const.asp

此文件为一个电子同学录

<!--#include file=char.asp-->
<%
'cookies
if Request.Cookies("iscookies")="" then
	Response.Cookies("iscookies")="0"
	Response.Cookies("iscookies").Expires=date+3650
	response.write "<META http-equiv=Content-Type content=text/html; charset=gb2312><meta HTTP-EQUIV=REFRESH CONTENT=2>正在登陆岩岩电子首页……<br><br>本站域名:http://www.hrbyydz.com<br><br>本系统要求使用COOKIES，假如您的浏览器禁用COOKIES，您将不能登录本系统……"
	response.end
end if

'error.htm
Dim UserAgent,Stats,ScriptName
UserAgent=Trim(lcase(Request.Servervariables("HTTP_USER_AGENT")))
ScriptName=lcase(request.ServerVariables("PATH_INFO"))
If Instr(UserAgent,"teleport")>0 or Instr(UserAgent,"webzip")>0 or Instr(UserAgent,"flashget")>0 or Instr(UserAgent,"offline")>0 Then
	response.redirect "error.htm"
	response.end
end if

dim rs,sql, rs1,sql1,sqlstr
dim i,skinid,sucmsg
dim founderr,founduser,errmsg
dim membername,memberword,userid
dim titlepic,usergroup,lockuser,GroupSetting,usergroupid
dim txl_info,txl_set,txl_ads,txl_body,txl_set25,badwords,copyright,version,stopwhy,cookiepath
dim txl_userfaceNum,txl_userface,txl_skinpic,txl_user,txl_copyright,txl_postface,txl_postfaceNum,txl_ubb,txl_emot,txl_emotNUM
dim username,realname,sex,pass1,pass2,password,question,answer,useremail,userface,userclub,birthday
dim lastip,ip,logins,usermoney,bbscount,photocount,bookcount
dim supermaster,master,vipuser,member,guest,group

Founduser=false
Founderr=false

membername=checkStr(request.cookies("mathren")("realname"))
memberword=checkStr(request.cookies("mathren")("password"))
userid=request.cookies("mathren")("userid")

'skin
skinid=request.cookies("mathren")("skinid")
if isnumeric(skinid) and not isnull(skinid) and skinid<>"" and not skinid="0" then
		sqlstr=" id="&skinid&" "
else
	if not isnumeric(request("skinid")) or request("skinid")="" or request("skinid")="0" then
		sqlstr=" active=1"
	else
		sqlstr=" id="&request("skinid")&" "
	end if
end if
sql = "select * from config where "&sqlstr&""
set rs=conn.execute(sql)
if rs.eof and rs.bof then
	response.write "错误的系统参数，请从有效连接进入。"
	response.end
else
	txl_info=split(rs("txl_info"),",")
	txl_set=split(rs("txl_set"),",")
	txl_user=split(rs("txl_user"),",")
	txl_ads=split(rs("txl_ads"),"$")
	txl_body=split(rs("txl_body"),"|||")

	txl_userface=split(rs("txl_userface"),"|")
	txl_userfaceNum=ubound(txl_userface)
	txl_postface=split(rs("txl_postface"),",")
	txl_postfaceNum=ubound(txl_postface)
	txl_emot=split(rs("txl_emot"),"|")
	txl_emotNum=ubound(txl_emot)
	txl_skinpic=split(rs("txl_skinpic"),",")
	txl_ubb=split(rs("txl_ubb"),",")
	badwords=rs("badwords")
	Copyright=rs("txl_copyright")
	Version="<a href=http://www.hrbyydz.com>岩岩电子</a> 版权所有 盗版不究<br>站长:吕岩 联系电话： 0451-86850179 13206662612<br> 地址： 哈尔滨市 　邮编： 150080 QQ:86890361<br>E-mail:qa_90@hotmail.com"
	Stopwhy=rs("Stopwhy")
	cookiepath=rs("cookiepath")
end if
	skinid=rs("id")
rs.close
set rs=nothing

if (instr(scriptname,"admin")=0 and instr(scriptname,"login")=0 and instr(scriptname,"chklogin")=0) or supermaster then
	if cint(txl_set(1))=1 then
		Response.write Stopwhy
		response.end
	end if
end if

Server.ScriptTimeOut=txl_Set(6)

Rem 用户信息
supermaster=false
master=false
vipuser=false
member=false
guest=false
if userid<>"" and isInteger(userid) then
	sql="select u.userid,u.sex,u.lastip,u.logins,u.usermoney,u.bbscount,u.photocount,u.bookcount,u.lasttime,u.usergroupid,c.GroupSetting,u.realname,u.password from [user] u inner join UserGroups c on u.UserGroupID=c.UserGroupID where u.userid="&userid
	set rs=conn.execute(sql)
	if rs.eof and rs.bof then
		founduser=false
	else
		if trim(rs(12))=trim(memberword) and lcase(trim(membername))=lcase(trim(rs(11))) then
			founduser=true
			select case rs(9)
			case 1
				supermaster=true
				group="超级管理员"
			case 2
				master=true
				group="版主"
			case 5
				vipuser=true
				group="班级贵宾"
			case 3
				member=true
				group="班级成员"
			case else
				guest=true
				group="班级客人"
			end select
			userid=rs(0)
			sex=rs(1)
			lastip=rs(2)
                        logins=rs(3)
			usermoney=rs(4)
			bbscount=rs(5)
			photocount=rs(6)
			bookcount=rs(7)
			usergroupid=rs(9)
			GroupSetting=split(rs(10),",")
			if DateDiff("s",rs(8),Now())>Clng(txl_Set(7))*60 then
			conn.execute("update [user] set lastip='"&Request.ServerVariables("REMOTE_ADDR")&"',lasttime=Now() where userid="&userid)
			end if

		else
			founduser=false
		end if
	end if
	rs.close
	set rs=nothing
end if
if not founduser then
	founduser=false
	userid=0
	set rs=conn.execute("select GroupSetting from usergroups where UserGroupID=6")
	GroupSetting=split(rs(0),",")
	UsergroupID=7
	rs.close
	set rs=nothing
end if

rem 用户在线
dim ComeFrom,actCome,statuserid
statuserid=replace(Request.ServerVariables("REMOTE_HOST"),".","")
if not founduser then
	session("onlineid")=statuserid
	sql="select id from online where id="&cstr(session("onlineid"))
	set rs=conn.execute(sql)
	if rs.eof and rs.bof then
		ComeFrom=""
		actCome=""
		sql="insert into online(id,realname,usergroup,ip,startime,lastimebk,browser,stats,actforip,actCome) values ("&statuserid&",'访客','访客','"&Request.ServerVariables("REMOTE_HOST")&"',Now(),Now(),'"&Request.ServerVariables("HTTP_USER_AGENT")&"','"&replace(stats,"'","")&"','"&Request.ServerVariables("HTTP_X_FORWARDED_FOR")&"','"&actCome&"')"
	else
		sql="update online set lastimebk=Now(),stats='"&replace(stats,"'","")&"' where id="&cstr(statuserid)
	end if
	conn.execute(sql)
else
	if founderr then
	stats="错误信息"
	end if
	sql="select id from online where userid="&userid
	set rs=conn.execute(sql)
	if rs.eof and rs.bof then
	ComeFrom=""
	actCome=""
		sql="insert into online(id,realname,usergroup,ip,startime,lastimebk,browser,stats,actforip,actCome,userid) values ("&statuserid&",'"&membername&"','"&group&"','"&Request.ServerVariables("REMOTE_HOST")&"',Now(),Now(),'"&Request.ServerVariables("HTTP_USER_AGENT")&"','"&replace(stats,"'","")&"','"&Request.ServerVariables("HTTP_X_FORWARDED_FOR")&"','"&actCome&"',"&userid&")"
	else
		sql="update online set lastimebk=Now(),stats='"&replace(stats,"'","")&"' where userid="&userid
	end if
	conn.execute(sql)
	rs.close
	if session("onlineid")<>"" then
	Conn.Execute("delete from online where id="&session("onlineid"))
	session("onlineid")=""
	end if
end if
set rs=nothing

Rem 删除超时用户
sql="Delete FROM online WHERE DATEDIFF('s', lastimebk, now()) > "&txl_Set(7)&"*60"
Conn.Execute sql
%>