|
Server : Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8e-fips-rhel5 DAV/2 PHP/5.2.17 System : Linux localhost 2.6.18-419.el5 #1 SMP Fri Feb 24 22:47:42 UTC 2017 x86_64 User : nobody ( 99) PHP Version : 5.2.17 Disable Function : NONE Directory : /proc/21572/root/home/queenjbs/yuchun/admin/Proc/ |
Upload File : |
<?include $_SERVER['DOCUMENT_ROOT']."/conf/conf_dir.php";?>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<?
$todayfull = date("YmdHis");
$mainContent = addslashes($mainContent); //특수문자db에 들어가게..
$deli_contents = addslashes($deli_contents);
$change_contents = addslashes($change_contents);
$mail1 = addslashes($mail1);
$mail2 = addslashes($mail2);
$savedir = $_SERVER['DOCUMENT_ROOT']."/files/muti/shop/";
//----thump 이미지 저장-----------------------------------//
if ($thumnail_name) {
if($_FILES['thumnail_name']['size'] > "11162773"){
?>
<SCRIPT LANGUAGE="JavaScript">
<!--
alert("10mb以下で保存することが可能です。");
history.back(-1);
//-->
</SCRIPT>
<?
}
$thumnail_name_ext = strtolower(substr($thumnail_name,-3)); // 확장자
if($thumnail_name_ext!="com" or $thumnail_name_ext!="exe" or $thumnail_name_ext!="php" or $thumnail_name_ext!="htm") { //소문자.. 대문자.. 구분가능..
$vName = $category."".$todayfull.".".$thumnail_name_ext; //화명명 변경 예)20061212_6437210.jpg
$realName = $thumnail_name;
$file_count = 1;
if(!copy($thumnail, "$savedir/$vName")) {
?>
<SCRIPT LANGUAGE="JavaScript">
<!--
//alert("upload fail.");
//history.back(-1);
//-->
</SCRIPT>
<?
exit;
}
unlink($thumnail);
}else{
?>
<SCRIPT LANGUAGE="JavaScript">
<!--
alert("添付ファイルはファイル(exe,com,php,html)のみアップロード可能です.");
history.back(-1);
//-->
</SCRIPT>
<?
}
}
//----thump 이미지 저장 끝-----------------------------------//
if($filecnt){
$save_dir = $_SERVER['DOCUMENT_ROOT']."/files/muti/shop/";
for($i=0; $i<=count($_FILES['conImg'][name]); $i++) {
if( $_FILES['conImg'][size][$i] && !$_FILES['conImg'][error][$i] ) {
$file_name[$i] = $_FILES['conImg'][name][$i];
$file_tmp_name[$i] = $_FILES['conImg'][tmp_name][$i];
$file_size[$i] = $_FILES['conImg'][size][$i];
if (!file_exists($save_dir.$file_name[$i])) {
move_uploaded_file($file_tmp_name[$i],$save_dir.$file_name[$i]);
} else {
$file_name[$i] = time().$file_name[$i];
move_uploaded_file($file_tmp_name[$i],$save_dir.$file_name[$i]);
}
$vName1[]= $file_name[$i];
}
}
}
//----이미지 저장 끝--------------------------------------------//
$formChk = "view";
$tableName = "product";
if($is_secret == "") $is_secret ='N';
//echo "delicnt : $deliname[0] mode : $mode";
//exit;
if($idx){
if($mode == "proc"){
//상품 내용 수정
$delicnt = count($deliname);
$queryupok = "update shop_$tableName set gid='$gid',category='$category',name='$name',addinfo='$addinfo',display='$display',point='$cash_check',shop_rate='$shop_rate',price='$price',price1='$price1',maker='$maker',brand='$brand',model='$model',start_date='$start_date',stock='$stock', content='$mainContent',deli_content = '$deli_content',change_content='$change_content',mail1='$mail1',mail2='$mail2', d_regis=now(),namekey='$namekey' where uid = '$idx'";
$queryupok_result = mysql_query($queryupok,$db_con);
if($thumnail_name){
$orderBy = '1';
$qry = "select no,file_name from files where module_no = '$idx' and module_name='$module_name' and module_type='T' and order_by='1'";
$result= mysql_query($qry,$db_con);
$row = mysql_fetch_array($result);
$fileNum = $row[no];
$delfile_name = $row[file_name];
if($fileNum){
$check_imgfile = $savedir.$delfile_name; //중복된 이미지 삭제.
if($delfile_name && is_file($check_imgfile)) unlink($check_imgfile);
$file_query = "update files set original_name = '$realName',file_name = '$vName', file_type='$thumnail_name_ext' where no='$fileNum'";
$result = mysql_query($file_query,$db_con);
}else{
$file_query = "INSERT INTO files
(module_no,module_name,module_type,original_name,file_name,file_type,order_by,reg_date)
VALUES
('$idx','$module_name','T','$realName','$vName','$thumnail_name_ext','$orderBy',now())";
//echo $file_query;
$result = mysql_query($file_query,$db_con);
}
}
//배송방법 수정
}else if($mode == "del"){
$queryupok = "delete from shop_product where uid='$idx'";
$queryupok_result = mysql_query($queryupok,$db_con);
$delidel ="delete from shop_deli where product='$idx'";
$delidel_result = mysql_query($delidel,$db_con);
$filedel ="delete from file where module_no='$idx' and module_name='$module_name'";
$formChk = "list";
}
}else{
if($name){
$d_regis = date("Y").date("m").date("d");
//gid 20210907 0:상품,1:회원가입 으로 구분자 줌.
$delicnt = count($deliname);
$query = "INSERT INTO `shop_$tableName`
(`uid`, `gid`, `display`, `category`, `name`,`shop_rate`, `price`, `price1`,`point`,`maker`,`brand`,`model`,`start_date`,`stock`, `stock_num`, `addinfo`,`content`,`deli_content`,`change_content`,`mail1`,`mail2`,`d_regis`,`deli`,`namekey`) VALUES
('','$gid', '$display','$category','$name','$shop_rate','$price','$price1','$cash_check','$maker','$brand','$model','$start_date','$stock','$stock_num','$addinfo','$mainContent','$deli_content','$change_content','$mail1','$mail2','$d_regis','$delicnt','$namekey')";
//echo $query;
//exit;
$result = mysql_query($query,$db_con);
$boardNo = get_db("select uid from shop_$tableName order by uid desc");
if($thumnail_name){
$orderBy = '1';
$file_query = "INSERT INTO files
(module_no,module_name,module_type,original_name,file_name,file_type,order_by,reg_date)
VALUES
('$boardNo','$module_name','T','$realName','$vName','$thumnail_name_ext','$orderBy',now())";
//echo $file_query;
$result = mysql_query($file_query,$db_con);
}
if($filecnt && $boardNo){
$orderBy = '2';
for($k=0; $k< $filecnt; $k++){
$file_query = "INSERT INTO files
(module_no,module_name,module_type,original_name,file_name,file_type,order_by,reg_date)
VALUES
('$boardNo','$module_name','C','$vName1[$k]','$vName1[$k]','$convdo_name_ext','$k',now())";
//echo $file_query;
$result = mysql_query($file_query,$db_con);
}
}
}
}
//---------배송테이블-----------//
//인덱스 치환
if(!$idx) $tmp_idx = $boardNo;
else $tmp_idx = $idx;
if($delicnt && $mode != "del"){
$delidel ="delete from shop_deli where product='$tmp_idx'";
$delidel_result = mysql_query($delidel,$db_con);
for($i=0; $i<count($deliname); $i++) {
$deli_query = "INSERT INTO shop_deli (product,deliName,deliPrice) VALUES ('$tmp_idx','$deliname[$i]','$deliprice[$i]')";
$result = mysql_query($deli_query,$db_con);
}
}
//--------굿즈옵션리스트----------//
$optCnt = count($optName);
if($optCnt && $mode != "del"){
for($j=0; $j<$optCnt; $j++) {
if($opt_uid[$j]){
$opt_query = " update shop_product_opt set optName='$optName[$j]',optPrice='$optPrice[$j]',amount='$optStock[$j]'
where uid='$opt_uid[$j]'";
$result = mysql_query($opt_query,$db_con);
}else{
$opt_query = "INSERT INTO shop_product_opt (product_prt,optName,optPrice,amount)
VALUES
('$tmp_idx','$optName[$j]','$optPrice[$j]','$optStock[$j]')";
$result = mysql_query($opt_query,$db_con);
}
}
}
//exit;
if($mode == "del"){
$saveName = "削除";
$urlchk ="../storeList.php";
}else{
$saveName = "保存";
$urlchk ="../store_write.php";
}
?>
<form name="form" method="post" action="<?=$urlchk?>" onsubmit="return validate();" enctype="multipart/form-data">
<input type="hidden" name="mode" value="<?=$mode?>">
<input type="hidden" name="act" value="<?=$act?>">
<input type="hidden" name="idx" value="<?=$tmp_idx?>">
</form>
<script>
alert("<?=$saveName?> OK");
document.form.submit();
</script>