📄 addly.jsp
字号:
<%@ page contentType="text/html; charset=gb2312" language="java" import="java.sql.*"%>
<%@ include file="inc/config.jsp"%>
<%@ include file="inc/style.jsp"%>
<jsp:useBean id="HTMLFilter" scope="page" class="dreamtime.guestbook.HTMLFilter"/>
<jsp:useBean id="FaceFilter" scope="page" class="dreamtime.guestbook.FaceFilter"/>
<jsp:useBean id="UbbCode" scope="page" class="dreamtime.guestbook.UbbCode"/>
<%
/*******************************************************************
* *
* 梦想年华 JSP 版留言本 *
* *
* 版权所有: wsp.hniuca.net *
* ` CopyRight 2005-2006 DreamTime All Rights Reserved *
* *
* 程序制作: [梦想年华] *
* Email:fanwsp@126.com *
* QQ:122142023 *
* HomePage:http://wsp.hniuca.net *
* *
* 郑重申明:该程序仅提个人用户免费使用,未经本人同意, *
* 严禁用于商业用途! *
* *
*********************************************************************/
%>
<%
String action = request.getParameter("action");
if(action!=null && action.equals("add"))
{
String Page1 = (String)request.getHeader("Referer"); //得到页面地址来源
String Page2 = request.getRequestURL().toString(); //得到当前页面地址
String methon = request.getMethod();
if (methon.equals("POST") && Page2.equals(Page1))
{
request.setCharacterEncoding("gb2312"); //设置编码方式为gb2312
String Name=request.getParameter("Name"); //依次取得表彰输入的信息
String QQ=request.getParameter("QQ");
String Mail=request.getParameter("Mail");
String HomePage=request.getParameter("HomePage");
String ComeFrom=request.getParameter("ComeFrom");
Ip = request.getRemoteAddr(); //得到客户端Ip地址
String Time = NowTime; //得到留言时间,NowTime为当前时间变量
String Title=request.getParameter("Title");
String Content=request.getParameter("Content");
String Face = request.getParameter("Face");
String Sex = request.getParameter("Sex");
String Secret = request.getParameter("Secret");
String Validate = "Yes";
try{
sql = "select * from lockip where LockIP='" + Ip + "'";
rs = stmt.executeQuery(sql);
//out.println(sql);
if(rs.next())
{
serror = "非法的IP地址,可能已被管理员封了IP,请与管理员联系!";
session.setAttribute("error",serror);
session.setAttribute("url","index.jsp");
response.sendRedirect("error.jsp");
return;
}
}catch(SQLException e){
//out.println(e.getMessage());
session.setAttribute("error",error2);
session.setAttribute("url","addly.jsp");
response.sendRedirect("error.jsp");
return;
}
if(Name == null || Name.equals("") || Title == null || Title.equals("") || Content == null || Content.equals("") || Content.length() > LybMaxByte)
{
out.println("<br><br><br><p><table width=\"640\" border=\"1\" align=\"center\"><tr height=\"25\"><td>");
out.println("<div align=\"center\" class=\"info\"><br>用 户 名不能为空!<br>留言主题不能为空!<br>留言内容不能为空!");
out.println("<br><br>留言内容不能大于" + LybMaxByte +"个字符!<br><br>请仔细核对您的输入!<br>");
out.println("<br><a href=\"#\" onClick=\"javascript:history.go(-1);\">返回</a><br></div></td></tr></table>");
return;
}
Name = CheckReplace(Name);
Title = CheckReplace(Title);
if(Name.indexOf(AdminName) != -1 || Name.indexOf("版主") != -1 || Name.indexOf("管理员") != -1)
{
out.println("<br><br><br><p><table width=\"640\" border=\"1\" align=\"center\"><tr height=\"25\"><td>");
out.println("<div align=\"center\" class=\"info\"><br>请注意:<br>为了防止一般用户冒充版主留言<br>");
out.println("留言者不能使用版主的名称,也不能包含“版主”和“管理员”等字符!<br>");
out.println("<br><a href=\"#\" onClick=\"javascript:history.go(-1);\">返回</a><br></div></td></tr></table>");
return;
}
if(Name.equals(AdminUid)) Name = "版主 [" + AdminName + "]";
if(isValidate) Validate = "No";
if(Face==null || Face.equals("")) Face="04";
QQ = CheckReplace(QQ);
Mail = CheckReplace(Mail);
HomePage = CheckReplace(HomePage);
ComeFrom = CheckReplace(ComeFrom);
HTMLFilter.setSource(Content);
HTMLFilter.run();
Content=HTMLFilter.getResult();
UbbCode.setSource(Content);
UbbCode.run();
Content=UbbCode.getResult();
FaceFilter.setSource(Content);
FaceFilter.run();
Content=FaceFilter.getResult();
try{
sql = "insert into guestbook (Name,QQ,Mail,ComeFrom,Ip,UpdateTime,Sex,HomePage,Face,Title,Content,Secret,Validate) values (";
sql += "'" + Name + "',";
sql += "'" + QQ + "',";
sql += "'" + Mail + "',";
sql += "'" + ComeFrom + "',";
sql += "'" + Ip + "',";
sql += "'" + Time + "',";
sql += "'" + Sex + "',";
sql += "'" + HomePage + "',";
sql += "'" + Face + "',";
sql += "'" + Title + "',";
sql += "'" + Content + "',";
sql += "'" + Secret + "',";
sql += "'" + Validate + "')";
//out.println(sql);
stmt.executeUpdate(sql);
stmt.close();
DBConn.close();
}catch(SQLException e){
//out.println(e.getMessage());
session.setAttribute("error",error2);
session.setAttribute("url",sPage);
response.sendRedirect("error.jsp");
return;
}
out.println("<SCRIPT LANGUAGE='JavaScript'>alert('留言成功!');location.href='index.jsp';</SCRIPT>");
}
else
{
serror = "非法递交留言,请到添加留言页面进行留言!";
session.setAttribute("error",serror);
session.setAttribute("url",sPage);
response.sendRedirect("error.jsp");
out.println(methon);
return;
}
}
%>
<html>
<head>
<title><%=LybTitle%> - 添加留言</title>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<SCRIPT src="inc/ubbcode.js"></SCRIPT>
<SCRIPT src="inc/post.js"></SCRIPT>
</head>
<%=TopInfo(false)%>
<br>
<body>
<table width="640" border="0" align="center" cellspacing="1">
<tr>
<td align="center" valign="middle"><div align="center">
<form name="form" method="post" onSubmit="return Check()" action="addly.jsp">
<table width="640" border="1" align="center" cellpadding="6" cellspacing="1" style="border-collapse:collapse">
<tr>
<td height="25" colspan="4" background="images/bg<%=LybSkin%>.gif">
<div align="center"> </div>
<div align="center"><span class="title">添加留言</span></div> </td>
</tr>
<tr>
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -