session_start();
include "../util/user_function.inc";
include "conn.inc";
$query = "SELECT user_id FROM $boardid WHERE uid=$uid";
$result= mysql_query($query,$connect);
if (!$result) {
back('¿¡·¯1');
}
$row=mysql_result($result,0,0);
if(!$s_id){
back('¼Ò±¸¸® ȸ¿ø¸¸ ±ÛÀ» ¾²½Ç¼ö ÀÖÀ¾´Ï´Ù.');
}
if($row != $s_id && $s_id != 'woongs18' && $s_id != 'soguri') {
back('±Û¾´À̸¸ ±ÛÀ» °íÄ¥¼ö ÀÖÀ¾´Ï´Ù');
}
if($mode) { //ÆûÀ¸·Î ÀüÇØÁø µ¥ÀÌŸ¸¦ ¹Þ¾ÒÀ»¶§¤Ó.
if (!$boardid || !$where) {
back('°Ô½ÃÆÇÀÇ ÄÚµå¿Í À§Ä¡°¡ ÇÊ¿äÇÕ´Ï´Ù.');
}
if (!$subject || !$comment) {
back('°Ô½ÃÆÇÀÇ Á¦¸ñ°ú ³»¿ëÀÌ ÇÊ¿äÇÕ´Ï´Ù.');
}
if(isset($photo) && !empty($photo_name)) { //»çÁøÀ» ¿Ã·ÈÀ¸¸é
if ($photo_size>300000) {
back("»çÁøÅ©±â´Â300,000 ¹ÙÀÌÆ®¸¦ ³ÑÀ»¼ö ¾øÀ¾´Ï´Ù.");
}
// echo "$photo_size";
$file_tail=substr(strrchr($photo_name,"."),1); //ÆÄÀÏ È®ÀåÀÚ ±¸Çϱâ.
$file_tail=strtoupper($file_tail);
if($file_tail != 'JPG' && $file_tail != 'GIF') {
back("È®ÀåÀÚ°¡ JPG,GIF ÈÀϸ¸ ¿Ã¸±¼ö ÀÖÀ¾´Ï´Ù.");
}
/*****************************************************************
$photo_name=addslashes($photo_name);
$photo_name=ereg_replace(" ","",$photo_name);
$photo_name=ereg_replace("\|","",$photo_name);
$photo_dir="./photo/".$photo_name;
$exitst=file_exists("./photo/$photo_name");
if($exitst) {
back("¼±ÅÃÇϽŠÆÄÀÏ°ú µ¿ÀÏÇÑ À̸§ÀÇ ÆÄÀÏÀÌ ÀÌ¹Ì Á¸ÀçÇÕ´Ï´Ù.");
}
*******************************************************************/
$photo_dir="./photo/".date("U").$s_id.".".$file_tail;
// alert($photo_dir);
} // eof if (isset($photo))
$line = explode("\n",$comment);
$line_count = sizeof($line);
$signdate = time();
######### Á¦¸ñ°ú º»¹®ÀÇ ¹®ÀÚ¿¿¡ Æ÷ÇÔµÈ Æ¯¼ö¹®ÀÚ¸¦ escape½ÃŲ´Ù. ##########
$subject = htmlspecialchars($subject);
if($comment_is_html=='N') {
$comment=htmlspecialchars($comment);
}
########## µ¥ÀÌÅͺ£À̽º¿¡ ÀԷ°ªÀ» »ðÀÔÇÑ´Ù. ##########
if(isset($photo) && !empty($photo_name)) { //»çÁøÀ» ¿Ã·ÈÀ¸¸é
$query = "update $boardid set subject='$subject',comment='$comment',signdate=$signdate,ip='$REMOTE_ADDR',line_count=$line_count,photo='$photo_dir' where uid=$uid";
} else {
$query = "update $boardid set subject='$subject',comment='$comment',signdate=$signdate,ip='$REMOTE_ADDR',line_count=$line_count where uid=$uid";
}
$result = mysql_query($query,$connect);
if(!$result) {
alert("$query");
back('ÀμƮ ¿¡·¯');
}
if(isset($photo_name) && !empty($photo_name)) { //»çÁøÀ» ¿Ã·ÈÀ¸¸é
if(!copy($photo,$photo_dir)) {
back("ÆÄÀÏÀ» ÁöÁ¤ÇÑ µð·ºÅ丮¿¡ º¹»çÇϴµ¥ ½ÇÆÐÇßÀ¾´Ï´Ù.");
}
if(!unlink($photo)) {
back("ÀÓ½ÃÆÄÀÏÀ» »èÁ¦Çϴµ¥ ½ÇÆÐÇß½À´Ï´Ù.");
}
}
if($key_field) {
goto_refresh_page("search.html?boardid=$boardid&where=$where&page=$page&key=$key&key_field=$key_field",0);
} else {
goto_refresh_page("list.html?boardid=$boardid&where=$where&page=$page",0);
}
}
?>
¼Ò±¸¸® ¹®ÈÁöµµ - ¿ì¸®¼Ò½Ä °Ô½ÃÆÇ ±Û°íÄ¡±â
include 'board_write.inc';
?>
$query = "SELECT * FROM $boardid WHERE uid=$uid";
$result= mysql_query($query,$connect);
if (!$result) {
back('¿¡·¯1');
}
$row=mysql_fetch_array($result);
?>
¨Ï 1999-=date(Y);?> Soguri
|