From 50fdf5f5dc9e8437f71df4cd8a1dd87106b3e4f5 Mon Sep 17 00:00:00 2001
From: Arcturus <github@drk.st>
Date: Sat, 5 Oct 2024 05:53:00 +0900
Subject: [PATCH] patch:
 https://github.com/gnuboard/gnuboard5/commit/ed6b7f332625ae53db07600b0e9a7da4f8ee7461

---
 AvocadoEdition_Light/bbs/ajax.autosave.php    |  6 +-
 AvocadoEdition_Light/bbs/memo_form_update.php | 56 +++++++++++++------
 2 files changed, 41 insertions(+), 21 deletions(-)

diff --git a/AvocadoEdition_Light/bbs/ajax.autosave.php b/AvocadoEdition_Light/bbs/ajax.autosave.php
index 8292e75..5f97c86 100644
--- a/AvocadoEdition_Light/bbs/ajax.autosave.php
+++ b/AvocadoEdition_Light/bbs/ajax.autosave.php
@@ -4,9 +4,9 @@ include_once "./_common.php";
 if (!$is_member)
   die('0');
 
-$uid = trim($_REQUEST['uid']);
-$subject = trim($_REQUEST['subject']);
-$content = trim($_REQUEST['content']);
+$uid     = isset($_REQUEST['uid']) ? preg_replace('/[^0-9]/', '', $_REQUEST['uid']) : 0;
+$subject = isset($_REQUEST['subject']) ? preg_replace("#[\\\]+$#", "", substr(trim($_POST['subject']),0,255)) : '';
+$content = isset($_REQUEST['content']) ? preg_replace("#[\\\]+$#", "", substr(trim($_POST['content']),0,65536)) : '';
 
 if ($subject && $content) {
   $sql = " select count(*) as cnt from {$g5['autosave_table']} where mb_id = '{$member['mb_id']}' and as_subject = '$subject' and as_content = '$content' ";
diff --git a/AvocadoEdition_Light/bbs/memo_form_update.php b/AvocadoEdition_Light/bbs/memo_form_update.php
index bdfe556..c63934a 100644
--- a/AvocadoEdition_Light/bbs/memo_form_update.php
+++ b/AvocadoEdition_Light/bbs/memo_form_update.php
@@ -13,27 +13,23 @@ $recv_list = explode(',', trim($_POST['me_recv_mb_id']));
 $str_nick_list = '';
 $msg = '';
 $error_list = [];
-$member_list = [];
+$member_list = [
+  'id' => [],
+  'nick' => []
+];
+$me_memo = isset($_POST['me_memo']) ? preg_replace("#[\\\]+$#", "", substr(trim($_POST['me_memo']), 0, 65536)) : '';
+
 for ($i = 0; $i < count($recv_list); $i++) {
-  $row = sql_fetch(" select mb_id, mb_nick, mb_open, mb_leave_date, mb_intercept_date from {$g5['member_table']} where mb_id = '{$recv_list[$i]}' ");
+  $recv_list_id = substr(preg_replace("/[^a-zA-Z0-9_]*/", "", $recv_list[$i]), 0, 20);
+  $row = sql_fetch(" select mb_id, mb_nick, mb_open, mb_leave_date, mb_intercept_date from {$g5['member_table']} where mb_id = '{$recv_list_id}' ");
   if ($row) {
     if ($is_admin || ($row['mb_open'] && (!$row['mb_leave_date'] || !$row['mb_intercept_date']))) {
       $member_list['id'][] = $row['mb_id'];
       $member_list['nick'][] = $row['mb_nick'];
     } else {
-      $error_list[] = $recv_list[$i];
+      $error_list[] = $recv_list_id;
     }
   }
-  /*
-  // 관리자가 아니면서
-  // 가입된 회원이 아니거나 정보공개를 하지 않았거나 탈퇴한 회원이거나 차단된 회원에게 쪽지를 보내는것은 에러
-  if ((!$row['mb_id'] || !$row['mb_open'] || $row['mb_leave_date'] || $row['mb_intercept_date']) && !$is_admin) {
-      $error_list[]   = $recv_list[$i];
-  } else {
-      $member_list['id'][]   = $row['mb_id'];
-      $member_list['nick'][] = $row['mb_nick'];
-  }
-  */
 }
 
 $error_msg = implode(",", $error_list);
@@ -41,6 +37,10 @@ $error_msg = implode(",", $error_list);
 if ($error_msg && !$is_admin)
   alert("회원아이디 '{$error_msg}' 은(는) 존재(또는 정보공개)하지 않는 회원아이디 이거나 탈퇴, 접근차단된 회원아이디 입니다.\\n쪽지를 발송하지 않았습니다.");
 
+if (!count($member_list['id'])) {
+  alert('해당 회원이 존재하지 않습니다.');
+}
+
 if (!$is_admin) {
   if (count($member_list['id'])) {
     $point = (int) $config['cf_memo_send_point'] * count($member_list['id']);
@@ -59,12 +59,22 @@ for ($i = 0; $i < count($member_list['id']); $i++) {
   $recv_mb_id = $member_list['id'][$i];
   $recv_mb_nick = get_text($member_list['nick'][$i]);
 
-  // 쪽지 INSERT
-  $sql = " insert into {$g5['memo_table']} ( me_id, me_recv_mb_id, me_send_mb_id, me_send_datetime, me_memo ) values ( '$me_id', '$recv_mb_id', '{$member['mb_id']}', '" . G5_TIME_YMDHIS . "', '{$_POST['me_memo']}' ) ";
+  // 받는 회원 쪽지 INSERT
+  $sql = " insert into {$g5['memo_table']} ( me_recv_mb_id, me_send_mb_id, me_send_datetime, me_memo, me_read_datetime, me_type, me_send_ip ) values ( '$recv_mb_id', '{$member['mb_id']}', '" . G5_TIME_YMDHIS . "', '{$me_memo}', '0000-00-00 00:00:00' , 'recv', '{$_SERVER['REMOTE_ADDR']}' ) ";
+
   sql_query($sql);
 
+  if ($me_id = sql_insert_id()) {
+
+    // 보내는 회원 쪽지 INSERT
+    $sql = " insert into {$g5['memo_table']} ( me_recv_mb_id, me_send_mb_id, me_send_datetime, me_memo, me_read_datetime, me_send_id, me_type , me_send_ip ) values ( '$recv_mb_id', '{$member['mb_id']}', '" . G5_TIME_YMDHIS . "', '{$me_memo}', '0000-00-00 00:00:00', '$me_id', 'send', '{$_SERVER['REMOTE_ADDR']}' ) ";
+    sql_query($sql);
+
+    $member_list['me_id'][$i] = $me_id;
+  }
+
   // 실시간 쪽지 알림 기능
-  $sql = " update {$g5['member_table']} set mb_memo_call = '{$member['mb_id']}' where mb_id = '$recv_mb_id' ";
+  $sql = " update {$g5['member_table']} set mb_memo_call = '{$member['mb_id']}', mb_memo_cnt = '" . get_memo_not_read($recv_mb_id) . "' where mb_id = '$recv_mb_id' ";
   sql_query($sql);
 
   if (!$is_admin) {
@@ -73,8 +83,18 @@ for ($i = 0; $i < count($member_list['id']); $i++) {
 }
 
 if ($member_list) {
+
+  $redirect_url = G5_HTTP_BBS_URL . "/memo.php?kind=send";
   $str_nick_list = implode(',', $member_list['nick']);
-  alert($str_nick_list . " 님께 쪽지를 전달하였습니다.", G5_HTTP_BBS_URL . "/memo.php?kind=send", false);
+
+  run_event('memo_form_update_after', $member_list, $str_nick_list, $redirect_url, $_POST['me_memo']);
+
+  alert($str_nick_list . " 님께 쪽지를 전달하였습니다.", $redirect_url, false);
 } else {
-  alert("회원아이디 오류 같습니다.", G5_HTTP_BBS_URL . "/memo_form.php", false);
+
+  $redirect_url = G5_HTTP_BBS_URL . "/memo_form.php";
+
+  run_event('memo_form_update_failed', $member_list, $redirect_url, $_POST['me_memo']);
+
+  alert("회원아이디 오류 같습니다.", $redirect_url, false);
 }