referer(REFERER,$HTTP_REFERER); $tpl = new tpl; $file = new file; if(eregi("index.htm", $SCRIPT_NAME)) $pa="."; else $pa=".."; switch($type){ default: switch($shop_page){ //¸ÞÀÎ default: /*ÇÁ·Î´öÆ®*/ case "brand": if($mode == "review" && $board_type == "write"){ if(!${COOKIE_USER}){ $msg = "ȸ¿ø ¼­ºñ½º ÀÔ´Ï´Ù. ·Î±×ÀÎ ÈÄ ÀÌ¿ëÇϼ¼¿ä."; $javascript->error_mesg($msg); } } if($mode == "review" && $board_type == "insert"){ $_POST["userid"] = ${COOKIE_USER}; $_POST["name"] = ${COOKIE_NAME}; $_POST["email"] = ${COOKIE_EMAIL}; $_POST["ip"] = $REMOTE_ADDR; $db -> insert(REVIEW, $_POST); $msg = "»óÇ° Èıâ Æò°¡°¡ ¼º°øÀûÀ¸·Î ÀÌ·ç¾î Á³½À´Ï´Ù."; $link = "$PHP_SELF?shop_page=brand&mode=read&brandcode=$brandcode&page=$page#review"; $javascript->mesg_link($msg, $link); } if($mode == "review" && $board_type == "delete"){ $sql = "select * from ".REVIEW." where id = '$id'"; $rs = $db -> query($sql); $row = $db -> fetch_array($rs); if($row[userid] == ${COOKIE_USER}){ $sql = "delete from ".REVIEW." where id = '$id'"; $rs = $db -> query($sql); $link = "$PHP_SELF?shop_page=brand&mode=read&brandcode=$brandcode&page=$page#review"; $javascript->mesg_link("»èÁ¦ ¼º°ø", $link); }else{ $javascript->error_mesg("ȸ¿ø´ÔÀÌ µî·ÏÇϽŠÀÚ·á°¡ ¾Æ´Õ´Ï´Ù."); } } include ("tmp/shop/".$shop_setup["shop_skin"]."/top.htm"); switch($mode){ case "read": echo $fun -> category_location_mall($brandcode); echo $fun -> category_product_read($brandcode); //echo $fun -> brand_board($brandcode); break; case "search": //¼­Ä¡ //include ("/tmp/shop/".$shop_setup["shop_skin"]."/brand/search.htm"); echo $fun -> category_location_mall(search); echo $fun -> category_product_list2( $code, 4, 10, $_BRAND_SKIN_["brand_l_start"], $_BRAND_SKIN_["brand_l_end"], $words, 4 ); break; case "review": switch($board_type){ case "write": echo $fun -> category_location($brandcode); echo $fun -> category_product_read($brandcode); echo $fun -> brand_board_write($brandcode); break; case "read": echo $fun -> category_location($brandcode); echo $fun -> category_product_read($brandcode); echo $fun -> brand_board_read($brandcode); break; } break; default://»óÇ° Ãâ·Â ÆäÀÌÁö**** //echo $fun -> category_location($code); //echo $fun -> category_list($code); //Ãßõ»óÇ°->brand_sp_start echo $fun -> category_product_list( $code, 3, 3, $_BRAND_SKIN_["brand_sp_start"], $_BRAND_SKIN_["brand_sp_end"], 4 ); $sql = "select * from ".CATEGORY." where code = '$code'"; $rsc = $db -> query($sql); $roc = $db -> fetch_array($rsc); //¸®½ºÆ®-brand_l_start if($roc[category_skin] == 1){//4-ÇÑÁÙ,12-Àüü Ãâ·Â¼ö //ÄÚµå, TR, LIMIT, ½ºÅ²ÆÄÀϽÃÀÛ, ½ºÅ²ÆÄÀϳ¡, »óÇ°À§Ä¡ echo $fun -> category_product_list( $code, 4, 100, $_BRAND_SKIN_["brand_l_start"], $_BRAND_SKIN_["brand_l_end"] ); //°¶·¯¸® }else{//Ä«Å×°í¸®±¸ºÐ¾øÀÌ ³ª¿È. //ÄÚµå, TR, LIMIT, ½ºÅ²ÆÄÀϽÃÀÛ, ½ºÅ²ÆÄÀϳ¡, »óÇ°À§Ä¡ echo $fun -> category_product_list( $code, 4, 30, $_BRAND_SKIN_["brand_g_start"], $_BRAND_SKIN_["brand_g_end"] ); } break; } echo "sdfsf"; include ("tmp/shop/".$shop_setup["shop_skin"]."/bottom.htm"); break; /*ÇÁ·Î´öÆ®*/ }//switch($shop_page) case "list": echo ""; //include ("tmp/shop/".$shop_setup["shop_skin"]."/top.htm"); $level_result = $fun -> auth_level(${COOKIE_LEVEL}); //echo $board_setup[top_html]; if($board_setup["bbs_type"] == "board"){ if($tpl_type){ $tpl -> init($DOCUMENT_ROOT."/tmp/".$board_setup["bbs_type"]."/".$board_setup["skin"]."/list.htm", $tpl_type[0], $tpl_type[1]); }else if(eregi("int_",$code)){ $where = " where code is not null && substring(code,1,3)='int' order by code ASC "; list($rs, $total, $totalpage, $j, $page) = $db -> select_list_page(BBS_SETUP, $where, $page, $pagesize); $sql="select code,name from systembase_bbs_setup where code is not null && substring(code,1,3)='int' order by code ASC "; $rs=$db->query($sql); /* echo" "; echo"

==¼±ÅÃ==";//onchange=\"gourl()\"; while($row = $db -> fetch_array($rs)){ echo"$row[name]"; } echo"

"; */ $tpl -> init($DOCUMENT_ROOT."/tmp/".$board_setup["bbs_type"]."/".$board_setup["skin"]."/list.htm"); }else{ $tpl -> init($DOCUMENT_ROOT."/tmp/".$board_setup["bbs_type"]."/".$board_setup["skin"]."/list.htm"); } if($part1) $sql_ = " and section Like '%$part1%' "; if($word) $sql_ = " and $part Like '%$word%' "; $sql = "select count(*) from ".BBS." where code = '$code' $sql_ "; $rs = $db -> query($sql); $row = $db -> fetch_array($rs); $total = $row[0]; $totalpage = ceil($total/$board_setup["pagesize"]); $start = ($page - 1) * $board_setup["pagesize"]; $j = $total - ($page - 1) * $board_setup["pagesize"]; $sql = "select * from ".BBS." where code = '$code' $sql_ "; $sql .= "order by grp desc,stp asc limit $start, ".$board_setup["pagesize"]; $rs = $db -> query($sql); $tpl -> replace("go", $go); $tpl -> replace("action", $PHP_SELF); $tpl -> replace("type", $type); $tpl -> replace("title", "±Û¸ñ·Ï"); $tpl -> replace("board_name", $board_setup["name"]); $tpl -> replace("code", $code); $tpl -> replace("word", $word); $tpl -> replace("part", $part); $tpl -> replace("total", $total); $tpl -> replace("page", $page); $tpl -> replace("totalpage", $totalpage); $tpl -> replace("write_button", "±Û¾²±â"); $tpl -> replace("write_button_link", $_LINK_["write"]); $tpl -> replace("reset_button", "»õ·Î°íħ"); $tpl -> replace("reset_button_link", $_LINK_["reset"]); $search = "&code=$code&type=list$_SEARCH_"; //°Ô½ÃÆÇ ÆäÀÌ¡ ½ºÅ² $tpl -> replace("pageing", $fun->pageing1($totalpage, $total, $page, $search, 10)); if($total == 0){ $prge_msg = ""; $prge_msg .= "µî·Ï(°Ë»ö)µÈ °Ô½Ã¹°ÀÌ ¾ø½À´Ï´Ù."; $tpl->template = preg_replace("/(.*)/sU",$prge_msg,$tpl->template); }else{ $tpl -> loop("", ""); while($row = $db -> fetch_array($rs)){ $reply = $fun -> reply_par($row[loc], $row[subject]); $_LINK_["read"] = "$PHP_SELF?code=$code&type=read&id=$row[id]&page=$page$_SEARCH_"; $new_icon = " "; $sql = "select * from ".BBS_MEMO." where parent = '$row[id]'"; $rsm = $db -> query($sql); if($db -> num_rows($rsm) != 0){ $memo_icon = " (".$db -> num_rows($rsm).")"; } $section=$row[section]; $subject = $fun->search_red($fun->cutting($row[subject],$board_setup["subject_limit"]),$word); $name = ($row[email]) ? "$row[name]" : $row[name]; $loop_key = array( "count", "section", "subject", "memo_icon", "name", "wdate", "read_link", "hit", "vote", "new", "tr_color", "tr_color_p" ); $loop_value = array( $j, $section, $reply.$subject, $memo_icon, $name, $fun->today_red($row[wdate],10), $_LINK_["read"], number_format($row[hit]), number_format($row[vote]), (date("Y-m-d") == substr($row[wdate],0,10)) ? $new_icon : "", ($row[id] == $id) ? "#f4f4f4" : "#ffffff", (($j%2) == 0) ? "#f4f4f4" : "#ffffff", ); $tpl -> replace($loop_key, $loop_value); $j--; unset($nbsp, $memo_icon); } } $tpl -> display(); }else if($board_setup["bbs_type"] == "gallery"){ include ("./include/gallery.htm"); } //echo $board_setup[bottom_html]; //include ("tmp/shop/".$shop_setup["shop_skin"]."/bottom.htm"); break; case "write": case "modify": case "delete": case "reply": $level_result = $fun -> auth_level(${COOKIE_LEVEL}); //include ("tmp/shop/".$shop_setup["shop_skin"]."/top.htm"); //echo $board_setup[top_html]; //echo ""; if($board_setup["bbs_type"] == "board"){ $tpl -> init($DOCUMENT_ROOT."/tmp/".$board_setup["bbs_type"]."/".$board_setup["skin"]."/write.htm"); if($type == "modify" || $type == "delete" || $type == "reply"){ $sql = "select * from ".BBS." where code = '$code' and id = '$id'"; $rs = $db -> query($sql); $row = $db -> fetch_array($rs); } $tpl -> replace("action", $PHP_SELF); switch($type){ case "write": $tpl -> replace("type", "insert"); $tpl -> replace("write_submit", "ÀúÀåÇϱâ"); $tpl -> replace("title", "±Û¾²±â"); $tpl -> replace("section", "");//Ãß°¡ $tpl -> replace("subject", ""); $tpl -> replace("name", ""); $tpl -> replace("email", ""); $tpl -> replace("homepage", ""); $tpl -> replace("content", ""); $tpl -> replace("button_url", "../images/community/borad_btn_write.gif"); break; case "modify": $tpl -> replace("type", "update"); $tpl -> replace("write_submit", "¼öÁ¤Çϱâ"); $tpl -> replace("title", "±Û¼öÁ¤"); $tpl -> replace("section", $row[section]); $tpl -> replace("subject", $row[subject]); $tpl -> replace("name", $row[name]); $tpl -> replace("email", $row[email]); $tpl -> replace("homepage", $row[homepage]); $tpl -> replace("content", $row[content]); $tpl -> replace("button_url", "../images/community/board_edit.gif"); if(${COOKIE_LEVEL}=='1' ){ $tpl -> replace("pass", $row[pass]);//Ãß°¡ } break; case "delete": $tpl -> replace("type", "delete_result"); $tpl -> replace("write_submit", "»èÁ¦Çϱâ"); $tpl -> replace("title", "±Û»èÁ¦"); $tpl -> replace("section", $row[section]); $tpl -> replace("button_url", "../images/community/board_delete.gif"); if(${COOKIE_LEVEL}=='1' ){ $tpl -> replace("pass", $row[pass]);//Ãß°¡ } $tpl -> replace("subject", $row[subject]); $tpl -> replace("name", $row[name]); $tpl -> replace("email", $row[email]); $tpl -> replace("homepage", $row[homepage]); $tpl -> replace("content", $row[content]); break; case "reply": $content = "\n\n\n> ".str_replace("\n", "> ", $row[content]); $tpl -> replace("type", "reply_insert"); $tpl -> replace("write_submit", "´äº¯´Þ±â"); $tpl -> replace("title", "´äº¯¾²±â"); $tpl -> replace("section", $row[section]); $tpl -> replace("subject", "[Re] ".$row[subject]); $tpl -> replace("name", ""); $tpl -> replace("email", ""); $tpl -> replace("homepage", ""); $tpl -> replace("content", $content); $tpl -> replace("button_url", "../images/community/borad_btn_write.gif"); break; } $tpl -> replace("oldfile", $row[file]); $tpl -> replace("board_name", $board_setup["name"]); $tpl -> replace("code", $code); $tpl -> replace("id", $id); $tpl -> replace("page", $page); $tpl -> replace("word", $word); $tpl -> replace("part", $part); $tpl -> replace("pass", ""); $tpl -> replace("file_size", $board_setup["file_size"]); $tpl -> replace("write_back", "¸ñ·Ïº¸±â"); $tpl -> replace("write_back_link", $_LINK_["list"]); if($board_setup["file_use"] == 2){ $tpl->template = preg_replace("/(.*)/sU","",$tpl->template); }else{ $tpl -> loop("", ""); for($i = 1 ; $i <= $board_setup["file_number"] ; $i ++){ @$file_exp = explode(",", $row[file]); $file_view = "
    À̹ÌÁö »èÁ¦"; $file_view .= "
     replace($loop_key, $loop_value); } } $tpl -> display(); }else if($board_setup["bbs_type"] == "gallery"){ include ("./include/write.htm"); } //echo $board_setup[bottom_html]; //include ("tmp/shop/".$shop_setup["shop_skin"]."/bottom.htm"); break; case "read": echo ""; $level_result = $fun -> auth_level(${COOKIE_LEVEL}); //include ("tmp/shop/".$shop_setup["shop_skin"]."/top.htm"); //echo $board_setup[top_html]; //echo $code; exit; //echo ${COOKIE_LEVEL};exit; if(${COOKIE_LEVEL}=='1' && $code=='qna'){ $tpl -> init($DOCUMENT_ROOT."/tmp/".$board_setup["bbs_type"]."/".$board_setup["skin"]."/read1.htm"); }else{ $tpl -> init($DOCUMENT_ROOT."/tmp/".$board_setup["bbs_type"]."/".$board_setup["skin"]."/read.htm"); } //Á¶È¸¼ö $sql = "update ".BBS." set hit = hit + 1 where code = '$code' and id = '$id'"; $rs = $db -> query($sql); //±ÛÁ¤º¸Àбâ $sql = "select * from ".BBS." where code = '$code' and id = '$id'"; $rs = $db -> query($sql); $row = $db -> fetch_array($rs); //°Ë»öÀÏ°æ¿ì if($word) $sql_ = " and $part Like '%$word%' "; //ÀÌÀü °Ô½Ã¹° ¾Ë¾Æ³»±â $sql = "select id,grp,stp,loc,subject from ".BBS." where code = '$code' $sql_ "; $sql .= "order by grp DESC, stp ASC"; $rsx = $db -> query($sql); list($prev, $next, $page_loc) = $fun -> read_pageing($rsx, $id); //ÇöÀçÆäÀÌÁö $page = ceil(($page_loc == 0) ? 1 : ($page_loc + 1)/$board_setup["pagesize"]); //ÆäÀÌÁö¸µÅ© $_LINK_["prev"] = "$PHP_SELF?code=$code&type=read&id=$prev[id]&page=$page$_SEARCH_"; $_LINK_["next"] = "$PHP_SELF?code=$code&type=read&id=$next[id]&page=$page$_SEARCH_"; //´äº¯ÀÏ°æ¿ì $reply_prev = $fun -> reply_par($prev[loc]); $reply_next = $fun -> reply_par($next[loc]); //ÆÄÀÏÀÌ ÀÖÀ¸¸é ó¸®ÇϴºκРif($row[file]){ if(eregi("index.htm", $SCRIPT_NAME)) $pa="."; else $pa=".."; /* if($board_setup["skin"]=='data') $pa=".."; else $pa="."; */ $file_name = $fun -> file_info($row[file],$pa); if($board_setup["skin"]=="intranet"){ $file_content = $fun -> image_view($row[file]); }else{ $file_content = $fun -> image_view1($row[file]); } }else{ $tpl->template = preg_replace("/(.*)/sU","",$tpl->template); } //°øÁö»çÇ×ÀÌ¸é ¼öÁ¤»èÁ¦¸¦ ÇÏÁö ¾Ê´Â´Ù. if($board_setup["bbs_sub_type"] == "notice" && !${COOKIE_LEVEL}){ $tpl->template = preg_replace("/(.*)/sU","",$tpl->template); } //°ªº¯È¯ $tpl -> replace("action", $PHP_SELF); $tpl -> replace("title", "±ÛÀбâ"); $tpl -> replace("board_name", $board_setup["name"]); $tpl -> replace("name", $row[name]); $tpl -> replace("email", $fun->autolink($row[email])); $tpl -> replace("homepage", $fun->autolink($row[homepage])); $tpl -> replace("section", $row[section]); $tpl -> replace("subject", $fun->search_red($row[subject],$word)); $tpl -> replace("file", $file_name); $tpl -> replace("content", $file_content.nl2br($fun->search_red($row[content],$word))); $tpl -> replace("wdate", $fun -> today_red($row[wdate],20)); $tpl -> replace("hit", number_format($row[hit])); $tpl -> replace("vote", number_format($row[vote])); $tpl -> replace("ip", $row[ip]); $tpl -> replace("id", $row[id]); //ÆäÀÌÁö¸µÅ©°ªº¯È¯ if($prev[id] != $id){ $tpl -> replace("prev", $reply_prev.$prev["subject"]); $tpl -> replace("prev_link", $_LINK_["prev"]); }else{ $tpl -> replace("prev", ""); $tpl -> replace("prev_link", "javascript:alert('°Ô½Ã¹°ÀÌ ¾ø½À´Ï´Ù.');"); } if($next[id] != ""){ $tpl -> replace("next", $reply_next.$next["subject"]); $tpl -> replace("next_link", $_LINK_["next"]); }else{ $tpl -> replace("next", ""); $tpl -> replace("next_link", "javascript:alert('°Ô½Ã¹°ÀÌ ¾ø½À´Ï´Ù.');"); } //¹öÆ° $tpl -> replace("reply_button", "´äº¯´Þ±â"); $tpl -> replace("reply_button_link", $_LINK_["reply"]); $tpl -> replace("write_button", "±Û¾²±â"); $tpl -> replace("write_button_link", $_LINK_["write"]); $tpl -> replace("list_button", "±Û¸ñ·Ï"); $tpl -> replace("list_button_link", $_LINK_["list"]); $tpl -> replace("modify_button", "±Û¼öÁ¤"); $tpl -> replace("modify_button_link", $_LINK_["modify"]); $tpl -> replace("delete_button", "±Û»èÁ¦"); $tpl -> replace("delete_button_link", $_LINK_["delete"]); $tpl -> replace("vote_button", "Ãßõ"); $tpl -> replace("vote_button_link", $_LINK_["vote_link"]); //¸Þ¸ð »ç¿ë¿©ºÎ if($board_setup["memo_use"] == 1){ $tpl -> replace("action", $PHP_SELF); $tpl -> replace("code", $code); $tpl -> replace("type", "memo_insert"); $tpl -> replace("word", $word); $tpl -> replace("part", $part); $tpl -> replace("total", $total); $tpl -> replace("page", $page); $tpl -> replace("id", $id); }else{ $tpl->template = preg_replace("/(.*)/sU","",$tpl->template); } //¸Þ¸ð»ç¿ëÀÌ¸é ¸Þ¸ð Ãâ·Â if($board_setup["memo_use"] == 1){ $sql = "select * from ".BBS_MEMO." where parent = '$id' order by id asc"; $rsm = $db -> query($sql); if($db -> num_rows($rsm) == 0){ $tpl->template = preg_replace("/(.*)/sU","",$tpl->template); }else{ $tpl -> loop("", ""); while($row = $db -> fetch_array($rsm)){ $_LINK_["memo_del_link"] = "$PHP_SELF?code=$code&type=memo_delete&id=$row[id]&parent=$id&page=$page$_SEARCH_"; $loop_key = array( "memo_content", "memo_name", "memo_wdate", "memo_del_link" ); $loop_value = array( nl2br($row[content]), $row[name], $fun->today_red($row[wdate],20), $_LINK_["memo_del_link"] ); $tpl -> replace($loop_key, $loop_value); } } }else{ $tpl->template = preg_replace("/(.*)/sU","",$tpl->template); } $tpl -> display(); //¸®½ºÅ© Ãâ·Â if($board_setup["list_use"] == 1){ $tpl_type = array("", ""); $type = "list"; include ($DOCUMENT_ROOT."/bbs/list.htm"); } //echo $board_setup[bottom_html]; //include ("tmp/shop/".$shop_setup["shop_skin"]."/bottom.htm"); break; case "memo_delete": include ("tmp/shop/".$shop_setup["shop_skin"]."/top.htm"); $tpl -> init("tmp/".$board_setup["bbs_type"]."/".$board_setup["skin"]."/delete.htm"); $tpl -> replace("title", "¸Þ¸ð»èÁ¦"); $tpl -> replace("action", $PHP_SELF); $tpl -> replace("code", $code); $tpl -> replace("type", "memo_delete_result"); $tpl -> replace("word", $word); $tpl -> replace("part", $part); $tpl -> replace("page", $page); $tpl -> replace("id", $id); $tpl -> replace("parent", $parent); $tpl -> display(); include ("tmp/shop/".$shop_setup["shop_skin"]."/bottom.htm"); break; case "insert": if(eregi("index.htm", $SCRIPT_NAME)) $pa="."; else $pa=".."; /* if($board_setup["skin"]=='data') $pa=".."; else $pa="."; */ $_POST["file"] = implode(",", $fun -> upload($pa)); $_POST["ip"] = $REMOTE_ADDR; $_POST["hit"] = 0; $_POST["loc"] = 0; $_POST["stp"] = 0; if($board_setup["skin"]=='data') $web_edit -> insert($_POST["content"]); $insert_id = $db -> insert(BBS, $_POST); $sql = "update ".BBS." set grp = '$insert_id' where id = '$insert_id'"; $rs = $db -> query($sql); if($insert_id) $javascript -> mesg_link($_MSG_["insert_true"], $_LINK_["insert_result"]); else $javascript -> error_mesg($_MSG_["insert_false"]); break; case "reply_insert": $sql = "select grp,stp,loc from ".BBS." where code = '$code' and id = '$id'"; $rs = $db -> query($sql); $row = $db -> fetch_array($rs); $grp = $row[0]; $loc = $row[1]; $stp = $row[2]; $sql1 ="select grp,loc,stp from ".BBS." where code = '$code' and grp = $grp and stp > $stp "; $sql1 .= "and loc <= $loc order by stp"; $rs1 = $db -> query($sql1); $row1 = $db -> fetch_row($rs1); if($row1[0]){ $br_str = $row1[2]; $sql2 = "select grp,loc,stp from ".BBS." where code = '$code' and grp = $grp "; $sql2 .= "and stp > $stp and stp < $br_str and loc > $loc order by stp desc"; }else{ $sql2 = "select grp,loc,stp from ".BBS." where code = '$code' and grp = $grp "; $sql2 .= "and stp > $stp and loc > $loc order by stp desc"; } $rs2 = $db -> query($sql2); $row2 = $db -> fetch_row($rs2); if($row2[0]) $stp = $row2[2]; $sql3 ="update ".BBS." set stp = stp + 1 where code = '$code' and grp = $grp and stp > $stp"; $rs3 = $db -> query($sql3); $_POST["file"] = @implode(",", $fun -> upload()); $_POST["stp"] = $stp + 1; $_POST["loc"] = $loc + 1; $_POST["grp"] = $grp; $_POST["hit"] = 0; $_POST["subject"] = str_replace("[Re] ", "", $subject); $_POST["ip"] = $REMOTE_ADDR; $insert_id = $db -> insert(BBS, $_POST); if($insert_id) $javascript -> mesg_link($_MSG_["reply_true"], $_LINK_["reply_result"]); else $javascript -> error_mesg($_MSG_["reply_false"]); break; case "delete_result": $sql = "select * from ".BBS." where code = '$code' and id = '$id'"; $rs = $db -> query($sql); $row = $db -> fetch_array($rs); if($row[pass] == $_POST["pass"] || $board_setup["bbs_admin_pass"] == $_POST["pass"]){ $sql = "delete from ".BBS." where code = '$code' and id = '$id'"; $rs = $db -> query($sql); $exp = @explode(",", $row[file]); while(list($k, $v) = each($exp)) @unlink("../data/$code/$v"); reset($exp); while(list($k, $v) = each($exp)) @unlink("../data/$code/imageS/$v"); if($_GET["loc"]) $javascript -> opener("reload", $_MSG_["delete_true"]); else $javascript -> mesg_link($_MSG_["delete_true"], $_LINK_["delete_result"]); } $javascript -> error_mesg($_MSG_["delete_false"]); break; case "update": $sql = "select * from ".BBS." where code = '$code' and id = '$id'"; $rs = $db -> query($sql); $row = $db -> fetch_array($rs); //faq,news,Âü°íÀÚ·á °Ô½ÃÆÇÀº ºñ¹ø ¾øÀÌ ¼öÁ¤ if($board_setup["code"]=='faq' || $board_setup["code"]=='news' || $board_setup["code"]=='data') { $_POST["file"] = @implode(",", $fun -> modify_upload($pa)); if($_POST["file"] == str_repeat(",",($board_setup["file_number"] - 1))) $_POST["file"] = " "; if($board_setup["skin"]=='data') $web_edit -> insert($_POST["content"]);//Ãß°¡ $db -> update(BBS, $_POST, "id", array($id)); $link = "/include/pop.htm?code=$code&id=$id"; if($_GET["loc"]) $javascript -> mesg_link($_MSG_["update_true"], $link); else $javascript -> mesg_link($_MSG_["update_true"], $_LINK_["update_result"]); }else{ if($row[pass] == $_POST["pass"] || $board_setup["bbs_admin_pass"] == $_POST["pass"]){ $_POST["file"] = @implode(",", $fun -> modify_upload($pa)); if($_POST["file"] == str_repeat(",",($board_setup["file_number"] - 1))) $_POST["file"] = " "; if($board_setup["skin"]=='data') $web_edit -> insert($_POST["content"]);//Ãß°¡ $db -> update(BBS, $_POST, "id", array($id)); $link = "/include/pop.htm?code=$code&id=$id"; if($_GET["loc"]) $javascript -> mesg_link($_MSG_["update_true"], $link); else $javascript -> mesg_link($_MSG_["update_true"], $_LINK_["update_result"]); } } $javascript -> error_mesg($_MSG_["update_false"]); break; case "vote": if(${$code."_vote"}==md5($REMOTE_ADDR."_".$id)){ $javascript->mesg_link($_MSG_["vote_err"],$_LINK_["vote_result"]); } $sql = "update ".BBS." set vote = vote + 1 where code = '$code' and id = '$id'"; $rs = $db -> query($sql); setcookie($code."_vote", md5($REMOTE_ADDR."_".$id), 0, "/"); $javascript->mesg_link($_MSG_["vote"],$_LINK_["vote_result"]); break; case "memo_insert": $_POST["code"] = $_POST["code"]; $_POST["ip"] = $REMOTE_ADDR; $_POST["parent"] = $_POST["id"]; $db -> insert(BBS_MEMO, $_POST); $javascript->mesg_link($_MSG_["memo_insert"],$_LINK_["memo_result"]); break; case "memo_delete_result": $sql = "select pass,parent from ".BBS_MEMO." where id = '$id'"; $rs = $db -> query($sql); $row = $db -> fetch_array($rs); if($row[0] == $_POST["pass"] || $board_setup["bbs_admin_pass"] == $_POST["pass"]){ $sql = "delete from ".BBS_MEMO." where id = '$id'"; $rs = $db -> query($sql); $id = $row[parent]; $javascript->mesg_link($_MSG_["memo_del_true"], $_LINK_["memo_del_result"]); }else{ exit($javascript->error_mesg($_MSG_["memo_del_false"])); } break; case "member_insert": break; case "login": include ("tmp/shop/".$shop_setup["shop_skin"]."/top.htm"); $tpl -> init("tmp/".$board_setup["bbs_type"]."/".$board_setup["skin"]."/login.htm"); $tpl -> replace("title", "°ü¸®ÀÚ ·Î±×ÀÎ"); $tpl -> replace("action", $PHP_SELF); $tpl -> replace("URL", $URL); $tpl -> replace("type", "login_result"); $tpl -> replace("code", $code); $tpl -> display(); include ("tmp/shop/".$shop_setup["shop_skin"]."/bottom.htm"); break; case "login_result": if($_POST["pass"] != $board_setup["bbs_admin_pass"]) $javascript -> error_mesg($_MSG_["admin_login"]); //·¹º§¼³Á¤ setcookie(${COOKIE_LEVEL}, "1", 0,"/"); echo $code; echo ${COOKIE_LEVEL}; //Header("Location:$URL"); break; case "download": //echo $_GET["file"];exit; $fun -> file_down($_GET["file"]); break; case "setup": include_once ("class/web.class.php"); if(!is_dir("./admin/setup")) $javascript -> error_mesg($_MSG_["setup_folder_err"]); if(fileperms("./admin/setup")!="16895") $javascript -> error_mesg($_MSG_["setup_p_err"]); if(is_file("./admin/setup/setup")){ switch($mode){ case "login": include ("./admin/include/top_include.htm"); include ("./admin/include/login.htm"); include ("./admin/include/bottom_include.htm"); break; case "login_result": $sql = "select * from ".SETUP." where userid = '$userid' and pass = '$pass'"; $rs = $db -> query($sql); $row=$db -> fetch_array($rs); if($db -> num_rows($rs) == 0) $javascript -> error_mesg("ºñ¹Ð¹øÈ£ ¼­·Î ´Ù¸¨´Ï´Ù."); setcookie(str_replace(".", "", $HTTP_HOST), md5($HTTP_HOST), 0, "/"); SetCookie(COOKIE_LEVEL, $row[auto_result], 0, "/");//°ü¸®ÀÚ ·¹º§ Header("Location:$PHP_SELF?type=setup&mode=order"); //Header("Location:$PHP_SELF?type=setup&mode=member&mode1=list");//°ü¸®ÀÚ ·Î±×ÀÎÈÄ ³Ñ¾î°¡´Â ÆäÀÌÁö break; case "logout": setcookie(str_replace(".", "", $HTTP_HOST), "", 0, "/"); Header("Location:$PHP_SELF?type=setup"); break; /*ÇÁ·Î´öÆ® Ä«Å×°í¸® µî·Ï*/ //»óÇ° ÀúÀå case "brand_insert": $fun -> admin_login(); $sql = "select brandcode from ".BRAND." where left(category, 12) = '".$_POST["category"]."'"; $sql .= "order by brandcode desc limit 1"; $rs = $db -> query($sql); $row = $db -> fetch_array($rs); if(!$row[0]){ $max_code = $_POST["category"]."0001"; }else{ $num = substr($row[0],12,4) + 1; $new_num = str_repeat("0", 4 - (strlen($num))).$num; $max_code = $_POST["category"].$new_num; } $_POST["photo"] = @implode(",", $fun -> brand_upload("photo", $max_code)); //echo "row->$row[0]:num->$num:new_num->$new_num:max_code->$max_code"; if($etc_image_num != 0){ $_POST["etc_image"] = @implode(",", $fun -> brand_upload("etc_image", $max_code)); } if(!$_POST["milage"]){ $par_sellprice = array_shift(explode(",", $_POST["sellprice"])); if($shop_setup["reserving_price_point"]!="") $_POST["milage"] = $par_sellprice/(100 * $shop_setup["reserving_price_point"]); } $_POST["product_loc"] = @implode(",", $_POST["product_loc"]); $_POST["brandcode"] = $max_code; $_POST["content"] = $web_edit -> insert($_POST["content"]); $db -> insert(BRAND, $_POST); $max_location = $db -> select_max_id(BRAND, "location"); $sql = "update ".BRAND." set location = '$max_location' where brandcode = '$max_code'"; $rs = $db -> query($sql); $cate=substr($max_code,0,12); // Header("Location:$PHP_SELF?type=setup&mode=brand_write&code=$max_code"); Header("Location:$PHP_SELF?type=setup&mode=brand_write&category=$cate"); break; case "brand_update": $fun -> admin_login(); $_POST["category"] = substr($_POST["category"], 0, 12); $_POST["product_loc"] = @implode(",", $_POST["product_loc"]); $_POST["brandcode"] = $_POST["code"]; //À̹ÌÁö ¾÷·Îµå $_POST["photo"] = @implode(",", $fun -> brand_upload("photo", $_POST["brandcode"])); //±âŸÀ̹ÌÁö ¾÷·Îµå $_POST["etc_image"] = @implode(",", $fun -> brand_upload("etc_image", $_POST["brandcode"])); $sql = "select * from ".BRAND." where brandcode = '$brandcode'"; $rs = $db -> query($sql); $row = $db -> fetch_array($rs); $_POST["content"] = $web_edit -> update($_POST["content"], $row[content]); $db -> update(BRAND, $_POST, "brandcode", array($_POST["brandcode"])); Header("Location:$PHP_SELF?type=setup&mode=brand_modify&code=$code&page=$page"); break; //»óÇ°»èÁ¦ case "brand_delete": $fun -> admin_login(); $sql = "delete from ".BRAND." where brandcode='$code'"; $db -> query($sql); exec("rm -rf ".$shopimage_dir["server"].$code."*"); $sql = "select * from ".BRAND." where brandcode = '$code'"; $rs = $db -> query($sql); $row = $db -> fetch_array($rs); $web_edit -> delete($row[content]); $javascript->mesg_link("»èÁ¦¼º°ø","$PHP_SELF?type=setup&mode=brand_search&page=$page"); break; //Ä«Å×°í¸® ÀúÀå case "category_insert": $fun -> admin_login(); $_NEW_POST = $category_fun -> category_array_vars($_POST, ($num - 1)); $_NEW_POST["code"] = $category_fun -> category_insert( CATEGORY, ${"category_" . ($num-1)}, ($num * 3) ); $_path = "image/category/"; if($_FILES["image"]["name"][$num-1]){ list(,$exe) = explode(".", $_FILES["image"]["name"][$num-1]); $file_name = $_NEW_POST["code"].".".$exe; $file -> File_UPLoad_Move($_FILES["image"]["tmp_name"][$num-1], $_path.$file_name); $_NEW_POST["image"] = $file_name; } $db -> insert(CATEGORY, $_NEW_POST); Header("Location:$PHP_SELF?type=setup&mode=category&code=$_NEW_POST[code]"); break; //¼öÁ¤Àоî¿À±â case "category_read": $sql = "select * from ".CATEGORY." where code = '$_GET[code]'"; $rs = $db -> query($sql); $row = $db -> fetch_array($rs); if($row[category_options] == "") $options = 0; else $options = $row[category_options] - 1; echo "\n"; break; //Ä«Å×°í¸® ¼öÁ¤ case "category_modify": $fun -> admin_login(); $_NEW_POST = $category_fun -> category_array_vars($_POST, ($num - 1)); $_path = "image/category/"; if($_FILES["image"]["name"][$num-1]){ list(,$exe) = explode(".", $_FILES["image"]["name"][$num-1]); $file_name = ${"category_" . $num}.".".$exe; $file -> File_UPLoad_Move($_FILES["image"]["tmp_name"][$num-1], $_path.$file_name); $_NEW_POST["image"] = $file_name; } $db -> update(CATEGORY, $_NEW_POST, "code", array(${"category_" . $num})); Header("Location:$PHP_SELF?type=setup&mode=category&code=".${"category_" . $num}); break; //Ä«Å×°í¸® »èÁ¦ case "category_delete": $fun -> admin_login(); $code = $_POST["category_" . $num]; $vars[] = substr($code, 0, ($num * 3)); $fields_name1 = " left(code,". ($num * 3) .") "; $fields_name2 = " left(brandcode,". ($num * 3) .") "; $db -> delete(CATEGORY, $vars, $fields_name1); $db -> delete(BRAND, $vars, $fields_name2); exec("rm -rf ".$shopimage_dir["server"].$vars[0]."*"); Header("Location:$PHP_SELF?type=setup&mode=category&code=".$code); break; //Ä«Å×°í¸® ¼øÀ§º¯°æ case "category_loc": $category_fun -> category_location($_POST["loc"]); Header("Location:$PHP_SELF?type=setup&mode=category&code=".