2022-09-17 20:50:50 +09:00
|
|
|
<?php
|
|
|
|
|
$sub_menu = "100400";
|
2024-09-23 11:07:19 +09:00
|
|
|
include_once "./_common.php";
|
2022-09-17 20:50:50 +09:00
|
|
|
|
|
|
|
|
check_demo();
|
|
|
|
|
|
|
|
|
|
if ($is_admin != 'super')
|
2024-09-19 20:57:39 +09:00
|
|
|
alert('최고관리자만 접근 가능합니다.');
|
2022-09-17 20:50:50 +09:00
|
|
|
|
|
|
|
|
check_admin_token();
|
|
|
|
|
|
|
|
|
|
// 이전 메뉴정보 삭제
|
|
|
|
|
$sql = " delete from {$g5['menu_table']} ";
|
|
|
|
|
sql_query($sql);
|
|
|
|
|
|
|
|
|
|
$group_code = null;
|
|
|
|
|
$primary_code = null;
|
|
|
|
|
$count = count($_POST['code']);
|
|
|
|
|
|
2024-10-05 13:23:37 +09:00
|
|
|
EventHandler::triggerEvent("amber.admin.menu_list_update_before");
|
|
|
|
|
|
2024-09-19 20:57:39 +09:00
|
|
|
for ($i = 0; $i < $count; $i++) {
|
|
|
|
|
$_POST = array_map_deep('trim', $_POST);
|
2024-09-22 11:15:16 +09:00
|
|
|
if (preg_match('/^javascript/i', preg_replace('/[ ]{1,}|[\t]/', '', $_POST['me_link'][$i]))) {
|
|
|
|
|
$_POST['me_link'][$i] = G5_URL;
|
|
|
|
|
}
|
|
|
|
|
|
2024-09-23 11:07:19 +09:00
|
|
|
$_POST['me_link'][$i] = is_array($_POST['me_link']) ? clean_xss_tags(clean_xss_attributes(preg_replace('/[ ]{2,}|[\t]/', '', $_POST['me_link'][$i])), 1) : '';
|
2024-09-22 11:15:16 +09:00
|
|
|
|
2024-09-22 10:26:38 +09:00
|
|
|
$code = strip_tags($_POST['code'][$i]);
|
|
|
|
|
$me_name = strip_tags($_POST['me_name'][$i]);
|
2024-09-19 20:57:55 +09:00
|
|
|
// kve-2021-0755 gnuboard 3a3434104c
|
|
|
|
|
$me_link = html_purifier($_POST['me_link'][$i]);
|
2024-09-19 21:06:35 +09:00
|
|
|
$me_depth = $_POST['me_depth'][$i];
|
|
|
|
|
$me_parent = $_POST['me_parent'][$i];
|
2024-09-19 20:57:39 +09:00
|
|
|
if (!$code || !$me_name)
|
|
|
|
|
continue;
|
|
|
|
|
$sub_code = '';
|
|
|
|
|
if ($group_code == $code) {
|
|
|
|
|
$sql = " select MAX(SUBSTRING(me_code,3,2)) as max_me_code
|
2024-09-20 22:12:00 +09:00
|
|
|
from {$g5['menu_table']}
|
|
|
|
|
where SUBSTRING(me_code,1,2) = '$primary_code' ";
|
2024-09-19 20:57:39 +09:00
|
|
|
$row = sql_fetch($sql);
|
2022-09-17 20:50:50 +09:00
|
|
|
|
2024-09-19 20:57:39 +09:00
|
|
|
$sub_code = base_convert($row['max_me_code'], 36, 10);
|
|
|
|
|
$sub_code += 36;
|
|
|
|
|
$sub_code = base_convert($sub_code, 10, 36);
|
2022-09-17 20:50:50 +09:00
|
|
|
|
2024-09-19 20:57:39 +09:00
|
|
|
$me_code = $primary_code . $sub_code;
|
|
|
|
|
} else {
|
|
|
|
|
$sql = " select MAX(SUBSTRING(me_code,1,2)) as max_me_code
|
2024-09-20 22:12:00 +09:00
|
|
|
from {$g5['menu_table']}
|
|
|
|
|
where LENGTH(me_code) = '2' ";
|
2024-09-19 20:57:39 +09:00
|
|
|
$row = sql_fetch($sql);
|
2022-09-17 20:50:50 +09:00
|
|
|
|
2024-09-19 20:57:39 +09:00
|
|
|
$me_code = base_convert($row['max_me_code'], 36, 10);
|
|
|
|
|
$me_code += 36;
|
|
|
|
|
$me_code = base_convert($me_code, 10, 36);
|
2022-09-17 20:50:50 +09:00
|
|
|
|
2024-09-19 20:57:39 +09:00
|
|
|
$group_code = $code;
|
|
|
|
|
$primary_code = $me_code;
|
|
|
|
|
}
|
2022-09-17 20:50:50 +09:00
|
|
|
|
2024-09-19 20:57:39 +09:00
|
|
|
// 메뉴 등록
|
2024-09-19 21:06:35 +09:00
|
|
|
$sql = "INSERT INTO {$g5['menu_table']}
|
|
|
|
|
SET me_code = '{$me_code}',
|
|
|
|
|
me_icon = '{$_POST['me_icon'][$i]}',
|
|
|
|
|
me_name = '{$me_name}',
|
|
|
|
|
me_link = '{$me_link}',
|
2024-09-22 11:15:16 +09:00
|
|
|
me_target = '" . sql_real_escape_string(strip_tags($_POST['me_target'][$i])) . "',
|
|
|
|
|
me_order = '" . sql_real_escape_string(strip_tags($_POST['me_order'][$i])) . "',
|
|
|
|
|
me_use = '" . sql_real_escape_string(strip_tags($_POST['me_use'][$i])) . "',
|
2024-09-19 21:06:35 +09:00
|
|
|
me_depth = '{$me_depth}',
|
|
|
|
|
me_parent = '{$me_parent}'";
|
2024-10-05 13:23:37 +09:00
|
|
|
|
2024-09-19 20:57:39 +09:00
|
|
|
sql_query($sql);
|
2022-09-17 20:50:50 +09:00
|
|
|
}
|
|
|
|
|
|
2024-09-28 13:03:15 +09:00
|
|
|
EventHandler::triggerEvent("gnuboard.admin.menu_list_update");
|
|
|
|
|
|
2022-09-17 20:50:50 +09:00
|
|
|
goto_url('./menu_list.php');
|
