JSP ¼Ò½º º¸±â - ¼öÁ¤Çϱâ¼öÁ¤Çϱâ JSP ¼Ò½º´Â ¼¹ö¿¡ ÀúÀåµÇ¾î ÀÖ´Â DB(DataBase)ÀÇ Æ¯Á¤ Çʵå(Field)¸¦ ºÒ·¯¿Í ¾×Ƽºê½ºÄù¾î ³»¿¡¼ ¼öÁ¤ÇÒ ¼ö ÀÖµµ·Ï ÇÏ´Â ¸¸µé¾îÁø °Í ÀÔ´Ï´Ù.
|
<%@ include file="board.conf.jsp" %> <%@ include file="board.util.jsp" %> <%@ page import="java.sql.*, com.jspsmart.upload.SmartUpload, java.io.File, java.io.FileOutputStream, com.namo.NamoMime" %> <%@ page contentType="text/html" %> <jsp:useBean id="myUpload" scope="page" class="com.jspsmart.upload.SmartUpload" /> <% /*------------------------------------------------------------------------ ... (ÁÖ¼® »ý·«) ... --------------------------------------------------------------------------*/
Connection con; Statement stmt; ResultSet rs; String dbUrl = new String(); String sql = new String(); String uploadUrl = new String(); String uploadPath = new String(); int i = 0; int msgno; int offset = Integer.parseInt(((request.getParameter("offset") == null ) ? "0" : request.getParameter("offset"))); String msgbody; String subject; String wname; String homepage; String email; String passwd; String []delFiles; File delFile; NamoMime mime;
// JDBC µ¥ÀÌÅͺ£À̽º ¿¬°áÀ» À§ÇÑ URLÀ» »ý¼ºÇÕ´Ï´Ù. dbUrl = "jdbc:mysql://" + BBS_HOST + "/" + BBS_DB + "?user=" + BBS_USER + "&password=" + BBS_PASS; // MySQL ¼¹ö¿¡ ¿¬°á Class.forName("org.gjt.mm.mysql.Driver").newInstance(); con = DriverManager.getConnection(dbUrl); stmt = con.createStatement();
// POST µ¥ÀÌÅÍ msgno = Integer.parseInt(request.getParameter("msgno")); subject = request.getParameter("subject"); wname = request.getParameter("author"); homepage = request.getParameter("homepage"); email = request.getParameter("email"); passwd = request.getParameter("pass"); msgbody = request.getParameter("msgbody"); delFiles = request.getParameterValues("delFile");
sql = "select passwd from board where msgno = " + msgno; rs = stmt.executeQuery(sql); rs.first();
// ¾ÏÈ£°¡ Ʋ·ÈÀ» °æ¿ì if(!passwd.equals(rs.getString("passwd"))) { out.println("<SCRIPT>alert(\"¾ÏÈ£°¡ ¸ÂÁö ¾Ê½À´Ï´Ù.\"); history.go(-1);</SCRIPT>"); rs.close(); stmt.close(); con.close(); return ; }
// µ¥ÀÌÅÍ ÀúÀå À§Ä¡ ¼³Á¤ uploadUrl = BBS_DATA_URL + "/" + msgno; uploadPath = BBS_DATA_PATH + "/" + msgno;
// ÀÌÀü¿¡ ÷ºÎÇÑ ÆÄÀÏÁß »èÁ¦ ´ë»óÀ¸·Î ÁöÁ¤ÇÑ ÆÄÀÏ Áö¿ì±â if(delFiles != null) { for(i = 0; i < delFiles.length; i++) { delFile = new File(uploadPath + "/" + delFiles[i]); delFile.delete(); // DB ¿¡¼ Áö¿î ÆÄÀÏÀ» Áö¿î´Ù sql = "delete from filelist where msgno = " + msgno + " and filename = '" + delFiles[i] + "'"; stmt.executeQuery(sql); delFile = null; } }
// MIME ÀÎÄÚµù mime = new NamoMime(); mime.setSavePath(uploadPath); mime.setSaveURL(uploadUrl); mime.decode(msgbody); // ÀÛÀº µû¿ÈÇ¥(') ´Â SQL¿¡¼ ÇÊµå ±¸ºÐÀÚ·Î ¾²À̹ǷΠ\\'·Î ´ëüÇÕ´Ï´Ù. msgbody = replace(mime.getBodyContent(), "'", "\\'"); mime.saveFile(); // ÆÄÀÏ ÀúÀå
// ³»¿ëÀ» ¾÷µ¥ÀÌÆ® ÇÕ´Ï´Ù. sql = "update board set subject='" + subject + "', "; sql += "homepage='" + homepage + "', "; sql += "email='" + email + "', "; sql += "wname='" + wname + "', "; sql += "wtime=Now(), "; sql += "msgbody='" + msgbody + "' "; sql += "where msgno=" + msgno;
stmt.executeQuery(sql); rs.close(); stmt.close(); con.close();
// ´Ù½Ã ¸ñ·Ï º¸±â·Î À̵¿ÇÕ´Ï´Ù. response.sendRedirect("list.jsp?offset=" + offset); %> |