bbs/list.php ÆÄÀÏÀÇ ÇØ´çºÎºÐÀ» ¼öÁ¤ ÇÕ´Ï´Ù.
107 Line ºÎ±Ù
while {
Áß·«...
$i++;
$k++;
}
$i++; ¹Ù·Î À ºÎºÐ¿¡
// ÀÚ½ÅÀÇ ±ÛÀ̰ųª °ü¸®ÀÚ¶ó¸é Åë°ú
if (($list[$i][mb_id] && $list[$i][mb_id] == $member[mb_id]) || $is_admin)
;
else
{
// ºñ¹Ð±ÛÀ̶ó¸é
if (strstr($list[$i][wr_option], "secret"))
{
// ȸ¿øÀÌ ºñ¹Ð±ÛÀ» ¿Ã¸®°í °ü¸®ÀÚ°¡ ´äº¯±ÛÀ» ¿Ã·ÈÀ» °æ¿ì
// ȸ¿øÀÌ °ü¸®ÀÚ°¡ ¿Ã¸° ´äº¯±ÛÀ» ¹Ù·Î º¼ ¼ö ¾ø´ø ¿À·ù¸¦ ¼öÁ¤
$is_owner = false;
if ($list[$i][wr_reply] && $member[mb_id])
{
$sql = " select mb_id from $write_table
where wr_num = '{$list[$i][wr_num]}'
and wr_reply = ''
and wr_is_comment = '0' ";
$row = sql_fetch($sql);
if ($row[mb_id] == $member[mb_id])
$is_owner = true;
}
$ss_name = "ss_secret_{$bo_table}_{$list[$i][wr_num]}";
if (!$is_owner)
{
//$ss_name = "ss_secret_{$bo_table}_{$wr_id}";
// Çѹø ÀÐÀº °Ô½Ã¹°ÀÇ ¹øÈ£´Â ¼¼¼Ç¿¡ ÀúÀåµÇ¾î ÀÖ°í °°Àº °Ô½Ã¹°À» ÀÐÀ» °æ¿ì´Â ´Ù½Ã Æнº¿öµå¸¦ ¹¯Áö ¾Ê½À´Ï´Ù.
// ÀÌ °Ô½Ã¹°ÀÌ ÀúÀåµÈ °Ô½Ã¹°ÀÌ ¾Æ´Ï¸é¼ °ü¸®ÀÚ°¡ ¾Æ´Ï¶ó¸é
//if ("$bo_table|$write[wr_num]" != get_session("ss_secret"))
if (!get_session($ss_name)) {
// ·Î±×ÀÎµÈ È¸¿øÀÇ ±ÇÇÑÀÌ ¼³Á¤µÈ Àб⠱ÇÇѺ¸´Ù ÀÛ´Ù¸é
if ($member[mb_level] < $board[bo_read_level])
{ } else {
$list[$i]['href'] = "javascript:popup_window(\"./password.php?w=s&bo_table=$bo_table&wr_id={$list[$i][wr_id]}{$qstr}\",
\"password_popup\", \"width=700, height=500\");";
}
//goto_url("./password.php?w=s&bo_table=$bo_table&wr_id=$wr_id{$qstr}");
//$g4[bbs_path]/board.php?bo_table=$board[bo_table]&wr_id=$list[wr_id]
}
}
}
}
$i++;
$k++;
}
ÀÌ·¸°Ô ¼öÁ¤ ÇÕ´Ï´Ù.
bbs/password_check.php ÆÄÀÏÀ» ¾Æ·¡¿Í °°ÀÌ ¼öÁ¤ ÇÕ´Ï´Ù.
<?
include_once("./_common.php");
if ($w == "s") {
$qstr = "bo_table=$bo_table&sfl=$sfl&stx=$stx&wr_id=$wr_id&page=$page";
$wr = get_write($write_table, $wr_id);
if (sql_password($wr_password) != $wr[wr_password])
alert("Æнº¿öµå°¡ Ʋ¸³´Ï´Ù.");
// ¼¼¼Ç¿¡ ¾Æ·¡ Á¤º¸¸¦ ÀúÀå. ÇÏÀ§¹øÈ£´Â Æнº¿öµå¾øÀÌ º¸¾Æ¾ß Çϱ⠶§¹®ÀÓ.
//$ss_name = "ss_secret_{$bo_table}_{$wr_id}";
$ss_name = "ss_secret_{$bo_table}_{$wr[wr_num]}";
//set_session("ss_secret", "$bo_table|$wr[wr_num]");
set_session($ss_name, TRUE);
} else
alert("w °ªÀÌ Á¦´ë·Î ³Ñ¾î¿ÀÁö ¾Ê¾Ò½À´Ï´Ù.");
if($w == "s") {
echo "
<script type='text/javascript'>
opener.location.href = './board.php?$qstr';
this.name = 'opener';
this.close();
</script>
";
} else {
goto_url("./board.php?$qstr");
}
?>
bbs/password.php ÆÄÀÏÀ» ¾Æ·¡¿Í °°ÀÌ ¼öÁ¤ ÇÕ´Ï´Ù.
<?
include_once("./_common.php");
if ($w == "u")
$action = "./write.php";
else if ($w == "d")
$action = "./delete.php";
else if ($w == "x")
$action = "./delete_comment.php";
else if ($w == "s")
{
// Æнº¿öµå â¿¡¼ ·Î±×ÀÎ ÇÏ´Â °æ¿ì °ü¸®ÀÚ ¶Ç´Â ÀÚ½ÅÀÇ ±ÛÀÌ¸é ¹Ù·Î ±Ûº¸±â·Î °¨
if ($is_admin || ($member[mb_id] == $write[mb_id] && $write[mb_id]))
goto_url("./board.php?bo_table=$bo_table&wr_id=$wr_id");
else
$action = "./password_check.php";
}
else
alert("w °ªÀÌ Á¦´ë·Î ³Ñ¾î¿ÀÁö ¾Ê¾Ò½À´Ï´Ù.");
$g4[title] = "Æнº¿öµå ÀÔ·Â";
include_once("$g4[path]/head.sub.php");
if ($w != "s") {
if ($board[bo_include_head]) { @include ($board[bo_include_head]); }
if ($board[bo_content_head]) { echo stripslashes($board[bo_content_head]); }
}
$member_skin_path = "$g4[path]/skin/member/$config[cf_member_skin]";
include_once("$member_skin_path/password.skin.php");
if ($w != "s") {
if ($board[bo_content_tail]) { echo stripslashes($board[bo_content_tail]); }
if ($board[bo_include_tail]) { @include ($board[bo_include_tail]); }
}
include_once("$g4[path]/tail.sub.php");
?>
* Æнº¿öµå ÀÔ·Ââ »ç¿ë ±âÁØ :
Àбâ±ÇÇÑ 1 ÀÏ ¶§ ¸¸ ÀÛµ¿.
ºñȸ¿øÀº ¸®½ºÆ®¿¡¼ ºñ¹Ð±Û Ŭ¸¯½Ã Æ˾÷À¸·Î Æнº¿öµå ÀÔ·Â.
* ÇØ´ç ÆÁÀº °Ô½Ã¹° ¼öÁ¤,»èÁ¦ ½Ã¿¡´Â Æ˾÷ÀÌ ¾Æ´Ñ ±âÁ¸ÀÇ ¹æ½Ä´ë·Î ÀÛµ¿ ÇÕ´Ï´Ù.
*ÁÖÀÇ»çÇ× :
¸¸¾à ¸®½ºÆ®¿¡ ¸¶¿ì½º ¿À¹öµÇ¾úÀ»¶§ javascript:popup_window( ¶ó°í¸¸ ¸µÅ©°¡ Ç¥½Ã µÈ´Ù¸é
½ºÅ² ÆÄÀÏÀÇ list.skin.php ÆÄÀϳ»¿¡
echo "<a href=\"{$list[$i][href]}\">{$list[$i][subject]}</a>";
ºÎºÐÀÇ \" µû¿ÈÇ¥¸¦ ' ÀÌ·¸°Ô ¹Ù²ã ÁÖ¼¼¿ä..
Oct
13
Monday
ºñ¹Ð±Û Æнº¿öµå Æ˾÷À¸·Î ½ÇÇà Çϱâ
±×´©º¸µå
