sendlink.php

一个全功能的国外博客商业程序

<?
include "header.php";
if(isset($_POST['task'])) { $task = $_POST['task']; } elseif(isset($_GET['task'])) { $task = $_GET['task']; } else { $task = "main"; }

//SET PRIVACY SETTINGS
if($is_admin_logged_in == "yes") {
$privacy = "AND (privacy='0' OR privacy='1' OR privacy='2' OR privacy='3')";
} elseif($member_info[u_id] == $user_info[u_id]) {
$privacy = "AND (privacy='0' OR privacy='1' OR privacy='2' OR privacy='3')";
} elseif($group_info[allow_members] == "1" & mysql_num_rows(mysql_query("SELECT m_id FROM bhost_members WHERE u_id='$user_info[u_id]' AND member_u_id='$member_info[u_id]'")) == "1") {
$privacy = "AND (privacy='1' OR privacy='2' OR privacy='3')";
} elseif($is_logged_in == "yes") {
$privacy = "AND (privacy='2' OR privacy='3')";
} else {
$privacy = "AND privacy='3'";
}

// IF PRIVACY FEATURE IS DISABLED BY ADMIN
if($group_info[allow_privacy] != 1) {
$privacy = "AND (privacy='0' OR privacy='1' OR privacy='2' OR privacy='3')";
}


if(isset($_POST['e_id'])) { $e_id = $_POST['e_id']; } elseif(isset($_GET['e_id'])) { $e_id = $_GET['e_id']; } else { exit(); }
if(mysql_num_rows(mysql_query("SELECT e_id FROM bhost_entries WHERE e_id='$e_id' AND u_id='$user_info[u_id]' $privacy")) != 1) { exit(); }
$entry_info = mysql_fetch_assoc(mysql_query("SELECT * from bhost_entries WHERE e_id='$e_id' AND u_id='$user_info[u_id]' $privacy"));


// CANCEL
if($task == "cancel") {
$url = url("entry", "$user_info[username]", "$e_id");
header("Location: $url");
exit();
}




if($task == "step2") {
$submit = $_GET['submit'];
$u = $_GET['u'];
$e_id = $_GET['e_id'];
// RETURN TO ENTRY
if($submit == "$sendlink1") {
$url = url("entry", "$u", "$e_id");
header("Location: $url");
}
// SEND ANOTHER MESSAGE
if($submit == "$sendlink2") {
header("Location: sendlink.php?u=$u&e_id=$e_id");
}
exit();
}



// SEND THE LINK
if($task == "dosend") {
$is_error = "no";
$error = "";

$to = $_POST['to'];
$from = $_POST['from'];
$message = $_POST['message'];

if(str_replace(" ", "", $to) == "") {
$is_error = "yes";
$error .= "$sendlink3<br>";
}
if(str_replace(" ", "", $from) == "") {
$is_error = "yes";
$error .= "$sendlink4<br>";
}
if(str_replace(" ", "", $message) == "") {
$is_error = "yes";
$error .= "$sendlink5";
}


if($is_error == "yes") {
echo $head;
echo "
<div class='float' style='padding-right: 2px;'><img src='./images/error.gif' border='0'></div>
<div>$error</div>
";
echo $foot;
exit();
}

@mail($to, "$sendlink6", $message, "From: $from");

echo $head;
echo "
<h2>$sendlink7</h2>
$sendlink8 <i>$to</i>.
<br><br>
<form action='sendlink.php' method='GET'>
<input type='submit' name='submit' class='button' value='$sendlink1'>
<input type='submit' name='submit' class='button' value='$sendlink2'>
<input type='hidden' name='task' value='step2'>
<input type='hidden' name='u' value='$user_info[username]'>
<input type='hidden' name='e_id' value='$e_id'>
</form>
";
echo $foot;
exit();
}







echo $head;

echo "
<h2>$sendlink9</h2>
$sendlink10
<br><br>

<table cellpadding='5' cellspacing='0'>
<form action='sendlink.php' method='POST'>
<tr>
<td align='right'>$sendlink11</td>
<td><input type='text' name='to' size='30' maxlength='100'></td>
</tr>
<tr>
<td align='right'>$sendlink12</td>
<td><input type='text' name='from' size='30' maxlength='100'"; if($is_admin_logged_in == "yes") { echo "value='$admin_info[email]'"; } elseif($is_logged_in == "yes") { echo "value='$member_info[email]'"; } echo "></td>
</tr>
<tr>
<td align='right' valign='top'>$sendlink13</td>
<td><textarea name='message' rows='8' cols='60'>$sendlink14
".url("entry", "$user_info[username]", "$e_id")."

</textarea></td>
</tr>

<tr>
<td>&nbsp;</td>
<td>
 <table cellpadding='0' cellspacing='0'>
 <tr>
 <td><input type='submit' class='button' value='$sendlink15'>&nbsp;</td>
 <input type='hidden' name='task' value='dosend'>
 <input type='hidden' name='u' value='$user_info[username]'>
 <input type='hidden' name='e_id' value='$e_id'>
 </form>
 <form action='sendlink.php' method='POST'>
 <td><input type='submit' class='button' value='$sendlink16'></td>
 </tr>
 <input type='hidden' name='task' value='cancel'>
 <input type='hidden' name='u' value='$user_info[username]'>
 <input type='hidden' name='e_id' value='$e_id'>
 </form>
 </table>
</td>
</tr>
</table>

";

echo $foot;


?>