以下是postfunction.php文件的内容: function postfunction($user="",$qq="",$title="",$ly="",$id=0,$rep="",$mode=1){ $ubb_file="images/ubbimages"; if($mode==1){ $form_action_file="post.php"; }else{ $form_action_file="admin.php?doaction=editor"; } if($qq) { $qq="";} ?> }?> 这里我主要是考虑到管理员编辑留言的时候要用到这个表单的,增加了2个参数,mode和id,如果mode不是1的话就是编辑页面,action的处理文件也不一样,还输出隐藏的id选项。 1、如果写信息留言的话,显示如下: 2、如果管理员回复留言的就是这个界面: admin.php : require_once('inc/config.php'); require_once(confign_path.'header.php'); ?> function showf($mode=1){ if ($mode==1) {$admin_f="admin.php";} else { $admin_f="admin.php?doaction=sys"; } ?> }?> $admin = false; session_start(); if (isset($_SESSION["admin"]) ) { echo " 您已经成功登陆-->";if(isset($_GET['doaction'])) { $doaction = $_GET['doaction']; switch($doaction){ case 'sys': echo"系统设置-->"; if($Submit) { foreach ($posts as $key => $value) { $posts[$key] = trim($value); } $password=md5($password); $conn->execute("update [php_admin] set [szd_user]='$username',[szd_password]='$password'"); echo "成功,2秒后返回"; echo ""; }else{ showf(2); } break; case 'logout': session_start(); unset($_SESSION["admin"]); header('location:index.php'); die; break; case 'delete': $conn->execute("delete * from [php_guest] where id=$id") ; echo "删除成功,2秒后返回"; echo ""; die; break; case 'editor': if($Submit) { $posts = $_POST; foreach ($posts as $key => $value) { $posts[$key] = trim($value); } $conn->execute("update [php_guest] set [szd_user]='$user',[szd_title]='$title',[szd_qq]='$qq',[szd_content]='$ly',[szd_rep]='$rep' where id=$id"); header("location:index.php"); } else { $rs=$conn->execute("select * from [php_guest] where id=$id"); if($rs->eof and $rs->bof){ header("location:index.php"); die;} require_once('postfunction.php'); postfunction($rs->fields[1],$rs->fields[3],$rs->fields[2],$rs->fields[4],$rs->fields[0],$rs->fields[6],2); } default: break; } }else { ?> } } else { ?> if($Submit){ $posts = $_POST; foreach ($posts as $key => $value) { $posts[$key] = trim($value); } $password = md5($posts["password"]); $username = $posts["username"]; if (empty($password)||empty($username)) {echo ""; echo ""; echo ""; exit();} $query = "SELECT id FROM [php_admin] WHERE [szd_password] = '$password' and [szd_user]='$username'"; $userInfo = $conn->execute($query); if (!($userInfo->eof and $userInfo->bof )) { session_start(); $_SESSION["admin"] = 1; header('location:admin.php'); } else { echo ""; echo ""; echo ""; exit(); } } else { showf(); } ?> }?> require_once(confign_path.'footer.php'); ?> 下面解释: function showf($mode=1){ //--------------------->这个小函数是输出管理员登陆表单的,2中模式,和发表留言的思路一样 if ($mode==1) {$admin_f="admin.php";} else { $admin_f="admin.php?doaction=sys"; } ?> }?> $admin = false; //--------------------->防止全局变量造成安全隐患 session_start(); //--------------------->启动会话,这步必不可少 if (isset($_SESSION["admin"]) ) { //--------------------->判断是否登陆,如果session["admin"]不为空,已经登陆.深度是 1 echo " 您已经成功登陆-->";if(isset($_GET['doaction'])) { //--------------------->登陆成功后,提交字段action不为空时执行,深度 2 $doaction = $_GET['doaction']; switch($doaction){ case 'sys': //--------------------->登陆成功后,提交字段action为"sys"执行,深度 3 echo"系统设置-->"; if($Submit) { foreach ($posts as $key => $value) { $posts[$key] = trim($value); } $password=md5($password); $conn->execute("update [php_admin] set [szd_user]='$username',[szd_password]='$password'"); echo "成功,2秒后返回"; echo ""; }else{ showf(2); } break; case 'logout': //--------------------->登陆成功后,提交字段action为"logout"执行清除session,深度 3 session_start(); unset($_SESSION["admin"]); header('location:index.php'); die; break; case 'delete': //--------------------->登陆成功后,提交字段action为"delete"执行删除留言,深度 3 $conn->execute("delete * from [php_guest] where id=$id") ; echo "删除成功,2秒后返回"; echo ""; die; break; case 'editor': //--------------------->登陆成功后,提交字段action为"editor"执行编辑留言,深度 3 if($Submit) { //--------------------->登陆成功后,提交字段action为"editor"而且表单已经提交时执行,深度 4 $posts = $_POST; foreach ($posts as $key => $value) { $posts[$key] = trim($value); } $conn->execute("update [php_guest] set [szd_user]='$user',[szd_title]='$title',[szd_qq]='$qq',[szd_content]='$ly',[szd_rep]='$rep' where id=$id"); header("location:index.php"); } else { //--------------------->登陆成功后,提交字段action为"editor"而且表单已经没有执行,深度 4 $rs=$conn->execute("select * from [php_guest] where id=$id"); if($rs->eof and $rs->bof){ header("location:index.php"); die;} require_once('postfunction.php'); postfunction($rs->fields[1],$rs->fields[3],$rs->fields[2],$rs->fields[4],$rs->fields[0],$rs->fields[6],2); } default: break; } }else { //--------------------->登陆成功后,提交字段action为空时执行,深度 2 ?> } } else { //--------------------->判断:如果session["admin"]为空,没登陆.深度是 1 ?> if($Submit){ //--------------------->判断表单提交后.深度是 2 $posts = $_POST; //--------------------->清除一些空白符号.深度是 3 foreach ($posts as $key => $value) { $posts[$key] = trim($value); } $password = md5($posts["password"]); //--------------------->自带md5加密 $username = $posts["username"]; if (empty($password)||empty($username)) {echo ""; echo ""; echo ""; exit();} $query = "SELECT id FROM [php_admin] WHERE [szd_password] = '$password' and [szd_user]='$username'"; $userInfo = $conn->execute($query); //--------------------->取得查询结果,深度是 4 if (!($userInfo->eof and $userInfo->bof )) { //--------------------->如果有符合输入的记录,登陆成功 session_start(); //--------------------->当验证通过后,启动 Session $_SESSION["admin"] = 1; //--------------------->登陆成功的 admin 变量,并赋值 1 header('location:admin.php'); } else { //--------------------->如果发生eof 和 bof 错误,用户名或者密码错,报错,深度是 4 echo ""; echo ""; echo ""; exit(); } } else { //--------------------->用户没登陆而且表单没提交,输出表单.深度是 2 showf(); } ?> }?> 如图,管理员没登陆: 管理员登陆成功: 管理员登陆成功以后首页出现了超连接: function ubb($Text) { $Text=htmlspecialchars($Text); $Text=ereg_replace("\r\n"," ",$Text); $Text=ereg_replace("\r"," ",$Text); $Text=nl2br($Text); $Text=preg_replace("/\\t/is"," ",$Text); $Text=preg_replace("/\[h1\](.+?)\[\/h1\]/is"," \\1",$Text);$Text=preg_replace("/\[h2\](.+?)\[\/h2\]/is"," \\1",$Text);$Text=preg_replace("/\[h3\](.+?)\[\/h3\]/is"," \\1",$Text);$Text=preg_replace("/\[h4\](.+?)\[\/h4\]/is"," \\1",$Text);$Text=preg_replace("/\[h5\](.+?)\[\/h5\]/is"," \\1",$Text);$Text=preg_replace("/\[h6\](.+?)\[\/h6\]/is"," \\1",$Text);$Text=preg_replace("/\[url\](http:\/\/.+?)\[\/url\]/is","\\1",$Text); $Text=preg_replace("/\[url\](.+?)\[\/url\]/is","http://\\1",$Text); $Text=preg_replace("/\\\2",$Text); $Text=preg_replace("/\\\2",$Text); $Text=preg_replace("/\[img\](.+?)\[\/img\]/is","",$Text); $Text=preg_replace("/\[color=(.+?)\](.+?)\[\/color\]/is","\\2",$Text); $Text=preg_replace("/\[size=(.+?)\](.+?)\[\/size\]/is","\\2",$Text); $Text=preg_replace("/\[sup\](.+?)\[\/sup\]/is","\\1",$Text); $Text=preg_replace("/\[sub\](.+?)\[\/sub\]/is","\\1",$Text); $Text=preg_replace("/\[pre\](.+?)\[\/pre\]/is"," \\1",$Text); $Text=preg_replace("/\[email\](.+?)\[\/email\]/is","\\1",$Text); $Text=preg_replace("/\[i\](.+?)\[\/i\]/is","\\1",$Text); $Text=preg_replace("/\[b\](.+?)\[\/b\]/is","\\1",$Text); $Text=preg_replace("/\[quote\](.+?)\[\/quote\]/is"," quote:", $Text); $Text=preg_replace("/\[code\](.+?)\[\/code\]/is"," code:", $Text); $Text=preg_replace("/\[sig\](.+?)\[\/sig\]/is"," -------------------------- \\1 -------------------------- return $Text; } 使用的时候,把要UBB显示的字符串这样写: =ubb($str)?> 没啥解释的,我也不太明白,不说了,这段是抄的代码,好了,加到inc/function.php里面就行了。 上一页 作者:5do8 来源:蓝色理想 (责任编辑:ninedns) |
|小黑屋|最新主题|手机版|微赢网络技术论坛 ( 苏ICP备08020429号 )
GMT+8, 2024-9-29 11:23 , Processed in 0.237856 second(s), 12 queries , Gzip On, MemCache On.
Powered by Discuz! X3.5
© 2001-2023 Discuz! Team.