\n"; $s .= "\n"; $s .= "$error\n"; $s .= "$msg\n"; $s .= "\n"; return $s; } $arr = explode("/", $_SERVER[PATH_INFO]); $bo_table = $arr[1]; $wr_id = $arr[2]; $to_token = $arr[3]; $write_table = $g4[write_prefix] . $bo_table; // °Ô½ÃÆÇ Å×À̺í ÀüüÀ̸§ $sql = " select wr_id, ca_name, wr_email from $write_table where wr_id = '$wr_id' "; $wr = sql_fetch($sql, FALSE); // wr_id°¡ ¾ø°Å³ª Æ®·¢¹éÀ¸·Î ³Ñ¾î¿Â°Ô ¾Æ´Ï¶ó¸é if (!$wr[wr_id] || !($_POST[title] && $_POST[excerpt] && $_POST[url] && $_POST[blog_name])) { $tmp_dir = str_replace("/tb.php", "", $_SERVER[SCRIPT_NAME]); header("location:$tmp_dir/board.php?bo_table=$bo_table&wr_id=$wr_id"); exit; } if (!$to_token) { if (isset($_POST)) write_log("$g4[path]/data/log/tb.log", $_POST); echo tb_xml_msg(1, "ÅäÅ«°ªÀÌ ³Ñ¾î¿ÀÁö ¾Ê¾Ò½À´Ï´Ù."); exit; } $sql = " select to_token from $g4[token_table] where to_token = '$to_token' "; $row = sql_fetch($sql); if ($row[to_token] && $to_token) { // µÎ¹ø ÀÌ»ó Æ®·¢¹éÀ» º¸³»Áö ¸øÇϵµ·Ï Çϱâ À§ÇÏ¿© ÅäÅ«À» »èÁ¦ÇÑ´Ù sql_query(" delete from $g4[token_table] where to_token = '$to_token' "); // ÅäÅ«°Ë»ç (3½Ã°£ ÀÌ»ó Áö³­ ÅäÅ«Àº »èÁ¦) if (isset($g4['token_time']) == false) $g4['token_time'] = 3; $sql = " delete from $g4[token_table] where to_datetime < '".date("Y-m-d", $g4[server_time] - 3600 * $g4['token_time'])."' "; sql_query($sql); } else { echo tb_xml_msg(1, "Æ®·¢¹é ÁÖ¼Ò°¡ ¿Ã¹Ù¸£Áö ¾Ê½À´Ï´Ù. (ÅäÅ« À¯È¿½Ã°£ °æ°ú µî)"); exit; } $title = $_POST[title]; $excerpt = $_POST[excerpt]; if (strlen($title) > 255) $title = cut_str($title, 255); if (strlen($excerpt) > 255) $excerpt = cut_str($excerpt, 255); $msg = ""; // µÎ¹ø¾¿ INSERT µÇ´Â°ÍÀ» ¸·±â À§ÇØ if ($_POST[title]) { $board = sql_fetch(" select bo_subject, bo_use_trackback from $g4[board_table] where bo_table = '$bo_table' "); if (!$board[bo_use_trackback]) $msg = "Æ®·¢¹é »ç¿ëÀÌ ±ÝÁöµÈ °Ô½ÃÆÇÀÔ´Ï´Ù."; if (!$msg) { $next_num = get_next_num($write_table); $sql = " select max(wr_comment) as max_comment from $write_table where wr_parent = '$wr_id' and wr_is_comment = 1 "; $row = sql_fetch($sql); $row[max_comment] += 1; $sql = " insert into $g4[write_prefix]$bo_table set wr_num = '$next_num', wr_parent = '$wr_id', wr_is_comment = '1', wr_comment = '$row[max_comment]', wr_content = '$title\n$excerpt', wr_trackback = '$_POST[url]', wr_name = '$_POST[blog_name]', wr_password = '".sql_password($g4[server_time])."', wr_datetime = '$g4[time_ymdhis]', wr_ip = '$_SERVER[REMOTE_ADDR]' "; $result = sql_query($sql, FALSE); if ($result) { $comment_id = mysql_insert_id(); sql_query(" update $write_table set wr_comment = wr_comment + 1 where wr_id = '$wr_id' ", FALSE); sql_query(" insert into $g4[board_new_table] ( bo_table, wr_id, wr_parent, bn_datetime ) values ( '$bo_table', '$comment_id', '$wr_id', '$g4[time_ymdhis]' ) "); sql_query(" update $g4[board_table] set bo_count_comment = bo_count_comment + 1 where bo_table = '$bo_table' ", FALSE); } else $msg = "$write_table TABLE INSERT ¿À·ù"; } //write_log("$g4[path]/data/log/aaa", $msg); if ($msg) // ºñÁ¤»ó(¿À·ù) { echo tb_xml_msg(1, $msg); exit; } else // Á¤»ó { // ¸ÞÀÏ¹ß¼Û »ç¿ë if ($config[cf_email_use] && $board[bo_use_email]) { include_once("$g4[path]/lib/mailer.lib.php"); // °ü¸®ÀÚÀÇ Á¤º¸¸¦ ¾ò°í $super_admin = get_admin("super"); $group_admin = get_admin("group"); $board_admin = get_admin("board"); $wr_name = $blog_name = get_text(stripslashes($_POST[blog_name])); $wr_subject = $title = get_text(stripslashes($title)); $wr_content = $excerpt = nl2br(get_text(stripslashes($excerpt))); $link_url = "http://$_SERVER[HTTP_HOST]$_SERVER[REQUEST_URI]"; $subject = "'{$board[bo_subject]}' °Ô½ÃÆÇ¿¡ Æ®·¢¹é¿¡ ÀÇÇÑ ±ÛÀÌ ¿Ã¶ó¿Ô½À´Ï´Ù."; define("_GNUBOARD_", TRUE); ob_start(); include_once ("./write_update_mail.php"); $content = ob_get_contents(); ob_end_clean(); // °Ô½ÃÆÇ °ü¸®ÀÚ¿¡°Ô º¸³»´Â ¸ÞÀÏ if ($config[cf_email_wr_board_admin]) mailer($blog_name, "", $board_admin[mb_email], $subject, $content, 1); // ±×·ì °ü¸®ÀÚ¿¡°Ô º¸³»´Â ¸ÞÀÏ if ($group_admin[mb_email] != $board_admin[mb_email]) { if ($config[cf_email_wr_group_admin]) mailer($blog_name, "", $group_admin[mb_email], $subject, $content, 1); } // ÃÖ°í°ü¸®ÀÚ¿¡°Ô º¸³»´Â ¸ÞÀÏ if ($super_admin[mb_email] != $board_admin[mb_email]) { if ($config[cf_email_wr_super_admin]) mailer($blog_name, "", $super_admin[mb_email], $subject, $content, 1); } // ´äº¯ ¸ÞÀϹޱâ (¿ø°Ô½ÃÀÚ¿¡°Ô º¸³»´Â ¸ÞÀÏ) //if ($wr[wr_recv_email] && $wr[wr_email] && $wr[wr_email] != $admin[mb_email]) if (strstr($wr[wr_option], 'mail') && $wr[wr_email] && $wr[wr_email] != $admin[mb_email]) { if ($config[cf_email_wr_write]) mailer($blog_name, "", $wr[wr_email], $subject, $content, 1); // ÄÚ¸àÆ® ¾´ ¸ðµçÀÌ¿¡°Ô ¸ÞÀÏ ¹ß¼Û if ($config[cf_email_wr_comment_all]) { $sql = " select wr_email from $write_table where wr_email not in ( '$admin[mb_email]' , '$wr[wr_email]', '' ) and wr_parent = '$wr_id' group by wr_email "; $result = sql_query($sql); while ($row=sql_fetch_array($result)) mailer($blog_name, "", $row[wr_email], $subject, $content, 1); } } } } } echo tb_xml_msg(0, ""); ?>