?? add_ad.asp
字號:
<%
function fixQuotes(theString)
fixQuotes=Replace(theString,"'","''")
end function
On Error RESUME NEXT
Set con=Server.CreateObject("ADODB.Connection")
con.Open Application("DBCon_ConnectionString")
username=Session("username")
'再次檢查是否存在此用戶,及是否有效
strSql="SELECT yonghu,youxiao FROM yonghu WHERE yonghu='"+username+"'"
Set rs1=con.Execute(strSql)
if rs1("yonghu")="" then
response.redirect "../syspages/error_nothisuser.htm"
'錯誤:沒有這個用戶
end if
if rs1("youxiao")<=0 then
response.redirect "../syspages/error_invalid.htm"
end if
if rs1("youxiao")=2 then '修改
if Session("modify")<>1 then '防止直接申請本頁
response.redirect "../syspages/error.htm"
else
strSql="UPDATE guanggao SET"
strSql=strSql+" guojia='"+fixQuotes(TRIM(Request.Form("guojia")))
strSql=strSql+"',chengshi='"+fixQuotes(TRIM(Request.Form("chengshi")))
strSql=strSql+"',dailishang='"+fixQuotes(TRIM(Request.Form("dailishang")))
strSql=strSql+"',lianxiren='"+fixQuotes(TRIM(Request.Form("lianxiren")))
strSql=strSql+"',dizhi='"+fixQuotes(TRIM(Request.Form("dizhi")))
strSql=strSql+"',youbian='"+fixQuotes(TRIM(Request.Form("youbian")))
strSql=strSql+"',dianhua='"+fixQuotes(TRIM(Request.Form("dianhua")))
strSql=strSql+"',e_mail='"+fixQuotes(TRIM(Request.Form("e_mail")))
strSql=strSql+"',neirong='"+fixQuotes(replace(TRIM(Request.Form("neirong")),vbcrlf,"<br>"))
strSql=strSql+"',fenlei1='"+fixQuotes(TRIM(Request.Form("fenlei1")))
strSql=strSql+"',fenlei2='"+fixQuotes(TRIM(Request.Form("fenlei2")))
strSql=strSql+"',faburiqi=getdate()"
strSql=strSql+" Where yonghu='"+ Session("username")+"'"
'response.write strsql
Set rs=con.Execute(strSql,insertnum)
'if insertnum=1 then
'成功
'修改有效值
response.redirect "../syspages/sys_modadsuc.htm"
'else
' response.redirect "../syspages/error.htm"
'end if
response.end
end if
end if
rs1.close
'加入廣告
strSql="INSERT guanggao VALUES('"+username+"','"+Request.Form("guojia")
strSql=strSql+"','"+fixQuotes(TRIM(Request.Form("chengshi")))
strSql=strSql+"','"+fixQuotes(TRIM(Request.Form("danwei")))
strSql=strSql+"','"+fixQuotes(TRIM(Request.Form("dailishang")))
strSql=strSql+"','"+fixQuotes(TRIM(Request.Form("lianxiren")))
strSql=strSql+"','"+fixQuotes(TRIM(Request.Form("dizhi")))
strSql=strSql+"','"+fixQuotes(TRIM(Request.Form("youbian")))
strSql=strSql+"','"+fixQuotes(TRIM(Request.Form("dianhua")))
strSql=strSql+"','"+fixQuotes(TRIM(Request.Form("e_mail")))
strSql=strSql+"','"+fixQuotes(replace(TRIM(Request.Form("neirong")),vbcrlf,"<br>"))
strSql=strSql+"','"+fixQuotes(TRIM(Request.Form("fenlei1")))
strSql=strSql+"','"+fixQuotes(TRIM(Request.Form("fenlei2")))
strSql=strSql+"',getdate()"
strSql=strSql+",0)"
'response.write strsql
insertnum=0
Set rs=con.Execute(strSql,insertnum)
if insertnum=1 then
'成功
'修改有效值
valid=valid-1
strSql="UPDATE yonghu SET youxiao=2 WHERE yonghu='"+username+"'"
con.Execute strSql
response.redirect "../syspages/sys_addadsuc.htm"
else
response.redirect "../syspages/error.htm"
end if
%>?? 快捷鍵說明
復制代碼
Ctrl + C
搜索代碼
Ctrl + F
全屏模式
F11
切換主題
Ctrl + Shift + D
顯示快捷鍵
?
增大字號
Ctrl + =
減小字號
Ctrl + -