refs #514 : merge with 1.8 tree.

Needlworks · May 7, 2011 · f97d617 · f97d617
1 parent 439ef77
commit f97d617
Show file tree

Hide file tree

Showing 16 changed files with 198 additions and 52 deletions.
diff --git a/documents/changelog_ko.txt b/documents/changelog_ko.txt
@@ -1,6 +1,22 @@
 * 이 문서는 변경사항을 모두 포함하고 있지 않을 수 있습니다. 자세한 변경사항 열람을 위해서는 텍스트큐브 개발 사이트 (http://dev.textcube.org) 의 해당 버전의 로드맵과 티켓들을 확인해 주시기 바랍니다.
 * 버그 로그는 일반적으로 이전 버전에서 발생했으나 해결된 부분을 포함하며, 이번 버전을 만드는 과정에서 발생하는 버그는 기록하지 않습니다.
 
+== v1.8.6 개발 관련 노트 ==
+=== 추가된 점 ===
+ * 스킨       : 댓글 다 보여주기 / 페이징 여부에 상관없이 댓글 정렬 순서를 스킨/스킨 상세 설정 에서 조정할 수 있도록 함.(#1570)
+ * 블로그      : 안드로이드에서 iPhone/iPod Touch와 동일한 UI 지원 (#1576)
+
+=== 변경된 점 ===
+ * 일반       : jQuery 라이브러리의 버전 업데이트 (#1560)
+ * 일반       : 로그인 시 블로그로 되돌아가기 링크 추가 (#1567)
+
+=== 버그 수정 ===
+ * 일반       : PHP 5.3 이상에서 DirectoryIterator가 더이상 순차적 파일 이름 정렬을 보장하지 않아 발생할 수 있는 라이브러리 로드 문제 수정 (#1564)
+ * 리더       : 플래시를 통하여 악의적 공격이 가능할 수 있는 문제 수정 (#1107)
+ * OpenID    : 방문자 계정을 생성하여 XSS 삽입 방식의 공격이 가능할 수 있는 문제 수정 (#1558)
+ * Setup     : 설치시 MySQL쿼리의 문법 오류 수정 (#1577)
+ * 스킨       : 스킨 편집시 마지막으로 편집한 탭의 내용이 저장되지 않는 문제 수정 (#1580)
+
 == v1.8.5 개발 관련 노트 ==
 === 변경된 점 ===
  * TTXML : ttxml 출력시 memory-hog 오류 방지를 위하여 버퍼 기반의 출력방식으로 변경 (#1522)

diff --git a/framework/data/DBModel.php b/framework/data/DBModel.php
@@ -249,7 +249,7 @@ public function replace($option = null) {
 		$pairs = $attributes;
 		foreach($pairs as $key => $value) if (is_null($value)) $pairs[$key] = 'NULL';
 		$attributeFields = $this->_capsulateFields(array_keys($attributes));
-		if (in_array(POD::dbms(), array('MySQL','MySQLi'))) { // Those supports 'REPLACE'
+		if (in_array(POD::dbms(), array('MySQL','MySQLi','SQLite3'))) { // Those supports 'REPLACE'
 			$this->_query = 'REPLACE INTO ' . $this->table . ' (' . implode(',', $attributeFields) . ') VALUES(' . implode(',', $pairs) . ')';
 			if($option == 'count') return POD::queryCount($this->_query);
 			if (POD::query($this->_query)) {

diff --git a/framework/legacy/Textcube.Control.Session.php b/framework/legacy/Textcube.Control.Session.php
@@ -47,7 +47,7 @@ public static function read($id) {
 		if(is_null(self::$context)) self::initialize();
 
 		if ($result = self::query('cell',"SELECT privilege FROM ".self::$context->getProperty('database.prefix')."Sessions 
-			WHERE id = '$id' AND address = '{$_SERVER['REMOTE_ADDR']}' AND updated >= (UNIX_TIMESTAMP() - ".self::$context->getProperty('service.timeout').")")) {
+			WHERE id = '$id' AND address = '{$_SERVER['REMOTE_ADDR']}' AND updated >= (".(Timestamp::getUNIXtime() - self::$context->getProperty('service.timeout')).")")) {
 			return $result;
 		}
 		return '';
@@ -127,7 +127,7 @@ private static function newAnonymousSession() {
 			if (($id = self::getAnonymousSession()) !== false)
 				return $id;
 			$id = dechex(rand(0x10000000, 0x7FFFFFFF)) . dechex(rand(0x10000000, 0x7FFFFFFF)) . dechex(rand(0x10000000, 0x7FFFFFFF)) . dechex(rand(0x10000000, 0x7FFFFFFF));
-			$result = self::query('count',"INSERT INTO ".self::$context->getProperty('database.prefix')."Sessions (id, address, server, request, referer, created, updated, expires) VALUES('$id', '{$_SERVER['REMOTE_ADDR']}', '', '', '', UNIX_TIMESTAMP(), UNIX_TIMESTAMP() - $meet_again_baby,".($current+self::$context->getProperty('service.timeout')).")");
+			$result = self::query('count',"INSERT INTO ".self::$context->getProperty('database.prefix')."Sessions (id, address, server, request, referer, created, updated, expires) VALUES('$id', '{$_SERVER['REMOTE_ADDR']}', '', '', '', ".Timestamp::getUNIXtime().", ".Timestamp::getUNIXtime()." - $meet_again_baby,".($current+self::$context->getProperty('service.timeout')).")");
 			if ($result > 0)
 				return $id;
 		}
@@ -260,4 +260,4 @@ private static function DBQuery($mode='query',$sql) {
 		return null;
 	}
 }
-?>
+?>
diff --git a/interface/common/blog/end.php b/interface/common/blog/end.php
@@ -136,4 +136,5 @@
 $view = revertTempTags(removeAllTags($view));
 print $view;
 $gCacheStorage->save();
+POD::$db->close();
 ?>
diff --git a/interface/owner/data/correct/index.php b/interface/owner/data/correct/index.php
@@ -105,7 +105,7 @@ function setProgress($progress, $text = null, $sub = null) {
 setProgress($item++ / $items * 100, _t('태그와 태그 관계 정보를 다시 계산해서 저장합니다.'));
 $post->correctTagsAll();
 
-if ($result = POD::query("SELECT id, name, parent, homepage, comment, entry, isfiltered FROM {$database['prefix']}Comments WHERE blogid = $blogid")) {
+if ($result = POD::query("SELECT id, name, parent, homepage, comment, entry, isfiltered FROM {$database['prefix']}Comments WHERE blogid = $blogid and isfiltered = 0")) {
 	while ($comment = POD::fetch($result)) {
 		setProgress($item++ / $items * 100, _t('댓글과 방명록 데이터를 교정하고 있습니다.'));
 		$correction = '';
@@ -120,11 +120,10 @@ function setProgress($progress, $text = null, $sub = null) {
 			$corrected++;
 		}
 		if (!is_null($comment['parent']) && ($comment['isfiltered'] == 0)) {
-			$r2 = POD::query("SELECT id FROM {$database['prefix']}Comments WHERE blogid = $blogid AND id = {$comment['parent']} AND isfiltered = 0");
-			if (POD::num_rows($r2) <= 0) {
+			$r2 = POD::queryCount("SELECT id FROM {$database['prefix']}Comments WHERE blogid = $blogid AND id = {$comment['parent']} AND isfiltered = 0");
+			if ($r2 <= 0) {
 				trashCommentInOwner($blogid, $comment['id']);
 			}
-			POD::free($r2);
 		}
 	}
 	POD::free($result);

diff --git a/interface/owner/setting/entry/resample/index.php b/interface/owner/setting/entry/resample/index.php
@@ -17,7 +17,7 @@
 if (isset($_POST['useResamplingAsDefault']) && ($_POST['useResamplingAsDefault'] == "yes")) {
 	Setting::setBlogSettingGlobal("resamplingDefault", "yes");
 } else {
-	Setting::removeBlogSettingiGlobal("resamplingDefault");
+	Setting::removeBlogSettingGlobal("resamplingDefault");
 }
 CacheControl::flushEntry();
 

diff --git a/interface/owner/skin/edit/download/index.php b/interface/owner/skin/edit/download/index.php
@@ -9,9 +9,6 @@
 	);
 
 require ROOT . '/library/preprocessor.php';
-if (false) {
-	fetchConfigVal();
-}
 
 if (!file_exists(ROOT . "/skin/customize/".getBlogId()."/".$_GET['file']))
 	exit;

diff --git a/interface/owner/skin/edit/index.php b/interface/owner/skin/edit/index.php
@@ -113,8 +113,104 @@ function undo(mode) {
 									}
 									return true;
 								}
+
+
+
+
+
+								function setSkin(mode) {
+									var skin = document.getElementById(mode);
+									var file = document.getElementById(mode + 'FileName');
+									var skinData = '';
+									if ((mode == 'skin' && skinHTMLSaved == false) || (mode == 'style' && skinStyleSaved == false)) {
+										if(mode == 'skin' && currentTag != 'all') {
+											skinData = skinCode;
+											currentCode = document.getElementById(mode).value;
+											var request = new HTTPRequest("POST", "<?php echo $context->getProperty('uri.blog');?>/owner/skin/edit/crop/");									
+											request.onSuccess = function() {
+												skinData = this.getText("/response/skinCode");
+												saveSkinCode(mode,skinData,file);
+											}
+											request.onError = function() {
+												if (this.getText("/response/msg"))
+													alert(this.getText("/response/msg"));
+												else
+													alert('<?php echo _t('실패했습니다.');?>');
+											}
+											request.send('skinCode='+encodeURIComponent(skinCode)
+												+'&currentTag='+encodeURIComponent(currentTag)
+												+'&currentCode='+encodeURIComponent(currentCode)
+												+'&nextTag=all');
+										} else {
+											skinData = skin.value;
+											saveSkinCode(mode,skinData,file);
+										}
+									}
+								}
+								function saveSkinCode(mode,skinData,file) {
+									var request = new HTTPRequest("POST", "<?php echo $context->getProperty('uri.blog');?>/owner/skin/edit/skin/");
+									request.onSuccess = function() {
+										PM.showMessage("<?php echo _t('저장되었습니다');?>", "center", "bottom");
+
+										if (mode == 'skin') {
+											skinHTMLSaved = true;
+											if(document.getElementById('skin-download').innerHTML == '') {
+												document.getElementById('skin-download').innerHTML = '<a href="<?php echo $context->getProperty('uri.blog');?>/owner/skin/edit/download/?file=skin.html"><?php echo _t('내려받기');?></a>';
+											}
+										} else {
+											skinStyleSaved = true;
+										}
+									}
+									request.onError = function() {
+										if (this.getText("/response/msg"))
+											alert(this.getText("/response/msg"));
+										else
+											alert('<?php echo _t('실패했습니다.');?>');
+									}
+									request.send('mode='+mode+'&body='+encodeURIComponent(skinData)+'&file='+ file.value);									
+								}
+								var currentTag = 'all';
+								var currentCode = '';
+
+								function changeTab(mode,tag) {
+									currentCode = document.getElementById(mode).value;
+									var request = new HTTPRequest("POST", "<?php echo $context->getProperty('uri.blog');?>/owner/skin/edit/crop/");									
+									request.onSuccess = function() {
+										PM.showMessage("<?php echo _t('불러왔습니다.');?>", "center", "bottom");
+										document.getElementById(mode).value = (this.getText("/response/code") ? this.getText("/response/code") : ''); 
+										skinCode = this.getText("/response/skinCode");
+										document.getElementById('skin-'+currentTag).className = '';
+										document.getElementById('skin-'+tag).className = 'selected';										
+										currentTag = tag;
+										switch(mode) {
+											case 'skin':
+											undoBuffer[0] = document.getElementById(mode).value;
+											break;
+										}
+									}
+									request.onError = function() {
+										if (this.getText("/response/msg"))
+											alert(this.getText("/response/msg"));
+										else
+											alert('<?php echo _t('실패했습니다.');?>');
+									}
+									request.send('skinCode='+encodeURIComponent(skinCode)
+										+'&currentTag='+encodeURIComponent(currentTag)
+										+'&currentCode='+encodeURIComponent(currentCode)
+										+'&nextTag='+encodeURIComponent(tag));
+								}
+								function undo(mode) {
+									switch(mode) {
+										case 'skin':
+											document.getElementById(mode).value = undoBuffer[0];
+											break;
+									}
+									return true;
+								}
+
+
 <?php
-if (count($styleFileList) > 0 && !empty($currentStyleFile) && file_exists(ROOT . "/skin/blog/{$skinSetting['skin']}/" . $currentStyleFile)) {
+if (count($styleFileList) > 0 && !empty($currentStyleFile) && file_exists(ROOT . "/skin/blog/".$context->getProperty('skin.skin')."/" . $currentStyleFile)) {
 ?>		
 								var currentStyleLiNumber = 0;
 								var documentIcons = new Array();

diff --git a/library/model/blog.archive.php b/library/model/blog.archive.php
@@ -40,6 +40,22 @@ function getArchives($blogid, $option = 'yearmonth') {
 				}
 			}
 			break;
+		case 'SQLite3':
+			if($option == 'year') $format = '%Y';
+			else if ($option == 'month') $format = '%m';
+			else $format = '%Y%m';
+			$sql = "SELECT strftime('".$format."',e.published,'unixepoch') AS period, COUNT(*) AS count 
+				FROM {$database['prefix']}Entries e
+				WHERE e.blogid = $blogid AND e.draft = 0 $visibility AND e.category >= 0 
+				GROUP BY period 
+				ORDER BY period 
+				DESC LIMIT $archivesOnPage";
+			$result = POD::queryAllWithDBCache($sql, 'entry');
+			if ($result) {
+				foreach($result as $archive)
+					array_push($archives, $archive);
+			}
+			break;
 		case 'Cubrid':
 			if($option == 'year') $format = 'YYYY';
 			else if ($option == 'month') $format = 'MM';
@@ -97,6 +113,11 @@ function getCalendar($blogid, $period) {
 					TO_CHAR(to_timestamp('09:00:00 AM 01/01/1970')+e.published, 'YYYY') = '{$calendar['year']}' AND
 					TO_CHAR(to_timestamp('09:00:00 AM 01/01/1970')+e.published, 'MM') = '{$calendar['month']}'",'entry');	
 			break;
+		case 'SQLite3':
+		$result = POD::queryAllWithDBCache("SELECT DISTINCT strftime('%d',e.published,'unixepoch') 
+			FROM {$database['prefix']}Entries e
+			WHERE e.blogid = $blogid AND e.draft = 0 $visibility AND e.category >= 0 AND strftime('%Y',e.published,'unixepoch') = {$calendar['year']} AND strftime('%m',e.published,'unixepoch') = {$calendar['month']}",'entry');		
+			break;
 		case 'MySQL':
 		case 'MySQLi':
 		case 'PostgreSQL':

diff --git a/library/model/blog.blogSetting.php b/library/model/blog.blogSetting.php
@@ -316,6 +316,8 @@ function addBlog($blogid, $userid, $identify) {
 		}
 		$pool->reset('SkinSettings');
 		$pool->setAttribute('blogid',$blogid);
+		$pool->setAttribute('name','skin',true);
+		$pool->setAttribute('value',$ctx->getProperty('service.skin'),true);
 		if(!$pool->insert()) {
 			deleteBlog($blogid);
 			return 13;

diff --git a/library/model/blog.entry.php b/library/model/blog.entry.php
@@ -428,7 +428,7 @@ function getEntryWithPaging($blogid, $id, $isSpecialEntry = false, $categoryId =
 		WHERE e.blogid = $blogid 
 			AND e.id = $id 
 			AND e.draft = 0 $visibility AND $category");
-	$result = POD::query("SELECT e.id 
+	$result = POD::queryColumn("SELECT e.id 
 		FROM ".$ctx->getProperty('database.prefix')."Entries e 
 		LEFT JOIN ".$ctx->getProperty('database.prefix')."Categories c ON e.blogid = c.blogid AND e.category = c.id 
 		WHERE e.blogid = $blogid 
@@ -443,7 +443,7 @@ function getEntryWithPaging($blogid, $id, $isSpecialEntry = false, $categoryId =
 		$paging['pages'] = $isSpecialEntry ? ($isSpecialEntry == 'page' ? getPagesTotalCount($blogid) : getNoticesTotalCount($blogid)) : getEntriesTotalCount($blogid);
 	}
 
-	for ($i = 1; $entry = POD::fetch($result); $i++) {
+	for ($i = 1; $entry = array_shift($result); $i++) {
 		if ($entry['id'] != $id) {
 			if (array_push($paging['before'], $entry['id']) > 4) {
 				if ($i == 5) 
@@ -456,10 +456,10 @@ function getEntryWithPaging($blogid, $id, $isSpecialEntry = false, $categoryId =
 		$paging['page'] = $i;
 		array_push($entries, $currentEntry);
 		$paging['after'] = array();
-		for ($i++; (count($paging['after']) < 4) && ($entry = POD::fetch($result)); $i++)
+		for ($i++; (count($paging['after']) < 4) && ($entry = array_shift($result)); $i++)
 			array_push($paging['after'], $entry['id']);
 		if ($i < $paging['pages']) {
-			while ($entry = POD::fetch($result))
+			while ($entry = array_shift($result))
 				$paging['last'] = $entry['id'];
 		}
 		if (count($paging['before']) > 0)
@@ -498,7 +498,7 @@ function getEntryWithPagingBySlogan($blogid, $slogan, $isSpecialEntry = false, $
 			AND e.slogan = '".POD::escapeString($slogan)."' 
 			AND e.draft = 0 $visibility AND $category");
 
-	$result = POD::query("SELECT e.id, e.slogan 
+	$result = POD::queryAll("SELECT e.id, e.slogan 
 		FROM ".$ctx->getProperty('database.prefix')."Entries e 
 		LEFT JOIN ".$ctx->getProperty('database.prefix')."Categories c ON e.blogid = c.blogid AND e.category = c.id 
 		WHERE e.blogid = $blogid 
@@ -514,7 +514,7 @@ function getEntryWithPagingBySlogan($blogid, $slogan, $isSpecialEntry = false, $
 		$paging['pages'] = $isSpecialEntry ? ($isSpecialEntry == 'page' ? getPagesTotalCount($blogid) : getNoticesTotalCount($blogid)) : getEntriesTotalCount($blogid);
 	}
 
-	for ($i = 1; $entry = POD::fetch($result); $i++) {
+	for ($i = 1; $entry = array_shift($result); $i++) {
 		if ($entry['slogan'] != $slogan) {
 			if (array_push($paging['before'], $entry['slogan']) > 4) if ($i == 5)
 				$paging['first'] = array_shift($paging['before']);
@@ -525,10 +525,10 @@ function getEntryWithPagingBySlogan($blogid, $slogan, $isSpecialEntry = false, $
 		$paging['page'] = $i;
 		array_push($entries, $currentEntry);
 		$paging['after'] = array();
-		for ($i++; (count($paging['after']) < 4) && ($entry = POD::fetch($result)); $i++)
+		for ($i++; (count($paging['after']) < 4) && ($entry = array_shift($result)); $i++)
 			array_push($paging['after'], $entry['slogan']);
 		if ($i < $paging['pages']) {
-			while ($entry = POD::fetch($result))
+			while ($entry = array_shift($result))
 				$paging['last'] = $entry['slogan'];
 		}
 		if (count($paging['before']) > 0)
@@ -553,14 +553,15 @@ function getRecentEntries($blogid) {
 	$ctx = Model_Context::getInstance();
 	$entries = array();
 	$visibility = doesHaveOwnership() ? '' : 'AND e.visibility > 0'.getPrivateCategoryExclusionQuery($blogid);
-	$result = POD::query("SELECT e.id, e.userid, e.title, e.slogan, e.comments, e.published 
+ 	$result = POD::queryAll("SELECT e.id, e.userid, e.title, e.slogan, e.comments, e.published 
 		FROM ".$ctx->getProperty('database.prefix')."Entries e
 		WHERE e.blogid = $blogid AND e.draft = 0 $visibility AND e.category >= 0 
 		ORDER BY published DESC LIMIT ".$ctx->getProperty('skin.entriesOnRecent'));
-	while ($entry = POD::fetch($result)) {
-		array_push($entries, $entry);
+ 	if(!$result) {
+ 		return $result;
+ 	} else {
+ 		return array();
 	}
-	return $entries;
 }
 
