guestbook.asp

一套非常实用的博客源代码,功能全,界面简单易用.

<!--#include file="commond.asp" -->
<!--#include file="include/function.asp" -->
<!--#include file="include/ubbcode.asp" -->
<!--#include file="include/md5code.asp" -->
<!--#include file="header.asp" -->
<table width="780" border="0" align="center" cellpadding="0" cellspacing="0">
  <tr>
    <td width="160" valign="top" bgcolor="#F8F8F8" nowrap><%
	Dim SQLFiltrate,Url_Add,gbAuthor
	gbAuthor=CheckStr(Request.QueryString("memName"))
	Url_Add="?"
	If gbAuthor<>Empty Then
		SQLFiltrate="WHERE gb_Author='"&gbAuthor&"'"
		Url_Add="?memName="&gbAuthor&""
	End If
	Call MemberCenter
	Call SiteInfo
	Call NewCommList
	Call blogSearch%><br>
</td>
    <td width="100%" valign="top" bgcolor="#FFFFFF">
<%
Dim msg_Title,msg_Content
If Request.QueryString("action")="postgb" Then
	If DateDiff("s",Request.Cookies(CookieName)("memLastPost"),Now())<15 Then
		msg_Title="出现错误"
		msg_Content="<a href=""javascript:history.go(-1);"">你发表留言速度太快了，点击返回上一页</a>"
	ElseIf Trim(Request.Form("validatecode"))=Empty Or Trim(Session("L-Blog_ValidateCode"))<>Trim(Request.Form("validatecode")) Then
        msg_Title="出现错误"
        msg_Content="<a href=""javascript:history.go(-1);"">请输入发表评论按钮旁边的验证码框，点击返回上一页</a>"
	Else
		Dim gb_AllreadyMem,gb_AllreadyMemErr
		Set gb_AllreadyMem=Server.CreateObject("ADODB.RecordSet")
		SQL="SELECT mem_Name,mem_Password,mem_Status,mem_LastIP FROM blog_Member WHERE mem_Name='"&CheckStr(Request.Form("gb_memName"))&"'"
		gb_AllreadyMem.Open SQL,znwl,1,3
		SQLQueryNums=SQLQueryNums+1
		IF gb_AllreadyMem.EOF AND gb_AllreadyMem.BOF Then
			gb_AllreadyMemErr=0
		ElseIF gb_AllreadyMem("mem_Password")=MD5(CheckStr(Request.Form("gb_MemPassword"))) Then
			Response.Cookies(CookieName)("memName")=gb_AllreadyMem("mem_Name")
			Response.Cookies(CookieName)("memPassword")=gb_AllreadyMem("mem_Password")
			Response.Cookies(CookieName)("memStatus")=gb_AllreadyMem("mem_Status")
			memName=gb_AllreadyMem("mem_Name")
			gb_AllreadyMem("mem_LastIP")=Guest_IP
			gb_AllreadyMem.Update
			gb_AllreadyMemErr=2
		Else
			gb_AllreadyMemErr=1
		End IF
		gb_AllreadyMem.Close
		Set gb_AllreadyMem=Nothing
		IF CheckStr(Request.Form("message"))=Empty OR CheckStr(Request.Form("gb_memName"))=Empty Then
			msg_Title="出现错误"
			msg_Content="<a href=""javascript:history.go(-1);"">请将必须信息填写完整，点击返回上一页</a>"
		ElseIF Len(CheckStr(Request.Form("gb_memName")))>24 Then
			msg_Title="出现错误"
			msg_Content="<a href=""javascript:history.go(-1);"">用户名长度超过24个字符，12个汉字，点击返回上一页</a>"
		ElseIF Strurls(Request.Form("message"),"[url")>MaxUrl or Strurls(Request.Form("message"),"http://")>MaxHttp then 
                        msg_Title="错误信息"
                        msg_Content="<a href='javascript:history.go(-1);'>对不起，您输入的内容有非法链接，请返回重新输入</a>" 
		ElseIF IsValidUserName(CheckStr(Request.Form("gb_memName")))=False Then
			msg_Title="出现错误"
			msg_Content="<a href=""javascript:history.go(-1);"">用户名中含有非法字符，点击返回上一页</a>"
		ElseIF memName=Empty AND gb_AllreadyMemErr=1 Then
			msg_Title="出现错误"
			msg_Content="<a href=""javascript:history.go(-1);"">对不起，你所使用的用户名已经注册，点击返回上一页</a>"
		Else
			Dim gb_Content,gb_Title,gb_memName,gb_IsPublic
			gb_Content=CheckWordFilter(CheckStr(Request.Form("message")))
			gb_memName=CheckStr(Request.Form("gb_memName"))
			gb_IsPublic=Request.Form("gb_IsPublic")
			IF gb_IsPublic=Empty Then gb_IsPublic=0
			IF memName=Empty And gb_AllreadyMemErr<>2 Then
				Dim gb_SaveMem,gb_MemPassword
				gb_SaveMem=Request.Form("gb_SaveMem")
				gb_MemPassword=MD5(CheckStr(Request.Form("gb_MemPassword")))
				IF gb_SaveMem=1 Then
					znwl.ExeCute("INSERT INTO blog_Member(mem_Name,mem_Password,mem_LastIP) VALUES ('"&gb_memName&"','"&gb_memPassword&"','"&Guest_IP&"')")
					znwl.ExeCute("UPDATE blog_Info SET blog_MemNums=blog_MemNums+1")
					SQLQueryNums=SQLQueryNums+2
					Response.Cookies(CookieName)("memName")=gb_memName
					Response.Cookies(CookieName)("memPassword")=gb_memPassword
					Response.Cookies(CookieName)("memStatus")="Member"
				End IF
				znwl.ExeCute("INSERT INTO blog_Guestbook(gb_Content,gb_Author,gb_IsPublic,gb_PostIP) VALUES ('"&gb_Content&"','"&gb_Memname&"',"&gb_IsPublic&",'"&Guest_IP&"')")
				SQLQueryNums=SQLQueryNums+1
			Else
				znwl.ExeCute("INSERT INTO blog_Guestbook(gb_Content,gb_Author,gb_IsPublic,gb_PostIP) VALUES ('"&gb_Content&"','"&memName&"',"&gb_IsPublic&",'"&Guest_IP&"')")
				SQLQueryNums=SQLQueryNums+1
			End IF
			znwl.ExeCute("UPDATE blog_Member SET mem_PostGBNums=mem_PostGBNums+1 WHERE mem_Name='"&gb_memName&"'")
			znwl.ExeCute("UPDATE blog_Info SET blog_GuestbookNums=blog_GuestbookNums+1")
			SQLQueryNums=SQLQueryNums+2
			Response.Cookies(CookieName)("memLastpost")=Now()
			msg_Title="发表成功"
			msg_Content="<a href='guestbook.asp'>留言发表成功，点击返回，或者3秒后自动返回</a><meta http-equiv='refresh' content='3;url=guestbook.asp'>"
		End If
	End If
	Response.Write("<br><br><center><div class=""msg_head"">"&msg_Title&"</div><div class=""msg_content"">"&msg_Content&"</div></center><br><br>")
ElseIf Request.QueryString("action")="delegb" Then
	IF IsInteger(Request.QueryString("gbID"))=False Then
		msg_Title="出现错误"
		msg_Content="<a href=""javascript:history.go(-1);"">参数出现错误，点击返回上一页</a>"
	Else
		IF Not (memStatus="SupAdmin" OR memStatus="Admin") Then
			msg_Title="出现错误"
			msg_Content="<a href=""javascript:history.go(-1);"">你没有权限删除评论，点击返回上一页</a>"
		Else
			Dim dele_GB
			Set dele_GB=znwl.ExeCute("SELECT gb_ID,gb_Author FROM blog_Guestbook WHERE gb_ID="&CheckStr(Request.QueryString("gbID")))
			SQLQueryNums=SQLQueryNums+1
			IF dele_GB.EOF AND dele_GB.BOF Then
				msg_Title="出现错误"
				msg_Content="<a href=""javascript:history.go(-1);"">没有找到指定留言，点击返回上一页</a>"
			Else
				znwl.ExeCute("UPDATE blog_Info SET blog_GuestbookNums=blog_GuestbookNums-1")
				znwl.ExeCute("UPDATE blog_Member SET mem_PostGBNums=mem_PostGBNums-1 WHERE mem_Name='"&CheckStr(dele_GB("gb_Author"))&"'")
				znwl.Execute("DELETE * FROM blog_Guestbook WHERE gb_ID="&CheckStr(Request.QueryString("gbID")))
				SQLQueryNums=SQLQueryNums+3
				msg_Title="删除成功"
				msg_Content="<a href='guestbook.asp'>留言删除成功，点击返回</a>"
			End IF
			Set dele_GB=Nothing
		End If
	End IF
	Response.Write("<br><br><center><div class=""msg_head"">"&msg_Title&"</div><div class=""msg_content"">"&msg_Content&"</div></center><br><br>")
ElseIf Request.QueryString("action")="replygb" Then
	IF IsInteger(Request.QueryString("gbID"))=False Then
		msg_Title="出现错误"
		msg_Content="<a href=""javascript:history.go(-1);"">参数出现错误，点击返回上一页</a>"
	Else
		IF Not (memStatus="SupAdmin" OR memStatus="Admin") Then
			msg_Title="出现错误"
			msg_Content="<a href=""javascript:history.go(-1);"">你没有权限删除评论，点击返回上一页</a>"
		Else
			If CheckStr(Request.Form("message"))<>Empty Then
				znwl.ExeCute("UPDATE blog_Guestbook SET gb_Reply='"&CheckStr(Request.Form("message"))&"',gb_ReplyAuthor='"&memName&"',gb_ReplyTime='"&Now()&"' WHERE gb_ID="&Request.QueryString("gbID")&"")
				SQLQueryNums=SQLQueryNums+1