$mStore, //$Valid->String($mStore, "지점을 선택하세요."), 'name' => $Valid->String($mName, "이름을 입력하세요."), 'subject' => $mSubject, //$Valid->String($mSubject, "진료과목을 선택하세요."), 'phone' => ($mPhone1 && $mPhone2 && $mPhone3) ? $Valid->Tel($mPhone1."-".$mPhone2."-".$mPhone3, "연락처를 입력하세요") : "", 'ip' => $_SERVER['REMOTE_ADDR'] )); $write = $Db->query("INSERT INTO $TABLE_KAKAOTALK (store, name, subject, phone, ip, reg_date) VALUES(:store, :name, :subject, :phone, INET_ATON(:ip), now())", $param); if($write > 0){ $Db->CloseConnection; ?> $mCategory, 'store' => $Valid->String($mStore, "지점을 선택하세요."), 'name' => $Valid->String($mName, "이름을 입력하세요."), 'email' => $Valid->Email($mMail."@".$mMail2), 'phone' => ($mPhone1 && $mPhone2 && $mPhone3) ? $Valid->Tel($mPhone1."-".$mPhone2."-".$mPhone3, "연락처를 입력하세요") : "", 'title' => $Valid->String($mTitle, "제목을 입력하세요."), 'content' => $Valid->String($mContents, "내용을 입력하세요."), 'ip' => $_SERVER['REMOTE_ADDR'] )); $write = $Db->query("INSERT INTO $TABLE_CUSTOMER (category, store, name, email, phone, title, content, ip, reg_date) VALUES(:category, :store, :name, :email, :phone, :title, :content, INET_ATON(:ip), now())", $param); $wno = $Db->lastInsertId($TABLE_CUSTOMER); //======================================== // File Upload //======================================== $FileUpload = new FileUpload($_FILES['attach'], $pathInfo['customer']['upload'], 10); // 파일 업로드 클래스 호출 $fileInfo = $FileUpload->Access(); $fileCount = $fileInfo['count'] + count($hattach); for($i=0; $i<$fileInfo['count']; $i++){ $Db->bindMore(array('wno' => $wno, 'code' => "customer", 'seq' => $fileInfo['sort'][$i], 'attach' => $fileInfo['name'][$i], 'attach_ori' => $fileInfo['ori_name'][$i], 'ip' => $_SERVER['REMOTE_ADDR'])); $file = $Db->query("INSERT INTO $TABLE_ATTACH (wno, code, seq, attach, attach_ori, ip, reg_date, mod_date) VALUES(:wno, :code, :seq, :attach, :attach_ori, INET_ATON(:ip), now(), now())"); } if($write > 0){ $Db->CloseConnection; AlertMove("소중하신 의견 감사합니다!", "customer.php"); } } else { AlertMove("개인정보 수집에 동의하여 주세요.", "customer.php"); } } else if($boardType === "counseling"){ // 20160802 게시판 아이피 차단 // if($_SERVER['REMOTE_ADDR'] == "121.134.153.127") { // AlertMove("수술 상담이 등록되었습니다.", "counseling_list.php"); // } //======================================== // Data Process //======================================== if($mPassword){ $password = create_hash(sha1($mPassword).SALT); } else { $password = $Db->single("SELECT pw FROM $TABLE_COUNSEL WHERE no = :no", array('no' => $no)); } if($md === "write" || $md === "modify"){ $param = array_merge($param, array( 'sort' => "A", 'store' => $Valid->String($mStore, "지점을 선택하세요."), 'id' => $mId, 'name' => $Valid->String($mName, "작성자를 입력하세요."), 'pw' => $password, 'email' => $Valid->Email($mMail."@".$mMail2), 'phone' => ($mPhone1 && $mPhone2 && $mPhone3) ? $Valid->Tel($mPhone1."-".$mPhone2."-".$mPhone3, "연락처를 입력하세요") : "", 'title' => $Valid->String($mTitle, "제목을 입력하세요."), 'content' => $Valid->String($mContents, "내용을 입력하세요."), 'ip' => $_SERVER['REMOTE_ADDR'] )); $FileUpload = new FileUpload($_FILES['attach'], $pathInfo['counsel']['upload'], 10); // 파일 업로드 클래스 호출 $fileInfo = $FileUpload->Access(); $fileCount = $fileInfo['count'] + count($attach); } if($md === "modify" || $md === "del"){ $param['no'] = $no; } if($md === "del"){ $param['del'] = "Y"; } //======================================== // Query //======================================== if($md === "write"){ $write = $Db->query("INSERT INTO $TABLE_COUNSEL (sort, store, id, name, pw, email, phone, title, content, ip, reg_date) VALUES(:sort, :store, :id, :name, :pw, :email, :phone, :title, :content, INET_ATON(:ip), now())", $param); $wno = $Db->lastInsertId($TABLE_COUNSEL); for($i=0; $i<$fileInfo['count']; $i++){ $Db->bindMore(array('wno' => $wno, 'code' => "counsel", 'seq' => $fileInfo['sort'][$i], 'attach' => $fileInfo['name'][$i], 'attach_ori' => $fileInfo['ori_name'][$i], 'ip' => $_SERVER['REMOTE_ADDR'])); $file = $Db->query("INSERT INTO $TABLE_ATTACH (wno, code, seq, attach, attach_ori, ip, reg_date, mod_date) VALUES(:wno, :code, :seq, :attach, :attach_ori, INET_ATON(:ip), now(), now())"); } if($write > 0){ $Db->CloseConnection; ?> query("UPDATE $TABLE_COUNSEL SET sort = :sort, store = :store, id = :id, name = :name, pw = :pw, email = :email, phone = :phone, title = :title, content = :content, ip = INET_ATON(:ip) WHERE no = :no", $param); if($fileInfo['count']){ for($i=0; $i<$fileCount; $i++){ if($hattach[$i]){ if(($i+1) == $fileInfo['sort'][$i]){ $Db->bindMore(array('attach' => $fileInfo['name'][$i], 'attach_ori' => $fileInfo['ori_name'][$i], 'ip' => $_SERVER['REMOTE_ADDR'], 'no' => $hattach[$i])); $file = $Db->query("UPDATE $TABLE_ATTACH SET attach = :attach, attach_ori = :attach_ori, ip = INET_ATON(:ip), mod_date = now() WHERE no = :no"); } } else { if($fileInfo['name'][$i]){ $Db->bindMore(array('wno' => $no, 'code' => "counsel", 'seq' => $fileInfo['sort'][$i], 'attach' => $fileInfo['name'][$i], 'attach_ori' => $fileInfo['ori_name'][$i], 'ip' => $_SERVER['REMOTE_ADDR'])); $file = $Db->query("INSERT INTO $TABLE_ATTACH (wno, code, seq, attach, attach_ori, ip, reg_date, mod_date) VALUES(:wno, :code, :seq, :attach, :attach_ori, INET_ATON(:ip), now(), now())"); } } } } if($modify > 0){ $Db->CloseConnection; AlertMove("수술 상담이 수정되었습니다.", "counseling_view.php?no=$no&page=$page&chk=complete"); } } else if($md === "del"){ $del = $Db->query("UPDATE $TABLE_COUNSEL SET del = :del WHERE no = :no", $param); if($del > 0){ $Db->CloseConnection; AlertMove("수술 상담이 삭제되었습니다.", "counseling_list.php"); } } } else if($boardType === "after"){ //======================================== // Data Process //======================================== if($mPassword){ $password = create_hash(sha1($mPassword).SALT); } else { $password = $Db->single("SELECT pw FROM $TABLE_COUNSEL WHERE no = :no", array('no' => $no)); } if($md === "write" || $md === "modify"){ $param = array_merge($param, array( 'sort' => "B", 'store' => $Valid->String($mStore, "지점을 선택하세요."), 'doctor' => $Valid->String($mDoctor, "담당의사를 입력하세요."), 'id' => $mId, 'name' => $Valid->String($mName, "작성자를 입력하세요."), 'pw' => $password, 'email' => $Valid->Email($mMail."@".$mMail2), 'phone' => ($mPhone1 && $mPhone2 && $mPhone3) ? $Valid->Tel($mPhone1."-".$mPhone2."-".$mPhone3, "연락처를 입력하세요") : "", 'operate_date' => $Valid->Date($mOperate), 'title' => $Valid->String($mTitle, "제목을 입력하세요."), 'content' => $Valid->String($mContents, "내용을 입력하세요."), 'ip' => $_SERVER['REMOTE_ADDR'] )); $FileUpload = new FileUpload($_FILES['attach'], $pathInfo['counsel']['upload'], 10); // 파일 업로드 클래스 호출 $fileInfo = $FileUpload->Access(); $fileCount = $fileInfo['count'] + count($attach); } if($md === "modify" || $md === "del"){ $param['no'] = $no; } if($md === "del"){ $param['del'] = "Y"; } //======================================== // Query //======================================== if($md === "write") { $write = $Db->query("INSERT INTO $TABLE_COUNSEL (sort, store, doctor, id, name, pw, email, phone, operate_date, title, content, ip, reg_date) VALUES(:sort, :store, :doctor, :id, :name, :pw, :email, :phone, :operate_date, :title, :content, INET_ATON(:ip), now())", $param); $wno = $Db->lastInsertId($TABLE_COUNSEL); for($i=0; $i<$fileInfo['count']; $i++){ $Db->bindMore(array('wno' => $wno, 'code' => "counsel", 'seq' => $fileInfo['sort'][$i], 'attach' => $fileInfo['name'][$i], 'attach_ori' => $fileInfo['ori_name'][$i], 'ip' => $_SERVER['REMOTE_ADDR'])); $file = $Db->query("INSERT INTO $TABLE_ATTACH (wno, code, seq, attach, attach_ori, ip, reg_date, mod_date) VALUES(:wno, :code, :seq, :attach, :attach_ori, INET_ATON(:ip), now(), now())"); } if($write > 0){ $Db->CloseConnection; AlertMove("수술 후 상담이 등록되었습니다.", "after_list.php"); } } else if($md === "modify"){ $modify = $Db->query("UPDATE $TABLE_COUNSEL SET sort = :sort, store = :store, doctor = :doctor, id = :id, operate_date = :operate_date, name = :name, pw = :pw, email = :email, phone = :phone, title = :title, content = :content, ip = INET_ATON(:ip) WHERE no = :no", $param); if($fileInfo['count']){ for($i=0; $i<$fileCount; $i++){ if($hattach[$i]){ if(($i+1) == $fileInfo['sort'][$i]){ $Db->bindMore(array('attach' => $fileInfo['name'][$i], 'attach_ori' => $fileInfo['ori_name'][$i], 'ip' => $_SERVER['REMOTE_ADDR'], 'no' => $hattach[$i])); $file = $Db->query("UPDATE $TABLE_ATTACH SET attach = :attach, attach_ori = :attach_ori, ip = INET_ATON(:ip), mod_date = now() WHERE no = :no"); } } else { if($fileInfo['name'][$i]){ $Db->bindMore(array('wno' => $no, 'code' => "counsel", 'seq' => $fileInfo['sort'][$i], 'attach' => $fileInfo['name'][$i], 'attach_ori' => $fileInfo['ori_name'][$i], 'ip' => $_SERVER['REMOTE_ADDR'])); $file = $Db->query("INSERT INTO $TABLE_ATTACH (wno, code, seq, attach, attach_ori, ip, reg_date, mod_date) VALUES(:wno, :code, :seq, :attach, :attach_ori, INET_ATON(:ip), now(), now())"); } } } } if($modify > 0){ $Db->CloseConnection; AlertMove("수술 후 상담이 수정되었습니다.", "after_view.php?no=$no&page=$page"); } } else if($md === "del"){ $del = $Db->query("UPDATE $TABLE_COUNSEL SET del = :del WHERE no = :no", $param); if($del > 0){ $Db->CloseConnection; AlertMove("수술 후 상담이 삭제되었습니다.", "after_list.php"); } } } else if($boardType === "checkpw"){ if($moveLink === "counseling"){ $param['no'] = $no; } else { $param = array_merge($param, array( 'no' => $no, 'id' => $_SESSION['MEMBER_ID'], 'name' => $_SESSION['MEMBER_NAME'] )); $addQuery = "AND id = :id AND name = :name"; } // debug($_POST); // debug($param); // exit(); if($check = $Db->row("SELECT pw,id FROM $TABLE_COUNSEL WHERE no = :no $addQuery", $param)){ //2016-12-12 아이디 비교 추가 if(validate_password(sha1($mPw).SALT, $check['pw'])){// || $check['id'] == $_SESSION['MEMBER_ID'] ){ $chkOn = urlencode("complete"); SilentMove($moveLink."_view.php?no=".$no."&page=".$page."&chk=".$chkOn); } else { AlertBack("정보를 확인하세요."); } } else { AlertBack("정보를 확인하세요."); } } ?>