KGRKJGETMRETU895U-589TY5MIGM5JGB5SDFESFREWTGR54TY
Server : Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8e-fips-rhel5 DAV/2 PHP/5.2.17
System : Linux localhost 2.6.18-419.el5 #1 SMP Fri Feb 24 22:47:42 UTC 2017 x86_64
User : nobody ( 99)
PHP Version : 5.2.17
Disable Function : NONE
Directory :  /home/queenjbs/www/admin/Proc/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Current File : /home/queenjbs/www/admin/Proc/schedule_proc.php
<? include $_SERVER['DOCUMENT_ROOT']."/conf/conf_dir.php"; ?>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />

<?
$todayfull = date("YmdHis");
$contents = addslashes($contents); //특수문자db에 들어가게..
$formChk = "view";
$tableName = "schedule";

	//쓰기
	if($mode == "write"){
		
				$query = "INSERT INTO board_$tableName(module_no,user_no,user_id,user_name,reg_date,schedule_date,time,is_secret,subject,general_setting,contents,files_count,hit,ip) VALUES
												('$tableName', '$sessionIDX','$sessionID','$sessionNickname',now(),'$cal_Date','$time','$is_secret','$subject','$m_chk','$contents','$file_count','0','$REMOTE_ADDR')";
				$result = mysql_query($query,$db_con);				
				
					echo ("<script  type='text/javascript'>
													window.alert('입력됐습니다.');
													location.href='../schedule.php';
												</script>");											

	
	//수정
	}else if($mode == "proc"){
		
					$query = "update board_$tableName set subject='$subject',contents='$contents',general_setting='$m_chk',is_secret='$is_secret',time='$time',schedule_date='$cal_Date' where no = '$idx'";
					$result = mysql_query($query,$db_con);

					echo ("<script type='text/javascript'>
													window.alert('수정됐습니다.');
													location.href='../schedule.php';
												</script>");													
	
	
	
	//삭제
	}else if($mode =="del"){
		
		
						$query =  mysql_query("update board_$tableName set is_delete='Y',schedule_date=now() where no = '$idx'",$db_con);
						echo ("<script>
													window.alert('삭제했습니다.');
													location.href='../schedule.php';
												</script>");
	}

/*

if($is_secret == "") $is_secret ='N';
if($idx){
	if($mode == "proc"){
		$queryupok = "update board_$tableName set subject='$subject',contents='$contents',general_setting='$m_chk',is_secret='$is_secret',schedule_date=now()  where no = '$idx'";
		$boardNo = get_db("select no from board_$tableName where no = '$idx'");
		if($vName){
			//기존 파일 삭제
			$fileName = Get_db("select file_name from files where module_name='$tableName' and module_no = '$idx'");
				$del_file="../files/board/".$fileName;
				if($fileName && is_file($del_file)) unlink($del_file);
			if($fileName){
			$file_query = "update files set original_name='$realName',file_name='$vName',file_type='$addfile_ext',reg_date=now() where module_name='$tableName' and module_no = '$idx'";
			}else{
				$orderBy = mktime( 0, 0, 0, date("m"), date("d"), date("Y"));
				$file_query = "INSERT INTO files
										(module_no,module_name,original_name,file_name,file_type,order_by,reg_date)
									VALUES
										('$boardNo','$tableName', '$realName','$vName','$addfile_ext','$orderBy',now())";
			}
			
			//echo $file_query;
			$result = mysql_query($file_query,$db_con);
		}else if($delfile){
			$fileName = Get_db("select file_name from files where module_name='$tableName' and module_no = '$idx'");

			if($fileName){
				// 파일 삭제
				$del_file="../files/board/".$fileName;
				if($fileName && is_file($del_file)) unlink($del_file);
				$delqry =  mysql_query("DELETE FROM files where module_name='$tableName' and module_no = '$idx'",$db_con);
				$filesCnt =  mysql_query("update board_$tableName set files_count='0',schedule_date=now() where no = '$idx'",$db_con);
			}
		}
		
	}else if($mode == "del"){
		$queryupok = "update board_$tableName set is_delete='Y',schedule_date=now() where no = '$idx'";
		$formChk = "list";
	}
	$queryupok_result = mysql_query($queryupok,$db_con);		
	
}else{


	$schedule_date = $cal_Date;
	$query = "INSERT INTO board_$tableName(module_no,user_no,user_id,user_name,reg_date,schedule_date,is_secret,subject,general_setting,contents,files_count,hit,ip) VALUES
									('$tableName', '$sessionIDX','$sessionID','$sessionNickname',now(),now(),'$is_secret','$subject','$m_chk','$contents','$file_count','0','$REMOTE_ADDR')";
	
	//echo $query;
	$result = mysql_query($query,$db_con);
	$boardNo = get_db("select no from board_$tableName order by no desc");
	if($vName){
		$orderBy = mktime( 0, 0, 0, date("m"), date("d"), date("Y"));
		$file_query = "INSERT INTO files
										(module_no,module_name,original_name,file_name,file_type,order_by,reg_date)
									VALUES
										('$boardNo','$tableName', '$realName','$vName','$addfile_ext','$orderBy',now())";
		
		//echo $file_query;
		$result = mysql_query($file_query,$db_con);
	}
}


if($mode == "del"){

			$saveName = "削除";
			$urlchk ="../schedule.php";

}else{

				$saveName = "保存";
				$urlchk ="../schedule_detail.php";

}
*/

?>
<!--
<form name="form" method="post" action="<?=$urlchk?>" onsubmit="return validate();" enctype="multipart/form-data">
<input type="hidden" name="mode" value="<?=$mode?>">
<input type="hidden" name="idx" value="<?=$idx?>">
</form>
<script>
alert("<?=$saveName?> OK");
document.form.submit();
</script>
-->

Anon7 - 2021