Home >Backend Development >PHP Tutorial >php mysql 留言本应用实例
php mysql 留言本应用实例
- PHP中文网Original
- 2016-05-17 09:33:011074browse
实例说明制作一个php+mysql留言本
<?php $hostname_conn = "localhost"; $database_conn = "test"; $username_conn = "root"; $password_conn = "1981427"; $conn = mysql_connect($hostname_conn, $username_conn, $password_conn); ?>
<?php
//该函数用于将一般字符串转换成SQL语句所需要的格式
function GetSQLValueString($theValue, $theType)
{
$theValue = (!get_magic_quotes_gpc()) ? addslashes($theValue) : $theValue;
switch ($theType) {
case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "int":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
break;
}
return $theValue;
}
?><?php
session_start();
//如果Session不存在,则跳转到Admin.php
if (!(isset($_SESSION['MM_Username']))) {
header("Location: admin.php");
exit;
}
?><?php require_once('Connections/conn.php'); ?>
<?php
// *** Validate request to login to this site.
session_start();
$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($accesscheck)) {
$GLOBALS['PrevUrl'] = $accesscheck;
session_register('PrevUrl');
}
if (isset($_POST['username'])) {
$loginUsername=$_POST['username'];
$password=$_POST['password'];
$MM_fldUserAuthorization = "";
$MM_redirectLoginSuccess = "adminmain.php";
$MM_redirectLoginFailed = "admin.php";
$MM_redirecttoReferrer = false;
mysql_select_db($database_conn, $conn);
$LoginRS__query=sprintf("SELECT adminname, password FROM admin WHERE adminname='%s' AND password='%s'",
get_magic_quotes_gpc() ? $loginUsername : addslashes($loginUsername), get_magic_quotes_gpc() ? $password : addslashes($password));
$LoginRS = mysql_query($LoginRS__query, $conn) or die(mysql_error());
$loginFoundUser = mysql_num_rows($LoginRS);
if ($loginFoundUser) {
$loginStrGroup = "";
//declare two session variables and assign them
$GLOBALS['MM_Username'] = $loginUsername;
$GLOBALS['MM_UserGroup'] = $loginStrGroup;
//register the session variables
session_register("MM_Username");
session_register("MM_UserGroup");
if (isset($_SESSION['PrevUrl']) && false) {
$MM_redirectLoginSuccess = $_SESSION['PrevUrl'];
}
header("Location: " . $MM_redirectLoginSuccess );
}
else {
header("Location: ". $MM_redirectLoginFailed );
}
}
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>Untitled Document</title>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<style type="text/css"><!--
.style1 {font-size: 18px;
font-weight: bold;
}
.style2 {font-size: 14px}
--></style><style type="text/css" bogus="1">.style1 {font-size: 18px;
font-weight: bold;
}
.style2 {font-size: 14px}</style>
</head>
<body>
<p align="center"><span class="style1">留言板 - 管理登陆</span></p>
<p align="center"><span class="style2"><a href="viewposts.php" href="viewposts.php">浏览留言</a> | <a href="newpost.php" href="newpost.php">发表留言</a></span></p>
<form name="form1" method="POST" action="<?php echo $loginFormAction; ?>">
<table width="239" border="0" align="center">
<tr>
<td width="73">用户名:</td>
<td width="156"><input name="username" type="text" id="username"></td>
</tr>
<tr>
<td>密码:</td>
<td><input name="password" type="password" id="password"></td>
</tr>
<tr>
<td> </td>
<td><input type="submit" name="Submit" value="提交">
<input type="reset" name="Submit2" value="重设"></td>
</tr>
</table>
</form>
<p align="center"> </p>
</body>
</html><?php require_once('Connections/conn.php');
require_once('inc/accesscheck.php');
require_once('inc/GetSQLValueString.php');?>
<?php
if ((isset($_GET['postid'])) && ($_GET['postid'] != "")) {
$updateSQL = sprintf("UPDATE posts SET checked=1-checked WHERE postid=%s",
GetSQLValueString($_GET['postid'], "int"));
mysql_select_db($database_conn, $conn);
$Result1 = mysql_query($updateSQL, $conn) or die(mysql_error());
$deleteGoTo = "adminmain.php";
if (isset($_SERVER['QUERY_STRING'])) {
$deleteGoTo .= (strpos($deleteGoTo, '?')) ? "&" : "?";
$deleteGoTo .= $_SERVER['QUERY_STRING'];
}
header(sprintf("Location: %s", $deleteGoTo));
}
?><?php
require_once('Connections/conn.php');
require_once('inc/accesscheck.php');
require_once('inc/GetSQLValueString.php');
?>
<?php
if ((isset($_GET['postid'])) && ($_GET['postid'] != "")) {
$deleteSQL = sprintf("DELETE FROM posts WHERE postid=%s",
GetSQLValueString($_GET['postid'], "int"));
mysql_select_db($database_conn, $conn);
$Result1 = mysql_query($deleteSQL, $conn) or die(mysql_error());
$deleteGoTo = "adminmain.php";
if (isset($_SERVER['QUERY_STRING'])) {
$deleteGoTo .= (strpos($deleteGoTo, '?')) ? "&" : "?";
$deleteGoTo .= $_SERVER['QUERY_STRING'];
}
header(sprintf("Location: %s", $deleteGoTo));
}
?><?php require_once('Connections/conn.php');
require_once('inc/accesscheck.php');
require_once('inc/GetSQLValueString.php');?>
<?php
if ((isset($_GET['postid'])) && ($_GET['postid'] != "")) {
$deleteSQL = sprintf("UPDATE posts SET replied=0, adminname='', replycontent='' WHERE postid=%s",
GetSQLValueString($_GET['postid'], "int"));
mysql_select_db($database_conn, $conn);
$Result1 = mysql_query($deleteSQL, $conn) or die(mysql_error());
$deleteGoTo = "adminmain.php";
if (isset($_SERVER['QUERY_STRING'])) {
$deleteGoTo .= (strpos($deleteGoTo, '?')) ? "&" : "?";
$deleteGoTo .= $_SERVER['QUERY_STRING'];
}
header(sprintf("Location: %s", $deleteGoTo));
}
?><?php require_once('Connections/conn.php');
require_once('inc/accesscheck.php');
require_once('inc/GetSQLValueString.php');?>
<?php
mysql_select_db($database_conn, $conn);
$query_rs = "SELECT * FROM posts ORDER BY postid DESC";
$rs = mysql_query($query_rs, $conn) or die(mysql_error());
$row_rs = mysql_fetch_assoc($rs);
$totalRows_rs = mysql_num_rows($rs);
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>Untitled Document</title>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<style type="text/css"><!--
.style1 {font-size: 18px;
font-weight: bold;
}
.style2 {font-size: 14px}
.style4 {font-size: 12px}
.style6 {font-size: 12px; font-weight: bold; }
--></style><style type="text/css" bogus="1">.style1 {font-size: 18px;
font-weight: bold;
}
.style2 {font-size: 14px}
.style4 {font-size: 12px}
.style6 {font-size: 12px; font-weight: bold; }</style>
</head>
<body>
<p align="center"><span class="style1">留言板 - 管理页面</span></p>
<p align="center"><span class="style2"><a href="viewposts.php" href="viewposts.php">浏览留言</a> | <a href="newpost.php" href="newpost.php">发表留言</a> | <a href="logout.php" href="logout.php">退出登陆</a></span></p>
<p align="center"> </p>
<table width="623" border="1" align="center" cellpadding="0" cellspacing="0">
<tr>
<td width="91"><span class="style6">留言者用户名</span></td>
<td width="210"><span class="style6">留言标题</span></td>
<td width="61"> </td>
<td width="61"> </td>
<td width="61"> </td>
<td width="62"> </td>
</tr>
<?php do { ?>
<tr>
<td><span class="style4"><?php echo $row_rs['username']; ?></span></td>
<td><span class="style4"><?php
echo $row_rs['topic'];
if($row_rs['checked']==1)
echo "(已审批)";
if($row_rs['replied']==1)
echo "(已回复)";
?></span></td>
<td><p align="center"><span class="style4"><a href="adminreply.php?postid=<?php echo $row_rs['postid']; ?>">回复留言</a></span></p></td>
<td><p align="center"><span class="style4"><a href="admindelpost.php?postid=<?php echo $row_rs['postid']; ?>">删除留言</a></span></p></td>
<td><p align="center"><span class="style4"><a href="admindelreply.php?postid=<?php echo $row_rs['postid']; ?>">删除回复</a></span></p></td>
<td><p align="center"><span class="style4"><a href="admincheckpost.php?postid=<?php echo $row_rs['postid']; ?>">审批留言</a></span></p></td>
</tr>
<?php } while ($row_rs = mysql_fetch_assoc($rs)); ?>
</table>
<p align="center"> </p>
</body>
</html>
<?php
mysql_free_result($rs);
?><?php require_once('Connections/conn.php');
require_once('inc/accesscheck.php');
require_once('inc/GetSQLValueString.php');?>
<?php
$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
$editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}
if ((isset($_POST["MM_update"])) && ($_POST["MM_update"] == "form1")) {
$updateSQL = sprintf("UPDATE posts SET replycontent=%s, replied=1, checked=1, adminname=%s WHERE postid=%s",
GetSQLValueString($_POST['replycontent'], "text"),
GetSQLValueString($_SESSION['MM_Username'], "text"),
GetSQLValueString($_POST['postid'], "int"));
mysql_select_db($database_conn, $conn);
$Result1 = mysql_query($updateSQL, $conn) or die(mysql_error());
echo "<script type="text/javascript"><!--
alert('回复发表成功');
// --></script>";
}
$colname_rs = "1";
if (isset($_GET['postid'])) {
$colname_rs = (get_magic_quotes_gpc()) ? $_GET['postid'] : addslashes($_GET['postid']);
}
mysql_select_db($database_conn, $conn);
$query_rs = sprintf("SELECT * FROM posts WHERE postid = %s", $colname_rs);
$rs = mysql_query($query_rs, $conn) or die(mysql_error());
$row_rs = mysql_fetch_assoc($rs);
$totalRows_rs = mysql_num_rows($rs);
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>Untitled Document</title>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<style type="text/css"><!--
.style1 {font-size: 18px;
font-weight: bold;
}
.style2 {font-size: 14px}
--></style><style type="text/css" bogus="1">.style1 {font-size: 18px;
font-weight: bold;
}
.style2 {font-size: 14px}</style>
</head>
<body>
<p align="center"><span class="style1">留言板 - 管理页面 - 回复留言</span></p>
<p align="center"><span class="style2"><a href="adminmain.php" href="adminmain.php">管理页面</a><a href="newpost.php" href="newpost.php"></a> | <a href="logout.php" href="logout.php">退出登陆</a></span></p>
<form method="post" name="form1" action="<?php echo $editFormAction; ?>">
<table align="center">
<tr valign="baseline">
<td nowrap align="right" valign="top">留言标题:</td>
<td><?php echo $row_rs['topic']; ?></td>
</tr>
<tr valign="baseline">
<td nowrap align="right" valign="top">留言内容:</td>
<td><?php echo $row_rs['content']; ?></td>
</tr>
<tr valign="baseline">
<td nowrap align="right" valign="top">回复内容:</td>
<td>
<textarea name="replycontent" cols="50" rows="5"><?php echo $row_rs['replycontent']; ?><?php
$logoutGoTo = "admin.php";
session_start();
unset($_SESSION['MM_Username']);
unset($_SESSION['MM_UserGroup']);
if ($logoutGoTo != "") {header("Location: $logoutGoTo");
session_unregister('MM_Username');
session_unregister('MM_UserGroup');
exit;
}
?>
<?php
$logoutGoTo = "admin.php";
session_start();
unset($_SESSION['MM_Username']);
unset($_SESSION['MM_UserGroup']);
if ($logoutGoTo != "") {header("Location: $logoutGoTo");
session_unregister('MM_Username');
session_unregister('MM_UserGroup');
exit;
}
?><?php require_once('Connections/conn.php');
require_once('inc/GetSQLValueString.php');?>
<?php
$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
$editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}
if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "form1")) {
$insertSQL = sprintf("INSERT INTO posts (username, topic, content) VALUES (%s, %s, %s)",
GetSQLValueString($_POST['username'], "text"),
GetSQLValueString($_POST['topic'], "text"),
GetSQLValueString($_POST['content'], "text"));
mysql_select_db($database_conn, $conn);
$Result1 = mysql_query($insertSQL, $conn) or die(mysql_error());
echo "<script type="text/javascript"><!--
alert('留言发表成功');
// --></script>";
}
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>Untitled Document</title>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<style type="text/css"><!--
.style1 { font-size: 18px;
font-weight: bold;
}
.style2 {font-size: 14px}
--></style><style type="text/css" bogus="1">.style1 { font-size: 18px;
font-weight: bold;
}
.style2 {font-size: 14px}</style>
</head>
<body>
<form method="post" name="form1" action="<?php echo $editFormAction; ?>">
<p align="center"><span class="style1">留言板 - 发表新留言</span></p>
<p align="center"><span class="style2"><a href="viewposts.php" href="viewposts.php">浏览留言</a> | <a href="admin.php" href="admin.php">管理登陆</a></span></p>
<table align="center">
<tr valign="baseline">
<td nowrap align="right">用户名:</td>
<td><input type="text" name="username" value="" size="32"></td>
</tr>
<tr valign="baseline">
<td nowrap align="right">标题:</td>
<td><input type="text" name="topic" value="" size="32"></td>
</tr>
<tr valign="baseline">
<td nowrap align="right" valign="top">留言内容:</td>
<td>
<textarea name="content" cols="50" rows="5">
<?php require_once('Connections/conn.php');
require_once('inc/GetSQLValueString.php');?>
<?php
$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
$editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}
if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "form1")) {
$insertSQL = sprintf("INSERT INTO posts (username, topic, content) VALUES (%s, %s, %s)",
GetSQLValueString($_POST['username'], "text"),
GetSQLValueString($_POST['topic'], "text"),
GetSQLValueString($_POST['content'], "text"));
mysql_select_db($database_conn, $conn);
$Result1 = mysql_query($insertSQL, $conn) or die(mysql_error());
echo "<script type="text/javascript"><!--
alert('留言发表成功');
// --></script>";
}
?><!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>Untitled Document</title>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<style type="text/css"><!--
.style1 { font-size: 18px;
font-weight: bold;
}
.style2 {font-size: 14px}
--></style><style type="text/css" bogus="1">.style1 { font-size: 18px;
font-weight: bold;
}
.style2 {font-size: 14px}</style>
</head>
<body>
<form method="post" name="form1" action="<?php echo $editFormAction; ?>">
<p align="center"><span class="style1">留言板 - 发表新留言</span></p>
<p align="center"><span class="style2"><a href="viewposts.php" href="viewposts.php">浏览留言</a> | <a href="admin.php" href="admin.php">管理登陆</a></span></p>
<table align="center">
<tr valign="baseline">
<td nowrap align="right">用户名:</td>
<td><input type="text" name="username" value="" size="32"></td>
</tr>
<tr valign="baseline">
<td nowrap align="right">标题:</td>
<td><input type="text" name="topic" value="" size="32"></td>
</tr>
<tr valign="baseline">
<td nowrap align="right" valign="top">留言内容:</td>
<td>
<textarea name="content" cols="50" rows="5"><?php require_once('Connections/conn.php'); ?>
<?php
$currentPage = $_SERVER["PHP_SELF"];
$maxRows_rs = 10;
$pageNum_rs = 0;
if (isset($_GET['pageNum_rs'])) {
$pageNum_rs = $_GET['pageNum_rs'];
}
$startRow_rs = $pageNum_rs * $maxRows_rs;
mysql_select_db($database_conn, $conn);
$query_rs = "SELECT * FROM posts WHERE checked=1 ORDER BY postid DESC";
$query_limit_rs = sprintf("%s LIMIT %d, %d", $query_rs, $startRow_rs, $maxRows_rs);
$rs = mysql_query($query_limit_rs, $conn) or die(mysql_error());
$row_rs = mysql_fetch_assoc($rs);
if (isset($_GET['totalRows_rs'])) {
$totalRows_rs = $_GET['totalRows_rs'];
} else {
$all_rs = mysql_query($query_rs);
$totalRows_rs = mysql_num_rows($all_rs);
}
$totalPages_rs = ceil($totalRows_rs/$maxRows_rs)-1;
$queryString_rs = "";
if (!emptyempty($_SERVER['QUERY_STRING'])) {
$params = explode("&", $_SERVER['QUERY_STRING']);
$newParams = array();
foreach ($params as $param) {
if (stristr($param, "pageNum_rs") == false &&
stristr($param, "totalRows_rs") == false) {
array_push($newParams, $param);
}
}
if (count($newParams) != 0) {
$queryString_rs = "&" . htmlentities(implode("&", $newParams));
}
}
$queryString_rs = sprintf("&totalRows_rs=%d%s", $totalRows_rs, $queryString_rs);
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>Untitled Document</title>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<style type="text/css"><!--
.style1 {
font-size: 18px;
font-weight: bold;
}
.style2 {font-size: 14px}
--></style><style type="text/css" bogus="1">.style1 {
font-size: 18px;
font-weight: bold;
}
.style2 {font-size: 14px}</style>
</head>
<body>
<p align="center" class="style1">留言板 - 留言浏览</p>
<p align="center" class="style2"><a href="newpost.php" href="newpost.php">发表留言</a> | <a href="admin.php" href="admin.php">管理登陆</a></p>
<?php do { ?>
<table width="500" border="1" align="center" cellpadding="0" cellspacing="0">
<tr>
<td width="116"><p align="right"><strong>用户名:</strong></p></td>
<td width="378"><?php echo $row_rs['username']; ?></td>
</tr>
<tr>
<td><p align="right"><strong>标题:</strong></p></td>
<td><?php echo $row_rs['topic']; ?></td>
</tr>
<tr>
<td><p align="right"><strong>留言内容:</strong></p></td>
<td><?php echo $row_rs['content']; ?></td>
</tr>
<?php if($row_rs['replied']==1) { ?>
<tr>
<td><p align="right"><strong>回复:</strong></p></td>
<td><p><?php echo $row_rs['replycontent']; ?></p>
<p align="right"><strong>回复人:</strong><?php echo $row_rs['adminname']; ?></p></td>
</tr>
<?php } ?>
</table>
<br>
<?php } while ($row_rs = mysql_fetch_assoc($rs)); ?>
<p align="center">
<table border="0" width="50%" align="center">
<tr>
<td width="23%" align="center">
<?php if ($pageNum_rs > 0) { // Show if not first page ?>
<a href="<?php printf(" href="<?php printf("%s?pageNum_rs=%d%s", $currentPage, 0, $queryString_rs); ?>">首页</a>
<?php } // Show if not first page ?>
</td>
<td width="31%" align="center">
<?php if ($pageNum_rs > 0) { // Show if not first page ?>
<a href="<?php printf(" href="<?php printf("%s?pageNum_rs=%d%s", $currentPage, max(0, $pageNum_rs - 1), $queryString_rs); ?>">上一页</a>
<?php } // Show if not first page ?>
</td>
<td width="23%" align="center">
<?php if ($pageNum_rs < $totalPages_rs) { // Show if not last page ?>
<a href="<?php printf(" href="<?php printf("%s?pageNum_rs=%d%s", $currentPage, min($totalPages_rs, $pageNum_rs + 1), $queryString_rs); ?>">下一页</a>
<?php } // Show if not last page ?>
</td>
<td width="23%" align="center">
<?php if ($pageNum_rs < $totalPages_rs) { // Show if not last page ?>
<a href="<?php printf(" href="<?php printf("%s?pageNum_rs=%d%s", $currentPage, $totalPages_rs, $queryString_rs); ?>">尾页</a>
<?php } // Show if not last page ?>
</td>
</tr>
</table>
</p>
<p> </p>
</body>
</html>
<?php
mysql_free_result($rs);
?>Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Previous article:php SQL之where语句生成器_php技巧Next article:php cookie 作用范围–不要在当前页面使用你的cookie_php技巧