guest_save.asp

留言薄系统

<!--#INCLUDE FILE="config.asp" -->
<%
     UserName      =Request.Form("UserName")
	 password=request.Form("password")
	 Email      =Request.Form("Email")
     HomePage      =Trim(Request.Form("HomePage"))
	 qq=request.Form("qq")
	 sex   	   =Request.Form("sex")
     Face          =Request.Form("Face")
     Subject       =Request.Form("Subject")
	 pic=request.Form("pic")
	 secret=request.Form("secret")
	 if secret<>1 then secret=0
     content       =Request.Form("content")
	 content=replace(content,vbCrLf,"<br>")
	 content=replace(content," ","&nbsp;")
	 content=replace(content,"'","""")
	 level=request.Form("level1")
	 IPinfo = Request.servervariables("REMOTE_ADDR")
     bookdate =now
Set rs1=server.createobject("ADODB.RECORDSET")
rs1.open "Select * From option1" ,Conn,3,3

if session("keeptime")="" then 
	session("keeptime")=now
else if dateDiff("s",session("keeptime"),now)<=rs1("second1") then 
	response.Redirect("error.asp?info=请不要灌水")
else session("keeptime")=now
end if
end if

Dim serchIP
Dim strB
strB=rs1("killIP")
if strB<>"" then 
	serchIP=Split(strB,",")
	for i=0 to ubound(serchIP)
		if IPinfo=serchIP(i) then response.Redirect "error.asp?info=系统已经禁止了你的留言！"
	next
end if

Dim arrayx
Dim strA
strtemp=content
strtemp1=Subject
strA=rs1("killword")
if strA<>"" then 
arrayx=Split(strA,",")
for i=0 to ubound(arrayx)
strtemp=replace(strtemp,arrayx(i),"***")
strtemp1=replace(strtemp1,arrayx(i),"***")
next
end if
if (strtemp<>content) or (strtemp1<>Subject) then
	if rs1("stopword") then
		rs1("killIP")=rs1("killIP")&","&IPinfo
		rs1.update
	end if
end if
content=strtemp
Subject=strtemp1

	 if homepage="http://" then homepage="" 
      Set rs=server.createobject("ADODB.RECORDSET")
	  rs.open "Select * From register where username='" & request("username") ,Conn,3,3
	  if (username<>"") and (password<>"") and (not rs.eof) then
	  if (rs("username")=username) and (rs("password1")=password) then
	  	homepage=rs("homepage")
	  	Email=rs("mail")
		qq=rs("qq")
		rs("count1")=rs("count1")+1
		rs.update
	  end if
	  end if
      if (rs.eof) and (rs1("register")) then response.Redirect("error.asp?info=未注册用户不能留言")
	  if not (rs.eof or rs.bof) then 
	  	if rs("password1")<>password then response.Redirect "error.asp?info=用户名已注册，密码错误！"     
	  else
	    if password<>"" then
	  	rs.close
      	set rs=nothing
		sql="Insert Into register (username,password1,mail,homepage,face,sex,count1,qq)  Values('"& UserName&"','"& password&"','"&email&"','"&homepage&"','"&face&"','"&sex&"',1,'"&qq&"')"
	  	conn.Execute sql
		cookiePath=request.servervariables("path_info")
		cookiePath=left(cookiePath,instrRev(cookiePath,"/"))
		response.cookies("ly").Path=cookiePath
		response.cookies("ly")("useridname")=username
		response.cookies("ly")("useridpassword")=password
		end if
	  end if

	 sql="Insert Into guest (username,face,sex,homepage,mail,subject,content,IP,lydate,lastdate,pic,secret,qq)  Values('"& UserName &"','"& Face &"','"& sex &"','"& HomePage &"', '"& Email &"','"& Subject &"','"&content &"','"& IPinfo &"','"& bookdate &"','"& bookdate &"','"& pic &"',"& secret &",'"&qq&"')"
	 conn.Execute sql
	 Set rs=server.createobject("ADODB.RECORDSET")
	 rs.open "Select * From guest" ,Conn,1,1
	 rs.movelast
	 id=rs("id")
     response.Redirect "guest_save_ok.asp?id="&id
	 rs.close
	 set rs=nothing
conn.close
set conn=nothing
%>