include "include/database.php";
include "include/common.php";
include "include/board.php";
include "include/config.php";
$connDB = new database();
$CONF = new board_conf($db);
if($CONF->pmwrite){
if(strcmp($CONF->passwd,$passwd)){
errmsg("Error!!","ºñ¹Ð¹øÈ£°¡ Ʋ¸³´Ï´Ù. º» °Ô½ÃÆÇÀº °ü¸®ÀÚ¸¸ÀÌ ±ÛÀ» ¾µ ¼ö ÀÖ½À´Ï´Ù.");
}
}
if($id){
$result = mysql_query("SELECT fid,step,ident,email FROM $db WHERE id=$id");
$fid = mysql_result($result,0,0);
$step = mysql_result($result,0,1);
$ident = mysql_result($result,0,2);
$replyemail = mysql_result($result,0,3);
$query = "SELECT max(ident) FROM $db WHERE fid=$fid AND ident LIKE '$ident%'";
$resident = mysql_query($query);
$nowident = mysql_result($resident,0,0);
$step = $step + 1;
if($nowident){
$nowident = substr($nowident,$step,1);
if($nowident){
$nowident = ord($nowident);
$nowident++;
$nowident = sprintf("%c",$nowident);
$nowident = $ident . $nowident;
} else {
$nowident = $ident . "A";
}
}
} else {
$nowident = "A";
$fid = getid($db,"fid");
}
$passwd = trim($passwd);
$name = trim($name);
$email = trim($email);
$title = trim($title);
$title = htmlspecialchars($title);
$body = trim($body);
$body = text2html($body);
if(!$name){ errmsg("Error!!","±ÛÀ» ¾²½Ã´Â ºÐÀÇ À̸§À» ³Ö¾îÁÖ¼¼¿ä..."); }
if(!$title){ errmsg("Error!!","±ÛÀÇ Á¦¸ñÀÌ ¾ø½À´Ï´Ù... Á¦¸ñÀº ¹Ýµå½Ã ±âÀÔÇÏ¼Å¾ß ÇÕ´Ï´Ù."); }
if(!$body){ errmsg("Error!!","º»¹®³»¿ëÀ» ³Ö¾îÁÖ¼¼¿ä... ³»¿ëÀÌ ¾ø´Â ±ÛÀº µî·ÏÇÏ½Ç ¼ö ¾ø½À´Ï´Ù..."); }
if($email){
$chkemail = ereg("(^[_0-9a-zA-Z-]+(\.[_0-9a-zA-Z-]+)*@[0-9a-zA-Z-]+(\.[0-9a-zA-Z-]+)*$)",$email);
if(!$chkemail){ errmsg("Error!!","ÀüÀÚ¿ìÆí ÁÖ¼Ò°¡ ¿Ã¹Ù¸£Áö ¾Ê½À´Ï´Ù. Á¤È®ÇÏ°Ô ÀÔ·ÂÇØ ÁÖ¼¼¿ä..."); }
}
if($CONF->pmfile && $userfile != 'none'){
$savedir = "files/$db";
$filename = $userfile_name;
$filesize = $userfile_size;
if($filesize > $CONF->upfilesize){ errmsg("ÆÄÀÏÅ©±âÁ¦ÇÑ Ãʰú","ÆÄÀÏÀº $CONF->upfilesize Byte ±îÁö¸¸ µî·ÏÇÒ ¼ö ÀÖ½À´Ï´Ù."); }
$existfile = file_exists("$savedir/$filename");
if($existfile){ errmsg("ÆÄÀÏÁߺ¹","¼±ÅÃÇϽŠÆÄÀϰú µ¿ÀÏÇÑ À̸§ÀÇ ÆÄÀÏÀÌ ÀÌ¹Ì Á¸ÀçÇÕ´Ï´Ù"); }
if(!copy($userfile,"$savedir/$filename")){ errmsg("ÆÄÀϵî·Ï½ÇÆÐ","ÆÄÀÏÀ» ¾÷·ÎµåÇϴµ¥ ½ÇÆÐÇß½À´Ï´Ù"); }
unlink($userfile);
}
if(!$filesize){ $filesize = 0; }
if(!$step){ $step = 0; }
$regdate = time();
$query = "INSERT INTO $db(fid,step,ident,regdate,passwd,name,email,title,body,filename,filesize) VALUES($fid,$step,'$nowident',$regdate,'$passwd','$name','$email','$title','$body','$filename',$filesize)";
$stat = mysql_query($query);
$home = getenv("HTTP_HOST");
$mydate = date("Y-m-d H:i:s",$regdate);
if($stat){
$title = stripslashes($title);
$body = stripslashes($body);
$MSG = "
$CONF->dbtitle
ÀÛ¼ºÀÚ : $name |
±Û¾´½Ã°£ : $mydate |
|
|
";
if($CONF->mailalim){
$header = "From: $CONF->dbname\n";
$header .= "Content-Type: text/html;charset=EUC-KR";
mail($CONF->adminemail,$title,$MSG,$header);
}
if($replyemail && $CONF->pmreply){
$header = "From: $CONF->dbname\n";
$header .= "Content-Type: text/html;charset=EUC-KR";
mail($replyemail,$title,$MSG,$header);
}
gotourl("board.html?db=$db&mode=list");
} else {
errmsg("Error!!","±ÛÀ» µî·ÏÇÒ ¼ö ¾ø½À´Ï´Ù. ´Ù½Ã ½ÃµµÇØ º¸¼¼¿ä... ¹®Á¦°¡ °è¼ÓµÇ¸é °ü¸®ÀÚ¿¡°Ô ¹®ÀÇÇϽñ⠹ٶø´Ï´Ù...");
}
$connDB->dbclose();
?>