1. 이클립스를 실행해 New -> php project를 통해 html이라는 프로젝트명으로 생성

finish로 저장

이제 여기서 코딩을 해 홈페이지를 구축할 것이다.

 

 

 

html의 기본 구성

 

<div> </div>  영역을 나눌 때 사용

<span> </span> 작은 영역을 나눌 때 사용

 

 

 

border: 1px solid; //범위볼 때 자주 쓴다.

 

부팅 시 자동으로 서비스를 켜줌.

chkconfig httpd on

chkconfig mysqld on 

 

1. 취약한 홈페이지 제작

 

/var/www/html

header.php

<?php session_start(); ?>
<html>
 <head>
	<link type="text/css" rel="stylesheet" href="/css/main.css">
	<link type="text/css" rel="stylesheet" href="/css/sub.css">
 </head>
 <body>
  <div id="wrap">
		<header>
		 <div id="login">
		 <?php 
		 	if($_SESSION['id'])
		 	{
		 	?>
		 	<a href="/member/logout.php">LogOut</a> 
		 	| <a href="/member/modify.php">Modify</a>
		 	<?php 
		 	}else{
		 	?>
		 	<a href="/member/login.php">Login</a> 
		 	| <a href="/member/member.php">Membership</a>
		 	<?php 
		 	}
		 	?>
		 </div>
		 <div id="logo">
		 	<h1><a href="/index.php">CARE LAB</a></h1>
		 </div>
		 <nav id="nav_main">
		 		<ul>
		 			<li><a href="/index.php">HOME</a></li>
		 			<li><a href="#">COMPANY</a></li>
		 			<li><a href="#">SOLUTIONS</a></li>
		 			<li><a href="/center/list.php">CUSTOMER CENTER</a></li>
		 		</ul>
		 </nav>
		</header>

footer.php

   <footer>
   	<hr>
   	<div id="copy">
   			서울특별시 강남구 역삼역 3번출구 바로 앞 빌딩 3층 코리아정보보안IT학원<br>
 			COPYRIGHT 2019 CARE_KYES. ALL RIGHTS RESERVED 010-6315-6980
   	</div>
   	<div id="social">
   		<img src="/images/facebook.gif">
   		<img src="/images/twitter.gif">
   	</div>
   </footer>				
  </div>
 </body>
</html>

dbconn.php

<?php
$conn = mysqli_connect("localhost", "root", "root", "sample") or die('연결안됨');
//$conn = mysqli_connect("localhost", "root", "root", "sample");
?>

index.php

<?php include "header.php"; ?>
		
		<div id="main_img">
			<img src="/images/main_img.jpg">
		</div>
		
   <article>
    <div id="security">
   		<div class="solution">
   			<h3>Security Solution</h3>
   			<p>
   						방대한 IT인프라, 폭발적인 데이터 증가, 
   						복잡한 컴플라이언스, 강화된 법 규제 등 IT환경은 점점 더 복잡해지고 있습니다.
   						 그리고 이와 더불어 해킹공격의 자동화, 보안 위협의 지능화, 무차별적 공격, 
   						사이버 전쟁의 위험 증가 등 사이버 공격은 날로 진화하고 있습니다.
   			</p>
   		</div>
   			<div class="control">
   			 <h3>Security Control</h3>
   			 <p>
   			 			보안관리서비스는 고객사의 정보보호 솔루션을 보안관제센터에서 
   			 			원격으로 운영, 관제하여 이상 상 황 발생시 실시간으로 대응하는 서비스로 
   			 			이러한 사고를 미연에 방지할 수 있도록 각종 정보를 제공하고,
   			 			 사전 점검하는 서비스를 말합니다.
   			</div>
   			<div class="consulting">
   			<h3>Security Consulting</h3>
   				<p>
   						Bug Hunting Team and Security Consulting Team 
   						both specialize in Red Teaming Exercise. 
   						They have global references in conducting various 
   						Red Teaming Exercise on various scopes ranging from 
   						website/application to financial sectors. 
   				</p>
   			</div>
   	</div>
   </article>
   
<?php include "footer.php"; ?>

 

 

/var/www/html/member

delete.php

<?php 
include "../header.php";
if(!$_SESSION['id']){
	echo "<script>alert('로그인 후 이용하세요'); location.href='/member/login.php';</script>";
			exit;
}
?>
<div id="img_mem"></div>
<script>
function check()
{
if(document.form_mem.pw.value == "")
{
	alert('패스워드를 입력주세요.');
	document.form_mem.pw.focus();
	return ;
}
if(document.form_mem.repw.value == "")
{
	alert('패스워드 한번 더 입력해주세요..');
	document.form_mem.pw.focus();
	return ;
}
if(document.form_mem.pw.value != document.form_mem.repw.value)
{
	alert('다시 입력해임마.');
	document.form_mem.pw.focus();
	return ;
}
if(confirm('정말 탈퇴할꺼야?'))
{
	document.form_mem.action="/member/member_delete.php"
	document.form_mem.submit();	
}
}
</script>
<nav id="nav_sub">
	<ul>
		<li><a href="/member/member.php">회원가입</a></li>
		<li><a href="/member/modify.php">회원수정</a></li>
		<li><a href="/member/delete.php">회원탈퇴</a></li>
		<li><a href="/member/login.php">로그인</a></li>
	</ul>
</nav>
<article id="main_mem">
	<h1>회원 탈퇴</h1>
	<form name ="form_mem" method="post" >
	<fieldset>
	<legend>	패스워드 확인</legend>
	
		<label>아이디:</label> 
		<?=$_SESSION['id']?>	
		<div class="clear"></div>
		
		<label>패스워드:</label>
		<input type="password" name="pw" class="pw">	
		<div class="clear"></div>
		<label>패스워드 확인:</label>
		<input type="password" name="repw">	
		<div class="clear"></div>
		
		
  </fieldset>
  	<div id="buttons">
		 <input type="button" value="탈퇴" class="mem_submit" 
		 onclick="check();">
		 <input type="button" value="취소" 
		 onclick="javascript:history.go(-1)';" class="mem_button">	
		 
		</div>
		</form>
		</article>
<div class="clear"></div>
<?php include "../footer.php"?>

login.php

<?php include "../header.php";?>
<div id="img_mem"></div>

<nav id="nav_sub">
	<ul>
		<li><a href="/member/member.php">회원가입</a></li>
		<li><a href="/member/modify.php">회원수정</a></li>
		<li><a href="/member/delete.php">회원탈퇴</a></li>
		<li><a href="/member/login.php">로그인</a></li>
	</ul>
</nav>

<article id="main_login">
	<h1>CARE LAB</h1>
	<form action="login_ok.php" method="post">
		<fieldset>
		<label>아이디</label>
		<input type="text" class="id" name="id">
		<div class="clear"></div>
		<label>패스워드</label>
		<input type="password" class="pw" name="pw">
		</fieldset>
		
		
		<input type="submit" value="제출" class="login_submit">
	</form>
	
</article>
<div class="clear"></div>
<?php include "../footer.php";?>

login_ok.php

<?php
	session_start();
	$id = $_POST['id'];
	$pw = $_POST['pw'];
	
	
	include "../dbconn.php";
	$sql = "select * from member where id='$id' and pw='$pw'";
	$result = mysqli_query($conn, $sql);
	$num = mysqli_num_rows($result);
	
	if(! $num)
	{
		echo "<script>alert('아이디 또는 패스워드를 확인하세요.');
						history.go(-1);</script>";
		exit;
	}else{
		$row = mysqli_fetch_array($result);
		$_SESSION['id'] = $row['id'];
		$_SESSION['name'] = $row['name'];
		$_SESSION['mobile'] = $row['mobile'];
		$_SESSION['nick'] = $row['nick'];
		$_SESSION['address'] = $row['address'];
		$_SESSION['email'] = $row['email'];
	}
	mysqli_close($conn);
?>
<script>
	alert('로그인 성공');
	location.href='/index.php';
</script>

logout.php

<?php
	session_start();
	session_destroy();
?>
<script>
	alert('로그아웃');
	location.href='/index.php';
</script>

member.php

<?php include "../header.php"?>
<script>
	function check()
	{
		if(document.form_mem.id.value == "")
		{
			alert('아이디를 입력해주세요.');
			document.form_mem.id.focus();
			return ;
		}
		document.form_mem.action="/member/member_ok.php";
		document.form_mem.submit();
	}
</script>
<div id="img_mem"></div>

<nav id="nav_sub">
	<ul>
		<li><a href="/member/member.php">회원가입</a></li>
		<li><a href="/member/modify.php">회원수정</a></li>
		<li><a href="/member/delete.php">회원탈퇴</a></li>
		<li><a href="/member/login.php">로그인</a></li>
	</ul>
</nav>

<article id="main_mem">
	<h1>회원 가입</h1>
	<form method="post" name="form_mem">
	
	<fieldset>
	<legend>	Basic Info</legend>
	
		<label>User ID</label> <input type="text" name="id" class="id">	
		<div class="clear"></div>
		<label>Password</label><input type="password" name="pw" class="pw">	
		<div class="clear"></div>
		<label>Retype Password</label><input type="password" name="repw">	
		<div class="clear"></div>
		<label>Name</label> <input type="text" name="name">		
		<div class="clear"></div>
		<label>Mobile</label> <input type="text" name="mobile">
  </fieldset>
  
  <fieldset>
  	<legend>Optional Info</legend>
  	<label>E-Mail</label> <input type="text" name="email">
  	<div class="clear"></div>
  	<label>Address</label> <input type="text" name="address" class="address">	
  	<div class="clear"></div>
  	<label>NickName</label> <input type="text" name="nick">
  
  </fieldset>
  	<div id="buttons">
		 <input type="button" value="취소" 
		 onclick="javascript:location.href='/index.php';" class="mem_button">	
		 <input type="button" value="가입" class="mem_submit" 
		 onclick="check();">
		</div>
	</form>
</article>
<div class="clear"></div>
<?php include "../footer.php"?>

member_delete.php

<?php
session_start();
if(! $_SESSION['id'])
{
	echo "<script>alert('로그인 후 이용하세요.')
						location.href='/member/login.php';
						</script>";
	exit;
}
$id = $_SESSION['id'];
$pw = $_POST['pw'];
$repw = $_POST['repw'];

include "../dbconn.php";
$sql= "select  pw from member where id='$id'";
$result = mysqli_query($conn, $sql); 
$num =  mysqli_fetch_array($result);


if($num['pw'] != $pw){
	echo "<script> alert('비밀번호가 일치하지 않습니다.');history.go(-1);</script>";
}
else{
$del= "delete from member where id='$id'";
mysqli_query($conn, $del);
mysqli_close($conn);

}
echo "<script>location.href='/member/logout.php';</script>";

?>

member_modify.php

<?php 
/*
	
*/
	session_start();
	if(! $_SESSION['id'])
	{
		echo "<script>alert('로그인 후 이용하세요.')
						location.href='/member/login.php';
						</script>";
		exit;
	}
	
	$id = $_SESSION['id'];
	$pw = $_POST['pw'];
	$name = $_POST['name'];
	$mobile = $_POST['mobile'];
	$address = $_POST['address'];
	$email = $_POST['email'];
	$nick = $_POST['nick'];
	

	if( !($pw and $name and $mobile and $address and $email and $nick))
	{
		echo "<script>alert('데이터를 입력하세요');
						history.go(-1);
						</script>";
		exit;
	}

	
	include "../dbconn.php";
	$sql = "update member set pw='$pw', name='$name', email='$email', nick='$nick',
	address='$address',mobile='$mobile' where id='$id'";
	
	
	mysqli_query($conn, $sql);
	

	mysqli_close($conn);
?>
	
<script>
alert('회원정보 수정 완료');
location.href='/member/logout.php';
</script>

member_ok.php

<?php
	include "../dbconn.php";
	
	$id = $_POST['id'];
	$pw = $_POST['pw'];
	$name = $_POST['name'];
	$mobile = $_POST['mobile'];
	$address = $_POST['address'];
	$email = $_POST['email'];
	$nick = $_POST['nick'];
	$date = date('Y-m-d');
	
	//회원 아이디 중복 확인.
	$sql = "select * from member where id='$id'";
	$result = mysqli_query($conn, $sql);
	
	$num = mysqli_num_rows($result);
	if($num)
	{
		echo "<script>alert('아이디가 사용 중입니다.'); 
						history.go(-1);</script>";
		exit;
	}else{
		$sql = "insert into member values
		('','$id','$pw','$name','$mobile','$email','$nick','$address',
		'$date')";
		mysqli_query($conn, $sql);
	}
	mysqli_close($conn);
?>
<script>
	alert('회원가입 완료');
	location.href='/index.php';
</script>

modify.php

<?php include "../header.php"?>
<script>
	function check()
	{
		if(document.form_mem.id.value == "")
		{
			alert('아이디를 입력주세요.');
			document.form_mem.id.focus();
			return ;
		}
		if(document.form_mem.pw.value == "")
		{
			alert('패스워드를 입력주세요.');
			document.form_mem.pw.focus();
			return ;
		}
		document.form_mem.action="/member/member_modify.php";
		document.form_mem.submit();
	}
</script>
<div id="img_mem"></div>

<nav id="nav_sub">
	<ul>
		<li><a href="/member/member.php">회원가입</a></li>
		<li><a href="/member/modify.php">회원수정</a></li>
		<li><a href="/member/delete.php">회원탈퇴</a></li>
		<li><a href="/member/login.php">로그인</a></li>
	</ul>
</nav>

<article id="main_mem">
	<h1>회원 수정</h1>
	<form method="post" name="form_mem">
	
	<fieldset>
	<legend>	Basic Info</legend>
	
		<label>User ID</label> 
		<?=$_SESSION['id']?>	
		<div class="clear"></div>
		
		<label>Password</label>
		<input type="password" name="pw" class="pw">	
		<div class="clear"></div>
		<label>Retype Password</label>
		<input type="password" name="repw">	
		<div class="clear"></div>
		
		<label>Name</label> 
		<input type="text" name="name" value=<?=$_SESSION['name']?>>		
		<div class="clear"></div>
		
		<label>Mobile</label> 
		<input type="text" name="mobile" value=<?=$_SESSION['mobile']?>>
  </fieldset>
  
  <fieldset>
  	<legend>Optional Info</legend>
  	<label>E-Mail</label> 
  	<input type="text" name="email" value=<?=$_SESSION['email']?>>
  	<div class="clear"></div>
  	
  	<label>Address</label> 
  	<input type="text" name="address" value=<?=$_SESSION['address']?>>	
  	<div class="clear"></div>
  	<label>NickName</label> 
  	<input type="text" name="nick" value=<?=$_SESSION['nick']?>>
  
  </fieldset>
  	<div id="buttons">
		 <input type="button" value="취소" 
		 onclick="javascript:location.href='/index.php';" class="mem_button">	
		 <input type="button" value="가입" class="mem_submit" 
		 onclick="check();">
		</div>
	</form>
</article>
<div class="clear"></div>
<?php include "../footer.php"?>

DB 테이블

create table member(  
num int unsigned not null auto_increment,  
id varchar(50) not null,  
pw varchar(50) not null,  
name varchar(50) not null, 
mobile varchar(20) not null,  
email varchar(50),  
nick varchar(50),  
address varchar(100),  
date varchar(30),  
primary key(num, id)  
);

 

 

css

main.css

body 	{	margin: 0; padding: 0; background-color: #898989; }
#wrap 
{
	width: 1000px;
	height: 950px;
	background-image: url(/images/shadow.png);
	background-repeat: repeat-y;
	margin-left: auto;
	margin-right: auto;
 }
#login { float: right; margin-right: 50px; margin-top: 10px;}
a { text-decoration: none;}
#login a {color: #333;}
#login a:hover {color: #f90;}
#logo {float: left; margin-top: 50px; margin-left: 50px;}
#logo a { color: #f90; }
#logo a:hover { color: #333; }
#nav_main
{
	width: 650px; 
	float: right; 
	margin-top: 70px;
	margin-right: 50px;  
}
#nav_main ul {list-style: none; font-size: 20px;}
#nav_main ul li { float:left; margin: 0 15px;}
#nav_main ul li a { color: #333;}
#nav_main ul li a:hover 
{
	background-image: url(/images/blue.gif);
	background-repeat: repeat-x;
	background-position: bottom;
 }
header{height: 200px;}
#security 
 {
 width:930px;
 height: 280px;
 margin-left: 20px;
 margin-top: 10px;
 background: #EAEAEA;
 padding-top: 20px;
 }
.solution, .control, .consulting
 {
 	width: 30%;
 	float: left;
 	margin-left: 25px;
 	background-repeat: no-repeat;
	background-position: left top;
 }
 .consulting	 { background-image: url(/images/icon1.png); }
 .solution{ background-image: url(/images/icon2.png); }
 .control{ background-image: url(/images/icon3.png);}	 
 .solution h3, .control h3, .consulting h3
 {
 	margin-left: 90px;
 }
.solution p, .control p, .consulting p
 {
 	margin-top: 40px;
 	margin-left: 15px;
 }
footer
 {
 width: 950px;
 	margin-left: 10px;
 	margin-top: 40px;
 }
#copy,  #social
 {
 margin-left: 50px;
 margin-top: 20px;
 float: left;
 }
#social { margin-left: 140px;}

 

sub.css

/* member.php */

#img_mem
{
	background-image: url(/images/member/sub_back.png);
	background-repeat: no-repeat;
	width: 970px;
	height: 180px;
}
#nav_sub {	width: 200px; 	margin-left: 10px; float: left;}
#nav_sub ul {list-style: none; font-size: 20px;}
#nav_sub ul a
{ 
color: #333; 
height: 30px; 
display: block;
width: 150px;
background-image: url(/images/bullet.gif);
background-repeat: no-repeat;
background-position: right;
border-bottom-width: 1px;
border-bottom-style: dotted;
padding: 5px;
}
#nav_sub ul a:hover
{ 
	color: #f90; 
	background-image: url(/images/bullet_orange.gif);
	background-repeat: no-repeat;
	background-position: right;
}
.clear{clear: both;}
#main_mem
{
	float: left;
	width: 650px;
	height: 450px;
	margin-left: 50px;
}
#main_mem fieldset legend 
{ 	
	font-size: 20px; 
}
#main_mem fieldset label { float: left; width :150px; padding: 5px;}
#main_mem fieldset input
{ 
	width: 250px; 
	height: 25px;
	background-color: #fcfdea;
}
#buttons
{
	width: 600px;
	height: 50px;
}
.mem_button, .mem_submit
{
	width: 31%;
	height: 40px;
	font-size: 20px;
	color: #fff;
	margin-top: 10px;
	margin-left: 20px;
	border-radius : 5px;
}
.mem_button { background-image: url(/images/member/cancel_back.jpg);}
.mem_submit { background-image: url(/images/member/submit_back.jpg);}
#main_mem fieldset { border: none;}
#main_mem fieldset input.id { width: 150px;}


/* login.php */
#main_login
{	
	width: 450px;
	height: 400px;
	float: left;
	margin-left: 120px;
}
#main_login h1
{
	font-size: 40px;
	color: #f90;
	text-align: center;
	margin-left: 50px;
}
#main_login fieldset
{
	border: none;
	margin-left: 50px;
}
#main_login fieldset label
{	
	float: left;
	width: 100px;
	margin: 5px;
	font-size: 20px;
}
#main_login fieldset input
{
	margin: 5px;
	background-color: #fcfdea;
	border: 1px solid;
	height: 30px;
	width: 200px;
}
.login_submit
{
	background-image: url(/images/member/submit_back.jpg);
	border-radius: 10px;
	height: 50px;
	color: #fff;
	font-size: 20px;
	width: 200px;
	margin-left: 176px;
	margin-top: 20px;
}

/* list.php */
#img_cen
{
	background-image : url(/images/center/sub_back.png);
	background-repeat : no-peat;
	width: 970px;
	height: 180px;
}
#main_cen
{
	width: 650px;
	float: left;
	margin-left: 50px;
}
#main_cen h1 { font-size: 30px;}
#main_cen table { width: 640px;} 
#main_cen table th
{
	background-image: url(/images/center/t_back.jpg);
	background-repeat: repeat-x;
	background-position : center;
	font-size: 20px;
	color: #fff;
	padding: 5px;
}
.title {width: 300px;}
#main_cen table td
{
	text-align: center;
	border-bottom: 1px dotted;
	padding: 5px;
}
#main_cen .subject a { color: #333; }
#main_cen .subject a:hover { color: #f90; }

#list_form {float: right; margin-top: 10px; margin-right: 10px;}
#list_form select, #list_form input { height: 25px; }

#page_control { text-align: center; }
#page_control a { color: #333; }
#page_control a:hover { color: #f90; }

#button { text-align: right; margin-right: 15px;}


/*view.php */
#view_title
 {
 	width: 100%;
 	height: 40px;
 	background-color: #eee;
 	border: 1px solid #ccc;
 	line-height: 40px;
 	font-size: 18px;
 	font-weight: bold;
 }
 .view_title1
{
	float: left;
	width: 55%;
	text-align: center;
}
 .view_title2
{
	float: left;
	width: 43%;
	text-align: right;
}
#view_content
{
	width: 100%;
	height: 300px;
	border: 1px solid #ccc;
}
#view_file
{
	font-weight: bold;
	color: #333;
	margin-top: 5px;
}

/*write.php*/

#main_cen .col1
{
	float : left;
	width : 30%;
	text-align : center;
	background-color : #eee;
	height : 25px;
}
#main_cen .col2
{
	float: left;
	width: 66%;
	height : 25px;
}
#write_row1 .col2 { text-align : left; }
#write_row3 .col1 { height : 200px; }
#write_row3 .col2 { border: none; }
#write_row3 textarea {	height : 200px;	width: 100%; }
#main_cen .col2 input
{
	border : 1px solid #999;
	width : 100%;
	height : 25px;
}
#main_cen .line { 	border-bottom : 1px solid #ccc; 	width: 97%; }

 

/var/www/html/center

 

delete.php

<?php
include "../dbconn.php";
include "../header.php";
if(!$_SESSION['id']){
	echo "<script>alert('로그인 후 이용하세요'); location.href='/member/login.php';</script>";
	exit;
}
$num = $_GET['num'];



$sql = "select * from center where num = '$num'";
$result= mysqli_query($conn, $sql);
$row = mysqli_fetch_array($result);
$filename =$row['filename'];

$delete = "delete from center where num = '$num'";
mysqli_query($conn, $delete);
mysqli_close($conn);

if($filename){
unlink("../data/". $filename);
}
echo "<script> alert('게시글 삭제완료.'); location.href='/center/list.php';</script>";






?>

 

download.php

<?php

$filename = $_GET['filename'];
header("content-disposition: attachment; filename=$filename");

$fp = fopen("../data/".$filename, "r");
fpassthru($fp);
fclose($fp);
?>

 

 

insert.php

<?php
session_start();
if(!$_SESSION['id']){
	echo "<script>alert('로그인 후 이용하세요'); location.href='/member/login.php';</script>";
	exit;
}
$mode=$_GET['mode'];
$num=$_GET['num'];
$subject = $_POST['subject'];
$content = $_POST['content'];
$id = $_SESSION['id'];
$nick = $_SESSION['nick'];
$date = date('Y-m-d');
$filename=$_FILES['upfile']['name'];  //실제 파일 이름
$tmp = $_FILES['upfile']['tmp_name']; //임시 파일 이름


if(!($content && $subject) )
{
	echo " <script>alert('데이터를 입력해 주세요.'); history.go(-1)</script>";
    exit;

}
include"../dbconn.php";

if($mode=='modfiy')
{
//수정
if($filename)
{
$sql ="update center set content='$content',subject='$subject',
filename='$filename' where num='$num'";
}else {
	$sql="update center set content='$content',subject='$subject' where num='$num'";
}
}else{
	//작성
	$sql ="insert into center values('','$id','$nick','$subject','$content','$date',0,'$filename')";
	
}
	mysqli_query($conn, $sql);
	mysqli_close($conn);
	
	if(is_uploaded_file($tmp))  //tmp에 있는 경로로 가서 파일이 있으면 true 없으면 false 을 반환한다.
	{
		$destination='../data/' . $filename;  //../data/a.txt 
		move_uploaded_file($tmp, $destination);
		
	}
?>
<script>alert('완료');location.href='/center/list.php'</script>

 

list.php

<?php include "../header.php";
$data = $_POST['data'];
$find = $_POST['find'];
$mode = $_GET['mode'];
$page = $_GET['page'];

if(!$page)
{
	$page=1; 
}

if($mode == "search"){
	if($data=="")
	{
		echo "<script>alert('데이터를 입력 후 이용해라.');location.href='list.php';</script>";
	}
	
	$sql = "select * from center where $find like '%$data%' order by num desc";
	
}
else{
	$sql = "select * from center order by num desc";
}

include "../dbconn.php";
$result = mysqli_query($conn, $sql);
$record = mysqli_num_rows($result);
$scroll = 3;
if($record % $scroll == 0)
{
$pageCnt = $record / $scroll;
}else {
	$pageCnt = ceil($record / $scroll);  //ceil() 올림 해주는 함수 
}
$start = ($page-1) * $scroll; //for문의 초기값
$number = $record - $start; //게시글의 번호

?>
<div id="img_cen"></div>
<nav id="nav_sub">
		<ul>
			<li><a href="list.php">게시글 목록</a></li>
			<li><a href="write.php">게시글 작성</a></li>
			<li><a href="delete.php">게시글 삭제</a></li>
			<li><a href="write.php?mode=modfiy">게시글 수정</a></li>   <!--  mode=modfiy 이문장을 통해 게시글 작성과 구별을 둔다. -->
		</ul>
	</nav>
	
	<article id="main_cen">
		<h1>게시글 목록</h1>
		<table>
		 <tr>
		 	<th class="no">번호</th>
		 	<th class="title">제목</th>
		 	<th class="writer">작성자</th>
		 	<th class="date">날짜</th>
		 	<th class="hit">조회수</th>
		 </tr>
		 <?php 
		 for($i = $start; $i < $scroll+$start &&  $i< $record; $i++)
		 {
		 mysqli_data_seek($result, $i);   //데이터의 값을 이동시켜줌.
		 $row= mysqli_fetch_array($result);
		 $subject = $row['subject'];
		 $nick = $row['nick'];
		 $date = $row['date'];
		 $hit = $row['hit'];
		 $num = $row['num'];
		 
		 ?>
		
		 <tr>
		 	<td><?=$number ?></td>
			<td class="subject">	<a href="view.php?num=<?=$num?>&page=<?=$page ?>"><?= $subject ?></a>	</td>
		 	<td><?=$nick ?></td>
		 	<td><?=$date ?></td>
		 	<td><?=$hit ?></td>
		 </tr>
		 <?php 
		 $number--;
		 }
		 ?>
		</table>
		<form action="list.php?mode=search" method="post" id="list_form">
			<select name="find">
				<option value="subject">제목</option>
				<option value="content">내용</option>
				<option value="nick">작성자</option>
			</select>
			<input type="text" name="data">
			<input type="submit" value="검색">
		</form>
		
		<div class="clear"></div>
		
		<div id="page_control">
		<?php 
		if($page <= 1)
		{
		
		
			echo "<a href= 'list.php?page=1'>Prev</a>";
			
		}else 
		{
			$page --;
			echo "	<a href='list.php?page=$page'>Prev</a>";
			$page++;
		}
	
		
			for($i=1; $i <=$pageCnt;$i++)
			echo "	<a href='list.php?page=$i'>$i</a>";
			
			
	if($page >=$pageCnt)
			echo "<a href='list.php?page=$pageCnt'>Next</a>";
	else{
		$page++;
		echo "<a href='list.php?page=$pageCnt'>Next</a>";
		$page--;
	}
			?>
		</div>
		<div id="button">
			<a href="write.php"> <img src="/images/write.png"> </a>
		</div>
	</article>
	<div class="clear"></div>
<?php include "../footer.php";
mysqli_close($conn);
?>

 

view.php

<?php 
include "../header.php";
include "../dbconn.php";

$num = $_GET['num'];
$page = $_GET['page'];

$sql = "select * from center where num='$num'";
$result= mysqli_query($conn, $sql);
$row = mysqli_fetch_array($result);
$content = $row['content'];
$subject = $row['subject'];
$date = $row['date'];
$hit = $row['hit'];
$filename =$row['filename'];
$nick=$row['nick'];
$hit++ ;
$sql= "update center set hit='$hit' where num = '$num'";
mysqli_query($conn, $sql);
mysqli_close($conn);
?>

<div id="img_cen"></div>
<nav id="nav_sub">
		<ul>
			<li><a href="list.php?page=<?=$page?>">게시글 목록</a></li>
			<li><a href="write.php">게시글 작성</a></li>
			<li><a href="delete.php?num=<?=$num?>">게시글 삭제</a></li>
			<li><a href="write.php?mode=modfiy&num=<?=$num?>">게시글 수정</a></li>   <!--  mode=modfiy 이문장을 통해 게시글 작성과 구별을 둔다. -->
		</ul>
	</nav>

<article id="main_cen">
	<h1>글 내용</h1>

	<div id="view_title">
		<div class="view_title1"><?=$subject ?></div>
		<div class="view_title2"><?=$nick?>조회수  :<?=$hit ?>  <?=$date ?></div>
	</div>
	<div id="view_content"><?= $content?></div>

	<div id="view_file">첨부 파일 :
	<a href="download.php?filename=<?=$filename ?>"> <?=$filename?></a>
	</div>

	<div id="button">
		<a href="list.php?page=<?=$page?>"><img src="/images/list.png"></a>
		<a href="write.php?mode=modfiy&num=<?=$num?>"><img src="/images/modify.png"></a>
		<a href="delete.php?num=<?=$num?>"><img src="/images/delete.png"></a>
		<a href="write.php"><img src="/images/write.png"></a>
	</div>
</article>
<div class="clear"></div>
<?php include "../footer.php"; ?>

 

write.php

<?php include "../header.php";
if(!$_SESSION['id']){
	echo "<script>alert('로그인 후 이용하세요'); location.href='/member/login.php';</script>";
	exit;
}

$mode=$_GET['mode'];
$nick= $_SESSION['nick'];
$num= $_GET['num'];
if($mode =='modfiy')
{
include "../dbconn.php";
$sql="select * from center where num='$num'";
$result= mysqli_query($conn, $sql);
$row = mysqli_fetch_array($result);
$id =$row['id'];
if($_SESSION['id'] != $id){
	
	echo "<script>alert('작성자만 수정 가능합니다.');
					location.href='/center/list.php';
					</script>";
}
$content= $row['content'];
$subject= $row['subject'];
mysqli_close($conn);
}
?>

<div id="img_cen"></div>
<nav id="nav_sub">
		<ul>
		 <li><a href="list.php">게시글 목록</a></li>
			<li><a href="write.php">게시글 작성</a></li>
			<li><a href="delete.php">게시글 삭제</a></li>
			<li><a href="write.php?mode=modfiy">게시글 수정</a></li>   <!--  mode=modfiy 이문장을 통해 게시글 작성과 구별을 둔다. -->
		</ul>
	</nav>

<article id="main_cen">
	
	<?php 
	if($mode == 'modfiy')
	{
 ?>
 <h1>글수정</h1>
 <form action="insert.php?mode=modfiy&num=<?=$num?>" method="post" enctype="multipart/form-data">		
	<?php
	} else {
	?>
		<h1> 글 작성</h1>
		<form action="insert.php" method="post" enctype="multipart/form-data"> <!-- enctype="multipart/form-data 가 있어야 업로드가 가능. -->
		<?php
	}
		?>
		
		
		<div class="line"></div>
		<table id="write_table"> 	
			<tr id="write_row1">
				<td class="col1">닉네임</td>
				<td class="col2"><?=$nick?></td>
			</tr>
			
			<tr id="write_row2">
				<td class="col1">제목</td>
				<td class="col2"> <input type="text" name="subject" value=<?=$subject ?>> </td>
			</tr>
			
			<tr id="write_row3">
				<td class="col1">내용</td>
				<td class="col2"><textarea name="content"><?=$content ?></textarea></td>
			</tr>
			
			<tr id="write_row4">
				<td class="col1">파일</td>
				<td class="col2"><input type="file" name="upfile"></td>
			</tr>
		</table>
	
		<div id="button">
			<input type="image" src="/images/ok.png">
			<a href="list.php"> <img src="/images/list.png"> </a>
		</div>
	</form>
</article>
<div class="clear"></div>
<?php include "../footer.php"; ?>

db테이블

create table center( 
num int unsigned not null auto_increment, 
id varchar(50), 
nick varchar(50), 
subject varchar(255) not null, 
content text, 
date varchar(30), 
hit int unsigned, 
filename varchar(255), 
primary key(num) 
);

 

 

'모의해킹' 카테고리의 다른 글

BOF  (0) 2019.07.04
취약 홈페이지를 통해 각종 공격 대응.  (0) 2019.06.28
apm구축  (0) 2019.06.18

+ Recent posts

티스토리툴바