-
Notifications
You must be signed in to change notification settings - Fork 237
/
g5_54version_update.extend.php
69 lines (52 loc) · 2.98 KB
/
g5_54version_update.extend.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
<?php
if (!defined('_GNUBOARD_')) exit; // 개별 페이지 접근 불가
add_event('memo_list', 'g54_user_memo_insert', 10, 3);
add_event('password_is_wrong', 'g54_check_bbs_password', 10, 3);
add_replace('invalid_password', 'g54_return_invalid_password', 10, 3);
function g54_return_invalid_password($bool, $type, $wr){
if($type === 'write' && $bool === false && $wr['wr_password'] && isset($_POST['wr_password'])) {
if(G5_STRING_ENCRYPT_FUNCTION === 'create_hash' && (strlen($wr['wr_password']) === G5_MYSQL_PASSWORD_LENGTH || strlen($wr['wr_password']) === 16)) {
if( sql_password($_POST['wr_password']) === $wr['wr_password'] ){
$bool = true;
}
}
}
return $bool;
}
function g54_check_bbs_password($type, $wr, $qstr=''){
if($type === 'bbs' && (isset($wr['wr_password']) && $wr['wr_password']) && isset($_POST['wr_password'])) {
global $bo_table, $w;
if(G5_STRING_ENCRYPT_FUNCTION === 'create_hash' && (strlen($wr['wr_password']) === G5_MYSQL_PASSWORD_LENGTH || strlen($wr['wr_password']) === 16)) {
if( sql_password($_POST['wr_password']) === $wr['wr_password'] ){
if ($w == 's') {
$ss_name = 'ss_secret_'.$bo_table.'_'.$wr['wr_num'];
set_session($ss_name, TRUE);
} else if ($w == 'sc'){
$ss_name = 'ss_secret_comment_'.$bo_table.'_'.$wr['wr_id'];
set_session($ss_name, TRUE);
}
goto_url(short_url_clean(G5_HTTP_BBS_URL.'/board.php?'.$qstr));
}
}
}
}
function g54_user_memo_insert($kind, $unkind, $page=1){
global $g5, $is_member, $member;
if( ! $is_member || $kind !== 'send' ) return;
$sql = " select count(*) as cnt from {$g5['memo_table']} where me_send_mb_id = '{$member['mb_id']}' and me_type = 'recv' and me_send_ip = '' ";
$row = sql_fetch($sql);
if ( !$row['cnt'] ) return;
$sql = " select count(*) as cnt from {$g5['memo_table']} where me_send_mb_id = '{$member['mb_id']}' and me_type = 'send' ";
$row2 = sql_fetch($sql);
if( $row['cnt'] && ! $row2['cnt'] ){
$sql = " select * from {$g5['memo_table']} where me_send_mb_id = '{$member['mb_id']}' and me_type = 'recv' ";
$result = sql_query($sql);
while ($row = sql_fetch_array($result))
{
$sql = " insert into {$g5['memo_table']} ( me_recv_mb_id, me_send_mb_id, me_send_datetime, me_read_datetime, me_memo, me_send_id, me_type ) values ( '".addslashes($row['me_recv_mb_id'])."', '".addslashes($row['me_send_mb_id'])."', '".addslashes($row['me_send_datetime'])."', '".addslashes($row['me_read_datetime'])."', '".addslashes($row['me_memo'])."', '".$row['me_id']."', 'send' ) ";
sql_query($sql);
}
$sql = " update {$g5['memo_table']} set me_send_ip = '{$_SERVER['REMOTE_ADDR']}' where me_send_mb_id = '{$member['mb_id']}' and me_type = 'recv' and me_send_ip = '' ";
sql_query($sql);
}
}