${"category_" . $num}); break; /*ÇÁ·Î´öÆ® Ä«Å×°í¸® µî·Ï*/ case "setup_site_insert": $fun -> admin_login(); $check_db = @mysql_connect($_POST["db_host"], $_POST["db_user"], $_POST["db_pass"]) or die($javascript->error_mesg("DB ¿¬°á ½ÇÆÐ ÀÔ´Ï´Ù.")); @mysql_select_db($_POST["db_name"], $check_db) or die($javascript->error_mesg("Á¸ÀçÇÏÁö ¾Ê´Â DB ÀÔ´Ï´Ù.")); $fo = fopen("./admin/setup/setup", "w+"); echo $_POST["db_host"]."|"; fwrite($fo, $_POST["db_host"]."|". $_POST["db_user"]."|". $_POST["db_pass"]."|". $_POST["db_name"]."|". $prefix."|\n" ); fclose($fo); //$db -> query("delete from ".SETUP); //$db -> insert(SETUP, $_POST); $sql = "update ".SETUP." set userid='$userid', pass='$pass' where id='1'"; $rs = $db -> query($sql); $sql = "update ".BBS_SETUP." set bbs_admin_pass = '$pass'"; $rs = $db -> query($sql); $javascript->mesg_link("ÀúÀå µÇ¾ú½À´Ï´Ù.", "$PHP_SELF?type=setup&mode=setup"); break; case "setup_write":case "member_list": case "setup_modify":case "setup": $fun -> admin_login(); include ("./admin/include/top_include.htm"); include ("./admin/include/$mode.htm"); include ("./admin/include/bottom_include.htm"); break; /*°ü¸®ÀÚ ÆäÀÌÁö ºÐ±â*/ case "prd": case "confirm": case "data": case "orderr": case "catalog":case "wp": include ("./admin/include/top_include.htm"); include ("./admin/include/$mode/$mode1.htm"); include ("./admin/include/bottom_include.htm"); break; case "category": case "brand_write": case "brand_search": case "brand_modify": $fun -> admin_login(); include ("./admin/include/top_include.htm"); include ("./admin/include/$mode.htm"); include ("./admin/include/bottom_include.htm"); break; //XXX case "admin_member_stat": if($_GET["result"]){ $sql = "update ".MEMBER." set result = '".$_GET["result"]."' where userid = '$userid'"; }else{ $sql = "update ".MEMBER." set level = '".$_GET["level"]."' where userid = '$userid'"; } $db -> query($sql); $javascript->opener("", ""); break; //XXX case "setup_insert": $fun -> admin_login(); $sql = "select * from ".BBS_SETUP." where code = '$code'"; $rs = $db -> query($sql); if($db -> num_rows($rs) != 0) $javascript -> error_mesg("°°Àº Äڵ尡 Á¸ÀçÇÕ´Ï´Ù."); $fun -> bbs_file_create($code, "top_html", "./data"); $fun -> bbs_file_create($code, "bottom_html", "./data"); $db -> insert(BBS_SETUP, $_POST); $javascript -> mesg_link("°Ô½ÃÆÇ »ý¼ºÀÌ ¼º°øÀûÀ¸·Î ÀÌ·ç¾î Á³½À´Ï´Ù.","$PHP_SELF?type=setup"); break; case "setup_update": $fun -> admin_login(); $db -> update(BBS_SETUP, $_POST, "code", array($code)); $fun -> bbs_file_create($code, "top_html", "./data"); $fun -> bbs_file_create($code, "bottom_html", "./data"); $javascript -> mesg_link("°Ô½ÃÆÇ ¼öÁ¤ÀÌ ¼º°øÀûÀ¸·Î ÀÌ·ç¾î Á³½À´Ï´Ù.","$PHP_SELF?type=setup"); break; case "setup_delete": $fun -> admin_login(); $db -> query("delete from ".BBS_SETUP." where code = '$code'"); $db -> query("delete from ".BBS." where code = '$code'"); @exec("rm -rf ../data/$code/"); $javascript -> mesg_link("°Ô½ÃÆÇ »ý¼ºÀÌ ¼º°øÀûÀ¸·Î ÀÌ·ç¾î Á³½À´Ï´Ù.","$PHP_SELF?type=setup"); break; case "setup_reset": while(list($k, $v) = each($drop_table)){ $sql = "drop table ".$prefix.$v; @mysql_query($sql); } @unlink("./admin/setup/setup"); setcookie(str_replace(".", "", $HTTP_HOST), "", 0, "/"); Header("Location:$PHP_SELF?type=setup"); break; default: $fun -> admin_login(); include ("./admin/include/top_include.htm"); include ("./admin/include/main.htm"); include ("./admin/include/bottom_include.htm"); break; } }else{ include ("./admin/include/top_include.htm"); if(!$step) $step = "1"; switch($step){ case "1": include ("./admin/include/step1.htm"); break; case "2": include ("./admin/include/step2.htm"); break; case "3": include ("./admin/include/step3.htm"); break; case "4": include ("./admin/include/step4.htm"); break; } include ("./admin/include/bottom_include.htm"); } break; } $db -> close(); $page_time[1] = microtime(); $page_loading = $fun -> get_microtime($page_time[0], $page_time[1], false); ?>