if (!defined('IN_ET')) { exit('Access Denied'); } if (!$user['user_id']) { showmessage("<div class='showmag'><p>您还没有登录,不能执行此操作!</p><p><a href='index.php?op=login'>现在登陆</a></p></div>"); exit; } if ($action == "reply") { if ($user[user_id]) { $replybody = trim($_POST['replybody']); $replybody = replace($replybody); //词语过滤 explodetopic($replybody); //专题 $back = atsend($replybody); //@ $replybody = $back['content']; $uids = $back['uids']; $replybody = daddslashes($replybody); array_push($uids, $_POST['suid']); $uids = array_unique($uids); $status_id = $_POST['status_id']; if ($replybody && $status_id) { $db->query("INSERT INTO et_content (user_id,user_name,user_nickname,user_head,content_body,posttime,type,status_id) VALUES ('{$user['user_id']}','{$user['user_name']}','{$user['nickname']}','{$user['user_head']}','{$replybody}','{$addtime}','手机','{$status_id}')"); $insertid = mysql_insert_id(); if ($insertid) { for ($i = 0; $i < count($uids); $i++) { $db->query("UPDATE et_users SET replyread = replyread+1 WHERE user_id='{$uids[$i]}'"); $db->query("INSERT INTO et_replyto (user_id,content_id) VALUES ('{$uids[$i]}','{$insertid}')"); }
<?php $API = 1; include '../common.inc.php'; if ($action == 'sendreply') { if ($_POST['sid'] && $_POST['suid'] && $_POST['scont'] && $my['user_id']) { $query = $db->query("SELECT privacy FROM et_content WHERE content_id='{$_POST['sid']}'"); $data = $db->fetch_array($query); if ($data[privacy] == 1) { echo '此消息是私密消息不能回复'; exit; } $content = getsubstrutf8($content, 0, 140, false); $content = replace(trim($_POST['scont'])); //词语过滤 $back = atsend($content); //@ $content = $back['content']; $uids = $back['uids']; array_push($uids, $_POST['suid']); $uids = array_unique($uids); $content = daddslashes($content); $isshownew = $_POST['rck'] == "true" ? 1 : 0; //作为新的信息 $contdata = getReply($_POST[sid]); if (!$content) { echo '你还没有填写发表的内容!'; exit; } $db->query("INSERT INTO et_content (user_id,user_name,user_nickname,user_head,content_body,posttime,status_id,status_uname,status_unickname,replyshow) VALUES ('{$my['user_id']}','{$my['user_name']}','{$my['nickname']}','{$my['user_head']}','{$content}','{$addtime}','{$_POST['sid']}','{$contdata['user_name']}','{$contdata['user_nickname']}','{$isshownew}')"); $insertid = mysql_insert_id();
if (!defined('IN_ET')) { exit('Access Denied'); } if (!$user['user_id']) { showmessage("<div class='showmag'><p>您还没有登录,不能执行此操作!</p><p><a href='index.php?op=login'>现在登陆</a></p></div>"); exit; } //发送消息 if ($action == "post") { $cbody = trim($_POST['cbody']); $privacy = $_POST["privacy"] ? 1 : 0; $cbody = replace($cbody); //词语过滤 explodetopic($cbody); //专题 $back = atsend($cbody); //@ $cbody = $back['content']; $uids = $back['uids']; $cbody = daddslashes($cbody); if ($user['user_id']) { if (!$cbody) { showmessage("<div class='showmag'><p>您没有填写发表的内容</p><a href='index.php'>返回首页</a></p></div>"); exit; } else { $db->query("INSERT INTO et_content (user_id,user_name,user_nickname,user_head,content_body,posttime,type,privacy) VALUES ('{$user['user_id']}','{$user['user_name']}','{$user['nickname']}','{$user['user_head']}','{$cbody}','{$addtime}','手机','{$privacy}')"); $insertid = mysql_insert_id(); if ($insertid) { for ($i = 0; $i < count($uids); $i++) { $db->query("UPDATE et_users SET replyread = replyread+1 WHERE user_id='{$uids[$i]}'"); $db->query("INSERT INTO et_replyto (user_id,content_id) VALUES ('{$uids[$i]}','{$insertid}')");