= $__tid and tid < 11111111");
$_i_query = "INSERT INTO $Db(nid, rid, tid, sid, writer, email, homepage, ip_addr, passwd, subject, content, html_f, w_time) VALUES ($__nid, $__rid, $__tid, $__sid, '$fmWriter', '$fmEmail', '$fmHomepage', '".getenv("REMOTE_ADDR")."', '$fmPassword', '$fmSubject', '$fmContent', $fmDisableHtml, '".date("Y-m-d H:i:s")."')";
if ( $mode == "modify" ) {
$__file = "";
if ( $fmDeleteAttach == 1 ) {
$_filesize = 0;
$_filename = "";
$_filetype = "";
$__file = ", filesize=$_filesize, filename='$_filename', filetype='$_filetype'";
}
$_i_query = "UPDATE $Db SET writer='$fmWriter', email='$fmEmail', homepage='$fmHomepage', subject='$fmSubject', content='$fmContent', html_f=$fmDisableHtml, u_time='".date("Y-m-d H:i:s")."'".$__file." WHERE nid=$nid";
}
$_result = mbMyQuery($_i_query);
if ( $fmAttachFile_size ) {
if ( $mode == "modify" ) $__nid = $nid;
if ( !file_exists("./upload/$Db")) mkdir("./upload/$Db", 0755);
copy ($fmAttachFile, "./upload/$Db/".$__nid.".bin");
unlink($fmAttachFile);
$_u_query = "UPDATE $Db SET filename='".basename($fmAttachFile_name)."', filesize=$fmAttachFile_size, filetype='$fmAttachFile_type' WHERE nid=$__nid";
$_u_result = mbMyQuery($_u_query);
}
if ( $fmDeleteAttach == 1 ) unlink("./upload/$Db/".$nid.".bin");
if ( $mode == "reply" || $mode == "write" ) {
if ( $fmWriter )
SetCookie("__nBoard_cn_cookie_writer", $fmWriter, time() + 30*24*60*60 );
if ( $fmEmail )
SetCookie("__nBoard_cn_cookie_email", $fmEmail, time() + 30*24*60*60 );
if ( $fmHomepage )
SetCookie("__nBoard_cn_cookie_homepage", $fmHomepage, time() + 30*24*60*60 );
}
if ( $mailForward ) {
$_url = "http://".getenv("HTTP_HOST").getenv("REQUEST_URI");
$_url = eregi_replace ($_envModule, "", $_url);
if ( substr($_url, strlen($_url) - 1) == "/" ) $_url = substr($_url, 0, strlen($_url) - 1);
$fmWriter = mbAvoidCrack($fmWriter);
$fmSubject = mbAvoidCrack($fmSubject);
$fmContent = mbAvoidCrack($fmContent);
$fmContent = eregi_replace ("\n", "\n
", $fmContent);
$_mailContent = "
SYOUS.com
 |
$__nid. $fmWriter
$fmSubject
$fmContent
| |
";
$_from = "From: ".$fmWriter." <".$fmEmail.">";
$_replyto = "Reply-To: ".$fmWriter." <".$fmEmail.">";
$_contype = "Content-Type: text/html";
$_subheader = $_from."\r\n".$_replyto."\r\n".$_contype."\r\n";
mail ( $mailForward, "[$Db:´äº¯±Û¾Ë¸²] $fmSubject", $_mailContent, $_subheader);
}
if ( $mode == "reply" && $bNid ) {
$_tmpA = explode("|", $bNid);
$_tmpC = count($_tmpA);
for ( $_i = 0; $_i < $_tmpC ; $_i++ ) {
if ( $_tmpA[$_i] == $nid ) break;
}
$_tmpS = $_tmpA[$_i+1];
if ( $_tmpS && $_tmpS != "1") Header("Location: $_envBoard?Db=$Db&mode=reply&nid=$_tmpS&bNid=$bNid");
else echo ("
");
} else {
Header("Location: $_envBoard?Db=$Db&$___search");
}
}
if ( $mode == "delete" ) {
if ( !$bNid ) {
mbDeleteItem($nid);
} else {
$_bNid_A = explode("|", $bNid);
$_bNid_C = count($_bNid_A);
for ( $i = 0 ; $i < $_bNid_C ; $i++ )
mbDeleteItem ($_bNid_A[$i]);
}
Header("Location: $_envBoard?Db=$Db&$___search");
}
if ( $mode == "addcom" ) {
if ( !trim($fmWriter) || !trim($fmComment) ) mbAlertErr('°ø¹éÀÚ·á´Â ÀÔ·ÂÇÏ½Ç ¼ö ¾ø½À´Ï´Ù.');
$_w_time = date("Y-m-d H:i:s");
$__query = "INSERT INTO ".$Db."_cmt (nid, writer, comment, w_time) VALUES ($nid, '$fmWriter', '$fmComment', '$_w_time')";
$_dbInsert = mbMyQuery($__query);
$_dbUpdate = mbMyQuery("UPDATE $Db SET cid=cid+1 WHERE nid=$nid");
Header("Location: $_envBoard?Db=$Db&mode=view&page=$page&nid=$nid&bNid=$bNid&$___search");
}
if ( $mode == "delcom" ) {
$__query = "DELETE FROM ".$Db."_cmt WHERE no=$no";
$_dbDelete = mbMyQuery($__query);
$_dbUpdate = mbMyQuery("UPDATE $Db SET cid=cid-1 WHERE nid=$nid");
Header("Location: $_envBoard?Db=$Db&mode=view&nid=$nid&bNid=$bNid&$___search");
}
if ( $mode == "vote" ) {
$cookie = "__nBoard_vt_cookie_".$Db."_".$nid;
if ( $$cookie ) mbAlertErr("ÇϳªÀÇ ±ÛÀ» ¿©·¯¹ø Âù¼ºÇÒ ¼ö ¾ø½À´Ï´Ù.");
$_dbUpdate = mbMyQuery("UPDATE $Db SET vid=vid+1 WHERE nid=$nid");
SetCookie($cookie, "1", time() + 30*24*60*60);
Header("Location: $_envBoard?Db=$Db&mode=view&nid=$nid&bNid=$bNid&$___search");
}
if ( $mode == "download" ) {
$_dbResult = mbMyQuery ("SELECT filename, filesize, filetype FROM $Db WHERE nid=$nid");
$_rows = mbMyFetchArr($_dbResult);
$_rows[file] = fread(fopen("./upload/$Db/".$nid.".bin", "r"), $_rows[filesize]);
if ( strpos($_rows[filetype], "mage") > 0 )
$_tmpStr = "Content-type: application/octet-stream\nContent-length: $_rows[filesize]\nContent-Disposition: inline; filename=$_rows[filename]";
else
$_tmpStr = "Content-type: $_rows[filetype]\nContent-length: $_rows[filesize]\nContent-Disposition: inline; filename=$_rows[filename]";
Header ($_tmpStr);
echo $_rows[file];
$_dbUpdate = mbMyQuery("UPDATE $Db SET did=did+1 WHERE nid=$nid");
}
mbMyStatus(1);
?>