📄 guestbook_admin.asp
字号:
<%
'==============================================================
'程序名称:茂盛网站管理系统(Maoin CSM)
'当前版本:Maosin CMS Version 1.1 Powered by maosin.com
'程序作者:阿茂(李胜茂)
'网站地址:www.maosin.com www.maosin.net
' QQ:57861417
'电子邮箱:maosin@163.com maosin@maosin.com
'--------------------------------------------------------------
'Copyright (C) 2006 maosin.com All Rights Reserved.
'免费版本请在程序首页保留(Powered by:Maosin CMS)版权链接信息;
'您可以对此版本进行修改,美化,但请保留此ASP文件内的版权信息;
'茂盛设计网保留此软件的法律追究权利
'==============================================================
Sub reply()
if (session(userVar)=userVal and reGuestbook=1) or (session(adminVar)=adminVal) or userSign=3 then
dim gb_id,sql,rs,username,gb_date,gb_content
gb_id=Request("gb_id")
if isNumeric(gb_id)=false then
showmsg "<font color=""#ff0000"">系统返回如下信息:</font><br><br><li>请输入一个正确的整型参数</li>","出错信息"
exit sub
end if
if ms_submit=0 then
if chkIsOut=false then
showmsg "<font color=""#ff0000"">茂盛系统返回如下信息:</font><br><br>对不起,本站不允许从外部提交数据","系统出错信息"
exit sub
end if
end if
if userSign=3 then
sql="select * from ms_gb where gb_id="&gb_id
else
sql="select * from ms_gb where gb_id="&gb_id&" and pass=1"
end if
Set rs=conn.execute(sql)
if not rs.eof and not rs.bof then
if userSign<>3 then
if rs("gb_qqh")=1 then
if ms_userID<>rs("user_id") then
showmsg "<font color=""#ff0000"">此留言为秘密留言,只有管理员和留言者本人才能有权限查看或回复</font><br>","出错信息"
exit sub
else
gb_title=filterKeyWord(rs("gb_title"))
username=filterKeyWord(rs("gb_username"))
gb_date=rs("gb_date")
gb_content=filterKeyWord(rs("gb_content"))
end if
else
gb_title=filterKeyWord(rs("gb_title"))
username=filterKeyWord(rs("gb_username"))
gb_date=rs("gb_date")
gb_content=filterKeyWord(rs("gb_content"))
end if
else
gb_title=filterKeyWord(rs("gb_title"))
username=filterKeyWord(rs("gb_username"))
gb_date=rs("gb_date")
gb_content=filterKeyWord(rs("gb_content"))
end if
else
showmsg "<font color=""#ff0000"">系统返回如下信息:</font><br><br><li>没有此留言,或者此留言已还没有通过审核</li><li><a href=""guestbook.asp"">单击这里返回</a></li>","出错信息"
rs.close
set rs=nothing
exit sub
end if
rs.close
Set rs=nothing
If Request.Form("replayok")<>"" Then
dim replycontent,insql
replycontent=trim(HTMLENCODE(Request.Form("content")))
if strLength(replyContent)<2 or strLength(replyContent)>300 then
showmsg "回复内容不能少于 2 个字符或者多于 300 个字符","出错信息"
exit sub
end if
insql="insert into ms_gb_re(gb_id,re_name,re_date,re_ip,re_content,user_id,user_type) Values("&gb_id&",'"&ms_userName&"',#"&Now()&"#,'"&getIP()&"','"&replycontent&"',"&ms_userID&","&userSign&")"
conn.Execute(insql)
conn.Execute("update ms_gb set pass=1,isreply=1 where gb_id="&gb_id)
Response.Redirect("guestbook.asp")
exit sub
End If
else
response.redirect("guestbook.asp")
end if
%>
<table width="100%" border="0" cellpadding="3" cellspacing="1" class="tableBC">
<tr>
<td width="*" height="24" class="tdT">以下是 <span style="padding-top:4px;height:13px;filter:glow(Color=#F5680A,Strength=2);"><%=username%></span> 于 <%=gb_date%> 的留言:</td>
</tr>
<tr>
<td height="50" valign="middle" class="tdBC" style="word-break:break-all;"><B>主题:</B><%=gb_title%><br><div style="margin:3px;padding:3px;border:1px dashed #c1c1c1;"><B>内容:</B><%=ubbCode(gb_content,0,0,1,1)%></div></td>
</tr>
<tr>
<td height="24" class="tdT">回复此留言:</td>
</tr>
<form Method="post" name="myform" action=<%=Request.ServerVariables("SCRIPT.NAME")%>>
<tr>
<td height="50" valign="top" class="tdBC">
<%=showUBB(1,0)%>
<br>
<textarea name="content" cols="94" class="textkang" rows="8" wrap="VIRTUAL"></textarea></td>
</tr>
<tr>
<td height="24" align="center" class="tdT"><input name="replayok" type="submit" id="replayok" value="回复留言" class="but1" onMouseOver="this.className='but2'" onMouseOut="this.className='but1'">
<input type="reset" name="Submit2" value="清除重写" class="but1" onMouseOver="this.className='but2'" onMouseOut="this.className='but1'"></td>
</tr>
</form>
</table>
<%
End Sub
Sub editreply()
if userSign=3 or session(adminVar)=adminVal then
dim re_id,replaycontent,rs,gb_title,username,gb_date,gb_content,re_content
re_id=Request("re_id")
if isNumeric(re_id)=false then
showmsg "<font color=""#ff0000"">系统返回如下信息:</font><br><br><li>请输入一个正确的整型参数</li>","出错信息"
exit sub
end if
if ms_submit=0 then
if chkIsOut=false then
showmsg "<font color=""#ff0000"">茂盛系统返回如下信息:</font><br><br>对不起,本站不允许从外部提交数据","系统出错信息"
exit sub
end if
end if
If Request.Form("editreplayok")<>"" Then
replycontent=trim(HTMLENCODE(Request.Form("content")))
if strLength(replyContent)<2 or strLength(replyContent)>300 then
showmsg "回复内容不能少于 2 个字符或者多于 300 个字符","出错信息"
exit sub
end if
upsql="update ms_gb_re set re_content='"&replycontent&"' where re_id="&Cint(re_id)
conn.Execute(upsql)
Response.Redirect("guestbook.asp")
exit sub
End If
sql="select * from ms_gb,ms_gb_re where ms_gb_re.re_id="&re_id&" and ms_gb.gb_id=ms_gb_re.gb_id"
Set rs=Server.CreateObject("ADODB.RecordSet")
rs.Open sql,connstr,1,1
if rs.eof and rs.bof then
showmsg "此回复不存在,或者已被删除了","出错信息"
rs.close
set rs=nothing
exit sub
end if
gb_title=rs("gb_title")
username=rs("gb_username")
gb_date=rs("gb_date")
gb_content=rs("gb_content")
re_content=rs("re_content")
rs.close
Set rs=nothing
%>
<table width="100%" border="0" cellpadding="3" cellspacing="1" class="tableBC">
<tr>
<td width="*" height="24" class="tdT">以下是 <span style="padding-top:4px;height:13px;filter:glow(Color=#F5680A,Strength=2);"><%=username%></span> 于 <%=gb_date%> 的留言:</td>
</tr>
<tr>
<td height="50" valign="top" class="tdBC" style="word-break:break-all;"><B>主题:</B><%=gb_title%><br><div style="margin:3px;padding:3px;border:1px dashed #c1c1c1;"><B>内容:</B><%=gb_content%></div></td>
</tr>
<tr>
<td height="24" valign="middle" class="tdT">回复此留言:</td>
</tr>
<form Method="post" name="myform" action="">
<tr>
<td valign="top" class="tdBC">
<input name="re_id" type="hidden" value="<%=re_id%>"><%=showUBB(1,0)%>
<textarea name="content" cols="94" class="textkang" rows="8" wrap="VIRTUAL"><%=(re_content)%></textarea></td>
</tr>
<tr>
<td height="24" align="center" class="tdT">
<input name="editreplayok" type="submit" id="editreplayok" value="编辑回复" class="but1" onMouseOver="this.className='but2'" onMouseOut="this.className='but1'">
<input type="reset" name="Submit2" value="清除重写" class="but1" onMouseOver="this.className='but2'" onMouseOut="this.className='but1'"></td>
</tr>
</form>
</table>
<%
else
response.redirect("guestbook.asp")
end if
End Sub
'---------------------------删除回复-----------------------
Sub deletereply()
if userSign=3 or session(adminVar)=adminVal then
re_id=request.querystring("re_id")
if isNumeric(re_id)=false then
showmsg "<font color=""#ff0000"">系统返回如下信息:</font><br><br><li>请输入一个正确的整型参数</li>","出错信息"
exit sub
end if
conn.execute("delete from ms_gb_re where re_id="&cint(re_id))
response.redirect("guestbook.asp")
exit sub
end if
End Sub
'------------------删除留言--------------------------------
Sub deletegb()
dim gb_id,sql,delgb,delre
gb_id=request.QueryString("gb_id")
if ms_submit=0 then
if chkIsOut=false then
showmsg "<font color=""#ff0000"">茂盛系统返回如下信息:</font><br><br>对不起,本站不允许从外部提交数据","系统出错信息"
exit sub
end if
end if
if userSign=3 or session(adminVar)=adminVal then
sql="delete from ms_gb where gb_id="&Cint(gb_id)
conn.Execute sql,delgb
sql="delete from ms_gb_re where gb_id="&CInt(gb_id)
conn.Execute sql,delre
showmsg "<font color=""#ff0000"">系统返回如下信息:</font><br><br><li>恭喜恭喜,您已成功删除<font color=""#ff0000"">"&delgb&"</font>条留言以及其<font color=""#ff0000"">"&delre&"</font>条回复</li>","操作成功信息"
elseif session(userVar)=userVal then
sql="delete from ms_gb where gb_id="&Cint(gb_id)&" and user_id="&ms_userID&" and isreply=0"
conn.Execute sql,delgb
if delgb=0 then
showmsg "<font color=""#ff0000"">系统返回如下信息:</font><br><br><li>此留言已有回复,您没有权限删除。<br>如要删除,请联系管理员</li>","操作出错"
else
showmsg "<font color=""#ff0000"">系统返回如下信息:</font><br><br><li>恭喜恭喜,您已成功删除<font color=""#ff0000"">"&delgb&"</font>条留言","操作成功信息"
end if
end if
exit sub
End Sub
Sub passed()
if userSign=3 or session(adminVar)=adminVal then
dim sql,ispass,gb_id
gb_id=trim(Request.QueryString("gb_id"))
ispass=trim(Request.QueryString("ispass"))
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -