[摘要]##################### # func.php ######### #################### <?php require("config.inc.php"); ##### 检查用户是否存在 ##### function is_user_e...
#####################
# func.php #########
####################
<?php
require("config.inc.php");
##### 检查用户是否存在 #####
function is_user_exits($name) {
$name=trim($name);
$name=ereg_replace("'","‘",$name);
$name=htmlspecialchars($name);
$SQL="SELECT name FROM user WHERE name='$name'";
$result=mysql_query($SQL) or die(mysql_error());
$row=mysql_fetch_Array($result);
$name=$row[name];
return $name;
}
##### 检查版面是否存在 #####
function is_board_exits($baord){
$sql="select name from boardinfo where name='$baord'";
$result=mysql_query($sql) or die("出现错误");
$row=mysql_fetch_array($result);
$name=$row[name];
return $name;
}
##### 添加新用户 Function #####
function adduser(){
global $name,$sex,$realname,$password,$address,$oicq,$homepage,$phone,$email,$qm,$regtime;
$name=trim($name);
$name=ereg_replace("'","‘",$name);
$password=trim($password);
$name=htmlspecialchars($name);
$realname=htmlspecialchars($realname);
$address=htmlspecialchars($address);
$oicq=htmlspecialchars($oicq);
$homepage=htmlspecialchars($homepage);
$phone=htmlspecialchars($phone);
$email=htmlspecialchars($email);
$qm=htmlencode2($qm);
$regtime=date("Y-m-d H:i:s");
$sql="insert into user (name,sex,realname,password,address,oicq,homepage,score,phone,email,qm,regtime,slaveboard) values('$name','$sex','$realname','$password','$address','$oicq','$homepage','0','$phone','$email','$qm','$regtime','')";
mysql_query($sql) or die(mysql_error());
}
##### URL 重定向 ######
function redirect2($url){
header("Location:$url");
}
##### 创建版面 ######
function create_board_table($name,$chinesename){
$name=trim("$name");
$sql="CREATE TABLE $name(id int(11) NOT NULL AUTO_INCREMENT,title varchar(50) NOT NULL,writer varchar(50) NOT NULL,cont longtext, size int,writetime varchar(20) NOT NULL,hits int(4) DEFAULT '0',good varchar(1),renum int(4) DEFAULT '0',slaveid int(11) DEFAULT '0',fromip varchar(15),PRIMARY KEY (id))";
mysql_query($sql);
$sql="insert into boardinfo (name,chinesename) values('$name','$chinesename')";
mysql_query($sql);
}
###### 删除版面 ######
function drop_board_table($name){
$sql="drop table $name";
mysql_query($sql);
$sql="delete from boardinfo where name='$name'";
mysql_query($sql);
}
######## 修改版面 ###
function update_board($name,$chinesename) {
$sql="update boardinfo set name='$name',chinesename='$chinesename' where name='$name'";
mysql_query($sql);
}
##### 添加文章 ######
function add_doc($board){
global $title,$name,$cont,$writer,$fromip,$writetime,$qm,$new_topic_score;
$title=trim($title);
$title=substr($title,0,49);
$size=strlen($cont);
$cont=htmlencode2($cont);
$cont=$cont."<br>"."-------<br>".$qm;
$writetime=date("Y-m-d H:i:s");
$fromip=getenv("remote_addr");
$name=htmlspecialchars($name);
$writer=$name;
$sql="insert into $board (title,writer,cont,size,writetime,fromip) values('$title','$name','$cont','$size','$writetime','$fromip')";
mysql_query($sql);
add_score($writer,$new_topic_score);
}
##### 回复文章 #####
function re_doc($board,$slaveid){
global $title,$name,$cont,$writer,$fromip,$writetime,$qm,$re_topic_score;
$title=trim($title);
$title=substr($title,0,49);
$size=strlen($cont);
$cont=htmlencode2($cont);
$cont=$cont."<br>"."-------<br>".$qm;
$writetime=date("Y-m-d H:i:s");
$name=htmlspecialchars($name);
$writer=$name;
$fromip=getenv("remote_addr");
$sql="insert into $board (title,writer,cont,size,writetime,slaveid,fromip) values('$title','$writer','$cont','$size','$writetime','$slaveid','$fromip')";
mysql_query($sql);
$sql="update $board set renum=renum+1 where id=$slaveid";
mysql_query($sql);
add_score($writer,$re_topic_score);
}
##### 删除文章 ####
function del_doc($board,$id){
global $remove_score;
$sql="select * from $board where id=$id";
$sql_result=mysql_query($sql);
$sql_row=mysql_fetch_array($sql_result);
$writer=$sql_row[writer];
remove_score($writer,$remove_score);
$slaveid=$sql_row[slaveid];
$sql="select * from $board where id=$slaveid";
$sql_result=mysql_query($sql);
$sql_row=mysql_fetch_array($sql_result);
if ($sql_row[renum]>0){
$sql="update $board set renum=renum-1 where id=$slaveid";
mysql_query($sql);
}
$sql="delete from $board where id=$id";
mysql_query($sql);
$sql="delete from $board where slaveid=$id";
mysql_query($sql);
}
#### 转换 html 特殊字符和 <br> #####
function htmlencode2($str){
$str=htmlspecialchars($str);
$str=nl2br($str);
return $str;
}
##### 增加一个 hit ####
function add_one_hit($board,$id){
$sql="update $board set hits=hits+1 where id=$id";
mysql_query($sql);
}
##### 检查用户密码 ####
function check_user_password($name,$password){
$name=trim($name);
$name=ereg_replace("'","‘",$name);
$name=htmlspecialchars($name);
$password=trim($password);
$sql="select password from user where name='$name'";
$sql_result=mysql_query($sql);
$sql_row=mysql_fetch_array($sql_result);
if($password<>$sql_row[password]){
$result=0;
}
else{
$result=1;
setcookie ("jl_forum[name]",$name);
setcookie ("jl_forum[password]",$password);
}
return $result;
}
##### 检查管理员密码 ####
function check_admin_password(){
$sql="select * from user where name='$jl_forum[name]'";
$sql_result=mysql_query($sql);
$sql_row=mysql_fetch_array($sql_result);
if ($jl_forum[password]==$sql_row[password]){
$result=1;
}
else {
$result=0;
}
if ($sql_row[slaveboard]==$jl_forum[board]){
$result=1;
}
else {
$result=0;
}
return $result;
}
##### 修改个人资料 ####
function change_profile($name){
global $sex,$realname,$password,$address,$oicq,$homepage,$phone,$email,$qm;
$name=trim($name);
$name=htmlspecialchars($name);
$realname=htmlspecialchars($realname);
$address=htmlspecialchars($address);
$oicq=htmlspecialchars($oicq);
$homepage=htmlspecialchars($homepage);
$phone=htmlspecialchars($phone);
$email=htmlspecialchars($email);
$qm=htmlencode2($qm);
$sql="update user set sex='$sex',realname='$realname',password='$password',address='$address',oicq='$oicq',homepage='$homepage',phone='$phone',email='$email',qm='$qm' where name='$name'";
mysql_query($sql);
}
##### 显示错误 ####
function show_error($id){
redirect2("wrong.php?id=$id");
}
##### 增加版主 ####
function add_admin($board,$name){
$name=trim($name);
$sql="update user set slaveboard='$board' where name='$name'";
mysql_query($sql);
}
##### 删除版主 #####
function del_admin($name){
$name=trim($name);
$name=htmlspecialchars($name);
$sql="update user set slaveboard='' where name='$name'";
mysql_query($sql);
}
##### 贴子转精华 ####
function set_good($board,$id){
$sql="update $board set good='y' where id=$id";
