MINI MINI MANI MO
<?
// °øÅë ÇÔ¼ö
require "../config/config.php";
require "$setup/dbconn.php";
require "$setup/lib.php";
$purl=explode("/" , $_SERVER['HTTP_REFERER']);
if($purl[3]!="board"){
movepage("/index.php","À߸øµÈ Á¢±ÙÀÔ´Ï´Ù.");
exit;
}
function movepage($url,$memo="",$nam="") {
global $connect;
$memo=eregi_replace("<br>","\\n",$memo);
if ($url=="goback") {
echo "<script language='javascript'>";
if ($memo) echo "alert('$memo');";
echo "history.back();</script>";
} elseif ($url=="close") {
echo "<script language='javascript'>";
if ($memo) echo "alert('$memo');";
echo "window.close();</script>";
} elseif ($url=="goback2") {
echo "<script language='javascript'>";
if ($memo) echo "alert('$memo');";
echo "history.go(-2);</script>";
} elseif ($url=="alert") {
} elseif ($memo!="") echo "<script language='javascript'> alert('$memo'); </script>";
if($connect) @mysql_close($connect);
if ($nam=="top") echo "<script language='javascript'> top.location.href='$url';</script>";
elseif ($url&&$url!="goback"&&$url!="goback2") echo"<meta http-equiv=\"refresh\" content=\"0; url=$url\">";
if ($nam=="close") echo "<script language='javascript'> window.close();</script>";
exit;
}
//if(!eregi($HTTP_HOST,$HTTP_REFERER)) Error("À߸øµÈ Á¢±ÙÀÔ´Ï´Ù.");
if (!$connect) $connect=dbconn();
if($_SESSION["login_id"]){
$userno=$_SESSION["login_id"];
} else {
$userno="GUEST";
}
if ($no) {
# µðºñÀоî¿À±â
$result=mysql_query("select * from $id where no=$no") or die(mysql_error());
$bu=mysql_fetch_array($result) or die(mysql_error());
# º»ÀÎ±Û Ã¼Å©
/*if ((($member[user_level]< $board[super_comp_level] )) || $u_admin){
} elseif ($bu[pwd]!=$pwd){
err_msg("¾ÏÈ£°¡ ÀÏÄ¡ÇÏÁö ¾Ê½À´Ï´Ù.");
}
*/
$file_data=$bu[files];
$tmp_file_num=explode(",",$file_data);
$file_org_data=$bu[nfiles];
$tmp_org_num=explode(",",$file_org_data);
$k=0;
for($i=0;$i<sizeof($tmp_file_num);$i++){
if($tmp_file_num[$i] && !$chk_del[$i]){
$chk_first=1;
if($k==0){
$k=1;
$file_name.=$tmp_file_num[$i];
$file_org_name.=$tmp_org_num[$i];
}else{
$file_name.=",".$tmp_file_num[$i];
$file_org_name.=",".$tmp_org_num[$i];
}
}
}
}
if($mode=="write" && $sub_mode=="write"){//±Ûµî·Ï
if(!$_POST["id"]){
echo "Á¤»óÁ¤ÀÎ ÀÔ·ÂÀ̾ƴÔ";
exit;
} else {
$id=$_POST["id"];
$name=$_POST["name"];
$email=$_POST["email"];
$subject=$_POST["subject"];
$memo=$_POST["memo"];
$pwd=$_POST["pwd"];
for ($i=0;$i<sizeof($upfile);$i++) {
if($upfile[$i]) {
$file1 = $_FILES[upfile][tmp_name][$i];
$file1_name = $_FILES[upfile][name][$i];
$file1_size = $_FILES[upfile][size][$i];
$file1_type = $_FILES[upfile][type][$i];
if($file1_size>$file1) {
if(!is_uploaded_file($file1)) movepage("goback","Á¤»óÀûÀÎ ¹æ¹ýÀ¸·Î ¾÷·Îµå ÇØÁÖ¼¼¿ä");
if($file1_size>0) {
$s_file_name1=$file1_name;
$file1=eregi_replace("\\\\","\\",$file1);
$s_file_name1=str_replace(" ","_",$s_file_name1);
$s_file_name1=str_replace("-","_",$s_file_name1);
$full_filename = explode(".", $s_file_name1);
$extension = $full_filename[sizeof($full_filename)-1];
$extension = strtolower($extension);
$copyname = $copyday . $i . "." . $extension;
// Áߺ¹ÆÄÀÏÀÌ ÀÖÀ»¶§;;
$k=1;
while (file_exists($_SERVER[DOCUMENT_ROOT]."/board/data/".$id."/".$copyname)) {
$copyname=$copyday."_".$k.".".$extension;
$k++;
}
if(!move_uploaded_file($file1,$_SERVER[DOCUMENT_ROOT]."/board/data/".$id."/".$copyname)) movepage("goback","ÆÄÀϾ÷·Îµå°¡ Á¦´ë·Î µÇÁö ¾Ê¾Ò½À´Ï´Ù..");
if ($chk_first!=0) {$file_name.=",";$file_org_name.=",";}
$chk_first=1;
$file_name.=$copyname;
$file_org_name.=$file1_name;
} else {
movepage("goback","ÆÄÀϾ÷·Îµå°¡ Á¦´ë·Î µÇÁö ¾Ê¾Ò½À´Ï´Ù....");
}
} else {
movepage("goback","ÆÄÀϾ÷·Îµå°¡ Á¦´ë·Î µÇÁö ¾Ê¾Ò½À´Ï´Ù.");
}
} else {
// if ($chk_first!=0) { $file_name.=","; $file_org_name.=",";}
// $chk_first=1;
}
}
/*
$d_level=$data["level"]; // 0 - ¿ø±Û / 1 - ´ä±Û
$d_ridx=$data["ridx"]; // 0 - ¿ø±Û / 1 - ´ä±Û
$d_userno=$data["userno"]; // 0 - ? / 2 - ?
$d_files=$data["files"];
$d_files2=$data["files2"];
*/
$max_sql="select max(list) as mlist from $id";
$max_res=@mysql_fetch_row(mysql_query($max_sql));
$mlist=$max_res[0]+1;
$subject=strip_tags($subject);
$add[]="name='$name'";
$add[]="email='$email'";
$add[]="subject='$subject'";
$add[]="memo='$memo'";
if($_POST["pwd"]){
$add[]="pwd='$pwd'";
}
$add[]="date='".time()."'";
$add[]="security='$security'";
$add[]="notice='$notice'";
$add[]="midx='$cookie_user_no'";
$add[]="ridx='0'";
$add[]="level='0'";
$add[]="bdiv='$site_code'";
$add[]="ref='0'"; //Á¶È¸
$add[]="files='$file_name'"; //Á¶È¸
$add[]="nfiles='$file_org_name'"; //Á¶È¸
$add[]="list='".$mlist."'"; //ÀμƮ ¿Ï·áÈÄ no°ªÀ» ´Ù½Ã ¾÷µ¥ÀÌÆ® Çϱâ·ÎÇÔ
$add[]="ip='".$_SERVER[REMOTE_ADDR]."'";
for($i=0;$i<sizeof($add);$i++){
if($i) $insert_list.=",$add[$i]";
else $insert_list=$add[$i];
}
$sql="insert into $id set $insert_list";
mysql_query($sql) or die(mysql_error());
movepage("board.php?id=".$id,"µî·ÏÀÌ ¿Ï·áµÇ¾ú½À´Ï´Ù.");
}
} else if($sub_mode=="edit" && $_POST[no]){
for ($i=0;$i<sizeof($upfile);$i++) {
if($upfile[$i]) {
$file1 = $_FILES[upfile][tmp_name][$i];
$file1_name = $_FILES[upfile][name][$i];
$file1_size = $_FILES[upfile][size][$i];
$file1_type = $_FILES[upfile][type][$i];
if($file1_size>$file1) {
if(!is_uploaded_file($file1)) movepage("goback","Á¤»óÀûÀÎ ¹æ¹ýÀ¸·Î ¾÷·Îµå ÇØÁÖ¼¼¿ä");
if($file1_size>0) {
$s_file_name1=$file1_name;
$file1=eregi_replace("\\\\","\\",$file1);
$s_file_name1=str_replace(" ","_",$s_file_name1);
$s_file_name1=str_replace("-","_",$s_file_name1);
$full_filename = explode(".", $s_file_name1);
$extension = $full_filename[sizeof($full_filename)-1];
$extension = strtolower($extension);
$copyname = $copyday . $i . "." . $extension;
// Áߺ¹ÆÄÀÏÀÌ ÀÖÀ»¶§;;
$k=1;
while (file_exists($_SERVER[DOCUMENT_ROOT]."/board/data/".$id."/".$copyname)) {
$copyname=$copyday."_".$k.".".$extension;
$k++;
}
if(!move_uploaded_file($file1,$_SERVER[DOCUMENT_ROOT]."/board/data/".$id."/".$copyname)) movepage("goback","ÆÄÀϾ÷·Îµå°¡ Á¦´ë·Î µÇÁö ¾Ê¾Ò½À´Ï´Ù..");
if ($chk_first!=0) {$file_name.=",";$file_org_name.=",";}
$chk_first=1;
$file_name.=$copyname;
$file_org_name.=$file1_name;
} else {
movepage("goback","ÆÄÀϾ÷·Îµå°¡ Á¦´ë·Î µÇÁö ¾Ê¾Ò½À´Ï´Ù....");
}
} else {
movepage("goback","ÆÄÀϾ÷·Îµå°¡ Á¦´ë·Î µÇÁö ¾Ê¾Ò½À´Ï´Ù.");
}
} else {
// if ($chk_first!=0) { $file_name.=","; $file_org_name.=",";}
// $chk_first=1;
}
}
$chk=@mysql_fetch_array(mysql_query("select * from $id where no='".$_POST["no"]."'"));
$add[]="name='$name'";
$add[]="email='$email'";
$add[]="subject='$subject'";
$add[]="memo='$memo'";
if($_POST["pwd"]){
$add[]="pwd='$pwd'";
}
$add[]="security='$security'";
$add[]="notice='$notice'";
$add[]="ip='".$_SERVER[REMOTE_ADDR]."'";
$add[]="files='$file_name'"; //Á¶È¸
$add[]="nfiles='$file_org_name'"; //Á¶È¸
for ($i=0;$i<sizeof($add);$i++){
if ($i) $update_list.=",$add[$i]";
else $update_list=$add[$i];
}
$sql="update $id set $update_list where no='$no'";
mysql_query($sql) or die(mysql_error());
movepage("board.php?id=".$id,"¼öÁ¤ÀÌ ¿Ï·áµÇ¾ú½À´Ï´Ù.");
if($chk["no"]){
} else {
movepage($id.".php?id=".$id."&page=".$page,"¼öÁ¤ÇÒ ±ÛÀÌ Á¸ÀçÇÏÁö ¾È½À´Ï´Ù.");
}
} else if($sub_mode=="answer" && $_POST[no]){
//´ä±Û
$no=$_POST[no];
$chk=@mysql_fetch_array(mysql_query("select * from $id where no='".$_POST["no"]."'"));
$add[]="name='$name'";
$add[]="email='$email'";
$add[]="subject='$subject'";
$add[]="memo='$memo'";
if($_POST["pwd"]){
$add[]="pwd='$pwd'";
}
$add[]="date='".time()."'";
$add[]="security='$security'";
$add[]="notice='$notice'";
$add[]="midx='$cookie_user_no'";
$add[]="ridx='1'";
$add[]="level='1'";
$add[]="ref='0'"; //Á¶È¸
$add[]="list='".$chk["list"]."'"; //ÀμƮ ¿Ï·áÈÄ no°ªÀ» ´Ù½Ã ¾÷µ¥ÀÌÆ® Çϱâ·ÎÇÔ
$add[]="ip='".$_SERVER[REMOTE_ADDR]."'";
for($i=0;$i<sizeof($add);$i++){
if($i) $insert_list.=",$add[$i]";
else $insert_list=$add[$i];
}
$sql="insert into $id set $insert_list";
mysql_query($sql) or die(mysql_error());
movepage("board.php?id=".$id,"´ä±Û µî·ÏÀÌ ¿Ï·áµÇ¾ú½À´Ï´Ù.");
}
?>
OHA YOOOO