gyhs.asp 超文本多用户论坛程序 1.1 - ASP源码程序

www.gusucode.com > 超文本多用户论坛程序 1.1 > bbs/gyhs.asp
    <%on error resume next%>
<%'特殊符号过滤
function Fsql(countsql)
errorchar=array("'","!","@","$","%","^","&","*","<",">","or","/","\")
for i=0 to ubound(errorchar)
if instr(countsql,errorchar(i))>0 then 
Fsql=true
end if
next
end function
%>

<%'数据库关闭
sub dbclose
conn.close
set conn=nothing
end sub
%>

<%'*******************************************************%>
<%
'判断论坛是否存在以及浏览用户是否支持COOKIES
response.cookies("PD")="true"
if request.cookies("PD")="" then
response.redirect"help.asp?menu=cook"
end if

ltbh= request("ltbh")
user=request("username")

if ltbh=empty then '为空返回总论坛首页
sql="select ltbh from zwuser where cnuser='"& user &"'"
set rst=conn.execute(sql)
if rst.eof then
response.redirect"../index.asp"
else
ltbh=rst("ltbh")
response.redirect "?ltbh="&ltbh
end if
rst.close
set rst=nothing
else
if Fsql(ltbh)=true then response.redirect"../index.asp"
sql="select ltbh from zwltpz where ltbh='"& ltbh &"'"
set rs=conn.execute(sql)
if rs.eof then
response.redirect"../index.asp"
end if
end if
%>
<%'*******************************************************%>

<%'*******************************************************%>
<%
'写cookies风格
sql="select ltmb,ltmc,gjz from zwltpz where ltbh='"&ltbh&"'"
set rsfg=conn.execute(sql)
'发布后添加此语句on error resume next
response.cookies("fg")=rsfg("ltmb")
response.cookies("mc")=rsfg("ltmc")
response.cookies("gjz")=rsfg("gjz")
rsfg.close
set rsfg=nothing

fg=request.cookies("fg")
if fg=empty then fg=1
response.write "<html><head><meta http-equiv=Content-Type content=text/html;charset=gb2312></head><link href=imgs/skins/"& fg &"/bbs.css rel=stylesheet><script src=dyhbbs.js></script><script src=imgs/skins/"& fg &"/bbs.js></script>"
%>
<%'*******************************************************%>

<!--webbot bot="PurpleText" PREVIEW="外部数据提交防止" -->
<%
sub wbfz
server_v1=Cstr(Request.ServerVariables("HTTP_REFERER"))
server_v2=Cstr(Request.ServerVariables("SERVER_NAME"))
if  mid(server_v1,8,len(server_v2))<>server_v2  then
%>
<script language=vbscript>
<!--
window.alert"禁止从外部提交数据!请登陆"
window.location="../"
-->
</script>
<%
end if
end sub
%><%'*******************************************************%><%
'判断访问者是否登陆
function dlhs
username=request.cookies("username")
userpass=request.cookies("userpass")
if userpass=empty or username=empty then 
dlhs=true
else
sql="select cnuser,cnpass from zwuser where cnuser='"&username&"'and cnpass='"&userpass&"'"
set rsdl=conn.execute(sql)
if rsdl.eof then dlhs=true
rsdl.close
set rsdl=nothing
end if
end function
%><%'*******************************************************%><%
'判断是否管理员
function gly
ltbh=request("ltbh")
username=request.cookies("username")
userpass=request.cookies("userpass")
if userpass=empty or username=empty then 
gly=true
else
sql="select cnuser,cnpass from zwuser where cnuser='"&username&"'and cnpass='"&userpass&"' and ltbh='"&ltbh&"'"
set rsgly=conn.execute(sql)
if rsgly.eof then gly=true
rsgly.close
set rsgly=nothing
end if
end function
%><%'*******************************************************%><%'判断发帖子作者是否版主
function sfbz(bankuaiid,yhuser)
sqlbzcx="select banzhu from zwbk where id="&bankuaiid&""
set bzs=conn.execute(sqlbzcx)
banzhu=bzs("banzhu")

master=split(banzhu,"|")
for i = 0 to ubound(master)
If yhuser=""&master(i)&"" Then 
sfbz=true
end if
next

bzs.close
set bzs=nothing
end function
%><%'*******************************************************%>