5000000 ) { print(" "); exit; } if ( ($upfile_type[$i] != "image/gif") && ($upfile_type[$i] != "image/jpeg")) { print(" "); exit; } if (!move_uploaded_file($upfile_tmp_name[$i], $uploaded_file[$i]) ) { print(""); exit; } } } require_once("../lib/MYDB.php"); $pdo = db_connect(); if ($mode=="modify"){ $num_checked = count($_REQUEST['del_file']); $position = $_REQUEST['del_file']; for($i=0; $i<$num_checked; $i++) // delete checked item { $index = $position[$i]; $del_ok[$index] = "y"; } try{ $sql = "select * from phptest1.concert where num=?"; // get target record $stmh = $pdo->prepare($sql); $stmh->bindValue(1,$num,PDO::PARAM_STR); $stmh->execute(); $row = $stmh->fetch(PDO::FETCH_ASSOC); } catch (PDOException $Exception) { $pdo->rollBack(); print "오류: ".$Exception->getMessage(); } for ($i=0; $i<$count; $i++) { $field_org_name = "file_name_".$i; $field_real_name = "file_copied_".$i; $org_name_value = $upfile_name[$i]; $org_real_value = $copied_file_name[$i]; if ($del_ok[$i] == "y") { $delete_field = "file_copied_".$i; $delete_name = $row[$delete_field]; $delete_path = $upload_dir . $delete_name; unlink($delete_path); try{ $pdo->beginTransaction(); $sql = "update phptest1.concert set $field_org_name = ?, $field_real_name = ? where num=?"; $stmh = $pdo->prepare($sql); $stmh->bindValue(1, $org_name_value, PDO::PARAM_STR); $stmh->bindValue(2, $org_real_value, PDO::PARAM_STR); $stmh->bindValue(3, $num, PDO::PARAM_STR); $stmh->execute(); $pdo->commit(); } catch (PDOException $Exception) { $pdo->rollBack(); print "오류: ".$Exception->getMessage(); } } else { if (!$upfile_error[$i]) { try{ $pdo->beginTransaction(); $sql = "update phptest1.concert set $field_org_name = ?, $field_real_name = ? where num=?"; $stmh = $pdo->prepare($sql); $stmh->bindValue(1, $org_name_value, PDO::PARAM_STR); $stmh->bindValue(2, $org_real_value, PDO::PARAM_STR); $stmh->bindValue(3, $num, PDO::PARAM_STR); $stmh->execute(); $pdo->commit(); } catch (PDOException $Exception) { $pdo->rollBack(); print "오류: ".$Exception->getMessage(); } } } } try{ $pdo->beginTransaction(); $sql = "update phptest1.concert set subject=?, content=?, is_html=? where num=?"; $stmh = $pdo->prepare($sql); $stmh->bindValue(1, $subject, PDO::PARAM_STR); $stmh->bindValue(2, $content, PDO::PARAM_STR); $stmh->bindValue(3, $html_ok, PDO::PARAM_STR); $stmh->bindValue(4, $num, PDO::PARAM_STR); $stmh->execute(); $pdo->commit(); } catch (PDOException $Exception) { $pdo->rollBack(); print "오류: ".$Exception->getMessage(); } } else { if ($html_ok =="y"){ $is_html = "y"; }else { $is_html = ""; $content = htmlspecialchars($content); } try{ $pdo->beginTransaction(); $sql = "insert into phptest1.concert(id, name, nick, subject, content, regist_day, hit, is_html, "; $sql .= " file_name_0, file_name_1, file_name_2, file_copied_0, file_copied_1, file_copied_2) "; $sql .= "values(?, ?, ?, ?, ?, now(), 0, ?, ?, ?, ?, ?, ?, ?)"; $stmh = $pdo->prepare($sql); $stmh->bindValue(1, $_SESSION["userid"], PDO::PARAM_STR); $stmh->bindValue(2, $_SESSION["name"], PDO::PARAM_STR); $stmh->bindValue(3, $_SESSION["nick"], PDO::PARAM_STR); $stmh->bindValue(4, $subject, PDO::PARAM_STR); $stmh->bindValue(5, $content, PDO::PARAM_STR); $stmh->bindValue(6, $is_html, PDO::PARAM_STR); $stmh->bindValue(7, $upfile_name[0], PDO::PARAM_STR); $stmh->bindValue(8, $upfile_name[1], PDO::PARAM_STR); $stmh->bindValue(9, $upfile_name[2], PDO::PARAM_STR); $stmh->bindValue(10, $copied_file_name[0], PDO::PARAM_STR); $stmh->bindValue(11, $copied_file_name[1], PDO::PARAM_STR); $stmh->bindValue(12, $copied_file_name[2], PDO::PARAM_STR); $stmh->execute(); $pdo->commit(); } catch (PDOException $Exception) { $pdo->rollBack(); print "오류: ".$Exception->getMessage(); } } header("Location:http://localhost/concert/list.php"); ?>