|
|
|
|
|
 |
0 |
|
| View Articles |
|
 |
Name |
| ¾ç¿ø¼® |
(2004-03-28 13:47:03, Hit : 7026, Vote : 1110)
|
|
|
| Subject |
write_ok ºÎºÐ¿¡ ´ëÇÑ Áú¹®ÀÔ´Ï´Ù. |
|
|
Àú±â¿ä ¤Ð¤Ð ÈæÈæÈæ... µý°Ô½ÃÆÇÀº ¿Ã·Á³õ´Â°Å¿¡´ëÇؼ ÀߵǴµ¥ Ȥ Àú´Â À߾ȵ˴ϴÙ.
ÆÄÀϳ×ÀÓÀº file_name Àä ÀÌ À̸§À» Ä«ÇǺκп¡ ³ÖÀ¸¸é data Æú´õ¿¡ ³Öµµ·ÏÇÏ´Â ÇÔ¼ö¸í·É¾î°¡ ¹«¾ùÀԴϱî?
Àú´Â ÀÌ·¸°Ô Çصµ ¾È³Ö¾îÁý´Ï´Ù À¸¾Ç@@@@@@!!
@system("cp data/$file_name"); À̰͵µ Çغ¸°í ÈåÈæÈæ..
if(!copy($file_name,"data/$file_name")) Çصµ ¼¹ö¿¡ ÀúÀåµÇÁö¾Ê½À´Ï´Ù.
µµ¿ÍÁÖ¼¼¿ä!!! ÀúÀÇ write_ok.php ¼Ò½ºÀÔ´Ï´Ù.
Å×½ºÆ® ȯ°æÁÖ¼Ò´Â http://yangws13.webzonei.net/b/list.php?db=free
ÀÔ´Ï´Ù. T.T
¡é¡é¡é
---------------------write.php-------------------
<br><br><br><br>
<table width="498" border="0" align=center cellpadding="0" cellspacing="0" height="402">
<form method=post action=write_ok.php>
<input type=hidden name=db value='<?=$db?>'>
<tr>
<td width="497" height="3" colspan="8"></td>
<td width="1" height="3"></td>
</tr>
<tr>
<td width="3" height="398" rowspan="7"></td>
<td width="47" height="27">
<p align="center"><span style="font-size:9pt;">Á¦¸ñ</span></td>
<td width="2" height="58" rowspan="4"></td>
<td width="445" colspan="5" height="27"><input type=text name=title size=57></td>
<td width="1" height="27"></td>
</tr>
<tr>
<td width="47" height="2"></td>
<td width="445" height="2" colspan="5"></td>
<td width="1" height="2"></td>
</tr>
<td width="47" height="27">
<p align="center"><span style="font-size:9pt;">À̸§</span></td>
<td width="195" height="27"><input type=text name=name></td>
<td width="2" height="29" rowspan="2"></td>
<td width="47" height="27">
<p align="center"><span style="font-size:9pt;">ºñ¹ø</span></td>
<td width="2" height="29" rowspan="2"></td>
<td width="199" height="27"><input type=password name=password></td>
<td width="1" height="27"></td>
</tr>
<tr>
<td width="47" height="2"></td>
<td width="195" height="2"></td>
<td width="47" height="2"></td>
<td width="199" height="2"></td>
<td width="1" height="2"></td>
</tr>
<tr>
<td width="494" colspan="7" height="312">
<textarea name=memo cols=70 rows=20></textarea>
</td>
<td width="1" height="312"></td>
</tr>
<tr>
<td width="494" height="2" colspan="7"></td>
<td width="1" height="2"></td>
</tr>
<tr>
<td width="291" colspan="6" height="26">
<input type=submit value=" ±Û¿Ã¸®±â "><script language="javascript">
function check_submit() {
if (document.myForm.name.value == "") {
alert('À̸§À» ÀÔ·ÂÇϼ¼¿ä');
document.myForm.name.focus();
return;
} else if (document.myForm.password.value == "") {
alert('ºñ¹Ð¹øÈ£¸¦ ÀÔ·ÂÇØ¾ß ±ÛÀ» ¼öÁ¤Çϰųª »èÁ¦ÇÒ ¼ö ÀÖ½À´Ï´Ù.');
document.myForm.password.focus();
return;
} else if (document.myForm.title.value == "") {
alert('Á¦¸ñÀ» ÀÔ·ÂÇϼ¼¿ä');
document.myForm.title.focus();
return;
} else if (document.myForm.memo.value == "") {
alert('³»¿ëÀ» ÀÔ·ÂÇϼ¼¿ä');
document.myForm.memo.focus();
return;
} else {
document.myForm.action = "write_ok.php";
document.myForm.submit();
}
}
</script>
</td>
<td width="205" height="26">
<input type=file name="file_name" size="15">
</td>
<td width="1" height="26"></td>
</tr>
<tr>
<td width="3" height="1"></td>
<td width="47" height="1"></td>
<td width="2" height="1"></td>
<td width="195" height="1"></td>
<td width="2" height="1"></td>
<td width="47" height="1"></td>
<td width="2" height="1"></td>
<td width="199" height="1"></td>
<td width="1" height="1"></td>
</tr>
</table>
------------write_ok.php-------------------
<p style="border-collapse:collapse;"align="center"><font color="red"><br>
<?
if(!$title){
echo "<script> window.alert('Á¦¸ñÀ» ÀÔ·ÂÇϼ¼¿ä'); history.go(-1) </script>";
exit;
}
if(!$name){
echo "<script> window.alert('À̸§À» ÀÔ·ÂÇϼ¼¿ä'); history.go(-1) </script>";
exit;
}
if(!$password){
echo "<script> window.alert('ºñ¹øÀ» ÀÔ·ÂÇϼ¼¿ä'); history.go(-1) </script>";
exit;
}
if(!$memo){
echo "<script> window.alert('³»¿ëÀ» ÀÔ·ÂÇϼ¼¿ä'); history.go(-1) </script>";
exit;
}
include "dbconn.php";
include "boan.php";
// Æí¹ýÀ» ÀÌ¿ëÇÑ ±Û¾²±â ¹æÁö
$mode = $HTTP_POST_VARS[mode];
if(!eregi($HTTP_HOST,$HTTP_REFERER)) echo"Á¤»óÀûÀ¸·Î ±ÛÀ» ÀÛ¼ºÇÏ¿© Áֽñ⠹ٶø´Ï´Ù.";
if(getenv("REQUEST_METHOD") == 'GET' ) echo"Á¤»óÀûÀ¸·Î ±ÛÀ» ¾²½Ã±â ¹Ù¶ø´Ï´Ù";
if(!$mode) $mode = "write";
// µð·ºÅ丮¸¦ °Ë»çÇÔ
if(!is_dir("data/".$id)) {
@mkdir("data/".$id,0777);
@chmod("data/".$id,0706);
}
// ÆÄÀÏ º¹»ç ½Ã½ºÅÛ
if(!copy($file_name,"data/$file_name"))
// ±Û¾´½Ã°£À» ±¸ÇÔ
$date=time();
// ű×Á¦°ÅÇÔ
$title = htmlspecialchars($title);
$name = htmlspecialchars($name);
$memo = htmlspecialchars($memo);
// µðºñ¿¡ ÀÔ·Â
mysql_query("insert into board_$db (name,title,memo,password,hit,date) values ('$name','$title','$memo','$password','0','$date')");
mysql_close($connect);
echo "<meta http-equiv='refresh' content='0;URL=list.php?db=$db'>";
?>
|
µÎ¸®¹¶½Ç |
°Á¿¡ °Ô½ÃÆǾ÷·Îµå ±â´É±¸Çö(3) À» Àо¼¼¿ä.
http://www.itmembers.net/board/view.php?id=php2&page=2&sn1=&divpage=1&sn=off&ss=on&sc=on&select_arrange=headnum&desc=asc&no=4 |
|
|
¾ç¿ø¼® |
Àǹ®Á¡ÀÌÀÖ½À´Ï´Ù,
±× ±¸ÇöÀ» Çϴϱñ 0¹ÙÀÌÆ® ÆÄÀϸ¸ µé¾î°¡°í ³ª¸ÓÁöÆÄÀÏÀº ¸ðµÎ ¿Ã·ÁÁöÁö¾Ê¾Ò½À´Ï´Ù. ±×·¡¼ ±× ±¸ÇöÀº º°·Î ¾µ¸¶À½ÀÌ ¾ø¾î¼¿ä. |
|
 |
µÎ¸®¹¶½Ç |
°Á´ë·Î ÇÏ¸é º° ¹®Á¦¾øÀÌ ¾÷·Îµå ÀߵǴµ¥¿ä.
