pinglun.asp

购物系统(本版为正式商业版

<!--
┌─9911.com.cn────────────┐
│  动感购物 WWW.9911.com.cn 版权所有  │
│  动感购物2005Vb  联系：web@snsn.net │
└───────────9911.com.cn──┘
-->
<!--#include file="conn.asp"-->
<!--#include file="webconfig.asp"-->
<!--#include file="fuction.asp"-->
<%function HTMLEncode2(fString)
    fString = replace(fString, ">", "&gt;")
    fString = replace(fString, "<", "&lt;")

    fString = Replace(fString, CHR(32), "<I></I>&nbsp;")
    fString = Replace(fString, CHR(9), "&nbsp;")
    fString = Replace(fString, CHR(34), "&quot;")
    fString = Replace(fString, CHR(39), "&#39;")
    fString = Replace(fString, CHR(13), "")
    fString = Replace(fString, CHR(10) & CHR(10), "</P><P> ")
    fString = Replace(fString, CHR(10), "<BR> ")
	HTMLEncode2 = fString
end function%>
<%dim shopid,shopname,syh
shopid=nosql(request("id"))
shopname=nosql(request("shopname"))
syh=nosql(request("syh"))
pingluncontent=HTMLEncode2(trim(request("pingluncontent")))
set rs=server.CreateObject("adodb.recordset")
rs.open "select * from shop_pinglun",conn,1,3
rs.addnew
rs("shopid")=shopid
rs("pingji")=request("pingji")
rs("pinglunname")=HTMLEncode2(trim(request("pinglunname")))
rs("pingluntitle")=HTMLEncode2(trim(request("pingluntitle")))
rs("pingluncontent")=HTMLEncode2(trim(request("pingluncontent")))
rs("ip")=Request.servervariables("REMOTE_ADDR")
rs("pinglundate")=now()
if shenhe=1 then
rs("shenhe")=0
else
rs("shenhe")=1
end if
rs.update
rs.close
set rs=nothing
set rs=server.CreateObject("adodb.recordset")
rs.open "select * from shop_snsn where shopid="&shopid,conn,1,3
rs("pingji")=rs("pingji")+1
rs("pingjizong")=rs("pingjizong")+request("pingji")
rs.update
rs.close
set rs=nothing

if syh<>1 then
set rs1=server.CreateObject("adodb.recordset")
rs1.open "select * from [shop_yh] where shopid="&shopid,conn,1,3
if rs1.recordcount>0 then
rs1("hot")=rs1("hot")+1
rs1.update
end if
rs1.close
set rs1=nothing
else
if session("username")="" then
response.write "<script LANGUAGE='javascript'>alert('你尚未登录，请登录后加入本商品会友会！');history.go(-1);</script>"
response.End
else
set rs=server.CreateObject("adodb.recordset")
rs.open "select * from [shop_yh] where username='"&nosql(session("username"))&"' and shopid="&shopid&"",conn,1,1
if rs.recordcount>0 then
 set rs1=server.CreateObject("adodb.recordset")
 rs1.open "select * from shop_yh where shopid="&shopid,conn,1,3
 rs1("hot")=rs1("hot")+1
 rs1.update
 rs1.close
 set rs1=nothing
rs.close
else
set rs1=server.CreateObject("adodb.recordset")
rs1.open "select * from shop_yh ",conn,1,3
rs1.addnew
rs1("shopid")=shopid
rs1("shopname")=shopname
rs1("username")=session("username")
rs1("hot")=1
rs1("py")=HTMLEncode2(trim(request("pingluncontent")))
rs1("adddate")=now()
rs1.update
rs1.close
set rs1=nothing
rs.close
end if
end if
end if
response.write "<script LANGUAGE='javascript'>alert('你的评论已经成功提交，请返回！');history.go(-1);</script>"
response.End
%>