editsave.asp

有相关的置顶

<!--#include file="conn.asp"-->
<%
  if session("user")=""  then
      response.redirect "login.asp"
	  response.end
  end if

Function GetSafeStr(str)
'	Get1SafeStr = Replace(Replace(Replace(Trim(str), "'", ""), Chr(34), ""), ";", "")
	GetSafeStr = Replace(Replace(Replace(Replace(Replace(str,"'","‘"),"""","“"),"&",""),"<","&lt;"),">","&gt;")
End Function

id=request("id")
gg=request("gg")
bt=GetSafeStr(Request.Form("bt"))
user=GetSafeStr(Request.Form("user"))
email=GetSafeStr(Request.Form("email"))
tx=GetSafeStr(Request.Form("tx"))
qq=GetSafeStr(Request.Form("qq"))
web=GetSafeStr(Request.Form("web"))
nr=GetSafeStr(Request.Form("nr"))
top=request("top")
hf=request("hf")
sh=request("sh")
ip=Request("ip")

set rs=server.createobject("adodb.recordset")
sql="select * from book where id="&id
rs.open sql,conn,1,3
rs("bt")=bt
rs("gg")=gg
rs("nr")=nr
rs("user")=user
rs("tx")=tx
rs("email")=email
rs("qq")=qq
rs("web")=web
rs("hf")=hf
rs("ip")=ip
rs("sh")=sh
rs("top")=top
rs.update
rs.close
set rs=nothing
conn.close  
set conn=nothing
response.write "<script language='javascript'>" & chr(13)
		response.write "alert('修改成功！');" & Chr(13)
		response.write "window.document.location.href='qj.asp';"&Chr(13)
		response.write "</script>" & Chr(13)
Response.End
%>