d.asp

中国网站网贴吧程序源码（ASP+ACCESS） 实现功能： 多级分类查找,可按多级分类查找贴吧,多用户申请,任何人都可以申请自己的贴吧, 用户三种权限管理,1,普通会员,2,普通版主(只有管理自己的贴

<!--#include file="boardconn.asp"-->
<!--#include file="inc/sql.asp"-->
<!--#include file="inc/inc.asp"-->
<!--#include file="inc/ip.asp"-->
<!--#include file="inc/const.asp"-->
<!--#include file="inc/validitycheck.asp"-->
<% call validitycheck("managetopic",cint(request.querystring("T"))) %>
<%
server_v1=Cstr(Request.ServerVariables("HTTP_REFERER"))
server_v2=Cstr(Request.ServerVariables("SERVER_NAME"))
if mid(server_v1,8,len(server_v2))<>server_v2 then
response.write "<br><br><center><table border=1 cellpadding=20 bordercolor=black bgcolor=#EEEEEE width=450>"
response.write "<tr><td style=font:9pt Verdana>"
response.write "<center><font face=Georgia,Tahoma size=2><u>友情提示：服务器禁止非法操作...</u></font></center>"
response.write "</td></tr></table></center>"
response.end
end if
%>
<%
fqys=request.servervariables("query_string") 
dim nothis(17) 
nothis(0)="net user" 
nothis(1)="xp_cmdshell" 
nothis(2)="/add" 
nothis(3)="exec%20master.dbo.xp_cmdshell" 
nothis(4)="net localgroup administrators" 
nothis(5)="select" 
nothis(6)="count" 
nothis(7)="asc" 
nothis(8)="char" 
nothis(9)="mid" 
nothis(10)="'" 
nothis(11)=":" 
nothis(12)="""" 
nothis(13)="insert" 
nothis(14)="delete" 
nothis(15)="drop" 
nothis(16)="truncate" 
nothis(17)="from"
errc=false 
for i= 0 to ubound(nothis) 
if instr(FQYs,nothis(i))<>0 then 
errc=true 
end if 
next 
if errc then 
response.write "<br><br><center><table border=1 cellpadding=20 bordercolor=black bgcolor=#EEEEEE width=450>"
response.write "<tr><td style=font:9pt Verdana>"
response.write "<center><font face=Georgia,Tahoma size=2><u>友情提示：服务器禁止非法操作...</u></font></center>"
response.write "</td></tr></table></center>"
response.end 
end if 
%>
<HTML>
<HEAD>
<TITLE>帖子管理 - <%=HOST_NAME%> - <%=HOST_LIST%></TITLE>
<META http-equiv=Content-Type content="text/html; charset=GB2312">
<link rel="shortcut icon" href="images/bbs.ico">
<link href="style/style.css" rel="stylesheet" type="text/css">
</HEAD>
<BODY bgColor=#ffffff leftMargin=0 topMargin=0>
<!--#include file="top.asp"-->
<TABLE cellSpacing=0 cellPadding=0 width=100% align=center border=0>
  <TBODY>
  <TR>
    <TD width=1% height=20 bgColor=<%=HOST_TITLE%>></TD><TD width=99% height=20 bgColor=<%=HOST_TITLE%> class=INDEX_VMALL><a href="index.asp"><font color=<%=HOST_FONT%>>首页</font></a> <font color=<%=HOST_FONT%>>&gt;</FONT> <font color=<%=HOST_FONT%>><u>管理帖子</u></FONT></TD></TR></TBODY></TABLE>
<%
Dim Action,TopicID
Action=LCase(Request.QueryString("/"))
TopicID=CInt(Request.QueryString("T"))
If TopicID="" or not IsNumeric(TopicID) Then
	response.write "<br><br><center><table border=1 cellpadding=20 bordercolor=black bgcolor=#EEEEEE width=450>"
	response.write "<tr><td style=font:9pt Verdana>"
	response.write "<center><font face=Georgia,Tahoma size=2><u>友情提示：服务器禁止非法操作...</u></font></center>"
	response.write "</td></tr></table></center>"
	Response.End
End If
SelectValue = LCase(Request.QueryString("SelectValue"))
Sql="select UserName from QiQiBoy_Topic_Disp where TopicID="&cint(TopicID)
Set Rs=Conn.execute(Sql)
UserName=Rs(0)
Select Case Action
Case "d"
	Call DeleteTopic()
	Call Result(Action)
Case "c"
	Call CloseTopic()
	Call Result(Action)
Case "uc"
	Call unCloseTopic()
	Call Result(Action)
Case "t"
	Call TopTopic()
	Call Result(Action)
Case "ut"
	Call UnTopTopic()
	Call Result(Action)
Case "b"
	Call BestTopic()
	Call Result(Action)
Case "ub"
	Call UnBestTopic()
	Call Result(Action)
Case "n"
	Call NewsTopic()
	Call Result(Action)
Case "un"
	Call UnNewsTopic()
	Call Result(Action)
End select

