act.php

<?php
# $Id: act.php,v 1.25 2014-01-01 09:30:38 oops Exp $
include_once "include/variable.php";
include_once "include/print.php";
# GET/POST 변수를 제어
parse_query_str();

if ($o['at'] != "dn" && $o['at'] != "sm" && $o['at'] != "ma") {
  include "include/header.php";

  $c = sql_connect ($db['rhost'], $db['user'], $db['pass'], $db['name'], $db['rmode']);

  if($board['mode'] && session_is_registered("$jsboard")) {
    # 로그인을 안했을 경우 로그인 화면으로, 했을 경우 패스워드 인증
    if($board['mode'] != 1 && !session_is_registered("$jsboard")) print_error($_('login_err'));
    else compare_pass($_SESSION[$jsboard]);
    $atc['passwd'] = $_SESSION[$jsboard]['pass'];
  }

  $atc['goaway'] = $_POST['goaway'];
  $atc['table']  = $table;
  $atc['agent']  = $agent;

  # admin mode 일 경우 admin mode 를 체크  
  if($board['mode'] == 1 || $board['mode'] == 3)
    if(!$board['adm'] && $board['super'] != 1) print_error($_('login_err'));

  # captcha authenication
  function check_captcha ($atc) {
    global $board, $_, $o;

    if ( $board['super'] || $board['adm'] )
      return;

    $pattern = ( $o['at'] == 'reply' ) ? '/^[25-7]/' : '/^[2457]/';
    if ( preg_match ($pattern, $board['mode']) )
      return;

    if ( ! $board['captcha'] || ! file_exists ('captcha/' . $board['captcha']) )
      return;

    require_once ('captcha/captcha.php');
    $capt = new Captcha ($board['captcha']);
    if ( $capt->disable === true )
      return;

    if ( ! $atc['ckey'] || ! $atc['ckeyv'] )
      print_error ($_('captnokey'),250,150,1);

    if ( $capt->check ($atc['ckey'], $atc['ckeyv']) === false )
      print_error ($_('captinvalid'),250,150,1);
  }

  # 게시물 작성 함수
  function article_post($table, $atc) {
    global $jsboard, $board, $upload, $cupload, $rmail, $_, $agent;
    global $print, $max_file_size, $c, $db, $o;

    if($board['mode'] == 4 && $board['super'] != 1 && !$board['adm']) print_error($_('login_err'));

    $atc['date'] = time(); # 현재 시각
    $atc['host'] = get_hostname(0); # 글쓴이 주소

    # Injection 등의 위험 요소 때문에 html 쓰기 지원을 포기한다.
    # phpbb 의 bb tag 처럼 대안을 제시
    $atc['html']   = 2;

    # 글 등록 호환 모드시에 html header tag를 사용하는 것을 방지한다.
    delete_tag($atc);

    $atc = article_check($table, $atc);
    if(preg_match("/^0|4|6$/",$board['mode'])) $atc['passwd'] = crypt($atc['passwd']);

    # 전체 관리자가 허락하였을시에만 upload 기능을 사용할수 있음
    if ($upload['yesno'] && $cupload['yesno'] && !$agent['tx']) {
      $bfilename = date("YmdHis",$atc['date']);
      $upfile = file_upload("userfile",$bfilename);

      if(!trim($upfile['name'])) {
        $bfilename = "";
        $upfile['size'] = 0;
        $upfile['name'] = "";
      }
    } else {
      # winchild 99/11/26 fileupload = "no" 일 경우에는 초기화를 시켜주어야 한다.
      $bfilename = "";
      $upfile['size'] = 0;
      $upfile['name'] = "";
    }

	sql_escape ($c, $table);
	sql_escape ($c, $atc);

    $result = sql_query("SELECT MAX(num) AS num, MAX(idx) AS idx FROM $table", $c);
    $_rr = sql_fetch_array ($result);

    $atc['mxnum'] = $_rr['num'] + 1; # 최고 번호
    $atc['mxidx'] = $_rr['idx'] + 1; # 최고 인덱스 번호

    sql_free_result($result);

    sql_query("INSERT INTO $table (num,idx,date,host,name,rname,passwd,email,url,
                                   title,text,refer,reyn,reno,rede,reto,html,comm,bofile,
                                   bcfile,bfsize)
                      VALUES ('{$atc['mxnum']}','{$atc['mxidx']}',{$atc['date']},'{$atc['host']}',
                              '{$atc['name']}','{$atc['rname']}','{$atc['passwd']}','{$atc['email']}',
                              '{$atc['url']}','{$atc['title']}','{$atc['text']}',0,0,0,0,0,'{$atc['html']}', 0,
                              '{$upfile['name']}','{$bfilename}','{$upfile['size']}')", $c);

    # mail 보내는 부분
    if ($rmail['uses']) {
      if ($rmail['admin'] || $rmail['user']) {
        $rmail['name'] = $atc['rtname'];
        $rmail['text'] = $atc['text'];
        $rmail['title'] = $atc['rtitle'];
        $rmail['url'] = $atc['url'];
        $rmail['email'] = $atc['email'];
        $rmail['version'] = $board['ver'];
        $rmail['path'] = $board['path'];
        $rmail['table'] = $table;
        $rmail['noquery'] = sql_query("SELECT MAX(no) AS no FROM $table", $c);
        $rmail['no'] = sql_result($rmail['noquery'], 0, "no"); # 최고 번호
        $rmail['reply_orig_email'] = $rmail['origmail'];
        $rmail['theme'] = $print['theme'];
        $rmail['html'] = $atc['html'];

        if(sendmail($rmail)) $page['m_err'] = 0;
        else $page['m_err'] = 1;
      }
    }

    set_cookie($atc);
    return $page;
  }

  # 게시물 답장 함수
  function article_reply($table, $atc) {
    global $board,$upload,$cupload,$rmail,$_,$agent,$jsboard,$page;
    global $print, $max_file_size, $c, $db, $referer;

    $atc['date'] = time(); # 현재 시각
    $atc['host'] = get_hostname(0); # 글쓴이 주소

    # Injection 등의 위험 요소 때문에 html 쓰기 지원을 포기한다.
    # phpbb 의 bb tag 처럼 대안을 제시
    $atc['html']   = 2;

    # 글 등록 호환 모드시에 html header tag를 사용하는 것을 방지한다.
    delete_tag($atc);

    # 댓글에서 : 때문에 글이 밀리는 것을 복구한다.
    $atc['text'] = preg_replace("/(^[:]+ [^\r\n]+)\r?\n([^:\r\n]+\r?\n)/mi","\\1 \\2",$atc['text']);

    $atc = article_check($table, $atc);
    if(preg_match("/^(0|4)$/",$board['mode']) || !session_is_registered($jsboard)) $atc['passwd'] = crypt($atc['passwd']);

    # 답변시 file upload 설정 부분, 전체 관리자가 허락시에만 가능
    if ($upload['yesno'] && $cupload['yesno'] && !$agent['tx']) {
      $bfilename = date("YmdHis",$atc['date']);
      $upfile = file_upload("userfile",$bfilename);
      if(!trim($upfile['name'])) {
        $bfilename = "";
        $upfile['size'] = 0;
        $upfile['name'] = "";
      }
    } else {
      # winchild 99/11/26 fileupload = "no" 일 경우에는 초기화를 시켜주어야 한다.
      $bfilename = "";
      $upfile['size'] = 0;
      $upfile['name'] = "";
    }

    # referer 의 글 번호와 부모글의 번호가 다를 경우 스팸 처리
    if ( $atc['reno'] != $referer['no'] )
      print_error($_('act_s'),250,150,1);

    # 답장글에 대한 정보를 가져옴
    table_lock ($c, $table, 1);
    $reply = get_article($table, $atc['reno']);
    $atc['rede'] = $reply['rede'] + 1; # 답장글의 깊이
    $atc['idx']  = $reply['idx']; # 부모글의 인덱스 번호 상속

    if($reply['reto']) $atc['reto'] = $reply['reto']; # 최상위 부모글 번호
    else $atc['reto'] = $reply['no']; # 부모글 번호

	sql_escape ($c, $table);
	sql_escape ($c, $atc);

    # 부모글 이상의 인덱스 번호를 가진 글들의 인덱스를 1씩 더함
    sql_query("UPDATE $table SET idx = idx + 1 WHERE (idx + 0) >= '{$atc['idx']}'", $c);
    sql_query("UPDATE $table SET reyn = 1 WHERE no = '{$atc['reno']}'", $c, $db['name']);
    sql_query("INSERT INTO $table (num,idx,date,host,name,rname,passwd,email,url,
                                   title,text,refer,reyn,reno,rede,reto,html,comm,bofile,
                                   bcfile,bfsize)
                      VALUES (0,'{$atc['idx']}','{$atc['date']}','{$atc['host']}','{$atc['name']}','{$atc['rname']}',
                              '{$atc['passwd']}','{$atc['email']}','{$atc['url']}','{$atc['title']}','{$atc['text']}',
                              0,0,'{$atc['reno']}','{$atc['rede']}','{$atc['reto']}','{$atc['html']}',0,'{$upfile['name']}',
                              '{$bfilename}','{$upfile['size']}')", $c);
    table_lock ($c, $table, 0);

    # mail 보내는 부분
    if ($rmail['uses']) {
      if ($rmail['admin'] || $rmail['user']) {
        $result = sql_query("SELECT MAX(no) AS no FROM $table", $c);
        $rmail['no'] = sql_result($result, 0, "no"); # 최고 번호
        $rmail['name'] = $atc['rtname'];
        $rmail['text'] = $atc['text'];
        $rmail['title'] = $atc['rtitle'];
        $rmail['url'] = $atc['url'];
        $rmail['email'] = $atc['email'];
        $rmail['version'] = $board['ver'];
        $rmail['path'] = $board['path'];
        $rmail['table'] = $table;
        $rmail['reply_orig_email'] = $rmail['origmail'];
        $rmail['theme'] = $print['theme'];
        $rmail['html'] = $atc['html'];

        if(sendmail($rmail)) $gopage['m_err'] = 0;
        else $gopage['m_err'] = 1;
      }
    }

    set_cookie($atc);
    $gopage['no'] = !$page ? get_current_page($table, $atc['idx']) : $page;
    return $gopage;
  }

  # 게시물 수정 함수
  function article_edit($table, $atc, $passwd) {
    global $max_file_size, $jsboard, $board, $_, $agent, $rmail;
    global $upload, $cupload, $c, $db;

    # 어드민 모드가 아닐 경우 패스워드 인증
    if($board['super'] != 1 && !$board['adm']) {
      if(!check_passwd($table,$atc['no'],trim($passwd))) print_error($_('act_pw'), 250, 150, 1);
    }

    $atc['date'] = time(); # 현재 시각
    $atc['host'] = get_hostname(0); # 글쓴이 주소
    $atc = article_check($table, $atc);

    # 글 등록 호환 모드시에 html header tag를 사용하는 것을 방지한다.
    delete_tag($atc);

    # 댓글에서 : 때문에 글이 밀리는 것을 복구한다.
    $atc['text'] = preg_replace("/(^[:]+ [^\r\n]+)\r?\n([^:\r\n]+\r?\n)/mi","\\1 \\2",$atc['text']);

	sql_escape ($c, $table);
	sql_escape ($c, $atc);

    # file 삭제 루틴
    if($atc['fdel']) {
      $fdelqy = sql_query("SELECT bcfile, bofile FROM {$table} WHERE no = '{$atc['no']}'", $c);
      $fdelinfo = sql_fetch_array($fdelqy);
      sql_free_result($fdelqy);
      
      sql_query("UPDATE $table SET bcfile='', bofile='', bfsize='' WHERE no = '{$atc['no']}'", $c);
      if(file_exists("data/$table/files/{$fdelinfo['bcfile']}/{$fdelinfo['bofile']}")) {
        unlink("data/$table/files/{$fdelinfo['bcfile']}/{$fdelinfo['bofile']}");
        rmdir("data/$table/files/{$fdelinfo['bcfile']}");
      }
    }

    # file 수정 루틴
    if($upload['yesno'] && $cupload['yesno'] && !$agent['tx']) {
      # file 수정 루틴
      $bfilename = date("YmdHis",$atc['date']);
      $upfile = file_upload("userfile",$bfilename);

      if (trim($upfile['name'])) {
        $fdelqy = sql_query("SELECT bcfile, bofile FROM {$table} WHERE no = '{$atc['no']}'", $c);
        $fdelinfo = sql_fetch_array($fdelqy);
        sql_free_result($fdelqy);
        if(file_exists("data/$table/files/{$fdelinfo['bcfile']}/{$fdelinfo['bofile']}") && trim($fdelinfo['bofile'])) {
          unlink("data/$table/files/{$fdelinfo['bcfile']}/{$fdelinfo['bofile']}");
          rmdir("data/$table/files/{$fdelinfo['bcfile']}");
        }

        $upquery = ",\n        bofile = '{$upfile['name']}', bcfile = '{$bfilename}', bfsize = '{$upfile['size']}'\n";
      }
    }

    sql_query("
      UPDATE $table SET date = '{$atc['date']}', host = '{$atc['host']}',
      name = '{$atc['name']}', email = '{$atc['email']}', url = '{$atc['url']}',
      title = '{$atc['title']}', text = '{$atc['text']}', html = '{$atc['html']}'$upquery
      WHERE no = '{$atc['no']}'", $c);

    set_cookie($atc);

    return $atc['no'];
  }

  # 게시물 삭제 함수
  function article_delete($table, $no, $passwd) {
    global $jsboard, $o, $_, $board, $page, $c, $db;
    global $delete_filename, $delete_dir, $upload, $agent;
    $atc = get_article($table, $no);

    # 어드민 모드가 아닐 경우 패스워드 인증
    if($board['super'] != 1 && !$board['adm']) {
      $admchk = check_passwd($table,$atc['no'],trim($passwd));
      if(!$admchk) print_error($_('act_pwm'),250,150,1);
    }

    # 관리자 모드가 아닐 경우 댓글이 존재하면 에러메세지
    if($atc['reyn'] && ($board['super'] != 1 && !$board['adm'] && $admchk != 2))
      print_error($_('act_c'),250,150,1);

	sql_escape ($c, $table);
	sql_escape ($c, $atc);

    # 부모글의 답장글이 자신 밖에 없을 때 부모글의 reyn을 초기화 (답장글 여부)
    if($atc['reno']) {
      $result = sql_query("SELECT COUNT(*) AS cnt FROM $table WHERE reno = '{$atc['reno']}'", $c);
      if( sql_result ($result, 0, 'cnt') == 1 )
        sql_query("UPDATE $table SET reyn = 0 WHERE no = '{$atc['reno']}'", $c);
      sql_free_result($result);
    }

    sql_query("DELETE FROM {$table}_comm WHERE reno = '{$atc['no']}'", $c, 1);
    table_lock ($c, $table, 1);
    sql_query("DELETE FROM $table WHERE no = '{$atc['no']}'", $c);
    sql_query("UPDATE $table SET idx = idx - 1 WHERE (idx + 0) > '{$atc['idx']}'", $c);

    if(!$atc['reyn']) {
      # upload file이 존재할 경우 삭제
      if ($delete_filename && file_exists("$delete_filename")) {
        unlink("$delete_filename");
        rmdir("$delete_dir");
      }
    }

    # 관련글이 있을 경우 관련글을 모두 삭제함 (관리자 모드)
    if($atc['reyn'] && ($board['super'] == 1 || $board['adm'] || $admchk == 2)) {
      $result = sql_query("SELECT no,bofile,bcfile FROM $table WHERE reno = '{$atc['no']}'", $c);
      while($list = sql_fetch_array($result)) {
        table_lock ($c, $table, 0);
        article_delete($table, $list['no'], $passwd);
        # upload file이 존재할 경우 삭제
        if ($list['bofile'] && file_exists("./data/$table/{$upload['dir']}/{$list['bcfile']}/{$list['bofile']}")) {
          unlink("./data/$table/{$upload['dir']}/{$list['bcfile']}/{$list['bofile']}");
          rmdir("./data/$table/{$upload['dir']}/{$list['bcfile']}");
        }
      }
    }

    $page = !$page ? get_current_page($table, $atc['idx']) : $page;
    table_lock ($c, $table, 0);

    return $page;
  }

  function comment_post($table,$atc) {
    global $jsboard, $board, $_, $ccompare, $compare;
    global $c, $db;

    $host = get_hostname(0);
    $dates = time();

    # blank check
    $blankChk = "(\xA1A1|\s|&nbsp;)+";
    $nameChk = array("name","text");
    for($bc=0;$bc<2;$bc++) {
      if(!$atc[$nameChk[$bc]] || preg_match("/^$blankChk$/i",trim($atc[$nameChk[$bc]]))) {
        $_lang['act_in'] = preg_replace("/제목,/i","",$_('act_in'));
        print_error($_lang['act_in'],250,150,1);
      }
    }

    if (!empty($compare['name']) && eregi($compare['name'],$atc['name'])) $cmp['name'] = 1;
    if (!empty($ccompare['name']) && eregi($ccompare['name'],$atc['name'])) $ccmp['name'] = 1;

    # 관리자 사칭 체크
    if((!$board['mode'] || $board['mode'] == 4) && $board['super'] != 1 && !$board['adm']) {

      # 전체 관리자 패스워드
      $result = sql_query("SELECT passwd FROM userdb WHERE position = 1", $c);
      $r['su'] = sql_result($result,0,"passwd");
      sql_free_result($result);

      if($r['su'] != crypt($atc['passwd'],$r['su'])) $notsuper = 1;

      if ($cmp['name']) {
        if($notsuper) print_error($_('act_ad'),250,150,1);
      }

      if($ccmp['name'] && $notsuper) {
        $arrayadm = explode(";",$board['ad']);

        for($k=0;$k<sizeof($arrayadm);$k++) {
          # 게시판 관리자 패스워드
          $result = sql_query("SELECT passwd FROM userdb WHERE nid = '$arrayadm[$k]'", $c);
          $r['ad'] = sql_result($result,0,"passwd");
          sql_free_result($result);

          if($r['ad'] == crypt($atc['passwd'],$r['ad'])) {
            $notadm = 0;
            break;
          } else $notadm = 1;
        }
        if ($notadm) print_error($_('act_d'),250,150,1);
      }
    }

    if(preg_replace("/\s/i","",$atc['passwd'])) $atc['passwd'] = crypt($atc['passwd']);
    if($agent['co'] == "mozilla") $atc['text'] = wordwrap($atc['text'],60,"\n",1);

	sql_escape ($c, $table);
	sql_escape ($c, $atc);

    $sql = "INSERT INTO {$table}_comm (reno,rname,name,passwd,text,host,date) ".
           "VALUES ('{$atc['no']}','{$atc['rname']}','{$atc['name']}','{$atc['passwd']}','{$atc['text']}','$host','$dates')";
    sql_query($sql, $c);
    $sql = "UPDATE {$table} SET comm = comm + 1 WHERE no = '{$atc['no']}'";
    sql_query($sql, $c);
    set_cookie($atc,1);
  }

  function comment_del($table,$no,$cid,$pass) {
    global $jsboard, $_, $board, $c, $db;

    # 어드민 모드가 아닐 경우 패스워드 인증
    if($board['super'] != 1 && !$board['adm']) {
      $admchk = check_passwd($table,$cid,trim($pass));
      if(!$admchk) print_error($_('act_pw'),250,150,1);
    }

	sql_escape ($c, $table);

    sql_query("DELETE FROM {$table}_comm WHERE no = '$cid'", $c);
    $sql = "UPDATE {$table} SET comm = comm - 1 WHERE no = '{$no}'";
    sql_query($sql, $c);
  }

  # 게시물 검사 함수
  #
  # trim - 문자열 양쪽의 공백 문자를 없앰
  #        http://www.php.net/manual/function.trim.php
  # chop - 문자열 뒤쪽의 공백 문자를 없앰
  #        http://www.php.net/manual/function.chop.php
  function article_check($table, $atc) {
    # 검색 등 관련 변수 (CGI 값)
    global $jsboard, $compare, $o, $ccompare, $_, $rmail;
    global $board, $passwd, $agent, $c, $db;

    # spam 등록기 체크
    check_spamer($atc);

    # location check
    check_location(1);

    # 이름, 제목, 내용의 공백을 없앰
    $atc['name']  = trim($atc['name']);
    $atc['title'] = trim($atc['title']);
    $atc['text']  = chop($atc['text']);

    if(preg_match("/[^\xA1-\xFEa-z\. ]/i", $name))
      print_error ($_('reg_format_n'), 250, 150, 1);

    if(($o['at'] == "write" || $o['at'] == "reply") && preg_match("/^(0|4|6)$/",$board['mode']) && !$board['adm'] && $board['super'] != 1) {
      if(!trim($atc['passwd']) && !trim($passwd)) print_error($_('act_pwm'),250,150,1);
    }

    # blank check
	if ( ! $atc['name'] || ! $atc['title'] || ! trim ($atc['text']) )
		print_error($_('act_in'),250,150,1);

    $blankChk = "(\xA1A1|\s|&nbsp;)+";
    $nameChk = array("name","title","text");
    for($bc=0;$bc<3;$bc++) {
      if(!$atc[$nameChk[$bc]] || preg_match("/^$blankChk$/i",$atc[$nameChk[$bc]]))
        print_error($_('act_in'),250,150,1);
    }

    if($atc['url']) $atc['url'] = check_url($atc['url']);
    if ( $atc['email'] ) {
      # windows php has not checkdnsrr() function
      $offset = check_windows () ? 0 : 1;
      $atc['email'] = check_email ($atc['email'], $offset);
    }

    # 쓰기,답장 모드에서 html 사용시 table tag 검사
    if(($o['at'] == "write" || $o['at'] == "reply" || $o['at'] == "edit") && $atc['html'] == 1) {
      check_htmltable($atc['text']);
      check_iframe($atc['text']);
      $denysrc = array("!<((iframe|script|img)[^>]*)>!i","!<(/(iframe|script|img))>!i");
      $editsrc = array("&lt;\\1&gt;","&lt;\\1&gt;");
      $atc['text'] = preg_replace($denysrc,$editsrc,$atc['text']);
    }

    $compare['email'] = trim($compare['email']) ? $compare['email'] : "mail check";
    $ccompare['email'] = trim($ccompare['email']) ? $ccompare['email'] : "mail check";
    $compare['name'] = trim($compare['name']) ? $compare['name'] : "name check";
    $ccompare['name'] = trim($ccompare['name']) ? $ccompare['name'] : "name check";

    if (eregi($compare['name'],$atc['name'])) $cmp['name'] = 1;
    if (eregi($compare['email'],$atc['email'])) $cmp['email'] = 1;
    if (eregi($ccompare['name'],$atc['name'])) $ccmp['name'] = 1;
    if (eregi($ccompare['email'],$atc['email'])) $ccmp['email'] = 1;

    # 관리자 사칭 체크
    if((!$board['mode'] || $board['mode'] == 4) && $board['super'] != 1 && !$board['adm']) {
      if($o['at'] == "edit") $atc['passwd'] = $passwd;

      # 전체 관리자 패스워드
      $result = sql_query("SELECT passwd FROM userdb WHERE position = 1", $c);
      $r['su'] = sql_result($result,0,"passwd");
      sql_free_result($result);

      if ($r['su'] != crypt($atc['passwd'],$r['su'])) $notsuper = 1;

      if ($cmp['name'] || $cmp['email']) {
        if($notsuper) print_error($_('act_ad'),250,150,1);
      }

      if (($ccmp['name'] || $ccmp['email']) && $notsuper) {
        $arrayadm = explode(";",$board['ad']);
        for($k=0;$k<sizeof($arrayadm);$k++) {
          # 게시판 관리자 패스워드
          $result = sql_query("SELECT passwd FROM userdb WHERE nid = '{$arrayadm[$k]}'", $c);
          $r['ad'] = sql_result($result,0,"passwd");
          sql_free_result($result);

          if($r['ad'] == crypt($atc['passwd'],$r['ad'])) {
            $notadm = 0;
            break;
          } else $notadm = 1;
        }
        if ($notadm) print_error($_('act_d'),250,150,1);
      }
    }

    # 스팸 체크
    if($o['at'] == "write" || $o['at'] == "reply") check_captcha ($atc);
    if(check_spam($atc['text'])) print_error($_('act_s') . $GLOBALS['spamstr'],250,150,1);
    if(check_spam($atc['title'])) print_error($_('act_s') . $GLOBALS['spamstr'],250,150,1);

    # 메일로 보낼 변수 받음
    $atc['rtname'] = $atc['name'];
    $atc['rtitle'] = $atc['title'];

    # 이름, 제목의 HTML 코드 문자를 치환함
    # ugly_han() -> IE 사용시에 한글 깨지는 것을 복원함
    $atc['name']  = ugly_han(htmlspecialchars($atc['name']));
    $atc['title'] = ugly_han(htmlspecialchars($atc['title']));

    # 마지막으로 올라온 글의 정보를 가져옴 (중복 투고 검사용)
    $_limit = compatible_limit (0, 1);
    $result = sql_query("SELECT * FROM $table ORDER BY no DESC {$_limit}", $c);
    $list   = sql_fetch_array($result);
    sql_free_result($result);

    if ($list && $atc['name'] == $list['name'] &&
      $atc['text'] == $list['text'] &&
      $atc['title'] == $list['title'] &&
      $atc['email'] == $list['email'] &&
      $atc['url'] == $list['url'] &&
      $atc['html'] == $list['html']) {

      # 수정 모드시, 수정된 사항은 없으나, 첨부파일의 변화가 있을 경우 수정 가능함.
      if ($o['at'] == 'edit') {
        if ($atc['fdel']) {
          $chkpass = 1;
        } elseif (is_uploaded_file($_FILES['userfile']['tmp_name']) && $_FILES['userfile']['size'] > 0) {
          $chkpass = 1;
        } else $chkpass = 0;
      } else $chkpass = 0;

      if (!$chkpass) {
        switch ($o['at']) {
          case 'write':
            print_error($_('act_same'),250,150,1);
            break;
          case 'edit':
            print_error($_('act_dc'),250,150,1);
            break;
        }
      }
    }

    return $atc;
  }

  # 쿠키 설정 함수
  function set_cookie($atc,$comment=0) {
    global $board,$agent;
    $month = 60 * 60 * 24 * $board['cookie'];
    $cookietime = time() + $month;

    setcookie("board_cookie[name]", $atc['name'], $cookietime);
    if(!$comment) {
      setcookie("board_cookie[email]", $atc['email'], $cookietime);
      setcookie("board_cookie[url]", $atc['url'], $cookietime);
    }
  }

  switch($o['at']) {
    case 'write':
      $page = article_post($table, $atc);
      if(!$page['m_err']) Header("Location: list.php?table=$table");
      else move_page("list.php?table=$table");
      break;
    case 'reply':
      $gopage = article_reply($table, $atc);
      if(!$gopage['m_err']) Header("Location: list.php?table=$table&page={$gopage['no']}");
      else move_page("list.php?table=$table&page={$gopage['no']}");
      break;
    case 'edit':
      $no = article_edit($table, $atc, $passwd);
      Header("Location: read.php?table=$table&no=$no");
      break;
    case 'del':
      $gopage = article_delete($table, $no, $passwd, $o['am']);
      Header("Location: list.php?table=$table&page=$gopage");
      break;
    case 'c_write':
      comment_post($table,$atc);
      Header("Location: read.php?table=$table&no={$atc['no']}&page=$page");
      break;
    case 'c_del':
      comment_del($table,$atc['no'],$atc['cid'],$lp);
      Header("Location: read.php?table=$table&no={$atc['no']}&page=$page");
  }
} elseif ($o['at'] == "dn") {
  include "include/header.php";

  # 해당 변수에 meta character 가 존재하는지 체크
  meta_char_check($dn['tb'],0,1);
  meta_char_check($dn['cd']);
  meta_char_check($upload['dir']);
  upload_name_chk($dn['name']);

  $dn['path'] = "data/{$dn['tb']}/{$upload['dir']}/{$dn['cd']}/{$dn['name']}";

  if($dn['dl'] = readfile_r ($dn['path'])) {
    if(extension_loaded('fileinfo')) {
      $finfo = finfo_open(FILEINFO_MIME);
      if(is_resource($finfo)) {
        $mimes = finfo_file($finfo, $dn['path']);
        $mimes = preg_replace('!^([^/]+/[a-z0-9+.-]+).*!i', '\\1', $mimes);
        finfo_close($finfo);
      }
    }

    $dn['encode'] = content_disposition($dn['name']);

    if($agent['br'] == "MSIE" && $agent['vr'] == 5.5) {
      $mimes = $mimes ? $mimes : 'doesn/matter';
      header('Content-Transfer-Encoding: binary');
    } else {
      $mimes = $mimes ? $mimes : 'file/unknown';
      Header('Content-Description: PHP Generated Data');
    }
    Header('Content-type: '.$mimes);
    header('Content-Length: '.filesize("{$dn['path']}"));
    Header('Content-Disposition: attachment; '.$dn['encode']);
    Header('Pragma: no-cache');
    Header('Expires: 0');

    echo $dn['dl'];
  }
} else {
  echo "<script type=\"text/javascript\">alert('It\'s Bad Access');history.back();</script>";
  exit;
}
?>