📄 showmessage.asp
字号:
<!--#INCLUDE FILE="inc/db_inc.asp"-->
<!--#INCLUDE FILE="inc/char_inc.asp"-->
<!--#INCLUDE FILE="inc/xbcode_inc.asp"-->
<!--#INCLUDE FILE="header.asp"-->
<%
dim ip, strip, killip
dim StrSql, toptext, rs, rs2, StrHtml, StrHtml2, error, err
StrHtml = loadtemplate("htmltop")
StrHtml = Replace(StrHtml, "{pagetitle}", loadtemplate("messagetitle"))
StrHtml = Replace(StrHtml, "{forumtitle}", boardtitle)
response.write StrHtml
StrHtml = loadtemplate("pagetitle")
if request.cookies("sf")("username") = "" then
toptext = loadtemplate("toptextguest")
else
toptext = loadtemplate("toptextuser")
end if
toptext = toptext & loadtemplate("toptext")
StrHtml = Replace(StrHtml, "{top_text}", toptext)
StrHtml = Replace(StrHtml, "{username}", request.cookies("sf")("username"))
response.write StrHtml
' 论坛关闭
StrSql = "select * from sf_setup"
Set rs2 = Conn.Execute(StrSql)
if rs2("forumclose") = 1 then
StrHtml = loadtemplate("error")
StrHtml = Replace(StrHtml, "{error_text}", rs2("forumclosehint"))
response.write StrHtml
response.end
end if
' 禁止IP访问
if rs2("killip") = 1 then
userip = cstr(request.ServerVariables("REMOTE_ADDR"))
killiplist = rs2("killiplist")
if killiplist <> "" and userip <> "" then
killip = split(killiplist, "|")
struserip = split(userip, ".")
i = 0
do until i > ubound(killip)
strkillip = split(killip(i), ".")
bolkill = true
if (struserip(0) <> strkillip(0)) and (strkillip(0) <> "*") then bolkill = false
if (struserip(1) <> strkillip(1)) and (strkillip(1) <> "*") then bolkill = false
if (struserip(2) <> strkillip(2)) and (strkillip(2) <> "*") then bolkill = false
if (struserip(3) <> strkillip(3)) and (strkillip(3) <> "*") then bolkill = false
if bolkill then
StrHtml = loadtemplate("error")
StrHtml = Replace(StrHtml, "{error_text}", rs2("killiphint"))
response.write StrHtml
Response.End
end if
i = i + 1
loop
end if
end if
StrHtml = loadtemplate("pagepath")
StrHtml = Replace(StrHtml, "{path_text}", "<a href=""index.asp"">" & boardtitle & "</a> » " & loadtemplate("messagetitle"))
response.write StrHtml
' 如果未注册或未登录...
if request.cookies("sf")("username") = "" or request.cookies("sf")("password") = "" then
StrHtml = loadtemplate("error")
StrHtml = Replace(StrHtml, "{error_text}", loadtemplate("err_unregistered"))
response.write StrHtml
response.end
end if
' 检测密码...
StrSql = "select password, userid from sf_user where username = '" & ChkSql(request.cookies("sf")("username")) & "'"
Set rs2 = Conn.Execute(StrSql)
err = false
if rs2.bof or rs2.eof then
err = true
else
if request.cookies("sf")("password") <> rs2("password") then
err = true
else
userid = rs2("userid")
StrSql = "update sf_user set lastactivity = '" & now() & "' where userid = " & userid
Conn.Execute(StrSql)
end if
end if
if err then
StrHtml = loadtemplate("error")
StrHtml = Replace(StrHtml, "{error_text}", loadtemplate("err_chkpassword"))
response.write StrHtml
response.end
end if
StrHtml = loadtemplate("messagebox")
StrHtml = Replace(StrHtml, "{msgmax}", msgmax)
response.write StrHtml
error = ""
err = false
msgid = ChkSql(request("msgid"))
if msgid <> "" and (request("action") = "showinbox" or request("action") = "showoutbox") then
if not IsNumeric(msgid) then
StrHtml = loadtemplate("error")
StrHtml = Replace(StrHtml, "{error_text}", loadtemplate("err_url"))
response.write StrHtml
response.end
end if
msgid = clng(msgid)
StrSql = "select sf_privatemessage.title, sf_privatemessage.message, sf_privatemessage.showsignature, sf_privatemessage.messageread, sf_privatemessage.dateline, sf_privatemessage.privatemessageid, sf_privatemessage.fromuserid, sf_user.username, sf_user.signature from (sf_privatemessage left join sf_user on sf_privatemessage.fromuserid = sf_user.userid) where sf_privatemessage.privatemessageid = " & msgid & " and sf_privatemessage.userid = " & userid
Set rs2 = server.CreateObject("ADODB.RecordSet")
'on error resume next
'response.write strsql
'response.end
rs2.open StrSql, Conn, 1, 3
if rs2.eof or rs2.bof then
StrHtml = loadtemplate("error")
StrHtml = Replace(StrHtml, "{error_text}", loadtemplate("err_url"))
response.write StrHtml
response.end
else
StrHtml = loadtemplate("showmessage")
StrHtml = Replace(StrHtml, "{subject}", "<b>" & rs2("title") & "</b>")
text = xbcodeContent(formatstr(rs2("message")), allowemot, false, true, false)
if rs2("showsignature") = 1 and rs2("signature") <> "" then
text = text & "<br><br><img src=""image/default/sign.gif"" border=0><br>" & xbcodeContent(formatstr(rs2("signature")), allowemot, false, true, false)
end if
StrHtml = Replace(StrHtml, "{text}", text)
if request("action") = "showinbox" then
StrHtml = Replace(StrHtml, "{msg_btn}", "<a href=""showmessage.asp?action=sendmessage&subject=" & server.htmlencode("Re: " & rs2("title")) & "&username=" & server.htmlencode(rs2("username")) & """><img src=""image/messageicon/replymsg.gif"" border=0></a> <a href=""showmessage.asp?action=delete&msgid=" & rs2("privatemessageid") & """><img src=""image/messageicon/delmsg.gif"" border=0></a>")
else
StrHtml = Replace(StrHtml, "{msg_btn}", "<a href=""showmessage.asp?action=delete&msgid=" & rs2("privatemessageid") & """><img src=""image/messageicon/delmsg.gif"" border=0></a>")
end if
response.write StrHtml
StrSql = "update sf_privatemessage set messageread = 1, readtime = '" & now() & "' where privatemessageid = " & msgid
Conn.execute(StrSql)
end if
end if
action = ChkSql(request("action"))
select case action
case "showoutbox"
StrSql = "select sf_privatemessage.title, sf_privatemessage.message, sf_privatemessage.messageread, sf_privatemessage.dateline, sf_privatemessage.privatemessageid, sf_privatemessage.touserid, sf_user.username from (sf_privatemessage left join sf_user on sf_privatemessage.touserid = sf_user.userid) where sf_privatemessage.folderid = -1 and sf_privatemessage.userid = " & userid & " order by sf_privatemessage.privatemessageid DESC"
Set rs2 = server.CreateObject("ADODB.RecordSet")
'on error resume next
'response.write strsql
'response.end
rs2.open StrSql, Conn, 1, 3
StrHtml = loadtemplate("showmessageoutboxtop")
StrHtml = Replace(StrHtml, "{hidden_field}", "<input name=""action"" type=""hidden"" value=""delete"">")
response.write StrHtml
if rs2.eof or rs2.bof then
'
else
StrHtml = loadtemplate("showmessageoutbox")
if not (rs2.bof or rs2.eof) then
do until rs2.eof
StrHtml2 = StrHtml
if rs2("privatemessageid") = msgid then
StrHtml2 = Replace(StrHtml2, "{subject}", "<b>" & rs2("title") & "</b>")
else
StrHtml2 = Replace(StrHtml2, "{subject}", "<a href=""showmessage.asp?action=showoutbox&msgid=" & rs2("privatemessageid") & """>" & rs2("title") & "</a>")
end if
StrHtml2 = Replace(StrHtml2, "{username}", "<a href=""showuser.asp?userid=" & rs2("touserid") & """>" & rs2("username") & "</a>")
StrHtml2 = Replace(StrHtml2, "{time}", rs2("dateline"))
StrHtml2 = Replace(StrHtml2, "{del_box}", "<input name=""msgid"" type=""checkbox"" value=""" & rs2("privatemessageid") & """>")
response.write StrHtml2
rs2.MoveNext
loop
end if
StrHtml = loadtemplate("showmessagebottom")
response.write StrHtml
response.write sfcopyright
end if
case "showinbox"
StrSql = "select sf_privatemessage.title, sf_privatemessage.message, sf_privatemessage.messageread, sf_privatemessage.dateline, sf_privatemessage.privatemessageid, sf_privatemessage.fromuserid, sf_user.username from (sf_privatemessage left join sf_user on sf_privatemessage.fromuserid = sf_user.userid) where sf_privatemessage.folderid = 0 and sf_privatemessage.userid = " & userid & " order by sf_privatemessage.privatemessageid DESC"
Set rs2 = server.CreateObject("ADODB.RecordSet")
'on error resume next
'response.write strsql
'response.end
rs2.open StrSql, Conn, 1, 3
StrHtml = loadtemplate("showmessageinboxtop")
StrHtml = Replace(StrHtml, "{newmsg_icon}", "<img src=""image/messageicon/newmsg.gif"" border=0>")
StrHtml = Replace(StrHtml, "{oldmsg_icon}", "<img src=""image/messageicon/oldmsg.gif"" border=0>")
StrHtml = Replace(StrHtml, "{hidden_field}", "<input name=""action"" type=""hidden"" value=""delete"">")
response.write StrHtml
if rs2.eof or rs2.bof then
'
else
StrHtml = loadtemplate("showmessageinbox")
if not (rs2.bof or rs2.eof) then
do until rs2.eof
StrHtml2 = StrHtml
if rs2("privatemessageid") = msgid then
StrHtml2 = Replace(StrHtml2, "{subject}", "<b>" & rs2("title") & "</b>")
else
StrHtml2 = Replace(StrHtml2, "{subject}", "<a href=""showmessage.asp?action=showinbox&msgid=" & rs2("privatemessageid") & """>" & rs2("title") & "</a>")
end if
StrHtml2 = Replace(StrHtml2, "{username}", "<a href=""showuser.asp?userid=" & rs2("fromuserid") & """>" & rs2("username") & "</a>")
messagereadimg = "<img src=""image/messageicon/oldmsg.gif"" border=0>"
if rs2("messageread") = 0 then messagereadimg = "<img src=""image/messageicon/newmsg.gif"" border=0>"
StrHtml2 = Replace(StrHtml2, "{read}", messagereadimg)
StrHtml2 = Replace(StrHtml2, "{time}", rs2("dateline"))
StrHtml2 = Replace(StrHtml2, "{del_box}", "<input name=""msgid"" type=""checkbox"" value=""" & rs2("privatemessageid") & """>")
response.write StrHtml2
rs2.MoveNext
loop
end if
StrHtml = loadtemplate("showmessagebottom")
response.write StrHtml
response.write sfcopyright
end if
case "sendmessage"
step = ChkSql(request("step"))
select case step
case "2"
error = ""
err = false
if request("subject") = "" then
error = error & "<br><li>" & loadtemplate("err_postsubject")
else
if strLength(request("subject")) > 100 then error = error & "<br><li>" & loadtemplate("err_postsubject")
end if
StrHtml = loadtemplate("err_posttext")
StrHtml = Replace(StrHtml, "{textmaxlength}", "500")
if request("text") = "" then
error = error & "<br><li>" & StrHtml
else
if strLength(request("text")) > 500 then error = error & "<br><li>" & StrHtml
end if
' check user exist...
StrSql = "select userid from sf_user where username = '" & ChkSql(request("username")) & "'"
Set rs2 = Conn.Execute(StrSql)
if rs2.bof or rs2.eof then
error = error & "<br><li>" & loadtemplate("err_usernotexist")
else
touserid = rs2("userid")
end if
StrSql = "select privatemessageid from sf_privatemessage where userid = touserid and folderid = 0"
Set rs2 = Conn.Execute(StrSql)
if not (rs2.bof or rs2.eof) then
i = 1
do until rs2.eof
i = i + 1
rs2.MoveNext
loop
if i > msgmax then
error = error & "<br><li>" & loadtemplate("err_msgnimiety")
end if
end if
if error <> "" then
StrHtml = loadtemplate("error")
StrHtml = Replace(StrHtml, "{error_text}", error)
response.write StrHtml
response.end
end if
' save pm
nowtime = now()
sign = 0
if request("sign") = "1" then sign = 1
StrSql = "insert into sf_privatemessage(folderid, userid, touserid, fromuserid, title, message, dateline, showsignature, messageread, readtime) values("
StrSql = StrSql & "0, " & touserid & ", " & touserid & ", " & userid & ", '" & ChkSql(request("subject")) & "', '" & ChkSql(request("text")) & "', '" & nowtime & "', " & sign & ", 0, '" & nowtime & "')"
' lock database
Application.Lock
Conn.Execute(StrSql)
if request("savemsg") = "1" then
StrSql = "insert into sf_privatemessage(folderid, userid, touserid, fromuserid, title, message, dateline, showsignature, messageread, readtime) values("
StrSql = StrSql & "-1, " & userid & ", " & touserid & ", " & userid & ", '" & ChkSql(request("subject")) & "', '" & ChkSql(request("text")) & "', '" & nowtime & "', " & sign & ", 0, '" & nowtime & "')"
Conn.Execute(StrSql)
end if
' if exceed pm-num limit...
' outbox
StrSql = "select privatemessageid from sf_privatemessage where userid = " & userid & " and folderid = -1"
Set rs2 = Conn.Execute(StrSql)
if not (rs2.bof or rs2.eof) then
i = 1
do until rs2.eof
if i > msgmax then
StrSql = "delete from sf_privatemessage where privatemessageid = " & rs2("privatemessageid")
Conn.execute (StrSql)
end if
i = i + 1
rs2.MoveNext
loop
end if
' unlock database
Application.UnLock
StrHtml = loadtemplate("hint")
StrHtml = Replace(StrHtml, "{hint_text}", loadtemplate("hint_sendmessage"))
StrHtml = Replace(StrHtml, "{pro_name}", "showmessage.asp")
response.write StrHtml
case else
StrHtml = loadtemplate("sendmessage")
StrHtml = Replace(StrHtml, "{subject}", request("subject"))
StrHtml = Replace(StrHtml, "{user_name}", request("username"))
StrHtml = Replace(StrHtml, "{text}", "")
response.write StrHtml
response.write sfcopyright
end select
case "delete"
if not isempty(request("msgid")) then
idlist=request("msgid")
if instr(idlist,",")>0 then
strid=split(idlist)
for i = 0 to ubound(strid)
id=clng(strid(i))
StrSql = "delete from sf_privatemessage where userid = " & userid & " and privatemessageid = " & id
Conn.Execute(StrSql)
next
else
StrSql = "delete from sf_privatemessage where userid = " & userid & " and privatemessageid = " & clng(idlist)
Conn.execute(StrSql)
end if
StrHtml = loadtemplate("hint")
StrHtml = Replace(StrHtml, "{hint_text}", loadtemplate("hint_delpost"))
StrHtml = Replace(StrHtml, "{pro_name}", "showmessage.asp")
response.write StrHtml
end if
case else
end select
response.write loadtemplate("htmlbottom")
response.end
Conn.Close
Set Conn = nothing
Set rs = nothing
Set rs2 = nothing
set ip = nothing
set strip = nothing
set killip = nothing
%>⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -