book.asp

本程序采用花香内核

<!--#include file="mdb.asp"-->
<!--#include file="inc/inc.asp"-->
<!--#include file="inc/config.asp"-->
<%
start="留言本"
userid=request.Cookies("HX_USER")("uid")
sql="select * from [User] where userid=" & userid &""
set rs=server.createobject("adodb.recordset")
rs.open sql,conn,1,1
hx_Inf = split(hx_In,"|")
If Request.Form<>"" Then
	For Each hx_Post In Request.Form
		For hx_Xh=0 To Ubound(hx_Inf)
			If Instr(LCase(Request.Form(hx_Post)),hx_Inf(hx_Xh))<>0 Then
				Response.Write "<Script Language=JavaScript>alert('对不起，你发表的内容中包含系统禁止字符！');javascript :history.back();</Script>"
				Response.End
			End If
		Next
	Next
End If
dim founderr
founderr=false
if request("page")<>"" then
  if not isInteger(request("page")) then
    founderr=true
    Response.Write "<script language=javascript>alert('参数非法。');javascript:history.back();</script>"
  end if
end if
if request("keyword")<>"" then
  if instr(request("keyword"),"'")>0 then
    founderr=true
    Response.Write "<script language=javascript>alert('搜索参数非法');javascript:history.back();</script>"
  end if
end if
page = Request("page")
action = Request.QueryString("action")
action_e = Request.Form("action_e")
call head
call menu
Response.Write "<table width=760 border=0 align=center cellpadding=0 cellspacing=0 bgcolor=#FFFFFF class=""table-hx66s""><TBODY><TR><TD height=""23"" align=""right"">"
call Main_Menu()
Response.Write "&nbsp;</TD></TR></TBODY></TABLE>" & vbCrLf
Response.Write "<table width=760 border=0 align=center cellpadding=0 cellspacing=0 bgcolor=#FFFFFF class=""table-hx66s"">" & vbCrLf
Response.Write "  <TBODY>" & vbCrLf
Response.Write "  <TR vAlign=top align=left>" & vbCrLf
Response.Write "    <TD width=188>" & vbCrLf
Response.Write "<table width=""100%""  border=""0"" align=""center"" cellspacing=""0"" cellpadding=""0""  class=""table-shangxia""><tr><td height=""23""  class=""a1"">　留 言 说 明</td></tr></table>" & vbCrLf
Response.Write "<div style=""LINE-HEIGHT: 180%"" class=""table-right"">" & vbCrLf
Response.Write "&nbsp;<font color=#FF0000>·</font>这里只做站务留言，程序讨论请到<a href='http://hx66.net/home/bbs' target='_blank'>社区论坛</a>发表" & vbCrLf
Response.Write "<br>&nbsp;<font color=#FF0000>·</font>尊重网上道德，遵守中华人民共和国的各项有关法律法规" & vbCrLf
Response.Write "<br>&nbsp;<font color=#FF0000>·</font>承担一切因您的行为而直接或间接导致的民事或刑事法律责任" & vbCrLf
Response.Write "<br>&nbsp;<font color=#FF0000>·</font>本站管理人员有权保留或删除其管辖留言中的任意内容" & vbCrLf
Response.Write "<br>&nbsp;<font color=#FF0000>·</font>本站有权在网站内转载或引用您的留言" & vbCrLf
Response.Write "<br>&nbsp;<font color=#FF0000>·</font>参与本留言即表明您已经阅读并接受上述条款" & vbCrLf	
Response.Write "</div>" & vbCrLf
Response.Write "<table width=""100%""  border=""0"" align=""center"" cellspacing=""0"" cellpadding=""0""  class=""table-shangxia""><tr><td height=""23""  class=""a1"">　留 言 查 找</td></tr></table>" & vbCrLf
Response.Write "<div align=center class=""table-right""><form name=""form2"" method=""post"" action=""book.asp""><input type=""radio"" name=""select"" value=""name"" checked>作者&nbsp;<input type=""radio"" name=""select"" value=""words"">内容&nbsp;<input type=""radio"" name=""select"" value=""reply"">回复<br><input type='text' name='keyword'  size='16' value='搜索关键字' maxlength='50' onfocus=""this.value=''"" class=""input"">&nbsp;<input type='submit' name='search'  value='搜索' onmouseover=""this.className='boton'"" onmouseout=""this.className='botoff'"">" & vbCrLf
