profile.asp

一个叫做雪人的论坛源码

<%response.buffer = true%>
<!--#INCLUDE FILE="inc/db_inc.asp"-->
<!--#INCLUDE FILE="inc/md5_inc.asp"-->
<!--#INCLUDE FILE="inc/char_inc.asp"-->
<!--#INCLUDE FILE="header.asp"-->
<%
''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
'	Snowman Forum v2.0
'
'	Copyright(C) Snowman, All rights reserved.
'
'	http://www.xinboard.net
'
'	Access版本免费, 欲使用SQL Server商业版本请购买使用权
''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''

dim StrSql, toptext, rs, rs2, StrHtml, StrHtml2, error, sex, avatar, err

StrHtml = loadtemplate("htmltop")
StrHtml = Replace(StrHtml, "{pagetitle}", loadtemplate("profiletitle"))
StrHtml = Replace(StrHtml, "{style_path}", loadtemplate("path"))
StrHtml = Replace(StrHtml, "{forumtitle}", boardtitle)
response.write StrHtml
StrHtml = loadtemplate("pagetitle")
StrHtml = Replace(StrHtml, "{title_img}", "<img src=""style/" & loadtemplate("path") & "/image/title.gif"">")

if request.cookies("sf")("username") = "" then
	toptext = loadtemplate("toptextguest")
else
	toptext = loadtemplate("toptextuser")
end if
toptext = toptext & loadtemplate("toptext")
StrHtml = Replace(StrHtml, "{top_text}", toptext)
StrHtml = Replace(StrHtml, "{username}", request.cookies("sf")("username"))
response.write StrHtml
StrHtml = loadtemplate("pagepath")
StrHtml = Replace(StrHtml, "{path_text}", "<img src=""style/" & loadtemplate("path") & "/image/home.gif""><a href=index.asp>" & boardtitle & "</a> &raquo; " & loadtemplate("profiletitle"))
response.write StrHtml

step = ChkSql(request("step"))
select case step
	case "2"
		error = ""
		err = false
		if request("oldpassword") = "" then
			err = true
		else
			StrSql = "select password from sf_user where username = '" & ChkSql(request.cookies("sf")("username")) & "'"
			Set rs2 = Conn.Execute(StrSql)
			if rs2.bof or rs2.eof then
				err = true
			else
				if md5(request("oldpassword")) <> rs2("password") then err = true
			end if
		end if
		if err then
			StrHtml = loadtemplate("error")
			StrHtml = Replace(StrHtml, "{error_text}", loadtemplate("err_chkpassword"))
			response.write StrHtml
			response.end
		end if
		if request("password") <> "" then
			if strLength(request("password")) < 6 or request("password") <> request("password2") then error = error & "<br><li>" & loadtemplate("err_password")
		end if
		if not IsValidEmail(request("email")) then error = error & "<br><li>" & loadtemplate("err_email")
		if request("question") <> "" then
			if strLength(request("question")) < 6 then error = error & "<br><li>" & loadtemplate("err_question")
		end if
		if request("result") <> "" then
			if strLength(request("result")) < 8 then error = error & "<br><li>" & loadtemplate("err_result")
		end if
		if request("sign") <> "" then
			if strLength(request("sign")) > 200 then error = error & "<br><li>" & loadtemplate("err_sign")
		end if
		if request("birthday_y") = "" or request("birthday_m") = "" or request("birthday_d") = "" then
			birthday = "1900-01-01"
		else
			if not (IsNumeric(request("birthday_y")) or IsNumeric(request("birthday_m")) or IsNumeric(request("birthday_d"))) then
				error = error & "<br><li>" & loadtemplate("err_birthday")
			else
				birthday = ChkSql(request("birthday_y")) & "-" & ChkSql(request("birthday_m")) & "-" & ChkSql(request("birthday_d"))
			end if
		end if
		if request("defineavatar") = "1" then
			err = false
			if (not IsValidSqlValue(request("defineavatarpath"))) or strLength(request("defineavatarpath")) < 10 then
				err = true
			else
				if instr(request("defineavatarpath"),"http://") <= 0 then err = true
			end if
			if (not IsNumeric(request("avatarwidth"))) or (not IsNumeric(request("avatarheight"))) then
				err = true
			else
				if cint(request("avatarwidth")) > 120 or cint(request("avatarheight")) > 120 then err = true
			end if
			if err then error = error & "<br><li>" & loadtemplate("err_defineavatar")
		end if
		if error <> "" then
			StrHtml = loadtemplate("error")
			StrHtml = Replace(StrHtml, "{error_text}", error)
			response.write StrHtml
			response.end
		end if

		sex = request("sex")
		if sex <> "1" and sex <> "2" then sex = "0"
		StrSql = "update sf_user set"
		
		if request("password") <> "" then
			StrSql = StrSql & " password = '" & md5(ChkSql(request("password"))) & "',"
		end if
		if IsValidEmail(request("email")) then StrSql = StrSql & " email = '" & ChkSql(request("email")) & "',"
		if request("question") <> "" then
			StrSql = StrSql & " question = '" & ChkSql(server.htmlencode(request("question"))) & "',"
		end if
		if request("result") <> "" then
			StrSql = StrSql & " result = '" & md5(ChkSql(request("result"))) & "',"
		end if
		StrSql = StrSql & " homepage = '" & ChkSql(server.htmlencode(request("homepage"))) & "', "
		StrSql = StrSql & " icq = '" & ChkSql(server.htmlencode(request("icq"))) & "', "
		StrSql = StrSql & " qq = '" & ChkSql(server.htmlencode(request("qq"))) & "', "
		StrSql = StrSql & " msn = '" & ChkSql(server.htmlencode(request("msn"))) & "', "
		StrSql = StrSql & " [like] = '" & ChkSql(server.htmlencode(request("like"))) & "', "
		StrSql = StrSql & " sex = " & sex & ", "
		StrSql = StrSql & " country = '" & ChkSql(server.htmlencode(request("country"))) & "', "
		StrSql = StrSql & " signature = '" & ChkSql(server.htmlencode(request("sign"))) & "', "
		if request("showmail") = "1" then
			StrSql = StrSql & " showemail = 0, "
		else
			StrSql = StrSql & " showemail = 1, "
		end if
		if request("invisible") = "1" then
			StrSql = StrSql & " invisible = 1, "
		else
			StrSql = StrSql & " invisible = 0, "
		end if
		if request("pmpop") = "1" then
			StrSql = StrSql & " pmpopup = 1, "
		else
			StrSql = StrSql & " pmpopup = 0, "
		end if
		if request("defineavatar") = "1" then
			StrSql = StrSql & " avatar = '', "
		else
			StrSql = StrSql & " avatar = '" & ChkSql(server.htmlencode(request("avatar"))) & "', "
		end if
		StrSql = StrSql & " defineavatar = '" & ChkSql(server.htmlencode(request("defineavatarpath"))) & "', "
		StrSql = StrSql & " avatarwidth = " & ChkSql(request("avatarwidth")) & ", "
		StrSql = StrSql & " avatarheight = " & ChkSql(request("avatarheight")) & ", "
		StrSql = StrSql & " birthday = '" & birthday & "'"
		StrSql = StrSql & " where username = '" & ChkSql(request.cookies("sf")("username")) & "'"
		Conn.Execute(StrSql)
		if request("password") <> "" then
			response.cookies("sf")("username")= ChkSql(request("username"))
			response.cookies("sf")("password")= md5(request("password"))
		end if
		StrHtml = loadtemplate("hint")
		StrHtml = Replace(StrHtml, "{hint_text}", loadtemplate("hint_profile"))
		StrHtml = Replace(StrHtml, "{pro_name}", "index.asp")
		response.write StrHtml
		'response.write strsql
	case else
		StrSql = "select * from sf_user where username = '" & ChkSql(request.cookies("sf")("username")) & "'"
		Set rs2 = Conn.Execute(StrSql)
		if rs2.bof or rs2.eof then
			error = ""
			error = error & "<br><li>" & loadtemplate("err_unregistered")
			StrHtml = loadtemplate("error")
			StrHtml = Replace(StrHtml, "{error_text}", error)
			response.write StrHtml
			response.end
		end if
		StrHtml = loadtemplate("profile")
		StrHtml = Replace(StrHtml, "{user_name}", rs2("username"))
		StrHtml = Replace(StrHtml, "{email}", rs2("email"))
		StrHtml = Replace(StrHtml, "{country}", rs2("country"))
		StrHtml = Replace(StrHtml, "{icq}", rs2("icq"))
		StrHtml = Replace(StrHtml, "{qq}", rs2("qq"))
		StrHtml = Replace(StrHtml, "{msn}", rs2("msn"))
		StrHtml = Replace(StrHtml, "{homepage}", rs2("homepage"))
		StrHtml = Replace(StrHtml, "{like}", rs2("like"))
		StrHtml = Replace(StrHtml, "{defineavatar}", rs2("defineavatar"))
		StrHtml = Replace(StrHtml, "{avatarwidth}", rs2("avatarwidth"))
		StrHtml = Replace(StrHtml, "{avatarheight}", rs2("avatarheight"))
		StrHtml = Replace(StrHtml, "{sign}", rs2("signature"))
		
		StrHtml = Replace(StrHtml, "{y}", year(rs2("birthday")))
		StrHtml = Replace(StrHtml, "{m}", month(rs2("birthday")))
		StrHtml = Replace(StrHtml, "{d}", day(rs2("birthday")))

		if rs2("sex") = 1 then
			StrHtml = Replace(StrHtml, "{sex0_box}", "<input type=""radio"" name=""sex"" value=""0"">")
			StrHtml = Replace(StrHtml, "{sex1_box}", "<input type=""radio"" name=""sex"" value=""1"" checked>")
			StrHtml = Replace(StrHtml, "{sex2_box}", "<input type=""radio"" name=""sex"" value=""2"">")
		else
			if rs2("sex") = 2 then
				StrHtml = Replace(StrHtml, "{sex0_box}", "<input type=""radio"" name=""sex"" value=""0"">")
				StrHtml = Replace(StrHtml, "{sex1_box}", "<input type=""radio"" name=""sex"" value=""1"">")
				StrHtml = Replace(StrHtml, "{sex2_box}", "<input type=""radio"" name=""sex"" value=""2"" checked>")
			else
				StrHtml = Replace(StrHtml, "{sex0_box}", "<input type=""radio"" name=""sex"" value=""0"" checked>")
				StrHtml = Replace(StrHtml, "{sex1_box}", "<input type=""radio"" name=""sex"" value=""1"">")
				StrHtml = Replace(StrHtml, "{sex2_box}", "<input type=""radio"" name=""sex"" value=""2"">")
			end if
		end if
		
		if rs2("avatar") = "" then
			StrHtml2 = "<input type=""radio"" name=""defineavatar"" value=""1"" checked>"
			StrHtml = Replace(StrHtml, "{defineavatar_box}", StrHtml2)
			StrHtml2 = "<input type=""radio"" name=""defineavatar"" value=""0"">"
			StrHtml = Replace(StrHtml, "{avatar_box}", StrHtml2)
		else
			StrHtml2 = "<input type=""radio"" name=""defineavatar"" value=""0"" checked>"
			StrHtml = Replace(StrHtml, "{avatar_box}", StrHtml2)
			StrHtml2 = "<input type=""radio"" name=""defineavatar"" value=""1"">"
			StrHtml = Replace(StrHtml, "{defineavatar_box}", StrHtml2)
		end if
		'StrHtml = Replace(StrHtml, "{defineavatar_box}", StrHtml2)
		if rs2("pmpopup") = 0 then
			StrHtml2 = "<input type=""checkbox"" name=""pmpop"" value=""1"">"
		else
			StrHtml2 = "<input type=""checkbox"" name=""pmpop"" value=""1"" checked>"
		end if
		StrHtml = Replace(StrHtml, "{pmpop_box}", StrHtml2)
		if rs2("invisible") = 0 then
			StrHtml2 = "<input type=""checkbox"" name=""invisible"" value=""1"">"
		else
			StrHtml2 = "<input type=""checkbox"" name=""invisible"" value=""1"" checked>"
		end if
		StrHtml = Replace(StrHtml, "{invisible_box}", StrHtml2)
		if rs2("showemail") = 0 then
			StrHtml2 = "<input type=""checkbox"" name=""showmail"" value=""1"" checked>"
		else
			StrHtml2 = "<input type=""checkbox"" name=""showmail"" value=""1"">"
		end if
		StrHtml = Replace(StrHtml, "{showmail_box}", StrHtml2)
		
	
		avatar = rs2("avatar")
		if avatar = "" then avatar = "1.gif"
		
		StrSql = "select title, avatarpath from sf_avatar"
		Set rs2 = Conn.Execute(StrSql)
		StrHtml2 = "<select name=""avatar"" size=""10"" onChange=""document.images['avatarimg'].src='image/face/'+options[selectedIndex].value;"">"
		if not(rs2.bof or rs2.eof) then
			do until rs2.eof
        			StrHtml2 = StrHtml2 & chr(10) &"<option value=""" & rs2("avatarpath") & """"
        			if rs2("avatarpath") = avatar then
        				StrHtml2 = StrHtml2 & " selected"
        				avatar = rs2("avatarpath")
        			end if
        			StrHtml2 = StrHtml2 & ">" & rs2("title") & "</option>"
				rs2.movenext
			loop
		end if
		StrHtml2 = StrHtml2 & "</select>"
		StrHtml2 = StrHtml2 & chr(10) & "<img id=""avatarimg"" src=""" & "image/face/" & avatar & """>"
		StrHtml = Replace(StrHtml, "{avatar_select}", StrHtml2)
		
		response.write StrHtml

		response.write sfcopyright
end select

response.write loadtemplate("htmlbottom")
response.end
Conn.Close
Set Conn = nothing
Set rs = nothing
Set rs2 = nothing
%>