%d.cache.txt', $path, $member_srl); - - if(!$from_db && file_exists($cache_filename)) - return $this->pointList[$member_srl] = trim(FileHandler::readFile($cache_filename)); + $cache_path = sprintf(_XE_PATH_ . 'files/member_extra_info/point/%s', getNumberingPath($member_srl)); + $cache_filename = sprintf('%s%d.cache.txt', $cache_path, $member_srl); + if (!$from_db && file_exists($cache_filename)) + { + return self::$_member_point_cache[$member_srl] = trim(FileHandler::readFile($cache_filename)); + } // Get from the DB $args = new stdClass; $args->member_srl = $member_srl; $output = executeQuery('point.getPoint', $args); - - if(isset($output->data->member_srl)) + if (isset($output->data->member_srl)) { - $point = (int)$output->data->point; - $this->pointList[$member_srl] = $point; - if(!is_dir($path)) FileHandler::makeDir($path); + $point = intval($output->data->point); + self::$_member_point_cache[$member_srl] = $point; FileHandler::writeFile($cache_filename, $point); return $point; } - return 0; + else + { + return 0; + } } /** From 33d36f7a51304caf6340af29c85ba148170d6953 Mon Sep 17 00:00:00 2001 From: Kijin Sung Date: Thu, 2 Mar 2017 16:56:19 +0900 Subject: [PATCH 17/35] General cleanup of point.model.php --- modules/point/point.model.php | 17 ++++++++++++----- 1 file changed, 12 insertions(+), 5 deletions(-) diff --git a/modules/point/point.model.php b/modules/point/point.model.php index ccbdaa48e..b39f8a076 100644 --- a/modules/point/point.model.php +++ b/modules/point/point.model.php @@ -34,7 +34,7 @@ class pointModel extends point $member_srl = abs($member_srl); // Get from instance memory - if (!$from_db && isset(self::$_member_point_cache[$member_srl]) + if (!$from_db && isset(self::$_member_point_cache[$member_srl])) { return self::$_member_point_cache[$member_srl]; } @@ -70,11 +70,19 @@ class pointModel extends point function getLevel($point, $level_step) { $level_count = count($level_step); - for($level=0;$level<=$level_count;$level++) if($point < $level_step[$level]) break; - $level --; - return $level; + for ($level = 0; $level <= $level_count; $level++) + { + if ($point < $level_step[$level]) + { + break; + } + } + return $level - 1; } + /** + * @deprecated + */ function getMembersPointInfo() { $member_srls = Context::get('member_srls'); @@ -114,7 +122,6 @@ class pointModel extends point $this->add('point_info',$info); } - /** * @brief Get a list of points members list */ From 9791808b87fc6ca112e793c846e95d0fd0a7359c Mon Sep 17 00:00:00 2001 From: Kijin Sung Date: Thu, 2 Mar 2017 17:13:27 +0900 Subject: [PATCH 18/35] General cleanup of trigger handling in point.class.php --- modules/point/point.class.php | 280 ++++++++++++++-------------------- 1 file changed, 113 insertions(+), 167 deletions(-) diff --git a/modules/point/point.class.php b/modules/point/point.class.php index cc17b6cbc..c53d835fa 100644 --- a/modules/point/point.class.php +++ b/modules/point/point.class.php @@ -8,20 +8,52 @@ class point extends ModuleObject { /** - * @brief Configuration cache + * Cache for the point module's own configuration. */ protected static $_config = null; /** - * @brief Module configuration cache + * Cache for other modules' point configuration. */ protected static $_module_config_cache = array(); /** - * @brief Member point cache + * Cache for member points. */ protected static $_member_point_cache = array(); + /** + * Triggers to insert. + */ + protected static $_insert_triggers = array( + array('member.insertMember', 'after', 'controller', 'triggerInsertMember'), + array('member.doLogin', 'after', 'controller', 'triggerAfterLogin'), + array('member.deleteGroup', 'after', 'controller', 'triggerDeleteGroup'), + array('document.insertDocument', 'after', 'controller', 'triggerInsertDocument'), + array('document.updateDocument', 'before', 'controller', 'triggerUpdateDocument'), + array('document.deleteDocument', 'after', 'controller', 'triggerDeleteDocument'), + array('comment.insertComment', 'after', 'controller', 'triggerInsertComment'), + array('comment.deleteComment', 'after', 'controller', 'triggerDeleteComment'), + array('file.deleteFile', 'after', 'controller', 'triggerDeleteFile'), + array('file.downloadFile', 'before', 'controller', 'triggerBeforeDownloadFile'), + array('file.downloadFile', 'after', 'controller', 'triggerDownloadFile'), + array('document.updateReadedCount', 'after', 'controller', 'triggerUpdateReadedCount'), + array('document.updateVotedCount', 'after', 'controller', 'triggerUpdateVotedCount'), + array('document.updateVotedCountCancel', 'after', 'controller', 'triggerUpdateVotedCount'), + array('comment.updateVotedCount', 'after', 'controller', 'triggerUpdateVotedCount'), + array('comment.updateVotedCountCancel', 'after', 'controller', 'triggerUpdateVotedCount'), + array('module.procModuleAdminCopyModule', 'after', 'controller', 'triggerCopyModule'), + array('module.dispAdditionSetup', 'after', 'view', 'triggerDispPointAdditionSetup'), + ); + + /** + * Triggers to delete. + */ + protected static $_delete_triggers = array( + array('document.deleteDocument', 'before', 'controller', 'triggerBeforeDeleteDocument'), + array('file.insertFile', 'after', 'controller', 'triggerInsertFile'), + ); + /** * @brief Shortcut to getting module configuration */ @@ -34,95 +66,96 @@ class point extends ModuleObject return self::$_config; } + /** + * Check triggers. + * + * @return bool + */ + public function checkTriggers() + { + $oModuleModel = getModel('module'); + foreach (self::$_insert_triggers as $trigger) + { + if (!$oModuleModel->getTrigger($trigger[0], $this->module, $trigger[2], $trigger[3], $trigger[1])) + { + return true; + } + } + foreach (self::$_delete_triggers as $trigger) + { + if ($oModuleModel->getTrigger($trigger[0], $this->module, $trigger[2], $trigger[3], $trigger[1])) + { + return true; + } + } + return false; + } + + /** + * Register triggers. + * + * @return object + */ + public function registerTriggers() + { + $oModuleModel = getModel('module'); + $oModuleController = getController('module'); + foreach (self::$_insert_triggers as $trigger) + { + if (!$oModuleModel->getTrigger($trigger[0], $this->module, $trigger[2], $trigger[3], $trigger[1])) + { + $oModuleController->insertTrigger($trigger[0], $this->module, $trigger[2], $trigger[3], $trigger[1]); + } + } + foreach (self::$_delete_triggers as $trigger) + { + if ($oModuleModel->getTrigger($trigger[0], $this->module, $trigger[2], $trigger[3], $trigger[1])) + { + $oModuleController->deleteTrigger($trigger[0], $this->module, $trigger[2], $trigger[3], $trigger[1]); + } + } + return new Object(0, 'success_updated'); + } + /** * @brief Additional tasks required to accomplish during the installation */ function moduleInstall() { - // Registration in action forward (for using in the administrator mode) - $oModuleController = getController('module'); - // Create a directory to store points information - FileHandler::makeDir('./files/member_extra_info/point'); - - $oModuleController = getController('module'); - // The highest level + // Define default configuration. $config = new stdClass; - // default, point module is OFF $config->able_module = 'N'; - $config->max_level = 30; - // Per-level score - for($i=1;$i<=30;$i++) - { - $config->level_step[$i] = pow($i,2)*90; - } - // Points for registration - $config->signup_point = 10; - // Login points - $config->login_point = 5; - // Point's name $config->point_name = 'point'; - // Level icon directory - $config->level_icon = "default"; - // Prevent downloads if there are no scores - $config->disable_download = false; - - /** - * Define the default points per module as well as all actions (as we do not know if it is forum or blogs, specify "act") - */ - // Insert document + $config->level_icon = 'default'; + $config->disable_read_document = 'N'; + $config->disable_download = 'N'; + $config->max_level = 30; + for ($i = 1; $i <= 30; $i++) + { + $config->level_step[$i] = pow($i, 2) * 90; + } + + // Define default points. + $config->signup_point = 10; + $config->login_point = 5; $config->insert_document = 10; - - $config->insert_document_act = 'procBoardInsertDocument'; - $config->delete_document_act = 'procBoardDeleteDocument'; - // Insert comment $config->insert_comment = 5; - - $config->insert_comment_act = 'procBoardInsertComment,procBlogInsertComment'; - $config->delete_comment_act = 'procBoardDeleteComment,procBlogDeleteComment'; - // Upload $config->upload_file = 5; - - $config->upload_file_act = 'procFileUpload'; - $config->delete_file_act = 'procFileDelete'; - // Download $config->download_file = -5; - $config->download_file_act = 'procFileDownload'; - // View $config->read_document = 0; - // Vote up / Vote down $config->voted = 0; $config->blamed = 0; - // Comment Vote up / Comment Vote down $config->voted_comment = 0; $config->blamed_comment = 0; - // Save configurations - $oModuleController->insertModuleConfig('point', $config); - // Cash act list for faster execution - $oPointController = getAdminController('point'); - $oPointController->cacheActList(); - // Add a trigger for registration/insert document/insert comment/upload a file/download - $oModuleController->insertTrigger('member.insertMember', 'point', 'controller', 'triggerInsertMember', 'after'); - $oModuleController->insertTrigger('document.insertDocument', 'point', 'controller', 'triggerInsertDocument', 'after'); - $oModuleController->insertTrigger('document.deleteDocument', 'point', 'controller', 'triggerBeforeDeleteDocument', 'before'); - $oModuleController->insertTrigger('document.deleteDocument', 'point', 'controller', 'triggerDeleteDocument', 'after'); - $oModuleController->insertTrigger('comment.insertComment', 'point', 'controller', 'triggerInsertComment', 'after'); - $oModuleController->insertTrigger('comment.deleteComment', 'point', 'controller', 'triggerDeleteComment', 'after'); - $oModuleController->insertTrigger('file.insertFile', 'point', 'controller', 'triggerInsertFile', 'after'); - $oModuleController->insertTrigger('file.deleteFile', 'point', 'controller', 'triggerDeleteFile', 'after'); - $oModuleController->insertTrigger('file.downloadFile', 'point', 'controller', 'triggerBeforeDownloadFile', 'before'); - $oModuleController->insertTrigger('file.downloadFile', 'point', 'controller', 'triggerDownloadFile', 'after'); - $oModuleController->insertTrigger('member.doLogin', 'point', 'controller', 'triggerAfterLogin', 'after'); - $oModuleController->insertTrigger('member.deleteGroup', 'point', 'controller', 'triggerDeleteGroup', 'after'); - $oModuleController->insertTrigger('module.dispAdditionSetup', 'point', 'view', 'triggerDispPointAdditionSetup', 'after'); - $oModuleController->insertTrigger('document.updateReadedCount', 'point', 'controller', 'triggerUpdateReadedCount', 'after'); - // Add a trigger for voting up and down 2008.05.13 haneul - $oModuleController->insertTrigger('document.updateVotedCount', 'point', 'controller', 'triggerUpdateVotedCount', 'after'); - // Add a trigger for using points for permanent saving of a temporarily saved document 2009.05.19 zero - $oModuleController->insertTrigger('document.updateDocument', 'point', 'controller', 'triggerUpdateDocument', 'before'); - // Add a trigger for comment voting up and down 2014.08.30 sejin7940 - $oModuleController->insertTrigger('comment.updateVotedCount', 'point', 'controller', 'triggerUpdateVotedCount', 'after'); - $oModuleController->insertTrigger('document.updateVotedCountCancel', 'point', 'controller', 'triggerUpdateVotedCount', 'after'); - return new Object(); + + // Save module config. + getController('module')->insertModuleConfig('point', $config); + + // Create a directory to store points information. + FileHandler::makeDir('./files/member_extra_info/point'); + + // Register triggers. + return $this->registerTriggers(); } /** @@ -130,41 +163,11 @@ class point extends ModuleObject */ function checkUpdate() { - // Get the information of the point module - $oModuleModel = getModel('module'); - - $config = $oModuleModel->getModuleConfig('point'); - // check if module is abled - if($config->able_module != 'N') + $config = $this->getConfig(); + if ($config->able_module === 'Y') { - // Add a trigger for registration/insert document/insert comment/upload a file/download - if(!$oModuleModel->getTrigger('member.insertMember', 'point', 'controller', 'triggerInsertMember', 'after')) return true; - if(!$oModuleModel->getTrigger('document.insertDocument', 'point', 'controller', 'triggerInsertDocument', 'after')) return true; - if(!$oModuleModel->getTrigger('document.deleteDocument', 'point', 'controller', 'triggerBeforeDeleteDocument', 'before')) return true; - if(!$oModuleModel->getTrigger('document.deleteDocument', 'point', 'controller', 'triggerDeleteDocument', 'after')) return true; - if(!$oModuleModel->getTrigger('comment.insertComment', 'point', 'controller', 'triggerInsertComment', 'after')) return true; - if(!$oModuleModel->getTrigger('comment.deleteComment', 'point', 'controller', 'triggerDeleteComment', 'after')) return true; - if(!$oModuleModel->getTrigger('file.insertFile', 'point', 'controller', 'triggerInsertFile', 'after')) return true; - if(!$oModuleModel->getTrigger('file.deleteFile', 'point', 'controller', 'triggerDeleteFile', 'after')) return true; - if(!$oModuleModel->getTrigger('file.downloadFile', 'point', 'controller', 'triggerBeforeDownloadFile', 'before')) return true; - if(!$oModuleModel->getTrigger('file.downloadFile', 'point', 'controller', 'triggerDownloadFile', 'after')) return true; - if(!$oModuleModel->getTrigger('member.doLogin', 'point', 'controller', 'triggerAfterLogin', 'after')) return true; - if(!$oModuleModel->getTrigger('member.deleteGroup', 'point', 'controller', 'triggerDeleteGroup', 'after')) return true; - if(!$oModuleModel->getTrigger('module.dispAdditionSetup', 'point', 'view', 'triggerDispPointAdditionSetup', 'after')) return true; - if(!$oModuleModel->getTrigger('document.updateReadedCount', 'point', 'controller', 'triggerUpdateReadedCount', 'after')) return true; - // Add a trigger for voting up and down 2008.05.13 haneul - if(!$oModuleModel->getTrigger('document.updateVotedCount', 'point', 'controller', 'triggerUpdateVotedCount', 'after')) return true; - // Add a trigger for using points for permanent saving of a temporarily saved document 2009.05.19 zero - if(!$oModuleModel->getTrigger('document.updateDocument', 'point', 'controller', 'triggerUpdateDocument', 'before')) return true; - - // 2012. 08. 29 Add a trigger to copy additional setting when the module is copied - if(!$oModuleModel->getTrigger('module.procModuleAdminCopyModule', 'point', 'controller', 'triggerCopyModule', 'after')) return true; - - // Add a trigger for comment voting up and down 2014.08.30 sejin7940 - if(!$oModuleModel->getTrigger('comment.updateVotedCount', 'point', 'controller', 'triggerUpdateVotedCount', 'after')) return true; - if(!$oModuleModel->getTrigger('document.updateVotedCountCancel', 'point', 'controller', 'triggerUpdateVotedCount', 'after')) return true; + return $this->checkTriggers(); } - return false; } /** @@ -172,62 +175,7 @@ class point extends ModuleObject */ function moduleUpdate() { - // Get the information of the point module - $oModuleModel = getModel('module'); - $oModuleController = getController('module'); - // Add a trigger for registration/insert document/insert comment/upload a file/download - if(!$oModuleModel->getTrigger('member.insertMember', 'point', 'controller', 'triggerInsertMember', 'after')) - $oModuleController->insertTrigger('member.insertMember', 'point', 'controller', 'triggerInsertMember', 'after'); - if(!$oModuleModel->getTrigger('document.insertDocument', 'point', 'controller', 'triggerInsertDocument', 'after')) - $oModuleController->insertTrigger('document.insertDocument', 'point', 'controller', 'triggerInsertDocument', 'after'); - if(!$oModuleModel->getTrigger('document.deleteDocument', 'point', 'controller', 'triggerBeforeDeleteDocument', 'before')) - $oModuleController->insertTrigger('document.deleteDocument', 'point', 'controller', 'triggerBeforeDeleteDocument', 'before'); - if(!$oModuleModel->getTrigger('document.deleteDocument', 'point', 'controller', 'triggerDeleteDocument', 'after')) - $oModuleController->insertTrigger('document.deleteDocument', 'point', 'controller', 'triggerDeleteDocument', 'after'); - if(!$oModuleModel->getTrigger('comment.insertComment', 'point', 'controller', 'triggerInsertComment', 'after')) - $oModuleController->insertTrigger('comment.insertComment', 'point', 'controller', 'triggerInsertComment', 'after'); - if(!$oModuleModel->getTrigger('comment.deleteComment', 'point', 'controller', 'triggerDeleteComment', 'after')) - $oModuleController->insertTrigger('comment.deleteComment', 'point', 'controller', 'triggerDeleteComment', 'after'); - if(!$oModuleModel->getTrigger('file.insertFile', 'point', 'controller', 'triggerInsertFile', 'after')) - $oModuleController->insertTrigger('file.insertFile', 'point', 'controller', 'triggerInsertFile', 'after'); - if(!$oModuleModel->getTrigger('file.deleteFile', 'point', 'controller', 'triggerDeleteFile', 'after')) - $oModuleController->insertTrigger('file.deleteFile', 'point', 'controller', 'triggerDeleteFile', 'after'); - if(!$oModuleModel->getTrigger('file.downloadFile', 'point', 'controller', 'triggerBeforeDownloadFile', 'before')) - $oModuleController->insertTrigger('file.downloadFile', 'point', 'controller', 'triggerBeforeDownloadFile', 'before'); - if(!$oModuleModel->getTrigger('file.downloadFile', 'point', 'controller', 'triggerDownloadFile', 'after')) - $oModuleController->insertTrigger('file.downloadFile', 'point', 'controller', 'triggerDownloadFile', 'after'); - if(!$oModuleModel->getTrigger('member.doLogin', 'point', 'controller', 'triggerAfterLogin', 'after')) - $oModuleController->insertTrigger('member.doLogin', 'point', 'controller', 'triggerAfterLogin', 'after'); - if(!$oModuleModel->getTrigger('member.deleteGroup', 'point', 'controller', 'triggerDeleteGroup', 'after')) - $oModuleController->insertTrigger('member.deleteGroup', 'point', 'controller', 'triggerDeleteGroup', 'after'); - if(!$oModuleModel->getTrigger('module.dispAdditionSetup', 'point', 'view', 'triggerDispPointAdditionSetup', 'after')) - $oModuleController->insertTrigger('module.dispAdditionSetup', 'point', 'view', 'triggerDispPointAdditionSetup', 'after'); - if(!$oModuleModel->getTrigger('document.updateReadedCount', 'point', 'controller', 'triggerUpdateReadedCount', 'after')) - $oModuleController->insertTrigger('document.updateReadedCount', 'point', 'controller', 'triggerUpdateReadedCount', 'after'); - // Add a trigger for voting up and down 2008.05.13 haneul - if(!$oModuleModel->getTrigger('document.updateVotedCount', 'point', 'controller', 'triggerUpdateVotedCount', 'after')) - $oModuleController->insertTrigger('document.updateVotedCount', 'point', 'controller', 'triggerUpdateVotedCount', 'after'); - if(!$oModuleModel->getTrigger('document.updateVotedCountCancel', 'point', 'controller', 'triggerUpdateVotedCount', 'after')) - $oModuleController->insertTrigger('document.updateVotedCountCancel', 'point', 'controller', 'triggerUpdateVotedCount', 'after'); - // Add a trigger for using points for permanent saving of a temporarily saved document 2009.05.19 zero - if(!$oModuleModel->getTrigger('document.updateDocument', 'point', 'controller', 'triggerUpdateDocument', 'before')) - $oModuleController->insertTrigger('document.updateDocument', 'point', 'controller', 'triggerUpdateDocument', 'before'); - // 2012. 08. 29 Add a trigger to copy additional setting when the module is copied - if(!$oModuleModel->getTrigger('module.procModuleAdminCopyModule', 'point', 'controller', 'triggerCopyModule', 'after')) - { - $oModuleController->insertTrigger('module.procModuleAdminCopyModule', 'point', 'controller', 'triggerCopyModule', 'after'); - } - // Add a trigger for comment voting up and down 2014.08.30 sejin7940 - if(!$oModuleModel->getTrigger('comment.updateVotedCount', 'point', 'controller', 'triggerUpdateVotedCount', 'after')) - { - $config = $oModuleModel->getModuleConfig('point'); - $config->voted_comment = 0; - $config->blamed_comment = 0; - $oModuleController->insertModuleConfig('point', $config); - $oModuleController->insertTrigger('comment.updateVotedCount', 'point', 'controller', 'triggerUpdateVotedCount', 'after'); - } - - return new Object(0, 'success_updated'); + return $this->registerTriggers(); } /** @@ -235,9 +183,7 @@ class point extends ModuleObject */ function recompileCache() { - // redefine point action file - $oPointAdminController = getAdminController('point'); - $oPointAdminController->cacheActList(); + } } /* End of file point.class.php */ From dafbfadc93e818f822502c7ffd9ec137be3fa218 Mon Sep 17 00:00:00 2001 From: Kijin Sung Date: Thu, 2 Mar 2017 17:47:50 +0900 Subject: [PATCH 19/35] Add option to keep existing group when point is reduced #610 --- modules/point/lang/en.php | 8 ++++++-- modules/point/lang/ko.php | 8 ++++++-- modules/point/point.admin.controller.php | 1 + modules/point/point.class.php | 2 ++ modules/point/point.controller.php | 18 +++++++++++++----- modules/point/tpl/config.html | 22 +++++++++++++++++----- 6 files changed, 45 insertions(+), 14 deletions(-) diff --git a/modules/point/lang/en.php b/modules/point/lang/en.php index cc2b61ecc..900a4a486 100644 --- a/modules/point/lang/en.php +++ b/modules/point/lang/en.php @@ -25,8 +25,12 @@ $lang->cmd_point_recal = 'Reset Point'; $lang->about_cmd_point_recal = 'All point will be initialized only with articles/comments/attachments/join points. Only members who do website activities will get signup points after reset. Please use this function when complete initialization is required in case of data transferring or other situations.'; $lang->default_group = 'Default Group'; $lang->point_link_group = 'Group Change by Level'; -$lang->point_group_reset_and_add = 'Reset adjusted groups and add new groups'; -$lang->point_group_add_only = 'Only to new groups'; +$lang->point_group_reset_type = 'Change Type'; +$lang->point_group_reset_and_add = 'Remove from other groups and add new group'; +$lang->point_group_add_only = 'Keep other groups and add new group'; +$lang->point_group_ratchet = 'Change on Point Reduction'; +$lang->point_group_ratchet_yes = 'Maintain current group if point is reduced'; +$lang->point_group_ratchet_no = 'Move to lower group if point is reduced'; $lang->about_point_link_group = 'If you specify level for a specific group, users are assigned into the group when they advance to the level by getting points.'; $lang->about_module_point = 'You can set point for each module, and modules which don\'t have any value will use the default point. All points will be restored on acting reverse.'; $lang->point_signup = 'Sign up'; diff --git a/modules/point/lang/ko.php b/modules/point/lang/ko.php index a64c2163f..4b26c5b77 100644 --- a/modules/point/lang/ko.php +++ b/modules/point/lang/ko.php @@ -25,8 +25,12 @@ $lang->cmd_point_recal = '포인트 초기화'; $lang->about_cmd_point_recal = '게시글/댓글/첨부파일/회원가입 점수만 이용하여 모든 포인트 점수를 초기화합니다. 회원 가입 점수는 초기화 후 해당 회원이 활동을 하면 부여되고 그 전에는 부여되지 않습니다. 데이터 이전 등을 하여 포인트를 완전히 초기화해야 할 경우에만 사용하세요.'; $lang->default_group = '기본 그룹'; $lang->point_link_group = '그룹 연동'; -$lang->point_group_reset_and_add = '설정된 그룹 초기화 후 새 그룹 부여'; -$lang->point_group_add_only = '새 그룹만 부여'; +$lang->point_group_reset_type = '그룹 연동 방식'; +$lang->point_group_reset_and_add = '예전 그룹을 제거하고 새 그룹을 추가'; +$lang->point_group_add_only = '예전 그룹을 유지하며 새 그룹을 추가'; +$lang->point_group_ratchet = '포인트 감소 처리 방식'; +$lang->point_group_ratchet_yes = '포인트가 감소하더라도 기존 그룹을 유지'; +$lang->point_group_ratchet_no = '포인트가 감소하면 하위 그룹으로 이동'; $lang->about_point_link_group = '그룹에 원하는 레벨을 지정하면, 회원의 포인트가 해당 레벨의 포인트에 도달할 때 그룹이 변경됩니다.'; $lang->about_module_point = '모듈별 포인트를 지정할 수 있으며 지정되지 않은 모듈은 기본 포인트를 이용합니다. 모든 점수는 반대 행동을 하였을 경우 원상복구 됩니다.'; $lang->point_signup = '가입'; diff --git a/modules/point/point.admin.controller.php b/modules/point/point.admin.controller.php index 59f5c825f..73fd1c6af 100644 --- a/modules/point/point.admin.controller.php +++ b/modules/point/point.admin.controller.php @@ -99,6 +99,7 @@ class pointAdminController extends point } $config->group_reset = $args->group_reset; + $config->group_ratchet = $args->group_ratchet; // Per-level point configurations unset($config->level_step); for($i=1;$i<=$config->max_level;$i++) diff --git a/modules/point/point.class.php b/modules/point/point.class.php index c53d835fa..4c2570b45 100644 --- a/modules/point/point.class.php +++ b/modules/point/point.class.php @@ -129,6 +129,8 @@ class point extends ModuleObject $config->level_icon = 'default'; $config->disable_read_document = 'N'; $config->disable_download = 'N'; + $config->group_reset = 'Y'; + $config->group_ratchet = 'N'; $config->max_level = 30; for ($i = 1; $i <= 30; $i++) { diff --git a/modules/point/point.controller.php b/modules/point/point.controller.php index 51f6cacdb..84597c076 100644 --- a/modules/point/point.controller.php +++ b/modules/point/point.controller.php @@ -585,7 +585,18 @@ class pointController extends point $level = $oPointModel->getLevel($point, $config->level_step); // If existing level and a new one are different attempt to set a point group - if($level != $current_level) + $new_group_list = array(); + $del_group_list = array(); + if ($config->group_ratchet === 'Y') + { + $change_group = ($level > $current_level); + } + else + { + $change_group = ($level != $current_level); + } + + if ($change_group) { // Check if the level, for which the current points are prepared, is calculate and set the correct group $point_group = $config->point_group; @@ -594,11 +605,8 @@ class pointController extends point { // Get the default group $default_group = $oMemberModel->getDefaultGroup(); - // Get the removed group and the newly granted group - $del_group_list = array(); - $new_group_list = array(); - asort($point_group); + // Reset group after initialization if($config->group_reset != 'N') { diff --git a/modules/point/tpl/config.html b/modules/point/tpl/config.html index 5d6720d87..3c831e9d4 100644 --- a/modules/point/tpl/config.html +++ b/modules/point/tpl/config.html @@ -105,11 +105,23 @@

{$lang->point_link_group}

-
-

{$lang->about_point_link_group}

-
- - +

{$lang->about_point_link_group}

+
+ +
+ +
+
+
+ +
+
From 87648f49d40bf25ab4fd529b2163afc2d5487e1e Mon Sep 17 00:00:00 2001 From: Kijin Sung Date: Thu, 2 Mar 2017 18:03:14 +0900 Subject: [PATCH 20/35] Fix point for attached files when updating document --- modules/point/point.class.php | 1 + modules/point/point.controller.php | 15 +++++++++++++++ 2 files changed, 16 insertions(+) diff --git a/modules/point/point.class.php b/modules/point/point.class.php index 4c2570b45..45f36e9fa 100644 --- a/modules/point/point.class.php +++ b/modules/point/point.class.php @@ -33,6 +33,7 @@ class point extends ModuleObject array('document.updateDocument', 'before', 'controller', 'triggerUpdateDocument'), array('document.deleteDocument', 'after', 'controller', 'triggerDeleteDocument'), array('comment.insertComment', 'after', 'controller', 'triggerInsertComment'), + array('comment.updateComment', 'after', 'controller', 'triggerUpdateComment'), array('comment.deleteComment', 'after', 'controller', 'triggerDeleteComment'), array('file.deleteFile', 'after', 'controller', 'triggerDeleteFile'), array('file.downloadFile', 'before', 'controller', 'triggerBeforeDownloadFile'), diff --git a/modules/point/point.controller.php b/modules/point/point.controller.php index 84597c076..78dbb81a0 100644 --- a/modules/point/point.controller.php +++ b/modules/point/point.controller.php @@ -146,6 +146,13 @@ class pointController extends point // Only give points if the document is being updated from TEMP to another status such as PUBLIC. if ($obj->status === $oDocumentModel->getConfigStatus('temp') || $oDocument->get('status') !== $oDocumentModel->getConfigStatus('temp')) { + if ($obj->uploaded_count > $oDocument->get('uploaded_count')) + { + $cur_point = getModel('point')->getPoint($member_srl, true); + $attached_files_point = $this->_getModulePointConfig($module_srl, 'upload_file'); + $cur_point += $attached_files_point * ($obj->uploaded_count - $oDocument->get('uploaded_count')); + $this->setPoint($member_srl, $cur_point); + } return new Object(); } @@ -258,6 +265,14 @@ class pointController extends point return new Object(); } + /** + * @brief A trigger which gives points for uploaded file changes to a comment + */ + public function triggerUpdateComment($obj) + { + return new Object(); + } + /** * @brief A trigger which gives points for deleting a comment */ From 9615d85d815cb9df7b51c1151c659cefc01f5136 Mon Sep 17 00:00:00 2001 From: Kijin Sung Date: Thu, 2 Mar 2017 20:19:23 +0900 Subject: [PATCH 21/35] Remove admin rights from all widget document methods --- modules/widget/widget.controller.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/modules/widget/widget.controller.php b/modules/widget/widget.controller.php index e5d3e6395..ba86006dc 100644 --- a/modules/widget/widget.controller.php +++ b/modules/widget/widget.controller.php @@ -135,7 +135,7 @@ class widgetController extends widget $obj->content = $content; $obj->document_srl = $document_srl; - $oDocument = $oDocumentModel->getDocument($obj->document_srl, true); + $oDocument = $oDocumentModel->getDocument($obj->document_srl); if($oDocument->isExists() && $oDocument->document_srl == $obj->document_srl) { $output = $oDocumentController->updateDocument($oDocument, $obj); @@ -165,7 +165,7 @@ class widgetController extends widget $oDocumentController = getController('document'); $oDocumentAdminController = getAdminController('document'); - $oDocument = $oDocumentModel->getDocument($document_srl, true); + $oDocument = $oDocumentModel->getDocument($document_srl); if(!$oDocument->isExists()) return new Object(-1,'msg_invalid_request'); $module_srl = $oDocument->get('module_srl'); @@ -206,7 +206,7 @@ class widgetController extends widget $oDocumentModel = getModel('document'); $oDocumentController = getController('document'); - $oDocument = $oDocumentModel->getDocument($document_srl, true); + $oDocument = $oDocumentModel->getDocument($document_srl); if(!$oDocument->isExists()) return new Object(); $module_srl = $oDocument->get('module_srl'); @@ -227,7 +227,7 @@ class widgetController extends widget return new Object(-1,'msg_not_permitted'); } - $output = $oDocumentController->deleteDocument($oDocument->get('document_srl'), true); + $output = $oDocumentController->deleteDocument($oDocument->get('document_srl')); if(!$output->toBool()) return $output; } From 238d97e4ab16434a328212285177ff62ac0662df Mon Sep 17 00:00:00 2001 From: Kijin Sung Date: Thu, 2 Mar 2017 20:41:36 +0900 Subject: [PATCH 22/35] Restrict effect of setGrant() to current request MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 앞으로 또 발견될지도 모르는 보안 취약점으로 인한 피해를 줄이기 위해 문서나 댓글에 대하여 setGrant()를 호출하더라도 해당 세션 전체가 아닌 하나의 요청 내에서만 관리권한을 부여받도록 고칩니다. 세션 전체에 관리 권한을 부여하려면 새로 추가된 setGrantForSession() 메소드를 사용하여야 하며, 이것은 함부로 사용해서는 안됩니다. 그동안 getDocument(), getComment() 등에 $is_admin 파라미터가 너무 남용되어 왔으므로, 이 권한을 제한하는 것만으로도 서드파티 호환성에 미치는 영향을 최소화하면서 상당한 효과가 있을 것으로 보입니다. --- modules/board/board.controller.php | 4 ++-- modules/comment/comment.item.php | 7 ++++++- modules/document/document.item.php | 7 ++++++- 3 files changed, 14 insertions(+), 4 deletions(-) diff --git a/modules/board/board.controller.php b/modules/board/board.controller.php index f5717b4eb..534d72b45 100644 --- a/modules/board/board.controller.php +++ b/modules/board/board.controller.php @@ -609,7 +609,7 @@ class boardController extends board return new Object(-1, 'msg_invalid_password'); } - $oComment->setGrant(); + $oComment->setGrantForSession(); } else { // get the document information $oDocumentModel = getModel('document'); @@ -625,7 +625,7 @@ class boardController extends board return new Object(-1, 'msg_invalid_password'); } - $oDocument->setGrant(); + $oDocument->setGrantForSession(); } } diff --git a/modules/comment/comment.item.php b/modules/comment/comment.item.php index 34f5e3c27..d9f8728fe 100644 --- a/modules/comment/comment.item.php +++ b/modules/comment/comment.item.php @@ -125,10 +125,15 @@ class commentItem extends Object function setGrant() { - $_SESSION['own_comment'][$this->comment_srl] = TRUE; $this->is_granted = TRUE; } + function setGrantForSession() + { + $_SESSION['own_comment'][$this->comment_srl] = true; + $this->setGrant(); + } + function setAccessible() { if(Context::getSessionStatus()) diff --git a/modules/document/document.item.php b/modules/document/document.item.php index dbd5ffcc9..2fde55991 100644 --- a/modules/document/document.item.php +++ b/modules/document/document.item.php @@ -198,9 +198,14 @@ class documentItem extends Object function setGrant() { - $_SESSION['own_document'][$this->document_srl] = true; $this->grant_cache = true; } + + function setGrantForSession() + { + $_SESSION['own_document'][$this->document_srl] = true; + $this->setGrant(); + } function isAccessible() { From 7d508f50bdaaf1478db9fb1d5dd7b23d08c20497 Mon Sep 17 00:00:00 2001 From: Kijin Sung Date: Thu, 2 Mar 2017 21:02:49 +0900 Subject: [PATCH 23/35] Remove unnecessary grant of admin rights on nonexistent documents --- modules/layout/layout.view.php | 2 +- modules/page/page.admin.controller.php | 2 +- modules/page/page.admin.view.php | 2 +- modules/page/page.mobile.php | 2 +- modules/page/page.view.php | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/modules/layout/layout.view.php b/modules/layout/layout.view.php index acacca938..369f69ac5 100644 --- a/modules/layout/layout.view.php +++ b/modules/layout/layout.view.php @@ -62,7 +62,7 @@ class layoutView extends layout if($module == 'ARTICLE' && !$mid) { $oDocumentModel = getModel('document'); - $oDocument = $oDocumentModel->getDocument(0, true); + $oDocument = $oDocumentModel->getDocument(0); $t = lang('article_preview_title'); diff --git a/modules/page/page.admin.controller.php b/modules/page/page.admin.controller.php index 9e130dcd6..fd2fcf8ea 100644 --- a/modules/page/page.admin.controller.php +++ b/modules/page/page.admin.controller.php @@ -316,7 +316,7 @@ class pageAdminController extends page $document_srl = $obj->document_srl; // 이미 존재하는 글인지 체크 - $oDocument = $oDocumentModel->getDocument($obj->document_srl, true); + $oDocument = $oDocumentModel->getDocument($obj->document_srl); $bAnonymous = false; $target = ($obj->ismobile == 'Y') ? 'mdocument_srl' : 'document_srl'; diff --git a/modules/page/page.admin.view.php b/modules/page/page.admin.view.php index aeea01231..63d63ba00 100644 --- a/modules/page/page.admin.view.php +++ b/modules/page/page.admin.view.php @@ -265,7 +265,7 @@ class pageAdminView extends page function _setArticleTypeContentModify($isMobile = false) { $oDocumentModel = getModel('document'); - $oDocument = $oDocumentModel->getDocument(0, true); + $oDocument = $oDocumentModel->getDocument(0); if($isMobile) { diff --git a/modules/page/page.mobile.php b/modules/page/page.mobile.php index b912d89e2..06d71f6a2 100644 --- a/modules/page/page.mobile.php +++ b/modules/page/page.mobile.php @@ -95,7 +95,7 @@ class pageMobile extends pageView $oTemplate = &TemplateHandler::getInstance(); $oDocumentModel = getModel('document'); - $oDocument = $oDocumentModel->getDocument(0, true); + $oDocument = $oDocumentModel->getDocument(0); if($this->module_info->mdocument_srl) { diff --git a/modules/page/page.view.php b/modules/page/page.view.php index a27c03feb..edfda41d5 100644 --- a/modules/page/page.view.php +++ b/modules/page/page.view.php @@ -91,7 +91,7 @@ class pageView extends page $oTemplate = &TemplateHandler::getInstance(); $oDocumentModel = getModel('document'); - $oDocument = $oDocumentModel->getDocument(0, true); + $oDocument = $oDocumentModel->getDocument(0); if($this->module_info->document_srl) { From 7510cdf2e1d54645543a3c9883845629106cabf3 Mon Sep 17 00:00:00 2001 From: Kijin Sung Date: Thu, 2 Mar 2017 21:17:49 +0900 Subject: [PATCH 24/35] Fix autologin failing on third visit --- modules/member/member.controller.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/member/member.controller.php b/modules/member/member.controller.php index ad4809386..21f5cbb1e 100644 --- a/modules/member/member.controller.php +++ b/modules/member/member.controller.php @@ -1739,7 +1739,7 @@ class memberController extends member $new_security_key = Rhymix\Framework\Security::getRandom(24, 'alnum'); $args = new stdClass; $args->autologin_key = $autologin_key; - $args->security_key = base64_encode(hash_hmac('sha256', $security_key, $autologin_key, true)); + $args->security_key = base64_encode(hash_hmac('sha256', $new_security_key, $autologin_key, true)); $update_output = executeQuery('member.updateAutologin', $args); if ($update_output->toBool()) { From e4fe2430d3a3c919bbead66d756c0e76b8ac9798 Mon Sep 17 00:00:00 2001 From: Kijin Sung Date: Thu, 2 Mar 2017 21:18:55 +0900 Subject: [PATCH 25/35] =?UTF-8?q?Change=20=EB=A1=9C=EA=B7=B8=EC=9D=B8=20?= =?UTF-8?q?=EA=B4=80=EB=A6=AC=20to=20=EC=9E=90=EB=8F=99=20=EB=A1=9C?= =?UTF-8?q?=EA=B7=B8=EC=9D=B8=20=EA=B4=80=EB=A6=AC?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- modules/member/lang/ko.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/member/lang/ko.php b/modules/member/lang/ko.php index 9bb0f2644..123dce541 100644 --- a/modules/member/lang/ko.php +++ b/modules/member/lang/ko.php @@ -112,7 +112,7 @@ $lang->cmd_manage_nick_name = '금지 닉네임 관리'; $lang->cmd_manage_form = '가입 폼 관리'; $lang->cmd_view_own_document = '작성 글 보기'; $lang->cmd_view_own_comment = '작성 댓글 보기'; -$lang->cmd_view_active_logins = '로그인 관리'; +$lang->cmd_view_active_logins = '자동 로그인 관리'; $lang->cmd_manage_member_info = '회원 정보 관리'; $lang->cmd_trace_document = '작성글 추적'; $lang->cmd_trace_comment = '작성 댓글 추적'; From 9143493f1309154f2d58398af07f96cc54ee93df Mon Sep 17 00:00:00 2001 From: Kijin Sung Date: Thu, 2 Mar 2017 23:24:28 +0900 Subject: [PATCH 26/35] Restrict addGrant() to current request only --- modules/comment/comment.controller.php | 18 +++++++++++------- modules/comment/comment.item.php | 4 ++-- modules/comment/comment.model.php | 2 +- modules/document/document.controller.php | 6 +++++- modules/document/document.item.php | 4 ++-- modules/document/document.model.php | 2 +- 6 files changed, 22 insertions(+), 14 deletions(-) diff --git a/modules/comment/comment.controller.php b/modules/comment/comment.controller.php index b67ffe5f1..c250776fc 100644 --- a/modules/comment/comment.controller.php +++ b/modules/comment/comment.controller.php @@ -255,7 +255,11 @@ class commentController extends comment */ function addGrant($comment_srl) { - $_SESSION['own_comment'][$comment_srl] = TRUE; + $comment = getModel('comment')->getComment($comment_srl); + if ($comment->isExists()) + { + $comment->setGrant(); + } } /** @@ -568,18 +572,18 @@ class commentController extends comment } } - // grant autority of the comment - if(!$manual_inserted) - { - $this->addGrant($obj->comment_srl); - } - // call a trigger(after) ModuleHandler::triggerCall('comment.insertComment', 'after', $obj); // commit $oDB->commit(); + // grant autority of the comment + if(!$manual_inserted) + { + $this->addGrant($obj->comment_srl); + } + if(!$manual_inserted) { // send a message if notify_message option in enabled in the original article diff --git a/modules/comment/comment.item.php b/modules/comment/comment.item.php index d9f8728fe..8ff282bc3 100644 --- a/modules/comment/comment.item.php +++ b/modules/comment/comment.item.php @@ -93,7 +93,7 @@ class commentItem extends Object function isGranted() { - if($_SESSION['own_comment'][$this->comment_srl]) + if($_SESSION['granted_comment'][$this->comment_srl]) { return TRUE; } @@ -130,7 +130,7 @@ class commentItem extends Object function setGrantForSession() { - $_SESSION['own_comment'][$this->comment_srl] = true; + $_SESSION['granted_comment'][$this->comment_srl] = true; $this->setGrant(); } diff --git a/modules/comment/comment.model.php b/modules/comment/comment.model.php index 4bbf3514d..ddee43fec 100644 --- a/modules/comment/comment.model.php +++ b/modules/comment/comment.model.php @@ -121,7 +121,7 @@ class commentModel extends comment */ function isGranted($comment_srl) { - return $_SESSION['own_comment'][$comment_srl]; + return $_SESSION['granted_comment'][$comment_srl]; } /** diff --git a/modules/document/document.controller.php b/modules/document/document.controller.php index a9ad95032..e3e0435d9 100644 --- a/modules/document/document.controller.php +++ b/modules/document/document.controller.php @@ -331,7 +331,11 @@ class documentController extends document */ function addGrant($document_srl) { - $_SESSION['own_document'][$document_srl] = true; + $oDocument = getModel('document')->getDocument($document_srl); + if ($oDocument->isExists()) + { + $oDocument->setGrant(); + } } /** diff --git a/modules/document/document.item.php b/modules/document/document.item.php index 2fde55991..c6e378496 100644 --- a/modules/document/document.item.php +++ b/modules/document/document.item.php @@ -162,7 +162,7 @@ class documentItem extends Object function isGranted() { - if ($_SESSION['own_document'][$this->document_srl]) + if ($_SESSION['granted_document'][$this->document_srl]) { return $this->grant_cache = true; } @@ -203,7 +203,7 @@ class documentItem extends Object function setGrantForSession() { - $_SESSION['own_document'][$this->document_srl] = true; + $_SESSION['granted_document'][$this->document_srl] = true; $this->setGrant(); } diff --git a/modules/document/document.model.php b/modules/document/document.model.php index 45ec31fe0..eb23d1861 100644 --- a/modules/document/document.model.php +++ b/modules/document/document.model.php @@ -25,7 +25,7 @@ class documentModel extends document */ function isGranted($document_srl) { - return $_SESSION['own_document'][$document_srl]; + return $_SESSION['granted_document'][$document_srl]; } /** From 5e9273d5f3efcbf9123c93d14fb83938ea93a1e7 Mon Sep 17 00:00:00 2001 From: Kijin Sung Date: Fri, 3 Mar 2017 00:16:09 +0900 Subject: [PATCH 27/35] Fix incorrect lang code in simple_world member skin --- modules/member/skins/simple_world/reset_mail.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/member/skins/simple_world/reset_mail.html b/modules/member/skins/simple_world/reset_mail.html index 28adef512..75b9590dd 100644 --- a/modules/member/skins/simple_world/reset_mail.html +++ b/modules/member/skins/simple_world/reset_mail.html @@ -31,7 +31,7 @@
From 284074028651f42b17818998b44abcf7f8ded6a5 Mon Sep 17 00:00:00 2001 From: conory Date: Fri, 3 Mar 2017 00:36:04 +0900 Subject: [PATCH 28/35] =?UTF-8?q?=EA=B8=80=EC=93=B4=EC=9D=B4=EC=97=90?= =?UTF-8?q?=EA=B2=8C=EB=8A=94=20=EB=AC=B4=EC=A1=B0=EA=B1=B4=20=EC=84=B8?= =?UTF-8?q?=EC=85=98=20=EA=B6=8C=ED=95=9C=20=EB=B6=80=EC=97=AC=20=EB=B9=84?= =?UTF-8?q?=ED=9A=8C=EC=9B=90=20=EA=B8=80=EC=93=B0=EA=B8=B0=20=ED=9B=84=20?= =?UTF-8?q?=EB=B3=B8=EB=AC=B8=20=ED=8E=98=EC=9D=B4=EC=A7=80=EC=97=90?= =?UTF-8?q?=EC=84=9C=20=EB=B9=84=EB=B0=80=EB=B2=88=ED=98=B8=20=EC=9D=B8?= =?UTF-8?q?=EC=A6=9D=EC=9D=84=20=EB=B0=9B=EC=95=84=EC=95=BC=20=ED=95=98?= =?UTF-8?q?=EA=B8=B0=20=EB=95=8C=EB=AC=B8=EC=97=90=20=EB=A7=A4=EC=9A=B0=20?= =?UTF-8?q?=EB=B2=88=EA=B1=B0=EB=A1=9C=EC=9B=80.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- modules/comment/comment.controller.php | 16 ++++++++++++---- modules/document/document.controller.php | 15 +++++++++++---- 2 files changed, 23 insertions(+), 8 deletions(-) diff --git a/modules/comment/comment.controller.php b/modules/comment/comment.controller.php index c250776fc..de6ef6c54 100644 --- a/modules/comment/comment.controller.php +++ b/modules/comment/comment.controller.php @@ -250,15 +250,23 @@ class commentController extends comment /** * Authorization of the comments - * available only in the current connection of the session value + * @param int $comment_srl + * @param bool $session * @return void */ - function addGrant($comment_srl) + function addGrant($comment_srl, $session = false) { $comment = getModel('comment')->getComment($comment_srl); if ($comment->isExists()) { - $comment->setGrant(); + if ($session) + { + $comment->setGrantForSession(); + } + else + { + $comment->setGrant(); + } } } @@ -581,7 +589,7 @@ class commentController extends comment // grant autority of the comment if(!$manual_inserted) { - $this->addGrant($obj->comment_srl); + $this->addGrant($obj->comment_srl, true); } if(!$manual_inserted) diff --git a/modules/document/document.controller.php b/modules/document/document.controller.php index e3e0435d9..39086f9c3 100644 --- a/modules/document/document.controller.php +++ b/modules/document/document.controller.php @@ -325,16 +325,23 @@ class documentController extends document /** * Grant a permisstion of the document - * Available in the current connection with session value * @param int $document_srl + * @param bool $session * @return void */ - function addGrant($document_srl) + function addGrant($document_srl, $session = false) { $oDocument = getModel('document')->getDocument($document_srl); if ($oDocument->isExists()) { - $oDocument->setGrant(); + if ($session) + { + $oDocument->setGrantForSession(); + } + else + { + $oDocument->setGrant(); + } } } @@ -530,7 +537,7 @@ class documentController extends document // return if(!$manual_inserted) { - $this->addGrant($obj->document_srl); + $this->addGrant($obj->document_srl, true); } $output->add('document_srl',$obj->document_srl); $output->add('category_srl',$obj->category_srl); From 9389b96f95a67d725568ef418c1ed694b219221e Mon Sep 17 00:00:00 2001 From: Kijin Sung Date: Fri, 3 Mar 2017 00:57:41 +0900 Subject: [PATCH 29/35] =?UTF-8?q?Revert=20"=EA=B8=80=EC=93=B4=EC=9D=B4?= =?UTF-8?q?=EC=97=90=EA=B2=8C=EB=8A=94=20=EB=AC=B4=EC=A1=B0=EA=B1=B4=20?= =?UTF-8?q?=EC=84=B8=EC=85=98=20=EA=B6=8C=ED=95=9C=20=EB=B6=80=EC=97=AC"?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This reverts commit 284074028651f42b17818998b44abcf7f8ded6a5. --- modules/comment/comment.controller.php | 16 ++++------------ modules/document/document.controller.php | 15 ++++----------- 2 files changed, 8 insertions(+), 23 deletions(-) diff --git a/modules/comment/comment.controller.php b/modules/comment/comment.controller.php index de6ef6c54..c250776fc 100644 --- a/modules/comment/comment.controller.php +++ b/modules/comment/comment.controller.php @@ -250,23 +250,15 @@ class commentController extends comment /** * Authorization of the comments - * @param int $comment_srl - * @param bool $session + * available only in the current connection of the session value * @return void */ - function addGrant($comment_srl, $session = false) + function addGrant($comment_srl) { $comment = getModel('comment')->getComment($comment_srl); if ($comment->isExists()) { - if ($session) - { - $comment->setGrantForSession(); - } - else - { - $comment->setGrant(); - } + $comment->setGrant(); } } @@ -589,7 +581,7 @@ class commentController extends comment // grant autority of the comment if(!$manual_inserted) { - $this->addGrant($obj->comment_srl, true); + $this->addGrant($obj->comment_srl); } if(!$manual_inserted) diff --git a/modules/document/document.controller.php b/modules/document/document.controller.php index 39086f9c3..e3e0435d9 100644 --- a/modules/document/document.controller.php +++ b/modules/document/document.controller.php @@ -325,23 +325,16 @@ class documentController extends document /** * Grant a permisstion of the document + * Available in the current connection with session value * @param int $document_srl - * @param bool $session * @return void */ - function addGrant($document_srl, $session = false) + function addGrant($document_srl) { $oDocument = getModel('document')->getDocument($document_srl); if ($oDocument->isExists()) { - if ($session) - { - $oDocument->setGrantForSession(); - } - else - { - $oDocument->setGrant(); - } + $oDocument->setGrant(); } } @@ -537,7 +530,7 @@ class documentController extends document // return if(!$manual_inserted) { - $this->addGrant($obj->document_srl, true); + $this->addGrant($obj->document_srl); } $output->add('document_srl',$obj->document_srl); $output->add('category_srl',$obj->category_srl); From 90590829d6a0ef37927bf5b23d231afc6a69bcd5 Mon Sep 17 00:00:00 2001 From: Kijin Sung Date: Fri, 3 Mar 2017 00:58:14 +0900 Subject: [PATCH 30/35] =?UTF-8?q?=EA=B8=80=EC=93=B4=EC=9D=B4=EC=97=90?= =?UTF-8?q?=EA=B2=8C=EB=8A=94=20=EB=AC=B4=EC=A1=B0=EA=B1=B4=20=EC=84=B8?= =?UTF-8?q?=EC=85=98=20=EA=B6=8C=ED=95=9C=20=EB=B6=80=EC=97=AC=20-=20?= =?UTF-8?q?=EC=88=98=EC=A0=95=20=EB=B2=84=EC=A0=84?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- modules/board/board.controller.php | 30 +++++++++++++++++++----------- 1 file changed, 19 insertions(+), 11 deletions(-) diff --git a/modules/board/board.controller.php b/modules/board/board.controller.php index 534d72b45..581f259da 100644 --- a/modules/board/board.controller.php +++ b/modules/board/board.controller.php @@ -115,7 +115,7 @@ class boardController extends board $obj->update_log_setting = 'Y'; } - // update the document if it is existed + // UPDATE if the document already exists. if($is_update) { if(!$oDocument->isGranted()) @@ -163,14 +163,20 @@ class boardController extends board $obj->reason_update = escape($obj->reason_update); $output = $oDocumentController->updateDocument($oDocument, $obj, $bAnonymous); $msg_code = 'success_updated'; - - // insert a new document otherwise } + // INSERT a new document. else { $output = $oDocumentController->insertDocument($obj, $bAnonymous); $msg_code = 'success_registed'; $obj->document_srl = $output->get('document_srl'); + + // Set grant for the new document. + if ($output->toBool()) + { + $oDocument = $oDocumentModel->getDocument($output->get('document_srl')); + $oDocument->setGrantForSession(); + } // send an email to admin user if($output->toBool() && $this->module_info->admin_mail) @@ -421,11 +427,10 @@ class boardController extends board return new Object(-1, 'msg_admin_comment_no_modify'); } - // if comment_srl is not existed, then insert the comment + // INSERT if comment_srl does not exist. if($comment->comment_srl != $obj->comment_srl) { - - // parent_srl is existed + // Parent exists. if($obj->parent_srl) { $parent_comment = $oCommentModel->getComment($obj->parent_srl); @@ -433,17 +438,21 @@ class boardController extends board { return new Object(-1, 'msg_invalid_request'); } - $output = $oCommentController->insertComment($obj, $bAnonymous); - - // parent_srl is not existed } + // Parent does not exist. else { $output = $oCommentController->insertComment($obj, $bAnonymous); } - // update the comment if it is not existed + // Set grant for the new comment. + if ($output->toBool()) + { + $comment = $oCommentModel->getComment($output->get('comment_srl')); + $comment->setGrantForSession(); + } } + // UPDATE if comment_srl already exists. else { if($this->module_info->protect_comment_regdate > 0 && $this->grant->manager == false) @@ -460,7 +469,6 @@ class boardController extends board { return new Object(-1,'msg_not_permitted'); } - $obj->parent_srl = $comment->parent_srl; $output = $oCommentController->updateComment($obj, $this->grant->manager); } From a67a78ebba90ed27958ca7aa3caf64530ab5c098 Mon Sep 17 00:00:00 2001 From: Kijin Sung Date: Fri, 3 Mar 2017 00:59:42 +0900 Subject: [PATCH 31/35] Use local variable instead of class property to handle member info MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 회원정보를 다룰 때 너도나도 $this->memberInfo를 덮어쓰기 때문에 이게 도대체 어디서 온 변수인지 신뢰할 수가 없음. 심지어 로그인에 실패해도 $this->memberInfo는 그대로 남아 있음. 잘못 사용할 경우 심각한 보안 문제가 발생할 수 있으므로 클래스 속성을 공유하지 않고 각 메소드에서 로컬 변수만 사용하도록 변경함. 회원정보를 반드시 서로 공유해야 하는 경우 Context::get('logged_info')를 사용함. --- modules/member/member.controller.php | 140 +++++++++------------------ 1 file changed, 47 insertions(+), 93 deletions(-) diff --git a/modules/member/member.controller.php b/modules/member/member.controller.php index 21f5cbb1e..526616b5a 100644 --- a/modules/member/member.controller.php +++ b/modules/member/member.controller.php @@ -7,13 +7,6 @@ */ class memberController extends member { - /** - * Info of selected member - * - * @var object - */ - var $memberInfo; - /** * Initialization * @@ -57,6 +50,7 @@ class memberController extends member $oModuleModel = getModel('module'); $config = $oModuleModel->getModuleConfig('member'); + $member_info = Context::get('logged_info'); // Check change_password_date $limit_date = $config->change_password_date; @@ -65,7 +59,7 @@ class memberController extends member if($limit_date > 0) { $oMemberModel = getModel('member'); - if($this->memberInfo->change_password_date < date ('YmdHis', strtotime ('-' . $limit_date . ' day'))) + if($member_info->change_password_date < date ('YmdHis', strtotime ('-' . $limit_date . ' day'))) { $msg = sprintf(lang('msg_change_password_date'), $limit_date); return $this->setRedirectUrl(getNotEncodedUrl('','vid',Context::get('vid'),'mid',Context::get('mid'),'act','dispMemberModifyPassword'), new Object(-1, $msg)); @@ -74,7 +68,7 @@ class memberController extends member // Delete all previous authmail if login is successful $args = new stdClass(); - $args->member_srl = $this->memberInfo->member_srl; + $args->member_srl = $member_info->member_srl; executeQuery('member.deleteAuthMail', $args); if(!$config->after_login_url) @@ -545,18 +539,14 @@ class memberController extends member $oMemberModel = getModel('member'); - if(!$this->memberInfo->password) - { - // Get information of logged-in user - $logged_info = Context::get('logged_info'); - $member_srl = $logged_info->member_srl; - - $columnList = array('member_srl', 'password'); - $memberInfo = $oMemberModel->getMemberInfoByMemberSrl($member_srl, 0, $columnList); - $this->memberInfo->password = $memberInfo->password; - } + // Get information of logged-in user + $logged_info = Context::get('logged_info'); + $member_srl = $logged_info->member_srl; + $columnList = array('member_srl', 'password'); + $member_info = $oMemberModel->getMemberInfoByMemberSrl($member_srl, 0, $columnList); + // Verify the current password - if(!$oMemberModel->isValidPassword($this->memberInfo->password, $password)) + if(!$oMemberModel->isValidPassword($member_info->password, $password)) { return new Object(-1, 'invalid_password'); } @@ -698,10 +688,10 @@ class memberController extends member $this->putSignature($args->member_srl, $signature); // Get user_id information - $this->memberInfo = $oMemberModel->getMemberInfoByMemberSrl($args->member_srl); + $member_info = $oMemberModel->getMemberInfoByMemberSrl($args->member_srl); // Call a trigger after successfully modified (after) - ModuleHandler::triggerCall('member.procMemberModifyInfo', 'after', $this->memberInfo); + ModuleHandler::triggerCall('member.procMemberModifyInfo', 'after', $member_info); $this->setSessionInfo(); // Return result @@ -779,14 +769,10 @@ class memberController extends member // Create a member model object $oMemberModel = getModel('member'); // Get information of member_srl - if(!$this->memberInfo->password) - { - $columnList = array('member_srl', 'password'); - $memberInfo = $oMemberModel->getMemberInfoByMemberSrl($member_srl, 0, $columnList); - $this->memberInfo->password = $memberInfo->password; - } + $columnList = array('member_srl', 'password'); + $member_info = $oMemberModel->getMemberInfoByMemberSrl($member_srl, 0, $columnList); // Verify the cuttent password - if(!$oMemberModel->isValidPassword($this->memberInfo->password, $password)) return new Object(-1, 'invalid_password'); + if(!$oMemberModel->isValidPassword($member_info->password, $password)) return new Object(-1, 'invalid_password'); $output = $this->deleteMember($member_srl); if(!$output->toBool()) return $output; @@ -1781,17 +1767,17 @@ class memberController extends member if($config->identifier == 'email_address' || strpos($user_id, '@') !== false) { // Get user_id information - $this->memberInfo = $oMemberModel->getMemberInfoByEmailAddress($user_id); + $member_info = $oMemberModel->getMemberInfoByEmailAddress($user_id); // Set an invalid user if no value returned - if(!$user_id || strtolower($this->memberInfo->email_address) != strtolower($user_id)) return $this->recordLoginError(-1, 'invalid_email_address'); + if(!$user_id || strtolower($member_info->email_address) != strtolower($user_id)) return $this->recordLoginError(-1, 'invalid_email_address'); } else { // Get user_id information - $this->memberInfo = $oMemberModel->getMemberInfoByUserID($user_id); + $member_info = $oMemberModel->getMemberInfoByUserID($user_id); // Set an invalid user if no value returned - if(!$user_id || strtolower($this->memberInfo->user_id) != strtolower($user_id)) return $this->recordLoginError(-1, 'invalid_user_id'); + if(!$user_id || strtolower($member_info->user_id) != strtolower($user_id)) return $this->recordLoginError(-1, 'invalid_user_id'); } $output = executeQuery('member.getLoginCountByIp', $args); @@ -1818,36 +1804,36 @@ class memberController extends member } // Password Check - if($password && !$oMemberModel->isValidPassword($this->memberInfo->password, $password, $this->memberInfo->member_srl)) + if($password && !$oMemberModel->isValidPassword($member_info->password, $password, $member_info->member_srl)) { - return $this->recordMemberLoginError(-1, 'invalid_password',$this->memberInfo); + return $this->recordMemberLoginError(-1, 'invalid_password', $member_info); } // If denied == 'Y', notify - if($this->memberInfo->denied == 'Y') + if($member_info->denied == 'Y') { - $args->member_srl = $this->memberInfo->member_srl; + $args->member_srl = $member_info->member_srl; $output = executeQuery('member.chkAuthMail', $args); if ($output->toBool() && $output->data->count != '0') { - $_SESSION['auth_member_srl'] = $this->memberInfo->member_srl; + $_SESSION['auth_member_srl'] = $member_info->member_srl; $redirectUrl = getUrl('', 'act', 'dispMemberResendAuthMail'); return $this->setRedirectUrl($redirectUrl, new Object(-1,'msg_user_not_confirmed')); } - $refused_reason = $this->memberInfo->refused_reason ? ('
' . lang('refused_reason') . ': ' . $this->memberInfo->refused_reason) : ''; + $refused_reason = $member_info->refused_reason ? ('
' . lang('refused_reason') . ': ' . $member_info->refused_reason) : ''; return new Object(-1, lang('msg_user_denied') . $refused_reason); } // Notify if user is limited - if($this->memberInfo->limit_date && substr($this->memberInfo->limit_date,0,8) >= date("Ymd")) + if($member_info->limit_date && substr($member_info->limit_date,0,8) >= date("Ymd")) { - $limited_reason = $this->memberInfo->limited_reason ? ('
' . lang('refused_reason') . ': ' . $this->memberInfo->limited_reason) : ''; - return new Object(-9, sprintf(lang('msg_user_limited'), zdate($this->memberInfo->limit_date,"Y-m-d")) . $limited_reason); + $limited_reason = $member_info->limited_reason ? ('
' . lang('refused_reason') . ': ' . $member_info->limited_reason) : ''; + return new Object(-9, sprintf(lang('msg_user_limited'), zdate($member_info->limit_date,"Y-m-d")) . $limited_reason); } // Do not allow login as admin if not in allowed IP list - if($this->memberInfo->is_admin === 'Y' && $this->act === 'procMemberLogin') + if($member_info->is_admin === 'Y' && $this->act === 'procMemberLogin') { $oMemberAdminModel = getAdminModel('member'); if(!$oMemberAdminModel->getMemberAdminIPCheck()) @@ -1857,7 +1843,7 @@ class memberController extends member } // Update the latest login time - $args->member_srl = $this->memberInfo->member_srl; + $args->member_srl = $member_info->member_srl; $output = executeQuery('member.updateLastLogin', $args); $site_module_info = Context::get('site_module_info'); @@ -1887,15 +1873,15 @@ class memberController extends member $oCommunicationController = getController('communication'); $oCommunicationController->sendMessage($args->member_srl, $args->member_srl, $title, $content, true); - if($this->memberInfo->email_address && $this->memberInfo->allow_mailing == 'Y') + if($member_info->email_address && $member_info->allow_mailing == 'Y') { $view_url = Context::getRequestUri(); - $content = sprintf("%s

From: %s
To: %s(%s)

",$content, $view_url, $view_url, $this->memberInfo->nick_name, $this->memberInfo->email_id); + $content = sprintf("%s

From: %s
To: %s(%s)

",$content, $view_url, $view_url, $member_info->nick_name, $member_info->email_id); $oMail = new Mail(); $oMail->setTitle($title); $oMail->setContent($content); $oMail->setSender($config->webmaster_name?$config->webmaster_name:'webmaster', $config->webmaster_email); - $oMail->setReceiptor($this->memberInfo->email_id.'('.$this->memberInfo->nick_name.')', $this->memberInfo->email_address); + $oMail->setReceiptor($member_info->email_id.'('.$member_info->nick_name.')', $member_info->email_address); $oMail->send(); } $output = executeQuery('member.deleteLoginCountHistoryByMemberSrl', $args); @@ -1904,7 +1890,7 @@ class memberController extends member } // Call a trigger after successfully log-in (after) - ModuleHandler::triggerCall('member.doLogin', 'after', $this->memberInfo); + ModuleHandler::triggerCall('member.doLogin', 'after', $member_info); // When user checked to use auto-login if($keep_signed) @@ -1913,7 +1899,7 @@ class memberController extends member $autologin_args = new stdClass; $autologin_args->autologin_key = substr($random_key, 0, 24); $autologin_args->security_key = base64_encode(hash_hmac('sha256', substr($random_key, 24, 24), $autologin_args->autologin_key, true)); - $autologin_args->member_srl = $this->memberInfo->member_srl; + $autologin_args->member_srl = $member_info->member_srl; $autologin_args->user_agent = json_encode(Rhymix\Framework\UA::getBrowserInfo()); $autologin_output = executeQuery('member.insertAutologin', $autologin_args); if ($autologin_output->toBool()) @@ -1922,7 +1908,7 @@ class memberController extends member } } - Rhymix\Framework\Session::login($this->memberInfo->member_srl); + Rhymix\Framework\Session::login($member_info->member_srl); $this->setSessionInfo(); return $output; } @@ -1933,38 +1919,15 @@ class memberController extends member function setSessionInfo() { // If your information came through the current session information to extract information from the users - if(!$this->memberInfo && Rhymix\Framework\Session::getMemberSrl()) - { - $this->memberInfo = Rhymix\Framework\Session::getMemberInfo(); - } - if(!$this->memberInfo->member_srl) + $member_info = Rhymix\Framework\Session::getMemberInfo(); + if (!$member_info->member_srl) { return; } - - // Log in for treatment sessions set - /* - $_SESSION['is_logged'] = true; - $_SESSION['member_srl'] = $_SESSION['RHYMIX']['login'] = $this->memberInfo->member_srl; - $_SESSION['is_admin'] = ''; - */ - // Do not save your password in the session jiwojum;; - //unset($this->memberInfo->password); - // User Group Settings - /* - if($this->memberInfo->group_list) { - $group_srl_list = array_keys($this->memberInfo->group_list); - $_SESSION['group_srls'] = $group_srl_list; - // If the group is designated as an administrator administrator - $oMemberModel = getModel('member'); - $admin_group = $oMemberModel->getAdminGroup(); - if($admin_group->group_srl && in_array($admin_group->group_srl, $group_srl_list)) $_SESSION['is_admin'] = 'Y'; - } - */ // Information stored in the session login user Context::set('is_logged', true); - Context::set('logged_info', $this->memberInfo); + Context::set('logged_info', $member_info); // Only the menu configuration of the user (such as an add-on to the menu can be changed) $config = getModel('member')->getMemberConfig(); @@ -2297,8 +2260,10 @@ class memberController extends member $config = $oMemberModel->getMemberConfig(); $logged_info = Context::get('logged_info'); + // Get what you want to modify the original information - if(!$this->memberInfo) $this->memberInfo = $oMemberModel->getMemberInfoByMemberSrl($args->member_srl); + $orgMemberInfo = $oMemberModel->getMemberInfoByMemberSrl($args->member_srl); + // Control of essential parameters if($args->allow_mailing!='Y') $args->allow_mailing = 'N'; if($args->allow_message && !in_array($args->allow_message, array('Y','N','F'))) $args->allow_message = 'Y'; @@ -2386,9 +2351,6 @@ class memberController extends member } } - $output = executeQuery('member.getMemberInfoByMemberSrl', $args); - $orgMemberInfo = $output->data; - // Check managed Email Host if($logged_info->is_admin !== 'Y' && $oMemberModel->isDeniedEmailHost($args->email_address)) { @@ -2537,13 +2499,9 @@ class memberController extends member $oDB->commit(); - //remove from cache + // Remove from cache $this->_clearMemberCache($args->member_srl, $args->site_srl); - // Save Session - if(!$this->memberInfo) $this->memberInfo = $oMemberModel->getMemberInfoByMemberSrl($args->member_srl); - $logged_info = Context::get('logged_info'); - $output->add('member_srl', $args->member_srl); return $output; } @@ -2555,7 +2513,6 @@ class memberController extends member { if($args->password) { - // check password strength $oMemberModel = getModel('member'); $config = $oMemberModel->getMemberConfig(); @@ -2597,14 +2554,11 @@ class memberController extends member // Create a model object $oMemberModel = getModel('member'); // Bringing the user's information - if(!$this->memberInfo || $this->memberInfo->member_srl != $member_srl || !isset($this->memberInfo->is_admin)) - { - $columnList = array('member_srl', 'is_admin'); - $this->memberInfo = $oMemberModel->getMemberInfoByMemberSrl($member_srl, 0, $columnList); - } - if(!$this->memberInfo) return new Object(-1, 'msg_not_exists_member'); + $columnList = array('member_srl', 'is_admin'); + $member_info = $oMemberModel->getMemberInfoByMemberSrl($member_srl, 0, $columnList); + if(!$member_info) return new Object(-1, 'msg_not_exists_member'); // If managers can not be deleted - if($this->memberInfo->is_admin == 'Y') return new Object(-1, 'msg_cannot_delete_admin'); + if($member_info->is_admin == 'Y') return new Object(-1, 'msg_cannot_delete_admin'); $oDB = &DB::getInstance(); $oDB->begin(); From cf01038ce6e0227ae3e678bf64c07f16acd734ce Mon Sep 17 00:00:00 2001 From: Kijin Sung Date: Fri, 3 Mar 2017 01:05:13 +0900 Subject: [PATCH 32/35] Refresh member info when setSessionInfo() is called --- common/framework/session.php | 5 +++-- modules/member/member.controller.php | 2 +- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/common/framework/session.php b/common/framework/session.php index 73e475b3e..4379f8e56 100644 --- a/common/framework/session.php +++ b/common/framework/session.php @@ -698,9 +698,10 @@ class Session * * This method returns an object, or false if nobody is logged in. * + * @param bool $refresh * @return object|false */ - public static function getMemberInfo() + public static function getMemberInfo($refresh = false) { // Return false if the current user is not logged in. $member_srl = self::getMemberSrl(); @@ -710,7 +711,7 @@ class Session } // Create a member info object. - if (!self::$_member_info || self::$_member_info->member_srl != $member_srl) + if (!self::$_member_info || self::$_member_info->member_srl != $member_srl || $refresh) { self::$_member_info = new Helpers\SessionHelper($member_srl); } diff --git a/modules/member/member.controller.php b/modules/member/member.controller.php index 526616b5a..d956f0242 100644 --- a/modules/member/member.controller.php +++ b/modules/member/member.controller.php @@ -1919,7 +1919,7 @@ class memberController extends member function setSessionInfo() { // If your information came through the current session information to extract information from the users - $member_info = Rhymix\Framework\Session::getMemberInfo(); + $member_info = Rhymix\Framework\Session::getMemberInfo(true); if (!$member_info->member_srl) { return; From 39be19ae5c411c07b1007f2681474be13c9af3aa Mon Sep 17 00:00:00 2001 From: Kijin Sung Date: Fri, 3 Mar 2017 14:00:21 +0900 Subject: [PATCH 33/35] Fix error when deleting selected documents --- modules/document/document.controller.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/modules/document/document.controller.php b/modules/document/document.controller.php index e3e0435d9..611f288dc 100644 --- a/modules/document/document.controller.php +++ b/modules/document/document.controller.php @@ -2491,7 +2491,7 @@ class documentController extends document if(!is_array($cart)) $cart = explode('|@|', $cart); $cart = array_unique(array_map('intval', $cart)); $type = Context::get('type'); - $target_module_srl = Context::get('module_srl') ?: Context::get('target_module'); + $target_module_srl = intval(Context::get('module_srl') ?: Context::get('target_module')); $target_category_srl = Context::get('target_category'); // send default message - misol 2015-07-23 @@ -2530,7 +2530,7 @@ class documentController extends document // Check permissions on all modules. $oModuleModel = getModel('module'); - if (!in_array($target_module_srl, $module_srl_list)) + if ($target_module_srl && !in_array($target_module_srl, $module_srl_list)) { $module_srl_list[] = $target_module_srl; } From 60248dabe98c1d3e5616f5f8f82fc7329b83d5c5 Mon Sep 17 00:00:00 2001 From: MinSoo Kim Date: Fri, 3 Mar 2017 23:07:39 +0900 Subject: [PATCH 34/35] =?UTF-8?q?=EC=8A=A4=ED=82=A8=EC=97=90=EC=84=9C=20?= =?UTF-8?q?=EC=83=89=EC=83=81=20=EB=B3=80=EC=88=98=20=ED=99=95=EC=9D=B8=20?= =?UTF-8?q?=EA=B0=95=ED=99=94,=20=EB=A7=81=ED=81=AC=20=ED=85=8D=EC=8A=A4?= =?UTF-8?q?=ED=8A=B8=20=EC=83=89=EC=83=81=20=EC=84=A0=EB=AA=85=EB=8F=84=20?= =?UTF-8?q?=EC=A6=9D=EA=B0=80.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../skins/simple_world/common_header.html | 41 ++++++++++-------- .../member/skins/simple_world/css/css.less | 2 +- .../skins/simple_world/common_header.html | 42 ++++++++++-------- .../skins/simple_rectangle/content.html | 43 +++++++++++-------- 4 files changed, 75 insertions(+), 53 deletions(-) diff --git a/modules/member/skins/simple_world/common_header.html b/modules/member/skins/simple_world/common_header.html index 6092d1867..3c692a32c 100644 --- a/modules/member/skins/simple_world/common_header.html +++ b/modules/member/skins/simple_world/common_header.html @@ -1,5 +1,18 @@ + + {@ + if(!$layout_info->primary_color) + $layout_info->primary_color = 'red'; + if(!$layout_info->primary_color && $layout_info->customized_primary_color) + $layout_info->primary_color = 'customized'; + if(!$layout_info->customized_primary_color) + $layout_info->customized_primary_color = '#f44336'; + } + + + {@$layout_info->primary_color = 'red';} + {@ $material_colors = array( 'red' => '#f44336', @@ -28,24 +41,21 @@ 'customized' => $layout_info->customized_primary_color, ); } - - {@ - if(!$layout_info->primary_color && $layout_info->customized_primary_color) - $layout_info->primary_color = 'customized'; - if(!$layout_info->primary_color) - $layout_info->primary_color = 'red'; - if(!$layout_info->customized_primary_color) - $layout_info->customized_primary_color = '#f44336'; - } - - - {@$layout_info->primary_color = 'blue';} - {@$colorset = $material_colors[$member_config->colorset];} {@$skin_color = $material_colors[$layout_info->primary_color];} + + + {@$skin_color = trim($colorset)} + + {@$skin_color = trim($colorset)[1].trim($colorset)[1].trim($colorset)[2].trim($colorset)[2].trim($colorset)[3].trim($colorset)[3]} + + + {@$skin_color = '#f44336'} + + - + {@$skin_color = $layout_info->primary_color} {@$skin_color = $layout_info->primary_color[1].$layout_info->primary_color[1].$layout_info->primary_color[2].$layout_info->primary_color[2].$layout_info->primary_color[3].$layout_info->primary_color[3]} @@ -54,9 +64,6 @@ {@$skin_color = '#f44336'} - - {@$skin_color = $colorset} - {@Context::set('simple_less_value', array('red' => hexdec(substr($skin_color, 1, 2)), 'green' => hexdec(substr($skin_color, 3, 2)), 'blue' => hexdec(substr($skin_color, 5, 2)) ))}
diff --git a/modules/member/skins/simple_world/css/css.less b/modules/member/skins/simple_world/css/css.less index 43156161b..57534b821 100644 --- a/modules/member/skins/simple_world/css/css.less +++ b/modules/member/skins/simple_world/css/css.less @@ -68,7 +68,7 @@ script, style .rx_simple_member a { - color: @color; + .text-contrast(#fff; darken(@color,5%); lighten(@color,5%)); text-decoration: none; } /* Horizontal align */ diff --git a/modules/message/skins/simple_world/common_header.html b/modules/message/skins/simple_world/common_header.html index 3f5be653b..a8853ec30 100644 --- a/modules/message/skins/simple_world/common_header.html +++ b/modules/message/skins/simple_world/common_header.html @@ -1,7 +1,19 @@ {@Context::addMetaTag("viewport", "width=device-width, user-scalable=yes")} - + + {@ + if(!$layout_info->primary_color) + $layout_info->primary_color = 'red'; + if(!$layout_info->primary_color && $layout_info->customized_primary_color) + $layout_info->primary_color = 'customized'; + if(!$layout_info->customized_primary_color) + $layout_info->customized_primary_color = '#f44336'; + } + + + {@$layout_info->primary_color = 'red';} + {@ $material_colors = array( 'red' => '#f44336', @@ -30,25 +42,21 @@ 'customized' => $layout_info->customized_primary_color, ); } - - {@ - if(!$layout_info->primary_color && $layout_info->customized_primary_color) - $layout_info->primary_color = 'customized'; - if(!$layout_info->primary_color) - $layout_info->primary_color = 'red'; - if(!$layout_info->customized_primary_color) - $layout_info->customized_primary_color = '#f44336'; - } - - - - {@$layout_info->primary_color = 'blue';} - - +{@$colorset = $material_colors[$member_config->colorset];} {@$skin_color = $material_colors[$layout_info->primary_color];} + + + {@$skin_color = trim($colorset)} + + {@$skin_color = trim($colorset)[1].trim($colorset)[1].trim($colorset)[2].trim($colorset)[2].trim($colorset)[3].trim($colorset)[3]} + + + {@$skin_color = '#f44336'} + + - + {@$skin_color = $layout_info->primary_color} {@$skin_color = $layout_info->primary_color[1].$layout_info->primary_color[1].$layout_info->primary_color[2].$layout_info->primary_color[2].$layout_info->primary_color[3].$layout_info->primary_color[3]} diff --git a/widgets/content/skins/simple_rectangle/content.html b/widgets/content/skins/simple_rectangle/content.html index 1b8cf0bff..8c0ed9561 100644 --- a/widgets/content/skins/simple_rectangle/content.html +++ b/widgets/content/skins/simple_rectangle/content.html @@ -1,6 +1,19 @@ {@$layout_info = Context::get('layout_info')} + + {@ + if(!$layout_info->primary_color) + $layout_info->primary_color = 'red'; + if(!$layout_info->primary_color && $layout_info->customized_primary_color) + $layout_info->primary_color = 'customized'; + if(!$layout_info->customized_primary_color) + $layout_info->customized_primary_color = '#f44336'; + } + + + {@$layout_info->primary_color = 'red';} + {@ $material_colors = array( 'red' => '#f44336', @@ -29,24 +42,21 @@ 'customized' => $layout_info->customized_primary_color, ); } - - {@ - if(!$layout_info->primary_color && $layout_info->customized_primary_color) - $layout_info->primary_color = 'customized'; - if(!$layout_info->primary_color) - $layout_info->primary_color = 'red'; - if(!$layout_info->customized_primary_color) - $layout_info->customized_primary_color = '#f44336'; - } - - - {@$layout_info->primary_color = 'blue';} - -{@$colorset = $material_colors[$colorset];} +{@$colorset = $material_colors[$member_config->colorset];} {@$skin_color = $material_colors[$layout_info->primary_color];} + + + {@$skin_color = trim($colorset)} + + {@$skin_color = trim($colorset)[1].trim($colorset)[1].trim($colorset)[2].trim($colorset)[2].trim($colorset)[3].trim($colorset)[3]} + + + {@$skin_color = '#f44336'} + + - + {@$skin_color = $layout_info->primary_color} {@$skin_color = $layout_info->primary_color[1].$layout_info->primary_color[1].$layout_info->primary_color[2].$layout_info->primary_color[2].$layout_info->primary_color[3].$layout_info->primary_color[3]} @@ -55,9 +65,6 @@ {@$skin_color = '#f44336'} - - {@$skin_color = $colorset} - {@Context::set('less_color', array('red' => hexdec(substr($skin_color, 1, 2)), 'green' => hexdec(substr($skin_color, 3, 2)), 'blue' => hexdec(substr($skin_color, 5, 2)), 'thumbnail_height' => intval($widget_info->thumbnail_height), 'thumbnail_width' => intval($widget_info->thumbnail_width)))} From cf67e12133c64938e69e89dbe074a65778ed3a61 Mon Sep 17 00:00:00 2001 From: MinSoo Kim Date: Fri, 3 Mar 2017 23:12:48 +0900 Subject: [PATCH 35/35] =?UTF-8?q?=EB=84=A4=EB=AA=A8=EC=9D=98=20=EA=BF=88?= =?UTF-8?q?=20=EB=A0=88=EC=9D=B4=EC=95=84=EC=9B=83=20=EC=B5=9C=EB=8C=80=20?= =?UTF-8?q?=EA=B0=80=EB=A1=9C=20=ED=8F=AD=20=ED=99=95=EB=8C=80.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 960px 은 너무 좁은 것 같아서 조금 더 넓힘. --- layouts/simple_world/layout.scss | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/layouts/simple_world/layout.scss b/layouts/simple_world/layout.scss index 03b8f6378..8147b3062 100644 --- a/layouts/simple_world/layout.scss +++ b/layouts/simple_world/layout.scss @@ -39,7 +39,7 @@ body { /* Layout */ .layout_canvas { position: relative; - max-width:960px; + max-width:1050px; width:100%; margin:0 auto; } @@ -189,7 +189,7 @@ header.layout_frame { list-style-type: none; padding: 0; overflow: hidden; - max-width:960px; + max-width:1050px; margin:0 auto; } .layout_menu>ul{