/** 외부이미지 저장 * @class write * @param $target: 대상게시물번호 $data: String 자료 * @return String 치환된 자료 */ function saveImage($target, $data, $board_data = '', $where = 'post') { global $mini; $mat = $mat2 = array(); str($data, 'decode'); if (empty($board_data)) { $board_data =& $mini['board']; } preg_match_all("/\\<img.+src\\=('|\")(.+)('|\")/isU", $data, $mat); preg_match_all("/\\<img.+src\\=([^'\"]+)/isU", $data, $mat2); if (!empty($mat2[1])) { if (!empty($mat[2])) { foreach ($mat2[1] as $val) { $mat[2][] = $val; } } else { $mat[2] = $mat2[1]; } } $saved = $ins_file = array(); if (empty($board_data['dir']) || !is_dir("{$mini['dir']}file/{$board_data['dir']}")) { // 디렉토리 생성 $check = 0; while (!$check) { $tmp_name = $board_data['id'] . "_" . substr(md5(microtime()), 0, 10); if (!is_dir("{$mini['dir']}file/{$tmp_name}")) { $check = 1; } } if ($tmp_name && mkdir("{$mini['dir']}file/{$tmp_name}", 0707)) { chmod("{$mini['dir']}file/{$tmp_name}", 0707); sql("UPDATE {$mini['name']['admin']} SET dir='{$tmp_name}' WHERE no={$board_data['no']}"); $board_data['dir'] = $tmp_name; } else { __error("[{$mini['dir']}file/{$tmp_name}] 디렉토리를 생성할 수 없습니다"); } if (!is_writeable("{$mini['dir']}file/{$board_data['dir']}/")) { __error("디렉토리에 쓰기 권한이 없습니다. 퍼미션을 변경해 주세요"); } } if (!empty($mat) && !empty($mat[2])) { foreach ($mat[2] as $key => $val) { if (strpos($val, "://") !== false && !in_array($val, $saved)) { if (!preg_match("/\\:\\/\\/" . $_SERVER['HTTP_HOST'] . "/i", $val)) { $input = getSocket("\n\t\t\t\t\t\turl: {$val}\n\t\t\t\t\t\tmethod: get\n\t\t\t\t\t\tskip_header: 1\n\t\t\t\t\t"); if (!empty($input)) { $auth = md5(microtime()); $tmp_name = "sfile/saveImage.{$auth}.gif"; $fp = fopen($tmp_name, "w+"); fwrite($fp, $input); fclose($fp); if (empty($_FILES['saveImage'])) { $_FILES['saveImage'] = array(); } $_FILES['saveImage']['size'] = filesize($tmp_name); $_FILES['saveImage']['tmp_name'] = $tmp_name; $_FILES['saveImage']['name'] = basename($val); chkFile("\n\t\t\t\t\t\t\tdir: {$mini['dir']}file/{$board_data['dir']}/\n\t\t\t\t\t\t\tis_download: 1\n\t\t\t\t\t\t\ttarget: saveImage\n\t\t\t\t\t\t"); // 이미지일때만 업로드 if (!empty($_FILES['saveImage']['width'])) { $data2 = a(uploadFile("\n\t\t\t\t\t\t\t\ttarget: saveImage\n\t\t\t\t\t\t\t\tis_copy: 1\n\t\t\t\t\t\t\t"), 0); // 기본정보 $ins = array(); $ins['id'] = $board_data['no']; $ins['target_member'] = !empty($mini['member']['no']) ? $mini['member']['no'] : 0; $ins['name'] = $data2['name']; $ins['url'] = $data2['path']; $ins['size'] = $data2['size']; $ins['is_admit'] = !empty($board_data['use_file_admit']) && empty($mini['member']['level_admin']) ? 0 : 1; $ins['ip'] = $mini['ip']; $ins['date'] = $mini['date']; $ins['width'] = !empty($data2['width']) ? $data2['width'] : 0; $ins['height'] = !empty($data2['height']) ? $data2['height'] : 0; $ins['ext'] = $data2['ext']; $ins['target'] = $target; $ins['type'] = $data2['type']; // 파일해시 $ins['hash'] = getHash($data2); sql("INSERT INTO {$mini['name']['file']} " . query($ins, 'insert')); $ins['no'] = getLastId($mini['name']['file'], "(ip='{$mini['ip']}' and date='{$mini['date']}' and name='{$ins['name']}')"); $ins_file[] = $ins['no']; // 치환 $data = str_replace($val, "download.php?no={$ins['no']}&mode=view", $data); $saved[] = $val; } @unlink($_FILES['saveImage']['tmp_name']); } } } } if (!empty($ins_file)) { $tmp = "[" . implode("][", $ins_file) . "]"; sql("UPDATE {$board_data['table']} SET file=CONCAT(file, '{$tmp}') WHERE no={$target}"); } } str($data, 'encode'); return $data; }
<?php switch ($_POST['type']) { case 'video': //Cambio Video File $dataDB->setColWh(array('id')); $dataDB->setValWh(array($_POST['id'])); $var['name'] = $_POST['name']; $var['dir'] = '../' . $kar['videodir']; $var['table'] = 'video'; break; } if (!isset($_POST['round'])) { $var['fileCK'] = chkFile('fileIn', $_POST['type']); if ($var['fileCK'] == 'ok') { if (file_exists($var['dir'] . basename($_FILES["fileIn"]["name"]))) { $var['er'] = $testo['errors']['fileAlreadyPR']; unlink($_FILES["fileIn"]["tmp_name"]); } else { move_uploaded_file($_FILES["fileIn"]["tmp_name"], $var['dir'] . basename($_FILES["fileIn"]["name"])); $dataDB->setColDt(array('file')); $dataDB->setValDt(array(basename($_FILES["fileIn"]["name"]))); $dataDB->update($var['table']); Redieasy('index.php?token=' . $_POST['token']); } } else { switch ($var['fileCK']) { case '3': $var['er'] = $_FILES['fileIn']['name'] . ' ' . $testo['errors']['filePLoad']; unlink($_FILES['fileIn']['tmp_name']); break;