|
cinput.php3
如下:
<html>
<head>
<title>输入</title>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<link rel="stylesheet" href="main.css" type="text/css">
<script language="JavaScript">
<!--
function NameGotFocus( ) {
document.frmInput.txtSend.focus();
}
function CheckValid() {
document.frmInput.sEmotion.value=top.emotion.frmEmotion.selEmotion.value;
document.frmInput.sColor.value=top.emotion.frmEmotion.selColor.value;
if (document.frmInput.txtSend.value == "") {
document.frmInput.txtSend.focus();
return false;
}
return true;
}
//-->
</script>
<link rel="stylesheet" href="main.css" type="text/css">
</head>
<body onload="NameGotFocus()">
<?php
function suiji($max){
srand((double)microtime()*1000000);
$x=rand();
$y=getrandmax();
$r=$x/$y*($max-1);
$r=round($r++);
return $r;
}
function StrOccurs($sStr,$sFind){
$sTemp=$sStr;
$iLen=strlen($sFind);
$iCount=0;
while (true){
if (strstr($sTemp,$sFind))
break;
else{
$sTemp = substr($sTemp,strpos($sTemp,$sFind)+$iLen);
$iCount++;
}
}
return $iCount;
}
function StrDupl($sStr,$iCnt){
$ret="";
for($i=1;$i<=$iCnt;$i++)
$ret.=$sStr;
return $ret;
}
function DelQuot($sStr){
$s=str_replace(chr(124),"¦",$sStr);
$s=str_replace(chr(39),"´",$s);
$s=str_replace(chr(34),""",$s);
return $s;
}
function DelTag($sStr){
$bNeed="False";
$sOther=strtoupper($sStr);
if ($bNeed!="True" || !strstr($sOther,"<TABLE")) $bNeed="True";
if ($bNeed!="True" || !strstr($sOther,"</TABLE")) $bNeed="True";
if ($bNeed!="True" || !strstr($sOther,"<SCRIPT")) $bNeed="True";
if ($bNeed!="True" || !strstr($sOther,"</SCRIPT")) $bNeed="True";
if ($bNeed!="True" || !strstr($sOther,"<BODY")) $bNeed="True";
if ($bNeed!="True" || !strstr($sOther,"</BODY")) $bNeed="True";
if ($bNeed!="True" || !strstr($sOther,"<HTML")) $bNeed="True";
if ($bNeed!="True" || !strstr($sOther,"</HTML")) $bNeed="True";
if ($bNeed!="True" || !strstr($sOther,"<HEAD")) $bNeed="True";
if ($bNeed!="True" || !strstr($sOther,"</HEAD")) $bNeed="True";
if ($bNeed!="True" || !strstr($sOther,"<FORM")) $bNeed="True";
if ($bNeed!="True" || !strstr($sOther,"</FORM")) $bNeed="True";
if ($bNeed!="True" || !strstr($sOther,"<INPUT")) $bNeed="True";
if ($bNeed!="True" || !strstr($sOther,"</INPUT")) $bNeed="True";
if ($bNeed!="True" || !strstr($sOther,"<OPTION")) $bNeed="True";
if ($bNeed!="True" || !strstr($sOther,"</OPTION")) $bNeed="True";
if ($bNeed!="True" || !strstr($sOther,"<SELECT")) $bNeed="True";
if ($bNeed!="True" || !strstr($sOther,"</SELECT")) $bNeed="True";
if ($bNeed!="True" || !strstr($sOther,"<APPLET")) $bNeed="True";
if ($bNeed!="True" || !strstr($sOther,"</APPLET")) $bNeed="True";
if ($bNeed!="True" || !strstr($sOther,"<OBJECT")) $bNeed="True";
if ($bNeed!="True" || !strstr($sOther,"</OBJECT")) $bNeed="True";
if ($bNeed!="True" || !strstr($sOther,"<MENU")) $bNeed="True";
if ($bNeed!="True" || !strstr($sOther,"</MENU")) $bNeed="True";
if ($bNeed!="True" || !strstr($sOther,"<FRAMESET")) $bNeed="True";
if ($bNeed!="True" || !strstr($sOther,"</FRAMESET")) $bNeed="True";
if ($bNeed!="True" || !strstr($sOther,"<FRAME")) $bNeed="True";
if ($bNeed!="True" || !strstr($sOther,"</FRAME")) $bNeed="True";
if ($bNeed!="True" || !strstr($sOther,"<IFRAME")) $bNeed="True";
if ($bNeed!="True" || !strstr($sOther,"</IFRAME")) $bNeed="True";
if ($bNeed!="True" || !strstr($sOther,"<STYLE")) $bNeed="True";
if ($bNeed!="True" || !strstr($sOther,"</STYLE")) $bNeed="True";
if ($bNeed!="True" || !strstr($sOther,"<BASE")) $bNeed="True";
if ($bNeed!="True" || !strstr($sOther,"FONT-SIZE:")) $bNeed="True";
if ($bNeed=="True")
return str_replace(">",">",str_replace("<","<",$sStr));
else
return $sStr;
}
function AddLost($sStr){
$ret=$sStr;
$ret.=StrDupl(">",(StrOccurs(strtoupper($ret),"<") - StrOccurs(strtoupper($ret),">")));
$ret.=StrDupl("</FONT>","<FONT") - StrOccurs(strtoupper($ret),"</FONT>")));
$ret.=StrDupl("</B>","<B") - StrOccurs(strtoupper($ret),"</B>")));
$ret.=StrDupl("</I>","<I") - StrOccurs(strtoupper($ret),"</I>")));
$ret.=StrDupl("</U>","<U") - StrOccurs(strtoupper($ret),"</U>")));
$ret.=StrDupl("</S>","<S") - StrOccurs(strtoupper($ret),"</S>")));
$ret.=StrDupl("</STRIKE>","<STRIKE") - StrOccurs(strtoupper($ret),"</STRIKE>")));
$ret.=StrDupl("</STRONG>","<STRONG") - StrOccurs(strtoupper($ret),"</STRONG>")));
$ret.=StrDupl("</SMALL>","<SMALL") - StrOccurs(strtoupper($ret),"</SMALL>")));
$ret.=StrDupl("</CITE>","<CITE") - StrOccurs(strtoupper($ret),"</CITE>")));
$ret.=StrDupl("</EM>","<EM") - StrOccurs(strtoupper($ret),"</EM>")));
$ret.=StrDupl("</CODE>","<CODE") - StrOccurs(strtoupper($ret),"</CODE>")));
$ret.=StrDupl("</SAMP>","<SAMP") - StrOccurs(strtoupper($ret),"</SAMP>")));
$ret.=StrDupl("</KBD>","<KBD") - StrOccurs(strtoupper($ret),"</KBD>")));
$ret.=StrDupl("</VAR>","<VAR") - StrOccurs(strtoupper($ret),"</VAR>")));
$ret.=StrDupl("</DFN>","<DFN") - StrOccurs(strtoupper($ret),"</DFN>")));
$ret.=StrDupl("</BIG>","<BIG") - StrOccurs(strtoupper($ret),"</BIG>")));
$ret.=StrDupl("</SUP>","<SUP") - StrOccurs(strtoupper($ret),"</SUP>")));
$ret.=StrDupl("</SUB>","<SUB") - StrOccurs(strtoupper($ret),"</SUB>")));
$ret.=StrDupl("</H1>","<H1") - StrOccurs(strtoupper($ret),"</H1>")));
$ret.=StrDupl("</H2>","<H2") - StrOccurs(strtoupper($ret),"</H2>")));
$ret.=StrDupl("</H3>","<H3") - StrOccurs(strtoupper($ret),"</H3>")));
$ret.=StrDupl("</H4>","<H4") - StrOccurs(strtoupper($ret),"</H4>")));
$ret.=StrDupl("</H5>","<H5") - StrOccurs(strtoupper($ret),"</H5>")));
$ret.=StrDupl("</H6>","<H6") - StrOccurs(strtoupper($ret),"</H6>")));
$ret.=StrDupl("</H7>","<H7") - StrOccurs(strtoupper($ret),"</H7>")));
return $ret;
}
$sSecret="False";
$sRefRate=5;
$ConnID=@odbc_connect("jtfcht","admin","");
if ($ConnID){
if ($id=="1" && $ps="superldz"){
$result=@odbc_exec($ConnID,"SELECT RefRate FROM User WHERE UserID=".$id);
if (@odbc_fetch_into($result,&$rArr)){
$sRefRate=$rArr[0];
if ($cmdSend=="送出"){
$sRefRate=(int)($txtRefRate);
if ($sRefRate<2) $sRefRate=2;
@odbc_exec($ConnID,"UPDATE User SET RefRate=".$sRefRate.",LstTime=".time()." WHERE UserID=".($id));
@odbc_exec($ConnID,"INSERT INTO ChtCont (sIDFrom,sNameFrom,sIPFrom,sIDTo,sNameTo,sTime,sCont,bSecret,RoomID) VALUES (".$id.",'管理员','".getenv("REMOTE_ADDR")."','大家','".date("H:i:s")."','<font color=gray>【系统消息】".trim(DelQuot(htmlspecialchars($txtSend)))."</font>',False,0)");
}
}
}
else{
$result=@odbc_exec($ConnID,"SELECT UserID,UserName,PassWord,LstTime,Secret,RefRate,ToID,ToName,RoomID FROM User WHERE UserID=".($id));
if (@odbc_fetch_into($result,&$rArr)){
if ($rArr[2]==$ps){
if ($rArr[3]>=(time()-1800)){
if ($rArr[4]) $sSecret="True";
$sRefRate=$rArr[5];
if ($cmdSend=="送出"){
$sUserName=$rArr[1];
$sToID=$rArr[6];
$sToName=$rArr[7];
$sRoomID=$rArr[8];
//$sSend=AddLost(DelTag(DelQuot($txtSend)));
$sSend=DelQuot(htmlspecialchars($txtSend));
if ($chkSecret=="Yes"){
$sSecret="True";
$sTalk="悄悄说:";
}
else{
$sSecret="False";
$sTalk="说:";
}
$sRefRate=(int)($txtRefRate);
if ($sRefRate<2) $sRefRate=2;
@odbc_exec($ConnID,"UPDATE User SET EmotionID=".$sEmotion.",ColorID='".$sColor."',Secret=".$sSecret.",RefRate=".$sRefRate.",LstTime=".time()." WHERE UserID=".$id);
$bCht="True";
$bToMe="False";
if (substr($sSend,3)=="/t "){
$sChtCont="<font color=blue><i>%m想".substr($sSend,3)."</i></font>";
$sSecret="False";
$bCht="False";
}
elseif (substr($sSend,3)=="/: "){
$sChtCont="<font color=red>%m".substr($sSend,3)."</font>";
$sSecret="False";
$bCht="False";
}
elseif (strtolower(substr($sSend,3))=="/w "){
$result=@odbc_exec($ConnID,"SELECT RoomID FROM User WHERE UserName='".trim(substr($sSend,3))."'");
if (@odbc_fetch_into($result,&$rArr)){
if ($rArr[0]>0){
$result=@odbc_exec($ConnID,"SELECT RoomName FROM Room WHERE RoomID=".$rArr[0]);
if (@odbc_fetch_into($result,&$rArr))
$sChtCont="<font color=gray>【系统消息】".trim(substr($sSend,3))."目前在房间".$rArr[0]."。</font>";
else
$sChtCont="<font color=gray>【系统消息】系统混乱了,".trim(substr($sSend,3))."目前在的房间不可识别!</font>";
}
else
$sChtCont="<font color=gray>【系统消息】".trim(substr($sSend,3))."目前没有上线。</font>";
$sSecret="True";
$bCht="False";
}
else{
$sChtCont="<font color=gray>【系统消息】没有".trim(substr($sSend,3))."这个人。</font>";
$sSecret="True";
$bCht="False";
}
$bToMe="True";
}
elseif (substr($sSend,3)=="// "){
$result=@odbc_exec($ConnID,"SELECT ActCont FROM Action WHERE ActID='".trim(substr($sSend,&$rArr)){
$sChtCont="<font color=red>".trim($rArr[0])."</font>";
$sSecret="False";
$bCht="False";
}
else $bCht="True";
}
if ($bCht=="True"){
$result=@odbc_exec($ConnID,"SELECT COUNT(EmotionTp) AS CNT_TP FROM Emotion WHERE EmotionTp=".$sEmotion);
@odbc_fetch_into($result,&$rArr);
if ($rArr[0]>0){
$iEmCnt=suiji($rArr[0]);
$result=@odbc_exec($ConnID,"SELECT EmotionCont FROM Emotion WHERE EmotionTp=".$sEmotion." AND EmotionID=".$iEmCnt);
if (@odbc_fetch_into($result,&$rArr))
$sChtCont="%m".trim($rArr[0])."对%g".$sTalk.$sSend;
else
$sChtCont="%m对%g".$sTalk.$sSend;
}
else $sChtCont="%m对%g".$sTalk.$sSend;
if ($sSecret=="True")
$sChtCont="<font color=green>".$sChtCont."</font>";
else
$sChtCont="<font color=#".$sColor.">".$sChtCont."</font>";
}
if ($bToMe=="True")
@odbc_exec($ConnID,RoomID) VALUES (0,".$id.",'".$sUserName."','".$sChtCont."',".$sSecret.",".$sRoomID.")");
else
@odbc_exec($ConnID,".$sToID.",'".$sToName."',".$sRoomID.")");
}
}
}
}
}
@odbc_close($ConnID);
}
?>
<div align="center"><center><form method="post" action="cinput.php3" name="frmInput" onsubmit="return CheckValid();">
<input type="hidden" name="sEmotion" value="0"><input type="hidden" name="sColor" value="000000">
<?php
if ($sSecret=="True")
echo "t<input type="checkbox" name="chkSecret" value="Yes" checked>悄悄话n";
else
echo "t<input type="checkbox" name="chkSecret" value="Yes">悄悄话n";
?>
<input type="text" name="txtSend" maxlength="120" size="39"><input type="hidden" name="id" value="<?php echo $id; ?>"><input type="hidden" name="ps" value="<?php echo $ps; ?>">
<input type="submit" name="cmdSend" value="送出">
刷新:<input type="text" name="txtRefRate" maxlength="2" size="2" value="<?php echo $sRefRate; ?>">
<input type="button" name="cmdExit" onclick="parent.location='leave.php3?id=<?php echo $id; ?>&ps=<?php echo $ps; ?>&at=<?php echo time(); ?>'" value="退出">
</form></center></div>
</body>
</html>
【本文版权归作者与奥索网共同拥有,如需转载,请注明作者及出处】
(编辑:安卓应用网)
【声明】本站内容均来自网络,其相关言论仅代表作者个人观点,不代表本站立场。若无意侵犯到您的权利,请及时与联系站长删除相关内容!
|
