<?php
include "class_include.php";
$id = $_POST["id"];
$user = $_POST['user'];
$message = $_POST['message'];
$to = $_POST['to'];
$location = $_POST['location'];
if (strlen($message) > 280) {
System_messagebox("想说的话超过140字,请修改后重新提交!", "message", "/admin/index.php?mod=" . $location);
exit;
}
//过滤器(含转码)
$user = Xss_replace($user);
$message = Xss_replace($message);
$to = Xss_replace($to);
//写入
$sql = DB_Update("ticket_view", array("user" => $user, "message" => $message, "to" => $to));
$result = DB_Query($sql, $con);
if ($result) {
System_messagebox("操作成功!", "success", "/admin/index.php?mod=" . $location);
} else {
DB_PrintError(DB_Error($con));
}
} else {
if ($mod = "LostandfoundPost") {
$uptime = date("Y-m-d H:i:s", time());
$user = $_POST['user'];
$message = $_POST['message'];
$tel = $_POST['tel'];
if ($tel == "" || $user == "" || $message == "") {
die('{"message":"信息不能为空"}');
}
if (strlen($message) > 280) {
die('{"message":"祝福超过140字,请修改后重新提交!"}');
}
//过滤
$user = Xss_replace($user);
$tel = Xss_replace($tel);
$message = Xss_replace($message);
//url转码(Xss_replace已包含转码)
$uptime = urlencode($uptime);
$cip = urlencode(getip());
//写入
$sql = DB_Insert("lostandfound", array("user" => $user, "tel" => $tel, "message" => $message, "uptime" => $uptime, "ip" => $cip));
$result = DB_Query($sql, $con);
if ($result) {
echo '{"message":"您的信息已经成功提交到数据库,请耐心等待广播站排序播放!谢谢!"}';
} else {
echo '{"message":"服务器错误!"' . DB_Error($con) . '"}';
}
} else {
echo '{"message":"请不要提交空信息"}';
}
}
