小型留言板
2016-06-12 15:17
113 查看
<?php
//链接数据库
session_start();
$sq= @mysql_connect("127.0.0.1","root","")or die("数据库还没有好");
$sa= @mysql_select_db("thinkphp",$sq);
mysql_query("set name'utf8'");
define("ALL", "SHA");
//判断权限方法
function user_shell($id,$shell){
if(empty($id)||empty($shell)){
echo "meiyouquanxim";
exit();
}else {
$sq="select*from `old` where `id`=$id";
$sa=mysql_query($sq);
$us=is_array($sc=mysql_fetch_array($sa));
$shell=$us ? $shell=md5($sc['username'].$sc['password'].ALL):false;
if($shell){
return $sc;
}else{
echo "没有权限";
exit();
}
}
}
?>
//需要数据库中建两张表old(字段id,username,passname,),news(id,title,dates,content,hit)
<?php
include 'conn.php';
$action= isset($_GET['action']) ? htmlspecialchars($_GET['action']) : '';
if($action=='register') {
if(!empty($_POST['sub'])){
if(empty($_POST['user'])&&empty($_POST['pass'])){//判断用户名或密码不能为空
echo "用户名或密码不能为空";
} else {
$user=$_POST['user'];
$pass=md5($_POST['pass'].ALL);//MD5增加密码安全
$sq= "insert into `old` (`id`,`username`,`
4000
password`) values( null,'$user','$pass' )";
$query=mysql_query($sq);
echo "<script>alert('注册成功 ');location.href='http://127.0.0.1/add/test.php?action=land'</script>";
}
}
?>
<form action="" method="post">
用户名:<input type="text" name=user><br>
密码:<input type="password" name="pass"><br>
<input type="submit" name="sub" value="提交注册">
</form>
<?php
}
elseif($action=='land') { //登陆页面
if(!empty($_POST['sub'])){
if(empty($_POST['user'])){
echo "用户名不能为空";//判断用户名是否为空;
}else{
$user=$_POST['user'];
$sa=str_replace(" ", "", $user);
$sq= "select*from`old`where `username`='$sa'";//判断用户名是否存在;
$query=mysql_query($sq);
$sr=mysql_fetch_array($query);
if(md5($_POST['pass'].ALL)== $sr['password']){
$_SESSION['id']=$sr['id'];
$_SESSION['shell']=md5($sr['password'].$sr['username'].ALL);
echo "<script>alert('登陆成功 ');location.href='http://127.0.0.1/add/test.php?action=add'</script>";
}else {
echo "用户名或密码错误";
session_destroy();
}
}
}
?>
<form action="" method="post">
用户名:<input type="text" name=user><br>
密码:<input type="password" name="pass"><br>
<input type="submit" name="sub" value="登陆">
</form>
<?php
}
elseif($action=='add'){//添加页面
if(empty($_SESSION['id'])||empty($_SESSION['shell'])){
echo "非法操作";
exit();
}else{
$sw=user_shell($_SESSION['id'],$_SESSION['shell']);
}//判断用户是否为登陆状态
//echo $_SESSION['id'];echo"<br>";
//echo $_SESSION['shell'];
if(!empty($_POST['sub'])){
if(!empty($_POST['title'])&&!empty($_POST['con'])){
$sq=$_POST['title'];
$sa=$_POST['con'];
$sr="insert into`news`(`id`,`title`,`dates`,`content`)values(null,'$sq',now(),'$sa')";
mysql_query($sr);
echo "<script>alert('发表成功 ');location.href='http://127.0.0.1/add/test.php?action=index'</script>";
}else {
echo "标题或内容不能为空";
}
}
?>
<form action="" method="post">
标题:<input type="text" name="title"><br>
内容:<textarea rows="5" cols="50" name="con"></textarea>
<input type="submit" name="sub" value="提交">
</form>
<?php
}
elseif ($action=='index'){//主页
if(empty($_SESSION['id'])||empty($_SESSION['shell'])){
echo "非法操作";
exit();
}else{
$sw=user_shell($_SESSION['id'],$_SESSION['shell']);
}
echo "<a href=\"http://127.0.0.1/add/test.php?action=add\">添加内容</a><br>
<form action=\"\" method=\"get\">
<input type=\"text\" name=\"keys\">
<input type=\"submit\" name=\"sub\" value=\"搜索\">
</form>";
$sql="select*from`news`";
$sa=mysql_query($sql);
while($sr=mysql_fetch_array($sa)){
?>
<h2>标题:<a href='http://127.0.0.1/add/test.php?action=viwe&id=<?php echo $sr['id']?>'><?php echo iconv_substr($sr['title'],0,2,"utf-8")?>.....</a>|<a href='http://127.0.0.1/add/test.php?action=edit&id=<?php echo $sr['id']?>'>编辑</a>|<a href='http://127.0.0.1/add/test.php?action=del&id=<?php
echo $sr['id']?>'>删除</a>|</h2>
<li>时间:<?php echo $sr['dates']?></li>
<p>内容:<?php echo $sr['content']?></p>
<?php
}}
elseif($action=='edit'){//编辑页面
if(empty($_SESSION['id'])||empty($_SESSION['shell'])){
echo "非法操作";
exit();
}else{
$sw=user_shell($_SESSION['id'],$_SESSION['shell']);
}
if(!empty($_GET['id'])){
$sql="select*from`news`where `id`='".$_GET['id']."'";
$se=mysql_query($sql);
$sw=mysql_fetch_array($se);
}
if(!empty($_POST['sub'])){
$a=$_POST['title'];
$b=$_POST['con'];
$hid=$_POST['hid'];
$up="update`news` set `title`='$a',`content`='$b' where id='$hid'";
mysql_query($up);
echo "<script>alert('更新成功 ');location.href='http://127.0.0.1/add/test.php?action=index'</script>";
}
?>
<form action="" method="post">
<input type="hidden" name="hid" value="<?php echo $sw['id']?>">
标题:<input type="text" name="title" value="<?php echo $sw['title']?>"><br>
内容:<textarea rows="5" cols="50" name="con"><?php echo $sw['content']?></textarea><br>
<input type="submit" name="sub" value="提交">
</form>
<?php
}
elseif($action=='del'){
if(empty($_SESSION['id'])||empty($_SESSION['shell'])){
echo "非法操作";
exit();
}else{
$sw=user_shell($_SESSION['id'],$_SESSION['shell']);
}
if(!empty($_GET['id'])){
$sql="delete from`news`where `id`='".$_GET['id']."'";
$sa=mysql_query($sql);
echo "<script>alert('删除成功 ');location.href='http://127.0.0.1/add/test.php?action=index'</script>";
}else{
echo "删除失败";
}
?>
<?php
}
elseif($action=='viwe'){
if(empty($_SESSION['id'])||empty($_SESSION['shell'])){
echo "非法操作";
exit();
}else{
$sw=user_shell($_SESSION['id'],$_SESSION['shell']);
}
if(!empty($_GET['id'])){
$sq="select*from `news` where `id`='".$_GET['id']."'";
$sw=mysql_query($sq);
$se=mysql_fetch_array($sw);
$up="update `news` set `hits`=hits+1 where `id`='".$_GET['id']."'";
mysql_query($up);
}
?>
<h1>标题:<?php echo $se['title']?></h1>
<li>时间:<?php echo $se['dates']?></li>
<h3>点击量:<?php echo $se['hits']?></h3>
<p>
内容:<?php echo $se['content']?>
</p>
<?php
}
?>
//链接数据库
session_start();
$sq= @mysql_connect("127.0.0.1","root","")or die("数据库还没有好");
$sa= @mysql_select_db("thinkphp",$sq);
mysql_query("set name'utf8'");
define("ALL", "SHA");
//判断权限方法
function user_shell($id,$shell){
if(empty($id)||empty($shell)){
echo "meiyouquanxim";
exit();
}else {
$sq="select*from `old` where `id`=$id";
$sa=mysql_query($sq);
$us=is_array($sc=mysql_fetch_array($sa));
$shell=$us ? $shell=md5($sc['username'].$sc['password'].ALL):false;
if($shell){
return $sc;
}else{
echo "没有权限";
exit();
}
}
}
?>
//需要数据库中建两张表old(字段id,username,passname,),news(id,title,dates,content,hit)
<?php
include 'conn.php';
$action= isset($_GET['action']) ? htmlspecialchars($_GET['action']) : '';
if($action=='register') {
if(!empty($_POST['sub'])){
if(empty($_POST['user'])&&empty($_POST['pass'])){//判断用户名或密码不能为空
echo "用户名或密码不能为空";
} else {
$user=$_POST['user'];
$pass=md5($_POST['pass'].ALL);//MD5增加密码安全
$sq= "insert into `old` (`id`,`username`,`
4000
password`) values( null,'$user','$pass' )";
$query=mysql_query($sq);
echo "<script>alert('注册成功 ');location.href='http://127.0.0.1/add/test.php?action=land'</script>";
}
}
?>
<form action="" method="post">
用户名:<input type="text" name=user><br>
密码:<input type="password" name="pass"><br>
<input type="submit" name="sub" value="提交注册">
</form>
<?php
}
elseif($action=='land') { //登陆页面
if(!empty($_POST['sub'])){
if(empty($_POST['user'])){
echo "用户名不能为空";//判断用户名是否为空;
}else{
$user=$_POST['user'];
$sa=str_replace(" ", "", $user);
$sq= "select*from`old`where `username`='$sa'";//判断用户名是否存在;
$query=mysql_query($sq);
$sr=mysql_fetch_array($query);
if(md5($_POST['pass'].ALL)== $sr['password']){
$_SESSION['id']=$sr['id'];
$_SESSION['shell']=md5($sr['password'].$sr['username'].ALL);
echo "<script>alert('登陆成功 ');location.href='http://127.0.0.1/add/test.php?action=add'</script>";
}else {
echo "用户名或密码错误";
session_destroy();
}
}
}
?>
<form action="" method="post">
用户名:<input type="text" name=user><br>
密码:<input type="password" name="pass"><br>
<input type="submit" name="sub" value="登陆">
</form>
<?php
}
elseif($action=='add'){//添加页面
if(empty($_SESSION['id'])||empty($_SESSION['shell'])){
echo "非法操作";
exit();
}else{
$sw=user_shell($_SESSION['id'],$_SESSION['shell']);
}//判断用户是否为登陆状态
//echo $_SESSION['id'];echo"<br>";
//echo $_SESSION['shell'];
if(!empty($_POST['sub'])){
if(!empty($_POST['title'])&&!empty($_POST['con'])){
$sq=$_POST['title'];
$sa=$_POST['con'];
$sr="insert into`news`(`id`,`title`,`dates`,`content`)values(null,'$sq',now(),'$sa')";
mysql_query($sr);
echo "<script>alert('发表成功 ');location.href='http://127.0.0.1/add/test.php?action=index'</script>";
}else {
echo "标题或内容不能为空";
}
}
?>
<form action="" method="post">
标题:<input type="text" name="title"><br>
内容:<textarea rows="5" cols="50" name="con"></textarea>
<input type="submit" name="sub" value="提交">
</form>
<?php
}
elseif ($action=='index'){//主页
if(empty($_SESSION['id'])||empty($_SESSION['shell'])){
echo "非法操作";
exit();
}else{
$sw=user_shell($_SESSION['id'],$_SESSION['shell']);
}
echo "<a href=\"http://127.0.0.1/add/test.php?action=add\">添加内容</a><br>
<form action=\"\" method=\"get\">
<input type=\"text\" name=\"keys\">
<input type=\"submit\" name=\"sub\" value=\"搜索\">
</form>";
$sql="select*from`news`";
$sa=mysql_query($sql);
while($sr=mysql_fetch_array($sa)){
?>
<h2>标题:<a href='http://127.0.0.1/add/test.php?action=viwe&id=<?php echo $sr['id']?>'><?php echo iconv_substr($sr['title'],0,2,"utf-8")?>.....</a>|<a href='http://127.0.0.1/add/test.php?action=edit&id=<?php echo $sr['id']?>'>编辑</a>|<a href='http://127.0.0.1/add/test.php?action=del&id=<?php
echo $sr['id']?>'>删除</a>|</h2>
<li>时间:<?php echo $sr['dates']?></li>
<p>内容:<?php echo $sr['content']?></p>
<?php
}}
elseif($action=='edit'){//编辑页面
if(empty($_SESSION['id'])||empty($_SESSION['shell'])){
echo "非法操作";
exit();
}else{
$sw=user_shell($_SESSION['id'],$_SESSION['shell']);
}
if(!empty($_GET['id'])){
$sql="select*from`news`where `id`='".$_GET['id']."'";
$se=mysql_query($sql);
$sw=mysql_fetch_array($se);
}
if(!empty($_POST['sub'])){
$a=$_POST['title'];
$b=$_POST['con'];
$hid=$_POST['hid'];
$up="update`news` set `title`='$a',`content`='$b' where id='$hid'";
mysql_query($up);
echo "<script>alert('更新成功 ');location.href='http://127.0.0.1/add/test.php?action=index'</script>";
}
?>
<form action="" method="post">
<input type="hidden" name="hid" value="<?php echo $sw['id']?>">
标题:<input type="text" name="title" value="<?php echo $sw['title']?>"><br>
内容:<textarea rows="5" cols="50" name="con"><?php echo $sw['content']?></textarea><br>
<input type="submit" name="sub" value="提交">
</form>
<?php
}
elseif($action=='del'){
if(empty($_SESSION['id'])||empty($_SESSION['shell'])){
echo "非法操作";
exit();
}else{
$sw=user_shell($_SESSION['id'],$_SESSION['shell']);
}
if(!empty($_GET['id'])){
$sql="delete from`news`where `id`='".$_GET['id']."'";
$sa=mysql_query($sql);
echo "<script>alert('删除成功 ');location.href='http://127.0.0.1/add/test.php?action=index'</script>";
}else{
echo "删除失败";
}
?>
<?php
}
elseif($action=='viwe'){
if(empty($_SESSION['id'])||empty($_SESSION['shell'])){
echo "非法操作";
exit();
}else{
$sw=user_shell($_SESSION['id'],$_SESSION['shell']);
}
if(!empty($_GET['id'])){
$sq="select*from `news` where `id`='".$_GET['id']."'";
$sw=mysql_query($sq);
$se=mysql_fetch_array($sw);
$up="update `news` set `hits`=hits+1 where `id`='".$_GET['id']."'";
mysql_query($up);
}
?>
<h1>标题:<?php echo $se['title']?></h1>
<li>时间:<?php echo $se['dates']?></li>
<h3>点击量:<?php echo $se['hits']?></h3>
<p>
内容:<?php echo $se['content']?>
</p>
<?php
}
?>
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- 注册表编辑器的注册表修改
- IE:添加编辑器
- “百度与站长”更新:关于网站收录,删除,seo等
- 文件的读出 编辑 管理
- 用vbs删除某些类型文件和磁盘空间报告的脚本
- QQ聊天记录删除了怎么恢复简单方法
- vbs删除注册表项的代码
- 迅速删除非法文件名的批处理代码
- 通过批处理实现删除运行、查找等处的历史记录的代码
- Shell中删除某些文件外所有文件的3个方法
- 删除文件提示文件正在被另一个人或程序使用的解决方法
- 关于.LDB文件 .ldb文件的产生 .ldb文件的删除方法
- asp 合并记录集并删除的sql语句
- SQLserver 数据库危险存储过程删除与恢复方法
- sql自增长设置与删除的深入分析
- MySQL删除数据库的两种方法
- 使用 Iisext.vbs 删除 Web 服务扩展文件的方法
- linux oracle数据库删除操作指南
- jQuery删除一个元素后淡出效果展示删除过程的方法