/home/mjc1/public_html/otms_old/_common.php

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116

<?php
header("Progma:no-cache");
header("Cache: no-cache");
header("Cache-Control:no-cache,must-revalidate");
header("Expires:Mon, 26 Jul 1997 05:00:00 GMT"); 

//session_save_path($_SERVER['DOCUMENT_ROOT']."/emillennium/session");
session_cache_limiter("no-cache, must-revalidate");

ini_set("session.cache_expire"1440); // 세션 캐쉬 보관시간 (분)
ini_set("session.gc_maxlifetime"108000); // session data의 garbage collection 존재 기간을 지정 (초)
ini_set("session.gc_probability"1); // session.gc_probability는 session.gc_divisor와 연계하여 gc(쓰레기 수거) 루틴의 시작 확률을 관리합니다. 기본값은 1입니다. 자세한 내용은 session.gc_divisor를 참고하십시오.
ini_set("session.gc_divisor"100); // session.gc_divisor는 session.gc_probability와 결합하여 각 세션 초기화 시에 gc(쓰레기 수거) 프로세스를 시작할 확률을 정의합니다. 확률은 gc_probability/gc_divisor를 사용하여 계산합니다. 즉, 1/100은 각 요청시에 GC 프로세스를 시작할 확률이 1%입니다. session.gc_divisor의 기본값은 100입니다.

@session_start();

define('G5_ESCAPE_FUNCTION''sql_escape_string');
define('G5_BBS_PATH'$_SERVER["DOCUMENT_ROOT"]."/emillennium");
header('Content-Type: text/html; charset=utf-8');


// multi-dimensional array에 사용자지정 함수적용
function array_map_deep($fn$array)
{
    if(is_array($array)) {
        foreach($array as $key => $value) {
            if(is_array($value)) {
                $array[$key] = array_map_deep($fn$value);
            } else {
                $array[$key] = call_user_func($fn$value);
            }
        }
    } else {
        $array call_user_func($fn$array);
    }

    return $array;
}


// SQL Injection 대응 문자열 필터링
function sql_escape_string($str)
{
    if(defined('G5_ESCAPE_PATTERN') && defined('G5_ESCAPE_REPLACE')) {
        $pattern G5_ESCAPE_PATTERN;
        $replace G5_ESCAPE_REPLACE;

        if($pattern)
            $str preg_replace($pattern$replace$str);
    }

    $str call_user_func('addslashes'$str);

    return $str;
}

$ext_arr = array ('PHP_SELF''_ENV''_GET''_POST''_FILES''_SERVER''_COOKIE''_SESSION''_REQUEST',
                  'HTTP_ENV_VARS''HTTP_GET_VARS''HTTP_POST_VARS''HTTP_POST_FILES''HTTP_SERVER_VARS',
                  'HTTP_COOKIE_VARS''HTTP_SESSION_VARS''GLOBALS');
$ext_cnt count($ext_arr);
for ($i=0$i<$ext_cnt$i++) {
    // POST, GET 으로 선언된 전역변수가 있다면 unset() 시킴
    if (isset($_GET[$ext_arr[$i]]))  unset($_GET[$ext_arr[$i]]);
    if (isset($_POST[$ext_arr[$i]])) unset($_POST[$ext_arr[$i]]);
}

//==============================================================================
// SQL Injection 등으로 부터 보호를 위해 sql_escape_string() 적용
//------------------------------------------------------------------------------
// magic_quotes_gpc 에 의한 backslashes 제거
if (get_magic_quotes_gpc()) {
    $_POST    array_map_deep('stripslashes',  $_POST);
    $_GET     array_map_deep('stripslashes',  $_GET);
    $_COOKIE  array_map_deep('stripslashes',  $_COOKIE);
    $_REQUEST array_map_deep('stripslashes',  $_REQUEST);
}

// sql_escape_string 적용
$_POST    array_map_deep(G5_ESCAPE_FUNCTION,  $_POST);
$_GET     array_map_deep(G5_ESCAPE_FUNCTION,  $_GET);
$_COOKIE  array_map_deep(G5_ESCAPE_FUNCTION,  $_COOKIE);
$_REQUEST array_map_deep(G5_ESCAPE_FUNCTION,  $_REQUEST);
//==============================================================================

@extract($_GET);
@extract($_POST);
@extract($_SERVER);
@extract($_SESSION);
$eid $_SESSION['eid']; // 아이디 세션값을 임의변수로 못가져오게 처리
if($_SERVER['SCRIPT_NAME']=='/emillennium/statement_print.php'){ // 프린트 PDF변환시엔 파라메터값으로 아이디값으로 정하도록 처리
    if($_GET['userid']!=''){
        $eid $_GET['userid'];
    }
}

include_once('./common.php');

//include_once('../html/poorman_utf8.php');
//include_once("../manage/category/common.php");

// 이수발주 테스트 계정
$eadminid "mjtest";
$suid "MJTEST";
$ehpw "mj15668680";//1108
$epw "mj15668680";
$said '12';

$_COOKIE['onlinecs_uid'] = rawurldecode($_COOKIE['onlinecs_uid']); // 한글깨짐 문제

// 저장된 쿠키 처리 작업 내용
if($_COOKIE['onlinecs_cid']!='' || $_COOKIE['onlinecs_uid']!='' || $_COOKIE['contract_id']!=''){    $eadminid "";    $suid "";    $epw ""$said '';    }
if($_COOKIE['onlinecs_cid']!=''){    $eadminid $_COOKIE['onlinecs_cid'];}
if($_COOKIE['onlinecs_uid']!=''){    $suid $_COOKIE['onlinecs_uid'];}
if($_COOKIE['contract_id']!=''){    $epw $_COOKIE['contract_id'];}
if($_COOKIE['sa_type_id']!=''){    $said$_COOKIE['sa_type_id'];}
?>