viewsave.asp

本程序采用花香内核

<!--#include file="mdb.asp"-->
<!--#include file="inc/viewsavebody.asp"-->
<!--#include file="inc/config.asp"-->
<%
server_v1=Cstr(Request.ServerVariables("HTTP_REFERER"))
server_v2=Cstr(Request.ServerVariables("SERVER_NAME"))
if mid(server_v1,8,len(server_v2))<>server_v2 then
Response.Write("<script language=javascript>alert('你提交的路径有误，禁止从站点外部提交数据请不要乱该参数！');this.location.href='http://26q.net/';</script>") 
response.end
end if
hx_Inf = split(hx_In,"|")
If Request.Form<>"" Then
	For Each hx_Post In Request.Form
		For hx_Xh=0 To Ubound(hx_Inf)
			If Instr(LCase(Request.Form(hx_Post)),hx_Inf(hx_Xh))<>0 Then
				Response.Write "<Script Language=JavaScript>alert('对不起，你发表的内容中包含系统禁止字符！');javascript :history.back();</Script>"
				Response.End
			End If
		Next
	Next
End If
if request.QueryString("action")="" then
Response.Write("<script language=javascript>alert('请指定操作的对象！');history.back(1);</script>")
end if
if request.form("reviewname")="" then
   response.write"<script language=javascript>alert('请填写您的大名!');javascript:history.back();</script>"
   response.end
end if
if len(request.form("reviewname"))>14 then  
   response.write"<script language=javascript>alert('您的大名好长啊，系统限制不能超过14个字字!');javascript:history.back();</script>"
   response.end
end if
if request.form("review")="" then
   response.write"<script language=javascript>alert('评论内容不能为空!');javascript:history.back();</script>"
   response.end
end if
if len(request.form("review"))>255 then  
   response.write"<script language=javascript>alert('评论内容不能超过255个字!');javascript:history.back();</script>"
   response.end
end if
if IsValidEmail(trim(request("reviewemail")))=false then
   response.write"<script language=javascript>alert('信箱地址输入错误!');javascript:history.back();</script>"
   response.end
end if
if len(request.form("reviewemail"))>40 then  
   response.write"<script language=javascript>alert('信箱地址不能超过40个字!');javascript:history.back();</script>"
   response.end
end if
dim reviewname,reviewemail,review,face,reviewurl,IP
reviewname=changechr(Trim(request.form("reviewname")))
reviewemail=changechr(Trim(request.form("reviewemail")))
review=changechr(Trim(request.form("review")))
review=replace(review," ","&nbsp;")
review=replace(review,chr(13),"<br>")
face=Request.Form("face") 
IP=Request("REMOTE_ADDR")
if request.QueryString("action")="news" then
call news()
end if
if request.QueryString("action")="art" then
call art()
end if
if request.QueryString("action")="js" then
call js()
end if
if request.QueryString("action")="down" then
call soft()
end if
if request.QueryString("action")="dj" then
call dj()
end if
if request.QueryString("action")="pic" then
call pic()
end if
if request.QueryString("action")="vid" then
call vid()
end if
function changechr(str) 
    changechr=replace(replace(replace(replace(str,"<","&lt;"),">","&gt;"),"'","`"),"|","")
end function
function IsValidEmail(email)
dim names, name, i, c
IsValidEmail = true
names = Split(email, "@")
if UBound(names) <> 1 then
   IsValidEmail = false
   exit function
end if
for each name in names
   if Len(name) <= 0 then
     IsValidEmail = false
     exit function
   end if
   for i = 1 to Len(name)
     c = Lcase(Mid(name, i, 1))
     if InStr("abcdefghijklmnopqrstuvwxyz_-.", c) <= 0 and not IsNumeric(c) then
       IsValidEmail = false
       exit function
     end if
   next
   if Left(name, 1) = "." or Right(name, 1) = "." then
      IsValidEmail = false
      exit function
   end if
next
if InStr(names(1), ".") <= 0 then
   IsValidEmail = false
   exit function
end if
i = Len(names(1)) - InStrRev(names(1), ".")
if i <> 2 and i <> 3 then
   IsValidEmail = false
   exit function
end if
if InStr(email, "..") > 0 then
   IsValidEmail = false
end if

end function
%>