📄 forum.asp
字号:
<!--#INCLUDE file="../config.asp" -->
<html>
<head>
<!--#include file="../styles.css" -->
</head>
<body bgcolor="#FFFFFF" class="sft">
<br><br><br>
<%
set my_conn= Server.CreateObject("ADODB.Connection")
my_Conn.Open ConnString
strsql = "select SFAdmin_Name, SFAdmin_Password from SFAdmin"
set rs = my_conn.Execute (strSQL)
if (Session("SFAdmin_Name")=rs("SFAdmin_Name")) and (Session("SFAdmin_Password")=rs("SFAdmin_Password")) then
my_conn.Close
set my_Conn = nothing
set rs = nothing
%>
<%
Function ChkString(string)
if String = "" then string = " "
string = replace(string, "'", "''")
ChkString = string
End Function
%>
<%
Sub add_forum
set my_conn= Server.CreateObject("ADODB.Connection")
my_Conn.Open ConnString
strSql = "Select * from forum where forum_id = " & Request.Form("forum")
set rs = my_conn.Execute (strSql)
tmpName = rs("F_Name")
tmpDescription = rs("F_Description")
tmpCat = rs("F_Cat")
tmponly = rs("F_AdminOnly")
rs.close
%>
<form action="forum.asp?mode=doit" method="post">
<input type=hidden value="<%=Request.Form("forum") %>" name="id">
<table align="center" bgcolor="#333333" border="0" width=500 cellspacing="1" cellpadding="3" class="sft">
<tr><td bgcolor="#b4609d" colspan=2 class="sfh" align="center">修改论坛</td></tr>
<TR><TD bgcolor="#f7f7f7" width="100" align="right">论坛名称:</td>
<TD bgcolor="#f7f7f7" width="400"><input type="text" name="name" size="15" value="<%=server.HTMLEncode(tmpName)%>"></td></tr>
<TR><TD bgcolor="#f7f7f7" align="right">论坛描述:</td>
<TD bgcolor="#f7f7f7" ><input type="text" name="description" size=30 value="<%=server.HTMLEncode(tmpDescription)%>"></td></tr>
<TR><TD bgcolor="#f7f7f7" align="right">所属分类:</td>
<TD bgcolor="#f7f7f7"><select name="Category" size="1">
<%
StrSql = "SELECT * FROM category"
set rs = my_conn.execute (strSql)
On Error Resume Next
do until rs.eof
Response.Write "<option "
if rs("Cat_ID") = Cint(tmpCat) then Response.Write " Selected "
Response.Write "value='" & rs("Cat_id") & "'>" & server.HTMLEncode(rs("cat_name")) & "</option>" & vbcrlf
rs.movenext
loop
%>
</select></td></tr>
<TR><TD bgcolor="#f7f7f7" align="right">该版版主:</td>
<%
strsql = "SELECT Admin.Admin_Name from Admin where Admin.Forum_ID = " & Request.Form("forum")
set rsAdmin = my_conn.Execute (strsql)
if rsAdmin.eof or rsAdmin.bof then
mstr=""
else
do until rsAdmin.eof
mstr = mstr & rsAdmin("Admin_Name") & ","
rsAdmin.movenext
loop
end if
mstr = left(mstr, len(mstr)-1)
set rs = nothing
my_conn.close
set my_conn = nothing
strsel=""
if tmponly then strsel=" Checked"
%>
<TD bgcolor="#f7f7f7"><input type="text" name="Mstr" size="20" value="<%=mstr%>">(多个版主间用英文字符","分隔)</td></tr>
<TR><TD bgcolor="#f7f7f7" align="right">是否加密:</td>
<TD bgcolor="#f7f7f7"><INPUT type="checkbox" value="yes" name="adminonly" <%=strsel%>>加密该论坛(只有版主或管理员才能进入!)</td></tr>
<TR><TD bgcolor="#f7f7f7" align="right">是否删除:</td>
<TD bgcolor="#f7f7f7"><INPUT type="checkbox" value="yes" name="delete">删除该论坛(包括该版的所有帖子和回复!请慎重考虑后再做决定!)</td></tr>
<tr><td bgcolor="#f7f7f7" colspan=2 align=center><input type="submit" value="修改论坛"></td></tr></table></form>
<%
End Sub
Sub Update_Forum
set my_conn= Server.CreateObject("ADODB.Connection")
my_Conn.Open ConnString
if Request.Form("delete")="yes" then
strsql = "delete from forum where forum_id = " & Request.Form("id")
my_conn.Execute (strsql)
strsql = "delete from topics where forum_id = " & Request.Form("id")
my_conn.Execute (strsql)
strsql = "delete from reply where forum_id = " & Request.Form("id")
my_conn.Execute (strsql)
strsql = "delete from admin where forum_id = " & Request.Form("id")
my_conn.Execute (strsql)
else
adminonly = false
if Request.Form("adminonly")="yes" then adminonly=true
strSql = "UPDATE forum SET f_name = '" & chkString(Request.Form("name")) & "', "
strSql = StrSql & "f_Description = '" & chkString(Request.Form("description")) & "', "
strSql = StrSql & "f_cat = " & Request.Form("category") & ", "
strSql = StrSql & "f_adminonly = " & adminonly
strSql = StrSql & " WHERE forum_id = " & Request.Form("id")
my_conn.Execute (StrSql)
strsql = "DELETE from Admin where Forum_ID = " & Request.Form("id")
my_conn.Execute (strsql)
mstr = rtrim(Request.Form("Mstr"))
if len(mstr)<>0 then
if right(mstr,1)<>"," then mstr= mstr&","
m1=1
for i=1 to len(mstr)
if mid(mstr,i,1)="," then
m2=i
tempstr = mid(mstr,m1,m2-m1)
strsql = "SELECT * from Admin where Forum_ID = " & Request.Form("id") & " AND " & "Admin_Name = '" & tempstr &"'"
set rsAdmin = my_conn.Execute (strsql)
if rsAdmin.eof or rsAdmin.bof then
strsql = "INSERT INTO Admin (Forum_ID, Admin_Name) VALUES(" & Request.Form("id") & " ,'" & tempstr &"')"
my_conn.Execute (strsql)
end if
m1=m2+1
end if
next
end if
end if
my_conn.close
set my_conn = nothing
Response.Write "<p align=""center"">更新成功!</p>"
End Sub
%>
<%
Select Case Request.QueryString("mode")
case "doit" call Update_Forum
case "show" call add_forum
case Else Response.Write "错误:无效的程序调用!"
End Select
%>
<%
else
Response.Write "<P align=center>请正确输入管理员名称和密码!<br><br>"
Response.Write "<a href=""main.asp"">退回</a></p>"
end if%>
</body>
</html>⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -