idcjp/gdidc
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
873ad5ec46
gdidc/common/conf/config.inc.php

442 lines
18 KiB
PHP
Raw Blame History

<?php
header("Content-Type: text/html; charset=UTF-8");
header("X-XSS-Protection: 1; mode=block");
header('Cache-Control: no-cache, no-store, must-revalidate'); // HTTP 1.1.
header('Pragma: no-cache'); // HTTP 1.0.
header('Expires: 0'); // Proxies.
$ext_arr = array ('DOCUMENT_URI', '_ENV', '_GET', '_POST', '_FILES', '_SERVER', '_COOKIE', '_SESSION', '_REQUEST',
'HTTP_ENV_VARS', 'HTTP_GET_VARS', 'HTTP_POST_VARS', 'HTTP_POST_FILES', 'HTTP_SERVER_VARS',
'HTTP_COOKIE_VARS', 'HTTP_SESSION_VARS', 'GLOBALS');
$ext_cnt = count($ext_arr);
for ($i=0; $i<$ext_cnt; $i++) {
// POST, GET 으로 선언된 전역변수가 있다면 unset() 시킴
if (isset($_GET[$ext_arr[$i]])) unset($_GET[$ext_arr[$i]]);
if (isset($_POST[$ext_arr[$i]])) unset($_POST[$ext_arr[$i]]);
}
function array_map_deep($fn, $array)
{
if(is_array($array)) {
foreach($array as $key => $value) {
if(is_array($value)) {
$array[$key] = array_map_deep($fn, $value);
} else {
$array[$key] = call_user_func($fn, $value);
}
}
} else {
$array = call_user_func($fn, $array);
}
return $array;
}
// SQL Injection 대응 문자열 필터링
function sql_escape_string($str)
{
if(defined('ESCAPE_PATTERN') && defined('ESCAPE_REPLACE')) {
$pattern = ESCAPE_PATTERN;
$replace = ESCAPE_REPLACE;
if($pattern)
$str = preg_replace($pattern, $replace, $str);
}
$str = call_user_func('addslashes', $str);
return $str;
}
//define('ESCAPE_PATTERN', '/(and|or|AND|OR).*(union|select|insert|update|delete|from|where|limit|create|drop|script).*/i');
define('ESCAPE_REPLACE', '');
//==============================================================================
// SQL Injection 등으로 부터 보호를 위해 sql_escape_string() 적용
//------------------------------------------------------------------------------
// magic_quotes_gpc 에 의한 backslashes 제거
if (get_magic_quotes_gpc()) {
$_POST = array_map_deep('stripslashes', $_POST);
$_GET = array_map_deep('stripslashes', $_GET);
$_COOKIE = array_map_deep('stripslashes', $_COOKIE);
$_REQUEST = array_map_deep('stripslashes', $_REQUEST);
}
// sql_escape_string 적용
$_POST = array_map_deep(sql_escape_string, $_POST);
$_GET = array_map_deep(sql_escape_string, $_GET);
$_COOKIE = array_map_deep(sql_escape_string, $_COOKIE);
$_REQUEST = array_map_deep(sql_escape_string, $_REQUEST);
//==============================================================================
// XSS 관련 태그 제거
function clean_xss_tags($str, $check_entities=0)
{
$str_len = strlen($str);
$i = 0;
while($i <= $str_len){
$result = preg_replace('#</*(?:applet|b(?:ase|gsound|link)|embed|frame(?:set)?|i(?:frame|layer)|l(?:ayer|ink)|meta|object|s(?:cript|tyle)|title|xml)[^>]*+>#i', '', $str);
