<?php include "class_include.php"; $id = $_POST["id"]; $user = $_POST['user']; $message = $_POST['message']; $to = $_POST['to']; $location = $_POST['location']; if (strlen($message) > 280) { System_messagebox("想说的话超过140字,请修改后重新提交!", "message", "/admin/index.php?mod=" . $location); exit; } //过滤器(含转码) $user = Xss_replace($user); $message = Xss_replace($message); $to = Xss_replace($to); //写入 $sql = DB_Update("ticket_view", array("user" => $user, "message" => $message, "to" => $to)); $result = DB_Query($sql, $con); if ($result) { System_messagebox("操作成功!", "success", "/admin/index.php?mod=" . $location); } else { DB_PrintError(DB_Error($con)); }
} else { if ($mod = "LostandfoundPost") { $uptime = date("Y-m-d H:i:s", time()); $user = $_POST['user']; $message = $_POST['message']; $tel = $_POST['tel']; if ($tel == "" || $user == "" || $message == "") { die('{"message":"信息不能为空"}'); } if (strlen($message) > 280) { die('{"message":"祝福超过140字,请修改后重新提交!"}'); } //过滤 $user = Xss_replace($user); $tel = Xss_replace($tel); $message = Xss_replace($message); //url转码(Xss_replace已包含转码) $uptime = urlencode($uptime); $cip = urlencode(getip()); //写入 $sql = DB_Insert("lostandfound", array("user" => $user, "tel" => $tel, "message" => $message, "uptime" => $uptime, "ip" => $cip)); $result = DB_Query($sql, $con); if ($result) { echo '{"message":"您的信息已经成功提交到数据库,请耐心等待广播站排序播放!谢谢!"}'; } else { echo '{"message":"服务器错误!"' . DB_Error($con) . '"}'; } } else { echo '{"message":"请不要提交空信息"}'; } }