savemsg.asp

多用户个人主页系统(ASP)

<!--#include file="inc/CONN.asp"-->
<!--#include file="inc/COnst.asp"-->
<!--#include file="inc/md5.asp"-->
<%Dim temp(9)
action=request.form("action")
temp(9)=request.form("userid")
Sub add() '添加
	For i=1 to 8
		temp(i-1)=trim(request.form(i))
		'response.Write temp(i-1)
		for j=0 to ubound(split(cfg(11),"|"))
			if instr(temp(i-1),trim(split(cfg(11),"|")(j)))<>0 Then errs="不要填写不文明字词或空格、特殊字符\n\n"
		next
	next
	'response.end
	If temp(0)="" Then errs=errs+"请务必写下你的大名\n\n"
	temp(1)="images/"&temp(1)&"/"&temp(2)&".gif"
	temp(3)=Server.htmlencode(temp(3))
	If Not isnumeric(temp(4)) Then temp(4)=0
	If instr(temp(5),"@")=0 Or instr(temp(5),".")=0 Or len(temp(5))<11 Then temp(5)=""
	If Lcase(left(temp(7),"7"))<>"http://" Or len(temp(7))<12 Then temp(7)=""
	temp(8)=trim(request.form("content"))
	If len(temp(8))=0 Then errs=errs+"留言内容必须填写"
	If len(temp(8))>1000 Then errs=errs+"留言内容长度不超过1000"
	If errs<>"" Then 
		response.write "<script language=javascript>alert( """&errs&""");"&Chr(13)&"location.href=""javascript:history.back()"";</script>"
		response.end
	End if
	Set rs=Server.createobject("adodb.recordset")
	rs.Open "select GuestName,GuestFace,GuestAddress,GuestQQ,GuestMail,GuestHpgName,GuestHpgURL,Content,UserID,VisitTime,GuestIP from Guest where Guestid is null",conn,1,3
		rs.addnew
		rs(0)=temp(0)
		rs(1)=temp(1)
		rs(2)=temp(3)
		rs(3)=temp(4)
		rs(4)=temp(5)
		rs(5)=temp(6)
		rs(6)=temp(7)
		rs(7)=temp(8)
		rs(8)=temp(9)
		rs(9)=now()
		rs(10)=Request.servervariables("REMOTE_ADDR")
		rs.update
		rs.close
	response.write "<script language=javascript>window.opener.location.reload();"&chr(13)&"alert( ""恭喜 ！留言成功 ！"");"&Chr(13)&"location.href=""javascript:window.close()"";</script>"
End sub

Sub delete() '==============删除
	temp(0)=request.form("userid")
	temp(1)=request.form("guestid")
	temp(2)=request.form("userpass")
	temp(9)=false
	If len(temp(2))<>16 Then temp(2)=md5(temp(2))
	Set rs=conn.execute("select userid,userpass from [user] where userid ="&cstr(conn.execute("select UserID from Guest where Guestid="&cstr(temp(1)))(0)))
		If rs.bof Then temp(9)=true
		If cstr(rs(0))<>cstr(temp(0)) Then temp(9)=true
		If temp(2)<>rs(1) Then temp(9)=true
	rs.close
	If temp(9) then
		response.write "<script language=javascript>alert( ""非法操作！"");"&Chr(13)&"location.href=""javascript:window.close()"";</script>"
		response.end
	else
		conn.execute("delete from guest where guestid="&cstr(temp(1)))
		response.write "<script language=javascript>window.opener.location.reload();"&chr(13)&"alert( ""删除成功 ！"");"&Chr(13)&"location.href=""javascript:window.close()"";</script>"
	End if
End sub

Sub reply() '===============回复
	temp(0)=request.form("userid")
	temp(1)=request.form("guestid")
	temp(2)=request.form("userpass")
	temp(9)=false
	If len(temp(2))<>16 Then temp(2)=md5(temp(2))
	Set rs=conn.execute("select userid,userpass from [user] where userid ="&cstr(conn.execute("select UserID from Guest where Guestid="&cstr(temp(1)))(0)))
		If rs.bof Then temp(9)=true
		If cstr(rs(0))<>cstr(temp(0)) Then temp(9)=true
		If temp(2)<>rs(1) Then temp(9)=true
	rs.close
		temp(3)=replace(trim(request.form("reply")),"'","""")
		If len(temp(3))>1000 Or len(temp(3))=0 Then 
			response.write "<script language=javascript>alert( ""留言回复不能为空或长度不能超过1000！"");"&Chr(13)&"location.href=""javascript:history.back()"";</script>"
			response.end
		End if
	If temp(9) then
		response.write "<script language=javascript>alert( ""非法操作！"");"&Chr(13)&"location.href=""javascript:window.close()"";</script>"
		response.end
	else
		conn.execute("update guest set reply='"&temp(3)&"',replytime=#"&now()&"# where guestid="&cstr(temp(1)))
		response.write "<script language=javascript>window.opener.location.reload();"&chr(13)&"alert( ""回复成功 ！"");"&Chr(13)&"location.href=""javascript:window.close()"";</script>"
	End if
End sub

Sub delbat() '===============删除多条
	If Not request.cookies("satellite")("user") And request.form("username")<>request.cookies("satellite")("username") then
		response.write "<script language=javascript>alert( ""非法操作！"");"&Chr(13)&"location.href=""javascript:history.back()"";</script>"
		response.end
	else
		if not isempty(request.form("GuestID")) then
			tempidlist=request.form("GuestID")
			if instr(tempidlist,",")>0 then
				dim idarr
				idArr=split(tempidlist,",")
				for  i = 0 to ubound(idarr)
					conn.execute("delete from Guest where GuestID=" & trim(cstr(idarr(i))))
				next
			else
				conn.execute("delete from Guest where GuestID=" & trim(cstr(tempidlist)))
			end if
			response.write "<script language=javascript>alert( ""删除成功 ！"");"&Chr(13)&"location.href=""index.asp?username="&server.urlencode(request.form("username"))&""";</script>"
		end if
		response.write "<script language=javascript>alert( ""并未删除任何留言！"");"&Chr(13)&"location.href=""index.asp?username="&server.urlencode(request.form("username"))&""";</script>"
	End if
End Sub

Select Case action 
Case "add"
	Call add()
Case "delete"
	Call delete()
Case "reply"
	Call reply()
Case "delbat"
	Call delbat()
Case else
	response.write "<script language=javascript>alert( ""非法操作！"");"&Chr(13)&"location.href=""javascript:window.close()"";</script>"
	response.end
End Select	
%>