ztsave.asp

可以做论坛

<%@ Language=VBScript %> 
<%Response.Buffer = True %>
<!--#include file="conn.asp"--> 
<!--#include file="user.asp"--> 
<!--#include file="asptbfunction.asp"--> 
<!--#include file="listhtml.asp"--> 
<!--#include file="shhtm.asp"--> 
<title>主题提交</title>

<%
if ulock=1 then 
Response.Write "此用户"&ubm&" 非法操作已被屏蔽"
else
'检查ip是否被屏?
 
mystring=ipp
call mystr(mystring,allstr,leng)
youipp=0
youippip=""
for i=0 to leng 
if InStr(userip,allstr(i))>0 then
youipp=youipp+1
youippip=allstr(i)
end if
If i=leng Then Exit For 
Next 
if youipp>0 then 'ip被屏蔽
Response.Write "此IP："&youippip&" 非法操作已被屏蔽"
else 'ip被屏蔽
cc="select * from neirong"
set rs=server.createobject("adodb.recordset")
rs.open cc,conn,1,3
nam=request.form("idy")
IDL=request.form("ddd")
dat=now()
IP=Request.ServerVariables("REMOTE_ADDR") 
zhuti=request.form("zhuti")
zhuti= Replace(zhuti,"<script", "&lt;script")
zhuti=Replace(zhuti, "<", "&lt;")
zhuti=Replace(zhuti, ">", "&gt;")
yl=Len(zhuti) 
neirong=request.form("neirong")
'neirong = Replace(neirong, "<", "&lt;")
'neirong= Replace(neirong,"<script", "&lt;script")
'neirong=Replace(neirong, chr(13), "<br>")
neirong=Replace(neirong, chr(032), "&nbsp;")
'neirong=server.htmlencode(neirong)
yn=len(neirong)
pic=request.form("pic")
picl=len(pic)
picd=LCase(Right(pic,3))
picdd=LCase(Right(pic,4))
jpg="jpg"
gif="gif"
bmp="bmp"
jpeg="jpeg"
if picl>16  then
       if picd=jpg then
	   pic=pic
	   else
	      if picd=gif then
	      pic=pic
	      else
	         if picd=bmp then
	         pic=pic
	         else
	             if picdd=jpeg then
	             pic=pic
	             else
				 pic=""
	             end if
			 end if		  
		  end if
	   end if
else
pic=""
end if
'检查是否有屏蔽的词
mystring=cip
call mystr(mystring,allstr,leng)
youpb=0
youpbci=""
for i=0 to leng
if InStr(zhuti,allstr(i))>0 or InStr(neirong,allstr(i))>0 or InStr(pic,allstr(i))>0 then
youpb=youpb+1
youpbci=youpbci&allstr(i)
end if
If i=leng Then Exit For 
Next 
'检查是否有屏蔽的词结束
if youpb>0 then '如查有屏蔽的词
Response.Write "你发的内容含有非法词符："&youpbci&"不能提交"
else
if yl<2 or yl>100 or yn<1 or yn>15000 then
%>
<div align="center">
主题或内容填写错误，主题2-100个字符,内容1-15000个字符<a href=list.asp?IDL=<%=IDL%>>请返回重新填写</a> 
<%
else 
    rs.AddNew
    rs("zt") = 1
    rs("lay") = 1
	rs("layer") = 1
    rs("idl") = IDL
    rs("zhuti") = zhuti
    rs("neirong") = neirong
    rs("zttime") = dat
    rs("huitime") = dat
    rs("zuozhe") = uidy
	rs("huizz") = uidy
    rs("huiip") = IP
    rs("pic") = pic
	rs("huiid")= rs("ids")	
    rs.Update
	huiid=rs("ids")
	conn.Execute("update neirong set huiid="&huiid&" where ids="&huiid)
c2="select * from luntan  where idl="&IDL
set rs2=server.createobject("adodb.recordset")
rs2.open c2,conn,1,1
conn.Execute("update luntan set tieshu=tieshu+1,zhutishu=zhutishu+1 where idl="&IDL )
    '给会员加分
	if nam<>0 then 
	conn.Execute("update user set jibiej=jibiej+50, jingnian=jingnian+5, jinqian=jinqian+50,tieshu=tieshu+1 where idy="&nam )
	cus="select * from user  where idy="&nam
	set rsus=server.createobject("adodb.recordset")
	rsus.open cus,conn,1,1
	jibiej=rsus("jibiej")
	jibie=rsus("jibie")
	    if jibiej>=jibie*100 then '是否达到升级
		jibiejl=jibiej-jibie*100
		conn.Execute("update user set jibie=jibie+1,jibiej="&jibiejl&" where idy="&nam )
		else
		end if
	else
	end if
	if sallhtml=1 or rs2("html")=1 then
	call shtm(huiid)
	call  listhtml(IDL)
	'conn.Execute("update luntan set html=1 where idl="&IDL)
	response.redirect "jinghuau/"&IDL&"/"&huiid&".htm"
	else
	response.redirect "show.asp?ids="&huiid
	end if
	end if
end if '屏蔽词检查   
conn.close
set conn=nothing
end if 'ip被屏蔽
end if '屏蔽用户
Response.Flush %>