用pdo实现的织梦后台留言板
<?php //ini_set("display_errors", "On"); include("data/common.inc.php"); if($action=='save') { $title = '无标题'; $tid = 0; $mid = 1; $uname = "guest"; $email = ""; $homepage = ""; $qq = ""; $face = array_rand(array('01','02','03','04','05','06','07','08','13','14','15','16','17','18'), 1); $msg = trim($_POST['msg']); $ip = $_SERVER['REMOTE_ADDR']; $dtime = time(); $ischeck = 0; if($msg=='') { return rtn(0, '对不起,您的留言内容不能为空!'); } pdo_conn(); $sql = "INSERT INTO `{$cfg_dbprefix}guestbook`(title,tid,mid,uname,email,homepage,qq,face,msg,ip,dtime,ischeck) VALUES (:title,:tid,:mid,:uname,:email,:homepage,:qq,:face,:msg,:ip,:dtime,:ischeck)"; //echo $sql; $st = $pdo->prepare($sql); $st->bindParam(':title', $title); $st->bindParam(':tid', $tid); $st->bindParam(':mid', $mid); $st->bindParam(':uname', $uname); $st->bindParam(':email', $email); $st->bindParam(':homepage', $homepage); $st->bindParam(':qq', $qq); $st->bindParam(':face', $face, PDO::PARAM_STR); $st->bindParam(':msg', $msg, PDO::PARAM_STR, 1000); $st->bindParam(':ip', $ip); $st->bindParam(':dtime', $dtime); $st->bindParam(':ischeck', $ischeck); $exec_result = $st->execute(); if($exec_result){ return rtn(1, '您已成功发表留言,但需审核后才能显示!'); }else{ return rtn(0, '对不起,发表留言失败,请稍候再试!'); } } $page = $_GET['p']; $page = isset($page) ? $page:1; $page = (int)$page; $page_size = 10; pdo_conn(); //页数和记录数 $tsql = "select count(1) as c from `{$cfg_dbprefix}guestbook` where ischeck=1"; $result = $pdo->query($tsql); $tlist = $result->fetchAll(); $total = $tlist[0]['c']; if(0==$total%$page_size){ $page_number = (int)($total/$page_size); }else{ $page_number = (int)($total/$page_size + 1); } if($page>$page_number){ $page = $page_number; } if($page<1){ $page = 1; } $start = ($page-1)*$page_size; $sql = "select * from `{$cfg_dbprefix}guestbook` where ischeck=1 order by id desc limit {$start},{$page_size}"; $result = $pdo->query($sql); $list = $result->fetchAll(); if($page>1){ $up = $page - 1; }else{ $up = 1; } if($page<$page_number){ $down = $page + 1; }else{ $down = $page_number; } $last = $page_number; function pdo_conn(){ global $pdo, $cfg_dbhost, $cfg_dbname, $cfg_dbuser, $cfg_dbpwd; if(empty($pdo)){ $pdo = new PDO("mysql:host={$cfg_dbhost};dbname={$cfg_dbname};", $cfg_dbuser, $cfg_dbpwd, array(PDO::MYSQL_ATTR_INIT_COMMAND => "SET NAMES'utf8';")); $pdo->setAttribute(PDO::ATTR_EMULATE_PREPARES, false); $pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); } return $pdo; } function rtn($status, $msg, $data=''){ $result = array('status'=>$status, 'msg'=>$msg, 'data'=>$data); echo json_encode($result); } ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"><head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <title>留言板</title> <meta name="keywords" content=""> <meta name="description" content=""> <link href="public/style_art.css" rel="stylesheet" type="text/css"> <link href="public/common.css" rel="stylesheet" type="text/css"> </head> <body> <div class="header_warp"> <div class="layout solid header"> <span class="white"></span> </div> </div> <div class="layout solid marb10"> <div class="con_box"> <div class="con_l"> <div class="con_ltit">留言板</div> <div class="con_ltxt"> <div class="con_lsub"><a href="#write">我要留言</a></div> </div> </div> <div class="con_r"> <div class="con_rpos">当前位置:<a href="http://sgsj.maoming.gov.cn/">主页</a> > <a href="/guestbook.html">留言板</a> > </div> <div class="con_rtxt"> <table class="ltable" width="100%" cellspacing="0" cellpadding="0" border="0" align="center"> <?php foreach($list as $k=>$item){ $uname = "guest_".$item['id']; $ip = $item['ip']; $ip_arr = explode(".", $ip); $ip = $ip_arr[0].".".$ip_arr[1].".*.*"; $dtime = $item['dtime']; $dtime = date('Y-m-d H:i', $dtime); $msg = $item['msg']; $face = $item['face']; if(empty($face)) $face = "01"; ?> <tbody> <tr class="ltr"> <td width="160" align="center" class="ltd"><b><?php echo $uname; ?></b></td> <td height="26" class="timetd ltd"><img width="16" height="16" src="public/images/time.gif"> 时间: <?php echo $dtime; ?></td> </tr> <tr> <td width="160" align="center" class="lefttd" rowspan="2"><table width="160" cellspacing="2" cellpadding="1" border="0" align="center"> <tbody> <tr> <td height="80" align="center"><img border="0" src="public/images/<?php echo $face; ?>.gif"></td> </tr> <tr> <td align="center" height="20">IP:<?php echo $ip; ?></td> </tr> </tbody> </table></td> <td class="msgtd"><?php echo $msg; ?></td> </tr> </tbody> <?php } ?> </table> <br /> <table width="100%" cellspacing="0" cellpadding="0" border="0" align="center" class="pagetable"> <tbody> <tr> <td height="28" align="center"> <div class="pagelistbox"> <a href="guestbook.php">首页</a> <a href="guestbook.php?p=<?php echo $up; ?>">上一页</a> <a href="guestbook.php?p=<?php echo $down; ?>">下一页</a> <a href="guestbook.php?p=<?php echo $last; ?>">尾页</a> 共 <?php echo $page_number; ?> 页/<?php echo $total; ?> 条留言 转到:<input id="page" size="4" maxlength="10" value="<?php echo $page; ?>" type="text"><input value="Go" id="goto" type="button"> </div> </td> </tr> </tbody> </table> <br /> <form name="form1" action="guestbook.php" method="post"> <a name="write" id="write"></a> <table width="100%" cellspacing="1" cellpadding="4" border="0" bgcolor="#dedede" align="center" class="writetable"> <input type="hidden" value="save" name="action"> <tbody> <tr> <td class="writetd" colspan="2"><b style="padding-left:5px;">发布留言:</b><a name="write"></a></td> </tr> <tr bgcolor="#ffffff"> <td width="10%" nowrap="" align="center"><font color="#FF0000">*</font>留言内容:<br> (1000字内) </td> <td height="2" align="left"><textarea class="textarea ipt-txt" id="msg" rows="5" name="msg"></textarea></td> </tr> <tr bgcolor="#ffffff"> <td nowrap="" align="center" colspan="2"><input type="button" class="btn-2" value="提 交" id="btnSubmit" maxlength="1000"> <input type="reset" class="btn-2" value="取 消" name="Submit2"></td> </tr> </tbody> </table> </form> </div> </div> </div> </div> </body> </html> <script type="text/javascript" src="templets/default/js/jquery-1.6.4.min.js"></script> <script type="text/javascript"> window.onload = function(){ $("#msg").val(""); $("#goto").click(function(){ var page = $("#page").val(); if(!/^(\d+?)$/.test(page)){ $("#page").val(""); return alert("请输入数字!"); } window.location.href = "guestbook.php?p=" + page; }); $("#btnSubmit").click(function(){ var msg = $("#msg").val(); $.ajax({ type: "POST", dataType: "json", url: "guestbook.php?action=save", data: "msg=" + msg, success: function(json){ if(1==json.status){ $("#msg").val(""); alert(json.msg); }else if(1==json.status){ alert(json.msg); }else{ alert('对不起,发表留言失败,请稍候再试!'); } }, error: function(data){ var response = data.responseText; if(-1!=response.indexOf('zhuji.360.cn')){ return alert("您输入的留言内容含有危险字符,已被360拦截,请修改后重新输入!"); } alert('对不起,发表留言失败,请稍候再试!'); } }); }); } </script>
Pdo::$instance->beginTransaction(); //开启事务
Pdo::$instance->rollBack(); //回滚
Pdo::$instance->commit(); //提交事务