<?
include("in.php");
if (empty($_POST['YFL']) or empty($_POST['YBT']))
{
mysql_close();
echo "<script>alert('非法提交!请重新提交!');history.back();</script>";
exit;
}
$YFL=htmlencode2($_POST['YFL']);
$row=explode("_",$YFL);
$YLX=$row[0];
$YXL=$row[1];$YTP=yiup($_FILES['YTP'],0,"no.jpg",array('image/jpg','image/jpeg','image/png','image/pjpeg','image/gif','image/x-png'),10485760,"../tmp/");
if ($YTP!="no.jpg")
{
$k=rand(100,999);
$YTP0=time().$k.".jpg";
$YTP1="../news/s/".$YTP0;
$YTP2="../news/b/".$YTP0;
yisw("../tmp/".$YTP,$YTP1,100,72,2);
yisw("../tmp/".$YTP,$YTP2,735,684,3);
unlink("../tmp/".$YTP);
$YXT="news/s/".$YTP0;
$YDT="news/b/".$YTP0;
}
$exec="insert into qxw (YLX,YXL,YBT,YNR,YXT,YDT,YRQ,YIP) values ('$YLX','$YXL','".htmlencode2($_POST['YBT'])."','".phpasp2($_POST["YNR"])."','$YXT','$YDT','".time()."','".$_SERVER['REMOTE_ADDR']."')";
$result=mysql_query($exec);
mysql_close();
echo "<script>location.href='news.php';</script>";
exit;
?>
include("in.php");
if (empty($_POST['YFL']) or empty($_POST['YBT']))
{
mysql_close();
echo "<script>alert('非法提交!请重新提交!');history.back();</script>";
exit;
}
$YFL=htmlencode2($_POST['YFL']);
$row=explode("_",$YFL);
$YLX=$row[0];
$YXL=$row[1];$YTP=yiup($_FILES['YTP'],0,"no.jpg",array('image/jpg','image/jpeg','image/png','image/pjpeg','image/gif','image/x-png'),10485760,"../tmp/");
if ($YTP!="no.jpg")
{
$k=rand(100,999);
$YTP0=time().$k.".jpg";
$YTP1="../news/s/".$YTP0;
$YTP2="../news/b/".$YTP0;
yisw("../tmp/".$YTP,$YTP1,100,72,2);
yisw("../tmp/".$YTP,$YTP2,735,684,3);
unlink("../tmp/".$YTP);
$YXT="news/s/".$YTP0;
$YDT="news/b/".$YTP0;
}
$exec="insert into qxw (YLX,YXL,YBT,YNR,YXT,YDT,YRQ,YIP) values ('$YLX','$YXL','".htmlencode2($_POST['YBT'])."','".phpasp2($_POST["YNR"])."','$YXT','$YDT','".time()."','".$_SERVER['REMOTE_ADDR']."')";
$result=mysql_query($exec);
mysql_close();
echo "<script>location.href='news.php';</script>";
exit;
?>
是sql语句不对吗?直接把sql语句打出来,放到数据库中执行!
如有错误。请贴出来。