www.gusucode.com > 艺术签名文章资讯网源代码 > 艺术签名文章资讯网源代码/624/GuestBook/post.asp
<!--#include file="config.asp"--> <!--#include file="../inc/cls_editor.asp"--> <% Dim Rs, SQL,i,replyid,guestid Dim strContent,strQuote,strTopic Dim username,isAdmin Dim Facestr,FaceOption,FormatInput Newasp.LoadTemplates 9999, 3, 0 HtmlContent = Newasp.HtmlContent HtmlContent = Replace(HtmlContent,"{$GuestFormContent}", Newasp.HtmlSetting(11)) HtmlContent = Replace(HtmlContent,"{$InstallDir}", Newasp.InstallDir) HtmlContent = Replace(HtmlContent, "{$ChannelID}", ChannelID) '--频道目录 HtmlContent = Replace(HtmlContent,"{$ChannelRootDir}", ChannelRootDir, 1, -1, 1) HtmlContent = Replace(HtmlContent,"{$CurrentStation}",Newasp.ChannelName) HtmlContent = Replace(HtmlContent,"{$PageTitle}","回复留言") HtmlContent = Replace(HtmlContent,"{$IndexTitle}",strIndexName) HtmlContent = ReadClassMenu(HtmlContent) HtmlContent = ReadClassMenubar(HtmlContent) HtmlContent = HTML.ReadAnnounceList(HtmlContent) HtmlContent = HTML.ReadStatistic(HtmlContent) HtmlContent = HTML.ReadUserRank(HtmlContent) HtmlContent = Replace(HtmlContent, "{$MemberName}", Newasp.membername) HtmlContent = Replace(HtmlContent,"{$LeastString}", Newasp.LeastString) HtmlContent = Replace(HtmlContent, "{$MaxString}", Newasp.MaxString) If CInt(Newasp.PostGrade) > 0 And Trim(Session("AdminName")) = Empty Then If CInt(Newasp.PostGrade) > CInt(Newasp.membergrade) Then Call OutputScript(Newasp.HtmlSetting(5),"index.asp") Response.End End If End If guestid = Newasp.ChkNumeric(Request("guestid")) replyid = Newasp.ChkNumeric(Request("replyid")) If guestid = 0 Then Response.Write"错误的系统参数!请输入正确的主题ID。" Response.End Else Set Rs = Newasp.Execute("SELECT title,content,username,isAdmin FROM NC_GuestBook WHERE guestid ="& guestid) If Rs.BOF And Rs.EOF Then Set Rs = Nothing Call OutAlertScript("错误的系统参数!没有找到该留言主题。") Else strTopic = Newasp.CheckTopic(Rs("title")) strContent = Rs("content") username = Rs("username") isAdmin = Rs("isAdmin") End If Rs.Close:Set Rs = Nothing End If If replyid > 0 Then Set Rs = Newasp.Execute("SELECT rContent FROM NC_GuestReply WHERE id ="& replyid) If Rs.BOF And Rs.EOF Then Set Rs = Nothing Call OutAlertScript("错误的系统参数!没有找到该回复留言。") Else strContent = Rs("rContent") End If Rs.Close:Set Rs = Nothing End If If CInt(Request("quote")) = 1 Then If isAdmin <> 0 Then If username = Newasp.membername Or Newasp.membergrade = "999" Or Trim(Session("AdminName")) <> "" Then strQuote = "<table class=quote><tr><td>" & strContent & "</td><tr></table>" Else strQuote = Newasp.HtmlSetting(16) End If Else strQuote = "<table class=quote><tr><td>" & strContent & "</td><tr></table>" End If Else strQuote = "" End If If Newasp.CheckStr(LCase(Request.Form("action"))) = "save" And Request.Form("action") <> "" Then Call SaveGuestReply Else Call ReplyGuestBook End If Public Sub ReplyGuestBook() HtmlContent = Replace(HtmlContent,"{$Action}","save") HtmlContent = Replace(HtmlContent,"{$ReplyContent}",vbNullString) HtmlContent = Replace(HtmlContent,"{$SubmitValue}","回复留言") HtmlContent = Replace(HtmlContent, "{$GuestID}", guestid) HtmlContent = Replace(HtmlContent, "{$ReplyID}", replyid) HtmlContent = Replace(HtmlContent,"{$GuestTopic}",strTopic) HtmlContent = Replace(HtmlContent,"{$UserName}",Newasp.membername) HtmlContent = Replace(HtmlContent,"{$GuestEmail}","mymail@163.com") HtmlContent = Replace(HtmlContent,"{$GuestQQ}","123456789") HtmlContent = Replace(HtmlContent,"{$RefererUrl}",Request.ServerVariables("HTTP_REFERER")) FaceOption = "" For i=1 to 20 FaceOption = FaceOption & "<option " Facestr="images/" & i & ".gif" FaceOption = FaceOption & "value='" & Facestr &"'>头像" &i &"</option>" Next HtmlContent = Replace(HtmlContent, "{$FaceOption}", FaceOption) If CInt(Newasp.membergrade) > 1 Or Trim(Session("AdminName")) <> "" Then FormatInput = "<span style=""background-color: #fFfFff"" id=""myt"" onclick=""javascript:formatbt(this);"" style=""cursor:hand; font-size:11pt"">设置标题样式 ABCdef</span>" FormatInput = FormatInput & "<input type=""checkbox"" name=""cancel"" value="""" onclick=""Cancelform()""> 取消格式" HtmlContent = Replace(HtmlContent,"{$FormatInput}",FormatInput) Else HtmlContent = Replace(HtmlContent,"{$FormatInput}","") End If HtmlContent = Replace(HtmlContent,"{$Topicformat}","") HtmlContent = Replace(HtmlContent,"{$GuestContent}",Server.HTMLEncode(strQuote)) '-- 编辑器设置 Dim oEditor,EditorCode Set oEditor = New Editor_Cls oEditor.UserMode = 1 oEditor.setEditMode = Newasp.setUserEditor(0) oEditor.ChannelID = ChannelID oEditor.Width = Newasp.setUserEditor(2) oEditor.Height = Newasp.setUserEditor(3) oEditor.BasePath = Newasp.InstallDir & Newasp.setAdminEditor(4) oEditor.ToolbarSet = Newasp.setUserEditor(1)'Default,AdminMode,Simple,UserMode,Basic oEditor.InstanceName = "content" EditorCode = oEditor.CreateEditor() Set oEditor = Nothing HtmlContent = Replace(HtmlContent, "{$EditorCode}", EditorCode) Response.Write HtmlContent End Sub Sub SaveGuestReply() On Error Resume Next Dim ForbidReply, TextContent,ChkPostData If CInt(Newasp.PostGrade) > 0 And Trim(Session("AdminName")) = Empty Then If CInt(Newasp.PostGrade) > CInt(Newasp.membergrade) Then ErrMsg = ErrMsg + Newasp.HtmlSetting(5) FoundErr = True End If End If If Newasp.CheckPost = False Then ErrMsg = ErrMsg + "您提交的数据不合法,请不要从外部提交。\n" FoundErr = True End If If Not Newasp.CodeIsTrue() Then ErrMsg = ErrMsg + "验证码校验失败,请返回刷新页面再试。两秒后自动返回\n" Founderr = True End If Session("GetCode") = "" If Trim(Request.Form("username")) = "" Then ErrMsg = ErrMsg + "用户名不能为空\n" Founderr = True End If If Newasp.IsValidStr(Request.Form("username")) = False Then ErrMsg = ErrMsg + "用户名中含有非法字符\n" Founderr = True End If If Trim(Request.Form("topic")) = "" Then ErrMsg = ErrMsg + "回复主题不能为空\n" Founderr = True End If If Trim(Request.Form("content")) = "" Then ErrMsg = ErrMsg + "回复内容不能为空\n" Founderr = True End If If Len(Request.Form("content")) < Clng(Newasp.LeastString) Then ErrMsg = ErrMsg + ("回复内容不能小于" & Newasp.LeastString & "字符!") Founderr = True End If If Len(Request.Form("content")) > Clng(Newasp.MaxString) Then ErrMsg = ErrMsg + ("回复内容不能大于" & Newasp.MaxString & "字符!") Founderr = True End If TextContent = Request.Form("content") If Newasp.setUserEditor(0) <> 0 Then TextContent = Newasp.HTMLEncodes(TextContent) End If ChkPostData = Newasp.NeedIsAudit(TextContent,Request.Form("topic") & " " & Request.Form("username")) If ChkPostData > 0 Then ErrMsg = "请不要发表含有不适当内容的留言,请不要发表广告信息" Founderr = True End If If Trim(Newasp.membergrade) <> "999" And Trim(Session("AdminName")) = "" Then ForbidReply =Newasp.Execute("SELECT ForbidReply FROM NC_GuestBook WHERE guestid=" & Newasp.ChkNumeric(Request.Form("guestid")))(0) If ForbidReply <> 0 Then ErrMsg = ErrMsg + Newasp.HtmlSetting(7) Founderr = True End If End If If Founderr = True Then Call OutAlertScript(ErrMsg) Exit Sub End If Call PreventRefresh '防刷新 Set Rs = Server.CreateObject("ADODB.Recordset") SQL = "SELECT * FROM NC_GuestReply WHERE (id is null)" Rs.Open SQL,Conn,1,3 Rs.Addnew If Newasp.membername <> "" And Newasp.memberid <> "" Then Rs("userid") = Newasp.memberid Rs("rusername") = Newasp.membername Else Rs("userid") = 0 Rs("rusername") = Left(Request.Form("username"),50) End If Rs("guestid") = Trim(Request.Form("guestid")) Rs("Topicformat") = Trim(Request.Form("Topicformat")) Rs("rTitle") = Newasp.ChkFormStr(Left(Request.Form("topic"),100)) Rs("rContent") = Html2Ubb(TextContent) Rs("rFace") = Trim(Request.Form("face")) Rs("ReplyTime") = Now() Rs("ReplyIP") = Newasp.GetUserIP Rs.update Rs.Close:Set Rs = Nothing Dim GroupSetting If Newasp.membername <> "" And Newasp.membergrade <> "" Then GroupSetting = Split(Newasp.UserGroupSetting(CInt(Newasp.membergrade)), "|||") Newasp.Execute ("UPDATE NC_User SET userpoint = userpoint + " & CLng(GroupSetting(27)) & " WHERE userid="& CLng(Newasp.memberid)) End If Newasp.Execute ("UPDATE NC_GuestBook SET ReplyNum = ReplyNum + 1,lastime = " & NowString & " WHERE guestid="& guestid) Call OutputScript(Newasp.HtmlSetting(8),Request.Form("url")) End Sub Set HTML = Nothing CloseConn %>