|
Server : Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8e-fips-rhel5 DAV/2 PHP/5.2.17 System : Linux localhost 2.6.18-419.el5 #1 SMP Fri Feb 24 22:47:42 UTC 2017 x86_64 User : nobody ( 99) PHP Version : 5.2.17 Disable Function : NONE Directory : /home/queenjbs/www/gallary/ |
Upload File : |
<?
$todayfull = date("YmdHis");
$contents = addslashes($contents); //특수문자db에 들어가게..
if ($addfile_name) {
$savedir = "../files/board";
$addfile_ext = strtolower(substr($addfile_name,-3)); // 확장자
if($addfile_ext=="jpg" or $addfile_ext=="gif" or $addfile_ext=="png" or $addfile_ext=="bmp") { //소문자.. 대문자.. 구분가능..
$vName = "mov".$tableName."_".$todayfull.".".$addfile_ext; //화명명 변경 예)20061212_6437210.jpg
$realName = $addfile_name;
if(!copy($addfile, "$savedir/$vName")) {
echo("fail");
exit;
}
unlink($addfile);
include "./makesontop.php";
}else{
?>
<SCRIPT LANGUAGE="JavaScript">
<!--
alert("添付ファイルはイメージファイル(jpg,gif,bmp,png)のみアップロード可能です");
document.history.back(-1);
//-->
</SCRIPT>
<?
exit;
}
}
if($idx){
if($mode == "proc"){
if($vName){
$fileName = get_db("select file_name from files where module_name='$tableName' and module_no = '$idx' and order_by= 1");
$del_file="../files/board/".$fileName;
if($fileName && is_file($del_file)) unlink($del_file);
$sontop_file="../files/board/sontop/".$fileName;
if($fileName && is_file($sontop_file)) unlink($sontop_file);
$resize_file="../files/board/resize/".$fileName;
if($fileName && is_file($resize_file)) unlink($resize_file);
$tmpvName = $vName;
$tmpRealName = $realName;
if(!$fileName){
$file_query = "INSERT INTO files (module_no,module_name,original_name,file_name,file_type,order_by,reg_date) VALUES ('$idx','$tableName', '$tmpRealName','$tmpvName','$addfile_ext','1',now())";
}else{
$file_query = "update files set original_name='$tmpRealName',file_name='$tmpvName',file_type='$addfile_ext',reg_date=now() where module_name='$tableName' and module_no = '$idx' and order_by= 1";
}
$result = mysql_query($file_query,$db_con);
}
if($movfile){
$vName1 = $movfile;
$realName1 = $movfile;
$fileName = get_db("select file_name from files where module_name='$tableName' and module_no = '$idx' and order_by= 2");
$tmpvName = $vName1;
$tmpRealName = $realName1;
if(!$fileName){
$update_query = "INSERT INTO files (module_no,module_name,original_name,file_name,file_type,order_by,reg_date)
VALUES
('$idx','$tableName', '$tmpRealName','$tmpvName','flv','2',now())";
}else{
$update_query = "update files set original_name='$tmpRealName',file_name='$tmpvName',file_type='flv',reg_date=now() where module_name='$tableName' and module_no = '$idx' and order_by= 2";
}
$result = mysql_query($update_query,$db_con);
}
$queryupok = "update photo_$tableName set subject='$subject',contents='$contents',modify_date=now() where no = '$idx'";
$boardNo= $idx;
}else if($mode == "del"){
//3개 찾고 기존 파일 삭제
$QUERY = "select * from files where module_name='$tableName' and module_no = '$idx' order by no";
$result= mysql_query($QUERY,$db_con);
$total = mysql_affected_rows();
for($j=1; $i<= $total; $i++){
$row = mysql_fetch_array($result);
$fileName = $row[file_name];
if($fileName){
//echo $fileName;
$del_file="../files/board/".$fileName;
if($fileName && is_file($del_file)) unlink($del_file);
$sontop_file="../files/board/sontop/".$fileName;
if($fileName && is_file($sontop_file)) unlink($sontop_file);
$resize_file="../files/board/resize/".$fileName;
if($fileName && is_file($resize_file)) unlink($resize_file);
}
$fileName =""; //파일 초기화
}//for end
$delqry = mysql_query("DELETE FROM files where module_name='$tableName' and module_no = '$idx'",$db_con);
$queryupok = "DELETE FROM photo_$tableName where no = '$idx'";
}
$queryupok_result = mysql_query($queryupok,$db_con);
}else{
$file_count = 2;
$query = "INSERT INTO photo_$tableName
(module_no,user_no,user_id,user_name,reg_date,modify_date,subject,contents,files_count,hit,ip)
VALUES
('$tableName', '$user_no','$userid','$username',now(),now(),'$subject','$contents','$file_count','0','$REMOTE_ADDR')";
//echo $query;
$result = mysql_query($query,$db_con);
$boardNo = get_db("select max(no) from photo_$tableName");
if($vName){
$orderBy = '1';
$file_query = "INSERT INTO files
(module_no,module_name,original_name,file_name,file_type,order_by,reg_date)
VALUES
('$boardNo','$tableName', '$realName','$vName','$addfile_ext','$orderBy',now())";
//echo $file_query;
$result = mysql_query($file_query,$db_con);
}
if($movfile){
$orderBy = '2';
$vName1 = $movfile;
$realName1 = $movfile;
$addfile_ext = "flv";
$file_query = "INSERT INTO files
(module_no,module_name,original_name,file_name,file_type,order_by,reg_date)
VALUES
('$boardNo','$tableName', '$realName1','$vName1','$addfile_ext','$orderBy',now())";
//echo $file_query;
$result = mysql_query($file_query,$db_con);
}
}
if($mode == "del"){
$modePath = "list";
//$alertName = "削除";
}else{
$modePath = "view";
//$alertName = "保存";
}
mysql_close();
?>
<script>
//alert("<?=$alertName?> しました.");
formChange('<?=$boardNo?>','<?=$modePath?>');
</script>