include "header.inc";
function error($msg){
echo("
");
exit;
}
function go_url(){
global $board,$call,$code,$url;
$url="modify.html?board=$board&code=$code&call=$call";
$url=urlencode($url);
echo("");
exit;
}
function fucking(&$data1,&$data2){
global $str;
include "funcking.dat";
$count=count($str);
for($i=0;$i<$count;$i++){
$wordcount=strlen($str[$i])/2;
$xcount="";
for($j=0;$j<$wordcount;$j++){
$xcount.="O";
}
$data1=ereg_replace("$str[$i]","$xcount",$data1);
$data2=ereg_replace("$str[$i]","$xcount",$data2);
}
}
function check_master(){
global $userpass,$call,$you,$notice,$master,$input_pass,$mod,$radio;
if($master){
if(!$you){
$you="guest";
}
$input_pass="
";
if($mod[you]==admin){
$radio="Yes
No (°øÁö»çÇ× ±ÛÀÓÀ» Ç¥½Ã)";
$notice="
notice
$radio
";
}
}
else{
$input_pass="
ºñ¹Ð¹øÈ£ ";
}
}
function del1(){
global $rtype,$board,$gid,$code,$thr,$reply_count,$row,$realpass,$file,$file_dir,$dbcon;
if($rtype=='out'){
$query="select passwd,filename from $board where gid=$gid and thr like '$thr%'";}
else{$query="select passwd,filename from $board where rid=$code";}
$result=mysql_query($query,$dbcon);
if($rtype=='out'){
$reply_count=mysql_num_rows($result);
}
$row=mysql_fetch_row($result);
$realpass=$row[0];
$file="$file_dir/$row[1]";
}
function del2(){
global $rtype,$board,$code,$reply_count,$row,$file,$dbcon;
if($rtype=='out'){
if($reply_count>1){
echo("");
exit;
}
}
if($row[1]){
unlink($file);
}
$del1=mysql_query("delete from $board where rid=$code",$dbcon);
if($rtype=='in'){
$del2=mysql_query("delete from ${board}_reply where rgroup=$code",$dbcon);
}
if($del1 or $del2){
echo("");
exit;
}
}
if($call==modify){
if($admin_only and !$master){
go_url();
}
$result=mysql_query("select name,email,link,subject,comment,passwd,you from $board where rid=$code",$dbcon);
$mod=mysql_fetch_array($result);
$mod[name]=htmlspecialchars($mod[name]);
if($call==modify and !strcmp($mod[you],admin) and !$master){
go_url();
}
check_master();
########################## ¾÷µ¥ÀÌÆ® ½ÇÇà ºÎºÐ ############################################
if($upload){
if($master){
if(!ereg("([^[:space:]]+)",$name) or !ereg("([^[:space:]]+)",$subject) or !ereg("([^[:space:]]+)",$comment)){
error("[À̸§] [Á¦¸ñ] [³»¿ë]´Â Çϳª¶óµµ ºüÁ®¼± ¾ÈµÇ¿ä.");
}
}
else{
if(!ereg("([^[:space:]]+)",$name) or !ereg("([^[:space:]]+)",$subject) or !ereg("([^[:space:]]+)",$comment)
or !ereg("([^[:space:]]+)",$userpass)){
error("[À̸§] [Á¦¸ñ] [³»¿ë] [ÆÐ½º¿öµå]´Â Çϳª¶óµµ ºüÁ®¼± ¾ÈµÇ¿ä.");
}
}
fucking($subject,$comment);
if(!$master){
$modpass=$mod[passwd];
if(!strcmp($modpass,$userpass) or !strcmp($adminpass,$userpass)){
$result=mysql_query("update $board set name='$name',email='$email',link='$link',subject='$subject',
comment='$comment' where rid=$code",$dbcon);
echo("");
exit;
}
else{
error("Çã°Æ!! ºñ¹Ð¹øÈ£°¡ Ʋ¸®³×¿ä..!!");
}
}
else{
$result=mysql_query("update $board set name='$name',email='$email',link='$link',subject='$subject',
comment='$comment',you='$you' where rid=$code",$dbcon);
echo("");
exit;
}
}
############################## ¼öÁ¤Æû Ãâ·Â ###############################################
echo("
");
}
################################ ±Û »èÁ¦ ¸ðµå #####################################3
if($call==delete){
if($master){
del1();
del2();
}
if($upload){
del1();
if(!strcmp($realpass,$userpass) or !strcmp($adminpass,$userpass))
{del2();}
else{
error("Çã°Æ!! ºñ¹Ð¹øÈ£°¡ Ʋ¸®³×¿ä..!!");}
}
############################## ±Û »èÁ¦ ÆûÃâ·Â ##################################3
echo("