 function addEntry($blogid, $entry, $userid = null) {

diff --git a/library/model/blog.response.remote.php b/library/model/blog.response.remote.php
@@ -96,14 +96,15 @@ function getRemoteResponses($entry, $type = null) {
 	if (!is_null($type)) $typeFilter = " AND responsetype = '".POD::escapeString($type)."'";
 	else $typeFilter = '';
 	$responses = array();
-	$result = POD::query("SELECT * 
+	$result = POD::queryAll("SELECT * 
 			FROM {$database['prefix']}RemoteResponses 
 			WHERE blogid = ".getBlogId()." 
 				AND entry = $entry 
 				AND isfiltered = 0 $typeFilter 
 			ORDER BY written");
-	while ($response = POD::fetch($result))
-		array_push($responses, $response);
+	if(!empty($result)) $responses = $result;
+//	while ($response = POD::fetch($result))
+//		array_push($responses, $response);
 	return $responses;
 }
 
@@ -211,11 +212,16 @@ function getRemoteResponseLog($blogid, $entry, $type = null) {
 	global $database;
 	if($type === null) $filter = '';
 	else $filter = " AND responsetype = '".POD::escapeString($type)."'";
-	$result = POD::query("SELECT * FROM {$database['prefix']}RemoteResponseLogs WHERE blogid = $blogid AND entry = $entry $filter");
+	$result = POD::queryAll("SELECT * FROM {$database['prefix']}RemoteResponseLogs WHERE blogid = $blogid AND entry = $entry $filter");
 	$str = '';
-	while ($row = POD::fetch($result)) {
-		$str .= $row['id'] . ',' . $row['url'] . ',' . Timestamp::format5($row['written']) . '*';
+	if(!empty($result)) {
+		foreach($result as $row) {
+			$str .= $row['id'] . ',' . $row['url'] . ',' . Timestamp::format5($row['written']) . '*';
+		}
 	}
+//	while ($row = POD::fetch($result)) {
+//		$str .= $row['id'] . ',' . $row['url'] . ',' . Timestamp::format5($row['written']) . '*';
+//	}
 	return $str;
 }
 
@@ -224,9 +230,12 @@ function getRemoteResponseLogs($blogid, $entryId, $type = null) {
 	if($type === null) $filter = '';
 	else $filter = " AND responsetype = '".POD::escapeString($type)."'";
 	$logs = array();
-	$result = POD::query("SELECT * FROM {$database['prefix']}RemoteResponseLogs WHERE blogid = $blogid AND entry = $entryId $filter");
-	while ($log = POD::fetch($result))
-		array_push($logs, $log);
+	$result = POD::queryAll("SELECT * FROM {$database['prefix']}RemoteResponseLogs WHERE blogid = $blogid AND entry = $entryId $filter");
+	if(!empty($result)) {
+		$logs = $result;
+	}
+//	while ($log = POD::fetch($result))
+//		array_push($logs, $log);
 	return $logs;
 }