www.gusucode.com > 艺术签名文章资讯网源代码 > 艺术签名文章资讯网源代码/624/GuestBook/post.asp
<!--#include file="config.asp"-->
<!--#include file="../inc/cls_editor.asp"-->
<%
Dim Rs, SQL,i,replyid,guestid
Dim strContent,strQuote,strTopic
Dim username,isAdmin
Dim Facestr,FaceOption,FormatInput
Newasp.LoadTemplates 9999, 3, 0
HtmlContent = Newasp.HtmlContent
HtmlContent = Replace(HtmlContent,"{$GuestFormContent}", Newasp.HtmlSetting(11))
HtmlContent = Replace(HtmlContent,"{$InstallDir}", Newasp.InstallDir)
HtmlContent = Replace(HtmlContent, "{$ChannelID}", ChannelID)
'--频道目录
HtmlContent = Replace(HtmlContent,"{$ChannelRootDir}", ChannelRootDir, 1, -1, 1)
HtmlContent = Replace(HtmlContent,"{$CurrentStation}",Newasp.ChannelName)
HtmlContent = Replace(HtmlContent,"{$PageTitle}","回复留言")
HtmlContent = Replace(HtmlContent,"{$IndexTitle}",strIndexName)
HtmlContent = ReadClassMenu(HtmlContent)
HtmlContent = ReadClassMenubar(HtmlContent)
HtmlContent = HTML.ReadAnnounceList(HtmlContent)
HtmlContent = HTML.ReadStatistic(HtmlContent)
HtmlContent = HTML.ReadUserRank(HtmlContent)
HtmlContent = Replace(HtmlContent, "{$MemberName}", Newasp.membername)
HtmlContent = Replace(HtmlContent,"{$LeastString}", Newasp.LeastString)
HtmlContent = Replace(HtmlContent, "{$MaxString}", Newasp.MaxString)
If CInt(Newasp.PostGrade) > 0 And Trim(Session("AdminName")) = Empty Then
If CInt(Newasp.PostGrade) > CInt(Newasp.membergrade) Then
Call OutputScript(Newasp.HtmlSetting(5),"index.asp")
Response.End
End If
End If
guestid = Newasp.ChkNumeric(Request("guestid"))
replyid = Newasp.ChkNumeric(Request("replyid"))
If guestid = 0 Then
Response.Write"错误的系统参数!请输入正确的主题ID。"
Response.End
Else
Set Rs = Newasp.Execute("SELECT title,content,username,isAdmin FROM NC_GuestBook WHERE guestid ="& guestid)
If Rs.BOF And Rs.EOF Then
Set Rs = Nothing
Call OutAlertScript("错误的系统参数!没有找到该留言主题。")
Else
strTopic = Newasp.CheckTopic(Rs("title"))
strContent = Rs("content")
username = Rs("username")
isAdmin = Rs("isAdmin")
End If
Rs.Close:Set Rs = Nothing
End If
If replyid > 0 Then
Set Rs = Newasp.Execute("SELECT rContent FROM NC_GuestReply WHERE id ="& replyid)
If Rs.BOF And Rs.EOF Then
Set Rs = Nothing
Call OutAlertScript("错误的系统参数!没有找到该回复留言。")
Else
strContent = Rs("rContent")
End If
Rs.Close:Set Rs = Nothing
End If
If CInt(Request("quote")) = 1 Then
If isAdmin <> 0 Then
If username = Newasp.membername Or Newasp.membergrade = "999" Or Trim(Session("AdminName")) <> "" Then
strQuote = "<table class=quote><tr><td>" & strContent & "</td><tr></table>"
Else
strQuote = Newasp.HtmlSetting(16)
End If
Else
strQuote = "<table class=quote><tr><td>" & strContent & "</td><tr></table>"
End If
Else
strQuote = ""
End If
If Newasp.CheckStr(LCase(Request.Form("action"))) = "save" And Request.Form("action") <> "" Then
Call SaveGuestReply
Else
Call ReplyGuestBook
End If
Public Sub ReplyGuestBook()
HtmlContent = Replace(HtmlContent,"{$Action}","save")
HtmlContent = Replace(HtmlContent,"{$ReplyContent}",vbNullString)
HtmlContent = Replace(HtmlContent,"{$SubmitValue}","回复留言")
HtmlContent = Replace(HtmlContent, "{$GuestID}", guestid)
HtmlContent = Replace(HtmlContent, "{$ReplyID}", replyid)
HtmlContent = Replace(HtmlContent,"{$GuestTopic}",strTopic)
HtmlContent = Replace(HtmlContent,"{$UserName}",Newasp.membername)
HtmlContent = Replace(HtmlContent,"{$GuestEmail}","mymail@163.com")
HtmlContent = Replace(HtmlContent,"{$GuestQQ}","123456789")
HtmlContent = Replace(HtmlContent,"{$RefererUrl}",Request.ServerVariables("HTTP_REFERER"))
FaceOption = ""
For i=1 to 20
FaceOption = FaceOption & "<option "
Facestr="images/" & i & ".gif"
FaceOption = FaceOption & "value='" & Facestr &"'>头像" &i &"</option>"
Next
HtmlContent = Replace(HtmlContent, "{$FaceOption}", FaceOption)
If CInt(Newasp.membergrade) > 1 Or Trim(Session("AdminName")) <> "" Then
FormatInput = "<span style=""background-color: #fFfFff"" id=""myt"" onclick=""javascript:formatbt(this);"" style=""cursor:hand; font-size:11pt"">设置标题样式 ABCdef</span>"
FormatInput = FormatInput & "<input type=""checkbox"" name=""cancel"" value="""" onclick=""Cancelform()""> 取消格式"
HtmlContent = Replace(HtmlContent,"{$FormatInput}",FormatInput)
Else
HtmlContent = Replace(HtmlContent,"{$FormatInput}","")
End If
HtmlContent = Replace(HtmlContent,"{$Topicformat}","")
HtmlContent = Replace(HtmlContent,"{$GuestContent}",Server.HTMLEncode(strQuote))
'-- 编辑器设置
Dim oEditor,EditorCode
Set oEditor = New Editor_Cls
oEditor.UserMode = 1
oEditor.setEditMode = Newasp.setUserEditor(0)
oEditor.ChannelID = ChannelID
oEditor.Width = Newasp.setUserEditor(2)
oEditor.Height = Newasp.setUserEditor(3)
oEditor.BasePath = Newasp.InstallDir & Newasp.setAdminEditor(4)
oEditor.ToolbarSet = Newasp.setUserEditor(1)'Default,AdminMode,Simple,UserMode,Basic
oEditor.InstanceName = "content"
EditorCode = oEditor.CreateEditor()
Set oEditor = Nothing
HtmlContent = Replace(HtmlContent, "{$EditorCode}", EditorCode)
Response.Write HtmlContent
End Sub
Sub SaveGuestReply()
On Error Resume Next
Dim ForbidReply, TextContent,ChkPostData
If CInt(Newasp.PostGrade) > 0 And Trim(Session("AdminName")) = Empty Then
If CInt(Newasp.PostGrade) > CInt(Newasp.membergrade) Then
ErrMsg = ErrMsg + Newasp.HtmlSetting(5)
FoundErr = True
End If
End If
If Newasp.CheckPost = False Then
ErrMsg = ErrMsg + "您提交的数据不合法,请不要从外部提交。\n"
FoundErr = True
End If
If Not Newasp.CodeIsTrue() Then
ErrMsg = ErrMsg + "验证码校验失败,请返回刷新页面再试。两秒后自动返回\n"
Founderr = True
End If
Session("GetCode") = ""
If Trim(Request.Form("username")) = "" Then
ErrMsg = ErrMsg + "用户名不能为空\n"
Founderr = True
End If
If Newasp.IsValidStr(Request.Form("username")) = False Then
ErrMsg = ErrMsg + "用户名中含有非法字符\n"
Founderr = True
End If
If Trim(Request.Form("topic")) = "" Then
ErrMsg = ErrMsg + "回复主题不能为空\n"
Founderr = True
End If
If Trim(Request.Form("content")) = "" Then
ErrMsg = ErrMsg + "回复内容不能为空\n"
Founderr = True
End If
If Len(Request.Form("content")) < Clng(Newasp.LeastString) Then
ErrMsg = ErrMsg + ("回复内容不能小于" & Newasp.LeastString & "字符!")
Founderr = True
End If
If Len(Request.Form("content")) > Clng(Newasp.MaxString) Then
ErrMsg = ErrMsg + ("回复内容不能大于" & Newasp.MaxString & "字符!")
Founderr = True
End If
TextContent = Request.Form("content")
If Newasp.setUserEditor(0) <> 0 Then
TextContent = Newasp.HTMLEncodes(TextContent)
End If
ChkPostData = Newasp.NeedIsAudit(TextContent,Request.Form("topic") & " " & Request.Form("username"))
If ChkPostData > 0 Then
ErrMsg = "请不要发表含有不适当内容的留言,请不要发表广告信息"
Founderr = True
End If
If Trim(Newasp.membergrade) <> "999" And Trim(Session("AdminName")) = "" Then
ForbidReply =Newasp.Execute("SELECT ForbidReply FROM NC_GuestBook WHERE guestid=" & Newasp.ChkNumeric(Request.Form("guestid")))(0)
If ForbidReply <> 0 Then
ErrMsg = ErrMsg + Newasp.HtmlSetting(7)
Founderr = True
End If
End If
If Founderr = True Then
Call OutAlertScript(ErrMsg)
Exit Sub
End If
Call PreventRefresh '防刷新
Set Rs = Server.CreateObject("ADODB.Recordset")
SQL = "SELECT * FROM NC_GuestReply WHERE (id is null)"
Rs.Open SQL,Conn,1,3
Rs.Addnew
If Newasp.membername <> "" And Newasp.memberid <> "" Then
Rs("userid") = Newasp.memberid
Rs("rusername") = Newasp.membername
Else
Rs("userid") = 0
Rs("rusername") = Left(Request.Form("username"),50)
End If
Rs("guestid") = Trim(Request.Form("guestid"))
Rs("Topicformat") = Trim(Request.Form("Topicformat"))
Rs("rTitle") = Newasp.ChkFormStr(Left(Request.Form("topic"),100))
Rs("rContent") = Html2Ubb(TextContent)
Rs("rFace") = Trim(Request.Form("face"))
Rs("ReplyTime") = Now()
Rs("ReplyIP") = Newasp.GetUserIP
Rs.update
Rs.Close:Set Rs = Nothing
Dim GroupSetting
If Newasp.membername <> "" And Newasp.membergrade <> "" Then
GroupSetting = Split(Newasp.UserGroupSetting(CInt(Newasp.membergrade)), "|||")
Newasp.Execute ("UPDATE NC_User SET userpoint = userpoint + " & CLng(GroupSetting(27)) & " WHERE userid="& CLng(Newasp.memberid))
End If
Newasp.Execute ("UPDATE NC_GuestBook SET ReplyNum = ReplyNum + 1,lastime = " & NowString & " WHERE guestid="& guestid)
Call OutputScript(Newasp.HtmlSetting(8),Request.Form("url"))
End Sub
Set HTML = Nothing
CloseConn
%>