|
Server : Apache System : Linux ruga7-004.fmcity.com 3.10.0-1160.119.1.el7.x86_64 #1 SMP Tue Jun 4 14:43:51 UTC 2024 x86_64 User : tkt_travelbus ( 1137) PHP Version : 7.0.0p1 Disable Function : mysql_pconnect Directory : /tkt_travelbus/www/toadmin/board/ |
Upload File : |
<?
include "../include/top_proc.html"; //공통파일 인클루드
include "_common.php";
//if(devCookie()){
// p($_POST);
// exit;
//}
//테이블
if(!$BD_CD) exit;
$table = $BD_CD;
if(!$param){
$href = "BD_CD=$BD_CD";
$href.= "&mode=$mode";
$href.= "&select_key=$select_key";
$href.= "&input_key=$input_key";
$param = $href."&page=$page";
}
if($SqlType=='reply'){
$BOARD_INFO = board_info_list('',$BD_CD);
$BOARD_INFO = $BOARD_INFO[0];
//받기
$MTITLE = insert_smart($_REQUEST[MTITLE],"text");
$MEM_NM = $_REQUEST[MEM_NM];
$MEM_EMAIL = $_REQUEST[MEM_EMAIL];
$MEM_WWW = $_REQUEST[MEM_WWW];
$MEM_PWD = $_REQUEST[MEM_PWD];
$OrderNum = $_REQUEST[OrderNum];
// 답변글이기 때문에 부모글 설정 (20090820 )
$MSEQ = $_REQUEST[MSEQ];
$GET_MREF = $_REQUEST[MREF];
$GET_MSTEP = $_REQUEST[MSTEP];
$GET_MLEVEL = $_REQUEST[MLEVEL];
if(!$MTITLE){
error_msg('제목을 입력해 주세요.');
}
// 내용 설정
if($BOARD_INFO['BD_WE'] == "Y"){ // 에디터
$MCONT = insert_smart($_REQUEST[MCONT],"editor");
}else{
$MCONT = insert_smart($_REQUEST[MCONT],"text");
}
// 비밀글 설정
$SECRET = $_REQUEST[SECRET];
if($SECRET!="Y"){
$SECRET = "N";
$MEM_PWD = "";
}else{
if($MemberLevel == "1" || $MemberLevel == "2"){ //관리자의 답변의 경우 비회원 비번이 유지되도록한다.
} else {
$MEM_PWD = $MemberID;
}
}
// 고정공지 설정
if ($FIXED_YN != "Y") $FIXED_YN = "N";
// 첨부 파일 경로 설정
$upload_board = "../../FileData/board/";
if (!is_dir($upload_board)) {
@mkdir($upload_board, 0777);
@chmod($upload_board, 0777);
}
$upload = $upload_board . "$BD_CD/";
if (!is_dir($upload)) {
@mkdir($upload, 0777);
@chmod($upload, 0777);
}
// 허용/제한 확장자 설정
$only_file = array("jpg", "JPG", "gif", "GIF", "png", "PNG");
$deny_file = array("phtm", "htm", "html", "shtm", "ztx", "php", "dot", "asp", "cgi", "pl", "com", "bat", "exe");
// 첨부파일 업로드 처리
if($BOARD_INFO['BD_FL'] > 0){
for($f=1; $f<=$BOARD_INFO['BD_FL']; $f++) {
$T_UserFile_name = $HTTP_POST_FILES["T_UserFile".$f][name];
if ($T_UserFile_name) {
$ext = strtolower(substr(strrchr($T_UserFile_name, '.'), 1));
if ($BOARD_INFO['BD_SORT']=="BDTPM03") { // [MD03]갤러리형 게시판
if (!in_array($ext, $only_file)) {
error_msg('이미지 파일만 올려주세요');
}
}
else {
if (in_array($ext, $deny_file)) {
error_msg('잘못된 파일입니다');
}
}
${"sFile".$f} = FileUploadName("", $upload, ${"T_UserFile".$f}, $T_UserFile_name, "", "NoName");
}
}
}
if(!$OrderNum) $OrderNum = '999';
if($SqlType=="reply"){
// 게시판 테이블 LOCK
db_query("LOCK TABLES ".$BD_CD." WRITE");
//계층구조시작 [QRef,QReStep,QReLevel]
$tSQL="SELECT MSTEP FROM ".$BD_CD." WHERE MREF = ".$GET_MREF." AND MSTEP > ".$GET_MSTEP." AND MLEVEL <= ".$GET_MLEVEL." ORDER BY MSTEP";
$tRest = db_query($tSQL);
if($tRs = db_fetch_row($tRest)){
$NowStep = $tRs[0];
}
if($NowStep){
//부모와 같은 레벨의 답이 있다
$pSQL="SELECT MSTEP FROM ".$BD_CD." WHERE MREF = ".$GET_MREF." AND MSTEP > ".$GET_MSTEP." AND MSTEP < ".$NowStep." AND MLEVEL > ".$GET_MLEVEL." ORDER BY MSTEP DESC";
}else{
//부모와 같은 레벨의 답이 없다
$pSQL="SELECT MSTEP FROM ".$BD_CD." WHERE MREF = ".$GET_MREF." AND MSTEP > ".$GET_MSTEP." AND MLEVEL > ".$GET_MLEVEL." ORDER BY MSTEP DESC";
}
$pRest = db_query($pSQL);
if($pRs = db_fetch_row($pRest)){
$NewCateStep = $pRs[0];
}
if(!$NewCateStep){
$NewCateStep = $GET_MSTEP;
}
$upSQL="UPDATE ".$BD_CD." SET MSTEP = MSTEP+1 WHERE MREF=".$GET_MREF." AND MSTEP > ".$NewCateStep." ";
db_query($upSQL);
$MREF = $GET_MREF;
$MSTEP = $NewCateStep+1;
$MLEVEL = $GET_MLEVEL+1;
if(!$MREF){
$fSQL="SELECT MAX(MREF)+1 FROM ".$BD_CD." ";
$fRest = db_query($fSQL);
if($fRs = db_fetch_row($fRest)){
$MREF = $fRs[0];
}
if(!$MREF){
$MREF = 1;
}
}
$SQL ="INSERT INTO ".$BD_CD." SET \n";
$SQL.=" MTITLE ='".$MTITLE."' \n";
$SQL.=" ,MCONT ='".$MCONT."' \n";
$SQL.=" ,MEM_NM ='".$MEM_NM."' \n";
$SQL.=" ,MEM_ID ='".$MemberID."' \n";
$SQL.=" ,MEM_EMAIL ='".$MEM_EMAIL."' \n";
$SQL.=" ,MEM_WWW ='".$MEM_WWW."' \n";
$SQL.=" ,MEM_PWD ='".$MEM_PWD."' \n";
$SQL.=" ,MREF = '".$MREF."' \n";
$SQL.=" ,MSTEP = '".$MSTEP."' \n";
$SQL.=" ,MLEVEL = '".$MLEVEL."' \n";
if($BOARD_INFO[BD_FL]>0){
for($f=1;$f<=$BOARD_INFO[BD_FL];$f++){
$k = ($f>9)?$f:"0".$f;
if(${"sFile".$f}){
$SQL.=" ,MFILE".$k." = '".${"sFile".$f}."' \n";
}
}
}
if($BD_CD == 'REVIEW_INTERGRATED'){
$SQL.=" ,lang = '".$lang."' \n";
}
$SQL.=" ,FIXED_YN = '".$FIXED_YN."' \n";
$SQL.=" ,SECRET = '".$SECRET."' \n";
$SQL.=" ,MSORT_01 = '".$MSORT_01."' \n";
$SQL.=" ,MSORT_02 = '".$MSORT_02."' \n";
$SQL.=" ,MSORT_03 = '".$MSORT_03."' \n";
$SQL.=" ,INSDT = now() \n";
$SQL.=" ,INSIP ='".$_SERVER['REMOTE_ADDR']."' \n";
$SQL.=" ,OrderNum = '".$OrderNum."' \n";
$Result = db_query($SQL);
// 게시판 테이블 UNLOCK
db_query("UNLOCK TABLES");
if(strpos($_POST['param'],'B2BQNA') !== false){
error_msg('no_alert','b2bIndex.html?'.$param);
}else{
if($BD_CD == 'REVIEW_INTERGRATED'){
if($lang == 'ko' || $lang == 'KO'){
error_msg('no_alert','index.html?BD_CD=REVIEW');
}else if($lang == 'en' || $lang == 'EN'){
error_msg('no_alert','index.html?BD_CD=ENREV');
}else if($lang == 'cn' || $lang == 'CN'){
error_msg('no_alert','index.html?BD_CD=CNREV');
}else if($lang == 'hk' || $lang == 'HK'){
error_msg('no_alert','index.html?BD_CD=TWREV');
}else{
error_msg('no_alert','index.html?BD_CD=REVIEW');
}
}else{
error_msg('no_alert','index.html?'.$param);
}
}
}
}