📄 edit_post.asp
字号:
<% @ Language=VBScript %>
<% Option Explicit %>
<!--#include file="common.asp" -->
<!--#include file="functions/functions_send_mail.asp" -->
<!--#include file="functions/functions_format_post.asp" -->
<!--#include file="includes/emoticons_inc.asp" -->
<%
'****************************************************************************************
'** Copyright Notice
'**
'** Web Wiz Forums(TM)
'** http://www.webwizforums.com
'**
'** Copyright (C)2001-2008 Web Wiz(TM). All Rights Reserved.
'**
'** THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS UNDER LICENSE FROM 'WEB WIZ'.
'**
'** IF YOU DO NOT AGREE TO THE LICENSE AGREEMENT THEN 'WEB WIZ' IS UNWILLING TO LICENSE
'** THE SOFTWARE TO YOU, AND YOU SHOULD DESTROY ALL COPIES YOU HOLD OF 'WEB WIZ' SOFTWARE
'** AND DERIVATIVE WORKS IMMEDIATELY.
'**
'** If you have not received a copy of the license with this work then a copy of the latest
'** license contract can be found at:-
'**
'** http://www.webwizguide.com/license
'**
'** For more information about this software and for licensing information please contact
'** 'Web Wiz' at the address and website below:-
'**
'** Web Wiz, Unit 10E, Dawkins Road Industrial Estate, Poole, Dorset, BH15 4JD, England
'** http://www.webwizguide.com
'**
'** Removal or modification of this copyright notice will violate the license contract.
'**
'****************************************************************************************
'*************************** SOFTWARE AND CODE MODIFICATIONS ****************************
'**
'** MODIFICATION OF THE FREE EDITIONS OF THIS SOFTWARE IS A VIOLATION OF THE LICENSE
'** AGREEMENT AND IS STRICTLY PROHIBITED
'**
'** If you wish to modify any part of this software a license must be purchased
'**
'****************************************************************************************
'Set the response buffer to true as we maybe redirecting
Response.Buffer = True
'If in demo mode redirect
If blnDemoMode Then
Call closeDatabase()
Response.Redirect("insufficient_permission.asp?M=DEMO" & strQsSID3)
End If
'Dimension variables
Dim blnEmailNotify 'Set to true if the users want to be notified by e-mail of a post
Dim strMessage 'Holds the Users Message
Dim lngMessageID 'Holds the message ID number
Dim strMode 'Holds the mode of the page so we know whether we are editing, updating, or new topic
Dim lngTopicID 'Holds the topic ID number
Dim strSubject 'Holds the subject
Dim blnSignature 'Holds wether a signature is to be shown or not
Dim intPriority 'Holds the priority of tipics
Dim intReturnPageNum 'Holds the page number to return to
Dim strReturnCode 'Holds the code if the post is not valid and we need to return to forum without posting
Dim strPollQuestion 'Holds the poll question
Dim blnMultipleVotes 'Set to true if multiple votes are allowed
Dim blnPollReply 'Set to true if users can't reply to a poll
Dim saryPollChoice() 'Array to hold the poll choices
Dim intPollChoice 'Holds the poll choices loop counter
Dim strBadWord 'Holds the bad words
Dim strBadWordReplace 'Holds the rplacment word for the bad word
Dim lngPollID 'Holds the poll ID number
Dim blnForumLocked 'Set to true if the forum is locked
Dim blnTopicLocked 'Set to true if the topic is locked
Dim strGuestName 'Holds the name of the guest if it is a guest posting
Dim lngStartThreadID 'Holds the thread ID of the first post in the topic to use for security checking
Dim saryFileUploads 'Holds the names of the files uploaded
Dim objFSO 'Holds the file system object
Dim intLoop 'Loop counter
Dim strTopicIcon 'Holds the topic icon for the message
Dim dtmEventDate 'Holds the Calendar event date
Dim dtmEventDateEnd 'Holds the Calendar event date
'Initalise variables
lngPollID = 0
blnForumLocked = False
blnTopicLocked = False
'If the user has not logged in then redirect them to the main forum page
If lngLoggedInUserID = 0 OR blnActiveMember = False OR blnBanned Then
'Clean up
Call closeDatabase()
'Redirect
Response.Redirect("default.asp" & strQsSID1)
End If
'******************************************
'*** Check IP address ***
'******************************************
'If the user is user is using a banned IP redirect to an error page
If bannedIP() Then
'Clean up
Call closeDatabase()
'Redirect
Response.Redirect("insufficient_permission.asp?M=IP" & strQsSID3)
End If
'******************************************
'*** Read in form details ***
'******************************************
'Read in user deatils from the post message form
strMode = Trim(Mid(Request.Form("mode"), 1, 10))
intForumID = CInt(Request.Form("FID"))
lngTopicID = CLng(Request.Form("TID"))
strSubject = Trim(Mid(Request.Form("subject"), 1, 50))
strMessage = Request.Form("Message")
lngMessageID = CLng(Request.Form("PID"))
blnEmailNotify = CBool(Request.Form("email"))
blnSignature = CBool(Request.Form("signature"))
intPriority = CInt(Request.Form("priority"))
strTopicIcon = Request.Form("icon")
'If the user is in a guest then get there name
If lngLoggedInUserID = 2 Then strGuestName = Trim(Mid(Request.Form("Gname"), 1, 20))
'Read in Calendar event date
If Request.Form("eventDay") <> 0 AND Request.Form("eventMonth") <> 0 AND Request.Form("eventYear") <> 0 Then
dtmEventDate = internationalDateTime(DateSerial(Request.Form("eventYear"), Request.Form("eventMonth"), Request.Form("eventDay")))
End If
'Read in event end date
If Request.Form("eventDayEnd") <> 0 AND Request.Form("eventMonthEnd") <> 0 AND Request.Form("eventYearEnd") <> 0 Then
dtmEventDateEnd = internationalDateTime(DateSerial(Request.Form("eventYearEnd"), Request.Form("eventMonthEnd"), Request.Form("eventDayEnd")))
'If the end date is before the start date don't add it to the database
If dtmEventDate => dtmEventDateEnd OR dtmEventDate = "" Then dtmEventDateEnd = null
End If
'******************************************
'*** Get permissions *****
'******************************************
'Get the forum permissions from the topic being posted in and also check if the topic is locked and who posted the topic
strSQL = " " & _
"SELECT" & strDBTop1 & " " & strDbTable & "Forum.Password, " & strDbTable & "Forum.Forum_code, " & strDbTable & "Forum.Locked AS ForumLocked, " & strDbTable & "Forum.Password, " & strDbTable & "Topic.Locked AS TopicLocked, " & strDbTable & "Topic.Poll_ID, " & strDbTable & "Topic.Start_Thread_ID, " & strDbTable & "Permissions.* " & _
"FROM " & strDbTable & "Forum" & strDBNoLock & ", " & strDbTable & "Topic" & strDBNoLock & ", " & strDbTable & "Permissions" & strDBNoLock & " " & _
"WHERE " & strDbTable & "Forum.Forum_ID=" & strDbTable & "Topic.Forum_ID " & _
"AND " & strDbTable & "Forum.Forum_ID = " & strDbTable & "Permissions.Forum_ID " & _
"AND " & strDbTable & "Topic.Topic_ID = " & lngTopicID & " " & _
"AND (" & strDbTable & "Permissions.Author_ID=" & lngLoggedInUserID & " OR " & strDbTable & "Permissions.Group_ID = " & intGroupID & ") " & _
"ORDER BY " & strDbTable & "Permissions.Author_ID DESC" & strDBLimit1 & ";"
'Query the database
rsCommon.Open strSQL, adoCon
'Check the forum permissions
If NOT rsCommon.EOF Then
'Get forum ID
intForumID = CInt(rsCommon("Forum_ID"))
'If this isn't the first post in the topic then it is just a plain edit and NOT a poll or topic subject edit!!
If lngMessageID <> CLng(rsCommon("Start_Thread_ID")) Then strMode = "edit"
'Get the POLL ID if there is a poll to be edited
If strMode = "editPoll" Then lngPollID = CLng(rsCommon("Poll_ID"))
'See if the topic is locked if this is not the admin
If blnAdmin = False Then blnTopicLocked = CBool(rsCommon("TopicLocked"))
'See if the forum is locked if this is not the admin
If blnAdmin = False Then blnForumLocked = CBool(rsCommon("ForumLocked"))
'Read in the forum permissions
blnRead = CBool(rsCommon("View_Forum"))
blnEdit = CBool(rsCommon("Edit_posts"))
blnPriority = CBool(rsCommon("Priority_posts"))
blnPollCreate = CBool(rsCommon("Poll_create"))
blnModerator = CBool(rsCommon("Moderate"))
blnEvents = CBool(rsCommon("Calendar_event"))
'If this is a modertor then make sure they have edit rights
If blnAdmin OR blnModerator Then blnEdit = true
'If this in not an admin or moderator set the priority to 0
If (blnAdmin = false OR blnModerator = false) AND blnPriority = false Then intPriority = 0
'If the user has no read or edit rights then kick them
If blnRead = False OR blnEdit = False Then
'Reset Server Objects
rsCommon.Close
Call closeDatabase()
'Redirect to a page asking for the user to enter the forum password
Response.Redirect("insufficient_permission.asp" & strQsSID1)
End If
'If the forum requires a password and a logged in forum code is not found on the users machine then send them to a login page
If rsCommon("Password") <> "" AND (getCookie("fID", "Forum" & intForumID) <> rsCommon("Forum_code") AND getSessionItem("Forum" & intForumID) <> rsCommon("Forum_code")) Then
'Reset Server Objects
rsCommon.Close
Call closeDatabase()
'Redirect to a page asking for the user to enter the forum password
Response.Redirect("forum_password_form.asp?FID=" & intForumID & strQsSID3)
End If
'If this is the admin or moderator then set the post to be displayed
If blnAdmin OR blnModerator Then blnCheckFirst = false
End If
'Clean up
rsCommon.Close
'*****************************************************
'*** Redirect if the forum or topic is locked ****
'*****************************************************
'If the forum or topic is locked then don't let the user post a message
If blnForumLocked OR blnTopicLocked Then
'Clean up
Call closeDatabase()
'Redirect to error page
If blnForumLocked Then
Response.Redirect("not_posted.asp?mode=FLocked" & strQsSID3)
Else
Response.Redirect("not_posted.asp?mode=TClosed" & strQsSID3)
End If
End If
'******************************************
'*** Get return page details *****
'******************************************
'If there is no number must be a new post
If Request.Form("PN") = "" Then
intReturnPageNum = 1
Else
intReturnPageNum = CInt(Request.Form("PN"))
End If
'calcultae which page the tread is posted on
If Request.Form("ThreadPos") <> "" Then
'If the position in the topic is on next page add 1 to the return page number
If CInt(Request.Form("ThreadPos")) > (intThreadsPerPage * intReturnPageNum) Then
intReturnPageNum = intReturnPageNum + 1
End If
End If
'********************************************
'*** Clean up and check in form details ***
'********************************************
'If there is no subject or message then don't post the message as won't be able to link to it
If strSubject = "" AND (strMode = "editTopic" OR strMode = "poll") Then strReturnCode = "noSubject"
If Trim(strMessage) = "" OR Trim(strMessage) = "<P> </P>" OR Trim(strMessage) = "<br>" OR Trim(strMessage) = "<br>" & vbCrLf Then strReturnCode = "noSubject"
'Place format posts posted with the WYSIWYG Editor (RTE)
If Request.Form("browser") = "RTE" Then
'Call the function to format WYSIWYG posts
strMessage = WYSIWYGFormatPost(strMessage)
'Else standrd editor is used so convert forum codes
Else
'Call the function to format posts
strMessage = FormatPost(strMessage)
End If
'If the user wants forum codes enabled then format the post using them
If Request.Form("forumCodes") Then strMessage = FormatForumCodes(strMessage)
'Check the message for malicious HTML code
strMessage = HTMLsafe(strMessage)
'Get rid of scripting tags in the subject
strSubject = removeAllTags(strSubject)
'strSubject = formatInput(strSubject) 'This is manily for XSS and is now done when displayed in the forum for improved searching
'If the user is in a guest then clean up their username to remove malicious code
If lngLoggedInUserID = 2 Then
strGuestName = formatSQLInput(strGuestName)
strGuestName = formatInput(strGuestName)
End If
'If topic icons then clean up any input
If blnTopicIcon Then
'If the topic icon is not selected don't fill the db with crap and leave field empty
If strTopicIcon = strImagePath & "blank_smiley.gif" Then strTopicIcon = ""
'Clean up user input
strTopicIcon = formatInput(strTopicIcon)
strTopicIcon = removeAllTags(strTopicIcon)
End If
'********************************************
'*** Read in poll details (if Poll) ***
'********************************************
'If this is a poll then read in the poll details
If strMode = "editPoll" AND lngPollID > 0 Then
'Read in poll question and multiple votes
strPollQuestion = Trim(Mid(Request.Form("pollQuestion"), 1, 70))
blnMultipleVotes = CBool(Request.Form("multiVote"))
blnPollReply = CBool(Request.Form("pollReply"))
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -