PHP ¼Ò½º º¸±â - ±Û¾²±â´ÙÀ½ÀÇ PHP ¼Ò½º´Â °Ô½ÃÆÇ¿¡¼ ±Û¾²±â¿¡ ´ëÇÑ ¼¼ºÎ ¼Ò½ºÀÔ´Ï´Ù. ÀÌ ¼Ò½º¸¦ ±â¹ÝÀ¸·Î ±Û¾²±â ÀÔ·Â ÆûÀ» ¸¸µé¾î ¼Ò½º¿Í ¿¬°áÇØ ÁÖ¼Å¾ß °Ô½ÃÆÇÀÇ ±Û¾²±â°¡ Á¤»óÀûÀ¸·Î ÀÛµ¿ÇÕ´Ï´Ù.
|
///////////////////////////////////// ///////// write.inc.php ////////////// /////////////////////////////////////
include("board.conf.php"); include("wec4decoder.php");
// POST µ¥ÀÌÅÍ ÁöÁ¤ $wname = $HTTP_POST_VARS[author]; // ±Û¾´ÀÌ $email = $HTTP_POST_VARS[email]; // À̸ÞÀÏ $homepage = $HTTP_POST_VARS[homepage]; // ȨÆäÀÌÁö $subject = $HTTP_POST_VARS[subject]; // Á¦¸ñ $msgbody = $HTTP_POST_VARS[contents]; // ³»¿ë $passwd = $HTTP_POST_VARS[pass]; // ÆÐ½º¿öµå $mode = $HTTP_GET_VARS[mode];
// DB ¿¡ Á¢¼ÓÇÑ ÈÄ Äõ¸® ½ÇÇàÇϱâ $rCon = mysql_connect($BBS_HOST, $BBS_USER, $BBS_PASS); mysql_select_db($BBS_DB, $rCon);
$rResult = mysql_query("select max(msgno) from board"); // ÇöÀç ÀÔ·ÂÇÒ ¸Þ½ÃÁöÀÇ MsgNo°ªÀ» ±¸ÇÕ´Ï´Ù $MsgNo = mysql_result($rResult, 0, 0) + 1; mysql_free_result($rResult);
$uploadPath = $BBS_DATA_PATH . $MsgNo . "/"; // Upload path $uploadUrl = $BBS_DATA_URL . $MsgNo . "/"; // Upload URL
@mkdir($uploadPath, 0777); // µð·ºÅ丮 ¸¸µé±â
$upfiles = UploadFilesProcess($HTTP_POST_FILES, $uploadPath); // ¾÷·Îµå ÆÄÀÏ Ã³¸® InsertUpfiles($upfiles, $rCon, $MsgNo);
$mime = new wec4decoder($msgbody); // MIME Decoding $mime->item_dir = $uploadPath; // ¾÷·Îµå À§Ä¡¿Í ¾÷·ÎµåµÈ ÆÄÀÏÀÇ URL Base¸¦ ÁöÁ¤ÇÕ´Ï´Ù. $mime->item_url = $uploadUrl; $mime->run(); // Decoding!
if($mode == "write") // ¾²±âÀÎ °æ¿ì { // Äõ¸® ¸¸µé±â $Sql = "insert into board (msgno, wname, email, homepage, subject, msgbody, passwd, p_id, wtime) values ("; $Sql .= $MsgNo . ", "; $Sql .= "'" . $wname . "', "; $Sql .= "'" . $email . "', "; $Sql .= "'" . $homepage . "', "; $Sql .= "'" . $subject . "', "; $Sql .= "'" . $mime->contents[body] . "', "; $Sql .= "'" . $passwd . "', "; $Sql .= $MsgNo . ", "; $Sql .= "Now());"; $rResult = mysql_query($Sql); // Å×ÀÌºí¿¡ ÀÔ·Â } else if($mode == "reply") // ȸ½ÅÀÎ °æ¿ì { $p_msgno = $HTTP_GET_VARS[msgno]; $Sql = "select msgno, p_id, t_id, t_step from board where msgno = " . $p_msgno; // ¿ø¹®ÀÇ Á¤º¸¸¦ °¡Á®¿É´Ï´Ù. $rResult = mysql_query($Sql); $pInfo = mysql_fetch_array($rResult); mysql_free_result($rResult);
// ÀÔ·ÂµÈ ´äº¯ ÀÌÈÄÀÇ °Ô½Ã¹°¿¡ ´ëÇØ¼ ¾²·¹µå ¼ø¼ ID¸¦ 1¾¿ Áõ°¡½Ãŵ´Ï´Ù. $Sql = "update board set t_id = t_id + 1 where p_id = ". $pInfo[p_id] . " and t_id >= " . ($pInfo[t_id] + 1);
mysql_query($Sql);
// ÇöÀç °Ô½Ã¹°À» DB ¿¡ ÀÔ·ÂÇÕ´Ï´Ù. $Sql = "insert into board (msgno, wname, email, homepage, subject, msgbody, p_id, t_id, t_step, wtime) values ("; $Sql .= $MsgNo . ", "; $Sql .= "'" . $wname . "', "; $Sql .= "'" . $email . "', "; $Sql .= "'" . $homepage . "', "; $Sql .= "'" . $subject . "', "; $Sql .= "'" . $mime->contents[body] . "', "; $Sql .= $pInfo[p_id] . ", "; $Sql .= $pInfo[t_id] + 1 . ", "; $Sql .= $pInfo[t_step] + 1 . ", "; $Sql .= "Now());"; mysql_query($Sql); }
mysql_close($rCon);
header("Location: board.php?mode=list&offset=" . $offset);
///////////////////////////////////////////////////// // Upload ÆÄÀÏ Ã³¸® function UploadFilesProcess($POST_FILES, $uploadPath) { $size = sizeof($POST_FILES["attachfile"]["name"]); $upfiles = array();
for($i = 0; $i < $size; $i++) { // ¾÷·ÎµåµÈ ÆÄÀÏÀÇ »çÀÌÁî°¡ 0 ¹ÙÀÌÆ®º¸´Ù ÀÛÀ¸¸é ÀúÀåÇÏÁö ¾Ê½À´Ï´Ù if($POST_FILES["attachfile"]["size"][$i] > 0) { $filename = $POST_FILES["attachfile"]["name"][$i]; // ¾÷·ÎµåµÈ ÆÄÀϸíÁß¿¡ ½ºÆäÀ̽º(" ")°¡ ÀÖÀ¸¸é À̸¦ "_"·Î ¹Ù²ß´Ï´Ù $filename = ereg_replace(" ", "_", $filename); $tmp_filename = $POST_FILES["attachfile"]["tmp_name"][$i]; // ¾÷·ÎµåµÈ ÆÄÀÏÀ» ÁöÁ¤µÈ À§Ä¡¿¡ ¿ø·¡ À̸§À¸·Î ¹Ù²Ù¾î ÀúÀåÇÏÁö ¾Ê½À´Ï´Ù $rRes = move_uploaded_file($tmp_filename, $uploadPath . $filename); array_push($upfiles, $filename); // º¹»çÇÑ ÆÄÀÏ À̸§À» ÀúÀåÇÕ´Ï´Ù } }
return $upfiles; }
///////////////////////////////////////////////////// // ¾÷·ÎµåµÈ ÆÄÀÏÀ» DB¿¡ ÀÔ·ÂÇÕ´Ï´Ù function InsertUpfiles($upfiles, $rCon, $MsgNo) { $size = sizeof($upfiles); for($i = 0; $i < $size; $i++) // ¾÷·ÎµåµÈ °³¼ö¸¸Å Å×ÀÌºí¿¡ ÀÔ·ÂÇÕ´Ï´Ù. { $Sql = "insert into filelist ( msgno, filename ) values ( "; $Sql .= $MsgNo . ", "; $Sql .= "'" . $upfiles[$i] . "')";
mysql_query($Sql, $rCon); // Å×ÀÌºí¿¡ ÀÔ·ÂÇÕ´Ï´Ù. } } ?>
|