From b59ac03debf4d9bde4752aa21d3449d1e7d7635a Mon Sep 17 00:00:00 2001 From: zero Date: Tue, 28 Oct 2008 01:31:28 +0000 Subject: [PATCH] =?UTF-8?q?IE=EC=97=90=EC=84=9C=20=EC=B2=A8=EB=B6=80?= =?UTF-8?q?=ED=8C=8C=EC=9D=BC=20=EB=AF=B8=EB=A6=AC=20=EB=B3=B4=EA=B8=B0=20?= =?UTF-8?q?=EC=95=88=EB=90=98=EB=8A=94=20=EA=B8=B0=EB=8A=A5=20=EB=B0=8F=20?= =?UTF-8?q?Context=EC=97=90=EC=84=9C=20request=20arguments=EC=97=90=20?= =?UTF-8?q?=EB=8C=80=ED=95=B4=20filtering=EC=9D=84=20=ED=95=98=EB=8A=94=20?= =?UTF-8?q?=EA=B8=B0=EB=8A=A5=20=EB=B3=B4=EC=99=84?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit git-svn-id: http://xe-core.googlecode.com/svn/sandbox@4702 201d5d3c-b55e-5fd7-737f-ddc643e51545 --- classes/context/Context.class.php | 34 ++++++++----- common/js/xml_handler.js | 10 ++-- modules/editor/tpl/js/uploader.js | 24 ++++++--- modules/file/file.controller.php | 84 ++++++++++++------------------- modules/file/file.model.php | 38 +++++++------- 5 files changed, 97 insertions(+), 93 deletions(-) diff --git a/classes/context/Context.class.php b/classes/context/Context.class.php index a555718d6..e558b4c92 100644 --- a/classes/context/Context.class.php +++ b/classes/context/Context.class.php @@ -550,18 +550,7 @@ foreach($_REQUEST as $key => $val) { if($val === "") continue; - if($key == "page" || $key == "cpage" || substr($key,-3)=="srl") $val = (int)$val; - else if(is_array($val) && count($val) ) { - foreach($val as $k => $v) { - if(version_compare(PHP_VERSION, "5.9.0", "<") && get_magic_quotes_gpc()) $v = stripslashes($v); - $v = trim($v); - $val[$k] = $v; - } - } else { - if(version_compare(PHP_VERSION, "5.9.0", "<") && get_magic_quotes_gpc()) $val = stripslashes($val); - $val = trim($val); - } - + $val = $this->_filterRequestVar($key, $val); if($this->_getRequestMethod()=='GET'&&$_GET[$key]) $set_to_vars = true; elseif($this->_getRequestMethod()=='POST'&&$_POST[$key]) $set_to_vars = true; else $set_to_vars = false; @@ -584,11 +573,30 @@ if(!count($params)) return; foreach($params as $key => $obj) { - $val = trim($obj->body); + $val = $this->_filterRequestVar($key, $obj->body); $this->_set($key, $val, true); } } + /** + * @brief 변수명에 따라서 필터링 처리 + * _srl, page, cpage등의 변수는 integer로 형변환 + **/ + function _filterRequestVar($key, $val) { + if($key == "page" || $key == "cpage" || substr($key,-3)=="srl") return (int)$val; + if(is_array($val) && count($val) ) { + foreach($val as $k => $v) { + if(version_compare(PHP_VERSION, "5.9.0", "<") && get_magic_quotes_gpc()) $v = stripslashes($v); + $v = trim($v); + $val[$k] = $v; + } + } else { + if(version_compare(PHP_VERSION, "5.9.0", "<") && get_magic_quotes_gpc()) $val = stripslashes($val); + $val = trim($val); + } + return $val; + } + /** * @brief 업로드 되었을 경우 return true **/ diff --git a/common/js/xml_handler.js b/common/js/xml_handler.js index 4a5f24905..d57fa92f3 100644 --- a/common/js/xml_handler.js +++ b/common/js/xml_handler.js @@ -9,10 +9,12 @@ var show_waiting_message = true; function exec_xml(module, act, params, callback_func, response_tags, callback_func_arg, fo_obj) { var oXml = new xml_handler(); oXml.reset(); - for(var key in params) { - if(!params.hasOwnProperty(key)) continue; - var val = params[key]; - oXml.addParam(key, val); + if(typeof(params)!='undefined') { + for(var key in params) { + if(!params.hasOwnProperty(key)) continue; + var val = params[key]; + oXml.addParam(key, val); + } } oXml.addParam("module", module); oXml.addParam("act", act); diff --git a/modules/editor/tpl/js/uploader.js b/modules/editor/tpl/js/uploader.js index 4a1af50e0..a8fa82cc9 100755 --- a/modules/editor/tpl/js/uploader.js +++ b/modules/editor/tpl/js/uploader.js @@ -236,7 +236,7 @@ function completeReloadFileList(ret_obj, response_tags, settings) { var previewObj = xGetElementById(settings["previewAreaID"]); if(previewObj) xInnerHtml(previewObj,""); - if(files) { + if(files && typeof(files['item'])!='undefined') { var item = files['item']; if(item.length<1) item = new Array(item); if(item.length) { @@ -249,14 +249,20 @@ function completeReloadFileList(ret_obj, response_tags, settings) { } } } - listObj.selectedIndex = listObj.options.length-1; + //listObj.selectedIndex = listObj.options.length-1; xAddEventListener(listObj,'click',previewFiles); } function previewFiles(evt) { var e = new xEvent(evt); var obj = e.target; - if(obj.nodeName!="OPTION") return; + var selObj = null; + if(obj.nodeName=="OPTION") selObj = obj.parentNode; + else selObj = obj; + if(selObj.nodeName != "SELECT") return; + if(selObj.selectedIndex<0) return; + obj = selObj.options[selObj.selectedIndex]; + var file_srl = obj.value; if(!file_srl || typeof(uploadedFiles[file_srl])=="undefined") return; var file_info = uploadedFiles[file_srl]; @@ -297,12 +303,18 @@ function removeUploadedFile(editorSequence) { if(fileListObj.selectedIndex<0) return; - var file_srl = fileListObj.options[fileListObj.selectedIndex].value; + var file_srls = new Array(); + for(var i=0;ideleteFile($file_srl); // 첨부파일의 목록을 java script로 출력 - $this->printUploadedFileList($editor_sequence, $upload_target_srl); + // $this->printUploadedFileList($editor_sequence, $upload_target_srl); } /** @@ -333,31 +333,40 @@ function deleteFile($file_srl) { if(!$file_srl) return; - // 파일 정보를 가져옴 - $args->file_srl = $file_srl; - $output = executeQuery('file.getFile', $args); - if(!$output->toBool()) return $output; - $file_info = $output->data; - if(!$file_info) return new Object(-1, 'file_not_founded'); + $srls = explode(',',$file_srl); + if(!count($srls)) return; - $source_filename = $output->data->source_filename; - $uploaded_filename = $output->data->uploaded_filename; + for($i=0;$idata; - $output = ModuleHandler::triggerCall('file.deleteFile', 'before', $trigger_obj); - if(!$output->toBool()) return $output; + $args = null; + $args->file_srl = $srl; + $output = executeQuery('file.getFile', $args); + if(!$output->toBool()) continue; - // DB에서 삭제 - $output = executeQuery('file.deleteFile', $args); - if(!$output->toBool()) return $output; + $file_info = $output->data; + if(!$file_info) continue; - // trigger 호출 (after) - $trigger_output = ModuleHandler::triggerCall('file.deleteFile', 'after', $trigger_obj); - if(!$trigger_output->toBool()) return $trigger_output; + $source_filename = $output->data->source_filename; + $uploaded_filename = $output->data->uploaded_filename; - // 삭제 성공하면 파일 삭제 - FileHandler::removeFile($uploaded_filename); + // trigger 호출 (before) + $trigger_obj = $output->data; + $output = ModuleHandler::triggerCall('file.deleteFile', 'before', $trigger_obj); + if(!$output->toBool()) return $output; + + // DB에서 삭제 + $output = executeQuery('file.deleteFile', $args); + if(!$output->toBool()) return $output; + + // trigger 호출 (after) + $trigger_output = ModuleHandler::triggerCall('file.deleteFile', 'after', $trigger_obj); + if(!