execute("select passwd from $board_table where uid = $uid"); $row = mysql_fetch_array($result); // °ü¸®ÀÚ°¡ ·Î±×ÀÎÇÏ¿´´ÂÁö ÇÏÁö ¾Ê¾Ò´ÂÁö üũÇÏÀÚ. // °ü¸®ÀÚÀÇ ¾ÏÈ£¸¦ ¾Ïȣȭ... $crypt_admin_pw = encrypt($admin_pw); if ($cook_admin_id == $admin_id && $cook_admin_pw == $crypt_admin_pw) { $admin_login = 1; } else { $admin_login = 0; } // ºó ±ÛÀÎÁö Á¶»ç if (!$row[passwd] && !$admin_login) goPrepage('¾ÏÈ£°¡ ¾ø´Â ±ÛÀÔ´Ï´Ù. ¼öÁ¤ÇÏ½Ç ¼ö ¾ø½À´Ï´Ù.'); // ¾ÏÈ£°¡ ¸Â´ÂÁö Á¶»ç if ($row[passwd] != $passwd && $row[passwd] != encrypt($passwd) && !$admin_login) goPrepage('¾ÏÈ£°¡ Ʋ¸³´Ï´Ù. ´Ù½Ã ÀÔ·ÂÇØ ÁֽʽÿÀ.'); // ÀÔ·ÂµÈ µ¥ÀÌŸµéÀÌ Á¶°Ç¿¡ ¸Â´ÂÁö Á¶»ç // $writer¿Í $subject´Â °ø¹é¹®ÀÚ°¡ ÀԷµǾ ¾È µÈ´Ù. if (ereg("^[[:space:]]+$", $writer)) { goPrepage('±Û¾´ÀÌÀÇ À̸§Àº °ø¹é¹®ÀÚ¸¸À¸·Î ÀÔ·ÂÇÏ½Ç ¼ö ¾ø½À´Ï´Ù.'); } if ($passwd && ereg("^[[:space:]]+$", $passwd)) { goPrepage('¾ÏÈ£´Â °ø¹é¹®ÀÚ¸¸À¸·Î ÀÔ·ÂÇÏ½Ç ¼ö ¾ø½À´Ï´Ù.'); } if (ereg("^[[:space:]]+$", $subject)) { goPrepage('Á¦¸ñÀº °ø¹é¹®ÀÚ¸¸À¸·Î ÀÔ·ÂÇÏ½Ç ¼ö ¾ø½À´Ï´Ù.'); } if (ereg("^[[:space:]]+$", $contents)) { goPrepage('³»¿ëÀº °ø¹é¹®ÀÚ¸¸À¸·Î ÀÔ·ÂÇÏ½Ç ¼ö ¾ø½À´Ï´Ù.'); } if ($email && !ereg("^.+@.+\\..+$", $email)) { goPrepage('Email Çü½ÄÀÌ Á¶°Ç¿¡ ¸ÂÁö ¾Ê½À´Ï´Ù. ´Ù½Ã ÀÔ·ÂÇØ ÁֽʽÿÀ.'); } if ($homepage && !ereg("^.+\\..+$", $homepage)) { goPrepage('Homepage Çü½ÄÀÌ Á¶°Ç¿¡ ¸ÂÁö ¾Ê½À´Ï´Ù. ´Ù½Ã ÀÔ·ÂÇØ ÁֽʽÿÀ.'); } // ¿å¼³Àº µî·ÏÇÒ ¼ö ¾ø½À´Ï´Ù. $totalDisableWord = sizeof($disableWord); for ($i = 0; $i < $totalDisableWord; $i++) { if(eregi($disableWord[$i], $contents)) { goPrepage("\'$disableWord[$i]\'´Â µî·ÏÇÏ½Ç ¼ö ¾ø´Â ´Ü¾îÀÔ´Ï´Ù."); }; } // ¾÷·ÎµåµÈ È­ÀÏÀÌ ÀÖ´Ù¸é ¾÷·ÎµåµÈ È­ÀϵéÀÇ ÃÑ Å©±â¸¦ Á¶»ç $total = sizeof($file); for ($i = 0; $i < $total; $i++) { $fileSize += $file_size[$i]; } if ($fileSize > $maxFileSize) goPrepage("¾÷·Îµå ¿ë·®ÀÌ ÃʰúµÇ¾ú½À´Ï´Ù. ÃÖ´ë Å©±â´Â $maxFileSize Byte ÀÔ´Ï´Ù."); // ÀÔ·ÂµÈ µ¥ÀÌŸ¸¦ DB¿¡ ÀúÀåÇϱâ ÁÁµµ·Ï º¯°æ $writer = trim($writer); $subject = trim($subject); $contents = chop($contents); $homepage = trim($homepage); $email = trim($email); $homepage = str_replace("http://", "", $homepage); $wdate = time(); // db¿¡ ÀúÀå if ($passwd) { $db->execute("update $board_table set writer = '$writer', email = '$email', passwd = password('$passwd'), homepage = '$homepage', wdate = '$wdate', subject = '$subject', contents = '$contents', category = '$category' where uid = '$uid'"); } else { $db->execute("update $board_table set writer = '$writer', email = '$email', homepage = '$homepage', wdate = '$wdate', subject = '$subject', contents = '$contents', category = '$category' where uid = '$uid'"); } // files ¶ó´Â µð·ºÅ丮¿¡ $uid À̸§ÀÇ µð·ºÅ丮¸¦ ¸¸µé°í ¾÷·ÎµåµÈ ÆÄÀϵéÀ» ÀúÀåÇÑ´Ù. $total = sizeof($file); for ($i = 0; $i < $total; $i++) { $savename = $file_name[$i] . ".zip"; $j = 0; while (file_exists("files/$savename")) { $j++; $savename = $file_name[$i] . "@$j" . ".zip"; } if ($file[$i] != 'none') { copy($file[$i], "files/$savename"); $db->execute("insert into $file_table(id, name, savename, size) values($uid, '$file_name[$i]', '$savename', $file_size[$i])"); } } // ¸®½ºÆ® È­¸éÀ¸·Î µ¹¾Æ°£´Ù. goPage("$PHP_SELF?no=$no"); ?>