first

2023-04-17 11:06:08 +09:00
parent d0b393aa97
commit 76264e09ad
4686 changed files with 552713 additions and 0 deletions
--- a/_core/function/lib/getContent.lib.php
+++ b/_core/function/lib/getContent.lib.php
@@ -0,0 +1,106 @@
+<?php
+
+// php-htmlpurfier-html5 :  https://github.com/kennberg/php-htmlpurfier-html5
+function load_htmlpurifier($allowed) {
+	global $g;
+  $config = HTMLPurifier_Config::createDefault();
+  $config->set('HTML.Doctype', 'HTML 4.01 Transitional');
+  $config->set('CSS.AllowTricky', true);
+  $config->set('Cache.SerializerPath', $g['path_tmp'].'cache/HTMLPurifier');
+  // Allow iframes from:
+  // o YouTube.com
+  // o Vimeo.com
+  $config->set('HTML.SafeIframe', true);
+  $config->set('URI.SafeIframeRegexp', '%^(http:|https:)?//(www.youtube(?:-nocookie)?.com/embed/|player.vimeo.com/video/)%');
+  $config->set('HTML.Allowed', implode(',', $allowed));
+  // Set some HTML5 properties
+  $config->set('HTML.DefinitionID', 'html5-definitions'); // unqiue id
+  $config->set('HTML.DefinitionRev', 1);
+  if ($def = $config->maybeGetRawHTMLDefinition()) {
+    // http://developers.whatwg.org/sections.html
+    $def->addElement('section', 'Block', 'Flow', 'Common');
+    $def->addElement('nav',     'Block', 'Flow', 'Common');
+    $def->addElement('article', 'Block', 'Flow', 'Common');
+    $def->addElement('aside',   'Block', 'Flow', 'Common');
+    $def->addElement('header',  'Block', 'Flow', 'Common');
+    $def->addElement('footer',  'Block', 'Flow', 'Common');
+		$def->addElement('blockquote',  'Block', 'Flow', 'Common');
+
+    // Content model actually excludes several tags, not modelled here
+    $def->addElement('address', 'Block', 'Flow', 'Common');
+    $def->addElement('hgroup', 'Block', 'Required: h1 | h2 | h3 | h4 | h5 | h6', 'Common');
+    // http://developers.whatwg.org/grouping-content.html
+    $def->addElement('figure', 'Block', 'Optional: (figcaption, Flow) | (Flow, figcaption) | Flow', 'Common');
+    $def->addElement('figcaption', 'Inline', 'Flow', 'Common');
+
+    // http://developers.whatwg.org/the-video-element.html#the-video-element
+    $def->addElement('video', 'Block', 'Optional: (source, Flow) | (Flow, source) | Flow', 'Common', array(
+      'src' => 'URI',
+      'type' => 'Text',
+      'width' => 'Length',
+      'height' => 'Length',
+      'poster' => 'URI',
+      'preload' => 'Enum#auto,metadata,none',
+      'controls' => 'Bool',
+    ));
+		$def->addElement('oembed', 'Block', 'Flow', 'Common', array(
+			'url' => 'URI'
+		));
+    $def->addElement('source', 'Block', 'Flow', 'Common', array(
+      'src' => 'URI',
+      'type' => 'Text',
+    ));
+    // http://developers.whatwg.org/text-level-semantics.html
+    $def->addElement('s',    'Inline', 'Inline', 'Common');
+    $def->addElement('var',  'Inline', 'Inline', 'Common');
+    $def->addElement('sub',  'Inline', 'Inline', 'Common');
+    $def->addElement('sup',  'Inline', 'Inline', 'Common');
+    $def->addElement('mark', 'Inline', 'Inline', 'Common');
+    $def->addElement('wbr',  'Inline', 'Empty', 'Core');
+    // http://developers.whatwg.org/edits.html
+    $def->addElement('ins', 'Block', 'Flow', 'Common', array('cite' => 'URI', 'datetime' => 'CDATA'));
+    $def->addElement('del', 'Block', 'Flow', 'Common', array('cite' => 'URI', 'datetime' => 'CDATA'));
+    // TinyMCE
+    $def->addAttribute('img', 'data-mce-src', 'Text');
+    $def->addAttribute('img', 'data-mce-json', 'Text');
+    // Others
+    $def->addAttribute('iframe', 'allowfullscreen', 'Bool');
+    $def->addAttribute('table', 'height', 'Text');
+    $def->addAttribute('td', 'border', 'Text');
+    $def->addAttribute('th', 'border', 'Text');
+    $def->addAttribute('tr', 'width', 'Text');
+    $def->addAttribute('tr', 'height', 'Text');
+    $def->addAttribute('tr', 'border', 'Text');
+  }
+  return new HTMLPurifier($config);
+}
+
+function LIB_getContents($str,$html) {
+	global $d,$g;
+	if ($html == 'HTML') {
+
+		$_atkParam = $pattern = explode(',',$d['admin']['secu_param']);
+		foreach($_atkParam as $_prm) $str = str_replace($_prm,'',$str);
+
+		// HTMLPurifier
+		require_once $g['path_core'].'opensrc/HTMLPurifier/4.10.0/HTMLPurifier.safe-includes.php';
+		$allowed = explode(',',$d['admin']['secu_tags']);
+		$purifier = load_htmlpurifier($allowed);
+		$str = $purifier->purify($str);
+
+	}
+	else {
+		$str = str_replace('<','&lt;',$str);
+		$str = str_replace('>','&gt;',$str);
+		$str = str_replace('&nbsp;','&amp;nbsp;',$str);
+		$str = str_replace("\t",'&nbsp;&nbsp;&nbsp;&nbsp;',$str);
+		$str = nl2br($str);
+	}
+	return $str;
+}
+
+function getIframes($str) {
+	preg_match_all("/<iframe[^>]*?>/si", $str, $mat);
+	return $mat[0];
+}
+?>
--- a/_core/function/lib/getLink.lib.php
+++ b/_core/function/lib/getLink.lib.php
@@ -0,0 +1,51 @@
+<!DOCTYPE html>
+<html lang="<?php echo $GLOBALS['lang']['admin']['flag']?>">
+<head>
+<meta charset="utf-8">
+<meta name="robots" content="noindex,nofollow">
+<title></title>
+<script>
+var cHref = <?php if($target) echo $target?>location.href.split('#');
+<?php $url = str_replace('&amp;','&',$url)?>
+<?php if($alert):?>alert('<?php echo $alert?>');<?php endif?>
+<?php if(!strpos($url,'__target')):?>
+	<?php if($url=='reload'):?>
+		<?php if($_POST):?>
+			<?php if($target) echo $target?>location.replace(cHref[0]);
+		<?php else:?>
+			<?php if($target) echo $target?>location.reload();
+		<?php endif?>
+	<?php endif?>
+
+	<?php if($url&&$url!='reload'):?><?php if($target) echo $target?>location.href="<?php echo $url?>";<?php endif?>
+<?php endif?>
+<?php if($history=='close'):?>window.top.close();<?php endif?>
+<?php if($history<0):?>history.go(<?php echo $history?>);<?php endif?>
+</script>
+</head>
+<body>
+
+<?php
+if (strpos($url,'__target')) :
+	$url_exp = explode('?',$url);
+	$par_exp = explode('&',$url_exp[1]);
+?>
+	<form name="backForm" action="<?php echo $g['s']?>" method="get" target="">
+	<?php foreach($par_exp as $val):if(trim($val)=='')continue?>
+	<?php $_prm = explode('=',$val)?>
+	<?php if($_prm[0]=='__target'){$__target=$_prm[1];continue;}?>
+	<input type="hidden" name="<?php echo $_prm[0]?>" value="<?php echo $_prm[1]?>" />
+	<?php endforeach?>
+	</form>
+	<script type="text/javascript">
+	//<![CDATA[
+	document.backForm.target = '<?php echo $__target?>';
+	document.backForm.submit();
+	//]]>
+	</script>
+<?php endif?>
+
+<h1><a href="http://<?php echo $_SERVER['HTTP_HOST'] ?>/"><?php echo $_HS['title'] ?></a></h1>
+</body>
+</html>
+<?php exit?>
--- a/_core/function/lib/getUploadImage.lib.php
+++ b/_core/function/lib/getUploadImage.lib.php
@@ -0,0 +1,27 @@
+<?php
+function LIB_getUploadImage($upfiles,$d,$content,$ext)
+{
+	$imgs = getImgs($content,$ext);
+	if ($imgs[0])
+	{
+		if (!$upfiles) return $imgs[0];
+		$basename = basename($imgs[0]);
+		$encname  = md5($basename);
+		$folder   = substr($d,0,4).'/'.substr($d,4,2).'/'.substr($d,6,2);
+		if (is_file($GLOBALS['g']['path_file'].$folder.'/'.$encname)) return str_replace($basename,'',$imgs[0]).$encname;
+	}
+	if ($upfiles)
+	{
+		$upArray = getArrayString($upfiles);
+		foreach($upArray['data'] as $_val)
+		{
+			$U = getUidData($GLOBALS['table']['s_upload'],$_val);
+			if (!$U['uid']) continue;
+			if (strpos('_jpg,gif,png',$U['ext']))
+			{
+				return $U['url'].$U['folder'].'/'.$U['thumbname'];
+			}
+		}
+	}
+}
+?>
--- a/_core/function/lib/getWindow.lib.php
+++ b/_core/function/lib/getWindow.lib.php
@@ -0,0 +1,22 @@
+<!DOCTYPE html>
+<html lang="<?php echo $GLOBALS['lang']['admin']['flag']?>">
+<head>
+<meta charset="utf-8">
+<meta name="robots" content="noindex,nofollow">
+<title></title>
+<script>
+<?php $url = str_replace('&amp;','&',$url)?>
+<?php if($alert):?>alert('<?php echo $alert?>');<?php endif?>
+<?php if($url):?>window.open('<?php echo $url?>','','<?php echo $option?>');<?php endif?>
+<?php if($backurl=='reload'):?>
+<?php if($_POST):?>
+<?php if($target) echo $target?>location.replace(<?php if($target) echo $target?>location.href);
+<?php else:?>
+<?php if($target) echo $target?>location.reload();
+<?php endif?>
+<?php endif?>
+<?php if($backurl&&$backurl!='reload'):?><?php if($target) echo $target?>location.href="<?php echo $backurl?>";<?php endif?>
+</script>
+</head>
+<body></body>
+</html>
--- a/_core/function/lib/page.lib.php
+++ b/_core/function/lib/page.lib.php
@@ -0,0 +1,18 @@
+<?php
+function LIB_getPageLink($lnum,$p,$tpage,$_N)
+{
+	if (!$_N) $_N = $GLOBALS['g']['pagelink'].'&amp;';
+	$g_q  = $p > 1 ? '<li class="page-item"><a class="page-link" href="'.$_N.'p=1" data-toggle="tooltip" title="첫 페이지"><i class="fa fa-angle-double-left"></i></a></li>' : '<li class="page-item disabled"><a class="page-link" href="#." data-toggle="tooltip" title="First page"><i class="fa fa-angle-double-left"></i></a></li>';
+	if($p < $lnum+1) { $g_q .= '<li class="page-item disabled"><a class="page-link" href="#." data-toggle="tooltip" title="이전 페이지"><i class="fa fa-angle-left"></i></a></li>'; }
+	else{ $pp = (int)(($p-1)/$lnum)*$lnum; $g_q .= '<li class="page-item"><a class="page-link" href="'.$_N.'page='.$pp.'" data-toggle="tooltip" title="Previous page"><i class="fa fa-angle-left"></i></a></li>';}
+	$st1 = (int)(($p-1)/$lnum)*$lnum + 1;
+	$st2 = $st1 + $lnum;
+	for($jn = $st1; $jn < $st2; $jn++)
+	if ( $jn <= $tpage)
+	($jn == $p)? $g_q .= '<li class="page-item active"><span class="page-link">'.$jn.'</span></li>' : $g_q .= '<li class="page-item"><a class="page-link" href="'.$_N.'p='.$jn.'">'.$jn.'</a></li>';
+	if($tpage < $lnum || $tpage < $jn) { $g_q .= '<li class="page-item disabled"><a class="page-link" href="#." data-toggle="tooltip" title="Next page"><i class="fa fa-angle-right"></i></a></li>'; }
+	else{$np = $jn; $g_q .= '<li class="page-item"><a class="page-link" href="'.$_N.'p='.$np.'" data-toggle="tooltip" title="다음 페이지"><i class="fa fa-angle-right"></i></a></li>'; }
+	$g_q  .= $tpage > $p ? '<li class="page-item"><a class="page-link" href="'.$_N.'p='.$tpage.'" data-toggle="tooltip" title="마지막 페이지('.$tpage.')"><i class="fa fa-angle-double-right"></i></a></li>' : '<li class="page-item disabled"><a class="page-link" href="#." data-toggle="tooltip" title="Last page('.$tpage.')"><i class="fa fa-angle-double-right"></i></a></li>';
+	return $g_q;
+}
+?>
--- a/_core/function/lib/searchsql.lib.php
+++ b/_core/function/lib/searchsql.lib.php
@@ -0,0 +1,55 @@
+<?php
+//검색sql
+function LIB_getSearchSql($w,$k,$ik,$h)
+{
+	if($k==',' || (!$k&&$h=='not')) return '';
+	$k = $k ? urldecode($k) : '';
+	$ik= $ik? urldecode($ik) : '';
+	$h = $h ? $h : 'or';
+	$k = str_replace(' ', ',',$k);
+	$karr = explode(',' , $k);
+	$knm  = count($karr);
+	
+	$result = ' and (';
+
+	if ($h == 'not')
+	{
+		$h = 'and';
+		if (strstr($w,'|'))
+		{
+			$warr	= explode('|' , $w);
+			$wnm	= count($warr);
+
+			for ($j = 0; $j < $knm; $j++)
+			{
+				if (!$karr[$j]) continue;
+
+				for ($i = 0; $i < $wnm; $i++) if (strlen($karr[$j])>2) $result .= $warr[$i]."<>'".$karr[$j]."' ".$h.' ';
+			}
+		}
+		else {
+			for ($i = 0; $i < $knm; $i++) if (strlen($karr[$i])>2) $result .= $w."<>'".$karr[$i]."' ".$h.' ';
+		}
+	}
+	else {
+		if (strstr($w,'|'))
+		{
+			$warr	= explode('|' , $w);
+			$wnm	= count($warr);
+
+			for ($j = 0; $j < $knm; $j++)
+			{
+				if (!$karr[$j]) continue;
+
+				for ($i = 0; $i < $wnm; $i++) if (strlen($karr[$j])>2) $result .= $warr[$i]." like '%".$karr[$j]."%' ".$h.' ';
+			}
+		}
+		else {
+			for ($i = 0; $i < $knm; $i++) if (strlen($karr[$i])>2) $result .= $w." like '%".$karr[$i]."%' ".$h.' ';
+		}
+	}
+	$result = substr($result,0,strlen($result)-4).')';
+	if($ik) $result .= getSearchSql($w,$ik,'',$h);
+	return $result;
+}
+?>