noscript 적용중

2013-01-15 11:15:50 +09:00
parent 37361e4d29
commit 7640277266
3 changed files with 83 additions and 27 deletions
--- a/adm/admin.js
+++ b/adm/admin.js
@ -44,3 +44,15 @@ function btn_check(f, act)

    f.submit();
 }
+
+function is_checked(elements_name) 
+{
+    var checked = false;
+    var chk = document.getElementsByName(elements_name);
+    for (var i=0; i<chk.length; i++) {
+        if (chk[i].checked) {
+            checked = true;
+        }
+    }
+    return checked;
+}
--- a/adm/board_list.php
+++ b/adm/board_list.php
@ -85,7 +85,7 @@ var list_delete_php = 'board_list_delete.php';
 </div>
 <?}?>

-<form id="fboardlist" name="fboardlist" method="post">
+<form id="fboardlist" name="fboardlist" method="post" action="./board_list_update.php" onsubmit="return fboardlist_submit(this);">
 <input type="hidden" name="sst" value="<?=$sst?>">
 <input type="hidden" name="sod" value="<?=$sod?>">
 <input type="hidden" name="sfl" value="<?=$sfl?>">
@ -183,13 +183,17 @@ if ($i == 0)
 </table>

 <div class="btn_list">
-    <button onclick="btn_check(this.form, 'update')">선택수정</button>
+    <input type="submit" name="btn_submit" onclick="document.pressed=this.value" value="선택수정">
    <?if ($is_admin == 'super') {?>
-    <button onclick="btn_check(this.form, 'delete')">선택삭제</button>
+    <input type="submit" name="btn_submit" onclick="document.pressed=this.value" value="선택삭제">
    <a href="./board_form.php">게시판추가</a>
    <?}?>
 </div>

+<noscript>
+<p>자바스크립트를 사용하지 않는 경우<br>별도의 확인 절차 없이 바로 선택수정 및 선택삭제 처리하므로 주의하시기 바랍니다.</p>
+</noscript>
+
 <?
 $pagelist = get_paging($config['cf_write_pages'], $page, $total_page, $_SERVER['PHP_SELF'].'?'.$qstr.'&amp;page=');
 ?>
@ -204,6 +208,16 @@ if (isset($stx))
 </form>

 <script>
+function fboardlist_submit(f)
+{
+    if (!is_checked("chk[]")) {
+        alert(document.pressed+" 하실 항목을 하나 이상 선택하세요.");
+        return false;
+    }
+
+    return true;
+}
+
 function board_copy(bo_table) {
    window.open("./board_copy.php?bo_table="+bo_table, "BoardCopy", "left=10,top=10,width=500,height=200");
 }
--- a/adm/board_list_update.php
+++ b/adm/board_list_update.php
@ -4,35 +4,65 @@ include_once('./_common.php');

 check_demo();

-auth_check($auth[$sub_menu], 'w');
+if (!count($_POST['chk'])) {
+    alert($_POST['btn_submit']." 하실 항목을 하나 이상 선택하세요.");
+}

-for ($i=0; $i<count($_POST['chk']); $i++) {
+if ($_POST['btn_submit'] == "선택수정") {

-    // 실제 번호를 넘김
-    $k = $_POST['chk'][$i];
+    auth_check($auth[$sub_menu], 'w');

-    if ($is_admin != 'super') {
-        $sql = " select count(*) as cnt from {$g4['board_table']} a, {$g4['group_table']} b
-                  where a.gr_id = '{$_POST['gr_id'][$k]}'
-                    and a.gr_id = b.gr_id
-                    and b.gr_admin = '{$member['mb_id']}' ";
-        $row = sql_fetch($sql);
-        if (!$row['cnt'])
-            alert('최고관리자가 아닌 경우 다른 관리자의 게시판('.$board_table[$k].')은 수정이 불가합니다.');
+    for ($i=0; $i<count($_POST['chk']); $i++) {
+
+        // 실제 번호를 넘김
+        $k = $_POST['chk'][$i];
+
+        if ($is_admin != 'super') {
+            $sql = " select count(*) as cnt from {$g4['board_table']} a, {$g4['group_table']} b
+                      where a.gr_id = '{$_POST['gr_id'][$k]}'
+                        and a.gr_id = b.gr_id
+                        and b.gr_admin = '{$member['mb_id']}' ";
+            $row = sql_fetch($sql);
+            if (!$row['cnt'])
+                alert('최고관리자가 아닌 경우 다른 관리자의 게시판('.$board_table[$k].')은 수정이 불가합니다.');
+        }
+
+        $sql = " update {$g4['board_table']}
+                    set gr_id               = '{$_POST['gr_id'][$k]}',
+                        bo_subject          = '{$_POST['bo_subject'][$k]}',
+                        bo_skin             = '{$_POST['bo_skin'][$k]}',
+                        bo_read_point       = '{$_POST['bo_read_point'][$k]}',
+                        bo_write_point      = '{$_POST['bo_write_point'][$k]}',
+                        bo_comment_point    = '{$_POST['bo_comment_point'][$k]}',
+                        bo_download_point   = '{$_POST['bo_download_point'][$k]}',
+                        bo_use_search       = '{$_POST['bo_use_search'][$k]}',
+                        bo_order_search     = '{$_POST['bo_order_search'][$k]}'
+                  where bo_table            = '{$_POST['board_table'][$k]}' ";
+        sql_query($sql);
    }

-    $sql = " update {$g4['board_table']}
-                set gr_id               = '{$_POST['gr_id'][$k]}',
-                    bo_subject          = '{$_POST['bo_subject'][$k]}',
-                    bo_skin             = '{$_POST['bo_skin'][$k]}',
-                    bo_read_point       = '{$_POST['bo_read_point'][$k]}',
-                    bo_write_point      = '{$_POST['bo_write_point'][$k]}',
-                    bo_comment_point    = '{$_POST['bo_comment_point'][$k]}',
-                    bo_download_point   = '{$_POST['bo_download_point'][$k]}',
-                    bo_use_search       = '{$_POST['bo_use_search'][$k]}',
-                    bo_order_search     = '{$_POST['bo_order_search'][$k]}'
-              where bo_table            = '{$_POST['board_table'][$k]}' ";
-    sql_query($sql);
+} else if ($_POST['btn_submit'] == "선택삭제") {
+
+    if ($is_admin != 'super')
+        alert('게시판 삭제는 최고관리자만 가능합니다.');
+
+    auth_check($auth[$sub_menu], 'd');
+
+    check_token();
+
+    // _BOARD_DELETE_ 상수를 선언해야 board_delete.inc.php 가 정상 작동함
+    define("_BOARD_DELETE_", TRUE);
+
+    for ($i=0; $i<count($_POST['chk']); $i++) {
+        // 실제 번호를 넘김
+        $k = $_POST['chk'][$i];
+
+        // include 전에 $bo_table 값을 반드시 넘겨야 함
+        $tmp_bo_table = escape_trim($_POST['board_table'][$k]);
+        include ('./board_delete.inc.php');
+    }
+
+
 }

 goto_url('./board_list.php?'.$qstr);