commit

kngil/bbs/qa_write.php

@@ -0,0 +1,231 @@
+<?php
+ini_set('display_errors', 1);
+error_reporting(E_ALL);
+
+
+/* ===============================
+   1. 세션 & 로그인 체크
+=============================== */
+if (session_status() === PHP_SESSION_NONE) {
+    session_start();
+}
+
+// echo '<pre>';
+// var_dump($_SESSION['login']);
+// exit;
+
+if (empty($_SESSION['login'])) {
+    echo "<script>
+        alert('로그인이 필요합니다.');
+        location.href = '/kngil/skin/qa_list.skin.php';
+    </script>";
+    exit;
+}
+
+$loginUser = $_SESSION['login'];
+
+/* ===============================
+   2. DB 연결
+=============================== */
+require_once $_SERVER['DOCUMENT_ROOT'].'/kngil/bbs/db_conn.php';
+
+/* ===============================
+   3. 수정 여부 판단
+=============================== */
+$postId = isset($_GET['id']) ? (int)$_GET['id'] : 0;
+$isEdit = $postId > 0;
+
+/* ===============================
+   4. 수정 모드 – 기존 글 로드
+=============================== */
+$post = [
+    'category'  => '',
+    'title'     => '',
+    'content'   => '',
+    'is_secret' => 'N',
+];
+
+if ($isEdit) {
+    $stmt = $pdo->prepare("SELECT * FROM kngil.qa_posts WHERE post_id = :pid");
+    $stmt->execute([':pid' => $postId]);
+    $post = $stmt->fetch(PDO::FETCH_ASSOC);
+
+    if (!$post) {
+        die('존재하지 않는 글입니다.');
+    }
+
+    // 작성자 본인만 수정 가능
+    if ($post['user_id'] !== ($loginUser['user_id'] ?? '')) {
+        die('수정 권한이 없습니다.');
+    }
+}
+
+/* ===============================
+   5. 첨부파일 업로드
+=============================== */
+function handle_file_uploads(PDO $pdo, int $postId)
+{
+    if (empty($_FILES['attach']['name'][0])) return;
+
+    $uploadDir = $_SERVER['DOCUMENT_ROOT'] . '/kngil/uploads/qa/';
+    if (!is_dir($uploadDir)) {
+        mkdir($uploadDir, 0777, true);
+    }
+
+    $allowExt = ['jpg','jpeg','png','gif','pdf','hwp','doc','docx','xls','xlsx','zip'];
+
+    foreach ($_FILES['attach']['name'] as $i => $oriName) {
+
+        if ($_FILES['attach']['error'][$i] !== UPLOAD_ERR_OK) continue;
+
+        $tmp  = $_FILES['attach']['tmp_name'][$i];
+        $size = $_FILES['attach']['size'][$i];
+        $ext  = strtolower(pathinfo($oriName, PATHINFO_EXTENSION));
+
+        if (!in_array($ext, $allowExt)) continue;
+        if ($size > 30 * 1024 * 1024) continue;
+
+        $saveName = time() . '_' . bin2hex(random_bytes(6)) . '.' . $ext;
+        $savePath = $uploadDir . $saveName;
+
+        if (!move_uploaded_file($tmp, $savePath)) continue;
+
+        $stmt = $pdo->prepare("
+            INSERT INTO kngil.qa_attachments (
+                post_id,
+                ori_name,
+                save_path,
+                file_size,
+                uploaded_at
+            ) VALUES (
+                :post_id,
+                :ori_name,
+                :save_path,
+                :file_size,
+                NOW()
+            )
+        ");
+
+        $stmt->execute([
+            ':post_id'   => $postId,
+            ':ori_name'  => $oriName,
+            ':save_path' => '/kngil/uploads/qa/' . $saveName,
+            ':file_size' => $size
+        ]);
+    }
+}
+
+
+/* ===============================
+   6. POST 처리 (등록 / 수정)
+=============================== */
+$errors = [];
+
+$secret  = 'N';
+$category = '';
+$title    = '';
+$content  = '';
+
+if ($_SERVER['REQUEST_METHOD'] === 'POST') {
+
+    $category = trim($_POST['category'] ?? '');
+    $title    = trim($_POST['title'] ?? '');
+    $content  = trim($_POST['content'] ?? '');
+    $secret   = isset($_POST['secret']) ? 'Y' : 'N';
+
+    if ($category === '') $errors[] = '구분을 선택하세요.';
+    if ($title === '')    $errors[] = '제목을 입력하세요.';
+    if ($content === '')  $errors[] = '내용을 입력하세요.';
+
+    // 첨부파일명만 저장 (실파일 저장은 추후 분리 가능)
+    $attachment = null;
+    if (!empty($_FILES['attach']['name'][0])) {
+        $attachment = implode(',', $_FILES['attach']['name']);
+    }
+
+    if (empty($errors)) {
+        try {
+
+            if ($isEdit) {
+                /* ---------- UPDATE ---------- */
+                $stmt = $pdo->prepare("
+                    UPDATE kngil.qa_posts
+                       SET category   = :category,
+                           title      = :title,
+                           content    = :content,
+                           is_secret  = :is_secret,
+                           mid_dt     = NOW()
+                     WHERE post_id = :pid
+                ");
+                $stmt->execute([
+                    ':category'   => $category,
+                    ':title'      => $title,
+                    ':content'    => $content,
+                    ':is_secret'  => $secret, // 'Y' or 'N'
+                    ':pid'        => $postId
+                ]);
+                handle_file_uploads($pdo, $postId);
+
+            } else {
+                /* ---------- INSERT ---------- */
+                $stmt = $pdo->prepare("
+                    INSERT INTO kngil.qa_posts (
+                        user_id,
+                        user_nm,
+                        tel_no,
+                        co_nm,
+                        dept_nm,
+                        category,
+                        title,
+                        content,
+                        is_secret,
+                        stat_bc,
+                        is_read_admin,
+                        cdt_dt
+                    ) VALUES (
+                        :user_id,
+                        :user_nm,
+                        :tel_no,
+                        :co_nm,
+                        :dept_nm,
+                        :category,
+                        :title,
+                        :content,
+                        :is_secret,
+                        'wait',
+                        'N',
+                        NOW()
+                    )
+                    RETURNING post_id
+                ");
+                // var_dump($loginUser);
+                // exit;
+                $stmt->execute([
+                    ':user_id'    => $loginUser['user_id'],
+                    ':user_nm'    => $loginUser['user_nm'],
+                    ':tel_no'     => $loginUser['tel_no']   ?? null,
+                    ':co_nm'      => $loginUser['co_nm']    ?? null,
+                    ':dept_nm'    => $loginUser['dept_nm']  ?? null,
+                    ':category'   => $category,
+                    ':title'      => $title,
+                    ':content'    => $content,
+                    ':is_secret'  => $secret
+                ]);
+
+                $postId = $stmt->fetchColumn();
+                handle_file_uploads($pdo, $postId);
+            }
+
+            header("Location: /kngil/bbs/qa_detail.php?id={$postId}");
+            exit;
+
+        } catch (Exception $e) {
+            $errors[] = 'DB 오류: ' . $e->getMessage();
+        }
+    }
+}
+
+/* ===============================
+   7. 화면 출력
+=============================== */
+include $_SERVER['DOCUMENT_ROOT'].'/kngil/skin/qa_write.skin.php';