|
global $sid,$aid,$php_SELF;
global $banner,$body,$poster,$email,$type,$CHAR_GB;
if(strlen($banner)==0 || strlen($body)==0 || strlen($poster)==0 || strlen($email)==0) {
echo "
<script language=Javascript>
alert('恶 ぃЧ俱');
history.back();
</script>
";
return;
}
//$banner=AddSlashes($banner);
//$body=AddSlashes($body);
$rip=getenv('REMOTE_ADDR');
$DROOT=getenv('DOCUMENT_ROOT');
include("sql.php3");
$db=mysql_connect($sql['host'], $sql['user'] , $sql['passwd']);
$now=date('Y')."-".date('m')."-".date('d')." ".date('H').":".date('i').":".date('s');
if($CHAR_GB==1) {
include("CCharset.php3");
$code=new CCharset;
$banner=$code->Gb_Big5($banner);
$body=$code->Gb_Big5($body);
$poster=$code->Gb_Big5($poster);
}
if($type==1) {
$qsql="INSERT INTO bbs_docs (aid,sid,banner,body,poster,email,pip,wdate)
values('$aid','$sid','$banner','$body','$poster','$email','$rip','$now')";
} else {
$qsql="INSERT INTO bbs_subj (aid,banner,body,poster,email,pip,wdate)
values('$aid','$banner','$body','$poster','$email','$rip','$now')";
}
$rs=mysql_db_query($sql['db'],$qsql);
$id=mysql_insert_id();
if($type==0) { // 笆 mail_list
$qsql="INSERT INTO bbs_sml (sid,email) values('$id','$email')";
$rs=mysql_db_query($sql['db'],$qsql);
}
if($type==0) Send_the_doc_to_mail_list($aid,$id,$id);
else Send_the_doc_to_mail_list($aid,$sid,$id);
//incdocs($aid);
if($type==0) { $sid=$rid=$id;}
else { $rid=$id;}
echo "
<script language=Javascript>
document.location='$php_SELF?proc=view&aid=$aid&sid=$sid&rid=$rid'
</script>
";
}
//======================================================================
function search_docs($aid,$skey) {
$DROOT=getenv('DOCUMENT_ROOT');
include("sql.php3");
$db=mysql_connect($sql['host'], $sql['user'] , $sql['passwd']);
//$qsql="SELECT * from bbs_docs where sid='$id' and (banner like '$skey' or poster like '$skey' or body like '$skey') order by wdate DESC";
if($aid) $qsql="SELECT * from bbs_docs where aid='$aid' and (banner like '$skey' or poster like '$skey' or body like '$skey') order by wdate DESC";
else $qsql="SELECT * from bbs_docs where (banner like '$skey' or poster like '$skey' or body like '$skey') order by wdate DESC";
$rs=mysql_db_query($sql['db'],$qsql);
while($row=mysql_fetch_array($rs)) {
$id=$row['id'];
$banner=$row['banner'];
$poster=$row['poster'];
$views=$row['views'];
$wdate=sdatetime($row['wdate']);
$aid=$row['aid'];
$sid=$row['sid'];
echo "<tr bgcolor='#F0F0F0'>";
echo "<td>";
echo "<a href=$php_SELF?proc=view&aid=$aid&sid=$sid&rid=$id>";
echo " <font color=#836FFF>$banner</font>";
echo "</a>";
echo "</td>";
echo "<td>";
echo $poster;
echo "</td>";
echo "<td class='num'>";
echo " ";
echo "</td>";
echo "<td class='num'>";
echo $views;
echo "</td>";
echo "<td class='num'>";
echo $wdate;
echo "</td>";
echo "</tr>";
}
}
//======================================================================
function search() {
global $php_SELF;
global $key,$aid;
if(!strlen($key)) {
echo "
<script language=Javascript>
history.back();
</script>
";
}
echo "<TABLE width=85% border=0 cellPadding=0 cellSpacing=1 align=center class='tablefont'>";
echo "<FORM name=mtab ENCTYPE=multipart/form-data METHOD=POST ACTION=$php_SELF?proc=search>";
echo "<tr><td>";
echo "<input type='hidden' name=aid value='$aid'>";
echo "