index.asp

比以前的版本修改了以下功能： 1、删除了大量的垃圾代码。 2、修改了界面

<!--#include file="Md5.asp"-->
<%
On Error Resume Next
filename=Request.ServerVariables("URL")
dbpath="#Date.mdb"'数据库连接地址
Set conn=Server.CreateObject("adodb.connection")
db="provider = Microsoft.Jet.OLEDB.4.0;Data Source ="&server.mappath(dbpath)
conn.open db

function HTMLEncode(fString)
If not isnull(fString) then
    fString = replace(fString, ">", "&gt;")
    fString = replace(fString, "<", "&lt;")
    fString = Replace(fString, CHR(32), "&nbsp;")
    fString = Replace(fString, CHR(9), "&nbsp;")
    fString = Replace(fString, CHR(34), "&quot;")
    fString = Replace(fString, CHR(39), "&#39;")
    fString = Replace(fString, CHR(13), "")
    fString = Replace(fString, CHR(10) & CHR(10), "</p><p> ")
    fString = Replace(fString, CHR(10), "<br> ")
    HTMLEncode = fString
End If
End function

function UHTMLEncode(fString)
If not isnull(fString) then
	fString = Replace(fString, "&nbsp;", CHR(32))
	fString = Replace(fString, "&nbsp;", CHR(9))
	fString = Replace(fString, "&quot;", CHR(34))
	fString = Replace(fString, "&#39;", CHR(39))
	fString = Replace(fString, "", CHR(13))
	fString = Replace(fString, "</p><p> ", CHR(10) & CHR(10))
	fString = Replace(fString, "<br> ", CHR(10))
	HTMLEncode2 = fString
End If
End function

function checkadmin()
	If session("Admin")="" then
		Response.redirect filename&"?action=login"
		Response.End
	End If
End function

action=Request.Querystring("action")
id=Request.Querystring("id")
If id<>"" and not isnumeric(id) then
	Response.Write "<script>alert('非法的ID！');this.location.href='Index.asp';</SCRIPT>"
	Response.End
End If
%>
<html>
<head>
<title>乌蒙design-->>个人留言本V5.0</title>
<style type="text/css">
body,td,th {
	font-size: 12px;
	color: #2E2E2E;
	line-height: 20px;
}
a:link {
	color: #2E2E2E;
	text-decoration: none;
}
a:visited {
	text-decoration: none;
	color: #2E2E2E;
}
a:hover {
	text-decoration: none;
	color: #FF6600;
	border-bottom-color: #FF6600;
}
.input {
	font-size: 12px;
	border: 1px solid #CCCCCC;
	background-color: #FFFFFF;
	width: 130px;
}
.button {
	font-size: 12px;
	border: 1px solid #CCCCCC;
	background-color: #FFFFFF;
}
</style>
<script language="JavaScript" type="text/JavaScript">
<!--
function MM_openbrWindow(theURL,winName,features) { //v2.0
  window.open(theURL,winName,features);
}
//-->
</script>
</head>
<body>
<%
select case action
case "del"
	checkadmin
	If id="" then
		Response.Write "<script>alert('非法操作：删除留言的ID参数不能为空！');this.location.href='Index.asp';</SCRIPT>"
	    Response.End
	End If
	conn.execute("DELETE FROM [book] WHERE id="&id)
	Response.Write "<script>alert('站长辛苦了。留言删除成功！');this.location.href='Index.asp';</SCRIPT>"
case "add"
	Name=htmlencode(request.form("Name"))
	Qq=htmlencode(request.form("Qq"))
	Mail=htmlencode(request.form("Mail"))
	Info=htmlencode(request.form("Info"))
	If Name="" or Qq="" or Mail="" or Info="" then
		Response.Write "<script>alert('姓名、QQ、留言必须填写！');this.location.href='Index.asp';</SCRIPT>"
	ElseIf len(Name)>16 then
		Response.Write "<script>alert('姓名不要大于16个字符！');this.location.href='Index.asp';</SCRIPT>"
	ElseIf len(Qq)<5 or len(Qq)>10 then
		Response.Write "<script>alert('QQ号不要大于9个数字小于5个数字！');this.location.href='Index.asp';</SCRIPT>"
	ElseIf not (isNumeric(Qq) or Qq="") then
		Response.Write "<script>alert('QQ号码必须为数字！');this.location.href='Index.asp';</SCRIPT>"
	ElseIf len(Info)>400 then
		Response.Write "<script>alert('留言内容不得大于400个字符！');this.location.href='Index.asp';</SCRIPT>"
	Else
	Set omRsadd = Server.CreateObject("adodb.recordSet")
	omRsadd.open "Select * from book", conn, 1, 3
	omRsadd.addnew
		omRsadd("Name") = Name
		omRsadd("Mail") = Mail
		omRsadd("Qq") = Qq
		omRsadd("Info") = Info
		omRsadd("time") = now()
	omRsadd.update
	omRsadd.close
	Set omRsadd = nothing
		Response.Write "<script>alert('留言添加成功，谢谢你对本站的支持，请继续关注我们！请记住我们的永久域名：http://www.wm126.com');this.location.href='Index.asp';</SCRIPT>"
		Response.End
	End If

case "Reply"
	checkadmin
	Reply=trim(htmlencode(request.form("Reply")))
	If id="" then
		Response.Write "<script>alert('非法操作：删除留言的ID参数不能为空！');this.location.href='Index.asp';</SCRIPT>"
		Response.End
	End If
	Name=htmlencode(request.form("Name"))
	Qq=htmlencode(request.form("Qq"))
	Mail=htmlencode(request.form("Mail"))
	Info=htmlencode(request.form("Info"))
	If Name="" or Qq="" or Mail="" or Info="" then
		Response.Write "<script>alert('姓名、QQ、留言必须填写！');this.location.href='Index.asp';</SCRIPT>"
	ElseIf len(Name)>16 then
		Response.Write "<script>alert('姓名不要大于16个字符！');this.location.href='Index.asp';</SCRIPT>"
	ElseIf len(Qq)<5 or len(Qq)>10 then
		Response.Write "<script>alert('QQ号不要大于9个数字小于5个数字！');this.location.href='Index.asp';</SCRIPT>"
	ElseIf not (isNumeric(Qq) or Qq="") then
		Response.Write "<script>alert('QQ号码必须为数字！');this.location.href='Index.asp';</SCRIPT>"
	ElseIf len(Info)>400 then
		Response.Write "<script>alert('留言内容不得大于400个字符！');this.location.href='Index.asp';</SCRIPT>"
	Else
		Id=Request("Id")
		Set mRs=Server.CreateObject("adodb.recordSet")
		Sql="Select * from Book where Id="&Id
		mRs.open Sql,conn,1,3
		mRs("Name")=Request("Name")
		mRs("Qq")=Request("Qq")
		mRs("Mail")=Request("Mail")
		mRs("Info")=Request("Info")
		mRs("Reply")=Request("Reply")
		mRs.update
		mRs.close
		Set mRs=nothing
		Response.Write "<script>alert('留言回复成功！');this.location.href='Index.asp';</SCRIPT>"
	End If
	Response.Write "<script>alert('站长辛苦了--回复留言成功！');this.location.href='Index.asp';</SCRIPT>"

case "modpassed"
	checkadmin
	User=htmlencode(request.form("User"))
	oldpass=md5(request.form("oldpass"))
	newpass=md5(request.form("newpass"))
	newpass2=md5(request.form("confirm"))

	sub Checkpass(password)
	Set mRs=conn.execute("SELECT * FROM [Admin] WHERE user='"&session("Admin")&"' AND pass='"&password&"'")
		If mRs.eof then
			Response.Write "<script>alert('站长是不是记错了你的旧密码？');this.location.href='"&filename&"?action=modpass';</SCRIPT>"
			Response.End
		End If
	End sub

Checkpass oldpass

If newpass="" then
	Response.Write "<script>alert('新密码不能为空！');this.location.href='"&filename&"?action=modpass';</SCRIPT>"
	Response.End
End If

If newpass<>newpass2 then
	Response.Write "<script>alert('两次新密码不一致！');this.location.href='"&filename&"?action=modpass';</SCRIPT>"
	Response.End
End If

conn.execute("update [Admin] Set pass='"&newpass&"' WHERE user='"&session("Admin")&"'")
	session("Admin")=User
	Response.Write "<script>alert('站长请牢记新修改的密码丢了是很麻烦的哟！');this.location.href='Index.asp';</SCRIPT>"
	response.en

case "logout"
	session.Contents.Remove("Admin")
	Response.Write "<script>alert('管理这么长时间了是该休息了（退出管理成功）');this.location.href='Index.asp';</SCRIPT>"
	Response.End

case "logincheck"
	User=htmlencode(request.form("User"))
	password=md5(request.form("password"))

function CheckLogin(User,password)
Set mRs=conn.execute("SELECT * FROM [admin] WHERE user='"&User&"' AND pass='"&password&"'")
	If not mRs.eof then
		session("admin")=mRs("user")
		Response.Write "<script>alert('又到管理留言的时间了（登录成功）！');this.location.href='Index.asp';</SCRIPT>"
		Response.End
	Else
		Response.Write "<script>alert('不是本站站长请不要乱登陆。');this.location.href='"&filename&"?action=login';</SCRIPT>"
		Response.End
	End If
	End function

CheckLogin User,password
case "login"
%>
<table border="0" cellpadding="1" cellspacing="1" style="border-collapse: collapse" width="330" bgcolor="#CCCCCC" align="center">
	<tr bgcolor="F3F3F3">
		<td>
			<table border="0" cellpadding="0" style="border-collapse: collapse" width="100%">
				<tr>
					<td height="25">&nbsp;·&nbsp;管理登陆&nbsp;·</td>
				</tr>
			</table>
		</td>
	</tr>
	<tr bgcolor="F3F3F3">
		<td>
			<table border="0" cellpadding="0" style="border-collapse: collapse" width="100%">
				<form name="form1" method="post" action="<% =filename %>?action=logincheck">
				<tr>
					<td width="101" height="30" align="center">管理员：</td>
					<td width="205"><input type="text" name="User" class="input"></td>
				</tr>
				<tr>
					<td height="30" align="center">密&nbsp;&nbsp;码：</td>
					<td><input type="password" name="password" class="input"></td>
				</tr>
				<tr>
					<td height="40" colspan="2" align="center">
					<input name="Submit3" type="submit" value=" 登录 " class="button">&nbsp;&nbsp;&nbsp;&nbsp;<input name="reSet" type="reSet" value=" 重置 " class="button"></td>
				</tr>
				</form>			
			</table>
		</td>
	</tr>
</table>
<br><br><br>
<%
case "modpass"
checkadmin
%>
<table border="0" cellpadding="1" cellspacing="1" style="border-collapse: collapse" width="330" bgcolor="#CCCCCC" align="center">
	<tr bgcolor="F3F3F3">
		<td>
			<table border="0" cellpadding="0" style="border-collapse: collapse" width="100%">
				<tr>
					<td height="25">&nbsp;·&nbsp;管理员帐号修改&nbsp;·</td>
				</tr>