www.gusucode.com > 仿51.com的php源码 1.1 > ProcessInterface_Comment.php

    <?php
 header   ("Cache-Control:   no-cache,   must-revalidate");     
 header   ("Pragma:   no-cache");   
?>
<?php
//include("user/CheckLogined.php");
include("include/dbclass.php");
include("include/global.php");
$dbc=new DbConn();
$uid=$_COOKIE["uid"];
$user=$_GET["user"];
$diary_id=$_GET["diary"];
if($_GET["action"]=="Save")
{

if($gb_time-$_COOKIE['wtime']<30)
{
echo "<script language='javascript'>alert('为防止恶意灌水,签写留言间隔为30秒!请您稍后再试');history.back();</script>";
exit();
}


$f_DiaryComment_CommentObjId=$_POST["f_DiaryComment_CommentObjId"];
$f_DiaryComment_ObjTitle=$_POST["f_DiaryComment_ObjTitle"];
$f_DiaryComment_AddDate=$_POST["f_DiaryComment_AddDate"];
$f_DiaryComment_Memo=$_POST["f_DiaryComment_Memo"];

$f_DiaryComment_ObjTitle=iconv('utf-8', 'gbk',$f_DiaryComment_ObjTitle);
$f_DiaryComment_Memo=iconv('utf-8', 'gbk',$f_DiaryComment_Memo);


$lv=false;
$s="";
	$filter=$rs1["filterTxt"]; 
	$filter = explode(",",$filter);
	for($i=0;$i<count($filter);$i++){
		if(ereg($filter[$i],$f_DiaryComment_Memo)){
		$s=$s.$filter[$i];	
		$lv=true;break;
			
		
		}
	}
	
	if($lv)	
	{
echo "<script>alert('你的留言含有不良内容:".$s."');history.back();;</script>";
	exit();
	}


setcookie("wtime",$gb_time,$gb_time+30);

if ($f_DiaryComment_Memo==null)
{
echo "0";
exit();
} 
$user=$_GET["user"];
$sqlck="select id from Diary where User_Account='$user' and Diary_UnixTimestamp='$f_DiaryComment_CommentObjId'";
$rs1=$dbc->getRs($sqlck);
if($rs1==null)
{
echo "0";
exit();
}

if($uid==null)
{
echo "1";
exit();
}
//查看是不是有形像了
$sqlck="select face,LeaveWordPrivilege from userdata where User_Account='$user' ";
$rs=$dbc->getRs($sqlck);

if($rs["LeaveWordPrivilege"]==2)
{
echo "6";
exit();
}
//查看不是有VIP或好友才能留言了
if($rs["LeaveWordPrivilege"]==1)
{
$sqlf="select id,OrderType from myfriend where User_Account='$user' and myfriendname='$uid'";
$rs1=$dbc->getRs($sqlf);

if((int)$_COOKIE["vip"]==0 )
{
echo "5";
exit();
}
if($rs1["OrderType"]==2)
{
echo "8";
exit();
}
if($rs1["id"]==null)
{
echo "5";
exit();
}
}
if($rs["LeaveWordPrivilege"]==0)
{
$sqlf="select id,OrderType from myfriend where User_Account='$user' and myfriendname='$uid'";
$rs1=$dbc->getRs($sqlf);
if($rs1["OrderType"]==2)
{
echo "8";
exit();
}
}
$sqluid="select face from userdata where User_Account='$uid' ";
$rs2=$dbc->getRs($sqluid);
if($rs2["face"]=="images/nophoto.gif")
{
echo "2";
exit();
}
$sqlin="insert into DiaryComment (DiaryComment_CommentObjId,DiaryComment_ObjTitle,DiaryComment_UserName,DiaryComment_AddDate,DiaryComment_Memo,DiaryComment_Name) values ('$f_DiaryComment_CommentObjId','$f_DiaryComment_ObjTitle','$user','$f_DiaryComment_AddDate','$f_DiaryComment_Memo','$uid')";
$dbc->Execute($sqlin);
echo "9";
exit();
}


?>