📄 delpost.asp
字号:
<!--#INCLUDE FILE="inc/db_inc.asp"-->
<!--#INCLUDE FILE="inc/char_inc.asp"-->
<!--#INCLUDE FILE="inc/xbcode_inc.asp"-->
<!--#INCLUDE FILE="header.asp"-->
<%
dim ip, strip, killip
dim StrSql, toptext, rs, rs2, StrHtml, StrHtml2, error, err, userid, threadid, threadtitle, postid, posttitle
StrHtml = loadtemplate("htmltop")
StrHtml = Replace(StrHtml, "{pagetitle}", loadtemplate("delposttitle"))
StrHtml = Replace(StrHtml, "{forumtitle}", boardtitle)
response.write StrHtml
StrHtml = loadtemplate("pagetitle")
if request.cookies("sf")("username") = "" then
toptext = loadtemplate("toptextguest")
else
toptext = loadtemplate("toptextuser")
end if
toptext = toptext & loadtemplate("toptext")
StrHtml = Replace(StrHtml, "{top_text}", toptext)
StrHtml = Replace(StrHtml, "{username}", request.cookies("sf")("username"))
response.write StrHtml
' 论坛关闭
StrSql = "select * from sf_setup"
Set rs2 = Conn.Execute(StrSql)
if rs2("forumclose") = 1 then
StrHtml = loadtemplate("error")
StrHtml = Replace(StrHtml, "{error_text}", rs2("forumclosehint"))
response.write StrHtml
response.end
end if
' 禁止IP访问
if rs2("killip") = 1 then
userip = cstr(request.ServerVariables("REMOTE_ADDR"))
killiplist = rs2("killiplist")
if killiplist <> "" and userip <> "" then
killip = split(killiplist, "|")
struserip = split(userip, ".")
i = 0
do until i > ubound(killip)
strkillip = split(killip(i), ".")
bolkill = true
if (struserip(0) <> strkillip(0)) and (strkillip(0) <> "*") then bolkill = false
if (struserip(1) <> strkillip(1)) and (strkillip(1) <> "*") then bolkill = false
if (struserip(2) <> strkillip(2)) and (strkillip(2) <> "*") then bolkill = false
if (struserip(3) <> strkillip(3)) and (strkillip(3) <> "*") then bolkill = false
if bolkill then
StrHtml = loadtemplate("error")
StrHtml = Replace(StrHtml, "{error_text}", rs2("killiphint"))
response.write StrHtml
Response.End
end if
i = i + 1
loop
end if
end if
' 如果postid与threadid两个参数都为空...
if request("postid") = "" and request("threadid") = "" then
error = error & "<br><li>" & loadtemplate("err_url")
else
if request("threadid") <> "" then
' 检测threadid是否合法
err = false
threadid = ChkSql(request("threadid"))
if not IsNumeric(threadid) then
err = true
else
StrSql = "select * from sf_thread where threadid = " & threadid
Set rs2 = Conn.Execute(StrSql)
if rs2.bof or rs2.eof then
err = true
else
threadtitle = rs2("title")
userid = rs2("postuserid")
pollid = rs2("pollid")
posttitle = threadtitle
forumid = rs2("forumid")
' postid = -1 表示是删除主题
postid = -1
end if
end if
if err then error = error & "<br><li>" & loadtemplate("err_threadnotexist")
else
' 检测postid是否合法
err = false
postid = ChkSql(request("postid"))
if not IsNumeric(postid) then
err = true
else
StrSql = "select * from sf_post where postid = " & postid
Set rs2 = Conn.Execute(StrSql)
if rs2.bof or rs2.eof then
err = true
else
parentid = rs2("parentid")
posttitle = rs2("title")
userid = rs2("userid")
threadid = rs2("threadid")
StrSql = "select * from sf_thread where threadid = " & threadid
Set rs2 = Conn.Execute(StrSql)
if rs2.bof or rs2.eof then
error = error & "<br><li>" & loadtemplate("err_postnotexist")
else
threadtitle = rs2("title")
pollid = rs2("pollid")
forumid = rs2("forumid")
' 如果是删除主题的第一个帖子, 则直接删除主题
if parentid = -1 then postid = -1
end if
end if
end if
if err then error = error & "<br><li>" & loadtemplate("err_postnotexist")
end if
end if
' 如果有错误则提示
if error <> "" then
StrHtml = loadtemplate("error")
StrHtml = Replace(StrHtml, "{error_text}", error)
response.write StrHtml
response.end
end if
' 检测forumid是否合法
err = false
StrSql = "select sf_forum.forumid, sf_forum.title, sf_forum.allowposting, sf_forum.onlyuser, sf_forum.onlymember, sf_forum.memberlist, sf_forum.cateid, sf_cate.cateid, sf_cate.catetitle from sf_forum left join sf_cate on sf_forum.cateid = sf_cate.cateid where forumid = " & forumid
Set rs2 = Conn.Execute(StrSql)
if rs2.bof or rs2.eof then
err = true
else
forumtitle = rs2("title")
cateid = rs2("cateid")
catetitle = rs2("catetitle")
onlymember = rs2("onlymember")
memberlist = rs2("memberlist")
' 如果只允许内部成员访问...
if onlymember = 1 then
if not IsMember(forumid, memberlist) then error = error & "<br><li>" & loadtemplate("err_member")
StrSql = "select password, userid from sf_user where username = '" & ChkSql(request.cookies("sf")("username")) & "'"
Set rs2 = Conn.Execute(StrSql)
if rs2.bof or rs2.eof then
error = error & "<br><li>" & loadtemplate("err_chkpassword")
else
if request.cookies("sf")("password") <> rs2("password") then error = error & loadtemplate("err_chkpassword")
end if
end if
end if
if err then error = error & "<br><li>" & loadtemplate("err_forumnotexist")
if userinfo <> 3 then
if candeletepost = 0 then error = error & "<br><li>" & loadtemplate("err_purview")
end if
' 显示当前页面路径
StrHtml = loadtemplate("pagepath")
StrHtml = Replace(StrHtml, "{path_text}", "<a href=""index.asp"">" & boardtitle & "</a> » <a href=""showcate.asp?cateid=" & cateid & """>" & catetitle & "</a> » " & "<a href=""showforum.asp?forumid=" & forumid & """>" & forumtitle & "</a> » " & loadtemplate("delposttitle"))
response.write StrHtml
' 如果未注册或未登录...
if request.cookies("sf")("username") = "" or request.cookies("sf")("password") = "" then
StrHtml = loadtemplate("error")
StrHtml = Replace(StrHtml, "{error_text}", loadtemplate("err_unregistered"))
response.write StrHtml
response.end
end if
' 检测密码...
error = ""
userinfo = 0
StrSql = "select password, userid from sf_user where username = '" & ChkSql(request.cookies("sf")("username")) & "'"
Set rs2 = Conn.Execute(StrSql)
if rs2.bof or rs2.eof then
error = loadtemplate("err_chkpassword")
else
if request.cookies("sf")("password") <> rs2("password") then
error = loadtemplate("err_chkpassword")
else
' 如果是帖子原作者userinfo=1
if userid = rs2("userid") then
userinfo = 1
else
StrSql = "select * from sf_moderator where userid = " & rs2("userid") & " and (forumid = " & forumid & " or super = 1 or isadmin = 1)"
Set rs2 = Conn.Execute(StrSql)
'如果是斑竹userinfo=2
if rs2.bof or rs2.eof then
error = loadtemplate("err_purview")
else
userinfo = 2
if rs2("isadmin") = 1 then userinfo = 3
end if
end if
end if
end if
if error <> "" or userinfo = 0 then
StrHtml = loadtemplate("error")
StrHtml = Replace(StrHtml, "{error_text}", error)
response.write StrHtml
response.end
end if
step = ChkSql(request("step"))
select case step
case "2"
if postid = -1 then
' 删除主题
StrSql = "select postid from sf_post where threadid = " & threadid
Set rs2 = Conn.Execute(StrSql)
postcount = 0
if not(rs2.bof or rs2.eof) then
do until rs2.eof
postcount = postcount + 1
rs2.MoveNext
loop
end if
StrSql = "delete from sf_thread where threadid = " & threadid
Conn.Execute(StrSql)
StrSql = "delete from sf_post where threadid = " & threadid
Conn.Execute(StrSql)
StrSql = "delete from sf_poll where pollid = " & pollid
Conn.Execute(StrSql)
' 更新统计
StrSql = "select top 1 threadid, username, userid, title from sf_post where forumid = " & forumid & " order by postid DESC"
Set rs2 = Conn.Execute(StrSql)
if not(rs2.bof or rs2.eof) then
Conn.Execute("update sf_forum set lastpostid=" & rs2("threadid") & ", lastposttitle='" & server.htmlencode(rs2("title")) & "', lastposter='" & rs2("username") & "', lastposterid=" & rs2("userid") & " where forumid = " & forumid)
else
Conn.Execute("update sf_forum set lastpostid=0, lastposttitle='', lastposter='', lastposterid=0 where forumid = " & forumid)
end if
StrSql = "update sf_forum set threadcount = threadcount - 1, postcount = postcount - " & postcount & " where forumid = " & forumid
Conn.Execute(StrSql)
if userinfo > 1 then
StrSql = "update sf_user set rating = rating - " & ratingdel & " where userid = " & userid
Conn.Execute(StrSql)
end if
StrSql = "update sf_counter set threadnum = threadnum - 1, postnum = postnum - " & postcount & ""
Conn.Execute(StrSql)
else
' 删除回复
StrSql = "delete from sf_post where postid = " & postid
Conn.Execute(StrSql)
' 如果该主题已无帖子则删除主题
StrSql = "select * from sf_post where threadid = " & threadid
Set rs2 = Conn.Execute(StrSql)
if rs2.bof or rs2.eof then
StrSql = "delete from sf_thread where threadid = " & threadid
Conn.Execute(StrSql)
StrSql = "delete from sf_poll where pollid = " & pollid
Conn.Execute(StrSql)
else
' 更新统计
StrSql = "select top 1 dateline, userid, username from sf_post where threadid = " & threadid & " order by postid DESC"
Set rs2 = Conn.Execute(StrSql)
if not(rs2.bof or rs2.eof) then
Conn.Execute("update sf_thread set lastpost='" & rs2("dateline") & "', lastposter='" & rs2("username") & "', lastposterid=" & rs2("userid") & " where threadid = " & threadid)
end if
end if
' 更新统计
StrSql = "select top 1 threadid, username, userid, title from sf_post where forumid = " & forumid & " order by postid DESC"
Set rs2 = Conn.Execute(StrSql)
if not(rs2.bof or rs2.eof) then
Conn.Execute("update sf_forum set lastpostid=" & rs2("threadid") & ", lastposttitle='" & server.htmlencode(rs2("title")) & "', lastposter='" & rs2("username") & "', lastposterid=" & rs2("userid") & " where forumid = " & forumid)
else
Conn.Execute("update sf_forum set lastpostid='', lastposttitle='', lastposter='', lastposterid=0 where forumid = " & forumid)
end if
StrSql = "update sf_forum set postcount = postcount - 1 where forumid = " & forumid
Conn.Execute(StrSql)
StrSql = "update sf_thread set replycount = replycount - 1 where threadid = " & threadid
Conn.Execute(StrSql)
if userinfo > 1 then
StrSql = "update sf_user set rating = rating - " & ratingdel & " where userid = " & userid
Conn.Execute(StrSql)
end if
StrSql = "update sf_counter set postnum = postnum - 1"
Conn.Execute(StrSql)
end if
StrHtml = loadtemplate("hint")
StrHtml = Replace(StrHtml, "{hint_text}", loadtemplate("hint_delpost"))
StrHtml = Replace(StrHtml, "{pro_name}", "showforum.asp?forumid=" & forumid)
response.write StrHtml
case else
StrHtml = loadtemplate("delpost")
StrHtml = Replace(StrHtml, "{title}", threadtitle)
if postid = -1 then
StrHtml = Replace(StrHtml, "{hidden_field}", "<input type=""hidden"" name=""threadid"" value=""" & threadid & """>")
else
StrHtml = Replace(StrHtml, "{hidden_field}", "<input type=""hidden"" name=""postid"" value=""" & postid & """>")
end if
response.write StrHtml
end select
response.write loadtemplate("htmlbottom")
Conn.Close
Set Conn = nothing
Set rs = nothing
Set rs2 = nothing
set ip = nothing
set strip = nothing
set killip = nothing
%>⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -