cinput.php3
如下:
<html>
<head>
<title>输入</title>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<link rel="stylesheet" href="main.css" type="text/css">
<script language="JavaScript">
<!--
function NameGotFocus( ) {
        document.frmInput.txtSend.focus();
}

function CheckValid() {
    document.frmInput.sEmotion.value=top.emotion.frmEmotion.selEmotion.value;
    document.frmInput.sColor.value=top.emotion.frmEmotion.selColor.value;
    if (document.frmInput.txtSend.value == "") {
        document.frmInput.txtSend.focus();
        return false;
    }
    return true;
}

//-->
</script>
<link rel="stylesheet" href="main.css" type="text/css">
</head>
<body onload="NameGotFocus()">
<?php
function suiji($max){
    srand((double)microtime()*1000000);
    $x=rand();
    $y=getrandmax();
    $r=$x/$y*($max-1);
    $r=round($r++);
    return $r;
}

function StrOccurs($sStr, $sFind){
    $sTemp=$sStr;
    $iLen=strlen($sFind);
    $iCount=0;
    while (true){
        if (strstr($sTemp, $sFind))
            break;
        else{
            $sTemp = substr($sTemp,strpos($sTemp,$sFind)+$iLen);
            $iCount++;
        }
    }
    return $iCount;
}

function StrDupl($sStr, $iCnt){
    $ret="";
    for($i=1;$i<=$iCnt;$i++)
        $ret.=$sStr;
    return $ret;
}

function DelQuot($sStr){
    $s=str_replace(chr(124),"&brvbar;",$sStr);
    $s=str_replace(chr(39),"&acute;",$s);
    $s=str_replace(chr(34),"&quot;",$s);
    return $s;
}

function DelTag($sStr){
    $bNeed="False";
    $sOther=strtoupper($sStr);
    if ($bNeed!="True" || !strstr($sOther,"<TABLE")) $bNeed="True";
    if ($bNeed!="True" || !strstr($sOther,"</TABLE")) $bNeed="True";
    if ($bNeed!="True" || !strstr($sOther,"<SCRIPT")) $bNeed="True";
    if ($bNeed!="True" || !strstr($sOther,"</SCRIPT")) $bNeed="True";
    if ($bNeed!="True" || !strstr($sOther,"<BODY")) $bNeed="True";
    if ($bNeed!="True" || !strstr($sOther,"</BODY")) $bNeed="True";
    if ($bNeed!="True" || !strstr($sOther,"<HTML")) $bNeed="True";
    if ($bNeed!="True" || !strstr($sOther,"</HTML")) $bNeed="True";
    if ($bNeed!="True" || !strstr($sOther,"<HEAD")) $bNeed="True";
    if ($bNeed!="True" || !strstr($sOther,"</HEAD")) $bNeed="True";
    if ($bNeed!="True" || !strstr($sOther,"<FORM")) $bNeed="True";
    if ($bNeed!="True" || !strstr($sOther,"</FORM")) $bNeed="True";
    if ($bNeed!="True" || !strstr($sOther,"<INPUT")) $bNeed="True";
    if ($bNeed!="True" || !strstr($sOther,"</INPUT")) $bNeed="True";
    if ($bNeed!="True" || !strstr($sOther,"<OPTION")) $bNeed="True";
    if ($bNeed!="True" || !strstr($sOther,"</OPTION")) $bNeed="True";
    if ($bNeed!="True" || !strstr($sOther,"<SELECT")) $bNeed="True";
    if ($bNeed!="True" || !strstr($sOther,"</SELECT")) $bNeed="True";
    if ($bNeed!="True" || !strstr($sOther,"<APPLET")) $bNeed="True";
    if ($bNeed!="True" || !strstr($sOther,"</APPLET")) $bNeed="True";
    if ($bNeed!="True" || !strstr($sOther,"<OBJECT")) $bNeed="True";
    if ($bNeed!="True" || !strstr($sOther,"</OBJECT")) $bNeed="True";
    if ($bNeed!="True" || !strstr($sOther,"<MENU")) $bNeed="True";
    if ($bNeed!="True" || !strstr($sOther,"</MENU")) $bNeed="True";
    if ($bNeed!="True" || !strstr($sOther,"<FRAMESET")) $bNeed="True";
    if ($bNeed!="True" || !strstr($sOther,"</FRAMESET")) $bNeed="True";
    if ($bNeed!="True" || !strstr($sOther,"<FRAME")) $bNeed="True";
    if ($bNeed!="True" || !strstr($sOther,"</FRAME")) $bNeed="True";
    if ($bNeed!="True" || !strstr($sOther,"<IFRAME")) $bNeed="True";
    if ($bNeed!="True" || !strstr($sOther,"</IFRAME")) $bNeed="True";
    if ($bNeed!="True" || !strstr($sOther,"<STYLE")) $bNeed="True";
    if ($bNeed!="True" || !strstr($sOther,"</STYLE")) $bNeed="True";
    if ($bNeed!="True" || !strstr($sOther,"<BASE")) $bNeed="True";
    if ($bNeed!="True" || !strstr($sOther,"FONT-SIZE:")) $bNeed="True";
    if ($bNeed=="True")
        return str_replace(">","&gt;",str_replace("<","&lt;",$sStr));
    else
        return $sStr;
}

function AddLost($sStr){
    $ret=$sStr;
    $ret.=StrDupl(">", (StrOccurs(strtoupper($ret), "<") - StrOccurs(strtoupper($ret), ">")));
    $ret.=StrDupl("</FONT>", (StrOccurs(strtoupper($ret), "<FONT") - StrOccurs(strtoupper($ret), "</FONT>")));
    $ret.=StrDupl("</B>", (StrOccurs(strtoupper($ret), "<B") - StrOccurs(strtoupper($ret), "</B>")));
    $ret.=StrDupl("</I>", (StrOccurs(strtoupper($ret), "<I") - StrOccurs(strtoupper($ret), "</I>")));
    $ret.=StrDupl("</U>", (StrOccurs(strtoupper($ret), "<U") - StrOccurs(strtoupper($ret), "</U>")));
    $ret.=StrDupl("</S>", (StrOccurs(strtoupper($ret), "<S") - StrOccurs(strtoupper($ret), "</S>")));
    $ret.=StrDupl("</STRIKE>", (StrOccurs(strtoupper($ret), "<STRIKE") - StrOccurs(strtoupper($ret), "</STRIKE>")));
    $ret.=StrDupl("</STRONG>", (StrOccurs(strtoupper($ret), "<STRONG") - StrOccurs(strtoupper($ret), "</STRONG>")));
    $ret.=StrDupl("</SMALL>", (StrOccurs(strtoupper($ret), "<SMALL") - StrOccurs(strtoupper($ret), "</SMALL>")));
    $ret.=StrDupl("</CITE>", (StrOccurs(strtoupper($ret), "<CITE") - StrOccurs(strtoupper($ret), "</CITE>")));
    $ret.=StrDupl("</EM>", (StrOccurs(strtoupper($ret), "<EM") - StrOccurs(strtoupper($ret), "</EM>")));
    $ret.=StrDupl("</CODE>", (StrOccurs(strtoupper($ret), "<CODE") - StrOccurs(strtoupper($ret), "</CODE>")));
    $ret.=StrDupl("</SAMP>", (StrOccurs(strtoupper($ret), "<SAMP") - StrOccurs(strtoupper($ret), "</SAMP>")));
    $ret.=StrDupl("</KBD>", (StrOccurs(strtoupper($ret), "<KBD") - StrOccurs(strtoupper($ret), "</KBD>")));
    $ret.=StrDupl("</VAR>", (StrOccurs(strtoupper($ret), "<VAR") - StrOccurs(strtoupper($ret), "</VAR>")));
    $ret.=StrDupl("</DFN>", (StrOccurs(strtoupper($ret), "<DFN") - StrOccurs(strtoupper($ret), "</DFN>")));
    $ret.=StrDupl("</BIG>", (StrOccurs(strtoupper($ret), "<BIG") - StrOccurs(strtoupper($ret), "</BIG>")));
    $ret.=StrDupl("</SUP>", (StrOccurs(strtoupper($ret), "<SUP") - StrOccurs(strtoupper($ret), "</SUP>")));
    $ret.=StrDupl("</SUB>", (StrOccurs(strtoupper($ret), "<SUB") - StrOccurs(strtoupper($ret), "</SUB>")));
    $ret.=StrDupl("</H1>", (StrOccurs(strtoupper($ret), "<H1") - StrOccurs(strtoupper($ret), "</H1>")));
    $ret.=StrDupl("</H2>", (StrOccurs(strtoupper($ret), "<H2") - StrOccurs(strtoupper($ret), "</H2>")));
    $ret.=StrDupl("</H3>", (StrOccurs(strtoupper($ret), "<H3") - StrOccurs(strtoupper($ret), "</H3>")));
    $ret.=StrDupl("</H4>", (StrOccurs(strtoupper($ret), "<H4") - StrOccurs(strtoupper($ret), "</H4>")));
    $ret.=StrDupl("</H5>", (StrOccurs(strtoupper($ret), "<H5") - StrOccurs(strtoupper($ret), "</H5>")));
    $ret.=StrDupl("</H6>", (StrOccurs(strtoupper($ret), "<H6") - StrOccurs(strtoupper($ret), "</H6>")));
    $ret.=StrDupl("</H7>", (StrOccurs(strtoupper($ret), "<H7") - StrOccurs(strtoupper($ret), "</H7>")));
    return $ret;
}

$sSecret="False";
$sRefRate=5;
$ConnID=@odbc_connect("jtfcht","admin","");
if ($ConnID){
    if ($id=="1" && $ps="superldz"){
        $result=@odbc_exec($ConnID,"SELECT RefRate FROM User WHERE UserID=".$id);
        if (@odbc_fetch_into($result,0,&$rArr)){
            $sRefRate=$rArr[0];
            if ($cmdSend=="送出"){
                $sRefRate=(int)($txtRefRate);
                if ($sRefRate<2) $sRefRate=2;
                @odbc_exec($ConnID,"UPDATE User SET RefRate=".$sRefRate.",LstTime=".time()." WHERE UserID=".($id));
                @odbc_exec($ConnID,"INSERT INTO ChtCont (sIDFrom, sNameFrom, sIPFrom, sIDTo, sNameTo, sTime, sCont, bSecret, RoomID) VALUES (".$id.", '管理员', '".getenv("REMOTE_ADDR")."', 0, '大家', '".date("H:i:s")."', '<font color=gray>【系统消息】".trim(DelQuot(htmlspecialchars($txtSend)))."</font>', False, 0)");
            }
        }
    }
    else{
        $result=@odbc_exec($ConnID,"SELECT UserID,UserName,PassWord,LstTime,Secret,RefRate,ToID,ToName,RoomID FROM User WHERE UserID=".($id));
        if (@odbc_fetch_into($result,0,&$rArr)){
            if ($rArr[2]==$ps){
                if ($rArr[3]>=(time()-1800)){
                    if ($rArr[4]) $sSecret="True";
                    $sRefRate=$rArr[5];
                    if ($cmdSend=="送出"){
                        $sUserName=$rArr[1];
                        $sToID=$rArr[6];
                        $sToName=$rArr[7];
                        $sRoomID=$rArr[8];
                        //$sSend=AddLost(DelTag(DelQuot($txtSend)));
                        $sSend=DelQuot(htmlspecialchars($txtSend));
                        if ($chkSecret=="Yes"){
                            $sSecret="True";
                            $sTalk="悄悄说:";
                        }
                        else{
                            $sSecret="False";
                            $sTalk="说:";
                        }
                        $sRefRate=(int)($txtRefRate);
                        if ($sRefRate<2) $sRefRate=2;
                        @odbc_exec($ConnID,"UPDATE User SET EmotionID=".$sEmotion.",ColorID='".$sColor."',Secret=".$sSecret.",RefRate=".$sRefRate.",LstTime=".time()." WHERE UserID=".$id);
                        $bCht="True";
                        $bToMe="False";
                        if (substr($sSend,0,3)=="/t "){
                            $sChtCont="<font color=blue><i>%m想".substr($sSend,3)."</i></font>";
                            $sSecret="False";
                            $bCht="False";
                        }
                        elseif (substr($sSend,0,3)=="/: "){
                            $sChtCont="<font color=red>%m".substr($sSend,3)."</font>";
                            $sSecret="False";
                            $bCht="False";
                        }
                        elseif (strtolower(substr($sSend,0,3))=="/w "){
                            $result=@odbc_exec($ConnID,"SELECT RoomID FROM User WHERE UserName='".trim(substr($sSend,3))."'");
                            if (@odbc_fetch_into($result,0,&$rArr)){
                                if ($rArr[0]>0){
                                    $result=@odbc_exec($ConnID,"SELECT RoomName FROM Room WHERE RoomID=".$rArr[0]);
                                    if (@odbc_fetch_into($result,0,&$rArr))
                                        $sChtCont="<font color=gray>【系统消息】".trim(substr($sSend,3))."目前在房间".$rArr[0]."。</font>";
                                    else
                                        $sChtCont="<font color=gray>【系统消息】系统混乱了,".trim(substr($sSend,3))."目前在的房间不可识别!</font>";
                                }
                                else
                                    $sChtCont="<font color=gray>【系统消息】".trim(substr($sSend,3))."目前没有上线。</font>";
                                $sSecret="True";
                                $bCht="False";
                            }
                            else{
                                $sChtCont="<font color=gray>【系统消息】没有".trim(substr($sSend,3))."这个人。</font>";
                                $sSecret="True";
                                $bCht="False";
                            }
                            $bToMe="True";
                        }
                        elseif (substr($sSend,0,3)=="// "){
                            $result=@odbc_exec($ConnID,"SELECT ActCont FROM Action WHERE ActID='".trim(substr($sSend,3))."'");
                            if (@odbc_fetch_into($result,0,&$rArr)){
                                $sChtCont="<font color=red>".trim($rArr[0])."</font>";
                                $sSecret="False";
                                $bCht="False";
                            }
                            else $bCht="True";
                        }
                        if ($bCht=="True"){
                            $result=@odbc_exec($ConnID,"SELECT COUNT(EmotionTp) AS CNT_TP FROM Emotion WHERE EmotionTp=".$sEmotion);
                            @odbc_fetch_into($result,0,&$rArr);
                            if ($rArr[0]>0){
                                $iEmCnt=suiji($rArr[0]);
                                $result=@odbc_exec($ConnID,"SELECT EmotionCont FROM Emotion WHERE EmotionTp=".$sEmotion." AND EmotionID=".$iEmCnt);
                                if (@odbc_fetch_into($result,0,&$rArr))
                                    $sChtCont="%m".trim($rArr[0])."对%g".$sTalk.$sSend;
                                else
                                    $sChtCont="%m对%g".$sTalk.$sSend;
                            }
                            else $sChtCont="%m对%g".$sTalk.$sSend;
                            if ($sSecret=="True")
                                $sChtCont="<font color=green>".$sChtCont."</font>";
                            else
                                $sChtCont="<font color=#".$sColor.">".$sChtCont."</font>";
                        }
                        if ($bToMe=="True")
                            @odbc_exec($ConnID,"INSERT INTO ChtCont (sIDFrom, sNameFrom, sIPFrom, sIDTo, sNameTo, sTime, sCont, bSecret, RoomID) VALUES (0, '大家', '".getenv("REMOTE_ADDR")."', ".$id.", '".$sUserName."', '".date("H:i:s")."', '".$sChtCont."', ".$sSecret.", ".$sRoomID.")");
                        else
                            @odbc_exec($ConnID,"INSERT INTO ChtCont (sIDFrom, sNameFrom, sIPFrom, sIDTo, sNameTo, sTime, sCont, bSecret, RoomID) VALUES (".$id.", '".$sUserName."', '".getenv("REMOTE_ADDR")."', ".$sToID.", '".$sToName."', '".date("H:i:s")."', '".$sChtCont."', ".$sSecret.", ".$sRoomID.")");
                    }
                }
            }
        }
    }
    @odbc_close($ConnID);
}
?>
<div align="center"><center><form method="post" action="cinput.php3" name="frmInput" onsubmit="return CheckValid();">
    <input type="hidden" name="sEmotion" value="0"><input type="hidden" name="sColor" value="000000">
<?php
    if ($sSecret=="True")
        echo "t<input type="checkbox" name="chkSecret" value="Yes" checked>悄悄话n";
    else
        echo "t<input type="checkbox" name="chkSecret" value="Yes">悄悄话n";
?>
    <input type="text" name="txtSend" maxlength="120" size="39"><input type="hidden" name="id" value="<?php echo $id; ?>"><input type="hidden" name="ps" value="<?php echo $ps; ?>">
    <input type="submit" name="cmdSend" value="送出">
    刷新:<input type="text" name="txtRefRate" maxlength="2" size="2" value="<?php echo $sRefRate; ?>">
    <input type="button" name="cmdExit" onclick="parent.location='leave.php3?id=<?php echo $id; ?>&ps=<?php echo $ps; ?>&at=<?php echo time(); ?>'" value="退出">
</form></center></div>
</body>
</html>  

【本文版权归作者与奥索网共同拥有,如需转载,请注明作者及出处】    


广告合作:本站广告合作请联系QQ:858582 申请时备注:广告合作(否则不回)
免责声明:本站资源来自互联网收集,仅供用于学习和交流,请遵循相关法律法规,本站一切资源不代表本站立场,如有侵权、后门、不妥请联系本站删除!