/** 외부이미지 저장
* @class write
* @param
$target: 대상게시물번호
$data: String 자료
* @return String 치환된 자료
*/
function saveImage($target, $data, $board_data = '', $where = 'post')
{
global $mini;
$mat = $mat2 = array();
str($data, 'decode');
if (empty($board_data)) {
$board_data =& $mini['board'];
}
preg_match_all("/\\<img.+src\\=('|\")(.+)('|\")/isU", $data, $mat);
preg_match_all("/\\<img.+src\\=([^'\"]+)/isU", $data, $mat2);
if (!empty($mat2[1])) {
if (!empty($mat[2])) {
foreach ($mat2[1] as $val) {
$mat[2][] = $val;
}
} else {
$mat[2] = $mat2[1];
}
}
$saved = $ins_file = array();
if (empty($board_data['dir']) || !is_dir("{$mini['dir']}file/{$board_data['dir']}")) {
// 디렉토리 생성
$check = 0;
while (!$check) {
$tmp_name = $board_data['id'] . "_" . substr(md5(microtime()), 0, 10);
if (!is_dir("{$mini['dir']}file/{$tmp_name}")) {
$check = 1;
}
}
if ($tmp_name && mkdir("{$mini['dir']}file/{$tmp_name}", 0707)) {
chmod("{$mini['dir']}file/{$tmp_name}", 0707);
sql("UPDATE {$mini['name']['admin']} SET dir='{$tmp_name}' WHERE no={$board_data['no']}");
$board_data['dir'] = $tmp_name;
} else {
__error("[{$mini['dir']}file/{$tmp_name}] 디렉토리를 생성할 수 없습니다");
}
if (!is_writeable("{$mini['dir']}file/{$board_data['dir']}/")) {
__error("디렉토리에 쓰기 권한이 없습니다. 퍼미션을 변경해 주세요");
}
}
if (!empty($mat) && !empty($mat[2])) {
foreach ($mat[2] as $key => $val) {
if (strpos($val, "://") !== false && !in_array($val, $saved)) {
if (!preg_match("/\\:\\/\\/" . $_SERVER['HTTP_HOST'] . "/i", $val)) {
$input = getSocket("\n\t\t\t\t\t\turl: {$val}\n\t\t\t\t\t\tmethod: get\n\t\t\t\t\t\tskip_header: 1\n\t\t\t\t\t");
if (!empty($input)) {
$auth = md5(microtime());
$tmp_name = "sfile/saveImage.{$auth}.gif";
$fp = fopen($tmp_name, "w+");
fwrite($fp, $input);
fclose($fp);
if (empty($_FILES['saveImage'])) {
$_FILES['saveImage'] = array();
}
$_FILES['saveImage']['size'] = filesize($tmp_name);
$_FILES['saveImage']['tmp_name'] = $tmp_name;
$_FILES['saveImage']['name'] = basename($val);
chkFile("\n\t\t\t\t\t\t\tdir: {$mini['dir']}file/{$board_data['dir']}/\n\t\t\t\t\t\t\tis_download: 1\n\t\t\t\t\t\t\ttarget: saveImage\n\t\t\t\t\t\t");
// 이미지일때만 업로드
if (!empty($_FILES['saveImage']['width'])) {
$data2 = a(uploadFile("\n\t\t\t\t\t\t\t\ttarget: saveImage\n\t\t\t\t\t\t\t\tis_copy: 1\n\t\t\t\t\t\t\t"), 0);
// 기본정보
$ins = array();
$ins['id'] = $board_data['no'];
$ins['target_member'] = !empty($mini['member']['no']) ? $mini['member']['no'] : 0;
$ins['name'] = $data2['name'];
$ins['url'] = $data2['path'];
$ins['size'] = $data2['size'];
$ins['is_admit'] = !empty($board_data['use_file_admit']) && empty($mini['member']['level_admin']) ? 0 : 1;
$ins['ip'] = $mini['ip'];
$ins['date'] = $mini['date'];
$ins['width'] = !empty($data2['width']) ? $data2['width'] : 0;
$ins['height'] = !empty($data2['height']) ? $data2['height'] : 0;
$ins['ext'] = $data2['ext'];
$ins['target'] = $target;
$ins['type'] = $data2['type'];
// 파일해시
$ins['hash'] = getHash($data2);
sql("INSERT INTO {$mini['name']['file']} " . query($ins, 'insert'));
$ins['no'] = getLastId($mini['name']['file'], "(ip='{$mini['ip']}' and date='{$mini['date']}' and name='{$ins['name']}')");
$ins_file[] = $ins['no'];
// 치환
$data = str_replace($val, "download.php?no={$ins['no']}&mode=view", $data);
$saved[] = $val;
}
@unlink($_FILES['saveImage']['tmp_name']);
}
}
}
}
if (!empty($ins_file)) {
$tmp = "[" . implode("][", $ins_file) . "]";
sql("UPDATE {$board_data['table']} SET file=CONCAT(file, '{$tmp}') WHERE no={$target}");
}
}
str($data, 'encode');
return $data;
}
<?php
switch ($_POST['type']) {
case 'video':
//Cambio Video File
$dataDB->setColWh(array('id'));
$dataDB->setValWh(array($_POST['id']));
$var['name'] = $_POST['name'];
$var['dir'] = '../' . $kar['videodir'];
$var['table'] = 'video';
break;
}
if (!isset($_POST['round'])) {
$var['fileCK'] = chkFile('fileIn', $_POST['type']);
if ($var['fileCK'] == 'ok') {
if (file_exists($var['dir'] . basename($_FILES["fileIn"]["name"]))) {
$var['er'] = $testo['errors']['fileAlreadyPR'];
unlink($_FILES["fileIn"]["tmp_name"]);
} else {
move_uploaded_file($_FILES["fileIn"]["tmp_name"], $var['dir'] . basename($_FILES["fileIn"]["name"]));
$dataDB->setColDt(array('file'));
$dataDB->setValDt(array(basename($_FILES["fileIn"]["name"])));
$dataDB->update($var['table']);
Redieasy('index.php?token=' . $_POST['token']);
}
} else {
switch ($var['fileCK']) {
case '3':
$var['er'] = $_FILES['fileIn']['name'] . ' ' . $testo['errors']['filePLoad'];
unlink($_FILES['fileIn']['tmp_name']);
break;
