php简易留言板程序代码

<?php
session_start();
$con=mysql_connect('localhost','root','root') or die('链接数据库失败！');
mysql_query('set names utf8');
mysql_select_db('GuestBook');

$pagesize = 10;//每一页显示多少留言记录
if(isset($_GET['page'])&&$_GET['page']!='') $page=$_GET['page'];
else $page=0;

$sql = "SELECT a . * , b.name, b.email, b.qq, c.revert_time, c.revert
  FROM post a
  LEFT JOIN revert c ON ( a.id = c.post_id ) , guest b
  WHERE a.guest_id = b.id
  ORDER BY a.id DESC";
$numRecord = mysql_num_rows(mysql_query($sql));
$totalpage = ceil($numRecord/$pagesize);

$recordSql = $sql. " LIMIT ".$page*$pagesize.",".$pagesize;
$result = mysql_query($recordSql);
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>PHPiask简易留言板</title>
<style type="text/css">
<!--
body {
 margin-left: 0px;
 margin-top: 0px;
}
a:link {
 text-decoration: none;
 color: #FF6600;
}
a:visited {
 text-decoration: none;
}
a:hover {
 text-decoration: underline;
}
a:active {
 text-decoration: none;
}
.STYLE1 {
 color: #FFFFFF;
 font-weight: bold;
 font-size: 16px;
}
td{
font-size:12px;
}
.tdhx {
 font-style: italic;
 line-height: 1.5;
 text-decoration: underline;
}
-->
</style>
<script language="javascript">
function checkInput(){
 var Email = document.getElementById('email');
 var QQ = document.getElementById('qq');
 var name = document.getElementById('name');
 var post = document.getElementById('post');
 //验证用户名：不能超过10个字符（5个汉字），不能输入非法字符，不能为空
 nameValue = name.value.replace(/s+/g,"");
 var SPECIAL_STR = "~!%^&*();"?><[]{}\|,:/=+—";
 var nameflag=true;
 for(i=0;i<nameValue.lenght;i++){
  if (SPECIAL_STR.indexOf(nameValue.charAt(i)) !=-1)
  nameflag=false;
 }
 if(nameValue==''){
  alert('请填写用户名称！'); 
  return false;
 }
 if(nameValue.length>10){
  alert('用户名称最多10个字符（5个汉字）！');
  return false;
 }
 
 if(nameflag===false){
  alert('用户名称不能包含非法字符请更改！');
  return false;
 }
 //验证QQ号码
 var par =/^[1-9]d{4,12}$/;
 if(QQ.value!=''&&!par.test(QQ.value)){
  alert('请输入正确的QQ号码');
  return false;
 }
 //验证Email地址
 var emailpar = /^[w-]+(.[w-]+)*@[w-]+(.[w-]+)+$/;
 if(Email.value!=''&&!emailpar.test(Email.value)){
  alert('请输入正确的邮箱地址！');
  return false;
 }
 if(QQ.value==''&&Email.value==''){
  alert('邮箱和QQ必选其一');
  return false;  
 }
 if(post.value==""){
  alert('请输入留言内容！');
  return false;   
 }
 if(post.value.length>400){
  alert('留言内容太长！');
  return false;   
 }

}
</script>
</head>

<body>
<table width="800" border="0" align="center">

  <tr>
    <td height="80" bgcolor="#003366"><span class="STYLE1"> 简易留言板教程（<a href="http://www.phpiask.com">PHP iask</a>）</span></td>
  </tr>
  <tr>
    <td height="5" bgcolor="#efefef"></td>
  </tr>
</table>
<table width="800" border="0" align="center" bgcolor="#fefefe">
<?php
while($rs=mysql_fetch_object($result)){
?>
  <tr>
    <td class="tdhx">留言人：<?php echo $rs->name?> |Email：<?php echo $rs->email?>|QQ:<?php echo $rs->qq?>|留言时间：<?php echo date("Y-m-d H:i:s",$rs->post_time+8*3600)?></td>
  </tr>
  <?php
  if(isset($_SESSION['login'])&&$_SESSION['login']){
  ?>
    <tr>
    <td class="tdhx"><a href="revert.php?id=<?php echo $rs->id?>">回复</a> | <a href="delete.php?id=<?php echo $rs->id?>">删除</a></td>
  </tr>
  <?php
  }
  ?>
  <tr>
    <td>留言内容：<?php echo nl2br(htmlspecialchars($rs->post))?><br/>
    <font color="Red">
    回复内容：<?php echo nl2br(htmlspecialchars($rs->revert))?>[<?php if($rs->revert_time!="") echo date("Y-m-d H:i:s",$rs->revert_time+8*3600)?> ]
    </font>
   
    </td>
  </tr>
  <tr><td height="3px"  bgcolor="##FF6600"></td></tr>
<?php
}
?>
</table>
<table width="800" border="0" align="center" bgcolor="#B1C3D9">
  <tr>
    <td >
<?php
if($page>0) echo "<a href='index.php?page=".($page-1)."'>上一页|</a>" ;
if($page<$totalpage-1) echo "<a href='index.php?page=".($page+1)."'>下一页</a>" ;
?></td>
  </tr>
</table><form action="post.php" method="post" id="postForm" name="postForm">
<table width="800" border="0" align="center" cellspacing="1" bgcolor="#efefef">
 
  <tr>
    <td width="117" bgcolor="#FFFFFF">姓名：</td>
    <td width="673" bgcolor="#FFFFFF"><label>
      <input type="text" name="name" id="name" />
    </label></td>
  </tr>
  <tr>
    <td bgcolor="#FFFFFF">Email：</td>
    <td bgcolor="#FFFFFF"><label>
      <input type="text" name="email" id="email" />
    </label></td>
  </tr>
  <tr>
    <td bgcolor="#FFFFFF">QQ：</td>
    <td bgcolor="#FFFFFF"><label>
      <input type="text" name="qq" id="qq"/>
    </label></td>
  </tr>
  <tr>
    <td colspan="2" bgcolor="#FFFFFF">留言内容：</td>
  </tr>
  <tr>
    <td colspan="2" bgcolor="#FFFFFF"><label>
      <textarea name="post" id="post" cols="40" rows="5"></textarea>
    </label></td>
  </tr>
  <tr>
    <td colspan="2" bgcolor="#FFFFFF"><label>
      <input type="submit" name="Submit" value="提交" onclick="return checkInput();"/>
      &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
      <input type="reset" name="Submit2" value="重置" />
    </label><a href="login.php">管理员登录</a></td>
  </tr>
</table></form>
</body>
</html>

post.php文件

<?php
header('content-type:text/html;charset=utf-8');
//如果PHP设置的自动转义函数未开启，就转义这些值
if(!get_magic_quotes_gpc()){
 foreach ($_POST as &$items){
  $items = addslashes($items);
 }
}

$name = $_POST['name'];
$qq = $_POST['qq'];
$email = $_POST['email'];
$post = $_POST['post'];

if($name==""||strlen($name)>10){
 echo <<<tem
 <script language="javascript">
 alert('请输入正确的有户名');
 history.go(-1);
 </script>
tem;
exit();
}
if($qq==""&&$email==""){
 echo <<<tem
 <script>
 alert('Email和QQ必须输入一个！');
 history.go(-1);
 </script>
tem;
exit();
}
if($qq!=""&&(!is_numeric($qq)||$qq>9999999999||$qq<=9999)){
 echo <<<tem
 <script>
 alert("请输入正确的QQ号码");
 history.go(-1);
 </script>
tem;
exit();
}
if($email!=""&&(!ereg("^([a-zA-Z0-9_-])+@([a-zA-Z0-9_-])+(.[a-zA-Z0-9_-])+",$email)||strlen($email)>60)){
 echo <<<tem
 <script>
 alert("请输入正确的Email");
 history.go(-1);
 </script>
tem;
exit();
}
if(strlen($post)>400){
 echo <<<tem
 <script>
 alert("输入的留言内容太长！");
 history.go(-1);
 </script>
tem;
exit();
}

//链接数据库
$con=mysql_connect('localhost','root','root') or die('链接数据库失败！');
mysql_query('set names utf8');
mysql_select_db('GuestBook');

//把客户信息插入guest表
$insertSql="insert into guest (name,qq,email) values ('$name','$qq','$email')";
if(mysql_query($insertSql)){
 $guestid = mysql_insert_id();
}
else{
 echo $insertSql;
 echo mysql_error();
 echo "数据插入失败!";
 exit();
}

//把以上插入取得的客户id和留言信息插入到post表中
$post_time = time();
$insertPostSql = "insert into post(guest_id,post,post_time) values('$guestid','$post','$post_time')";
if(mysql_query($insertPostSql)){
 echo <<<tem
 <script>
 alert("留言成功");
 location.href="index.php";
 </script>
tem;
}
else{
 echo <<<tem
 <script>
 alert("留言失败");
 location.href="index.php";
 </script>
tem;
}
?>

<?php
session_start();
header('content-type:text/html;charset=utf-8');
$con=mysql_connect('localhost','root','root') or die('链接数据库失败！');
mysql_query('set names utf8');
mysql_select_db('GuestBook');

if(!$_SESSION['login']){
 echo "<script>alert('权限不足!');location.href='index.php';</script>";
 exit();
}

if(isset($_GET['id'])&&$_GET['id']!=""){
 $delRevertSql="delete from revert where post_id=".$_GET['id'];
 mysql_query($delRevertSql);
 
 $delGuestSql="delete from guest where id = (select guest_id from post where id=".$_GET['id'].")";
 mysql_query($delGuestSql);
 
 $delPostSql="delete from post where id=".$_GET['id'];
 mysql_query($delPostSql);
 
 if(mysql_error()==""){
  echo "<script>alert('删除成功!');location.href='index.php';</script>";
 }
}
?>

<?php
session_start();
$con=mysql_connect('localhost','root','root') or die('链接数据库失败！');
mysql_query('set names utf8');
mysql_select_db('GuestBook');

if(!$_SESSION['login']){
 echo "<script>alert('没有登录不能回复!');location.href='index.php';</script>";
 exit();
}
if($_POST['Submit']){
 if(!get_magic_quotes_gpc()){
  foreach ($_POST as $items){
   $items = addslashes($items);
  }
 }
 if(strlen($_POST['revert'])>400){
  echo "<script>alert('回复内容过长!');history.go(-1);</script>";
  exit();
 }
 $post_id = $_POST['post_id'];
 $revert = $_POST['revert'];
 $insertRevertSql = "insert into revert (post_id,revert,revert_time) value('$post_id','$revert','$time')";
 if(mysql_query($insertRevertSql)){
  echo "<script>alert('回复成功');location.href='index.php';</script>";
  exit();
 }
 else {
  echo "<script>alert('回复失败!');history.go(-1);</script>";
 }
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>无标题文档</title>
</head>
<body>
<table>
<tr>
<td>
<form action="revert.php" method="POST" name="form1">
回复内容：<textarea name="revert" cols="30" rows="5" id="revert"></textarea>
<input type="hidden" name="post_id" value="<?php echo $_GET['id']?> "size="20">
<input type="submit" value="回 复" name="Submit"/>
<input type="button" onclick="javascript:history.go(-1);" value="放弃"/>
</form>
</td>
</tr>
</table>
</body>
</html>