@Ghazascanner
_2019runbot
Ghazascanner File Manager
server :Linux adweb87 2.6.32-754.el6.x86_64 #1 SMP Tue Jun 19 21:26:04 UTC 2018 x86_64
Current Path :
/
home
/
sanchung
/
public_html
/
board
/
skin
/
new02a
/
files
/
Path :
Upload File :
New :
File
Dir
/home/sanchung/public_html/board/skin/new02a/files/write.php
<? // È®ÀÎÄÚµå $board_code = rand(1000, 9999); $en_board_code = base64_encode($board_code); $cancel_url = ($_SERVER[HTTP_REFERER]) ? $_SERVER[HTTP_REFERER] : $_SERVER[PHP_SELF]; //echo $cancel_url; $_head_array = explode(",", $head_txt); //ÆäÀÌ¡ º¯¼öµé $search = "&part=$part&word=$word&sort=$sort"; switch($type){ //¼öÁ¤Àΰæ¿ì case "modify"; $login_title = "icon_modif.gif"; $button = "i_modify.gif"; $ment = "»èÁ¦ ºñ¹Ð¹øÈ£¸¦ ÀÔ·ÂÇϼ¼¿ä."; $ntype = "read"; $row = $mysql->row("$_board[table]", "*", "where id='$id' and db='$db'"); $subject = $row[subject]; if($row[html] == "H") $content = $row[content]; else $content = nl2br($row[content]); //echo $Row[content]; break; //´äº¯ÀÏ °æ¿ì case "reinsert": $login_title = "icon_reply.gif"; $button = "i_wok.gif"; $ment = "¼öÁ¤, »èÁ¦ ÇϽǶ§ ÇÊ¿äÇÕ´Ï´Ù."; $ntype = "read"; $row = $mysql->row("$_board[table]", "subject, content, sort", "where id='$id' && db='$db'"); $subject = "RE : $row[subject]"; $content = "<br><br><br>---------------------------------------------"; $content .= "<br>$row[content]"; break; //±Û¾²±âÀÎ °æ¿ì default: $login_title = "icon_write.gif"; $button = "i_wok.gif"; $ment = "¼öÁ¤, »èÁ¦ ÇϽǶ§ ÇÊ¿äÇÕ´Ï´Ù."; if($id){ $id = ""; } //ÄíÅ° Àû¿ëÀÎ °æ¿ì if($cookie_option == "Y"){ $Row[name] = ${$db."_NAME_C"}; $Row[email] = ${$db."_MAIL_C"}; $Row[home] = ${$db."_HOME_C"}; } break; } if($backtype == "list") $ntype = "list"; echo" <script type='text/javascript'> <!-- var input_subject = \"$_btxt[input_subject]\"; var input_name = \"$_btxt[input_name]\"; var input_email = \"$_btxt[input_email]\"; var input_code = \"$_btxt[input_code]\"; var input_content = \"$_btxt[input_content]\"; var input_pass = \"$_btxt[input_pass]\"; var input_pass_length = \"$_btxt[input_pass_length]\"; //--> </script> <script type='text/javascript' src='$skinurl/script/write.js'></script> <form name='form' method='post' enctype='multipart/form-data' onsubmit='return Check_Text()' action='$_path[web]/insert.php'> <input type='hidden' name='db' value='$db'> <input type='hidden' name='id' value='$id'> <input type='hidden' name='type' value='$type'> <input type='hidden' name='page' value='$page'> <input type='hidden' name='word' value='$word'> <input type='hidden' name='part' value='$part'> <input type='hidden' name='sort' value='$sort'> <input type='hidden' name='BACK_URL' value='$_SERVER[PHP_SELF]'> <input type='hidden' name='editer' value='$_board[edit_use]'> <table id='bbs-write' width='100%' $bgcolor_0 summary='$_board[name] »õ·Î¿î °Ô½Ã¹° ÀÛ¼º Å×À̺íÀÔ´Ï´Ù'> <caption>$_board[name] ±Û¾²±â</caption> <tr> <th scope='row'><label for='subject'>$_btxt[title]</label></th> <td><input type='text' id='subject' name='subject' size='50' value='$subject' class='skin3_input'>"; #### ADMIN NOTICE #### if($_adm_key["admin"] || $_adm_key["board"] || $_adm_key["master"]){ echo" <input type='checkbox' id='notice' name='notice' value='Y' "; if($row[notice] == "Y") echo"checked"; echo"><label for='notice'>$_btxt[notice]</label>"; } #### ADMIN NOTICE #### echo" </td> </tr>"; #### Á¦¸ñ #### if($_board[edit_use] == "N"){ echo" <tr> <th scope='row'>$_btxt[btype]</th> <td> <input type='radio' name='html' id='html_text' value='T' "; if($row[html] == "T" || $row[html] == "") echo"CHECKED"; echo"> <label for='html_text'>Text</label> <input type='radio' name='html' id='html_html' value='H' "; if($row[html] == "H") echo"CHECKED"; echo"> <label for='html_html'>Html</label> </td> </tr>"; } else { echo" <input type=hidden name='html' value='H'>"; } #### ÀÛ¼ºÀÚ #### $name = ($row[name]) ? $row[name] : $MEMBER_NAME; echo" <tr> <th scope='row'><label for='name'>$_btxt[name]</label></th> <td><input type='text' id='name' name='name' size='15' value='$name' class='skin3_input'></td> </tr>"; /**** Ä«Å×°í¸® ****/ if($_board[cate_use] == "Y"){ echo" <tr> <th scope='row'><label for='sort'>$_btxt[category]</label></th> <td><select id='sort' name='sort'>"; $_cate_array = @explode(",", $_board[cate_text]); while(@list($key, $val) = each($_cate_array)){ echo"<option value='$val' "; if($val == $row[sort]) echo"selected"; echo">$val</option>\n"; } echo" </select> </td> </tr>"; } /**** Ä«Å×°í¸® ****/ /**** À̸ÞÀÏ ****/ if($_board[email_write] == "Y"){ echo" <tr> <th scope='row'><label for='email'>$_btxt[email]</label></th> <td><input type='text' id='email' name='email' size='50' value='$row[email]' class='skin3_input'></td> </tr>"; } /**** À̸ÞÀÏ ****/ /**** ȨÆäÀÌÁö ****/ if($_board[home_write] == "Y"){ echo" <tr> <th scope='row'><label for='home'>$_btxt[homepage]</label></th> <td>http://<input type='text' id='home' name='home' size='40' value='$row[home]' class='skin3_input'></td> </tr>"; } /**** ȨÆäÀÌÁö ****/ /**** ½ºÆÔ¹æÁö ÄÚµå ****/ if($type != "modify" && $_board[spam_code] == "Y"){ // °ü¸®ÀÚ || ȸ¿ø ·Î±×ÀÎÀÌ ¾Æ´Ò¶§ È®ÀÎÄÚµåÀÔ·Â if(!$_adm_key["admin"] && !$_adm_key["board"] && !$_adm_key["master"] && !$_mem_key["id"]){ echo" <input type='hidden' name='board_code' value='".base64_encode($board_code)."'> <tr height=$hh1> <th scope='row'><label for='rand_code'>$_btxt[code]</label></th> <td><img src='$_path[web]/deal.php?mode=code&br=255&bg=255&bb=255&code=$en_board_code' alt='$board_code' align='left'> <input type='text' id='rand_code' name='rand_code' size='10' class='skin3_input' maxlength='4' title='{$board_code} ¸¦ ÀÔ·ÂÇϼ¼¿ä'> [ $_btxt[codetxt] ]</td> </tr>"; } } /**** ½ºÆÔ¹æÁö ÄÚµå ****/ // ±Û ³»¿ë if($_board[edit_use] == "Y"){ if($type == "modify" || $type == "reinsert"){ echo"<textarea name='oldcontent' style='display:none' title='°³¹ß¿ëµµ'>".stripslashes($content)."</textarea>"; } echo" <input type='hidden' name='content'> <tr> <td colspan='2' class='edit-td'>"; include"$_path[board]/editer/index.php"; echo" </td> </tr>"; } else { echo" <tr> <th scope='row'><label for='content'>$_btxt[content]</label></th> <td><textarea id='content' name='content' class='skin3_textarea'>".stripslashes($content)."</textarea></td> </tr>"; } #### ±Û ³»¿ë #### echo" <tr> <th scope='row'><label for='pass'>$_btxt[pass]</label></th> <td><input type='password' id='pass' name='pass' value='$row[pass]' size='15' class='skin3_input' maxlength='12'></td> </tr>"; if($_board[content_open] == "Y" && $type != "reinsert" && $row[loc]==0){ echo" <tr> <th scope='row'>$_btxt[open]</th> <td><input type='radio' name='open' id='open_open' value='N' checked> <label for='open_open'>$_btxt[openn]</label> <input type='radio' name='open' value='Y' id='open_close' "; if($row[open] == "Y") echo"checked"; echo"> <label for='open_close'>$_btxt[openy]</label></td> </tr>"; } #### ÆÄÀϾ÷·Îµå #### $_exp_file = explode(",", $row[filename]); $_exp_file_true = explode(",", $row[filename_true]); for($i=1; $i<=$_board[fileup_num]; $i++){ $_file_name = ($_exp_file_true[($i-1)]) ? $_exp_file_true[($i-1)] : $_exp_file[($i-1)]; echo" <tr> <th scope='row'><label for='fileup$i'>$_btxt[file] $i</label></th> <td><input type='file' id='fileup$i' name='fileup[]' size='50' class='skin3_input'>"; if(trim($_file_name)) echo $_file_name." <input type='checkbox' name='file_del[".($i-1)."]' id='file_del$i' value='Y' /><label for='file_del$i'>»èÁ¦</label>"; echo"</td> </tr>"; } #### ÆÄÀϾ÷·Îµå #### echo" </table> <p class='write-btn'> <input type='image' src='$skinurl/img/$btn/$button' alt='È®ÀÎ'> <a href='$cancel_url' onclick='history.back(); return false;'><img src='$skinurl/img/$btn/i_cancle.gif' alt='Ãë¼Ò'></a> </p> </form>"; //echo phpinfo(); ?>