디렉토리 구조

디렉토리 구조

 

wirte.php

 

<?php
ini_set('display_errors', 1);
require_once '../common/header.php';
require_once '/app/lib/login_check.php';
?>

// 등록 로직
<?php
  $isetTitle = isset($_POST['title']) && strlen($_POST['title']) > 0;
  $issetContent = isset($_POST['content']) && strlen($_POST['content']) > 0;
  $isSubmit = isset($_POST['submit']) && strlen($_POST['submit']) > 0;

  require_once "/app/board/board_function.php";
  if ($isetTitle && $issetContent && $isSubmit) {

    // 저장하기
    $title = $_POST['title'];
    $content = $_POST['content'];
    $result = insert_tbl_board($title, $content);
    
    if($result) {
      echo "<script>alert('작성 완료.');
               location.href='/board/list.php'
              </script>";
              exit;
    }

  }

?>

<div style="width: 100%; height:100%">

  <div style="width: 80%; height:20%; margin: 50px">
    <h1> 글쓰기 </h1>
  </div>

  <!-- 글쓰기 섹션 -->
  <div style="width: 80%; height:80%; margin: 50px"> 
    <form method="POST">
      <div style="height: 20%;"> 
        <div class="form-floating mb-3">
          <input type="text" name="title" class="form-control" id="floatingInput" placeholder="name@example.com"
          value="<?php
              if ($isSubmit) {
                echo $_POST['title'];
              }
            ?>"/>
          <label for="floatingInput">제목</label>
        </div>
      </div>
  
  
        <div >
          <div class="form-floating">
          <textarea name="content" style="height: 500px;" class="form-control" placeholder="Leave a comment here" id="floatingTextarea"
            ><?php
              if ($isSubmit) {
                echo $_POST['content'];
              }
            ?></textarea>
          <label for="floatingTextarea">내용</label>
        </div>
        <input hidden/ value="submit" name="submit">
        <div style="margin-top: 20px;">

          <button>작성</button>
          <span>
            <?php
              if($isSubmit)
              echo "제목, 내용을 확인해주세요";
            ?>
          </span>
        </div>

    </form>

  </div>
</div>

  



<?php
// require_once '../common/footer.php';
?>

 

 

board_function.php

<?php
require '/app/lib/db_connection.php';

function getDbConn() {
  if (!isset($db_conn)) {
    $db_conn = mysqli_connect(DB_SERVER, DB_USERNAME, DB_PASSWORD, DB_NAME);
    $db_conn -> set_charset('utf8');
  }
  return $db_conn;
}

function insert_tbl_board($title, $content)  {
  $db_conn = getDbConn();
  $token = $_COOKIE['REFRESH_TOKEN'];

  $sql = "insert into tbl_board 
  (IDX, TITLE, CONTENT, FIRST_REG_USER, FIRST_REG_TIME, LAST_UPD_USER, LAST_UPD_TIME
  ) value 
  (null, '{$title}', '{$content}'
  , (SELECT USER_ID FROM user WHERE REFRESH_TOKEN ='{$token}'), NOW()
  , (SELECT USER_ID FROM user WHERE REFRESH_TOKEN ='{$token}'), NOW() )";

  return mysqli_query($db_conn, $sql);
}

?>

 

쿠키에 id를 저장하고 있지만 변조가 쉽기 때문에 Refresh_token으로 USER_ID를 조회하여 insert한다.

 

 

 

 

 

 

 

날짜가 05시로 나오는데 DB 날짜를 수정해야할 것 같다.

 

저작자표시

'웹 해킹 코스 > 과제' 카테고리의 다른 글

6주차 1.SQL Injection2  (2) 2023.12.01
4-3 게시판 구현하기(게시판 목록)  (1) 2023.11.19
4-1 javascript를 사용한 키로거  (0) 2023.11.16
3-2 JWT 토큰이란?  (3) 2023.11.12
3-1(로그인 케이스)  (0) 2023.11.09

+ Recent posts

티스토리툴바