include "../cdbcon.inc";
if (!$sess_name){?>
}else{?>
}else{?>
}else{?>
$ip=getenv('REMOTE_ADDR');
$title=addslashes($title);
$content=addslashes($content);
$day = date('Ymdhis');
switch ($tname){
case "morgue_board":
$save_dir="../../".$home."/morgue";
break;
case "homework_board":
$save_dir="../../".$home."/homework";
break;
case "brag_board":
$save_dir="../../".$home."/brag";
break;
}
$isUploaded=FALSE;
$upload_file=$file;
$upload_alt=$file_alt;
if(!strcmp($upload_file,"none")){
continue;
}else{
$upload_file_name=$file_name;
$upload_file_size=$file_size;
$upload_file_type=$file_type;
if ( $upload_file_size >= (150*1024)){
?>
}else{
$filename=explode(".",$upload_file_name);
$extension=$filename[sizeof($filename)-1];
if(!strcmp($extension,"php")||!strcmp($extension,"phtml")||!strcmp($extension,"inc")||!strcmp($extension,"txt")||!strcmp($extension,"asp"))
{
continue;
}
$dest=$save_dir."/".$upload_file_name;
if ($upload_file_name!=""){
copy($upload_file,$dest);
}
$isUploaded=TRUE;
}
}
$query="insert into $tname(title,name,email,content,writeday,readnum,ip,file,file_size) values('$title','$name','$email','$content','$day','0','$ip','$file_name','$file_size')";
mysql_query($query);
echo("");
?>
}?>
}?>
}?>