ソース掲示板

メンテナンス
対象スレッド	件名： board.php 名前： lightbox
処理選択
パスワード
件名
board.php
名前
lightbox
@DIV
<?
require( "model.php" );
# **********************************************************
# 基本定義部分
# **********************************************************
ini_set( 'display_errors', "1" );
$conf_client_charset = "euc-jp";
$conf_db_type = 1;
$conf_db_connect_action = "set names 'ujis'";
header( "Expires: Wed, 31 May 2000 14:59:58 GMT" );
header( "Content-Type: text/html; Charset=$conf_client_charset" );

# **********************************************************
# 外部ファイル
# **********************************************************
inc( "http://lightbox.in.coocan.jp/gen/db.txt" );

# 名前が未入力の場合の表示
$someone = "匿名くん";

# ----------------------------------------------------------
# 通常初期値にクッキーを使用している場合、
# 入力値がある場合は、入力値を使用する
# ----------------------------------------------------------
if ( $_POST['name'] != "" ) {
	$_COOKIE['name'] = $_POST['name'];
}
if ( $_POST['password'] != "" ) {
	$_COOKIE['password'] = $_POST['password'];
}


# **********************************************************
# デバッグ用
# **********************************************************
if ( $_SERVER['REQUEST_METHOD'] == 'POST' ) {
	$ret = print_r($_POST ,true);
}

# **********************************************************
# 接続
# **********************************************************
$SQL = new DB( "localhost", "land", "root", "" );

# **********************************************************
# 更新
# **********************************************************
if ( $_POST['update'] != '' ) {

	$Query = "select * from board ";
	$Query .= " where board_id = '{$_POST['update']}'";
	$Query .= " and board_pass = '" . sha1($_POST['password']) . "'";
	$Column = $SQL->QueryEx( $Query );
	if ( !$Column ) {
		err_msg( "パスワードが一致しません" );
		print "<INPUT type=button value='戻る' onClick='location=\"board.php\"'>";
		exit();
	}

	$Query = "select * from board ";
	$Query .= " where board_body = '{$_POST['body']}'";
	$Query .= " and board_delflg is NULL";
	$Column = $SQL->QueryEx( $Query );
	if ( $Column ) {
		err_msg( "二重投稿です。" );
		print "<INPUT type=button value='戻る' onClick='location=\"board.php\"'>";
		exit();
	}

	$Query = "update board set ";
	$Query .= " board_title = '{$_POST['title']}'";
	$Query .= " ,board_body = '{$_POST['body']}'";
	$Query .= " ,board_update = now()";
	$Query .= " where board_id = {$_POST['update']}";

	$SQL->Execute( $Query );

	ok_msg( "投稿が更新されました" );
	print "<INPUT type=button value='戻る' onClick='location=\"board.php\"'>";
	exit();
}
# **********************************************************
# 削除
# **********************************************************
if ( $_POST['send'] == '削除' ) {

	$Query = "select * from board ";
	$Query .= " where board_id = '{$_POST['board_id']}'";
	$Query .= " and board_pass = '" . sha1($_POST['password']) . "'";
	$Column = $SQL->QueryEx( $Query );
	if ( !$Column ) {
		err_msg( "パスワードが一致しません" );
	}
	else {
		$Query = "update board ";
		$Query .= " set board_delflg = 'D'";
		$Query .= " ,board_update = now()";
		$Query .= " where board_id = {$_POST['board_id']}";
		$ret .= $Query;
		$SQL->Execute( $Query );

	}

	redirect( "board.php" );

	file_put_contents( "debug.log", $ret );

	exit();
}
# **********************************************************
# 新規追加
# **********************************************************
if ( $_POST['send'] != '' ) {

	$err_flg = false;

	$Query = "select * from board ";
	$Query .= " where board_body = '{$_POST['body']}'";
	$Query .= " and board_delflg is NULL";
	$Column = $SQL->QueryEx( $Query );
	if ( $Column ) {
		err_msg( "二重投稿です。" );
		$err_flg = true;
	}

	if ( !$err_flg ) {
		$Query = "select * from access ";
		$Query .= " where access_ip = '{$_SERVER['REMOTE_ADDR']}'";
		$Column = $SQL->QueryEx( $Query );
		if ( $Column ) {
			if ( time() - ($Column['access_time'] + 0) < 10 ) {
				err_msg( "連続投稿です。(しばらくしてから投稿して下さい)" );
				$err_flg = true;
			}
		}
	}

	if ( !$err_flg ) {
		$Query = " insert into board (board_title,board_name,board_pass,board_body,board_create,board_update) ";
		$pass = sha1($_POST['password']);

		if ( trim($_POST['name']) == '' ) {
			$_POST['name'] = $someone;
		}

		$Query .= " values('{$_POST['title']}','{$_POST['name']}','$pass','{$_POST['body']}',now(),now()) ";
		$SQL->Execute( $Query );

		setcookie ("name", $_POST['name'],time()+3600);
		setcookie ("password", $_POST['password'],time()+3600);

		# アクセステーブルの更新
		$tm = time();
		$Query = "update `access` set access_time = $tm where access_ip = '{$_SERVER['REMOTE_ADDR']}'";
		$SQL->Execute( $Query );
		$cnt = mysql_affected_rows( $SQL->Connect );
		if ( $cnt == 0 ) {
			$Query = "insert into access (access_ip,access_time) values('{$_SERVER['REMOTE_ADDR']}',$tm)";
			$SQL->Execute( $Query );
		}

		redirect( "board.php" );

	}
}

# **********************************************************
# 画面定義
# **********************************************************
require( "view.php" );

?>
@END