case 'feedback': check_feedback(); break; //note 意见反馈搜索 //note 意见反馈搜索 case 'feedback_s': check_feedback_s(); break; case 'imagick_rotate': check_imagick_rotate(); break; case 'check_introduce': check_introduce(); break; case 'check_content': check_content(); break; //视频审核 //视频审核 case 'video': check_video(); break; //查看会员的视频并审核 //查看会员的视频并审核 case 'member_video': check_member_video(); break; //录音审核 //录音审核 case 'voice': check_voice();
} //送鲜花 if (@$_GET['action'] == 'flower') { if ($system['code'] == 1) { check_code($_POST['code'], $_SESSION['code']); } if (!!($rows = fetch_array("SELECT bbs_uniqid FROM bbs_users WHERE bbs_username='******'username']}' LIMIt 1"))) { //为了防止cookie伪造,要比对一下唯一标识符uniqid uniqid_check($rows['bbs_uniqid'], $_COOKIE['uniqid']); //引入验证文件 include ROOT_PATH . 'includes/check.func.php'; $clean = array(); $clean['touser'] = mysql_real_escape_string($_POST['touser']); $clean['fromuser'] = mysql_real_escape_string($_COOKIE['username']); $clean['flower'] = mysql_real_escape_string($_POST['flower']); $clean['content'] = mysql_real_escape_string(check_content($_POST['content'], 1, 200)); //写入数据库 query("INSERT INTO bbs_flower (\n bbs_touser,\n bbs_fromuser,\n bbs_flower,\n bbs_content,\n bbs_date\n )\n VALUES (\n '{$clean['touser']}',\n '{$clean['fromuser']}',\n '{$clean['flower']}',\n '{$clean['content']}',\n NOW()\n )\n "); if (affected_rows() == 1) { //关闭数据库 close(); //清除session session_destroy(); //跳转到首页 alert('送鲜花成功'); } else { //关闭数据库 close(); session_destroy(); //跳转到首页 alert('送鲜花失败');
//首先判断是否已经登入 if (!isset($_COOKIE['username'])) { close('请先登入'); } date_default_timezone_set('PRC'); //开始发送短息 if ($_GET['action'] == 'add') { //@用于屏蔽警告 // if (!($_POST['code'] == $_SESSION['code'])){ // alert('验证码错误,请重新输入'); // } $clean = array(); //定义一个数组,用来存放接收到得数据 $clean['touser'] = $_POST['touser']; $clean['fromuser'] = $_COOKIE['username']; $clean['content'] = check_content($_POST['content']); //首先判断好友是否存在 if (!($row = mysql_fetch_array(mysql_query("select id from user where username='******'touser']}'")))) { close('好友不存在'); exit; } //判断是否添加自己为好友,不允许添加自己为好友 if ($clean['touser'] == $_COOKIE['username']) { close('不允许添加自己为好友'); exit; } // // //再判断是否已经是好友 if (!!($result = mysql_fetch_array(mysql_query("select\r\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t * \r\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tfrom \r\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tfriend \r\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\twhere\r\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t( touser='******'touser']}' and fromuser='******'fromuser']}')\r\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tor\r\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t( touser='******'fromuser']}' and fromuser='******'touser']}')\r\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t ")))) { close('你们已经是好友'); exit;
} } if (!file_exists("dialogue.{$lang_code}.inc.php")) { $z = 0; while (isset($doc_language[$z]) && !file_exists("dialogue." . $doc_language[$z] . ".inc.php")) { $z++; } $lang_code = $doc_language[$z]; } require "dialogue.{$lang_code}.inc.php"; // global dialogue flags // load includes and configs -- end ----------------------- // get the content request -- begin ----------------------- if (!is_null($eyedoc_content)) { if (is_array($eyedoc_content)) { if ($content = check_content($eyedoc_content[0], $menu)) { $eyedoc_subcontent = array_slice($eyedoc_content, 1); } else { header("Location: ?c=" . $lang_code . "/" . $menu['home']); exit; } } else { header("Location: ?c=" . $lang_code . "/" . $menu['home']); exit; } } else { header("Location: ?c=" . $lang_code . "/" . $menu['home']); exit; } // get the content request -- end ------------------------- if ($compressing_on = "1") {