manbombok.asp

网佳网络办公系统（以下简称OA）是一套基于B/S模式的无纸化办公系统。[显著特点：无须安装客户端] 主要功能模块：管理 公文 车辆 通知 档案 值班 人事 审批 仓库 主界面 软件下载 个

<%@ LANGUAGE=VBScript.Encode%>
<%Response.Expires=0
nickname=Session("hxf_u_nickname")
grade=Int(Session("hxf_u_grade"))
inthechat=Session("hxf_u_inthechat")
userip=Request.ServerVariables("REMOTE_ADDR")
if nickname="" then Response.Redirect "../error.asp?id=440"
mypai=session("mypai")
if grade<9 and mypai<>"六扇门" then Response.Redirect "../error.asp?id=482"

'校验此时是否被降级
Set conn=Server.CreateObject("ADODB.CONNECTION")
Set rs=Server.CreateObject("ADODB.RecordSet")
connstr=Application("hg_connstr")
conn.open connstr
sql="SELECT grade FROM 用户 WHERE  姓名='" & nickname & "'"
rs.open sql,conn,1,3
if Not(rs.Eof and rs.Bof) then
grade=rs("grade")
if intherchat<>"1" and grade<9 then Response.Redirect "../error.asp?id=482"
end if
rs.close
conn.close
'完成校验
if inthechat<>"1" and nickname<>"江湖管理员" then Response.Redirect "manerr.asp?id=482"
bombname=Server.HTMLEncode(Trim(Request.Form("bombname")))
bombwhy=Server.HTMLEncode(Trim(Request.Form("bombwhy")))
logok=Trim(Request.Form("logok"))
if nickname<>"聊天室管理员" then logok="1"
if logok<>"0" then logok="1"
if bombname="" then Response.Redirect "manerr.asp?id=222"
if bombwhy="" then Response.Redirect "manerr.asp?id=224"
if CStr(bombname)=CStr(nickname) then Response.Redirect "manerr.asp?id=223"
if len(bombwhy)>60 then bombwhy=Left(bombwhy,60)
n=Year(date())
y=Month(date())
r=Day(date())
s=Hour(time())
f=Minute(time())
m=Second(time())
if len(y)=1 then y="0" & y
if len(r)=1 then r="0" & r
if len(s)=1 then s="0" & s
if len(f)=1 then f="0" & f
if len(m)=1 then m="0" & m
t=s & ":" & f & ":" & m
sj=n & "-" & y & "-" & r & " " & t
onlinelist=Application("hxf_c_onlinelist")
cz=0
ubl=UBound(onlinelist)
for i=1 to ubl step 6
 if CStr(onlinelist(i+1))=CStr(bombname) then
  cz=1
  bombip=onlinelist(i+2)
 end if
next
if cz=0 then Response.Redirect "manerr.asp?id=225&bombname=" & server.URLEncode(bombname)
Set conn=Server.CreateObject("ADODB.CONNECTION")
Set rs=Server.CreateObject("ADODB.RecordSet")
connstr=Application("hg_connstr")
conn.open connstr
sql="SELECT lastkick,grade,门派 FROM 用户 WHERE 姓名='" & bombname & "'"
rs.open sql,conn,1,3
if Not(rs.Eof and rs.Bof) then
if rs("门派")="六扇门" and rs("grade")>=Session("hxf_u_grade") then Response.Redirect "../error1.asp?id=030"
 rs("lastkick")=sj
 rs.Update
end if
rs.close
set rs=nothing
bomblog="把 <font color=red>" & bombname & "</font>(<font color=blue>" & bombip & "</font>) 炸飞！<font color=009900>【原因：" & bombwhy & "】</font>"
if logok="1" then
 Function SqlStr(data)
  SqlStr="'" & Replace(data,"'","''") & "'"
 End Function
 sql="INSERT INTO logdata (logtime,name,ip,opertion) VALUES ("
 sql=sql & SqlStr(sj) & ","
 sql=sql & SqlStr(nickname) & ","
 sql=sql & SqlStr(userip) & ","
 sql=sql & SqlStr(bomblog) & ")"
 conn.Execute sql
end if
conn.close
set conn=nothing
Session("hxf_u_lasttime")=sj
Application.Lock
sd=Application("hxf_c_sd")
line=int(Application("hxf_c_line"))
Application("hxf_c_line")=line+1
	for i=1 to 171
	  sd(i)=sd(i+9)
	next
	sd(172)=line
	sd(173)=1
	sd(174)=0
	sd(175)="消息"
	sd(176)="大家"
	sd(177)="660099"
	sd(178)="660099"
	sd(179)="对"
    sd(180)="<font color=black>【轰炸】</font><font color=8800FF><font color=red>" & nickname & "</font>恭恭敬敬地把<font color=red>" & bombname & "</font>炸上天堂……〖原因：" & bombwhy & "〗</font><font class=t>(" & t & ")</font>"
Application("hxf_c_sd")=sd
Application("hxf_c_bombname")=Application("hxf_c_bombname") & " " & bombname & " "
Application.UnLock%><html>
<head>
<title>炸弹操作</title>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<link rel="stylesheet" href="readonly/style.css">
</head>
<body bgcolor="#000000" class=p150 text="#FFFFFF">
<p><br></p>
<table border="1" cellspacing="0" cellpadding="10" bordercolorlight="#808000" bordercolordark="#000000" align="center">
<form>
<tr>
<td>
<p><%=sj%></p>
<p><%=nickname&"("&userip&")"%></p>
<p><%=bomblog%></p>
<div align="center">
<input type="button" value="返回" onclick="javascript:history.go(-2)">
</div>
</td>
</tr>
</form>
</table>
</body>
</html>