pm_only.php

在传统CMS文章内容管理功能基础上

<?php
/*
    [BBWPS!] (C)2006-2010 小蜜蜂版权所有.
	  This is NOT a freeware, use is subject to license terms
*/
error_reporting(0);
if(!function_exists("checkRequire")){
	exit("Forbidden");
}
$db=new DB($hostname,$username,$password,$database);
$action = $_GET['act'];
if($action=="write"){
	!$_POST['to']?$to = $_POST['postto']:$to = $_POST['to'];
	if(!$to||!$_POST['title']||!$_POST['content']){
		MsgError($langAdminArray["mem_unempty"]);
	}
	$friendSql = "select username  from ".$prefix."members where username='$to'";
	if(!$db->get_one($friendSql)){
		MsgError($langAdminArray["pm_username_unexist"]);
	}
	$pmSql = "insert into ".$prefix."pmbox values('','{$langAdminArray["mem_system_msg"]}','$to','".time()."','$_POST[title]','$_POST[content]',0,1)";
	$db->update($pmSql);
	!$_POST['returnurl']?$_POST['returnurl']="?mod=member&f=pm_only":null;
  ExeSuccess($langAdminArray["bank_succ"],$_POST[returnurl]);
}else {
	$p=new Template("./template/member");
	$to = $_REQUEST['to'];    //收信人姓名
	$title = $_REQUEST['title'];
	$content = $_REQUEST['content'];
	$returnurl = $_REQUEST['returnurl'];
	$p->set_file("handle","systempm.html");
	if($to!=null||$to!=""){
		$p->set_var("to",$to);
		$p->set_var("unable","disabled");
	}
	$p->set_var("title",$title);
	$p->set_var("returnurl",$returnurl);
	$p->parse("out","handle");
	$p->p("out");
}
?>