$trigger_output->toBool()) return $trigger_output; + + // 삭제 성공하면 파일 삭제 + FileHandler::removeFile($uploaded_filename); + } return $output; } @@ -446,38 +455,7 @@ * @brief upload_target_srl을 키로 하는 첨부파일을 찾아서 java script 코드로 return **/ function printUploadedFileList($editor_sequence, $upload_target_srl) { - $oFileModel = &getModel('file'); - - if($upload_target_srl) { - // file의 Model객체 생성 - - // 첨부파일 목록을 구함 - $tmp_file_list = $oFileModel->getFiles($upload_target_srl); - $file_count = count($tmp_file_list); - - // 루프를 돌면서 $buff 변수에 java script 코드를 생성 - $buff = ""; - for($i=0;$i<$file_count;$i++) { - $file_info = $tmp_file_list[$i]; - if(!$file_info->file_srl) continue; - if($file_info->direct_download == 'Y') $file_info->uploaded_filename = sprintf('%s%s', Context::getRequestUri(), str_replace('./', '', $file_info->uploaded_filename)); - $file_list[] = $file_info; - $attached_size += $file_info->file_size; - } - } - - // 업로드 상태 표시 작성 - $upload_status = $oFileModel->getUploadStatus($attached_size); - - // 필요한 정보들 세팅 - Context::set('upload_target_srl', $upload_target_srl); - Context::set('file_list', $file_list); - Context::set('upload_status', $upload_status); - - // 업로드 현황을 브라우저로 알리기 위한 javascript 코드 출력하는 템플릿 호출 - Context::set('layout','none'); - $this->setTemplatePath($this->module_path.'tpl'); - $this->setTemplateFile('print_uploaded_file_list'); + return; } } ?> diff --git a/modules/file/file.model.php b/modules/file/file.model.php index 272956d60..4cb6c7ef5 100644 --- a/modules/file/file.model.php +++ b/modules/file/file.model.php @@ -19,25 +19,29 @@ function getFileList() { $editor_sequence = Context::get("editor_sequence"); $upload_target_srl = $_SESSION['upload_info'][$editor_sequence]->upload_target_srl; - if(!$upload_target_srl) exit(); + if($upload_target_srl) { + $tmp_files = $this->getFiles($upload_target_srl); + $file_count = count($tmp_files); - $tmp_files = $this->getFiles($upload_target_srl); - $file_count = count($tmp_files); + for($i=0;$i<$file_count;$i++) { + $file_info = $tmp_files[$i]; + if(!$file_info->file_srl) continue; - for($i=0;$i<$file_count;$i++) { - $file_info = $tmp_files[$i]; - if(!$file_info->file_srl) continue; - - $obj = null; - $obj->file_srl = $file_info->file_srl; - $obj->source_filename = $file_info->source_filename; - $obj->file_size = $file_info->file_size; - $obj->disp_file_size = FileHandler::filesize($file_info->file_size); - if($file_info->direct_download=='N') $obj->download_url = $this->getDownloadUrl($file_info->file_srl, $file_info->sid); - else $obj->download_url = str_replace('./', '', $file_info->uploaded_filename); - $obj->direct_download = $file_info->direct_download; - $files[] = $obj; - $attached_size += $file_info->file_size; + $obj = null; + $obj->file_srl = $file_info->file_srl; + $obj->source_filename = $file_info->source_filename; + $obj->file_size = $file_info->file_size; + $obj->disp_file_size = FileHandler::filesize($file_info->file_size); + if($file_info->direct_download=='N') $obj->download_url = $this->getDownloadUrl($file_info->file_srl, $file_info->sid); + else $obj->download_url = str_replace('./', '', $file_info->uploaded_filename); + $obj->direct_download = $file_info->direct_download; + $files[] = $obj; + $attached_size += $file_info->file_size; + } + } else { + $upload_target_srl = 0; + $attached_size = 0; + $files = array(); } // 업로드 상태 표시 작성