index.asp

沃尔夫巍峨王若飞违反为俄文服务费各个分填入建议他已经有条件倚天剑与今天已经有

<%
'//作者：海娃
'//网址：http://www.51windows.net
on error resume next
dim conn,rs,ps,PostIntervalTime,IpLists,LoginPassWord,OnlyShowReplay
LoginPassWord = "51windows.net"	'管理密码，请设置复杂的密码
ps = 20							'每页留言数
PostIntervalTime = 5*60			'同一个IP多长时间可以留一次言,单位是秒，5分钟可以用5*60表示，不限制请设置为0
OnlyShowReplay = 1				'留言是否有回复再显示，0为留言后立刻显示在留言列表中，1为需要回复后才显示在列表中。置顶的留言不受限制
IpLists = "192.168.|"
'禁止留言的IP，例如：	"127.0.|192.168.0.1"
%><html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<meta name="Author" content="haiwa">
<meta name="description" content="作者：海娃　Powered by www.51windows.net">
<title>留言本 - 51windows.Net</title>
<style>
<!--
A:link{font-size:12px;COLOR: #123869;}
A:visited{font-size:12px;COLOR: #123869;}
A:hover{font-size:12px;COLOR: red;}
A:active{font-size:12px;COLOR: #123869;}
body{font-size: 12px;background-color:#FFFFFF;margin:0px;}
input,textarea{font-size: 12px;}
td{font-size: 12px;line-height:160%;word-break:break-all;margin:2px;padding:2px;}
.table{background-color:#EEEEE2;color:#000000;}
.ontable{background-color:#FFFFFF;border-collapse:collapse;}
.title{font-family:Verdana;font-size:24pt;color:#000000;}
.PageDisabled{color:#EEEEEE;}
.PageDisabled{text-decoration:line-through;color:#000000;}
.hwPageSelect{font-family: Verdana;font-size: 9px;}
-->
</style>
</head>
<body>
<%
dim act,name,email,content,reply,gid,ip,isTop

act = Request.form("act")
name = Request.form("name")
email = Request.form("email")
content = Request.form("content")
reply = Request.form("reply")
gid = Request.form("gid")
isTop = Request.form("isTop")
if cstr(isTop) <> "1"  then isTop = "0"
ip = left(Request.ServerVariables("REMOTE_ADDR"),15)
name = NoJapn(name)
email = NoJapn(email)
content = NoJapn(content)
reply = NoJapn(reply)

if request.QueryString("action") = "loginout" then
	session("islogin") = ""
end if

if act = "login" then
	if trim(request.form("pws")) = trim(LoginPassWord) then
		session("islogin") = LoginPassWord
	end if
end if
Session.timeout = 20

function er(str,gourl)%>
<div align="center">
  <center>
  <table border="0" width="360" height="180">
    <tr>
      <td width="100%" align="center"><% = server.htmlencode(str) %><script>alert("<% = server.htmlencode(str) %>");<%if len(gourl) > 0 then%>location.replace("<% = gourl %>");<%else%>history.go(-1);<%end if%></script></td>
    </tr>
  </table>
  </center>
</div>
</body>
</html>
<%
	Response.end
end function

set conn=Server.CreateObject("ADODB.Connection")

conn.Open "Provider=Microsoft.Jet.OLEDB.4.0;Jet OLEDB:Database Password=;Data Source=" & Server.MapPath("data.mdb.asa")
if err.number<> 0 then
	er "出现错误，请与管理员联系",""
end if

dim MaxPerPage,totalPut,CurrentPage,TotalPages
currentPage = Request.QueryString("page")
if currentPage = "" or isnumeric(currentPage) = false then
	currentPage = 1
end if
currentPage = int(currentPage)

'提交问题/////////////////////////////////////////
if act = "save" then
	if isForbid(ip) then
		conn.close
		set conn = nothing
		er "对不起，你没有留言的权限",""
	end if
	if len(name) = 0 then
		conn.close
		set conn = nothing
		er "请输入姓名",""
	end if
	if instr(email,"@") = 0 then
		conn.close
		set conn = nothing
		er "请输入Email",""
	end if
	if len(content) < 1 then
		conn.close
		set conn = nothing
		er "内容不能为空",""
	end if
	if len(content) > 1000 then
		conn.close
		set conn = nothing
		er "内容不能多于1000个字符",""
	end if
	if int(PostIntervalTime) > 0 then
		newDate = Dateadd("s",int(PostIntervalTime)*-1,Now)
		Set rs = conn.execute("select top 1 ip from hwguestbook where ip = '"& fixsql(ip) &"' and theDate > #"& newDate &"#")
		if not (rs.eof and rs.bof) then
			set rs = nothing
			conn.close
			set conn = nothing
			er "请不要频繁留言，请等分钟"& int(PostIntervalTime/60) &"留言！",""
		end if
		set rs = nothing
	end if
	dim InsertSql
	InsertSql = "insert into hwguestbook (name,email,content,ip) values('"& fixsql(name) &"','"& fixsql(email) &"','"& fixsql(content) &"','"& fixsql(ip) &"')"
	conn.execute(InsertSql)
	if err<> 0 then
		conn.close
		set conn = nothing
		er "系统忙，请稍候再提交",""
	else
		conn.close
		set conn = nothing
		dim okalt
		if int(OnlyShowReplay) = 1 then
			okalt = "，留言需要管理员回复后才能显示。"
		else
			okalt = "。"
		end if
		er "留言已提交" & okalt,Request.ServerVariables("SCRIPT_NAME")
	end if
end if

if session("islogin") = LoginPassWord then
	'回复留言/////////////////////////////////////////
	if act = "re" then
		if isnumeric(gid) = false or gid = "" then
			conn.close
			set conn = nothing
			er "参数错误",""
		end if
		if len(reply) > 1000 then
			conn.close
			set conn = nothing
			er "回复不能多于1000个字符",""
		end if
		updateSql = "update hwguestbook set content = '"& fixsql(content) &"',reply = '"& fixsql(reply) &"',isTop = "& int(isTop) &",replydate = now() where id = " & gid
		conn.execute(updateSql)
		if err<> 0 then
			conn.close
			set conn = nothing
			er "系统忙，请稍候再提交",""
		else
			conn.close
			set conn = nothing
			er "操作成功。",Request.ServerVariables("SCRIPT_NAME") & "?page=" & currentPage
		end if
	end if

	'删除留言/////////////////////////////////////////
	if act = "del" then
		if isnumeric(gid) = false or gid = "" then
			conn.close
			set conn = nothing
			er "参数错误",""
		end if
		delSql = "delete from hwguestbook where id = " & gid
		conn.execute(delSql)
		if err<> 0 then
			conn.close
			set conn = nothing
			er "系统忙，请稍候再提交",""
		else
			conn.close
			set conn = nothing
			er "已删除。",Request.ServerVariables("SCRIPT_NAME") & "?page=" & currentPage
		end if
	end if
end if

if int(OnlyShowReplay) = 0 or (session("islogin") = LoginPassWord) then
	sql = "select * from hwguestbook order by IsTop desc,ID desc"
else
	sql = "select * from hwguestbook where len(reply) > 0 or IsTop = 1 order by IsTop desc,ID desc"
end if

set rs=Server.CreateObject("ADODB.Recordset")
rs.open sql,conn,1,1
%>
<div align="center">
  <table width="600" border="0" cellspacing="0" cellpadding="0" class="table">
	<tr>
	  <td width="100%" align="center" class="title">51windows's GuestBook</td>
	</tr>
	<tr>
	  <td width="100%"> </td>
	</tr>
	<tr>
	  <td width="100%">
		<table border="1" width="100%" bordercolor="#DDDDDD" class="ontable">
			<tr>
			<td>
<%
if isForbid(ip) then
	Response.write "<p align=""center"">你没有留言的权限</p>"
else%>
<SCRIPT LANGUAGE="JavaScript">
<!--
function HW_CheckEmail(V){
	var reg=/^\w+([-+.]\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)*$/;
	return (reg.test(V))
}
function ckform(){
	var formobj = document.HwForm0;
	if(formobj.name.value==""){
		alert("请输入姓名");
		formobj.name.focus();
		return false;