window.alert('$msg') history.back() "); exit; } function go_url(){ global $board,$call,$code,$url; $url="modify.html?board=$board&code=$code&call=$call"; $url=urlencode($url); echo(""); exit; } function fucking(&$data1,&$data2){ global $str; include "funcking.dat"; $count=count($str); for($i=0;$i<$count;$i++){ $wordcount=strlen($str[$i])/2; $xcount=""; for($j=0;$j<$wordcount;$j++){ $xcount.="O"; } $data1=ereg_replace("$str[$i]","$xcount",$data1); $data2=ereg_replace("$str[$i]","$xcount",$data2); } } function check_master(){ global $userpass,$call,$you,$notice,$master,$input_pass,$mod,$radio; if($master){ if(!$you){ $you="guest"; } $input_pass=""; if($mod[you]==admin){ $radio="Yes No (°øÁö»çÇ× ±ÛÀÓÀ» Ç¥½Ã)"; $notice=" notice $radio "; } } else{ $input_pass=" ºñ¹Ð¹øÈ£ "; } } function del1(){ global $rtype,$board,$gid,$code,$thr,$reply_count,$row,$realpass,$file,$file_dir,$dbcon; if($rtype=='out'){ $query="select passwd,filename from $board where gid=$gid and thr like '$thr%'";} else{$query="select passwd,filename from $board where rid=$code";} $result=mysql_query($query,$dbcon); if($rtype=='out'){ $reply_count=mysql_num_rows($result); } $row=mysql_fetch_row($result); $realpass=$row[0]; $file="$file_dir/$row[1]"; } function del2(){ global $rtype,$board,$code,$reply_count,$row,$file,$dbcon; if($rtype=='out'){ if($reply_count>1){ echo(""); exit; } } if($row[1]){ unlink($file); } $del1=mysql_query("delete from $board where rid=$code",$dbcon); if($rtype=='in'){ $del2=mysql_query("delete from ${board}_reply where rgroup=$code",$dbcon); } if($del1 or $del2){ echo(""); exit; } } if($call==modify){ if($admin_only and !$master){ go_url(); } $result=mysql_query("select name,email,link,subject,comment,passwd,you from $board where rid=$code",$dbcon); $mod=mysql_fetch_array($result); $mod[name]=htmlspecialchars($mod[name]); if($call==modify and !strcmp($mod[you],admin) and !$master){ go_url(); } check_master(); ########################## ¾÷µ¥ÀÌÆ® ½ÇÇà ºÎºÐ ############################################ if($upload){ if($master){ if(!ereg("([^[:space:]]+)",$name) or !ereg("([^[:space:]]+)",$subject) or !ereg("([^[:space:]]+)",$comment)){ error("[À̸§] [Á¦¸ñ] [³»¿ë]´Â Çϳª¶óµµ ºüÁ®¼± ¾ÈµÇ¿ä."); } } else{ if(!ereg("([^[:space:]]+)",$name) or !ereg("([^[:space:]]+)",$subject) or !ereg("([^[:space:]]+)",$comment) or !ereg("([^[:space:]]+)",$userpass)){ error("[À̸§] [Á¦¸ñ] [³»¿ë] [ÆÐ½º¿öµå]´Â Çϳª¶óµµ ºüÁ®¼± ¾ÈµÇ¿ä."); } } fucking($subject,$comment); if(!$master){ $modpass=$mod[passwd]; if(!strcmp($modpass,$userpass) or !strcmp($adminpass,$userpass)){ $result=mysql_query("update $board set name='$name',email='$email',link='$link',subject='$subject', comment='$comment' where rid=$code",$dbcon); echo(""); exit; } else{ error("Çã°Æ!! ºñ¹Ð¹øÈ£°¡ Ʋ¸®³×¿ä..!!"); } } else{ $result=mysql_query("update $board set name='$name',email='$email',link='$link',subject='$subject', comment='$comment',you='$you' where rid=$code",$dbcon); echo(""); exit; } } ############################## ¼öÁ¤Æû Ãâ·Â ############################################### echo("
$notice $input_pass

[${mod[name]}´ÔÀÇ ±Û¼öÁ¤]

Name Email
Link
Subject
"); } ################################ ±Û »èÁ¦ ¸ðµå #####################################3 if($call==delete){ if($master){ del1(); del2(); } if($upload){ del1(); if(!strcmp($realpass,$userpass) or !strcmp($adminpass,$userpass)) {del2();} else{ error("Çã°Æ!! ºñ¹Ð¹øÈ£°¡ Ʋ¸®³×¿ä..!!");} } ############################## ±Û »èÁ¦ ÆûÃâ·Â ##################################3 echo("

[±Û »èÁ¦ ¸ðµå]

"); } include "bottom.inc"; ?>