gbook.asp

Etp Flash 留言板西乡香草天空美化版

<!--
 Etp Flash 留言本 1.5 Bulid 040815
 制作：Etp工作室-Etp21
 网站：http://www.etp21.com
 QQ:69483
 E-mail：Etp21@163.com
 -->

<!--#include file="conn.asp" -->
<%
mode=request("mode")
select case mode
    case "save"
        save()
    case "reply"
        replysave()
    case "edit"
        edit()
    case ""
    	read()
end select	


sub read()
if session("admin")<>"true" then
	set rs1=conn.execute("select * from info")
    	 if not rs1.eof then
    	    if not rs1("kf") then
    	    	message("kf")
    	    end if
    	 end if
	 rs1.close
	 set rs1=nothing		
end if
set rs=server.CreateObject("adodb.recordset")
sql="select * from gbook order by gd,id desc"
rs.open sql,conn,1,1
if not rs.eof then
	rs.PageSize =pagesize
	total=rs.RecordCount 
	maxpage=rs.PageCount 
	page=request("page")
										
	if Not IsNumeric(page) or page="" then
		page=1
	else
		page=cint(page)
	end if
	if page<1 then
		page=1
	elseif  page>maxpage then
		page=maxpage
	end if
	rs.AbsolutePage=Page
else
	total=0
	maxpage=0
	page=0
end if

out=""
if not rs.eof then 
	for i=1 to rs.PageSize 
		silent=rs("silent")
		title=rs("title")
		user=rs("name")
		face=rs("face")
		addtime=rs("time")
		text=rs("content")
		qq=rs("qq")
		mail=rs("mail")
		id=rs("id")
		homepage=rs("homepage")
		reply=rs("reply")
		gd1=rs("gd")
		if silent then
			if session("admin")<>"true" then
				title="[悄悄话]"
				text="<br><p align='center'><b>此留言为悄悄话，请登陆管理后查看</b></p>"
				user=""
				face=""
				addtime=""
				qq=""
				mail=""
				homepage=""
				reply=""
			else
				title="[悄悄话]"+title
			end if
		end if	
		out=out&"&no"&i&"="&title&chr(1)&user&chr(1)&face&chr(1)&addtime&chr(1)&text&"<img src=1.jpg>"&chr(1)&qq&chr(1)&mail&chr(1)&id&chr(1)&homepage&chr(1)&reply&chr(1)&gd1
		if session("admin")="true" then
  			 out=out&chr(1)&rs("ip")
		end if	
		rs.movenext
		if rs.EOF then
			i=i+1
			Exit For
		end if
	next
end if
rs.close
set rs=nothing
out="&page="&page&"&maxpage="&maxpage&"&count="&total&"&num="&i-1&out
response.write killBadWords(out)
response.end
end sub

function htmlencode(fString)
if not isnull(fString) then
    fString = Replace(fString, CHR(1), "")
    fString = Replace(fString, CHR(2), "")
    fString = Replace(fString, "&", CHR(2))

    htmlencode = fString
end if
end function

sub save()

	chkout()

	id=request.Form("id")
	face=htmlencode(request.form("face"))
	title=htmlencode(request.Form("title"))
	name=htmlencode(request.Form("user"))
	content=htmlencode(request.Form("text"))
	qq=htmlencode(request.Form("qq"))
	mail=htmlencode(request.Form("mail"))
	homepage=htmlencode(request.Form("homepage"))	
	if request.Form("silent")="true" then
		silent=true
	else
		silent=false
	end if	
	if id="" then
		ip=replace(Request.ServerVariables("REMOTE_ADDR"),"'","")		
		sql="insert into gbook (face,title,name,qq,mail,homepage,ip,silent,content) values ("&face&",'"&title&"','"&name&"','"&qq&"','"&mail&"','"&homepage&"','"&ip&"',"&silent&",'"&content&"')"
		conn.Execute(sql)		
		message("yes")
		
	elseif session("admin")<>"true" then
   		message("你尚未登陆！！！")
	else
		conn.Execute"Update gbook set face="&face&",title='"&title&"',name='"&name&"',qq='"&qq&"',mail='"&mail&"',homepage='"&homepage&"',content='"&content&"',silent="&silent&" where id="&id
		message("yes")
	end if
end sub

sub replysave()
	if session("admin")<>"true" then
   		message("你尚未登陆！！！")
	else
		reply=htmlencode(request.form("reply"))
		id=int(request.form("id"))
		conn.Execute"Update gbook set reply='"&reply&"' where id="&id
		message("yes")
	end if
end sub
%>