fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-04-02 01:52:10 +09:00
Code Issues Projects Releases Packages Wiki Activity

procDocumentTempSave, procBoardInsertDocument 코드 정리

Browse source 
- procDocumentTempSave
아무나 제목 굵기, 색상을 적용할 수 있는 문제 수정
게시판 제한 설정을 우회하여 게시물을 수정할 수 있는 문제 수정

- procBoardInsertDocument
게시물을 비공개(PRIVATE)로 전환할 수 있는 문제 수정 (글쓰기 포인트 획득용으로 악용 방지)
익명 이름에서 '$DOCNUM'가 제대로 작동하지 않는 문제 수정
임시 문서를 게시할 경우 게시판 제한 설정에 걸려 게시가 안될 수 있는 문제 수정
This commit is contained in:
conory 2017-06-03 14:13:34 +09:00
parent 4ca1c8e073
commit 937cbf58f0
2 changed files with 182 additions and 175 deletions
Download patch file Download diff file Expand all files Collapse all files

69
modules/document/document.controller.php
View file

@ -2739,64 +2739,59 @@ class documentController extends document
*/
function procDocumentTempSave()
{
// Check login information
if(!Context::get('is_logged')) return new Object(-1, 'msg_not_logged');
$module_info = Context::get('module_info');
$logged_info = Context::get('logged_info');
// Get form information
$obj = Context::getRequestVars();
// Change the target module to log-in information
$obj->module_srl = $module_info->module_srl;
$obj->status = $this->getConfigStatus('temp');
unset($obj->is_notice);
// Extract from beginning part of contents in the guestbook
if(!$obj->title)
if(!$obj->module_srl = $this->module_srl)
{
$obj->title = cut_str(strip_tags($obj->content), 20, '...');
return new Object(-1, 'msg_invalid_request');
}
$oDocumentModel = getModel('document');
$oDocumentController = getController('document');
// Check if already exist geulinji
$oDocument = $oDocumentModel->getDocument($obj->document_srl, $this->grant->manager);
// Update if already exists
if($oDocument->isExists() && $oDocument->document_srl == $obj->document_srl)
// unset document style if not manager
if(!$this->grant->manager)
{
unset($obj->is_notice);
unset($obj->title_color);
unset($obj->title_bold);
}
$oDocumentModel = getModel('document');
$oDocument = $oDocumentModel->getDocument($obj->document_srl);
// Update if already exists
if($oDocument->isExists())
{
if($oDocument->get('module_srl') != $obj->module_srl)
{
return new Object(-1, 'msg_invalid_request');
}
if(!$oDocument->isGranted())
{
return new Object(-1, 'msg_invalid_request');
}
//if exist document status is already public, use temp status can point problem
$obj->status = $oDocument->get('status');
$output = $oDocumentController->updateDocument($oDocument, $obj);
$msg_code = 'success_updated';
// Otherwise, get a new
if($oDocument->get('status') != $this->getConfigStatus('temp'))
{
return new Object(-1, 'msg_invalid_request');
}
$output = $this->updateDocument($oDocument, $obj);
}
// Otherwise, get a new
else
{
$output = $oDocumentController->insertDocument($obj);
$msg_code = 'success_registed';
$obj->document_srl = $output->get('document_srl');
$oDocument = $oDocumentModel->getDocument($obj->document_srl, $this->grant->manager);
$output = $this->insertDocument($obj);
$oDocument = $oDocumentModel->getDocument($output->get('document_srl'));
}
// Set the attachment to be invalid state
if($oDocument->hasUploadedFiles())
{
$args = new stdClass;
$args->upload_target_srl = $oDocument->document_srl;
$args->isvalid = 'N';
$args->upload_target_srl = $oDocument->document_srl;
executeQuery('file.updateFileValid', $args);
}
$this->setMessage('success_saved');
$this->add('document_srl', $obj->document_srl);
$this->add('document_srl', $output->get('document_srl'));
}
/**