function get_admin_uniqid() { $db = new DbMySqli(); $uniqid = uniqid(); $sql = "select uniqid from tbl_admin"; $sql .= " where uniqid = '{$uniqid}'"; $result = $db->query($sql); $rows = mysqli_num_rows($result); if ($rows > 0) { $i = 1; do { $uniqid = uniqid(); $sql = "select uniqid from tb_admin"; $sql .= " where uniqid = '{$uniqid}'"; $result2 = $db->query($sql); $rows2 = mysqli_num_rows($result2); if ($rows2 > 0) { $uniqid = uniqid(); } else { $i = $i + 1; } } while ($i == 1); } return $uniqid; }
<?php include_once $_SERVER['DOCUMENT_ROOT'] . "/sitemanage/include/check_master.php"; include_once $_SERVER['DOCUMENT_ROOT'] . "/sitemanage/include/top.php"; set_time_limit(0); $db = new DbMySqli(); $mode = $_REQUEST['mode']; $checker = $_REQUEST['checker']; $no = $_REQUEST['no']; if ($mode == "del_log_1") { $db->delete("iroad_log_test", "no = '{$no}'"); } if ($mode == "del_log_2") { $db->delete("iroad_log_dlog", "no = '{$no}'"); } if ($mode == "del_log_3") { for ($i = 0; $i < 10; $i++) { if (!$chk[$i]) { continue; } $db->delete("iroad_log_test", "no = '{$chk[$i]}'"); } } if ($mode == "del_log_4") { for ($i = 0; $i <= 10; $i++) { if (!$chk[$i]) { continue; } $db->delete("iroad_log_dlog", "no = '{$chk[$i]}'"); } }
<?php include_once $_SERVER['DOCUMENT_ROOT'] . "/sitemanage/include/check_master.php"; include_once $_SERVER['DOCUMENT_ROOT'] . "/sitemanage/include/top.php"; $db = new DbMySqli(); $sql = "select idx, id, name, mobile, use_YN, regdate"; $sql .= " from tbl_admin"; $sql .= " order by idx"; $result = $db->query($sql); $rows = mysqli_num_rows($result); ?> <script type="text/javascript" src="list.js"></script> </head> <body class="left_margin"> <form name="frm_move" method="post" action="modify.php"> <input type="hidden" name="idx" value="" /> </form> <table width="694" border="0" cellpadding="0" cellspacing="0"> <?php include_once "page_title.php"; ?> <tr height="30"> <td> <a href="write.php" class="btn_type02">등록</a> <a href="#" onclick="fn_delete(); return false;" class="btn_type02">선택삭제</a> <select name="use_YN" id="use_YN"> <option value="">사용여부 변경</option> <option value="Y">사용</option> <option value="N">비사용</option>
<?php include_once $_SERVER['DOCUMENT_ROOT'] . "/common/lib/common.php"; $db = new DbMySqli(); $idx = $_GET['idx']; $page = $_GET['page']; $search = $_GET['search']; $sql = "\nupdate tbl_postscript set hit = hit + 1\nwhere idx = '{$idx}'\n"; $db->exec_sql($sql); $fields = "*"; $where_sql = " where idx = '{$idx}'"; $data = $db->get_record("tbl_postscript", $fields, $where_sql); if ($data == "") { alert_error("not_data"); } $title = stripslashes($data['title']); $name = stripslashes($data['name']); $regdate = $data['regdate']; $hit = $data['hit']; $content = nl2br(stripslashes($data['content'])); ?> <!DOCTYPE html> <html lang="ko"> <head> <meta charset="utf-8"> <meta name="viewport" content="initial-scale=1.0,maximum-scale=1.0,minimum-scale=1.0,user-scalable=yes"> <title>서울대병원 스트레스관리프로그램</title> <link rel="stylesheet" type="text/css" href="/style.css" /> <style type="text/css"> /* Giving a font-family and Size to give good look */ body{
<?php include_once $_SERVER['DOCUMENT_ROOT'] . "/sitemanage/include/check_admin.php"; include_once $_SERVER['DOCUMENT_ROOT'] . "/common/lib/common.php"; $db = new DbMySqli(); $idx = $_POST['idx']; $page = $_POST['page']; $search = $_POST['search']; $name = addslashes($_POST['name']); $title = addslashes($_POST['title']); $content = addslashes($_POST['content']); $userip = $_SERVER['REMOTE_ADDR']; $db['mb_uniqid'] = $admin_uniqid; $db['name'] = $name; $db['title'] = $title; $db['content'] = $content; $db['userip'] = $userip; $db->update("tbl_postscript", "idx = '{$idx}'"); ?> <form name="pagemove" method="post" action="list.php"> <input type="hidden" name="page" value="<?php echo $page; ?> " /> <input type="hidden" name="search" value="<?php echo $search; ?> " /> </form> <script type="text/javascript">
<?php include_once $_SERVER['DOCUMENT_ROOT'] . "/sitemanage/include/check_admin.php"; include_once $_SERVER['DOCUMENT_ROOT'] . "/common/lib/common.php"; $db = new DbMySqli(); $idx = $_POST["idx"]; $page = $_POST['page']; $search = $_POST['search']; $table = "tbl_qna"; $fields = "idx"; $where_sql = " where reply_idx = '{$idx}'"; $data = $db->get_record($table, $fields, $where_sql); $f_idx = $data["idx"]; $fields = "filename"; $where_sql = " where idx = '{$idx}'"; $data = $db->get_record($table, $fields, $where_sql); if ($data != "") { $filename = $data["filename"]; delete_file($filepath1, $filename); } $db->delete($table, "idx = '{$idx}'"); ?> <form name="pagemove" method="post" action="view.php"> <input type="hidden" name="idx" value="<?php echo $f_idx; ?> " /> <input type="hidden" name="page" value="<?php echo $page; ?> " />
<?php include_once $_SERVER['DOCUMENT_ROOT'] . "/common/lib/common.php"; $db = new DbMySqli(); $name = addslashes($_POST['name']); $title = addslashes($_POST['title']); $content = addslashes($_POST['content']); //첨부파일 업로드 if (is_uploaded_file($_FILES["filename"]["tmp_name"])) { $filename = $_FILES["filename"]["name"]; $filesize = $_FILES["filename"]["size"]; $origin_filename = $filename; $ext = strtolower(get_ext($filename)); new_check_ext($ext); //금지파일 체크 $filename = get_filename($filepath1, $ext); move_uploaded_file($_FILES["filename"]["tmp_name"], get_real_filepath($filepath1) . "/" . $filename); } else { $filesize = 0; } $userip = $_SERVER['REMOTE_ADDR']; $sql = "select ifnull(max(idx), 0) + 1 from tbl_qna"; $result = $db->query($sql); $rows = mysqli_fetch_row($result); $f_idx = $rows[0]; $table = "tbl_qna"; $idx_field = "idx"; $db['f_idx'] = $f_idx; $db['thread'] = "a"; $db['name'] = $name; $db['title'] = $title;
<?php include_once $_SERVER['DOCUMENT_ROOT'] . "/sitemanage/include/check_master.php"; include_once $_SERVER['DOCUMENT_ROOT'] . "/sitemanage/include/top.php"; set_time_limit(0); $db = new DbMySqli(); $mode = $_REQUEST['mode']; $kind = $_REQUEST['kind']; $no = $_REQUEST['no']; if (!$kind) { if (!$mode) { $db['bookmark'] = '1'; $db->update("iroad_log_dlog", "no = '{$no}'"); } if ($mode == "del") { $db['bookmark'] = ''; $db->update("iroad_log_dlog", "no = '{$no}'"); } } else { if (!$mode) { $db['bookmark'] = '1'; $db->update("iroad_log_test", "no = '{$no}'"); } if ($mode == "del") { $db['bookmark'] = ''; $db->update("iroad_log_test", "no = '{$no}'"); } } Replace($HTTP_REFERER);
<?php include_once $_SERVER['DOCUMENT_ROOT'] . "/common/lib/common.php"; $db = new DbMySqli(); $idx = $_GET['idx']; $page = $_GET['page']; $search = $_GET['search']; $sql = "\nupdate tbl_notice set hit = hit + 1\nwhere idx = '{$idx}'\n"; $db->exec_sql($sql); $fields = "*"; $where_sql = " where idx = '{$idx}'"; $data = $db->get_record("tbl_notice", $fields, $where_sql); if ($data == "") { alert_error("not_data"); } $title = stripslashes($data['title']); $name = stripslashes($data['name']); $regdate = $data['regdate']; $hit = $data['hit']; $content = stripslashes($data['content']); ?> <!DOCTYPE html> <html lang="ko"> <head> <meta charset="utf-8"> <meta name="viewport" content="initial-scale=1.0,maximum-scale=1.0,minimum-scale=1.0,user-scalable=yes"> <title>서울대병원 스트레스관리프로그램</title> <link rel="stylesheet" type="text/css" href="/style.css" /> <style type="text/css"> /* Giving a font-family and Size to give good look */ body{
<?php include_once $_SERVER['DOCUMENT_ROOT'] . "/sitemanage/include/check_admin.php"; include_once $_SERVER['DOCUMENT_ROOT'] . "/common/lib/common.php"; $db = new DbMySqli(); $f_idx = $_POST['f_idx']; $page = $_POST['page']; $search = $_POST['search']; $thread = $_POST['thread']; $title = addslashes($_POST['title']); $content = addslashes($_POST['content']); //첨부파일 업로드 if (is_uploaded_file($_FILES["filename"]["tmp_name"])) { $filename = $_FILES["filename"]["name"]; $filesize = $_FILES["filename"]["size"]; $origin_filename = $filename; $ext = strtolower(get_ext($filename)); new_check_ext($ext); //금지파일 체크 $filename = get_filename($filepath1, $ext); move_uploaded_file($_FILES["filename"]["tmp_name"], get_real_filepath($filepath1) . "/" . $filename); } else { $filesize = 0; } $table = "tbl_qna"; $fields = "thread, right(thread, 1)"; $sql = " where f_idx = '{$f_idx}'"; $sql .= " and length(thread) = length('{$thread}') + 1 and locate('{$thread}', thread) = 1"; $sql .= " order by thread desc limit 1"; $data = $db->get_record($table, $fields, $sql); if ($data != "") {
<?php $db = new DbMySqli(); $first_view = $_REQUEST["first_view"]; //기간별 검색 if (strstr($script_name, "period")) { $ssyear = $_REQUEST["ssyear"]; $ssmonth = $_REQUEST["ssmonth"]; $ssday = $_REQUEST["ssday"]; $seyear = $_REQUEST["seyear"]; $semonth = $_REQUEST["semonth"]; $seday = $_REQUEST["seday"]; $ssweekday = $_REQUEST["ssweekday"]; if ($first_view == "hour") { $ssyear = $stryear; $ssmonth = $strmonth; $ssday = $strday; $seyear = $stryear; $semonth = $strmonth; $seday = $strday; } } $pagename = $_REQUEST["pagename"]; $syear = $_REQUEST["syear"]; $smonth = $_REQUEST["smonth"]; $sday = $_REQUEST["sday"]; $sweekday = $_REQUEST["sweekday"]; $shour = $_REQUEST["shour"]; $sstatis_view = $_REQUEST["sstatis_view"]; $where_sql = " where 1"; if ($pagename != "") {
<?php include_once $_SERVER['DOCUMENT_ROOT'] . "/sitemanage/include/check_admin.php"; include_once $_SERVER['DOCUMENT_ROOT'] . "/common/lib/common.php"; set_time_limit(0); $db = new DbMySqli(); $idx = $_POST['idx']; $search = $_POST['search']; if (!is_array($idx)) { $idx = array($idx); } foreach ($idx as $arr_idx) { $db->delete("tbl_notice", "idx = '{$arr_idx}'"); } ?> <form name="pagemove" method="post" action="list.php"> <input type="hidden" name="search" value="<?php echo $search; ?> "> </form> <script type="text/javascript"> <!-- alert("삭제되었습니다."); pagemove.submit(); --> </script>
<?php include_once $_SERVER['DOCUMENT_ROOT'] . "/sitemanage/include/check_admin.php"; include_once $_SERVER['DOCUMENT_ROOT'] . "/common/lib/common.php"; $db = new DbMySqli(); $idx = $_POST['idx']; $page = $_POST['page']; $search = $_POST['search']; $exposure_YN = $_POST['exposure_YN']; $title = addslashes($_POST['title']); $content = addslashes($_POST['content']); $userip = $_SERVER['REMOTE_ADDR']; $db['mb_uniqid'] = $admin_uniqid; $db['exposure_YN'] = $exposure_YN; $db['title'] = $title; $db['content'] = $content; $db['userip'] = $userip; $db->update("tbl_faq", "idx = '{$idx}'"); ?> <form name="pagemove" method="post" action="list.php"> <input type="hidden" name="page" value="<?php echo $page; ?> " /> <input type="hidden" name="search" value="<?php echo $search; ?> " /> </form> <script type="text/javascript">
<?php include_once $_SERVER['DOCUMENT_ROOT'] . "/sitemanage/include/check_admin.php"; include_once $_SERVER['DOCUMENT_ROOT'] . "/common/lib/common.php"; $db = new DbMySqli(); $idx = $_POST['idx']; $page = $_POST['page']; $search = $_POST['search']; $name = addslashes($_POST['name']); $title = addslashes($_POST['title']); $content = addslashes($_POST['content']); $userip = $_SERVER['REMOTE_ADDR']; $db['mb_uniqid'] = $admin_uniqid; $db['name'] = $name; $db['title'] = $title; $db['content'] = $content; $db['userip'] = $userip; $db->update("tbl_notice", "idx = '{$idx}'"); ?> <form name="pagemove" method="post" action="list.php"> <input type="hidden" name="page" value="<?php echo $page; ?> " /> <input type="hidden" name="search" value="<?php echo $search; ?> " /> </form> <script type="text/javascript">
<?php include_once $_SERVER['DOCUMENT_ROOT'] . "/sitemanage/include/check_admin.php"; include_once $_SERVER['DOCUMENT_ROOT'] . "/common/lib/common.php"; $db = new DbMySqli(); $exposure_YN = $_POST['exposure_YN']; $title = addslashes($_POST['title']); $content = addslashes($_POST['content']); $userip = $_SERVER['REMOTE_ADDR']; $table = "tbl_faq"; $idx_field = "idx"; $db['mb_uniqid'] = $admin_uniqid; $db['exposure_YN'] = $exposure_YN; $db['title'] = $title; $db['content'] = $content; $db['userip'] = $userip; $db['regdate'] = $nowdate; $idx_val = $db->insert($table, $idx_field); ?> <form name="pagemove" method="post" action="list.php"> </form> <script type="text/javascript"> <!-- pagemove.submit(); --> </script>
<?php include_once $_SERVER['DOCUMENT_ROOT'] . "/sitemanage/include/check_admin.php"; include_once $_SERVER['DOCUMENT_ROOT'] . "/common/lib/common.php"; set_time_limit(0); $db = new DbMySqli(); $idx = $_POST['idx']; $search = $_POST['search']; if (!is_array($idx)) { $idx = array($idx); } foreach ($idx as $arr_idx) { $db->delete("tbl_session3", "idx = '{$arr_idx}'"); } ?> <form name="pagemove" method="post" action="list.php"> <input type="hidden" name="search" value="<?php echo $search; ?> "> </form> <script type="text/javascript"> <!-- alert("삭제되었습니다."); pagemove.submit(); --> </script>
<?php include_once $_SERVER['DOCUMENT_ROOT'] . "/sitemanage/include/check_master.php"; include_once $_SERVER['DOCUMENT_ROOT'] . "/common/lib/common.php"; $db = new DbMySqli(); $idx = $_POST['idx']; $use_YN = $_POST['use_YN']; $passwd = addslashes(trim($_POST['passwd'])); $name = addslashes($_POST['name']); $phone = addslashes($_POST['phone']); $mobile1 = addslashes($_POST['mobile1']); $mobile2 = addslashes($_POST['mobile2']); $mobile3 = addslashes($_POST['mobile3']); if ($mobile1 != "" && $mobile2 != "" && $mobile3 != "") { $mobile = $mobile1 . "-" . $mobile2 . "-" . $mobile3; } $userip = $_SERVER['REMOTE_ADDR']; $db['use_YN'] = $use_YN; $db['passwd'] = "(hex(aes_encrypt('{$passwd}', '{$encrypt_code}')))"; $db['name'] = $name; $db['phone'] = $phone; $db['mobile'] = $mobile; $db['userip'] = $userip; $db->update("tbl_admin", "idx = '{$idx}'"); ?> <form name="pagemove" method="post" action="list.php"> </form> <script type="text/javascript"> <!-- alert("수정되었습니다.");
