fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-01-21 04:09:55 +09:00
Code Issues Projects Releases Packages Wiki Activity

merge with 1.4.5 branch(1.4.5.10)

Browse source 
git-svn-id: http://xe-core.googlecode.com/svn/trunk@9269 201d5d3c-b55e-5fd7-737f-ddc643e51545
This commit is contained in:
flyskyko 2011-09-22 05:29:04 +00:00
parent 92332c8ebb
commit a0d57a320f
98 changed files with 970 additions and 432 deletions
Download patch file Download diff file Expand all files Collapse all files

3
modules/addon/addon.admin.controller.php
View file

@ -4,7 +4,8 @@
* @author NHN (developers@xpressengine.com)
* @brief addon 모듈의 admin controller class
**/
include_once('addon.controller.php');
require_once(_XE_PATH_.'modules/addon/addon.controller.php');
class addonAdminController extends addonController {

11
modules/addon/addon.admin.view.php
View file

@ -25,6 +25,9 @@
$addon_list = $oAddonModel->getAddonList($site_module_info->site_srl);
Context::set('addon_list', $addon_list);
$security = new Security();
$security->encodeHTML('addon_list..', 'addon_list..author..');
// 템플릿 패스 및 파일을 지정
$this->setTemplateFile('addon_list');
}
@ -57,7 +60,7 @@
if($mid_list) {
foreach($mid_list as $module_srl => $module) {
$module_categories[$module->module_category_srl]->list[$module_srl] = $module;
$module_categories[$module->module_category_srl]->list[$module_srl] = $module;
}
}
} else {
@ -71,6 +74,9 @@
// 템플릿 패스 및 파일을 지정
$this->setTemplateFile('setup_addon');
$security = new Security();
$security->encodeHTML('addon_info.', 'addon_info.author..', 'mid_list....');
}
/**
@ -92,6 +98,9 @@
// 템플릿 패스 및 파일을 지정
$this->setTemplateFile('addon_info');
$security = new Security();
$security->encodeHTML('addon_info.', 'addon_info.author..');
}
}

29
modules/admin/admin.admin.view.php
View file

@ -18,14 +18,14 @@
$logged_info = $oMemberModel->getLoggedInfo();
if($logged_info->is_admin!='Y') return $this->stop("msg_is_not_administrator");
// change into administration layout
// change into administration layout
$this->setTemplatePath($this->module_path.'tpl');
$this->setLayoutPath($this->getTemplatePath());
$this->setLayoutFile('layout.html');
$this->loadSideBar();
// Retrieve the list of installed modules
// Retrieve the list of installed modules
$db_info = Context::getDBInfo();
@ -56,7 +56,7 @@
if($val->category == 'statistics') $val->category = 'accessory';
if($val->module == 'admin' || !$val->admin_index_act) continue;
// get action information
// get action information
$action_spec = $oModuleModel->getModuleActionXml($val->module);
$actions = array();
if($action_spec->default_index_act) $actions[] = $action_spec->default_index_act;
@ -70,14 +70,14 @@
$obj->index_act = $val->admin_index_act;
if(in_array(Context::get('act'), $actions)) $obj->selected = true;
// Packages
// Packages
if($val->category == 'package') {
if($package_idx == 0) $obj->position = "first";
else $obj->position = "mid";
$package_modules[] = $obj;
$package_idx ++;
if($obj->selected) Context::set('package_selected',true);
// Modules
// Modules
} else {
$installed_modules[] = $obj;
}
@ -94,6 +94,9 @@
// add javascript tooltip plugin - gony
Context::loadJavascriptPlugin('qtip');
Context::loadJavascriptPlugin('watchinput');
$security = new Security();
$security->encodeHTML('selected_module_info.', 'selected_module_info.author..', 'package_modules..', 'installed_modules..');
}
/**
@ -128,12 +131,11 @@
}
Context::set('news', $news);
}
Context::set('released_version', $buff->zbxe_news->attrs->released_version);
Context::set('download_link', $buff->zbxe_news->attrs->download_link);
}
// DB Information
// DB Information
$db_info = Context::getDBInfo();
Context::set('selected_lang', $db_info->lang_type);
@ -210,7 +212,6 @@
$args->regdate = date("Ymd");
$output = executeQuery('admin.getTodayTrackbackCount', $args);
$status->trackback_count = $output->data->count;
Context::set('status', $status);
// Get statistics
@ -245,7 +246,7 @@
$output = executeQuery("admin.getDocumentCount", $args);
$status->document->total = $output->data->count;
// Comment Status
// Comment Status
$output = executeQueryArray("admin.getCommentStatus", $args);
if($output->data) {
foreach($output->data as $var) {
@ -259,7 +260,7 @@
$output = executeQuery("admin.getCommentCount", $args);
$status->comment->total = $output->data->count;
// Trackback Status
// Trackback Status
$output = executeQueryArray("admin.getTrackbackStatus", $args);
if($output->data) {
foreach($output->data as $var) {
@ -273,7 +274,7 @@
$output = executeQuery("admin.getTrackbackCount", $args);
$status->trackback->total = $output->data->count;
// Attached files Status
// Attached files Status
$output = executeQueryArray("admin.getFileStatus", $args);
if($output->data) {
foreach($output->data as $var) {
@ -317,11 +318,15 @@
$site_args->site_srl = 0;
$output = executeQuery('module.getSiteInfo', $site_args);
Context::set('start_module', $output->data);
Context::set('status', $status);
Context::set('layout','none');
$this->setTemplateFile('index');
$security = new Security();
$security->encodeHTML('news..', 'released_version', 'download_link', 'selected_lang', 'module_list..', 'module_list..author..', 'addon_list..', 'addon_list..author..', 'start_module.');
}
/**
@ -342,7 +347,7 @@
Context::set('lang_selected', Context::loadLangSelected());
Context::set('use_mobile_view', $db_info->use_mobile_view=="Y"?'Y':'N');
$ftp_info = Context::getFTPInfo();
Context::set('ftp_info', $ftp_info);

2
modules/admin/tpl/index.html
View file

@ -158,7 +158,7 @@
<div class="section">
<h4 class="dashboardH4">{$lang->env_information} <a href="{getUrl('','module','admin','act','dispAdminConfig')}">{$lang->cmd_setup}</a></h4>
<!--@if($current_version < $released_version)-->
<!--@if(version_compare($current_version, $released_version, '<'))-->
<p class="summary red">{nl2br($lang->about_download_link)} [<a href="{$download_link}" onclick="window.open(this.href);return false;">{$lang->cmd_download}</a>]</p>
<!--@end-->
<table>

47
modules/autoinstall/autoinstall.admin.view.php
View file

@ -20,7 +20,7 @@
$ftp_info = Context::getFTPInfo();
if(!$ftp_info->ftp_root_path) Context::set('show_ftp_note', true);
else $this->ftp_set = true;
$this->dispCategory();
$oModel = &getModel('autoinstall');
@ -69,9 +69,9 @@
}
if($v->type == "core") $v->avail_remove = false;
else if($v->type == "module") {
$v->avail_remove = $oModel->checkRemovable($packages[$v->package_srl]->path);
$v->avail_remove = $oModel->checkRemovable($packages[$v->package_srl]->path);
}
else $v->avail_remove = true;
else $v->avail_remove = true;
}
$item_list[$v->package_srl] = $v;
}
@ -96,6 +96,7 @@
$title = $xmlDoc->{$type}->title->body;
$installed[$key]->title = $title;
}
Context::set('installed', $installed);
foreach($installed as $key=>$val)
{
@ -113,14 +114,14 @@
function dispAutoinstallAdminInstalledPackages()
{
$page = Context::get('page');
if(!$page) $page = 1;
if(!$page) $page = 1;
Context::set('page', $page);
$oModel = &getModel('autoinstall');
$output = $oModel->getInstalledPackageList($page);
$package_list = $output->data;
$params["act"] = "getResourceapiPackages";
$params["package_srls"] = implode(",", array_keys($package_list));
$params["package_srls"] = implode(",", array_keys($package_list));
$body = XmlGenerater::generate($params);
$buff = FileHandler::getRemoteResource($this->uri, $body, 3, "POST", "application/xml");
$xml_lUpdate = new XmlParser();
@ -133,11 +134,14 @@
{
$res[] = $item_list[$package_srl];
}
Context::set('item_list', $res);
Context::set('item_list', $res);
}
Context::set('page_navigation', $output->page_navigation);
$this->setTemplateFile('index');
$this->setTemplateFile('index');
$security = new Security();
$security->encodeHTML('item_list..');
}
function dispAutoinstallAdminInstall() {
@ -201,7 +205,6 @@
$package->cur_version = $installedPackage->current_version;
$package->need_update = version_compare($package->version, $installedPackage->current_version, ">");
}
Context::set("package", $package);
}
if(!$_SESSION['ftp_password'])
@ -209,6 +212,9 @@
Context::set('need_password', true);
}
$this->setTemplateFile('install');
$security = new Security();
$security->encodeHTML('package.' , 'package.depends..');
}
function dispAutoinstallAdminIndex() {
@ -231,13 +237,13 @@
$item = $oModel->getLatestPackage();
if(!$item || $item->updatedate < $updateDate || count($this->categories) < 1)
{
Context::set('need_update', true);
Context::set('need_update', true);
return;
}
$page = Context::get('page');
if(!$page) $page = 1;
if(!$page) $page = 1;
Context::set('page', $page);
$order_type = Context::get('order_type');
@ -263,17 +269,20 @@
{
$params["search_keyword"] = $search_keyword;
}
$xmlDoc = XmlGenerater::getXmlDoc($params);
$xmlDoc = XmlGenerater::getXmlDoc($params);
if($xmlDoc && $xmlDoc->response->packagelist->item)
{
$item_list = $this->rearranges($xmlDoc->response->packagelist->item);
Context::set('item_list', $item_list);
Context::set('item_list', $item_list);
$array = array('total_count', 'total_page', 'cur_page', 'page_count', 'first_page', 'last_page');
$page_nav = $this->rearrange($xmlDoc->response->page_navigation, $array);
$page_nav = $this->rearrange($xmlDoc->response->page_navigation, $array);
$page_navigation = new PageHandler($page_nav->total_count, $page_nav->total_page, $page_nav->cur_page, $page_nav->page_count);
Context::set('page_navigation', $page_navigation);
}
$security = new Security();
$security->encodeHTML('package.' , 'package.depends..');
}
function dispCategory()
@ -298,22 +307,24 @@
$installedPackage = $oModel->getPackage($package_srl);
$path = $installedPackage->path;
$type = $oModel->getTypeFromPath($path);
if(!$type || $type == "core") $this->stop("msg_invalid_request");
if(!$type || $type == "core") $this->stop("msg_invalid_request");
$config_file = $oModel->getConfigFilePath($type);
if(!$config_file) $this->stop("msg_invalid_request");
if(!$config_file) $this->stop("msg_invalid_request");
$xml = new XmlParser();
$xmlDoc = $xml->loadXmlFile(FileHandler::getRealPath($path).$config_file);
if(!$xmlDoc) $this->stop("msg_invalid_request");
if(!$xmlDoc) $this->stop("msg_invalid_request");
if($type == "drcomponent") $type = "component";
if($type == "style") $type = "skin";
$title = $xmlDoc->{$type}->title->body;
$installedPackage->title = $title;
$installedPackage->type = $type;
Context::set('package', $installedPackage);
$this->setTemplateFile('uninstall');
$this->setTemplateFile('uninstall');
Context::addJsFilter($this->module_path.'tpl/filter', 'uninstall_package.xml');
$security = new Security();
$security->encodeHTML('package.');
}
}
?>

16
modules/autoinstall/tpl/list.html
View file

@ -25,7 +25,7 @@
<table class="updateList" border="1" cellspacing="0">
<col width="120" /><col />
<!--@foreach($item_list as $key => $val)-->
<tr>
<tr>
{@ $target_url = $original_site."?mid=download&package_srl=".$val->package_srl; }
<th><a href="{$target_url}"><img src="{str_replace('./', $uri, $val->item_screenshot_url)}" width="100" height="100" alt="" /></a></th>
<td>
@ -34,15 +34,15 @@
<!--@if($val->category_srl)-->
<a href="{getUrl('category_srl',$val->category_srl)}">[{$categories[$val->category_srl]->title}]</a>
<!--@end-->
<a href="{$target_url}">{htmlspecialchars($val->title)} ver. {htmlspecialchars($val->item_version)}</a>
<a href="{$target_url}">{$val->title} ver. {$val->item_version}</a>
</h3>
<!--@if($val->current_version)-->
<p>{$lang->current_version} : {$val->current_version}
<p>{$lang->current_version} : {$val->current_version}
<!--@if($val->deps)-->
<br />
<br />
{$lang->dependant_list} :
<!--@foreach($val->deps as $package_srl)-->
{$installed[$package_srl]->title}.
{$installed[$package_srl]->title}.
<!--@endforeach-->
<!--@end-->
</p>
@ -61,7 +61,7 @@
<!--@end-->
</div>
<div class="info">
<p class="desc">{cut_str(htmlspecialchars($val->package_description),200)}</p>
<p class="desc">{cut_str($val->package_description,200)}</p>
<p class="meta">
<span class="reputation">
<!--@for($i=0;$i<5;$i++)-->
@ -83,10 +83,10 @@
</table>
<div class="pagination a1">
<a href="{getUrl('page','')}" class="prevEnd">{$lang->first_page}</a>
<a href="{getUrl('page','')}" class="prevEnd">{$lang->first_page}</a>
<!--@while($page_no = $page_navigation->getNextPage())-->
<!--@if($page == $page_no)-->
<strong>{$page_no}</strong>
<strong>{$page_no}</strong>
<!--@else-->
<a href="{getUrl('page',$page_no)}">{$page_no}</a>
<!--@end-->

