300000) {
back("»çÁøÅ©±â´Â 300,000 ¹ÙÀÌÆ®¸¦ ³ÑÀ»¼ö ¾øÀ¾´Ï´Ù.");
}
// echo "$photo_size";
$file_tail=substr(strrchr($photo_name,"."),1); //ÆÄÀÏ È®ÀåÀÚ ±¸Çϱâ.
$file_tail=strtoupper($file_tail);
if($file_tail != 'JPG' && $file_tail != 'GIF') {
back("È®ÀåÀÚ°¡ JPG,GIF ÈÀϸ¸ ¿Ã¸±¼ö ÀÖÀ¾´Ï´Ù.");
}
/*****************************************************************
$photo_name=addslashes($photo_name);
$photo_name=ereg_replace(" ","",$photo_name);
$photo_name=ereg_replace("\|","",$photo_name);
$photo_dir="./photo/".$photo_name;
$exitst=file_exists("./photo/$photo_name");
if($exitst) {
back("¼±ÅÃÇϽŠÆÄÀÏ°ú µ¿ÀÏÇÑ À̸§ÀÇ ÆÄÀÏÀÌ ÀÌ¹Ì Á¸ÀçÇÕ´Ï´Ù.");
}
*******************************************************************/
$photo_dir="./photo/".date("U").$s_id.".".$file_tail;
// alert($photo_dir);
} // eof if (isset($photo))
mysql_select_db('woorinara');
$query="select * from member where id='$s_id'";
$result=mysql_query($query,$connect);
$row=mysql_fetch_array($result);
$line = explode("\n",$comment);
$line_count = sizeof($line);
$email=$row[email]."@".$row[emailserver];
$name=$row[name];
mysql_select_db('board');
$query="select thread,right(thread,1) from $boardid where fid=$fid and length(thread)=length('$thread')+1 and locate('$thread',thread)=1 and location like '$where' order by thread desc limit 1";
$result = mysql_query($query,$connect);
if (!$result) {
back('Ä÷¸®¿¡·¯');
}
$row=mysql_num_rows($result);
if($row) {
$row=mysql_fetch_row($result);
$thread_head=substr($row[0],0,-1);
$thread_foot = ++$row[1];
$new_thread=$thread_head.$thread_foot;
} else {
$new_thread=$thread."A";
}
$signdate = time();
######### Á¦¸ñ°ú º»¹®ÀÇ ¹®ÀÚ¿¿¡ Æ÷ÇÔµÈ Æ¯¼ö¹®ÀÚ¸¦ escape½ÃŲ´Ù. ##########
$subject = htmlspecialchars($subject);
if($comment_is_html=='N') {
$comment=htmlspecialchars($comment);
}
########## µ¥ÀÌÅͺ£À̽º¿¡ ÀԷ°ªÀ» »ðÀÔÇÑ´Ù. location¿¡ where¸¦ ½áÁÖÁö¾Ê°í location À» ½áÁÜ Å©·Î½ºÆ÷Æÿë##########
$query = "INSERT INTO $boardid VALUES ('', $fid, '$name', '$email', '$subject', '$comment', '', $signdate, 0,'$new_thread','$location',$line_count,'$REMOTE_ADDR','$s_id','$comment_is_html','$photo_dir','$photo_dir1','$photo_dir2','$photo_dir3','$photo_dir4','$photo_option')";
$result = mysql_query($query,$connect);
if(!$result) {
back('ÀμƮ ¿¡·¯');
}
if(isset($photo_name) && !empty($photo_name)) { //»çÁøÀ» ¿Ã·ÈÀ¸¸é
if(!copy($photo,$photo_dir)) {
back("ÆÄÀÏÀ» ÁöÁ¤ÇÑ µð·ºÅ丮¿¡ º¹»çÇϴµ¥ ½ÇÆÐÇßÀ¾´Ï´Ù.");
}
if(!unlink($photo)) {
back("ÀÓ½ÃÆÄÀÏÀ» »èÁ¦Çϴµ¥ ½ÇÆÐÇß½À´Ï´Ù.");
}
}
if($key_field) {
goto_refresh_page("search.html?boardid=$boardid&where=$where&page=$page&key=$key&key_field=$key_field",0);
} else {
goto_refresh_page("list.html?boardid=$boardid&where=$where&page=$page",0);
}
}
?>
¼Ò±¸¸® ¹®ÈÁöµµ - ´ëÇѹα¹ ÇàÁ¤±¸¿ªº° ¿ì¸®¼Ò½Ä °Ô½ÃÆÇ °ü·Ã±Û¾²±â
