Exemplo n.º 1
0
<?php

define('ROOT', dirname(__FILE__) . '/');
//系统程序根路径, 必须定义, 用于防翻墙
require ROOT . 'includes/core.guest.php';
//加载核心文件
if (!$_CFG['Actived']) {
    shut_down($langs['shutdown']);
}
//ajax留言操作
$ajax = intval($_GET['ajax']);
if ($ajax == 1) {
    require ROOT . 'includes/functions.comment.php';
    //加载留言需要的函数
    $DB = new Mysql($dbusername, $dbpassword, $dbname, $servername, false, false);
    //不显示mysql错误
    $ajax = array('s' => 0, 'i' => 0);
    $json = new JSON();
    $act = ForceStringFrom('act');
    if ($act == 'vvc') {
        $ajax['s'] = createVVC();
        die($json->encode($ajax));
    } elseif ($act == 'get') {
        getVVC();
        die;
    }
    $key = ForceStringFrom('key');
    $code = ForceStringFrom('code');
    $decode = authcode($code, 'DECODE', $key);
    if ($decode != md5(WEBSITE_KEY . $_CFG['KillRobotCode'])) {
        die($json->encode($ajax));
3/18/10 log corrections made
7/28/10 Added inclusion of startup.inc.php for checking of network status and setting of file name variables to support no-maps versions of scripts.
8/15/10	added dupe prevention, per JG email
8/27/10 fmp call added
12/1/10 $patient get_text added, FIP change
3/15/11 changed stylesheet.php to stylesheet.php
5/26/11 added intrusion detection
7/27/11	fix multiple selects per KB email
*/
error_reporting(E_ALL);
// 10/1/08
@session_start();
require_once 'incs/functions.inc.php';
do_login(basename(__FILE__));
if (isset($_REQUEST['ticket_id']) && strlen(trim($_REQUEST['ticket_id'])) > 6) {
    shut_down();
}
// 5/26/11
//require_once($_SESSION['fmp']);		// 8/27/10
//$istest = true;
if ($istest) {
    print "GET<br />\n";
    dump($_GET);
    print "POST<br />\n";
    dump($_POST);
}
$evenodd = array("even", "odd");
// CLASS names for alternating table row colors
$get_action = array_key_exists("action", $_REQUEST) ? $_REQUEST['action'] : "new";
switch ($get_action) {
    case "add":