大体都很好,就是安全性不太灵光。几乎米有过滤。发出来看看吧,我琢磨下怎么改,功能还在完善中,也请路过的高手指点一二!
config.php
<?php
//MySQL Set
$hostname = "localhost"; //HostNmae
$user = "music"; //userName
$password = "music"; //UserPassWord
?>
index.php
<html><head><title>音乐共享系统.<Vampire.Kiss></title>
<META http-equiv=Content-Type content="text/html; charset=gb2312">
<style type="text/css">
.BlueBG{ background-color:#DDEDF4;}
.BlueBG td{height:16px;line-height:16px;}
.list td{border-bottom:1px solid #e1e1e1; height:28px; padding-left:6px;}
.list td.d{font-size:14px;border-bottom:1px solid #e1e1e1; height:28px; padding-left:6px;table-layout:fixed; word-break :break-all}
body {
font-size: 12px;
font-color: #008000;
}
td {
font-size: 12px;
font-color: #008000;
}
a{color:#000000;text-decoration:none;}
a:hover{color:red;text-decoration:underline;}
a:visited{color:black;text-decoration:none;}
a:link { text-decoration: none ;font-size: 12px }
</style>
</head>
<body >
<SPAN ID=AD_778></SPAN>
<SCRIPT language=JavaScript type=text/JavaScript>
function AddMusic()
{
var win = window.open("NewMusic.Php","Mywin",null);
}
function ShowMusic(Url,N)
{
var adr = "ShowMusic.Php?adr=" + Url + "&n=" + N;
var win = window.open(adr,"mywin","height=400,width=560,scrollbar=yes");
}
function Search()
{
var strsrc = document.getElementById("search");
var strtype = document.getElementById("stype");
location.href("Search.Php?s=" + strsrc.value+"&t=" + strtype.options.value);
}
</SCRIPT>
<Div align=center>
音乐共享系统 V1.0
</Div>
<P algin=left>
搜索歌曲:
<input type=text name=search id=search />
搜索类型:
<SELECT name=stype id="stype" style="WIDTH: 100px">
<OPTION value="1" selected>歌曲名称</OPTION>
<OPTION value="2">专辑名称</OPTION>
<OPTION value="3">歌手名称</OPTION>
</SELECT>
<input type=button name=sbtn id=sbtn value=强力搜索 οnclick=Search() />
</p>
<table width=100% border=0 cellpadding=2 cellspacing=0 bordercolor=#ffffff bgcolor="#FFFFFF" class="list">
<tr class="BlueBG">
<td width="4%" nowrap valign=top> </td>
<td nowrap width="32%" style="padding-left:6px"><b>歌曲名</b></td>
<td width="20%" nowrap style="padding-left:6px"><B>专辑名</B></td>
<td width="20%" nowrap style="padding-left:6px"><B>歌手名</B></td>
<td width="20%" nowrap style="padding-left:6px"><b>试听</b> </td>
</tr>
<?php
include "mysql.php";
if(!isset($_GET["page"]) || $_GET["page"] <=0)
{
$PageID=1;
}
else
{
$PageID=(int) $_GET["page"];
}
if($PageID<=1)
{
$UpPage=1;
}
else
{
$UpPage=$PageID-1;
}
$NextPage=$PageID+1;
$PageSize=10;
$PageUp = ($PageID - 1)*$PageSize;
$mysql=@new ext_mysql();
$mysql->Open("host26");
$mysql->setGetData("*","music limit $PageUp,$PageSize","");
while($mydata=mysql_fetch_array($mysql->therlt))
{
?>
<tr class="BlueBG">
<td width="4%" nowrap valign=top> </td>
<td align=left"><A href=Search.Php?s=<?=$mydata["Mname"]?>&t=1><?=$mydata["Mname"]?></a></td>
<td align=left"><A href=Search.Php?s=<?=$mydata["Mzhuanji"]?>&t=2><?=$mydata["Mzhuanji"]?></a></td>
<td align=left"><A href=Search.Php?s=<?=$mydata["Mmname"]?>&t=3><?=$mydata["Mmname"]?></a></td>
<td align=left"><a href=Javascript:ShowMusic("<?=$mydata["Murl"] ?>","<?=$mydata["Mid"] ?>")>试听</a></td>
</tr>
<?php
}
$mysql->endset();
$mysql->Close();
?>
</table>
<Br>
<div align="center" height="32">
<p />
<INPUT οnclick=AddMusic() type=button value=" 添加音乐 " name=Submit4>
<P>
<A href="index.Php?page=<?=$UpPage?>">↑上一页</A>
<A href="index.Php?page=<?=$NextPage?>">下一页↓</A>
</p>
</div>
</body>
