Posted by dajava on 03/06/07 16:22

This is what he wrote to me yesterday.

------------------------------------------------------

' in code means end of line. therefore, ' and the rest of the senteces
were truncated.
Prewiewing is OK. But, the whole sentence will not saved into DB.

--------------------------------------------------------

and i found the source code.

<?

//
if(($write==3 || $write==11) && $writer != "" && $password != "" &&
$contents != "")
{
if($write==3 && $title != "") //
{
//
$query = "select * from Dora_Board order by no desc limit 0 ,
1";
@$result = mysql_query($query, $Dora_DB);
@$data = mysql_fetch_array($result);

if(strlen($title)>=100) //
{
$title_leng=100; //

if(strstr(substr($data[1], 0, 100), " "))
$title_leng = $title_leng - 2;

$data[1] = substr($data[1], 0, $title_leng);
}

if($title != $data[1]) //
{
$query = "INSERT INTO `Dora_Board` (`Title` , `Writer`,
`Password`, `Contents`, `Date`, `Ip`) ";
$query = $query . "VALUES ('" . (string)$title . "', '" .
(string)$writer . "', '" . (string)$password . "', ";
$query = $query . "'" . (string)$contents . "', '" . (string)
$date . "', '" . (string)$ip . "')";

@$result = mysql_query($query, $Dora_DB);
}
}
elseif($write==11 && $no != "") //
{
//
$query = "select * from Dora_Board where no='" . $no . "'";
@$result = mysql_query($query, $Dora_DB);
@$data = mysql_fetch_array($result);

//
$query = "select * from Dora_Reply order by no desc limit 0 ,
1";
@$result = mysql_query($query, $Dora_DB);
@$data_r = mysql_fetch_array($result);

if($contents != $data_r[4] || $writer != $data_r[2]) //
{
if($data[7] == 0 || $data[7] == "") //
$data[7] = 1; //
elseif($contents != $data_r[4]) //
$data[7] = $data[7]+1; //

//
$query = "update `Dora_Board` set `Reply` = '" . $data[7] .
"' where `no` = '" . $no . "' Limit 1";
@$result = mysql_query($query, $Dora_DB);

//
$query = "INSERT INTO `Dora_Reply` (`Main_no` , `Writer`,
`Password`, `Contents`, `Date`, `Ip`) ";
$query = $query . "VALUES ('" . (integer)$no . "', '" .
(string)$writer . "', '" . $password . "', ";
$query = $query . "'" . (string)$contents . "', '" . (string)
$date . "', '" . (string)$ip . "')";

@$result = mysql_query($query, $Dora_DB);
}
}
}

//
elseif(($write==6 || $write==14) && $writer != "" && $password != ""
&& $contents != "" && $no != "")
{
if($write==6 && $title != "" && $closed == "")
{
$query = "UPDATE `Dora_Board` SET `no` = '" . $no . "', `Title`
= '" . $title . "', `Writer` = '" . $writer . "', ";
$query = $query . "`Contents` = '" . $contents . "' WHERE `no`
=" . $no . " LIMIT 1";
}
elseif($write==14 && $ro != "")
{
$query = "UPDATE `Dora_Reply` SET `no` = '" . $ro . "', `Writer`
= '" . $writer . "', ";
$query = "`Contents` = '" . $contents . "' WHERE `no` =" . $ro .
" LIMIT 1";
}
@$result = mysql_query($query, $Dora_DB); //입력 쿼리 실행
}

// )
elseif(($write==8 || $write==16) && $no !="" && $password != "")
{
//.
$query = "select * from Dora_Board where no='" . $no . "'";
@$result = mysql_query($query, $Dora_DB);
@$data = mysql_fetch_array($result);

//
if($write==8 && $data[3] == crypt($password, '씨앗 키워드') && $data[7]
== "" || $data[7] == "0")
{
$query = "delete from `Dora_Board` where `no` = '" . $no .
"'";
@$result = mysql_query($query, $Dora_DB);
}

//
elseif($write==16 && ro != "")
{
//
$query = "select * from Dora_Reply where no='" . $ro . "'";
@$result = mysql_query($query, $Dora_DB);
@$data_r = mysql_fetch_array($result);

//
if($data_r[3] == crypt($password, '씨앗 키워드'))
{
$query = "delete from `Dora_Reply` where `no` = '" . $ro .
"'";
@$result = mysql_query($query, $Dora_DB);

//
$data[7] = $data[7] -1;
$query = "update `Dora_Board` set `Reply` = '" . $data[7] .
"' where `no` = '" . $no . "' Limit 1";
@$result = mysql_query($query, $Dora_DB);
}
}
}

include("./board.php"); //

?>


dajava,

• Next in forum: Re: List Fails on some computers - www missing in url
• Prev in forum: Re: help : apostrophe/single quotation mark
• Thread view: Re: help : apostrophe/single quotation mark

[Reply to this message]