📄 index.asp
字号:
<%@LANGUAGE="VBSCRIPT" CODEPAGE="936"%>
<!--#include file="inc/Md5.asp"-->
<%
dbpath = server.mappath("mdb.mdb")
set conn = server.createobject("adodb.connection")
connstr="Provider=Microsoft.Jet.OLEDB.4.0;Data Source="&dbpath
conn.Open connstr
function HTMLEncode(fString)
if not isnull(fString) then
fString = replace(fString, ">", ">")
fString = replace(fString, "<", "<")
fString = Replace(fString, CHR(32), " ")
fString = Replace(fString, CHR(9), " ")
fString = Replace(fString, CHR(34), """)
fString = Replace(fString, CHR(39), "'")
fString = Replace(fString, CHR(13), "")
fString = Replace(fString, CHR(10) & CHR(10), "</p><p> ")
fString = Replace(fString, CHR(10), "<br> ")
HTMLEncode = fString
end if
end function
function UHTMLEncode(fString)
if not isnull(fString) then
fString = Replace(fString, " ", CHR(32))
fString = Replace(fString, " ", CHR(9))
fString = Replace(fString, """, CHR(34))
fString = Replace(fString, "'", CHR(39))
fString = Replace(fString, "", CHR(13))
fString = Replace(fString, "</p><p> ", CHR(10) & CHR(10))
fString = Replace(fString, "<br> ", CHR(10))
HTMLEncode2 = fString
end if
end function
function checkadmin()
if session("Admin")="" then
response.redirect filename&"?action=login"
response.end
end if
end function
action=request.querystring("action")
id=request.querystring("id")
if id<>"" and not isnumeric(id) then
response.write "<script>alert('非法的ID!');this.location.href='index.asp';</SCRIPT>"
response.end
end if
%>
<%
dh=5
maxpagesize=8 '每页显示留言数
Response.Buffer=True
Response.Expires = -1
reply=0
modify=0
errormsg=""
%>
<%
action=request.querystring("action")
select case action
case "userwrite"
if request.form("user")="" then
errormsg=errormsg&"您忘了填写自己的名字了!"&"<p>"
end if
if request.form("content")="" then
errormsg=errormsg&"您没有填写留言信息!"&"<p>"
end if
if request.form("email")="" then
errormsg=errormsg&"您没有填写邮箱!"&"<p>"
end if
verifycode=request.Form("verifycode")
if IsNumeric(verifycode) then verifycode=cint(verifycode) else verifycode=0
if verifycode<>cint(session("numcode")) then
errormsg=errormsg&"验证码输入有误!"&"<p>"
end if
if errormsg="" then
set rs=Server.CreateObject("ADODB.Recordset")
sql="select * from guestbook where User='"&request.form("user")&"'"
rs.open sql,conn,1,3
if not rs.eof then
if rs("pwd")<>md5(request.form("pwd")) then
errormsg=errormsg&"该名字已被保留!"&"<p>"
else
rs.addnew
rs("User")=code(request.form("User"))
rs("email")=code(request.form("email"))
rs("content")=code(request.form("content"))
rs("sex")=code(request.form("sex"))
secret=request.form("secret")
rs("from")=Request.ServerVariables("REMOTE_ADDR")
if secret<>1 then secret=0
rs("secret")=secret
rs("pwd")=md5(request.form("pwd"))
mdate=date()&" "&time()
rs("Mdate")=mdate
rs.update
set rs=nothing
response.Redirect "index.asp"
response.end
end if
else
rs.addnew
rs("User")=code(request.form("User"))
rs("email")=code(request.form("email"))
rs("content")=code(request.form("content"))
rs("sex")=code(request.form("sex"))
secret=request.form("secret")
rs("from")=Request.ServerVariables("REMOTE_ADDR")
if secret<>1 then secret=0
rs("secret")=secret
rs("pwd")=md5(request.form("pwd"))
mdate=date()&" "&time()
rs("Mdate")=mdate
rs.update
set rs=nothing
response.Redirect "index.asp"
response.end
end if
end if
case "delete"
if request.cookies("administrator")="admin" then
MessageID=request.querystring("MessageID")
set rs=Server.CreateObject("ADODB.Recordset")
sql="delete * from guestbook where MessageID="&MessageID&""
rs.open sql,conn,1,3
set rs=nothing
end if
case "reply"
if request.cookies("administrator")="admin" then
reply=1
end if
case "replyok"
if request.cookies("administrator")="admin" then
MessageID=request.querystring("MessageID")
set rs=Server.CreateObject("ADODB.Recordset")
sql="select * from guestbook where MessageID="&MessageID&""
rs.open sql,conn,1,3
rs("Reply")=code_admin(request.form("reply"))
Rdate=date()&" "&time()
rs("Rdate")=Rdate
rs.update
set rs=nothing
end if
case "ontop"
if request.cookies("administrator")="admin" then
MessageID=request.querystring("MessageID")
set rs=Server.CreateObject("ADODB.Recordset")
sql="select * from guestbook where MessageID="&MessageID&""
rs.open sql,conn,1,3
rs("ontop")=code_admin(request.form("ontop"))
rs.update
set rs=nothing
end if
case "modify"
if request.cookies("administrator")="admin" then
modify=1
end if
case "modifyok"
if request.cookies("administrator")="admin" then
MessageID=request.querystring("MessageID")
set rs=Server.CreateObject("ADODB.Recordset")
sql="select * from guestbook where MessageID="&MessageID&""
rs.open sql,conn,1,3
rs("Reply")=code_admin(request.form("reply"))
Rdate=date()&" "&time()
rs("Rdate")=Rdate
rs.update
set rs=nothing
end if
end select
%>
<html>
<head>
<title>清爽留言本V5.0 - POWERED BY 泰州学生网|TZSTUDENT.COM</title>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<link href="inc/css.css" rel="stylesheet" type="text/css">
<script language="JavaScript">
function affirm(url)
{
if (confirm("确定要删除吗?"))
{return location.href=url}
}</script>
</head>
<body bottommargin="0" topmargin="0" leftmargin="0" rightmargin="0">
<% txt=500 '留言的最大字数 %>
<iframe width="760" height="163" border="0" align="center" marginwidth="0" marginheight="0" hspace="0" vspace="0" frameborder="0" scrolling="no" src="../ms/guest_top.asp" allowTransparency="true"></iframe>
<table border=0 cellspacing=0 cellpadding=0 align=center width=400>
<tr valign=top>
<td bgcolor="#F7F7F7">
<table border=0 cellspacing=0 cellpadding=1 align=center width=100%>
<tr>
<td align=center colspan=2><b>签写留言</b></td>
</tr>
<form name="userwrite" method="post" action="?action=userwrite">
<tr>
<td width="60" align="right"><strong>名字:</strong></td>
<td width="380"> <input type=text name="User" size=40 id="User4" class=input value="">
<input name="sex" type="radio" value="男" checked >
男
<input type="radio" name="sex" value="女" >
女 </td>
</tr>
<tr>
<td align="right"><b>密码:</b></td>
<td><input type="password" name="pwd" size=40 id="pwd4" class=input value="">
保留用户</td>
</tr>
<tr>
<td align="right"><b>邮箱:</b></td>
<td><input type=text name="email" size=40 id="email4" class=input value="">
<input name="secret" type="checkbox" id="secret5" value="1" >
悄悄话!</td>
</tr>
<tr>
<td align="right"><b>验证:</b></td>
<td><input maxLength=4 name=verifycode size=40 class=input value="">
<img src="inc/numcode.asp"></td>
</tr>
<tr>
<td colspan="2" align="right"> <table width="345" border=0 cellpadding="0" cellspacing="0">
<tr>
<td align=center height="4"> </td>
</tr>
<tr>
<td>
<textarea name="content" cols="53" rows="6" class=input id="textarea3"
onKeyDown=gbcount(this.form.content,this.form.total,this.form.used,this.form.remain);
onKeyUp=gbcount(this.form.content,this.form.total,this.form.used,this.form.remain);></textarea>
* </td>
</tr>
<tr>
<td height="20">最多字数:
<INPUT disabled maxLength=4 name=total size=3 value=<%=txt%>>
已用字数:
<INPUT disabled maxLength=4 name=used size=3 value=0>
剩余字数:
<INPUT disabled maxLength=4 name=remain size=3 value=<%=txt%>></td>
</tr>
</table></td>
</tr>
<tr align="center" bgcolor=#F7F7F7>
<td height="30" colspan="3">
<input name="Submit2" type="submit" value=" 提 交 " class=input>
</td>
</tr>
</form>
</table></td>
</tr>
<tr height="22">
<td align="center" bgcolor="#e5e5e5"><B>查看留言</B></td>
</tr>
</table>
<%
if errormsg<>"" then
errormsgbox()
response.end
end if
set rs=Server.CreateObject("ADODB.Recordset")
if reply=1 then
sql="select * from guestbook where MessageID="&request.querystring("MessageID")&""
rs.open sql,conn,1,3
guestbookbox(reply)
elseif modify=1 then
sql="select * from guestbook where MessageID="&request.querystring("MessageID")&""
rs.open sql,conn,1,3
guestbookbox(modify)
else
sql="select * from guestbook order by MessageID desc"
rs.open sql,conn,1,3
if not rs.eof then
rs.pagesize=maxpagesize
ipagecount=rs.pagecount
if len(request.querystring("page"))=0 then
curpage=1
else
curpage=cint(request.querystring("page"))
end if
rs.absolutepage=curpage
strurl=""
ii=0
do until rs.eof or ii=maxpagesize
guestbookbox(show)
ii=ii+1
rs.movenext
loop
%>
<table border="0" cellspacing="0" cellpadding="0" align="center" width="400">
<tr align="center">
<td height="28" bgcolor="#E5E5E5">
<% showpagebar ipagecount,curpage,strurl %>
</td>
</tr>
</table>
<% end if
end if
%>
<table width="400" align="center" cellpadding="0" cellspacing="0">
<tr>
<td align="center">
<%
select case action
case "modpassed"
checkadmin
User=htmlencode(request.form("User"))
oldpass=md5(request.form("oldpass"))
newpass=md5(request.form("newpass"))
newpass2=md5(request.form("confirm"))
sub Checkpass(password)
set rs=conn.execute("SELECT * FROM [Admin] WHERE user='"&session("Admin")&"' AND pass='"&password&"'")
if rs.eof then
response.write "<script>alert('旧密码错误!');this.location.href='"&filename&"?action=modpass';</SCRIPT>"
response.end
end if
end sub
Checkpass oldpass
if newpass="" then
response.write "<script>alert('新密码不能为空!');this.location.href='"&filename&"?action=modpass';</SCRIPT>"
response.end
end if
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -