½ºÅ² Æú´õ³»¿¡ write_ok.php ¸¦ ¿¾îº¸¼¼¿ä!!
À§ÀÇ »ý·«... ³»·Á°¡´Ù º¸¸é...¾Æ·¡¿Í °°Àº ºÎºÐÀÌ º¸ÀÔ´Ï´Ù.
/***************************************************************************
* ¾÷·Îµå°¡ ÀÖÀ»¶§
**************************************************************************/
if($HTTP_POST_FILES[file1]) {
$file1 = $HTTP_POST_FILES[file1][tmp_name];
$file1_name = $HTTP_POST_FILES[file1][name];
$file1_size = $HTTP_POST_FILES[file1][size];
$file1_type = $HTTP_POST_FILES[file1][type];
}
if($HTTP_POST_FILES[file2]) {
$file2 = $HTTP_POST_FILES[file2][tmp_name];
$file2_name = $HTTP_POST_FILES[file2][name];
$file2_size = $HTTP_POST_FILES[file2][size];
$file2_type = $HTTP_POST_FILES[file2][type];
}
//Çѱ۱׸² °ü·Ã ÆÐÄ¡ ½ÃÀÛ
if($member[no]!=0) {
$user_no=$member[no];
$user_id_c=mysql_fetch_array(mysql_query("select user_id from $member_table where no='$user_no'"));
$user_id_r=$user_id_c[0];
}
else {
srand(time()); // Áߺ¹ ¹æÁö¸¦ À§ÇÑ ·¥´ýÃâ·Â.
$ran_c = (rand()%999); //0~999 ¼ýÀÚÁß ·£´ý Ãâ·Â
$user_id_r=$ran_c;
}
//Çѱ۱׸² °ü·Ã ÆÐÄ¡ ³¡
if($file1_size>0&&$setup[use_pds]&&$file1) {
if(!is_uploaded_file($file1)) ggambo_alert("Á¤»óÀûÀÎ ¹æ¹ýÀ¸·Î ¾÷·Îµå ÇØÁÖ¼¼¿ä");
if($file1_name==$file2_name) ggambo_alert("°°Àº ÆÄÀÏÀº µî·ÏÇÒ¼ö ¾ø½À´Ï´Ù");
$file1_size=filesize($file1);
if($setup[max_upload_size]<$file1_size&&!$is_admin) ggambo_alert("ù¹ø° ÆÄÀÏ ¾÷·Îµå´Â ÃÖ°í ".GetFileSize($setup[max_upload_size])." ±îÁö °¡´ÉÇÕ´Ï´Ù");
// ¾÷·Îµå ±ÝÁö
if($file1_size>0) {
$s_file_name1=$file1_name;
if(eregi("\.inc",$s_file_name1)||eregi("\.phtm",$s_file_name1)||eregi("\.htm",$s_file_name1)||eregi("\.shtm",$s_file_name1)||eregi("\.ztx",$s_file_name1)||eregi("\.php",$s_file_name1)||eregi("\.dot",$s_file_name1)||eregi("\.asp",$s_file_name1)||eregi("\.cgi",$s_file_name1)||eregi("\.pl",$s_file_name1)) ggambo_alert("Html, PHP °ü·ÃÆÄÀÏÀº ¾÷·ÎµåÇÒ¼ö ¾ø½À´Ï´Ù");
//È®ÀåÀÚ °Ë»ç
if($setup[pds_ext1]) {
$temp=explode(".",$s_file_name1);
$s_point=count($temp)-1;
$upload_check=$temp[$s_point];
if(!eregi($upload_check,$setup[pds_ext1])||!$upload_check) ggambo_alert("ù¹ø° ¾÷·Îµå´Â $setup[pds_ext1] È®ÀåÀÚ¸¸ °¡´ÉÇÕ´Ï´Ù");
}
$file1=eregi_replace("\\\\","\\",$file1);
$s_file_name1 = preg_replace("/\.(php|phtm|htm|cgi|pl|exe|jsp|asp|inc|php3|php4|php5|html|htaccess|ztx|dot|dat|phtml|shtml|shtm)/i", "$0-x", $s_file_name1);
$s_file_name1=str_replace(" ","_",$s_file_name1);
$s_file_name1=str_replace("-","_",$s_file_name1);
$s_file_name1 = str_replace('%', '', $s_file_name1);
preg_match('/\.([^.]+)$/', $s_file_name1, $match1);
$file_name1_type=$match1[1];
if(eregi("\.jpg|\.png|\.gif|\.jpeg|\.bmp",$file_name1_type)) {
$s_file_name1 = rawurlencode($s_file_name1);
}
// µð·ºÅ丮¸¦ °Ë»çÇÔ
if(!is_dir($_zb_path."data/".$id)) {
@mkdir($_zb_path."data/".$id,0777);
@chmod($_zb_path."data/".$id,0707);
}
// ÇѱÛÀ̸§ÀÎ ±×¸²ÈÀÏÀÎ °æ¿ì ³¯Â¥·Î ÈÀÏ¸í º¯È¯ ½ÃÀÛ
preg_match('/.([^.]+)$/', $s_file_name1, $match1);
$gfile_name1_type=$match1[1];
if((eregi("jpg",$gfile_name1_type))||(eregi("gif",$gfile_name1_type))||(eregi("bmp",$gfile_name1_type))||(eregi("png",$gfile_name1_type))) {
if(eregi("jpg",$gfile_name1_type)) $temp_c1="jpg";
elseif(eregi("gif",$gfile_name1_type)) $temp_c1="gif";
elseif(eregi("bmp",$gfile_name1_type)) $temp_c1="bmp";
else $temp_c1="png";
if(eregi("'",$s_file_name1)) {
$temp_name1=$user_id_r."_".time()."_01";
$s_file_name1 = "$temp_name1.$temp_c1";
}
else {
for($i2=0;$i2<strlen($s_file_name1);$i2++)
{
if(ord($s_file_name1[$i2])>0x80)
{
$temp_name1=$user_id_r."_".time()."_01";
$s_file_name1 = "$temp_name1.$temp_c1";
break;
}
}
}
}
// ÇѱÛÀ̸§ÀÎ ±×¸²ÈÀÏÀÎ °æ¿ì ³¯Â¥·Î ÈÀÏ¸í º¯È¯ ³¡
// Áߺ¹ÆÄÀÏÀÌ ÀÖÀ»¶§;;
if(file_exists($_zb_path."data/$id/".$s_file_name1)) {
@mkdir($_zb_path."data/$id/".$reg_date,0777);
if(!move_uploaded_file($file1,$_zb_path."data/$id/".$reg_date."/".$s_file_name1)) ggambo_alert("ÆÄÀϾ÷·Îµå°¡ Á¦´ë·Î µÇÁö ¾Ê¾Ò½À´Ï´Ù");
$file_name1="data/$id/".$reg_date."/".$s_file_name1;
@chmod($_zb_path.$file_name1,0707);
@chmod($_zb_path."data/$id/".$reg_date,0707);
} else {
if(!move_uploaded_file($file1,$_zb_path."data/$id/".$s_file_name1)) ggambo_alert("ÆÄÀϾ÷·Îµå°¡ Á¦´ë·Î µÇÁö ¾Ê¾Ò½À´Ï´Ù");
$file_name1="data/$id/".$s_file_name1;
@chmod($_zb_path.$file_name1,0707);
}
}
}
if($file2_size>0&&$setup[use_pds]&&$file2) {
if(!is_uploaded_file($file2)) ggambo_alert("Á¤»óÀûÀÎ ¹æ¹ýÀ¸·Î ¾÷·Îµå ÇØÁÖ¼¼¿ä");
$file2_size=filesize($file2);
if($setup[max_upload_size]<$file2_size&&!$is_admin) ggambo_alert("ÆÄÀÏ ¾÷·Îµå´Â ÃÖ°í ".GetFileSize($setup[max_upload_size])." ±îÁö °¡´ÉÇÕ´Ï´Ù");
if($file2_size>0) {
$s_file_name2=$file2_name;
if(eregi("\.inc",$s_file_name2)||eregi("\.pht",$s_file_name2)||eregi("\.htm",$s_file_name2)||eregi("\.shtml",$s_file_name2)||eregi("\.ztx",$s_file_name2)||eregi("\.php",$s_file_name2)||eregi("\.dot",$s_file_name1)||eregi("\.asp",$s_file_name2)||eregi("\.cgi",$s_file_name2)||eregi("\.pl",$s_file_name2)) ggambo_alert("Html, PHP °ü·ÃÆÄÀÏÀº ¾÷·ÎµåÇÒ¼ö ¾ø½À´Ï´Ù");
//È®ÀåÀÚ °Ë»ç
if($setup[pds_ext2]) {
$temp=explode(".",$s_file_name2);
$s_point=count($temp)-1;
$upload_check=$temp[$s_point];
if(!eregi($upload_check,$setup[pds_ext2])||!$upload_check) ggambo_alert("¾÷·Îµå´Â $setup[pds_ext2] È®ÀåÀÚ¸¸ °¡´ÉÇÕ´Ï´Ù");
}
$file2=eregi_replace("\\\\","\\",$file2);
$s_file_name2 = preg_replace("/\.(php|phtm|htm|cgi|pl|exe|jsp|asp|inc|php3|php4|php5|html|htaccess|ztx|dot|dat|phtml|shtml|shtm)/i", "$0-x", $s_file_name2);
$s_file_name2=str_replace(" ","_",$s_file_name2);
$s_file_name2=str_replace("-","_",$s_file_name2);
$s_file_name2 = str_replace('%', '', $s_file_name2);
preg_match('/\.([^.]+)$/', $s_file_name2, $match2);
$file_name2_type=$match2[1];
if(eregi("\.jpg|\.png|\.gif|\.jpeg|\.bmp",$file_name2_type)) {
$s_file_name2 = rawurlencode($s_file_name2);
}
// µð·ºÅ丮¸¦ °Ë»çÇÔ
if(!is_dir($_zb_path."data/".$id)) {
mkdir($_zb_path."data/".$id,0777);
@chmod($_zb_path."data/".$id,0707);
}
// ÇѱÛÀ̸§ÀÎ ±×¸²ÈÀÏÀÎ °æ¿ì ³¯Â¥·Î ÈÀÏ¸í º¯È¯
preg_match('/.([^.]+)$/', $s_file_name2, $match2);
$gfile_name2_type=$match2[1];
if((eregi("jpg",$gfile_name2_type))||(eregi("gif",$gfile_name2_type))||(eregi("bmp",$gfile_name2_type))||(eregi("png",$gfile_name2_type))) {
if(eregi("jpg",$gfile_name2_type)) $temp_c2="jpg";
elseif(eregi("gif",$gfile_name2_type)) $temp_c2="gif";
elseif(eregi("bmp",$gfile_name2_type)) $temp_c2="bmp";
else $temp_c2="png";
if(eregi("'",$s_file_name2)) {
$temp_name2=$user_id_r."_".time()."_02";
$s_file_name2 = "$temp_name2.$temp_c2";
}
else {
for($i2=0;$i2<strlen($s_file_name2);$i2++)
{
if(ord($s_file_name2[$i2])>0x80)
{
$temp_name2=$user_id_r."_".time()."_02";
$s_file_name2 = "$temp_name2.$temp_c2";
break;
}
}
}
}
// ÇѱÛÀ̸§ÀÎ ±×¸²ÈÀÏÀÎ °æ¿ì ³¯Â¥·Î ÈÀÏ¸í º¯È¯ ³¡
// Áߺ¹ÆÄÀÏÀÌ ÀÖÀ»¶§;;
if(file_exists($_zb_path."data/$id/".$s_file_name2)) {
@mkdir($_zb_path."data/$id/".$reg_date,0777);
if(!move_uploaded_file($file2,$_zb_path."data/$id/".$reg_date."/".$s_file_name2)) ggambo_alert("ÆÄÀϾ÷·Îµå°¡ Á¦´ë·Î µÇÁö ¾Ê¾Ò½À´Ï´Ù");
$file_name2="data/$id/".$reg_date."/".$s_file_name2;
@chmod($_zb_path.$file_name2,0707);
@chmod($_zb_path."data/$id/".$reg_date,0707);
} else {
if(!move_uploaded_file($file2,$_zb_path."data/$id/".$s_file_name2)) ggambo_alert("ÆÄÀϾ÷·Îµå°¡ Á¦´ë·Î µÇÁö ¾Ê¾Ò½À´Ï´Ù");
$file_name2="data/$id/".$s_file_name2;
@chmod($_zb_path.$file_name2,0707);
}
}
}
----------------------------------------------- ¿©±â±îÁö ---------------------------------------
À§ÀÇ ±Û ³»¿ë ÁÖ¼®¿¡ º¸½Ã¸é ÇÑ±Û ....ÈÀÏ¸í ½ÃÀÛ, ±×¸®°í ³¡ À̶ó´Â ºÎºÐÀÌ ÀÖ½À´Ï´Ù.
±×ºÎºÐ¸¸ Àß¶ó³»¾î¼ ÇØ´çÇÏ´Â À§Ä¡¿¡ ³Ö¾îÁÖ½Ã¸é µË´Ï´Ù.
¿¹¸¦ µéÀÚ¸é ¾Æ·¡Ã³·³...
-----------------------------------------------¾Æ·¡³»¿ë------------------------------------
//Çѱ۱׸² °ü·Ã ÆÐÄ¡ ½ÃÀÛ
if($member[no]!=0) {
$user_no=$member[no];
$user_id_c=mysql_fetch_array(mysql_query("select user_id from $member_table where no='$user_no'"));
$user_id_r=$user_id_c[0];
}
else {
srand(time()); // Áߺ¹ ¹æÁö¸¦ À§ÇÑ ·¥´ýÃâ·Â.
$ran_c = (rand()%999); //0~999 ¼ýÀÚÁß ·£´ý Ãâ·Â
$user_id_r=$ran_c;
}
//Çѱ۱׸² °ü·Ã ÆÐÄ¡ ³¡
-----------------------------------------------¿©±â±îÁö----------------------------------
ÀÌ·±½ÄÀ¸·Î ÀÖÀ¸´Ï±î, º¸½Ã°í ºñ±³ÇÏ¸é¼ ºÙ¿©³Ö±â ÇϽʽÿÀ.