Beispiel #1
0
function find_root_article($article_id)
{
    $result = fetch_first_row("SELECT * FROM exchange_article WHERE ID = ?", 'i', $article_id);
    if ($result['parent_id'] == NULL) {
        return $result;
    } else {
        return find_root_article($result['parent_id']);
    }
}
Beispiel #2
0
function find_root_article($id)
{
    $row = fetch_first_row("SELECT * FROM exchange_article WHERE ID = ?", "i", $id);
    var_dump($row['parent_id']);
    if ($row['parent_id'] == NULL) {
        return $id;
    } else {
        return find_root_article($row['parent_id']);
    }
}
Beispiel #3
0
$user_email = "";
if ($_POST) {
    if ($_POST["user_id"] !== "" && $_POST["user_pass"] !== "" && $_POST["user_pass_twice"] !== "" && $_POST["user_nickname"] !== "" && $_POST["user_email"] !== "") {
        $user_id = htmlspecialchars(trim($_POST["user_id"]));
        $user_pass = hash('sha512', trim($_POST["user_pass"]));
        $user_pass_twice = hash('sha512', trim($_POST["user_pass_twice"]));
        $user_nickname = htmlspecialchars(trim($_POST["user_nickname"]));
        $user_email = htmlspecialchars(trim($_POST["user_email"]));
        $is_valid = true;
        if ($user_pass == $user_pass_twice) {
            if (fetch_first_row("SELECT user_id FROM users WHERE user_id = ?", "s", $user_id) !== false) {
                $is_valid = false;
                $reason = T_("이미 존재하는 아이디입니다. 다른 아이디를 사용해 주세요.");
            }
            if ($is_valid == true) {
                if (fetch_first_row("SELECT user_id FROM users WHERE user_email = ?", "s", $user_email) !== false) {
                    $is_valid = false;
                    $reason = T_("다른 사용자가 사용 중인 이메일입니다. 다른 이메일을 사용해 주세요.");
                }
            }
        } else {
            $is_valid = false;
            $reason = T_("입력하신 두 개의 비밀번호가 다릅니다. 비밀번호를 다시 입력하세요.");
        }
        if ($is_valid === true) {
            execute_query("INSERT INTO users (ID, user_id, user_pass, user_nickname, user_email) " . "VALUES(NULL, ?, ?, ?, ?)", "ssss", $user_id, $user_pass, $user_nickname, $user_email);
            header('Location: /login.php?join=done');
        }
    } else {
        $is_valid = false;
        $reason = T_("작성하지 않은 곳이 있습니다.");
Beispiel #4
0
<?php

session_start();
require_once "../config.php";
require_once "../function.php";
if (!isset($_SESSION['ID']) || empty($_SESSION['ID'])) {
    header('Location: ' . $_SERVER['HTTP_REFERER']);
    exit;
}
if ($_GET) {
    if (isset($_GET['type']) && isset($_GET['article']) && !empty($_GET['type']) && !empty($_GET['article'])) {
        $article = fetch_first_row("SELECT * FROM exchange_article WHERE ID = ?", 'i', $_GET['article']);
        if ($article['author'] == $_SESSION['ID']) {
            header('Location: ' . $_SERVER['HTTP_REFERER']);
            exit;
        }
        if ($_GET['type'] === 'up') {
            $query = "UPDATE exchange_article SET vote_up = vote_up + 1 WHERE ID = ?";
            $query2 = "UPDATE users SET user_reputation = user_reputation + '1' WHERE ID = ?";
        } else {
            $query = "UPDATE exchange_article SET vote_down = vote_down - 1 WHERE ID = ?";
            $query2 = "UPDATE users SET user_reputation = user_reputation - '1' WHERE ID = ?";
        }
        $result = execute_query($query, "i", $_GET['article']);
        $result2 = execute_query($query2, "i", $article['author']);
        if ($result === false || $result2 === false) {
            header($_SERVER['SERVER_PROTOCOL'] . ' 500 Internal Server Error', true, 500);
            echo "<h1 style='color: red'>" . T_("SQL 쿼리를 실행하는 도중 오류가 발생했습니다.") . "</h1>";
            exit;
        } else {
            header('Location: ' . $_SERVER['HTTP_REFERER']);
Beispiel #5
0
    ?>
<!--
           --></mark>,
            </span>
            <span class="lang">
            <?php 
    $str = sprintf(T_('<mark>%s</mark>에서 <mark>%s</mark>로,'), T_($row['lang_from']), T_($row['lang_to']));
    echo $str;
    ?>
            </span>
            <span>
              <?php 
    echo time2str($row['date']);
    ?>
              <?php 
    $user = fetch_first_row('SELECT * FROM users WHERE ID = ?', 'i', $row['author']);
    echo "<a href='/profile.php?id=" . $user['ID'] . "'>" . $user['user_nickname'] . "</a>";
    ?>
            </span>
          </div>
        </section>
      </article>
    <?php 
}
?>
  </div>
  <ul class="pagination">
    <?php 
for ($i = 1; $i <= $total_page_count; $i++) {
    ?>
      <li>
$error = false;
$reason = "";
if ($_POST) {
    if (isset($_POST["title"]) && isset($_POST["contents"]) && isset($_POST["start_language"]) && isset($_POST["end_language"]) && isset($_POST["category"]) && !empty($_POST["title"]) && !empty($_POST["contents"]) && !empty($_POST["start_language"]) && !empty($_POST["end_language"]) && !empty($_POST["category"])) {
        $query_result = execute_query("INSERT INTO exchange_article " . "VALUES (NULL, NULL, ?, ?, ?, ?, ?, DEFAULT, 0, 0, 0, ?)", "sssssi", htmlspecialchars($_POST["title"]), htmlspecialchars($_POST["category"]), htmlspecialchars($_POST["start_language"]), htmlspecialchars($_POST["end_language"]), htmlspecialchars($_POST["contents"]), $_SESSION["ID"]);
        execute_query("UPDATE users SET user_point = user_point - ? WHERE ID = ?", "ii", str_word_count(htmlspecialchars($_POST["contents"])), $_SESSION["ID"]);
        if ($query_result === true) {
            header('Location: /board/exchange.php');
            exit;
        }
    } else {
        $error = true;
        $reason = T_("비어 있는 칸이 있습니다.");
    }
}
$user = fetch_first_row("SELECT * FROM users WHERE ID = ?", "i", $_SESSION["ID"]);
//////////////////// HTML START ////////////////////
require_once "../header.php";
?>
<script>m=<?php 
echo $user["user_point"];
?>
;c=function(e){o=document.getElementById('contents');n=m-((o.value.match(/\S+/g)||'').length);document.getElementById('textarea-bg').innerHTML=n;s=document.getElementById('submit');if(n<0){s.className='button disabled';s.type='button'}else{s.className='button-primary';s.type='submit'};};onload=c</script>
<main class="narrow">
  <h1><?php 
echo T_("새 글 쓰기");
?>
</h1>
  <?php 
if ($error === true) {
    ?>
if (!isset($_SESSION['ID']) || empty($_SESSION['ID'])) {
    header('Location: /login.php?error=session');
    exit;
}
if (!isset($_SERVER['HTTP_REFERER'])) {
    header($_SERVER['SERVER_PROTOCOL'] . ' 500 Internal Server Error', true, 500);
    echo "<h1 style='color: red'>" . T_("레퍼러가 존재하지 않습니다.") . "</h1>";
}
if (strpos($_SERVER['HTTP_REFERER'], $_SERVER['HTTP_HOST']) === false) {
    header($_SERVER['SERVER_PROTOCOL'] . ' 500 Internal Server Error', true, 500);
    echo "<h1 style='color: red'>" . T_("올바르지 않은 레퍼러입니다.") . "</h1>";
}
if ($_GET) {
    if (isset($_GET['mode']) && isset($_GET['comment'])) {
        if ($_GET['mode'] === 'exchange') {
            $row = fetch_first_row('SELECT * FROM exchange_comment WHERE id = ?', 'i', $_GET['comment']);
            if ($row === false) {
                header($_SERVER['SERVER_PROTOCOL'] . ' 500 Internal Server Error', true, 500);
                echo "<h1 style='color: red'>" . T_("SQL 쿼리를 실행하던 도중 오류가 발생했습니다.") . "</h1>";
                exit;
            } else {
