📄 comment_ajax.php
字号:
<?php
require_once("global.php");
header('Content-Type: text/html; charset=gb2312');
if($action=="post"){
if( $webdb[yzImgComment] ){
if(!get_cookie("yzImgNum")||get_cookie("yzImgNum")!=$yzimg){
die("验证码不符合,评论失败");
}else{
//setcookie("yzImgNum","0",$timestamp+3600,"/");
}
}
if(!$content){
die("内容不能为空");
}
if($webdb[forbidComment]){
$allow=0;
}elseif(!$lfjid&&!$webdb[allowGuestComment]){
$allow=0;
}else{
$allow=1;
}
if($webdb[allowGuestCommentPass]){
$yz=1;
}elseif($lfjid&&$webdb[allowMemberCommentPass]){
$yz=1;
}else{
$yz=0;
}
$username=filtrate($username);
$content=filtrate($content);
$content=str_replace("@@br@@","<br>",$content);
//过滤不健康的字
$username=replace_bad_word($username);
$content=replace_bad_word($content);
//处理有人恶意用他人帐号做署名的
$rs=$db->get_one(" SELECT $TB[uid] AS uid FROM $TB[table] WHERE $TB[username]='$username' ");
if($rs[uid]!=$lfjuid){
$username="匿名";
}
$rss=$db->get_one(" SELECT * FROM {$pre}mv_video WHERE id='$id' ");
if(!$rss){
die("数据不存在");
}
$username || $username=$lfjid;
$type=2;
if($allow){
$db->query("INSERT INTO `{$pre}mv_comments` (`cuid`, `type`, `id`, `fid`, `uid`, `username`, `posttime`, `content`, `ip`, `icon`, `yz`) VALUES ('$rss[uid]','$type','$id','$fid','$lfjuid','$username','$timestamp','$content','$onlineip','$icon','$yz')");
$db->query(" UPDATE {$pre}mv_video SET comments=comments+1 WHERE id='$id' ");
}
}
elseif($action=="del")
{
$rs=$db->get_one("SELECT * FROM `{$pre}mv_comments` WHERE cid='$cid'");
if(!$lfjuid)
{
die("你还没登录,无权限");
}
elseif(!$web_admin&&$rs[uid]!=$lfjuid&&$rs[cuid]!=$lfjuid)
{
die("你没权限");
}
$db->query("DELETE FROM `{$pre}mv_comments` WHERE cid='$cid' ");
if($rs){
$db->query("UPDATE {$pre}mv_video SET comments=comments-1 WHERE id='$rs[id]' ");
}
}
if(!$webdb[showNoPassComment]){
$SQL=" AND yz=1 ";
}else{
$SQL="";
}
$rows=$webdb[showCommentRows]?$webdb[showCommentRows]:5;
$listdb=ListThisComment($rows,$leng=400);
$showpage=getpage("`{$pre}mv_comments`"," where id='$id' $SQL","?fid=$fid&id=$id",$rows);
$showpage=preg_replace("/\?fid=([\d]+)&id=([\d]+)&page=([\d]+)/is","javascript:getcomment('comment_ajax.php?fid=\\1&id=\\2&page=\\3')",$showpage);
require_once(getTpl('comment_ajax'));
function ListThisComment($rows,$leng){
global $page,$fid,$id,$SQL;
if($page<1){
$page=1;
}
$min=($page-1)*$rows;
$listdb=list_comment("WHERE id=$id $SQL ORDER BY cid DESC LIMIT $min,$rows",'*',$leng);
return $listdb;
}
?>⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -