editMessage.php
<?php include "inc.php"; ?>
<?php
$Opt="";
$Opt = $_REQUEST["Opt"];
if(!is_numeric($Opt)){
$Opt = 0;
}
if($Opt>1 || $Opt<0){
$Opt = 0;
}
if($Opt==1){
$MessageID = $_REQUEST["MessageID"];
if(!is_numeric($MessageID)){
$MessageID = 0;
}
if($MessageID<=0){
echo "参数错误!";
exit();
}
$sql = "select * from Messages where MessageID=".$MessageID;
$rs = $conn->query($sql);
$row=$rs->fetch();
$MessageName = $row["MessageName"];
$MessageTitle = $row["MessageTitle"];
$MessageContent = $row["MessageContent"];
$MessagePhone = $row["MessagePhone"];
$MessageEmail = $row["MessageEmail"];
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312" />
<title>编辑留言</title>
</head>
<body>
<h3>编辑留言</h3>
<a href="javascript:history.go(-1);">返回</a>
<form name="editform" action="" method="post">
<p> 留言人:<input type="text" name="name" value="<?php echo $MessageName; ?>" /></p>
<p>联系电话:<input type="text" name="phone" value="<?php echo $MessageTitle; ?>" /></p>
<p>电子邮箱:<input type="text" name="email" value="<?php echo $MessageContent; ?>" /></p>
<p>留言标题:<input type="text" name="title" value="<?php echo $MessagePhone; ?>" /></p>
<p>留言内容:<textarea name="content" cols="80" rows="10"><?php echo $MessageEmail; ?></textarea></p>
<p><input type="submit" name="sub" value="提交" /> <input type="reset" name="reset" value="取消" /></p>
</form>
<?php
if($_REQUEST["sub"]=="提交"){
$name="";
$title="";
$content="";
$phone="";
$email="";
$name = CheckInput($_REQUEST["name"]);
$title = CheckInput($_REQUEST["title"]);
//$title = $_REQUEST["title"];
$content = CheckInput($_REQUEST["content"]);
$phone = CheckInput($_REQUEST["phone"]);
$email = CheckInput($_REQUEST["email"]);
if(empty($name)){
echo "<script>alert('留言人不能为空!');</script>";
return false;
}
if(empty($title)){
echo "<script>alert('留言标题不能为空!');</script>";
return false;
}
if(empty($content)){
echo "<script>alert('留言内容不能为空!');</script>";
return false;
}
switch($Opt){
case 0:
$sql="insert into Messages(MessageName,MessageTitle,MessageContent,MessagePhone,MessageEmail) values('".$name."','".$title."','".$content."','".$phone."','".$email."')";
//$sql="insert into Messages(MessageName,MessageTitle,MessageContent,MessagePhone,MessageEmail) values(\"".$name."\",\"".$title."\",\"".$content."\",\"".$phone."\",\"".$email."\")";
//$sql="insert into Messages(MessageName,MessageTitle,MessageContent,MessagePhone,MessageEmail) values(\"{".$name."}\",\"{".$title."}\",\"{".$content."}\",\"{".$phone."}\",\"{".$email."}\")";
//$sql="insert into Messages(MessageName,MessageTitle,MessageContent,MessagePhone,MessageEmail) values('{".$name."}','{".$title."}','{".$content."}','{".$phone."}','{".$email."}')";
//$sql="insert into Messages(MessageName,MessageTitle,MessageContent,MessagePhone,MessageEmail) values('$name','$title','$content','$phone','$email')";
//$sql="insert into Messages(MessageName,MessageTitle,MessageContent,MessagePhone,MessageEmail) values(\"$name\",\"$title\",\"$content\",\"$phone\",\"$email\")";
break;
case 1:
$sql="update Messages set MessageName='".$name."',MessageTitle='".$title."',MessageContent='".$content."',MessagePhone='".$phone."',MessageEmail='".$email."' where MessageID=".$MessageID;
break;
default:;
}
//echo $sql;
$conn->exec($sql);
echo "<script>alert('编辑成功!');window.location.href='index.php';</script>";
}
?>
</body>
</html>