b24014/kngil_home
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity
Files
d23cfb7c7d3f6fd2f6808886026d5fb56d9fd2a2
kngil_home/kngil/bbs/qa_write.php
송대일 21b6332c9c commit
2026-01-30 17:20:52 +09:00

232 lines
6.8 KiB
PHP
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
<?php
ini_set('display_errors', 1);
error_reporting(E_ALL);
/* ===============================
1. 세션 & 로그인 체크
=============================== */
if (session_status() === PHP_SESSION_NONE) {
session_start();
}
// echo '<pre>';
// var_dump($_SESSION['login']);
// exit;
if (empty($_SESSION['login'])) {
echo "<script>
alert('로그인이 필요합니다.');
location.href = '/kngil/skin/qa_list.skin.php';
</script>";
exit;
}
$loginUser = $_SESSION['login'];
/* ===============================
2. DB 연결
=============================== */
require_once $_SERVER['DOCUMENT_ROOT'].'/kngil/bbs/db_conn.php';
/* ===============================
3. 수정 여부 판단
=============================== */
$postId = isset($_GET['id']) ? (int)$_GET['id'] : 0;
$isEdit = $postId > 0;
/* ===============================
4. 수정 모드 기존 글 로드
=============================== */
$post = [
'category' => '',
'title' => '',
'content' => '',
'is_secret' => 'N',
];
if ($isEdit) {
$stmt = $pdo->prepare("SELECT * FROM kngil.qa_posts WHERE post_id = :pid");
$stmt->execute([':pid' => $postId]);
$post = $stmt->fetch(PDO::FETCH_ASSOC);
if (!$post) {
die('존재하지 않는 글입니다.');
}
// 작성자 본인만 수정 가능
if ($post['user_id'] !== ($loginUser['user_id'] ?? '')) {
die('수정 권한이 없습니다.');
}
}
/* ===============================
5. 첨부파일 업로드
=============================== */
function handle_file_uploads(PDO $pdo, int $postId)
{
if (empty($_FILES['attach']['name'][0])) return;
$uploadDir = $_SERVER['DOCUMENT_ROOT'] . '/kngil/uploads/qa/';
if (!is_dir($uploadDir)) {
mkdir($uploadDir, 0777, true);
}
$allowExt = ['jpg','jpeg','png','gif','pdf','hwp','doc','docx','xls','xlsx','zip'];
foreach ($_FILES['attach']['name'] as $i => $oriName) {
if ($_FILES['attach']['error'][$i] !== UPLOAD_ERR_OK) continue;
$tmp = $_FILES['attach']['tmp_name'][$i];
$size = $_FILES['attach']['size'][$i];
$ext = strtolower(pathinfo($oriName, PATHINFO_EXTENSION));
if (!in_array($ext, $allowExt)) continue;
if ($size > 30 * 1024 * 1024) continue;
$saveName = time() . '_' . bin2hex(random_bytes(6)) . '.' . $ext;
$savePath = $uploadDir . $saveName;
if (!move_uploaded_file($tmp, $savePath)) continue;
$stmt = $pdo->prepare("
INSERT INTO kngil.qa_attachments (
post_id,
ori_name,
save_path,
file_size,
uploaded_at
) VALUES (
:post_id,
:ori_name,
:save_path,
:file_size,
NOW()
)
");
$stmt->execute([
':post_id' => $postId,
':ori_name' => $oriName,
':save_path' => '/kngil/uploads/qa/' . $saveName,
':file_size' => $size
]);
}
}
/* ===============================
6. POST 처리 (등록 / 수정)
=============================== */
$errors = [];
$secret = 'N';
$category = '';
$title = '';
$content = '';
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$category = trim($_POST['category'] ?? '');
$title = trim($_POST['title'] ?? '');
$content = trim($_POST['content'] ?? '');
$secret = isset($_POST['secret']) ? 'Y' : 'N';
if ($category === '') $errors[] = '구분을 선택하세요.';
if ($title === '') $errors[] = '제목을 입력하세요.';
if ($content === '') $errors[] = '내용을 입력하세요.';
// 첨부파일명만 저장 (실파일 저장은 추후 분리 가능)
$attachment = null;
if (!empty($_FILES['attach']['name'][0])) {
$attachment = implode(',', $_FILES['attach']['name']);
}
if (empty($errors)) {
try {
if ($isEdit) {
/* ---------- UPDATE ---------- */
$stmt = $pdo->prepare("
UPDATE kngil.qa_posts
SET category = :category,
title = :title,
content = :content,
is_secret = :is_secret,
mid_dt = NOW()
WHERE post_id = :pid
");
$stmt->execute([
':category' => $category,
':title' => $title,
':content' => $content,
':is_secret' => $secret, // 'Y' or 'N'
':pid' => $postId
]);
handle_file_uploads($pdo, $postId);
} else {
/* ---------- INSERT ---------- */
$stmt = $pdo->prepare("
INSERT INTO kngil.qa_posts (
user_id,
user_nm,
tel_no,
co_nm,
dept_nm,
category,
title,
content,
is_secret,
stat_bc,
is_read_admin,
cdt_dt
) VALUES (
:user_id,
:user_nm,
:tel_no,
:co_nm,
:dept_nm,
:category,
:title,
:content,
:is_secret,
'wait',
'N',
NOW()
)
RETURNING post_id
");
// var_dump($loginUser);
// exit;
$stmt->execute([
':user_id' => $loginUser['user_id'],
':user_nm' => $loginUser['user_nm'],
':tel_no' => $loginUser['tel_no'] ?? null,
':co_nm' => $loginUser['co_nm'] ?? null,
':dept_nm' => $loginUser['dept_nm'] ?? null,
':category' => $category,
':title' => $title,
':content' => $content,
':is_secret' => $secret
]);
$postId = $stmt->fetchColumn();
handle_file_uploads($pdo, $postId);
}
header("Location: /kngil/bbs/qa_detail.php?id={$postId}");
exit;
} catch (Exception $e) {
$errors[] = 'DB 오류: ' . $e->getMessage();
}
}
}
/* ===============================
7. 화면 출력
=============================== */
include $_SERVER['DOCUMENT_ROOT'].'/kngil/skin/qa_write.skin.php';
Reference in New Issue View Git Blame Copy Permalink