_alert_back('非法登录');
}
}
//处理回帖
if (isset($_GET['action']) && $_GET['action'] == 'rearticle') {
global $_system;
if (!empty($_system['code'])) {
//如果启用了验证码,则进行验证码验证
_check_code($_POST['code'], $_SESSION['code']);
//验证码检测
}
if (!!($_rows = _fetch_array("select tg_uniqid,tg_article_time from tg_user where tg_username='******'username']}' limit 1"))) {
//为了防止cookie伪造,还要比对一下唯一标示符uniqid()
_uniqid($_rows['tg_uniqid'], $_COOKIE['uniqid']);
//禁止不停地进行回帖
_timed(time(), $_rows['tg_article_time'], $_system['re']);
/*if(isset($_COOKIE['article_time'])){
_timed(time(),$_COOKIE['article_time'],30);
}*/
//接收数据
$_clean = array();
$_clean['reid'] = $_POST['reid'];
$_clean['type'] = $_POST['type'];
$_clean['title'] = $_POST['title'];
$_clean['content'] = $_POST['content'];
$_clean['username'] = $_COOKIE['username'];
$_clean = _mysql_string($_clean);
//写入数据库
_query("insert into tg_article(\n\t\t\t\t\t\t\t\t\t\ttg_reid,\n\t\t\t\t\t\t\t\t\t\ttg_username,\n\t\t\t\t\t\t\t\t\t\ttg_title,\n\t\t\t\t\t\t\t\t\t\ttg_type,\n\t\t\t\t\t\t\t\t\t\ttg_content,\n\t\t\t\t\t\t\t\t\t\ttg_date\n\t\t\t\t\t\t\t\t\t\t) \n\t\t\t\t\t\t\t\tvalues(\n\t\t\t\t\t\t\t\t\t\t'{$_clean['reid']}',\n\t\t\t\t\t\t\t\t\t\t'{$_clean['username']}',\n\t\t\t\t\t\t\t\t\t\t'{$_clean['title']}',\n\t\t\t\t\t\t\t\t\t\t'{$_clean['type']}',\n\t\t\t\t\t\t\t\t\t\t'{$_clean['content']}',\n\t\t\t\t\t\t\t\t\t\tNOW()\n\t\t\t\t\t\t\t\t\t\t)");
if (_affected_rows() == 1) {
//setcookie('article_time',time()); //设置当前回帖时间
//转换成硬路径,引用速度更快
require dirname(__FILE__) . '/includes/common.inc.php';
//登陆后才能发帖
if (!isset($_COOKIE['username'])) {
_location('发帖前必须登录', 'login.php');
}
//将帖子写入数据库
if (isset($_GET['action']) && $_GET['action'] == 'post') {
_check_code($_POST['code'], $_SESSION['code']);
//验证码检测
if (!!($_rows = _fetch_array("select tg_uniqid,tg_post_time from tg_user where tg_username='******'username']}' limit 1"))) {
global $_system;
//为了防止cookie伪造,还要比对一下唯一标示符uniqid()
_uniqid($_rows['tg_uniqid'], $_COOKIE['uniqid']);
//验证一下是否在规定的时间外发帖
_timed(time(), $_rows['tg_post_time'], $_system['post']);
/*if(isset($_COOKIE['post_time'])){
_timed(time(),$_COOKIE['post_time'],60);
}*/
include ROOT_PATH . 'includes/check.func.php';
//接收帖子内容
$_clean = array();
$_clean['username'] = $_COOKIE['username'];
$_clean['type'] = $_POST['type'];
$_clean['title'] = _check_post_title($_POST['title'], 2, 40);
$_clean['content'] = _check_post_content($_POST['content'], 10);
$_clean = _mysql_string($_clean);
//写入数据库
_query("insert into tg_article(\n\t\t\t\t\t\t\t\t\t\ttg_username,\n\t\t\t\t\t\t\t\t\t\ttg_title,\n\t\t\t\t\t\t\t\t\t\ttg_type,\n\t\t\t\t\t\t\t\t\t\ttg_content,\n\t\t\t\t\t\t\t\t\t\ttg_date\n\t\t\t\t\t\t\t\t\t) \n\t\t\t\t\t\t\t\tvalues(\n\t\t\t\t\t\t\t\t\t\t'{$_clean['username']}',\n\t\t\t\t\t\t\t\t\t\t'{$_clean['title']}',\n\t\t\t\t\t\t\t\t\t\t'{$_clean['type']}',\n\t\t\t\t\t\t\t\t\t\t'{$_clean['content']}',\n\t\t\t\t\t\t\t\t\t\tNOW()\n\t\t\t\t\t\t\t\t\t)");
if (_affected_rows() == 1) {
//获取刚刚新增的id