add.asp

ASP仿QQ程序 web版的

<!-- #include file="conn.asp" -->
<%
	dim sql
	dim name,sex,add,qq,email,links,title,con,showip,ip

'将数据中的单引号改成两个单引号，并且在前后加单引号。
	Function SqlStr(data)
		SqlStr = "'" & Replace(data,"'","''") & "'"
	End Function

	name=request.form("name")
	if name="" then
		Response.Redirect "error.asp?errmsg=敢问阁下尊姓大名？"
	'	response.end
	end if
	name=sqlstr(name)

	sex=request.form("sex")
	if sex=1 then 
		sex="男"
	elseif sex=2 then
		sex="女"
	else sex="不详"
	end if
	sex=sqlstr(sex)

	add=request.form("address")
	if add="" then add="天堂"
	add=sqlstr(add)

	qq=request.form("qq")
	If qq <> "" Then 
		If Len(qq) < 5 or Len(qq) > 10 Then
			Response.Redirect "error.asp?errmsg=QQ信息输入有误，长度不符，请返回重新输入。"
	'		Response.End
		End IF
		For I = 1 To Len(qq)
			temp = Mid(qq,I,1)
			If Asc(temp) < 33 Or Asc(temp) > 57 Then
				Response.Redirect "error.asp?errmsg=QQ信息输入有误，含非法字符，请返回重新输入。"
		'		Response.End
			End If
		Next
	else qq = "真是的，连QQ号没有"
	end if
	qq=sqlstr(qq)

	email=request.form("email")
	If email = "" Then 
		email = "null"
	else
		'检查是否包含@
		If inStr(1,email,"@",0)=0 Then
			Response.Redirect "error.asp?errmsg=email地址中没有@，请重新输入。"
		'	Response.End 
		End If

		'检查后缀是否存在"."
		atposition = InStr(1,email,"@")
		If atposition = 1 or Instr(atposition,email,".") = 0 Then
		Response.Redirect "error.asp?errmsg=email地址输入有误，请重试……"
		'	Response.End
		End If
	end if
	email=sqlstr(email)

	links=request.form("link")
	if links="" then
		links="/"
	else
		if  inStr(1,links,".",0)=0 Then
			Response.Redirect "error.asp?errmsg=网址输入有误！"
	'		response.end
		end if
	end if
	links=sqlstr(links)

	title=request.form("title")
	if title="" then title="无题"
	title=sqlstr(title)

	con=request.form("content")
	if con="" then 
		Response.Redirect "error.asp?errmsg=请无论如何留了话再走:-)"
'		response.end
	end if 
	con=sqlstr(con)	
	con= Replace(con,chr(13),"<BR>")

	IP = Request.ServerVariables("REMOTE_ADDR")
	IP = SqlStr(IP)
	If Request.Form("IP") = "0" Then
		showIP = SqlStr("0.0.0.0")
	Else
		showIP = IP
	End If

	sql="insert into users(name,address,qq,email,link,title,content,submittime,sex,showip,ip) values("
	sql=sql & name & ","  & add & "," & qq & "," & email & "," & links & "," & title & "," & con & ",'"  & now() & "',"  & sex & "," & showip & "," & ip & ")"
'	response.write sql

	conn.execute sql
	conn.close
	Set conn=Nothing
	Response.Redirect "index.asp"
%>