alert('$msg'); history.back(); "; exit; } function alert_goB($msg, $href){ echo""; exit; } function script_goB($href){ echo""; exit; } #------------------- Á¢±Ù ±ÇÇÑ °Ë»ç -------------------# function board_pass_level($access_level, $msg) { global $login_level, $action, $pre_action, $login_id, $board_admin1, $board_admin2, $board_db, $PHP_SELF, $num,$pm; if(!$access_level) $access_level=0; if(!$board_admin1) $board_admin1 = "tgma03"; if(!$board_admin2) $board_admin2 = "tgma03"; if($login_level < $access_level){ if($access_level=='5'){ echo""; }else{ echo""; } //$pre_action = $action; //$action = "login"; $BACK="$PHP_SELF?board_db=".$board_db."&action=$action&num=".$num."&pm=".$pm; echo""; exit; } } #----------------------------------------------------# #------------------- °Ô½ÃÆÇ º¸±â °ø°³¿©ºÎ °Ë»ç -------------------# function board_view_level(){ Global $admin_table, $board_db, $login_level, $close_level; $sql = "select * from $admin_table where id='$board_db'"; $res = mysql_query($sql); $row = mysql_fetch_array($res); if(!$login_level) $access_level = 0; else $access_level = $login_level; //echo $access_level; //exit; if($row[view_level] > $access_level){ //alert_backB("ÇØ´ç °Ô½ÃÆÇ º¸±â ±ÇÇÑÀÌ ¾ø½À´Ï´Ù. "); $action = "check"; } } #----------------------------------------------------# #------------------- °ø°³¿©ºÎ °Ë»ç -------------------# function board_read_level() { Global $board_table, $close_level, $login_id; global $tbname, $no, $keyword, $writer,$img_url,$name,$file,$ip_print; global $info, $temp_homepage,$login_level, $action, $pre_action; $sql = "select * from $board_table where num='$num'"; $row = mysql_fetch_array(mysql_query($sql)); if($row[open_view] == "no" && $login_level < $close_level) $action = "read_form"; } #----------------------------------------------------# #--------------- Àбâüũ ÇÔ¼ö -------------# function read_confirm($r) { global $Conn, $tbname, $page, $login_id, $login_level, $no, $passwd, $board_table; //echo ("SELECT * FROM $board_table WHERE no=$no"); $result = mysql_query("SELECT * FROM $board_table WHERE no=$no"); $rmrinfo = mysql_fetch_array($result); if($rmrinfo[step] == "yes"){ $psql = "select * from $board_table where idx='$rmrinfo[idx]' && step='no'"; $prow = mysql_fetch_array(mysql_query($psql)); } if($login_level < 5){ if($passwd != $rmrinfo[passwd] && $passwd != $prow[passwd]) alert_backB("ºñ¹Ð¹øÈ£°¡ Ʋ¸³´Ï´Ù."); } script_goB("?tbname=$tbname&no=$no&page=$page&action=read&category=$category&keyword=$keyword&confirm=ok&pm=$pm"); } #-----------------------------------------------# /*********************************************************** ******************** ºñ¹Ð±Û Àбâüũ ÇÔ¼ö ******************/ function secret_confirm() { global $page, $login_id, $login_level, $num, $passwd, $board_table, $board_db, $idx, $sort, $reaction, $secret_level; if($sort && $idx){ $sql = "select passwd from $board_table where db='$board_db' && idx='$idx' order by sort asc limit 1 "; $row = mysql_fetch_array(mysql_query($sql)); } else { $sql = "select passwd from $board_table where db='$board_db' && num='$num' "; $row = mysql_fetch_array(mysql_query($sql)); } if(!$row) alert_backB("°Ô½Ã¹°ÀÌ Á¸ÀçÇÏÁö ¾Ê½À´Ï´Ù."); if($login_level < $secret_level){ if($passwd != $row[passwd]) alert_backB("ºñ¹Ð¹øÈ£°¡ Ʋ¸³´Ï´Ù."); } script_goB("?board_db=$board_db&num=$num&page=$page&action=read&category=$category&keyword=$keyword&pm=$pm"); } #-----------------------------------------------# #--------------- ÆäÀÌÁö À妽º¸¦ Ãâ·ÂÇÏ´Â ÇÔ¼ö -------------# function print_p_index() { global $tbname, $PHP_SELF; global $cpage, $pagenumber, $totalpage, $endpage, $curpage, $page_skip,$category,$keyword; $startpage = @intval(($cpage - 1) / $pagenumber) * $pagenumber + 1; $endpage = @intval(((($startpage - 1) + $pagenumber)/ $pagenumber) * $pagenumber); if ($totalpage <= $endpage) $endpage = $totalpage; if ($cpage > $pagenumber) { $curpage = intval($startpage - 1); echo ("  "); }else{ echo (" "); } $curpage = $startpage; while ($curpage <= $endpage): if ($curpage == $cpage) { echo (" $cpage  "); } else { echo (" $curpage "); } $curpage++; endwhile; if($totalpage > $endpage) { $curpage = intval($endpage + 1); echo("  "); }else{ echo(" "); } } #-----------------------------------------------# #--------------- ¹öÆ° Ãâ·Â ÇÔ¼ö -----------------------# function print_button($type, $img) { global $board_table, $board_img, $page, $num, $column, $keyword, $board_db, $row, $reaction,$pm; if($type == "list") { echo"¸ñ·Ï  "; } elseif($type == "read") { echo"  "; } elseif($type=="write" or $type == "write_form") { if ($type == "write") $tmp_href = "javascript:checkInput()"; else $tmp_href = "?board_db=$board_db&action=write_form&pm=$pm"; echo"±Û¾²±â  "; } elseif($type == "reply" or $type == "reply_form") { if ($type == "reply") $tmp_href = "javascript:checkInput()"; else $tmp_href = "?board_db=$board_db&page=$page&action=reply_form&num=$num$key_var&pm=$pm"; echo"´äº¯  "; } elseif($type == "modify" or $type == "modify_form") { if ($type == "modify") $tmp_href = "javascript:checkInput()"; else $tmp_href = "?board_db=$board_db&page=$page&action=modify_form&num=$row[num]$key_var&reaction=$reaction&pm=$pm"; echo"¼öÁ¤  "; } elseif($type == "delete" or $type == "delete_form") { if ($type == "delete") $tmp_href = "javascript:checkInput()"; else $tmp_href = "?board_db=$board_db&page=$page&action=delete_form&num=$row[num]$key_var&reaction=$reaction&pm=$pm"; echo"»èÁ¦  "; } elseif($type == "prev") { $psql = "select * from $board_table where db='$board_db' && notice!='1' && num!='$num' && idx<='$row[idx]' && sort>='$row[sort]' order by idx desc, sort asc limit 1"; $prow = mysql_fetch_array(mysql_query($psql)); if($prow) return $prow; } elseif($type == "next"){ if(!$row[sort]) $nsql = "select * from $board_table where db='$board_db' && notice!='1' && num!='$num' && idx>'$row[idx]' order by idx asc, sort desc limit 1"; else $nsql = "select * from $board_table where db='$board_db' && notice!='1' && num!='$num' && idx>='$row[idx]' && sort<='$row[sort]' order by idx asc, sort desc limit 1"; $nrow = mysql_fetch_array(mysql_query($nsql)); if($nrow) return $nrow; } elseif($type == "print") { echo""; echo "  "; } elseif($type == "source") { echo""; echo ""; } } #-----------------------------------------------# #--------------- °Ô½Ã¹°À» ÀúÀåÇÏ´Â ÇÔ¼ö -------------# function write(){ Global $board_table, $board_db, $subject, $name, $passwd, $email, $contents, $homepage, $upload_dir, $login_id, $write_dis, $dis_time, $secret,$diora_name; Global $userfile, $userfile_name, $userfile_size, $notice, $open_view, $category, $headtxt, $file_print, $REMOTE_ADDR, $upimg_max_width,$pm, $maxsize; if(!$notice) $notice = "N"; if(!$secret) $secret = "N"; if(!$login_id){ $dis_val = Disturbance($dis_time) ; if($write_dis != $dis_val) { alert_backB('ÀÎÁõ¹øÈ£°¡ ÀÏÄ¡ÇÏÁö ¾Ê½À´Ï´Ù.'); } } #### ÆÄÀϾ÷·Îµå #### if($file_print == "yes"){ for($i=0; $i0){ if(($maxsize*1024*1024) < $userfile_size[$i]){ alert_backB('÷ºÎÆÄÀÏÀº ¿ë·®ÀÌ 20M¸¦ ÃÊ°úÇÏ¿© ¾÷·Îµå°¡ ºÒ°¡´ÉÇÕ´Ï´Ù.'); } $nameArr = explode(".", "$userfile_name[$i]"); //ÆÄÀÏ È®ÀåÀÚ ºÐ¸® $extension = $nameArr[sizeof($nameArr) - 1]; if(eregi("php", $extension) || eregi("php3", $extension)||eregi("html", $extension) ||eregi("htm", $extension) ||eregi("inc", $extension)){ alert_backB('php ÆÄÀÏÀº ¾÷·Îµå ºÒ°¡ ÆÄÀÏÀÔ´Ï´Ù .'); } $upname = mktime()."_".$i.".".$extension; $target = "$upload_dir/$upname"; for($k=1; file_exists($target); $k++){ $upname = mktime()."_".$i.".".$extension; $target = "$upload_dir/$upname"; } //$fileinfo = getimagesize($userfile[$i]); //if($fileinfo[0] > $upimg_max_width) resize_image($userfile[$i], $fileinfo, $upload_dir, $upname); copy($userfile[$i], "$upload_dir/$upname"); $file_name[] = $userfile_name[$i]; $file_upname[] = $upname; } } } if($file_name) $user_name = implode("||", $file_name); if($file_upname) $server_name = implode("||", $file_upname); if(!$subject) $subject = "Á¦¸ñÀ» ÀÔ·ÂÇÏÁö ¾Ê¾Ò½À´Ï´Ù."; $contents = htmlspecialchars($contents); $passwd = trim($passwd); $homepage = trim(ereg_replace("http://","",$homepage)); // "" ¹®ÀÚ·Î º¯È¯ $subject = trim(ereg_replace("","< x m p >",$subject)); // "" ¹®ÀÚ·Î º¯È¯ $user_ip = $REMOTE_ADDR; // µî·ÏÀÚ ¾ÆÀÌÇÇ ÀÔ·Â $max_sql = "select max(idx) from $board_table"; $max_no = mysql_fetch_array(mysql_query($max_sql)); $max_no = $max_no[0]+1; //¿ù 30ÀÏ °è½ÃÆÇ¿¡ ¾´»ç¶÷ À̸§ Ãß°¡ $sql = "insert into $board_table(db, idx, subject, contents, name, email, wdate, homepage, user_ip, passwd, file_path, file_name, exname, "; $sql .= " secret, notice, id, category, headtxt,pjk) values( "; $sql .= "'$board_db', '$max_no', '$subject', '$contents', '$name', '$email', now(), '$homepage', '$user_ip', '$passwd', '$upload_dir', '$user_name', "; $sql .= "'$server_name', '$secret', '$notice', '$login_id', '$category', '$headtxt' ,'$diora_name')"; mysql_query($sql); if($board_db=='error'){ $mail_comment = stripslashes(nl2br($contents)) ; $R_to4="spellblu@limeweb.net"; // ÀåÁöÇâ $R_to5="aurigan@limeweb.net"; //¹ÚÁÖ±¤ $R_subject="[Æ÷Ç׽ðÇÃà»çȸ °ÇÀÇ/¿À·ù½Å°í]¿¡¼­ ¿Â ±ÛÀÔ´Ï´Ù"; $from2="$name<$email>"; $R_add2="From : ".$from2."\n"; $R_add2 .="Content-Type:text/html;charset=EUC-KRn"; $R_content=" <HTML> <HEAD> <TITLE>¶óÀÓÄÄÁ¤º¸</TITLE> <META HTTP-EQUIV='Content-Type' CONTENT='text/html; charset=euc-kr'> <style type='text/css'> <!-- TD {FONT-FAMILY: ±¼¸²,±¼¸²Ã¼; color:#000000; FONT-SIZE: 9pt; LINE-HEIGHT: 16pt} a:link { font-family: '±¼¸²'; font-size: 9pt; color: #000000; text-decoration: none} a:visited { font-family: '±¼¸²'; font-size: 9pt; color: #000000; text-decoration: none} a:hover { font-family: '±¼¸²'; font-size: 9pt; color: #3399CC; text-decoration: none} a:active { font-family: '±¼¸²'; font-size: 9pt; color: #3399CC; text-decoration: none} --> </style> </HEAD> <BODY BGCOLOR=#FFFFFF LEFTMARGIN=0 TOPMARGIN=0 MARGINWIDTH=0 MARGINHEIGHT=0> <table width='100%' height='100%' border='0' cellpadding='0' cellspacing='0'> <tr> <td height='170' valign='top' background='http://www.limeweb.net/~lime/images/formmail/back_right01.gif'> <TABLE WIDTH=665 height='170' BORDER=0 CELLPADDING=0 CELLSPACING=0> <TR valign='top'> <TD> <IMG SRC='http://www.limeweb.net/~lime/images/formmail/limeform_01.gif' WIDTH=45 HEIGHT=15 ALT=''></TD> <TD> <IMG SRC='http://www.limeweb.net/~lime/images/formmail/limeform_02.gif' WIDTH=203 HEIGHT=15 ALT=''></TD> <TD> <IMG SRC='http://www.limeweb.net/~lime/images/formmail/limeform_03.gif' WIDTH=347 HEIGHT=15 ALT=''></TD> <TD> <IMG SRC='http://www.limeweb.net/~lime/images/formmail/limeform_04.gif' WIDTH=70 HEIGHT=15 ALT=''></TD> </TR> <TR valign='top'> <TD> <IMG SRC='http://www.limeweb.net/~lime/images/formmail/limeform_05.gif' WIDTH=45 HEIGHT=76 ALT=''></TD> <TD> <a href='http://www.limeweb.net' target='_blank' onFocus='this.blur()'><IMG SRC='http://www.limeweb.net/~lime/images/formmail/limeform_06.gif' ALT='' WIDTH=203 HEIGHT=76 border='0'></a></TD> <TD> <IMG SRC='http://www.limeweb.net/~lime/images/formmail/limeform_07.gif' WIDTH=347 HEIGHT=76 ALT=''></TD> <TD> <IMG SRC='http://www.limeweb.net/~lime/images/formmail/limeform_08.gif' WIDTH=70 HEIGHT=76 ALT=''></TD> </TR> <TR valign='top'> <TD> <IMG SRC='http://www.limeweb.net/~lime/images/formmail/limeform_09.gif' WIDTH=45 HEIGHT=79 ALT=''></TD> <TD> <IMG SRC='http://www.limeweb.net/~lime/images/formmail/limeform_10.gif' WIDTH=203 HEIGHT=79 ALT=''></TD> <TD> <a href='http://www.limeweb.net' target='_blank' onFocus='this.blur()'><IMG SRC='http://www.limeweb.net/~lime/images/formmail/limeform_11.gif' ALT='' WIDTH=347 HEIGHT=79 border='0'></a></TD> <TD> <IMG SRC='http://www.limeweb.net/~lime/images/formmail/limeform_12.gif' WIDTH=70 HEIGHT=79 ALT=''></TD> </TR> </TABLE> </td> </tr> <tr> <td height='100%' valign='top' background='http://www.limeweb.net/~lime/images/formmail/back_right02.gif'> <TABLE WIDTH=665 height='100%' BORDER=0 CELLPADDING=0 CELLSPACING=0> <TR valign='top'> <TD width='45' background='http://www.limeweb.net/~lime/images/formmail/limeform_13.gif'> <IMG SRC='http://www.limeweb.net/~lime/images/formmail/limeform_13.gif' ALT='' WIDTH=45 height='20'></TD> <TD bgcolor='#FFFFFF'><table width='100%' height='100%' border='0' cellpadding='0' cellspacing='0'> <tr> <td>&nbsp;</td> </tr> <tr> <td height='100%' valign='top' background='http://www.limeweb.net/~lime/images/formmail/dot.gif'> <p>¢ÂÁ¦¸ñ : $subject <br> ¢ÂÀÛ¼ºÀÚ : $name <br> ¢ÂÀüÀÚ¿ìÆí : $email <br> ¢ÂȨÆäÀÌÁö : $homepage <br> ¢¸³»¿ë¢º <br> $mail_comment <br> <br> <br> <br> </p> <br> <br> </td> </tr> </table> </TD> <TD width='70' background='http://www.limeweb.net/~lime/images/formmail/limeform_16.gif'> <img src='http://www.limeweb.net/~lime/images/formmail/limeform_16.gif' alt='' width=70 height='20'></TD> </TR> </TABLE> </td> </tr> <tr> <td height='135' background='http://www.limeweb.net/~lime/images/formmail/back_right02.gif'> <TABLE WIDTH=665 height='135' BORDER=0 CELLPADDING=0 CELLSPACING=0> <TR valign='top'> <TD> <IMG SRC='http://www.limeweb.net/~lime/images/formmail/limeform_17.gif' WIDTH=45 HEIGHT=135 ALT=''></TD> <TD> <IMG SRC='http://www.limeweb.net/~lime/images/formmail/limeform_18.gif' WIDTH=203 HEIGHT=135 ALT=''></TD> <TD> <IMG SRC='http://www.limeweb.net/~lime/images/formmail/limeform_19.gif' WIDTH=347 HEIGHT=135 ALT=''></TD> <TD> <IMG SRC='http://www.limeweb.net/~lime/images/formmail/limeform_20.gif' WIDTH=70 HEIGHT=135 ALT=''></TD> </TR> </TABLE> </td> </tr> </table> </BODY> </HTML> "; //$send4 = mail($R_to4, $R_subject, $R_content, $R_add2); // ÀåÁöÇâ //$send5 = mail($R_to5, $R_subject, $R_content, $R_add2); // ¹ÚÁÖ±¤ //} } script_goB("?board_db=$board_db&pm=$pm"); } #-----------------------------------------------# #################### »çÀÌÆ® °ü¸®¿äû ¸ÞÀÏ #################### #--------------- ´äº¯ °Ô½Ã¹°À» ÀúÀåÇÏ´Â ÇÔ¼ö -------------# function reply($no){ Global $board_table, $board_db, $name, $email, $contents, $homepage, $passwd, $user_ip, $subject, $login_id, $REMOTE_ADDR, $sort, $idx, $page, $secret; Global $num, $open_view, $category, $headtxt, $board_db,$pm; if(!$subject) $subject = "Á¦¸ñÀ» ÀÔ·ÂÇÏÁö ¾Ê¾Ò½À´Ï´Ù."; //$name = "$name($login_id)"; //$subject = addslashes($subject); $name = addslashes($name); $email = addslashes($email); $homepage = addslashes($homepage); $passwd = addslashes(trim($passwd)); $contents = htmlspecialchars($contents); $homepage = trim(ereg_replace("http://"," ",$homepage)); // "" ¹®ÀÚ·Î º¯È¯ $subject = trim(ereg_replace("<xmp>","< x m p >",$subject)); // "" ¹®ÀÚ·Î º¯È¯ $user_ip = $REMOTE_ADDR; // µî·ÏÀÚ ¾ÆÀÌÇÇ ÀÔ·Â $step_update = mysql_query("update $tbname set step=1 where num=$num"); $re=array(1,2,3,4,5,6,7,8,9,a,b,c,d,e,f,g,h,i,j,k,l,m,n,o,p,q,r,s,t,u,v,w,x,y,z); $lensub=strlen($sort); $re_result=mysql_query("select right(sort,1) from $board_table where idx='$idx' and length(sort)=$lensub+1 order by sort desc limit 1") or die(mysql_error()); $sq=mysql_fetch_array($re_result); if(!$sq[0]) $sqsave=$re[0]; //°ªÀÌ ¾øÀ»°æ¿ì sub °ªÀº 1 else if ($sq[0]=="z") $CHECK->err_msg("*^^* : ´õÀÌ»ó ´äº¯À» ÇÒ ¼ö ¾ø½À´Ï´Ù."); else { for ($k=0;$k<35;$k++){ if ($sq[0]==$re[$k]) { $sqsave=$re[$k+1]; } } } $sub = $sort.$sqsave; $user_ip = $REMOTE_ADDR; // µî·ÏÀÚ ¾ÆÀÌÇÇ ÀÔ·Â $sql = "insert into $board_table(db, step, idx, sort, subject, contents, name, email, wdate, homepage, user_ip, passwd, secret, id, category) values( "; $sql .= "'$board_db', '1', '$idx', '$sub', '$subject', '$contents', '$name', '$email', now(), '$homepage', '$user_ip', '$passwd', '$secret', '$login_id', '$category')"; mysql_query($sql); // reply_mail(); script_goB("?page=$page&board_db=$board_db&pm=$pm"); } #-----------------------------------------------# #--------------- °Ô½Ã¹°À» ¼öÁ¤ üũÇÏ´Â ÇÔ¼ö -------------# function modify_check($r){ Global $board_table, $page, $login_id, $login_level, $num, $passwd, $board_admin1, $board_admin2, $board_db,$pm; $sql = "SELECT name, passwd FROM $board_table WHERE num='$num'"; $res = mysql_query($sql); $row = mysql_fetch_array($res); if($login_level < 5){ if ($passwd != $row[passwd]) alert_backB("ºñ¹Ð¹øÈ£°¡ Ʋ¸³´Ï´Ù. ¼öÁ¤ ÇÒ ¼ö ¾ø½À´Ï´Ù."); } script_goB("?action=modify_form2&num=$num&passwd=$passwd&page=$page&board_db=$board_db&pm=$pm"); } #-----------------------------------------------# #--------------- °Ô½Ã¹°À» ¼öÁ¤ÇÏ´Â ÇÔ¼ö -------------# function modify($no) { Global $board_table, $board_db, $subject, $notice, $open_view, $name, $email, $contents, $homepage, $inpasswd, $login_id, $login_level, $category, $headtxt; Global $upload_dir, $userfile, $userfile_size, $userfile_name, $REMOTE_ADDR, $num, $search_key, $num, $file_print, $upimg_max_width,$pm,$db_move; // ¼öÁ¤ÇÏ´Â »ç¶÷ÀÇ IPÁÖ¼Ò ÁÖÃâ $user_ip = $REMOTE_ADDR; // À̸§,ºñ¹Ð¹øÈ£,ÆÄÀÏÆÐÄ¡,ÆÄÀÏÀ̸§ ·Îµù $sql = "select * from $board_table where num=$num"; $info = mysql_fetch_array(mysql_query($sql)); $ofile_name = explode("||", $info[file_name]); $oexname = explode("||", $info[exname]); #### ÆÄÀϾ÷·Îµå #### if($file_print == "yes"){ for($i=0; $i<sizeof($userfile); $i++){ if($userfile_name[$i] && $userfile_size[$i]>0){ $nameArr = explode(".", "$userfile_name[$i]"); //ÆÄÀÏ È®ÀåÀÚ ºÐ¸® $extension = $nameArr[sizeof($nameArr) - 1]; if(eregi("php", $extension) || eregi("php3", $extension)||eregi("html", $extension) ||eregi("htm", $extension) ||eregi("inc", $extension)){ alert_backB('php ÆÄÀÏÀº ¾÷·Îµå ºÒ°¡ ÆÄÀÏÀÔ´Ï´Ù .'); } $upname = mktime()."_".$i.".".$extension; $target = "$upload_dir/$upname"; for($k=1; file_exists($target); $k++){ $upname = mktime()."_".$i.".".$extension; $target = "$upload_dir/$upname"; } if($oexname[$i] && is_file("$upload_dir/$oexname[$i]")) @unlink("$upload_dir/$oexname[$i]"); $fileinfo = getimagesize($userfile[$i]); if($fileinfo[0] > $upimg_max_width) resize_image($userfile[$i], $fileinfo, $upload_dir, $upname); else $copyresult = copy($userfile[$i], "$upload_dir/$upname"); $file_name[] = $userfile_name[$i]; $file_upname[] = $upname; } else { $file_name[] = $ofile_name[$i]; $file_upname[] = $oexname[$i]; } } } if($file_name) $user_name = implode("||", $file_name); if($file_upname) $server_name = implode("||", $file_upname); $contents = htmlspecialchars($contents); $subject = htmlspecialchars($subject); ################# Addslashes ^^* $name = addslashes($name); $email = addslashes($email); $homepage = addslashes($homepage); $homepage = trim(ereg_replace("http://"," ",$homepage)); // "" ¹®ÀÚ·Î º¯È¯ if($db_move)$asd=",db='$db_move'"; $sql = " update $board_table set subject='$subject', passwd='$inpasswd', contents='$contents', name='$name', email='$email', homepage='$homepage', "; $sql .= " user_ip='$user_ip', notice='$notice', category='$category', headtxt='$headtxt', file_name='$user_name', exname='$server_name' $asd where num='$num' "; mysql_query($sql); //$csql = "update $board_table set open_view='$open_view' where idx='$info[idx]'"; //mysql_query($csql); script_goB("?page=$page&board_db=$board_db&pm=$pm"); } #-----------------------------------------------# #################### »çÀÌÆ® °ü¸®¿äû ¸ÞÀÏ #################### #--------------- °Ô½Ã¹°À» »èÁ¦ÇÏ´Â ÇÔ¼ö -------------# function delete($r) { Global $board_table, $comment_table, $board_db, $page, $login_id, $login_level, $num, $passwd,$pm; $sql = "select name, passwd, file_path, file_name, exname from $board_table WHERE num='$num'"; $row = mysql_fetch_array(mysql_query($sql)); if ($login_level < 5){ if($passwd != $row[passwd]) alert_backB("ºñ¹Ð¹øÈ£°¡ Ʋ¸³´Ï´Ù. »èÁ¦ ÇÒ ¼ö ¾ø½À´Ï´Ù."); } $file = explode("||", $row[exname]); $file_name = explode("||", $row[file_name]); for($i=0; $i<sizeof($file); $i++){ if($file[$i] && is_file("$row[file_path]/$file[$i]")) @unlink("$row[file_path]/$file[$i]"); } $sql1 = "delete from $board_table where num='$num'"; mysql_query($sql1); $sql2 = "delete from $comment_table where db='$board_db' && usernum='$num'"; mysql_query($sql2); alert_goB("°Ô½Ã¹° »èÁ¦¸¦ ¿Ï·á ÇÏ¿´½À´Ï´Ù.","?board_db=$board_db&page=$page&pm=$pm"); } #-----------------------------------------------# #----------- °øÁö ¸ÞÀÏ ¹ß½Å ±â´É -----------# function announ_mail($priv_mail,$r) { global $Conn; global $login_name,$login_email,$subject,$content,$attach_name,$attach_size,$o_tag; $header = "From: \"$login_name\" <$login_email>\nContent-Type:text/html\nReply-To:$login_email\nX-mailer:PHP/".phpversion(); $content = "<pre>".stripslashes($content)."</pre>"; if($priv_mail == "^5") { pass_priv($priv_mail, "Exec.°øÁö¸ÞÀÏ ¹ß½Å"); $subject = "[FMC Exec.°øÁö] ".stripslashes($subject); if($attach_name) { if(!$o_tag) {$attach_size = (int) ($attach_size / 1024);} $subject .= " (÷ºÎÆ÷ÇÔ)"; $content .= "\n<br><br>\n<p align=right><font size=2><img src='http://www.fmc.pe.kr/board/img/file.gif'> <a href='http://www.fmc.pe.kr/board/files/$r/$attach_name'>$attach_name (${attach_size}KB)</a></font></p>"; } $R=mysql_query("SELECT member.id,name FROM member LEFT JOIN member_info on member.id=member_info.id WHERE lv >= 5",$Conn); for($i=0;$i<mysql_num_rows($R);$i++) { $D=mysql_fetch_row($R); $mail_to = "\"$D[1]\" <$D[0]@fmc.pe.kr>"; mail($mail_to,$subject,$content,$header); } } if($priv_mail == "^2" or $priv_mail == "^1") { if($priv_mail == "^2") {pass_priv($priv_mail, "ȸ¿ø°øÁö¸ÞÀÏ ¹ß½Å"); $subject = "[FMC ȸ¿ø°øÁö] ".stripslashes($subject);} else {pass_priv($priv_mail, "Àüü°øÁö¸ÞÀÏ ¹ß½Å"); $subject = "[FMC Àüü°øÁö] ".stripslashes($subject);} if($attach_name) { if(!$o_tag) {$attach_size = (int) ($attach_size / 1024);} $subject .= " (÷ºÎÆ÷ÇÔ)"; $content .= "\n<br><br>\n<p align=right><font size=2><img src='http://www.fmc.pe.kr/board/img/file.gif'> <a href='http://www.fmc.pe.kr/board/files/$r/$attach_name'>$attach_name (${attach_size}KB)</a></font></p>"; } $R=mysql_query("SELECT member.id,name FROM member LEFT JOIN member_info on member.id=member_info.id WHERE lv >= 2",$Conn); for($i=0;$i<mysql_num_rows($R);$i++) { $D=mysql_fetch_row($R); $mail_to = "\"$D[1]\" <$D[0]@fmc.pe.kr>"; mail($mail_to,$subject,$content,$header); } } if($priv_mail == "^1") { $R=mysql_query("SELECT name,email FROM member LEFT JOIN member_info on member.id=member_info.id WHERE lv=1",$Conn); for($i=0;$i<mysql_num_rows($R);$i++) { $D=mysql_fetch_row($R); $mail_to = "\"$D[0]\" <$D[1]>"; mail($mail_to,$subject,$content,$header); } } } #----------------------------------------# ######################################################################## function resize_image($file, $fileInfo, $dir, $rename){ global $upimg_max_width; $width = $fileInfo[0]; $height = $fileInfo[1]; $new_width = $upimg_max_width; $new_height = round($height * ($upimg_max_width / $width)); $newimg = imagecreatetruecolor($new_width, $new_height); //$cpyimg = image_type($file); if($fileInfo[2] == 1) $cpyimg = ImageCreateFromGif($file); else if($fileInfo[2] == 2) $cpyimg = ImageCreateFromJPEG($file); else if($fileInfo[2] == 3) $cpyimg = ImageCreateFromPNG($file); ImageCopyResized($newimg, $cpyimg, 0, 0, 0, 0, $new_width, $new_height, $width, $height); switch($fileInfo[2]){ case"1": // gif //header("content-type : image/gif"); imagegif($newimg, "$dir/$rename", "90"); break; case"2": // jpg //header("content-type : image/jpeg"); imagejpeg($newimg, "$dir/$rename", "90"); break; case"3": // png //header("content-type : image/png"); imagepng($newimg, "$dir/$rename", "90"); break; } //imagedestory($newimg); } #----------- ÀÎÁõ¹øÈ£ -----------# function Disturbance($dis_time) { return strrev(substr((($dis_time%100000)+1)*83947,-3)) ; } #----------- ´Ù¿î·Îµå -----------# function download() { global $file_path, $filename, $exname; // ÆÄÀÏ Àбâ if (is_file("$file_path/$exname")) { $f = fopen("$file_path/$exname", "r"); $filedata = fread($f, filesize("$file_path/$exname")); fclose($f); } header("Content-type: application/octet-stream"); header("Content-disposition: attachment; filename=$filename"); header("Pragma: no-cache"); header("Expires: 0"); print $filedata; exit; } #--------------- °Ô½ÃÆÇ ²¿¸´¸»¿¡ ÄÚ¸àÆ® ÀúÀåÇÏ´Â ÇÔ¼ö -------------# function reCommant(){ Global $PHP_SELF, $board_db, $board_table, $usernum, $code, $contents, $passwd, $name, $comnum, $login_id, $grp,$pm; //$sql = "select max(loc) from board_comment where grp='$grp'"; //$row = mysql_fetch_array(mysql_query($sql)); //$loc = $row[0] + 1; // ·Î±×ÀÎ ¾ÆÀ̵𰡠ÀÖÀ¸¸é, ¾ÆÀ̵𸦠¾øÀ¸¸é guest·Î $name = addslashes($name); $contents = addslashes($contents); $passwd = addslashes(trim($passwd)); $sql = "insert into board_comment(code, grp, loc, stp, id, usernum, name, contents, passwd, wdate) values("; $sql .= "'$board_db', '$grp', '1', '$stp', '$login_id', '$usernum', '$name', '$contents', '$passwd', now()) "; mysql_query($sql); script_goB("$PHP_SELF?board_db=$board_db&page=$page&action=read&no=$usernum&code=$code&pm=$pm"); } #-----------------------------------------------# #--------------- °Ô½ÃÆÇ ÄÚ¸àÆ® ÀúÀåÇÏ´Â ÇÔ¼ö -------------# function comment(){ Global $board_db, $board_table, $comment_table, $usernum, $code, $contents, $passwd, $name, $login_id, $login_name, $login_level, $reaction, $board_db,$pm; if(!$login_id){ alert_backB("·Î±×ÀÎÈÄ ÀÌ¿ëÇϼ¼¿ä"); } $sql = "select max(num) from $comment_table "; $row = mysql_fetch_array(mysql_query($sql)); $grp = $row[0] + 1; // ·Î±×ÀÎ ¾ÆÀ̵𰡠ÀÖÀ¸¸é, ¾ÆÀ̵𸦠¾øÀ¸¸é guest·Î $name = addslashes($name); $contents = nl2br(htmlspecialchars($contents)); $passwd = addslashes(trim($passwd)); $sql = "insert into $comment_table(db, grp, loc, stp, id, usernum, name, contents, passwd, wdate) values("; $sql .= "'$board_db', '$grp', '$loc', '$stp', '$login_id', '$usernum', '$name', '$contents', '$passwd', now()) "; mysql_query($sql); if($reaction) $action = $reaction; else $action = "read"; script_goB("?page=$page&action=$action&num=$usernum&board_db=$board_db&pm=$pm"); } #-----------------------------------------------# #--------------- °Ô½ÃÆÇ ÄÚ¸àÆ® »èÁ¦ÇÏ´Â ÇÔ¼ö -------------# function delete_co($r){ global $comment_table, $page, $login_id, $login_level, $num, $passwd, $usernum, $board_code, $reaction, $board_db,$pm; $sql = "select passwd from $comment_table where num='$num' "; $row = mysql_fetch_array(mysql_query($sql)); if($login_level < 5){ if ($passwd != $row[passwd]) alert_backB("ºñ¹Ð¹øÈ£°¡ Ʋ¸³´Ï´Ù. »èÁ¦ ÇÒ ¼ö ¾ø½À´Ï´Ù."); } $del_result = mysql_query("delete from $comment_table where num='$num' ") or die(mysql_error()); if($reaction) $action = $reaction; else $action = "read"; alert_goB("»èÁ¦ µÇ¾ú½À´Ï´Ù.","?page=$page&action=$action&num=$usernum&board_db=$board_db&pm=$pm"); } #-----------------------------------------------# #--------------- °Ô½ÃÆÇ ÄÚ¸àÆ® »èÁ¦ÇÏ´Â ÇÔ¼ö -------------# function delete_co2(){ global $comment_table, $page, $login_id, $login_level, $no, $board_code, $reaction,$pm; $sql = "delete from $comment_table where no='$no' "; mysql_query($sql); if($reaction) $action = $reaction; else $action = "read"; alert_goB("»èÁ¦ µÇ¾ú½À´Ï´Ù.","?page=$page&action=$action&board_code=$board_code&pm=$pm"); } #-----------------------------------------------# #### ÇÑ±Û ÀÚ¸£´Â ÇÔ¼ö #### function b_string_cut($subject, $sub, $addt){ if(strlen($subject)>$sub){ for($k=0; $k<$sub; $k++){ if(ord($subject[$k])>127) $kor = $kor + 1; else $eng = $eng + 1; } if($kor%2) $sublen = $kor+$eng+1; else $sublen = $kor+$eng; $subject=substr($subject, 0, $sublen).$addt; return $subject; } else return $subject; } /**** PAGE LINK ( , , , "LEFT ARROW IMG PATH", "RIGHT ARROW IMG PATH") ****/ function psk_pagelinkB($totalpage, $pageitem, $page, $left, $right, $query, $start, $end){ Global $PHP_SELF; $linknum = ceil($totalpage / $pageitem); echo"<table cellpadding='0' cellspacing='0' border='0'><tr>"; if($start){ if($page > 1) echo "<td style='padding-left:5; padding-right:5'><a href='?page=1&$query'><img src='$start' border='0' align='absmiddle' alt='¸Ç óÀ½ ÆäÀÌÁö·Î'></a></td>"; else echo "<td style='padding-left:5; padding-right:5'><img src='$start' border='0' align='absmiddle' alt='¸Ç óÀ½ ÆäÀÌÁö·Î'></td>"; } $start = (ceil($page / $pageitem) * $pageitem) - ($pageitem - 1); if($start > 1){ $pg = $start - 1; echo "<td style='padding-left:5; padding-right:5'><a href='$PHP_SELF?page=$pg&$query'><img src='$left' border='0' align='absmiddle' alt='ÀÌÀüÆäÀÌÁö¸ñ·Ï'></a></td>"; } else echo "<td style='padding-left:5; padding-right:5'><img src='$left' border='0' align='absmiddle' alt='ÀÌÀüÆäÀÌÁö¸ñ·Ï'></td>"; for($i=$start; $i<$start + $pageitem; $i++){ if($i > $totalpage) break; if($i > $start) echo"<td align='center' >&nbsp;|&nbsp;</td>"; if($page == $i) echo"<td class='bo_txt' style='padding:0 4 0 4; color:#FF0000'>$i</td>"; else echo"<td class='bo_txt' style='padding:0 4 0 4;'><a href='$PHP_SELF?page=$i&$query'>$i</a></td>"; } if($i - 1 < $totalpage){ echo "<td style='padding-left:5; padding-right:5'><a href='$PHP_SELF?page=$i&$query'><img src='$right' border='0' align='absmiddle' alt='´ÙÀ½ÆäÀÌÁö¸ñ·Ï'></a></td>"; } else echo "<td style='padding-left:5; padding-right:5'><img src='$right' border='0' align='absmiddle' alt='´ÙÀ½ÆäÀÌÁö¸ñ·Ï'></td>"; if($end){ if($totalpage > $page) echo "<td style='padding-left:5; padding-right:5'><a href='?page=$totalpage&$query'><img src='$end' border='0' align='absmiddle' alt='¸Ç ¸¶Áö¸· ÆäÀÌÁö·Î'></a></td>"; else echo "<td style='padding-left:5; padding-right:5'><img src='$end' border='0' align='absmiddle' alt='¸Ç ¸¶Áö¸· ÆäÀÌÁö·Î'></td>"; } echo"</tr></table>"; } function Psk_file_uploadB($file, $file_name, $file_size, $updir){ if($file_name!=""){ $target=$updir.$file_name; if ($file_size > 0) { $filename = ereg_replace("(\.[^\.]*$)","",$file_name); $extension = str_replace($filename,"",$file_name); for($k=1; file_exists($target); $k++){ $file_name = $filename."_".$k.$extension; $target=$updir.$file_name; } $result=copy($file, $target); } } return $file_name; } ?>