📄 post_info.asp
字号:
if txtMessage = " " then
Go_Result "你必须填写内容", 0
%>
<!--#INCLUDE FILE="inc_footer.asp" -->
<%
Response.End
end if
if txtSubject = " " then
Go_Result "你必须填写标题!", 0
%>
<!--#INCLUDE FILE="inc_footer.asp" -->
<%
Response.End
end if
if Request.Form("sig") = "yes" and GetSig(STRdbntUserName) <> "" then
txtMessage = txtMessage & vbCrLf & vbCrLf & ChkString(GetSig(STRdbntUserName), "signature" )
end if
'
if Request.Form("rmail") <> "1" then
TF = "0"
else
TF = "1"
end if
'## Forum_SQL - Add new post to Topics Table
strSql = "INSERT INTO " & strTablePrefix & "TOPICS (FORUM_ID"
strSql = strSql & ", CAT_ID"
strSql = strSql & ", T_SUBJECT"
strSql = strSql & ", T_MESSAGE"
strSql = strSql & ", T_AUTHOR"
strSql = strSql & ", T_LAST_POST"
strSql = strSql & ", T_LAST_POST_AUTHOR"
strSql = strSql & ", T_DATE"
strSql = strSql & ", T_STATUS"
if strIPLogging <> "0" then
strSql = strSql & ", T_IP"
end if
strSql = strSql & ", T_MAIL"
strSql = strSql & ") VALUES ("
strSql = strSql & Request.Form("FORUM_ID")
strSql = strSql & ", " & Request.Form("CAT_ID")
strSql = strSql & ", '" & txtSubject & "'"
strSql = strSql & ", '" & txtMessage & "'"
strSql = strSql & ", " & rs("MEMBER_ID")
strSql = strSql & ", '" & DateToStr(strForumTimeAdjust) & "'"
strSql = strSql & ", " & rs("MEMBER_ID")
strSql = strSql & ", '" & DateToStr(strForumTimeAdjust) & "'"
if Request.Form("lock") = 1 then
strSql = strSql & ", 0 "
else
strSql = strSql & ", 1 "
end if
if strIPLogging <> "0" then
strSql = strSql & ", '" & remoteIP() & "'"
end if
strSql = strSql & ", " & TF & ")"
my_Conn.Execute (strSql)
if Err.description <> "" then
err_Msg = "发生一个错误 → " & Err.description
else
err_Msg = "更新完成"
end if
'## Forum_SQL - Increase count of topics and replies in Forum table by 1
strSql = "UPDATE " & strTablePrefix & "FORUM "
strSql = strSql & " SET F_LAST_POST = '" & DateToStr(strForumTimeAdjust) & "'"
strSql = strSql & ", F_TOPICS = F_TOPICS + 1"
strSql = strSql & ", F_COUNT = F_COUNT + 1"
strSql = strSql & ", F_LAST_POST_AUTHOR = " & rs("MEMBER_ID") & ""
strSql = strSql & " WHERE FORUM_ID = " & Request.Form("FORUM_ID")
my_Conn.Execute (strSql)
Go_Result err_Msg, 1
%>
<!--#INCLUDE FILE="inc_footer.asp" -->
<%
Response.End
end if
end if
if Request.Form("Method_Type") = "Reply" or Request.Form("Method_Type") = "ReplyQuote" or Request.Form("Method_Type") = "TopicQuote" then
'## Forum_SQL
strSql = "SELECT MEMBER_ID, M_LEVEL, M_EMAIL, "&Strdbntsqlname
if strAuthType = "db" then
strSql = strSql & ", M_PASSWORD "
end if
strSql = strSql & " FROM " & strMemberTablePrefix & "MEMBERS "
strSql = strSql & " WHERE "&Strdbntsqlname&" = '" & STRdbntUserName & "'"
strSql = strSql & " AND " & strMemberTablePrefix & "MEMBERS.M_STATUS = " & 1
if strAuthType = "db" then
strSql = strSql & " AND M_PASSWORD = '" & Request.Form("Password") &"'"
QuoteOk = (ChkQuoteOk(STRdbntUserName) and ChkQuoteOk(Request.Form("Password")))
else
QuoteOk = ChkQuoteOk(STRdbntUserName)
end if
set rs = my_Conn.Execute (strSql)
if rs.BOF or rs.EOF or not(QuoteOk) then '## Invalid Password
err_Msg = "Invalid Password or User Name"
Go_Result(err_Msg), 0
%>
<!--#INCLUDE FILE="inc_footer.asp" -->
<%
Response.End
else
if not(chkForumAccess(Request.Form("FORUM_ID"))) then
Go_Result "你不能在本论坛发表文章"& strDBNTUserName, 0
end if
txtMessage = ChkString(Request.Form("Message"),"message")
if txtMessage = " " then
Go_Result "你必须填写内容", 0
%>
<!--#INCLUDE FILE="inc_footer.asp" -->
<%
Response.End
end if
if Request.Form("sig") = "yes" and GetSig(STRdbntUserName) <> "" then
txtMessage = txtMessage & vbCrLf & vbCrLf & ChkString(GetSig(STRdbntUserName), "signature" )
end if
DoReplyEmail Request.Form("TOPIC_ID"), rs("MEMBER_ID"), Request.Form("UserName")
if Request.Form("rmail") <> "1" then
RF = "0"
else
RF = "1"
end if
if CanUserPost(Request.Form("TOPIC_ID"), rs("MEMBER_ID")) = "yes" then
'## Forum_SQL
strSql = "INSERT INTO " & strTablePrefix & "REPLY "
strSql = strSql & "(TOPIC_ID"
strSql = strSql & ", FORUM_ID"
strSql = strSql & ", CAT_ID"
strSql = strSql & ", R_AUTHOR"
strSql = strSql & ", R_DATE "
if strIPLogging <> "0" then
strSql = strSql & ", R_IP"
end if
strSql = strSql & ", R_MAIL"
strSql = strSql & ", R_MESSAGE"
strSql = strSql & ") VALUES ("
strSql = strSql & Request.Form("TOPIC_ID")
strSql = strSql & ", " & Request.Form("FORUM_ID")
strSql = strSql & ", " & Request.Form("CAT_ID")
strSql = strSql & ", " & rs("MEMBER_ID")
strSql = strSql & ", " & "'" & DateToStr(strForumTimeAdjust) & "'"
if strIPLogging <> "0" then
strSql = strSql & ", " & "'" & remoteIP() & "'"
end if
strSql = strSql & ", " & RF
strSql = strSql & ", " & "'" & txtMessage & "'"
strSql = strSql & ")"
my_Conn.Execute (strSql)
'###################### Attach Files #######################
strSQL = "SELECT MAX(REPLY_ID) AS MAXID FROM " & strTablePrefix & "REPLY "
strSQL = strSQL + "WHERE TOPIC_ID = " & Request.Form("TOPIC_ID")
strSQL = strSQL + " AND R_AUTHOR = " & rs("MEMBER_ID")
set rs2 = my_Conn.Execute (strSql)
intReplyID = rs2("MAXID")
rs2.close
strSQL = "UPDATE " & strTablePrefix & "USERFILES "
strSQL = strSQL & "SET F_REPLY_ID = " & intReplyID
strSQL = strSQL & " WHERE MEMBER_ID = " & rs("MEMBER_ID")
strSQL = strSQL & " AND F_REPLY_ID = -1 AND F_TOPIC_ID =" & Request.Form("TOPIC_ID")
my_Conn.execute (strSQL)
'###################### Attach Files #######################
'## Forum_SQL - Update Last Post and count
strSql = "UPDATE " & strTablePrefix & "TOPICS "
strSql = strSql & " SET T_LAST_POST = '" & DateToStr(strForumTimeAdjust) & "'"
strSql = strSql & ", T_REPLIES = T_REPLIES + 1 "
strSql = strSql & ", T_LAST_POST_AUTHOR = " & rs("MEMBER_ID")
if Request.Form("lock") = 1 then
strSql = strSql & ", T_STATUS = 0 "
end if
strSql = strSql & " WHERE TOPIC_ID = " & Request.Form("TOPIC_ID")
my_Conn.Execute (strSql)
'## Forum_SQL
strSql = "UPDATE " & strTablePrefix & "FORUM "
strSql = strSql & " SET F_LAST_POST = '" & DateToStr(strForumTimeAdjust) & "'"
strSql = strSql & ", F_LAST_POST_AUTHOR = " & rs("MEMBER_ID")
strSql = strSql & ", F_COUNT = F_COUNT + 1 "
strSql = strSql & " WHERE FORUM_ID = " & Request.Form("FORUM_ID")
my_Conn.Execute (strSql)
else
Err.description = "你已经发表过,必须等60秒后才能重新发表"
end if
if Err.description <> "" then
Go_Result "发生一个错误 → " & Err.description, 0
%>
<!--#INCLUDE FILE="inc_footer.asp" -->
<%
Response.End
else
if Request.Form("M") = "1" then
'## Forum_SQL
strSql = "SELECT " & strMemberTablePrefix & "MEMBERS.M_NAME, " & strMemberTablePrefix & "MEMBERS.M_EMAIL "
strSql = strSql & " FROM " & strMemberTablePrefix & "MEMBERS, " & strTablePrefix & "TOPICS "
strSql = strSql & " WHERE " & strMemberTablePrefix & "MEMBERS.MEMBER_ID = " & strTablePrefix & "TOPICS.T_AUTHOR "
strSql = strSql & " AND " & strTablePrefix & "TOPICS.TOPIC_ID = " & Request.Form("TOPIC_ID")
set rs2 = my_Conn.Execute (strSql)
DoEmail rs2("M_EMAIL"), rs2("M_NAME")
rs2.close
set rs2 = nothing
end if
Go_Result "更新完成", 1
%>
<!--#INCLUDE FILE="inc_footer.asp" -->
<%
Response.End
end if
end if
end if
if Request.Form("Method_Type") = "Forum" then
member = cint(ChkUser(strDBNTUserName, Request.Form("Password")))
select case Member
case 0
'## Invalid Pword
Go_Result "错误的用户名跟密码", 0
%>
<!--#INCLUDE FILE="inc_footer.asp" -->
<%
Response.End
case 1 '## Author of Post
'## Do Nothing
case 2 '## Normal User - Not Authorised
Go_Result "只有版主能建立论坛", 0
%>
<!--#INCLUDE FILE="inc_footer.asp" -->
<%
Response.End
case 3 '## Moderator
if chkForumModerator(Request.Form("FORUM_ID"), STRdbntUserName) = "0" then
Go_Result "只有版主能建立新论坛", 0
end if
case 4 '## Admin
'## Do Nothing
case else
Go_Result cstr(Member), 0
%>
<!--#INCLUDE FILE="inc_footer.asp" -->
<%
Response.End
end select
txtMessage = ChkString(Request.Form("Message"),"message")
txtSubject = ChkString(Request.Form("Subject"),"title")
Err_Msg = ""
if txtSubject = " " then
Err_Msg = Err_Msg & "<li>你必须输入新论坛的名称</li>"
end if
if txtMessage = "" then
Err_Msg = Err_Msg & "<li>你必须输入新论坛的简介</li>"
end if
if Err_Msg = "" then
'## Forum_SQL - Do DB Update
strSql = "INSERT INTO " & strTablePrefix & "FORUM "
strSql = strSql & "(CAT_ID"
if strPrivateForums = "1" then
strSql = strSql & ", F_PRIVATEFORUMS"
strSql = strSql & ", F_PASSWORD_NEW"
'##########
strSql = strSql & ", F_HIDDEN"
'##########
' strSql = strSql & ", F_USERLIST"
end if
strSql = strSql & ", F_LAST_POST"
strSql = strSql & ", F_CREATED"
strSql = strSql & ", F_SUBJECT"
strSql = strSql & ", F_DESCRIPTION"
strSql = strSql & ", F_TYPE"
strSql = strSql & ") VALUES ("
strSql = strSql & Request.Form("CAT_ID")
if strPrivateForums = "1" then
strSql = strSql & ", " & Request.Form("AuthType") & ""
strSql = strSql & ", '" & ChkString(Request.Form("AuthPassword"),"password") & "'"
'##########
if Request.Form("HideForum") = 1 then
strSql = strSql & ", 1 "
else
strSql = strSql & ", 0 "
end if
'##########
' strSql = strSql & ", '" & ChkString(Request.Form("AuthUsers"),"list") & "'"
end if
strSql = strSql & ", " & "'" & DateToStr(strForumTimeAdjust) & "'"
