📄 vote.asp
字号:
<!--#INCLUDE FILE="inc/db_inc.asp"-->
<!--#INCLUDE FILE="inc/char_inc.asp"-->
<!--#INCLUDE FILE="header.asp"-->
<%
dim ip, strip, killip
dim StrSql, rs, rs2, toptext, StrHtml, err
dim threadtitle, threadid, forumid, forumtitle
error = ""
threadtitle = ""
' 检测threadid是否合法
threadid = ChkSql(request("threadid"))
err = false
if not IsNumeric(threadid) then
err = true
else
StrSql = "select * from sf_thread where threadid = " & threadid
Set rs2 = Conn.Execute(StrSql)
if rs2.bof or rs2.eof then
err = true
else
threadtitle = rs2("title")
forumid = rs2("forumid")
pollid = rs2("pollid")
end if
end if
if err then error = error & "<br><li>" & loadtemplate("err_threadnotexist")
if not err then
' 检测pollid是否合法
StrSql = "select type from sf_poll where pollid = " & pollid
Set rs2 = Conn.Execute(StrSql)
if rs2.bof or rs2.eof then
err = true
else
polltype = rs2("type")
if (polltype <> 1) and (instr(ChkSql(request("voteid")), ",") > 0) then err = true
end if
if err then error = error & "<br><li>" & loadtemplate("err_votenotexist")
end if
StrHtml = loadtemplate("htmltop")
' 在窗口标题中显示主题名称
StrHtml = Replace(StrHtml, "{pagetitle}", left(threadtitle, 20))
StrHtml = Replace(StrHtml, "{forumtitle}", boardtitle)
response.write StrHtml
StrHtml = loadtemplate("pagetitle")
if request.cookies("sf")("username") = "" then
toptext = loadtemplate("toptextguest")
else
toptext = loadtemplate("toptextuser")
end if
toptext = toptext & loadtemplate("toptext")
StrHtml = Replace(StrHtml, "{top_text}", toptext)
StrHtml = Replace(StrHtml, "{username}", request.cookies("sf")("username"))
response.write StrHtml
' 论坛关闭
StrSql = "select * from sf_setup"
Set rs2 = Conn.Execute(StrSql)
if rs2("forumclose") = 1 then
StrHtml = loadtemplate("error")
StrHtml = Replace(StrHtml, "{error_text}", rs2("forumclosehint"))
response.write StrHtml
response.end
end if
' 禁止IP访问
if rs2("killip") = 1 then
userip = cstr(request.ServerVariables("REMOTE_ADDR"))
killiplist = rs2("killiplist")
if killiplist <> "" and userip <> "" then
killip = split(killiplist, "|")
struserip = split(userip, ".")
i = 0
do until i > ubound(killip)
strkillip = split(killip(i), ".")
bolkill = true
if (struserip(0) <> strkillip(0)) and (strkillip(0) <> "*") then bolkill = false
if (struserip(1) <> strkillip(1)) and (strkillip(1) <> "*") then bolkill = false
if (struserip(2) <> strkillip(2)) and (strkillip(2) <> "*") then bolkill = false
if (struserip(3) <> strkillip(3)) and (strkillip(3) <> "*") then bolkill = false
if bolkill then
StrHtml = loadtemplate("error")
StrHtml = Replace(StrHtml, "{error_text}", rs2("killiphint"))
response.write StrHtml
Response.End
end if
i = i + 1
loop
end if
end if
' 如果有错误则提示
if error <> "" then
StrHtml = loadtemplate("error")
StrHtml = Replace(StrHtml, "{error_text}", error)
response.write StrHtml
response.end
end if
error = ""
' 如果未注册或未登录...
if request.cookies("sf")("username") = "" or request.cookies("sf")("password") = "" then
StrHtml = loadtemplate("error")
StrHtml = Replace(StrHtml, "{error_text}", loadtemplate("err_unregistered"))
response.write StrHtml
response.end
end if
' 检测密码...
StrSql = "select password from sf_user where username = '" & ChkSql(request.cookies("sf")("username")) & "'"
Set rs2 = Conn.Execute(StrSql)
err = false
if rs2.bof or rs2.eof then
err = true
else
if request.cookies("sf")("password") <> rs2("password") then err = true
end if
if err then
StrHtml = loadtemplate("error")
StrHtml = Replace(StrHtml, "{error_text}", loadtemplate("err_chkpassword"))
response.write StrHtml
response.end
end if
if (pollid <> -1) or (request("voteid") <> "") then
StrSql = "select * from sf_poll where pollid = " & pollid
Set rs2 = Conn.Execute(StrSql)
if rs2.bof or rs2.eof then
StrHtml = loadtemplate("error")
StrHtml = Replace(StrHtml, "{error_text}", loadtemplate("err_votenotexist"))
response.write StrHtml
response.end
else
if (dateadd("d", rs2("dateline"), rs2("timeout")) - now() <= 0) and (rs2("timeout") <> 0) then
StrHtml = loadtemplate("error")
StrHtml = Replace(StrHtml, "{error_text}", loadtemplate("err_vote"))
response.write StrHtml
response.end
end if
end if
user_array = split(rs2("users"), "||")
num_array = split(rs2("votes"), "||")
j = ubound(user_array)
struser = ""
vote=true
for i = 0 to j
if user_array(i)<> "" then struser = struser + user_array(i) + "||"
if user_array(i) = request.cookies("sf")("username") then
vote = false
exit for
end if
next
if vote then
strnum = ""
j = ubound(num_array)
idlist=request("voteid")
if instr(idlist, ",") > 0 then
strid = split(idlist)
active = ubound(strid) + 1
for k = 0 to ubound(strid)
'for k = 0 to j
id = clng(strid(k))
strnum = ""
for i = 0 to j
if num_array(i) <> "" and i = id then num_array(i) = cstr(clng(num_array(i))+1)
strnum = strnum + num_array(i) + "||"
next
next
else
active = 1
for i = 0 to j
if num_array(i) <> "" and i = clng(idlist) then num_array(i) = cstr(clng(num_array(i))+1)
strnum = strnum + num_array(i) + "||"
next
end if
struser = struser & ChkSql(request.cookies("sf")("username"))
' 去除尾部多余间隔符
strnum = left(strnum, len(strnum)-2)
StrSql= "update sf_poll set users = '" & struser & "', votes = '" & strnum & "', active = active + " & active & " where pollid = " & pollid
Conn.Execute(StrSql)
StrHtml = loadtemplate("hint")
StrHtml = Replace(StrHtml, "{hint_text}", loadtemplate("hint_voted"))
StrHtml = Replace(StrHtml, "{pro_name}", "showthread.asp?threadid=" & threadid)
response.write StrHtml
else
StrHtml = loadtemplate("error")
StrHtml = Replace(StrHtml, "{error_text}", loadtemplate("err_vote"))
response.write StrHtml
response.end
end if
else
StrHtml = loadtemplate("error")
StrHtml = Replace(StrHtml, "{error_text}", loadtemplate("err_url"))
response.write StrHtml
response.end
end if
Set rs2 = nothing
Set StrHtml = nothing
set struser = nothing
set strnum = nothing
set i = nothing
set j = nothing
set error = nothing
set ip = nothing
set strip = nothing
set killip = nothing
%>⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -