session_start();
include_once "page.inc.php";
$pp = new pp();
$size = 6;
$rs = new SQLite3("guestbook.sdb");
//id, uid, username, reg_time, post_time, ip, ip_pos, content
if (is_array($_SESSION["user"]) && $_POST["book"]) {
$userip = ip();
$content = nl2br(stripslashes(Replace($_POST["content"])));
$query = "INSERT INTO guestbook (uid, username, reg_time, post_time, ip, content) VALUES ('{$_SESSION["user"]["id"]}', '{$_SESSION["user"]["username"]}', '{$_SESSION["user"]["time"]}', '" . time() . "', '{$userip}', '{$content}')";
$rs->query($query);
$rs->close();
echo "<script>alert('发表成功');window.location.href = 'index.php';</script>";
exit;
}
$co = $rs->fetch_line("SELECT COUNT(*) AS c FROM guestbook");
$page = $pp->show($co["c"], $size);
$list = $rs->fetch_all("SELECT id, uid, username, reg_time, post_time, ip, content FROM guestbook ORDER BY id DESC LIMIT {$pp->limit}");
$rs->close();
function Replace($str)
{
if (is_null($str)) {
return $str;
}
$word = array("<" => "<", ">" => ">", "'" => """, '"' => """);
return strtr($str, $word);
}
//获取客户端的IP
function ip()
{
if (getenv('HTTP_CLIENT_IP') && strcasecmp(getenv('HTTP_CLIENT_IP'), 'unknown')) {