<%@ Language=VBScript %> <% Option Explicit %> <% dim str,val ' 해피정닷컴 추가 2008-05-27 function sqlCheck(str) val=UCASE(str) if instr(val, ";") <> 0 Or _ instr(val, "'") <> 0 Or _ instr(val, "--") <> 0 Or _ instr(val, "/*") <> 0 Or _ instr(val, "*/") <> 0 Or _ instr(val, "XP_") <> 0 Or _ instr(val, "DECLARE") <> 0 Or _ instr(val, "SELECT") <> 0 Or _ instr(val, "UPDATE") <> 0 Or _ instr(val, "DELETE") <> 0 Or _ instr(val, "INSERT") <> 0 Or _ instr(val, "SHUTDOWN") <> 0 Or _ instr(val, "DROP") <> 0 then ' response.write "오류발생" response.Write("") response.End Else sqlCheck=str end if end function 'Dim idx : idx=sqlCheck(request("idx")) Dim NewGetTable : NewGetTable = "noticesofBoard1" Dim GetPage : GetPage = sqlCheck(request("page")) Dim GetSearchPart : GetSearchPart = sqlCheck(request("SearchPart")) Dim GetSearchStr : GetSearchStr = sqlCheck(request("SearchStr")) Dim GetSeq : GetSeq = sqlCheck(request("seq")) 'C_id = Request.Cookies("USER")("C_id") 'C_passwd = Request.Cookies("USER")("C_pw") '/수정부분 암호 확인 부분 '내용 출력 Sql = "select BD_SEQ, BD_THREAD , BD_DEPTH , BD_NAME, BD_EMAIL,BD_SUBJECT, BD_CONTENT,BD_URL,BD_PASSWD, BD_INPUTDATE, BD_IP, BD_READCOUNT ,BD_STATE from " Sql = Sql & NewGetTable & " where BD_seq = " & GetSeq Set Rs = Con.Execute(Sql) Dim GetBD_SEQ : GetBD_SEQ = Rs(0) Dim GetBD_THREAD : GetBD_THREAD = Rs(1) Dim GetBD_DEPTH : GetBD_DEPTH = Rs(2) Dim GetBD_NAME : GetBD_NAME = Rs(3) Dim GetBD_EMAIL : GetBD_EMAIL = Rs(4) Dim GetBD_SUBJECT : GetBD_SUBJECT = Rs(5) Dim GetBD_CONTENT : GetBD_CONTENT = Rs(6) Dim GetBD_URL : GetBD_URL = Rs(7) Dim GetBD_BD_PASSWORD : GetBD_BD_PASSWORD = Rs(8) Dim GetBD_BD_INPUTDATE: GetBD_BD_INPUTDATE = Rs(9) Dim GetBD_BD_IP : GetBD_BD_IP = Rs(10) GetBD_BD_IP = left(GetBD_BD_IP,10) & "..." Dim GetBD_READCOUNT : GetBD_READCOUNT = Rs(11) Dim GetBS_STATE : GetBS_STATE = Rs(12) Rs.close set rs = nothing %> PLM Best Practice Conference 2008 > PLM Community > 공지사항
현재위치 : HOME >PLM Community > 공지사항
 
<% Dim Rs1 Sql = "SELECT Right(File_NAME,3) , File_Name , FILE_SEQ FROM " & NewGetTable & "_PDS WHERE FILE_BD_SEQ = " & GetSeq & " and FILE_BD_TABLE ='" & NewGetTable &"'" Set Rs1 = Con.Execute(Sql) if not Rs1.Eof then %>
제목
작성자 E-Mail
비밀번호
* 글 등록시 사용한 암호를 입력하세요.
URL
 내 용
파일업로드
<% Response.Write ("  "&Rs1(1)&" : " & Rs1(1) &"의 파일이 존재합니다.") Response.write ("아래 파일첨부를 할시 기존파일은 삭제가 됩니다. ") end if Rs1.close %>