alert('¿Ã¹Ù¸¥ À̸ÞÀÏ ÁÖ¼Ò°¡ ¾Æ´Õ´Ï´Ù.\\nÀ̸ÞÀÏ ÁÖ¼Ò¸¦ Á¤È®È÷ Àû¾îÁֽʽÿÀ.') history.go(-1) "); exit; } if(ereg("([^[:space:]]+)", $homepage) && (!ereg("http://([0-9a-zA-Z./@~?&=_]+)", $homepage)) ) { echo(""); exit; } if(!ereg("([^[:space:]]+)", $subject)) { echo(""); exit; } if(!ereg("(^[0-9a-zA-Z]{4,}$)", $passwd)) { echo(""); exit; } if(!ereg("([^[:space:]]+)", $comment)) { echo(""); exit; } ########## µ¥ÀÌÅͺ£À̽º¿¡ ¿¬°áÇÑ´Ù. ########### include "../includes/dbconn.inc"; ########## Á¦¸ñ°ú º»¹®ÀÇ ¹®ÀÚ¿­¿¡ Æ÷ÇÔµÈ Æ¯¼ö¹®ÀÚ¸¦ escape½ÃŲ´Ù. ########## $subject = addslashes($subject); $comment = addslashes($comment); ########## °ü¸®ÀÚ·Î ÀÎÁõµÈ °æ¿ì ¸ðµç ±ÛÀ» ¼öÁ¤ÇÒ ¼ö ÀÖ´Ù. ########## if($admin) { $query = "UPDATE qna SET name = '$name', subject = '$subject', email = '$email', homepage = '$homepage', comment = '$comment' WHERE uid = $number"; $result = mysql_query($query,$dbconn); if (!$result) { echo(""); exit; } echo (""); }else { ########## ÇØ´ç°Ô½Ã¹°ÀÇ ¾ÏÈ£°ªÀ» »Ì¾Æ³½´Ù. ########## $result = mysql_query("SELECT passwd FROM qna WHERE uid = $number",$dbconn); if (!$result) { echo(""); exit; } $real_pass = mysql_result($result,0,0); ########## »ç¿ëÀÚ°¡ ÀÔ·ÂÇÑ ¾ÏÈ£¹®ÀÚ¿­À» ¾ÏȣȭÇÑ´Ù. ########## $result = mysql_query("SELECT password('$passwd')",$dbconn); if (!$result) { echo(""); exit; } $user_pass = mysql_result($result,0,0); ########## °Ô½Ã¹°ÀÇ ¾ÏÈ£¿Í »ç¿ëÀÚ°¡ ÀÔ·ÂÇÑ ¾ÏÈ£°¡ °°À¸¸é °Ô½Ã¹°À» ¼öÁ¤ÇÑ´Ù. ########## if (!strcmp($real_pass,$user_pass)) { $query = "UPDATE qna SET name = '$name', subject = '$subject', email = '$email', homepage = '$homepage', comment = '$comment' WHERE uid = $number"; $result = mysql_query($query,$dbconn); if (!$result) { echo(""); exit; } echo (""); }else { echo(""); exit; } } ?>