guestbook.asp

情缘天空美化版 v3.68 强大的公告

<!--#include file="config.asp"-->
<!--#include file="conn.asp"-->
<!--#include file="format.asp"-->
<!--#include file="error.asp"-->
<!--#include file="lib/inctop.asp"-->
<!--#include file="lib/nav.asp"-->
<!--#include file="lib/incjs.asp"-->
<!--#include file="lib/guestbook_body.asp"-->
<!--#include file="lib/incfooter2.asp"-->
<SCRIPT language="JavaScript">
<!--
var sound1="midi/1.mid"
var sound2="midi/2.mid"
var sound3="midi/3.mid"
var sound4="midi/4.mid"
var sound5="midi/5.mid"
var sound6="midi/6.mid"
var sound7="midi/7.mid"
var sound8="midi/8.mid"
var sound9="midi/9.mid"
var sound10="midi/10.mid"
var x=Math.round(Math.random()*9)
if (x==0) x=sound1
else if (x==1) x=sound2
else if (x==2) x=sound3
else if (x==3) x=sound4
else if (x==4) x=sound5
else if (x==5) x=sound6
else if (x==6) x=sound7
else if (x==7) x=sound8
else if (x==8) x=sound9
else x=sound10
if (navigator.appName=="Microsoft Internet Explorer")
document.write('<bgsound src='+'"'+x+'"'+' loop="infinite">')
else
document.write('<embed src='+'"'+x+'"'+'hidden="true" border="0" width="20" height="20" autostart="true" loop="true">')
//-->
</SCRIPT>
<%
call top()
call index_nav()
stats="留言簿"
' *** Edit Operations: declare variables

MM_editAction = CStr(Request("URL"))
If (Request.QueryString <> "") Then
MM_editAction = MM_editAction & "?" & Request.QueryString
End If

' boolean to abort record edit
MM_abortEdit = false

' query string to execute
MM_editQuery = ""

' *** Insert Record: set variables

If (CStr(Request("MM_insert")) <> "") Then

MM_editConnection = "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=" & Server.MapPath(DB_gb)
MM_editTable = "gb"
MM_editRedirectUrl = "guestbook.asp"
MM_fieldsStr  = "gb_poster|value|gb_postersex|value|gb_posteremail|value|gb_posterqq|value|gb_posterhome|value|gb_posterfrom|value|gb_posterip|value|gb_content|value"
MM_columnsStr = "gb_poster|',none,''|gb_postersex|',none,''|gb_posteremail|',none,''|gb_posterqq|',none,''|gb_posterhome|',none,''|gb_posterfrom|',none,''|gb_posterip|',none,''|gb_content|',none,''"

' create the MM_fields and MM_columns arrays
MM_fields = Split(MM_fieldsStr, "|")
MM_columns = Split(MM_columnsStr, "|")

' set the form values
For i = LBound(MM_fields) To UBound(MM_fields) Step 2
MM_fields(i+1) = CStr(Request.Form(MM_fields(i)))
Next

End If

' *** Insert Record: construct a sql insert statement and execute it

If (CStr(Request("MM_insert")) <> "") Then

' create the sql insert statement
MM_tableValues = ""
MM_dbValues = ""
For i = LBound(MM_fields) To UBound(MM_fields) Step 2
FormVal = MM_fields(i+1)
MM_typeArray = Split(MM_columns(i+1),",")
Delim = MM_typeArray(0)
If (Delim = "none") Then Delim = ""
AltVal = MM_typeArray(1)
If (AltVal = "none") Then AltVal = ""
EmptyVal = MM_typeArray(2)
If (EmptyVal = "none") Then EmptyVal = ""
If (FormVal = "") Then
FormVal = EmptyVal
Else
If (AltVal <> "") Then
FormVal = AltVal
ElseIf (Delim = "'") Then  ' escape quotes
FormVal = "'" & Replace(FormVal,"'","''") & "'"
Else
FormVal = Delim + FormVal + Delim
End If
End If
If (i <> LBound(MM_fields)) Then
MM_tableValues = MM_tableValues & ","
MM_dbValues = MM_dbValues & ","
End if
MM_tableValues = MM_tableValues & MM_columns(i)
MM_dbValues = MM_dbValues & FormVal
Next
MM_editQuery = "insert into " & MM_editTable & " (" & MM_tableValues & ") values (" & MM_dbValues & ")"

If (Not MM_abortEdit) Then
' execute the insert
Set MM_editCmd = Server.CreateObject("ADODB.Command")
MM_editCmd.ActiveConnection = MM_editConnection
MM_editCmd.CommandText = MM_editQuery
MM_editCmd.Execute
MM_editCmd.ActiveConnection.Close

If (MM_editRedirectUrl <> "") Then
Response.Redirect(MM_editRedirectUrl)
End If
End If

End If

dim founderr,errmsg
errmsg=""
founterr=false

call chkparam()
if founderr then
call diserror()
else
call showgb_body()
call endpage()
end if

rem -------------------
rem ----检查URL参数----
rem -------------------
sub chkparam()
if request("page")<>"" then
if not isInteger(request("page")) then
founderr=true
errmsg=errmsg+"<br>"+"<li>非法的留言分页参数。"
end if
end if
if request("key")<>"" then
if instr(request("key"),"'")>0 then
founderr=true
errmsg=errmsg+"<br>"+"<li>非法的留言搜索参数。"
end if
end if
end sub
%>