askseller.asp

实用的拍卖源码。适合个人建站学习使用。仅供学习参考

<!-- #include file="inc/char.asp" -->
<!-- #include file="conn.asp" -->
<!-- #include file="head.asp" -->
<!-- #include file="chksession.asp" -->
<script language="javascript">
function check()
{
  if(document.form1.content.value=="" || (!check_err(document.form1.content.value)))
    {
      alert("留言内容不能为空，且不能包含非法字符");
      return false;
    }
}
function check_err(char) {
if ((!(char.indexOf ('script') == -1)) || (!(char.indexOf ('<') == -1)) || (!(char.indexOf ('<') == -1)))

return false;
return true;
}
</script>
<%
response.buffer=true

	dim aucid
	aucid=rst("auc_id")
	Ownerid=rst("Ownerid")
	call chk(aucid,"id")
	call chk(ownerid,"id")
	if isnumeric(aucid)=false then
   	response.write"<SCRIPT language=JavaScript>alert('警告！留言操作出错了！');"
   	response.write"this.location.href='index.asp';</SCRIPT>" 
   	response.end
	else
	sql="select regid from users where regusername='"&session("user")&"'"
	set rs=conn.execute(sql)
	if rs.eof then
	response.write"<SCRIPT language=JavaScript>alert('出错了，你还没有登陆或者已经超时！');"
   	response.write"this.location.href='login.asp';</SCRIPT>" 
   	response.end
	end if
	%>
<br>
<table cellpadding=0 cellspacing=1 border=0 width=80% align=center>
<form name="form1" method="post" action="save_msg.asp" onsubmit="return check()">
<tr><td width=100% align=center>
  <p> 留言内容：<br>
    <input name="content" type="text" value="" maxlength="100" size=80>
    <br><input type="hidden" name="aucid" value="<%=aucid%>">
	<input type="hidden" name="writerid" value="<%=rs("regid")%>">
	<input type="hidden" name="ownerid" value="<%=Ownerid%>">
	<input type="hidden" name="writedate" value="<%=now%>">
    <input type="submit" name="Submit" value="提交">
    <input type="reset" name="Submit2" value="重置">
  </p>
</td></tr>
</form>
</table>
<% end if %>
<!-- #include file="bottom.asp" -->