闲来无事写了个迷你型的留言本,只有一个页面.
今天贴出来源码,
由于我也是初学者,代码写的有点生硬,安全上也没有多考虑,有兴趣的朋友可以下载下来看看.
后台地址 index.php?action=login
用户名:admin
密 码:admin
功能介绍:
guest:
查看留言
发表留言
管理员:
删除留言
回复留言
查看留言者ip地址
查看留言者联系方式
php程序员站迷你留言本下载地址
如图:
数据库
|
以下为引用的内容: -- -------------------------------------------------------- -- CREATE TABLE IF NOT EXISTS `admin` ( -- INSERT INTO `admin` (`id`, `name`, `pass`) VALUES -- -------------------------------------------------------- -- CREATE TABLE IF NOT EXISTS `message` ( -- INSERT INTO `message` (`id`, `message`, `huifu`, `name`, `email`, `ip`, `date`, `sex`) VALUES |
| 以下为引用的内容: <?php session_start(); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=gb2312" /> <link href="../images/css.css" _fcksavedurl=""../images/css.css"" type="text/css" rel="stylesheet"> <title>PHP程序员站迷你留言本</title> <script language="javascript" type="text/javascript"> function showhuifu(huifu_inputid) { displaystatus=document.getElementById(huifu_inputid).className; if (displaystatus=="display_none") { document.getElementById(huifu_inputid).className=""; } else { document.getElementById(huifu_inputid).className="display_none"; } } function checkform(){ name=document.getElementById("name").value; email=document.getElementById("email").value; message=document.getElementById("message").value; var myReg=/^[_a-z0-9]+@([_a-z0-9]+\.)+[a-z0-9]{2,3}$/i; if (name=="") { alert("您的姓名不能为空"); return false; } if (!myReg.test(email)){ alert("您的Email地址不正确"); return false; } if (message=="") { alert("您的留言不能为空"); return false; } } </script> </head> <body> <!--PHP程序员站迷你留言本V1.0 www.phperz.com--> <?php //连接数据库-------------------------------------- $conn=mysql_connect("localhost:3306","root","password"); mysql_query("set names gbk",$conn); $dbstatus=mysql_select_db("guestbook",$conn); //------------------------------------------------- //签写留言---------------------------------------- if ($_GET["action"]=="write"){ $name=htmlspecialchars($_POST["name"]); $email=htmlspecialchars($_POST["email"]); $message=htmlspecialchars($_POST["message"]); $message=nl2br($message); $datastr=date('Y-m-d G:i:s'); $ip=$_POST["ip"]; if ($_POST["sex"]==1){ $sex="先生"; } elseif ($_POST["sex"]==2){ $sex="小姐"; } else { $sex="保密"; } if ($name!="" and $email!="" and $message!=""){ $exec="insert into message(`message`,`huifu`,`name`,`email`,`ip`,`date`,`sex`) values ('$message','','$name','$email','$ip','".date('Y-m-d G:i:s')."','$sex')"; $result=mysql_query($exec); echo hrefurl("index.php"); } else{ echo alertstr('您的信息不完整,请从新填写.'); } } //------------------------------------------------- //管理员回复留言---------------------------------------- if ($_GET["action"]=="huifu" and $_SESSION["uname"]){ $huifu=htmlspecialchars($_POST["huifu"]); $huifuid=$_GET["id"]; if ($huifu!="" and $huifuid!=""){ $exec="update message set huifu='".$huifu."' where id=".$huifuid; $result=mysql_query($exec); echo hrefurl("index.php"); } else { echo alertstr('请填写您的回复信息.'); } } //------------------------------------------------- //管理员删除留言------------------------------------- if ($_GET["action"]=="del" and $_SESSION["uname"]){ if ($_GET["id"]!=""){ $exec="delete from message where id=".$_GET["id"]; $result=mysql_query($exec); echo hrefurl("index.php"); } } //------------------------------------------------- //定义一个提示错误信息和转向函数-------------------- function alertstr($str){ echo "<script>alert('$str')</script>"; } function hrefurl($url){ echo "<script>window.location ='$url';</script>"; } //------------------------------------------------- //管理员退出函数--------------------------------- if ($_GET["action"]=="logout"){ unset($_SESSION["uname"]); session_destroy(); echo hrefurl("index.php"); } //------------------------------------------------- ?> <!--top--> <table width="800" border="0" align="center" cellpadding="0" cellspacing="0"> <tr> <td height="4" colspan="2"></td> </tr> <tr> <td width="616" height="68" valign="top" class="logotxt"><a href="www.phperz.com--> <?php //连接数据库-------------------------------------- $conn=mysql_connect("localhost:3306","root","password"); mysql_query("set names gbk",$conn); $dbstatus=mysql_select_db("guestbook",$conn); //------------------------------------------------- //签写留言---------------------------------------- if ($_GET["action"]=="write"){ $name=htmlspecialchars($_POST["name"]); $email=htmlspecialchars($_POST["email"]); $message=htmlspecialchars($_POST["message"]); $message=nl2br($message); $datastr=date('Y-m-d G:i:s'); $ip=$_POST["ip"]; if ($_POST["sex"]==1){ $sex="先生"; } elseif ($_POST["sex"]==2){ $sex="小姐"; } else { $sex="保密"; } if ($name!="" and $email!="" and $message!=""){ $exec="insert into message(`message`,`huifu`,`name`,`email`,`ip`,`date`,`sex`) values ('$message','','$name','$email','$ip','".date('Y-m-d G:i:s')."','$sex')"; $result=mysql_query($exec); echo hrefurl("index.php"); } else{ echo alertstr('您的信息不完整,请从新填写.'); } } //------------------------------------------------- //管理员回复留言---------------------------------------- if ($_GET["action"]=="huifu" and $_SESSION["uname"]){ $huifu=htmlspecialchars($_POST["huifu"]); $huifuid=$_GET["id"]; if ($huifu!="" and $huifuid!=""){ $exec="update message set huifu='".$huifu."' where id=".$huifuid; $result=mysql_query($exec); echo hrefurl("index.php"); } else { echo alertstr('请填写您的回复信息.'); } } //------------------------------------------------- //管理员删除留言------------------------------------- if ($_GET["action"]=="del" and $_SESSION["uname"]){ if ($_GET["id"]!=""){ $exec="delete from message where id=".$_GET["id"]; $result=mysql_query($exec); echo hrefurl("index.php"); } } //------------------------------------------------- //定义一个提示错误信息和转向函数-------------------- function alertstr($str){ echo "<script>alert('$str')</script>"; } function hrefurl($url){ echo "<script>window.location ='$url';</script>"; } //------------------------------------------------- //管理员退出函数--------------------------------- if ($_GET["action"]=="logout"){ unset($_SESSION["uname"]); session_destroy(); echo hrefurl("index.php"); } //------------------------------------------------- ?> <!--top--> <table width="800" border="0" align="center" cellpadding="0" cellspacing="0"> <tr> <td height="4" colspan="2"></td> </tr> <tr> <td width="616" height="68" valign="top" class="logotxt"><a href="" target="_blank"><img src="../images/logo.jpg" border="0" /></a></td> <td width="184" align="right" valign="top"><a href="/index.php">首页</a> _fcksavedurl=""/index.php">首页</a>" <a href="#message_now">签写留言</a><?php if ($_SESSION["uname"]) echo ' <a href="?action=uppass">修改密码</a> <a href="index.php?action=logout">退出</a>';?></td> </tr> <tr> <td height="2" colspan="2" bgcolor="#F4510B" ></td> </tr> <tr> <td height="5" colspan="2" ></td> </tr> </table> <!--top end--> <?php //管理员登录入口(并没有在前台提供连接),调用方法 index.php?action=login if ($_GET["action"]=="login"){ $login=$_POST["login"]; $name=$_POST["name"]; $pass=md5($_POST["pass"]); if ($login!=""){ if ($name==""){ echo alertstr('用户名不能为空.'); } else{ $exec="select * from admin where name='$name' and pass='$pass'"; //echo $exec; $result=mysql_query($exec); $rs=mysql_num_rows($result); //echo $rs; if ($rs>0){ $_SESSION["uname"]=$name; //echo $_SESSION["uname"]; echo hrefurl("index.php"); } else{ echo alertstr("用户名或密码不正确."); } } } //---------------------------------- ?> <form id="form3" name="form3" method="post" action="index.php?action=login"> <table width="350" border="0" align="center" cellpadding="0" cellspacing="0"> <tr> <td width="120" height="30" align="center" class="f14">用户名:</td> <td width="230"><label> <input name="name" type="text" class="input" id="name" /> </label></td> </tr> <tr> <td height="30" align="center" class="f14">密 码:</td> <td><label> <input name="pass" type="password" class="input" id="pass" /> </label></td> </tr> <tr> <td height="50" align="center"><input name="login" type="hidden" id="login" value="login" /></td> <td><label> <input type="submit" name="Submit4" value="提交" class="button" /> </label></td> </tr> <tr> <td height="1" colspan="2" align="center" bgcolor="#CCCCCC"></td> </tr> </table> </form> <?php exit(); } if ($_GET["action"]=="uppass" and $_SESSION["uname"]){ $uppass=$_POST["uppass"]; $ypass=$_POST["ypass"]; $npass=$_POST["npass"]; $npass2=$_POST["npass2"]; if ($uppass!=""){ if ($ypass==""){ echo alertstr('原密码不能为空.'); } else if ($npass=="" or $npass2==""){ echo alertstr("新密码或确认密码不能为空"); } else if ($npass!=$npass2){ echo alertstr("新密码和确认密码不一致"); } else { $exec="select * from admin where name='".$_SESSION["uname"]."' and pass='".md5($ypass)."'"; $result=mysql_query($exec); $rs=mysql_num_rows($result); if ($rs>0){ $exec="update admin set pass='".md5($npass)."' where name='".$_SESSION["uname"]."'"; $result=mysql_query($exec); if($result){ echo alertstr("密码修改成功"); } else { echo alertstr("密码修改失败"); } } else{ echo alertstr("原密码不正确."); } } } //---------------------------------- ?> <form id="form3" name="form3" method="post" action="index.php?action=uppass"> <table width="350" border="0" align="center" cellpadding="0" cellspacing="0"> <tr> <td width="120" height="30" align="center" class="f14">原密码:</td> <td width="230"><label> <input name="ypass" type="password" class="input" id="ypass" /> </label></td> </tr> <tr> <td height="30" align="center" class="f14">新密码:</td> <td><label> <input name="npass" type="password" class="input" id="npass" /> </label></td> </tr> <tr> <td height="30" align="center" class="f14">确认密码:</td> <td><label> <input name="npass2" type="password" id="npass2" class="input"/> </label></td> </tr> <tr> <td height="50" align="center"><input name="uppass" type="hidden" id="uppass" value="uppass" /></td> <td><label> <input type="submit" name="Submit4" value="提交" class="button" /> </label></td> </tr> <tr> <td height="1" colspan="2" align="center" bgcolor="#CCCCCC"></td> </tr> </table> </form> <?php exit(); } $pagesize=5; //第页显示留言数 $page=isset($_GET["page"])?intval($_GET["page"]):1; //定义page的初始值,如果get 传过来的page为空,则page=1 $total=mysql_num_rows(mysql_query("select id from message")); //执行查询获取总记录数 $pagecount=ceil($total/$pagesize); //总页数 if ($page>$pagecount){ $page=$pagecount; // 对提交过来的page做一些检查 } if ($page<=0){ $page=1; } $offset=($page-1)*$pagesize; //偏移量 $pre=$page-1; //上一页 $next=$page+1; //下一页 $first=1; //第一页 $last=$pagecount; //末页 $exec="select * from message order by date desc limit $offset,$pagesize"; $result=mysql_query($exec); while ($rs=mysql_fetch_array($result)){ ?> <table width="800" border="1" align="center" cellpadding="0" cellspacing="0" bordercolor="#DDDDDD" class="border_collapse" style="margin-bottom:5px"> <tr> <td colspan="3"><table width="98%" border="0" align="center" cellpadding="0" cellspacing="0"> <tr class="foot"> <td width="17%" height="26"> 姓名:<?php echo "$rs[3]"; ?></td> <td width="9%">性别:<?php echo "$rs[7]"?></td> <td width="23%" class="white">Email:<a href="mailto:<?php echo "$rs[4]"?>" ><?php echo "$rs[4]"?></a></td> <td width="20%">时间:<?php echo "$rs[6]"?></td> <td width="31%" class="white"><?php if ($_SESSION["uname"]) echo "IP:<a href='http://www.query8.com/ip/ips.asp?IpValue=$rs[5]' target='_blank'>$rs[5]</a>";?></td> </tr> <tr> <td height="1" colspan="5" bgcolor="#DDDDDD"></td> </tr> </table> <br /> <table width="97%" border="0" align="center" cellpadding="0" cellspacing="0" > <tr> <td colspan="2" bgcolor="#F9F9F9"><div class="message"><?php echo "$rs[1]"?></div></td> </tr> <?php if ($rs[2]!="") { echo '<tr> <td width="13%" height="30" align="center" class="font_color_1">站长回复:</td>'; echo '<td width="87%">'.$rs[2].'</td></tr>'; } if ($_SESSION["uname"]){ ?> <tr> <td height="1" colspan="2"> <div id="huifu_input<?php echo $rs[0]?>" class="display_none"> <form id="form2" name="form2" method="post" action="index.php?action=huifu&id=<?php echo $rs[0]?>"> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td width="13%" align="center" class="font_color_1">站长回复:</td> <td width="87%"><textarea name="huifu" cols="60" rows="4" id="huifu" style="border:1px solid #C9C9C9"><?php echo $rs[2]?></textarea> <input type="submit" name="Submit3" value="提交" class="button" /></td> </tr> </table> </form> </div></td> </tr> <?php }?> <tr> <td width="13%" align="center"> </td> <td width="87%" height="20" align="right"> <table border="0" cellspacing="0" cellpadding="0"> <tr> <?php if ($_SESSION["uname"]){ ?> <td width="60" align="right"><a href="index.php?action=del&id=<?php echo $rs[0]?>">删除</a></td> <td width="60" align="right"><span onclick="showhuifu('huifu_input<?php echo $rs[0]?>')" style="cursor:pointer">回复</span></td> <?php }?> <td width="60" align="right"><a href="#">TOP</a></td> </tr> </table> </td> </tr> </table> </td> </tr> </table> <?php } mysql_close($conn); ?> <table width="800" border="0" align="center" cellpadding="0" cellspacing="0"> <tr> <td height="25" align="right">页<?php echo $page."/".$pagecount?>总页 <a href="index.php?page=1">首页</a> <a href="index.php?page=<?php echo $pre?>">上一页</a> <a href="index.php?page=<?php echo $next?>">下一页</a> <a href="index.php?page=<?php echo $last?>">末页</a> </td> </tr> </table> <form id="form1" name="form1" method="post" action="index.php?action=write" onsubmit="return checkform();" > <table width="800" border="0" align="center" cellpadding="0" cellspacing="0"> <tr> <td width="134" height="35" align="center" class="f14">姓 名:</td> <td width="666"><label> <input name="name" type="text" class="input" id="name"/> </label></td> </tr> <tr> <td height="35" align="center" class="f14">性 别:</td> <td><label> <input type="radio" name="sex" value="1" /> 先生</label> <label><input type="radio" name="sex" value="2" /> 小姐 <label><input name="sex" type="radio" value="0" checked="checked" /> 保密</label></td> </tr> <tr> <td height="35" align="center" class="f14">Email:</td> <td><label> <input name="email" type="text" class="input" id="email" /> </label></td> </tr> <tr> <td height="30" align="center" class="f14">留 言:</td> <td><label> <textarea name="message" cols="60" rows="8" id="message" style="border:1px solid #C9C9C9"></textarea> </label></td> </tr> <tr> <td height="50" align="center"><a name="message_now" id="message_now"></a> <input name="ip" type="hidden" id="ip" value="<?php echo $_SERVER['REMOTE_ADDR']?>" /></td><td> <input type="submit" name="Submit" value="提 交" class="button"/> <input type="reset" name="Submit2" value="重 置" class="button" /> </td> </tr> </table> </form> <!--bottom--> <table width="800" border="0" align="center" cellpadding="0" cellspacing="0"> <tr> <td height="5" ></td> </tr> <tr> <td height="2" bgcolor="#F4510B"></td> </tr> <tr> <td height="30" align="center" class="foot white">PHP程序员站 Copyright © 2007,<a href="" target="_blank">PHPERZ.COM</a> All Rights Reserved 粤ICP备07503606号 <a href="" target="_blank">PHPERZ.COM</a> All Rights Reserved 粤ICP备07503606号 <a href="mailto:info@phperz.com">联系站长</a></td> </tr> </table> <!--bottom end--> </body> </html> |