saveannounce.asp

生活者姿态整站程序 生活者姿态整站程序 生活者姿态整站程序

<!--#include file="conn.asp"-->
<!-- #include file="inc/char.asp" -->
<!-- #include file="inc/const.asp" -->
<!-- #include file="chkuser.asp" -->
<!--#include file="inc/theme.asp"-->
<!--#include file="md5.asp"-->
<%
	rem ----------------------
	rem ------主程序开始------
	rem ----------------------
	dim announceid
	dim UserName
	dim userPassword
	dim useremail
	dim article
	dim Topic
	dim body
	dim dateTimeStr
	dim addAll
	dim newUser
	dim UserID
	dim ip
	dim Expression
	dim boardID
   	dim sql
   	dim rs
	dim signflag
	dim mailflag
	dim TIME_ADJUST
	dim boardstat

	rem ------获得asp文件参数------
	call getInput()
	
	rem -----检查user输入数据的合法性------	
	call chkData()	

	if FoundErr then
		call nav()
		call headline(2)
  	       	call Error()
	else
		call checkUser()
		call nav()
		call headline(2)
		if FoundErr then
  	       		call Error()
		else
			call saveAnnounce()
		end if	
	end if
	set rs=nothing
	call endline()
	
	

	rem ----------------------
	rem ------主程序结束------
	rem ----------------------
	rem 检测用户输入数据合法性
	sub checkUser()
	select case boardskin
	case 1

	case 2
		exit sub
	case 3
		if not(boardmaster or master) then
		Founderr=true
		Errmsg=Errmsg+"<br>"+"<li>评论论坛，坛主和版主允许发言，其他<a href=reg.asp><font color="&TableContentColor&">注册用户</font></a>只能回复"
		exit sub
		end if
	case 4
		if not(boardmaster or master) then
		Founderr=true
		Errmsg=Errmsg+"<br>"+"<li>精华区，只允许版主和坛主发言和操作"
		exit sub
		end if
	case 5
		if username="" then
			founderr=true
			Errmsg=Errmsg+"<br>"+"<li>本论坛为认证论坛，请<a href=login.asp>登陆</a>并确认您的用户名已经得到管理员的认证后进入。"
			exit sub
		else
			if chkboardlogin(boardid,username)=false then
			founderr=true
			Errmsg=Errmsg+"<br>"+"<li>本论坛为认证论坛，请确认您的用户名已经得到管理员的认证后进入。"
			exit sub
			end if
		end if
	case 6
		if username="" then
		Founderr=true
		Errmsg=Errmsg+"<br>"+"<li>正规论坛，只有<a href=login.asp><font color="&TableContentColor&">登陆用户</a>才能浏览论坛并发言"
		exit sub
		end if
	end select

	usercookies=request.Cookies("aspsky")("usercookies")
	if isnull(usercookies) or usercookies="" then usercookies=3

	if chkuserlogin(username,userpassword,usercookies,2)=false then
		errmsg=errmsg+"<br>"+"<li>您的用户名并不存在，或者您的密码错误，或者您的帐号已被管理员锁定。"
		founderr=true
		exit sub
	end if

	if lockboard=1 then
		if not master then
			Errmsg=ErrMsg+"<Br>"+"<li>您没有权限在本版面发布贴子！"
			FoundErr=true
		end if
	end if
	stats=boardtype & "发表帖子成功"
	end sub

	rem 保存贴子信息
	sub saveAnnounce()
        DateTimeStr=CSTR(NOW()+TIMEADJUST/24)
		Sql="insert into bbs1(Boardid,ParentID,Child,username,topic,body,DateAndTime,hits,length,rootid,layer,orders,ip,Expression,locktopic,signflag,emailflag,istop,isbest,isvote,times) values "&_
				"("&_
				boardid&",0,0,'"&_
				username&"','"&_
				topic&"','"&_
				body&"','"&_
				DateTimeStr&"',0,'"&_
				strlength(body)&"',0,1,0,'"&ip&"','"&_
				Expression&"',0,"&signflag&","&mailflag&",0,0,0,0)"
		'response.write sql
		conn.execute(sql)
		set rs=conn.execute("select top 1 announceid from bbs1 order by announceid desc")
        announceid=rs(0)
		sql="update bbs1 set rootid="&announceid&",times="&announceid&" where announceid="&announceid
		conn.execute(sql)
		if topic="" then
			Topic=cutStr(body,20)
		else
			Topic=cutStr(topic,20)
		end if
		sql="update board set lastpostuser='"&username&"',lastposttime='"&datetimestr&"',lastbbsnum=lastbbsnum+1,lasttopicnum=lasttopicnum+1,todaynum="&boardtoday(boardid)&",lastrootid="&announceid&",lasttopic='"&topic&"' where  boardid="&cstr(boardID)
		conn.execute(sql)
		conn.execute("update config set topicnum=topicnum+1,bbsnum=bbsnum+1,todayNum="&alltodays()&" where active=1")
  		if err.number<>0 then
	       	err.clear
			ErrMsg=ErrMsg+"<Br>"+"<li>数据库操作失败，请以后再试"&err.Description 
  	       	call Error()
		else
			call success()
    		end if
	set rs=nothing
	end sub

	'今日帖子
	function boardtoday(boardid)
    	tmprs=conn.execute("Select count(announceid) from bbs1 Where datediff('d',dateandtime,Now())=0 and boardid="&boardid)
    	boardtoday=tmprs(0)
	set tmprs=nothing 
	if isnull(boardtoday) then boardtoday=0
	end function 
	function alltodays()
    	tmprs=conn.execute("Select count(announceid) from bbs1 Where datediff('d',dateandtime,Now())=0")
    	alltodays=tmprs(0)
	set tmprs=nothing
	if isnull(alltodays) then alltodays=0
	end function

	'更新用户在线资料
	sub activeuser()
	dim rsactiveusers,activeuser
	dim membername,memberword,memberclass
	membername=request.cookies("aspsky")("username")
	memberword=request.cookies("aspsky")("password")
	memberclass=request.cookies("aspsky")("userclass")
	ComeFrom=address(Request.ServerVariables("REMOTE_HOST"))
	actCome=address(Request.ServerVariables("HTTP_X_FORWARDED_FOR"))
	statuserid=replace(Request.ServerVariables("REMOTE_HOST"),".","")
	set rsactiveusers=server.createobject("adodb.recordset")
	activeuser="select * from online where username='"&membername&"'"
	rsactiveusers.open activeuser,conn,1,3
	if rsactiveusers.eof and rsactiveusers.bof then
	activeuser="insert into online(id,username,userclass,ip,startime,lastimebk,lastime,browser,stats,ComeFrom,actCome) values "&_
				"("&statuserid&",'"&membername&"','"&memberclass&"','"&_
				Request.ServerVariables("REMOTE_HOST")&"',Now(),Now(),'"&DateToStr(now())&"','"&_
				Request.ServerVariables("HTTP_USER_AGENT")&"','"&_
				boardtype&"','"&ComeFrom&"','"&actCome&"')"
	conn.execute(activeuser)
	else
	activeuser="update online set lastimebk=Now(),lastime='"&DateToStr(now())&"',stats='"&boardtype&"' where username='"&membername&"'"
	conn.execute(activeuser)
	end if
	if session("userid")<>"" then
	activeuser="delete from online where id="&cstr(session("userid"))
	Conn.Execute activeuser
	end if
	rsactiveusers.close
	set rsactiveusers=nothing
	end sub

	rem ------获得asp文件参数------
	sub getInput()
	if request("boardid")="" then
		FoundErr=true
		Errmsg=Errmsg+"<br>"+"<li>请指定论坛版面。"
	elseif not isInteger(request("boardid")) then
		FoundErr=true
		Errmsg=Errmsg+"<br>"+"<li>非法的版面参数。"
	else
		boardID=request("boardID")
	end if
	IP=Request.ServerVariables("REMOTE_ADDR") 
	Expression=Checkstr(Request.Form("Expression")&".gif")
   	Topic=Checkstr(trim(request("subject")))
   	Body=Checkstr(trim(request.form("Content")))
   	UserName=Checkstr(trim(request("username")))
   	boardtype=Checkstr(trim(request("boardtype")))
	signflag=Checkstr(trim(request("signflag")))
	mailflag=Checkstr(trim(request("emailflag")))
   	UserPassWord=md5(Checkstr(trim(request("passwd"))))
	if signflag="yes" then
		signflag=1
	else
		signflag=0
	end if
	if mailflag="yes" then
		mailflag=1
	else
		mailflag=0
	end if
	end sub

	rem -----检查user输入数据的合法性------	
	function chkData()
	if boardmaster or master then
		guestlist=""
	else
		guestlist=" lockboard=0 and "
	end if

	if instr(Expression,"face")=0 then
	Randomize
	Do While Len(rndnum)<1
	num1=CStr(Chr((57-48)*rnd+48))
	rndnum=rndnum&num1
	loop
	Expression=facename & rndnum & ".gif"
	end if

	if cint(RelayPost)=1 then
	if not (isnull(session("lastpost")) or boardmaster or master) then
		if DateDiff("s",session("lastpost"),Now())<cint(RelayPostTime) then
   		ErrMsg=ErrMsg+"<Br>"+"<li>本论坛限制发贴距离时间为10秒，请稍后再发。"
   		FoundErr=True
		end if
	end if
	end if
	if chkpost=false then
   		ErrMsg=ErrMsg+"<Br>"+"<li>您提交的数据不合法，请不要从外部提交发言。"
   		FoundErr=True
	end if
	if UserName="" or UserPassWord="" then
		username=membername
		UserPassWord=memberword
	end if
	if UserName="" or strLength(UserName)>20 then
   		ErrMsg=ErrMsg+"<Br>"+"<li>请输入姓名(长度不能大于20)"
   		FoundErr=True
	end if
	if Topic="" then
   		FoundErr=True
   		if Len(ErrMsg)=0 then
      			ErrMsg=ErrMsg+"<Br>"+"<li>主题不应为空。"
   		else
      			ErrMsg=ErrMsg+"<Br>"+"<li>主题不应为空。"
   		end if
	elseif strLength(topic)>100 then
   		FoundErr=True
   		if strLength(ErrMsg)=0 then
      			ErrMsg=ErrMsg+"<Br>"+"<li>主题长度不能超过100"
   		else
      			ErrMsg=ErrMsg+"<Br>"+"<li>主题长度不能超过100"
   		end if
			end if
	if strLength(body)>AnnounceMaxBytes then
   		ErrMsg=ErrMsg+"<Br>"+"<li>发言内容不得大于" & CSTR(AnnounceMaxBytes) & "bytes"
   		FoundErr=true
	end if
    if body="" then
	ErrMsg=ErrMsg+"<Br>"+"<li>没有填写内容。"
   		FoundErr=true
      	end if
	session("lastpost")=Now()
	if err.number<>0 then err.clear
	end function

	sub success()
	response.write "<meta http-equiv=refresh content=""4;URL=dispbbs.asp?boardid="&boardid&"&rootid="&announceid&"&id="&announceid&"&star="&request("star")&""">"

	response.write "<br><table cellpadding=0 cellspacing=0 border=0 width="&tablewidth&" bgcolor="&tablebackcolor&" align=center>"&_
		"<tr><td><table cellpadding=3 cellspacing=1 border=0 width=""100%"">"&_
		"<tr align=center><td width=""100%"" bgcolor="&tabletitlecolor&"><b><FONT COLOR="&TableFontcolor&">状态：您发表帖子成功</font></b></td>"&_
		"</tr><tr><td width=""100%"" bgcolor="&tablebodycolor&">"&_
		"<FONT COLOR="&TableContentcolor&">本页面将在3秒后自动返回您所发表的帖子页面，<b>您可以选择以下操作：</b><br><ul>"&_
		"<li><a href=""index.asp""><font color="""&TableContentcolor&""">返回首页</font></a></li>"&_
		"<li><a href=""list.asp?boardid="&boardid&"""><font color="""&TableContentcolor&""">"&boardtype&"</font></a></li>"&_
		"<li><a href=""dispbbs.asp?boardid="&boardid&"&rootid="&announceid&"&id="&announceid&"&star="&request("star")&"""><font color="""&TableContentcolor&""">发表的帖子</font></a></li>"&_
		"</ul></td></tr></table></td></tr></table>"
	end sub

	Function Checkstr(str)
	str=replace(str,"'","''")
	Checkstr=str
	End Function
%>
<!--#include file="footer.asp"-->