echajoa/m/mypage/dealer_proc.php

<?php

	include $_SERVER["DOCUMENT_ROOT"].'/common/lib/comm.php';

	$table_name = "dealer_master";

	$PageNo = trim(avoid_crack($_REQUEST["PageNo"]));

	$mode = trim(avoid_crack($_POST["mode"]));

	$cd_dealer  = trim(avoid_crack($_POST["cd_dealer"]));
	$cd_dealerid  = trim(avoid_crack($_POST["cd_dealerid"]));
	$cd_dealer_p  = trim(avoid_crack($_POST["cd_dealer_p"]));
	$nm_pass  = trim(avoid_crack($_POST["nm_pass"]));
	$ds_type  = trim(avoid_crack($_POST["ds_type"]));
	$ds_usertype  = trim(avoid_crack($_POST["ds_usertype"]));
	$ds_level  = trim(avoid_crack($_POST["ds_level"]));
	$nm_company  = trim(avoid_crack($_POST["nm_company"]));
	$nm_name  = trim(avoid_crack($_POST["nm_name"]));
	$nm_birth  = trim(avoid_crack($_POST["nm_birth"]));
	$nm_tel_01  = trim(avoid_crack($_POST["nm_tel_01"]));
	$nm_tel_02  = trim(avoid_crack($_POST["nm_tel_02"]));
	$nm_tel_03  = trim(avoid_crack($_POST["nm_tel_03"]));
	$nm_hp_01  = trim(avoid_crack($_POST["nm_hp_01"]));
	$nm_hp_02  = trim(avoid_crack($_POST["nm_hp_02"]));
	$nm_hp_03  = trim(avoid_crack($_POST["nm_hp_03"]));
	$nm_fax_01  = trim(avoid_crack($_POST["nm_fax_01"]));
	$nm_fax_02  = trim(avoid_crack($_POST["nm_fax_02"]));
	$nm_fax_03  = trim(avoid_crack($_POST["nm_fax_03"]));
	$nm_email  = trim(avoid_crack($_POST["nm_email"]));
	$nm_zip  = trim(avoid_crack($_POST["nm_zip"]));
	$nm_addr  = trim(avoid_crack($_POST["nm_addr"]));
	$nm_addr_sub  = trim(avoid_crack($_POST["nm_addr_sub"]));
	$nm_etc_01  = trim(avoid_crack($_POST["nm_etc_01"]));
	$nm_etc_02  = trim(avoid_crack($_POST["nm_etc_02"]));
	$nm_etc_03  = trim(avoid_crack($_POST["nm_etc_03"]));
	$ds_status  = trim(avoid_crack($_POST["ds_status"]));
	$nm_company_biz  = trim(avoid_crack($_POST["nm_company_biz"]));
	$nm_name_biz  = trim(avoid_crack($_POST["nm_name_biz"]));
	$nm_no_biz  = trim(avoid_crack($_POST["nm_no_biz"]));
	$nm_date_biz  = trim(avoid_crack($_POST["nm_date_biz"]));
	$nm_type_biz  = trim(avoid_crack($_POST["nm_type_biz"]));
	$nm_condition_biz  = trim(avoid_crack($_POST["nm_condition_biz"]));
	$nm_tel_biz_01  = trim(avoid_crack($_POST["nm_tel_biz_01"]));
	$nm_tel_biz_02  = trim(avoid_crack($_POST["nm_tel_biz_02"]));
	$nm_tel_biz_03  = trim(avoid_crack($_POST["nm_tel_biz_03"]));
	$nm_hp_biz_01  = trim(avoid_crack($_POST["nm_hp_biz_01"]));
	$nm_hp_biz_02  = trim(avoid_crack($_POST["nm_hp_biz_02"]));
	$nm_hp_biz_03  = trim(avoid_crack($_POST["nm_hp_biz_03"]));
	$nm_fax_biz_01  = trim(avoid_crack($_POST["nm_fax_biz_01"]));
	$nm_fax_biz_02  = trim(avoid_crack($_POST["nm_fax_biz_02"]));
	$nm_fax_biz_03  = trim(avoid_crack($_POST["nm_fax_biz_03"]));
	$nm_email_biz  = trim(avoid_crack($_POST["nm_email_biz"]));
	$nm_zip_biz  = trim(avoid_crack($_POST["nm_zip_biz"]));
	$nm_addr_biz  = trim(avoid_crack($_POST["nm_addr_biz"]));
	$nm_addr_sub_biz  = trim(avoid_crack($_POST["nm_addr_sub_biz"]));
//	$nm_area  = trim(avoid_crack($_POST["nm_area"]));
if ($mode == "UpdateDealer"){
	$nm_area  = trim(avoid_crack(implode(",",$_POST["nm_area"])));
}else{
	$nm_area  = trim(avoid_crack($_POST["nm_area"]));
}
	$nm_title  = trim(avoid_crack($_POST["nm_title"]));
	$nm_file  = trim(avoid_crack($_POST["nm_file"]));
	$nm_etc  = trim(avoid_crack($_POST["nm_etc"]));
	$dt_insert  = trim(avoid_crack($_POST["dt_insert"]));
	$nm_insert  = trim(avoid_crack($_POST["nm_insert"]));
	$dt_update  = trim(avoid_crack($_POST["dt_update"]));
	$nm_update  = trim(avoid_crack($_POST["nm_update"]));
	$ds_delind  = trim(avoid_crack($_POST["ds_delind"]));

	$cd_sale  = trim(avoid_crack($_POST["cd_sale"]));
	$nm_price  = trim(avoid_crack($_POST["nm_price"]));
	$nm_score_postscript  = trim(avoid_crack($_POST["nm_score_postscript"]));
	$nm_cont_postscript  = trim(avoid_crack($_POST["nm_cont_postscript"]));

//	$cd_procid = $_SESSION[admin_cd_dealerid];


//	$PageNo = trim(avoid_crack($_POST["PageNo"]));

	$upload_path =  $_SERVER['DOCUMENT_ROOT'].UPLOAD_PATH."dealer/";

	switch($mode) {
	//저장하기
	case "Add" :

		if (is_uploaded_file($_FILES['nm_file']['tmp_name'])) {
			if($_FILES['nm_file']['size'] > 0 ){
				$upload_file_name = upload($_FILES['nm_file'],$upload_path."nm_file/", 800, array('gif',  'jpeg', 'jpg','png','bmp' ,'ttif'));
				if($upload_file_name==false){
					AlertBack("첨부파일 업로드 실패 하였습니다.");
					die();
				}
			}
		}

		$_fields = Array(
				"cd_dealerid" => $cd_dealerid
				, "cd_dealer_p" => $cd_dealer_p
				, "nm_pass" => $nm_pass
				, "ds_type" => $ds_type
				, "ds_usertype" => $ds_usertype
				, "ds_level" => $ds_level
				, "nm_company" => $nm_company
				, "nm_name" => $nm_name
				, "nm_birth" => $nm_birth
				, "nm_tel_01" => $nm_tel_01
				, "nm_tel_02" => $nm_tel_02
				, "nm_tel_03" => $nm_tel_03
				, "nm_hp_01" => $nm_hp_01
				, "nm_hp_02" => $nm_hp_02
				, "nm_hp_03" => $nm_hp_03
				, "nm_fax_01" => $nm_fax_01
				, "nm_fax_02" => $nm_fax_02
				, "nm_fax_03" => $nm_fax_03
				, "nm_email" => $nm_email
				, "nm_zip" => $nm_zip
				, "nm_addr" => $nm_addr
				, "nm_addr_sub" => $nm_addr_sub
				, "nm_etc_01" => $nm_etc_01
				, "nm_etc_02" => $nm_etc_02
				, "nm_etc_03" => $nm_etc_03
				, "ds_status" => $ds_status
				, "nm_company_biz" => $nm_company_biz
				, "nm_name_biz" => $nm_name_biz
				, "nm_no_biz" => $nm_no_biz
				, "nm_date_biz" => $nm_date_biz
				, "nm_type_biz" => $nm_type_biz
				, "nm_condition_biz" => $nm_condition_biz
				, "nm_tel_biz_01" => $nm_tel_biz_01
				, "nm_tel_biz_02" => $nm_tel_biz_02
				, "nm_tel_biz_03" => $nm_tel_biz_03
				, "nm_hp_biz_01" => $nm_hp_biz_01
				, "nm_hp_biz_02" => $nm_hp_biz_02
				, "nm_hp_biz_03" => $nm_hp_biz_03
				, "nm_fax_biz_01" => $nm_fax_biz_01
				, "nm_fax_biz_02" => $nm_fax_biz_02
				, "nm_fax_biz_03" => $nm_fax_biz_03
				, "nm_email_biz" => $nm_email_biz
				, "nm_zip_biz" => $nm_zip_biz
				, "nm_addr_biz" => $nm_addr_biz
				, "nm_addr_sub_biz" => $nm_addr_sub_biz
				, "nm_area" => $nm_area
				, "nm_title" => $nm_title
				, "nm_file" => $upload_file_name
				, "nm_etc" => $nm_etc
				, "dt_insert" => now()
				, "nm_insert" => $nm_insert
				, "dt_update" => now()
				, "nm_update" => $nm_update
				, "ds_delind" =>  "N"
			);

		$result  = $dbCon->insertDAO($_fields,$table_name);
//echo $result;
//echo "<BR>";
		$cd_dealer  = mysql_insert_id();

		$s_cd_dealer = $_SESSION[s_cd_dealer];

		$sqlPwd="UPDATE dealer_master set nm_pass = password('".$nm_pass."'), cd_dealer_p = '".$s_cd_dealer."' where cd_dealer = '".$cd_dealer."'";
		$result  = $dbCon->query($sqlPwd);
//echo $result;
//echo "<BR>";
//exit;
		if ($result) {
			AlertRedirect("등록에 성공 하였습니다.","dealer_manager.php");
		}else{
			AlertBack("등록 실패 하였습니다.");
		}

	break;

	//수정하기
	case "Update":

		if (is_uploaded_file($_FILES['nm_file']['tmp_name'])) {
			if($_FILES['nm_file']['size'] > 0 ){
				$upload_file_name = upload($_FILES['nm_file'],$upload_path."nm_file/", 800, array('gif',  'jpeg', 'jpg','png','bmp' ,'ttif'));
				if($upload_file_name==false){
					AlertBack("첨부파일 업로드 실패 하였습니다.");
					die();
				}
			}
		}

		if ($upload_file_name == ""){
		$_fields = Array(
				 "nm_company" => $nm_company
				, "nm_name" => $nm_name
				, "nm_birth" => $nm_birth
				, "nm_tel_01" => $nm_tel_01
				, "nm_tel_02" => $nm_tel_02
				, "nm_tel_03" => $nm_tel_03
				, "nm_hp_01" => $nm_hp_01
				, "nm_hp_02" => $nm_hp_02
				, "nm_hp_03" => $nm_hp_03
				, "nm_fax_01" => $nm_fax_01
				, "nm_fax_02" => $nm_fax_02
				, "nm_fax_03" => $nm_fax_03
				, "nm_email" => $nm_email
				, "nm_zip" => $nm_zip
				, "nm_addr" => $nm_addr
				, "nm_addr_sub" => $nm_addr_sub
				, "nm_etc_01" => $nm_etc_01
				, "nm_etc_02" => $nm_etc_02
				, "nm_etc_03" => $nm_etc_03
				, "ds_status" => $ds_status
				, "nm_company_biz" => $nm_company_biz
				, "nm_name_biz" => $nm_name_biz
				, "nm_no_biz" => $nm_no_biz
				, "nm_date_biz" => $nm_date_biz
				, "nm_type_biz" => $nm_type_biz
				, "nm_condition_biz" => $nm_condition_biz
				, "nm_tel_biz_01" => $nm_tel_biz_01
				, "nm_tel_biz_02" => $nm_tel_biz_02
				, "nm_tel_biz_03" => $nm_tel_biz_03
				, "nm_hp_biz_01" => $nm_hp_biz_01
				, "nm_hp_biz_02" => $nm_hp_biz_02
				, "nm_hp_biz_03" => $nm_hp_biz_03
				, "nm_fax_biz_01" => $nm_fax_biz_01
				, "nm_fax_biz_02" => $nm_fax_biz_02
				, "nm_fax_biz_03" => $nm_fax_biz_03
				, "nm_email_biz" => $nm_email_biz
				, "nm_zip_biz" => $nm_zip_biz
				, "nm_addr_biz" => $nm_addr_biz
				, "nm_addr_sub_biz" => $nm_addr_sub_biz
				, "nm_area" => $nm_area
				, "nm_title" => $nm_title
				,
//				"dt_insert" => now(),
//				"nm_insert" => $cd_procid,
				"dt_update" => now(),
				"nm_update" => $cd_procid,
			);
		}else{
		$_fields = Array(
				 "nm_company" => $nm_company
				, "nm_name" => $nm_name
				, "nm_birth" => $nm_birth
				, "nm_tel_01" => $nm_tel_01
				, "nm_tel_02" => $nm_tel_02
				, "nm_tel_03" => $nm_tel_03
				, "nm_hp_01" => $nm_hp_01
				, "nm_hp_02" => $nm_hp_02
				, "nm_hp_03" => $nm_hp_03
				, "nm_fax_01" => $nm_fax_01
				, "nm_fax_02" => $nm_fax_02
				, "nm_fax_03" => $nm_fax_03
				, "nm_email" => $nm_email
				, "nm_zip" => $nm_zip
				, "nm_addr" => $nm_addr
				, "nm_addr_sub" => $nm_addr_sub
				, "nm_etc_01" => $nm_etc_01
				, "nm_etc_02" => $nm_etc_02
				, "nm_etc_03" => $nm_etc_03
				, "ds_status" => $ds_status
				, "nm_company_biz" => $nm_company_biz
				, "nm_name_biz" => $nm_name_biz
				, "nm_no_biz" => $nm_no_biz
				, "nm_date_biz" => $nm_date_biz
				, "nm_type_biz" => $nm_type_biz
				, "nm_condition_biz" => $nm_condition_biz
				, "nm_tel_biz_01" => $nm_tel_biz_01
				, "nm_tel_biz_02" => $nm_tel_biz_02
				, "nm_tel_biz_03" => $nm_tel_biz_03
				, "nm_hp_biz_01" => $nm_hp_biz_01
				, "nm_hp_biz_02" => $nm_hp_biz_02
				, "nm_hp_biz_03" => $nm_hp_biz_03
				, "nm_fax_biz_01" => $nm_fax_biz_01
				, "nm_fax_biz_02" => $nm_fax_biz_02
				, "nm_fax_biz_03" => $nm_fax_biz_03
				, "nm_email_biz" => $nm_email_biz
				, "nm_zip_biz" => $nm_zip_biz
				, "nm_addr_biz" => $nm_addr_biz
				, "nm_addr_sub_biz" => $nm_addr_sub_biz
				, "nm_area" => $nm_area
				, "nm_title" => $nm_title
				, "nm_file" => $upload_file_name
				,
//				"dt_insert" => now(),
//				"nm_insert" => $cd_procid,
				"dt_update" => now(),
				"nm_update" => $cd_procid,
			);
		}

		$result  = $dbCon->updateDAO($_fields,$table_name,"cd_dealer='".$cd_dealer."'");


		 if($_POST["nm_pass"]){

			$sqlPwd="UPDATE dealer_master set nm_pass = password('".$nm_pass."')  where cd_dealer = '".$cd_dealer."'";
			$result  = $dbCon->query($sqlPwd);
		 }

		if ($result) {
			AlertRedirect("수정 성공 하였습니다.","dealer_manager.php");
		}else{
			AlertBack("수정 실패 하였습니다.");
		}
	break;

	//수정하기
	case "UpdateDealer":

		if (is_uploaded_file($_FILES['nm_file']['tmp_name'])) {
			if($_FILES['nm_file']['size'] > 0 ){
				$upload_file_name = upload($_FILES['nm_file'],$upload_path."nm_file/", 800, array('gif',  'jpeg', 'jpg','png','bmp' ,'ttif'));
				if($upload_file_name==false){
					AlertBack("첨부파일 업로드 실패 하였습니다.");
					die();
				}
			}
		}

		if ($upload_file_name == ""){
		$_fields = Array(
				 "nm_company" => $nm_company
				, "nm_name" => $nm_name
				, "nm_birth" => $nm_birth
				, "nm_tel_01" => $nm_tel_01
				, "nm_tel_02" => $nm_tel_02
				, "nm_tel_03" => $nm_tel_03
				, "nm_hp_01" => $nm_hp_01
				, "nm_hp_02" => $nm_hp_02
				, "nm_hp_03" => $nm_hp_03
				, "nm_fax_01" => $nm_fax_01
				, "nm_fax_02" => $nm_fax_02
				, "nm_fax_03" => $nm_fax_03
				, "nm_email" => $nm_email
				, "nm_zip" => $nm_zip
				, "nm_addr" => $nm_addr
				, "nm_addr_sub" => $nm_addr_sub
				, "nm_etc_01" => $nm_etc_01
				, "nm_etc_02" => $nm_etc_02
				, "nm_etc_03" => $nm_etc_03
//				, "ds_status" => $ds_status
				, "nm_company_biz" => $nm_company_biz
				, "nm_name_biz" => $nm_name_biz
				, "nm_no_biz" => $nm_no_biz
				, "nm_date_biz" => $nm_date_biz
				, "nm_type_biz" => $nm_type_biz
				, "nm_condition_biz" => $nm_condition_biz
				, "nm_tel_biz_01" => $nm_tel_biz_01
				, "nm_tel_biz_02" => $nm_tel_biz_02
				, "nm_tel_biz_03" => $nm_tel_biz_03
				, "nm_hp_biz_01" => $nm_hp_biz_01
				, "nm_hp_biz_02" => $nm_hp_biz_02
				, "nm_hp_biz_03" => $nm_hp_biz_03
				, "nm_fax_biz_01" => $nm_fax_biz_01
				, "nm_fax_biz_02" => $nm_fax_biz_02
				, "nm_fax_biz_03" => $nm_fax_biz_03
				, "nm_email_biz" => $nm_email_biz
				, "nm_zip_biz" => $nm_zip_biz
				, "nm_addr_biz" => $nm_addr_biz
				, "nm_addr_sub_biz" => $nm_addr_sub_biz
				, "nm_area" => $nm_area
				, "nm_title" => $nm_title
				,
//				"dt_insert" => now(),
//				"nm_insert" => $cd_procid,
				"dt_update" => now(),
				"nm_update" => $cd_procid,
			);
		}else{
		$_fields = Array(
				 "nm_company" => $nm_company
				, "nm_name" => $nm_name
				, "nm_birth" => $nm_birth
				, "nm_tel_01" => $nm_tel_01
				, "nm_tel_02" => $nm_tel_02
				, "nm_tel_03" => $nm_tel_03
				, "nm_hp_01" => $nm_hp_01
				, "nm_hp_02" => $nm_hp_02
				, "nm_hp_03" => $nm_hp_03
				, "nm_fax_01" => $nm_fax_01
				, "nm_fax_02" => $nm_fax_02
				, "nm_fax_03" => $nm_fax_03
				, "nm_email" => $nm_email
				, "nm_zip" => $nm_zip
				, "nm_addr" => $nm_addr
				, "nm_addr_sub" => $nm_addr_sub
				, "nm_etc_01" => $nm_etc_01
				, "nm_etc_02" => $nm_etc_02
				, "nm_etc_03" => $nm_etc_03
//				, "ds_status" => $ds_status
				, "nm_company_biz" => $nm_company_biz
				, "nm_name_biz" => $nm_name_biz
				, "nm_no_biz" => $nm_no_biz
				, "nm_date_biz" => $nm_date_biz
				, "nm_type_biz" => $nm_type_biz
				, "nm_condition_biz" => $nm_condition_biz
				, "nm_tel_biz_01" => $nm_tel_biz_01
				, "nm_tel_biz_02" => $nm_tel_biz_02
				, "nm_tel_biz_03" => $nm_tel_biz_03
				, "nm_hp_biz_01" => $nm_hp_biz_01
				, "nm_hp_biz_02" => $nm_hp_biz_02
				, "nm_hp_biz_03" => $nm_hp_biz_03
				, "nm_fax_biz_01" => $nm_fax_biz_01
				, "nm_fax_biz_02" => $nm_fax_biz_02
				, "nm_fax_biz_03" => $nm_fax_biz_03
				, "nm_email_biz" => $nm_email_biz
				, "nm_zip_biz" => $nm_zip_biz
				, "nm_addr_biz" => $nm_addr_biz
				, "nm_addr_sub_biz" => $nm_addr_sub_biz
				, "nm_area" => $nm_area
				, "nm_title" => $nm_title
				, "nm_file" => $upload_file_name
				,
//				"dt_insert" => now(),
//				"nm_insert" => $cd_procid,
				"dt_update" => now(),
				"nm_update" => $cd_procid,
			);
		}

		$result  = $dbCon->updateDAO($_fields,$table_name,"cd_dealer='".$cd_dealer."'");


		 if($_POST["nm_pass"]){
			$sqlPwd="UPDATE dealer_master set nm_pass = password('".$nm_pass."')  where cd_dealer = '".$cd_dealer."'";
			$result  = $dbCon->query($sqlPwd);
		 }

		if ($result) {
			AlertRedirect("수정 성공 하였습니다.","dealer_modify.php");
		}else{
			AlertBack("수정 실패 하였습니다.");
		}
	break;

	//입찰하기
	case "Tender" :

		$s_cd_dealerid = $_SESSION['s_cd_dealerid'];
		$s_nm_email = $_SESSION['s_nm_email'];
		$s_nm_name = $_SESSION['s_nm_name'];
		$s_nm_hp = $_SESSION['s_nm_hp'];
		$s_ds_type = $_SESSION['s_ds_type'];
		$s_cd_dealer = $_SESSION['s_cd_dealer'];
		$s_cd_dealer_p = $_SESSION['s_cd_dealer_p'];
		$s_nm_area = $_SESSION['s_nm_area'];

		$sql = "insert into tender_master(cd_sale,  cd_user,  cd_dealer,  cd_dealer_p,  ds_type,  ds_usertype,  nm_name,  nm_tel,  nm_hp,  nm_email,  nm_price,  nm_cont,  ds_status,  dt_insert,  nm_insert,  dt_update,  nm_update,  ds_delind) SELECT  cd_sale,  cd_user,  $s_cd_dealer cd_dealer,  $s_cd_dealer_p cd_dealer_p,  ds_type,  '$s_ds_type' ds_usertype,  '$s_nm_name' nm_name,  '' nm_tel,  '$s_nm_hp' nm_hp,  '$s_nm_email' nm_email,  $nm_price nm_price, '' nm_cont,  'A0' ds_status,  now() dt_insert,  $s_cd_dealer nm_insert,  now() dt_update,  $s_cd_dealer nm_update,  'N' ds_delind FROM sale_master where cd_sale = '".$cd_sale."'";

		$result  = $dbCon->query($sql);

		if ($result) {
			AlertRedirect("입찰 되었습니다.","dealer_tender_view.php?cd_sale=$cd_sale&ds_status_sale=E0&ds_status=E0");

		 }else{
			AlertRedirect("입찰 실패하였습니다.","dealer_tender_view.php?cd_sale=$cd_sale&ds_status_sale=E0&ds_status=E0");
		 }
	break;

	//입찰수정하기
	case "TenderModify" :

		$s_cd_dealer_p = $_SESSION['s_cd_dealer_p'];
		$s_ds_type = $_SESSION['s_ds_type'];

		$cd_sale = trim(avoid_crack($_POST["cd_sale"]));
		$cd_tender = trim(avoid_crack($_POST["cd_tender"]));
		$nm_price = trim(avoid_crack($_POST["nm_price"]));
		$ListPageNo = trim(avoid_crack($_REQUEST["ListPageNo"]));


		$cd_tender_sql = "select cd_tender, nm_modify_cnt
							, (select ds_status from sale_master s where s.cd_sale = t.cd_sale) as sale_ds_status
							, (select getRemainTime(".LIMIT_TIME_TENDER.", s.dt_approve, now()) from sale_master s where s.cd_sale = t.cd_sale) as time_limit_tender
								from tender_master t
									where t.ds_delind ='N'
										and t.cd_sale = '$cd_sale'
										and t.cd_dealer_p = '$s_cd_dealer_p'
										limit 1";
		// echo $cd_tender_sql;
		// exit;
		$cd_tender_row = mysql_fetch_array(mysql_query($cd_tender_sql));

		if($s_ds_type != "D1") {
			AlertBack("부관리자만 입찰 수정 할 수 있습니다.");
		}
		if($cd_tender_row[sale_ds_status] != "E0") {
			AlertBack("입찰중인건만 입찰 수정 할 수 있습니다.");
		}
		if(empty($cd_tender_row[cd_tender])) {
			AlertBack("입찰참여내역이 있는건만 입찰 수정 할 수 있습니다.");
		}
		if($cd_tender_row[nm_modify_cnt] > 2) {
			AlertBack("입찰수정은 최대 3번까지만 가능합니다.");
		}

		if($cd_tender_row[time_limit_tender] == "0분") {
			AlertBack("입찰가능시간에만 수정할 수 있습니다.");
		}
		if($_SESSION[s_ds_status_p] != "Z0") {
			AlertBack("승인되지 않은 사용자는 입찰 수정 할 수 없습니다");
		}


		$sql = "update tender_master set
					nm_price = '$nm_price'
					, nm_modify_cnt = nm_modify_cnt + 1
				where cd_sale = '".$cd_sale."'
					and cd_tender = '".$cd_tender_row['cd_tender']."'
					and cd_dealer_p = '$s_cd_dealer_p'  ";

		$result  = $dbCon->query($sql);

		if ($result) {
			AlertRedirect("입찰 수정 되었습니다.","dealer_tender_view.php?cd_sale=$cd_sale&ds_status_sale=E0&ds_status=F0&ListPageNo=$ListPageNo");

		 }else{
			 AlertBack("입찰 수정 실패하였습니다.");
		 }
	break;

	//낙찰하기
	case "TenderSuccess" :

		$cd_sale = trim(avoid_crack($_POST["cd_sale"]));
		$cd_tender = trim(avoid_crack($_POST["cd_tender"]));
		$nm_price = trim(avoid_crack($_POST["nm_price"]));

		$sql="update tender_master
				set
					ds_status = 'Z0'
					, dt_update = now()
					, nm_update = '$cd_userid'
				WHERE  cd_tender = $cd_tender";

		$result  = mysql_query($sql,$connect);


		$sql="update sale_master
				set
					ds_status = 'Z0'
					, nm_price = '$nm_price'
					, dt_update = now()
					, dt_success = now()
					, nm_update = '$cd_userid'
				WHERE  cd_sale = $cd_sale";

		$result  = mysql_query($sql,$connect);


		$table_name = " car_master a
						inner join sale_master f on (a.cd_car = f.cd_car)
						left outer join car_model b on (a.cd_model = b.cd_model)
						left outer join car_grade c on (a.cd_grade = c.cd_grade)
						left outer join car_brand d on (a.cd_brand = d.cd_brand)
						left outer join car_model_sub e on (a.cd_model_sub = e.cd_model_sub)";
		$_whereis = "  f.cd_sale = '".$cd_sale."' ";
		$col = $dbCon->selectDAO(" a.cd_brand, a.cd_model, a.cd_grade, b.nm_model, c.nm_grade, d.nm_brand, e.nm_model_sub, f.nm_hp, f.nm_name, a.nm_mileage, f.ds_area, a.nm_regdate_yyyy, a.nm_regdate_mm", $table_name, $_whereis);

		$senderKey = "4856a5e128f9289082c884d066f1df198cbb1165";
		$tmpltCode = "complete";
		$resMethod = "PUSH";
		$cur_date = date('Y-m-d H:i:s');

		$master_sql = "insert into kakao_biztalk set
	                        status = 0
	                        , senderKey = '".$senderKey."'
	                        , tmpltCode = '".$tmpltCode."'
	                        , resMethod = '".$resMethod."'
	                        , send_date = '".$cur_date."'
	                ";

	    $master_res = mysql_query($master_sql);
	    $cd_talk = mysql_insert_id();


        //최고 입찰 금액을 가져옴
        $r = mysql_query("SELECT t.*, d.nm_company nm_company_dealer, d.nm_name nm_name_dealer, s.ds_status ds_status_sale
                            , d1.nm_name nm_name_dealer1
                                FROM dealer_master d
                                inner join tender_master t on (d.cd_dealer = t.cd_dealer_p and t.cd_sale = $cd_sale and t.ds_delind='N' and t.cd_tender = '$cd_tender')
                                inner join dealer_master d1 on (t.cd_dealer = d1.cd_dealer)
                                inner join sale_master s on (t.cd_sale = s.cd_sale)
                            ORDER BY cast(t.nm_price as unsigned) desc, t.cd_tender desc
                            LIMIT 1");

        $dealer = mysql_fetch_array($r);

		$contents = $dealer[nm_company_dealer]."님

$col[nm_brand] $col[nm_model] $col[nm_grade] $col[nm_mileage]km

$col[nm_regdate_yyyy]년 $col[nm_regdate_mm]월

매물이 낙찰 되었습니다.

유프로 관리페이지에 접속하셔서 차량정보를
확인하세요!";
		// $contents = $col['nm_brand'].' '.$col['nm_model'].' '.$col['nm_grade'].' '.$col['nm_mileage'];

        //발송 대기 상태로 변경
        $recipient_sql = "INSERT INTO kakao_biztalk_recipient set
                                cd_talk = '".$cd_talk."'
                                , phone = '".$dealer[nm_hp]."'
                                , status = '0'
                                , contents = '".$contents."'
        ";
        // echo $recipient_sql;
        mysql_query($recipient_sql);

	    //발송대기 상태로 변경
	    mysql_query("update kakao_biztalk set status = '1' where cd_talk = '".$cd_talk."' ");

		if ($result) {
			AlertRedirect("낙찰하기 성공하였습니다.","sell_view.php?cd_sale=$cd_sale&ds_status_sale=Z0&ds_status=Z0");

		 }else{
			AlertRedirect("낙찰하기 실패하였습니다.","sell_view.php?cd_sale=$cd_sale&ds_status_sale=Z0&ds_status=Z0");
		 }
	break;

	//낙찰하기 Nomember
	case "TenderSuccessNomember" :

		$cd_sale = trim(avoid_crack($_POST["cd_sale"]));
		$cd_tender = trim(avoid_crack($_POST["cd_tender"]));
		$nm_price = trim(avoid_crack($_POST["nm_price"]));

		$nm_name = trim(avoid_crack($_POST["nm_name"]));
		$nm_hp = trim(avoid_crack($_POST["nm_hp"]));
		$nm_number = trim(avoid_crack($_POST["nm_number"]));

		$sql="update tender_master
				set
					ds_status = 'Z0'
					, dt_update = now()
					, nm_update = '$cd_userid'
				WHERE  cd_tender = $cd_tender";

		$result  = mysql_query($sql,$connect);


		$sql="update sale_master
				set
					ds_status = 'Z0'
					, nm_price = '$nm_price'
					, dt_update = now()
					, nm_update = '$cd_userid'
				WHERE  cd_sale = $cd_sale";

		$result  = mysql_query($sql,$connect);

		if ($result) {
			AlertRedirect("낙찰하기 성공하였습니다.","/sell/sell_view_nomember.php?nm_name=$nm_name&nm_hp=$nm_hp&nm_number=$nm_number&ds_status_sale=Z0&ds_status=Z0");

		 }else{
			AlertRedirect("낙찰하기 실패하였습니다.","/sell/sell_view_nomember.php?nm_name=$nm_name&nm_hp=$nm_hp&nm_number=$nm_number&ds_status_sale=Z0&ds_status=Z0");
		 }
	break;

	//Contract Step 1
	case "ContractStep1" :

		$cd_sale = trim(avoid_crack($_POST["cd_sale"]));
//		$cd_tender = trim(avoid_crack($_POST["cd_tender"]));
		$ds_status_contract_step1 = trim(avoid_crack($_POST["ds_status_contract_step1"]));

		$sql="update sale_master
				set
					ds_status_contract_step1 = '$ds_status_contract_step1'
					, dt_update = now()
					, nm_update = '$cd_userid'
				WHERE  cd_sale = $cd_sale";

		$result  = $dbCon->query($sql);

		if ($result) {
			AlertRedirect("등록 되었습니다.","dealer_tender_view2.php?cd_sale=$cd_sale");
		}else{
			AlertRedirect("등록 실패하였습니다.","dealer_tender_view2.php?cd_sale=$cd_sale");
		}
	break;

	//Contract Step 2
	case "ContractStep2" :

		$cd_sale = trim(avoid_crack($_POST["cd_sale"]));
//		$cd_tender = trim(avoid_crack($_POST["cd_tender"]));
		$nm_contract_date = trim(avoid_crack($_POST["nm_contract_date"]));
		$ds_status_contract_step2 = "Y";

		$sql="update sale_master
				set
					ds_status_contract_step2 = '$ds_status_contract_step2'
					, nm_contract_date = '$nm_contract_date'
					, dt_update = now()
					, nm_update = '$cd_userid'
				WHERE  cd_sale = $cd_sale";

		$result  = $dbCon->query($sql);

		if ($result) {
			AlertRedirect("등록 되었습니다.","dealer_tender_view2.php?cd_sale=$cd_sale");
		}else{
			AlertRedirect("등록 실패하였습니다.","dealer_tender_view2.php?cd_sale=$cd_sale");
		}
	break;

	//Contract Step 3
	case "ContractStep3" :

		$cd_sale = trim(avoid_crack($_POST["cd_sale"]));
//		$cd_tender = trim(avoid_crack($_POST["cd_tender"]));
		$ds_status_contract = trim(avoid_crack($_POST["ds_status_contract"]));
		$nm_price_final = trim(avoid_crack($_POST["nm_price_final"]));
		$nm_contract_cont_final = trim(avoid_crack($_POST["nm_contract_cont_final"]));
		$nm_contract_fail_reason = trim(avoid_crack($_POST["nm_contract_fail_reason"]));
		$ds_status_contract_step3 = "Y";

		if (is_uploaded_file($_FILES['nm_file_chk1']['tmp_name'])) {
			if($_FILES['nm_file_chk1']['size'] > 0 ){
				$upload_file_name_chk1 = upload($_FILES['nm_file_chk1'],$upload_path."contract_step/".$cd_sale."_detail", 800, array('gif',  'jpeg', 'jpg','png','bmp' ,'ttif'));
				if($upload_file_name_chk1==false){
					AlertBack("첨부파일 업로드 실패 하였습니다.");
					die();
				}
			}
		}

		if (is_uploaded_file($_FILES['nm_file_chk2']['tmp_name'])) {
			if($_FILES['nm_file_chk2']['size'] > 0 ){
				$upload_file_name_chk2 = upload($_FILES['nm_file_chk2'],$upload_path."contract_step/".$cd_sale."_detail", 800, array('gif',  'jpeg', 'jpg','png','bmp' ,'ttif'));
				if($upload_file_name_chk2==false){
					AlertBack("첨부파일 업로드 실패 하였습니다.");
					die();
				}
			}
		}

		if (is_uploaded_file($_FILES['nm_file_chk3']['tmp_name'])) {
			if($_FILES['nm_file_chk3']['size'] > 0 ){
				$upload_file_name_chk3 = upload($_FILES['nm_file_chk3'],$upload_path."contract_step/".$cd_sale."_detail", 800, array('gif',  'jpeg', 'jpg','png','bmp' ,'ttif'));
				if($upload_file_name_chk3==false){
					AlertBack("첨부파일 업로드 실패 하였습니다.");
					die();
				}
			}
		}

		if (is_uploaded_file($_FILES['nm_file_chk4']['tmp_name'])) {
			if($_FILES['nm_file_chk4']['size'] > 0 ){
				$upload_file_name_chk4 = upload($_FILES['nm_file_chk4'],$upload_path."contract_step/".$cd_sale."_detail", 800, array('gif',  'jpeg', 'jpg','png','bmp' ,'ttif'));
				if($upload_file_name_chk4==false){
					AlertBack("첨부파일 업로드 실패 하였습니다.");
					die();
				}
			}
		}

		if (is_uploaded_file($_FILES['nm_file_chk5']['tmp_name'])) {
			if($_FILES['nm_file_chk5']['size'] > 0 ){
				$upload_file_name_chk5 = upload($_FILES['nm_file_chk5'],$upload_path."contract_step/".$cd_sale."_detail", 800, array('gif',  'jpeg', 'jpg','png','bmp' ,'ttif'));
				if($upload_file_name_chk5==false){
					AlertBack("첨부파일 업로드 실패 하였습니다.");
					die();
				}
			}
		}

		$sql="update sale_master
				set
					ds_status_contract_step3 = '$ds_status_contract_step3'
					, ds_status_contract = '$ds_status_contract'
					, nm_price_final = '$nm_price_final'
					, nm_contract_cont_final = '$nm_contract_cont_final'
					, nm_contract_fail_reason = '$nm_contract_fail_reason'
					, nm_file_chk1 = case when '$upload_file_name_chk1' = '' then nm_file_chk1 else '$upload_file_name_chk1' end
					, nm_file_chk2 = case when '$upload_file_name_chk2' = '' then nm_file_chk2 else '$upload_file_name_chk2' end
					, nm_file_chk3 = case when '$upload_file_name_chk3' = '' then nm_file_chk3 else '$upload_file_name_chk3' end
					, nm_file_chk4 = case when '$upload_file_name_chk4' = '' then nm_file_chk4 else '$upload_file_name_chk4' end
					, nm_file_chk5 = case when '$upload_file_name_chk5' = '' then nm_file_chk5 else '$upload_file_name_chk5' end
					, dt_update = now()
					, nm_update = '$cd_userid'
				WHERE  cd_sale = $cd_sale";
//echo $sql;
//exit;
		$result  = $dbCon->query($sql);

		if ($result) {
			AlertRedirect("등록 되었습니다.","dealer_tender_view2.php?cd_sale=$cd_sale");
		}else{
			AlertRedirect("등록 실패하였습니다.","dealer_tender_view2.php?cd_sale=$cd_sale");
		}
	break;

	//Contract Step 4
	case "ContractStep4" :

		$cd_sale = trim(avoid_crack($_POST["cd_sale"]));
//		$cd_tender = trim(avoid_crack($_POST["cd_tender"]));
		$ds_status_contract_step4 = "Y";

		if (is_uploaded_file($_FILES['nm_file_trading']['tmp_name'])) {
			if($_FILES['nm_file_trading']['size'] > 0 ){
				$upload_file_name_trading = upload($_FILES['nm_file_trading'],$upload_path."contract_step/".$cd_sale."_detail", 800, array('gif',  'jpeg', 'jpg','png','bmp' ,'ttif'));
				if($upload_file_name_trading==false){
					AlertBack("첨부파일 업로드 실패 하였습니다.");
					die();
				}
			}
		}

		if (is_uploaded_file($_FILES['nm_file_performance']['tmp_name'])) {
			if($_FILES['nm_file_performance']['size'] > 0 ){
				$upload_file_name_performance = upload($_FILES['nm_file_performance'],$upload_path."contract_step/".$cd_sale."_detail", 800, array('gif',  'jpeg', 'jpg','png','bmp' ,'ttif'));
				if($upload_file_name_performance==false){
					AlertBack("첨부파일 업로드 실패 하였습니다.");
					die();
				}
			}
		}

		if (is_uploaded_file($_FILES['nm_file_postscript']['tmp_name'])) {
			if($_FILES['nm_file_postscript']['size'] > 0 ){
				$upload_file_name_postscript = upload($_FILES['nm_file_postscript'],$upload_path."contract_step/".$cd_sale."_detail", 800, array('gif',  'jpeg', 'jpg','png','bmp' ,'ttif'));
				if($upload_file_name_postscript==false){
					AlertBack("첨부파일 업로드 실패 하였습니다.");
					die();
				}
			}
		}


		$sql="update sale_master
				set
					ds_status_contract_step4 = '$ds_status_contract_step4'
					, nm_file_trading = case when '$upload_file_name_trading' = '' then nm_file_trading else '$upload_file_name_trading' end
					, nm_file_performance = case when '$upload_file_name_performance' = '' then nm_file_performance else '$upload_file_name_performance' end
					, nm_file_postscript = case when '$upload_file_name_postscript' = '' then nm_file_postscript else '$upload_file_name_postscript' end
					, ds_status = case when ds_status_contract = 'Z0' and ds_status_contract_step1 = 'Y' and ds_status_contract_step2 = 'Y' and ds_status_contract_step3 = 'Y' and ds_status_contract_step4 = 'Y' then 'ZS' else ds_status end
					, dt_update = now()
					, nm_update = '$cd_userid'
				WHERE  cd_sale = $cd_sale";

		$result  = $dbCon->query($sql);

		if ($result) {
			AlertRedirect("등록 되었습니다.","dealer_tender_view2.php?cd_sale=$cd_sale");
		}else{
			AlertRedirect("등록 실패하였습니다.","dealer_tender_view2.php?cd_sale=$cd_sale");
		}
	break;

	//후기쓰기
	case "WritePostscript" :

		$cd_sale = trim(avoid_crack($_POST["cd_sale"]));
		$nm_score_postscript = trim(avoid_crack($_POST["nm_score_postscript"]));
		$nm_cont_postscript = trim(avoid_crack($_POST["nm_cont_postscript"]));

		$sql="update sale_master
				set
					nm_score_postscript = '$nm_score_postscript'
					, nm_cont_postscript = '$nm_cont_postscript'
					, dt_update = now()
					, nm_update = '$cd_userid'
				WHERE  cd_sale = $cd_sale";

		$result  = $dbCon->query($sql);

		if ($result) {
			AlertRedirect("등록 되었습니다.","sell_view2.php?cd_sale=$cd_sale");
		}else{
			AlertRedirect("등록 실패하였습니다.","sell_view2.php?cd_sale=$cd_sale");
		}
	break;

	//후기쓰기	Nomember
	case "WritePostscriptNomember" :

		$cd_sale = trim(avoid_crack($_POST["cd_sale"]));
		$nm_score_postscript = trim(avoid_crack($_POST["nm_score_postscript"]));
		$nm_cont_postscript = trim(avoid_crack($_POST["nm_cont_postscript"]));

		$nm_name = trim(avoid_crack($_POST["nm_name"]));
		$nm_hp = trim(avoid_crack($_POST["nm_hp"]));
		$nm_number = trim(avoid_crack($_POST["nm_number"]));

		$sql="update sale_master
				set
					nm_score_postscript = '$nm_score_postscript'
					, nm_cont_postscript = '$nm_cont_postscript'
					, dt_update = now()
					, nm_update = '$cd_userid'
				WHERE  cd_sale = $cd_sale";

		$result  = $dbCon->query($sql);

		if ($result) {
			AlertRedirect("등록 성공하였습니다.","/sell/sell_view_nomember.php?nm_name=$nm_name&nm_hp=$nm_hp&nm_number=$nm_number&ds_status_sale=Z0&ds_status=Z0");

		 }else{
			AlertRedirect("등록 실패하였습니다.","/sell/sell_view_nomember.php?nm_name=$nm_name&nm_hp=$nm_hp&nm_number=$nm_number&ds_status_sale=Z0&ds_status=Z0");
		 }
	break;

	//Contract Step Error
	case "ContractStepError" :

		$cd_sale = trim(avoid_crack($_POST["cd_sale"]));
//		$cd_tender = trim(avoid_crack($_POST["cd_tender"]));
		$nm_cont_tender_error = trim(avoid_crack($_POST["nm_cont_tender_error"]));
		$ds_status_contract_step1 = "N";

		$sql="update sale_master
				set
					ds_status = 'ZE'
					, ds_status_contract_step1 = '$ds_status_contract_step1'
					, nm_cont_tender_error = '$nm_cont_tender_error'
					, dt_update = now()
					, nm_update = '$cd_userid'
				WHERE  cd_sale = $cd_sale";

		$result  = $dbCon->query($sql);

		if ($result) {
			AlertRedirect("등록 되었습니다.","dealer_tender_view2.php?cd_sale=$cd_sale");
		}else{
			AlertRedirect("등록 실패하였습니다.","dealer_tender_view2.php?cd_sale=$cd_sale");
		}
	break;

	//삭제하기
	case "Delete" :

		$_fields = Array(
					"ds_delind"=>"Y",
					"dt_update" => now(),
					"nm_update" => $cd_procid
				);

		$result  = $dbCon->updateDAO($_fields,$table_name,"cd_dealer='".$cd_dealer."'");


		if ($result) {

			AlertRedirect("삭제 되었습니다.","list.php?PageNo=$PageNo");

		 }else{
			AlertRedirect("삭제 실패하였습니다.","list.php?PageNo=$PageNo");
		 }
	break;

	case "IdChk":

		$_whereis = "  cd_dealerid = '". $cd_dealerid . "'";

		$cnt = $dbCon->getOneDAO("count(*)",$table_name, $_whereis, 1);
		if($cnt==0) {
			echo("Y");
			exit;
		} else {
			echo("N");
			exit;
		}
	break;

	case "IdSearch":

		$_whereis = " ds_delind='N' And nm_name = '". $nm_name . "' AND nm_email = '". $nm_email . "'";

		$userid = $dbCon->getOneDAO("cd_dealerid",$table_name, $_whereis, 1);
		if($userid) {
			echo($userid);
			exit;
		} else {
			echo("");
			exit;
		}
	break;

	case "PwSearch":

		$_whereis = " ds_delind='N' And cd_dealerid = '".$cd_dealerid."' And nm_name = '". $nm_name . "' AND nm_email = '". $nm_email . "'";

		$userid = $dbCon->getOneDAO("cd_dealer",$table_name, $_whereis, 1);
		if($userid) {
			$new_passwd = generatePassword(8);

			$sqlPwd="UPDATE dealer_master set nm_pass = password('".$new_passwd."')  where cd_dealer = '".$userid."'";
			$result  = $dbCon->query($sqlPwd);

			echo($new_passwd);
			exit;
		} else {
			echo("");
			exit;
		}
	break;

	default :
		AlertBack("지정되지않은 요청입니다");
	break;
}
mysql_close($connect);
?>