±¸ÇöÀ̶óÇÏ¸é ¹«¾ó ¸»ÇϽô°ÇÁö ¸ð¸£°Ú½À´Ï´Ù¸¸.. ´ëºÎºÐÀÇ °ø°³°Ô½ÃÆÇÀÇ ¾÷·Îµå ±âº»·ÎÁ÷Àº ¶È°°½À´Ï´Ù. º´¸ñ´Ô °Á ¶ÇÇÑ ¸¶Âù°¡Áö±¸¿ä.
copy() º¸´Ù´Â move_uploaded_file() À» ¾²´Â°Ô ÁÁ±â´Â ÇÏÁö¸¸ copy() ·Î Çصµ ¾÷·Îµå Àß µË´Ï´Ù.
À§¿¡ µý°Ô½ÃÆÇÀº Àߵȴٰí Çߴµ¥.. ±× µý°Ô½ÃÆÇÀ̶ó´Â°Ô ¾î¶²°ÇÁö.. ¶Ç °°Àº ¼¹ö¿¡¼ Å×½ºÆ®Çß´ÂÁö ±Ã±ÝÇϳ׿ä.
¸¸¾à °°Àº ¼¹ö¿¡¼ Å×½ºÆ®Çß°í µý °Ô½ÃÆÇ¿¡¼µµ copy() ·Î ÆÄÀϾ÷·Îµå°¡ ±¸ÇöµÇ¾î ÀÖ´Ù¸é ´Ô ¼Ò½º¹®Á¦ÀÔ´Ï´Ù. |
|
|
µÎ¸®¹¶½Ç |
À½.. ±ÛÀ» Àû°í ³ª¼ ´Ô ¼Ò½º¸¦ º¸´Ï À߸øµÈ ºÎºÐÀÌ ¸¹³×¿ä. ¤Ñ¤Ñ;
write.php ¿¡ ÀÚ¹Ù½ºÅ©¸³Æ® »ç¿ë¹æ¹ýµµ Ʋ·È°í.. ½ºÅ©¸³Æ®ÇÔ¼ö È£ÃâÇÏ´Â°Ç ¾Èº¸ÀÌ°í.. ´Ý´Â form ű׵µ ¾ø°í..
write_ok.php ¿¡¼ ÆÄÀϾ÷·ÎµåÇÏ´Â ºÎºÐµµ À߸øµÇ¾ú½À´Ï´Ù.
°Á¸¦ Á¦´ë·Î Àо½Ã±æ ¹Ù·¡¿ä! |
|
|
¾ç¿ø¼® |
±×·³ ¼öÁ¤Á» ÇØÁÖ¼¼¿ä ºÎŹµå¸³´Ï´Ù.
http://yangws13.webzonei.net/write.zip |
|
|
¼Õº´¸ñ |
Á¦ »ý°¢¿¡´Â, ÀÌ·¸°Ô Á÷Á¢ ¼Ò½º¸¦ ¼öÁ¤ÇØ´Þ¶ó°í ÇÏ´Â °Ç ¹«¸®°¡ ÀÖ´Ù°í º¾´Ï´Ù.
ÀÌ°ÍÀú°Í Å×½ºÆ®Çغ¸°í ¶Õ¾îÁ®¶ó °í¹ÎÇÏ¸é °íÄ¥ ¼ö´Â ÀÖÀ»Áö ¸ô¶óµµ, ±×·¯±â¿¡´Â ½Ã°£ÀÌ ³Ê¹« ¸¹ÀÌ ¼Ò¿äµÇ±âµµ ÇÏ°í, Á¤ÀÛ ÀÌ »çÀÌÆ®¸¦ ¿î¿µÇÏ´Â ¸ñÀû°úµµ ´Ù¼Ò ¾î±ß³ª´Â °Í °°½À´Ï´Ù.
Á˼ÛÇÏÁö¸¸, Á» ´õ °í¹ÎÇϼż Á÷Á¢ ÇØ°áÇÏ½Ã±æ ¹Ù¶ø´Ï´Ù. |
|
|
|
|
|
|
|
|
|
