post_do.asp

9seek 留言本源代码5.0版

<!--#include file="conn.asp"-->
<!--#include file="connip.asp"-->
<!--#include file=const.asp -->
<!--#include file=md5.asp -->
<%

dim title,name,pass,email,qq,url,pic,nei,t,rt,yd,hf,jh,bl,male,face,icq,msn
dim exec1, rs1, rs, rs2, id,isPrivate, foundErr
      
title=encodestr(Request.form("title"))
name=encodestr(Request.form("name"))
pass=encodestr(Request.form("pass"))
email=encodestr(Request.form("email"))
qq=encodestr(Request.form("qq"))
icq=encodestr(Request.form("icq"))
msn=encodestr(Request.form("msn"))
url=encodestr(Request.form("url"))
nei=replace(Request.form("nei"),"'","""")
pic=encodestr(Request.form("pic"))
male=encodestr(Request.form("male"))
face=encodestr(Request.form("face"))
isPrivate=encodestr(Request.form("isPrivate"))
bl=0

if isDate(request.cookies("gbook")("lastpost")) then
	if dateDiff("s",Cdate(request.cookies("gbook")("lastPost")),now)<=postLimit then
		session("error")="请不要灌水！！<br>"
		foundErr=true
	end if
end if
if len(title)<3 then
	session("error")="请认真填写留言标题！！<br>"
	foundErr=true
end if
if len(name)=0 and not theUser.reged then
	session("error")=session("error") & "请填写用户名！！<br>"
	foundErr=true
end if
if len(nei)<2 then
	session("error")=session("error") & "请认真填写留言内容！！<br>"
	foundErr=true
end if
if len(nei)>maxLength then
	session("error")=session("error") & "留言内容最多"& maxLength &"个字符，请减少你的留言内容！！<br>"
	foundErr=true
end if
if len(title)>40 then
	session("error")=session("error") & "留言标题不可以超过40个字符！！<br>"
	foundErr=true
end if
if len(name)>10 then
	session("error")=session("error") & "用户名不可以超过10个字符！！<br>"
	foundErr=true
end if

if foundErr then
	connclose()
	response.redirect("error.asp")
end if

if theUser.reged then
	name=theUser.name
	qq=theUser.qq
	email=theUser.email
	url=theUser.url
	if theUser.male then
		male="1"
	else
		male="0"
	end if
	face=theUser.face
	bl=1
elseif pass<>"" then
	pass=MD5(pass)
	exec1="select * from [user] where username='"&name&"'"
	Set RS1 = Server.CreateObject("ADODB.RecordSet") 
	rs1.Open exec1, Conn, 1, 2
	if not rs1.eof then
		if pass=rs1("userpassword") then
			qq=rs1("oicq")
			icq=rs1("icq")
			msn=rs1("msn")
			email=rs1("useremail")
			url=rs1("homepage")
			male=rs1("sex")
			face=rs1("GBface")
			bl=1
		else
			rs1.close : set rs1=nothing
			connclose()
			session("error")="保留用户密码帐号不对应！！！"
			response.redirect "error.asp"
		end if
	else
		Set rs2 = Server.CreateObject("ADODB.Recordset")
		exec1="select top 1 * from [user]"
		rs2.Open exec1,conn,1,2
		rs2.addnew
		rs2("username")=name
		rs2("userpassword")=pass
		rs2("useremail")=email
		rs2("oicq")=qq
		rs2("icq")=icq
		rs2("msn")=msn
		rs2("homepage")=url
		rs2("sex")=male
		rs2("GBface")=face
		rs2("GBpostNum")=0
		rs2("GBprivateNum")=0
		rs2("addDate")=dateAdd("h",timeDiff,now)
		rs2.update
		rs2.close
		set rs2=nothing
		exec1="update GBconst set userNum=userNum+1"
		conn.execute(exec1)
		
		bl=1
	end if
	rs1.close
	set rs1=nothing
end if


Set rs = Server.CreateObject("ADODB.Recordset")
exec1="select top 1 * from ly order by id desc"
rs.Open exec1,conn,1,2
	rs.addnew
	rs("name")=name
	rs("title")=title
	rs("email")=email
	rs("qq")=qq
	rs("icq")=icq
	rs("msn")=msn
	rs("url")=url
	rs("male")=male
	rs("face")=face
	rs("nei")=nei
	rs("t")=dateAdd("h",timeDiff,now)
	rs("pic")=pic
	rs("bl")=bl
	rs("yd")=0
	rs("hf")=0
	rs("jh")=0
	rs("rt")=0
	rs("ip")=request.servervariables("remote_addr")
	rs("comefrom")=getFrom(request.servervariables("remote_addr"))
	if isPrivate="1" then
		rs("isPrivate")=1
	end if
	rs.update
	'rs.close
	rs.requery
	id=rs("id")
	rs("reid")=rs("id")
	rs("reTime")=rs("t")
	rs.update
rs.close
set rs=nothing
exec1="update GBconst set topicNum=topicNum+1"
conn.execute(exec1)
if bl=1 then
	exec1="update [user] set GBpostNum=GBpostNum+1 where username='"& name &"'"
	conn.execute(exec1)
end if
if bl=1 and isPrivate="1" then
		exec1="update GBconst set privateNum=privateNum+1"
		conn.execute(exec1)
		exec1="update [user] set GBprivateNum=GBprivateNum+1 where username='"& name &"' "
		conn.execute(exec1)
end if

conn.close
set conn=nothing
connIpclose()

response.cookies("gbook")("lastPost")=now

if not theUser.reged then
	response.cookies("gbook")("username")=vbescape(name)
	response.cookies("gbook")("password")=pass
end if

session("url")="show.asp?id="&id
response.redirect "addok.asp"
%>