                if ($row['author'] != $_SESSION['ID']) {
                    header($_SERVER['SERVER_PROTOCOL'] . ' 500 Internal Server Error', true, 500);
                    echo "<h1 style='color: red'>" . T_("댓글을 쓴 사용자만이 지울 수 있습니다.") . "</h1>";
                    exit;
                } else {
                    execute_query('UPDATE exchange_comment SET visible = "0" WHERE ID = ?', 'i', $_GET['comment']);
                    header('Location: ' . $_SERVER['HTTP_REFERER']);
                }
            }
        } else {
Beispiel #8
0
function recursive_comment($parent_article, $parent_id, $level)
{
    $result = fetch_all_row("SELECT * FROM exchange_comment " . "WHERE parent_article = ? " . "AND (IF (ISNULL(?), parent_id IS NULL, parent_id = ?))", "iii", $parent_article, $parent_id, $parent_id);
    if ($parent_id === NULL && isset($_SESSION['ID'])) {
        ?>
        <form method="post" action="/board/write_comment.php">
            <input type="text" name="text" placeholder="<?php 
        echo T_("댓글을 입력하세요...");
        ?>
" />
            <input type="hidden" name="mode" value="exchange" />
            <input type="hidden" name="parent_id" value="NULL" />
            <input type="hidden" name="parent_article" value="<?php 
        echo $parent_article;
        ?>
" />
        </form>
    <?php 
    } else {
        if ($parent_id === NULL) {
            ?>
        <form>
            <input type="text" name="text" placeholder="<?php 
            echo T_("권한이 없습니다.");
            ?>
 "disabled />
            <input type="hidden" name="mode" value="exchange" />
            <input type="hidden" name="parent_id" value="NULL" />
            <input type="hidden" name="parent_article" value="<?php 
            echo $parent_article;
            ?>
" />
        </form>
    <?php 
        }
    }
    if (count($result) > 0) {
        foreach ($result as $row) {
            echo '<li style="padding-left: ' . ($level * 1.5 - 1) . 'rem;">';
            if ($row['visible'] == 1) {
                $user = fetch_first_row('SELECT * FROM users WHERE ID = ?', 'i', $row['author']);
                echo $row["content"];
                echo " - <small>";
                echo sprintf("<a href='/profile.php?id=%s'>%s</a>가 %s에", $user['ID'], $user['user_nickname'], time2str($row['date']));
                echo "</small>";
                if (isset($_SESSION['ID']) && !empty($_SESSION['ID']) && $row['author'] == $_SESSION['ID']) {
                    ?>
                    <a href="/board/exchange_remove_comment.php?mode=exchange&comment=<?php 
                    echo $row['ID'];
                    ?>
">
                        <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 12 12" class="icon icon-small">
                            <path d="M0,1h3v-1h5v1h3v1h-12z" />
                            <path d="M1,3h9v9h-1v-8h-1v7h-1v-7h-1v7h-1v-7h-1v7h-1v-7h-1v7h7v1h-8z" />
                        </svg>
                    </a>
                <?php 
                }
                ?>
                <?php 
                if (isset($_SESSION['ID']) && !empty($_SESSION['ID'])) {
                    ?>
                    <label for="toggle-visible-comment-<?php 
                    echo $row['ID'];
                    ?>
">
                        <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 12 12"
                             class="icon icon-small">
                            <path d="M1,4v7h7m-7,0L11,1z" stroke-width="2" stroke="#000" fill="none" />
                        </svg>
                    </label>
                    <input type="checkbox" style="display: none;"
                           id="toggle-visible-comment-<?php 
                    echo $row['ID'];
                    ?>
" />
                        <form method="post" action="/board/write_comment.php">
                        <input type="text" name="text" placeholder="<?php 
                    echo T_("댓글을 입력하세요...");
                    ?>
" />
                        <input type="hidden" name="mode" value="exchange" />
                        <input type="hidden" name="parent_id" value="<?php 
                    echo $row['ID'];
                    ?>
" />
                        <input type="hidden" name="parent_article" value="<?php 
                    echo $parent_article;
                    ?>
" />
                    </form>
                <?php 
                }
                ?>
            <?php 
            } else {
                echo T_("<i>[삭제된 댓글입니다]</i>");
            }
            recursive_comment($parent_article, $row['ID'], $level + 1);
        }
    }
}
<?php

session_start();
require_once "../config.php";
require_once "../function.php";
if (!isset($_SESSION['ID']) || empty($_SESSION['ID'])) {
    header('Location: /login.php?error=session');
    exit;
}
if ($_GET) {
    if (isset($_GET['id'])) {
        $row = fetch_first_row('SELECT * FROM exchange_article WHERE id = ?', 'i', $_GET['id']);
        if ($row === false) {
            header($_SERVER['SERVER_PROTOCOL'] . ' 500 Internal Server Error', true, 500);
            echo "<h1 style='color: red'>" . T_("SQL 쿼리를 실행하는 도중 오류가 발생했습니다.") . "</h1>";
            exit;
        } else {
            if ($row['author'] != $_SESSION['ID']) {
                header($_SERVER['SERVER_PROTOCOL'] . ' 500 Internal Server Error', true, 500);
                echo "<h1 style='color: red'>" . T_("글을 쓴 사용자만이 지울 수 있습니다.") . "</h1>";
                exit;
            } else {
                execute_query('DELETE FROM exchange_article WHERE ID = ?', 'i', $_GET['id']);
                require '../calculate_reputation.php';
                header('Location: ' . $_SERVER['HTTP_REFERER']);
            }
        }
    } else {
        header($_SERVER['SERVER_PROTOCOL'] . ' 500 Internal Server Error', true, 500);
        echo "<h1 style='color: red'>" . T_("파라미터가 올바르지 않습니다!") . "</h1>";
    }
Beispiel #10
0
}
if (isset($_GET['logout']) && $_GET['logout'] === 'done') {
    $info = true;
    $reason_info = T_("성공적으로 로그아웃되었습니다.");
}
if (isset($_GET['error']) && $_GET['error'] == 'session') {
    $error = true;
    $reason_error = T_("세션이 만료되었습니다. 다시 로그인해주세요.");
}
if (isset($_GET['leave']) && $_GET['leave'] === 'done') {
    $info = true;
    $reason_info = T_("정상적으로 회원 탈퇴되었습니다. 이용해 주셔서 감사합니다 :)");
}
if ($_POST) {
    if (isset($_POST['user_id']) && isset($_POST['user_pass']) && !empty($_POST['user_id']) && !empty($_POST['user_pass'])) {
        $row = fetch_first_row('SELECT * FROM users WHERE user_id = ? AND user_pass = ?', 'ss', htmlspecialchars($_POST['user_id']), hash('sha512', $_POST['user_pass']));
        if ($row === false) {
            $error = true;
            $reason_error = T_("아이디 혹은 비밀번호가 일치하지 않습니다!");
        } else {
            if ($row['enabled'] == 0) {
                $error = true;
                $reason_error = T_("아이디 혹은 비밀번호가 일치하지 않습니다!");
            } else {
                $_SESSION['ID'] = $row['ID'];
                $_SESSION['user_id'] = $row['user_id'];
                $_SESSION['user_nickname'] = $row['user_nickname'];
                $_SESSION['user_email'] = $row['user_email'];
            }
        }
    } else {