mysql_query($sql);
}
##### 转出精华 ###
function set_no_good($board,$id){
$sql="update $board set good='' where id=$id";
mysql_query($sql);
}
##### 导出签名 #####
function expl_qm($name){
$name=htmlspecialchars($name);
$sql="select qm from user where name='$name'";
$sql_result=mysql_query($sql);
$sql_row=mysql_fetch_array($sql_result);
$qm=$sql_row[qm];
return $qm;
}
##### 管理员 #####
function adminok() {
if ($jl_admin[name]==$admin_name and $jl_admin[password]==$admin_password) {
return 1;
}
else {
return 0;
}
}
##### 增加积分 #####
function add_score($name,$num) {
$name=htmlspecialchars($name);
$sql="update user set score=score+$num where name='$name'";
mysql_query($sql);
}
##### 减少积分 ####
function remove_score($name,$num) {
$name=htmlspecialchars($name);
$sql="update user set score=score-$num where name='$name'";
mysql_query($sql);
}
#### 发送留言 ####
function sendmsg() {
global $fromname,$name,$cont;
$name=htmlspecialchars($name);
$fromname=htmlspecialchars($fromname);
$cont=htmlencode2($cont);
$wt=date("Y-m-d H:i:s");
$sql="insert into message (name,fromname,cont,writetime) values ('$name','$fromname','$cont','$wt')";
mysql_query($sql);
}
#### 删除留言 ####
function delmsg($id) {
$sql="delete from message where id=$id";
mysql_query($sql);
}
### 留言是否属于这个人 #####
function is_this_user($id) {
$sql="select name from message where id=$id";
$sql_result=mysql_query($sql);
$sql_row=mysql_fetch_row($sql_result);
if ($sql_row[name]==$jl_forum[name]) {
return 1;
}
else {
return 0;
}
}
?>
##########################
# good.php ##########
########################
<?php
require("func.php");
$sql="select * from boardinfo";
$sql_result=mysql_query($sql);
?>
<html>
<head>
<title>main</title>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<link rel="stylesheet" type="text/css" href="css/page.css">
</head>
<body bgcolor="#FFFFFF" background="image/bg.gif">
<table width="90%" border="1" cellspacing="0" cellpadding="0" align="center" bordercolorlight="#FFCC99" bordercolordark="#FFCC99">
<tr bgcolor="#CCFF99">
<td>
<div align="center"><b>论坛精华区</b></div>
</td>
</tr>
<tr align="center">
<td>
<form method="post" action="good_list.php">
<select name="board">
<option selected>请选择版面</option>
<?php
while($sql_row=mysql_fetch_array($sql_result)){
?>
<option value="<?php echo $sql_row[name];?>"><?php echo $sql_row[chinesename];?></option>
<?php
}
?>
</select>
<br>
<input type="submit" name="Submit" value="进入">
</form>
</td>
</tr>
<tr bgcolor="#CCFF99">
<td>
<div align="center"><b>论坛信息</b></div>
</td>
</tr>
<tr>
<td>
<?php include "info.php";?>
</td>
</tr>
</table>
</body>
</html>
###########################
# good_list.php ###########
###########################
<?php
require("func.php");
if(!is_board_exits($board)){
$board="computer";
}
$sql="select * from boardinfo where name='$board'";
$sql_result=mysql_query($sql);
$sql_row=mysql_fetch_array($sql_result);
$chinesename=$sql_row[chinesename];
setcookie ("jl_forum[chinesename]",$chinesename);
$sql="select name from user where slaveboard='$board'";
$sql_result=mysql_query($sql);
?>
<html>
<head>
<title>List</title>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<link rel="stylesheet" type="text/css" href="css/index.css">
<script language="javascript">
function openwin(board,id){ window.open("good_read.php?board="+board+"&id="+id,"","height=460,width=600,resizable=yes,scrollbars=yes,status=no,toolbar=no,menubar=no,location=no");
}
function post(board){ window.open("post.php?board="+board,"","height=500,width=600,resizable=yes,scrollbars=yes,status=no,toolbar=no,menubar=no,location=no");
}
</script>
</head>
<body bgcolor="#FFFFFF" background="image/bg.gif">
<?php include "header.php";?> <br>
<table width="100%" border="1" cellspacing="0" cellpadding="0" bordercolorlight="#000000" bordercolordark="#FFFFFF">
<tr>
<td height="20" width="22%" bgcolor="#eeeeee">版面:<?php
echo $chinesename;
?>精华区</td>
<td height="20" width="34%" bgcolor="#eeeeee">版主:<?php
while ($sql_row=mysql_fetch_array($sql_result))
{
echo "$sql_row[name]"." ";
}
# 选择出留言纪录;
$sql="select * from $board where good='y'";
$temp=mysql_query($sql);
$sum=mysql_num_rows($temp);
$totalpage=ceil($sum/$pagesize);
if ($sum==0) {
$totalpage=1;
}
# 分页
if($page<1 or empty($page)){
$page=1;
}
elseif ($page>$totalpage){
$page=$totalpage;
}
$offset=($page-1)*$pagesize;
$sql="select * from $board where good='y' order by id desc limit $offset,$pagesize";
$sql_result=mysql_query($sql);
?> </td>
<td height="20" width="15%" bgcolor="#eeeeee">共有<?php echo $sum; ?>篇</td>
<td height="20" width="12%"><a href='
javascript:post("<?php echo $board;?>")'><img src=http://www.okasp.com/techinfo/"image/newtopic.jpg" width="92" height="21" border="0" alt="发新贴子"></a></td>
<td height="20" align="center" width="17%"><a href="<?php echo "$php_self?board=$board&page=$page";?>">刷新浏览</a></td>
</tr>
</table>
<br>
<table width="100%" border="1" cellspacing="0" cellpadding="1" bordercolorlight="#CCCCCC" bordercolordark="#FFFFFF">
<tr bgcolor="#995100" align="center">
<td width="6%"><font color="#FFFFFF">回应</font></td>
<td width="67%" bgcolor="#995100"><font color="#FFFFFF">主 题</font></td>
<td width="20%"><font color="#FFFFFF">时 间</font></td>
<td width="7%"><font color="#FFFFFF">人气</font></td>
</tr>
<tr bgcolor="#FFCC99">
<td colspan="5" height="2"> </td>
</tr>
<?php
while ($sql_row=mysql_fetch_array($sql_result))
{
echo"<tr>";
echo"<td width="6%" bgcolor="#FFF5DD" align="center">";
echo "[*]";
echo"</td>";
echo"<td bgcolor="#E8FDEE" width="56%"><font face="宋体"><a href='
javascript:openwin("$board",$sql_row[id])' title="作者:$sql_row[writer] 大小:$sql_row[size]字节">$sql_row[title]</a></font></td>";
echo"<td width="18%" bgcolor="#FFF5DD" align="center">$sql_row[writetime]</td>";
echo"<td width="6%" bgcolor="#E8FDEE" align="center">$sql_row[hits]</td>";
echo"</tr>";
}
?>
<tr bgcolor="#FFCC99">
<td colspan="5" align="center" height="2"> </td>
</tr>
</table>
<div align="right">
<form method="post" action="<?php echo $php_self;?>">
共<b><?php echo $totalpage;?></b>页 第<b><?php echo $page;?></b>页·<?php
if ($page!=1){
$back=$page-1;
echo"<a href="$php_self?board=$board&page=1">首页</a> <a href="$php_self?board=$board&page=$back">上一页</a>";
}
if ($page==1){
echo"首页 上一页";
}
if($page!=$totalpage){
$next=$page+1;
echo" <a href="$php_self?board=$board&page=$next">下一页</a> <a href="$php_self?board=$board&page=$totalpage">尾页</a>";
}
if($page==$totalpage){
echo" 下一页 尾页";
}
?>·
<input type="submit" name="goto" value="转到">
<input type="text" name="page" size="2">
页
</form>
</div>
<?php include "footer.php";?>
</body>
</html>
############################
### good_read.php ######
######################3
<?php
require ("func.php");
if ($re){
if (!is_board_exits($board)){
show_error(7);
$founderr=1;
}
$sql="select slaveid from $board where id=$id";
$sql_result=mysql_query($sql);
$sql_row=mysql_fetch_array($sql_result);
if($sql_row[slaveid]!=0){
show_error(1);
$founderr=1;
}
if (!check_user_password($name,$password)){
show_error(4);
$founderr=1;
}
if (strlen($title)>50){
show_error(6);
$founderr=1;
}
if (empty($title)){
show_error(2);
$founderr=1;
}
if ($qm){
$qm=expl_qm($name);
}
if(!$founderr){
re_doc($board,$id);
$sql="select * from $board where id=$id";
$sql_result=mysql_query($sql);
$sql_row=mysql_fetch_array($sql_result);
$title=$sql_row[title];
$writer=$sql_row[writer];
$cont=$sql_row[cont];
$writetime=$sql_row[writetime];
$hits=$sql_row[$hits];
$fromip=$sql_row[fromip];
$sql="select * from $board where slaveid=$id";
$sql_result=mysql_query($sql);
# $sql_row=mysql_fetch_array($sql_result);
}
}
elseif ($add){
if (!is_board_exits($board)){
show_error(7);
$founderr=1;
}
if (empty($title)){
show_error(2);
$founderr=1;
}
if (!check_user_password($name,$password)){
show_error(4);
$founderr=1;
}
if (strlen($title)>50){
show_error(6);
$founderr=1;
}
if ($qm){
$qm=expl_qm($name);
$founderr=1;
}
if (!$founderr){
add_doc($board);
}
}
else {
if (!is_board_exits){
show_error(7);
}
add_one_hit($board,$id);
$sql="select * from $board where id=$id";
$sql_result=mysql_query($sql);
$sql_row=mysql_fetch_array($sql_result);
$title=$sql_row[title];
$writer=$sql_row[writer];
$cont=$sql_row[cont];
$writetime=$sql_row[writetime];
$hits=$sql_row[$hits];
$fromip=$sql_row[fromip];
$sql="select * from $board where slaveid=$id order by id desc";
$sql_result=mysql_query($sql);
# $sql_row=mysql_fetch_array($sql_result);
}
?>
<html>
<head>
<title><?php echo $title;?></title>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<link rel="stylesheet" type="text/css" href="css/index.css">
<script language="javascript">
function sendmsg(name){ window.open("sendmsg.php?name="+name,"","height=200,width=500,resizable=yes,scrollbars=yes,status=no,toolbar=no,menubar=no,location=no");
}
</script>
</head>
<body bgcolor="#666699">
<?php include "ad.php";?><br>
<hr noshade width="98%" size="1">
<table width="98%" border="1" cellspacing="0" cellpadding="2" align="center" bordercolorlight="#CCCCCC" bordercolordark="#FFFFFF">
<tr bgcolor="#666666">
<td><font color="#FFcc00"><b>标题:<?php echo $title;?></b></font></td>
</tr>
<tr>
<td bgcolor="#eeeeee">作者:<?php echo "$writer";?>(<?php echo $writetime;?>) <a href="
javascript:sendmsg('<?php echo "$writer";?>')"><img src=http://www.okasp.com/techinfo/"image/icon1.gif" width="18" height="17" alt="给作者留言" border="0"></a> <a href="userinfo.php?name=<?php echo $writer;?>"><img src=http://www.okasp.com/techinfo/"image/profile.gif" width="16" height="16" alt="察看用户资料" border="0"></a></td>
</tr>
<tr>
<td bgcolor="#ffffef"><?php echo $cont;?></td>
</tr>
<tr bgcolor="#e8eee0">
<td>※ 来源:<?php echo $jl_forum[chinesename];?> [◆FROM:<?php echo $fromip;?>]</td>
</tr>
</table>
<br>
<?php include"footer.php";?><br>
</body>
</html>
……