묻고답하기
염치불구하고 php 소스 분석좀 부탁드릴께요.
2003.02.17 16:40
안녕하세요!!!
쇼핑몰을 구축했는데,해당 게시판에 글쓰기를 누르면,제대로된 경로를 통하라고 하네요..
관련 게시판 주소 : http://www.imiwatch.com/shop/otmarket/shop/customer/community/community_list.php
이곳에서 한번 게시물 작성 해보시고요,어디가 문제인지 소스좀 분석 부탁드릴께요..저한테는 아주 중요한 사항인데,
php 언어를 잘 몰라서 너무 해매고 있네요.많은 내용 보시려면 눈아프실텐데,죄송하구요..꼭 좀 부탁드리겠습니다..
아래는 게시물이 작성되었을때 작동되는 소스입니다.(이소스가 문제가 아니라 다른 소스에 문제가 있다면 말씀해 주시면,바로
다른소스 올려드릴께요.감사합니다..^^;)
<?
error_reporting(0);
session_start();
include "../../../db_connect.php";
include "../../hum_connect.php";
include "../../class/hum_class.php";
$hum = new hum;
$devurl=explode("/",$HTTP_REFERER);
$inurl="$devurl[0]/$devurl[1]/$devurl[2]";
if($inurl!="$otmarket_url"){
echo ("
<script>
alert('제대로된 경로를 통해 주세요.')
history.go(-1)
</script>
");
exit;
}
$qry8="select tbno from $board14";
$result8=mysql_query($qry8);
if(!$result8){$hum->error_handling3();exit();}
$num8=mysql_num_rows($result8);
if($num8){
if(!$board_name){
$qry7="select table_name,user_right,board_type,remail from $board14 where ".
"user_right='nomember' order by tbno limit 1";
$result7=mysql_query($qry7);
if(!$result7){$hum->error_handling3();exit();}
$num7=mysql_num_rows($result7);
if($num7){
$row7=mysql_fetch_array($result7);
$board_name="$row7[table_name]";
}else{
$qry7="select table_name,user_right,board_type,remail from $board14 order by tbno limit 1";
$result7=mysql_query($qry7);
if(!$result7){$hum->error_handling3();exit();}
$row7=mysql_fetch_array($result7);
$board_name="$row7[table_name]";
}}else{
$qry7="select table_name,user_right,board_type,remail from $board14 where table_name='$board_name'";
$result7=mysql_query($qry7);
if(!$result7){$hum->error_handling3();exit();}
$num7=mysql_num_rows($result7);
if($num7){
$row7=mysql_fetch_array($result7);
$board_name="$row7[table_name]";
}else{
echo ("
<script>
alert('해당 게시판이 존재하지 않습니다.')
history.go(-1)
</script>
");
exit;
}}
if($row7[user_right]=='nomember'){
if(!$parent){$parent=0;
$qry="select id from $board_name order by id desc";
$mysql_result=mysql_query($qry);
if(!$mysql_result){$hum->error_handling3();exit();}
$rowv=mysql_fetch_array($mysql_result);
$egroup=$rowv[id]+1;}else{ $egroup=$group;}
if($row7[board_type]=='upload'){
$path="${absolute_path}/upload";
if( $form_data != none ){
$file_name = $form_data_name;
$file_name = "${board_name}_".$file_name;
copy( $form_data , "$path/$file_name" );
}
}else{
$file_name="";$form_data_size="";$form_data_type="";
}
if(!$list_num){
$dbinsert = "insert into $board_name values ('','$name','$email','$pass','$title','$remail','$html','$comment',now(),0,0,$parent,$egroup,0,'n','$file_name','$form_data_size','$form_data_type')";
$result=mysql_query($dbinsert);
if(!$result){$hum->error_handling3();exit();}
$result2=mysql_query("select remail,email from $board_name where id=$parent");
if(!$result2){$hum->error_handling3();exit();}
$row2=mysql_fetch_array($result2);
if(!$parent=='0' and $row2[remail]=='yes' and $row7[remail]=='yes'){
$sendemail=$row2[email];
$comment=str_replace("n","<br>",$comment);
$comment=str_replace(" "," ",$comment);
$content ="$comment";
$mailheaders .= "Return-Path: $fromrn";
$mailheaders .= "From: $rn <$email>rn";
$mailheaders .= "X-Mailer: Gfew Interfacern";
