📄 save.asp
字号:
<!--#include file="conn.asp"-->
<!--#include file="connip.asp"-->
<!--#include file="inc/char.asp"-->
<!--#include file="inc/const1.asp"-->
<!--#include file="banip.asp"-->
<%
''''''''''''''''''''''''''''''''''''''''''''''''''''''
' Jimmy中文站留言簿 Version 1.09 '
' http://www.lunji.com '
' Powered by BlueSailor '
' QQ:428140 E-MAIL: bluesailor@gmail.com '
''''''''''''''''''''''''''''''''''''''''''''''''''''''
%>
<%
Response.ExpiresAbsolute = Now() - 1
Response.Expires = 0
Response.CacheControl = "no-cache"
If lcase(mid(request.ServerVariables("HTTP_REFERER"),8,len(request.ServerVariables("SERVER_NAME"))))<>lcase(request.ServerVariables("SERVER_NAME")) then
session("wrong")="禁止跨站提交"
Response.Redirect "error.asp"
End If
dim guestname
dim email
dim msn
dim homepage
dim myhead
dim oicq
dim guestcontent
dim ip
dim rs,sql
dim founderr
dim errmsg
dim boardtype
dim content
founderr=false
call chkinput
sub chkinput()
content=ubbcode(request("guestcontent"))
if InStr(content,"*")<>0 then
session("wrong")="含非法字"
response.redirect "error.asp"
end if
guestname=ubbcode(request("guestname"))
if InStr(guestname,"*")<>0 then
session("wrong")="含非法字"
response.redirect "error.asp"
end if
guestname=CStr(Replace(guestname,chr(13)&chr(10),""))
'#################版主防假冒
'#################判断名字长度
if len(request("guestcontent"))>maxlen then
errmsg=errmsg+"<br>"+"<li>内容太多"
founderr=true
end if
'#################校验码
dim namelen,i,zi,ziasc
namelen=0
for i=1 to len(guestname)
zi=mid(guestname,i,1)
ziasc=asc(zi)
if ziasc<0 then
namelen=namelen+2
else
namelen=namelen+1
if CStr(server.URLEncode(zi))<>CStr(zi) then
errmsg=errmsg+"<br>"+"<li>名字非法"
founderr=true
end if
end if
next
if guestname="" or namelen>25 or namelen<1 then
errmsg=errmsg+"<br>"+"<li><font color=red>请重新输入用户名(2-10个字母,或1-5个汉字)</font>"
founderr=true
elseif server.HTMLEncode(guestname)<>guestname or InStr(guestname," ")<>0 or InStr(guestname," ")<>0 or InStr(guestname,"【")<>0 or InStr(guestname,"】")<>0 or InStr(guestname,"/")<>0 or InStr(guestname,"\")<>0 or InStr(guestname,"_")<>0 or InStr(guestname,"'")<>0 or InStr(guestname,".")<>0 then
errmsg=errmsg+"<br>"+"<li><font color=red>名含有非法字符!请您去掉 【 】 / \ _ . 和空格等字符。</font>"
founderr=true
end if
if len(request("guestcontent"))<1 then
errmsg=errmsg+"<br>"+"<li>请认真你要购买的产品。"
founderr=true
else guestcontent=request("guestcontent")
guestcontent=replace(guestcontent," "," ")
guestcontent=replace(guestcontent, ">", ">")
guestcontent=replace(guestcontent, "<", "<")
end if
'网址校验
If Trim(Request("homepage"))<>"" Then
If left(Trim(Request("homepage")),7)<>"http://" or InStr(Trim(Request("homepage")),"<")<>0 Then
errmsg=errmsg+"<br>"+"<li>网址格式不正确。"
founderr=true
End If
End If
ip= request.ServerVariables("HTTP_X_FORWARDED_FOR")
if ip = "" then ip = request.ServerVariables("REMOTE_ADDR")
End Sub
If ip="" then
errmsg=errmsg+"<br>"+""
founderr=true
End If
Sub saveuserinfo()
set rs=server.createobject("adodb.recordset")
sql="select * from [guest] where id=null"
rs.open sql,conn,1,3
rs.addnew
rs("guestname")=guestname
if request("from")<>"" then
rs("from")=(request("from"))
end if
if request("msn")<>"" then
rs("msn")=(request("msn"))
end if
if request("email")<>"" then
rs("email")=(request("email"))
end if
if request("homepage")<>"" then
if request("homepage")<>"http://" then
rs("homepage")=(request("homepage"))
end if
end if
if request("oicq")<>"" then
rs("oicq")=(request("oicq"))
end if
rs("ip")=ip
if sh=True then
rs("sh")=True
end if
if request("myhead")<>"" then
rs("face")=(request("myhead"))
else
rs("face")=1
end if
rs("guestcontent")=guestcontent
If Request("secretly")<>"" Then
rs("secretly")=request("secretly")
End If
rs("comefrom")=getFrom(request.servervariables("remote_addr"))
rs("sessionid")=session.sessionid
rs.update
rsclose()
connclose()
end sub
session("postnum")=1
if founderr=true then
call error()
else
call chkinput()
call saveuserinfo()
if founderr=true then
call error()
else
Response.write "<script>alert('发送订单成功');self.location='../../../AutoAsp/index.asp';</script>"
End If
End If
connIpclose()
%>⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -