msg_ok.jsp

这是一个用JAVA语言编写的BBS论坛程序

<%
/*
 * Copyright:  Copyright (c) 2004 
 * @author http://hi.baidu.com/lael80*/
%>
<%@ page contentType="text/html; charset=gb2312" errorPage=""%>
<jsp:useBean id="workDB" scope="page" class="javabean.Conn"/>
<jsp:useBean id="workFC" scope="page" class="javabean.Func"/>
<jsp:useBean id="workCK" scope="page" class="javabean.Cookies"/>

<%
try{
  if(Integer.parseInt(workDB.queryData("select UNIX_TIMESTAMP(now())-UNIX_TIMESTAMP(msg_date) from user_msg where msg_author='"+session.getAttribute("u_name")+"' order by msg_id desc limit 1"))<5){
    response.sendRedirect("result.jsp?errcodes="+workFC.GBtoUni("<li>不能在五秒内连续发送留言"));
    return;
  }
}catch(Exception e){}

java.util.Date date=new java.util.Date();
String msg_date=date.toLocaleString();
String user_name=workFC.UnitoGB(request.getParameter("user_name"));
String msg_content=workFC.UnitoGB(request.getParameter("msg_content"));
String errcodes="";
if(!workFC.cNULL(String.valueOf(session.getAttribute("u_name")))){
  response.sendRedirect("result.jsp?errcodes="+workFC.GBtoUni("<li>您还没注册或登录,没权发送留言"));
  return;
}
if(!workFC.cNULL(user_name)){
  errcodes="<li>您没有填写用户名";
}else if(!workFC.CheckStr(user_name)){
 errcodes="<li>您填写的用户名不存在";
}else{
 if(workDB.queryCount("select count(user_id) from user_info where user_name='"+workFC.GBtoUni(user_name)+"'")==0){
   errcodes="<li>您填写的用户名不存在";
 }else if(workFC.GBtoUni(user_name).equals(session.getAttribute("u_name"))){
   errcodes="<li>不能给自己留言";
 }else{ 
   String temp[]=workDB.queryData("select user_baddy from user_info where user_name='"+workFC.GBtoUni(user_name)+"'").split(",");
   for(int i=0;i<temp.length;i++){
      if(temp[i].equals(session.getAttribute("u_name"))){
        errcodes="<li>对方已把您加入黑名单,发送不成功";
        break;
      }
   }
 }  
}

if(!workFC.cNULL(msg_content)){
  errcodes=errcodes+"<li>留言内容不能为0字节";
}else{
  if(!workFC.CheckLen(msg_content,200))errcodes=errcodes+"<li>留言内容不能超过200字节";
}

if(!workFC.cNULL(errcodes)){
 String sql="";
 if(workDB.queryCount("select msg_id from user_msg where user_name='"+workFC.GBtoUni(user_name)+"'")>=200){
   response.sendRedirect("result.jsp?errcodes="+workFC.GBtoUni("<li>对方的收件箱已满,发送失败"));
   return;
 }
 if(workDB.queryCount("select count(msg_id) from user_msg where user_name='"+workFC.GBtoUni(user_name)+"' and msg_content='"+workFC.HtmltoStr(workFC.GBtoUni(msg_content))+"' and msg_author='"+session.getAttribute("u_name")+"'")!=0){
   response.sendRedirect("result.jsp?errcodes="+workFC.GBtoUni("<li>不能发送相同的留言给同一个人"));
   return;
 }
 sql="insert into user_msg(user_name,msg_content,msg_author,msg_date) Values('"+workFC.GBtoUni(user_name)+"','"+workFC.HtmltoStr(workFC.GBtoUni(msg_content))+"','"+session.getAttribute("u_name")+"','"+msg_date+"')";
 workDB.executeUpdate(sql);
 response.sendRedirect("message.jsp?send=1");
}
if(workFC.cNULL(errcodes)){
  response.sendRedirect("result.jsp?errcodes="+workFC.GBtoUni(errcodes));
}
%>