?? new.asp
字號:
<!--#include file="inc_common.asp"-->
<!--#include file="UBB.asp"-->
<%
if lock="1" then
errinfo="<li>留言本已經被管理員鎖定,您無法留言。"
call showError()
end if
select case Request.QueryString("act")
case "addnew"
call addnew()
case ""
pagename="寫留言"
call bodySkin()
sub pageContent()
submitForm()
end sub
end select
if needSecurityCode=true then
session("SranmSecurityCode") = RndCode()
end if
function submitForm()
%>
<script src="UBB.js"></script>
<form action="?act=addnew" method="post" name="lw_form" id="lw_form" onsubmit="return Submitcheck()">
<%if notice<>"" then%>
<div id="notice"><%=UBBcode(notice,1)%></div>
<%end if%>
<div class="row">
<div class="row-left"><span class="red">***</span> 您的稱呼:</div>
<div class="row-right"><input name="username" size="19" maxlength="80" value="<%=Request.Cookies("SranM_userinfo")("SranM_username")%>"></div>
</div>
<div class="row">
<div class="row-left">性別及頭像:</div>
<div class="row-right">
男性:<img src="<%=userfacesFolder%>/small_1.gif" class="face"><input type="radio" value="1" name="userface" class="radio" checked="checked">
<img src="<%=userfacesFolder%>/small_2.gif" class="face"><input type="radio" value="2" name="userface" class="radio">
<img src="<%=userfacesFolder%>/small_3.gif" class="face"><input type="radio" value="3" name="userface" class="radio">
<img src="<%=userfacesFolder%>/small_4.gif" class="face"><input type="radio" value="4" name="userface" class="radio">
<img src="<%=userfacesFolder%>/small_5.gif" class="face"><input type="radio" value="5" name="userface" class="radio"><br />
女性:<img src="<%=userfacesFolder%>/small_6.gif" class="face"><input type="radio" value="6" name="userface" class="radio">
<img src="<%=userfacesFolder%>/small_7.gif" class="face"><input type="radio" value="7" name="userface" class="radio">
<img src="<%=userfacesFolder%>/small_8.gif" class="face"><input type="radio" value="8" name="userface" class="radio">
<img src="<%=userfacesFolder%>/small_9.gif" class="face"><input type="radio" value="9" name="userface" class="radio">
<img src="<%=userfacesFolder%>/small_10.gif" class="face"><input type="radio" value="10" name="userface" class="radio"><br />
中性:<img src="<%=userfacesFolder%>/small_11.gif" class="face"><input type="radio" value="11" name="userface" class="radio">
<img src="<%=userfacesFolder%>/small_12.gif" class="face"><input type="radio" value="12" name="userface" class="radio">
<img src="<%=userfacesFolder%>/small_13.gif" class="face"><input type="radio" value="13" name="userface" class="radio">
<img src="<%=userfacesFolder%>/small_14.gif" class="face"><input type="radio" value="14" name="userface" class="radio">
<img src="<%=userfacesFolder%>/small_15.gif" class="face"><input type="radio" value="15" name="userface" class="radio"> </div>
</div>
<div class="row">
<div class="row-left">網站:</div>
<div class="row-right">
<%dim myURL
if Request.Cookies("SranM_userinfo")("SranM_userURL") = "" then
myURL = "http://"
else
myURL = Request.Cookies("SranM_userinfo")("SranM_userURL")
end if%>
<input name="userURL" size="19" maxlength="200" value="<%=myURL%>">
</div>
</div>
<div class="row">
<div class="row-left">電子郵件:</div>
<div class="row-right">
<input name="usermail" size="19" maxlength="80" value="<%=Request.Cookies("SranM_userinfo")("SranM_usermail")%>">
</div>
</div>
<div class="row">
<div class="row-left">QQ號碼:</div>
<div class="row-right">
<input name="userqq" size="19" maxlength="80" value="<%=Request.Cookies("SranM_userinfo")("SranM_userqq")%>">
</div>
</div>
<div class="row">
<div class="row-left">標題:</div>
<div class="row-right">
<input name="usertitle" size="40" maxlength="100">
</div>
</div>
<div class="row">
<div class="row-right">
<div class="row-right-graybg"><!--#include file="inc_UBB.asp"--></div>
</div>
</div>
<div class="row">
<div class="row-left"><span class="red">***</span> 正文:</div>
<div class="row-right">
<textarea cols="60" rows="12" name="usercontent" id="usercontent" title="Ctrl+Enter提交" onkeydown="ctlent()" onselect="storeCaret(this);" onclick="storeCaret(this);" onkeyup="storeCaret(this);textNum.innerText=this.value.length"></textarea><br />
<span class="noteText">當前字數:<span class="Highlight"><span id="textNum">0</span></span>,最大字數:<span class="Highlight"><%=maxnum%></span></span>
</div>
</div>
<%if UBBcfg_emot=1 then%>
<div class="row">
<div class="row-right">
<div class="row-right-graybg">
<%call getEmot()%>
</div>
</div>
</div>
<%end if%>
<div class="row">
<div class="row-right">
<input type="checkbox" name="whisper" id="whisper" value="1" /> <label for="whisper">悄悄話</label> 回復查看碼(可不填):<input name="replycode" size="20" maxlength="100" /><br />
<span class="noteText">回復查看碼用于以后查看管理員對悄悄話的回復。
若不填,管理員將無法回復此悄悄話。</span>
</div>
</div>
<%if needSecurityCode=true then%>
<div class="row">
<div class="row-left"><span class="red">***</span> 驗證碼:</div>
<div class="row-right"><input name="SecurityCode" size="10" maxlength="4" value=""> <img src="security_code.asp" alt="驗證碼" /></div>
</div>
<%end if%>
<div class="row">
<div class="row-right"><br />
<input type="hidden" name="UBB_super" value="0">
<input type="submit" class="button" name="Submit" value="提 交">
<input type="reset" class="button" class="button" name="Submit2" value="清 除">
<input type="button" class="button" name="Preview" value="預覽" onclick="openpreview()">
</div>
</div>
</form>
<form action="preview.asp" method="post" name="preview" target="preview_page" id="preview">
<input type="hidden" name="UBB_super" value>
<input type="hidden" name="usertitle" value>
<input type="hidden" name="usercontent" value>
</form>
<%
end function
sub addnew() '//////// 將留言加入數據庫
dim servername1,servername2
servername1=Cstr(Request.ServerVariables("HTTP_REFERER"))
servername2=Cstr(Request.ServerVariables("SERVER_NAME"))
if mid(servername1,8,len(servername2))<>servername2 then
errinfo="<li>非法的提交動作!</li>"
call showError()
end if
if session("postTime")<>"" and minute(NOW() - session("postTime")) < 1 and not(login) then
session("postTime")=NOW()
errinfo="<li>您的提交時間間隔過短,請一分鐘后再次提交。</li>"
call showError() '//////// 此處是為了防止惡意的重復提交
end if
dim username,SecurityCode,xingbie,userface,userURL,usermail,userqq
dim usertitle,usercontent,whisper,checked,replycode
username=Trim(sql_filter(request.Form("username")))
SecurityCode=Trim(sql_filter(request.Form("SecurityCode")))
if request.Form("userface") < 6 then
xingbie=1
elseif request.Form("userface") < 11 then
xingbie=2
else
xingbie=3
end if
userface=sql_filter(request.Form("userface"))
if Trim(sql_filter(request.form("userURL")))="http://" then
userURL = ""
else
userURL=Trim(sql_filter(request.form("userURL")))
end if
usermail=Trim(sql_filter(request.form("usermail")))
userqq=Trim(sql_filter(request.form("userqq")))
usertitle=Trim(sql_filter(request.form("usertitle")))
usercontent=Rtrim(sql_filter(request.form("usercontent")))
if not request.form("whisper")="1" then
whisper=0
else
whisper=1
end if
replycode=sql_filter(Trim(request.form("replycode")))
Response.Cookies("SranM_userinfo")("SranM_username") = username
Response.Cookies("SranM_userinfo")("SranM_userURL") = userURL
Response.Cookies("SranM_userinfo")("SranM_usermail") = usermail
Response.Cookies("SranM_userinfo")("SranM_userqq") = userqq
Response.Cookies("SranM_userinfo").expires=date+365
if username="" then
errinfo=errinfo & "<li>未填寫您的稱呼</li>"
else
if len(username)>20 then errinfo=errinfo & "<li>過長的稱呼</li>"
if (UCase(username)=UCase(name) or username="管理員") and not(login) then errinfo=errinfo & "<li>請勿使用管理員的稱呼</li>"
end if
if SecurityCode <> session("SranmSecurityCode") and needSecurityCode=true then
errinfo=errinfo & "<li>驗證碼填寫錯誤</li>"
end if
if len(usertitle)>50 then
errinfo=errinfo & "<li>過長的標題</li>"
end if
dim re
Set re=new RegExp
re.IgnoreCase =true
re.Global=True
re.Pattern="(\[(.[^\]]*)\])"
if Trim(re.Replace(Replace(request.form("usercontent"), CHR(13)&CHR(10), ""),""))="" then
errinfo=errinfo & "<li>未填寫留言內容</li>"
elseif len(usercontent)>maxnum then
errinfo=errinfo & "<li>過長的留言內容</li>"
end if
if not adword="" then
dim alladword,i
alladword=split(adword,chr(13)&chr(10))
for i = lbound(alladword) to ubound(alladword)
if instr(UCase(usercontent & usertitle),UCase(trim(alladword(i))))>0 and trim(alladword(i))<>"" then
errinfo="<li>未知錯誤。</li>"
call showError()
response.end
end if
next
end if
If userURL<>"" then
dim isURL
re.Pattern="http://([\w-]+\.)+[\w-]+(/[\w- ./?%&=]*)?"
isURL=re.test(userURL)
if not isURL then
errinfo=errinfo & "<li>個人主頁地址填寫有誤</li>"
elseif len(userURL)>200 then
errinfo=errinfo & "<li>過長的個人主頁地址</li>"
end if
end if
If usermail<>"" then
dim isEmail
re.Pattern="^[\w-\.]{1,}\@([\da-zA-Z-]{1,}\.){1,}[\da-zA-Z-]{2,3}$"
isEmail=re.test(usermail)
if not isEmail then
errinfo=errinfo & "<li>電子郵件地址填寫有誤</li>"
elseif len(usermail)>100 then
errinfo=errinfo & "<li>過長的電子郵件地址</li>"
end if
end if
set re=Nothing
if trim(userqq)<>"" then
if not(isnumeric(userqq)) then
errinfo=errinfo & "<li>QQ號碼填寫有誤</li>"
elseif len(userqq)>10 then
errinfo=errinfo & "<li>過長的QQ號碼</li>"
end if
end if
if len(replycode)>45 then
errinfo=errinfo & "<li>過長的回復查看碼</li>"
end if
call showError()
if needcheck=0 or whisper=1 then
checked=1
else
checked=0
end if
Set rs= Server.CreateObject("ADODB.Recordset")
sql="select * from [topic]"
rs.open sql,conn,3,2
rs.addnew
rs("username")=username
rs("xingbie")=xingbie
rs("userface")=userface
rs("userURL")=userURL
rs("usermail")=usermail
rs("userqq")=userqq
rs("usertime")=now()
rs("usertitle")=usertitle
rs("usercontent")=usercontent
rs("whisper")=whisper
rs("replycode")=replycode
rs("top")="0"
rs("reply")="0"
rs("ip")=user_ip
rs("checked")=checked
rs.update
rs.close
session("postTime")=NOW()
if checked=0 then
response.write"<script>alert('留言已成功提交,但需要通過審核后才會顯示。');location='index.asp'</script>"
else
if whisper=1 then
if replycode="" then
response.write"<script>alert('悄悄話留言已成功提交,但您沒有填寫回復查看碼,管理員將無法回復您的發言,您也無法查看回復。');location='index.asp'</script>"
else
response.write"<script>alert('悄悄話留言已成功提交,您可以在管理員回復后,通過輸入回復查看碼,查看回復內容。');location='index.asp'</script>"
end if
else
Response.Redirect "index.asp"
Response.Flush
end if
end if
end sub
%>?? 快捷鍵說明
復制代碼
Ctrl + C
搜索代碼
Ctrl + F
全屏模式
F11
切換主題
Ctrl + Shift + D
顯示快捷鍵
?
增大字號
Ctrl + =
減小字號
Ctrl + -