|
Server : Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8e-fips-rhel5 DAV/2 PHP/5.2.17 System : Linux localhost 2.6.18-419.el5 #1 SMP Fri Feb 24 22:47:42 UTC 2017 x86_64 User : nobody ( 99) PHP Version : 5.2.17 Disable Function : NONE Directory : /proc/21573/root/home/queenjbs/junsu/admin/Proc/ |
Upload File : |
<?include $_SERVER['DOCUMENT_ROOT']."/conf/conf_dir.php";?>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<?
/*echo "$title <br>
$thumnail_name <br>
$usedate <br>
$contents <br>
$filecnt <br>
";
*/
//echo $_SERVER["REMOTE_ADDR"];
//echo $_FILES['conImg'][name][0];
//echo $_FILES['conImg'][name][1];
//echo count($_FILES['conImg'][name]);
$todayfull = date("YmdHis");
$subject = addslashes($subject); //특수문자db에 들어가게..
$contents = addslashes($mediasource); //특수문자db에 들어가게..
echo "is_secret = $is_secret <br>";
echo "idx = $idx <br>";
echo "mode = $mode <br>";
echo "$filecnt_new_add <br>";
if($is_secret == "") $is_secret ='N';
//IDX존재 수정삭제
if($idx){
if($mode == "proc"){
//thump 이미지 저장 시작******************************************
if($thumnail_name) {
if($_FILES['thumnail_name']['size'] > "11162773"){
?>
<SCRIPT LANGUAGE="JavaScript">
<!--
alert("10mb以下で保存することが可能です。");
history.back(-1);
//-->
</SCRIPT>
<?
}
$savedir = $_SERVER['DOCUMENT_ROOT']."/files/muti/thump";
$thumnail_name_ext = strtolower(substr($thumnail_name,-3)); // 확장자
//소문자.. 대문자.. 구분가능..
if($thumnail_name_ext!="com" or $thumnail_name_ext!="exe" or $thumnail_name_ext!="php" or $thumnail_name_ext!="htm"){
$vName = $category."".$todayfull.".".$thumnail_name_ext; //화명명 변경 예)20061212_6437210.jpg
$realName = $thumnail_name;
$file_count = 1;
if(!copy($thumnail, "$savedir/$vName")) {
?>
<SCRIPT LANGUAGE="JavaScript">
<!--
//alert("upload fail.");
//history.back(-1);
//-->
</SCRIPT>
<?
exit;
}
unlink($thumnail);
}else{
?>
<SCRIPT LANGUAGE="JavaScript">
<!--
alert("添付ファイルはファイル(exe,com,php,html)のみアップロード可能です.");
history.back(-1);
//-->
</SCRIPT>
<?
}
}
//thump 이미지 저장 끝******************************************
//추가 이미지 저장 시작******************************************
if($filecnt_new_add){
$save_dir = $_SERVER['DOCUMENT_ROOT']."/files/muti/gallery/";
for($i=0; $i<=count($_FILES['conImg_new_add'][name]); $i++){
if($_FILES['conImg_new_add'][size][$i] && !$_FILES['conImg_new_add'][error][$i] ){
$file_name_new_add[$i] = $_FILES['conImg_new_add'][name][$i];
$file_tmp_name_new_add[$i] = $_FILES['conImg_new_add'][tmp_name][$i];
$file_size_new_add[$i] = $_FILES['conImg_new_add'][size][$i];
if(!file_exists($save_dir.$file_name_new_add[$i])) {
move_uploaded_file($file_tmp_name_new_add[$i],$save_dir.$file_name_new_add[$i]);
}else{
$file_name_new_add[$i] = time().$file_name_new_add[$i];
move_uploaded_file($file_tmp_name_new_add[$i],$save_dir.$file_name_new_add[$i]);
}
$vName1_new_add[]= $file_name_new_add[$i];
}
}
//echo "이미지 등록 <br>";
//echo "idx = $idx <br>";
//echo "$filecnt_new_add <br>";
for($k=0; $k< $filecnt_new_add; $k++){
$file_query = "INSERT INTO files(module_no,
module_name,
module_type,
original_name,
file_name,
file_type,
order_by,
reg_date)
VALUES( $idx ,
'$category',
'C',
'$vName1_new_add[$k]',
'$vName1_new_add[$k]',
'$convdo_name_ext',
'$k',
now())";
//echo $file_query;
$result = mysql_query($file_query,$db_con);
}
//첨부이미지 개수 업데이트 "0"이면 관리자 페이지 안보임.
$query_up_total = "UPDATE photo_gallery SET files_count=files_count+$filecnt_new_add WHERE no='$idx'";
$result = mysql_query($query_up_total,$db_con);
}
//추가 이미지 저장 끝 ******************************************
if($vName){
$fileName = get_db("select file_name from files where module_name='$category' and module_no = '$idx' and module_type='T'");
$del_file=$_SERVER['DOCUMENT_ROOT']."/files/muti/thump/".$fileName;
if($fileName && is_file($del_file)) unlink($del_file);
$tmpvName = $vName;
$tmpRealName = $realName;
if(!$fileName){
$file_query = "INSERT INTO files (module_no,
module_name,
module_type,
original_name,
file_name,
file_type,
order_by,
reg_date)
VALUES ('$idx',
'$category',
'T',
'$tmpRealName',
'$tmpvName',
'$thumnail_name_ext',
'1',
now())";
}else{
$file_query = "UPDATE files SET original_name='$tmpRealName',file_name='$tmpvName',file_type='$thumnail_name_ext',reg_date=now() WHERE module_name='$category' AND module_no = '$idx' AND module_type='T'";
}
$result = mysql_query($file_query,$db_con);
}
if($movfile){
$vName1 = $movfile;
$fileName = get_db("select file_name from files where module_name='$category' and module_no = '$idx' and order_by= 2");
$tmpvName = $vName1;
$tmpRealName = $realName1;
if(!$fileName){
$update_query = "INSERT INTO files (module_no,module_name,original_name,file_name,file_type,order_by,reg_date)
VALUES
('$idx','$category', '$tmpRealName','$tmpvName','$convdo_name_ext','2',now())";
}else{
$update_query = "update files set original_name='$tmpRealName',file_name='$tmpvName',file_type='$convdo_name_ext',reg_date=now() where module_name='$category' and module_no = '$idx' and order_by= 2";
}
$result = mysql_query($update_query,$db_con);
}
$queryupok = "update photo_$category set subject='$subject',contents='$mediasource',user_name='$user_name',start_date='$usedate' ,modify_date=now() ,is_secret='$is_secret',general_setting='$general_setting' where no = '$idx'";
$boardNo= $idx;
}else if($mode == "del"){
//3개 찾고 기존 파일 삭제
$QUERY = "select * from files where module_name='$category' and module_no = '$idx' order by no";
$result= mysql_query($QUERY,$db_con);
$total = mysql_affected_rows();
for($j=1; $i<= $total; $i++){
$row = mysql_fetch_array($result);
$fileName = $row[file_name];
if($fileName){
//echo $fileName;
$del_file=$_SERVER['DOCUMENT_ROOT']."/files/muti/thump/".$fileName;
if($fileName && is_file($del_file)) unlink($del_file);
$del_fileC=$_SERVER['DOCUMENT_ROOT']."/files/muti/gallery/".$fileName;
if($fileName && is_file($del_fileC)) unlink($del_fileC);
}
$fileName =""; //파일 초기화
}//for end
$delqry = mysql_query("DELETE FROM files where module_name='$category' and module_no = '$idx'",$db_con);
$queryupok = "DELETE FROM photo_$category where no = '$idx'";
}
$queryupok_result = mysql_query($queryupok,$db_con);
}else{
//**************************** 등록 시작 (IDX값이 없으면 등록) ******************************************
//thump 이미지 저장 시작******************************************
if($thumnail_name) {
if($_FILES['thumnail_name']['size'] > "11162773"){
?>
<SCRIPT LANGUAGE="JavaScript">
<!--
alert("10mb以下で保存することが可能です。");
history.back(-1);
//-->
</SCRIPT>
<?
}
$savedir = $_SERVER['DOCUMENT_ROOT']."/files/muti/thump";
$thumnail_name_ext = strtolower(substr($thumnail_name,-3)); // 확장자
//소문자.. 대문자.. 구분가능..
if($thumnail_name_ext!="com" or $thumnail_name_ext!="exe" or $thumnail_name_ext!="php" or $thumnail_name_ext!="htm"){
$vName = $category."".$todayfull.".".$thumnail_name_ext; //화명명 변경 예)20061212_6437210.jpg
$realName = $thumnail_name;
$file_count = 1;
if(!copy($thumnail, "$savedir/$vName")) {
?>
<SCRIPT LANGUAGE="JavaScript">
<!--
//alert("upload fail.");
//history.back(-1);
//-->
</SCRIPT>
<?
exit;
}
unlink($thumnail);
}else{
?>
<SCRIPT LANGUAGE="JavaScript">
<!--
alert("添付ファイルはファイル(exe,com,php,html)のみアップロード可能です.");
history.back(-1);
//-->
</SCRIPT>
<?
}
}
//thump 이미지 저장 끝******************************************
//추가 이미지 저장 시작******************************************
if($filecnt){
$save_dir = $_SERVER['DOCUMENT_ROOT']."/files/muti/gallery/";
for($i=0; $i<=count($_FILES['conImg'][name]); $i++){
if($_FILES['conImg'][size][$i] && !$_FILES['conImg'][error][$i] ){
$file_name[$i] = $_FILES['conImg'][name][$i];
$file_tmp_name[$i] = $_FILES['conImg'][tmp_name][$i];
$file_size[$i] = $_FILES['conImg'][size][$i];
if(!file_exists($save_dir.$file_name[$i])) {
move_uploaded_file($file_tmp_name[$i],$save_dir.$file_name[$i]);
}else{
$file_name[$i] = time().$file_name[$i];
move_uploaded_file($file_tmp_name[$i],$save_dir.$file_name[$i]);
}
$vName1[]= $file_name[$i];
}
}
}
//추가 이미지 저장 끝 ******************************************
$file_count = $filecnt;
$query = "INSERT INTO photo_$category (division,
user_no,
user_id,
user_name,
start_date,
reg_date,
modify_date,
is_secret,
subject,
general_setting,
contents,
files_count,
hit,
ip)
VALUES('$category',
'$user_no',
'$userid',
'$user_name',
'$usedate',
now(),now(),
'$is_secret',
'$title',
'$general_setting',
'$contents',
'$file_count',
'0',
'$REMOTE_ADDR')";
$result = mysql_query($query,$db_con);
$boardNo = get_db("select max(no) from photo_$category");
if($thumnail_name){
$orderBy = '1';
$file_query = "INSERT INTO files (module_no,
module_name,
module_type,
original_name,
file_name,
file_type,
order_by,
reg_date
)VALUES('$boardNo',
'$category',
'T',
'$realName',
'$vName',
'$thumnail_name_ext',
'$orderBy',
now())";
//echo $file_query;
$result = mysql_query($file_query,$db_con);
}
if($filecnt && $boardNo){
$orderBy = '2';
for($k=0; $k< $filecnt; $k++){
$file_query = "INSERT INTO files(module_no,
module_name,
module_type,
original_name,
file_name,
file_type,
order_by,
reg_date)
VALUES('$boardNo',
'$category',
'C',
'$vName1[$k]',
'$vName1[$k]',
'$convdo_name_ext',
'$k',
now())";
//echo $file_query;
$result = mysql_query($file_query,$db_con);
}
}
//**************************** 등록 끝 (IDX값이 없으면 등록) ******************************************
}
if($mode == "del"){
$modePath = "list";
$alertName = "削除";
$linkULR = "../Image.php";
}else{
$modePath = "view";
$alertName = "保存";
$linkULR = "../Image_view.php";
}
mysql_close();
?>
<form name="form" method="post" action="<?=$linkULR?>" onsubmit="return validate();" enctype="multipart/form-data">
<input type="hidden" name="mode" value="<?=$mode?>">
<input type="hidden" name="idx" value="<?=$boardNo?>">
</form>
<script>
alert("<?=$alertName?> OK");
document.form.submit();
</script>