<?php
// 라이브러리 함수 파일 인크루드
include "lib.php";
if (!eregi("member_modify.php", $HTTP_REFERER)) {
Error("제대로 된 접근을 하여 주시기 바랍니다");
}
// DB 연결
if (!$connect) {
$connect = dbConn();
}
// 회원 정보를 얻어옴
$member = member_info();
$group_no = $member[group_no];
// 멤버 정보 삭제
@mysql_query("delete from {$member_table} where no='{$member['no']}'") or error(mysql_error());
// 쪽지 테이블에서 멤버 정보 삭제
@mysql_query("delete from {$get_memo_table} where member_no='{$member['no']}'") or error(mysql_error());
@mysql_query("delete from {$send_memo_table} where member_no='{$member['no']}'") or error(mysql_error());
// 각종 게시판에서 현재 탈퇴한 멤버의 모든 정보를 삭제 (부하 문제로 인해서 주석 처리)
/*
$result=mysql_query("select name from $admin_table");
while($data=mysql_fetch_array($result)) {
// 게시판 테이블에서 삭제
@mysql_query("update $t_board"."_$data[name] set ismember='0', password=password('".time()."') where ismember='$member[no]'") or error(mysql_error());
// 코멘트 테이블에서 삭제
@mysql_query("update $t_comment"."_$data[name] set ismember='0', password=password('".time()."') where ismember='$member[no]'") or error(mysql_error());
}
*/
// 그룹테이블에서 회원수 -1
@mysql_query("update {$group_table} set member_num=member_num-1 where no = '{$group_no}'") or error(mysql_error());
function member_modify_action()
{
$OK = TRUE;
if (empty($_POST['member_nicename'])) {
$OK = FALSE;
set_clue('請記得填寫暱稱!');
}
if (!empty($_POST['member_password_check']) && $_POST['member_password'] !== $_POST['member_password_check']) {
$OK = FALSE;
set_clue('兩次輸入的密碼設定並不相符!');
}
if (!email_check($_POST['member_email'])) {
$OK = FALSE;
set_clue('請填寫正確的電子郵件位址!');
}
if ($OK) {
$original_password = member_info('password');
$member_email = strtolower($_POST['member_email']);
$member_url = url_input($_POST['member_url']);
$member_password = hash('sha256', $_POST['member_password']);
if ($original_password != $member_password && empty($_POST['member_password_check']) && !empty($_POST['member_password'])) {
$member_password = $original_password;
set_clue('因無輸入確認欄位,密碼並沒有變更。');
} elseif (empty($_POST['member_pass_check']) && empty($_POST['member_password'])) {
$member_password = $original_password;
}
$member_nicename = $_POST['member_nicename'];
$member_text = trim($_POST['member_text']);
$change['key'] = array('member_email', 'member_url', 'member_password', 'member_nicename', 'member_text');
$change['value'] = array($member_email, $member_url, $member_password, $member_nicename, $member_text);
$where['key'] = 'id';
$where['value'] = $_SESSION["member_id"];
inset('members', $change, $where);
set_clue('已經修改好您的註冊資料');
unset($_SESSION['modify']);
header('location: ' . OUT_PATH . 'modify');
} else {
if (!isset($_SESSION['modify'])) {
$_SESSION['modify'] = array();
}
$_SESSION['modify']['login'] = $_POST['member_login'];
$_SESSION['modify']['email'] = $_POST['member_email'];
$_SESSION['modify']['nicename'] = $_POST['member_nicename'];
$_SESSION['modify']['url'] = $_POST['member_url'];
$_SESSION['modify']['intro'] = $_POST['member_text'];
header('location: ' . OUT_PATH . 'modify');
}
}
function member_edit()
{
global $head_url, $header_config;
if (!submitcheck('editsubmit')) {
$uid = intval($_GET['uid']);
$info = member_info($uid);
$info = pstripslashes($info);
$info = dhtmlspecialchars($info);
$yearselect = $monthselect = $dayselect = "<option value=\"\">" . cplang('nolimit') . "</option>\n";
$yy = dgmdate(TIMESTAMP, 'Y');
for ($y = $yy; $y >= $yy - 100; $y--) {
$y = sprintf("%04d", $y);
$yearselect .= "<option value=\"{$y}\" " . ($info['birthyear'] == $y ? 'selected' : '') . ">{$y}</option>\n";
}
$info['yearselect'] = $yearselect;
for ($m = 1; $m <= 12; $m++) {
$m = sprintf("%02d", $m);
$monthselect .= "<option value=\"{$m}\" " . ($info['birthmonth'] == $m ? 'selected' : '') . ">{$m}</option>\n";
}
$info['monthselect'] = $monthselect;
for ($d = 1; $d <= 31; $d++) {
$d = sprintf("%02d", $d);
$dayselect .= "<option value=\"{$d}\" " . ($info['birthday'] == $d ? 'selected' : '') . ">{$d}</option>\n";
}
$info['dayselect'] = $dayselect;
$info['bloodtype_select'] = select_output(array('A', 'B', 'AB', milu_lang('other')), milu_lang('other'), 'set[bloodtype]', $info['bloodtype']);
$info['education_select'] = select_output(array(milu_lang('boshi'), milu_lang('shuoshi'), milu_lang('benke'), milu_lang('zuanke'), milu_lang('zhongxue'), milu_lang('xiaoxue'), milu_lang('other')), milu_lang('other'), 'set[education]', $info['education']);
$info['regdate'] = $info['regdate'] ? dgmdate($info['regdate'], 'Y-m-d H:i') : '';
$info['lastvisit'] = $info['lastactivity'] ? dgmdate($info['lastvisit'], 'Y-m-d H:i') : '';
$info['lastactivity'] = $info['lastactivity'] ? dgmdate($info['lastactivity'], 'Y-m-d H:i') : '';
$info['lastpost'] = $info['lastpost'] ? dgmdate($info['lastpost'], 'Y-m-d H:i') : '';
$info['header'] = pick_header_output($header_config, $head_url, array('current' => 'member_list'));
return $info;
} else {
$uid = intval($_GET['uid']);
if (!$uid) {
cpmsg_error(milu_lang('err'));
}
$setarr = paddslashes($_GET['set']);
DB::update('strayer_member', $setarr, array('uid' => $uid));
cpmsg(milu_lang('op_success'), PICK_GO . "member&myac=member_edit&uid=" . $uid, 'succeed');
}
}
include 'themes/NTK/contact.php';
break;
case 'dang-nhap.html':
$result = login();
break;
case 'dang-xuat.html':
$result = logout();
break;
case 'dang-ky-thanh-vien.html':
$result = register_form();
break;
case 'dang-ky.html':
$result = register();
break;
case 'thong-tin-thanh-vien.html':
$result = member_info();
break;
case 'trang-chu.html':
$result = page_news(true);
break;
case 'tim-kiem.html':
$result = page_news(true, true);
break;
case 'thong-tin-a.html':
$result = Ajax();
break;
default:
echo 'Không tìm thấy trang này';
break;
}
} else {
function link_at($str)
{
$to_replace = array_keys(member_info());
$replace_to = array_values(member_info());
return str_replace($to_replace, $replace_to, $str);
}
function func_reg_ing($bookid, $examid, $userid, $examlgubun, $examsgubun, $elapsedtime)
{
// 권한 검사
$connect=dbConn();
$member=member_info();
call_pear_init();
require_once("DB.php");
// DB 접속
$db =& DB::connect(call_pear_db_dsn());
if (PEAR::isError($db)) {
die($db->getMessage());
}
//******************************
// CLASS_ID 찾기
$sql = "SELECT TB_REG1.CLASS_ID "
." FROM TB_CLASS, TB_REG1 "
." WHERE TB_REG1.USER_ID = '$userid' "
." AND BOOK_ID = '$bookid' "
." AND TB_REG1.CLASS_ID = TB_CLASS.CLASS_ID";
$res = $db->query($sql);
if (PEAR::isError($db)) {
die($db->getMessage());
}
while ($res->fetchInto($row)) {
$class_id = $row[0];
}
//******************************
// TB_EXAM.SEQ 찾기
$sql = "SELECT SEQ "
." FROM TB_EXAM "
." WHERE BOOK_ID = '$bookid' "
." AND EXAM_ID = '$examid' ";
$res = $db->query($sql);
if (PEAR::isError($db)) {
die($db->getMessage());
}
while ($res->fetchInto($row)) {
$exam_seq = $row[0];
}
//******************************
// TB_EXAM_SCH.SEQ 찾기
$sql = "SELECT SEQ "
." FROM TB_EXAM_SCH "
." WHERE CLASS_ID = '$class_id' "
." AND EXAM_SEQ = '$exam_seq' ";
$res = $db->query($sql);
if (PEAR::isError($db)) {
die($db->getMessage());
}
while ($res->fetchInto($row)) {
$exam_sch_seq = $row[0];
}
// select 문제번호를 불러온다.
$sql = "SELECT SEQ "
." FROM TB_EXAM_REC "
." WHERE USER_ID = '$userid' "
." AND EXAM_SCH_SEQ = '$exam_sch_seq' ";
echo $sql;
$res = $db->query($sql);
if (PEAR::isError($db)) {
die($db->getMessage());
}
while ($res->fetchInto($row)) {
$r_seq = $row[0];
}
// TB_EXAM_REC RECORD UPDATE
$sth = $db->prepare("UPDATE TB_EXAM_REC SET ELAPSED_TIME = ? WHERE SEQ = ?");
$data = array($elapsedtime, $r_seq);
$db->execute($sth, $data );
echo "update complete : ";
echo $elapsedtime;
} // end function func_reg_ing
function func_state_request($bookid, $examid, $userid, $examlgubun, $examsgubun)
{
echo $elapsedtime;
// 권한 검사
$connect=dbConn();
$member=member_info();
call_pear_init();
require_once("DB.php");
// DB 접속
$db =& DB::connect(call_pear_db_dsn());
if (PEAR::isError($db)) {
die($db->getMessage());
}
//******************************
// CLASS_ID 찾기
$sql = "SELECT TB_REG1.CLASS_ID "
." FROM TB_CLASS, TB_REG1 "
." WHERE TB_REG1.USER_ID = '$userid' "
." AND BOOK_ID = '$bookid' "
." AND TB_REG1.CLASS_ID = TB_CLASS.CLASS_ID";
$res = $db->query($sql);
if (PEAR::isError($db)) {
die($db->getMessage());
}
while ($res->fetchInto($row)) {
$class_id = $row[0];
}
//******************************
// TB_EXAM.SEQ 찾기
$sql = "SELECT SEQ "
." FROM TB_EXAM "
." WHERE BOOK_ID = '$bookid' "
." AND EXAM_ID = '$examid' ";
$res = $db->query($sql);
if (PEAR::isError($db)) {
die($db->getMessage());
}
while ($res->fetchInto($row)) {
$exam_seq = $row[0];
}
//******************************
// TB_EXAM_SCH.SEQ 찾기
$sql = "SELECT SEQ "
." FROM TB_EXAM_SCH "
." WHERE CLASS_ID = '$class_id' "
." AND EXAM_SEQ = '$exam_seq' ";
$res = $db->query($sql);
if (PEAR::isError($db)) {
die($db->getMessage());
}
while ($res->fetchInto($row)) {
$exam_sch_seq = $row[0];
}
$sql = "SELECT r.EXAM_START, r.EXAM_END, r.CUR_QST_SEQ, r.ELAPSED_TIME, r.RETAKE_CNT, r.SKIP_NO "
." FROM TB_EXAM_SCH s, TB_EXAM e, TB_EXAM_REC r "
." WHERE e.EXAM_ID = '$examid' "
." AND r.USER_ID = '$userid' "
." AND e.BOOK_ID = '$bookid' "
." AND r.EXAM_SCH_SEQ = '$exam_sch_seq' ";
$res =& $db->query($sql);
if (PEAR::isError($db)) {
die($db->getMessage());
}
while ($res->fetchInto($row))
{
$r_examstart = $row[0];
$r_examend = $row[1];
$r_curqstseq = $row[2];
$r_elapsedtime = $row[3];
$r_retakecnt = $row[4];
$r_skipno = $row[5];
}
$arr = array($r_examstart, $r_examend, $r_curqstseq, $r_elapsedtime, $r_retakecnt, $r_skipno);
$rtn = implode(",", $arr);
echo $rtn;
}
function member_modify()
{
if (!member_check()) {
set_clue('Hacking Attempt!');
include load_page('denied');
exit;
}
if (isset($_SESSION['modify'])) {
$email = ' value="' . $_SESSION['modify']['email'] . '"';
$nicename = ' value="' . $_SESSION['modify']['nicename'] . '"';
$url = ' value="' . $_SESSION['modify']['url'] . '"';
$intro = $_SESSION['modify']['intro'];
} else {
$result = inget('`member_login`, `member_email`, `member_url`, `member_nicename`, `member_text`', 'members', 'WHERE `id` = \'' . $_SESSION['member']['id'] . '\'');
if ($row = mysql_fetch_assoc($result)) {
$email = ' value="' . $row['member_email'] . '"';
$nicename = ' value="' . $row['member_nicename'] . '"';
$url = ' value="' . $row['member_url'] . '"';
$intro = html_transfer($row['member_text']);
}
}
$login = '******' . member_info('login') . '">';
$password = '******';
$password_check = '<input type="password" name="member_password_check">';
$email = '<input type="text" name="member_email"' . $email . '>';
$url = '<input type="text" name="member_url"' . $url . '>';
$nicename = '<input type="text" name="member_nicename"' . $nicename . '>';
$intro = '<textarea name="member_text">' . $intro . '</textarea>';
include load_template('member_modify');
}
function func_reg_Skip($bookid, $examid, $userid, $p_examlgubun, $p_examsgubun, $skipno, $elapsedtime)
{
// 권한 검사
$connect=dbConn();
$member=member_info();
call_pear_init();
require_once("DB.php");
// DB 접속
$db =& DB::connect(call_pear_db_dsn());
if (PEAR::isError($db)) {
die($db->getMessage());
}
//******************************
// CLASS_ID 찾기
$sql = "SELECT TB_REG1.CLASS_ID "
." FROM TB_CLASS, TB_REG1 "
." WHERE TB_REG1.USER_ID = '$userid' "
." AND BOOK_ID = '$bookid' "
." AND TB_REG1.CLASS_ID = TB_CLASS.CLASS_ID";
$res = $db->query($sql);
if (PEAR::isError($db)) {
die($db->getMessage());
}
while ($res->fetchInto($row)) {
$class_id = $row[0];
}
//******************************
// TB_EXAM.SEQ 찾기
$sql = "SELECT SEQ "
." FROM TB_EXAM "
." WHERE BOOK_ID = '$bookid' "
." AND EXAM_ID = '$examid' ";
$res = $db->query($sql);
if (PEAR::isError($db)) {
die($db->getMessage());
}
while ($res->fetchInto($row)) {
$exam_seq = $row[0];
}
//******************************
// TB_EXAM_SCH.SEQ 찾기
$sql = "SELECT SEQ "
." FROM TB_EXAM_SCH "
." WHERE CLASS_ID = '$class_id' "
." AND EXAM_SEQ = '$exam_seq' ";
$res = $db->query($sql);
if (PEAR::isError($db)) {
die($db->getMessage());
}
while ($res->fetchInto($row)) {
$exam_sch_seq = $row[0];
}
//******************************
$sql = "SELECT SEQ, SKIP_NO "
." FROM TB_EXAM_REC "
." WHERE EXAM_SCH_SEQ = '$exam_sch_seq' "
." AND USER_ID = '$userid' ";
$res = $db->query($sql);
if (PEAR::isError($db)) {
die($db->getMessage());
}
while ($res->fetchInto($row)) {
$r_seq = $row[0];
}
//******************************
$res = $db->query($sql);
if (PEAR::isError($db)) {
die($db->getMessage());
}
while ($res->fetchInto($row)) {
$r_skipno = $row[1];
}
$r_skipno = $skipno."@".$r_skipno; // 문제번호 추가
// 수정
$sth = $db->prepare("UPDATE TB_EXAM_REC SET SKIP_NO = ?, UPDATE_ILSI = now(), ELAPSED_TIME = ? WHERE SEQ = ?");
$data = array($r_skipno, $elapsedtime, $r_seq);
$db->execute($sth, $data );
}
