addnew.asp

经过一些更改的留言板

<!--#include file="data.asp"-->
<%
 if instr(request.servervariables("http_referer"),"new")<1 then
    response.redirect "index.asp"
 end if
 %>
 <%
     dim title,name,pass,email,qq,url,pic,nei,t,rt,yd,hf,jh,bl
	 dim exec1, rs1, rs, rs2
      
      title=encodestr(Request.form("title"))
      name=encodestr(Request.form("name"))
      pass=encodestr(Request.form("pass"))
      email=encodestr(Request.form("email"))
	  qq=encodestr(Request.form("qq"))
      url=encodestr(Request.form("url"))
      nei=replace(Request.form("nei"),"'","""")
      pic=encodestr(Request.form("pic"))
      bl=0
      
      if len(title)>40 then
         session("error")="留言标题不可以超过40个字符！！！"
		 response.redirect("error.asp")
      end if
      if len(name)>10 then
         session("error")="用户名不可以超过10个字符！！！"
		 response.redirect("error.asp")
      end if

 if pass<>"" then
    exec1="select * from blyh where name='"&name&"'"
    Set RS1 = Server.CreateObject("ADODB.RecordSet") 
    rs1.Open exec1, Conn, 1, 2
    if not rs1.eof then
       if pass=rs1("pass") then
          bl=1
       else
			session("error")="保留用户密码帐号不对应！！！"
			response.redirect "error.asp"
       end if
    else
		Set rs2 = Server.CreateObject("ADODB.Recordset")
		exec1="select top 1 * from blyh"
		rs2.Open exec1,conn,1,2
		rs2.addnew
		rs2("name")=name
		rs2("pass")=pass
		rs2("t1")=now
		rs2.update
		rs2.close
		set rs2=nothing
		exec1="update const set userNum=userNum+1"
		conn.execute(exec1)

       bl=1
    end if
	rs1.close
	set rs1=nothing
 end if


 Set rs = Server.CreateObject("ADODB.Recordset")
 exec1="select top 1 * from ly order by id desc"
 rs.Open exec1,conn,1,2
     rs.addnew
     rs("name")=name
     rs("title")=title
     rs("email")=email
	 rs("qq")=qq
     rs("url")=url
     rs("nei")=nei
     rs("t")=now
     rs("pic")=pic
     rs("bl")=bl
     rs("yd")=0
     rs("hf")=0
     rs("jh")=0
     rs("rt")=0
     rs.update
	 'rs.close
	 rs.requery
	 rs("reid")=rs("id")
	 rs("reTime")=rs("t")
	 rs.update
rs.close
set rs=nothing
exec1="update const set topicNum=topicNum+1"
conn.execute(exec1)
conn.close
set conn=nothing

response.cookies("gbook")("username")=name
response.cookies("gbook")("password")=pass
response.cookies("gbook")("email")=email
response.cookies("gbook")("qq")=qq
response.cookies("gbook")("url")=url

response.redirect "addok.asp"    
%>