修复论坛空白输入,上传文件未完成

WebRoot/forum/css/style.css

@@ -46,6 +46,11 @@ h3, h4, h5 {
 .createNew{
 	margin-top: 15px;
 }
+.deleteTitle{
+	margin-right: 15px;
+	margin-top: 5px;
+	margin-bottom: 5px;
+}
 body:not (.fixed-sidebar ):not (.canvas-menu ).mini-navbar .nav li:hover>.nav-second-level,
 	.mini-navbar .nav li:focus>.nav-second-level {
 	display: block;

WebRoot/forum/deleteComment.jsp

@@ -0,0 +1,45 @@
+<%@ page language="java" import="java.util.*,java.sql.*" pageEncoding="UTF-8"%>
+<%
+String path = request.getContextPath();
+String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
+%>
+
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
+<html>
+  <head>
+    
+    <title>删除评论</title>
+    <meta http-equiv="refresh" content="1;url=../index.jsp">
+    
+	<meta http-equiv="pragma" content="no-cache">
+	<meta http-equiv="cache-control" content="no-cache">
+	<meta http-equiv="expires" content="0">    
+	<meta http-equiv="keywords" content="keyword1,keyword2,keyword3">
+	<!--
+	<link rel="stylesheet" type="text/css" href="styles.css">
+	-->
+
+  
+  <body>
+  <%
+          String k1 = request.getQueryString();//得到ID的值(id=数字).
+          String re = "\\D+";                  //正则表达式
+          String result = k1.replaceAll(re, ""); //找到不是数字的字符,用""替代
+          
+         Connection con;Statement sql; 
+         try{Class.forName("com.mysql.jdbc.Driver"); } catch(ClassNotFoundException e){out.print("驱动异常");}
+         try{con=DriverManager.getConnection("jdbc:mysql://localhost/db_bbs?useUnicode=true&characterEncoding=utf-8","root","");
+         sql=con.createStatement();
+         String text="delete from comment where commentid = '"+result+"'" ;
+         sql.executeUpdate(text);
+         sql.close();
+         con.close();
+         out.print("成功删除评论");
+         }catch(SQLException event){out.print("删除评论失败");}
+  
+  
+  
+ %>
+
+   </body>
+</html>

WebRoot/forum/deletesend.jsp

@@ -0,0 +1,46 @@
+<%@ page language="java" import="java.util.*,java.sql.*" pageEncoding="UTF-8"%>
+<%
+String path = request.getContextPath();
+String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
+%>
+
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
+<html>
+  <head>
+    
+    <title>删除帖子</title>
+    <meta http-equiv="refresh" content="1;url=../index.jsp">
+    
+	<meta http-equiv="pragma" content="no-cache">
+	<meta http-equiv="cache-control" content="no-cache">
+	<meta http-equiv="expires" content="0">    
+	<meta http-equiv="keywords" content="keyword1,keyword2,keyword3">
+	<!--
+	<link rel="stylesheet" type="text/css" href="styles.css">
+	-->
+
+  
+  <body >
+  <%     
+         String s[] = request.getParameterValues("chk");
+         Connection con;Statement sql;ResultSet rs;  
+         try{Class.forName("com.mysql.jdbc.Driver"); } catch(ClassNotFoundException e){out.print("驱动异常");}
+         try{con=DriverManager.getConnection("jdbc:mysql://localhost/db_bbs?useUnicode=true&characterEncoding=utf-8","root","");
+         sql=con.createStatement();
+         if(s!=null){
+        	 for(int i=0;i<s.length;i++){
+         String text="delete from send where id = '"+s[i]+"'";
+                      sql.executeUpdate(text);
+        	 }
+         }
+         sql.close();
+         con.close();
+         out.print("成功删除帖子");
+         }catch(SQLException event){out.print("删除帖子失败");}
+  
+  
+  
+  %>
+  
+  </body>
+</html>

WebRoot/forum/send.jsp

@@ -1,5 +1,5 @@
 <%@ page language="java" import="java.util.*" pageEncoding="utf-8"%>
-<%@ page import="java.sql.*" %>
+<%@ page import="java.sql.*"%>
 <%-- <%!
         public String codeString(String s)
       { String str=s;
@@ -12,24 +12,40 @@
 <html>
 <head>
 <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
-<meta http-equiv="refresh" content="2;url=../index.jsp">
+<meta http-equiv="refresh" content="1;url=../index.jsp">
 </head>
 <body>
-<%    
-     request.setCharacterEncoding("utf-8");
-     String k2 = request.getParameter("subject"); 
-     String k3 = request.getParameter("content");  
-     Connection con;Statement sql;ResultSet rs;  
-     try{Class.forName("com.mysql.jdbc.Driver"); } catch(ClassNotFoundException e){out.print("驱动异常");}
-     try{con=DriverManager.getConnection("jdbc:mysql://localhost/db_bbs?useUnicode=true&characterEncoding=utf-8","root","");
-     sql=con.createStatement();
-     String text="insert into send(subject,content,time) values('"+k2+"','"+k3+"',now())";
-     sql.executeUpdate(text);
-     sql.close();
-     con.close();
-     out.print("成功发表帖子");
-     }catch(SQLException event){out.print("数据更新异常");}
-     
-%>
+	<%
+		/* String URL = "sendForum.jsp";
+		String referer = response.getHeader("Referer");
+		if (referer == null || !referer.startsWith(URL)) {
+			response.sendRedirect(URL);
+			return;
+		} */
+		request.setCharacterEncoding("utf-8");
+		String k2 = request.getParameter("subject");
+		String k3 = request.getParameter("content");
+		String k4 = request.getParameter("username");
+		Connection con;
+		Statement sql;
+		ResultSet rs;
+		try {
+			Class.forName("com.mysql.jdbc.Driver");
+		} catch (ClassNotFoundException e) {
+			out.print("驱动异常");
+		}
+		try {
+			con = DriverManager.getConnection(
+					"jdbc:mysql://localhost/db_bbs?useUnicode=true&characterEncoding=utf-8", "root", "");
+			sql = con.createStatement();
+			String text = "insert into send(subject,content,time,username) values('" + k2 + "','" + k3 + "',now(),'" + k4 + "')";
+			sql.executeUpdate(text);
+			sql.close();
+			con.close();
+			out.print("成功发表帖子");
+		} catch (SQLException event) {
+			out.print("数据更新异常");
+		}
+	%>
 </body>
 </html>

WebRoot/forum/sendComment.jsp

@@ -28,14 +28,19 @@
   <body>
 
    <%    
+  String referer=response.getHeader("Referer");
+              if(referer==null||!referer.startsWith("detail.jsp")){  
+               response.sendRedirect("../index.jsp");  
+                } 
          request.setCharacterEncoding("utf-8");
          String k5 = request.getParameter("comment");
          String k6 = request.getParameter("subid");
+         String k7 = request.getParameter("username");
          Connection con; Statement sql;ResultSet rs;
          try{Class.forName("com.mysql.jdbc.Driver"); } catch(ClassNotFoundException e){out.print("驱动异常");}
          try{con=DriverManager.getConnection("jdbc:mysql://localhost/db_bbs?useUnicode=true&characterEncoding=utf-8","root","");
          sql=con.createStatement();
-         String text="insert into comment(subid,comment,time) values('"+k6+"','"+k5+"',now())";
+         String text="insert into comment(subid,comment,time,username) values('"+k6+"','"+k5+"',now(),'"+k7+"')";
         
          sql.executeUpdate(text);
          sql.close();

WebRoot/forum/submitDown.jsp

@@ -0,0 +1,39 @@
+<%@ page language="java" import="java.util.*" pageEncoding="utf-8"%>
+<%@ page import="java.sql.*" %>
+<%!
+        public String codeString(String s)
+      { String str=s;
+   try{byte b[]=str.getBytes("ISO-8859-1");
+       str=new String(b);   return str;
+     } catch(Exception e) { return str; }
+}
+%>
+<!DOCTYPE unspecified PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<html>
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
+<meta http-equiv="refresh" content="1;url=../index.jsp">
+<body >
+<%    
+           /* String referer=response.getHeader("Referer");  
+           if(referer==null||!referer.startsWith("detail.jsp")){  
+                 response.sendRedirect("../index.jsp");  
+              return;
+           }  */
+                String k1 = request.getQueryString();//得到ID的值(id=数字).
+                String re = "\\D+";                  //正则表达式
+                String result = k1.replaceAll(re, ""); //找到不是数字的字符,用""替代  
+     Connection con;Statement sql;  
+     try{Class.forName("com.mysql.jdbc.Driver"); } catch(ClassNotFoundException e){out.print("驱动异常");}
+     try{con=DriverManager.getConnection("jdbc:mysql://localhost/db_bbs?useUnicode=true&characterEncoding=utf-8","root","");
+     sql=con.createStatement();
+     String text="update send set flag = 0 where id = '"+result+"'";
+     sql.executeUpdate(text);
+     sql.close();
+     con.close();
+     out.print("成功取消置顶");
+     }catch(SQLException event){out.print("取消置顶失败");}
+     
+%>
+</body>
+</html>

WebRoot/forum/submitTop.jsp

@@ -0,0 +1,33 @@
+<%@ page language="java" import="java.util.*" pageEncoding="utf-8"%>
+<%@ page import="java.sql.*" %>
+
+<!DOCTYPE unspecified PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<html>
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
+<meta http-equiv="refresh" content="1;url=../index.jsp">
+<body>
+<%    
+
+         /* String referer=response.getHeader("Referer");         //防止用户在地址栏上直接访问
+         if(referer==null||!referer.startsWith("detail.jsp")){  
+          response.sendRedirect("../index.jsp");  
+               return;
+          } */ 
+     String k1 = request.getQueryString();//得到ID的值(id=数字).
+     String re = "\\D+";                  //正则表达式
+     String result = k1.replaceAll(re, ""); //找到不是数字的字符,用""替代   
+     Connection con;Statement sql;  
+     try{Class.forName("com.mysql.jdbc.Driver"); } catch(ClassNotFoundException e){out.print("驱动异常");}
+     try{con=DriverManager.getConnection("jdbc:mysql://localhost/db_bbs?useUnicode=true&characterEncoding=utf-8","root","");
+     sql=con.createStatement();
+     String text="update send set flag = 1 where id = '"+result+"'";
+     sql.executeUpdate(text);
+     sql.close();
+     con.close();
+     out.print("成功置顶帖子");
+     }catch(SQLException event){out.print("置顶帖子失败");}
+     
+%>
+</body>
+</html>