<?php

/**
*2012-8-22  |  By:NaV!
*/
//防止恶意调用
define('IN_GM', true);
//定义个常量,用来指定本页的内容
define('SCRIPT', 'message_add_s');
//引入公共文件
require dirname(__FILE__) . '/includes/common.inc.php';
//判断登录状态和权限
_login_state(1);
if ($_POST['submit'] == "提 交") {
    include ROOT_PATH . 'includes/register.func.php';
    $content = _check_content($_POST['content']);
    if (_query("INSERT INTO gm_message(gm_username,gm_num,gm_content,gm_systime)\r\n\t\tVALUES('{$_SESSION['username']}','{$_SESSION['num']}','{$content}',NOW())") or die(mysql_error())) {
        _location("发布成功!", "message_s.php");
    } else {
        _alert_back("发布失败!");
    }
}
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<?php 
require ROOT_PATH . 'includes/title_student.inc.php';
?>
Esempio n. 2
0
require dirname(__FILE__) . '/includes/common.inc.php';
//判断是否登录了
if (!isset($_COOKIE['username'])) {
    _alert_close('请先登录!');
}
error_reporting(0);
//写短信
if ($_GET['action'] == 'write') {
    _check_code($_POST['code'], $_SESSION['code']);
    if (!!($_rows = _fetch_array("SELECT tg_uniqid FROM tg_user WHERE tg_username='******'username']}' LIMIT 1"))) {
        _uniqid($_rows['tg_uniqid'], $_COOKIE['uniqid']);
        include ROOT_PATH . 'includes/check.func.php';
        $_clean = array();
        $_clean['touser'] = $_POST['touser'];
        $_clean['fromuser'] = $_COOKIE['username'];
        $_clean['content'] = _check_content($_POST['content']);
        $_clean = _mysql_string($_clean);
        //写入表
        _query("INSERT INTO tg_message (\n                tg_touser,\n                tg_fromuser,\n                tg_content,\n                tg_date\n            )             \n            values(\n                '{$_clean['touser']}',\n                '{$_clean['fromuser']}',\n                '{$_clean['content']}',\n                NOW()\n            )");
        //新增成功
        if (_affected_rows() == 1) {
            _close();
            //_session_destroy();
            _alert_close('短信发送成功');
        } else {
            _close();
            //_session_destroy();
            _alert_back('短信发送失败');
        }
    } else {
        _alert_close('非法登录!');
_login_state(2);
//取出留言内容
if ($_GET['action'] == 'edit' and !($row = _fetch_array("SELECT * FROM gm_message WHERE gm_id = '{$_GET['id']}'"))) {
    _alert_back('没有取出任何留言内容!');
}
if ($_GET['action'] == 'process' and $_GET['id'] != '') {
    if ($_POST['reply'] == '') {
        _location(null, 'message_admin.php');
    }
    if (!($row = _fetch_array("SELECT gm_content,gm_reply FROM gm_message WHERE gm_id='{$_GET['id']}'"))) {
        _alert_back('未找到你要编辑/回复的留言!');
    }
    include ROOT_PATH . 'includes/register.func.php';
    $clean = array();
    $clean['content'] = _check_content($_POST['content']);
    $clean['reply'] = _check_content($_POST['reply']);
    if ($clean['content'] == $row['gm_content'] and $clean['reply'] == $row['gm_reply']) {
        _location(null, 'message_admin.php');
    }
    if (_query("UPDATE gm_message SET gm_content='{$clean['content']}',gm_reply='{$clean['reply']}',gm_replytime=NOW() WHERE gm_id='{$_GET['id']}'")) {
        _location('回复成功!', 'message_admin.php');
    } else {
        _alert_back('回复失败!');
    }
}
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />