<%@ Language=VBScript %> <% Option Explicit %> <% dim str,val ' ÇØÇÇÁ¤´åÄÄ Ãß°¡ 2008-05-27 function sqlCheck(str) val=UCASE(str) if instr(val, ";") <> 0 Or _ instr(val, "'") <> 0 Or _ instr(val, "--") <> 0 Or _ instr(val, "/*") <> 0 Or _ instr(val, "*/") <> 0 Or _ instr(val, "XP_") <> 0 Or _ instr(val, "DECLARE") <> 0 Or _ instr(val, "SELECT") <> 0 Or _ instr(val, "UPDATE") <> 0 Or _ instr(val, "DELETE") <> 0 Or _ instr(val, "INSERT") <> 0 Or _ instr(val, "SHUTDOWN") <> 0 Or _ instr(val, "DROP") <> 0 then ' response.write "¿À·ù¹ß»ý" response.Write("") response.End Else sqlCheck=str end if end function 'Dim idx : idx=sqlCheck(request("idx")) Dim NewGetTable : NewGetTable = "noticesofBoard1" Dim GetPage : GetPage = sqlCheck(request("page")) Dim GetSearchPart : GetSearchPart = sqlCheck(request("SearchPart")) Dim GetSearchStr : GetSearchStr = sqlCheck(request("SearchStr")) Dim GetSeq : GetSeq = sqlCheck(request("seq")) 'C_id = Request.Cookies("USER")("C_id") 'C_passwd = Request.Cookies("USER")("C_pw") '/¼öÁ¤ºÎºÐ ¾ÏÈ£ È®ÀÎ ºÎºÐ '³»¿ë Ãâ·Â Sql = "select BD_SEQ, BD_THREAD , BD_DEPTH , BD_NAME, BD_EMAIL,BD_SUBJECT, BD_CONTENT,BD_URL,BD_PASSWD, BD_INPUTDATE, BD_IP, BD_READCOUNT ,BD_STATE from " Sql = Sql & NewGetTable & " where BD_seq = " & GetSeq Set Rs = Con.Execute(Sql) Dim GetBD_SEQ : GetBD_SEQ = Rs(0) Dim GetBD_THREAD : GetBD_THREAD = Rs(1) Dim GetBD_DEPTH : GetBD_DEPTH = Rs(2) Dim GetBD_NAME : GetBD_NAME = Rs(3) Dim GetBD_EMAIL : GetBD_EMAIL = Rs(4) Dim GetBD_SUBJECT : GetBD_SUBJECT = Rs(5) Dim GetBD_CONTENT : GetBD_CONTENT = Rs(6) Dim GetBD_URL : GetBD_URL = Rs(7) Dim GetBD_BD_PASSWORD : GetBD_BD_PASSWORD = Rs(8) Dim GetBD_BD_INPUTDATE: GetBD_BD_INPUTDATE = Rs(9) Dim GetBD_BD_IP : GetBD_BD_IP = Rs(10) GetBD_BD_IP = left(GetBD_BD_IP,10) & "..." Dim GetBD_READCOUNT : GetBD_READCOUNT = Rs(11) Dim GetBS_STATE : GetBS_STATE = Rs(12) Rs.close set rs = nothing %>

ÇöÀçÀ§Ä¡ : HOME >PLM Community > °øÁö»çÇ×

<% Dim Rs1 Sql = "SELECT Right(File_NAME,3) , File_Name , FILE_SEQ FROM " & NewGetTable & "_PDS WHERE FILE_BD_SEQ = " & GetSeq & " and FILE_BD_TABLE ='" & NewGetTable &"'" Set Rs1 = Con.Execute(Sql) if not Rs1.Eof then %> Á¦¸ñ ÀÛ¼ºÀÚ E-Mail ºñ¹Ð¹øÈ£ * ±Û µî·Ï½Ã »ç¿ëÇÑ ¾ÏÈ£¸¦ ÀÔ·ÂÇϼ¼¿ä. URL  ³» ¿ë <%=GetBD_CONTENT%> ÆÄÀϾ÷·Îµå <% Response.Write ("  : " & Rs1(1) &"ÀÇ ÆÄÀÏÀÌ Á¸ÀçÇÕ´Ï´Ù.") Response.write ("¾Æ·¡ ÆÄÀÏ÷ºÎ¸¦ Çҽà ±âÁ¸ÆÄÀÏÀº »èÁ¦°¡ µË´Ï´Ù. ") end if Rs1.close %>