📄 syscode_book.asp
字号:
<%
'****************************************************
dim page,action,action_e
action = Request.QueryString("action")
action_e = Request.Form("action_e")
hx_Inf = split(hx_In,"|")
If Request.Form<>"" Then
For Each hx_Post In Request.Form
For hx_Xh=0 To Ubound(hx_Inf)
If Instr(LCase(Request.Form(hx_Post)),hx_Inf(hx_Xh))<>0 Then
Response.Write "<Script Language=JavaScript>alert('对不起,你发表的内容中包含系统禁止字符!');javascript :history.back();</Script>"
Response.End
End If
Next
Next
End If
Select Case action_e
Case ""
Case "Add_New"
if int(request("VerifyCode"))<>int(Session("GetCode")) then
Response.Write("<script language=javascript>alert('请输入正确的认证码!');window.document.location.href='book.asp?action=Add_New';</script>")
Response.End
else
Call Add_New_Execute()
end if
Case "Edit"
if session("adminlogin")<>sessionvar then
Response.write "<script language = 'javascript'>alert('您还未登陆管理,无法进行编辑留言!');window.document.location.href='book.asp';</script>"
Response.End
else
Call Edit_Execute()
end if
End Select
Sub Main_Menu()
Response.Write " <a href='?action=Add_New'>·添加留言</a> <a href='?action=View_Words'>·查看留言</a> "
End Sub
'=================================================
'过程名:content_book
'作 用:显示留言相关操作内容
'参 数:无
'Web: www.ynsky.com.cn
'=================================================
sub content_book()
Select Case action
Case ""
Call View_Words()
Case "Add_New"
Call Add_New()
Case "Edit"
Call Edit()
Case "View_Words"
Call View_Words()
Case "Delete"
if session("adminlogin")<>sessionvar then
Response.write "<script language = 'javascript'>alert('您还未登陆管理,无法删除留言!');window.document.location.href='book.asp';</script>"
Response.End
else
Call Delete()
Call View_Words()
end if
End Select
End Sub
'=================================================
'过程名:pattern_book
'作 用:留言模式
'参 数:无
'Web: www.ynsky.com.cn
'=================================================
Sub pattern_book()
Response.Write "<TABLE width='100%' cellSpacing=0 cellPadding=0 border=0 align='center'>" & vbCrLf
Response.Write "<tr><td>" & vbCrLf
Response.Write "<div style=""LINE-HEIGHT: 180%"">" & vbCrLf
Response.Write " <font color=#FF0000>·</font><a href='book.asp?action=Add_New'>签写留言</a> <font color=#FF0000>·</font><a href='book.asp'>查看留言</a>" & vbCrLf
if Commentbook="会员" then
Response.Write "<br> <font color=#FF0000>·</font>留言模式:会员模式" & vbCrLf
Else
Response.Write "<br> <font color=#FF0000>·</font>留言模式:游客模式" & vbCrLf
end if
if bookpass="yes" then
dim dsbook:dsbook=conn.execute("select count(*) from words where admin=2")(0)
Response.Write "<br> <font color=#FF0000>·</font>发表模式:审核发表" & vbCrLf
Response.Write "<br> <font color=#FF0000>·</font>待审留言:<font color=#FF0000>"&dsbook&" </font>条" & vbCrLf
Else
Response.Write "<br> <font color=#FF0000>·</font>发表模式:直接发表" & vbCrLf
end if
Response.Write "<br>" & vbCrLf
Response.Write "</div>" & vbCrLf
Response.Write "</td></tr>" & vbCrLf
Response.Write "</TABLE>" & vbCrLf
End Sub
'=================================================
'过程名:Add_New_Execute
'作 用:留言发表
'参 数:无
'Web: www.ynsky.com.cn
'=================================================
Sub Add_New_Execute()
server_v1=Cstr(Request.ServerVariables("HTTP_REFERER"))
server_v2=Cstr(Request.ServerVariables("SERVER_NAME"))
if mid(server_v1,8,len(server_v2))<>server_v2 then
Response.Write("<script language=javascript>alert('你提交的路径有误,禁止从站点外部提交数据请不要乱改参数!');this.location.href='index.asp';</script>")
response.end
end if
If Request.Form("zt")="" Then
Response.Write "<script language=javascript>alert('主题不能为空!');javascript:history.back();</script>"
Response.End
End If
If Len(Request.Form("zt"))>10 Then
Response.Write "<script language=javascript>alert('你的主题太长了!');javascript:history.back();</script>"
Response.End
End If
If Request.Form("name")="" Then
Response.Write "<script language=javascript>alert('姓名不能为空!');javascript:history.back();</script>"
Response.End
End If
If Len(Request.Form("name"))>12 Then
Response.Write "<script language=javascript>alert('你的名字太长了!');javascript:history.back();</script>"
Response.End
End If
If Request.Form("email")<>"" Then
If instr(Request.Form("email"),"@")=0 or instr(Request.Form("email"),"@")=1 or instr(Request.Form("email"),"@")=len(email) then
Response.Write "<script language=javascript>alert('电子信箱格式填写不正确!');javascript:history.back();</script>"
Response.End
End If
End If
If Request.Form("qq")<>"" Then
If Len(Request.Form("qq"))<5 or Len(Request.Form("qq"))>10 or Not IsNumeric(Request.Form("qq")) then
Response.Write "<script language=javascript>alert('QQ号码错误:\n\n① QQ号码只能是数字。\n\n② QQ号码不能低于4位数 \n\n③ QQ号码不能高于10位数\n\n④ 如果你没有QQ号码可以不填!');javascript:history.back();</script>"
Response.End
End If
End If
If Request.Form("words")="" Then
Response.Write "<script language=javascript>alert('留言内容不能为空!');javascript:history.back();</script>"
Response.End
End If
If Request.Form("words")<>"" Then
If Len(Request.Form("words"))<4 or Len(Request.Form("words"))>255 then
Response.Write "<script language=javascript>alert('留言内容错误提示:\n\n① 留言不得低于4个字!\n\n② 留言不得高于255个字,长篇大论请到论坛发表!');javascript:history.back();</script>"
Response.End
End If
End If
Set Rs = Server.CreateObject("ADODB.RecordSet")
Sql="Select * From words"
Rs.Open Sql,Conn,2,3
Rs.AddNew
if Request.Form("name")=webceo then
Rs("name")=noceo
elseif Request.Form("name")=ceopass then
Rs("name")=webceo
else
Rs("name")=CheckStr(Jencode(Request.Form("name")))
End If
Rs("zt")=CheckStr(Request.Form("zt"))
Rs("sex")=CheckStr(Request.Form("sex"))
Rs("qq")=CheckStr(Request.Form("qq"))
Rs("uc")=CheckStr(Request.Form("uc"))
Rs("city")=CheckStr(Request.Form("city"))
Rs("web")=CheckStr(Request.Form("web"))
Rs("email")=CheckStr(Request.Form("email"))
if bookpass="yes" then
Rs("admin")=2
else
Rs("admin")=CheckStr(Request.Form("admin"))
End If
Rs("title")=CheckStr(Request.Form("title"))
Rs("words")=CheckStr(Jencode(Request.Form("words")))
Rs("date")=Now()
Rs("ip")=request.servervariables("remote_addr")
Rs.Update
Rs.Close
Session("GetCode")=""
Set Rs = Nothing
End Sub
'=================================================
'过程名:Edit_Execute
'作 用:留言编辑
'参 数:无
'Web: www.ynsky.com.cn
'=================================================
Sub Edit_Execute()
Set Rs = Server.CreateObject("ADODB.RecordSet")
Sql="Select * From words Where id="&int(Request.Form("id"))
Rs.Open Sql,Conn,2,3
Rs("zt") = CheckStr(Request.Form("zt"))
Rs("words") = CheckStr(Request.Form("words"))
Rs("reply") = CheckStr(Request.Form("reply"))
Rs("admin") = CheckStr(Request.Form("admin"))
Rs("redate") = Now()
Rs.Update
Rs.Close
Set Rs=Nothing
End Sub
'=================================================
'过程名:Delete
'作 用:留言删除
'参 数:无
'Web: www.ynsky.com.cn
'=================================================
Sub Delete()
Conn.Execute("Delete * From words Where id="&int(Request.QueryString("id")))
End Sub
'=================================================
'过程名:Add_New
'作 用:留言发表处理表单
'参 数:无
'Web: www.ynsky.com.cn
'=================================================
Sub Add_New()
Response.Write "<table width='100%' border='1' align='center' cellspacing='0' cellpadding='0' bordercolor='#f0f0f0' style='border-collapse: collapse'>" & vbCrLf
Response.Write "<form name=""form"" method=""post"" action=""book.asp"" onsubmit=""return checkBook();"">" & vbCrLf
if UserLogined=True then
Response.Write "<tr>" & vbCrLf
Response.Write "<td width='80'> 您的姓名:</td>" & vbCrLf
Response.Write "<td width='300'><input type=""hidden"" name=""name"" size=""20"" autocomplete=""off"" value="&Hx66_name&">"&Hx66_name&" " & vbCrLf
if Hx66_sex="男" then
Response.Write "<input type=""hidden"" name=""SEX"" value=""1"" checked>『帅哥』</td>" & vbCrLf
elseif Hx66_sex="女" then
Response.Write "<input type=""hidden"" name=""SEX"" value=""2"" checked>『美女』</td>" & vbCrLf
end if
Response.Write "</tr>" & vbCrLf
Response.Write "<tr>" & vbCrLf
Response.Write "<td> 电子邮箱:</td>" & vbCrLf
Response.Write "<td><input type=""hidden"" name=""email"" size=""20"" value="&Hx66_Email&">"&Hx66_Email&"</td>" & vbCrLf
Response.Write "</tr>" & vbCrLf
Response.Write "<tr>" & vbCrLf
Response.Write "<td> 腾迅 Q Q:</td>" & vbCrLf
Response.Write "<td><input type=""hidden"" name=""qq"" size=""20"" value="&Hx66_QQ&">"&Hx66_QQ&" </td>" & vbCrLf
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -