moumiGitKohom/webapps/totsys/board/doc/popup_board_modify.jsp

<%
/**********************************************************************************
	프로그램명		: popup_board_modify.jsp
	프로그램설명	: 집계문서에관한 공지 글 쓰기
	작 성 자			: 강 원 중
	작 성 일			: 2004. 06.07
	최신변경일		: 2005. 05.11
***********************************************************************************/
%>
<%@ page contentType="text/html; charset=euc-kr"%>

<%@ page import="java.util.Map.Entry"%>
<%@ page import="java.util.List"%>
<%@ page import="kr.co.kihyun.text.html.ServletUtil"%>
<%@ page import="kr.co.kihyun.lang.MInteger"%>
<%@ page import="kr.co.kihyun.beans.user.HttpSSOLogin"
	 import="kr.co.kihyun.lang.MLong"
         import="javax.jdo.PersistenceManager"
	 import="javax.jdo.Transaction"
         import="javax.jdo.Transaction"
	 import="kr.co.kihyun.beans.entity.util.*"
	 import="kr.co.kihyun.beans.entity.TotDoc"
	 import="kr.co.kihyun.beans.entity.Board"%>
<%@ include file="/totsys/common/inc/sec/secure.inc.jsp"%>

<%
PersistenceManager pm = new MPersistenceManager(PMF.get().getPersistenceManager());
Transaction tx = pm.currentTransaction();
try{
	/*********** User HttpSSOLogin check ***********/
	if(!HttpSSOLogin.isLogin(request)){
		String connURL="opener.location='/totsys/login/login.jsp';";		
		out.println(ServletUtil.getJavaScript(connURL));
		out.println(ServletUtil.getJavaScript("window.close();"));
		return;
	}

	/********** session내의 userId **********/		
	String usID = HttpSSOLogin.getLoginID(request);
	
	/****** Parameter ******/
	Long docID = MLong.parseLong(request.getParameter("docID"),null);
	Long boardID = MLong.parseLong(request.getParameter("boardID"),null);
	String strPage = clearXSS(request.getParameter("strPage"),"");
	String findOption = clearXSS(request.getParameter("findOption"),"");
	String findWord = clearXSS(request.getParameter("findWord"),"");

	tx.begin();

	/****** Doc list data get ******/
	TotDoc totDoc = pm.getObjectById(TotDoc.class, docID);
	String docName = totDoc.getName();
	String regID = totDoc.getUser(pm).getId();
	
	/****** 본인 유무 처리 ******/
	boolean isManager = false;
	if(usID.equals(regID)){
		isManager = true;	
	}

	/*********** Board View vlaues ***********/	
	Board board = null;
	String boardTitle = "";
	String boardContents = "";	
	String usrFilenames = "";
	String svrFilenames = "";	
	String boardGroupID = "";
	int fileCount = 0;
	
	board = boardID == null ? null : pm.getObjectById(Board.class, boardID);
	boardTitle = board.getTitle();	
	boardContents=board.getContents();
	for (Entry<String, List<Byte>> entry : board.getAttachments().entrySet()) {
		usrFilenames += entry.getKey() + ";";
		svrFilenames += entry.getKey() + ";";
	}
	fileCount = board.getAttachments().size();
	boardGroupID = board.getCategory().getId();

	tx.rollback();

	session.setAttribute("modifyTargetURI", "opener.location='/totsys/total/doc_view.jsp?docID="+docID+"&strPage="+strPage+"&findOption="+findOption+"&findWord="+findWord+"'");
	%>
<html>
<head>
<title>공지사항-변경</title>
<META http-equiv="Content-Type" content="text/html; charset=ks_c_5601-1987">
<link rel="stylesheet" href="/totsys/common/cs/momo.css" type="text/css">
<SCRIPT language=JAVASCRIPT src="/totsys/common/js/onMouseOver.js"></SCRIPT>
<!--<script language="javascript">
				
//			function checkUser(isManager){
//				if(isManager == "false"){
//					alert("공지사항에 대한 쓰기 권한이 없습니다.");
//					window.close();
//				}
//			}
		
		</script>-->
<script language="javascript">
			num = <%= fileCount %>;
			usrFilenames = "<%= usrFilenames %>";
			svrFilenames = "<%= svrFilenames %>";			
			fileInfos = "";
			userFilePath = "";

			/********** userfile list와 serverfile list를 배열로 저장 **********/
			function checkFile(Filename, Filename2){
				frm = document.multiUpload;
				mkFileList(Filename, Filename2, 'add');
				num++;
				frm.fileCount.value = num;
			}
			function mkFileList(Filename, Filename2, size, mode) {

				var tmpSvrFilenames = "";
				var tmpUsrFilenames = "";
				var tmpFileInfos = "";
				//var nList4 = "";				

				if (!mode){
					mode = "add";
				}

				subFilename = Filename;
				subFilename2 = cut_str( 1, Filename2, "/");
				subinfo = size;

				svrFilenameList = svrFilenames.split(";", num);
				usrFilenameList = usrFilenames.split(";", num);
				fileInfoList = fileInfos.split(";", num);

				if (mode == "add") {
					if (svrFilenames && usrFilenames) {
						for (i=0; i<num; i++) {
							tmpSvrFilenames += svrFilenameList[i] + ";";
							tmpUsrFilenames += usrFilenameList[i] + ";";
							tmpFileInfos += fileInfoList[i] + ";";
						}
						tmpSvrFilenames += subFilename;
						tmpUsrFilenames += subFilename2;
						tmpFileInfos += subinfo;
					} else {
						tmpSvrFilenames = subFilename;
						tmpUsrFilenames = subFilename2;
						tmpFileInfos = subinfo;					
					}
				} else {
					for (i=0; i<num; i++) {
						if (subFilename == svrFilenameList[i])
							continue;
						else {
							tmpSvrFilenames += svrFilenameList[i] + ";";
							tmpUsrFilenames += usrFilenameList[i] + ";";
							tmpFileInfos += fileInfoList[i] + ";";						
						}
					}
				}

				svrFilenames = tmpSvrFilenames;
				usrFilenames = tmpUsrFilenames;
				fileInfos = tmpFileInfos;				
			}

			function cut_str( state, value, separator ) {

				if (!separator){
					separator = ".";
				}

				if ( state == 0 ){
					return value.substring(0, value.lastIndexOf(separator));
				}

				if ( state == 1 ){
					return value.substring(value.lastIndexOf(separator)+1, value.length );
				}
			}

			function delFrm() {

				var list = document.subUpload.delFrm.fileList;
				var a = list.options[list.selectedIndex].value;			
				var no = -1;

				svrFilenameList = svrFilenames.split(";", num);
				usrFilenameList = usrFilenames.split(";", num);

				for(i=0; i<num; i++) {
					if (a == svrFilenameList[i]) {
						no = i;
						mkFileList(svrFilenameList[i], usrFilenameList[i], 0,"delete");
					}
				}

				if (no != -1) {
					frm = document.multiUpload;

					dname = "uForm_" + no;

					if (num > 0){
						num--;
					}

					frm2 = document.subUpload.delFrm;
					frm2.submit();
				}
			}

			function checkForm(){
				var frm = document.multiUpload;		 
				//if (!num || !svrFilenames || !usrFilenames){
				//	alert ("첨부된 파일이 없습니다. 다시 시도해 주세요.");
				//} else {
					if(frm.title.value == ""){
						alert("제목을 입력해 주세요.");
						frm.title.focus();
						return;
					}else if(frm.contents.value == ""){
						alert("내용을 입력해 주세요.");
						frm.contents.focus();
						return;
					}else{					
						frm.fileCount.value = num;
						frm.svrFilenames.value = svrFilenames;
						frm.usrFilenames.value = usrFilenames;
						frm.fileInfos.value = fileInfos;
						frm.submit();
					}
				//}
			}
		//
		</script>
</head>

<body style='' leftmargin="0" topmargin="0" marginwidth="0"
      marginheight="0" text=black vLink=purple aLink=red link=blue
      onload="checkUser('<%= isManager %>'); multiUpload.title.focus();">
<table width="100%" height="100%" border="0" cellspacing="0" cellpadding="0">
	<tr>
	<td colspan="3">
		<TABLE height=65 cellSpacing=0 cellPadding=0 width="100%" border=0>
			<TBODY>
				<TR>
					<!------------------ top ---------------------->
					<TD width=185 background="/totsys/common/images/notice_write.gif">
					<P>&nbsp;</P>
					</TD>
					<TD background="/totsys/common/images/popup_02.jpg">
					<P>&nbsp;</P>
					</TD>
					<TD width=21 background="/totsys/common/images/popup_04.jpg">
					<P>&nbsp;</P>
					</TD>
				</TR>
			</TBODY>
		</TABLE>
	</td>
	</tr>
	<tr>
		<!------------------ left ---------------------->
		<td width="13" background="/totsys/common/images/popup_07.jpg"></td>
		<td>
                    <!------------------ body(글보기) ---------------------->
		<DIV class="popper" id="topdeck"></DIV>
		<SCRIPT language=JAVASCRIPT src="/totsys/common/images//utilPopUp.js"></SCRIPT>
		<TABLE cellSpacing=0 cellPadding=4 width="100%" height="100%" align=center border=0>
			<TBODY>
				<FORM name="multiUpload" action="/servlet/kr.co.kihyun.beans.totsys.board.HttpBoardModify" method="post">
                                    <INPUT type="hidden" name="userID" value="<%= usID %>">
                                    <INPUT type="hidden" name="boardGroupID" value="<%= boardGroupID %>">
                                    <INPUT type="hidden" name="fileCount">
                                    <input type="hidden" name="svrFilenames">
                                    <input type="hidden" name="usrFilenames">
                                    <input type="hidden" name="fileInfos">
                                    <input type="hidden" name="boardID" value="<%= boardID %>">
				<tr>
                                    <td nowrap height="15"></td>
				</tr>
				<TR>
					<TD colSpan=2>
                                            <FONT color=#ff6600 size=2><B>&nbsp;&nbsp;[<%= docName %> ]</B></FONT>
                                        </TD>
				</TR>
				<TR>
					<TD colSpan=2 height=4></TD>
				</TR>
				<TR>
					<TD vAlign=center align=right width=80>&nbsp;&nbsp;
                                            <IMG src="/totsys/common/images//intro_04_point.gif" border=0>&nbsp;&nbsp;제&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;목
					</TD>
					<TD width=440><INPUT class=inputtxt onmouseover="pop('제목을 입력하세요.','#FFFFFF');" onmouseout=kill();
					    size="70" name="title" value="<%= boardTitle %>"></TD>
				</TR>
				<TR>
					<TD vAlign=top align=right><BR>
					&nbsp;&nbsp;<IMG src="/totsys/common/images//intro_04_point.gif"
						border=0>&nbsp;&nbsp;내&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;용
					</TD>
					<TD><TEXTAREA class=inputtxt
						onmouseover="pop('내용을 입력하세요','#FFFFFF');" onmouseout=kill();
						name="contents" rows=11 cols=68 STYLE="ime-mode: active"><%= boardContents %></TEXTAREA>
					</TD>
				</TR>
				<TR>
					<TD valign="top" align=right>&nbsp;&nbsp;
                                            <IMG src="/totsys/common/images//intro_04_point.gif" border=0>&nbsp;&nbsp;파일첨부
					</TD>
					<TD align="left"><iframe
						src='./write_file_upload.jsp?boardGroupID=<%= boardGroupID %>&execMode=init'
						name='subUpload' height="150" width="450" border=0 frameborder=0
						scrolling=no marginheight=0 marginwidth=2 align=left></iframe></TD>
				</TR>
				<TR>
					<TD colSpan="2" align="center">
                                            <A  href="#"
						onclick="javascript:checkForm();"
						onmouseover="na_change_img_src('image_e', 'document', 'images/btn_enter_1.gif', true);"
						onmouseout="na_restore_img_src('image_e', 'document');">
                                            <IMG src="/totsys/common/images/btn_enter.gif" align="absMiddle" border="0" name="image_e">
                                            </A>&nbsp;&nbsp;
                                            <A href="#"
						onclick="javascript:history.go(-1);"
						onmouseover="na_change_img_src('image_c', 'document', 'images/btn_cancel_1.gif', true);"
						onmouseout="na_restore_img_src('image_c', 'document');">
                                            <IMG src="/totsys/common/images/btn_cancel.gif" align="absMiddle" border="0" name="image_c">
                                            </A>
                                        </TD>
				</TR>
				<TR>
					<TD nowrap height="15" colSpan="2" align="center"></TD>
				</TR>
				</FORM>
			</TBODY>
		</TABLE>
		</td>
		<!------------------------- right ----------------------->
		<td width="21" valign="bottom" background="/totsys/common/images/popup_09.jpg">
                    <img src="/totsys/common/images/popup_12.jpg" width="21" height="39">
                </td>
	</tr>
	<tr>
		<!------------------------- bottom  ----------------------->
		<td colspan="3">
		<TABLE height="26" cellSpacing="0" cellPadding="0" width="100%"
			border=0>
			<TBODY>
				<TR>
					<TD width="13" background="/totsys/common/images/popup_13.jpg">
					<P>&nbsp;</P>
					</TD>
					<TD background="/totsys/common/images/popup_15.jpg">
					<P>&nbsp;</P>
					</TD>
					<TD width="131" background="/totsys/common/images/popup_16.jpg">
					<P>&nbsp;</P>
					</TD>
				</TR>
			</TBODY>
		</TABLE>
		</td>
	</tr>
</table>
</body>
</html>
<%
}catch(Exception ex){
        //38.오류메세지를 통한 정보 노출(getMessage)_CWE-209 : Update by YOUNGJUN,CHO
	ex.printStackTrace();
	//out.println(ex);//앤개
	//out.println("<html><body style='overflow=auto' bgcolor='white'><h1>Can't contact servlet runner</h1><br><br>Message : "+ex.getMessage()+"</body></html>");
	//out.println("<META HTTP-EQUIV='refresh' CONTENT='0.1; URL=/error/exception.jsp'>");
        //================================================
}finally{
	if(tx.isActive())
	tx.rollback();
	pm.close();
}
%>