'删除帖子
Sub DeleteTopic()
	Sql="Select ParentID from QiQiBoy_Topic_Disp where TopicID="&cint(TopicID)
	Set Rs=Conn.execute(Sql)
	If Rs(0)=0 then

		Sql="Update QiQiBoy_User_Disp set deletes=deletes+1 where UserName='"&UserName&"'"
		Conn.execute(Sql)
		Sql="Update QiQiBoy_User_Disp set Integral=Integral-3 where UserName='"&UserName&"'"
		Conn.execute(Sql)

		Sql="select RootID from QiQiBoy_Topic_Disp where TopicID="&cint(TopicID)
		Set Rs=Conn.execute(Sql)
		RootID=Rs(0)
		Sql="select count(RootID) from QiQiBoy_Topic_Disp where ParentID<>0 and RootID="&cint(RootID)
		Set Rs=Conn.execute(Sql)
		RootsID=Rs(0)

		Sql="Select BoardChild from QiQiBoy_Topic_Disp where TopicID="&cint(TopicID)
		Set Rs=Conn.execute(Sql)
		BoardChild=rs(0)
		Sql="Update QiQiBoy_Board_Disp set BoardTopics=BoardTopics-1 where BoardChild="&cint(BoardChild)
		Conn.execute(Sql)
		Sql="Update QiQiBoy_Board_Disp set BoardReplys=BoardReplys-'"&RootsID&"' where BoardChild="&cint(BoardChild)
		Conn.execute(Sql)

		Sql="Update QiQiBoy_Status_Disp set TotalTopics=TotalTopics-1 where StatusID=1"
		Conn.execute(Sql)
		Sql="Update QiQiBoy_Status_Disp set TotalReplys=TotalReplys-'"&RootsID&"' where StatusID=1"
		Conn.execute(Sql)

		Sql="Delete from QiQiBoy_Topic_Disp where TopicID="&cint(TopicID)
		Conn.execute(Sql)
		Sql="Delete from QiQiBoy_Topic_Disp where ParentID<>0 and RootID="&cint(RootID)
		Conn.execute(Sql)
	Else
		Sql="Select RootID from QiQiBoy_Topic_Disp where TopicID="&cint(TopicID)
		Set Rs=Conn.execute(Sql)
		RootID=rs(0)

		Sql="Select BoardChild from QiQiBoy_Topic_Disp where TopicID="&cint(TopicID)
		Set Rs=Conn.execute(Sql)
		BoardChild=rs(0)
		Sql="Update QiQiBoy_Board_Disp set BoardReplys=BoardReplys-1 where BoardChild="&cint(BoardChild)
		Conn.execute(Sql)
		Sql="Update QiQiBoy_Topic_Disp set Replys=Replys-1 where ParentID=0 and BoardChild="&BoardChild&" and RootID="&cint(RootID)
		Conn.execute(Sql)

		Sql="Update QiQiBoy_User_Disp set deletes=deletes+1 where UserName='"&UserName&"'"
		Conn.execute(Sql)
		Sql="Update QiQiBoy_User_Disp set Integral=Integral-1 where UserName='"&UserName&"'"
		Conn.execute(Sql)

		Sql="Update QiQiBoy_Status_Disp set TotalReplys=TotalReplys-1 where StatusID=1"
		Conn.execute(Sql)

		Sql="Delete from QiQiBoy_Topic_Disp where TopicID="&cint(TopicID)
		Conn.execute(Sql)
	End if
		Img=trim(Request("file"))
		path="member_topic_upload_file"
		filepath=Server.MapPath(path)
		Set FObject=Server.CreateObject("Scripting.FileSystemObject")
		if Fobject.FileExists(filepath&"\"&Img) then
		Set afile=FObject.GetFile(""&filepath&""&"/"&""&Img&"")
		afile.Delete
		end if
End Sub

'通告帖子
Sub NewsTopic()
	Sql="Update QiQiBoy_Topic_Disp set Status=2 where TopicID="&cint(TopicID)
	Conn.execute(Sql)
End Sub

'取消通告帖子
Sub UnNewsTopic()
	Sql="Update QiQiBoy_Topic_Disp Set Status=1 where TopicID="&cint(TopicID)
	Conn.execute(Sql)
End Sub

'精华帖子
Sub BestTopic()
	Sql="Update QiQiBoy_Topic_Disp set Status=5 where TopicID="&cint(TopicID)
	Conn.execute(Sql)
	Sql="Update QiQiBoy_User_Disp set Integral=Integral+5 where UserName='"&UserName&"'"
	Conn.execute(Sql)
	Sql="Update QiQiBoy_User_Disp set Elites=Elites+1 where UserName='"&UserName&"'"
	Conn.execute(Sql)
End Sub

'取消精华帖子
Sub UnBestTopic()
	Sql="Update QiQiBoy_Topic_Disp set Status=1 where TopicID="&cint(TopicID)
	Conn.execute(Sql)
	Sql="Update QiQiBoy_User_Disp set Integral=Integral-5 where UserName='"&UserName&"'"
	Conn.execute(Sql)
	Sql="Update QiQiBoy_User_Disp set Elites=Elites-1 where UserName='"&UserName&"'"
	Conn.execute(Sql)
End Sub

'固顶帖子
Sub TopTopic()
	Sql="Update QiQiBoy_Topic_Disp set Status=4 where TopicID="&cint(TopicID)
	Conn.execute(Sql)
End Sub

'取消固顶帖子
Sub UnTopTopic()
	Sql="Update QiQiBoy_Topic_Disp Set Status=1 where TopicID="&cint(TopicID)
	Conn.execute(Sql)
End Sub

'锁定帖子
Sub CloseTopic()
	Sql="Update QiQiBoy_Topic_Disp set Status=3 where TopicID="&cint(TopicID)
	Conn.execute(Sql)
End Sub

'取消锁定帖子
Sub UnCloseTopic()
	Sql="Update QiQiBoy_Topic_Disp Set Status=1 where TopicID="&cint(TopicID)
	Conn.execute(Sql)
End Sub

'管理结果显示
Sub Result(Stats)
%>
<script language="JavaScript" src="js/dot_js.asp"></script>
<script language="JavaScript" src="js/not_js.asp"></script>
<script language="JavaScript" src="js/topic_js.asp"></script>
				<%
				Select Case Stats
				Case "d"
					response.Write("<script>alert('友情提示!\n\n完成帖子删除操作!');history.back();</script>")
				Case "b"
					response.Write("<script>alert('友情提示!\n\n完成帖子精华操作!');history.back();</script>")
				Case "ub"
					response.Write("<script>alert('友情提示!\n\n完成撤销帖子精华操作!');history.back();</script>")
				Case "t"
					response.Write("<script>alert('友情提示!\n\n完成帖子置顶操作!');history.back();</script>")
				Case "ut"
					response.Write("<script>alert('友情提示!\n\n完成撤销帖子置顶操作!');history.back();</script>")
				Case "c"
					response.Write("<script>alert('友情提示!\n\n完成帖子锁定操作!');history.back();</script>")
				Case "uc"
					response.Write("<script>alert('友情提示!\n\n完成撤销帖子锁定操作!');history.back();</script>")
				Case "n"
					response.Write("<script>alert('友情提示!\n\n完成帖子通告操作!');history.back();</script>")
				Case "un"
					response.Write("<script>alert('友情提示!\n\n完成撤销帖子通告操作!');history.back();</script>")
				End Select
				%>

<%
End Sub
%>
<!--#include file="end.asp"-->