strSql = strSql & ", " & "'" & DateToStr(strForumTimeAdjust) & "'"
strSql = strSql & ", '" & txtSubject & "'"
strSql = strSql & ", '" & txtMessage & "'"
strSql = strSql & ", " & Request.Form("Type")
strSql = strSql & ")"
my_Conn.Execute (strSql)
err_Msg = ""
if Err.description <> "" then
Go_Result "发生一个错误 → " & Err.description, 0
%>
<!--#INCLUDE FILE="inc_footer.asp" -->
<%
Response.End
Else
'######## Update allowed user list##################################
set rsCount = my_Conn.execute("SELECT MAX(FORUM_ID) AS maxForumID FROM " & strTablePrefix & "FORUM ")
newForumMembers rsCount("maxForumId")
'##################################################################
Go_Result "更新完成", 1
end if
else
%>
<p align=center><font face="<% =strDefaultFontFace %>" size="<% =strHeaderFontSize %>">你输入的资料有问题或没有填写完整</font></p>
<table align=center border=0>
<tr>
<td><font face="<% =strDefaultFontFace %>" size="<% =strDefaultFontSize %>">
<ul>
<% =Err_Msg %>
</ul>
</font></td>
</tr>
</table>
<p align=center><font face="<% =strDefaultFontFace %>" size=<% =strDefaultFontSize %>><a href="JavaScript:history.go(-1)">请返回重新输入</a></font></p>
<%
end if
end if
if Request.Form("Method_Type") = "URL" then
member = cint(ChkUser(strDBNTUserName, Request.Form("Password")))
select case Member
case 0'## Invalid Pword
Go_Result "错误的用户名跟密码", 0
%>
<!--#INCLUDE FILE="inc_footer.asp" -->
<%
Response.End
case 1 '## Author of Post
'## Do Nothing
case 2 '## Normal User - Not Authorised
Go_Result "只有版主能建立网路连接", 0
%>
<!--#INCLUDE FILE="inc_footer.asp" -->
<%
Response.End
case 3 '## Moderator
if chkForumModerator(Request.Form("FORUM_ID"), STRdbntUserName) = "0" then
Go_Result "只有版主能建立网路连接", 0
end if
case 4 '## Admin
'## Do Nothing
case else
Go_Result cstr(Member), 0
%>
<!--#INCLUDE FILE="inc_footer.asp" -->
<%
Response.End
end select
txtMessage = ChkString(Request.Form("Message"),"message")
txtAddress = ChkString(Request.Form("Address"),"url")
txtSubject = ChkString(Request.Form("Subject"),"title")
Err_Msg = ""
if txtSubject = " " then
Err_Msg = Err_Msg & "<li>你必须输入新连接的名称</li>"
end if
if txtAddress = " " or lcase(txtAddress) = "http://" or lcase(txtAddress) = "https://" or lcase(txtAddress) = "file:///" then
Err_Msg = Err_Msg & "<li>你必须输入新连接的网址</li>"
end if
if (left(lcase(txtAddress), 7) <> "http://" and left(lcase(txtAddress), 8) <> "https://") and left(lcase(txtAddress), 8) <> "file:///" and txtAddress <> "" then
Err_Msg = Err_Msg & "<li>你必须在网址前加上 <b>http://</b>, <b>https://</b> or <b>file:///</b></li>"
end if
if txtMessage = " " then
Err_Msg = Err_Msg & "<li>你必须输入新连接的简介</li>"
end if
if Err_Msg = "" then
'## Forum_SQL - Do DB Update
strSql = "INSERT INTO " & strTablePrefix & "FORUM "
strSql = strSql & "(CAT_ID"
if strPrivateForums = "1" then
strSql = strSql & ", F_PRIVATEFORUMS"
'##########
strSql = strSql & ", F_HIDDEN"
'##########
' strSql = strSql & ", F_USERLIST"
end if
strSql = strSql & ", F_LAST_POST"
strSql = strSql & ", F_LAST_POST_AUTHOR"
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -