闲来无事写了个迷你型的留言本,只有一个页面.
今天贴出来源码,
由于我也是初学者,代码写的有点生硬,安全上也没有多考虑,有兴趣的朋友可以下载下来看看.
后台地址 index.php?action=login
用户名:admin
密 码:admin
功能介绍:
guest:
查看留言
发表留言
管理员:
删除留言
回复留言
查看留言者ip地址
查看留言者联系方式
php程序员站迷你留言本下载地址
如图:
数据库
|
以下为引用的内容: php程序员站
--
-- 数据库: `guestbook`
--
CREATE DATABASE `guestbook` DEFAULT CHARACTER SET gbk COLLATE gbk_chinese_ci;
USE `guestbook`; www.phperz.com
-- -------------------------------------------------------- php程序员之家
--
-- 表的结构 `admin`
-- www.phperz.com
CREATE TABLE IF NOT EXISTS `admin` (
`id` int(11) NOT NULL auto_increment,
`name` varchar(255) NOT NULL,
`pass` varchar(255) NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=MyISAM DEFAULT CHARSET=gbk AUTO_INCREMENT=2 ; phperz~com
--
-- 导出表中的数据 `admin`
-- www.phperz.com
INSERT INTO `admin` (`id`, `name`, `pass`) VALUES
(1, 'admin', '21232f297a57a5a743894a0e4a801fc3'); php程序员站
-- -------------------------------------------------------- phperz~com
--
-- 表的结构 `message`
-- php程序员站
CREATE TABLE IF NOT EXISTS `message` (
`id` int(11) NOT NULL auto_increment,
`message` text NOT NULL,
`huifu` text,
`name` varchar(255) NOT NULL,
`email` varchar(255) NOT NULL,
`ip` varchar(20) NOT NULL,
`date` datetime NOT NULL,
`sex` varchar(10) NOT NULL default '保密',
PRIMARY KEY (`id`)
) ENGINE=MyISAM DEFAULT CHARSET=gbk AUTO_INCREMENT=3 ; www.phperz.com
--
-- 导出表中的数据 `message`
-- php程序员之家
INSERT INTO `message` (`id`, `message`, `huifu`, `name`, `email`, `ip`, `date`, `sex`) VALUES
(2, '留言本开张啦.欢迎大家留言!!', '呵呵,谢谢支持.', 'PHP程序员站', 'info@phperz.com', '192.168.1.2', '2008-03-29 09:46:50', '先生'); www.phperz.com
|
phperz.com
index.php源码
以下为引用的内容:
<?php
session_start();
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312" />
<link href="../images/css.css" _fcksavedurl=""../images/css.css"" type="text/css" rel="stylesheet"> php程序员之家
<title>PHP程序员站迷你留言本</title>
<script language="javascript" type="text/javascript">
function showhuifu(huifu_inputid) {
displaystatus=document.getElementById(huifu_inputid).className;
if (displaystatus=="display_none") {
document.getElementById(huifu_inputid).className="";
}
else {
document.getElementById(huifu_inputid).className="display_none";
}
}
function checkform(){
name=document.getElementById("name").value;
email=document.getElementById("email").value;
message=document.getElementById("message").value;
var myReg=/^[_a-z0-9]+@([_a-z0-9]+\.)+[a-z0-9]{2,3}$/i;
if (name=="") {
alert("您的姓名不能为空");
return false; php程序员站
}
if (!myReg.test(email)){
alert("您的Email地址不正确");
return false;
}
if (message=="") {
alert("您的留言不能为空");
return false;
}
}
</script>
</head>
<body>
<!--PHP程序员站迷你留言本V1.0 www.phperz.com-->
<?php
//连接数据库--------------------------------------
$conn=mysql_connect("localhost:3306","root","password");
mysql_query("set names gbk",$conn);
$dbstatus=mysql_select_db("guestbook",$conn);
//-------------------------------------------------
//签写留言----------------------------------------
if ($_GET["action"]=="write"){
$name=htmlspecialchars($_POST["name"]); php程序员之家
$email=htmlspecialchars($_POST["email"]);
$message=htmlspecialchars($_POST["message"]);
$message=nl2br($message);
$datastr=date('Y-m-d G:i:s');
$ip=$_POST["ip"];
if ($_POST["sex"]==1){
$sex="先生";
}
elseif ($_POST["sex"]==2){
$sex="小姐";
}
else {
$sex="保密";
}
if ($name!="" and $email!="" and $message!=""){
$exec="insert into message(`message`,`huifu`,`name`,`email`,`ip`,`date`,`sex`)
values ('$message','','$name','$email','$ip','".date('Y-m-d G:i:s')."','$sex')"; phperz.com
$result=mysql_query($exec);
echo hrefurl("index.php");
}
else{
echo alertstr('您的信息不完整,请从新填写.');
}
}
//-------------------------------------------------
//管理员回复留言----------------------------------------
if ($_GET["action"]=="huifu" and $_SESSION["uname"]){
$huifu=htmlspecialchars($_POST["huifu"]);
$huifuid=$_GET["id"];
if ($huifu!="" and $huifuid!=""){
$exec="update message set huifu='".$huifu."' where id=".$huifuid;
$result=mysql_query($exec);
echo hrefurl("index.php");
}
else {
echo alertstr('请填写您的回复信息.');
} phperz~com
}
//-------------------------------------------------
//管理员删除留言-------------------------------------
if ($_GET["action"]=="del" and $_SESSION["uname"]){
if ($_GET["id"]!=""){
$exec="delete from message where id=".$_GET["id"];
$result=mysql_query($exec);
echo hrefurl("index.php");
}
}
//-------------------------------------------------
//定义一个提示错误信息和转向函数--------------------
function alertstr($str){
echo "<script>alert('$str')</script>";
}
function hrefurl($url){
echo "<script>window.location ='$url';</script>";
}
//-------------------------------------------------
//管理员退出函数---------------------------------
if ($_GET["action"]=="logout"){ phperz.com
unset($_SESSION["uname"]);
session_destroy();
echo hrefurl("index.php");
}
//-------------------------------------------------
?>
<!--top-->
<table width="800" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td height="4" colspan="2"></td>
</tr>
<tr>
<td width="616" height="68" valign="top" class="logotxt"><a href="www.phperz.com-->
<?php
//连接数据库--------------------------------------
$conn=mysql_connect("localhost:3306","root","password");
mysql_query("set names gbk",$conn);
$dbstatus=mysql_select_db("guestbook",$conn);
//------------------------------------------------- php程序员站
//签写留言----------------------------------------
if ($_GET["action"]=="write"){
$name=htmlspecialchars($_POST["name"]);
$email=htmlspecialchars($_POST["email"]);
$message=htmlspecialchars($_POST["message"]);
$message=nl2br($message);
$datastr=date('Y-m-d G:i:s');
$ip=$_POST["ip"];
if ($_POST["sex"]==1){
$sex="先生";
}
elseif ($_POST["sex"]==2){
$sex="小姐";
}
else {
$sex="保密";
}
if ($name!="" and $email!="" and $message!=""){
$exec="insert into message(`message`,`huifu`,`name`,`email`,`ip`,`date`,`sex`) php程序员站
values ('$message','','$name','$email','$ip','".date('Y-m-d G:i:s')."','$sex')";
$result=mysql_query($exec);
echo hrefurl("index.php");
}
else{
echo alertstr('您的信息不完整,请从新填写.');
}
}
//-------------------------------------------------
//管理员回复留言----------------------------------------
if ($_GET["action"]=="huifu" and $_SESSION["uname"]){
$huifu=htmlspecialchars($_POST["huifu"]);
$huifuid=$_GET["id"];
if ($huifu!="" and $huifuid!=""){
$exec="update message set huifu='".$huifu."' where id=".$huifuid;
$result=mysql_query($exec); phperz.com
echo hrefurl("index.php");
}
else {
echo alertstr('请填写您的回复信息.');
}
}
//-------------------------------------------------
//管理员删除留言-------------------------------------
if ($_GET["action"]=="del" and $_SESSION["uname"]){
if ($_GET["id"]!=""){
$exec="delete from message where id=".$_GET["id"];
$result=mysql_query($exec);
echo hrefurl("index.php");
}
}
//-------------------------------------------------
//定义一个提示错误信息和转向函数--------------------
function alertstr($str){
echo "<script>alert('$str')</script>";
}
function hrefurl($url){
echo "<script>window.location ='$url';</script>"; www.phperz.com
}
//-------------------------------------------------
//管理员退出函数---------------------------------
if ($_GET["action"]=="logout"){
unset($_SESSION["uname"]);
session_destroy();
echo hrefurl("index.php");
}
//-------------------------------------------------
?>
<!--top-->
<table width="800" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td height="4" colspan="2"></td>
</tr>
<tr>
<td width="616" height="68" valign="top" class="logotxt"><a href="" target="_blank"><img src="../images/logo.jpg" border="0" /></a></td> php程序员站
<td width="184" align="right" valign="top"><a href="/index.php">首页</a> _fcksavedurl=""/index.php">首页</a>" <a href="#message_now">签写留言</a><?php if ($_SESSION["uname"]) echo ' <a href="?action=uppass">修改密码</a> <a href="index.php?action=logout">退出</a>';?></td>
</tr>
<tr>
<td height="2" colspan="2" bgcolor="#F4510B" ></td>
</tr>
<tr>
<td height="5" colspan="2" ></td>
</tr>
</table>
<!--top end-->
<?php
//管理员登录入口(并没有在前台提供连接),调用方法 index.php?action=login
if ($_GET["action"]=="login"){
$login=$_POST["login"]; www.phperz.com
$name=$_POST["name"];
$pass=md5($_POST["pass"]);
if ($login!=""){
if ($name==""){
echo alertstr('用户名不能为空.');
}
else{
$exec="select * from admin where name='$name' and pass='$pass'";
//echo $exec;
$result=mysql_query($exec);
$rs=mysql_num_rows($result);
//echo $rs;
if ($rs>0){
$_SESSION["uname"]=$name;
//echo $_SESSION["uname"];
echo hrefurl("index.php");
}
else{
echo alertstr("用户名或密码不正确.");
}
}
}
//---------------------------------- phperz.com
?>
<form id="form3" name="form3" method="post" action="index.php?action=login">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td width="120" height="30" align="center" class="f14">用户名:</td>
<td width="230"><label>
<input name="name" type="text" class="input" id="name" />
</label></td>
</tr>
<tr>
<td height="30" align="center" class="f14">密 码:</td>
<td><label> www~phperz~com
<input name="pass" type="password" class="input" id="pass" />
</label></td>
</tr>
<tr>
<td height="50" align="center"><input name="login" type="hidden" id="login" value="login" /></td>
<td><label>
<input type="submit" name="Submit4" value="提交" class="button" />
</label></td>
</tr>
<tr>
<td height="1" colspan="2" align="center" bgcolor="#CCCCCC"></td>
</tr> phperz.com
</table>
</form>
<?php
exit();
}
if ($_GET["action"]=="uppass" and $_SESSION["uname"]){
$uppass=$_POST["uppass"];
$ypass=$_POST["ypass"];
$npass=$_POST["npass"];
$npass2=$_POST["npass2"];
if ($uppass!=""){
if ($ypass==""){
echo alertstr('原密码不能为空.');
}
else if ($npass=="" or $npass2==""){
echo alertstr("新密码或确认密码不能为空");
}
else if ($npass!=$npass2){
echo alertstr("新密码和确认密码不一致");
}
else {
$exec="select * from admin where name='".$_SESSION["uname"]."' and pass='".md5($ypass)."'"; php程序员之家
$result=mysql_query($exec);
$rs=mysql_num_rows($result);
if ($rs>0){
$exec="update admin set pass='".md5($npass)."' where name='".$_SESSION["uname"]."'";
$result=mysql_query($exec);
if($result){
echo alertstr("密码修改成功");
}
else {
echo alertstr("密码修改失败");
}
}
else{
echo alertstr("原密码不正确.");
}
}
}
//----------------------------------
?>
<form id="form3" name="form3" method="post" action="index.php?action=uppass"> phperz~com
<table width="350" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td width="120" height="30" align="center" class="f14">原密码:</td>
<td width="230"><label>
<input name="ypass" type="password" class="input" id="ypass" />
</label></td>
</tr>
<tr>
<td height="30" align="center" class="f14">新密码:</td>
<td><label>
<input name="npass" type="password" class="input" id="npass" /> www~phperz~com
</label></td>
</tr>
<tr>
<td height="30" align="center" class="f14">确认密码:</td>
<td><label>
<input name="npass2" type="password" id="npass2" class="input"/>
</label></td>
</tr>
<tr>
<td height="50" align="center"><input name="uppass" type="hidden" id="uppass" value="uppass" /></td>
<td><label>
<input type="submit" name="Submit4" value="提交" class="button" /> phperz.com
</label></td>
</tr>
<tr>
<td height="1" colspan="2" align="center" bgcolor="#CCCCCC"></td>
</tr>
</table>
</form>
<?php
exit();
}
$pagesize=5; //第页显示留言数
$page=isset($_GET["page"])?intval($_GET["page"]):1; //定义page的初始值,如果get 传过来的page为空,则page=1
$total=mysql_num_rows(mysql_query("select id from message")); //执行查询获取总记录数
$pagecount=ceil($total/$pagesize); //总页数
if ($page>$pagecount){
$page=$pagecount; // 对提交过来的page做一些检查
}
if ($page<=0){
$page=1;
}
$offset=($page-1)*$pagesize; //偏移量
$pre=$page-1; //上一页
$next=$page+1; //下一页 php程序员站
$first=1; //第一页
$last=$pagecount; //末页
$exec="select * from message order by date desc limit $offset,$pagesize";
$result=mysql_query($exec);
while ($rs=mysql_fetch_array($result)){
?>
<table width="800" border="1" align="center" cellpadding="0" cellspacing="0" bordercolor="#DDDDDD" class="border_collapse" style="margin-bottom:5px">
<tr>
<td colspan="3"><table width="98%" border="0" align="center" cellpadding="0" cellspacing="0">
<tr class="foot">
<td width="17%" height="26"> 姓名:<?php
echo "$rs[3]";
?></td>
<td width="9%">性别:<?php echo "$rs[7]"?></td> php程序员之家
<td width="23%" class="white">Email:<a href="mailto:<?php echo "$rs[4]"?>" ><?php echo "$rs[4]"?></a></td>
<td width="20%">时间:<?php echo "$rs[6]"?></td>
<td width="31%" class="white"><?php if ($_SESSION["uname"]) echo "IP:<a href='http://www.query8.com/ip/ips.asp?IpValue=$rs[5]' target='_blank'>$rs[5]</a>";?></td>
</tr>
<tr>
<td height="1" colspan="5" bgcolor="#DDDDDD"></td>
</tr>
</table>
<br /> php程序员站
<table width="97%" border="0" align="center" cellpadding="0" cellspacing="0" >
<tr>
<td colspan="2" bgcolor="#F9F9F9"><div class="message"><?php echo "$rs[1]"?></div></td>
</tr>
<?php
if ($rs[2]!="") {
echo '<tr>
<td width="13%" height="30" align="center" class="font_color_1">站长回复:</td>';
echo '<td width="87%">'.$rs[2].'</td></tr>';
}
if ($_SESSION["uname"]){ www.phperz.com
?>
<tr>
<td height="1" colspan="2"> <div id="huifu_input<?php echo $rs[0]?>" class="display_none">
<form id="form2" name="form2" method="post" action="index.php?action=huifu&id=<?php echo $rs[0]?>">
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td width="13%" align="center" class="font_color_1">站长回复:</td>
<td width="87%"><textarea name="huifu" cols="60" rows="4" id="huifu" style="border:1px solid #C9C9C9"><?php echo $rs[2]?></textarea> phperz~com
<input type="submit" name="Submit3" value="提交" class="button" /></td>
</tr>
</table>
</form>
</div></td>
</tr>
<?php }?>
<tr>
<td width="13%" align="center"> </td>
<td width="87%" height="20" align="right">
<table border="0" cellspacing="0" cellpadding="0"> phperz.com
<tr>
<?php
if ($_SESSION["uname"]){
?>
<td width="60" align="right"><a href="index.php?action=del&id=<?php echo $rs[0]?>">删除</a></td>
<td width="60" align="right"><span onclick="showhuifu('huifu_input<?php echo $rs[0]?>')" style="cursor:pointer">回复</span></td>
<?php }?>
<td width="60" align="right"><a href="#">TOP</a></td>
</tr>
</table> </td> phperz~com
</tr>
</table> </td>
</tr>
</table>
<?php
}
mysql_close($conn);
?>
<table width="800" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td height="25" align="right">页<?php echo $page."/".$pagecount?>总页 <a href="index.php?page=1">首页</a> <a href="index.php?page=<?php echo $pre?>">上一页</a> <a href="index.php?page=<?php echo $next?>">下一页</a> <a href="index.php?page=<?php echo $last?>">末页</a> </td>
</tr>
</table>
<form id="form1" name="form1" method="post" action="index.php?action=write" onsubmit="return checkform();" > www~phperz~com
<table width="800" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td width="134" height="35" align="center" class="f14">姓 名:</td>
<td width="666"><label>
<input name="name" type="text" class="input" id="name"/>
</label></td>
</tr>
<tr>
<td height="35" align="center" class="f14">性 别:</td>
<td><label>
<input type="radio" name="sex" value="1" />
先生</label> php程序员站
<label><input type="radio" name="sex" value="2" />
小姐
<label><input name="sex" type="radio" value="0" checked="checked" />
保密</label></td>
</tr>
<tr>
<td height="35" align="center" class="f14">Email:</td>
<td><label>
<input name="email" type="text" class="input" id="email" />
</label></td>
</tr>
<tr>
<td height="30" align="center" class="f14">留 言:</td> phperz~com
<td><label>
<textarea name="message" cols="60" rows="8" id="message" style="border:1px solid #C9C9C9"></textarea>
</label></td>
</tr>
<tr>
<td height="50" align="center"><a name="message_now" id="message_now"></a>
<input name="ip" type="hidden" id="ip" value="<?php echo $_SERVER['REMOTE_ADDR']?>" /></td><td>
<input type="submit" name="Submit" value="提 交" class="button"/>
<input type="reset" name="Submit2" value="重 置" class="button" /> </td> phperz.com
</tr>
</table>
</form>
<!--bottom-->
<table width="800" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td height="5" ></td>
</tr> <tr>
<td height="2" bgcolor="#F4510B"></td>
</tr>
<tr>
<td height="30" align="center" class="foot white">PHP程序员站 Copyright © 2007,<a href="" target="_blank">PHPERZ.COM</a> All Rights Reserved 粤ICP备07503606号 <a href="" target="_blank">PHPERZ.COM</a> All Rights Reserved 粤ICP备07503606号 <a href="mailto:info@phperz.com">联系站长</a></td> php程序员站
</tr>
</table>
<!--bottom end-->
</body>
</html>
|
php程序员站迷你留言本下载地址
|
