edit_post_form.asp

简单的asp论坛源码系统,很适用于初学者!界面简洁,功能齐全

<% @ Language=VBScript %>
<% Option Explicit %>
<!--#include file="common.asp" -->
<!--#include file="functions/functions_edit_post.asp" -->
<!--#include file="includes/emoticons_inc.asp" -->
<%
'****************************************************************************************
'**  Copyright Notice    
'**
'**  Web Wiz Forums(TM)
'**  http://www.webwizforums.com
'**                            
'**  Copyright (C)2001-2008 Web Wiz(TM). All Rights Reserved.
'**  
'**  THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS UNDER LICENSE FROM 'WEB WIZ'.
'**  
'**  IF YOU DO NOT AGREE TO THE LICENSE AGREEMENT THEN 'WEB WIZ' IS UNWILLING TO LICENSE 
'**  THE SOFTWARE TO YOU, AND YOU SHOULD DESTROY ALL COPIES YOU HOLD OF 'WEB WIZ' SOFTWARE
'**  AND DERIVATIVE WORKS IMMEDIATELY.
'**  
'**  If you have not received a copy of the license with this work then a copy of the latest
'**  license contract can be found at:-
'**
'**  http://www.webwizguide.com/license
'**
'**  For more information about this software and for licensing information please contact
'**  'Web Wiz' at the address and website below:-
'**
'**  Web Wiz, Unit 10E, Dawkins Road Industrial Estate, Poole, Dorset, BH15 4JD, England
'**  http://www.webwizguide.com
'**
'**  Removal or modification of this copyright notice will violate the license contract.
'**
'****************************************************************************************



'*************************** SOFTWARE AND CODE MODIFICATIONS **************************** 
'**
'** MODIFICATION OF THE FREE EDITIONS OF THIS SOFTWARE IS A VIOLATION OF THE LICENSE  
'** AGREEMENT AND IS STRICTLY PROHIBITED
'**
'** If you wish to modify any part of this software a license must be purchased
'**
'****************************************************************************************




'Set the response buffer to true as we maybe redirecting
Response.Buffer = True 

'Make sure this page is not cached
Response.Expires = -1
Response.ExpiresAbsolute = Now() - 2
Response.AddHeader "pragma","no-cache"
Response.AddHeader "cache-control","private"
Response.CacheControl = "No-Store"


'Dimension variables
Dim strMode			'Holds the mode of the page
Dim strMasterForumName		'Holds the main forum name
Dim intMasterForumID		'Holds the main forum ID
Dim intCatID			'Holds the cat ID
Dim strCatName			'Holds the cat name
Dim lngTopicID			'Holds the Topic ID number
Dim strTopicSubject		'Holds the title of the topic
Dim intTopicPriority		'Holds the priority of the topic
Dim lngMessageID		'Holds the message ID to be edited
Dim strQuoteUsername		'Holds the quoters username
Dim lngPostUserID		'Holds the user ID of the user to post the message
Dim blnForumLocked		'Set to true if the forum is locked
Dim blnEmailNotify		'Set to true if the users want to be notified by e-mail of a post
Dim strPostPage 		'Holds the page the form is posted to
Dim intRecordPositionPageNum	'Holds the recorset page number to show the Threads for
Dim strMessage			'Holds the post message
Dim strForumName		'Holds the name of the forum
Dim intIndexPosition		'Holds the idex poistion in the emiticon array
Dim intNumberOfOuterLoops	'Holds the outer loop number for rows
Dim intLoop			'Holds the loop index position
Dim intInnerLoop		'Holds the inner loop number for columns
Dim blnTopicLocked		'Holds if the topic is locked or not
Dim lngPollEditID		'Holds the poll ID to be edited
Dim intPollLoopCounter		'Holds the poll loop counter
Dim strUploadedFiles		'Holds the names of any files or images uploaded
Dim strTopicIcon		'Holds the topic icon
Dim intEventYear		'Holds the year of Calendar event
Dim intEventMonth		'Holds the month of Calendar event
Dim intEventDay			'Holds the day of Calendar event
Dim dtmEventDate		'Holds the Calendar event date
Dim intEventYearEnd		'Holds the year of Calendar event
Dim intEventMonthEnd		'Holds the month of Calendar event
Dim intEventDayEnd		'Holds the day of Calendar event
Dim dtmEventDateEnd		'Holds the Calendar event date


'If the user is user is using a banned IP redirect to an error page
If bannedIP() Then
	'Clean up
	Call closeDatabase()
	
	'Redirect
	Response.Redirect("insufficient_permission.asp?M=IP" & strQsSID3)

End If





'Read in the message ID number to edit
lngMessageID = CLng(Request.QueryString("PID"))
intRecordPositionPageNum = CInt(Request.QueryString("PN"))
lngPollEditID = CLng(Request.QueryString("POLL"))
strMode = "edit"


	
	
	
'Initalise the strSQL variable with an SQL statement to query the database get the message details
strSQL = "SELECT " & strDbTable & "Topic.Topic_ID, " & strDbTable & "Topic.Forum_ID, " & strDbTable & "Topic.Subject, " & strDbTable & "Topic.Icon, " & strDbTable & "Topic.Start_Thread_ID, " & strDbTable & "Topic.Priority, " & strDbTable & "Topic.Locked, " & strDbTable & "Topic.Event_date, " & strDbTable & "Topic.Event_date_end, " & strDbTable & "Thread.Thread_ID, " & strDbTable & "Thread.Author_ID, " & strDbTable & "Thread.Message, " & strDbTable & "Thread.Message_date " & _
"FROM " & strDbTable & "Topic" & strDBNoLock & ", " & strDbTable & "Thread" & strDBNoLock & ", " & strDbTable & "Author" & strDBNoLock & " " & _
"WHERE (" & strDbTable & "Topic.Topic_ID = " & strDbTable & "Thread.Topic_ID AND " & strDbTable & "Thread.Author_ID = " & strDbTable & "Author.Author_ID) AND " & strDbTable & "Thread.Thread_ID=" & lngMessageID & ";"
	
'Query the database
rsCommon.Open strSQL, adoCon 
	
	
'Read in the details from the recordset
blnTopicLocked = CBool(rsCommon("Locked"))
lngTopicID = CLng(rsCommon("Topic_ID"))
intForumID = CInt(rsCommon("Forum_ID"))
lngPostUserID = CLng(rsCommon("Author_ID"))
strTopicSubject = rsCommon("Subject")
strTopicIcon = rsCommon("Icon")
intTopicPriority = CInt(rsCommon("Priority"))
strMessage = rsCommon("Message")
dtmEventDate = rsCommon("Event_date")
dtmEventDateEnd = rsCommon("Event_date_end")


'Clean up input to prevent XXS hack
strTopicSubject = formatInput(strTopicSubject)

'If this is the first post in the topic then allow the editor to edit the topic subject etc. as well
If rsCommon("Start_Thread_ID") = rsCommon("Thread_ID") Then strMode = "editTopic"
	
'If we are editing a poll change the mode
If rsCommon("Start_Thread_ID") = rsCommon("Thread_ID") AND lngPollEditID > 0 Then strMode = "editPoll"
	

'Clean up
rsCommon.Close	


'Split the start date of event into the various parts
If isDate(dtmEventDate) Then
	intEventYear = Year(dtmEventDate)
	intEventMonth = Month(dtmEventDate)
	intEventDay = Day(dtmEventDate)
End If

'Split the end date of event into the various parts
If isDate(dtmEventDateEnd) Then
	intEventYearEnd = Year(dtmEventDateEnd)
	intEventMonthEnd = Month(dtmEventDateEnd)
	intEventDayEnd = Day(dtmEventDateEnd)
End If




'Check the forum permissions

'Initalise the strSQL variable with an SQL statement to query the database
 strSQL = "" & _
 "SELECT" & strDBTop1 & " " & strDbTable & "Category.Cat_ID, " & strDbTable & "Category.Cat_name, " & strDbTable & "Forum.Forum_ID, " & strDbTable & "Forum.Sub_ID, " & strDbTable & "Forum.Forum_name, " & strDbTable & "Forum2.Forum_name AS Main_forum, " & strDbTable & "Forum.Password, " & strDbTable & "Forum.Forum_code, " & strDbTable & "Forum.Locked, " & strDbTable & "Forum.Show_topics, " & strDbTable & "Permissions.* " & _
 "FROM " & strDbTable & "Category" & strDBNoLock & ", " & strDbTable & "Forum" & strDBNoLock & ", " & strDbTable & "Forum AS " & strDbTable & "Forum2" & strDBNoLock & ", " & strDbTable & "Permissions" & strDBNoLock & " " & _
 "WHERE " & strDbTable & "Category.Cat_ID=" & strDbTable & "Forum.Cat_ID " & _
 	"AND " & strDbTable & "Forum.Forum_ID=" & strDbTable & "Permissions.Forum_ID " & _
 	"AND (" & strDbTable & "Forum.Sub_ID=" & strDbTable & "Forum2.Forum_ID OR (" & strDbTable & "Forum.Sub_ID=0 AND " & strDbTable & "Forum.Forum_ID=" & strDbTable & "Forum2.Forum_ID)) " & _
 	"AND " & strDbTable & "Forum.Forum_ID=" & intForumID & " " & _
 	"AND (" & strDbTable & "Permissions.Author_ID=" & lngLoggedInUserID & " OR " & strDbTable & "Permissions.Group_ID=" & intGroupID & ") " & _
 "ORDER BY " & strDbTable & "Forum.Sub_ID, " & strDbTable & "Forum.Forum_Order, " & strDbTable & "Permissions.Author_ID DESC" & strDBLimit1 & ";"

'Query the database
rsCommon.Open strSQL, adoCon

'If there is a record returned by the recordset then check to see if you need a password to enter it
If NOT rsCommon.EOF Then

	'Read in forum details from the database
	intCatID = CInt(rsCommon("Cat_ID"))
	strCatName = rsCommon("Cat_name")
	strForumName = rsCommon("Forum_name")
	strMasterForumName = rsCommon("Main_forum")
	intMasterForumID = CLng(rsCommon("Sub_ID"))
	blnForumLocked = CBool(rsCommon("Locked"))
	
	'Read in the forum permissions
	blnRead = CBool(rsCommon("View_Forum"))
	blnEdit = CBool(rsCommon("Edit_posts"))
	blnPriority = CBool(rsCommon("Priority_posts"))
	blnPollCreate = CBool(rsCommon("Poll_create"))
	blnVote = CBool(rsCommon("Vote"))
	blnModerator = CBool(rsCommon("Moderate"))
	blnCheckFirst = CBool(rsCommon("Display_post"))
	blnEvents = CBool(rsCommon("Calendar_event"))

	'If the user has no read writes then kick them
	If blnRead = False Then
		
		'Reset Server Objects
		rsCommon.Close
		Call closeDatabase()

		'Redirect to a page asking for the user to enter the forum password
		Response.Redirect("insufficient_permission.asp" & strQsSID1)
	End If


	'If the forum requires a password and a logged in forum code is not found on the users machine then send them to a login page
	If rsCommon("Password") <> "" AND (getCookie("fID", "Forum" & intForumID) <> rsCommon("Forum_code") AND getSessionItem("Forum" & intForumID) <> rsCommon("Forum_code")) Then

		'Reset Server Objects
		rsCommon.Close