ÀÌÁ¨ ¿¹ºñ Çʵå x,y ¸¦ È°¿ëÇÏÀÚ..
| Zeroboard 4
Posted at 2009/10/18 13:34
¾Æ¸¶ Á¦·Îº¸µå¸¦ »ç¿ëÇϽô ºÐµéÁß¿¡ °Ô½ÃÆÇ µðºñÀÇ ¼ö°¡ Àû¾î¼­ È°¿ëÀ» ¸øÇϽôºеéÀÌ ¸¹À»°É·Î ¾Ð´Ï´Ù.
Àúµµ ÀÌ·¡Àú·¡ ÇÏ´Ùº¸¸é Çʵ尡 Àû¾î¼­ µðºñ¸¦ Ãß°¡ÇÏ´Â °æ¿ì°¡ ¸¹Àºµ¥ ±×°Íº¸´Ù´Â ¿¹ºñ Çʵ带 È°¿ëÇϹǷμ­ µðºñ¸¦ ¼öÁ¤Çϱ⺸´Ü ÆíÇÏ°Ô Ãß°¡ÇÏ´Â ÆíÀÌ ³ºÀ»°Å °°¾Æ ¸îÀÚ Àû¾îº¾´Ï´Ù.

½ºÅ² ¸¸µå½Ç¶§ °í·ÁÇÒ »óȲÀä..º¸Åë ½ºÅ² »óÀÇ write.php ¹®¿¡ ÇØ´çÇÕ´Ï´Ù.
<tr>
  <td style='font-family:Tahoma; font-size:8pt' align=right>¿¹ºñ Çʵå 1</td>
  <td> <input type=text name=zx value="<?=$data[x]?>" <?=size(20)?> maxlength=100 class=input></td>
</tr>
<tr>
  <td style='font-family:Tahoma; font-size:8pt' align=right>¿¹ºñ Çʵå 2</td>
  <td> <input type=text name=zy value="<?=$data[y]?>" <?=size(20)?> maxlength=100 class=input></td>
</tr>
À§¿¡¼­ ó·³ name=zx , name=zy ·Î ¹ÞÀ¸¼Å¾ß Á¦´ë·Î ÀÛµ¿À» ÇÕ´Ï´Ù, ÀÌ°ÍÀº Á¦·Î´ÔÀÌ write_ok.php ¹® »ó¿¡¼­ $x=$zx , $y=$zy ·Î ¹ÞÀ¸¼Ì±â ¶§¹®¿¡ ¾î¿¼ö °¡ ¾ø´õ±º¿ä.

µÎ¹ø° °íÄ¥ ÆÄÀÏÀº Á¦·Îº¸µå Æú´õÀÇ write.php ¹®ÀÔ´Ï´Ù.

if($mode=="modify") {

                // ºñ¹Ð±ÛÀÌ°í Æнº¿öµå°¡ Ʋ¸®°í °ü¸®ÀÚ°¡ ¾Æ´Ï¸é ¸®ÅÏ
                if($data[is_secret]&&!$is_admin&&$data[ismember]!=$member[no]&&$HTTP_COOKIE_VARS[zb_s_check]!=$setup[no]."_".$no) error("Á¤»óÀûÀÎ ¹æ¹ýÀ¸·Î ¼öÁ¤Çϼ¼¿ä");

                        $name=stripslashes($data[name]); // À̸§
                        $email=stripslashes($data[email]); // ¸ÞÀÏ
                        $homepage=stripslashes($data[homepage]); // ȨÆäÀÌÁö
                        $subject=$data[subject]=stripslashes($data[subject]); // Á¦¸ñ
                        $subject=str_replace(""",""",$subject);
                        $homepage=str_replace(""",""",$homepage);
                        $name=str_replace(""",""",$name);
                        $sitelink1=str_replace(""",""",$sitelink1);
                                 $sitelink2=str_replace(""",""",$sitelink2);
                                                // Ãß°¡ ÇÊµå »ç¿ëÀ» À§ÇÑ Ãß°¡ by À¯¸Þ  
                                                $x=stripslashes($data[x]);
                                                $y=stripslashes($data[y]);
À§ºÎºÐÀ» ãÀ¸¼Å¼­ À§ÀÇ µÎÁÙÀ» Ãß°¡ÇØÁÖ¼¼¿ä.. ÀÌ°ÍÀ» ÇØÁÖ¼Å¾ß ÀúÀåµÈ °Ô½Ã¹°À» ¼öÁ¤ÇÒ¶§ x,y ÀÇ ³»¿ëÀÌ º¸ÀÌ°Ô µË´Ï´Ù.

¼¼¹ø° ¼öÁ¤ÇÒ ÆÄÀÏÀº write_ok.php ¹®ÀÔ´Ï´Ù. Á¶±Ý ¹Ù²Ù¾î¾ß ÇÒ ºÎºÐÀÌ ¸¹Àº ÆÄÀÏÀÌ´Ï ÁÖÀÇÇϽñ⠹ٶø´Ï´Ù.

// °¢Á¾ º¯¼öÀÇ addslashes ½ÃÅ´;;
       $homepage=addslashes(del_html($homepage));
        // ¿¹ºñ Ãß°¡ ÇÊµå »ç¿ëÀ» À§ÇÑ Ãß°¡ by À¯¸Þ
        $x=addslashes(del_html($x));
        $y=addslashes(del_html($y));

/***************************************************************************
* ¼öÁ¤±ÛÀ϶§
**************************************************************************/
minus_division($s_data[division]);
// ¿¹ºñ ÇÊµå ¼öÁ¤¸ðµå »ç¿ëÀ» À§ÇÑ Ãß°¡ by À¯¸Þ
@mysql_l_query("update $t_board"."_$id set headnum='$headnum',prev_no='$prev_no',next_no='$next_no',child='$child',depth='$depth',arrangenum='$arrangenum',father='$father',name='$name',email='$email',homepage='$homepage',subject='$subject',memo='$memo',sitelink1='$sitelink1',sitelink2='$sitelink2',use_html='$use_html',reply_mail='$reply_mail',is_secret='$is_secret',x='$x',y='$y',category='$category' $del_que1 $del_que2 where no='$no'") or error(mysql_error());
plus_division($division);

// ÀÏ¹Ý±Û -> °øÁö
@mysql_query("update $t_board"."_$id set division='$division',headnum='$headnum',prev_no='$prev_no',next_no='$next_no',child='$child',depth='$depth',arrangenum='$arrangenum',father='$father',name='$name',email='$email',homepage='$homepage',subject='$subject',memo='$memo',sitelink1='$sitelink1',sitelink2='$sitelink2',use_html='$use_html',reply_mail='$reply_mail',is_secret='$is_secret',x='$x',y='$y',category='$category' $del_que1 $del_que2 where no='$no'") or error(mysql_error());

// ÀϹÝ->ÀϹÝ, °øÁö->°øÁö À϶§
} else {
@mysql_query("update $t_board"."_$id set name='$name',subject='$subject',email='$email',homepage='$homepage',memo='$memo',sitelink1='$sitelink1',sitelink2='$sitelink2',use_html='$use_html',reply_mail='$reply_mail',is_secret='$is_secret',x='$x',y='$y',category='$category' $del_que1 $del_que2 where no='$no'") or error(mysql_error());
                        


/***************************************************************************
* ´äº¯±ÛÀ϶§
**************************************************************************/
// ´ä±Û µ¥ÀÌŸ ÀÔ·Â;;
mysql_query("insert into $t_board"."_$id (division,headnum,arrangenum,depth,prev_no,next_no,father,child,ismember,memo,ip,password,name,homepage,email,subject,use_html,reply_mail,category,is_secret,sitelink1,sitelink2,file_name1,file_name2,s_file_name1,s_file_name2,x,y,reg_date,islevel) values ('$division','$headnum','$arrangenum','$depth','$prev_no','$next_no','$father','$child','$member[no]','$memo','$ip','$password','$name','$homepage','$email','$subject','$use_html','$reply_mail','$category','$is_secret','$sitelink1','$sitelink2','$file_name1','$file_name2','$s_file_name1','$s_file_name2','$x','$y','$reg_date','$member[is_admin]')") or error(mysql_error());    

/***************************************************************************
* ½Å±Ô ±Û¾²±âÀ϶§
**************************************************************************/

mysql_query("insert into $t_board"."_$id (division,headnum,arrangenum,depth,prev_no,next_no,father,child,ismember,memo,ip,password,name,homepage,email,subject,use_html,reply_mail,category,is_secret,sitelink1,sitelink2,file_name1,file_name2,s_file_name1,s_file_name2,x,y,reg_date,islevel) values ('$division','$headnum','$arrangenum','$depth','$prev_no','$next_no','$father','$child','$member[no]','$memo','$ip','$password','$name','$homepage','$email','$subject','$use_html','$reply_mail','$category','$is_secret','$sitelink1','$sitelink2','$file_name1','$file_name2','$s_file_name1','$s_file_name2','$x','$y','$reg_date','$member[is_admin]')") or error(mysql_error());

À§¸¦ Àß ÂüÁ¶ÇϽðí ÇÊµå ³Ë³ËÇÏ°Ô ¾²¼¼¿ä!!!
 ´ñ±Û ³²±â±â