if( $check_entities ){
$result = str_replace(array('&colon;', '&lpar;', '&rpar;', '&NewLine;', '&Tab;'), '', $result);
}
if((string)$result === (string)$str) break;
$str = $result;
$i++;
}
return $str;
}
function RemoveXSS($val) {
$val = preg_replace('/([\x00-\x08][\x0b-\x0c][\x0e-\x20])/', '', $val);
$search = 'abcdefghijklmnopqrstuvwxyz';
$search .= 'ABCDEFGHIJKLMNOPQRSTUVWXYZ';
$search .= '1234567890!@#$%^&*()';
$search .= '~`";:?+/={}[]-_|\'\\';
for ($i = 0; $i < strlen($search); $i++) {
// ;? matches the ;, which is optional
// 0{0,7} matches any padded zeros, which are optional and go up to 8 chars
// &#x0040 @ search for the hex values
$val = preg_replace('/(&#[x|X]0{0,8}'.dechex(ord($search[$i])).';?)/i', $search[$i], $val);
// with a ;
// &#00064 @ 0{0,7} matches '0' zero to seven times
$val = preg_replace('/(&#0{0,8}'.ord($search[$i]).';?)/', $search[$i], $val); // with a ;
}
// now the only remaining whitespace attacks are \t, \n, and \r
$ra1 = Array('javascript', 'vbscript', 'expression', 'applet', 'meta', 'xml', 'blink', 'link', 'style','script', 'embed', 'object', 'iframe', 'frame', 'frameset', 'ilayer', 'layer', 'bgsound', 'title', 'base');
$ra2 = Array('onabort', 'onactivate', 'onafterprint', 'onafterupdate', 'onbeforeactivate', 'onbeforecopy', 'onbeforecut', 'onbeforedeactivate', 'onbeforeeditfocus', 'onbeforepaste', 'onbeforeprint', 'onbeforeunload', 'onbeforeupdate', 'onblur', 'onbounce', 'oncellchange', 'onchange', 'onclick', 'oncontextmenu', 'oncontrolselect', 'oncopy', 'oncut', 'ondataavailable', 'ondatasetchanged', 'ondatasetcomplete', 'ondblclick', 'ondeactivate', 'ondrag', 'ondragend', 'ondragenter', 'ondragleave', 'ondragover', 'ondragstart', 'ondrop', 'onerror', 'onerrorupdate', 'onfilterchange', 'onfinish', 'onfocus', 'onfocusin', 'onfocusout', 'onhelp', 'onkeydown', 'onkeypress', 'onkeyup', 'onlayoutcomplete', 'onload', 'onlosecapture', 'onmousedown', 'onmouseenter', 'onmouseleave', 'onmousemove', 'onmouseout', 'onmouseover', 'onmouseup', 'onmousewheel', 'onmove', 'onmoveend', 'onmovestart', 'onpaste', 'onpropertychange', 'onreadystatechange', 'onreset', 'onresize', 'onresizeend', 'onresizestart', 'onrowenter', 'onrowexit', 'onrowsdelete', 'onrowsinserted', 'onscroll', 'onselect', 'onselectionchange', 'onselectstart', 'onstart', 'onstop', 'onsubmit', 'onunload');
$ra = array_merge($ra1, $ra2);
$found = true; // keep replacing as long as the previous round replaced something
while ($found == true) {
$val_before = $val;
for ($i = 0; $i < sizeof($ra); $i++) {
$pattern = '/';
for ($j = 0; $j < strlen($ra[$i]); $j++) {
if ($j > 0) {
$pattern .= '(';
$pattern .= '(&#[x|X]0{0,8}([9][a][b]);?)?';
$pattern .= '|(&#0{0,8}([9][10][13]);?)?';
$pattern .= ')?';
}
$pattern .= $ra[$i][$j];
}
$pattern .= '/i';
$replacement = substr($ra[$i], 0, 2).'<x>'.substr($ra[$i], 2); // add in <> to nerf the tag
$val = preg_replace($pattern, $replacement, $val); // filter out the hex tags
if ($val_before == $val) {
// no replacements were made, so exit the loop
$found = false;
}
}
}
return $val;
}
function filter($nameasdferwer) {
$nameasdferwer = htmlspecialchars($nameasdferwer);
$nameasdferwer = strip_tags($nameasdferwer);
$nameasdferwer = mysql_real_escape_string($nameasdferwer);
return $nameasdferwer;
}
//////////////////////////// 이하 생략
include $_SERVER[DOCUMENT_ROOT] . "/common/conf/dbconfig.inc.php";
//DB연결
$dblink = SetConn($_conf_db["main_db"]);
$arrSetInfo = getShopsetInfo($GLOBALS["_conf_tbl"]["shop_set"]);
//DB해제
SetDisConn($dblink);
/*********************************************************************/
// 사이트 기본정보
/*********************************************************************/
$_SITE["NAME"] = $arrSetInfo["list"][0][shop_name];
$_SITE["DOMAIN"] = $arrSetInfo["list"][0][shop_url];
$_SITE["EMAIL"] = $arrSetInfo["list"][0][admin_email];
$_SITE["POSTMAN_ID"] = "";
$_SITE["POSTMAN_PW"] = "";
/*********************************************************************/
// 업로드 파일 위치
/*********************************************************************/
$_SITE["UPLOADED_DATA"] = $_SERVER[DOCUMENT_ROOT] . "/uploaded";
$_SITE["VOD_DATA"] = $_SERVER["DOCUMENT_ROOT"] . "/vodData";
$_SITE["VOD_DATA_URL"] = "/vodData";
/*********************************************************************/
// 게시판 설정 정보
/*********************************************************************/
$_SITE["BOARD_PREWORD"] = "tbl_board_";
$_SITE["BOARD_DATA"] = $_SITE["UPLOADED_DATA"] . "/board";
$_SITE["BOARD_PATH"] = $_SERVER[DOCUMENT_ROOT] . "/module/board";
$_SITE["BOARD_SKIN"] = $_SITE["BOARD_PATH"] . "/skin/";
$_SITE["BOARD_SKIN_URL"] = "/module/board/skin";
/*********************************************************************/
// 가입금지 아이디
/*********************************************************************/
$_SITE["MEMBER"]["DONT_USE_ID"][] = "admin";
$_SITE["MEMBER"]["DONT_USE_ID"][] = "master";
$_SITE["MEMBER"]["DONT_USE_ID"][] = "webmaster";
$_SITE["MEMBER"]["DONT_USE_ID"][] = "administrator";
$_SITE["MEMBER"]["DONT_USE_ID"][] = "guest";
$_SITE["MEMBER"]["DONT_USE_ID"][] = "help";
$_SITE["MEMBER"]["DONT_USE_ID"][] = "sex";
$_SITE["MEMBER"]["DONT_USE_ID"][] = "fuck";
/*********************************************************************/
// 제품 관련(product 모듈) 변수 설정
/*********************************************************************/
//카테고리 뎊스 : 최대 5까지
$_SITE["PRODUCT"]["CATEGORY_DEPTH"] = $arrSetInfo['list'][0]['shop_product_c'];
$_SITE["GALLERY"]["CATEGORY_DEPTH"] = $arrSetInfo['list'][0]['shop_gallery_c'];
$_SITE["STORE"]["CATEGORY_DEPTH"] = $arrSetInfo['list'][0]['shop_store_c'];
$_SITE["PATENTS"]["CATEGORY_DEPTH"] = $arrSetInfo['list'][0]['shop_patents_c'];
//사진이미지 추가가능 갯수
$_SITE["PRODUCT"]["IMAGE_COUNT"] = $arrSetInfo['list'][0]['shop_product_imgc'];
$_SITE["GALLERY"]["IMAGE_COUNT"] = $arrSetInfo['list'][0]['shop_gallery_imgc'];
$_SITE["STORE"]["IMAGE_COUNT"] = $arrSetInfo['list'][0]['shop_store_imgc'];
$_SITE["PATENTS"]["IMAGE_COUNT"] = $arrSetInfo['list'][0]['shop_patents_imgc'];
/*********************************************************************/
// 쇼핑몰 관련 변수 설정
/*********************************************************************/
//쇼핑몰 사용여부
$_SITE["SHOP"]["USE_SHOP"] = "Y";
//장바구니 이미지 크기
$_SITE["SHOP"]["IMAGE_S_WIDTH"] = "150";
//목록 이미지 크기
$_SITE["SHOP"]["IMAGE_M_WIDTH"] = "320";
//상세보기 이미지 크기
$_SITE["SHOP"]["IMAGE_L_WIDTH"] = "610";
//목록에서 이미지 가로갯수
$_SITE["SHOP"]["IMAGE_DIVISION"] = "4";
//PG사 설정
$_SITE["SHOP"]["PG"]["SERVICE"] = "test";//테스트 일 경우에만 test
$_SITE["SHOP"]["PG"]["COMPANY"] = $arrSetInfo["list"][0][shop_pg];//올더게이트
$_SITE["SHOP"]["PG"]["MALLID"] = $arrSetInfo["list"][0][shop_pg_id];//올더게이트 테스트 아이디(aegis)
//===========================================================
//휴대폰결제 관련 정보// 올더게이트 사용시 휴대폰아디 추가 발급
// 20100729
//===========================================================
$_SITE["SHOP"]["PG"]["HP_SUBID"] = "";// SUB_CP아이디
//## 업체에 따라 하단 값을 넣지 않다도 작동세팅이 된 업체도 있슴
$_SITE["SHOP"]["PG"]["HP_UNITType"] = "";//상품구분 1:디지털 2:일반
$_SITE["SHOP"]["PG"]["ProdCode"] = "";//상품코드
$_SITE["SHOP"]["PG"]["HP_ID"] = "";//CP 아이디
$_SITE["SHOP"]["PG"]["HP_PWD"] = "";//비밀번호// 엑셀파일에는 없음
//===========================================================
/*********************************************************************/
// SMTP 변수 설정
/*********************************************************************/
$_SITE["SMTP"]["HOST"] = $arrSetInfo['list'][0]['smtp_host'];
$_SITE["SMTP"]["USERNAME"] = $arrSetInfo['list'][0]['smtp_username'];
$_SITE["SMTP"]["DOMAIN"] = $arrSetInfo['list'][0]['smtp_domain'];
$_SITE["SMTP"]["PASSWORD"] = $arrSetInfo['list'][0]['smtp_password'];
$_SITE["SMTP"]["PORT"] = $arrSetInfo['list'][0]['smtp_port'];
$_SITE["SMTP"]["SSL"] = $arrSetInfo['list'][0]['smtp_ssl'];
$_SITE["SMTP"]["EMAIL"] = $arrSetInfo['list'][0]['smtp_username']."@".$arrSetInfo['list'][0]['smtp_domain'];
//년도 설정
for($i=date("Y");$i>2011;$i--){
$_SITE["BOARD"]["YEAR"][] = $i;
}
//설계,감리,기타 항목
$arrCategory = explode("\r\n", $arrSetInfo["list"][0][category]);
for($i=0; $i<count($arrCategory); $i++) {
$_SITE["SHOP"]["CATE"][] = $arrCategory[$i];
}
//에너지사업 항목
$arrCategory2 = explode("\r\n", $arrSetInfo["list"][0][category2]);
for($i=0; $i<count($arrCategory2); $i++) {
$_SITE["SHOP"]["CATE2"][] = $arrCategory2[$i];
}
//계좌번호 설정
$arrBank = explode("\n", $arrSetInfo["list"][0][shop_bankinfo]);
for($i=0; $i<count($arrBank); $i++) {
$_SITE["SHOP"]["BANK"][] = $arrBank[$i];
}
$arrDeliveryLnc = explode("\n", $arrSetInfo["list"][0][shop_delivery_lnc]);
for($i=0; $i<count($arrDeliveryLnc); $i++) {
$_SITE["SHOP"]["DELIVERYLNC"][] = $arrDeliveryLnc[$i];
}
$arrBanner = explode("\n", $arrSetInfo["list"][0][banner_content]);
for($i=0; $i<count($arrBanner); $i++) {
$_SITE["SHOP"]["BannerContent"][] = $arrBanner[$i];
}
//포인트 사용시 포인트가 이 금액 이상 있어야지만 사용가능
$_SITE["SHOP"]["POINT"]["LOW_ACCOUNT"] = $arrSetInfo["list"][0][shop_point_max];
//포인트 사용시 총액이 이 금액 이상이어야지만 사용가능
$_SITE["SHOP"]["POINT"]["LOW_PRICE"] = $arrSetInfo["list"][0][shop_point_min];
//총액이 이 금액 이상이면 배송료 무료
if($arrSetInfo['list'][0]['shop_delivery_gb']=="5"){//상품별 배송비 책정
$_SITE["SHOP"]["SHIP"]["FREE_PRICE"] = $arrSetInfo["list"][0][shop_delivery_price_etc];
}else if($arrSetInfo['list'][0]['shop_delivery_gb']=="4"){//총결제금액별 배송비 책정
$_SITE["SHOP"]["SHIP"]["FREE_PRICE"] = $arrSetInfo["list"][0][shop_delivery_price];
}else{
$_SITE["SHOP"]["SHIP"]["FREE_PRICE"] = 0;
}
//기본 배송료 고정가
$_SITE["SHOP"]["SHIP"]["SHIP_PRICE"] = $arrSetInfo["list"][0][shop_delivery_default];
//주문상태
$_SITE["SHOP"]["ORDER_STATE"]["1"] = "입금대기";
$_SITE["SHOP"]["ORDER_STATE"]["2"] = "취소요청";
$_SITE["SHOP"]["ORDER_STATE"]["3"] = "취소완료";
//$_SITE["SHOP"]["ORDER_STATE"]["4"] = "환불요청";
$_SITE["SHOP"]["ORDER_STATE"]["5"] = "환불완료";
$_SITE["SHOP"]["ORDER_STATE"]["6"] = "결제완료";
$_SITE["SHOP"]["ORDER_STATE"]["7"] = "배송준비중";
$_SITE["SHOP"]["ORDER_STATE"]["8"] = "배송중";
$_SITE["SHOP"]["ORDER_STATE"]["9"] = "거래완료";
//결제방법
$arrPay = explode(",", $arrSetInfo["list"][0][shop_payment]);
for($i=0; $i<count($arrPay); $i++) {
$arrPayType = explode("|", $arrPay[$i]);
$_SITE["SHOP"]["PAY_TYPE"][$arrPayType[0]] = $arrPayType[1];
}
$_SITE["SHOP"]["PAY_TYPE_MOBILE"]["cardnormal"] = "신용카드(일반)";
$_SITE["SHOP"]["PAY_TYPE_MOBILE"]["virtualnormal"] = "가상계좌(일반)";
$_SITE["SHOP"]["PAY_TYPE_MOBILE"]["cardescrow"] = "신용카드(에스크로)";
$_SITE["SHOP"]["PAY_TYPE_MOBILE"]["virtualescrow"] = "가상계좌(에스크로)";
$_SITE["SHOP"]["PAY_TYPE_MOBILE"]["hp"] = "휴대폰";
//제조사
$_SITE["VENDOR"][] = "현대";
$_SITE["VENDOR"][] = "기아";
$_SITE["VENDOR"][] = "쉐보레(GM대우)";
$_SITE["VENDOR"][] = "기아";
$_SITE["VENDOR"][] = "르노삼성";
$_SITE["VENDOR"][] = "쌍용";
$_SITE["VENDOR"][] = "기타";
$_SITE["VENDOR"][] = "BMW";
$_SITE["VENDOR"][] = "벤츠";
$_SITE["VENDOR"][] = "아우디";
$_SITE["VENDOR"][] = "렉서스";
$_SITE["VENDOR"][] = "폭스바겐";
$_SITE["VENDOR"][] = "인피니티";
$_SITE["VENDOR"][] = "크라이슬러";
$_SITE["VENDOR"][] = "MINI";
$_SITE["VENDOR"][] = "푸조";
$_SITE["VENDOR"][] = "혼다";
$_SITE["VENDOR"][] = "볼보";
$_SITE["VENDOR"][] = "재규어";
$_SITE["VENDOR"][] = "닛산";
$_SITE["VENDOR"][] = "캐딜락";
$_SITE["VENDOR"][] = "포르쉐";
$_SITE["VENDOR"][] = "포드";
$_SITE["VENDOR"][] = "토요타";
$_SITE["VENDOR"][] = "랜드로버";
$_SITE["VENDOR"][] = "지프";
$_SITE["VENDOR"][] = "링컨";
$_SITE["VENDOR"][] = "사브";
$_SITE["VENDOR"][] = "스바루";
$_SITE["VENDOR"][] = "스즈키";
$_SITE["VENDOR"][] = "미쓰비시";
$_SITE["VENDOR"][] = "시트로엥";
$_SITE["VENDOR"][] = "닷지";
$_SITE["VENDOR"][] = "애스턴마틴";
$_SITE["VENDOR"][] = "페라리";
$_SITE["VENDOR"][] = "피아트";
$_SITE["VENDOR"][] = "허머";
//주행거리
$_SITE["KM"][] = "0km";
$_SITE["KM"][] = "10000km";
$_SITE["KM"][] = "20000km";
$_SITE["KM"][] = "30000km";
$_SITE["KM"][] = "40000km";
$_SITE["KM"][] = "50000km";
$_SITE["KM"][] = "60000km";
$_SITE["KM"][] = "70000km";
$_SITE["KM"][] = "80000km";
$_SITE["KM"][] = "90000km";
$_SITE["KM"][] = "100000km";
$_SITE["KM"][] = "110000km";
$_SITE["KM"][] = "120000km";
$_SITE["KM"][] = "130000km";
$_SITE["KM"][] = "140000km";
$_SITE["KM"][] = "150000km";
$_SITE["KM"][] = "160000km";
$_SITE["KM"][] = "170000km";
$_SITE["KM"][] = "180000km";
$_SITE["KM"][] = "190000km";
$_SITE["KM"][] = "200000km";
$_SITE["SIDO"][] = "강원";
$_SITE["SIDO"][] = "경기";
$_SITE["SIDO"][] = "경남";
$_SITE["SIDO"][] = "경북";
$_SITE["SIDO"][] = "광주";
$_SITE["SIDO"][] = "대구";
$_SITE["SIDO"][] = "대전";
$_SITE["SIDO"][] = "부산";
$_SITE["SIDO"][] = "서울";
$_SITE["SIDO"][] = "세종";
$_SITE["SIDO"][] = "울산";
$_SITE["SIDO"][] = "인천";
$_SITE["SIDO"][] = "전남";
$_SITE["SIDO"][] = "전북";
$_SITE["SIDO"][] = "제주";
$_SITE["SIDO"][] = "충남";
$_SITE["SIDO"][] = "충북";
$_SITE["PRODUCT"]["TYPE"][] = "교육시설";
$_SITE["PRODUCT"]["TYPE"][] = "업무시설";
$_SITE["PRODUCT"]["TYPE"][] = "의료시설";
$_SITE["PRODUCT"]["TYPE"][] = "주거시설";
$_SITE["PRODUCT"]["TYPE"][] = "문화 및 집회시설";
$_SITE["PRODUCT"]["TYPE"][] = "상업시설";
$_SITE["PRODUCT"]["TYPE"][] = "물류 및 창고시설";
$_SITE["PRODUCT"]["TYPE"][] = "사회기반시설";
$_SITE["PRODUCT"]["TYPE"][] = "도시재생";
/*********************************************************************/
// 페이징 관련 변수 설정
/*********************************************************************/
//페이징 관련 변수(기본설정이며 각 페이지에서 재 설정 가능)
$scale = 10;
$pagescale = 10;
include $_SERVER[DOCUMENT_ROOT] . "/common/lib/html.inc.php";
include $_SERVER[DOCUMENT_ROOT] . "/common/lib/util.inc.php";
include $_SERVER[DOCUMENT_ROOT] . "/common/lib/navigation.inc.php";
include $_SERVER[DOCUMENT_ROOT] . "/common/lib/navigationB.inc.php";//backoffice용
//include $_SERVER[DOCUMENT_ROOT] . "/common/lib/smtpclass.inc.php";2020-08-07 사용종료
include $_SERVER[DOCUMENT_ROOT] . "/common/lib/phpmailer.inc.php";
?>
Reference in New Issue View Git Blame Copy Permalink