</html>
mysql.php
<?php
include "config.php";
class ext_mysql
{
var $servername;
var $userid;
var $userpwd;
var $therlt;
function ext_mysql()
{
global $hostname;
global $user;
global $password;
$this->servername = $hostname;
$this->userid = $user;
$this->userpwd = $password;
}
function Open($dbname)
{
if($this->servername != "" || $this->userid != "")
{
$link = @mysql_connect($this->servername,$this->userid,$this->userpwd);
if($link)
{
@mysql_query("SET NAMES 'GBK'");
@mysql_select_db($dbname);
return TRUE;
}
else { return FALSE ; }
}
else { return FALSE ; }
}
function Close()
{
@mysql_close();
}
function setGetData($fieldsname,$formname,$swhere)
{
if($swhere=="")
{
$query_sql = "select " . $fieldsname . " from " . $formname;
}
else
{
$query_sql = "select " . $fieldsname . " from " . $formname . " where " . $swhere;
}
$this->therlt = @mysql_query($query_sql);
}
function endset() { @mysql_free_result($this->therlt);}
function NoneQuery($sql)
{
if(mysql_query($sql))
{
return TRUE;
}
else { return FALSE; }
}
}
?>
Newmusic.php
<html><head><title>音乐共享系统->添加音乐</title>
<META http-equiv=Content-Type content="text/html; charset=gb2312">
</head>
<style type="text/css">
body {
font-size: 13px;
font-color: #008000;
}
td {
font-size: 13px;
font-color: #008000;
}
</style>
<body>
<script language=javascript>
function checkfrm()
{
if(frm.txtname.value=="")
{
alert("请输入歌曲名字!");
return false;
}
if(frm.txtzhuanji.value=="")
{
alert("请输入歌曲专集名!");
return false;
}
if(frm.txtmname.value=="")
{
alert("请输入歌手姓名!");
return false;
}
if(frm.txturl.value=="")
{
alert("请输入歌曲地址!");
return false;
}
frm.submit();
return true;
}
</script>
<p align=center>
<font color=red size=5><b>添加音乐(一人辛苦,大家方便)</b></font>
</p>
<form name=frm id=frm method=post action=NewMusic.php>
<div align=center>
<p align=center>
歌曲名字:
<input type=text name=txtname id=txtname />
</p>
<p align=center>
歌曲专辑:
<input type=text name=txtzhuanji id=txtzhuanji />
</p>
<p align=center>
歌手姓名:
<input type=text name=txtmname id=txtmname />
</p>
<p align=center>
歌曲地址:
<input type=text name=txturl id=txturl />
</p>
<p align=center>
<li>
歌词:
<textarea rows="20" name=ntext id=ntext cols="40"></textarea>
</li>
</p>
<P align=center>
<input type=button value=" 确定添加 " οnclick="checkfrm()">
<input type=button value=" 取消添加 " οnclick="window.close()">
</p>
</div>
</form>
</body>
<?php
if(isset($_POST["txtname"]))
{
include("mysql.php");
$mysql=@new ext_mysql();
$mysql->Open("host26");
$addtime=@date("Y-m-d");
$sql="insert into music(Mname,Mzhuanji,Mmname,Murl,Maddtime,Mgeci) values('";
$sql.= $_POST["txtname"]."','".$_POST["txtzhuanji"]."','".$_POST["txtmname"]."','";
$sql.=$_POST["txturl"]."','".$addtime."','".nl2br(htmlspecialchars($_POST["ntext"])). "')";
$re=$mysql->NoneQuery($sql);
$mysql->Close();
if($re)
{
echo "<script>alert('添加成功!!!');window.opener.location.href('index.Php');window.close();</script>";
}
else
{
echo "<script>alert('添加失败');window.close();</script>";
}
}
?>
search.php
<?php
if(!isset($_GET["s"]) || $_GET["s"]=="")
{
die("错误的搜索参数!");
}
if(!$stype=(int)$_GET["t"])
{
die("错误的搜索参数!");
}
?>
<html><head><title>搜索j结果</title>
<META http-equiv=Content-Type content="text/html; charset=gb2312">
<style type="text/css">
.BlueBG{ background-color:#DDEDF4;}
.BlueBG td{height:16px;line-height:16px;}
.list td{border-bottom:1px solid #e1e1e1; height:28px; padding-left:6px;}
.list td.d{font-size:14px;border-bottom:1px solid #e1e1e1; height:28px; padding-left:6px;table-layout:fixed; word-break :break-all}
body {
font-size: 12px;
font-color: #008000;
}
td {
font-size: 12px;
font-color: #008000;
}
a{color:#000000;text-decoration:none;}
a:hover{color:red;text-decoration:underline;}
a:visited{color:black;text-decoration:none;}
a:link { text-decoration: none ;font-size: 12px }
</style>
</head>
<body >
<SPAN ID=AD_778></SPAN>
<SCRIPT language=JavaScript type=text/JavaScript>
function ShowMusic(Url,N)
{
var adr = "ShowMusic.Php?adr=" + Url + "&n=" + N;
var win = window.open(adr,"mywin","height=400,width=560");
}
function Search()
{
var strsrc = document.getElementById("search");
var strtype = document.getElementById("stype");
location.href("Search.Php?s=" + strsrc.value+"&t=" + strtype.options.value);
}
</SCRIPT>
<P algin=left>
搜索歌曲:
<input type=text name=search id=search />
搜索类型:
<SELECT name=stype id="stype" style="WIDTH: 100px">
<OPTION value="1" selected>歌曲名称</OPTION>
<OPTION value="2">专辑名称</OPTION>
<OPTION value="3">歌手名称</OPTION>
</SELECT>
<input type=button name=sbtn id=sbtn value=强力搜索 οnclick=Search() />
</p>
<table width=100% border=0 cellpadding=2 cellspacing=0 bordercolor=#ffffff bgcolor="#FFFFFF" class="list">
<tr class="BlueBG">
<td width="4%" nowrap valign=top> </td>
<td nowrap width="32%" style="padding-left:6px"><b>歌曲名</b></td>
<td width="20%" nowrap style="padding-left:6px"><B>专辑名</B></td>
<td width="20%" nowrap style="padding-left:6px"><B>歌手名</B></td>
<td width="20%" nowrap style="padding-left:6px"><b>试听</b> </td>
</tr>
<?php
include "mysql.php";
$swhere = "";
switch($stype)
{
case 1:
$swhere="Mname = '" . $_GET["s"] . "'";
break;
case 2:
$swhere="Mzhuanji = '" . $_GET["s"] . "'";
break;
case 3:
$swhere="Mmname = '" . $_GET["s"] . "'";
break;
}
$mysql=@new ext_mysql();
$mysql->Open("host26");
$mysql->setGetData("*","music",$swhere);
if(!$fnum=@mysql_num_rows($mysql->therlt))
{
echo "没有找到相关信息..请<a href=index.Php><font _fcksavedurl="index.Php><font" color=red>返回</font></a>重新搜索!";
$mysql->endset();
$mysql->Close();
return;
}
while($mydata=mysql_fetch_array($mysql->therlt))
{
?>
<tr class="BlueBG">
<td width="4%" nowrap valign=top> </td>
<td align=left"><?=$mydata["Mname"] ?></td>
<td align=left"><?=$mydata["Mzhuanji"] ?></td>
<td align=left"><?=$mydata["Mmname"] ?></td>
<td align=left"><a href=Javascript:ShowMusic("<?=$mydata["Murl"] ?>","<?=$mydata["Mid"] ?>")>试听</a></td>
</tr>
<?php
}
$mysql->endset();
$mysql->Close();
?>
</table>
<Br>
<div align="center" height="32">
<p />
<P>结果总数:<font color=red><?=$fnum?></font></p>
</div>
</body>
</html>
showmusic.php
<?php
if(!isset($_GET["n"]) || $_GET["n"]=="")
{
die("错误的播放参数");
}
include "mysql.php";
$mysql=@new ext_mysql();
$mysql->Open("host26");
$mysql->setGetData("*","music","Mid=" . $_GET["n"]);
$mydata=mysql_fetch_array($mysql->therlt);
$Mname=$mydata["Mname"];
$Mgeci=$mydata["Mgeci"];
$mysql->endset();
$mysql->Close();
?>
<html>
<head>
<title>音乐共享系统-><<?=$Mname ?>></title>
<META http-equiv=Content-Type content="text/html; charset=gb2312">
<style type="text/css">
body {
font-size: 12px;
font-color: #008000;
}
</style>
</head>
<body>
<center>播放歌曲:<?=$Mname ?></center>
<bR>
<embed src="<?=$_GET["adr"] ?>" autostart="true" loop="true" width=450 height=40 />
<p align=center>
<?=$Mgeci?>
</p>
5468
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
