📄 rpost_do.asp
字号:
<!--#include file="conn.asp"-->
<!--#include file="connip.asp"-->
<!--#include file=const.asp -->
<!--#include file=md5.asp -->
<%
dim title,name,pass,email,qq,url,pic,nei,t,rt,yd,hf,jh,bl,male,face,icq,msn
dim rtid, rs, exec, rs2, rs1, reID, reTime,isPrivate, foundErr
title=encodestr(Request.form("title"))
name=encodestr(Request.form("name"))
pass=encodestr(Request.form("pass"))
email=encodestr(Request.form("email"))
qq=encodestr(Request.form("qq"))
icq=encodestr(Request.form("icq"))
msn=encodestr(Request.form("msn"))
url=encodestr(Request.form("url"))
male=encodestr(Request.form("male"))
face=encodestr(Request.form("face"))
nei=replace(Request.form("nei"),"'","""")
pic=encodestr(Request.form("pic"))
rtid=encodestr(Request.form("rtid"))
isPrivate=encodestr(Request.form("isPrivate"))
bl=0
if isDate(request.cookies("gbook")("lastpost")) then
if dateDiff("s",Cdate(request.cookies("gbook")("lastPost")),now)<=postLimit then
session("error")="请不要灌水!!<br>"
foundErr=true
end if
end if
if len(title)<3 then
session("error")="请认真填写留言标题!!<br>"
foundErr=true
end if
if len(name)=0 and not theUser.reged then
session("error")=session("error") & "请填写用户名!!<br>"
foundErr=true
end if
if len(nei)<2 then
session("error")=session("error") & "请认真填写留言内容!!<br>"
foundErr=true
end if
if len(nei)>maxLength then
session("error")=session("error") & "留言内容最多"& maxLength &"个字符,请减少你的留言内容!!<br>"
foundErr=true
end if
if len(title)>40 then
session("error")=session("error") & "留言标题不可以超过40个字符!!<br>"
foundErr=true
end if
if len(name)>10 then
session("error")=session("error") & "用户名不可以超过10个字符!!<br>"
foundErr=true
end if
if foundErr then
response.redirect("error.asp")
end if
if theUser.reged then
name=theUser.name
qq=theUser.qq
icq=theUser.icq
msn=theUser.msn
email=theUser.email
url=theUser.url
if theUser.male then
male="1"
else
male="0"
end if
face=theUser.face
bl=1
elseif pass<>"" then
pass=MD5(pass)
exec="select * from [user] where username='"&name&"'"
Set RS = Server.CreateObject("ADODB.RecordSet")
rs.Open exec, Conn, 1, 1
if not rs.eof then
if pass=rs("userpassword") then
qq=rs("oicq")
icq=rs("icq")
msn=rs("msn")
email=rs("useremail")
url=rs("homepage")
male=rs("sex")
face=rs("GBface")
rsclose()
bl=1
else
rsclose()
connclose()
session("error")="保留用户密码帐号不对应!!!"
response.redirect "error.asp"
end if
else
rsclose()
if email<>"" and not validEmail(email) then
connclose()
session("error")="请输入正确的email地址!!!"
response.redirect "error.asp"
end if
if isLikeMasterName(name) then
connclose()
session("error")="请不要使用与版主名相似的用户名!!!"
response.redirect "error.asp"
end if
Set rs = Server.CreateObject("ADODB.Recordset")
exec="select * from [user] where userid=0"
rs.Open exec,conn,1,2
rs.addnew
rs("username")=name
rs("userpassword")=pass
if email<>"" then
rs("useremail")=email
end if
if qq<>"" then
rs("oicq")=qq
end if
if icq<>"" then
rs("icq")=icq
end if
if msn<>"" then
rs("msn")=msn
end if
if url<>"" then
rs("homepage")=url
end if
rs("sex")=male
rs("GBface")=face
rs("GBpostNum")=0
rs("GBprivateNum")=0
rs("AddDate")=dateAdd("h",timeDiff,now)
rs.update
rsclose()
exec="update GBconst set userNum=userNum+1"
conn.execute(exec)
bl=1
end if
else
'未注册,未填密码
if mustReg then
connclose()
session("error")="只有注册用户可以发言,请注册!"
response.redirect "error.asp"
end if
if email<>"" and not validEmail(email) then
connclose()
session("error")="请输入正确的email地址!!!"
response.redirect "error.asp"
end if
if isLikeMasterName(name) then
connclose()
session("error")="请不要使用与版主名相似的用户名!!!"
response.redirect "error.asp"
end if
exec="select top 1 userid from [user] where username='"& name &"'"
set rs=conn.execute(exec)
if not rs.eof then
connclose()
session("error")="您使用的用户名受到保护,请更换!"
response.redirect("error.asp")
end if
rs.close
set rs=nothing
if request.cookies("gbookGuestName")<>"" then
if name<>request.cookies("gbookGuestName") then
connclose()
session("error")="请不要使用多个用户名留言"
response.redirect "error.asp"
end if
else
if cookiePath<>"" then
response.cookies("gbookGuestName").Path=cookiePath
end if
response.cookies("gbookGuestName")=name
end if
end if
'父帖是不是根帖
exec="select rt from ly where id="& rtid
set rs=conn.execute(exec)
if rs.eof then
connclose()
session("error")="您要回复的留言已不存在!"
response.redirect("error.asp")
else
if rs(0)>0 then
rtid=rs(0)
end if
end if
Set rs = Server.CreateObject("ADODB.Recordset")
exec="select * from ly where id=0"
rs.Open exec,conn,1,2
rs.addnew
rs("name")=name
rs("title")=title
if email<>"" then
rs("email")=email
end if
if qq<>"" then
rs("qq")=qq
end if
if icq<>"" then
rs("icq")=icq
end if
if msn<>"" then
rs("msn")=msn
end if
if url<>"" then
rs("url")=url
end if
rs("male")=male
rs("face")=face
rs("nei")=nei
rs("t")=dateAdd("h",timeDiff,now)
rs("retime")=dateAdd("h",timeDiff,now)
rs("pic")=pic
rs("bl")=bl
rs("yd")=0
rs("hf")=0
rs("jh")=0
rs("rt")=rtid
rs("ip")=request.servervariables("remote_addr")
rs("comefrom")=getFrom(request.servervariables("remote_addr"))
if isPrivate="1" then
rs("isPrivate")=1
end if
rs.update
rs.close
exec="select max(id) from ly"
rs.open exec,conn,1,1
reID=rs(0)
rs.close
exec="select top 1 * from ly where id="& Cstr(rtid)
rs.open exec,conn,1,3
if not (rs.eof and rs.bof) then
rs("hf")=rs("hf")+1
rs("reid")=reid
rs("reTime")=dateAdd("h",timeDiff,now)
rs.update
end if
rsclose()
if bl=1 then
exec="update [user] set GBpostNum=GBpostNum+1 where username='"& name &"'"
conn.execute(exec)
end if
connclose()
if cookiePath<>"" then
response.cookies("gbook").Path=cookiePath
end if
response.cookies("gbook")("lastPost")=now
if not theUser.reged then
response.cookies("gbook")("username")=vbescape(name)
response.cookies("gbook")("password")=pass
end if
session("url")="show.asp?id="&rtid
response.redirect "addok.asp"
%>⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -