reply_post.asp

留言薄系统

<!--#INCLUDE FILE="config.asp" -->
<%
     UserName=Request.Form("UserName")
	 password=request.Form("password")
	 pic=request.Form("pic")
	 secret=request.Form("secret")
	 id3=request.Form("id2")
	 content=request.Form("content")
	 replydate=now
	 IPinfo = Request.servervariables("REMOTE_ADDR")
	 lastname=UserName
	 if request.Form("all")=1 then
	 sex=Request.Form("sex")
     Face=Request.Form("Face")
	 Email=Request.Form("Email")
     HomePage=Trim(Request.Form("HomePage"))
	 qq=request.Form("qq")
	 else
	 sex="1"
     Face="face/1.gif"
	 Email=""
     HomePage=""
	 qq="" 
	 end if
	 if secret<>1 then secret=0
	dim strSiteUrl
Set rs1=server.createobject("ADODB.RECORDSET")
rs1.open "Select * From option1" ,Conn,3,3

	content=replace(content,vbCrLf,"<br>")
	content=replace(content," ","&nbsp;")
	content=replace(content,"'","""")


if session("keeptime")="" then 
	session("keeptime")=now
else if (dateDiff("s",session("keeptime"),now)<=rs1("inputtime")) and ((session("admin")<>1) or (session("admin")<>2)) then 
	response.Redirect("error.asp?info=请不要灌水")
else session("keeptime")=now
end if
end if

Dim serchIP
Dim strB
strB=rs1("killIP")
if strB<>"" then 
	serchIP=Split(strB,",")
	for i=0 to ubound(serchIP)
		if IPinfo=serchIP(i) then response.Redirect "error.asp?info=系统已经禁止了你的发言！"
	next
end if

Dim arrayx
Dim strA
strtemp=content
strA=rs1("killword")
if strA<>"" then
arrayx=Split(strA,",")
for i=0 to ubound(arrayx)
strtemp=replace(strtemp,arrayx(i),"***")
next
end if
if strtemp<>content then
	if rs1("stopword") then
		rs1("killIP")=rs1("killIP")&","&IPinfo
		rs1.update
	end if
end if
content=strtemp
	 if homepage="http://" then homepage="" 
      Set rs=server.createobject("ADODB.RECORDSET")
	  rs.open "Select * From register where username='" & request("username")& "'",Conn,3,3
	  if (username<>"") and (password<>"") and (not rs.eof) then
	  if (rs("username")=username) and (rs("password")=password) then
	  	homepage=rs("homepage")
	  	Email=rs("mail")
		qq=rs("qq")
		rs("counts")=rs("counts")+1
		rs.update
	  end if
	  end if
	  if (rs.eof) and (rs1("register")) then response.Redirect("error.asp?info=未注册用户不能留言")
	  if not (rs.eof or rs.bof) then
	  	if rs("password")<>password then response.Redirect "error.asp?info=用户名已注册，密码错误！"     
	  else
	  if password<>"" then
	  	rs.close
      	set rs=nothing
		sql="Insert Into register (username,password,mail,homepage,face,sex,counts,qq)  Values('"& UserName&"','"& password&"','"&email&"','"&homepage&"','"&face&"','"&sex&"',1,'"&qq&"')"
	  	conn.Execute sql
		cookiePath=request.servervariables("path_info")
		cookiePath=left(cookiePath,instrRev(cookiePath,"/"))
		response.cookies("ly").Path=cookiePath
		response.cookies("ly")("useridname")=username
		response.cookies("ly")("useridpassword")=password
	  end if
   end if
	sql="Insert Into reply (ID,replyname,replycontent,replydate,ip,face,mail,HomePage,pic,secret,qq)  Values('"&ID3&"','"& UserName &"','"& content &"','"& replydate&"','"& IPinfo&"','"& face&"','"& Email&"','"& HomePage&"','"& pic&"',"& secret&",'"&qq&"')"
	conn.Execute sql 
      Set rs1=server.createobject("ADODB.RECORDSET")
	  rs1.open "Select * from guest where ID="&ID3 ,Conn,2,3
rs1("lastdate")=replydate
rs1("hf")=rs1("hf")+1
rs1("lastname")=username
rs1.update
response.redirect "reply_post_ok.asp?id="&ID3
%>