📄 savereannounce.asp
字号:
<%@ LANGUAGE="VBSCRIPT" %>
<!--#include file="conn.asp"-->
<!-- #include file="inc/char.asp" -->
<!-- #include file="inc/const.asp" -->
<!--#include file="inc/grade.asp"-->
<!--#include file="inc/email.asp"-->
<%
rem ----------------------
rem ------主程序开始------
rem ----------------------
dim UserName
dim userPassword
dim useremail
dim article
dim Topic
dim body
dim FoundError
dim ErrMsg
dim dateTimeStr
dim ParentID
dim UserID
dim newUser
dim RootID
dim iLayer
dim iOrders
dim ip
dim announceid
dim Expression
dim FoundUser
dim boardID,top
dim boardtype
dim signflag
dim mailflag
dim TIME_ADJUST
dim rs
dim sql
dim lockboard
dim skin
dim Email,mailbody
rem ------获取参数------
call getInput()
rem -----检查版面ID的合法性------
dim boardRs
set boardRs=conn.execute("select lockboard from board where boardid=" & boardid)
if boardRs.bof and boardRs.eof then
Errmsg=ErrMsg+"<Br>"+"<li>你要加贴的版面不存在!"
FoundError=true
else
lockboard=boardRs("lockboard")
if lockboard=1 then
Errmsg=ErrMsg+"<Br>"+"<li>本版面不允许回复!"
FoundError=true
end if
if request("skin")="" then
skin=rs("boardskin")
elseif not isInteger(request("skin")) then
skin=0
elseif request("skin")=0 then
skin=0
elseif request("skin")=1 then
skin=1
else
skin=0
end if
end if
boardRs.close
set boardRs=nothing
if err.number<>0 then err.clear
rem -----检查user输入数据的合法性------
call chkData()
if foundError=true then
call Error()
else
call checkUser()
if foundError then
call Error()
else
call saveReAnnounce()
end if
end if
set rs=nothing
call endConnection()
rem ----------------------
rem ------主程序结束------
rem ----------------------
rem 检测用户输入数据
sub checkUser()
set rs=server.createobject("adodb.recordset")
sql="select locktopic from bbs1 where announceid="&cstr(rootid)
rs.open sql,conn,1,1
if not rs.eof and not rs.bof then
if rs("locktopic")=1 then
Errmsg=ErrMsg+"<Br>"+"<li>本主题已经锁定,不能发表回复。"
founderror=true
exit sub
end if
end if
rs.close
sql ="select article,username,userpassword,userclass,lockuser from [user] where username='"&replace(trim(username),"'","''")&"'"
rs.open sql,conn,1,3
if not rs.EOF then
FoundUser=True
end if
if not FoundUser then
Errmsg=ErrMsg+"<Br>"+"<li>本论坛只有<a href=reg.asp>注册用户</a>才能发言!"
founderror=true
elseif UserPassword<>rs("UserPassword") then
ErrMsg=ErrMsg+"<Br>"+"<li>您的密码不正确(可能该名字被他人占用了,请尝试用别的名字)"
foundError=true
elseif rs("lockuser")=1 then
ErrMsg=ErrMsg+"<Br>"+"<li>该用户账号已被锁定,请和管理员联系。"
foundError=true
else
rs("article")=rs("article")+1
session.Contents("username")=UserName
session("password")=UserPassWord
article=rs("article")
if rs("userclass")<>user_level7 and rs("userclass")<>user_level8 and rs("userclass")<>user_level9 then
if rs("article")>=level2_point and rs("article")<level3_point then
if rs("userclass")<>user_level2 then
rs("userclass")=user_level2
rs.update
end if
elseif rs("article")>=level3_point and rs("article")<level4_point then
if rs("userclass")<>user_level3 then
rs("userclass")=user_level3
rs.update
end if
elseif rs("article")>=level4_point and rs("article")<level5_point then
if rs("userclass")<>user_level4 then
rs("userclass")=user_level4
rs.update
end if
elseif rs("article")>=level5_point and rs("article")<level6_point then
if rs("userclass")<>user_level5 then
rs("userclass")=user_level5
rs.update
end if
elseif rs("article")>=level6_point then
if rs("userclass")<>user_level6 then
rs("userclass")=user_level6
rs.update
end if
end if
end if
session("userclass")=rs("userclass")
call activeuser()
rs.update
if lockboard=2 then
if rs("userclass")<>user_level8 and rs("userclass")<>user_level9 and rs("userclass")<>user_level7 then
Errmsg=ErrMsg+"<Br>"+"<li>您没有权限在本版面发布贴子!"
