= $__tid and tid < 11111111"); $_i_query = "INSERT INTO $Db(nid, rid, tid, sid, writer, email, homepage, ip_addr, passwd, subject, content, html_f, w_time) VALUES ($__nid, $__rid, $__tid, $__sid, '$fmWriter', '$fmEmail', '$fmHomepage', '".getenv("REMOTE_ADDR")."', '$fmPassword', '$fmSubject', '$fmContent', $fmDisableHtml, '".date("Y-m-d H:i:s")."')"; if ( $mode == "modify" ) { $__file = ""; if ( $fmDeleteAttach == 1 ) { $_filesize = 0; $_filename = ""; $_filetype = ""; $__file = ", filesize=$_filesize, filename='$_filename', filetype='$_filetype'"; } $_i_query = "UPDATE $Db SET writer='$fmWriter', email='$fmEmail', homepage='$fmHomepage', subject='$fmSubject', content='$fmContent', html_f=$fmDisableHtml, u_time='".date("Y-m-d H:i:s")."'".$__file." WHERE nid=$nid"; } $_result = mbMyQuery($_i_query); if ( $fmAttachFile_size ) { if ( $mode == "modify" ) $__nid = $nid; if ( !file_exists("./upload/$Db")) mkdir("./upload/$Db", 0755); copy ($fmAttachFile, "./upload/$Db/".$__nid.".bin"); unlink($fmAttachFile); $_u_query = "UPDATE $Db SET filename='".basename($fmAttachFile_name)."', filesize=$fmAttachFile_size, filetype='$fmAttachFile_type' WHERE nid=$__nid"; $_u_result = mbMyQuery($_u_query); } if ( $fmDeleteAttach == 1 ) unlink("./upload/$Db/".$nid.".bin"); if ( $mode == "reply" || $mode == "write" ) { if ( $fmWriter ) SetCookie("__nBoard_cn_cookie_writer", $fmWriter, time() + 30*24*60*60 ); if ( $fmEmail ) SetCookie("__nBoard_cn_cookie_email", $fmEmail, time() + 30*24*60*60 ); if ( $fmHomepage ) SetCookie("__nBoard_cn_cookie_homepage", $fmHomepage, time() + 30*24*60*60 ); } if ( $mailForward ) { $_url = "http://".getenv("HTTP_HOST").getenv("REQUEST_URI"); $_url = eregi_replace ($_envModule, "", $_url); if ( substr($_url, strlen($_url) - 1) == "/" ) $_url = substr($_url, 0, strlen($_url) - 1); $fmWriter = mbAvoidCrack($fmWriter); $fmSubject = mbAvoidCrack($fmSubject); $fmContent = mbAvoidCrack($fmContent); $fmContent = eregi_replace ("\n", "\n
", $fmContent); $_mailContent = " SYOUS.com

$__nid. $fmWriter
$fmSubject


$fmContent



"; $_from = "From: ".$fmWriter." <".$fmEmail.">"; $_replyto = "Reply-To: ".$fmWriter." <".$fmEmail.">"; $_contype = "Content-Type: text/html"; $_subheader = $_from."\r\n".$_replyto."\r\n".$_contype."\r\n"; mail ( $mailForward, "[$Db:´äº¯±Û¾Ë¸²] $fmSubject", $_mailContent, $_subheader); } if ( $mode == "reply" && $bNid ) { $_tmpA = explode("|", $bNid); $_tmpC = count($_tmpA); for ( $_i = 0; $_i < $_tmpC ; $_i++ ) { if ( $_tmpA[$_i] == $nid ) break; } $_tmpS = $_tmpA[$_i+1]; if ( $_tmpS && $_tmpS != "1") Header("Location: $_envBoard?Db=$Db&mode=reply&nid=$_tmpS&bNid=$bNid"); else echo (" "); } else { Header("Location: $_envBoard?Db=$Db&$___search"); } } if ( $mode == "delete" ) { if ( !$bNid ) { mbDeleteItem($nid); } else { $_bNid_A = explode("|", $bNid); $_bNid_C = count($_bNid_A); for ( $i = 0 ; $i < $_bNid_C ; $i++ ) mbDeleteItem ($_bNid_A[$i]); } Header("Location: $_envBoard?Db=$Db&$___search"); } if ( $mode == "addcom" ) { if ( !trim($fmWriter) || !trim($fmComment) ) mbAlertErr('°ø¹éÀÚ·á´Â ÀÔ·ÂÇÏ½Ç ¼ö ¾ø½À´Ï´Ù.'); $_w_time = date("Y-m-d H:i:s"); $__query = "INSERT INTO ".$Db."_cmt (nid, writer, comment, w_time) VALUES ($nid, '$fmWriter', '$fmComment', '$_w_time')"; $_dbInsert = mbMyQuery($__query); $_dbUpdate = mbMyQuery("UPDATE $Db SET cid=cid+1 WHERE nid=$nid"); Header("Location: $_envBoard?Db=$Db&mode=view&page=$page&nid=$nid&bNid=$bNid&$___search"); } if ( $mode == "delcom" ) { $__query = "DELETE FROM ".$Db."_cmt WHERE no=$no"; $_dbDelete = mbMyQuery($__query); $_dbUpdate = mbMyQuery("UPDATE $Db SET cid=cid-1 WHERE nid=$nid"); Header("Location: $_envBoard?Db=$Db&mode=view&nid=$nid&bNid=$bNid&$___search"); } if ( $mode == "vote" ) { $cookie = "__nBoard_vt_cookie_".$Db."_".$nid; if ( $$cookie ) mbAlertErr("ÇϳªÀÇ ±ÛÀ» ¿©·¯¹ø Âù¼ºÇÒ ¼ö ¾ø½À´Ï´Ù."); $_dbUpdate = mbMyQuery("UPDATE $Db SET vid=vid+1 WHERE nid=$nid"); SetCookie($cookie, "1", time() + 30*24*60*60); Header("Location: $_envBoard?Db=$Db&mode=view&nid=$nid&bNid=$bNid&$___search"); } if ( $mode == "download" ) { $_dbResult = mbMyQuery ("SELECT filename, filesize, filetype FROM $Db WHERE nid=$nid"); $_rows = mbMyFetchArr($_dbResult); $_rows[file] = fread(fopen("./upload/$Db/".$nid.".bin", "r"), $_rows[filesize]); if ( strpos($_rows[filetype], "mage") > 0 ) $_tmpStr = "Content-type: application/octet-stream\nContent-length: $_rows[filesize]\nContent-Disposition: inline; filename=$_rows[filename]"; else $_tmpStr = "Content-type: $_rows[filetype]\nContent-length: $_rows[filesize]\nContent-Disposition: inline; filename=$_rows[filename]"; Header ($_tmpStr); echo $_rows[file]; $_dbUpdate = mbMyQuery("UPDATE $Db SET did=did+1 WHERE nid=$nid"); } mbMyStatus(1); ?>