À§·Î

PHP ¼Ò½º º¸±â - ¼öÁ¤Çϱâ 

¼öÁ¤Çϱâ PHP ¼Ò½º´Â ¼­¹ö¿¡ ÀúÀåµÇ¾î ÀÖ´Â DB(DataBase)ÀÇ Æ¯Á¤ Çʵå(Field)¸¦ ºÒ·¯¿Í ¾×Ƽºê½ºÄù¾î ³»¿¡¼­ ¼öÁ¤ÇÒ ¼ö ÀÖµµ·Ï ÇÏ´Â ¸¸µé¾îÁø °Í ÀÔ´Ï´Ù.

PHP ¼Ò½ºÀÇ ¼öÁ¤Çϱâ ÇüÅÂ

 ////////////////////////////////////

/////////  edit.inc.php  //////////////

////////////////////////////////////

 

        include("board.conf.php");

        include("wec4decoder.php");

 

 

        $msgno = $HTTP_GET_VARS[msgno];

        $subject = $HTTP_POST_VARS[subject];

        $homepage = $HTTP_POST_VARS[homepage];

        $email = $HTTP_POST_VARS[email];

        $author = $HTTP_POST_VARS[author];

        $msgbody = $HTTP_POST_VARS[msgbody];

        $pass = $HTTP_POST_VARS[pass];

        $fileList = $HTTP_POST_VARS[delFile];

 

        $rCon = mysql_connect($BBS_HOST, $BBS_USER, $BBS_PASS);

        mysql_select_db($BBS_DB, $rCon);

 

        $Sql = "select passwd from board where msgno = " . $msgno;

        $rResult = mysql_query($Sql, $rCon);

 

        if($pass != mysql_result($rResult, 0, 0))

        {

?>

<SCRIPT LANGUAGE="JavaScript">

<!--

        alert("¾ÏÈ£°¡ ¸ÂÁö ¾Ê½À´Ï´Ù.");

        history.go(-1);

//-->

</SCRIPT>

<?

                exit;

        }

 

        $uploadPath = $BBS_DATA_PATH . $msgno . "/";     // Upload path

        $uploadUrl = $BBS_DATA_URL . $msgno . "/";           // Upload URL

 

        for($i = 0; $i < sizeof($fileList); $i++)                               // ÆÄÀÏ »èÁ¦Çϱâ

        {

                @unlink($uploadPath . $fileList[$i]);

                $Sql = "delete from filelist where msgno=" . $msgno . " and filename='" . $fileList[$i] . "'";

                mysql_query($Sql);

        }

 

        $mime = new wec4decoder($msgbody);            // MIME Decoding

        $mime->item_dir = $uploadPath;                        // ¾÷·Îµå À§Ä¡¿Í ¾÷·ÎµåµÈ ÆÄÀÏÀÇ URL Base¸¦ ÁöÁ¤ÇÕ´Ï´Ù.

        $mime->item_url = $uploadUrl;

        $mime->run();                                                    // Decoding!

 

        $Sql = "update board set subject='" . $subject . "', ";

        $Sql .= "homepage='" . $homepage . "', ";

        $Sql .= "email='" . $email . "', ";

        $Sql .= "wname='" . $author . "', ";

        $Sql .= "wtime=Now(), ";

        $Sql .= "msgbody='" . $mime->contents[body] . "' ";

        $Sql .= "where msgno=" . $msgno;

 

        mysql_query($Sql);

        mysql_close($rCon);

 

        header("Location: board.php?mode=read&msgno=" . $msgno . "&offset=" . $offset);

 

?>

 

 

 PHP Ãʱâ È­¸é | ¼öÁ¤Çϱâ ÀÔ·Â Æû