Response.Write "</div></form>" & vbCrLf
Response.Write "</TD>" & vbCrLf
Response.Write "<TD>" & vbCrLf
%>
<table width="100%"  border="0" align="center" cellspacing="0" cellpadding="0"  class="table-shangxia"><tr><td height="23" class="a1">　<%if request("keyword")<>"" then%>搜索结果<%else%>留言本<%end if%></td></tr></table>
<%
Response.Write "<table width=""99%"" border=""0"" cellspacing=""0"" cellpadding=""3"" bgcolor=""#FFFFFF"" style=""border-collapse: collapse"" class=""table-left"" align=""right"">"
Select Case action_e
	Case ""
	Case "Add_New"
if int(request("VerifyCode"))<>int(Session("GetCode")) then
 Response.Write("<script language=javascript>alert('请输入正确的认证码！');window.document.location.href='book.asp?action=Add_New';</script>") 
Response.End 
end if 
Call Add_New_Execute()
	Case "Edit"
if session("adminlogin")<>sessionvar then
Response.write "<script language = 'javascript'>alert('您还未登陆管理,无法进行编辑留言!');window.document.location.href='book.asp';</script>"
else
		Call Edit_Execute()
end if

End Select

Select Case action		
	Case ""		
		Call View_Words()		
	Case "Add_New"
		Call Add_New()
	Case "Edit"
		Call Edit()
	Case "View_Words"	
		Call View_Words()	
	Case "Delete"
if session("adminlogin")<>sessionvar then
Response.write "<script language = 'javascript'>alert('您还未登陆管理,无法删除留言!');window.document.location.href='book.asp';</script>"
else
		Call Delete()
		Call View_Words()
end if				
End Select
Call footer()
Sub Main_Menu()
Response.Write "<a href='?action=Add_New'>·添加留言</a>&nbsp;<a href='?action=View_Words'>·查看留言</a>&nbsp;"
End Sub 
Sub View_Words() 
		Set Rs = Server.CreateObject("ADODB.RecordSet")
		Sql="Select * From words Order By date Desc"
                if request("keyword")<>"" then
                sql="select * from words where "&request("select")&" like '%"&request("keyword")&"%'order by date DESC"
                 end if
		Rs.Open Sql,Conn,1,1
		TotalRecord=Rs.RecordCount
if not rs.eof then
		Rs.PageSize = 8
		PageSize = Rs.PageSize
		PageCount=Rs.PageCount
                if page="" Then  
			Page = 1
		Else
			Rs.AbsolutePage = page
		End If
i=0
    do while i < PageSize And not rs.eof 
NO=TotalRecord-i-(PageSize*Page)+PageSize
%><tr bgcolor="#ffffff"><td colspan="2" class=table-xia></td></tr><tr bgcolor="#ffffff"><td rowspan=2 width=90 valign=top class=table-right><center><a href="book.asp?select=name&keyword=<%=Rs("name")%>" title='查找[<%=Rs("name")%>]发表的所有留言'><font color=#ff6600><b><%=Rs("name")%></b></font></a><br>
<%If Rs("uc")<>"" Then%><img align=absBottom border=0 height=75 src="<%=Rs("uc")%>" width=75><%elseif Rs("sex")="1" then%><img src=img/face/09.gif><%elseif Rs("sex")="2" then%><img src=img/face/01.gif><%End If%></center></td>
<td height=20 class=table-xia><table border=0 cellpadding=0 cellspacing=0 width="100%"><tbody><tr><td valign=bottom width="80%"><%=NO%>楼·<b><%=Rs("zt")%></b> <%=Rs("date")%></td><td align=right width="20%"><%If Rs("city")<>"" Then%><img align=absBottom title="<%=Rs("name")%>来自<%=Rs("city")%>" border=0 height=11 src="img/city.gif" width=11>&nbsp;<%End If%><%If Rs("email")<>"" Then%><a href="mailto:<%=Rs("email")%>"><img align=absBottom border=0 height=11 src="img/mail.gif" width=11 title="给<%=Rs("name")%>写信"></a>&nbsp;<%End If%><%If Rs("qq")<>"" Then%><img align=absBottom title="<%=Rs("name")%>的QQ号码是<%=Rs("qq")%>" border=0 height=11 src="img/qq.gif" width=11>&nbsp;<%End If%><%If Rs("web")<>"" Then%><a href="<%=Rs("web")%>" target="_blank"><img align=absBottom border=0 height=11 src="img/web.gif" width=11 title="去<%=Rs("name")%>的主页看看"></a>&nbsp;<%End If%><img align=absBottom title="<%=Rs("name")%>的IP地址为<%=Rs("ip")%>" height=11 src="img/ip.gif" width=11>&nbsp;<% If session("adminlogin")=sessionvar Then %><a href="book.asp?action=Delete&id=<%=Rs("id")%>"><img align=absBottom border=0 title="【删除】" height=11 src="img/Delete.gif" width=11></a>&nbsp;<a href="book.asp?action=Edit&id=<%=Rs("id")%>"><img align=absBottom border=0 title="【编辑回复】" height=11 src="img/edit.gif" width=11></a>&nbsp;<%End if%></td></tr></tbody></table></td></tr><tr><td bgcolor="#ffffff" height=80><table border=0 cellpadding=0 cellspacing=2 width=100% height=100% style='table-layout:fixed; word-break:break-all; line-height:150%'><tbody><tr><td><img src="img/dot6.gif" width="16" height="15"><%If Rs("admin")="0" Then%>[<%if Rs("title")="1" then%><font color=#0000FF>留言</font><%elseif Rs("title")="2" then%><font color=#FF00FF>建议</font><%elseif Rs("title")="3" then%><font color=#FF7F50>报错</font><%elseif Rs("title")="4" then%><font color=#228B22>连接</font><%elseif Rs("title")="5" then%><font color=#1E90FF>其它</font><%End If%>]<%=Ubb(unHtml(Rs("words")))%><%elseif session("adminlogin")=sessionvar Then %><center><font color=#1E90FF>─────≡ 以下为管理员可见内容 ≡─────</font></center>[<%if Rs("title")="1" then%><font color=#0000FF>留言</font><%elseif Rs("title")="2" then%><font color=#FF00FF>建议</font><%elseif Rs("title")="3" then%><font color=#FF7F50>报错</font><%elseif Rs("title")="4" then%><font color=#228B22>连接</font><%elseif Rs("title")="5" then%><font color=#1E90FF>其它</font><%End If%>]<%=Ubb(unHtml(Rs("words")))%><%else%><center><font color=#1E90FF>─────≡ 秘密留言！管理员可见 ≡─────</font></center><%End If%></td></tr><tr><td align=right valign=top height="20"><img src="img/pen.gif"></td></tr><%If Rs("reply")<>"" Then%><tr><td valign="bottom"><img src="img/dot5.gif" width="16" height="15"><font color=red>版主回复：</font><font color=green><%=Ubb(unHtml(Rs("reply")))%></font>(<%=year(rs("redate"))%>-<%=month(rs("redate"))%>-<%=day(rs("redate"))%>)</td></tr><%End If%></table></td></tr><%
		 
		rs.movenext 
		i=i+1
    	loop
else
if rs.eof and rs.bof then
%>
<tr><td align=middle height="80" colSpan=2><%if request("keyword")<>"" then%>没有找到包含[<b><font color=red><%=request("keyword")%></font></b>]的留言！<%else%>没有任何留言，欢迎您成为本站第一个留言者！<%end if%></td></tr>
<%Response.Write "<tr align=""center""><td bgcolor=""#F0f0f0"" height=""1"" colspan=""2""></td></tr></TABLE></td></tr></TABLE>"
end if
end if
		Rs.Close
		Set Rs = Nothing
dim n
n= TotalRecord \ PageSize
'Response.Write "<tr bgcolor=""#ffffff""><td colspan=""2"" height=""10""></td></tr>" & vbCrLf
Response.Write "<TR bgColor=#FFFFFF><TD colspan=""2"">" & vbCrLf
Response.Write "<TABLE width=""100%"" align=center border=0 class=table-shangxia1>" & vbCrLf
Response.Write "<TBODY>" & vbCrLf
Response.Write "<TR>" & vbCrLf
Response.Write "<TD align=middle width=""35%"" height=25><IMG height=14 src=""img/so.gif"" width=14 align=absMiddle> 共[<font color=""#FF6666"">"&TotalRecord&"</font>]个留言　分" & vbCrLf
Response.Write "" & vbCrLf
Response.Write "[<font color=""#FF6666"">"&n+1&"</font>]页</TD>" & vbCrLf
Response.Write "<TD width=""40%"" align=middle><IMG height=11 src=""img/lt.gif"" width=11 align=absMiddle>"
if Page<2 then
response.write "<font color='999966'>首页 上一页</font> "
else
response.write "<a href=book.asp?select="&request("select")&"&keyword="&request("keyword")&">首页</a> "
response.write "<a href=book.asp?select="&request("select")&"&keyword="&request("keyword")&"&page="&Page-1&">上一页</a> "
end if
if n-page<0 then
response.write "<font color='999966'>下一页 尾页</font>"
else
response.write "<a href=book.asp?select="&request("select")&"&keyword="&request("keyword")&"&page="&(Page+1)
response.write ">下一页</a> <a href=book.asp?select="&request("select")&"&keyword="&request("keyword")&"&page="&n+1&">尾页</a>"
end if
Response.Write "<IMG height=11 src=""img/rt.gif"" width=11 align=absMiddle></TD>" & vbCrLf
Response.Write "<form name=""form1"" method=""post"" action=""book.asp?select="&request("select")&"&keyword="&request("keyword")&"""><TD align=middle width=""25%"">" & vbCrLf
Response.Write "<select name=""page"" class=""lanyu"">"
For p = 1 To PageCount
if request("page")=cstr(p) then
%>
<option value=<%=p%> selected>第<%=p%>页</option> 
<%else%>
<option value=<%=p%>>第<%=p%>页</option> 
<%end if
Next
Response.Write "</select><input type=""submit"" name=""Submit2"" value=""转向"" onmouseover=""this.className='boton'"" onmouseout=""this.className='botoff'"" class=""botoff""></TD></FORM>" & vbCrLf
Response.Write "</TR>" & vbCrLf
Response.Write "</TABLE>" & vbCrLf
Response.Write "<tr align=""center""><td height=""10"" colspan=""2""></td></tr>" & vbCrLf
Response.Write "</td></tr></table></td></tr></table>"
End Sub
Sub Add_New()
Response.Write "<form name=""form"" method=""post"" action=""book.asp"" onsubmit=""return checkBook();"">" & vbCrLf
if request.Cookies("HX_USER")("User_Name")<>"" then 
Response.Write "<tr>" & vbCrLf
Response.Write "<td width=""80"" class=table-xia>&nbsp;您的姓名：</td>" & vbCrLf
Response.Write "<td width=""300"" class=table-xia><input type=""hidden"" name=""name"" size=""20"" autocomplete=""off"" value="&rs("UserName")&">"&rs("UserName")&"&nbsp;&nbsp;" & vbCrLf
if rs("sex")="男" then
Response.Write "<input type=""hidden"" name=""SEX"" value=""1"" checked>『帅哥』</td>" & vbCrLf
elseif rs("sex")="女" then
Response.Write "<input type=""hidden"" name=""SEX"" value=""2"" checked>『美女』</td>" & vbCrLf
end if
Response.Write "</tr>" & vbCrLf
Response.Write "<tr>" & vbCrLf
Response.Write "<td class=table-xia>&nbsp;电子邮箱：</td>" & vbCrLf
Response.Write "<td class=table-xia><input type=""hidden"" name=""email"" size=""20"" value="&rs("Email")&">"&rs("Email")&"</td>" & vbCrLf
Response.Write "</tr>" & vbCrLf