add.asp

一个用ASP编制的电子留言板

<%@LANGUAGE="VBSCRIPT" CODEPAGE="936"%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<%
response.expires = 0
WhereForm=Request.ServerVariables("HTTP_REFERER")
dim ComeUrl,cUrl
ComeUrl=lcase(trim(request.ServerVariables("HTTP_REFERER")))
if ComeUrl="" then
	response.write "<br><p align=center><font color='red'>对不起，为了系统安全，不允许直接输入地址访问本系统的后台管理页面。</font></p>"
	Response.Write("<br><p align=center><a href=""../index.asp""> 返回到首页</a><br></p>")
	response.end
else
	cUrl=trim("http://" & Request.ServerVariables("SERVER_NAME"))
	if mid(ComeUrl,len(cUrl)+1,1)=":" then
		cUrl=cUrl & ":" & Request.ServerVariables("SERVER_PORT")
	end if
	cUrl=lcase(cUrl & request.ServerVariables("SCRIPT_NAME"))
	if lcase(left(ComeUrl,instrrev(ComeUrl,"/")))<>lcase(left(cUrl,instrrev(cUrl,"/"))) then
		Response.Redirect("../error/index.asp?ID=1") 
		response.end
	end if
end if
  IF Request.Form("name")="" THEN
   Response.Redirect("../error/index.asp?ID=2") 
  ELSEif Request.Form("massage")="" then
    Response.Redirect("../error/index.asp?ID=3") 
   elseif len(Request.Form("massage"))>255 then
    Response.Redirect("../error/index.asp?ID=5")
   elseif Request.Form("keyd")=Request.Form("keye") then 
		if Session("contorkey")=true then
		dim sql
	   Set Conn=Server.CreateObject("ADODB.Connection")
	   Conn.Open "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=" & server.MapPath("../data/system.mdb") & ";Mode=ReadWrite|Share Deny None;Persist Security Info=False"
	   sql="select * from massage"
	   Set rs=Server.CreateObject("ADODB.RecordSet")
		rs.Open sql,conn,3,2
		rs.addnew
		Session("Mnumber")=Session("Mnumber")+1
		Session("Tnumber")=Session("Tnumber")+1
		  rs("Id") = Session("Mnumber")
		  rs("name") = Request.Form("name")
		  rs("qq") =  Request.Form("qq")
		  rs("emill") = Request.Form("emill")
		  rs("web") =  Request.Form("web")
		  rs("face") = Request.Form("face")
		  rs("massage")= Request.Form("massage")
		  rs("m_time")= now()
		  rs("reversion")="管理员还没有回复"
		  rs("r_time")= now()
		 rs.update
		 rs.close
		 conn.close
			  Session("contorkey")=false
		 end if
	 %>
	 <!--#include file="head.asp"-->
	 <table width="768" border="0" align="center" cellspacing="0">
       <tr>
         <td width="38" height="20" background="../img/ad_mqdhl.gif">&nbsp;</td>
         <td width="742" bgcolor="#E8F5E1" class="style2"><span class="style4">当前位置　留言板/添加留言</span></td>
       </tr>
</table>
	 <table width="394" height="79" border="0" align="center" cellpadding="0" cellspacing="0">
       <tr>
         <td width="384">&nbsp;</td>
       </tr>
       <tr>
         <td height="24"><div align="center">谢谢你<% Response.write(Request.Form("name"))%>你已经成功添加留言</div></td>
       </tr>
       <tr>
         <td height="22"><div align="center"><a href="guest.asp">单击此处返回查看留言</a></div></td>
       </tr>
       <tr>
         <td>&nbsp;</td>
       </tr>
     </table>
	 <!--#include file="foot.asp"-->
	 <%

    else
     Response.Redirect("../error/index.asp?ID=4")
    end if

%>