save.asp

更新内容： 1 增加了搜索功能 2 提供了帮助页面 修改若干小问题 管理名称 admin 初始密码：admin-update : added a search function to help pro

<!--#include file="conn.asp"-->
<!--#include file="connip.asp"-->
<!--#include file="inc/char.asp"-->
<!--#include file="inc/const1.asp"-->
<!--#include file="banip.asp"-->
<%
''''''''''''''''''''''''''''''''''''''''''''''''''''''
'          Jimmy中文站留言簿 Version 1.06	     '
'		 http://WWW.LUNJI.COM		     '
'	         Powered by BlueSailor	             '
'	 QQ:428140   E-MAIL: bluesailor@etang.com    '
''''''''''''''''''''''''''''''''''''''''''''''''''''''
%>
<%if session("postnum")=1 then%>    
<meta http-equiv="refresh" content="0;URL=index.asp"> 
<%
connclose()
end if
%>

<% 
    	dim guestname
	dim email
        dim homepage
	dim face
	dim oicq
	dim guestcontent
	dim ip
	dim rs,sql
	dim founderr
	dim errmsg
	dim boardtype
	founderr=false
	call chkinput
sub chkinput()
	guestname=CStr(Replace(guestname,chr(13)&chr(10),""))
	guestname=trim(request("guestname"))
	'#if InStr(LCase(nickname),LCase(jinname))<>0 or
	'#禁止使用的名字

'#################自己写了个版主防假冒

if guestname=admin_name then
  	errmsg=errmsg+"<br>"+"<li>你无权使用版主名"
  	founderr=true
end if
 

if guestname=admin_id then
guestname=admin_name
end if
'#################判断名字长度

if len(request("guestcontent"))>maxlen then
		errmsg=errmsg+"<br>"+"<li>留言内容太多，不要乱灌水。"
		founderr=true
end if

dim namelen,i,zi,ziasc
namelen=0
for i=1 to len(guestname)
 zi=mid(guestname,i,1)
 ziasc=asc(zi)
 if ziasc<0 then
  namelen=namelen+2
 else
  namelen=namelen+1
  if CStr(server.URLEncode(zi))<>CStr(zi) then
  	errmsg=errmsg+"<br>"+"<li>名字非法"
  	founderr=true
  end if
 end if
next
	if guestname="" or namelen>10 or namelen<2 then
		errmsg=errmsg+"<br>"+"<li><font color=red>请重新输入用户名（２－１０个字母，或１－５个汉字）</font>"
		founderr=true
	elseif  server.HTMLEncode(guestname)<>guestname or InStr(guestname," ")<>0 or InStr(guestname," ")<>0 or InStr(guestname,"【")<>0 or InStr(guestname,"】")<>0 or InStr(guestname,"/")<>0 or InStr(guestname,"\")<>0 or InStr(guestname,"_")<>0 or InStr(guestname,"'")<>0 or InStr(guestname,".")<>0 then
		errmsg=errmsg+"<br>"+"<li><font color=red>名含有非法字符！请您去掉 【 　 】 　 / 　 \ 　 _ 　 . 　和空格等字符。</font>"
		founderr=true
	end if
	if request("face")="" then
		face=30
                randomize
                face=Int((face*rnd)+1)
        else face=request("face")
        end if
	
	if  request("email")<>"" then
                if  IsValidEmail(request("email"))=false then
   		errmsg=errmsg+"<br>"+"<li>您的Email有错误。"
   		founderr=true
	        end if
	end if

	if request("oicq")<>"" then
		if chkoicq(request("oicq"))=false then
			errmsg=errmsg+"<br>"+"<li>Oicq号码只能是4-10位数字，您可以选择不输入。"
			founderr=true
		end if
	end if
	if len(request("guestcontent"))<2 then
		errmsg=errmsg+"<br>"+"<li>请认真填写留言内容。"
		founderr=true
else guestcontent=request("guestcontent")
guestcontent=replace(guestcontent," ","&nbsp;")
guestcontent=replace(guestcontent, ">", "&gt;")
guestcontent=replace(guestcontent, "<", "&lt;")
	end if
	ip=Request.ServerVariables("REMOTE_ADDR")
end sub

sub saveuserinfo()

	set rs=server.createobject("adodb.recordset")
	sql="select * from [guest] where id=null"
	rs.open sql,conn,1,3
		rs.addnew
		rs("guestname")=guestname
		if request("from")<>"" then
		rs("from")=(request("from"))
		end if
		if request("email")<>"" then
		rs("email")=(request("email"))
		end if
		if request("homepage")<>"" then
		   if request("homepage")<>"http://" then
		rs("homepage")=(request("homepage"))
		end if
		end if
		if request("oicq")<>"" then
		rs("oicq")=(request("oicq"))
		end if
        rs("guestdate")=NOW()
        rs("ip")=ip   
	rs("face")=face
        rs("guestcontent")=guestcontent
        rs("secretly")=request("secretly")
        rs("comefrom")=getFrom(request.servervariables("remote_addr"))
        rs("sessionid")=session.sessionid
		rs.update
rsclose()
connclose() 
end sub
session("postnum")=1
if founderr=true then
	call error()
else
	call saveuserinfo()
	if founderr=true then
		call error()
	else
response.redirect "index.asp" 
end if
end if
connIpclose()
%>