21,886
社区成员
发帖
与我相关
我的任务
分享
<?php
//常规参数设置
$servername="localhost"; //主机名
$sqlservername="root"; //mysql数据库用户名
$sqlserverpws="lmy"; //mysql数据库密码
$sqlname="lmy"; //数据库名
$sqltable="user"; //username表名
$sqltable2="message";
$admin_name="lmy"; //管理员用户名
$admin_pws="lmy"; //管理员密码
?>
<?php
session_start(); //一定要的
if($_SESSION["name"]==""){
echo "<script>location.href='index.php';</script>";
exit;
}
//上面的要验证过滤的
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<title>给管理员发信</title>
</head>
<body><center>
<form name="form1" method="post" action="message_cl.php"><table width="68%" height="304" border="0" cellpadding="0" cellspacing="1" bgcolor="#000000">
<tr align="center" bgcolor="#CCCCCC">
<td colspan="2">发信(message.php)||<a href="index.php">返回</a></td>
</tr>
<tr bgcolor="#CCCCCC">
<td align="right">收件人:</td>
<td align="left"><input name="r_name" type="text" id="r_name"></td>
</tr>
<tr bgcolor="#CCCCCC">
<td align="right">消息内容:</td>
<td align="left"><input name="content" type="text" id="content" size="40"></td>
</tr>
<tr align="center" bgcolor="#CCCCCC">
<td colspan="2"><input type="submit" name="Submit" value="发送">
<input type="reset" name="Submit" value="重置"></td>
</tr>
</table>
</form>
</center>
</body>
</html>
<?php
session_start(); //一定要的
if($_SESSION["name"]==""){
echo "<script>location.href='index.php';</script>";
exit;
$_SESSION["name"]=$row[user_name];
//这里是SESSION来验证用户的合法性
}
include("config.php"); //参数页面提取过来
if(empty($_POST["r_name"])){
echo ("<script type='text/javascript'> alert('请填写收件人!');history.go(-1);</script>");
exit;
}
if(empty($_POST["content"])){
echo ("<script type='text/javascript'> alert('请填写消息内容!');history.go(-1);</script>");
exit;
}
$s_name=$_SESSION["name"];
$r_names=$_POST["r_name"];
$content=$_POST["content"];
$add_time=date("Y-m-d");
$is_open="no";
$db=mysql_connect($servername,$sqlservername,$sqlserverpws);
mysql_select_db($sqlname,$db) ;
$sql="select * from $sqltable where user_name='$s_name'";
$result=mysql_fetch_row(mysql_query($sql));
if(!$result){
echo ("<script type='text/javascript'> alert('无效的收件人!');history.go(-1);</script>");
}
else{
$sql="insert into $sqltable2(s_name,r_name,content,add_time,is_open) values('$s_name','$r_name','$content','$add_time','$is_open') ";
mysql_query($sql);
echo ("<script type='text/javascript'> alert('发送成功');location.href='index.php';</script>");
}
?>