<%@ Language=VBScript %> <% Dim idx, userId, userName, userAge, subject, contents, branchCode Dim fileName1, fileSize1, fileName2, fileSize2, fileName3, fileSize3 Dim file1_del, file2_del, file3_del Dim UploadForm, SQL, RS, tableName, listFile, objImage Dim thumbnailWidth, thumbnailHeight Dim UploadPathThumbnail Dim FilePath1, FilePath2, SourceFileName Dim mode, msg Dim adm_idx, adm_date, adm_hit, i tableName = "TB_PHOTO_REVIEW" '### DB Å×À̺í¸í listFile = "customer04.asp" '### ¸®½ºÆ® ÆÄÀϸí Set UploadForm = Server.CreateObject("DEXT.FileUpload") UploadForm.AutoMakeFolder = True 'UploadForm.DefaultPath = "E:\WIN_SERVER\002_uni114.co.kr\www\data\" & tableName UploadForm.DefaultPath = PathDir&"\data\" & tableName FilePath2 = UploadForm.DefaultPath & "\thumbnail\" Set objImage = Server.CreateObject("DEXT.ImageProc") thumbnailWidth = 120 '½æ³×ÀÏ À̹ÌÁö °¡·ÎÅ©±â thumbnailHeight = 120 '½æ³×ÀÏ À̹ÌÁö ¼¼·ÎÅ©±â '³Ñ¾î¿Â °ª º¯¼ö¿¡ ¹Þ±â idx = Trim(UploadForm("idx")) mode = Trim(UploadForm("mode")) userId = Session("user_id") userName = Trim(UploadForm("userName")) userAge = 0 subject = Trim(UploadForm("subject")) : subject = InjectionDefender(subject) contents = UploadForm("contents") : contents = InjectionDefender(contents) branchCode = "" Call UserAuth(userId) '### Á¢±Ù ±ÇÇÑ Ã¼Å© '### À̹ÌÁö ÆÄÀÏÀÌ ¾Æ´Ï¸é ÆÄÀÏ »èÁ¦ÇÏ°í ¿¡·¯ ó¸®ÇÏ´Â ÇÔ¼ö ### Sub NotImage() UploadForm.DeleteAllSavedFiles Set UploadForm = Nothing Response.Write "" Response.End End Sub Select Case mode Case "edit" '¼öÁ¤ ########################################################## msg = "¼öÁ¤" '### ÆÄÀÏ »èÁ¦ ÇÔ¼ö (DB ¼öÁ¤) ### Sub FileDel(idx, fileNo) SQL = "UPDATE " & tableName SQL = SQL & " SET fileName" & fileNo & " = '' " SQL = SQL & ", fileSize" & fileNo & " = 0 " SQL = SQL & " WHERE idx = " & idx Dbcon.Execute(SQL) End Sub file1_del = Trim(UploadForm("file1_del")) file2_del = Trim(UploadForm("file2_del")) file3_del = Trim(UploadForm("file3_del")) 'üũµÈ ÆÄÀÏ »èÁ¦ SQL = "SELECT fileName1, fileName2, fileName3 FROM " & tableName & " WHERE idx=" & idx Set RS = Dbcon.Execute(SQL) fileName1 = RS("fileName1") fileName2 = RS("fileName2") fileName3 = RS("fileName3") If file1_del = "Y" Then UploadForm.DeleteFile UploadForm.DefaultPath & "\" & fileName1 UploadForm.DeleteFile FilePath2 & fileName1 Call FileDel(idx, 1) End If If file2_del = "Y" Then UploadForm.DeleteFile UploadForm.DefaultPath & "\" & fileName2 UploadForm.DeleteFile FilePath2 & fileName2 Call FileDel(idx, 2) End If If file3_del = "Y" Then UploadForm.DeleteFile UploadForm.DefaultPath & "\" & fileName3 UploadForm.DeleteFile FilePath2 & fileName3 Call FileDel(idx, 3) End If ' Before ¾÷·Îµå1 UploadPath = UploadForm("files")(1).Save IF "" <> UploadPath THEN objImage.SetSourceFile( UploadPath ) SourceFileName = UploadForm("files")(1).FileNameWithoutExt FilePath1 = FilePath2 & SourceFileName & ".jpg" ' ½æ³×ÀÏ Ã³¸®1 UploadPathThumbnail = objImage.SaveasThumbnail( FilePath1, thumbnailWidth, thumbnailHeight, True ) fileName1 = UploadForm("files")(1).LastSavedFileName fileSize1 = UploadForm("files")(1).FileLen END If ' After ¾÷·Îµå2 UploadPath = UploadForm("files")(2).Save IF "" <> UploadPath THEN objImage.SetSourceFile( UploadPath ) SourceFileName = UploadForm("files")(2).FileNameWithoutExt FilePath1 = FilePath2 & SourceFileName & ".jpg" ' ½æ³×ÀÏ Ã³¸®2 UploadPathThumbnail = objImage.SaveasThumbnail( FilePath1, thumbnailWidth, thumbnailHeight, True ) fileName2 = UploadForm("files")(2).LastSavedFileName fileSize2 = UploadForm("files")(2).FileLen END IF ' After ¾÷·Îµå3 UploadPath = UploadForm("files")(3).Save IF "" <> UploadPath THEN objImage.SetSourceFile( UploadPath ) SourceFileName = UploadForm("files")(3).FileNameWithoutExt FilePath1 = FilePath2 & SourceFileName & ".jpg" ' ½æ³×ÀÏ Ã³¸®2 UploadPathThumbnail = objImage.SaveasThumbnail( FilePath1, thumbnailWidth, thumbnailHeight, True ) fileName3 = UploadForm("files")(3).LastSavedFileName fileSize3 = UploadForm("files")(3).FileLen END IF 'À̹ÌÁö ÆÄÀÏÀÌ ¾Æ´Ï¸é ÆÄÀÏÀ» »èÁ¦ ÇÏ°í ¿¡·¯Ã³¸® ÇÑ´Ù. If fileSize1 > 0 And UploadForm("files")(1).IsImageItem() = False Then Call NotImage() : If fileSize2 > 0 And UploadForm("files")(2).IsImageItem() = False Then Call NotImage() : If fileSize3 > 0 And UploadForm("files")(3).IsImageItem() = False Then Call NotImage() : 'DB ¼öÁ¤ SQL = "UPDATE " & tableName SQL = SQL & " SET userAge = '" & userAge & "'" SQL = SQL & ", branchCode = '" & branchCode & "'" SQL = SQL & ", subject = '" & subject & "'" SQL = SQL & ", contents = '" & contents & "'" If fileSize1 > 0 Then SQL = SQL & ", fileName1 = '" & fileName1 & "'" SQL = SQL & ", fileSize1 = " & fileSize1 End If If fileSize2 > 0 Then SQL = SQL & ", fileName2 = '" & fileName2 & "'" SQL = SQL & ", fileSize2 = " & fileSize2 End If If fileSize3 > 0 Then SQL = SQL & ", fileName3 = '" & fileName3 & "'" SQL = SQL & ", fileSize3 = " & fileSize3 End If SQL = SQL & " WHERE idx = " & idx Dbcon.Execute(SQL) RS.Close Set RS = Nothing Case "del" '»èÁ¦ ########################################################## msg = "»èÁ¦" 'ÆÄÀÏ »èÁ¦ SQL = "SELECT fileName1, fileName2, fileName3 FROM " & tableName & " WHERE idx=" & idx Set RS = Dbcon.Execute(SQL) fileName1 = RS("fileName1") fileName2 = RS("fileName2") fileName3 = RS("fileName3") If fileName1 <> "" Then UploadForm.DeleteFile UploadForm.DefaultPath & "\" & fileName1 UploadForm.DeleteFile FilePath2 & fileName1 End If If fileName2 <> "" Then UploadForm.DeleteFile UploadForm.DefaultPath & "\" & fileName2 UploadForm.DeleteFile FilePath2 & fileName2 End If If fileName3 <> "" Then UploadForm.DeleteFile UploadForm.DefaultPath & "\" & fileName3 UploadForm.DeleteFile FilePath2 & fileName3 End If 'DB »èÁ¦ If Session("admin_div") > 0 Then SQL = "DELETE " & tableName & " WHERE idx=" & idx Else SQL = "DELETE " & tableName & " WHERE idx=" & idx & " and userId='"&Session("user_id")&"'" End If Dbcon.Execute(SQL) RS.Close Set RS = Nothing Case "insert" 'Ãß°¡ ########################################################## msg = "µî·Ï" ' ¿øº» ¾÷·Îµå1 UploadPath = UploadForm("files")(1).Save IF "" <> UploadPath THEN objImage.SetSourceFile( UploadPath ) SourceFileName = UploadForm("files")(1).FileNameWithoutExt FilePath1 = FilePath2 & SourceFileName & ".jpg" ' ½æ³×ÀÏ Ã³¸®1 UploadPathThumbnail = objImage.SaveasThumbnail( FilePath1, thumbnailWidth, thumbnailHeight, True ) fileName1 = UploadForm("files")(1).LastSavedFileName fileSize1 = UploadForm("files")(1).FileLen END If ' ¿øº» ¾÷·Îµå2 UploadPath = UploadForm("files")(2).Save IF "" <> UploadPath THEN objImage.SetSourceFile( UploadPath ) SourceFileName = UploadForm("files")(2).FileNameWithoutExt FilePath1 = FilePath2 & SourceFileName & ".jpg" ' ½æ³×ÀÏ Ã³¸®2 UploadPathThumbnail = objImage.SaveasThumbnail( FilePath1, thumbnailWidth, thumbnailHeight, True ) fileName2 = UploadForm("files")(2).LastSavedFileName fileSize2 = UploadForm("files")(2).FileLen END If ' ¿øº» ¾÷·Îµå3 UploadPath = UploadForm("files")(3).Save IF "" <> UploadPath THEN objImage.SetSourceFile( UploadPath ) SourceFileName = UploadForm("files")(3).FileNameWithoutExt FilePath1 = FilePath2 & SourceFileName & ".jpg" ' ½æ³×ÀÏ Ã³¸®2 UploadPathThumbnail = objImage.SaveasThumbnail( FilePath1, thumbnailWidth, thumbnailHeight, True ) fileName3 = UploadForm("files")(3).LastSavedFileName fileSize3 = UploadForm("files")(3).FileLen END IF 'À̹ÌÁö ÆÄÀÏÀÌ ¾Æ´Ï¸é ÆÄÀÏÀ» »èÁ¦ ÇÏ°í ¿¡·¯Ã³¸® ÇÑ´Ù. If fileSize1 > 0 And UploadForm("files")(1).IsImageItem() = False Then Call NotImage() : If fileSize2 > 0 And UploadForm("files")(2).IsImageItem() = False Then Call NotImage() : If fileSize3 > 0 And UploadForm("files")(3).IsImageItem() = False Then Call NotImage() : 'DB ÀúÀå SQL = "INSERT INTO " & tableName & " (userId, userName, userAge, subject, contents, fileName1, fileSize1, fileName2, fileSize2, fileName3, fileSize3, writeDate, hit, branchCode) " SQL = SQL & " VALUES ('" & userId & "', '" & userName & "', " & userAge & ", '" & subject & "', '" & contents & "', '" & fileName1 & "', '" & fileSize1 & "', '" & fileName2 & "', '" & fileSize2 & "', '" & fileName3 & "', '" & fileSize3 & "', GETDATE(), 0, '" & branchCode & "')" Dbcon.Execute(SQL) Case "adm" '°ü¸® - ³¯Â¥/Á¶È¸¼ö ¾÷µ¥ÀÌÆ® ########################################################## Call CheckAuth("sojujan", mode) '### Á¢±Ù ±ÇÇÑ Ã¼Å© msg = "³¯Â¥\/Á¶È¸¼ö ¾÷µ¥ÀÌÆ®¸¦" adm_idx = Trim(UploadForm("adm_idx")) adm_date = Trim(UploadForm("adm_date")) adm_hit = Trim(UploadForm("adm_hit")) adm_idx = Split(adm_idx, ", ") adm_date = Split(adm_date, ", ") adm_hit = Split(adm_hit, ", ") For i = 0 To UBound(adm_idx) 'DB ¼öÁ¤ SQL = "UPDATE " & tableName SQL = SQL & " SET writeDate = '" & adm_date(i) & "'" SQL = SQL & ", hit = '" & adm_hit(i) & "'" SQL = SQL & " WHERE idx = " & adm_idx(i) Dbcon.Execute(SQL) Next Case Else msg = "½ÇÆÐ" End Select 'ó¸® ¿Ï·á(°ø¿ë) ########################################################## Set objImage = Nothing Set UploadForm = Nothing Response.Write "" Response.End %>