$error = "请输入祈祷意向!";
gotoend();
}
if (!isset($_SESSION['pray_time'])) {
$_SESSION['pray_time'] = 0;
}
$cur_time = date(time());
$last_time = $_SESSION['pray_time'];
if (abs($cur_time - $last_time) < 3600) {
//10分钟只能提交一次祈祷意向
$error = '请不要频繁提交祈祷意向,' . (3600 - abs($cur_time - $last_time)) . '秒后再试,主佑!';
gotoend();
} else {
$_SESSION['pray_time'] = $cur_time;
}
if (isset($_GET['name'])) {
$name = checkSqlArg(trim($_GET['name']));
}
if (strpos($name, "张译公") !== false || strpos($text, "张译公") !== false) {
die("");
}
//先从数据库中获取
$result = mysql_query("insert into pray (name,text,createtime) values ('" . $name . "','" . $text . "',utc_timestamp());");
if (mysql_affected_rows() < 1) {
$error = "添加祈祷意向失败,请稍后重试...";
gotoend();
}
//send to wbto
//add2weibolist('#彼此代祷# '.$name.':'.$text);
$ret['error'] = $error;
die($_GET['callback'] . '(' . json_encode($ret) . ')');
function insertStuff()
{
global $date;
global $isupdate;
global $isjson;
global $stuff_mass;
global $stuff_med;
global $stuff_comp;
global $stuff_let;
global $stuff_lod;
global $stuff_thought;
global $stuff_ordo;
global $stuff_ves;
global $stuff_saint;
//插入到数据库
if ($isupdate) {
mysql_query("update stuff set mass='" . mysql_real_escape_string($stuff_mass) . "',med='" . mysql_real_escape_string($stuff_med) . "',comp='" . mysql_real_escape_string($stuff_comp) . "',let='" . mysql_real_escape_string($stuff_let) . "',lod='" . mysql_real_escape_string($stuff_lod) . "',thought='" . mysql_real_escape_string($stuff_thought) . "',ordo='" . mysql_real_escape_string($stuff_ordo) . "',ves='" . mysql_real_escape_string($stuff_ves) . "',saint='" . mysql_real_escape_string($stuff_saint) . "',valid=1,lastupdate=curdate() " . "where time='" . $date->format('Y-m-d') . "';");
} else {
$result = mysql_query('insert into stuff (time,mass,med,comp,let,lod,thought,ordo,ves,saint,valid,lastupdate) values ' . '("' . $date->format('Y-m-d') . '","' . mysql_real_escape_string($stuff_mass) . '","' . mysql_real_escape_string($stuff_med) . '","' . mysql_real_escape_string($stuff_comp) . '","' . mysql_real_escape_string($stuff_let) . '","' . mysql_real_escape_string($stuff_lod) . '","' . mysql_real_escape_string($stuff_thought) . '","' . mysql_real_escape_string($stuff_ordo) . '","' . mysql_real_escape_string($stuff_ves) . '","' . mysql_real_escape_string($stuff_saint) . '",1,curdate());');
}
gotoend();
}