2000000){ ALERT ("ÆÄÀϿ뷮Àº 2¸Þ°¡ ÀÌÇÏ·Î Á¦ÇÑ ÇÕ´Ï´Ù."); } /* ÆÄÀÏ ¾÷·Îµå º¸¾È */ if (preg_match("/\.($tail_name)/i", $file_name)){ ALERT ("¾÷·ÎµåÇÏ½Ç ¼ö ¾ø´Â È®ÀåÀÚ ¹× ÆÄÀϸíÀÔ´Ï´Ù."); } $tail = strrchr($file_name, "."); /* ÆÄÀϸíÀÌ °°Àº °æ¿ì ·£´ý¼ö¸¦ ÆÄÀÏ¸í¿¡ ¾Õ¿¡ ºÙ¿©ÁÜ */ $qry = "select uid from $board where dataname = '$file_name'"; $result = mysql_query($qry); $row = mysql_fetch_array($result); if($row[uid]){ $ranNo = mt_rand(1,100); $file_name = $ranNo."_".$signdate.$tail; }else{ $file_name = $signdate.$tail; } /* Æú´õ ÀúÀå ¹× Ã¼Å© ºÎºÐ */ if($file_name){ if(move_uploaded_file($file,$data_src.$file_name)){ echo "ÆÄÀÏ ¾÷·Îµå"; }else{ ALERT ("¾÷·Îµå¿¡ ¹®Á¦°¡ Àְųª, ¿ë·®ÀÌ 2M Ãʰú ÇÒ¼ö ¾ø½À´Ï´Ù."); } } } ############################################################################## if($mod != 1){ if(!$uid){ /* ±Û µî·Ï */ $pidQry ="select pid from $board order by uid desc"; $pidResult = mysql_query($pidQry); $pidRow = mysql_fetch_array($pidResult); if($pidRow[0]){ $pid = $pidRow[pid] - 1; }else{ $pid = 9999999.0000; # ÃʱⰪ ¼³Á¤ } $qry = "insert into $board (uid,pid,thread,kind,name,email,homepage,pass,html,title,content,dataname,signdate,ref,ip_addr) values ('','$pid','','$kind','$name','$email','$homepage','$pass','$html','$title','$content','$file_name','$signdate','','$ip_addr')"; $result = mysql_query($qry) OR die (mysql_error()); echo ""; }else{ /* ´äº¯±ÛÀÎ °æ¿ì */ $reply_qry = "select pid,thread from $board where uid=$uid"; $reply_result = mysql_query($reply_qry); $reply_row = mysql_fetch_Array($reply_result); if($reply_row[pid]){ $pid = $reply_row[pid] + 0.0001; $Dpid = $reply_row[pid]; $Upid = intval($pid) + 1; $thread = $reply_row[thread] + 1; $up_qry = "update $board set pid = pid + 0.0001 where pid > $Dpid and pid < $Upid"; $up_result = mysql_query($up_qry) or die (mysql_error()); $data_qry = "insert into $board (uid,pid,thread,kind,name,email,homepage,pass,html,title,content,dataname,signdate,ref,ip_addr) values ('','$pid','$thread','$kind','$name','$email','$homepage','$pass','$html','$title','$content','$file_name','$signdate','','$ip_addr')"; $data_result = mysql_query($data_qry) or die (mysql_error()); } echo ""; } }else{ /* ¼öÁ¤±ÛÀÎ °æ¿ì */ $delQry = "select pass from $board where uid = $uid"; $delResult = mysql_query($delQry); $delRow = mysql_fetch_array($delResult); $delPass = $delRow[pass]; if($pass != $delPass || !$pass){ # »ç¿ëÀÚ È®ÀÎÀ» À§ÇÑ ÆÐ½º¿öµå üũºÎºÐ ALERT ('ÆÐ½º¿öµå°¡ ¸ÂÁö ¾Ê½À´Ï´Ù. µî·ÏÀÚ¸¸ ¼öÁ¤ÀÌ °¡´ÉÇÕ´Ï´Ù.'); }else{ if(!$file){ $qry = "update $board set kind='$kind',name='$name',email='$email',homepage='$homepage',html='$html',title='$title',content='$content',ip_addr='$ip_addr' where uid='$uid'"; }else{ $qry = "update $board set kind='$kind',name='$name',email='$email',homepage='$homepage',html='$html',title='$title',content='$content',dataname='$file_name',ip_addr='$ip_addr' where uid='$uid'"; } mysql_query($qry); echo ""; } } ?>