getMessage()); } // 有効なデータ数を数える $count_topic_sql = "select count(tid) from ".$config['DBserver']['topictable']." where status = '0'"; $count_topic_data =& $db->query($count_topic_sql); //SQL実行 $count_topic_array = $count_topic_data->fetchRow(); $count_topic = $count_topic_array[0]; if(($page * $config['Page']['num'] + 1) > $count_topic){ header("Location: ".$config['Path']['URL'].$config['Path']['URI']); exit; } $DB_limits_array = DB_limits($page, $config['Page']['num'], $count_topic); // topic データ取得 $topic_target_column = "tid,Name,MailAddress,Title,Comment,CreateDate,UserFlag"; $topic_sql = "select ".$topic_target_column." from ".$config['DBserver']['topictable']." where status = '0' order by UpdateDate DESC limit ".($DB_limits_array['start']-1).", ".$config['Page']['num']; $topic_data =& $db->query($topic_sql); //SQL実行 include($templeDir."list.html"); //DB切断 $db->disconnect(); exit; } /*=============================================================================*/ /* トピック作成モード ---------------------------------------------------------*/ /*=============================================================================*/ elseif($mode=="topic_entry"){ //フォームの状態flag $form_status = $_POST['form_status']; //登録画面表示 if(!isset($form_status)){ include($templeDir."topic_form_entry.html"); exit; } elseif($form_status == "form"){ $name = stripslashes($_POST['name']); $mailaddress = stripslashes($_POST['mailaddress']); $title = stripslashes($_POST['title']); $comment = stripslashes($_POST['comment']); include($templeDir."topic_form_entry.html"); exit; } //確認画面へ elseif($form_status == "conf"){ $error = "-"; $name = stripslashes($_POST['name']); $mailaddress = $_POST['mailaddress']; $title = stripslashes($_POST['title']); $comment = stripslashes($_POST['comment']); if($name == ""){ $name = $config['Page']['emptyname']; } //入力チェック if($name == "" or $title == "" or $comment == ""){ $error .= "EMPTY-"; } if($mailaddress != "" and ! CheckValidMail($mailaddress)){ $error .="MAILADDRESS-"; } //$comment = preg_replace('/\s\s\s\s\s\s+/', "\n", $comment); $comment = str_replace("\r\n", "\n", $comment); //改行文字の統一 $comment = str_replace("\r", "\n", $comment); $comment =ereg_replace("\n((　| )*\n){3,}","\n\n",$comment); // $comment = ereg_replace("^(\n)+|(\n)+$", "", $comment); if($error != "-"){ include($templeDir."topic_form_entry.html");//フォームに戻す exit; }else{ include($templeDir."topic_form_conf.html");//確認画面表示 exit; } } elseif($form_status == "insert"){ $name = stripslashes($_POST['name']); $mailaddress = $_POST['mailaddress']; $title = stripslashes($_POST['title']); $comment = stripslashes($_POST['comment']); $DeviceType = DeviceType($UserAgent); if($DeviceType != "PC"){ $UTN = getMobileID(); $UTNorIP = $UTN; }else{ $UTN = ""; $UTNorIP = $IP; } //拒否IPだったらリストページに戻す。 if(checkDenyIP($IP)){ header("Location: ".$config['Path']['URL'].$config['Path']['URI']); exit; } if(checkDenyUser($config['adminPath']['denylist'], $UTNorIP)){ header("Location: ".$config['Path']['URL'].$config['Path']['URI']); exit; } //入力チェック if($name == "" or $title == "" or $comment == ""){ $error .= "EMPTY-"; } if($mailaddress != "" and ! CheckValidMail($mailaddress)){ $error .="MAILADDRESS-"; } //メールアドレスがあったらフラグを立てる if(!empty($mailaddress)){ $SendmailFlag = "1"; }else{ $SendmailFlag = "0"; } // PEAR DB require_once("DB.php"); $dsn = "mysql://".$config['DBserver']['User'].":".$config['DBserver']['Password']."@".$config['DBserver']['Host']."/".$config['DBserver']['DB'].""; $db = DB::connect($dsn); //$config['DBserver']['topictable'] $target_column = "Name,MailAddress,Title,Comment,UserAgent,IP,BrowserType,UTN,UpdateDate,SendmailFlag"; $insert_data = "'".cvt2mysql($name)."','".cvt2mysql($mailaddress)."','".cvt2mysql($title)."','".cvt2mysql($comment)."','".cvt2mysql($UserAgent)."','".cvt2mysql($IP)."','".cvt2mysql($DeviceType)."','".cvt2mysql($UTN)."','".date('Y-m-d H:i:s')."','".$SendmailFlag."'"; $sql = "insert into ".$config['DBserver']['topictable']."(".$target_column.") values (".$insert_data.")"; //$db = DB::connect($dsn); if (PEAR::isError($db)) { die($db->getMessage()); } $res =& $db->query($sql);//SQL実行 //DB切断 $db->disconnect(); header("Location: ".$config['Path']['URL'].$config['Path']['URI']); exit; } else{ include($templeDir."list.html"); exit; } } /*=============================================================================*/ /* レス作成モード -------------------------------------------------------------*/ /*=============================================================================*/ elseif($mode=="res_entry"){ // if(!isset($_POST['tid'])){ $tid = $_GET['tid']; }else{ $tid = $_POST['tid']; } //フォームの状態flag $form_status = $_POST['form_status']; if(!isset($form_status) or $form_status == "form"){ if($form_status == "form"){ $tid = $_POST['tid']; $name = stripslashes($_POST['name']); $mailaddress = $_POST['mailaddress']; $title = stripslashes($_POST['title']); $comment = stripslashes($_POST['comment']); } require_once("DB.php"); $dsn = "mysql://".$config['DBserver']['User'].":".$config['DBserver']['Password']."@".$config['DBserver']['Host']."/".$config['DBserver']['DB'].""; $db = DB::connect($dsn); if (PEAR::isError($db)) { die($db->getMessage()); } $topic_target_column = "tid,Name,MailAddress,Title,Comment,CreateDate,UserFlag"; $topic_sql = "select ".$topic_target_column." from ".$config['DBserver']['topictable']." where tid = '".$tid."'"; $topic_data =& $db->query($topic_sql); //SQL実行 include($templeDir."res_form_entry.html"); //DB切断 $db->disconnect(); exit; } elseif($form_status == "conf"){ $name = stripslashes($_POST['name']); $mailaddress = $_POST['mailaddress']; $title = stripslashes($_POST['title']); $comment = stripslashes($_POST['comment']); if($name == ""){ $name = $config['Page']['emptyname']; } //入力チェック $error = "-"; if($name == "" or $title == "" or $comment == ""){ $error .= "EMPTY-"; } /* if($mailaddress != "" and ! CheckValidMail($mailaddress)){ $error .="MAILADDRESS-"; } */ $comment = str_replace("\r\n", "\n", $comment); //改行文字の統一 $comment = str_replace("\r", "\n", $comment); $comment =ereg_replace("\n((　| )*\n){3,}","\n\n",$comment); if($error != "-"){ require_once("DB.php"); $dsn = "mysql://".$config['DBserver']['User'].":".$config['DBserver']['Password']."@".$config['DBserver']['Host']."/".$config['DBserver']['DB'].""; $db = DB::connect($dsn); if (PEAR::isError($db)) { die($db->getMessage()); } $topic_target_column = "tid,Name,MailAddress,Title,Comment,CreateDate,UserFlag"; $topic_sql = "select ".$topic_target_column." from ".$config['DBserver']['topictable']." where tid = '".$tid."'"; $topic_data =& $db->query($topic_sql); //SQL実行 include($templeDir."res_form_entry.html");//フォームに戻す //DB切断 $db->disconnect(); exit; }else{ include($templeDir."res_form_conf.html"); exit; } } elseif($form_status == "insert"){ $name = stripslashes($_POST['name']); $mailaddress = $_POST['mailaddress']; $title = stripslashes($_POST['title']); $comment = stripslashes($_POST['comment']); $DeviceType = DeviceType($UserAgent); if($DeviceType != "PC"){ $UTN = getMobileID(); $UTNorIP = $UTN; }else{ $UTN = ""; $UTNorIP = $IP; } //拒否IPだったらリストページに戻す。 if(checkDenyIP($IP)){ header("Location: ".$config['Path']['URL'].$config['Path']['URI']); exit; } if(checkDenyUser($config['adminPath']['denylist'], $UTNorIP)){ header("Location: ".$config['Path']['URL'].$config['Path']['URI']); exit; } // PEAR DB require_once("DB.php"); $dsn = "mysql://".$config['DBserver']['User'].":".$config['DBserver']['Password']."@".$config['DBserver']['Host']."/".$config['DBserver']['DB'].""; $db = DB::connect($dsn); //$config['DBserver']['topictable'] $target_column = "tid,Name,MailAddress,Title,Comment,UserAgent,IP,BrowserType,UTN"; $insert_data = "'".$tid."','".cvt2mysql($name)."','".cvt2mysql($mailassress)."','".cvt2mysql($title)."','".cvt2mysql($comment)."','".cvt2mysql($UserAgent)."','".cvt2mysql($IP)."','".cvt2mysql($DeviceType)."','".cvt2mysql($UTN)."'"; $sql = "insert into ".$config['DBserver']['restable']."(".$target_column.") values (".$insert_data.")"; //echo $sql; if (PEAR::isError($db)) { die($db->getMessage()); } $res =& $db->query($sql);//SQL実行 //UpdateDateを更新 $update_sql = "UPDATE ".$config['DBserver']['topictable']." SET UpdateDate = '".date('Y-m-d H:i:s')."' where tid ='".$tid."'"; $res =& $db->query($update_sql);//SQL実行 //メールアドレスが入っているか確認 $target_column = "MailAddress"; $get_mailaddress_sql = "select ".$target_column." from ".$config['DBserver']['topictable']." where tid = '".$tid."' and SendmailFlag = '1'"; $get_mailaddress =& $db->query($get_mailaddress_sql);//SQL実行 $get_mailaddress_array = $get_mailaddress->fetchRow(); $mailladdress = $get_mailaddress_array[0];// if(!empty($mailladdress)){ require_once("./lib/pagelib.php"); //送信者 $headers = "From: ".$config['mail']['fromaddress'].""; //件名 $subject = base64_encode($config['mail']['subject']); $subject = "=?ISO-2022-JP?B?".$subject."?="; //メール本文生成 $replace_strings['URL'] = $config['Path']['URL'].$config['Path']['URI']."index.php?mode=view&tid=".$tid; $replaceTemplate = replaceTemplate($config['mail']['body'], $replace_strings); //メール送信 mail(trim($mailladdress),$subject,$replaceTemplate,$headers); } //DB切断 $db->disconnect(); //header("Location: ".$config['Path']['URL'].$config['Path']['URI']); header("Location: ".$config['Path']['URL'].$config['Path']['URI']."?mode=view&tid=".$tid); exit; } } /*=============================================================================*/ // メール削除 /*=============================================================================*/ elseif($mode=="mail_entry"){ //フォームの状態flag $form_status = $_POST['form_status']; $mailaddress = $_POST['mailaddress']; if(!isset($form_status)){ include($templeDir."mail_form_entry.html"); exit; }elseif($form_status=="del"){ //入力チェック $error = "-"; if($mailaddress == ""){ $error .= "EMPTY-"; } if(!$mailaddress == "" and !CheckValidMail($mailaddress)){ $error .="MAILADDRESS-"; } if($error != "-"){ include($templeDir."mail_form_entry.html"); exit; } else{ require_once("DB.php");// PEAR DB $dsn = "mysql://".$config['DBserver']['User'].":".$config['DBserver']['Password']."@".$config['DBserver']['Host']."/".$config['DBserver']['DB'].""; $db = DB::connect($dsn); if (PEAR::isError($db)) { die($db->getMessage()); } // 有効なデータ数を数える $count_mail_sql = "select count(tid) from ".$config['DBserver']['topictable']." where MailAddress = '".$mailaddress."'"; $count_mail_data =& $db->query($count_mail_sql); //SQL実行 $count_mail_array = $count_mail_data->fetchRow(); $count_mail = $count_mail_array[0]; if($count_mail == 0){ $error .="NOMAILADDRESS-"; include($templeDir."mail_form_entry.html"); }else{ $update_mail_sql = "update ".$config['DBserver']['topictable']." set MailAddress = 'NULL' where MailAddress = '".$mailaddress."'"; $db->query($update_mail_sql); //SQL実行 include($templeDir."mail_form_end.html"); } //DB切断 $db->disconnect(); exit; } // 有効なデータ数を数える /*$count_topic_sql = "select count(tid) from ".$config['DBserver']['topictable']." where status = '0'"; $count_topic_data =& $db->query($count_topic_sql); //SQL実行 $count_topic_array = $count_topic_data->fetchRow(); $count_topic = $count_topic_array[0]; */ } } /*=============================================================================*/ // メール通知用ページ /*=============================================================================*/ elseif($mode=="view"){ if(!isset($_POST['tid'])){ $tid = $_GET['tid']; }else{ $tid = $_POST['tid']; } require_once("DB.php"); $dsn = "mysql://".$config['DBserver']['User'].":".$config['DBserver']['Password']."@".$config['DBserver']['Host']."/".$config['DBserver']['DB'].""; $db = DB::connect($dsn); if (PEAR::isError($db)) { die($db->getMessage()); } $topic_target_column = "tid,Name,MailAddress,Title,Comment,CreateDate,UserFlag"; $topic_sql = "select ".$topic_target_column." from ".$config['DBserver']['topictable']." where tid = '".$tid."'"; $topic_data =& $db->query($topic_sql); //SQL実行 include($templeDir."view.html"); //DB切断 $db->disconnect(); exit; } /*=============================================================================*/ /*=============================================================================*/ else{ echo "不正なURLです。"; } ?>