newthread.asp

苹果风格的论坛 asp编写

<!--#INCLUDE FILE="inc/db_inc.asp"-->
<!--#INCLUDE FILE="inc/md5_inc.asp"-->
<!--#INCLUDE FILE="inc/char_inc.asp"-->
<!--#INCLUDE FILE="inc/uploadfile_inc.asp"-->
<!--#INCLUDE FILE="header.asp"-->
<%
''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
'	Snowman Forum v2.0 for MS SQL Server
'
'	Copyright(C) Snowman, All rights reserved.
'
'	http://www.xinboard.net
'
'	Access版本免费, 欲使用SQL Server商业版本请购买使用权
''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''

dim StrSql, toptext, rs, rs2, StrHtml, StrHtml2, error, sex, avatar, err, userid, threadid
dim formdata, formsize, divider, bcrlf, filesize

StrHtml = loadtemplate("htmltop")
StrHtml = Replace(StrHtml, "{pagetitle}", loadtemplate("newthreadtitle"))
StrHtml = Replace(StrHtml, "{style_path}", loadtemplate("path"))
StrHtml = Replace(StrHtml, "{forumtitle}", boardtitle)
response.write StrHtml
' Display pm window
response.write pmpopwin
StrHtml = loadtemplate("pagetitle")
StrHtml = Replace(StrHtml, "{title_img}", "<img src=""style/" & loadtemplate("path") & "/image/title.gif"">")

if request.cookies("sf")("username") = "" then
	toptext = loadtemplate("toptextguest")
else
	toptext = loadtemplate("toptextuser")
end if
toptext = toptext & loadtemplate("toptext")
StrHtml = Replace(StrHtml, "{top_text}", toptext)
StrHtml = Replace(StrHtml, "{username}", request.cookies("sf")("username"))
response.write StrHtml

' check forumid
err = false
forumid = ChkSql(request("forumid"))
if not IsNumeric(forumid) then
	err = true
else
	StrSql = "select sf_forum.forumid, sf_forum.title, sf_forum.allowposting, sf_forum.allowuploadfile, sf_forum.onlyuser, sf_forum.onlymember, sf_forum.memberlist, sf_forum.cateid, sf_cate.cateid, sf_cate.catetitle from sf_forum left join sf_cate on sf_forum.cateid = sf_cate.cateid where forumid = " & forumid
	Set rs2 = Conn.Execute(StrSql)
	if rs2.bof or rs2.eof then
		err = true
	else
		forumtitle = rs2("title")
		cateid = rs2("cateid")
		catetitle = rs2("catetitle")
		allowpost = rs2("allowposting")
		allowuploadfile = rs2("allowuploadfile")
		onlymember = rs2("onlymember")
		memberlist = rs2("memberlist")
		if onlymember = 1 then
			if not IsMember(forumid, memberlist) then error = error & "<br><li>" & loadtemplate("err_member")
			StrSql = "select password, userid from sf_user where username = '" & ChkSql(request.cookies("sf")("username")) & "'"
			Set rs2 = Conn.Execute(StrSql)
			if rs2.bof or rs2.eof then
				error = error & "<br><li>" & loadtemplate("err_chkpassword")
			else
				if request.cookies("sf")("password") <> rs2("password") then error = error & loadtemplate("err_chkpassword")
			end if
		end if
	end if
end if
if err then error = error & "<br><li>" & loadtemplate("err_forumnotexist")
if allowpost = 0 then error = error & "<br><li>" & loadtemplate("err_post")

' display error messages
if error <> "" then
	StrHtml = loadtemplate("error")
	StrHtml = Replace(StrHtml, "{error_text}", error)
	response.write StrHtml
	response.end
end if

StrHtml = loadtemplate("pagepath")
StrHtml = Replace(StrHtml, "{path_text}", "<img src=""style/" & loadtemplate("path") & "/image/home.gif""><a href=index.asp>" & boardtitle & "</a> &raquo; <a href=""showcate.asp?cateid=" & cateid & """>" & catetitle & "</a> &raquo; <a href=""showforum.asp?forumid=" & forumid & """>" & forumtitle & "</a> &raquo; " & loadtemplate("newthreadtitle"))
response.write StrHtml

if request.cookies("sf")("username") = "" or request.cookies("sf")("password") = "" then
	StrHtml = loadtemplate("error")
	StrHtml = Replace(StrHtml, "{error_text}", loadtemplate("err_unregistered"))
	response.write StrHtml
	response.end		
end if

usergroup = 0
StrSql = "select password, userid, usergroup from sf_user where username = '" & ChkSql(request.cookies("sf")("username")) & "'"
Set rs2 = Conn.Execute(StrSql)
err = false
if rs2.bof or rs2.eof then
	err = true
else
	if request.cookies("sf")("password") <> rs2("password") then
		err = true
	else
		userid = rs2("userid")
		usergroup = rs2("usergroup")
		StrSql = "update sf_user set lastforum = " & forumid & ", lastactivity = '" & now() & "' where userid = " & userid
		Conn.Execute(StrSql)
	end if
end if

if usergroup > 1 then
	StrHtml = loadtemplate("err_posttime")
	StrHtml = Replace(StrHtml, "{posttime}", PostTime - DateDiff("s",Session("LastPostTime"),now()))
	if DateDiff("s",Session("LastPostTime"),now()) < posttime then
		error = "<br><li>" & StrHtml
		StrHtml = Replace(loadtemplate("error"), "{error_text}", error)
		response.write StrHtml
		response.end
	end if
end if

if err then
	StrHtml = loadtemplate("error")
	StrHtml = Replace(StrHtml, "{error_text}", loadtemplate("err_chkpassword"))
	response.write StrHtml
	response.end
end if
%>
<!--#INCLUDE FILE="btn.js"-->
<%
step = ChkSql(request("step"))
select case step
	case "2"
		formsize = request.totalbytes
		formdata = request.binaryread(formsize)
		bcrlf = chrb(13) & chrb(10)
		divider = leftb(formdata, instrb(formdata, bcrlf) - 1)
		filesize = 0

		error = ""
		err = false
		if GetFormVal("subject") = "" then
			error = error & "<br><li>" & loadtemplate("err_postsubject")
		else
			if strLength(GetFormVal("subject")) > 100 then error = error & "<br><li>" & loadtemplate("err_postsubject")
		end if
		StrHtml = loadtemplate("err_posttext")
		StrHtml = Replace(StrHtml, "{textmaxlength}", postmaxlength)
		if GetFormVal("text") = "" then
			error = error & "<br><li>" & StrHtml
		else
			if strLength(GetFormVal("text")) > postmaxlength then error = error & "<br><li>" & StrHtml
		end if
		path = Server.MapPath("upload\")
		if allowuploadfile = 1 then
			filename = SaveFile("attachment",path,uploadfilesizemax)
			if filename = "" then error = error & "<br><li>" & loadtemplate("err_uploadfile")
		end if
		if error <> "" then
			StrHtml = loadtemplate("error")
			StrHtml = Replace(StrHtml, "{error_text}", error)
			response.write StrHtml
			response.end
		end if
		' save thread
		rating = ChkSql(GetFormVal("rating"))
		if not IsNumeric(rating) then
			rating = 0
		else
			rating = cint(rating)
		end if
		icon = ChkSql(GetFormVal("icon"))
		if not IsNumeric(icon) then
			icon = 0
		else
			icon = cint(icon)
			if icon < 0 or icon > 15 then icon = 0
		end if
		nowtime = now()
		StrSql = "insert into sf_thread(title, lastpost, forumid, pollid, [open], replycount, postusername, postuserid, lastposter, lastposterid, dateline, views, iconid, notes, visible, moved, best, displayorder, rating) values("
		StrSql = StrSql & "'" & server.htmlencode(ChkSql(killbadword(GetFormVal("subject")))) & "', "
		StrSql = StrSql & "'" & nowtime & "', "
		StrSql = StrSql & forumid & ", -1, 1, 1, '" & ChkSql(request.cookies("sf")("username")) & "', " & userid & ", "
		StrSql = StrSql & "'" & ChkSql(request.cookies("sf")("username")) & "', " & userid & ", '" & nowtime & "', 0, " & icon & ", ''" & ", 1, 0, 0, 0, " & rating & ")"
		' lock database
		Application.Lock
		Conn.Execute(StrSql)
		StrSql = "select top 1 threadid from sf_thread order by threadid DESC"
		Set rs2 = Conn.Execute(StrSql)
		threadid = rs2("threadid")
		attachmentid = 0
		if allowuploadfile = 1 and filesize > 0 then
			StrSql = "insert into sf_attachment (userid, forumid, threadid, filename, filesize) values("
			StrSql = StrSql & userid & ", " & forumid & ", " & threadid & ", '" & filename & "', " & filesize & ")"
			Conn.Execute(StrSql)
			StrSql = "select top 1 attachmentid from sf_attachment where threadid = " & threadid & " order by attachmentid DESC"
			Set rs2 = Conn.Execute(StrSql)
			attachmentid = rs2("attachmentid")
		end if
		sign = 0
		emot = 0
		xbcode = 0
		autourl = 0
		if GetFormVal("sign") = "1" then sign = 1
		if GetFormVal("usexbcode") = "1" then xbcode = 1
		if GetFormVal("useemot") = "1" then emot = 1
		if GetFormVal("url") = "1" then autourl = 1
		StrSql = "insert into sf_post(threadid, forumid, parentid, username, userid, title, dateline, pagetext, attachmentid, allowsmilie, allowautourl, allowxbcode, showsignature, ipaddress, iconid, layer, visible, notes, editdate) values("
		StrSql = StrSql & threadid & ", " & forumid & ", -1, '" & ChkSql(request.cookies("sf")("username")) & "', " & userid & ", '" & ChkSql(server.htmlencode(killbadword(GetFormVal("subject")))) & "', '" & nowtime & "', '" & ChkSql(server.htmlencode(killbadword(GetFormVal("text")))) & "', " & attachmentid & ", " & emot & ", " & autourl & ", " & xbcode & ", " & sign & ", '" & cstr(request.ServerVariables("REMOTE_ADDR")) & "', " & icon & ",1 , 1, '', '" & nowtime & "')"
		Conn.Execute(StrSql)
		StrSql = "update sf_forum set threadcount = threadcount + 1, replycount = replycount + 1, lastpost = '" & nowtime & "', lastposter = '" & ChkSql(request.cookies("sf")("username")) & "', lastposterid = " & userid & ", lastposttitle = '" & ChkSql(GetFormVal("subject")) & "', lastpostid = " & threadid & " where forumid = " & forumid
		Conn.Execute(StrSql)
		StrSql = "update sf_user set posts = posts + 1, rating = rating + " & ratingthread & ", lastposttime = '" & nowtime & "', lastpostid = " & threadid & ", lastposttitle = '" & ChkSql(server.htmlencode(killbadword(GetFormVal("subject")))) & "' where userid = " & userid
		Conn.Execute(StrSql)
		StrSql = "update sf_counter set threadnum = threadnum + 1"
		Conn.Execute(StrSql)
		StrSql = "update sf_counter set postnum = postnum + 1"
		Conn.Execute(StrSql)
		' unlock database
		Application.UnLock
		Session("LastPostTime") = now()
		StrHtml = loadtemplate("hint")
		StrHtml = Replace(StrHtml, "{hint_text}", loadtemplate("hint_newthread"))
		StrHtml = Replace(StrHtml, "{pro_name}", "showthread.asp?threadid=" & threadid)
		response.write StrHtml
	case else

		StrHtml = loadtemplate("newthread")
		StrHtml2 = "<input type=""radio"" value=""0"" name=""icon"" checked>No&nbsp;" & chr(10)
		for i = 1 to 15
			if i = 8 then StrHtml2 = StrHtml2 + "<br>"
			StrHtml2 = StrHtml2 & "<input type=""radio"" value=""" & i & """ name=""icon"">" &  "<img src=""image/posticon/icon" & i & ".gif"">&nbsp;" & chr(10)
		next
		StrHtml = Replace(StrHtml, "{post_icon}", StrHtml2)
		
		StrHtml2 = ""

		StrHtml2 = StrHtml2 & "<img onClick=btn_b() src=""image/postbtn/b.gif"" alt=""Bold"" align=""absbottom"">" & chr(10)
		StrHtml2 = StrHtml2 & "<img onClick=btn_i() src=""image/postbtn/i.gif"" alt=""Italic"" align=""absbottom"">" & chr(10)
		StrHtml2 = StrHtml2 & "<img onClick=btn_url() src=""image/postbtn/url.gif"" alt=""Url"" align=""absbottom"">" & chr(10)
		StrHtml2 = StrHtml2 & "<img onClick=btn_code() src=""image/postbtn/code.gif"" alt=""Code"" align=""absbottom"">" & chr(10)
		StrHtml2 = StrHtml2 & "<img onClick=btn_img() src=""image/postbtn/img.gif"" alt=""Image"" align=""absbottom"">" & chr(10)
		StrHtml2 = StrHtml2 & "<img onClick=btn_swf() src=""image/postbtn/swf.gif"" alt=""Flash"" align=""absbottom"">" & chr(10)
		StrHtml2 = StrHtml2 & "<img onClick=btn_mp() src=""image/postbtn/mp.gif"" alt=""WindowsMediaPlayer"" align=""absbottom"">" & chr(10)
		StrHtml2 = StrHtml2 & "<img onClick=btn_rm() src=""image/postbtn/rm.gif"" alt=""RealPlayer"" align=""absbottom"">" & chr(10)
		StrHtml2 = StrHtml2 & "<img onClick=btn_q() src=""image/postbtn/quote.gif""  alt=""Quote"" align=""absbottom"">" & chr(10)
		StrHtml2 = StrHtml2 & "<select onchange=""if(this.options[this.selectedIndex].value!=''){showcolor(this.options[this.selectedIndex].value);this.options[0].selected=true;}else {this.selectedIndex=0;}"" name=color>" & chr(10)
		StrHtml2 = StrHtml2 & "<option style=""background-color:#336699;color:#336699"" value=""#336699"">#336699</option>" & chr(10)
		StrHtml2 = StrHtml2 & "<option style=""background-color:#339900;color:#339900"" value=""#339900"">#339900</option>" & chr(10)
		StrHtml2 = StrHtml2 & "<option style=""background-color:#CC6600;color:#CC6600"" value=""#CC6600"">#339900</option>" & chr(10)
		StrHtml2 = StrHtml2 & "<option style=""background-color:#663399;color:#663399"" value=""#663399"">#663399</option>" & chr(10)
		StrHtml2 = StrHtml2 & "<option style=""background-color:#3399CC;color:#3399CC"" value=""#3399CC"">#3399CC</option>" & chr(10)
		StrHtml2 = StrHtml2 & "<option style=""background-color:#66CC00;color:#66CC00"" value=""#66CC00"">#66CC00</option>" & chr(10)
		StrHtml2 = StrHtml2 & "<option style=""background-color:#FF6699;color:#FF6699"" value=""#FF6699"">#FF6699</option>" & chr(10)
		StrHtml2 = StrHtml2 & "<option style=""background-color:#CC66CC;color:#CC66CC"" value=""#CC66CC"">#CC66CC</option>" & chr(10)
		StrHtml2 = StrHtml2 & "<option style=""background-color:#FF9900;color:#FF9900"" value=""#FF9900"">#FF9900</option>" & chr(10)
		StrHtml2 = StrHtml2 & "</select>" & chr(10)
		StrHtml2 = StrHtml2 & "<select onchange=""if(this.options[this.selectedIndex].value!=''){showsize(this.options[this.selectedIndex].value);this.options[0].selected=true;}else {this.selectedIndex=0;}"" name=size>" & chr(10)
		StrHtml2 = StrHtml2 & "<option value=1>&nbsp; 1 &nbsp;</option>" & chr(10)
		StrHtml2 = StrHtml2 & "<option value=2 selected>&nbsp; 2 &nbsp;</option>" & chr(10)
		StrHtml2 = StrHtml2 & "<option value=3>&nbsp; 3 &nbsp;</option>" & chr(10)
		StrHtml2 = StrHtml2 & "<option value=4>&nbsp; 4 &nbsp;</option>" & chr(10)
		StrHtml2 = StrHtml2 & "<option value=5>&nbsp; 5 &nbsp;</option>" & chr(10)
		StrHtml2 = StrHtml2 & "<option value=6>&nbsp; 6 &nbsp;</option>" & chr(10)
		StrHtml2 = StrHtml2 & "</select>" & chr(10)
		StrHtml = Replace(StrHtml, "{post_btn}", StrHtml2)
		StrHtml2 = ""
		for i = 1 to 24
			if i =15 then StrHtml2 = StrHtml2 & "<br>"
			StrHtml2 = StrHtml2 & "<img src=""image/emot/em" & i & ".gif"" alt = ""[em"& i& "]"" style=""CURSOR: hand"" onClick=""insertstr(' [em" & i &"]')"">&nbsp; &nbsp;"
		next
		StrHtml = Replace(StrHtml, "{emot_icon}", StrHtml2)
		StrHtml = Replace(StrHtml, "{forumid}", forumid)
		StrHtml = Replace(StrHtml, "{uploadmax}", uploadfilesizemax)
		StrHtml2 = ""
		StrSql = "select * from sf_allowuploadfile"
		Set rs2 = Conn.execute(StrSql)
		if not (rs2.bof or rs2.eof) then
			do until rs2.eof
				StrHtml2 = StrHtml2 & "*." & rs2("expfilename") & "&nbsp; "
				rs2.MoveNext
			loop
		end if
		StrHtml = Replace(StrHtml, "{expname}", StrHtml2)
		response.write StrHtml

		response.write sfcopyright
end select

response.write loadtemplate("htmlbottom")
Conn.Close
Set Conn = nothing
Set rs = nothing
Set rs2 = nothing
%>