* @copyright Copyright (c) 2007 - 2010, DesDev, Inc. * @license http://help.dedecms.com/usersguide/license.html * @link http://www.dedecms.com */ require_once dirname(__FILE__) . "/../include/common.inc.php"; require_once DEDEINC . '/memberlogin.class.php'; $htmltitle = "错误提交"; $aid = isset($aid) && is_numeric($aid) ? $aid : 0; if (empty($dopost)) { $row = $dsql->GetOne(" SELECT a.`title`,b.`typename` FROM `#@__archives` a left join `#@__arctype` b on(a.typeid=b.id) WHERE a.`id` ='{$aid}'"); if (!$row) { ShowMsg("谢谢您对本网站的支持,我们会尽快处理您的建议!", "javascript:window.close();"); exit; } $title = $row['typename'] . "-" . $row['title']; require_once DEDEROOT . "/templets/plus/erraddsave.htm"; $url = $_SERVER["HTTP_REFERER"]; echo $url; } elseif ($dopost == "saveedit") { $cfg_ml = new MemberLogin(); $title = HtmlReplace($title); $type = isset($type) && is_numeric($type) ? $type : 0; $mid = isset($cfg_ml->M_ID) ? $cfg_ml->M_ID : 0; $err = trimMsg(cn_substr($err, 2000), 1); $oktxt = trimMsg(cn_substr($erradd, 2000), 1); $time = time(); $query = "INSERT INTO `#@__erradd`(aid,mid,title,type,errtxt,oktxt,sendtime)\r\n VALUES ('{$aid}','{$mid}','{$title}','{$type}','{$err}','{$oktxt}','{$time}'); "; $dsql->ExecuteNoneQuery($query); ShowMsg("谢谢您对本网站的支持,我们会尽快处理您的建议!", "javascript:window.close();"); exit; }
} else { $validate = strtolower($validate); } $svali = GetCkVdValue(); if ($validate == '' || $validate != $svali) { ShowMsg("验证码不正确!", ""); exit; } $ip = GetIP(); $dtime = time(); $uname = trimMsg($uname); $email = trimMsg($email); $homepage = trimMsg($homepage); $homepage = preg_replace("#http:\\/\\/#", '', $homepage); $qq = trimMsg($qq); $msg = trimMsg(cn_substrR($msg, 1024), 1); $tid = empty($tid) ? 0 : intval($tid); $reid = empty($reid) ? 0 : intval($reid); if ($msg == '' || $uname == '') { showMsg('你的姓名和留言内容不能为空!', '-1'); exit; } $title = HtmlReplace(cn_substrR($title, 60), 1); if ($title == '') { $title = '无标题'; } if ($reid != 0) { $row = $dsql->GetOne("SELECT msg FROM `#@__guestbook` WHERE id='{$reid}' "); $msg = "<div class=\\'rebox\\'>" . addslashes($row['msg']) . "</div>\n" . $msg; } $query = "INSERT INTO `#@__guestbook`(title,tid,mid,uname,email,homepage,qq,face,msg,ip,dtime,ischeck)\r\n VALUES ('{$title}','{$tid}','{$g_mid}','{$uname}','{$email}','{$homepage}','{$qq}','{$img}','{$msg}','{$ip}','{$dtime}','{$needCheck}'); ";