|
Server : Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8e-fips-rhel5 DAV/2 PHP/5.2.17 System : Linux localhost 2.6.18-419.el5 #1 SMP Fri Feb 24 22:47:42 UTC 2017 x86_64 User : nobody ( 99) PHP Version : 5.2.17 Disable Function : NONE Directory : /home/queenjbs/jaejoong_X/pages/ |
Upload File : |
<?
include $_SERVER['DOCUMENT_ROOT']."/conf/conf_dir.php";
$todayfull = date("YmdHis");
$contents = addslashes($contents); //특수문자db에 들어가게..
$tableName = "from";
if($addfile_name)
{
if($_FILES['addfile']['size'] > "11162773")
{
echo"<script>
alert('10mb以下で保存することが可能です。');
history.back(-1);
</script>";
}
$savedir = "../files/from";
$addfile_ext = strtolower(substr($addfile_name,-3)); // 확장자
//소문자.. 대문자.. 구분가능..
if($addfile_ext!="com" or $addfile_ext!="exe" or $addfile_ext!="php" or $addfile_ext!="htm")
{
$vName = $tableName."_".$todayfull.".".$addfile_ext; //화명명 변경 예)20061212_6437210.jpg
$realName = $addfile_name;
$file_count = 1;
if(!copy($addfile, "$savedir/$vName"))
{
echo"<script>
alert('upload fail.');
history.back();
</script>";
}
unlink($addfile);
}
else
{
echo"<script>
alert('添付ファイルはファイル(exe,com,php,html)のみアップロード可能です.');
history.back();
</script>";
}
}
$formChk = "view";
if($is_secret == "") $is_secret ='N';
if($is_notice == "") $is_notice ='N';
if($num){
if($mode == "proc"){
$queryupok = "update board_$tableName set subject='$subject',contents='$contents',general_setting='$m_chk',modify_date=now(),is_secret='$is_secret' ,is_notice='$is_notice' where no = '$num'";
$boardNo = get_db("select no from board_$tableName where no = '$num'");
if($vName){
//기존 파일 삭제
$fileName = Get_db("select file_name from files where module_name='$tableName' and module_no = '$num'");
$del_file="../files/from/".$fileName;
if($fileName && is_file($del_file)) unlink($del_file);
if($fileName){
$file_query = "update files set original_name='$realName',file_name='$vName',file_type='$addfile_ext',reg_date=now() where module_name='$tableName' and module_no = '$num'";
}else{
$orderBy = mktime( 0, 0, 0, date("m"), date("d"), date("Y"));
$file_query = "INSERT INTO files
(module_no,module_name,original_name,file_name,file_type,order_by,reg_date)
VALUES
('$boardNo','$tableName', '$realName','$vName','$addfile_ext','$orderBy',now())";
}
//echo $file_query;
$result = mysql_query($file_query,$db_con);
}else if($delfile){
$fileName = Get_db("select file_name from files where module_name='$tableName' and module_no = '$num'");
if($fileName){
// 파일 삭제
$del_file="../files/from/".$fileName;
if($fileName && is_file($del_file)) unlink($del_file);
$delqry = mysql_query("DELETE FROM files where module_name='$tableName' and module_no = '$num'",$db_con);
$filesCnt = mysql_query("update board_$tableName set files_count='0',modify_date=now() where no = '$num'",$db_con);
}
}
}else if($mode == "del"){
$queryupok = "update board_$tableName set is_delete='Y',modify_date=now() where no = '$num'";
$formChk = "list";
}
$queryupok_result = mysql_query($queryupok,$db_con);
}else{
$subject = trim($subject);
if($subject && $sessionID){
$query = "INSERT INTO board_$tableName
(module_no,user_no,user_id,user_name,reg_date,modify_date,is_secret,subject,general_setting,contents,files_count,hit,ip)
VALUES
('$PAGE_GUBUN', '$sessionIDX','$sessionID','$sessionNickname',now(),now(),'$is_secret','$subject','$m_chk','$contents','$file_count','0','$REMOTE_ADDR')";
//echo $query;
$result = mysql_query($query,$db_con);
$boardNo = get_db("select no from board_$tableName order by no desc");
if($vName){
$orderBy = mktime( 0, 0, 0, date("m"), date("d"), date("Y"));
$file_query = "INSERT INTO files
(module_no,module_name,original_name,file_name,file_type,order_by,reg_date)
VALUES
('$boardNo','$tableName', '$realName','$vName','$addfile_ext','$orderBy',now())";
//echo $file_query;
$result = mysql_query($file_query,$db_con);
}
}else{
alert("error");
}
}
if($mode == "del"){
$saveName = "削除";
$returnUrl = "./from.php";
}else{
$saveName = "保存";
$returnUrl = "./from_view.php?num=$boardNo";
}
?>
<script>
alert("<?=$saveName?>しました。");
document.location='<?=$returnUrl?>';
</script>