📄 qqsetup.asp
字号:
<!--#include file="conn.asp"-->
<!--#include file="aspcs.asp"-->
<!--#include file="Inc/Function.asp"-->
<%
'=========================================================
'
'产品名称:良精科技 公司(企业)网站管理系统(简称:liangjing.net)
'版权所有: liangjing.net
'程序制作:liangjing.net开发团队
'Copyright 2003-2006 liangjing.net - All Rights Reserved.
'
'========================================================
%>
<%
Dim StarTime,Style_Copy
Dim AdminName
startime=timer()
AdminName=replace(session("AdminName"),"'","")
if AdminName="" then
call CloseConn()
%>
<script language='javascript'>top.location='Login.asp';</script>
<%
' response.redirect "login.asp"
end if
%>
<!-- -->
<%
sub htmlend
%>
<p align=center>良精软件科技有限公司</p>
<%
end sub
%>
<script language=javascript src=../inc/mouse_on_title.js></script>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
</head>
<BODY>
<!-- #include file="Inc/Head.asp" -->
<%
Dim connQQstr
connQQstr = "Provider=MICROSOFT.JET.OLEDB.4.0;DATA SOURCE="&SERVER.MAPPATH("../QQ/QQ.mdb")
Set connQQ=server.CreateObject("adodb.connection")
connQQ.Open connQQstr
action=request("ok")
call aspsql()
if action="" then
Set rs = connQQ.Execute("select * from QQsetup")
%>
<table width="98%" border="1" style="border-collapse: collapse; border-style: dotted; border-width: 0px" bordercolor="#333333" cellspacing="0" cellpadding="2">
<form action=QQsetup.asp method=post name=setup>
<tr class=backs><td colspan=2 class=td height=18>在线咨询设置 </td></tr>
<tr><td width=20% align=right>“在线咨询”状态 </td>
<td >
<input type="radio" name="qqonline" value="1" <%if rs("qqonline")=1 then%>checked<%end if%>>显示
<input type="radio" name="qqonline" value="0" <%if rs("qqonline")=0 then%>checked<%end if%>>隐藏
</td></TR>
<tr><td width=20% align=right>显示位置 </td>
<td >
<input type="radio" name="whereqq" value="1" <%if rs("whereqq")=1 then%>checked<%end if%>>左侧
<input type="radio" name="whereqq" value="0" <%if rs("whereqq")=0 then%>checked<%end if%>>右侧 <img src=../images/admin/memo.gif alt="建议放在右侧"></td></TR>
<tr><td width=20% align=right>客服QQ号 </td><td > <input type=text value="<%=rs("adm_qq")%>" size=35 name="adm_qq" maxlength="50" size=50> <img src=../images/admin/memo.gif alt="请填QQ号<br>多个QQ号用西文逗号隔开<br>注意:QQ号应与下面的昵称一一对应"> </td></TR>
<tr><td width=20% align=right>客服QQ对应昵称 </td><td > <input type=text value="<%=rs("adm_qq_name")%>" size=35 name="adm_qq_name" maxlength="50" size=50> <img src=../images/admin/memo.gif alt="请填QQ昵称<br>多个昵称用西文逗号隔开<br>注意:昵称应与上面的QQ号一一对应"> </td></TR>
<tr><td width=20% align=right>请选择头像 </td>
<td>
<table width=50% border=0>
<tr><td><input type="radio" name="qqskin" value="1" <%if rs("qqskin")=1 then%>checked<%end if%>>在线:</td><td><img src=../images/qq/qqon1.gif border=0> </td><td> 离线:</td><td><img src=../images/qq/qqoff1.gif border=0> <img src=../images/admin/memo.gif alt="上面所填QQ昵称较长时<br>请使用第一种小头像<br>否则会超过窗口宽度"></td></tr>
<tr><td><input type="radio" name="qqskin" value="2" <%if rs("qqskin")=2 then%>checked<%end if%>>在线:</td><td><img src=../images/qq/qqon2.gif border=0> </td><td> 离线: </td><td> <img src=../images/qq/qqoff2.gif border=0> </td></tr>
<tr><td><input type="radio" name="qqskin" value="3" <%if rs("qqskin")=3 then%>checked<%end if%>>在线:</td><td><img src=../images/qq/qqon3.gif border=0> </td><td> 离线: </td><td> <img src=../images/qq/qqoff3.gif border=0> </td></tr>
<tr><td><input type="radio" name="qqskin" value="4" <%if rs("qqskin")=4 then%>checked<%end if%>>在线:</td><td><img src=../images/qq/qqon4.gif border=0> </td><td> 离线: </td><td> <img src=../images/qq/qqoff4.gif border=0> </td></tr>
<tr><td><input type="radio" name="qqskin" value="5" <%if rs("qqskin")=5 then%>checked<%end if%>>在线:</td><td><img src=../images/qq/qqon5.gif border=0> </td><td> 离线: </td><td> <img src=../images/qq/qqoff5.gif border=0> </td></tr>
</table>
</td></TR>
<tr><td width=20% align=right>请选择样式 </td>
<td >
<input type="radio" name="kefuskin" value="1" <%if rs("kefuskin")=1 then%>checked<%end if%>>样式一 <input type="radio" name="kefuskin" value="2" <%if rs("kefuskin")=2 then%>checked<%end if%>>样式二 <input type="radio" name="kefuskin" value="3" <%if rs("kefuskin")=3 then%>checked<%end if%>>样式三 <input type="radio" name="kefuskin" value="4" <%if rs("kefuskin")=4 then%>checked<%end if%>>样式四 <input type="radio" name="kefuskin" value="5" <%if rs("kefuskin")=5 then%>checked<%end if%>>样式五 <a href=../images/help/qq.gif target=_blank><img src=../images/admin/memo.gif border=0 alt="点击预览效果"></a>
</td></TR>
<tr><td width=20% align=right>在线提示语 </td><td >
<TEXTAREA NAME="qqmsg_on" ROWS="3" COLS="34" style="overflow:auto;"><%=rs("qqmsg_on")%></TEXTAREA> <img align=top src=../images/admin/memo.gif alt="客服在线时,鼠标指向头像或昵称<br>会显示这句个性化提示语<br>换行请加〈br〉。"></td></tr>
<tr><td width=20% align=right>离线提示语 </td><td >
<TEXTAREA NAME="qqmsg_off" ROWS="3" COLS="34" style="overflow:auto;"><%=rs("qqmsg_off")%></TEXTAREA> <img align=top src=../images/admin/memo.gif alt="客服离线时,鼠标指向头像或昵称<br>会显示这句个性化提示语<br>换行请加〈br〉。"></td></tr>
<tr><td width=20% align=right>客服MSN号 </td><td > <input type=text value="<%=rs("Msn")%>" size=35 name="Msn" maxlength="50" size=50> <img src=../images/admin/memo.gif alt="请填MSN号<br>多个MSN号用西文逗号隔开<br>注意:QQ号应与下面的昵称一一对应"> </td></TR>
<tr><td width=20% align=right>客服MSN对应昵称 </td><td > <input type=text value="<%=rs("Msn_name")%>" size=35 name="Msn_name" maxlength="50" size=50> <img src=../images/admin/memo.gif alt="请填MSN昵称<br>多个昵称用西文逗号隔开<br>注意:昵称应与上面的QQ号一一对应"> </td></TR>
<tr><td colspan=2 width="568" ><INPUT name="ok" TYPE="hidden" value="ok"><INPUT name=action TYPE="submit" value="保存设置"> </td></tr>
</form>
</table>
<%
rs.close
set rs=nothing
connQQ.close
set connQQ=Nothing
end If
%>
<%
if action="ok" Then
if request.form("qqonline")="" or request.form("whereqq")="" then
response.write "<script language='javascript'>"
response.write "alert('出错了,资料填写不完整或有错误!');"
response.write "location.href='javascript:history.go(-1)';"
response.write "</script>"
response.end
end if
if request.form("qqonline")=1 then
if trim(request.form("adm_qq"))="" or trim(request.form("qqmsg_on"))="" or trim(request.form("qqmsg_off"))="" then
response.write "<script language='javascript'>"
response.write "alert('出错了,资料填写不完整或有错误!');"
response.write "location.href='javascript:history.go(-1)';"
response.write "</script>"
response.end
end if
end if
if request.form("adm_qq_name")<>"" and request.form("adm_qq")<>"" then
adm_qq_name=replace(request.form("adm_qq_name"),",",",")
adm_qq=replace(request.form("adm_qq"),",",",")
Msn_name=replace(request.form("Msn_name"),",",",")
Msn=replace(request.form("Msn"),",",",")
if UBound(split(adm_qq_name,","))<> UBound(split(adm_qq,",")) then
response.write "<script language='javascript'>"
response.write "alert('出错了,客服QQ号与其昵称未一一对应!');"
response.write "location.href='javascript:history.go(-1)';"
response.write "</script>"
response.end
end if
if UBound(split(Msn_name,","))<> UBound(split(Msn,",")) then
response.write "<script language='javascript'>"
response.write "alert('出错了,客服Msn号与其昵称未一一对应!');"
response.write "location.href='javascript:history.go(-1)';"
response.write "</script>"
response.end
end if
end if
Set rs=Server.CreateObject("ADODB.Recordset")
sql="select * from QQsetup"
rs.open sql,connQQ,1,3
rs("qqonline")=request.form("qqonline")
rs("whereqq")=request.form("whereqq")
if request.form("qqonline")=1 then
rs("kefuskin")=request.form("kefuskin")
rs("qqskin")=request.form("qqskin")
qqmsg_off=replace(trim(request.form("qqmsg_off")),"'","")
qqmsg_off=replace(qqmsg_off,""","")
rs("qqmsg_off")=qqmsg_off
qqmsg_on=replace(trim(request.form("qqmsg_on")),"'","")
qqmsg_on=replace(qqmsg_on,""","")
rs("qqmsg_on")=qqmsg_on
rs("adm_qq")=replace(request.form("adm_qq"),",",",")
rs("adm_qq_name")=replace(request.form("adm_qq_name"),",",",")
rs("Msn")=replace(request.form("Msn"),",",",")
rs("Msn_name")=replace(request.form("Msn_name"),",",",")
if request.form("adm_qq_name")="" then rs("adm_qq_name")=replace(request.form("adm_qq"),",",",")
end if
rs.update
url="QQsetup.asp"
rs.close
set rs=nothing
connQQ.close
set connQQ=nothing
response.write "<script language='javascript'>"
response.write "alert('操作成功,您设置的信息已保存!');"
response.write "location.href='"&url&"';"
response.write "</script>"
end If
Function msg(msgstr)
Response.Write msgstr
Response.End
End Function
sub aspsql()
SQL_injdata = "'|;|and|exec|insert|select|delete|update|count|*|%|chr|mid|master|truncate|char|declare"
SQL_inj = split(SQL_Injdata,"|")
If Request.Form<>"" Then
For Each Sql_Post In Request.Form
For SQL_Data=0 To Ubound(SQL_inj)
if instr(Request.Form(Sql_Post),Sql_Inj(Sql_DATA))>0 Then
response.write "<script language='javascript'>"
response.write "alert('网站安全提示:请不要在参数中包含非法字符!');"
response.write "location.href='javascript:history.go(-1)';"
response.write "</script>"
response.end
end if
next
next
end if
If Request.QueryString<>"" Then
For Each SQL_Get In Request.QueryString
For SQL_Data=0 To Ubound(SQL_inj)
if instr(Request.QueryString(SQL_Get),Sql_Inj(Sql_DATA))>0 Then
response.write "<script language='javascript'>"
response.write "alert('网站安全提示:请不要在参数中包含非法字符!');"
response.write "location.href='javascript:history.go(-1)';"
response.write "</script>"
response.end
end if
next
Next
end If
end sub
%>
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -