gusucode.com > 电脑配件公司电子商务网站源码程序 > 电脑配件公司电子商务网站源码程序/guestbook/post.php

    <?php
define("ROOTPATH", "../");
include(ROOTPATH."includes/common.inc.php");
include(ROOTPATH."guestbook/includes/guestbook.inc.php");
include("language/".$sLan.".php");


$act = $_POST['act'];

switch($act){
	
	//企业留言表单提交
	case "formsend":
		
		$nowtime=time();
		
		//获取留言提交者的IP信息
		$ip=$_SERVER["REMOTE_ADDR"];
	
		//定义同一IP两次提交的时间间隔,以防止恶意提交
		$gettime=60;
		$msql->query("select dtime from {P}_guestbook where ip='$ip' order by id desc");
		if($msql->next_record()){
			$predtime=$msql->f('dtime');
		}
		$distime=$nowtime-$predtime;
		if($distime<=$gettime){
			echo $strNotice1 . $gettime . $strNotice6;
			exit;
		}
		
		//获取表单数据
		$title=htmlspecialchars($_POST["title"]);
		$name=htmlspecialchars($_POST["name"]);
		$headpic=htmlspecialchars($_POST["headpicsel"]);
		$email=htmlspecialchars($_POST["email"]);
		$qq=htmlspecialchars($_POST["qq"]);
		$homepage=htmlspecialchars($_POST["homepage"]);
		$mood=htmlspecialchars($_POST["mood"]);
		$body=htmlspecialchars($_POST["body"]);
		$secret=htmlspecialchars($_POST["secret"]);
		$checkimgcode=htmlspecialchars($_POST["checkimgcode"]);


		//标题长度校验
		$titlelen=utf8_strlen($title, 1);
		if($titlelen<3 || $titlelen>20){
			echo $strNotice2;
			exit;
		}
		
		//姓名长度校验
		$namelen=utf8_strlen($name, 1);
		if($namelen<2 || $namelen>15){
			echo $strNotice3;
			exit;
		}
		
		//电子邮件校验
		if($email!=''){
			if (!eregi("^[_.0-9a-z-]+@([0-9a-z][0-9a-z-]+.)+[a-z]{2,3}$",$email)) { 
				echo $strNotice4;
				exit;
			}
		}
		
		//留言内容长度校验
		$bodylen=utf8_strlen($body, 1);
		if($body=='' || $bodylen>500){
			echo $strNotice5;
			exit;
		}
		
		//图形验证码
		if($checkimgcode!="no"){
			$ImgCode=$_POST["ImgCode"];
			
			$Ic=$_COOKIE["CODEIMG"];
			$Ic=strrev($Ic)+5*2-9;
			$Ic=substr ($Ic,0,4);

			if($ImgCode=="" || $Ic!=$ImgCode){
				echo $strIcErr;
				exit;
			}
		}
		
		//校验结束,处理数据
		$headpicurl=ROOTPATH."guestbook/templates/images/headpics/".$headpic.".gif";
		$moodurl=ROOTPATH."guestbook/templates/images/mood/".$mood.".gif";

		//读取配置信息,判断发布状态
		$msql->query("select value from {P}_guestbook_config where xuhao='3'");
		if($msql->next_record()){
			$iffb=$msql->f('value');
		}
		
		
		//入库
		$msql -> query ("insert into {P}_guestbook set
			`title`='$title',
			`name`='$name',
			`headpic`='$headpicurl',
			`email`='$email',
			`qq`='$qq',
			`homepage`='$homepage',
			`mood`='$moodurl',
			`body`='$body',
			`secret`='$secret',
			`dtime`='$nowtime',
			`uptime`='$nowtime',
			`ip`='$ip',
			`iffb`='$iffb'
		 ");
		 
		echo "OK";
		exit;

	break;

}
?>