bbs_edit.asp

来自「安全性好,适用于制作论坛和进行资源下载的个人和大型网站使用!」· ASP 代码 · 共 149 行

<!--#include file="inc/pstart.asp"-->
<!--#include file="inc/function.asp"-->
<!--#include file="inc/incpage.asp"-->
<!--#include file="inc/bbsinfo.asp"-->
<%
call checkulogin()
call checkhmd()
if request.querystring("type")="save" then
voteyn=checknum(request.form("voteyn"))
canvote=false
if voteyn=1 then
canvote=true
votetype=checknum(request.form("votetype"))
vote=replace(request.Form("vote"),"|","│")
vote=Server.HTMLEncode(checkstr(vote))
vote=split(vote,chr(13)&chr(10))
voten=ubound(vote)
if voten>bbscon-1 then voten=bbscon-1
for i=0 to voten
if not (vote(i)="" or vote(i)=" ") then
bodyvote=bodyvote&"|"&vote(i)
num=num&"|0"
end if
next
if bodyvote="" then
canvote=false
end if
outtime=checknum(request.form("outtime"))+now()+timezone/24
end if
if canvote=false then votetemp=0
if canvote=true then votetemp=1

dim chstrs,citem
chstrs="title:主题,body:内容"
for each citem in split(chstrs,",")
if trim(request.form(split(citem,":")(0)))="" then
%>
<script language="javascript">
alert("[<%=split(citem,":")(1)%>]为空！")
history.back()
</script>
<%
response.end
end if
next
dim stitle,sbody,uptype
stitle=Server.HTMLEncode(restr(request.form("title")))
sbody=request.form("body")
if strlength(stitle)>50 then
%>
<script language="javascript">
alert("标题不得超过50个字节")
history.back()
</script>
<%
response.end
end if
if strlength(sbody)>30000 then
%>
<script language="javascript">
alert("内容不得超过3万个字节")
history.back()
</script>
<%
response.end
end if

function uptypecheck(byval str)
dim ary,pos
ary=split(str,"[upload=")
if ubound(ary)>=1 then
pos=instr(ary(1),"[/upload]")
if pos=0 then exit function
uptypecheck=left(ary(1),3)
end if
end function
uptype=uptypecheck(sbody)

dim aid:aid=checknum(request.querystring("aid"))
set rs=server.CreateObject("adodb.recordset")
sqlstr="select * from hx66_bbs where id="&aid
rs.open sqlstr,conn,1,3
rs("hx66_title")=stitle
rs("hx66_body")=sbody
rs("hx66_vote")=votetemp
rs.update
if canvote=true then conn.execute("update [hx66_Vote] set content='"&bodyvote&"',votenum='"&num&"',type="&votetype&",outtime='"&outtime&"',voteduser=""|0"" where id="&aid&"")
if canvote=false then conn.execute("delete from [hx66_Vote] where id="&aid&"")
'更新上传文件
if uptype<>"" and instr(uploadtype,uptype)>0 then
conn.execute("update [upload] set bbsid="&id&",totable="&bid&",url='"&stitle&"' where name='"&ckuname&"' and totable=0")
end if
response.redirect "bbs_detail.asp?aid="&rs("id")&"&bid="&bid
rs.close
set rs=nothing
end if

if request.querystring("type")="hf" then
if trim(request.form("body"))="" then
%>
<script language="javascript">
alert("回复内容为空")
history.back()
</script>
<%
response.end
end if
dim hfbody
hfbody=request.form("body")
if strlength(hfbody)>20000 then
%>
<script language="javascript">
alert("回复内容不得超过2万个字节")
history.back()
</script>
<%
response.end
end if

function uptypecheck(byval str)
dim ary,pos
ary=split(str,"[upload=")
if ubound(ary)>=1 then
pos=instr(ary(1),"[/upload]")
if pos=0 then exit function
uptypecheck=left(ary(1),3)
end if
end function
uptype=uptypecheck(hfbody)

set rs=server.CreateObject("adodb.recordset")
sqlstr="select * from hx66_saybbs where id="&checknum(request.querystring("id"))
rs.open sqlstr,conn,1,3
rs("hx66_text")=hfbody
'rs("hx66_time")=now()
rs.update
'更新上传文件
if uptype<>"" and instr(uploadtype,uptype)>0 then
conn.execute("update [upload] set bbsid="&rs("hx66_iid")&",totable="&bid&",url='回贴' where name='"&ckuname&"' and totable=0")
end if
response.redirect "bbs_detail.asp?aid="&rs("hx66_iid")&"&bid="&bid
rs.close
set rs=nothing
end if
conn.close
set conn=nothing
%>