$m = $_GET['m'];
if ($m == 'new_comment') {
$data = filter_array($_POST, 'name!,email,intval:item_id,content');
if ($data) {
include_once 'model/comment.php';
$comment = new LZ_Comment();
if ($comment->add($data)) {
echo 'success';
} else {
echo lang('COMMENT_ADD_ERROR');
}
} else {
echo lang('COMMENT_INPUT_ERROR');
}
} else {
if ($m == 'new_guestbook') {
$data = filter_array($_POST, 'name!,email,content');
if ($data) {
include_once 'model/guestbook.php';
$guestbook = new LZ_Guestbook();
if ($guestbook->add($data)) {
echo 'success';
} else {
echo lang('GUESTBOOK_ADD_ERROR');
}
} else {
echo lang('GUESTBOOK_INPUT_ERROR');
}
}
}
die;
<?php
LZ_MODULE != 'admin' && die('Access Denied');
$m = $_GET['m'];
include_once 'model/guestbook.php';
$obj = new LZ_Guestbook();
if ($m == 'new') {
$data = filter_array($_POST, 'name!,email,content!');
if ($data) {
$data['date'] = time();
echo $obj->add($data) ? 'success' : 'error';
} else {
echo FILL_ALL;
}
die;
}
$view_data['items'] = lz_page($obj, array(), 20);
$view_data['page_description'] = lang('GUESTBOOK');
$view_data['title'] = lang('GUESTBOOK');
<?php
!defined('LZ_MODULE') && die('Access Denied');
$m = $_GET['m'];
include_once 'model/guestbook.php';
$obj = new LZ_Guestbook();
include_once 'model/item.php';
$item = new LZ_Item();
if ($m == 'new') {
$data = filter_array($_POST, 'htmlspecialchars:name!,htmlspecialchars:email,htmlspecialchars:content!');
if ($data) {
$data['time'] = time();
echo $obj->add($data) ? 'success' : 'error';
} else {
echo lang('FILL_ALL');
}
die;
}
$items = lz_page($obj, array('status' => 1), intval($config['guestbook_per_page']) ? intval($config['guestbook_per_page']) : 10);
$view_data['items'] = $items;
$view_data['title'] = lang('TITLE') . ' ' . $config['site_name'];
$view_data['item'] = $item->get_one(array('category_id' => 83, 'status' => 3));