/**
* _check_password() 检查密码是否符合规则并加密
* @access public
* @param string $pwd1 密码
* @param string $pwd2 确认密码
* @param int $minsize 密码最小长度
* @return string 符合规则加密后的密码
*/
function _check_password($pwd, $minsize)
{
if (strlen($pwd) < $minsize) {
_alert_back("密码不得小于" . $minsize . '位');
}
return _mysql_string(sha1($pwd));
}
/**
* 检查保存时间是错误
* @param unknown $_string
* @return unknown|string
*/
function _check_time($_string)
{
$_time = array('0', '1', '2', '3');
if (!in_array($_string, $_time)) {
_alert_back('保存时间出现错误!');
}
return _mysql_string($_string);
}
/**
* _login_state判断登录状态和权限
* @param $level 当前页面所需要最低权限
*/
function _login_state($level)
{
if (!$_SESSION['num'] || !$_SESSION['username']) {
_location("请先登录!", "login.php");
}
if ($level > $_SESSION['level']) {
_alert_back("权限不足!");
}
}
/**
* _check_password验证密码
* @access public
* @param string $_first_pass
* @param int $_min_num
* @return string $_first_pass 返回一个加密后的密码
*/
function _check_password($_string, $_min_num = 6)
{
//判断密码
if (strlen($_string) < $_min_num) {
_alert_back('密码不得小于' . $_min_num . '位!');
}
//将密码返回
return sha1($_string);
}
/**
* 邮箱验证
* @param $_string
*/
function _checkemail($_string)
{
if (empty($_string)) {
_alert_back('邮箱不得为空!');
}
if (!preg_match('/^[\\w\\-\\.]+@[\\w\\-\\.]+(\\.\\w+)+$/', $_string)) {
_alert_back('邮件格式不对!');
}
return $_string;
}
function _check_details($content)
{
//取出二边空格
$content = trim($content);
//判断是否为空
if ($content == '') {
_alert_back('事由不可以为空!');
}
//判断是否含有敏感字符
$char_patern = '/[<>\'\\"\\ ]/';
if (preg_match($char_patern, $content)) {
_alert_back('内容不得包含敏感字符!');
}
return _mysql_string($content);
}
<?php
//define the constant IN_TG to include common.inc.php
define('IN_TG', true);
//a constant for different scripts calling
define("SCRIPT", "article_modify");
//include common.inc.php
require dirname(__FILE__) . '/includes/common.inc.php';
if (isset($_SERVER["HTTP_REFERER"])) {
$_skinurl = $_SERVER["HTTP_REFERER"];
if (empty($_skinurl) || !isset($_GET['id'])) {
_alert_back('Illegal access');
} else {
//validate id
if ($_GET['id'] != 1 && $_GET['id'] != 2 && $_GET['id'] != 3) {
_alert_back('Invalid ID');
}
//create a cookie to save the skin id
setcookie('skin', $_GET['id']);
_location(null, $_skinurl);
}
}
}
}
}
if ($_GET['action'] == modify) {
if ($_GET['num']) {
$row = _fetch_array("SELECT * FROM gm_teacher WHERE gm_num='{$_GET['num']}'");
}
if ($_POST['submit'] == '提 交') {
include ROOT_PATH . 'includes/register.func.php';
$name = _check_username($_POST['name']);
$num = _check_num($_POST['num']);
$zc = $_POST['zc'];
if (_query("UPDATE gm_teacher SET gm_username='******',gm_zc='{$zc}' WHERE gm_num='{$num}'")) {
_alert_back("修改成功!");
} else {
_alert_back("修改失败!");
}
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<?php
require ROOT_PATH . 'includes/title_admin.inc.php';
?>
</head>
<body>
<?php
/**
* _check_code
* @param string $_first_code
* @param string $_end_code
* @return void 验证码比对
*/
function _check_code($_first_code, $_end_code)
{
if ($_first_code != $_end_code) {
_alert_back('验证码不正确!');
}
}
if ($_GET['action'] == 'delete' && isset($_POST['ids'])) {
$_clean = array();
$_clean['ids'] = _mysql_string(implode(',', $_POST['ids']));
//为了防止cookies伪造,还要比对一下唯一标识符uniqid()
if (!!($_rows = _fetch_array("SELECT\n tg_uniqid\n FROM\n tg_user\n WHERE\n tg_username='******'username']}'\n LIMIT\n 1"))) {
_uniqid($_rows['tg_uniqid'], $_COOKIE['uniqid']);
_query("DELETE FROM\n\t tg_flower\n\t WHERE\n\t tg_id\n\t IN\n\t ({$_clean['ids']})");
if (_affected_rows()) {
_close();
_location('花朵删除成功', 'member_flower.php');
} else {
_close();
_alert_back('花朵删除失败');
}
} else {
_alert_back('非法登录');
}
}
//分页模块
global $_pagesize, $_pagenum;
_page("SELECT tg_id FROM tg_flower WHERE tg_touser='******'username']}'", 15);
//第一个参数获取总条数,第二个参数,指定每页多少条
$_result = _query("SELECT\n tg_id,tg_fromuser,tg_flower,tg_content,tg_date\n FROM\n tg_flower\n WHERE\n tg_touser='******'username']}'\n ORDER BY\n tg_date DESC\n LIMIT\n {$_pagenum},{$_pagesize}\n ");
?>
<!DOCTYPE HTML>
<html>
<head>
<meta charset="UTF-8">
<?php
require ROOT_PATH . 'includes/title.inc.php';
}
}
$_html['face_html'] .= '</select>';
//签名开关
if ($_html['switch'] == 1) {
$_html['switch_html'] = '<input type="radio" name="switch" value="1" checked="checked"/>启用 <input type="radio" name="switch" value="0" />禁用';
} else {
if ($_html['switch'] == 0) {
$_html['switch_html'] = '<input type="radio" name="switch" value="1" />启用 <input type="radio" name="switch" value="0" checked="checked"/>禁用';
}
}
} else {
_alert_back('此用户不存在');
}
} else {
_alert_back('非法登陆');
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<?php
require ROOT_PATH . 'includes/title.inc.php';
?>
<script type="text/javascript" src="js/code.js"></script>
<script type="text/javascript" src="js/member_modify.js"></script>
</head>
<body>
/**
* _check_content检查内容
* @param $content
*/
function _check_content($content)
{
//判断是否为空
if ($content == '') {
_alert_back('内容不可以为空!');
}
//判断是否含有敏感字符
$char_patern = '/[<>\'\\"]/';
if (preg_match($char_patern, $content)) {
_alert_back('内容不得包含敏感字符!\\n如:英文状态下的< >和单双引号');
}
return _mysql_string($content);
}
/**
* _check_content 检查输入的内容
* @param string $_content 内容
* @return string 过滤的内容
*/
function _check_content($_content)
{
if (mb_strlen($_content, 'utf-8') < 5 || mb_strlen($_content, 'utf-8') > 200) {
_alert_back("内容不得小于5字或大于200字!");
}
return $_content;
}
$_html['pre'] = '<a href="photo_detail.php?id=' . $_html['preid']['id'] . '#pre">上一页</a>';
} else {
$_html['pre'] = '<span>到头了</span>';
}
//下一页,取得比自己小的ID中,最大的那个即可。
$_html['nextid'] = _fetch_array("SELECT \r\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tmax(tg_id) \r\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tAS \r\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tid \r\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tFROM \r\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\ttg_photo \r\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tWHERE \r\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\ttg_sid='{$_html['sid']}' \r\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tAND \r\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\ttg_id<'{$_html['id']}'\r\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tLIMIT\r\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t1\r\n\t\t");
if (!empty($_html['nextid']['id'])) {
$_html['next'] = '<a href="photo_detail.php?id=' . $_html['nextid']['id'] . '#next">下一页</a>';
} else {
$_html['next'] = '<span>到底了</span>';
}
} else {
_alert_back('不存在此图片!');
}
} else {
_alert_back('非法操作!');
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<?php
require ROOT_PATH . 'includes/title.inc.php';
?>
<script type="text/javascript" src="js/code.js"></script>
<script type="text/javascript" src="js/article.js"></script>
</head>
<body>
<?php
require ROOT_PATH . 'includes/header.inc.php';
*/
//防止恶意调用
define('IN_GM', true);
//定义个常量,用来指定本页的内容
define('SCRIPT', 'message_add_s');
//引入公共文件
require dirname(__FILE__) . '/includes/common.inc.php';
//判断登录状态和权限
_login_state(1);
if ($_POST['submit'] == "提 交") {
include ROOT_PATH . 'includes/register.func.php';
$content = _check_content($_POST['content']);
if (_query("INSERT INTO gm_message(gm_username,gm_num,gm_content,gm_systime)\r\n\t\tVALUES('{$_SESSION['username']}','{$_SESSION['num']}','{$content}',NOW())") or die(mysql_error())) {
_location("发布成功!", "message_s.php");
} else {
_alert_back("发布失败!");
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<?php
require ROOT_PATH . 'includes/title_student.inc.php';
?>
</head>
<body>
<?php
require ROOT_PATH . 'includes/header_student.inc.php';
<?php
if (!isset($_SESSION)) {
session_start();
}
//define the constant IN_TG to include common.inc.php
define('IN_TG', true);
//a constant for different scripts calling
define("SCRIPT", "member_post");
//include common.inc.php
require dirname(__FILE__) . '/includes/common.inc.php';
//whether login
if (!isset($_COOKIE['username'])) {
_alert_back('Please login first');
}
//Paging module
global $_pagesize, $_pagenum;
//the first parameter is the number of records and the second one is the number of records displayed on each page
_page("select \n tg_id \n\t\t from \n\t\t tg_article \n\t\twhere \n\t\t\t tg_reid=0\n\t\tand\n\t\t tg_username ='******'username']}'", 10);
$_result = _query("select \n\t\t\t\t\t\t\t\t\t\ttg_id,tg_title,tg_content,tg_date \n\t\t\t\t\t\t\t\t from \n\t\t\t\t\t\t\t\t \t\ttg_article\n\t\t\t\t\t\t\t\t where\n\t\t\t\t\t\t\t\t \t\ttg_username = '******'username']}'\n\t\t\t\t\t\t\t\t \tand\n\t\t\t\t\t\t\t\t \t\ttg_reid = 0\n\t\t\t\t\t\t\t\t order by \n\t\t\t\t\t\t\t\t \t\ttg_date desc \n\t\t\t\t\t\t\t\t limit \n\t\t\t\t\t\t\t\t\t\t{$_pagenum}, {$_pagesize}");
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<?php
require ROOT_PATH . 'includes/CssLoad.inc.php';
?>
<script type="text/javascript"src="js/member_message.js"></script>
</head>
/*
* 找回密码
* 发送邮件
*/
session_start();
error_reporting(0);
header("Content-Type:text/html; charset=UTF-8");
require 'common.inc.php';
require 'login.inc.php';
require 'stmp.class.php';
$_data['email'] = $_POST['email'];
$pass = DB_PRE . 'ask_user';
$_sql = "SELECT * FROM {$pass} where email='{$_data['email']}'";
if ($re = _fetch_array($_sql)) {
/*
*
*/
$smtpemailto = $_data['email'];
$mailsubject = "message from lzu_ask ";
$newpassword = rand(100000, 999999);
$pa = "你的密码是";
$mailbody = '尊敬的' . $re['username'] . '用户' . $pa . $newpassword . '请马上修改您的密码!';
send_email($smtpemailto, $mailsubject, $mailbody);
$newpassword = sha1($newpassword);
$sql = "UPDATE {$pass} SET password='******' WHERE email='{$_data['email']}'";
_query($sql);
_location("请查收邮件", "blank.php");
} else {
_alert_back("该邮箱不存在");
}
$_clean['touser'] = $_POST['touser'];
$_clean['fromuser'] = $_COOKIE['username'];
$_clean['flower'] = $_POST['flower'];
$_clean['content'] = _check_content($_POST['content']);
$_clean = _mysql_string($_clean);
//write into database
_insert("INSERT INTO tg_flower (\n\t\t\t\t\t\t\t\t\t\ttg_touser,\n\t\t\t\t\t\t\t\t tg_fromuser,\n\t\t\t\t\t\t\t\t tg_flower,\n\t\t\t\t\t\t\t\t\t\ttg_content,\n\t\t\t\t\t\t\t\t\t\ttg_date\n\t\t\t\t\t\t\t\t\t\t)\n\t\t\t\t\t\t\t\t \tVALUES (\n\t\t\t\t\t \t\t\t\t\t'{$_clean['touser']}',\n\t\t\t\t\t \t\t\t\t\t'{$_clean['fromuser']}',\n\t\t\t\t\t \t\t\t\t\t'{$_clean['flower']}',\n\t\t\t\t\t \t\t\t\t\t'{$_clean['content']}',\n\t\t\t\t\t \t\t\t\t\tNOW()\n\t\t\t\t\t\t \t\t\t\t)\n\t\t\t");
//Successfully sended
if (_affected_rows() == 1) {
_close();
//_session_destroy();
_alert_close('Successfully sended');
} else {
_close();
//_session_destroy();
_alert_back('Fail to send');
}
} else {
_alert_close('Illegal access!');
}
}
}
//Get data from database
//$_GET['id'] is from centerwindow() in blog.js
if (isset($_GET['id'])) {
if (!!($_rows = _fetch_array("SELECT \n\t tg_username \n\t FROM \n\t tg_user \n\t WHERE \n\t tg_id='{$_GET['id']}' \n\t LIMIT 1"))) {
$_html = array();
$_html['touser'] = $_rows['tg_username'];
$_html = _html($_html);
} else {
_alert_close('This user does not exist£¡');
$_clean = array();
$_clean['touser'] = $_POST['touser'];
$_clean['fromuser'] = $_COOKIE['username'];
$_clean['content'] = _check_content($_POST['content']);
$_clean = _mysql_string($_clean);
//写入表
_query("INSERT INTO tg_message (\n tg_touser,\n tg_fromuser,\n tg_content,\n tg_date\n ) \n values(\n '{$_clean['touser']}',\n '{$_clean['fromuser']}',\n '{$_clean['content']}',\n NOW()\n )");
//新增成功
if (_affected_rows() == 1) {
_close();
//_session_destroy();
_alert_close('短信发送成功');
} else {
_close();
//_session_destroy();
_alert_back('短信发送失败');
}
} else {
_alert_close('非法登录!');
}
}
//获取数据
if (isset($_GET['id'])) {
if (!!($_rows = _fetch_array("SELECT tg_username FROM tg_user WHERE tg_id='{$_GET['id']}' LIMIT 1"))) {
$_html = array();
$_html['touser'] = $_rows['tg_username'];
$_html = _html($_html);
} else {
_alert_close('不存在此用户!');
}
} else {
//把当前的目录信息写入数据库即可
if (empty($_clean['type'])) {
_query("INSERT INTO tg_dir (\n\t\t tg_name,\n\t\t tg_type,\n\t\t tg_content,\n\t\t tg_dir,\n\t\t tg_date\n\t\t )\n\t\t VALUES (\n\t\t '{$_clean['name']}',\n\t\t '{$_clean['type']}',\n\t\t '{$_clean['content']}',\n\t\t 'photo/{$_clean['dir']}',\n\t\t NOW()\n\t\t )");
} else {
_query("INSERT INTO tg_dir (\n\t\t tg_name,\n\t\t tg_type,\n\t\t tg_content,\n\t\t tg_dir,\n\t\t tg_date,\n\t\t tg_password\n\t\t )\n\t\t VALUES (\n\t\t '{$_clean['name']}',\n\t\t '{$_clean['type']}',\n\t\t '{$_clean['content']}',\n\t\t 'photo/{$_clean['dir']}',\n\t\t NOW(),\n\t\t\t\t\t'{$_clean['password']}'\n\t\t\t\t\t)");
}
//目录添加成功
if (_affected_rows() == 1) {
_close();
_location('目录添加成功', 'photo.php');
} else {
_close();
_alert_back('目录添加失败!');
}
} else {
_alert_back('非法登录!');
}
}
?>
<!DOCTYPE HTML>
<html>
<head>
<meta charset="UTF-8">
<?php
require ROOT_PATH . 'includes/title.inc.php';
?>
<script src="js/photo_add_dir.js"></script>
</head>
<body>
<?php
} else {
_alert_back('非法登录');
}
}
//取值
if (isset($_GET['id'])) {
if (!!($_rows = _fetch_array("select\n\t\t\t\t\t\t\t\t\t\ttg_id,\n\t\t\t\t\t\t\t\t\t\ttg_dir\n\t\t\t\t\t\t\t\t\tfrom\n\t\t\t\t\t\t\t\t\t\ttg_dir\n\t\t\t\t\t\t\t\t\twhere\n\t\t\t\t\t\t\t\t\t\ttg_id='{$_GET['id']}'\n\t\t\t\t\t\t\t\t\tlimit\n\t\t\t\t\t\t\t\t\t\t1\n\t\t\t\t\t\t\t\t\t\t"))) {
$_html = array();
$_html['id'] = $_rows['tg_id'];
$_html['dir'] = $_rows['tg_dir'];
$_html = _html($_html);
} else {
_alert_back('不存在此相册');
}
} else {
_alert_back('非法操作');
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<?php
require ROOT_PATH . 'includes/title.inc.php';
?>
<script type="text/javascript" src="js/photo_add_img.js"></script>
</head>
<body>
//定义个常量,用来指定本页的内容
define('SCRIPT', 'notice_admin');
//引入公共文件
require dirname(__FILE__) . '/includes/common.inc.php';
//判断登录状态和权限
_login_state(2);
if ($_GET['action'] == '') {
$num = _num_rows("SELECT * FROM gm_notice");
//引入分页
_page($num, $_system['notice_pagesize']);
$res = _query("SELECT * FROM gm_notice ORDER BY gm_time DESC LIMIT {$pagenum},{$pagesize}");
} elseif ($_GET['action'] == 'del' and $_GET['id'] != '') {
if (_query("DELETE FROM gm_notice WHERE gm_id='{$_GET['id']}'")) {
_alert_back('删除成功!');
} else {
_alert_back('删除失败!');
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<?php
require ROOT_PATH . 'includes/title_admin.inc.php';
?>
</head>
<body>
<?php
require ROOT_PATH . 'includes/header_admin.inc.php';
/**
* _is_repeat 判断当前sql语句查询的结果是否已存在于数据库
* @param string $sql sql语句
* @param string $info 提示信息
*/
function _is_repeat($sql, $info)
{
if (_fetch_array($sql)) {
_alert_back($info);
}
}
/**
* check whether url exists-_check_photo_url()
* @access public
* @param string $_string
* @return string
*/
function _check_photo_url($_string)
{
if (empty($_string)) {
_alert_back('URL could not be empty');
}
return $_string;
}
_query("UPDATE \n\t\t\t\t\t\ttg_message \n\t\t\t\t\t SET \n\t\t\t\t\t\ttg_state=1 \n\t\t\t\t\tWHERE \n\t\t\t\t\t\ttg_id='{$_GET['id']}' \n\t\t\t\t\tLIMIT 1\n\t\t ");
if (!_affected_rows()) {
_alert_back('Abnormal');
}
}
$_html = array();
$_html['id'] = $_rows['tg_id'];
$_html['fromuser'] = $_rows['tg_fromuser'];
$_html['content'] = $_rows['tg_content'];
$_html['date'] = $_rows['tg_date'];
$_html = _html($_html);
} else {
_alert_back('This message does not exist!');
}
} else {
_alert_back('Illegal access');
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<?php
require ROOT_PATH . 'includes/CssLoad.inc.php';
?>
<script type="text/javascript"src="js/member_message_detail.js"></script>
</head>
<body>
<?php
require ROOT_PATH . 'includes/header.inc.php';
//修改密码
if ($_GET['action'] == 'pass_modify') {
//引入验证文件
include ROOT_PATH . 'includes/register.func.php';
$clean = array();
$clean['password'] = _check_password($_POST['password']);
$clean['newpassword'] = _check_password($_POST['newpassword']);
//判断旧密码是否正确
if (!_num_rows("SELECT gm_num FROM gm_user WHERE gm_active='1' AND gm_num = '{$_SESSION['num']}' AND gm_password = '******'password']}'")) {
_alert_back('原密码不正确!');
}
if (_query("UPDATE gm_user SET gm_password = '******'newpassword']}' WHERE gm_active='1' AND gm_num = '{$_SESSION['num']}'")) {
$string = "密码修改成功!\\n用户名:{$_SESSION['username']}\\n登录帐号:{$_SESSION['num']}\\n密码:{$_POST['newpassword']}";
_alert_back($string);
} else {
_alert_back('密码修改失败!');
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<?php
require ROOT_PATH . 'includes/title_student.inc.php';
?>
</head>
<body>
<?php
require ROOT_PATH . 'includes/header_student.inc.php';
//删除等敏感操作,先验证uniqid
$_uniqid_sql = "SELECT tg_uniqid FROM tg_user WHERE tg_username='******'username']}'";
$_row = _fetch_array($_uniqid_sql);
_check_cookie_uniqid($_COOKIE['uniqid'], $_row['tg_uniqid']);
//查询当前信息是否存在
if (!!_fetch_array("SELECT tg_fromuser,tg_content,tg_date FROM tg_message WHERE tg_id='{$_GET['id']}'")) {
_query("DELETE FROM tg_message WHERE tg_id='{$_GET['id']}'");
if (_affect_rows() == 1) {
_closeDB();
_location('短信删除成功', 'member_message.php');
} else {
_closeDB();
_alert_back('短信删除失败');
}
} else {
_alert_back("此短信不存在!");
}
//删除
}
//根据id获取短信内容
$_sql = "SELECT \r\n\t\t\t\ttg_id, \r\n\t\t\t\ttg_fromuser,\r\n\t\t\t\ttg_content,\r\n\t\t\t\ttg_date,\r\n\t\t\t\ttg_state \r\n\t\t\tFROM \r\n\t\t\t\ttg_message\r\n\t\t\tWHERE \r\n\t\t\t\ttg_id='{$_GET['id']}'";
if (!!($_row = _fetch_array($_sql))) {
$_html = array();
$_html['id'] = $_row['tg_id'];
$_html['fromuser'] = $_row['tg_fromuser'];
$_html['content'] = $_row['tg_content'];
$_html['date'] = $_row['tg_date'];
$_html = _html($_html);
if (empty($_row['tg_state'])) {
//标记消息已读
$_sql = "UPDATE tg_message SET tg_state = 1 WHERE tg_id='{$_GET['id']}'";
_checkdate($_POST['start_time_m'], $_POST['start_time_d'], $_POST['start_time_y']);
$clean['birth'] = $_POST['birth_y'] . '-' . $_POST['birth_m'] . '-' . $_POST['birth_d'];
$clean['start_time'] = $_POST['start_time_y'] . '-' . $_POST['start_time_m'] . '-' . $_POST['start_time_d'];
$clean['gm_grade'] = _time_to_grade($_POST['start_time_y'], $_POST['start_time_m']);
$clean['contact'] = _check_contact($_POST['contact']);
$clean['address'] = _check_address_ex($_POST['address']);
$clean['subject'] = _check_subject($_POST['subject']);
$clean['type'] = _check_type($_POST['type']);
$clean['photoname'] = _check_photo();
//判断是否已经注册
_is_repeat("SELECT gm_num FROM gm_user WHERE gm_num = '{$clean['num']}'", '该学号已经被注册!如有问题请咨询管理员!');
$newpassword = _check_password($_system['initial_password']);
if (_query("INSERT INTO gm_user(\r\n\t\t\t\t\t\t\t\t\tgm_username,\r\n\t\t\t\t\t\t\t\t\tgm_num,\r\n\t\t\t\t\t\t\t\t\tgm_password,\r\n\t\t\t\t\t\t\t\t\tgm_reg_time,\r\n\t\t\t\t\t\t\t\t\tgm_last_time,\r\n\t\t\t\t\t\t\t\t\tgm_last_ip) \r\n\t\t\t\t\t\t\t\tVALUES(\r\n\t\t\t\t\t\t\t\t\t'{$clean['username']}',\r\n\t\t\t\t\t\t\t\t\t'{$clean['num']}',\r\n\t\t\t\t\t\t\t\t\t'{$newpassword}',\r\n\t\t\t\t\t\t\t\t\tNOW(),\r\n\t\t\t\t\t\t\t\t\tNOW(),\r\n\t\t\t\t\t\t\t\t\t'{$_SERVER["REMOTE_ADDR"]}')") and _query("INSERT INTO gm_stuinfo(\r\n\t\t\t\t\t\t\t\t\tgm_username,\r\n\t\t\t\t\t\t\t\t\tgm_num,\r\n\t\t\t\t\t\t\t\t\tgm_sex,\r\n\t\t\t\t\t\t\t\t\tgm_birth,\r\n\t\t\t\t\t\t\t\t\tgm_start_time,\r\n\t\t\t\t\t\t\t\t\tgm_grade,\r\n\t\t\t\t\t\t\t\t\tgm_contact,\r\n\t\t\t\t\t\t\t\t\tgm_address,\r\n\t\t\t\t\t\t\t\t\tgm_subject,\r\n\t\t\t\t\t\t\t\t\tgm_type,\r\n\t\t\t\t\t\t\t\t\tgm_photoname) \r\n\t\t\t\t\t\t\t\tVALUES(\r\n\t\t\t\t\t\t\t\t\t'{$clean['username']}',\r\n\t\t\t\t\t\t\t\t\t'{$clean['num']}',\r\n\t\t\t\t\t\t\t\t\t'{$clean['sex']}',\r\n\t\t\t\t\t\t\t\t\t'{$clean['birth']}',\r\n\t\t\t\t\t\t\t\t\t'{$clean['start_time']}',\r\n\t\t\t\t\t\t\t\t\t'{$clean['gm_grade']}',\r\n\t\t\t\t\t\t\t\t\t'{$clean['contact']}',\r\n\t\t\t\t\t\t\t\t\t'{$clean['address']}',\r\n\t\t\t\t\t\t\t\t\t'{$clean['subject']}',\r\n\t\t\t\t\t\t\t\t\t'{$clean['type']}',\r\n\t\t\t\t\t\t\t\t\t'{$clean['photoname']}')")) {
_location('你的信息已经提交,请耐心等待审核!', 'login.php');
} else {
_alert_back('注册失败!有问题请咨询管理员!');
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>计算机学院研究生档案管理--注册</title>
<link rel="stylesheet" type="text/css" href="styles/basic.css" />
<link rel="stylesheet" type="text/css" href="styles/register.css" />
<script type="text/javascript" src="js/code.js"></script>
<script type="text/javascript" src="js/register.js"></script>
<script type="text/javascript" src="js/areaBase.js"></script>
<?php
/*
* 关俊鹏
* 2012/7/28
*修改 加入了login.inc.php的包涵 和转跳的页面
*/
session_start();
error_reporting(0);
header("Content-Type: text/html; charset=UTF-8");
//如有必要一定要设置成utf-8
require 'common.inc.php';
//转换成硬路径
require 'login.inc.php';
$_data['secret1'] = _check_password($_POST['secret1']);
$_data['secret2'] = _check_password($_POST['secret2']);
$pass = DB_PRE . 'ask_user';
$_sql = "SELECT * FROM {$pass} where uid='{$login['lzuuid']}' AND password='******'secret1']}'";
if (_fetch_array($_sql)) {
$query = "update {$pass} SET\n\t password='******'secret2']}'\n where uid='{$login['lzuuid']}'";
_query($query);
echo '<a href="../personnav.php">密码修改成功</a>';
} else {
_alert_back("密码不正确!");
}
function _check_photo_url($_string)
{
if (empty($_string)) {
_alert_back('地址不能为空!');
}
return $_string;
}