2
modules/comment/comment.admin.view.php
View file

@ -37,7 +37,7 @@
Context::set('comment_list', $output->data);
Context::set('page_navigation', $output->page_navigation);
// 템플릿 지정
// 템플릿 지정
$this->setTemplatePath($this->module_path.'tpl');
$this->setTemplateFile('comment_list');
}

2
modules/comment/tpl/comment_list.html
View file

@ -45,7 +45,7 @@
</thead>
<tbody>
<!--@foreach($comment_list as $no => $val)-->
{@ $comment = cut_str(trim(htmlspecialchars(strip_tags($val->content))), 200, '...')}
{@ $comment = cut_str(trim(strip_tags($val->content)), 200, '...')}
<tr>
<td class="number center">{$no}</td>
<td class="center"><input type="checkbox" name="cart" value="{$val->comment_srl}" /></td>

4
modules/communication/communication.admin.model.php
View file

@ -28,6 +28,10 @@
$communication_config = $oModuleModel->getModuleConfig('communication');
if(!$communication_config->colorset) $communication_config->colorset = "white";
Context::set('communication_config', $communication_config);
$security = new Security();
$security->encodeHTML('skin_info.colorset..title','skin_info.colorset..name');
$security->encodeHTML('skin_info.colorset..name');
$oTemplate = &TemplateHandler::getInstance();
$tpl = $oTemplate->compile($this->module_path.'tpl', 'colorset_list');

5
modules/communication/communication.admin.view.php
View file

@ -30,6 +30,11 @@
// 커뮤니케이션 스킨 목록을 구함
Context::set('communication_skin_list', $oModuleModel->getSkins($this->module_path) );
$security = new Security();
$security->encodeHTML('communication_config..');
$security->encodeHTML('editor_skin_list..');
$security->encodeHTML('communication_skin_list..title');
// template 지정
$this->setTemplatePath($this->module_path.'tpl');

2
modules/document/document.admin.controller.php
View file

@ -504,6 +504,8 @@
$document_args->document_srl = $output->data->document_srl;
$document_args->module_srl = $output->data->module_srl;
$document_args->member_srl = $output->data->member_srl;
$document_args->ipaddress = $output->data->ipaddress;
$document_args->update_order = $output->data->update_order;
$oDocument = $oDocumentModel->getDocument($document_args->document_srl);

3
modules/document/document.admin.view.php
View file

@ -122,9 +122,8 @@
$aliases = $output->data;
}
Context::set('aliases', $aliases);
$this->setTemplatePath($this->module_path.'tpl');
$this->setTemplateFile('document_alias');
}

15
modules/document/document.controller.php
View file

@ -1579,20 +1579,25 @@ class documentController extends document {
$document_srl_count = count($document_srl_list);
$oDocumentModel = &getModel('document');
$document_items = array();
foreach($document_srl_list as $document_srl){
$oDocument = $oDocumentModel->getDocument($document_srl);
$document_items[] = $oDocument;
if (!$oDocument->isGranted()) return $this->stop('msg_not_permitted');
}
// 쪽지 발송
if($message_content) {
$oCommunicationController = &getController('communication');
$oDocumentModel = &getModel('document');
$logged_info = Context::get('logged_info');
$title = cut_str($message_content,10,'...');
$sender_member_srl = $logged_info->member_srl;
for($i=0;$i<$document_srl_count;$i++) {
$document_srl = $document_srl_list[$i];
$oDocument = $oDocumentModel->getDocument($document_srl);
foreach($document_items as $oDocument){
if(!$oDocument->get('member_srl') || $oDocument->get('member_srl')==$sender_member_srl) continue;
if($type=='move') $purl = sprintf("<a href=\"%s\" onclick=\"window.open(this.href);return false;\">%s</a>", $oDocument->getPermanentUrl(), $oDocument->getPermanentUrl());
@ -1679,4 +1684,4 @@ class documentController extends document {
$this->setMessage('success_updated');
}
}
?>
?>

3
modules/document/document.item.php
View file

@ -70,7 +70,8 @@
$logged_info = Context::get('logged_info');
if($logged_info->is_admin == 'Y') return true;
$grant = Context::get('grant');
$oModuleModel = &getModel('module');
$grant = $oModuleModel->getGrant($oModuleModel->getModuleInfoByModuleSrl($this->get('module_srl')), $logged_info);
if($grant->manager) return true;
if($this->get('member_srl') && ($this->get('member_srl') == $logged_info->member_srl || $this->get('member_srl')*-1 == $logged_info->member_srl)) return true;

12
modules/document/document.model.php
View file

@ -786,7 +786,10 @@
// 기존의 extra_keys 가져옴
$extra_keys = $this->getExtraKeys($module_srl);
Context::set('extra_keys', $extra_keys);
$security = new Security();
$security->encodeHTML('extra_keys..name','extra_keys..eid');
// grant 정보를 추출
$oTemplate = &TemplateHandler::getInstance();
return $oTemplate->compile($this->module_path.'tpl', 'extra_keys');
@ -828,8 +831,8 @@
// 회원 그룹의 목록을 가져옴
$group_list = $oMemberModel->getGroups($module_info->site_srl);
Context::set('group_list', $group_list);
// parent_srl이 있고 category_srl 이 없으면 하부 메뉴 추가임
// parent_srl이 있고 category_srl 이 없으면 하부 메뉴 추가임
if(!$category_srl && $parent_srl) {
// 상위 메뉴의 정보를 가져옴
$parent_info = $this->getCategory($parent_srl);
@ -853,6 +856,9 @@
$category_info->title = htmlspecialchars($category_info->title);
Context::set('category_info', $category_info);
$security = new Security();
$security->encodeHTML('group_list..title');
// template 파일을 직접 컴파일한후 tpl변수에 담아서 return한다.
$oTemplate = &TemplateHandler::getInstance();

4
modules/document/tpl/extra_keys.html
View file

@ -1,7 +1,7 @@
<!--%import("js/document_admin.js")-->
<!--%import("filter/insert_extra_var.xml")-->
<!--%import("filter/delete_extra_var.xml")-->
<!--%import("js/module_admin.js")-->
<!--%import("../../module/tpl/js/module_admin.js")-->
<!--@if($selected_var_idx && $extra_keys[$selected_var_idx])-->
{@ $selected_var = $extra_keys[$selected_var_idx] }
@ -23,7 +23,7 @@
<tr>
<th><div>{$lang->column_name}</div></th>
<td class="wide">
<input type="text" name="name" value="{htmlspecialchars($selected_var->name)}" class="inputTypeText w200" id="name" /><a href="{getUrl('','module','module','act','dispModuleAdminLangcode','target','name')}" onclick="popopen(this.href);return false;" class="buttonSet buttonSetting"><span>{$lang->cmd_find_langcode}</span></a>
<input type="text" name="name" value="{$selected_var->name}" class="inputTypeText w200" id="name" /><a href="{getUrl('','module','module','act','dispModuleAdminLangcode','target','name')}" onclick="popopen(this.href);return false;" class="buttonSet buttonSetting"><span>{$lang->cmd_find_langcode}</span></a>
</td>
</tr>
<tr>

13
modules/editor/editor.admin.view.php
View file

@ -26,7 +26,10 @@
$component_list = $oEditorModel->getComponentList(false, $site_srl, true);
Context::set('component_list', $component_list);
$security = new Security();
$security->encodeHTML('component_list....');
$this->setTemplatePath($this->module_path.'tpl');
$this->setTemplateFile('admin_index');
}
@ -67,10 +70,16 @@
}
} else {
$module_categories[0]->list = $mid_list;
}
}
Context::set('mid_list',$module_categories);
//Security
$security = new Security();
$security->encodeHTML('group_list..title');
$security->encodeHTML('component...');
$security->encodeHTML('mid_list..title','mid_list..list..browser_title');
$this->setTemplatePath($this->module_path.'tpl');
$this->setTemplateFile('setup_component');
$this->setLayoutFile("popup_layout");

12
modules/editor/editor.view.php
View file

@ -103,21 +103,27 @@
$style = $contents[$i];
$info = $oModuleModel->loadSkinInfo($this->module_path,$style,'styles');
$content_style_list[$style]->title = $info->title;
}
}
Context::set('content_style_list', $content_style_list);
// 그룹 목록을 구함
$oMemberModel = &getModel('member');
$site_module_info = Context::get('site_module_info');
$group_list = $oMemberModel->getGroups($site_module_info->site_srl);
Context::set('group_list', $group_list);
//Security
$security = new Security();
$security->encodeHTML('group_list..title');
$security->encodeHTML('group_list..description');
$security->encodeHTML('content_style_list..');
$security->encodeHTML('editor_comment_colorset_list..title');
// 템플릿 파일 지정
$oTemplate = &TemplateHandler::getInstance();
$tpl = $oTemplate->compile($this->module_path.'tpl', 'editor_module_config');
$obj .= $tpl;
return new Object();
}

11
modules/file/file.admin.view.php
View file

@ -163,11 +163,16 @@
Context::set('total_count', $output->total_count);
Context::set('total_page', $output->total_page);
Context::set('page', $output->page);
Context::set('page_navigation', $output->page_navigation);
// 템플릿 지정
Context::set('page_navigation', $output->page_navigation);
$security = new Security();
$security->encodeHTML('file_list..source_filename','file_list..ipaddress');
$security->encodeHTML('module_list..browser_title','module_list..mid');
// 템플릿 지정
$this->setTemplatePath($this->module_path.'tpl');
$this->setTemplateFile('file_list');
}
/**

32
modules/file/file.controller.php
View file

@ -233,7 +233,7 @@
header("Content-Transfer-Encoding: binary\n");
// if file size is lager than 10MB, use fread function (#18675748)
if (filesize($uploaded_filename) > pow(1024, 10240)) {
if (filesize($uploaded_filename) > 1024 * 1024) {
while(!feof($fp)) echo fread($fp, 1024);
fclose($fp);
} else {
@ -266,7 +266,32 @@
if(!$_SESSION['upload_info'][$editor_sequence]->enabled) exit();
$upload_target_srl = $_SESSION['upload_info'][$editor_sequence]->upload_target_srl;
if($upload_target_srl && $file_srl) $output = $this->deleteFile($file_srl);
$logged_info = Context::get('logged_info');
$oFileModel = &getModel('file');
$srls = explode(',',$file_srl);
if(!count($srls)) return;
for($i=0;$i<count($srls);$i++) {
$srl = (int)$srls[$i];
if(!$srl) continue;
$args = null;
$args->file_srl = $srl;
$output = executeQuery('file.getFile', $args);
if(!$output->toBool()) continue;
$file_info = $output->data;
if(!$file_info) continue;
$file_grant = $oFileModel->getFileGrant($file_info, $logged_info);
if(!$file_grant->is_deletable) continue;
if($upload_target_srl && $file_srl) $output = $this->deleteFile($file_srl);
}
}
/**
@ -477,6 +502,9 @@
$trigger_output = ModuleHandler::triggerCall('file.insertFile', 'after', $args);
if(!$trigger_output->toBool()) return $trigger_output;
$_SESSION['__XE_UPLOADING_FILES_INFO__'][$args->file_srl] = true;
$output->add('file_srl', $args->file_srl);
$output->add('file_size', $args->file_size);
$output->add('sid', $args->sid);

20
modules/file/file.model.php
View file

@ -209,5 +209,25 @@
function getFileModuleConfig($module_srl) {
return $this->getFileConfig($module_srl);
}
function getFileGrant($file_info, $member_info){
if (!$file_info) return null;
if ($_SESSION['__XE_UPLOADING_FILES_INFO__'][$file_info->file_srl]) {
$file_grant->is_deletable = true;
return $file_grant;
}
$oModuleModel = &getModel('module');
$grant = $oModuleModel->getGrant($oModuleModel->getModuleInfoByModuleSrl($file_info->module_srl), $member_info);
$oDocumentModel = &getModel('document');
$oDocument = $oDocumentModel->getDocument($file_info->upload_target_srl);
if ($oDocument->isExists()) $document_grant = $oDocument->isGranted();
$file_grant->is_deletable = ($document_grant || $member_info->is_admin == 'Y' || $member_info->member_srl == $file_info->member_srl || $grant->manager);
return $file_grant;
}
}
?>

2
modules/file/tpl/file_list.html
View file

@ -92,7 +92,7 @@
<tr>
<td class="tCenter number">{$no}</td>
<td class="tCenter"><input type="checkbox" name="cart" value="{$val->file_srl}" /></td>
<td class="wide"><a href="{$val->download_url}" class="red">{htmlspecialchars($val->source_filename)}</a></td>
<td class="wide"><a href="{$val->download_url}" class="red">{$val->source_filename}</a></td>
<td class="number tRight">{FileHandler::filesize($val->file_size)}</td>
<td class="tCenter">
<!--@if($val->isvalid=='Y')-->

2
modules/install/script/ko.install.php
View file

@ -1,4 +1,4 @@
<?
<?php
// ko/en/...
$lang = Context::getLangType();

15
modules/integration_search/integration_search.admin.view.php
View file

@ -20,7 +20,7 @@
$oModuleModel = &getModel('module');
$this->config = $oModuleModel->getModuleConfig('integration_search');
Context::set('config',$this->config);
$this->setTemplatePath($this->module_path."/tpl/");
}
@ -49,8 +49,10 @@
$module_categories[0]->list = $mid_list;
}
Context::set('mid_list',$module_categories);
Context::set('mid_list',$module_categories); //maybe not used
$security = new Security();
$security->encodeHTML('skin_list..title');
// 샘플코드
Context::set('sample_code', htmlspecialchars('<form action="{getUrl()}" method="get"><input type="hidden" name="vid" value="{$vid}" /><input type="hidden" name="mid" value="{$mid}" /><input type="hidden" name="act" value="IS" /><input type="text" name="is_keyword" class="inputTypeText" value="{$is_keyword}" /><span class="button"><input type="submit" value="{$lang->cmd_search}" /></span></form>') );
@ -76,8 +78,11 @@
}
}
Context::set('skin_info', $skin_info);
Context::set('skin_vars', $skin_vars);
Context::set('skin_vars', $skin_vars); //maybe not used
$security = new Security();
$security->encodeHTML('skin_info...');
$this->setTemplateFile("skin_info");
}
}

4
modules/integration_search/tpl/skin_info.html
View file

@ -79,10 +79,10 @@
<td class="wide">
<!--@if($val->type=="text")-->
<!--@if(!$val->value)-->{@ $val->value = $val->default}<!--@endif-->
<input type="text" name="{$val->name}" value="{htmlspecialchars($val->value)}" class="inputTypeText w400" />
<input type="text" name="{$val->name}" value="{$val->value}" class="inputTypeText w400" />
<!--@elseif($val->type=="textarea")-->
<textarea name="{$val->name}" class="inputTypeTextArea w400">{htmlspecialchars($val->value)}</textarea>
<textarea name="{$val->name}" class="inputTypeTextArea w400">{$val->value}</textarea>
<!--@elseif($val->type=="select")-->
<select name="{$val->name}">

4
modules/krzip/krzip.admin.view.php
View file

@ -22,6 +22,10 @@
$config = $oModuleModel->getModuleConfig('krzip');
Context::set('config',$config);
//Security
$security = new Security();
$security->encodeHTML('config..');
// 템플릿 파일 지정
$this->setTemplatePath($this->module_path.'tpl');
$this->setTemplateFile('index');

6
modules/krzip/tpl/index.html
View file

@ -7,21 +7,21 @@
<tr>
<th scope="col"><div>{$lang->krzip_server_hostname}</div></th>
<td>
<input type="text" name="krzip_server_hostname" value="{htmlspecialchars($config->krzip_server_hostname?$config->krzip_server_hostname:'kr.zip.zeroboard.com')}" class="inputTypeText w400" />
<input type="text" name="krzip_server_hostname" value="{$config->krzip_server_hostname?$config->krzip_server_hostname:'kr.zip.zeroboard.com'}" class="inputTypeText w400" />
<p>{$lang->about_krzip_server_hostname}</p>
</td>
</tr>
<tr class="row2">
<th scope="col"><div>{$lang->krzip_server_port}</div></th>
<td>
<input type="text" name="krzip_server_port" value="{htmlspecialchars($config->krzip_server_port?$config->krzip_server_port:'80')}" class="inputTypeText w400"/>
<input type="text" name="krzip_server_port" value="{$config->krzip_server_port?$config->krzip_server_port:'80'}" class="inputTypeText w400"/>
<p>{$lang->about_krzip_server_port}</p>
</td>
</tr>
<tr>
<th scope="col"><div>{$lang->krzip_server_query}</div></th>
<td>
<input type="text" name="krzip_server_query" value="{htmlspecialchars($config->krzip_server_query?$config->krzip_server_query:'/server.php?addr3=')}" class="inputTypeText w400"/>
<input type="text" name="krzip_server_query" value="{$config->krzip_server_query?$config->krzip_server_query:'/server.php?addr3='}" class="inputTypeText w400"/>
<p>{$lang->about_krzip_server_query}</p>
</td>
</tr>

46
modules/layout/layout.admin.view.php
View file

@ -21,6 +21,10 @@
$oLayoutModel = &getModel('layout');
$layout_list = $oLayoutModel->getLayoutList();
Context::set('layout_list', $layout_list);
//Security
$security = new Security();
$security->encodeHTML('layout_list..layout','layout_list..title');
$this->setTemplateFile('index');
}
@ -29,7 +33,11 @@
$oLayoutModel = &getModel('layout');
$layout_list = $oLayoutModel->getLayoutList(0, "M");
Context::set('layout_list', $layout_list);
//Security
$security = new Security();
$security->encodeHTML('layout_list..layout','layout_list..title');
$this->setTemplateFile('mindex');
}
@ -44,6 +52,10 @@
$layout_type = Context::get('layout_type');
$layout_list = $oLayoutModel->getDownloadedLayoutList($layout_type);
Context::set('layout_list', $layout_list);
//Security
$security = new Security();
$security->encodeHTML('layout_list..layout','layout_list..title');
$this->setTemplateFile('insert_layout');
}
@ -53,7 +65,7 @@
**/
function dispLayoutAdminModify() {
// 선택된 레이아웃의 정보 구해서 세팅
// 선택된 레이아웃의 정보 구해서 세팅
$layout_srl = Context::get('layout_srl');
// 레이아웃의 정보를 가져옴
@ -72,6 +84,16 @@
$menu_list = $oMenuAdminModel->getMenus();
Context::set('menu_list', $menu_list);
//Security
$security = new Security();
$security->encodeHTML('menu_list..title');
$security->encodeHTML('selected_layout.');
/*이미지 명칭 & 같이 변환됨
$security->encodeHTML('selected_layout.layout_title');
$security->encodeHTML('selected_layout.extra_var..value');
$security->encodeHTML('selected_layout.extra_var..option..'); */
$this->setTemplateFile('layout_modify');
}
@ -134,7 +156,12 @@
$oLayoutModel = &getModel('layout');
$layout_list = $oLayoutModel->getDownloadedLayoutList();
Context::set('layout_list', $layout_list);
//Security
$security = new Security();
$security->encodeHTML('layout_list..');
$security->encodeHTML('layout_list..author..');
$this->setTemplateFile('downloaded_layout_list');
}
@ -144,6 +171,11 @@
$layout_list = $oLayoutModel->getDownloadedLayoutList(0, "M");
Context::set('layout_list', $layout_list);
//Security
$security = new Security();
$security->encodeHTML('layout_list..');
$security->encodeHTML('layout_list..author..');
$this->setTemplateFile('downloaded_mlayout_list');
}
@ -218,7 +250,13 @@
Context::set('layout_info', $layout_info);
// 레이아웃을 팝업으로 지정
$this->setLayoutFile('popup_layout');
$this->setLayoutFile('popup_layout');
$security = new Security();
$security->encodeHTML('layout_list..');
$security->encodeHTML('layout_list..author..');
$security->encodeHTML('layout_list..history..');
$security->encodeHTML('layout_list..history..author..');
// 템플릿 파일 지정
$this->setTemplateFile('layout_detail_info');

2
modules/layout/tpl/index.html
View file

@ -28,7 +28,7 @@
(module)
<!--@end-->
</td>
<td class="wide">{htmlspecialchars($val->title)}</td>
<td class="wide">{$val->title}</td>
<td class="nowrap">{zdate($val->regdate,"Y-m-d")}</td>
<td>
<!--@if(!$val->module_srl)-->

4
modules/layout/tpl/layout_modify.html
View file

@ -49,14 +49,14 @@
<tr>
<th scope="row"><div>{$lang->header_script}</div></th>
<td>
<textarea name="header_script" class="inputTypeTextArea w400">{htmlspecialchars($selected_layout->header_script)}</textarea>
<textarea name="header_script" class="inputTypeTextArea w400">{$selected_layout->header_script}</textarea>
<p>{$lang->about_header_script}</p>
</td>
</tr>
<tr class="row2">
<th scope="row"><div>{$lang->title}</div></th>
<td>
<input type="text" name="title" value="{htmlspecialchars($selected_layout->layout_title)}" class="inputTypeText w400" />
<input type="text" name="title" value="{$selected_layout->layout_title}" class="inputTypeText w400" />
<p>{$lang->about_title}</p>
</td>
</tr>

2
modules/layout/tpl/mindex.html
View file

@ -28,7 +28,7 @@
(module)
<!--@end-->
</td>
<td class="wide">{htmlspecialchars($val->title)}</td>
<td class="wide">{$val->title}</td>
<td class="nowrap">{zdate($val->regdate,"Y-m-d")}</td>
<td>
<!--@if(!$val->module_srl)-->

2
modules/member/conf/module.xml
View file

@ -78,6 +78,6 @@
<action name="procMemberAdminUpdateJoinForm" type="controller" standalone="true" />
<action name="procMemberAdminInsertDeniedID" type="controller" standalone="true" />
<action name="procMemberAdminUpdateDeniedID" type="controller" standalone="true" />
<action name="procMemberAdminGroupImageMarkUpdateOrder" type="controller" standalone="true" />
<action name="procMemberAdminUpdateGroupOrder" type="controller" standalone="true" />
</actions>
</module>

3
modules/member/lang/ko.lang.php
View file

@ -27,6 +27,8 @@
$lang->group = '소속 그룹';
$lang->group_title = '그룹제목';
$lang->group_srl = '그룹번호';
$lang->group_order = '그룹 우선순위';
$lang->group_order_change = '그룹 우선순위 변경';
$lang->signature = '서명';
$lang->profile_image = '프로필 사진';
$lang->profile_image_max_width = '가로 제한 길이';
@ -40,7 +42,6 @@
$lang->group_image_mark = '그룹 이미지 마크';
$lang->group_image_mark_max_width = '가로 제한 길이';
$lang->group_image_mark_max_height = '세로 제한 길이';
$lang->group_image_mark_order = '그룹 이미지 마크 순서';
$lang->signature_max_height = '서명 높이 제한';
$lang->enable_openid = 'OpenID 지원';
$lang->enable_join = '회원 가입 허가';

17
modules/member/member.admin.controller.php
View file

@ -365,6 +365,7 @@
if(!$output->toBool()) return $output;
}
if (!$args->group_srl) $args->group_srl = getNextSequence();
return executeQuery('member.insertGroup', $args);
}
@ -407,14 +408,16 @@
}
function procMemberAdminGroupImageMarkUpdateOrder() {
$oModuleModel = &getModel('module');
$oModuleControll = getController('module');
function procMemberAdminUpdateGroupOrder() {
$vars = Context::getRequestVars();
foreach($vars->group_srls as $key => $val){
$args->group_srl = $val;
$args->list_order = $key + 1;
executeQuery('member.updateMemberGroupListOrder', $args);
}
$config = $oModuleModel->getModuleConfig('member');
// $config->group_image_mark_order = Context::get('group_image_mark_order');
$oModuleControll->insertModuleConfig('member', $config);
header(sprintf('Location:%s', getNotEncodedUrl('', 'module', 'admin', 'act', 'dispMemberAdminGroupList')));
}
/**

1
modules/member/member.admin.model.php
View file

@ -45,6 +45,7 @@
case 'nick_name' :
if($search_keyword) $search_keyword = str_replace(' ','%',$search_keyword);
$args->s_nick_name = $search_keyword;
$args->html_nick_name = htmlspecialchars($search_keyword);
break;
case 'email_address' :
if($search_keyword) $search_keyword = str_replace(' ','%',$search_keyword);

69
modules/member/member.admin.view.php
View file

@ -1,4 +1,4 @@
<?php
<?php
/**
* @class memberAdminView
* @author NHN (developers@xpressengine.com)
@ -28,6 +28,9 @@
$this->group_list = $oMemberModel->getGroups();
Context::set('group_list', $this->group_list);
$security = new Security();
$security->encodeHTML('group_list..');
$this->setTemplatePath($this->module_path.'tpl');
}
@ -46,14 +49,16 @@
$output->data[$key]->group_list = $oMemberModel->getMemberGroups($member->member_srl,0);
}
}
Context::set('total_count', $output->total_count);
Context::set('total_page', $output->total_page);
Context::set('page', $output->page);
Context::set('member_list', $output->data);
Context::set('page_navigation', $output->page_navigation);
$this->setTemplateFile('member_list');
$security = new Security();
$security->encodeHTML('member_list..user_name','member_list..group_list..');
$this->setTemplateFile('member_list');
}
/**
@ -86,6 +91,9 @@
$editor = $oEditorModel->getEditor(0, $option);
Context::set('editor', $editor);
$security = new Security();
$security->encodeHTML('config..');
$this->setTemplateFile('member_config');
}
@ -98,6 +106,12 @@
$member_config = $oModuleModel->getModuleConfig('member');
Context::set('member_config', $member_config);
Context::set('extend_form_list', $oMemberModel->getCombineJoinForm($this->member_info));
$security = new Security();
$security->encodeHTML('member_config..');
$security->encodeHTML('member_info.user_name','member_info.description','member_info.group_list..');
$security->encodeHTML('extend_form_list...');
$this->setTemplateFile('member_info');
}
@ -127,39 +141,42 @@
$editor = $oEditorModel->getEditor($this->member_info->member_srl, $option);
Context::set('editor', $editor);
}
$security = new Security();
$security->encodeHTML('extend_form_list..');
$security->encodeHTML('extend_form_list..default_value.');
$this->setTemplateFile('insert_member');
}
/**
* @brief display member delete form
/** O
* @brief display member delete form
**/
function dispMemberAdminDeleteForm() {
if(!Context::get('member_srl')) return $this->dispMemberAdminList();
$this->setTemplateFile('delete_form');
}
/**
/** ->group_update_form
* @brief display group list
**/
function dispMemberAdminGroupList() {
$oModuleModel = &getModel('module');
$config = $oModuleModel->getModuleConfig('member');
if($config->group_image_mark_order) $config->group_image_mark_order = explode(',', $config->group_image_mark_order);
Context::set('config', $config);
$group_srl = Context::get('group_srl');
if($group_srl && $this->group_list[$group_srl]) {
Context::set('selected_group', $this->group_list[$group_srl]);
$this->setTemplateFile('group_update_form');
$this->setTemplateFile('group_update_form');
} else {
$this->setTemplateFile('group_list');
}
}
}
/**
/** O
* @brief 회원 가입 목록 출력
**/
function dispMemberAdminJoinFormList() {
@ -169,11 +186,13 @@
// 추가로 설정한 가입 항목 가져오기
$form_list = $oMemberModel->getJoinFormList();
Context::set('form_list', $form_list);
$security = new Security($form_list);
$security->encodeHTML('form_list..');
$this->setTemplateFile('join_form_list');
}
/**
/** O h, ck
* @brief 회원 가입 관리 화면 출력
**/
function dispMemberAdminInsertJoinForm() {
@ -184,12 +203,17 @@
$join_form = $oMemberModel->getJoinForm($member_join_form_srl);
if(!$join_form) Context::set('member_join_form_srl','',true);
else Context::set('join_form', $join_form);
else {
Context::set('join_form', $join_form);
$security = new Security();
$security->encodeHTML('join_form..');
}
}
$this->setTemplateFile('insert_join_form');
}
/**
/** O
* @brief 금지 목록 아이디 출력
**/
function dispMemberAdminDeniedIDList() {
@ -204,7 +228,9 @@
Context::set('page', $output->page);
Context::set('member_list', $output->data);
Context::set('page_navigation', $output->page_navigation);
$security = new Security();
$security->encodeHTML('member_list..');
$this->setTemplateFile('denied_id_list');
}
@ -220,7 +246,10 @@
// 회원 그룹 목록을 구함
$oMemberModel = &getModel('member');
Context::set('member_groups', $oMemberModel->getGroups());
$security = new Security();
$security->encodeHTML('member_list..');
$this->setLayoutFile('popup_layout');
$this->setTemplateFile('manage_member_group');
}
@ -234,7 +263,7 @@
$output = executeQueryArray('member.getMembers', $args);
Context::set('member_list', $output->data);
$this->setLayoutFile('popup_layout');
$this->setLayoutFile('popup_layout');
$this->setTemplateFile('delete_members');
}
}

11
modules/member/member.class.php
View file

@ -143,6 +143,9 @@
if(!$oDB->isColumnExists("member_group", "site_srl")) return true;
if($oDB->isIndexExists("member_group","uni_member_group_title")) return true;
// Add a column for list_order (05/18/2011)
if(!$oDB->isColumnExists("member_group", "list_order")) return true;
// image_mark 추가 (2009. 02. 14)
if(!$oDB->isColumnExists("member_group", "image_mark")) return true;
@ -190,6 +193,13 @@
$oDB->dropIndex("member_group","uni_member_group_title",true);
}
// Add a column(list_order) to "member_group" table (05/18/2011)
if (!$oDB->isColumnExists("member_group", "list_order")) {
$oDB->addColumn("member_group", "list_order", "number", 11, '', true);
$oDB->addIndex("member_group","idx_list_order", "list_order",false);
$output = executeQuery('member.updateAllMemberGroupListOrder');
}
// image_mark 추가 (2009. 02. 14)
if(!$oDB->isColumnExists("member_group", "image_mark")) {
$oDB->addColumn("member_group", "image_mark", "text");
@ -216,7 +226,6 @@
executeQuery('member.updateMemberListOrderAll',$args);
executeQuery('member.updateMemberListOrderAll');
}
if(!$oDB->isIndexExists("member","idx_list_order")) {
$oDB->addIndex("member","idx_list_order", array("list_order"));
}

6
modules/member/member.controller.php
View file

@ -1633,6 +1633,9 @@
// DB에 입력
$args->member_srl = getNextSequence();
$args->list_order = -1 * $args->member_srl;
$args->nick_name = htmlspecialchars($args->nick_name);
$args->homepage = htmlspecialchars($args->homepage);
$args->blog = htmlspecialchars($args->blog);
if($args->password && !$password_is_hashed) $args->password = md5($args->password);
elseif(!$args->password) unset($args->password);
@ -1780,6 +1783,9 @@
if($args->password) $args->password = md5($args->password);
else $args->password = $member_info->password;
if(!$args->user_name) $args->user_name = $member_info->user_name;
$args->nick_name = htmlspecialchars($args->nick_name);
$args->homepage = htmlspecialchars($args->homepage);
$args->blog = htmlspecialchars($args->blog);
if(!$args->description) $args->description = '';
$output = executeQuery('member.updateMember', $args);

45
modules/member/member.model.php
View file

@ -354,6 +354,8 @@
function getGroups($site_srl = 0) {
if(!$GLOBALS['__group_info__'][$site_srl]) {
$args->site_srl = $site_srl;
$args->sort_index = 'list_order';
$args->order_type = 'asc';
$output = executeQuery('member.getGroups', $args);
if(!$output->data) return;
@ -602,27 +604,32 @@
* @brief group의 이미지마크 정보를 구함
**/
function getGroupImageMark($member_srl,$site_srl=0) {
$oModuleModel = &getModel('module');
$config = $oModuleModel->getModuleConfig('member');
if($config->group_image_mark!='Y'){
return null;
}
$member_group = $this->getMemberGroups($member_srl,$site_srl);
if(!isset($GLOBALS['__member_info__']['group_image_mark'][$member_srl])) {
$oModuleModel = &getModel('module');
$config = $oModuleModel->getModuleConfig('member');
if($config->group_image_mark!='Y'){
return null;
}
$member_group = $this->getMemberGroups($member_srl,$site_srl);
$groups_info = $this->getGroups($site_srl);
$image_mark_info = null;
$groups_info = $this->getGroups($site_srl);
$image_mark = null;
if(count($member_group) > 0 && is_array($member_group)){
$group_srl = array_keys($member_group);
$image_mark = $groups_info[$group_srl[0]]->image_mark;
}
if($image_mark){
// list($width, $height, $type, $attrs) = getimagesize($image_mark);
// $info->width = $width;
// $info->height = $height;
$info->src = $image_mark;
return $info;
foreach($groups_info as $key=>$val){
$target = $member_group[$key];
if (!empty($target) && !empty($val->image_mark))
{
$info->title = $val->title;
$info->description = $val->description;
$info->src = $val->image_mark;
$GLOBALS['__member_info__']['group_image_mark'][$member_srl] = $info;
break;
}
}
if (!$info) $GLOBALS['__member_info__']['group_image_mark'][$member_srl] == 'N';
}
if ($GLOBALS['__member_info__']['group_image_mark'][$member_srl] == 'N') return null;
}else return false;
return $GLOBALS['__member_info__']['group_image_mark'][$member_srl];
}
/**

2
modules/member/queries/getGroups.xml
View file

@ -3,7 +3,7 @@
<table name="member_group" />
</tables>
<navigation>
<index var="sort_index" default="group_srl" order="desc" />
<index var="sort_index" default="list_order" order="order_type" />
</navigation>
<conditions>
<condition operation="equal" column="site_srl" var="site_srl" />

1
modules/member/queries/getMemberList.xml
View file

@ -12,6 +12,7 @@
<condition operation="like" column="user_id" var="s_user_id" />
<condition operation="like" column="user_name" var="s_user_name" pipe="or" />
<condition operation="like" column="nick_name" var="s_nick_name" pipe="or" />
<condition operation="like" column="nick_name" var="html_nick_name" pipe="or" />
<condition operation="like" column="email_address" var="s_email_address" pipe="or" />
<condition operation="like" column="extra_vars" var="s_extra_vars" pipe="or" />
<condition operation="like_prefix" column="regdate" var="s_regdate" pipe="or" />

1
modules/member/queries/getMemberListWithinGroup.xml
View file

@ -15,6 +15,7 @@
<condition operation="like" column="member.user_id" var="s_user_id" />
<condition operation="like" column="member.user_name" var="s_user_name" pipe="or" />
<condition operation="like" column="member.nick_name" var="s_nick_name" pipe="or" />
<condition operation="like" column="member.nick_name" var="html_nick_name" pipe="or" />
<condition operation="like" column="member.email_address" var="s_email_address" pipe="or" />
<condition operation="like" column="extra_vars" var="s_extra_vars" pipe="or" />
<condition operation="like_prefix" column="member.regdate" var="s_regdate" pipe="or" />

3
modules/member/queries/insertGroup.xml
View file

@ -4,7 +4,8 @@
</tables>
<columns>
<column name="site_srl" var="site_srl" default="0" notnull="notnull" />
<column name="group_srl" var="group_srl" default="sequence()" notnull="notnull" />
<column name="group_srl" var="group_srl" notnull="notnull" />
<column name="list_order" var="group_srl" notnull="notnull" />
<column name="title" var="title" notnull="notnull" />
<column name="is_default" var="is_default" default="N" notnull="notnull" />
<column name="is_admin" var="is_admin" default="N" notnull="notnull" />

8
modules/member/queries/updateAllMemberGroupListOrder.xml Normal file
View file

@ -0,0 +1,8 @@
<query id="updateAllMemberGroupListOrder" action="update">
<tables>
<table name="member_group" />
</tables>
<columns>
<column name="list_order" default="group_srl" />
</columns>
</query>

11
modules/member/queries/updateMemberGroupListOrder.xml Normal file
View file

@ -0,0 +1,11 @@
<query id="updateMemberGroupListOrder" action="update">
<tables>
<table name="member_group" />
</tables>
<columns>
<column name="list_order" var="list_order" filter="number" notnull="notnull" />
</columns>
<conditions>
<condition operation="equal" column="group_srl" var="group_srl" notnull="notnull" filter="number" />
</conditions>
</query>

1
modules/member/schemas/member_group.xml
View file

@ -1,6 +1,7 @@
<table name="member_group">
<column name="site_srl" type="number" size="11" notnull="notnull" default="0" />
<column name="group_srl" type="number" size="11" notnull="notnull" primary_key="primary_key" />
<column name="list_order" type="number" size="11" notnull="notnull" index="idx_list_order" />
<column name="title" type="varchar" size="80" notnull="notnull" />
<column name="regdate" type="date" />
<column name="is_default" type="char" default="N" />

8
modules/member/skins/default/modify_info.html
View file

@ -44,7 +44,7 @@
</tr>
<tr>
<th><div>{$lang->nick_name} <span class="require">*</span></div></th>
<td><input type="text" name="nick_name" value="{htmlspecialchars($member_info->nick_name)}" /> <p>{$lang->about_nick_name}</p></td>
<td><input type="text" name="nick_name" value="{htmlspecialchars(htmlspecialchars_decode($member_info->nick_name))}" /> <p>{$lang->about_nick_name}</p></td>
</tr>
<tr>
<th><div>{$lang->email_address} <span class="require">*</span></div></th>
@ -124,11 +124,11 @@
<!--@end-->
<tr>
<th><div>{$lang->homepage}</div></th>
<td><input type="text" name="homepage" value="{htmlspecialchars($member_info->homepage)}" /> <p>{$lang->about_homepage}</p></td>
<td><input type="text" name="homepage" value="{htmlspecialchars(htmlspecialchars_decode($member_info->homepage))}" /> <p>{$lang->about_homepage}</p></td>
</tr>
<tr>
<th><div>{$lang->blog}</div></th>
<td><input type="text" name="blog" value="{htmlspecialchars($member_info->blog)}" /> <p>{$lang->about_blog_url}</p></td>
<td><input type="text" name="blog" value="{htmlspecialchars(htmlspecialchars_decode($member_info->blog))}" /> <p>{$lang->about_blog_url}</p></td>
</tr>
<tr>
<th><div>{$lang->birthday}</div></th>
@ -168,7 +168,7 @@
<!--// 홈페이지 주소 -->
<!--@elseif($val->column_type == 'homepage')-->
<input type="text" name="{$val->column_name}" value="{htmlspecialchars($val->value)}" class="iText w400" />
<input type="text" name="{$val->column_name}" value="{htmlspecialchars(htmlspecialchars_decode($val->value))}" class="iText w400" />
<!--// Email 주소 -->
<!--@elseif($val->column_type == 'email_address')-->

17
modules/member/tpl/group_list.html
View file

@ -13,13 +13,17 @@
<input type="hidden" name="mode" value="" />
</form>
<form id="fo_group_order" action="./" method="get">
<input type="hidden" name="act" value="procMemberAdminUpdateGroupOrder" />
<table cellspacing="0" class="rowTable">
<thead>
<tr>
<th scope="col"><div>{$lang->group_order}</div></th>
<th scope="col" class="half_wide"><div>{$lang->group_title}</div></th>
<th scope="col" class="half_wide"><div>{$lang->description}</div></th>
<th scope="col"><div>{$lang->regdate}</div></th>
<th scope="col"><div>{$lang->is_default}</div></th>
<th scope="col" class="half_wide"><div>{$lang->group_order_change}</div></th>
<th scope="col" colspan="2"><div>&nbsp;</div></th>
</tr>
</thead>
@ -29,12 +33,16 @@
<td colspan="7">{$lang->msg_group_is_null}</td>
</tr>
<!--@end-->
{@$__i=1}
<!--@foreach($group_list as $group_srl => $group_info)-->
<tr class="row{$cycle_idx}">
<input type="hidden" name="group_srls[]" value="{$group_info->group_srl}" />
<td>{$__i++}</td>
<td><!--@if($config->group_image_mark=='Y' && $group_info->image_mark)--><img src="{$group_info->image_mark}" style="vertical-align: middle; margin-right: 3px;" /><!--@endif-->{$group_info->title}</td>
<td>{nl2br($group_info->description)}&nbsp;</td>
<td>{zdate($group_info->regdate,"Y-m-d H:i:s")}</td>
<td><!--@if($group_info->is_default=='Y')-->Y<!--@else-->&nbsp;<!--@end--></td>
<td><a href="#" class="_up">위로</a> <a href="#" class="_down"><span>아래로</span></a></td>
<td><a href="{getUrl('group_srl',$group_info->group_srl)}" title="{$lang->cmd_modify}" class="buttonSet buttonSetting"><span>{$lang->cmd_modify}</span></a></td>
<td>
<!--@if($group_info->is_default!='Y' && $group_info->is_admin !='Y')-->
@ -45,9 +53,14 @@
</td>
</tr>
<!--@end-->
<tr>
<th colspan="8" class="button">
<span class="button black strong"><input type="submit" value="{$lang->cmd_save}" accesskey="s" /></span>
</th>
</tr>
</tbody>
</table>
</form>
<!-- 그룹 추가 -->
<form action="./" method="get" onsubmit="return procFilter(this, insert_group)">
@ -84,4 +97,4 @@
</th>
</tr>
</table>
</form>
</form>

6
modules/member/tpl/insert_join_form.html
View file

@ -44,14 +44,14 @@
<tr>
<th scope="row"><div>{$lang->column_name}</div></th>
<td>
<input type="text" name="column_name" value="{htmlspecialchars($join_form->column_name)}" class="inputTypeText w400" />
<input type="text" name="column_name" value="{$join_form->column_name}" class="inputTypeText w400" />
<p>{$lang->about_column_name}</p>
</td>
</tr>
<tr class="row2">
<th scope="row"><div>{$lang->column_title}</div></th>
<td>
<input type="text" name="column_title" value="{htmlspecialchars($join_form->column_title)}" class="inputTypeText w400" />
<input type="text" name="column_title" value="{$join_form->column_title}" class="inputTypeText w400" />
<p>{$lang->about_column_title}</p>
</td>
</tr>
@ -72,7 +72,7 @@
<tr>
<th scope="row"><div>{$lang->description}</div></th>
<td>
<textarea name="description" class="inputTypeTextArea w400">{htmlspecialchars($join_form->description)}</textarea>
<textarea name="description" class="inputTypeTextArea w400">{$join_form->description}</textarea>
<p>{$lang->about_form_description}</p>
</td>
</tr>

38
modules/member/tpl/insert_member.html
View file

@ -15,7 +15,7 @@
<input type="hidden" name="member_srl" value="{$member_info->member_srl}" />
<input type="hidden" name="signature" value="{htmlspecialchars($member_info->signature)}" />
<!--@if($member_info->member_srl)-->
<input type="hidden" name="user_id" value="{htmlspecialchars($member_info->user_id)}" />
<input type="hidden" name="user_id" value="{$member_info->user_id}" />
<!--@end-->
@ -25,7 +25,7 @@
<th scope="row"><div>{$lang->user_id}</div></th>
<td class="wide">
<!--@if($member_info->member_srl)-->
{htmlspecialchars($member_info->user_id)}
{$member_info->user_id}
<!--@else-->
<input type="text" name="user_id" value="" class="inputTypeText" />
<p>{$lang->about_user_id}</p>
@ -41,34 +41,34 @@
<tr>
<th scope="row"><div>{$lang->user_name}</div></th>
<td>
<input type="text" name="user_name" value="{htmlspecialchars($member_info->user_name)}" class="inputTypeText" />
<input type="text" name="user_name" value="{$member_info->user_name}" class="inputTypeText" />
<p>{$lang->about_user_name}</p>
</td>
</tr>
<tr class="row2">
<th scope="row"><div>{$lang->nick_name}</div></th>
<td>
<input type="text" name="nick_name" value="{htmlspecialchars($member_info->nick_name)}" class="inputTypeText" />
<input type="text" name="nick_name" value="{$member_info->nick_name}" class="inputTypeText" />
<p>{$lang->about_nick_name}</p>
</td>
</tr>
<tr>
<th scope="row"><div>{$lang->email_address}</div></th>
<td>
<input type="text" name="email_address" value="{htmlspecialchars($member_info->email_address)}" class="inputTypeText" />
<input type="text" name="email_address" value="{$member_info->email_address}" class="inputTypeText" />
</td>
</tr>
<tr class="row2">
<th scope="row"><div>{$lang->homepage}</div></th>
<td>
<input type="text" name="homepage" value="{htmlspecialchars($member_info->homepage)}" class="inputTypeText"/>
<input type="text" name="homepage" value="{$member_info->homepage}" class="inputTypeText"/>
<p>{$lang->about_homepage}</p>
</td>
</tr>
<tr>
<th scope="row"><div>{$lang->blog}</div></th>
<td>
<input type="text" name="blog" value="{htmlspecialchars($member_info->blog)}" class="inputTypeText" />
<input type="text" name="blog" value="{$member_info->blog}" class="inputTypeText" />
</td>
</tr>
<tr class="row2">
@ -131,7 +131,7 @@
<tr>
<th scope="row"><div>{$lang->description}</div></th>
<td>
<textarea name="description" class="inputTypeTextArea fullWidth">{htmlspecialchars($member_info->description)}</textarea>
<textarea name="description" class="inputTypeTextArea fullWidth">{$member_info->description}</textarea>
<p>{$lang->about_member_description}</p>
</td>
</tr>
@ -155,7 +155,7 @@
<!--@if($val->is_active=='Y')-->
<tr class="row{$cycle_idx}">
<th scope="row"><div>
{htmlspecialchars($val->column_title)}
{$val->column_title}
<!--@if($val->required=='Y')-->*<!--@end-->
<div class="publicItem">
<input type="checkbox" class="checkbox" name="open_{$val->column_name}" <!--@if($val->is_opened)-->checked="checked"<!--@end--> value="Y" id="open_{$val->column_name}" />
@ -165,31 +165,31 @@
<td class="wide">
<!--// 일반 text -->
<!--@if($val->column_type == 'text')-->
<input type="text" name="{$val->column_name}" value="{htmlspecialchars($val->value)}" class="inputTypeText w400" />
<input type="text" name="{$val->column_name}" value="{$val->value}" class="inputTypeText w400" />
<!--// 홈페이지 주소 -->
<!--@elseif($val->column_type == 'homepage')-->
<input type="text" name="{$val->column_name}" value="{htmlspecialchars($val->value)}" class="inputTypeText w400" />
<input type="text" name="{$val->column_name}" value="{$val->value}" class="inputTypeText w400" />
<!--// Email 주소 -->
<!--@elseif($val->column_type == 'email_address')-->
<input type="text" name="{$val->column_name}" value="{htmlspecialchars($val->value)}" class="inputTypeText w400" />
<input type="text" name="{$val->column_name}" value="{$val->value}" class="inputTypeText w400" />
<!--// 전화번호 -->
<!--@elseif($val->column_type == 'tel')-->
<input type="text" name="{$val->column_name}" value="{htmlspecialchars($val->value[0])}" size="4" class="inputTypeText" />-
<input type="text" name="{$val->column_name}" value="{htmlspecialchars($val->value[1])}" size="4" class="inputTypeText" />-
<input type="text" name="{$val->column_name}" value="{htmlspecialchars($val->value[2])}" size="4" class="inputTypeText" />
<input type="text" name="{$val->column_name}" value="{$val->value[0]}" size="4" class="inputTypeText" />-
<input type="text" name="{$val->column_name}" value="{$val->value[1]}" size="4" class="inputTypeText" />-
<input type="text" name="{$val->column_name}" value="{$val->value[2]}" size="4" class="inputTypeText" />
<!--// textarea -->
<!--@elseif($val->column_type == 'textarea')-->
<textarea name="{$val->column_name}" class="inputTypeTextArea w400">{htmlspecialchars($val->value)}</textarea>
<textarea name="{$val->column_name}" class="inputTypeTextArea w400">{$val->value}</textarea>
<!--// 다중 선택 -->
<!--@elseif($val->column_type == 'checkbox')-->
<!--@if($val->default_value)-->
<!--@foreach($val->default_value as $v)-->
<input type="checkbox" name="{$val->column_name}" value="{htmlspecialchars($v)}" <!--@if(is_array($val->value)&&in_array($v, $val->value))-->checked="checked"<!--@end-->/> {$v}
<input type="checkbox" name="{$val->column_name}" value="{$v}" <!--@if(is_array($val->value)&&in_array($v, $val->value))-->checked="checked"<!--@end-->/> {$v}
<!--@end-->
<!--@end-->
@ -227,7 +227,7 @@
</div>
<div class="item address2">
<label for="krzip_address2_{$val->column_name}" class="iLabel">{$lang->msg_kr_address_etc}</label>
<input type="text" name="{$val->column_name}" id="krzip_address2_{$val->column_name}" value="{htmlspecialchars($val->value[1])}" class="iText w400" />
<input type="text" name="{$val->column_name}" id="krzip_address2_{$val->column_name}" value="{$val->value[1]}" class="iText w400" />
</div>
</div>
<load target="js/krzip_search.js" type="body" />
@ -243,7 +243,7 @@
<!--@end-->
<!--@if($val->description)--><p class="clear">{htmlspecialchars($val->description)}</p><!--@end-->
<!--@if($val->description)--><p class="clear">{$val->description}</p><!--@end-->
</td>
</tr>
<!--@end-->

2
modules/member/tpl/join_form_list.html
View file

@ -23,7 +23,7 @@
<tbody>
<!--@foreach($form_list as $no => $val)-->
<tr class="row{$cycle_idx}">
<td>{htmlspecialchars($val->column_title)}</td>
<td>{$val->column_title}</td>
<td>{$val->column_name}</td>
<td>{$lang->column_type_list[$val->column_type]}</td>
<td>{$val->is_active}</td>

48
modules/member/tpl/js/member_admin.js
View file

@ -339,27 +339,31 @@ function completeDeleteMembers(ret_obj) {
window.close();
}
function doGorupImageMarkUpdateOrder(id) {
var sort = jQuery('#'+id).sortable('toArray');
var params = { group_image_mark_order : [] };
jQuery.each(sort, function(i, val) {
params['group_image_mark_order'].push(val.replace('group_srl_', ''));
});
var response_tags = ['error','message'];
exec_xml('member', 'procMemberAdminGroupImageMarkUpdateOrder', params, completeGroupImageMarkUpdateOrder, response_tags);
}
function completeGroupImageMarkUpdateOrder(ret_obj) {
alert(ret_obj['message']);
}
jQuery(function($) {
$("#group_image_mark_order")
.sortable({
cursor: 'move',
cancel: '.inactive'
});
$("#fo_group_order > table")
.find("a._up")
.click(function(e){
var $tr = $(this).parent().parent();
var $prev = $tr.prev("tr");
if($prev.length)
{
$prev.before($tr);
$tr.parent().find("tr").removeClass("bg1").filter(":odd").addClass("bg1");
}
e.preventDefault();
})
.end()
.find("a._down")
.click(function(){
var $tr = $(this).parent().parent();
var $next = $tr.next("tr");
if($next.length)
{
$next.after($tr);
$tr.parent().find("tr").removeClass("bg1").filter(":odd").addClass("bg1");
}
e.preventDefault();
})
.end()
});

28
modules/member/tpl/member_info.html
View file

@ -11,15 +11,15 @@
<table cellspacing="0" class="rowTable">
<tr class="row2">
<th scope="row"><div>{$lang->user_id}</div></th>
<td>{htmlspecialchars($member_info->user_id)}</td>
<td>{$member_info->user_id}</td>
</tr>
<tr>
<th scope="row"><div>{$lang->user_name}</div></th>
<td>{htmlspecialchars($member_info->user_name)}</td>
<td>{$member_info->user_name}</td>
</tr>
<tr class="row2">
<th scope="row"><div>{$lang->nick_name}</div></th>
<td>{htmlspecialchars($member_info->nick_name)}</td>
<td>{$member_info->nick_name}</td>
</tr>
<tr>
<th scope="row" rowspan="2"><div>{$lang->profile_image}</div></th>
@ -92,15 +92,15 @@
</tr>
<tr>
<th scope="row"><div>{$lang->email_address}</div></th>
<td>{htmlspecialchars($member_info->email_address)}</td>
<td>{$member_info->email_address}</td>
</tr>
<tr class="row2">
<th scope="row"><div>{$lang->homepage}</div></th>
<td><!--@if($member_info->homepage)--><a href="{$member_info->homepage}" onclick="winopen(this.href); return false;">{htmlspecialchars($member_info->homepage)}</a><!--@end-->&nbsp;</td>
<td><!--@if($member_info->homepage)--><a href="{$member_info->homepage}" onclick="winopen(this.href); return false;">{$member_info->homepage}</a><!--@end-->&nbsp;</td>
</tr>
<tr>
<th scope="row"><div>{$lang->blog}</div></th>
<td><!--@if($member_info->blog)--><a href="{$member_info->blog}" onclick="windopen(this.href); return false;">{htmlspecialchars($member_info->blog)}</a><!--@end-->&nbsp;</td>
<td><!--@if($member_info->blog)--><a href="{$member_info->blog}" onclick="windopen(this.href); return false;">{$member_info->blog}</a><!--@end-->&nbsp;</td>
</tr>
<tr class="row2">
<th scope="row"><div>{$lang->birthday}</div></th>
@ -146,22 +146,22 @@
<!--@if($extend_form_list)-->
<!--@foreach($extend_form_list as $key => $val)-->
<tr class="row{$cycle_idx}">
<th scope="row"><div>{htmlspecialchars($val->column_title)}<!--@if($val->is_opened)--> <span class="publicItem">({$lang->public})</span><!--@end--></div></th>
<th scope="row"><div>{$val->column_title}<!--@if($val->is_opened)--> <span class="publicItem">({$lang->public})</span><!--@end--></div></th>
<td>
<!--@if($val->column_type=='tel')-->
{htmlspecialchars($val->value[0])}
{$val->value[0]}
<!--@if($val->value[1])-->-<!--@end-->
{htmlspecialchars($val->value[1])}
{$val->value[1]}
<!--@if($val->value[2])-->-<!--@end-->
{htmlspecialchars($val->value[2])}
{$val->value[2]}
<!--@elseif($val->column_type=='kr_zip')-->
{htmlspecialchars($val->value[0])}<!--@if($val->value[1]&&$val->value[0])--><br /><!--@end-->{htmlspecialchars($val->value[1])}
{$val->value[0]}<!--@if($val->value[1]&&$val->value[0])--><br /><!--@end-->{$val->value[1]}
<!--@elseif($val->column_type=='checkbox' && is_array($val->value))-->
{htmlspecialchars(implode(", ",$val->value))}
{implode(", ",$val->value)}
<!--@elseif($val->column_type=='date')-->
{zdate($val->value, "Y-m-d")}
<!--@else-->
{nl2br(htmlspecialchars($val->value))}
{nl2br($val->value)}
<!--@end-->
&nbsp;
</td>
@ -170,7 +170,7 @@
<!--@end-->
<tr>
<th scope="row"><div>{$lang->description}</div></th>
<td>{htmlspecialchars($member_info->description)}&nbsp;</td>
<td>{$member_info->description}&nbsp;</td>
</tr>
<tr class="row2">
<th colspan="2" class="button">

10
modules/member/tpl/member_list.html
View file

@ -56,14 +56,14 @@
<tr class="row{$cycle_idx}">
<td rowspan="2">{$no}</td>
<td rowspan="2"><input type="checkbox" name="cart" value="{$val->member_srl}"/></td>
<td><a href="{getUrl('act','dispMemberAdminInfo','member_srl',$val->member_srl)}">{htmlspecialchars($val->user_id)}</a></td>
<td>{htmlspecialchars($val->user_name)}</td>
<td><span class="member_{$val->member_srl}">{htmlspecialchars($val->nick_name)}</span></td>
<td><a href="{getUrl('act','dispMemberAdminInfo','member_srl',$val->member_srl)}">{$val->user_id}</a></td>
<td>{$val->user_name}</td>
<td><span class="member_{$val->member_srl}">{$val->nick_name}</span></td>
<td>{zdate($val->regdate,"Y-m-d H:i:s")}</td>
<td>{zdate($val->last_login,"Y-m-d H:i:s")}</td>
<td class="nowrap">
<!--@if($val->homepage)--><a href="{$val->homepage}" class="homepage" onclick="window.open(this.href);return false;"><img src="./images/icon_homepage.gif" title="{$lang->homepage}" alt="{$lang->homepage}" /></a> <!--@end-->
<!--@if($val->blog)--><a href="{$val->blog}" class="blog" onclick="window.open(this.href);return false;"><img src="./images/icon_blog.gif" title="{$lang->blog}" alt="{$lang->blog}" /></a> <!--@end-->&nbsp;
<!--@if($val->homepage)--><a href="{htmlspecialchars($val->homepage)}" class="homepage" onclick="window.open(this.href);return false;"><img src="./images/icon_homepage.gif" title="{$lang->homepage}" alt="{$lang->homepage}" /></a> <!--@end-->
<!--@if($val->blog)--><a href="{htmlspecialchars($val->blog)}" class="blog" onclick="window.open(this.href);return false;"><img src="./images/icon_blog.gif" title="{$lang->blog}" alt="{$lang->blog}" /></a> <!--@end-->&nbsp;
</td>
<td><!--@if($val->is_admin != 'Y')--><a href="{getUrl('act','dispMemberAdminDeleteForm','member_srl', $val->member_srl)}" title="{$lang->cmd_delete}" class="buttonSet buttonDelete"><span>{$lang->cmd_delete}</span></a><!--@else--><img src="./images/icon_management.gif" title="{$lang->is_admin}" alt="{$lang->is_admin}" /><!--@end--></td>
</tr>

18
modules/menu/menu.admin.model.php
View file

@ -119,8 +119,8 @@
// 회원 그룹의 목록을 가져옴
$oMemberModel = &getModel('member');
$group_list = $oMemberModel->getGroups();
Context::set('group_list', $group_list);
Context::set('group_list', $group_list);
// parent_srl이 있고 menu_item_srl이 없으면 하부 메뉴 추가임
if(!$menu_item_srl && $parent_srl) {
// 상위 메뉴의 정보를 가져옴
@ -142,13 +142,19 @@
}
}
Context::set('item_info', $item_info);
//Security
$security = new Security();
$security->encodeHTML('group_list..title');
$security->encodeHTML('item_info.url');
$security->encodeHTML('item_info.name');
// template 파일을 직접 컴파일한후 tpl변수에 담아서 return한다.
$oTemplate = &TemplateHandler::getInstance();
$tpl = $oTemplate->compile($this->module_path.'tpl', 'menu_item_info');
$tpl = $oTemplate->compile($this->module_path.'tpl', 'menu_item_info');
$this->add('tpl', str_replace("\n"," ",$tpl));
}
}
?>
?>

35
modules/menu/menu.admin.view.php
View file

@ -29,10 +29,14 @@
Context::set('total_count', $output->total_count);
Context::set('total_page', $output->total_page);
Context::set('page', $output->page);
Context::set('page', $output->page);
Context::set('menu_list', $output->data);
Context::set('page_navigation', $output->page_navigation);
Context::set('page_navigation', $output->page_navigation);
//Security
$security = new Security();
$security->encodeHTML('menu_list..title');
$this->setTemplateFile('index');
}
@ -66,9 +70,13 @@
$oMenuModel = &getAdminModel('menu');
$menu_info = $oMenuModel->getMenu($menu_srl);
if($menu_info->menu_srl != $menu_srl) return $this->dispMenuAdminContent();
Context::set('menu_info', $menu_info);
Context::set('menu_info', $menu_info);
//Security
$security = new Security();
$security->encodeHTML('menu_info..title');
// 레이아웃을 팝업으로 지정
$this->setTemplateFile('menu_management');
}
@ -87,16 +95,23 @@
// 모듈 목록을 구함
$module_list = $oModuleModel->getModuleList();
Context::set('module_list', $module_list);
// mid 목록을 구해옴
$args->module_category_srl = Context::get('module_category_srl');
$args->module = Context::get('target_module');
$mid_list = $oModuleModel->getMidList($args);
Context::set('mid_list', $mid_list);
Context::set('mid_list', $mid_list);
// 메뉴을 팝업으로 지정
$this->setLayoutFile('popup_layout');
//Security
$security = new Security();
$security->encodeHTML('module_category..title');
$security->encodeHTML('module_list..module');
$security->encodeHTML('mid_list..module');
$security->encodeHTML('mid_list..browser_title');
// 템플릿 파일 지정
$this->setTemplateFile('mid_list');
}

4
modules/menu/tpl/index.html
View file

@ -23,10 +23,10 @@
<!--@foreach($menu_list as $no => $val)-->
<tr class="row{$cycle_idx}">
<td class="number center">{$no}</td>
<td class="wide">{htmlspecialchars($val->title)}</td>
<td class="wide">{$val->title}</td>
<td class="nowrap">{zdate($val->regdate,"Y-m-d")}</td>
<td><a href="{getUrl('act','dispMenuAdminManagement','menu_srl',$val->menu_srl)}" class="buttonSet buttonSetting"><span>{$lang->cmd_setup}</span></a></td>
<td><a href="#" onclick="doDeleteMenu('{$val->menu_srl}');return false;" title="{htmlspecialchars($lang->cmd_delete)}" class="buttonSet buttonDelete"><span>{$lang->cmd_delete}</span></a></td>
<td><a href="#" onclick="doDeleteMenu('{$val->menu_srl}');return false;" title="{$lang->cmd_delete}" class="buttonSet buttonDelete"><span>{$lang->cmd_delete}</span></a></td>
</tr>
<!--@end-->
<tr>

4
modules/menu/tpl/menu_item_info.html
View file

@ -22,14 +22,14 @@
<tr>
<th scope="row"><div>{$lang->menu_name}</div></th>
<td>
<input type="text" name="menu_name" id="menu_name" value="{htmlspecialchars($item_info->name)}" class="inputTypeText w300"/>
<input type="text" name="menu_name" id="menu_name" value="{$item_info->name}" class="inputTypeText w300"/>
<a href="{getUrl('','module','module','act','dispModuleAdminLangcode','target','menu_name')}" onclick="popopen(this.href);return false;" class="buttonSet buttonSetting"><span>{$lang->cmd_find_langcode}</span></a>
</td>
</tr>
<tr>
<th scope="row"><div>{$lang->menu_url}</div></th>
<td>
<input type="text" name="menu_url" value="{htmlspecialchars($item_info->url)}" class="inputTypeText" />
<input type="text" name="menu_url" value="{$item_info->url}" class="inputTypeText" />
<a href="{getUrl('module','menu','act','dispMenuAdminMidList')}" onclick="popopen(this.href);return false;" class="button black"><span>{$lang->cmd_search_mid}</span> </a>
<p class="clear">{$lang->about_menu_url}</p>
</td>

2
modules/menu/tpl/menu_management.html
View file

@ -24,7 +24,7 @@
<th scope="col"><div>{$lang->title}</div></th>
<td>
<div class="fl">
<input type="text" name="title" value="{htmlspecialchars($menu_info->title)}" class="inputTypeText" />
<input type="text" name="title" value="{$menu_info->title}" class="inputTypeText" />
</div>
<div class="fr">
<span class="button"><input type="submit" value="{$lang->cmd_modify}" /></span>

1
modules/menu/tpl/mid_list.html
View file

@ -33,6 +33,7 @@
</tr>
</thead>
<tbody>
<!--@foreach($mid_list as $key => $val)-->
<tr>
<td class="nowrap center">

5
modules/message/message.admin.view.php
View file

@ -28,6 +28,11 @@
// 템플릿 파일 지정
$this->setTemplatePath($this->module_path.'tpl');
//Security
$security = new Security();
$security->encodeHTML('skin_list..title');
$this->setTemplateFile('config');
}

22
modules/module/module.admin.controller.php
View file

@ -188,16 +188,18 @@
if(!$output->toBool()) return $output;
// DB에 권한 저장
foreach($grant as $grant_name => $group_srls) {
foreach($group_srls as $key => $val) {
$args = null;
$args->module_srl = $module_srl;
$args->name = $grant_name;
$args->group_srl = $val;
$output = executeQuery('module.insertModuleGrant', $args);
if(!$output->toBool()) return $output;
}
}
if ($grant){
foreach($grant as $grant_name => $group_srls) {
foreach($group_srls as $key => $val) {
$args = null;
$args->module_srl = $module_srl;
$args->name = $grant_name;
$args->group_srl = $val;
$output = executeQuery('module.insertModuleGrant', $args);
if(!$output->toBool()) return $output;
}
}
}
$this->setMessage('success_registed');
}

13
modules/module/module.admin.model.php
View file

@ -96,6 +96,11 @@
$group_list = $oMemberModel->getGroups($module_info->site_srl);
Context::set('group_list', $group_list);
//Security
$security = new Security();
$security->encodeHTML('group_list..title');
$security->encodeHTML('group_list..description');
// grant 정보를 추출
$oTemplate = &TemplateHandler::getInstance();
return $oTemplate->compile($this->module_path.'tpl', 'module_grants');
@ -134,7 +139,13 @@
Context::set('module_info', $module_info);
Context::set('mid', $module_info->mid);
Context::set('skin_info', $skin_info);
Context::set('skin_vars', $skin_vars);
Context::set('skin_vars', $skin_vars);
//Security
$security = new Security();
$security->encodeHTML('mid');
$security->encodeHTML('module_info.browser_title');
$security->encodeHTML('skin_info...');
$oTemplate = &TemplateHandler::getInstance();
return $oTemplate->compile($this->module_path.'tpl', 'skin_config');

29
modules/module/module.admin.view.php
View file

@ -29,7 +29,10 @@
// 모듈 목록을 구해서
$oModuleModel = &getModel('module');
$module_list = $oModuleModel->getModuleList();
Context::set('module_list', $module_list);
Context::set('module_list', $module_list);
$security = new Security();
$security->encodeHTML('module_list....');
// 템플릿 파일 지정
$this->setTemplateFile('module_list');
@ -43,6 +46,9 @@
$oModuleModel = &getModel('module');
$module_info = $oModuleModel->getModuleInfoXml(Context::get('selected_module'));
Context::set('module_info', $module_info);
$security = new Security();
$security->encodeHTML('module_info...');
// 레이아웃을 팝업으로 지정
$this->setLayoutFile('popup_layout');
@ -61,9 +67,15 @@
$oModuleModel = &getModel('module');
// 선택된 카테고리가 있으면 해당 카테고리의 정보 수정 페이지로
//Security
$security = new Security();
if($module_category_srl) {
$selected_category = $oModuleModel->getModuleCategory($module_category_srl);
Context::set('selected_category', $selected_category);
//Security
$security->encodeHTML('selected_category.title');
// 템플릿 파일 지정
$this->setTemplateFile('category_update_form');
@ -72,7 +84,10 @@
} else {
$category_list = $oModuleModel->getModuleCategories();
Context::set('category_list', $category_list);
//Security
$security->encodeHTML('category_list..title');
// 템플릿 파일 지정
$this->setTemplateFile('category_list');
}
@ -117,11 +132,16 @@
$oLayoutMode = &getModel('layout');
$layout_list = $oLayoutMode->getLayoutList();
Context::set('layout_list', $layout_list);
// 모듈 카테고리 목록을 구함
$module_category = $oModuleModel->getModuleCategories();
Context::set('module_category', $module_category);
$security = new Security();
$security->encodeHTML('layout_list..title','layout_list..layout');
$security->encodeHTML('skin_list....');
$security->encodeHTML('module_category...');
// 레이아웃을 팝업으로 지정
$this->setLayoutFile('popup_layout');
@ -186,6 +206,9 @@
$oMemberModel = &getModel('member');
$group_list = $oMemberModel->getGroups($module_info->site_srl);
Context::set('group_list', $group_list);
$security = new Security();
$security->encodeHTML('group_list..title');
// 레이아웃을 팝업으로 지정
$this->setLayoutFile('popup_layout');

4
modules/module/tpl/skin_config.html
View file

@ -84,11 +84,11 @@
<th scope="row"><div>{$val->title}</div></th>
<td class="wide">
<!--@if($val->type=="text")-->
<input type="text" name="{$val->name}" value="{htmlspecialchars($val->value)}" id="target{$val->name}" class="inputTypeText w400" />
<input type="text" name="{$val->name}" value="{$val->value}" id="target{$val->name}" class="inputTypeText w400" />
<a href="{getUrl('','module','module','act','dispModuleAdminLangcode','target','target'.$val->name)}" onclick="popopen(this.href);return false;" class="buttonSet buttonSetting"><span>{$lang->cmd_find_langcode}</span></a>
<!--@elseif($val->type=="textarea")-->
<textarea name="{$val->name}" class="inputTypeTextArea w400" id="target{$val->name}">{htmlspecialchars($val->value)}</textarea>
<textarea name="{$val->name}" class="inputTypeTextArea w400" id="target{$val->name}">{$val->value}</textarea>
<a href="{getUrl('','module','module','act','dispModuleAdminLangcode','target','target'.$val->name)}" onclick="popopen(this.href);return false;" class="buttonSet buttonSetting"><span>{$lang->cmd_find_langcode}</span></a>
<!--@elseif($val->type=="select")-->

44
modules/opage/opage.admin.view.php
View file

@ -24,7 +24,11 @@
// 모듈 카테고리 목록을 구함
$module_category = $oModuleModel->getModuleCategories();
Context::set('module_category', $module_category);
//Security
$security = new Security();
$security->encodeHTML('module_category..title');
// 템플릿 경로 구함 (opage의 경우 tpl에 관리자용 템플릿 모아놓음)
$this->setTemplatePath($this->module_path.'tpl');
}
@ -45,8 +49,12 @@
Context::set('total_page', $output->total_page);
Context::set('page', $output->page);
Context::set('opage_list', $output->data);
Context::set('page_navigation', $output->page_navigation);
Context::set('page_navigation', $output->page_navigation);
//Security
$security = new Security();
$security->encodeHTML('opage_list..');
// 템플릿 파일 지정
$this->setTemplateFile('index');
}
@ -77,15 +85,29 @@
unset($module_srl);
}
}
// 레이아웃 목록을 구해옴
// 레이아웃 목록을 구해옴
$oLayoutModel = &getModel('layout');
$layout_list = $oLayoutModel->getLayoutList();
Context::set('layout_list', $layout_list);
$mobile_layout_list = $oLayoutModel->getLayoutList(0,"M");
Context::set('mlayout_list', $mobile_layout_list);
//Security
$security = new Security();
$security->encodeHTML('module_info.');
$security->encodeHTML('layout_list..layout');
$security->encodeHTML('layout_list..title');
$security->encodeHTML('mlayout_list..layout');
$security->encodeHTML('mlayout_list..title');
//group_list 및 grant는 사용되는 곳을 모르겠음.
/*
$security->encodeHTML('group_list..title');
$security->encodeHTML('group_list..description');
$security->encodeHTML('grant_list..');
*/
// 템플릿 파일 지정
$this->setTemplateFile('opage_insert');
}
@ -102,6 +124,12 @@
$module_info = $oModuleModel->getModuleInfoByModuleSrl($module_srl);
Context::set('module_info',$module_info);
//Security
$security = new Security();
$security->encodeHTML('module_info.module');
$security->encodeHTML('module_info.mid');
$security->encodeHTML('module_info.browser_title');
// 템플릿 파일 지정
$this->setTemplateFile('opage_delete');
}
@ -110,8 +138,6 @@
* @brief 권한 목록 출력
**/
function dispOpageAdminGrantInfo() {
// GET parameter에서 module_srl을 가져옴
$module_srl = Context::get('module_srl');
@ -133,6 +159,10 @@
$grant_content = $oModuleAdminModel->getModuleGrantHTML($this->module_info->module_srl, $this->xml_info->grant);
Context::set('grant_content', $grant_content);
//Security
$security = new Security();
$security->encodeHTML('module_info..');
$this->setTemplateFile('grant_list');
}
}

3
modules/opage/opage.view.php
View file

@ -115,7 +115,8 @@
// 상대경로를 절대경로로 변경
$path_info = pathinfo($path);
$this->path = str_replace('\\', '/', realpath($path_info['dirname'])).'/';
$content = preg_replace_callback('/(target=|src=|href=|url\()("|\')?([^"\'\)]+)("|\'\))?/is',array($this,'_replacePath'),$content);
$content = preg_replace_callback('/(src=|href=|url\()("|\')?([^"\'\)]+)("|\'\))?/is',array($this,'_replacePath'),$content);
$content = preg_replace_callback('/(<load[^>]+target=)(")([^"]+)(")/is',array($this,'_replacePath'),$content);
$content = preg_replace_callback('/(<!--%import\()(\")([^"]+)(\")/is',array($this,'_replacePath'),$content);
FileHandler::writeFile($cache_file, $content);

2
modules/opage/tpl/index.html
View file

@ -47,7 +47,7 @@
{$module_category[$val->module_category_srl]->title}
<!--@end-->
</td>
<td>{htmlspecialchars($val->mid)}</td>
<td>{$val->mid}</td>
<td><a href="{getUrl('','mid',$val->mid)}" onclick="window.open(this.href); return false;">{$val->browser_title}</a></td>
<td>{zdate($val->regdate,"Y-m-d")}</td>
<td><a href="{getUrl('act','dispOpageAdminInsert','module_srl',$val->module_srl)}" class="buttonSet buttonSetting"><span>{$lang->cmd_setup}</span></a></td>

8
modules/opage/tpl/opage_insert.html
View file

@ -32,7 +32,7 @@
<tr>
<th scope="row"><div>{$lang->browser_title}</div></th>
<td colspan="3">
<input type="text" name="browser_title" value="{htmlspecialchars($module_info->browser_title)}" class="inputTypeText w400" id="browser_title"/>
<input type="text" name="browser_title" value="{$module_info->browser_title}" class="inputTypeText w400" id="browser_title"/>
<a href="{getUrl('','module','module','act','dispModuleAdminLangcode','target','browser_title')}" onclick="popopen(this.href);return false;" class="buttonSet buttonSetting"><span>{$lang->cmd_find_langcode}</span></a>
<p>{$lang->about_browser_title}</p>
</td>
@ -68,8 +68,6 @@
<p>{$lang->about_layout}</p>
</td>
</tr>
<tr>
<th scope="row"><div>{$lang->opage_caching_interval}</div></th>
<td colspan="3">
@ -80,14 +78,14 @@
<tr class="row2">
<th scope="row"><div>{$lang->opage_path}</div></th>
<td colspan="3">
<input type="text" name="opage_path" value="{htmlspecialchars($module_info->path)}" class="inputTypeText w400" />
<input type="text" name="opage_path" value="{$module_info->path}" class="inputTypeText w400" />
<p>{$lang->about_opage_path}<b>{realpath("./")}</b></p>
</td>
</tr>
<tr class="row">
<th scope="row"><div>{$lang->opage_mobile_path}</div></th>
<td colspan="3">
<input type="text" name="opage_mpath" value="{htmlspecialchars($module_info->mpath)}" class="inputTypeText w400" />
<input type="text" name="opage_mpath" value="{$module_info->mpath}" class="inputTypeText w400" />
<p>{$lang->about_opage_mobile_path}<b>{realpath("./")}</b></p>
</td>
</tr>

59
modules/page/page.admin.view.php
View file

@ -18,7 +18,7 @@
// module_srl이 있으면 미리 체크하여 존재하는 모듈이면 module_info 세팅
$module_srl = Context::get('module_srl');
// module model 객체 생성
// module model 객체 생성
$oModuleModel = &getModel('module');
// module_srl이 넘어오면 해당 모듈의 정보를 미리 구해 놓음
@ -38,6 +38,10 @@
$module_category = $oModuleModel->getModuleCategories();
Context::set('module_category', $module_category);
//Security
$security = new Security();
$security->encodeHTML('module_category..title');
// 템플릿 경로 구함 (page의 경우 tpl에 관리자용 템플릿 모아놓음)
$this->setTemplatePath($this->module_path.'tpl');
@ -69,6 +73,12 @@
Context::set('page_list', $output->data);
Context::set('page_navigation', $output->page_navigation);
//Security
$security = new Security();
$security->encodeHTML('page_list..browser_title');
$security->encodeHTML('page_list..mid');
$security->encodeHTML('module_info.');
// 템플릿 파일 지정
$this->setTemplateFile('index');
}
@ -79,7 +89,6 @@
function dispPageAdminInfo() {
// GET parameter에서 module_srl을 가져옴
$module_srl = Context::get('module_srl');
$module_info = Context::get('module_info');
// module_srl 값이 없다면 그냥 index 페이지를 보여줌
@ -101,6 +110,14 @@
$mobile_layout_list = $oLayoutModel->getLayoutList(0,"M");
Context::set('mlayout_list', $mobile_layout_list);
//Security
$security = new Security();
$security->encodeHTML('layout_list..layout');
$security->encodeHTML('layout_list..title');
$security->encodeHTML('mlayout_list..layout');
$security->encodeHTML('mlayout_list..title');
$security->encodeHTML('module_info.');
// 템플릿 파일 지정
$this->setTemplateFile('page_info');
}
@ -119,6 +136,9 @@
// 템플릿 파일 지정
$this->setTemplateFile('addition_setup');
$security = new Security();
$security->encodeHTML('module_info.');
}
/**
@ -148,6 +168,13 @@
$mobile_layout_list = $oLayoutModel->getLayoutList(0,"M");
Context::set('mlayout_list', $mobile_layout_list);
//Security
$security = new Security();
$security->encodeHTML('layout_list..layout');
$security->encodeHTML('layout_list..title');
$security->encodeHTML('mlayout_list..layout');
$security->encodeHTML('mlayout_list..title');
// 템플릿 파일 지정
$this->setTemplateFile('page_insert');
}
@ -163,7 +190,7 @@
else $mtime = filemtime($cache_file);
if($mtime + $interval*60 > time()) {
$page_content = FileHandler::readFile($cache_file);
$page_content = FileHandler::readFile($cache_file);
} else {
$oWidgetController = &getController('widget');
$page_content = $oWidgetController->transWidgetCode($this->module_info->mcontent);
@ -173,7 +200,7 @@
if(file_exists($cache_file)) FileHandler::removeFile($cache_file);
$page_content = $this->module_info->mcontent;
}
Context::set('module_info', $this->module_info);
Context::set('page_content', $page_content);
@ -198,7 +225,11 @@
$widget_list = $oWidgetModel->getDownloadedWidgetList();
Context::set('widget_list', $widget_list);
// 템플릿 파일 지정
//Security
$security = new Security();
$security->encodeHTML('widget_list..title','module_info.mid');
// 템플릿 파일 지정
$this->setTemplateFile('page_mobile_content_modify');
}
@ -224,10 +255,14 @@
$widget_list = $oWidgetModel->getDownloadedWidgetList();
Context::set('widget_list', $widget_list);
// 템플릿 파일 지정
//Security
$security = new Security();
$security->encodeHTML('widget_list..title','module_info.mid');
// 템플릿 파일 지정
$this->setTemplateFile('page_content_modify');
}
/**
* @brief 페이지 삭제 화면 출력
**/
@ -239,8 +274,15 @@
$module_info = $oModuleModel->getModuleInfoByModuleSrl($module_srl);
Context::set('module_info',$module_info);
//Security
$security = new Security();
$security->encodeHTML('module_info.module','module_info.mid');
// 템플릿 파일 지정
$this->setTemplateFile('page_delete');
$security = new Security();
$security->encodeHTML('module_info.');
}
/**
@ -253,6 +295,9 @@
Context::set('grant_content', $grant_content);
$this->setTemplateFile('grant_list');
$security = new Security();
$security->encodeHTML('module_info.');
}
}
?>

6
modules/page/tpl/index.html
View file

@ -9,8 +9,8 @@
<input type="hidden" name="act" value="dispPageAdminContent" />
<fieldset>
{$lang->mid} <input type="text" name="s_mid" value="{$s_mid}" class="inputTypeText" />
{$lang->browser_title} <input type="text" name="s_browser_title" value="{$s_browser_title}" class="inputTypeText" />
{$lang->mid} <input type="text" name="s_mid" value="{htmlspecialchars($s_mid)}" class="inputTypeText" />
{$lang->browser_title} <input type="text" name="s_browser_title" value="{htmlspecialchars($s_browser_title)}" class="inputTypeText" />
<span class="button blue"><input type="submit" value="{$lang->cmd_search}" /></span>
<a href="{getUrl('s_mid','','s_browser_title','','page','')}" class="button black"><span>{$lang->cmd_cancel}</span></a>
</fieldset>
@ -63,7 +63,7 @@
{$module_category[$val->module_category_srl]->title}
<!--@end-->
</td>
<td>{htmlspecialchars($val->mid)}</td>
<td>{$val->mid}</td>
<td><a href="{getSiteUrl($val->domain,'','mid',$val->mid)}" onclick="window.open(this.href); return false;">{$val->browser_title}</a></td>
<td>{zdate($val->regdate,"Y-m-d")}</td>
<td><a href="{getUrl('act','dispPageAdminInfo','module_srl',$val->module_srl)}" class="buttonSet buttonSetting"><span>{$lang->cmd_setup}</span></a></td>

2
modules/page/tpl/page_info.html
View file

@ -28,7 +28,7 @@
<tr>
<th scope="row"><div>{$lang->browser_title}</div></th>
<td colspan="3">
<input type="text" name="browser_title" value="{htmlspecialchars($module_info->browser_title)}" class="inputTypeText w400" id="browser_title"/>
<input type="text" name="browser_title" value="{$module_info->browser_title}" class="inputTypeText w400" id="browser_title"/>
<a href="{getUrl('','module','module','act','dispModuleAdminLangcode','target','browser_title')}" onclick="popopen(this.href);return false;" class="buttonSet buttonSetting"><span>{$lang->cmd_find_langcode}</span></a>
<p>{$lang->about_browser_title}</p>
</td>

2
modules/page/tpl/page_insert.html
View file

@ -31,7 +31,7 @@
<tr>
<th scope="row"><div>{$lang->browser_title}</div></th>
<td colspan="3">
<input type="text" name="browser_title" value="{htmlspecialchars($module_info->browser_title)}" class="inputTypeText w400" id="browser_title"/>
<input type="text" name="browser_title" value="{$module_info->browser_title}" class="inputTypeText w400" id="browser_title"/>
<a href="{getUrl('','module','module','act','dispModuleAdminLangcode','target','browser_title')}" onclick="popopen(this.href);return false;" class="buttonSet buttonSetting"><span>{$lang->cmd_find_langcode}</span></a>
<p>{$lang->about_browser_title}</p>
</td>

30
modules/point/point.admin.view.php
View file

@ -16,8 +16,13 @@
$config = $oModuleModel->getModuleConfig('point');
// 설정 변수 지정
Context::set('config', $config);
Context::set('config', $config);
//Security
$security = new Security();
$security->encodeHTML('config.point_name','config.level_icon');
$security->encodeHTML('module_info..');
// template path지정
$this->setTemplatePath($this->module_path.'tpl');
}
@ -39,9 +44,13 @@
if($val->is_admin == 'Y' || $val->is_default == 'Y') continue;
$selected_group_list[$key] = $val;
}
}
}
Context::set('group_list', $selected_group_list);
//Security
$security = new Security();
$security->encodeHTML('group_list..title','group_list..description');
// 템플릿 지정
$this->setTemplateFile('config');
}
@ -57,18 +66,14 @@
Context::set('module_config', $oModuleModel->getModulePartConfigs('point'));
//Security
$security = new Security();
$security->encodeHTML('mid_list..browser_title','mid_list..mid');
// 템플릿 지정
$this->setTemplateFile('module_config');
}
/**
* @brief 기능별 act 설정
**/
function dispPointAdminActConfig() {
// 템플릿 지정
$this->setTemplateFile('action_config');
}
/**
* @brief 회원 포인트순 목록 가져오기
**/
@ -93,6 +98,11 @@
// group 목록 가져오기
$this->group_list = $oMemberModel->getGroups();
Context::set('group_list', $this->group_list);
//Security
$security = new Security();
$security->encodeHTML('group_list..title','group_list..description');
$security->encodeHTML('member_list..');
// 템플릿 지정
$this->setTemplateFile('member_list');

6
modules/point/tpl/member_list.html
View file

@ -18,9 +18,9 @@
<!--@foreach($member_list as $no => $val)-->
<tr class="row{$cycle_idx}">
<td class="center number">{$no}</td>
<td class="nowrap">{htmlspecialchars($val->user_id)}</td>
<td class="nowrap">{htmlspecialchars($val->user_name)}</td>
<td class="nowrap"><span class="member_{$val->member_srl}">{htmlspecialchars($val->nick_name)}</span></td>
<td class="nowrap">{$val->user_id}</td>
<td class="nowrap">{$val->user_name}</td>
<td class="nowrap"><span class="member_{$val->member_srl}">{$val->nick_name}</span></td>
<td class="nowrap">
<form action="./" method="get">
<input type="hidden" name="member_srl" value="{$val->member_srl}" />

12
modules/poll/poll.admin.view.php
View file

@ -52,7 +52,10 @@
Context::set('page', $output->page);
Context::set('poll_list', $output->data);
Context::set('page_navigation', $output->page_navigation);
Context::set('module_list', $module_list);
Context::set('module_list', $module_list);
$security = new Security();
$security->encodeHTML('poll_list..title');
// 템플릿 지정
$this->setTemplatePath($this->module_path.'tpl');
@ -77,7 +80,12 @@
// 설정된 스킨의 컬러셋 설정
Context::set('colorset_list', $skin_list[$config->skin]->colorset);
$security = new Security();
$security->encodeHTML('config..');
$security->encodeHTML('skin_list..title');
$security->encodeHTML('colorset_list..name','colorset_list..title');
// 템플릿 지정
$this->setTemplatePath($this->module_path.'tpl');
$this->setTemplateFile('config');

2
modules/poll/tpl/config.html
View file

@ -10,7 +10,7 @@
<td class="center">
<select name="skin" onchange="doDisplaySkinColorset(this);return false;">
<!--@foreach($skin_list as $key => $val)-->
<option value="{$key}" <!--@if($config->skin == $key)-->selected="selected"<!--@end-->>{$val->title} ({$key})</option>
<option value="{$key}" <!--@if($config->skin == $key)-->selected="selected"<!--@end-->>{$val->title} ({htmlspecialchars($key)})</option>
<!--@end-->
</select>
</td>

2
modules/poll/tpl/poll_list.html
View file

@ -25,7 +25,7 @@
<tr class="row{$cycle_idx}">
<td class="number center">{$no}</td>
<td class="center"><input type="checkbox" name="cart" value="{$val->poll_index_srl}" /></td>
<td><a href="#" onclick="doMovePoll({$val->poll_srl},{$val->upload_target_srl});return false;">{htmlspecialchars($val->title)}</a></td>
<td><a href="#" onclick="doMovePoll({$val->poll_srl},{$val->upload_target_srl});return false;">{$val->title}</a></td>
<td class="number center">{$val->checkcount}</td>
<td class="number center">{$val->poll_count}</td>
<td class="date nowrap center">{zdate($val->regdate,"Y-m-d H:i")}</td>

11
modules/rss/rss.admin.view.php
View file

@ -40,9 +40,14 @@
}
Context::set('feed_config', $feed_config);
Context::set('total_config', $total_config);
Context::set('total_config', $total_config);
$security = new Security();
$security->encodeHTML('feed_config..mid','feed_config..url');
$security->encodeHTML('total_config..');
$this->setTemplatePath($this->module_path.'tpl');
$this->setTemplateFile('rss_admin_index');
$this->setTemplateFile('rss_admin_index');
}
}
?>
?>

4
modules/rss/tpl/rss_admin_index.html
View file

@ -18,7 +18,7 @@
<tr>
<th scope="row"><div>{$lang->title}</div></th>
<td class="wide">
<input type="text" class="inputTypeText" name="feed_title" value="{htmlspecialchars($total_config->feed_title)}" />
<input type="text" class="inputTypeText" name="feed_title" value="{$total_config->feed_title}" />
</td>
</tr>
<tr>
@ -43,7 +43,7 @@
<tr>
<th scope="row"><div>{$lang->feed_copyright}</div></th>
<td class="wide">
<input type="text" class="inputTypeText" name="feed_copyright" value="{htmlspecialchars($total_config->feed_copyright)}" />
<input type="text" class="inputTypeText" name="feed_copyright" value="{$total_config->feed_copyright}" />
<p>{$lang->about_feed_copyright}</p>
</td>
</tr>

10
modules/spamfilter/spamfilter.admin.view.php
View file

@ -37,7 +37,10 @@
$ip_list = $oSpamFilterModel->getDeniedIPList();
Context::set('ip_list', $ip_list);
$security = new Security();
$security->encodeHTML('ip_list..');
// 템플릿 파일 지정
$this->setTemplateFile('denied_ip_list');
}
@ -51,7 +54,10 @@
$word_list = $oSpamFilterModel->getDeniedWordList();
Context::set('word_list', $word_list);
$security = new Security();
$security->encodeHTML('word_list..word');
// 템플릿 파일 지정
$this->setTemplateFile('denied_word_list');
}

6
modules/syndication/syndication.admin.view.php
View file

@ -42,6 +42,12 @@
}
Context::set('except_module', $except_module_list);
//Security
$security = new Security();
$security->encodeHTML('services..service','except_module..ping');
$security->encodeHTML('except_module..mid','except_module..browser_title');
$this->setTemplatePath($this->module_path.'tpl');
$this->setTemplateFile('config');
}

4
modules/trackback/tpl/trackback_list.html
View file

@ -70,8 +70,8 @@
<tr class="row{$cycle_idx}">
<td rowspan="2" class="center number" scope="col">{$no}</td>
<td rowspan="2" class="center"><input type="checkbox" name="cart" value="{$val->trackback_srl}" /></td>
<td rowspan="2"><div class="w200"><a href="{$val->url}" onclick="window.open(this.href); return false;">{htmlspecialchars($val->blog_name)}</a></div></td>
<td ><a href="{getUrl('','document_srl',$val->document_srl)}#trackback_{$val->trackback_srl}" onclick="window.open(this.href);return false;">{htmlspecialchars($val->title)}</a></td>
<td rowspan="2"><div class="w200"><a href="{$val->url}" onclick="window.open(this.href); return false;">{$val->blog_name}</a></div></td>
<td ><a href="{getUrl('','document_srl',$val->document_srl)}#trackback_{$val->trackback_srl}" onclick="window.open(this.href);return false;">{$val->title}</a></td>
<td class="date center nowrap">{zdate($val->regdate,"Y-m-d")}</td>
<td class="number left nowrap"><a href="{getUrl('search_target','ipaddress','search_keyword',$val->ipaddress)}">{$val->ipaddress}</a></td>
</tr>

7
modules/trackback/trackback.admin.view.php
View file

@ -40,7 +40,12 @@
Context::set('page', $output->page);
Context::set('trackback_list', $output->data);
Context::set('page_navigation', $output->page_navigation);
//Security
$security = new Security();
$security->encodeHTML('config.');
$security->encodeHTML('trackback_list..');
// 템플릿 지정
$this->setTemplatePath($this->module_path.'tpl');
$this->setTemplateFile('trackback_list');

8
modules/widget/widget.admin.view.php
View file

@ -13,7 +13,7 @@
function init() {
$this->setTemplatePath($this->module_path.'tpl');
}
/**
* @brief 위젯 목록을 보여줌
**/
@ -24,6 +24,9 @@
Context::set('widget_list', $widget_list);
$this->setTemplateFile('downloaded_widget_list');
$security = new Security();
$security->encodeHTML('widget_list..', 'widget_list..author..');
}
/**
@ -47,6 +50,9 @@
$editor = $oEditorModel->getModuleEditor('document',$module_srl, $module_srl,'module_srl','content');
Context::set('editor', $editor);
$security = new Security();
$security->encodeHTML('member_config..');
$this->setLayoutFile("popup_layout");
$this->setTemplateFile('add_content_widget');