$mailheaders .= "Content-Type: text/html; charset=euc-krrn";
$mailheaders .= "Content-Transfer-Encoding: 8bitrnrn";
$bodytext .= stripslashes($content)."rn";
mail($sendemail,$title,$bodytext,$mailheaders);
}
if($parent!=0){
function re_see($parentid,$groupid)
{
global $board_name;
static $i=-1;
$query3="select id,del from $board_name where parent='$parentid' and egroup='$groupid' order by id desc";
$mysql_result3=mysql_query($query3);
while($row3=mysql_fetch_array($mysql_result3))
{
if ($row3[del]=='n')
{
$i++;
$query4="update $board_name set next=$i where id=$row3[id]";
mysql_query($query4);
}
re_see($row3[id],$groupid);
}
}
re_see(0,$egroup);
}
}else{
$result=mysql_query("select id,pass from $board_name where id=$list_num");
if(!$result){$hum->error_handling3();exit();}
$row=mysql_fetch_array($result);
if($pass==$row[pass]){
if($email=='비공개' || !$email){
$dbup = "update $board_name set name='$name'+ '+ ',title='$title',remail='$remail',html='$html',title='$title',comment='$comment',filename='$file_name',filesize='$form_data_size',filetype='$form_data_type' where id='$list_num'";
$result=mysql_query($dbup);
}else{
$dbup = "update $board_name set name='$name',title='$title',remail='$remail',html='$html',email='$email',title='$title',comment='+ '$comment',filename='$file_name',filesize='$form_data_size',filetype='+ '$form_data_type' where id='$list_num'";
$result=mysql_query($dbup);
}
if(!$result){$hum->error_handling3();exit();}
} else {
echo ("
<script>
alert('암호가 맞지 않습니다.')
history.go(-1)
</script>
");
exit;
}
}
mysql_close();
if(!$list_num){
echo ("<meta http-equiv='Refresh' content='0; URL=community_list.php?board_name=$board_name'>");
}else{
echo ("<meta http-equiv='Refresh' content='0; URL=community_read.php?board_name=$board_name&list_num=$list_num&offset=$offset'>");
}
}else{
if($meid and $mepa){
$qry="select meid from $board4 where ".
"meid='$meid' and mepa='$mepa' ";
$result=mysql_query($qry);
if(!$result){$hum->error_handling3();exit();}
$num2=mysql_num_rows($result);
if ($num2)
{
if(!$parent){$parent=0;
$qry="select id from $board_name order by id desc";
$mysql_result=mysql_query($qry);
if(!$mysql_result){$hum->error_handling3();exit();}
$rowv=mysql_fetch_array($mysql_result);
$egroup=$rowv[id]+1;}else{ $egroup=$group;}
if($row7[board_type]=='upload'){
$path="${absolute_path}/upload";
if( $form_data != none ){
$file_name = $form_data_name;
$file_name = "${board_name}_".$file_name;
copy( $form_data , "$path/$file_name" );
}
}else{
$file_name="";$form_data_size="";$form_data_type="";
}
if(!$list_num){
$dbinsert = "insert into $board_name values ('','+ '$name','$email','$pass','$title','$remail','$html','$comment',now(),0,0,$parent,$egroup,0,'n','$file_name','$form_data_size','$form_data_type')";
$result=mysql_query($dbinsert);
if(!$result){$hum->error_handling3();exit();}
$result2=mysql_query("select remail,email from $board_name where id=$parent");
if(!$result2){$hum->error_handling3();exit();}
$row2=mysql_fetch_array($result2);
if(!$parent=='0' and $row2[remail]=='yes' and $row7[remail]=='yes'){
$sendemail=$row2[email];
$comment=str_replace("n","<br>",$comment);
$comment=str_replace(" "," ",$comment);
$content ="$comment";
$mailheaders .= "Return-Path: $fromrn";
$mailheaders .= "From: $rn <$email>rn";
$mailheaders .= "X-Mailer: Gfew Interfacern";
$mailheaders .= "Content-Type: text/html; charset=euc-krrn";
$mailheaders .= "Content-Transfer-Encoding: 8bitrnrn";
$bodytext .= stripslashes($content)."rn";
mail($sendemail,$title,$bodytext,$mailheaders);
}
if($parent!=0){
function re_see($parentid,$groupid)
{
global $board_name;
static $i=-1;
$query3="select id,del from $board_name where parent='$parentid' and egroup='$groupid' order by id desc";
$mysql_result3=mysql_query($query3);
while($row3=mysql_fetch_array($mysql_result3))
{
if ($row3[del]=='n')
{
$i++;
$query4="update $board_name set next=$i where id=$row3[id]";
mysql_query($query4);
}
re_see($row3[id],$groupid);
}
}
re_see(0,$egroup);
}
}else{
$result=mysql_query("select id,pass from $board_name where id=$list_num");
if(!$result){$hum->error_handling3();exit();}
$row=mysql_fetch_array($result);
if($pass==$row[pass]){
if($email=='비공개' || !$email){
$dbup = "update $board_name set name='$name',title='$title',remail='$remail',html='$html',title='$title',comment='$comment',filename='$file_name',filesize='$form_data_size',filetype='$form_data_type' where id='$list_num'";
$result=mysql_query($dbup);
}else{
$dbup = "update $board_name set name='$name',title='$title',remail='$remail',html='$html',email='$email',title='$title',comment='$comment',filename='$file_name',filesize='$form_data_size',filetype='$form_data_type' where id='$list_num'";
$result=mysql_query($dbup);
}
if(!$result){$hum->error_handling3();exit();}
} else {
echo ("
<script>
alert('암호가 맞지 않습니다.')
history.go(-1)
</script>
");
exit;
}
}
mysql_close();
if(!$list_num){
echo ("<meta http-equiv='Refresh' content='0; URL=community_list.php?board_name=$board_name'>");
}else{
echo ("<meta http-equiv='Refresh' content='0; URL=community_read.php?board_name=$board_name&list_num=$list_num&offset=$offset'>");
}
}else{
echo ("
<script>
alert('제대로된 경로를 이용해주세요.')
history.go(-1)
</script>
");
mysql_close();
exit;
}}else{
echo ("
<script>
alert('회원만 사용이 가능합니다.회원은 로그인 해주세요.')
history.go(-1)
</script>
");
exit;
}
}
}else{
echo ("
<script>
alert('커뮤니티 관련 게시판이 없습니다.')
history.go(-1)
</script>
");
exit;
}
?>
쇼핑몰을 구축했는데,해당 게시판에 글쓰기를 누르면,제대로된 경로를 통하라고 하네요..
관련 게시판 주소 : http://www.imiwatch.com/shop/otmarket/shop/customer/community/community_list.php
이곳에서 한번 게시물 작성 해보시고요,어디가 문제인지 소스좀 분석 부탁드릴께요..저한테는 아주 중요한 사항인데,
php 언어를 잘 몰라서 너무 해매고 있네요.많은 내용 보시려면 눈아프실텐데,죄송하구요..꼭 좀 부탁드리겠습니다..
아래는 게시물이 작성되었을때 작동되는 소스입니다.(이소스가 문제가 아니라 다른 소스에 문제가 있다면 말씀해 주시면,바로
다른소스 올려드릴께요.감사합니다..^^;)
<?
error_reporting(0);
session_start();
include "../../../db_connect.php";
include "../../hum_connect.php";
include "../../class/hum_class.php";
$hum = new hum;
$devurl=explode("/",$HTTP_REFERER);
$inurl="$devurl[0]/$devurl[1]/$devurl[2]";
if($inurl!="$otmarket_url"){
echo ("
<script>
alert('제대로된 경로를 통해 주세요.')
history.go(-1)
</script>
");
exit;
}
$qry8="select tbno from $board14";
$result8=mysql_query($qry8);
if(!$result8){$hum->error_handling3();exit();}
$num8=mysql_num_rows($result8);
if($num8){
if(!$board_name){
$qry7="select table_name,user_right,board_type,remail from $board14 where ".
"user_right='nomember' order by tbno limit 1";
$result7=mysql_query($qry7);
if(!$result7){$hum->error_handling3();exit();}
$num7=mysql_num_rows($result7);
if($num7){
$row7=mysql_fetch_array($result7);
$board_name="$row7[table_name]";
}else{
$qry7="select table_name,user_right,board_type,remail from $board14 order by tbno limit 1";
$result7=mysql_query($qry7);
if(!$result7){$hum->error_handling3();exit();}
$row7=mysql_fetch_array($result7);
$board_name="$row7[table_name]";
}}else{
$qry7="select table_name,user_right,board_type,remail from $board14 where table_name='$board_name'";
$result7=mysql_query($qry7);
if(!$result7){$hum->error_handling3();exit();}
$num7=mysql_num_rows($result7);
if($num7){
$row7=mysql_fetch_array($result7);
$board_name="$row7[table_name]";
}else{
echo ("
<script>
alert('해당 게시판이 존재하지 않습니다.')
history.go(-1)
</script>
");
exit;
}}
if($row7[user_right]=='nomember'){
if(!$parent){$parent=0;
$qry="select id from $board_name order by id desc";
$mysql_result=mysql_query($qry);
if(!$mysql_result){$hum->error_handling3();exit();}
$rowv=mysql_fetch_array($mysql_result);
$egroup=$rowv[id]+1;}else{ $egroup=$group;}
if($row7[board_type]=='upload'){
$path="${absolute_path}/upload";
if( $form_data != none ){
$file_name = $form_data_name;
$file_name = "${board_name}_".$file_name;
copy( $form_data , "$path/$file_name" );
}
}else{
$file_name="";$form_data_size="";$form_data_type="";
}
if(!$list_num){
$dbinsert = "insert into $board_name values ('','$name','$email','$pass','$title','$remail','$html','$comment',now(),0,0,$parent,$egroup,0,'n','$file_name','$form_data_size','$form_data_type')";
$result=mysql_query($dbinsert);
if(!$result){$hum->error_handling3();exit();}
$result2=mysql_query("select remail,email from $board_name where id=$parent");
if(!$result2){$hum->error_handling3();exit();}
$row2=mysql_fetch_array($result2);
if(!$parent=='0' and $row2[remail]=='yes' and $row7[remail]=='yes'){
$sendemail=$row2[email];
$comment=str_replace("n","<br>",$comment);
$comment=str_replace(" "," ",$comment);
$content ="$comment";
$mailheaders .= "Return-Path: $fromrn";
$mailheaders .= "From: $rn <$email>rn";
$mailheaders .= "X-Mailer: Gfew Interfacern";
$mailheaders .= "Content-Type: text/html; charset=euc-krrn";
$mailheaders .= "Content-Transfer-Encoding: 8bitrnrn";
$bodytext .= stripslashes($content)."rn";
mail($sendemail,$title,$bodytext,$mailheaders);
}
if($parent!=0){
function re_see($parentid,$groupid)
{
global $board_name;
static $i=-1;
$query3="select id,del from $board_name where parent='$parentid' and egroup='$groupid' order by id desc";
$mysql_result3=mysql_query($query3);
while($row3=mysql_fetch_array($mysql_result3))
{
if ($row3[del]=='n')
{
$i++;
$query4="update $board_name set next=$i where id=$row3[id]";
mysql_query($query4);
}
re_see($row3[id],$groupid);
}
}
re_see(0,$egroup);
}
}else{
$result=mysql_query("select id,pass from $board_name where id=$list_num");
if(!$result){$hum->error_handling3();exit();}
$row=mysql_fetch_array($result);
if($pass==$row[pass]){
if($email=='비공개' || !$email){
$dbup = "update $board_name set name='$name'+ '+ ',title='$title',remail='$remail',html='$html',title='$title',comment='$comment',filename='$file_name',filesize='$form_data_size',filetype='$form_data_type' where id='$list_num'";
$result=mysql_query($dbup);
}else{
$dbup = "update $board_name set name='$name',title='$title',remail='$remail',html='$html',email='$email',title='$title',comment='+ '$comment',filename='$file_name',filesize='$form_data_size',filetype='+ '$form_data_type' where id='$list_num'";
$result=mysql_query($dbup);
}
if(!$result){$hum->error_handling3();exit();}
} else {
echo ("
<script>
alert('암호가 맞지 않습니다.')
history.go(-1)
</script>
");
exit;
}
}
mysql_close();
if(!$list_num){
echo ("<meta http-equiv='Refresh' content='0; URL=community_list.php?board_name=$board_name'>");
}else{
echo ("<meta http-equiv='Refresh' content='0; URL=community_read.php?board_name=$board_name&list_num=$list_num&offset=$offset'>");
}
}else{
if($meid and $mepa){
$qry="select meid from $board4 where ".
"meid='$meid' and mepa='$mepa' ";
$result=mysql_query($qry);
if(!$result){$hum->error_handling3();exit();}
$num2=mysql_num_rows($result);
if ($num2)
{
if(!$parent){$parent=0;
$qry="select id from $board_name order by id desc";
$mysql_result=mysql_query($qry);
if(!$mysql_result){$hum->error_handling3();exit();}
$rowv=mysql_fetch_array($mysql_result);
$egroup=$rowv[id]+1;}else{ $egroup=$group;}
if($row7[board_type]=='upload'){
$path="${absolute_path}/upload";
if( $form_data != none ){
$file_name = $form_data_name;
$file_name = "${board_name}_".$file_name;
copy( $form_data , "$path/$file_name" );
}
}else{
$file_name="";$form_data_size="";$form_data_type="";
}
if(!$list_num){
$dbinsert = "insert into $board_name values ('','+ '$name','$email','$pass','$title','$remail','$html','$comment',now(),0,0,$parent,$egroup,0,'n','$file_name','$form_data_size','$form_data_type')";
$result=mysql_query($dbinsert);
if(!$result){$hum->error_handling3();exit();}
$result2=mysql_query("select remail,email from $board_name where id=$parent");
if(!$result2){$hum->error_handling3();exit();}
$row2=mysql_fetch_array($result2);
if(!$parent=='0' and $row2[remail]=='yes' and $row7[remail]=='yes'){
$sendemail=$row2[email];
$comment=str_replace("n","<br>",$comment);
$comment=str_replace(" "," ",$comment);
$content ="$comment";
$mailheaders .= "Return-Path: $fromrn";
$mailheaders .= "From: $rn <$email>rn";
$mailheaders .= "X-Mailer: Gfew Interfacern";
$mailheaders .= "Content-Type: text/html; charset=euc-krrn";
$mailheaders .= "Content-Transfer-Encoding: 8bitrnrn";
$bodytext .= stripslashes($content)."rn";
mail($sendemail,$title,$bodytext,$mailheaders);
}
if($parent!=0){
function re_see($parentid,$groupid)
{
global $board_name;
static $i=-1;
$query3="select id,del from $board_name where parent='$parentid' and egroup='$groupid' order by id desc";
$mysql_result3=mysql_query($query3);
while($row3=mysql_fetch_array($mysql_result3))
{
if ($row3[del]=='n')
{
$i++;
$query4="update $board_name set next=$i where id=$row3[id]";
mysql_query($query4);
}
re_see($row3[id],$groupid);
}
}
re_see(0,$egroup);
}
}else{
$result=mysql_query("select id,pass from $board_name where id=$list_num");
if(!$result){$hum->error_handling3();exit();}
$row=mysql_fetch_array($result);
if($pass==$row[pass]){
if($email=='비공개' || !$email){
$dbup = "update $board_name set name='$name',title='$title',remail='$remail',html='$html',title='$title',comment='$comment',filename='$file_name',filesize='$form_data_size',filetype='$form_data_type' where id='$list_num'";
$result=mysql_query($dbup);
}else{
$dbup = "update $board_name set name='$name',title='$title',remail='$remail',html='$html',email='$email',title='$title',comment='$comment',filename='$file_name',filesize='$form_data_size',filetype='$form_data_type' where id='$list_num'";
$result=mysql_query($dbup);
}
if(!$result){$hum->error_handling3();exit();}
} else {
echo ("
<script>
alert('암호가 맞지 않습니다.')
history.go(-1)
</script>
");
exit;
}
}
mysql_close();
if(!$list_num){
echo ("<meta http-equiv='Refresh' content='0; URL=community_list.php?board_name=$board_name'>");
}else{
echo ("<meta http-equiv='Refresh' content='0; URL=community_read.php?board_name=$board_name&list_num=$list_num&offset=$offset'>");
}
}else{
echo ("
<script>
alert('제대로된 경로를 이용해주세요.')
history.go(-1)
</script>
");
mysql_close();
exit;
}}else{
echo ("
<script>
alert('회원만 사용이 가능합니다.회원은 로그인 해주세요.')
history.go(-1)
</script>
");
exit;
}
}
}else{
echo ("
<script>
alert('커뮤니티 관련 게시판이 없습니다.')
history.go(-1)
</script>
");
exit;
}
?>
댓글 8
-
구름
2003.02.17 16:47
-
한꼬마
2003.02.17 16:59
잘되는데 ^^
얼마전에 등록된 쇼핑몰 같은데요. 환경 설정 문제 인듯하네요. 지금 고치신건지 잘되네요. -
이현국
2003.02.17 17:30
구름님//
답변 정말 감사합니다..그런데,제가 무슨 말씀인지 못알아듣는다는게 문제네요..ㅜ.ㅡ
밥상 차려주니까,밥도 먹여달라는것 같아서 죄송하지만,조금만더 쉽게 말씀해주실순 없나요?^^;;;;
한꼬마님//
헛..잘되는줄 알고 해봤는데,잘 안되요..^^;
얼마전에 올라온 쇼핑몰 맞구요.재고 정리할께 있어서.친구한테 설치는 해달라고 했는데,친구도 프로그래밍은 몰라서
설치만 해주고 물러난 상황이에요..^^; -
이현국
2003.02.17 18:03
$otmarket_url="$domain_name";
이부분이 구름님이 말씀하신 변수 값인거 같은데...
찾긴 했는데, 어떻게 변경해야 하는지 모르겠네요...@>@~ -
뒹굴리스트
2003.02.17 18:53
$otmarket_url="$domain_name";
이렇게 해주면
otmarket_url 변수 안에는 domain_name 변수 값이 들어가는 것이 아니라
문자열인 '$domain_name'으로 들어가 버립니다;
$otmarket_url = $domain_name;
이렇게 해야겠죠; -
이현국
2003.02.17 19:47
뒹굴리스트님도 답변 감사합니다.^^;
그런데 수정해서 해보아도 여전히 안되네요..에구.... -
앳플군
2003.02.18 07:08
뒹굴 // " " 으로 싸여있으면 $가 파스되어서 $domain_name 의 값으로 들어갑니다
' ' 으로 싸여있을때는 문자열으로 $domain_name 이 들어가죠;
" " 으로 싸여있을때는,
<?php
$name = "앳플리";
echo "안녕하세요? 저는 $name 입니다.";
echo "\n";
echo '안녕하세요? 저는 $name 입니다.";
?>
안녕하세요? 저는 앳플리 입니다.
안녕하세요? 저는 $name 입니다. -
이현국
2003.02.18 15:09
에고..해결해 주실분은 안계신가 보당..ㅜ.ㅜ..모두 긴글 읽어 주셔서 감사합니다.
(그래도~혹시라도~아시는분 있으시면 덧글좀...^^:계속 덧글 체크 하고 있거든요...)
이유는 아무데서나 호출해서 쓸 수 없게 막는 거죠 우선
$otmarket_url <-- 이변수에 저장된 url이랑 현제 ie에 찍힌 url을 비교해서 리턴 시켜 버리는 거니까
인쿨루드 된 아래 페이지 중에서
include "../../../db_connect.php";
include "../../hum_connect.php";
include "../../class/hum_class.php";
$otmarket_url 이 변수를 찾아서 값을 변경해 주면 되겟네요..