form.inc.php

学校网站源码http://您的网址/admin/admin_login.asp 默认登录用户：admin 默认登录密码：admin

<?php


function checkform( )
{
	global $fsql;
	global $tsql;
	global $tbl_form;
	global $tbl_form_feedback;
	global $NowMenuid;
	global $SiteName;
	global $SiteHttp;
	global $SiteEmail;
	global $FormSendNTC1;
	global $FormSendNTC2;
	global $strRegNotice9;
	$REMOTE_ADDR = $_SERVER['REMOTE_ADDR'];
	$email = $_POST['email'];
	$table_name = $tbl_form."_".$NowMenuid;
	$fsql->query( "select field_caption,field_name,field_null,value_repeat from {$table_name} where use_field = '1' order by xuhao" );
	while ( $fsql->next_record( ) )
	{
		$field_caption = $fsql->f( "field_caption" );
		$field_name = $fsql->f( "field_name" );
		$field_null = $fsql->f( "field_null" );
		$value_repeat = $fsql->f( "value_repeat" );
		$nowvalue = $_POST[$field_name];
		if ( $field_null == "1" && ( !isset( $nowvalue ) || $nowvalue == "" ) )
		{
			$CheckString = $FormSendNTC1."<br>";
			return $CheckString;
		}
		if ( $value_repeat == "0" && $nowvalue != "" )
		{
			$tsql->query( "select id from {$tbl_form_feedback} where ".$field_name."='".$nowvalue."' and menuid = '".$NowMenuid."'" );
			if ( $tsql->next_record( ) )
			{
				$CheckString = $field_caption.$FormSendNTC2."<br>";
				return $CheckString;
			}
		}
	}
	if ( !eregi( "^[_.0-9a-z-]+@([0-9a-z][0-9a-z-]+.)+[a-z]{2,3}\$", $email ) )
	{
		$CheckString = $strRegNotice9."<br>";
		return $CheckString;
	}
	$nowtime = time( );
	$title = htmlspecialchars( $_POST['title'] );
	$name = htmlspecialchars( $_POST['name'] );
	$sex = htmlspecialchars( $_POST['sex'] );
	$tel = htmlspecialchars( $_POST['tel'] );
	$address = htmlspecialchars( $_POST['address'] );
	$email = htmlspecialchars( $_POST['email'] );
	$url = htmlspecialchars( $_POST['url'] );
	$qq = htmlspecialchars( $_POST['qq'] );
	$company = htmlspecialchars( $_POST['company'] );
	$company_address = htmlspecialchars( $_POST['company_address'] );
	$zip = htmlspecialchars( $_POST['zip'] );
	$fax = htmlspecialchars( $_POST['fax'] );
	$products_id = htmlspecialchars( $_POST['products_id'] );
	$products_name = htmlspecialchars( $_POST['products_name'] );
	$products_num = htmlspecialchars( $_POST['products_num'] );
	$content = htmlspecialchars( $_POST['content'] );
	$custom1 = htmlspecialchars( $_POST['custom1'] );
	$custom2 = htmlspecialchars( $_POST['custom2'] );
	$custom3 = htmlspecialchars( $_POST['custom3'] );
	$custom4 = htmlspecialchars( $_POST['custom4'] );
	$custom5 = htmlspecialchars( $_POST['custom5'] );
	$custom6 = htmlspecialchars( $_POST['custom6'] );
	$custom7 = htmlspecialchars( $_POST['custom7'] );
	$tsql->query( "insert into {$tbl_form_feedback} values(\r\n\t\t0,\r\n\t\t'{$NowMenuid}',\r\n\t\t'{$title}',\r\n\t\t'{$content}',\r\n\t\t'{$name}',\r\n\t\t'{$sex}',\r\n\t\t'{$tel}',\r\n\t\t'{$address}',\r\n\t\t'{$email}',\r\n\t\t'{$url}',\r\n\t\t'{$qq}',\r\n\t\t'{$company}',\r\n\t\t'{$company_address}',\r\n\t\t'{$zip}',\r\n\t\t'{$fax}',\r\n\t\t'{$products_id}',\r\n\t\t'{$products_name}',\r\n\t\t'{$products_num}',\r\n\t\t'{$custom1}',\r\n\t\t'{$custom2}',\r\n\t\t'{$custom3}',\r\n\t\t'{$custom4}',\r\n\t\t'{$custom5}',\r\n\t\t'{$custom6}',\r\n\t\t'{$custom7}',\r\n\t\t'{$REMOTE_ADDR}',\r\n\t\t'{$nowtime}',\r\n\t\t'0',\r\n\t\t'0' )" );
	return "1";
}

?>