1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
|
<?
header("Content-type:text/html;charset=euc-kr");
@extract($_REQUEST);
// include Á¤ÀÇ
include_once("dbconnect.php"); // DB Connect Information
include_once("smsLib.php"); // SMS Library Function
// Notice Error ¹æÁö
if(!isset($_POST['sendType'])) $_POST['sendType'] = "";
if(!isset($_POST['userId'])) $_POST['userId'] = "";
if(!isset($_POST['userPw'])) $_POST['userPw'] = "";
if(!isset($_POST['message'])) $_POST['message'] = "";
if(!isset($_POST['fromTel'])) $_POST['fromTel'] = "";
if(!isset($_POST['toTel'])) $_POST['toTel'] = "";
// º¯¼ö ¼±¾ð
$sendType = $_POST['sendType']; // ¹®ÀÚÀü¼Û ŸÀÔ(sms, mms)
$userId = $_POST['userId']; // »ç¿ëÀÚ ID
$userPw = $_POST['userPw']; // ºñ¹Ð¹øÈ£
$message = $_POST['message']; // ¹®ÀÚ³»¿ë
$fromTel = $_POST['fromTel']; // Àü¼ÛÀÚ ¹øÈ£
$toTel = $_POST['toTel']; // ¹Þ´Â»ç¶÷ ¹øÈ£
$userInfo = ""; // »ç¿ëÀÚ Á¤º¸
$sms_no = ""; // SMS °íÀ¯¹øÈ£
$errorMsg = ""; // Error ¸Þ¼¼Áö
/*
$sendType = "mms";
$userId = "mijin";
$userPw = "1011010";
$toTel = "01025400030";
$fromTel = "15448680";
$message = "sms Àü¼Û Å×½ºÆ® ÇÏ°í ÀÖ´Ù";
*/
// ÇʼöÇ׸ñÀÌ ´©¶ô µÇ¾úÀ» °æ¿ì Error Message Ãâ·Â ÈÄ Á¾·á.
if($sendType == "" || $userId == "" || $userPw == "" || $message == "" || $fromTel == "" || $toTel == ""){
echo $errorMsg = "ÇʼöÇ׸ñÀÌ ´©¶ô µÇ¾ú½À´Ï´Ù.";
// µð¹ö±ë ¸ðµå
/*/
foreach($_POST as $k => $value){
echo $k."=>".$v."<br>";
}
*/
exit;
}
$sql = "SELECT userid FROM smsuser WHERE userid = '{$userId}' LIMIT 1";
$result = mysql_query($sql, $conn);
while($row = mysql_fetch_assoc($result)){
// SQL Injection °ø°ÝÀ» ¸·±â À§ÇØ ºñ¹Ð¹øÈ£ üũ Query ºÐÇÒ
if($row['userid']){
//$sql = "SELECT userid, userpw, restcnt FROM smsuser WHERE userid = '{$row['userid']}' AND userpw = '{$userPw}'";
$sql = "SELECT userid, restcnt FROM smsuser WHERE userid = '{$row['userid']}' AND user_passwd = SHA1('{$userPw}')";
$result = mysql_query($sql, $conn);
while($row = mysql_fetch_assoc($result)){
$userInfo = $row;
}
}
}
if($userInfo['userid'] == "" || $userInfo['userid'] == null){
echo $errorMsg = "¾ÆÀ̵ð ¹× ºñ¹Ð¹øÈ£¸¦ È®ÀÎÇϼ¼¿ä.";
exit;
}
if($userInfo['restcnt'] <= 0){
echo $errorMsg = "ÀÜ¿©Æ÷ÀÎÆ®°¡ ºÎÁ·ÇÕ´Ï´Ù.";
exit;
}
// ½ÇÁ¦ ·ÎÁ÷ ó¸® ÇÔ¼ö È£Ã⠺κÐ.
if($sendType == "sms"){
echo SendSMS($userInfo['userid'], $toTel, $fromTel, $message, $userInfo['restcnt']); // sms Àü¼Û ÇÔ¼ö(»ç¿ëÀÚID, ¹Þ´Â»ç¶÷ÇÚµåÆù, º¸³»´Â»ç¶÷(ȸ½ÅÀüȹøÈ£), ¹ß¼ÛÀÏ, ¸Þ¼¼Áö, ÇöÀçÆ÷ÀÎÆ®)
exit;
}else if($sendType == "mms"){
echo SendMMS($userInfo['userid'], $toTel, $fromTel, $message, $userInfo['restcnt']); // mms Àü¼Û ÇÔ¼ö(»ç¿ëÀÚID, ¹Þ´Â»ç¶÷ÇÚµåÆù, º¸³»´Â»ç¶÷(ȸ½ÅÀüȹøÈ£), ¹ß¼ÛÀÏ, ¸Þ¼¼Áö, ÇöÀçÆ÷ÀÎÆ®)
exit;
}else{
echo $errorMsg = "ÇʼöÇ׸ñÀÌ ´©¶ô µÇ¾ú½À´Ï´Ù.";
exit;
}
?>
|