21,887
社区成员
发帖
与我相关
我的任务
分享
<?php
$host='localhost'; //数据库地址
$database='guestbook'; //数据库名称
$user='root'; //数据库帐户
$pass='root'; //数据库密码
$path='guestbook'; //系统安装目录
?>
<?php
include_once("config.php");
$conn=mysql_connect($host,$user,$pass);
mysql_query("set names 'gb2312'");//这就是指定数据库字符集,一般放在连接数据库后面就系了
if(!$conn)
{
die('数据库连接失败:'.mysql_error());
}
mysql_select_db($database);
$sql="select * from guestbook_info where id=1";
$result=mysql_query($sql);
while($rs =mysql_fetch_array($result))
{
$lysh=(int)$rs["sh"];
$gg=$rs["gg"];
$title=$rs["title"];
$copyright=$rs["copyright"];
}
function msubstr($str, $start, $len) {
$tmpstr = "";
$strlen = $start + $len;
for($i = 0; $i < $strlen; $i++) {
if(ord(substr($str, $i, 1)) > 0xa0) {
$tmpstr .= substr($str, $i, 2);
$i++;
} else
$tmpstr .= substr($str, $i, 1);
}
return $tmpstr;
}
function htmlgl($str)
{
$str = preg_replace( "@<script(.*?)</script>@is", "", $str );
$str = preg_replace( "@<iframe(.*?)</iframe>@is", "", $str );
$str = preg_replace( "@<style(.*?)</style>@is", "", $str );
$str = preg_replace( "@<(.*?)>@is", "", $str );
return $str;
}
function safegl($str)
{
$str=trim($str);
$str=str_replace(",","",$str);
$str=str_replace("'","",$str);
$str=str_replace("%","",$str);
$str=str_replace("<","",$str);
$str=str_replace("?","",$str);
return $str;
}
define("version","V2010.1");
?>
<?php
if(!file_exists("install.ok"))
{
Header("Location:install.php");
}
include_once("conn.php");
?>
<div id="test1-header" class="accordion_headings" >查看留言</div>
<!--Heading of the accordion ( clicked to show n hide ) -->
<!--Prefix of heading (the DIV above this) and content (the DIV below this) to be same... eg. foo-header & foo-content-->
<div id="test1-content">
<!--DIV which show/hide on click of header-->
<!--This DIV is for inline styling like padding...-->
<div class="accordion_child">
<?php
if(isset($_GET['page']))
{
$page=$_GET['page'];
}
else
{
$page=1;
}
$pagesize=5;
function csdy($table,$pagesize,$dyym,$lysh)
{
if(isset($_GET['page']))
{
$page=$_GET['page'];
}
else
{
$page=1;
}
if($lysh==1)
{
$sql="select * from ".$table." where sh=1";
}
else
{
$sql="select * from ".$table;
}
$result=mysql_query($sql);
$num=mysql_num_rows($result);
if($num)
{
if($num<$pagesiz)
{
$pagecount=1;
}
if($num%$pagesize)
{
$pagecount=(int)($num/$pagesize)+1;
}
else
{
$pagecount=($num/$pagesize);
}
}
else
{
$pagecount=0;
}
$fypage="共有".$num."条留言 ";
$fypage.=" 当前:第".$page."/共".$pagecount."页 " ;
if($page==1)
{
$fypage.=' 首页 | 上一页 |';
}
else
{
$fypage.='<a href='.$dyym.'?page=1>首页</a> | <a href='.$dyym.'?page='.($page-1).'>上一页</a> |';
}
if($page==$pagecount||$pagecount==0)
{
$fypage.=' 下一页 | 尾页 ';
}
else
{
$fypage.=' <a href='.$dyym.'?page='.($page+1).'> 下一页</a> | <a href='.$dyym.'?page='.$pagecount.'>尾页</a> ';
}
$fypage.='转到:<select name="select" onchange="javascript:window.location.href=this.options[this.selectedIndex].value">';
$a=1;
while($a<=$pagecount)
{
if($a==$page)
{
$fypage.="<option selected value=".$dyym."?page=".$a.">第".$a."页</option>";
}
else
{
$fypage.="<option value=".$dyym."?page=".$a.">第".$a."页</option>";
}
$a=$a+1;
}
$fypage.="</select>";
echo $fypage;
}
if($lysh==1)
{
$sql='select * from guestbook where sh=1 order by id desc limit '.($page-1)*$pagesize.','.$pagesize;
}
else
{
$sql='select * from guestbook order by id desc limit '.($page-1)*$pagesize.','.$pagesize;
}
$result=mysql_query($sql);
$i=0;
while($rs=mysql_fetch_array($result,MYSQL_ASSOC))
{
$i=$i+1;
?>
<div class="boxline">
<div class="userinfobox"> <span>NO.<?php echo $i; ?></span> <span><img alt="<?php echo htmlspecialchars($rs['name']);?>" src="<?php echo htmlspecialchars($rs['tx']);?>" /></span> <span class="clr"></span> <span>留言人:<?php echo htmlspecialchars($rs['name']);?></span> <span>
<?php
$ip = $rs['ip'];
$user_ip= '留言IP: '.preg_replace("/\d+$/","***",$ip);
?>
<?php echo $user_ip; ?></span> <span>联系QQ:<a target="_blank" href="http://wpa.qq.com/msgrd?V=1&Uin=<?php echo $rs['qq'] ?>&Site=重庆阿巴站长php留言本&Menu=yes"><?php echo $rs['qq'] ?></a></span> <span>Email:<a href="mailto:<?php echo $rs['email']; ?>"><?php echo $rs['email']; ?></a></span> <span>留言时间:<?php echo $rs['fbsj'];?></span> </div>
<div class="bookconcent">
<div>主题:<?php echo msubstr(htmlspecialchars($rs['title']),0,30);?></div>
<br />
<span><?php echo $rs['content'];?></span><br />
<div class="huifu">管理员回复:
<?if (empty($rs['hf']))
{echo "还没有任何回复.";}
else
{echo $rs['hf'];}
?>
</div>
</div>
<div class="clr"></div>
</div>
<?php } ?>
<div class="page">
<?php
csdy("guestbook",$pagesize,"index.php",$lysh);
?>
</div>
</div>
</div>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312" />
<title>login manage</title>
<link type="text/css" rel="stylesheet" media="all" href="images/m.css" />
</head>
<body>
<form id="form1" name="form1" method="post" action="check.php">
<div class="login">
<ul>
<li>帐户:<input type="text" name="username" /></li>
<li>密码:<input type="password" name="password" /></li>
<li>验证码:<input type="text" name="checkCode" size="10" /><img src="codes.php?act=yes" /></li>
<li><input type="submit" name="Submit" value="提交" /> <input type="reset" name="Submit2" value="重置" /> <button type="button" onClick="location.href='../';">返回首页</button></li>
</ul>
</div>
</form>
</body>
</html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312" />
<title>login manage</title>
<style type="text/css">
<!--
body{background-color:#999; font-size:12px; color:blue; text-align:center;}
-->
</style>
</head>
<body>
<?php
session_start();
include_once("../conn.php");
$err;
if(strtolower($_POST["checkCode"]) ==strtolower($_SESSION["randval"])){
unset($_SESSION['randval']);//释放session中的变量
} else{
$err="验证码输入有误!";
unset($_SESSION['randval']);
}
if(isset($_POST["username"]) && isset($_POST["password"]) && isset($_POST["checkCode"]))
{
$username=safegl($_POST["username"]);
$password=md5(safegl($_POST["password"]));
$sql = "select * from guestbook_info where username ='".$username."' and password = '".$password."'";
$result = mysql_query($sql);
if(!mysql_num_rows($result)==0)
{
$_SESSION['username'] = $username;
$_SESSION['password'] = $password;
$_SESSION['abzz.net']="abzz.net";
}
else
{
$err=$err."帐号密码有误!";
}
}
if($err){
echo '1';
echo $err;
echo "<br /><br /><br /><a href='login.html'>返回重新登陆!</a>\n</body>\n</html>";
exit;
}
else
{
echo "<script language='javascript'>";
echo "alert('登陆成功!');";
echo " location.href='index.php'; ";
echo "</script>";
}
?>
<?php
include_once("outm.php");
?>
<html>
<head>
<title>音匀至留言本系统 - 后台管理</title>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<script language="JavaScript">
window.self.focus();
</script>
</head>
<frameset cols="180,*" framespacing="0" border="0" frameborder="0">
<frame name="leftFrame" src="left.html" scrolling="yes" target="mainFrame">
<frame name="mainFrame" src="main.php" scrolling="yes">
<noframes>
<body topmargin="0" leftmargin="0">
<p>此网页使用了框架,但您的浏览器不支持框架</p>
</body>
</noframes>
</frameset>
</html>
<?php
session_start();
if($_GET["action"]=="loginout")
{
$_SESSION['abzz.net']="";
echo "<script language='javascript'>";
echo "alert('退出成功!!');";
echo " location='login.html';";
echo "</script>";
exit;
}
if($_SESSION['abzz.net']!="abzz.net")
{
echo "<script language='javascript'>";
echo "alert('请先登陆!!');";
echo " location='login.html';";
echo "</script>";
exit;
}
?>
<div id="test1-header" class="accordion_headings" >查看留言</div>
<!--Heading of the accordion ( clicked to show n hide ) -->
<!--Prefix of heading (the DIV above this) and content (the DIV below this) to be same... eg. foo-header & foo-content-->
<div id="test1-content">
<!--DIV which show/hide on click of header-->
<!--This DIV is for inline styling like padding...-->
<div class="accordion_child">
<?php
if(isset($_GET['page']))
{
$page=$_GET['page'];
}
else
{
$page=1;
}
$pagesize=5;
function csdy($table,$pagesize,$dyym,$lysh)
{
if(isset($_GET['page']))
{
$page=$_GET['page'];
}
else
{
$page=1;
}
if($lysh==1)
{
$sql="select * from ".$table." where sh=1";
}
else
{
$sql="select * from ".$table;
}
$result=mysql_query($sql);
$num=mysql_num_rows($result);
if($num)
{
if($num<$pagesiz)
{
$pagecount=1;
}
if($num%$pagesize)
{
$pagecount=(int)($num/$pagesize)+1;
}
else
{
$pagecount=($num/$pagesize);
}
}
else
{
$pagecount=0;
}
$fypage="共有".$num."条留言 ";
$fypage.=" 当前:第".$page."/共".$pagecount."页 " ;
if($page==1)
{
$fypage.=' 首页 | 上一页 |';
}
else
{
$fypage.='<a href='.$dyym.'?page=1>首页</a> | <a href='.$dyym.'?page='.($page-1).'>上一页</a> |';
}
if($page==$pagecount||$pagecount==0)
{
$fypage.=' 下一页 | 尾页 ';
}
else
{
$fypage.=' <a href='.$dyym.'?page='.($page+1).'> 下一页</a> | <a href='.$dyym.'?page='.$pagecount.'>尾页</a> ';
}
$fypage.='转到:<select name="select" onchange="javascript:window.location.href=this.options[this.selectedIndex].value">';
$a=1;
while($a<=$pagecount)
{
if($a==$page)
{
$fypage.="<option selected value=".$dyym."?page=".$a.">第".$a."页</option>";
}
else
{
$fypage.="<option value=".$dyym."?page=".$a.">第".$a."页</option>";
}
$a=$a+1;
}
$fypage.="</select>";
echo $fypage;
}
if($lysh==1)
{
$sql='select * from guestbook where sh=1 order by id desc limit '.($page-1)*$pagesize.','.$pagesize;
}
else
{
$sql='select * from guestbook order by id desc limit '.($page-1)*$pagesize.','.$pagesize;
}
$result=mysql_query($sql);
$i=0;
while($rs=mysql_fetch_array($result,MYSQL_ASSOC))
{
$i=$i+1;
?>
<div class="boxline">
<div class="userinfobox"> <span>NO.<?php echo $i; ?></span> <span><img alt="<?php echo htmlspecialchars($rs['name']);?>" src="<?php echo htmlspecialchars($rs['tx']);?>" /></span> <span class="clr"></span> <span>留言人:<?php echo htmlspecialchars($rs['name']);?></span> <span>
<?php
$ip = $rs['ip'];
$user_ip= '留言IP: '.preg_replace("/\d+$/","***",$ip);
?>
<?php echo $user_ip; ?></span> <span>联系QQ:<a target="_blank" href="http://wpa.qq.com/msgrd?V=1&Uin=<?php echo $rs['qq'] ?>&Site=重庆阿巴站长php留言本&Menu=yes"><?php echo $rs['qq'] ?></a></span> <span>Email:<a href="mailto:<?php echo $rs['email']; ?>"><?php echo $rs['email']; ?></a></span> <span>留言时间:<?php echo $rs['fbsj'];?></span> </div>
<div class="bookconcent">
<div>主题:<?php echo msubstr(htmlspecialchars($rs['title']),0,30);?></div>
<br />
<span><?php echo $rs['content'];?></span><br />
<div class="huifu">管理员回复:
<?if (empty($rs['hf']))
{echo "还没有任何回复.";}
else
{echo $rs['hf'];}
?>
</div>
</div>
<div class="clr"></div>
</div>
<?php } ?>
<div class="page">
<?php
csdy("guestbook",$pagesize,"index.php",$lysh);
?>
</div>
</div>
</div>
<?php
include_once("conn.php");
if(isset($_GET['action']))
{
$content=$_POST['content'];
$tel=$_POST['tel'];
$qq=$_POST['qq'];
$email=$_POST['email'];
$title=safegl($_POST['title']);
$tx=safegl($_POST['tx']);
$name=safegl($_POST['name']);
$ip = ($_SERVER["HTTP_VIA"]) ? $_SERVER["HTTP_X_FORWARDED_FOR"] : $_SERVER["REMOTE_ADDR"];
$ip = ($ip) ? $ip : $_SERVER["REMOTE_ADDR"];
echo $ip;
if(empty($title)||empty($name)||empty($content)||empty($tx))
{
$err='带*号项不能为空<br/>';
}
if(!empty($tel))
{
if(!eregi("(^0[0-9]{2,3}-[0-9]{7,8}$)|(^0?1[0-9]{10}$)",$tel))
{
$err=$err.'输入的联系电话格式有误,请参照格式:023-58152478或13452626567<br/>';
}
}
if(!empty($qq))
{
if(!eregi("(^[1-9]{1}[0-9]{5,9}$)",$qq))
{
$err=$err."输入的QQ号码有误<br/>";
}
}
else
{
$qq=0;
}
if(!empty($email))
{
if (!eregi("^([a-zA-Z0-9_-])+@([a-zA-Z0-9_-])+((\.[a-zA-Z0-9_-]{2,3}){1,2})$",$email))
{
$err=$err."输入的邮箱格式有误<br/>";
}
}
if(!$err)
{
$sql="insert into guestbook set name='".$name."',content='".$content."',title='".$title."',qq='".$qq."',email='".$email."',tel='".$tel."',tx='".$tx."',ip='".$ip."'";
if(mysql_query($sql))
{
echo "<script language='javascript'>";
echo "alert('留言提交成功!');";
echo " location='index.php';";
echo "</script>";
}
else
{
die('数据库连接失败:'.mysql_error());
}
}
else
{
echo $err."<br/>";
echo "<a href='javascript:history.go(-1)'>返回重新提交留言!</a>";
exit;
}
}
?>