<?php include_once $_SERVER['DOCUMENT_ROOT'] . "/common/lib/common.php"; $db = new DbMySqli(); $idx = $_POST["idx"]; $page = $_POST["page"]; $search = $_POST['search']; $pre_origin_filename = $_POST["pre_origin_filename"]; $pre_filename = $_POST["pre_filename"]; $pre_filesize = $_POST["pre_filesize"]; $name = addslashes($_POST['name']); $title = addslashes($_POST['title']); $content = addslashes($_POST['content']); //첨부파일 업로드 if (is_uploaded_file($_FILES["filename"]["tmp_name"])) { $filename = $_FILES["filename"]["name"]; $filesize = $_FILES["filename"]["size"]; $origin_filename = $filename; $ext = strtolower(get_ext($filename)); new_check_ext($ext); //금지파일 체크 $filename = get_filename($filepath1, $ext); if (move_uploaded_file($_FILES["filename"]["tmp_name"], get_real_filepath($filepath1) . "/" . $filename)) { if ($pre_filename != "") { delete_file($filepath1, $pre_filename); } } } else { $origin_filename = $pre_origin_filename; $filename = $pre_filename; $filesize = $pre_filesize;
<?php include_once $_SERVER['DOCUMENT_ROOT'] . "/sitemanage/include/check_master.php"; include_once $_SERVER['DOCUMENT_ROOT'] . "/common/lib/common.php"; set_time_limit(0); $db = new DbMySqli(); $idx = $_POST['idx']; if (!is_array($idx)) { $idx = array($idx); } foreach ($idx as $arr_idx) { $db->delete("tbl_admin", "idx = '{$arr_idx}'"); } ?> <form name="pagemove" method="post" action="list.php"> </form> <script type="text/javascript"> <!-- alert("삭제되었습니다."); pagemove.submit(); --> </script>
<?php include_once $_SERVER['DOCUMENT_ROOT'] . "/sitemanage/include/check_admin.php"; include_once $_SERVER['DOCUMENT_ROOT'] . "/common/lib/common.php"; set_time_limit(0); $db = new DbMySqli(); $idx = $_POST['idx']; $search = $_POST['search']; if (!is_array($idx)) { $idx = array($idx); } foreach ($idx as $arr_idx) { $db->delete("tbl_faq", "idx = '{$arr_idx}'"); } ?> <form name="pagemove" method="post" action="list.php"> <input type="hidden" name="search" value="<?php echo $search; ?> "> </form> <script type="text/javascript"> <!-- alert("삭제되었습니다."); pagemove.submit(); --> </script>
<?php include_once $_SERVER['DOCUMENT_ROOT'] . "/sitemanage/include/check_master.php"; include_once "top.php"; $db = new DbMySqli(); $mode = $_REQUEST['mode']; //echo $mode; $all = $_REQUEST['all']; $word = $_REQUEST['word']; //$members = $_REQUEST['members']; $day_start = $_REQUEST['day_start']; $day_end = $_REQUEST['day_end']; $sort = $_REQUEST['sort']; $yy = $_REQUEST['yy']; $mm = $_REQUEST['mm']; $dd = $_REQUEST['dd']; //전체 카운터 /* $table = "iroad_log"; $fields = "total"; $data = $db->get_record($table, $fields); $total_count = $data['total']; */ $data = $db->get_record("iroad_log_data", "sum(hit) as hit"); $total_count = $data['hit']; if (!$total_count) { $total_count = 0; } if (!$mode) { $title_name = "로그 분석";
<?php session_start(); include_once $_SERVER['DOCUMENT_ROOT'] . "/common/lib/common.php"; set_time_limit(0); $db = new DbMySqli(); $qst_1 = $_SESSION['session1_qst_1']; $qst_2 = $_SESSION['session1_qst_2']; $qst_3 = $_SESSION['session1_qst_3']; $qst_4 = $_SESSION['session1_qst_4']; $qst_5 = $_SESSION['session1_qst_5']; $qst_6 = $_SESSION['session1_qst_6']; $qst_7 = $_SESSION['session1_qst_7']; $qst_8 = $_SESSION['session1_qst_8']; $qst_9 = $_SESSION['session1_qst_9']; $qst_10 = $_SESSION['session1_qst_10']; $qst_11 = $_POST['qst_11']; $qst_12 = $_POST['qst_12']; $qst_13 = $_POST['qst_13']; $qst_14 = $_POST['qst_14']; $qst_15 = $_POST['qst_15']; if ($qst_11 != "") { $_SESSION['session1_qst_11'] = $qst_11; } if ($qst_12 != "") { $_SESSION['session1_qst_12'] = $qst_12; } if ($qst_13 != "") { $_SESSION['session1_qst_13'] = $qst_13; } if ($qst_14 != "") {
<?php include_once $_SERVER['DOCUMENT_ROOT'] . "/common/lib/common.php"; $db = new DbMySqli(); $pagegroup = 10; $pagesize = 10; $page = $_GET["page"] == "" ? 1 : $_GET["page"]; $search_divi = $_GET['search_divi']; $keyword = $_GET['keyword']; $search = $_GET['search']; if ($search_divi != "" && $keyword != "") { $search = $search_divi . "|" . $keyword; } if ($search != "") { $arr_search = explode("|", $search); for ($i = 0; $i < sizeof($arr_search); $i++) { switch ($i) { case 0: $search_divi = $arr_search[$i]; break; case 1: $keyword = $arr_search[$i]; break; } } } if ($search_divi != "" && $keyword != "") { if ($search_divi == "tit_cont") { $where_sql = " where (title like '%{$keyword}%' or content like '%{$keyword}%')"; } else { $where_sql = " where {$search_divi} like '%{$keyword}%'";
<?php include_once $_SERVER['DOCUMENT_ROOT'] . "/sitemanage/include/check_admin.php"; include_once $_SERVER['DOCUMENT_ROOT'] . "/sitemanage/include/top.php"; $db = new DbMySqli(); $idx = $_POST['idx']; $page = $_POST['page']; $search = $_POST['search']; $table = "tbl_session2"; $fields = "*"; $where_sql = " where idx = '{$idx}'"; $data = $db->get_record($table, $fields, $where_sql); if ($data == "") { alert_error("not_data"); } $regdate = $data['regdate']; $userip = $data['userip']; $name = stripslashes($data['name']); $state_positive_think1 = stripslashes($data['state_positive_think1']); $state_positive_reaction1 = stripslashes($data['state_positive_reaction1']); $state_negative_think1 = stripslashes($data['state_negative_think1']); $state_negative_reaction1 = stripslashes($data['state_negative_reaction1']); $state_positive_think2 = stripslashes($data['state_positive_think2']); $state_positive_reaction2 = stripslashes($data['state_positive_reaction2']); $state_negative_think2 = stripslashes($data['state_negative_think2']); $state_negative_reaction2 = stripslashes($data['state_negative_reaction2']); $positive_emotion = stripslashes($data['positive_emotion']); $negative_emotion = stripslashes($data['negative_emotion']); $positive_think = stripslashes($data['positive_think']); $negative_think = stripslashes($data['negative_think']); $positive_act = stripslashes($data['positive_act']);
<?php include_once $_SERVER['DOCUMENT_ROOT'] . "/sitemanage/include/check_admin.php"; include_once $_SERVER['DOCUMENT_ROOT'] . "/common/lib/common.php"; set_time_limit(0); $db = new DbMySqli(); $idx = $_POST['idx']; $search = $_POST['search']; if (!is_array($idx)) { $idx = array($idx); } foreach ($idx as $arr_idx) { $db->delete("tbl_postscript", "idx = '{$arr_idx}'"); } ?> <form name="pagemove" method="post" action="list.php"> <input type="hidden" name="search" value="<?php echo $search; ?> "> </form> <script type="text/javascript"> <!-- alert("삭제되었습니다."); pagemove.submit(); --> </script>