?? addly.jsp
字號:
<%@ page contentType="text/html; charset=gb2312" language="java" import="java.sql.*"%>
<%@ include file="inc/config.jsp"%>
<%@ include file="inc/style.jsp"%>
<jsp:useBean id="HTMLFilter" scope="page" class="dreamtime.guestbook.HTMLFilter"/>
<jsp:useBean id="FaceFilter" scope="page" class="dreamtime.guestbook.FaceFilter"/>
<jsp:useBean id="UbbCode" scope="page" class="dreamtime.guestbook.UbbCode"/>
<%
/*******************************************************************
* *
* 夢想年華 JSP 版留言本 *
* *
* 版權所有: wsp.hniuca.net *
* ` CopyRight 2005-2006 DreamTime All Rights Reserved *
* *
* 程序制作: [夢想年華] *
* Email:fanwsp@126.com *
* QQ:122142023 *
* HomePage:http://wsp.hniuca.net *
* *
* 鄭重申明:該程序僅提個人用戶免費使用,未經本人同意, *
* 嚴禁用于商業用途! *
* *
*********************************************************************/
%>
<%
String action = request.getParameter("action");
if(action!=null && action.equals("add"))
{
String Page1 = (String)request.getHeader("Referer"); //得到頁面地址來源
String Page2 = request.getRequestURL().toString(); //得到當前頁面地址
String methon = request.getMethod();
if (methon.equals("POST") && Page2.equals(Page1))
{
request.setCharacterEncoding("gb2312"); //設置編碼方式為gb2312
String Name=request.getParameter("Name"); //依次取得表彰輸入的信息
String QQ=request.getParameter("QQ");
String Mail=request.getParameter("Mail");
String HomePage=request.getParameter("HomePage");
String ComeFrom=request.getParameter("ComeFrom");
Ip = request.getRemoteAddr(); //得到客戶端Ip地址
String Time = NowTime; //得到留言時間,NowTime為當前時間變量
String Title=request.getParameter("Title");
String Content=request.getParameter("Content");
String Face = request.getParameter("Face");
String Sex = request.getParameter("Sex");
String Secret = request.getParameter("Secret");
String Validate = "Yes";
try{
sql = "select * from lockip where LockIP='" + Ip + "'";
rs = stmt.executeQuery(sql);
//out.println(sql);
if(rs.next())
{
serror = "非法的IP地址,可能已被管理員封了IP,請與管理員聯系!";
session.setAttribute("error",serror);
session.setAttribute("url","index.jsp");
response.sendRedirect("error.jsp");
return;
}
}catch(SQLException e){
//out.println(e.getMessage());
session.setAttribute("error",error2);
session.setAttribute("url","addly.jsp");
response.sendRedirect("error.jsp");
return;
}
if(Name == null || Name.equals("") || Title == null || Title.equals("") || Content == null || Content.equals("") || Content.length() > LybMaxByte)
{
out.println("<br><br><br><p><table width=\"640\" border=\"1\" align=\"center\"><tr height=\"25\"><td>");
out.println("<div align=\"center\" class=\"info\"><br>用 戶 名不能為空!<br>留言主題不能為空!<br>留言內容不能為空!");
out.println("<br><br>留言內容不能大于" + LybMaxByte +"個字符!<br><br>請仔細核對您的輸入!<br>");
out.println("<br><a href=\"#\" onClick=\"javascript:history.go(-1);\">返回</a><br></div></td></tr></table>");
return;
}
Name = CheckReplace(Name);
Title = CheckReplace(Title);
if(Name.indexOf(AdminName) != -1 || Name.indexOf("版主") != -1 || Name.indexOf("管理員") != -1)
{
out.println("<br><br><br><p><table width=\"640\" border=\"1\" align=\"center\"><tr height=\"25\"><td>");
out.println("<div align=\"center\" class=\"info\"><br>請注意:<br>為了防止一般用戶冒充版主留言<br>");
out.println("留言者不能使用版主的名稱,也不能包含“版主”和“管理員”等字符!<br>");
out.println("<br><a href=\"#\" onClick=\"javascript:history.go(-1);\">返回</a><br></div></td></tr></table>");
return;
}
if(Name.equals(AdminUid)) Name = "版主 [" + AdminName + "]";
if(isValidate) Validate = "No";
if(Face==null || Face.equals("")) Face="04";
QQ = CheckReplace(QQ);
Mail = CheckReplace(Mail);
HomePage = CheckReplace(HomePage);
ComeFrom = CheckReplace(ComeFrom);
HTMLFilter.setSource(Content);
HTMLFilter.run();
Content=HTMLFilter.getResult();
UbbCode.setSource(Content);
UbbCode.run();
Content=UbbCode.getResult();
FaceFilter.setSource(Content);
FaceFilter.run();
Content=FaceFilter.getResult();
try{
sql = "insert into guestbook (Name,QQ,Mail,ComeFrom,Ip,UpdateTime,Sex,HomePage,Face,Title,Content,Secret,Validate) values (";
sql += "'" + Name + "',";
sql += "'" + QQ + "',";
sql += "'" + Mail + "',";
sql += "'" + ComeFrom + "',";
sql += "'" + Ip + "',";
sql += "'" + Time + "',";
sql += "'" + Sex + "',";
sql += "'" + HomePage + "',";
sql += "'" + Face + "',";
sql += "'" + Title + "',";
sql += "'" + Content + "',";
sql += "'" + Secret + "',";
sql += "'" + Validate + "')";
//out.println(sql);
stmt.executeUpdate(sql);
stmt.close();
DBConn.close();
}catch(SQLException e){
//out.println(e.getMessage());
session.setAttribute("error",error2);
session.setAttribute("url",sPage);
response.sendRedirect("error.jsp");
return;
}
out.println("<SCRIPT LANGUAGE='JavaScript'>alert('留言成功!');location.href='index.jsp';</SCRIPT>");
}
else
{
serror = "非法遞交留言,請到添加留言頁面進行留言!";
session.setAttribute("error",serror);
session.setAttribute("url",sPage);
response.sendRedirect("error.jsp");
out.println(methon);
return;
}
}
%>
<html>
<head>
<title><%=LybTitle%> - 添加留言</title>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<SCRIPT src="inc/ubbcode.js"></SCRIPT>
<SCRIPT src="inc/post.js"></SCRIPT>
</head>
<%=TopInfo(false)%>
<br>
<body>
<table width="640" border="0" align="center" cellspacing="1">
<tr>
<td align="center" valign="middle"><div align="center">
<form name="form" method="post" onSubmit="return Check()" action="addly.jsp">
<table width="640" border="1" align="center" cellpadding="6" cellspacing="1" style="border-collapse:collapse">
<tr>
<td height="25" colspan="4" background="images/bg<%=LybSkin%>.gif">
<div align="center"> </div>
<div align="center"><span class="title">添加留言</span></div> </td>
</tr>
<tr>
?? 快捷鍵說明
復制代碼
Ctrl + C
搜索代碼
Ctrl + F
全屏模式
F11
切換主題
Ctrl + Shift + D
顯示快捷鍵
?
增大字號
Ctrl + =
減小字號
Ctrl + -