<html>
<body>
<form action=<?echo $PHP_SELF?>>
name:<input type="text" name="name">
<input type="submit" name="send" value="say to you"><br>
say:<input type="text" name="message" size="80">
</form>
<?php
$name=htmlspecialchars($name);
$message=htmlspecialchars($message);
$header="<html><head><meta http-equiv=\"refresh\" content=\"3\">".
"<meta name=\"robots\" content=\"noindex\"></head>".
"<body bgcolor=\"#000000\" text=\"red\">\n";
$footer="</body></html>";
$message_array=file("message.html");
for($counter=1;$counter<20;$counter++)
$oldmessage.=$message_array[$counter];
$thetime=date("H:i");
$new_message="<b><i>$name</i></b>"."<font size=\"2\">($thetime)</font>:$message<br>\n";
$open_file=fopen("message.html","w");
fputs($open_file,$header);
fputs($open_file,stripcslashes($new_message));
fputs($open_file,$oldmessage);
fputs($open_file,$footer); echo $name; echo $message;
fclose($open_file);
?>
</body>
</html>
改成这样:
<html>
<body>
<form action=<?echo $PHP_SELF?>>
name:<input type="text" name="name">
<input type="submit" name="send" value="say to you"><br>
say:<input type="text" name="message" size="80">
</form>
<?php
$name=htmlspecialchars($_REQUEST["name"]);
$message=htmlspecialchars($_REQUEST["message"]);
$header="<html><head><meta http-equiv=\"refresh\" content=\"3\">".
"<meta name=\"robots\" content=\"noindex\"></head>".
"<body bgcolor=\"#000000\" text=\"red\">\n";
$footer="</body></html>";
$message_array=file("message.html");
for($counter=1;$counter<20;$counter++)
$oldmessage.=$message_array[$counter];
$thetime=date("H:i");
$new_message="<b><i>$name</i></b>"."<font size=\"2\">($thetime)</font>:$message<br>\n";
$open_file=fopen("message.html","w");
fputs($open_file,$header);
fputs($open_file,stripcslashes($new_message));
fputs($open_file,$oldmessage);
fputs($open_file,$footer); echo $name; echo $message;
fclose($open_file);
?>
</body>
</html>