基于mysql的论坛（3）

#####################
# func.php #########
####################
<?php
require("config.inc.php");
##### 检查用户是否存在 #####
function is_user_exits($name) {
         $name=trim($name);
         $name=ereg_replace("'","‘",$name);
         $name=htmlspecialchars($name);
         $SQL="SELECT name FROM user WHERE name='$name'";
         $result=mysql_query($SQL) or die(mysql_error());
         $row=mysql_fetch_Array($result);
         $name=$row[name];
         return $name;
}
##### 检查版面是否存在 #####
function is_board_exits($baord){
         $sql="select name from boardinfo where name='$baord'";
         $result=mysql_query($sql) or die("出现错误");
         $row=mysql_fetch_array($result);
         $name=$row[name];
         return $name;
}
##### 添加新用户 Function #####
function adduser(){
         global $name,$sex,$realname,$password,$address,$oicq,$homepage,$phone,$email,$qm,$regtime;
         $name=trim($name);
         $name=ereg_replace("'","‘",$name);
         $password=trim($password);
         $name=htmlspecialchars($name);
         $realname=htmlspecialchars($realname);
         $address=htmlspecialchars($address);
         $oicq=htmlspecialchars($oicq);
         $homepage=htmlspecialchars($homepage);
         $phone=htmlspecialchars($phone);
         $email=htmlspecialchars($email);
         $qm=htmlencode2($qm);
         $regtime=date("Y-m-d H:i:s");
         $sql="insert into user (name,sex,realname,password,address,oicq,homepage,score,phone,email,qm,regtime,slaveboard) values('$name','$sex','$realname','$password','$address','$oicq','$homepage','0','$phone','$email','$qm','$regtime','')";
         mysql_query($sql) or die(mysql_error());
}
##### URL 重定向 ######
function redirect2($url){
         header("Location:$url");
}
##### 创建版面 ######
function create_board_table($name,$chinesename){
         $name=trim("$name");
         $sql="CREATE TABLE $name(id int(11) NOT NULL AUTO_INCREMENT,title varchar(50) NOT NULL,writer varchar(50) NOT NULL,cont longtext, size int,writetime varchar(20) NOT NULL,hits int(4) DEFAULT '0',good varchar(1),renum int(4) DEFAULT '0',slaveid int(11) DEFAULT '0',fromip varchar(15),PRIMARY KEY (id))";
         mysql_query($sql);
         $sql="insert into boardinfo (name,chinesename) values('$name','$chinesename')";
         mysql_query($sql);
}
###### 删除版面 ######
function drop_board_table($name){
         $sql="drop table $name";
         mysql_query($sql);
         $sql="delete from boardinfo where name='$name'";
         mysql_query($sql);
}
######## 修改版面 ###
function update_board($name,$chinesename) {
    $sql="update boardinfo set name='$name',chinesename='$chinesename' where name='$name'";
    mysql_query($sql);
}
##### 添加文章 ######
function add_doc($board){
         global $title,$name,$cont,$writer,$fromip,$writetime,$qm,$new_topic_score;
         $title=trim($title);
         $title=substr($title,0,49);
         $size=strlen($cont);
         $cont=htmlencode2($cont);
         $cont=$cont."<br>"."-------<br>".$qm;
         $writetime=date("Y-m-d H:i:s");
         $fromip=getenv("remote_addr");
         $name=htmlspecialchars($name);
         $writer=$name;
         $sql="insert into $board (title,writer,cont,size,writetime,fromip) values('$title','$name','$cont','$size','$writetime','$fromip')";
         mysql_query($sql);
         add_score($writer,$new_topic_score);
}
##### 回复文章 #####
function re_doc($board,$slaveid){
         global $title,$name,$cont,$writer,$fromip,$writetime,$qm,$re_topic_score;
         $title=trim($title);
         $title=substr($title,0,49);
         $size=strlen($cont);
         $cont=htmlencode2($cont);
         $cont=$cont."<br>"."-------<br>".$qm;
         $writetime=date("Y-m-d H:i:s");
         $name=htmlspecialchars($name);
         $writer=$name;
         $fromip=getenv("remote_addr");
         $sql="insert into $board (title,writer,cont,size,writetime,slaveid,fromip) values('$title','$writer','$cont','$size','$writetime','$slaveid','$fromip')";
         mysql_query($sql);
         $sql="update $board set renum=renum 1 where id=$slaveid";
         mysql_query($sql);
         add_score($writer,$re_topic_score);
}
##### 删除文章 ####
function del_doc($board,$id){
         global $remove_score;
         $sql="select * from $board where id=$id";
         $sql_result=mysql_query($sql);
         $sql_row=mysql_fetch_array($sql_result);
         $writer=$sql_row[writer];
         remove_score($writer,$remove_score);
         $slaveid=$sql_row[slaveid];
         $sql="select * from $board where id=$slaveid";
         $sql_result=mysql_query($sql);
         $sql_row=mysql_fetch_array($sql_result);          
         if ($sql_row[renum]>0){
              $sql="update $board set renum=renum-1 where id=$slaveid";
              mysql_query($sql);
         }
         $sql="delete from $board where id=$id";
         mysql_query($sql);
         $sql="delete from $board where slaveid=$id";
         mysql_query($sql);
}
#### 转换 html 特殊字符和 <br> #####
function htmlencode2($str){
         $str=htmlspecialchars($str);
         $str=nl2br($str);
         return $str;
}
##### 增加一个 hit ####
function add_one_hit($board,$id){
         $sql="update $board set hits=hits 1 where id=$id";
         mysql_query($sql);
}
##### 检查用户密码 ####
function check_user_password($name,$password){
         $name=trim($name);
         $name=ereg_replace("'","‘",$name);
         $name=htmlspecialchars($name);
         $password=trim($password);
         $sql="select password from user where name='$name'";
         $sql_result=mysql_query($sql);
         $sql_row=mysql_fetch_array($sql_result);
         if($password<>$sql_row[password]){
              $result=0;
         }
         else{
              $result=1;
              setcookie ("jl_forum[name]",$name);
              setcookie ("jl_forum[password]",$password);
         }
         return $result;
}
##### 检查管理员密码 ####
function check_admin_password(){
         $sql="select * from user where name='$jl_forum[name]'";
         $sql_result=mysql_query($sql);
         $sql_row=mysql_fetch_array($sql_result);
        if ($jl_forum[password]==$sql_row[password]){
            $result=1;
        }
        else {
            $result=0;
        }
        if ($sql_row[slaveboard]==$jl_forum[board]){
            $result=1;
        }
        else {
            $result=0;
        }  
         return $result;
}

##### 修改个人资料 ####
function change_profile($name){
         global $sex,$realname,$password,$address,$oicq,$homepage,$phone,$email,$qm;
         $name=trim($name);
         $name=htmlspecialchars($name);
         $realname=htmlspecialchars($realname);
         $address=htmlspecialchars($address);
         $oicq=htmlspecialchars($oicq);
         $homepage=htmlspecialchars($homepage);
         $phone=htmlspecialchars($phone);
         $email=htmlspecialchars($email);
         $qm=htmlencode2($qm);
         $sql="update user set sex='$sex',realname='$realname',password='$password',address='$address',oicq='$oicq',homepage='$homepage',phone='$phone',email='$email',qm='$qm' where name='$name'";
         mysql_query($sql);
}
##### 显示错误 ####
function show_error($id){
         redirect2("wrong.php?id=$id");
}
##### 增加版主 ####
function add_admin($board,$name){
         $name=trim($name);
         $sql="update user set slaveboard='$board' where name='$name'";
         mysql_query($sql);
}
##### 删除版主 #####
function del_admin($name){
         $name=trim($name);
         $name=htmlspecialchars($name);
         $sql="update user set slaveboard='' where name='$name'";
         mysql_query($sql);
}
##### 贴子转精华 ####
function set_good($board,$id){
         $sql="update $board set good='y' where id=$id";
         mysql_query($sql);
}
##### 转出精华 ###
function set_no_good($board,$id){
         $sql="update $board set good='' where id=$id";
         mysql_query($sql);
}
##### 导出签名 #####
function expl_qm($name){
        $name=htmlspecialchars($name);
         $sql="select qm from user where name='$name'";
         $sql_result=mysql_query($sql);
         $sql_row=mysql_fetch_array($sql_result);
         $qm=$sql_row[qm];
         return $qm;
}
##### 管理员 #####
function adminok() {
    if ($jl_admin[name]==$admin_name and $jl_admin[password]==$admin_password) {
        return 1;
    }
    else {
        return 0;
    }
}
##### 增加积分 #####
function add_score($name,$num) {
    $name=htmlspecialchars($name);
    $sql="update user set score=score $num where name='$name'";
    mysql_query($sql);
}
##### 减少积分 ####
function remove_score($name,$num) {
    $name=htmlspecialchars($name);
    $sql="update user set score=score-$num where name='$name'";
    mysql_query($sql);
}
#### 发送留言 ####
function sendmsg() {
    global $fromname,$name,$cont;
    $name=htmlspecialchars($name);
    $fromname=htmlspecialchars($fromname);
    $cont=htmlencode2($cont);
    $wt=date("Y-m-d H:i:s");
    $sql="insert into message (name,fromname,cont,writetime) values ('$name','$fromname','$cont','$wt')";
    mysql_query($sql);
}
#### 删除留言 ####
function delmsg($id) {
    $sql="delete from message where id=$id";
    mysql_query($sql);
}
### 留言是否属于这个人 #####
function is_this_user($id) {
    $sql="select name from message where id=$id";
    $sql_result=mysql_query($sql);
    $sql_row=mysql_fetch_row($sql_result);
    if ($sql_row[name]==$jl_forum[name]) {
        return 1;
    }
    else {
        return 0;
    }
}
?>
##########################
# good.php ##########
########################
<?php
    require("func.php");
    $sql="select * from boardinfo";
    $sql_result=mysql_query($sql);
?>
<html>
<head>
<title>main</title>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<link rel="stylesheet" type="text/css" href="css/page.css">
</head>

<body bgcolor="#FFFFFF" background="image/bg.gif">
<table width="90%" border="1" cellspacing="0" cellpadding="0" align="center" bordercolorlight="#FFCC99" bordercolordark="#FFCC99">
  <tr bgcolor="#CCFF99">  
    <td>
      <div align="center"><b>论坛精华区</b></div>
    </td>
  </tr>
  <tr align="center">  
    <td>
      <form method="post" action="good_list.php">
        <select name="board">
            <option selected>请选择版面</option>
<?php
while($sql_row=mysql_fetch_array($sql_result)){
?>  
          <option value="<?php echo $sql_row[name];?>"><?php echo $sql_row[chinesename];?></option>
<?php
}
?>
        </select>
        <br>
        <input type="submit" name="Submit" value="进入">
      </form>
    </td>
  </tr>
  <tr bgcolor="#CCFF99">  
    <td>
      <div align="center"><b>论坛信息</b></div>
    </td>
  </tr>
  <tr>
    <td>
<?php include "info.php";?>
    </td>
  </tr>
</table>
</body>
</html>
###########################
# good_list.php ###########
###########################
<?php
require("func.php");
if(!is_board_exits($board)){
    $board="computer";
}
$sql="select * from boardinfo where name='$board'";
$sql_result=mysql_query($sql);
$sql_row=mysql_fetch_array($sql_result);
$chinesename=$sql_row[chinesename];
setcookie ("jl_forum[chinesename]",$chinesename);
$sql="select name from user where slaveboard='$board'";
$sql_result=mysql_query($sql);
?>
<html>
<head>
<title>List</title>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<link rel="stylesheet" type="text/css" href="css/index.css">
<script language="javascript">
function openwin(board,id){                window.open("good_read.php?board=" board "&id=" id,"","height=460,width=600,resizable=yes,scrollbars=yes,status=no,toolbar=no,menubar=no,location=no");
}
function post(board){                window.open("post.php?board=" board,"","height=500,width=600,resizable=yes,scrollbars=yes,status=no,toolbar=no,menubar=no,location=no");
}
</script>
</head>

<body bgcolor="#FFFFFF" background="image/bg.gif">
<?php include "header.php";?> <br>
<table width="100%" border="1" cellspacing="0" cellpadding="0" bordercolorlight="#000000" bordercolordark="#FFFFFF">
  <tr>  
    <td height="20" width="22%" bgcolor="#eeeeee">版面：<?php
echo $chinesename;
?>精华区</td>
    <td height="20" width="34%" bgcolor="#eeeeee">版主：<?php
while ($sql_row=mysql_fetch_array($sql_result))
{
echo "$sql_row[name]"."&nbsp;";
}
# 选择出留言纪录;
$sql="select * from $board where good='y'";
$temp=mysql_query($sql);
$sum=mysql_num_rows($temp);
$totalpage=ceil($sum/$pagesize);
if ($sum==0) {
    $totalpage=1;
}
# 分页
if($page<1 or empty($page)){
    $page=1;
}
elseif ($page>$totalpage){
         $page=$totalpage;
}
$offset=($page-1)*$pagesize;
$sql="select * from $board where good='y' order by id desc limit $offset,$pagesize";
$sql_result=mysql_query($sql);
?> </td>
    <td height="20" width="15%" bgcolor="#eeeeee">共有<?php echo $sum; ?>篇</td>
    <td height="20" width="12%"><a href='javascript:post("<?php echo $board;?>")'><img src="image/newtopic.jpg" width="92" height="21" border="0" alt="发新贴子"></a></td>
    <td height="20" align="center" width="17%"><a href="<?php echo "$php_self?board=$board&page=$page";?>">刷新浏览</a></td>
  </tr>
</table>
<br>
<table width="100%" border="1" cellspacing="0" cellpadding="1" bordercolorlight="#CCCCCC" bordercolordark="#FFFFFF">
  <tr bgcolor="#995100" align="center">
    <td width="6%"><font color="#FFFFFF">回应</font></td>
    <td width="67%" bgcolor="#995100"><font color="#FFFFFF">主 题</font></td>
    <td width="20%"><font color="#FFFFFF">时 间</font></td>
    <td width="7%"><font color="#FFFFFF">人气</font></td>
  </tr>
  <tr bgcolor="#FFCC99">
    <td colspan="5" height="2">&nbsp;</td>
  </tr>
  <?php
while ($sql_row=mysql_fetch_array($sql_result))
{
echo"<tr>";
echo"<td width="6%" bgcolor="#FFF5DD" align="center">";
echo "[*]";
echo"</td>";
  echo"<td bgcolor="#E8FDEE" width="56%"><font face="宋体"><a href='javascript:openwin("$board",$sql_row[id])' title="作者:$sql_row[writer]　大小:$sql_row[size]字节">$sql_row[title]</a></font></td>";
  echo"<td width="18%" bgcolor="#FFF5DD" align="center">$sql_row[writetime]</td>";
  echo"<td width="6%" bgcolor="#E8FDEE" align="center">$sql_row[hits]</td>";
  echo"</tr>";
}
?>
  <tr bgcolor="#FFCC99">
    <td colspan="5" align="center" height="2">&nbsp;</td>
  </tr>
</table>
<div align="right">
<form method="post" action="<?php echo $php_self;?>">
    共<b><?php echo $totalpage;?></b>页 第<b><?php echo $page;?></b>页·<?php
if ($page!=1){
     $back=$page-1;
        echo"<a href="$php_self?board=$board&page=1">首页</a>　<a href="$php_self?board=$board&page=$back">上一页</a>";
}
if ($page==1){
       echo"首页　上一页";
}
if($page!=$totalpage){
    $next=$page 1;
        echo"　<a href="$php_self?board=$board&page=$next">下一页</a>　<a href="$php_self?board=$board&page=$totalpage">尾页</a>";
}
if($page==$totalpage){
        echo"　下一页　尾页";
}
?>·  
    <input type="submit" name="goto" value="转到">
    <input type="text" name="page" size="2">
    页  
  </form>
</div>
<?php include "footer.php";?>
</body>
</html>
############################
###  good_read.php ######
######################3
<?php
require ("func.php");
if ($re){
     if (!is_board_exits($board)){
          show_error(7);
          $founderr=1;
     }
     $sql="select slaveid from $board where id=$id";
     $sql_result=mysql_query($sql);
     $sql_row=mysql_fetch_array($sql_result);
     if($sql_row[slaveid]!=0){
         show_error(1);
         $founderr=1;
     }
     if (!check_user_password($name,$password)){
          show_error(4);
          $founderr=1;
     }
     if (strlen($title)>50){
         show_error(6);
         $founderr=1;
     }
     if (empty($title)){
         show_error(2);
         $founderr=1;
     }
     if ($qm){
          $qm=expl_qm($name);
     }
     if(!$founderr){
         re_doc($board,$id);
         $sql="select * from $board where id=$id";
         $sql_result=mysql_query($sql);
         $sql_row=mysql_fetch_array($sql_result);
         $title=$sql_row[title];
         $writer=$sql_row[writer];
         $cont=$sql_row[cont];
         $writetime=$sql_row[writetime];
         $hits=$sql_row[$hits];
         $fromip=$sql_row[fromip];
         $sql="select * from $board where slaveid=$id";
         $sql_result=mysql_query($sql);
        # $sql_row=mysql_fetch_array($sql_result);
     }

}
elseif ($add){
     if (!is_board_exits($board)){
          show_error(7);
          $founderr=1;
     }
     if (empty($title)){
         show_error(2);
         $founderr=1;
     }
     if (!check_user_password($name,$password)){
          show_error(4);
          $founderr=1;
     }
     if (strlen($title)>50){
         show_error(6);
         $founderr=1;
     }
     if ($qm){
          $qm=expl_qm($name);
          $founderr=1;
     }
     if (!$founderr){
           add_doc($board);
     }
}
else {
     if (!is_board_exits){
          show_error(7);
     }
     add_one_hit($board,$id);
     $sql="select * from $board where id=$id";
     $sql_result=mysql_query($sql);
     $sql_row=mysql_fetch_array($sql_result);
     $title=$sql_row[title];
     $writer=$sql_row[writer];
     $cont=$sql_row[cont];
     $writetime=$sql_row[writetime];
     $hits=$sql_row[$hits];
     $fromip=$sql_row[fromip];
     $sql="select * from $board where slaveid=$id order by id desc";
     $sql_result=mysql_query($sql);
  #   $sql_row=mysql_fetch_array($sql_result);
}
?>
<html>
<head>
<title><?php echo $title;?></title>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<link rel="stylesheet" type="text/css" href="css/index.css">
<script language="javascript">
function sendmsg(name){                window.open("sendmsg.php?name=" name,"","height=200,width=500,resizable=yes,scrollbars=yes,status=no,toolbar=no,menubar=no,location=no");
}
</script>

</head>

<body bgcolor="#666699">
<?php include "ad.php";?><br>
<hr noshade width="98%" size="1">
<table width="98%" border="1" cellspacing="0" cellpadding="2" align="center" bordercolorlight="#CCCCCC" bordercolordark="#FFFFFF">
  <tr bgcolor="#666666">
    <td><font color="#FFcc00"><b>标题：<?php echo $title;?></b></font></td>
  </tr>
  <tr>
    <td bgcolor="#eeeeee">作者：<?php echo "$writer";?>(<?php echo $writetime;?>)　<a href="javascript:sendmsg('<?php echo "$writer";?>')"><img src="image/icon1.gif" width="18" height="17" alt="给作者留言" border="0"></a>　<a href="userinfo.php?name=<?php echo $writer;?>"><img src="image/profile.gif" width="16" height="16" alt="察看用户资料" border="0"></a></td>
  </tr>
  <tr>
    <td bgcolor="#ffffef"><?php echo $cont;?></td>
  </tr>
  <tr bgcolor="#e8eee0">
    <td>※ 来源：<?php echo $jl_forum[chinesename];?> [◆FROM：<?php echo $fromip;?>]</td>
  </tr>
</table>
<br>
<?php include"footer.php";?><br>
</body>
</html>