6、input.php(插入留言)

<?php
require_once("conn.php");

$username = $_POST['name'];
$sex = $_POST['sex'];
$qq = $_POST['qq'];
$email = $_POST['email'];
$info = $_POST['info'];

if (strrpos($username,"<")!==false || strrpos($username,">")!==false||strrpos($username,"@")!==false||strrpos($username,"\"")!==false||strrpos($username,"'")!==false||strrpos($username,"_")!==false)
{
echo "<script>alert('名称不能有特殊字符！');location.href='post.php';</script>";
exit();
}

if (!ereg("^[0-9]{0,}$",$qq))//用正则检查QQ格式
{
echo "<script>alert('OICQ信息有错误！必须是数字！');location.href='post.php';</script>";
exit();
}

if($email)
{//如果填写了邮箱就用正则检查邮箱格式
if (!ereg("^[a-zA-Z0-9_\-\.]+@[a-zA-Z0-9\-]+\.[a-zA-Z0-9\-\.]+$",$email))
{
echo "<script>alert('email格式不正确！');location.href='post.php';</script>";
exit();
}
}

if(!$username)
{
echo "<script>alert('名称不能为空哦！');location.href='post.php';</script>";
exit();
}
elseif(!$info)
{
echo "<script>alert('留言不能为空哦！');location.href='post.php';</script>";
exit();
}
else
{
$ip = getenv('REMOTE_ADDR');//获取客户端IP地址

$sql = "insert into lo (username,sex,qq,email,info,ip,submit_time) values ('$username','$sex','$qq','$email','$info','$ip',NOW())";

$result = mysql_query($sql);

mysql_close();

echo "<script>alert('提交成功！返回首页');location.href='index.php';</script>";
}
?>

<?php
require_once("conn.php");

$username = $_POST['name'];
$sex = $_POST['sex'];
$qq = $_POST['qq'];
$email = $_POST['email'];
$info = $_POST['info'];

if (strrpos($username,"<")!==false || strrpos($username,">")!==false||strrpos($username,"@")!==false||strrpos($username,"\"")!==false||strrpos($username,"'")!==false||strrpos($username,"_")!==false)
{
echo "<script>alert('名称不能有特殊字符！');location.href='post.php';</script>";
exit();
}

if (!ereg("^[0-9]{0,}$",$qq))//用正则检查QQ格式
{
echo "<script>alert('OICQ信息有错误！必须是数字！');location.href='post.php';</script>";
exit();
}

if($email)
{//如果填写了邮箱就用正则检查邮箱格式
if (!ereg("^[a-zA-Z0-9_\-\.]+@[a-zA-Z0-9\-]+\.[a-zA-Z0-9\-\.]+$",$email))
{
echo "<script>alert('email格式不正确！');location.href='post.php';</script>";
exit();
}
}

if(!$username)
{
echo "<script>alert('名称不能为空哦！');location.href='post.php';</script>";
exit();
}
elseif(!$info)
{
echo "<script>alert('留言不能为空哦！');location.href='post.php';</script>";
exit();
}
else
{
$ip = getenv('REMOTE_ADDR');//获取客户端IP地址

$sql = "insert into lo (username,sex,qq,email,info,ip,submit_time) values ('$username','$sex','$qq','$email','$info','$ip',NOW())";

$result = mysql_query($sql);

mysql_close();

echo "<script>alert('提交成功！返回首页');location.href='index.php';</script>";
}
?>

 

 

7、update.php(修改留言页)

<?php
session_start();
require_once('conn.php');
require_once('header.php');

if($_SESSION["key"]==1)
{
$id = $_GET['id'];
$sql = "select * from lo where id= ".$id;
$result = mysql_query($sql);
$row = mysql_fetch_array($result);

?>

<div id="update">
<form action="updatepost.php?wuleying&id=<?= $row[0] ?>" method="post">
<h1>修改留言</h1>
<p>姓名：<input type="text" value="<?= $row[1]?>" name="name" class="y"></input></p>
<p>留言：</p>
<p><textarea name="info" rows="5" cols="35"><?= $row[5] ?></textarea></p>
<p class="cen"><input type="submit" value="偶要修改" /></p>
<p class="cen1">银子留言板 Version 1.0</p>
</form>

<div>

<?php
}
else
{
header('location:index.php');
}
?>

<?php
session_start();
require_once('conn.php');
require_once('header.php');

if($_SESSION["key"]==1)
{
$id = $_GET['id'];
$sql = "select * from lo where id= ".$id;
$result = mysql_query($sql);
$row = mysql_fetch_array($result);

?>

<div id="update">
<form action="updatepost.php?wuleying&id=<?= $row[0] ?>" method="post">
<h1>修改留言</h1>
<p>姓名：<input type="text" value="<?= $row[1]?>" name="name" class="y"></input></p>
<p>留言：</p>
<p><textarea name="info" rows="5" cols="35"><?= $row[5] ?></textarea></p>
<p class="cen"><input type="submit" value="偶要修改" /></p>
<p class="cen1">银子留言板 Version 1.0</p>
</form>

<div>

<?php
}
else
{
header('location:index.php');
}
?>

 

 

8、updatepost(修改提交页)

<?php
require_once('conn.php');

$username = $_POST['name'];
$info = $_POST['info'];
$id = $_GET['id'];
//echo $id;

$sql = "update lo set username= '".$username."',info='".$info."' where id=".$id;
mysql_query($sql);

echo "<script>alert('修改成功！');location.href='index.php';</script>";
?>

<?php
require_once('conn.php');

$username = $_POST['name'];
$info = $_POST['info'];
$id = $_GET['id'];
//echo $id;

$sql = "update lo set username= '".$username."',info='".$info."' where id=".$id;
mysql_query($sql);

echo "<script>alert('修改成功！');location.href='index.php';</script>";
?>

 

 

9、delete.php(删除留言页)

<?php
session_start();
require_once('conn.php');

$id=$_GET['id'];

if($_SESSION["key"]==1)
{
$sql = "delete from lo where id=".$id;
mysql_query($sql);
echo "<script>location.href='index.php'</script>";
}
else
{
header('location:index.php');
}
?>

<?php
session_start();
require_once('conn.php');

$id=$_GET['id'];

if($_SESSION["key"]==1)
{
$sql = "delete from lo where id=".$id;
mysql_query($sql);
echo "<script>location.href='index.php'</script>";
}
else
{
header('location:index.php');
}
?>

 

 

10、admin.php(管理登录页)

<?php
require_once('conn.php');
require_once('header.php');
?>

<div id="admin">
<form method="post" action="adminpost.php">
<h1>管理员登录</h1>
<p>姓名 : <input type="text" name="name" size="20" class="y" />&nbsp;</p>
<p>密码 : <input type="password" name="password" size="20" class="y" />&nbsp;</p>
<p class="cen"><input type="submit" value="管理员登录" /></p>
<p class="cen1">银子留言板 Version 1.0</p>
</form>
</div>

<?php
require_once('conn.php');
require_once('header.php');
?>

<div id="admin">
<form method="post" action="adminpost.php">
<h1>管理员登录</h1>
<p>姓名 : <input type="text" name="name" size="20" class="y" />&nbsp;</p>
<p>密码 : <input type="password" name="password" size="20" class="y" />&nbsp;</p>
<p class="cen"><input type="submit" value="管理员登录" /></p>
<p class="cen1">银子留言板 Version 1.0</p>
</form>
</div>