WooYun.org

if($_REQUEST['act'] == 'add')
{
	if(!$user_info)
	{
		showErr($GLOBALS['lang']['PLEASE_LOGIN_FIRST']);
	}
	if($_REQUEST['content']=='')
	{
		showErr($GLOBALS['lang']['MESSAGE_CONTENT_EMPTY']);
	}
	if(!check_ipop_limit(get_client_ip(),"message",intval(app_conf("SUBMIT_DELAY")),0))
	{
		showErr($GLOBALS['lang']['MESSAGE_SUBMIT_FAST']);
	}
	
	$rel_table = $_REQUEST['rel_table'];
	$message_type = $GLOBALS['db']->getRowCached("select * from ".DB_PREFIX."message_type where type_name='".$rel_table."'");
	if(!$message_type)
	{
		showErr($GLOBALS['lang']['INVALID_MESSAGE_TYPE']);
	}
	
	$message_group = $_REQUEST['message_group'];
	//添加留言
	$message['title'] = htmlspecialchars(addslashes($_REQUEST['content']));
	$message['content'] = htmlspecialchars(addslashes($_REQUEST['content']));
	if($message_group)
	{
		$message['title']="[".$message_group."]:".$message['title'];
		$message['content']="[".$message_group."]:".$message['content'];
	}
	
	$message['create_time'] = get_gmtime();
	$message['rel_table'] = $rel_table;
	$message['rel_id'] = $_REQUEST['rel_id'];
	$message['user_id'] = intval($GLOBALS['user_info']['id']);
	$message['city_id'] = $deal_city['id'];
	if(app_conf("USER_MESSAGE_AUTO_EFFECT")==0)
	{
		$message_effect = 0;
	}
	else
	{
		$message_effect = $message_type['is_effect'];
	}
	$message['is_effect'] = $message_effect;
	
	$GLOBALS['db']->autoExecute(DB_PREFIX."message",$message);
	showSuccess($GLOBALS['lang']['MESSAGE_POST_SUCCESS']);
	
}
else
{
	$rel_table = $_REQUEST['act'];
	$message_type = $GLOBALS['db']->getRowCached("select * from ".DB_PREFIX."message_type where type_name='".$rel_table."'");