0
 829   42   8
  View Articles

Name  
   ¾ç¿ø¼®  (2004-03-28 13:47:03, Hit : 8452, Vote : 1553)
Subject  
   write_ok ºÎºÐ¿¡ ´ëÇÑ Áú¹®ÀÔ´Ï´Ù.
Àú±â¿ä ¤Ð¤Ð ÈæÈæÈæ... µý°Ô½ÃÆÇÀº ¿Ã·Á³õ´Â°Å¿¡´ëÇØ¼­ ÀߵǴµ¥ Ȥ Àú´Â À߾ȵ˴ϴÙ.

ÆÄÀϳ×ÀÓÀº file_name Àä ÀÌ À̸§À» Ä«ÇǺκп¡ ³ÖÀ¸¸é data Æú´õ¿¡ ³Öµµ·ÏÇÏ´Â ÇÔ¼ö¸í·É¾î°¡ ¹«¾ùÀԴϱî?

Àú´Â ÀÌ·¸°Ô ÇØµµ ¾È³Ö¾îÁý´Ï´Ù À¸¾Ç@@@@@@!!

@system("cp data/$file_name"); À̰͵µ ÇØº¸°í ÈåÈæÈæ..

if(!copy($file_name,"data/$file_name")) ÇØµµ ¼­¹ö¿¡ ÀúÀåµÇÁö¾Ê½À´Ï´Ù.

µµ¿ÍÁÖ¼¼¿ä!!! ÀúÀÇ write_ok.php ¼Ò½ºÀÔ´Ï´Ù.

Å×½ºÆ® ȯ°æÁÖ¼Ò´Â http://yangws13.webzonei.net/b/list.php?db=free

ÀÔ´Ï´Ù. T.T

¡é¡é¡é

---------------------write.php-------------------

<br><br><br><br>
<table width="498" border="0" align=center cellpadding="0" cellspacing="0" height="402">
<form method=post action=write_ok.php>
<input type=hidden name=db value='<?=$db?>'>
<tr>
            <td width="497" height="3" colspan="8"></td>
            <td width="1" height="3"></td>
</tr>
<tr>
            <td width="3" height="398" rowspan="7"></td>
<td width="47" height="27">
                <p align="center"><span style="font-size:9pt;">Á¦¸ñ</span></td>
            <td width="2" height="58" rowspan="4"></td>
<td width="445" colspan="5" height="27"><input type=text name=title size=57></td>
            <td width="1" height="27"></td>
</tr>
<tr>
            <td width="47" height="2"></td>
            <td width="445" height="2" colspan="5"></td>
            <td width="1" height="2"></td>
</tr>
<td width="47" height="27">
            <p align="center"><span style="font-size:9pt;">À̸§</span></td>
<td width="195" height="27"><input type=text name=name></td>
        <td width="2" height="29" rowspan="2"></td>
<td width="47" height="27">
            <p align="center"><span style="font-size:9pt;">ºñ¹ø</span></td>
        <td width="2" height="29" rowspan="2"></td>
<td width="199" height="27"><input type=password name=password></td>
        <td width="1" height="27"></td>
</tr>
    <tr>
        <td width="47" height="2"></td>
        <td width="195" height="2"></td>
        <td width="47" height="2"></td>
        <td width="199" height="2"></td>
        <td width="1" height="2"></td>
    </tr>
    <tr>
<td width="494" colspan="7" height="312">
<textarea name=memo cols=70 rows=20></textarea>
</td>
        <td width="1" height="312"></td>
    </tr>
    <tr>
        <td width="494" height="2" colspan="7"></td>
        <td width="1" height="2"></td>
    </tr>
    <tr>
<td width="291" colspan="6" height="26">
<input type=submit value=" ±Û¿Ã¸®±â "><script language="javascript">

function check_submit() {

       if (document.myForm.name.value == "") {
                alert('À̸§À» ÀÔ·ÂÇϼ¼¿ä');
                document.myForm.name.focus();
                return;

        } else if (document.myForm.password.value == "") {
                alert('ºñ¹Ð¹øÈ£¸¦ ÀÔ·ÂÇØ¾ß ±ÛÀ» ¼öÁ¤Çϰųª »èÁ¦ÇÒ ¼ö ÀÖ½À´Ï´Ù.');
                document.myForm.password.focus();
                return;

        } else if (document.myForm.title.value == "") {
                alert('Á¦¸ñÀ» ÀÔ·ÂÇϼ¼¿ä');
                document.myForm.title.focus();
                return;

        } else if (document.myForm.memo.value == "") {
                alert('³»¿ëÀ» ÀÔ·ÂÇϼ¼¿ä');
                document.myForm.memo.focus();
                return;

        } else {
                document.myForm.action = "write_ok.php";
                document.myForm.submit();
        }

}

</script>
</td>
<td width="205" height="26">
<input type=file name="file_name" size="15">
</td>
        <td width="1" height="26"></td>
    </tr>
    <tr>
        <td width="3" height="1"></td>
        <td width="47" height="1"></td>
        <td width="2" height="1"></td>
        <td width="195" height="1"></td>
        <td width="2" height="1"></td>
        <td width="47" height="1"></td>
        <td width="2" height="1"></td>
        <td width="199" height="1"></td>
        <td width="1" height="1"></td>
    </tr>
</table>


------------write_ok.php-------------------

<p style="border-collapse:collapse;"align="center"><font color="red"><br>
<?

    if(!$title){
        echo "<script> window.alert('Á¦¸ñÀ» ÀÔ·ÂÇϼ¼¿ä'); history.go(-1) </script>";
        exit;
    }

    if(!$name){
        echo "<script> window.alert('À̸§À» ÀÔ·ÂÇϼ¼¿ä'); history.go(-1) </script>";
        exit;
    }

    if(!$password){
        echo "<script> window.alert('ºñ¹øÀ» ÀÔ·ÂÇϼ¼¿ä'); history.go(-1) </script>";
        exit;
    }

    if(!$memo){
        echo "<script> window.alert('³»¿ëÀ» ÀÔ·ÂÇϼ¼¿ä'); history.go(-1) </script>";
        exit;
    }

    include "dbconn.php";
        include "boan.php";

                // Æí¹ýÀ» ÀÌ¿ëÇÑ ±Û¾²±â ¹æÁö
        $mode = $HTTP_POST_VARS[mode];
        if(!eregi($HTTP_HOST,$HTTP_REFERER)) echo"Á¤»óÀûÀ¸·Î ±ÛÀ» ÀÛ¼ºÇÏ¿© Áֽñ⠹ٶø´Ï´Ù.";
        if(getenv("REQUEST_METHOD") == 'GET' ) echo"Á¤»óÀûÀ¸·Î ±ÛÀ» ¾²½Ã±â ¹Ù¶ø´Ï´Ù";
        if(!$mode) $mode = "write";

                // µð·ºÅ丮¸¦ °Ë»çÇÔ
                        if(!is_dir("data/".$id)) {
                                @mkdir("data/".$id,0777);
                                @chmod("data/".$id,0706);
                        }

                // ÆÄÀÏ º¹»ç ½Ã½ºÅÛ
                if(!copy($file_name,"data/$file_name"))

                // ±Û¾´½Ã°£À» ±¸ÇÔ
            $date=time();

    // ű×Á¦°ÅÇÔ
    $title = htmlspecialchars($title);
    $name = htmlspecialchars($name);
    $memo = htmlspecialchars($memo);

    // µðºñ¿¡ ÀÔ·Â
    mysql_query("insert into board_$db (name,title,memo,password,hit,date) values ('$name','$title','$memo','$password','0','$date')");
    mysql_close($connect);

    echo "<meta http-equiv='refresh' content='0;URL=list.php?db=$db'>";

?>


µÎ¸®¹¶½Ç
°­Á¿¡ °Ô½ÃÆÇ¾÷·Îµå ±â´É±¸Çö(3) À» Àо¼¼¿ä.

http://www.itmembers.net/board/view.php?id=php2&page=2&sn1=&divpage=1&sn=off&ss=on&sc=on&select_arrange=headnum&desc=asc&no=4
 2004/03/28 18:51:37    

¾ç¿ø¼®
Àǹ®Á¡ÀÌÀÖ½À´Ï´Ù,
±× ±¸ÇöÀ» Çϴϱñ 0¹ÙÀÌÆ® ÆÄÀϸ¸ µé¾î°¡°í ³ª¸ÓÁöÆÄÀÏÀº ¸ðµÎ ¿Ã·ÁÁöÁö¾Ê¾Ò½À´Ï´Ù. ±×·¡¼­ ±× ±¸ÇöÀº º°·Î ¾µ¸¶À½ÀÌ ¾ø¾î¼­¿ä.
 2004/03/29 19:25:37   

µÎ¸®¹¶½Ç
°­Á´ë·Î ÇÏ¸é º° ¹®Á¦¾øÀÌ ¾÷·Îµå ÀߵǴµ¥¿ä.

±¸ÇöÀ̶óÇÏ¸é ¹«¾ó ¸»ÇϽô°ÇÁö ¸ð¸£°Ú½À´Ï´Ù¸¸.. ´ëºÎºÐÀÇ °ø°³°Ô½ÃÆÇÀÇ ¾÷·Îµå ±âº»·ÎÁ÷Àº ¶È°°½À´Ï´Ù. º´¸ñ´Ô °­Á ¶ÇÇÑ ¸¶Âù°¡Áö±¸¿ä.

copy() º¸´Ù´Â move_uploaded_file() À» ¾²´Â°Ô ÁÁ±â´Â ÇÏÁö¸¸ copy() ·Î ÇØµµ ¾÷·Îµå Àß µË´Ï´Ù.

À§¿¡ µý°Ô½ÃÆÇÀº Àߵȴٰí Çߴµ¥.. ±× µý°Ô½ÃÆÇÀ̶ó´Â°Ô ¾î¶²°ÇÁö.. ¶Ç °°Àº ¼­¹ö¿¡¼­ Å×½ºÆ®Çß´ÂÁö ±Ã±ÝÇϳ׿ä.
¸¸¾à °°Àº ¼­¹ö¿¡¼­ Å×½ºÆ®Çß°í µý °Ô½ÃÆÇ¿¡¼­µµ copy() ·Î ÆÄÀϾ÷·Îµå°¡ ±¸ÇöµÇ¾î ÀÖ´Ù¸é ´Ô ¼Ò½º¹®Á¦ÀÔ´Ï´Ù.
 2004/03/30 09:35:16    

µÎ¸®¹¶½Ç
À½.. ±ÛÀ» Àû°í ³ª¼­ ´Ô ¼Ò½º¸¦ º¸´Ï À߸øµÈ ºÎºÐÀÌ ¸¹³×¿ä. ¤Ñ¤Ñ;
write.php ¿¡ ÀÚ¹Ù½ºÅ©¸³Æ® »ç¿ë¹æ¹ýµµ Ʋ·È°í.. ½ºÅ©¸³Æ®ÇÔ¼ö È£ÃâÇÏ´Â°Ç ¾Èº¸À̰í.. ´Ý´Â form ű׵µ ¾ø°í..
write_ok.php ¿¡¼­ ÆÄÀϾ÷·ÎµåÇÏ´Â ºÎºÐµµ À߸øµÇ¾ú½À´Ï´Ù.

°­Á¸¦ Á¦´ë·Î Àо½Ã±æ ¹Ù·¡¿ä!
 2004/03/30 09:42:17    

¾ç¿ø¼®
±×·³ ¼öÁ¤Á» ÇØÁÖ¼¼¿ä ºÎʵ右´Ï´Ù.
http://yangws13.webzonei.net/write.zip
 2004/03/30 23:05:53   

¼Õº´¸ñ
Á¦ »ý°¢¿¡´Â, ÀÌ·¸°Ô Á÷Á¢ ¼Ò½º¸¦ ¼öÁ¤ÇØ´Þ¶ó°í ÇÏ´Â °Ç ¹«¸®°¡ ÀÖ´Ù°í º¾´Ï´Ù.
À̰ÍÀú°Í Å×½ºÆ®Çغ¸°í ¶Õ¾îÁ®¶ó °í¹ÎÇÏ¸é °íÄ¥ ¼ö´Â ÀÖÀ»Áö ¸ô¶óµµ, ±×·¯±â¿¡´Â ½Ã°£ÀÌ ³Ê¹« ¸¹ÀÌ ¼Ò¿äµÇ±âµµ Çϰí, Á¤ÀÛ ÀÌ »çÀÌÆ®¸¦ ¿î¿µÇÏ´Â ¸ñÀû°úµµ ´Ù¼Ò ¾î±ß³ª´Â °Í °°½À´Ï´Ù.
Á˼ÛÇÏÁö¸¸, Á» ´õ °í¹ÎÇϼż­ Á÷Á¢ ÇØ°áÇÏ½Ã±æ ¹Ù¶ø´Ï´Ù.
 2004/03/30 23:25:15    


no
subject
name
date
hit
*
689
  VB6.0¿¡¼­ MSSQL2000¿¡ ÀÖ´Â µ¥... [1]

·ùâ¿­
2003/07/19 13504 2010
688
  VB¿Í ¿À¶óŬ »ç¿ëÇÑ ÇÁ·Î±×·¥ ¹èÆ÷ [1]

À±±¤½Ä
2005/05/27 9200 1801
687
  view.php ÆÄÀÏ ¾Æ·¡¿¡ ±Û ¸ñ·ÏÀ» ... [1]

siRuBa
2003/01/16 8696 1875
686
  view.php½ÇÇà½Ã ³»¿ëÀÌ ¾Èº¸¿©¿ä. [1]

¤·¤·
2009/02/04 13802 2390
685
  Visual basic 6.0¿¡ °üÇÑ Áú¹® [1]

ÆÄ¸®
2004/01/14 8741 1787
684
  Visual Basic6.0 ¼³Ä¡½Ã ¿À·ù¹ß... [1]

¹Ú¹Î¿ì
2003/03/31 7017 1657
683
  while¹® °øºÎ Áß¿¡... [1]

³ëÀç°ï
2005/12/22 8681 1876

  write_ok ºÎºÐ¿¡ ´ëÇÑ Áú¹®ÀÔ´Ï´Ù. [6]

¾ç¿ø¼®
2004/03/28 8452 1553
681
  write_test.phpÀÔ·ÂÇϰí write_... [1]

Ãß°ÝÀÚ
2008/12/04 12414 2217
680
  xml ¾öû ÃÊÂ¥°¡..¤Ì¤Ì

jjang
2002/06/03 9214 2057
679
  XMLDOM°ú XMLHTTP

ÀÓ¼ºÈ¯
2003/03/19 8159 1922
678
  xml¼Ò½ºÀ© dtd¿Í xsl¹®¼­·ÎÀÇ ... [1]

xmlÃʺ¸ÀÚ
2004/06/26 9195 1903
677
  You have an error in your... [4]

a3829
2004/08/13 13674 2151
676
  [BD ¿¬µ¿]Áú¹®!

Ãʺ¸ÀÚ...
2002/12/14 9245 1983
675
  [jsp] ÅèĹ¹öÁ¯ÀÌ...? [1]

½Åâ¿ø
2004/01/10 8259 1660
674
    [re] (14°­) - °Ô½ÃÆÇ¿ë Å×ÀÌºí ¸¸µé±â ... [2]

¾Æ±â
2003/02/23 9148 2023
673
    [re] 1ºÎÅÍ 10±îÁöÀÇ ÇÕ°è Á¦¾î¹®¿¡¼­...

¼Õº´¸ñ
2002/12/30 8572 1869
672
    [re] a+¿¡ °üÇØ¼­....

¼Õº´¸ñ
2002/07/11 8922 2087
671
    [re] A+¿¡ ´ëÇØ ÀÚ¼¼È÷ ¾Ë°í ½Í¾î¿ä..

¼Õº´¸ñ
2002/05/25 9472 2027
670
    [re] Admin±â´ÉÀº...... [1]

µÎ¸®¹¶½Ç
2003/01/19 8738 1978
[1][2][3][4][5][6][7] 8 [9][10]..[42] [next]

Copyright 1999-2025 Zeroboard / skin by Zetyx