|
Server : Apache System : Linux ruga7-004.fmcity.com 3.10.0-1160.119.1.el7.x86_64 #1 SMP Tue Jun 4 14:43:51 UTC 2024 x86_64 User : tkt_travelbus ( 1137) PHP Version : 7.0.0p1 Disable Function : mysql_pconnect Directory : /tkt_travelbus/www/admin/intra/ |
Upload File : |
<?
include "../include/top_proc.html"; //공통파일 인클루드
include "_common.php";
//테이블
if(!$BD_CD) exit;
$table = $BD_CD;
if(!$param){
$href = "BD_CD=$BD_CD";
$href.= "&mode=$mode";
$href.= "&select_key=$select_key";
$href.= "&input_key=$input_key";
$param = $href."&page=$page";
}
if($SqlType=='insert' || $SqlType=='edit'){
$BOARD_INFO = board_info_list('',$BD_CD);
$BOARD_INFO = $BOARD_INFO[0];
//받기
$MTITLE = insert_smart($_REQUEST[MTITLE],"text");
$MEM_NM = $_REQUEST[MEM_NM];
$MEM_EMAIL = $_REQUEST[MEM_EMAIL];
$MEM_WWW = $_REQUEST[MEM_WWW];
$MEM_PWD = $_REQUEST[MEM_PWD];
$OrderNum = $_REQUEST[OrderNum];
if(!$MTITLE){
error_msg('제목을 입력해 주세요.');
}
// 내용 설정
if($BOARD_INFO['BD_WE'] == "Y"){ // 에디터
$MCONT = insert_smart($_REQUEST[MCONT],"editor");
}else{
$MCONT = insert_smart($_REQUEST[MCONT],"text");
}
// 비밀글 설정
$SECRET = $_REQUEST[SECRET];
if($SECRET!="Y"){
$SECRET = "N";
$MEM_PWD = "";
}else{
$MEM_PWD = $MemberID;
}
// 고정공지 설정
if ($FIXED_YN != "Y") $FIXED_YN = "N";
// 첨부 파일 경로 설정
$upload_board = "../../FileData/board/";
if (!is_dir($upload_board)) {
@mkdir($upload_board, 0777);
@chmod($upload_board, 0777);
}
$upload = $upload_board . "$BD_CD/";
if (!is_dir($upload)) {
@mkdir($upload, 0777);
@chmod($upload, 0777);
}
// 허용/제한 확장자 설정
$only_file = array("jpg", "JPG", "gif", "GIF", "png", "PNG");
$deny_file = array("phtm", "htm", "html", "shtm", "ztx", "php", "dot", "asp", "cgi", "pl", "com", "bat", "exe");
// 첨부파일 업로드 처리
if($BOARD_INFO['BD_FL'] > 0){
for($f=1; $f<=$BOARD_INFO['BD_FL']; $f++) {
$T_UserFile_name = $_FILES["T_UserFile".$f][name];
if ($T_UserFile_name) {
$ext = strtolower(substr(strrchr($T_UserFile_name, '.'), 1));
if ($BOARD_INFO['BD_SORT']=="BDTPM03") { // [MD03]갤러리형 게시판
if (!in_array($ext, $only_file)) {
error_msg('이미지 파일만 올려주세요');
}
}
else {
if (in_array($ext, $deny_file)) {
error_msg('잘못된 파일입니다');
}
}
${"sFile".$f} = FileUploadName("", $upload, $_FILES{"T_UserFile".$f}['tmp_name'], $T_UserFile_name, "", "");
}
}
}
if(!$OrderNum) $OrderNum = '999';
if($SqlType=="insert"){
$fSQL="SELECT MAX(MREF)+1 FROM ".$BD_CD." ";
$fRest = db_query($fSQL);
if($fRs = db_fetch_array($fRest)){
$MREF = $fRs[0];
}
if(!$MREF){
$MREF = 1 ;
}
$SQL ="INSERT INTO ".$BD_CD." SET \n";
$SQL.=" MTITLE ='".$MTITLE."' \n";
$SQL.=" ,MCONT ='".$MCONT."' \n";
$SQL.=" ,MEM_NM ='".$MEM_NM."' \n";
$SQL.=" ,MEM_ID ='".$MemberID."' \n";
$SQL.=" ,MEM_EMAIL ='".$MEM_EMAIL."' \n";
$SQL.=" ,MEM_WWW ='".$MEM_WWW."' \n";
$SQL.=" ,MEM_PWD ='".$MEM_PWD."' \n";
$SQL.=" ,MREF ='".$MREF."' \n";
if($BOARD_INFO[BD_FL]>0){
for($f=1;$f<=$BOARD_INFO[BD_FL];$f++){
if(${"sFile".$f}){
$SQL.=" ,MFILE".$f." = '".${"sFile".$f}."' \n";
}
}
}
$SQL.=" ,FIXED_YN = '".$FIXED_YN."' \n";
$SQL.=" ,SECRET = '".$SECRET."' \n";
$SQL.=" ,MSORT_01 = '".$MSORT_01."' \n";
$SQL.=" ,MSORT_02 = '".$MSORT_02."' \n";
$SQL.=" ,MSORT_03 = '".$MSORT_03."' \n";
$SQL.=" ,INSDT = now() \n";
$SQL.=" ,INSIP ='".$_SERVER['REMOTE_ADDR']."' \n";
$SQL.=" ,OrderNum = '".$OrderNum."' \n";
$Result = db_query($SQL);
error_msg('no_alert','index.html?'.$param);
}else if($SqlType=='edit'){// 수정 처리
if(!$MSEQ) error_msg('잘못된 방법입니다.');
$SQL ="UPDATE ".$BD_CD." SET \n";
$SQL.=" MTITLE = '".$MTITLE."' \n";
$SQL.=" ,MCONT = '".$MCONT."' \n";
$SQL.=" ,MEM_NM = '".$MEM_NM."' \n";
$SQL.=" ,MEM_EMAIL = '".$MEM_EMAIL."' \n";
if($MEM_ID){
$SQL.=" ,MEM_ID = '".$MEM_ID."' \n";
}
if($BOARD_INFO['BD_FL']>0){
for($f=1;$f<=$BOARD_INFO['BD_FL'];$f++){
if(${"sFile".$f}){
$SQL.=" ,MFILE".$f." = '".${"sFile".$f}."' \n";
}
}
}
$SQL.=" ,FIXED_YN = '".$FIXED_YN."' \n";
$SQL.=" ,SECRET = '".$SECRET."' \n";
$SQL.=" ,MSORT_01 = '".$MSORT_01."' \n";
$SQL.=" ,MSORT_02 = '".$MSORT_02."' \n";
$SQL.=" ,MSORT_03 = '".$MSORT_03."' \n";
$SQL.=" ,MEM_PWD = '".$MEM_PWD."' \n";
$SQL.=" ,OrderNum = '".$OrderNum."' \n";
$SQL.="WHERE MSEQ = '".$MSEQ."' \n";
$Result = db_query($SQL);
error_msg('no_alert','index.html?'.$param);
}
}else if($SqlType=='delete'){
if(!$MSEQ) error_msg('잘못된 방법입니다.');
// 선택한 게시물 삭제
if (sizeof($MSEQ) > 0) {
for ($i=0; $i<sizeof($MSEQ); $i++) {
if ($MSEQ[$i]) {
// 삭제할 게시물을 가져옴 (20090820 )
$query = "select * from ".$BD_CD." where MSEQ='".$MSEQ[$i]."'" ;
$result = db_query($query);
$row = db_fetch_array($result);
// 등록된 파일 삭제 (20090820 )
for ($f=1; $f<=10; $f++) {
if ($row["MFILE".$f]) {
$upload = "../../FileData/board/$BD_CD/"; // 파일 업로드 경로
// 삭제할 파일의 인코딩을 euc-kr 로 변환 (20090820 )
$desc = $upload . $row["MFILE".$f];
if (file_exists($desc)) {
@unlink($desc);
}
}
}
// 해당 게시물 댓글 삭제 (20090820 )
$dbdel2 = "delete from ".$BD_CD."_COMT where MSEQ='".$MSEQ[$i]."'" ;
$res2 = db_query($dbdel2);
// 해당 게시물 삭제 (20090820 )
$dbdel = "delete from ".$BD_CD." where MSEQ='".$MSEQ[$i]."'" ;
$res = db_query($dbdel);
}
}
}
//error_msg('index.html?'.$param,'end');
error_msg('no_alert','index.html?'.$param);
//error_msg("alert('aaaaaaaaa');document.location.reload();","script");
exit;
}else if($SqlType=='comment_add'){
$MSEQ = $_REQUEST[MSEQ];
$CCONT = insert_smart($CCONT,'text');
$INSIP = $_SERVER["REMOTE_ADDR"];
if(!$MSEQ) error_msg('잘못된 방법입니다.');
if($MemberID){
$CMEM_NM=$MemberName;
}
$query = "insert into ".$BD_CD."_COMT ( CSEQ, MSEQ, CCONT, CMEM_ID, CMEM_NM, INSDT,INSIP,CMEM_PWD ) values ( '', '$MSEQ','$CCONT', '$MemberID', '$CMEM_NM', now(), '$INSIP' ,'$CMEM_PWD')";
$result = db_query( $query );
if($beforeURL=='ComList.php'){
error_msg("to_dialog.ajax('ComList.php?BD_CD=".$BD_CD."&MSEQ=".$MSEQ."','코멘트', 800, 600, false, false);to_dialog.close('".$tmp_layer_id."');","script");
}else{
if( $result ){
error_msg('no_alert',$type.".html?MSEQ=".$MSEQ."&".$param);
}else{
error_msg('코멘트를 입력하는데 실패했습니다!');
}
}
exit;
}else if($SqlType=='comment_del'){
if(!$CSEQ) error_msg('잘못된 방법입니다.');
$query = "delete from ".$BD_CD."_COMT where CSEQ='".$CSEQ."' ";
$result = db_query( $query, $connect );
if($beforeURL=='ComList.php'){
error_msg("to_dialog.ajax('ComList.php?BD_CD=".$BD_CD."&MSEQ=".$MSEQ."','코멘트', 800, 600, false, false);to_dialog.close('".$tmp_layer_id."');","script");
}else{
if( $result ){
error_msg('no_alert',$type.".html?MSEQ=".$MSEQ."&BD_CD=".$BD_CD);
}else{
error_msg('코멘트를 삭제하는데 실패했습니다!');
}
}
exit;
}