FoundError=true
end if
end if
end if
rs.close
end sub
rem 保存贴子信息
sub saveReAnnounce()
dim rsLayer
set rsLayer=conn.execute("select layer,orders from bbs1 where announceid="&cstr(parentid))
if not(rsLayer.eof and rsLayer.bof) then
if isnull(rsLayer(0)) then
iLayer=0
else
iLayer=rslayer(0)
end if
if isNUll(rslayer(1)) then
iOrders=0
else
iOrders=rsLayer(1)
end if
else
iLayer=0
iOrders=0
end if
rsLayer.close
if rootid<>0 then
iLayer=ilayer+1
conn.execute "update bbs1 set orders=orders+1 where rootid="&cstr(RootID)&" and orders>"&cstr(iOrders)
iOrders=iOrders+1
end if
DateTimeStr=CSTR(NOW()+TIMEADJUST/24)
'ON ERROR RESUME NEXT
dim cmdTemp
dim InsertCursor
dim dataconn
Set DataConn = Server.CreateObject("ADODB.Connection")
dataconn.open connstr
Set cmdTemp = Server.CreateObject("ADODB.Command")
Set InsertCursor = Server.CreateObject("ADODB.Recordset")
cmdTemp.CommandText = "SELECT *, UserName FROM bbs1 WHERE (UserName IS NULL)"
cmdTemp.CommandType = 1
Set cmdTemp.ActiveConnection = DataConn
InsertCursor.Open cmdTemp, , 1, 3
InsertCursor.AddNew
InsertCursor("BoardID") = boardID
InsertCursor("Child") = 0
InsertCursor("ParentID") = ParentID
InsertCursor("UserName") = UserName
InsertCursor("Topic") =Topic
InsertCursor("Body") =Body
InsertCursor("DateAndTime") =DateTimeStr
InsertCursor("hits") =0
InsertCursor("length")=strlength(body)
InsertCurSor("RootID")=RootID
InsertCurSor("layer")=ilayer
InsertCurSor("orders")=iorders
InsertCurSor("ip")=ip
InsertCurSor("Expression")=Expression
InsertCursor("locktopic")=0
InsertCursor("signflag")=signflag
InsertCursor("emailflag")=mailflag
InsertCursor.Update
InsertCursor.MoveLast
announceid=InsertCursor("AnnounceID")
InsertCursor("times")=announceid
InsertCursor.update
InsertCursor.close
dataconn.close
set dataconn=nothing
if err.number<>0 then
err.clear
ErrMsg=ErrMsg+"<Br>"+"<li>数据库操作失败,请以后再试:"&err.Description
call Error()
else
conn.execute "update bbs1 set child=child+1,times="&cstr(announceid)&" where rootID="&cstr(rootID)
conn.execute "update board set lastpostuser='"&username&"',lastposttime='"&DateTimeStr&"',lastbbsnum=lastbbsnum+1 where boardid="&cstr(boardID)
call replyemail()
response.redirect("list.asp?boardid="&boardid&"&skin="&skin&"")
end if
end sub
sub replyemail()
on error resume next
sql="select bbs1.EmailFlag,bbs1.username,[user].userEmail from bbs1,[user] where bbs1.username=[user].username and bbs1.announceid="&cstr(ParentID)
rs.open sql,conn,1,1
if not rs.eof and not rs.bof then
if rs("EmailFlag")=1 then
topic="您在"&ForumName&"发表的文章有人回复了"
email=rs("userEmail")
mailbody=mailbody & ""&rs("username")&",您好:<br>"
mailbody=mailbody & "您在"&ForumName&"发表的文章有人回复了<br>"
mailbody=mailbody & "请到以下地址浏览该贴子内容。<br>"
mailbody=mailbody & "<a href="&Forumurl&"showannounce.asp?boardid="&boardid&"&rootid="&rootid&"&id="&announceid&" target=_blank>查看贴子内容</a>"
if EmailFlag=0 then
elseif EmailFlag=1 then
call jmail(email)
elseif EmailFlag=2 then
call Cdonts(email)
elseif EmailFlag=3 then
call aspemail(email)
end if
if SendMail<>"OK" then
Errmsg=Errmsg+"<br>"+"贴子已经成功保存,回复主题作者的Email发送失败。"
call Error()
end if
end if
end if
rs.close
end sub
sub activeuser()
dim rsactiveusers,activeuser
set rsactiveusers=server.createobject("adodb.recordset")
activeuser="select * from online where username='"&session.contents("username")&"'"
rsactiveusers.open activeuser,conn,1,3
if rsactiveusers.eof and rsactiveusers.bof then
rsactiveusers.addnew
rsactiveusers("id")=Session.SessionID
rsactiveusers("username")=session.contents("username")
rsactiveusers("userclass")=session("userclass")
rsactiveusers("ip")=Request.ServerVariables("REMOTE_HOST")
rsactiveusers("startime")=Now()
rsactiveusers("lastimebk")=Now()
rsactiveusers("lastime")=DateToStr(Now())
rsactiveusers("browser")=Request.ServerVariables("HTTP_USER_AGENT")
rsactiveusers("stats")=Request.ServerVariables("SCRIPT_NAME")
rsactiveusers.update
session("userid")=""
else
rsactiveusers("lastimebk")=Now()
rsactiveusers("lastime")=DateToStr(Now())
rsactiveusers("stats")=Request.ServerVariables("SCRIPT_NAME")
rsactiveusers.update
end if
if session("userid")<>"" then
activeuser="delete from online where id="&cstr(session("userid"))
Conn.Execute activeuser
end if
rsactiveusers.close
set rsactiveusers=nothing
end sub
rem ------获得asp文件参数------
sub getInput()
if request("boardid")="" then
foundError=true
Errmsg=Errmsg+"<br>"+"<li>请指定论坛版面。"
elseif not isInteger(request("boardid")) then
foundError=true
Errmsg=Errmsg+"<br>"+"<li>非法的版面参数。"
else
boardID=request("boardID")
end if
if request("followup")="" then
foundError=true
Errmsg=Errmsg+"<br>"+"<li>非法的贴子参数。"
elseif not isInteger(request("followup")) then
foundError=true
Errmsg=Errmsg+"<br>"+"<li>非法的贴子参数。"
else
announceid=request("followup")
ParentID=request("followup")
end if
if request("RootID")="" then
foundError=true
Errmsg=Errmsg+"<br>"+"<li>非法的贴子参数。"
elseif not isInteger(request("RootID")) then
foundError=true
Errmsg=Errmsg+"<br>"+"<li>非法的贴子参数。"
else
rootID=request("RootID")
end if
UserName=trim(request("username"))
UserPassWord=trim(request("passwd"))
IP=Request.ServerVariables("REMOTE_ADDR")
Expression=Request.Form("Expression")&".gif"
Topic=trim(request("subject"))
Body=trim(request("body"))
signflag=trim(request("signflag"))
mailflag=trim(request("emailflag"))
boardtype=trim(request("boardtype"))
end sub
rem -----检查user输入数据的合法性------
function chkData()
if signflag="yes" then
signflag=1
else
signflag=0
end if
if mailflag="yes" then
mailflag=1
else
mailflag=0
end if
if UserName="" or strLength(UserName)>20 then
ErrMsg=ErrMsg+"<Br>"+"<li>请输入姓名(长度不能大于20)"
foundError=True
elseif Trim(UserPassWord)="" or strLength(UserPassWord)>10 then
ErrMsg=ErrMsg+"<Br>"+"<li>请输入密码(长度不能大于10)"
foundError=True
end if
if Topic="" then
FoundError=True
if Len(ErrMsg)=0 then
ErrMsg=ErrMsg+"<Br>"+"<li>主题不应为空"
else
ErrMsg=ErrMsg+"<Br>"+"<li>主题不应为空"
end if
elseif strLength(topic)>100 then
FoundError=True
if strLength(ErrMsg)=0 then
ErrMsg=ErrMsg+"<Br>"+"<li>主题长度不能超过100"
else
ErrMsg=ErrMsg+"<Br>"+"<li>主题长度不能超过100"
end if
end if
if strLength(body)>AnnounceMaxBytes then
ErrMsg=ErrMsg+"<Br>"+"<li>发言内容不得大于" & CSTR(AnnounceMaxBytes) & "bytes"
foundError=true
end if
end function
%>
<html>
<head>
<title><%=ForumName%>--我要发言</title>
<link rel="stylesheet" type="text/css" href="forum.css">
<meta NAME="GENERATOR" Content="Microsoft FrontPage 3.0">
<meta HTTP-EQUIV="Content-Type" content="text/html; charset=gb2312">
</head>
<body bgcolor="#ffffff" alink="#333333" vlink="#333333" link="#333333" topmargin="0" leftmargin="0">
<!--#include file="inc/theme.asp"-->
<!--#include file="footer.asp"-->
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -