用pdo实现的织梦后台留言板

<?php
//ini_set("display_errors", "On");

include("data/common.inc.php");
if($action=='save')
{
    $title = '无标题';
    $tid = 0;
    $mid = 1;
    $uname = "guest";
    $email = "";
    $homepage = "";
    $qq = "";
    $face = array_rand(array('01','02','03','04','05','06','07','08','13','14','15','16','17','18'), 1);
    $msg = trim($_POST['msg']);
    $ip = $_SERVER['REMOTE_ADDR'];
    $dtime = time();
    $ischeck = 0;    
    if($msg=='') {
        return rtn(0, '对不起,您的留言内容不能为空!');
    }
    
    pdo_conn();
    $sql = "INSERT INTO `{$cfg_dbprefix}guestbook`(title,tid,mid,uname,email,homepage,qq,face,msg,ip,dtime,ischeck) VALUES (:title,:tid,:mid,:uname,:email,:homepage,:qq,:face,:msg,:ip,:dtime,:ischeck)";
    //echo $sql;
    $st = $pdo->prepare($sql);
    $st->bindParam(':title', $title);
    $st->bindParam(':tid', $tid);
    $st->bindParam(':mid', $mid);
    $st->bindParam(':uname', $uname);
    $st->bindParam(':email', $email);
    $st->bindParam(':homepage', $homepage);
    $st->bindParam(':qq', $qq);
    $st->bindParam(':face', $face, PDO::PARAM_STR);
    $st->bindParam(':msg', $msg, PDO::PARAM_STR, 1000);
    $st->bindParam(':ip', $ip);
    $st->bindParam(':dtime', $dtime);
    $st->bindParam(':ischeck', $ischeck);    
    $exec_result = $st->execute();
    
    if($exec_result){
        return rtn(1, '您已成功发表留言,但需审核后才能显示!');
    }else{
        return rtn(0, '对不起,发表留言失败,请稍候再试!');
    }
}

$page = $_GET['p'];
$page = isset($page) ? $page:1;
$page = (int)$page;
$page_size = 10;

pdo_conn();

//页数和记录数
$tsql = "select count(1) as c from `{$cfg_dbprefix}guestbook` where ischeck=1";
$result = $pdo->query($tsql);
$tlist = $result->fetchAll();
$total = $tlist[0]['c'];
if(0==$total%$page_size){
    $page_number = (int)($total/$page_size);
}else{
    $page_number = (int)($total/$page_size + 1);
}

if($page>$page_number){
    $page = $page_number;
}

if($page<1){
    $page = 1;
}

$start = ($page-1)*$page_size;
$sql = "select * from `{$cfg_dbprefix}guestbook` where ischeck=1 order by id desc limit {$start},{$page_size}";
$result = $pdo->query($sql);
$list = $result->fetchAll();

if($page>1){
    $up = $page - 1;
}else{
    $up = 1;
}
if($page<$page_number){
    $down = $page + 1;
}else{
    $down = $page_number;
}
$last = $page_number;

function pdo_conn(){
    global $pdo, $cfg_dbhost, $cfg_dbname, $cfg_dbuser, $cfg_dbpwd;
    if(empty($pdo)){
        $pdo = new PDO("mysql:host={$cfg_dbhost};dbname={$cfg_dbname};", $cfg_dbuser, $cfg_dbpwd, array(PDO::MYSQL_ATTR_INIT_COMMAND => "SET NAMES'utf8';"));
        $pdo->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);
        $pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
    }
    return $pdo;
}

function rtn($status, $msg, $data=''){
    $result = array('status'=>$status, 'msg'=>$msg, 'data'=>$data);
    echo json_encode($result);
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>留言板</title>
<meta name="keywords" content="">
<meta name="description" content="">
<link href="public/style_art.css" rel="stylesheet" type="text/css">
<link href="public/common.css" rel="stylesheet" type="text/css">
</head>
<body>
<div class="header_warp">
    <div class="layout solid header">
        <span class="white"></span>
    </div>
</div>

<div class="layout solid marb10">

  <div class="con_box">
  
    <div class="con_l">
      <div class="con_ltit">留言板</div>
      <div class="con_ltxt">        
     
        <div class="con_lsub"><a href="#write">我要留言</a></div>
    
      </div>
    </div>
    
    <div class="con_r">
      <div class="con_rpos">当前位置:<a href="http://sgsj.maoming.gov.cn/">主页</a> &gt; <a href="/guestbook.html">留言板</a> &gt; </div>
    <div class="con_rtxt">
      <table class="ltable" width="100%" cellspacing="0" cellpadding="0" border="0" align="center">
        <?php
        foreach($list as $k=>$item){
            $uname = "guest_".$item['id'];
            $ip = $item['ip'];
            $ip_arr = explode(".", $ip);
            $ip = $ip_arr[0].".".$ip_arr[1].".*.*";
            $dtime = $item['dtime'];
            $dtime = date('Y-m-d H:i', $dtime);
            $msg = $item['msg'];
            $face = $item['face'];
            if(empty($face)) $face = "01";
        ?>
        <tbody>
            <tr class="ltr">
              <td width="160" align="center" class="ltd"><b><?php echo $uname; ?></b></td>
              <td height="26" class="timetd ltd"><img width="16" height="16" src="public/images/time.gif"> 时间: <?php echo $dtime; ?></td>
            </tr>
            <tr>
              <td width="160" align="center" class="lefttd" rowspan="2"><table width="160" cellspacing="2" cellpadding="1" border="0" align="center">
                  <tbody>
                    <tr>
                      <td height="80" align="center"><img border="0" src="public/images/<?php echo $face; ?>.gif"></td>
                    </tr>
                    <tr>
                      <td align="center" height="20">IP:<?php echo $ip; ?></td>
                    </tr>
                  </tbody>
                </table></td>
              <td class="msgtd"><?php echo $msg; ?></td>
            </tr>
        </tbody>
        <?php
        }
        ?>
      </table>
      <br />
      <table width="100%" cellspacing="0" cellpadding="0" border="0" align="center" class="pagetable">
        <tbody>
          <tr>
            <td height="28" align="center">
              <div class="pagelistbox">              
                <a href="guestbook.php">首页</a> <a href="guestbook.php?p=<?php echo $up; ?>">上一页</a> <a href="guestbook.php?p=<?php echo $down; ?>">下一页</a> <a href="guestbook.php?p=<?php echo $last; ?>">尾页</a> 共 <?php echo $page_number; ?> 页/<?php echo $total; ?> 条留言 转到:<input id="page" size="4" maxlength="10" value="<?php echo $page; ?>" type="text"><input value="Go" id="goto" type="button">  
              </div>
            </td>
          </tr>
        </tbody>
      </table>      
      <br />
      <form name="form1" action="guestbook.php" method="post">
      <a name="write" id="write"></a>
      <table width="100%" cellspacing="1" cellpadding="4" border="0" bgcolor="#dedede" align="center" class="writetable">
        <input type="hidden" value="save" name="action">
        <tbody>
          <tr>
            <td class="writetd" colspan="2"><b style="padding-left:5px;">发布留言:</b><a name="write"></a></td>
          </tr>
          <tr bgcolor="#ffffff">
            <td width="10%" nowrap="" align="center"><font color="#FF0000">*</font>留言内容:<br>
              (1000字内) </td>
            <td height="2" align="left"><textarea class="textarea ipt-txt" id="msg" rows="5" name="msg"></textarea></td>
          </tr>
          <tr bgcolor="#ffffff">
            <td nowrap="" align="center" colspan="2"><input type="button" class="btn-2" value="提 交" id="btnSubmit" maxlength="1000">
              &nbsp;&nbsp;
              <input type="reset" class="btn-2" value="取 消" name="Submit2"></td>
          </tr>
        </tbody>
      </table>
      </form>
      </div>
    </div>
    
  </div>

</div>

</body>
</html>
<script type="text/javascript" src="templets/default/js/jquery-1.6.4.min.js"></script>
<script type="text/javascript">
window.onload = function(){
    $("#msg").val("");
    
    $("#goto").click(function(){
        var page = $("#page").val();
        if(!/^(\d+?)$/.test(page)){
            $("#page").val("");
            return alert("请输入数字!");
        }
        window.location.href = "guestbook.php?p=" + page;
    });
    
    $("#btnSubmit").click(function(){
        var msg = $("#msg").val();
        $.ajax({
            type: "POST",
            dataType: "json",
            url: "guestbook.php?action=save",
            data: "msg=" + msg,
            success: function(json){
                if(1==json.status){
                    $("#msg").val("");
                    alert(json.msg);
                }else if(1==json.status){
                    alert(json.msg);
                }else{
                    alert('对不起,发表留言失败,请稍候再试!');
                }
            },
            error: function(data){
                var response = data.responseText;
                if(-1!=response.indexOf('zhuji.360.cn')){
                    return alert("您输入的留言内容含有危险字符,已被360拦截,请修改后重新输入!");
                }
                alert('对不起,发表留言失败,请稍候再试!');
            }
        });
    });
}
</script>



Pdo::$instance->beginTransaction(); //开启事务

Pdo::$instance->rollBack(); //回滚

Pdo::$instance->commit(); //提交事务

posted @ 2015-08-15 09:53  chy1000  阅读(336)  评论(0编辑  收藏  举报