guest_input.asp

留言薄系统

<!--#INCLUDE FILE="config.asp"-->
<!--#INCLUDE FILE="ubbcode.asp"-->
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<title>写新留言</title>
<link href="1.css" rel="stylesheet" type="text/css">
</head>
  <SCRIPT language=javascript>
function  save_onclick()
{
  document.form.Content.value=editor.HtmlEdit.document.body.innerHTML; 
  var strTemp = document.form.subject.value;
  if (strTemp.length == 0 )
  {
      alert("请输入留言标题！");
      document.form.subject.focus();
      return false;
  }
  var strTemp = document.form.UserName.value;
  if (strTemp.length == 0 )
  {
      alert("请输入用户名！");
      document.form.UserName.focus();
      return false;
  }
  var strTemp = document.form.Content.value;
  if (strTemp.length == 0 )
  {
      alert("请填写留言内容！");
      return false;
  }
  return true;
}
function  save_onclick1()
{
  var strTemp = document.form.subject.value;
  if (strTemp.length == 0 )
  {
      alert("请输入留言标题！");
      document.form.subject.focus();
      return false;
  }
  var strTemp = document.form.UserName.value;
  if (strTemp.length == 0 )
  {
      alert("请输入用户名！");
      document.form.UserName.focus();
      return false;
  }
  var strTemp = document.form.Content.value;
  if (strTemp.length == 0 )
  {
      alert("请填写留言内容！");
      return false;
  }
  return true;
}
</SCRIPT>
<body onkeydown="if(event.keyCode==13 && event.ctrlKey) if(save_onclick1())document.form.submit()">
<table border=0 width=100% align=center>
  <tr> 
    <td width="100%" align=center> 
      <!--#INCLUDE FILE="top.asp"-->  </tr>
  <tr> 
    <td align=center><hr size=1 width=100% noshade color=#C0C0C0></tr>
</table>
<%
if request.Form<>"" then
Set rs1=server.createobject("ADODB.RECORDSET")
rs1.open "Select * From option1" ,Conn,3,3
     UserName      =Request.Form("UserName")
	 password=request.Form("password")
	 Email      =Request.Form("Email")
     HomePage      =Trim(Request.Form("HomePage"))
	 qq=request.Form("qq")
	 sex   	   =Request.Form("sex")
     Face          =Request.Form("Face")
     Subject       =Request.Form("Subject")
	 pic=request.Form("pic")
	 secret=request.Form("secret")
	 if secret<>1 then secret=0
     content=Request.Form("content")
	dim strSiteUrl
	strSiteUrl=request.ServerVariables("HTTP_REFERER")
	strSiteUrl=lcase(left(strSiteUrl,instrrev(strSiteUrl,"/")))
	Content=ubbcode(replace(Content,strSiteUrl,""))
	 content=replace(content,"'","""")
	 		content=replace(content,vbCrLf,"<br>")
		content=replace(content," ","&nbsp;")
	 level=request.Form("levels")
	 IPinfo = Request.servervariables("REMOTE_ADDR")
     bookdate =now

if session("keeptime")="" then 
	session("keeptime")=now
else if dateDiff("s",session("keeptime"),now)<=rs1("inputtime") then 
	response.Redirect("error.asp?info=请不要灌水")
else session("keeptime")=now
end if
end if

Dim serchIP
Dim strB
strB=rs1("killIP")
if strB<>"" then 
	serchIP=Split(strB,",")
	for i=0 to ubound(serchIP)
		if IPinfo=serchIP(i) then response.Redirect "error.asp?info=系统已经禁止了你的发言！"
	next
end if

Dim arrayx
Dim strA
strtemp=content
strtemp1=Subject
strA=rs1("killword")
if strA<>"" then 
arrayx=Split(strA,",")
for i=0 to ubound(arrayx)
strtemp=replace(strtemp,arrayx(i),"***")
strtemp1=replace(strtemp1,arrayx(i),"***")
next
end if
if (strtemp<>content) or (strtemp1<>Subject) then
	if rs1("stopword") then
		rs1("killIP")=rs1("killIP")&","&IPinfo
		rs1.update
	end if
end if
content=strtemp
Subject=strtemp1

	 if homepage="http://" then homepage="" 
      Set rs=server.createobject("ADODB.RECORDSET")
	  rs.open "Select * From register where username='" & request("username")& "'",Conn,3,3
	  if (username<>"") and (password<>"") and (not rs.eof) then
	  if (rs("username")=username) and (rs("password")=password) then
	  	homepage=rs("homepage")
	  	Email=rs("mail")
		qq=rs("qq")
		rs("counts")=rs("counts")+1
		rs.update
	  end if
	  end if
      if (rs.eof) and (rs1("register")) then response.Redirect("error.asp?info=未注册用户不能留言")
	  if not (rs.eof or rs.bof) then 
	  	if rs("password")<>password then response.Redirect "error.asp?info=用户名已注册，密码错误！"     
	  else
	    if password<>"" then
	  	rs.close
      	set rs=nothing
		sql="Insert Into register (username,password,mail,homepage,face,sex,counts,qq)  Values('"& UserName&"','"& password&"','"&email&"','"&homepage&"','"&face&"','"&sex&"',1,'"&qq&"')"
	  	conn.Execute sql
		cookiePath=request.servervariables("path_info")
		cookiePath=left(cookiePath,instrRev(cookiePath,"/"))
		response.cookies("ly").Path=cookiePath
		response.cookies("ly")("useridname")=username
		response.cookies("ly")("useridpassword")=password
		end if
	  end if

	 sql="Insert Into guest (username,subject,content,IP,lydate,lastdate,pic,secret,lastname)  Values('"& UserName &"','"& Subject &"','"&content &"','"& IPinfo &"','"& bookdate &"','"& bookdate &"','"& pic &"',"& secret &",'——')"
	 conn.Execute sql
	 Set rs=server.createobject("ADODB.RECORDSET")
	 rs.open "Select * From guest",Conn,1,1
	 rs.movelast
	 id=rs("id")
	response.Redirect "guest_save_ok.asp?id="&id
	 rs.close
	 set rs=nothing
conn.close
set conn=nothing
response.end
end if
 Set rs=server.createobject("ADODB.RECORDSET")
   rs.open "Select * From option1",Conn,3,3
%>
<table border=0 width=100% align=center>
  <tr>
    <td width="3%" align=lift><font color="#FF0000">&nbsp;</font></td>
    <td width="8%" align=lift><a href="<%if session("list")=0 then%>default.asp<%else%>default1.asp<%end if%>">留言首页</a></td>
    <td width="89%" align=right>
      <!--#INCLUDE FILE="link.asp"-->
    </td>
</table>
<form action="" method="POST" name="form" id="form" >
  <input type="hidden" name="form" value="SaveData">
  <input type="hidden" name="D_Date" value="<%=cstr(now())%>">
  <div align="center">
  <table width="100%" border="1" cellpadding="5" cellspacing="1" bgcolor="#E6F2FF" style="border-collapse: collapse" bordercolor="#000000" >
    <tr >
      <td colspan="2" bordercolorlight="#000000" bordercolordark="#C0C0C0">
        <p align="center"><strong>写新留言</strong> </td>
    </tr>
    <tr class="table001">
      <td width="220" align="center"><div align="left"><strong>用户名：<br>
      </strong>用户名长度限制为0－10字符</div></td>
      <td height="28" align="center"><div align="left"><font color="#00FF00">
          <input name="UserName" type="text" class="input1" value="<%=session("useridname")%>" size="15">
      </font></div></td>
    </tr>
	<%if session("useridname")="" then%>
    <tr class="table001">
      <td width="220" align="center"><div align="left"><strong>性别：<br>
      </strong>请选择您的性别</div></td>
      <td height="28" align="center"><div align="left"><font color="#FFFFFF">
          <select name="sex" size="1" id="select">
            <option value="1" selected>男</option>
            <option value="0">女</option>
          </select>
</font></div></td>
    </tr>
	<%end if%>
    <tr class="table001">
      <td width="220" align="center"><div align="left"><strong>密码：<br>
      </strong>请输入密码，区分大小写 </div></td>
      <td height="28" align="center"><div align="left">
          <input name="password" type="password" class="input1" id="password3" value="<%=session("useridpassword")%>" size="15">
<%if session("useridname")="" then%>
          <%if rs("register") then%>
必填