KGRKJGETMRETU895U-589TY5MIGM5JGB5SDFESFREWTGR54TY
Server : Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8e-fips-rhel5 DAV/2 PHP/5.2.17
System : Linux localhost 2.6.18-419.el5 #1 SMP Fri Feb 24 22:47:42 UTC 2017 x86_64
User : nobody ( 99)
PHP Version : 5.2.17
Disable Function : NONE
Directory :  /home/queenjbs/yuchun/admin/Proc/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Current File : //home/queenjbs/yuchun/admin/Proc/layout_slide_proc.php
<?include $_SERVER['DOCUMENT_ROOT']."/conf/conf_dir.php";?>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<?
//include "../i.inc";
//exit;
$tableName = "layoutTable";
$todayfull = date("YmdHis");
if($is_secret == "") $is_secret ='N';
$subject = addslashes($subject);

///////////////////////////
//Loop through each file //
///////////////////////////

$save_dir 	= $_SERVER['DOCUMENT_ROOT']."/files/muti/main/";

$tmpFilePath = $_FILES['imgfile']['tmp_name'];
if ($tmpFilePath != ""){
	$file_name      = $_FILES['imgfile'][name];
	$file_tmp_name  = $_FILES['imgfile'][tmp_name];

	$newFilePath = $save_dir . $file_name;


	if (!file_exists($save_dir.$file_name)) {
		if(!move_uploaded_file($file_tmp_name,$save_dir.$file_name)) echo "error";

	} else {
		$file_name  = time().$file_name;
		if(!move_uploaded_file($file_tmp_name,$save_dir.$file_name)) echo "error";
	}
	$vName1= $file_name;
}

if($idx){

	if($mode == "proc"){
		if($vName1) {
			$tmp_file_name = "file_name='".$vName1."' ,";
   if (file_exists($save_dir.$imgName)) {
			 unlink($save_dir.$imgName);
   }
		}
		$queryupok = "update $tableName set

		subject='$subject' ,
		$tmp_file_name
		URL='$URL',
		URL_target='$url_target' ,
		REG_DATE=now(),
		is_secret = '$is_secret'

		where no = '$idx'";
		$formChk = "view";
		$naviChkName = "수정";

	}else if($mode == "del"){
		$queryupok = "DELETE FROM $tableName WHERE no = '$idx'";
    if (file_exists($save_dir.$imgName)) {
		    unlink($save_dir.$imgName);
    }
		$formChk = "list";
	}
	$queryupok_result = mysql_query($queryupok,$db_con);

}else{
	$division =1; //1.슬라이드 2.동영상.
	$boardNo = get_db("select max(no) from $tableName")+1;
	$query = "INSERT INTO  `$tableName` (
	`no` ,
	`division` ,
	`subject` ,
	`file_name` ,
	`URL` ,
	`URL_target` ,
	`REG_DATE`,
	`is_secret`
	)
	VALUES (
	'$boardNo',  '$division','$subject', '$vName1',  '$URL', '$url_target', now(),'$is_secret'
	)";

	//echo $query;
	$result = mysql_query($query,$db_con);
	if(!$result){
		echo "error";
		exit;
	}



	$formChk = "view";
	$naviChkName = "등록";
	$idx = $boardNo;

}

if($mode == "del"){
	$saveName = "삭제 되었습니다.";
	$urlchk ="../mainLayout_slide.php?act=1";
}else{
	$saveName = $naviChkName."되었습니다.";
	$urlchk ="../mainLayout_slide.php?act=1";
}

?>
<form name="form" method="post" action="<?=$urlchk?>" enctype="multipart/form-data">
<input type="hidden" name="mode" value="<?=$mode?>">
<input type="hidden" name="tab" value="<?=$tab?>">
</form>
<script>
alert("<?=$saveName?>");
document.form.submit();
</script>

Anon7 - 2021