📄 editpost.asp
字号:
<!--#include file="../Conn.asp"-->
<!--#include file="Char.asp"-->
<!--#include file="Const.asp"-->
<!--#include file="BtBBS_Fun.asp"-->
<%
Dim FileName,Post,FileNl,aRS,I,j,K,sf,titlename,titlenamex,StarTime,EndTime,AccessNum,Login,UserName,BoardID,PostUser
StarTime = Timer():AccessNum=0
login=BT_SF()
Username=Request.Cookies("Username")
File=Request.QueryString("File")
File=replace(replace(replace(replace(File,"'","‘"),"<","<"),">",">")," "," ")
Post=Request.QueryString("Post")
IF IsNumeric(Post)=False THEN Response.Redirect "index.asp" END IF
BoardID=Request.QueryString("BoardID")
IF IsNumeric(BoardID)=False THEN Response.Redirect "index.asp" END IF
PostUser=Request.QueryString("PostUser")
PostUser=replace(replace(replace(replace(PostUser,"'","‘"),"<","<"),">",">")," "," ")
Titlename=Request.QueryString("titlename")
titlename=replace(replace(replace(replace(titlename,"'","‘"),"<","<"),">",">")," "," ")
Titlenamex=Request.Form("titlenamex")
titlenamex=replace(replace(replace(replace(titlenamex,"'","‘"),"<","<"),">",">")," "," ")
FileName="bbs"+BoardID+"/"+File
BT_Board()
aRS=Application(BBSname&"BT_Board")
K=-1
If not (aRS(0,0)=-1 or VarType(aRS)=0) Then
For I=0 To UBound(aRS,2)
If Cint(BoardID)=aRS(0,I) then K=I End If
Next
End If
If Login="Y" and K>=0 Then '---------身份确认,如果sf=1,那么登陆者是版主或管理员,如果是0,则是其它用户
If (instr(1,aRS(7,K),Username)<>0 and Request.Cookies("bbsgl")="bbsadmin") or Request.Cookies("bbsgl")="admin" Then
sf=1
Else
sf=0
End If
Else '匿名用户
sf=0
End If
DIM myFile
Const ForReading = 1 Const Forwriting = 2
Const ForAppending = 8 myFile = Server.MapPath(FileName)
SET fileStreamObj = CreateObject("Scripting.FileSystemObject")
if not(fileStreamObj.FileExists(myFile)) then
FileName=""
else SET textStream = fileStreamObj.OpenTextFile(myFile,ForReading,False)
while not textStream.AtEndOfStream FileNl=FileNl+textStream.ReadLine()
wend textStream.Close()
end if
set fileStreamObj=nothing
Key="<a href=../EditPost.asp?BoardID="&BoardID&"&Post="&Post&"&File="&File&"&PostUser="&PostUser&""
If FileName<>"" and Post<>"" and Instr(1,FileNL,Key)>0 and (sf=1 or UserName=PostUser) then
BeginPost="<!--BeginNl"&Post&"-->"
EndPost="<!--EndNl"&Post&"-->"
i=Instr(1,Filenl,BeginPost)+Len(BeginPost)
j=Instr(1,Filenl,EndPost)
Left_NL=left(FileNL,i-1)
Right_NL=right(FileNl,Len(FileNL)-j)
Mid_NL=Mid(FileNl,i,Len(FileNl)-(i+Len(Right_NL)))
IF Request.Form("EditPost")="完成" then
UBB_MID_NL=Request.Form("nl")
If Request.Form("UBBable")="yes" then
UBB_Mid_NL=UBBcode(UBB_MID_NL)
else
UBB_Mid_NL=HTMLEnHTML(UBB_MID_NL)
end if
'FileNL = replace(FileNl, Mid_NL, UBB_MID_NL)
FileNL=Left_NL+UBB_MID_NL+"<"+Right_NL
if post="0" then
Set rs = Server.CreateObject("ADODB.Recordset")
sql="SELECT ID,BoardID,FileName,Subject,PostUser,PostNum,Hits,LastPostTime,LastPostUser,IsTop,IsBest,PollID FROM BT_Topic where FileName='"&File&"' "
rs.open sql,conn,1,3
if not(rs.BOF and rs.eof) then
titlename=rs("Subject")
rs("Subject")=titlenamex
rs.Update
end if
rs.Close
conn.close
set rs=nothing
set conn=nothing
Dim Reg
set reg=new regexp
reg.IgnoreCase=true
reg.Global=true
reg.Pattern="userwz=(.*)&dis=NO"
FileNL=Reg.Replace(FileNL,"userwz="&Titlenamex&"&dis=NO")
reg.Pattern="titlename=(.*?)>"
FileNL=Reg.Replace(FileNL,"titlename="&Titlenamex&">")
reg.Pattern="<!--Title1-->(.*)<!--Title2-->"
FileNL=Reg.Replace(FileNL,"<!--Title1-->"&Titlenamex&"<!--Title2-->")
reg.Pattern="<!--Title3-->(.*)<!--Title4-->"
if len(Titlenamex)>15 then Titlenamex=left(Titlenamex,12)+"..." end if
FileNL=Reg.Replace(FileNL,"<!--Title3-->"&Titlenamex&"<!--Title4-->")
reg.Pattern="value=Re:(.*?)>"
FileNL=Reg.Replace(FileNL,"value=Re:"&Titlenamex&">")
end if
SET fileStreamObj = CreateObject("Scripting.FileSystemObject")
SET textStream = fileStreamObj.OpenTextFile(myFile,ForWriting,False)
textStream.Write(FileNL) textStream.Close()
set fileStreamObj=nothing
if post="0" then
Application.Lock
Application(BBSname&boardname+"bs")=Application(BBSname&boardname+"bs")+1
Application.UnLock
end if
Response.Redirect FileName
else
%>
<!--#include file="../inc/top1.inc"-->
<% Login_EN()%>
<center><table width=743><tr><td colspan=4><a href=index.asp><font class=NavColor>首页</a> >></font> <a href=index.asp?bbsid=<%=aRS(1,K)%>><font class=NavColor><%=aRS(2,K)%></a> >> <a href=dislist.asp?BoardID=<%=aRS(0,K)%>><font class=NavColor><%=aRS(3,K)%></font></a> >>帖子编辑 >> <a href=# onclick=history.go(-1)><font class=NavColor>返回</font></a></font></td></tr></table>
<table width=743 cellpadding=11><tr><td class=light1 width=200><p style="line-height: 200%"><b>标题:</b><br> 请不要输入特殊字符,不支持HTML和UBB<br><b>内容:</b><br>
帖子已经生成了HTML代码,在支持HTML的情况下,为了系统安全,系统限制了某些代码,当帖
子中包含这些限制的代码后,帖子中的HTML代码将不能执行,如Script语句,如果包含了这
些语句,帖子将经过UBB标签的处理,显示帖子代码,而不会被执行!限制的代码有: Script
语句,Table中的几个表格标签,Position绝对位置参数
</td>
<td class=light valign=top><form name=newfile method="post" action="EditPost.asp?BoardID=<%=BoardID%>&Post=<%=Post%>&File=<%=File%>&PostUser=<%=PostUser%>">
<%if post="0" then
Set rs=conn.execute("SELECT FileName,Subject FROM BT_Topic where FileName='"&File&"' ")
if not(rs.BOF and rs.eof) then titlename=rs("Subject") end if
rs.Close
set rs=nothing
conn.close
set conn=nothing
%>
<input type=text name=Titlenamex size=70 value=<%=titlename%>>
<%end if%>
<TEXTAREA class=fminpt ROWS=20 COLS=80 name="nl"><%=mid_nl%></textarea></td></tr>
<tr>
<td height="30" class=light1> <b>支持UBB:</b></td>
<td height="30" class=light><input type=checkbox name="UBBable" value="yes"> 选择后贴子全部支持UBB语法,HTML将没有任何作用</td>
</tr>
<tr><td colspan=2 align=center>
<input type=Submit value="完成" name=EditPost>
</form></td></tr></table>
<%
end if
else
%>
<!--#include file="../inc/top1.inc"-->
<% Login_EN()%>
<table width=743><tr><td><a href=../index.asp><font class=NavColor>首页</a> >></font> <a href=# onclick=history.go(-1)><font class=NavColor>返回</font></a></td></tr></table>
<center><br><br><br>出错了!!!! 编辑文件出错/你没有编辑该帖的权限 !!!<br><br><br><br></center>
<%
end if
EndTime = Timer()
%>
<!--#include file="../inc/tom1.inc"-->⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -